automatic update

author: security tracker role <sectracker@soriano.debian.org> 2019-03-18 20:12:25 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2019-03-18 20:12:25 +0000
commit: abe9ee4b3eee00b6f6a7c9106dd20e41fbf86c95 (patch)
tree: 4368abb74de2acf9e323f50472e5e83bc439ff5c
parent: b52483e988b611ffa7ff016030b0a61101f28219 (diff)
21 files changed, 113546 insertions, 113546 deletions
diff --git a/data/CVE/1999.list b/data/CVE/1999.list
index 8fcb525b81..f20ac0a576 100644
--- a/data/CVE/1999.list
+++ b/data/CVE/1999.list
@@ -8,2622 +8,2622 @@ CVE-1999-1595
 	RESERVED
 CVE-1999-1594
 	RESERVED
-CVE-1999-1593
+CVE-1999-1593 (Windows Internet Naming Service (WINS) allows remote attackers to caus ...)
 	NOT-FOR-US: Windows
-CVE-1999-1592
+CVE-1999-1592 (Multiple unspecified vulnerabilities in sendmail 5, as installed on Su ...)
 	- sendmail <not-affected> (Concerns only ancient sendmail V5)
-CVE-1999-1591
+CVE-1999-1591 (Microsoft Internet Information Services (IIS) server 4.0 SP4, without  ...)
 	NOT-FOR-US: Microsoft IIS
-CVE-1999-1590
+CVE-1999-1590 (Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Coun ...)
 	NOT-FOR-US: Muhammad A. Muquit wwwcoun
-CVE-1999-1589
+CVE-1999-1589 (Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users ...)
 	NOT-FOR-US: IBM AIX
-CVE-1999-1588
+CVE-1999-1588 (Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-1999-1587
+CVE-1999-1587 (/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier r ...)
 	NOT-FOR-US: Solaris
 CVE-1999-XXXX [Insecure access control on GNU Mach's IO ports]
 	- gnumach 1:20050801-3 (bug #46709)
 	NOTE: Nearly six years old :-)
-CVE-1999-1586
+CVE-1999-1586 (loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitiz ...)
 	NOT-FOR-US: SunOS
-CVE-1999-1585
+CVE-1999-1585 (The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly bef ...)
 	NOT-FOR-US: Solaris
-CVE-1999-1584
+CVE-1999-1584 (Unknown vulnerability in (1) loadmodule, and (2) modload if modload is ...)
 	NOT-FOR-US: SunOS
-CVE-1999-1583
+CVE-1999-1583 (Buffer overflow in nslookup for AIX 4.3 allows local users to execute  ...)
 	NOT-FOR-US: AIX
-CVE-1999-1582
+CVE-1999-1582 (By design, the "established" command on the Cisco PIX firewall allows  ...)
 	NOT-FOR-US: Cisco
-CVE-1999-1581
+CVE-1999-1581 (Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.e ...)
 	NOT-FOR-US: Windows
-CVE-1999-1580
+CVE-1999-1580 (SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding ho ...)
 	- sendmail <not-affected> (Sun-specific)
-CVE-1999-1579
+CVE-1999-1579 (The Cenroll ActiveX control (xenroll.dll) for Terminal Server Editions ...)
 	NOT-FOR-US: Windows
-CVE-1999-1578
+CVE-1999-1578 (Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, I ...)
 	NOT-FOR-US: Windows
-CVE-1999-1577
+CVE-1999-1577 (Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Int ...)
 	NOT-FOR-US: Windows
-CVE-1999-1576
+CVE-1999-1576 (Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl ...)
 	NOT-FOR-US: Acrobat Reader
-CVE-1999-1575
+CVE-1999-1575 (The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (img ...)
 	NOT-FOR-US: Kodak/Wang tools for IE
-CVE-1999-1574
+CVE-1999-1574 (Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow  ...)
 	NOT-FOR-US: AIX
-CVE-1999-1573
+CVE-1999-1573 (Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexe ...)
 	NOT-FOR-US: HP-UX
-CVE-1999-1568
+CVE-1999-1568 (Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1565
+CVE-1999-1565 (Man2html 2.1 and earlier allows local users to overwrite arbitrary fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1556
+CVE-1999-1556 (Microsoft SQL Server 6.5 uses weak encryption for the password for the ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1550
+CVE-1999-1550 (bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1542
+CVE-1999-1542 (RPMMail before 1.4 allows remote attackers to execute commands via an  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1537
+CVE-1999-1537 (IIS 3.x and 4.x does not distinguish between pages requiring encryptio ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1535
+CVE-1999-1535 (Buffer overflow in AspUpload.dll in Persits Software AspUpload before  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1531
+CVE-1999-1531 (Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a mal ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1530
+CVE-1999-1530 (cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identif ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1520
+CVE-1999-1520 (A configuration problem in the Ad Server Sample directory (AdSamples)  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1512
+CVE-1999-1512 (The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1507
+CVE-1999-1507 (Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1494
+CVE-1999-1494 (colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1490
+CVE-1999-1490 (xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1488
+CVE-1999-1488 (sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1486
+CVE-1999-1486 (sadc in IBM AIX 4.1 through 4.3, when called from programs such as tim ...)
 	NOT-FOR-US: AIX
-CVE-1999-1481
+CVE-1999-1481 (Squid 2.2.STABLE5 and below, when using external authentication, allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1478
+CVE-1999-1478 (The Sun HotSpot Performance Engine VM allows a remote attacker to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1476
+CVE-1999-1476 (A bug in Intel Pentium processor (MMX and Overdrive) allows local user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1473
+CVE-1999-1473 (When a Web site redirects the browser to another site, Internet Explor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1472
+CVE-1999-1472 (Internet Explorer 4.0 allows remote attackers to read arbitrary text a ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1468
+CVE-1999-1468 (rdist in various UNIX systems uses popen to execute sendmail, which al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1456
+CVE-1999-1456 (thttpd HTTP server 2.03 and earlier allows remote attackers to read ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1455
+CVE-1999-1455 (RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not prop ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1452
+CVE-1999-1452 (GINA in Windows NT 4.0 allows attackers with physical access to displa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1437
+CVE-1999-1437 (ePerl 2.2.12 allows remote attackers to read arbitrary files and possi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1433
+CVE-1999-1433 (HP JetAdmin D.01.09 on Solaris allows local users to change the permis ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1432
+CVE-1999-1432 (Power management (Powermanagement) on Solaris 2.4 through 2.6 does not ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1423
+CVE-1999-1423 (ping in Solaris 2.3 through 2.6 allows local users to cause a denial o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1419
+CVE-1999-1419 (Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1414
+CVE-1999-1414 (IBM Netfinity Remote Control allows local users to gain administrator  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1411
+CVE-1999-1411 (The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 ad ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1409
+CVE-1999-1409 (The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1407
+CVE-1999-1407 (ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows loc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1402
+CVE-1999-1402 (The access permissions for a UNIX domain socket are ignored in Solaris ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1397
+CVE-1999-1397 (Index Server 2.0 on IIS 4.0 stores physical path information in the Co ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1386
+CVE-1999-1386 (Perl 5.004_04 and earlier follows symbolic links when running with the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1385
+CVE-1999-1385 (Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1384
+CVE-1999-1384 (Indigo Magic System Tour in the SGI system tour package (systour) for  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1382
+CVE-1999-1382 (NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by ch ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1380
+CVE-1999-1380 (Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX Act ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1379
+CVE-1999-1379 (DNS allows remote attackers to use DNS name servers as traffic amplifi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1365
+CVE-1999-1365 (Windows NT searches a user's home directory (%systemroot% by default)  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1363
+CVE-1999-1363 (Windows NT 3.51 and 4.0 allow local users to cause a denial of service ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1362
+CVE-1999-1362 (Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1360
+CVE-1999-1360 (Windows NT 4.0 allows local users to cause a denial of service via a u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1359
+CVE-1999-1359 (When the Ntconfig.pol file is used on a server whose name is longer th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1358
+CVE-1999-1358 (When an administrator in Windows NT or Windows 2000 changes a user pol ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1356
+CVE-1999-1356 (Compaq Integration Maintenance Utility as used in Compaq Insight Manag ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1351
+CVE-1999-1351 (Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the " ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1341
+CVE-1999-1341 (Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1339
+CVE-1999-1339 (Vulnerability when Network Address Translation (NAT) is enabled in Lin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1337
+CVE-1999-1337 (FTP client in Midnight Commander (mc) before 4.5.11 stores usernames a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1336
+CVE-1999-1336 (3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1335
+CVE-1999-1335 (snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1333
+CVE-1999-1333 (automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1332
+CVE-1999-1332 (gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows loca ...)
 	{DSA-308}
 	- gzip 1.3.5-6
-CVE-1999-1331
+CVE-1999-1331 (netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1330
+CVE-1999-1330 (The snprintf function in the db library 1.85.4 ignores the size parame ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1329
+CVE-1999-1329 (Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows lo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1328
+CVE-1999-1328 (linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1327
+CVE-1999-1327 (Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows l ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1326
+CVE-1999-1326 (wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1325
+CVE-1999-1325 (SAS System 5.18 on VAX/VMS is installed with insecure permissions for  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1324
+CVE-1999-1324 (VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1321
+CVE-1999-1321 (Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1320
+CVE-1999-1320 (Vulnerability in Novell NetWare 3.x and earlier allows local users to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1318
+CVE-1999-1318 (/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includ ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1317
+CVE-1999-1317 (Windows NT 4.0 SP4 and earlier allows local users to gain privileges b ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1316
+CVE-1999-1316 (Passfilt.dll in Windows NT SP2 allows users to create a password that  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1309
+CVE-1999-1309 (Sendmail before 8.6.7 allows local users to gain root access via a lar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1301
+CVE-1999-1301 (A design flaw in the Z-Modem protocol allows the remote sender of a fi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1298
+CVE-1999-1298 (Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FT ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1297
+CVE-1999-1297 (cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1294
+CVE-1999-1294 (Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1290
+CVE-1999-1290 (Buffer overflow in nftp FTP client version 1.40 allows remote maliciou ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1288
+CVE-1999-1288 (Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1284
+CVE-1999-1284 (NukeNabber allows remote attackers to cause a denial of service by con ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1279
+CVE-1999-1279 (An interaction between the AS/400 shared folders feature and Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1276
+CVE-1999-1276 (fte-console in the fte package before 0.46b-4.1 does not drop root pri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1263
+CVE-1999-1263 (Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1262
+CVE-1999-1262 (Java in Netscape 4.5 does not properly restrict applets from connectin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1259
+CVE-1999-1259 (Microsoft Office 98, Macintosh Edition, does not properly initialize t ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1258
+CVE-1999-1258 (rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1249
+CVE-1999-1249 (movemail in HP-UX 10.20 has insecure permissions, which allows local u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1246
+CVE-1999-1246 (Direct Mailer feature in Microsoft Site Server 3.0 saves user domain n ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1243
+CVE-1999-1243 (SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1233
+CVE-1999-1233 (IIS 4.0 does not properly restrict access for the initial session requ ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1226
+CVE-1999-1226 (Netscape Communicator 4.7 and earlier allows remote attackers to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1223
+CVE-1999-1223 (IIS 3.0 allows remote attackers to cause a denial of service via a req ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1222
+CVE-1999-1222 (Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1217
+CVE-1999-1217 (The PATH in Windows NT includes the current working directory (.), whi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1215
+CVE-1999-1215 (LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1214
+CVE-1999-1214 (The asynchronous I/O facility in 4.4 BSD kernel does not check user cr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1209
+CVE-1999-1209 (Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Op ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1208
+CVE-1999-1208 (Buffer overflow in ping in AIX 4.2 and earlier allows local users to g ...)
 	NOT-FOR-US: AIX
-CVE-1999-1205
+CVE-1999-1205 (nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1204
+CVE-1999-1204 (Check Point Firewall-1 does not properly handle certain restricted key ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1203
+CVE-1999-1203 (Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1201
+CVE-1999-1201 (Windows 95 and Windows 98 systems, when configured with multiple TCP/I ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1199
+CVE-1999-1199 (Apache WWW server 1.3.1 and earlier allows remote attackers to cause a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1198
+CVE-1999-1198 (BuildDisk program on NeXT systems before 2.0 does not prompt users for ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1197
+CVE-1999-1197 (TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1194
+CVE-1999-1194 (chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1193
+CVE-1999-1193 (The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privile ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1192
+CVE-1999-1192 (Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1191
+CVE-1999-1191 (Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1189
+CVE-1999-1189 (Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1188
+CVE-1999-1188 (mysqld in MySQL 3.21 creates log files with world-readable permissions ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1181
+CVE-1999-1181 (Vulnerability in On-Line Customer Registration software for IRIX 6.2 t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1177
+CVE-1999-1177 (Directory traversal vulnerability in nph-publish before 1.2 allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1175
+CVE-1999-1175 (Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS  ...)
 	NOT-FOR-US: Cisco
-CVE-1999-1167
+CVE-1999-1167 (Cross-site scripting vulnerability in Third Voice Web annotation utili ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1163
+CVE-1999-1163 (Vulnerability in HP Series 800 S/X/V Class servers allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1162
+CVE-1999-1162 (Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1161
+CVE-1999-1161 (Vulnerability in ppl in HP-UX 10.x and earlier allows local users to g ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1160
+CVE-1999-1160 (Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and pos ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1159
+CVE-1999-1159 (SSH 2.0.11 and earlier allows local users to request remote forwarding ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1157
+CVE-1999-1157 (Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1156
+CVE-1999-1156 (BisonWare FTP Server 4.1 and earlier allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1148
+CVE-1999-1148 (FTP service in IIS 4.0 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1147
+CVE-1999-1147 (Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1146
+CVE-1999-1146 (Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1145
+CVE-1999-1145 (Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and ear ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1144
+CVE-1999-1144 (Certain files in MPower in HP-UX 10.x are installed with insecure perm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1143
+CVE-1999-1143 (Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlie ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1142
+CVE-1999-1142 (SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_ ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1140
+CVE-1999-1140 (Buffer overflow in CrackLib 2.5 may allow local users to gain root pri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1139
+CVE-1999-1139 (Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1138
+CVE-1999-1138 (SCO UNIX System V/386 Release 3.2, and other SCO products, installs th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1137
+CVE-1999-1137 (The permissions for the /dev/audio device on Solaris 2.2 and earlier,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1136
+CVE-1999-1136 (Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1132
+CVE-1999-1132 (Windows NT 4.0 allows remote attackers to cause a denial of service (c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1131
+CVE-1999-1131 (Buffer overflow in OSF Distributed Computing Environment (DCE) securit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1127
+CVE-1999-1127 (Windows NT 4.0 does not properly shut down invalid named pipe RPC conn ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1122
+CVE-1999-1122 (Vulnerability in restore in SunOS 4.0.3 and earlier allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1121
+CVE-1999-1121 (The default configuration for UUCP in AIX before 3.2 allows local user ...)
 	NOT-FOR-US: AIX
-CVE-1999-1120
+CVE-1999-1120 (netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental var ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1119
+CVE-1999-1119 (FTP installation script anon.ftp in AIX insecurely configures anonymou ...)
 	NOT-FOR-US: AIX
-CVE-1999-1118
+CVE-1999-1118 (ndd in Solaris 2.6 allows local users to cause a denial of service by  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1117
+CVE-1999-1117 (lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files ...)
 	NOT-FOR-US: AIX
-CVE-1999-1116
+CVE-1999-1116 (Vulnerability in runpriv in Indigo Magic System Administration subsyst ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1115
+CVE-1999-1115 (Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1114
+CVE-1999-1114 (Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1111
+CVE-1999-1111 (Vulnerability in StackGuard before 1.21 allows remote attackers to byp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1109
+CVE-1999-1109 (Sendmail before 8.10.0 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1105
+CVE-1999-1105 (Windows 95, when Remote Administration and File Sharing for NetWare Ne ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1104
+CVE-1999-1104 (Windows 95 uses weak encryption for the password list (.pwl) file used ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1103
+CVE-1999-1103 (dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arb ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1102
+CVE-1999-1102 (lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1100
+CVE-1999-1100 (Cisco PIX Private Link 4.1.6 and earlier does not properly process cer ...)
 	NOT-FOR-US: Cisco
-CVE-1999-1099
+CVE-1999-1099 (Kerberos 4 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1098
+CVE-1999-1098 (Vulnerability in BSD Telnet client with encryption and Kerberos 4 auth ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1094
+CVE-1999-1094 (Buffer overflow in Internet Explorer 4.01 and earlier allows remote at ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1093
+CVE-1999-1093 (Buffer overflow in the Window.External function in the JScript Scripti ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1090
+CVE-1999-1090 (The default configuration of NCSA Telnet package for Macintosh and PC  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1087
+CVE-1999-1087 (Internet Explorer 4 treats a 32-bit number ("dotless IP address") in t ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1085
+CVE-1999-1085 (SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Bl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1080
+CVE-1999-1080 (rmmount in SunOS 5.7 may mount file systems without the nosuid flag se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1074
+CVE-1999-1074 (Webmin before 0.5 does not restrict the number of invalid passwords th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1059
+CVE-1999-1059 (Vulnerability in rexec daemon (rexecd) in AT&amp;T TCP/IP 4.0 for vari ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1057
+CVE-1999-1057 (VMS 4.0 through 5.3 allows local users to gain privileges via the ANAL ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1055
+CVE-1999-1055 (Microsoft Excel 97 does not warn the user before executing worksheet f ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1048
+CVE-1999-1048 (Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1047
+CVE-1999-1047 (When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1045
+CVE-1999-1045 (pnserver in RealServer 5.0 and earlier allows remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1044
+CVE-1999-1044 (Vulnerability in Advanced File System Utility (advfs) in Digital UNIX  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1037
+CVE-1999-1037 (rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1035
+CVE-1999-1035 (IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a de ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1034
+CVE-1999-1034 (Vulnerability in login in AT&amp;T System V Release 4 allows local use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1032
+CVE-1999-1032 (Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1028
+CVE-1999-1028 (Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1027
+CVE-1999-1027 (Solaris 2.6 HW3/98 installs admintool with world-writable permissions, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1021
+CVE-1999-1021 (NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1019
+CVE-1999-1019 (SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1014
+CVE-1999-1014 (Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1011
+CVE-1999-1011 (The Remote Data Service (RDS) DataFactory component of Microsoft Data  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1010
+CVE-1999-1010 (An SSH 1.2.27 server allows a client to use the "none" cipher, even if ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1008
+CVE-1999-1008 (xsoldier program allows local users to gain root access via a long arg ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1007
+CVE-1999-1007 (Buffer overflow in VDO Live Player allows remote attackers to execute  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1005
+CVE-1999-1005 (Groupwise web server GWWEB.EXE allows remote attackers to read arbitra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1004
+CVE-1999-1004 (Buffer overflow in the POP server POProxy for the Norton Anti-Virus pr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1001
+CVE-1999-1001 (Cisco Cache Engine allows a remote attacker to gain access via a null  ...)
 	NOT-FOR-US: Cisco
-CVE-1999-1000
+CVE-1999-1000 (The web administration interface for Cisco Cache Engine allows remote  ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0999
+CVE-1999-0999 (Microsoft SQL 7.0 server allows a remote attacker to cause a denial of ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0998
+CVE-1999-0998 (Cisco Cache Engine allows an attacker to replace content in the cache. ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0997
+CVE-1999-0997 (wu-ftp with FTP conversion enabled allows an attacker to execute comma ...)
 	{DSA-377}
 	- wu-ftpd 2.6.2-15
-CVE-1999-0996
+CVE-1999-0996 (Buffer overflow in Infoseek Ultraseek search engine allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0995
+CVE-1999-0995 (Windows NT Local Security Authority (LSA) allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0994
+CVE-1999-0994 (Windows NT with SYSKEY reuses the keystream that is used for encryptin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0992
+CVE-1999-0992 (HP VirtualVault with the PHSS_17692 patch allows unprivileged processe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0991
+CVE-1999-0991 (Buffer overflow in GoodTech Telnet Server NT allows remote users to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0989
+CVE-1999-0989 (Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) a ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0987
+CVE-1999-0987 (Windows NT does not properly download a system policy if the domain us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0986
+CVE-1999-0986 (The ping command in Linux 2.0.3x allows local users to cause a denial  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0982
+CVE-1999-0982 (The Sun Web-Based Enterprise Management (WBEM) installation script sto ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0981
+CVE-1999-0981 (Internet Explorer 5.01 and earlier allows a remote attacker to create  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0980
+CVE-1999-0980 (Windows NT Service Control Manager (SCM) allows remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0979
+CVE-1999-0979 (The SCO UnixWare privileged process system allows local users to gain  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0978
+CVE-1999-0978 (htdig allows remote attackers to execute commands via filenames with s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0977
+CVE-1999-0977 (Buffer overflow in Solaris sadmind allows remote attackers to gain roo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0976
+CVE-1999-0976 (Sendmail allows local users to reinitialize the aliases database via t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0975
+CVE-1999-0975 (The Windows help system can allow a local user to execute commands as  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0974
+CVE-1999-0974 (Buffer overflow in Solaris snoop allows remote attackers to gain root  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0973
+CVE-1999-0973 (Buffer overflow in Solaris snoop program allows remote attackers to ga ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0972
+CVE-1999-0972 (Buffer overflow in Xshipwars xsw program. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0971
+CVE-1999-0971 (Buffer overflow in Exim allows local users to gain root privileges via ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0969
+CVE-1999-0969 (The Windows NT RPC service allows remote attackers to conduct a denial ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0968
+CVE-1999-0968 (Buffer overflow in BNC IRC proxy allows remote attackers to gain privi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0967
+CVE-1999-0967 (Buffer overflow in the HTML library used by Internet Explorer, Outlook ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0966
+CVE-1999-0966 (Buffer overflow in Solaris getopt in libc allows local users to gain r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0965
+CVE-1999-0965 (Race condition in xterm allows local users to modify arbitrary files v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0964
+CVE-1999-0964 (Buffer overflow in FreeBSD setlocale in the libc module allows attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0963
+CVE-1999-0963 (FreeBSD mount_union command allows local users to gain root privileges ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0962
+CVE-1999-0962 (Buffer overflow in HPUX passwd command allows local users to gain root ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0961
+CVE-1999-0961 (HPUX sysdiag allows local users to gain root privileges via a symlink  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0960
+CVE-1999-0960 (IRIX cdplayer allows local users to create directories in arbitrary lo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0959
+CVE-1999-0959 (IRIX startmidi program allows local users to modify arbitrary files vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0958
+CVE-1999-0958 (sudo 1.5.x allows local users to execute arbitrary commands via a .. ( ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0957
+CVE-1999-0957 (MajorCool mj_key_cache program allows local users to modify files via  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0956
+CVE-1999-0956 (The NeXT NetInfo _writers property allows local users to gain root pri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0955
+CVE-1999-0955 (Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gai ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0954
+CVE-1999-0954 (WWWBoard has a default username and default password. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0953
+CVE-1999-0953 (WWWBoard stores encrypted passwords in a password file that is under t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0951
+CVE-1999-0951 (Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0950
+CVE-1999-0950 (Buffer overflow in WFTPD FTP server allows remote attackers to gain ro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0947
+CVE-1999-0947 (AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0946
+CVE-1999-0946 (Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0945
+CVE-1999-0945 (Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0943
+CVE-1999-0943 (Buffer overflow in OpenLink 3.2 allows remote attackers to gain privil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0942
+CVE-1999-0942 (UnixWare dos7utils allows a local user to gain root privileges by usin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0940
+CVE-1999-0940 (Buffer overflow in mutt mail client allows remote attackers to execute ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0939
+CVE-1999-0939 (Denial of service in Debian IRC Epic/epic4 client via a long string. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0938
+CVE-1999-0938 (MBone SDR Package allows remote attackers to execute commands via shel ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0937
+CVE-1999-0937 (BNBForm allows remote attackers to read arbitrary files via the autome ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0936
+CVE-1999-0936 (BNBSurvey survey.cgi program allows remote attackers to execute comman ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0935
+CVE-1999-0935 (classifieds.cgi allows remote attackers to execute arbitrary commands  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0934
+CVE-1999-0934 (classifieds.cgi allows remote attackers to read arbitrary files via sh ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0933
+CVE-1999-0933 (TeamTrack web server allows remote attackers to read arbitrary files v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0932
+CVE-1999-0932 (Mediahouse Statistics Server allows remote attackers to read the admin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0931
+CVE-1999-0931 (Buffer overflow in Mediahouse Statistics Server allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0930
+CVE-1999-0930 (wwwboard allows a remote attacker to delete message board articles via ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0928
+CVE-1999-0928 (Buffer overflow in SmartDesk WebSuite allows remote attackers to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0927
+CVE-1999-0927 (NTMail allows remote attackers to read arbitrary files via a .. (dot d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0924
+CVE-1999-0924 (The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0922
+CVE-1999-0922 (An example application in ColdFusion Server 4.0 allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0921
+CVE-1999-0921 (BMC Patrol allows any remote attacker to flood its UDP port, causing a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0920
+CVE-1999-0920 (Buffer overflow in the pop-2d POP daemon in the IMAP package allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0918
+CVE-1999-0918 (Denial of service in various Windows systems via malformed, fragmented ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0917
+CVE-1999-0917 (The Preloader ActiveX control used by Internet Explorer allows remote  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0916
+CVE-1999-0916 (WebTrends software stores account names and passwords in a file which  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0915
+CVE-1999-0915 (URL Live! web server allows remote attackers to read arbitrary files v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0914
+CVE-1999-0914 (Buffer overflow in the FTP client in the Debian GNU/Linux netstd packa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0912
+CVE-1999-0912 (FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0909
+CVE-1999-0909 (Multihomed Windows systems allow a remote attacker to bypass IP source ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0908
+CVE-1999-0908 (Denial of service in Solaris TCP streams driver via a malicious connec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0907
+CVE-1999-0907 (sccw allows local users to read arbitrary files. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0906
+CVE-1999-0906 (Buffer overflow in sccw allows local users to gain root access via the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0905
+CVE-1999-0905 (Denial of service in Axent Raptor firewall via malformed zero-length I ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0904
+CVE-1999-0904 (Buffer overflow in BFTelnet allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0903
+CVE-1999-0903 (genfilt in the AIX Packet Filtering Module does not properly filter tr ...)
 	NOT-FOR-US: AIX
-CVE-1999-0902
+CVE-1999-0902 (ypserv allows local administrators to modify password tables. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0901
+CVE-1999-0901 (ypserv allows a local user to modify the GECOS and login shells of oth ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0900
+CVE-1999-0900 (Buffer overflow in rpc.yppasswdd allows a local user to gain privilege ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0899
+CVE-1999-0899 (The Windows NT 4.0 print spooler allows a local user to execute arbitr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0898
+CVE-1999-0898 (Buffer overflows in Windows NT 4.0 print spooler allow remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0897
+CVE-1999-0897 (iChat ROOMS Webserver allows remote attackers to read arbitrary files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0896
+CVE-1999-0896 (Buffer overflow in RealNetworks RealServer administration utility allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0895
+CVE-1999-0895 (Firewall-1 does not properly restrict access to LDAP attributes. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0894
+CVE-1999-0894 (Red Hat Linux screen program does not use Unix98 ptys, allowing local  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0893
+CVE-1999-0893 (userOsa in SCO OpenServer allows local users to corrupt files via a sy ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0892
+CVE-1999-0892 (Buffer overflow in Netscape Communicator before 4.7 via a dynamic font ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0891
+CVE-1999-0891 (The "download behavior" in Internet Explorer 5 allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0890
+CVE-1999-0890 (iHTML Merchant allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0889
+CVE-1999-0889 (Cisco 675 routers running CBOS allow remote attackers to establish tel ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0888
+CVE-1999-0888 (dbsnmp in Oracle Intelligent Agent allows local users to gain privileg ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0887
+CVE-1999-0887 (FTGate web interface server allows remote attackers to read files via  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0886
+CVE-1999-0886 (The security descriptor for RASMAN allows users to point to an alterna ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0884
+CVE-1999-0884 (The Zeus web server administrative interface uses weak encryption for  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0883
+CVE-1999-0883 (Zeus web server allows remote attackers to read arbitrary files by spe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0881
+CVE-1999-0881 (Falcon web server allows remote attackers to read arbitrary files via  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0880
+CVE-1999-0880 (Denial of service in WU-FTPD via the SITE NEWER command, which does no ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0879
+CVE-1999-0879 (Buffer overflow in WU-FTPD and related FTP servers allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0878
+CVE-1999-0878 (Buffer overflow in WU-FTPD and related FTP servers allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0877
+CVE-1999-0877 (Internet Explorer 5 allows remote attackers to read files via an ExecC ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0876
+CVE-1999-0876 (Buffer overflow in Internet Explorer 4.0 via EMBED tag. ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0875
+CVE-1999-0875 (DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0874
+CVE-1999-0874 (Buffer overflow in IIS 4.0 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0873
+CVE-1999-0873 (Buffer overflow in Skyfull mail server via MAIL FROM command. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0871
+CVE-1999-0871 (Internet Explorer 4.0 and 4.01 allow a remote attacker to read files v ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0870
+CVE-1999-0870 (Internet Explorer 4.01 allows remote attackers to read arbitrary files ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0869
+CVE-1999-0869 (Internet Explorer 3.x to 4.01 allows a remote attacker to insert malic ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0868
+CVE-1999-0868 (ucbmail allows remote attackers to execute commands via shell metachar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0867
+CVE-1999-0867 (Denial of service in IIS 4.0 via a flood of HTTP requests with malform ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0866
+CVE-1999-0866 (Buffer overflow in UnixWare xauto program allows local users to gain r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0865
+CVE-1999-0865 (Buffer overflow in CommuniGatePro via a long string to the HTTP config ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0864
+CVE-1999-0864 (UnixWare programs that dump core allow a local user to modify files vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0861
+CVE-1999-0861 (Race condition in the SSL ISAPI filter in IIS and other servers may le ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0859
+CVE-1999-0859 (Solaris arp allows local users to read files via the -f parameter, whi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0858
+CVE-1999-0858 (Internet Explorer 5 allows a remote attacker to modify the IE client's ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0856
+CVE-1999-0856 (login in Slackware 7.0 allows remote attackers to identify valid users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0854
+CVE-1999-0854 (Ultimate Bulletin Board stores data files in the cgi-bin directory, al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0853
+CVE-1999-0853 (Buffer overflow in Netscape Enterprise Server and Netscape FastTrack S ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0851
+CVE-1999-0851 (Denial of service in BIND named via naptr. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0849
+CVE-1999-0849 (Denial of service in BIND named via maxdname. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0848
+CVE-1999-0848 (Denial of service in BIND named via consuming more than "fdmax" file d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0847
+CVE-1999-0847 (Buffer overflow in free internet chess server (FICS) program, xboard. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0842
+CVE-1999-0842 (Symantec Mail-Gear 1.0 web interface server allows remote users to rea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0839
+CVE-1999-0839 (Windows NT Task Scheduler installed with Internet Explorer 5 allows a  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0838
+CVE-1999-0838 (Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a den ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0837
+CVE-1999-0837 (Denial of service in BIND by improperly closing TCP sessions via so_li ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0836
+CVE-1999-0836 (UnixWare uidadmin allows local users to modify arbitrary files via a s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0835
+CVE-1999-0835 (Denial of service in BIND named via malformed SIG records. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0834
+CVE-1999-0834 (Buffer overflow in RSAREF2 via the encryption and decryption functions ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0833
+CVE-1999-0833 (Buffer overflow in BIND 8.2 via NXT records. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0832
+CVE-1999-0832 (Buffer overflow in NFS server on Linux allows attackers to execute com ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0831
+CVE-1999-0831 (Denial of service in Linux syslogd via a large number of connections. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0826
+CVE-1999-0826 (Buffer overflow in FreeBSD angband allows local users to gain privileg ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0824
+CVE-1999-0824 (A Windows NT user can use SUBST to map a drive letter to a folder, whi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0823
+CVE-1999-0823 (Buffer overflow in FreeBSD xmindpath allows local users to gain privil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0820
+CVE-1999-0820 (FreeBSD seyon allows users to gain privileges via a modified PATH vari ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0819
+CVE-1999-0819 (NTMail does not disable the VRFY command, even if the administrator ha ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0817
+CVE-1999-0817 (Lynx WWW client allows a remote attacker to specify command-line param ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0815
+CVE-1999-0815 (Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0814
+CVE-1999-0814 (Red Hat pump DHCP client allows remote attackers to gain root access i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0813
+CVE-1999-0813 (Cfingerd with ALLOW_EXECUTION enabled does not properly drop privilege ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0812
+CVE-1999-0812 (Race condition in Samba smbmnt allows local users to mount file system ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0811
+CVE-1999-0811 (Buffer overflow in Samba smbd program via a malformed message command. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0810
+CVE-1999-0810 (Denial of service in Samba NETBIOS name service daemon (nmbd). ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0809
+CVE-1999-0809 (Netscape Communicator 4.x with Javascript enabled does not warn a user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0807
+CVE-1999-0807 (The Netscape Directory Server installation procedure leaves sensitive  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0806
+CVE-1999-0806 (Buffer overflow in Solaris dtprintinfo program. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0804
+CVE-1999-0804 (Denial of service in Linux 2.2.x kernels via malformed ICMP packets co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0803
+CVE-1999-0803 (The fwluser script in AIX eNetwork Firewall allows local users to writ ...)
 	NOT-FOR-US: AIX
-CVE-1999-0802
+CVE-1999-0802 (Buffer overflow in Internet Explorer 5 allows remote attackers to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0801
+CVE-1999-0801 (BMC Patrol allows remote attackers to gain access to an agent by spoof ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0800
+CVE-1999-0800 (The GetFile.cfm file in Allaire Forums allows remote attackers to read ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0799
+CVE-1999-0799 (Buffer overflow in bootpd 2.4.3 and earlier via a long boot file locat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0797
+CVE-1999-0797 (NIS finger allows an attacker to conduct a denial of service via a lar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0796
+CVE-1999-0796 (FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0794
+CVE-1999-0794 (Microsoft Excel does not warn a user when a macro is present in a Symb ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0793
+CVE-1999-0793 (Internet Explorer allows remote attackers to read files by redirecting ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0791
+CVE-1999-0791 (Hybrid Network cable modems do not include an authentication mechanism ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0790
+CVE-1999-0790 (A remote attacker can read information from a Netscape user's cache vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0789
+CVE-1999-0789 (Buffer overflow in AIX ftpd in the libc library. ...)
 	NOT-FOR-US: AIX
-CVE-1999-0788
+CVE-1999-0788 (Arkiea nlservd allows remote attackers to conduct a denial of service. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0787
+CVE-1999-0787 (The SSH authentication agent follows symlinks via a UNIX domain socket ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0786
+CVE-1999-0786 (The dynamic linker in Solaris allows a local user to create arbitrary  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0785
+CVE-1999-0785 (The INN inndstart program allows local users to gain root privileges v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0783
+CVE-1999-0783 (FreeBSD allows local users to conduct a denial of service by creating  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0782
+CVE-1999-0782 (KDE kppp allows local users to create a directory in an arbitrary loca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0781
+CVE-1999-0781 (KDE allows local users to execute arbitrary commands by setting the KD ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0780
+CVE-1999-0780 (KDE klock allows local users to kill arbitrary processes by specifying ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0779
+CVE-1999-0779 (Denial of service in HP-UX SharedX recserv program. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0778
+CVE-1999-0778 (Buffer overflow in Xi Graphics Accelerated-X server allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0777
+CVE-1999-0777 (IIS FTP servers may allow a remote attacker to read or delete files on ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0775
+CVE-1999-0775 (Cisco Gigabit Switch routers running IOS allow remote attackers to for ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0774
+CVE-1999-0774 (Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0773
+CVE-1999-0773 (Buffer overflow in Solaris lpset program allows local users to gain ro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0772
+CVE-1999-0772 (Denial of service in Compaq Management Agents and the Compaq Survey Ut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0771
+CVE-1999-0771 (The web components of Compaq Management Agents and the Compaq Survey U ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0770
+CVE-1999-0770 (Firewall-1 sets a long timeout for connections that begin with ACK or  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0769
+CVE-1999-0769 (Vixie Cron on Linux systems allows local users to set parameters of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0768
+CVE-1999-0768 (Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO enviro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0766
+CVE-1999-0766 (The Microsoft Java Virtual Machine allows a malicious Java applet to e ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0765
+CVE-1999-0765 (SGI IRIX midikeys program allows local users to modify arbitrary files ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0764
+CVE-1999-0764 (NetBSD allows ARP packets to overwrite static ARP entries. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0763
+CVE-1999-0763 (NetBSD on a multi-homed host allows ARP packets on one network to modi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0762
+CVE-1999-0762 (When Javascript is embedded within the TITLE tag, Netscape Communicato ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0761
+CVE-1999-0761 (Buffer overflow in FreeBSD fts library routines allows local user to m ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0760
+CVE-1999-0760 (Undocumented ColdFusion Markup Language (CFML) tags and functions in t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0759
+CVE-1999-0759 (Buffer overflow in FuseMAIL POP service via long USER and PASS command ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0758
+CVE-1999-0758 (Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0756
+CVE-1999-0756 (ColdFusion Administrator with Advanced Security enabled allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0755
+CVE-1999-0755 (Windows NT RRAS and RAS clients cache a user's password even if the us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0754
+CVE-1999-0754 (The INN inndstart program allows local users to gain privileges by spe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0753
+CVE-1999-0753 (The w3-msql CGI script provided with Mini SQL allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0752
+CVE-1999-0752 (Denial of service in Netscape Enterprise Server via a buffer overflow  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0751
+CVE-1999-0751 (Buffer overflow in Accept command in Netscape Enterprise Server 3.6 wi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0749
+CVE-1999-0749 (Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 9 ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0747
+CVE-1999-0747 (Denial of service in BSDi Symmetric Multiprocessing (SMP) when an fsta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0746
+CVE-1999-0746 (A default configuration of in.identd in SuSE Linux waits 120 seconds b ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0745
+CVE-1999-0745 (Buffer overflow in Source Code Browser Program Database Name Server Da ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0744
+CVE-1999-0744 (Buffer overflow in Netscape Enterprise Server and FastTrask Server all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0743
+CVE-1999-0743 (Trn allows local users to overwrite other users' files via symlinks. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0742
+CVE-1999-0742 (The Debian mailman package uses weak authentication, which allows atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0740
+CVE-1999-0740 (Remote attackers can cause a denial of service on Linux in.telnetd tel ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0735
+CVE-1999-0735 (KDE K-Mail allows local users to gain privileges via a symlink attack  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0734
+CVE-1999-0734 (A default configuration of CiscoSecure Access Control Server (ACS) all ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0733
+CVE-1999-0733 (Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmenta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0732
+CVE-1999-0732 (The logging facility of the Debian smtp-refuser package allows local u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0731
+CVE-1999-0731 (The KDE klock program allows local users to unlock a session using mal ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0730
+CVE-1999-0730 (The zsoelim program in the Debian man-db package allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0729
+CVE-1999-0729 (Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to cond ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0728
+CVE-1999-0728 (A Windows NT user can disable the keyboard or mouse by directly callin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0727
+CVE-1999-0727 (A kernel leak in the OpenBSD kernel allows IPsec packets to be sent un ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0726
+CVE-1999-0726 (An attacker can conduct a denial of service in Windows NT by executing ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0725
+CVE-1999-0725 (When IIS is run with a default language of Chinese, Korean, or Japanes ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0724
+CVE-1999-0724 (Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_off ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0723
+CVE-1999-0723 (The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjecte ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0722
+CVE-1999-0722 (The default configuration of Cobalt RaQ2 servers allows remote users t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0721
+CVE-1999-0721 (Denial of service in Windows NT Local Security Authority (LSA) through ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0720
+CVE-1999-0720 (The pt_chown command in Linux allows local users to modify TTY termina ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0719
+CVE-1999-0719 (The Guile plugin for the Gnumeric spreadsheet package allows attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0718
+CVE-1999-0718 (IBM GINA, when used for OS/2 domain authentication of Windows NT users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0717
+CVE-1999-0717 (A remote attacker can disable the virus warning mechanism in Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0716
+CVE-1999-0716 (Buffer overflow in Windows NT 4.0 help file utility via a malformed he ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0715
+CVE-1999-0715 (Buffer overflow in Remote Access Service (RAS) client allows an attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0714
+CVE-1999-0714 (Vulnerability in Compaq Tru64 UNIX edauth command. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0713
+CVE-1999-0713 (The dtlogin program in Compaq Tru64 UNIX allows local users to gain ro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0711
+CVE-1999-0711 (The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0710
+CVE-1999-0710 (The Squid package in Red Hat Linux 5.2 and 6.0, and other distribution ...)
 	{DSA-576-1}
 	- squid 2.5.7-1
-CVE-1999-0708
+CVE-1999-0708 (Buffer overflow in cfingerd allows local users to gain root privileges ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0707
+CVE-1999-0707 (The default FTP configuration in HP Visualize Conference allows confer ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0706
+CVE-1999-0706 (Linux xmonisdn package allows local users to gain root privileges by m ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0705
+CVE-1999-0705 (Buffer overflow in INN inews program. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0704
+CVE-1999-0704 (Buffer overflow in Berkeley automounter daemon (amd) logging facility  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0703
+CVE-1999-0703 (OpenBSD, BSDI, and other Unix operating systems allow users to set chf ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0702
+CVE-1999-0702 (Internet Explorer 5.0 and 5.01 allows remote attackers to modify or ex ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0701
+CVE-1999-0701 (After an unattended installation of Windows NT 4.0, an installation fi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0700
+CVE-1999-0700 (Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malforme ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0699
+CVE-1999-0699 (The Bluestone Sapphire web server allows session hijacking via easily  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0697
+CVE-1999-0697 (SCO Doctor allows local users to gain root privileges through a Tools  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0696
+CVE-1999-0696 (Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0695
+CVE-1999-0695 (The Sybase PowerDynamo personal web server allows attackers to read ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0694
+CVE-1999-0694 (Denial of service in AIX ptrace system call allows local users to cras ...)
 	NOT-FOR-US: AIX
-CVE-1999-0693
+CVE-1999-0693 (Buffer overflow in TT_SESSION environment variable in ToolTalk shared  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0692
+CVE-1999-0692 (The default configuration of the Array Services daemon (arrayd) disabl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0691
+CVE-1999-0691 (Buffer overflow in the AddSuLog function of the CDE dtaction utility a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0690
+CVE-1999-0690 (HP CDE program includes the current directory in root's PATH variable. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0689
+CVE-1999-0689 (The CDE dtspcd daemon allows local users to execute arbitrary commands ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0688
+CVE-1999-0688 (Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0687
+CVE-1999-0687 (The ToolTalk ttsession daemon uses weak RPC authentication, which allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0686
+CVE-1999-0686 (Denial of service in Netscape Enterprise Server (NES) in HP Virtual Va ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0685
+CVE-1999-0685 (Buffer overflow in Netscape Communicator via EMBED tags in the plugins ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0683
+CVE-1999-0683 (Denial of service in Gauntlet Firewall via a malformed ICMP packet. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0682
+CVE-1999-0682 (Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. s ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0681
+CVE-1999-0681 (Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.9 ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0680
+CVE-1999-0680 (Windows NT Terminal Server performs extra work when a client opens a n ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0679
+CVE-1999-0679 (Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0678
+CVE-1999-0678 (A default configuration of Apache on Debian GNU/Linux sets the ServerR ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0676
+CVE-1999-0676 (sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitiv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0675
+CVE-1999-0675 (Check Point FireWall-1 can be subjected to a denial of service via UDP ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0674
+CVE-1999-0674 (The BSD profil system call allows a local user to modify the internal  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0672
+CVE-1999-0672 (Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0671
+CVE-1999-0671 (Buffer overflow in ToxSoft NextFTP client through CWD command. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0668
+CVE-1999-0668 (The scriptlet.typelib ActiveX control is marked as "safe for scripting ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0628
+CVE-1999-0628 (The rwho/rwhod service is running, which exposes machine status and us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0627
+CVE-1999-0627 (The rexd service is running, which uses weak authentication that can a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0626
+CVE-1999-0626 (A version of rusers is running that exposes valid user information to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0612
+CVE-1999-0612 (A version of finger is running that exposes valid user information to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0608
+CVE-1999-0608 (An incorrect configuration of the PDG Shopping Cart CGI program "shopp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0566
+CVE-1999-0566 (An attacker can write to syslog files from any location, causing a den ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0551
+CVE-1999-0551 (HP OpenMail can be misconfigured to allow users to run arbitrary comma ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0526
+CVE-1999-0526 (An X server's access control is disabled (e.g. through an "xhost +" co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0514
+CVE-1999-0514 (UDP messages to broadcast addresses are allowed, allowing for a Fraggl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0513
+CVE-1999-0513 (ICMP messages to broadcast addresses are allowed, allowing for a Smurf ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0496
+CVE-1999-0496 (A Windows NT 4.0 user can gain administrative rights by forcing NtOpen ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0494
+CVE-1999-0494 (Denial of service in WinGate proxy through a buffer overflow in POP3. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0493
+CVE-1999-0493 (rpc.statd allows remote attackers to forward RPC calls to the local op ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0491
+CVE-1999-0491 (The prompt parsing in bash allows a local user to execute commands as  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0487
+CVE-1999-0487 (The DHTML Edit ActiveX control in Internet Explorer allows remote atta ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0485
+CVE-1999-0485 (Remote attackers can cause a system crash through ipintr() in ipq in O ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0484
+CVE-1999-0484 (Buffer overflow in OpenBSD ping. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0483
+CVE-1999-0483 (OpenBSD crash using nlink value in FFS and EXT2FS filesystems. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0482
+CVE-1999-0482 (OpenBSD kernel crash through TSS handling, as caused by the crashme pr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0481
+CVE-1999-0481 (Denial of service in "poll" in OpenBSD. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0479
+CVE-1999-0479 (Denial of service Netscape Enterprise Server with VirtualVault on HP-U ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0478
+CVE-1999-0478 (Denial of service in HP-UX sendmail 8.8.6 related to accepting connect ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0475
+CVE-1999-0475 (A race condition in how procmail handles .procmailrc files allows a lo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0474
+CVE-1999-0474 (The ICQ Webserver allows remote attackers to use .. to access arbitrar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0473
+CVE-1999-0473 (The rsync command before rsync 2.3.1 may inadvertently change the perm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0472
+CVE-1999-0472 (The SNMP default community name "public" is not properly removed in Ne ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0471
+CVE-1999-0471 (The remote proxy server in Winroute allows a remote attacker to reconf ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0470
+CVE-1999-0470 (A weak encryption algorithm is used for passwords in Novell Remote.NLM ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0468
+CVE-1999-0468 (Internet Explorer 5.0 allows a remote server to read arbitrary files o ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0466
+CVE-1999-0466 (The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0464
+CVE-1999-0464 (Local users can perform a denial of service in Tripwire 1.2 and earlie ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0463
+CVE-1999-0463 (Remote attackers can perform a denial of service using IRIX fcagent. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0458
+CVE-1999-0458 (L0phtcrack 2.5 used temporary files in the system TEMP directory which ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0457
+CVE-1999-0457 (Linux ftpwatch program allows local users to gain root privileges. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0449
+CVE-1999-0449 (The ExAir sample site in IIS 4 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0448
+CVE-1999-0448 (IIS 4.0 and Apache log HTTP request methods, regardless of how long th ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0447
+CVE-1999-0447 (Local users can gain privileges using the debug utility in the MPE/iX  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0446
+CVE-1999-0446 (Local users can perform a denial of service in NetBSD 1.3.3 and earlie ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0445
+CVE-1999-0445 (In Cisco routers under some versions of IOS 12.0 running NAT, some pac ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0442
+CVE-1999-0442 (Solaris ff.core allows local users to modify files. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0441
+CVE-1999-0441 (Remote attackers can perform a denial of service in WinGate machines u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0440
+CVE-1999-0440 (The byte code verifier component of the Java Virtual Machine (JVM) all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0439
+CVE-1999-0439 (Buffer overflow in procmail before version 3.12 allows remote or local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0438
+CVE-1999-0438 (Remote attackers can perform a denial of service in WebRamp systems by ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0437
+CVE-1999-0437 (Remote attackers can perform a denial of service in WebRamp systems by ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0436
+CVE-1999-0436 (Domain Enterprise Server Management System (DESMS) in HP-UX allows loc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0433
+CVE-1999-0433 (XFree86 startx command is vulnerable to a symlink attack, allowing loc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0432
+CVE-1999-0432 (ftp on HP-UX 11.00 allows local users to gain privileges. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0430
+CVE-1999-0430 (Cisco Catalyst LAN switches running Catalyst 5000 supervisor software  ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0429
+CVE-1999-0429 (The Lotus Notes 4.5 client may send a copy of encrypted mail in the cl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0428
+CVE-1999-0428 (OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and by ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0425
+CVE-1999-0425 (talkback in Netscape 4.5 allows a local user to kill an arbitrary proc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0424
+CVE-1999-0424 (talkback in Netscape 4.5 allows a local user to overwrite arbitrary fi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0423
+CVE-1999-0423 (Vulnerability in hpterm on HP-UX 10.20 allows local users to gain addi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0422
+CVE-1999-0422 (In some cases, NetBSD 1.3.3 mount allows local users to execute progra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0421
+CVE-1999-0421 (During a reboot after an installation of Linux Slackware 3.6, a remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0420
+CVE-1999-0420 (umapfs allows local users to gain root privileges by changing their ui ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0417
+CVE-1999-0417 (64 bit Solaris 7 procfs allows local users to perform a denial of serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0416
+CVE-1999-0416 (Vulnerability in Cisco 7xx series routers allows a remote attacker to  ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0415
+CVE-1999-0415 (The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0414
+CVE-1999-0414 (In Linux before version 2.0.36, remote attackers can spoof a TCP conne ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0413
+CVE-1999-0413 (A buffer overflow in the SGI X server allows local users to gain root  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0412
+CVE-1999-0412 (In IIS and other web servers, an attacker can attack commands as SYSTE ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0410
+CVE-1999-0410 (The cancel command in Solaris 2.6 (i386) has a buffer overflow that al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0409
+CVE-1999-0409 (Buffer overflow in gnuplot in Linux version 3.5 allows local users to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0408
+CVE-1999-0408 (Files created from interactive shell sessions in Cobalt RaQ microserve ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0407
+CVE-1999-0407 (By default, IIS 4.0 has a virtual directory /IISADMPWD which contains  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0405
+CVE-1999-0405 (A buffer overflow in lsof allows local users to obtain root privilege. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0404
+CVE-1999-0404 (Buffer overflow in the Mail-Max SMTP server for Windows systems allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0403
+CVE-1999-0403 (A bug in Cyrix CPUs on Linux allows local users to perform a denial of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0402
+CVE-1999-0402 (wget 1.5.3 follows symlinks to change permissions of the target file i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0396
+CVE-1999-0396 (A race condition between the select() and accept() calls in NetBSD TCP ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0395
+CVE-1999-0395 (A race condition in the BackWeb Polite Agent Protocol allows an attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0393
+CVE-1999-0393 (Remote attackers can cause a denial of service in Sendmail 8.8.x and 8 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0392
+CVE-1999-0392 (Buffer overflow in Thomas Boutell's cgic library version up to 1.05. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0391
+CVE-1999-0391 (The cryptographic challenge of SMB authentication in Windows 95 and Wi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0390
+CVE-1999-0390 (Buffer overflow in Dosemu Slang library in Linux. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0388
+CVE-1999-0388 (DataLynx suGuard trusts the PATH environment variable to execute the p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0387
+CVE-1999-0387 (A legacy credential caching mechanism used in Windows 95 and Windows 9 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0386
+CVE-1999-0386 (Microsoft Personal Web Server and FrontPage Personal Web Server in som ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0385
+CVE-1999-0385 (The LDAP bind function in Exchange 5.5 has a buffer overflow that allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0384
+CVE-1999-0384 (The Forms 2.0 ActiveX control (included with Visual Basic for Applicat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0383
+CVE-1999-0383 (ACC Tigris allows public access without a login. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0382
+CVE-1999-0382 (The screen saver in Windows NT does not verify that its security conte ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0380
+CVE-1999-0380 (SLMail 3.1 and 3.2 allows local users to access any file in the NTFS f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0379
+CVE-1999-0379 (Microsoft Taskpads allows remote web sites to execute commands on the  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0378
+CVE-1999-0378 (InterScan VirusWall for Solaris doesn't scan files for viruses when a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0377
+CVE-1999-0377 (Process table attack in Unix systems allows a remote attacker to perfo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0376
+CVE-1999-0376 (Local users in Windows NT can obtain administrator privileges by chang ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0375
+CVE-1999-0375 (Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Researc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0374
+CVE-1999-0374 (Debian GNU/Linux cfengine package is susceptible to a symlink attack. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0373
+CVE-1999-0373 (Buffer overflow in the "Super" utility in Debian GNU/Linux, and other  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0372
+CVE-1999-0372 (The installer for BackOffice Server includes account names and passwor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0371
+CVE-1999-0371 (Lynx allows a local user to overwrite sensitive files through /tmp sym ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0369
+CVE-1999-0369 (The Sun sdtcm_convert calendar utility for OpenWindows has a buffer ov ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0368
+CVE-1999-0368 (Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0367
+CVE-1999-0367 (NetBSD netstat command allows local users to access kernel memory. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0366
+CVE-1999-0366 (In some cases, Service Pack 4 for Windows NT 4.0 can allow access to n ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0365
+CVE-1999-0365 (The metamail package allows remote command execution using shell metac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0363
+CVE-1999-0363 (SuSE 5.2 PLP lpc program has a buffer overflow that leads to root comp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0362
+CVE-1999-0362 (WS_FTP server remote denial of service through cwd command. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0358
+CVE-1999-0358 (Digital Unix 4.0 has a buffer overflow in the inc program of the mh pa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0357
+CVE-1999-0357 (Windows 98 and other operating systems allows remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0355
+CVE-1999-0355 (Local or remote users can force ControlIT 4.5 to reboot or force a use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0353
+CVE-1999-0353 (rpc.pcnfsd in HP gives remote root access by changing the permissions  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0351
+CVE-1999-0351 (FTP PASV "Pizza Thief" denial of service and unauthorized data access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0350
+CVE-1999-0350 (Race condition in the db_loader program in ClearCase gives local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0349
+CVE-1999-0349 (A buffer overflow in the FTP list (ls) command in IIS allows remote at ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0348
+CVE-1999-0348 (IIS ASP caching problem releases sensitive information when two virtua ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0346
+CVE-1999-0346 (CGI PHP mlog script allows an attacker to read any file on the target  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0344
+CVE-1999-0344 (NT users can gain debug-level access on a system process using the Sec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0343
+CVE-1999-0343 (A malicious Palace server can force a client to execute arbitrary prog ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0342
+CVE-1999-0342 (Linux PAM modules allow local users to gain root access using temporar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0341
+CVE-1999-0341 (Buffer overflow in the Linux mail program "deliver" allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0340
+CVE-1999-0340 (Buffer overflow in Linux Slackware crond program allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0339
+CVE-1999-0339 (Buffer overflow in the libauth library in Solaris allows local users t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0338
+CVE-1999-0338 (AIX Licensed Program Product performance tools allow local users to ga ...)
 	NOT-FOR-US: AIX
-CVE-1999-0337
+CVE-1999-0337 (AIX batch queue (bsh) allows local and remote users to gain additional ...)
 	NOT-FOR-US: AIX
-CVE-1999-0335
+CVE-1999-0335 (DEPRECATED.  This entry has been deprecated.  It is a duplicate of CVE ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0334
+CVE-1999-0334 (In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0332
+CVE-1999-0332 (Buffer overflow in NetMeeting allows denial of service and remote comm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0329
+CVE-1999-0329 (SGI mediad program allows local users to gain root access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0328
+CVE-1999-0328 (SGI permissions program allows local users to gain root privileges. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0327
+CVE-1999-0327 (SGI syserr program allows local users to corrupt files. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0326
+CVE-1999-0326 (Vulnerability in HP-UX mediainit program. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0325
+CVE-1999-0325 (vhe_u_mnt program in HP-UX allows local users to create root files thr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0324
+CVE-1999-0324 (ppl program in HP-UX allows local users to create root files through s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0323
+CVE-1999-0323 (FreeBSD mmap function allows users to modify append-only or immutable  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0322
+CVE-1999-0322 (The open() function in FreeBSD allows local attackers to write to arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0321
+CVE-1999-0321 (Buffer overflow in Solaris kcms_configure command allows local users t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0320
+CVE-1999-0320 (SunOS rpc.cmsd allows attackers to obtain root access by overwriting a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0318
+CVE-1999-0318 (Buffer overflow in xmcd 2.0p12 allows local users to gain access throu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0316
+CVE-1999-0316 (Buffer overflow in Linux splitvt command gives root access to local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0315
+CVE-1999-0315 (Buffer overflow in Solaris fdformat command gives root access to local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0314
+CVE-1999-0314 (ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to g ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0313
+CVE-1999-0313 (disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0312
+CVE-1999-0312 (HP ypbind allows attackers with root privileges to modify NIS data. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0311
+CVE-1999-0311 (fpkg2swpk in HP-UX allows local users to gain root access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0310
+CVE-1999-0310 (SSH 1.2.25 on HP-UX allows access to new user accounts. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0309
+CVE-1999-0309 (HP-UX vgdisplay program gives root access to local users. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0308
+CVE-1999-0308 (HP-UX gwind program allows users to modify arbitrary files. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0305
+CVE-1999-0305 (The system configuration control (sysctl) facility in BSD based operat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0304
+CVE-1999-0304 (mmap function in BSD allows local attackers in the kmem group to modif ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0303
+CVE-1999-0303 (Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0302
+CVE-1999-0302 (SunOS/Solaris FTP clients can be forced to execute arbitrary commands  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0301
+CVE-1999-0301 (Buffer overflow in SunOS/Solaris ps command. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0300
+CVE-1999-0300 (nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0299
+CVE-1999-0299 (Buffer overflow in FreeBSD lpd through long DNS hostnames. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0297
+CVE-1999-0297 (Buffer overflow in Vixie Cron library up to version 3.0 allows local u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0296
+CVE-1999-0296 (Solaris volrmmount program allows attackers to read any file. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0295
+CVE-1999-0295 (Solaris sysdef command allows local users to read kernel memory, poten ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0294
+CVE-1999-0294 (All records in a WINS database can be deleted through SNMP for a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0293
+CVE-1999-0293 (AAA authentication on Cisco systems allows attackers to execute comman ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0292
+CVE-1999-0292 (Denial of service through Winpopup using large user names. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0291
+CVE-1999-0291 (The WinGate proxy is installed without a password, which allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0290
+CVE-1999-0290 (The WinGate telnet proxy allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0289
+CVE-1999-0289 (The Apache web server for Win32 may provide access to restricted files ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0288
+CVE-1999-0288 (The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0281
+CVE-1999-0281 (Denial of service in IIS using long URLs. ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0280
+CVE-1999-0280 (Remote command execution in Microsoft Internet Explorer using .lnk and ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0279
+CVE-1999-0279 (Excite for Web Servers (EWS) allows remote command execution via shell ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0278
+CVE-1999-0278 (In IIS, remote attackers can obtain source code for ASP files by appen ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0277
+CVE-1999-0277 (The WorkMan program can be used to overwrite any file to get root acce ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0276
+CVE-1999-0276 (mSQL v2.0.1 and below allows remote execution through a buffer overflo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0275
+CVE-1999-0275 (Denial of service in Windows NT DNS servers by flooding port 53 with t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0274
+CVE-1999-0274 (Denial of service in Windows NT DNS servers through malicious packet w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0273
+CVE-1999-0273 (Denial of service through Solaris 2.5.1 telnet by sending ^D character ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0272
+CVE-1999-0272 (Denial of service in Slmail v2.5 through the POP3 port. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0270
+CVE-1999-0270 (Directory traversal vulnerability in pfdispaly.cgi program (sometimes  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0269
+CVE-1999-0269 (Netscape Enterprise servers may list files through the PageServices qu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0268
+CVE-1999-0268 (MetaInfo MetaWeb web server allows users to upload, execute, and read  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0267
+CVE-1999-0267 (Buffer overflow in NCSA HTTP daemon v1.3 allows remote command executi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0266
+CVE-1999-0266 (The info2www CGI script allows remote file access or remote command ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0265
+CVE-1999-0265 (ICMP redirect messages may crash or lock up a host. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0264
+CVE-1999-0264 (htmlscript CGI program allows remote read access to files. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0263
+CVE-1999-0263 (Solaris SUNWadmap can be exploited to obtain root access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0262
+CVE-1999-0262 (Hylafax faxsurvey CGI script on Linux allows remote attackers to execu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0260
+CVE-1999-0260 (The jj CGI program allows command execution via shell metacharacters. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0259
+CVE-1999-0259 (cfingerd lists all users on a system via search.**@target. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0256
+CVE-1999-0256 (Buffer overflow in War FTP allows remote execution of commands. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0252
+CVE-1999-0252 (Buffer overflow in listserv allows arbitrary command execution. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0251
+CVE-1999-0251 (Denial of service in talk program allows remote attackers to disrupt a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0248
+CVE-1999-0248 (A race condition in the authentication agent mechanism of sshd 1.2.17  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0247
+CVE-1999-0247 (Buffer overflow in nnrpd program in INN up to version 1.6 allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0245
+CVE-1999-0245 (Some configurations of NIS+ in Linux allowed attackers to log in as th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0244
+CVE-1999-0244 (Livingston RADIUS code has a buffer overflow which can allow remote ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0239
+CVE-1999-0239 (Netscape FastTrack Web server lists files when a lowercase "get" comma ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0237
+CVE-1999-0237 (Remote execution of arbitrary commands through Guestbook CGI program. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0236
+CVE-1999-0236 (ScriptAlias directory in NCSA and Apache httpd allowed attackers to re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0234
+CVE-1999-0234 (Bash treats any character with a value of 255 as a command separator. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0233
+CVE-1999-0233 (IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0230
+CVE-1999-0230 (Buffer overflow in Cisco 7xx routers through the telnet service. ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0228
+CVE-1999-0228 (Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0227
+CVE-1999-0227 (Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0225
+CVE-1999-0225 (Windows NT 4.0 allows remote attackers to cause a denial of service vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0224
+CVE-1999-0224 (Denial of service in Windows NT messenger service through a long usern ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0223
+CVE-1999-0223 (Solaris syslogd crashes when receiving a message from a host that does ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0221
+CVE-1999-0221 (Denial of service of Ascend routers through port 150 (remote administr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0219
+CVE-1999-0219 (Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0218
+CVE-1999-0218 (Livingston portmaster machines could be rebooted via a series of comma ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0217
+CVE-1999-0217 (Malicious option settings in UDP packets could force a reboot in SunOS ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0215
+CVE-1999-0215 (Routed allows attackers to append data to files. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0214
+CVE-1999-0214 (Denial of service by sending forged ICMP unreachable packets. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0212
+CVE-1999-0212 (Solaris rpc.mountd generates error messages that allow a remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0211
+CVE-1999-0211 (Extra long export lists over 256 characters in some mount daemons allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0210
+CVE-1999-0210 (Automount daemon automountd allows local or remote users to gain privi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0209
+CVE-1999-0209 (The SunView (SunTools) selection_svc facility allows remote users to r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0208
+CVE-1999-0208 (rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0207
+CVE-1999-0207 (Remote attacker can execute commands through Majordomo using the Reply ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0206
+CVE-1999-0206 (MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0204
+CVE-1999-0204 (Sendmail 8.6.9 allows remote attackers to execute root commands, using ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0203
+CVE-1999-0203 (In Sendmail, attackers can gain root privileges via SMTP by specifying ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0202
+CVE-1999-0202 (The GNU tar command, when used in FTP sessions, may allow an attacker  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0201
+CVE-1999-0201 (A quote cwd command on FTP servers can reveal the full path of the hom ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0196
+CVE-1999-0196 (websendmail in Webgais 1.0 allows a remote user to access arbitrary fi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0194
+CVE-1999-0194 (Denial of service in in.comsat allows attackers to generate messages. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0192
+CVE-1999-0192 (Buffer overflow in telnet daemon tgetent routing allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0191
+CVE-1999-0191 (IIS newdsn.exe CGI script allows remote users to overwrite files. ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0190
+CVE-1999-0190 (Solaris rpcbind can be exploited to overwrite arbitrary files and gain ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0189
+CVE-1999-0189 (Solaris rpcbind listens on a high numbered UDP port, which may not be  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0188
+CVE-1999-0188 (The passwd command in Solaris can be subjected to a denial of service. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0185
+CVE-1999-0185 (In SunOS or Solaris, a remote user could connect from an FTP server's  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0184
+CVE-1999-0184 (When compiled with the -DALLOW_UPDATES option, bind allows dynamic upd ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0183
+CVE-1999-0183 (Linux implementations of TFTP would allow access to files outside the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0182
+CVE-1999-0182 (Samba has a buffer overflow which allows a remote attacker to obtain r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0181
+CVE-1999-0181 (The wall daemon can be used for denial of service, social engineering  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0180
+CVE-1999-0180 (in.rshd allows users to login with a NULL username and execute command ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0179
+CVE-1999-0179 (Windows NT crashes or locks up when a Samba client executes a "cd .."  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0178
+CVE-1999-0178 (Buffer overflow in the win-c-sample program (win-c-sample.exe) in the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0177
+CVE-1999-0177 (The uploader program in the WebSite web server allows a remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0176
+CVE-1999-0176 (The Webgais program allows a remote user to execute arbitrary commands ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0175
+CVE-1999-0175 (The convert.bas program in the Novell web server allows a remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0174
+CVE-1999-0174 (The view-source CGI program allows remote attackers to read arbitrary  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0173
+CVE-1999-0173 (FormMail CGI program can be used by web servers other than the host se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0172
+CVE-1999-0172 (FormMail CGI program allows remote execution of commands. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0170
+CVE-1999-0170 (Remote attackers can mount an NFS file system in Ultrix or OSF, even i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0168
+CVE-1999-0168 (The portmapper may act as a proxy and redirect service requests from a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0167
+CVE-1999-0167 (In SunOS, NFS file handles could be guessed, giving unauthorized acces ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0166
+CVE-1999-0166 (NFS allows users to use a "cd .." command to access other directories  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0164
+CVE-1999-0164 (A race condition in the Solaris ps command allows an attacker to overw ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0162
+CVE-1999-0162 (The "established" keyword in some Cisco IOS software allowed an attack ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0161
+CVE-1999-0161 (In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended I ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0160
+CVE-1999-0160 (Some classic Cisco IOS devices have a vulnerability in the PPP CHAP au ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0159
+CVE-1999-0159 (Attackers can crash a Cisco IOS router or device, provided they can ge ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0158
+CVE-1999-0158 (Cisco PIX firewall manager (PFM) on Windows NT allows attackers to con ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0157
+CVE-1999-0157 (Cisco PIX firewall and CBAC IP fragmentation attack results in a denia ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0155
+CVE-1999-0155 (The ghostscript command with the -dSAFER option allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0153
+CVE-1999-0153 (Windows 95/NT out of band (OOB) data denial of service through NETBIOS ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0152
+CVE-1999-0152 (The DG/UX finger daemon allows remote command execution through shell  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0151
+CVE-1999-0151 (The SATAN session key may be disclosed if the user points the web brow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0150
+CVE-1999-0150 (The Perl fingerd program allows arbitrary command execution from remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0149
+CVE-1999-0149 (The wrap CGI program in IRIX allows remote attackers to view arbitrary ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0148
+CVE-1999-0148 (The handler CGI program in IRIX allows arbitrary command execution. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0147
+CVE-1999-0147 (The aglimpse CGI program of the Glimpse package allows remote executio ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0146
+CVE-1999-0146 (The campas CGI program provided with some NCSA web servers allows an a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0145
+CVE-1999-0145 (Sendmail WIZ command enabled, allowing root access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0143
+CVE-1999-0143 (Kerberos 4 key servers allow a user to masquerade as another by breaki ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0142
+CVE-1999-0142 (The Java Applet Security Manager implementation in Netscape Navigator  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0141
+CVE-1999-0141 (Java Bytecode Verifier allows malicious applets to execute arbitrary c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0139
+CVE-1999-0139 (Buffer overflow in Solaris x86 mkcookie allows local users to obtain r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0138
+CVE-1999-0138 (The suidperl and sperl program do not give up root privileges when cha ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0137
+CVE-1999-0137 (The dip program on many Linux systems allows local users to gain root  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0136
+CVE-1999-0136 (Kodak Color Management System (KCMS) on Solaris allows a local user to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0135
+CVE-1999-0135 (admintool in Solaris allows a local user to write to arbitrary files a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0134
+CVE-1999-0134 (vold in Solaris 2.x allows local users to gain root access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0133
+CVE-1999-0133 (fm_fls license server for Adobe Framemaker allows local users to overw ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0132
+CVE-1999-0132 (Expreserve, as used in vi and ex, allows local users to overwrite arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0131
+CVE-1999-0131 (Buffer overflow and denial of service in Sendmail 8.7.5 and earlier th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0130
+CVE-1999-0130 (Local users can start Sendmail in daemon mode and gain root privileges ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0129
+CVE-1999-0129 (Sendmail allows local users to write to a file and gain group permissi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0128
+CVE-1999-0128 (Oversized ICMP ping packets can result in a denial of service, aka Pin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0126
+CVE-1999-0126 (SGI IRIX buffer overflow in xterm and Xaw allows root access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0125
+CVE-1999-0125 (Buffer overflow in SGI IRIX mailx program. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0124
+CVE-1999-0124 (Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0122
+CVE-1999-0122 (Buffer overflow in AIX lchangelv gives root access. ...)
 	NOT-FOR-US: AIX
-CVE-1999-0120
+CVE-1999-0120 (Sun/Solaris utmp file allows local users to gain root access if it is  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0118
+CVE-1999-0118 (AIX infod allows local users to gain root access through an X display. ...)
 	NOT-FOR-US: AIX
-CVE-1999-0117
+CVE-1999-0117 (AIX passwd allows local users to gain root access. ...)
 	NOT-FOR-US: AIX
-CVE-1999-0116
+CVE-1999-0116 (Denial of service when an attacker sends many SYN packets to create mu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0115
+CVE-1999-0115 (AIX bugfiler program allows local users to gain root access. ...)
 	NOT-FOR-US: AIX
-CVE-1999-0113
+CVE-1999-0113 (Some implementations of rlogin allow root access if given a -froot par ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0112
+CVE-1999-0112 (Buffer overflow in AIX dtterm program for the CDE. ...)
 	NOT-FOR-US: AIX
-CVE-1999-0111
+CVE-1999-0111 (RIP v1 is susceptible to spoofing. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0109
+CVE-1999-0109 (Buffer overflow in ffbconfig in Solaris 2.5.1. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0108
+CVE-1999-0108 (The printers program in IRIX has a buffer overflow that gives root acc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0103
+CVE-1999-0103 (Echo and chargen, or other combinations of UDP services, can be used i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0102
+CVE-1999-0102 (Buffer overflow in SLmail 3.x allows attackers to execute commands usi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0101
+CVE-1999-0101 (Buffer overflow in AIX and Solaris "gethostbyname" library call allows ...)
 	NOT-FOR-US: AIX
-CVE-1999-0100
+CVE-1999-0100 (Remote access in AIX innd 1.5.1, using control messages. ...)
 	NOT-FOR-US: AIX
-CVE-1999-0099
+CVE-1999-0099 (Buffer overflow in syslog utility allows local or remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0097
+CVE-1999-0097 (The AIX FTP client can be forced to execute commands from a malicious  ...)
 	NOT-FOR-US: AIX
-CVE-1999-0096
+CVE-1999-0096 (Sendmail decode alias can be used to overwrite sensitive files. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0095
+CVE-1999-0095 (The debug command in Sendmail is enabled, allowing attackers to execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0094
+CVE-1999-0094 (AIX piodmgrsu command allows local users to gain additional group priv ...)
 	NOT-FOR-US: AIX
-CVE-1999-0093
+CVE-1999-0093 (AIX nslookup command allows local users to obtain root access by not d ...)
 	NOT-FOR-US: AIX
-CVE-1999-0091
+CVE-1999-0091 (Buffer overflow in AIX writesrv command allows local users to obtain r ...)
 	NOT-FOR-US: AIX
-CVE-1999-0090
+CVE-1999-0090 (Buffer overflow in AIX rcp command allows local users to obtain root a ...)
 	NOT-FOR-US: AIX
-CVE-1999-0087
+CVE-1999-0087 (Denial of service in AIX telnet can freeze a system and prevent users  ...)
 	NOT-FOR-US: AIX
-CVE-1999-0085
+CVE-1999-0085 (Buffer overflow in rwhod on AIX and other operating systems allows rem ...)
 	NOT-FOR-US: AIX
-CVE-1999-0084
+CVE-1999-0084 (Certain NFS servers allow users to use mknod to gain privileges by cre ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0083
+CVE-1999-0083 (getcwd() file descriptor leak in FTP. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0082
+CVE-1999-0082 (CWD ~root command in ftpd allows root access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0081
+CVE-1999-0081 (wu-ftp allows files to be overwritten via the rnfr command. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0080
+CVE-1999-0080 (Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0079
+CVE-1999-0079 (Remote attackers can cause a denial of service in FTP by issuing multi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0077
+CVE-1999-0077 (Predictable TCP sequence numbers allow spoofing. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0075
+CVE-1999-0075 (PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV comma ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0074
+CVE-1999-0074 (Listening TCP ports are sequentially allocated, allowing spoofing atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0073
+CVE-1999-0073 (Telnet allows a remote client to specify environment variables includi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0072
+CVE-1999-0072 (Buffer overflow in AIX xdat gives root access to local users. ...)
 	NOT-FOR-US: AIX
-CVE-1999-0071
+CVE-1999-0071 (Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0070
+CVE-1999-0070 (test-cgi program allows an attacker to list files on the server. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0069
+CVE-1999-0069 (Solaris ufsrestore buffer overflow. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0068
+CVE-1999-0068 (CGI PHP mylog script allows an attacker to read any file on the target ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0067
+CVE-1999-0067 (phf CGI program allows remote command execution through shell metachar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0066
+CVE-1999-0066 (AnyForm CGI remote execution. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0065
+CVE-1999-0065 (Multiple buffer overflows in how dtmail handles attachments allows a r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0064
+CVE-1999-0064 (Buffer overflow in AIX lquerylv program gives root access to local use ...)
 	NOT-FOR-US: AIX
-CVE-1999-0063
+CVE-1999-0063 (Cisco IOS 12.0 and other versions can be crashed by malicious UDP pack ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0062
+CVE-1999-0062 (The chpass command in OpenBSD allows a local user to gain root access  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0060
+CVE-1999-0060 (Attackers can cause a denial of service in Ascend MAX and Pipeline rou ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0059
+CVE-1999-0059 (IRIX fam service allows an attacker to obtain a list of all files on t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0058
+CVE-1999-0058 (Buffer overflow in PHP cgi program, php.cgi allows shell access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0057
+CVE-1999-0057 (Vacation program allows command execution by remote users through a se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0056
+CVE-1999-0056 (Buffer overflow in Sun's ping program can give root access to local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0055
+CVE-1999-0055 (Buffer overflows in Sun libnsl allow root access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0054
+CVE-1999-0054 (Sun's ftpd daemon can be subjected to a denial of service. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0053
+CVE-1999-0053 (TCP RST denial of service in FreeBSD. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0052
+CVE-1999-0052 (IP fragmentation denial of service in FreeBSD allows a remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0051
+CVE-1999-0051 (Arbitrary file creation and program execution using FLEXlm LicenseMana ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0050
+CVE-1999-0050 (Buffer overflow in HP-UX newgrp program. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0049
+CVE-1999-0049 (Csetup under IRIX allows arbitrary file creation or overwriting. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0048
+CVE-1999-0048 (Talkd, when given corrupt DNS information, can be used to execute arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0047
+CVE-1999-0047 (MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0046
+CVE-1999-0046 (Buffer overflow of rlogin program using TERM environmental variable. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0045
+CVE-1999-0045 (List of arbitrary files on Web host via nph-test-cgi script. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0044
+CVE-1999-0044 (fsdump command in IRIX allows local users to obtain root access by mod ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0043
+CVE-1999-0043 (Command execution via shell metachars in INN daemon (innd) 1.5 using " ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0042
+CVE-1999-0042 (Buffer overflow in University of Washington's implementation of IMAP a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0041
+CVE-1999-0041 (Buffer overflow in NLS (Natural Language Service). ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0040
+CVE-1999-0040 (Buffer overflow in Xt library of X Windowing System allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0039
+CVE-1999-0039 (webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0038
+CVE-1999-0038 (Buffer overflow in xlock program allows local users to execute command ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0037
+CVE-1999-0037 (Arbitrary command execution via metamail package using message headers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0036
+CVE-1999-0036 (IRIX login program with a nonzero LOCKOUT parameter allows creation or ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0035
+CVE-1999-0035 (Race condition in signal handling routine in ftpd, allowing read/write ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0034
+CVE-1999-0034 (Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0032
+CVE-1999-0032 (Buffer overflow in lpr, as used in BSD-based systems including Linux,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0031
+CVE-1999-0031 (JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0029
+CVE-1999-0029 (root privileges via buffer overflow in ordist command on SGI IRIX syst ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0028
+CVE-1999-0028 (root privileges via buffer overflow in login/scheme command on SGI IRI ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0027
+CVE-1999-0027 (root privileges via buffer overflow in eject command on SGI IRIX syste ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0026
+CVE-1999-0026 (root privileges via buffer overflow in pset command on SGI IRIX system ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0025
+CVE-1999-0025 (root privileges via buffer overflow in df command on SGI IRIX systems. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0024
+CVE-1999-0024 (DNS cache poisoning via BIND, by predictable query IDs. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0023
+CVE-1999-0023 (Local user gains root privileges via buffer overflow in rdist, via loo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0022
+CVE-1999-0022 (Local user gains root privileges via buffer overflow in rdist, via exp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0021
+CVE-1999-0021 (Arbitrary command execution via buffer overflow in Count.cgi (wwwcount ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0019
+CVE-1999-0019 (Delete or create a file via rpc.statd, due to invalid information. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0018
+CVE-1999-0018 (Buffer overflow in statd allows root privileges. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0017
+CVE-1999-0017 (FTP servers can allow an attacker to connect to arbitrary ports on mac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0016
+CVE-1999-0016 (Land IP denial of service. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0014
+CVE-1999-0014 (Unauthorized privileged access or denial of service via dtappgather pr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0013
+CVE-1999-0013 (Stolen credentials from SSH clients via ssh-agent program, allowing ot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0012
+CVE-1999-0012 (Some web servers under Microsoft Windows allow remote attackers to byp ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0011
+CVE-1999-0011 (Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0010
+CVE-1999-0010 (Denial of Service vulnerability in BIND 8 Releases via maliciously for ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0009
+CVE-1999-0009 (Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0008
+CVE-1999-0008 (Buffer overflow in NIS+, in Sun's rpc.nisd program. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0007
+CVE-1999-0007 (Information from SSL-encrypted sessions via PKCS #1. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0006
+CVE-1999-0006 (Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0005
+CVE-1999-0005 (Arbitrary command execution via IMAP buffer overflow in authenticate c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0003
+CVE-1999-0003 (Execute commands as root via buffer overflow in Tooltalk database serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0002
+CVE-1999-0002 (Buffer overflow in NFS mountd gives root access to remote attackers, m ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1572
+CVE-1999-1572 (cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operat ...)
 	{DSA-664-1}
 	- cpio 2.5-1.2 (bug #293379)
-CVE-1999-1571
+CVE-1999-1571 (Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1570
+CVE-1999-1570 (Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1569
+CVE-1999-1569 (Quake 1 and NetQuake servers allow remote attackers to cause a denial  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1567
+CVE-1999-1567 (Seapine Software TestTrack server allows a remote attacker to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1566
+CVE-1999-1566 (Buffer overflow in iParty server 1.2 and earlier allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1564
+CVE-1999-1564 (FreeBSD 3.2 and possibly other versions allows a local user to cause a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1563
+CVE-1999-1563 (Nachuatec D435 and D445 printer allows remote attackers to cause a den ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1562
+CVE-1999-1562 (gFTP FTP client 1.13, and other versions before 2.0.0, records a passw ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1561
+CVE-1999-1561 (Nullsoft SHOUTcast server stores the administrative password in plaint ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1560
+CVE-1999-1560 (Vulnerability in a script in Texas A&amp;M University (TAMU) Tiger all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1559
+CVE-1999-1559 (Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the lo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1558
+CVE-1999-1558 (Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows un ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1557
+CVE-1999-1557 (Buffer overflow in the login functions in IMAP server (imapd) in Ipswi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1555
+CVE-1999-1555 (Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1554
+CVE-1999-1554 (/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the gro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1553
+CVE-1999-1553 (Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1552
+CVE-1999-1552 (dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earli ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1551
+CVE-1999-1551 (Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1549
+CVE-1999-1549 (Lynx 2.x does not properly distinguish between internal and external H ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1548
+CVE-1999-1548 (Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle 2 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1547
+CVE-1999-1547 (Oracle Web Listener 2.1 allows remote attackers to bypass access restr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1546
+CVE-1999-1546 (netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1545
+CVE-1999-1545 (Joe's Own Editor (joe) 2.8 sets the world-readable permission on its c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1544
+CVE-1999-1544 (Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows loca ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1543
+CVE-1999-1543 (MacOS uses weak encryption for passwords that are stored in the Users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1541
+CVE-1999-1541 (shell-lock in Cactus Software Shell Lock allows local users to read or ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1540
+CVE-1999-1540 (shell-lock in Cactus Software Shell Lock uses weak encryption (trivial ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1539
+CVE-1999-1539 (Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1538
+CVE-1999-1538 (When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1536
+CVE-1999-1536 (.sbstart startup script in AcuShop Salesbuilder is world writable, whi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1534
+CVE-1999-1534 (Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia b ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1533
+CVE-1999-1533 (Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1532
+CVE-1999-1532 (Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1529
+CVE-1999-1529 (A buffer overflow exists in the HELO command in Trend Micro Interscan  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1528
+CVE-1999-1528 (ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automaticall ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1527
+CVE-1999-1527 (Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1526
+CVE-1999-1526 (Auto-update feature of Macromedia Shockwave 7 transmits a user's passw ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1525
+CVE-1999-1525 (Macromedia Shockwave before 6.0 allows a malicious webmaster to read a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1524
+CVE-1999-1524 (FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1523
+CVE-1999-1523 (Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1522
+CVE-1999-1522 (Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1521
+CVE-1999-1521 (Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1519
+CVE-1999-1519 (Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1518
+CVE-1999-1518 (Operating systems with shared memory implementations based on BSD 4.4  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1517
+CVE-1999-1517 (runtar in the Amanda backup system used in various UNIX operating syst ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1516
+CVE-1999-1516 (A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1515
+CVE-1999-1515 (A non-default configuration in TenFour TFS Gateway 4.0 allows an attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1514
+CVE-1999-1514 (Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1513
+CVE-1999-1513 (Management information base (MIB) for a 3Com SuperStack II hub running ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1511
+CVE-1999-1511 (Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1510
+CVE-1999-1510 (Buffer overflows in Bisonware FTP server prior to 4.1 allow remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1509
+CVE-1999-1509 (Directory traversal vulnerability in Etype Eserv 2.50 web server allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1508
+CVE-1999-1508 (Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1506
+CVE-1999-1506 (Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1505
+CVE-1999-1505 (Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1504
+CVE-1999-1504 (Stalker Internet Mail Server 1.6 allows a remote attacker to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1503
+CVE-1999-1503 (Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1502
+CVE-1999-1502 (Buffer overflows in Quake 1.9 client allows remote malicious servers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1501
+CVE-1999-1501 ((1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1500
+CVE-1999-1500 (Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1499
+CVE-1999-1499 (named in ISC BIND 4.9 and 8.1 allows local users to destroy files via  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1498
+CVE-1999-1498 (Slackware Linux 3.4 pkgtool allows local attacker to read and write to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1497
+CVE-1999-1497 (Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1496
+CVE-1999-1496 (Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to det ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1495
+CVE-1999-1495 (xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1493
+CVE-1999-1493 (Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1492
+CVE-1999-1492 (Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows loc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1491
+CVE-1999-1491 (abuse.console in Red Hat 2.1 uses relative pathnames to find and execu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1489
+CVE-1999-1489 (Buffer overflow in TestChip function in XFree86 SuperProbe in Slackwar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1487
+CVE-1999-1487 (Vulnerability in digest in AIX 4.3 allows printq users to gain root pr ...)
 	NOT-FOR-US: AIX
-CVE-1999-1485
+CVE-1999-1485 (nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP po ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1484
+CVE-1999-1484 (Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1483
+CVE-1999-1483 (Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1482
+CVE-1999-1482 (SVGAlib zgv 3.0-7 and earlier allows local users to gain root access v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1480
+CVE-1999-1480 ((1) acledit and (2) aclput in AIX 4.3 allow local users to create or m ...)
 	NOT-FOR-US: AIX
-CVE-1999-1479
+CVE-1999-1479 (The textcounter.pl by Matt Wright allows remote attackers to execute a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1477
+CVE-1999-1477 (Buffer overflow in GNOME libraries 1.0.8 allows local user to gain roo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1475
+CVE-1999-1475 (ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1474
+CVE-1999-1474 (PowerPoint 95 and 97 allows remote attackers to cause an application t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1471
+CVE-1999-1471 (Buffer overflow in passwd in BSD based operating systems 4.3 and earli ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1470
+CVE-1999-1470 (Eastman Work Management 3.21 stores passwords in cleartext in the COMM ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1469
+CVE-1999-1469 (Buffer overflow in w3-auth CGI program in miniSQL package allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1467
+CVE-1999-1467 (Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trust ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1466
+CVE-1999-1466 (Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote  ...)
 	NOT-FOR-US: Cisco
-CVE-1999-1465
+CVE-1999-1465 (Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast swi ...)
 	NOT-FOR-US: Cisco
-CVE-1999-1464
+CVE-1999-1464 (Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast swi ...)
 	NOT-FOR-US: Cisco
-CVE-1999-1463
+CVE-1999-1463 (Windows NT 4.0 before SP3 allows remote attackers to bypass firewall r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1462
+CVE-1999-1462 (Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b an ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1461
+CVE-1999-1461 (inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH en ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1460
+CVE-1999-1460 (BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1459
+CVE-1999-1459 (BMC PATROL Agent before 3.2.07 allows local users to gain root privile ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1458
+CVE-1999-1458 (Buffer overflow in at program in Digital UNIX 4.0 allows local users t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1457
+CVE-1999-1457 (Buffer overflow in thttpd HTTP server before 2.04-31 allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1454
+CVE-1999-1454 (Macromedia "The Matrix" screen saver on Windows 95 with the "Password  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1453
+CVE-1999-1453 (Internet Explorer 4 allows remote attackers (malicious web site operat ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1451
+CVE-1999-1451 (The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remo ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1450
+CVE-1999-1450 (Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX Ope ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1449
+CVE-1999-1449 (SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1448
+CVE-1999-1448 (Eudora and Eudora Light before 3.05 allows remote attackers to cause a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1447
+CVE-1999-1447 (Internet Explorer 4.0 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1446
+CVE-1999-1446 (Internet Explorer 3 records a history of all URL's that are visited by ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1445
+CVE-1999-1445 (Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1444
+CVE-1999-1444 (genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1443
+CVE-1999-1443 (Micah Software Full Armor Network Configurator and Zero Administration ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1442
+CVE-1999-1442 (Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1441
+CVE-1999-1441 (Linux 2.0.34 does not properly prevent users from sending SIGIO signal ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1440
+CVE-1999-1440 (Win32 ICQ 98a 1.30, and possibly other versions, does not display the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1439
+CVE-1999-1439 (gcc 2.7.2 allows local users to overwrite arbitrary files via a symlin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1438
+CVE-1999-1438 (Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1436
+CVE-1999-1436 (Ray Chan WWW Authorization Gateway 0.1 CGI program allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1435
+CVE-1999-1435 (Buffer overflow in libsocks5 library of Socks 5 (socks5) 1.0r5 allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1434
+CVE-1999-1434 (login in Slackware Linux 3.2 through 3.5 does not properly check for a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1431
+CVE-1999-1431 (ZAK in Appstation mode allows users to bypass the "Run only allowed ap ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1430
+CVE-1999-1430 (PIM software for Royal daVinci does not properly password-protext acce ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1429
+CVE-1999-1429 (DIT TransferPro installs devices with world-readable and world-writabl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1428
+CVE-1999-1428 (Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1427
+CVE-1999-1427 (Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1426
+CVE-1999-1426 (Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links wh ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1425
+CVE-1999-1425 (Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write pe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1424
+CVE-1999-1424 (Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1422
+CVE-1999-1422 (The default configuration of Slackware 3.4, and possibly other version ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1421
+CVE-1999-1421 (NBase switches NH208 and NH215 run a TFTP server which allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1420
+CVE-1999-1420 (NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door pa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1418
+CVE-1999-1418 (ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1417
+CVE-1999-1417 (Format string vulnerability in AnswerBook2 (AB2) web server dwhttpd 3. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1416
+CVE-1999-1416 (AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1415
+CVE-1999-1415 (Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1413
+CVE-1999-1413 (Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1412
+CVE-1999-1412 (A possible interaction between Apple MacOS X release 1.0 and Apache HT ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1410
+CVE-1999-1410 (addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1408
+CVE-1999-1408 (Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users ...)
 	NOT-FOR-US: AIX
-CVE-1999-1406
+CVE-1999-1406 (dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1405
+CVE-1999-1405 (snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory wi ...)
 	NOT-FOR-US: AIX
-CVE-1999-1404
+CVE-1999-1404 (IBM/Tivoli OPC Tracker Agent version 2 release 1 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1403
+CVE-1999-1403 (IBM/Tivoli OPC Tracker Agent version 2 release 1 creates files, direct ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1401
+CVE-1999-1401 (Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1400
+CVE-1999-1400 (The Economist screen saver 1999 with the "Password Protected" option e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1399
+CVE-1999-1399 (spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1398
+CVE-1999-1398 (Vulnerability in xfsdump in SGI IRIX may allow local users to obtain r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1396
+CVE-1999-1396 (Vulnerability in integer multiplication emulation code on SPARC archit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1395
+CVE-1999-1395 (Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 thr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1394
+CVE-1999-1394 (BSD 4.4 based operating systems, when running at security level 1, all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1393
+CVE-1999-1393 (Control Panel "Password Security" option for Apple Powerbooks allows a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1392
+CVE-1999-1392 (Vulnerability in restore0.9 installation script in NeXT 1.0a and 1.0 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1391
+CVE-1999-1391 (Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1390
+CVE-1999-1390 (suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1389
+CVE-1999-1389 (US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1388
+CVE-1999-1388 (passwd in SunOS 4.1.x allows local users to overwrite arbitrary files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1387
+CVE-1999-1387 (Windows NT 4.0 SP2 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1383
+CVE-1999-1383 ((1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain pr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1381
+CVE-1999-1381 (Buffer overflow in dbadmin CGI program 1.0.1 on Linux allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1378
+CVE-1999-1378 (dbmlparser.exe CGI guestbook program does not perform a chroot operati ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1377
+CVE-1999-1377 (Matt Wright's download.cgi 1.0 allows remote attackers to read arbitra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1376
+CVE-1999-1376 (Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extens ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1375
+CVE-1999-1375 (FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1374
+CVE-1999-1374 (perlshop.cgi shopping cart program stores sensitive customer informati ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1373
+CVE-1999-1373 (FORE PowerHub before 5.0.1 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1372
+CVE-1999-1372 (Triactive Remote Manager with Basic authentication enabled stores the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1371
+CVE-1999-1371 (Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1370
+CVE-1999-1370 (The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1369
+CVE-1999-1369 (Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaint ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1368
+CVE-1999-1368 (AV Option for MS Exchange Server option for InoculateIT 4.53, and poss ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1367
+CVE-1999-1367 (Internet Explorer 5.0 does not properly reset the username/password ca ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1366
+CVE-1999-1366 (Pegasus e-mail client 3.0 and earlier uses weak encryption to store PO ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1364
+CVE-1999-1364 (Windows NT 4.0 allows local users to cause a denial of service (crash) ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1361
+CVE-1999-1361 (Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1357
+CVE-1999-1357 (Netscape Communicator 4.04 through 4.7 (and possibly other versions) i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1355
+CVE-1999-1355 (BMC Patrol component, when installed with Compaq Insight Management Ag ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1354
+CVE-1999-1354 (E-mail client in Softarc FirstClass Internet Server 5.506 and earlier  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1353
+CVE-1999-1353 (Nosque MsgCore 2.14 stores passwords in cleartext: (1) the administrat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1352
+CVE-1999-1352 (mknod in Linux 2.2 follows symbolic links, which could allow local use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1350
+CVE-1999-1350 (ARCAD Systemhaus 0.078-5 installs critical programs and files with wor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1349
+CVE-1999-1349 (NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1348
+CVE-1999-1348 (Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable P ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1347
+CVE-1999-1347 (Xsession in Red Hat Linux 6.1 and earlier can allow local users with r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1346
+CVE-1999-1346 (PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier inc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1345
+CVE-1999-1345 (Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1344
+CVE-1999-1344 (Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1343
+CVE-1999-1343 (HTTP server for Xerox DocuColor 4 LP allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1342
+CVE-1999-1342 (ICQ ActiveList Server allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1340
+CVE-1999-1340 (Buffer overflow in faxalter in hylafax 4.0.2 allows local users to gai ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1338
+CVE-1999-1338 (Delegate proxy 5.9.3 and earlier creates files and directories in the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1334
+CVE-1999-1334 (Multiple buffer overflows in filter command in Elm 2.4 allows attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1323
+CVE-1999-1323 (Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1322
+CVE-1999-1322 (The installation of 1ArcServe Backup and Inoculan AV client modules fo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1319
+CVE-1999-1319 (Vulnerability in object server program in SGI IRIX 5.2 through 6.1 all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1315
+CVE-1999-1315 (Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1314
+CVE-1999-1314 (Vulnerability in union file system in FreeBSD 2.2 and earlier, and pos ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1313
+CVE-1999-1313 (Manual page reader (man) in FreeBSD 2.2 and earlier allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1312
+CVE-1999-1312 (Vulnerability in DEC OpenVMS VAX 5.5-2 through 5.0, and OpenVMS AXP 1. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1311
+CVE-1999-1311 (Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-1310
 	REJECTED
-CVE-1999-1308
+CVE-1999-1308 (Certain programs in HP-UX 10.20 do not properly handle large user IDs  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1307
+CVE-1999-1307 (Vulnerability in urestore in Novell UnixWare 1.1 allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1306
+CVE-1999-1306 (Cisco IOS 9.1 and earlier does not properly handle extended IP access  ...)
 	NOT-FOR-US: Cisco
-CVE-1999-1305
+CVE-1999-1305 (Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1304
+CVE-1999-1304 (Vulnerability in login in SCO UNIX 4.2 and earlier allows local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1303
+CVE-1999-1303 (Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1302
+CVE-1999-1302 (Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1300
+CVE-1999-1300 (Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1299
+CVE-1999-1299 (rcp on various Linux systems including Red Hat 4.0 allows a "nobody" u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1296
+CVE-1999-1296 (Buffer overflow in Kerberos IV compatibility libraries as used in Kerb ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1295
+CVE-1999-1295 (Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1293
+CVE-1999-1293 (mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1292
+CVE-1999-1292 (Buffer overflow in web administration feature of Kolban Webcam32 4.8.3 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1291
+CVE-1999-1291 (TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and pos ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1289
+CVE-1999-1289 (ICQ 98 beta on Windows NT leaks the internal IP address of a client in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1287
+CVE-1999-1287 (Vulnerability in Analog 3.0 and earlier allows remote attackers to rea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1286
+CVE-1999-1286 (addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1285
+CVE-1999-1285 (Linux 2.1.132 and earlier allows local users to cause a denial of serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1283
+CVE-1999-1283 (Opera 3.2.1 allows remote attackers to cause a denial of service (appl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1282
+CVE-1999-1282 (RealSystem G2 server stores the administrator password in cleartext in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1281
+CVE-1999-1281 (Development version of Breeze Network Server allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1280
+CVE-1999-1280 (Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1278
+CVE-1999-1278 (nlog CGI scripts do not properly filter shell metacharacters from the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1277
+CVE-1999-1277 (BackWeb client stores the username and password in cleartext for proxy ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1275
+CVE-1999-1275 (Lotus cc:Mail release 8 stores the postoffice password in plaintext in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1274
+CVE-1999-1274 (iPass RoamServer 3.1 creates temporary files with world-writable permi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1273
+CVE-1999-1273 (Squid Internet Object Cache 1.1.20 allows users to bypass access contr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1272
+CVE-1999-1272 (Buffer overflows in CDROM Confidence Test program (cdrom) allow local  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1271
+CVE-1999-1271 (Macromedia Dreamweaver uses weak encryption to store FTP passwords, wh ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1270
+CVE-1999-1270 (KMail in KDE 1.0 provides a PGP passphrase as a command line argument  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1269
+CVE-1999-1269 (Screen savers in KDE beta 3 allows local users to overwrite arbitrary  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1268
+CVE-1999-1268 (Vulnerability in KDE konsole allows local users to hijack or observe s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1267
+CVE-1999-1267 (KDE file manager (kfm) uses a TCP server for certain file operations,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1266
+CVE-1999-1266 (rsh daemon (rshd) generates different error messages when a valid user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1265
+CVE-1999-1265 (SMTP server in SLmail 3.1 and earlier allows remote attackers to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1264
+CVE-1999-1264 (WebRamp M3 router does not disable remote telnet or HTTP access to its ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1261
+CVE-1999-1261 (Buffer overflow in Rainbow Six Multiplayer allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1260
+CVE-1999-1260 (mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1257
+CVE-1999-1257 (Xyplex terminal server 6.0.1S1, and possibly other versions, allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1256
+CVE-1999-1256 (Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition store ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1255
+CVE-1999-1255 (Hyperseek allows remote attackers to modify the hyperseek configuratio ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1254
+CVE-1999-1254 (Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1253
+CVE-1999-1253 (Vulnerability in a kernel error handling routine in SCO OpenServer 5.0 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1252
+CVE-1999-1252 (Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1251
+CVE-1999-1251 (Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1250
+CVE-1999-1250 (Vulnerability in CGI program in the Lasso application by Blue World, a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1248
+CVE-1999-1248 (Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1247
+CVE-1999-1247 (Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1245
+CVE-1999-1245 (vacm ucd-snmp SNMP server, version 3.52, does not properly disable acc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1244
+CVE-1999-1244 (IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1242
+CVE-1999-1242 (Vulnerability in subnetconfig in HP-UX 9.01 and 9.0 allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1241
+CVE-1999-1241 (Internet Explorer, with a security setting below Medium, allows remote ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1240
+CVE-1999-1240 (Buffer overflow in cddbd CD database server allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1239
+CVE-1999-1239 (HP-UX 9.x does not properly enable the Xauthority mechanism in certain ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1238
+CVE-1999-1238 (Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1237
+CVE-1999-1237 (Multiple buffer overflows in smbvalid/smbval SMB authentication librar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1236
+CVE-1999-1236 (Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1235
+CVE-1999-1235 (Internet Explorer 5.0 records the username and password for FTP server ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1234
+CVE-1999-1234 (LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1232
+CVE-1999-1232 (Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1231
+CVE-1999-1231 (ssh 2.0.12, and possibly other versions, allows valid user names to at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1230
+CVE-1999-1230 (Quake 2 server allows remote attackers to cause a denial of service vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1229
+CVE-1999-1229 (Quake 2 server 3.13 on Linux does not properly check file permissions  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1228
+CVE-1999-1228 (Various modems that do not implement a guard time, or are configured w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1227
+CVE-1999-1227 (Ethereal allows local users to overwrite arbitrary files via a symlink ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1225
+CVE-1999-1225 (rpc.mountd on Linux, Ultrix, and possibly other operating systems, all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1224
+CVE-1999-1224 (IMAP 4.1 BETA, and possibly other versions, does not properly handle t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1221
+CVE-1999-1221 (dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1220
+CVE-1999-1220 (Majordomo 1.94.3 and earlier allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1219
+CVE-1999-1219 (Vulnerability in sgihelp in the SGI help system and print manager in I ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1218
+CVE-1999-1218 (Vulnerability in finger in Commodore Amiga UNIX 2.1p2a and earlier all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1216
+CVE-1999-1216 (Cisco routers 9.17 and earlier allow remote attackers to bypass securi ...)
 	NOT-FOR-US: Cisco
-CVE-1999-1213
+CVE-1999-1213 (Vulnerability in telnet service in HP-UX 10.30 allows attackers to cau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1212
+CVE-1999-1212 (Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1211
+CVE-1999-1211 (Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1210
+CVE-1999-1210 (xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to ov ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1207
+CVE-1999-1207 (Buffer overflow in web-admin tool in NetXRay 2.6 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1206
+CVE-1999-1206 (SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1202
+CVE-1999-1202 (StarTech (1) POP3 proxy server and (2) telnet server allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1200
+CVE-1999-1200 (Vintra SMTP MailServer allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1196
+CVE-1999-1196 (Hummingbird Exceed X version 5 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1195
+CVE-1999-1195 (NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus def ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1190
+CVE-1999-1190 (Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1187
+CVE-1999-1187 (Pine before version 3.94 allows local users to gain privileges via a s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1186
+CVE-1999-1186 (rxvt, when compiled with the PRINT_PIPE option in various Linux operat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1185
+CVE-1999-1185 (Buffer overflow in SCO mscreen allows local users to gain root privile ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1184
+CVE-1999-1184 (Buffer overflow in Elm 2.4 and earlier allows local users to gain priv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1183
+CVE-1999-1183 (System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1182
+CVE-1999-1182 (Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for L ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1180
+CVE-1999-1180 (O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1179
+CVE-1999-1179 (Vulnerability in man.sh CGI script, included in May 1998 issue of SysA ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1178
+CVE-1999-1178 (Sambar Server 4.1 beta allows remote attackers to obtain sensitive inf ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1176
+CVE-1999-1176 (Buffer overflow in cidentd ident daemon allows local users to gain roo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1174
+CVE-1999-1174 (ZIP drive for Iomega ZIP-100 disks allows attackers with physical acce ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1173
+CVE-1999-1173 (Corel Word Perfect 8 for Linux creates a temporary working directory w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1172
+CVE-1999-1172 (By design, Maximizer Enterprise 4 calendar and address book program al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1171
+CVE-1999-1171 (IPswitch WS_FTP allows local users to gain additional privileges and m ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1170
+CVE-1999-1170 (IPswitch IMail allows local users to gain additional privileges and mo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1169
+CVE-1999-1169 (nobo 1.2 allows remote attackers to cause a denial of service (crash)  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1168
+CVE-1999-1168 (install.iss installation script for Internet Security Scanner (ISS) fo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1166
+CVE-1999-1166 (Linux 2.0.37 does not properly encode the Custom segment limit, which  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1165
+CVE-1999-1165 (GNU fingerd 1.37 does not properly drop privileges before accessing us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1164
+CVE-1999-1164 (Microsoft Outlook client allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1158
+CVE-1999-1158 (Buffer overflow in (1) pluggable authentication module (PAM) on Solari ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1155
+CVE-1999-1155 (LakeWeb Mail List CGI script allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1154
+CVE-1999-1154 (LakeWeb Filemail CGI script allows remote attackers to execute arbitra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1153
+CVE-1999-1153 (HAMcards Postcard CGI script 1.0 allows remote attackers to execute ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1152
+CVE-1999-1152 (Compaq/Microcom 6000 Access Integrator does not disconnect a client af ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1151
+CVE-1999-1151 (Compaq/Microcom 6000 Access Integrator does not cause a session timeou ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1150
+CVE-1999-1150 (Livingston Portmaster routers running ComOS use the same initial seque ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1149
+CVE-1999-1149 (Buffer overflow in CSM Proxy 4.1 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1141
+CVE-1999-1141 (Ascom Timeplex router allows remote attackers to obtain sensitive info ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1135
+CVE-1999-1135 (Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root pri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1134
+CVE-1999-1134 (Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root pri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1133
+CVE-1999-1133 (HP-UX 9.x and 10.x running X windows may allow local attackers to gain ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1130
+CVE-1999-1130 (Default configuration of the search engine in Netscape Enterprise Serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1129
+CVE-1999-1129 (Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers ...)
 	NOT-FOR-US: Cisco
-CVE-1999-1128
+CVE-1999-1128 (Internet Explorer 3.01 on Windows 95 allows remote malicious web sites ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1126
+CVE-1999-1126 (Cisco Resource Manager (CRM) 1.1 and earlier creates certain files wit ...)
 	NOT-FOR-US: Cisco
-CVE-1999-1125
+CVE-1999-1125 (Oracle Webserver 2.1 and earlier runs setuid root, but the configurati ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1124
+CVE-1999-1124 (HTTP Client application in ColdFusion allows remote attackers to bypas ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1123
+CVE-1999-1123 (The installation of Sun Source (sunsrc) tapes allows local users to ga ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1113
+CVE-1999-1113 (Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1112
+CVE-1999-1112 (Buffer overflow in IrfanView32 3.07 and earlier allows attackers to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1110
+CVE-1999-1110 (Windows Media Player ActiveX object as used in Internet Explorer 5.0 r ...)
 	NOT-FOR-US: Microsoft
 CVE-1999-1108
 	REJECTED
-CVE-1999-1107
+CVE-1999-1107 (Buffer overflow in kppp in KDE allows local users to gain root access  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1106
+CVE-1999-1106 (Buffer overflow in kppp in KDE allows local users to gain root access  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1101
+CVE-1999-1101 (Kabsoftware Lydia utility uses weak encryption to store user passwords ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1097
+CVE-1999-1097 (Microsoft NetMeeting 2.1 allows one client to read the contents of ano ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1096
+CVE-1999-1096 (Buffer overflow in kscreensaver in KDE klock allows local users to gai ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1095
+CVE-1999-1095 (sort creates temporary files and follows symbolic links, which allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1092
+CVE-1999-1092 (tin 1.40 creates the .tin directory with insecure permissions, which a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1091
+CVE-1999-1091 (UNIX news readers tin and rtin create the /tmp/.tin_log file with inse ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1089
+CVE-1999-1089 (Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows loca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1088
+CVE-1999-1088 (Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1086
+CVE-1999-1086 (Novell 5 and earlier, when running over IPX with a packet signature le ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1084
+CVE-1999-1084 (The "AEDebug" registry key is installed with insecure permissions, whi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1083
+CVE-1999-1083 (Directory traversal vulnerability in Jana proxy web server 1.45 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1082
+CVE-1999-1082 (Directory traversal vulnerability in Jana proxy web server 1.40 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1081
+CVE-1999-1081 (Vulnerability in files.pl script in Novell WebServer Examples Toolkit  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1079
+CVE-1999-1079 (Vulnerability in ptrace in AIX 4.3 allows local users to gain privileg ...)
 	NOT-FOR-US: AIX
-CVE-1999-1078
+CVE-1999-1078 (WS_FTP Pro 6.0 uses weak encryption for passwords in its initializatio ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1077
+CVE-1999-1077 (Idle locking function in MacOS 9 allows local attackers to bypass the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1076
+CVE-1999-1076 (Idle locking function in MacOS 9 allows local users to bypass the pass ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1075
+CVE-1999-1075 (inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserv ...)
 	NOT-FOR-US: AIX
-CVE-1999-1073
+CVE-1999-1073 (Excite for Web Servers (EWS) 1.1 records the first two characters of a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1072
+CVE-1999-1072 (Excite for Web Servers (EWS) 1.1 allows local users to gain privileges ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1071
+CVE-1999-1071 (Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1070
+CVE-1999-1070 (Buffer overflow in ping CGI program in Xylogics Annex terminal service ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1069
+CVE-1999-1069 (Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1068
+CVE-1999-1068 (Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1067
+CVE-1999-1067 (SGI MachineInfo CGI program, installed by default on some web servers, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1066
+CVE-1999-1066 (Quake 1 server responds to an initial UDP game connection request with ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1065
+CVE-1999-1065 (Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1064
+CVE-1999-1064 (Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1063
+CVE-1999-1063 (CDomain whois_raw.cgi whois CGI script allows remote attackers to exec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1062
+CVE-1999-1062 (HP Laserjet printers with JetDirect cards, when configured with TCP/IP ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1061
+CVE-1999-1061 (HP Laserjet printers with JetDirect cards, when configured with TCP/IP ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1060
+CVE-1999-1060 (Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1058
+CVE-1999-1058 (Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-1056
 	REJECTED
-CVE-1999-1054
+CVE-1999-1054 (The default configuration of FLEXlm license manager 6.0d, and possibly ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1053
+CVE-1999-1053 (guestbook.pl cleanses user-inserted SSI commands by removing text betw ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1052
+CVE-1999-1052 (Microsoft FrontPage stores form results in a default location in /_pri ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1051
+CVE-1999-1051 (Default configuration in Matt Wright FormHandler.cgi script allows arb ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1050
+CVE-1999-1050 (Directory traversal vulnerability in Matt Wright FormHandler.cgi scrip ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1049
+CVE-1999-1049 (ARCserve NT agents use weak encryption (XOR) for passwords, which allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1046
+CVE-1999-1046 (Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1043
+CVE-1999-1043 (Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) mal ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1042
+CVE-1999-1042 (Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log fi ...)
 	NOT-FOR-US: Cisco
-CVE-1999-1041
+CVE-1999-1041 (Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1040
+CVE-1999-1040 (Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1039
+CVE-1999-1039 (Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 22 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1038
+CVE-1999-1038 (Tiger 2.2.3 allows local users to overwrite arbitrary files via a syml ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1036
+CVE-1999-1036 (COPS 1.04 allows local users to overwrite or create arbitrary files vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1033
+CVE-1999-1033 (Microsoft Outlook Express before 4.72.3612.1700 allows a malicious use ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1031
+CVE-1999-1031 (counter.exe 2.70 allows a remote attacker to cause a denial of service ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1030
+CVE-1999-1030 (counter.exe 2.70 allows a remote attacker to cause a denial of service ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1029
+CVE-1999-1029 (SSH server (sshd2) before 2.0.12 does not properly record login attemp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1026
+CVE-1999-1026 (aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1025
+CVE-1999-1025 (CDE screen lock program (screenlock) on Solaris 2.6 does not properly  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1024
+CVE-1999-1024 (ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1023
+CVE-1999-1023 (useradd in Solaris 7.0 does not properly interpret certain date format ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1022
+CVE-1999-1022 (serial_ports administrative program in IRIX 4.x and 5.x trusts the use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1020
+CVE-1999-1020 (The installation of Novell Netware NDS 5.99 provides an unauthenticate ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1018
+CVE-1999-1018 (IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1017
+CVE-1999-1017 (Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1016
+CVE-1999-1016 (Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) Front ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-1015
+CVE-1999-1015 (Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1013
+CVE-1999-1013 (named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group t ...)
 	NOT-FOR-US: AIX
-CVE-1999-1012
+CVE-1999-1012 (SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other ope ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1009
+CVE-1999-1009 (The Disney Go Express Search allows remote attackers to access and mod ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1006
+CVE-1999-1006 (Groupwise web server GWWEB.EXE allows remote attackers to determine th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1003
+CVE-1999-1003 (War FTP Daemon 1.70 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-1002
+CVE-1999-1002 (Netscape Navigator uses weak encryption for storing a user's Netscape  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0993
+CVE-1999-0993 (Modifications to ACLs (Access Control Lists) in Microsoft Exchange  5. ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0990
+CVE-1999-0990 (Error messages generated by gdm with the VerboseAuth setting allows an ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0988
+CVE-1999-0988 (UnixWare pkgtrans allows local users to read arbitrary files via a sym ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0985
+CVE-1999-0985 (CC Whois program whois.cgi allows remote attackers to execute commands ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0984
+CVE-1999-0984 (Matt's Whois program whois.cgi allows remote attackers to execute comm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0983
+CVE-1999-0983 (Whois Internic Lookup program whois.cgi allows remote attackers to exe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0970
+CVE-1999-0970 (The OmniHTTPD visadmin.exe program allows a remote attacker to conduct ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0952
+CVE-1999-0952 (Buffer overflow in Solaris lpstat via class argument allows local user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0949
+CVE-1999-0949 (Buffer overflow in canuum program for Canna input system allows local  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0948
+CVE-1999-0948 (Buffer overflow in uum program for Canna input system allows local use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0944
+CVE-1999-0944 (IBM WebSphere ikeyman tool uses weak encryption to store a password fo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0941
+CVE-1999-0941 (Mutt mail client allows a remote attacker to execute commands via shel ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0929
+CVE-1999-0929 (Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0926
+CVE-1999-0926 (Apache allows remote attackers to conduct a denial of service via a la ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0925
+CVE-1999-0925 (UnityMail allows remote attackers to conduct a denial of service via a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0923
+CVE-1999-0923 (Sample runnable code snippets in ColdFusion Server 4.0 allow remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0919
+CVE-1999-0919 (A memory leak in a Motorola CableRouter allows remote attackers to con ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0913
+CVE-1999-0913 (dfire.cgi script in Dragon-Fire IDS allows remote users to execute com ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0911
+CVE-1999-0911 (Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0910
+CVE-1999-0910 (Microsoft Site Server and Commercial Internet System (MCIS) do not set ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0885
+CVE-1999-0885 (Alibaba web server allows remote attackers to execute commands via a p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0882
+CVE-1999-0882 (Falcon web server allows remote attackers to determine the absolute pa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0872
+CVE-1999-0872 (Buffer overflow in Vixie cron allows local users to gain root access v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0863
+CVE-1999-0863 (Buffer overflow in FreeBSD seyon via HOME environmental variable, -emu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0862
+CVE-1999-0862 (Insecure directory permissions in RPM distribution for PostgreSQL allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0860
+CVE-1999-0860 (Solaris chkperm allows local users to read files owned by bin via the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0857
+CVE-1999-0857 (FreeBSD gdc program allows local users to modify files via a symlink a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0855
+CVE-1999-0855 (Buffer overflow in FreeBSD gdc program. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0852
+CVE-1999-0852 (IBM WebSphere sets permissions that allow a local user to modify a dei ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0850
+CVE-1999-0850 (The default permissions for Endymion MailMan allow local users to read ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0846
+CVE-1999-0846 (Denial of service in MDaemon 2.7 via a large number of connection atte ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0845
+CVE-1999-0845 (Buffer overflow in SCO su program allows local users to gain root acce ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0844
+CVE-1999-0844 (Denial of service in MDaemon WorldClient and WebConfig services via a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0843
+CVE-1999-0843 (Denial of service in Cisco routers running NAT via a PORT command from ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0841
+CVE-1999-0841 (Buffer overflow in CDE mailtool allows local users to gain root privil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0840
+CVE-1999-0840 (Buffer overflow in CDE dtmail and dtmailpr programs allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0830
+CVE-1999-0830 (Buffer overflow in SCO UnixWare Xsco command via a long argument. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0829
+CVE-1999-0829 (HP Secure Web Console uses weak encryption. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0828
+CVE-1999-0828 (UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow loca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0827
+CVE-1999-0827 (By default, Internet Explorer 5.0 and other versions enables the "Navi ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0825
+CVE-1999-0825 (The default permissions for UnixWare /var/mail allow local users to re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0822
+CVE-1999-0822 (Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AU ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0821
+CVE-1999-0821 (FreeBSD seyon allows local users to gain privileges by providing a mal ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0818
+CVE-1999-0818 (Buffer overflow in Solaris kcms_configure via a long NETPATH environme ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0816
+CVE-1999-0816 (The Motorola CableRouter allows any remote user to connect to and conf ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0808
+CVE-1999-0808 (Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0805
+CVE-1999-0805 (Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and ea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0798
+CVE-1999-0798 (Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0795
+CVE-1999-0795 (The NIS+ rpc.nisd server allows remote attackers to execute certain RP ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0792
+CVE-1999-0792 (ROUTERmate has a default SNMP community name which allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0784
+CVE-1999-0784 (Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0776
+CVE-1999-0776 (Alibaba HTTP server allows remote attackers to read files via a .. (do ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0767
+CVE-1999-0767 (Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0757
+CVE-1999-0757 (The ColdFusion CFCRYPT program for encrypting CFML templates has weak  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0750
+CVE-1999-0750 (Hotmail allows Javascript to be executed via the HTML STYLE tag, allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0748
+CVE-1999-0748 (Buffer overflows in Red Hat net-tools package. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0741
+CVE-1999-0741 (QMS CrownNet Unix Utilities for 2060 allows root to log on without a p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0739
+CVE-1999-0739 (The codebrws.asp sample file in IIS and Site Server allows remote atta ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0738
+CVE-1999-0738 (The code.asp sample file in IIS and Site Server allows remote attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0737
+CVE-1999-0737 (The viewcode.asp sample file in IIS and Site Server allows remote atta ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0736
+CVE-1999-0736 (The showcode.asp sample file in IIS and Site Server allows remote atta ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0712
+CVE-1999-0712 (A vulnerability in Caldera Open Administration System (COAS) allows th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0698
+CVE-1999-0698 (Denial of service in IP protocol logger (ippl) on Red Hat and Debian L ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0684
+CVE-1999-0684 (Denial of service in Sendmail 8.8.6 in HPUX. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0677
+CVE-1999-0677 (The WebRamp web administration utility has a default password. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0673
+CVE-1999-0673 (Buffer overflow in ALMail32 POP3 client via From: or To: headers. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0670
+CVE-1999-0670 (Buffer overflow in the Eyedog ActiveX control allows a remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0669
+CVE-1999-0669 (The Eyedog ActiveX control is marked as "safe for scripting" for Inter ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0667
+CVE-1999-0667 (The ARP protocol allows any host to spoof ARP replies and poison the A ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0665
+CVE-1999-0665 (An application-critical Windows NT registry key has an inappropriate v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0664
+CVE-1999-0664 (An application-critical Windows NT registry key has inappropriate perm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0663
+CVE-1999-0663 (A system-critical program, library, or file has a checksum or other in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0662
+CVE-1999-0662 (A system-critical program or library does not have the appropriate pat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0661
+CVE-1999-0661 (A system is running a version of software that was replaced with a Tro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0660
 	REJECTED
@@ -2631,21 +2631,21 @@ CVE-1999-0659
 	REJECTED
 CVE-1999-0658
 	REJECTED
-CVE-1999-0657
+CVE-1999-0657 (WinGate is being used. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0656
+CVE-1999-0656 (The ugidd RPC interface, by design, allows remote attackers to enumera ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0655
 	REJECTED
-CVE-1999-0654
+CVE-1999-0654 (The OS/2 or POSIX subsystem in NT is enabled. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0653
+CVE-1999-0653 (A component service related to NIS+ is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0652
 	REJECTED
-CVE-1999-0651
+CVE-1999-0651 (The rsh/rlogin service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0650
+CVE-1999-0650 (The netstat service is running, which provides sensitive information t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0649
 	REJECTED
@@ -2663,35 +2663,35 @@ CVE-1999-0643
 	REJECTED
 CVE-1999-0642
 	REJECTED
-CVE-1999-0641
+CVE-1999-0641 (The UUCP service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0640
+CVE-1999-0640 (The Gopher service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0639
+CVE-1999-0639 (The chargen service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0638
+CVE-1999-0638 (The daytime service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0637
+CVE-1999-0637 (The systat service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0636
+CVE-1999-0636 (The discard service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0635
+CVE-1999-0635 (The echo service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0634
 	REJECTED
 CVE-1999-0633
 	REJECTED
-CVE-1999-0632
+CVE-1999-0632 (The RPC portmapper service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0631
 	REJECTED
-CVE-1999-0630
+CVE-1999-0630 (The NT Alerter and Messenger services are running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0629
+CVE-1999-0629 (The ident/identd service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0625
+CVE-1999-0625 (The rpc.rquotad service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0624
+CVE-1999-0624 (The rstat/rstatd service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0623
 	REJECTED
@@ -2703,7 +2703,7 @@ CVE-1999-0620
 	REJECTED
 CVE-1999-0619
 	REJECTED
-CVE-1999-0618
+CVE-1999-0618 (The rexec service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0617
 	REJECTED
@@ -2713,451 +2713,451 @@ CVE-1999-0615
 	REJECTED
 CVE-1999-0614
 	REJECTED
-CVE-1999-0613
+CVE-1999-0613 (The rpc.sprayd service is running. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0611
+CVE-1999-0611 (A system-critical Windows NT registry key has an inappropriate value. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0610
+CVE-1999-0610 (An incorrect configuration of the Webcart CGI program could disclose p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0609
+CVE-1999-0609 (An incorrect configuration of the SoftCart CGI program "SoftCart.exe"  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0607
+CVE-1999-0607 (quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0606
+CVE-1999-0606 (An incorrect configuration of the EZMall 2000 shopping cart  CGI progr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0605
+CVE-1999-0605 (An incorrect configuration of the Order Form 1.0 shopping cart  CGI pr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0604
+CVE-1999-0604 (An incorrect configuration of the WebStore 1.0 shopping cart CGI progr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0603
+CVE-1999-0603 (In Windows NT, an inappropriate user is a member of a group, e.g. Admi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0602
+CVE-1999-0602 (A network intrusion detection system (IDS) does not properly reassembl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0601
+CVE-1999-0601 (A network intrusion detection system (IDS) does not properly handle da ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0600
+CVE-1999-0600 (A network intrusion detection system (IDS) does not verify the checksu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0599
+CVE-1999-0599 (A network intrusion detection system (IDS) does not properly handle pa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0598
+CVE-1999-0598 (A network intrusion detection system (IDS) does not properly handle pa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0597
+CVE-1999-0597 (A Windows NT account policy does not forcibly disconnect remote users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0596
+CVE-1999-0596 (A Windows NT log file has an inappropriate maximum size or retention p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0595
+CVE-1999-0595 (A Windows NT system does not clear the system page file during shutdow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0594
+CVE-1999-0594 (A Windows NT system does not restrict access to removable media drives ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0593
+CVE-1999-0593 (The default setting for the Winlogon key entry ShutdownWithoutLogon in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0592
+CVE-1999-0592 (The Logon box of a Windows NT system displays the name of the last use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0591
+CVE-1999-0591 (An event log in Windows NT has inappropriate access permissions. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0590
+CVE-1999-0590 (A system does not present an appropriate legal message or warning to a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0589
+CVE-1999-0589 (A system-critical Windows NT registry key has inappropriate permission ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0588
+CVE-1999-0588 (A filter in a router or firewall allows unusual fragmented packets. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0587
+CVE-1999-0587 (A WWW server is not running in a restricted file system, e.g. through  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0586
+CVE-1999-0586 (A network service is running on a nonstandard port. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0585
+CVE-1999-0585 (A Windows NT administrator account has the default name of Administrat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0584
+CVE-1999-0584 (A Windows NT file system is not NTFS. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0583
+CVE-1999-0583 (There is a one-way or two-way trust relationship between Windows NT do ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0582
+CVE-1999-0582 (A Windows NT account policy has inappropriate, security-critical setti ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0581
+CVE-1999-0581 (The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, sy ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0580
+CVE-1999-0580 (The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0579
+CVE-1999-0579 (A Windows NT system's registry audit policy does not log an event succ ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0578
+CVE-1999-0578 (A Windows NT system's registry audit policy does not log an event succ ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0577
+CVE-1999-0577 (A Windows NT system's file audit policy does not log an event success  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0576
+CVE-1999-0576 (A Windows NT system's file audit policy does not log an event success  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0575
+CVE-1999-0575 (A Windows NT system's user audit policy does not log an event success  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0572
+CVE-1999-0572 (.reg files are associated with the Windows NT registry editor (regedit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0571
+CVE-1999-0571 (A router's configuration service or management interface (such as a we ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0570
+CVE-1999-0570 (Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0569
+CVE-1999-0569 (A URL for a WWW directory allows auto-indexing, which provides a list  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0568
+CVE-1999-0568 (rpc.admind in Solaris is not running in a secure mode. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0565
+CVE-1999-0565 (A Sendmail alias allows input to be piped to a program. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0564
+CVE-1999-0564 (An attacker can force a printer to print arbitrary documents (e.g. if  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0562
+CVE-1999-0562 (The registry in Windows NT can be accessed remotely by users who are n ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0561
+CVE-1999-0561 (IIS has the #exec function enabled for Server Side Include (SSI) files ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0560
+CVE-1999-0560 (A system-critical Windows NT file or directory has inappropriate permi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0559
+CVE-1999-0559 (A system-critical Unix file or directory has inappropriate permissions ...)
 	- webmin 1.160-1
-CVE-1999-0556
+CVE-1999-0556 (Two or more Unix accounts have the same UID. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0555
+CVE-1999-0555 (A Unix account with a name other than "root" has UID 0, i.e. root priv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0554
+CVE-1999-0554 (NFS exports system-critical data to the world, e.g. / or a password fi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0550
+CVE-1999-0550 (A router's routing tables can be obtained from arbitrary hosts. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0549
+CVE-1999-0549 (Windows NT automatically logs in an administrator upon rebooting. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0548
+CVE-1999-0548 (A superfluous NFS server is running, but it is not importing or export ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0547
+CVE-1999-0547 (An SSH server allows authentication through the .rhosts file. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0546
+CVE-1999-0546 (The Windows NT guest account is enabled. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0541
+CVE-1999-0541 (A password for accessing a WWW URL is guessable. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0539
+CVE-1999-0539 (A trust relationship exists between two Unix hosts. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0537
+CVE-1999-0537 (A configuration in a web browser such as Internet Explorer or Netscape ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0535
+CVE-1999-0535 (A Windows NT account policy for passwords has inappropriate, security- ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0534
+CVE-1999-0534 (A Windows NT user has inappropriate rights or privileges, e.g. Act as  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0533
+CVE-1999-0533 (A DNS server allows inverse queries. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0532
+CVE-1999-0532 (A DNS server allows zone transfers. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0531
 	REJECTED
-CVE-1999-0530
+CVE-1999-0530 (A system is operating in "promiscuous" mode which allows it to perform ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0529
+CVE-1999-0529 (A router or firewall forwards packets that claim to come from IANA res ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0528
+CVE-1999-0528 (A router or firewall forwards external packets that claim to come from ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0527
+CVE-1999-0527 (The permissions for system-critical data in an anonymous FTP account a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0525
+CVE-1999-0525 (IP traceroute is allowed from arbitrary hosts. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0524
+CVE-1999-0524 (ICMP information such as (1) netmask and (2) timestamp is allowed from ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0523
+CVE-1999-0523 (ICMP echo (ping) is allowed from arbitrary hosts. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0522
+CVE-1999-0522 (The permissions for a system-critical NIS+ table (e.g. passwd) are ina ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0521
+CVE-1999-0521 (An NIS domain name is easily guessable. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0520
+CVE-1999-0520 (A system-critical NETBIOS/SMB share has inappropriate access control. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0519
+CVE-1999-0519 (A NETBIOS/SMB share password is the default, null, or missing. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0518
+CVE-1999-0518 (A NETBIOS/SMB share password is guessable. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0517
+CVE-1999-0517 (An SNMP community name is the default (e.g. public), null, or missing. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0516
+CVE-1999-0516 (An SNMP community name is guessable. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0515
+CVE-1999-0515 (An unrestricted remote trust relationship for Unix systems has been se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0512
+CVE-1999-0512 (A mail server is explicitly configured to allow SMTP mail relay, which ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0511
+CVE-1999-0511 (IP forwarding is enabled on a machine which is not a router or firewal ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0510
+CVE-1999-0510 (A router or firewall allows source routed packets from arbitrary hosts ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0509
+CVE-1999-0509 (Perl, sh, csh, or other shell interpreters are installed in the cgi-bi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0508
+CVE-1999-0508 (An account on a router, firewall, or other network device has a defaul ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0507
+CVE-1999-0507 (An account on a router, firewall, or other network device has a guessa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0506
+CVE-1999-0506 (A Windows NT domain user or administrator account has a default, null, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0505
+CVE-1999-0505 (A Windows NT domain user or administrator account has a guessable pass ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0504
+CVE-1999-0504 (A Windows NT local user or administrator account has a default, null,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0503
+CVE-1999-0503 (A Windows NT local user or administrator account has a guessable passw ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0502
+CVE-1999-0502 (A Unix account has a default, null, blank, or missing password. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0501
+CVE-1999-0501 (A Unix account has a guessable password. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0499
+CVE-1999-0499 (NETBIOS share information may be published through SNMP registry keys  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0498
+CVE-1999-0498 (TFTP is not running in a restricted directory, allowing a remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0497
+CVE-1999-0497 (Anonymous FTP is enabled. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0495
+CVE-1999-0495 (A remote attacker can gain access to a file system using ..  (dot dot) ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0492
+CVE-1999-0492 (The ffingerd 1.19 allows remote attackers to identify users on the tar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0490
+CVE-1999-0490 (MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0489
+CVE-1999-0489 (MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0488
+CVE-1999-0488 (Internet Explorer 4.0 and 5.0 allows a remote attacker to execute secu ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0486
+CVE-1999-0486 (Denial of service in AOL Instant Messenger when a remote attacker send ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0480
+CVE-1999-0480 (Local attackers can conduct a denial of service in Midnight Commander  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0477
+CVE-1999-0477 (The Expression Evaluator in the ColdFusion Application Server allows a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0476
+CVE-1999-0476 (A weak encryption algorithm is used for passwords in SCO TermVision, a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0469
+CVE-1999-0469 (Internet Explorer 5.0 allows window spoofing, allowing a remote attack ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0467
+CVE-1999-0467 (The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0465
+CVE-1999-0465 (Remote attackers can crash Lynx and Internet Explorer using an IMG tag ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0462
+CVE-1999-0462 (suidperl in Linux Perl does not check the nosuid mount option on file  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0461
+CVE-1999-0461 (Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0460
+CVE-1999-0460 (Buffer overflow in Linux autofs module through long directory names al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0459
+CVE-1999-0459 (Local users can perform a denial of service in Alpha Linux, using MILO ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0455
+CVE-1999-0455 (The Expression Evaluator sample application in ColdFusion allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0454
+CVE-1999-0454 (A remote attacker can sometimes identify the operating system of a hos ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0453
+CVE-1999-0453 (An attacker can identify a CISCO device by sending a SYN packet to por ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0452
+CVE-1999-0452 (A service or application has a backdoor password that was placed there ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0451
+CVE-1999-0451 (Denial of service in Linux 2.0.36 allows local users to prevent any se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0450
+CVE-1999-0450 (In IIS, an attacker could determine a real path using a request for a  ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0444
+CVE-1999-0444 (Remote attackers can perform a denial of service in Windows machines u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0443
+CVE-1999-0443 (Patrol management software allows a remote attacker to conduct a repla ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0435
+CVE-1999-0435 (MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain ...)
 	NOT-FOR-US: HP-UX
-CVE-1999-0434
+CVE-1999-0434 (XFree86 xfs command is vulnerable to a symlink attack, allowing local  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0431
+CVE-1999-0431 (Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0427
+CVE-1999-0427 (Eudora 4.1 allows remote attackers to perform a denial of service by s ...)
 	NOT-FOR-US: Eudora
-CVE-1999-0426
+CVE-1999-0426 (The default permissions of /dev/kmem in Linux versions before 2.0.36 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0419
+CVE-1999-0419 (When the Microsoft SMTP service attempts to send a message to a server ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0418
+CVE-1999-0418 (Denial of service in SMTP applications such as Sendmail, when a remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0411
+CVE-1999-0411 (Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p,  ...)
 	NOT-FOR-US: SCO
-CVE-1999-0406
+CVE-1999-0406 (Digital Unix Networker program nsralist has a buffer overflow which al ...)
 	NOT-FOR-US: DEC UNIX
-CVE-1999-0401
+CVE-1999-0401 (A race condition in Linux 2.2.1 allows local users to read arbitrary m ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0400
+CVE-1999-0400 (Denial of service in Linux 2.2.0 running the ldd command on a core fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0399
+CVE-1999-0399 (The DCC server command in the Mirc 5.5 client doesn't filter character ...)
 	NOT-FOR-US: Mirc
-CVE-1999-0398
+CVE-1999-0398 (In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0397
+CVE-1999-0397 (The demo version of the Quakenbush NT Password Appraiser sends passwor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0394
+CVE-1999-0394 (DPEC Online Courseware allows an attacker to change another user's pas ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0389
+CVE-1999-0389 (Buffer overflow in the bootp server in the Debian Linux netstd package ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0381
+CVE-1999-0381 (super 3.11.6 and other versions have a buffer overflow in the syslog u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0370
+CVE-1999-0370 (In Sun Solaris and SunOS, man and catman contain vulnerabilities that  ...)
 	NOT-FOR-US: Sun
-CVE-1999-0364
+CVE-1999-0364 (Microsoft Access 97 stores a database password as plaintext in a forei ...)
 	NOT-FOR-US: Microsoft
-CVE-1999-0361
+CVE-1999-0361 (NetWare version of LaserFiche stores usernames and passwords unencrypt ...)
 	NOT-FOR-US: NetWare
-CVE-1999-0360
+CVE-1999-0360 (MS Site Server 2.0 with IIS 4 can allow users to upload content, inclu ...)
 	NOT-FOR-US: Windows
-CVE-1999-0359
+CVE-1999-0359 (ptylogin in Unix systems allows users to perform a denial of service b ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0356
+CVE-1999-0356 (ControlIT v4.5 and earlier uses weak encryption to store usernames and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0354
+CVE-1999-0354 (Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution o ...)
 	NOT-FOR-US: Windows
-CVE-1999-0352
+CVE-1999-0352 (ControlIT 4.5 and earlier (aka Remotely Possible) has weak password en ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0347
+CVE-1999-0347 (Internet Explorer 4.01 allows remote attackers to read local files and ...)
 	NOT-FOR-US: Windows
-CVE-1999-0345
+CVE-1999-0345 (Jolt ICMP attack causes a denial of service in Windows 95 and Windows  ...)
 	NOT-FOR-US: Windows
-CVE-1999-0336
+CVE-1999-0336 (Buffer overflow in mstm in HP-UX allows local users to gain root acces ...)
 	NOT-FOR-US: HP
-CVE-1999-0333
+CVE-1999-0333 (HP OpenView Omniback allows remote execution of commands as root via s ...)
 	NOT-FOR-US: HP
-CVE-1999-0331
+CVE-1999-0331 (Buffer overflow in Internet Explorer 4.0(1). ...)
 	NOT-FOR-US: Windows
-CVE-1999-0330
+CVE-1999-0330 (Linux bdash game has a buffer overflow that allows local users to gain ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0319
+CVE-1999-0319 (Buffer overflow in xmcd 2.1 allows local users to gain access through  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0317
+CVE-1999-0317 (Buffer overflow in Linux su command gives root access to local users. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0307
+CVE-1999-0307 (Buffer overflow in HP-UX cstm program allows local users to gain root  ...)
 	NOT-FOR-US: HP
-CVE-1999-0306
+CVE-1999-0306 (buffer overflow in HP xlock program. ...)
 	NOT-FOR-US: HP
-CVE-1999-0298
+CVE-1999-0298 (ypbind with -ypset and -ypsetme options activated in Linux Slackware a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0287
+CVE-1999-0287 (Vulnerability in the Wguest CGI program. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0286
+CVE-1999-0286 (In some NT web servers, appending a space at the end of a URL may allo ...)
 	NOT-FOR-US: Windows
-CVE-1999-0285
+CVE-1999-0285 (Denial of service in telnet from the Windows NT Resource Kit, by openi ...)
 	NOT-FOR-US: Windows
-CVE-1999-0284
+CVE-1999-0284 (Denial of service to NT mail servers including Ipswitch, Mdaemon, and  ...)
 	NOT-FOR-US: Windows
-CVE-1999-0283
+CVE-1999-0283 (The Java Web Server would allow remote users to obtain the source code ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0282
 	REJECTED
-CVE-1999-0271
+CVE-1999-0271 (Progressive Networks Real Video server (pnserver) can be crashed remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0261
+CVE-1999-0261 (Netmanager Chameleon SMTPd has several buffer overflows that cause a c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0258
+CVE-1999-0258 (Bonk variation of teardrop IP fragmentation denial of service. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0257
+CVE-1999-0257 (Nestea variation of teardrop IP fragmentation denial of service. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0255
+CVE-1999-0255 (Buffer overflow in ircd allows arbitrary command execution. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0254
+CVE-1999-0254 (A hidden SNMP community string in HP OpenView allows remote attackers  ...)
 	NOT-FOR-US: HP
-CVE-1999-0253
+CVE-1999-0253 (IIS 3.0 with the iis-fix hotfix installed allows remote intruders to r ...)
 	NOT-FOR-US: Windows
-CVE-1999-0250
+CVE-1999-0250 (Denial of service in Qmail through long SMTP commands. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0249
+CVE-1999-0249 (Windows NT RSHSVC program allows remote users to execute arbitrary com ...)
 	NOT-FOR-US: Windows
-CVE-1999-0246
+CVE-1999-0246 (HP Remote Watch allows a remote user to gain root access. ...)
 	NOT-FOR-US: HP
-CVE-1999-0243
+CVE-1999-0243 (Linux cfingerd could be exploited to gain root access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0242
+CVE-1999-0242 (Remote attackers can access mail files via POP3 in some Linux systems  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0241
+CVE-1999-0241 (Guessable magic cookies in X Windows allows remote attackers to execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0240
+CVE-1999-0240 (Some filters or firewalls allow fragmented SYN packets with IP reserve ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0238
+CVE-1999-0238 (php.cgi allows attackers to read any file on the system. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0235
+CVE-1999-0235 (Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote acces ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0232
+CVE-1999-0232 (Buffer overflow in NCSA WebServer (version 1.5c) gives remote access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0231
+CVE-1999-0231 (Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 package ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0229
+CVE-1999-0229 (Denial of service in Windows NT IIS server using ..\.. ...)
 	NOT-FOR-US: Windows
-CVE-1999-0226
+CVE-1999-0226 (Windows NT TCP/IP processes fragmented IP packets improperly, causing  ...)
 	NOT-FOR-US: Windows
-CVE-1999-0222
+CVE-1999-0222 (Denial of service in Cisco IOS web server allows attackers to reboot t ...)
 	NOT-FOR-US: Cisco
-CVE-1999-0220
+CVE-1999-0220 (Attackers can do a denial of service of IRC by crashing the server. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0216
+CVE-1999-0216 (Denial of service of inetd on Linux through SYN and RST packets. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0213
+CVE-1999-0213 (libnsl in Solaris allowed an attacker to perform a denial of service o ...)
 	NOT-FOR-US: Solaris
-CVE-1999-0205
+CVE-1999-0205 (Denial of service in Sendmail 8.6.11 and 8.6.12. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0200
+CVE-1999-0200 (Windows NT FTP server (WFTP) with the guest account enabled without a  ...)
 	NOT-FOR-US: Windows
-CVE-1999-0198
+CVE-1999-0198 (finger .@host on some systems may print information on some user accou ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0197
+CVE-1999-0197 (finger 0@host on some systems may print information on some user accou ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0195
+CVE-1999-0195 (Denial of service in RPC portmapper allows attackers to register or un ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0193
+CVE-1999-0193 (Denial of service in Ascend and 3com routers, which can be rebooted by ...)
 	NOT-FOR-US: Ascend/3com
 CVE-1999-0187
 	REJECTED
-CVE-1999-0186
+CVE-1999-0186 (In Solaris, an SNMP subagent has a default community string that allow ...)
 	NOT-FOR-US: Solaris
-CVE-1999-0171
+CVE-1999-0171 (Denial of service in syslog by sending it a large number of superfluou ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0169
+CVE-1999-0169 (NFS allows attackers to read and write any file on the system by speci ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0165
+CVE-1999-0165 (NFS cache poisoning. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0163
+CVE-1999-0163 (In older versions of Sendmail, an attacker could use a pipe character  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0156
+CVE-1999-0156 (wu-ftpd FTP daemon allows any user and password combination. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0154
+CVE-1999-0154 (IIS 2.0 and 3.0 allows remote attackers to read the source code for AS ...)
 	NOT-FOR-US: Windows
-CVE-1999-0144
+CVE-1999-0144 (Denial of service in Qmail by specifying a large number of recipients  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0140
+CVE-1999-0140 (Denial of service in RAS/PPTP on NT systems. ...)
 	NOT-FOR-US: Windows
-CVE-1999-0127
+CVE-1999-0127 (swinstall and swmodify commands in SD-UX package in HP-UX systems allo ...)
 	NOT-FOR-US: HP-UX
-CVE-1999-0123
+CVE-1999-0123 (Race condition in Linux mailx command allows local users to read user  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0121
+CVE-1999-0121 (Buffer overflow in dtaction command gives root access. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0119
+CVE-1999-0119 (Windows NT 4.0 beta allows users to read and delete shares. ...)
 	NOT-FOR-US: Windows
-CVE-1999-0114
+CVE-1999-0114 (Local users can execute commands as other users, and read other users' ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-1999-0110
 	REJECTED
-CVE-1999-0107
+CVE-1999-0107 (Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0106
+CVE-1999-0106 (Finger redirection allows finger bombs. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0105
+CVE-1999-0105 (finger allows recursive searches by using a long string of @ symbols. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0104
+CVE-1999-0104 (A later variation on the Teardrop IP denial of service attack, a.k.a.  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0098
+CVE-1999-0098 (Buffer overflow in SMTP HELO command in Sendmail allows a remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0092
+CVE-1999-0092 (Various vulnerabilities in the AIX portmir command allows local users  ...)
 	NOT-FOR-US: AIX
-CVE-1999-0089
+CVE-1999-0089 (Buffer overflow in AIX libDtSvc library can allow local users to gain  ...)
 	NOT-FOR-US: AIX
-CVE-1999-0088
+CVE-1999-0088 (IRIX and AIX automountd services (autofsd) allow remote users to execu ...)
 	NOT-FOR-US: AIX
-CVE-1999-0086
+CVE-1999-0086 (AIX routed allows remote users to modify sensitive files. ...)
 	NOT-FOR-US: AIX
-CVE-1999-0078
+CVE-1999-0078 (pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0076
+CVE-1999-0076 (Buffer overflow in wu-ftp from PASV command causes a core dump. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0061
+CVE-1999-0061 (File creation and deletion, and remote execution, in the BSD line prin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0033
+CVE-1999-0033 (Command execution in Sun systems via buffer overflow in the at program ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0030
+CVE-1999-0030 (root privileges via buffer overflow in xlock command on SGI IRIX syste ...)
 	NOT-FOR-US: SGI
 CVE-1999-0020
 	REJECTED
-CVE-1999-0015
+CVE-1999-0015 (Teardrop IP denial of service. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0004
+CVE-1999-0004 (MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-1999-0001
+CVE-1999-0001 (ip_input.c in BSD-derived TCP/IP implementations allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
diff --git a/data/CVE/2000.list b/data/CVE/2000.list
index 4c78bbf5d5..db60f5b21e 100644
--- a/data/CVE/2000.list
+++ b/data/CVE/2000.list
@@ -1,4 +1,4 @@
-CVE-2000-1254
+CVE-2000-1254 (crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shif ...)
 	- openssl 0.9.6-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=db82b8f9bd432a59aea8e1014694e15fc457c2bb
 CVE-2000-1253
@@ -13,2479 +13,2479 @@ CVE-2000-1249
 	RESERVED
 CVE-2000-1248
 	RESERVED
-CVE-2000-1247
+CVE-2000-1247 (The default configuration of the jserv-status handler in jserv.conf in ...)
 	- apache <removed>
-CVE-2000-1246
+CVE-2000-1246 (NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 al ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2000-1245
+CVE-2000-1245 (Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2000-1244
+CVE-2000-1244 (Computer Associates InoculateIT Agent for Exchange Server does not rec ...)
 	NOT-FOR-US: Exchange Server
-CVE-2000-1243
+CVE-2000-1243 (Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versio ...)
 	NOT-FOR-US: Dansie Shopping Cart
-CVE-2000-1242
+CVE-2000-1242 (The HTTP service in American Power Conversion (APC) PowerChute uses a  ...)
 	NOT-FOR-US: APC PowerChute
-CVE-2000-1241
+CVE-2000-1241 (Unspecified vulnerability in Haakon Nilsen simple, integrated publishi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1240
+CVE-2000-1240 (Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22  ...)
 	NOT-FOR-US: AnyPortal
-CVE-2000-1239
+CVE-2000-1239 (The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM ...)
 	NOT-FOR-US: Tivoli
-CVE-2000-1238
+CVE-2000-1238 (BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows re ...)
 	NOT-FOR-US: BEA Weblogic
-CVE-2000-1237
+CVE-2000-1237 (The POP3 server in FTGate returns an -ERR code after receiving an inva ...)
 	NOT-FOR-US: FTGate
-CVE-2000-1236
+CVE-2000-1236 (SQL injection vulnerability in mod_sql in Oracle Internet Application  ...)
 	NOT-FOR-US: Oracle
-CVE-2000-1235
+CVE-2000-1235 (The default configurations of (1) the port listener and (2) modplsql i ...)
 	NOT-FOR-US: Oracle
-CVE-2000-1234
+CVE-2000-1234 (violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails ...)
 	NOT-FOR-US: Phorum
-CVE-2000-1233
+CVE-2000-1233 (SQL injection vulnerability in read.php3 and other scripts in Phorum 3 ...)
 	NOT-FOR-US: Phorum
-CVE-2000-1232
+CVE-2000-1232 (upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify ce ...)
 	NOT-FOR-US: Phorum
-CVE-2000-1231
+CVE-2000-1231 (code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary fi ...)
 	NOT-FOR-US: Phorum
-CVE-2000-1230
+CVE-2000-1230 (Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to acces ...)
 	NOT-FOR-US: Phorum
-CVE-2000-1229
+CVE-2000-1229 (Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum ...)
 	NOT-FOR-US: Phorum
-CVE-2000-1228
+CVE-2000-1228 (Phorum 3.0.7 allows remote attackers to change the administrator passw ...)
 	NOT-FOR-US: Phorum
-CVE-2000-1227
+CVE-2000-1227 (Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause  ...)
 	NOT-FOR-US: microsoft
-CVE-2000-1226
+CVE-2000-1226 (Snort 1.6, when running in straight ASCII packet logging mode or IDS m ...)
 	- snort 1.6.1-1
-CVE-2000-1225
+CVE-2000-1225 (Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin ...)
 	NOT-FOR-US: Xitami
-CVE-2000-1224
+CVE-2000-1224 (Caucho Technology Resin 1.2 and possibly earlier allows remote attacke ...)
 	NOT-FOR-US: Caucho Technology Resin
-CVE-2000-1223
+CVE-2000-1223 (quikstore.cgi in Quikstore Shopping Cart allows remote attackers to ex ...)
 	NOT-FOR-US: Quikstore Shopping Cart
-CVE-2000-1222
+CVE-2000-1222 (AIX sysback before 4.2.1.13 uses a relative path to find and execute t ...)
 	NOT-FOR-US: AIX
-CVE-2000-1221
+CVE-2000-1221 (The line printer daemon (lpd) in the lpr package in multiple Linux ope ...)
 	- lpr 1:0.48-1
-CVE-2000-1220
+CVE-2000-1220 (The line printer daemon (lpd) in the lpr package in multiple Linux ope ...)
 	- lpr 1:0.48-1
-CVE-2000-1219
+CVE-2000-1219 (The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not  ...)
 	- gcc-3.3 1:3.3.4-1
-CVE-2000-1218
+CVE-2000-1218 (The default configuration for the domain name resolver for Microsoft W ...)
 	NOT-FOR-US: Windows
-CVE-2000-1217
+CVE-2000-1217 (Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a  ...)
 	NOT-FOR-US: Windows
-CVE-2000-1216
+CVE-2000-1216 (Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt ...)
 	NOT-FOR-US: AIX
-CVE-2000-1215
+CVE-2000-1215 (The default configuration of Lotus Domino server 5.0.8 includes system ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2000-1212
+CVE-2000-1212 (Zope 2.2.0 through 2.2.4 does not properly protect a data updating met ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1211
+CVE-2000-1211 (Zope 2.2.0 through 2.2.4 does not properly perform security registrati ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1210
+CVE-2000-1210 (Directory traversal vulnerability in source.jsp of Apache Tomcat befor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1203
+CVE-2000-1203 (Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1200
+CVE-2000-1200 (Windows NT allows remote attackers to list all users in a domain by ob ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1196
+CVE-2000-1196 (PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1195
+CVE-2000-1195 (telnet daemon (telnetd) from the Linux netkit package before netkit-te ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1193
+CVE-2000-1193 (Performance Metrics Collector Daemon (PMCD) in Performance Copilot in  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1190
+CVE-2000-1190 (imwheel-solo in imwheel package allows local users to modify arbitrary ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1189
+CVE-2000-1189 (Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1187
+CVE-2000-1187 (Buffer overflow in the HTML parser for Netscape 4.75 and earlier allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1184
+CVE-2000-1184 (telnetd in FreeBSD 4.2 and earlier, and possibly other operating syste ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1182
+CVE-2000-1182 (WatchGuard Firebox II allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1181
+CVE-2000-1181 (Real Networks RealServer 7 and earlier allows remote attackers to obta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1180
+CVE-2000-1180 (Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1179
+CVE-2000-1179 (Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to rea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1178
+CVE-2000-1178 (Joe text editor follows symbolic links when creating a rescue copy cal ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1174
+CVE-2000-1174 (Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and ea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1171
+CVE-2000-1171 (Directory traversal vulnerability in cgiforum.pl script in CGIForum 1. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1170
+CVE-2000-1170 (Buffer overflow in Netsnap webcam HTTP server before 1.2.9 allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1169
+CVE-2000-1169 (OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1167
+CVE-2000-1167 (ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict ac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1166
+CVE-2000-1166 (Twig webmail system does not properly set the "vhosts" variable if it  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1165
+CVE-2000-1165 (Balabit syslog-ng allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1164
+CVE-2000-1164 (WinVNC installs the WinVNC3 registry key with permissions that give Sp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1163
+CVE-2000-1163 (ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental var ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1162
+CVE-2000-1162 (ghostscript before 5.10-16 allows local users to overwrite files of ot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1149
+CVE-2000-1149 (Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server a ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1148
+CVE-2000-1148 (The installation of VolanoChatPro chat server sets world-readable perm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1146
+CVE-2000-1146 (Recourse ManTrap 1.6 allows attackers to cause a denial of service via ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1145
+CVE-2000-1145 (Recourse ManTrap 1.6 allows attackers who have gained root access to u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1144
+CVE-2000-1144 (Recourse ManTrap 1.6 sets up a chroot environment to hide the fact tha ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1143
+CVE-2000-1143 (Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1142
+CVE-2000-1142 (Recourse ManTrap 1.6 generates an error when an attacker cd's to /proc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1141
+CVE-2000-1141 (Recourse ManTrap 1.6 modifies the kernel so that ".." does not appear  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1140
+CVE-2000-1140 (Recourse ManTrap 1.6 does not properly hide processes from attackers,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1139
+CVE-2000-1139 (The installation of Microsoft Exchange 2000 before Rev. A creates a us ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1137
+CVE-2000-1137 (GNU ed before 0.2-18.1 allows local users to overwrite the files of ot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1136
+CVE-2000-1136 (elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1135
+CVE-2000-1135 (fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1132
+CVE-2000-1132 (DCForum cgforum.cgi CGI script allows remote attackers to read arbitra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1131
+CVE-2000-1131 (Bill Kendrick web site guestbook (GBook) allows remote attackers to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1124
+CVE-2000-1124 (Buffer overflow in piobe command in IBM AIX 4.3.x allows local users t ...)
 	NOT-FOR-US: AIX
-CVE-2000-1123
+CVE-2000-1123 (Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may all ...)
 	NOT-FOR-US: AIX
-CVE-2000-1122
+CVE-2000-1122 (Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may a ...)
 	NOT-FOR-US: AIX
-CVE-2000-1121
+CVE-2000-1121 (Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow  ...)
 	NOT-FOR-US: AIX
-CVE-2000-1120
+CVE-2000-1120 (Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows  ...)
 	NOT-FOR-US: AIX
-CVE-2000-1119
+CVE-2000-1119 (Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows ...)
 	NOT-FOR-US: AIX
-CVE-2000-1115
+CVE-2000-1115 (Buffer overflow in remote web administration component (webprox.dll) o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1113
+CVE-2000-1113 (Buffer overflow in Microsoft Windows Media Player allows remote attack ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1112
+CVE-2000-1112 (Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1111
+CVE-2000-1111 (Telnet Service for Windows 2000 Professional does not properly termina ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1109
+CVE-2000-1109 (Midnight Commander (mc) 4.5.51 and earlier does not properly process m ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1108
+CVE-2000-1108 (cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not prop ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1107
+CVE-2000-1107 (in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1106
+CVE-2000-1106 (Trend Micro InterScan VirusWall creates an "Intscan" share to the "Int ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1101
+CVE-2000-1101 (Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.4 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1099
+CVE-2000-1099 (Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and ea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1097
+CVE-2000-1097 (The web server for the SonicWALL SOHO firewall allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1096
+CVE-2000-1096 (crontab by Paul Vixie uses predictable file names for a temporary file ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1095
+CVE-2000-1095 (modprobe in the modutils 2.3.x package on Linux systems allows a local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1094
+CVE-2000-1094 (Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1089
+CVE-2000-1089 (Buffer overflow in Microsoft Phone Book Service allows local users to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1080
+CVE-2000-1080 (Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1077
+CVE-2000-1077 (Buffer overflow in the SHTML logging functionality of iPlanet Web Serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1075
+CVE-2000-1075 (Directory traversal vulnerability in iPlanet Certificate Management Sy ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1074
+CVE-2000-1074 (csstart program in iCal 2.1 Patch 2 uses relative pathnames to install ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1073
+CVE-2000-1073 (csstart program in iCal 2.1 Patch 2 searches for the cshttpd program i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1072
+CVE-2000-1072 (iCal 2.1 Patch 2 installs many files with world-writeable permissions, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1071
+CVE-2000-1071 (The GUI installation for iCal 2.1 Patch 2 disables access control for  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1070
+CVE-2000-1070 (pollit.cgi in Poll It 2.01 and earlier uses data files that are locate ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1069
+CVE-2000-1069 (pollit.cgi in Poll It 2.01 and earlier allows remote attackers to acce ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1068
+CVE-2000-1068 (pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1061
+CVE-2000-1061 (Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1060
+CVE-2000-1060 (The default configuration of XFCE 3.5.1 bypasses the Xauthority access ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1059
+CVE-2000-1059 (The default configuration of the Xsession file in Mandrake Linux 7.1 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1058
+CVE-2000-1058 (Buffer overflow in OverView5 CGI program in HP OpenView Network Node M ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1057
+CVE-2000-1057 (Vulnerabilities in database configuration scripts in HP OpenView Netwo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1056
+CVE-2000-1056 (CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to b ...)
 	NOT-FOR-US: Cisco
-CVE-2000-1055
+CVE-2000-1055 (Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows re ...)
 	NOT-FOR-US: Cisco
-CVE-2000-1054
+CVE-2000-1054 (Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and ...)
 	NOT-FOR-US: Cisco
-CVE-2000-1051
+CVE-2000-1051 (Directory traversal vulnerability in Allaire JRun 2.3 server allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1050
+CVE-2000-1050 (Allaire JRun 3.0 http servlet server allows remote attackers to direct ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1049
+CVE-2000-1049 (Allaire JRun 3.0 http servlet server allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1047
+CVE-2000-1047 (Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1045
+CVE-2000-1045 (nss_ldap earlier than 121, when run with nscd (name service caching da ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1044
+CVE-2000-1044 (Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1043
+CVE-2000-1043 (Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlie ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1042
+CVE-2000-1042 (Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1041
+CVE-2000-1041 (Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1040
+CVE-2000-1040 (Format string vulnerability in logging function of ypbind 3.3, while r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1038
+CVE-2000-1038 (The web administration interface for IBM AS/400 Firewall allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1036
+CVE-2000-1036 (Directory traversal vulnerability in Extent RBS ISP web server allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1034
+CVE-2000-1034 (Buffer overflow in the System Monitor ActiveX control in Windows 2000  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1032
+CVE-2000-1032 (The client authentication interface for Check Point Firewall-1 4.0 and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1031
+CVE-2000-1031 (Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1027
+CVE-2000-1027 (Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine  ...)
 	NOT-FOR-US: Cisco
-CVE-2000-1026
+CVE-2000-1026 (Multiple buffer overflows in LBNL tcpdump allow remote attackers to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1024
+CVE-2000-1024 (eWave ServletExec 3.0C and earlier does not restrict access to the Upl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1022
+CVE-2000-1022 (The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier  ...)
 	NOT-FOR-US: Cisco
-CVE-2000-1019
+CVE-2000-1019 (Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1018
+CVE-2000-1018 (shred 1.0 file wiping utility does not properly open a file for overwr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1016
+CVE-2000-1016 (The default configuration of Apache (httpd.conf) on SuSE 6.4 includes  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1014
+CVE-2000-1014 (Format string vulnerability in the search97.cgi CGI script in SCO help ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1011
+CVE-2000-1011 (Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1010
+CVE-2000-1010 (Format string vulnerability in talkd in OpenBSD and possibly other BSD ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1007
+CVE-2000-1007 (I-gear 3.5.7 and earlier does not properly process log entries in whic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1006
+CVE-2000-1006 (Microsoft Exchange Server 5.5 does not properly handle a MIME header w ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1005
+CVE-2000-1005 (Directory traversal vulnerability in html_web_store.cgi and web_store. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1004
+CVE-2000-1004 (Format string vulnerability in OpenBSD photurisd allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1003
+CVE-2000-1003 (NETBIOS client in Windows 95 and Windows 98 allows a remote attacker t ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1002
+CVE-2000-1002 (POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1001
+CVE-2000-1001 (add_2_basket.asp in Element InstantShop allows remote attackers to mod ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1000
+CVE-2000-1000 (Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0996
+CVE-2000-0996 (Format string vulnerability in OpenBSD su program (and possibly other  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0995
+CVE-2000-0995 (Format string vulnerability in OpenBSD yp_passwd program (and possibly ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0994
+CVE-2000-0994 (Format string vulnerability in OpenBSD fstat program (and possibly oth ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0993
+CVE-2000-0993 (Format string vulnerability in pw_error function in BSD libutil librar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0992
+CVE-2000-0992 (Directory traversal vulnerability in scp in sshd 1.2.xx allows a remot ...)
 	{CVE-2004-0175}
 	- openssh 1:3.9p1-1 (low; bug #270770)
 	[sarge] - openssh <no-dsa> (Minor issue)
 	NOTE: Rediscoved as CVE-2004-0175, see there.
-CVE-2000-0991
+CVE-2000-0991 (Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0990
+CVE-2000-0990 (cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0989
+CVE-2000-0989 (Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0984
+CVE-2000-0984 (The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to c ...)
 	NOT-FOR-US: Cisco
-CVE-2000-0983
+CVE-2000-0983 (Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0982
+CVE-2000-0982 (Internet Explorer before 5.5 forwards cached user credentials for a se ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0981
+CVE-2000-0981 (MySQL Database Engine uses a weak authentication method which leaks in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0980
+CVE-2000-0980 (NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink do ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0979
+CVE-2000-0979 (File and Print Sharing service in Windows 95, Windows 98, and Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0978
+CVE-2000-0978 (bbd server in Big Brother System and Network Monitor before 1.5c2 allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0977
+CVE-2000-0977 (mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0976
+CVE-2000-0976 (Buffer overflow in xlib in XFree 3.3.x possibly allows local users to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0975
+CVE-2000-0975 (Directory traversal vulnerability in apexec.pl in Anaconda Foundation  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0974
+CVE-2000-0974 (GnuPG (gpg) 1.0.3 does not properly check all signatures of a file con ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0973
+CVE-2000-0973 (Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier tha ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0972
+CVE-2000-0972 (HP-UX 11.00 crontab allows local users to read arbitrary files via the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0970
+CVE-2000-0970 (IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0969
+CVE-2000-0969 (Format string vulnerability in Half Life dedicated server build 3104 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0968
+CVE-2000-0968 (Buffer overflow in Half Life dedicated server before build 3104 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0967
+CVE-2000-0967 (PHP 3 and 4 do not properly cleanse user-injected format strings, whic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0966
+CVE-2000-0966 (Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of H ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0965
+CVE-2000-0965 (The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0964
+CVE-2000-0964 (Buffer overflow in the web administration service for the HiNet LP5100 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0962
+CVE-2000-0962 (The IPSEC implementation in OpenBSD 2.7 does not properly handle empty ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0961
+CVE-2000-0961 (Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0960
+CVE-2000-0960 (The POP3 server in Netscape Messaging Server 4.15p1 generates differen ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0959
+CVE-2000-0959 (glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG enviro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0958
+CVE-2000-0958 (HotJava Browser 3.0 allows remote attackers to access the DOM of a web ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0957
+CVE-2000-0957 (The pluggable authentication module for mysql (pam_mysql) before 0.4.7 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0956
+CVE-2000-0956 (cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0953
+CVE-2000-0953 (Shambala Server 4.5 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0952
+CVE-2000-0952 (global.cgi CGI program in Global 3.55 and earlier on NetBSD allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0951
+CVE-2000-0951 (A misconfiguration in IIS 5.0 with Index Server enabled and the Index  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0949
+CVE-2000-0949 (Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0948
+CVE-2000-0948 (GnoRPM before 0.95 allows local users to modify arbitrary files via a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0947
+CVE-2000-0947 (Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0946
+CVE-2000-0946 (Compaq Easy Access Keyboard software 1.3 does not properly disable acc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0945
+CVE-2000-0945 (The web configuration interface for Catalyst 3500 XL switches allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0944
+CVE-2000-0944 (CGI Script Center News Update 1.1 does not properly validate the origi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0943
+CVE-2000-0943 (Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0942
+CVE-2000-0942 (The CiWebHitsFile component in Microsoft Indexing Services for Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0941
+CVE-2000-0941 (Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0938
+CVE-2000-0938 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a differe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0937
+CVE-2000-0937 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0936
+CVE-2000-0936 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.l ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0935
+CVE-2000-0935 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0934
+CVE-2000-0934 (Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0933
+CVE-2000-0933 (The Input Method Editor (IME) in the Simplified Chinese version of Win ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0932
+CVE-2000-0932 (MAILsweeper for SMTP 3.x does not properly handle corrupt CDA document ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0930
+CVE-2000-0930 (Pegasus Mail 3.12 allows remote attackers to read arbitrary files via  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0929
+CVE-2000-0929 (Microsoft Windows Media Player 7 allows attackers to cause a denial of ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0928
+CVE-2000-0928 (WQuinn QuotaAdvisor 4.1 allows users to list directories and files by  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0927
+CVE-2000-0927 (WQuinn QuotaAdvisor 4.1 does not properly record file sizes if they ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0926
+CVE-2000-0926 (SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0925
+CVE-2000-0925 (The default installation of SmartWin CyberOffice Shopping Cart 2 (aka  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0924
+CVE-2000-0924 (Directory traversal vulnerability in search.cgi CGI script in Armada M ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0923
+CVE-2000-0923 (authenticate.cgi CGI program in Aplio PRO allows remote attackers to e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0922
+CVE-2000-0922 (Directory traversal vulnerability in Bytes Interactive Web Shopper sho ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0921
+CVE-2000-0921 (Directory traversal vulnerability in Hassan Consulting shop.cgi shoppi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0920
+CVE-2000-0920 (Directory traversal vulnerability in BOA web server 0.94.8.2 and earli ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0919
+CVE-2000-0919 (Directory traversal vulnerability in PHPix Photo Album 1.0.2 and earli ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0917
+CVE-2000-0917 (Format string vulnerability in use_syslog() function in LPRng 3.6.24 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0915
+CVE-2000-0915 (fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0914
+CVE-2000-0914 (OpenBSD 2.6 and earlier allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0913
+CVE-2000-0913 (mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0912
+CVE-2000-0912 (MultiHTML CGI script allows remote attackers to read arbitrary files a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0911
+CVE-2000-0911 (IMP 2.2 and earlier allows attackers to read and delete arbitrary file ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0910
+CVE-2000-0910 (Horde library 1.02 allows attackers to execute arbitrary commands via  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0909
+CVE-2000-0909 (Buffer overflow in the automatic mail checking component of Pine 4.21  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0908
+CVE-2000-0908 (BrowseGate 2.80 allows remote attackers to cause a denial of service a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0901
+CVE-2000-0901 (Format string vulnerability in screen 3.9.5 and earlier allows local u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0900
+CVE-2000-0900 (Directory traversal vulnerability in ssi CGI program in thttpd 2.19 an ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0897
+CVE-2000-0897 (Small HTTP Server 2.03 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0896
+CVE-2000-0896 (WatchGuard SOHO firewall allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0895
+CVE-2000-0895 (Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0894
+CVE-2000-0894 (HTTP server on the WatchGuard SOHO firewall does not properly restrict ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0892
+CVE-2000-0892 (Some telnet clients allow remote telnet servers to request environment ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0891
+CVE-2000-0891 (A default ECL in Lotus Notes before 5.02 allows remote attackers to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0890
+CVE-2000-0890 (periodic in FreeBSD 4.1.1 and earlier, and possibly other operating sy ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0888
+CVE-2000-0888 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0887
+CVE-2000-0887 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0886
+CVE-2000-0886 (IIS 5.0 allows remote attackers to execute arbitrary commands via a ma ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0884
+CVE-2000-0884 (IIS 4.0 and 5.0 allows remote attackers to read documents outside of t ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0883
+CVE-2000-0883 (The default configuration of mod_perl for Apache as installed on Mandr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0878
+CVE-2000-0878 (The mailto CGI script allows remote attacker to execute arbitrary comm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0877
+CVE-2000-0877 (mailform.pl CGI script in MailForm 2.0 allows remote attackers to read ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0876
+CVE-2000-0876 (WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the  f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0875
+CVE-2000-0875 (WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0874
+CVE-2000-0874 (Eudora mail client includes the absolute path of the sender's host wit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0873
+CVE-2000-0873 (netstat in AIX 4.x.x does not properly restrict access to the -Zi opti ...)
 	NOT-FOR-US: AIX
-CVE-2000-0871
+CVE-2000-0871 (Buffer overflow in EFTP allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0870
+CVE-2000-0870 (Buffer overflow in EFTP allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0869
+CVE-2000-0869 (The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables W ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0868
+CVE-2000-0868 (The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0867
+CVE-2000-0867 (Kernel logging daemon (klogd) in Linux does not properly cleanse user- ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0865
+CVE-2000-0865 (Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00 allows l ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0864
+CVE-2000-0864 (Race condition in the creation of a Unix domain socket in GNOME esound ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0863
+CVE-2000-0863 (Buffer overflow in listmanager earlier than 2.105.1 allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0862
+CVE-2000-0862 (Vulnerability in an administrative interface utility for Allaire Spect ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0861
+CVE-2000-0861 (Mailman 1.1 allows list administrators to execute arbitrary commands v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0860
+CVE-2000-0860 (The file upload capability in PHP versions 3 and 4 allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0859
+CVE-2000-0859 (The web configuration server for NTMail V5 and V6 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0858
+CVE-2000-0858 (Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to c ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0856
+CVE-2000-0856 (Buffer overflow in SunFTP build 9(1) allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0854
+CVE-2000-0854 (When a Microsoft Office 2000 document is launched, the directory of th ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0853
+CVE-2000-0853 (YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0852
+CVE-2000-0852 (Multiple buffer overflows in eject on FreeBSD and possibly other OSes  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0851
+CVE-2000-0851 (Buffer overflow in the Still Image Service in Windows 2000 allows loca ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0850
+CVE-2000-0850 (Netegrity SiteMinder before 4.11 allows remote attackers to bypass its ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0849
+CVE-2000-0849 (Race condition in Microsoft Windows Media server allows remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0848
+CVE-2000-0848 (Buffer overflow in IBM WebSphere web application server (WAS) allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0847
+CVE-2000-0847 (Buffer overflow in University of Washington c-client library (used by  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0846
+CVE-2000-0846 (Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0844
+CVE-2000-0844 (Some functions that implement the locale subsystem on Unix do not  pro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0839
+CVE-2000-0839 (WinCOM LPD 1.00.90 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0838
+CVE-2000-0838 (Fastream FUR HTTP server 1.0b allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0837
+CVE-2000-0837 (FTP Serv-U 2.5e allows remote attackers to cause a denial of service b ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0834
+CVE-2000-0834 (The Windows 2000 telnet client attempts to perform NTLM authentication ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0830
+CVE-2000-0830 (annclist.exe in webTV for Windows allows remote attackers to cause a d ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0829
+CVE-2000-0829 (The tmpwatch utility in Red Hat Linux forks a new process for each dir ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0825
+CVE-2000-0825 (Ipswitch Imail 6.0 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0824
+CVE-2000-0824 (The unsetenv function in glibc 2.1.1 does not properly unset an enviro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0818
+CVE-2000-0818 (The default installation for the Oracle listener program 7.3.4, 8.0.6, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0816
+CVE-2000-0816 (Linux tmpwatch --fuser option allows local users to execute arbitrary  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0813
+CVE-2000-0813 (Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0811
+CVE-2000-0811 (Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0810
+CVE-2000-0810 (Auction Weaver 1.0 through 1.04 does not properly validate the names o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0809
+CVE-2000-0809 (Buffer overflow in Getkey in the protocol checker in the inter-module  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0808
+CVE-2000-0808 (The seed generation mechanism in the inter-module S/Key authentication ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0807
+CVE-2000-0807 (The OPSEC communications authentication mechanism (fwn1) in Check Poin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0806
+CVE-2000-0806 (The inter-module authentication mechanism (fwa1) in Check Point VPN-1/ ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0805
+CVE-2000-0805 (Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits en ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0804
+CVE-2000-0804 (Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0803
+CVE-2000-0803 (GNU Groff uses the current working directory to find a device descript ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0799
+CVE-2000-0799 (inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0797
+CVE-2000-0797 (Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0796
+CVE-2000-0796 (Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to ga ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0795
+CVE-2000-0795 (Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to ga ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0792
+CVE-2000-0792 (Gnome Lokkit firewall package before 0.41 does not properly restrict a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0790
+CVE-2000-0790 (The web-based folder display capability in Microsoft Internet Explorer ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0788
+CVE-2000-0788 (The Mail Merge tool in Microsoft Word does not prompt the user before  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0787
+CVE-2000-0787 (IRC Xchat client versions 1.4.2 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0786
+CVE-2000-0786 (GNU userv 1.0.0 and earlier does not properly perform file descriptor  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0783
+CVE-2000-0783 (Watchguard Firebox II allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0782
+CVE-2000-0782 (netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0781
+CVE-2000-0781 (uagentsetup in ARCServeIT Client Agent 6.62 does not properly check fo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0780
+CVE-2000-0780 (The web server in IPSWITCH IMail 6.04 and earlier allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0779
+CVE-2000-0779 (Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0778
+CVE-2000-0778 (IIS 5.0 allows remote attackers to obtain source code for .ASP files a ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0777
+CVE-2000-0777 (The password protection feature of Microsoft Money can store the passw ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0776
+CVE-2000-0776 (Mediahouse Statistics Server 5.02x allows remote attackers to execute  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0773
+CVE-2000-0773 (Bajie HTTP web server 0.30a allows remote attackers to read arbitrary  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0771
+CVE-2000-0771 (Microsoft Windows 2000 allows local users to cause a denial of service ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0770
+CVE-2000-0770 (IIS 4.0 and 5.0 does not properly restrict access to certain types of  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0768
+CVE-2000-0768 (A function in Internet Explorer 4.x and 5.x does not properly verify t ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0767
+CVE-2000-0767 (The ActiveX control for invoking a scriptlet in Internet Explorer 4.x  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0766
+CVE-2000-0766 (Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0765
+CVE-2000-0765 (Buffer overflow in the HTML interpreter in Microsoft Office 2000 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0764
+CVE-2000-0764 (Intel Express 500 series switches allow a remote attacker to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0763
+CVE-2000-0763 (xlockmore and xlockf do not properly cleanse user-injected format stri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0762
+CVE-2000-0762 (The default installation of eTrust Access Control (formerly SeOS) uses ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0761
+CVE-2000-0761 (OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0758
+CVE-2000-0758 (The web interface for Lyris List Manager 3 and 4 allows list subscribe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0754
+CVE-2000-0754 (Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0753
+CVE-2000-0753 (The Microsoft Outlook mail client identifies the physical path of the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0751
+CVE-2000-0751 (mopd (Maintenance Operations Protocol loader daemon) does not properly ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0750
+CVE-2000-0750 (Buffer overflow in mopd (Maintenance Operations Protocol loader daemon ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0749
+CVE-2000-0749 (Buffer overflow in the Linux binary compatibility module in FreeBSD 3. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0747
+CVE-2000-0747 (The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sen ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0745
+CVE-2000-0745 (admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0744
+CVE-2000-0744 (DEPRECATED.  This entry has been deprecated.  It is a duplicate of CVE ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0743
+CVE-2000-0743 (Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0742
+CVE-2000-0742 (The IPX protocol implementation in Microsoft Windows 95 and 98 allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0741
+CVE-2000-0741 (Format string vulnerability in strong.exe program in NAI Net Tools PKI ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0740
+CVE-2000-0740 (Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0739
+CVE-2000-0739 (Directory traversal vulnerability in strong.exe program in NAI Net Too ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0738
+CVE-2000-0738 (WebShield SMTP 4.5 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0737
+CVE-2000-0737 (The Service Control Manager (SCM) in Windows 2000 creates predictable  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0733
+CVE-2000-0733 (Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0732
+CVE-2000-0732 (Worm HTTP server allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0731
+CVE-2000-0731 (Directory traversal vulnerability in Worm HTTP server allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0730
+CVE-2000-0730 (Vulnerability in newgrp command in HP-UX 11.0 allows local users to ga ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0729
+CVE-2000-0729 (FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0728
+CVE-2000-0728 (xpdf PDF viewer client earlier than 0.91 allows local users to overwri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0727
+CVE-2000-0727 (xpdf PDF viewer client earlier than 0.91 does not properly launch a we ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0726
+CVE-2000-0726 (CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0725
+CVE-2000-0725 (Zope before 2.2.1 does not properly restrict access to the getRoles me ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0720
+CVE-2000-0720 (news.cgi in GWScripts News Publisher does not properly authenticate re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0718
+CVE-2000-0718 (A race condition in MandrakeUpdate allows local users to modify RPM fi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0717
+CVE-2000-0717 (GoodTech FTP server allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0716
+CVE-2000-0716 (WorldClient email client in MDaemon 2.8 includes the session ID in the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0712
+CVE-2000-0712 (Linux Intrusion Detection System (LIDS) 0.9.7 allows local users to ga ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0711
+CVE-2000-0711 (Netscape Communicator does not properly prevent a ServerSocket object  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0708
+CVE-2000-0708 (Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0707
+CVE-2000-0707 (PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0706
+CVE-2000-0706 (Buffer overflows in ntop running in web mode allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0705
+CVE-2000-0705 (ntop running in web mode allows remote attackers to read arbitrary fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0703
+CVE-2000-0703 (suidperl (aka sperl) does not properly cleanse the escape sequence "~! ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0702
+CVE-2000-0702 (The net.init rc script in HP-UX 11.00 (S008net.init) allows local user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0700
+CVE-2000-0700 (Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethern ...)
 	NOT-FOR-US: Cisco
-CVE-2000-0699
+CVE-2000-0699 (Format string vulnerability in ftpd in HP-UX 10.20 allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0698
+CVE-2000-0698 (Minicom 1.82.1 and earlier on some Linux systems allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0694
+CVE-2000-0694 (pgxconfig in the Raptor GFX configuration tool allows local users to g ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0693
+CVE-2000-0693 (pgxconfig in the Raptor GFX configuration tool uses a relative path na ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0685
+CVE-2000-0685 (BEA WebLogic 5.1.x does not properly restrict access to the PageCompil ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0684
+CVE-2000-0684 (BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0683
+CVE-2000-0683 (BEA WebLogic 5.1.x allows remote attackers to read source code for par ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0682
+CVE-2000-0682 (BEA WebLogic 5.1.x allows remote attackers to read source code for par ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0681
+CVE-2000-0681 (Buffer overflow in BEA WebLogic server proxy plugin allows remote atta ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0679
+CVE-2000-0679 (The CVS 1.10.8 client trusts pathnames that are provided by the CVS se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0678
+CVE-2000-0678 (PGP 5.5.x through 6.5.3 does not properly check if an Additional Decry ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0677
+CVE-2000-0677 (Buffer overflow in IBM Net.Data db2www CGI program allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0676
+CVE-2000-0676 (Netscape Communicator and Navigator 4.04 through 4.74 allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0675
+CVE-2000-0675 (Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0674
+CVE-2000-0674 (ftp.pl CGI program for Virtual Visions FTP browser allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0673
+CVE-2000-0673 (The NetBIOS Name Server (NBNS) protocol does not perform authenticatio ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0672
+CVE-2000-0672 (The default configuration of Jakarta Tomcat does not restrict access t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0671
+CVE-2000-0671 (Roxen web server earlier than 2.0.69 allows allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0670
+CVE-2000-0670 (The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with writ ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0669
+CVE-2000-0669 (Novell NetWare 5.0 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0668
+CVE-2000-0668 (pam_console PAM module in Linux systems allows a user to access the sy ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0666
+CVE-2000-0666 (rpc.statd in the nfs-utils package in various Linux distributions does ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0665
+CVE-2000-0665 (GAMSoft TelSrv telnet server 1.5 and earlier allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0664
+CVE-2000-0664 (AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0663
+CVE-2000-0663 (The registry entry for the Windows Shell executable (Explorer.exe) in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0662
+CVE-2000-0662 (Internet Explorer 5.x and Microsoft Outlook allows remote attackers to ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0661
+CVE-2000-0661 (WircSrv IRC Server 5.07s allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0660
+CVE-2000-0660 (The WDaemon web server for WorldClient 2.1 allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0655
+CVE-2000-0655 (Netscape Communicator 4.73 and earlier allows remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0654
+CVE-2000-0654 (Microsoft Enterprise Manager allows local users to obtain database pas ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0652
+CVE-2000-0652 (IBM WebSphere allows remote attackers to read source code for executab ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0651
+CVE-2000-0651 (The ClientTrust program in Novell BorderManager does not properly veri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0650
+CVE-2000-0650 (The default installation of VirusScan 4.5 and NetShield 4.5 has insecu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0644
+CVE-2000-0644 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0643
+CVE-2000-0643 (Buffer overflow in WebActive HTTP Server 1.00 allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0642
+CVE-2000-0642 (The default configuration of WebActive HTTP Server 1.00 stores the web ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0641
+CVE-2000-0641 (Savant web server allows remote attackers to execute arbitrary command ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0640
+CVE-2000-0640 (Guild FTPd allows remote attackers to determine the existence of files ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0639
+CVE-2000-0639 (The default configuration of Big Brother 1.4h2 and earlier does not in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0638
+CVE-2000-0638 (bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0637
+CVE-2000-0637 (Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary co ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0636
+CVE-2000-0636 (HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0635
+CVE-2000-0635 (The view_page.html sample page in the MiniVend shopping cart program a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0634
+CVE-2000-0634 (The web administration interface for CommuniGate Pro 3.2.5 and earlier ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0633
+CVE-2000-0633 (Vulnerability in Mandrake Linux usermode package allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0632
+CVE-2000-0632 (Buffer overflow in the web archive component of L-Soft Listserv 1.8d a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0631
+CVE-2000-0631 (An administrative script from IIS 3.0, later included in IIS 4.0 and 5 ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0630
+CVE-2000-0630 (IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0628
+CVE-2000-0628 (The source.asp example script in the Apache ASP module Apache::ASP 1.9 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0627
+CVE-2000-0627 (BlackBoard CourseInfo 4.0 does not properly authenticate users, which  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0624
+CVE-2000-0624 (Buffer overflow in Winamp 2.64 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0622
+CVE-2000-0622 (Buffer overflow in Webfind CGI program in O'Reilly WebSite Professiona ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0621
+CVE-2000-0621 (Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and 5.0x, allo ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0620
+CVE-2000-0620 (libX11 X library allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0619
+CVE-2000-0619 (Top Layer AppSwitch 2500 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0616
+CVE-2000-0616 (Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain addit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0615
+CVE-2000-0615 (LPRng 3.6.x improperly installs lpd as setuid root, which can allow lo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0613
+CVE-2000-0613 (Cisco Secure PIX Firewall does not properly identify forged TCP Reset  ...)
 	NOT-FOR-US: Cisco
-CVE-2000-0611
+CVE-2000-0611 (The default configuration of NetWin dMailWeb and cwMail trusts all POP ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0610
+CVE-2000-0610 (NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0604
+CVE-2000-0604 (gkermit in Red Hat Linux is improperly installed with setgid uucp, whi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0603
+CVE-2000-0603 (Microsoft SQL Server 7.0 allows a local user to bypass permissions for ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0602
+CVE-2000-0602 (Secure Locate (slocate) in Red Hat Linux allows local users to gain pr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0601
+CVE-2000-0601 (LeafChat 1.7 IRC client allows a remote IRC server to cause a denial o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0600
+CVE-2000-0600 (Netscape Enterprise Server in NetWare 5.1 allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0599
+CVE-2000-0599 (Buffer overflow in iMesh 1.02 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0598
+CVE-2000-0598 (Fortech Proxy+ allows remote attackers to bypass access restrictions f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0597
+CVE-2000-0597 (Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are mar ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0596
+CVE-2000-0596 (Internet Explorer 5.x does not warn a user before opening a Microsoft  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0595
+CVE-2000-0595 (libedit searches for the .editrc file in the current directory instead ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0594
+CVE-2000-0594 (BitchX IRC client does not properly cleanse an untrusted format string ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0593
+CVE-2000-0593 (WinProxy 2.0 and 2.0.1 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0591
+CVE-2000-0591 (Novell BorderManager 3.0 and 3.5 allows remote attackers to bypass URL ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0590
+CVE-2000-0590 (Poll It 2.0 CGI script allows remote attackers to read arbitrary files ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0588
+CVE-2000-0588 (SawMill 5.0.21 CGI program allows remote attackers to read the first l ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0587
+CVE-2000-0587 (The privpath directive in glftpd 1.18 allows remote attackers to bypas ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0586
+CVE-2000-0586 (Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0585
+CVE-2000-0585 (ISC DHCP client program dhclient allows remote attackers to execute ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0584
+CVE-2000-0584 (Buffer overflow in Canna input system allows remote attackers to execu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0583
+CVE-2000-0583 (vchkpw program in vpopmail before version 4.8 does not properly cleans ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0582
+CVE-2000-0582 (Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0581
+CVE-2000-0581 (Windows 2000 Telnet Server allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0579
+CVE-2000-0579 (IRIX crontab creates temporary files with predictable file names and w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0577
+CVE-2000-0577 (Netscape Professional Services FTP Server 1.3.6 allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0576
+CVE-2000-0576 (Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows re ...)
 	NOT-FOR-US: AIX
-CVE-2000-0575
+CVE-2000-0575 (SSH 1.2.27 with Kerberos authentication support stores Kerberos ticket ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0573
+CVE-2000-0573 (The lreply function in wu-ftpd 2.6.0 and earlier does not properly cle ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0571
+CVE-2000-0571 (LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0570
+CVE-2000-0570 (FirstClass Internet Services server 5.770, and other versions before 6 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0569
+CVE-2000-0569 (Sybergen Sygate allows remote attackers to cause a denial of service b ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0568
+CVE-2000-0568 (Sybergen Secure Desktop 2.1 does not properly protect against false ro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0567
+CVE-2000-0567 (Buffer overflow in Microsoft Outlook and Outlook Express allows remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0566
+CVE-2000-0566 (makewhatis in Linux man package allows local users to overwrite files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0565
+CVE-2000-0565 (SmartFTP Daemon 0.2 allows a local user to access arbitrary files by u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0561
+CVE-2000-0561 (Buffer overflow in WebBBS 1.15 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0558
+CVE-2000-0558 (Buffer overflow in HP Openview Network Node Manager 6.1 allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0557
+CVE-2000-0557 (Buffer overflow in the web interface for Cmail 2.4.7 allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0556
+CVE-2000-0556 (Buffer overflow in the web interface for Cmail 2.4.7 allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0555
+CVE-2000-0555 (Ceilidh allows remote attackers to cause a denial of service via a lar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0553
+CVE-2000-0553 (Race condition in IPFilter firewall 3.4.3 and earlier, when configured ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0552
+CVE-2000-0552 (ICQwebmail client for ICQ 2000A creates a world readable temporary fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0551
+CVE-2000-0551 (The file transfer mechanism in Danware NetOp 6.0 does not provide auth ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0550
+CVE-2000-0550 (Kerberos 4 KDC program improperly frees memory twice (aka "double-free ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0549
+CVE-2000-0549 (Kerberos 4 KDC program does not properly check for null termination of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0548
+CVE-2000-0548 (Buffer overflow in Kerberos 4 KDC program allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0542
+CVE-2000-0542 (Tigris remote access server before 11.5.4.22 does not properly record  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0541
+CVE-2000-0541 (The Panda Antivirus console on port 2001 allows local users to execute ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0540
+CVE-2000-0540 (JSP sample files in Allaire JRun 2.3.x allow remote attackers to acces ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0539
+CVE-2000-0539 (Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtai ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0538
+CVE-2000-0538 (ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0537
+CVE-2000-0537 (BRU backup software allows local users to append data to arbitrary fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0536
+CVE-2000-0536 (xinetd 2.1.8.x does not properly restrict connections if hostnames are ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0534
+CVE-2000-0534 (The apsfilter software in the FreeBSD ports package does not properly  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0533
+CVE-2000-0533 (Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0532
+CVE-2000-0532 (A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0530
+CVE-2000-0530 (The KApplication class in the KDE 1.1.2 configuration file management  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0529
+CVE-2000-0529 (Net Tools PKI Server allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0528
+CVE-2000-0528 (Net Tools PKI Server does not properly restrict access to remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0525
+CVE-2000-0525 (OpenSSH does not properly drop privileges when the UseLogin option is  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0523
+CVE-2000-0523 (Buffer overflow in the logging feature of EServ 2.9.2 and earlier allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0522
+CVE-2000-0522 (RSA ACE/Server allows remote attackers to cause a denial of service by ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0521
+CVE-2000-0521 (Savant web server allows remote attackers to read source code of CGI s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0519
+CVE-2000-0519 (Internet Explorer 4.x and 5.x does not properly re-validate an SSL cer ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0518
+CVE-2000-0518 (Internet Explorer 4.x and 5.x does not properly verify all contents of ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0517
+CVE-2000-0517 (Netscape 4.73 and earlier does not properly warn users about a potenti ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0516
+CVE-2000-0516 (When configured to store configuration information in an LDAP director ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0515
+CVE-2000-0515 (The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0514
+CVE-2000-0514 (GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict acces ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0513
+CVE-2000-0513 (CUPS (Common Unix Printing System) 1.04 and earlier allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0512
+CVE-2000-0512 (CUPS (Common Unix Printing System) 1.04 and earlier does not properly  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0511
+CVE-2000-0511 (CUPS (Common Unix Printing System) 1.04 and earlier allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0510
+CVE-2000-0510 (CUPS (Common Unix Printing System) 1.04 and earlier allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0508
+CVE-2000-0508 (rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0507
+CVE-2000-0507 (Imate Webmail Server 2.5 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0506
+CVE-2000-0506 (The "capabilities" feature in Linux before 2.2.16 allows local users t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0505
+CVE-2000-0505 (The Apache 1.3.x HTTP server for Windows platforms allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0504
+CVE-2000-0504 (libICE in XFree86 allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0502
+CVE-2000-0502 (Mcafee VirusScan 4.03 does not properly restrict access to the alert t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0501
+CVE-2000-0501 (Race condition in MDaemon 2.8.5.0 POP server allows local users to cau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0500
+CVE-2000-0500 (The default configuration of BEA WebLogic 5.1.0 allows a remote attack ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0499
+CVE-2000-0499 (The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2000-0498
+CVE-2000-0498 (Unify eWave ServletExec allows a remote attacker to view source code o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0497
+CVE-2000-0497 (IBM WebSphere server 3.0.2 allows a remote attacker to view source cod ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0495
+CVE-2000-0495 (Microsoft Windows Media Encoder allows remote attackers to cause a den ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0494
+CVE-2000-0494 (Veritas Volume Manager creates a world writable .server_pids file, whi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0493
+CVE-2000-0493 (Buffer overflow in Simple Network Time Sync (SMTS) daemon allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0490
+CVE-2000-0490 (Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0489
+CVE-2000-0489 (FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0488
+CVE-2000-0488 (Buffer overflow in ITHouse mail server 1.04 allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0486
+CVE-2000-0486 (Buffer overflow in Cisco TACACS+ tac_plus server allows remote attacke ...)
 	NOT-FOR-US: Cisco
-CVE-2000-0485
+CVE-2000-0485 (Microsoft SQL Server allows local users to obtain database passwords v ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0484
+CVE-2000-0484 (Buffer overflow in Small HTTP Server allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0483
+CVE-2000-0483 (The DocumentTemplate package in Zope 2.2 and earlier allows a remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0482
+CVE-2000-0482 (Check Point Firewall-1 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0481
+CVE-2000-0481 (Buffer overflow in KDE Kmail allows a remote attacker to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0478
+CVE-2000-0478 (In some cases, Norton Antivirus for Exchange (NavExchange) enters a "f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0477
+CVE-2000-0477 (Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0475
+CVE-2000-0475 (Windows 2000 allows a local user process to access another user's desk ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0474
+CVE-2000-0474 (Real Networks RealServer 7.x allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0472
+CVE-2000-0472 (Buffer overflow in innd 2.2.2 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0471
+CVE-2000-0471 (Buffer overflow in ufsrestore in Solaris 8 and earlier allows local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0470
+CVE-2000-0470 (Allegro RomPager HTTP server allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0469
+CVE-2000-0469 (Selena Sol WebBanner 4.0 allows remote attackers to read arbitrary fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0468
+CVE-2000-0468 (man in HP-UX 10.20 and 11 allows local attackers to overwrite files vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0467
+CVE-2000-0467 (Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0466
+CVE-2000-0466 (AIX cdmount allows local users to gain root privileges via shell metac ...)
 	NOT-FOR-US: AIX
-CVE-2000-0465
+CVE-2000-0465 (Internet Explorer 4.x and 5.x does not properly verify the domain of a ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0464
+CVE-2000-0464 (Internet Explorer 4.x and 5.x allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0463
+CVE-2000-0463 (BeOS 5.0 allows remote attackers to cause a denial of service via frag ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0462
+CVE-2000-0462 (ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0461
+CVE-2000-0461 (The undocumented semconfig system call in BSD freezes the state of sem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0460
+CVE-2000-0460 (Buffer overflow in KDE kdesud on Linux allows local uses to gain privi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0459
+CVE-2000-0459 (IMP does not remove files properly if the MSWordView application quits ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0458
+CVE-2000-0458 (The MSWordView application in IMP creates world-readable files in the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0457
+CVE-2000-0457 (ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file conten ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0456
+CVE-2000-0456 (NetBSD 1.4.2 and earlier allows local users to cause a denial of servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0455
+CVE-2000-0455 (Buffer overflow in xlockmore xlock program version 4.16 and earlier al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0454
+CVE-2000-0454 (Buffer overflow in Linux cdrecord allows local users to gain privilege ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0453
+CVE-2000-0453 (XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0452
+CVE-2000-0452 (Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0451
+CVE-2000-0451 (The Intel express 8100 ISDN router allows remote attackers to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0448
+CVE-2000-0448 (The WebShield SMTP Management Tool version 4.5.44 does not properly re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0447
+CVE-2000-0447 (Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0446
+CVE-2000-0446 (Buffer overflow in MDBMS database server allows remote attackers to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0445
+CVE-2000-0445 (The pgpk command in PGP 5.x on Unix systems uses an insufficiently ran ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0443
+CVE-2000-0443 (The web interface server in HP Web JetAdmin 5.6 allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0442
+CVE-2000-0442 (Qpopper 2.53 and earlier allows local users to gain privileges via a f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0441
+CVE-2000-0441 (Vulnerability in AIX 3.2.x and 4.x allows local users to gain write ac ...)
 	NOT-FOR-US: AIX
-CVE-2000-0440
+CVE-2000-0440 (NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0439
+CVE-2000-0439 (Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain cl ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0438
+CVE-2000-0438 (Buffer overflow in fdmount on Linux systems allows local users in the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0437
+CVE-2000-0437 (Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0436
+CVE-2000-0436 (MetaProducts Offline Explorer 1.2 and earlier allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0435
+CVE-2000-0435 (The allmanageup.pl file upload CGI script in the Allmanage Website adm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0432
+CVE-2000-0432 (The calender.pl and the calendar_admin.pl calendar scripts by Matt Kru ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0431
+CVE-2000-0431 (Cobalt RaQ2 and RaQ3 does not properly set the access permissions and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0430
+CVE-2000-0430 (Cart32 allows remote attackers to access sensitive debugging informati ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0428
+CVE-2000-0428 (Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0427
+CVE-2000-0427 (The Aladdin Knowledge Systems eToken device allows attackers with phys ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0426
+CVE-2000-0426 (UltraBoard 1.6 and other versions allow remote attackers to cause a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0425
+CVE-2000-0425 (Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0424
+CVE-2000-0424 (The CGI counter 4.0.7 by George Burgyan allows remote attackers to exe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0421
+CVE-2000-0421 (The process_bug.cgi script in Bugzilla allows remote attackers to exec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0419
+CVE-2000-0419 (The Office 2000 UA ActiveX Control is marked as "safe for scripting,"  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0418
+CVE-2000-0418 (The Cayman 3220-H DSL router allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0417
+CVE-2000-0417 (The HTTP administration interface to the Cayman 3220-H DSL router allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0416
+CVE-2000-0416 (NTMail 5.x allows network users to bypass the NTMail proxy restriction ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0414
+CVE-2000-0414 (Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0411
+CVE-2000-0411 (Matt Wright's FormMail CGI script allows remote attackers to obtain en ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0410
+CVE-2000-0410 (ColdFusion Server 4.5.1 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0409
+CVE-2000-0409 (Netscape 4.73 and earlier follows symlinks when it imports a new certi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0408
+CVE-2000-0408 (IIS 4.05 and 5.0 allow remote attackers to cause a denial of service v ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0407
+CVE-2000-0407 (Buffer overflow in Solaris netpr program allows local users to execute ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0406
+CVE-2000-0406 (Netscape Communicator before version 4.73 and Navigator 4.07 do not pr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0405
+CVE-2000-0405 (Buffer overflow in L0pht AntiSniff allows remote attackers to execute  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0404
+CVE-2000-0404 (The CIFS Computer Browser service allows remote attackers to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0403
+CVE-2000-0403 (The CIFS Computer Browser service on Windows NT 4.0 allows a remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0402
+CVE-2000-0402 (The Mixed Mode authentication capability in Microsoft SQL Server 7.0 s ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0399
+CVE-2000-0399 (Buffer overflow in MDaemon POP server allows remote attackers to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0398
+CVE-2000-0398 (Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0397
+CVE-2000-0397 (The EMURL web-based email account software encodes predictable identif ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0396
+CVE-2000-0396 (The add.exe program in the Carello shopping cart software allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0395
+CVE-2000-0395 (Buffer overflow in CProxy 3.3 allows remote users to cause a denial of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0394
+CVE-2000-0394 (NetProwler 3.0 allows remote attackers to cause a denial of service by ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0393
+CVE-2000-0393 (The KDE kscd program does not drop privileges when executing a program ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0392
+CVE-2000-0392 (Buffer overflow in ksu in Kerberos 5 allows local users to gain root p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0391
+CVE-2000-0391 (Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0390
+CVE-2000-0390 (Buffer overflow in krb425_conv_principal function in Kerberos 5 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0389
+CVE-2000-0389 (Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0388
+CVE-2000-0388 (Buffer overflow in FreeBSD libmytinfo library allows local users to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0387
+CVE-2000-0387 (The makelev program in the golddig game from the FreeBSD ports collect ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0382
+CVE-2000-0382 (ColdFusion ClusterCATS appends stale query string arguments to a URL d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0381
+CVE-2000-0381 (The Gossamer Threads DBMan db.cgi CGI script allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0380
+CVE-2000-0380 (The IOS HTTP service in Cisco routers and switches running IOS 11.1 th ...)
 	NOT-FOR-US: Cisco
-CVE-2000-0379
+CVE-2000-0379 (The Netopia R9100 router does not prevent authenticated users from mod ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0378
+CVE-2000-0378 (The pam_console PAM module in Linux systems performs a chown on variou ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0377
+CVE-2000-0377 (The Remote Registry server in Windows NT 4.0 allows local authenticate ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0376
+CVE-2000-0376 (Buffer overflow in the HTTP proxy server for the i-drive Filo software ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0375
+CVE-2000-0375 (The kernel in FreeBSD 3.2 follows symbolic links when it creates core  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0374
+CVE-2000-0374 (The default configuration of kdm in Caldera and Mandrake Linux, and po ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0373
+CVE-2000-0373 (Vulnerabilities in the KDE kvt terminal program allow local users to g ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0372
+CVE-2000-0372 (Vulnerability in Caldera rmt command in the dump package 0.4b4 allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0371
+CVE-2000-0371 (The libmediatool library used for the KDE mediatool allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0370
+CVE-2000-0370 (The debug option in Caldera Linux smail allows remote attackers to exe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0369
+CVE-2000-0369 (The IDENT server in Caldera Linux 2.3 creates multiple threads for eac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0368
+CVE-2000-0368 (Classic Cisco IOS 9.1 and later allows attackers with access to the lo ...)
 	NOT-FOR-US: Cisco
-CVE-2000-0367
+CVE-2000-0367 (Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0366
+CVE-2000-0366 (dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0363
+CVE-2000-0363 (Linux cdwtools 093 and earlier allows local users to gain root privile ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0362
+CVE-2000-0362 (Buffer overflows in Linux cdwtools 093 and earlier allows local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0361
+CVE-2000-0361 (The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0360
+CVE-2000-0360 (Buffer overflow in INN 2.2.1 and earlier allows remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0359
+CVE-2000-0359 (Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0356
+CVE-2000-0356 (Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0354
+CVE-2000-0354 (mirror 2.8.x in Linux systems allows remote attackers to create files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0353
+CVE-2000-0353 (Pine 4.x allows a remote attacker to execute arbitrary commands via an ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0352
+CVE-2000-0352 (Pine before version 4.21 does not properly filter shell metacharacters ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0351
+CVE-2000-0351 (Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0350
+CVE-2000-0350 (A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0349
+CVE-2000-0349 (Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0348
+CVE-2000-0348 (A vulnerability in the Sendmail configuration file sendmail.cf as inst ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0347
+CVE-2000-0347 (Windows 95 and Windows 98 allow a remote attacker to cause a denial of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0346
+CVE-2000-0346 (AppleShare IP 6.1 and later allows a remote attacker to read potential ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0344
+CVE-2000-0344 (The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0342
+CVE-2000-0342 (Eudora 4.x allows remote attackers to bypass the user warning for exec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0341
+CVE-2000-0341 (ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0340
+CVE-2000-0340 (Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0339
+CVE-2000-0339 (ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0338
+CVE-2000-0338 (Concurrent Versions Software (CVS) uses predictable temporary file nam ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0337
+CVE-2000-0337 (Buffer overflow in Xsun X server in Solaris 7 allows local users to ga ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0336
+CVE-2000-0336 (Linux OpenLDAP server allows local users to modify arbitrary files via ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0335
+CVE-2000-0335 (The resolver in glibc 2.1.3 uses predictable IDs, which allows a local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0334
+CVE-2000-0334 (The Allaire Spectra container editor preview tool does not properly en ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0332
+CVE-2000-0332 (UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0331
+CVE-2000-0331 (Buffer overflow in Microsoft command processor (CMD.EXE) for Windows N ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0330
+CVE-2000-0330 (The networking software in Windows 95 and Windows 98 allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0329
+CVE-2000-0329 (A Microsoft ActiveX control allows a remote attacker to execute a mali ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0328
+CVE-2000-0328 (Windows NT 4.0 generates predictable random TCP initial sequence numbe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0327
+CVE-2000-0327 (Microsoft Virtual Machine (VM) allows remote attackers to escape the J ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0324
+CVE-2000-0324 (pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0323
+CVE-2000-0323 (The Microsoft Jet database engine allows an attacker to modify text fi ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0322
+CVE-2000-0322 (The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Packa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0320
+CVE-2000-0320 (Qpopper 2.53 and 3.0 does not properly identify the \n string which id ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0319
+CVE-2000-0319 (mail.local in Sendmail 8.10.x does not properly identify the .\n strin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0318
+CVE-2000-0318 (Atrium Mercur Mail Server 3.2 allows local attackers to read other use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0316
+CVE-2000-0316 (Buffer overflow in Solaris 7 lp allows local users to gain root privil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0315
+CVE-2000-0315 (traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0314
+CVE-2000-0314 (traceroute in NetBSD 1.3.3 and Linux systems allows local users to flo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0313
+CVE-2000-0313 (Vulnerability in OpenBSD 2.6 allows a local user to change interface m ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0311
+CVE-2000-0311 (The Windows 2000 domain controller allows a malicious user to modify A ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0310
+CVE-2000-0310 (IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0309
+CVE-2000-0309 (The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0308
+CVE-2000-0308 (Insecure file permissions for Netscape FastTrack Server 2.x, Enterpris ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0307
+CVE-2000-0307 (Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0306
+CVE-2000-0306 (Buffer overflow in calserver in SCO OpenServer allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0305
+CVE-2000-0305 (Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0304
+CVE-2000-0304 (Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory install ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0303
+CVE-2000-0303 (Quake3 Arena allows malicious server operators to read or modify files ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0302
+CVE-2000-0302 (Microsoft Index Server allows remote attackers to view the source code ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0301
+CVE-2000-0301 (Ipswitch IMAIL server 6.02 and earlier allows remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0298
+CVE-2000-0298 (The unattended installation of Windows 2000 with the OEMPreinstall opt ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0297
+CVE-2000-0297 (Allaire Forums 2.0.5 allows remote attackers to bypass access restrict ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0296
+CVE-2000-0296 (fcheck allows local users to gain privileges by embedding shell metach ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0294
+CVE-2000-0294 (Buffer overflow in healthd for FreeBSD allows local users to gain root ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0292
+CVE-2000-0292 (The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0290
+CVE-2000-0290 (Buffer overflow in Webstar HTTP server allows remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0289
+CVE-2000-0289 (IP masquerading in Linux 2.2.x allows remote attackers to route UDP pa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0287
+CVE-2000-0287 (The BizDB CGI script bizdb-search.cgi allows remote attackers to execu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0285
+CVE-2000-0285 (Buffer overflow in XFree86 3.3.x allows local users to execute arbitra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0283
+CVE-2000-0283 (The default installation of IRIX Performance Copilot allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0282
+CVE-2000-0282 (TalentSoft webpsvr daemon in the Web+ shopping cart application allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0279
+CVE-2000-0279 (BeOS allows remote attackers to cause a denial of service via malforme ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0278
+CVE-2000-0278 (The SalesLogix Eviewer allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0277
+CVE-2000-0277 (Microsoft Excel 97 and 2000 does not warn the user when executing Exce ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0276
+CVE-2000-0276 (BeOS 4.5 and 5.0 allow local users to cause a denial of service via ma ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0274
+CVE-2000-0274 (The Linux trustees kernel patch allows attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0273
+CVE-2000-0273 (PCAnywhere allows remote attackers to cause a denial of service by ter ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0272
+CVE-2000-0272 (RealNetworks RealServer allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0268
+CVE-2000-0268 (Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Cisco
-CVE-2000-0267
+CVE-2000-0267 (Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode ...)
 	NOT-FOR-US: Cisco
-CVE-2000-0265
+CVE-2000-0265 (Panda Security 3.0 allows users to uninstall the Panda software via it ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0264
+CVE-2000-0264 (Panda Security 3.0 with registry editing disabled allows users to edit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0263
+CVE-2000-0263 (The X font server xfs in Red Hat Linux 6.x allows an attacker to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0262
+CVE-2000-0262 (The AVM KEN! ISDN Proxy server allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0261
+CVE-2000-0261 (The AVM KEN! web server allows remote attackers to read arbitrary file ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0260
+CVE-2000-0260 (Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0258
+CVE-2000-0258 (IIS 4.0 and 5.0 allows remote attackers to cause a denial of service b ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0257
+CVE-2000-0257 (Buffer overflow in the NetWare remote web administration utility allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0255
+CVE-2000-0255 (The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0254
+CVE-2000-0254 (The dansie shopping cart application cart.pl allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0253
+CVE-2000-0253 (The dansie shopping cart application cart.pl allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0252
+CVE-2000-0252 (The dansie shopping cart application cart.pl allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0251
+CVE-2000-0251 (HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0249
+CVE-2000-0249 (The AIX Fast Response Cache Accelerator (FRCA) allows local users to m ...)
 	NOT-FOR-US: AIX
-CVE-2000-0247
+CVE-2000-0247 (Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0246
+CVE-2000-0246 (IIS 4.0 and 5.0 does not properly perform ISAPI extension processing i ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0245
+CVE-2000-0245 (Vulnerability in SGI IRIX objectserver daemon allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0243
+CVE-2000-0243 (AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0240
+CVE-2000-0240 (vqSoft vqServer program allows remote attackers to read arbitrary file ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0238
+CVE-2000-0238 (Buffer overflow in the web server for Norton AntiVirus for Internet Em ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0237
+CVE-2000-0237 (Netscape Enterprise Server with Web Publishing enabled allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0236
+CVE-2000-0236 (Netscape Enterprise Server with Directory Indexing enabled allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0235
+CVE-2000-0235 (Buffer overflow in the huh program in the orville-write package allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0234
+CVE-2000-0234 (The default configuration of Cobalt RaQ2 and RaQ3 as specified in acce ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0233
+CVE-2000-0233 (SuSE Linux IMAP server allows remote attackers to bypass IMAP authenti ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0232
+CVE-2000-0232 (Microsoft TCP/IP Printing Services, aka Print Services for Unix, allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0231
+CVE-2000-0231 (Linux kreatecd trusts a user-supplied path that is used to find the cd ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0230
+CVE-2000-0230 (Buffer overflow in imwheel allows local users to gain root privileges  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0229
+CVE-2000-0229 (gpm-root in the gpm package does not properly drop privileges, which a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0228
+CVE-2000-0228 (Microsoft Windows Media License Manager allows remote attackers to cau ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0226
+CVE-2000-0226 (IIS 4.0 allows attackers to cause a denial of service by requesting a  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0225
+CVE-2000-0225 (The Pocsag POC32 program does not properly prevent remote users from a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0224
+CVE-2000-0224 (ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0223
+CVE-2000-0223 (Buffer overflow in the wmcdplay CD player program for the WindowMaker  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0222
+CVE-2000-0222 (The installation for Windows 2000 does not activate the Administrator  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0221
+CVE-2000-0221 (The Nautica Marlin bridge allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0218
+CVE-2000-0218 (Buffer overflow in Linux mount and umount allows local users to gain r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0217
+CVE-2000-0217 (The default configuration of SSH allows X forwarding, which could allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0215
+CVE-2000-0215 (Vulnerability in SCO cu program in UnixWare 7.x allows local users to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0212
+CVE-2000-0212 (InterAccess TelnetD Server 4.0 allows remote attackers to conduct a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0211
+CVE-2000-0211 (The Windows Media server allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0210
+CVE-2000-0210 (The lit program in Sun Flex License Manager (FlexLM) follows symlinks, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0209
+CVE-2000-0209 (Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0208
+CVE-2000-0208 (The htdig (ht://Dig) CGI program htsearch allows remote attackers to r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0207
+CVE-2000-0207 (SGI InfoSearch CGI program infosrch.cgi allows remote attackers to exe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0206
+CVE-2000-0206 (The installation of Oracle 8.1.5.x on Linux follows symlinks and creat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0202
+CVE-2000-0202 (Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow re ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0201
+CVE-2000-0201 (The window.showHelp() method in Internet Explorer 5.x does not restric ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0200
+CVE-2000-0200 (Buffer overflow in Microsoft Clip Art Gallery allows remote attackers  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0196
+CVE-2000-0196 (Buffer overflow in mhshow in the Linux nmh package allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0195
+CVE-2000-0195 (setxconf in Corel Linux allows local users to gain root access via the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0194
+CVE-2000-0194 (buildxconf in Corel Linux allows local users to modify or create arbit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0193
+CVE-2000-0193 (The default configuration of Dosemu in Corel Linux 1.0 allows local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0192
+CVE-2000-0192 (The default installation of Caldera OpenLinux 2.3 includes the CGI pro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0191
+CVE-2000-0191 (Axis StorPoint CD allows remote attackers to access administrator URLs ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0189
+CVE-2000-0189 (ColdFusion Server 4.x allows remote attackers to determine the real pa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0186
+CVE-2000-0186 (Buffer overflow in the dump utility in the Linux ext2fs backup package ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0185
+CVE-2000-0185 (RealMedia RealServer reveals the real IP address of a Real Server, eve ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0184
+CVE-2000-0184 (Linux printtool sets the permissions of printer configuration files to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0183
+CVE-2000-0183 (Buffer overflow in ircII 4.4 IRC client allows remote attackers to exe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0182
+CVE-2000-0182 (iPlanet Web Server 4.1 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0181
+CVE-2000-0181 (Firewall-1 3.0 and 4.0 leaks packets with private IP address informati ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0180
+CVE-2000-0180 (Sojourn search engine allows remote attackers to read arbitrary files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0179
+CVE-2000-0179 (HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0178
+CVE-2000-0178 (ServerIron switches by Foundry Networks have predictable TCP/IP sequen ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0175
+CVE-2000-0175 (Buffer overflow in StarOffice StarScheduler web server allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0174
+CVE-2000-0174 (StarOffice StarScheduler web server allows remote attackers to read ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0172
+CVE-2000-0172 (The mtr program only uses a seteuid call when attempting to drop privi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0171
+CVE-2000-0171 (atsadc in the atsar package for Linux does not properly check the perm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0170
+CVE-2000-0170 (Buffer overflow in the man program in Linux allows local users to gain ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0169
+CVE-2000-0169 (Batch files in the Oracle web listener ows-bin directory allow remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0168
+CVE-2000-0168 (Microsoft Windows 9x operating systems allow an attacker to cause a de ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0166
+CVE-2000-0166 (Buffer overflow in the InterAccess telnet server TelnetD allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0165
+CVE-2000-0165 (The Delegate application proxy has several buffer overflows which allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0164
+CVE-2000-0164 (The installation of Sun Internet Mail Server (SIMS) creates a world-re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0162
+CVE-2000-0162 (The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x al ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0161
+CVE-2000-0161 (Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0159
+CVE-2000-0159 (HP Ignite-UX does not save /etc/passwd when it creates an image of a t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0157
+CVE-2000-0157 (NetBSD ptrace call on VAX allows local users to gain privileges by mod ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0156
+CVE-2000-0156 (Internet Explorer 4.x and 5.x allows remote web servers to access file ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0152
+CVE-2000-0152 (Remote attackers can cause a denial of service in Novell BorderManager ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0150
+CVE-2000-0150 (Check Point Firewall-1 allows remote attackers to bypass port access r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0149
+CVE-2000-0149 (Zeus web server allows remote attackers to view the source code for CG ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0148
+CVE-2000-0148 (MySQL 3.22 allows remote attackers to bypass password authentication a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0146
+CVE-2000-0146 (The Java Server in the Novell GroupWise Web Access Enhancement Pack al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0145
+CVE-2000-0145 (The libguile.so library file used by gnucash in Debian GNU/Linux is in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0144
+CVE-2000-0144 (Axis 700 Network Scanner does not properly restrict access to administ ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0141
+CVE-2000-0141 (Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0140
+CVE-2000-0140 (Internet Anywhere POP3 Mail Server allows remote attackers to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0139
+CVE-2000-0139 (Internet Anywhere POP3 Mail Server allows local users to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0131
+CVE-2000-0131 (Buffer overflow in War FTPd 1.6x allows users to cause a denial of ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0130
+CVE-2000-0130 (Buffer overflow in SCO scohelp program allows remote attackers to exec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0128
+CVE-2000-0128 (The Finger Server 0.82 allows remote attackers to execute commands via ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0127
+CVE-2000-0127 (The Webspeed configuration program does not properly disable access to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0121
+CVE-2000-0121 (The Recycle Bin utility in Windows NT and Windows 2000 allows local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0120
+CVE-2000-0120 (The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0117
+CVE-2000-0117 (The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Adm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0116
+CVE-2000-0116 (Firewall-1 does not properly filter script tags, which allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0113
+CVE-2000-0113 (The SyGate Remote Management program does not properly restrict access ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0112
+CVE-2000-0112 (The default installation of Debian GNU/Linux uses an insecure Master B ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0111
+CVE-2000-0111 (The RightFax web client uses predictable session numbers, which allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0107
+CVE-2000-0107 (Linux apcd program allows local attackers to modify arbitrary files vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0100
+CVE-2000-0100 (The SMS Remote Control program is installed with insecure permissions, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0099
+CVE-2000-0099 (Buffer overflow in UnixWare ppptalk command allows local users to gain ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0098
+CVE-2000-0098 (Microsoft Index Server allows remote attackers to determine the real p ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0097
+CVE-2000-0097 (The WebHits ISAPI filter in Microsoft Index Server allows remote attac ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0095
+CVE-2000-0095 (The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0094
+CVE-2000-0094 (procfs in BSD systems allows local users to gain root privileges by mo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0092
+CVE-2000-0092 (The BSD make program allows local users to modify files via a symlink  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0091
+CVE-2000-0091 (Buffer overflow in vchkpw/vpopmail POP authentication package allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0090
+CVE-2000-0090 (VMWare 1.1.2 allows local users to cause a denial of service via a sym ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0089
+CVE-2000-0089 (The rdisk utility in Microsoft Terminal Server Edition and Windows NT  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0088
+CVE-2000-0088 (Buffer overflow in the conversion utilities for Japanese, Korean and C ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0087
+CVE-2000-0087 (Netscape Mail Notification (nsnotify) utility in Netscape Communicator ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0083
+CVE-2000-0083 (HP asecure creates the Audio Security File audio.sec with insecure per ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0080
+CVE-2000-0080 (AIX techlibss allows local users to overwrite files via a symlink atta ...)
 	NOT-FOR-US: AIX
-CVE-2000-0076
+CVE-2000-0076 (nviboot boot script in the Debian nvi package allows local users to de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0075
+CVE-2000-0075 (Super Mail Transfer Package (SMTP), later called MsgCore, has a memory ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0073
+CVE-2000-0073 (Buffer overflow in Microsoft Rich Text Format (RTF) reader allows atta ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0072
+CVE-2000-0072 (Visual Casel (Vcasel) does not properly prevent users from executing f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0070
+CVE-2000-0070 (NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0065
+CVE-2000-0065 (Buffer overflow in InetServ 3.0 allows remote attackers to execute com ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0064
+CVE-2000-0064 (cgiproc CGI script in Nortel Contivity HTTP server allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0063
+CVE-2000-0063 (cgiproc CGI script in Nortel Contivity HTTP server allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0062
+CVE-2000-0062 (The DTML implementation in the Z Object Publishing Environment (Zope)  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0060
+CVE-2000-0060 (Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0057
+CVE-2000-0057 (Cold Fusion CFCACHE tag places temporary cache files within the web do ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0056
+CVE-2000-0056 (IMail IMONITOR status.cgi CGI script allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0053
+CVE-2000-0053 (Microsoft Commercial Internet System (MCIS) IMAP server allows remote  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0052
+CVE-2000-0052 (Red Hat userhelper program in the usermode package allows local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0051
+CVE-2000-0051 (The Allaire Spectra Configuration Wizard allows remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0050
+CVE-2000-0050 (The Allaire Spectra Webtop allows authenticated users to access other  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0048
+CVE-2000-0048 (get_it program in Corel Linux Update allows local users to gain root a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0045
+CVE-2000-0045 (MySQL allows local users to modify passwords for arbitrary MySQL users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0044
+CVE-2000-0044 (Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0043
+CVE-2000-0043 (Buffer overflow in CamShot WebCam HTTP server allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0042
+CVE-2000-0042 (Buffer overflow in CSM mail server allows remote attackers to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0041
+CVE-2000-0041 (Macintosh systems generate large ICMP datagrams in response to malform ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0040
+CVE-2000-0040 (glFtpD allows local users to gain privileges via metacharacters in the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0039
+CVE-2000-0039 (AltaVista search engine allows remote attackers to read files above th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0037
+CVE-2000-0037 (Majordomo wrapper allows local users to gain privileges by specifying  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0036
+CVE-2000-0036 (Outlook Express 5 for Macintosh downloads attachments to HTML mail wit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0034
+CVE-2000-0034 (Netscape 4.7 records user passwords in the preferences.js file during  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0033
+CVE-2000-0033 (InterScan VirusWall SMTP scanner does not properly scan messages with  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0032
+CVE-2000-0032 (Solaris dmi_cmd allows local users to crash the dmispd daemon by addin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0031
+CVE-2000-0031 (The initscripts package in Red Hat Linux allows local users to gain pr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0030
+CVE-2000-0030 (Solaris dmispd dmi_cmd allows local users to fill up restricted disk s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0029
+CVE-2000-0029 (UnixWare pis and mkpis commands allow local users to gain privileges v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0027
+CVE-2000-0027 (IBM Network Station Manager NetStation allows local users to gain priv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0026
+CVE-2000-0026 (Buffer overflow in UnixWare i2odialogd daemon allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0025
+CVE-2000-0025 (IIS 4.0 and Site Server 3.0 allow remote attackers to read source code ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0024
+CVE-2000-0024 (IIS does not properly canonicalize URLs, potentially allowing remote a ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0023
+CVE-2000-0023 (Buffer overflow in Lotus Domino HTTP server allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0022
+CVE-2000-0022 (Lotus Domino HTTP server does not properly disable anonymous access fo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0020
+CVE-2000-0020 (DNS PRO allows remote attackers to conduct a denial of service via a l ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0018
+CVE-2000-0018 (wmmon in FreeBSD allows local users to gain privileges via the .wmmonr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0015
+CVE-2000-0015 (CascadeView TFTP server allows local users to gain privileges via a sy ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0014
+CVE-2000-0014 (Denial of service in Savant web server via a null character in the req ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0013
+CVE-2000-0013 (IRIX soundplayer program allows local users to gain privileges by incl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0012
+CVE-2000-0012 (Buffer overflow in w3-msql CGI program in miniSQL package allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0011
+CVE-2000-0011 (Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0010
+CVE-2000-0010 (WebWho+ whois.cgi program allows remote attackers to execute commands  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0009
+CVE-2000-0009 (The bna_pass program in Optivity NETarchitect uses the PATH environmen ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0007
+CVE-2000-0007 (Trend Micro PC-Cillin does not restrict access to its internal proxy p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0006
+CVE-2000-0006 (strace allows local users to read arbitrary files via memory mapped fi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0004
+CVE-2000-0004 (ZBServer Pro allows remote attackers to read source code for executabl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0003
+CVE-2000-0003 (Buffer overflow in UnixWare rtpm program allows local users to gain pr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0002
+CVE-2000-0002 (Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0001
+CVE-2000-0001 (RealMedia server allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1214
+CVE-2000-1214 (Buffer overflows in the (1) outpack or (2) buf variables of ping in ip ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1213
+CVE-2000-1213 (ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1209
+CVE-2000-1209 (The "sa" account is installed with a default null password on (1) Micr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1208
+CVE-2000-1208 (Format string vulnerability in startprinting() function of printjob.c  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1207
+CVE-2000-1207 (userhelper in the usermode package on Red Hat Linux executes non-setui ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1206
+CVE-2000-1206 (Vulnerability in Apache httpd before 1.3.11, when configured for mass  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1205
+CVE-2000-1205 (Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 al ...)
 	- apache 1.3.11 (unimportant)
 	NOTE: only an example script /usr/share/doc/apache-common/examples/
-CVE-2000-1204
+CVE-2000-1204 (Vulnerability in the mod_vhost_alias virtual hosting module for Apache ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1202
+CVE-2000-1202 (ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1201
+CVE-2000-1201 (Check Point FireWall-1 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1199
+CVE-2000-1199 (PostgreSQL stores usernames and passwords in plaintext in (1) pg_shado ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1198
+CVE-2000-1198 (qpopper POP server creates lock files with predictable names, which al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1197
+CVE-2000-1197 (POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and oth ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1194
+CVE-2000-1194 (Argosoft FRP server 1.0 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1192
+CVE-2000-1192 (Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1191
+CVE-2000-1191 (htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1188
+CVE-2000-1188 (Directory traversal vulnerability in Quikstore shopping cart program a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1186
+CVE-2000-1186 (Buffer overflow in phf CGI program allows remote attackers to execute  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1185
+CVE-2000-1185 (The telnet proxy in RideWay PN proxy server allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1183
+CVE-2000-1183 (Buffer overflow in socks5 server on Linux allows attackers to execute  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1177
+CVE-2000-1177 (bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1176
+CVE-2000-1176 (Directory traversal vulnerability in YaBB search.pl CGI script allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1175
+CVE-2000-1175 (Buffer overflow in Koules 1.4 allows local users to execute arbitrary  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1173
+CVE-2000-1173 (Microsys CyberPatrol uses weak encryption (trivial encoding) for credi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1172
+CVE-2000-1172 (Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1168
+CVE-2000-1168 (IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1161
+CVE-2000-1161 (The installation of AdCycle banner management system leaves the build. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1160
+CVE-2000-1160 (NAI Sniffer Agent allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1159
+CVE-2000-1159 (NAI Sniffer Agent allows remote attackers to gain privileges on the ag ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1158
+CVE-2000-1158 (NAI Sniffer Agent uses base64 encoding for authentication, which allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1157
+CVE-2000-1157 (Buffer overflow in NAI Sniffer Agent allows remote attackers to execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1156
+CVE-2000-1156 (StarOffice 5.2 follows symlinks and sets world-readable permissions fo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1155
+CVE-2000-1155 (RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1154
+CVE-2000-1154 (RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1153
+CVE-2000-1153 (PostMaster 1.0 in BeOS r5 pro and earlier allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1152
+CVE-2000-1152 (Browser IRC client in BeOS r5 pro and earlier allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1151
+CVE-2000-1151 (Baxter IRC client in BeOS r5 pro and earlier allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1150
+CVE-2000-1150 (Felix IRC client in BeOS r5 pro and earlier allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1147
+CVE-2000-1147 (Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers t ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1138
+CVE-2000-1138 (Lotus Notes R5 client R5.0.5 and earlier does not properly warn users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1134
+CVE-2000-1134 (Multiple shell programs on various Unix systems, including (1) tcsh, ( ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1133
+CVE-2000-1133 (Authentix Authentix100 allows remote attackers to bypass authenticatio ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1130
+CVE-2000-1130 (McAfee WebShield SMTP 4.5 allows remote attackers to bypass email cont ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1129
+CVE-2000-1129 (McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1128
+CVE-2000-1128 (The default configuration of McAfee VirusScan 4.5 does not quote the I ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1127
+CVE-2000-1127 (registrar in the HP resource monitor service allows local users to rea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1126
+CVE-2000-1126 (Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1125
+CVE-2000-1125 (restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname sp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1118
+CVE-2000-1118 (24Link 1.06 web server allows remote attackers to bypass access restri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1117
+CVE-2000-1117 (The Extended Control List (ECL) feature of the Java Virtual Machine (J ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1116
+CVE-2000-1116 (Buffer overflow in TransSoft Broker FTP Server before 4.3.0.1 allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1114
+CVE-2000-1114 (Unify ServletExec AS v3.0C allows remote attackers to read source code ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1110
+CVE-2000-1110 (document.d2w CGI program in the IBM Net.Data db2www package allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1105
+CVE-2000-1105 (The ixsso.query ActiveX Object is marked as safe for scripting, which  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1104
+CVE-2000-1104 (Variant of the "IIS Cross-Site Scripting" vulnerability as originally  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1103
+CVE-2000-1103 (rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before exe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1102
+CVE-2000-1102 (PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1100
+CVE-2000-1100 (The default configuration for PostACI webmail system installs the /inc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1098
+CVE-2000-1098 (The web server for the SonicWALL SOHO firewall allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1093
+CVE-2000-1093 (Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1092
+CVE-2000-1092 (loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1090
+CVE-2000-1090 (Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1088
+CVE-2000-1088 (The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Se ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1087
+CVE-2000-1087 (The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL S ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1086
+CVE-2000-1086 (The xp_printstatements function in Microsoft SQL Server 2000 and SQL S ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1085
+CVE-2000-1085 (The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1084
+CVE-2000-1084 (The xp_updatecolvbm function in SQL Server and Microsoft SQL Server De ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1083
+CVE-2000-1083 (The xp_showcolv function in SQL Server and Microsoft SQL Server Deskto ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1082
+CVE-2000-1082 (The xp_enumresultset function in SQL Server and Microsoft SQL Server D ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1081
+CVE-2000-1081 (The xp_displayparamstmt function in SQL Server and Microsoft SQL Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-1079
+CVE-2000-1079 (Interactions between the CIFS Browser Protocol and NetBIOS as implemen ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1078
+CVE-2000-1078 (ICQ Web Front HTTPd allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1076
+CVE-2000-1076 (Netscape (iPlanet) Certificate Management System 4.2 and Directory Ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1066
+CVE-2000-1066 (The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly ot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1065
+CVE-2000-1065 (Vulnerability in IP implementation of HP JetDirect printer card Firmwa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1064
+CVE-2000-1064 (Buffer overflow in the LPD service in HP JetDirect printer card Firmwa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1063
+CVE-2000-1063 (Buffer overflow in the Telnet service in HP JetDirect printer card Fir ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1062
+CVE-2000-1062 (Buffer overflow in the FTP service in HP JetDirect printer card Firmwa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1053
+CVE-2000-1053 (Allaire JRun 2.3.3 server allows remote attackers to compile and execu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1052
+CVE-2000-1052 (Allaire JRun 2.3 server allows remote attackers to obtain source code  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1048
+CVE-2000-1048 (Directory traversal vulnerability in the logfile service of Wingate 4. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1046
+CVE-2000-1046 (Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1039
+CVE-2000-1039 (Various TCP/IP stacks and network applications allow remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1037
+CVE-2000-1037 (Check Point Firewall-1 session agent 3.0 through 4.1 generates differe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1035
+CVE-2000-1035 (Buffer overflows in TYPSoft FTP Server 0.78 and earlier allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1033
+CVE-2000-1033 (Serv-U FTP Server allows remote attackers to bypass its anti-hammering ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1030
+CVE-2000-1030 (CS&amp;T CorporateTime for the Web returns different error messages fo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1029
+CVE-2000-1029 (Buffer overflow in host command allows a remote attacker to execute ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1028
+CVE-2000-1028 (Buffer overflow in cu program in HP-UX 11.0 may allow local users to g ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1025
+CVE-2000-1025 (eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1023
+CVE-2000-1023 (The Alabanza Control Panel does not require passwords to access admini ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1021
+CVE-2000-1021 (Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1020
+CVE-2000-1020 (Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1017
+CVE-2000-1017 (Webteachers Webdata allows remote attackers with valid Webdata account ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1015
+CVE-2000-1015 (The default configuration of Slashcode before version 2.0 Alpha has a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1013
+CVE-2000-1013 (The setlocale function in FreeBSD 5.0 and earlier, and possibly other  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1012
+CVE-2000-1012 (The catopen function in FreeBSD 5.0 and earlier, and possibly other OS ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1009
+CVE-2000-1009 (dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH env ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-1008
+CVE-2000-1008 (PalmOS 3.5.2 and earlier uses weak encryption to store the user passwo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0999
+CVE-2000-0999 (Format string vulnerabilities in OpenBSD ssh program (and possibly oth ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0998
+CVE-2000-0998 (Format string vulnerability in top program allows local attackers to g ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0997
+CVE-2000-0997 (Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, an ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0988
+CVE-2000-0988 (WinU 1.0 through 5.1 has a backdoor password that allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0987
+CVE-2000-0987 (Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0986
+CVE-2000-0986 (Buffer overflow in Oracle 8.1.5 applications such as names, namesctl,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0985
+CVE-2000-0985 (Buffer overflow in All-Mail 1.1 allows remote attackers to execute arb ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0971
+CVE-2000-0971 (Avirt Mail 4.0 and 4.2 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0963
+CVE-2000-0963 (Buffer overflow in ncurses library allows local users to execute arbit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0955
+CVE-2000-0955 (Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to sto ...)
 	NOT-FOR-US: Cisco
-CVE-2000-0954
+CVE-2000-0954 (Shambala Server 4.5 stores passwords in plaintext, which could allow l ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0950
+CVE-2000-0950 (Format string vulnerability in x-gw in TIS Firewall Toolkit (FWTK) all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0940
+CVE-2000-0940 (Directory traversal vulnerability in Metertek pagelog.cgi allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0939
+CVE-2000-0939 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0931
+CVE-2000-0931 (Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0918
+CVE-2000-0918 (Format string vulnerability in kvt in KDE 1.1.2 may allow local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0916
+CVE-2000-0916 (FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0907
+CVE-2000-0907 (EServ 2.92 Build 2982 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0906
+CVE-2000-0906 (Directory traversal vulnerability in Moreover.com cached_feed.cgi scri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0905
+CVE-2000-0905 (QNX Embedded Resource Manager in Voyager web server 2.01B in the demo  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0904
+CVE-2000-0904 (Voyager web server 2.01B in the demo disks for QNX 405 stores sensitiv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0903
+CVE-2000-0903 (Directory traversal vulnerability in Voyager web server 2.01B in the d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0902
+CVE-2000-0902 (getalbum.php in PhotoAlbum before 0.9.9 allows remote attackers to rea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0899
+CVE-2000-0899 (Small HTTP Server 2.01 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0898
+CVE-2000-0898 (Small HTTP Server 2.01 does not properly process Server Side Includes  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0893
+CVE-2000-0893 (The presence of the Distributed GL Daemon (dgld) service on port 5232  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0889
+CVE-2000-0889 (Two Sun security certificates have been compromised, which could allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0885
+CVE-2000-0885 (Buffer overflows in Microsoft Network Monitor (Netmon) allow remote at ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0882
+CVE-2000-0882 (Intel Express 500 series switches allow a remote attacker to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0881
+CVE-2000-0881 (The dccscan setuid program in LPPlus does not properly check if the us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0880
+CVE-2000-0880 (LPPlus creates the lpdprocess file with world-writeable permissions, w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0879
+CVE-2000-0879 (LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0872
+CVE-2000-0872 (explorer.php in PhotoAlbum 0.9.9 allows remote attackers to read arbit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0866
+CVE-2000-0866 (Interbase 6 SuperServer for Linux allows an attacker to cause a denial ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0857
+CVE-2000-0857 (The logging capability in muh 2.05d IRC server does not properly clean ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0855
+CVE-2000-0855 (SunFTP build 9(1) allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0845
+CVE-2000-0845 (kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0843
+CVE-2000-0843 (Buffer overflow in pam_smb and pam_ntdom pluggable authentication modu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0842
+CVE-2000-0842 (The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0841
+CVE-2000-0841 (Buffer overflow in XMail POP3 server before version 0.59 allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0840
+CVE-2000-0840 (Buffer overflow in XMail POP3 server before version 0.59 allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0836
+CVE-2000-0836 (Buffer overflow in CamShot WebCam Trial2.6 allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0835
+CVE-2000-0835 (search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0833
+CVE-2000-0833 (Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0832
+CVE-2000-0832 (Htgrep CGI program allows remote attackers to read arbitrary files by  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0831
+CVE-2000-0831 (Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0828
+CVE-2000-0828 (Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Interne ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0827
+CVE-2000-0827 (Buffer overflow in the web authorization form of Mobius DocumentDirect ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0826
+CVE-2000-0826 (Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0817
+CVE-2000-0817 (Buffer overflow in the HTTP protocol parser for Microsoft Network Moni ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0812
+CVE-2000-0812 (The administration module in Sun Java web server allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0802
+CVE-2000-0802 (The BAIR program does not properly restrict access to the Internet Exp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0801
+CVE-2000-0801 (Buffer overflow in bdf program in HP-UX 11.00 may allow local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0800
+CVE-2000-0800 (String parsing error in rpc.kstatd in the linuxnfs or knfsd packages i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0798
+CVE-2000-0798 (The truncate function in IRIX 6.x does not properly check for privileg ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0794
+CVE-2000-0794 (Buffer overflow in IRIX libgl.so library allows local users to gain ro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0793
+CVE-2000-0793 (Norton AntiVirus 5.00.01C with the Novell Netware client does not prop ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0791
+CVE-2000-0791 (Trustix installs the httpsd program for Apache-SSL with world-writeabl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0789
+CVE-2000-0789 (WinU 5.x and earlier uses weak encryption to store its configuration p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0785
+CVE-2000-0785 (WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0784
+CVE-2000-0784 (sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-code ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0775
+CVE-2000-0775 (Buffer overflow in RobTex Viking server earlier than 1.06-370 allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0774
+CVE-2000-0774 (The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0772
+CVE-2000-0772 (The installation of Tumbleweed Messaging Management System (MMS) 4.6 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0769
+CVE-2000-0769 (O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with exec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0760
+CVE-2000-0760 (The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0759
+CVE-2000-0759 (Jakarta Tomcat 3.1 under Apache reveals physical path information when ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0757
+CVE-2000-0757 (The sysgen service in Aptis Totalbill does not perform authentication, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0756
+CVE-2000-0756 (Microsoft Outlook 2000 does not properly process long or malformed fie ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0755
+CVE-2000-0755 (Vulnerability in the newgrp command in HP-UX 11.00 allows local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0752
+CVE-2000-0752 (Buffer overflows in brouted in FreeBSD and possibly other OSes allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0748
+CVE-2000-0748 (OpenLDAP 1.2.11 and earlier improperly installs the ud binary with gro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0746
+CVE-2000-0746 (Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cro ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0736
+CVE-2000-0736 (Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0735
+CVE-2000-0735 (Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0734
+CVE-2000-0734 (eEye IRIS 1.01 beta allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0724
+CVE-2000-0724 (The go-gnome Helix GNOME pre-installer allows local users to overwrite ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0723
+CVE-2000-0723 (Helix GNOME Updater helix-update 0.5 and earlier does not properly cre ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0722
+CVE-2000-0722 (Helix GNOME Updater helix-update 0.5 and earlier allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0721
+CVE-2000-0721 (The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip pack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0719
+CVE-2000-0719 (VariCAD 7.0 is installed with world-writeable files, which allows loca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0715
+CVE-2000-0715 (DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0714
+CVE-2000-0714 (umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0713
+CVE-2000-0713 (Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0710
+CVE-2000-0710 (The shtml.exe component of Microsoft FrontPage 2000 Server Extensions  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0709
+CVE-2000-0709 (The shtml.exe component of Microsoft FrontPage 2000 Server Extensions  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0704
+CVE-2000-0704 (Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0701
+CVE-2000-0701 (The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0697
+CVE-2000-0697 (The administration interface for the dwhttpd web server in Solaris Ans ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0696
+CVE-2000-0696 (The administration interface for the dwhttpd web server in Solaris Ans ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0695
+CVE-2000-0695 (Buffer overflows in pgxconfig in the Raptor GFX configuration tool all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0692
+CVE-2000-0692 (ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a deni ...)
 	- kdebase 4:2.2.2-14.6
-CVE-2000-0691
+CVE-2000-0691 (The faxrunq and faxrunqd in the mgetty package allows local users to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0690
+CVE-2000-0690 (Auction Weaver CGI script 1.02 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0689
+CVE-2000-0689 (Account Manager LITE does not properly authenticate attempts to change ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0688
+CVE-2000-0688 (Subscribe Me LITE does not properly authenticate attempts to change th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0687
+CVE-2000-0687 (Auction Weaver CGI script 1.03 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0686
+CVE-2000-0686 (Auction Weaver CGI script 1.03 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0680
+CVE-2000-0680 (The CVS 1.10.8 server does not properly restrict users from creating a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0667
+CVE-2000-0667 (Vulnerability in gpm in Caldera Linux allows local users to delete arb ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0659
+CVE-2000-0659 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0658
+CVE-2000-0658 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0657
+CVE-2000-0657 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0656
+CVE-2000-0656 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0653
+CVE-2000-0653 (Microsoft Outlook Express allows remote attackers to monitor a user's  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0649
+CVE-2000-0649 (IIS 4.0 allows remote attackers to obtain the internal IP address of t ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0648
+CVE-2000-0648 (WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0647
+CVE-2000-0647 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0646
+CVE-2000-0646 (WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0645
+CVE-2000-0645 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0629
+CVE-2000-0629 (The default configuration of the Sun Java web server 2.0 and earlier a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0626
+CVE-2000-0626 (Buffer overflow in Alibaba web server allows remote attackers to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0625
+CVE-2000-0625 (NetZero 3.0 and earlier uses weak encryption for storing a user's logi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0623
+CVE-2000-0623 (Buffer overflow in O'Reilly WebSite Professional web server 2.4 and ea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0618
+CVE-2000-0618 (Buffer overflow in xconq and cconq game programs on Red Hat Linux allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0617
+CVE-2000-0617 (Buffer overflow in xconq and cconq game programs on Red Hat Linux allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0614
+CVE-2000-0614 (Tnef program in Linux systems allows remote attackers to overwrite arb ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0612
+CVE-2000-0612 (Windows 95 and Windows 98 do not properly process spoofed ARP packets, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0609
+CVE-2000-0609 (NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0608
+CVE-2000-0608 (NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0607
+CVE-2000-0607 (Buffer overflow in fld program in Kanji on Console (KON) package on Li ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0606
+CVE-2000-0606 (Buffer overflow in kon program in Kanji on Console (KON) package on Li ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0605
+CVE-2000-0605 (Blackboard CourseInfo 4.0 stores the local and SQL administrator user  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0592
+CVE-2000-0592 (Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0589
+CVE-2000-0589 (SawMill 5.0.21 uses weak encryption to store passwords, which allows a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0580
+CVE-2000-0580 (Windows 2000 Server allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0578
+CVE-2000-0578 (SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0574
+CVE-2000-0574 (FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0572
+CVE-2000-0572 (The Razor configuration management tool uses weak encryption for its p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0564
+CVE-2000-0564 (The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0563
+CVE-2000-0563 (The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0562
+CVE-2000-0562 (BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0559
+CVE-2000-0559 (eTrust Intrusion Detection System (formerly SessionWall-3) uses weak e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0554
+CVE-2000-0554 (Ceilidh allows remote attackers to obtain the real path of the Ceilidh ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0547
+CVE-2000-0547 (Buffer overflow in Kerberos 4 KDC program allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0546
+CVE-2000-0546 (Buffer overflow in Kerberos 4 KDC program allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0545
+CVE-2000-0545 (Buffer overflow in mailx mail command (aka Mail) on Linux systems allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0544
+CVE-2000-0544 (Windows NT and Windows 2000 hosts allow a remote attacker to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0543
+CVE-2000-0543 (The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0535
+CVE-2000-0535 (OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0531
+CVE-2000-0531 (Linux gpm program allows local users to cause a denial of service by f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0527
+CVE-2000-0527 (userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0526
+CVE-2000-0526 (mailview.cgi CGI program in MailStudio 2000 2.0 and earlier allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0524
+CVE-2000-0524 (Microsoft Outlook and Outlook Express allow remote attackers to cause  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0520
+CVE-2000-0520 (Buffer overflow in restore program 0.4b17 and earlier in dump package  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0509
+CVE-2000-0509 (Buffer overflows in the finger and whois demonstration scripts in Samb ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0503
+CVE-2000-0503 (The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0492
+CVE-2000-0492 (PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0491
+CVE-2000-0491 (Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0487
+CVE-2000-0487 (The Protected Store in Windows 2000 does not properly select the stron ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0480
+CVE-2000-0480 (Dragon telnet server allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0479
+CVE-2000-0479 (Dragon FTP server allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0476
+CVE-2000-0476 (xterm, Eterm, and rxvt allow an attacker to cause a denial of service  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0473
+CVE-2000-0473 (Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0450
+CVE-2000-0450 (Vulnerability in bbd server in Big Brother System and Network Monitor  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0449
+CVE-2000-0449 (Omnis Studio 2.4 uses weak encryption (trivial encoding) for encryptin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0444
+CVE-2000-0444 (HP Web JetAdmin 6.0 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0434
+CVE-2000-0434 (The administrative password for the Allmanage web site administration  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0433
+CVE-2000-0433 (The SuSE aaa_base package installs some system accounts with home dire ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0429
+CVE-2000-0429 (A backdoor password in Cart32 3.0 and earlier allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0423
+CVE-2000-0423 (Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0422
+CVE-2000-0422 (Buffer overflow in Netwin DMailWeb CGI program allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0420
+CVE-2000-0420 (The default configuration of SYSKEY in Windows 2000 stores the startup ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0415
+CVE-2000-0415 (Buffer overflow in Outlook Express 4.x allows attackers to cause a den ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0413
+CVE-2000-0413 (The shtml.exe program in the FrontPage extensions package of IIS 4.0 a ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0412
+CVE-2000-0412 (The gnapster and knapster clients for Napster do not properly restrict ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0401
+CVE-2000-0401 (Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0400
+CVE-2000-0400 (The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0386
+CVE-2000-0386 (FileMaker Pro 5 Web Companion allows remote attackers to send anonymou ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0385
+CVE-2000-0385 (FileMaker Pro 5 Web Companion allows remote attackers to bypass Field- ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0384
+CVE-2000-0384 (NetStructure 7110 and 7180 have undocumented accounts (servnow, root,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0383
+CVE-2000-0383 (The file transfer component of AOL Instant Messenger (AIM) reveals the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0365
+CVE-2000-0365 (Red Hat Linux 6.0 installs the /dev/pts file system with insecure mode ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0364
+CVE-2000-0364 (screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0358
+CVE-2000-0358 (ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0357
+CVE-2000-0357 (ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random n ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0355
+CVE-2000-0355 (pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0345
+CVE-2000-0345 (The on-line help system options in Cisco routers allows non-privileged ...)
 	NOT-FOR-US: Cisco
-CVE-2000-0343
+CVE-2000-0343 (Buffer overflow in Sniffit 0.3.x with the -L logging option enabled al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0333
+CVE-2000-0333 (tcpdump, Ethereal, and other sniffer packages allow remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0326
+CVE-2000-0326 (Meeting Maker uses weak encryption (a polyalphabetic substitution ciph ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0325
+CVE-2000-0325 (The Microsoft Jet database engine allows an attacker to execute comman ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0321
+CVE-2000-0321 (Buffer overflow in IC Radius package allows a remote attacker to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0317
+CVE-2000-0317 (Buffer overflow in Solaris 7 lpset allows local users to gain root pri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0312
+CVE-2000-0312 (cron in OpenBSD 2.5 allows local users to gain root privileges via an  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0300
+CVE-2000-0300 (The default encryption method of PcAnywhere 9.x uses weak encryption,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0299
+CVE-2000-0299 (Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 pack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0295
+CVE-2000-0295 (Buffer overflow in LCDproc allows remote attackers to gain root privil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0293
+CVE-2000-0293 (aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0291
+CVE-2000-0291 (Buffer overflow in Star Office 5.1 allows attackers to cause a denial  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0288
+CVE-2000-0288 (Infonautics getdoc.cgi allows remote attackers to bypass the payment p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0286
+CVE-2000-0286 (X fontserver xfs allows local users to cause a denial of service via m ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0284
+CVE-2000-0284 (Buffer overflow in University of Washington imapd version 4.7 allows u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0281
+CVE-2000-0281 (Buffer overflow in the Napster client beta 5 allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0280
+CVE-2000-0280 (Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0275
+CVE-2000-0275 (CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0271
+CVE-2000-0271 (read-passwd and other Lisp functions in Emacs 20 do not properly clear ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0270
+CVE-2000-0270 (The make-temp-name Lisp function in Emacs 20 creates temporary files w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0269
+CVE-2000-0269 (Emacs 20 does not properly set permissions for a slave PTY device when ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0266
+CVE-2000-0266 (Internet Explorer 5.01 allows remote attackers to bypass the cross fra ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0259
+CVE-2000-0259 (The default permissions for the Cryptography\Offload registry key used ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0256
+CVE-2000-0256 (Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 9 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0250
+CVE-2000-0250 (The crypt function in QNX uses weak encryption, which allows local use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0248
+CVE-2000-0248 (The web GUI for the Linux Virtual Server (LVS) software in the Red Hat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0244
+CVE-2000-0244 (The Citrix ICA (Independent Computing Architecture) protocol uses weak ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0242
+CVE-2000-0242 (WindMail allows remote attackers to read arbitrary files or execute co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0241
+CVE-2000-0241 (vqSoft vqServer stores sensitive information such as passwords in clea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0239
+CVE-2000-0239 (Buffer overflow in the MERCUR WebView WebMail server allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0227
+CVE-2000-0227 (The Linux 2.2.x kernel does not restrict the number of Unix domain soc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0220
+CVE-2000-0220 (ZoneAlarm sends sensitive system and network information in cleartext  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0219
+CVE-2000-0219 (Red Hat 6.0 allows local users to gain root access by booting single u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0216
+CVE-2000-0216 (Microsoft email clients in Outlook, Exchange, and Windows Messaging au ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0214
+CVE-2000-0214 (FTP Explorer uses weak encryption for storing the username, password,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0213
+CVE-2000-0213 (The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the C ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0205
+CVE-2000-0205 (Trend Micro OfficeScan allows remote attackers to replay administrativ ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0204
+CVE-2000-0204 (The Trend Micro OfficeScan client allows remote attackers to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0203
+CVE-2000-0203 (The Trend Micro OfficeScan client tmlisten.exe allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0199
+CVE-2000-0199 (When a new SQL Server is registered in Enterprise Manager for Microsof ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0198
+CVE-2000-0198 (Buffer overflow in POP3 and IMAP servers in the MERCUR mail server sui ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0197
+CVE-2000-0197 (The Windows NT scheduler uses the drive mapping of the interactive use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0190
+CVE-2000-0190 (AOL Instant Messenger (AIM) client allows remote attackers to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0188
+CVE-2000-0188 (EZShopper 3.0 search.cgi CGI script allows remote attackers to read ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0187
+CVE-2000-0187 (EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0177
+CVE-2000-0177 (DNSTools CGI applications allow remote attackers to execute arbitrary  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0176
+CVE-2000-0176 (The default configuration of Serv-U 2.5d and earlier allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0173
+CVE-2000-0173 (Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0167
+CVE-2000-0167 (IIS Inetinfo.exe allows local users to cause a denial of service by cr ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0163
+CVE-2000-0163 (asmon and ascpu in FreeBSD allow local users to gain root privileges v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0160
+CVE-2000-0160 (The Microsoft Active Setup ActiveX component in Internet Explorer 4.x  ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0158
+CVE-2000-0158 (Buffer overflow in MMDF server allows remote attackers to gain privile ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0155
+CVE-2000-0155 (Windows NT Autorun executes the autorun.inf file on non-removable medi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0154
+CVE-2000-0154 (The ARCserve agent in UnixWare allows local attackers to modify arbitr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0153
+CVE-2000-0153 (FrontPage Personal Web Server (PWS) allows remote attackers to read fi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0151
+CVE-2000-0151 (GNU make follows symlinks when it reads a Makefile from stdin, which a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0147
+CVE-2000-0147 (snmpd in SCO OpenServer has an SNMP community string that is writable  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0143
+CVE-2000-0143 (The SSH protocol server sshd allows local users without shell access t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0142
+CVE-2000-0142 (The authentication protocol in Timbuktu Pro 2.0b650 allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0138
+CVE-2000-0138 (A system has a distributed denial of service (DDOS) attack master, age ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0137
+CVE-2000-0137 (The CartIt shopping cart application allows remote users to modify sen ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0136
+CVE-2000-0136 (The Cart32 shopping cart application allows remote users to modify sen ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0135
+CVE-2000-0135 (The @Retail shopping cart application allows remote users to modify se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0134
+CVE-2000-0134 (The Check It Out shopping cart application allows remote users to modi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0133
+CVE-2000-0133 (Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0132
+CVE-2000-0132 (Microsoft Java Virtual Machine allows remote attackers to read files v ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0129
+CVE-2000-0129 (Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0126
+CVE-2000-0126 (Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote a ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0125
+CVE-2000-0125 (wwwthreads does not properly cleanse numeric data or table names that  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0124
+CVE-2000-0124 (surfCONTROL SuperScout does not properly asign a category to web sites ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0123
+CVE-2000-0123 (The shopping cart application provided with Filemaker allows remote us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0122
+CVE-2000-0122 (Frontpage Server Extensions allows remote attackers to determine the p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0119
+CVE-2000-0119 (The default configurations for McAfee Virus Scan and Norton Anti-Virus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0118
+CVE-2000-0118 (The Red Hat Linux su program does not log failed password guesses if t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0115
+CVE-2000-0115 (IIS allows local users to cause a denial of service via invalid regula ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0114
+CVE-2000-0114 (Frontpage Server Extensions allows remote attackers to determine the n ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0110
+CVE-2000-0110 (The WebSiteTool shopping cart application allows remote users to modif ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0109
+CVE-2000-0109 (The mcsp Client Site Processor system (MultiCSP) in Standard and Poor' ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0108
+CVE-2000-0108 (The Intellivend shopping cart application allows remote users to modif ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0106
+CVE-2000-0106 (The EasyCart shopping cart application allows remote users to modify s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0105
+CVE-2000-0105 (Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0104
+CVE-2000-0104 (The Shoptron shopping cart application allows remote users to modify s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0103
+CVE-2000-0103 (The SmartCart shopping cart application allows remote users to modify  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0102
+CVE-2000-0102 (The SalesCart shopping cart application allows remote users to modify  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0101
+CVE-2000-0101 (The Make-a-Store OrderPage shopping cart application allows remote use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0096
+CVE-2000-0096 (Buffer overflow in qpopper 3.0 beta versions allows local users to gai ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0093
+CVE-2000-0093 (An installation of Red Hat uses DES password encryption with crypt() f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0086
+CVE-2000-0086 (Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0085
+CVE-2000-0085 (Hotmail does not properly filter JavaScript code from a user's mailbox ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0084
+CVE-2000-0084 (CuteFTP uses weak encryption to store password information in its tree ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0082
+CVE-2000-0082 (WebTV email client allows remote attackers to force the client to send ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0081
+CVE-2000-0081 (Hotmail does not properly filter JavaScript code from a user's mailbox ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0079
+CVE-2000-0079 (The W3C CERN httpd HTTP server allows remote attackers to determine th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0078
+CVE-2000-0078 (The June 1999 version of the HP-UX aserver program allows local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0077
+CVE-2000-0077 (The October 1998 version of the HP-UX aserver program allows local use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0074
+CVE-2000-0074 (PowerScripts PlusMail CGI program allows remote attackers to execute c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0071
+CVE-2000-0071 (IIS 4.0 allows a remote attacker to obtain the real pathname of the do ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0069
+CVE-2000-0069 (The recover program in Solstice Backup allows local users to restore s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0068
+CVE-2000-0068 (daynad program in Intel InBusiness E-mail Station does not require aut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0067
+CVE-2000-0067 (CyberCash Merchant Connection Kit (MCK) allows local users to modify f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0066
+CVE-2000-0066 (WebSite Pro allows remote attackers to determine the real pathname of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0061
+CVE-2000-0061 (Internet Explorer 5 does not modify the security zone for a document t ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0059
+CVE-2000-0059 (PHP3 with safe_mode enabled does not properly filter shell metacharact ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0058
+CVE-2000-0058 (Network HotSync program in Handspring Visor does not have authenticati ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0055
+CVE-2000-0055 (Buffer overflow in Solaris chkperm command allows local users to gain  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0054
+CVE-2000-0054 (search.cgi in the SolutionScripts Home Free package allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0049
+CVE-2000-0049 (Buffer overflow in Winamp client allows remote attackers to execute co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0047
+CVE-2000-0047 (Buffer overflow in Yahoo Pager/Messenger client allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0046
+CVE-2000-0046 (Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0038
+CVE-2000-0038 (glFtpD includes a default glftpd user account with a default password  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0035
+CVE-2000-0035 (resend command in Majordomo allows local users to gain privileges via  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0028
+CVE-2000-0028 (Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the c ...)
 	NOT-FOR-US: Microsoft
-CVE-2000-0021
+CVE-2000-0021 (Lotus Domino HTTP server allows remote attackers to determine the real ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0019
+CVE-2000-0019 (IMail POP3 daemon uses weak encryption, which allows local users to re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0017
+CVE-2000-0017 (Buffer overflow in Linux linuxconf package allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0016
+CVE-2000-0016 (Buffer overflow in Internet Anywhere POP3 Mail Server allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0008
+CVE-2000-0008 (FTPPro allows local users to read sensitive information, which is stor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2000-0005
+CVE-2000-0005 (HP-UX aserver program allows local users to gain privileges via a syml ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
diff --git a/data/CVE/2001.list b/data/CVE/2001.list
index b75082f2be..aa21f783f1 100644
--- a/data/CVE/2001.list
+++ b/data/CVE/2001.list
@@ -1,6 +1,6 @@
-CVE-2001-1594
+CVE-2001-1594 (GE Healthcare eNTEGRA P&amp;R has a password of (1) entegra for the en ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1593
+CVE-2001-1593 (The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlie ...)
 	{DSA-2892-1}
 	- a2ps 1:4.14-1.2 (low; bug #737385)
 CVE-2001-1592
@@ -13,2312 +13,2312 @@ CVE-2001-1589
 	RESERVED
 CVE-2001-1588
 	RESERVED
-CVE-2001-1587
+CVE-2001-1587 (NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows rem ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2001-1586
+CVE-2001-1586 (Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1585
+CVE-2001-1585 (SSH protocol 2 (aka SSH-2) public key authentication in the developmen ...)
 	- openssh <not-affected> (fixed in 2001)
-CVE-2001-1584
+CVE-2001-1584 (CardBoard 2.4 greeting card CGI by Michael Barretto allows remote atta ...)
 	NOT-FOR-US: CardBoard
-CVE-2001-1583
+CVE-2001-1583 (lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers t ...)
 	NOT-FOR-US: Solaris
-CVE-2001-1582
+CVE-2001-1582 (Buffer overflow in the LDAP naming services library (libsldap) in Sun  ...)
 	NOT-FOR-US: Solaris
-CVE-2001-1581
+CVE-2001-1581 (The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows ...)
 	NOT-FOR-US: MAILsweeper
 CVE-2001-XXXX [crypt++ passes passwords through the command line]
 	- crypt++el 2.91-2.1 (bug #105562; low)
 CVE-2001-XXXX [gnupg: inproper flagging of signatures as being local]
 	- gnupg 1.0.7-1 (bug #107374)
-CVE-2001-1580
+CVE-2001-1580 (Directory traversal vulnerability in ScriptEase viewcode.jse for Netwa ...)
 	NOT-FOR-US: ScriptEase
-CVE-2001-1579
+CVE-2001-1579 (The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not ...)
 	NOT-FOR-US: UnixWare/OpenUnix
-CVE-2001-1578
+CVE-2001-1578 (Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local ...)
 	NOT-FOR-US: SCO
-CVE-2001-1577
+CVE-2001-1577 (Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 ...)
 	NOT-FOR-US: CDE
-CVE-2001-1576
+CVE-2001-1576 (Buffer overflow in cron in Caldera UnixWare 7 allows local users to ex ...)
 	NOTE: insufficient info to check, but not same code base
-CVE-2001-1575
+CVE-2001-1575 (Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing ...)
 	NOT-FOR-US: Apple
-CVE-2001-1574
+CVE-2001-1574 (Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Tren ...)
 	NOT-FOR-US: Trend Micro InterScan VirusWall
-CVE-2001-1573
+CVE-2001-1573 (Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3. ...)
 	NOT-FOR-US: Trend Micro InterScan VirusWall
-CVE-2001-1572
+CVE-2001-1572 (The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when ...)
 	NOTE: presumably fixed in linux 2.4.12
-CVE-2001-1571
+CVE-2001-1571 (The Remote Desktop client in Windows XP sends the most recent user acc ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1570
+CVE-2001-1570 (Windows XP with fast user switching and account lockout enabled allows ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1569
+CVE-2001-1569 (Openwave WAP gateway does not verify the fully qualified domain name U ...)
 	NOT-FOR-US: Openwave WAP gateway
-CVE-2001-1568
+CVE-2001-1568 (CMG WAP gateway does not verify the fully qualified domain name URL wi ...)
 	NOT-FOR-US: CMG WAP gateway
-CVE-2001-1567
+CVE-2001-1567 (Lotus Domino server 5.0.9a and earlier allows remote attackers to bypa ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2001-1566
+CVE-2001-1566 (Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0. ...)
 	- vanessa-logger 0.0.2
-CVE-2001-1565
+CVE-2001-1565 (Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through ...)
 	NOT-FOR-US: MacOS
-CVE-2001-1564
+CVE-2001-1564 (setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11  ...)
 	NOT-FOR-US: HP-UX
-CVE-2001-1563
+CVE-2001-1563 (Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linu ...)
 	NOT-FOR-US: Tomcat 3.2.1 running on HP Secure OS
-CVE-2001-1562
+CVE-2001-1562 (Format string vulnerability in nvi before 1.79 allows local users to g ...)
 	- nvi 1.79-16a.1
 	NOTE: was DSA 085
-CVE-2001-1561
+CVE-2001-1561 (Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to e ...)
 	NOTE: DSA 082
 	- xvt 2.1-13
-CVE-2001-1560
+CVE-2001-1560 (Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and X ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1559
+CVE-2001-1559 (The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide ...)
 	NOT-FOR-US: OpenBSD
-CVE-2001-1558
+CVE-2001-1558 (Unknown vulnerability in IP defragmenter (frag2) in Snort before 1.8.3 ...)
 	- snort 1.8.3
-CVE-2001-1557
+CVE-2001-1557 (Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gai ...)
 	NOT-FOR-US: AIX
-CVE-2001-1556
+CVE-2001-1556 (The log files in Apache web server contain information directly suppli ...)
 	NOTE: documented issue in apache, unlikely to be changed
 	NOTE: see http://httpd.apache.org/docs/logs.html
-CVE-2001-1555
+CVE-2001-1555 (pt_chmod in Solaris 8 does not call fdetach to reset terminal privileg ...)
 	NOT-FOR-US: Solaris
-CVE-2001-1554
+CVE-2001-1554 (IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote  ...)
 	NOT-FOR-US: AIX
-CVE-2001-1553
+CVE-2001-1553 (Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, ...)
 	- setiathome <not-affected> (not suid in debian)
-CVE-2001-1552
+CVE-2001-1552 (ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1551
+CVE-2001-1551 (Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, whi ...)
 	NOTE: no info in CVE db about fix
-CVE-2001-1550
+CVE-2001-1550 (CentraOne 5.2 and Centra ASP with basic authentication enabled creates ...)
 	NOT-FOR-US: Centra
-CVE-2001-1549
+CVE-2001-1549 (Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filter ...)
 	NOT-FOR-US: Tiny Personal Firewall
-CVE-2001-1548
+CVE-2001-1548 (ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local u ...)
 	NOT-FOR-US: Tiny Personal Firewall
-CVE-2001-1547
+CVE-2001-1547 (Outlook Express 6.0, with "Do not allow attachments to be saved or ope ...)
 	NOT-FOR-US: Outlook
-CVE-2001-1546
+CVE-2001-1546 (Pathways Homecare 6.5 uses weak encryption for user names and password ...)
 	NOT-FOR-US: Pathways Homecare
-CVE-2001-1545
+CVE-2001-1545 (Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a. ...)
 	NOT-FOR-US: Macromedia JRun
-CVE-2001-1544
+CVE-2001-1544 (Directory traversal vulnerability in Macromedia JRun Web Server (JWS)  ...)
 	NOT-FOR-US: Macromedia JRun
-CVE-2001-1543
+CVE-2001-1543 (Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default  ...)
 	NOT-FOR-US: Axis network camera
-CVE-2001-1542
+CVE-2001-1542 (NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperl ...)
 	NOT-FOR-US: NAI WebShield SMTP
-CVE-2001-1541
+CVE-2001-1541 (Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3. ...)
 	NOT-FOR-US: BSDI UUCP
-CVE-2001-1540
+CVE-2001-1540 (IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: IPRoute router software
 	NOTE: This is not for iproute/iproute2.
 	NOTE: From Chris Gragsone's message on BUGTRAQ:
 	NOTE: "IPRoute, by David F. Mischler, is PC-based router software
 	NOTE: "for networks running the Internet Protocol (IP)."
-CVE-2001-1539
+CVE-2001-1539 (Stack consumption vulnerability in Internet Explorer The JavaScript se ...)
 	NOT-FOR-US: MSIE
-CVE-2001-1538
+CVE-2001-1538 (SpeedXess HA-120 DSL router has a default administrative password of " ...)
 	NOT-FOR-US: SpeedXess HA-120 DSL router
-CVE-2001-1537
+CVE-2001-1537 (The default "basic" security setting' in config.php for TWIG webmail 2 ...)
 	NOTE: current twig package seems to have secure cookies enabled
 	NOTE: still uses "basic" security setting.
-CVE-2001-1536
+CVE-2001-1536 (Autogalaxy stores usernames and passwords in cleartext in cookies, whi ...)
 	NOT-FOR-US: Autogalaxy
-CVE-2001-1535
+CVE-2001-1535 (Slashcode 2.0 creates new accounts with an 8-character random password ...)
 	- slash 2.2.6-8 (bug #328927; low)
 	[sarge] - slash <no-dsa> (Lack of a security feature, minor security problem)
-CVE-2001-1534
+CVE-2001-1534 (mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ...)
 	- apache <unfixed> (bug #328919; unimportant)
 	- apache2 <unfixed> (unimportant)
 	NOTE: Cookies are only used for invading user privacy,
 	NOTE: not for authentication, so apache and apache2 should be fine.
-CVE-2001-1533
+CVE-2001-1533 (** DISPUTED * Microsoft Internet Security and Acceleration (ISA) Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1532
+CVE-2001-1532 (WebX stores authentication information in the HTTP_REFERER variable, w ...)
 	NOT-FOR-US: WebX
-CVE-2001-1531
+CVE-2001-1531 (Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cau ...)
 	NOT-FOR-US: Claris Emailer
-CVE-2001-1530
+CVE-2001-1530 (run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-wri ...)
 	NOTE: verified current webmin is ok
-CVE-2001-1529
+CVE-2001-1529 (Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attac ...)
 	NOT-FOR-US: AIX
-CVE-2001-1528
+CVE-2001-1528 (AmTote International homebet program returns different error messages  ...)
 	NOT-FOR-US: AmTote International homebet
-CVE-2001-1527
+CVE-2001-1527 (easyNews 1.5 and earlier stores administration passwords in cleartext  ...)
 	NOT-FOR-US: easynews
-CVE-2001-1526
+CVE-2001-1526 (Cross-site scripting (XSS) vulnerability in the comments action in ind ...)
 	NOT-FOR-US: easynews
-CVE-2001-1525
+CVE-2001-1525 (Directory traversal vulnerability in the comments action in easyNews 1 ...)
 	NOT-FOR-US: easynews
-CVE-2001-1524
+CVE-2001-1524 (Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2001-1523
+CVE-2001-1523 (Cross-site scripting (XSS) vulnerability in the DMOZGateway module for ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2001-1522
+CVE-2001-1522 (Cross-site scripting (XSS) vulnerability in im.php in IMessenger for P ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2001-1521
+CVE-2001-1521 (Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64  ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2001-1520
+CVE-2001-1520 (Xircom REX 6000 allows local users to obtain the 10 digit PIN by start ...)
 	NOT-FOR-US: Xircom REX
-CVE-2001-1519
+CVE-2001-1519 (** DISPUTED ** RunAs (runas.exe) in Windows 2000 allows local users to ...)
 	NOT-FOR-US: RunAs
-CVE-2001-1518
+CVE-2001-1518 (RunAs (runas.exe) in Windows 2000 only creates one session instance at ...)
 	NOT-FOR-US: RunAs
-CVE-2001-1517
+CVE-2001-1517 (** DISPUTED ** RunAs (runas.exe) in Windows 2000 stores cleartext auth ...)
 	NOT-FOR-US: RunAs
-CVE-2001-1516
+CVE-2001-1516 (Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and ea ...)
 	NOT-FOR-US: phpReview
-CVE-2001-1515
+CVE-2001-1515 (Macintosh clients, when using NT file system volumes on Windows 2000 S ...)
 	NOT-FOR-US: Macintosh clients, when using NT file system volumes on Windows
-CVE-2001-1514
+CVE-2001-1514 (ColdFusion 4.5 and 5, when running on Windows with the advanced securi ...)
 	NOT-FOR-US: ColdFusion
-CVE-2001-1513
+CVE-2001-1513 (Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicat ...)
 	NOT-FOR-US: JRun
-CVE-2001-1512
+CVE-2001-1512 (Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to d ...)
 	NOT-FOR-US: JRun
-CVE-2001-1511
+CVE-2001-1511 (JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remot ...)
 	NOT-FOR-US: JRun
-CVE-2001-1510
+CVE-2001-1510 (Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, A ...)
 	NOT-FOR-US: JRun
-CVE-2001-1509
+CVE-2001-1509 (geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not p ...)
 	NOT-FOR-US: HP-UX
-CVE-2001-1508
+CVE-2001-1508 (Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows  ...)
 	- lprng <not-affected> (Not suid in Debian)
 	- cups <not-affected> (Not suid in Debian)
 	- cupsys <not-affected> (Not suid in Debian)
-CVE-2001-1507
+CVE-2001-1507 (OpenSSH before 3.0.1 with Kerberos V enabled does not properly authent ...)
 	- openssh 1:3.0.1
-CVE-2001-1506
+CVE-2001-1506 (Unknown vulnerability in the file system protection subsystem in HP Se ...)
 	NOT-FOR-US: HP Secure OS layer
-CVE-2001-1505
+CVE-2001-1505 (tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into u ...)
 	- tinc 1.0pre5-1
-CVE-2001-1504
+CVE-2001-1504 (Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: Lotus Notes
-CVE-2001-1503
+CVE-2001-1503 (The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS  ...)
 	NOT-FOR-US: Sun
-CVE-2001-1502
+CVE-2001-1502 (webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote atta ...)
 	NOT-FOR-US: WebCart
-CVE-2001-1501
+CVE-2001-1501 (The glob functionality in ProFTPD 1.2.1, and possibly other versions a ...)
 	NOTE: Fix went into proftpd CVS on 2002-12-12
 	- proftpd 1.2.8-1
-CVE-2001-1500
+CVE-2001-1500 (ProFTPD 1.2.2rc2, and possibly other versions, does not properly verif ...)
 	- proftpd 1.2.4-1
-CVE-2001-1499
+CVE-2001-1499 (Check Point VPN-1 4.1SP4 using SecuRemote returns different error mess ...)
 	NOT-FOR-US: Check Point
-CVE-2001-1498
+CVE-2001-1498 (Buffer overflow in mod_bf 0.2 allows local users to execute arbitrary  ...)
 	NOT-FOR-US: mod_bf
-CVE-2001-1497
+CVE-2001-1497 (Microsoft Internet Explorer 4.0 through 6.0 could allow local users to ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1496
+CVE-2001-1496 (Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd ...)
 	- thttpd 2.21
-CVE-2001-1495
+CVE-2001-1495 (network_query.php in Network Query Tool 1.0 allows remote attackers to ...)
 	NOT-FOR-US: Network Query Tool
-CVE-2001-1494
+CVE-2001-1494 (script command in the util-linux package before 2.11n allows local use ...)
 	- util-linux 2.11n-1
 CVE-2001-1492
 	REJECTED
-CVE-2001-1491
+CVE-2001-1491 (Opera 5.11 allows remote attackers to cause a denial of service (CPU c ...)
 	NOT-FOR-US: Opera
-CVE-2001-1490
+CVE-2001-1490 (Mozilla 0.9.6 allows remote attackers to cause a denial of service (CP ...)
 	NOTE: mozilla is quite easily DOSable with all sorts of large html
 	NOTE: files, probably not worth following up on.
-CVE-2001-1489
+CVE-2001-1489 (Microsoft Internet Explorer 6 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1488
+CVE-2001-1488 (Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 doe ...)
 	NOT-FOR-US: Open Projects ircd
-CVE-2001-1487
+CVE-2001-1487 (popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users ...)
 	- qpopper <not-affected> (Vulnerable code verified not present)
-CVE-2001-1484
+CVE-2001-1484 (Alcatel ADSL modems allow remote attackers to access the Trivial File  ...)
 	NOT-FOR-US: Alcatel hardware issue
-CVE-2001-1483
+CVE-2001-1483 (One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remo ...)
 	- libpam-opie <unfixed> (bug #112279; unimportant)
 	NOTE: This is documented and not really important. In contrast to passwords
 	NOTE: used by humans
 	[sarge] - libpam-opie <no-dsa> (Documented shortcoming, minor impact)
-CVE-2001-1482
+CVE-2001-1482 (SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 allow ...)
 	NOTE: phpbb was initially uploaded as version 2 or phpbb has been removed now
-CVE-2001-1481
+CVE-2001-1481 (Xitami 2.4 through 2.5 b4 stores the Administrator password in plainte ...)
 	NOT-FOR-US: Xitami
-CVE-2001-1480
+CVE-2001-1480 (Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows unt ...)
 	NOT-FOR-US: Sun Java
-CVE-2001-1479
+CVE-2001-1479 (smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows loc ...)
 	NOT-FOR-US: Sun
-CVE-2001-1478
+CVE-2001-1478 (Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0 ...)
 	NOT-FOR-US: UnixWare
-CVE-2001-1477
+CVE-2001-1477 (The Domain gateway in BEA Tuxedo 7.1 does not perform authorization ch ...)
 	NOT-FOR-US: BEA Tuxedo
-CVE-2001-1476
+CVE-2001-1476 (SSH before 2.0, with RC4 encryption and the "disallow NULL passwords"  ...)
 	NOT-FOR-US: Commercial SSH
-CVE-2001-1475
+CVE-2001-1475 (SSH before 2.0, when using RC4 and password authentication, allows rem ...)
 	NOT-FOR-US: Commercial SSH
-CVE-2001-1474
+CVE-2001-1474 (SSH before 2.0 disables host key checking when connecting to the local ...)
 	NOT-FOR-US: Commercial SSH
-CVE-2001-1473
+CVE-2001-1473 (The SSH-1 protocol allows remote servers to conduct man-in-the-middle  ...)
 	NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol.
-CVE-2001-1472
+CVE-2001-1472 (SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 allo ...)
 	- phpbb2 2.0.6c-1
-CVE-2001-1471
+CVE-2001-1471 (prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users ...)
 	- phpbb2 2.0.6c-1
-CVE-2001-1470
+CVE-2001-1470 (The IDEA cipher as implemented by SSH1 does not protect the final bloc ...)
 	NOT-FOR-US: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
-CVE-2001-1469
+CVE-2001-1469 (The RC4 stream cipher as used by SSH1 allows remote attackers to modif ...)
 	NOT-FOR-US: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
-CVE-2001-1468
+CVE-2001-1468 (PHP remote file inclusion vulnerability in checklogin.php in phpSecure ...)
 	NOT-FOR-US: phpSecurePages
-CVE-2001-1467
+CVE-2001-1467 (mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, se ...)
 	- expect <not-affected> (in expect 5.42.1, mkpasswd does not seed by pid)
 	NOTE: doesn't seem to seed at all; my tests indicate it generates no dups in
 	NOTE: some 100000 passwords.
-CVE-2001-1466
+CVE-2001-1466 (Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH- ...)
 	NOT-FOR-US: VanDyke SecureCRT
-CVE-2001-1465
+CVE-2001-1465 (SurfControl SuperScout only filters packets containing both an HTTP GE ...)
 	NOT-FOR-US: SurfControl SuperScout
-CVE-2001-1464
+CVE-2001-1464 (Crystal Reports, when displaying data for a password protected databas ...)
 	NOT-FOR-US: Crystal Reports
-CVE-2001-1463
+CVE-2001-1463 (The remote administration client for RhinoSoft Serv-U 3.0 sends the us ...)
 	NOT-FOR-US: RhinoSoft Serv-U
-CVE-2001-1462
+CVE-2001-1462 (WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Wi ...)
 	NOT-FOR-US: RSA Security SecurID
-CVE-2001-1461
+CVE-2001-1461 (Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 ...)
 	NOT-FOR-US: RSA Security SecurID
-CVE-2001-1460
+CVE-2001-1460 (SQL injection vulnerability in article.php in PostNuke 0.62 through 0. ...)
 	NOT-FOR-US: PostNuke
-CVE-2001-1459
+CVE-2001-1459 (OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication M ...)
 	- openssh 1:3.0.1p1-1
-CVE-2001-1458
+CVE-2001-1458 (Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allo ...)
 	NOT-FOR-US: Novell Groupwise
-CVE-2001-1457
+CVE-2001-1457 (Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote att ...)
 	NOT-FOR-US: CrazyWWWBoard
-CVE-2001-1456
+CVE-2001-1456 (Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntl ...)
 	NOT-FOR-US: Gauntlet Firewall
-CVE-2001-1455
+CVE-2001-1455 (Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypa ...)
 	NOT-FOR-US: Netegrity SiteMinder
-CVE-2001-1454
+CVE-2001-1454 (Buffer overflow in MySQL before 3.23.33 allows remote attackers to exe ...)
 	- mysql-dfsg 3.23.33-1
-CVE-2001-1453
+CVE-2001-1453 (Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allo ...)
 	- mysql-dfsg 3.23.33-1
-CVE-2001-1452
+CVE-2001-1452 (By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cach ...)
 	NOT-FOR-US: Windows
-CVE-2001-1451
+CVE-2001-1451 (Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microso ...)
 	NOT-FOR-US: Windows
-CVE-2001-1450
+CVE-2001-1450 (Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause  ...)
 	NOT-FOR-US: Windows
-CVE-2001-1449
+CVE-2001-1449 (The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 ...)
 	- apache <not-affected> (Mandrake specific packaging flaw)
-CVE-2001-1448
+CVE-2001-1448 (Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local us ...)
 	NOT-FOR-US: Magic eDeveloper
-CVE-2001-1447
+CVE-2001-1447 (NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to g ...)
 	NOT-FOR-US: Windows
-CVE-2001-1446
+CVE-2001-1446 (Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable ...)
 	NOT-FOR-US: MacOS X
-CVE-2001-1445
+CVE-2001-1445 (Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5 ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2001-1444
+CVE-2001-1444 (The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Ke ...)
 	NOT-FOR-US: Generic protocol flaw
-CVE-2001-1443
+CVE-2001-1443 (KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not enc ...)
 	NOT-FOR-US: Generic protocol flaw
-CVE-2001-1442
+CVE-2001-1442 (Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 all ...)
 	- inn2 2.3.3+20020922-1
 	- innfeed 0.10.1.7-7
-CVE-2001-1441
+CVE-2001-1441 (Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Pro ...)
 	NOT-FOR-US: VisualAge for Java
-CVE-2001-1440
+CVE-2001-1440 (Unknown vulnerability in login for AIX 5.1L, when using loadable authe ...)
 	NOT-FOR-US: AIX
-CVE-2001-1439
+CVE-2001-1439 (Buffer overflow in the text editor functionality in HP-UX 10.01 throug ...)
 	NOT-FOR-US: HP-UX
-CVE-2001-1438
+CVE-2001-1438 (Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module  ...)
 	NOT-FOR-US: Handspring Visor
-CVE-2001-1437
+CVE-2001-1437 (easyScripts easyNews 1.5 allows remote attackers to obtain the full pa ...)
 	NOT-FOR-US: easyScripts easyNews
-CVE-2001-1436
+CVE-2001-1436 (Dallas Semiconductor iButton DS1991 returns predictable values when gi ...)
 	NOT-FOR-US: Dallas Semiconductor iButton DS1991
-CVE-2001-1435
+CVE-2001-1435 (inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of s ...)
 	NOT-FOR-US: Tru64 UNIX
-CVE-2001-1434
+CVE-2001-1434 (Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read sy ...)
 	NOT-FOR-US: IOS
-CVE-2001-1433
+CVE-2001-1433 (Cherokee web server before 0.2.7 does not properly drop root privilege ...)
 	NOT-FOR-US: Cherokee
-CVE-2001-1432
+CVE-2001-1432 (Directory traversal vulnerability in Cherokee Web Server allows remote ...)
 	NOT-FOR-US: Cherokee
-CVE-2001-1431
+CVE-2001-1431 (Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Se ...)
 	NOT-FOR-US: Nokia Firewall appliances
-CVE-2001-1430
+CVE-2001-1430 (Cayman 3220-H DSL Router 1.0 ship without a password set, which allows ...)
 	NOT-FOR-US: Cayman DSL router
-CVE-2001-1429
+CVE-2001-1429 (Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local use ...)
 	NOTE: I could track this down to this posting
 	NOTE: http://web.archive.org/web/20051206035530/http://cert.uni-stuttgart.de:80/archive/vuln-dev/2001/11/msg00104.html
 	NOTE: This looks very obscure an does not contain useful information on how this
 	NOTE: was triggered and even then it's not a problem, as mcedit usage does not
 	NOTE: have a remote impact and is not suid
-CVE-2001-1428
+CVE-2001-1428 (The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped  ...)
 	NOT-FOR-US: IPC@CHIP Embedded web server
-CVE-2001-1427
+CVE-2001-1427 (Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allow ...)
 	NOT-FOR-US: ColdFusion
-CVE-2001-1426
+CVE-2001-1426 (Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through ...)
 	NOT-FOR-US: Alcatel Speed Touch
-CVE-2001-1425
+CVE-2001-1425 (The challenge-response authentication of the EXPERT user for Alcatel S ...)
 	NOT-FOR-US: Alcatel Speed Touch
-CVE-2001-1424
+CVE-2001-1424 (Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132 ...)
 	NOT-FOR-US: Alcatel Speed Touch
-CVE-2001-1423
+CVE-2001-1423 (Advanced Poll before 1.61, when using a flat file database, allows rem ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2001-1422
+CVE-2001-1422 (WinVNC 3.3.3 and earlier generates the same challenge string for multi ...)
 	NOT-FOR-US: WinVNC
-CVE-2001-1421
+CVE-2001-1421 (AOL Instant Messenger (AIM) 4.7 and earlier allows remote attackers to ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2001-1420
+CVE-2001-1420 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a den ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2001-1419
+CVE-2001-1419 (AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attacke ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2001-1418
+CVE-2001-1418 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a den ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2001-1417
+CVE-2001-1417 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a den ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2001-1416
+CVE-2001-1416 (Multiple cross-site scripting (XSS) vulnerabilities in the log message ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2001-1415
+CVE-2001-1415 (vi.recover in OpenBSD before 3.1 allows local users to remove arbitrar ...)
 	NOT-FOR-US: no_package
 	NOTE: Debian's nvi recover script is very different
-CVE-2001-1414
+CVE-2001-1414 (The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does  ...)
 	NOT-FOR-US: Solaris
-CVE-2001-1407
+CVE-2001-1407 (Bugzilla before 2.14 allows Bugzilla users to bypass group security ch ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1406
+CVE-2001-1406 (process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1391
+CVE-2001-1391 (Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1386
+CVE-2001-1386 (WFTPD 3.00 allows remote attackers to read arbitrary files by uploadin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1385
+CVE-2001-1385 (The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1383
+CVE-2001-1383 (initscript in setserial 2.17-4 and earlier uses predictable temporary  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1382
+CVE-2001-1382 (The "echo simulation" traffic analysis countermeasure in OpenSSH befor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1380
+CVE-2001-1380 (OpenSSH before 2.9.9, while using keypairs and multiple keys of differ ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1378
+CVE-2001-1378 (fetchmailconf in fetchmail before 5.7.4 allows local users to overwrit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1375
+CVE-2001-1375 (tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1374
+CVE-2001-1374 (expect before 5.32 searches for its libraries in /var/tmp before other ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1373
+CVE-2001-1373 (MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1372
+CVE-2001-1372 (Oracle 9i Application Server 1.0.2 allows remote attackers to obtain t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1371
+CVE-2001-1371 (The default configuration of Oracle Application Server 9iAS 1.0.2.2 en ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1370
+CVE-2001-1370 (prepend.php3 in PHPLib before 7.2d, when register_globals is enabled f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1369
+CVE-2001-1369 (Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1367
+CVE-2001-1367 (The checkAccess function in PHPSlice 0.1.4, and all other versions bet ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1359
+CVE-2001-1359 (Volution clients 1.0.7 and earlier attempt to contact the computer cre ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1352
+CVE-2001-1352 (Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1351
+CVE-2001-1351 (Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1350
+CVE-2001-1350 (Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1349
+CVE-2001-1349 (Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1347
+CVE-2001-1347 (Windows 2000 allows local users to cause a denial of service and possi ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1345
+CVE-2001-1345 (bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied PA ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1342
+CVE-2001-1342 (Apache before 1.3.20 on Windows and OS/2 systems allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1334
+CVE-2001-1334 (Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1328
+CVE-2001-1328 (Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1327
+CVE-2001-1327 (pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1322
+CVE-2001-1322 (xinetd 2.1.8 and earlier runs with a default umask of 0, which could a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1303
+CVE-2001-1303 (The default configuration of SecuRemote for Check Point Firewall-1 all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1302
+CVE-2001-1302 (The change password option in the Windows Security interface for Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1301
+CVE-2001-1301 (rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions befo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1299
+CVE-2001-1299 (Zorbat Zorbstats PHP script before 0.9 allows remote attackers to incl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1297
+CVE-2001-1297 (PHP remote file inclusion vulnerability in Actionpoll PHP script befor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1296
+CVE-2001-1296 (More.groupware PHP script allows remote attackers to include arbitrary ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1295
+CVE-2001-1295 (Directory traversal vulnerability in Cerberus FTP Server 1.5 and earli ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1291
+CVE-2001-1291 (The telnet server for 3Com hardware such as PS40 SuperStack II does no ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1279
+CVE-2001-1279 (Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1277
+CVE-2001-1277 (makewhatis in the man package before 1.5i2 allows an attacker in group ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1276
+CVE-2001-1276 (ispell before 3.1.20 allows local users to overwrite files of other us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1267
+CVE-2001-1267 (Directory traversal vulnerability in GNU tar 1.13.19 and earlier allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1266
+CVE-2001-1266 (Directory traversal vulnerability in Doug Neal's HTTPD Daemon (DNHTTPD ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1252
+CVE-2001-1252 (Network Associates PGP Keyserver 7.0 allows remote attackers to bypass ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1251
+CVE-2001-1251 (SmallHTTP 1.204 through 3.00 beta 8 allows remote attackers to cause a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1247
+CVE-2001-1247 (PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read an ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1246
+CVE-2001-1246 (PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1240
+CVE-2001-1240 (The default configuration of sudo in Engarde Secure Linux 1.0.1 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1237
+CVE-2001-1237 (Phormation PHP script 0.9.1 and earlier allows remote attackers to exe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1236
+CVE-2001-1236 (myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1235
+CVE-2001-1235 (pSlash PHP script 0.7 and earlier allows remote attackers to execute a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1234
+CVE-2001-1234 (Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1231
+CVE-2001-1231 (GroupWise 5.5 and 6 running in live remote or smart caching mode allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1227
+CVE-2001-1227 (Zope before 2.2.4 allows partially trusted users to bypass security co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1215
+CVE-2001-1215 (Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1203
+CVE-2001-1203 (Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1201
+CVE-2001-1201 (Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1200
+CVE-2001-1200 (Microsoft Windows XP allows local users to bypass a locked screen and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1199
+CVE-2001-1199 (Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1193
+CVE-2001-1193 (Directory traversal vulnerability in EFTP 2.0.8.346 allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1186
+CVE-2001-1186 (Microsoft IIS 5.0 allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1185
+CVE-2001-1185 (Some AIO operations in FreeBSD 4.4 may be delayed until after a call t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1183
+CVE-2001-1183 (PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers ...)
 	NOT-FOR-US: Cisco
-CVE-2001-1180
+CVE-2001-1180 (FreeBSD 4.3 does not properly clear shared signal handlers when execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1177
+CVE-2001-1177 (ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1176
+CVE-2001-1176 (Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1175
+CVE-2001-1175 (vipw in the util-linux package before 2.10 causes /etc/shadow to be wo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1174
+CVE-2001-1174 (Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1172
+CVE-2001-1172 (OmniSecure HTTProtect 1.1.1 allows a superuser without omnish privileg ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1166
+CVE-2001-1166 (linprocfs on FreeBSD 4.3 and earlier does not properly restrict access ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1162
+CVE-2001-1162 (Directory traversal vulnerability in the %m macro in the smb.conf conf ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1161
+CVE-2001-1161 (Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1160
+CVE-2001-1160 (udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1158
+CVE-2001-1158 (Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, ac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1155
+CVE-2001-1155 (TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARA ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1153
+CVE-2001-1153 (lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1149
+CVE-2001-1149 (Panda Antivirus Platinum before 6.23.00 allows a remore attacker to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1147
+CVE-2001-1147 (The PAM implementation in /bin/login of the util-linux package before  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1146
+CVE-2001-1146 (AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1145
+CVE-2001-1145 (fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and Open ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1144
+CVE-2001-1144 (Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1141
+CVE-2001-1141 (The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1132
+CVE-2001-1132 (Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to l ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1130
+CVE-2001-1130 (Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1121
+CVE-2001-1121 (DEPRECATED.  This entry has been deprecated.  It is a duplicate of CVE ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1119
+CVE-2001-1119 (cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1118
+CVE-2001-1118 (A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1117
+CVE-2001-1117 (LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1116
+CVE-2001-1116 (Identix BioLogon 2.03 and earlier does not lock secondary displays on  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1113
+CVE-2001-1113 (Buffer overflow in TrollFTPD 1.26 and earlier allows local users to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1108
+CVE-2001-1108 (Directory traversal vulnerability in SnapStream PVS 1.2a allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1106
+CVE-2001-1106 (The default configuration of Sambar Server 5 and earlier uses a symmet ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1103
+CVE-2001-1103 (FTP Voyager ActiveX control before 8.0, when it is marked as safe for  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1100
+CVE-2001-1100 (sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1099
+CVE-2001-1099 (The default configuration of Norton AntiVirus for Microsoft Exchange 2 ...)
 	NOT-FOR-US: Norton
-CVE-2001-1098
+CVE-2001-1098 (Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in p ...)
 	NOT-FOR-US: Cisco
-CVE-2001-1096
+CVE-2001-1096 (Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a cor ...)
 	NOT-FOR-US: AIX
-CVE-2001-1095
+CVE-2001-1095 (Buffer overflow in uuq in AIX 4 could allow local users to execute arb ...)
 	NOT-FOR-US: AIX
-CVE-2001-1089
+CVE-2001-1089 (libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1088
+CVE-2001-1088 (Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1085
+CVE-2001-1085 (Lmail 2.7 and earlier allows local users to overwrite arbitrary files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1084
+CVE-2001-1084 (Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1083
+CVE-2001-1083 (Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1081
+CVE-2001-1081 (Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1080
+CVE-2001-1080 (diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable ...)
 	NOT-FOR-US: AIX
-CVE-2001-1079
+CVE-2001-1079 (create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates ...)
 	NOT-FOR-US: AIX
-CVE-2001-1075
+CVE-2001-1075 (poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1074
+CVE-2001-1074 (Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1072
+CVE-2001-1072 (Apache with mod_rewrite enabled on most UNIX systems allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1071
+CVE-2001-1071 (Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allo ...)
 	NOT-FOR-US: Cisco
-CVE-2001-1069
+CVE-2001-1069 (libCoolType library as used in Adobe Acrobat (acroread) on Linux creat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1067
+CVE-2001-1067 (Buffer overflow in AOLserver 3.0 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1066
+CVE-2001-1066 (ns6install installation script for Netscape 6.01 on Solaris, and other ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1063
+CVE-2001-1063 (Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1062
+CVE-2001-1062 (Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1059
+CVE-2001-1059 (VMWare creates a temporary file vmware-log.USERNAME with insecure perm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1056
+CVE-2001-1056 (IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1055
+CVE-2001-1055 (The Microsoft Windows network stack allows remote attackers to cause a ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1054
+CVE-2001-1054 (PHPAdsNew PHP script allows remote attackers to include arbitrary file ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1053
+CVE-2001-1053 (AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1049
+CVE-2001-1049 (Phorecast PHP script before 0.40 allows remote attackers to include ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1048
+CVE-2001-1048 (AWOL PHP script allows remote attackers to include arbitrary files fro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1046
+CVE-2001-1046 (Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1043
+CVE-2001-1043 (ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1038
+CVE-2001-1038 (Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote attacker ...)
 	NOT-FOR-US: Cisco
-CVE-2001-1037
+CVE-2001-1037 (Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to  ...)
 	NOT-FOR-US: Cisco
-CVE-2001-1036
+CVE-2001-1036 (GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1035
+CVE-2001-1035 (Binary decoding feature of slrn 0.9 and earlier allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1032
+CVE-2001-1032 (admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check l ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1030
+CVE-2001-1030 (Squid before 2.3STABLE5 in HTTP accelerator mode does not enable acces ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1029
+CVE-2001-1029 (libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1028
+CVE-2001-1028 (Buffer overflow in ultimate_source function of man 1.5 and earlier all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1027
+CVE-2001-1027 (Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1022
+CVE-2001-1022 (Format string vulnerability in pic utility in groff 1.16.1 and other v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1020
+CVE-2001-1020 (edit_image.php in Vibechild Directory Manager before 0.91 allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1017
+CVE-2001-1017 (rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.pas ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1016
+CVE-2001-1016 (PGP Corporate Desktop before 7.1, Personal Security before 7.0.3, Free ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1011
+CVE-2001-1011 (index2.php in Mambo Site Server 3.0.0 through 3.0.5 allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1010
+CVE-2001-1010 (Directory traversal vulnerability in pagecount CGI script in Sambar Se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1008
+CVE-2001-1008 (Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certif ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1002
+CVE-2001-1002 (The default configuration of the DVI print filter (dvips) in Red Hat L ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0998
+CVE-2001-0998 (IBM HACMP 4.4 allows remote attackers to cause a denial of service via ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0995
+CVE-2001-0995 (PHProjekt before 2.4a allows remote attackers to perform actions as ot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0993
+CVE-2001-0993 (sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0987
+CVE-2001-0987 (Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0982
+CVE-2001-0982 (Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Directo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0981
+CVE-2001-0981 (HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix passwor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0980
+CVE-2001-0980 (docview before 1.0-15 allows remote attackers to execute arbitrary com ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0978
+CVE-2001-0978 (login in HP-UX 10.26 does not record failed login attempts in /var/adm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0977
+CVE-2001-0977 (slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0973
+CVE-2001-0973 (BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0969
+CVE-2001-0969 (ipfw in FreeBSD does not properly handle the use of "me" in its rules  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0965
+CVE-2001-0965 (glFTPD 1.23 allows remote attackers to cause a denial of service (CPU  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0963
+CVE-2001-0963 (Directory traversal vulnerability in SpoonFTP 1.1 allows local and som ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0962
+CVE-2001-0962 (IBM WebSphere Application Server 3.02 through 3.53 uses predictable se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0961
+CVE-2001-0961 (Buffer overflow in tab expansion capability of the most program allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0960
+CVE-2001-0960 (Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 st ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0959
+CVE-2001-0959 (Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 cr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0954
+CVE-2001-0954 (Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0951
+CVE-2001-0951 (Windows 2000 allows remote attackers to cause a denial of service (CPU ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0946
+CVE-2001-0946 (apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0940
+CVE-2001-0940 (Buffer overflow in the GUI authentication code of Check Point VPN-1/Fi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0939
+CVE-2001-0939 (Lotus Domino 5.08 and earlier allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0936
+CVE-2001-0936 (Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0929
+CVE-2001-0929 (Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0921
+CVE-2001-0921 (Netscape 4.79 and earlier for MacOS allows an attacker with access to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0920
+CVE-2001-0920 (Format string vulnerability in auto nice daemon (AND) 1.0.4 and earlie ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0918
+CVE-2001-0918 (Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0917
+CVE-2001-0917 (Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0914
+CVE-2001-0914 (Linux kernel before 2.4.11pre3 in multiple Linux distributions allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0912
+CVE-2001-0912 (Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0909
+CVE-2001-0909 (Buffer overflow in helpctr.exe program in Microsoft Help Center for Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0907
+CVE-2001-0907 (Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows lo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0906
+CVE-2001-0906 (teTeX filter before 1.0.7 allows local users to gain privileges via a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0905
+CVE-2001-0905 (Race condition in signal handling of procmail 3.20 and earlier, when r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0902
+CVE-2001-0902 (Microsoft IIS 5.0 allows remote attackers to spoof web log entries via ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0901
+CVE-2001-0901 (Hypermail allows remote attackers to execute arbitrary commands on a s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0900
+CVE-2001-0900 (Directory traversal vulnerability in modules.php in Gallery before 1.2 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0899
+CVE-2001-0899 (Network Tools 0.2 for PHP-Nuke allows remote attackers to execute comm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0896
+CVE-2001-0896 (Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0895
+CVE-2001-0895 (Multiple Cisco networking products allow remote attackers to cause a d ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0894
+CVE-2001-0894 (Vulnerability in Postfix SMTP server before 20010228-pl07, when config ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0891
+CVE-2001-0891 (Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0889
+CVE-2001-0889 (Exim 3.22 and earlier, in some configurations, does not properly verif ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0888
+CVE-2001-0888 (Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0887
+CVE-2001-0887 (xSANE 0.81 and earlier allows local users to modify files of other xSA ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0886
+CVE-2001-0886 (Buffer overflow in glob function of glibc allows attackers to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0884
+CVE-2001-0884 (Cross-site scripting vulnerability in Mailman email archiver before 2. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0879
+CVE-2001-0879 (Format string vulnerability in the C runtime functions in SQL Server 7 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0877
+CVE-2001-0877 (Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0876
+CVE-2001-0876 (Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0875
+CVE-2001-0875 (Internet Explorer 5.5 and 6.0 allows remote attackers to cause the Fil ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0874
+CVE-2001-0874 (Internet Explorer 5.5 and 6.0 allow remote attackers to read certain f ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0873
+CVE-2001-0873 (uuxqt in Taylor UUCP package does not properly remove dangerous long o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0872
+CVE-2001-0872 (OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly clea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0869
+CVE-2001-0869 (Format string vulnerability in the default logging callback function _ ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0867
+CVE-2001-0867 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not pr ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0866
+CVE-2001-0866 (Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not pr ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0865
+CVE-2001-0865 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not su ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0864
+CVE-2001-0864 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not pr ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0863
+CVE-2001-0863 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not ha ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0862
+CVE-2001-0862 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not bl ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0861
+CVE-2001-0861 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0860
+CVE-2001-0860 (Terminal Services Manager MMC in Windows 2000 and XP trusts the Client ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0859
+CVE-2001-0859 (2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0857
+CVE-2001-0857 (Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0852
+CVE-2001-0852 (TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0851
+CVE-2001-0851 (Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0850
+CVE-2001-0850 (A configuration error in the libdb1 package in OpenLinux 3.1 uses inse ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0846
+CVE-2001-0846 (Lotus Domino 5.x allows remote attackers to read files or execute arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0843
+CVE-2001-0843 (Squid proxy server 2.4 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0837
+CVE-2001-0837 (DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable l ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0836
+CVE-2001-0836 (Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0834
+CVE-2001-0834 (htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0833
+CVE-2001-0833 (Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0830
+CVE-2001-0830 (6tunnel 0.08 and earlier does not properly close sockets that were ini ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0828
+CVE-2001-0828 (A cross-site scripting vulnerability in Caucho Technology Resin before ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0825
+CVE-2001-0825 (Buffer overflow in internal string handling routines of xinetd before  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0823
+CVE-2001-0823 (The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0822
+CVE-2001-0822 (FPF kernel module 1.0 allows a remote attacker to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0819
+CVE-2001-0819 (A buffer overflow in Linux fetchmail before 5.8.6 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0816
+CVE-2001-0816 (OpenSSH before 2.9.9, when running sftp using sftp-server and using re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0815
+CVE-2001-0815 (Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0806
+CVE-2001-0806 (Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0805
+CVE-2001-0805 (Directory traversal vulnerability in ttawebtop.cgi in Tarantella Enter ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0804
+CVE-2001-0804 (Directory traversal vulnerability in story.pl in Interactive Story 1.3 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0803
+CVE-2001-0803 (Buffer overflow in the client connection routine of libDtSvc.so.1 in C ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0801
+CVE-2001-0801 (lpstat in IRIX 6.5.13f and earlier allows local users to gain root pri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0797
+CVE-2001-0797 (Buffer overflow in login in various System V based operating systems a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0796
+CVE-2001-0796 (SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBS ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0792
+CVE-2001-0792 (Format string vulnerability in XChat 1.2.x allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0787
+CVE-2001-0787 (LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0784
+CVE-2001-0784 (Directory traversal vulnerability in Icecast 1.3.10 and earlier allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0779
+CVE-2001-0779 (Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0774
+CVE-2001-0774 (Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0773
+CVE-2001-0773 (Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a denial  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0770
+CVE-2001-0770 (Buffer overflow in GuildFTPd Server 0.97 allows remote attacker to exe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0769
+CVE-2001-0769 (Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0765
+CVE-2001-0765 (BisonFTP V4R1 allows local users to access directories outside of thei ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0764
+CVE-2001-0764 (Buffer overflow in ntping in scotty 2.1.0 allows local users to execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0763
+CVE-2001-0763 (Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0760
+CVE-2001-0760 (Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0757
+CVE-2001-0757 (Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC ca ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0754
+CVE-2001-0754 (Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0752
+CVE-2001-0752 (Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0751
+CVE-2001-0751 (Cisco switches and routers running CBOS 2.3.8 and earlier use predicta ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0750
+CVE-2001-0750 (Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial  ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0749
+CVE-2001-0749 (Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0748
+CVE-2001-0748 (Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other pr ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0745
+CVE-2001-0745 (Netscape 4.7x allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0741
+CVE-2001-0741 (Cisco Hot Standby Routing Protocol (HSRP) allows local attackers to ca ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0740
+CVE-2001-0740 (3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0739
+CVE-2001-0739 (Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarte ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0738
+CVE-2001-0738 (LogLine function in klogd in sysklogd 1.3 in various Linux distributio ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0733
+CVE-2001-0733 (The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0731
+CVE-2001-0731 (Apache 1.3.20 with Multiviews enabled allows remote attackers to view  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0730
+CVE-2001-0730 (split-logfile in Apache 1.3.20 allows remote attackers to overwrite ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0728
+CVE-2001-0728 (Buffer overflow in Compaq Management Agents before 5.2, included in Co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0727
+CVE-2001-0727 (Internet Explorer 6.0 allows remote attackers to execute arbitrary cod ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0726
+CVE-2001-0726 (Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used w ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0724
+CVE-2001-0724 (Internet Explorer 5.5 allows remote attackers to bypass security restr ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0723
+CVE-2001-0723 (Internet Explorer 5.5 and 6.0 allows remote attackers to read and modi ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0722
+CVE-2001-0722 (Internet Explorer 5.5 and 6.0 allows remote attackers to read and modi ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0720
+CVE-2001-0720 (Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0719
+CVE-2001-0719 (Buffer overflow in Microsoft Windows Media Player 6.4 allows remote at ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0718
+CVE-2001-0718 (Vulnerability in (1) Microsoft Excel 2002 and earlier and (2) Microsof ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0717
+CVE-2001-0717 (Format string vulnerability in ToolTalk database server rpc.ttdbserver ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0716
+CVE-2001-0716 (Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0710
+CVE-2001-0710 (NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0706
+CVE-2001-0706 (Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0701
+CVE-2001-0701 (Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and ear ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0700
+CVE-2001-0700 (Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0699
+CVE-2001-0699 (Buffer overflow in cb_reset in the System Service Processor (SSP) pack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0698
+CVE-2001-0698 (Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0697
+CVE-2001-0697 (NetWin SurgeFTP prior to 1.1h allows a remote attacker to cause a deni ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0696
+CVE-2001-0696 (NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a deni ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0692
+CVE-2001-0692 (SMTP proxy in WatchGuard Firebox (2500 and 4500) 4.5 and 4.6 allows a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0690
+CVE-2001-0690 (Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0686
+CVE-2001-0686 (Buffer overflow in mail included with SunOS 5.8 for x86 allows a local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0685
+CVE-2001-0685 (Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0682
+CVE-2001-0682 (ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0680
+CVE-2001-0680 (Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/T ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0677
+CVE-2001-0677 (Eudora 5.0.2 allows a remote attacker to read arbitrary files via an e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0676
+CVE-2001-0676 (Directory traversal vulnerability in Rit Research Labs The Bat! 1.48f  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0675
+CVE-2001-0675 (Rit Research Labs The Bat! 1.51 for Windows allows a remote attacker t ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0670
+CVE-2001-0670 (Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0668
+CVE-2001-0668 (Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 thro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0667
+CVE-2001-0667 (Internet Explorer 6 and earlier, when used with the Telnet client in S ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0666
+CVE-2001-0666 (Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenti ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0665
+CVE-2001-0665 (Internet Explorer 6 and earlier allows remote attackers to cause certa ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0664
+CVE-2001-0664 (Internet Explorer 5.5 and 5.01 allows remote attackers to bypass secur ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0663
+CVE-2001-0663 (Terminal Server in Windows NT and Windows 2000 allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0662
+CVE-2001-0662 (RPC endpoint mapper in Windows NT 4.0 allows remote attackers to cause ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0660
+CVE-2001-0660 (Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0659
+CVE-2001-0659 (Buffer overflow in IrDA driver providing infrared data exchange on Win ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0658
+CVE-2001-0658 (Cross-site scripting (CSS) vulnerability in Microsoft Internet Securit ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0653
+CVE-2001-0653 (Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0652
+CVE-2001-0652 (Heap overflow in xlock in Solaris 2.6 through 8 allows local users to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0650
+CVE-2001-0650 (Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a  ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0648
+CVE-2001-0648 (Directory traversal vulnerability in PHProjekt 2.1 and earlier allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0646
+CVE-2001-0646 (Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0644
+CVE-2001-0644 (Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in plai ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0643
+CVE-2001-0643 (Internet Explorer 5.5 does not display the Class ID (CLSID) when it is ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0641
+CVE-2001-0641 (Buffer overflow in man program in various distributions of Linux allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0635
+CVE-2001-0635 (Red Hat Linux 7.1 sets insecure permissions on swap files created duri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0634
+CVE-2001-0634 (Sun Chili!Soft ASP has weak permissions on various configuration files ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0631
+CVE-2001-0631 (Centrinity First Class Internet Services 5.50 allows for the circumven ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0630
+CVE-2001-0630 (Directory traversal vulnerability in MIMAnet viewsrc.cgi 2.0 allows a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0629
+CVE-2001-0629 (HP Event Correlation Service (ecsd) as included with OpenView Network  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0628
+CVE-2001-0628 (Microsoft Word 2000 does not check AutoRecovery (.asd) files for macro ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0627
+CVE-2001-0627 (vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0626
+CVE-2001-0626 (O'Reilly Website Professional 2.5.4 and earlier allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0625
+CVE-2001-0625 (ftpdownload in Computer Associates InoculateIT 6.0 allows a local atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0622
+CVE-2001-0622 (The web management service on Cisco Content Service series 11000 switc ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0621
+CVE-2001-0621 (The FTP server on Cisco Content Service 11000 series switches (CSS) be ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0616
+CVE-2001-0616 (Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0615
+CVE-2001-0615 (Directory traversal vulnerability in Faust Informatics Freestyle Chat  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0613
+CVE-2001-0613 (Omnicron Technologies OmniHTTPD Professional 2.08 and earlier allows a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0612
+CVE-2001-0612 (McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0611
+CVE-2001-0611 (Becky! 2.00.05 and earlier can allow a remote attacker to gain additio ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0596
+CVE-2001-0596 (Netscape Communicator before 4.77 allows remote attackers to execute a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0595
+CVE-2001-0595 (Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0594
+CVE-2001-0594 (kcms_configure as included with Solaris 7 and 8 allows a local attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0593
+CVE-2001-0593 (Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0591
+CVE-2001-0591 (Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 an ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0590
+CVE-2001-0590 (Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0589
+CVE-2001-0589 (NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-10 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0586
+CVE-2001-0586 (TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0585
+CVE-2001-0585 (Gordano NTMail 6.0.3c allows a remote attacker to create a denial of s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0574
+CVE-2001-0574 (Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0573
+CVE-2001-0573 (lsfs in AIX 4.x allows a local user to gain additional privileges by c ...)
 	NOT-FOR-US: AIX
-CVE-2001-0567
+CVE-2001-0567 (Digital Creations Zope 2.3.2 and earlier allows a local attacker to ga ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0565
+CVE-2001-0565 (Buffer overflow in mailx in Solaris 8 and earlier allows a local attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0564
+CVE-2001-0564 (APC Web/SNMP Management Card prior to Firmware 310 only supports one t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0563
+CVE-2001-0563 (ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier allows a r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0560
+CVE-2001-0560 (Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0559
+CVE-2001-0559 (crontab in Vixie cron 3.0.1 and earlier does not properly drop privile ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0558
+CVE-2001-0558 (T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0554
+CVE-2001-0554 (Buffer overflow in BSD-based telnetd telnet daemon on various operatin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0553
+CVE-2001-0553 (SSH Secure Shell 3.0.0 on Unix systems does not properly perform passw ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0550
+CVE-2001-0550 (wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0549
+CVE-2001-0549 (Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a regis ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0548
+CVE-2001-0548 (Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to g ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0547
+CVE-2001-0547 (Memory leak in the proxy service in Microsoft Internet Security and Ac ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0546
+CVE-2001-0546 (Memory leak in H.323 Gatekeeper Service in Microsoft Internet Security ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0545
+CVE-2001-0545 (IIS 4.0 with URL redirection enabled allows remote attackers to cause  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0544
+CVE-2001-0544 (IIS 5.0 allows local users to cause a denial of service (hang) via by  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0543
+CVE-2001-0543 (Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0541
+CVE-2001-0541 (Buffer overflow in Microsoft Windows Media Player 7.1 and earlier allo ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0540
+CVE-2001-0540 (Memory leak in Terminal servers in Windows NT and Windows 2000 allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0538
+CVE-2001-0538 (Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and e ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0537
+CVE-2001-0537 (HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass auth ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0533
+CVE-2001-0533 (Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows loc ...)
 	NOT-FOR-US: AIX
-CVE-2001-0530
+CVE-2001-0530 (Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0529
+CVE-2001-0529 (OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a l ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0528
+CVE-2001-0528 (Oracle E-Business Suite Release 11i Applications Desktop Integrator (A ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0527
+CVE-2001-0527 (DCScripts DCForum versions 2000 and earlier allow a remote attacker to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0526
+CVE-2001-0526 (Buffer overflow in the Xview library as used by mailtool in Solaris 8  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0525
+CVE-2001-0525 (Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0522
+CVE-2001-0522 (Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0518
+CVE-2001-0518 (Oracle listener before Oracle 9i allows attackers to cause a denial of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0517
+CVE-2001-0517 (Oracle listener in Oracle 8i on Solaris allows remote attackers to cau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0514
+CVE-2001-0514 (SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0513
+CVE-2001-0513 (Oracle listener process on Windows NT redirects connection requests to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0508
+CVE-2001-0508 (Vulnerability in IIS 5.0 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0507
+CVE-2001-0507 (IIS 5.0 uses relative paths to find system files that will run in-proc ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0506
+CVE-2001-0506 (Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0504
+CVE-2001-0504 (Vulnerability in authentication process for SMTP service in Microsoft  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0503
+CVE-2001-0503 (Microsoft NetMeeting 3.01 with Remote Desktop Sharing enabled allows r ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0502
+CVE-2001-0502 (Running Windows 2000 LDAP Server over SSL, a function does not properl ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0501
+CVE-2001-0501 (Microsoft Word 2002 and earlier allows attackers to automatically exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0500
+CVE-2001-0500 (Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and I ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0497
+CVE-2001-0497 (dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0495
+CVE-2001-0495 (Directory traversal in DataWizard WebXQ server 1.204 allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0494
+CVE-2001-0494 (Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0493
+CVE-2001-0493 (Small HTTP server 2.03 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0489
+CVE-2001-0489 (Format string vulnerability in gftp prior to 2.0.8 allows remote malic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0488
+CVE-2001-0488 (pcltotiff in HP-UX 10.x has unnecessary set group id permissions, whic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0487
+CVE-2001-0487 (AIX SNMP server snmpd allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: AIX
-CVE-2001-0486
+CVE-2001-0486 (Remote attackers can cause a denial of service in Novell BorderManager ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0485
+CVE-2001-0485 (Unknown vulnerability in netprint in IRIX 6.2, and possibly other vers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0482
+CVE-2001-0482 (Configuration error in Argus PitBull LX allows root users to bypass sp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0481
+CVE-2001-0481 (Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure te ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0475
+CVE-2001-0475 (index.php in Jelsoft vBulletin does not properly initialize a PHP vari ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0474
+CVE-2001-0474 (Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0473
+CVE-2001-0473 (Format string vulnerability in Mutt before 1.2.5 allows a remote malic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0469
+CVE-2001-0469 (rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other opera ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0467
+CVE-2001-0467 (Directory traversal vulnerability in RobTex Viking Web server before 1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0465
+CVE-2001-0465 (TurboTax saves passwords in a temporary file when a user imports inves ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0463
+CVE-2001-0463 (Directory traversal vulnerability in cal_make.pl in PerlCal allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0462
+CVE-2001-0462 (Directory traversal vulnerability in Perl web server 0.3 and earlier a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0461
+CVE-2001-0461 (template.cgi in Free On-Line Dictionary of Computing (FOLDOC) allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0457
+CVE-2001-0457 (man2html before 1.5-22 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0456
+CVE-2001-0456 (postinst installation script for Proftpd in Debian 2.2 does not proper ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0455
+CVE-2001-0455 (Cisco Aironet 340 Series wireless bridge before 8.55 does not properly ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0449
+CVE-2001-0449 (Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0444
+CVE-2001-0444 (Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") com ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0442
+CVE-2001-0442 (Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlie ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0440
+CVE-2001-0440 (Buffer overflow in logging functions of licq before 1.0.3 allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0439
+CVE-2001-0439 (licq before 1.0.3 allows remote attackers to execute arbitrary command ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0434
+CVE-2001-0434 (The LogDataListToFile ActiveX function used in (1) Knowledge Center an ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0430
+CVE-2001-0430 (Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0429
+CVE-2001-0429 (Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0428
+CVE-2001-0428 (Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attac ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0427
+CVE-2001-0427 (Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attac ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0423
+CVE-2001-0423 (Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0422
+CVE-2001-0422 (Buffer overflow in Xsun in Solaris 8 and earlier allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0416
+CVE-2001-0416 (sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files wit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0414
+CVE-2001-0414 (Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0413
+CVE-2001-0413 (BinTec X4000 Access router, and possibly other versions, allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0412
+CVE-2001-0412 (Cisco Content Services (CSS) switch products 11800 and earlier, aka Ar ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0409
+CVE-2001-0409 (vim (aka gvim) allows local users to modify files being edited by othe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0408
+CVE-2001-0408 (vim (aka gvim) processes VIM control codes that are embedded in a file ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0407
+CVE-2001-0407 (Directory traversal vulnerability in MySQL before 3.23.36 allows local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0405
+CVE-2001-0405 (ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0402
+CVE-2001-0402 (IPFilter 3.4.16 and earlier does not include sufficient session inform ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0394
+CVE-2001-0394 (Remote manager service in Website Pro 3.0.37 allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0388
+CVE-2001-0388 (time server daemon timed allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0387
+CVE-2001-0387 (Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0386
+CVE-2001-0386 (AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0383
+CVE-2001-0383 (banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to mod ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0379
+CVE-2001-0379 (Vulnerability in the newgrp program included with HP9000 servers runni ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0378
+CVE-2001-0378 (readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0377
+CVE-2001-0377 (Infradig Inframail prior to 3.98a allows a remote attacker to create a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0375
+CVE-2001-0375 (Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authenticatio ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0373
+CVE-2001-0373 (The default configuration of the Dr. Watson program in Windows NT and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0371
+CVE-2001-0371 (Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0368
+CVE-2001-0368 (Directory traversal vulnerability in BearShare 2.2.2 and earlier allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0366
+CVE-2001-0366 (saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0365
+CVE-2001-0365 (Eudora before 5.1 allows a remote attacker to execute arbitrary code,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0364
+CVE-2001-0364 (SSH Communications Security sshd 2.4 for Windows allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0361
+CVE-2001-0361 (Implementations of SSH version 1.5, including (1) OpenSSH up to versio ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0353
+CVE-2001-0353 (Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0351
+CVE-2001-0351 (Microsoft Windows 2000 telnet service allows a local user to make a ce ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0348
+CVE-2001-0348 (Microsoft Windows 2000 telnet service allows attackers to cause a deni ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0347
+CVE-2001-0347 (Information disclosure vulnerability in Microsoft Windows 2000 telnet  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0346
+CVE-2001-0346 (Handle leak in Microsoft Windows 2000 telnet service allows attackers  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0345
+CVE-2001-0345 (Microsoft Windows 2000 telnet service allows attackers to prevent idle ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0344
+CVE-2001-0344 (An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mi ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0341
+CVE-2001-0341 (Buffer overflow in Microsoft Visual Studio RAD Support sub-component o ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0340
+CVE-2001-0340 (An interaction between the Outlook Web Access (OWA) service in Microso ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0339
+CVE-2001-0339 (Internet Explorer 5.5 and earlier allows remote attackers to display a ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0338
+CVE-2001-0338 (Internet Explorer 5.5 and earlier does not properly validate digital c ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0336
+CVE-2001-0336 (The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an err ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0335
+CVE-2001-0335 (FTP service in IIS 5.0 and earlier allows remote attackers to enumerat ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0334
+CVE-2001-0334 (FTP service in IIS 5.0 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0333
+CVE-2001-0333 (Directory traversal vulnerability in IIS 5.0 and earlier allows remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0331
+CVE-2001-0331 (Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0330
+CVE-2001-0330 (Bugzilla 2.10 allows remote attackers to access sensitive information, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0327
+CVE-2001-0327 (iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0326
+CVE-2001-0326 (Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Applica ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0321
+CVE-2001-0321 (opendir.php script in PHP-Nuke allows remote attackers to read arbitra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0319
+CVE-2001-0319 (orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0318
+CVE-2001-0318 (Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0317
+CVE-2001-0317 (Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0316
+CVE-2001-0316 (Linux kernel 2.4 and 2.2 allows local users to read kernel memory and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0311
+CVE-2001-0311 (Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0310
+CVE-2001-0310 (sort in FreeBSD 4.1.1 and earlier, and possibly other operating system ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0309
+CVE-2001-0309 (inetd in Red Hat 6.2 does not properly close sockets for internal serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0301
+CVE-2001-0301 (Buffer overflow in Analog before 4.16 allows remote attackers to execu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0299
+CVE-2001-0299 (Buffer overflow in Voyager web administration server for Nokia IP440 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0295
+CVE-2001-0295 (Directory traversal vulnerability in War FTP 1.67.04 allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0290
+CVE-2001-0290 (Vulnerability in Mailman 2.0.1 and earlier allows list administrators  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0289
+CVE-2001-0289 (Joe text editor 2.8 searches the current working directory (CWD) for t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0288
+CVE-2001-0288 (Cisco switches and routers running IOS 12.1 and earlier produce predic ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0287
+CVE-2001-0287 (VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0284
+CVE-2001-0284 (Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0280
+CVE-2001-0280 (Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0279
+CVE-2001-0279 (Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gai ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0278
+CVE-2001-0278 (Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0276
+CVE-2001-0276 (ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0274
+CVE-2001-0274 (kicq IRC client 1.0.0, and possibly later versions, allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0269
+CVE-2001-0269 (pam_ldap authentication module in Solaris 8 allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0268
+CVE-2001-0268 (The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0267
+CVE-2001-0267 (NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0266
+CVE-2001-0266 (Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0265
+CVE-2001-0265 (ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0260
+CVE-2001-0260 (Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0259
+CVE-2001-0259 (ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0252
+CVE-2001-0252 (iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0245
+CVE-2001-0245 (Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0244
+CVE-2001-0244 (Buffer overflow in Microsoft Index Server 2.0 allows remote attackers  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0243
+CVE-2001-0243 (Windows Media Player 7 and earlier stores Internet shortcuts in a user ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0241
+CVE-2001-0241 (Buffer overflow in Internet Printing ISAPI extension in Windows 2000 a ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0240
+CVE-2001-0240 (Microsoft Word before Word 2002 allows attackers to automatically exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0239
+CVE-2001-0239 (Microsoft Internet Security and Acceleration (ISA) Server 2000 Web Pro ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0238
+CVE-2001-0238 (Microsoft Data Access Component Internet Publishing Provider 8.103.251 ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0237
+CVE-2001-0237 (Memory leak in Microsoft 2000 domain controller allows remote attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0236
+CVE-2001-0236 (Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0235
+CVE-2001-0235 (Vulnerability in crontab allows local users to read crontab files of o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0234
+CVE-2001-0234 (NewsDaemon before 0.21b allows remote attackers to execute arbitrary S ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0233
+CVE-2001-0233 (Buffer overflow in micq client 0.4.6 and earlier allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0230
+CVE-2001-0230 (Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly othe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0222
+CVE-2001-0222 (webmin 0.84 and earlier allows local users to overwrite and create arb ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0221
+CVE-2001-0221 (Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to g ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0219
+CVE-2001-0219 (Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0218
+CVE-2001-0218 (Format string vulnerability in mars_nwe 0.99.pl19 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0215
+CVE-2001-0215 (ROADS search.pl program allows remote attackers to read arbitrary file ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0207
+CVE-2001-0207 (Buffer overflow in bing allows remote attackers to execute arbitrary c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0204
+CVE-2001-0204 (Watchguard Firebox II allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0203
+CVE-2001-0203 (Watchguard Firebox II firewall allows users with read-only access to g ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0197
+CVE-2001-0197 (Format string vulnerability in print_client in icecast 1.3.8beta2 and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0196
+CVE-2001-0196 (inetd ident server in FreeBSD 4.x and earlier does not properly set gr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0195
+CVE-2001-0195 (sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/sha ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0194
+CVE-2001-0194 (Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0193
+CVE-2001-0193 (Format string vulnerability in man in some Linux distributions allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0191
+CVE-2001-0191 (gnuserv before 3.12, as shipped with XEmacs, does not properly check t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0190
+CVE-2001-0190 (Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0189
+CVE-2001-0189 (Directory traversal vulnerability in LocalWEB2000 HTTP server allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0187
+CVE-2001-0187 (Format string vulnerability in wu-ftp 2.6.1 and earlier, when running  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0185
+CVE-2001-0185 (Netopia R9100 router version 4.6 allows authenticated users to cause a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0183
+CVE-2001-0183 (ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to b ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0182
+CVE-2001-0182 (FireWall-1 4.1 with a limited-IP license allows remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0179
+CVE-2001-0179 (Allaire JRun 3.0 allows remote attackers to list contents of the WEB-I ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0178
+CVE-2001-0178 (kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0176
+CVE-2001-0176 (The setuid doroot program in Voyant Sonata 3.x executes arbitrary comm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0175
+CVE-2001-0175 (The caching module in Netscape Fasttrack Server 4.1 allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0174
+CVE-2001-0174 (Buffer overflow in Trend Micro Virus Buster 2001 8.00 allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0170
+CVE-2001-0170 (glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0169
+CVE-2001-0169 (When using the LD_PRELOAD environmental variable in SUID or SGID appli ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0166
+CVE-2001-0166 (Macromedia Shockwave Flash plugin version 8 and earlier allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0165
+CVE-2001-0165 (Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0164
+CVE-2001-0164 (Buffer overflow in Netscape Directory Server 4.12 and earlier allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0157
+CVE-2001-0157 (Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0156
+CVE-2001-0156 (VShell SSH gateway 1.0.1 and earlier has a default port forwarding rul ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0155
+CVE-2001-0155 (Format string vulnerability in VShell SSH gateway 1.0.1 and earlier al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0154
+CVE-2001-0154 (HTML e-mail feature in Internet Explorer 5.5 and earlier allows attack ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0153
+CVE-2001-0153 (Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual St ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0152
+CVE-2001-0152 (The password protection option for the Compressed Folders feature in P ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0151
+CVE-2001-0151 (IIS 5.0 allows remote attackers to cause a denial of service via a ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0150
+CVE-2001-0150 (Internet Explorer 5.5 and earlier executes Telnet sessions using comma ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0149
+CVE-2001-0149 (Windows Scripting Host in Internet Explorer 5.5 and earlier allows rem ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0148
+CVE-2001-0148 (The WMP ActiveX Control in Windows Media Player 7 allows remote attack ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0147
+CVE-2001-0147 (Buffer overflow in Windows 2000 event viewer snap-in allows attackers  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0144
+CVE-2001-0144 (CORE SDI SSH1 CRC-32 compensation attack detector allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0143
+CVE-2001-0143 (vpop3d program in linuxconf 1.23r and earlier allows local users to ov ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0142
+CVE-2001-0142 (squid 2.3 and earlier allows local users to overwrite arbitrary files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0141
+CVE-2001-0141 (mgetty 1.1.22 allows local users to overwrite arbitrary files via a sy ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0140
+CVE-2001-0140 (arpwatch 2.1a4 allows local users to overwrite arbitrary files via a s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0139
+CVE-2001-0139 (inn 2.2.3 allows local users to overwrite arbitrary files via a symlin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0138
+CVE-2001-0138 (privatepw program in wu-ftpd before 2.6.1-6 allows local users to over ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0137
+CVE-2001-0137 (Windows Media Player 7 allows remote attackers to execute malicious Ja ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0136
+CVE-2001-0136 (Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0130
+CVE-2001-0130 (Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0129
+CVE-2001-0129 (Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0128
+CVE-2001-0128 (Zope before 2.2.4 does not properly compute local roles, which could a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0126
+CVE-2001-0126 (Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to exe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0125
+CVE-2001-0125 (exmh 2.2 and earlier allows local users to overwrite arbitrary files v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0124
+CVE-2001-0124 (Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0123
+CVE-2001-0123 (Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0122
+CVE-2001-0122 (Kernel leak in AfpaCache module of the Fast Response Cache Accelerator ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0121
+CVE-2001-0121 (ImageCast Control Center 4.1.0 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0120
+CVE-2001-0120 (useradd program in shadow-utils program may allow local users to overw ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0119
+CVE-2001-0119 (getty_ps 2.0.7j allows local users to overwrite arbitrary files via a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0118
+CVE-2001-0118 (rdist 6.1.5 allows local users to overwrite arbitrary files via a syml ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0117
+CVE-2001-0117 (sdiff 2.7 in the diffutils package allows local users to overwrite fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0116
+CVE-2001-0116 (gpm 1.19.3 allows local users to overwrite arbitrary files via a symli ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0115
+CVE-2001-0115 (Buffer overflow in arp command in Solaris 7 and earlier allows local u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0111
+CVE-2001-0111 (Format string vulnerability in splitvt before 1.6.5 allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0110
+CVE-2001-0110 (Buffer overflow in jaZip Zip/Jaz drive manager allows local users to g ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0109
+CVE-2001-0109 (rctab in SuSE 7.0 and earlier allows local users to create or overwrit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0108
+CVE-2001-0108 (PHP Apache module 4.0.4 and earlier allows remote attackers to bypass  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0106
+CVE-2001-0106 (Vulnerability in inetd server in HP-UX 11.04 and earlier allows attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0105
+CVE-2001-0105 (Vulnerability in top in HP-UX 11.04 and earlier allows local users to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0100
+CVE-2001-0100 (bslist.cgi mailing list script allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0099
+CVE-2001-0099 (bsguest.cgi guestbook script allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0096
+CVE-2001-0096 (FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote at ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0095
+CVE-2001-0095 (catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0094
+CVE-2001-0094 (Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authenticati ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0092
+CVE-2001-0092 (A function in Internet Explorer 5.0 through 5.5 does not properly veri ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0091
+CVE-2001-0091 (The ActiveX control for invoking a scriptlet in Internet Explorer 5.0  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0090
+CVE-2001-0090 (The Print Templates feature in Internet Explorer 5.5 executes arbitrar ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0089
+CVE-2001-0089 (Internet Explorer 5.0 through 5.5 allows remote attackers to read arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0085
+CVE-2001-0085 (Buffer overflow in Kermit communications software in HP-UX 11.0 and ea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0083
+CVE-2001-0083 (Windows Media Unicast Service in Windows Media Services 4.0 and 4.1 do ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0081
+CVE-2001-0081 (swinit in nCipher does not properly disable the Operator Card Set reco ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0080
+CVE-2001-0080 (Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to  ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0078
+CVE-2001-0078 (in.mond in Sun Cluster 2.x allows local users to read arbitrary files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0077
+CVE-2001-0077 (The clustmon service in Sun Cluster 2.x does not require authenticatio ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0072
+CVE-2001-0072 (gpg (aka GnuPG) 1.0.4 and other versions imports both public and priva ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0071
+CVE-2001-0071 (gpg (aka GnuPG) 1.0.4 and other versions does not properly verify deta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0069
+CVE-2001-0069 (dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local user ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0066
+CVE-2001-0066 (Secure Locate (slocate) allows local users to corrupt memory via a mal ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0063
+CVE-2001-0063 (procfs in FreeBSD and possibly other operating systems allows local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0062
+CVE-2001-0062 (procfs in FreeBSD and possibly other operating systems allows local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0061
+CVE-2001-0061 (procfs in FreeBSD and possibly other operating systems does not proper ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0060
+CVE-2001-0060 (Format string vulnerability in stunnel 3.8 and earlier allows attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0059
+CVE-2001-0059 (patchadd in Solaris allows local users to overwrite arbitrary files vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0058
+CVE-2001-0058 (The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier  ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0057
+CVE-2001-0057 (Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attacker ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0056
+CVE-2001-0056 (The Cisco Web Management interface in routers running CBOS 2.4.1 and e ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0055
+CVE-2001-0055 (CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0054
+CVE-2001-0054 (Directory traversal vulnerability in FTP Serv-U before 2.5i allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0053
+CVE-2001-0053 (One-byte buffer overflow in replydirname function in BSD-based ftpd al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0050
+CVE-2001-0050 (Buffer overflow in BitchX IRC client allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0043
+CVE-2001-0043 (phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0042
+CVE-2001-0042 (PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0041
+CVE-2001-0041 (Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches all ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0040
+CVE-2001-0040 (APC UPS daemon, apcupsd, saves its process ID in a world-writable file ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0039
+CVE-2001-0039 (IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0036
+CVE-2001-0036 (KTH Kerberos IV allows local users to overwrite arbitrary files via a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0035
+CVE-2001-0035 (Buffer overflow in the kdc_reply_cipher function in KTH Kerberos IV al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0034
+CVE-2001-0034 (KTH Kerberos IV allows local users to specify an alternate proxy using ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0033
+CVE-2001-0033 (KTH Kerberos IV allows local users to change the configuration of a Ke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0028
+CVE-2001-0028 (Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0026
+CVE-2001-0026 (rp-pppoe PPPoE client allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0021
+CVE-2001-0021 (MailMan Webmail 3.0.25 and earlier allows remote attackers to execute  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0020
+CVE-2001-0020 (Directory traversal vulnerability in Arrowpoint (aka Cisco Content Ser ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0018
+CVE-2001-0018 (Windows 2000 domain controller in Windows 2000 Server, Advanced Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0017
+CVE-2001-0017 (Memory leak in PPTP server in Windows NT 4.0 allows remote attackers t ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0016
+CVE-2001-0016 (NTLM Security Support Provider (NTLMSSP) service does not properly che ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0015
+CVE-2001-0015 (Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0014
+CVE-2001-0014 (Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not p ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0013
+CVE-2001-0013 (Format string vulnerability in nslookupComplain function in BIND 4 all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0012
+CVE-2001-0012 (BIND 4 and BIND 8 allow remote attackers to access sensitive informati ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0011
+CVE-2001-0011 (Buffer overflow in nslookupComplain function in BIND 4 allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0010
+CVE-2001-0010 (Buffer overflow in transaction signature (TSIG) handling code in BIND  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0009
+CVE-2001-0009 (Directory traversal vulnerability in Lotus Domino 5.0.5 web server all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0008
+CVE-2001-0008 (Backdoor account in Interbase database server allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0007
+CVE-2001-0007 (Buffer overflow in NetScreen Firewall WebUI allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0006
+CVE-2001-0006 (The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropr ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0005
+CVE-2001-0005 (Buffer overflow in the parsing mechanism of the file loader in Microso ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0004
+CVE-2001-0004 (IIS 5.0 and 4.0 allows remote attackers to read the source code for ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0003
+CVE-2001-0003 (Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0002
+CVE-2001-0002 (Internet Explorer 5.5 and earlier allows remote attackers to obtain th ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0001
+CVE-2001-0001 (cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1413
+CVE-2001-1413 (Stack-based buffer overflow in the comprexx function for ncompress 4.2 ...)
 	NOTE: not vulnerable according to http://web.archive.org/web/20070529152436/http://www.debian.org/security/nonvulns-sarge
 	NOTE: discussion at:
 	NOTE: http://archives.neohapsis.com/archives/linux/lsap/2001-q2/0081.html
 	NOTE: listed sarge version contains a fix like the patch from Gentoo
 	- ncompress 4.2.4-15
-CVE-2001-1412
+CVE-2001-1412 (nidump on MacOS X before 10.3 allows local users to read the encrypted ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1411
+CVE-2001-1411 (Format string vulnerability in gm4 (aka m4) on Mac OS X may allow loca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1410
+CVE-2001-1410 (Internet Explorer 6 and earlier allows remote attackers to create chro ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1409
+CVE-2001-1409 (dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1408
+CVE-2001-1408 (Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in C ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1405
+CVE-2001-1405 (Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, whic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1404
+CVE-2001-1404 (Bugzilla before 2.14 stores user passwords in plaintext and sends pass ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1403
+CVE-2001-1403 (Bugzilla before 2.14 includes the username and password in URLs, which ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1402
+CVE-2001-1402 (Bugzilla before 2.14 does not properly escape untrusted parameters, wh ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1401
+CVE-2001-1401 (Bugzilla before 2.14 does not properly restrict access to confidential ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1400
+CVE-2001-1400 (Unknown vulnerabilities in the UDP port allocation for Linux kernel be ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1399
+CVE-2001-1399 (Certain operations in Linux kernel before 2.2.19 on the x86 architectu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1398
+CVE-2001-1398 (Masquerading code for Linux kernel before 2.2.19 does not fully check  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1397
+CVE-2001-1397 (The System V (SYS5) shared memory implementation for Linux kernel befo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1396
+CVE-2001-1396 (Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1395
+CVE-2001-1395 (Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 rel ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1394
+CVE-2001-1394 (Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1393
+CVE-2001-1393 (Unknown vulnerability in classifier code for Linux kernel before 2.2.1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1392
+CVE-2001-1392 (The Linux kernel before 2.2.19 does not have unregister calls for (1)  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1390
+CVE-2001-1390 (Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1389
+CVE-2001-1389 (Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1388
+CVE-2001-1388 (iptables before 1.2.4 does not accurately convert rate limits that are ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1387
+CVE-2001-1387 (iptables-save in iptables before 1.2.4 records the "--reject-with icmp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1384
+CVE-2001-1384 (ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1379
+CVE-2001-1379 (The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1377
+CVE-2001-1377 (Multiple RADIUS implementations do not properly validate the Vendor-Le ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1376
+CVE-2001-1376 (Buffer overflow in digest calculation function of multiple RADIUS impl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1368
+CVE-2001-1368 (Vulnerability in iPlanet Web Server 4 included in Virtualvault Operati ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1366
+CVE-2001-1366 (netscript before 1.6.3 parses dynamic variables, which could allow rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1365
+CVE-2001-1365 (Vulnerability in IntraGnat before 1.4. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1364
+CVE-2001-1364 (Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1363
+CVE-2001-1363 (Vulnerability in phpWebSite before 0.7.9 related to running multiple i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1362
+CVE-2001-1362 (Vulnerability in the server for nPULSE before 0.53p4. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1361
+CVE-2001-1361 (Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1360
+CVE-2001-1360 (Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1358
+CVE-2001-1358 (Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1357
+CVE-2001-1357 (Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1356
+CVE-2001-1356 (NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1355
+CVE-2001-1355 (Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and ear ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1354
+CVE-2001-1354 (NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1353
+CVE-2001-1353 (ghostscript before 6.51 allows local users to read and write arbitrary ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1348
+CVE-2001-1348 (TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1346
+CVE-2001-1346 (Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1344
+CVE-2001-1344 (WSSecurity.pl in WebStore allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1343
+CVE-2001-1343 (ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated Web ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1341
+CVE-2001-1341 (The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi pr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1340
+CVE-2001-1340 (Beck GmbH IPC@Chip TelnetD service supports only one connection and do ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1339
+CVE-2001-1339 (Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1338
+CVE-2001-1338 (Beck IPC GmbH IPC@CHIP TelnetD server generates different responses wh ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1337
+CVE-2001-1337 (Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1336
+CVE-2001-1336 (CesarFTP 0.98b and earlier stores usernames and passwords in plaintext ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1335
+CVE-2001-1335 (Directory traversal vulnerability in CesarFTP 0.98b and earlier allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1333
+CVE-2001-1333 (Linux CUPS before 1.1.6 does not securely handle temporary files, poss ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1332
+CVE-2001-1332 (Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1331
+CVE-2001-1331 (mandb in the man-db package before 2.3.16-3 allows local users to over ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1330
+CVE-2001-1330 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ro ...)
 	NOT-FOR-US: AIX
-CVE-2001-1329
+CVE-2001-1329 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ro ...)
 	NOT-FOR-US: AIX
-CVE-2001-1326
+CVE-2001-1326 (Eudora 5.1 allows remote attackers to execute arbitrary code when the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1325
+CVE-2001-1325 (Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1324
+CVE-2001-1324 (cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not pr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1323
+CVE-2001-1323 (Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1321
+CVE-2001-1321 (Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1320
+CVE-2001-1320 (Network Associates PGP Keyserver 7.0 allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1319
+CVE-2001-1319 (Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1318
+CVE-2001-1318 (Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1317
+CVE-2001-1317 (Teamware Office Enterprise Directory allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1316
+CVE-2001-1316 (Buffer overflows in Teamware Office Enterprise Directory allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1315
+CVE-2001-1315 (Critical Path (1) InJoin Directory Server or (2) LiveContent Directory ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1314
+CVE-2001-1314 (Buffer overflows in Critical Path (1) InJoin Directory Server or (2) L ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1313
+CVE-2001-1313 (Lotus Domino R5 before R5.0.7a allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1312
+CVE-2001-1312 (Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1311
+CVE-2001-1311 (Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1310
+CVE-2001-1310 (IBM SecureWay 3.2.1 allow remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1309
+CVE-2001-1309 (Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1308
+CVE-2001-1308 (Format string vulnerabilities in iPlanet Directory Server 4.1.4 and ea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1307
+CVE-2001-1307 (Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP)  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1306
+CVE-2001-1306 (iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1305
+CVE-2001-1305 (ICQ 2001a Alpha and earlier allows remote attackers to automatically a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1304
+CVE-2001-1304 (Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1300
+CVE-2001-1300 (Directory traversal vulnerability in Dynu FTP server 1.05 and earlier  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1298
+CVE-2001-1298 (Webodex PHP script 1.0 and earlier allows remote attackers to include  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1294
+CVE-2001-1294 (Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1293
+CVE-2001-1293 (Buffer overflow in web server of 3com HomeConnect Cable Modem External ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1292
+CVE-2001-1292 (Sambar Telnet Proxy/Server allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1290
+CVE-2001-1290 (admin.cgi in Active Classifieds Free Edition 1.0, and possibly commerc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1289
+CVE-2001-1289 (Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1288
+CVE-2001-1288 (Windows 2000 and Windows NT allows local users to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1287
+CVE-2001-1287 (Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1286
+CVE-2001-1286 (Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1285
+CVE-2001-1285 (Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1284
+CVE-2001-1284 (Ipswitch IMail 7.04 and earlier uses predictable session IDs for authe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1283
+CVE-2001-1283 (The webmail interface for Ipswitch IMail 7.04 and earlier allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1282
+CVE-2001-1282 (Ipswitch IMail 7.04 and earlier records the physical path of attachmen ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1281
+CVE-2001-1281 (Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1280
+CVE-2001-1280 (POP3 Server for Ipswitch IMail 7.04 and earlier generates different re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1278
+CVE-2001-1278 (Zope before 2.2.4 allows partially trusted users to bypass security co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1275
+CVE-2001-1275 (MySQL before 3.23.31 allows users with a MySQL account to use the SHOW ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1274
+CVE-2001-1274 (Buffer overflow in MySQL before 3.23.31 allows attackers to cause a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1273
+CVE-2001-1273 (The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, whe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1272
+CVE-2001-1272 (wmtv 0.6.5 and earlier does not properly drop privileges, which allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1271
+CVE-2001-1271 (Directory traversal vulnerability in rar 2.02 and earlier allows attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1270
+CVE-2001-1270 (Directory traversal vulnerability in the console version of PKZip (pkz ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1269
+CVE-2001-1269 (Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1268
+CVE-2001-1268 (Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1265
+CVE-2001-1265 (Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1264
+CVE-2001-1264 (Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1263
+CVE-2001-1263 (telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1262
+CVE-2001-1262 (Avaya Argent Office 2.1 compares a user-provided SNMP community string ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1261
+CVE-2001-1261 (Avaya Argent Office 2.1 may allow remote attackers to change hold musi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1260
+CVE-2001-1260 (Avaya Argent Office uses weak encryption (trivial encoding) for passwo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1259
+CVE-2001-1259 (Avaya Argent Office allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1258
+CVE-2001-1258 (Horde Internet Messaging Program (IMP) before 2.2.6 allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1257
+CVE-2001-1257 (Cross-site scripting vulnerability in Horde Internet Messaging Program ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1256
+CVE-2001-1256 (kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1255
+CVE-2001-1255 (WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1254
+CVE-2001-1254 (Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sen ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1253
+CVE-2001-1253 (Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1250
+CVE-2001-1250 (vWebServer 1.2.0 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1249
+CVE-2001-1249 (vWebServer 1.2.0 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1248
+CVE-2001-1248 (vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1245
+CVE-2001-1245 (Opera 5.0 for Linux does not properly handle malformed HTTP headers, w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1244
+CVE-2001-1244 (Multiple TCP implementations could allow remote attackers to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1243
+CVE-2001-1243 (Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 al ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1242
+CVE-2001-1242 (Directory traversal vulnerability in Un-CGI 1.9 and earlier allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1241
+CVE-2001-1241 (Un-CGI 1.9 and earlier does not verify that a CGI script has the execu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1239
+CVE-2001-1239 (PowerNet IX allows remote attackers to cause a denial of service via a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1238
+CVE-2001-1238 (Task Manager in Windows 2000 does not allow local users to end process ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1233
+CVE-2001-1233 (Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1232
+CVE-2001-1232 (GroupWise WebAccess 5.5 with directory indexing enabled allows a remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1230
+CVE-2001-1230 (Buffer overflows in Icecast before 1.3.10 allow remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1229
+CVE-2001-1229 (Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1228
+CVE-2001-1228 (Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1226
+CVE-2001-1226 (AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1225
+CVE-2001-1225 (Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1224
+CVE-2001-1224 (get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1223
+CVE-2001-1223 (The web administration server for ELSA Lancom 1100 Office does not req ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1222
+CVE-2001-1222 (Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1221
+CVE-2001-1221 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1220
+CVE-2001-1220 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point store ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1219
+CVE-2001-1219 (Microsoft Internet Explorer 6.0 and earlier allows malicious website o ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1218
+CVE-2001-1218 (Microsoft Internet Explorer for Unix 5.0SP1 allows local users to poss ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-1217
+CVE-2001-1217 (Directory traversal vulnerability in PL/SQL Apache module in Oracle Or ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1216
+CVE-2001-1216 (Buffer overflow in PL/SQL Apache module in Oracle 9i Application Serve ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1214
+CVE-2001-1214 (manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1213
+CVE-2001-1213 (The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1212
+CVE-2001-1212 (Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1211
+CVE-2001-1211 (Ipswitch IMail 7.0.4 and earlier allows attackers with administrator p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1210
+CVE-2001-1210 (Cisco ubr900 series routers that conform to the Data-over-Cable Servic ...)
 	NOT-FOR-US: Cisco
-CVE-2001-1209
+CVE-2001-1209 (Directory traversal vulnerability in zml.cgi allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1208
+CVE-2001-1208 (Format string vulnerability in DayDream BBS allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1207
+CVE-2001-1207 (Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1206
+CVE-2001-1206 (Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arb ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1205
+CVE-2001-1205 (Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1204
+CVE-2001-1204 (Directory traversal vulnerability in phprocketaddin in Total PC Soluti ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1202
+CVE-2001-1202 (Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does no ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1198
+CVE-2001-1198 (RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1197
+CVE-2001-1197 (klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1196
+CVE-2001-1196 (Directory traversal vulnerability in edit_action.cgi of Webmin Directo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1195
+CVE-2001-1195 (Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a defau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1194
+CVE-2001-1194 (Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1192
+CVE-2001-1192 (Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1191
+CVE-2001-1191 (WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1190
+CVE-2001-1190 (The default PAM files included with passwd in Mandrake Linux 8.1 do no ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1189
+CVE-2001-1189 (IBM Websphere Application Server 3.5.3 and earlier stores a password i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1188
+CVE-2001-1188 (mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1187
+CVE-2001-1187 (csvform.pl 0.1 allows remote attackers to execute arbitrary commands v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1184
+CVE-2001-1184 (wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1182
+CVE-2001-1182 (Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restric ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1181
+CVE-2001-1181 (Dynamically Loadable Kernel Module (dlkm) static kernel symbol table i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1179
+CVE-2001-1179 (xman allows local users to gain privileges by modifying the MANPATH to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1178
+CVE-2001-1178 (Buffer overflow in xman allows local users to gain privileges via a lo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1173
+CVE-2001-1173 (Vulnerability in MasqMail before 0.1.15 allows local users to gain pri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1171
+CVE-2001-1171 (Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1170
+CVE-2001-1170 (AmTote International homebet program stores the homebet.log file in th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1169
+CVE-2001-1169 (keyinit in S/Key does not require authentication to initialize a one-t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1168
+CVE-2001-1168 (Directory traversal vulnerability in index.php in PhpMyExplorer before ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-1167
 	REJECTED
-CVE-2001-1165
+CVE-2001-1165 (Intego FileGuard 4.0 uses weak encryption to store user information an ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1164
+CVE-2001-1164 (Buffer overflow in uucp utilities in UnixWare 7 allows local users to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1163
+CVE-2001-1163 (Buffer overflow in Munica Corporation NetSQL 1.0 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1159
+CVE-2001-1159 (load_prefs.php and supporting include files in SquirrelMail 1.0.4 and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1157
+CVE-2001-1157 (Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filte ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1156
+CVE-2001-1156 (TYPSoft FTP 0.95 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1154
+CVE-2001-1154 (Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1152
+CVE-2001-1152 (Baltimore Technologies WEBsweeper 4.02, when used to manage URL blackl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1151
+CVE-2001-1151 (Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1150
+CVE-2001-1150 (Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1148
+CVE-2001-1148 (Multiple buffer overflows in programs used by scoadmin and sysadmsh in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1143
+CVE-2001-1143 (IBM DB2 7.0 allows a remote attacker to cause a denial of service (cra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1142
+CVE-2001-1142 (ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1140
+CVE-2001-1140 (BadBlue Personal Edition v1.02 beta allows remote attackers to read so ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1139
+CVE-2001-1139 (Directory traversal vulnerability in ASCII NT WinWrapper Professional  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1138
+CVE-2001-1138 (Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1137
+CVE-2001-1137 (D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1136
+CVE-2001-1136 (The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1135
+CVE-2001-1135 (ZyXEL Prestige 642R and 642R-I routers do not filter the routers' Teln ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1134
+CVE-2001-1134 (Xerox DocuPrint N40 Printers allow remote attackers to cause a denial  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1133
+CVE-2001-1133 (Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1131
+CVE-2001-1131 (Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1129
+CVE-2001-1129 (Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mpro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1128
+CVE-2001-1128 (Buffer overflow in Progress database 8.3D and 9.1C allows local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1127
+CVE-2001-1127 (Buffer overflow in Progress database 8.3D and 9.1C could allow a local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1126
+CVE-2001-1126 (Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1125
+CVE-2001-1125 (Symantec LiveUpdate before 1.6 does not use cryptography to ensure the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1124
+CVE-2001-1124 (rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1123
+CVE-2001-1123 (Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP Open ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1122
+CVE-2001-1122 (Windows NT 4.0 SP 6a allows a local user with write access to winnt/sy ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1120
+CVE-2001-1120 (Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1115
+CVE-2001-1115 (generate.cgi in SIX-webboard 2.01 and before allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1114
+CVE-2001-1114 (book.cgi in NetCode NC Book 0.2b allows remote attackers to execute ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1112
+CVE-2001-1112 (Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1111
+CVE-2001-1111 (EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.da ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1110
+CVE-2001-1110 (EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials b ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1109
+CVE-2001-1109 (Directory traversal vulnerability in EFTP 2.0.7.337 allows remote auth ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1107
+CVE-2001-1107 (SnapStream PVS 1.2a stores its passwords in plaintext in the file SSD. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1105
+CVE-2001-1105 (RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches  ...)
 	NOT-FOR-US: Cisco
-CVE-2001-1104
+CVE-2001-1104 (SonicWALL SOHO uses easily predictable TCP sequence numbers, which all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1102
+CVE-2001-1102 (Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1101
+CVE-2001-1101 (The Log Viewer function in the Check Point FireWall-1 GUI for Solaris  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1097
+CVE-2001-1097 (Cisco routers and switches running IOS 12.0 through 12.2.1 allows a re ...)
 	NOT-FOR-US: Cisco
-CVE-2001-1094
+CVE-2001-1094 (NetOp School 1.5 allows local users to bypass access restrictions on t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1093
+CVE-2001-1093 (Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows loca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1092
+CVE-2001-1092 (msgchk in Digital UNIX 4.0G and earlier allows a local user to read th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1091
+CVE-2001-1091 (The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1090
+CVE-2001-1090 (nss_postgresql 0.6.1 and before allows a remote attacker to execute ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1087
+CVE-2001-1087 (The default configuration of the config.http.tunnel.allow_ports option ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1086
+CVE-2001-1086 (XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1082
+CVE-2001-1082 (Directory traversal vulnerability in Livingston/Lucent RADIUS before 2 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1078
+CVE-2001-1078 (Format string vulnerability in flog function of eXtremail 1.1.9 and ea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1077
+CVE-2001-1077 (Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1076
+CVE-2001-1076 (Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows loc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1073
+CVE-2001-1073 (Webridge PX Application Suite allows remote attackers to obtain sensit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1070
+CVE-2001-1070 (Sage Software MAS 200 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1068
+CVE-2001-1068 (qpopper 4.01 with PAM based authentication on Red Hat systems generate ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1065
+CVE-2001-1065 (Web-based configuration utility in Cisco 600 series routers running CB ...)
 	NOT-FOR-US: Cisco
-CVE-2001-1064
+CVE-2001-1064 (Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows rem ...)
 	NOT-FOR-US: Cisco
-CVE-2001-1061
+CVE-2001-1061 (Vulnerability in lsmcode in unknown versions of AIX, possibly related  ...)
 	NOT-FOR-US: AIX
-CVE-2001-1060
+CVE-2001-1060 (phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arb ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1058
+CVE-2001-1058 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1057
+CVE-2001-1057 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1052
+CVE-2001-1052 (Empris PHP script allows remote attackers to include arbitrary files f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1051
+CVE-2001-1051 (Dark Hart Portal (darkportal) PHP script allows remote attackers to in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1050
+CVE-2001-1050 (CCCSoftware CCC PHP script allows remote attackers to include arbitrar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1047
+CVE-2001-1047 (Race condition in OpenBSD VFS allows local users to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1045
+CVE-2001-1045 (Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1044
+CVE-2001-1044 (Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1042
+CVE-2001-1042 (Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1041
+CVE-2001-1041 (oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1040
+CVE-2001-1040 (HP LaserJet, and possibly other JetDirect devices, resets the admin pa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1039
+CVE-2001-1039 (The JetAdmin web interface for HP JetDirect does not set a password fo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1034
+CVE-2001-1034 (Format string vulnerability in Hylafax on FreeBSD allows local users t ...)
 	{DSA-148}
 	- hylafax 4.1.2-2.1
-CVE-2001-1033
+CVE-2001-1033 (Compaq TruCluster 1.5 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1031
+CVE-2001-1031 (Directory traversal vulnerability in Meteor FTP 1.0 allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1026
+CVE-2001-1026 (Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs whe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1025
+CVE-2001-1025 (PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operatio ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1024
+CVE-2001-1024 (login.gas.bat and other CGI scripts in Entrust getAccess allow remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1023
+CVE-2001-1023 (Xcache 2.1 allows remote attackers to determine the absolute path of w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1021
+CVE-2001-1021 (Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1019
+CVE-2001-1019 (Directory traversal vulnerability in view_item CGI program in sglMerch ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1018
+CVE-2001-1018 (Lotus Domino web server 5.08 allows remote attackers to determine the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1015
+CVE-2001-1015 (Buffer overflow in Snes9x 1.37, when installed setuid root, allows loc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1014
+CVE-2001-1014 (eshop.pl in WebDiscount(e)shop allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1013
+CVE-2001-1013 (Apache on Red Hat Linux with with the UserDir directive enabled genera ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1012
+CVE-2001-1012 (Vulnerability in screen before 3.9.10, related to a multi-attach error ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1009
+CVE-2001-1009 (Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1007
+CVE-2001-1007 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a smal ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1006
+CVE-2001-1006 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not en ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1005
+CVE-2001-1005 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1004
+CVE-2001-1004 (Cross-site scripting (CSS) vulnerability in gnut Gnutella client befor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1003
+CVE-2001-1003 (Respondus 1.1.2 for WebCT uses weak encryption to remember usernames a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-1000
+CVE-2001-1000 (rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0999
+CVE-2001-0999 (Outlook Express 6.00 allows remote attackers to execute arbitrary scri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0997
+CVE-2001-0997 (Textor Webmasters Ltd listrec.pl CGI program allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0996
+CVE-2001-0996 (POP3Lite before 0.2.4 does not properly quote a . (dot) in an email me ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0994
+CVE-2001-0994 (Marconi ForeThought 7.1 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0992
+CVE-2001-0992 (shopplus.cgi in ShopPlus shopping cart allows remote attackers to exec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0991
+CVE-2001-0991 (Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0990
+CVE-2001-0990 (Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, comp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0989
+CVE-2001-0989 (Buffer overflows in Pileup before 1.2 allows local users to gain root  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0988
+CVE-2001-0988 (Arkeia backup server 4.2.8-2 and earlier creates its database files wi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0986
+CVE-2001-0986 (SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote at ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0985
+CVE-2001-0985 (shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0984
+CVE-2001-0984 (Password Safe 1.7(1) leaves cleartext passwords in memory when a user  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0983
+CVE-2001-0983 (UltraEdit uses weak encryption to record FTP passwords in the uedit32. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0979
+CVE-2001-0979 (Buffer overflow in swverify in HP-UX 11.0, and possibly other programs ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0976
+CVE-2001-0976 (Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earli ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0975
+CVE-2001-0975 (Buffer overflow vulnerabilities in Oracle Internet Directory Server (L ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0974
+CVE-2001-0974 (Format string vulnerabilities in Oracle Internet Directory Server (LDA ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0972
+CVE-2001-0972 (Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0971
+CVE-2001-0971 (Directory traversal vulnerability in ACI 4d webserver allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0970
+CVE-2001-0970 (Cross-site scripting vulnerability in TDForum 1.2 CGI script (tdforum1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0968
+CVE-2001-0968 (Knox Arkeia server 4.2, and possibly other versions, installs its root ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0967
+CVE-2001-0967 (Knox Arkeia server 4.2, and possibly other versions, uses a constant s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0966
+CVE-2001-0966 (Directory traversal vulnerability in Nudester 1.10 and earlier allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0964
+CVE-2001-0964 (Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows mal ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0958
+CVE-2001-0958 (Buffer overflows in eManager plugin for Trend Micro InterScan VirusWal ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0956
+CVE-2001-0956 (speechd 0.54 and earlier, with the Festival or rsynth speech synthesis ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0955
+CVE-2001-0955 (Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0953
+CVE-2001-0953 (Kebi WebMail allows remote attackers to access the administrator menu  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0952
+CVE-2001-0952 (THQ Volition Red Faction Game allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0950
+CVE-2001-0950 (ValiCert Enterprise Validation Authority (EVA) Administration Server 3 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0949
+CVE-2001-0949 (Buffer overflows in forms.exe CGI program in ValiCert Enterprise Valid ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0948
+CVE-2001-0948 (Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Valida ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0947
+CVE-2001-0947 (Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0945
+CVE-2001-0945 (Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0944
+CVE-2001-0944 (DDE in mIRC allows local users to launch applications under another us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0943
+CVE-2001-0943 (dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0942
+CVE-2001-0942 (dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment vari ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0941
+CVE-2001-0941 (Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0938
+CVE-2001-0938 (Directory traversal vulnerability in AspUpload 2.1, in certain configu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0937
+CVE-2001-0937 (PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0935
+CVE-2001-0935 (Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0934
+CVE-2001-0934 (Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0933
+CVE-2001-0933 (Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the con ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0932
+CVE-2001-0932 (Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0931
+CVE-2001-0931 (Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0930
+CVE-2001-0930 (Sendpage.pl allows remote attackers to execute arbitrary commands via  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0928
+CVE-2001-0928 (Buffer overflow in the permitted function of GNOME gtop daemon (libgto ...)
 	{DSA-301}
 	- libgtop 1.0.13-4
-CVE-2001-0927
+CVE-2001-0927 (Format string vulnerability in the permitted function of GNOME libgtop ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0926
+CVE-2001-0926 (SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0925
+CVE-2001-0925 (The default installation of Apache before 1.3.19 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0924
+CVE-2001-0924 (Directory traversal vulnerability in ifx CGI program in Informix Web D ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0923
+CVE-2001-0923 (RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0922
+CVE-2001-0922 (ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier version ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0919
+CVE-2001-0919 (Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow c ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0916
+CVE-2001-0916 (Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0915
+CVE-2001-0915 (Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0913
+CVE-2001-0913 (Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0911
+CVE-2001-0911 (PHP-Nuke 5.1 stores user and administrator passwords in a base-64 enco ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0910
+CVE-2001-0910 (Legato Networker before 6.1 allows remote attackers to bypass access r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0908
+CVE-2001-0908 (CITRIX Metaframe 1.8 logs the Client Address (IP address) that is prov ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0904
+CVE-2001-0904 (Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0903
+CVE-2001-0903 (Linear key exchange process in High-bandwidth Digital Content Protecti ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0898
+CVE-2001-0898 (Opera 6.0 and earlier allows remote attackers to access sensitive info ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0897
+CVE-2001-0897 (Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0893
+CVE-2001-0893 (Acme mini_httpd before 1.16 allows remote attackers to view sensitive  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0892
+CVE-2001-0892 (Acme Thttpd Secure Webserver before 2.22, with the chroot option enabl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0890
+CVE-2001-0890 (Certain backend drivers in the SANE library 1.0.3 and earlier, as used ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0885
 	RESERVED
@@ -2332,63 +2332,63 @@ CVE-2001-0880
 	RESERVED
 CVE-2001-0878
 	RESERVED
-CVE-2001-0871
+CVE-2001-0871 (Directory traversal vulnerability in HTTP server for Alchemy Eye and A ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0870
+CVE-2001-0870 (HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0868
+CVE-2001-0868 (Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve syst ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0858
+CVE-2001-0858 (Buffer overflow in pppattach and other linked PPP utilities in Caldera ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0856
+CVE-2001-0856 (Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0855
+CVE-2001-0855 (Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0854
+CVE-2001-0854 (PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary file ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0853
+CVE-2001-0853 (Directory traversal vulnerability in Entrust GetAccess allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0849
+CVE-2001-0849 (viralator CGI script in Viralator 0.9pre1 and earlier allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0848
+CVE-2001-0848 (join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0847
+CVE-2001-0847 (Lotus Domino Web Server 5.x allows remote attackers to gain sensitive  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0845
+CVE-2001-0845 (Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0844
+CVE-2001-0844 (Vulnerability in (1) Book of guests and (2) Post it! allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0842
+CVE-2001-0842 (Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0841
+CVE-2001-0841 (Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0840
+CVE-2001-0840 (Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0839
+CVE-2001-0839 (ibillpm.pl in iBill password management system generates weak password ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0838
+CVE-2001-0838 (Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0835
+CVE-2001-0835 (Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0832
+CVE-2001-0832 (Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0831
+CVE-2001-0831 (Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0829
+CVE-2001-0829 (A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a m ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0827
+CVE-2001-0827 (Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0826
+CVE-2001-0826 (Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0824
+CVE-2001-0824 (Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0821
+CVE-2001-0821 (The default configuration of DCShop 1.002 beta places sensitive files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0820
+CVE-2001-0820 (Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to exec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0818
+CVE-2001-0818 (A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0817
+CVE-2001-0817 (Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0814
 	REJECTED
@@ -2400,160 +2400,160 @@ CVE-2001-0811
 	REJECTED
 CVE-2001-0810
 	REJECTED
-CVE-2001-0809
+CVE-2001-0809 (Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0808
+CVE-2001-0808 (gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0807
+CVE-2001-0807 (Internet Explorer 5.0, and possibly other versions, may allow remote a ...)
 	NOT-FOR-US: Microsoft
 CVE-2001-0802
 	REJECTED
-CVE-2001-0800
+CVE-2001-0800 (lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0799
+CVE-2001-0799 (Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0798
 	REJECTED
-CVE-2001-0795
+CVE-2001-0795 (Perception LiteServe 1.25 allows remote attackers to obtain source cod ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0794
+CVE-2001-0794 (Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0791
+CVE-2001-0791 (Trend Micro InterScan VirusWall for Windows NT allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0790
+CVE-2001-0790 (Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0789
+CVE-2001-0789 (Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 fo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0788
+CVE-2001-0788 (Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0786
+CVE-2001-0786 (Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0785
+CVE-2001-0785 (Directory traversal in Webpaging interface in Internet Software Soluti ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0783
+CVE-2001-0783 (Cisco TFTP server 1.1 allows remote attackers to read arbitrary files  ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0782
+CVE-2001-0782 (KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0781
+CVE-2001-0781 (Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0780
+CVE-2001-0780 (Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Direc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0778
+CVE-2001-0778 (OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0777
+CVE-2001-0777 (Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0776
+CVE-2001-0776 (Buffer overflow in DynFX MailServer version 2.10 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0775
+CVE-2001-0775 (Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux all ...)
 	{DSA-695-1}
 	- xli 1.17.0-17
-CVE-2001-0772
+CVE-2001-0772 (Buffer overflows and other vulnerabilities in multiple Common Desktop  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0771
+CVE-2001-0771 (Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0768
+CVE-2001-0768 (GuildFTPd 0.9.7 stores user names and passwords in plaintext in the de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0767
+CVE-2001-0767 (Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0766
+CVE-2001-0766 (Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0762
+CVE-2001-0762 (Buffer overflow in su-wrapper 1.1.1 allows local users to execute arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0761
+CVE-2001-0761 (Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager 1. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0759
+CVE-2001-0759 (Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0758
+CVE-2001-0758 (Directory traversal vulnerability in Shambala 4.5 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0756
+CVE-2001-0756 (CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in VirtualC ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0755
+CVE-2001-0755 (Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0753
+CVE-2001-0753 (Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0747
+CVE-2001-0747 (Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0746
+CVE-2001-0746 (Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0744
+CVE-2001-0744 (Horde IMP 2.2.4 and earlier allows local users to overwrite files via  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0743
+CVE-2001-0743 (Paging function in O'Reilly WebBoard Pager 4.10 allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0742
+CVE-2001-0742 (Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0737
+CVE-2001-0737 (A long 'synch' delay in Logitech wireless mice and keyboard receivers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0736
+CVE-2001-0736 (Vulnerability in (1) pine before 4.33 and (2) the pico editor, include ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0735
+CVE-2001-0735 (Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARS ...)
 	- cfingerd 1.4.3-1.1 (bug #104394)
 	NOTE: 1.4.3-1.2 is not in the PTS, but 1.4.3-1.2 incorporates
 	NOTE: its changes.
-CVE-2001-0734
+CVE-2001-0734 (Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0729
+CVE-2001-0729 (Apache 1.3.20 on Windows servers allows remote attackers to bypass the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0725
 	RESERVED
-CVE-2001-0721
+CVE-2001-0721 (Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0715
+CVE-2001-0715 (Sendmail before 8.12.1, without the RestrictQueueRun option enabled, a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0714
+CVE-2001-0714 (Sendmail before 8.12.1, without the RestrictQueueRun option enabled, a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0713
+CVE-2001-0713 (Sendmail before 8.12.1 does not properly drop privileges when the -C o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0712
+CVE-2001-0712 (The rendering engine in Internet Explorer determines the MIME type ind ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0711
+CVE-2001-0711 (Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a d ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0709
+CVE-2001-0709 (Microsoft IIS 4.0 and before, when installed on a FAT partition, allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0708
+CVE-2001-0708 (Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0707
+CVE-2001-0707 (Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a den ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0705
+CVE-2001-0705 (Directory traversal vulnerability in tradecli.dll in Arcadia Internet  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0704
+CVE-2001-0704 (tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0703
+CVE-2001-0703 (tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0702
+CVE-2001-0702 (Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0695
+CVE-2001-0695 (WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0694
+CVE-2001-0694 (Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0693
+CVE-2001-0693 (WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view sc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0691
+CVE-2001-0691 (Buffer overflows in Washington University imapd 2000a through 2000c co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0689
+CVE-2001-0689 (Vulnerability in TrendMicro Virus Control System 1.8 allows a remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0688
+CVE-2001-0688 (Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0687
+CVE-2001-0687 (Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0684
+CVE-2001-0684 (Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0683
+CVE-2001-0683 (Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0681
+CVE-2001-0681 (Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0679
+CVE-2001-0679 (A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0678
+CVE-2001-0678 (A buffer overflow in reggo.dll file used by Trend Micro InterScan Viru ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0674
+CVE-2001-0674 (Directory traversal vulnerability in RobTex Viking Web server before 1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0673
 	RESERVED
 CVE-2001-0672
 	RESERVED
-CVE-2001-0671
+CVE-2001-0671 (Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0669
+CVE-2001-0669 (Various Intrusion Detection Systems (IDS) including (1) Cisco Secure I ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0661
 	RESERVED
@@ -2565,625 +2565,625 @@ CVE-2001-0655
 	REJECTED
 CVE-2001-0654
 	REJECTED
-CVE-2001-0649
+CVE-2001-0649 (Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0647
+CVE-2001-0647 (Orange Web Server 2.1, based on GoAhead, allows a remote attacker to p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0645
+CVE-2001-0645 (Symantec/AXENT NetProwler 3.5.x contains several default passwords, wh ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0642
+CVE-2001-0642 (Directory traversal vulnerability in IncrediMail version 1400185 and e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0636
+CVE-2001-0636 (Buffer overflows in Raytheon SilentRunner allow remote attackers to (1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0633
+CVE-2001-0633 (Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Un ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0632
+CVE-2001-0632 (Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0624
+CVE-2001-0624 (QNX 2.4 allows a local user to read arbitrary files by directly access ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0623
+CVE-2001-0623 (sendfiled, as included with Simple Asynchronous File Transfer (SAFT),  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0620
+CVE-2001-0620 (iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to g ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0619
+CVE-2001-0619 (The Lucent Closed Network protocol can allow remote attackers to join  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0618
+CVE-2001-0618 (Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0617
+CVE-2001-0617 (Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0614
+CVE-2001-0614 (Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0610
+CVE-2001-0610 (kfm as included with KDE 1.x can allow a local attacker to gain additi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0609
+CVE-2001-0609 (Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0608
+CVE-2001-0608 (HP architected interface facility (AIF) as includes with MPE/iX 5.5 th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0607
+CVE-2001-0607 (asecure as included with HP-UX 10.01 through 11.00 can allow a local a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0606
+CVE-2001-0606 (Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with Vir ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0605
+CVE-2001-0605 (Headlight Software MyGetright prior to 1.0b allows a remote attacker t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0604
+CVE-2001-0604 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0603
+CVE-2001-0603 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0602
+CVE-2001-0602 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0601
+CVE-2001-0601 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0600
+CVE-2001-0600 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0599
+CVE-2001-0599 (Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0598
+CVE-2001-0598 (Symantec Ghost 6.5 and earlier allows a remote attacker to create a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0597
+CVE-2001-0597 (Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0592
+CVE-2001-0592 (Watchguard Firebox II prior to 4.6 allows a remote attacker to create  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0588
+CVE-2001-0588 (sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenS ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0587
+CVE-2001-0587 (deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a lo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0584
+CVE-2001-0584 (IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0583
+CVE-2001-0583 (Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0582
+CVE-2001-0582 (Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0581
+CVE-2001-0581 (Spytech Spynet Chat Server 6.5 allows a remote attacker to create a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0580
+CVE-2001-0580 (Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0579
+CVE-2001-0579 (lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain add ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0578
+CVE-2001-0578 (Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a loc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0577
+CVE-2001-0577 (recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0576
+CVE-2001-0576 (lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a  lo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0575
+CVE-2001-0575 (Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0572
+CVE-2001-0572 (The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and ot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0571
+CVE-2001-0571 (Directory traversal vulnerability in the web server for (1) Elron Inte ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0570
+CVE-2001-0570 (minicom 1.83.1 and earlier allows a local attacker to gain additional  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0569
+CVE-2001-0569 (Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0568
+CVE-2001-0568 (Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker (Z ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0566
+CVE-2001-0566 (Cisco Catalyst 2900XL switch allows a remote attacker to create a deni ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0562
+CVE-2001-0562 (a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0561
+CVE-2001-0561 (Directory traversal vulnerability in Drummond Miles A1Stats prior to 1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0557
+CVE-2001-0557 (T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0556
+CVE-2001-0556 (The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0555
+CVE-2001-0555 (ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0552
+CVE-2001-0552 (ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Net ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0551
+CVE-2001-0551 (Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0542
+CVE-2001-0542 (Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers  ...)
 	NOT-FOR-US: Microsoft
 CVE-2001-0539
 	RESERVED
-CVE-2001-0535
+CVE-2001-0535 (Example applications (Exampleapps) in ColdFusion Server 4.x do not pro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0534
+CVE-2001-0534 (Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0532
 	RESERVED
 CVE-2001-0531
 	RESERVED
-CVE-2001-0524
+CVE-2001-0524 (eEye SecureIIS versions 1.0.3 and earlier does not perform length chec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0523
+CVE-2001-0523 (eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0521
+CVE-2001-0521 (Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0520
+CVE-2001-0520 (Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0519
+CVE-2001-0519 (Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0516
+CVE-2001-0516 (Oracle listener between Oracle 9i and Oracle 8.0 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0515
+CVE-2001-0515 (Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0509
+CVE-2001-0509 (Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 a ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0505
+CVE-2001-0505 (Multiple memory leaks in Microsoft Services for Unix 2.0 allow remote  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0499
+CVE-2001-0499 (Buffer overflow in Transparent Network Substrate (TNS) Listener in Ora ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0498
+CVE-2001-0498 (Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i 8. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0496
+CVE-2001-0496 (kdesu in kdelibs package creates world readable temporary files contai ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0492
+CVE-2001-0492 (Netcruiser Web server version 0.1.2.8 and earlier allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0491
+CVE-2001-0491 (Directory traversal vulnerability in RaidenFTPD Server 2.1 before buil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0490
+CVE-2001-0490 (Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0484
+CVE-2001-0484 (Tektronix PhaserLink 850 does not require authentication for access to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0483
+CVE-2001-0483 (Configuration error in Axent Raptor Firewall 6.5 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0480
+CVE-2001-0480 (Directory traversal vulnerability in Alex's FTP Server 0.7 allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0479
+CVE-2001-0479 (Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier vers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0478
+CVE-2001-0478 (Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier vers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0477
+CVE-2001-0477 (Vulnerability in WebCalendar 0.9.26 allows remote command execution. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0476
+CVE-2001-0476 (Multiple buffer overflows in s.cgi program in Aspseek search engine 1. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0472
+CVE-2001-0472 (Hursley Software Laboratories Consumer Transaction Framework (HSLCTF)  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0471
+CVE-2001-0471 (SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0470
+CVE-2001-0470 (Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0468
+CVE-2001-0468 (Buffer overflow in FTPFS allows local users to gain root privileges vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0466
+CVE-2001-0466 (Directory traversal vulnerability in ustorekeeper 1.61 allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0464
+CVE-2001-0464 (Buffer overflow in websync.exe in Cyberscheduler allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0460
+CVE-2001-0460 (Websweeper 4.0 does not limit the length of certain HTTP headers, whic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0459
+CVE-2001-0459 (Buffer overflows in ascdc Afterstep while running setuid allows local  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0458
+CVE-2001-0458 (Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0454
+CVE-2001-0454 (Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0453
+CVE-2001-0453 (Directory traversal vulnerability in BRS WebWeaver HTTP server allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0452
+CVE-2001-0452 (BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0451
+CVE-2001-0451 (INDEXU 2.0 beta and earlier allows remote attackers to bypass authenti ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0450
+CVE-2001-0450 (Directory traversal vulnerability in Transsoft FTP Broker before 5.5 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0448
+CVE-2001-0448 (Web configuration server in 602Pro LAN SUITE allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0447
+CVE-2001-0447 (Web configuration server in 602Pro LAN SUITE allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0446
+CVE-2001-0446 (IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0443
+CVE-2001-0443 (Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0441
+CVE-2001-0441 (Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn n ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0438
+CVE-2001-0438 (Preview version of Timbuktu for Mac OS X allows local users to modify  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0437
+CVE-2001-0437 (upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0436
+CVE-2001-0436 (dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arb ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0435
+CVE-2001-0435 (The split key mechanism used by PGP 7.0 allows a key share holder to o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0433
+CVE-2001-0433 (Buffer overflow in Savant 3.0 web server allows remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0432
+CVE-2001-0432 (Buffer overflows in various CGI programs in the remote administration  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0431
+CVE-2001-0431 (Vulnerability in iPlanet Web Server Enterprise Edition 4.x. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0426
+CVE-2001-0426 (Buffer overflow in dtsession on Solaris, and possibly other operating  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0425
+CVE-2001-0425 (AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileg ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0424
+CVE-2001-0424 (BubbleMon 1.31 does not properly drop group privileges before executin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0421
+CVE-2001-0421 (FTP server in Solaris 8 and earlier allows local and remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0420
+CVE-2001-0420 (Directory traversal vulnerability in talkback.cgi program allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0419
+CVE-2001-0419 (Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iW ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0418
+CVE-2001-0418 (content.pl script in NCM Content Management System allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0417
+CVE-2001-0417 (Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0415
+CVE-2001-0415 (REDIPlus program, REDI.exe, stores passwords and user names in clearte ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0411
+CVE-2001-0411 (Reliant Unix 5.44 and earlier allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0410
+CVE-2001-0410 (Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0406
+CVE-2001-0406 (Samba before 2.2.0 allows local attackers to overwrite arbitrary files ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0404
+CVE-2001-0404 (Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0403
+CVE-2001-0403 (/opt/JSparm/bin/perfmon program in Solaris allows local users to creat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0401
+CVE-2001-0401 (Buffer overflow in tip in Solaris 8 and earlier allows local users to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0400
+CVE-2001-0400 (nph-maillist.pl allows remote attackers to execute arbitrary commands  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0399
+CVE-2001-0399 (Caucho Resin 1.3b1 and earlier allows remote attackers to read source  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0398
+CVE-2001-0398 (The BAT! mail client allows remote attackers to bypass user warnings o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0397
+CVE-2001-0397 (Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0396
+CVE-2001-0396 (The pre-login mode in the System Administrator interface of Lightwave  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0395
+CVE-2001-0395 (Lightwave ConsoleServer 3200 does not disconnect users after unsuccess ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0393
+CVE-2001-0393 (Navision Financials Server 2.0 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0392
+CVE-2001-0392 (Navision Financials Server 2.60 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0391
+CVE-2001-0391 (Xitami 2.5d4 and earlier allows remote attackers to crash the server v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0390
+CVE-2001-0390 (IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0389
+CVE-2001-0389 (IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0385
+CVE-2001-0385 (GoAhead webserver 2.1 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0384
+CVE-2001-0384 (ppd in Reliant Sinix allows local users to corrupt arbitrary files via ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0382
+CVE-2001-0382 (Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak encr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0381
+CVE-2001-0381 (The OpenPGP PGP standard allows an attacker to determine the private s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0380
+CVE-2001-0380 (Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0376
+CVE-2001-0376 (SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0374
+CVE-2001-0374 (The HTTP server in Compaq web-enabled management software for (1) Foun ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0372
+CVE-2001-0372 (Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a def ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0370
+CVE-2001-0370 (fcheck prior to 2.57.59 calls the file signature checking program inse ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0369
+CVE-2001-0369 (Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0367
+CVE-2001-0367 (Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0360
+CVE-2001-0360 (Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0359
+CVE-2001-0359 (Format string vulnerability in Sierra Half-Life build 1573 and earlier ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0358
+CVE-2001-0358 (Buffer overflows in Sierra Half-Life build 1573 and earlier allow remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0357
+CVE-2001-0357 (FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0355
+CVE-2001-0355 (Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0354
+CVE-2001-0354 (TheNet CheckBO 1.56 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0352
+CVE-2001-0352 (SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0350
+CVE-2001-0350 (Microsoft Windows 2000 telnet service creates named pipes with predict ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0349
+CVE-2001-0349 (Microsoft Windows 2000 telnet service creates named pipes with predict ...)
 	NOT-FOR-US: Microsoft
 CVE-2001-0343
 	RESERVED
 CVE-2001-0342
 	RESERVED
-CVE-2001-0337
+CVE-2001-0337 (The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier in ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0332
+CVE-2001-0332 (Internet Explorer 5.5 and earlier does not properly verify the domain  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0329
+CVE-2001-0329 (Bugzilla 2.10 allows remote attackers to execute arbitrary commands vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0328
+CVE-2001-0328 (TCP implementations that use random increments for initial sequence nu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0325
+CVE-2001-0325 (Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0324
+CVE-2001-0324 (Windows 98 and Windows 2000 Java clients allow remote attackers to cau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0323
+CVE-2001-0323 (The ICMP path MTU (PMTU) discovery feature in various UNIX systems all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0322
+CVE-2001-0322 (MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0320
+CVE-2001-0320 (bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0315
+CVE-2001-0315 (The locking feature in mIRC 5.7 allows local users to bypass the passw ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0314
+CVE-2001-0314 (Buffer overflow in www.tol module in America Online (AOL) 5.0 may allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0313
+CVE-2001-0313 (Borderware Firewall Server 6.1.2 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0312
+CVE-2001-0312 (IBM WebSphere plugin for Netscape Enterprise server allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0308
+CVE-2001-0308 (UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0307
+CVE-2001-0307 (Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0306
+CVE-2001-0306 (Directory traversal vulnerability in ITAfrica WEBactive HTTP Server 1. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0305
+CVE-2001-0305 (Directory traversal vulnerability in store.cgi in Thinking Arts ES.One ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0304
+CVE-2001-0304 (Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0303
+CVE-2001-0303 (tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to det ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0302
+CVE-2001-0302 (Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0300
+CVE-2001-0300 (oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (lda ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0298
+CVE-2001-0298 (Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to cau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0297
+CVE-2001-0297 (Directory traversal vulnerability in Simple Server HTTPd 1.0 (original ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0296
+CVE-2001-0296 (Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0294
+CVE-2001-0294 (Directory traversal vulnerability in TYPSoft FTP Server 0.85 allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0293
+CVE-2001-0293 (Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0292
+CVE-2001-0292 (PHP-Nuke 4.4.1a allows remote attackers to modify a user's email addre ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0291
+CVE-2001-0291 (Buffer overflow in post-query sample CGI program allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0286
+CVE-2001-0286 (Directory traversal vulnerability in A1 HTTP server 1.0a allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0285
+CVE-2001-0285 (Buffer overflow in A1 HTTP server 1.0a allows remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0283
+CVE-2001-0283 (Directory traversal vulnerability in SunFTP build 9 allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0282
+CVE-2001-0282 (SEDUM 2.1 HTTP server allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0281
+CVE-2001-0281 (Format string vulnerability in DbgPrint function, used in debug messag ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0277
+CVE-2001-0277 (Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0275
+CVE-2001-0275 (Moby Netsuite Web Server 1.02 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0273
+CVE-2001-0273 (pgp4pine Pine/PGP interface version 1.75-6 does not properly check to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0272
+CVE-2001-0272 (Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0271
+CVE-2001-0271 (mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0270
+CVE-2001-0270 (Marconi ASX-1000 ASX switches allow remote attackers to cause a denial ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0264
+CVE-2001-0264 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0263
+CVE-2001-0263 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0262
+CVE-2001-0262 (Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0261
+CVE-2001-0261 (Microsoft Windows 2000 Encrypted File System does not properly destroy ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0258
+CVE-2001-0258 (The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0257
+CVE-2001-0257 (Buffer overflow in Easycom/Safecom Print Server Web service, version 4 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0256
+CVE-2001-0256 (FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0255
+CVE-2001-0255 (FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary di ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0254
+CVE-2001-0254 (FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0253
+CVE-2001-0253 (Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0251
+CVE-2001-0251 (The Web Publishing feature in Netscape Enterprise Server 3.x allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0250
+CVE-2001-0250 (The Web Publishing feature in Netscape Enterprise Server 4.x and earli ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0249
+CVE-2001-0249 (Heap overflow in FTP daemon in Solaris 8 allows remote attackers to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0248
+CVE-2001-0248 (Buffer overflow in FTP server in HPUX 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0247
+CVE-2001-0247 (Buffer overflows in BSD-based FTP servers allows remote attackers to e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0246
+CVE-2001-0246 (Internet Explorer 5.5 and earlier does not properly verify the domain  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0242
+CVE-2001-0242 (Buffer overflows in Microsoft Windows Media Player 7 and earlier allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0232
+CVE-2001-0232 (newsdesk.cgi in News Desk 1.2 allows remote attackers to read arbitrar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0231
+CVE-2001-0231 (Directory traversal vulnerability in newsdesk.cgi in News Desk 1.2 all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0229
+CVE-2001-0229 (Chili!Soft ASP for Linux before 3.6 does not properly set group privil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0228
+CVE-2001-0228 (Directory traversal vulnerability in GoAhead web server 2.1 and earlie ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0227
+CVE-2001-0227 (Buffer overflow in BiblioWeb web server 2.0 allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0226
+CVE-2001-0226 (Directory traversal vulnerability in BiblioWeb web server 2.0 allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0225
+CVE-2001-0225 (fortran math component in Infobot 0.44.5.3 and earlier allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0224
+CVE-2001-0224 (Muscat Empower CGI program allows remote attackers to obtain the absol ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0223
+CVE-2001-0223 (Buffer overflow in wwwwais allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0220
+CVE-2001-0220 (Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0217
+CVE-2001-0217 (Directory traversal vulnerability in PALS Library System pals-cgi prog ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0216
+CVE-2001-0216 (PALS Library System pals-cgi program allows remote attackers to execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0214
+CVE-2001-0214 (Way-board CGI program allows remote attackers to read arbitrary files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0213
+CVE-2001-0213 (Buffer overflow in pi program in PlanetIntra 2.5 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0212
+CVE-2001-0212 (Directory traversal vulnerability in HIS Auktion 1.62 allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0211
+CVE-2001-0211 (Directory traversal vulnerability in WebSPIRS 3.1 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0210
+CVE-2001-0210 (Directory traversal vulnerability in commerce.cgi CGI program allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0209
+CVE-2001-0209 (Buffer overflow in Shoutcast Distributed Network Audio Server (DNAS) 1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0208
+CVE-2001-0208 (MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0206
+CVE-2001-0206 (Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0205
+CVE-2001-0205 (Directory traversal vulnerability in AOLserver 3.2 and earlier allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0202
+CVE-2001-0202 (Picserver web server allows remote attackers to read arbitrary files v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0201
+CVE-2001-0201 (The Postaci frontend for PostgreSQL does not properly filter character ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0200
+CVE-2001-0200 (HSWeb 2.0 HTTP server allows remote attackers to obtain the physical p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0199
+CVE-2001-0199 (Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0198
+CVE-2001-0198 (Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0192
+CVE-2001-0192 (Buffer overflows in CTRLServer in XMail allows attackers to execute ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0188
+CVE-2001-0188 (GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0186
+CVE-2001-0186 (Directory traversal vulnerability in Free Java Web Server 1.0 allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0184
+CVE-2001-0184 (eEye Iris 1.01 beta allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0181
+CVE-2001-0181 (Format string vulnerability in the error logging code of DHCP server a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0180
+CVE-2001-0180 (Lars Ellingsen guestserver.cgi allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0177
+CVE-2001-0177 (WebMaster ConferenceRoom 1.8.1 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0173
+CVE-2001-0173 (Buffer overflow in qDecoder library 5.08 and earlier, as used in Crazy ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0172
+CVE-2001-0172 (Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0171
+CVE-2001-0171 (Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0168
+CVE-2001-0168 (Buffer overflow in AT&amp;T WinVNC (Virtual Network Computing) server  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0167
+CVE-2001-0167 (Buffer overflow in AT&amp;T WinVNC (Virtual Network Computing) client  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0163
+CVE-2001-0163 (Cisco AP340 base station produces predictable TCP Initial Sequence Num ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0162
+CVE-2001-0162 (WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers (ISN ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0161
+CVE-2001-0161 (Cisco 340-series Aironet access point using firmware 11.01 does not us ...)
 	NOT-FOR-US: Cisco
-CVE-2001-0160
+CVE-2001-0160 (Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vecto ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-0159
 	RESERVED
 CVE-2001-0158
 	RESERVED
-CVE-2001-0146
+CVE-2001-0146 (IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0145
+CVE-2001-0145 (Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook E ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0135
+CVE-2001-0135 (The default installation of Ultraboard 2000 2.11 creates the Skins, Da ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0134
+CVE-2001-0134 (Buffer overflow in cpqlogin.htm in web-enabled agents for various Comp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0133
+CVE-2001-0133 (The web administration interface for Interscan VirusWall 3.6.x and ear ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0132
+CVE-2001-0132 (Interscan VirusWall 3.6.x and earlier follows symbolic links when unin ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0131
+CVE-2001-0131 (htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local ...)
 	{DSA-195 DSA-188 DSA-187}
 	- apache-perl 1.3.26-1.1-1.27-3-1
 	- apache 1.3.27-1
-CVE-2001-0127
+CVE-2001-0127 (Buffer overflow in Olivier Debon Flash plugin (not the Macromedia plug ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0114
+CVE-2001-0114 (statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to overwrite  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0113
+CVE-2001-0113 (statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0112
+CVE-2001-0112 (Multiple buffer overflows in splitvt before 1.6.5 allow local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0107
+CVE-2001-0107 (Veritas Backup agent on Linux allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0104
+CVE-2001-0104 (MDaemon Pro 3.5.1 and earlier allows local users to bypass the "lock s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0103
+CVE-2001-0103 (CoffeeCup Direct and Free FTP clients uses weak encryption to store pa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0102
+CVE-2001-0102 ("Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0101
+CVE-2001-0101 (Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSS ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0098
+CVE-2001-0098 (Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0097
+CVE-2001-0097 (The Web interface for Infinite Interchange 3.6.1 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0093
+CVE-2001-0093 (Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain roo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0088
+CVE-2001-0088 (common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CO ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0087
+CVE-2001-0087 (itetris/xitetris 1.6.2 and earlier trusts the PATH environmental varia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0086
+CVE-2001-0086 (CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0084
+CVE-2001-0084 (GTK+ library allows local users to specify arbitrary modules via the G ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0082
+CVE-2001-0082 (Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0079
+CVE-2001-0079 (Support Tools Manager (STM) A.22.00 for HP-UX allows local users to ov ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0076
+CVE-2001-0076 (register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0075
+CVE-2001-0075 (Directory traversal vulnerability in main.cgi in Technote allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0074
+CVE-2001-0074 (Directory traversal vulnerability in print.cgi in Technote allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0073
+CVE-2001-0073 (Buffer overflow in the find_default_type function in libsecure in NSA  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0070
+CVE-2001-0070 (Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0068
+CVE-2001-0068 (Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use mal ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0067
+CVE-2001-0067 (The installation of J-Pilot creates the .jpilot directory with the use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0065
+CVE-2001-0065 (Buffer overflow in bftpd 1.0.13 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0064
+CVE-2001-0064 (Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0052
+CVE-2001-0052 (IBM DB2 Universal Database version 6.1 allows users to cause a denial  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0051
+CVE-2001-0051 (IBM DB2 Universal Database version 6.1 creates an account with a defau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0049
+CVE-2001-0049 (WatchGuard SOHO FireWall 2.2.1 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0048
+CVE-2001-0048 (The "Configure Your Server" tool in Microsoft 2000 domain controllers  ...)
 	NOT-FOR-US: Microsoft
-CVE-2001-0047
+CVE-2001-0047 (The default permissions for the MTS Package Administration registry ke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0046
+CVE-2001-0046 (The default permissions for the SNMP Parameters registry key in Window ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0045
+CVE-2001-0045 (The default permissions for the RAS Administration key in Windows NT 4 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0044
+CVE-2001-0044 (Multiple buffer overflows in Lexmark MarkVision printer driver program ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0038
+CVE-2001-0038 (Offline Explorer 1.4 before Service Release 2 allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0037
+CVE-2001-0037 (Directory traversal vulnerability in HomeSeer before 1.4.29 allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0032
+CVE-2001-0032 (Format string vulnerability in ssldump possibly allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0031
+CVE-2001-0031 (BroadVision One-To-One Enterprise allows remote attackers to determine ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0030
+CVE-2001-0030 (FoolProof 3.9 allows local users to bypass program execution restricti ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0029
+CVE-2001-0029 (Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other ver ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0027
+CVE-2001-0027 (mod_sqlpw module in ProFTPD does not reset a cached password when a us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0025
+CVE-2001-0025 (ad.cgi CGI program by Leif Wright allows remote attackers to execute a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0024
+CVE-2001-0024 (simplestmail.cgi CGI program by Leif Wright allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0023
+CVE-2001-0023 (everythingform.cgi CGI program by Leif Wright allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0022
+CVE-2001-0022 (simplestguest.cgi CGI program by Leif Wright allows remote attackers t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2001-0019
+CVE-2001-0019 (Arrowpoint (aka Cisco Content Services, or CSS) allows local users to  ...)
 	NOT-FOR-US: Cisco
diff --git a/data/CVE/2002.list b/data/CVE/2002.list
index 6af08a4d2c..f0c4a4f9d8 100644
--- a/data/CVE/2002.list
+++ b/data/CVE/2002.list
@@ -1,8 +1,8 @@
 CVE-2002-2447
 	RESERVED
-CVE-2002-2446
+CVE-2002-2446 (GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2445
+CVE-2002-2445 (GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-2483
 	- linux-2.6 2.4.20
@@ -11,7 +11,7 @@ CVE-2002-2444 [snoopy: Security hole in exec cURL]
 	- libphp-snoopy <not-affected> (affected version never was in the repo)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/07/18/2
 	NOTE: http://sourceforge.net/p/snoopy/bugs/13/
-CVE-2002-2443
+CVE-2002-2443 (schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) ...)
 	{DSA-2701-1}
 	- krb5 1.10.1+dfsg-6 (bug #708267)
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637
@@ -44,648 +44,648 @@ CVE-2002-2439
 CVE-2002-2438
 	RESERVED
 	NOT-FOR-US: ancient linux 2.4 issue
-CVE-2002-2437
+CVE-2002-2437 (The JavaScript implementation in Mozilla Firefox before 4.0, Thunderbi ...)
 	- iceweasel 4.0-1 (unimportant)
-CVE-2002-2436
+CVE-2002-2436 (The Cascading Style Sheets (CSS) implementation in Mozilla Firefox bef ...)
 	- iceweasel 4.0-1 (unimportant)
-CVE-2002-2435
+CVE-2002-2435 (The Cascading Style Sheets (CSS) implementation in Microsoft Internet  ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2002-2434
+CVE-2002-2434 (NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not p ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2002-2433
+CVE-2002-2433 (NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows rem ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2002-2432
+CVE-2002-2432 (Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2002-2431
+CVE-2002-2431 (Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows rem ...)
 	NOT-FOR-US: GoAhead WebServer
-CVE-2002-2430
+CVE-2002-2430 (GoAhead WebServer before 2.1.1 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: GoAhead WebServer
-CVE-2002-2429
+CVE-2002-2429 (webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to ca ...)
 	NOT-FOR-US: GoAhead WebServer
-CVE-2002-2428
+CVE-2002-2428 (webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to ca ...)
 	NOT-FOR-US: GoAhead WebServer
-CVE-2002-2427
+CVE-2002-2427 (The security handler in GoAhead WebServer before 2.1.1 allows remote a ...)
 	NOT-FOR-US: GoAhead WebServer
-CVE-2002-2426
+CVE-2002-2426 (Cross-site request forgery (CSRF) vulnerability in Citrix Presentation ...)
 	NOT-FOR-US: predating security tracker
-CVE-2002-2425
+CVE-2002-2425 (Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2424
+CVE-2002-2424 (Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2423
+CVE-2002-2423 (Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2422
+CVE-2002-2422 (Cross-site scripting (XSS) vulnerability in Compaq Insight Management  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2421
+CVE-2002-2421 (acWEB 1.14 allows remote attackers to cause a denial of service (crash ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2420
+CVE-2002-2420 (site_searcher.cgi in Super Site Searcher allows remote attackers to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2419
+CVE-2002-2419 (Direct connect text client (DCTC) client 0.83.3 allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2418
+CVE-2002-2418 (Cross-site scripting (XSS) vulnerability in acFreeProxy (aka acFP) 1.3 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2417
+CVE-2002-2417 (acFTP 1.4 does not properly handle when an invalid password is provide ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2416
+CVE-2002-2416 (Directory traversal vulnerability in Zeroo web server 1.5 allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2415
+CVE-2002-2415 (Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2414
+CVE-2002-2414 (Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2413
+CVE-2002-2413 (WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2412
+CVE-2002-2412 (Winamp 2.80 stores authentication credentials in plaintext in the (1)  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2411
+CVE-2002-2411 (Buffer overflow in badmin.c in BannerWheel 1.0 allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2410
+CVE-2002-2410 (openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive informat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2409
+CVE-2002-2409 (Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2408
+CVE-2002-2408 (Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters ema ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2407
+CVE-2002-2407 (Certain patches for QNX Neutrino realtime operating system (RTOS) 6.2. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2406
+CVE-2002-2406 (Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2405
+CVE-2002-2405 (Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth con ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2404
+CVE-2002-2404 (Buffer overflow in IISPop email server 1.161 and 1.181 allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2403
+CVE-2002-2403 (Directory traversal vulnerability in KeyFocus web server 1.0.8 allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2402
+CVE-2002-2402 (SURECOM broadband router EP-4501 uses a default SNMP read community st ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2401
+CVE-2002-2401 (NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2400
+CVE-2002-2400 (Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2399
+CVE-2002-2399 (Directory traversal vulnerability in viewAttachment.cgi in W3Mail 1.0. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2398
+CVE-2002-2398 (The new thread posting page in APBoard 2.02 and 2.03 allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2397
+CVE-2002-2397 (Sygate personal firewall 5.0 could allow remote attackers to bypass fi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2396
+CVE-2002-2396 (Buffer overflow in Advanced TFTP (atftp) 0.5 and 0.6, if installed set ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2395
+CVE-2002-2395 (InterScan VirusWall 3.52 for Windows allows remote attackers to bypass ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2394
+CVE-2002-2394 (InterScan VirusWall 3.6 for Linux and 3.52 for Windows allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2393
+CVE-2002-2393 (Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2392
+CVE-2002-2392 (Winamp 2.65 through 3.0 stores skin files in a predictable file locati ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2391
+CVE-2002-2391 (SQL injection vulnerability in index.php of WebChat 1.5 included in XO ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2390
+CVE-2002-2390 (Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2389
+CVE-2002-2389 (TheServer 1.74 web server stores server.ini under the web document roo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2388
+CVE-2002-2388 (Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2387
+CVE-2002-2387 (Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2386
+CVE-2002-2386 (Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2385
+CVE-2002-2385 (Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2384
+CVE-2002-2384 (hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleart ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2383
+CVE-2002-2383 (SQL injection vulnerability in f2html.pl 0.1 through 0.4 allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2382
+CVE-2002-2382 (cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2381
+CVE-2002-2381 (Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2380
+CVE-2002-2380 (NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-2379
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2378
+CVE-2002-2378 (Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2377
+CVE-2002-2377 (Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2376
+CVE-2002-2376 (Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2375
+CVE-2002-2375 (Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2374
+CVE-2002-2374 (Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2373
+CVE-2002-2373 (The default configuration of the TCP/IP printer configuration utility  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2372
+CVE-2002-2372 (The telnet server in Infoprint 21 running controller software before 1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2371
+CVE-2002-2371 (Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2370
+CVE-2002-2370 (SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2369
+CVE-2002-2369 (Perception LiteServe 2.0 allows remote attackers to read password prot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2368
+CVE-2002-2368 (Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2367
+CVE-2002-2367 (Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2366
+CVE-2002-2366 (Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2365
+CVE-2002-2365 (Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2364
+CVE-2002-2364 (Cross-site scripting (XSS) vulnerability in PHP Ticket 0.5 and earlier ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2363
+CVE-2002-2363 (VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow lo ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2362
+CVE-2002-2362 (Cross-site scripting (XSS) vulnerability in form_header.php in MyMarke ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2361
+CVE-2002-2361 (The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify pac ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2360
+CVE-2002-2360 (The RPC module in Webmin 0.21 through 0.99, when installed without roo ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2359
+CVE-2002-2359 (Cross-site scripting (XSS) vulnerability in the FTP view feature in Mo ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2358
+CVE-2002-2358 (Cross-site scripting (XSS) vulnerability in the FTP view feature in Op ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2357
+CVE-2002-2357 (MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a  ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2356
+CVE-2002-2356 (HAMweather 2.x allows remote attackers to modify administrative settin ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2355
+CVE-2002-2355 (Netgear FM114P firmware 1.3 wireless firewall, when configured to back ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2354
+CVE-2002-2354 (Netgear FM114P firmware 1.3 wireless firewall allows remote attackers  ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2353
+CVE-2002-2353 (tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbit ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2352
+CVE-2002-2352 (The NBActiveX.ocx ActiveX control in NeoBook 4 allows remote attackers ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2351
+CVE-2002-2351 (Eudora 5.1 allows remote attackers to bypass security warnings and pos ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2350
+CVE-2002-2350 (Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreel ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2349
+CVE-2002-2349 (phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which all ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2348
+CVE-2002-2348 (Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR  ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2347
+CVE-2002-2347 (Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (O ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2346
+CVE-2002-2346 (phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2345
+CVE-2002-2345 (Oracle 9i Application Server 9.0.2 stores the web cache administrator  ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2344
+CVE-2002-2344 (Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail int ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2343
+CVE-2002-2343 (Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 all ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2342
+CVE-2002-2342 (Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.d ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2341
+CVE-2002-2341 (Cross-site scripting (XSS) vulnerability in content blocking in SonicW ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2340
+CVE-2002-2340 (Cross-site scripting (XSS) vulnerability in read.php in Phorum 3.3.2a  ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2339
+CVE-2002-2339 (Cross-site scripting (XSS) vulnerability in configure.asp in Script-Sh ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2338
+CVE-2002-2338 (The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communic ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2337
+CVE-2002-2337 (Kaspersky Anti-Hacker 1.0, when configured to automatically block atta ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2336
+CVE-2002-2336 (Norton Personal Firewall 2002 4.0, when configured to automatically bl ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2335
+CVE-2002-2335 (Killer Protection 1.0 stores the vars.inc include file under the web r ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2334
+CVE-2002-2334 (Joe text editor 2.8 through 2.9.7 does not remove the group and user s ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2333
+CVE-2002-2333 (Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows r ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2332
+CVE-2002-2332 (Buffer overflow in Opera 6.01 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2331
+CVE-2002-2331 (W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2330
+CVE-2002-2330 (Cross-site scripting (XSS) vulnerability in stat.pl in StatsPlus 1.25  ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2329
+CVE-2002-2329 (ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a d ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2328
+CVE-2002-2328 (Active Directory in Windows 2000, when supporting Kerberos V authentic ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2327
+CVE-2002-2327 (Unspecified vulnerability in the environmental monitoring subsystem in ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2326
+CVE-2002-2326 (The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4  ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2325
+CVE-2002-2325 (The c-client library in Internet Message Access Protocol (IMAP) dated  ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2324
+CVE-2002-2324 (The "System Restore" directory and subdirectories, and possibly other  ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2323
+CVE-2002-2323 (Sun PC NetLink 1.0 through 1.2 does not properly set the access contro ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2322
+CVE-2002-2322 (Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2321
+CVE-2002-2321 (Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) ad ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2320
+CVE-2002-2320 (MySimpleNews 1.0 allows remote attackers to delete arbitrary email mes ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2319
+CVE-2002-2319 (Static code injection vulnerability in users.php in MySimpleNews allow ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2318
+CVE-2002-2318 (Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.10 ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2317
+CVE-2002-2317 (Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociR ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2316
+CVE-2002-2316 (Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7. ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2315
+CVE-2002-2315 (Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect ta ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2314
+CVE-2002-2314 (Mozilla 1.0 allows remote attackers to steal cookies from other domain ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2313
+CVE-2002-2313 (Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2312
+CVE-2002-2312 (Opera 6.0.1 allows remote attackers to upload arbitrary file contents  ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2311
+CVE-2002-2311 (Microsoft Internet Explorer 6.0 and possibly others allows remote atta ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2310
+CVE-2002-2310 (ClickCartPro 4.0 stores the admin_user.db data file under the web docu ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2309
+CVE-2002-2309 (php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not ter ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2308
+CVE-2002-2308 (Netscape Communicator 6.2.1 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2307
+CVE-2002-2307 (The default configuration of BenHur Firewall release 3 update 066 fix  ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2002-2306
+CVE-2002-2306 (Sharman Networks KaZaA Media Desktop 1.7.1 allows remote attackers to  ...)
 	NOT-FOR-US: KaZaA Media Desktop
-CVE-2002-2305
+CVE-2002-2305 (SQL injection vulnerability in agentadmin.php in Immobilier allows rem ...)
 	NOT-FOR-US: Immobilier
-CVE-2002-2304
+CVE-2002-2304 (SQL injection vulnerability in admin/auth/checksession.php in MyPHPLin ...)
 	NOT-FOR-US: MyPHPLinks
-CVE-2002-2303
+CVE-2002-2303 (3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for ...)
 	NOT-FOR-US: ShopFactory
-CVE-2002-2302
+CVE-2002-2302 (3D3.Com ShopFactory 5.5 through 5.8 allows remote attackers to modify  ...)
 	NOT-FOR-US: ShopFactory
-CVE-2002-2301
+CVE-2002-2301 (Lawson Financials 8.0, when configured to use a third party relational ...)
 	NOT-FOR-US: Lawson Financials
-CVE-2002-2300
+CVE-2002-2300 (Buffer overflow in ftpd 5.4 in 3Com NBX 4.0.17 or ftpd 5.4.2 in 3Com N ...)
 	NOT-FOR-US: 3Com NBX ftpd
-CVE-2002-2299
+CVE-2002-2299 (PHP remote file inclusion vulnerability in thatfile.php in Thatware 0. ...)
 	NOT-FOR-US: Thatware
-CVE-2002-2298
+CVE-2002-2298 (PHP remote file inclusion vulnerability in config.php in Thatware 0.3  ...)
 	NOT-FOR-US: Thatware
-CVE-2002-2297
+CVE-2002-2297 (PHP remote file inclusion vulnerability in artlist.php in Thatware 0.5 ...)
 	NOT-FOR-US: Thatware
-CVE-2002-2296
+CVE-2002-2296 (Cross-site scripting (XSS) vulnerability in YaBB.pl in Yet Another Bul ...)
 	NOT-FOR-US: YABB
-CVE-2002-2295
+CVE-2002-2295 (Buffer overflow in Pico Server (pServ) 2.0 beta 1 through beta 5 allow ...)
 	NOT-FOR-US: Pico Server
-CVE-2002-2294
+CVE-2002-2294 (Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, E ...)
 	NOT-FOR-US: Symantec Raptor
-CVE-2002-2293
+CVE-2002-2293 (Webshots Desktop screensaver allows local users to bypass the password ...)
 	NOT-FOR-US: Webshots Desktop screensaver
-CVE-2002-2292
+CVE-2002-2292 (Directory traversal vulnerability in Remote Console Applet in Halycon  ...)
 	NOT-FOR-US: Remote Console Applet in Halycon
-CVE-2002-2291
+CVE-2002-2291 (Calisto Internet Talker 0.04 and earlier allows remote attackers to ca ...)
 	NOT-FOR-US: Calisto Internet Talker
-CVE-2002-2290
+CVE-2002-2290 (Mambo Site Server 4.0.11 installs with a default username and password ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2289
+CVE-2002-2289 (soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows r ...)
 	NOT-FOR-US: BadBlue
-CVE-2002-2288
+CVE-2002-2288 (Mambo Site Server 4.0.11 allows remote attackers to obtain the physica ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2287
+CVE-2002-2287 (PHP remote file inclusion vulnerability in quick_reply.php for phpBB A ...)
 	NOT-FOR-US: phpBB Advanced Quick Reply Hack
-CVE-2002-2286
+CVE-2002-2286 (The parse-get function in utils.c for apt-www-proxy 0.1 allows remote  ...)
 	NOT-FOR-US: apt-www-proxy
-CVE-2002-2285
+CVE-2002-2285 (eTrust InoculateIT 6.0 with the "Incremental Scan" option enabled may  ...)
 	NOT-FOR-US: eTrust
-CVE-2002-2284
+CVE-2002-2284 (Netscape Communicator 4.0 through 4.79 allows remote attackers to bypa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2283
+CVE-2002-2283 (Microsoft Windows XP with Fast User Switching (FUS) enabled does not r ...)
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2002-2282
+CVE-2002-2282 (McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searc ...)
 	NOT-FOR-US: McAfee VirusScan
-CVE-2002-2281
+CVE-2002-2281 (Symantec Java! JIT (Just-In-Time) Compiler for Netscape Communicator 4 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2280
+CVE-2002-2280 (syslogd on OpenBSD 2.9 through 3.2 does not change the source IP addre ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2279
+CVE-2002-2279 (Unspecified vulnerability in the bind function in config.inc of aldap  ...)
 	NOT-FOR-US: aldap
-CVE-2002-2278
+CVE-2002-2278 (Cross-site scripting (XSS) vulnerability in mod_search/index.php in Po ...)
 	NOT-FOR-US: PortailPHP
-CVE-2002-2277
+CVE-2002-2277 (SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 ...)
 	NOT-FOR-US: PortailPHP
-CVE-2002-2276
+CVE-2002-2276 (Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physi ...)
 	NOT-FOR-US: PHP Board
-CVE-2002-2275
+CVE-2002-2275 (Fortres 101 4.1 allows local users to bypass Fortres by pressing the W ...)
 	NOT-FOR-US: Fortres
-CVE-2002-2274
+CVE-2002-2274 (akfingerd 0.5 allows local users to read arbitrary files as the akfing ...)
 	NOT-FOR-US: akfingerd
-CVE-2002-2273
+CVE-2002-2273 (Cross-site scripting (XSS) vulnerability in Webster HTTP Server allows ...)
 	NOT-FOR-US: Webster HTTP Server
-CVE-2002-2272
+CVE-2002-2272 (Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 thr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2271
+CVE-2002-2271 (Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Con ...)
 	NOT-FOR-US: BigFun
-CVE-2002-2270
+CVE-2002-2270 (Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, an ...)
 	NOT-FOR-US: HP-UX
-CVE-2002-2269
+CVE-2002-2269 (Directory traversal vulnerability in Webster HTTP Server allows remote ...)
 	NOT-FOR-US: Webster HTTP Server
-CVE-2002-2268
+CVE-2002-2268 (Buffer overflow in Webster HTTP Server allows remote attackers to exec ...)
 	NOT-FOR-US: Webster HTTP Server
-CVE-2002-2267
+CVE-2002-2267 (bogopass in bogofilter 0.9.0.4 allows local users to overwrite arbitra ...)
 	- bogofilter 0.9.0.5
-CVE-2002-2266
+CVE-2002-2266 (NetScreen ScreenOS 2.8 through 4.0, when forwarding H.323 or Netmeetin ...)
 	NOT-FOR-US: NetScreen
-CVE-2002-2265
+CVE-2002-2265 (Unspecified vulnerability in LDAP Module in System Authentication of O ...)
 	NOT-FOR-US: Open Source Internet Solutions
-CVE-2002-2264
+CVE-2002-2264 (Unspecified vulnerability in Internet Group Management Protocol (IGMP) ...)
 	NOT-FOR-US: Internet Group Management Protocol
-CVE-2002-2263
+CVE-2002-2263 (The installation program for HP-UX Visualize Conference B.11.00.11 run ...)
 	NOT-FOR-US: HP-UX Visualize Conference
-CVE-2002-2262
+CVE-2002-2262 (Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows ...)
 	NOT-FOR-US: HP-UX xntpd
-CVE-2002-2261
+CVE-2002-2261 (Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relayi ...)
 	- sendmail 8.12.7
-CVE-2002-2260
+CVE-2002-2260 (Cross-site scripting (XSS) vulnerability in the quips feature in Mozil ...)
 	{DSA-218}
 	- bugzilla 2.14.2-1
-CVE-2002-2259
+CVE-2002-2259 (Buffer overflow in the French documentation patch for Gnuplot 3.7 in S ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2258
+CVE-2002-2258 (Moby NetSuite allows remote attackers to cause a denial of service (cr ...)
 	NOT-FOR-US: Moby NetSuite
-CVE-2002-2257
+CVE-2002-2257 (Stack-based buffer overflow in the parse_field function in cgi_lib.c f ...)
 	NOT-FOR-US: libcgi
 	NOTE: this is another libcgi than the one we ship
-CVE-2002-2256
+CVE-2002-2256 (Directory traversal vulnerability in pWins Webserver 0.2.5 and earlier ...)
 	NOT-FOR-US: pWins
-CVE-2002-2255
+CVE-2002-2255 (Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3  ...)
 	- phpbb2 2.0.13-6sarge3
 	NOTE: might be fixed in prior versions
-CVE-2002-2254
+CVE-2002-2254 (The experimental IP packet queuing feature in Netfilter / IPTables in  ...)
 	- linux-2.6 <not-affected> (Fixed before initial upload into the archive, during 2.4)
-CVE-2002-2253
+CVE-2002-2253 (Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier  ...)
 	- libsieve <not-affected> (was fixed in 2.1.3 before debian version was uploaded)
-CVE-2002-2252
+CVE-2002-2252 (SQL injection vulnerability in auth.inc.php in Thatware 0.5.0 and earl ...)
 	NOT-FOR-US: Thatware
-CVE-2002-2251
+CVE-2002-2251 (Buffer overflow in the changevalue function in libcgi.h for Marcos Lui ...)
 	NOT-FOR-US: Marcos Luiz Onisto
-CVE-2002-2250
+CVE-2002-2250 (Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allo ...)
 	NOT-FOR-US: Sybase
-CVE-2002-2249
+CVE-2002-2249 (PHP remote file inclusion vulnerability in News Evolution 2.0 allows r ...)
 	NOT-FOR-US: News Evolution
-CVE-2002-2248
+CVE-2002-2248 (Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class  ...)
 	NOT-FOR-US: Netscape
-CVE-2002-2247
+CVE-2002-2247 (The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allow ...)
 	NOT-FOR-US: Mambo
 	NOTE: mambo is in experimental
-CVE-2002-2246
+CVE-2002-2246 (Cross-site scripting (XSS) vulnerability in VisNetic Website before 3. ...)
 	NOT-FOR-US: VisNetic Website
-CVE-2002-2245
+CVE-2002-2245 (ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a dig ...)
 	NOT-FOR-US: NetBSD ftpd
-CVE-2002-2244
+CVE-2002-2244 (Akfingerd 0.5 and earlier versions allow local users to cause a denial ...)
 	NOT-FOR-US: Akfingerd
-CVE-2002-2243
+CVE-2002-2243 (Akfingerd 0.5 and possibly earlier versions only allows one connection ...)
 	NOT-FOR-US: Akfingerd
-CVE-2002-2242
+CVE-2002-2242 (The Apple Package Manager in KisMAC 0.02a and earlier modifies file pe ...)
 	NOT-FOR-US: Apple Package Manager of KisMAC
-CVE-2002-2241
+CVE-2002-2241 (Buffer overflow in httpd32.exe in Deerfield VisNetic WebSite before 3. ...)
 	NOT-FOR-US: Deerfield VisNetic WebSite
-CVE-2002-2240
+CVE-2002-2240 (Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remo ...)
 	NOT-FOR-US: MyServer
-CVE-2002-2239
+CVE-2002-2239 (The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600  ...)
 	NOT-FOR-US: Cisco
-CVE-2002-2238
+CVE-2002-2238 (Directory traversal vulnerability in the Kunani ODBC FTP Server 1.0.10 ...)
 	NOT-FOR-US: Kunani ODBC FTP Server
-CVE-2002-2237
+CVE-2002-2237 (tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a ...)
 	NOT-FOR-US: tftp32 TFTP
-CVE-2002-2236
+CVE-2002-2236 (Format string vulnerability in the awp_log function in apt-www-proxy 0 ...)
 	NOT-FOR-US: apt-www-proxy
-CVE-2002-2235
+CVE-2002-2235 (member2.php in vBulletin 2.2.9 and earlier does not properly restrict  ...)
 	NOT-FOR-US: vBulletin
-CVE-2002-2234
+CVE-2002-2234 (NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the  ...)
 	NOT-FOR-US: NetScreen ScreenOS
-CVE-2002-2233
+CVE-2002-2233 (Directory traversal vulnerability in Enceladus Server Suite 3.9 allows ...)
 	NOT-FOR-US: Enceladus Server Suite
-CVE-2002-2232
+CVE-2002-2232 (Buffer overflow in Enceladus Server Suite 3.9 allows remote attackers  ...)
 	NOT-FOR-US: Enceladus Server Suite
-CVE-2002-2231
+CVE-2002-2231 (Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows rem ...)
 	NOT-FOR-US: Ikonboard
-CVE-2002-2230
+CVE-2002-2230 (Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows rem ...)
 	NOT-FOR-US: Ikonboard
-CVE-2002-2229
+CVE-2002-2229 (Directory traversal vulnerability in Sapio Design Ltd. WebReflex 1.53  ...)
 	NOT-FOR-US: WebReflex
-CVE-2002-2228
+CVE-2002-2228 (MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers  ...)
 	- mailscanner 4.22.5-1
-CVE-2002-2227
+CVE-2002-2227 (Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers  ...)
 	- ssldump 0.9b3-1 (low)
-CVE-2002-2226
+CVE-2002-2226 (Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote atta ...)
 	NOT-FOR-US: Tftpd32
-CVE-2002-2225
+CVE-2002-2225 (SafeNet VPN client allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: SafeNet VPN
-CVE-2002-2224
+CVE-2002-2224 (Buffer overflow in PGPFreeware 7.03 running on Windows NT 4.0 SP6 allo ...)
 	NOT-FOR-US: PGPFreeware
-CVE-2002-2223
+CVE-2002-2223 (Buffer overflow in NetScreen-Remote 8.0 allows remote attackers to cau ...)
 	NOT-FOR-US: NetScreen-Remote
-CVE-2002-2222
+CVE-2002-2222 (isakmpd/message.c in isakmpd in FreeBSD before isakmpd-20020403_1, and ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-2221
+CVE-2002-2221 (Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2. ...)
 	- chetcpasswd <removed> (medium)
-CVE-2002-2220
+CVE-2002-2220 (Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when conf ...)
 	- chetcpasswd <removed> (medium)
-CVE-2002-2219
+CVE-2002-2219 (chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remo ...)
 	- chetcpasswd <removed> (low)
-CVE-2002-2218
+CVE-2002-2218 (CRLF injection vulnerability in the setUserValue function in sipssys/c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2217
+CVE-2002-2217 (Multiple PHP remote file inclusion vulnerabilities in Web Server Creat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2216
+CVE-2002-2216 (Soft3304 04WebServer before 1.20 does not properly process URL strings ...)
 	NOT-FOR-US: 04WebServer
-CVE-2002-2215
+CVE-2002-2215 (The imap_header function in the IMAP functionality for PHP before 4.3. ...)
 	- php4 4:4.3.2+rc3-1
-CVE-2002-2214
+CVE-2002-2214 (The php_if_imap_mime_header_decode function in the IMAP functionality  ...)
 	- php4 4:4.3.2+rc3-1
-CVE-2002-2213
+CVE-2002-2213 (The DNS resolver in unspecified versions of Infoblox DNS One, when res ...)
 	NOT-FOR-US: Infoblox DNS One
-CVE-2002-2212
+CVE-2002-2212 (The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolv ...)
 	NOT-FOR-US: Fujitsu UXP/V
-CVE-2002-2211
+CVE-2002-2211 (BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary  ...)
 	- bind <removed> (unimportant)
 	- bind9 <not-affected> (does not send parallel queries)
 	NOTE: Disabling recursion does not close all attack vectors.
 	NOTE: Browser reflection attacks will still work.
 	NOTE: Bind 8 design limitations that are only addressed in bind 9 are not
 	NOTE: treated a security issues, DNS admins need to be aware what they are using
-CVE-2002-2210
+CVE-2002-2210 (The installation of OpenOffice 1.0.1 allows local users to overwrite f ...)
 	- openoffice.org 1.0.2
-CVE-2002-2209
+CVE-2002-2209 (Unspecified "security vulnerability" in Baby FTP Server versions befor ...)
 	NOT-FOR-US: Baby FTP Server
-CVE-2002-2208
+CVE-2002-2208 (Extended Interior Gateway Routing Protocol (EIGRP), as implemented in  ...)
 	NOT-FOR-US: IOS
-CVE-2002-2207
+CVE-2002-2207 (Buffer overflow in ssldump 0.9b2 and earlier, when running in decrypti ...)
 	- ssldump 0.9b3
-CVE-2002-2206
+CVE-2002-2206 (The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows l ...)
 	NOT-FOR-US: Norton AntiVirus
-CVE-2002-2205
+CVE-2002-2205 (Buffer overflow in Webresolve 0.1.0 and earlier allows remote attacker ...)
 	NOT-FOR-US: webresolve
-CVE-2002-2204
+CVE-2002-2204 (The default --checksig setting in RPM Package Manager 4.0.4 checks tha ...)
 	NOTE: verified with rpm 4.4.1, but this can hardly affect debian at
 	NOTE: all since it requires rpm be configured to trust some key,
 	NOTE: which in debian requires a manual and non-documented
 	NOTE: initialization of the rpm database which is not configured in
 	NOTE: the package
-CVE-2002-2203
+CVE-2002-2203 (Unknown vulnerability in the System Serial Console terminal in Solaris ...)
 	NOT-FOR-US: Solaris
-CVE-2002-2202
+CVE-2002-2202 (Outlook Express 6.0 does not delete messages from dbx files, even when ...)
 	NOT-FOR-US: Outlook Express
-CVE-2002-2201
+CVE-2002-2201 (The Printer Administration module for Webmin 0.990 and earlier allows  ...)
 	- webmin 1.000 (high)
-CVE-2002-2200
+CVE-2002-2200 (Benjamin Lefevre Dobermann FORUM 0.5 and earlier allows remote attacke ...)
 	NOT-FOR-US: (Benjamin Lefevre Dobermann FORUM)
-CVE-2002-2199
+CVE-2002-2199 (The default aide.conf file in Advanced Intrusion Detection Environment ...)
 	NOTE: freebsd misconfiguration
-CVE-2002-2198
+CVE-2002-2198 (Buffer overflow in ZMailer before 2.99.51_1 allows remote attackers to ...)
 	- zmailer 2.99.56-1 (high)
 	NOTE: May have been fixed earlier, 2.99.51 was never uploaded to Debian.
-CVE-2002-2197
+CVE-2002-2197 (Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a ...)
 	NOT-FOR-US: Solaris
-CVE-2002-2196
+CVE-2002-2196 (Samba before 2.2.5 does not properly terminate the enum_csc_policy dat ...)
 	- samba 2.2.5 (high)
-CVE-2002-2195
+CVE-2002-2195 (Buffer overflow in the version update check for Winamp 2.80 and earlie ...)
 	NOT-FOR-US: Winamp
 CVE-2002-2194
 	REJECTED
-CVE-2002-2193
+CVE-2002-2193 (Cross-site scripting (XSS) vulnerability in mojo.cgi for Mojo Mail 2.7 ...)
 	NOT-FOR-US: Mojo Mail
-CVE-2002-2192
+CVE-2002-2192 (Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 ...)
 	NOT-FOR-US: Perception LiteServe
-CVE-2002-2191
+CVE-2002-2191 (Lotus Domino 5.0.9a and earlier, even when configured with the 'Domino ...)
 	NOT-FOR-US: (Lotus Domino
-CVE-2002-2190
+CVE-2002-2190 (ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext unde ...)
 	NOT-FOR-US: ArtsCore Studios CuteCast Forum
-CVE-2002-2189
+CVE-2002-2189 (Cross-site scripting (XSS) vulnerability in ActiveXperts Software Acti ...)
 	NOT-FOR-US: ActiveXperts Software ActiveWebserver
-CVE-2002-2188
+CVE-2002-2188 (OpenBSD before 3.2 allows local users to cause a denial of service (ke ...)
 	NOT-FOR-US: OpenBSD kernel
-CVE-2002-2187
+CVE-2002-2187 (Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, a ...)
 	NOT-FOR-US: Macromedia JRun
-CVE-2002-2186
+CVE-2002-2186 (Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the s ...)
 	NOT-FOR-US: Macromedia JRun
-CVE-2002-2185
+CVE-2002-2185 (The Internet Group Management Protocol (IGMP) allows local users to ca ...)
 	NOTE: fixed in IRIX..
-CVE-2002-2184
+CVE-2002-2184 (Digi-Net Technologies DigiChat 3.5 allows chat users to obtain the IP  ...)
 	NOT-FOR-US: DigiChat
-CVE-2002-2183
+CVE-2002-2183 (phpShare.php in phpShare before 0.6 beta 3 allows remote attackers to  ...)
 	NOT-FOR-US: phpShare
-CVE-2002-2182
+CVE-2002-2182 (Buffer overflow in Seunghyun Seo's MSN666 MSN Sniffer 1.0 and 1.0.1 al ...)
 	NOT-FOR-US: MSN666
-CVE-2002-2181
+CVE-2002-2181 (SonicWall Content Filtering allows local users to access prohibited we ...)
 	NOT-FOR-US: SonicWall
-CVE-2002-2180
+CVE-2002-2180 (The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not prope ...)
 	NOT-FOR-US: OpenBSD kernel
-CVE-2002-2179
+CVE-2002-2179 (The dynamic initialization feature of the ClearPath MCP environment al ...)
 	NOT-FOR-US: ClearPath MCP
-CVE-2002-2178
+CVE-2002-2178 (Cross-site scripting (XSS) vulnerability in article.php module for php ...)
 	NOT-FOR-US: phpWebSite
-CVE-2002-2177
+CVE-2002-2177 (BEA WebLogic Server and Express 6.1 through 7.0.0.1 buffers HTTP reque ...)
 	NOT-FOR-US: BEA
-CVE-2002-2176
+CVE-2002-2176 (SQL injection vulnerability in Gender MOD 1.1.3 allows remote attacker ...)
 	NOT-FOR-US: Gender MOD
-CVE-2002-2175
+CVE-2002-2175 (phpSquidPass before 0.2 uses an incomplete regular expression to find  ...)
 	NOT-FOR-US: phpSquidPass
-CVE-2002-2174
+CVE-2002-2174 (The Telnet proxy of 602Pro LAN SUITE 2002 does not restrict the number ...)
 	NOT-FOR-US: 602Pro LAN SUITE
-CVE-2002-2173
+CVE-2002-2173 (Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing  ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-2172
+CVE-2002-2172 (Informed (1) Designer and (2) Filler 3.05 does not zero out newly allo ...)
 	NOT-FOR-US: Informed Designer, Informed Filler
-CVE-2002-2171
+CVE-2002-2171 (Cross-site scripting (XSS) vulnerability in acWEB 1.8 and 1.14 allows  ...)
 	NOT-FOR-US: acWEB
-CVE-2002-2170
+CVE-2002-2170 (Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 att ...)
 	NOT-FOR-US: BadBlue Enterprise Edition
-CVE-2002-2169
+CVE-2002-2169 (Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and ...)
 	NOT-FOR-US: AIM
-CVE-2002-2168
+CVE-2002-2168 (SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1  ...)
 	NOT-FOR-US: 123tkShop
-CVE-2002-2167
+CVE-2002-2167 (Directory traversal vulnerability in function_foot_1.inc.php for Thors ...)
 	NOT-FOR-US: 123tkShop
-CVE-2002-2166
+CVE-2002-2166 (Cross-site scripting (XSS) vulnerability in FuseTalk 2.0 and 3.0 allow ...)
 	NOT-FOR-US: FuseTalk
-CVE-2002-2165
+CVE-2002-2165 (The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER ...)
 	NOT-FOR-US: IMHO Webmail for Roxen
-CVE-2002-2164
+CVE-2002-2164 (Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows  ...)
 	NOT-FOR-US: MSIE
-CVE-2002-2163
+CVE-2002-2163 (KvPoll 1.1 allows remote authenticated users to vote more than once by ...)
 	NOT-FOR-US: KvPoll
-CVE-2002-2162
+CVE-2002-2162 (Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR)  ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-2161
+CVE-2002-2161 (Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attacker ...)
 	NOT-FOR-US: Kerio Personal Firewall
 CVE-2002-2160
 	REJECTED
-CVE-2002-2159
+CVE-2002-2159 (Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the fir ...)
 	NOT-FOR-US: Linksys hardware
-CVE-2002-2158
+CVE-2002-2158 (zenTrack 2.0.3 and earlier allows remote attackers to obtain the full  ...)
 	NOT-FOR-US: zenTrack
 CVE-2002-2157
 	REJECTED
-CVE-2002-2156
+CVE-2002-2156 (Buffer overflow in Trillian 0.73 allows remote IRC servers to execute  ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-2155
+CVE-2002-2155 (Format string vulnerability in the error handling of IRC invite respon ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-2154
+CVE-2002-2154 (Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows r ...)
 	NOT-FOR-US: Monkey HTTP Daemon
-CVE-2002-2153
+CVE-2002-2153 (Format string vulnerability in the administrative pages of the PL/SQL  ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2002-2152
+CVE-2002-2152 (The Czech edition of Software602's Web Server before 2002.0.02.0916 al ...)
 	NOT-FOR-US: Software602
 CVE-2002-2151
 	REJECTED
-CVE-2002-2150
+CVE-2002-2150 (Firewalls from multiple vendors empty state tables more slowly than th ...)
 	NOTE: SYN floods etc generally filed as issues in linux specifically
 	NOTE: if it is affected
-CVE-2002-2149
+CVE-2002-2149 (Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Rout ...)
 	NOT-FOR-US: Lucent Access Point
-CVE-2002-2148
+CVE-2002-2148 (Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Route ...)
 	NOT-FOR-US: Lucent MAX Router
 CVE-2002-2147
 	REJECTED
-CVE-2002-2146
+CVE-2002-2146 (cgitest.exe in Savant Web Server 3.1 and earlier allows remote attacke ...)
 	NOT-FOR-US: Savant Web Server
-CVE-2002-2145
+CVE-2002-2145 (Savant Web Server 3.1 and earlier allows remote attackers to bypass au ...)
 	NOT-FOR-US: Savant Web Server
-CVE-2002-2144
+CVE-2002-2144 (Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows  ...)
 	NOT-FOR-US: BearShare
-CVE-2002-2143
+CVE-2002-2143 (The admin.html file in MySimple News 1.0 stores its administrative pas ...)
 	NOT-FOR-US: MySimple News
-CVE-2002-2142
+CVE-2002-2142 (An undocumented extension for the Servlet mappings in the Servlet 2.3  ...)
 	NOT-FOR-US: BEA
-CVE-2002-2141
+CVE-2002-2141 (BEA WebLogic Server and Express 7.0 and 7.0.0.1, when running Servlets ...)
 	NOT-FOR-US: BEA
-CVE-2002-2140
+CVE-2002-2140 (Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3,  ...)
 	NOT-FOR-US: Cisco
-CVE-2002-2139
+CVE-2002-2139 (Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delet ...)
 	NOT-FOR-US: Cisco
-CVE-2002-2138
+CVE-2002-2138 (RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when r ...)
 	NOT-FOR-US: HP Advanced Server
-CVE-2002-2137
+CVE-2002-2137 (GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and poss ...)
 	NOT-FOR-US: GlobalSunTech Wireless Access Points
 CVE-2002-2136
 	REJECTED
 CVE-2002-2135
 	REJECTED
-CVE-2002-2134
+CVE-2002-2134 (haut.php in PEEL 1.0b allows remote attackers to execute arbitrary PHP ...)
 	NOT-FOR-US: PEEL
-CVE-2002-2133
+CVE-2002-2133 (Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption  ...)
 	NOT-FOR-US: Telindus 1100 ASDL router
-CVE-2002-2132
+CVE-2002-2132 (Windows File Protection (WFP) in Windows 2000 and XP does not remove o ...)
 	NOT-FOR-US: Windows
-CVE-2002-2131
+CVE-2002-2131 (Directory traversal vulnerability in Perl-HTTPd before 1.0.2 allows re ...)
 	NOT-FOR-US: Perl-HTTPd
-CVE-2002-2130
+CVE-2002-2130 (publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execut ...)
 	- gallery 1.3.3 (high)
-CVE-2002-2129
+CVE-2002-2129 (Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4 ...)
 	NOT-FOR-US: w-Agora
-CVE-2002-2128
+CVE-2002-2128 (editform.php in w-Agora 4.1.5 allows local users to execute arbitrary  ...)
 	NOT-FOR-US: w-Agora
-CVE-2002-2127
+CVE-2002-2127 (Integrity Protection Driver (IPD) 1.2 and earlier blocks access to \De ...)
 	NOT-FOR-US: Integrity Protection Driver (IPD)
-CVE-2002-2126
+CVE-2002-2126 (restrictEnabled in Integrity Protection Driver (IPD) 1.2 delays driver ...)
 	NOT-FOR-US: Integrity Protection Driver (IPD)
-CVE-2002-2125
+CVE-2002-2125 (Internet Explorer 6.0 does not warn users when an expired certificate  ...)
 	NOT-FOR-US: MSIE
-CVE-2002-2124
+CVE-2002-2124 (The recvn and sendn functions in nylon 0.2 do not check when the recv  ...)
 	NOT-FOR-US: nylon
 CVE-2002-XXXX [libnss-ldap: DoS through truncated DNS queries]
 	- libnss-ldap 199-1 (bug #169793)
@@ -693,353 +693,353 @@ CVE-2002-XXXX [sanitizer bypassal through quoted file names]
 	- sanitizer 1.76-1 (bug #149799; medium)
 	[sarge] - sanitizer <not-affected> (Sarge version already fixed)
 	NOTE: This was fixed earlier in fact, but it's unknown when
-CVE-2002-2123
+CVE-2002-2123 (PHP remote file inclusion vulnerability in publish_xp_docs.php for Gal ...)
 	- gallery 1.3.3
-CVE-2002-2122
+CVE-2002-2122 (Pointsec before 1.2 for PalmOS stores a user's PIN number in memory in ...)
 	NOT-FOR-US: Pointsec
-CVE-2002-2121
+CVE-2002-2121 (SurfControl SuperScout Email filter for SMTP 3.5.1 allows remote attac ...)
 	NOT-FOR-US: SurfControl
-CVE-2002-2120
+CVE-2002-2120 (Multiple buffer overflows in QNX RTOS 4.25 may allow attackers to exec ...)
 	NOT-FOR-US: QNX
-CVE-2002-2119
+CVE-2002-2119 (Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which  ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2002-2118
+CVE-2002-2118 (Buffer overflow in Blue World Lasso Web Data Engine 3.6.5 allows remot ...)
 	NOT-FOR-US: Blue World Lasso Web Data Engine
-CVE-2002-2117
+CVE-2002-2117 (Microsoft Windows XP allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-2116
+CVE-2002-2116 (Netgear RM-356 and RT-338 series SOHO routers allow remote attackers t ...)
 	NOT-FOR-US: Netgear RM-356 and RT-338 series SOHO routers
-CVE-2002-2115
+CVE-2002-2115 (Cross-site scripting (XSS) vulnerability in Hyper NIKKI System (HNS) L ...)
 	NOT-FOR-US: Hyper NIKKI System (HNS) Lite
-CVE-2002-2114
+CVE-2002-2114 (Artekopia Netjuke before 1.0 b7 allows remote attackers to execute arb ...)
 	- netjuke 1.0b7
-CVE-2002-2113
+CVE-2002-2113 (search.cgi in AGH HTMLsearch 1.0 allows remote attackers to execute ar ...)
 	NOT-FOR-US: HTMLsearch
-CVE-2002-2112
+CVE-2002-2112 (RCA Digital Cable Modem DCM225 and DCM225E, and other modems that must ...)
 	NOT-FOR-US: RCA Digital Cable Modem
-CVE-2002-2111
+CVE-2002-2111 (Fwmon before 1.0.10 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Fwmon
-CVE-2002-2110
+CVE-2002-2110 (The RCA Digital Cable Modems DCM225 and DCM225E allow remote attackers ...)
 	NOT-FOR-US: RCA Digital Cable Modems DCM225 and DCM225E
-CVE-2002-2109
+CVE-2002-2109 (Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass ...)
 	NOTE: debian's nms-formmail is a reimplementation of old formmail
-CVE-2002-2108
+CVE-2002-2108 (Unknown vulnerability in the "VAIO Manual" software in certain Sony VA ...)
 	NOT-FOR-US: Sony VAIO
-CVE-2002-2107
+CVE-2002-2107 (Cross-site scripting (XSS) vulnerability in the lookup script in Verid ...)
 	NOT-FOR-US: OpenKeyServer
-CVE-2002-2106
+CVE-2002-2106 (PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21  ...)
 	NOT-FOR-US: WikkiTikkiTavi
-CVE-2002-2105
+CVE-2002-2105 (Microsoft Windows XP allows local users to prevent the system from boo ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-2104
+CVE-2002-2104 (graph.php in Ganglia PHP RRD Web Client 1.0.2 allows remote attackers  ...)
 	NOT-FOR-US: Ganglia PHP RRD Web Client
 	NOTE: not ganglia-monitor
-CVE-2002-2103
+CVE-2002-2103 (Apache before 1.3.24, when writing to the log file, records a spoofed  ...)
 	- apache 1.3.24 (low)
-CVE-2002-2102
+CVE-2002-2102 (InfBlocks.java in JCraft JZlib before 0.0.7 allow remote attackers to  ...)
 	- jzlib 0.0.7 (low)
-CVE-2002-2101
+CVE-2002-2101 (Microsoft Outlook 2002 allows remote attackers to execute arbitrary Ja ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-2100
+CVE-2002-2100 (Microsoft Outlook 2002 allows remote attackers to embed bypass the fil ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-2099
+CVE-2002-2099 (Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows loc ...)
 	- ddd <not-affected> (ddd is not setuid/gid so not exploitable)
-CVE-2002-2098
+CVE-2002-2098 (Buffer overflow in axspawn.c in Axspawn-pam before 0.2.1a allows remot ...)
 	NOT-FOR-US: Axspawn-pam
-CVE-2002-2097
+CVE-2002-2097 (The compression code in MaraDNS before 0.9.01 allows remote attackers  ...)
 	- maradns 0.9.01 (low)
-CVE-2002-2096
+CVE-2002-2096 (Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWa ...)
 	NOT-FOR-US: Netware
-CVE-2002-2095
+CVE-2002-2095 (Joe Testa hellbent 01 webserver allows attackers to read files that ar ...)
 	NOT-FOR-US: Joe Testa hellbent 01 webserver
-CVE-2002-2094
+CVE-2002-2094 (Joe Testa hellbent 01 allows remote attackers to determine the full pa ...)
 	NOT-FOR-US: Joe Testa hellbent 01 webserver
-CVE-2002-2093
+CVE-2002-2093 (The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is  ...)
 	NOT-FOR-US: SGI IRIX
-CVE-2002-2092
+CVE-2002-2092 (Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and ea ...)
 	NOT-FOR-US: OpenBSD/NetBSD/FreeBSD
-CVE-2002-2091
+CVE-2002-2091 (Format string vulnerability in Deception Finger Daemon, decfingerd, 0. ...)
 	NOT-FOR-US: decfingerd
-CVE-2002-2090
+CVE-2002-2090 (Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers  ...)
 	NOT-FOR-US: aucho Technology Resin server
-CVE-2002-2089
+CVE-2002-2089 (Buffer overflow in rcp in Solaris 9.0 allows local users to execute ar ...)
 	NOT-FOR-US: Solaris
-CVE-2002-2088
+CVE-2002-2088 (The MOSIX Project clump/os 5.4 creates a default VNC account without a ...)
 	NOT-FOR-US: clump/os
-CVE-2002-2087
+CVE-2002-2087 (Buffer overflow in Borland InterBase 6.0 allows local users to execute ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2086
+CVE-2002-2086 (Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of Sq ...)
 	NOT-FOR-US: magicHTML
-CVE-2002-2085
+CVE-2002-2085 (Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 be ...)
 	NOT-FOR-US: WWWeBBB forum
-CVE-2002-2084
+CVE-2002-2084 (Directory traversal vulnerability in index.php of Portix 0.4.02 allows ...)
 	NOT-FOR-US: Portix
-CVE-2002-2083
+CVE-2002-2083 (The Novell Netware client running on Windows 95 allows local users to  ...)
 	NOT-FOR-US: Novell Netware
-CVE-2002-2082
+CVE-2002-2082 (FTGate and FTGate Pro 1.05 lock user mailboxes before authentication s ...)
 	NOT-FOR-US: FTGate
-CVE-2002-2081
+CVE-2002-2081 (cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cau ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-2080
+CVE-2002-2080 (Floositek FTGate PRO 1.05 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: FTGate
-CVE-2002-2079
+CVE-2002-2079 (mosix-protocol-stack in Multicomputer Operating System for UnIX (MOSIX ...)
 	- kernel-patch-openmosix <removed> (bug #319621; low)
-CVE-2002-2078
+CVE-2002-2078 (Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FT ...)
 	NOT-FOR-US: FTGate
-CVE-2002-2077
+CVE-2002-2077 (The DCOM client in Windows 2000 before SP3 does not properly clear mem ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-2076
+CVE-2002-2076 (Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 allo ...)
 	NOT-FOR-US: Lil' HTTP server
-CVE-2002-2075
+CVE-2002-2075 (ICQ 2001a and 2002b allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: ICQ
-CVE-2002-2074
+CVE-2002-2074 (SQL injection vulnerability in Mailidx before 20020105 allows remote a ...)
 	NOT-FOR-US: Mailidx
-CVE-2002-2073
+CVE-2002-2073 (Cross-site scripting (XSS) vulnerability in the default ASP pages on M ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-2072
+CVE-2002-2072 (java.security.AccessController in Sun Java Virtual Machine (JVM) in JR ...)
 	NOT-FOR-US: Sun Java
-CVE-2002-2071
+CVE-2002-2071 (Compaq Tru64 4.0 d allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Tru64
-CVE-2002-2070
+CVE-2002-2070 (SecureClean 3 build 2.0 does not clear Windows alternate data streams  ...)
 	NOT-FOR-US: SecureClean
-CVE-2002-2069
+CVE-2002-2069 (PGP 6.x and 7.x does not clear Windows alternate data streams that are ...)
 	NOT-FOR-US: Proprietary PGP
-CVE-2002-2068
+CVE-2002-2068 (Eraser 5.3 does not clear Windows alternate data streams that are atta ...)
 	NOT-FOR-US: Eraser
-CVE-2002-2067
+CVE-2002-2067 (East-Tec Eraser 2002 does not clear Windows alternate data streams tha ...)
 	NOT-FOR-US: Eraser
-CVE-2002-2066
+CVE-2002-2066 (BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows a ...)
 	NOT-FOR-US: BCWipe
-CVE-2002-2065
+CVE-2002-2065 (WebCalendar 0.9.34 and earlier with 'browsing in includes directory' e ...)
 	NOT-FOR-US: WebCalender
-CVE-2002-2064
+CVE-2002-2064 (isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain admin ...)
 	NOT-FOR-US: PhpWebGallery
-CVE-2002-2063
+CVE-2002-2063 (AtGuard 3.2 allows remote attackers to bypass firwall filters and exec ...)
 	NOT-FOR-US: AtGuard
-CVE-2002-2062
+CVE-2002-2062 (Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explor ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-2061
+CVE-2002-2061 (Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earli ...)
 	NOTE: fixed in upstream 1.0.1
 	NOTE: see http://web.archive.org/web/20090628044831/http://www.mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html
 	- mozilla 2:1.1-1 (low)
-CVE-2002-2060
+CVE-2002-2060 (Buffer overflow in Links 2.0 pre4 allows remote attackers to crash cli ...)
 	- links2 <not-affected> (Fixed before upload into archiv; 2.0pre5)
-CVE-2002-2059
+CVE-2002-2059 (BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not  ...)
 	NOT-FOR-US: Intel motherboards
-CVE-2002-2058
+CVE-2002-2058 (TeeKai Tracking Online 1.0 uses weak encryption of web usage statistic ...)
 	NOT-FOR-US: TeeKai
-CVE-2002-2057
+CVE-2002-2057 (TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/ ...)
 	NOT-FOR-US: TeeKai
-CVE-2002-2056
+CVE-2002-2056 (Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows re ...)
 	NOT-FOR-US: TeeKai
-CVE-2002-2055
+CVE-2002-2055 (Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai Trac ...)
 	NOT-FOR-US: TeeKai
-CVE-2002-2054
+CVE-2002-2054 (TeeKai Forum 1.2 allows remote attackers to authenticate as the admini ...)
 	NOT-FOR-US: TeeKai
-CVE-2002-2053
+CVE-2002-2053 (The design of the Hot Standby Routing Protocol (HSRP), as implemented  ...)
 	NOT-FOR-US: Cisco
-CVE-2002-2052
+CVE-2002-2052 (Cisco 2611 router running IOS 12.1(6.5), possibly an interim release,  ...)
 	NOT-FOR-US: Cisco
-CVE-2002-2051
+CVE-2002-2051 (The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used  ...)
 	- modlogan 0.7.12-1 (low)
-CVE-2002-2050
+CVE-2002-2050 (Directory traversal vulnerability in processor_web plugin for ModLogAn ...)
 	- modlogan 0.7.12-1 (low)
-CVE-2002-2049
+CVE-2002-2049 (configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when down ...)
 	NOTE: one day upstream webserver compromise
-CVE-2002-2048
+CVE-2002-2048 (Buffer overflow in PFinger 0.7.8 client allows remote attackers to exe ...)
 	NOT-FOR-US: PFinger
-CVE-2002-2047
+CVE-2002-2047 (The file preview functionality in Sketch 0.6.12 and earlier allows rem ...)
 	- sketch 0.6.13-1 (low)
-CVE-2002-2046
+CVE-2002-2046 (x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers  ...)
 	NOT-FOR-US: X-News
-CVE-2002-2045
+CVE-2002-2045 (x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: x-stat
-CVE-2002-2044
+CVE-2002-2044 (Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat ...)
 	NOT-FOR-US: x-stat
-CVE-2002-2043
+CVE-2002-2043 (SQL injection vulnerability in the LDAP and MySQL authentication patch ...)
 	NOTE: old patch
-CVE-2002-2042
+CVE-2002-2042 (ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 allo ...)
 	NOT-FOR-US: QNX
-CVE-2002-2041
+CVE-2002-2041 (Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 al ...)
 	NOT-FOR-US: QNX
-CVE-2002-2040
+CVE-2002-2040 (The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operat ...)
 	NOT-FOR-US: QNX
-CVE-2002-2039
+CVE-2002-2039 (/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows  ...)
 	NOT-FOR-US: QNX
-CVE-2002-2038
+CVE-2002-2038 (Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based s ...)
 	NOT-FOR-US: NGPT
 	NOTE: http://lists.debian.org/debian-user/2003/10/msg03627.html
 	NOTE: NPTL does not have this problem.
-CVE-2002-2037
+CVE-2002-2037 (The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier ...)
 	NOT-FOR-US: Cisco
-CVE-2002-2036
+CVE-2002-2036 (Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) ...)
 	NOT-FOR-US: Sun
-CVE-2002-2035
+CVE-2002-2035 (SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0 and ear ...)
 	NOT-FOR-US: RealityScape
-CVE-2002-2034
+CVE-2002-2034 (The Email Sanitizer before 1.133 for Procmail allows remote attackers  ...)
 	NOT-FOR-US: Email Sanitizer
-CVE-2002-2033
+CVE-2002-2033 (faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers ...)
 	NOT-FOR-US: FAQManager
-CVE-2002-2032
+CVE-2002-2032 (sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict access to  ...)
 	NOT-FOR-US: PHPNuke
-CVE-2002-2031
+CVE-2002-2031 (Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-2030
+CVE-2002-2030 (Stack-based buffer overflow in SQLData Enterprise Server 3.0 allows re ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-2029
+CVE-2002-2029 (PHP, when installed on Windows with Apache and ScriptAlias for /php/ s ...)
 	NOT-FOR-US: PHP, Mircrosoft
-CVE-2002-2028
+CVE-2002-2028 (The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-2027
+CVE-2002-2027 (Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not proper ...)
 	NOT-FOR-US: DOOW
-CVE-2002-2026
+CVE-2002-2026 (Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to  ...)
 	NOT-FOR-US: BrowseFTP
-CVE-2002-2025
+CVE-2002-2025 (Lotus Domino server 5.0.9a and earlier allows remote attackers to caus ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2002-2024
+CVE-2002-2024 (Horde IMP 2.2.7 allows remote attackers to obtain the full web root pa ...)
 	- imp 3:2.2.6-5 (high)
-CVE-2002-2023
+CVE-2002-2023 (The get_parameter_from_freqency_source function in beep2 1.0, 1.1 and  ...)
 	NOT-FOR-US: We use the OTHER beep program :P
-CVE-2002-2022
+CVE-2002-2022 (Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows l ...)
 	NOTE: only affects old-stable
-CVE-2002-2021
+CVE-2002-2021 (Cross-site scripting (XSS) vulnerability in WoltLab Burning Board (wbb ...)
 	NOT-FOR-US: wbboard
-CVE-2002-2020
+CVE-2002-2020 (Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default a ...)
 	NOT-FOR-US: Netgear hardware
-CVE-2002-2019
+CVE-2002-2019 (PHP remote file inclusion vulnerability in include_once.php in osComme ...)
 	NOT-FOR-US: osCommerce
-CVE-2002-2018
+CVE-2002-2018 (sastcpd in SAS/Base 8.0 might allow local users to gain privileges by  ...)
 	NOT-FOR-US: SAS/Base
-CVE-2002-2017
+CVE-2002-2017 (sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code b ...)
 	NOT-FOR-US: SAS/Base
-CVE-2002-2016
+CVE-2002-2016 (User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel addr ...)
 	- user-mode-linux 2.4.17-9 (high)
-CVE-2002-2015
+CVE-2002-2015 (PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows  ...)
 	NOT-FOR-US: PostNuke
-CVE-2002-2014
+CVE-2002-2014 (Lotus Domino 5.0.8 web server returns different error messages when a  ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2002-2013
+CVE-2002-2013 (Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2012
+CVE-2002-2012 (Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Lin ...)
 	NOT-FOR-US: Apache
-CVE-2002-2011
+CVE-2002-2011 (Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.c ...)
 	NOT-FOR-US: faqomatic
-CVE-2002-2010
+CVE-2002-2010 (Cross-site scripting (XSS) vulnerability in htsearch.cgi in htdig (ht: ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-2009
+CVE-2002-2009 (Apache Tomcat 4.0.1 allows remote attackers to obtain the web root pat ...)
 	NOT-FOR-US: Tomcat
-CVE-2002-2008
+CVE-2002-2008 (Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the  ...)
 	NOT-FOR-US: Tomcat
-CVE-2002-2007
+CVE-2002-2007 (The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remo ...)
 	NOT-FOR-US: Tomcat
-CVE-2002-2006
+CVE-2002-2006 (The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 thro ...)
 	NOT-FOR-US: Tomcat
-CVE-2002-2005
+CVE-2002-2005 (Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1 ...)
 	NOT-FOR-US: Sun
-CVE-2002-2004
+CVE-2002-2004 (portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to ca ...)
 	NOT-FOR-US: Compaq
-CVE-2002-2003
+CVE-2002-2003 (ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote at ...)
 	NOT-FOR-US: Compaq
-CVE-2002-2002
+CVE-2002-2002 (Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows ...)
 	NOT-FOR-US: Compaq
-CVE-2002-2001
+CVE-2002-2001 (jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable ...)
 	NOT-FOR-US: jmcce
-CVE-2002-2000
+CVE-2002-2000 (ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use pr ...)
 	NOT-FOR-US: OpenVMS
-CVE-2002-1999
+CVE-2002-1999 (HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow rem ...)
 	NOT-FOR-US: VVOS
-CVE-2002-1998
+CVE-2002-1998 (Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0  ...)
 	NOT-FOR-US: UnixWare
-CVE-2002-1997
+CVE-2002-1997 (ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering ...)
 	NOT-FOR-US: ZoneAlarm
-CVE-2002-1996
+CVE-2002-1996 (Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier  ...)
 	NOT-FOR-US: Postnuke
-CVE-2002-1995
+CVE-2002-1995 (Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke ...)
 	NOT-FOR-US: Postnuke
-CVE-2002-1994
+CVE-2002-1994 (advserver.exe in Advanced Web Server (AdvServer) Professional 1.030000 ...)
 	NOT-FOR-US: Windows
-CVE-2002-1993
+CVE-2002-1993 (webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute  ...)
 	NOT-FOR-US: WebBBS
-CVE-2002-1992
+CVE-2002-1992 (Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or  ...)
 	NOT-FOR-US: Windows
-CVE-2002-1991
+CVE-2002-1991 (PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary c ...)
 	NOT-FOR-US: osCommerce
-CVE-2002-1990
+CVE-2002-1990 (Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical p ...)
 	NOT-FOR-US: Resin
-CVE-2002-1989
+CVE-2002-1989 (Resin 2.1.1 allows remote attackers to cause a denial of service (thre ...)
 	NOT-FOR-US: Resin
-CVE-2002-1988
+CVE-2002-1988 (Resin 2.1.1 allows remote attackers to cause a denial of service (memo ...)
 	NOT-FOR-US: Resin
-CVE-2002-1987
+CVE-2002-1987 (Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 al ...)
 	NOT-FOR-US: Resin
-CVE-2002-1986
+CVE-2002-1986 (Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obta ...)
 	NOT-FOR-US: Perception LiteServe
-CVE-2002-1985
+CVE-2002-1985 (iSMTP 5.0.1 allows remote attackers to cause a denial of service via a ...)
 	NOT-FOR-US: iSMTP
-CVE-2002-1984
+CVE-2002-1984 (Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1983
+CVE-2002-1983 (The timer implementation in QNX RTOS 6.1.0 allows local users to cause ...)
 	NOT-FOR-US: QNX
-CVE-2002-1982
+CVE-2002-1982 (Directory traversal vulnerability in the list_directory function in Ic ...)
 	NOTE: verified current version is not vulnerable to exploit
-CVE-2002-1981
+CVE-2002-1981 (Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "publ ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1980
+CVE-2002-1980 (Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 t ...)
 	NOT-FOR-US: Solaris
-CVE-2002-1979
+CVE-2002-1979 (WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclas ...)
 	NOT-FOR-US: Watchguard SOHO
-CVE-2002-1978
+CVE-2002-1978 (IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewa ...)
 	NOT-FOR-US: IPFilter
-CVE-2002-1977
+CVE-2002-1977 (Network Associates PGP 7.0.4 and 7.1 does not time out according to th ...)
 	NOT-FOR-US: Proprietary PGP
-CVE-2002-1976
+CVE-2002-1976 (ifconfig, when used on the Linux kernel 2.2 and later, does not report ...)
 	- net-tools <unfixed> (unimportant)
 	NOTE: This seems to be a misunderstanding of what the PROMISC flag
 	NOTE: is about. ifconfig reports properly when it is set using
 	NOTE: "ifconfig promisc".
-CVE-2002-1975
+CVE-2002-1975 (Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt t ...)
 	NOT-FOR-US: Zaurus hardware
-CVE-2002-1974
+CVE-2002-1974 (The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require a ...)
 	NOT-FOR-US: Zaurus hardware
-CVE-2002-1973
+CVE-2002-1973 (Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (I ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1972
+CVE-2002-1972 (Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch ...)
 	NOT-FOR-US: pp_powerSwitch
-CVE-2002-1971
+CVE-2002-1971 (The ping utility in networking_utils.php in Sourcecraft Networking_Uti ...)
 	NOT-FOR-US: Sourcecraft Networking Utils
-CVE-2002-1970
+CVE-2002-1970 (SnortCenter 0.9.5, when configured to push Snort rules, stores the rul ...)
 	NOT-FOR-US: SnortCenter
-CVE-2002-1969
+CVE-2002-1969 (Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Magic Notebook
-CVE-2002-1968
+CVE-2002-1968 (Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and  ...)
 	NOT-FOR-US: Com21 hardware
-CVE-2002-1967
+CVE-2002-1967 (Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause  ...)
 	NOT-FOR-US: XiRCON
-CVE-2002-1966
+CVE-2002-1966 (Directory traversal vulnerability in magiccard.cgi in My Postcards Pla ...)
 	NOT-FOR-US: My Postcards Platinum
-CVE-2002-1965
+CVE-2002-1965 (Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix Xitam ...)
 	NOT-FOR-US: Imatix Xitami
-CVE-2002-1964
+CVE-2002-1964 (Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote atta ...)
 	NOT-FOR-US: phpEventCalender
-CVE-2002-1963
+CVE-2002-1963 (Linux kernel 2.4.1 through 2.4.19 sets root's NR_RESERVED_FILES limit  ...)
 	NOTE: No kernels in Sarge or sid affected
-CVE-2002-1962
+CVE-2002-1962 (Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to by ...)
 	NOT-FOR-US: SurfinGate
-CVE-2002-1961
+CVE-2002-1961 (Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to by ...)
 	NOT-FOR-US: SurfinGate
-CVE-2002-1960
+CVE-2002-1960 (Cross-site scripting (XSS) vulnerability in Cybozu Share360 1.1 allows ...)
 	NOT-FOR-US: Cybozu Share
-CVE-2002-1959
+CVE-2002-1959 (Nagios 1.0b1 through 1.0b3 allows remote attackers to execute arbitrar ...)
 	NOTE: Nagios was packaged for Debian after these vulnerable versions have been released
-CVE-2002-1958
+CVE-2002-1958 (Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b ...)
 	NOT-FOR-US: kmMail
-CVE-2002-1957
+CVE-2002-1957 (Buffer overflow in the netlog function in pen.c for Pen 0.9.1 and 0.9. ...)
 	- pen <not-affected> (pen was introduced after this old vulnerability)
-CVE-2002-1956
+CVE-2002-1956 (ROX Filer 1.1.9 and 1.2 is installed with world writable permissions,  ...)
 	- rox 1.3.0-1
-CVE-2002-1955
+CVE-2002-1955 (Iomega NAS A300U uses cleartext LANMAN authentication when mounting CI ...)
 	NOT-FOR-US: Iomega hardware issue
-CVE-2002-1954
+CVE-2002-1954 (Cross-site scripting (XSS) vulnerability in the phpinfo function in PH ...)
 	NOTE: According to http://bugs.php.net/bug.php?id=19881 this only affects a
 	NOTE: php function that displays the PHP logo and version information. In the bug
 	NOTE: log the developers seem unwilling to fix this, as it only affects a debug
@@ -1047,1009 +1047,1009 @@ CVE-2002-1954
 	NOTE: can not reproduce in any versions of php4 in the archive.
 	- php4 <not-affected> (bug #349260; low)
 	- php5 5.1.1-1 (bug #336654; low)
-CVE-2002-1953
+CVE-2002-1953 (Heap-based buffer overflow in the goim handler of AOL Instant Messenge ...)
 	NOT-FOR-US: AIM
-CVE-2002-1952
+CVE-2002-1952 (phpRank 1.8 does not properly check the return codes for MySQL operati ...)
 	NOT-FOR-US: phpRank
-CVE-2002-1951
+CVE-2002-1951 (Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to ex ...)
 	NOT-FOR-US: GoAhead WebServer
-CVE-2002-1950
+CVE-2002-1950 (Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote  ...)
 	NOT-FOR-US: phpRank
-CVE-2002-1949
+CVE-2002-1949 (The Network Attached Storage (NAS) Administration Web Page for Iomega  ...)
 	NOT-FOR-US: Iomega NAS
-CVE-2002-1948
+CVE-2002-1948 (Multiple buffer overflows in Gringotts 0.5.9 allows local users to exe ...)
 	- gringotts <not-affected> (fixed before Gringotts was in Debian)
-CVE-2002-1947
+CVE-2002-1947 (Webmin 0.21 through 1.0 uses the same built-in SSL key for all install ...)
 	- webmin 1.000-2
-CVE-2002-1946
+CVE-2002-1946 (Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000 ...)
 	NOT-FOR-US: VNSL
-CVE-2002-1945
+CVE-2002-1945 (Buffer overflow in SmartMail Server 1.0 Beta 10 allows remote attacker ...)
 	NOT-FOR-US: SmailMail
-CVE-2002-1944
+CVE-2002-1944 (Motorola Surfboard 4200 cable modem allows remote attackers to cause a ...)
 	NOT-FOR-US: Motorola Surfboard
-CVE-2002-1943
+CVE-2002-1943 (SafeTP 1.46, when network address translation (NAT) is being used, lea ...)
 	NOT-FOR-US: SafeTP
-CVE-2002-1942
+CVE-2002-1942 (Imatix Xitami 2.5 b5 does not properly terminate certain Keep-Alive co ...)
 	NOT-FOR-US: Imatix
-CVE-2002-1941
+CVE-2002-1941 (Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote a ...)
 	NOT-FOR-US: RadioBird
-CVE-2002-1940
+CVE-2002-1940 (LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes  ...)
 	NOT-FOR-US: LCC-Win32
-CVE-2002-1939
+CVE-2002-1939 (FlashFXP 1.4 prints FTP passwords in plaintext when there are transfer ...)
 	NOT-FOR-US: FlashFXP
-CVE-2002-1938
+CVE-2002-1938 (Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary co ...)
 	NOT-FOR-US: Virgil CGI Scanner
-CVE-2002-1937
+CVE-2002-1937 (Symantec Firewall/VPN Appliance 100 through 200R hardcodes the adminis ...)
 	NOT-FOR-US: Symantex Appliance
-CVE-2002-1936
+CVE-2002-1936 (UTStarcom BAS 1000 3.1.10 creates several default or back door account ...)
 	NOT-FOR-US: UTStarcom
-CVE-2002-1935
+CVE-2002-1935 (Pingtel Xpressa 1.2.5 through 2.0.1 uses predictable (1) Call-ID, (2)  ...)
 	NOT-FOR-US: Pingtel Xpressa
-CVE-2002-1934
+CVE-2002-1934 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 2.0.1 leak ...)
 	NOT-FOR-US: Pingtel Xpressa
-CVE-2002-1933
+CVE-2002-1933 (The terminal services screensaver for Microsoft Windows 2000 does not  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1932
+CVE-2002-1932 (Microsoft Windows XP and Windows 2000, when configured to send adminis ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1931
+CVE-2002-1931 (Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 a ...)
 	NOT-FOR-US: PHP Arena
-CVE-2002-1930
+CVE-2002-1930 (Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attacker ...)
 	NOT-FOR-US: AN HTTPd
-CVE-2002-1929
+CVE-2002-1929 (Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena  ...)
 	NOT-FOR-US: PHP Arena
-CVE-2002-1928
+CVE-2002-1928 (602Pro LAN SUITE 2002 allows remote attackers to view the directory tr ...)
 	NOT-FOR-US: 602Pro LAN SUITE
-CVE-2002-1927
+CVE-2002-1927 (Aquonics File Manager 1.5 allows users with edit privileges to modify  ...)
 	NOT-FOR-US: Aquonics File Manager
-CVE-2002-1926
+CVE-2002-1926 (Directory traversal vulnerability in source.php in Aquonics File Manag ...)
 	NOT-FOR-US: Aquonics File Manager
-CVE-2002-1925
+CVE-2002-1925 (Tiny Personal Firewall 3.0 through 3.0.6 allows remote attackers to ca ...)
 	NOT-FOR-US: Tiny Personal Firewall
-CVE-2002-1924
+CVE-2002-1924 (PowerChute plus 5.0.2 creates a "Pwrchute" directory during installati ...)
 	NOT-FOR-US: Powerchute
-CVE-2002-1923
+CVE-2002-1923 (The default configuration in MySQL 3.20.32 through 3.23.52, when runni ...)
 	- mysql <not-affected> (Windows specific)
-CVE-2002-1922
+CVE-2002-1922 (Cross-site scripting (XSS) vulnerability in global.php in Jelsoft vBul ...)
 	NOT-FOR-US: vBulletin
-CVE-2002-1921
+CVE-2002-1921 (The default configuration of MySQL 3.20.32 through 3.23.52, when runni ...)
 	- mysql <not-affected> (Windows specific)
-CVE-2002-1920
+CVE-2002-1920 (Buffer overflow in FtpXQ 2.5 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: FtpXQ
-CVE-2002-1919
+CVE-2002-1919 (SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remo ...)
 	NOT-FOR-US: VS-ASP
-CVE-2002-1918
+CVE-2002-1918 (Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MD ...)
 	NOT-FOR-US: Microsoft ADO
-CVE-2002-1917
+CVE-2002-1917 (CRLF injection vulnerability in the "User Profile: Send Email" feature ...)
 	NOT-FOR-US: Geeklog
-CVE-2002-1916
+CVE-2002-1916 (Pirch and RusPirch, when auto-log is enabled, allows remote attackers  ...)
 	NOT-FOR-US: Pirch
-CVE-2002-1915
+CVE-2002-1915 (tip on multiple BSD-based operating systems allows local users to caus ...)
 	NOT-FOR-US: tip
-CVE-2002-1914
+CVE-2002-1914 (dump 0.4 b10 through b29 allows local users to cause a denial of servi ...)
 	- dump 0.4b31-1
-CVE-2002-1913
+CVE-2002-1913 (phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbit ...)
 	NOT-FOR-US: myPHPNuke
-CVE-2002-1912
+CVE-2002-1912 (SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable t ...)
 	NOT-FOR-US: SkyStream
-CVE-2002-1911
+CVE-2002-1911 (ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allow ...)
 	NOT-FOR-US: ZoneAlarm
-CVE-2002-1910
+CVE-2002-1910 (Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak  ...)
 	NOT-FOR-US: Ingenium Learning Management System
-CVE-2002-1909
+CVE-2002-1909 (Click2Learn Ingenium Learning Management System 5.1 and 6.1 stores the ...)
 	NOT-FOR-US: Ingenium Learning Management System
-CVE-2002-1908
+CVE-2002-1908 (Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Microsoft IIS
-CVE-2002-1907
+CVE-2002-1907 (TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause  ...)
 	NOT-FOR-US: TelCondex
-CVE-2002-1906
+CVE-2002-1906 (The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attacker ...)
 	NOT-FOR-US: ViaVideo
-CVE-2002-1905
+CVE-2002-1905 (Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allo ...)
 	NOT-FOR-US: ViaVideo
-CVE-2002-1904
+CVE-2002-1904 (Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 thr ...)
 	NOT-FOR-US: ghttpd
-CVE-2002-1903
+CVE-2002-1903 (Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: a ...)
 	- pine 4.62-1 (low)
 	- alpine <not-affected> (alpine is based on pine 4.64, this bug was in a previous version of pine)
 	NOTE: checked listed version, and it didn't have the problem
 	NOTE: pine is non-free (alpine is free)
-CVE-2002-1902
+CVE-2002-1902 (CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: CGIForum
-CVE-2002-1901
+CVE-2002-1901 (Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 a ...)
 	NOT-FOR-US: BBGallery
-CVE-2002-1900
+CVE-2002-1900 (Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote ...)
 	NOT-FOR-US: Pinboard
-CVE-2002-1899
+CVE-2002-1899 (Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and ...)
 	NOT-FOR-US: IceWarp Web Mail
-CVE-2002-1898
+CVE-2002-1898 (Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute ...)
 	NOT-FOR-US: Mac OS X
-CVE-2002-1897
+CVE-2002-1897 (MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a d ...)
 	NOT-FOR-US: MyWebserver
-CVE-2002-1896
+CVE-2002-1896 (Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, all ...)
 	- alsaplayer 0.99.72-1
-CVE-2002-1895
+CVE-2002-1895 (The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using  ...)
 	- tomcat4 <not-affected> (Windows-specific Tomcat problems)
-CVE-2002-1894
+CVE-2002-1894 (Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0 ...)
 	- phpbb2 <not-affected> (Debian package not vulnerable, see #316071, 316295)
-CVE-2002-1893
+CVE-2002-1893 (Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro 1 ...)
 	NOT-FOR-US: ArGoSoft Mail Server
-CVE-2002-1892
+CVE-2002-1892 (NETGEAR FVS318 running firmware 1.1 stores the username and password i ...)
 	NOT-FOR-US: Netgear hardware
-CVE-2002-1891
+CVE-2002-1891 (Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to e ...)
 	NOT-FOR-US: IRCIT
-CVE-2002-1890
+CVE-2002-1890 (rhmask 1.0-9 in Red Hat Linux 7.1 allows local users to overwrite arbi ...)
 	NOT-FOR-US: RedHat specific
-CVE-2002-1889
+CVE-2002-1889 (Off-by-one buffer overflow in the context_action function in context.c ...)
 	NOT-FOR-US: Logsurfer
-CVE-2002-1888
+CVE-2002-1888 (CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to t ...)
 	NOT-FOR-US: CommonName Toolbar
-CVE-2002-1887
+CVE-2002-1887 (PHP remote file inclusion vulnerability in customize.php for phpMyNews ...)
 	NOT-FOR-US: phpMyNewsletter
-CVE-2002-1886
+CVE-2002-1886 (TightAuction 3.0 stores config.inc under the web document root with in ...)
 	NOT-FOR-US: TightAuction
-CVE-2002-1885
+CVE-2002-1885 (PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlo ...)
 	NOT-FOR-US: PPhlogger
-CVE-2002-1884
+CVE-2002-1884 (index.php in Py-Membres 3.1 allows remote attackers to log in as an ad ...)
 	NOT-FOR-US: Py-Membres
-CVE-2002-1883
+CVE-2002-1883 (Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the ...)
 	- qt-x11-free 2:3.0.4-1
-CVE-2002-1882
+CVE-2002-1882 (Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1881
+CVE-2002-1881 (Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attacke ...)
 	- flashplugin-nonfree 6.0.61.0-1
-CVE-2002-1880
+CVE-2002-1880 (LokwaBB 1.2.2 allows remote attackers to read arbitrary messages by mo ...)
 	NOT-FOR-US: LokwaBB
-CVE-2002-1879
+CVE-2002-1879 (SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers t ...)
 	NOT-FOR-US: LokwaBB
-CVE-2002-1878
+CVE-2002-1878 (PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote ...)
 	NOT-FOR-US: w-Agora
-CVE-2002-1877
+CVE-2002-1877 (NETGEAR FM114P allows remote attackers to bypass access restrictions f ...)
 	NOT-FOR-US: Netgear hardware
-CVE-2002-1876
+CVE-2002-1876 (Microsoft Exchange 2000 allows remote authenticated attackers to cause ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1875
+CVE-2002-1875 (Entercept Agent 2.5 agent for Windows, released before May 21, 2002, a ...)
 	NOT-FOR-US: Entercept Agent
-CVE-2002-1874
+CVE-2002-1874 (astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers ...)
 	NOT-FOR-US: Astrocam
-CVE-2002-1873
+CVE-2002-1873 (Microsoft Exchange 2000, when used with Microsoft Remote Procedure Cal ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1872
+CVE-2002-1872 (Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1871
+CVE-2002-1871 (pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid roo ...)
 	NOT-FOR-US: Solaris
-CVE-2002-1870
+CVE-2002-1870 (Simple Web Server (SWS) 0.0.4 through 0.1.0 does not properly handle w ...)
 	NOT-FOR-US: Simple Web Server
-CVE-2002-1869
+CVE-2002-1869 (Heysoft EventSave 5.1 and 5.2 and Heysoft EventSave+ 5.1 and 5.2 does  ...)
 	NOT-FOR-US: Heysoft EventSave
-CVE-2002-1868
+CVE-2002-1868 (Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell ...)
 	NOT-FOR-US: Dispair
-CVE-2002-1867
+CVE-2002-1867 (The default configuration of BizDesign ImageFolio 2.23 through 2.26 do ...)
 	NOT-FOR-US: ImageFolio
-CVE-2002-1866
+CVE-2002-1866 (Simple Web Server (SWS) 0.0.4 through 0.1.0 does not close file descri ...)
 	NOT-FOR-US: Simple Web Server
-CVE-2002-1865
+CVE-2002-1865 (Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI- ...)
 	NOT-FOR-US: Embedded HTTP server
-CVE-2002-1864
+CVE-2002-1864 (Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 thr ...)
 	NOT-FOR-US: Simple Web Server
-CVE-2002-1863
+CVE-2002-1863 (Iomega Network Attached Storage (NAS) A300U, and possibly other models ...)
 	NOT-FOR-US: Iomega NAS
-CVE-2002-1862
+CVE-2002-1862 (SmartMail Server 2.0 allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: SmartMail Server
-CVE-2002-1861
+CVE-2002-1861 (Sybase Enterprise Application Server 4.0, when running on Windows, all ...)
 	NOT-FOR-US: Sybase ASE
-CVE-2002-1860
+CVE-2002-1860 (Pramati Server 3.0, when running on Windows, allows remote attackers t ...)
 	NOT-FOR-US: Pramati
-CVE-2002-1859
+CVE-2002-1859 (Orion Application Server 1.5.3, when running on Windows, allows remote ...)
 	NOT-FOR-US: Orion
-CVE-2002-1858
+CVE-2002-1858 (Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through 9.0.2.0.1 ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1857
+CVE-2002-1857 (jo! jo Webserver 1.0, when running on Windows, allows remote attackers ...)
 	NOT-FOR-US: jo! jo Webserver
-CVE-2002-1856
+CVE-2002-1856 (HP Application Server 8.0, when running on Windows, allows remote atta ...)
 	NOT-FOR-US: HP Application Server
-CVE-2002-1855
+CVE-2002-1855 (Macromedia JRun 3.0 through 4.0, when running on Windows, allows remot ...)
 	NOT-FOR-US: Macromedia JRun
-CVE-2002-1854
+CVE-2002-1854 (Rlaj whois CGI script (whois.cgi) 1.0 allows remote attackers to execu ...)
 	NOT-FOR-US: rlaj whois.cgi
-CVE-2002-1853
+CVE-2002-1853 (Cross-site scripting (XSS) vulnerability in MyNewsGroups 0.4 and 0.4.1 ...)
 	NOT-FOR-US: MyNewsGroups
-CVE-2002-1852
+CVE-2002-1852 (Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote ...)
 	- monkey 0.9.2-1
 	NOTE: Vulnerable code verified not be present in any Debian version
-CVE-2002-1851
+CVE-2002-1851 (Buffer overflow in WS_FTP Pro 7.5 allows remote attackers to execute c ...)
 	NOT-FOR-US: WS_FTP Pro
-CVE-2002-1850
+CVE-2002-1850 (mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly re ...)
 	- apache2 2.0.42-1
-CVE-2002-1849
+CVE-2002-1849 (ParaChat Server 4.0 does not log users off if the browser's back butto ...)
 	NOT-FOR-US: ParaChat
-CVE-2002-1848
+CVE-2002-1848 (TightVNC before 1.2.4 running on Windows stores unencrypted passwords  ...)
 	NOT-FOR-US: TightVNC on Windows only
-CVE-2002-1847
+CVE-2002-1847 (Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2002-1846
+CVE-2002-1846 (Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a use ...)
 	NOT-FOR-US: YaBB
-CVE-2002-1845
+CVE-2002-1845 (Cross-site scripting (XSS) vulnerability in index.php in Yet Another B ...)
 	NOT-FOR-US: YaBB
-CVE-2002-1844
+CVE-2002-1844 (Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, i ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2002-1843
+CVE-2002-1843 (Perlbot 1.9.2 allows remote attackers to execute arbitrary commands vi ...)
 	NOT-FOR-US: Perlbot
-CVE-2002-1842
+CVE-2002-1842 (Perlbot 1.0 beta allows remote attackers to execute arbitrary commands ...)
 	NOT-FOR-US: Perlbot
-CVE-2002-1841
+CVE-2002-1841 (The document management module in NOLA 1.1.1 and 1.1.2 does not restri ...)
 	NOT-FOR-US: Nogusta NOLA
-CVE-2002-1840
+CVE-2002-1840 (irssi IRC client 0.8.4, when downloaded after 14-March-2002, could con ...)
 	NOT-FOR-US: some irssi tarballs contained a backdoor
-CVE-2002-1839
+CVE-2002-1839 (Trend Micro InterScan VirusWall for Windows NT 3.52 does not record th ...)
 	NOT-FOR-US: Trend Micro InterScan VirusWall (Windows NT 3.52)
-CVE-2002-1838
+CVE-2002-1838 (Charities.cron 1.0.2 through 1.6.0 allows local users to write to arbi ...)
 	NOT-FOR-US: Charities.cron
-CVE-2002-1837
+CVE-2002-1837 (The getAlbumToDisplay function in idsShared.pm for Image Display Syste ...)
 	NOT-FOR-US: Image Display System
-CVE-2002-1836
+CVE-2002-1836 (The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exp ...)
 	NOT-FOR-US: Xerox Docutech
-CVE-2002-1835
+CVE-2002-1835 (The default configuration of Xerox DocuTech 6110 and DocuTech 6115 run ...)
 	NOT-FOR-US: Xerox Docutech
-CVE-2002-1834
+CVE-2002-1834 (The default configuration of Xerox DocuTech 6110 and DocuTech 6115 all ...)
 	NOT-FOR-US: Xerox Docutech
-CVE-2002-1833
+CVE-2002-1833 (The default configurations for DocuTech 6110 and DocuTech 6115 have a  ...)
 	NOT-FOR-US: Xerox Docutech
-CVE-2002-1832
+CVE-2002-1832 (Unknown vulnerability in the "ipopts decode" functionality in Firestor ...)
 	NOT-FOR-US: Firestorm IDS
-CVE-2002-1831
+CVE-2002-1831 (Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attacker ...)
 	NOT-FOR-US: Microsoft MSN Messenger Service
-CVE-2002-1830
+CVE-2002-1830 (Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to bypa ...)
 	NOT-FOR-US: Open Bulletin Board
-CVE-2002-1829
+CVE-2002-1829 (Cross-site scripting (XSS) vulnerability in codeparse.php in Open Bull ...)
 	NOT-FOR-US: Open Bulletin Board
-CVE-2002-1828
+CVE-2002-1828 (Savant Webserver 3.1 allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: Savant Webserver
-CVE-2002-1827
+CVE-2002-1827 (Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of  ...)
 	- sendmail 8.12-4
-CVE-2002-1826
+CVE-2002-1826 (grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass  ...)
 	- kernel-patch-2.4-grsecurity 1.9.6-1
-CVE-2002-1825
+CVE-2002-1825 (Format string vulnerability in PerlRTE_example1.pl in WASD 7.1, 7.2.0  ...)
 	NOT-FOR-US: WASD
-CVE-2002-1824
+CVE-2002-1824 (Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a ...)
 	NOT-FOR-US: MSIE
-CVE-2002-1823
+CVE-2002-1823 (Buffer overflow in the HttpGetRequest function in Zeroo HTTP server 1. ...)
 	NOT-FOR-US: Zeroo
-CVE-2002-1822
+CVE-2002-1822 (IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the pa ...)
 	NOT-FOR-US: IBM HTTP Server on AS/400
-CVE-2002-1821
+CVE-2002-1821 (Ultimate PHP Board (UPB) 1.0 and 1.0b allows remote authenticated user ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2002-1820
+CVE-2002-1820 (register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administ ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2002-1819
+CVE-2002-1819 (Directory traversal vulnerability in TinyHTTPD 0.1 .0 allows remote at ...)
 	NOT-FOR-US: TinyHTTPD
-CVE-2002-1818
+CVE-2002-1818 (ezhttpbench.php in eZ httpbench 1.1 allows remote attackers to read ar ...)
 	NOT-FOR-US: httpbench
-CVE-2002-1817
+CVE-2002-1817 (Unknown vulnerability in Veritas Cluster Server (VCS) 1.2 for WindowsN ...)
 	NOT-FOR-US: Veritas
-CVE-2002-1816
+CVE-2002-1816 (Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ...)
 	NOT-FOR-US: ATPhttpd
-CVE-2002-1815
+CVE-2002-1815 (Directory traversal vulnerability in source.php and source.cgi in Aquo ...)
 	NOT-FOR-US: Aquonics
-CVE-2002-1814
+CVE-2002-1814 (Buffer overflow in efstools in Bonobo, when installed setuid, allows l ...)
 	- bonobo <not-affected> (efstool not suid on Debian)
-CVE-2002-1813
+CVE-2002-1813 (Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2 ...)
 	NOT-FOR-US: AIM
-CVE-2002-1812
+CVE-2002-1812 (Buffer overflow in gdam123 0.933 and 0.942 allows local users to execu ...)
 	NOT-FOR-US: gdam123
-CVE-2002-1811
+CVE-2002-1811 (Belkin F5D6130 Wireless Network Access Point running firmware AP14G8 a ...)
 	NOT-FOR-US: Belkin F5D6130 Wireless Network Access Point
-CVE-2002-1810
+CVE-2002-1810 (D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to  ...)
 	NOT-FOR-US: D-Link DWL-900AP+ Access Point
-CVE-2002-1809
+CVE-2002-1809 (The default configuration of the Windows binary release of MySQL 3.23. ...)
 	NOT-FOR-US: MySQL windows binary
-CVE-2002-1808
+CVE-2002-1808 (Cross-site scripting (XSS) vulnerability in Meunity Community System 1 ...)
 	NOT-FOR-US: Meunity
-CVE-2002-1807
+CVE-2002-1807 (Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows re ...)
 	NOT-FOR-US: phpWebSite
-CVE-2002-1806
+CVE-2002-1806 (Cross-site scripting (XSS) vulnerability in Drupal 4.0.0 allows remote ...)
 	NOT-FOR-US: Drupal
-CVE-2002-1805
+CVE-2002-1805 (Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote ...)
 	- dacode <removed> (bug #322605; low)
 	[sarge] - dacode <no-dsa> (Minor issue; attacker would need to bypass moderator review/approval)
 	NOTE: Sarge is affected (has same version as testing/unstable)
-CVE-2002-1804
+CVE-2002-1804 (Cross-site scripting (XSS) vulnerability in NPDS 4.8 allows remote att ...)
 	NOT-FOR-US: NPDS
-CVE-2002-1803
+CVE-2002-1803 (Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2002-1802
+CVE-2002-1802 (Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows remot ...)
 	NOT-FOR-US: Xoops
-CVE-2002-1801
+CVE-2002-1801 (ImageFolio 2.23 through 2.27 allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: ImageFolio
-CVE-2002-1800
+CVE-2002-1800 (phpRank 1.8 stores the administrative password in plaintext on the ser ...)
 	NOT-FOR-US: phpRank
-CVE-2002-1799
+CVE-2002-1799 (Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote  ...)
 	NOT-FOR-US: phpRank
-CVE-2002-1798
+CVE-2002-1798 (MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) up ...)
 	NOT-FOR-US: MidiCart
-CVE-2002-1797
+CVE-2002-1797 (ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and 815 ...)
 	NOT-FOR-US: ChaiVM
-CVE-2002-1796
+CVE-2002-1796 (ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 41 ...)
 	NOT-FOR-US: ChaiVM
-CVE-2002-1795
+CVE-2002-1795 (Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft T ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1794
+CVE-2002-1794 (Unknown vulnerability in pam_authz in the LDAP-UX Integration product  ...)
 	NOT-FOR-US: HP ldapux-pamauthz
-CVE-2002-1793
+CVE-2002-1793 (HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS ...)
 	NOT-FOR-US: HP Virtualvault OS
-CVE-2002-1792
+CVE-2002-1792 (Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers ...)
 	NOT-FOR-US: Fake Identd
-CVE-2002-1791
+CVE-2002-1791 (SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world ...)
 	NOT-FOR-US: SGI IRIX
-CVE-2002-1790
+CVE-2002-1790 (The SMTP service in Microsoft Internet Information Services (IIS) 4.0  ...)
 	NOT-FOR-US: microsoft
-CVE-2002-1789
+CVE-2002-1789 (Format string vulnerability in newsx NNTP client before 1.4.8 allows l ...)
 	- newsx 1.4pl6.0-2
-CVE-2002-1788
+CVE-2002-1788 (Format string vulnerability in the nn_exitmsg function in nn 6.6.0 thr ...)
 	- nn 6.6.4-1
-CVE-2002-1787
+CVE-2002-1787 (Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through  ...)
 	NOT-FOR-US: SGI IRIX
-CVE-2002-1786
+CVE-2002-1786 (SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, ...)
 	NOT-FOR-US: SGI IRIX
-CVE-2002-1785
+CVE-2002-1785 (Cross-site scripting (XSS) vulnerability in Zeus Administration Server ...)
 	NOT-FOR-US: Zeus Administration Server
-CVE-2002-1784
+CVE-2002-1784 (Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allo ...)
 	NOT-FOR-US: HP Tru64
-CVE-2002-1783
+CVE-2002-1783 (CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_ur ...)
 	- php4 4:4.3.10-15
-CVE-2002-1782
+CVE-2002-1782 (The default configuration of University of Washington IMAP daemon (wu- ...)
 	- uw-imap 7:2002ddebian1-2 (bug #315499; unimportant)
 	NOTE: This only applies to very exotic setups. It's also documented in the FAQ
 	NOTE: and if someone has such a setup she will have to recompile the package with
 	NOTE: the security features enabled.
-CVE-2002-1781
+CVE-2002-1781 (Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote ...)
 	NOT-FOR-US: DeleGate
-CVE-2002-1780
+CVE-2002-1780 (BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a ...)
 	NOT-FOR-US: BPM Studio Pro
-CVE-2002-1779
+CVE-2002-1779 (The "block fragmented IP Packets" option in Symantec Norton Personal F ...)
 	NOT-FOR-US: Norton
-CVE-2002-1778
+CVE-2002-1778 (Symantec Norton Personal Firewall 2002 allows remote attackers to bypa ...)
 	NOT-FOR-US: Norton
-CVE-2002-1777
+CVE-2002-1777 (** DISPUTED ** NOTE: this issue has been disputed by the vendor. Syman ...)
 	NOT-FOR-US: Symantec
-CVE-2002-1776
+CVE-2002-1776 (** DISPUTED ** NOTE: this issue has been disputed by the vendor. Syman ...)
 	NOT-FOR-US: Symantec
-CVE-2002-1775
+CVE-2002-1775 (** DISPUTED ** NOTE: this issue has been disputed by the vendor. Syman ...)
 	NOT-FOR-US: Symantec
-CVE-2002-1774
+CVE-2002-1774 (** DISPUTED ** NOTE: this issue has been disputed by the vendor. Syman ...)
 	NOT-FOR-US: Symantec
-CVE-2002-1773
+CVE-2002-1773 (Buffer overflow in ICQ 2.6x for MacOS X 10.0 through 10.1.2 allows rem ...)
 	NOT-FOR-US: ICQ for MacOS X
-CVE-2002-1772
+CVE-2002-1772 (Novell Netware 5.0 through 5.1 may allow local users to gain "Domain A ...)
 	NOT-FOR-US: Novell Netware
-CVE-2002-1771
+CVE-2002-1771 (Matt Wright FormMail 1.9 and earlier allows remote attackers to send s ...)
 	NOT-FOR-US: FormMail
-CVE-2002-1770
+CVE-2002-1770 (Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code  ...)
 	NOT-FOR-US: Eudora
-CVE-2002-1769
+CVE-2002-1769 (Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_A ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1768
+CVE-2002-1768 (Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows  ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1767
+CVE-2002-1767 (Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for Linu ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1766
+CVE-2002-1766 (Buffer overflow in Composer in Netscape 4.77 allows local users to ove ...)
 	NOT-FOR-US: Netscape
 	NOTE: didn't check mozilla
-CVE-2002-1765
+CVE-2002-1765 (Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of ...)
 	- evolution 1.0.5
-CVE-2002-1764
+CVE-2002-1764 (acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to o ...)
 	NOT-FOR-US: acrobat
-CVE-2002-1763
+CVE-2002-1763 (The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" an ...)
 	NOT-FOR-US: dtscreen Sun Solaris 8 CDE screensaver
-CVE-2002-1762
+CVE-2002-1762 (Microsoft Baseline Security Analyzer (MBSA) 1.0 stores security scans  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1761
+CVE-2002-1761 (Directory traversal vulnerability in PHProjekt 2.0 through 3.1 allows  ...)
 	NOT-FOR-US: PHProjekt
-CVE-2002-1760
+CVE-2002-1760 (Multiple SQL injection vulnerabilities in PHProjekt 2.0 through 3.1 al ...)
 	NOT-FOR-US: PHProjekt
-CVE-2002-1759
+CVE-2002-1759 (The upload function in PHProjekt 2.0 through 3.1 does not properly ver ...)
 	NOT-FOR-US: PHProjekt
-CVE-2002-1758
+CVE-2002-1758 (PHProjekt 2.0 through 3.1 allows remote attackers to view or modify da ...)
 	NOT-FOR-US: PHProjekt
-CVE-2002-1757
+CVE-2002-1757 (PHProjekt 2.0 through 3.1 relies on the $PHP_SELF variable for authent ...)
 	NOT-FOR-US: PHProjekt
-CVE-2002-1756
+CVE-2002-1756 (ACDSee 4.0 allows remote attackers to cause a denial of service (crash ...)
 	NOT-FOR-US: ACDSee
-CVE-2002-1755
+CVE-2002-1755 (tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets,  ...)
 	- tinc 1.0pre5
-CVE-2002-1754
+CVE-2002-1754 (Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows loca ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2002-1753
+CVE-2002-1753 (csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows  ...)
 	NOT-FOR-US: csNews
-CVE-2002-1752
+CVE-2002-1752 (csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers t ...)
 	NOT-FOR-US: csChat-R-Box
-CVE-2002-1751
+CVE-2002-1751 (csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attacke ...)
 	NOT-FOR-US: csLiveSupport
-CVE-2002-1750
+CVE-2002-1750 (csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attacke ...)
 	NOT-FOR-US: csGuestbook
-CVE-2002-1749
+CVE-2002-1749 (Windows 2000 Terminal Services, when using the disconnect feature of t ...)
 	NOT-FOR-US: Windows 2000 Terminal Services
-CVE-2002-1748
+CVE-2002-1748 (Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in ...)
 	- slash 2.2.3
-CVE-2002-1747
+CVE-2002-1747 (Vtun 2.5b1 does not authenticate forwarded packets, which allows remot ...)
 	- vtun 2.5b2
-CVE-2002-1746
+CVE-2002-1746 (Vtun 2.5b1 allows remote attackers to inject data into user sessions b ...)
 	- vtun 2.5b2
-CVE-2002-1745
+CVE-2002-1745 (Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5. ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1744
+CVE-2002-1744 (Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1743
+CVE-2002-1743 (AOL ICQ 2002a Build 3722 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: AOL ICQ
-CVE-2002-1742
+CVE-2002-1742 (SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary ...)
 	- soap-lite 0.55
-CVE-2002-1741
+CVE-2002-1741 (Directory traversal vulnerability in WorldClient.cgi in WorldClient fo ...)
 	NOT-FOR-US: WorldClient
-CVE-2002-1740
+CVE-2002-1740 (Buffer overflow in WorldClient.cgi in WorldClient in Alt-N Technologie ...)
 	NOT-FOR-US: WorldClient
-CVE-2002-1739
+CVE-2002-1739 (Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption al ...)
 	NOT-FOR-US: Alt-N Technologies Mdaemon
-CVE-2002-1738
+CVE-2002-1738 (Alt-N Technologies MDaemon 5.0.5.0 and earlier creates a default MDaem ...)
 	NOT-FOR-US: Alt-N Technologies Mdaemon
-CVE-2002-1737
+CVE-2002-1737 (Astaro Security Linux 2.016 creates world-writable files and directori ...)
 	NOT-FOR-US: Astaro Security Linux
-CVE-2002-1736
+CVE-2002-1736 (Unknown vulnerability in CGINews before 1.06 allow remote attackers to ...)
 	NOT-FOR-US: CGINews
-CVE-2002-1735
+CVE-2002-1735 (Buffer overflow in dlogin 1.0a could allow local users to gain privile ...)
 	NOT-FOR-US: dlogin
-CVE-2002-1734
+CVE-2002-1734 (NewsPro 1.01 allows remote attackers to gain unauthorized administrato ...)
 	NOT-FOR-US: NewsPro
-CVE-2002-1733
+CVE-2002-1733 (Cross-site scripting (XSS) vulnerability in the web-based message boar ...)
 	NOT-FOR-US: Prospero MessageBoards
-CVE-2002-1732
+CVE-2002-1732 (Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog ...)
 	NOT-FOR-US: Actinic Catalog
-CVE-2002-1731
+CVE-2002-1731 (The System Request menu in IBM AS/400 allows local users to list valid ...)
 	NOT-FOR-US: IBM AS/400
-CVE-2002-1730
+CVE-2002-1730 (ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary mess ...)
 	NOT-FOR-US: ASPjar Guestbook
-CVE-2002-1729
+CVE-2002-1729 (Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allo ...)
 	NOT-FOR-US: ASPjar Guestbook
-CVE-2002-1728
+CVE-2002-1728 (askSam Web Publisher 1.0 and 4.0 allows remote attackers to determine  ...)
 	NOT-FOR-US: askSam Web Publisher
-CVE-2002-1727
+CVE-2002-1727 (Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_ ...)
 	NOT-FOR-US: askSam Web Publisher
-CVE-2002-1726
+CVE-2002-1726 (secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authen ...)
 	NOT-FOR-US: PhotoDB
-CVE-2002-1725
+CVE-2002-1725 (phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain ...)
 	NOT-FOR-US: PHPImageView
-CVE-2002-1724
+CVE-2002-1724 (Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPIm ...)
 	NOT-FOR-US: PHPImageView
-CVE-2002-1723
+CVE-2002-1723 (Powerboards 2.2b allows remote attackers to view the full path to the  ...)
 	NOT-FOR-US: Powerboards
-CVE-2002-1722
+CVE-2002-1722 (Logitech iTouch keyboards allows attackers with physical access to the ...)
 	NOT-FOR-US: microsoft
-CVE-2002-1721
+CVE-2002-1721 (Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attacker ...)
 	- altermime <not-affected> (fixed before the first Debian upload)
-CVE-2002-1720
+CVE-2002-1720 (SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows rem ...)
 	NOT-FOR-US: Spooky Login
-CVE-2002-1719
+CVE-2002-1719 (Unknown vulnerability in Bavo 0.3 allows remote attackers to modify po ...)
 	NOT-FOR-US: Bavo
-CVE-2002-1718
+CVE-2002-1718 (Microsoft Internet Information Server (IIS) 5.1 may allow remote attac ...)
 	NOT-FOR-US: microsoft
-CVE-2002-1717
+CVE-2002-1717 (Microsoft Internet Information Server (IIS) 5.1 allows remote attacker ...)
 	NOT-FOR-US: microsoft
-CVE-2002-1716
+CVE-2002-1716 (The Host() function in the Microsoft spreadsheet component on Microsof ...)
 	NOT-FOR-US: microsoft
-CVE-2002-1715
+CVE-2002-1715 (SSH 1 through 3, and possibly other versions, allows local users to by ...)
 	- openssh <not-affected> ("SecurityFocus staff have been unable to reproduce this vulnerability with OpenSSH version 3.1p1.")
-CVE-2002-1714
+CVE-2002-1714 (Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to ...)
 	NOT-FOR-US: microsoft
-CVE-2002-1713
+CVE-2002-1713 (The Standard security setting for Mandrake-Security package (msec) in  ...)
 	NOT-FOR-US: msec
-CVE-2002-1712
+CVE-2002-1712 (Microsoft Windows 2000 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: microsoft
-CVE-2002-1711
+CVE-2002-1711 (BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX direc ...)
 	NOT-FOR-US: BasiliX
-CVE-2002-1710
+CVE-2002-1710 (The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 doe ...)
 	NOT-FOR-US: BasiliX
-CVE-2002-1709
+CVE-2002-1709 (SQL injection vulnerability in BasiliX Webmail 1.10 allows remote atta ...)
 	NOT-FOR-US: BasiliX
-CVE-2002-1708
+CVE-2002-1708 (Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allow ...)
 	NOT-FOR-US: BasiliX
-CVE-2002-1707
+CVE-2002-1707 (install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "re ...)
 	- phpbb2 2.0.6c-1
-CVE-2002-1706
+CVE-2002-1706 (Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7 ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1705
+CVE-2002-1705 (Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to ...)
 	NOT-FOR-US: microsoft
-CVE-2002-1704
+CVE-2002-1704 (Zeroboard 4.1, when the "allow_url_fopen" and "register_globals" varia ...)
 	NOT-FOR-US: Zeroboard
-CVE-2002-1703
+CVE-2002-1703 (Cross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft Ne ...)
 	NOT-FOR-US: NetAuction
-CVE-2002-1702
+CVE-2002-1702 (Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifie ...)
 	NOT-FOR-US: DeltaScripts PHP Classifieds
-CVE-2002-1700
+CVE-2002-1700 (Cross-site scripting vulnerability (XSS) in the missing template handl ...)
 	NOT-FOR-US: ColdFusion
-CVE-2002-1699
+CVE-2002-1699 (SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 al ...)
 	NOT-FOR-US: ASP Client Check
-CVE-2002-1698
+CVE-2002-1698 (Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 all ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1697
+CVE-2002-1697 (Electronic Code Book (ECB) mode in VTun 2.0 through 2.5 uses a weak en ...)
 	- vtun 2.6-1
-CVE-2002-1696
+CVE-2002-1696 (Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently s ...)
 	NOT-FOR-US: Microsoft Outlook plugin
-CVE-2002-1695
+CVE-2002-1695 (Norton Internet Security 2001 opens log files with FILE_SHARE_READ and ...)
 	NOT-FOR-US: Norton
-CVE-2002-1694
+CVE-2002-1694 (Microsoft Internet Information Server (IIS) 4.0 opens log files with F ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1692
+CVE-2002-1692 (Buffer overflow in backup utility of Microsoft Windows 95 allows attac ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1691
+CVE-2002-1691 (Alcatel OmniPCX 4400 installs known user accounts and passwords in the ...)
 	NOT-FOR-US: Alcatel hardware issue
-CVE-2002-1690
+CVE-2002-1690 (Unknown vulnerability in AIX before 4.0 with unknown attack vectors an ...)
 	NOT-FOR-US: AIX
-CVE-2002-1689
+CVE-2002-1689 (Unknown vulnerability in the login program on AIX before 4.0 could all ...)
 	NOT-FOR-US: AIX
-CVE-2002-1688
+CVE-2002-1688 (The browser history feature in Microsoft Internet Explorer 5.5 through ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1687
+CVE-2002-1687 (Buffer overflow in the diagnostics library in AIX allows local users t ...)
 	NOT-FOR-US: AIX
-CVE-2002-1686
+CVE-2002-1686 (Buffer overflow in lscfg of unknown versions of AIX has unknown impact ...)
 	NOT-FOR-US: AIX
-CVE-2002-1685
+CVE-2002-1685 (Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition ...)
 	NOT-FOR-US: BadBlue Enterprise Edition
-CVE-2002-1684
+CVE-2002-1684 (Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2)  ...)
 	NOT-FOR-US: Deerfield D2Gfx
-CVE-2002-1683
+CVE-2002-1683 (Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1 ...)
 	NOT-FOR-US: BadBlue Personal Edition
-CVE-2002-1682
+CVE-2002-1682 (NewsReactor 1.0 uses a weak encryption scheme, which could allow local ...)
 	NOT-FOR-US: NewsReactor
-CVE-2002-1681
+CVE-2002-1681 (Cross-site scripting (XSS) vulnerability in Slashcode CVS releases Jun ...)
 	- slash <not-affected> (Only present in intermediate CVS version, not released in Debian)
-CVE-2002-1680
+CVE-2002-1680 (Cross-site scripting (XSS) vulnerability in CGI Online Worldweb Shoppi ...)
 	NOT-FOR-US: COWS
-CVE-2002-1679
+CVE-2002-1679 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 2.2.0 al ...)
 	NOT-FOR-US: vBulletin
-CVE-2002-1678
+CVE-2002-1678 (Cross-site scripting (XSS) vulnerability in memberlist.php in Jelsoft  ...)
 	NOT-FOR-US: vBulletin
-CVE-2002-1677
+CVE-2002-1677 (14all.cgi 1.1p15 in mrtgconfig allows remote attackers to determine th ...)
 	NOT-FOR-US: mrtgconfig
-CVE-2002-1676
+CVE-2002-1676 (BindView NetInventory 1.0, when used with NetRC 1.0, allows local user ...)
 	NOT-FOR-US: BindView NetInventory
-CVE-2002-1675
+CVE-2002-1675 (Format string vulnerability in the Cio_PrintF function of cio_main.c i ...)
 	NOT-FOR-US: Unreal IRCd
-CVE-2002-1674
+CVE-2002-1674 (procfs on FreeBSD before 4.5 allows local users to cause a denial of s ...)
 	- kfreebsd-source <not-affected> (kfreebsd/Debian uses a much more recent kernel)
-CVE-2002-1673
+CVE-2002-1673 (The web interface for Webmin 0.92 does not properly quote or filter sc ...)
 	- webmin 0.93 (medium)
-CVE-2002-1672
+CVE-2002-1672 (Webmin 0.92, when installed from an RPM, creates /var/webmin with inse ...)
 	- webmin <not-affected> (packaging flaw of an unknown RPM based distro)
 	NOTE: Permissions of Debian's webmin package look sane and FHS compliant
-CVE-2002-1671
+CVE-2002-1671 (Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1670
+CVE-2002-1670 (Microsoft Windows XP Professional upgrade edition overwrites previousl ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1669
+CVE-2002-1669 (pkg_add in FreeBSD 4.2 through 4.4 creates a temporary directory with  ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-1668
+CVE-2002-1668 (HP-UX 11.11 and earlier allows local users to cause a denial of servic ...)
 	NOT-FOR-US: HP-UX
-CVE-2002-1667
+CVE-2002-1667 (The virtual memory management system in FreeBSD 4.5-RELEASE and earlie ...)
 	- kfreebsd-source <not-affected> (kfreebsd/Debian uses a much more recent kernel)
-CVE-2002-1666
+CVE-2002-1666 (Unknown vulnerability in Oracle E-Business Suite 11i.1 through 11i.6 a ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1665
+CVE-2002-1665 (Buffer overflow in Yahoo! Messenger before February 2002 allows remote ...)
 	NOT-FOR-US: Yahoo Messenger
-CVE-2002-1664
+CVE-2002-1664 (Yahoo! Messenger before February 2002 allows remote attackers to add a ...)
 	NOT-FOR-US: Yahoo Messenger
-CVE-2002-1663
+CVE-2002-1663 (The Post_Method function in method.c for Monkey HTTP Daemon before 0.5 ...)
 	NOT-FOR-US: Monkey
-CVE-2002-1662
+CVE-2002-1662 (Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Serv ...)
 	NOT-FOR-US: Mambo
-CVE-2002-1660
+CVE-2002-1660 (calendar.php in vBulletin before 2.2.0 allows remote attackers to exec ...)
 	NOT-FOR-US: vBulletin
-CVE-2002-1659
+CVE-2002-1659 (user_profile.asp in PortalApp 2.2 allows local users to gain privilege ...)
 	NOT-FOR-US: PortalApp
-CVE-2002-1661
+CVE-2002-1661 (The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attacke ...)
 	- leafnode <not-affected> (Leafnode2 development branch)
-CVE-2002-1658
+CVE-2002-1658 (Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow atta ...)
 	- apache 1.3.31-1
-CVE-2002-1657
+CVE-2002-1657 (PostgreSQL uses the username for a salt when generating passwords, whi ...)
 	- postgresql <unfixed> (unimportant)
 	NOTE: This is not a real world problem; it's only applicable in rare circurstances
 	NOTE: like someone analysing stolen user database information and even then the gain
 	NOTE: is slim. In that case SHA256 hashes would be more appropriate anyway.
-CVE-2002-1656
+CVE-2002-1656 (X-News (x_news) 1.1 and earlier allows attackers to authenticate as ot ...)
 	NOT-FOR-US: X-News
-CVE-2002-1655
+CVE-2002-1655 (The Web Publishing feature in Netscape Enterprise Server 3.x and iPlan ...)
 	NOT-FOR-US: Netscape Enterprise Server
-CVE-2002-1654
+CVE-2002-1654 (iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4 ...)
 	NOT-FOR-US: iPlanet Web Server Enterprise Edition and Netscape Enterprise Server
-CVE-2002-1653
+CVE-2002-1653 (Farm9 Cryptcat, when started in server mode with the -e option, does n ...)
 	- cryptcat 20031202-2
 	NOTE: don't know when it was fixed, verified above version is ok
-CVE-2002-1652
+CVE-2002-1652 (Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers t ...)
 	- cgiemail 1.6-14
-CVE-2002-1651
+CVE-2002-1651 (Cross-site scripting (XSS) vulnerability in Verity Search97 allows rem ...)
 	NOT-FOR-US: Verity Search97
-CVE-2002-1650
+CVE-2002-1650 (The spell checker plugin (check_me.mod.php) for SquirrelMail before 1. ...)
 	- squirrelmail 1:1.2.3
-CVE-2002-1649
+CVE-2002-1649 (Cross-site scripting (XSS) vulnerability in read_body.php in SquirrelM ...)
 	- squirrelmail 1:1.2.3
-CVE-2002-1648
+CVE-2002-1648 (Cross-site request forgery (CSRF) vulnerability in compose.php in Squi ...)
 	- squirrelmail 1:1.2.3
-CVE-2002-1647
+CVE-2002-1647 (The quick login feature in Slash Slashcode does not redirect the user  ...)
 	- slash 2.2.6-8 (bug #160579; low)
 	[sarge] - slash <no-dsa> (Minor security implications)
-CVE-2002-1646
+CVE-2002-1646 (SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to ...)
 	NOT-FOR-US: commercial ssh
-CVE-2002-1645
+CVE-2002-1645 (Buffer overflow in the URL catcher feature for SSH Secure Shell for Wo ...)
 	NOT-FOR-US: commercial ssh
-CVE-2002-1644
+CVE-2002-1644 (SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0 ...)
 	NOT-FOR-US: commercial ssh
-CVE-2002-1643
+CVE-2002-1643 (Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 ( ...)
 	NOT-FOR-US: RealNetworks Helix Universal Server
-CVE-2002-1642
+CVE-2002-1642 (PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction lo ...)
 	- postgresql 7.2.3
-CVE-2002-1641
+CVE-2002-1641 (Multiple buffer overflows in Oracle Web Cache for Oracle 9i Applicatio ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1640
+CVE-2002-1640 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle Configur ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1639
+CVE-2002-1639 (Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote ...)
 	NOT-FOR-US: Oracle
 CVE-2002-1638
 	REJECTED
-CVE-2002-1637
+CVE-2002-1637 (Multiple components in Oracle 9i Application Server (9iAS) are install ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1636
+CVE-2002-1636 (Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1635
+CVE-2002-1635 (The Apache configuration file (httpd.conf) in Oracle 9i Application Se ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1634
+CVE-2002-1634 (Novell NetWare 5.1 installs sample applications that allow remote atta ...)
 	NOT-FOR-US: NetWare
-CVE-2002-1633
+CVE-2002-1633 (Multiple buffer overflows in QNX 4.25 may allow local users to execute ...)
 	NOT-FOR-US: QNX
-CVE-2002-1632
+CVE-2002-1632 (Oracle 9i Application Server (9iAS) installs multiple sample pages tha ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1631
+CVE-2002-1631 (SQL injection vulnerability in the query.xsql sample page in Oracle 9i ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1630
+CVE-2002-1630 (The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) al ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1629
+CVE-2002-1629 (Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST,  ...)
 	NOT-FOR-US: Multi-Tech ProxyServer
-CVE-2002-1628
+CVE-2002-1628 (Directory traversal vulnerability in vote.cgi for Mike Spice Mike's Vo ...)
 	NOT-FOR-US: Mike Spice Mike's Vote CGI
-CVE-2002-1627
+CVE-2002-1627 (Directory traversal vulnerability in quiz.cgi for Mike Spice Quiz Me!  ...)
 	NOT-FOR-US: Mike Spice Quiz CGI
-CVE-2002-1626
+CVE-2002-1626 (Directory traversal vulnerability in Mike Spice My Calendar before 1.5 ...)
 	NOT-FOR-US: Mike Spice My Calendar
-CVE-2002-1625
+CVE-2002-1625 (Macromedia Flash Player 6 does not terminate connections when the user ...)
 	- flashplugin-nonfree 6.0.61.0-1
-CVE-2002-1624
+CVE-2002-1624 (Buffer overflow in Lotus Domino web server before R5.0.10, when loggin ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2002-1623
+CVE-2002-1623 (The design of the Internet Key Exchange (IKE) protocol, when using Agg ...)
 	NOT-FOR-US: General protocol flaw, cannot be fixed
-CVE-2002-1622
+CVE-2002-1622 (Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow attac ...)
 	NOT-FOR-US: AIX
-CVE-2002-1621
+CVE-2002-1621 (Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and ...)
 	NOT-FOR-US: AIX
-CVE-2002-1620
+CVE-2002-1620 (Unknown vulnerability in IBM AIX Parallel Systems Support Programs (PS ...)
 	NOT-FOR-US: AIX
-CVE-2002-1619
+CVE-2002-1619 (Buffer overflow in the FC client for IBM AIX 4.3.x allows remote attac ...)
 	NOT-FOR-US: AIX
-CVE-2002-1618
+CVE-2002-1618 (JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not p ...)
 	NOT-FOR-US: HP-UX
-CVE-2002-1617
+CVE-2002-1617 (Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to ex ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1616
+CVE-2002-1616 (Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and  ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1615
+CVE-2002-1615 (Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and  ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1614
+CVE-2002-1614 (Buffer overflow in HP Tru64 UNIX allows local users to execute arbitra ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1613
+CVE-2002-1613 (Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1612
+CVE-2002-1612 (Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and  ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1611
+CVE-2002-1611 (Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4. ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1610
+CVE-2002-1610 (Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g,  ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1609
+CVE-2002-1609 (Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1608
+CVE-2002-1608 (Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g,  ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1607
+CVE-2002-1607 (Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1606
+CVE-2002-1606 (Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and  ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1605
+CVE-2002-1605 (Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1604
+CVE-2002-1604 (Multiple buffer overflows in HP Tru64 UNIX allow local and possibly re ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1603
+CVE-2002-1603 (GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain ...)
 	NOT-FOR-US: GoAhead Web Server
-CVE-2002-1602
+CVE-2002-1602 (Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE ...)
 	- screen <not-affected> (HAVE_BRAILLE not set in binary build)
-CVE-2002-1601
+CVE-2002-1601 (The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe d ...)
 	NOT-FOR-US: Adobe PhotoDeluxe
-CVE-2002-1600
+CVE-2002-1600 (Directory traversal vulnerability in Mike Spice's My Classifieds (clas ...)
 	NOT-FOR-US: Mike Spice's My Classifieds
-CVE-2002-1599
+CVE-2002-1599 (DansGuardian before 2.4.5-1 allows remote attackers to bypass content  ...)
 	- dansguardian 2.4.5-1
-CVE-2002-1598
+CVE-2002-1598 (Buffer overflows in Computer Associates MLink (CA-MLink) 6.5 and earli ...)
 	NOT-FOR-US: Computer Associates MLink
-CVE-2002-1597
+CVE-2002-1597 (Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attacker ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1596
+CVE-2002-1596 (Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attacker ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1595
+CVE-2002-1595 (Cisco SN 5420 Storage Router 1.1(5) and earlier allows attackers to re ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1594
+CVE-2002-1594 (Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a sy ...)
 	- shadow <not-affected> (Debian's pwck and grpck do not overflow and are not suid)
-CVE-2002-1593
+CVE-2002-1593 (mod_dav in Apache before 2.0.42 does not properly handle versioning ho ...)
 	- apache2 2.0.42
-CVE-2002-1592
+CVE-2002-1592 (The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI app ...)
 	- apache2 2.0.36
-CVE-2002-1591
+CVE-2002-1591 (AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted  ...)
 	NOT-FOR-US: AIM in MSIE
-CVE-2002-1590
+CVE-2002-1590 (The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) ...)
 	NOT-FOR-US: Solaris
-CVE-2002-1589
+CVE-2002-1589 (Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_D ...)
 	NOT-FOR-US: Solaris
-CVE-2002-1588
+CVE-2002-1588 (Mailtool for OpenWindows 3.6, 3.6.1, and 3.6.2 allows remote attackers ...)
 	NOT-FOR-US: Mailtool for OpenWindows
-CVE-2002-1587
+CVE-2002-1587 (The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 all ...)
 	NOT-FOR-US: Solaris
-CVE-2002-1586
+CVE-2002-1586 (Solaris 2.5.1 through 9 allows local users to cause a denial of servic ...)
 	NOT-FOR-US: Solaris
-CVE-2002-1585
+CVE-2002-1585 (Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for S ...)
 	NOT-FOR-US: Solaris
-CVE-2002-1584
+CVE-2002-1584 (Unknown vulnerability in the AUTH_DES authentication for RPC in Solari ...)
 	NOT-FOR-US: Solaris
-CVE-2002-1583
+CVE-2002-1583 (Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Datab ...)
 	NOT-FOR-US: IBM DB2
-CVE-2002-1582
+CVE-2002-1582 (compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail a ...)
 	[woody] - mailreader <not-affected> (Affects only 2.3.30-2.3.32)
 	- mailreader 2.3.33
-CVE-2002-1581
+CVE-2002-1581 (Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3. ...)
 	{DSA-534}
 	- mailreader 2.3.29-9
-CVE-2002-1580
+CVE-2002-1580 (Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 a ...)
 	{DSA-215}
 	- cyrus-imapd 1.5.19-9.10
-CVE-2002-1579
+CVE-2002-1579 (SAP GUI (Sapgui) 4.6D allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: SAP
-CVE-2002-1578
+CVE-2002-1578 (The default installation of SAP R/3, when using Oracle and SQL*net V2  ...)
 	NOT-FOR-US: SAP
-CVE-2002-1577
+CVE-2002-1577 (SAP R/3 2.0B to 4.6D installs several clients with default users and p ...)
 	NOT-FOR-US: SAP
-CVE-2002-1576
+CVE-2002-1576 (lserver in SAP DB 7.3 and earlier uses the current working directory t ...)
 	NOT-FOR-US: SAP
-CVE-2002-1575
+CVE-2002-1575 (cgiemail allows remote attackers to use cgiemail as a spam proxy via C ...)
 	{DSA-437}
 	- cgiemail 1.6-20
-CVE-2002-1573
+CVE-2002-1573 (Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pci ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-1572
+CVE-2002-1572 (Signed integer overflow in the bttv_read function in the bttv driver ( ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-1571
+CVE-2002-1571 (The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-1570
+CVE-2002-1570 (Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earli ...)
 	- ucd-snmp 4.2.3-2
-CVE-2002-1569
+CVE-2002-1569 (gv 3.5.8, and possibly earlier versions, allows remote attackers to ex ...)
 	- gv 1:3.5.8-27
-CVE-2002-1568
+CVE-2002-1568 (OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks  ...)
 	- openssl 0.9.6g-1
-CVE-2002-1567
+CVE-2002-1567 (Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows r ...)
 	NOTE: tomcat4 cross-site scripting vuln
-CVE-2002-1566
+CVE-2002-1566 (netris 0.5, and possibly other versions before 0.52, when running with ...)
 	- netris 0.52-1
-CVE-2002-1565
+CVE-2002-1565 (Buffer overflow in url_filename function for wget 1.8.1 allows attacke ...)
 	- wget 1.8.2-8
-CVE-2002-1564
+CVE-2002-1564 (Internet Explorer 5.5 and 6.0 allows remote attackers to steal potenti ...)
 	NOT-FOR-US: microsoft
-CVE-2002-1563
+CVE-2002-1563 (stunnel 4.0.3 and earlier allows attackers to cause a denial of servic ...)
 	- stunnel4 4.04-1
 	- stunnel 2:3.24-1
-CVE-2002-1562
+CVE-2002-1562 (Directory traversal vulnerability in thttpd, when using virtual hostin ...)
 	{DSA-396}
 	- thttpd 2.23beta1-2.3 (bug #216677)
-CVE-2002-1561
+CVE-2002-1561 (The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allo ...)
 	NOT-FOR-US: microsoft
-CVE-2002-1559
+CVE-2002-1559 (Directory traversal vulnerability in ion-p.exe (aka ion-p) allows remo ...)
 	NOT-FOR-US: ion-p
-CVE-2002-1558
+CVE-2002-1558 (Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for ...)
 	NOT-FOR-US: cisco
-CVE-2002-1557
+CVE-2002-1557 (Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to ...)
 	NOT-FOR-US: cisco
-CVE-2002-1556
+CVE-2002-1556 (Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to ...)
 	NOT-FOR-US: cisco
-CVE-2002-1555
+CVE-2002-1555 (Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNM ...)
 	NOT-FOR-US: cisco
-CVE-2002-1554
+CVE-2002-1554 (Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames an ...)
 	NOT-FOR-US: cisco
-CVE-2002-1553
+CVE-2002-1553 (Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attac ...)
 	NOT-FOR-US: cisco
-CVE-2002-1551
+CVE-2002-1551 (Buffer overflow in nslookup in IBM AIX may allow attackers to cause a  ...)
 	NOT-FOR-US: AIX
-CVE-2002-1546
+CVE-2002-1546 (BRS WebWeaver Web Server 1.01 allows remote attackers to bypass passwo ...)
 	NOT-FOR-US: Webweaver
-CVE-2002-1545
+CVE-2002-1545 (CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain t ...)
 	NOT-FOR-US: Coolsoft
-CVE-2002-1544
+CVE-2002-1544 (Directory traversal vulnerability in CooolSoft Personal FTP Server 2.2 ...)
 	NOT-FOR-US: Coolsoft
-CVE-2002-1542
+CVE-2002-1542 (SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to c ...)
 	NOT-FOR-US: SolarWinds
-CVE-2002-1539
+CVE-2002-1539 (Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote  ...)
 	NOT-FOR-US: MDaemon
-CVE-2002-1536
+CVE-2002-1536 (Molly IRC bot 0.5 allows remote attackers to execute arbitrary command ...)
 	NOT-FOR-US: Molly
-CVE-2002-1535
+CVE-2002-1535 (Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6. ...)
 	NOT-FOR-US: Symantec
-CVE-2002-1533
+CVE-2002-1533 (Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine a ...)
 	- jetty <not-affected> (Fixed before upload into archive; 4.1 series)
-CVE-2002-1527
+CVE-2002-1527 (emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine th ...)
 	NOT-FOR-US: EMU Webmail
-CVE-2002-1526
+CVE-2002-1526 (Cross-site scripting (XSS) vulnerability in emumail.cgi for EMU Webmai ...)
 	NOT-FOR-US: EMU Webmail
-CVE-2002-1525
+CVE-2002-1525 (Directory traversal vulnerability in ASTAware SearchDisk engine for Su ...)
 	NOT-FOR-US: Sun
-CVE-2002-1523
+CVE-2002-1523 (Directory traversal vulnerability in Daniel Arenz Mini Server 2.1.6 al ...)
 	NOT-FOR-US: Miniserver
-CVE-2002-1522
+CVE-2002-1522 (Buffer overflow in PowerFTP FTP server 2.24, and possibly other versio ...)
 	NOT-FOR-US: PowerFTP
-CVE-2002-1515
+CVE-2002-1515 (Directory traversal vulnerability in avatar.php in CoolForum 0.5 beta  ...)
 	NOT-FOR-US: Coolforum
-CVE-2002-1512
+CVE-2002-1512 (xbru in BRU Workstation 17.0 allows local users to overwrite arbitrary ...)
 	NOT-FOR-US: BRU
-CVE-2002-1508
+CVE-2002-1508 (slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users t ...)
 	{DSA-227}
 	- openldap2 2.0.27-3
-CVE-2002-1507
+CVE-2002-1507 (Unreal Tournament 2003 (ut2003) clients and servers allow remote attac ...)
 	NOT-FOR-US: Unreal
-CVE-2002-1506
+CVE-2002-1506 (Buffer overflow in Linuxconf before 1.28r4 allows local users to execu ...)
 	- linuxconf <removed>
-CVE-2002-1504
+CVE-2002-1504 (Directory traversal vulnerability in WebServer 4 Everyone 1.22 allows  ...)
 	NOT-FOR-US: webserver-4everyone
-CVE-2002-1503
+CVE-2002-1503 (Buffer overflow in Automatic File Distributor (AFD) 1.2.14 and earlier ...)
 	NOT-FOR-US: AFD not in debian
-CVE-2002-1500
+CVE-2002-1500 (Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4. ...)
 	NOT-FOR-US: NetBSD
-CVE-2002-1499
+CVE-2002-1499 (Multiple SQL injection vulnerabilities in FactoSystem CMS allows remot ...)
 	NOT-FOR-US: FactoSystem
-CVE-2002-1498
+CVE-2002-1498 (Directory traversal vulnerability in SWServer 2.2 and earlier allows r ...)
 	NOT-FOR-US: SWServer
-CVE-2002-1495
+CVE-2002-1495 (Cross-site scripting (XSS) vulnerability in JAWmail 1.0-rc1 allows rem ...)
 	NOT-FOR-US: Jawmail
-CVE-2002-1492
+CVE-2002-1492 (Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux,  ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1489
+CVE-2002-1489 (Buffer overflow in PlanetDNS PlanetWeb 1.14 and earlier allows remote  ...)
 	NOT-FOR-US: PlanetDNS
-CVE-2002-1488
+CVE-2002-1488 (The IRC component of Trillian 0.73 and 0.74 allows remote malicious IR ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-1487
+CVE-2002-1487 (The IRC component of Trillian 0.73 and 0.74 allows remote malicious IR ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-1486
+CVE-2002-1486 (Multiple buffer overflows in the IRC component of Trillian 0.73 and 0. ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-1485
+CVE-2002-1485 (The AIM component of Trillian 0.73 and 0.74 allows remote attackers to ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2002-1484
+CVE-2002-1484 (DB4Web server, when configured to use verbose debug messages, allows r ...)
 	NOT-FOR-US: db4web
-CVE-2002-1483
+CVE-2002-1483 (db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote  ...)
 	NOT-FOR-US: db4web
-CVE-2002-1482
+CVE-2002-1482 (SQL injection vulnerability in login.php for phpGB 1.20 and earlier, w ...)
 	NOT-FOR-US: phpGB not in Debian
-CVE-2002-1481
+CVE-2002-1481 (savesettings.php in phpGB 1.20 and earlier does not require authentica ...)
 	NOT-FOR-US: phpGB not in Debian
-CVE-2002-1480
+CVE-2002-1480 (Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows r ...)
 	NOT-FOR-US: phpGB not in Debian
-CVE-2002-1475
+CVE-2002-1475 (Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0 ...)
 	NOT-FOR-US: HPUX
-CVE-2002-1474
+CVE-2002-1474 (Unknown vulnerability or vulnerabilities in TCP/IP component for HP Tr ...)
 	NOT-FOR-US: HPUX
-CVE-2002-1473
+CVE-2002-1473 (Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.1 ...)
 	NOT-FOR-US: HPUX
-CVE-2002-1470
+CVE-2002-1470 (SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext ...)
 	NOT-FOR-US: Shoutcase
-CVE-2002-1467
+CVE-2002-1467 (Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to byp ...)
 	- flashplugin-nonfree 6.0.61.0-1
-CVE-2002-1466
+CVE-2002-1466 (CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows  ...)
 	NOT-FOR-US: Cafelog
-CVE-2002-1465
+CVE-2002-1465 (SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote at ...)
 	NOT-FOR-US: Cafelog
-CVE-2002-1464
+CVE-2002-1464 (Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool all ...)
 	NOT-FOR-US: Cafelog
-CVE-2002-1462
+CVE-2002-1462 (details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versi ...)
 	NOT-FOR-US: Organic PHP
-CVE-2002-1461
+CVE-2002-1461 (Web Shop Manager 1.1 allows remote attackers to execute arbitrary comm ...)
 	NOT-FOR-US: Webshop Manager
-CVE-2002-1460
+CVE-2002-1460 (L-Forum 2.40 and earlier does not properly verify whether a file was u ...)
 	NOT-FOR-US: L-Forum not in Debian
-CVE-2002-1459
+CVE-2002-1459 (Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when t ...)
 	NOT-FOR-US: L-Forum not in Debian
-CVE-2002-1458
+CVE-2002-1458 (Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when t ...)
 	NOT-FOR-US: L-Forum not in Debian
-CVE-2002-1457
+CVE-2002-1457 (SQL injection vulnerability in search.php for L-Forum 2.40 allows remo ...)
 	NOT-FOR-US: L-Forum not in Debian
-CVE-2002-1456
+CVE-2002-1456 (Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to e ...)
 	NOT-FOR-US: mIRC
-CVE-2002-1455
+CVE-2002-1455 (Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow ...)
 	NOT-FOR-US: OmniHTTPD
-CVE-2002-1454
+CVE-2002-1454 (MyWebServer 1.0.2 allows remote attackers to determine the absolute pa ...)
 	NOT-FOR-US: MyWebServer
-CVE-2002-1453
+CVE-2002-1453 (Cross-site scripting (XSS) vulnerability in MyWebServer 1.0.2 allows r ...)
 	NOT-FOR-US: MyWebServer
-CVE-2002-1452
+CVE-2002-1452 (Buffer overflow in the search capability for MyWebServer 1.0.2 allows  ...)
 	NOT-FOR-US: MyWebServer
-CVE-2002-1451
+CVE-2002-1451 (Blazix before 1.2.2 allows remote attackers to read source code of JSP ...)
 	NOT-FOR-US: Blazix not in Debian
-CVE-2002-1450
+CVE-2002-1450 (IBM UniVerse with UV/ODBC allows attackers to cause a denial of servic ...)
 	NOT-FOR-US: IBM UniVerse
-CVE-2002-1449
+CVE-2002-1449 (eUpload 1.0 stores the password.txt password file in plaintext under t ...)
 	NOT-FOR-US: eUpload not in Debian
-CVE-2002-1445
+CVE-2002-1445 (Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows r ...)
 	NOT-FOR-US: CERN HTTPD not in Debian
-CVE-2002-1444
+CVE-2002-1444 (The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6 ...)
 	NOT-FOR-US: Google Toolbar
-CVE-2002-1442
+CVE-2002-1442 (The Google toolbar 1.1.58 and earlier allows remote web sites to perfo ...)
 	NOT-FOR-US: Google Toolbar
-CVE-2002-1441
+CVE-2002-1441 (Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remo ...)
 	NOT-FOR-US: Tomahawk
-CVE-2002-1440
+CVE-2002-1440 (The Gateway GS-400 server has a default root password of "0001n" that  ...)
 	NOT-FOR-US: Gateway
-CVE-2002-1439
+CVE-2002-1439 (Unknown vulnerability related to stack corruption in the TGA daemon fo ...)
 	NOT-FOR-US: HPUX
-CVE-2002-1434
+CVE-2002-1434 (Multiple cross-site scripting (XSS) vulnerabilities in the Web mail mo ...)
 	NOT-FOR-US: Kerio
-CVE-2002-1433
+CVE-2002-1433 (Kerio MailServer 5.0 allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: Kerio
-CVE-2002-1432
+CVE-2002-1432 (MidiCart stores the midicart.mdb database file under the Web document  ...)
 	NOT-FOR-US: MidiCart
-CVE-2002-1431
+CVE-2002-1431 (Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the ...)
 	NOT-FOR-US: Belkin
-CVE-2002-1429
+CVE-2002-1429 (Cross-site scripting vulnerability in board.php of endity.com ShoutBOX ...)
 	NOT-FOR-US: ShoutBox
-CVE-2002-1428
+CVE-2002-1428 (index.php in dotProject 0.2.1.5 allows remote attackers to bypass auth ...)
 	NOT-FOR-US: dotproject
-CVE-2002-1427
+CVE-2002-1427 (The print_html_to_file function in edit.cgi for Easy Homepage Creator  ...)
 	NOT-FOR-US: Easy Homepage Creator
-CVE-2002-1426
+CVE-2002-1426 (HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a de ...)
 	NOT-FOR-US: HP
-CVE-2002-1423
+CVE-2002-1423 (tmp_view.php in FUDforum before 2.2.0 allows remote attackers to read  ...)
 	- phpgroupware <not-affected> (Issue in fudforum 2.2.0. fudforum in phpgroupware-fudforum is 2.5.x)
-CVE-2002-1422
+CVE-2002-1422 (admbrowse.php in FUDforum before 2.2.0 allows remote attackers to crea ...)
 	- phpgroupware <not-affected> (Issue in fudforum 2.2.0. fudforum in phpgroupware-fudforum is 2.5.x)
-CVE-2002-1421
+CVE-2002-1421 (SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote at ...)
 	- phpgroupware <not-affected> (Issue in fudforum 2.2.0. fudforum in phpgroupware-fudforum is 2.5.x)
-CVE-2002-1416
+CVE-2002-1416 (The POP3 service for WebEasyMail 3.4.2.2 and earlier generates difffer ...)
 	NOT-FOR-US: Webeasymail
-CVE-2002-1415
+CVE-2002-1415 (Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 an ...)
 	NOT-FOR-US: Webeasymail
-CVE-2002-1411
+CVE-2002-1411 (Directory traversal vulnerability in update.dpgs in Duma Photo Gallery ...)
 	NOT-FOR-US: Duma
-CVE-2002-1410
+CVE-2002-1410 (Easy Guestbook CGI programs do not authenticate the administrator, whi ...)
 	NOT-FOR-US: East Guestbook
-CVE-2002-1409
+CVE-2002-1409 (ptrace on HP-UX 11.00 through 11.11 allows local users to cause a deni ...)
 	NOT-FOR-US: HPUX
-CVE-2002-1408
+CVE-2002-1408 (Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 s ...)
 	NOT-FOR-US: HP Openview
-CVE-2002-1406
+CVE-2002-1406 (Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown imp ...)
 	NOT-FOR-US: HPUX
 CVE-2002-1404
 	REJECTED
-CVE-2002-1402
+CVE-2002-1402 (Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment varia ...)
 	{DSA-165}
 	- postgresql 7.2.2-2
-CVE-2002-1401
+CVE-2002-1401 (Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add  ...)
 	{DSA-165}
 	- postgresql 7.2.2-2
-CVE-2002-1400
+CVE-2002-1400 (Heap-based buffer overflow in the repeat() function for PostgreSQL bef ...)
 	{DSA-165}
 	- postgresql 7.2.2-2
-CVE-2002-1399
+CVE-2002-1399 (Unknown vulnerability in cash_out and possibly other functions in Post ...)
 	- postgresql 7.2.2-2
-CVE-2002-1398
+CVE-2002-1398 (Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows  ...)
 	{DSA-165}
 	- postgresql 7.2.2-2
-CVE-2002-1397
+CVE-2002-1397 (Vulnerability in the cash_words() function for PostgreSQL 7.2 and earl ...)
 	- postgresql 7.2.2-2
-CVE-2002-1395
+CVE-2002-1395 (Internet Message (IM) 141-18 and earlier uses predictable file and dir ...)
 	{DSA-202}
 	- im 1:141-20
-CVE-2002-1393
+CVE-2002-1393 (Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quo ...)
 	{DSA-243 DSA-242 DSA-241 DSA-240 DSA-239 DSA-238 DSA-237 DSA-236 DSA-235 DSA-234}
 	- kdemultimedia 4:3.0.5a
 	- kdebase 4:3.0.5a
@@ -2061,80 +2061,80 @@ CVE-2002-1393
 	- kdenetwork 4:3.0.5a
 	- kdegraphics 4:3.0.5a
 	- kdeadmin 4:3.0.5a
-CVE-2002-1387
+CVE-2002-1387 (The spray mode in traceroute-nanog (aka traceroute-ng) may allow local ...)
 	{DSA-254}
 	- traceroute-nanog 6.3.0-1
-CVE-2002-1386
+CVE-2002-1386 (Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow loca ...)
 	{DSA-254}
 	- traceroute-nanog 6.3.0-1
-CVE-2002-1383
+CVE-2002-1383 (Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.1 ...)
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1379
+CVE-2002-1379 (OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attack ...)
 	{DSA-227}
 	- openldap2 2.0.27-3
-CVE-2002-1378
+CVE-2002-1378 (Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier  ...)
 	{DSA-227}
 	- openldap2 2.0.27-3
-CVE-2002-1376
+CVE-2002-1376 (libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0. ...)
 	{DSA-212}
 	- mysql <removed>
 CVE-2002-1370
 	REJECTED
-CVE-2002-1368
+CVE-2002-1368 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote ...)
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1360
+CVE-2002-1360 (Multiple SSH2 servers and clients do not properly handle strings with  ...)
 	- openssh <not-affected> (OpenSSH not vulnerable)
-CVE-2002-1359
+CVE-2002-1359 (Multiple SSH2 servers and clients do not properly handle large packets ...)
 	- openssh <not-affected> (OpenSSH not vulnerable)
-CVE-2002-1358
+CVE-2002-1358 (Multiple SSH2 servers and clients do not properly handle lists with em ...)
 	- openssh <not-affected> (OpenSSH not vulnerable)
-CVE-2002-1357
+CVE-2002-1357 (Multiple SSH2 servers and clients do not properly handle packets or da ...)
 	- openssh <not-affected> (OpenSSH not vulnerable)
-CVE-2002-1356
+CVE-2002-1356 (Ethereal 0.9.7 and earlier allows remote attackers to cause a denial o ...)
 	- ethereal 0.9.8-1
-CVE-2002-1355
+CVE-2002-1355 (Multiple integer signedness errors in the BGP dissector in Ethereal 0. ...)
 	- ethereal 0.9.8-1
-CVE-2002-1354
+CVE-2002-1354 (Directory traversal vulnerability in TYPSoft FTP Server 0.99.8 allows  ...)
 	NOT-FOR-US: TYPSoft FTP Server
-CVE-2002-1353
+CVE-2002-1353 (LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under th ...)
 	NOT-FOR-US: LocalWEB2000 HTTP server
-CVE-2002-1352
+CVE-2002-1352 (Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and earli ...)
 	NOT-FOR-US: CartMan
-CVE-2002-1351
+CVE-2002-1351 (Buffer overflow in Melange Chat System 1.10 allows remote attackers to ...)
 	NOT-FOR-US: Melange Chat System
-CVE-2002-1347
+CVE-2002-1347 (Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allo ...)
 	- cyrus-sasl2 2.1.10-1
 CVE-2002-1346
 	RESERVED
-CVE-2002-1345
+CVE-2002-1345 (Directory traversal vulnerabilities in multiple FTP clients on UNIX sy ...)
 	NOTE: multiple ftp client issues
-CVE-2002-1344
+CVE-2002-1344 (Directory traversal vulnerability in wget before 1.8.2-4 allows a remo ...)
 	{DSA-209}
 	- wget 1.8.2-8
 CVE-2002-1343
 	RESERVED
-CVE-2002-1342
+CVE-2002-1342 (Unknown vulnerability in smb2www 980804-16 and earlier allows remote a ...)
 	{DSA-203}
 	- smb2www 980804-17
-CVE-2002-1341
+CVE-2002-1341 (Cross-site scripting (XSS) vulnerability in read_body.php for Squirrel ...)
 	{DSA-220}
 	- squirrelmail 1:1.3.2-2
-CVE-2002-1340
+CVE-2002-1340 (The "ConnectionFile" property in the DataSourceControl component in Of ...)
 	NOT-FOR-US: Office Web Components
-CVE-2002-1339
+CVE-2002-1339 (The "XMLURL" property in the Spreadsheet component of Office Web Compo ...)
 	NOT-FOR-US: Office Web Components
-CVE-2002-1338
+CVE-2002-1338 (The Load method in the Chart component of Office Web Components (OWC)  ...)
 	NOT-FOR-US: Office Web Components
-CVE-2002-1335
+CVE-2002-1335 (Cross-site scripting (XSS) vulnerability in w3m 0.3.2 does not escape  ...)
 	{DSA-251 DSA-250 DSA-249}
 	- w3m 0.3.2.2-1
 	- w3mmee 0.3.p24.17-3
 	- w3m-ssl <removed>
-CVE-2002-1334
+CVE-2002-1334 (Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01  ...)
 	NOT-FOR-US: BizDesign
 CVE-2002-1333
 	RESERVED
@@ -2152,23 +2152,23 @@ CVE-2002-1326
 	RESERVED
 CVE-2002-1324
 	RESERVED
-CVE-2002-1322
+CVE-2002-1322 (Rational ClearCase 4.1, 2002.05, and possibly other versions allows re ...)
 	NOT-FOR-US: ClearCase
-CVE-2002-1321
+CVE-2002-1321 (Multiple buffer overflows in RealOne and RealPlayer allow remote attac ...)
 	NOT-FOR-US: Realplayer
-CVE-2002-1316
+CVE-2002-1316 (importInfo in the Admin Server for iPlanet WebServer 4.x, up to SP11,  ...)
 	NOT-FOR-US: iPlanet
-CVE-2002-1315
+CVE-2002-1315 (Cross-site scripting (XSS) vulnerability in the Admin Server for iPlan ...)
 	NOT-FOR-US: iPlanet
 CVE-2002-1314
 	RESERVED
-CVE-2002-1312
+CVE-2002-1312 (Buffer overflow in the Web management interface in Linksys BEFW11S4 wi ...)
 	NOT-FOR-US: Linksys
-CVE-2002-1310
+CVE-2002-1310 (Heap-based buffer overflow in the error-handling mechanism for the IIS ...)
 	NOT-FOR-US: Macromedia
-CVE-2002-1309
+CVE-2002-1309 (Heap-based buffer overflow in the error-handling mechanism for the IIS ...)
 	NOT-FOR-US: Macromedia
-CVE-2002-1306
+CVE-2002-1306 (Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KD ...)
 	{DSA-214}
 	- kdenetwork 4:2.2.2-14.20
 CVE-2002-1305
@@ -2189,68 +2189,68 @@ CVE-2002-1298
 	REJECTED
 CVE-2002-1297
 	REJECTED
-CVE-2002-1295
+CVE-2002-1295 (The Microsoft Java implementation, as used in Internet Explorer, allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1294
+CVE-2002-1294 (The Microsoft Java implementation, as used in Internet Explorer, can p ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1293
+CVE-2002-1293 (The Microsoft Java implementation, as used in Internet Explorer, provi ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1292
+CVE-2002-1292 (The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1291
+CVE-2002-1291 (The Microsoft Java implementation, as used in Internet Explorer, allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1290
+CVE-2002-1290 (The Microsoft Java implementation, as used in Internet Explorer, allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1289
+CVE-2002-1289 (The Microsoft Java implementation, as used in Internet Explorer, allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1288
+CVE-2002-1288 (The Microsoft Java implementation, as used in Internet Explorer, allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1287
+CVE-2002-1287 (Stack-based buffer overflow in the Microsoft Java implementation, as u ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1286
+CVE-2002-1286 (The Microsoft Java implementation, as used in Internet Explorer, allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1285
+CVE-2002-1285 (runlpr in the LPRng package allows the local lp user to gain root priv ...)
 	NOT-FOR-US: SuSE-specific lprfilter package
-CVE-2002-1283
+CVE-2002-1283 (Buffer overflow in Novell iManager (eMFrame) before 1.5 allows remote  ...)
 	NOT-FOR-US: Novell iManager (eMFrame)
-CVE-2002-1282
+CVE-2002-1282 (Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of ...)
 	{DSA-204}
 	- kdelibs 4:3.1.0-1
-CVE-2002-1281
+CVE-2002-1281 (Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of ...)
 	{DSA-204}
 	- kdelibs 4:3.1.0-1
-CVE-2002-1280
+CVE-2002-1280 (Memory leak in RealSecure Event Collector 6.5 allows attackers to caus ...)
 	NOT-FOR-US: RealSecure Event Collector
-CVE-2002-1279
+CVE-2002-1279 (Multiple buffer overflows in conf.c for Masqmail 0.1.x before 0.1.17,  ...)
 	{DSA-194}
 	- masqmail 0.2.15-1
-CVE-2002-1276
+CVE-2002-1276 (An incomplete fix for a cross-site scripting (XSS) vulnerability in Sq ...)
 	{DSA-191}
 	- squirrelmail 1:1.2.8-1.1
-CVE-2002-1275
+CVE-2002-1275 (Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when u ...)
 	{DSA-192}
 	- html2ps 1.0b3-2
 CVE-2002-1274
 	RESERVED
 CVE-2002-1273
 	RESERVED
-CVE-2002-1269
+CVE-2002-1269 (Unknown vulnerability in NetInfo Manager application in Mac OS X 10.2. ...)
 	NOT-FOR-US: MacOS
 CVE-2002-1263
 	REJECTED
-CVE-2002-1262
+CVE-2002-1262 (Internet Explorer 5.5 and 6.0 does not perform complete security check ...)
 	NOT-FOR-US: Microsoft
 CVE-2002-1261
 	REJECTED
 CVE-2002-1259
 	REJECTED
-CVE-2002-1258
+CVE-2002-1258 (Two vulnerabilities in Microsoft Virtual Machine (VM) up to and includ ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1254
+CVE-2002-1254 (Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cr ...)
 	NOT-FOR-US: Microsoft
 CVE-2002-1249
 	RESERVED
-CVE-2002-1247
+CVE-2002-1247 (Buffer overflow in LISa allows local users to gain access to a raw soc ...)
 	{DSA-193}
 	- kdenetwork 4:2.2.2-14.3
 CVE-2002-1246
@@ -2261,47 +2261,47 @@ CVE-2002-1241
 	RESERVED
 CVE-2002-1240
 	RESERVED
-CVE-2002-1238
+CVE-2002-1238 (Peter Sandvik's Simple Web Server 0.5.1 and earlier allows remote atta ...)
 	NOT-FOR-US: Peter Sandvik's Simple Web Server
 CVE-2002-1237
 	RESERVED
-CVE-2002-1235
+CVE-2002-1235 (The kadm_ser_in function in (1) the Kerberos v4compatibility administr ...)
 	{DSA-185 DSA-184 DSA-183}
 	- heimdal 0.4e-22
 	- krb4 1.1-11-8
 	- krb5 1.2.6-2
 CVE-2002-1234
 	REJECTED
-CVE-2002-1233
+CVE-2002-1233 (A regression error in the Debian distributions of the apache-ssl packa ...)
 	{DSA-195 DSA-188 DSA-187}
 	- apache-perl 1.3.26-1.1-1.27-3-1
 	- apache 1.3.27-1
-CVE-2002-1229
+CVE-2002-1229 (Avaya Cajun switches P880, P882, P580, and P550R 5.2.14 and earlier co ...)
 	NOT-FOR-US: Avaya Cajun switches
-CVE-2002-1228
+CVE-2002-1228 (Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows ...)
 	NOT-FOR-US: Solaris
-CVE-2002-1226
+CVE-2002-1226 (Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, pos ...)
 	{DSA-178}
 	- heimdal 0.4e-21
-CVE-2002-1225
+CVE-2002-1225 (Multiple buffer overflows in Heimdal before 0.5, possibly in both the  ...)
 	{DSA-178}
 	- heimdal 0.4e-21
 CVE-2002-1218
 	RESERVED
-CVE-2002-1217
+CVE-2002-1217 (Cross-Frame scripting vulnerability in the WebBrowser control as used  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1216
+CVE-2002-1216 (GNU tar 1.13.19 and other versions before 1.13.25 allows remote attack ...)
 	- tar 1.13.25
-CVE-2002-1215
+CVE-2002-1215 (Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier  ...)
 	{DSA-174}
 	- heartbeat 0.4.9.2-1
-CVE-2002-1213
+CVE-2002-1213 (Directory traversal vulnerability in RadioBird Software WebServer 4 Ev ...)
 	NOT-FOR-US: RadioBird Software WebServer 4 Everyone
-CVE-2002-1212
+CVE-2002-1212 (Buffer overflow in RadioBird Software WebServer 4 Everyone 1.23 and 1. ...)
 	NOT-FOR-US: RadioBird Software WebServer 4 Everyone
-CVE-2002-1210
+CVE-2002-1210 (Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email a ...)
 	NOT-FOR-US: Eudora
-CVE-2002-1209
+CVE-2002-1209 (Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, an ...)
 	NOT-FOR-US: SolarWinds TFTP Server
 CVE-2002-1208
 	RESERVED
@@ -2311,32 +2311,32 @@ CVE-2002-1206
 	RESERVED
 CVE-2002-1205
 	RESERVED
-CVE-2002-1204
+CVE-2002-1204 (Netscape Communicator 4.x allows attackers to use a link to steal a us ...)
 	NOT-FOR-US: Netscape Communicator 4.x
-CVE-2002-1203
+CVE-2002-1203 (IBM SecureWay Firewall before 4.2.2 performs extra processing before d ...)
 	NOT-FOR-US: IBM SecureWay Firewall
-CVE-2002-1202
+CVE-2002-1202 (Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A  ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2002-1201
+CVE-2002-1201 (IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: AIX
-CVE-2002-1194
+CVE-2002-1194 (Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other ...)
 	NOT-FOR-US: NetBSD
-CVE-2002-1192
+CVE-2002-1192 (Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD  ...)
 	NOT-FOR-US: NetBSD
-CVE-2002-1191
+CVE-2002-1191 (The Sabserv client component in Sabre Desktop Reservation Software 4.2 ...)
 	NOT-FOR-US: Sabre Desktop
-CVE-2002-1190
+CVE-2002-1190 (Cisco Unity 2.x and 3.x uses well-known default user accounts, which c ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1181
+CVE-2002-1181 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: Microsoft IIS
-CVE-2002-1177
+CVE-2002-1177 (Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the ...)
 	NOT-FOR-US: Winamp
-CVE-2002-1176
+CVE-2002-1176 (Buffer overflow in Winamp 2.81 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Winamp
-CVE-2002-1175
+CVE-2002-1175 (The getmxrecord function in Fetchmail 6.0.0 and earlier does not prope ...)
 	{DSA-171}
 	- fetchmail 6.1.0-1
-CVE-2002-1174
+CVE-2002-1174 (Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers ...)
 	{DSA-171}
 	- fetchmail 6.1.0-1
 CVE-2002-1173
@@ -2345,819 +2345,819 @@ CVE-2002-1172
 	RESERVED
 CVE-2002-1171
 	RESERVED
-CVE-2002-1168
+CVE-2002-1168 (Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Ca ...)
 	NOT-FOR-US: IBM Websphere
-CVE-2002-1167
+CVE-2002-1167 (Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Ca ...)
 	NOT-FOR-US: IBM Websphere
-CVE-2002-1166
+CVE-2002-1166 (Buffer overflow in John Franks WN Server 1.18.2 through 2.0.0 allows r ...)
 	- wn <removed>
-CVE-2002-1165
+CVE-2002-1165 (Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.1 ...)
 	- sendmail 8.12.3-5
 CVE-2002-1161
 	REJECTED
-CVE-2002-1155
+CVE-2002-1155 (Buffer overflow in KON kon2 0.3.9b and earlier allows local users to e ...)
 	NOTE: kon2. patched, but I don't know when.
 	NOTE: assuming the current unstable/testing version is ok then..
 	- kon2 0.3.9b-18
-CVE-2002-1150
+CVE-2002-1150 (The Remote Desktop Sharing (RDS) Screen Saver Protection capability fo ...)
 	NOT-FOR-US: Microsoft Netmeeting
-CVE-2002-1149
+CVE-2002-1149 (The installation procedure for Invision Board suggests that users inst ...)
 	NOT-FOR-US: Invision Board
-CVE-2002-1145
+CVE-2002-1145 (The xp_runwebtask stored procedure in the Web Tasks component of Micro ...)
 	NOT-FOR-US: Microsoft SQL
 CVE-2002-1144
 	RESERVED
-CVE-2002-1143
+CVE-2002-1143 (Microsoft Word and Excel allow remote attackers to steal sensitive inf ...)
 	NOT-FOR-US: Microsoft Word & Excel
 CVE-2002-1136
 	RESERVED
-CVE-2002-1134
+CVE-2002-1134 (Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES  ...)
 	NOT-FOR-US: HP Tru64
-CVE-2002-1133
+CVE-2002-1133 (Encoded directory traversal vulnerability in Dino's web server 2.1 all ...)
 	NOT-FOR-US: Dino's Webserver
-CVE-2002-1131
+CVE-2002-1131 (Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier ...)
 	{DSA-191}
 	- squirrelmail 1:1.2.8-1.1
 CVE-2002-1130
 	RESERVED
-CVE-2002-1129
+CVE-2002-1129 (Buffer overflow in dxterm allows local users to execute arbitrary code ...)
 	NOT-FOR-US: HP Tru64
-CVE-2002-1128
+CVE-2002-1128 (Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows l ...)
 	NOT-FOR-US: HP Tru64
-CVE-2002-1127
+CVE-2002-1127 (Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to ...)
 	NOT-FOR-US: HP Tru64
-CVE-2002-1125
+CVE-2002-1125 (FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and ea ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-1124
+CVE-2002-1124 (Multiple buffer overflows in purity 1-16 allow local users to gain pri ...)
 	{DSA-166}
 	- purity 1-16
-CVE-2002-1121
+CVE-2002-1121 (SMTP content filter engines, including (1) GFI MailSecurity for Exchan ...)
 	NOTE: Some SMTP mailscanners can be bypassed by fragmenting messages.
-CVE-2002-1120
+CVE-2002-1120 (Buffer overflow in Savant Web Server 3.1 and earlier allows remote att ...)
 	NOT-FOR-US: Savant Web Server
-CVE-2002-1115
+CVE-2002-1115 (Mantis 0.17.4a and earlier allows remote attackers to view private bug ...)
 	{DSA-161}
 	- mantis 0.17.5-2
-CVE-2002-1114
+CVE-2002-1114 (config_inc2.php in Mantis before 0.17.4 allows remote attackers to exe ...)
 	{DSA-153}
 	- mantis 0.17.4a-2
-CVE-2002-1110
+CVE-2002-1110 (Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, w ...)
 	{DSA-153}
 	- mantis 0.17.4a-2
-CVE-2002-1103
+CVE-2002-1103 (Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, all ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1101
+CVE-2002-1101 (Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, all ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1100
+CVE-2002-1100 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1094
+CVE-2002-1094 (Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x befor ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1090
+CVE-2002-1090 (Buffer overflow in read_smtp_response of protocol.c in libesmtp before ...)
 	- libesmtp 0.8.11-1
-CVE-2002-1089
+CVE-2002-1089 (rwcgi60 CGI program in Oracle Reports Server, by design, provides sens ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1087
+CVE-2002-1087 (The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.ph ...)
 	NOT-FOR-US: ezContents
-CVE-2002-1086
+CVE-2002-1086 (Multiple SQL injection vulnerabilities in ezContents 1.41 and earlier  ...)
 	NOT-FOR-US: ezContents
-CVE-2002-1085
+CVE-2002-1085 (Multiple cross-site scripting vulnerabilities in ezContents 1.41 and e ...)
 	NOT-FOR-US: ezContents
-CVE-2002-1084
+CVE-2002-1084 (The VerifyLogin function in ezContents 1.41 and earlier does not prope ...)
 	NOT-FOR-US: ezContents
-CVE-2002-1083
+CVE-2002-1083 (Directory traversal vulnerabilities in ezContents 1.41 and earlier all ...)
 	NOT-FOR-US: ezContents
-CVE-2002-1082
+CVE-2002-1082 (The Image Upload capability for ezContents 1.40 and earlier allows rem ...)
 	NOT-FOR-US: ezContents
-CVE-2002-1080
+CVE-2002-1080 (The Administration console for Abyss Web Server 1.0.3 before Patch 2 a ...)
 	NOT-FOR-US: Abyss
-CVE-2002-1078
+CVE-2002-1078 (Abyss Web Server 1.0.3 allows remote attackers to list directory conte ...)
 	NOT-FOR-US: Abyss
-CVE-2002-1077
+CVE-2002-1077 (IPSwitch IMail Web Calendaring service (iwebcal) allows remote attacke ...)
 	NOT-FOR-US: IPSwitch
-CVE-2002-1075
+CVE-2002-1075 (Buffer overflow in Pegasus mail client 4.01 and earlier allows remote  ...)
 	NOT-FOR-US: Pegasus
-CVE-2002-1073
+CVE-2002-1073 (Buffer overflow in the control service for MERCUR Mailserver 4.2 allow ...)
 	NOT-FOR-US: MERCUR Mailserver
-CVE-2002-1072
+CVE-2002-1072 (ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows re ...)
 	NOT-FOR-US: ZyXEL
-CVE-2002-1071
+CVE-2002-1071 (ZyXEL Prestige 642R allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: ZyXEL
-CVE-2002-1070
+CVE-2002-1070 (Cross-site scripting vulnerability in PHPWiki Postnuke wiki module all ...)
 	- phpwiki 1.3.4-1
-CVE-2002-1069
+CVE-2002-1069 (The remote administration capability for the D-Link DI-804 router 4.68 ...)
 	NOT-FOR-US: D-Link hardware
-CVE-2002-1068
+CVE-2002-1068 (The web server for D-Link DP-300 print server allows remote attackers  ...)
 	NOT-FOR-US: D-Link hardware
-CVE-2002-1067
+CVE-2002-1067 (Administrative web interface for IC9 Pocket Print Server Firmware 7.1. ...)
 	NOT-FOR-US: IC9 Print Server
-CVE-2002-1066
+CVE-2002-1066 (Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Jana Server
-CVE-2002-1065
+CVE-2002-1065 (Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, doe ...)
 	NOT-FOR-US: Jana Server
-CVE-2002-1064
+CVE-2002-1064 (Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, gen ...)
 	NOT-FOR-US: Jana Server
-CVE-2002-1063
+CVE-2002-1063 (Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, all ...)
 	NOT-FOR-US: Jana Server
-CVE-2002-1062
+CVE-2002-1062 (Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1. ...)
 	NOT-FOR-US: Jana Server
-CVE-2002-1061
+CVE-2002-1061 (Multiple buffer overflows in Thomas Hauck Jana Server 2.x through 2.2. ...)
 	NOT-FOR-US: Jana Server
-CVE-2002-1058
+CVE-2002-1058 (Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3 ...)
 	NOT-FOR-US: Cobalt Qube
-CVE-2002-1055
+CVE-2002-1055 (Buffer overflow in administrative web server for Brother NC-3100h prin ...)
 	NOT-FOR-US: Brother hardware
-CVE-2002-1052
+CVE-2002-1052 (Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS  ...)
 	NOT-FOR-US: Jigsaw
-CVE-2002-1048
+CVE-2002-1048 (HP JetDirect printers allow remote attackers to obtain the administrat ...)
 	NOT-FOR-US: HP printers
-CVE-2002-1047
+CVE-2002-1047 (The FTP service in Watchguard Soho Firewall 5.0.35a allows remote atta ...)
 	NOT-FOR-US: Soho Firewall
-CVE-2002-1045
+CVE-2002-1045 (Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Ultrafunk Popcorn
-CVE-2002-1044
+CVE-2002-1044 (Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to c ...)
 	NOT-FOR-US: Ultrafunk Popcorn
-CVE-2002-1043
+CVE-2002-1043 (Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Ultrafunk Popcorn
-CVE-2002-1042
+CVE-2002-1042 (Directory traversal vulnerability in search engine for iPlanet web ser ...)
 	NOT-FOR-US: iPlanet
-CVE-2002-1041
+CVE-2002-1041 (Unknown vulnerability in DCE (1) SMIT panels and (2) configuration com ...)
 	NOT-FOR-US: SMIT
-CVE-2002-1040
+CVE-2002-1040 (Unknown vulnerability in the WebSecure (DFSWeb) configuration utilitie ...)
 	NOT-FOR-US: WebSecure
-CVE-2002-1038
+CVE-2002-1038 (Double Choco Latte (DCL) before 20020706 does not properly verify if a ...)
 	- dcl <not-affected> (Vulnerable code not present, affected dcl "Double Choco Latte")
 	NOTE: Until 2008 src:dcl was for the source for "Double Choco Latte". On
 	NOTE: 2017-08-30 an unrelated source took over the source package name dcl.
 	NOTE: Original issue fixed in dcl/1:0.9.2-1
-CVE-2002-1037
+CVE-2002-1037 (Cross-site scripting vulnerability in Double Choco Latte (DCL) before  ...)
 	- dcl <not-affected> (Vulnerable code not present, affected dcl "Double Choco Latte")
 	NOTE: Until 2008 src:dcl was for the source for "Double Choco Latte". On
 	NOTE: 2017-08-30 an unrelated source took over the source package name dcl.
 	NOTE: Original issue fixed in dcl/1:0.9.2-1
-CVE-2002-1036
+CVE-2002-1036 (Cross-site scripting vulnerability in search.pl for Fluid Dynamics Sea ...)
 	NOT-FOR-US: Fluid Dynamics
-CVE-2002-1034
+CVE-2002-1034 (none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbi ...)
 	NOT-FOR-US: iRunBook
-CVE-2002-1033
+CVE-2002-1033 (Directory traversal vulnerability in none.php for SunPS iRunbook 2.5.2 ...)
 	NOT-FOR-US: iRunBook
-CVE-2002-1032
+CVE-2002-1032 (Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows r ...)
 	NOT-FOR-US: KeyFocus Web Server
-CVE-2002-1029
+CVE-2002-1029 (Res Manager in Worldspan for Windows Gateway 4.1 allows remote attacke ...)
 	NOT-FOR-US: Worldspam for Windows
-CVE-2002-1028
+CVE-2002-1028 (Multiple buffer overflows in the CGI programs for Oddsock Song Request ...)
 	NOT-FOR-US: Oddsock Winamp plugin
-CVE-2002-1027
+CVE-2002-1027 (Cross-site scripting vulnerability in the default HTTP 500 error scrip ...)
 	NOT-FOR-US: Macromedia Sitespring
-CVE-2002-1026
+CVE-2002-1026 (Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2. ...)
 	NOT-FOR-US: Macromedia Sitespring
-CVE-2002-1023
+CVE-2002-1023 (BadBlue server allows remote attackers to cause a denial of service (c ...)
 	NOT-FOR-US: BadBlue
-CVE-2002-1022
+CVE-2002-1022 (BadBlue server stores passwords in plaintext in the ext.ini file, whic ...)
 	NOT-FOR-US: BadBlue
-CVE-2002-1021
+CVE-2002-1021 (BadBlue server allows remote attackers to read restricted files, such  ...)
 	NOT-FOR-US: BadBlue
-CVE-2002-1020
+CVE-2002-1020 (The library feature for Adobe Content Server 3.0 allows a remote attac ...)
 	NOT-FOR-US: Adobe
-CVE-2002-1019
+CVE-2002-1019 (The library feature for Adobe Content Server 3.0 allows a remote attac ...)
 	NOT-FOR-US: Adobe
-CVE-2002-1018
+CVE-2002-1018 (The library feature for Adobe Content Server 3.0 does not verify if a  ...)
 	NOT-FOR-US: Adobe
-CVE-2002-1017
+CVE-2002-1017 (Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other s ...)
 	NOT-FOR-US: Adobe
-CVE-2002-1016
+CVE-2002-1016 (Adobe eBook Reader allows a user to bypass restrictions for copy, prin ...)
 	NOT-FOR-US: Adobe
-CVE-2002-1012
+CVE-2002-1012 (Buffer overflow in web server for Tivoli Management Framework (TMF) Ma ...)
 	NOT-FOR-US: Tivoli
-CVE-2002-1011
+CVE-2002-1011 (Buffer overflow in web server for Tivoli Management Framework (TMF) En ...)
 	NOT-FOR-US: Tivoli
-CVE-2002-1010
+CVE-2002-1010 (Lotus Domino R4 allows remote attackers to bypass access restrictions  ...)
 	NOT-FOR-US: Domino
-CVE-2002-1009
+CVE-2002-1009 (Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as include ...)
 	NOT-FOR-US: PowerBASIC
-CVE-2002-1008
+CVE-2002-1008 (Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as incl ...)
 	NOT-FOR-US: PowerBASIC
-CVE-2002-1007
+CVE-2002-1007 (Cross-site scripting vulnerabilities in Blackboard 5 allow remote atta ...)
 	NOT-FOR-US: Blackboard
-CVE-2002-1005
+CVE-2002-1005 (ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to caus ...)
 	NOT-FOR-US: ArGoSoft
-CVE-2002-1003
+CVE-2002-1003 (Buffer overflow in MyWebServer 1.02 and earlier allows remote attacker ...)
 	NOT-FOR-US: MyWebServer
-CVE-2002-1001
+CVE-2002-1001 (Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers  ...)
 	NOT-FOR-US: AnalogX Proxy
-CVE-2002-0999
+CVE-2002-0999 (Multiple SQL injection vulnerabilities in CARE 2002 before beta 1.0.02 ...)
 	NOT-FOR-US: CARE
-CVE-2002-0998
+CVE-2002-0998 (Directory traversal vulnerability in cafenews.php for CARE 2002 before ...)
 	NOT-FOR-US: CARE
-CVE-2002-0997
+CVE-2002-0997 (Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 ...)
 	NOT-FOR-US: Novell
-CVE-2002-0996
+CVE-2002-0996 (Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C ...)
 	NOT-FOR-US: Novell
-CVE-2002-0994
+CVE-2002-0994 (SunPCi II VNC uses a weak authentication scheme, which allows remote a ...)
 	NOT-FOR-US: SunPci II VNC
-CVE-2002-0993
+CVE-2002-0993 (Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE)  ...)
 	NOT-FOR-US: HP
-CVE-2002-0992
+CVE-2002-0992 (Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced o ...)
 	NOT-FOR-US: HP
-CVE-2002-0991
+CVE-2002-0991 (Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01 ...)
 	NOT-FOR-US: HP
-CVE-2002-0983
+CVE-2002-0983 (IRC client irssi in irssi-text before 0.8.4 allows remote attackers to ...)
 	{DSA-157}
 	- irssi-text 0.8.5-2
-CVE-2002-0982
+CVE-2002-0982 (Microsoft SQL Server 2000 SP2, when configured as a distributor, allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0980
+CVE-2002-0980 (The Web Folder component for Internet Explorer 5.5 and 6.0 writes an e ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0979
+CVE-2002-0979 (The Java logging feature for the Java Virtual Machine in Internet Expl ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0978
+CVE-2002-0978 (Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0977
+CVE-2002-0977 (Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX contr ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0976
+CVE-2002-0976 (Internet Explorer 4.0 and later allows remote attackers to read arbitr ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0975
+CVE-2002-0975 (Buffer overflow in Microsoft DirectX Files Viewer ActiveX control (xwe ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0973
+CVE-2002-0973 (Integer signedness error in several system calls for FreeBSD 4.6.1 REL ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-0972
+CVE-2002-0972 (Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial o ...)
 	{DSA-165}
 	- postgresql 7.2.2-1
-CVE-2002-0971
+CVE-2002-0971 (Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to ex ...)
 	NOT-FOR-US: Microsoft Windows specific
-CVE-2002-0966
+CVE-2002-0966 (Buffer overflow in 4D web server 6.7.3 allow remote attackers to cause ...)
 	NOT-FOR-US: 4D web server
-CVE-2002-0963
+CVE-2002-0963 (SQL injection vulnerability in comment.php for GeekLog 1.3.5 and earli ...)
 	NOT-FOR-US: GeekLog
-CVE-2002-0962
+CVE-2002-0962 (Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allo ...)
 	NOT-FOR-US: GeekLog
-CVE-2002-0961
+CVE-2002-0961 (Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote att ...)
 	NOT-FOR-US: Voxel Dot Net CBMS
-CVE-2002-0960
+CVE-2002-0960 (Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0. ...)
 	NOT-FOR-US: Voxel Dot Net CBMS
-CVE-2002-0959
+CVE-2002-0959 (Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote a ...)
 	NOT-FOR-US: Splatt Forum
-CVE-2002-0957
+CVE-2002-0957 (The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a  ...)
 	NOT-FOR-US: BlackICE Agent
-CVE-2002-0956
+CVE-2002-0956 (BlackICE Agent 3.1.eal does not always reactivate after a system stand ...)
 	NOT-FOR-US: BlackICE Agent
-CVE-2002-0955
+CVE-2002-0955 (Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulleti ...)
 	NOT-FOR-US: YaBB
-CVE-2002-0954
+CVE-2002-0954 (The encryption algorithms for enable and passwd commands on Cisco PIX  ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0951
+CVE-2002-0951 (SQL injection vulnerability in Ruslan &lt;Body&gt;Builder allows remot ...)
 	NOT-FOR-US: Ruslan
-CVE-2002-0950
+CVE-2002-0950 (Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and ...)
 	NOT-FOR-US: TransWARE Active!
-CVE-2002-0949
+CVE-2002-0949 (Telindus 1100 series ADSL router allows remote attackers to gain privi ...)
 	NOT-FOR-US: Telindus ADSL router
-CVE-2002-0948
+CVE-2002-0948 (Scripts For Educators MakeBook 2.2 CGI program allows remote attackers ...)
 	NOT-FOR-US: MakeBook
-CVE-2002-0944
+CVE-2002-0944 (Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03 throug ...)
 	NOT-FOR-US: DeepMetrix LiveStats
-CVE-2002-0943
+CVE-2002-0943 (MetaCart2.sql stores the user database under the web document root wit ...)
 	NOT-FOR-US: MetaCart
-CVE-2002-0942
+CVE-2002-0942 (Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers  ...)
 	NOT-FOR-US: Lugiment Log Explorer
-CVE-2002-0940
+CVE-2002-0940 (domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use  ...)
 	NOT-FOR-US: nCipher MSCAPI
-CVE-2002-0939
+CVE-2002-0939 (The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator C ...)
 	NOT-FOR-US: nCipher MSCAPI
-CVE-2002-0937
+CVE-2002-0937 (The Java Server Pages (JSP) engine in JRun allows web page owners to c ...)
 	NOT-FOR-US: JRun
-CVE-2002-0936
+CVE-2002-0936 (The Java Server Pages (JSP) engine in Tomcat allows web page owners to ...)
 	- tomcat 3.2.3-1
-CVE-2002-0934
+CVE-2002-0934 (Directory traversal vulnerability in Jon Hedley AlienForm2 (typically  ...)
 	NOT-FOR-US: Jon Hedley AlienForm2
-CVE-2002-0933
+CVE-2002-0933 (Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords ...)
 	NOT-FOR-US: Datalex PLC BooktIt Consumer
-CVE-2002-0932
+CVE-2002-0932 (SQL injection vulnerability in index.php for MyHelpDesk 20020509, and  ...)
 	NOT-FOR-US: MyHelpDesk
-CVE-2002-0931
+CVE-2002-0931 (Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and possi ...)
 	NOT-FOR-US: MyHelpDesk
-CVE-2002-0930
+CVE-2002-0930 (Format string vulnerability in the FTP server for Novell Netware 6.0 S ...)
 	NOT-FOR-US: Netware
-CVE-2002-0929
+CVE-2002-0929 (Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote a ...)
 	NOT-FOR-US: Netware
-CVE-2002-0928
+CVE-2002-0928 (Buffer overflow in the Pirch 98 IRC client allows remote attackers to  ...)
 	NOT-FOR-US: pirch
-CVE-2002-0926
+CVE-2002-0926 (Directory traversal vulnerability in Wolfram Research webMathematica 1 ...)
 	NOT-FOR-US: webMathematica
-CVE-2002-0925
+CVE-2002-0925 (Format string vulnerability in mmsyslog function allows remote attacke ...)
 	NOT-FOR-US: mmftpd not in Debian anymore
-CVE-2002-0924
+CVE-2002-0924 (CGIScript.net csNews.cgi allows remote authenticated users to execute  ...)
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0923
+CVE-2002-0923 (CGIScript.net csNews.cgi allows remote authenticated users to read arb ...)
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0922
+CVE-2002-0922 (CGIScript.net csNews.cgi allows remote attackers to obtain database fi ...)
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0921
+CVE-2002-0921 (CGIScript.net csNews.cgi allows remote attackers to obtain potentially ...)
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0920
+CVE-2002-0920 (CGIScript.net csPassword.cgi stores usernames and unencrypted password ...)
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0919
+CVE-2002-0919 (CGIScript.net csPassword.cgi allows remote authenticated users to modi ...)
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0918
+CVE-2002-0918 (CGIScript.net csPassword.cgi leaks sensitive information such as the p ...)
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0917
+CVE-2002-0917 (CGIScript.net csPassword.cgi stores .htpasswd files under the web docu ...)
 	NOT-FOR-US: CGIScript.net not int Debian
-CVE-2002-0915
+CVE-2002-0915 (autorun in Xandros based Linux distributions allows local users to rea ...)
 	NOT-FOR-US: Xandros specific tool
-CVE-2002-0913
+CVE-2002-0913 (Format string vulnerability in log_doit function of Slurp NNTP client  ...)
 	NOT-FOR-US: Slurp NNTP
-CVE-2002-0912
+CVE-2002-0912 (in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other opera ...)
 	NOTE: DSA-129
-CVE-2002-0910
+CVE-2002-0910 (Buffer overflows in netstd 3.07-17 package allows remote DNS servers t ...)
 	NOTE: netstd
-CVE-2002-0909
+CVE-2002-0909 (Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote ...)
 	NOT-FOR-US: mnews
-CVE-2002-0908
+CVE-2002-0908 (Directory traversal vulnerability in the web server for Cisco IDS Devi ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0907
+CVE-2002-0907 (Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 al ...)
 	NOT-FOR-US: SHOUTcast
-CVE-2002-0905
+CVE-2002-0905 (Buffer overflow in sqlexec for Informix SE-7.25 allows local users to  ...)
 	NOT-FOR-US: Informix
-CVE-2002-0903
+CVE-2002-0903 (register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small nu ...)
 	NOT-FOR-US: wbboard
-CVE-2002-0902
+CVE-2002-0902 (Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remo ...)
 	- phpbb2 2.0.6c-1
-CVE-2002-0901
+CVE-2002-0901 (Multiple buffer overflows in Advanced Maryland Automatic Network Disk  ...)
 	- amanda 2.4.0b6-1
-CVE-2002-0899
+CVE-2002-0899 (Falcon web server 2.0.0.1021 and earlier allows remote attackers to by ...)
 	NOT-FOR-US: Falcon
-CVE-2002-0896
+CVE-2002-0896 (The throttle capability in Swatch may fail to report certain events if ...)
 	- swatch 3.0.4-1
-CVE-2002-0894
+CVE-2002-0894 (NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a de ...)
 	NOT-FOR-US: NewAtlanta ServletExec
-CVE-2002-0893
+CVE-2002-0893 (Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1  ...)
 	NOT-FOR-US: NewAtlanta ServletExec
-CVE-2002-0888
+CVE-2002-0888 (3Com OfficeConnect Remote 812 ADSL Router, firmware 1.1.9 and 1.1.7, a ...)
 	NOT-FOR-US: 3com
-CVE-2002-0886
+CVE-2002-0886 (Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote att ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0885
+CVE-2002-0885 (Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and pos ...)
 	NOT-FOR-US: Solaris
-CVE-2002-0884
+CVE-2002-0884 (Multiple format string vulnerabilities in in.rarpd (ARP server) on Sol ...)
 	NOT-FOR-US: Solaris
-CVE-2002-0883
+CVE-2002-0883 (Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1 ...)
 	NOT-FOR-US: Compaq
-CVE-2002-0882
+CVE-2002-0882 (The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 a ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0881
+CVE-2002-0881 (Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default admini ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0880
+CVE-2002-0880 (Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allow remote attacke ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0879
+CVE-2002-0879 (showtemp.cfm for Gafware CFXImage 1.6.6 allows remote attackers to rea ...)
 	NOT-FOR-US: CFXImage
-CVE-2002-0878
+CVE-2002-0878 (SQL injection vulnerability in the login form for LogiSense software i ...)
 	NOT-FOR-US: LogiSense
-CVE-2002-0877
+CVE-2002-0877 (Directory traversal vulnerability in the FTP server for Shambala 4.5 a ...)
 	NOT-FOR-US: Shambala
-CVE-2002-0876
+CVE-2002-0876 (Web server for Shambala 4.5 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Shambala
-CVE-2002-0874
+CVE-2002-0874 (Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when ru ...)
 	{DSA-150}
 	- interchange 4.8.6-1
-CVE-2002-0870
+CVE-2002-0870 (The original patch for the Cisco Content Service Switch 11000 Series a ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0869
+CVE-2002-0869 (Unknown vulnerability in the hosting process (dllhost.exe) for Microso ...)
 	NOT-FOR-US: IIS
 CVE-2002-0868
 	RESERVED
-CVE-2002-0863
+CVE-2002-0863 (Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and R ...)
 	NOT-FOR-US: Windows
-CVE-2002-0862
+CVE-2002-0862 (The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0861
+CVE-2002-0861 (Microsoft Office Web Components (OWC) 2000 and 2002 allows remote atta ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0858
+CVE-2002-0858 (catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a def ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0857
+CVE-2002-0857 (Format string vulnerabilities in Oracle Listener Control utility (lsnr ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0855
+CVE-2002-0855 (Cross-site scripting vulnerability in Mailman before 2.0.12 allows rem ...)
 	{DSA-147}
 	- mailman 2.0.12-1
-CVE-2002-0854
+CVE-2002-0854 (Buffer overflows in ISDN Point to Point Protocol (PPP) daemon (ipppd)  ...)
 	NOT-FOR-US: SuSE specific
-CVE-2002-0852
+CVE-2002-0852 (Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 a ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0849
+CVE-2002-0849 (Linux-iSCSI iSCSI implementation installs the iscsi.conf file with wor ...)
 	NOT-FOR-US: iSCSI
-CVE-2002-0843
+CVE-2002-0843 (Buffer overflows in the ApacheBench benchmark support program (ab.c) i ...)
 	{DSA-195 DSA-188 DSA-187}
 	- apache 1.3.27-0.1
 	- apache-perl 1.3.26-1.1-1.27-3-1
 CVE-2002-0841
 	REJECTED
-CVE-2002-0839
+CVE-2002-0839 (The shared memory scoreboard in the HTTP daemon for Apache 1.3.x befor ...)
 	{DSA-195 DSA-188 DSA-187}
 	- apache 1.3.27-0.1
 	- apache-perl 1.3.26-1.1-1.27-3-1
-CVE-2002-0838
+CVE-2002-0838 (Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier ...)
 	{DSA-182 DSA-179 DSA-176}
 	- kdegraphics 4:2.2.2-6.9
 	- gnome-gv 1.99.7-9
 	- gv 1:3.5.8-27
-CVE-2002-0837
+CVE-2002-0837 (wordtrans 1.1pre8 and earlier in the wordtrans-web package allows remo ...)
 	- wordtrans 1.1pre9
-CVE-2002-0834
+CVE-2002-0834 (Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier a ...)
 	{DSA-162}
 	- ethereal 0.9.6-1
-CVE-2002-0833
+CVE-2002-0833 (Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly ot ...)
 	NOT-FOR-US: Eudora
-CVE-2002-0832
+CVE-2002-0832 (Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass cook ...)
 	NOT-FOR-US: Internet Explorer
 CVE-2002-0828
 	REJECTED
-CVE-2002-0827
+CVE-2002-0827 (Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows loc ...)
 	NOT-FOR-US: UnixWare
-CVE-2002-0825
+CVE-2002-0825 (Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 a ...)
 	- libnss-ldap 199-1
-CVE-2002-0822
+CVE-2002-0822 (Ethereal 0.9.4 and earlier allows remote attackers to cause a denial o ...)
 	- ethereal 0.9.4-1woody1
-CVE-2002-0821
+CVE-2002-0821 (Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers  ...)
 	- ethereal 0.9.4-1woody1
-CVE-2002-0820
+CVE-2002-0820 (FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-0819
+CVE-2002-0819 (Format string vulnerability in artsd, when called by artswrapper, allo ...)
 	- arts <not-affected> (artscontrol not suid root)
-CVE-2002-0815
+CVE-2002-0815 (The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netsc ...)
 	- mozilla 2:1.0.0-1
-CVE-2002-0812
+CVE-2002-0812 (Information leak in Compaq WL310, and the Orinoco Residential Gateway  ...)
 	NOT-FOR-US: Compaq hardware
-CVE-2002-0811
+CVE-2002-0811 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote ...)
 	NOTE: bugzilla 2.16.0-2.1
-CVE-2002-0807
+CVE-2002-0807 (Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, a ...)
 	NOTE: bugzilla 2.16.0-2.1
-CVE-2002-0803
+CVE-2002-0803 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote at ...)
 	NOTE: bugzilla 2.16.0-2.1
-CVE-2002-0800
+CVE-2002-0800 (BadBlue 1.7.0 allows remote attackers to list the contents of director ...)
 	NOT-FOR-US: BadBlue
-CVE-2002-0799
+CVE-2002-0799 (Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers ...)
 	NOT-FOR-US: YoungZoft
-CVE-2002-0798
+CVE-2002-0798 (Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local user ...)
 	NOT-FOR-US: HP
-CVE-2002-0797
+CVE-2002-0797 (Buffer overflow in the MIB parsing component of mibiisa for Solaris 5. ...)
 	NOT-FOR-US: Solaris
-CVE-2002-0796
+CVE-2002-0796 (Format string vulnerability in the logging component of snmpdx for Sol ...)
 	NOT-FOR-US: Solaris
-CVE-2002-0793
+CVE-2002-0793 (Hard link and possibly symbolic link following vulnerabilities in QNX  ...)
 	NOT-FOR-US: QNX
-CVE-2002-0792
+CVE-2002-0792 (The web management interface for Cisco Content Service Switch (CSS) 11 ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0791
+CVE-2002-0791 (Novell Netware FTP server NWFTPD before 5.02r allows remote attackers  ...)
 	NOT-FOR-US: Novell
-CVE-2002-0787
+CVE-2002-0787 (Cross-site scripting vulnerabilities in iCon administrative web server ...)
 	NOT-FOR-US: iCon
-CVE-2002-0786
+CVE-2002-0786 (iCon administrative web server for Critical Path inJoin Directory Serv ...)
 	NOT-FOR-US: Critical Path inJoin Directory Server
-CVE-2002-0784
+CVE-2002-0784 (Directory traversal vulnerability in Lysias Lidik web server 0.7b allo ...)
 	NOT-FOR-US: Lidik web server
-CVE-2002-0783
+CVE-2002-0783 (Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: Opera
-CVE-2002-0782
+CVE-2002-0782 (Novell BorderManager 3.5 with PAT (Port-Address Translate) enabled all ...)
 	NOT-FOR-US: Novell
-CVE-2002-0781
+CVE-2002-0781 (RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers  ...)
 	NOT-FOR-US: Novell
-CVE-2002-0780
+CVE-2002-0780 (IP/IPX gateway for Novell BorderManager 3.6 SP 1a allows remote attack ...)
 	NOT-FOR-US: Novell
-CVE-2002-0779
+CVE-2002-0779 (FTP proxy server for Novell BorderManager 3.6 SP 1a allows remote atta ...)
 	NOT-FOR-US: Novell
-CVE-2002-0775
+CVE-2002-0775 (browse.asp in Hosting Controller allows remote attackers to view arbit ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2002-0774
+CVE-2002-0774 (Hosting Controller creates a default user AdvWebadmin with a default p ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2002-0773
+CVE-2002-0773 (imp_rootdir.asp for Hosting Controller allows remote attackers to copy ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2002-0772
+CVE-2002-0772 (Directory traversal vulnerability in dsnmanager.asp for Hosting Contro ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2002-0771
+CVE-2002-0771 (Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 al ...)
 	- viewcvs 0.9.2-5
-CVE-2002-0770
+CVE-2002-0770 (Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain se ...)
 	NOT-FOR-US: Historic Quake2 issue
-CVE-2002-0769
+CVE-2002-0769 (The web-based configuration interface for the Cisco ATA 186 Analog Tel ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0767
+CVE-2002-0767 (simpleinit on Linux systems does not close a read/write FIFO file desc ...)
 	NOT-FOR-US: simpleinit
-CVE-2002-0764
+CVE-2002-0764 (Phorum 3.3.2a allows remote attackers to execute arbitrary commands vi ...)
 	NOT-FOR-US: Phorum
-CVE-2002-0763
+CVE-2002-0763 (Vulnerability in administration server for HP VirtualVault 4.5 on HP-U ...)
 	NOT-FOR-US: HP
-CVE-2002-0757
+CVE-2002-0757 ((1) Webmin 0.96 and (2) Usermin 0.90 with password timeouts enabled al ...)
 	- webmin 0.980-1
 	- usermin 0.910-1
-CVE-2002-0756
+CVE-2002-0756 (Cross-site scripting vulnerability in the authentication page for (1)  ...)
 	- webmin 0.980-1
 	- usermin 0.910-1
-CVE-2002-0753
+CVE-2002-0753 (Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to exec ...)
 	NOT-FOR-US: Talentsoft
-CVE-2002-0752
+CVE-2002-0752 (CGIscript.net csMailto.cgi program exports feedback to a file that is  ...)
 	NOT-FOR-US: CGIscript.net
-CVE-2002-0751
+CVE-2002-0751 (CGIscript.net csMailto.cgi program allows remote attackers to use csMa ...)
 	NOT-FOR-US: CGIscript.net
-CVE-2002-0750
+CVE-2002-0750 (CGIscript.net csMailto.cgi program allows remote attackers to read arb ...)
 	NOT-FOR-US: CGIscript.net
-CVE-2002-0749
+CVE-2002-0749 (CGIscript.net csMailto.cgi allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: CGIscript.net
-CVE-2002-0747
+CVE-2002-0747 (Buffer overflow in lsmcode in AIX 4.3.3. ...)
 	NOT-FOR-US: AIX
-CVE-2002-0746
+CVE-2002-0746 (Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure li ...)
 	NOT-FOR-US: AIX
-CVE-2002-0745
+CVE-2002-0745 (Buffer overflow in uucp in AIX 4.3.3. ...)
 	NOT-FOR-US: AIX
-CVE-2002-0744
+CVE-2002-0744 (namerslv in AIX 4.3.3 core dumps when called with a very long argument ...)
 	NOT-FOR-US: AIX
-CVE-2002-0743
+CVE-2002-0743 (mail and mailx in AIX 4.3.3 core dump when called with a very long arg ...)
 	NOT-FOR-US: AIX
-CVE-2002-0742
+CVE-2002-0742 (Buffer overflow in pioout on AIX 4.3.3. ...)
 	NOT-FOR-US: AIX
-CVE-2002-0740
+CVE-2002-0740 (Buffer overflow in slrnpull for the SLRN package, when installed setui ...)
 	- slrn 0.9.6.2-9
-CVE-2002-0739
+CVE-2002-0739 (Cross-site scripting in PostCalendar 3.02 allows remote attackers to i ...)
 	NOT-FOR-US: PostCalendat
-CVE-2002-0735
+CVE-2002-0735 (Format string vulnerability in the logging() function in C-Note Squid  ...)
 	- squid <not-affected> (Historic vulnerability, fixed before Woody was released)
-CVE-2002-0732
+CVE-2002-0732 (Cross-site scripting vulnerability in MyGuestbook 1.0 allows remote at ...)
 	NOT-FOR-US: MyGuestbook
-CVE-2002-0731
+CVE-2002-0731 (Cross-site scripting vulnerability in demonstration scripts for vqServ ...)
 	NOT-FOR-US: vqServer
-CVE-2002-0730
+CVE-2002-0730 (Cross-site scripting vulnerability in guestbook.pl for Philip Chinery' ...)
 	NOT-FOR-US: guestbook
-CVE-2002-0728
+CVE-2002-0728 (Buffer overflow in the progressive reader for libpng 1.2.x before 1.2. ...)
 	{DSA-140}
 	- libpng 1.0.12-4
 	- libpng3 1.2.1-2
-CVE-2002-0725
+CVE-2002-0725 (NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local a ...)
 	NOT-FOR-US: windows
-CVE-2002-0724
+CVE-2002-0724 (Buffer overflow in SMB (Server Message Block) protocol in Microsoft Wi ...)
 	NOT-FOR-US: windows
-CVE-2002-0723
+CVE-2002-0723 (Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the d ...)
 	NOT-FOR-US: internet explorer
-CVE-2002-0721
+CVE-2002-0721 (Microsoft SQL Server 7.0 and 2000 installs with weak permissions for e ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2002-0717
+CVE-2002-0717 (PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of servi ...)
 	- php4 4:4.2.2-1
-CVE-2002-0715
+CVE-2002-0715 (Vulnerability in Squid before 2.4.STABLE6 related to proxy authenticat ...)
 	- squid 2.4.6-2
-CVE-2002-0713
+CVE-2002-0713 (Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to ...)
 	- squid 2.4.6-2
-CVE-2002-0712
+CVE-2002-0712 (Entrust Authority Security Manager (EASM) 6.0 does not properly requir ...)
 	NOT-FOR-US: EASM
-CVE-2002-0711
+CVE-2002-0711 (Unknown vulnerability in Cluster Interconnect for HP TruCluster Server ...)
 	NOT-FOR-US: HP
-CVE-2002-0709
+CVE-2002-0709 (SQL injection vulnerabilities in the Web Reports Server for SurfContro ...)
 	NOT-FOR-US: no_package
-CVE-2002-0708
+CVE-2002-0708 (Directory traversal vulnerability in the Web Reports Server for SurfCo ...)
 	NOT-FOR-US: no_package
-CVE-2002-0707
+CVE-2002-0707 (The Web Reports Server for SurfControl SuperScout WebFilter allows rem ...)
 	NOT-FOR-US: no_package
-CVE-2002-0706
+CVE-2002-0706 (UserManager.js in the Web Reports Server for SurfControl SuperScout We ...)
 	NOT-FOR-US: no_package
-CVE-2002-0705
+CVE-2002-0705 (The Web Reports Server for SurfControl SuperScout WebFilter stores the ...)
 	NOT-FOR-US: no_package
-CVE-2002-0702
+CVE-2002-0702 (Format string vulnerabilities in the logging routines for dynamic DNS  ...)
 	- dhcp3 3.0+3.0.1rc9-1
-CVE-2002-0699
+CVE-2002-0699 (Unknown vulnerability in the Certificate Enrollment ActiveX Control in ...)
 	NOT-FOR-US: windows
-CVE-2002-0693
+CVE-2002-0693 (Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Micro ...)
 	NOT-FOR-US: windows
-CVE-2002-0690
+CVE-2002-0690 (Format string vulnerability in McAfee Security ePolicy Orchestrator (e ...)
 	NOT-FOR-US: McAfee
 CVE-2002-0689
 	RESERVED
-CVE-2002-0686
+CVE-2002-0686 (Buffer overflow in the search component for iPlanet Web Server (iWS) 4 ...)
 	NOT-FOR-US: no_package
-CVE-2002-0684
+CVE-2002-0684 (Buffer overflow in DNS resolver functions that perform lookup of netwo ...)
 	- glibc 2.2.5-8
-CVE-2002-0683
+CVE-2002-0683 (Directory traversal vulnerability in Carello 1.3 allows remote attacke ...)
 	NOT-FOR-US: no_package
-CVE-2002-0681
+CVE-2002-0681 (Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows re ...)
 	NOT-FOR-US: no_package
-CVE-2002-0680
+CVE-2002-0680 (Directory traversal vulnerability in GoAhead Web Server 2.1 allows rem ...)
 	NOT-FOR-US: no_package
-CVE-2002-0677
+CVE-2002-0677 (CDE ToolTalk database server (ttdbserver) allows remote attackers to o ...)
 	NOT-FOR-US: no_package
-CVE-2002-0675
+CVE-2002-0675 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 do ...)
 	NOT-FOR-US: no_package
-CVE-2002-0670
+CVE-2002-0670 (The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1. ...)
 	NOT-FOR-US: no_package
-CVE-2002-0669
+CVE-2002-0669 (The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1. ...)
 	NOT-FOR-US: no_package
-CVE-2002-0667
+CVE-2002-0667 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 ha ...)
 	NOT-FOR-US: no_package
-CVE-2002-0666
+CVE-2002-0666 (IPSEC implementations including (1) FreeS/WAN and (2) KAME do not prop ...)
 	{DSA-201}
 	- freeswan 1.99-1
-CVE-2002-0664
+CVE-2002-0664 (The default Access Control Lists (ACLs) of the administration database ...)
 	NOT-FOR-US: ZMerge
-CVE-2002-0661
+CVE-2002-0661 (Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Wind ...)
 	- apache2 2.0.40
-CVE-2002-0660
+CVE-2002-0660 (Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody ...)
 	{DSA-140}
 	- libpng 1.0.12-4
 	- libpng3 1.2.1-2
-CVE-2002-0659
+CVE-2002-0659 (The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and ea ...)
 	{DSA-136}
 	- openssl 0.9.6e-1
-CVE-2002-0657
+CVE-2002-0657 (Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos ena ...)
 	{DSA-136}
 	- openssl 0.9.6e-1
-CVE-2002-0656
+CVE-2002-0656 (Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and ea ...)
 	{DSA-136}
 	- openssl 0.9.6e-1
-CVE-2002-0655
+CVE-2002-0655 (OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not prop ...)
 	{DSA-136}
 	- openssl 0.9.6e-1
-CVE-2002-1412
+CVE-2002-1412 (Gallery photo album package before 1.3.1 allows local and possibly rem ...)
 	{DSA-138}
 	- gallery 1.3-3
-CVE-2002-1574
+CVE-2002-1574 (Buffer overflow in the ixj telephony card driver in Linux before 2.4.2 ...)
 	NOTE: fixed after 2.6/2.4.20 kernel
-CVE-2002-1560
+CVE-2002-1560 (index.php in gBook 1.4 allows remote attackers to bypass authenticatio ...)
 	NOT-FOR-US: gbook not in Debian
-CVE-2002-1552
+CVE-2002-1552 (Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users  ...)
 	NOT-FOR-US: novell
-CVE-2002-1550
+CVE-2002-1550 (dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary fi ...)
 	NOT-FOR-US: AIX
-CVE-2002-1549
+CVE-2002-1549 (Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to ...)
 	NOT-FOR-US: lhttpd not in Debian
-CVE-2002-1548
+CVE-2002-1548 (Unknown vulnerability in autofs on AIX 4.3.0, when using executable ma ...)
 	NOT-FOR-US: AIX
-CVE-2002-1547
+CVE-2002-1547 (Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers ...)
 	NOT-FOR-US: Netscreen
-CVE-2002-1543
+CVE-2002-1543 (Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users ...)
 	NOT-FOR-US: NetBSD
-CVE-2002-1541
+CVE-2002-1541 (BadBlue 1.7 allows remote attackers to bypass password protections for ...)
 	NOT-FOR-US: BadBlue not in Debian
-CVE-2002-1540
+CVE-2002-1540 (The client for Symantec Norton AntiVirus Corporate Edition 7.5.x befor ...)
 	NOT-FOR-US: norton
-CVE-2002-1538
+CVE-2002-1538 (Acuma Acusend 4, and possibly earlier versions, allows remote authenti ...)
 	NOT-FOR-US: acusend not in Debian
-CVE-2002-1537
+CVE-2002-1537 (admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administra ...)
 	- phpbb2 2.0.6c-1
 	NOTE: according to http://www.securityfocus.com/archive/1/297419
 	NOTE: phpBB versions above 2.0.0 are not vulnerable.
-CVE-2002-1534
+CVE-2002-1534 (Macromedia Flash Player allows remote attackers to read arbitrary file ...)
 	NOTE: only affects flash 6.0 - 6.0.47.0, which is not in Debian
-CVE-2002-1532
+CVE-2002-1532 (The administrative web interface (STEMWADM) for SurfControl SuperScout ...)
 	NOT-FOR-US: surfcontrol
-CVE-2002-1531
+CVE-2002-1531 (The administrative web interface (STEMWADM) for SurfControl SuperScout ...)
 	NOT-FOR-US: surfcontrol
-CVE-2002-1530
+CVE-2002-1530 (The administrative web interface (STEMWADM) for SurfControl SuperScout ...)
 	NOT-FOR-US: surfcontrol
-CVE-2002-1529
+CVE-2002-1529 (Cross-site scripting (XSS) vulnerability in msgError.asp for the admin ...)
 	NOT-FOR-US: surfcontrol
-CVE-2002-1528
+CVE-2002-1528 (MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain the s ...)
 	NOT-FOR-US: mondosearch
-CVE-2002-1524
+CVE-2002-1524 (Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) all ...)
 	NOT-FOR-US: winamp
-CVE-2002-1521
+CVE-2002-1521 (Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD ...)
 	NOT-FOR-US: webserver 4D
-CVE-2002-1520
+CVE-2002-1520 (The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and R ...)
 	NOT-FOR-US: WatchGuard
-CVE-2002-1519
+CVE-2002-1519 (Format string vulnerability in the CLI interface for WatchGuard Firebo ...)
 	NOT-FOR-US: WatchGuard
-CVE-2002-1518
+CVE-2002-1518 (mv in IRIX 6.5 creates a directory with world-writable permissions whi ...)
 	NOT-FOR-US: IRIX
-CVE-2002-1517
+CVE-2002-1517 (fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file ac ...)
 	NOT-FOR-US: IRIX
-CVE-2002-1516
+CVE-2002-1516 (rpcbind in SGI IRIX, when using the -w command line switch, allows loc ...)
 	NOT-FOR-US: IRIX
-CVE-2002-1514
+CVE-2002-1514 (gds_lock_mgr in Borland InterBase allows local users to overwrite file ...)
 	NOT-FOR-US: interbase
-CVE-2002-1513
+CVE-2002-1513 (The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 a ...)
 	NOT-FOR-US: OpenVMS
-CVE-2002-1511
+CVE-2002-1511 (The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() functi ...)
 	- vnc 3.3.3r2-21
-CVE-2002-1510
+CVE-2002-1510 (xdm, with the authComplain variable set to false, allows arbitrary att ...)
 	- xfree86 4.1.0-7
-CVE-2002-1509
+CVE-2002-1509 (A patch for shadow-utils 20000902 causes the useradd command to create ...)
 	NOT-FOR-US: redhat and mandrake only
-CVE-2002-1505
+CVE-2002-1505 (SQL injection vulnerability in board.php for WoltLab Burning Board (wB ...)
 	NOT-FOR-US: WoltLab Burning Board not in Debian
-CVE-2002-1502
+CVE-2002-1502 (Symbolic link vulnerability in xbreaky before 0.5.5 allows local users ...)
 	NOT-FOR-US: xbreaky not in Debian
-CVE-2002-1501
+CVE-2002-1501 (The MPS functionality in Enterasys SSR8000 (Smart Switch Router) befor ...)
 	NOT-FOR-US: Enterasys
-CVE-2002-1497
+CVE-2002-1497 (Cross-site scripting (XSS) vulnerability in Null HTTP Server 0.5.0 and ...)
 	NOT-FOR-US: Null HTTP Server not in Debian
-CVE-2002-1496
+CVE-2002-1496 (Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allow ...)
 	NOT-FOR-US: Null HTTP Server not in Debian
-CVE-2002-1494
+CVE-2002-1494 (Cross-site scripting (XSS) vulnerabilities in Aestiva HTML/OS allows r ...)
 	NOT-FOR-US: Aestiva
-CVE-2002-1493
+CVE-2002-1493 (Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook a ...)
 	NOT-FOR-US: Lycos
-CVE-2002-1491
+CVE-2002-1491 (The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most rece ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1490
+CVE-2002-1490 (NetBSD 1.4 through 1.6 beta allows local users to cause a denial of se ...)
 	NOT-FOR-US: NetBSD
-CVE-2002-1479
+CVE-2002-1479 (Cacti before 0.6.8 stores a MySQL username and password in plaintext i ...)
 	- cacti 0.6.8-1
-CVE-2002-1478
+CVE-2002-1478 (Cacti before 0.6.8 allows attackers to execute arbitrary commands via  ...)
 	{DSA-164}
 	- cacti 0.6.8a-2
-CVE-2002-1477
+CVE-2002-1477 (graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti adm ...)
 	{DSA-164}
 	- cacti 0.6.8a-2
-CVE-2002-1476
+CVE-2002-1476 (Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and  ...)
 	NOT-FOR-US: NetBSD
-CVE-2002-1472
+CVE-2002-1472 (Untrusted search path vulnerability in libX11.so in xfree86, when used ...)
 	- xfree86 4.2.1-1 (bug #280872)
-CVE-2002-1471
+CVE-2002-1471 (The camel component for Ximian Evolution 1.0.x and earlier does not ve ...)
 	- evolution 1.2.0-1 (bug #280883)
-CVE-2002-1469
+CVE-2002-1469 (scponly does not properly verify the path when finding the (1) scp or  ...)
 	- scponly 3.8-1
 	NOTE: according to http://web.archive.org/web/20150425070754/http://sublimation.org/scponly/ (scponly home page)
 	NOTE: only versions of scponly older than scponly-2.4 are affected
-CVE-2002-1468
+CVE-2002-1468 (Buffer overflow in errpt in AIX 4.3.3 allows local users to execute ar ...)
 	NOT-FOR-US: AIX
-CVE-2002-1463
+CVE-2002-1463 (Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and  ...)
 	NOT-FOR-US: symantec
-CVE-2002-1448
+CVE-2002-1448 (An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya ...)
 	NOT-FOR-US: Avaya P330, P130, and M770-ATM Cajun products
-CVE-2002-1447
+CVE-2002-1447 (Buffer overflow in the vpnclient program for UNIX VPN Client before 3. ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1446
+CVE-2002-1446 (The error checking routine used for the C_Verify call on a symmetric v ...)
 	NOT-FOR-US: nCipher PKCS#11 library
-CVE-2002-1443
+CVE-2002-1443 (The Google toolbar 1.1.58 and earlier allows remote web sites to monit ...)
 	NOT-FOR-US: Google toolbar
-CVE-2002-1438
+CVE-2002-1438 (The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 all ...)
 	NOT-FOR-US: Perl on Novell
-CVE-2002-1437
+CVE-2002-1437 (Directory traversal vulnerability in the web handler for Perl 5.003 on ...)
 	NOT-FOR-US: Perl on Novell
-CVE-2002-1436
+CVE-2002-1436 (The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 all ...)
 	NOT-FOR-US: Perl on Novell
-CVE-2002-1435
+CVE-2002-1435 (class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1, except 0 ...)
 	NOT-FOR-US: Achievo not in Debian
-CVE-2002-1430
+CVE-2002-1430 (Unknown vulnerability in Sympoll 1.2 allows remote attackers to read a ...)
 	NOT-FOR-US: Sympoll not in Debian
-CVE-2002-1425
+CVE-2002-1425 (Directory traversal vulnerability in munpack in mpack 1.5 and earlier  ...)
 	{DSA-141}
 	- mpack 1.5-9
-CVE-2002-1424
+CVE-2002-1424 (Buffer overflow in munpack in mpack 1.5 and earlier allows remote atta ...)
 	- mpack 1.5-9
-CVE-2002-1420
+CVE-2002-1420 (Integer signedness error in select() on OpenBSD 3.1 and earlier allows ...)
 	NOT-FOR-US: OpenBSD
-CVE-2002-1419
+CVE-2002-1419 (The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes th ...)
 	NOT-FOR-US: IRIX on Origin
-CVE-2002-1418
+CVE-2002-1418 (Buffer overflow in the interpreter for Novell NetBasic Scripting Serve ...)
 	NOT-FOR-US: Novell NetBasic Scripting Server
-CVE-2002-1417
+CVE-2002-1417 (Directory traversal vulnerability in Novell NetBasic Scripting Server  ...)
 	NOT-FOR-US: Novell NetBasic Scripting Server
-CVE-2002-1414
+CVE-2002-1414 (Buffer overflow in qmailadmin allows local users to gain privileges vi ...)
 	- qmailadmin 1.0.6-1
-CVE-2002-1413
+CVE-2002-1413 (RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, al ...)
 	NOT-FOR-US: RCONAG6 for Novell Netware SP2
-CVE-2002-1407
+CVE-2002-1407 (TinySSL 1.02 and earlier does not verify the Basic Constraints for an  ...)
 	NOT-FOR-US: TinySSL not in Debian
-CVE-2002-1405
+CVE-2002-1405 (CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote a ...)
 	{DSA-210}
 	- lynx 2.8.4.1b-4
 	- lynx-ssl 1:2.8.4.1b-3.1
 CVE-2002-XXXX [Cross-Site-Scripting in Bugzilla]
 	- bugzilla 2.16.2-1
-CVE-2002-1403
+CVE-2002-1403 (dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to exe ...)
 	{DSA-219}
 	- dhcpcd 1:1.3.22pl2-2
 	NOTE: Debian sarge uses dhcp >= 2.0
-CVE-2002-1396
+CVE-2002-1396 (Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 ...)
 	- php4 4:4.3.2+rc3-1
 	NOTE: according to http://www.securityfocus.com/bid/6488
 	NOTE: woody is not vulnerable
-CVE-2002-1394
+CVE-2002-1394 (Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet a ...)
 	{DSA-225}
 	- tomcat4 4.1.16-1
-CVE-2002-1392
+CVE-2002-1392 (faxspool in mgetty before 1.1.29 uses a world-writable spool directory ...)
 	- mgetty 1.1.30-1
 	NOTE: woody version seems to be vulnerable see bug #199351
-CVE-2002-1391
+CVE-2002-1391 (Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote  ...)
 	- mgetty 1.1.30-1
 	NOTE: woody version seems to be vulnerable see bug #199351
-CVE-2002-1390
+CVE-2002-1390 (The daemon for GeneWeb before 4.09 does not properly handle requested  ...)
 	{DSA-223}
 	- geneweb 4.09-1
-CVE-2002-1389
+CVE-2002-1389 (Buffer overflow in typespeed 0.4.2 and earlier allows local users to g ...)
 	{DSA-217}
 	- typespeed 0.4.2-2
-CVE-2002-1388
+CVE-2002-1388 (Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 allo ...)
 	{DSA-221}
 	- mhonarc 2.5.14-1
-CVE-2002-1385
+CVE-2002-1385 (openwebmail_init in Open WebMail 1.81 and earlier allows local users t ...)
 	- openwebmail 1.90-1
-CVE-2002-1384
+CVE-2002-1384 (Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, ...)
 	{DSA-232 DSA-226 DSA-222}
 	- xpdf-i 2.01-2
 	- xpdf 2.01-2
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1382
+CVE-2002-1382 (Macromedia Flash Player before 6.0.65.0 allows remote attackers to exe ...)
 	- flashplugin-nonfree 6.0.69-1
-CVE-2002-1381
+CVE-2002-1381 (Format string vulnerability in daemon.c for Exim 4.x through 4.10, and ...)
 	- exim4 4.11-0.0.1
 	- exim 3.36-14
-CVE-2002-1380
+CVE-2002-1380 (Linux kernel 2.2.x allows local users to cause a denial of service (cr ...)
 	{DSA-336}
 	- kernel-source-2.2.25 2.2.25-2
-CVE-2002-1377
+CVE-2002-1377 (vim 6.0 and 6.1, and possibly other versions, allows attackers to exec ...)
 	- vim 6.1.263-1
 	NOTE: woody seems to be still vulnerable
 	NOTE: according to bug #178102 a fixed package was uploaded to the security team in January 2003
@@ -3165,1254 +3165,1254 @@ CVE-2002-1377
 	NOTE: I've mailed maintainer Luca Filipozzi <lfilipoz@debian.org> about this.
 	NOTE: No response from maintainer, I have mailed security team.
 	NOTE: Martin Schulze don't consider this as an issue for updating woody.
-CVE-2002-1375
+CVE-2002-1375 (The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4. ...)
 	{DSA-212}
 	- mysql <removed>
-CVE-2002-1374
+CVE-2002-1374 (The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x befor ...)
 	{DSA-212}
 	- mysql <removed>
-CVE-2002-1373
+CVE-2002-1373 (Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3 ...)
 	{DSA-212}
 	- mysql <removed>
-CVE-2002-1372
+CVE-2002-1372 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not prop ...)
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1371
+CVE-2002-1371 (filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 throu ...)
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1369
+CVE-2002-1369 (jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 doe ...)
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1367
+CVE-2002-1367 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote ...)
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1366
+CVE-2002-1366 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local  ...)
 	{DSA-232}
 	- cups 1.1.18-1
 	- cupsys 1.1.18-1
-CVE-2002-1365
+CVE-2002-1365 (Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not acc ...)
 	{DSA-216}
 	- fetchmail 6.2.0-1
-CVE-2002-1364
+CVE-2002-1364 (Buffer overflow in the get_origin function in traceroute-nanog allows  ...)
 	{DSA-254}
 	- traceroute-nanog 6.3.0-1
-CVE-2002-1363
+CVE-2002-1363 (Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does  ...)
 	{DSA-213}
 	- libpng 1.0.12-7
 	- libpng3 1.2.5-8
-CVE-2002-1362
+CVE-2002-1362 (mICQ 0.4.9 and earlier allows remote attackers to cause a denial of se ...)
 	{DSA-211}
 	- micq 0.4.9.4-1
-CVE-2002-1361
+CVE-2002-1361 (overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Har ...)
 	NOT-FOR-US: sun
-CVE-2002-1350
+CVE-2002-1350 (The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly  ...)
 	{DSA-206}
 	- tcpdump 3.7.2-1
 	NOTE: The fix from 3.6.2-2.2 was not upload to unstable.
 CVE-2002-XXXX [Multiple buffer overflows in gtetrinet]
 	- gtetrinet 0.4.4-1
-CVE-2002-1349
+CVE-2002-1349 (Buffer overflow in pop3trap.exe for PC-cillin 2000, 2002, and 2003 all ...)
 	NOT-FOR-US: PC-cillin
-CVE-2002-1348
+CVE-2002-1348 (w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attri ...)
 	{DSA-251 DSA-250 DSA-249}
 	- w3m 0.3.2.2-1
 	- w3mmee 0.3.p24.17-3
-CVE-2002-1337
+CVE-2002-1337 (Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to  ...)
 	{DSA-257}
 	- sendmail 8.13.0.PreAlpha4-0
 	- sendmail-wine <removed>
 	NOTE: problem in sendmail 8.12, sarge uses 8.13
-CVE-2002-1336
+CVE-2002-1336 (TightVNC before 1.2.6 generates the same challenge string for multiple ...)
 	- tightvnc 1.2.6-1
-CVE-2002-1327
+CVE-2002-1327 (Buffer overflow in the Windows Shell function in Microsoft Windows XP  ...)
 	NOT-FOR-US: windows
-CVE-2002-1325
+CVE-2002-1325 (Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remot ...)
 	NOT-FOR-US: windows
-CVE-2002-1323
+CVE-2002-1323 (Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may al ...)
 	{DSA-208}
 	- perl 5.8.0-14
-CVE-2002-1320
+CVE-2002-1320 (Pine 4.44 and earlier allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: pine not in Debian
-CVE-2002-1319
+CVE-2002-1319 (The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 sy ...)
 	NOTE: fixed after 2.4.20 kernel (2.6 not vulnerable)
-CVE-2002-1318
+CVE-2002-1318 (Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers t ...)
 	{DSA-200}
 	- samba 2.2.7
-CVE-2002-1317
+CVE-2002-1317 (Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on ...)
 	NOT-FOR-US: solaris
-CVE-2002-1313
+CVE-2002-1313 (nullmailer 1.00RC5 and earlier allows local users to cause a denial of ...)
 	{DSA-198}
 	- nullmailer 1.00RC5-17
-CVE-2002-1311
+CVE-2002-1311 (Courier sqwebmail before 0.40.0 does not quickly drop privileges after ...)
 	{DSA-197}
 	- courier 0.40.0-1
-CVE-2002-1308
+CVE-2002-1308 (Heap-based buffer overflow in Netscape and Mozilla allows remote attac ...)
 	- mozilla 2:1.2-1
 	NOTE: woody is vulnerable see #237422
-CVE-2002-1307
+CVE-2002-1307 (Cross-site scripting vulnerability (XSS) in MHonArc 2.5.12 and earlier ...)
 	{DSA-199}
 	- mhonarc 2.5.13-1
-CVE-2002-1296
+CVE-2002-1296 (Directory traversal vulnerability in priocntl system call in Solaris d ...)
 	NOT-FOR-US: Solaris
-CVE-2002-1284
+CVE-2002-1284 (The wizard in KGPG 0.6 through 0.8.2 does not properly provide the pas ...)
 	- kdeutils 4:3.2.1-1
-CVE-2002-1278
+CVE-2002-1278 (The mailconf module in Linuxconf 1.24, and other versions before 1.28, ...)
 	NOTE: Linuxconf not in testing/unstable
-CVE-2002-1277
+CVE-2002-1277 (Buffer overflow in Window Maker (wmaker) 0.80.0 and earlier may allow  ...)
 	{DSA-190}
 	- wmaker 0.80.1-4
-CVE-2002-1272
+CVE-2002-1272 (Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a bac ...)
 	NOT-FOR-US: Alcatel
-CVE-2002-1271
+CVE-2002-1271 (The Mail::Mailer Perl module in the perl-MailTools package 1.47 and ea ...)
 	{DSA-386}
 	- libmailtools-perl 1.51 (bug #168381)
-CVE-2002-1270
+CVE-2002-1270 (Mac OS X 10.2.2 allows local users to read files that only allow write ...)
 	NOT-FOR-US: Mac OS X
-CVE-2002-1268
+CVE-2002-1268 (Mac OS X 10.2.2 allows local users to gain privileges via a mounted IS ...)
 	NOT-FOR-US: Mac OS X
-CVE-2002-1267
+CVE-2002-1267 (Mac OS X 10.2.2 allows remote attackers to cause a denial of service b ...)
 	NOT-FOR-US: Mac OS X
-CVE-2002-1266
+CVE-2002-1266 (Mac OS X 10.2.2 allows local users to gain privileges by mounting a di ...)
 	NOT-FOR-US: Mac OS X
-CVE-2002-1265
+CVE-2002-1265 (The Sun RPC functionality in multiple libc implementations does not pr ...)
 	NOTE: don't know which version of glibc fix this
 	NOTE: I've mailed maintainers.
-CVE-2002-1264
+CVE-2002-1264 (Buffer overflow in Oracle iSQL*Plus web application of the Oracle 9 da ...)
 	NOT-FOR-US: oracle
-CVE-2002-1260
+CVE-2002-1260 (The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machin ...)
 	NOT-FOR-US: Microsoft JVM
-CVE-2002-1257
+CVE-2002-1257 (Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allo ...)
 	NOT-FOR-US: Microsoft JVM
-CVE-2002-1256
+CVE-2002-1256 (The SMB signing capability in the Server Message Block (SMB) protocol  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2002-1255
+CVE-2002-1255 (Microsoft Outlook 2002 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Microsoft Outlook
-CVE-2002-1253
+CVE-2002-1253 (Abuse 2.00 and earlier allows local users to gain privileges via comma ...)
 	NOT-FOR-US: Abuse 2.00 not in Debian
-CVE-2002-1252
+CVE-2002-1252 (The Application Messaging Gateway for PeopleTools 8.1x before 8.19, as ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2002-1251
+CVE-2002-1251 (Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to  ...)
 	{DSA-186}
 	- log2mail 0.2.6-1
-CVE-2002-1250
+CVE-2002-1250 (Buffer overflow in Abuse 2.00 and earlier allows local users to gain r ...)
 	NOT-FOR-US: Abuse 2.00 not in Debian
-CVE-2002-1248
+CVE-2002-1248 (Northern Solutions Xeneo Web Server 2.1.0.0, 2.0.759.6, and other vers ...)
 	NOT-FOR-US: Xeneo Web Server
-CVE-2002-1245
+CVE-2002-1245 (Maped in LuxMan 0.41 uses the user-provided search path to find and ex ...)
 	{DSA-189}
 	- luxman 0.41-19
-CVE-2002-1244
+CVE-2002-1244 (Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly ...)
 	NOT-FOR-US: Pablo FTP Server
-CVE-2002-1242
+CVE-2002-1242 (SQL injection vulnerability in PHP-Nuke before 6.0 allows remote authe ...)
 	NOT-FOR-US: PHP-Nuke not in Debian
-CVE-2002-1239
+CVE-2002-1239 (QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and ...)
 	NOT-FOR-US: QNX
-CVE-2002-1236
+CVE-2002-1236 (The remote management web server for Linksys BEFSR41 EtherFast Cable/D ...)
 	NOT-FOR-US: Linksys
-CVE-2002-1232
+CVE-2002-1232 (Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS p ...)
 	{DSA-180}
 	- nis 3.9-6.2
-CVE-2002-1231
+CVE-2002-1231 (SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a d ...)
 	NOT-FOR-US: SCO
-CVE-2002-1230
+CVE-2002-1230 (NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2 ...)
 	NOT-FOR-US: Windows NT
-CVE-2002-1227
+CVE-2002-1227 (PAM 0.76 treats a disabled password as if it were an empty (null) pass ...)
 	{DSA-177}
 	- pam 0.76-6
-CVE-2002-1224
+CVE-2002-1224 (Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0 ...)
 	- kdenetwork 4:3.1.0-1
-CVE-2002-1223
+CVE-2002-1223 (Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView i ...)
 	- kdegraphics 4:3.1.0-1
-CVE-2002-1222
+CVE-2002-1222 (Buffer overflow in the embedded HTTP server for Cisco Catalyst switche ...)
 	NOT-FOR-US: CISCO
-CVE-2002-1221
+CVE-2002-1221 (BIND 8.x through 8.3.3 allows remote attackers to cause a denial of se ...)
 	{DSA-196}
 	- bind 1:8.3.3-3
 	- bind9 <not-affected>
-CVE-2002-1220
+CVE-2002-1220 (BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of  ...)
 	{DSA-196}
 	- bind 1:8.3.3-3
 	- bind9 <not-affected>
-CVE-2002-1219
+CVE-2002-1219 (Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8  ...)
 	{DSA-196}
 	- bind 1:8.3.3-3
 	- bind9 <not-affected>
-CVE-2002-1214
+CVE-2002-1214 (Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1211
+CVE-2002-1211 (Prometheus 6.0 and earlier allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: Prometheus not in Debian
-CVE-2002-1200
+CVE-2002-1200 (Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when u ...)
 	{DSA-175}
 	- syslog-ng 1.5.21-1
-CVE-2002-1199
+CVE-2002-1199 (The getdbm procedure in ypxfrd allows local users to read arbitrary fi ...)
 	NOT-FOR-US: ypxfrd not in Debian
-CVE-2002-1198
+CVE-2002-1198 (Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes fro ...)
 	- bugzilla 2.16.1-1
 	NOTE: woody seems to be vulnerable, bug #282500
-CVE-2002-1197
+CVE-2002-1197 (bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x  ...)
 	- bugzilla 2.16.1-1
 	NOTE: woody seems to be vulnerable, bug #282501
-CVE-2002-1196
+CVE-2002-1196 (editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2 ...)
 	{DSA-173}
 	- bugzilla 2.16.0-2.1
-CVE-2002-1195
+CVE-2002-1195 (Cross-site scripting vulnerability (XSS) in the PHP interface for ht:/ ...)
 	{DSA-169}
 	- htcheck 1:1.1-1.2
-CVE-2002-1193
+CVE-2002-1193 (tkmail before 4.0beta9-8.1 allows local users to create or overwrite f ...)
 	{DSA-172}
 	- tkmail <removed>
-CVE-2002-1189
+CVE-2002-1189 (The default configuration of Cisco Unity 2.x and 3.x does not block in ...)
 	NOT-FOR-US: CISCO
-CVE-2002-1188
+CVE-2002-1188 (Internet Explorer 5.01 through 6.0 allows remote attackers to identify ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1187
+CVE-2002-1187 (Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 thr ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1186
+CVE-2002-1186 (Internet Explorer 5.01 through 6.0 does not properly perform security  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1185
+CVE-2002-1185 (Internet Explorer 5.01 through 6.0 does not properly check certain par ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1184
+CVE-2002-1184 (The system root folder of Microsoft Windows 2000 has default permissio ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1183
+CVE-2002-1183 (Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Bas ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1182
+CVE-2002-1182 (IIS 5.0 and 5.1 allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1180
+CVE-2002-1180 (A typographical error in the script source access permissions for Inte ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1179
+CVE-2002-1179 (Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1178
+CVE-2002-1178 (Directory traversal vulnerability in the CGIServlet for Jetty HTTP ser ...)
 	- jetty 4.1.0
-CVE-2002-1170
+CVE-2002-1170 (The handle_var_requests function in snmp_agent.c for the SNMP daemon i ...)
 	- net-snmp 5.0.6
-CVE-2002-1169
+CVE-2002-1169 (IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1. ...)
 	NOT-FOR-US: IBM Web Traffic Express Caching Proxy Server
-CVE-2002-1160
+CVE-2002-1160 (The default configuration of the pam_xauth module forwards MIT-Magic-C ...)
 	NOT-FOR-US: pam_xauth
-CVE-2002-1159
+CVE-2002-1159 (Canna 3.6 and earlier does not properly validate requests, which allow ...)
 	{DSA-224}
 	- canna 3.6p1-1
-CVE-2002-1158
+CVE-2002-1158 (Buffer overflow in the irw_through function for Canna 3.5b2 and earlie ...)
 	{DSA-224}
 	- canna 3.6p1-1
-CVE-2002-1157
+CVE-2002-1157 (Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9  ...)
 	{DSA-181}
 	- libapache-mod-ssl 2.8.9-2.3
-CVE-2002-1156
+CVE-2002-1156 (Apache 2.0.42 allows remote attackers to view the source code of a CGI ...)
 	- apache2 2.0.43
-CVE-2002-1154
+CVE-2002-1154 (anlgform.pl in Analog before 5.23 does not restrict access to the PROG ...)
 	- analog 2:5.23
-CVE-2002-1153
+CVE-2002-1153 (IBM Websphere 4.0.3 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: IBM Websphere
-CVE-2002-1152
+CVE-2002-1152 (Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secur ...)
 	- kdebase 3.03
-CVE-2002-1151
+CVE-2002-1151 (The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 ...)
 	{DSA-167}
 	- kdelibs 4:2.2.2-14
-CVE-2002-1148
+CVE-2002-1148 (The default servlet (org.apache.catalina.servlets.DefaultServlet) in T ...)
 	{DSA-170}
 	- tomcat4 4.1.12-1
-CVE-2002-1147
+CVE-2002-1147 (The HTTP administration interface for HP Procurve 4000M Switch firmwar ...)
 	NOT-FOR-US: HP Procurve 4000M Switch firmware
-CVE-2002-1146
+CVE-2002-1146 (The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries ...)
 	NOTE: see http://www.kb.cert.org/vuls/id/AAMN-5D28K6 (glibc)
 	NOTE: see http://www.kb.cert.org/vuls/id/AAMN-5D287U (bind)
 	- glibc 2.3
 	- bind 1:8.3.3
-CVE-2002-1142
+CVE-2002-1142 (Heap-based buffer overflow in the Remote Data Services (RDS) component ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1141
+CVE-2002-1141 (An input validation error in the Sun Microsystems RPC library Services ...)
 	NOT-FOR-US: Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP
-CVE-2002-1140
+CVE-2002-1140 (The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as  ...)
 	NOT-FOR-US: Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP
-CVE-2002-1139
+CVE-2002-1139 (The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1138
+CVE-2002-1138 (Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MS ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1137
+CVE-2002-1137 (Buffer overflow in the Database Console Command (DBCC) that handles us ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1135
+CVE-2002-1135 (modsecurity.php 1.10 and earlier, in phpWebSite 0.8.2 and earlier, all ...)
 	NOT-FOR-US: phpWebSite
-CVE-2002-1132
+CVE-2002-1132 (SquirrelMail 1.2.7 and earlier allows remote attackers to determine th ...)
 	{DSA-191}
 	- squirrelmail 1:1.2.8-1.1
-CVE-2002-1126
+CVE-2002-1126 (Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape a ...)
 	- mozilla 2:1.2
-CVE-2002-1123
+CVE-2002-1123 (Buffer overflow in the authentication function for Microsoft SQL Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1122
+CVE-2002-1122 (Buffer overflow in the parsing mechanism for ISS Internet Scanner 6.2. ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1119
+CVE-2002-1119 (os._execvpe from os.py in Python 2.2.1 and earlier creates temporary f ...)
 	{DSA-159}
 	- python1.5 1.5.2-24
 	- python2.1 2.1.3-6a
 	- python2.2 2.2.1-8
 	- python2.3 <not-affected>
-CVE-2002-1118
+CVE-2002-1118 (TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and ...)
 	NOT-FOR-US: Oracle
-CVE-2002-1117
+CVE-2002-1117 (Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymo ...)
 	NOT-FOR-US: Veritas Backup Exec
-CVE-2002-1116
+CVE-2002-1116 (The "View Bugs" page (view_all_bug_page.php) in Mantis 0.17.4a and ear ...)
 	{DSA-161}
 	- mantis 0.17.5-2
-CVE-2002-1113
+CVE-2002-1113 (summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote ...)
 	{DSA-153}
 	- mantis 0.17.4a-2
-CVE-2002-1112
+CVE-2002-1112 (Mantis before 0.17.4 allows remote attackers to list project bugs with ...)
 	{DSA-153}
 	- mantis 0.17.4a-2
-CVE-2002-1111
+CVE-2002-1111 (print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify th ...)
 	{DSA-153}
 	- mantis 0.17.4a-2
-CVE-2002-1109
+CVE-2002-1109 (securetar, as used in AMaViS shell script 0.2.1 and earlier, allows us ...)
 	NOTE: old amavis shell script
-CVE-2002-1108
+CVE-2002-1108 (Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x bef ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1107
+CVE-2002-1107 (Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x bef ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1106
+CVE-2002-1106 (Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x bef ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1105
+CVE-2002-1105 (Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x bef ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1104
+CVE-2002-1104 (Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x befo ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1102
+CVE-2002-1102 (The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1099
+CVE-2002-1099 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1098
+CVE-2002-1098 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTP ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1097
+CVE-2002-1097 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restri ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1096
+CVE-2002-1096 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restri ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1095
+CVE-2002-1095 (Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled,  ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1093
+CVE-2002-1093 (HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before  ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1092
+CVE-2002-1092 (Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when conf ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1091
+CVE-2002-1091 (Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers  ...)
 	- mozilla 2:1.0.2
-CVE-2002-1088
+CVE-2002-1088 (Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2002-1081
+CVE-2002-1081 (The Administration console for Abyss Web Server 1.0.3 allows remote at ...)
 	NOT-FOR-US: Abyss Web Server
-CVE-2002-1079
+CVE-2002-1079 (Directory traversal vulnerability in Abyss Web Server 1.0.3 allows rem ...)
 	NOT-FOR-US: Abyss Web Server
-CVE-2002-1076
+CVE-2002-1076 (Buffer overflow in the Web Messaging daemon for Ipswitch IMail before  ...)
 	NOT-FOR-US: Ipswitch IMail
-CVE-2002-1060
+CVE-2002-1060 (Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerl ...)
 	NOT-FOR-US: CacheFlow CacheOS
-CVE-2002-1059
+CVE-2002-1059 (Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x ...)
 	NOT-FOR-US: Van Dyke SecureCRT SSH client
-CVE-2002-1057
+CVE-2002-1057 (Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows re ...)
 	NOT-FOR-US: SmartMax MailMax POP3 daemon
-CVE-2002-1056
+CVE-2002-1056 (Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-1054
+CVE-2002-1054 (Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and  ...)
 	NOT-FOR-US: Pablo FTP server
-CVE-2002-1053
+CVE-2002-1053 (Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server be ...)
 	NOT-FOR-US: W3C Jigsaw Proxy Server
-CVE-2002-1051
+CVE-2002-1051 (Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG tracero ...)
 	{DSA-254}
 	- traceroute-nanog 6.3.0-1
-CVE-2002-1050
+CVE-2002-1050 (Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attacke ...)
 	{DSA-148}
 	- hylafax 4.1.2-2.1
-CVE-2002-1049
+CVE-2002-1049 (Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows re ...)
 	{DSA-148}
 	- hylafax 4.1.2-2.1
-CVE-2002-1046
+CVE-2002-1046 (Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebo ...)
 	NOT-FOR-US: Watchguard Firebox firmware
-CVE-2002-1039
+CVE-2002-1039 (Directory traversal vulnerability in Double Choco Latte (DCL) before 2 ...)
 	- dcl <not-affected> (Vulnerable code not present, affected dcl "Double Choco Latte")
 	NOTE: Until 2008 src:dcl was for the source for "Double Choco Latte". On
 	NOTE: 2017-08-30 an unrelated source took over the source package name dcl.
 	NOTE: Original issue fixed in dcl/20020706
-CVE-2002-1035
+CVE-2002-1035 (Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Omnicron OmniHTTPd
-CVE-2002-1031
+CVE-2002-1031 (KeyFocus (KF) web server 1.0.2 allows remote attackers to list directo ...)
 	NOT-FOR-US: KeyFocus (KF) web server
-CVE-2002-1030
+CVE-2002-1030 (Race condition in Performance Pack in BEA WebLogic Server and Express  ...)
 	NOT-FOR-US: BEA WebLogic Server and Express
-CVE-2002-1025
+CVE-2002-1025 (JRun 3.0 through 4.0 allows remote attackers to read JSP source code v ...)
 	NOT-FOR-US: JRun
-CVE-2002-1024
+CVE-2002-1024 (Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attack ...)
 	NOT-FOR-US: Cisco
-CVE-2002-1015
+CVE-2002-1015 (RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10. ...)
 	NOT-FOR-US: Real
-CVE-2002-1014
+CVE-2002-1014 (Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne  ...)
 	NOT-FOR-US: Real
-CVE-2002-1013
+CVE-2002-1013 (Buffer overflow in traffic_manager for Inktomi Traffic Server 4.0.18 t ...)
 	NOT-FOR-US: Inktomi
-CVE-2002-1006
+CVE-2002-1006 (Cross-site scripting (XSS) vulnerability in BBC Education Text to Spee ...)
 	NOT-FOR-US: Betsie
-CVE-2002-1004
+CVE-2002-1004 (Directory traversal vulnerability in webmail feature of ArGoSoft Mail  ...)
 	NOT-FOR-US: ArGoSoft Mail Server
-CVE-2002-1002
+CVE-2002-1002 (Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote attac ...)
 	NOT-FOR-US: Novell
-CVE-2002-1000
+CVE-2002-1000 (Buffer overflow in AnalogX SimpleServer:Shout 1.0 allows remote attack ...)
 	NOT-FOR-US: AnalogX SimpleServer:Shout
-CVE-2002-0995
+CVE-2002-0995 (login.php for PHPAuction allows remote attackers to gain privileges vi ...)
 	NOT-FOR-US: PHPAuction
-CVE-2002-0990
+CVE-2002-0990 (The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 th ...)
 	NOT-FOR-US: Symantec
-CVE-2002-0989
+CVE-2002-0989 (The URL handler in the manual browser option for Gaim before 0.59.1 al ...)
 	{DSA-158}
 	- gaim 1:0.59.1-2
-CVE-2002-0988
+CVE-2002-0988 (Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1. ...)
 	NOT-FOR-US: Xsco
-CVE-2002-0987
+CVE-2002-0987 (X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop pri ...)
 	NOT-FOR-US: Xsco
-CVE-2002-0986
+CVE-2002-0986 (The mail function in PHP 4.x to 4.2.2 does not filter ASCII control ch ...)
 	{DSA-168}
 	- php3 3:3.0.18-23.2
 	- php4 4:4.2.3-3
-CVE-2002-0985
+CVE-2002-0985 (Argument injection vulnerability in the mail function for PHP 4.x to 4 ...)
 	{DSA-168}
 	- php3 3:3.0.18-23.2
 	- php4 4:4.2.3-3
-CVE-2002-0984
+CVE-2002-0984 (The IRC script included in Light 2.7.x before 2.7.30p5, and 2.8.x befo ...)
 	{DSA-156}
 	- epic4-script-light 1:2.7.30p5-2
-CVE-2002-0981
+CVE-2002-0981 (Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0. ...)
 	NOT-FOR-US: ndcfg
-CVE-2002-0974
+CVE-2002-0974 (Help and Support Center for Windows XP allows remote attackers to dele ...)
 	NOT-FOR-US: Help and Support Center for Windows XP
-CVE-2002-0970
+CVE-2002-0970 (The SSL capability for Konqueror in KDE 3.0.2 and earlier does not ver ...)
 	{DSA-155}
 	- kdelibs 4:2.2.2-14
-CVE-2002-0969
+CVE-2002-0969 (Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta  ...)
 	NOTE: mysql problem only affects Windows
-CVE-2002-0968
+CVE-2002-0968 (Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows re ...)
 	NOT-FOR-US: AnalogX SimpleServer:WWW
-CVE-2002-0967
+CVE-2002-0967 (Buffer overflow in eDonkey 2000 35.16.60 and earlier allows remote att ...)
 	NOT-FOR-US: eDonkey
-CVE-2002-0965
+CVE-2002-0965 (Buffer overflow in TNS Listener for Oracle 9i Database Server on Windo ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0964
+CVE-2002-0964 (Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause  ...)
 	NOT-FOR-US: Half Life
-CVE-2002-0958
+CVE-2002-0958 (Cross-site scripting vulnerability in browse.php for PHP(Reactor) 1.2. ...)
 	NOT-FOR-US: PHP Reactor
-CVE-2002-0953
+CVE-2002-0953 (globals.php in PHP Address before 0.2f, with the PHP allow_url_fopen a ...)
 	NOT-FOR-US: PHP Address
-CVE-2002-0952
+CVE-2002-0952 (Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 a ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0947
+CVE-2002-0947 (Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8 ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0946
+CVE-2002-0946 (Directory traversal vulnerability in SeaNox Devwex before 1.2002.0601  ...)
 	NOT-FOR-US: SeaNox Devwex
-CVE-2002-0945
+CVE-2002-0945 (Buffer overflow in SeaNox Devwex allows remote attackers to cause a de ...)
 	NOT-FOR-US: SeaNox Devwex
-CVE-2002-0941
+CVE-2002-0941 (The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4. ...)
 	NOT-FOR-US: Java on Windows
-CVE-2002-0938
+CVE-2002-0938 (Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remot ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0935
+CVE-2002-0935 (Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, al ...)
 	- tomcat4 4.1.9-1
-CVE-2002-0916
+CVE-2002-0916 (Format string vulnerability in the allowuser code for the Stellar-X ms ...)
 	- squid 2.4.7
-CVE-2002-0914
+CVE-2002-0914 (Double Precision Courier e-mail MTA allows remote attackers to cause a ...)
 	- courier 0.46
-CVE-2002-0911
+CVE-2002-0911 (Caldera Volution Manager 1.1 stores the Directory Administrator passwo ...)
 	NOT-FOR-US: Caldera Volution Manager
-CVE-2002-0906
+CVE-2002-0906 (Buffer overflow in Sendmail before 8.12.5, when configured to use a cu ...)
 	- sendmail 8.12.5
-CVE-2002-0904
+CVE-2002-0904 (SayText function in Kismet 2.2.1 and earlier allows remote attackers t ...)
 	- kismet 2.2.2-1
-CVE-2002-0900
+CVE-2002-0900 (Buffer overflow in pks PGP public key web server before 0.9.5 allows r ...)
 	NOT-FOR-US: pks
-CVE-2002-0898
+CVE-2002-0898 (Opera 6.0.1 and 6.0.2 allows a remote web site to upload arbitrary fil ...)
 	NOT-FOR-US: Opera
-CVE-2002-0897
+CVE-2002-0897 (LocalWEB2000 2.1.0 web server allows remote attackers to bypass access ...)
 	NOT-FOR-US: LocalWEB2000
-CVE-2002-0895
+CVE-2002-0895 (Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote attacke ...)
 	NOT-FOR-US: MatuFtpServer
-CVE-2002-0892
+CVE-2002-0892 (The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows r ...)
 	NOT-FOR-US: NewAtlanta ServletExec ISAPI
-CVE-2002-0891
+CVE-2002-0891 (The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and ce ...)
 	NOT-FOR-US: NetScreen ScreenOS
-CVE-2002-0889
+CVE-2002-0889 (Buffer overflow in Qpopper (popper) 4.0.4 and earlier allows local use ...)
 	- qpopper 4.0.5-1
-CVE-2002-0887
+CVE-2002-0887 (scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users ...)
 	NOT-FOR-US: scoadmin
-CVE-2002-0875
+CVE-2002-0875 (Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivile ...)
 	{DSA-154}
 	- fam 2.6.8-1
-CVE-2002-0873
+CVE-2002-0873 (Vulnerability in l2tpd 0.67 allows remote attackers to overwrite the v ...)
 	{DSA-152}
 	- l2tpd 0.68-1
-CVE-2002-0872
+CVE-2002-0872 (l2tpd 0.67 does not initialize the random number generator, which allo ...)
 	{DSA-152}
 	- l2tpd 0.68-1
-CVE-2002-0871
+CVE-2002-0871 (xinetd 2.3.4 leaks file descriptors for the signal pipe to services th ...)
 	{DSA-151}
 	- xinetd 1:2.3.7-1
-CVE-2002-0867
+CVE-2002-0867 (Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allo ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0866
+CVE-2002-0866 (Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0865
+CVE-2002-0865 (A certain class that supports XML (Extensible Markup Language) in Micr ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0864
+CVE-2002-0864 (The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP all ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0860
+CVE-2002-0860 (The LoadText method in the spreadsheet component in Microsoft Office W ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0859
+CVE-2002-0859 (Buffer overflow in the OpenDataSource function of the Jet engine on Mi ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0856
+CVE-2002-0856 (SQL*NET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows remote a ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0853
+CVE-2002-0853 (Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows re ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0851
+CVE-2002-0851 (Format string vulnerability in ISDN Point to Point Protocol (PPP) daem ...)
 	- isdnutils 1:3.2
-CVE-2002-0850
+CVE-2002-0850 (Buffer overflow in PGP Corporate Desktop 7.1.1 allows remote attackers ...)
 	NOT-FOR-US: PGP corporate desktop
-CVE-2002-0848
+CVE-2002-0848 (Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, a ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0847
+CVE-2002-0847 (tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers ...)
 	{DSA-145}
 	- tinyproxy 1.4.3-3
-CVE-2002-0846
+CVE-2002-0846 (The decoder for Macromedia Shockwave Flash allows remote attackers to  ...)
 	- flashplugin-nonfree 6.0.47
-CVE-2002-0845
+CVE-2002-0845 (Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows rem ...)
 	NOT-FOR-US: Sun ONE
-CVE-2002-0844
+CVE-2002-0844 (Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD b ...)
 	- cvs 1:1.11.2
-CVE-2002-0842
+CVE-2002-0842 (Format string vulnerability in certain third party modifications to mo ...)
 	NOTE: mod_dav for apache not vulnerable according to
 	NOTE: lists.netsys.com/pipermail/full-disclosure/2003-February/003875.html
-CVE-2002-0840
+CVE-2002-0840 (Cross-site scripting (XSS) vulnerability in the default error page of  ...)
 	{DSA-195 DSA-188 DSA-187}
 	- apache2 2.0.43-1
 	- apache 1.3.27-0.1
 	- apache-perl 1.3.26-1.1-1.27-3-1
-CVE-2002-0836
+CVE-2002-0836 (dvips converter for Postscript files in the tetex package calls the sy ...)
 	{DSA-207}
 	- tetex-bin 1.0.7+20021025-4
-CVE-2002-0835
+CVE-2002-0835 (Preboot eXecution Environment (PXE) server allows remote attackers to  ...)
 	NOT-FOR-US: RedHat/Intel PXE daemon
 	NOTE: this is not the one in Debian
-CVE-2002-0831
+CVE-2002-0831 (The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local us ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-0830
+CVE-2002-0830 (Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, Net ...)
 	NOT-FOR-US: BSD/NFS
-CVE-2002-0829
+CVE-2002-0829 (Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6 ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-0826
+CVE-2002-0826 (Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated ...)
 	NOT-FOR-US: WS FTP server
-CVE-2002-0824
+CVE-2002-0824 (BSD pppd allows local users to change the permissions of arbitrary fil ...)
 	NOT-FOR-US: BSD/pppd
-CVE-2002-0823
+CVE-2002-0823 (Buffer overflow in Winhlp32.exe allows remote attackers to execute arb ...)
 	NOT-FOR-US: Windows
-CVE-2002-0818
+CVE-2002-0818 (wwwoffled in World Wide Web Offline Explorer (WWWOFFLE) allows remote  ...)
 	{DSA-144}
 	- wwwoffle 2.7d-1
-CVE-2002-0817
+CVE-2002-0817 (Format string vulnerability in super for Linux allows local users to g ...)
 	{DSA-139}
 	- super 3.18.0-3
-CVE-2002-0816
+CVE-2002-0816 (Buffer overflow in su in Tru64 Unix 5.x allows local users to gain roo ...)
 	NOT-FOR-US: HP Tru64
-CVE-2002-0814
+CVE-2002-0814 (Buffer overflow in VMware Authorization Service for VMware GSX Server  ...)
 	NOT-FOR-US: VMware
-CVE-2002-0813
+CVE-2002-0813 (Heap-based buffer overflow in the TFTP server capability in Cisco IOS  ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0810
+CVE-2002-0810 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error me ...)
 	- bugzilla 2.16.0
-CVE-2002-0809
+CVE-2002-0809 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properl ...)
 	- bugzilla 2.16.0
-CVE-2002-0808
+CVE-2002-0808 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing  ...)
 	- bugzilla 2.16.0
-CVE-2002-0806
+CVE-2002-0806 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authentic ...)
 	- bugzilla 2.16.0
-CVE-2002-0805
+CVE-2002-0805 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1) creates new  ...)
 	- bugzilla 2.16.0
-CVE-2002-0804
+CVE-2002-0804 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when configured  ...)
 	- bugzilla 2.16.0
-CVE-2002-0802
+CVE-2002-0802 (The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding cons ...)
 	- postgresql 7.2
-CVE-2002-0801
+CVE-2002-0801 (Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows ...)
 	NOT-FOR-US: Macromedia / Windows
-CVE-2002-0795
+CVE-2002-0795 (The rc system startup script for FreeBSD 4 through 4.5 allows local us ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-0794
+CVE-2002-0794 (The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-0790
+CVE-2002-0790 (clchkspuser and clpasswdremote in AIX expose an encrypted password in  ...)
 	NOT-FOR-US: AIX
-CVE-2002-0789
+CVE-2002-0789 (Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows ...)
 	- mnogosearch 3.1.19-3
-CVE-2002-0788
+CVE-2002-0788 (An interaction between PGP 7.0.3 with the "wipe deleted files" option, ...)
 	NOT-FOR-US: windows
-CVE-2002-0785
+CVE-2002-0785 (AOL Instant Messenger (AIM) allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: AOL AIM
-CVE-2002-0778
+CVE-2002-0778 (The default configuration of the proxy for Cisco Cache Engine and Cont ...)
 	NOT-FOR-US: CISCO
-CVE-2002-0777
+CVE-2002-0777 (Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlie ...)
 	NOT-FOR-US: Ipswitch not in Debian
-CVE-2002-0776
+CVE-2002-0776 (getuserdesc.asp in Hosting Controller 2002 allows remote attackers to  ...)
 	NOT-FOR-US: Hosting Controller 2002
-CVE-2002-0768
+CVE-2002-0768 (Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and po ...)
 	- lukemftp 1.5-7
-CVE-2002-0766
+CVE-2002-0766 (OpenBSD 2.9 through 3.1 allows local users to cause a denial of servic ...)
 	NOT-FOR-US: OpenBSD
-CVE-2002-0765
+CVE-2002-0765 (sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain  ...)
 	- openssh 1:3.3p1-0.0woody1
-CVE-2002-0762
+CVE-2002-0762 (shadow package in SuSE 8.0 allows local users to destroy the /etc/pass ...)
 	NOT-FOR-US: SUSE specific
-CVE-2002-0761
+CVE-2002-0761 (bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1 ...)
 	NOT-FOR-US: FreeBSD and OpenLinux
-CVE-2002-0760
+CVE-2002-0760 (Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenL ...)
 	NOT-FOR-US: FreeBSD and OpenLinux
-CVE-2002-0759
+CVE-2002-0759 (bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1 ...)
 	NOT-FOR-US: FreeBSD and OpenLinux
-CVE-2002-0758
+CVE-2002-0758 (ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote a ...)
 	NOT-FOR-US: SUSE specific
-CVE-2002-0755
+CVE-2002-0755 (Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-0754
+CVE-2002-0754 (Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-0748
+CVE-2002-0748 (LabVIEW Web Server 5.1.1 through 6.1 allows remote attackers to cause  ...)
 	NOT-FOR-US: Labview
-CVE-2002-0741
+CVE-2002-0741 (psyBNC 2.3 allows remote attackers to cause a denial of service (CPU c ...)
 	NOT-FOR-US: psyBNC
-CVE-2002-0738
+CVE-2002-0738 (MHonArc 2.5.2 and earlier does not properly filter Javascript from arc ...)
 	{DSA-163}
 	- mhonarc 2.5.11-1
-CVE-2002-0737
+CVE-2002-0737 (Sambar web server before 5.2 beta 1 allows remote attackers to obtain  ...)
 	NOT-FOR-US: Sambar web server
-CVE-2002-0736
+CVE-2002-0736 (Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0734
+CVE-2002-0734 (b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly loa ...)
 	NOT-FOR-US: B2
-CVE-2002-0733
+CVE-2002-0733 (Cross-site scripting vulnerability in thttpd 2.20 and earlier allows r ...)
 	- thttpd 2.21
-CVE-2002-0729
+CVE-2002-0729 (Microsoft SQL Server 2000 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0727
+CVE-2002-0727 (The Host function in Microsoft Office Web Components (OWC) 2000 and 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0726
+CVE-2002-0726 (Buffer overflow in Microsoft Terminal Services Advanced Client (TSAC)  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0722
+CVE-2002-0722 (Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0720
+CVE-2002-0720 (A handler routine for the Network Connection Manager (NCM) in Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0719
+CVE-2002-0719 (SQL injection vulnerability in the function that services for Microsof ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0718
+CVE-2002-0718 (Web authoring command in Microsoft Content Management Server (MCMS) 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0716
+CVE-2002-0716 (Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5. ...)
 	NOT-FOR-US: SCO OpenServer
-CVE-2002-0714
+CVE-2002-0714 (FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresse ...)
 	- squid 2.4.6
-CVE-2002-0710
+CVE-2002-0710 (Directory traversal vulnerability in sendform.cgi 1.44 and earlier all ...)
 	NOT-FOR-US: sendform.cgi
-CVE-2002-0704
+CVE-2002-0704 (The Network Address Translation (NAT) capability for Netfilter ("iptab ...)
 	NOTE: kernel netfilter bug, not in user space
 	NOTE: this is fixed in kernel 2.4.20
 	- kernel-image-2.4.18-i386 <unfixed> (bug #152152; unimportant)
-CVE-2002-0703
+CVE-2002-0703 (An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl  ...)
 	- perl 5.8.0-7 (bug #282527)
-CVE-2002-0701
+CVE-2002-0701 (ktrace in BSD-based operating systems allows the owner of a process wi ...)
 	NOT-FOR-US: BSD
-CVE-2002-0700
+CVE-2002-0700 (Buffer overflow in a system function that performs user authentication ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0698
+CVE-2002-0698 (Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchang ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0697
+CVE-2002-0697 (Microsoft Metadirectory Services (MMS) 2.2 allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0696
+CVE-2002-0696 (Microsoft Visual FoxPro 6.0 does not register its associated files wit ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0695
+CVE-2002-0695 (Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Mi ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0694
+CVE-2002-0694 (The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Mil ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0692
+CVE-2002-0692 (Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft Fron ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0691
+CVE-2002-0691 (Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0688
+CVE-2002-0688 (ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 ...)
 	{DSA-490}
 	- zope 2.6.0-0.1
-CVE-2002-0687
+CVE-2002-0687 (The "through the web code" capability for Zope 2.0 through 2.5.1 b1 al ...)
 	- zope 2.5.1b2
-CVE-2002-0685
+CVE-2002-0685 (Heap-based buffer overflow in the message decoding functionality for P ...)
 	NOT-FOR-US: PGP Outlook Encryption Plug-In
-CVE-2002-0682
+CVE-2002-0682 (Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remot ...)
 	- tomcat 4.0.4
-CVE-2002-0679
+CVE-2002-0679 (Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC datab ...)
 	NOT-FOR-US: CDE
-CVE-2002-0678
+CVE-2002-0678 (CDE ToolTalk database server (ttdbserver) allows local users to overwr ...)
 	NOT-FOR-US: CDE ToolTalk
-CVE-2002-0676
+CVE-2002-0676 (SoftwareUpdate for MacOS 10.1.x does not use authentication when downl ...)
 	NOT-FOR-US: MacOS
-CVE-2002-0674
+CVE-2002-0674 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 do ...)
 	NOT-FOR-US: Pingtel xpressa SIP-based voice-over-IP phone
-CVE-2002-0673
+CVE-2002-0673 (The enrollment process for Pingtel xpressa SIP-based voice-over-IP pho ...)
 	NOT-FOR-US: Pingtel xpressa SIP-based voice-over-IP phone
-CVE-2002-0672
+CVE-2002-0672 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 al ...)
 	NOT-FOR-US: Pingtel xpressa SIP-based voice-over-IP phone
-CVE-2002-0671
+CVE-2002-0671 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 do ...)
 	NOT-FOR-US: Pingtel xpressa SIP-based voice-over-IP phone
-CVE-2002-0668
+CVE-2002-0668 (The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1. ...)
 	NOT-FOR-US: Pingtel xpressa SIP-based voice-over-IP phone
-CVE-2002-0665
+CVE-2002-0665 (Macromedia JRun Administration Server allows remote attackers to bypas ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0663
+CVE-2002-0663 (Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Fi ...)
 	NOT-FOR-US: Norton
-CVE-2002-0662
+CVE-2002-0662 (scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users t ...)
 	{DSA-160}
 	- scrollkeeper 0.3.11-2
-CVE-2002-0658
+CVE-2002-0658 (OSSP mm library (libmm) before 1.2.0 allows the local Apache user to g ...)
 	{DSA-137}
 	- mm 1.1.3-7
-CVE-2002-0653
+CVE-2002-0653 (Off-by-one buffer overflow in the ssl_compat_directive function, as ca ...)
 	{DSA-135}
 	- libapache-mod-ssl 2.8.9-2
-CVE-2002-0651
+CVE-2002-0651 (Buffer overflow in the DNS resolver code used in libc, glibc, and libb ...)
 	- glibc 2.2.5-8
-CVE-2002-0650
+CVE-2002-0650 (The keep-alive mechanism for Microsoft SQL Server 2000 allows remote a ...)
 	NOT-FOR-US: microsoft
-CVE-2002-0648
+CVE-2002-0648 (The legacy &lt;script&gt; data-island capability for XML in Microsoft  ...)
 	NOT-FOR-US: microsoft
-CVE-2002-0647
+CVE-2002-0647 (Buffer overflow in a legacy ActiveX control used to display specially  ...)
 	NOT-FOR-US: microsoft
-CVE-2002-0642
+CVE-2002-0642 (The registry key containing the SQL Server service account information ...)
 	NOT-FOR-US: microsoft
-CVE-2002-0640
+CVE-2002-0640 (Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote  ...)
 	- openssh 1:3.4 (high)
-CVE-2002-0639
+CVE-2002-0639 (Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote at ...)
 	- openssh 1:3.4 (high)
-CVE-2002-0638
+CVE-2002-0638 (setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0631
+CVE-2002-0631 (Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 thr ...)
 	NOT-FOR-US: SGI
-CVE-2002-0630
+CVE-2002-0630 (The Telnet service for Polycom ViewStation before 7.2.4 allows remote  ...)
 	NOT-FOR-US: Polycom
-CVE-2002-0627
+CVE-2002-0627 (The Web server for Polycom ViewStation before 7.2.4 allows remote atta ...)
 	NOT-FOR-US: Polycom
-CVE-2002-0623
+CVE-2002-0623 (Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0622
+CVE-2002-0622 (The Office Web Components (OWC) package installer for Microsoft Commer ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0621
+CVE-2002-0621 (Buffer overflow in the Office Web Components (OWC) package installer u ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0619
+CVE-2002-0619 (The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0618
+CVE-2002-0618 (The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0617
+CVE-2002-0617 (The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0616
+CVE-2002-0616 (The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0615
+CVE-2002-0615 (The Windows Media Active Playlist in Microsoft Windows Media Player 7. ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0613
+CVE-2002-0613 (dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attacke ...)
 	NOT-FOR-US: DNSTools
-CVE-2002-0605
+CVE-2002-0605 (Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23 (6,0,2 ...)
 	NOT-FOR-US: Flash
-CVE-2002-0601
+CVE-2002-0601 (ISS RealSecure Network Sensor 5.x through 6.5 allows remote attackers  ...)
 	NOT-FOR-US: ISS
-CVE-2002-0599
+CVE-2002-0599 (Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: Blahz
-CVE-2002-0598
+CVE-2002-0598 (Format string vulnerability in Foundstone FScan 1.12 with banner grabb ...)
 	NOT-FOR-US: Foundstone
-CVE-2002-0597
+CVE-2002-0597 (LANMAN service on Microsoft Windows 2000 allows remote attackers to ca ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0594
+CVE-2002-0594 (Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0576
+CVE-2002-0576 (ColdFusion 5.0 and earlier on Windows systems allows remote attackers  ...)
 	NOT-FOR-US: ColdFusion
-CVE-2002-0575
+CVE-2002-0575 (Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Ke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0574
+CVE-2002-0574 (Memory leak in FreeBSD 4.5 and earlier allows remote attackers to caus ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-0573
+CVE-2002-0573 (Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solari ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0571
+CVE-2002-0571 (Oracle Oracle9i database server 9.0.1.x allows local users to access r ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0569
+CVE-2002-0569 (Oracle 9i Application Server allows remote attackers to bypass access  ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0567
+CVE-2002-0567 (Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0553
+CVE-2002-0553 (Cross-site scripting vulnerability in SunShop 2.5 and earlier allows r ...)
 	NOT-FOR-US: SunShop
-CVE-2002-0546
+CVE-2002-0546 (Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 ...)
 	NOT-FOR-US: Winamp
-CVE-2002-0545
+CVE-2002-0545 (Cisco Aironet before 11.21 with Telnet enabled allows remote attackers ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0543
+CVE-2002-0543 (Directory traversal vulnerability in Aprelium Abyss Web Server (abyssw ...)
 	NOT-FOR-US: Aprelium
-CVE-2002-0542
+CVE-2002-0542 (mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0539
+CVE-2002-0539 (Demarc PureSecure 1.05 allows remote attackers to gain administrative  ...)
 	NOT-FOR-US: Demarc
-CVE-2002-0538
+CVE-2002-0538 (FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrite ...)
 	NOT-FOR-US: Symantec
-CVE-2002-0536
+CVE-2002-0536 (PHPGroupware 0.9.12 and earlier, when running with the magic_quotes_gp ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0532
+CVE-2002-0532 (EMU Webmail allows local users to execute arbitrary programs via a ..  ...)
 	NOT-FOR-US: EMU
-CVE-2002-0531
+CVE-2002-0531 (Directory traversal vulnerability in emumail.cgi in EMU Webmail 4.5.x  ...)
 	NOT-FOR-US: EMU
-CVE-2002-0516
+CVE-2002-0516 (SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0513
+CVE-2002-0513 (The PHP administration script in popper_mod 1.2.1 and earlier relies o ...)
 	NOT-FOR-US: popper_mod
-CVE-2002-0512
+CVE-2002-0512 (startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LI ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0511
+CVE-2002-0511 (The default configuration of Name Service Cache Daemon (nscd) in Calde ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0506
+CVE-2002-0506 (Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0505
+CVE-2002-0505 (Memory leak in the Call Telephony Integration (CTI) Framework authenti ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0501
+CVE-2002-0501 (Format string vulnerability in log_print() function of Posadis DNS ser ...)
 	NOT-FOR-US: Posadis
-CVE-2002-0497
+CVE-2002-0497 (Buffer overflow in mtr 0.46 and earlier, when installed setuid root, a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0495
+CVE-2002-0495 (csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to ex ...)
 	NOT-FOR-US: csSearch
-CVE-2002-0494
+CVE-2002-0494 (Cross-site scripting vulnerability in WebSight Directory System 0.1 al ...)
 	NOT-FOR-US: WebSight
-CVE-2002-0493
+CVE-2002-0493 (Apache Tomcat may be started without proper security settings if error ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0490
+CVE-2002-0490 (Instant Web Mail before 0.60 does not properly filter CR/LF sequences, ...)
 	NOT-FOR-US: Instant Web Mail
-CVE-2002-0488
+CVE-2002-0488 (Linux Directory Penguin traceroute.pl CGI script 1.0 allows remote att ...)
 	NOT-FOR-US: Linux Directory Penguin
-CVE-2002-0484
+CVE-2002-0484 (move_uploaded_file in PHP does not does not check for the base directo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0473
+CVE-2002-0473 (db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0464
+CVE-2002-0464 (Directory traversal vulnerability in Hosting Controller 1.4.1 and earl ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2002-0463
+CVE-2002-0463 (home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows remote  ...)
 	NOT-FOR-US: ARSC
-CVE-2002-0462
+CVE-2002-0462 (bigsam_guestbook.php for Big Sam (Built-In Guestbook Stand-Alone Modul ...)
 	NOT-FOR-US: Big Sam
-CVE-2002-0454
+CVE-2002-0454 (Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0451
+CVE-2002-0451 (filemanager_forms.php in PHProjekt 3.1 and 3.1a allows remote attacker ...)
 	NOT-FOR-US: PHProjekt
-CVE-2002-0445
+CVE-2002-0445 (article.php in PHP FirstPost 0.1 allows allows remote attackers to obt ...)
 	NOT-FOR-US: PHP FirstPost
-CVE-2002-0444
+CVE-2002-0444 (Microsoft Windows 2000 running the Terminal Server 90-day trial versio ...)
 	NOT-FOR-US: Windows
-CVE-2002-0443
+CVE-2002-0443 (Microsoft Windows 2000 allows local users to bypass the policy that pr ...)
 	NOT-FOR-US: Windows
-CVE-2002-0442
+CVE-2002-0442 (Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0441
+CVE-2002-0441 (Directory traversal vulnerability in imlist.php for Php Imglist allows ...)
 	NOT-FOR-US: PHP Imglist
-CVE-2002-0437
+CVE-2002-0437 (Smsd in SMS Server Tools (SMStools) before 1.4.8 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0435
+CVE-2002-0435 (Race condition in the recursive (1) directory deletion and (2) directo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0431
+CVE-2002-0431 (XTux allows remote attackers to cause a denial of service (CPU consump ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0429
+CVE-2002-0429 (The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 ...)
 	{DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
 	- kernel-source-2.2.20 <removed>
-CVE-2002-0425
+CVE-2002-0425 (mIRC DCC server protocol allows remote attackers to gain sensitive inf ...)
 	NOT-FOR-US: mIRC
-CVE-2002-0424
+CVE-2002-0424 (efingerd 1.61 and earlier, when configured without the -u option, exec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0423
+CVE-2002-0423 (Buffer overflow in efingerd 1.5 and earlier, and possibly up to 1.61,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0414
+CVE-2002-0414 (KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, an ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0412
+CVE-2002-0412 (Format string vulnerability in TraceEvent function for ntop before 2.1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0406
+CVE-2002-0406 (Menasoft SPHERE server 0.99x and 0.5x allows remote attackers to cause ...)
 	NOT-FOR-US: SPHERE
-CVE-2002-0404
+CVE-2002-0404 (Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0403
+CVE-2002-0403 (DNS dissector in Ethereal before 0.9.3 allows remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0402
+CVE-2002-0402 (Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0401
+CVE-2002-0401 (SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0400
+CVE-2002-0400 (ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0398
+CVE-2002-0398 (Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to  ...)
 	NOT-FOR-US: Red-M
-CVE-2002-0397
+CVE-2002-0397 (Red-M 1050 (Bluetooth Access Point) publicizes its name, IP address, a ...)
 	NOT-FOR-US: Red-M
-CVE-2002-0396
+CVE-2002-0396 (The web management server for Red-M 1050 (Bluetooth Access Point) does ...)
 	NOT-FOR-US: Red-M
-CVE-2002-0395
+CVE-2002-0395 (The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be dis ...)
 	NOT-FOR-US: Red-M
-CVE-2002-0394
+CVE-2002-0394 (Red-M 1050 (Bluetooth Access Point) uses case insensitive passwords, w ...)
 	NOT-FOR-US: Red-M
-CVE-2002-0392
+CVE-2002-0392 (Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remot ...)
 	- apache2 2.0.37
-CVE-2002-0391
+CVE-2002-0391 (Integer overflow in xdr_array function in RPC servers for operating sy ...)
 	{DSA-333 DSA-149 DSA-146 DSA-143 DSA-142}
 	- acm 5.0-10
 	- glibc 2.2.5-13
 	- dietlibc 0.20-0cvs20020808
 	- krb5 1.2.5-2
 	- openafs 1.2.6-1
-CVE-2002-0389
+CVE-2002-0389 (Pipermail in Mailman stores private mail messages with predictable fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0387
+CVE-2002-0387 (Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module f ...)
 	NOT-FOR-US: Sun
-CVE-2002-0384
+CVE-2002-0384 (Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0382
+CVE-2002-0382 (XChat IRC client allows remote attackers to execute arbitrary commands ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0381
+CVE-2002-0381 (The TCP implementation in various BSD operating systems (tcp_input.c)  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0380
+CVE-2002-0380 (Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers t ...)
 	{DSA-255}
 	- tcpdump 3.7.1-1.2
-CVE-2002-0379
+CVE-2002-0379 (Buffer overflow in University of Washington imap server (uw-imapd) ima ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0377
+CVE-2002-0377 (Gaim 0.57 stores sensitive information in world-readable and group-wri ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0376
+CVE-2002-0376 (Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote ...)
 	NOT-FOR-US: Apple
-CVE-2002-0374
+CVE-2002-0374 (Format string vulnerability in the logging function for the pam_ldap P ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0373
+CVE-2002-0373 (The Windows Media Device Manager (WMDM) Service in Microsoft Windows M ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0372
+CVE-2002-0372 (Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player f ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0369
+CVE-2002-0369 (Buffer overflow in ASP.NET Worker Process allows remote attackers to c ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0368
+CVE-2002-0368 (The Store Service in Microsoft Exchange 2000 allows remote attackers t ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0367
+CVE-2002-0367 (smss.exe debugging subsystem in Windows NT and Windows 2000 does not p ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0366
+CVE-2002-0366 (Buffer overflow in Remote Access Service (RAS) phonebook for Windows N ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0364
+CVE-2002-0364 (Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0363
+CVE-2002-0363 (ghostscript before 6.53 allows attackers to execute arbitrary commands ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0362
+CVE-2002-0362 (Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows re ...)
 	NOT-FOR-US: AOL
-CVE-2002-0359
+CVE-2002-0359 (xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allo ...)
 	NOT-FOR-US: IRIX
-CVE-2002-0358
+CVE-2002-0358 (MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows loca ...)
 	NOT-FOR-US: MediaMail
-CVE-2002-0357
+CVE-2002-0357 (Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0356
+CVE-2002-0356 (Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0355
+CVE-2002-0355 (netstat in SGI IRIX before 6.5.12 allows local users to determine the  ...)
 	NOT-FOR-US: SGI
-CVE-2002-0339
+CVE-2002-0339 (Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enab ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0330
+CVE-2002-0330 (Cross-site scripting vulnerability in codeparse.php of Open Bulletin B ...)
 	NOT-FOR-US: OpenBB
-CVE-2002-0329
+CVE-2002-0329 (Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and ear ...)
 	NOT-FOR-US: Snitz
-CVE-2002-0318
+CVE-2002-0318 (FreeRADIUS RADIUS server allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0313
+CVE-2002-0313 (Buffer overflow in Essentia Web Server 2.1 allows remote attackers to  ...)
 	NOT-FOR-US: Essentia
-CVE-2002-0309
+CVE-2002-0309 (SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the fi ...)
 	NOT-FOR-US: Symantec
-CVE-2002-0302
+CVE-2002-0302 (The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops l ...)
 	NOT-FOR-US: Symantec
-CVE-2002-0300
+CVE-2002-0300 (gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0299
+CVE-2002-0299 (CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code v ...)
 	NOT-FOR-US: CatchUp
-CVE-2002-0292
+CVE-2002-0292 (Cross-site scripting vulnerability in Slash before 2.2.5, as used in S ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0290
+CVE-2002-0290 (Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows ...)
 	NOT-FOR-US: WebNews
-CVE-2002-0287
+CVE-2002-0287 (pforum 1.14 and earlier does not explicitly enable PHP magic quotes, w ...)
 	NOT-FOR-US: pforum
-CVE-2002-0276
+CVE-2002-0276 (Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0275
+CVE-2002-0275 (Falcon web server 2.0.0.1020 and earlier allows remote attackers to by ...)
 	NOT-FOR-US: Falcon
-CVE-2002-0274
+CVE-2002-0274 (Exim 3.34 and earlier may allow local users to gain privileges via a b ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0267
+CVE-2002-0267 (preferences.php in Simple Internet Publishing System (SIPS) before 0.3 ...)
 	NOT-FOR-US: SIPS
-CVE-2002-0265
+CVE-2002-0265 (Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword file  ...)
 	NOT-FOR-US: Sawmill
-CVE-2002-0251
+CVE-2002-0251 (Buffer overflow in licq 1.0.4 and earlier allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0250
+CVE-2002-0250 (Web configuration utility in HP AdvanceStack hubs J3200A through J3210 ...)
 	NOT-FOR-US: HP
-CVE-2002-0246
+CVE-2002-0246 (Format string vulnerability in the message catalog library functions i ...)
 	NOT-FOR-US: UnixWare
-CVE-2002-0241
+CVE-2002-0241 (NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1  ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0237
+CVE-2002-0237 (Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Age ...)
 	NOT-FOR-US: ISS
-CVE-2002-0226
+CVE-2002-0226 (retrieve_password.pl in DCForum 6.x and 2000 generates predictable new ...)
 	NOT-FOR-US: DCForum
-CVE-2002-0213
+CVE-2002-0213 (xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read ar ...)
 	NOT-FOR-US: Xinet
-CVE-2002-0211
+CVE-2002-0211 (Race condition in the installation script for Tarantella Enterprise 3  ...)
 	NOT-FOR-US: Tarantella
-CVE-2002-0209
+CVE-2002-0209 (Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (S ...)
 	NOT-FOR-US: Nortel
-CVE-2002-0207
+CVE-2002-0207 (Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows rem ...)
 	NOT-FOR-US: Real Networks
-CVE-2002-0197
+CVE-2002-0197 (psyBNC 2.3 beta and earlier allows remote attackers to spoof encrypted ...)
 	NOT-FOR-US: psyBNC
-CVE-2002-0196
+CVE-2002-0196 (GetRelativePath in ACD Incorporated CwpAPI 1.1 only verifies if the se ...)
 	NOT-FOR-US: ACD
-CVE-2002-0193
+CVE-2002-0193 (Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to exe ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0191
+CVE-2002-0191 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0190
+CVE-2002-0190 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0188
+CVE-2002-0188 (Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to exe ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0187
+CVE-2002-0187 (Cross-site scripting vulnerability in the SQLXML component of Microsof ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0186
+CVE-2002-0186 (Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0185
+CVE-2002-0185 (mod_python version 2.7.6 and earlier allows a module indirectly import ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0184
+CVE-2002-0184 (Heap-based buffer overflow in sudo before 1.6.6 may allow local users  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0181
+CVE-2002-0181 (Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HO ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0179
+CVE-2002-0179 (Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0178
+CVE-2002-0178 (uudecode, as available in the sharutils package before 4.2.1, does not ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0176
+CVE-2002-0176 (The printf wrappers in libsafe 2.0-11 and earlier do not properly hand ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0175
+CVE-2002-0175 (libsafe 2.0-11 and earlier allows attackers to bypass protection again ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0174
+CVE-2002-0174 (nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0173
+CVE-2002-0173 (Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Softw ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0172
+CVE-2002-0172 (/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0171
+CVE-2002-0171 (IRISconsole 2.0 may allow users to log into the icadmin account with a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0170
+CVE-2002-0170 (Zope 2.2.0 through 2.5.1 does not properly verify the access for objec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0169
+CVE-2002-0169 (The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0168
+CVE-2002-0168 (Vulnerability in Imlib before 1.9.13 allows attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0167
+CVE-2002-0167 (Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0166
+CVE-2002-0166 (Cross-site scripting vulnerability in analog before 5.22 allows remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0163
+CVE-2002-0163 (Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0160
+CVE-2002-0160 (The administration function in Cisco Secure Access Control Server (ACS ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0159
+CVE-2002-0159 (Format string vulnerability in the administration function in Cisco Se ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0158
+CVE-2002-0158 (Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0157
+CVE-2002-0157 (Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary f ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0155
+CVE-2002-0155 (Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0153
+CVE-2002-0153 (Internet Explorer 5.1 for Macintosh allows remote attackers to bypass  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0152
+CVE-2002-0152 (Buffer overflow in various Microsoft applications for Macintosh allows ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0151
+CVE-2002-0151 (Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows op ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0150
+CVE-2002-0150 (Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0149
+CVE-2002-0149 (Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 an ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0148
+CVE-2002-0148 (Cross-site scripting vulnerability in Internet Information Server (IIS ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0147
+CVE-2002-0147 (Buffer overflow in the ASP data transfer mechanism in Internet Informa ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0146
+CVE-2002-0146 (fetchmail email client before 5.9.10 does not properly limit the maxim ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0143
+CVE-2002-0143 (Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0139
+CVE-2002-0139 (Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0128
+CVE-2002-0128 (cgitest.exe in Sambar Server 5.1 before Beta 4 allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0123
+CVE-2002-0123 (MDG Computer Services Web Server 4D WS4D/eCommerce 3.0 and earlier, an ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0121
+CVE-2002-0121 (PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0120
+CVE-2002-0120 (Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup fil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0117
+CVE-2002-0117 (Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0115
+CVE-2002-0115 (Snort 1.8.3 does not properly define the minimum ICMP header size, whi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0111
+CVE-2002-0111 (Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0107
+CVE-2002-0107 (Web administration interface in CacheFlow CacheOS 4.0.13 and earlier a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0098
+CVE-2002-0098 (Buffer overflow in index.cgi administration interface for Boozt! Stand ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0097
+CVE-2002-0097 (Geeklog 1.3 allows remote attackers to hijack user accounts, including ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0096
+CVE-2002-0096 (The installation of Geeklog 1.3 creates an extra group_assignments rec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0095
+CVE-2002-0095 (The default configuration of BSCW (Basic Support for Cooperative Work) ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0094
+CVE-2002-0094 (config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0092
+CVE-2002-0092 (CVS before 1.10.8 does not properly initialize a global variable, whic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0090
+CVE-2002-0090 (Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0083
+CVE-2002-0083 (Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0082
+CVE-2002-0082 (The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0081
+CVE-2002-0081 (Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0080
+CVE-2002-0080 (rsync, when running in daemon mode, does not properly call setgroups b ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0079
+CVE-2002-0079 (Buffer overflow in the chunked encoding transfer mechanism in Internet ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0078
+CVE-2002-0078 (The zone determination function in Microsoft Internet Explorer 5.5 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0076
+CVE-2002-0076 (Java Runtime Environment (JRE) Bytecode Verifier allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0075
+CVE-2002-0075 (Cross-site scripting vulnerability for Internet Information Server (II ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0074
+CVE-2002-0074 (Cross-site scripting vulnerability in Help File search facility for In ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0073
+CVE-2002-0073 (The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0072
+CVE-2002-0072 (The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0071
+CVE-2002-0071 (Buffer overflow in the ism.dll ISAPI extension that implements HTR scr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0070
+CVE-2002-0070 (Buffer overflow in Windows Shell (used as the Windows Desktop) allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0069
+CVE-2002-0069 (Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0068
+CVE-2002-0068 (Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0067
+CVE-2002-0067 (Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even whe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0066
+CVE-2002-0066 (Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that do ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0065
+CVE-2002-0065 (Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host p ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0064
+CVE-2002-0064 (Funk Software Proxy Host 3.x is installed with insecure permissions fo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0063
+CVE-2002-0063 (Buffer overflow in ippRead function of CUPS before 1.1.14 may allow at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0062
+CVE-2002-0062 (Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0061
+CVE-2002-0061 (Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0060
+CVE-2002-0060 (IRC connection tracking helper module in the netfilter subsystem for L ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0059
+CVE-2002-0059 (The decompression algorithm in zlib 1.1.3 and earlier, as used in many ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0057
+CVE-2002-0057 (XMLHTTP control in Microsoft XML Core Services 2.6 and later does not  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0055
+CVE-2002-0055 (SMTP service in Microsoft Windows 2000, Windows XP Professional, and E ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0054
+CVE-2002-0054 (SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Conne ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0052
+CVE-2002-0052 (Internet Explorer 6.0 and earlier does not properly handle VBScript in ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0051
+CVE-2002-0051 (Windows 2000 allows local users to prevent the application of new grou ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0050
+CVE-2002-0050 (Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0049
+CVE-2002-0049 (Microsoft Exchange Server 2000 System Attendant gives "Everyone" group ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0047
+CVE-2002-0047 (CIPE VPN package before 1.3.0-3 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0046
+CVE-2002-0046 (Linux kernel, and possibly other operating systems, allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0045
+CVE-2002-0045 (slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0044
+CVE-2002-0044 (GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0043
+CVE-2002-0043 (sudo 1.6.0 through 1.6.3p7 does not properly clear the environment bef ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0042
+CVE-2002-0042 (Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0040
+CVE-2002-0040 (Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0038
+CVE-2002-0038 (Vulnerability in the cache-limiting function of the unified name servi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0036
+CVE-2002-0036 (Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0033
+CVE-2002-0033 (Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0032
+CVE-2002-0032 (Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to exe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0028
+CVE-2002-0028 (Buffer overflow in ICQ before 2001B Beta v5.18 Build #3659 allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0027
+CVE-2002-0027 (Internet Explorer 5.5 and 6.0 allows remote attackers to read certain  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0026
+CVE-2002-0026 (Internet Explorer 5.5 and 6.0 allows remote attackers to bypass restri ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0025
+CVE-2002-0025 (Internet Explorer 5.01, 5.5 and 6.0 does not properly handle the Conte ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0024
+CVE-2002-0024 (File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an att ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0023
+CVE-2002-0023 (Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to read ar ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0022
+CVE-2002-0022 (Buffer overflow in the implementation of an HTML directive in mshtml.d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0021
+CVE-2002-0021 (Network Product Identification (PID) Checker in Microsoft Office v. X  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0020
+CVE-2002-0020 (Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0018
+CVE-2002-0018 (In Microsoft Windows NT and Windows 2000, a trusting domain that recei ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0017
+CVE-2002-0017 (Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0014
+CVE-2002-0014 (URL-handling code in Pine 4.43 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0011
+CVE-2002-0011 (Information leak in doeditvotes.cgi in Bugzilla before 2.14.1 may allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0009
+CVE-2002-0009 (show_bug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs Access ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0007
+CVE-2002-0007 (CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0006
+CVE-2002-0006 (XChat 1.8.7 and earlier, including default configurations of 1.4.2 and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0005
+CVE-2002-0005 (Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0004
+CVE-2002-0004 (Heap corruption vulnerability in the "at" program allows local users t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0003
+CVE-2002-0003 (Buffer overflow in the preprocessor in groff 1.16 and earlier allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0002
+CVE-2002-0002 (Format string vulnerability in stunnel before 3.22 when used in client ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0654
+CVE-2002-0654 (Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote a ...)
 	- apache2 2.0.40
-CVE-2002-0652
+CVE-2002-0652 (xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute a ...)
 	NOT-FOR-US: IRIX
-CVE-2002-0649
+CVE-2002-0649 (Multiple buffer overflows in the Resolution Service for Microsoft SQL  ...)
 	NOT-FOR-US: Microsoft
 CVE-2002-0646
 	REJECTED
-CVE-2002-0645
+CVE-2002-0645 (SQL injection vulnerability in stored procedures for Microsoft SQL Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0644
+CVE-2002-0644 (Buffer overflow in several Database Consistency Checkers (DBCCs) for M ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0643
+CVE-2002-0643 (The installation of Microsoft Data Engine 1.0 (MSDE 1.0), and Microsof ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0641
+CVE-2002-0641 (Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0637
+CVE-2002-0637 (InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass  ...)
 	NOT-FOR-US: InterScan
 CVE-2002-0636
 	RESERVED
@@ -4422,606 +4422,606 @@ CVE-2002-0634
 	REJECTED
 CVE-2002-0633
 	REJECTED
-CVE-2002-0632
+CVE-2002-0632 (Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier al ...)
 	NOT-FOR-US: SGI
-CVE-2002-0629
+CVE-2002-0629 (The Telnet service for Polycom ViewStation before 7.2.4 allows remote  ...)
 	NOT-FOR-US: Polycom
-CVE-2002-0628
+CVE-2002-0628 (The Telnet service for Polycom ViewStation before 7.2.4 does not restr ...)
 	NOT-FOR-US: Polycom
-CVE-2002-0626
+CVE-2002-0626 (Polycom ViewStation before 7.2.4 has a default null password for the a ...)
 	NOT-FOR-US: Polycom
-CVE-2002-0624
+CVE-2002-0624 (Buffer overflow in the password encryption function of Microsoft SQL S ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0620
+CVE-2002-0620 (Buffer overflow in the Profile Service of Microsoft Commerce Server 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0614
+CVE-2002-0614 (PHP-Survey 20000615 and earlier stores the global.inc file under the w ...)
 	NOT-FOR-US: PHP-Survey
-CVE-2002-0612
+CVE-2002-0612 (FileSeek.cgi allows remote attackers to execute arbitrary commands via ...)
 	NOT-FOR-US: FileSeek
-CVE-2002-0611
+CVE-2002-0611 (Directory traversal vulnerability in FileSeek.cgi allows remote attack ...)
 	NOT-FOR-US: FileSeek
-CVE-2002-0610
+CVE-2002-0610 (Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not properl ...)
 	NOT-FOR-US: HP
-CVE-2002-0609
+CVE-2002-0609 (Vulnerability in HP MPE/iX 6.0 through 7.0 allows attackers to cause a ...)
 	NOT-FOR-US: HP
-CVE-2002-0608
+CVE-2002-0608 (Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to e ...)
 	NOT-FOR-US: Matu
-CVE-2002-0607
+CVE-2002-0607 (members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows rem ...)
 	NOT-FOR-US: Snitz
-CVE-2002-0606
+CVE-2002-0606 (Buffer overflow in 3Cdaemon 2.0 FTP server allows remote attackers to  ...)
 	NOT-FOR-US: 3Cdaemon
-CVE-2002-0604
+CVE-2002-0604 (Snapgear Lite+ firewall 1.5.3 and 1.5.4 allows remote attackers to cau ...)
 	NOT-FOR-US: Snapgear
-CVE-2002-0603
+CVE-2002-0603 (Snapgear Lite+ firewall 1.5.3 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Snapgear
-CVE-2002-0602
+CVE-2002-0602 (Snapgear Lite+ firewall 1.5.4 and 1.5.3 allows remote attackers to cau ...)
 	NOT-FOR-US: Snapgear
-CVE-2002-0600
+CVE-2002-0600 (Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote m ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0596
+CVE-2002-0596 (WebTrends Reporting Center 4.0d allows remote attackers to determine t ...)
 	NOT-FOR-US: WebTrends
-CVE-2002-0595
+CVE-2002-0595 (Buffer overflow in WTRS_UI.EXE (WTX_REMOTE.DLL) for WebTrends Reportin ...)
 	NOT-FOR-US: WebTrends
-CVE-2002-0593
+CVE-2002-0593 (Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0592
+CVE-2002-0592 (AOL Instant Messenger (AIM) allows remote attackers to steal files tha ...)
 	NOT-FOR-US: AOL
-CVE-2002-0591
+CVE-2002-0591 (Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 b ...)
 	NOT-FOR-US: AOL
-CVE-2002-0590
+CVE-2002-0590 (Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows r ...)
 	NOT-FOR-US: IncrediBB
-CVE-2002-0589
+CVE-2002-0589 (PVote before 1.9 allows remote attackers to change the administrative  ...)
 	NOT-FOR-US: PVote
-CVE-2002-0588
+CVE-2002-0588 (PVote before 1.9 does not authenticate users for restricted operations ...)
 	NOT-FOR-US: PVote
-CVE-2002-0587
+CVE-2002-0587 (Buffer overflow in Ns_PdLog function for the external database driver  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0586
+CVE-2002-0586 (Format string vulnerability in Ns_PdLog function for the external data ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0585
+CVE-2002-0585 (Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT pa ...)
 	NOT-FOR-US: HP-UX
-CVE-2002-0584
+CVE-2002-0584 (WorkforceROI Xpede 4.1 allows remote attackers to read user timesheets ...)
 	NOT-FOR-US: WorkforceROI
-CVE-2002-0583
+CVE-2002-0583 (WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric c ...)
 	NOT-FOR-US: WorkforceROI
-CVE-2002-0582
+CVE-2002-0582 (WorkforceROI Xpede 4.1 stores temporary expense claim reports in a wor ...)
 	NOT-FOR-US: WorkforceROI
-CVE-2002-0581
+CVE-2002-0581 (WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQ ...)
 	NOT-FOR-US: WorkforceROI
-CVE-2002-0580
+CVE-2002-0580 (WorkforceROI Xpede 4.1 allows remote attackers to obtain the database  ...)
 	NOT-FOR-US: WorkforceROI
-CVE-2002-0579
+CVE-2002-0579 (WorkforceROI Xpede 4.1 allows remote attackers to gain privileges as a ...)
 	NOT-FOR-US: WorkforceROI
-CVE-2002-0578
+CVE-2002-0578 (Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause ...)
 	NOT-FOR-US: 4D WebServer
-CVE-2002-0577
+CVE-2002-0577 (Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users t ...)
 	NOT-FOR-US: HP-UX
-CVE-2002-0572
+CVE-2002-0572 (FreeBSD 4.5 and earlier, and possibly other BSD-based operating system ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-0570
+CVE-2002-0570 (The encrypted loop device in Linux kernel 2.4.10 and earlier does not  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0568
+CVE-2002-0568 (Oracle 9i Application Server stores XSQL and SOAP configuration files  ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0566
+CVE-2002-0566 (PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0565
+CVE-2002-0565 (Oracle 9iAS 1.0.2.x compiles JSP files in the _pages directory with wo ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0564
+CVE-2002-0564 (PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0563
+CVE-2002-0563 (The default configuration of Oracle 9i Application Server 1.0.2.x allo ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0562
+CVE-2002-0562 (The default configuration of Oracle 9i Application Server 1.0.2.x runn ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0561
+CVE-2002-0561 (The default configuration of the PL/SQL Gateway web administration int ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0560
+CVE-2002-0560 (PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0559
+CVE-2002-0559 (Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application S ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0558
+CVE-2002-0558 (Directory traversal vulnerability in TYPSoft FTP server 0.97.1 and ear ...)
 	NOT-FOR-US: TYPSoft
-CVE-2002-0557
+CVE-2002-0557 (Vulnerability in OpenBSD 3.0, when using YP with netgroups in the pass ...)
 	NOT-FOR-US: OpenBSD
-CVE-2002-0556
+CVE-2002-0556 (Directory traversal vulnerability in Quik-Serv HTTP server 1.1B allows ...)
 	NOT-FOR-US: Quik-Serv
-CVE-2002-0555
+CVE-2002-0555 (IBM Informix Web DataBlade 4.12 unescapes user input even if an applic ...)
 	NOT-FOR-US: IBM
-CVE-2002-0554
+CVE-2002-0554 (webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers t ...)
 	NOT-FOR-US: IBM
-CVE-2002-0552
+CVE-2002-0552 (Multiple buffer overflows in Melange Chat server 2.02 allow remote or  ...)
 	NOT-FOR-US: Melange
-CVE-2002-0551
+CVE-2002-0551 (Cross-site scripting vulnerability in Dynamic Guestbook 3.0 allows rem ...)
 	NOT-FOR-US: Dynamic Guestbook
-CVE-2002-0550
+CVE-2002-0550 (Dynamic Guestbook 3.0 allows remote attackers to execute arbitrary cod ...)
 	NOT-FOR-US: Dynamic Guestbook
-CVE-2002-0549
+CVE-2002-0549 (Cross-site scripting vulnerabilities in Anthill allow remote attackers ...)
 	NOT-FOR-US: Anthill
-CVE-2002-0548
+CVE-2002-0548 (Anthill allows remote attackers to bypass authentication and file bug  ...)
 	NOT-FOR-US: Anthill
-CVE-2002-0547
+CVE-2002-0547 (Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows ...)
 	NOT-FOR-US: Winamp
-CVE-2002-0544
+CVE-2002-0544 (Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administra ...)
 	NOT-FOR-US: Aprelium
-CVE-2002-0541
+CVE-2002-0541 (Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Ag ...)
 	NOT-FOR-US: Tivoli
-CVE-2002-0540
+CVE-2002-0540 (Nortel CVX 1800 is installed with a default "public" community string, ...)
 	NOT-FOR-US: Nortel
-CVE-2002-0537
+CVE-2002-0537 (The admin.html file in StepWeb Search Engine (SWS) 2.5 stores password ...)
 	NOT-FOR-US: SWS
-CVE-2002-0535
+CVE-2002-0535 (Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier al ...)
 	NOT-FOR-US: PostBoard
-CVE-2002-0534
+CVE-2002-0534 (PostBoard 2.0.1 and earlier with BBcode allows remote attackers to cau ...)
 	NOT-FOR-US: PostBoard
-CVE-2002-0533
+CVE-2002-0533 (phpBB 1.4.4 and earlier with BBcode allows remote attackers to cause a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0530
+CVE-2002-0530 (Cross-site scripting vulnerability in Novell Web Search 2.0.1 allows r ...)
 	NOT-FOR-US: Novell
-CVE-2002-0529
+CVE-2002-0529 (HP Photosmart printer driver for Mac OS X installs the hp_imaging_conn ...)
 	NOT-FOR-US: HP/Apple
-CVE-2002-0528
+CVE-2002-0528 (Watchguard SOHO firewall 5.0.35 unpredictably disables certain IP rest ...)
 	NOT-FOR-US: Watchguard
-CVE-2002-0527
+CVE-2002-0527 (Watchguard SOHO firewall before 5.0.35 allows remote attackers to caus ...)
 	NOT-FOR-US: Watchguard
-CVE-2002-0526
+CVE-2002-0526 (Vulnerability in (1) inews or (2) rnews for INN 2.2.3 and earlier, rel ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0525
+CVE-2002-0525 (Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0524
+CVE-2002-0524 (ASP-Nuke RC2 and earlier allows remote attackers to determine the abso ...)
 	NOT-FOR-US: ASP-Nuke
-CVE-2002-0523
+CVE-2002-0523 (ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in ...)
 	NOT-FOR-US: ASP-Nuke
-CVE-2002-0522
+CVE-2002-0522 (ASP-Nuke RC2 and earlier allows remote attackers to bypass authenticat ...)
 	NOT-FOR-US: ASP-Nuke
-CVE-2002-0521
+CVE-2002-0521 (Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow ...)
 	NOT-FOR-US: ASP-Nuke
-CVE-2002-0520
+CVE-2002-0520 (Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke R ...)
 	NOT-FOR-US: ASP-Nuke
-CVE-2002-0518
+CVE-2002-0518 (The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeB ...)
 	NOT-FOR-US: FreeBSD
-CVE-2002-0517
+CVE-2002-0517 (Buffer overflow in X11 library (libX11) on Caldera Open UNIX 8.0.0, Un ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0515
+CVE-2002-0515 (IPFilter 3.4.25 and earlier sets a different TTL when a port is being  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0514
+CVE-2002-0514 (PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the  ...)
 	NOT-FOR-US: OpenBSD
-CVE-2002-0510
+CVE-2002-0510 (The UDP implementation in Linux 2.4.x kernels keeps the IP Identificat ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0509
+CVE-2002-0509 (Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allo ...)
 	NOT-FOR-US: Oracle
-CVE-2002-0508
+CVE-2002-0508 (wwwisis 3.45 and earlier allows remote attackers to execute arbitrary  ...)
 	NOT-FOR-US: wwwisis
-CVE-2002-0507
+CVE-2002-0507 (An interaction between Microsoft Outlook Web Access (OWA) with RSA Sec ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0504
+CVE-2002-0504 (Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier doe ...)
 	NOT-FOR-US: Citrix
-CVE-2002-0503
+CVE-2002-0503 (Directory traversal vulnerability in boilerplate.asp for Citrix NFuse  ...)
 	NOT-FOR-US: Citrix
-CVE-2002-0502
+CVE-2002-0502 (Citrix NFuse 1.6 may allow remote attackers to list applications witho ...)
 	NOT-FOR-US: Citrix
-CVE-2002-0500
+CVE-2002-0500 (Internet Explorer 5.0 through 6.0 allows remote attackers to determine ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0499
+CVE-2002-0499 (The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0498
+CVE-2002-0498 (Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID 5 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0496
+CVE-2002-0496 (The HTTP server for SouthWest Talker server 1.0.0 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0492
+CVE-2002-0492 (dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete arbi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0491
+CVE-2002-0491 (admin.php in AlGuest 1.0 guestbook checks for the existence of the adm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0489
+CVE-2002-0489 (Linux Directory Penguin NsLookup CGI script (nslookup.pl) 1.0 allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0487
+CVE-2002-0487 (Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0486
+CVE-2002-0486 (Intellisol Xpede 4.1 uses weak encryption to store authentication info ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0485
+CVE-2002-0485 (Norton Anti-Virus (NAV) allows remote attackers to bypass content filt ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0483
+CVE-2002-0483 (index.php for PHP-Nuke 5.4 and earlier allows remote attackers to dete ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0482
+CVE-2002-0482 (Directory traversal vulnerability in PCI Netsupport Manager before ver ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0481
+CVE-2002-0481 (An interaction between Windows Media Player (WMP) and Outlook 2002 all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0480
+CVE-2002-0480 (ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is co ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0479
+CVE-2002-0479 (Gravity Storm Service Pack Manager 2000 creates a hidden share (SPM200 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0478
+CVE-2002-0478 (The default configuration of Foundry Networks EdgeIron 4802F allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0477
+CVE-2002-0477 (Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0476
+CVE-2002-0476 (Standalone Macromedia Flash Player 5.0 allows remote attackers to save ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0475
+CVE-2002-0475 (Cross-site scripting vulnerability in phpBB 1.4.4 and earlier allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0474
+CVE-2002-0474 (Cross-site scripting vulnerability in ZeroForum allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0472
+CVE-2002-0472 (MSN Messenger Service 3.6, and possibly other versions, uses weak auth ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0471
+CVE-2002-0471 (PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0470
+CVE-2002-0470 (PHPNetToolpack 0.1 relies on its environment's PATH to find and execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0469
+CVE-2002-0469 (Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0468
+CVE-2002-0468 (Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 200204 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0467
+CVE-2002-0467 (Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0466
+CVE-2002-0466 (Hosting Controller 1.4.1 and earlier allows remote attackers to browse ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0465
+CVE-2002-0465 (Directory traversal vulnerability in filemanager.asp for Hosting Contr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0461
+CVE-2002-0461 (Internet Explorer 5.01 through 6 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0460
+CVE-2002-0460 (Bitvise WinSSHD before 2002-03-16 allows remote attackers to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0459
+CVE-2002-0459 (Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0458
+CVE-2002-0458 (Cross-site scripting vulnerability in News-TNK 1.2.1 and earlier allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0457
+CVE-2002-0457 (Cross-site scripting vulnerability in signgbook.php for BG GuestBook 1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0456
+CVE-2002-0456 (Eudora 5.1 and earlier versions stores attachments in a directory with ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0455
+CVE-2002-0455 (IncrediMail stores attachments in a directory with a fixed name, which ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0453
+CVE-2002-0453 (The account lockout capability in Oblix NetPoint 5.2 and earlier only  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0452
+CVE-2002-0452 (Foundry Networks ServerIron switches do not decode URIs when applying  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0450
+CVE-2002-0450 (Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0449
+CVE-2002-0449 (Buffer overflow in webpsvc.exe for Talentsoft Web+ 5.0 and earlier all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0448
+CVE-2002-0448 (Xerver Free Web Server 2.10 and earlier allows remote attackers to cau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0447
+CVE-2002-0447 (Directory traversal vulnerability in Xerver Free Web Server 2.10 and e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0446
+CVE-2002-0446 (categorie.php3 in Black Tie Project (BTP) 0.4b through 0.5b allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0440
+CVE-2002-0440 (Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0439
+CVE-2002-0439 (Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0438
+CVE-2002-0438 (ZyXEL ZyWALL 10 before 3.50 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0436
+CVE-2002-0436 (sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0434
+CVE-2002-0434 (Marcus S. Xenakis directory.php script allows remote attackers to exec ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0433
+CVE-2002-0433 (Pi3Web 2.0.0 allows remote attackers to view restricted files via an H ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0432
+CVE-2002-0432 (Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of Citadel/ ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0430
+CVE-2002-0430 (MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration in ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0428
+CVE-2002-0428 (Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows client ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0427
+CVE-2002-0427 (Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0426
+CVE-2002-0426 (VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router be ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0422
+CVE-2002-0422 (IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to det ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0421
+CVE-2002-0421 (IIS 4.0 allows local users to bypass the "User cannot change password" ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0420
+CVE-2002-0420 (Vulnerability in PureTLS before 0.9b2 related to injection attacks, wh ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0419
+CVE-2002-0419 (Information leaks in IIS 4 through 5.1 allow remote attackers to obtai ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0418
+CVE-2002-0418 (Directory traversal vulnerability in the com.endymion.sake.servlet.mai ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0417
+CVE-2002-0417 (Directory traversal vulnerability in Endymion MailMan before 3.1 allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0416
+CVE-2002-0416 (Buffer overflow in SH39 MailServer 1.21 and earlier allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0415
+CVE-2002-0415 (Directory traversal vulnerability in the web server used in RealPlayer ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0413
+CVE-2002-0413 (Cross-site scripting vulnerability in ReBB allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0411
+CVE-2002-0411 (Cross-site scripting vulnerability in message.php for AeroMail before  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0410
+CVE-2002-0410 (send_message.php in AeroMail before 1.45 allows remote attackers to re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0409
+CVE-2002-0409 (orderdetails.aspx, as made available to Microsoft .NET developers as e ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0408
+CVE-2002-0408 (htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configure ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0407
+CVE-2002-0407 (htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0405
+CVE-2002-0405 (Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0399
+CVE-2002-0399 (Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0393
+CVE-2002-0393 (Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0390
 	RESERVED
-CVE-2002-0388
+CVE-2002-0388 (Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow re ...)
 	{DSA-147}
 	- mailman 2.0.12-1
-CVE-2002-0386
+CVE-2002-0386 (The administration module for Oracle Web Cache in Oracle9iAS (9i Appli ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0385
+CVE-2002-0385 (Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0383
 	RESERVED
-CVE-2002-0378
+CVE-2002-0378 (The default configuration of LPRng print spooler in Red Hat Linux 7.0  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0375
+CVE-2002-0375 (Cross-site scripting vulnerability in sgdynamo.exe for Sgdynamo allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0371
+CVE-2002-0371 (Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 t ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0370
+CVE-2002-0370 (Buffer overflow in the ZIP capability for multiple products allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0365
 	RESERVED
 CVE-2002-0361
 	RESERVED
-CVE-2002-0360
+CVE-2002-0360 (Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0354
+CVE-2002-0354 (The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0353
+CVE-2002-0353 (The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0352
+CVE-2002-0352 (Phorum 3.3.2 allows remote attackers to determine the email addresses  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0351
+CVE-2002-0351 (Buffer overflows in CFS daemon (cfsd) before 1.3.3-8.1, and 1.4x befor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0350
+CVE-2002-0350 (HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows r ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0349
+CVE-2002-0349 (Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, wil ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0348
+CVE-2002-0348 (service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0347
+CVE-2002-0347 (Directory traversal vulnerability in Cobalt RAQ 4 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0346
+CVE-2002-0346 (Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0345
+CVE-2002-0345 (Symantec Ghost 7.0 stores usernames and passwords in plaintext in the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0344
+CVE-2002-0344 (Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernam ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0343
+CVE-2002-0343 (Hotline Client 1.8.5 stores sensitive user information, including pass ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0342
+CVE-2002-0342 (Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0341
+CVE-2002-0341 (GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0340
+CVE-2002-0340 (Windows Media Player (WMP) 8.00.00.4477, and possibly other versions,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0338
+CVE-2002-0338 (The Bat! 1.53d and 1.54beta, and possibly other versions, allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0337
+CVE-2002-0337 (RealPlayer 8 allows remote attackers to cause a denial of service (CPU ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0336
+CVE-2002-0336 (Buffer overflow in Galacticomm Worldgroup FTP server 3.20 and earlier  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0335
+CVE-2002-0335 (Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0334
+CVE-2002-0334 (xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local us ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0333
+CVE-2002-0333 (Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0332
+CVE-2002-0332 (Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0331
+CVE-2002-0331 (Directory traversal vulnerability in the HTTP server for BPM Studio Pr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0328
+CVE-2002-0328 (Cross-site scripting vulnerability in Ikonboard 3.0.1 allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0327
+CVE-2002-0327 (Buffer overflow in Century Software TERM allows local users to gain ro ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0326
+CVE-2002-0326 (Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0325
+CVE-2002-0325 (Directory traversal vulnerability in BadBlue before 1.6.1 allows remot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0324
+CVE-2002-0324 (Greymatter 1.21c and earlier with the Bookmarklet feature enabled allo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0323
+CVE-2002-0323 (comment2.jse in ScriptEase:WebServer allows remote attackers to read a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0322
+CVE-2002-0322 (Yahoo! Messenger 4.0 sends user passwords in cleartext, which could al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0321
+CVE-2002-0321 (Yahoo! Messenger 5.0 allows remote attackers to spoof other users by m ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0320
+CVE-2002-0320 (Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0319
+CVE-2002-0319 (Cross-site scripting vulnerability in edituser.php for pforum 1.14 and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0317
+CVE-2002-0317 (Gator ActiveX component (IEGator.dll) 3.0.6.1 allows remote web sites  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0316
+CVE-2002-0316 (Cross-site scripting vulnerability in eXtreme message board (XMB) 1.6x ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0315
+CVE-2002-0315 (fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0314
+CVE-2002-0314 (fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3)  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0312
+CVE-2002-0312 (Directory traversal vulnerability in Essentia Web Server 2.1 allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0311
+CVE-2002-0311 (Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows l ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0310
+CVE-2002-0310 (Netwin WebNews 1.1k CGI program includes several default usernames and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0308
+CVE-2002-0308 (admin.asp in AdMentor 2.11 allows remote attackers to bypass authentic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0307
+CVE-2002-0307 (Directory traversal vulnerability in ans.pl in Avenger's News System ( ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0306
+CVE-2002-0306 (ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0305
+CVE-2002-0305 (Zero One Tech (ZOT) P100s print server does not properly disable the S ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0304
+CVE-2002-0304 (Lil HTTP Server 2.1 allows remote attackers to read password-protected ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0303
+CVE-2002-0303 (GroupWise 6, when using LDAP authentication and when Post Office has a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0301
+CVE-2002-0301 (Citrix NFuse 1.6 allows remote attackers to bypass authentication and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0298
+CVE-2002-0298 (ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0297
+CVE-2002-0297 (Buffer overflow in ScriptEase MiniWeb Server 0.95 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0296
+CVE-2002-0296 (The installation of Tarantella Enterprise 3 allows local users to over ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0295
+CVE-2002-0295 (Alcatel OmniPCX 4400 installs files with world-writable permissions, w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0294
+CVE-2002-0294 (Alcatel 4400 installs the /chetc/shutdown command with setgid privileg ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0293
+CVE-2002-0293 (FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain roo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0291
+CVE-2002-0291 (Dino's Webserver 1.2 allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0289
+CVE-2002-0289 (Buffer overflow in Phusion web server 1.0 allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0288
+CVE-2002-0288 (Directory traversal vulnerability in Phusion web server 1.0 allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0286
+CVE-2002-0286 (The GetPassword function in function.php of SiteNews 0.10 and 0.11 all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0285
+CVE-2002-0285 (Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0284
+CVE-2002-0284 (Winamp 2.78 and 2.77, when opening a wma file that requires a license, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0283
+CVE-2002-0283 (Windows XP with port 445 open allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0282
+CVE-2002-0282 (DCP-Portal 3.7 through 4.5 allows remote attackers to obtain the physi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0281
+CVE-2002-0281 (Cross-site scripting vulnerability in DCP-Portal 4.2 and earlier allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0280
+CVE-2002-0280 (Buffer overflow in CodeBlue 4 and earlier, and possibly other versions ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0279
+CVE-2002-0279 (The kernel in HP-UX 11.11 does not properly provide arguments for setr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0278
+CVE-2002-0278 (Directory traversal vulnerability in Add2it Mailman Free 1.73 and earl ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0277
+CVE-2002-0277 (Add2it Mailman Free 1.73 and earlier allows remote attackers to execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0273
+CVE-2002-0273 (Buffer overflow in CWMail.exe in NetWin before 2.8a allows remote auth ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0272
+CVE-2002-0272 (Buffer overflows in mpg321 before 0.2.9 allows local and possibly remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0271
+CVE-2002-0271 (Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0270
+CVE-2002-0270 (Opera, when configured with the "Determine action by MIME type" option ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0269
+CVE-2002-0269 (Internet Explorer 5.x and 6 interprets an object as an HTML document e ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0268
+CVE-2002-0268 (Identix BioLogon 3 allows users with physical access to the system to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0266
+CVE-2002-0266 (Thunderstone Texis CGI script allows remote attackers to obtain the fu ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0264
+CVE-2002-0264 (PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive accoun ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0263
+CVE-2002-0263 (Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0262
+CVE-2002-0262 (Directory traversal vulnerability in netget for Sybex E-Trainer web se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0261
+CVE-2002-0261 (Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0260
+CVE-2002-0260 (Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0259
+CVE-2002-0259 (InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0258
+CVE-2002-0258 (Merak Mail IceWarp Web Mail uses a static identifier as a user session ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0257
+CVE-2002-0257 (Cross-site scripting vulnerability in auction.pl of MakeBid Auction De ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0256
+CVE-2002-0256 (The telnet port in Arescom NetDSL 1000 router allows remote attackers  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0255
+CVE-2002-0255 (The default configuration of Arescom NetDSL 800 does not require authe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0254
+CVE-2002-0254 (ICQ 2001b Build 3659 allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0253
+CVE-2002-0253 (PHP, when not configured with the "display_errors = Off" setting in ph ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0252
+CVE-2002-0252 (Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0249
+CVE-2002-0249 (PHP for Windows, when installed on Apache 2.0.28 beta as a standalone  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0248
+CVE-2002-0248 (wmtv 0.6.5 and earlier allows local users to modify arbitrary files vi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0247
+CVE-2002-0247 (Buffer overflows in wmtv 0.6.5 and earlier may allow local users to ga ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0245
+CVE-2002-0245 (Lotus Domino server 5.0.8 with NoBanner enabled allows remote attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0244
+CVE-2002-0244 (Directory traversal vulnerability in chroot function in AtheOS 0.3.7 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0243
+CVE-2002-0243 (Cross-site scripting vulnerability in Opera 6.0 and earlier allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0242
+CVE-2002-0242 (Cross-site scripting vulnerability in Internet Explorer 6 earlier allo ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0240
+CVE-2002-0240 (PHP, when installed with Apache and configured to search for index.php ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0239
+CVE-2002-0239 (Buffer overflow in hanterm 3.3.1 and earlier allows local users to exe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0238
+CVE-2002-0238 (Cross-site scripting vulnerability in web administration interface for ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0236
+CVE-2002-0236 (Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0235
+CVE-2002-0235 (Castelle FaxPress, possibly 6.3 and other versions, when configured to ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0234
+CVE-2002-0234 (NetScreen ScreenOS before 2.6.1 does not support a maximum number of c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0233
+CVE-2002-0233 (Directory traversal vulnerability in eshare Expressions 4 Web server a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0232
+CVE-2002-0232 (Directory traversal vulnerability in Multi Router Traffic Grapher (MRT ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0231
+CVE-2002-0231 (Buffer overflow in mIRC 5.91 and earlier allows a remote server to exe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0230
+CVE-2002-0230 (Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0229
+CVE-2002-0229 (Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attacker ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0228
+CVE-2002-0228 (Microsoft MSN Messenger allows remote attackers to use Javascript that ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0227
+CVE-2002-0227 (KICQ 2.0.0b1 allows remote attackers to cause a denial of service (cra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0225
+CVE-2002-0225 (tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco,  ...)
 	NOT-FOR-US: Cisco
-CVE-2002-0224
+CVE-2002-0224 (The MSDTC (Microsoft Distributed Transaction Service Coordinator) for  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0223
+CVE-2002-0223 (Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0222
+CVE-2002-0222 (Etype Eserv 2.97 allows remote attackers to redirect traffic to other  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0221
+CVE-2002-0221 (Etype Eserv 2.97 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0220
+CVE-2002-0220 (phpsmssend.php in PhpSmsSend 1.0 allows remote attackers to execute ar ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0219
+CVE-2002-0219 (Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0218
+CVE-2002-0218 (Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0217
+CVE-2002-0217 (Cross-site scripting (CSS) vulnerabilities in the Private Message Syst ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0216
+CVE-2002-0216 (userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain sensit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0215
+CVE-2002-0215 (Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0214
+CVE-2002-0214 (Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0212
+CVE-2002-0212 (The login for Hosting Controller 1.1 through 1.4.1 returns different e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0210
+CVE-2002-0210 (setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0208
+CVE-2002-0208 (PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0206
+CVE-2002-0206 (index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0205
+CVE-2002-0205 (Cross-site scripting (CSS) vulnerability in error.asp for Plumtree Cor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0204
+CVE-2002-0204 (Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0203
+CVE-2002-0203 (ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0202
+CVE-2002-0202 (PaintBBS 1.2 installs certain files and directories with insecure perm ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0201
+CVE-2002-0201 (Cyberstop Web Server for Windows 0.1 allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0200
+CVE-2002-0200 (Cyberstop Web Server for Windows 0.1 allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0199
+CVE-2002-0199 (Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0198
+CVE-2002-0198 (Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in oth ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0195
 	RESERVED
@@ -5029,140 +5029,140 @@ CVE-2002-0194
 	RESERVED
 CVE-2002-0192
 	REJECTED
-CVE-2002-0189
+CVE-2002-0189 (Cross-site scripting vulnerability in Internet Explorer 6.0 allows rem ...)
 	NOT-FOR-US: Microsoft
 CVE-2002-0182
 	RESERVED
-CVE-2002-0180
+CVE-2002-0180 (Buffer overflow in Webalizer 2.01-06, when configured to use reverse D ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0177
+CVE-2002-0177 (Buffer overflows in icecast 1.3.11 and earlier allows remote attackers ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0165
+CVE-2002-0165 (LogWatch 2.5 allows local users to gain root privileges via a symlink  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0164
+CVE-2002-0164 (Vulnerability in the MIT-SHM extension of the X server on Linux (XFree ...)
 	{DSA-380}
 	- xfree86 4.2.1-11
-CVE-2002-0162
+CVE-2002-0162 (LogWatch before 2.5 allows local users to execute arbitrary code via a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0161
 	RESERVED
-CVE-2002-0154
+CVE-2002-0154 (Buffer overflows in extended stored procedures for Microsoft SQL Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0145
+CVE-2002-0145 (chuid 1.2 and earlier does not properly verify the ownership of files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0144
+CVE-2002-0144 (Directory traversal vulnerability in chuid 1.2 and earlier allows remo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0142
+CVE-2002-0142 (CGI handler in John Roy Pi3Web for Windows 2.0 beta 1 and 2 allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0141
+CVE-2002-0141 (Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0140
+CVE-2002-0140 (Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicio ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0138
+CVE-2002-0138 (CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0137
+CVE-2002-0137 (CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0136
+CVE-2002-0136 (Microsoft Internet Explorer 5.5 on Windows 98 allows remote web pages  ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0135
+CVE-2002-0135 (Netopia Timbuktu Pro 6.0.1 and earlier allows remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0134
+CVE-2002-0134 (Telnet proxy in Avirt Gateway Suite 4.2 does not require authenticatio ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0133
+CVE-2002-0133 (Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0132
+CVE-2002-0132 (Buffer overflow in Chinput 3.0 allows local users to execute arbitrary ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0131
+CVE-2002-0131 (ActivePython ActiveX control for Python in the AXScript package, when  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0130
+CVE-2002-0130 (Buffer overflow in efax 0.9 and earlier, when installed setuid root, a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0129
+CVE-2002-0129 (efax 0.9 and earlier, when installed setuid root, allows local users t ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0127
+CVE-2002-0127 (Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0126
+CVE-2002-0126 (Buffer overflow in BlackMoon FTP Server 1.0 through 1.5 allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0125
+CVE-2002-0125 (Buffer overflow in ClanLib library 0.5 may allow local users to execut ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0124
+CVE-2002-0124 (MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0122
+CVE-2002-0122 (Siemens 3568i WAP mobile phones allows remote attackers to cause a den ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0119
+CVE-2002-0119 (Alcatel Speed Touch Home ADSL Modem allows remote attackers to cause a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0118
+CVE-2002-0118 (Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0116
+CVE-2002-0116 (Palm OS 3.5h and possibly other versions, as used in Handspring Visor  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0114
+CVE-2002-0114 (EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0113
+CVE-2002-0113 (EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0112
+CVE-2002-0112 (Etype Eserv 2.97 allows remote attackers to view password protected fi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0110
+CVE-2002-0110 (Nevrona Designs MiraMail 1.04 and earlier stores authentication inform ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0109
+CVE-2002-0109 (Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0108
+CVE-2002-0108 (Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0106
+CVE-2002-0106 (BEA Systems Weblogic Server 6.1 allows remote attackers to cause a den ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2002-0105
+CVE-2002-0105 (CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating sy ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0104
+CVE-2002-0104 (AFTPD 5.4.4 allows remote attackers to gain sensitive information via  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0103
+CVE-2002-0103 (An installer program for Oracle9iAS Web Cache 2.0.0.x creates executab ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0102
+CVE-2002-0102 (Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0101
+CVE-2002-0101 (Microsoft Internet Explorer 6.0 and earlier allows local users to caus ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0100
+CVE-2002-0100 (AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0099
+CVE-2002-0099 (Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0093
+CVE-2002-0093 (Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0091
+CVE-2002-0091 (Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attacke ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0089
+CVE-2002-0089 (Buffer overflow in admintool in Solaris 2.5 through 8 allows local use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0088
+CVE-2002-0088 (Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local use ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0087
+CVE-2002-0087 (bindsock in Lotus Domino 5.07 on Solaris allows local users to create  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0086
+CVE-2002-0086 (Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0085
+CVE-2002-0085 (cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a d ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0084
+CVE-2002-0084 (Buffer overflow in the fscache_setup function of cachefsd in Solaris 2 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0077
+CVE-2002-0077 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked o ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0058
+CVE-2002-0058 (Vulnerability in Java Runtime Environment (JRE) allows remote maliciou ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0056
+CVE-2002-0056 (Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0053
+CVE-2002-0053 (Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows N ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0048
+CVE-2002-0048 (Multiple signedness errors (mixed signed and unsigned numbers) in the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0041
+CVE-2002-0041 (Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and po ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0039
+CVE-2002-0039 (rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0037
+CVE-2002-0037 (Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass th ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-0035
 	REJECTED
-CVE-2002-0034
+CVE-2002-0034 (The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2002-0031
+CVE-2002-0031 (Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows rem ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0030
+CVE-2002-0030 (The digital signature mechanism for the Adobe Acrobat PDF viewer only  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0029
+CVE-2002-0029 (Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 th ...)
 	{DSA-196}
 	- bind9 <not-affected>
 	- bind 1:8.3.3-3
@@ -5172,13 +5172,13 @@ CVE-2002-0016
 	RESERVED
 CVE-2002-0015
 	RESERVED
-CVE-2002-0013
+CVE-2002-0013 (Vulnerabilities in the SNMPv1 request handling of a large number of SN ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0012
+CVE-2002-0012 (Vulnerabilities in a large number of SNMP implementations allow remote ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0010
+CVE-2002-0010 (Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0008
+CVE-2002-0008 (Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user com ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2002-0001
+CVE-2002-0001 (Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
diff --git a/data/CVE/2003.list b/data/CVE/2003.list
index 8ee500c744..e734f58e33 100644
--- a/data/CVE/2003.list
+++ b/data/CVE/2003.list
@@ -1,9 +1,9 @@
-CVE-2003-1605
+CVE-2003-1605 (curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote s ...)
 	- curl 7.10.7-1
 	NOTE: https://curl.haxx.se/docs/CVE-2003-1605.html
-CVE-2003-1603
+CVE-2003-1603 (GE Healthcare Discovery VH has a default password of (1) interfile for ...)
 	NOT-FOR-US: GE Healthcare Discovery VH
-CVE-2003-1604
+CVE-2003-1604 (The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in t ...)
 	- linux <not-affected> (Fixed before rename to src:linux)
 	- linux-2.6 <not-affected> (Fixed before initial upload of linux-2.6 in Debian)
 	NOTE: https://marc.info/?l=netfilter-devel&m=106668497403047&w=2
@@ -13,592 +13,592 @@ CVE-2003-1601
 	RESERVED
 CVE-2003-1600
 	RESERVED
-CVE-2003-1599
+CVE-2003-1599 (PHP remote file inclusion vulnerability in wp-links/links.all.php in W ...)
 	NOT-FOR-US: WordPress plugin wp-links
-CVE-2003-1598
+CVE-2003-1598 (SQL injection vulnerability in log.header.php in WordPress 0.7 and ear ...)
 	- wordpress 1.0.1-1
 CVE-2003-1597
 	RESERVED
-CVE-2003-1596
+CVE-2003-1596 (NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2003-1595
+CVE-2003-1595 (NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2003-1594
+CVE-2003-1594 (NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2003-1593
+CVE-2003-1593 (NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5  ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2003-1592
+CVE-2003-1592 (Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell Ne ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2003-1591
+CVE-2003-1591 (NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5  ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2003-1590
+CVE-2003-1590 (Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 6.0 SP3  ...)
 	NOT-FOR-US: Sun ONE Web Server
-CVE-2003-1589
+CVE-2003-1589 (Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 4.1 befo ...)
 	NOT-FOR-US: Sun ONE Web Server
-CVE-2003-1588
+CVE-2003-1588 (Sun Cluster 2.2, when HA-Oracle or HA-Sybase DBMS services are used, s ...)
 	NOT-FOR-US: Sun Cluster
-CVE-2003-1587
+CVE-2003-1587 (Cross-site scripting (XSS) vulnerability in LoganPro allows remote att ...)
 	NOT-FOR-US: LoganPro
-CVE-2003-1586
+CVE-2003-1586 (Cross-site scripting (XSS) vulnerability in WebExpert allows remote at ...)
 	NOT-FOR-US: WebExpert
-CVE-2003-1585
+CVE-2003-1585 (Cross-site scripting (XSS) vulnerability in WebLogExpert allows remote ...)
 	NOT-FOR-US: WebLogExpert
-CVE-2003-1584
+CVE-2003-1584 (Cross-site scripting (XSS) vulnerability in SurfStats allows remote at ...)
 	NOT-FOR-US: SurfStats
-CVE-2003-1583
+CVE-2003-1583 (Cross-site scripting (XSS) vulnerability in WebTrends allows remote at ...)
 	NOT-FOR-US: WebTrends
-CVE-2003-1582
+CVE-2003-1582 (Microsoft Internet Information Services (IIS) 6.0, when DNS resolution ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-1581
+CVE-2003-1581 (The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ...)
 	- apache <removed> (unimportant)
 	- apache2 <unfixed> (unimportant; bug #570740)
 	NOTE: not really an apache issue; if an apache log analyzer is known vulnerable,
 	NOTE: then that itself should be fixed
-CVE-2003-1580
+CVE-2003-1580 (The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ...)
 	- apache <removed> (unimportant)
 	- apache2 <unfixed> (unimportant; bug #570740)
 	NOTE: not really an apache issue; if an apache log analyzer is known vulnerable,
 	NOTE: then that itself should be fixed
-CVE-2003-1579
+CVE-2003-1579 (Sun ONE (aka iPlanet) Web Server 6 on Windows, when DNS resolution is  ...)
 	NOT-FOR-US: Sun ONE (aka iPlanet) Web Server 6 on Windows
-CVE-2003-1578
+CVE-2003-1578 (Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, ...)
 	NOT-FOR-US: Sun ONE (aka iPlanet) Web Server 6 on Windows
-CVE-2003-1577
+CVE-2003-1577 (Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, ...)
 	NOT-FOR-US: Sun ONE (aka iPlanet) Web Server 6 on Windows
-CVE-2003-1576
+CVE-2003-1576 (Buffer overflow in pamverifier in Change Manager (CM) 1.0 for Sun Mana ...)
 	NOT-FOR-US: Sun Management Center
-CVE-2003-1575
+CVE-2003-1575 (VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patc ...)
 	NOT-FOR-US: VERITAS File System
-CVE-2003-1574
+CVE-2003-1574 (TikiWiki 1.6.1 allows remote attackers to bypass authentication by ent ...)
 	- tikiwiki <removed>
-CVE-2003-1573
+CVE-2003-1573 (The PointBase 4.6 database component in the J2EE 1.4 reference impleme ...)
 	NOT-FOR-US: Historic issues in proprietary Java
-CVE-2003-1572
+CVE-2003-1572 (Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned ap ...)
 	NOT-FOR-US: Historic issues in proprietary Java
-CVE-2003-1571
+CVE-2003-1571 (Web Wiz Guestbook 6.0 stores sensitive information under the web root  ...)
 	NOT-FOR-US: Web Wiz Guestbook
-CVE-2003-1570
+CVE-2003-1570 (The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2 ...)
 	NOT-FOR-US: Tivoli
-CVE-2003-1569
+CVE-2003-1569 (GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote ...)
 	NOT-FOR-US: Windows
-CVE-2003-1568
+CVE-2003-1568 (GoAhead WebServer before 2.1.6 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: GoAhead WebServer
-CVE-2003-1567
+CVE-2003-1567 (The undocumented TRACK method in Microsoft Internet Information Servic ...)
 	NOT-FOR-US: IIS
-CVE-2003-1566
+CVE-2003-1566 (Microsoft Internet Information Services (IIS) 5.0 does not log request ...)
 	NOT-FOR-US: IIS
-CVE-2003-1564
+CVE-2003-1564 (libxml2, possibly before 2.5.0, does not properly detect recursion dur ...)
 	NOT-FOR-US: Old CVE id
-CVE-2003-1563
+CVE-2003-1563 (Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real Applicat ...)
 	NOT-FOR-US: Oracle
-CVE-2003-1562
+CVE-2003-1562 (sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled  ...)
 	- openssh 1:3.8.1p1-8.sarge.4 (low)
-CVE-2003-1561
+CVE-2003-1561 (Opera, probably before 7.50, sends Referer headers containing https:// ...)
 	NOT-FOR-US: ancient issue
-CVE-2003-1560
+CVE-2003-1560 (Netscape 4 sends Referer headers containing https:// URLs in requests  ...)
 	NOT-FOR-US: ancient issue
-CVE-2003-1559
+CVE-2003-1559 (Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions,  ...)
 	NOT-FOR-US: ancient issue
-CVE-2003-1558
+CVE-2003-1558 (Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to cre ...)
 	- fnord 1.7-1 (low)
-CVE-2003-1557
+CVE-2003-1557 (Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, ...)
 	- spamassassin 3.1.7-2
-CVE-2003-1556
+CVE-2003-1556 (Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI Cit ...)
 	NOT-FOR-US: CGI City CC Guestbook
-CVE-2003-1555
+CVE-2003-1555 (ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive  ...)
 	NOT-FOR-US: ScozNet ScozBook
-CVE-2003-1554
+CVE-2003-1554 (Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNe ...)
 	NOT-FOR-US: ScozNet ScozBook
-CVE-2003-1553
+CVE-2003-1553 (Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores se ...)
 	NOT-FOR-US: Haakon Nilsen Simple Internet Publishing System
-CVE-2003-1552
+CVE-2003-1552 (Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 ...)
 	NOT-FOR-US: Uploader
-CVE-2003-1551
+CVE-2003-1551 (Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before R ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2003-1550
+CVE-2003-1550 (XOOPS 2.0, and possibly earlier versions, allows remote attackers to o ...)
 	NOT-FOR-US: XOOPS
-CVE-2003-1549
+CVE-2003-1549 (Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWe ...)
 	NOT-FOR-US: MyABraCaDaWeb
-CVE-2003-1548
+CVE-2003-1548 (MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sens ...)
 	NOT-FOR-US: MyABraCaDaWeb
-CVE-2003-1547
+CVE-2003-1547 (Cross-site scripting (XSS) vulnerability in block-Forums.php in the Sp ...)
 	NOT-FOR-US: Splatt Forum module for PHP-Nuke
-CVE-2003-1546
+CVE-2003-1546 (Cross-site scripting (XSS) vulnerability in gbook.php in Filebased gue ...)
 	NOT-FOR-US: Filebased guestbook
-CVE-2003-1545
+CVE-2003-1545 (Absolute path traversal vulnerability in nukestyles.com viewpage.php a ...)
 	NOT-FOR-US: nukestyles.com addon for PHP-Nuke
-CVE-2003-1544
+CVE-2003-1544 (Unrestricted critical resource lock in Terminal Services for Windows 2 ...)
 	NOT-FOR-US: Windows
-CVE-2003-1543
+CVE-2003-1543 (Cross-site scripting (XSS) vulnerability in Bajie Http Web Server 0.95 ...)
 	NOT-FOR-US: Bajie Http Web Server
-CVE-2003-1542
+CVE-2003-1542 (Directory traversal vulnerability in plugins/file.php in phpWebFileMan ...)
 	NOT-FOR-US: phpWebFileManager
-CVE-2003-1541
+CVE-2003-1541 (PlanetMoon Guestbook tr3.a stores sensitive information under the web  ...)
 	NOT-FOR-US: PlanetMoon Guestbook
-CVE-2003-1540
+CVE-2003-1540 (WF-Chat 1.0 Beta stores sensitive information under the web root with  ...)
 	NOT-FOR-US: WF-Chat
-CVE-2003-1539
+CVE-2003-1539 (Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manag ...)
 	NOT-FOR-US: ONEdotOH Simple File
-CVE-2003-1538
+CVE-2003-1538 (susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Op ...)
 	NOT-FOR-US: predating security tracker
-CVE-2003-1537
+CVE-2003-1537 (Directory traversal vulnerability in PostNuke 0.723 and earlier allows ...)
 	NOT-FOR-US: PostNuke
-CVE-2003-1536
+CVE-2003-1536 (Multiple cross-site scripting (XSS) vulnerabilities in Codeworx Techno ...)
 	NOT-FOR-US: Codeworx Technologies DCP-Portal
-CVE-2003-1535
+CVE-2003-1535 (Justice Guestbook 1.3 allows remote attackers to obtain the full insta ...)
 	NOT-FOR-US: Justice Guestbook
-CVE-2003-1534
+CVE-2003-1534 (Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice Guestb ...)
 	NOT-FOR-US: Justice Guestbook
-CVE-2003-1533
+CVE-2003-1533 (SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows r ...)
 	NOT-FOR-US: PhpPass
-CVE-2003-1532
+CVE-2003-1532 (SQL injection vulnerability in compte.php in PhpMyShop 1.00 allows rem ...)
 	NOT-FOR-US: PhpMyShop
-CVE-2003-1531
+CVE-2003-1531 (Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi Sof ...)
 	NOT-FOR-US: Lilikoi Software Ceilidh
-CVE-2003-1530
+CVE-2003-1530 (SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier  ...)
 	- phpbb2 <not-affected> (Vulnerable versions too old to have been in Debian)
-CVE-2003-1529
+CVE-2003-1529 (Directory traversal vulnerability in Seagull Software Systems J Walk a ...)
 	NOT-FOR-US: Seagull Software Systems J Walk
-CVE-2003-1528
+CVE-2003-1528 (nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to ov ...)
 	NOT-FOR-US: Fujitsu Siemens NetWorker
-CVE-2003-1527
+CVE-2003-1527 (BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configur ...)
 	NOT-FOR-US: not processed, predates tracker
-CVE-2003-1526
+CVE-2003-1526 (PHP-Nuke 7.0 allows remote attackers to obtain the installation path v ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1525
+CVE-2003-1525 (Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlie ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1524
+CVE-2003-1524 (PGPi PGPDisk 6.0.2i does not unmount a PGP partition when the switch u ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1523
+CVE-2003-1523 (SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1522
+CVE-2003-1522 (Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1521
+CVE-2003-1521 (Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repea ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1520
+CVE-2003-1520 (SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1519
+CVE-2003-1519 (Cross-site scripting (XSS) vulnerability in Vivisimo clustering engine ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1518
+CVE-2003-1518 (Adiscon WinSyslog 4.21 SP1 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1517
+CVE-2003-1517 (cart.pl in Dansie shopping cart allows remote attackers to obtain the  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1516
+CVE-2003-1516 (The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug- ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1515
+CVE-2003-1515 (Origo ASR-8100 ADSL Router 3.21 has an administration service running  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1514
+CVE-2003-1514 (eMule 0.29c allows remote attackers to cause a denial of service (cras ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1513
+CVE-2003-1513 (Multiple cross-site scripting (XSS) vulnerabilities in example scripts ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1512
+CVE-2003-1512 (Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1511
+CVE-2003-1511 (Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.9 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1510
+CVE-2003-1510 (TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1509
+CVE-2003-1509 (Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1508
+CVE-2003-1508 (Buffer overflow in mIRC 6.12, when the DCC get dialog window has been  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1507
+CVE-2003-1507 (Planet Technology WGSD-1020 and WSW-2401 Ethernet switches use a defau ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1506
+CVE-2003-1506 (Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1505
+CVE-2003-1505 (Microsoft Internet Explorer 6.0 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1504
+CVE-2003-1504 (SQL injection vulnerability in variables.php in Goldlink 3.0 allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1503
+CVE-2003-1503 (Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1502
+CVE-2003-1502 (mod_throttle 3.0 allows local users with Apache privileges to access s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1501
+CVE-2003-1501 (Directory traversal vulnerability in the file upload CGI of Gast Arbei ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1500
+CVE-2003-1500 (PHP remote file inclusion vulnerability in _functions.php in cpCommerc ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1499
+CVE-2003-1499 (Directory traversal vulnerability in index.php in Bytehoard 0.7 allows ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1498
+CVE-2003-1498 (Cross-site scripting (XSS) vulnerability in search.php for WRENSOFT Zo ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1497
+CVE-2003-1497 (Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1496
+CVE-2003-1496 (Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1495
+CVE-2003-1495 (Unspecified vulnerability in the non-SSL web agent in various HP Manag ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1494
+CVE-2003-1494 (Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6. ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2003-1493
+CVE-2003-1493 (Memory leak in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allo ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2003-1492
+CVE-2003-1492 (Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1491
+CVE-2003-1491 (Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incom ...)
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2003-1490
+CVE-2003-1490 (SonicWall Pro running firmware 6.4.0.1 allows remote attackers to caus ...)
 	NOT-FOR-US: SonicWall Pro
-CVE-2003-1489
+CVE-2003-1489 (upload.php in Truegalerie 1.0 allows remote attackers to read arbitrar ...)
 	NOT-FOR-US: Truegalerie
-CVE-2003-1488
+CVE-2003-1488 (The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie ...)
 	NOT-FOR-US: Truegalerie
-CVE-2003-1487
+CVE-2003-1487 (Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4 ...)
 	NOT-FOR-US: Phorum
-CVE-2003-1486
+CVE-2003-1486 (Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full pa ...)
 	NOT-FOR-US: Phorum
-CVE-2003-1485
+CVE-2003-1485 (Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to by ...)
 	NOT-FOR-US: Clearswift MAILsweeper
-CVE-2003-1484
+CVE-2003-1484 (Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1483
+CVE-2003-1483 (FlashFXP 1.4 uses a weak encryption algorithm for user passwords, whic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1482
+CVE-2003-1482 (The backup configuration file for Microsoft MN-500 wireless base stati ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1481
+CVE-2003-1481 (CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1480
+CVE-2003-1480 (MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1479
+CVE-2003-1479 (Cross-site scripting (XSS) vulnerability in webcamXP 1.02.432 and 1.02 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1478
+CVE-2003-1478 (Konqueror in KDE 3.0.3 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1477
+CVE-2003-1477 (MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1476
+CVE-2003-1476 (Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, w ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1475
+CVE-2003-1475 (Netbus 1.5 through 1.7 allows more than one client to be connected at  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1474
+CVE-2003-1474 (slashem-tty in the FreeBSD Ports Collection is installed with write pe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1473
+CVE-2003-1473 (Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1472
+CVE-2003-1472 (Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1471
+CVE-2003-1471 (MDaemon POP server 6.0.7 and earlier allows remote authenticated users ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1470
+CVE-2003-1470 (Buffer overflow in IMAP service in MDaemon 6.7.5 and earlier allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1469
+CVE-2003-1469 (The default configuration of ColdFusion MX has the "Enable Robust Exce ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1468
+CVE-2003-1468 (The Web_Links module in PHP-Nuke 6.0 through 6.5 final allows remote a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1467
+CVE-2003-1467 (Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php,  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1466
+CVE-2003-1466 (Unspecified vulnerability in Phorum 3.4 through 3.4.2 allows remote at ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1465
+CVE-2003-1465 (Directory traversal vulnerability in download.php in Phorum 3.4 throug ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1464
+CVE-2003-1464 (Buffer overflow in Siemens 45 series mobile phones allows remote attac ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1463
+CVE-2003-1463 (Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1462
+CVE-2003-1462 (mod_survey 3.0.0 through 3.0.15-pre6 does not check whether a survey e ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1461
+CVE-2003-1461 (Buffer overflow in rwrite for HP-UX 11.0 could allow local users to ex ...)
 	NOT-FOR-US: HP-UX
-CVE-2003-1460
+CVE-2003-1460 (Worker Filemanager 1.0 through 2.7 sets the permissions on the destina ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1459
+CVE-2003-1459 (Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and tt ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1458
+CVE-2003-1458 (SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum al ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1457
+CVE-2003-1457 (Auerswald COMsuite CTI ControlCenter 3.1 creates a default "runasositr ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1456
+CVE-2003-1456 (Album.pl 6.1 allows remote attackers to execute arbitrary commands, wh ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1455
+CVE-2003-1455 (Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1454
+CVE-2003-1454 (Invision Power Services Invision Board 1.0 through 1.1.1, when a forum ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1453
+CVE-2003-1453 (Cross-site scripting (XSS) vulnerability in the MytextSanitizer functi ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1452
+CVE-2003-1452 (Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4. ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1451
+CVE-2003-1451 (Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attack ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1450
+CVE-2003-1450 (BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to ca ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1449
+CVE-2003-1449 (Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the en ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1448
+CVE-2003-1448 (Memory leak in the Windows 2000 kernel allows remote attackers to caus ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1447
+CVE-2003-1447 (IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption alg ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1446
+CVE-2003-1446 (Buffer overflow in the save_into_file function in save.c for Rogue 5.2 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1445
+CVE-2003-1445 (Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1444
+CVE-2003-1444 (Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1443
+CVE-2003-1443 (Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files wit ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1442
+CVE-2003-1442 (The web administration page for the Ericsson HM220dp ADSL modem does n ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1441
+CVE-2003-1441 (Posadis 0.50.4 through 0.50.8 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1440
+CVE-2003-1440 (SpamProbe 0.8a allows remote attackers to cause a denial of service (c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1439
+CVE-2003-1439 (Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores pass ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1438
+CVE-2003-1438 (Race condition in BEA WebLogic Server and Express 5.1 through 7.0.0.1, ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1437
+CVE-2003-1437 (BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passw ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1436
+CVE-2003-1436 (PHP remote file inclusion vulnerability in nukebrowser.php in Nukebrow ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1435
+CVE-2003-1435 (SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1434
+CVE-2003-1434 (login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthentic ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1433
+CVE-2003-1433 (Epic Games Unreal Engine 226f through 436 does not validate the challe ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1432
+CVE-2003-1432 (Epic Games Unreal Engine 226f through 436 allows remote attackers to c ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1431
+CVE-2003-1431 (Buffer overflow in Epic Games Unreal Engine 226f through 436 allows re ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1430
+CVE-2003-1430 (Directory traversal vulnerability in Unreal Tournament Server 436 and  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1429
+CVE-2003-1429 (Buffer overflow in Proxomitron Naoko 4.4 allows remote attackers to ex ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1428
+CVE-2003-1428 (Gallery 1.3.3 creates directories with insecure permissions, which all ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1427
+CVE-2003-1427 (Directory traversal vulnerability in the web configuration interface i ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1426
+CVE-2003-1426 (Openwebmail in cPanel 5.0, when run using suid Perl, adds the director ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1425
+CVE-2003-1425 (guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1424
+CVE-2003-1424 (message.php in Petitforum does not properly authenticate users, which  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1423
+CVE-2003-1423 (Petitforum stores the liste.txt data file under the web document root  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1422
+CVE-2003-1422 (Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.0 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1421
+CVE-2003-1421 (Unspecified vulnerability in mod_mysql_logger shared object in SuckBot ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1420
+CVE-2003-1420 (Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1419
+CVE-2003-1419 (Netscape 7.0 allows remote attackers to cause a denial of service (cra ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1418
+CVE-2003-1418 (Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote atta ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1417
+CVE-2003-1417 (nCipher Support Software 6.00, when using generatekey KeySafe to impor ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1416
+CVE-2003-1416 (BisonFTP Server 4 release 2 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1415
+CVE-2003-1415 (NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1414
+CVE-2003-1414 (Directory traversal vulnerability in parse_xml.cg Apple Darwin Streami ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1413
+CVE-2003-1413 (parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote att ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1412
+CVE-2003-1412 (PHP remote file inclusion vulnerability in index.php for GONiCUS Syste ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1411
+CVE-2003-1411 (PHP remote file inclusion vulnerability in emailreader_execute_on_each ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1410
+CVE-2003-1410 (PHP remote file inclusion vulnerability in email.php (aka email.php3)  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1409
+CVE-2003-1409 (TOPo 1.43 allows remote attackers to obtain sensitive information by s ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1408
+CVE-2003-1408 (Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the so ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1407
+CVE-2003-1407 (Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1406
+CVE-2003-1406 (PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 a ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1405
+CVE-2003-1405 (DotBr 0.1 allows remote attackers to execute arbitrary shell commands  ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1404
+CVE-2003-1404 (DotBr 0.1 stores config.inc with insufficient access control under the ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1403
+CVE-2003-1403 (foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive info ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1402
+CVE-2003-1402 (PHP remote file inclusion vulnerability in hit.php for Kietu 2.0 and 2 ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1401
+CVE-2003-1401 (login.php in php-Board 1.0 stores plaintext passwords in $username.txt ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
-CVE-2003-1400
+CVE-2003-1400 (Cross-site scripting (XSS) vulnerability in the Your_Account module fo ...)
 	NOT-FOR-US: PhpNuke
-CVE-2003-1399
+CVE-2003-1399 (eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, ...)
 	- eject 2.0.13-1
-CVE-2003-1398
+CVE-2003-1398 (Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts fals ...)
 	NOT-FOR-US: Cisco
-CVE-2003-1397
+CVE-2003-1397 (The PluginContext object of Opera 6.05 and 7.0 allows remote attackers ...)
 	NOT-FOR-US: Opera
-CVE-2003-1396
+CVE-2003-1396 (Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote at ...)
 	NOT-FOR-US: Opera
-CVE-2003-1395
+CVE-2003-1395 (Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to  ...)
 	NOT-FOR-US: KaZaA Media Desktop
-CVE-2003-1394
+CVE-2003-1394 (CoffeeCup Software Password Wizard 4.0 stores sensitive information su ...)
 	NOT-FOR-US: CoffeeCup Software Password Wizard
-CVE-2003-1393
+CVE-2003-1393 (Buffer overflow in Gupta SQLBase 8.1.0 allows remote attackers to caus ...)
 	NOT-FOR-US: Gupta SQLBase
-CVE-2003-1392
+CVE-2003-1392 (CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to e ...)
 	NOT-FOR-US: CryptoBuddy
-CVE-2003-1391
+CVE-2003-1391 (RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the p ...)
 	NOT-FOR-US: CryptoBuddy
-CVE-2003-1390
+CVE-2003-1390 (RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a 55-byt ...)
 	NOT-FOR-US: CryptoBuddy
-CVE-2003-1389
+CVE-2003-1389 (RTS CryptoBuddy 1.2 and earlier truncates long passphrases without war ...)
 	NOT-FOR-US: CryptoBuddy
-CVE-2003-1388
+CVE-2003-1388 (Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to cr ...)
 	NOT-FOR-US: Opera
-CVE-2003-1387
+CVE-2003-1387 (Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, a ...)
 	NOT-FOR-US: Opera
-CVE-2003-1386
+CVE-2003-1386 (AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to ob ...)
 	NOT-FOR-US: AXIS 2400 Video Server
-CVE-2003-1385
+CVE-2003-1385 (ipchat.php in Invision Power Board 1.1.1 allows remote attackers to ex ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2003-1384
+CVE-2003-1384 (Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1 ...)
 	NOT-FOR-US: PY-Livredor
-CVE-2003-1383
+CVE-2003-1383 (WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive  ...)
 	NOT-FOR-US: WEB-ERP
-CVE-2003-1382
+CVE-2003-1382 (Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to  ...)
 	NOT-FOR-US: ISMail
-CVE-2003-1381
+CVE-2003-1381 (Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Val ...)
 	NOT-FOR-US: AMX Half-Life Server
-CVE-2003-1380
+CVE-2003-1380 (Directory traversal vulnerability in BisonFTP Server 4 release 2 allow ...)
 	NOT-FOR-US: BisonFTP Server
-CVE-2003-1379
+CVE-2003-1379 (clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obt ...)
 	NOT-FOR-US: clarkconnectd
-CVE-2003-1378
+CVE-2003-1378 (Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone ...)
 	NOT-FOR-US: Microsoft Outlook
-CVE-2003-1377
+CVE-2003-1377 (Buffer overflow in the reverse DNS lookup of Smart IRC Daemon (SIRCD)  ...)
 	NOT-FOR-US: Smart IRC Daemon
-CVE-2003-1376
+CVE-2003-1376 (WinZip 8.0 uses weak random number generation for password protected Z ...)
 	NOT-FOR-US: WinZip 8.0
-CVE-2003-1375
+CVE-2003-1375 (Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local  ...)
 	NOT-FOR-US: HP-UX 10.20
-CVE-2003-1374
+CVE-2003-1374 (Buffer overflow in disable of HP-UX 11.0 may allow local users to exec ...)
 	NOT-FOR-US: HP-UX 11.0
-CVE-2003-1373
+CVE-2003-1373 (Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through  ...)
 	- phpbb2 <not-affected> (phpbb was the vulnerable one)
-CVE-2003-1372
+CVE-2003-1372 (Cross-site scripting (XSS) vulnerability in links.php script in myPHPN ...)
 	NOT-FOR-US: myPHPNuke
-CVE-2003-1371
+CVE-2003-1371 (Nuked-Klan 1.3b, and possibly earlier versions, allows remote attacker ...)
 	NOT-FOR-US: Nuked-Klan
-CVE-2003-1370
+CVE-2003-1370 (Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b ...)
 	NOT-FOR-US: Nuked-Klan
-CVE-2003-1369
+CVE-2003-1369 (Buffer overflow in ByteCatcher FTP client 1.04b allows remote attacker ...)
 	NOT-FOR-US: ByteCatcher FTP client
-CVE-2003-1368
+CVE-2003-1368 (Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers ...)
 	NOT-FOR-US: 32bit FTP client
-CVE-2003-1367
+CVE-2003-1367 (The which_access variable for Majordomo 2.0 through 1.94.4, and possib ...)
 	NOT-FOR-US: Majordomo
-CVE-2003-1366
+CVE-2003-1366 (chpass in OpenBSD 2.0 through 3.2 allows local users to read portions  ...)
 	NOT-FOR-US: OpenBSD 2.0
-CVE-2003-1365
+CVE-2003-1365 (The escape_dangerous_chars function in CGI::Lite 2.0 and earlier does  ...)
 	NOT-FOR-US: CGI::Lite 2.0
-CVE-2003-1364
+CVE-2003-1364 (Aprelium Technologies Abyss Web Server 1.1.2, and possibly other versi ...)
 	NOT-FOR-US: Abyss Web Server
-CVE-2003-1363
+CVE-2003-1363 (The remote web management interface of Aprelium Technologies Abyss Web ...)
 	NOT-FOR-US: Abyss Web Server
-CVE-2003-1362
+CVE-2003-1362 (Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configu ...)
 	NOT-FOR-US: HP-UX
-CVE-2003-1361
+CVE-2003-1361 (Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli St ...)
 	NOT-FOR-US: HP-UX
-CVE-2003-1360
+CVE-2003-1360 (Buffer overflow in the setupterm function of (1) lanadmin and (2) land ...)
 	NOT-FOR-US: HP-UX
-CVE-2003-1359
+CVE-2003-1359 (Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows ...)
 	NOT-FOR-US: HP-UX
-CVE-2003-1358
+CVE-2003-1358 (rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variabl ...)
 	NOT-FOR-US: HP-UX
-CVE-2003-1357
+CVE-2003-1357 (ProxyView has a default administrator password of Administrator for Em ...)
 	NOT-FOR-US: ProxyView
-CVE-2003-1356
+CVE-2003-1356 (The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 th ...)
 	NOT-FOR-US: HP-UX
-CVE-2003-1355
+CVE-2003-1355 (Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 a ...)
 	NOT-FOR-US: Battlefield
-CVE-2003-1354
+CVE-2003-1354 (Multiple GameSpy 3D 2.62 compatible gaming servers generate very large ...)
 	NOT-FOR-US: Battlefield
-CVE-2003-1353
+CVE-2003-1353 (Multiple cross-site scripting (XSS) vulnerabilities in Outreach Projec ...)
 	NOT-FOR-US: Outreach
-CVE-2003-1352
+CVE-2003-1352 (Gabber 0.8.7 sends an email to a specific address during user login an ...)
 	- gabber 0.8.8-1
 	- gabber2 <not-affected> (No code to send data to update@jabber.org)
-CVE-2003-1351
+CVE-2003-1351 (Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows ...)
 	NOT-FOR-US: EditTag
-CVE-2003-1350
+CVE-2003-1350 (List Site Pro 2.0 allows remote attackers to hijack user accounts by i ...)
 	NOT-FOR-US: List Site Pro 2.0
-CVE-2003-1349
+CVE-2003-1349 (Directory traversal vulnerability in NITE ftp-server (NiteServer) 1.83 ...)
 	NOT-FOR-US: NITE ftp-server
-CVE-2003-1348
+CVE-2003-1348 (Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org  ...)
 	NOT-FOR-US: Guestbook
-CVE-2003-1347
+CVE-2003-1347 (Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 a ...)
 	NOT-FOR-US: Geeklog
-CVE-2003-1346
+CVE-2003-1346 (D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allo ...)
 	NOT-FOR-US: DWL-900AP
-CVE-2003-1345
+CVE-2003-1345 (Directory traversal vulnerability in s.dll in WebCollection Plus 5.00  ...)
 	NOT-FOR-US: WebCollection
-CVE-2003-1344
+CVE-2003-1344 (Trend Micro Virus Control System (TVCS) Log Collector allows remote at ...)
 	NOT-FOR-US: Trend Micro Virus Control System
-CVE-2003-1343
+CVE-2003-1343 (Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 mi ...)
 	NOT-FOR-US: Trend Micro ScanMail for Exchange
-CVE-2003-1342
+CVE-2003-1342 (Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows re ...)
 	NOT-FOR-US: Trend Micro Virus Control System
-CVE-2003-1341
+CVE-2003-1341 (The default installation of Trend Micro OfficeScan 3.0 through 3.54 an ...)
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2003-1340
+CVE-2003-1340 (Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 ...)
 	NOT-FOR-US: Php-Nuke
-CVE-2003-1339
+CVE-2003-1339 (Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotosha ...)
 	NOT-FOR-US: eZnet
-CVE-2003-1338
+CVE-2003-1338 (CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and ea ...)
 	NOT-FOR-US: Abyss Web Server
-CVE-2003-1337
+CVE-2003-1337 (Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earl ...)
 	NOT-FOR-US: Abyss Web Server
-CVE-2003-1336
+CVE-2003-1336 (Buffer overflow in mIRC before 6.11 allows remote attackers to execute ...)
 	NOT-FOR-US: mIRC
-CVE-2003-1335
+CVE-2003-1335 (Directory traversal vulnerability in Kai Blankenhorn Bitfolge simple a ...)
 	NOT-FOR-US: snif
-CVE-2003-1334
+CVE-2003-1334 (Cross-site scripting (XSS) vulnerability in Kai Blankenhorn Bitfolge s ...)
 	NOT-FOR-US: snif
-CVE-2003-1333
+CVE-2003-1333 (Unspecified vulnerability in the Cache' Server Page (CSP) implementati ...)
 	NOT-FOR-US: InterSystems Cache
-CVE-2003-1332
+CVE-2003-1332 (Stack-based buffer overflow in the reply_nttrans function in Samba 2.2 ...)
 	- samba <not-affected> (Vulnerable version not in any suite)
-CVE-2003-1331
+CVE-2003-1331 (Stack-based buffer overflow in the mysql_real_connect function in the  ...)
 	- mysql-dfsg-5.0 <not-affected> (Newer versions in all suites apart oldstable)
 	NOTE: oldstable is affected, everything else uses libmysqlclient15
-CVE-2003-1330
+CVE-2003-1330 (Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on  ...)
 	NOT-FOR-US: MAILsweeper
-CVE-2003-1329
+CVE-2003-1329 (ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only  ...)
 	- wu-ftpd 2.6.2-4
-CVE-2003-1327
+CVE-2003-1327 (Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlie ...)
 	- wu-ftpd 2.6.2-26 (unimportant; bug #425162)
 	NOTE: Linux' limit is 4096 chars
-CVE-2003-1325
+CVE-2003-1325 (The SV_CheckForDuplicateNames function in Valve Software Half-Life CST ...)
 	NOT-FOR-US: Half-Life
-CVE-2003-1324
+CVE-2003-1324 (Race condition in the can_open function in Elm ME+ 2.4, when installed ...)
 	NOT-FOR-US: Elm, removed in 2002
-CVE-2003-1323
+CVE-2003-1323 (Elm ME+ 2.4 before PL109S, when installed setgid mail and the operatin ...)
 	NOT-FOR-US: Elm, removed in 2002
-CVE-2003-1322
+CVE-2003-1322 (Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR ...)
 	NOT-FOR-US: MERCUR IMAPD
-CVE-2003-1321
+CVE-2003-1321 (Buffer overflow in Avant Browser 8.02 allows remote attackers to cause ...)
 	NOT-FOR-US: Avant Browser
-CVE-2003-1320
+CVE-2003-1320 (SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a d ...)
 	NOT-FOR-US: SonicWALL
-CVE-2003-1319
+CVE-2003-1319 (Multiple buffer overflows in SmartFTP 1.0.973, and other versions befo ...)
 	NOT-FOR-US: SmartFTP
-CVE-2003-1318
+CVE-2003-1318 (Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Twilight Webserver
-CVE-2003-1317
+CVE-2003-1317 (Cross-site scripting (XSS) vulnerability in mod.php in eNdonesia 8.2 a ...)
 	NOT-FOR-US: eNdonesia CMS
-CVE-2003-1316
+CVE-2003-1316 (mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: eNdonesia CMS
-CVE-2003-1315
+CVE-2003-1315 (SQL injection vulnerability in auth.php in Land Down Under (LDU) v601  ...)
 	NOT-FOR-US: Land Down Under (LDU)
-CVE-2003-1314
+CVE-2003-1314 (PHP remote file inclusion vulnerability in admin/auth.php in EternalMa ...)
 	NOT-FOR-US: EternalMart Guestbook (EMGB)
-CVE-2003-1313
+CVE-2003-1313 (Multiple PHP remote file inclusion vulnerabilities in EternalMart Mail ...)
 	NOT-FOR-US: EternalMart Mailing List Manager (EMLM)
-CVE-2003-1312
+CVE-2003-1312 (siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a sess ...)
 	NOT-FOR-US: Netegrity SiteMinder
-CVE-2003-1311
+CVE-2003-1311 (siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensu ...)
 	NOT-FOR-US: Netegrity SiteMinder
-CVE-2003-1310
+CVE-2003-1310 (The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) i ...)
 	NOT-FOR-US: Norton
-CVE-2003-1309
+CVE-2003-1309 (The DeviceIoControl function in the TrueVector Device Driver (VSDATANT ...)
 	NOT-FOR-US: ZoneAlarm
-CVE-2003-1308
+CVE-2003-1308 (CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x bef ...)
 	- fvwm 2.5.10-1
 CVE-2003-1307
 	NOTE: More of an apache flaw than a php flaw. And just one more reason
@@ -609,790 +609,790 @@ CVE-2003-1307
 	NOTE: program, you can do $BADSTUFF anyway.
 	- apache <unfixed> (unimportant)
 	- apache2 <unfixed> (unimportant)
-CVE-2003-1306
+CVE-2003-1306 (Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, all ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-1305
+CVE-2003-1305 (Microsoft Internet Explorer allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-1304
+CVE-2003-1304 (EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under ...)
 	NOT-FOR-US: EarlyImpact ProductCart
-CVE-2003-1303
+CVE-2003-1303 (Buffer overflow in the imap_fetch_overview function in the IMAP functi ...)
 	NOT-FOR-US: Microsoft Internet Explore
-CVE-2003-1302
+CVE-2003-1302 (The IMAP functionality in PHP before 4.3.1 allows remote attackers to  ...)
 	- php4 4:4.3.2+rc3-1
-CVE-2003-1301
+CVE-2003-1301 (Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x befor ...)
 	- sun-java5 1.5.0-06-1 (low; bug #384734)
-CVE-2003-1300
+CVE-2003-1300 (Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May  ...)
 	NOT-FOR-US: Baby FTP Server
-CVE-2003-1299
+CVE-2003-1299 (Directory traversal vulnerability in Baby FTP Server 1.2, and possibly ...)
 	NOT-FOR-US: Baby FTP Server
-CVE-2003-1298
+CVE-2003-1298 (Multiple directory traversal vulnerabilities in siteman.php3 in AnyPor ...)
 	NOT-FOR-US: Veritas Backup
-CVE-2003-1297
+CVE-2003-1297 (Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka  ...)
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2003-1296
+CVE-2003-1296 (Easy File Sharing (EFS) Web Server 1.2 allows remote authenticated use ...)
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2003-1295
+CVE-2003-1295 (Unspecified vulnerability in xscreensaver 4.12, and possibly other ver ...)
 	- xscreensaver 4.21-1
 	NOTE: Might be fixed earlier, but I've verified that the SuSE patch is included
 	NOTE: in the Sarge version --jmm
-CVE-2003-1294
+CVE-2003-1294 (Xscreensaver before 4.15 creates temporary files insecurely in (1) dri ...)
 	- xscreensaver 4.15-1
-CVE-2003-1293
+CVE-2003-1293 (Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestB ...)
 	NOT-FOR-US: NukedWeb
-CVE-2003-1292
+CVE-2003-1292 (PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 al ...)
 	NOT-FOR-US: Derek Ashauer ashNews
-CVE-2003-1291
+CVE-2003-1291 (VMware ESX Server 1.5.2 before Patch 4 allows local users to execute a ...)
 	NOT-FOR-US: VMware
-CVE-2003-1290
+CVE-2003-1290 (BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI a ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2003-1289
+CVE-2003-1289 (The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5. ...)
 	NOT-FOR-US: NetBSD
-CVE-2003-1288
+CVE-2003-1288 (Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.2 ...)
 	- kernel-patch-ctx 1:1.29-1
 CVE-2003-XXXX [Insecure tempfile in x-face-el]
 	- x-face-el 1.3.6.23-1
 	NOTE: DSA-340
-CVE-2003-1287
+CVE-2003-1287 (Sambar Server before 6.0 beta 3 allows attackers with physical access  ...)
 	NOT-FOR-US: Sambar
-CVE-2003-1286
+CVE-2003-1286 (HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks ...)
 	NOT-FOR-US: Sambar
-CVE-2003-1285
+CVE-2003-1285 (Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server b ...)
 	NOT-FOR-US: Sambar
-CVE-2003-1284
+CVE-2003-1284 (Sambar Server before 6.0 beta 6 allows remote attackers to obtain sens ...)
 	NOT-FOR-US: Sambar
-CVE-2003-1283
+CVE-2003-1283 (KaZaA Media Desktop (KMD) 2.0 launches advertisements in the Internet  ...)
 	NOT-FOR-US: Kazaa
-CVE-2003-1282
+CVE-2003-1282 (IBM Net.Data allows remote attackers to obtain sensitive information s ...)
 	NOT-FOR-US: IBM Net.Data
-CVE-2003-1281
+CVE-2003-1281 (cgihtml 1.69 allows local users to overwrite arbitrary files via a sym ...)
 	NOT-FOR-US: cgihtml
-CVE-2003-1280
+CVE-2003-1280 (Directory traversal vulnerability in cgihtml 1.69 allows remote attack ...)
 	NOT-FOR-US: cgihtml
-CVE-2003-1279
+CVE-2003-1279 (S-PLUS 6.0 allows local users to overwrite arbitrary files and possibl ...)
 	NOT-FOR-US: S-PLUS
-CVE-2003-1278
+CVE-2003-1278 (Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows rem ...)
 	NOT-FOR-US: OpenTopic
-CVE-2003-1277
+CVE-2003-1277 (Cross-site scripting (XSS) vulnerabilities in Yet Another Bulletin Boa ...)
 	NOT-FOR-US: YaBB
-CVE-2003-1276
+CVE-2003-1276 (Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's  ...)
 	NOT-FOR-US: NetTelephone
-CVE-2003-1275
+CVE-2003-1275 (Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Pocket Internet Explorer
-CVE-2003-1274
+CVE-2003-1274 (Winamp 3.0 allows remote attackers to cause a denial of service (crash ...)
 	NOT-FOR-US: Winamp
-CVE-2003-1273
+CVE-2003-1273 (Winamp 3.0 allows remote attackers to cause a denial of service (crash ...)
 	NOT-FOR-US: Winamp
-CVE-2003-1272
+CVE-2003-1272 (Multiple buffer overflows in Winamp 3.0 allow remote attackers to caus ...)
 	NOT-FOR-US: Winamp
-CVE-2003-1271
+CVE-2003-1271 (Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows remot ...)
 	NOT-FOR-US: AN HTTP
-CVE-2003-1270
+CVE-2003-1270 (AN HTTP 1.41e allows remote attackers to cause a denial of service (bo ...)
 	NOT-FOR-US: AN HTTP
-CVE-2003-1269
+CVE-2003-1269 (AN HTTP 1.41e allows remote attackers to obtain the root web server pa ...)
 	NOT-FOR-US: AN HTTP
-CVE-2003-1268
+CVE-2003-1268 (Multiple SQL injection vulnerabilities in (1) addcustomer.asp, (2) add ...)
 	NOT-FOR-US: a.shopKart
-CVE-2003-1267
+CVE-2003-1267 (GuildFTPd 0.999 allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: GuildFTPd
-CVE-2003-1266
+CVE-2003-1266 (The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92  ...)
 	NOT-FOR-US: EServer
-CVE-2003-1265
+CVE-2003-1265 (Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the ...)
 	NOT-FOR-US: Ancient Mozilla issue
-CVE-2003-1264
+CVE-2003-1264 (TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, an ...)
 	NOT-FOR-US: Longshine hardware
-CVE-2003-1263
+CVE-2003-1263 (ICAL.EXE in iCal 3.7 allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: iCal
-CVE-2003-1262
+CVE-2003-1262 (Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and 1 ...)
 	- libhttpfetcher 1.1.0-1
-CVE-2003-1261
+CVE-2003-1261 (Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a ...)
 	NOT-FOR-US: CuteFTP
-CVE-2003-1260
+CVE-2003-1260 (Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: CuteFTP
-CVE-2003-1259
+CVE-2003-1259 (Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to caus ...)
 	NOT-FOR-US: CuteFTP
-CVE-2003-1258
+CVE-2003-1258 (activate.php in versatileBulletinBoard (vBB) 0.9.5 and 0.9.6 allows re ...)
 	NOT-FOR-US: versatileBulletinBoard
-CVE-2003-1257
+CVE-2003-1257 (find_theni_home.php in E-theni allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: E-theni
-CVE-2003-1256
+CVE-2003-1256 (aff_liste_langue.php in E-theni allows remote attackers to execute arb ...)
 	NOT-FOR-US: E-theni
-CVE-2003-1255
+CVE-2003-1255 (add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote at ...)
 	NOT-FOR-US: Active PHP Bookmarks
-CVE-2003-1254
+CVE-2003-1254 (Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute a ...)
 	NOT-FOR-US: Active PHP Bookmarks
-CVE-2003-1253
+CVE-2003-1253 (PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows rem ...)
 	NOT-FOR-US: Bookmark4U
-CVE-2003-1252
+CVE-2003-1252 (register.php in S8Forum 3.0 allows remote attackers to execute arbitra ...)
 	NOT-FOR-US: S8Forum
-CVE-2003-1251
+CVE-2003-1251 (The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php ...)
 	NOT-FOR-US: N/X 2000
-CVE-2003-1250
+CVE-2003-1250 (Efficient Networks 5861 DSL router, when running firmware 5.3.80 confi ...)
 	NOT-FOR-US: Efficient Networks hardware issue
-CVE-2003-1249
+CVE-2003-1249 (WebIntelligence 2.7.1 uses guessable user session cookies, which allow ...)
 	NOT-FOR-US: WebIntelligence
-CVE-2003-1248
+CVE-2003-1248 (H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary com ...)
 	NOT-FOR-US: WebShell
-CVE-2003-1247
+CVE-2003-1247 (Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attack ...)
 	NOT-FOR-US: WebShell
-CVE-2003-1246
+CVE-2003-1246 (NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver ...)
 	NOT-FOR-US: Integrity Protection Driver
-CVE-2003-1245
+CVE-2003-1245 (index2.php in Mambo 4.0.12 allows remote attackers to gain administrat ...)
 	NOT-FOR-US: Mambo
-CVE-2003-1244
+CVE-2003-1244 (SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and ...)
 	- phpbb2 <not-affected> (Fixed before upload into archive; 2.0.3)
-CVE-2003-1243
+CVE-2003-1243 (Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote  ...)
 	NOT-FOR-US: Sage
-CVE-2003-1242
+CVE-2003-1242 (Sage 1.0 b3 allows remote attackers to obtain the root web server path ...)
 	NOT-FOR-US: Sage
-CVE-2003-1241
+CVE-2003-1241 (Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) a ...)
 	NOT-FOR-US: MyGuestbook
-CVE-2003-1240
+CVE-2003-1240 (PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote ...)
 	NOT-FOR-US: CuteNews
-CVE-2003-1239
+CVE-2003-1239 (Directory traversal vulnerability in sendphoto.php in WihPhoto 0.86 al ...)
 	NOT-FOR-US: WihPhoto
-CVE-2003-1238
+CVE-2003-1238 (Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and ea ...)
 	NOT-FOR-US: Nuked-Klan
-CVE-2003-1237
+CVE-2003-1237 (Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and earli ...)
 	NOT-FOR-US: WWWBoard
-CVE-2003-1236
+CVE-2003-1236 (Multiple format string vulnerabilities in the logger function in netzi ...)
 	NOT-FOR-US: Tanne
-CVE-2003-1235
+CVE-2003-1235 (BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server  ...)
 	NOT-FOR-US: BRW WebWeaver
-CVE-2003-1234
+CVE-2003-1234 (Integer overflow in the f_count counter in FreeBSD before 4.2 through  ...)
 	NOT-FOR-US: Old FreeBSD bug, should be fixed wrt the KFreeBSD port
-CVE-2003-1233
+CVE-2003-1233 (Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier al ...)
 	NOT-FOR-US: Integrity Protection Driver
 CVE-2003-XXXX [fuzz: Insecure temp file usage]
 	- fuzz 0.6-7.1 (bug #183047)
 CVE-2003-XXXX [Insecure temp files in lilo]
 	- lilo 1:22.4-1 (bug #173238; bug #292073; low)
-CVE-2003-1232
+CVE-2003-1232 (Emacs 21.2.1 does not prompt or warn the user before executing Lisp co ...)
 	- emacs21 21.3-1 (bug #286183; medium)
-CVE-2003-1231
+CVE-2003-1231 (Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 5.5  ...)
 	NOT-FOR-US: ECW-Shop
-CVE-2003-1230
+CVE-2003-1230 (The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through  ...)
 	NOT-FOR-US: (FreeBSD)
 	NOTE: old freebsd, before it was introduced in Debian
-CVE-2003-1229
+CVE-2003-1229 (X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and ...)
 	NOT-FOR-US: Sun JSSE and JRE
-CVE-2003-1228
+CVE-2003-1228 (Buffer overflow in the prepare_reply function in request.c for Mathopd ...)
 	- mathopd 1.5b14
-CVE-2003-1227
+CVE-2003-1227 (PHP remote file include vulnerability in index.php for Gallery 1.4 and ...)
 	- gallery 1.4.1
-CVE-2003-1226
+CVE-2003-1226 (BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets ...)
 	NOT-FOR-US: BEA
-CVE-2003-1225
+CVE-2003-1225 (The default CredentialMapper for BEA WebLogic Server and Express 7.0 a ...)
 	NOT-FOR-US: BEA
-CVE-2003-1224
+CVE-2003-1224 (Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 dis ...)
 	NOT-FOR-US: BEA
-CVE-2003-1223
+CVE-2003-1223 (The Node Manager for BEA WebLogic Express and Server 6.1 through 8.1 S ...)
 	NOT-FOR-US: BEA
-CVE-2003-1222
+CVE-2003-1222 (BEA Weblogic Express and Server 8.0 through 8.1 SP 1, when using a for ...)
 	NOT-FOR-US: BEA
-CVE-2003-1221
+CVE-2003-1221 (BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under certain ci ...)
 	NOT-FOR-US: BEA
-CVE-2003-1220
+CVE-2003-1220 (BEA WebLogic Server proxy plugin for BEA Weblogic Express and Server 6 ...)
 	NOT-FOR-US: BEA
-CVE-2003-1219
+CVE-2003-1219 (Cross-site scripting (XSS) vulnerability in the tep_href_link function ...)
 	NOT-FOR-US: osCommerce
 CVE-2003-1218
 	REJECTED
 CVE-2003-1217
 	REJECTED
-CVE-2003-1216
+CVE-2003-1216 (SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier  ...)
 	- phpbb2 2.0.8a-1
-CVE-2003-1215
+CVE-2003-1215 (SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier ...)
 	- phpbb2 2.0.8a-1
-CVE-2003-1214
+CVE-2003-1214 (Unknown vulnerability in the server login for VisualShapers ezContents ...)
 	NOT-FOR-US: VisualShapers
-CVE-2003-1213
+CVE-2003-1213 (The default installation of MaxWebPortal 1.30 stores the portal databa ...)
 	NOT-FOR-US: MaxWebPortal
-CVE-2003-1212
+CVE-2003-1212 (MaxWebPortal 1.30 allows remote attackers to perform unauthorized acti ...)
 	NOT-FOR-US: MaxWebPortal
-CVE-2003-1211
+CVE-2003-1211 (Cross-site scripting (XSS) vulnerability in search.asp for MaxWebPorta ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2003-1210
+CVE-2003-1210 (Multiple SQL injection vulnerabilities in the Downloads module for PHP ...)
 	NOT-FOR-US: MaxWebPortal
-CVE-2003-1209
+CVE-2003-1209 (The Post_Method function in Monkey HTTP Daemon before 0.6.2 allows rem ...)
 	NOT-FOR-US: Monkey
-CVE-2003-1208
+CVE-2003-1208 (Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local us ...)
 	NOT-FOR-US: Oracle
-CVE-2003-1207
+CVE-2003-1207 (Crob FTP Server 3.5.1 allows remote authenticated users to cause a den ...)
 	NOT-FOR-US: Crob
-CVE-2003-1206
+CVE-2003-1206 (Format string vulnerability in Crob FTP Server 2.60.1 allows remote at ...)
 	NOT-FOR-US: Crob
-CVE-2003-1205
+CVE-2003-1205 (Crob FTP Server 2.60.1 allows remote authenticated users to cause a de ...)
 	NOT-FOR-US: Crob
-CVE-2003-1204
+CVE-2003-1204 (Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Serv ...)
 	NOT-FOR-US: Mambo
-CVE-2003-1203
+CVE-2003-1203 (Cross-site scripting (XSS) vulnerability in index.php for Mambo Site S ...)
 	NOT-FOR-US: Mambo
-CVE-2003-1197
+CVE-2003-1197 (Cross-site scripting (XSS) vulnerability in index.php for Ledscripts.c ...)
 	NOT-FOR-US: LedForums
-CVE-2003-1168
+CVE-2003-1168 (HTTP Commander 4.0 allows remote attackers to obtain sensitive informa ...)
 	NOT-FOR-US: HTTP Commander
-CVE-2003-1202
+CVE-2003-1202 (The checklogin function in omail.pl for omail webmail 0.98.4 and earli ...)
 	NOT-FOR-US: omail webmail
-CVE-2003-1201
+CVE-2003-1201 (ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDA ...)
 	- openldap2 2.1.17-1
-CVE-2003-1200
+CVE-2003-1200 (Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 thr ...)
 	NOT-FOR-US: MDaemon
-CVE-2003-1199
+CVE-2003-1199 (Cross-site scripting (XSS) vulnerability in MyProxy 20030629 allows re ...)
 	NOT-FOR-US: MyProxy
-CVE-2003-1198
+CVE-2003-1198 (connection.c in Cherokee web server before 0.4.6 allows remote attacke ...)
 	- cherokee 0.4.21b01-1
-CVE-2003-1196
+CVE-2003-1196 (SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows re ...)
 	NOT-FOR-US: VieBoard
-CVE-2003-1195
+CVE-2003-1195 (SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 al ...)
 	NOT-FOR-US: VieBoard
-CVE-2003-1194
+CVE-2003-1194 (Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 all ...)
 	NOT-FOR-US: Booby
-CVE-2003-1193
+CVE-2003-1193 (Multiple SQL injection vulnerabilities in the Portal DB (1) List of Va ...)
 	NOT-FOR-US: Portal DB
-CVE-2003-1192
+CVE-2003-1192 (Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote a ...)
 	NOT-FOR-US: IA WebMail Server
-CVE-2003-1191
+CVE-2003-1191 (chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a ...)
 	NOT-FOR-US: e107
-CVE-2003-1190
+CVE-2003-1190 (Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through ...)
 	NOT-FOR-US: PHPRecipeBook
-CVE-2003-1189
+CVE-2003-1189 (Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, al ...)
 	NOT-FOR-US: Nokia IPSO
-CVE-2003-1188
+CVE-2003-1188 (Unichat allows remote attackers to cause a denial of service (crash) b ...)
 	NOT-FOR-US: Unichat
-CVE-2003-1187
+CVE-2003-1187 (Cross-site scripting (XSS) vulnerability in include.php in PHPKIT 1.6. ...)
 	NOT-FOR-US: PHPKIT
-CVE-2003-1186
+CVE-2003-1186 (Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allo ...)
 	NOT-FOR-US: TelCondex SimpleWebServer
-CVE-2003-1185
+CVE-2003-1185 (Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 a ...)
 	NOT-FOR-US: ThWboard
-CVE-2003-1184
+CVE-2003-1184 (Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2 ...)
 	NOT-FOR-US: ThWboard
-CVE-2003-1183
+CVE-2003-1183 (The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3 ...)
 	NOT-FOR-US: Oracle Collaboration Suite
-CVE-2003-1182
+CVE-2003-1182 (Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows r ...)
 	NOT-FOR-US: MPM Guestbook
-CVE-2003-1181
+CVE-2003-1181 (Advanced Poll 2.0.2 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2003-1180
+CVE-2003-1180 (Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2003-1179
+CVE-2003-1179 (Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2. ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2003-1178
+CVE-2003-1178 (Eval injection vulnerability in comments.php in Advanced Poll 2.0.2 al ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2003-1177
+CVE-2003-1177 (Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before  ...)
 	NOT-FOR-US: MERCUR Mailserver
-CVE-2003-1176
+CVE-2003-1176 (post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote m ...)
 	NOT-FOR-US: Web Wiz Forums
-CVE-2003-1175
+CVE-2003-1175 (Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 a ...)
 	NOT-FOR-US: Sympoll
-CVE-2003-1174
+CVE-2003-1174 (Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users  ...)
 	NOT-FOR-US: NullSoft Shoutcast Server
-CVE-2003-1173
+CVE-2003-1173 (Centrinity FirstClass 7.1 allows remote attackers to access sensitive  ...)
 	NOT-FOR-US: Centrinity FirstClass
-CVE-2003-1172
+CVE-2003-1172 (Directory traversal vulnerability in the view-source sample file in Ap ...)
 	NOT-FOR-US: Apache Software Foundation Cocoon
-CVE-2003-1171
+CVE-2003-1171 (Heap-based buffer overflow in the sec_filter_out function in mod_secur ...)
 	- libapache-mod-security 1.8.4-1
-CVE-2003-1170
+CVE-2003-1170 (Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2  ...)
 	NOT-FOR-US: kpopup
-CVE-2003-1169
+CVE-2003-1169 (DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for ...)
 	NOT-FOR-US: DATEV Nutzungskontrolle
-CVE-2003-1167
+CVE-2003-1167 (misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killa ...)
 	NOT-FOR-US: kpopup
-CVE-2003-1166
+CVE-2003-1166 (Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.as ...)
 	NOT-FOR-US: HTTP Commander
-CVE-2003-1165
+CVE-2003-1165 (Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attack ...)
 	NOT-FOR-US: BRS WebWeaver
-CVE-2003-1164
+CVE-2003-1164 (Cross-site scripting (XSS) vulnerability in Mldonkey 2.5-4 allows remo ...)
 	- mldonkey 2.5.11-1
-CVE-2003-1163
+CVE-2003-1163 (hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Ganglia gmond
-CVE-2003-1162
+CVE-2003-1162 (index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to ...)
 	NOT-FOR-US: Tritanium Bulletin Board
-CVE-2003-1161
+CVE-2003-1161 (exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net,  ...)
 	- linux-2.6 <not-affected> (Never released, only temporary in Bitkeeper)
-CVE-2003-1160
+CVE-2003-1160 (FlexWATCH Network video server 132 allows remote attackers to bypass a ...)
 	NOT-FOR-US: FlexWATCH
-CVE-2003-1159
+CVE-2003-1159 (Plug and Play Web Server Proxy 1.0002c allows remote attackers to caus ...)
 	NOT-FOR-US: Plug and Play Web Server
-CVE-2003-1158
+CVE-2003-1158 (Multiple buffer overflows in the FTP service in Plug and Play Web Serv ...)
 	NOT-FOR-US: Plug and Play Web Server
-CVE-2003-1157
+CVE-2003-1157 (Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFr ...)
 	NOT-FOR-US: Citrix
-CVE-2003-1156
+CVE-2003-1156 (Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4. ...)
 	NOT-FOR-US: Sun JRE/SDK
-CVE-2003-1155
+CVE-2003-1155 (X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrit ...)
 	- xcdroast 0.98+0alpha15-1 (bug #310046)
-CVE-2003-1154
+CVE-2003-1154 (MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus prote ...)
 	NOT-FOR-US: MAILsweeper
-CVE-2003-1153
+CVE-2003-1153 (byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary files ...)
 	NOT-FOR-US: byteHoard
-CVE-2003-1152
+CVE-2003-1152 (WebTide 7.04 allows remote attackers to list arbitrary directories via ...)
 	NOT-FOR-US: WebTide
-CVE-2003-1151
+CVE-2003-1151 (Cross-site scripting (XSS) vulnerability in Fastream NETFile Server 6. ...)
 	NOT-FOR-US: Fastream
-CVE-2003-1150
+CVE-2003-1150 (Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare ...)
 	NOT-FOR-US: Novell portmapper
-CVE-2003-1149
+CVE-2003-1149 (Cross-site scripting (XSS) vulnerability in Symantec Norton Internet S ...)
 	NOT-FOR-US: Symantec Norton Internet Security
-CVE-2003-1148
+CVE-2003-1148 (Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS ...)
 	NOT-FOR-US: Les Visiteurs
 CVE-2003-1147
 	REJECTED
-CVE-2003-1146
+CVE-2003-1146 (Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo ...)
 	NOT-FOR-US: Easy PHP Photo Album
-CVE-2003-1145
+CVE-2003-1145 (Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAuto ...)
 	NOT-FOR-US: OpenAutoClassifieds
-CVE-2003-1144
+CVE-2003-1144 (Buffer overflow in the log viewing interface in Perception LiteServe 1 ...)
 	NOT-FOR-US: Perception LiteServe
-CVE-2003-1143
+CVE-2003-1143 (Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter ...)
 	NOT-FOR-US: Croteam Serious Sam demo
-CVE-2003-1142
+CVE-2003-1142 (Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows ...)
 	NOT-FOR-US: NIPrint LPD-LPR
-CVE-2003-1141
+CVE-2003-1141 (Buffer overflow in NIPrint 4.10 allows remote attackers to execute arb ...)
 	NOT-FOR-US: NIPrint LPD-LPR
-CVE-2003-1140
+CVE-2003-1140 (Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbi ...)
 	NOT-FOR-US: Musicqueue
-CVE-2003-1139
+CVE-2003-1139 (Musicqueue 1.2.0 allows local users to overwrite arbitrary files by tr ...)
 	NOT-FOR-US: Musicqueue
-CVE-2003-1138
+CVE-2003-1138 (The default configuration of Apache 2.0.40, as shipped with Red Hat Li ...)
 	- apache2 <not-affected> (Red Hat specific default config)
-CVE-2003-1137
+CVE-2003-1137 (Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to r ...)
 	NOT-FOR-US: sh-httpd
-CVE-2003-1136
+CVE-2003-1136 (Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook 1. ...)
 	NOT-FOR-US: Chi Kien Uong Guestbook
-CVE-2003-1135
+CVE-2003-1135 (Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cau ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2003-1134
+CVE-2003-1134 (Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial  ...)
 	NOT-FOR-US: Sun JVM
-CVE-2003-1133
+CVE-2003-1133 (Rit Research Labs The Bat! 1.0.11 through 2.0 creates new accounts wit ...)
 	NOT-FOR-US: The Bat!
-CVE-2003-1132
+CVE-2003-1132 (The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, ...)
 	NOT-FOR-US: Cisco
-CVE-2003-1131
+CVE-2003-1131 (PHP remote file inclusion vulnerability in index.php in KnowledgeBuild ...)
 	NOT-FOR-US: ActiveCampaign KnowledgeBuilder
 CVE-2003-1130
 	REJECTED
-CVE-2003-1129
+CVE-2003-1129 (Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) Acti ...)
 	NOT-FOR-US: Yahoo Audio Conferencing ActiveX control
-CVE-2003-1128
+CVE-2003-1128 (XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between  ...)
 	NOT-FOR-US: X2 XMMS Remote
-CVE-2003-1127
+CVE-2003-1127 (Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers ...)
 	NOT-FOR-US: e-Gap
-CVE-2003-1126
+CVE-2003-1126 (Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on  ...)
 	NOT-FOR-US: SunOne/iPlanet
-CVE-2003-1125
+CVE-2003-1125 (Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5 ...)
 	NOT-FOR-US: SunOne
-CVE-2003-1124
+CVE-2003-1124 (Unknown vulnerability in Sun Management Center (SunMC) 2.1.1, 3.0, and ...)
 	NOT-FOR-US: Sun Management Center
-CVE-2003-1123
+CVE-2003-1123 (Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows ...)
 	NOT-FOR-US: Sun JRE
-CVE-2003-1122
+CVE-2003-1122 (ScriptLogic 4.01, and possibly other versions before 4.14, uses insecu ...)
 	NOT-FOR-US: ScriptLogic
-CVE-2003-1121
+CVE-2003-1121 (Services in ScriptLogic 4.01, and possibly other versions before 4.14, ...)
 	NOT-FOR-US: ScriptLogic
-CVE-2003-1120
+CVE-2003-1120 (Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the ...)
 	NOT-FOR-US: SSH Tectia Server
-CVE-2003-1119
+CVE-2003-1119 (SSH Secure Shell before 3.2.9 allows remote attackers to cause a denia ...)
 	- openssh <not-affected>
-CVE-2003-1118
+CVE-2003-1118 (Buffer overflow in the SETI@home client 3.03 and other versions allows ...)
 	- setiathome 3.04
-CVE-2003-1117
+CVE-2003-1117 (Buffer overflow in RealSystem Server 6.x, 7.x and 8.x, and RealSystem  ...)
 	NOT-FOR-US: RealSystem Server
-CVE-2003-1116
+CVE-2003-1116 (The communications protocol for the Report Review Agent (RRA), aka FND ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2003-1115
+CVE-2003-1115 (The Session Initiation Protocol (SIP) implementation in Nortel Network ...)
 	NOT-FOR-US: Nortel Networks Succession Communication Server
-CVE-2003-1114
+CVE-2003-1114 (The Session Initiation Protocol (SIP) implementation in Mediatrix Tele ...)
 	NOT-FOR-US: Mediatrix Telecom VoIP Access Devices and Gateways
-CVE-2003-1113
+CVE-2003-1113 (The Session Initiation Protocol (SIP) implementation in IPTel SIP Expr ...)
 	NOT-FOR-US: IPTel SIP Express Router
-CVE-2003-1112
+CVE-2003-1112 (The Session Initiation Protocol (SIP) implementation in Ingate Firewal ...)
 	NOT-FOR-US: Ingate Firewall and Ingate SIParator
-CVE-2003-1111
+CVE-2003-1111 (The Session Initiation Protocol (SIP) implementation in multiple dynam ...)
 	NOT-FOR-US: dynamicsoft
-CVE-2003-1110
+CVE-2003-1110 (The Session Initiation Protocol (SIP) implementation in Columbia SIP U ...)
 	NOT-FOR-US: Columbia SIP User Agent
-CVE-2003-1109
+CVE-2003-1109 (The Session Initiation Protocol (SIP) implementation in multiple Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2003-1108
+CVE-2003-1108 (The Session Initiation Protocol (SIP) implementation in Alcatel OmniPC ...)
 	NOT-FOR-US: Alcatel
-CVE-2003-1107
+CVE-2003-1107 (The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-1106
+CVE-2003-1106 (The SMTP service in Microsoft Windows 2000 before SP4 allows remote at ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-1105
+CVE-2003-1105 (Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 al ...)
 	NOT-FOR-US: MSIE
-CVE-2003-1104
+CVE-2003-1104 (Buffer overflow in IBM Tivoli Firewall Toolbox (TFST) 1.2 allows remot ...)
 	NOT-FOR-US: IBM Tivoli Firewall Toolbox
-CVE-2003-1103
+CVE-2003-1103 (SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS  ...)
 	NOT-FOR-US: Hummingbird CyberDOCS
-CVE-2003-1102
+CVE-2003-1102 (Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses ins ...)
 	NOT-FOR-US: Hummingbird CyberDOCS
-CVE-2003-1101
+CVE-2003-1101 (Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to o ...)
 	NOT-FOR-US: Hummingbird CyberDOCS
-CVE-2003-1100
+CVE-2003-1100 (Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird Cyb ...)
 	NOT-FOR-US: Hummingbird CyberDOCS
-CVE-2003-1099
+CVE-2003-1099 (shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files wi ...)
 	NOT-FOR-US: shar on HP-UX
-CVE-2003-1098
+CVE-2003-1098 (The Xserver for HP-UX 11.22 was not properly built, which introduced a ...)
 	NOT-FOR-US: HP-UX)
-CVE-2003-1097
+CVE-2003-1097 (Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when  ...)
 	NOT-FOR-US: HP-UX)
-CVE-2003-1096
+CVE-2003-1096 (The Cisco LEAP challenge/response authentication mechanism uses passwo ...)
 	NOT-FOR-US: Cisco
-CVE-2003-1095
+CVE-2003-1095 (BEA WebLogic Server and Express 7.0 and 7.0.0.1, when using "memory" s ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2003-1094
+CVE-2003-1094 (BEA WebLogic Server and Express version 7.0 SP3 may follow certain cod ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2003-1093
+CVE-2003-1093 (BEA WebLogic Server 6.1, 7.0 and 7.0.0.1, when routing messages to a J ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2003-1092
+CVE-2003-1092 (Unknown vulnerability in the "Automatic File Content Type Recognition  ...)
 	- file 3.4.1
-CVE-2003-1091
+CVE-2003-1091 (Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streamin ...)
 	NOT-FOR-US: Apple QuickTime/Darwin Streaming Server
-CVE-2003-1090
+CVE-2003-1090 (Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attac ...)
 	NOT-FOR-US: AbsoluteTelnet
-CVE-2003-1089
+CVE-2003-1089 (index.php for Zorum 3.4 allows remote attackers to determine the full  ...)
 	NOT-FOR-US: Zorum
-CVE-2003-1088
+CVE-2003-1088 (Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 an ...)
 	NOT-FOR-US: Zorum
-CVE-2003-1087
+CVE-2003-1087 (Unknown vulnerability in diagmond and possibly other applications in H ...)
 	NOT-FOR-US: diagmond on HP-UX
-CVE-2003-1086
+CVE-2003-1086 (PHP remote file inclusion vulnerability in pm/lib.inc.php in pMachine  ...)
 	NOT-FOR-US: pMachine
-CVE-2003-1085
+CVE-2003-1085 (The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem  ...)
 	NOT-FOR-US: Thomson cable modem
-CVE-2003-1084
+CVE-2003-1084 (Monit 1.4 to 4.1 allows remote attackers to cause a denial of service  ...)
 	- monit 1:4.2.1-1
-CVE-2003-1083
+CVE-2003-1083 (Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attacker ...)
 	- monit 1:4.2.1-1
-CVE-2003-1082
+CVE-2003-1082 (Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local  ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1081
+CVE-2003-1081 (Aspppls for Solaris 8 allows local users to overwrite arbitrary files  ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1080
+CVE-2003-1080 (Unknown vulnerability in mail for Solaris 2.6 through 9 allows local u ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1079
+CVE-2003-1079 (Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1078
+CVE-2003-1078 (The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enab ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1077
+CVE-2003-1077 (Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging ena ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1076
+CVE-2003-1076 (Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1075
+CVE-2003-1075 (Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 thro ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1074
+CVE-2003-1074 (Unknown vulnerability in newtask for Solaris 9 allows local users to g ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1073
+CVE-2003-1073 (A race condition in the at command for Solaris 2.6 through 9 allows lo ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1072
+CVE-2003-1072 (Memory leak in lofiadm in Solaris 8 allows local users to cause a deni ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1071
+CVE-2003-1071 (rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users t ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1070
+CVE-2003-1070 (Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remo ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1069
+CVE-2003-1069 (The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1068
+CVE-2003-1068 (Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local  ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1067
+CVE-2003-1067 (Multiple buffer overflows in the (1) dbm_open function, as used in ndb ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1066
+CVE-2003-1066 (Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows  ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1065
+CVE-2003-1065 (Unknown vulnerability in patches 108993-14 through 108993-19 and 10899 ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1064
+CVE-2003-1064 (Solaris 8 with IPv6 enabled allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1063
+CVE-2003-1063 (The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 10880 ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1062
+CVE-2003-1062 (Unknown vulnerability in the sysinfo system call for Solaris for SPARC ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1061
+CVE-2003-1061 (Race condition in Solaris 2.6 through 9 allows local users to cause a  ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1060
+CVE-2003-1060 (The NFS Server for Solaris 7, 8, and 9 allows remote attackers to caus ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1059
+CVE-2003-1059 (Unknown vulnerability in the libraries for the PGX32 frame buffer in S ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1058
+CVE-2003-1058 (The Xsun server for Sun Solaris 2.6 through 9, when running in Direct  ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1057
+CVE-2003-1057 (Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solari ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1056
+CVE-2003-1056 (The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to crea ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1055
+CVE-2003-1055 (Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 m ...)
 	NOT-FOR-US: Solaris
-CVE-2003-1054
+CVE-2003-1054 (mod_access_referer 1.0.2 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: mod_access_referer
-CVE-2003-1053
+CVE-2003-1053 (Multiple buffer overflows in XShisen allow attackers to execute arbitr ...)
 	- xshisen 1.51-1-1 (bug #213957)
 CVE-2003-1565
 	REJECTED
-CVE-2003-1052
+CVE-2003-1052 (IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modi ...)
 	NOT-FOR-US: IBM DB2
-CVE-2003-1051
+CVE-2003-1051 (Multiple format string vulnerabilities in IBM DB2 Universal Database 8 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2003-1050
+CVE-2003-1050 (Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2003-1049
+CVE-2003-1049 (IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS dire ...)
 	NOT-FOR-US: IBM DB2
-CVE-2003-1048
+CVE-2003-1048 (Double free vulnerability in mshtml.dll for certain versions of Intern ...)
 	NOT-FOR-US: microsoft
 CVE-2003-1047
 	REJECTED
-CVE-2003-1046
+CVE-2003-1046 (describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly ...)
 	- bugzilla 2.16.4-1
-CVE-2003-1045
+CVE-2003-1045 (votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, a ...)
 	- bugzilla 2.16.4-1
-CVE-2003-1044
+CVE-2003-1044 (editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is  ...)
 	- bugzilla 2.16.4-1
-CVE-2003-1043
+CVE-2003-1043 (SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 ...)
 	- bugzilla 2.16.4-1
-CVE-2003-1042
+CVE-2003-1042 (SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and ...)
 	- bugzilla 2.16.4-1
-CVE-2003-1041
+CVE-2003-1041 (Internet Explorer 5.x and 6.0 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: microsoft
-CVE-2003-1040
+CVE-2003-1040 (kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0 ...)
 	NOTE: linux kernel kmod local DoS, fixed in all current kernels
-CVE-2003-1039
+CVE-2003-1039 (Multiple buffer overflows in the mySAP.com architecture for SAP allow  ...)
 	NOT-FOR-US: SAP
-CVE-2003-1038
+CVE-2003-1038 (The AGate component for SAP Internet Transaction Server (ITS) allows r ...)
 	NOT-FOR-US: SAP
-CVE-2003-1037
+CVE-2003-1037 (Format string vulnerability in the WGate component for SAP Internet Tr ...)
 	NOT-FOR-US: SAP
-CVE-2003-1036
+CVE-2003-1036 (Multiple buffer overflows in the AGate component for SAP Internet Tran ...)
 	NOT-FOR-US: SAP
-CVE-2003-1035
+CVE-2003-1035 (The default installation of SAP R/3 46C/D allows remote attackers to b ...)
 	NOT-FOR-US: SAP
-CVE-2003-1034
+CVE-2003-1034 (The RPM installation of SAP DB 7.x creates the (1) dbmsrv or (2) lserv ...)
 	NOT-FOR-US: SAP
-CVE-2003-1033
+CVE-2003-1033 (The (1) instdbmsrv and (2) instlserver programs in SAP DB Development  ...)
 	NOT-FOR-US: SAP
-CVE-2003-1032
+CVE-2003-1032 (Pi3Web web server 2.0.2 Beta 1, when the Directory Index is configured ...)
 	NOT-FOR-US: Pi3Web not in debian
-CVE-2003-1031
+CVE-2003-1031 (Cross-site scripting (XSS) vulnerability in register.php for vBulletin ...)
 	NOT-FOR-US: VBulletin
-CVE-2003-1030
+CVE-2003-1030 (Buffer overflow in DameWare Mini Remote Control before 3.73 allows rem ...)
 	NOT-FOR-US: Dameware
-CVE-2003-1029
+CVE-2003-1029 (The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote at ...)
 	{DSA-425}
 	- tcpdump 3.8.3-1
 	NOTE: Upstream version 3.8.3 is fixed; may have been fixed earlier.
-CVE-2003-1028
+CVE-2003-1028 (The download function of Internet Explorer 6 SP1 allows remote attacke ...)
 	NOT-FOR-US: microsoft
-CVE-2003-1027
+CVE-2003-1027 (Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct ...)
 	NOT-FOR-US: microsoft
-CVE-2003-1026
+CVE-2003-1026 (Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass ...)
 	NOT-FOR-US: microsoft
-CVE-2003-1025
+CVE-2003-1025 (Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-1024
+CVE-2003-1024 (Unknown vulnerability in the ls-F builtin function in tcsh on Solaris  ...)
 	NOT-FOR-US: solaris
-CVE-2003-1023
+CVE-2003-1023 (Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c ...)
 	{DSA-424}
 	- mc 1:4.6.0-4.6.1-pre1-1
-CVE-2003-1021
+CVE-2003-1021 (The scosession program in OpenServer 5.0.6 and 5.0.7 allows local user ...)
 	NOT-FOR-US: SCO
-CVE-2003-1020
+CVE-2003-1020 (The format_send_to_gui function in formats.c for irssi before 0.8.9 al ...)
 	- irssi-text 0.8.9-0.1
 CVE-2003-1019
 	RESERVED
-CVE-2003-1018
+CVE-2003-1018 (Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 al ...)
 	NOT-FOR-US: AIX
-CVE-2003-1017
+CVE-2003-1017 (Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a  ...)
 	- flashplugin-nonfree 7.0.25-1
-CVE-2003-1016
+CVE-2003-1016 (Multiple content security gateway and antivirus products allow remote  ...)
 	NOTE: Multiple vendor MIME quote bypass filtering
-CVE-2003-1015
+CVE-2003-1015 (Multiple content security gateway and antivirus products allow remote  ...)
 	- mime-tools 5.411-2
-CVE-2003-1014
+CVE-2003-1014 (Multiple content security gateway and antivirus products allow remote  ...)
 	NOTE: Multiple vendor MIME RFC822 comment bypass filtering
-CVE-2003-1013
+CVE-2003-1013 (The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows r ...)
 	{DSA-407}
 	- ethereal 0.10.0-1
-CVE-2003-1012
+CVE-2003-1012 (The SMB dissector in Ethereal before 0.10.0 allows remote attackers to ...)
 	{DSA-407}
 	- ethereal 0.10.0-1
-CVE-2003-1011
+CVE-2003-1011 (Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keybo ...)
 	NOT-FOR-US: Apple
-CVE-2003-1010
+CVE-2003-1010 (Unknown vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 and Ma ...)
 	NOT-FOR-US: Apple
-CVE-2003-1009
+CVE-2003-1009 (Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 an ...)
 	NOT-FOR-US: Apple
-CVE-2003-1008
+CVE-2003-1008 (Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users ...)
 	NOT-FOR-US: Apple
-CVE-2003-1007
+CVE-2003-1007 (AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not pro ...)
 	NOT-FOR-US: Apple
-CVE-2003-1006
+CVE-2003-1006 (Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 a ...)
 	NOT-FOR-US: Apple
-CVE-2003-1005
+CVE-2003-1005 (The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote atta ...)
 	NOT-FOR-US: Apple
-CVE-2003-1004
+CVE-2003-1004 (Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Clien ...)
 	NOT-FOR-US: Cisco
-CVE-2003-1003
+CVE-2003-1003 (Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attacke ...)
 	NOT-FOR-US: Cisco
-CVE-2003-1002
+CVE-2003-1002 (Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600  ...)
 	NOT-FOR-US: Cisco
-CVE-2003-1001
+CVE-2003-1001 (Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2003-1000
+CVE-2003-1000 (xchat 2.0.6 allows remote attackers to cause a denial of service (cras ...)
 	- xchat 2.0.7
-CVE-2003-0999
+CVE-2003-0999 (Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint li ...)
 	NOT-FOR-US: Solaris
-CVE-2003-0998
+CVE-2003-0998 (Unknown "potential system security vulnerability" in Computer Associat ...)
 	NOT-FOR-US: Computer Associates (CA) Unicenter Remote Control
-CVE-2003-0997
+CVE-2003-0997 (Unknown "Denial of Service Attack" vulnerability in Computer Associate ...)
 	NOT-FOR-US: Computer Associates (CA) Unicenter Remote Control
-CVE-2003-0995
+CVE-2003-0995 (Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows r ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0992
+CVE-2003-0992 (Cross-site scripting (XSS) vulnerability in the create CGI script for  ...)
 	- mailman 2.1.3
-CVE-2003-0990
+CVE-2003-0990 (The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 ...)
 	- squirrelmail 1.4.2 (low)
 	NOTE: Only potentially exploitable withexternel GPG Plugin, see
 	NOTE: http://www.securityfocus.com/archive/1/348366
 	NOTE: The potential problems have been fixed as of 1.4.2
-CVE-2003-0989
+CVE-2003-0989 (tcpdump before 3.8.1 allows remote attackers to cause a denial of serv ...)
 	{DSA-425}
 	- tcpdump 3.8.1
-CVE-2003-0987
+CVE-2003-0987 (mod_digest for Apache before 1.3.31 does not properly verify the nonce ...)
 	- apache 1.3.29.0.2-5
-CVE-2003-0986
+CVE-2003-0986 (Various routines for the ppc64 architecture on Linux kernel 2.6 prior  ...)
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.24)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.2)
-CVE-2003-0984
+CVE-2003-0984 (Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do n ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.2)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.24-rc1)
-CVE-2003-0983
+CVE-2003-0983 (Cisco Unity on IBM servers is shipped with default settings that shoul ...)
 	NOT-FOR-US: Cisco
-CVE-2003-0982
+CVE-2003-0982 (Buffer overflow in the authentication module for Cisco ACNS 4.x before ...)
 	NOT-FOR-US: Cisco
-CVE-2003-0981
+CVE-2003-0981 (FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name  ...)
 	NOT-FOR-US: visitorbook.pl
-CVE-2003-0980
+CVE-2003-0980 (Cross-site scripting (XSS) vulnerability in FreeScripts VisitorBook LE ...)
 	NOT-FOR-US: visitorbook.pl
-CVE-2003-0979
+CVE-2003-0979 (FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape l ...)
 	NOT-FOR-US: visitorbook.pl
-CVE-2003-0978
+CVE-2003-0978 (Format string vulnerability in gpgkeys_hkp (experimental HKP interface ...)
 	NOT-FOR-US: gpgkeys_hkp
-CVE-2003-0977
+CVE-2003-0977 (CVS server before 1.11.10 may allow attackers to cause the CVS server  ...)
 	- cvs 1:1.11.10
-CVE-2003-0976
+CVE-2003-0976 (NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce ...)
 	NOT-FOR-US: netware
-CVE-2003-0975
+CVE-2003-0975 (Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 al ...)
 	NOT-FOR-US: MacOS
-CVE-2003-0974
+CVE-2003-0974 (Applied Watch Command Center allows remote attackers to conduct unauth ...)
 	NOT-FOR-US: Applied Watch Command Center
-CVE-2003-0973
+CVE-2003-0973 (Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x befo ...)
 	{DSA-452}
 	- libapache-mod-python 2:2.7.10-1
-CVE-2003-0972
+CVE-2003-0972 (Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, a ...)
 	{DSA-408}
 	- screen 4.0.2-0.1
-CVE-2003-0971
+CVE-2003-0971 (GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal typ ...)
 	{DSA-429}
 	- gnupg 1.2.4-1
-CVE-2003-0970
+CVE-2003-0970 (The Network Management Port on Sun Fire B1600 systems allows remote at ...)
 	NOT-FOR-US: Sun Fire B1600
-CVE-2003-0968
+CVE-2003-0968 (Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experim ...)
 	- freeradius 1.0.1 (unimportant)
 	NOTE: freeradius module in question is not built in debian package
-CVE-2003-0967
+CVE-2003-0967 (rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to  ...)
 	- freeradius 0.9.2-4
-CVE-2003-0996
+CVE-2003-0996 (Unknown "System Security Vulnerability" in Computer Associates (CA) Un ...)
 	NOT-FOR-US: Computer Associates (CA) Unicenter Remote Control
-CVE-2003-0965
+CVE-2003-0965 (Cross-site scripting (XSS) vulnerability in the admin CGI script for M ...)
 	{DSA-436}
 	- mailman 2.1.4-1
 CVE-2003-0964
 	REJECTED
-CVE-2003-0963
+CVE-2003-0963 (Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for  ...)
 	{DSA-406}
 	- lftp 2.6.10-1
-CVE-2003-0962
+CVE-2003-0962 (Heap-based buffer overflow in rsync before 2.5.7, when running in serv ...)
 	{DSA-404}
 	- rsync 2.5.6-1.1
-CVE-2003-0961
+CVE-2003-0961 (Integer overflow in the do_brk function for the brk system call in Lin ...)
 	{DSA-475 DSA-470 DSA-450 DSA-442 DSA-440 DSA-439 DSA-433 DSA-423 DSA-417 DSA-403}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.23-pre7)
-CVE-2003-0960
+CVE-2003-0960 (OpenCA before 0.9.1.4 does not use the correct certificate in a chain  ...)
 	NOT-FOR-US: OpenCA
-CVE-2003-0959
+CVE-2003-0959 (Multiple integer overflows in the 32bit emulation for AMD64 architectu ...)
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21)
 CVE-2003-0958
 	RESERVED
 CVE-2003-0957
 	RESERVED
-CVE-2003-0956
+CVE-2003-0956 (Multiple race conditions in the handling of O_DIRECT in Linux kernel p ...)
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.22)
-CVE-2003-0955
+CVE-2003-0955 (OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of ser ...)
 	NOT-FOR-US: OpenBSD
-CVE-2003-0954
+CVE-2003-0954 (Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users t ...)
 	NOT-FOR-US: rcp
 CVE-2003-0953
 	REJECTED
 CVE-2003-0952
 	REJECTED
-CVE-2003-0951
+CVE-2003-0951 (Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate ...)
 	NOT-FOR-US: HP-UX
-CVE-2003-0950
+CVE-2003-0950 (PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to ...)
 	NOT-FOR-US: PeopleSoft PeopleTools
-CVE-2003-0949
+CVE-2003-0949 (xsok 1.02 does not properly drop privileges before finding and executi ...)
 	{DSA-405}
 	- xsok 1.02-11
-CVE-2003-0948
+CVE-2003-0948 (Buffer overflow in iwconfig allows local users to execute arbitrary co ...)
 	- wireless-tools <not-affected> (iwconfig not setuid/setgid in Debian)
-CVE-2003-0947
+CVE-2003-0947 (Buffer overflow in iwconfig, when installed setuid, allows local users ...)
 	- wireless-tools <not-affected> (iwconfig not setuid/setgid in Debian)
-CVE-2003-0946
+CVE-2003-0946 (Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 t ...)
 	- clamav 0.65
-CVE-2003-0945
+CVE-2003-0945 (The Web Database Manager in web-tools for SAP DB before 7.4.03.30 gene ...)
 	NOT-FOR-US: Web Database Manager in web-tools for SAP DB
-CVE-2003-0944
+CVE-2003-0944 (Buffer overflow in the WAECHO default service in web-tools in SAP DB b ...)
 	NOT-FOR-US: Web Database Manager in web-tools for SAP DB
-CVE-2003-0943
+CVE-2003-0943 (web-tools in SAP DB before 7.4.03.30 installs several services that ar ...)
 	NOT-FOR-US: Web Database Manager in web-tools for SAP DB
-CVE-2003-0942
+CVE-2003-0942 (Buffer overflow in Web Agent Administration service in web-tools for S ...)
 	NOT-FOR-US: Web Database Manager in web-tools for SAP DB
-CVE-2003-0941
+CVE-2003-0941 (web-tools in SAP DB before 7.4.03.30 allows remote attackers to access ...)
 	NOT-FOR-US: Web Database Manager in web-tools for SAP DB
-CVE-2003-0940
+CVE-2003-0940 (Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB ...)
 	NOT-FOR-US: Web Database Manager in web-tools for SAP DB
-CVE-2003-0939
+CVE-2003-0939 (eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB ...)
 	NOT-FOR-US: SAP database server (SAP DB)
-CVE-2003-0938
+CVE-2003-0938 (vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows  ...)
 	NOT-FOR-US: SAP database server (SAP DB)
-CVE-2003-0937
+CVE-2003-0937 (SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to b ...)
 	NOT-FOR-US: UnixWare
-CVE-2003-0936
+CVE-2003-0936 (Symantec PCAnywhere 10.x and 11, when started as a service, allows att ...)
 	NOT-FOR-US: PCAnywhere
-CVE-2003-0935
+CVE-2003-0935 (Net-SNMP before 5.0.9 allows a user or community to access data in MIB ...)
 	- net-snmp 5.0.9
-CVE-2003-0934
+CVE-2003-0934 (Symbol Access Portable Data Terminal (PDT) 8100 does not hide the defa ...)
 	NOT-FOR-US: Symbol Access Portable Data Terminal
-CVE-2003-0933
+CVE-2003-0933 (Buffer overflow in conquest 7.2 and earlier may allow a local user to  ...)
 	{DSA-398}
 	- conquest 7.2-5
-CVE-2003-0932
+CVE-2003-0932 (Buffer overflow in omega-rpg 0.90 allows local users to execute arbitr ...)
 	{DSA-400}
 	- omega-rpg 1:0.90-pa9-11
-CVE-2003-0931
+CVE-2003-0931 (Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Sygate Enforcer
-CVE-2003-0930
+CVE-2003-0930 (Clearswift MAILsweeper before 4.3.15 does not properly detect filename ...)
 	NOT-FOR-US: Clearswift MAILsweeper
-CVE-2003-0929
+CVE-2003-0929 (Clearswift MAILsweeper before 4.3.15 does not properly detect and filt ...)
 	NOT-FOR-US: Clearswift MAILsweeper
-CVE-2003-0928
+CVE-2003-0928 (Clearswift MAILsweeper before 4.3.15 does not properly detect and filt ...)
 	NOT-FOR-US: Clearswift MAILsweeper
-CVE-2003-0927
+CVE-2003-0927 (Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remot ...)
 	{DSA-407}
 	- ethereal 0.9.16-0.1
-CVE-2003-0926
+CVE-2003-0926 (Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to ...)
 	{DSA-407}
 	- ethereal 0.9.16-0.1
-CVE-2003-0925
+CVE-2003-0925 (Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers ...)
 	{DSA-407}
 	- ethereal 0.9.16-0.1
 CVE-2003-0923
@@ -1413,49 +1413,49 @@ CVE-2003-0916
 	RESERVED
 CVE-2003-0915
 	RESERVED
-CVE-2003-0914
+CVE-2003-0914 (ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote att ...)
 	{DSA-409}
 	- bind 1:8.4.3-1
-CVE-2003-0913
+CVE-2003-0913 (Unknown vulnerability in the Terminal application for Mac OS X 10.3 (C ...)
 	NOT-FOR-US: MacOS
 CVE-2003-0912
 	RESERVED
 CVE-2003-0911
 	RESERVED
-CVE-2003-0910
+CVE-2003-0910 (The NtSetLdtEntries function in the programming interface for the Loca ...)
 	NOT-FOR-US: Windows
-CVE-2003-0909
+CVE-2003-0909 (Windows XP allows local users to execute arbitrary programs by creatin ...)
 	NOT-FOR-US: Windows
-CVE-2003-0908
+CVE-2003-0908 (The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe wi ...)
 	NOT-FOR-US: Windows
-CVE-2003-0907
+CVE-2003-0907 (Help and Support Center in Microsoft Windows XP SP1 does not properly  ...)
 	NOT-FOR-US: Windows
-CVE-2003-0906
+CVE-2003-0906 (Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) ...)
 	NOT-FOR-US: Windows
-CVE-2003-0904
+CVE-2003-0904 (Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured  ...)
 	NOT-FOR-US: Windows
-CVE-2003-0902
+CVE-2003-0902 (Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and ...)
 	{DSA-402}
 	- minimalist 2.4-1
-CVE-2003-0901
+CVE-2003-0901 (Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3 ...)
 	{DSA-397}
 	- postgresql 7.3.4-1
 	NOTE: 7.3.4-1 was uploaded to unstable in August 2003, well before the
 	NOTE: DSA, that's why the DSA says that unstable is not affected.
-CVE-2003-0900
+CVE-2003-0900 (Perl 5.8.1 on Fedora Core does not properly initialize the random numb ...)
 	- perl 5.8.2
-CVE-2003-0899
+CVE-2003-0899 (Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allo ...)
 	{DSA-396}
 	- thttpd 2.23beta1-2.3
-CVE-2003-0898
+CVE-2003-0898 (IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, all ...)
 	NOT-FOR-US: IBM DB2
-CVE-2003-0897
+CVE-2003-0897 ("Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0896
+CVE-2003-0896 (The loadClass method of the sun.applet.AppletClassLoader class in the  ...)
 	NOT-FOR-US: Sun/Java
-CVE-2003-0895
+CVE-2003-0895 (Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local ...)
 	NOT-FOR-US: Apple
-CVE-2003-0894
+CVE-2003-0894 (Buffer overflow in the (1) oracle and (2) oracleO programs in Oracle 9 ...)
 	NOT-FOR-US: Oracle
 CVE-2003-0893
 	RESERVED
@@ -1469,43 +1469,43 @@ CVE-2003-0889
 	RESERVED
 CVE-2003-0888
 	RESERVED
-CVE-2003-0887
+CVE-2003-0887 (ez-ipupdate 3.0.11b7 and earlier creates insecure temporary cache file ...)
 	NOTE: verified Debian is not explitable; we don't put the cache in /tmp
-CVE-2003-0886
+CVE-2003-0886 (Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier all ...)
 	{DSA-401}
 	- hylafax 1:4.1.8-1
-CVE-2003-0885
+CVE-2003-0885 (Xscreensaver 4.14 contains certain debugging code that should have bee ...)
 	- xscreensaver 4.15
 CVE-2003-0884
 	RESERVED
-CVE-2003-0883
+CVE-2003-0883 (The System Preferences capability in Mac OS X before 10.3 allows local ...)
 	NOT-FOR-US: Apple
-CVE-2003-0882
+CVE-2003-0882 (Mac OS X before 10.3 initializes the TCP timestamp with a constant num ...)
 	NOT-FOR-US: Apple
-CVE-2003-0881
+CVE-2003-0881 (Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Res ...)
 	NOT-FOR-US: Apple
-CVE-2003-0880
+CVE-2003-0880 (Unknown vulnerability in Mac OS X before 10.3 allows local users to ac ...)
 	NOT-FOR-US: Apple
 CVE-2003-0879
 	REJECTED
-CVE-2003-0878
+CVE-2003-0878 (slpd daemon in Mac OS X before 10.3 allows local users to overwrite ar ...)
 	NOT-FOR-US: Apple
-CVE-2003-0877
+CVE-2003-0877 (Mac OS X before 10.3 with core files enabled allows local users to ove ...)
 	NOT-FOR-US: Apple
-CVE-2003-0876
+CVE-2003-0876 (Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute p ...)
 	NOT-FOR-US: Apple
-CVE-2003-0875
+CVE-2003-0875 (Symbolic link vulnerability in the slpd script slpd.all_init for OpenS ...)
 	NOTE: Vulnerable code not shipped in the binary package
 	- openslp 1.0.11a-1 (unimportant)
-CVE-2003-0874
+CVE-2003-0874 (Multiple SQL injection vulnerabilities in DeskPRO 1.1.0 and earlier al ...)
 	NOT-FOR-US: Deskpro
 CVE-2003-0873
 	REJECTED
-CVE-2003-0872
+CVE-2003-0872 (Certain scripts in OpenServer before 5.0.6 allow local users to overwr ...)
 	NOT-FOR-US: SCO
-CVE-2003-0871
+CVE-2003-0871 (Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X ...)
 	NOT-FOR-US: Apple
-CVE-2003-0870
+CVE-2003-0870 (Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attack ...)
 	NOT-FOR-US: Opera
 CVE-2003-0869
 	REJECTED
@@ -1513,153 +1513,153 @@ CVE-2003-0868
 	REJECTED
 CVE-2003-0867
 	REJECTED
-CVE-2003-0866
+CVE-2003-0866 (The Catalina org.apache.catalina.connector.http package in Tomcat 4.0. ...)
 	{DSA-395}
 	- tomcat4 4.1.24-2
-CVE-2003-0865
+CVE-2003-0865 (Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r ...)
 	{DSA-435}
 	- mpg123 0.59r-15
-CVE-2003-0864
+CVE-2003-0864 (Buffer overflow in m_join in channel.c for IRCnet IRCD 2.10.x to 2.10. ...)
 	- ircd-irc2 2.10.3p5-1
-CVE-2003-0863
+CVE-2003-0863 (The php_check_safe_mode_include_dir function in fopen_wrappers.c of PH ...)
 	NOTE: php4, this bug appears not to have been fixed.
 	NOTE: submitted to BTS on libapache-mod-php4
 	NOTE: developer claims there is no problem
 CVE-2003-0862
 	REJECTED
-CVE-2003-0861
+CVE-2003-0861 (Integer overflows in (1) base64_encode and (2) the GD library for PHP  ...)
 	- php4 4:4.3.3-1
-CVE-2003-0860
+CVE-2003-0860 (Buffer overflows in PHP before 4.3.3 have unknown impact and unknown a ...)
 	- php4 4:4.3.3-1
-CVE-2003-0859
+CVE-2003-0859 (The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows l ...)
 	NOTE: affects glibc 2.2.4, Debian uses 2.3.2
-CVE-2003-0858
+CVE-2003-0858 (Zebra 0.93b and earlier, and quagga before 0.95, allows local users to ...)
 	{DSA-415}
 	- quagga 0.96.4x-4
-CVE-2003-0857
+CVE-2003-0857 (The (1) ipq_read and (2) ipulog_read functions in iptables allow local ...)
 	NOT-FOR-US: Data predating security tracker
-CVE-2003-0856
+CVE-2003-0856 (iproute 2.4.7 and earlier allows local users to cause a denial of serv ...)
 	{DSA-492}
 	- iproute 20010824-13.1
-CVE-2003-0855
+CVE-2003-0855 (Pan 0.13.3 and earlier allows remote attackers to cause a denial of se ...)
 	- pan 0.13.4-1
-CVE-2003-0854
+CVE-2003-0854 (ls in the fileutils or coreutils packages allows local users to consum ...)
 	- coreutils 5.2.1-1
-CVE-2003-0853
+CVE-2003-0853 (An integer overflow in ls in the fileutils or coreutils packages may a ...)
 	- coreutils 5.2.1-1
-CVE-2003-0852
+CVE-2003-0852 (Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 ...)
 	- sylpheed-claws 0.9.8claws-1
-CVE-2003-0851
+CVE-2003-0851 (OpenSSL 0.9.6k allows remote attackers to cause a denial of service (c ...)
 	- openssl096 0.9.6l
-CVE-2003-0850
+CVE-2003-0850 (The TCP reassembly functionality in libnids before 1.18 allows remote  ...)
 	{DSA-410}
 	- libnids 1.18-1
-CVE-2003-0849
+CVE-2003-0849 (Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote a ...)
 	- cfengine2 2.0.9+2.1.0b3-1
-CVE-2003-0848
+CVE-2003-0848 (Heap-based buffer overflow in main.c of slocate 2.6, and possibly othe ...)
 	{DSA-428}
 	- slocate 2.7-3
-CVE-2003-0847
+CVE-2003-0847 (SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows lo ...)
 	NOT-FOR-US: SuSE
-CVE-2003-0846
+CVE-2003-0846 (SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allow ...)
 	NOT-FOR-US: SuSE
-CVE-2003-0845
+CVE-2003-0845 (Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 ...)
 	NOT-FOR-US: JBoss
-CVE-2003-0844
+CVE-2003-0844 (mod_gzip 1.3.26.1a and earlier, and possibly later official versions,  ...)
 	- libapache-mod-gzip <unfixed> (unimportant)
 	NOTE: Debian doesn't enable vulnerable debug mode.
-CVE-2003-0843
+CVE-2003-0843 (Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a  ...)
 	- libapache-mod-gzip <unfixed> (unimportant)
 	NOTE: Debian doesn't enable vulnerable debug mode.
-CVE-2003-0842
+CVE-2003-0842 (Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a  ...)
 	- libapache-mod-gzip <unfixed> (unimportant)
 	NOTE: Debian doesn't enable vulnerable debug mode.
-CVE-2003-0841
+CVE-2003-0841 (The grid option in PeopleSoft 8.42 stores temporary .xls files in gues ...)
 	NOT-FOR-US: Peoplesoft
-CVE-2003-0840
+CVE-2003-0840 (Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other oper ...)
 	NOT-FOR-US: HPUX
-CVE-2003-0839
+CVE-2003-0839 (Directory traversal vulnerability in the "Shell Folders" capability in ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0838
+CVE-2003-0838 (Internet Explorer allows remote attackers to bypass zone restrictions  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0837
+CVE-2003-0837 (Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Win ...)
 	NOT-FOR-US: IBM DB2
-CVE-2003-0836
+CVE-2003-0836 (Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2003-0835
+CVE-2003-0835 (Multiple buffer overflows in asf_http_request of MPlayer before 0.92 a ...)
 	NOTE: mplayer fixed before upload
-CVE-2003-0834
+CVE-2003-0834 (Buffer overflow in CDE libDtHelp library allows local users to execute ...)
 	NOT-FOR-US: CDE
-CVE-2003-0833
+CVE-2003-0833 (Stack-based buffer overflow in webfs before 1.20 allows attackers to e ...)
 	{DSA-392}
 	- webfs 1.20
-CVE-2003-0832
+CVE-2003-0832 (Directory traversal vulnerability in webfs before 1.20 allows remote a ...)
 	{DSA-392}
 	- webfs 1.20
-CVE-2003-0831
+CVE-2003-0831 (ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline cha ...)
 	- proftpd 1.2.9-1
-CVE-2003-0830
+CVE-2003-0830 (Buffer overflow in marbles 1.0.2 and earlier allows local users to gai ...)
 	{DSA-390}
 	- marbles <removed>
 CVE-2003-0829
 	RESERVED
-CVE-2003-0828
+CVE-2003-0828 (Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local user ...)
 	{DSA-391}
 	- freesweep 0.88-4.1 (bug #242616)
-CVE-2003-0827
+CVE-2003-0827 (The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2003-0826
+CVE-2003-0826 (lsh daemon (lshd) does not properly return from certain functions in ( ...)
 	{DSA-717-1}
 	- lsh-utils 1.4.2-6
-CVE-2003-0824
+CVE-2003-0824 (Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Micr ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0823
+CVE-2003-0823 (Internet Explorer 6 SP1 and earlier allows remote attackers to direct  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0822
+CVE-2003-0822 (Buffer overflow in the debug functionality in fp30reg.dll of Microsoft ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0821
+CVE-2003-0821 (Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0820
+CVE-2003-0820 (Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2 ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0819
+CVE-2003-0819 (Buffer overflow in the H.323 filter of Microsoft Internet Security and ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0818
+CVE-2003-0818 (Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0817
+CVE-2003-0817 (Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0816
+CVE-2003-0816 (Internet Explorer 6 SP1 and earlier allows remote attackers to bypass  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0815
+CVE-2003-0815 (Internet Explorer 6 SP1 and earlier allows remote attackers to bypass  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0814
+CVE-2003-0814 (Internet Explorer 6 SP1 and earlier allows remote attackers to bypass  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0813
+CVE-2003-0813 (A multi-threaded race condition in the Windows RPC DCOM functionality  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0812
+CVE-2003-0812 (Stack-based buffer overflow in a logging function for Windows Workstat ...)
 	NOT-FOR-US: microsoft
 CVE-2003-0811
 	RESERVED
 CVE-2003-0810
 	RESERVED
-CVE-2003-0809
+CVE-2003-0809 (Internet Explorer 5.01 through 6.0 does not properly handle object tag ...)
 	NOT-FOR-US: microsoft
 CVE-2003-0808
 	RESERVED
-CVE-2003-0807
+CVE-2003-0807 (Buffer overflow in the COM Internet Services and in the RPC over HTTP  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0806
+CVE-2003-0806 (Buffer overflow in the Windows logon process (winlogon) in Microsoft W ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0805
+CVE-2003-0805 (Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x b ...)
 	{DSA-387}
 	- gopher 3.0.6
 	NOTE: gopherd was removed from the gopher package in version 3.0.6.
-CVE-2003-0804
+CVE-2003-0804 (The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10. ...)
 	NOT-FOR-US: BSD
-CVE-2003-0803
+CVE-2003-0803 (Nokia Electronic Documentation (NED) 5.0 allows remote attackers to us ...)
 	NOT-FOR-US: Nokia
-CVE-2003-0802
+CVE-2003-0802 (Nokia Electronic Documentation (NED) 5.0 allows remote attackers to ob ...)
 	NOT-FOR-US: Nokia
-CVE-2003-0801
+CVE-2003-0801 (Cross-site scripting (XSS) vulnerability in Nokia Electronic Documenta ...)
 	NOT-FOR-US: Nokia
 CVE-2003-0800
 	REJECTED
@@ -1667,512 +1667,512 @@ CVE-2003-0799
 	REJECTED
 CVE-2003-0798
 	REJECTED
-CVE-2003-0797
+CVE-2003-0797 (Unknown vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 all ...)
 	NOT-FOR-US: SGI IRIX
-CVE-2003-0796
+CVE-2003-0796 (Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 all ...)
 	NOT-FOR-US: SGI IRIX
-CVE-2003-0795
+CVE-2003-0795 (The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, do ...)
 	{DSA-415}
 	- quagga 0.96.4x-4
-CVE-2003-0794
+CVE-2003-0794 (GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit ...)
 	- gdm 2.4.4.4
-CVE-2003-0793
+CVE-2003-0793 (GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not restr ...)
 	- gdm 2.4.4.4
-CVE-2003-0792
+CVE-2003-0792 (Fetchmail 6.2.4 and earlier does not properly allocate memory for long ...)
 	- fetchmail 6.2.5
-CVE-2003-0791
+CVE-2003-0791 (The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earl ...)
 	- mozilla 2:1.5
 CVE-2003-0790
 	REJECTED
-CVE-2003-0789
+CVE-2003-0789 (mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not  ...)
 	- apache2 2.0.48
-CVE-2003-0788
+CVE-2003-0788 (Unknown vulnerability in the Internet Printing Protocol (IPP) implemen ...)
 	- cups 1.1.19
 	- cupsys 1.1.19
-CVE-2003-0787
+CVE-2003-0787 (The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets  ...)
 	- openssh 1:3.7.1p2
-CVE-2003-0786
+CVE-2003-0786 (The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3. ...)
 	- openssh 1:3.7.1p2
-CVE-2003-0785
+CVE-2003-0785 (ipmasq before 3.5.12, in certain configurations, may forward packets t ...)
 	{DSA-389}
 	- ipmasq 3.5.12
-CVE-2003-0784
+CVE-2003-0784 (Format string vulnerability in tsm for the bos.rte.security fileset on ...)
 	NOT-FOR-US: IBM TSM
-CVE-2003-0783
+CVE-2003-0783 (Multiple buffer overflows in hztty 2.0 allow local users to gain root  ...)
 	{DSA-385}
 	- hztty 2.0-6
-CVE-2003-0782
+CVE-2003-0782 (Multiple buffer overflows in ecartis before 1.0.0 allow attackers to c ...)
 	{DSA-467}
 	- ecartis 1.0.0+cvs.20030911
-CVE-2003-0781
+CVE-2003-0781 (Unknown vulnerability in ecartis before 1.0.0 does not properly valida ...)
 	{DSA-467}
 	- ecartis 1.0.0+cvs.20030911
-CVE-2003-0780
+CVE-2003-0780 (Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4. ...)
 	{DSA-381}
 	- mysql-dfsg 4.0.15-1
-CVE-2003-0779
+CVE-2003-0779 (SQL injection vulnerability in the Call Detail Record (CDR) logging fu ...)
 	- asterisk 0.7.0
-CVE-2003-0778
+CVE-2003-0778 (saned in sane-backends 1.0.7 and earlier, and possibly later versions, ...)
 	{DSA-379}
 	- sane-backends 1.0.11-1
-CVE-2003-0777
+CVE-2003-0777 (saned in sane-backends 1.0.7 and earlier, when debug messages are enab ...)
 	{DSA-379}
 	- sane-backends 1.0.11-1
-CVE-2003-0776
+CVE-2003-0776 (saned in sane-backends 1.0.7 and earlier does not properly "check the  ...)
 	{DSA-379}
 	- sane-backends 1.0.11-1
-CVE-2003-0775
+CVE-2003-0775 (saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrar ...)
 	{DSA-379}
 	- sane-backends 1.0.11-1
-CVE-2003-0774
+CVE-2003-0774 (saned in sane-backends 1.0.7 and earlier does not quickly handle conne ...)
 	{DSA-379}
 	- sane-backends 1.0.11-1
-CVE-2003-0773
+CVE-2003-0773 (saned in sane-backends 1.0.7 and earlier does not check the IP address ...)
 	{DSA-379}
 	- sane-backends 1.0.11-1
-CVE-2003-0772
+CVE-2003-0772 (Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated ...)
 	NOT-FOR-US: WS_FTP server
-CVE-2003-0771
+CVE-2003-0771 (Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary fi ...)
 	- libapache-gallery-perl 0.7
-CVE-2003-0770
+CVE-2003-0770 (FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not pro ...)
 	NOT-FOR-US: IkonBoard
-CVE-2003-0769
+CVE-2003-0769 (Cross-site scripting (XSS) vulnerability in the ICQ Web Front guestboo ...)
 	NOT-FOR-US: ICQ Web Front
-CVE-2003-0768
+CVE-2003-0768 (Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0767
+CVE-2003-0767 (Buffer overflow in RogerWilco graphical server 1.4.1.6 and earlier, de ...)
 	NOT-FOR-US: RogerWilco
-CVE-2003-0766
+CVE-2003-0766 (Multiple heap-based buffer overflows in FTP Desktop client 3.5, and po ...)
 	NOT-FOR-US: ftp desktop (windows)
-CVE-2003-0765
+CVE-2003-0765 (The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allow ...)
 	NOT-FOR-US: winamp
-CVE-2003-0764
+CVE-2003-0764 (Escapade Scripting Engine (ESP) allows remote attackers to obtain sens ...)
 	NOT-FOR-US: Escapade Scripting Engine (ESP
-CVE-2003-0763
+CVE-2003-0763 (Cross-site scripting (XSS) vulnerability in Escapade Scripting Engine  ...)
 	NOT-FOR-US: Escapade Scripting Engine (ESP
-CVE-2003-0762
+CVE-2003-0762 (Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 all ...)
 	NOT-FOR-US: foxweb
-CVE-2003-0761
+CVE-2003-0761 (Buffer overflow in the get_msg_text of chan_sip.c in the Session Initi ...)
 	- asterisk 0.5.0
-CVE-2003-0760
+CVE-2003-0760 (Blubster 2.5 allows remote attackers to cause a denial of service (cra ...)
 	NOT-FOR-US: optisoft blubster
-CVE-2003-0759
+CVE-2003-0759 (Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before F ...)
 	NOT-FOR-US: IBM DB2
-CVE-2003-0758
+CVE-2003-0758 (Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before F ...)
 	NOT-FOR-US: IBM DB2
-CVE-2003-0757
+CVE-2003-0757 (Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers  ...)
 	NOT-FOR-US: check point firewall
-CVE-2003-0756
+CVE-2003-0756 (Directory traversal vulnerability in sitebuilder.cgi in SiteBuilder 1. ...)
 	NOT-FOR-US: sitebuilder
-CVE-2003-0755
+CVE-2003-0755 (Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remo ...)
 	NOT-FOR-US: gtkftpd
-CVE-2003-0754
+CVE-2003-0754 (nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass ...)
 	NOT-FOR-US: newsPHP
-CVE-2003-0753
+CVE-2003-0753 (nphpd.php in newsPHP 216 and earlier allows remote attackers to read a ...)
 	NOT-FOR-US: newsPHP
-CVE-2003-0752
+CVE-2003-0752 (SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possi ...)
 	NOT-FOR-US: AttilaPHP
-CVE-2003-0751
+CVE-2003-0751 (SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and ea ...)
 	NOT-FOR-US: PY-Membres
-CVE-2003-0750
+CVE-2003-0750 (secure.php in PY-Membres 4.2 and earlier allows remote attackers to by ...)
 	NOT-FOR-US: PY-Membres
-CVE-2003-0749
+CVE-2003-0749 (Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet ...)
 	NOT-FOR-US: SAP
-CVE-2003-0748
+CVE-2003-0748 (Directory traversal vulnerability in wgate.dll for SAP Internet Transa ...)
 	NOT-FOR-US: SAP
-CVE-2003-0747
+CVE-2003-0747 (wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 all ...)
 	NOT-FOR-US: SAP
-CVE-2003-0746
+CVE-2003-0746 (Various Distributed Computing Environment (DCE) implementations, inclu ...)
 	NOT-FOR-US: Distributed Computing Environment (DCE) not in Deb
-CVE-2003-0745
+CVE-2003-0745 (SNMPc 6.0.8 and earlier performs authentication to the server on the c ...)
 	NOT-FOR-US: castlerock SNMPc
-CVE-2003-0744
+CVE-2003-0744 (The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote at ...)
 	- leafnode 1.9.42
-CVE-2003-0743
+CVE-2003-0743 (Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 ...)
 	{DSA-376}
 	- exim 3.36-8
-CVE-2003-0742
+CVE-2003-0742 (SCO Internet Manager (mana) allows local users to execute arbitrary pr ...)
 	NOT-FOR-US: SCO
 CVE-2003-0741
 	REJECTED
-CVE-2003-0740
+CVE-2003-0740 (Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor ...)
 	- stunnel 2:3.26 (bug #278942)
 	- stunnel4 2:4.04
-CVE-2003-0739
+CVE-2003-0739 (VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows loc ...)
 	NOT-FOR-US: VMware
-CVE-2003-0738
+CVE-2003-0738 (The calendar module in phpWebSite 0.9.x and earlier allows remote atta ...)
 	NOT-FOR-US: phpWebSite
-CVE-2003-0737
+CVE-2003-0737 (The calendar module in phpWebSite 0.9.x and earlier allows remote atta ...)
 	NOT-FOR-US: phpWebSite
-CVE-2003-0736
+CVE-2003-0736 (Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9. ...)
 	NOT-FOR-US: phpWebSite
-CVE-2003-0735
+CVE-2003-0735 (SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x ...)
 	NOT-FOR-US: phpWebSite
-CVE-2003-0734
+CVE-2003-0734 (Unknown vulnerability in the pam_filter mechanism in pam_ldap before v ...)
 	- libpam-ldap 164-1
 	- libnss-ldap 207-1
-CVE-2003-0733
+CVE-2003-0733 (Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integr ...)
 	NOT-FOR-US: BEA weblogic
-CVE-2003-0732
+CVE-2003-0732 (CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows t ...)
 	NOT-FOR-US: cisco
-CVE-2003-0731
+CVE-2003-0731 (CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows t ...)
 	NOT-FOR-US: cisco
-CVE-2003-0730
+CVE-2003-0730 (Multiple integer overflows in the font libraries for XFree86 4.3.0 all ...)
 	{DSA-380}
 	- xfree86 4.2.1-12
-CVE-2003-0729
+CVE-2003-0729 (Buffer overflow in Tellurian TftpdNT 1.8 allows remote attackers to ex ...)
 	NOT-FOR-US: tellurian tftpdNT
-CVE-2003-0728
+CVE-2003-0728 (Horde before 2.2.4 allows remote malicious web sites to steal session  ...)
 	- horde2 2.2.4
-CVE-2003-0727
+CVE-2003-0727 (Multiple buffer overflows in the XML Database (XDB) functionality for  ...)
 	NOT-FOR-US: oracle
-CVE-2003-0726
+CVE-2003-0726 (RealOne player allows remote attackers to execute arbitrary script in  ...)
 	NOT-FOR-US: RealOne player
-CVE-2003-0725
+CVE-2003-0725 (Buffer overflow in the RTSP protocol parser for the View Source plug-i ...)
 	NOT-FOR-US: Real Networks Server / Helix Server
-CVE-2003-0724
+CVE-2003-0724 (ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signat ...)
 	NOT-FOR-US: HP Tru64
-CVE-2003-0723
+CVE-2003-0723 (Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow  ...)
 	- gkrellm 2.1.14
-CVE-2003-0722
+CVE-2003-0722 (The default installation of sadmind on Solaris uses weak authenticatio ...)
 	NOT-FOR-US: solaris
-CVE-2003-0721
+CVE-2003-0721 (Integer signedness error in rfc2231_get_param from strings.c in PINE b ...)
 	- pine 4.58
 	- alpine <not-affected> (alpine is based on pine 4.64, this bug was in a previous version of pine)
-CVE-2003-0720
+CVE-2003-0720 (Buffer overflow in PINE before 4.58 allows remote attackers to execute ...)
 	- pine 4.58
 	- alpine <not-affected> (alpine is based on pine 4.64, this bug was in a previous version of pine)
-CVE-2003-0719
+CVE-2003-0719 (Buffer overflow in the Private Communications Transport (PCT) protocol ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0718
+CVE-2003-0718 (The WebDAV Message Handler for Internet Information Services (IIS) 5.0 ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0717
+CVE-2003-0717 (The Messenger Service for Windows NT through Server 2003 does not prop ...)
 	NOT-FOR-US: microsoft
 CVE-2003-0716
 	RESERVED
-CVE-2003-0715
+CVE-2003-0715 (Heap-based buffer overflow in the Distributed Component Object Model ( ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0714
+CVE-2003-0714 (The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 all ...)
 	NOT-FOR-US: microsoft
 CVE-2003-0713
 	RESERVED
-CVE-2003-0712
+CVE-2003-0712 (Cross-site scripting (XSS) vulnerability in the HTML encoding for the  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0711
+CVE-2003-0711 (Stack-based buffer overflow in the PCHealth system in the Help and Sup ...)
 	NOT-FOR-US: pchealth for windows
 CVE-2003-0710
 	RESERVED
-CVE-2003-0709
+CVE-2003-0709 (Buffer overflow in the whois client, which is not setuid but is someti ...)
 	- whois 4.6.7
-CVE-2003-0708
+CVE-2003-0708 (Format string vulnerability in LinuxNode (node) before 0.3.2 may allow ...)
 	{DSA-375}
 	- node 0.3.2-1
-CVE-2003-0707
+CVE-2003-0707 (Buffer overflow in LinuxNode (node) before 0.3.2 allows remote attacke ...)
 	{DSA-375}
 	- node 0.3.2-1
-CVE-2003-0706
+CVE-2003-0706 (Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote atta ...)
 	{DSA-378}
 	- mah-jong 1.5.6-2
-CVE-2003-0705
+CVE-2003-0705 (Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers  ...)
 	{DSA-378}
 	- mah-jong 1.5.6-2
-CVE-2003-0704
+CVE-2003-0704 (KisMAC before 0.05d trusts user-supplied variables when chown'ing file ...)
 	NOT-FOR-US: KisMAC for Mac OS X
-CVE-2003-0703
+CVE-2003-0703 (KisMAC before 0.05d trusts user-supplied variables to load arbitrary k ...)
 	NOT-FOR-US: KisMAC for Mac OS X
-CVE-2003-0702
+CVE-2003-0702 (Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0701
+CVE-2003-0701 (Buffer overflow in Internet Explorer 6 SP1 for certain languages that  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0700
+CVE-2003-0700 (The C-Media PCI sound driver in Linux before 2.4.22 does not use the g ...)
 	NOTE: fixed in 2.4.22-pre3
-CVE-2003-0699
+CVE-2003-0699 (The C-Media PCI sound driver in Linux before 2.4.21 does not use the g ...)
 	NOTE: fixed in 2.4.21-rc2
 CVE-2003-0698
 	REJECTED
-CVE-2003-0697
+CVE-2003-0697 (Format string vulnerability in lpd in the bos.rte.printers fileset for ...)
 	NOT-FOR-US: AIX
-CVE-2003-0696
+CVE-2003-0696 (The getipnodebyname() API in AIX 5.1 and 5.2 does not properly close s ...)
 	NOT-FOR-US: AIX
-CVE-2003-0695
+CVE-2003-0695 (Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow  ...)
 	{DSA-383 DSA-382}
 	- openssh 1:3.7.1
-CVE-2003-0694
+CVE-2003-0694 (The prescan function in Sendmail 8.12.9 allows remote attackers to exe ...)
 	{DSA-384}
 	- sendmail 8.12.10-1
-CVE-2003-0693
+CVE-2003-0693 (A "buffer management error" in buffer_append_space of buffer.c for Ope ...)
 	{DSA-383 DSA-382}
 	- openssh 1:3.6.1p2-6.0
-CVE-2003-0692
+CVE-2003-0692 (KDM in KDE 3.1.3 and earlier uses a weak session cookie generation alg ...)
 	{DSA-388}
 	- kdebase 4:3.2
 CVE-2003-0691
 	REJECTED
-CVE-2003-0690
+CVE-2003-0690 (KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred f ...)
 	{DSA-443 DSA-388}
 	- xfree86 4.3.0-0pre1v2
 	- kdebase 4:3.2
-CVE-2003-0689
+CVE-2003-0689 (The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows ...)
 	- glibc 2.2.5
-CVE-2003-0688
+CVE-2003-0688 (The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdn ...)
 	- sendmail 8.12.9
 CVE-2003-0687
 	REJECTED
-CVE-2003-0686
+CVE-2003-0686 (Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when au ...)
 	{DSA-374}
 	- libpam-smb <removed>
-CVE-2003-0685
+CVE-2003-0685 (Buffer overflow in Netris 0.52 and earlier, and possibly other version ...)
 	{DSA-372}
 	- netris 0.52-1
 CVE-2003-0684
 	REJECTED
-CVE-2003-0683
+CVE-2003-0683 (NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certa ...)
 	NOT-FOR-US: SGI
-CVE-2003-0682
+CVE-2003-0682 ("Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a dif ...)
 	{DSA-383 DSA-382}
 	- openssh 1:3.6.1p2-9
-CVE-2003-0681
+CVE-2003-0681 (A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9,  ...)
 	{DSA-384}
 	- sendmail 8.12.10-1
-CVE-2003-0680
+CVE-2003-0680 (Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow ...)
 	NOT-FOR-US: SGI IRIX
-CVE-2003-0679
+CVE-2003-0679 (Unknown vulnerability in the libcpr library for the Checkpoint/Restart ...)
 	NOT-FOR-US: SGI IRIX
 CVE-2003-0678
 	REJECTED
-CVE-2003-0677
+CVE-2003-0677 (Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to ...)
 	NOT-FOR-US: Cisco
-CVE-2003-0676
+CVE-2003-0676 (Directory traversal vulnerability in ViewLog for iPlanet Administratio ...)
 	NOT-FOR-US: Sun iPlanet
-CVE-2003-0672
+CVE-2003-0672 (Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remo ...)
 	{DSA-370}
 	- pam-pgsql 0.5.2-7
-CVE-2003-0671
+CVE-2003-0671 (Format string vulnerability in tcpflow, when used in a setuid context, ...)
 	NOT-FOR-US: sustworks IPNetSentryX
-CVE-2003-0670
+CVE-2003-0670 (Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff ne ...)
 	NOT-FOR-US: sustworks IPNetSentryX
-CVE-2003-0669
+CVE-2003-0669 (Unknown vulnerability in Solaris 2.6 through 9 causes a denial of serv ...)
 	NOT-FOR-US: solaris
 CVE-2003-0668
 	RESERVED
 CVE-2003-0667
 	RESERVED
-CVE-2003-0666
+CVE-2003-0666 (Buffer overflow in Microsoft Wordperfect Converter allows remote attac ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0665
+CVE-2003-0665 (Buffer overflow in the ActiveX control for Microsoft Access Snapshot V ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0664
+CVE-2003-0664 (Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certa ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0663
+CVE-2003-0663 (Unknown vulnerability in the Local Security Authority Subsystem Servic ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0662
+CVE-2003-0662 (Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Micr ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0661
+CVE-2003-0661 (The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0660
+CVE-2003-0660 (The Authenticode capability in Microsoft Windows NT through Server 200 ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0659
+CVE-2003-0659 (Buffer overflow in a function in User32.dll on Windows NT through Serv ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0658
+CVE-2003-0658 (Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenS ...)
 	NOT-FOR-US: docview / caldera
-CVE-2003-0657
+CVE-2003-0657 (Multiple SQL injection vulnerabilities in the infolog module for phpgr ...)
 	{DSA-365}
 	- phpgroupware 0.9.14.007-1
-CVE-2003-0656
+CVE-2003-0656 (eroaster before 2.2.0 allows local users to overwrite arbitrary files  ...)
 	{DSA-366}
 	- eroaster 2.2.0-0.5-1
-CVE-2003-0655
+CVE-2003-0655 (rscsi in cdrtools 2.01 and earlier allows local users to overwrite arb ...)
 	- cdrtools 4:2.0+a18-1
-CVE-2003-0654
+CVE-2003-0654 (Buffer overflow in autorespond may allow remote attackers to execute a ...)
 	{DSA-373}
 	- autorespond 2.0.4-1
-CVE-2003-0653
+CVE-2003-0653 (The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier doe ...)
 	NOT-FOR-US: NetBSD
-CVE-2003-0652
+CVE-2003-0652 (Buffer overflow in xtokkaetama allows local users to gain privileges v ...)
 	{DSA-367}
 	- xtokkaetama 1.0b-9
-CVE-2003-0651
+CVE-2003-0651 (Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 an ...)
 	NOT-FOR-US: mod_mylo for apache
-CVE-2003-0650
+CVE-2003-0650 (Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, po ...)
 	NOT-FOR-US: gamespy
-CVE-2003-0649
+CVE-2003-0649 (Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local us ...)
 	{DSA-368}
 	- xpcd 2.08-9
-CVE-2003-0648
+CVE-2003-0648 (Multiple buffer overflows in vfte, based on FTE, before 0.50, allow lo ...)
 	{DSA-472}
 	- fte 0.50.0-1.1 (bug #203871)
-CVE-2003-0647
+CVE-2003-0647 (Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allo ...)
 	NOT-FOR-US: Cisco
-CVE-2003-0646
+CVE-2003-0646 (Multiple buffer overflows in ActiveX controls used by Trend Micro Hous ...)
 	NOT-FOR-US: ActiveX
-CVE-2003-0645
+CVE-2003-0645 (man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE  ...)
 	{DSA-364}
 	- man-db 2.4.1-13
-CVE-2003-0644
+CVE-2003-0644 (Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc fil ...)
 	- kdbg 1.2.9-1
-CVE-2003-0643
+CVE-2003-0643 (Integer signedness error in the Linux Socket Filter implementation (fi ...)
 	{DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in archive; 2.4.22-pre10)
-CVE-2003-0642
+CVE-2003-0642 (WatchGuard ServerLock for Windows 2000 before SL 2.0.4 allows local us ...)
 	NOT-FOR-US: Watchguard / win
-CVE-2003-0641
+CVE-2003-0641 (WatchGuard ServerLock for Windows 2000 before SL 2.0.3 allows local us ...)
 	NOT-FOR-US: Watchguard / win
-CVE-2003-0640
+CVE-2003-0640 (BEA WebLogic Server and Express, when using NodeManager to start serve ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2003-0639
+CVE-2003-0639 (Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allow ...)
 	NOT-FOR-US: novell ichain
-CVE-2003-0638
+CVE-2003-0638 (Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, a ...)
 	NOT-FOR-US: novell ichain
-CVE-2003-0637
+CVE-2003-0637 (Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a n ...)
 	NOT-FOR-US: novell ichain
-CVE-2003-0636
+CVE-2003-0636 (Novell iChain 2.2 before Support Pack 1 does not properly verify that  ...)
 	NOT-FOR-US: novell ichain
-CVE-2003-0635
+CVE-2003-0635 (Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before S ...)
 	NOT-FOR-US: novell ichain
-CVE-2003-0634
+CVE-2003-0634 (Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Or ...)
 	NOT-FOR-US: oracle
-CVE-2003-0633
+CVE-2003-0633 (Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J  ...)
 	NOT-FOR-US: oracle
-CVE-2003-0632
+CVE-2003-0632 (Buffer overflow in the Oracle Applications Web Report Review (FNDWRR)  ...)
 	NOT-FOR-US: oracle
-CVE-2003-0631
+CVE-2003-0631 (VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 an ...)
 	NOT-FOR-US: VMware
-CVE-2003-0630
+CVE-2003-0630 (Multiple buffer overflows in the atari800.svgalib setuid program of th ...)
 	{DSA-359}
 	- atari800 1.3.1-2
-CVE-2003-0629
+CVE-2003-0629 (Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environ ...)
 	NOT-FOR-US: peoplesoft
-CVE-2003-0628
+CVE-2003-0628 (PeopleSoft Gateway Administration servlet (gateway.administration) in  ...)
 	NOT-FOR-US: peoplesoft
-CVE-2003-0627
+CVE-2003-0627 (psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote  ...)
 	NOT-FOR-US: peoplesoft
-CVE-2003-0626
+CVE-2003-0626 (psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote  ...)
 	NOT-FOR-US: peoplesoft
-CVE-2003-0625
+CVE-2003-0625 (Off-by-one error in certain versions of xfstt allows remote attackers  ...)
 	{DSA-360}
 	- xfstt 1.5.1-1
-CVE-2003-0624
+CVE-2003-0624 (Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp for B ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2003-0623
+CVE-2003-0623 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
 	NOT-FOR-US: BEA Tuxedo
-CVE-2003-0622
+CVE-2003-0622 (The Administration Console for BEA Tuxedo 8.1 and earlier allows remot ...)
 	NOT-FOR-US: BEA Tuxedo
-CVE-2003-0621
+CVE-2003-0621 (The Administration Console for BEA Tuxedo 8.1 and earlier allows remot ...)
 	NOT-FOR-US: BEA Tuxedo
-CVE-2003-0620
+CVE-2003-0620 (Multiple buffer overflows in man-db 2.4.1 and earlier, when installed  ...)
 	{DSA-364}
 	- man-db 2.4.1-13
-CVE-2003-0619
+CVE-2003-0619 (Integer signedness error in the decode_fh function of nfs3xdr.c in Lin ...)
 	{DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in archive; 2.4.21-pre3)
-CVE-2003-0618
+CVE-2003-0618 (Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local u ...)
 	{DSA-431}
 	- perl 5.8.3-3
-CVE-2003-0617
+CVE-2003-0617 (mindi 0.58 and earlier does not properly create temporary files, which ...)
 	{DSA-362}
 	- mindi 0.86-1
-CVE-2003-0616
+CVE-2003-0616 (Format string vulnerability in ePO service for McAfee ePolicy Orchestr ...)
 	NOT-FOR-US: McAfee
-CVE-2003-0615
+CVE-2003-0615 (Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm all ...)
 	{DSA-371}
 	- perl 5.8.0-19
-CVE-2003-0614
+CVE-2003-0614 (Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1  ...)
 	{DSA-355}
 	- gallery 1.3.4-3
-CVE-2003-0613
+CVE-2003-0613 (Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows l ...)
 	{DSA-369}
 	- zblast 1.2.1-7
-CVE-2003-0612
+CVE-2003-0612 (Multiple buffer overflows in main.c for Crafty 19.3 allow local users  ...)
 	- crafty 19.3-1
-CVE-2003-0611
+CVE-2003-0611 (Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain ...)
 	{DSA-356}
 	- xtokkaetama 1.0b-8
-CVE-2003-0610
+CVE-2003-0610 (Directory traversal vulnerability in ePO agent for McAfee ePolicy Orch ...)
 	NOT-FOR-US: McAfee
-CVE-2003-0609
+CVE-2003-0609 (Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris ...)
 	NOT-FOR-US: Solaris
 CVE-2003-0608
 	RESERVED
-CVE-2003-0607
+CVE-2003-0607 (Buffer overflow in xconq 7.4.1 allows local users to become part of th ...)
 	{DSA-354}
 	- xconq 7.4.1-2.1 (bug #202963)
-CVE-2003-0606
+CVE-2003-0606 (sup 1.8 and earlier does not properly create temporary files, which al ...)
 	{DSA-353}
 	- sup 1.8-9
-CVE-2003-0605
+CVE-2003-0605 (The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attac ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0604
+CVE-2003-0604 (Windows Media Player (WMP) 7 and 8, as running on Internet Explorer an ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0603
+CVE-2003-0603 (Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versi ...)
 	- bugzilla 2.16.3
-CVE-2003-0602
+CVE-2003-0602 (Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x ...)
 	- bugzilla 2.16.3
-CVE-2003-0601
+CVE-2003-0601 (Workgroup Manager in Apple Mac OS X Server 10.2 through 10.2.6 does no ...)
 	NOT-FOR-US: Apple
 CVE-2003-0600
 	RESERVED
-CVE-2003-0599
+CVE-2003-0599 (Unknown vulnerability in the Virtual File System (VFS) capability for  ...)
 	{DSA-365}
 	- phpgroupware 0.9.14.007-1
 CVE-2003-0598
 	REJECTED
-CVE-2003-0597
+CVE-2003-0597 (Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7 ...)
 	NOT-FOR-US: Unixware
-CVE-2003-0596
+CVE-2003-0596 (FDclone 2.00a, and other versions before 2.02a, creates temporary dire ...)
 	{DSA-352}
 	- fdclone 2.04-1
-CVE-2003-0595
+CVE-2003-0595 (Buffer overflow in WiTango Application Server and Tango 2000 allows re ...)
 	NOT-FOR-US: WiTango Application Server and Tango 2000
-CVE-2003-0594
+CVE-2003-0594 (Mozilla allows remote attackers to bypass intended cookie access restr ...)
 	NOTE: cannot find reference to it being fixed.
-CVE-2003-0593
+CVE-2003-0593 (Opera allows remote attackers to bypass intended cookie access restric ...)
 	NOT-FOR-US: opera
-CVE-2003-0592
+CVE-2003-0592 (Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers t ...)
 	{DSA-459}
 	- kdelibs 4:3.1.3-1
 CVE-2003-0591
 	REJECTED
-CVE-2003-0590
+CVE-2003-0590 (Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote ...)
 	NOT-FOR-US: Splatt Forum
-CVE-2003-0589
+CVE-2003-0589 (admin.php in Digi-ads 1.1 allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: Digi-ads
-CVE-2003-0588
+CVE-2003-0588 (admin.php in Digi-news 1.1 allows remote attackers to bypass authentic ...)
 	NOT-FOR-US: Digi-news
-CVE-2003-0587
+CVE-2003-0587 (Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin  ...)
 	NOT-FOR-US: Infopop Ultimate Bulletin Board (UBB)
-CVE-2003-0586
+CVE-2003-0586 (Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to obtain s ...)
 	NOT-FOR-US: Brooky eStore
-CVE-2003-0585
+CVE-2003-0585 (SQL injection vulnerability in login.asp of Brooky eStore 1.0.1 throug ...)
 	NOT-FOR-US: Brooky eStore
-CVE-2003-0584
+CVE-2003-0584 (Format string vulnerability in Backup and Restore Utility for Unix (BR ...)
 	NOT-FOR-US: BRU
-CVE-2003-0583
+CVE-2003-0583 (Buffer overflow in Backup and Restore Utility for Unix (BRU) 17.0 and  ...)
 	NOT-FOR-US: BRU
 CVE-2003-0582
 	REJECTED
-CVE-2003-0581
+CVE-2003-0581 (X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to ...)
 	{DSA-360}
 	- xfstt 1.5-1
-CVE-2003-0580
+CVE-2003-0580 (Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier all ...)
 	NOT-FOR-US: IBM U2 UniVerse
-CVE-2003-0579
+CVE-2003-0579 (uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier trusts the user-suppli ...)
 	NOT-FOR-US: IBM U2 UniVerse
-CVE-2003-0578
+CVE-2003-0578 (cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and ...)
 	NOT-FOR-US: IBM U2 UniVerse
-CVE-2003-0577
+CVE-2003-0577 (mpg123 0.59r allows remote attackers to cause a denial of service and  ...)
 	- mpg123 0.59r-1
 	- mp3gain 1.5.2-r2-6 (low)
 	[wheezy] - mp3gain 1.5.2-r2-2+deb7u1
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
-CVE-2003-0576
+CVE-2003-0576 (Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and ...)
 	NOT-FOR-US: IRIX
-CVE-2003-0575
+CVE-2003-0575 (Heap-based buffer overflow in the name services daemon (nsd) in SGI IR ...)
 	NOT-FOR-US: IRIX
-CVE-2003-0574
+CVE-2003-0574 (Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly e ...)
 	NOT-FOR-US: IRIX
-CVE-2003-0573
+CVE-2003-0573 (The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possib ...)
 	NOT-FOR-US: IRIX
-CVE-2003-0572
+CVE-2003-0572 (Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and po ...)
 	NOT-FOR-US: IRIX
 CVE-2003-0571
 	REJECTED
@@ -2182,241 +2182,241 @@ CVE-2003-0569
 	REJECTED
 CVE-2003-0568
 	REJECTED
-CVE-2003-0567
+CVE-2003-0567 (Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause  ...)
 	NOT-FOR-US: Cisco
 CVE-2003-0566
 	RESERVED
-CVE-2003-0565
+CVE-2003-0565 (Multiple vulnerabilities in multiple vendor implementations of the X.4 ...)
 	NOTE: affects many implementations of the X.400 protocol
-CVE-2003-0564
+CVE-2003-0564 (Multiple vulnerabilities in multiple vendor implementations of the Sec ...)
 	NOTE: affects multiple S/MIME implementations
 	NOTE: checked current mozilla, which contains safe NSS 3.9.1
 	- mozilla 2:1.7.3
 CVE-2003-0563
 	RESERVED
-CVE-2003-0562
+CVE-2003-0562 (Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 ...)
 	NOT-FOR-US: Novell Netware
-CVE-2003-0561
+CVE-2003-0561 (Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers ...)
 	NOT-FOR-US: IglooFTP
-CVE-2003-0560
+CVE-2003-0560 (SQL injection vulnerability in shopexd.asp for VP-ASP allows remote at ...)
 	NOT-FOR-US: VP-ASP
-CVE-2003-0559
+CVE-2003-0559 (mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows ...)
 	NOT-FOR-US: phpforum
-CVE-2003-0558
+CVE-2003-0558 (Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to exec ...)
 	NOT-FOR-US: LeapFTP
-CVE-2003-0557
+CVE-2003-0557 (SQL injection vulnerability in login.asp for StoreFront 6.0, and possi ...)
 	NOT-FOR-US: StoreFront
-CVE-2003-0556
+CVE-2003-0556 (Polycom MGC 25 allows remote attackers to cause a denial of service (c ...)
 	NOT-FOR-US: Polycom MGC
-CVE-2003-0555
+CVE-2003-0555 (ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of  ...)
 	NOTE: imagemagick %x exploit failed with 6.0.6.2-1.5
-CVE-2003-0554
+CVE-2003-0554 (NeoModus Direct Connect 1.0 build 9, and possibly other versions, allo ...)
 	NOT-FOR-US: NeoModus Direct Connect
-CVE-2003-0553
+CVE-2003-0553 (Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll)  ...)
 	NOT-FOR-US: Netscape
-CVE-2003-0552
+CVE-2003-0552 (Linux 2.4.x allows remote attackers to spoof the bridge Forwarding tab ...)
 	{DSA-423 DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive; 2.4.22-pre3)
-CVE-2003-0551
+CVE-2003-0551 (The STP protocol implementation in Linux 2.4.x does not properly verif ...)
 	{DSA-423 DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive; 2.4.22-pre3)
-CVE-2003-0550
+CVE-2003-0550 (The STP protocol, as enabled in Linux 2.4.x, does not provide sufficie ...)
 	{DSA-423 DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive; 2.4.22-pre3)
-CVE-2003-0549
+CVE-2003-0549 (The X Display Manager Control Protocol (XDMCP) support for GDM before  ...)
 	- gdm 2.4.1.5
-CVE-2003-0548
+CVE-2003-0548 (The X Display Manager Control Protocol (XDMCP) support for GDM before  ...)
 	- gdm 2.4.1.5
-CVE-2003-0547
+CVE-2003-0547 (GDM before 2.4.1.6, when using the "examine session errors" feature, a ...)
 	- gdm 2.4.1.5
-CVE-2003-0546
+CVE-2003-0546 (up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures,  ...)
 	NOT-FOR-US: up2date
-CVE-2003-0545
+CVE-2003-0545 (Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to  ...)
 	{DSA-394 DSA-393}
 	- openssl 0.9.7c
 	- openssl096 0.9.6k
-CVE-2003-0544
+CVE-2003-0544 (OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characte ...)
 	{DSA-394 DSA-393}
 	- openssl 0.9.7c
 	- openssl096 0.9.6k
-CVE-2003-0543
+CVE-2003-0543 (Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to ...)
 	{DSA-394 DSA-393}
 	- openssl 0.9.7c
 	- openssl096 0.9.6k
-CVE-2003-0542
+CVE-2003-0542 (Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rew ...)
 	- apache2 2.0.48
 	- apache 1.3.29
-CVE-2003-0541
+CVE-2003-0541 (gtkhtml before 1.1.10, as used in Evolution, allows remote attackers t ...)
 	{DSA-710-1}
 	- evolution <not-affected> (Does not affect evolution on debian)
 	- gtkhtml 1.0.4-6.2
-CVE-2003-0540
+CVE-2003-0540 (The address parser code in Postfix 1.1.12 and earlier allows remote at ...)
 	{DSA-363}
 	- postfix 1.1.12
-CVE-2003-0539
+CVE-2003-0539 (skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and th ...)
 	{DSA-343}
 	- skk 10.62a-6
 	- ddskk 12.1.cvs.20030622-1
-CVE-2003-0538
+CVE-2003-0538 (The mailcap file for mozart 1.2.5 and earlier causes Oz applications t ...)
 	{DSA-342}
 	- mozart 1.2.5.20030212-2
-CVE-2003-0537
+CVE-2003-0537 (The liece Emacs IRC client 2.0+0.20030527 and earlier creates temporar ...)
 	{DSA-341}
 	- liece 2.0+0.20030527cvs-1
-CVE-2003-0536
+CVE-2003-0536 (Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows ...)
 	{DSA-346}
 	- phpsysinfo 2.1-1
-CVE-2003-0535
+CVE-2003-0535 (Buffer overflow in xbl 1.0k and earlier allows local users to gain pri ...)
 	{DSA-345}
 	- xbl 1.0k-6
 CVE-2003-0534
 	RESERVED
-CVE-2003-0533
+CVE-2003-0533 (Stack-based buffer overflow in certain Active Directory service functi ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0532
+CVE-2003-0532 (Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0531
+CVE-2003-0531 (Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0530
+CVE-2003-0530 (Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer ...)
 	NOT-FOR-US: Microsoft
 CVE-2003-0529
 	RESERVED
-CVE-2003-0528
+CVE-2003-0528 (Heap-based buffer overflow in the Distributed Component Object Model ( ...)
 	NOT-FOR-US: Microsoft
 CVE-2003-0527
 	RESERVED
-CVE-2003-0526
+CVE-2003-0526 (Cross-site scripting (XSS) vulnerability in Microsoft Internet Securit ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0525
+CVE-2003-0525 (The getCanonicalPath function in Windows NT 4.0 may free memory that i ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0524
+CVE-2003-0524 (Qt in Knoppix 3.1 Live CD allows local users to overwrite arbitrary fi ...)
 	- qt-x11-free <not-affected> (appears specific to the knoppix CD)
-CVE-2003-0523
+CVE-2003-0523 (Cross-site scripting (XSS) vulnerability in msg.asp for certain versio ...)
 	NOT-FOR-US: ProductCart
-CVE-2003-0522
+CVE-2003-0522 (Multiple SQL injection vulnerabilities in ProductCart 1.5 through 2 al ...)
 	NOT-FOR-US: ProductCart
-CVE-2003-0521
+CVE-2003-0521 (Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote ...)
 	NOT-FOR-US: cPanel is not our cpanel
-CVE-2003-0520
+CVE-2003-0520 (Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a  ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2003-0519
+CVE-2003-0519 (Certain versions of Internet Explorer 5 and 6, in certain Windows envi ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0518
+CVE-2003-0518 (The screen saver in MacOS X allows users with physical access to cause ...)
 	NOT-FOR-US: MacOS
-CVE-2003-0517
+CVE-2003-0517 (faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwri ...)
 	- mgetty 1.1.29 (bug #199351)
-CVE-2003-0516
+CVE-2003-0516 (cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printa ...)
 	- mgetty 1.1.29 (bug #199351)
-CVE-2003-0515
+CVE-2003-0515 (SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authe ...)
 	{DSA-347}
 	- teapop 0.3.5-2
-CVE-2003-0514
+CVE-2003-0514 (Apple Safari allows remote attackers to bypass intended cookie access  ...)
 	NOT-FOR-US: Safari
-CVE-2003-0513
+CVE-2003-0513 (Microsoft Internet Explorer allows remote attackers to bypass intended ...)
 	NOT-FOR-US: MSIE
-CVE-2003-0512
+CVE-2003-0512 (Cisco IOS 12.2 and earlier generates a "% Login invalid" message inste ...)
 	NOT-FOR-US: Cisco
-CVE-2003-0511
+CVE-2003-0511 (The web server for Cisco Aironet AP1x00 Series Wireless devices runnin ...)
 	NOT-FOR-US: Cisco
-CVE-2003-0510
+CVE-2003-0510 (Format string vulnerability in ezbounce 1.0 through 1.50 allows remote ...)
 	NOT-FOR-US: ezbounce
-CVE-2003-0509
+CVE-2003-0509 (SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allow ...)
 	NOT-FOR-US: Cyberstrong eShop
-CVE-2003-0508
+CVE-2003-0508 (Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Rea ...)
 	NOT-FOR-US: acroread
-CVE-2003-0507
+CVE-2003-0507 (Stack-based buffer overflow in Active Directory in Windows 2000 before ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0506
+CVE-2003-0506 (Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to c ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0505
+CVE-2003-0505 (Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 be ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0504
+CVE-2003-0504 (Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0. ...)
 	{DSA-365}
 	- phpgroupware 0.9.14.007-1
-CVE-2003-0503
+CVE-2003-0503 (Buffer overflow in the ShellExecute API function of SHELL32.DLL in Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0502
+CVE-2003-0502 (Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote  ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2003-0501
+CVE-2003-0501 (The /proc filesystem in Linux allows local users to obtain sensitive i ...)
 	{DSA-423 DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive; 2.4.22-pre10)
-CVE-2003-0500
+CVE-2003-0500 (SQL injection vulnerability in the PostgreSQL authentication module (m ...)
 	{DSA-338}
 	- proftpd 1.2.8-8
-CVE-2003-0499
+CVE-2003-0499 (Mantis 0.17.5 and earlier stores its database password in cleartext in ...)
 	{DSA-335}
 	- mantis 0.17.5-6
-CVE-2003-0498
+CVE-2003-0498 (Cach&#233; Database 5.x installs the /cachesys/csp directory with inse ...)
 	NOT-FOR-US: Intersystems Cache database
-CVE-2003-0497
+CVE-2003-0497 (Cach&#233; Database 5.x installs /cachesys/bin/cache with world-writab ...)
 	NOT-FOR-US: Intersystems Cache database
-CVE-2003-0496
+CVE-2003-0496 (Microsoft SQL Server before Windows 2000 SP4 allows local users to gai ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0495
+CVE-2003-0495 (Cross-site scripting (XSS) vulnerability in LedNews 0.7 allows remote  ...)
 	NOT-FOR-US: lednews; not in debian
-CVE-2003-0494
+CVE-2003-0494 (password.asp in Snitz Forums 3.4.03 and earlier allows remote attacker ...)
 	NOT-FOR-US: snitz forums; not in debian
-CVE-2003-0493
+CVE-2003-0493 (Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as ...)
 	NOT-FOR-US: snitz forums; not in debian
-CVE-2003-0492
+CVE-2003-0492 (Cross-site scripting (XSS) vulnerability in search.asp for Snitz Forum ...)
 	NOT-FOR-US: snitz forums; not in debian
-CVE-2003-0491
+CVE-2003-0491 (The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers  ...)
 	NOT-FOR-US: Xoops
-CVE-2003-0490
+CVE-2003-0490 (The installation of Dantz Retrospect Client 5.0.540 on MacOS X 10.2.6, ...)
 	NOT-FOR-US: Dantz Retrospect
-CVE-2003-0489
+CVE-2003-0489 (tcptraceroute 1.4 and earlier does not fully drop privileges after obt ...)
 	{DSA-330}
 	- tcptraceroute 1.4-4
-CVE-2003-0488
+CVE-2003-0488 (Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServe ...)
 	NOT-FOR-US: Kerio Mail server
-CVE-2003-0487
+CVE-2003-0487 (Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authe ...)
 	NOT-FOR-US: Kerio Mail server
-CVE-2003-0486
+CVE-2003-0486 (SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earli ...)
 	- phpbb2 2.0.6
-CVE-2003-0485
+CVE-2003-0485 (Buffer overflow in Progress 4GL Compiler 9.1D06 and earlier allows att ...)
 	NOT-FOR-US: Progress 4GL Compiler
-CVE-2003-0484
+CVE-2003-0484 (Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB al ...)
 	- phpbb2 2.0.6d-3
-CVE-2003-0483
+CVE-2003-0483 (Cross-site scripting (XSS) vulnerabilities in XMB Forum 1.8 Partagium  ...)
 	NOT-FOR-US: XMB Forum
-CVE-2003-0482
+CVE-2003-0482 (TUTOS 1.1 allows remote attackers to execute arbitrary code by uploadi ...)
 	- tutos 1.1.20030715-1
-CVE-2003-0481
+CVE-2003-0481 (Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow ...)
 	- tutos 1.1.20030715-1
-CVE-2003-0480
+CVE-2003-0480 (VMware Workstation 4.0 for Linux allows local users to overwrite arbit ...)
 	NOT-FOR-US: VMware
-CVE-2003-0479
+CVE-2003-0479 (Cross-site scripting (XSS) vulnerability in the guestbook for WebBBS a ...)
 	NOT-FOR-US: WebBBS; not in debian
-CVE-2003-0478
+CVE-2003-0478 (Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, an ...)
 	NOT-FOR-US: bahamut and other irc daemons; not in debian
-CVE-2003-0477
+CVE-2003-0477 (wzdftpd 0.1rc4 and earlier allows remote attackers to cause a denial o ...)
 	- wzdftpd 0.2
-CVE-2003-0476
+CVE-2003-0476 (The execve system call in Linux 2.4.x records the file descriptor of t ...)
 	{DSA-423 DSA-358}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive; 2.4.22-pre4)
-CVE-2003-0475
+CVE-2003-0475 (Directory traversal vulnerability in iWeb Server 2 allows remote attac ...)
 	NOT-FOR-US: iWeb server
-CVE-2003-0474
+CVE-2003-0474 (Directory traversal vulnerability in iWeb Server allows remote attacke ...)
 	NOT-FOR-US: iWeb server
-CVE-2003-0473
+CVE-2003-0473 (Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes sno ...)
 	NOT-FOR-US: SGI IRIX
-CVE-2003-0472
+CVE-2003-0472 (The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a  ...)
 	NOT-FOR-US: SGI IRIX
-CVE-2003-0471
+CVE-2003-0471 (Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers t ...)
 	NOT-FOR-US: webadmin / win
-CVE-2003-0470
+CVE-2003-0470 (Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuF ...)
 	NOT-FOR-US: symantec activex
-CVE-2003-0469
+CVE-2003-0469 (Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0468
+CVE-2003-0468 (Postfix 1.1.11 and earlier allows remote attackers to use Postfix to c ...)
 	{DSA-363}
 	- postfix 1.1.12
-CVE-2003-0467
+CVE-2003-0467 (Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kern ...)
 	NOTE: fixed in linux 2.4.21
-CVE-2003-0466
+CVE-2003-0466 (Off-by-one error in the fb_realpath() function, as derived from the re ...)
 	{DSA-357}
 	- wu-ftpd 2.6.2-12
-CVE-2003-0465
+CVE-2003-0465 (The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the ...)
 	- linux-2.6 <not-affected> (Generic C version fixed in 2.6.x)
 	NOTE: generic .c version fixed in 2.6.x but not in 2.4.x
 	NOTE: arch specific asm versions:
@@ -2425,655 +2425,655 @@ CVE-2003-0465
 	NOTE: not an issue on alpha, see bug #280492
 	- kernel-source-2.4.27 2.4.27-8
 	NOTE: above fixes s390x, ppc64 and s390 and generic C version
-CVE-2003-0464
+CVE-2003-0464 (The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are  ...)
 	NOTE: fixed in linux 2.4.22-pre8
 CVE-2003-0463
 	REJECTED
-CVE-2003-0462
+CVE-2003-0462 (A race condition in the way env_start and env_end pointers are initial ...)
 	{DSA-423 DSA-358}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.1)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive; 2.4.22-pre10)
-CVE-2003-0461
+CVE-2003-0461 (/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of cha ...)
 	{DSA-423 DSA-358}
 	[sarge] - kernel-source-2.6.8 <not-affected> (Fixed before upload into archive; 2.6.1)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.1)
 	- kernel-source-2.4.27 2.4.27-1
-CVE-2003-0460
+CVE-2003-0460 (The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 s ...)
 	- apache <not-affected> (Affects only Apache for Windows and OS/2)
-CVE-2003-0459
+CVE-2003-0459 (KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication ...)
 	{DSA-361}
 	- kdelibs 4:3.1.3-1
-CVE-2003-0458
+CVE-2003-0458 (Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and  ...)
 	NOT-FOR-US: HP
 CVE-2003-0457
 	RESERVED
-CVE-2003-0456
+CVE-2003-0456 (VisNetic WebSite 3.5 allows remote attackers to obtain the full pathna ...)
 	NOT-FOR-US: visnetic website
-CVE-2003-0455
+CVE-2003-0455 (The imagemagick libmagick library 5.5 and earlier creates temporary fi ...)
 	{DSA-331}
 	- imagemagick 4:5.5.7-1
-CVE-2003-0454
+CVE-2003-0454 (Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local us ...)
 	{DSA-334}
 	- xgalaga 2.0.34-22
-CVE-2003-0453
+CVE-2003-0453 (traceroute-nanog 6.1.1 allows local users to overwrite unauthorized me ...)
 	{DSA-348}
 	- traceroute-nanog 6.3.6-3
-CVE-2003-0452
+CVE-2003-0452 (Buffer overflows in osh before 1.7-11 allow local users to execute arb ...)
 	{DSA-329}
 	- osh 1.7-12
-CVE-2003-0451
+CVE-2003-0451 (Multiple buffer overflows in xbl before 1.0k allow local users to gain ...)
 	{DSA-327}
 	- xbl 1.0k-5
-CVE-2003-0450
+CVE-2003-0450 (Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remot ...)
 	{DSA-321}
 	- radiusd-cistron 1.6.6-2
-CVE-2003-0449
+CVE-2003-0449 (Progress Database 9.1 to 9.1D06 trusts user input to find and load lib ...)
 	NOT-FOR-US: progress database
-CVE-2003-0448
+CVE-2003-0448 (Portmon 1.7 and possibly earlier versions allows local users to read a ...)
 	NOT-FOR-US: portmon; not in debian
-CVE-2003-0447
+CVE-2003-0447 (The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6 ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0446
+CVE-2003-0446 (Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0445
+CVE-2003-0445 (Buffer overflow in webfs before 1.17.1 allows remote attackers to exec ...)
 	{DSA-328}
 	- webfs 1.20
-CVE-2003-0444
+CVE-2003-0444 (Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attac ...)
 	{DSA-337}
 	- gtksee 0.5.6-1
 CVE-2003-0443
 	RESERVED
-CVE-2003-0442
+CVE-2003-0442 (Cross-site scripting (XSS) vulnerability in the transparent SID suppor ...)
 	{DSA-351}
 	- php4 4:4.3.2+rc3-1
-CVE-2003-0441
+CVE-2003-0441 (Multiple buffer overflows in Orville Write (orville-write) 2.53 and ea ...)
 	{DSA-326}
 	- orville-write 2.54-1
-CVE-2003-0440
+CVE-2003-0440 (The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and  ...)
 	{DSA-339}
 	- semi 1.14.5+20030609-1 (bug #223456)
 	- wemi <removed>
 CVE-2003-0439
 	REJECTED
-CVE-2003-0438
+CVE-2003-0438 (eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local ...)
 	{DSA-325}
 	- eldav 0.7.2-1
-CVE-2003-0437
+CVE-2003-0437 (Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote att ...)
 	- mnogosearch 3.2.11
-CVE-2003-0436
+CVE-2003-0436 (Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote att ...)
 	- mnogosearch 3.2.11
-CVE-2003-0435
+CVE-2003-0435 (Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allow ...)
 	{DSA-322}
 	- typespeed 0.4.4
-CVE-2003-0434
+CVE-2003-0434 (Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 ...)
 	- kdegraphics <not-affected> (kdf does not seem to support hyperlinks; so not vulnerable)
 	- gpdf <not-affected> (gpdf 2.8.0 does not seem to be vulnerable)
 	- xpdf 2.02pl1-1
-CVE-2003-0433
+CVE-2003-0433 (Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attacker ...)
 	{DSA-315}
 	- gnocatan 0.8.0-1 (bug #328136)
 	- pioneers <not-affected> (bug #328136)
-CVE-2003-0432
+CVE-2003-0432 (Ethereal 0.9.12 and earlier does not handle certain strings properly,  ...)
 	{DSA-324}
 	- ethereal 0.9.13-1
-CVE-2003-0431
+CVE-2003-0431 (The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not ...)
 	{DSA-324}
 	- ethereal 0.9.13-1
-CVE-2003-0430
+CVE-2003-0430 (The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote atta ...)
 	- ethereal 0.9.13-1
-CVE-2003-0429
+CVE-2003-0429 (The OSI dissector in Ethereal 0.9.12 and earlier allows remote attacke ...)
 	{DSA-324}
 	- ethereal 0.9.13-1
-CVE-2003-0428
+CVE-2003-0428 (Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0. ...)
 	{DSA-324}
 	- ethereal 0.9.13-1
-CVE-2003-0427
+CVE-2003-0427 (Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to ...)
 	{DSA-320}
 	- mikmod 3.1.6-6
-CVE-2003-0426
+CVE-2003-0426 (The installation of Apple QuickTime / Darwin Streaming Server before 4 ...)
 	NOT-FOR-US: Apple
-CVE-2003-0425
+CVE-2003-0425 (Directory traversal vulnerability in Apple QuickTime / Darwin Streamin ...)
 	NOT-FOR-US: Apple
-CVE-2003-0424
+CVE-2003-0424 (Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote  ...)
 	NOT-FOR-US: Apple
-CVE-2003-0423
+CVE-2003-0423 (parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1. ...)
 	NOT-FOR-US: Apple
-CVE-2003-0422
+CVE-2003-0422 (Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote  ...)
 	NOT-FOR-US: Apple
-CVE-2003-0421
+CVE-2003-0421 (Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote  ...)
 	NOT-FOR-US: Apple
-CVE-2003-0420
+CVE-2003-0420 (Information leak in dsimportexport for Apple Macintosh OS X Server 10. ...)
 	NOT-FOR-US: Apple
-CVE-2003-0419
+CVE-2003-0419 (SMC Networks Barricade Wireless Cable/DSL Broadband Router SMC7004VWBR ...)
 	NOT-FOR-US: SMC
-CVE-2003-0418
+CVE-2003-0418 (The Linux 2.0 kernel IP stack does not properly calculate the size of  ...)
 	- kernel-source-2.4.27 <not-affected> (Affects only Linux 2.0.x)
 	- linux-2.6 <not-affected> (Affects only Linux 2.0.x)
-CVE-2003-0417
+CVE-2003-0417 (Directory traversal vulnerability in Son hServer 0.2 allows remote att ...)
 	NOT-FOR-US: Son hServer
-CVE-2003-0416
+CVE-2003-0416 (Cross-site scripting (XSS) vulnerability in index.cgi for Bandmin 1.4  ...)
 	NOT-FOR-US: bandmin;
-CVE-2003-0415
+CVE-2003-0415 (Remote PC Access Server 2.2 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Remote PC Access
-CVE-2003-0414
+CVE-2003-0414 (The installation of Sun ONE Application Server 7.0 for Windows 2000/XP ...)
 	NOT-FOR-US: Sun ONE
-CVE-2003-0413
+CVE-2003-0413 (Cross-site scripting (XSS) vulnerability in the webapps-simple sample  ...)
 	NOT-FOR-US: Sun ONE
-CVE-2003-0412
+CVE-2003-0412 (Sun ONE Application Server 7.0 for Windows 2000/XP does not log the co ...)
 	NOT-FOR-US: Sun ONE
-CVE-2003-0411
+CVE-2003-0411 (Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attac ...)
 	NOT-FOR-US: Sun ONE
-CVE-2003-0410
+CVE-2003-0410 (Buffer overflow in AnalogX Proxy 4.13 allows remote attackers to execu ...)
 	NOT-FOR-US: AnalogX proxy
-CVE-2003-0409
+CVE-2003-0409 (Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attack ...)
 	NOT-FOR-US: BRS WebWeaver
-CVE-2003-0408
+CVE-2003-0408 (Buffer overflow in Uptime Client (UpClient) 5.0b7, and possibly other  ...)
 	NOT-FOR-US: Uptimes Project upclient;
-CVE-2003-0407
+CVE-2003-0407 (Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remo ...)
 	- gbatnav 1.0.4-4
-CVE-2003-0406
+CVE-2003-0406 (PalmVNC 1.40 and earlier stores passwords in plaintext in the PalmVNCD ...)
 	NOT-FOR-US: PalmVNC
-CVE-2003-0405
+CVE-2003-0405 (Vignette StoryServer 5 and Vignette V/6 allows remote attackers to exe ...)
 	NOT-FOR-US: Vignette
-CVE-2003-0404
+CVE-2003-0404 (Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryS ...)
 	NOT-FOR-US: Vignette
-CVE-2003-0403
+CVE-2003-0403 (Vignette StoryServer 5 and Vignette V/5 allows remote attackers to rea ...)
 	NOT-FOR-US: Vignette
-CVE-2003-0402
+CVE-2003-0402 (The default login template (/vgn/login) in Vignette StoryServer 5 and  ...)
 	NOT-FOR-US: Vignette
-CVE-2003-0401
+CVE-2003-0401 (Vignette StoryServer and Vignette V/5 allows remote attackers to obtai ...)
 	NOT-FOR-US: Vignette
-CVE-2003-0400
+CVE-2003-0400 (Vignette StoryServer and Vignette V/5 does not properly calculate the  ...)
 	NOT-FOR-US: Vignette / AIX
-CVE-2003-0399
+CVE-2003-0399 (Vignette StoryServer 4 and 5, Vignette V/5, and possibly other version ...)
 	NOT-FOR-US: Vignette StoryServer
-CVE-2003-0398
+CVE-2003-0398 (Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, with the SSI E ...)
 	NOT-FOR-US: Vignette StoryServer
-CVE-2003-0397
+CVE-2003-0397 (Buffer overflow in FastTrack (FT) network code, as used in Kazaa 2.0.2 ...)
 	NOT-FOR-US: FastTrack network code (Kazaa)
-CVE-2003-0396
+CVE-2003-0396 (Buffer overflow in les for ATM on Linux (linux-atm) before 2.4.1, if u ...)
 	- linux-atm 2.4.1
-CVE-2003-0395
+CVE-2003-0395 (Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2003-0394
+CVE-2003-0394 (objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute ar ...)
 	NOT-FOR-US: BLNews
-CVE-2003-0393
+CVE-2003-0393 (Privacyware Privatefirewall 3.0 does not block certain incoming packet ...)
 	NOT-FOR-US: Privacyware Privatefirewall
-CVE-2003-0392
+CVE-2003-0392 (Directory traversal vulnerability in ST FTP Service 3.0 allows remote  ...)
 	NOT-FOR-US: ST FTP Service (DOS)
-CVE-2003-0391
+CVE-2003-0391 (Format string vulnerability in Magic WinMail Server 2.3, and possibly  ...)
 	NOT-FOR-US: Magic WinMail Server
-CVE-2003-0390
+CVE-2003-0390 (Multiple buffer overflows in Options Parsing Tool (OPT) shared library ...)
 	- opt 3.19
-CVE-2003-0389
+CVE-2003-0389 (Cross-site scripting (XSS) vulnerability in the secure redirect functi ...)
 	NOT-FOR-US: RSA ACE/Agent
-CVE-2003-0388
+CVE-2003-0388 (pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use ...)
 	- pam <not-affected> (pam is not vulnerable at all in sarge, according to maintainer)
 	NOTE: From the libc documentation:
 	NOTE: "The user cannot do anything to fool these functions."
 	NOTE: This means that this is not a bug in getlogin.
 CVE-2003-0387
 	RESERVED
-CVE-2003-0386
+CVE-2003-0386 (OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP  ...)
 	- openssh 1:3.8p1-1
-CVE-2003-0385
+CVE-2003-0385 (Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allow ...)
 	{DSA-310}
 	- xaos 3.1r-4
 CVE-2003-0384
 	RESERVED
-CVE-2003-0382
+CVE-2003-0382 (Buffer overflow in Eterm 0.9.2 allows local users to gain privileges v ...)
 	{DSA-309}
 	- eterm 0.9.2-1
-CVE-2003-0381
+CVE-2003-0381 (Multiple vulnerabilities in noweb 2.9 and earlier creates temporary fi ...)
 	{DSA-323}
 	- noweb 2.10c-3.1 (bug #271146)
-CVE-2003-0380
+CVE-2003-0380 (Buffer overflow in atftp daemon (atftpd) 0.6.1 and earlier, and possib ...)
 	{DSA-314}
 	- atftp 0.6.2
-CVE-2003-0379
+CVE-2003-0379 (Unknown vulnerability in Apple File Service (AFP Server) for Mac OS X  ...)
 	NOT-FOR-US: MaxOS
-CVE-2003-0378
+CVE-2003-0378 (The Kerberos login authentication feature in Mac OS X, when used with  ...)
 	NOT-FOR-US: MaxOS
-CVE-2003-0377
+CVE-2003-0377 (SQL injection vulnerability in the web-based administration interface  ...)
 	NOT-FOR-US: iisPROTECT
-CVE-2003-0376
+CVE-2003-0376 (Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Eudora
-CVE-2003-0375
+CVE-2003-0375 (Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB ...)
 	NOT-FOR-US: XMBforum aka Partagium)
-CVE-2003-0374
+CVE-2003-0374 (Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus  ...)
 	- nessus-core 2.0.6
-CVE-2003-0373
+CVE-2003-0373 (Multiple buffer overflows in libnasl in Nessus before 2.0.6 allow loca ...)
 	- nessus-core 2.0.6
-CVE-2003-0372
+CVE-2003-0372 (Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows  ...)
 	- nessus-core 2.0.6
-CVE-2003-0371
+CVE-2003-0371 (Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers  ...)
 	NOT-FOR-US: Prishtina FTP client
-CVE-2003-0370
+CVE-2003-0370 (Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Com ...)
 	{DSA-361}
 	- kdelibs 4:3.1.3-1
 CVE-2003-0369
 	RESERVED
-CVE-2003-0368
+CVE-2003-0368 (Nokia Gateway GPRS support node (GGSN) allows remote attackers to caus ...)
 	NOT-FOR-US: Nokia Gateway GPRS
-CVE-2003-0367
+CVE-2003-0367 (znew in the gzip package allows local users to overwrite arbitrary fil ...)
 	{DSA-308}
 	- gzip 1.3.5-6
-CVE-2003-0366
+CVE-2003-0366 (lyskom-server 2.0.7 and earlier allows unauthenticated users to cause  ...)
 	{DSA-318}
 	- lyskom-server 2.0.7-2
-CVE-2003-0365
+CVE-2003-0365 (ICQLite 2003a creates the ICQ Lite directory with an ACE for "Full Con ...)
 	NOT-FOR-US: ICQLite
-CVE-2003-0364
+CVE-2003-0364 (The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows ...)
 	{DSA-442 DSA-336 DSA-332 DSA-311}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-rc6)
-CVE-2003-0363
+CVE-2003-0363 (Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other ve ...)
 	- licq 1.2-7-1
-CVE-2003-0362
+CVE-2003-0362 (Buffer overflow in gPS before 0.10.2 may allow local users to cause a  ...)
 	{DSA-307}
 	- gps 1.1.0-1
-CVE-2003-0361
+CVE-2003-0361 (gPS before 1.1.0 does not properly follow the rgpsp connection source  ...)
 	{DSA-307}
 	- gps 1.1.0-1
-CVE-2003-0360
+CVE-2003-0360 (Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause ...)
 	{DSA-307}
 	- gps 1.1.0-1
-CVE-2003-0359
+CVE-2003-0359 (nethack 3.4.0 and earlier installs certain setgid binaries with insecu ...)
 	{DSA-316}
 	- nethack 3.4.1-1
 	- jnethack 1.1.5-15
 	- slashem 0.0.6E4F8-6
-CVE-2003-0358
+CVE-2003-0358 (Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1 ...)
 	{DSA-350 DSA-316}
 	- falconseye 1.9.3-9
 	- nethack 3.4.1-1
 	- slashem 0.0.6E4F8-6
 	- jnethack 1.1.5-15
-CVE-2003-0357
+CVE-2003-0357 (Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earli ...)
 	{DSA-313}
 	- ethereal 0.9.12-1
-CVE-2003-0356
+CVE-2003-0356 (Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier all ...)
 	{DSA-313}
 	- ethereal 0.9.12-1
-CVE-2003-0355
+CVE-2003-0355 (Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name  ...)
 	NOT-FOR-US: Safari
-CVE-2003-0354
+CVE-2003-0354 (Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers  ...)
 	- gs-gpl 7.07
-CVE-2003-0353
+CVE-2003-0353 (Buffer overflow in a component of SQL-DMO for Microsoft Data Access Co ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0352
+CVE-2003-0352 (Buffer overflow in a certain DCOM interface for RPC in Microsoft Windo ...)
 	NOT-FOR-US: Microsoft
 CVE-2003-0351
 	REJECTED
-CVE-2003-0350
+CVE-2003-0350 (The control for listing accessibility options in the Accessibility Uti ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0349
+CVE-2003-0349 (Buffer overflow in the streaming media component for logging multicast ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0348
+CVE-2003-0348 (A certain Microsoft Windows Media Player 9 Series ActiveX control allo ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0347
+CVE-2003-0347 (Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0346
+CVE-2003-0346 (Multiple integer overflows in a Microsoft Windows DirectX MIDI library ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0345
+CVE-2003-0345 (Buffer overflow in the SMB capability for Microsoft Windows XP, 2000,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0344
+CVE-2003-0344 (Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allo ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0343
+CVE-2003-0343 (BlackMoon FTP Server 2.6 Free Edition, and possibly other distribution ...)
 	NOT-FOR-US: BlackMoon FTP Server
-CVE-2003-0342
+CVE-2003-0342 (BlackMoon FTP Server 2.6 Free Edition, and possibly other distribution ...)
 	NOT-FOR-US: BlackMoon FTP Server
-CVE-2003-0341
+CVE-2003-0341 (Cross-site scripting (XSS) vulnerability in Owl Intranet Engine 0.71 a ...)
 	NOT-FOR-US: Owl Intranet Engine
-CVE-2003-0340
+CVE-2003-0340 (Demarc Puresecure 1.6 stores authentication information for the loggin ...)
 	NOT-FOR-US: Puresecure
-CVE-2003-0339
+CVE-2003-0339 (Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 a ...)
 	NOT-FOR-US: WsMp3
-CVE-2003-0338
+CVE-2003-0338 (Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and  ...)
 	NOT-FOR-US: WsMp3
-CVE-2003-0337
+CVE-2003-0337 (The ckconfig command in lsadmin for Load Sharing Facility (LSF) 5.1 al ...)
 	NOT-FOR-US: lsadmin
-CVE-2003-0336
+CVE-2003-0336 (Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files  ...)
 	NOT-FOR-US: Eudora
-CVE-2003-0335
+CVE-2003-0335 (rc.M in Slackware 9.0 calls quotacheck with the -M option, which cause ...)
 	NOT-FOR-US: Slaskware specific
-CVE-2003-0334
+CVE-2003-0334 (BitchX IRC client 1.0c20cvs and earlier allows attackers to cause a de ...)
 	- ircii-pana 1:1.0-0c19.20030512-1
-CVE-2003-0333
+CVE-2003-0333 (Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit ...)
 	NOT-FOR-US: C-Kermit on HP-UX
-CVE-2003-0332
+CVE-2003-0332 (The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier v ...)
 	NOT-FOR-US: BadBlue
-CVE-2003-0331
+CVE-2003-0331 (SQL injection vulnerability in ttForum allows remote attackers to exec ...)
 	NOT-FOR-US: ttForum
-CVE-2003-0330
+CVE-2003-0330 (Buffer overflow in unknown versions of Maelstrom allows local users to ...)
 	- maelstrom <not-affected> (Melstrom in Sarge tests not vulnerable to exploit. Unsure when fixed.)
-CVE-2003-0329
+CVE-2003-0329 (CesarFTP 0.99g stores user names and passwords in plaintext in the set ...)
 	NOT-FOR-US: CesarFTP
-CVE-2003-0328
+CVE-2003-0328 (EPIC IRC Client (EPIC4) pre2.002, pre2.003, and possibly later version ...)
 	{DSA-399 DSA-306}
 	- epic4 1:1.1.11.20030409-2
 	- ircii-pana 1:1.0-0c19-8
-CVE-2003-0327
+CVE-2003-0327 (Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers t ...)
 	NOT-FOR-US: Sybase Adaptive Server Enterprise
-CVE-2003-0326
+CVE-2003-0326 (Integer overflow in parse_decode_path() of slocate may allow attackers ...)
 	- slocate <not-affected> (Only an issue if kernel has been recompiled to allow 512 MB of command line arguments)
 	NOTE: Even if exploited, you get only slocate gid.
-CVE-2003-0325
+CVE-2003-0325 (Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local us ...)
 	- maelstrom <not-affected> (Melstrom in Sarge tests not vulnerable to exploit. Unsure when fixed.)
-CVE-2003-0324
+CVE-2003-0324 (Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote malici ...)
 	{DSA-287}
 	- epic4 1:1.1.11.20030409-1
 	- epic 3.004-19
-CVE-2003-0323
+CVE-2003-0323 (Multiple buffer overflows in ircII 20020912 allows remote malicious IR ...)
 	{DSA-298 DSA-291}
 	- epic4 1:1.1.11.20030409-1
 	- ircii 20030315-1
-CVE-2003-0322
+CVE-2003-0322 (Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows remo ...)
 	{DSA-306}
 	- ircii-pana 1:1.0-0c19-8
-CVE-2003-0321
+CVE-2003-0321 (Multiple buffer overflows in BitchX IRC client 1.0-0c19 and earlier al ...)
 	{DSA-306}
 	- ircii-pana 1:1.0-0c19-8
-CVE-2003-0320
+CVE-2003-0320 (header.php in ttCMS 2.3 and earlier allows remote attackers to inject  ...)
 	NOT-FOR-US: ttCMS
-CVE-2003-0319
+CVE-2003-0319 (Buffer overflow in the IMAP server (IMAPMax) for SmartMax MailMax 5.0. ...)
 	NOT-FOR-US: SmartMax MailMax
-CVE-2003-0318
+CVE-2003-0318 (Cross-site scripting (XSS) vulnerability in the Statistics module for  ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2003-0317
+CVE-2003-0317 (iisPROTECT 2.1 and 2.2 allows remote attackers to bypass authenticatio ...)
 	NOT-FOR-US: iisPROTECT
-CVE-2003-0316
+CVE-2003-0316 (Venturi Client before 2.2, as used in certain Fourelle and Venturi Wir ...)
 	NOT-FOR-US: Venturi Client
-CVE-2003-0315
+CVE-2003-0315 (Snowblind Web Server 1.0 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Snowblind Web Server
-CVE-2003-0314
+CVE-2003-0314 (Snowblind Web Server 1.0 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Snowblind Web Server
-CVE-2003-0313
+CVE-2003-0313 (Directory traversal vulnerability in Snowblind Web Server 1.0 allows r ...)
 	NOT-FOR-US: Snowblind Web Server
-CVE-2003-0312
+CVE-2003-0312 (Directory traversal vulnerability in Snowblind Web Server 1.0 allows r ...)
 	NOT-FOR-US: Snowblind Web Server
 CVE-2003-0311
 	RESERVED
-CVE-2003-0310
+CVE-2003-0310 (Cross-site scripting (XSS) vulnerability in articleview.php for eZ pub ...)
 	- ezpublish 2.2.8-1
-CVE-2003-0309
+CVE-2003-0309 (Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass ...)
 	NOT-FOR-US: MSIE
-CVE-2003-0308
+CVE-2003-0308 (The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely  ...)
 	{DSA-305}
 	- sendmail 8.12.9-2
-CVE-2003-0307
+CVE-2003-0307 (Poster version.two allows remote authenticated users to gain administr ...)
 	NOT-FOR-US: Poster version.two
-CVE-2003-0306
+CVE-2003-0306 (Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to exec ...)
 	NOT-FOR-US: Windows
-CVE-2003-0305
+CVE-2003-0305 (The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka  ...)
 	NOT-FOR-US: Cisco
-CVE-2003-0304
+CVE-2003-0304 (one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers t ...)
 	NOT-FOR-US: one||zero (aka One or Zero) Helpdesk
-CVE-2003-0303
+CVE-2003-0303 (SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1. ...)
 	NOT-FOR-US: one||zero (aka One or Zero) Helpdesk
-CVE-2003-0302
+CVE-2003-0302 (The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers  ...)
 	NOT-FOR-US: Eudora
-CVE-2003-0301
+CVE-2003-0301 (The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malic ...)
 	NOT-FOR-US: Microsort
-CVE-2003-0300
+CVE-2003-0300 (The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP serve ...)
 	NOT-FOR-US: Historic Sylpheed issues, only a crasher anyway
-CVE-2003-0299
+CVE-2003-0299 (The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote ...)
 	NOT-FOR-US: Historic mutt and Balsa issues, only a crasher anyway
-CVE-2003-0298
+CVE-2003-0298 (The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious IMAP  ...)
 	- mozilla 2:1.5-1
 	NOTE: May have been fixed in an earlier version. Not clear how
 	NOTE: Mozilla's a/b versions map to the Debian version.
-CVE-2003-0297
+CVE-2003-0297 (c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remo ...)
 	- uw-imap 7:2002c
 	- pine 4.62-1
 	- alpine <not-affected> (this was fixed in pine before alpine was released to the public)
 	NOTE: pine maybe fixed in earlier uploads, 4.62-1 is the sarge version and not vulnerable
-CVE-2003-0296
+CVE-2003-0296 (The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP serve ...)
 	- evolution 1.3.2
-CVE-2003-0295
+CVE-2003-0295 (Cross-site scripting (XSS) vulnerability in private.php for vBulletin  ...)
 	NOT-FOR-US: vBulletin
-CVE-2003-0294
+CVE-2003-0294 (autohtml.php in php-proxima 6.0 and earlier allows remote attackers to ...)
 	NOT-FOR-US: php-proxima
-CVE-2003-0293
+CVE-2003-0293 (PalmOS allows remote attackers to cause a denial of service (CPU consu ...)
 	NOT-FOR-US: PalmOS
-CVE-2003-0292
+CVE-2003-0292 (Cross-site scripting (XSS) vulnerability in Inktomi Traffic-Server 5.5 ...)
 	NOT-FOR-US: Inktomi
-CVE-2003-0291
+CVE-2003-0291 (3com OfficeConnect Remote 812 ADSL Router 1.1.7 does not properly clea ...)
 	NOT-FOR-US: 3com OfficeConnect Remote 812 ADSL Router
-CVE-2003-0290
+CVE-2003-0290 (Memory leak in eServ 2.9x allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: eServ
-CVE-2003-0289
+CVE-2003-0289 (Format string vulnerability in scsiopen.c of the cdrecord program in c ...)
 	- cdrtools 4:2.0+a14-1
-CVE-2003-0288
+CVE-2003-0288 (Buffer overflow in the file &amp; folder transfer mechanism for IP Mes ...)
 	NOT-FOR-US: IP Messenger for Win
-CVE-2003-0287
+CVE-2003-0287 (Cross-site scripting (XSS) vulnerability in Movable Type before 2.6, a ...)
 	NOT-FOR-US: Movable Type
-CVE-2003-0286
+CVE-2003-0286 (SQL injection vulnerability in register.asp in Snitz Forums 2000 befor ...)
 	NOT-FOR-US: Snitz Forums
-CVE-2003-0285
+CVE-2003-0285 (IBM AIX 5.2 and earlier distributes Sendmail with a configuration file ...)
 	NOT-FOR-US: bad sendmail config on AIX
-CVE-2003-0284
+CVE-2003-0284 (Adobe Acrobat 5 does not properly validate JavaScript in PDF files, wh ...)
 	NOT-FOR-US: Adobe Acrobat
-CVE-2003-0283
+CVE-2003-0283 (Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows ...)
 	NOT-FOR-US: Phorum
-CVE-2003-0282
+CVE-2003-0282 (Directory traversal vulnerability in UnZip 5.50 allows attackers to ov ...)
 	{DSA-344}
 	- unzip 5.50-3
-CVE-2003-0281
+CVE-2003-0281 (Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and p ...)
 	- firebird2 1.5.1-1 (bug #251458)
-CVE-2003-0280
+CVE-2003-0280 (Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4. ...)
 	NOT-FOR-US: SMTP Service for ESMTP CMailServer
-CVE-2003-0279
+CVE-2003-0279 (Multiple SQL injection vulnerabilities in the Web_Links module for PHP ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2003-0278
+CVE-2003-0278 (Cross-site scripting (XSS) vulnerability in normal_html.cgi in Happycg ...)
 	NOT-FOR-US: HappyMail
-CVE-2003-0277
+CVE-2003-0277 (Directory traversal vulnerability in normal_html.cgi in Happycgi.com H ...)
 	NOT-FOR-US: HappyMail
-CVE-2003-0276
+CVE-2003-0276 (Buffer overflow in Pi3Web 2.0.1 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Pi3Web
-CVE-2003-0275
+CVE-2003-0275 (SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary  ...)
 	NOT-FOR-US: YaBB SE
-CVE-2003-0274
+CVE-2003-0274 (Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remo ...)
 	NOT-FOR-US: ListProc
-CVE-2003-0273
+CVE-2003-0273 (Cross-site scripting (XSS) vulnerability in the web interface for Requ ...)
 	- request-tracker3.4 <not-affected> (Affects older versions of Request Tracker not in Debian)
-CVE-2003-0272
+CVE-2003-0272 (admin.php in miniPortail allows remote attackers to gain administrativ ...)
 	NOT-FOR-US: miniPortail
-CVE-2003-0271
+CVE-2003-0271 (Buffer overflow in Personal FTP Server allows remote attackers to exec ...)
 	NOT-FOR-US: Personal FTP Server
-CVE-2003-0270
+CVE-2003-0270 (The administration capability for Apple AirPort 802.11 wireless access ...)
 	NOT-FOR-US: Apple Airport
-CVE-2003-0269
+CVE-2003-0269 (Buffer overflow in youbin allows local users to gain privileges via a  ...)
 	NOT-FOR-US: youbin
-CVE-2003-0268
+CVE-2003-0268 (SLWebMail 3 on Windows systems allows remote attackers to identify the ...)
 	NOT-FOR-US: SLWebMail on Windows
-CVE-2003-0267
+CVE-2003-0267 (ShowGodLog.dll in SLWebMail 3 on Windows systems allows remote attacke ...)
 	NOT-FOR-US: SLWebMail on Windows
-CVE-2003-0266
+CVE-2003-0266 (Multiple buffer overflows in SLWebMail 3 on Windows systems allows rem ...)
 	NOT-FOR-US: SLWebMail on Windows
-CVE-2003-0265
+CVE-2003-0265 (Race condition in SDBINST for SAP database 7.3.0.29 creates critical f ...)
 	NOT-FOR-US: SDBINST for SAP database
-CVE-2003-0264
+CVE-2003-0264 (Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers ...)
 	NOT-FOR-US: SLMail
-CVE-2003-0263
+CVE-2003-0263 (Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGate ...)
 	NOT-FOR-US: FTGatePro
-CVE-2003-0262
+CVE-2003-0262 (leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, ...)
 	{DSA-299}
 	- leksbot 1.2-5 (bug #186421)
-CVE-2003-0261
+CVE-2003-0261 (fuzz 0.6 and earlier creates temporary files insecurely, which could a ...)
 	{DSA-302}
 	- fuzz 0.6-7.1
-CVE-2003-0260
+CVE-2003-0260 (Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client ...)
 	NOT-FOR-US: Cisco
-CVE-2003-0259
+CVE-2003-0259 (Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client ...)
 	NOT-FOR-US: Cisco
-CVE-2003-0258
+CVE-2003-0258 (Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client ...)
 	NOT-FOR-US: Cisco
-CVE-2003-0257
+CVE-2003-0257 (Format string vulnerability in the printer capability for IBM AIX .3,  ...)
 	NOT-FOR-US: AIX
-CVE-2003-0256
+CVE-2003-0256 (The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the  ...)
 	- kdenetwork 3.2.0
-CVE-2003-0255
+CVE-2003-0255 (The key validation code in GnuPG before 1.2.2 does not properly determ ...)
 	- gnupg 1.2.2
-CVE-2003-0254
+CVE-2003-0254 (Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers ...)
 	- apache2 2.0.47
-CVE-2003-0253
+CVE-2003-0253 (The prefork MPM in Apache 2 before 2.0.47 does not properly handle cer ...)
 	- apache2 2.0.47
-CVE-2003-0252
+CVE-2003-0252 (Off-by-one error in the xlog function of mountd in the Linux NFS utils ...)
 	{DSA-349}
 	- nfs-utils 1:1.0.3-2
-CVE-2003-0251
+CVE-2003-0251 (ypserv NIS server before 2.7 allows remote attackers to cause a denial ...)
 	NOTE: actually, we need ypserv 2.7, nis 3.11 has ypserv 2.13
 	- nis 3.11
 CVE-2003-0250
 	RESERVED
 CVE-2003-0249
 	NOTE: unimportant (php)
-CVE-2003-0248
+CVE-2003-0248 (The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU stat ...)
 	{DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.22-pre10)
 	- linux-2.6 <not-affected>
-CVE-2003-0247
+CVE-2003-0247 (Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows  ...)
 	{DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-rc4)
 	- linux-2.6 <not-affected>
-CVE-2003-0246
+CVE-2003-0246 (The ioperm system call in Linux kernel 2.4.20 and earlier does not pro ...)
 	{DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-rc4)
 	- linux-2.6 <not-affected>
-CVE-2003-0245
+CVE-2003-0245 (Vulnerability in the apr_psprintf function in the Apache Portable Runt ...)
 	- apache2 2.0.46
-CVE-2003-0244
+CVE-2003-0244 (The route cache implementation in Linux 2.4, and the Netfilter IP conn ...)
 	{DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-rc2)
 	- linux-2.6 <not-affected>
-CVE-2003-0243
+CVE-2003-0243 (Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute  ...)
 	NOT-FOR-US: Happycgi.com Happymall
-CVE-2003-0242
+CVE-2003-0242 (IPSec in Mac OS X before 10.2.6 does not properly handle certain incom ...)
 	NOT-FOR-US: MacOS
-CVE-2003-0241
+CVE-2003-0241 (FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sen ...)
 	NOT-FOR-US: FrontRange GoldMine / win
-CVE-2003-0240
+CVE-2003-0240 (The web-based administration capability for various Axis Network Camer ...)
 	NOT-FOR-US: Axis Network Camera
-CVE-2003-0239
+CVE-2003-0239 (icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a a ...)
 	NOT-FOR-US: Mirabilis ICQ / windows
-CVE-2003-0238
+CVE-2003-0238 (The Message Session window in Mirabilis ICQ Pro 2003a allows remote at ...)
 	NOT-FOR-US: Mirabilis ICQ / windows
-CVE-2003-0237
+CVE-2003-0237 (The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a ...)
 	NOT-FOR-US: Mirabilis ICQ / windows
-CVE-2003-0236
+CVE-2003-0236 (Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 200 ...)
 	NOT-FOR-US: Mirabilis ICQ / windows
-CVE-2003-0235
+CVE-2003-0235 (Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a ...)
 	NOT-FOR-US: Mirabilis ICQ / windows
 CVE-2003-0234
 	RESERVED
-CVE-2003-0233
+CVE-2003-0233 (Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5 ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0232
+CVE-2003-0232 (Microsoft SQL Server 7, 2000, and MSDE allows local users to execute a ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0231
+CVE-2003-0231 (Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenti ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0230
+CVE-2003-0230 (Microsoft SQL Server 7, 2000, and MSDE allows local users to gain priv ...)
 	NOT-FOR-US: microsoft
 CVE-2003-0229
 	RESERVED
-CVE-2003-0228
+CVE-2003-0228 (Directory traversal vulnerability in Microsoft Windows Media Player 7. ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0227
+CVE-2003-0227 (The logging capability for unicast and multicast transmissions in the  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0226
+CVE-2003-0226 (Microsoft Internet Information Services (IIS) 5.0 and 5.1 allows remot ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0225
+CVE-2003-0225 (The ASP function Response.AddHeader in Microsoft Internet Information  ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0224
+CVE-2003-0224 (Buffer overflow in ssinc.dll for Microsoft Internet Information Servic ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0223
+CVE-2003-0223 (Cross-site scripting vulnerability (XSS) in the ASP function responsib ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0222
+CVE-2003-0222 (Stack-based buffer overflow in Oracle Net Services for Oracle Database ...)
 	NOT-FOR-US: oracle
-CVE-2003-0221
+CVE-2003-0221 (The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and  ...)
 	NOT-FOR-US: HP tru64
-CVE-2003-0220
+CVE-2003-0220 (Buffer overflow in the administrator authentication process for Kerio  ...)
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2003-0219
+CVE-2003-0219 (Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attacker ...)
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2003-0218
+CVE-2003-0218 (Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monke ...)
 	NOT-FOR-US: Monkey http daemon; not in debian
-CVE-2003-0217
+CVE-2003-0217 (Cross-site scripting (XSS) vulnerability in Neoteris Instant Virtual E ...)
 	NOT-FOR-US: Neoteris Instant Virtual Extranet
-CVE-2003-0216
+CVE-2003-0216 (Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to b ...)
 	NOT-FOR-US: cisco
-CVE-2003-0215
+CVE-2003-0215 (SQL injection vulnerability in bttlxeForum 2.0 beta 3 and earlier allo ...)
 	NOT-FOR-US: bttlxeForum / win
-CVE-2003-0214
+CVE-2003-0214 (run-mailcap in mime-support 3.22 and earlier allows local users to ove ...)
 	{DSA-292}
 	- mime-support 3.23-1
-CVE-2003-0213
+CVE-2003-0213 (ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attac ...)
 	{DSA-295}
 	- pptpd 1.1.4-0.b3.2
-CVE-2003-0212
+CVE-2003-0212 (handleAccept in rinetd before 0.62 does not properly resize the connec ...)
 	{DSA-289}
 	- rinetd 0.61-2
-CVE-2003-0211
+CVE-2003-0211 (Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial ...)
 	- xinetd 1:2.3.11
-CVE-2003-0210
+CVE-2003-0210 (Buffer overflow in the administration service (CSAdmin) for Cisco Secu ...)
 	NOT-FOR-US: cisco
-CVE-2003-0209
+CVE-2003-0209 (Integer overflow in the TCP stream reassembly module (stream4) for Sno ...)
 	{DSA-297}
 	- snort 2.0.0-1
-CVE-2003-0208
+CVE-2003-0208 (Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user t ...)
 	NOT-FOR-US: macromedia flash
-CVE-2003-0207
+CVE-2003-0207 (ps2epsi creates insecure temporary files when calling ghostscript, whi ...)
 	{DSA-286}
 	- gs-common 0.3.3.1
-CVE-2003-0206
+CVE-2003-0206 (gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attacke ...)
 	{DSA-294}
 	- gkrellm-newsticker <removed>
-CVE-2003-0205
+CVE-2003-0205 (gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attacke ...)
 	{DSA-294}
 	- gkrellm-newsticker <removed>
-CVE-2003-0204
+CVE-2003-0204 (KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execu ...)
 	{DSA-296 DSA-293 DSA-284}
 	- kdebase 4:3.1.0-1
 	- kdegraphics 4:3.1.0-1
-CVE-2003-0203
+CVE-2003-0203 (Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP  ...)
 	{DSA-281}
 	- moxftp 2.2-18.20
-CVE-2003-0202
+CVE-2003-0202 (The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow loc ...)
 	{DSA-279}
 	- metrics <removed>
-CVE-2003-0201
+CVE-2003-0201 (Buffer overflow in the call_trans2open function in trans2.c for Samba  ...)
 	{DSA-280}
 	- samba 3.0
 CVE-2003-0200
 	REJECTED
 CVE-2003-0199
 	REJECTED
-CVE-2003-0198
+CVE-2003-0198 (Mac OS X before 10.2.5 allows guest users to modify the permissions of ...)
 	NOT-FOR-US: MacOS
-CVE-2003-0197
+CVE-2003-0197 (Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local us ...)
 	NOT-FOR-US: Interbase Database
-CVE-2003-0196
+CVE-2003-0196 (Multiple buffer overflows in Samba before 2.2.8a may allow remote atta ...)
 	{DSA-280}
 	- samba 3.0
-CVE-2003-0195
+CVE-2003-0195 (CUPS before 1.1.19 allows remote attackers to cause a denial of servic ...)
 	{DSA-317}
 	- cups 1.1.19final-1
 	- cupsys 1.1.19final-1
-CVE-2003-0194
+CVE-2003-0194 (tcpdump does not properly drop privileges to the pcap user when starti ...)
 	- tcpdump <not-affected> (Apparently a Red Hat specific compilation packaging flaw)
-CVE-2003-0193
+CVE-2003-0193 (msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users ...)
 	{DSA-575-1}
 	- catdoc 0.91.5-2
-CVE-2003-0192
+CVE-2003-0192 (Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3 ...)
 	- apache2 2.0.47
-CVE-2003-0190
+CVE-2003-0190 (OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enable ...)
 	- openssh 1:3.8.1p1-8.sarge.4 (bug #196413)
-CVE-2003-0189
+CVE-2003-0189 (The authentication module for Apache 2.0.40 through 2.0.45 on Unix doe ...)
 	- apache2 2.0.46
-CVE-2003-0188
+CVE-2003-0188 (lv reads a .lv file from the current working directory, which allows l ...)
 	{DSA-304}
 	- lv 4.49.5-2
-CVE-2003-0187
+CVE-2003-0187 (The connection tracking core of Netfilter for Linux 2.4.20, with CONFI ...)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.21)
 CVE-2003-0186
 	RESERVED
@@ -3085,281 +3085,281 @@ CVE-2003-0183
 	RESERVED
 CVE-2003-0182
 	RESERVED
-CVE-2003-0181
+CVE-2003-0181 (Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attacke ...)
 	NOT-FOR-US: Lotus Domino Web Server
-CVE-2003-0180
+CVE-2003-0180 (Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attacke ...)
 	NOT-FOR-US: Lotus Domino Web Server
-CVE-2003-0179
+CVE-2003-0179 (Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0 ...)
 	NOT-FOR-US: Lotus Domino Web Server
-CVE-2003-0178
+CVE-2003-0178 (Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allo ...)
 	NOT-FOR-US: Lotus Domino Web Server
-CVE-2003-0177
+CVE-2003-0177 (SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does no ...)
 	NOT-FOR-US: IRIX
-CVE-2003-0176
+CVE-2003-0176 (The Name Service Daemon (nsd), when running on an NIS master on SGI IR ...)
 	NOT-FOR-US: IRIX
-CVE-2003-0175
+CVE-2003-0175 (SGI IRIX before 6.5.21 allows local users to cause a denial of service ...)
 	NOT-FOR-US: IRIX
-CVE-2003-0174
+CVE-2003-0174 (The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not proper ...)
 	NOT-FOR-US: IRIX
-CVE-2003-0173
+CVE-2003-0173 (xfsdq in xfsdump does not create quota information files securely, whi ...)
 	{DSA-283}
 	- xfsdump 2.2.8-1
-CVE-2003-0172
+CVE-2003-0172 (Buffer overflow in openlog function for PHP 4.3.1 on Windows operating ...)
 	- php4 <not-affected> (Non-issue; see http://marc.info/?l=bugtraq&m=104931415307111&w=2)
-CVE-2003-0171
+CVE-2003-0171 (DirectoryServices in MacOS X trusts the PATH environment variable to l ...)
 	NOT-FOR-US: MacOS
-CVE-2003-0170
+CVE-2003-0170 (Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use K ...)
 	NOT-FOR-US: AIX
-CVE-2003-0169
+CVE-2003-0169 (hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before ...)
 	NOT-FOR-US: HP Instant TopTools
-CVE-2003-0168
+CVE-2003-0168 (Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allo ...)
 	NOT-FOR-US: Apple QuickTime Player
-CVE-2003-0167
+CVE-2003-0167 (Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1 ...)
 	{DSA-300 DSA-274}
 	- balsa 2.0.10
 	- mutt 1.4.0
-CVE-2003-0166
+CVE-2003-0166 (Integer signedness error in emalloc() function for PHP before 4.3.2 al ...)
 	- php4 <not-affected> (Non-issue; see http://marc.info/?l=bugtraq&m=104931415307111&w=2)
-CVE-2003-0165
+CVE-2003-0165 (Format string vulnerability in Eye Of Gnome (EOG) allows attackers to  ...)
 	- eog 2.2.1
 CVE-2003-0164
 	RESERVED
-CVE-2003-0163
+CVE-2003-0163 (decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does  ...)
 	- gaim-encryption <not-affected> (fixed before first upload; 1.16)
-CVE-2003-0162
+CVE-2003-0162 (Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote ...)
 	{DSA-271}
 	- ecartis 1.0.0+cvs.20030321-1
-CVE-2003-0161
+CVE-2003-0161 (The prescan() function in the address parser (parseaddr.c) in Sendmail ...)
 	{DSA-290 DSA-278}
 	- sendmail-wide 8.12.9+3.5Wbeta-1
 	- sendmail 8.12.9-1
-CVE-2003-0160
+CVE-2003-0160 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail be ...)
 	- squirrelmail 1:1.2.11
-CVE-2003-0159
+CVE-2003-0159 (Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and  ...)
 	- ethereal 0.9.10
 CVE-2003-0158
 	REJECTED
 CVE-2003-0157
 	REJECTED
-CVE-2003-0156
+CVE-2003-0156 (Directory traversal vulnerability in Cross-Referencing Linux (LXR) all ...)
 	{DSA-264}
 	- lxr 0.3-4
-CVE-2003-0155
+CVE-2003-0155 (bonsai Mozilla CVS query tool allows remote attackers to gain access t ...)
 	{DSA-265}
 	- bonsai 1.3+cvs20030317-1
-CVE-2003-0154
+CVE-2003-0154 (Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query ...)
 	{DSA-265}
 	- bonsai 1.3+cvs20030317-1
-CVE-2003-0153
+CVE-2003-0153 (bonsai Mozilla CVS query tool leaks the absolute pathname of the tool  ...)
 	{DSA-265}
 	- bonsai 1.3+cvs20030317-1
-CVE-2003-0152
+CVE-2003-0152 (Unknown vulnerability in bonsai Mozilla CVS query tool allows remote a ...)
 	{DSA-265}
 	- bonsai 1.3+cvs20030317-1
-CVE-2003-0151
+CVE-2003-0151 (BEA WebLogic Server and Express 6.0 through 7.0 does not properly rest ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2003-0150
+CVE-2003-0150 (MySQL 3.23.55 and earlier creates world-writeable files and allows mys ...)
 	- mysql <removed>
-CVE-2003-0149
+CVE-2003-0149 (Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrato ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2003-0148
+CVE-2003-0148 (The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 t ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2003-0147
+CVE-2003-0147 (OpenSSL does not use RSA blinding by default, which allows local and r ...)
 	{DSA-288}
 	- openssl 0.9.7b-1
 	- openssl096 0.9.6j-1
-CVE-2003-0146
+CVE-2003-0146 (Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly othe ...)
 	{DSA-263}
 	- lpr 1:2000.05.07-4.20
 	- netpbm-free 2:9.20-9
-CVE-2003-0144
+CVE-2003-0144 (Buffer overflow in the lprm command in the lprold lpr package on SuSE  ...)
 	{DSA-275 DSA-267}
 	- lpr 1:2000.05.07-4.20
 	- lpr-ppd 1:0.72-3
-CVE-2003-0142
+CVE-2003-0142 (Adobe Acrobat Reader (acroread) 6, under certain circumstances when ru ...)
 	NOT-FOR-US: acroread
-CVE-2003-0141
+CVE-2003-0141 (The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, Real ...)
 	NOT-FOR-US: Real
-CVE-2003-0140
+CVE-2003-0140 (Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up  ...)
 	{DSA-268}
 	- mutt 1.5.4-1
-CVE-2003-0139
+CVE-2003-0139 (Certain weaknesses in the implementation of version 4 of the Kerberos  ...)
 	{DSA-273 DSA-266}
 	- krb4 1.2.2-1
 	- krb5 1.2.7-3
-CVE-2003-0138
+CVE-2003-0138 (Version 4 of the Kerberos protocol (krb4), as used in Heimdal and othe ...)
 	{DSA-273 DSA-269 DSA-266}
 	- krb4 1.2.2-1
 	- heimdal 0.5.2-1
 	- krb5 1.2.7-3
-CVE-2003-0137
+CVE-2003-0137 (SNMP daemon in the DX200 based network element for Nokia Serving GPRS  ...)
 	NOT-FOR-US: Nokia Serving GPRS support node
-CVE-2003-0136
+CVE-2003-0136 (psbanner in the LPRng package allows local users to overwrite arbitrar ...)
 	{DSA-285}
 	- lprng 3.8.20-4.
-CVE-2003-0135
+CVE-2003-0135 (vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrapp ...)
 	- vsftpd <not-affected> (Red Hat specific packaging flaw)
-CVE-2003-0134
+CVE-2003-0134 (Unknown vulnerability in filestat.c for Apache running on OS2, version ...)
 	- apache2 2.0.46
-CVE-2003-0133
+CVE-2003-0133 (GtkHTML, as included in Evolution before 1.2.4, allows remote attacker ...)
 	- evolution 1.2.4
-CVE-2003-0132
+CVE-2003-0132 (A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to  ...)
 	- apache2 2.0.45
-CVE-2003-0131
+CVE-2003-0131 (The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and  ...)
 	{DSA-288}
 	- openssl 0.9.7b-1
 	- openssl096 0.9.6j-1
-CVE-2003-0130
+CVE-2003-0130 (The handle_image function in mail-format.c for Ximian Evolution Mail U ...)
 	- evolution 1.2.3
-CVE-2003-0129
+CVE-2003-0129 (Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attac ...)
 	- evolution 1.2.3
-CVE-2003-0128
+CVE-2003-0128 (The try_uudecoding function in mail-format.c for Ximian Evolution Mail ...)
 	- evolution 1.2.3
-CVE-2003-0127
+CVE-2003-0127 (The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4. ...)
 	{DSA-495 DSA-423 DSA-336 DSA-332 DSA-312 DSA-311 DSA-276 DSA-270}
 	[sarge] - kernel-source-2.6.8 <not-affected>
 	- linux-2.6 <not-affected>
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload in the archive, in 2.4.21)
-CVE-2003-0126
+CVE-2003-0126 (The web interface for SOHO Routefinder 550 firmware 4.63 and earlier,  ...)
 	NOT-FOR-US: SOHO Routefinder 550 firmware
-CVE-2003-0121
+CVE-2003-0121 (Clearswift MAILsweeper 4.x allows remote attackers to bypass attachmen ...)
 	NOT-FOR-US: Clearswift MAILsweeper
-CVE-2003-0119
+CVE-2003-0119 (The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socke ...)
 	NOT-FOR-US: AIX
-CVE-2003-0118
+CVE-2003-0118 (SQL injection vulnerability in the Document Tracking and Administratio ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0117
+CVE-2003-0117 (Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll  ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0116
+CVE-2003-0116 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check  ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0115
+CVE-2003-0115 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check  ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0114
+CVE-2003-0114 (The file upload control in Microsoft Internet Explorer 5.01, 5.5, and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0113
+CVE-2003-0113 (Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0112
+CVE-2003-0112 (Buffer overflow in Windows Kernel allows local users to gain privilege ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0111
+CVE-2003-0111 (The ByteCode Verifier component of Microsoft Virtual Machine (VM) buil ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0110
+CVE-2003-0110 (The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Micros ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0109
+CVE-2003-0109 (Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4 ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0106
+CVE-2003-0106 (The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy ...)
 	NOT-FOR-US: Symantec Enterprise Firewall
-CVE-2003-0105
+CVE-2003-0105 (ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Statu ...)
 	NOT-FOR-US: ServerMask
-CVE-2003-0101
+CVE-2003-0101 (miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 do ...)
 	{DSA-319}
 	- webmin 1.070-1
-CVE-2003-0099
+CVE-2003-0099 (Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3 ...)
 	{DSA-277}
 	- apcupsd 3.8.5-1.2
-CVE-2003-0098
+CVE-2003-0098 (Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10. ...)
 	{DSA-277}
 	- apcupsd 3.8.5-1.2
-CVE-2003-0096
+CVE-2003-0096 (Multiple buffer overflows in Oracle 9i Database release 2, Release 1,  ...)
 	NOT-FOR-US: Oracle
-CVE-2003-0092
+CVE-2003-0092 (Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Sola ...)
 	NOT-FOR-US: Solaris
-CVE-2003-0091
+CVE-2003-0091 (Stack-based buffer overflow in the bsd_queue() function for lpq on Sol ...)
 	NOT-FOR-US: Solaris
 CVE-2003-0090
 	REJECTED
-CVE-2003-0089
+CVE-2003-0089 (Buffer overflow in the Software Distributor utilities for HP-UX B.11.0 ...)
 	NOT-FOR-US: HP-UX
-CVE-2003-0086
+CVE-2003-0086 (The code for writing reg files in Samba before 2.2.8 allows local user ...)
 	{DSA-262}
 	- samba 2.2.8
-CVE-2003-0085
+CVE-2003-0085 (Buffer overflow in the SMB/CIFS packet fragment re-assembly code for S ...)
 	{DSA-262}
 	- samba 2.2.8
-CVE-2003-0084
+CVE-2003-0084 (mod_auth_any package in Red Hat Enterprise Linux 2.1 and other operati ...)
 	NOT-FOR-US: mod_auth_any not in Debian
-CVE-2003-0083
+CVE-2003-0083 (Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not ...)
 	- apache2 2.0.46
 	- apache 1.3.25
-CVE-2003-0082
+CVE-2003-0082 (The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earli ...)
 	{DSA-266}
 	- krb5 1.3.3-2
-CVE-2003-0080
+CVE-2003-0080 (The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not inc ...)
 	- gnome-lokkit 0.50.22-4
-CVE-2003-0076
+CVE-2003-0076 (Unknown vulnerability in the directory parser for Direct Connect 4 Lin ...)
 	- dcgui 0.2.2
-CVE-2003-0074
+CVE-2003-0074 (Format string vulnerability in mpmain.c for plpnfsd of the plptools pa ...)
 	- plptools 0.12-0
-CVE-2003-0072
+CVE-2003-0072 (The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earli ...)
 	{DSA-266}
 	- krb5 1.2.7-3
 	NOTE: changelog does not mention this one, verified patch from upstream was applied to this version.
-CVE-2003-0061
+CVE-2003-0061 (Buffer overflow in passwd for HP UX B.10.20 allows local users to exec ...)
 	NOT-FOR-US: HP UX
-CVE-2003-0060
+CVE-2003-0060 (Format string vulnerabilities in the logging routines for MIT Kerberos ...)
 	- krb5 1.2.4
-CVE-2003-0057
+CVE-2003-0057 (Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote at ...)
 	{DSA-248}
 	- hypermail 2.1.6-1
-CVE-2003-0056
+CVE-2003-0056 (Buffer overflow in secure locate (slocate) before 2.7 allows local use ...)
 	{DSA-252}
 	- slocate 2.7-1
-CVE-2003-0049
+CVE-2003-0049 (Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrat ...)
 	NOT-FOR-US: MacOS
-CVE-2003-0048
+CVE-2003-0048 (PuTTY 0.53b and earlier does not clear logon credentials from memory,  ...)
 	- putty 0.53-b-2003-01-04-1
 	NOTE: apparently fixed upstream 2002-11-12 changelog
-CVE-2003-0047
+CVE-2003-0047 (SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2 ...)
 	NOT-FOR-US: commercial ssh clients
-CVE-2003-0046
+CVE-2003-0046 (AbsoluteTelnet SSH2 client does not clear logon credentials from memor ...)
 	NOT-FOR-US: commercial ssh clients
-CVE-2003-0044
+CVE-2003-0044 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) example ...)
 	{DSA-246}
 	- tomcat <removed>
-CVE-2003-0042
+CVE-2003-0042 (Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, all ...)
 	{DSA-246}
 	- tomcat <removed>
-CVE-2003-0041
+CVE-2003-0041 (Kerberos FTP client allows remote FTP sites to execute arbitrary code  ...)
 	- krb5 <not-affected> (Verified sarge version of krb5-clients not vulnerable, nothing in changelogs)
-CVE-2003-0038
+CVE-2003-0038 (Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 ...)
 	{DSA-436}
 	- mailman 2.1.1-1
-CVE-2003-0037
+CVE-2003-0037 (Buffer overflows in noffle news server 1.0.1 and earlier allow remote  ...)
 	{DSA-244}
 	- noffle 1.1.2-1
-CVE-2003-0036
+CVE-2003-0036 (ml85p, as included in the printer-drivers package for Mandrake Linux,  ...)
 	NOT-FOR-US: ml85p, as included in the printer-drivers package for Mandrake Linux
-CVE-2003-0035
+CVE-2003-0035 (Buffer overflow in escputil, as included in the printer-drivers packag ...)
 	NOT-FOR-US: ml85p, as included in the printer-drivers package for Mandrake Linux
-CVE-2003-0034
+CVE-2003-0034 (Buffer overflow in the mtink status monitor, as included in the printe ...)
 	- mtink <not-affected> (Not installed setuid or setgid, so this is not exploitable)
 	NOTE: HOME overflow was fixed in mainSrc/rcfile.c, but not in
 	NOTE: chooser/mtinkc.c's version, which goes into mtinkc
-CVE-2003-0031
+CVE-2003-0031 (Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to ...)
 	{DSA-228}
 	- libmcrypt 2.5.5-1
-CVE-2003-0030
+CVE-2003-0030 (Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension ...)
 	NOT-FOR-US: Protegrity Secure.Data Extension Feature
 CVE-2003-0029
 	RESERVED
-CVE-2003-0028
+CVE-2003-0028 (Integer overflow in the xdrmem_getbytes() function, and possibly other ...)
 	{DSA-282 DSA-272 DSA-266}
 	- glibc 2.3.1-16
 	- dietlibc 0.22-2
 	- krb5 1.3.3-2
 	NOTE: krb5: changelog does not mention this one, verified patch from Tom Yu was applied to this version.
-CVE-2003-0026
+CVE-2003-0026 (Multiple stack-based buffer overflows in the error handling routines o ...)
 	{DSA-231}
 	- dhcp3 3.0+3.0.1rc11-1
-CVE-2003-0025
+CVE-2003-0025 (Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow  ...)
 	{DSA-229}
 	- imp 2.2.6-7
 	- imp3 <not-affected>
-CVE-2003-0014
+CVE-2003-0014 (gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbi ...)
 	{DSA-633-1}
 	- bmv 1.2-17
-CVE-2003-0011
+CVE-2003-0011 (Unknown vulnerability in the DNS intrusion detection application filte ...)
 	NOT-FOR-US: Microsoft
-CVE-2003-0010
+CVE-2003-0010 (Integer overflow in JsArrayFunctionHeapSort function used by Windows S ...)
 	NOT-FOR-US: Windows Script Engine for JScript
 CVE-2003-0008
 	RESERVED
@@ -3367,209 +3367,209 @@ CVE-2003-0006
 	RESERVED
 CVE-2003-0005
 	RESERVED
-CVE-2003-0001
+CVE-2003-0001 (Multiple ethernet Network Interface Card (NIC) device drivers do not p ...)
 	{DSA-442 DSA-423 DSA-336 DSA-332 DSA-312 DSA-311}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-pre5)
-CVE-2003-1328
+CVE-2003-1328 (The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and  ...)
 	NOT-FOR-US: windows
-CVE-2003-1326
+CVE-2003-1326 (Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to byp ...)
 	NOT-FOR-US: windows
-CVE-2003-1022
+CVE-2003-1022 (Directory traversal vulnerability in fsp before 2.81.b18 allows remote ...)
 	{DSA-416}
 	- fsp 2.81.b18-1
-CVE-2003-0994
+CVE-2003-0994 (The GUI functionality for an interactive session in Symantec LiveUpdat ...)
 	NOT-FOR-US: norton
-CVE-2003-0993
+CVE-2003-0993 (mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit ...)
 	- apache 1.3.29.0.2-4
-CVE-2003-0991
+CVE-2003-0991 (Unknown vulnerability in the mail command handler in Mailman before 2. ...)
 	{DSA-436}
 	- mailman 2.1-1
 	NOTE: I have mailed Tollef Fog Heen <tfheen@debian.org> about this.
 	NOTE: Tollef Fog Heen reply to me that 2.1 versions are not vulnerable
-CVE-2003-0988
+CVE-2003-0988 (Buffer overflow in the VCF file information reader for KDE Personal In ...)
 	- kdepim 4:3.1.5-1
-CVE-2003-0985
+CVE-2003-0985 (The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21 ...)
 	{DSA-475 DSA-470 DSA-450 DSA-442 DSA-440 DSA-439 DSA-427 DSA-423 DSA-417 DSA-413}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.24-rc1)
-CVE-2003-0969
+CVE-2003-0969 (mpg321 0.2.10 allows remote attackers to overwrite memory and possibly ...)
 	{DSA-411}
 	- mpg321 0.2.10.3
-CVE-2003-0966
+CVE-2003-0966 (Buffer overflow in the frm command in elm 2.5.6 and earlier, and possi ...)
 	NOT-FOR-US: elm
-CVE-2003-0924
+CVE-2003-0924 (netpbm 9.25 and earlier does not properly create temporary files, whic ...)
 	{DSA-426}
 	- netpbm-free 2:9.25-9
-CVE-2003-0905
+CVE-2003-0905 (Unknown vulnerability in Windows Media Station Service and Windows Med ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0903
+CVE-2003-0903 (Buffer overflow in a component of Microsoft Data Access Components (MD ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0825
+CVE-2003-0825 (The Windows Internet Naming Service (WINS) for Microsoft Windows Serve ...)
 	NOT-FOR-US: microsoft
-CVE-2003-0145
+CVE-2003-0145 (Unknown vulnerability in tcpdump before 3.7.2 related to an inability  ...)
 	{DSA-261}
 	- tcpdump 3.7.2-1
-CVE-2003-0143
+CVE-2003-0143 (The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null te ...)
 	{DSA-259}
 	- qpopper 4.0.4-9
-CVE-2003-0125
+CVE-2003-0125 (Buffer overflow in the web interface for SOHO Routefinder 550 before f ...)
 	NOT-FOR-US: SOHO Routefinder
-CVE-2003-0124
+CVE-2003-0124 (man before 1.5l allows attackers to execute arbitrary code via a malfo ...)
 	NOT-FOR-US: man before 1.51
-CVE-2003-0123
+CVE-2003-0123 (Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 th ...)
 	NOT-FOR-US: lotus notes
-CVE-2003-0122
+CVE-2003-0122 (Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.1 ...)
 	NOT-FOR-US: lotus notes
-CVE-2003-0120
+CVE-2003-0120 (adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local ...)
 	{DSA-256}
 	- mhc 0.25+20030224-1
-CVE-2003-0108
+CVE-2003-0108 (isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers  ...)
 	{DSA-255}
 	- tcpdump 3.7.1-1.2
-CVE-2003-0107
+CVE-2003-0107 (Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is c ...)
 	- zlib 1:1.1.4-10
-CVE-2003-0104
+CVE-2003-0104 (Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8. ...)
 	NOT-FOR-US: peopletools
-CVE-2003-0103
+CVE-2003-0103 (Format string vulnerability in Nokia 6210 handset allows remote attack ...)
 	NOT-FOR-US: nokia handset
-CVE-2003-0102
+CVE-2003-0102 (Buffer overflow in tryelf() in readelf.c of the file command allows at ...)
 	{DSA-260}
 	- file 3.40-1.1
-CVE-2003-0100
+CVE-2003-0100 (Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers  ...)
 	NOT-FOR-US: cisco
-CVE-2003-0097
+CVE-2003-0097 (Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to  ...)
 	- php4 4:4.3.2+rc3-1
-CVE-2003-0095
+CVE-2003-0095 (Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7 ...)
 	NOT-FOR-US: oracle
-CVE-2003-0094
+CVE-2003-0094 (A patch for mcookie in the util-linux package for Mandrake Linux 8.2 a ...)
 	NOT-FOR-US: mandrake specific
-CVE-2003-0093
+CVE-2003-0093 (The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attacker ...)
 	{DSA-261}
 	- tcpdump 3.7.1-1
-CVE-2003-0088
+CVE-2003-0088 (TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to  ...)
 	NOT-FOR-US: macosX
-CVE-2003-0087
+CVE-2003-0087 (Buffer overflow in libIM library (libIM.a) for National Language Suppo ...)
 	NOT-FOR-US: AIX
-CVE-2003-0081
+CVE-2003-0081 (Format string vulnerability in packet-socks.c of the SOCKS dissector f ...)
 	{DSA-258}
 	- ethereal 0.9.9-2
-CVE-2003-0079
+CVE-2003-0079 (The DEC UDK processing feature in the hanterm (hanterm-xf) terminal em ...)
 	NOT-FOR-US: hanterm before 2.0.5
-CVE-2003-0078
+CVE-2003-0078 (ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before ...)
 	{DSA-253}
 	- openssl 0.9.7a-1
-CVE-2003-0077
+CVE-2003-0077 (The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier, and poss ...)
 	NOT-FOR-US: hanterm before 2.0.5
-CVE-2003-0075
+CVE-2003-0075 (Integer signedness error in the myFseek function of samplein.c for Bla ...)
 	NOT-FOR-US: blade encoder not in Debian
-CVE-2003-0073
+CVE-2003-0073 (Double-free vulnerability in mysqld for MySQL before 3.23.55 allows at ...)
 	{DSA-303}
 	- mysql-dfsg 4.0.12-2
-CVE-2003-0071
+CVE-2003-0071 (The DEC UDK processing feature in the xterm terminal emulator in XFree ...)
 	{DSA-380}
 	- xfree86 4.2.1-11
-CVE-2003-0070
+CVE-2003-0070 (VTE, as used by default in gnome-terminal terminal emulator 2.2 and as ...)
 	- vte 1:0.11.10-1
-CVE-2003-0069
+CVE-2003-0069 (The PuTTY terminal emulator 0.53 allows attackers to modify the window ...)
 	- putty 0.54-1
-CVE-2003-0068
+CVE-2003-0068 (The Eterm terminal emulator 0.9.1 and earlier allows attackers to modi ...)
 	{DSA-496}
 	- eterm 0.9.2-6
-CVE-2003-0067
+CVE-2003-0067 (The aterm terminal emulator 0.42 allows attackers to modify the window ...)
 	NOTE: I have mailed Goran Weinholt <weinholt@debian.org> about this.
 	NOTE: Goran Weinholt <weinholt@debian.org> tell me that aterm 0.4.2 was
 	NOTE: never vulnerable to the problem described.
 	NOTE: this CVE is bogus.
-CVE-2003-0066
+CVE-2003-0066 (The rxvt terminal emulator 2.7.8 and earlier allows attackers to modif ...)
 	- rxvt 1:2.6.4-6.1 (bug #244810)
 	NOTE: woody version is still vulnerable
-CVE-2003-0065
+CVE-2003-0065 (The uxterm terminal emulator allows attackers to modify the window tit ...)
 	NOT-FOR-US: uxterm not in Debian
-CVE-2003-0064
+CVE-2003-0064 (The dtterm terminal emulator allows attackers to modify the window tit ...)
 	NOT-FOR-US: dtterm not in Debian
-CVE-2003-0063
+CVE-2003-0063 (The xterm terminal emulator in XFree86 4.2.0 and earlier allows attack ...)
 	{DSA-380}
 	- xfree86 4.2.1-11
-CVE-2003-0062
+CVE-2003-0062 (Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows lo ...)
 	NOT-FOR-US: NOD32 not in Debian
-CVE-2003-0059
+CVE-2003-0059 (Unknown vulnerability in the chk_trans.c of the libkrb5 library for MI ...)
 	- krb5 1.2.5-1
-CVE-2003-0058
+CVE-2003-0058 (MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remo ...)
 	- krb5 1.2.5-1
-CVE-2003-0055
+CVE-2003-0055 (Buffer overflow in the MP3 broadcasting module of Apple Darwin Streami ...)
 	NOT-FOR-US: apple
-CVE-2003-0054
+CVE-2003-0054 (Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Strea ...)
 	NOT-FOR-US: apple
-CVE-2003-0053
+CVE-2003-0053 (Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Dar ...)
 	NOT-FOR-US: apple
-CVE-2003-0052
+CVE-2003-0052 (parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 an ...)
 	NOT-FOR-US: apple
-CVE-2003-0051
+CVE-2003-0051 (parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 an ...)
 	NOT-FOR-US: apple
-CVE-2003-0050
+CVE-2003-0050 (parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 an ...)
 	NOT-FOR-US: apple
-CVE-2003-0045
+CVE-2003-0045 (Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remo ...)
 	NOT-FOR-US: windows
-CVE-2003-0043
+CVE-2003-0043 (Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, use ...)
 	{DSA-246}
 	- tomcat 3.3.1a-1
-CVE-2003-0040
+CVE-2003-0040 (SQL injection vulnerability in the PostgreSQL auth module for courier  ...)
 	{DSA-247}
 	- courier 0.40.2-3
 	- courier-ssl 0.40.2-3
-CVE-2003-0039
+CVE-2003-0039 (ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versi ...)
 	{DSA-245}
 	- dhcp3 3.0+3.0.1rc11-3
 	NOTE: Version information in DSA is wrong.
-CVE-2003-0033
+CVE-2003-0033 (Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before ...)
 	{DSA-297}
 	- snort 2.0.0-1
-CVE-2003-0032
+CVE-2003-0032 (Memory leak in libmcrypt before 2.5.5 allows attackers to cause a deni ...)
 	{DSA-228}
 	- libmcrypt 2.5.5-1
-CVE-2003-0027
+CVE-2003-0027 (Directory traversal vulnerability in Sun Kodak Color Management System ...)
 	NOT-FOR-US: sun
-CVE-2003-0024
+CVE-2003-0024 (The menuBar feature in aterm 0.42 allows attackers to modify menu opti ...)
 	NOTE: I have mailed Goran Weinholt <weinholt@debian.org> about this.
 	NOTE: Goran Weinholt <weinholt@debian.org> tell me that aterm 0.4.2 was
 	NOTE: never vulnerable to the problem described.
 	NOTE: this CVE is bogus.
-CVE-2003-0023
+CVE-2003-0023 (The menuBar feature in rxvt 2.7.8 allows attackers to modify menu opti ...)
 	- rxvt 1:2.6.4-6.1
-CVE-2003-0022
+CVE-2003-0022 (The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite  ...)
 	- rxvt 1:2.6.4-6.1
-CVE-2003-0021
+CVE-2003-0021 (The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers  ...)
 	- eterm 0.9.2-1
 	NOTE: According to upstream changelog and http://marc.info/?l=bugtraq&m=104612710031920&w=2
 	NOTE: this is fixed in eterm 0.9.2
-CVE-2003-0020
+CVE-2003-0020 (Apache does not filter terminal escape sequences from its error logs,  ...)
 	- apache2 2.0.49
 	- apache 1.3.29.0.2-4
-CVE-2003-0019
+CVE-2003-0019 (uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrec ...)
 	NOT-FOR-US: redhat 8.0 only
-CVE-2003-0018
+CVE-2003-0018 (Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O ...)
 	{DSA-423 DSA-358}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; in 2.5.27)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; in 2.4.21)
-CVE-2003-0017
+CVE-2003-0017 (Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers  ...)
 	NOT-FOR-US: apache on windows
-CVE-2003-0016
+CVE-2003-0016 (Apache before 2.0.44, when running on unpatched Windows 9x and Me oper ...)
 	NOT-FOR-US: apache on windows
-CVE-2003-0015
+CVE-2003-0015 (Double-free vulnerability in CVS 1.11.4 and earlier allows remote atta ...)
 	{DSA-233}
 	- cvs 1.11.2-5.1
-CVE-2003-0013
+CVE-2003-0013 (The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16. ...)
 	{DSA-230}
 	- bugzilla 2.16.2-1
-CVE-2003-0012
+CVE-2003-0012 (The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x b ...)
 	{DSA-230}
 	- bugzilla 2.16.2-1
-CVE-2003-0009
+CVE-2003-0009 (Cross-site scripting (XSS) vulnerability in Help and Support Center fo ...)
 	NOT-FOR-US: windows
-CVE-2003-0007
+CVE-2003-0007 (Microsoft Outlook 2002 does not properly handle requests to encrypt em ...)
 	NOT-FOR-US: windows
-CVE-2003-0004
+CVE-2003-0004 (Buffer overflow in the Windows Redirector function in Microsoft Window ...)
 	NOT-FOR-US: windows
-CVE-2003-0003
+CVE-2003-0003 (Buffer overflow in the RPC Locator service for Microsoft Windows NT 4. ...)
 	NOT-FOR-US: windows
-CVE-2003-0002
+CVE-2003-0002 (Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for ...)
 	NOT-FOR-US: windows
diff --git a/data/CVE/2004.list b/data/CVE/2004.list
index f5b275c2f9..e40d4ce961 100644
--- a/data/CVE/2004.list
+++ b/data/CVE/2004.list
@@ -1,10 +1,10 @@
-CVE-2004-2779
+CVE-2004-2779 (id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b mispar ...)
 	- libid3tag 0.15.1b-5 (bug #304913)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=162647
 	NOTE: https://sources.debian.org/patches/libid3tag/0.15.1b-13/10_utf16.dpatch/
-CVE-2004-2778
+CVE-2004-2778 (Ebuild in Gentoo may change directory and file permissions depending o ...)
 	NOT-FOR-US: Gentoo ebuilds dir permissions at install time
-CVE-2004-2777
+CVE-2004-2777 (GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet  ...)
 	NOT-FOR-US: GE Healthcare Centricity Image Vault
 CVE-2004-XXXX [base-passwd: sets valid shells for system services]
 	- base-passwd 3.5.30 (unimportant; bug #274229)
@@ -20,615 +20,615 @@ CVE-2004-2773
 	RESERVED
 CVE-2004-2772
 	RESERVED
-CVE-2004-2771
+CVE-2004-2771 (The expand function in fio.c in Heirloom mailx 12.5 and earlier and BS ...)
 	{DSA-3105-1 DLA-114-1}
 	- heirloom-mailx 12.5-3.1 (bug #773417)
 	- bsd-mailx 8.1.2-0.20071201cvs-1
 	- mailx 1:8.1.2-0.20040524cvs-2 (bug #278748)
 CVE-2004-2770
 	REJECTED
-CVE-2004-2769
+CVE-2004-2769 (Cerberus FTP Server before 4.0.3.0 allows remote authenticated users t ...)
 	NOT-FOR-US: Cerberus FTP Server
-CVE-2004-2768
+CVE-2004-2768 (dpkg 1.9.21 does not properly reset the metadata of a file during repl ...)
 	- dpkg 1.10.19 (bug #225692)
-CVE-2004-2767
+CVE-2004-2767 (NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2766
+CVE-2004-2766 (Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5 ...)
 	NOT-FOR-US: iPlanet Messaging Server/Sun ONE Messaging Server
-CVE-2004-2765
+CVE-2004-2765 (Cross-site scripting (XSS) vulnerability in Webmail in Sun ONE Messagi ...)
 	NOT-FOR-US: iPlanet Messaging Server/Sun ONE Messaging Server
-CVE-2004-2764
+CVE-2004-2764 (Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, 1.4 ...)
 	NOT-FOR-US: Historic issues in proprietary Java
-CVE-2004-2763
+CVE-2004-2763 (The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 throug ...)
 	NOT-FOR-US: Sun ONE iPlanet Web Server
-CVE-2004-2762
+CVE-2004-2762 (The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x b ...)
 	NOT-FOR-US: Tivoli
-CVE-2004-2761
+CVE-2004-2761 (The MD5 Message-Digest Algorithm is not collision resistant, which mak ...)
 	NOT-FOR-US: General MD5 weakness, doesn't need to tracked package-wise
-CVE-2004-2760
+CVE-2004-2760 (sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately c ...)
 	- openssh 1:3.6p1-1 (unimportant)
-CVE-2004-2759
+CVE-2004-2759 (Shared Sun StorEdge QFS and SAM-QFS file systems, as used in Utilizati ...)
 	NOT-FOR-US: Shared Sun StorEdge QFS and SAM-QFS
-CVE-2004-2758
+CVE-2004-2758 (Multiple unspecified vulnerabilities in the H.323 protocol implementat ...)
 	NOT-FOR-US: Sun SunForum
-CVE-2004-2757
+CVE-2004-2757 (Cross-site scripting (XSS) vulnerability in the failed login page in N ...)
 	NOT-FOR-US: Novell iChain
-CVE-2004-2756
+CVE-2004-2756 (Cross-site scripting (XSS) vulnerability in viewtopic.php in Xoops 2.x ...)
 	NOT-FOR-US: Xoops
-CVE-2004-2755
+CVE-2004-2755 (Cross-site scripting (XSS) vulnerability in Symantec Web Security 2.5, ...)
 	NOT-FOR-US: Symantec Web Security
-CVE-2004-2754
+CVE-2004-2754 (SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and po ...)
 	NOT-FOR-US: YaBB
-CVE-2004-2753
+CVE-2004-2753 (Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B. ...)
 	NOT-FOR-US: HP-UX
-CVE-2004-2752
+CVE-2004-2752 (Cross-site scripting (XSS) vulnerability in the Downloads module in Po ...)
 	NOT-FOR-US: PostNuke
-CVE-2004-2751
+CVE-2004-2751 (SQL injection vulnerability in the members_list module in PostNuke 0.7 ...)
 	NOT-FOR-US: PostNuke
-CVE-2004-2750
+CVE-2004-2750 (Directory traversal vulnerability in browser.php in JBrowser 1.0 throu ...)
 	NOT-FOR-US: JBrowser
-CVE-2004-2749
+CVE-2004-2749 (Directory traversal vulnerability in wra/public/wralogin in 2Wire Gate ...)
 	NOT-FOR-US: 2Wire Gateway
-CVE-2004-2748
+CVE-2004-2748 (viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition 6 ...)
 	NOT-FOR-US: WebTrends Reporting Center
-CVE-2004-2747
+CVE-2004-2747 (Directory traversal vulnerability in Pablo Software Solutions Quick 'n ...)
 	NOT-FOR-US: Quick 'n Easy FTP Server (Windows only)
-CVE-2004-2746
+CVE-2004-2746 (SQL injection vulnerability in adminlogin.asp in XTREME ASP Photo Gall ...)
 	NOT-FOR-US: XTREME ASP Photo Gallery
-CVE-2004-2745
+CVE-2004-2745 (Directory traversal vulnerability in Anteco Visual Technologies OwnSer ...)
 	NOT-FOR-US: Anteco Visual Technologies OwnServer
-CVE-2004-2744
+CVE-2004-2744 (Unspecified vulnerability in Tincan Limited PHPlist before 2.8.12 has  ...)
 	NOT-FOR-US: Tincan Limited PHPlist
-CVE-2004-2743
+CVE-2004-2743 (upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attac ...)
 	NOT-FOR-US: Mega Upload Progress Bar
-CVE-2004-2742
+CVE-2004-2742 (Cross-site scripting (XSS) vulnerability in the report viewer in Cryst ...)
 	NOT-FOR-US: Crystal Enterprise
-CVE-2004-2741
+CVE-2004-2741 (Cross-site scripting (XSS) vulnerability in the "help window" (help.ph ...)
 	- horde2 <removed>
-CVE-2004-2740
+CVE-2004-2740 (PHP remote file inclusion vulnerability in authform.inc.php in PHProje ...)
 	NOT-FOR-US: PHProjekt
-CVE-2004-2739
+CVE-2004-2739 (The setup routine (setup.php) in PHProjekt 4.2.1 and earlier allows re ...)
 	NOT-FOR-US: PHProjekt
-CVE-2004-2738
+CVE-2004-2738 (Cross-site scripting (XSS) vulnerability in check_user_id.php in ZeroB ...)
 	NOT-FOR-US: Zero board
-CVE-2004-2737
+CVE-2004-2737 (SQL injection vulnerability in problist.asp in NetSupport DNA HelpDesk ...)
 	NOT-FOR-US: NetSupport DNA HelpDesk
-CVE-2004-2736
+CVE-2004-2736 (Polar HelpDesk 3.0 allows remote attackers to bypass authentication by ...)
 	NOT-FOR-US: Polar HelpDesk
-CVE-2004-2735
+CVE-2004-2735 (Cross-site scripting (XSS) vulnerability in P4DB 2.01 and earlier allo ...)
 	NOT-FOR-US: P4DB
-CVE-2004-2734
+CVE-2004-2734 (webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses  ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2733
+CVE-2004-2733 (Web Wiz Forums 7.7a uses invalid logic to determine user privileges, w ...)
 	NOT-FOR-US: Web Wiz Forums
-CVE-2004-2732
+CVE-2004-2732 (nbmember.cgi in Netbilling 2.0 allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: Netbilling
-CVE-2004-2731
+CVE-2004-2731 (Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/open ...)
 	{DSA-1503-2 DSA-1503-1}
 	- linux-2.6 2.6.18-1
 	NOTE: bufsize is unsigned since (at least) 2.6.18, might be fixed in prior versions
-CVE-2004-2730
+CVE-2004-2730 (Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2 ...)
 	NOT-FOR-US: PsTools
-CVE-2004-2729
+CVE-2004-2729 (Inetd32 Administration Tool of Hummingbird Connectivity 7.1 and 9.0 al ...)
 	NOT-FOR-US: Hummingbird Connectivity
-CVE-2004-2728
+CVE-2004-2728 (Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and  ...)
 	NOT-FOR-US: Hummingbird Connectivity
-CVE-2004-2727
+CVE-2004-2727 (Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 t ...)
 	NOT-FOR-US: MailEnable
-CVE-2004-2726
+CVE-2004-2726 (HTTPMail service in MailEnable Professional 1.18 does not properly han ...)
 	NOT-FOR-US: MailEnable
-CVE-2004-2725
+CVE-2004-2725 (Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 ...)
 	NOT-FOR-US: Aztek Forum
-CVE-2004-2724
+CVE-2004-2724 (LionMax Software Chat Anywhere 2.72a allows remote attackers to cause  ...)
 	NOT-FOR-US: Chat Anywhere
-CVE-2004-2723
+CVE-2004-2723 (NessusWX 1.4.4 stores account passwords in plaintext in .session files ...)
 	NOT-FOR-US: NessusWXdd
 CVE-2004-2722
 	- nessus-core <unfixed> (unimportant)
 	NOTE: this is no security issue assuming correct permissions
-CVE-2004-2721
+CVE-2004-2721 (The CheckGroup function in openSkat VTMF before 2.1 generates public k ...)
 	NOT-FOR-US: openSkat
-CVE-2004-2720
+CVE-2004-2720 (Cross-site scripting (XSS) vulnerability in register.asp in Snitz Foru ...)
 	NOT-FOR-US: Snitz Forums
-CVE-2004-2719
+CVE-2004-2719 (Buffer overflow in the UrlToLocal function in PunyLib.dll of Foxmail 5 ...)
 	NOT-FOR-US: Foxmail
-CVE-2004-2718
+CVE-2004-2718 (PHPMyChat 0.14.5 does not remove or protect setup.php3 after installat ...)
 	NOT-FOR-US: PHPMyChat
-CVE-2004-2717
+CVE-2004-2717 (Multiple directory traversal vulnerabilities in admin.php3 in PHPMyCha ...)
 	NOT-FOR-US: PHPMyChat
-CVE-2004-2716
+CVE-2004-2716 (Multiple SQL injection vulnerabilities in usersL.php3 in PHPMyChat 0.1 ...)
 	NOT-FOR-US: PHPMyChat
-CVE-2004-2715
+CVE-2004-2715 (edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass aut ...)
 	NOT-FOR-US: PHPMyChat
-CVE-2004-2714
+CVE-2004-2714 (Unspecified vulnerability in Window Maker 0.80.2 and earlier allows at ...)
 	- wmaker 0.90-1
 CVE-2004-2713
 	NOT-FOR-US: ZoneAlarm
-CVE-2004-2712
+CVE-2004-2712 (Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 a ...)
 	NOT-FOR-US: Gyach-E
-CVE-2004-2711
+CVE-2004-2711 (Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.2 all ...)
 	NOT-FOR-US: Gyach-E
-CVE-2004-2710
+CVE-2004-2710 (Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.3 all ...)
 	NOT-FOR-US: Gyach-E
-CVE-2004-2709
+CVE-2004-2709 (Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyac ...)
 	NOT-FOR-US: Gyach-E
-CVE-2004-2708
+CVE-2004-2708 (Gyach Enhanced (Gyach-E) before 1.0.0 stores passwords in plaintext, w ...)
 	NOT-FOR-US: Gyach-E
-CVE-2004-2707
+CVE-2004-2707 (Multiple unspecified vulnerabilities in Gyach Enhanced (Gyach-E) befor ...)
 	NOT-FOR-US: Gyach-E
-CVE-2004-2706
+CVE-2004-2706 (Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 all ...)
 	NOT-FOR-US: Gyach-E
-CVE-2004-2705
+CVE-2004-2705 (Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN)  ...)
 	- pvpgn 1.6.4+20040826-1
-CVE-2004-2704
+CVE-2004-2704 (Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) ...)
 	- hastymail <removed>
-CVE-2004-2703
+CVE-2004-2703 (Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweep ...)
 	NOT-FOR-US: MIMEsweeper
-CVE-2004-2702
+CVE-2004-2702 (Cross-site scripting (XSS) vulnerability in login_up.php3 in Plesk 7.0 ...)
 	NOT-FOR-US: Plesk
-CVE-2004-2701
+CVE-2004-2701 (Cross-site scripting (XSS) vulnerability in signin.aspx for AspDotNetS ...)
 	NOT-FOR-US: AspDotNetStorefront
-CVE-2004-2700
+CVE-2004-2700 (Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allo ...)
 	NOT-FOR-US: AspDotNetStorefront
-CVE-2004-2699
+CVE-2004-2699 (deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to  ...)
 	NOT-FOR-US: AspDotNetStorefront
-CVE-2004-2698
+CVE-2004-2698 (Race condition in IMWheel 1.0.0pre11 and earlier, when running with th ...)
 	- imwheel 1.0.0pre12-1
-CVE-2004-2697
+CVE-2004-2697 (The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 ...)
 	NOT-FOR-US: InvScoutd
-CVE-2004-2696
+CVE-2004-2696 (BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2004-2695
+CVE-2004-2695 (SQL injection vulnerability in the Authorize.net callback code (subscr ...)
 	NOT-FOR-US: vBulletin
-CVE-2004-2694
+CVE-2004-2694 (Microsoft Outlook Express 6.0 allows remote attackers to bypass intend ...)
 	NOT-FOR-US: Outlook
-CVE-2004-2693
+CVE-2004-2693 (HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installe ...)
 	NOT-FOR-US: HP-UX
-CVE-2004-2692
+CVE-2004-2692 (The exec_dir PHP patch (php-exec-dir) 4.3.2 through 4.3.7 with safe mo ...)
 	NOT-FOR-US: php-exec-dir patch
-CVE-2004-2691
+CVE-2004-2691 (Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firm ...)
 	NOT-FOR-US: 3Com firmware
-CVE-2004-2690
+CVE-2004-2690 (Unrestricted file upload vulnerability in the Administration Panel for ...)
 	NOT-FOR-US: NewsPHP
-CVE-2004-2689
+CVE-2004-2689 (NewsPHP allows remote attackers to gain unauthorized administrative ac ...)
 	NOT-FOR-US: NewsPHP
-CVE-2004-2688
+CVE-2004-2688 (Cross-site scripting (XSS) vulnerability in index.php in NewsPHP allow ...)
 	NOT-FOR-US: NewsPHP
-CVE-2004-2687
+CVE-2004-2687 (distcc 2.x, as used in XCode 1.5 and others, when not configured to re ...)
 	- distcc 2.18.1-1 (low)
 	NOTE: since 2.18.1-1 there is the --allow switch to control network access
 	NOTE: https://github.com/distcc/distcc/issues/155
 	NOTE: Fix in depth is only in later version 3.3, cf.
 	NOTE: https://bugs.debian.org/892973
-CVE-2004-2686
+CVE-2004-2686 (Directory traversal vulnerability in the vfs_getvfssw function in Sola ...)
 	NOT-FOR-US: Solaris
-CVE-2004-2685
+CVE-2004-2685 (Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote at ...)
 	NOT-FOR-US: Ccproxy
-CVE-2004-2684
+CVE-2004-2684 (Unspecified vulnerability in the %template package in InterSystems Cac ...)
 	NOT-FOR-US: InterSystems Cache
-CVE-2004-2683
+CVE-2004-2683 (Unspecified vulnerability in the %XML.Utils.SchemaServer class in Inte ...)
 	NOT-FOR-US: InterSystems Cache
-CVE-2004-2682
+CVE-2004-2682 (PeerSec MatrixSSL before 1.1 does not implement RSA blinding, which al ...)
 	- matrixssl 1.1-1
-CVE-2004-2681
+CVE-2004-2681 (PeerSec MatrixSSL before 1.1 caches session keys for an indefinitely l ...)
 	- matrixssl 1.1-1
-CVE-2004-2680
+CVE-2004-2680 (mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly ...)
 	- libapache2-mod-python 3.2.8-1 (low)
-CVE-2004-2679
+CVE-2004-2679 (Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to  ...)
 	NOT-FOR-US: CheckPoint Firewall
-CVE-2004-2678
+CVE-2004-2678 (Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24 ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2004-2677
+CVE-2004-2677 (Format string vulnerability in qwik-smtpd.c in QwikMail SMTP (qwik-smt ...)
 	NOT-FOR-US: QwikMail SMTP
-CVE-2004-2676
+CVE-2004-2676 (The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy  ...)
 	NOT-FOR-US: WebRoot Spy Sweeper
-CVE-2004-2675
+CVE-2004-2675 (ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users t ...)
 	NOT-FOR-US: ArgoSoft FTP Server
-CVE-2004-2674
+CVE-2004-2674 (Directory traversal vulnerability in ArGoSoft FTP Server before 1.4.1. ...)
 	NOT-FOR-US: ArgoSoft FTP Server
-CVE-2004-2673
+CVE-2004-2673 (Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow  ...)
 	NOT-FOR-US: ArgoSoft FTP Server
-CVE-2004-2672
+CVE-2004-2672 (Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows ...)
 	NOT-FOR-US: ArgoSoft FTP Server
-CVE-2004-2671
+CVE-2004-2671 (mod.php in eNdonesia 8.3 allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: eNdonesia CMS
-CVE-2004-2670
+CVE-2004-2670 (Multiple cross-site scripting (XSS) vulnerabilities in mod.php in eNdo ...)
 	NOT-FOR-US: eNdonesia
-CVE-2004-2669
+CVE-2004-2669 (Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 a ...)
 	NOT-FOR-US: Land Down Under
-CVE-2004-2668
+CVE-2004-2668 (SQL injection vulnerability in Interchange before 4.8.9 allows remote  ...)
 	- interchange 4.9.8-1
-CVE-2004-2667
+CVE-2004-2667 (Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before  ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2004-2666
+CVE-2004-2666 (Mantis before 20041016 provides a complete Issue History (Bug History) ...)
 	- mantis 0.19.2-1
-CVE-2004-2665
+CVE-2004-2665 (Unspecified vulnerability in the Address and Routing Parameter Area (A ...)
 	NOT-FOR-US: HP-UX
-CVE-2004-2664
+CVE-2004-2664 (John Lim ADOdb Library for PHP before 4.23 allows remote attackers to  ...)
 	- libphp-adodb <not-affected>
 	- egroupware <not-affected>
 	- moodle <not-affected>
 	- phppgadmin 4.0.1-2 (unimportant)
 	- gallery2 <not-affected>
 	- phpwiki <unfixed> (unimportant)
-CVE-2004-2663
+CVE-2004-2663 (The (1) SetDebugging and (2) RunEgatherer methods in IBM Access Suppor ...)
 	NOT-FOR-US: IBM
-CVE-2004-2662
+CVE-2004-2662 (Soft3304 04WebServer before 1.41 allows remote attackers to cause a de ...)
 	NOT-FOR-US: 04WebServer
-CVE-2004-2661
+CVE-2004-2661 (Soft3304 04WebServer before 1.41 does not properly check file names, w ...)
 	NOT-FOR-US: 04WebServer
-CVE-2004-2660
+CVE-2004-2660 (Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows  ...)
 	{DSA-1184-2}
 	- linux-2.6 <not-affected> (fixed before the first upload)
-CVE-2004-2659
+CVE-2004-2659 (Opera offers an Open button to verify that a user wishes to execute a  ...)
 	NOT-FOR-US: Opera
-CVE-2004-2658
+CVE-2004-2658 (resmgr in SUSE CORE 9 does not properly identify terminal names, which ...)
 	- resmgr <not-affected>
 CVE-2004-2657
 	- mozilla-firefox <not-affected>
 	- firefox <not-affected>
-CVE-2004-2656
+CVE-2004-2656 (Multiple cross-site scripting (XSS) vulnerabilities in Slashdot Like A ...)
 	- slash <not-affected> (Vulnerable code introduced in 2002, while Debian's is older!, see #390469)
-CVE-2004-2655
+CVE-2004-2655 (rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, wh ...)
 	- xscreensaver 4.18-1 (low)
-CVE-2004-2654
+CVE-2004-2654 (The clientAbortBody function in client_side.c in Squid Web Proxy Cache ...)
 	- squid 2.5.6
-CVE-2004-2653
+CVE-2004-2653 (Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows a ...)
 	NOT-FOR-US: PD9 Software MegaBBS
-CVE-2004-2652
+CVE-2004-2652 (The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when  ...)
 	- snort 2.3.0-1
-CVE-2004-2651
+CVE-2004-2651 (Multiple cross-site scripting (XSS) vulnerabilities in YaCy before 0.3 ...)
 	NOT-FOR-US: YaCy
-CVE-2004-2650
+CVE-2004-2650 (Spooler in Apache Foundation James 2.2.0 allows local users to cause a ...)
 	NOT-FOR-US: Apache James
-CVE-2004-2649
+CVE-2004-2649 (Eudora 6.1.0.6 allows remote attackers to obfuscate URLs displayed in  ...)
 	NOT-FOR-US: Eudora
-CVE-2004-2648
+CVE-2004-2648 (FreezeX 1.00.100.0666 allows local users with administrator privileges ...)
 	NOT-FOR-US: FreezeX
-CVE-2004-2647
+CVE-2004-2647 (Free Web Chat 2.0 allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Free Web Chat
-CVE-2004-2646
+CVE-2004-2646 (The addUser function in UserManager.java in Free Web Chat 2.0 allows r ...)
 	NOT-FOR-US: Free Web Chat
-CVE-2004-2645
+CVE-2004-2645 (Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has u ...)
 	- asn1c <not-affected> (Fixed before upload into archive; 0.9.7)
-CVE-2004-2644
+CVE-2004-2644 (Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has u ...)
 	- asn1c <not-affected> (Fixed before upload into archive; 0.9.7)
-CVE-2004-2643
+CVE-2004-2643 (Directory traversal vulnerability in Microsoft cabarc allows remote at ...)
 	NOT-FOR-US: Microsoft cabarc
-CVE-2004-2642
+CVE-2004-2642 (Yeemp 0.9.9 and earlier does not properly encrypt inbound files, which ...)
 	NOT-FOR-US: Yeemp
-CVE-2004-2641
+CVE-2004-2641 (Unspecified vulnerability in Sun Fire 3800/4800/4810/6800, Sun Fire V1 ...)
 	NOT-FOR-US: Sun appliances
-CVE-2004-2640
+CVE-2004-2640 (Directory traversal vulnerability in lstat.cgi in LinuxStat before 2.3 ...)
 	NOT-FOR-US: LinuxStat
-CVE-2004-2639
+CVE-2004-2639 (Unspecified vulnerability in Journalness 3.0.7 and earlier allows remo ...)
 	NOT-FOR-US: Journalness
-CVE-2004-2638
+CVE-2004-2638 (The Admin Access With Levels plugin in osCommerce 1.5.1 allows remote  ...)
 	NOT-FOR-US: osCommerce
-CVE-2004-2637
+CVE-2004-2637 (The NAT implementation in Zonet ZSR1104WE Wireless Router Runtime Code ...)
 	NOT-FOR-US: Zyxel hardware
-CVE-2004-2636
+CVE-2004-2636 (TinyWeb 1.9 allows remote attackers to read source code of scripts via ...)
 	NOT-FOR-US: TinyWeb
-CVE-2004-2635
+CVE-2004-2635 (An ActiveX control for McAfee Security Installer Control System 4.0.0. ...)
 	NOT-FOR-US: McAfee
-CVE-2004-2634
+CVE-2004-2634 (The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5. ...)
 	NOT-FOR-US: AIX
-CVE-2004-2633
+CVE-2004-2633 (Unspecified vulnerability in Sesamie 1.0 allows remote anonymous attac ...)
 	NOT-FOR-US: Sesamie
-CVE-2004-2632
+CVE-2004-2632 (phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configu ...)
 	- phpmyadmin 1:2.5.7-pl1-1
-CVE-2004-2631
+CVE-2004-2631 (Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5 ...)
 	- phpmyadmin 1:2.5.7-pl1-1
-CVE-2004-2630
+CVE-2004-2630 (The MIME transformation system (transformations/text_plain__external.i ...)
 	- phpmyadmin 2:2.6.0-pl2-1
-CVE-2004-2629
+CVE-2004-2629 (Multiple vulnerabilities in the H.323 protocol implementation for Firs ...)
 	NOT-FOR-US: Click to Meet express
-CVE-2004-2628
+CVE-2004-2628 (Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4,  ...)
 	- thttpd <not-affected> (Windows-specific vulnerabilities)
-CVE-2004-2627
+CVE-2004-2627 (Java 2 Micro Edition (J2ME) does not properly validate bytecode, which ...)
 	NOT-FOR-US: J2ME
-CVE-2004-2626
+CVE-2004-2626 (GUI overlay vulnerability in the Java API in Siemens S55 cellular phon ...)
 	NOT-FOR-US: Siemens cell phone
-CVE-2004-2625
+CVE-2004-2625 (Cross-site scripting (XSS) vulnerability in Outblaze Email allows remo ...)
 	NOT-FOR-US: Outblaze Email
-CVE-2004-2624
+CVE-2004-2624 (Cross-site scripting (XSS) vulnerability in "TextSearch" in WackoWiki  ...)
 	NOT-FOR-US: WackoWiki
-CVE-2004-2623
+CVE-2004-2623 (Unknown vulnerability in Rippy the Aggregator before 0.10, when regist ...)
 	NOT-FOR-US: Rippy the Aggregator
-CVE-2004-2622
+CVE-2004-2622 (AClient.exe in Altiris Deployment Solution 6.x and 5.x does not requir ...)
 	NOT-FOR-US: Altiris Deployment Solution
-CVE-2004-2621
+CVE-2004-2621 (Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when op ...)
 	NOT-FOR-US: Nortel Contivity VPN client
-CVE-2004-2620
+CVE-2004-2620 (The MIMEH_read_headers function in ripMIME 1.3.1.0 does not properly h ...)
 	NOT-FOR-US: ripMIME
-CVE-2004-2619
+CVE-2004-2619 (ripMIME 1.3.2.3 and earlier allows remote attackers to bypass e-mail p ...)
 	NOT-FOR-US: ripMIME
-CVE-2004-2618
+CVE-2004-2618 (Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) 0. ...)
 	NOT-FOR-US: Pegasi Web Server
-CVE-2004-2617
+CVE-2004-2617 (Directory traversal vulnerability in Pegasi Web Server (PWS) 0.2.2 all ...)
 	NOT-FOR-US: Pegasi Web Server
-CVE-2004-2616
+CVE-2004-2616 (The file server in ActivePost Standard 3.1 and earlier allows remote a ...)
 	NOT-FOR-US: ActivePost Standard
-CVE-2004-2615
+CVE-2004-2615 (The documentation for CuteNews 1.3.6 and possibly other versions speci ...)
 	NOT-FOR-US: Cutenews
-CVE-2004-2614
+CVE-2004-2614 (Buffer overflow in MyWeb 3.3 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: MyWeb
-CVE-2004-2613
+CVE-2004-2613 (Unspecified vulnerability in procfs in the Linux-VServer stable branch ...)
 	- kernel-patch-ctx 1:1.28-1 (bug #262903; medium)
-CVE-2004-2612
+CVE-2004-2612 (BNC 2.9.0 only grants access when an incorrect password is provided, w ...)
 	NOT-FOR-US: BNC
-CVE-2004-2611
+CVE-2004-2611 (The Change Permissions function in the Sophster suite before 0.9.6 28  ...)
 	NOT-FOR-US: Sophster suite
-CVE-2004-2610
+CVE-2004-2610 (mntd_mount.c in mntd before 0.4.2 might allow local users to gain priv ...)
 	NOT-FOR-US: mntd
-CVE-2004-2609
+CVE-2004-2609 (The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boo ...)
 	NOT-FOR-US: Symantec PowerQuest DeployCenter
-CVE-2004-2608
+CVE-2004-2608 (SmartWebby Smart Guest Book stores SmartGuestBook.mdb (aka the "news d ...)
 	NOT-FOR-US: SmartWebby Smart Guest Book
-CVE-2004-2607
+CVE-2004-2607 (A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to ...)
 	{DSA-1018-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.6)
-CVE-2004-2606
+CVE-2004-2606 (The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with ...)
 	NOT-FOR-US: Linksys hardware
-CVE-2004-2605
+CVE-2004-2605 (aStats 1.6.5 allows local users to overwrite arbitrary files via a sym ...)
 	- astats <removed> (bug #287604)
-CVE-2004-2604
+CVE-2004-2604 (Cross-site scripting (XSS) vulnerability in index.php in PHProxy allow ...)
 	NOT-FOR-US: PHProxy
-CVE-2004-2603
+CVE-2004-2603 (Cross-site scripting (XSS) vulnerability in the Search module in UberT ...)
 	NOT-FOR-US: UberTec Help Center Live
-CVE-2004-2602
+CVE-2004-2602 (PHP remote file inclusion vulnerability in UberTec Help Center Live (H ...)
 	NOT-FOR-US: UberTec Help Center Live
-CVE-2004-2601
+CVE-2004-2601 (PHP remote file inclusion vulnerability in UberTec Help Center Live (H ...)
 	NOT-FOR-US: UberTec Help Center Live
-CVE-2004-2600
+CVE-2004-2600 (The firmware for Intelligent Platform Management Interface (IPMI) 1.5- ...)
 	NOT-FOR-US: Intel hardware
-CVE-2004-2599
+CVE-2004-2599 (Multiple buffer overflows in Quake II server before R1Q2, as used in m ...)
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
 	NOTE: There is a big note in the quake2 package stating that it is not secure.
 	NOTE: Otherwise severity would be high.
-CVE-2004-2598
+CVE-2004-2598 (Quake II server before R1Q2, as used in multiple products, allows remo ...)
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2597
+CVE-2004-2597 (Quake II server before R1Q2, as used in multiple products, allows remo ...)
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2596
+CVE-2004-2596 (Quake II server before R1Q2, as used in multiple products, allows remo ...)
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2595
+CVE-2004-2595 (Absolute path traversal vulnerability in Quake II server before R1Q2 o ...)
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2594
+CVE-2004-2594 (Absolute path traversal vulnerability in Quake II server before R1Q2 o ...)
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2593
+CVE-2004-2593 (Buffer overflow in command-packet processing of Quake II server before ...)
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2592
+CVE-2004-2592 (Quake II server before R1Q2, as used in multiple products, allows remo ...)
 	- quake2 <removed> (bug #280573; low)
 	[sarge] - quake2 <no-dsa> (Documented to be insecure, contrib)
-CVE-2004-2591
+CVE-2004-2591 (The data-overwrite capability of ButtUglySoftware CleanCache 2.19 does ...)
 	NOT-FOR-US: ButtUglySoftware CleanCache
-CVE-2004-2590
+CVE-2004-2590 (Unspecified vulnerability in meindlSOFT Cute PHP Library (aka cphplib) ...)
 	NOT-FOR-US: meindlSOFT Cute PHP Library
-CVE-2004-2589
+CVE-2004-2589 (Gaim before 0.82 allows remote servers to cause a denial of service (a ...)
 	- gaim 0.82-1 (medium)
-CVE-2004-2588
+CVE-2004-2588 (Intentional information leak in phpinfo.php in XMB (aka extreme messag ...)
 	NOT-FOR-US: XMB
-CVE-2004-2587
+CVE-2004-2587 (login.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows re ...)
 	NOT-FOR-US: SmarterTools SmarterMail
-CVE-2004-2586
+CVE-2004-2586 (Directory traversal vulnerability in frmGetAttachment.aspx in SmarterT ...)
 	NOT-FOR-US: SmarterTools SmarterMail
-CVE-2004-2585
+CVE-2004-2585 (Cross-site scripting (XSS) vulnerability in frmCompose.aspx in Smarter ...)
 	NOT-FOR-US: SmarterTools SmarterMail
-CVE-2004-2584
+CVE-2004-2584 (frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 al ...)
 	NOT-FOR-US: SmarterTools SmarterMail
-CVE-2004-2583
+CVE-2004-2583 (SMTP service in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows  ...)
 	NOT-FOR-US: SmarterTools SmarterMail
-CVE-2004-2582
+CVE-2004-2582 (Novell iChain 2.3 includes the build number in the VIA line of the pro ...)
 	NOT-FOR-US: iChain
-CVE-2004-2581
+CVE-2004-2581 (Novell iChain 2.3 allows attackers to cause a denial of service via a  ...)
 	NOT-FOR-US: iChain
-CVE-2004-2580
+CVE-2004-2580 (Cross-site scripting (XSS) vulnerability in Novell iChain 2.3 allows r ...)
 	NOT-FOR-US: iChain
-CVE-2004-2579
+CVE-2004-2579 (ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access ...)
 	NOT-FOR-US: iChain
-CVE-2004-2578
+CVE-2004-2578 (phpGroupWare before 0.9.16.002 transmits the (1) header admin and (2)  ...)
 	- phpgroupware 0.9.16.002-1
-CVE-2004-2577
+CVE-2004-2577 (The acl_check function in phpGroupWare 0.9.16RC2 always returns True,  ...)
 	- phpgroupware 0.9.14-0.RC3.1
-CVE-2004-2576
+CVE-2004-2576 (class.vfs_dav.inc.php in phpGroupWare 0.9.16.000 does not create .htac ...)
 	- phpgroupware 0.9.16.000.1.cvs.20040620-1
-CVE-2004-2575
+CVE-2004-2575 (phpGroupWare 0.9.14.005 and earlier allow remote attackers to obtain s ...)
 	- phpgroupware 0.9.14.007
-CVE-2004-2574
+CVE-2004-2574 (Cross-site scripting (XSS) vulnerability in index.php in phpGroupWare  ...)
 	- phpgroupware 0.9.14.007
-CVE-2004-2573
+CVE-2004-2573 (PHP remote file inclusion vulnerability in tables_update.inc.php in ph ...)
 	- phpgroupware 0.9.14.007
-CVE-2004-2572
+CVE-2004-2572 (AMAX Magic Winmail Server 3.6 allows remote attackers to obtain sensit ...)
 	NOT-FOR-US: AMAX Magic Winmail
-CVE-2004-2571
+CVE-2004-2571 (Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote atta ...)
 	- isoqlog 2.2-0.1
-CVE-2004-2570
+CVE-2004-2570 (Opera before 7.54 allows remote attackers to modify properties and met ...)
 	NOT-FOR-US: Opera
-CVE-2004-2568
+CVE-2004-2568 (Multiple cross-site scripting (XSS) vulnerabilities in ReciPants 1.1.1 ...)
 	NOT-FOR-US: ReciPants
-CVE-2004-2567
+CVE-2004-2567 (Multiple SQL injection vulnerabilities in ReciPants 1.1.1 allow remote ...)
 	NOT-FOR-US: ReciPants
-CVE-2004-2566
+CVE-2004-2566 (Multiple cross-site scripting (XSS) vulnerabilities in LiveWorld produ ...)
 	NOT-FOR-US: LiveWorld
-CVE-2004-2565
+CVE-2004-2565 (Multiple directory traversal vulnerabilities in Sambar Server 6.1 Beta ...)
 	NOT-FOR-US: Sambar
-CVE-2004-2564
+CVE-2004-2564 (Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server 6 ...)
 	NOT-FOR-US: Sambar
-CVE-2004-2563
+CVE-2004-2563 (Serena TeamTrack 6.1.1 allows remote attackers to obtain sensitive inf ...)
 	NOT-FOR-US: Serena TeamTrack
-CVE-2004-2562
+CVE-2004-2562 (SQL injection vulnerability in jobedit.asp in Leigh Business Enterpris ...)
 	NOT-FOR-US: Leigh Business Enterprises
-CVE-2004-2561
+CVE-2004-2561 (Multiple SQL injection vulnerabilities in Internet Software Sciences W ...)
 	NOT-FOR-US: ISS Web+Center
-CVE-2004-2560
+CVE-2004-2560 (DokuWiki before 2004-10-19, when used on a web server that permits exe ...)
 	- dokuwiki <not-affected> (Fixed before upload into the archive)
-CVE-2004-2559
+CVE-2004-2559 (DokuWiki before 2004-10-19 allows remote attackers to access administr ...)
 	- dokuwiki <not-affected> (Fixed before upload into the archive)
-CVE-2004-2569
+CVE-2004-2569 (ipmenu 0.0.3 before Debian GNU/Linux ipmenu_0.0.3-5 allows local users ...)
 	{DSA-907-1}
 	- ipmenu 0.0.3-5
-CVE-2004-2558
+CVE-2004-2558 (Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, ...)
 	NOT-FOR-US: Tivoli
-CVE-2004-2557
+CVE-2004-2557 (NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a hardcod ...)
 	NOT-FOR-US: Netgear hardware
-CVE-2004-2556
+CVE-2004-2556 (NetGear WG602 (aka WG602v1) Wireless Access Point firmware 1.04.0 and  ...)
 	NOT-FOR-US: Netgear hardware
-CVE-2004-2555
+CVE-2004-2555 (Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses w ...)
 	NOT-FOR-US: FoolProof Security
-CVE-2004-2554
+CVE-2004-2554 (Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Fire ...)
 	NOT-FOR-US: Novell Client Firewall
-CVE-2004-2553
+CVE-2004-2553 (The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows remo ...)
 	NOT-FOR-US: ignitionServer
-CVE-2004-2552
+CVE-2004-2552 (Buffer overflow in XBoard 4.2.7 and earlier might allow local users to ...)
 	- xboard 4.2.7-3 (bug #343560; unimportant)
-CVE-2004-2551
+CVE-2004-2551 (Multiple SQL injection vulnerabilities in Layton HelpBox 3.0.1 allow r ...)
 	NOT-FOR-US: Layton HelpBox
-CVE-2004-2550
+CVE-2004-2550 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified Per ...)
 	NOT-FOR-US: SandSurfer
-CVE-2004-2549
+CVE-2004-2549 (Nortel Wireless LAN (WLAN) Access Point (AP) 2220, 2221, and 2225 allo ...)
 	NOT-FOR-US: Nortel hardware
-CVE-2004-2548
+CVE-2004-2548 (Multiple cross-site scripting (XSS) vulnerabilities in NetWin (1) Surg ...)
 	NOT-FOR-US: SurgeMail
-CVE-2004-2547
+CVE-2004-2547 (NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attacker ...)
 	NOT-FOR-US: SurgeMail
-CVE-2004-2546
+CVE-2004-2546 (Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a ...)
 	- samba 3.0.6-1
-CVE-2004-2545
+CVE-2004-2545 (Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote atta ...)
 	NOT-FOR-US: Sidewinder G2
-CVE-2004-2544
+CVE-2004-2544 (Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 e ...)
 	NOT-FOR-US: Sidewinder G2
-CVE-2004-2543
+CVE-2004-2543 (Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote ...)
 	NOT-FOR-US: Sidewinder G2
-CVE-2004-2542
+CVE-2004-2542 (Multiple SQL injection vulnerabilities in Dynix (formerly known as epi ...)
 	NOT-FOR-US: Dynix WebPac
-CVE-2004-2541
+CVE-2004-2541 (Buffer overflow in Cscope 15.5, and possibly multiple overflows, allow ...)
 	{DSA-1064-1}
 	- cscope 15.5+cvs20050816-1.1 (bug #340177; medium)
 	NOTE: Sarge and Woody are affected
-CVE-2004-2540
+CVE-2004-2540 (readObject in (1) Java Runtime Environment (JRE) and (2) Software Deve ...)
 	NOT-FOR-US: Proprietary Java
-CVE-2004-2539
+CVE-2004-2539 (Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP ...)
 	NOT-FOR-US: NetCache
-CVE-2004-2538
+CVE-2004-2538 (Direct static code injection vulnerability in the PCG simple applicati ...)
 	NOT-FOR-US: phpCodeGenie
-CVE-2004-2537
+CVE-2004-2537 (Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impac ...)
 	NOT-FOR-US: SurgeMail
-CVE-2004-2536
+CVE-2004-2536 (The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.6)
 	- kernel-source-2.4.27 <not-affected>
 	[sarge] - kernel-source-2.6.8 <not-affected> (Fixed before upload into archive; 2.6.6)
-CVE-2004-2535
+CVE-2004-2535 (The person-to-person secure messaging feature in Sticker before 3.1.0  ...)
 	NOT-FOR-US: Sticker
-CVE-2004-2534
+CVE-2004-2534 (Fastream NETFile Server 7.1.2 does not properly handle keep-alive conn ...)
 	NOT-FOR-US: NETFile Server
-CVE-2004-2533
+CVE-2004-2533 (Serv-U FTP Server 4.1 (possibly 4.0) allows remote attackers to cause  ...)
 	NOT-FOR-US: Serv-U FTP Server
-CVE-2004-2532
+CVE-2004-2532 (Serv-U FTP server before 5.1.0.0 has a default account and password fo ...)
 	NOT-FOR-US: Serv-U FTP Server
-CVE-2004-2531
+CVE-2004-2531 (X.509 Certificate Signature Verification in Gnu transport layer securi ...)
 	- gnutls11 1.0.16-8 (bug #336006; low)
 	- gnutls12 <not-affected> (fixed before upload)
-CVE-2004-2530
+CVE-2004-2530 (Visual truncation vulnerability in Gadu-Gadu allows remote attackers t ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-2529
+CVE-2004-2529 (Gadu-Gadu allows remote attackers to bypass the "image send" option by ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-2528
+CVE-2004-2528 (Cross-site scripting (XSS) vulnerability in sresult.exe in Webcam Watc ...)
 	NOT-FOR-US: Webcam Watchdog
-CVE-2004-2527
+CVE-2004-2527 (The local and remote desktop login screens in Microsoft Windows XP bef ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2526
+CVE-2004-2526 (Directory traversal vulnerability in ldacgi.exe in IBM Tivoli Director ...)
 	NOT-FOR-US: Tivoli
-CVE-2004-2525
+CVE-2004-2525 (Cross-site scripting (XSS) vulnerability in compat.php in Serendipity  ...)
 	- serendipity 1.0-1
-CVE-2004-2524
+CVE-2004-2524 (clogin.php in Benchmark Designs' WHM AutoPilot 2.4.5 and earlier allow ...)
 	NOT-FOR-US: WHM AutoPilot
-CVE-2004-2523
+CVE-2004-2523 (Format string vulnerability in the msg command (cat_message function i ...)
 	NOT-FOR-US: OpenFTPD
-CVE-2004-2522
+CVE-2004-2522 (Cross-site scripting (XSS) vulnerability in web.tmpl in Gattaca Server ...)
 	NOT-FOR-US: Gattaca
-CVE-2004-2521
+CVE-2004-2521 (Mail server in Gattaca Server 2003 1.1.10.0 allows remote attackers to ...)
 	NOT-FOR-US: Gattaca
-CVE-2004-2520
+CVE-2004-2520 (POP3 protocol in Gattaca Server 2003 1.1.10.0 allows remote authentica ...)
 	NOT-FOR-US: Gattaca
-CVE-2004-2519
+CVE-2004-2519 (Gattaca Server 2003 1.1.10.0 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Gattaca
-CVE-2004-2518
+CVE-2004-2518 (Gattaca Server 2003 1.1.10.0 allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: Gattaca
-CVE-2004-2517
+CVE-2004-2517 (myServer 0.7.1 allows remote attackers to cause a denial of service (c ...)
 	NOT-FOR-US: myServer
-CVE-2004-2516
+CVE-2004-2516 (Directory traversal vulnerability in myServer 0.7 allows remote attack ...)
 	NOT-FOR-US: myServer
-CVE-2004-2515
+CVE-2004-2515 (Format string vulnerability in VMware Workstation 4.5.2 build-8848, if ...)
 	NOT-FOR-US: VMWare Workstation
-CVE-2004-2514
+CVE-2004-2514 (Cross-site scripting (XSS) vulnerability in modules/private_messages/i ...)
 	NOT-FOR-US: PowerPortal
-CVE-2004-2513
+CVE-2004-2513 (Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 all ...)
 	NOT-FOR-US: Mercury Mail
-CVE-2004-2512
+CVE-2004-2512 (CRLF injection vulnerability in calendar.php in DCP-Portal 5.3.2 and e ...)
 	NOT-FOR-US: DCP-Portal
-CVE-2004-2511
+CVE-2004-2511 (Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3. ...)
 	NOT-FOR-US: DCP-Portal
-CVE-2004-2510
+CVE-2004-2510 (Cross-site scripting (XSS) vulnerability in showflat.php in Infopop UB ...)
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2004-2509
+CVE-2004-2509 (Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) lo ...)
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2004-2508
+CVE-2004-2508 (Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B ...)
 	NOT-FOR-US: Linksys hardware
-CVE-2004-2507
+CVE-2004-2507 (Absolute path traversal vulnerability in main.cgi in Linksys WVC11B Wi ...)
 	NOT-FOR-US: Linksys hardware
-CVE-2004-2506
+CVE-2004-2506 (Unparsed web content delivery vulnerability in WIKINDX before 0.9.9g a ...)
 	NOT-FOR-US: WIKINDX
-CVE-2004-2505
+CVE-2004-2505 (Macromedia ColdFusion MX before 6.1 does not restrict the size of erro ...)
 	NOT-FOR-US: ColdFusion
-CVE-2004-2504
+CVE-2004-2504 (The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8,  ...)
 	NOT-FOR-US: Alt-N Technologies Mdaemon
-CVE-2004-2503
+CVE-2004-2503 (INweb Mail Server 2.40 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Inweb Mail Server
-CVE-2004-2502
+CVE-2004-2502 (im-switch before 11.4-46.1 in Fedora Core 2 allows local users to over ...)
 	- im-switch <not-affected> (Debian's version is somehow derived from RH, but not affected)
-CVE-2004-2501
+CVE-2004-2501 (Buffer overflow in the IMAP service of MailEnable Professional Edition ...)
 	NOT-FOR-US: MailEnable Professional
-CVE-2004-2500
+CVE-2004-2500 (Unknown vulnerability in IlohaMail before 0.8.14-rc1 has unknown impac ...)
 	- ilohamail 0.8.14-0rc1
-CVE-2004-2499
+CVE-2004-2499 (Unspecified vulnerability in Hitachi Web Page Generator and Web Page G ...)
 	NOT-FOR-US: Hitachi Web Page Generator
-CVE-2004-2498
+CVE-2004-2498 (Unspecified vulnerability in the error handler in Hitachi Web Page Gen ...)
 	NOT-FOR-US: Hitachi Web Page Generator
-CVE-2004-2497
+CVE-2004-2497 (Cross-site scripting (XSS) vulnerability in the error handler in Hitac ...)
 	NOT-FOR-US: Hitachi Web Page Generator
-CVE-2004-2496
+CVE-2004-2496 (The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote attac ...)
 	NOT-FOR-US: OpenText FirstClass
-CVE-2004-2495
+CVE-2004-2495 (The (1) Webmail, (2) admin, and (3) SMTP services in Ability Mail Serv ...)
 	NOT-FOR-US: Ability Mail Server
-CVE-2004-2494
+CVE-2004-2494 (Cross-site scripting (XSS) vulnerability in _error in Ability Mail Ser ...)
 	NOT-FOR-US: Ability Mail Server
-CVE-2004-2493
+CVE-2004-2493 (Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) ...)
 	NOT-FOR-US: GmaxWWW
-CVE-2004-2492
+CVE-2004-2492 (Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web (G ...)
 	NOT-FOR-US: GmaxWWW
-CVE-2004-2491
+CVE-2004-2491 (A race condition in Opera web browser 7.53 Build 3850 causes Opera to  ...)
 	NOT-FOR-US: Opera
-CVE-2004-2490
+CVE-2004-2490 (Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.xC1 and 9.40 ...)
 	NOT-FOR-US: Informix Dynamic Server
-CVE-2004-2489
+CVE-2004-2489 (Format string vulnerability in IBM Informix Dynamic Server (IDS) befor ...)
 	NOT-FOR-US: Informix Dynamic Server
-CVE-2004-2488
+CVE-2004-2488 (Directory traversal vulnerability in Nexgen FTP Server before 2.2.3.23 ...)
 	NOT-FOR-US: Nexgen FTP Server
-CVE-2004-2487
+CVE-2004-2487 (Directory traversal vulnerability in Nexgen FTP Server before 2.2.3.23 ...)
 	NOT-FOR-US: Nexgen FTP Server
-CVE-2004-2486
+CVE-2004-2486 (The DSS verification code in Dropbear SSH Server before 0.43 frees uni ...)
 	- dropbear 0.43-2
-CVE-2004-2485
+CVE-2004-2485 (Unspecified vulnerability in PHP Live! before 2.8.2, due to a "major s ...)
 	NOT-FOR-US: PHP Live!
-CVE-2004-2484
+CVE-2004-2484 (Cross-site scripting (XSS) vulnerability in PHP Gift Registry 1.3.5 an ...)
 	NOT-FOR-US: PHP Gift Registry
 CVE-2004-XXXX [Unspecified buffer overflow in libmng]
 	- libmng 1.0.8-1 (bug #250106)
@@ -642,1718 +642,1718 @@ CVE-2004-XXXX [Two vulnerabilities in sredird]
 	- sredird 2.2.1-1.1 (bug #267098)
 CVE-2004-XXXX [phpwiki shares a cookie for all wikis on a host]
 	- phpwiki 1.3.12p2-1 (bug #282565; medium)
-CVE-2004-2483
+CVE-2004-2483 (Kerio WinRoute Firewall before 6.0.9 uses information from PTR queries ...)
 	NOT-FOR-US: Kerio WinRoute Firewall
-CVE-2004-2482
+CVE-2004-2482 (Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word ...)
 	NOT-FOR-US: Outlook
-CVE-2004-2481
+CVE-2004-2481 (MyProxy 6.58 allows remote authenticated users in the Users Tab to con ...)
 	NOT-FOR-US: MyProxy
-CVE-2004-2480
+CVE-2004-2480 (Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass se ...)
 	NOTE: could not reproduce this with squid 2.5, neither could the redhat guys
 	NOTE: see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166522
 	- squid 2.5
-CVE-2004-2479
+CVE-2004-2479 (Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensi ...)
 	- squid 2.5.8
-CVE-2004-2478
+CVE-2004-2478 (Unspecified vulnerability in Jetty HTTP Server, as used in (1) IBM Tra ...)
 	NOTE: "the original vendor report is too vague to know whether this issue is already identified by another CVE name."
-CVE-2004-2477
+CVE-2004-2477 (DiamondCS Process Guard Free 2.000 allows local users to disable the p ...)
 	NOT-FOR-US: DiamondCS
-CVE-2004-2476
+CVE-2004-2476 (Microsoft Internet Explorer 6.0 allows remote attackers to cause a den ...)
 	NOT-FOR-US: MS IE
-CVE-2004-2475
+CVE-2004-2475 (Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 a ...)
 	NOT-FOR-US: Google Toolbar
-CVE-2004-2474
+CVE-2004-2474 (SQL injection vulnerability in PHPNews 1.2.3 allows remote attackers t ...)
 	NOT-FOR-US: PHPNews
-CVE-2004-2473
+CVE-2004-2473 (wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows lo ...)
 	NOT-FOR-US: wmFrog
-CVE-2004-2472
+CVE-2004-2472 (Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Outpost Pro
-CVE-2004-2471
+CVE-2004-2471 (SQL injection vulnerability in the sloth TCL script in QuoteEngine bef ...)
 	NOT-FOR-US: QuoteEngine
-CVE-2004-2470
+CVE-2004-2470 (Unspecified vulnerability in MadBMS before 1.1.5 has unknown impact an ...)
 	NOT-FOR-US: MadBMS
-CVE-2004-2469
+CVE-2004-2469 (Unspecified vulnerability in Reservation.class.php for phpScheduleIt 1 ...)
 	NOT-FOR-US: phpScheduleIt
-CVE-2004-2468
+CVE-2004-2468 (Cross-site scripting (XSS) vulnerability in SillySearch 2.3 and earlie ...)
 	NOT-FOR-US: SillySearch
-CVE-2004-2467
+CVE-2004-2467 (chat.ghp in Easy Chat Server 1.2 allows remote attackers to add a larg ...)
 	NOT-FOR-US: Easy Chat Server
-CVE-2004-2466
+CVE-2004-2466 (chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Easy Chat Server
-CVE-2004-2465
+CVE-2004-2465 (Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat Serv ...)
 	NOT-FOR-US: Easy Chat Server
-CVE-2004-2464
+CVE-2004-2464 (Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 all ...)
 	NOT-FOR-US: ADA Image Server
-CVE-2004-2463
+CVE-2004-2463 (Buffer overflow in ADA Image Server (ImgSvr) 0.4 allows remote attacke ...)
 	NOT-FOR-US: ADA Image Server
-CVE-2004-2462
+CVE-2004-2462 (cplay 1.49 on Linux allows local users to overwrite arbitrary files vi ...)
 	- cplay 1.49-3 (medium)
-CVE-2004-2461
+CVE-2004-2461 (Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to  ...)
 	- gnubiff 2.0.0 (medium)
-CVE-2004-2460
+CVE-2004-2460 (Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote at ...)
 	- gnubiff 2.0.0 (medium)
-CVE-2004-2459
+CVE-2004-2459 (Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users  ...)
 	- gnubiff 2.0.0 (medium)
-CVE-2004-2458
+CVE-2004-2458 (Open WebMail 2.30 and earlier, when use_syshomedir is disabled or crea ...)
 	NOT-FOR-US: Open WebMail
-CVE-2004-2457
+CVE-2004-2457 (Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows ...)
 	NOT-FOR-US: 3Com OfficeConnect ADSL 11g Router
-CVE-2004-2456
+CVE-2004-2456 (SQL injection vulnerability in index.php in miniBB 1.7f and earlier al ...)
 	NOT-FOR-US: miniBB
-CVE-2004-2455
+CVE-2004-2455 (Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows  ...)
 	NOT-FOR-US: Sweex Wireless Broadband Router/Accesspoint 802.11g
-CVE-2004-2454
+CVE-2004-2454 (aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive ...)
 	NOT-FOR-US: aMSN 0.90 for Microsoft Windows
-CVE-2004-2453
+CVE-2004-2453 (Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4 ...)
 	NOT-FOR-US: Tutti Nova
-CVE-2004-2452
+CVE-2004-2452 (Unknown vulnerability in Hitachi Cosminexus Portal Framework 01-00, 01 ...)
 	NOT-FOR-US: Hitachi Cosminexus Portal Framework
-CVE-2004-2451
+CVE-2004-2451 (Roger Wilco 1.4.1.6 and earlier, or Roger Wilco Base Station 0.30a or  ...)
 	NOT-FOR-US: Roger Wilco
-CVE-2004-2450
+CVE-2004-2450 (The client and server for Roger Wilco 1.4.1.6 and earlier or Roger Wil ...)
 	NOT-FOR-US: Roger Wilco
-CVE-2004-2449
+CVE-2004-2449 (Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and  ...)
 	NOT-FOR-US: Roger Wilco
-CVE-2004-2448
+CVE-2004-2448 (S-Mart Shopping Cart or RediCart 3.9.5b stores smart.cfg under the web ...)
 	NOT-FOR-US: S-Mart Shopping Cart or RediCart
-CVE-2004-2447
+CVE-2004-2447 (Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 ...)
 	NOT-FOR-US: *1st Class Mail Server
-CVE-2004-2446
+CVE-2004-2446 (Directory traversal vulnerability in 1st Class Mail Server 4.01 allows ...)
 	NOT-FOR-US: *1st Class Mail Server
-CVE-2004-2445
+CVE-2004-2445 (Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows ...)
 	NOT-FOR-US: Jaws
-CVE-2004-2444
+CVE-2004-2444 (Cross-site scripting (XSS) vulnerability in index.php in Jaws 0.3 allo ...)
 	NOT-FOR-US: Jaws
-CVE-2004-2443
+CVE-2004-2443 (Jaws 0.3 allows remote attackers to bypass authentication and via an H ...)
 	NOT-FOR-US: Jaws
-CVE-2004-2442
+CVE-2004-2442 (Multiple interpretation error in various F-Secure Anti-Virus products, ...)
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2004-2441
+CVE-2004-2441 (Unspecified vulnerability in Kerio MailServer before 6.0.3 has unknown ...)
 	NOT-FOR-US: Kerio
-CVE-2004-2440
+CVE-2004-2440 (Unspecified vulnerability in cmdline.c in proxytunnel 1.1.3 and earlie ...)
 	- proxytunnel 1.2.0-1
-CVE-2004-2439
+CVE-2004-2439 (The remote upgrade capability in HP LaserJet 4200 and 4300 printers do ...)
 	NOT-FOR-US: HP printers
-CVE-2004-2438
+CVE-2004-2438 (Cross-site scripting (XSS) vulnerability in PHP-Fusion 4.01 allows rem ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2004-2437
+CVE-2004-2437 (SQL injection vulnerability in PHP-Fusion 4.01 allows remote attackers ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2004-2436
+CVE-2004-2436 (Computer Associates Unicenter Common Services 3.0 and earlier stores t ...)
 	NOT-FOR-US: Computer Associates Unicenter Common Services
-CVE-2004-2435
+CVE-2004-2435 (Cross-site scripting (XSS) vulnerability in PeopleSoft Human Resources ...)
 	NOT-FOR-US: PeopleSoft Human Resources Management System (HRMS)
-CVE-2004-2434
+CVE-2004-2434 (Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a ...)
 	NOT-FOR-US: MS IE
-CVE-2004-2433
+CVE-2004-2433 (Buffer overflow in the IsValidFile function in the ADM ActiveX control ...)
 	NOT-FOR-US: ADM ActiveX control
-CVE-2004-2432
+CVE-2004-2432 (WinAgents TFTP Server 3.0 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: WinAgents TFTP Server
-CVE-2004-2431
+CVE-2004-2431 (Unknown vulnerability in The Ignition Project ignitionServer 0.1.2 thr ...)
 	NOT-FOR-US: ignitionServer
-CVE-2004-2430
+CVE-2004-2430 (Trend OfficeScan Corporate Edition 5.58 and possibly earler does not d ...)
 	NOT-FOR-US: Trend OfficeScan
-CVE-2004-2429
+CVE-2004-2429 (Multiple stack-based and heap-based buffer overflows in EnderUNIX spam ...)
 	NOT-FOR-US: EnderUNIX spamGuard
-CVE-2004-2428
+CVE-2004-2428 (Abczone.it WWWguestbook 1.1 stores db/dbase.mdb under the web document ...)
 	NOT-FOR-US: WWWguestbook
-CVE-2004-2427
+CVE-2004-2427 (Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlie ...)
 	NOT-FOR-US: Axis Network Camera
-CVE-2004-2426
+CVE-2004-2426 (Directory traversal vulnerability in Axis Network Camera 2.40 and earl ...)
 	NOT-FOR-US: Axis Network Camera
-CVE-2004-2425
+CVE-2004-2425 (Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlie ...)
 	NOT-FOR-US: Axis Network Camera
-CVE-2004-2424
+CVE-2004-2424 (BEA WebLogic Server and WebLogic Express 8.1 through 8.1 SP2 allow rem ...)
 	NOT-FOR-US: BEA
-CVE-2004-2423
+CVE-2004-2423 (Unknown vulnerability in the Web calendaring component of Ipswitch IMa ...)
 	NOT-FOR-US: Ipswitch IMail Server
-CVE-2004-2422
+CVE-2004-2422 (Multiple features in Ipswitch IMail Server before 8.13 allow remote at ...)
 	NOT-FOR-US: Ipswitch IMail Server
-CVE-2004-2421
+CVE-2004-2421 (Unknown vulnerability in Hitachi Job Management Partner (JP1) JP1/File ...)
 	NOT-FOR-US: Hitachi Job Management Partner
-CVE-2004-2420
+CVE-2004-2420 (Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP  ...)
 	NOT-FOR-US: Hitachi Job Management Partner
-CVE-2004-2419
+CVE-2004-2419 (Keene Digital Media Server 1.0.2 allows local users to obtain username ...)
 	NOT-FOR-US: Keene Digital Media Server
-CVE-2004-2418
+CVE-2004-2418 (Buffer overflow in SlimFTPd 3.15 and earlier allows local users to exe ...)
 	NOT-FOR-US: slimftpd not in debian
-CVE-2004-2417
+CVE-2004-2417 (Format string vulnerability in smtp.c for smtp.proxy 1.1.3 and earlier ...)
 	NOT-FOR-US: smtp.proxy
-CVE-2004-2416
+CVE-2004-2416 (Buffer overflow in the logging component of CCProxy allows remote atta ...)
 	NOT-FOR-US: ccproxy
-CVE-2004-2415
+CVE-2004-2415 (Davenport before 0.9.10 allows attackers to cause a denial of service  ...)
 	NOT-FOR-US: Davenport
-CVE-2004-2414
+CVE-2004-2414 (Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Over ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2413
+CVE-2004-2413 (SQL injection vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 al ...)
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2004-2412
+CVE-2004-2412 (Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 thr ...)
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2004-2411
+CVE-2004-2411 (The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4. ...)
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2004-2410
+CVE-2004-2410 (Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2. ...)
 	- samhain 2.0.2
-CVE-2004-2409
+CVE-2004-2409 (Buffer overflow in the sh_hash_compdata function for Samhain 1.8.9 thr ...)
 	- samhain 2.0.2
-CVE-2004-2408
+CVE-2004-2408 (Linux VServer 1.27 and earlier, 1.3.9 and earlier, and 1.9.1 and earli ...)
 	- kernel-patch-vserver 1.9.2
-CVE-2004-2407
+CVE-2004-2407 (Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown at ...)
 	- phpgroupware 0.9.14.002
-CVE-2004-2406
+CVE-2004-2406 (Unknown "overflow" in the phpgw_config table for phpGroupWare before 0 ...)
 	- phpgroupware 0.9.14.002
-CVE-2004-2405
+CVE-2004-2405 (Buffer overflow in multiple F-Secure Anti-Virus products, including F- ...)
 	NOT-FOR-US: F-Secure Anti-Virus
 CVE-2004-2404
 	REJECTED
-CVE-2004-2403
+CVE-2004-2403 (Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3. ...)
 	NOT-FOR-US: YaBB
-CVE-2004-2402
+CVE-2004-2402 (Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP  ...)
 	NOT-FOR-US: YaBB
-CVE-2004-2401
+CVE-2004-2401 (Stack-based buffer overflow in Ipswitch IMail Express Web Messaging be ...)
 	NOT-FOR-US: Ipswitch IMail
-CVE-2004-2400
+CVE-2004-2400 (WinFTP Server 1.6 stores username and password credentials in plaintex ...)
 	NOT-FOR-US: WinFTP Server
-CVE-2004-2399
+CVE-2004-2399 (Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote atta ...)
 	NOT-FOR-US: Sidewinder
-CVE-2004-2398
+CVE-2004-2398 (Netenberg Fantastico De Luxe 2.8 uses database file names that contain ...)
 	NOT-FOR-US: Netenberg Fantastico De Luxe
-CVE-2004-2397
+CVE-2004-2397 (The web-based Management Console in Blue Coat Security Gateway OS 3.0  ...)
 	NOT-FOR-US: Blue Coat
-CVE-2004-2396
+CVE-2004-2396 (passwd 0.68 does not check the return code for the pam_start function, ...)
 	NOTE: shadow is a different code base, and does not have this problem
-CVE-2004-2395
+CVE-2004-2395 (Memory leak in passwd 0.68 allows local users to cause a denial of ser ...)
 	NOTE: shadow is a different code base, and does not have this problem
-CVE-2004-2394
+CVE-2004-2394 (Off-by-one error in passwd 0.68 and earlier, when using the --stdin op ...)
 	NOTE: shadow is a different code base, and does not have this problem
-CVE-2004-2393
+CVE-2004-2393 (Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not pro ...)
 	NOT-FOR-US: Sun JSSE
-CVE-2004-2392
+CVE-2004-2392 (libuser 0.51.7 allows attackers to cause a denial of service (crash or ...)
 	NOT-FOR-US: libuser
-CVE-2004-2391
+CVE-2004-2391 (Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2 ...)
 	NOT-FOR-US: jabber-gg-transport
-CVE-2004-2390
+CVE-2004-2390 (The roster import functionality in Jabber Gadu-Gadu Transport (a.k.a.  ...)
 	NOT-FOR-US: jabber-gg-transport
-CVE-2004-2389
+CVE-2004-2389 (Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg- ...)
 	NOT-FOR-US: jabber-gg-transport
-CVE-2004-2388
+CVE-2004-2388 (rexecd for AIX 4.3.3 does not properly use a local copy of the pwd str ...)
 	NOT-FOR-US: rexecd
-CVE-2004-2387
+CVE-2004-2387 (Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 ...)
 	NOT-FOR-US: sercd
-CVE-2004-2386
+CVE-2004-2386 (Format string vulnerability in the LogMsg function in sercd before 2.3 ...)
 	NOT-FOR-US: sercd
-CVE-2004-2385
+CVE-2004-2385 (EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path inf ...)
 	NOT-FOR-US: EMU Webmail
-CVE-2004-2384
+CVE-2004-2384 (NullSoft Winamp 5.02 allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: Winamp
-CVE-2004-2383
+CVE-2004-2383 (Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2382
+CVE-2004-2382 (The PerfectNav plugin for Microsoft Internet Explorer allows remote at ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2381
+CVE-2004-2381 (HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote atta ...)
 	- jetty 4.2.19-1 (medium)
-CVE-2004-2380
+CVE-2004-2380 (Directory traversal vulnerability in postfile.exe for Twilight Utiliti ...)
 	NOT-FOR-US: Twilight Utilities Web Server
-CVE-2004-2379
+CVE-2004-2379 (Multiple cross-site scripting (XSS) vulnerabilities in @Mail 3.64 for  ...)
 	NOT-FOR-US: @Mail
-CVE-2004-2378
+CVE-2004-2378 (@Mail 3.64 for Windows allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: @Mail
-CVE-2004-2377
+CVE-2004-2377 (Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Alcatel OmniSwitch
-CVE-2004-2376
+CVE-2004-2376 (Buffer overflow in postfile.exe for Twilight Utilities Web Server 2.0. ...)
 	NOT-FOR-US: Twilight Utilities Web Server
-CVE-2004-2375
+CVE-2004-2375 (Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows ...)
 	NOT-FOR-US: 1st Class Mail Server
-CVE-2004-2374
+CVE-2004-2374 (BadBlue 2.4 allows remote attackers to obtain the location of the serv ...)
 	NOT-FOR-US: BadBlue
-CVE-2004-2373
+CVE-2004-2373 (The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is ...)
 	NOT-FOR-US: AIM
-CVE-2004-2372
+CVE-2004-2372 (Buffer overflow in Bochs before 2.1.1, if installed setuid, allows loc ...)
 	- bochs 2.1.1-1
-CVE-2004-2371
+CVE-2004-2371 (Multiple Red Storm web-based games, including Ghost Recon 1.4 and earl ...)
 	NOT-FOR-US: Red Storm Games
-CVE-2004-2370
+CVE-2004-2370 (Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillia ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2004-2369
+CVE-2004-2369 (Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6  ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2004-2368
+CVE-2004-2368 (PHP remote file inclusion vulnerability in header.php in Opt-X 0.7.2 a ...)
 	NOT-FOR-US: Opt-X
-CVE-2004-2367
+CVE-2004-2367 (The Control Panel applet in WFTPD and WFTPD Pro 3.21 R1 and R2 allows  ...)
 	NOT-FOR-US: WFTPD
-CVE-2004-2366
+CVE-2004-2366 (Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 all ...)
 	NOT-FOR-US: GlobalScape Secure FTP Server
-CVE-2004-2365
+CVE-2004-2365 (Memory leak in Microsoft Windows XP and Windows Server 2003 allows loc ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2364
+CVE-2004-2364 (Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3. ...)
 	NOT-FOR-US: PHPX CMS
-CVE-2004-2363
+CVE-2004-2363 (Validate-Before-Canonicalize vulnerability in the checkURI function in ...)
 	NOT-FOR-US: PHPX CMS
-CVE-2004-2362
+CVE-2004-2362 (PHPX 3.2.6 and earlier allows remote attackers to obtain the physical  ...)
 	NOT-FOR-US: PHPX CMS
-CVE-2004-2361
+CVE-2004-2361 (Digital Reality game engine, as used in Haegemonia 1.0 through 1.0.7 a ...)
 	NOT-FOR-US: Digital Reality game engine, as used in Haegemonia 1.0 through 1.0.7 and Desert Rats vs. Afrika Korps 1.0
-CVE-2004-2360
+CVE-2004-2360 (Targem Battle Mages 1.0 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Targem Battle Mages
-CVE-2004-2359
+CVE-2004-2359 (Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 does ...)
 	NOT-FOR-US: Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet
-CVE-2004-2358
+CVE-2004-2358 (Cross-site scripting (XSS) vulnerability in admin_words.php for phpBB  ...)
 	- phpbb2 2.0.6c (low)
-CVE-2004-2357
+CVE-2004-2357 (The embedded MySQL 4.0 server for Proofpoint Protection Server does no ...)
 	NOT-FOR-US: roofpoint Protection Server
-CVE-2004-2356
+CVE-2004-2356 (Early termination vulnerability in Fizmez Web Server 1.0 allows remote ...)
 	NOT-FOR-US: Fizmez
-CVE-2004-2355
+CVE-2004-2355 (Cross-site scripting (XSS) vulnerability in Crafty Syntax Live Help (C ...)
 	NOT-FOR-US: Crafty Syntax Live Help
-CVE-2004-2354
+CVE-2004-2354 (SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 throu ...)
 	NOT-FOR-US: 4nGuestbook
-CVE-2004-2353
+CVE-2004-2353 (BugPort before 1.099 stores its configuration file (conf/config.conf)  ...)
 	NOT-FOR-US: BugPort
-CVE-2004-2352
+CVE-2004-2352 (Cross-site scripting (XSS) vulnerability in GBook for PHP-Nuke 1.0 all ...)
 	NOT-FOR-US: GBook
-CVE-2004-2351
+CVE-2004-2351 (Cross-site scripting (XSS) vulnerability in GBook for Php-Nuke 1.0 all ...)
 	NOT-FOR-US: GBook
-CVE-2004-2350
+CVE-2004-2350 (SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6  ...)
 	- phpbb2 2.0.8 (low)
-CVE-2004-2349
+CVE-2004-2349 (Multiple SQL injection vulnerabilities in Tunez before 1.20-pre2 allow ...)
 	NOT-FOR-US: Tunez
-CVE-2004-2348
+CVE-2004-2348 (Sybari AntiGen for Domino 7.0 Build 722 SR2 allows remote attackers to ...)
 	NOT-FOR-US: Sybari AntiGen for Domino
-CVE-2004-2347
+CVE-2004-2347 (blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote attack ...)
 	NOT-FOR-US: Leif M. Wright Web Blog
-CVE-2004-2346
+CVE-2004-2346 (Multiple cross-site scripting (XSS) vulnerabilities in Forum Web Serve ...)
 	NOT-FOR-US: Forum Web Server
-CVE-2004-2345
+CVE-2004-2345 (Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4,  ...)
 	NOT-FOR-US: Oracle
-CVE-2004-2344
+CVE-2004-2344 (Unknown vulnerability in the ASN.1/H.323/H.225 stack of VocalTec VGW12 ...)
 	NOT-FOR-US: VocalTec
-CVE-2004-2343
+CVE-2004-2343 (** DISPUTED ** Apache HTTP Server 2.0.47 and earlier allows local user ...)
 	NOTE: apache disputes this and I agree -- joeyh
-CVE-2004-2342
+CVE-2004-2342 (ChatterBox 2.0 allows remote attackers to cause a denial of service (s ...)
 	NOT-FOR-US: ChatterBox
-CVE-2004-2341
+CVE-2004-2341 (PHP file include injection vulnerability in isearch.inc.php for iSearc ...)
 	NOT-FOR-US: iSearch
 CVE-2004-2340
 	NOT-FOR-US: PunkBuster Screenshot Database
-CVE-2004-2339
+CVE-2004-2339 (** DISPUTED ** Microsoft Windows 2000, XP, and possibly 2003 allows lo ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2338
+CVE-2004-2338 (OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules with ...)
 	NOT-FOR-US: OpenBSD
-CVE-2004-2337
+CVE-2004-2337 (The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed wit ...)
 	NOT-FOR-US: inlook
-CVE-2004-2336
+CVE-2004-2336 (Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0  ...)
 	NOT-FOR-US: Novel Groupwise
-CVE-2004-2335
+CVE-2004-2335 (The Macromedia installers and e-licensing client on Mac OS X, as used  ...)
 	NOT-FOR-US: Macromedia installers and e-licensing client on Mac OS X
-CVE-2004-2334
+CVE-2004-2334 (Multiple cross-site scripting (XSS) vulnerabilities in EMU Webmail 5.2 ...)
 	NOT-FOR-US: EMU Webmail
-CVE-2004-2333
+CVE-2004-2333 (Bodington 2.1.0 RC1 and earlier does not secure the file upload area,  ...)
 	NOT-FOR-US: Bodington
-CVE-2004-2332
+CVE-2004-2332 (Multiple cross-site scripting (XSS) vulnerabilities in CPAN WWW::Form  ...)
 	NOT-FOR-US: WWW::Form
-CVE-2004-2331
+CVE-2004-2331 (ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox se ...)
 	NOT-FOR-US: ColdFusion
-CVE-2004-2330
+CVE-2004-2330 (ColdFusion MX 6.1 and 6.1 J2EE allows remote attackers to cause a deni ...)
 	NOT-FOR-US: ColdFusion
-CVE-2004-2329
+CVE-2004-2329 (Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbi ...)
 	NOT-FOR-US: Kerio Personal Firewal
-CVE-2004-2328
+CVE-2004-2328 (Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers  ...)
 	NOT-FOR-US: Clearswift MAILsweeper
-CVE-2004-2327
+CVE-2004-2327 (Vizer Web Server 1.9.1 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Vizer
-CVE-2004-2326
+CVE-2004-2326 (SQL injection vulnerability in IP3 Networks NetAccess Appliance before ...)
 	NOT-FOR-US: IP3 Networks NetAccess
-CVE-2004-2325
+CVE-2004-2325 (Cross-site scripting (XSS) vulnerability in EditModule.aspx for DotNet ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2004-2324
+CVE-2004-2324 (SQL injection vulnerability in DotNetNuke (formerly IBuySpy Workshop)  ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2004-2323
+CVE-2004-2323 (DotNetNuke (formerly IBuySpy Workshop) 1.0.6 through 1.0.10d allows re ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2004-2322
+CVE-2004-2322 (SQL injection vulnerability in the (1) announce and (2) notes modules  ...)
 	NOT-FOR-US: phpWebSite
-CVE-2004-2321
+CVE-2004-2321 (BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2004-2320
+CVE-2004-2320 (The default configuration of BEA WebLogic Server and Express 8.1 SP2 a ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2004-2319
+CVE-2004-2319 (IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users t ...)
 	NOT-FOR-US: IBM Informatik Dynamic Server
-CVE-2004-2318
+CVE-2004-2318 (The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0 ...)
 	NOT-FOR-US: SurgeFTP Server
-CVE-2004-2317
+CVE-2004-2317 (Information leak in Mbedthis AppWeb HTTP server 1.0 through 1.1.2 allo ...)
 	NOT-FOR-US: AppWeb HTTP server
-CVE-2004-2316
+CVE-2004-2316 (Mbedthis AppWeb HTTP server before 1.0.2 allows remote attackers to ca ...)
 	NOT-FOR-US: AppWeb HTTP server
-CVE-2004-2315
+CVE-2004-2315 (Mbedthis AppWeb HTTP server before 1.0.2 allows remote attackers to ca ...)
 	NOT-FOR-US: AppWeb HTTP server
-CVE-2004-2314
+CVE-2004-2314 (The Telnet listener for Novell iChain Server before 2.2 Field Patch 3b ...)
 	NOT-FOR-US: Novell iChain Server
-CVE-2004-2313
+CVE-2004-2313 (Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error message ...)
 	- courier <unfixed> (unimportant)
 	NOTE: This is a lack of a security feature, but not a direct vulnerability
-CVE-2004-2312
+CVE-2004-2312 (Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid,  ...)
 	NOT-FOR-US: AIX only
-CVE-2004-2311
+CVE-2004-2311 (Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6 ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2004-2310
+CVE-2004-2310 (Cross-site scripting (XSS) vulnerability in webadmin.nsf in Lotus Domi ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2004-2309
+CVE-2004-2309 (Directory traversal vulnerability in Crob FTP Server 3.5.1 allows loca ...)
 	NOT-FOR-US: Crob FTP Server
-CVE-2004-2308
+CVE-2004-2308 (Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and possibly  ...)
 	NOT-FOR-US: cPanel; see www.cpanel.net; has nothing to do with Debian package cpanel
-CVE-2004-2307
+CVE-2004-2307 (Microsoft Internet Explorer 6.0.2600 on Windows XP allows remote attac ...)
 	NOT-FOR-US: MS IE
-CVE-2004-2306
+CVE-2004-2306 (Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled a ...)
 	NOT-FOR-US: Solaris
-CVE-2004-2305
+CVE-2004-2305 (Computer Associates eTrust Antivirus EE 6.0 through 7.0 allows remote  ...)
 	NOT-FOR-US: Computer Associates
-CVE-2004-2304
+CVE-2004-2304 (Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 a ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2004-2303
+CVE-2004-2303 (MTools Mformat before 3.9.9, when installed setuid root, creates files ...)
 	- mtools 3.9.9
-CVE-2004-2302
+CVE-2004-2302 (Race condition in the sysfs_read_file and sysfs_write_file functions i ...)
 	{DSA-922-1 DTSA-16-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2004-2301
+CVE-2004-2301 (Eudora before 6.1.1 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Eudora
-CVE-2004-2300
+CVE-2004-2300 (Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed ...)
 	- net-snmp <not-affected> (snmpd is neither setuid nor setgid in Debian)
-CVE-2004-2299
+CVE-2004-2299 (Buffer overflow in Omnicron OmniHTTPd 3.0a and earlier allows remote a ...)
 	NOT-FOR-US: Omnicron
-CVE-2004-2298
+CVE-2004-2298 (Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 a ...)
 	NOT-FOR-US: Novell Internet Messaging System
-CVE-2004-2162
+CVE-2004-2162 (Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow ...)
 	{DSA-980-1}
 	- tutos 1.1.20031017-2.1 (bug #318633; medium)
-CVE-2004-2161
+CVE-2004-2161 (SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows r ...)
 	{DSA-980-1}
 	- tutos 1.1.20031017-2.1 (bug #318633; medium)
-CVE-2004-2297
+CVE-2004-2297 (The Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to c ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-2296
+CVE-2004-2296 (The preview_review function in the Reviews module in PHP-Nuke 6.0 to 7 ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-2295
+CVE-2004-2295 (SQL injection vulnerability in the Reviews module in PHP-Nuke 6.0 to 7 ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-2294
+CVE-2004-2294 (Canonicalize-before-filter error in the send_review function in the Re ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-2293
+CVE-2004-2293 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.0 to ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-2292
+CVE-2004-2292 (Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to caus ...)
 	NOT-FOR-US: Alt-N Technologies Mdaemon
-CVE-2004-2291
+CVE-2004-2291 (Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2290
+CVE-2004-2290 (Microsoft Windows XP Explorer allows attackers to execute arbitrary co ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2289
+CVE-2004-2289 (Microsoft Windows XP Explorer allows local users to execute arbitrary  ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2288
+CVE-2004-2288 (Cross-site scripting (XSS) vulnerability in index.php in Jelsoft vBull ...)
 	NOT-FOR-US: vBulletin
-CVE-2004-2287
+CVE-2004-2287 (Directory traversal vulnerability in explorer.php in DSM Light Web Fil ...)
 	NOT-FOR-US: Light Web File Manager
-CVE-2004-2286
+CVE-2004-2286 (Integer overflow in the duplication operator in ActivePerl allows remo ...)
 	NOT-FOR-US: ActivePerl
 CVE-2004-2285
 	REJECTED
-CVE-2004-2284
+CVE-2004-2284 (The read_list_from_file function in vacation.pl for OpenWebmail before ...)
 	NOT-FOR-US: OpenWebmail
-CVE-2004-2283
+CVE-2004-2283 (Unknown vulnerability in DansGuardian before 2.6.1-13 allows remote at ...)
 	- dansguardian 2.6.1-13 (medium)
-CVE-2004-2282
+CVE-2004-2282 (DansGuardian before 2.7.7-2 allows remote attackers to bypass URL filt ...)
 	- dansguardian 2.7.7-2
-CVE-2004-2281
+CVE-2004-2281 (Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2004-2280
+CVE-2004-2280 (Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2004-2279
+CVE-2004-2279 (Cross-site scripting (XSS) vulnerability in Invision Power Board 1.3 F ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2004-2278
+CVE-2004-2278 (Unknown cross-site scripting (XSS) vulnerability in the web GUI in vHo ...)
 	NOT-FOR-US: vHost
-CVE-2004-2277
+CVE-2004-2277 (Buffer overflow in aGSM Half-Life client allows remote Half-Life serve ...)
 	NOT-FOR-US: aGSM Half-Life
-CVE-2004-2276
+CVE-2004-2276 (F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and ...)
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2004-2275
+CVE-2004-2275 (i-mall.cgi in I-Mall Commerce allows remote attackers to execute arbit ...)
 	NOT-FOR-US: I-Mall Commerce
-CVE-2004-2274
+CVE-2004-2274 (Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and at ...)
 	NOT-FOR-US: w3m Jigsaw
-CVE-2004-2273
+CVE-2004-2273 (efFingerD 0.2.12 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: efFingerD
-CVE-2004-2272
+CVE-2004-2272 (Buffer overflow in the sockFinger_DataArrival function in efFingerD 0. ...)
 	NOT-FOR-US: efFingerD
-CVE-2004-2271
+CVE-2004-2271 (Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers ...)
 	NOT-FOR-US: MiniShare
-CVE-2004-2270
+CVE-2004-2270 (Unknown vulnerability in IBM Parallel Environment (PE) 3.2 and 4.1 all ...)
 	NOT-FOR-US: IBM Parallel Environment
-CVE-2004-2269
+CVE-2004-2269 (Stack-based buffer overflow in pads.c in Passive Asset Detection Syste ...)
 	- pads 1.1.1 (high)
-CVE-2004-2268
+CVE-2004-2268 (PimenGest2 before 1.1.1 allows remote attackers to obtain the database ...)
 	NOT-FOR-US: PimenGest2
-CVE-2004-2267
+CVE-2004-2267 (Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier allo ...)
 	NOT-FOR-US: Ansel
-CVE-2004-2266
+CVE-2004-2266 (SQL injection vulnerability in Ansel 2.1 and earlier allows remote att ...)
 	NOT-FOR-US: Ansel
-CVE-2004-2265
+CVE-2004-2265 (UUDeview 0.5.20 and earlier handles temporary files insecurely during  ...)
 	- uudeview 0.5.20-2.1 (bug #320541; low)
 	[sarge] - uudeview <no-dsa> (Hardly exploitable)
 	NOTE: dnprogs apparetly not vulnerable, unsafe code is not called (#358500)
-CVE-2004-2264
+CVE-2004-2264 (** DISPUTED ** Format string bug in the open_altfile function in filen ...)
 	- less <not-affected> (less is not suid, explotability unlikely)
-CVE-2004-2263
+CVE-2004-2263 (SQL injection vulnerability in the valid function in fr_left.php in Pl ...)
 	NOT-FOR-US: PlaySMS
-CVE-2004-2262
+CVE-2004-2262 (ImageManager in e107 before 0.617 does not properly check the types of ...)
 	NOT-FOR-US: e107
-CVE-2004-2261
+CVE-2004-2261 (Cross-site scripting (XSS) vulnerability in e107 allows remote attacke ...)
 	NOT-FOR-US: e107
-CVE-2004-2260
+CVE-2004-2260 (Opera Browser 7.23, and other versions before 7.50, updates the addres ...)
 	NOT-FOR-US: Opera
-CVE-2004-2259
+CVE-2004-2259 (vsftpd before 1.2.2, when under heavy load, allows attackers to cause  ...)
 	- vsftpd 2.0.1-1 (low)
-CVE-2004-2258
+CVE-2004-2258 (Xconfig in Hummingbird Exceed before 9.0.0.1, when the Screen Definiti ...)
 	NOT-FOR-US: Hummingbird Exceed
-CVE-2004-2257
+CVE-2004-2257 (phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to  ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2004-2256
+CVE-2004-2256 (Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remot ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2004-2255
+CVE-2004-2255 (Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote att ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2004-2254
+CVE-2004-2254 (SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, al ...)
 	NOT-FOR-US: SurgeLDAP
-CVE-2004-2253
+CVE-2004-2253 (Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and ea ...)
 	NOT-FOR-US: SurgeLDAP
-CVE-2004-2252
+CVE-2004-2252 (The firewall in Astaro Security Linux before 4.024 sends responses to  ...)
 	NOT-FOR-US: Astaro suite
-CVE-2004-2251
+CVE-2004-2251 (The PPTP server in Astaro Security Linux before 4.024 provides informa ...)
 	NOT-FOR-US: Astaro suite
-CVE-2004-2250
+CVE-2004-2250 (Unknown vulnerability in the "access code" in RemoteEditor before 0.1. ...)
 	NOT-FOR-US: RemoteEditor
-CVE-2004-2249
+CVE-2004-2249 (Unknown vulnerability in the "access code" in SecureEditor before 0.1. ...)
 	NOT-FOR-US: SecureEditor
-CVE-2004-2248
+CVE-2004-2248 (Unknown vulnerability in RemoteEditor before 0.1.1 has unknown impact  ...)
 	NOT-FOR-US: RemoteEditor
-CVE-2004-2247
+CVE-2004-2247 (Unknown vulnerability in the "admin of paypal email addresses" in Audi ...)
 	NOT-FOR-US: AudienceConnect
-CVE-2004-2246
+CVE-2004-2246 (Cross-site scripting (XSS) vulnerability in Goollery before 0.04b allo ...)
 	NOT-FOR-US: Goollery
-CVE-2004-2245
+CVE-2004-2245 (Cross-site scripting (XSS) vulnerability in Goollery 0.03 allows remot ...)
 	NOT-FOR-US: Goollery
-CVE-2004-2244
+CVE-2004-2244 (The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9 ...)
 	NOT-FOR-US: Oracle
-CVE-2004-2243
+CVE-2004-2243 (Phorum allows remote attackers to hijack sessions of other users by st ...)
 	NOT-FOR-US: Phorum
-CVE-2004-2242
+CVE-2004-2242 (Cross-site scripting (XSS) vulnerability in search.php in Phorum, poss ...)
 	NOT-FOR-US: Phorum
-CVE-2004-2241
+CVE-2004-2241 (Cross-site scripting (XSS) vulnerability in Phorum 5.0.11 and earlier  ...)
 	NOT-FOR-US: Phorum
-CVE-2004-2240
+CVE-2004-2240 (Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier al ...)
 	NOT-FOR-US: Phorum
-CVE-2004-2239
+CVE-2004-2239 (Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow ...)
 	- vpopmail <removed> (bug #320608; low)
-CVE-2004-2238
+CVE-2004-2238 (** DISPUTED ** Format string vulnerability in vsybase.c in vpopmail 5. ...)
 	NOTE: format string vuln in vpopmail doesn't seem to be real
-CVE-2004-2237
+CVE-2004-2237 (Unknown vulnerability in Moodle before 1.3.4 has unknown impact and at ...)
 	- moodle 1.4-1
-CVE-2004-2236
+CVE-2004-2236 (Unknown vulnerability in Moodle before 1.3.3 has unknown impact and at ...)
 	- moodle 1.3.3-1
-CVE-2004-2235
+CVE-2004-2235 (Unknown vulnerability in Moodle before 1.2 has unknown impact and atta ...)
 	- moodle 1.2.1-1
-CVE-2004-2234
+CVE-2004-2234 (Unknown vulnerability in Moodle before 1.2 allows teachers to log in a ...)
 	- moodle 1.2.1-1
-CVE-2004-2233
+CVE-2004-2233 (Unknown "front page vulnerability with Moodle servers" for Moodle befo ...)
 	- moodle 1.3.2-1
-CVE-2004-2232
+CVE-2004-2232 (SQL injection vulnerability in sql.php in the Glossary module in Moodl ...)
 	- moodle 1.4.2-1
-CVE-2004-2231
+CVE-2004-2231 (Zero G Software InstallAnywhere 5.0.6, 5.0.7, and earlier allows local ...)
 	NOT-FOR-US: InstallAnywhere
-CVE-2004-2230
+CVE-2004-2230 (Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allow ...)
 	NOT-FOR-US: OpenBSD
-CVE-2004-2229
+CVE-2004-2229 (Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0 ...)
 	NOT-FOR-US: Oracle
-CVE-2004-2228
+CVE-2004-2228 (Mozilla Firefox before 1.0 is installed with world-writable permission ...)
 	- mozilla-firefox <not-affected> (Only affects Firefox on MacOS)
-CVE-2004-2227
+CVE-2004-2227 (Mozilla Firefox before 1.0 truncates long filenames in the file downlo ...)
 	- mozilla-firefox 1.0-1
-CVE-2004-2226
+CVE-2004-2226 (Mozilla Mail 1.7.1 and 1.7.3, and Thunderbird before 0.9, when HTML-Ma ...)
 	- mozilla-thunderbird 1.0-3
-CVE-2004-2225
+CVE-2004-2225 (Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitr ...)
 	- mozilla-firefox 0.99+1.0RC1-1
-CVE-2004-2224
+CVE-2004-2224 (Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause ...)
 	NOT-FOR-US: Message Foundry
-CVE-2004-2223
+CVE-2004-2223 (FsPHPGallery before 1.2 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: FsPHPGallery
-CVE-2004-2222
+CVE-2004-2222 (Directory traversal vulnerability in index.php in FsPHPGallery before  ...)
 	NOT-FOR-US: FsPHPGallery
-CVE-2004-2221
+CVE-2004-2221 (Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows rem ...)
 	NOT-FOR-US: SoftCart
-CVE-2004-2220
+CVE-2004-2220 (F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not prop ...)
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2004-2219
+CVE-2004-2219 (Microsoft Internet Explorer 6 allows remote attackers to spoof the add ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2218
+CVE-2004-2218 (SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and e ...)
 	NOT-FOR-US: PHPMyWebHosting
-CVE-2004-2217
+CVE-2004-2217 (Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow r ...)
 	NOT-FOR-US: yChat
-CVE-2004-2216
+CVE-2004-2216 (Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlie ...)
 	NOT-FOR-US: Sun Java
-CVE-2004-2215
+CVE-2004-2215 (RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, whi ...)
 	- rxvt-unicode 3.8-1
-CVE-2004-2214
+CVE-2004-2214 (Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to by ...)
 	NOT-FOR-US: AppWeb HTTP server
-CVE-2004-2213
+CVE-2004-2213 (Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to ob ...)
 	NOT-FOR-US: AppWeb HTTP server
-CVE-2004-2212
+CVE-2004-2212 (SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 allo ...)
 	NOT-FOR-US: AliveSites
-CVE-2004-2211
+CVE-2004-2211 (Cross-site scripting (XSS) vulnerability in AliveSites Forums 2.0 allo ...)
 	NOT-FOR-US: AliveSites
-CVE-2004-2210
+CVE-2004-2210 (Multiple cross-site scripting (XSS) vulnerabilities in Express-Web Con ...)
 	NOT-FOR-US: Express-Web
-CVE-2004-2209
+CVE-2004-2209 (SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5 ...)
 	NOT-FOR-US: IdealBB
-CVE-2004-2208
+CVE-2004-2208 (CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1. ...)
 	NOT-FOR-US: IdealBB
-CVE-2004-2207
+CVE-2004-2207 (Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4. ...)
 	NOT-FOR-US: IdealBB
-CVE-2004-2206
+CVE-2004-2206 (SQL injection vulnerability in NatterChat 1.12 allows remote attackers ...)
 	NOT-FOR-US: NatterChat
-CVE-2004-2205
+CVE-2004-2205 (Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 allo ...)
 	NOT-FOR-US: Veritas
-CVE-2004-2204
+CVE-2004-2204 (Macromedia ColdFusion MX 6.0 and 6.1 application server, when running  ...)
 	NOT-FOR-US: Cold Fusion
-CVE-2004-2203
+CVE-2004-2203 (Ansel 1.2 through 2.0 uses insecure default permissions, which allows  ...)
 	NOT-FOR-US: Ansel
-CVE-2004-2202
+CVE-2004-2202 (Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 thro ...)
 	NOT-FOR-US: DUclassified
-CVE-2004-2201
+CVE-2004-2201 (SQL injection vulnerability in DUware DUforum 3.0 through 3.1 allows r ...)
 	NOT-FOR-US: DUforum
-CVE-2004-2200
+CVE-2004-2200 (Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through ...)
 	NOT-FOR-US: DUforum
-CVE-2004-2199
+CVE-2004-2199 (Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 al ...)
 	NOT-FOR-US: DUclassified
-CVE-2004-2198
+CVE-2004-2198 (account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attack ...)
 	NOT-FOR-US: DUclassmate
-CVE-2004-2197
+CVE-2004-2197 (kdocker.cpp in kdocker 0.1 through 0.8 does not properly check the own ...)
 	NOT-FOR-US: kdocker
-CVE-2004-2196
+CVE-2004-2196 (Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of  ...)
 	NOT-FOR-US: Zanfi
-CVE-2004-2195
+CVE-2004-2195 (PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite ...)
 	NOT-FOR-US: Zanfi
-CVE-2004-2194
+CVE-2004-2194 (MailEnable Professional Edition before 1.53 and Enterprise Edition bef ...)
 	NOT-FOR-US: MailEnable
-CVE-2004-2193
+CVE-2004-2193 (Cross-site scripting (XSS) vulnerability in trade.php for CJOverkill 4 ...)
 	NOT-FOR-US: CJOverkill
-CVE-2004-2192
+CVE-2004-2192 (SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic  ...)
 	NOT-FOR-US: Turbo Traffic Trader
-CVE-2004-2191
+CVE-2004-2191 (Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo ...)
 	NOT-FOR-US: Turbo Traffic Trader
-CVE-2004-2190
+CVE-2004-2190 (Directory traversal vulnerability in Unzoo 4.4-2 has unknown impact an ...)
 	- unzoo 4.4-3 (bug #306164)
-CVE-2004-2189
+CVE-2004-2189 (SQL injection vulnerability in DMXReady Site Chassis Manager allows re ...)
 	NOT-FOR-US: DMXReady
-CVE-2004-2188
+CVE-2004-2188 (Cross-site scripting (XSS) vulnerability in DMXReady Site Chassis Mana ...)
 	NOT-FOR-US: DMXReady
-CVE-2004-2187
+CVE-2004-2187 (Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "fi ...)
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2004-2186
+CVE-2004-2186 (SQL injection vulnerability in MediaWiki 1.3.5 allows remote attackers ...)
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2004-2185
+CVE-2004-2185 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 ...)
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2004-2184
+CVE-2004-2184 (Directory traversal vulnerability in Digicraft Yak! server 2.0 through ...)
 	NOT-FOR-US: Digicraft Yak!
-CVE-2004-2183
+CVE-2004-2183 (Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers to exec ...)
 	NOT-FOR-US: WeHelpBUS
-CVE-2004-2182
+CVE-2004-2182 (Session fixation vulnerability in Macromedia JRun 4.0 allows remote at ...)
 	NOT-FOR-US: Macromedia JRun
-CVE-2004-2181
+CVE-2004-2181 (Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remot ...)
 	NOT-FOR-US: WowBB Forum
-CVE-2004-2180
+CVE-2004-2180 (Multiple cross-site scripting (XSS) vulnerabilities in WowBB Forum 1.6 ...)
 	NOT-FOR-US: WowBB Forum
-CVE-2004-2179
+CVE-2004-2179 (asycpict.dll, as used in Microsoft products such as Front Page 97 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2178
+CVE-2004-2178 (SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote a ...)
 	NOT-FOR-US: DevoyBB
-CVE-2004-2177
+CVE-2004-2177 (Cross-site scripting (XSS) vulnerability in DevoyBB Web Forum 1.0.0 al ...)
 	NOT-FOR-US: DevoyBB
-CVE-2004-2176
+CVE-2004-2176 (The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is  ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2175
+CVE-2004-2175 (Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow rem ...)
 	NOT-FOR-US: ReviewPost
-CVE-2004-2174
+CVE-2004-2174 (Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact  ...)
 	NOT-FOR-US: EarlyImpact
-CVE-2004-2173
+CVE-2004-2173 (SQL injection vulnerability in advSearch_h.asp in EarlyImpact ProductC ...)
 	NOT-FOR-US: EarlyImpact
-CVE-2004-2172
+CVE-2004-2172 (EarlyImpact ProductCart uses a weak encryption scheme to encrypt passw ...)
 	NOT-FOR-US: EarlyImpact
-CVE-2004-2171
+CVE-2004-2171 (Cross-site scripting (XSS) vulnerability in Cherokee before 0.4.8 allo ...)
 	- cherokee 0.4.8
-CVE-2004-2170
+CVE-2004-2170 (Directory traversal vulnerability in sample_showcode.html in Caravan 2 ...)
 	NOT-FOR-US: Caravan
-CVE-2004-2169
+CVE-2004-2169 (Application Access Server (A-A-S) 1.0.37 and earlier allows remote aut ...)
 	NOT-FOR-US: Application Access Server (A-A-S)
-CVE-2004-2168
+CVE-2004-2168 (BaSoMail 1.24 allows remote attackers to cause a denial of service (CP ...)
 	NOT-FOR-US: BaSoMail
-CVE-2004-2167
+CVE-2004-2167 (Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other vers ...)
 	- latex2rtf 1.9.16
-CVE-2004-2166
+CVE-2004-2166 (The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C ...)
 	NOT-FOR-US: Canon ImageRUNNER
-CVE-2004-2165
+CVE-2004-2165 (Lords of the Realm III 1.01 and earlier, when in the lobby stage, allo ...)
 	NOT-FOR-US: Lords of the Realm
-CVE-2004-2164
+CVE-2004-2164 (shoprestoreorder.asp in VP-ASP 5.0 does not close the database connect ...)
 	NOT-FOR-US: VP-ASP
-CVE-2004-2163
+CVE-2004-2163 (login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not ...)
 	NOT-FOR-US: OpenBSD
-CVE-2004-2160
+CVE-2004-2160 (Format string vulnerability in xml_elem.c for XMLStarlet Command Line  ...)
 	- xmlstarlet 1.0.0-1
-CVE-2004-2159
+CVE-2004-2159 (Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 ...)
 	- xmlstarlet 1.0.0-1
-CVE-2004-2158
+CVE-2004-2158 (SQL injection vulnerability in Serendipity 0.7-beta1 allows remote att ...)
 	- serendipity 1.0-1
-CVE-2004-2157
+CVE-2004-2157 (Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity ...)
 	- serendipity 1.0-1
-CVE-2004-2156
+CVE-2004-2156 (Multiple unknown vulnerabilities in Online Recruitment Agency 1.0 have ...)
 	NOT-FOR-US: Online Recruitment Agency
-CVE-2004-2155
+CVE-2004-2155 (Online-bookmarks before 0.4.6 allows remote attackers to bypass its au ...)
 	NOT-FOR-US: Online-bookmarks
-CVE-2004-2154
+CVE-2004-2154 (CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as cas ...)
 	- cups 1.1.20final+rc1-1 (low)
 	- cupsys 1.1.20final+rc1-1 (low)
-CVE-2004-2153
+CVE-2004-2153 (Multiple unknown vulnerabilities in Real Estate Management Software 1. ...)
 	NOT-FOR-US: Real Estate Management Software
-CVE-2004-2152
+CVE-2004-2152 (Cross-site scripting (XSS) vulnerability in 'raw' page output mode for ...)
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2004-2151
+CVE-2004-2151 (Chatman 1.1.1 RC1 and earlier allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Chatman
-CVE-2004-2150
+CVE-2004-2150 (Nettica Corporation INTELLIPEER Email Server 1.01 displays different e ...)
 	NOT-FOR-US: INTELLIPEER Email Server
-CVE-2004-2149
+CVE-2004-2149 (Buffer overflow in the prepared statements API in libmysqlclient for M ...)
 	- mysql-dfsg-4.1 4.1.5-1
-CVE-2004-2148
+CVE-2004-2148 (Unknown local vulnerability in the "change user" feature of Slava Asta ...)
 	- fprobe-ng 1.1-1
 	- fprobe 1.1-4
 	NOTE: fprobe was fixed in upstrem release 1.0.6 and since 1.1-4 fprobe-ng package
 	NOTE: replaced fprobe therefore marking as fixed in 1.1-4
-CVE-2004-2147
+CVE-2004-2147 (Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook al ...)
 	NOT-FOR-US: Symantec Antivirus
-CVE-2004-2146
+CVE-2004-2146 (CRLF injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows  ...)
 	NOT-FOR-US: MegaBBS
-CVE-2004-2145
+CVE-2004-2145 (SQL injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows r ...)
 	NOT-FOR-US: MegaBBS
-CVE-2004-2144
+CVE-2004-2144 (Baal Smart Forms before 3.2 allows remote attackers to bypass authenti ...)
 	NOT-FOR-US: Baal Smart Forms
-CVE-2004-2143
+CVE-2004-2143 (SQL injection vulnerability in the ReMOSitory Server add-on module to  ...)
 	NOT-FOR-US: Mambo Portal
-CVE-2004-2142
+CVE-2004-2142 (Unknown vulnerability in the remote tape support (remote.c) in the RMT ...)
 	- sdd 1.52-1
 CVE-2004-2141
 	REJECTED
-CVE-2004-2140
+CVE-2004-2140 (CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote ...)
 	NOT-FOR-US: YaBB
-CVE-2004-2139
+CVE-2004-2139 (Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows  ...)
 	NOT-FOR-US: YaBB
-CVE-2004-2138
+CVE-2004-2138 (Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScri ...)
 	NOT-FOR-US: MySQLGuest
-CVE-2004-2137
+CVE-2004-2137 (Outlook Express 6.0, when sending multipart e-mail messages using the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2136
+CVE-2004-2136 (dm-crypt on Linux kernel 2.6.x, when used on certain file systems with ...)
 	- linux-2.6 2.6.10-1 (low)
 	- linux-2.6.24 <not-affected> (fixed before initial upload)
-CVE-2004-2135
+CVE-2004-2135 (cryptoloop on Linux kernel 2.6.x, when used on certain file systems wi ...)
 	- linux-2.6 2.6.32-2 (unimportant)
 	- linux-2.6.24 <removed> (unimportant)
 	NOTE: minor issue; solution (removal of cryptoloop) would be a significant change
 	NOTE: if backported to the stable releases
 	NOTE: mitigation: use dm-crypt or loop-aes for disk encrytion instead of cryptoloop
-CVE-2004-2134
+CVE-2004-2134 (Oracle toplink mapping workBench uses a weak encryption algorithm for  ...)
 	NOT-FOR-US: Oracle
-CVE-2004-2133
+CVE-2004-2133 (Certain third-party packages for CVSup 16.1h, such as SuSE Linux, cont ...)
 	NOT-FOR-US: CVSup third party modules
-CVE-2004-2132
+CVE-2004-2132 (Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo re ...)
 	NOT-FOR-US: PJ CGI Nero
-CVE-2004-2131
+CVE-2004-2131 (Stack-based buffer overflow in ontape for IBM Informix Dynamic Server  ...)
 	NOT-FOR-US: Informix Dynamic Server
-CVE-2004-2130
+CVE-2004-2130 (Multiple cross-site scripting (XSS) vulnerabilities in privmsg.php in  ...)
 	- phpbb2 2.0.6d-2
-CVE-2004-2129
+CVE-2004-2129 (SurfNOW 2.2 allows remote attackers to cause a denial of service (cras ...)
 	NOT-FOR-US: SurfNOW
-CVE-2004-2128
+CVE-2004-2128 (Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows  ...)
 	NOT-FOR-US: WebWeaver
-CVE-2004-2127
+CVE-2004-2127 (Directory traversal vulnerability in Web Blog 1.1 allows remote attack ...)
 	NOT-FOR-US: Web Blog
-CVE-2004-2126
+CVE-2004-2126 (The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure p ...)
 	NOT-FOR-US: BlackICE
-CVE-2004-2125
+CVE-2004-2125 (Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other ...)
 	NOT-FOR-US: BlackICE
-CVE-2004-2124
+CVE-2004-2124 (The register_globals simulation capability in Gallery 1.3.1 through 1. ...)
 	- gallery 1.4.4-pl1-1
-CVE-2004-2123
+CVE-2004-2123 (Multiple cross-site scripting (XSS) vulnerabilities in Nextplace.com E ...)
 	NOT-FOR-US: Nextplace
-CVE-2004-2122
+CVE-2004-2122 (Cross-site scripting (XSS) vulnerability in intraforum_db.cgi in Intra ...)
 	NOT-FOR-US: Intra Forum
-CVE-2004-2121
+CVE-2004-2121 (Multiple directory traversal vulnerabilities in Borland Web Server (BW ...)
 	NOT-FOR-US: Borland Web Server
-CVE-2004-2120
+CVE-2004-2120 (Reptile Web Server allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Reptile Web Server
-CVE-2004-2119
+CVE-2004-2119 (Cross-site scripting (XSS) vulnerability in Tiny Server 1.1 allows rem ...)
 	NOT-FOR-US: Tiny Server
-CVE-2004-2118
+CVE-2004-2118 (Tiny Server 1.1 allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: Tiny Server
-CVE-2004-2117
+CVE-2004-2117 (Tiny Server 1.1 allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: Tiny Server
-CVE-2004-2116
+CVE-2004-2116 (Directory traversal vulnerability in Tiny Server 1.1 allows remote att ...)
 	NOT-FOR-US: Tiny Server
-CVE-2004-2115
+CVE-2004-2115 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Ser ...)
 	NOT-FOR-US: Oracle
-CVE-2004-2114
+CVE-2004-2114 (Stack-based and heap-based buffer overflows in ProxyNow! 2.75 and earl ...)
 	NOT-FOR-US: ProxyNow!
-CVE-2004-2113
+CVE-2004-2113 (Cross-site scripting (XSS) vulnerability in BremsServer 1.2.4 allows r ...)
 	NOT-FOR-US: BremsServer
-CVE-2004-2112
+CVE-2004-2112 (Directory traversal vulnerability in BremsServer 1.2.4 allows remote a ...)
 	NOT-FOR-US: BremsServer
-CVE-2004-2111
+CVE-2004-2111 (Stack-based buffer overflow in the site chmod command in Serv-U FTP Se ...)
 	NOT-FOR-US: Serv-U FTP Server
-CVE-2004-2110
+CVE-2004-2110 (SQL injection vulnerability in register.php in Phorum before 3.4.6 all ...)
 	NOT-FOR-US: Phorum
-CVE-2004-2109
+CVE-2004-2109 (Multiple cross-site scripting (XSS) vulnerabilities in (1) imagezoom.a ...)
 	NOT-FOR-US: Q-Shop
-CVE-2004-2108
+CVE-2004-2108 (Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote ...)
 	NOT-FOR-US: Q-Shop
-CVE-2004-2107
+CVE-2004-2107 (Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not au ...)
 	NOT-FOR-US: Finjan SurfinGate
-CVE-2004-2106
+CVE-2004-2106 (Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attacke ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2105
+CVE-2004-2105 (The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2104
+CVE-2004-2104 (Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attacke ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2103
+CVE-2004-2103 (Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise  ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2004-2102
+CVE-2004-2102 (Cross-site scripting (XSS) vulnerability in FREESCO 2.05, a modified v ...)
 	NOT-FOR-US: Freesco
-CVE-2004-2101
+CVE-2004-2101 (The sysinfo script in GeoHttpServer allows remote attackers to cause a ...)
 	NOT-FOR-US: GeoHttpServer
-CVE-2004-2100
+CVE-2004-2100 (GeoHttpServer, when configured to authenticate users, allows remote at ...)
 	NOT-FOR-US: GeoHttpServer
-CVE-2004-2099
+CVE-2004-2099 (Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), ver ...)
 	NOT-FOR-US: Need for Speed game
-CVE-2004-2098
+CVE-2004-2098 (Cross-site scripting (XSS) vulnerability in the banner engine (TBE) 5. ...)
 	NOT-FOR-US: Banner engine
-CVE-2004-2097
+CVE-2004-2097 (Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbi ...)
 	- fvwm <not-affected> (Used mktemp)
 	- xbase-clients <not-affected> (x11perfcomp uses mkdir atomically)
 	- lvm10 <not-affected> (does not contain lvmcreate_initrd)
-CVE-2004-2096
+CVE-2004-2096 (Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 fi ...)
 	NOT-FOR-US: Mephistoles
-CVE-2004-2095
+CVE-2004-2095 (Honeyd before 0.8 replies to TCP packets with the SYN and RST flags se ...)
 	- honeyd 0.8-1
-CVE-2004-2094
+CVE-2004-2094 (Cross-site scripting (XSS) vulnerability in WebcamXP 1.06.945 allows r ...)
 	NOT-FOR-US: WebcamXP
-CVE-2004-2093
+CVE-2004-2093 (Buffer overflow in the open_socket_out function in socket.c for rsync  ...)
 	- rsync 2.6.1-1
-CVE-2004-2092
+CVE-2004-2092 (eTrust InoculateIT for Linux 6.0 uses insecure permissions for multipl ...)
 	NOT-FOR-US: InoculateIT
-CVE-2004-2091
+CVE-2004-2091 (Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly ide ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2090
+CVE-2004-2090 (Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers  ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-2089
+CVE-2004-2089 (Matrix FTP Server allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Matrix FTP Server
-CVE-2004-2088
+CVE-2004-2088 (Sophos Anti-Virus 3.78 allows remote attackers to bypass virus scannin ...)
 	NOT-FOR-US: Sophos
-CVE-2004-2087
+CVE-2004-2087 (Unknown vulnerability in SandSurfer before 1.7.0 allows remote attacke ...)
 	NOT-FOR-US: SandSurfer
-CVE-2004-2086
+CVE-2004-2086 (Stack-based buffer overflow in results.stm for Sambar Server before th ...)
 	NOT-FOR-US: Sambar
-CVE-2004-2085
+CVE-2004-2085 (Multiple cross-site scripting (XSS) vulnerabilities in Brad Fears phpC ...)
 	NOT-FOR-US: phpcodeCabinet
-CVE-2004-2084
+CVE-2004-2084 (Cross-site scripting (XSS) vulnerability in search.php in JShop E-Comm ...)
 	NOT-FOR-US: JShop
-CVE-2004-2083
+CVE-2004-2083 (Opera Web Browser 7.0 through 7.23 allows remote attackers to trick us ...)
 	NOT-FOR-US: Opera
-CVE-2004-2082
+CVE-2004-2082 (The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authent ...)
 	NOT-FOR-US: Sami FTP Server
-CVE-2004-2081
+CVE-2004-2081 (The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to ...)
 	NOT-FOR-US: Sami FTP Server
-CVE-2004-2080
+CVE-2004-2080 (Red-M Red-Alert 2.7.5 with software 3.1 build 24 converts multiple spa ...)
 	NOT-FOR-US: Red-Alert
-CVE-2004-2079
+CVE-2004-2079 (Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication  ...)
 	NOT-FOR-US: Red-Alert
-CVE-2004-2078
+CVE-2004-2078 (Red-M Red-Alert 2.7.5 with software 3.1 build 24 allows remote attacke ...)
 	NOT-FOR-US: Red-Alert
-CVE-2004-2077
+CVE-2004-2077 (Nadeo Game Engine for Nadeo TrackMania and Nadeo Virtual Skipper 3 all ...)
 	NOT-FOR-US: Nadeo
-CVE-2004-2076
+CVE-2004-2076 (Cross-site scripting (XSS) vulnerability in search.php for Jelsoft vBu ...)
 	NOT-FOR-US: Jelsoft Bulletin
-CVE-2004-2075
+CVE-2004-2075 (Sophos Anti-Virus 3.78 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Sophos
-CVE-2004-2074
+CVE-2004-2074 (Format string vulnerability in Dream FTP 1.02 allows local users to ca ...)
 	NOT-FOR-US: Dream FTP
-CVE-2004-2073
+CVE-2004-2073 (Linux-VServer 1.24 allows local users with root privileges on a virtua ...)
 	- kernel-patch-vserver 1.9.4-1
-CVE-2004-2072
+CVE-2004-2072 (Cross-site scripting (XSS) vulnerability in index.php for Mambo Open S ...)
 	NOT-FOR-US: Mambo
-CVE-2004-2071
+CVE-2004-2071 (Macallan Mail Solution 2.8.4.6 (Build 260), and possibly earlier versi ...)
 	NOT-FOR-US: Macallan
-CVE-2004-2070
+CVE-2004-2070 (The Altiris Client Service for Windows 5.6 SP1 Hotfix E (5.6.181) allo ...)
 	NOT-FOR-US: Altiris Client Service for Windows
-CVE-2004-2067
+CVE-2004-2067 (SQL injection vulnerability in controlpanel.php in Jaws Framework and  ...)
 	NOT-FOR-US: JAWS
-CVE-2004-2066
+CVE-2004-2066 (SQL injection vulnerability in session.php in LinPHA 0.9.4 allows remo ...)
 	NOT-FOR-US: LinPHA
-CVE-2004-2065
+CVE-2004-2065 (DansGuardian 2.8 and earlier allows remote attackers to bypass the ext ...)
 	- dansguardian 2.5.2-0-0.1
-CVE-2004-2064
+CVE-2004-2064 (Cross-site scripting (XSS) vulnerability in lostBook 1.1 and earlier a ...)
 	NOT-FOR-US: lostBook
-CVE-2004-2063
+CVE-2004-2063 (Cross-site scripting (XSS) vulnerability in antiboard.php in AntiBoard ...)
 	NOT-FOR-US: AntiBoard
-CVE-2004-2062
+CVE-2004-2062 (SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and ea ...)
 	NOT-FOR-US: AntiBoard
-CVE-2004-2061
+CVE-2004-2061 (RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use ...)
 	NOT-FOR-US: RiSearch
-CVE-2004-2060
+CVE-2004-2060 (ASPRunner 2.4 stores the database under the web root in the db directo ...)
 	NOT-FOR-US: ASPRunner
-CVE-2004-2059
+CVE-2004-2059 (Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow r ...)
 	NOT-FOR-US: ASPRunner
-CVE-2004-2058
+CVE-2004-2058 (ASPRunner 2.4 allows remote attackers to gain sensitive information vi ...)
 	NOT-FOR-US: ASPRunner
-CVE-2004-2057
+CVE-2004-2057 (SQL injection vulnerability in ASPRunner 2.4 allows remote attackers t ...)
 	NOT-FOR-US: ASPRunner
-CVE-2004-2056
+CVE-2004-2056 (SQL injection vulnerability in action.php in Nucleus CMS 3.01 allows r ...)
 	NOT-FOR-US: ASPRunner
-CVE-2004-2055
+CVE-2004-2055 (Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 ...)
 	- phpbb2 2.0.10-1
-CVE-2004-2054
+CVE-2004-2054 (CRLF injection vulnerability in PhpBB 2.0.4 and 2.0.9 allows remote at ...)
 	- phpbb2 2.0.10-1
-CVE-2004-2053
+CVE-2004-2053 (PHP remote file inclusion vulnerability in index.php in EasyIns Stadtp ...)
 	NOT-FOR-US: Easyins Stadtportal
-CVE-2004-2052
+CVE-2004-2052 (eSeSIX Thintune thin clients running firmware 2.4.38 and earlier accep ...)
 	NOT-FOR-US: eSeSIX Thintune
-CVE-2004-2051
+CVE-2004-2051 (The Phoenix browser in eSeSIX Thintune thin clients running firmware 2 ...)
 	NOT-FOR-US: eSeSIX Thintune
-CVE-2004-2050
+CVE-2004-2050 (eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allow ...)
 	NOT-FOR-US: eSeSIX Thintune
-CVE-2004-2049
+CVE-2004-2049 (eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store ...)
 	NOT-FOR-US: eSeSIX Thintune
-CVE-2004-2048
+CVE-2004-2048 (radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and ear ...)
 	NOT-FOR-US: no_package
-CVE-2004-2047
+CVE-2004-2047 (Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for  ...)
 	NOT-FOR-US: no_package
-CVE-2004-2046
+CVE-2004-2046 (Unknown vulnerability in APC PowerChute Business Edition 6.0 through 7 ...)
 	NOT-FOR-US: no_package
-CVE-2004-2045
+CVE-2004-2045 (The HTTP administration interface on Conceptronic CADSLR1 ADSL router  ...)
 	NOT-FOR-US: no_package
-CVE-2004-2044
+CVE-2004-2044 (PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such a ...)
 	NOT-FOR-US: no_package
-CVE-2004-2043
+CVE-2004-2043 (Buffer overflow in ibserver for Firebird Database 1.0 and other versio ...)
 	{DSA-1014-1}
 	- firebird2 1.5.3.4870-3 (bug #357580)
-CVE-2004-2042
+CVE-2004-2042 (Multiple SQL injection vulnerabilities in e107 0.615 allow remote atta ...)
 	NOT-FOR-US: no_package
-CVE-2004-2041
+CVE-2004-2041 (PHP remote file inclusion vulnerability in secure_img_render.php in e1 ...)
 	NOT-FOR-US: no_package
-CVE-2004-2040
+CVE-2004-2040 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allo ...)
 	NOT-FOR-US: no_package
-CVE-2004-2039
+CVE-2004-2039 (e107 0.615 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: no_package
-CVE-2004-2038
+CVE-2004-2038 (Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) befo ...)
 	NOT-FOR-US: no_package
-CVE-2004-2037
+CVE-2004-2037 (Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote ...)
 	NOT-FOR-US: no_package
-CVE-2004-2036
+CVE-2004-2036 (SQL injection vulnerability in the art_print function in print.inc.php ...)
 	NOT-FOR-US: no_package
-CVE-2004-2035
+CVE-2004-2035 (MiniShare 1.3.2 allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: no_package
-CVE-2004-2034
+CVE-2004-2034 (Buffer overflow in the (1) WTHoster and (2) WebDriver modules in WildT ...)
 	NOT-FOR-US: no_package
-CVE-2004-2033
+CVE-2004-2033 (Orenosv 0.5.9f allows remote attackers to cause a denial of service (c ...)
 	NOT-FOR-US: no_package
-CVE-2004-2032
+CVE-2004-2032 (Netgear RP114 allows remote attackers to bypass the keyword based URL  ...)
 	NOT-FOR-US: no_package
-CVE-2004-2031
+CVE-2004-2031 (Cross-site scripting (XSS) vulnerability in user.php in e107 allows re ...)
 	NOT-FOR-US: no_package
-CVE-2004-2030
+CVE-2004-2030 (Multiple cross-site scripting (XSS) vulnerabilities in index.jsp for L ...)
 	NOT-FOR-US: no_package
-CVE-2004-2029
+CVE-2004-2029 (The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 R ...)
 	NOT-FOR-US: no_package
-CVE-2004-2028
+CVE-2004-2028 (Cross-site scripting (XSS) vulnerability in stats.php in e107 allows r ...)
 	NOT-FOR-US: no_package
-CVE-2004-2027
+CVE-2004-2027 (Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers t ...)
 	- icecast2 2.0.1.debian-1
-CVE-2004-2026
+CVE-2004-2026 (Format string vulnerability in the logmsg function in svc.c for Pound  ...)
 	- pound 1.7-1
-CVE-2004-2025
+CVE-2004-2025 (SQL injection vulnerability in application_top.php for Zen Cart 1.1.3  ...)
 	NOT-FOR-US: no_package
-CVE-2004-2024
+CVE-2004-2024 (The distribution of Zen Cart 1.1.4 before patch 2 includes certain deb ...)
 	NOT-FOR-US: no_package
-CVE-2004-2023
+CVE-2004-2023 (SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 bef ...)
 	NOT-FOR-US: no_package
-CVE-2004-2022
+CVE-2004-2022 (ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, w ...)
 	NOT-FOR-US: various perls on Windows
-CVE-2004-2021
+CVE-2004-2021 (Directory traversal vulnerability in file_manager.php in osCommerce 2. ...)
 	NOT-FOR-US: osCommerce
-CVE-2004-2020
+CVE-2004-2020 (Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x th ...)
 	NOT-FOR-US: php-nuke
-CVE-2004-2019
+CVE-2004-2019 (The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attacker ...)
 	NOT-FOR-US: php-nuke
-CVE-2004-2018
+CVE-2004-2018 (PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x t ...)
 	NOT-FOR-US: php-nuke
-CVE-2004-2017
+CVE-2004-2017 (Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic T ...)
 	NOT-FOR-US: Turbo Traffic Trader C (TTT-C)
-CVE-2004-2016
+CVE-2004-2016 (Stack-based buffer overflow in the HTTP server in NetChat 7.3 and earl ...)
 	NOT-FOR-US: netchat
-CVE-2004-2015
+CVE-2004-2015 (Cross-site scripting (XSS) vulnerability in WebCT Campus Edition allow ...)
 	NOT-FOR-US: WebCT
-CVE-2004-2014
+CVE-2004-2014 (Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via ...)
 	- wget 1.9.1-12
-CVE-2004-2013
+CVE-2004-2013 (Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in  ...)
 	NOTE: kernel 2.4.23-pre5 to 2.4.25; 2.4.26 and 2.6 are reported ok
-CVE-2004-2012
+CVE-2004-2012 (The systrace_exit function in the systrace utility for NetBSD-current  ...)
 	NOT-FOR-US: NetBSD
-CVE-2004-2011
+CVE-2004-2011 (msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to  ...)
 	NOT-FOR-US: MSIE
-CVE-2004-2010
+CVE-2004-2010 (PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1  ...)
 	NOT-FOR-US: phpShop
-CVE-2004-2009
+CVE-2004-2009 (NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full pa ...)
 	NOT-FOR-US: NukeJokes
-CVE-2004-2008
+CVE-2004-2008 (SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta ...)
 	NOT-FOR-US: NukeJokes
-CVE-2004-2007
+CVE-2004-2007 (Cross-site scripting (XSS) vulnerability in modules.php in NukeJokes 1 ...)
 	NOT-FOR-US: NukeJokes
-CVE-2004-2006
+CVE-2004-2006 (Trend Micro OfficeScan 3.0 - 6.0 has default permissions of "Everyone  ...)
 	NOT-FOR-US: OfficeScan
-CVE-2004-2005
+CVE-2004-2005 (Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows rem ...)
 	NOT-FOR-US: Eudora
-CVE-2004-2004
+CVE-2004-2004 (The Live CD in SUSE LINUX 9.1 Personal edition is configured without a ...)
 	NOT-FOR-US: SUSE Live CD
-CVE-2004-2003
+CVE-2004-2003 (Buffer overflow in the ssl_prcert function in the SSLway filter (sslwa ...)
 	NOT-FOR-US: DeleGate
-CVE-2004-2002
+CVE-2004-2002 (Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote at ...)
 	NOT-FOR-US: IRIX
-CVE-2004-2001
+CVE-2004-2001 (ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disa ...)
 	NOT-FOR-US: IRIX
-CVE-2004-2000
+CVE-2004-2000 (SQL injection vulnerability in the Downloads module in Php-Nuke 6.x th ...)
 	NOT-FOR-US: Php-Nuke
-CVE-2004-1999
+CVE-2004-1999 (Cross-site scripting (XSS) vulnerability in the Downloads module in Ph ...)
 	NOT-FOR-US: Windows
-CVE-2004-1998
+CVE-2004-1998 (The Downloads module in Php-Nuke 6.x through 7.2 allows remote attacke ...)
 	NOT-FOR-US: php-nuke
-CVE-2004-1997
+CVE-2004-1997 (Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, w ...)
 	NOT-FOR-US: kolab
-CVE-2004-1996
+CVE-2004-1996 (Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2004-1995
+CVE-2004-1995 (Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows ...)
 	NOT-FOR-US: FuseTalk
-CVE-2004-1994
+CVE-2004-1994 (FuseTalk 4.0 allows remote attackers to ban other users via a direct r ...)
 	NOT-FOR-US: FuseTalk
-CVE-2004-1993
+CVE-2004-1993 (The patch to the checklogin function in omail.pl for omail webmail 0.9 ...)
 	NOT-FOR-US: omail
-CVE-2004-1992
+CVE-2004-1992 (Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote atta ...)
 	NOT-FOR-US: Serv-U
-CVE-2004-1991
+CVE-2004-1991 (Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 allo ...)
 	NOT-FOR-US: aweb
-CVE-2004-1990
+CVE-2004-1990 (Aldo's Web Server (aweb) 1.5 allows remote attackers to gain sensitive ...)
 	NOT-FOR-US: aweb
-CVE-2004-1989
+CVE-2004-1989 (PHP remote file inclusion vulnerability in theme.php in Coppermine Pho ...)
 	NOT-FOR-US: Coppermine
-CVE-2004-1988
+CVE-2004-1988 (PHP remote file inclusion vulnerability in init.inc.php in Coppermine  ...)
 	NOT-FOR-US: Coppermine
-CVE-2004-1987
+CVE-2004-1987 (picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4  ...)
 	NOT-FOR-US: Coppermine
-CVE-2004-1986
+CVE-2004-1986 (Directory traversal vulnerability in modules.php in Coppermine Photo G ...)
 	NOT-FOR-US: Coppermine
-CVE-2004-1985
+CVE-2004-1985 (Cross-site scripting (XSS) vulnerability in menu.inc.php in Coppermine ...)
 	NOT-FOR-US: Coppermine
-CVE-2004-1984
+CVE-2004-1984 (Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers  ...)
 	NOT-FOR-US: Coppermine
-CVE-2004-1983
+CVE-2004-1983 (The arch_get_unmapped_area function in mmap.c in the PaX patches for L ...)
 	- kernel-patch-adamantix <not-affected> (Only affects PaX for kernel 2.6)
-CVE-2004-1982
+CVE-2004-1982 (Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify record ...)
 	NOT-FOR-US: YaBB
-CVE-2004-1981
+CVE-2004-1981 (The web interface for Crystal Reports allows remote attackers to cause ...)
 	NOT-FOR-US: Crystal Reports
-CVE-2004-1980
+CVE-2004-1980 (Directory traversal vulnerability in glossary.php in PROPS 0.6.1 allow ...)
 	NOT-FOR-US: PROPS
-CVE-2004-1979
+CVE-2004-1979 (Cross-site scripting (XSS) vulnerability in do_search.php in PROPS 0.6 ...)
 	NOT-FOR-US: PROPS
-CVE-2004-1978
+CVE-2004-1978 (Cross-site scripting (XSS) vulnerability in help.php in Moodle before  ...)
 	- moodle 1.3
-CVE-2004-1977
+CVE-2004-1977 (3com NBX IP VOIP NetSet Configuration Manager allows remote attackers  ...)
 	NOT-FOR-US: 3com NBX IP VOIP NetSet Configuration Manager
-CVE-2004-1976
+CVE-2004-1976 (SMC Barricade broadband router 7008ABR and 7004VBR enable remote admin ...)
 	NOT-FOR-US: SMC Barricade broadband router 7008ABR and 7004VBR
-CVE-2004-1975
+CVE-2004-1975 (Cross-site scripting (XSS) vulnerability in the category module in paf ...)
 	NOT-FOR-US: paFileDB
-CVE-2004-1974
+CVE-2004-1974 (paFileDB 3.1 allows remote attackers to gain sensitive information via ...)
 	NOT-FOR-US: paFileDB
-CVE-2004-1973
+CVE-2004-1973 (DiGi Web Server allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: DiGi Web Server
-CVE-2004-1972
+CVE-2004-1972 (SQL injection vulnerability in modules.php in PHP-Nuke Video Gallery M ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-1971
+CVE-2004-1971 (modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote  ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-1970
+CVE-2004-1970 (Samsung SmartEther SS6215S switch, and possibly other Samsung switches ...)
 	NOT-FOR-US: Samsung SmartEther SS6215Sswitch
-CVE-2004-1969
+CVE-2004-1969 (The avatar upload capability in Open Bulletin Board (OpenBB) 1.0.6 and ...)
 	NOT-FOR-US: OpenBB
-CVE-2004-1968
+CVE-2004-1968 (The readmsg action in myhome.php in Open Bulletin Board (OpenBB) 1.0.6 ...)
 	NOT-FOR-US: OpenBB
-CVE-2004-1967
+CVE-2004-1967 (Cross-site request forgery (CSRF) vulnerabilities in (1) cp_forums.php ...)
 	NOT-FOR-US: OpenBB
-CVE-2004-1966
+CVE-2004-1966 (Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) ...)
 	NOT-FOR-US: OpenBB
-CVE-2004-1965
+CVE-2004-1965 (Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin B ...)
 	NOT-FOR-US: OpenBB
-CVE-2004-1964
+CVE-2004-1964 (Cross-site scripting (XSS) vulnerability in nqt.php in Network Query T ...)
 	NOT-FOR-US: Network Query Tool (NQT)
-CVE-2004-1963
+CVE-2004-1963 (nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to obt ...)
 	NOT-FOR-US: Network Query Tool (NQT)
-CVE-2004-1962
+CVE-2004-1962 (SQL injection vulnerability in index.php in Protector System 1.15b1 al ...)
 	NOT-FOR-US: Protector System
-CVE-2004-1961
+CVE-2004-1961 (blocker.php in Protector System 1.15b1 allows remote attackers to bypa ...)
 	NOT-FOR-US: Protector System
-CVE-2004-1960
+CVE-2004-1960 (Cross-site scripting (XSS) vulnerability in blocker_query.php in Prote ...)
 	NOT-FOR-US: Protector System
-CVE-2004-1959
+CVE-2004-1959 (blocker_query.php in Protector System 1.15b1 for PHP-Nuke allows remot ...)
 	NOT-FOR-US: Protector System
-CVE-2004-1958
+CVE-2004-1958 (Directory traversal vulnerability in manifest.ini in Unreal engine all ...)
 	NOT-FOR-US: Unreal engine
-CVE-2004-1957
+CVE-2004-1957 (Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726  ...)
 	NOT-FOR-US: PostNuke
-CVE-2004-1956
+CVE-2004-1956 (PostNuke 0.7.2.6 allows remote attackers to gain information via a dir ...)
 	NOT-FOR-US: PostNuke
-CVE-2004-1955
+CVE-2004-1955 (SQL injection vulnerability in modules.php in phProfession 2.5 allows  ...)
 	NOT-FOR-US: phProfession
-CVE-2004-1954
+CVE-2004-1954 (Cross-site scripting (XSS) vulnerability in modules.php in phProfessio ...)
 	NOT-FOR-US: phProfession
-CVE-2004-1953
+CVE-2004-1953 (phProfession 2.5 allows remote attackers to gain sensitive information ...)
 	NOT-FOR-US: phProfession
-CVE-2004-1952
+CVE-2004-1952 (SQL injection vulnerability in Advanced Guestbook 2.2 allows remote at ...)
 	NOT-FOR-US: Advanced Guestbook
-CVE-2004-1951
+CVE-2004-1951 (xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.2 ...)
 	- xine-ui 0.99.1
-CVE-2004-1950
+CVE-2004-1950 (phpBB 2.0.8a and earlier trusts the IP address that is in the X-Forwar ...)
 	- phpbb2 2.0.9
-CVE-2004-1949
+CVE-2004-1949 (SQL injection vulnerability in PostNuke 7.2.6 and earlier allows remot ...)
 	NOT-FOR-US: PostNuke
-CVE-2004-1948
+CVE-2004-1948 (NcFTP client 3.1.6 and 3.1.7, when the username and password are inclu ...)
 	- ncftp 2:3.1.8-1 (low)
-CVE-2004-1947
+CVE-2004-1947 (The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender S ...)
 	NOT-FOR-US: bitdefender
-CVE-2004-1946
+CVE-2004-1946 (Format string vulnerability in the PRINT_ERROR function in common.c fo ...)
 	- cherokee 0.4.21b01-1
-CVE-2004-1945
+CVE-2004-1945 (Buffer overflow in Kinesphere eXchange POP3 allows remote attackers to ...)
 	NOT-FOR-US: Kinesphere eXchange POP3
-CVE-2004-1944
+CVE-2004-1944 (Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a de ...)
 	NOT-FOR-US: Eudora
-CVE-2004-1943
+CVE-2004-1943 (PHP remote file inclusion vulnerability in album_portal.php in phpBB m ...)
 	NOT-FOR-US: phpbb as modified by przemo
-CVE-2004-1942
+CVE-2004-1942 (The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 throu ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1941
+CVE-2004-1941 (Fastream NETFile FTP/Web Server 6.5.1.980 allows remote attackers to c ...)
 	NOT-FOR-US: Fastream NETFile FTP/Web Server
-CVE-2004-1940
+CVE-2004-1940 (sipclient.cpp in KPhone 4.0.1 and earlier allows remote attackers to c ...)
 	- kphone 1:4.0.2
-CVE-2004-1939
+CVE-2004-1939 (Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows r ...)
 	NOT-FOR-US: Zaep
-CVE-2004-1938
+CVE-2004-1938 (SQL injection vulnerability in userlogin.php in Phorum 3.4.7 allows re ...)
 	NOT-FOR-US: Phorum
-CVE-2004-1937
+CVE-2004-1937 (Multiple directory traversal vulnerabilities in Nuked-KlaN 1.4b and 1. ...)
 	NOT-FOR-US: Nuked-KlaN
-CVE-2004-1936
+CVE-2004-1936 (ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote at ...)
 	NOT-FOR-US: ZoneAlarm
-CVE-2004-1935
+CVE-2004-1935 (Cross-site scripting (XSS) vulnerability in SCT Campus Pipeline allows ...)
 	NOT-FOR-US: SCT Campus Pipeline
-CVE-2004-1934
+CVE-2004-1934 (PHP remote file inclusion vulnerability in affich.php in Gemitel 3.50  ...)
 	NOT-FOR-US: Gemitel
-CVE-2004-1933
+CVE-2004-1933 (Citadel/UX 5.00 through 6.14 installs the database directory and files ...)
 	NOT-FOR-US: Citadel
-CVE-2004-1932
+CVE-2004-1932 (SQL injection vulnerability in (1) auth.php and (2) admin.php in PHP-N ...)
 	NOT-FOR-US: PhpNuke
-CVE-2004-1930
+CVE-2004-1930 (Cross-site scripting (XSS) vulnerability in the cookiedecode function  ...)
 	NOT-FOR-US: PhpNuke
-CVE-2004-1929
+CVE-2004-1929 (SQL injection vulnerability in the bblogin function in functions.php i ...)
 	NOT-FOR-US: PhpNuke
-CVE-2004-1928
+CVE-2004-1928 (The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and ea ...)
 	NOT-FOR-US: tikiwiki
-CVE-2004-1927
+CVE-2004-1927 (Directory traversal vulnerability in the map feature (tiki-map.phtml)  ...)
 	NOT-FOR-US: tikiwiki
-CVE-2004-1926
+CVE-2004-1926 (Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attacker ...)
 	NOT-FOR-US: tikiwiki
-CVE-2004-1925
+CVE-2004-1925 (Multiple SQL injection vulnerabilities in Tiki CMS/Groupware (TikiWiki ...)
 	NOT-FOR-US: tikiwiki
-CVE-2004-1924
+CVE-2004-1924 (Multiple cross-site scripting (XSS) vulnerabilities in Tiki CMS/Groupw ...)
 	NOT-FOR-US: tikiwiki
-CVE-2004-1923
+CVE-2004-1923 (Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attacker ...)
 	NOT-FOR-US: tikiwiki
-CVE-2004-1922
+CVE-2004-1922 (Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the  ...)
 	NOT-FOR-US: MSIE
-CVE-2004-1921
+CVE-2004-1921 (X-Micro WLAN 11b Broadband Router 1.6.0.1 has a hardcoded "1502" usern ...)
 	NOT-FOR-US: X-Micro WLAN 11b Broadband Router
-CVE-2004-1920
+CVE-2004-1920 (X-Micro WLAN 11b Broadband Router 1.2.2, 1.2.2.3, 1.2.2.4, and 1.6.0.0 ...)
 	NOT-FOR-US: X-Micro WLAN 11b Broadband Router
-CVE-2004-1919
+CVE-2004-1919 (The hash_strcmp function in hasch.c in Crackalaka 1.0.8 allows remote  ...)
 	NOT-FOR-US: Crackalaka
-CVE-2004-1918
+CVE-2004-1918 (RSniff 1.0 allows remote attackers to cause a denial of service (conne ...)
 	NOT-FOR-US: rsniff
-CVE-2004-1917
+CVE-2004-1917 (Format string vulnerability in test_func_func in LCDProc 0.4.1 and ear ...)
 	- lcdproc 0.4.5
-CVE-2004-1916
+CVE-2004-1916 (Multiple buffer overflows in LCDProc 0.4.1, and possibly other 0.4.x v ...)
 	- lcdproc 0.4.5
-CVE-2004-1915
+CVE-2004-1915 (Buffer overflow in the parse_all_client_messages function in LCDproc 0 ...)
 	- lcdproc 0.4.5
-CVE-2004-1914
+CVE-2004-1914 (SQL injection vulnerability in modules.php in NukeCalendar 1.1.a, as u ...)
 	NOT-FOR-US: phpnuke
-CVE-2004-1913
+CVE-2004-1913 (Cross-site scripting (XSS) vulnerability in modules.php in NukeCalenda ...)
 	NOT-FOR-US: phpnuke
-CVE-2004-1912
+CVE-2004-1912 (The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php,  ...)
 	NOT-FOR-US: phpnuke
-CVE-2004-1911
+CVE-2004-1911 (Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allow ...)
 	NOT-FOR-US: AzDGDatingLite
-CVE-2004-1910
+CVE-2004-1910 (rufsi.dll in Symantec Virus Detection allows remote attackers to cause ...)
 	NOT-FOR-US: Symantec
-CVE-2004-1909
+CVE-2004-1909 (Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to  ...)
 	- clamav 0.68.1
-CVE-2004-1908
+CVE-2004-1908 (McFreeScan.CoMcFreeScan.1 ActiveX object in Mcafee FreeScan allows rem ...)
 	NOT-FOR-US: Mcafee FreeScan
-CVE-2004-1907
+CVE-2004-1907 (The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.1 ...)
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2004-1906
+CVE-2004-1906 (Mcafee FreeScan allows remote attackers to cause a denial of service a ...)
 	NOT-FOR-US: Mcafee FreeScan
-CVE-2004-1905
+CVE-2004-1905 (ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to cause ...)
 	NOT-FOR-US: Panda ActiveScan
-CVE-2004-1904
+CVE-2004-1904 (Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote ...)
 	NOT-FOR-US: Panda ActiveScan
-CVE-2004-1903
+CVE-2004-1903 (Buffer overflow in blaxxun 3D 7.0 allows remote attackers to execute a ...)
 	NOT-FOR-US: blaxxun
-CVE-2004-1902
+CVE-2004-1902 (The Citrix MetaFrame Password Manager 2.0, when a central credential s ...)
 	NOT-FOR-US: Citrix MetaFrame Password Manager
-CVE-2004-1901
+CVE-2004-1901 (Portage before 2.0.50-r3 allows local users to overwrite arbitrary fil ...)
 	NOT-FOR-US: gentoo portage
-CVE-2004-1900
+CVE-2004-1900 (Format string vulnerability in the logging function in IGI 2 Covert St ...)
 	NOT-FOR-US: IGI 2 Covert Strike server
-CVE-2004-1899
+CVE-2004-1899 (The administration interface in Monit 1.4 through 4.2 allows remote at ...)
 	- monit 1:4.2.1
-CVE-2004-1898
+CVE-2004-1898 (Stack-based buffer overflow in the administration interface in Monit 1 ...)
 	- monit 1:4.2.1-1
-CVE-2004-1897
+CVE-2004-1897 (Administration interface in Monit 1.4 through 4.2 allows remote attack ...)
 	- monit 1:4.2.1-1
-CVE-2004-1896
+CVE-2004-1896 (Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 throu ...)
 	NOT-FOR-US: no_package
-CVE-2004-1895
+CVE-2004-1895 (YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to ove ...)
 	NOT-FOR-US: no_package
-CVE-2004-1894
+CVE-2004-1894 (TEXutil in ConTEXt, when executed with the --silent option, allows loc ...)
 	NOT-FOR-US: no_package
-CVE-2004-1893
+CVE-2004-1893 (Dreamweaver MX, when "Using Driver On Testing Server" or "Using DSN on ...)
 	NOT-FOR-US: no_package
-CVE-2004-1892
+CVE-2004-1892 (Stack-based buffer overflow in DecodeBase16 function, as used in the ( ...)
 	NOT-FOR-US: no_package
-CVE-2004-1891
+CVE-2004-1891 (The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with  ...)
 	NOT-FOR-US: no_package
-CVE-2004-1890
+CVE-2004-1890 (Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows ...)
 	NOT-FOR-US: no_package
-CVE-2004-1889
+CVE-2004-1889 (Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows ...)
 	NOT-FOR-US: no_package
-CVE-2004-1888
+CVE-2004-1888 (display.cgi in Aborior Encore WebForum allows remote to execute arbitr ...)
 	NOT-FOR-US: no_package
-CVE-2004-1887
+CVE-2004-1887 (Ada Image Server (ImgSvr) 0.4 allows remote attackers to view director ...)
 	NOT-FOR-US: no_package
 CVE-2004-1886
 	REJECTED
-CVE-2004-1885
+CVE-2004-1885 (Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to exec ...)
 	NOT-FOR-US: no_package
-CVE-2004-1884
+CVE-2004-1884 (Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with ...)
 	NOT-FOR-US: no_package
-CVE-2004-1883
+CVE-2004-1883 (Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow re ...)
 	NOT-FOR-US: no_package
-CVE-2004-1882
+CVE-2004-1882 (Cross-site scripting (XSS) vulnerability in popuplargeimage.asp in Cac ...)
 	NOT-FOR-US: no_package
-CVE-2004-1881
+CVE-2004-1881 (SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp  ...)
 	NOT-FOR-US: no_package
-CVE-2004-1880
+CVE-2004-1880 (Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier al ...)
 	- openldap2 2.1.17-1
-CVE-2004-1879
+CVE-2004-1879 (Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows allow ...)
 	NOT-FOR-US: no_package
-CVE-2004-1878
+CVE-2004-1878 (LINBOX LIN:BOX allows remote attackers to bypass authentication, obtai ...)
 	NOT-FOR-US: no_package
-CVE-2004-1877
+CVE-2004-1877 (The p_submit_url value in the sample login form in the Oracle 9i Appli ...)
 	NOT-FOR-US: no_package
-CVE-2004-1876
+CVE-2004-1876 (The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon  ...)
 	- clamav 0.70-1
-CVE-2004-1875
+CVE-2004-1875 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0-R8 ...)
 	NOT-FOR-US: no_package
-CVE-2004-1874
+CVE-2004-1874 (Multiple cross-site scripting (XSS) vulnerabilities in (1) deliver.asp ...)
 	NOT-FOR-US: no_package
-CVE-2004-1873
+CVE-2004-1873 (SQL injection vulnerability in category.asp in A-CART Pro and A-CART 2 ...)
 	NOT-FOR-US: no_package
-CVE-2004-1872
+CVE-2004-1872 (Cross-site scripting (XSS) vulnerability in WebCT Campus Edition 4.1.1 ...)
 	NOT-FOR-US: no_package
-CVE-2004-1871
+CVE-2004-1871 (Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP P ...)
 	NOT-FOR-US: no_package
-CVE-2004-1870
+CVE-2004-1870 (Multiple SQL injection vulnerabilities in PhotoPost PHP Pro 4.6.x and  ...)
 	NOT-FOR-US: no_package
-CVE-2004-1869
+CVE-2004-1869 (Etherlords I 1.07 and earlier and Etherlords II 1.03 and earlier allow ...)
 	NOT-FOR-US: no_package
-CVE-2004-1868
+CVE-2004-1868 (Stack-based buffer overflow in WinSig.exe in eSignal 7.5 and 7.6 allow ...)
 	NOT-FOR-US: no_package
-CVE-2004-1867
+CVE-2004-1867 (Cross-site scripting (XSS) vulnerability in guest.cgi in Fresh Guest B ...)
 	NOT-FOR-US: no_package
-CVE-2004-1866
+CVE-2004-1866 (nstxd in Nstx 1.1 beta3 and earlier allows remote attackers to cause a ...)
 	- nstx 1.1-beta4-1
-CVE-2004-1865
+CVE-2004-1865 (Cross-site scripting (XSS) vulnerability in the administration panel i ...)
 	NOT-FOR-US: no_package
-CVE-2004-1864
+CVE-2004-1864 (SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta all ...)
 	NOT-FOR-US: no_package
-CVE-2004-1863
+CVE-2004-1863 (Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extrem ...)
 	NOT-FOR-US: no_package
-CVE-2004-1862
+CVE-2004-1862 (Multiple cross-site scripting (XSS) vulnerabilities in Extreme Message ...)
 	NOT-FOR-US: no_package
-CVE-2004-1861
+CVE-2004-1861 (Invision NetSupport School Pro uses a weak encryption algorithm to enc ...)
 	NOT-FOR-US: no_package
-CVE-2004-1860
+CVE-2004-1860 (Buffer overflow in Check Point SmartDashboard in Check Point NG AI R54 ...)
 	NOT-FOR-US: no_package
-CVE-2004-1859
+CVE-2004-1859 (Directory traversal vulnerability in Trend Micro Interscan Web Viruswa ...)
 	NOT-FOR-US: no_package
-CVE-2004-1858
+CVE-2004-1858 (HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: no_package
-CVE-2004-1857
+CVE-2004-1857 (Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7. ...)
 	NOT-FOR-US: no_package
-CVE-2004-1856
+CVE-2004-1856 (devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when ...)
 	NOT-FOR-US: no_package
-CVE-2004-1855
+CVE-2004-1855 (Dark Age of Camelot before 1.68 live patch does not sign the RSA publi ...)
 	NOT-FOR-US: no_package
-CVE-2004-1854
+CVE-2004-1854 (Buffer overflow in the logging function in Picophone 1.63 and earlier  ...)
 	NOT-FOR-US: no_package
-CVE-2004-1853
+CVE-2004-1853 (Buffer overflow in Terminator 3: War of the Machines 1.0 allows remote ...)
 	NOT-FOR-US: no_package
-CVE-2004-1852
+CVE-2004-1852 (DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transm ...)
 	NOT-FOR-US: no_package
-CVE-2004-1851
+CVE-2004-1851 (Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data t ...)
 	NOT-FOR-US: no_package
-CVE-2004-1850
+CVE-2004-1850 (The Rage 1.01 and earlier allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: no_package
-CVE-2004-1849
+CVE-2004-1849 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 al ...)
 	NOT-FOR-US: no_package
-CVE-2004-1848
+CVE-2004-1848 (Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: no_package
-CVE-2004-1847
+CVE-2004-1847 (News Manager Lite 2.5 allows remote attackers to bypass authentication ...)
 	NOT-FOR-US: no_package
-CVE-2004-1846
+CVE-2004-1846 (Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow  ...)
 	NOT-FOR-US: no_package
-CVE-2004-1845
+CVE-2004-1845 (Multiple cross-site scripting (XSS) vulnerabilities in News Manager Li ...)
 	NOT-FOR-US: no_package
-CVE-2004-1844
+CVE-2004-1844 (Cross-site scripting (XSS) vulnerability in Member Management System 2 ...)
 	NOT-FOR-US: no_package
-CVE-2004-1843
+CVE-2004-1843 (SQL injection vulnerability in Member Management System 2.1 allows rem ...)
 	NOT-FOR-US: no_package
-CVE-2004-1842
+CVE-2004-1842 (Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x throug ...)
 	NOT-FOR-US: no_package
-CVE-2004-1841
+CVE-2004-1841 (SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke all ...)
 	NOT-FOR-US: no_package
-CVE-2004-1840
+CVE-2004-1840 (Multiple cross-site scripting (XSS) vulnerabilities in MS Analysis mod ...)
 	NOT-FOR-US: no_package
-CVE-2004-1839
+CVE-2004-1839 (MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain  ...)
 	NOT-FOR-US: no_package
-CVE-2004-1838
+CVE-2004-1838 (Directory traversal vulnerability in xweb 1.0 allows remote attackers  ...)
 	NOT-FOR-US: no_package
-CVE-2004-1837
+CVE-2004-1837 (Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before 3. ...)
 	NOT-FOR-US: no_package
-CVE-2004-1836
+CVE-2004-1836 (SQL injection vulnerability in index.php in Invision Power Top Site Li ...)
 	NOT-FOR-US: no_package
-CVE-2004-1835
+CVE-2004-1835 (Multiple SQL injection vulnerabilities in index.php in Invision Galler ...)
 	NOT-FOR-US: no_package
-CVE-2004-1834
+CVE-2004-1834 (mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, inc ...)
 	- apache2 2.0.53-1
-CVE-2004-1833
+CVE-2004-1833 (The admin.ib file in Borland Interbase 7.1 for Linux has default world ...)
 	NOT-FOR-US: no_package
-CVE-2004-1832
+CVE-2004-1832 (Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allow ...)
 	NOT-FOR-US: no_package
-CVE-2004-1831
+CVE-2004-1831 (Buffer overflow in Chrome 1.2.0.0 and earlier allows remote attackers  ...)
 	NOT-FOR-US: no_package
-CVE-2004-1830
+CVE-2004-1830 (error.php in Error Manager 2.1 for PHP-Nuke 6.0 allows remote attacker ...)
 	NOT-FOR-US: no_package
-CVE-2004-1829
+CVE-2004-1829 (Multiple cross-site scripting (XSS) vulnerabilities in error.php in Gi ...)
 	NOT-FOR-US: no_package
-CVE-2004-1828
+CVE-2004-1828 (Vcard 2.9 and possibly other versions does not require authorization t ...)
 	NOT-FOR-US: no_package
-CVE-2004-1827
+CVE-2004-1827 (Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaB ...)
 	NOT-FOR-US: no_package
-CVE-2004-1826
+CVE-2004-1826 (SQL injection vulnerability in index.php in Mambo Open Source 4.5 stab ...)
 	NOT-FOR-US: no_package
-CVE-2004-1825
+CVE-2004-1825 (Cross-site scripting (XSS) vulnerability in index.php in Mambo Open So ...)
 	NOT-FOR-US: no_package
-CVE-2004-1824
+CVE-2004-1824 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before 3 ...)
 	NOT-FOR-US: no_package
-CVE-2004-1823
+CVE-2004-1823 (Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft vBullet ...)
 	NOT-FOR-US: no_package
-CVE-2004-1822
+CVE-2004-1822 (Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.1 thro ...)
 	NOT-FOR-US: no_package
-CVE-2004-1821
+CVE-2004-1821 (SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 through 7 ...)
 	NOT-FOR-US: no_package
-CVE-2004-1820
+CVE-2004-1820 (PHP remote file inclusion vulnerability in displaycategory.php in 4nal ...)
 	NOT-FOR-US: no_package
-CVE-2004-1819
+CVE-2004-1819 (4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to o ...)
 	NOT-FOR-US: no_package
-CVE-2004-1818
+CVE-2004-1818 (Cross-site scripting (XSS) vulnerability in nmimage.php in 4nalbum 0.9 ...)
 	NOT-FOR-US: no_package
-CVE-2004-1817
+CVE-2004-1817 (Cross-site scripting (XSS) vulnerability in modules.php in Php-Nuke 7. ...)
 	NOT-FOR-US: no_package
-CVE-2004-1816
+CVE-2004-1816 (Unknown vulnerability in Sun Java System Application Server 7.0 Update ...)
 	NOT-FOR-US: no_package
-CVE-2004-1815
+CVE-2004-1815 (Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when ...)
 	NOT-FOR-US: no_package
-CVE-2004-1814
+CVE-2004-1814 (Directory traversal vulnerability in VocalTec VGW4/8 Gateway 8.0 allow ...)
 	NOT-FOR-US: no_package
-CVE-2004-1813
+CVE-2004-1813 (VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass authenti ...)
 	NOT-FOR-US: no_package
-CVE-2004-1812
+CVE-2004-1812 (Multiple stack-based buffer overflows in Agent Common Services (1) cam ...)
 	NOT-FOR-US: no_package
-CVE-2004-1811
+CVE-2004-1811 (The SSL HTTP Server in HP Web-enabled Management Software 5.0 through  ...)
 	NOT-FOR-US: no_package
-CVE-2004-1810
+CVE-2004-1810 (The Javascript engine in Opera 7.23 allows remote attackers to cause a ...)
 	NOT-FOR-US: no_package
-CVE-2004-1809
+CVE-2004-1809 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and earlier a ...)
 	- phpbb2 2.0.10-1
 	NOTE: probably fixed in 2.0.6d-3
-CVE-2004-1808
+CVE-2004-1808 (Extcompose in metamail does not verify the output file before writing  ...)
 	NOTE: according to Jeroen van Wolffelaar this is not a bug in metamail
 	NOTE: see bug #308875
-CVE-2004-1807
+CVE-2004-1807 (Cross-site scripting (XSS) vulnerability in index.cfm in CFWebstore 5. ...)
 	NOT-FOR-US: no_package
-CVE-2004-1806
+CVE-2004-1806 (SQL injection vulnerability in index.cfm in CFWebstore 5.0 allows remo ...)
 	NOT-FOR-US: no_package
-CVE-2004-1805
+CVE-2004-1805 (Format string vulnerability in games using the Epic Games Unreal Engin ...)
 	NOT-FOR-US: no_package
-CVE-2004-1804
+CVE-2004-1804 (wMCam server 2.1.348 allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: no_package
-CVE-2004-1802
+CVE-2004-1802 (Chat Anywhere 2.72 and earlier allows remote attackers to hide their I ...)
 	NOT-FOR-US: no_package
-CVE-2004-1801
+CVE-2004-1801 (Directory traversal vulnerability in PWebServer 0.3.3 allows remote at ...)
 	NOT-FOR-US: no_package
-CVE-2004-1800
+CVE-2004-1800 (Unknown vulnerability in Sysbotz SimpleData 4.0.1 and possibly earlier ...)
 	NOT-FOR-US: no_package
-CVE-2004-1799
+CVE-2004-1799 (PF in certain OpenBSD versions, when stateful filtering is enabled, do ...)
 	NOT-FOR-US: no_package
-CVE-2004-1798
+CVE-2004-1798 (RealOne player 6.0.11.868 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: no_package
-CVE-2004-1797
+CVE-2004-1797 (Cross-site scripting (XSS) vulnerability in search.php for FreznoShop  ...)
 	NOT-FOR-US: no_package
-CVE-2004-1796
+CVE-2004-1796 (PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier a ...)
 	NOT-FOR-US: no_package
-CVE-2004-1795
+CVE-2004-1795 (Info Touch Surfnet kiosk allows local users to access the underlying f ...)
 	NOT-FOR-US: no_package
-CVE-2004-1794
+CVE-2004-1794 (Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows ...)
 	NOT-FOR-US: no_package
-CVE-2004-1793
+CVE-2004-1793 (Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and  ...)
 	NOT-FOR-US: no_package
-CVE-2004-1792
+CVE-2004-1792 (swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers ...)
 	NOT-FOR-US: no_package
-CVE-2004-1791
+CVE-2004-1791 (The web management interface in Edimax AR-6004 ADSL Routers uses a def ...)
 	NOT-FOR-US: Edimax Router
-CVE-2004-1790
+CVE-2004-1790 (Cross-site scripting (XSS) vulnerability in the web management interfa ...)
 	NOT-FOR-US: Edimax Router
-CVE-2004-1789
+CVE-2004-1789 (Cross-site scripting (XSS) vulnerability in the web management interfa ...)
 	NOT-FOR-US: ZyWALL
-CVE-2004-1788
+CVE-2004-1788 (ASP-Nuke 1.3 and earlier places user credentials under the web documen ...)
 	NOT-FOR-US: ASP-Nuke
-CVE-2004-1787
+CVE-2004-1787 (SQL injection vulnerability in PostCalendar 4.0.0 allows remote attack ...)
 	NOT-FOR-US: PostCalendar
-CVE-2004-1786
+CVE-2004-1786 (PortalApp places user credentials under the web root with insufficient ...)
 	NOT-FOR-US: PortalApp
-CVE-2004-1785
+CVE-2004-1785 (SQL injection vulnerability in calendar.php for Invision Power Board 1 ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2004-1784
+CVE-2004-1784 (Buffer overflow in the web server of Webcam Watchdog 3.63 allows remot ...)
 	NOT-FOR-US: web server of Webcam Watchdog
-CVE-2004-1783
+CVE-2004-1783 (Directory traversal vulnerability in Net2Soft Flash FTP Server 1.0 all ...)
 	NOT-FOR-US: Net2Soft Flash FTP Server
-CVE-2004-1782
+CVE-2004-1782 (athenareg.php in Athena Web Registration allows remote attackers to ex ...)
 	NOT-FOR-US: Athena Web Registration
-CVE-2004-1781
+CVE-2004-1781 (Info Touch Surfnet kiosk allows local users to crash Surfnet and acces ...)
 	NOT-FOR-US: Info Touch Surfnet kiosk
-CVE-2004-1780
+CVE-2004-1780 (Info Touch Surfnet kiosk allows local users to deposit extra time into ...)
 	NOT-FOR-US: Info Touch Surfnet kiosk
-CVE-2004-1779
+CVE-2004-1779 (Cross-site scripting (XSS) vulnerability in board.php for ThWboard bef ...)
 	NOT-FOR-US: ThWboard
-CVE-2004-2069
+CVE-2004-2069 (sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, whe ...)
 	- openssh 1:3.8p1
-CVE-2004-2068
+CVE-2004-2068 (fetchnews in leafnode 1.9.47 and earlier allows remote attackers to ca ...)
 	- leafnode <not-affected> (Leafnode2 development branch)
-CVE-2004-1778
+CVE-2004-1778 (Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, cr ...)
 	NOT-FOR-US: Skype
-CVE-2004-1777
+CVE-2004-1777 (A "range check error" in Skype for Windows before 0.98.0.28 allows loc ...)
 	NOT-FOR-US: Skype
-CVE-2004-1776
+CVE-2004-1776 (Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and mod ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1775
+CVE-2004-1775 (Cisco VACM (View-based Access Control MIB) for Catalyst Operating Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1774
+CVE-2004-1774 (Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDS ...)
 	NOT-FOR-US: Oracle
-CVE-2004-1773
+CVE-2004-1773 (Multiple buffer overflows in sharutils 4.2.1 and earlier may allow att ...)
 	- sharutils 1:4.2.1-12
-CVE-2004-1772
+CVE-2004-1772 (Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows loca ...)
 	- sharutils 1:4.2.1-11
-CVE-2004-1771
+CVE-2004-1771 (Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass in ...)
 	NOT-FOR-US: Scalable OGo (SOGo)
-CVE-2004-1770
+CVE-2004-1770 (The login page for cPanel 9.1.0, and possibly other versions, allows r ...)
 	NOT-FOR-US: not our cpanel
-CVE-2004-1769
+CVE-2004-1769 (The "Allow cPanel users to reset their password via email" feature in  ...)
 	NOT-FOR-US: not our cpanel
-CVE-2004-1768
+CVE-2004-1768 (The character converters in the Spamhunter and Language ID modules for ...)
 	NOT-FOR-US: Symantec Brightmail AntiSpam
-CVE-2004-1767
+CVE-2004-1767 (The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain priv ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1766
+CVE-2004-1766 (The default installation of NetScreen-Security Manager before Feature  ...)
 	NOT-FOR-US: NetScreen-Security Manager
-CVE-2004-1765
+CVE-2004-1765 (Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apa ...)
 	- libapache-mod-security <not-affected> (only seems to affect 1.7.4, not the newer branch in Debian)
-CVE-2004-1764
+CVE-2004-1764 (Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, an ...)
 	NOT-FOR-US: HP-UX
-CVE-2004-1763
+CVE-2004-1763 (Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 ...)
 	NOT-FOR-US: hsrun.exe
-CVE-2004-1762
+CVE-2004-1762 (Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux bef ...)
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2004-1761
+CVE-2004-1761 (Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to ...)
 	- ethereal 0.10.3
-CVE-2004-1760
+CVE-2004-1760 (The default installation of Cisco voice products, when running the IBM ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1759
+CVE-2004-1759 (Cisco voice products, when running the IBM Director Agent on IBM serve ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1758
+CVE-2004-1758 (BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2004-1757
+CVE-2004-1757 (BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the admin ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2004-1756
+CVE-2004-1756 (BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0  ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2004-1755
+CVE-2004-1755 (The Web Services fat client for BEA WebLogic Server and Express 7.0 SP ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2004-1754
+CVE-2004-1754 (The DNS proxy (DNSd) for multiple Symantec Gateway Security products a ...)
 	NOT-FOR-US: Symantec DNSd
-CVE-2004-1753
+CVE-2004-1753 (The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, ...)
 	NOT-FOR-US: Apple Java plugin
-CVE-2004-1752
+CVE-2004-1752 (Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote atta ...)
 	NOT-FOR-US: Gaucho
-CVE-2004-1751
+CVE-2004-1751 (Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote  ...)
 	NOT-FOR-US: Ground Control II
-CVE-2004-1750
+CVE-2004-1750 (RealVNC 4.0 and earlier allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: RealVNC
-CVE-2004-1749
+CVE-2004-1749 (Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when  ...)
 	NOT-FOR-US: Attack Mitigator IPS 5500
-CVE-2004-1748
+CVE-2004-1748 (NtRegmon before 6.12 allows local users to cause a denial of service ( ...)
 	NOT-FOR-US: NtRegmon
-CVE-2004-1747
+CVE-2004-1747 (Cross-site scripting (XSS) vulnerability in NetworkEverywhere NR041 ru ...)
 	NOT-FOR-US: NetworkEverywhere NR041
-CVE-2004-1746
+CVE-2004-1746 (Cross-site scripting (XSS) vulnerability in index.php in PHP Code Snip ...)
 	NOT-FOR-US: PHP Code Snippet Library
-CVE-2004-1745
+CVE-2004-1745 (Buffer overflow in Painkiller 1.3.1 and earlier allows remote attacker ...)
 	NOT-FOR-US: Painkiller
-CVE-2004-1744
+CVE-2004-1744 (Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to caus ...)
 	NOT-FOR-US: ESF Webserver
-CVE-2004-1743
+CVE-2004-1743 (Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to view ...)
 	NOT-FOR-US: ESF Webserver
-CVE-2004-1742
+CVE-2004-1742 (Directory traversal vulnerability in WebAPP 0.9.9 allows remote attack ...)
 	NOT-FOR-US: WebAPP
-CVE-2004-1741
+CVE-2004-1741 (Music daemon (musicd) 0.0.3 and earlier allows remote attackers to cau ...)
 	NOT-FOR-US: musicd
-CVE-2004-1740
+CVE-2004-1740 (Music daemon (musicd) 0.0.3 and earlier allows remote attackers to rea ...)
 	NOT-FOR-US: musicd
-CVE-2004-1739
+CVE-2004-1739 (Bird Chat 1.61 allows remote attackers to cause a denial of service (c ...)
 	NOT-FOR-US: Bird Chat
-CVE-2004-1738
+CVE-2004-1738 (Cross-site scripting (XSS) vulnerability in page.php in JShop allows r ...)
 	NOT-FOR-US: JShop
-CVE-2004-1737
+CVE-2004-1737 (SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows r ...)
 	- cacti 0.8.5a-5
-CVE-2004-1736
+CVE-2004-1736 (Cacti 0.8.5a allows remote attackers to gain sensitive information via ...)
 	- cacti 0.8.5a-5
-CVE-2004-1735
+CVE-2004-1735 (Cross-site scripting (XSS) vulnerability in the create list option in  ...)
 	- sympa 4.1.5-4 (bug #298105; unimportant)
 	NOTE: A user with the privilege to create new mailing lists needs to be trustworthy
-CVE-2004-1734
+CVE-2004-1734 (PHP remote file inclusion vulnerability in Mantis 0.19.0a allows remot ...)
 	- mantis 0.19.2-1
-CVE-2004-1733
+CVE-2004-1733 (Directory traversal vulnerability in MyDMS 1.4.2 and other versions al ...)
 	- mydms 1.4.3-1
-CVE-2004-1732
+CVE-2004-1732 (SQL injection vulnerability in out.ViewFolder.php in MyDMS before 1.4. ...)
 	- mydms 1.4.3-1
-CVE-2004-1731
+CVE-2004-1731 (signup_page.php in Mantis bugtracker allows remote attackers to send e ...)
 	- mantis 0.19.0-1
-CVE-2004-1730
+CVE-2004-1730 (Cross-site scripting (XSS) vulnerability in Mantis bugtracker allows r ...)
 	- mantis 0.19.0-1
-CVE-2004-1729
+CVE-2004-1729 (Cross-site scripting (XSS) vulnerability in Nihuo Web Log Analyzer 1.6 ...)
 	NOT-FOR-US: Nihuo Web Log Analyzer
-CVE-2004-1728
+CVE-2004-1728 (Buffer overflow in British National Corpus SARA (sarad) allows remote  ...)
 	NOT-FOR-US: sarad
-CVE-2004-1727
+CVE-2004-1727 (BadBlue 2.5 allows remote attackers to cause a denial of service (refu ...)
 	NOT-FOR-US: BadBlue
-CVE-2004-1726
+CVE-2004-1726 (Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm. ...)
 	NOT-FOR-US: XV
-CVE-2004-1725
+CVE-2004-1725 (Stack-based buffer overflow in xvbmp.c in XV allows remote attackers t ...)
 	NOT-FOR-US: XV
-CVE-2004-1724
+CVE-2004-1724 (The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2004-1723
+CVE-2004-1723 (The (1) updateuser.php and (2) forums_prune.php scripts in PHP-Fusion  ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2004-1722
+CVE-2004-1722 (SQL injection vulnerability in calendar.html in Merak Mail Server 5.2. ...)
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1721
+CVE-2004-1721 (The (1) function.php or (2) function.view.php scripts in Merak Mail Se ...)
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1720
+CVE-2004-1720 (The (1) address.html and possibly (2) calendar.html pages in Merak Mai ...)
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1719
+CVE-2004-1719 (Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail S ...)
 	NOT-FOR-US: Merak Webmail Server
-CVE-2004-1718
+CVE-2004-1718 (The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 an ...)
 	NOT-FOR-US: IPD
-CVE-2004-1717
+CVE-2004-1717 (Multiple buffer overflows in the psscan function in ps.c for gv (ghost ...)
 	- gv 1:3.6.1-1
-CVE-2004-1716
+CVE-2004-1716 (Cross-site scripting (XSS) vulnerability in PForum before 1.26 allows  ...)
 	NOT-FOR-US: PForum
-CVE-2004-1715
+CVE-2004-1715 (Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4  ...)
 	NOT-FOR-US: MIMEsweeper
-CVE-2004-1714
+CVE-2004-1714 (BlackICE PC Protection and Server Protection installs (1) firewall.ini ...)
 	NOT-FOR-US: BlackICE PC Protection
-CVE-2004-1713
+CVE-2004-1713 (Unknown vulnerability in HP Process Resource Manager (PRM) C.02.01[.01 ...)
 	NOT-FOR-US: PRM on HP-UX
-CVE-2004-1712
+CVE-2004-1712 (Cross-site scripting (XSS) vulnerability in TypePad allows remote atta ...)
 	NOT-FOR-US: TypePad
-CVE-2004-1711
+CVE-2004-1711 (Cross-site scripting (XSS) vulnerability in post.php in Moodle before  ...)
 	- moodle 1.4-1
-CVE-2004-1710
+CVE-2004-1710 (page.cgi allows remote attackers to execute arbitrary commands via she ...)
 	NOT-FOR-US: page.cgi
-CVE-2004-1709
+CVE-2004-1709 (Datakey Rainbow iKey2032 USB token, when using the CIP client package, ...)
 	NOT-FOR-US: Datakey Rainbow iKey2032 USB token
-CVE-2004-1708
+CVE-2004-1708 (Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Webbsyte
-CVE-2004-1707
+CVE-2004-1707 (The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2004-1706
+CVE-2004-1706 (The U.S. Robotics USR808054 wireless access point allows remote attack ...)
 	NOT-FOR-US: U.S. Robotics wireless access point
-CVE-2004-1705
+CVE-2004-1705 (Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers ...)
 	NOT-FOR-US: Citadel/UX
-CVE-2004-1704
+CVE-2004-1704 (WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privilege ...)
 	NOT-FOR-US: WpQuiz
-CVE-2004-1703
+CVE-2004-1703 (Fusion News 3.6.1 allows remote attackers to add user accounts, if the ...)
 	NOT-FOR-US: Fusion News
-CVE-2004-0838
+CVE-2004-0838 (Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecure ...)
 	NOT-FOR-US: Lexar Safe Guard
-CVE-2004-1702
+CVE-2004-1702 (The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2 ...)
 	- cfengine2 2.1.8-1
-CVE-2004-1701
+CVE-2004-1701 (Heap-based buffer overflow in the AuthenticationDialogue function in c ...)
 	- cfengine2 2.1.8-1
-CVE-2004-1700
+CVE-2004-1700 (Cross-site scripting (XSS) vulnerability in SettingsBase.php in Pinnac ...)
 	NOT-FOR-US: Pinnacle ShowCenter
-CVE-2004-1699
+CVE-2004-1699 (SettingsBase.php in Pinnacle ShowCenter 1.51 allows remote attackers t ...)
 	NOT-FOR-US: Pinnacle ShowCenter
-CVE-2004-1698
+CVE-2004-1698 (The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and earl ...)
 	NOT-FOR-US: PopMessenger
-CVE-2004-1697
+CVE-2004-1697 (The "Forgot your Password" link in Computer Associates (CA) Unicenter  ...)
 	NOT-FOR-US: Computer Associates Unicenter Management Portal
-CVE-2004-1696
+CVE-2004-1696 (EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to ...)
 	NOT-FOR-US: EmuLive Server4
-CVE-2004-1695
+CVE-2004-1695 (EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to ...)
 	NOT-FOR-US: EmuLive Server4
-CVE-2004-1694
+CVE-2004-1694 (Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default user ...)
 	NOT-FOR-US: Symantec
-CVE-2004-1693
+CVE-2004-1693 (PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 ( ...)
 	NOT-FOR-US: Mambo
-CVE-2004-1692
+CVE-2004-1692 (Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 (1. ...)
 	NOT-FOR-US: Mambo
-CVE-2004-1691
+CVE-2004-1691 (The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a de ...)
 	NOT-FOR-US: DNS4Me
-CVE-2004-1690
+CVE-2004-1690 (Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3 ...)
 	NOT-FOR-US: DNS4Me
-CVE-2004-1689
+CVE-2004-1689 (sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root  ...)
 	- sudo 1.6.8p3-1
-CVE-2004-1688
+CVE-2004-1688 (Pigeon Server 3.02.0143 and earlier allows remote attackers to cause a ...)
 	NOT-FOR-US: Pigeon Server
-CVE-2004-1687
+CVE-2004-1687 (CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04  ...)
 	NOT-FOR-US: Snitz Forums
-CVE-2004-1686
+CVE-2004-1686 (Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to byp ...)
 	NOT-FOR-US: MSIE
-CVE-2004-1685
+CVE-2004-1685 (SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU ru ...)
 	NOT-FOR-US: SMC router
-CVE-2004-1684
+CVE-2004-1684 (Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an A ...)
 	NOT-FOR-US: Zyxel
-CVE-2004-1683
+CVE-2004-1683 (A race condition in crrtrap for QNX RTP 6.1 allows local users to gain ...)
 	NOT-FOR-US: crrtrap
-CVE-2004-1682
+CVE-2004-1682 (Format string vulnerability in QNX 6.1 FTP client allows remote authen ...)
 	NOT-FOR-US: QNX FTP
-CVE-2004-1681
+CVE-2004-1681 (Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-in ...)
 	NOT-FOR-US: QNX
-CVE-2004-1680
+CVE-2004-1680 (application.cgi in the Pingtel Xpressa handset running firmware 2.1.11 ...)
 	NOT-FOR-US: Pingtel Xpressa
-CVE-2004-1679
+CVE-2004-1679 (Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote at ...)
 	NOT-FOR-US: TwinFTP
-CVE-2004-1678
+CVE-2004-1678 (Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remo ...)
 	NOT-FOR-US: PerlDesk
-CVE-2004-1677
+CVE-2004-1677 (pdesk.cgi in PerlDesk allows remote attackers to gain sensitive inform ...)
 	NOT-FOR-US: PerlDesk
-CVE-2004-1676
+CVE-2004-1676 (Heap-based buffer overflow in the image sending feature in Gadu-Gadu 6 ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1675
+CVE-2004-1675 (Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Serv-U FTP
-CVE-2004-1674
+CVE-2004-1674 (viewaction.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 ...)
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1673
+CVE-2004-1673 (accountsettings_add.html in Merak Mail Server 7.4.5 with Icewarp Web M ...)
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1672
+CVE-2004-1672 (attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 ...)
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1671
+CVE-2004-1671 (Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other ...)
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1670
+CVE-2004-1670 (Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 w ...)
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1669
+CVE-2004-1669 (Cross-site scripting (XSS) vulnerability in MERAK Mail Server 7.4.5 wi ...)
 	NOT-FOR-US: Merak Mail Server
-CVE-2004-1668
+CVE-2004-1668 (Multiple SQL injection vulnerabilities in index.php in Subjects 2.0 Po ...)
 	NOT-FOR-US: Subjects
-CVE-2004-1667
+CVE-2004-1667 (Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote ...)
 	NOT-FOR-US: Halo Combat Evolved
-CVE-2004-1666
+CVE-2004-1666 (Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN  ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2004-1665
+CVE-2004-1665 (Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 al ...)
 	NOT-FOR-US: PsNews
-CVE-2004-1664
+CVE-2004-1664 (Call of Duty 1.4 and earlier allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Call of Duty
-CVE-2004-1663
+CVE-2004-1663 (Engenio/LSI Logic storage controllers, as used in products such as Sto ...)
 	NOT-FOR-US: Engenio/LSI Logic storage controllers
-CVE-2004-1662
+CVE-2004-1662 (YaBB SE 1.5.1 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: YaBB
-CVE-2004-1661
+CVE-2004-1661 (MailWorks Professional allows remote attackers to bypass authenticatio ...)
 	NOT-FOR-US: MailWorks
-CVE-2004-1660
+CVE-2004-1660 (PHP remote file inclusion vulnerability in CuteNews 1.3.6 and earlier  ...)
 	NOT-FOR-US: CuteNews
-CVE-2004-1659
+CVE-2004-1659 (Cross-site scripting (XSS) vulnerability in index.php in CuteNews 1.3. ...)
 	NOT-FOR-US: CuteNews
-CVE-2004-1658
+CVE-2004-1658 (Kerio Personal Firewall 4.0 (KPF4) allows local users with administrat ...)
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2004-1657
+CVE-2004-1657 (Cross-site scripting (XSS) vulnerability in the Activity and Events Vi ...)
 	NOT-FOR-US: DasBlog
-CVE-2004-1656
+CVE-2004-1656 (CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows r ...)
 	NOT-FOR-US: Comersus Shopping Cart
-CVE-2004-1655
+CVE-2004-1655 (Cross-site scripting (XSS) vulnerability in phpWebsite 0.9.3-4 and ear ...)
 	NOT-FOR-US: phpWebsite
-CVE-2004-1654
+CVE-2004-1654 (SQL injection vulnerability in the calendar module in phpWebsite 0.9.3 ...)
 	NOT-FOR-US: phpWebsite
-CVE-2004-1653
+CVE-2004-1653 (The default configuration for OpenSSH enables AllowTcpForwarding, whic ...)
 	- openssh <not-affected> (Documented SSH protocol behaviour, cannot be "fixed")
 	NOTE: See bug #296547 for details
-CVE-2004-1652
+CVE-2004-1652 (phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if th ...)
 	NOT-FOR-US: phpScheduleIt
-CVE-2004-1651
+CVE-2004-1651 (Multiple cross-site scripting (XSS) vulnerabilities in the registratio ...)
 	NOT-FOR-US: phpScheduleIt
-CVE-2004-1650
+CVE-2004-1650 (D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP add ...)
 	NOT-FOR-US: D-Link DCS-900
-CVE-2004-1649
+CVE-2004-1649 (Buffer overflow in Microsoft Msinfo32.exe might allow local users to e ...)
 	NOT-FOR-US: Msinfo32.exe
-CVE-2004-1648
+CVE-2004-1648 (Cross-site scripting (XSS) vulnerability in (1) index.asp, (2) ChangeP ...)
 	NOT-FOR-US: Password Protect
-CVE-2004-1647
+CVE-2004-1647 (SQL injection vulnerability in Password Protect allows remote attacker ...)
 	NOT-FOR-US: Password Protect
-CVE-2004-1646
+CVE-2004-1646 (Directory traversal vulnerability in Xedus 1.0 allows remote attackers ...)
 	NOT-FOR-US: Xedus
-CVE-2004-1645
+CVE-2004-1645 (Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote at ...)
 	NOT-FOR-US: Xedus
-CVE-2004-1644
+CVE-2004-1644 (Xedus 1.0 allows remote attackers to cause a denial of service (refuse ...)
 	NOT-FOR-US: Xedus
-CVE-2004-1643
+CVE-2004-1643 (WS_FTP 5.0.2 allows remote authenticated users to cause a denial of se ...)
 	NOT-FOR-US: WS_FTP
-CVE-2004-1642
+CVE-2004-1642 (WFTPD Pro Server 3.21 allows remote authenticated users to cause a den ...)
 	NOT-FOR-US: WS_FTP
-CVE-2004-1641
+CVE-2004-1641 (Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote ...)
 	NOT-FOR-US: Titan
-CVE-2004-1640
+CVE-2004-1640 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and  ...)
 	NOT-FOR-US: XOOPS
-CVE-2004-1639
+CVE-2004-1639 (Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows re ...)
 	NOTE: This is not a real security issue; it just describes the fact that the Gecko
 	NOTE: engine of the Mozillae may be lead into a crash if you feed it with large chunks
 	NOTE: of arbitrary binary data and label it as HTML. As the parsing garbage is displayed
@@ -2364,835 +2364,835 @@ CVE-2004-1639
 	- firefox <removed> (unimportant)
 	- iceweasel <removed> (unimportant)
 	- mozilla <removed> (unimportant)
-CVE-2004-1638
+CVE-2004-1638 (Buffer overflow in MailCarrier 2.51 allows remote attackers to execute ...)
 	NOT-FOR-US: mailcarrier
-CVE-2004-1637
+CVE-2004-1637 (The Hawking Technologies HAR11A modem/router allows remote attackers t ...)
 	NOT-FOR-US: Hawking Technologies HAR11A modem/router
-CVE-2004-1636
+CVE-2004-1636 (Heap-based buffer overflow in the WvTFTPServer::new_connection functio ...)
 	NOT-FOR-US: WvTftp
-CVE-2004-1635
+CVE-2004-1635 (Bugzilla 2.17.1 through 2.18rc2 and 2.19 from cvs, when using the insi ...)
 	NOTE: does not affect older 2.16.7 in sid.
-CVE-2004-1634
+CVE-2004-1634 (show_bug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, whe ...)
 	NOTE: does not affect older 2.16.7 in sid.
-CVE-2004-1633
+CVE-2004-1633 (process_bug.cgi in Bugzilla 2.9 through 2.18rc2 and 2.19 from CVS does ...)
 	- bugzilla 2.16.7
-CVE-2004-1632
+CVE-2004-1632 (Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki 1.0.8 ...)
 	- moniwiki 1.0.9
-CVE-2004-1631
+CVE-2004-1631 (Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to conduc ...)
 	NOT-FOR-US: Open WorkFlow Engine
-CVE-2004-1630
+CVE-2004-1630 (Cross-site scripting (XSS) vulnerability in the login form in Open Wor ...)
 	NOT-FOR-US: Open WorkFlow Engine
-CVE-2004-1629
+CVE-2004-1629 (Multiple SQL injection vulnerabilities in Dwc_articles 1.6 and earlier ...)
 	NOT-FOR-US: Dwc_articles
-CVE-2004-1628
+CVE-2004-1628 (Format string vulnerability in log.c in rssh before 2.2.2 allows remot ...)
 	- rssh 2.2.2
-CVE-2004-1627
+CVE-2004-1627 (Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other ...)
 	NOT-FOR-US: ability server
-CVE-2004-1626
+CVE-2004-1626 (Buffer overflow in Ability Server 2.34, and possibly other versions, a ...)
 	NOT-FOR-US: ability server
-CVE-2004-1625
+CVE-2004-1625 (pGina 1.7.6 and possibly older versions, when the Restart or Shutdown  ...)
 	NOT-FOR-US: pGina
-CVE-2004-1624
+CVE-2004-1624 (Carbon Copy 6.0.5257 does not drop system privileges when opening exte ...)
 	NOT-FOR-US: Carbon Copy
-CVE-2004-1623
+CVE-2004-1623 (The WAV file property handler in Windows XP SP1 allows remote attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-1622
+CVE-2004-1622 (SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allow ...)
 	NOT-FOR-US: UBB.threads
 CVE-2004-1621
 	NOT-FOR-US: Lotus Notes
-CVE-2004-1620
+CVE-2004-1620 (CRLF injection vulnerability in Serendipity before 0.7rc1 allows remot ...)
 	NOT-FOR-US: Serendipity
-CVE-2004-1619
+CVE-2004-1619 (Buffer overflow in Privateer's Bounty: Age of Sail II allows remote at ...)
 	NOT-FOR-US: Privateer's Bounty: Age of Sail II
-CVE-2004-1618
+CVE-2004-1618 (Vypress Tonecast 1.3 and earlier allows remote attackers to cause a de ...)
 	NOT-FOR-US: Tonecast
-CVE-2004-1617
+CVE-2004-1617 (Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers  ...)
 	{DSA-1077-1 DSA-1076-1}
 	- lynx 2.8.5-2sarge1.2 (bug #296340; bug #384725; low)
 	- lynx-cur 2.8.6-6 (low)
 	- lynx-ssl <removed>
-CVE-2004-1616
+CVE-2004-1616 (Links allows remote attackers to cause a denial of service (memory con ...)
 	- links 0.99+1.00pre12-1 (bug #296341; low)
-CVE-2004-1615
+CVE-2004-1615 (Opera allows remote attackers to cause a denial of service (invalid me ...)
 	NOT-FOR-US: Opera
-CVE-2004-1614
+CVE-2004-1614 (Mozilla allows remote attackers to cause a denial of service (applicat ...)
 	- mozilla-firefox <not-affected> (assuming this is mozilla_die2.html, does not bother firefox 1.0+dfsg.1-6)
 	NOTE: mozilla-browser 1.7.5-1 also ok
-CVE-2004-1613
+CVE-2004-1613 (Mozilla allows remote attackers to cause a denial of service (applicat ...)
 	NOTE: example page did not bother firefox 1.0+dfsg.1-6
 	NOTE: mozilla-browser 1.7.5-1 also ok
-CVE-2004-1612
+CVE-2004-1612 (Directory traversal vulnerability in SalesLogix 6.1 allows remote atta ...)
 	NOT-FOR-US: SalesLogix
-CVE-2004-1611
+CVE-2004-1611 (SalesLogix 6.1 does not verify if a user is authenticated before perfo ...)
 	NOT-FOR-US: SalesLogix
-CVE-2004-1610
+CVE-2004-1610 (SalesLogix 6.1 uses client-specified pathnames for writing certain fil ...)
 	NOT-FOR-US: SalesLogix
-CVE-2004-1609
+CVE-2004-1609 (SalesLogix 6.1 includes usernames, passwords, and other sensitive info ...)
 	NOT-FOR-US: SalesLogix
-CVE-2004-1608
+CVE-2004-1608 (SQL injection vulnerability in SalesLogix 6.1 allows remote attackers  ...)
 	NOT-FOR-US: SalesLogix
-CVE-2004-1607
+CVE-2004-1607 (slxweb.dll in SalesLogix 6.1 allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: SalesLogix
-CVE-2004-1606
+CVE-2004-1606 (slxweb.dll in SalesLogix 6.1 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: SalesLogix
-CVE-2004-1605
+CVE-2004-1605 (SalesLogix 6.1 allows remote attackers to bypass authentication by mod ...)
 	NOT-FOR-US: SalesLogix
-CVE-2004-1604
+CVE-2004-1604 (cPanel 9.9.1-RELEASE-3 allows remote authenticated users to chmod arbi ...)
 	NOT-FOR-US: not our cpanel
-CVE-2004-1603
+CVE-2004-1603 (cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users t ...)
 	NOT-FOR-US: not our cpanel
-CVE-2004-1602
+CVE-2004-1602 (ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amo ...)
 	- proftpd 1.2.10-4
-CVE-2004-1601
+CVE-2004-1601 (Directory traversal vulnerability in index.php in CoolPHP 1.0-stable a ...)
 	NOT-FOR-US: coolphp
-CVE-2004-1600
+CVE-2004-1600 (index.php in CoolPHP 1.0-stable allows remote attackers to gain sensit ...)
 	NOT-FOR-US: CoolPHP
-CVE-2004-1599
+CVE-2004-1599 (Cross-site scripting (XSS) vulnerability in index.php in CoolPHP 1.0-s ...)
 	NOT-FOR-US: CoolPHP
-CVE-2004-1598
+CVE-2004-1598 (Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read ar ...)
 	NOT-FOR-US: Acrobat
-CVE-2004-1597
+CVE-2004-1597 (RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote at ...)
 	NOT-FOR-US: RIM Blackberry
-CVE-2004-1596
+CVE-2004-1596 (The 3COM Wireless router 3CRADSL72 running Boot Code 1.3d allows remot ...)
 	NOT-FOR-US: 3COM router
-CVE-2004-1595
+CVE-2004-1595 (Buffer overflow in ShixxNote 6.net build 117 allows remote attackers t ...)
 	NOT-FOR-US: ShixxNote
-CVE-2004-1594
+CVE-2004-1594 (Cross-site scripting (XSS) vulnerability in FuseTalk 4.0 allows remote ...)
 	NOT-FOR-US: FuseTalk
-CVE-2004-1593
+CVE-2004-1593 (Cross-site scripting (XSS) vulnerability in render.UserLayoutRootNode. ...)
 	NOT-FOR-US: SCT email client
-CVE-2004-1592
+CVE-2004-1592 (PHP remote file inclusion vulnerability in index.php in ocPortal 1.0.3 ...)
 	- ocportal <itp> (bug #625865)
-CVE-2004-1591
+CVE-2004-1591 (The web interface for Micronet Wireless Broadband Router SP916BM runni ...)
 	NOT-FOR-US: Micronet Wireless Router
-CVE-2004-1590
+CVE-2004-1590 (Clientexec allows remote attackers to gain sensitive information via a ...)
 	NOT-FOR-US: clientexec
-CVE-2004-1589
+CVE-2004-1589 (Cross-site scripting (XSS) vulnerability in GoSmart Message Board allo ...)
 	NOT-FOR-US: GoSmart
-CVE-2004-1588
+CVE-2004-1588 (SQL injection vulnerability in GoSmart Message Board allows remote att ...)
 	NOT-FOR-US: GoSmart
-CVE-2004-1587
+CVE-2004-1587 (Buffer overflow in Monolith games including (1) Alien versus Predator  ...)
 	NOT-FOR-US: Monolith Games
-CVE-2004-1586
+CVE-2004-1586 (Flash Messaging clients can ignore disconnecting commands such as "shu ...)
 	NOT-FOR-US: Flash Messaging
-CVE-2004-1585
+CVE-2004-1585 (Flash Messaging 5.2.0g (rev 1.1.2) and earlier allows remote attackers ...)
 	NOT-FOR-US: Flash Messaging
-CVE-2004-1584
+CVE-2004-1584 (CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows r ...)
 	- wordpress 1.2.1-1.1
-CVE-2004-1583
+CVE-2004-1583 (Directory traversal vulnerability in the FTP server in TriDComm 1.3 an ...)
 	NOT-FOR-US: FTP server in TriDComm
-CVE-2004-1582
+CVE-2004-1582 (PHP remote file inclusion vulnerability in BlackBoard 1.5.1 allows rem ...)
 	NOT-FOR-US: BlackBoard
-CVE-2004-1581
+CVE-2004-1581 (BlackBoard 1.5.1 allows remote attackers to gain sensitive information ...)
 	NOT-FOR-US: BlackBoard
-CVE-2004-1580
+CVE-2004-1580 (SQL injection vulnerability in index.php in CubeCart 2.0.1 allows remo ...)
 	NOT-FOR-US: CubeCart
-CVE-2004-1579
+CVE-2004-1579 (index.php in CubeCart 2.0.1 allows remote attackers to gain sensitive  ...)
 	NOT-FOR-US: CubeCart
-CVE-2004-1578
+CVE-2004-1578 (Cross-site scripting (XSS) vulnerability in index.php in Invision Powe ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2004-1577
+CVE-2004-1577 (index.php in PHP Links allows remote attackers to gain sensitive infor ...)
 	NOT-FOR-US: phplinks
-CVE-2004-1576
+CVE-2004-1576 (Format string vulnerability in Judge Dredd: Dredd vs. Death 1.01 and e ...)
 	NOT-FOR-US: Judge Dredd
-CVE-2004-1575
+CVE-2004-1575 (The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a  ...)
 	- xerces25 2.5.0-4
 	- xerces24 2.4.0-4
 	- xerces23 <not-affected> (not affected, see bug #296432)
 	- xerces21 <not-affected> (not affected, see bug #296466)
-CVE-2004-1574
+CVE-2004-1574 (Buffer overflow in Vypress Messenger 3.5.1 and earlier allows remote a ...)
 	NOT-FOR-US: Vypress
-CVE-2004-1573
+CVE-2004-1573 (The documentation for AJ-Fork 167 implies that users should set permis ...)
 	NOT-FOR-US: AJ-Fork
-CVE-2004-1572
+CVE-2004-1572 (AJ-Fork 167 does not restrict access to directories such as (1) data,  ...)
 	NOT-FOR-US: AJ-Fork
-CVE-2004-1571
+CVE-2004-1571 (AJ-Fork 167 allows remote attackers to gain sensitive information via  ...)
 	NOT-FOR-US: AJ-Fork
-CVE-2004-1570
+CVE-2004-1570 (SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote att ...)
 	NOT-FOR-US: bBlog
-CVE-2004-1569
+CVE-2004-1569 (Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) a ...)
 	NOT-FOR-US: dbPowerAmp
-CVE-2004-1568
+CVE-2004-1568 (Directory traversal vulnerability in ParaChat Server 5.5 allows remote ...)
 	NOT-FOR-US: Parachat
-CVE-2004-1567
+CVE-2004-1567 (profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers ...)
 	NOT-FOR-US: Silent Storm Portal
-CVE-2004-1566
+CVE-2004-1566 (Cross-site scripting (XSS) vulnerability in index.php in Silent Storm  ...)
 	NOT-FOR-US: Silent Storm Portal
-CVE-2004-1565
+CVE-2004-1565 (list.php in w-Agora 4.1.6a allows remote attackers to reveal the full  ...)
 	NOT-FOR-US: w-Agora
-CVE-2004-1564
+CVE-2004-1564 (CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a ...)
 	NOT-FOR-US: w-Agora
-CVE-2004-1563
+CVE-2004-1563 (Multiple cross-site scripting (XSS) vulnerabilities in w-Agora 4.1.6a  ...)
 	NOT-FOR-US: w-Agora
-CVE-2004-1562
+CVE-2004-1562 (SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows  ...)
 	NOT-FOR-US: w-Agora
-CVE-2004-1561
+CVE-2004-1561 (Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers t ...)
 	- icecast2 2.0.2.debian-1
-CVE-2004-1560
+CVE-2004-1560 (Microsoft SQL Server 7.0 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2004-1559
+CVE-2004-1559 (Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 a ...)
 	- wordpress 1.2.2-1.1
-CVE-2004-1558
+CVE-2004-1558 (Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 th ...)
 	NOT-FOR-US: YahooPOPS
-CVE-2004-1557
+CVE-2004-1557 (MyWebServer 1.0.3 allows remote attackers to bypass authentication, mo ...)
 	NOT-FOR-US: MyWebServer
-CVE-2004-1556
+CVE-2004-1556 (MyWebServer 1.0.3 allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: MyWebServer
-CVE-2004-1555
+CVE-2004-1555 (Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Messa ...)
 	NOT-FOR-US: BroadBoard Instant ASP Message Board
-CVE-2004-1554
+CVE-2004-1554 (PHP remote file inclusion vulnerability in livre_include.php in @lex G ...)
 	NOT-FOR-US: @lex GuestBook
-CVE-2004-1553
+CVE-2004-1553 (SQL injection vulnerability in aspWebAlbum allows remote attackers to  ...)
 	NOT-FOR-US: aspWebAlbum
-CVE-2004-1552
+CVE-2004-1552 (SQL injection vulnerability in aspWebCalendar allows remote attackers  ...)
 	NOT-FOR-US: aspWebCalendar
-CVE-2004-1551
+CVE-2004-1551 (Cross-site scripting (XSS) vulnerability in the (1) email or (2) file  ...)
 	NOT-FOR-US: PafileDB
-CVE-2004-1550
+CVE-2004-1550 (Motorola Wireless Router WR850G running firmware 4.03 allows remote at ...)
 	NOT-FOR-US: Motorola Router
-CVE-2004-1549
+CVE-2004-1549 (The conference menu in ActivePost Standard 3.1 sends passwords of pass ...)
 	NOT-FOR-US: ActivePost
-CVE-2004-1548
+CVE-2004-1548 (Directory traversal vulnerability in the file server in ActivePost Sta ...)
 	NOT-FOR-US: ActivePost
-CVE-2004-1547
+CVE-2004-1547 (The file server in ActivePost Standard 3.1 and earlier allows remote a ...)
 	NOT-FOR-US: ActivePost
-CVE-2004-1546
+CVE-2004-1546 (Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to c ...)
 	NOT-FOR-US: MDaemon
-CVE-2004-1545
+CVE-2004-1545 (UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache  ...)
 	- moniwiki 1.0.9-4
-CVE-2004-1544
+CVE-2004-1544 (Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1. ...)
 	- jspwiki 2.0.52-8
-CVE-2004-1543
+CVE-2004-1543 (Directory traversal vulnerability in viewimg.php in KorWeblog 1.6.2-cv ...)
 	NOT-FOR-US: KorWeblog
-CVE-2004-1542
+CVE-2004-1542 (Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows  ...)
 	NOT-FOR-US: Soldier of Fortune
-CVE-2004-1541
+CVE-2004-1541 (SecureCRT 4.0, 4.1, and possibly other versions, allows remote attacke ...)
 	NOT-FOR-US: SecureCRT
-CVE-2004-1540
+CVE-2004-1540 (ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versio ...)
 	NOT-FOR-US: ZyXEL Routers
-CVE-2004-1539
+CVE-2004-1539 (Halo: Combat Evolved 1.05 and earlier allows remote game servers to ca ...)
 	NOT-FOR-US: Halo: Combat Evolved
-CVE-2004-1538
+CVE-2004-1538 (SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1. ...)
 	NOT-FOR-US: PHPKIT
-CVE-2004-1537
+CVE-2004-1537 (Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 ...)
 	NOT-FOR-US: PHPKIT
-CVE-2004-1536
+CVE-2004-1536 (SQL injection vulnerability in index.php in the ibProArcade module for ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2004-1535
+CVE-2004-1535 (PHP remote file inclusion vulnerability in admin_cash.php for the Cash ...)
 	NOT-FOR-US: Cash Mod module of phpbb2
-CVE-2004-1534
+CVE-2004-1534 (ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled,  ...)
 	NOT-FOR-US: ZoneAlarm
-CVE-2004-1533
+CVE-2004-1533 (Buffer overflow in pop3svr.exe for DMS POP3 1.5.3.27 and earlier allow ...)
 	NOT-FOR-US: DMS POP3
-CVE-2004-1532
+CVE-2004-1532 (AppServ 2.5.x and earlier installs a default username and password, wh ...)
 	NOT-FOR-US: AppServ
-CVE-2004-1531
+CVE-2004-1531 (SQL injection vulnerability in post.php in Invision Power Board (IPB)  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2004-1530
+CVE-2004-1530 (SQL injection vulnerability in the Event Calendar module 2.13 for PHP- ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-1529
+CVE-2004-1529 (Cross-site scripting (XSS) vulnerability in the Event Calendar module  ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-1528
+CVE-2004-1528 (The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2004-1527
+CVE-2004-1527 (Microsoft Internet Explorer 6.0 SP1 does not properly handle certain c ...)
 	NOT-FOR-US: MSIE
-CVE-2004-1526
+CVE-2004-1526 (Hired Team: Trial 2.0 and earlier and 2.200 does not limit how game pl ...)
 	NOT-FOR-US: Hired Team
-CVE-2004-1525
+CVE-2004-1525 (Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to ...)
 	NOT-FOR-US: Hired Team
-CVE-2004-1524
+CVE-2004-1524 (Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to ...)
 	NOT-FOR-US: Hired Team
-CVE-2004-1523
+CVE-2004-1523 (Format string vulnerability in the game console in Hired Team: Trial 2 ...)
 	NOT-FOR-US: Hired Team
-CVE-2004-1522
+CVE-2004-1522 (Format string vulnerability in Army Men RTS 1.0 allows remote attacker ...)
 	NOT-FOR-US: Army Men RTS
-CVE-2004-1521
+CVE-2004-1521 (Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mai ...)
 	NOT-FOR-US: Eudora
-CVE-2004-1520
+CVE-2004-1520 (Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authe ...)
 	NOT-FOR-US: IPSwitch IMail
-CVE-2004-1519
+CVE-2004-1519 (SQL injection vulnerability in bug.php in phpBugTracker 0.9.1 allows r ...)
 	NOT-FOR-US: phpBugTracker
-CVE-2004-1518
+CVE-2004-1518 (SQL injection vulnerability in follow.php in Phorum 5.0.12 and earlier ...)
 	NOT-FOR-US: Phorum
-CVE-2004-1517
+CVE-2004-1517 (Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers  ...)
 	NOT-FOR-US: Zone Labs IMsecure
-CVE-2004-1516
+CVE-2004-1516 (CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows ...)
 	NOT-FOR-US: phpWebSite
-CVE-2004-1515
+CVE-2004-1515 (SQL injection vulnerability in (1) ttlast.php and (2) last10.php in vB ...)
 	NOT-FOR-US: vBulletin
-CVE-2004-1514
+CVE-2004-1514 (04WebServer 1.42 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: 04Webserver
-CVE-2004-1513
+CVE-2004-1513 (04WebServer 1.42 does not adequately filter data that is written to lo ...)
 	NOT-FOR-US: 04Webserver
-CVE-2004-1512
+CVE-2004-1512 (Cross-site scripting (XSS) vulnerability in Response_default.html in 0 ...)
 	NOT-FOR-US: 04Webserver
-CVE-2004-1511
+CVE-2004-1511 (Hotfoon 4.0 does not notify users before opening links in web browsers ...)
 	NOT-FOR-US: Hotfoon
-CVE-2004-1510
+CVE-2004-1510 (WebCalendar allows remote attackers to gain privileges by modifying cr ...)
 	- webcalendar 0.9.45-1
-CVE-2004-1509
+CVE-2004-1509 (validate.php in WebCalendar allows remote attackers to gain sensitive  ...)
 	- webcalendar 0.9.45-1
-CVE-2004-1508
+CVE-2004-1508 (init.php in WebCalendar allows remote attackers to execute arbitrary l ...)
 	- webcalendar 0.9.45-1
-CVE-2004-1507
+CVE-2004-1507 (CRLF injection vulnerability in login.php in WebCalendar allows remote ...)
 	- webcalendar 0.9.45-1
-CVE-2004-1506
+CVE-2004-1506 (Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar all ...)
 	- webcalendar 0.9.45-1
-CVE-2004-1505
+CVE-2004-1505 (Directory traversal vulnerability in index.php in Just Another Flat fi ...)
 	NOT-FOR-US: JAF
-CVE-2004-1504
+CVE-2004-1504 (The displaycontent function in config.php for Just Another Flat file ( ...)
 	NOT-FOR-US: JAF
-CVE-2004-1503
+CVE-2004-1503 (Integer overflow in the InitialDirContext in Java Runtime Environment  ...)
 	NOT-FOR-US: Sun JRE
-CVE-2004-1502
+CVE-2004-1502 (The Telnet proxy in 602 Lan Suite 2004.0.04.0909 and earlier allows re ...)
 	NOT-FOR-US: 602 Lan Suite
-CVE-2004-1501
+CVE-2004-1501 (The webmail service in 602 Lan Suite 2004.0.04.0909 and earlier allows ...)
 	NOT-FOR-US: 602 Lan Suite
-CVE-2004-1500
+CVE-2004-1500 (Format string vulnerability in the Lithtech engine, as used in multipl ...)
 	NOT-FOR-US: Lithtech
-CVE-2004-1499
+CVE-2004-1499 (Cross-site scripting (XSS) vulnerability in the compose message form i ...)
 	NOT-FOR-US: HELM
-CVE-2004-1498
+CVE-2004-1498 (SQL injection vulnerability in the compose message form in HELM 3.1.19 ...)
 	NOT-FOR-US: HELM
-CVE-2004-1497
+CVE-2004-1497 (Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext ...)
 	NOT-FOR-US: Web Forums Server
-CVE-2004-1496
+CVE-2004-1496 (Directory traversal vulnerability in Web Forums Server 1.6 and 2.0 Pow ...)
 	NOT-FOR-US: Web Forums Server
-CVE-2004-1495
+CVE-2004-1495 (The Repair Archive command in WinRAR 3.40 allows remote attackers to c ...)
 	NOT-FOR-US: WinRAR
-CVE-2004-1494
+CVE-2004-1494 (Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005  ...)
 	NOT-FOR-US: XDICT
-CVE-2004-1493
+CVE-2004-1493 (Master of Orion III 1.2.5 and earlier allows remote attackers to cause ...)
 	NOT-FOR-US: Master of Orion
-CVE-2004-1492
+CVE-2004-1492 (Master of Orion III 1.2.5 and earlier allows remote attackers to cause ...)
 	NOT-FOR-US: Master of Orion
-CVE-2004-1491
+CVE-2004-1491 (Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME type ...)
 	NOT-FOR-US: Opera
-CVE-2004-1490
+CVE-2004-1490 (Opera 7.54 and earlier allows remote attackers to spoof file types in  ...)
 	NOT-FOR-US: Opera
-CVE-2004-1489
+CVE-2004-1489 (Opera 7.54 and earlier does not properly limit an applet's access to i ...)
 	NOT-FOR-US: Opera
-CVE-2004-1488
+CVE-2004-1488 (wget 1.8.x and 1.9.x does not filter or quote control characters when  ...)
 	- wget 1.9.1-11
-CVE-2004-1487
+CVE-2004-1487 (wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite ...)
 	- wget 1.9.1-11
 CVE-2004-9999
 	REJECTED
 CVE-2004-9998
 	REJECTED
-CVE-2004-1486
+CVE-2004-1486 (Unknown vulnerability in Serviceguard A.11.13 through A.11.16.00 and C ...)
 	NOT-FOR-US: Serviceguard and Cluster Object Manager on HP-UX, HP Linux
-CVE-2004-1485
+CVE-2004-1485 (Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote ma ...)
 	- inetutils <not-affected> (inetutils 2:1.4.2+20040207-4; not vulnerable and its tftpd is not shipped)
 	- atftp <not-affected> (atftp checks h_length)
 	- netkit-tftp <not-affected> (netkit-tftp not vulnerable)
 	- tftp-hpa <not-affected> (bug #295297; not exploitable)
 	NOTE: The address length comes from libc, not the network.
-CVE-2004-1484
+CVE-2004-1484 (Format string vulnerability in the _msg function in error.c in socat 1 ...)
 	- socat 1.4.0.3-1
-CVE-2004-1483
+CVE-2004-1483 (Multiple unknown vulnerabilities in the ActiveX and HTML file browsers ...)
 	NOT-FOR-US: Symantec Clientless VPN Gateway 4400 Series
-CVE-2004-1482
+CVE-2004-1482 (The sbuf_getmsg function in BNC incorrectly handles backspace characte ...)
 	NOT-FOR-US: BNC irc proxy
-CVE-2004-1481
+CVE-2004-1481 (Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12. ...)
 	NOT-FOR-US: Real
-CVE-2004-1480
+CVE-2004-1480 (Unknown vulnerability in the management station in HP StorageWorks Com ...)
 	NOT-FOR-US: HP StorageWorks Command View XP
 CVE-2004-1479
 	REJECTED
-CVE-2004-1478
+CVE-2004-1478 (JRun 4.0 does not properly generate and handle the JSESSIONID, which a ...)
 	NOT-FOR-US: JRun
-CVE-2004-1477
+CVE-2004-1477 (Cross-site scripting (XSS) vulnerability in the Management Console in  ...)
 	NOT-FOR-US: JRun
-CVE-2004-1476
+CVE-2004-1476 (Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc ...)
 	- xine-lib 1-rc6
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
 	- libcdio 0.69
-CVE-2004-1475
+CVE-2004-1475 (Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5  ...)
 	- xine-lib 1-rc6
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
-CVE-2004-1474
+CVE-2004-1474 (Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running ...)
 	NOT-FOR-US: Symantec Enterprise Firewall/VPN Appliances
-CVE-2004-1473
+CVE-2004-1473 (Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running ...)
 	NOT-FOR-US: Symantec Enterprise Firewall/VPN Appliances
-CVE-2004-1472
+CVE-2004-1472 (Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running ...)
 	NOT-FOR-US: Symantec Enterprise Firewall/VPN Appliances
-CVE-2004-1471
+CVE-2004-1471 (Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, ...)
 	- cvs 1:1.12.9
-CVE-2004-1470
+CVE-2004-1470 (CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions be ...)
 	NOT-FOR-US: snipsnap
-CVE-2004-1469
+CVE-2004-1469 (Format string vulnerability in the log function in SUS 2.0.2, and othe ...)
 	NOT-FOR-US: SUS
-CVE-2004-1468
+CVE-2004-1468 (The web mail functionality in Usermin 1.x and Webmin 1.x allows remote ...)
 	- webmin 1.160
 	- usermin 1.090
-CVE-2004-1467
+CVE-2004-1467 (Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare 1.0. ...)
 	- egroupware 1.0.00.004
-CVE-2004-1466
+CVE-2004-1466 (The set_time_limit function in Gallery before 1.4.4_p2 deletes non-ima ...)
 	- gallery 1.4.4-pl2
-CVE-2004-1465
+CVE-2004-1465 (Multiple buffer overflows in WinZip 9.0 and earlier may allow attacker ...)
 	NOT-FOR-US: WinZip
-CVE-2004-1464
+CVE-2004-1464 (Cisco IOS 12.2(15) and earlier allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1463
+CVE-2004-1463 (Unknown vulnerability in the PageEditor in MoinMoin 1.2.2 and earlier, ...)
 	- moin 1.2.3-1
-CVE-2004-1462
+CVE-2004-1462 (Unknown vulnerability in MoinMoin 1.2.2 and earlier allows remote atta ...)
 	- moin 1.2.3-1
-CVE-2004-1461
+CVE-2004-1461 (Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a s ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1460
+CVE-2004-1460 (Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when conf ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1459
+CVE-2004-1459 (Cisco Secure Access Control Server (ACS) 3.2, when configured as a Lig ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1458
+CVE-2004-1458 (The CSAdmin web administration interface for Cisco Secure Access Contr ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1457
+CVE-2004-1457 (The Virtual Private Network (VPN) capability in Novell Bordermanager 3 ...)
 	NOT-FOR-US: Novell
-CVE-2004-1456
+CVE-2004-1456 (filediff in CVStrac allows remote attackers to execute arbitrary comma ...)
 	- cvstrac 1.1.4-1
-CVE-2004-1455
+CVE-2004-1455 (Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and e ...)
 	- xine-lib 1-rc5-1.1
 	- vlc <not-affected> (vulnerable component of xine-lib code copy not present)
-CVE-2004-1454
+CVE-2004-1454 (Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF)  ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1453
+CVE-2004-1453 (GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, an ...)
 	- glibc 2.3.5 (bug #272210; unimportant)
 	NOTE: according to GOTO Masanori this is not a security problem
 	NOTE: Jakub Jelinek confirms http://sources.redhat.com/ml/libc-hacker/2004-08/msg00059.html
 	NOTE: Although not a real issue we should play safe with 2.3.5, where the code
 	NOTE: was reorganized
-CVE-2004-1452
+CVE-2004-1452 (Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions o ...)
 	NOT-FOR-US: Gentoo specific
-CVE-2004-1451
+CVE-2004-1451 (Mozilla before 1.6 does not display the entire URL in the status bar w ...)
 	- mozilla 2:1.6-1
-CVE-2004-1450
+CVE-2004-1450 (Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote ...)
 	- mozilla 2:1.7.1-1
-CVE-2004-1449
+CVE-2004-1449 (Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 all ...)
 	- mozilla 2:1.7-1
-CVE-2004-1448
+CVE-2004-1448 (Jetbox One 2.0.8 and possibly other versions allow remote attackers wi ...)
 	NOT-FOR-US: Jetbox One
-CVE-2004-1447
+CVE-2004-1447 (Jetbox One 2.0.8 and possibly other versions stores passwords in the d ...)
 	NOT-FOR-US: Jetbox One
-CVE-2004-1446
+CVE-2004-1446 (Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewa ...)
 	NOT-FOR-US: ScreenOS
-CVE-2004-1445
+CVE-2004-1445 (A race condition in nessus-adduser in Nessus 2.0.11 and possibly earli ...)
 	- nessus-core 2.0.12-1
-CVE-2004-1444
+CVE-2004-1444 (Directory traversal vulnerability in Roundup 0.6.4 and earlier allows  ...)
 	- roundup 0.7.3-1
-CVE-2004-1443
+CVE-2004-1443 (Cross-site scripting (XSS) vulnerability in the inline MIME viewer in  ...)
 	- imp3 3.2.5-1
-CVE-2004-1442
+CVE-2004-1442 (Cross-site scripting (XSS) vulnerability in db2www CGI interpreter in  ...)
 	NOT-FOR-US: db2www
-CVE-2004-1441
+CVE-2004-1441 (Cross-site scripting (XSS) vulnerability in icq.cgi in Board Power 2.0 ...)
 	NOT-FOR-US: Board Power
-CVE-2004-1440
+CVE-2004-1440 (Multiple heap-based buffer overflows in the modpow function in PuTTY b ...)
 	- putty 0.56-1
-CVE-2004-1439
+CVE-2004-1439 (Buffer overflow in BlackJumboDog 3.x allows remote attackers to execut ...)
 	NOT-FOR-US: BlackJumboDog
-CVE-2004-1438
+CVE-2004-1438 (The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier al ...)
 	- subversion 1.0.6-1
-CVE-2004-1437
+CVE-2004-1437 (Multiple buffer overflows in the digest authentication functionality i ...)
 	- pavuk 0.9pl28-3.1
-CVE-2004-1436
+CVE-2004-1436 (The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4. ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1435
+CVE-2004-1435 (Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, in ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1434
+CVE-2004-1434 (Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, in ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1433
+CVE-2004-1433 (Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, in ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1432
+CVE-2004-1432 (Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, in ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1431
+CVE-2004-1431 (FormMail.php 5.0, and possibly other versions, allows remote attackers ...)
 	NOT-FOR-US: FormMail.php != nms-formmail
-CVE-2004-1430
+CVE-2004-1430 (SQL injection vulnerability in the show_stats module in Arcade.php in  ...)
 	NOT-FOR-US: Arcade.php
-CVE-2004-1429
+CVE-2004-1429 (ArGoSoft FTP 1.4.2.4 and earlier does not limit the number of times th ...)
 	NOT-FOR-US: ArGoSoft
-CVE-2004-1428
+CVE-2004-1428 (ArGoSoft FTP before 1.4.2.1 generates an error message if the user nam ...)
 	NOT-FOR-US: ArGoSoft
-CVE-2004-1427
+CVE-2004-1427 (PHP remote file inclusion vulnerability in main.inc in KorWeblog 1.6.2 ...)
 	NOT-FOR-US: KorWeblog
-CVE-2004-1426
+CVE-2004-1426 (Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs  ...)
 	NOT-FOR-US: KorWeblog
-CVE-2004-1425
+CVE-2004-1425 (Directory traversal vulnerability in file.php in Moodle 1.4.2 and earl ...)
 	- moodle 1.4.3-1
-CVE-2004-1424
+CVE-2004-1424 (Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 a ...)
 	- moodle 1.4.3-1
-CVE-2004-1423
+CVE-2004-1423 (Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP ...)
 	NOT-FOR-US: PHP-Calendar
-CVE-2004-1422
+CVE-2004-1422 (WHM AutoPilot 2.4.6.5 and earlier allows remote attackers to gain sens ...)
 	NOT-FOR-US: WHM AutoPilot
-CVE-2004-1421
+CVE-2004-1421 (Multiple PHP remote file inclusion vulnerabilities (1) step_one.php, ( ...)
 	NOT-FOR-US: WHM AutoPilot
-CVE-2004-1420
+CVE-2004-1420 (Multiple cross-site scripting (XSS) vulnerabilities in header.php in W ...)
 	NOT-FOR-US: WHM AutoPilot
-CVE-2004-1419
+CVE-2004-1419 (PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlie ...)
 	NOT-FOR-US: ZeroBoard
-CVE-2004-1418
+CVE-2004-1418 (Cross-site scripting (XSS) vulnerability in WPKontakt 3.0.1 and earlie ...)
 	NOT-FOR-US: WPKontakt
-CVE-2004-1417
+CVE-2004-1417 (Cross-site scripting (XSS) vulnerability in login.php in PsychoStats 2 ...)
 	NOT-FOR-US: PsychoStats
-CVE-2004-1416
+CVE-2004-1416 (pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as us ...)
 	NOT-FOR-US: RealOne IE plugin
-CVE-2004-1415
+CVE-2004-1415 (SQL injection vulnerability in (1) disp_album.php and possibly (2) dis ...)
 	NOT-FOR-US: 2Bgal
-CVE-2004-1414
+CVE-2004-1414 (Gadu-Gadu 6.1 build 156 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1413
+CVE-2004-1413 (Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow re ...)
 	NOT-FOR-US: Kayako
-CVE-2004-1412
+CVE-2004-1412 (Cross-site scripting (XSS) vulnerability in index.php in Kayako eSuppo ...)
 	NOT-FOR-US: Kayako
-CVE-2004-1411
+CVE-2004-1411 (Gadu-Gadu build 155 and earlier allows remote attackers to cause a den ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1410
+CVE-2004-1410 (Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and ea ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1409
+CVE-2004-1409 (Multiple cross-site scripting vulnerabilities in Image Gallery Web App ...)
 	NOT-FOR-US: Image Gallery Web Application
-CVE-2004-1408
+CVE-2004-1408 (The addImage method for admin.class.php in Image Gallery Web Applicati ...)
 	NOT-FOR-US: Image Gallery Web Application
-CVE-2004-1407
+CVE-2004-1407 (Multiple directory traversal vulnerabilities in singapore Image Galler ...)
 	NOT-FOR-US: Image Gallery Web Application
-CVE-2004-1406
+CVE-2004-1406 (SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 throug ...)
 	NOT-FOR-US: Ikonboard
-CVE-2004-1405
+CVE-2004-1405 (MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not  ...)
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2004-1404
+CVE-2004-1404 (Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime ...)
 	NOT-FOR-US: Attachment Mod for phpBB
-CVE-2004-1403
+CVE-2004-1403 (PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39  ...)
 	NOT-FOR-US: GNUBoard
-CVE-2004-1402
+CVE-2004-1402 (SQL injection vulnerability in iWebNegar allows remote attackers to ex ...)
 	NOT-FOR-US: iWebNegar
-CVE-2004-1401
+CVE-2004-1401 (SQL injection vulnerability in verify.asp in Asp-rider allows remote a ...)
 	NOT-FOR-US: Asp-rider
-CVE-2004-1400
+CVE-2004-1400 (The control panel in ASP Calendar does not require authentication to a ...)
 	NOT-FOR-US: ASP Calendar
-CVE-2004-1399
+CVE-2004-1399 (Directory traversal vulnerability in the Attachment module 2.3.10 and  ...)
 	NOT-FOR-US: Attachment Mod for phpBB
-CVE-2004-1398
+CVE-2004-1398 (Format string vulnerability in prelink.c in kextload in Apple OS X, as ...)
 	NOT-FOR-US: MacOSX
-CVE-2004-1397
+CVE-2004-1397 (Cross-site scripting (XSS) vulnerability in UseModWiki 1.0 allows remo ...)
 	- usemod-wiki 1.0-6
-CVE-2004-1396
+CVE-2004-1396 (Winamp 5.07 and possibly other versions, allows remote attackers to ca ...)
 	NOT-FOR-US: Winamp
-CVE-2004-1395
+CVE-2004-1395 (The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) ...)
 	NOT-FOR-US: Lithtech engine
-CVE-2004-1394
+CVE-2004-1394 (The pfexec function for Sun Solaris 8 and 9 does not properly handle w ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1393
+CVE-2004-1393 (Unknown vulnerability in the tcsetattr function for Sun Solaris for SP ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1392
+CVE-2004-1392 (PHP 4.0 with cURL functions allows remote attackers to bypass the open ...)
 	- php4 4:4.3.10-3
-CVE-2004-1391
+CVE-2004-1391 (Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in ...)
 	NOT-FOR-US: PPPoE daemon (PPPoEd) in QNX RTP
-CVE-2004-1390
+CVE-2004-1390 (Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1  ...)
 	NOT-FOR-US: PPPoE daemon (PPPoEd) in QNX RTP
-CVE-2004-1389
+CVE-2004-1389 (Unknown vulnerability in the Veritas NetBackup Administrative Assistan ...)
 	NOT-FOR-US: Veritas NetBackup Administrative Assistant
-CVE-2004-1388
+CVE-2004-1388 (Format string vulnerability in the gpsd_report function for BerliOS GP ...)
 	- gpsd 2.7-4
-CVE-2004-1387
+CVE-2004-1387 (The check_forensic script in apache-utils package 1.3.31 allows local  ...)
 	- apache 1.3.33-3
-CVE-2004-1386
+CVE-2004-1386 (TikiWiki before 1.8.4.1 does not properly verify uploaded images, whic ...)
 	NOT-FOR-US: TikiWiki
-CVE-2004-1385
+CVE-2004-1385 (phpGroupWare 0.9.16.003 and earlier allows remote attackers to gain se ...)
 	- phpgroupware 0.9.16.005-1 (unimportant)
 	NOTE: path disclosure only, path is known on Debian anyway
-CVE-2004-1384
+CVE-2004-1384 (Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0. ...)
 	- phpgroupware 0.9.16.005-1
-CVE-2004-1383
+CVE-2004-1383 (Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and  ...)
 	- phpgroupware 0.9.16.005-1
-CVE-2004-1382
+CVE-2004-1382 (The glibcbug script in glibc 2.3.4 and earlier allows local users to o ...)
 	- glibc 2.3.2.ds1-19
-CVE-2004-1381
+CVE-2004-1381 (Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background ...)
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2004-1380
+CVE-2004-1380 (Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (backgroun ...)
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2004-1379
+CVE-2004-1379 (Heap-based buffer overflow in the DVD subpicture decoder in xine xine- ...)
 	{DSA-657-1}
 	- xine-lib 1-rc6a-1
-CVE-2004-1378
+CVE-2004-1378 (The expat XML parser code, as used in the open source Jabber (jabberd) ...)
 	- jabber 1.4.3-3 (unimportant)
 	NOTE: We do not ship jadc2s.
-CVE-2004-1377
+CVE-2004-1377 (The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) script ...)
 	- a2ps 1:4.13b-4.3 (bug #286387; bug #286385)
-CVE-2004-1376
+CVE-2004-1376 (Directory traversal vulnerability in Microsoft Internet Explorer 5.01, ...)
 	NOT-FOR-US: MSIE
-CVE-2004-1375
+CVE-2004-1375 (Unknown vulnerability in System Administration Manager (SAM) in HP-UX  ...)
 	NOT-FOR-US: HP-UX
-CVE-2004-1374
+CVE-2004-1374 (Multiple buffer overflows in NetBSD kernel may allow local users to ex ...)
 	NOT-FOR-US: NetBSD
-CVE-2004-1373
+CVE-2004-1373 (Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers ...)
 	NOT-FOR-US: Shoutcast
-CVE-2004-1372
+CVE-2004-1372 (Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow loc ...)
 	NOT-FOR-US: IBM DB2
-CVE-2004-1371
+CVE-2004-1371 (Stack-based buffer overflow in Oracle 9i and 10g allows remote attacke ...)
 	NOT-FOR-US: Oracle
-CVE-2004-1370
+CVE-2004-1370 (Multiple SQL injection vulnerabilities in PL/SQL procedures that run w ...)
 	NOT-FOR-US: Oracle
-CVE-2004-1369
+CVE-2004-1369 (The TNS Listener in Oracle 10g allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Oracle
-CVE-2004-1368
+CVE-2004-1368 (ISQL*Plus in Oracle 10g Application Server allows remote attackers to  ...)
 	NOT-FOR-US: Oracle
-CVE-2004-1367
+CVE-2004-1367 (Oracle 10g Database Server, when installed with a password that contai ...)
 	NOT-FOR-US: Oracle
-CVE-2004-1366
+CVE-2004-1366 (Oracle 10g Database Server stores the password for the SYSMAN account  ...)
 	NOT-FOR-US: Oracle
-CVE-2004-1365
+CVE-2004-1365 (Extproc in Oracle 9i and 10g does not require authentication to load a ...)
 	NOT-FOR-US: Oracle
-CVE-2004-1364
+CVE-2004-1364 (Directory traversal vulnerability in extproc in Oracle 9i and 10g allo ...)
 	NOT-FOR-US: Oracle
-CVE-2004-1363
+CVE-2004-1363 (Buffer overflow in extproc in Oracle 10g allows remote attackers to ex ...)
 	NOT-FOR-US: Oracle
-CVE-2004-1362
+CVE-2004-1362 (The PL/SQL module for the Oracle HTTP Server in Oracle Application Ser ...)
 	NOT-FOR-US: Oracle
-CVE-2004-1361
+CVE-2004-1361 (Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through  ...)
 	NOT-FOR-US: Windows
-CVE-2004-1360
+CVE-2004-1360 (Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when inv ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1359
+CVE-2004-1359 (Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 all ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1358
+CVE-2004-1358 (The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable  ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1357
+CVE-2004-1357 (The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properl ...)
 	NOT-FOR-US: ssh on Solaris
-CVE-2004-1356
+CVE-2004-1356 (Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1355
+CVE-2004-1355 (Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allo ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1354
+CVE-2004-1354 (The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates  ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1353
+CVE-2004-1353 (Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role  ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1352
+CVE-2004-1352 (Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allo ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1351
+CVE-2004-1351 (Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 thro ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1350
+CVE-2004-1350 (Multiple buffer overflows in Sun Java System Web Proxy Server (formerl ...)
 	NOT-FOR-US: Sun Java System Web Proxy Server
-CVE-2004-1349
+CVE-2004-1349 (gzip before 1.3 in Solaris 8, when called with the -f or -force flags, ...)
 	- gzip <not-affected> (gzip on Solaris)
-CVE-2004-1348
+CVE-2004-1348 (Unknown vulnerability in in.named on Solaris 8 allows remote attackers ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1347
+CVE-2004-1347 (X Display Manager (XDM) on Solaris 8 allows remote attackers to cause  ...)
 	- xfree86 <not-affected> (xdm on Solaris)
 	- xorg-x11 <not-affected> (xdm on Solaris)
-CVE-2004-1346
+CVE-2004-1346 (The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users t ...)
 	NOT-FOR-US: Solaris
-CVE-2004-1345
+CVE-2004-1345 (Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) ...)
 	NOT-FOR-US: Sun StorEdge Enterprise Storage Manager
 CVE-2004-1344
 	REJECTED
-CVE-2004-1343
+CVE-2004-1343 (CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when ...)
 	{DSA-715-1}
 	- cvs 1:1.12.9-12
-CVE-2004-1342
+CVE-2004-1342 (CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch ...)
 	{DSA-715-1}
 	- cvs 1:1.12.9-12
-CVE-2004-1341
+CVE-2004-1341 (Cross-site scripting (XSS) vulnerability in info2www before 1.2.2.9 al ...)
 	{DSA-711-1}
 	- info2www 1.2.2.9-23 (bug #281655)
-CVE-2004-1340
+CVE-2004-1340 (Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the  ...)
 	{DSA-659-1}
 	- libpam-radius-auth 1.3.16-1.1
-CVE-2004-1339
+CVE-2004-1339 (SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2 ...)
 	NOT-FOR-US: oracle
-CVE-2004-1338
+CVE-2004-1338 (The triggers in Oracle 9i and 10g allow local users to gain privileges ...)
 	NOT-FOR-US: oracle
-CVE-2004-1337
+CVE-2004-1337 (The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6  ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive, 2.6.11)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2004-1336
+CVE-2004-1336 (The xdvizilla script in tetex-bin 2.0.2 creates temporary files with p ...)
 	- tetex-bin 2.0.2-25
-CVE-2004-1335
+CVE-2004-1335 (Memory leak in the ip_options_get function in the Linux kernel before  ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-11
 	- kernel-source-2.4.27 2.4.27-9
-CVE-2004-1334
+CVE-2004-1334 (Integer overflow in the ip_options_get function in the Linux kernel be ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-11
 	- kernel-source-2.4.27 <not-affected>
-CVE-2004-1333
+CVE-2004-1333 (Integer overflow in the vc_resize function in the Linux kernel 2.4 and ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-11
 	- kernel-source-2.4.27 2.4.27-9
-CVE-2004-1332
+CVE-2004-1332 (Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with th ...)
 	NOT-FOR-US: hpux
-CVE-2004-1331
+CVE-2004-1331 (The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows r ...)
 	NOT-FOR-US: microsoft
-CVE-2004-1330
+CVE-2004-1330 (Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users t ...)
 	NOT-FOR-US: AIX
-CVE-2004-1329
+CVE-2004-1329 (Untrusted execution path vulnerability in the diag commands (1) lsmcod ...)
 	NOT-FOR-US: AIX
-CVE-2004-1328
+CVE-2004-1328 (Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 ...)
 	NOT-FOR-US: hpux
-CVE-2004-1327
+CVE-2004-1327 (Buffer overflow in Crystal FTP Client 2.8 allows remote malicious serv ...)
 	NOT-FOR-US: Crystal FTP client
-CVE-2004-1326
+CVE-2004-1326 (Buffer overflow in dxterm in Ultrix 4.5 allows local users to execute  ...)
 	NOT-FOR-US: Ultrix
-CVE-2004-1325
+CVE-2004-1325 (The getItemInfoByAtom function in the ActiveX control for Microsoft Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-1324
+CVE-2004-1324 (The Microsoft Windows Media Player 9.0 ActiveX control may allow remot ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-1323
+CVE-2004-1323 (Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow  ...)
 	NOT-FOR-US: Netbsd
-CVE-2004-1322
+CVE-2004-1322 (Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1321
+CVE-2004-1321 (The configuration backup in Asante FM2008 running firmware 1.06 stores ...)
 	NOT-FOR-US: Asante FM2008
-CVE-2004-1320
+CVE-2004-1320 (Asante FM2008 running firmware 1.06 is shipped with a default username ...)
 	NOT-FOR-US: Asante FM2008
-CVE-2004-1319
+CVE-2004-1319 (The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject ...)
 	NOT-FOR-US: MSIE
-CVE-2004-1318
+CVE-2004-1318 (Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0. ...)
 	{DSA-627-1}
 	- namazu2 2.0.14-1
-CVE-2004-1317
+CVE-2004-1317 (Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, whe ...)
 	- netcat <not-affected> (only affects netcat in Windows)
-CVE-2004-1316
+CVE-2004-1316 (Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol. ...)
 	- mozilla 2:1.7.5-1 (bug #288047)
-CVE-2004-1315
+CVE-2004-1315 (viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the hi ...)
 	- phpbb2 2.0.10-3
-CVE-2004-1314
+CVE-2004-1314 (Safari 1.x allows remote attackers to spoof arbitrary web sites by inj ...)
 	NOT-FOR-US: MacOS
-CVE-2004-1313
+CVE-2004-1313 (The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly o ...)
 	NOT-FOR-US: My Firewall Plus
-CVE-2004-1312
+CVE-2004-1312 (A bug in the HTML parser in a certain Microsoft HTML library, as used  ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-1311
+CVE-2004-1311 (Integer overflow in the real_setup_and_get_header function in real.c f ...)
 	- mplayer 1.0~pre6a-1
-CVE-2004-1310
+CVE-2004-1310 (Stack-based buffer overflow in the asf_mmst_streaming.c functionality  ...)
 	- mplayer 1.0~pre6a-1
-CVE-2004-1309
+CVE-2004-1309 (Heap-based buffer overflow in the demux_open_bmp function in demux_bmp ...)
 	- mplayer 1.0~pre6a-1
-CVE-2004-1308
+CVE-2004-1308 (Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3 ...)
 	{DSA-617-1}
 	- tiff 3.6.1-4
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2004-1307
+CVE-2004-1307 (Integer overflow in the TIFFFetchStripThing function in tif_dirread.c  ...)
 	- tiff 3.7.0 (low)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2004-1306
+CVE-2004-1306 (Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 ...)
 	NOT-FOR-US: Windows
-CVE-2004-1305
+CVE-2004-1305 (The Windows Animated Cursor (ANI) capability in Windows NT, Windows 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-1304
+CVE-2004-1304 (Stack-based buffer overflow in the ELF header parsing code in file bef ...)
 	- file 4.12
-CVE-2004-1303
+CVE-2004-1303 (Buffer overflow in the get function in get.c for Yanf 0.4 allows remot ...)
 	NOT-FOR-US: Yanf
-CVE-2004-1302
+CVE-2004-1302 (The id3tag_sort function in id3tag.c for YAMT 0.5 allows remote attack ...)
 	NOT-FOR-US: YAMT
-CVE-2004-1301
+CVE-2004-1301 (Buffer overflow in the book_format_sql function in format.c for xlread ...)
 	NOT-FOR-US: xlreader
-CVE-2004-1300
+CVE-2004-1300 (Buffer overflow in the open_aiff_file function in demux_aiff.c for xin ...)
 	- xine-lib 1-rc8-1
 	- vlc <not-affected> (vulnerable component of xine-lib code copy not present)
-CVE-2004-1299
+CVE-2004-1299 (Buffer overflow in the get_attr function in html.c for vilistextum 2.6 ...)
 	NOT-FOR-US: vilistextum
-CVE-2004-1298
+CVE-2004-1298 (Buffer overflow in the parse function in vb2c.c for vb2c 0.02 allows r ...)
 	NOT-FOR-US: vb2c
-CVE-2004-1297
+CVE-2004-1297 (Buffer overflow in the process_font_table function in convert.c for un ...)
 	- unrtf 0.19.3-1.1 (bug #287038)
-CVE-2004-1296
+CVE-2004-1296 (The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow loca ...)
 	- groff 1.18.1.1-5
-CVE-2004-1295
+CVE-2004-1295 (The slip_down function in slip.c for the uml_net program in uml-utilit ...)
 	- uml-utilities <not-affected> (uml_net is only executable by users in group uml-net)
-CVE-2004-1294
+CVE-2004-1294 (The mget function in cmds.c for tnftp 20030825 allows remote FTP serve ...)
 	- tnftp 20050625-0.1 (bug #285902; medium)
-CVE-2004-1293
+CVE-2004-1293 (Buffer overflow in the ReadFontTbl function in reader.c for rtf2latex2 ...)
 	NOT-FOR-US: rtf2latex2e
-CVE-2004-1292
+CVE-2004-1292 (Buffer overflow in the parse_emelody function in parse_emelody.c for r ...)
 	NOT-FOR-US: ringtonetools
-CVE-2004-1291
+CVE-2004-1291 (Buffer overflow in qwik-smtpd allows remote attackers to use the serve ...)
 	NOT-FOR-US: qwik-smtpd
-CVE-2004-1290
+CVE-2004-1290 (Buffer overflow in the process_moves function in pgn2web.c for pgn2web ...)
 	NOT-FOR-US: pgn2web
-CVE-2004-1289
+CVE-2004-1289 (Multiple buffer overflows in (1) the getline function in pcalutil.c an ...)
 	{DSA-625-1}
 	- pcal 4.8.0-1
-CVE-2004-1288
+CVE-2004-1288 (Buffer overflow in the parse_html function in o3read.c for o3read 0.0. ...)
 	NOT-FOR-US: o3read
-CVE-2004-1287
+CVE-2004-1287 (Buffer overflow in the error function in preproc.c for NASM 0.98.38 1. ...)
 	{DSA-623-1}
 	- nasm 0.98.38-1.1 (bug #285889)
-CVE-2004-1286
+CVE-2004-1286 (Buffer overflow in the auto_filter_extern function in auto.c for NapSh ...)
 	NOT-FOR-US: NapShare
-CVE-2004-1285
+CVE-2004-1285 (Buffer overflow in the get_header function in asf_mmst_streaming.c for ...)
 	NOT-FOR-US: mplayer
-CVE-2004-1284
+CVE-2004-1284 (Buffer overflow in the find_next_file function in playlist.c for mpg12 ...)
 	NOTE: Previous fix 0.59r-18 introduced new integer overflows and caused regressions
 	- mpg123 0.59r-20 (bug #287043)
-CVE-2004-1283
+CVE-2004-1283 (Buffer overflow in the Mesh::type method in mesh.c for the mview progr ...)
 	NOT-FOR-US: mview
-CVE-2004-1282
+CVE-2004-1282 (Buffer overflow in the strexpand function in string.c for LinPopUp 1.2 ...)
 	{DSA-632-1}
 	- linpopup 1.2.0-7
-CVE-2004-1281
+CVE-2004-1281 (The ftp_retr function in junkie 0.3.1 allows remote malicious FTP serv ...)
 	NOT-FOR-US: junkie
-CVE-2004-1280
+CVE-2004-1280 (The gui_popup_view_fly function in gui_tview_popup.c for junkie 0.3.1  ...)
 	NOT-FOR-US: junkie
-CVE-2004-1279
+CVE-2004-1279 (Buffer overflow in the get_file_list_stdin function in jpegtoavi 1.5 a ...)
 	NOT-FOR-US: jpegtoavi
-CVE-2004-1278
+CVE-2004-1278 (Buffer overflow in the switch_voice function in parse.c for jcabc2ps 2 ...)
 	NOT-FOR-US: jcabc2ps
-CVE-2004-1277
+CVE-2004-1277 (The download_selection_recursive() function in ftplist.c for IglooFTP  ...)
 	NOT-FOR-US: IglooFTP
-CVE-2004-1276
+CVE-2004-1276 (IglooFTP 0.6.1, when recursively uploading a directory, allows local u ...)
 	NOT-FOR-US: IglooFTP
-CVE-2004-1275
+CVE-2004-1275 (Buffer overflow in the remove_quote function in convert.c for html2hdm ...)
 	NOT-FOR-US: html2hdml
-CVE-2004-1274
+CVE-2004-1274 (The DownloadLoop function in main.c for greed 0.81p allows remote atta ...)
 	NOT-FOR-US: greed
 	NOTE: not the game in debian, the file download tool
-CVE-2004-1273
+CVE-2004-1273 (Buffer overflow in the DownloadLoop function in main.c for greed 0.81p ...)
 	NOT-FOR-US: greed
 	NOTE: not the game in debian, the file download tool
-CVE-2004-1272
+CVE-2004-1272 (Buffer overflow in the save_embedded_address function in filter.c for  ...)
 	- filter 2.4.2-1.1
-CVE-2004-1271
+CVE-2004-1271 (Buffer overflow in the dxfin function in d.c for dxfscope 0.2 allows r ...)
 	NOT-FOR-US: dxfscope
-CVE-2004-1270
+CVE-2004-1270 (lppasswd in CUPS 1.1.22, when run in environments that do not ensure t ...)
 	- cups 1.1.22-2
 	- cupsys 1.1.22-2
-CVE-2004-1269
+CVE-2004-1269 (lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it enco ...)
 	- cups 1.1.22-2
 	- cupsys 1.1.22-2
-CVE-2004-1268
+CVE-2004-1268 (lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS p ...)
 	- cups 1.1.22-2
 	- cupsys 1.1.22-2
-CVE-2004-1267
+CVE-2004-1267 (Buffer overflow in the ParseCommand function in hpgl-input.c in the hp ...)
 	- cups 1.1.22-2
 	- cupsys 1.1.22-2
-CVE-2004-1266
+CVE-2004-1266 (Buffer overflow in the get_field_headers function in csv2xml.cpp for c ...)
 	NOT-FOR-US: csv2xml
-CVE-2004-1265
+CVE-2004-1265 (Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the  ...)
 	NOT-FOR-US: Convex
-CVE-2004-1264
+CVE-2004-1264 (Buffer overflow in the simplify_path function in config.c for ChBg 1.5 ...)
 	{DSA-644-1}
 	- chbg 1.5-4
-CVE-2004-1263
+CVE-2004-1263 (changepassword.cgi in ChangePassword 0.8, when installed setuid, allow ...)
 	NOT-FOR-US: ChangePassword
-CVE-2004-1262
+CVE-2004-1262 (Buffer overflow in the bsb_open_header function in libbsb for bsb2ppm  ...)
 	NOT-FOR-US: bsb2ppm
-CVE-2004-1261
+CVE-2004-1261 (Multiple buffer overflows in the preparse function in asp2php 0.76.23  ...)
 	NOT-FOR-US: asp2php
-CVE-2004-1260
+CVE-2004-1260 (Multiple buffer overflows in the (1) write_heading function in subs.cp ...)
 	NOT-FOR-US: abctab2ps
-CVE-2004-1259
+CVE-2004-1259 (Multiple buffer overflows in the handle_directive function in abcpp.c  ...)
 	NOT-FOR-US: abcpp
-CVE-2004-1258
+CVE-2004-1258 (Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 ...)
 	- abcm2ps 4.8.5-1
-CVE-2004-1257
+CVE-2004-1257 (Buffer overflow in the process_abc function in abc.c for abc2mtex 1.6. ...)
 	NOT-FOR-US: abc2mtex
-CVE-2004-1256
+CVE-2004-1256 (Multiple buffer overflows in the (1) event_text and (2) event_specific ...)
 	- abcmidi 20050101-1
-CVE-2004-1255
+CVE-2004-1255 (Buffer overflow in the expandtabs function in 2fax 3.04 allows remote  ...)
 	NOT-FOR-US: 2fax
-CVE-2004-1254
+CVE-2004-1254 (WinRAR 3.40, and possibly earlier versions, allows remote attackers to ...)
 	NOT-FOR-US: WinRAR
 CVE-2004-1253
 	RESERVED
@@ -3212,7 +3212,7 @@ CVE-2004-1246
 	RESERVED
 CVE-2004-1245
 	RESERVED
-CVE-2004-1244
+CVE-2004-1244 (Windows Media Player 9 allows remote attackers to execute arbitrary co ...)
 	NOT-FOR-US: Microsoft
 CVE-2004-1243
 	REJECTED
@@ -3226,111 +3226,111 @@ CVE-2004-1239
 	REJECTED
 CVE-2004-1238
 	REJECTED
-CVE-2004-1237
+CVE-2004-1237 (Unknown vulnerability in the system call filtering code in the audit s ...)
 	- linux-2.6 <not-affected> (Apparently Red Hat specific)
-CVE-2004-1236
+CVE-2004-1236 (Buffer overflow in the LDAP component for Netscape Directory Server (N ...)
 	NOT-FOR-US: Netscape Directory Server on HP-UX
-CVE-2004-1235
+CVE-2004-1235 (Race condition in the (1) load_elf_library and (2) binfmt_aout functio ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-8 (bug #289202; bug #289708; bug #291053; high)
-CVE-2004-1234
+CVE-2004-1234 (load_elf_binary in Linux before 2.4.26 allows local users to cause a d ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26)
-CVE-2004-1233
+CVE-2004-1233 (Integer overflow in Gadu-Gadu allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1232
+CVE-2004-1232 (Stack-based buffer overflow in the code that sends images in Gadu-Gadu ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1231
+CVE-2004-1231 (Directory traversal vulnerability in Gadu-Gadu allows remote attackers ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1230
+CVE-2004-1230 (Gadu-Gadu allows remote attackers to gain sensitive information and re ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1229
+CVE-2004-1229 (Cross-site scripting vulnerability in the parser for Gadu-Gadu allows  ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2004-1228
+CVE-2004-1228 (The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2004-1227
+CVE-2004-1227 (Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and e ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2004-1226
+CVE-2004-1226 (SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to gai ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2004-1225
+CVE-2004-1225 (SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allo ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2004-1224
+CVE-2004-1224 (Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 thr ...)
 	- mtr 0.67-1
-CVE-2004-1223
+CVE-2004-1223 (The Management Agent in F-Secure Policy Manager 5.11.2810 allows remot ...)
 	NOT-FOR-US: F-Secure Policy Manager
-CVE-2004-1222
+CVE-2004-1222 (weblibs.pl in WebLibs 1.0 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: weblibs.pl
-CVE-2004-1221
+CVE-2004-1221 (Directory traversal vulnerability in weblibs.pl in WebLibs 1.0 allows  ...)
 	NOT-FOR-US: weblibs.pl
-CVE-2004-1220
+CVE-2004-1220 (Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and e ...)
 	NOT-FOR-US: Battlefield 1942, Battlefield Vietnam
-CVE-2004-1219
+CVE-2004-1219 (paFileDB 3.1, when using sessions authentication and while the adminis ...)
 	NOT-FOR-US: paFileDB
-CVE-2004-1218
+CVE-2004-1218 (Remote Execute 2.30 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Remote Execute
-CVE-2004-1217
+CVE-2004-1217 (Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2004-1216
+CVE-2004-1216 (The scripts that handle players in Kreed 1.05 and earlier allow remote ...)
 	NOT-FOR-US: Kreed
-CVE-2004-1215
+CVE-2004-1215 (Kreed 1.05 and earlier allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Kreed
-CVE-2004-1214
+CVE-2004-1214 (Format string vulnerability in Kreed 1.05 and earlier allows remote at ...)
 	NOT-FOR-US: Kreed
-CVE-2004-1213
+CVE-2004-1213 (Cross-site scripting (XSS) vulnerability in index.php in Advanced Gues ...)
 	NOT-FOR-US: Advanced Guestbook
-CVE-2004-1212
+CVE-2004-1212 (Directory traversal vulnerability in btdownload.php in Blog Torrent pr ...)
 	NOT-FOR-US: Blog Torrent
-CVE-2004-1211
+CVE-2004-1211 (Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allo ...)
 	NOT-FOR-US: Mercury Mail
-CVE-2004-1210
+CVE-2004-1210 (Cross-site scripting (XSS) vulnerability in proxylog.dat in IPCop 1.4. ...)
 	NOT-FOR-US: IpCop
-CVE-2004-1209
+CVE-2004-1209 (Verisign Payflow Link, when running with empty Accepted URL fields, do ...)
 	NOT-FOR-US: Verisign Payflow Link
-CVE-2004-1208
+CVE-2004-1208 (Buffer overflow in Orbz 2.10 and earlier allows remote attackers to ca ...)
 	NOT-FOR-US: Orbz
-CVE-2004-1207
+CVE-2004-1207 (The Serious engine, as used in (1) Alpha Black Zero Intrepid Protocol  ...)
 	NOT-FOR-US: The Serious engine, as used in (1) Alpha Black Zero, (2) Nitro family, and (3) Serious Sam Second Encounter
-CVE-2004-1206
+CVE-2004-1206 (Directory traversal vulnerability in codebrowserpntm.php in pnTresMail ...)
 	NOT-FOR-US: pnTresMailer
-CVE-2004-1205
+CVE-2004-1205 (codebrowserpntm.php in PnTresMailer 6.03 allows remote attackers to ga ...)
 	NOT-FOR-US: pnTresMailer
-CVE-2004-1204
+CVE-2004-1204 (FluxBox 0.9.10 and earlier versions allows local users to cause a deni ...)
 	NOTE: at best a local DOS by the user running fluxbox.
 	NOTE: Where's the security hole?
 	- fluxbox 0.9.11-1
-CVE-2004-1203
+CVE-2004-1203 (parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug mod ...)
 	NOT-FOR-US: phpCMS
-CVE-2004-1202
+CVE-2004-1202 (Cross-site scripting (XSS) vulnerability in parser.php in phpCMS 1.2.1 ...)
 	NOT-FOR-US: phpCMS
-CVE-2004-1201
+CVE-2004-1201 (Opera 7.54 allows remote attackers to cause a denial of service (appli ...)
 	NOT-FOR-US: Opera
-CVE-2004-1200
+CVE-2004-1200 (Firefox and Mozilla allow remote attackers to cause a denial of servic ...)
 	NOTE: memory leak, doubt it's usefully exploitable
 	NOTE: did not followup
-CVE-2004-1199
+CVE-2004-1199 (Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Safari
-CVE-2004-1198
+CVE-2004-1198 (Microsoft Internet Explorer allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: MSIE
-CVE-2004-1197
+CVE-2004-1197 (Cross-site scripting (XSS) vulnerability in inshop.pl in Insite inShop ...)
 	NOT-FOR-US: inShop
-CVE-2004-1196
+CVE-2004-1196 (Cross-site scripting (XSS) vulnerability in inmail.pl in Insite Inmail ...)
 	NOT-FOR-US: Insite Inmail
-CVE-2004-1195
+CVE-2004-1195 (Star Wars Battlefront 1.11 and earlier allows remote attackers to caus ...)
 	NOT-FOR-US: Star Wars Battlefront
-CVE-2004-1194
+CVE-2004-1194 (Buffer overflow in Star Wars Battlefront 1.11 and earlier allows remot ...)
 	NOT-FOR-US: Star Wars Battlefront
-CVE-2004-1193
+CVE-2004-1193 (Prevx Home 1.0 allows local users with administrator privileges to byp ...)
 	NOT-FOR-US: Prevex Home
-CVE-2004-1192
+CVE-2004-1192 (Format string vulnerability in the lprintf function in Citadel/UX 6.27 ...)
 	NOT-FOR-US: Citadel/UX
-CVE-2004-1191
+CVE-2004-1191 (Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems  ...)
 	NOTE: turned out that kernel-source-2.6.8 2.6.8-14 was incompletly fixed
 	[sarge] - kernel-source-2.6.8 2.6.8-16
 	- kernel-source-2.4.27 2.4.27-6
 	- linux-2.6 <not-affected> (fixed before initial upload)
 	- linux-2.6.24 <not-affected> (fixed before initial upload)
-CVE-2004-1190
+CVE-2004-1190 (SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not ...)
 	NOTE: Response from Suse people reveals that http://linux.bkbits.net:8080/linux-2.6/hist/drivers/block/scsi_ioctl.c
 	NOTE: has a misleading entry titled "Fix exploitable hole"
 	NOTE: http://www.securityfocus.com/advisories/7579
@@ -3340,164 +3340,164 @@ CVE-2004-1190
 	NOTE: 2.6.10 is actually fixed, but 2.6.8 is not
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2004-1189
+CVE-2004-1189 (The add_to_history function in svr_principal.c in libkadm5srv for MIT  ...)
 	{DSA-629-1}
 	- krb5 1.3.6-1
-CVE-2004-1188
+CVE-2004-1188 (The pnm_get_chunk function in xine 0.99.2 and earlier, and other packa ...)
 	- xine-lib 1-rc8-1
 	- mplayer <not-affected> (fixed in 1.0-pre5 which precedes the version included in etch)
-CVE-2004-1187
+CVE-2004-1187 (Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99 ...)
 	- xine-lib 1-rc8-1
 	- mplayer <not-affected> (fixed in 1.0-pre5 which precedes the version included in etch)
-CVE-2004-1186
+CVE-2004-1186 (Multiple buffer overflows in enscript 1.6.3 allow remote attackers or  ...)
 	{DSA-654-1}
 	- enscript 1.6.4-6
-CVE-2004-1185
+CVE-2004-1185 (Enscript 1.6.3 does not sanitize filenames, which allows remote attack ...)
 	{DSA-654-1}
 	- enscript 1.6.4-6
-CVE-2004-1184
+CVE-2004-1184 (The EPSF pipe support in enscript 1.6.3 allows remote attackers or loc ...)
 	{DSA-654-1}
 	- enscript 1.6.4-6
-CVE-2004-1183
+CVE-2004-1183 (Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier ...)
 	{DSA-626-1}
 	- tiff 3.6.1-5
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2004-1182
+CVE-2004-1182 (hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfax ...)
 	{DSA-634-1}
 	- hylafax 1:4.2.1-1
-CVE-2004-1181
+CVE-2004-1181 (htmlheadline before 21.8 allows local users to overwrite arbitrary fil ...)
 	{DSA-622-1}
 	- htmlheadline <removed>
-CVE-2004-1180
+CVE-2004-1180 (Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on littl ...)
 	{DSA-678-1}
 	- netkit-rwho 0.17-8
-CVE-2004-1179
+CVE-2004-1179 (The debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7. ...)
 	{DSA-615-1}
 	- debmake 3.7.7
 CVE-2004-1178
 	RESERVED
-CVE-2004-1177
+CVE-2004-1177 (Cross-site scripting (XSS) vulnerability in the driver script in mailm ...)
 	{DSA-674-1}
 	- mailman 2.1.5-5
-CVE-2004-1176
+CVE-2004-1176 (Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earl ...)
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1175
+CVE-2004-1175 (fish.c in midnight commander allows remote attackers to execute arbitr ...)
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1174
+CVE-2004-1174 (direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attack ...)
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1173
+CVE-2004-1173 (Internet Explorer 6 allows remote attackers to bypass the popup blocke ...)
 	NOT-FOR-US: MSIE
-CVE-2004-1172
+CVE-2004-1172 (Stack-based buffer overflow in the Agent Browser in Veritas Backup Exe ...)
 	NOT-FOR-US: Veritas Backup Exec
-CVE-2004-1171
+CVE-2004-1171 (KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1 ...)
 	- kdelibs 4:3.3.1-2
 	- kdebase 4:3.3.1-3
-CVE-2004-1170
+CVE-2004-1170 (a2ps 4.13 allows remote attackers to execute arbitrary commands via sh ...)
 	{DSA-612-1}
 	- a2ps 1:4.13b-4.2 (bug #283134)
-CVE-2004-1169
+CVE-2004-1169 (MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause  ...)
 	- maxdb-7.5.00 7.5.00.19-1
-CVE-2004-1168
+CVE-2004-1168 (Stack-based buffer overflow in the WebDav handler in MaxDB WebTools 7. ...)
 	- maxdb-7.5.00 7.5.00.19-1
-CVE-2004-1167
+CVE-2004-1167 (mirrorselect before 0.89 creates temporary files in a world-writable l ...)
 	NOT-FOR-US: gentoo mirrorselect
-CVE-2004-1166
+CVE-2004-1166 (CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-1165
+CVE-2004-1165 (Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP comma ...)
 	{DSA-631-1}
 	- kdelibs 4:3.3.2-1
-CVE-2004-1164
+CVE-2004-1164 (The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 al ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1163
+CVE-2004-1163 (Cisco CNS Network Registrar Central Configuration Management (CCM) ser ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1162
+CVE-2004-1162 (The unison command in scponly before 4.0 does not properly restrict pr ...)
 	- scponly 4.0-1
-CVE-2004-1161
+CVE-2004-1161 (rssh 2.2.2 and earlier does not properly restrict programs that can be ...)
 	- rssh 2.2.3-1
-CVE-2004-1160
+CVE-2004-1160 (Netscape 7.x to 7.2, and possibly other versions, allows remote attack ...)
 	NOT-FOR-US: Netscape
 CVE-2004-1159
 	REJECTED
-CVE-2004-1158
+CVE-2004-1158 (Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remot ...)
 	- kdelibs 4:3.3.1-3
 	- kdebase 4:3.3.1-4
-CVE-2004-1157
+CVE-2004-1157 (Opera 7.x up to 7.54, and possibly other versions, allows remote attac ...)
 	NOT-FOR-US: Opera
-CVE-2004-1156
+CVE-2004-1156 (Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attacker ...)
 	- mozilla 2:1.7.6-1
 	- mozilla-firefox 1.0.1
-CVE-2004-1155
+CVE-2004-1155 (Internet Explorer 5.01 through 6 allows remote attackers to spoof arbi ...)
 	NOT-FOR-US: Microsoft MSIE
-CVE-2004-1154
+CVE-2004-1154 (Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x thr ...)
 	{DSA-701-1}
 	- samba 3.0.10-1
-CVE-2004-1153
+CVE-2004-1153 (Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0. ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2004-1152
+CVE-2004-1152 (Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader  ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2004-1151
+CVE-2004-1151 (Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-11
-CVE-2004-1150
+CVE-2004-1150 (Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 t ...)
 	NOT-FOR-US: Winamp
-CVE-2004-1149
+CVE-2004-1149 (Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0. ...)
 	NOT-FOR-US: Computer Associates eTrust EZ Antivirus
-CVE-2004-1148
+CVE-2004-1148 (phpMyAdmin before 2.6.1, when configured with UploadDir functionality, ...)
 	- phpmyadmin 2:2.6.1-rc1-1
-CVE-2004-1147
+CVE-2004-1147 (phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external t ...)
 	- phpmyadmin 2:2.6.1-rc1-1
-CVE-2004-1146
+CVE-2004-1146 (Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and  ...)
 	- cvstrac 1.1.5
-CVE-2004-1145
+CVE-2004-1145 (Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) all ...)
 	- kdelibs 4:3.3.2-1
-CVE-2004-1144
+CVE-2004-1144 (Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD6 ...)
 	NOTE: amd64 specific
 	- kernel-source-2.4.27 2.4.27-9
-CVE-2004-1143
+CVE-2004-1143 (The password generation in mailman before 2.1.5 generates only 5 milli ...)
 	- mailman 2.1.5-5
-CVE-2004-1142
+CVE-2004-1142 (Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denia ...)
 	{DSA-613-1}
 	- ethereal 0.10.8-1
-CVE-2004-1141
+CVE-2004-1141 (The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote att ...)
 	- ethereal 0.10.8-1
-CVE-2004-1140
+CVE-2004-1140 (Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denia ...)
 	- ethereal 0.10.8-1
-CVE-2004-1139
+CVE-2004-1139 (Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 throug ...)
 	- ethereal 0.10.8-1
-CVE-2004-1138
+CVE-2004-1138 (VIM before 6.3 and gVim before 6.3 allow local users to execute arbitr ...)
 	- vim 1:6.3-046+0sarge1
-CVE-2004-1137
+CVE-2004-1137 (Multiple vulnerabilities in the IGMP functionality for Linux kernel 2. ...)
 	- linux-2.6 <not-affected> (Fixed before upload into the archive)
 	- kernel-source-2.4.27 2.4.27-7
-CVE-2004-1136
+CVE-2004-1136 (Buffer overflow in CuteFTP Professional 6.0, and possibly other versio ...)
 	NOT-FOR-US: CuteFTP
-CVE-2004-1135
+CVE-2004-1135 (Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remot ...)
 	NOT-FOR-US: WS-Ftpd
-CVE-2004-1134
+CVE-2004-1134 (Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-1133
+CVE-2004-1133 (Multiple cross-site scripting (XSS) vulnerabilities in Microsoft W3Who ...)
 	NOT-FOR-US: Microsoft
 CVE-2004-1132
 	RESERVED
-CVE-2004-1131
+CVE-2004-1131 (Multiple buffer overflows in the enable command for SCO OpenServer 5.0 ...)
 	NOT-FOR-US: SCO
-CVE-2004-1130
+CVE-2004-1130 (Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5 ...)
 	NOT-FOR-US: CMailServer
-CVE-2004-1129
+CVE-2004-1129 (SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and ...)
 	NOT-FOR-US: CMailServer
-CVE-2004-1128
+CVE-2004-1128 (Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attac ...)
 	NOT-FOR-US: CMailServer
-CVE-2004-1127
+CVE-2004-1127 (Buffer overflow in Open Dc Hub 0.7.14 allows remote attackers, with ad ...)
 	- opendchub 0.7.14-1.1 (bug #284350; bug #283061)
 CVE-2004-1126
 	RESERVED
-CVE-2004-1125
+CVE-2004-1125 (Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00,  ...)
 	{DSA-621-1 DSA-619-1}
 	- xpdf 3.00-11
 	- cupsys 1.1.22-2
@@ -3505,193 +3505,193 @@ CVE-2004-1125
 	- tetex-bin 2.0.2-25
 	- gpdf 2.8.2-1
 	- koffice 1:1.3.5-1
-CVE-2004-1124
+CVE-2004-1124 (Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 al ...)
 	NOT-FOR-US: UnixWare
-CVE-2004-1123
+CVE-2004-1123 (Darwin Streaming Server 5.0.1, and possibly earlier versions, allows r ...)
 	NOT-FOR-US: Darwin Streaming Server
-CVE-2004-1122
+CVE-2004-1122 (Safari 1.x to 1.2.4, and possibly other versions, allows inactive wind ...)
 	NOT-FOR-US: Safari
-CVE-2004-1121
+CVE-2004-1121 (Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the UR ...)
 	NOT-FOR-US: Safari
-CVE-2004-1120
+CVE-2004-1120 (Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c a ...)
 	{DSA-663-1}
 	- prozilla 1:1.3.7.3-1
-CVE-2004-1119
+CVE-2004-1119 (Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibl ...)
 	NOT-FOR-US: Winamp
-CVE-2004-1118
+CVE-2004-1118 (Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component bef ...)
 	NOT-FOR-US: WodFtpDLX.ocx ActiveX component
-CVE-2004-1117
+CVE-2004-1117 (The init scripts in ChessBrain 20407 and earlier execute user-owned pr ...)
 	NOT-FOR-US: ChessBrain
-CVE-2004-1116
+CVE-2004-1116 (The init scripts in Great Internet Mersenne Prime Search (GIMPS) 23.9  ...)
 	NOT-FOR-US: GIMPS
-CVE-2004-1115
+CVE-2004-1115 (The init scripts in Search for Extraterrestrial Intelligence (SETI) pr ...)
 	- setiathome <not-affected> (Gentoo-specific vulnerability)
-CVE-2004-1114
+CVE-2004-1114 (Buffer overflow in the handling of command line arguments in Skype 1.0 ...)
 	NOT-FOR-US: Skype
-CVE-2004-1113
+CVE-2004-1113 (SQL injection vulnerability in SQLgrey Postfix greylisting service bef ...)
 	- sqlgrey 1.2.0
-CVE-2004-1112
+CVE-2004-1112 (The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1111
+CVE-2004-1111 (Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1110
+CVE-2004-1110 (The mtink status monitor before 1.0.5 for Epson printers allows local  ...)
 	- mtink 1.0.5
 	NOTE: debian not vulnerable except in edge case
-CVE-2004-1109
+CVE-2004-1109 (The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allo ...)
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2004-1108
+CVE-2004-1108 (qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overw ...)
 	NOT-FOR-US: Gentoolkit
-CVE-2004-1107
+CVE-2004-1107 (dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to o ...)
 	NOT-FOR-US: Portage
-CVE-2004-1106
+CVE-2004-1106 (Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earl ...)
 	{DSA-642-1}
 	- gallery 1.4.4-pl4-1
-CVE-2004-1105
+CVE-2004-1105 (Nortel Networks Contivity VPN Client displays a different error messag ...)
 	NOT-FOR-US: Nortel Networks Contivity VPN Client
-CVE-2004-1104
+CVE-2004-1104 (Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-1103
+CVE-2004-1103 (MailPost 5.1.1sv, and possibly earlier versions, when debug mode is en ...)
 	NOT-FOR-US: MailPost
-CVE-2004-1102
+CVE-2004-1102 (MailPost 5.1.1sv, and possibly earlier versions, displays a different  ...)
 	NOT-FOR-US: MailPost
-CVE-2004-1101
+CVE-2004-1101 (mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allow ...)
 	NOT-FOR-US: MailPost
-CVE-2004-1100
+CVE-2004-1100 (Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5 ...)
 	NOT-FOR-US: MailPost
-CVE-2004-1099
+CVE-2004-1099 (Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2004-1098
+CVE-2004-1098 (MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus ...)
 	- mime-tools 5.415-1
-CVE-2004-1097
+CVE-2004-1097 (Format string vulnerability in the cherokee_logger_ncsa_write_string f ...)
 	- cherokee <not-affected> (Fixed before upload into archive)
-CVE-2004-1096
+CVE-2004-1096 (Archive::Zip Perl module before 1.14, when used by antivirus programs  ...)
 	- libarchive-zip-perl 1.14-1
-CVE-2004-1095
+CVE-2004-1095 (Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgi ...)
 	{DSA-608-1}
 	- zgv 5.7-1.3 (bug #284124)
-CVE-2004-1094
+CVE-2004-1094 (Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version 5.00.0 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2004-1093
+CVE-2004-1093 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to  ...)
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1092
+CVE-2004-1092 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to  ...)
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1091
+CVE-2004-1091 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to  ...)
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1090
+CVE-2004-1090 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to  ...)
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1089
+CVE-2004-1089 (Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerb ...)
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1088
+CVE-2004-1088 (Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows  ...)
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1087
+CVE-2004-1087 (Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard  ...)
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1086
+CVE-2004-1086 (Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remot ...)
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1085
+CVE-2004-1085 (Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows l ...)
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1084
+CVE-2004-1084 (Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to ...)
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1083
+CVE-2004-1083 (Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files  ...)
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1081
+CVE-2004-1081 (The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3. ...)
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1082
+CVE-2004-1082 (mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does  ...)
 	NOT-FOR-US: Apple MacOS
-CVE-2004-1080
+CVE-2004-1080 (The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-1079
+CVE-2004-1079 (Buffer overflow in (1) ncplogin and (2) ncpmap in nwclient.c for ncpfs ...)
 	- ncpfs 2.2.5-2
-CVE-2004-1078
+CVE-2004-1078 (Stack-based buffer overflow in the client for Citrix Program Neighborh ...)
 	NOT-FOR-US: Citrix
-CVE-2004-1077
+CVE-2004-1077 (Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and ...)
 	NOT-FOR-US: Citrix
-CVE-2004-1076
+CVE-2004-1076 (Multiple buffer overflows in the RtConfigLoad function in rt-config.c  ...)
 	{DSA-609-1}
 	- atari800 1.3.2-1
-CVE-2004-1075
+CVE-2004-1075 (Cross-site scripting (XSS) vulnerability in standard_error_message.dtm ...)
 	- zope-zwiki 0.37.0-1
-CVE-2004-1074
+CVE-2004-1074 (The binfmt functionality in the Linux kernel, when "memory overcommit" ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-11
 	- kernel-source-2.4.27 2.4.27-7
-CVE-2004-1073
+CVE-2004-1073 (The open_exec function in the execve functionality (exec.c) in Linux k ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-6
-CVE-2004-1072
+CVE-2004-1072 (The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.2 ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-6
-CVE-2004-1071
+CVE-2004-1071 (The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.2 ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-6
-CVE-2004-1070
+CVE-2004-1070 (The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) i ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-6
-CVE-2004-1069
+CVE-2004-1069 (Race condition in SELinux 2.6.x through 2.6.9 allows local users to ca ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 <not-affected> (2.6 only issue)
 	[sarge] - kernel-source-2.6.8 2.6.8-11
-CVE-2004-1068
+CVE-2004-1068 (A "missing serialization" error in the unix_dgram_recvmsg function in  ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.9)
 	- kernel-source-2.4.27 2.4.27-7
 	[sarge] - kernel-source-2.6.8 2.6.8-11
-CVE-2004-1067
+CVE-2004-1067 (Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Serve ...)
 	- cyrus21-imapd <not-affected> (Only affected 2.2 series)
-CVE-2004-1066
+CVE-2004-1066 (The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and  ...)
 	NOT-FOR-US: FreeBSD
-CVE-2004-1065
+CVE-2004-1065 (Buffer overflow in the exif_read_data function in PHP before 4.3.10 an ...)
 	- php4 4:4.3.10-1
-CVE-2004-1064
+CVE-2004-1064 (The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate ...)
 	- php4 4:4.3.10-1
-CVE-2004-1063
+CVE-2004-1063 (PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a ...)
 	- php4 4:4.3.10-1
-CVE-2004-1062
+CVE-2004-1062 (Multiple cross-site scripting (XSS) vulnerabilities in ViewCVS 0.9.2 a ...)
 	- viewcvs 0.9.2+cvs.1.0.dev.2004.07.28-1.3 (bug #287771)
-CVE-2004-1061
+CVE-2004-1061 (Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, incl ...)
 	- bugzilla 2.16.7-2
-CVE-2004-1060
+CVE-2004-1060 (Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) d ...)
 	NOTE: Linux kernel verifies TCP sequence numbers on ICMP errors
-CVE-2004-1059
+CVE-2004-1059 (Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2 ...)
 	- mnogosearch 3.2.18-2.2
-CVE-2004-1058
+CVE-2004-1058 (Race condition in Linux kernel 2.6 allows local users to read the envi ...)
 	{DSA-1018-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2004-1057
+CVE-2004-1057 (Multiple drivers in Linux kernel 2.4.19 and earlier do not properly ma ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-10
-CVE-2004-1056
+CVE-2004-1056 (Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not pro ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-8
 	[sarge] - kernel-source-2.6.8 2.6.8-11
-CVE-2004-1055
+CVE-2004-1055 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6. ...)
 	- phpmyadmin 2:2.6.0-pl3-1
-CVE-2004-1054
+CVE-2004-1054 (Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5 ...)
 	NOT-FOR-US: AIX
-CVE-2004-1053
+CVE-2004-1053 (Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote mal ...)
 	NOT-FOR-US: fetch on FreeBSD
-CVE-2004-1052
+CVE-2004-1052 (Buffer overflow in the getnickuserhost function in BNC 2.8.9, and poss ...)
 	{DSA-595-1}
 	- bnc <removed>
-CVE-2004-1051
+CVE-2004-1051 (sudo before 1.6.8p2 allows local users to execute arbitrary commands b ...)
 	{DSA-596-2}
 	- sudo 1.6.8p3-1
-CVE-2004-1050
+CVE-2004-1050 (Heap-based buffer overflow in Internet Explorer 6 allows remote attack ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-1049
+CVE-2004-1049 (Integer overflow in the LoadImage API of the USER32 Lib for Microsoft  ...)
 	NOT-FOR-US: Microsoft
 CVE-2004-1048
 	RESERVED
@@ -3703,7 +3703,7 @@ CVE-2004-1045
 	RESERVED
 CVE-2004-1044
 	RESERVED
-CVE-2004-1043
+CVE-2004-1043 (Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to exe ...)
 	NOT-FOR-US: MSIE
 CVE-2004-1042
 	RESERVED
@@ -3711,109 +3711,109 @@ CVE-2004-1041
 	RESERVED
 CVE-2004-1040
 	RESERVED
-CVE-2004-1039
+CVE-2004-1039 (The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, ...)
 	NOT-FOR-US: SCO UnixWare
-CVE-2004-1038
+CVE-2004-1038 (A design error in the IEEE1394 specification allows attackers with phy ...)
 	NOT-FOR-US: IEEE1394 specification bug, physical security
-CVE-2004-1037
+CVE-2004-1037 (The search function in TWiki 20030201 allows remote attackers to execu ...)
 	- twiki 20030201-6
-CVE-2004-1036
+CVE-2004-1036 (Cross-site scripting (XSS) vulnerability in the decoding of encoded te ...)
 	- squirrelmail 2:1.4.3a-3
-CVE-2004-1035
+CVE-2004-1035 (Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, (3 ...)
 	- up-imapproxy 1.2.2+1.2.3rc2-1
-CVE-2004-1034
+CVE-2004-1034 (Buffer overflow in the http_open function in Kaffeine before 0.5, whos ...)
 	- kaffeine 0.4.3.1-3
 	- gxine 0.4-rc1
-CVE-2004-1033
+CVE-2004-1033 (Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptor ...)
 	- fcron 2.9.5.1-1
-CVE-2004-1032
+CVE-2004-1032 (fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allow ...)
 	- fcron 2.9.5.1-1
-CVE-2004-1031
+CVE-2004-1031 (fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allow ...)
 	- fcron 2.9.5.1-1
-CVE-2004-1030
+CVE-2004-1030 (fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allow ...)
 	- fcron 2.9.5.1-1
-CVE-2004-1029
+CVE-2004-1029 (The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4 ...)
 	NOT-FOR-US: Sun JRE
-CVE-2004-1028
+CVE-2004-1028 (Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2. ...)
 	NOT-FOR-US: AIX
-CVE-2004-1027
+CVE-2004-1027 (Directory traversal vulnerability in the -x (extract) command line opt ...)
 	{DSA-652-1}
 	- arj <not-affected> (sarge's unarj is from a different code base, probably not vulnerable)
-CVE-2004-1026
+CVE-2004-1026 (Multiple integer overflows in the image handler for imlib 1.9.14 and e ...)
 	{DSA-628-1 DSA-618-1}
 	- imlib 1.9.14-17.1 (bug #284925)
 	- imlib+png2 1.9.14-16.1
 	- imlib2 1.1.2-2.1
-CVE-2004-1025
+CVE-2004-1025 (Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, whic ...)
 	{DSA-618-1}
 	- imlib 1.9.14-17.1 (bug #284925)
 	- imlib+png2 1.9.14-16.1
 CVE-2004-1024
 	RESERVED
-CVE-2004-1023
+CVE-2004-1023 (Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and ...)
 	NOT-FOR-US: Kerio
-CVE-2004-1022
+CVE-2004-1022 (Kerio Winroute Firewall before 6.0.7, ServerFirewall before 1.0.1, and ...)
 	NOT-FOR-US: Kerio
-CVE-2004-1021
+CVE-2004-1021 (iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does n ...)
 	NOT-FOR-US: MacOS
-CVE-2004-1020
+CVE-2004-1020 (The addslashes function in PHP 4.3.9 does not properly escape a NULL ( ...)
 	- php4 4:4.3.10-1
-CVE-2004-1019
+CVE-2004-1019 (The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2  ...)
 	- php4 4:4.3.10-1
-CVE-2004-1018
+CVE-2004-1018 (Multiple integer handling errors in PHP before 4.3.10 allow attackers  ...)
 	- php4 4:4.3.10-1
 	- php3 3:3.0.18-29
-CVE-2004-1017
+CVE-2004-1017 (Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x  ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1 DSA-1017-1}
 	- linux-2.6 <not-affected> (2.4 specific vulnerability)
-CVE-2004-1016
+CVE-2004-1016 (The scm_send function in the scm layer for Linux kernel 2.4.x up to 2. ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-7
-CVE-2004-1015
+CVE-2004-1015 (Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, wit ...)
 	- cyrus-imapd <not-affected> (cyrus-imapd not vulnerable)
 	- cyrus21-imapd <not-affected> (cyrus21-imapd not vulnerable)
-CVE-2004-1014
+CVE-2004-1014 (statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signa ...)
 	{DSA-606-1}
 	- nfs-utils 1:1.0.6-3.1
-CVE-2004-1013
+CVE-2004-1013 (The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x th ...)
 	{DSA-597-1}
 	- cyrus-imapd 1.5.19-20
 	- cyrus21-imapd 2.1.17-1
-CVE-2004-1012
+CVE-2004-1012 (The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6  ...)
 	{DSA-597-1}
 	- cyrus-imapd 1.5.19-20
 	- cyrus21-imapd 2.1.17-1
-CVE-2004-1011
+CVE-2004-1011 (Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8,  ...)
 	- cyrus-imapd <not-affected> (cyrus-imapd not vulnerable)
 	- cyrus21-imapd <not-affected> (cyrus21-imapd not vulnerable)
-CVE-2004-1010
+CVE-2004-1010 (Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when us ...)
 	{DSA-624-1}
 	- zip 2.30-8
-CVE-2004-1009
+CVE-2004-1009 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to  ...)
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1008
+CVE-2004-1008 (Integer signedness error in the ssh2_rdpkt function in PuTTY before 0. ...)
 	- putty 0.56-1
-CVE-2004-1007
+CVE-2004-1007 (The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows rem ...)
 	- bogofilter 0.92.8-1
-CVE-2004-1006
+CVE-2004-1006 (Format string vulnerability in the log functions in dhcpd for dhcp 2.x ...)
 	{DSA-584-1}
 	- dhcp 2.0pl5-19.1
-CVE-2004-1005
+CVE-2004-1005 (Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlie ...)
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1004
+CVE-2004-1004 (Multiple format string vulnerabilities in Midnight Commander (mc) 4.5. ...)
 	{DSA-639-1}
 	NOTE: unstable not vulnerable according to DSA, DSA was wrong..
 	- mc 1:4.6.0-4.6.1-pre3-1
-CVE-2004-1003
+CVE-2004-1003 (Trend ScanMail allows remote attackers to obtain potentially sensitive ...)
 	NOT-FOR-US: Trend ScanMail
-CVE-2004-1002
+CVE-2004-1002 (Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attack ...)
 	- ppp 2.4.2+20040428-3
-CVE-2004-1001
+CVE-2004-1001 (Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1,  ...)
 	{DSA-585-1}
 	NOTE: Fixed in 	shadow 1:4.0.3-30.3 for the first time.
 	NOTE: Apparently, the fix was lost somehow, see #309587.
@@ -3821,233 +3821,233 @@ CVE-2004-1001
 	NOTE: version 1:4.0.3-35.
 	- shadow 1:4.0.3-35
 	[sarge] - shadow 1:4.0.3-31sarge5 (bug #309587)
-CVE-2004-1000
+CVE-2004-1000 (lintian 1.23 and earlier removes the working directory even if it was  ...)
 	{DSA-630-1}
 	- lintian 1.23.6 (bug #286379; low)
-CVE-2004-0999
+CVE-2004-0999 (zgv 5.5.3 allows remote attackers to cause a denial of service (applic ...)
 	{DSA-608-1}
 	- zgv 5.7-1.3 (bug #284124)
 	NOTE: changelog says he only patched 1095, but diff comparison
 	NOTE: shows 0999 was also fixed.
-CVE-2004-0998
+CVE-2004-0998 (Format string vulnerability in telnetd-ssl 0.17 and earlier allows rem ...)
 	{DSA-616-1}
 	- netkit-telnet-ssl 0.17.24+0.1-6
-CVE-2004-0997
+CVE-2004-0997 (Unspecified vulnerability in the ptrace MIPS assembly code in Linux ke ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (fixed before first upload)
-CVE-2004-0996
+CVE-2004-0996 (main.c in cscope 15-4 and 15-5 creates temporary files with predictabl ...)
 	{DSA-610-1}
 	- cscope 15.5-1.1 (bug #282815)
 	NOTE: Patch in debian bts from ubuntu is good. All other patches are crap.
 CVE-2004-0995
 	REJECTED
-CVE-2004-0994
+CVE-2004-0994 (Multiple integer overflows in xzgv 0.8 and earlier allow remote attack ...)
 	{DSA-614-1}
 	NOTE: only indication that it's this CVE is in the debian package changelog
 	- xzgv 0.8-3
-CVE-2004-0993
+CVE-2004-0993 (Buffer overflow in hpsockd before 0.6 allows remote attackers to cause ...)
 	{DSA-604-1}
 	- hpsockd 0.14
-CVE-2004-0992
+CVE-2004-0992 (Format string vulnerability in the -a option (daemon mode) in Proxytun ...)
 	NOT-FOR-US: Proxytunnel
-CVE-2004-0991
+CVE-2004-0991 (Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to e ...)
 	- mpg123 0.59r-19
 	- mp3gain 1.5.2-r2-6 (low)
 	[wheezy] - mp3gain 1.5.2-r2-2+deb7u1
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
-CVE-2004-0990
+CVE-2004-0990 (Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and pos ...)
 	{DSA-602-1 DSA-601-1 DSA-591-1 DSA-589-1}
 	- libgd2 2.0.30-1
 	- libgd 1.8.4-36.1
-CVE-2004-0989
+CVE-2004-0989 (Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and p ...)
 	{DSA-582-1}
 	- libxml 1:1.8.17-9
 	- libxml2 2.6.11-5
-CVE-2004-0988
+CVE-2004-0988 (Integer overflow on Apple QuickTime before 6.5.2, when running on Wind ...)
 	NOT-FOR-US: Apple
-CVE-2004-0987
+CVE-2004-0987 (Buffer overflow in the process_menu function in yardradius 1.0.20 allo ...)
 	{DSA-598-1}
 	- yardradius 1.0.20-15
-CVE-2004-0986
+CVE-2004-0986 (Iptables before 1.2.11, under certain conditions, does not properly lo ...)
 	{DSA-580-1}
 	- iptables 1.2.11-4
-CVE-2004-0985
+CVE-2004-0985 (Internet Explorer 6.x on Windows XP SP2 allows remote attackers to exe ...)
 	NOT-FOR-US: windows
-CVE-2004-0984
+CVE-2004-0984 (Unknown vulnerability in the dotlock implementation in mailutils befor ...)
 	- mailutils 1:0.5-4
-CVE-2004-0983
+CVE-2004-0983 (The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows  ...)
 	{DSA-586-1}
 	- ruby1.8 1.8.1+1.8.2pre2-4
 	- ruby1.6 1.6.8-12
 	- ruby <removed>
-CVE-2004-0982
+CVE-2004-0982 (Buffer overflow in the getauthfromURL function in httpget.c in mpg123  ...)
 	{DSA-578-1}
 	- mpg123 0.59r-18
 	NOTE: Original fix in -17 was incomplete
-CVE-2004-0981
+CVE-2004-0981 (Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1. ...)
 	{DSA-593-1}
 	- imagemagick 6:6.0.6.2-1.5 (bug #278401)
 	- graphicsmagick 1.1.7-1
-CVE-2004-0980
+CVE-2004-0980 (Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 th ...)
 	{DSA-592-1}
 	- ez-ipupdate 3.0.11b8-8
-CVE-2004-0979
+CVE-2004-0979 (Internet Explorer on Windows XP does not properly modify the "Drag and ...)
 	NOT-FOR-US: windows
-CVE-2004-0978
+CVE-2004-0978 (Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX cont ...)
 	NOT-FOR-US: windows
-CVE-2004-0977
+CVE-2004-0977 (The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows  ...)
 	{DSA-577-1}
 	- postgresql 7.4.6-1
-CVE-2004-0976
+CVE-2004-0976 (Multiple scripts in the perl package in Trustix Secure Linux 1.5 throu ...)
 	{DSA-620-1}
 	- perl 5.8.4-4
-CVE-2004-0975
+CVE-2004-0975 (The der_chop script in the openssl package in Trustix Secure Linux 1.5 ...)
 	{DSA-603-1}
 	- openssl 0.9.7e-3
 	NOTE: -1 claimed to include it, but it was missing
-CVE-2004-0974
+CVE-2004-0974 (The netatalk package in Trustix Secure Linux 1.5 through 2.1, and poss ...)
 	- netatalk 1.6.4a-1 (low)
 CVE-2004-0973
 	REJECTED
-CVE-2004-0972
+CVE-2004-0972 (The lvmcreate_initrd script in the lvm package in Trustix Secure Linux ...)
 	{DSA-583-1}
 	- lvm10 1:1.0.8-8
-CVE-2004-0971
+CVE-2004-0971 (The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Sec ...)
 	NOTE: Not shipped in the krb5 binary package
 	- krb5 <unfixed> (bug #278271; unimportant)
 	- arla 0.36.2-11
-CVE-2004-0970
+CVE-2004-0970 (The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as ...)
 	{DSA-588-1}
 	- gzip 1.3.5-8 (bug #259043; bug #257314; medium)
-CVE-2004-0969
+CVE-2004-0969 (The groffer script in the Groff package 1.18 and later versions, as us ...)
 	- groff 1.18.1.1-2
-CVE-2004-0968
+CVE-2004-0968 (The catchsegv script in glibc 2.3.2 and earlier allows local users to  ...)
 	{DSA-636-1}
 	- glibc 2.3.2.ds1-19
-CVE-2004-0967
+CVE-2004-0967 (The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in ...)
 	- gs-common 0.3.6-0.1
 	- gs-gpl 8.56.dfsg.1-1 (bug #291373; unimportant)
 	NOTE: ps2epsi hole present in gs-gpl, but not shipped in binary
-CVE-2004-0966
+CVE-2004-0966 (The (1) autopoint and (2) gettextize scripts in the GNU gettext packag ...)
 	- gettext 0.14.1-6
-CVE-2004-0965
+CVE-2004-0965 (stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified ...)
 	NOT-FOR-US: HP-UX
-CVE-2004-0964
+CVE-2004-0964 (Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for ...)
 	{DSA-587-1}
 	- zinf <not-affected> (According to DSA-587 not affected, as module was rewritten)
 	- freeamp <removed>
-CVE-2004-0963
+CVE-2004-0963 (Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibl ...)
 	NOT-FOR-US: windows
-CVE-2004-0962
+CVE-2004-0962 (Apple Remote Desktop Client 1.2.4 executes a GUI application as root w ...)
 	NOT-FOR-US: Apple Remote Desktop Client
-CVE-2004-0961
+CVE-2004-0961 (Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to caus ...)
 	- freeradius 1.0.1
-CVE-2004-0960
+CVE-2004-0960 (FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of s ...)
 	- freeradius 1.0.1
-CVE-2004-0959
+CVE-2004-0959 (rfc1867.c in PHP before 5.0.2 allows local users to upload files to ar ...)
 	- php4 4:4.3.9
-CVE-2004-0958
+CVE-2004-0958 (php_variables.c in PHP before 5.0.2 allows remote attackers to read se ...)
 	- php4 4:4.3.9
-CVE-2004-0957
+CVE-2004-0957 (Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user  ...)
 	{DSA-707-1}
 	- mysql-dfsg-4.1 4.1.10a-6
 	- mysql-dfsg 4.0.24-5
-CVE-2004-0956
+CVE-2004-0956 (MySQL before 4.0.20 allows remote attackers to cause a denial of servi ...)
 	- mysql-dfsg <not-affected> (Not vulnerable, http://web.archive.org/web/20070529152436/http://www.debian.org/security/nonvulns-sarge)
 CVE-2004-0955
 	REJECTED
 CVE-2004-0954
 	REJECTED
-CVE-2004-0953
+CVE-2004-0953 (Buffer overflow in the C2S module in the open source Jabber 2.x server ...)
 	- jabber <not-affected> (Jabber version 2 is vulnerable, we have an older version that seems not)
-CVE-2004-0952
+CVE-2004-0952 (HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the ad ...)
 	NOT-FOR-US: HP-UX
-CVE-2004-0951
+CVE-2004-0951 (The make_recovery command for the TFTP server in HP Ignite-UX before C ...)
 	NOT-FOR-US: HP-UX
-CVE-2004-0950
+CVE-2004-0950 (NetOp Host before 7.65 build 2004278 allows remote attackers to obtain ...)
 	NOT-FOR-US: NetOp Host
-CVE-2004-0949
+CVE-2004-0949 (The smb_recv_trans2 function call in the samba filesystem (smbfs) in L ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.9)
 CVE-2004-0948
 	REJECTED
-CVE-2004-0947
+CVE-2004-0947 (Buffer overflow in unarj before 2.63a-r2 allows remote attackers to ex ...)
 	{DSA-652-1}
 	NOTE: see http://lwn.net/Alerts/110733/
 	- arj <not-affected> (sarge's unarj is from a different code base, probably not vulnerable)
-CVE-2004-0946
+CVE-2004-0946 (rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit archi ...)
 	- nfs-utils <not-affected> (does not apply per maintainer)
-CVE-2004-0945
+CVE-2004-0945 (The web management interface for Mitel 3300 Integrated Communications  ...)
 	NOT-FOR-US: Mitel 3300 Integrated Communications Platform
-CVE-2004-0944
+CVE-2004-0944 (The web management interface for Mitel 3300 Integrated Communications  ...)
 	NOT-FOR-US: Mitel 3300 Integrated Communications Platform
 CVE-2004-0943
 	REJECTED
-CVE-2004-0942
+CVE-2004-0942 (Apache webserver 2.0.52 and earlier allows remote attackers to cause a ...)
 	- apache2 2.0.52-2
-CVE-2004-0941
+CVE-2004-0941 (Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 an ...)
 	{DSA-602-1 DSA-601-1}
 	- libgd2 2.0.33-1.1
 	- libgd 1.8.4-36.1
-CVE-2004-0940
+CVE-2004-0940 (Buffer overflow in the get_tag function in mod_include for Apache 1.3. ...)
 	{DSA-594-1}
 	- apache 1.3.33-2
-CVE-2004-0939
+CVE-2004-0939 (changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and  ...)
 	NOT-FOR-US: Neoteris Instant Virtual Extranet
-CVE-2004-0938
+CVE-2004-0938 (FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of s ...)
 	- freeradius 1.0.1
-CVE-2004-0937
+CVE-2004-0937 (Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, ...)
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2004-0936
+CVE-2004-0936 (RAV antivirus allows remote attackers to bypass antivirus protection v ...)
 	NOT-FOR-US: RAV antivirus
-CVE-2004-0935
+CVE-2004-0935 (Eset Anti-Virus before 1.020 (16th September 2004) allows remote attac ...)
 	NOT-FOR-US: Eset anti-virus
-CVE-2004-0934
+CVE-2004-0934 (Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus prote ...)
 	NOT-FOR-US: Kaspersky antivirus
-CVE-2004-0933
+CVE-2004-0933 (Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 throug ...)
 	NOT-FOR-US: Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus
-CVE-2004-0932
+CVE-2004-0932 (McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th ...)
 	NOT-FOR-US: McAfee Anti-Virus Engine DATS drivers
-CVE-2004-0931
+CVE-2004-0931 (MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial ...)
 	- maxdb-7.5.00 7.5.00.18
-CVE-2004-0930
+CVE-2004-0930 (The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other ve ...)
 	- samba 3.0.8-1
-CVE-2004-0929
+CVE-2004-0929 (Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg ...)
 	- tiff3g <removed>
-CVE-2004-0928
+CVE-2004-0928 (The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6 ...)
 	NOT-FOR-US: Macromedia
-CVE-2004-0927
+CVE-2004-0927 (ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example se ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0926
+CVE-2004-0926 (Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0925
+CVE-2004-0925 (Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, do ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0924
+CVE-2004-0924 (NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial ro ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0923
+CVE-2004-0923 (CUPS 1.1.20 and earlier records authentication information for a devic ...)
 	{DSA-566-1}
 	- cupsys 1.1.20final+rc1-9
 	- cups 1.1.20final+rc1-9
-CVE-2004-0922
+CVE-2004-0922 (AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, doe ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0921
+CVE-2004-0921 (AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an A ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0920
+CVE-2004-0920 (Symantec Norton AntiVirus 2004, and earlier versions, allows a virus o ...)
 	NOT-FOR-US: norton
-CVE-2004-0919
+CVE-2004-0919 (The syscons CONS_SCRSHOT ioctl in FreeBSD 5.x allows local users to re ...)
 	NOT-FOR-US: FreeBSD
-CVE-2004-0918
+CVE-2004-0918 (The asn_parse_header function (asn1.c) in the SNMP module for Squid We ...)
 	{DSA-576-1}
 	- squid 2.5.7
-CVE-2004-0917
+CVE-2004-0917 (The default installation of Vignette Application Portal installs the d ...)
 	NOT-FOR-US: Vignette Application Portal
-CVE-2004-0916
+CVE-2004-0916 (Directory traversal vulnerability in cabextract before 1.1 allows remo ...)
 	{DSA-574-1}
 	- cabextract 1.1-1
-CVE-2004-0915
+CVE-2004-0915 (Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporti ...)
 	{DSA-605-1}
 	- viewcvs 0.9.2+cvs.1.0.dev.2004.07.28-1.2 (bug #284237)
-CVE-2004-0914
+CVE-2004-0914 (Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in X ...)
 	{DSA-607-1}
 	NOTE: Previous -9 fix had some issues of its own
 	- xfree86 4.3.0.dfsg.1-14 (bug #309143)
@@ -4057,74 +4057,74 @@ CVE-2004-0914
 	- lesstif2 1:0.93.94-11.2
 	- openmotif 2.2.3-1.1 (bug #309819; medium)
 	[sarge] - openmotif <no-dsa> (Non-free)
-CVE-2004-0913
+CVE-2004-0913 (Unknown vulnerability in ecartis 0.x before 0.129a+1.0.0-snap20020514- ...)
 	{DSA-572-1}
 	- ecartis 1.0.0+cvs.20030911-8
 CVE-2004-0912
 	RESERVED
-CVE-2004-0911
+CVE-2004-0911 (telnetd for netkit 0.17 and earlier, and possibly other versions, on D ...)
 	{DSA-569-1 DSA-556-1}
 	- netkit-telnet-ssl 0.17.24+0.1-4
 	- netkit-telnet 0.17-26
 CVE-2004-0910
 	REJECTED
-CVE-2004-0909
+CVE-2004-0909 (Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and  ...)
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0908
+CVE-2004-0908 (Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and  ...)
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0907
+CVE-2004-0907 (The Linux install .tar.gz archives for Mozilla Firefox before the Prev ...)
 	- mozilla-firefox <not-affected> (non-Debian packaging issue)
-CVE-2004-0906
+CVE-2004-0906 (The XPInstall installer in Mozilla Firefox before the Preview Release, ...)
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0905
+CVE-2004-0905 (Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and  ...)
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0904
+CVE-2004-0904 (Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox befor ...)
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0903
+CVE-2004-0903 (Stack-based buffer overflow in the writeGroup function in nsVCardObj.c ...)
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0902
+CVE-2004-0902 (Multiple heap-based buffer overflows in Mozilla Firefox before the Pre ...)
 	- mozilla-firefox 0.10.1+1.0PR
 	- mozilla 2:1.7.3
 	- mozilla-thunderbird 0.8
-CVE-2004-0901
+CVE-2004-0901 (Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in Wo ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0900
+CVE-2004-0900 (The DHCP Server service for Microsoft Windows NT 4.0 Server and Termin ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0899
+CVE-2004-0899 (The DHCP Server service for Microsoft Windows NT 4.0 Server and Termin ...)
 	NOT-FOR-US: Microsoft
 CVE-2004-0898
 	RESERVED
-CVE-2004-0897
+CVE-2004-0897 (The Indexing Service for Microsoft Windows XP and Server 2003 does not ...)
 	NOT-FOR-US: Windows
 CVE-2004-0896
 	RESERVED
 CVE-2004-0895
 	RESERVED
-CVE-2004-0894
+CVE-2004-0894 (LSASS (Local Security Authority Subsystem Service) of Windows 2000 Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0893
+CVE-2004-0893 (The Local Procedure Call (LPC) interface of the Windows Kernel for Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0892
+CVE-2004-0892 (Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is inc ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0891
+CVE-2004-0891 (Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 all ...)
 	- gaim 1:1.0.2
 CVE-2004-0890
 	REJECTED
-CVE-2004-0889
+CVE-2004-0889 (Multiple integer overflows in xpdf 3.0, and other packages that use xp ...)
 	- xpdf 3.00-10 (medium)
-CVE-2004-0888
+CVE-2004-0888 (Multiple integer overflows in xpdf 2.0 and 3.0, and other packages tha ...)
 	{DSA-599-1 DSA-581-1 DSA-573-1}
 	- koffice 1:1.3.4-1
 	- tetex-bin 2.0.2-23
@@ -4136,34 +4136,34 @@ CVE-2004-0888
 	NOTE: cupsys switched to an xpdf-utils wrapper in version 1.1.22-6.
 	NOTE: In version 1.1.20final+rc1-10, the dormant code in the source
 	NOTE: package was fixed.
-CVE-2004-0887
+CVE-2004-0887 (SUSE Linux Enterprise Server 9 on the S/390 platform does not properly ...)
 	{DSA-1018-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.6.8 2.6.8-10
-CVE-2004-0886
+CVE-2004-0886 (Multiple integer overflows in libtiff 3.6.1 and earlier allow remote a ...)
 	{DSA-567-1}
 	- kdegraphics 3.3.2-1
 	- tiff 3.6.1-2
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2004-0885
+CVE-2004-0885 (The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SS ...)
 	- apache2 2.0.52-2
 	- libapache-mod-ssl 2.8.20-1
-CVE-2004-0884
+CVE-2004-0884 (The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and ea ...)
 	{DSA-568-1 DSA-563-3}
 	- cyrus-sasl <removed>
 	- cyrus-sasl2 2.1.19-1.3 (bug #275431; bug #276865; bug #275432; bug #275553)
-CVE-2004-0883
+CVE-2004-0883 (Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kern ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive, 2.6.10)
 	- kernel-source-2.4.27 2.4.27-6
 	[sarge] - kernel-source-2.6.8 2.6.8-13
-CVE-2004-0882
+CVE-2004-0882 (Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x th ...)
 	NOTE: details http://security.e-matters.de/advisories/132004.html
 	- samba 3.0.7
-CVE-2004-0881
+CVE-2004-0881 (getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as ...)
 	{DSA-553-1}
 	- getmail 3.2.5-1
-CVE-2004-0880
+CVE-2004-0880 (getmail 4.x before 4.2.0, when run as root, allows local users to over ...)
 	{DSA-553-1}
 	- getmail 3.2.5-1
 CVE-2004-0879
@@ -4174,31 +4174,31 @@ CVE-2004-0877
 	RESERVED
 CVE-2004-0876
 	RESERVED
-CVE-2004-0875
+CVE-2004-0875 (Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware (a ...)
 	- phpgroupware 0.9.16.002
 CVE-2004-0874
 	REJECTED
-CVE-2004-0873
+CVE-2004-0873 (Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execu ...)
 	NOT-FOR-US: apple
-CVE-2004-0872
+CVE-2004-0872 (Opera does not prevent cookies that are sent over an insecure channel  ...)
 	NOT-FOR-US: Opera
-CVE-2004-0871
+CVE-2004-0871 (Mozilla does not prevent cookies that are sent over an insecure channe ...)
 	NOTE: upstream knows about the problem, no fix expected
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=252342
 	NOTE: http://www.securitytracker.com/alerts/2004/Sep/1011331.html
 	NOTE: fix doesn't look likely any time soon
-CVE-2004-0870
+CVE-2004-0870 (KDE Konqueror does not prevent cookies that are sent over an insecure  ...)
 	NOTE: upstream knows about the problem, no fix expected
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=252342
 	NOTE: http://www.securitytracker.com/alerts/2004/Sep/1011331.html
 	NOTE: fix doesn't look likely any time soon
-CVE-2004-0869
+CVE-2004-0869 (Internet Explorer does not prevent cookies that are sent over an insec ...)
 	NOT-FOR-US: MSIE
 CVE-2004-0868
 	REJECTED
-CVE-2004-0867
+CVE-2004-0867 (Mozilla Firefox 0.9.2 allows web sites to set cookies for country-spec ...)
 	- mozilla-firefox 0.9.3
-CVE-2004-0866
+CVE-2004-0866 (Internet Explorer 6.0 allows web sites to set cookies for country-spec ...)
 	NOT-FOR-US: MSIE
 CVE-2004-0865
 	RESERVED
@@ -4226,334 +4226,334 @@ CVE-2004-0854
 	REJECTED
 CVE-2004-0853
 	REJECTED
-CVE-2004-0852
+CVE-2004-0852 (Buffer overflow in htget 0.93 allows remote attackers to execute arbit ...)
 	{DSA-611-1}
 	- htget <removed>
-CVE-2004-0851
+CVE-2004-0851 (The (1) write_list and (2) dump_curr_list functions in Net-Acct before ...)
 	{DSA-559-1}
 	- net-acct 0.71-7
-CVE-2004-0850
+CVE-2004-0850 (Star before 1.5_alpha46 does not drop the effective user ID (euid) bef ...)
 	- star 1.5a46
-CVE-2004-0849
+CVE-2004-0849 (Integer overflow in the asn_decode_string() function defined in asn1.c ...)
 	NOT-FOR-US: GNU Radius
-CVE-2004-0848
+CVE-2004-0848 (Buffer overflow in Microsoft Office XP allows remote attackers to exec ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0847
+CVE-2004-0847 (The Microsoft .NET forms authentication capability for ASP.NET allows  ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0846
+CVE-2004-0846 (Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0845
+CVE-2004-0845 (Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0844
+CVE-2004-0844 (Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0843
+CVE-2004-0843 (Internet Explorer 5.5 and 6 does not properly handle plug-in navigatio ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0842
+CVE-2004-0842 (Internet Explorer 6.0 SP1 and earlier, and possibly other versions, al ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0841
+CVE-2004-0841 (Internet Explorer 6.x allows remote attackers to install arbitrary pro ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0840
+CVE-2004-0840 (The SMTP (Simple Mail Transfer Protocol) component of Microsoft Window ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0839
+CVE-2004-0839 (Internet Explorer in Windows XP SP2, and other versions including 5.01 ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0837
+CVE-2004-0837 (MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to c ...)
 	{DSA-562-2}
 	- mysql <removed>
-CVE-2004-0836
+CVE-2004-0836 (Buffer overflow in the mysql_real_connect function in MySQL 4.x before ...)
 	{DSA-562-2}
 	- mysql <removed>
-CVE-2004-0835
+CVE-2004-0835 (MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5 ...)
 	{DSA-562-2}
 	- mysql <removed>
-CVE-2004-0834
+CVE-2004-0834 (Format string vulnerability in Speedtouch USB driver before 1.3.1 allo ...)
 	- speedtouch 1.3.1
-CVE-2004-0833
+CVE-2004-0833 (Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-b ...)
 	{DSA-554-1}
 	- sendmail 8.13.1-13
-CVE-2004-0832
+CVE-2004-0832 (The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2 ...)
 	- squid 2.5.6-8
-CVE-2004-0831
+CVE-2004-0831 (McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing ...)
 	NOT-FOR-US: McAfee
-CVE-2004-0830
+CVE-2004-0830 (The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchan ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0829
+CVE-2004-0829 (smbd in Samba before 2.2.11 allows remote attackers to cause a denial  ...)
 	- samba 2.2.11
-CVE-2004-0828
+CVE-2004-0828 (The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and  ...)
 	NOTE: not-fos-us (AIX)
-CVE-2004-0827
+CVE-2004-0827 (Multiple buffer overflows in the ImageMagick graphics library 5.x befo ...)
 	{DSA-547-1}
 	- imagemagick 5:6.0.7.1-1
-CVE-2004-0826
+CVE-2004-0826 (Heap-based buffer overflow in Netscape Network Security Services (NSS) ...)
 	NOT-FOR-US: netscape NSS
-CVE-2004-0825
+CVE-2004-0825 (QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3 ...)
 	NOT-FOR-US: Apple
-CVE-2004-0824
+CVE-2004-0824 (PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to ove ...)
 	NOT-FOR-US: Apple
-CVE-2004-0823
+CVE-2004-0823 (OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 ...)
 	NOT-FOR-US: Apple
-CVE-2004-0822
+CVE-2004-0822 (Buffer overflow in The Core Foundation framework (CoreFoundation.frame ...)
 	NOT-FOR-US: Apple
-CVE-2004-0821
+CVE-2004-0821 (The CFPlugIn in Core Foundation framework in Mac OS X allows user supp ...)
 	NOT-FOR-US: Apple
-CVE-2004-0820
+CVE-2004-0820 (Winamp before 5.0.4 allows remote attackers to execute arbitrary scrip ...)
 	NOT-FOR-US: winamp
-CVE-2004-0819
+CVE-2004-0819 (The bridge functionality in OpenBSD 3.4 and 3.5, when running a gatewa ...)
 	NOT-FOR-US: openbsd
 CVE-2004-0818
 	REJECTED
-CVE-2004-0817
+CVE-2004-0817 (Multiple heap-based buffer overflows in the imlib BMP image handler al ...)
 	{DSA-548-2}
 	- imlib+png2 1.9.14-16.2
 	- imlib 1.9.14-17 (bug #285025)
-CVE-2004-0816
+CVE-2004-0816 (Integer underflow in the firewall logging rules for iptables in Linux  ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.8)
 	- kernel-source-2.4.27 <not-affected> (2.6 specific issue)
-CVE-2004-0815
+CVE-2004-0815 (The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x  ...)
 	{DSA-600-1}
 	- samba 3.0.6-1 (bug #274342)
-CVE-2004-0814
+CVE-2004-0814 (Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6 ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.9)
 	[sarge] - kernel-source-2.6.8 2.6.8-8
 	- kernel-source-2.4.27 2.4.27-7
-CVE-2004-0813
+CVE-2004-0813 (Unknown vulnerability in the SG_IO functionality in ide-cd allows loca ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive, 2.6.10)
 	- kernel-source-2.4.27 <not-affected> (Only an issue with botched permissions)
-CVE-2004-0812
+CVE-2004-0812 (Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AM ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive, 2.6.0-test10)
 	- kernel-source-2.4.27 <not-affected> (2.4 not support for amd64)
-CVE-2004-0811
+CVE-2004-0811 (Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Sa ...)
 	- apache2 2.0.52
-CVE-2004-0810
+CVE-2004-0810 (Buffer overflow in Netopia Timbuktu 7.0.3 allows remote attackers to c ...)
 	NOT-FOR-US: Netopia Timbuktu
-CVE-2004-0809
+CVE-2004-0809 (The mod_dav module in Apache 2.0.50 and earlier allows remote attacker ...)
 	{DSA-558-1}
 	- apache2 2.0.51-1
 	- libapache-mod-dav 1.0.3-10
-CVE-2004-0808
+CVE-2004-0808 (The process_logon_packet function in the nmbd server for Samba 3.0.6 a ...)
 	- samba 3.0.7
-CVE-2004-0807
+CVE-2004-0807 (Samba 3.0.6 and earlier allows remote attackers to cause a denial of s ...)
 	- samba 3.0.7
-CVE-2004-0806
+CVE-2004-0806 (cdrecord in the cdrtools package before 2.01, when installed setuid ro ...)
 	- cdrtools 4:2.0+a34-2
-CVE-2004-0805
+CVE-2004-0805 (Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s  ...)
 	{DSA-564-1}
 	- mpg123 0.59r-16
 	- mp3gain 1.5.2-r2-6 (low)
 	[wheezy] - mp3gain 1.5.2-r2-2+deb7u1
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
-CVE-2004-0804
+CVE-2004-0804 (Vulnerability in tif_dirread.c for libtiff allows remote attackers to  ...)
 	{DSA-567-1}
 	- kdegraphics 3.3.2-1
 	- tiff 3.6.1-2
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2004-0803
+CVE-2004-0803 (Multiple vulnerabilities in the RLE (run length encoding) decoders for ...)
 	{DSA-567-1}
 	- kdegraphics 3.3.2-1
 	- tiff 3.6.1-2
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2004-0802
+CVE-2004-0802 (Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote ...)
 	{DSA-552-1}
 	- imlib2 1.1.0-12.4
-CVE-2004-0801
+CVE-2004-0801 (Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows  ...)
 	- foomatic-filters 3.0.2
-CVE-2004-0800
+CVE-2004-0800 (Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9  ...)
 	NOT-FOR-US: Solaris
-CVE-2004-0799
+CVE-2004-0799 (The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows ...)
 	NOT-FOR-US: Ipswitch WhatsUp Gold
-CVE-2004-0798
+CVE-2004-0798 (Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gol ...)
 	NOT-FOR-US: Ipswitch WhatsUp Gold
-CVE-2004-0797
+CVE-2004-0797 (The error handling in the (1) inflate and (2) inflateBack functions in ...)
 	- zlib 1:1.2.1.1-6
 	[woody] - zlib <not-affected> (zlib 1.1 is not affected)
-CVE-2004-0796
+CVE-2004-0796 (SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to ca ...)
 	- spamassassin 2.64
-CVE-2004-0795
+CVE-2004-0795 (DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe  ...)
 	NOT-FOR-US: IBM DB2 DB2RCMD.EXE
-CVE-2004-0794
+CVE-2004-0794 (Multiple signal handler race conditions in lukemftpd (aka tnftpd befor ...)
 	{DSA-551-1}
 	- lukemftpd 1.1-2.2 (bug #266370)
-CVE-2004-0793
+CVE-2004-0793 (The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop  ...)
 	- bsdmainutils 6.0.15
-CVE-2004-0792
+CVE-2004-0792 (Directory traversal vulnerability in the sanitize_path function in uti ...)
 	{DSA-538}
 	- rsync 2.6.2-3
-CVE-2004-0791
+CVE-2004-0791 (Multiple TCP/IP and ICMP implementations allow remote attackers to cau ...)
 	- kernel-source-2.4.27 <not-affected> (Kernel verifies the TCP sequence nr. on errors, will never abort)
 	- linux-2.6 <not-affected> (Kernel verifies the TCP sequence nr. on errors, will never abort)
-CVE-2004-0790
+CVE-2004-0790 (Multiple TCP/IP and ICMP implementations allow remote attackers to cau ...)
 	- kernel-source-2.6.8 2.6.8-16 (bug #305664)
 	- kernel-source-2.4.27 2.4.27-10 (bug #305664)
-CVE-2004-0789
+CVE-2004-0789 (Multiple implementations of the DNS protocol, including (1) Poslib 1.0 ...)
 	NOT-FOR-US: DNS impleementations not in Debian
-CVE-2004-0788
+CVE-2004-0788 (Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0. ...)
 	{DSA-549-1 DSA-546-1}
 	- gtk+2.0 2.4.9-2
 	- gdk-pixbuf 0.22.0-7
-CVE-2004-0787
+CVE-2004-0787 (Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA ...)
 	NOT-FOR-US: OpenCA
-CVE-2004-0786
+CVE-2004-0786 (The IPv6 URI parsing routines in the apr-util library for Apache 2.0.5 ...)
 	- apache <not-affected>	(not vulnerable according to http://web.archive.org/web/20070529152436/http://www.debian.org/security/nonvulns-sarge)
 	- apache2 2.0.51
-CVE-2004-0785
+CVE-2004-0785 (Multiple buffer overflows in Gaim before 0.82 allow remote attackers t ...)
 	- gaim 1:0.82
-CVE-2004-0784
+CVE-2004-0784 (The smiley theme functionality in Gaim before 0.82 allows remote attac ...)
 	- gaim 1:0.82
-CVE-2004-0783
+CVE-2004-0783 (Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM ...)
 	{DSA-549-1}
 	- gtk+2.0 2.4.9-2
-CVE-2004-0782
+CVE-2004-0782 (Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image ...)
 	{DSA-549-1 DSA-546-1}
 	- gtk+2.0 2.4.9-2
 	- gdk-pixbuf 0.22.0-7
-CVE-2004-0781
+CVE-2004-0781 (Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast in ...)
 	{DSA-541}
 	- icecast-server 1:1.3.12-8
-CVE-2004-0780
+CVE-2004-0780 (Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to ...)
 	NOT-FOR-US: Solaris
-CVE-2004-0779
+CVE-2004-0779 (The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers ...)
 	- mozilla 2:1.7
 	- mozilla-firefox 0.9
-CVE-2004-0778
+CVE-2004-0778 (CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote att ...)
 	- cvs 1:1.12.9
-CVE-2004-0777
+CVE-2004-0777 (Format string vulnerability in the auth_debug function in Courier-IMAP ...)
 	- courier 0.45.6-1 (medium; bug #266723)
 	NOTE: 0.45.6-1 is the first upload after the debug stuff rewrite
 	NOTE: mentioned in the bug report.
 CVE-2004-0776
 	RESERVED
-CVE-2004-0775
+CVE-2004-0775 (Buffer overflow in WIDCOMM Bluetooth Connectivity Software, as used in ...)
 	NOT-FOR-US: Windows
-CVE-2004-0774
+CVE-2004-0774 (RealNetworks Helix Universal Server 9.0.2 for Linux and 9.0.3 for Wind ...)
 	NOT-FOR-US: Real Helix server
 CVE-2004-0773
 	RESERVED
-CVE-2004-0772
+CVE-2004-0772 (Double free vulnerabilities in error handling code in krb524d for MIT  ...)
 	{DSA-543-1}
 	- krb5 1.3.4-3
-CVE-2004-0771
+CVE-2004-0771 (Buffer overflow in the extract_one function from lhext.c in LHA may al ...)
 	- lha 1.14i-9 (bug #279870)
-CVE-2004-0770
+CVE-2004-0770 (romload.c in DGen Emulator 1.23 and earlier allows local users to over ...)
 	- dgen 1.23-6
-CVE-2004-0769
+CVE-2004-0769 (Buffer overflow in LHA allows remote attackers to execute arbitrary co ...)
 	- lha 1.14i-9 (bug #279870)
-CVE-2004-0768
+CVE-2004-0768 (libpng 1.2.5 and earlier does not properly calculate certain buffer of ...)
 	{DSA-536}
 	- libpng 1.0.15-6
 	- libpng3 1.2.5.0-7
-CVE-2004-0767
+CVE-2004-0767 (NGSEC StackDefender 1.10 allows attackers to cause a denial of service ...)
 	NOT-FOR-US: NGSEC StackDefender
-CVE-2004-0766
+CVE-2004-0766 (NGSEC StackDefender 2.0 allows attackers to cause a denial of service  ...)
 	NOT-FOR-US: NGSEC StackDefender
-CVE-2004-0765
+CVE-2004-0765 (The cert_TestHostName function in Mozilla before 1.7, Firefox before 0 ...)
 	- mozilla 2:1.7
 	- mozilla-firefox 0.9
-CVE-2004-0764
+CVE-2004-0764 (Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, al ...)
 	- mozilla 2:1.7
 	- mozilla-firefox 0.9
-CVE-2004-0763
+CVE-2004-0763 (Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certi ...)
 	- mozilla-firefox 0.9.3
-CVE-2004-0762
+CVE-2004-0762 (Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, al ...)
 	- mozilla 2:1.7
 	- mozilla-firefox 0.9
-CVE-2004-0761
+CVE-2004-0761 (Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, al ...)
 	- mozilla 2:1.7
 	- mozilla-firefox 0.9
-CVE-2004-0760
+CVE-2004-0760 (Mozilla allows remote attackers to cause Mozilla to open a URI as a di ...)
 	- mozilla 2:1.7.2
 	- mozilla-firefox 0.9.3
-CVE-2004-0759
+CVE-2004-0759 (Mozilla before 1.7 allows remote web servers to read arbitrary files v ...)
 	- mozilla 2:1.7
-CVE-2004-0758
+CVE-2004-0758 (Mozilla 1.5 through 1.7 allows a CA certificate to be imported even wh ...)
 	- mozilla 2:1.7.2
 	- mozilla-firefox 0.9.3
-CVE-2004-0757
+CVE-2004-0757 (Heap-based buffer overflow in the SendUidl in the POP3 capability for  ...)
 	- mozilla 2:1.7
 	- mozilla-firefox 0.9
 CVE-2004-0756
 	REJECTED
-CVE-2004-0755
+CVE-2004-0755 (The FileStore capability in CGI::Session for Ruby before 1.8.1, and po ...)
 	{DSA-537}
 	- ruby1.8 1.8.1+1.8.2pre1-4
 	- ruby <removed>
-CVE-2004-0754
+CVE-2004-0754 (Integer overflow in Gaim before 0.82 allows remote attackers to cause  ...)
 	- gaim 1:0.82.1-1
-CVE-2004-0753
+CVE-2004-0753 (The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 be ...)
 	{DSA-546-1}
 	- gdk-pixbuf 0.22.0-7
-CVE-2004-0752
+CVE-2004-0752 (OpenOffice (OOo) 1.1.2 creates predictable directory names with insecu ...)
 	- openoffice.org 1.1.2-4
-CVE-2004-0751
+CVE-2004-0751 (The char_buffer_read function in the mod_ssl module for Apache 2.x, wh ...)
 	- apache2 2.0.50-11
-CVE-2004-0750
+CVE-2004-0750 (Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares  ...)
 	NOT-FOR-US: Red Hat specific
-CVE-2004-0749
+CVE-2004-0749 (The mod_authz_svn module in Subversion 1.0.7 and earlier does not prop ...)
 	- subversion 1.0.9-2
-CVE-2004-0748
+CVE-2004-0748 (mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause  ...)
 	- apache2 2.0.51
-CVE-2004-0747
+CVE-2004-0747 (Buffer overflow in Apache 2.0.50 and earlier allows local users to gai ...)
 	[sarge] - apache2 <not-affected>
 	- apache2 2.0.51
-CVE-2004-0746
+CVE-2004-0746 (Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for ...)
 	[sarge] - kdelibs 4:3.2.3-3.sarge.1
 	- kdelibs 4:3.3
-CVE-2004-0745
+CVE-2004-0745 (LHA 1.14 and earlier allows attackers to execute arbitrary commands vi ...)
 	- lha 1.14i-10 (bug #279870)
-CVE-2004-0744
+CVE-2004-0744 (The TCP/IP Networking component in Mac OS X before 10.3.5 allows remot ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0743
+CVE-2004-0743 (Safari in Mac OS X before 10.3.5, after sending form data using the PO ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0742
+CVE-2004-0742 (Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote aut ...)
 	NOT-FOR-US: Sun Java System Portal Server
-CVE-2004-0741
+CVE-2004-0741 (LionMax Software WWW File Share Pro 2.60 allows remote attackers to ca ...)
 	NOT-FOR-US: LionMax Software WWW File Share Pro
-CVE-2004-0740
+CVE-2004-0740 (The HTTP server in Lexmark T522 and possibly other models allows remot ...)
 	NOT-FOR-US: Lexmark
-CVE-2004-0739
+CVE-2004-0739 (Buffer overflow in Whisper FTP Surfer 1.0.7 allows remote FTP servers  ...)
 	NOT-FOR-US: Whisper FTP Surfer
-CVE-2004-0738
+CVE-2004-0738 (Multiple SQL injection vulnerabilities in the Search module in Php-Nuk ...)
 	NOT-FOR-US: phpnuke
-CVE-2004-0737
+CVE-2004-0737 (Multiple cross-site scripting vulnerabilities in index.php in the Sear ...)
 	NOT-FOR-US: phpnuke
-CVE-2004-0736
+CVE-2004-0736 (The search module in Php-Nuke allows remote attackers to gain sensitiv ...)
 	NOT-FOR-US: phpnuke
-CVE-2004-0735
+CVE-2004-0735 (Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlie ...)
 	NOT-FOR-US: various windows games
-CVE-2004-0734
+CVE-2004-0734 (Web_Store.cgi allows remote attackers to execute arbitrary commands vi ...)
 	NOT-FOR-US: Web_Store.cgi
-CVE-2004-0733
+CVE-2004-0733 (Format string vulnerability in OllyDbg 1.10 allows remote attackers to ...)
 	NOT-FOR-US: OllyDbg
-CVE-2004-0732
+CVE-2004-0732 (SQL injection vulnerability in index.php in the Search module for Php- ...)
 	NOT-FOR-US: phpnuke
-CVE-2004-0731
+CVE-2004-0731 (Cross-site scripting (XSS) vulnerability in index.php in the Search mo ...)
 	NOT-FOR-US: phpnuke
-CVE-2004-0730
+CVE-2004-0730 (Multiple cross-site scripting (XSS) vulnerabilities in PhpBB 2.0.8 all ...)
 	- phpbb2 2.0.10
-CVE-2004-0729
+CVE-2004-0729 (PhpBB 2.0.8 allows remote attackers to gain sensitive information via  ...)
 	- phpbb2 2.0.10
-CVE-2004-0728
+CVE-2004-0728 (The Remote Control Client service in Microsoft's Systems Management Se ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0727
+CVE-2004-0727 (Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0726
+CVE-2004-0726 (The Windows Media Player control in Microsoft Windows 2000 allows remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0725
+CVE-2004-0725 (Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 a ...)
 	- moodle 1.4
-CVE-2004-0724
+CVE-2004-0724 (The Half-Life engine before July 7 2004 allows remote attackers to cau ...)
 	NOT-FOR-US: Half Life
-CVE-2004-0723
+CVE-2004-0723 (Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0722
+CVE-2004-0722 (Integer overflow in the SOAPParameter object constructor in (1) Netsca ...)
 	- mozilla 2:1.6
-CVE-2004-0721
+CVE-2004-0721 (Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly  ...)
 	[sarge] - kdebase 4:3.2.3-1.sarge.1
 	[sarge] - kdelibs 4:3.2.3-3.sarge.1
 	- kdelibs 4:3.3.0-1
 	- kdebase 4:3.3.0-1
-CVE-2004-0720
+CVE-2004-0720 (Safari 1.2.2 does not properly prevent a frame in one domain from inje ...)
 	NOT-FOR-US: Safari
-CVE-2004-0719
+CVE-2004-0719 (Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, an ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0718
+CVE-2004-0718 (The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netsca ...)
 	{DSA-810-1 DSA-777-1 DSA-775-1 DTSA-7-1 DTSA-8-2 DTSA-14-1}
 	NOTE: This has been fixed in mozilla-firefox 0.8 and mozilla 1.6, but recent
 	NOTE: upstream versions became vulnerable again, see
@@ -4561,80 +4561,80 @@ CVE-2004-0718
 	NOTE: and were fixed again, it got CVE-2005-1937 for the reversion
 	- mozilla 2:1.7.10-1 (medium)
 	- mozilla-firefox 1.0.6-1 (medium)
-CVE-2004-0717
+CVE-2004-0717 (Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a  ...)
 	NOT-FOR-US: opera 7.50
-CVE-2004-0716
+CVE-2004-0716 (Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper ( ...)
 	NOT-FOR-US: HP-UX
-CVE-2004-0715
+CVE-2004-0715 (The WebLogic Authentication provider for BEA WebLogic Server and WebLo ...)
 	NOT-FOR-US: BEA WebLogic Server and WebLogic Express
-CVE-2004-0714
+CVE-2004-0714 (Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts ...)
 	NOT-FOR-US: Cisco
-CVE-2004-0713
+CVE-2004-0713 (The remove method in a stateful Enterprise JavaBean (EJB) in BEA WebLo ...)
 	NOT-FOR-US: BEA WebLogic Server and WebLogic Express
-CVE-2004-0712
+CVE-2004-0712 (The configuration tools (1) config.sh in Unix or (2) config.cmd in Win ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2004-0711
+CVE-2004-0711 (The URL pattern matching feature in BEA WebLogic Server 6.x matches il ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2004-0710
+CVE-2004-0710 (IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series  ...)
 	NOT-FOR-US: Cisco
-CVE-2004-0709
+CVE-2004-0709 (HP OpenView Select Access 5.0 through 6.0 does not correctly decode UT ...)
 	NOT-FOR-US: HP OpenView Select Access
-CVE-2004-0708
+CVE-2004-0708 (MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges  ...)
 	- moin 1.2.2
-CVE-2004-0707
+CVE-2004-0707 (SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before ...)
 	- bugzilla 2.16.7-0.1
-CVE-2004-0706
+CVE-2004-0706 (Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, wh ...)
 	[woody] - bugzilla <not-affected> (Only 2.17.* versions are vulnerable)
 	[sarge] - bugzilla <not-affected> (Only 2.17.* versions are vulnerable)
 	- bugzilla 2.18-1
-CVE-2004-0705
+CVE-2004-0705 (Multiple cross-site scripting (XSS) vulnerabilities in (1) editcompone ...)
 	- bugzilla 2.16.7-0.1
-CVE-2004-0704
+CVE-2004-0704 (Unknown vulnerability in (1) duplicates.cgi and (2) buglist.cgi in Bug ...)
 	- bugzilla 2.16.7-0.1
-CVE-2004-0703
+CVE-2004-0703 (Unknown vulnerability in the administrative controls in Bugzilla 2.17. ...)
 	[woody] - bugzilla <not-affected> (Only 2.17.* versions are vulnerable)
 	[sarge] - bugzilla <not-affected> (Only 2.17.* versions are vulnerable)
 	- bugzilla 2.18-1
-CVE-2004-0702
+CVE-2004-0702 (DBI in Bugzilla 2.17.1 through 2.17.7 displays the database password i ...)
 	[woody] - bugzilla <not-affected> (Only 2.17.* versions are vulnerable)
 	[sarge] - bugzilla <not-affected> (Only 2.17.* versions are vulnerable)
 	- bugzilla 2.18-1
-CVE-2004-0701
+CVE-2004-0701 (Sun Ray Server Software (SRSS) 1.3 and 2.0 for Solaris 2.6, 7 and 8 do ...)
 	NOT-FOR-US: Solaris
-CVE-2004-0700
+CVE-2004-0700 (Format string vulnerability in the mod_proxy hook functions function i ...)
 	{DSA-532}
 	- libapache-mod-ssl 2.8.19-1
-CVE-2004-0699
+CVE-2004-0699 (Heap-based buffer overflow in ASN.1 decoding library in Check Point VP ...)
 	NOT-FOR-US: Check Point VPN
-CVE-2004-0698
+CVE-2004-0698 (4D WebSTAR 5.3.2 and earlier allows local users to read and modify arb ...)
 	NOT-FOR-US: WebSTAR
-CVE-2004-0697
+CVE-2004-0697 (Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote at ...)
 	NOT-FOR-US: WebSTAR
-CVE-2004-0696
+CVE-2004-0696 (The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows rem ...)
 	NOT-FOR-US: WebSTAR
-CVE-2004-0695
+CVE-2004-0695 (Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 an ...)
 	NOT-FOR-US: WebSTAR
-CVE-2004-0694
+CVE-2004-0694 (Buffer overflow in LHA 1.14 and earlier allows remote attackers to cau ...)
 	- lha 1.14i-10 (bug #279870)
-CVE-2004-0693
+CVE-2004-0693 (The GIF parser in the QT library (qt3) before 3.3.3 allows remote atta ...)
 	{DSA-542-1}
 	- qt-x11-free 3:3.3.3-4
 	- qt-copy <removed>
-CVE-2004-0692
+CVE-2004-0692 (The XPM parser in the QT library (qt3) before 3.3.3 allows remote atta ...)
 	{DSA-542-1}
 	- qt-x11-free 3:3.3.3-4
 	- qt-copy <removed>
-CVE-2004-0691
+CVE-2004-0691 (Heap-based buffer overflow in the BMP image format parser for the QT l ...)
 	{DSA-542-1}
 	- qt-x11-free 3:3.3.3-4
 	- qt-copy <removed>
-CVE-2004-0690
+CVE-2004-0690 (The DCOPServer in KDE 3.2.3 and earlier allows local users to gain una ...)
 	[sarge] - kdelibs 4:3.2.3-3.sarge.1
 	- kdelibs 4:3.3.0-1
-CVE-2004-0689
+CVE-2004-0689 (KDE before 3.3.0 does not properly handle when certain symbolic links  ...)
 	{DSA-539}
 	- kdelibs 4:3.3.0-1
-CVE-2004-0688
+CVE-2004-0688 (Multiple integer overflows in (1) the xpmParseColors function in parse ...)
 	{DSA-561-1 DSA-560-1}
 	NOTE: Matej Vela has checked that these are backported to lesstif1 as well
 	- lesstif1-1 1:0.93.94-10
@@ -4642,7 +4642,7 @@ CVE-2004-0688
 	[sarge] - openmotif <no-dsa> (Non-free)
 	- xfree86 4.3.0.dfsg.1-8
 	- xorg-x11 <not-affected> (Fixed before introduction into archive)
-CVE-2004-0687
+CVE-2004-0687 (Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c ...)
 	{DSA-561-1 DSA-560-1}
 	NOTE: Matej Vela has checked that these are backported to lesstif1 as well
 	- lesstif1-1 1:0.93.94-10
@@ -4650,572 +4650,572 @@ CVE-2004-0687
 	[sarge] - openmotif <no-dsa> (Non-free)
 	- xfree86 4.3.0.dfsg.1-8
 	- xorg-x11 <not-affected> (Fixed before introduction into archive)
-CVE-2004-0686
+CVE-2004-0686 (Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the  ...)
 	- samba 3.0.5 (bug #260839; bug #260838)
-CVE-2004-0685
+CVE-2004-0685 (Certain USB drivers in the Linux 2.4 kernel use the copy_to_user funct ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- kernel-source-2.4.27 2.4.27-1
-CVE-2004-0684
+CVE-2004-0684 (WebSphere Edge Component Caching Proxy in WebSphere Edge Server 5.02,  ...)
 	NOT-FOR-US: WebSphere Edge Server
-CVE-2004-0683
+CVE-2004-0683 (Symantec Norton AntiVirus 2002 and 2003 allows remote attackers to cau ...)
 	NOT-FOR-US: Norton
-CVE-2004-0682
+CVE-2004-0682 (comersus_gatewayPayPal.asp in Comersus Cart 5.09, and possibly other v ...)
 	NOT-FOR-US: Comersus Cart
-CVE-2004-0681
+CVE-2004-0681 (Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_cu ...)
 	NOT-FOR-US: Comersus Cart
-CVE-2004-0680
+CVE-2004-0680 (Zoom X3 ADSL modem has a terminal running on port 254 that can be acce ...)
 	NOT-FOR-US: Zoom DSL modem
-CVE-2004-0679
+CVE-2004-0679 (The IP cloaking feature (cloak.c) in UnrealIRCd 3.2, and possibly othe ...)
 	NOT-FOR-US: UnrealIRCd
-CVE-2004-0678
+CVE-2004-0678 (Cross-site scripting (XSS) in one2planet.infolet.InfoServlet in 12Plan ...)
 	NOT-FOR-US: 12Planet Chat Server
-CVE-2004-0677
+CVE-2004-0677 (Fastream NETFile FTP Server 6.7.2.1085 and earlier allows remote attac ...)
 	NOT-FOR-US: Fastream NETFile FTP Server
-CVE-2004-0676
+CVE-2004-0676 (Directory traversal vulnerability in Fastream NETFile FTP/Web Server 6 ...)
 	NOT-FOR-US: Fastream NETFile FTP Server
-CVE-2004-0675
+CVE-2004-0675 (Cross-site scripting (XSS) vulnerability in (1) cart32.exe or (2) c32w ...)
 	NOT-FOR-US: c32web.exe
-CVE-2004-0674
+CVE-2004-0674 (Enterasys XSR-1800 series Security Routers, when running firmware 7.0. ...)
 	NOT-FOR-US: Enterasys XSR-1800 series Security Routers
-CVE-2004-0673
+CVE-2004-0673 (Cross-site scripting (XSS) vulnerability in SCI Photo Chat Server 3.4. ...)
 	NOT-FOR-US: SCI Photo Chat Server
-CVE-2004-0672
+CVE-2004-0672 (Multiple cross-site scripting (XSS) vulnerabilities in the primary and ...)
 	NOT-FOR-US: Netegrity IdentityMinder Web Edition
-CVE-2004-0671
+CVE-2004-0671 (Brightmail Spamfilter 6.0 and earlier beta releases allows remote atta ...)
 	NOT-FOR-US: Brightmail Spamfilter
-CVE-2004-0670
+CVE-2004-0670 (Prestige 650HW-31 running Rompager 4.7 software allows remote attacker ...)
 	NOT-FOR-US: Rompager
-CVE-2004-0669
+CVE-2004-0669 (Lotus Domino 6.5.0 and 6.5.1, with IMAP enabled, allows remote authent ...)
 	NOT-FOR-US: Lotus
-CVE-2004-0668
+CVE-2004-0668 (Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Lotus
-CVE-2004-0667
+CVE-2004-0667 (Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows acces ...)
 	NOTE: kernel-patch-adamantix contain the RSBAC patch v1.2.2 and is vulnerable.
 	- kernel-patch-adamantix 1.6
-CVE-2004-0666
+CVE-2004-0666 (Off-by-one error in the POP3_readmsg function in popclient 3.0b6 allow ...)
 	NOT-FOR-US: popclient
-CVE-2004-0665
+CVE-2004-0665 (csFAQ.cgi in csFAQ allows remote attackers to gain sensitive informati ...)
 	NOT-FOR-US: csFAQ
-CVE-2004-0664
+CVE-2004-0664 (Directory traversal vulnerability in modules.php in PowerPortal 1.x al ...)
 	NOT-FOR-US: PowerPortal
-CVE-2004-0663
+CVE-2004-0663 (Cross-site scripting (XSS) vulnerability in modules.php in PowerPortal ...)
 	NOT-FOR-US: PowerPortal
-CVE-2004-0662
+CVE-2004-0662 (PowerPortal 1.x allows remote attackers to gain sensitive information  ...)
 	NOT-FOR-US: PowerPortal
-CVE-2004-0661
+CVE-2004-0661 (Integer signedness error in D-Link AirPlus DI-614+ running firmware 2. ...)
 	NOT-FOR-US: D-Link AirPlus DI-614+
-CVE-2004-0660
+CVE-2004-0660 (Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) ...)
 	NOT-FOR-US: CuteNews
-CVE-2004-0659
+CVE-2004-0659 (Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 a ...)
 	- mplayer <not-affected> (fixed before upload in archive; 1.0pre5)
-CVE-2004-0658
+CVE-2004-0658 (Integer overflow in the hpsb_alloc_packet function (incorrectly report ...)
 	- linux-2.6 <not-affected> (Invalid, according to Ben Collins)
 	- kernel-source-2.4.27 <not-affected> (Invalid, according to Ben Collins)
-CVE-2004-0657
+CVE-2004-0657 (Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP se ...)
 	- ntp 4.0
-CVE-2004-0656
+CVE-2004-0656 (The accept_client function in PureFTPd 1.0.18 and earlier allows remot ...)
 	- pure-ftpd 1.0.19-1
-CVE-2004-0655
+CVE-2004-0655 (eupdatedb in esearch 0.6.1 and earlier allows local users to create ar ...)
 	NOT-FOR-US: Gentoo specific
-CVE-2004-0654
+CVE-2004-0654 (Unknown vulnerability in the Basic Security Module (BSM), when configu ...)
 	NOT-FOR-US: Solaris
-CVE-2004-0653
+CVE-2004-0653 (Solaris 9, when configured as a Kerberos client with patch 112908-12 o ...)
 	NOT-FOR-US: Solaris
-CVE-2004-0652
+CVE-2004-0652 (BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack  ...)
 	NOT-FOR-US: BEA WebLogic Server and WebLogic Express
-CVE-2004-0651
+CVE-2004-0651 (Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 thro ...)
 	NOT-FOR-US: Sun JRE
-CVE-2004-0650
+CVE-2004-0650 (UploadServlet in Cisco Collaboration Server (CCS) running ServletExec  ...)
 	NOT-FOR-US: Cisco
-CVE-2004-0649
+CVE-2004-0649 (Buffer overflow in write_packet in control.c for l2tpd may allow remot ...)
 	{DSA-530}
 	- l2tpd 0.70-pre20031121-2
-CVE-2004-0648
+CVE-2004-0648 (Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird be ...)
 	- mozilla 2:1.7.1
 	- mozilla-firefox 0.9.2
 	- mozilla-thunderbird 0.7.2
-CVE-2004-0647
+CVE-2004-0647 (shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local u ...)
 	- shorewall 2.0.3a
-CVE-2004-0646
+CVE-2004-0646 (Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 we ...)
 	NOT-FOR-US: JRun
-CVE-2004-0645
+CVE-2004-0645 (Buffer overflow in the wvHandleDateTimePicture function in wv library  ...)
 	{DSA-579-1 DSA-550-1}
 	- abiword 2.0.8
 	- wv 1.0.2-0.1 (bug #264972)
 	NOTE: fixed version of abiword based on http://xforce.iss.net/xforce/xfdb/16660
-CVE-2004-0644
+CVE-2004-0644 (The asn1buf_skiptail function in the ASN.1 decoder library for MIT Ker ...)
 	{DSA-543-1}
 	- krb5 1.3.4-3
-CVE-2004-0643
+CVE-2004-0643 (Double free vulnerability in the krb5_rd_cred function for MIT Kerbero ...)
 	{DSA-543-1}
 	- krb5 1.3.4-3
-CVE-2004-0642
+CVE-2004-0642 (Double free vulnerabilities in the error handling code for ASN.1 decod ...)
 	{DSA-543-1}
 	- krb5 1.3.4-3
-CVE-2004-0641
+CVE-2004-0641 (Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and poss ...)
 	NOT-FOR-US: Thomson hardware ADSL router
-CVE-2004-0640
+CVE-2004-0640 (Format string vulnerability in the SSL_set_verify function in telnetd. ...)
 	{DSA-529}
 	- netkit-telnet-ssl 0.17.24+0.1-2
-CVE-2004-0639
+CVE-2004-0639 (Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1. ...)
 	{DSA-535}
 	- squirrelmail 2:1.4.3a-0.1
-CVE-2004-0638
+CVE-2004-0638 (Buffer overflow in the KSDWRTB function in the dbms_system package (db ...)
 	NOT-FOR-US: Oracle
-CVE-2004-0637
+CVE-2004-0637 (Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to e ...)
 	NOT-FOR-US: Oracle
-CVE-2004-0636
+CVE-2004-0636 (Buffer overflow in the goaway function in the aim:goaway URI handler f ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2004-0635
+CVE-2004-0635 (The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote att ...)
 	{DSA-528}
 	- ethereal 0.10.5-1
-CVE-2004-0634
+CVE-2004-0634 (The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows re ...)
 	- ethereal 0.10.5
 	[woody] - ethereal <not-affected> (Not vulnerable according to DSA-528)
-CVE-2004-0633
+CVE-2004-0633 (The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote at ...)
 	- ethereal 0.10.5
 	[woody] - ethereal <not-affected> (Not vulnerable according to DSA-528)
-CVE-2004-0632
+CVE-2004-0632 (Adobe Reader 6.0 does not properly handle null characters when splitti ...)
 	NOT-FOR-US: adobe reader
-CVE-2004-0631
+CVE-2004-0631 (Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0 ...)
 	NOT-FOR-US: adobe acrobat
-CVE-2004-0630
+CVE-2004-0630 (The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Uni ...)
 	NOT-FOR-US: adobe acrobat
-CVE-2004-0629
+CVE-2004-0629 (Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5 ...)
 	NOT-FOR-US: adobe acrobat
-CVE-2004-0628
+CVE-2004-0628 (Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allo ...)
 	- mysql <not-affected> (Apparently 3.2 not exploitable, see #330164)
 	- mysql-dfsg <not-affected> (Apparently 4.0 not exploitable, see #330164)
 	- mysql-dfsg-4.1 <not-affected> (fixed before first upload; in 4.1.3)
 	- mysql-dfsg-5.0 <not-affected> (fixed before first upload; in 5.0.0)
-CVE-2004-0627
+CVE-2004-0627 (The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0,  ...)
 	- mysql <not-affected> (Apparently 3.2 not exploitable, see #330164)
 	- mysql-dfsg <not-affected> (Apparently 4.0 not exploitable, see #330164)
 	- mysql-dfsg-4.1 4.1.11a-1 (bug #330164; bug #380507; medium)
 	- mysql-dfsg-5.0 <not-affected> (Was fixed before MySQL 5.0 was uploaded into the archive)
-CVE-2004-0626
+CVE-2004-0626 (The tcp_find_option function of the netfilter subsystem in Linux kerne ...)
 	[sarge] - kernel-source-2.6.8 2.6.8-1
 	- kernel-source-2.4.27 <not-affected>
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.8)
-CVE-2004-0625
+CVE-2004-0625 (SQL injection vulnerability in Infinity WEB 1.0 allows remote attacker ...)
 	NOT-FOR-US: Infinity WEB
-CVE-2004-0624
+CVE-2004-0624 (PHP remote file inclusion vulnerability in index.php for Artmedic link ...)
 	NOT-FOR-US: Artmedic links
-CVE-2004-0623
+CVE-2004-0623 (Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remo ...)
 	{DSA-590-1}
 	- gnats 4.0-6.1
-CVE-2004-0622
+CVE-2004-0622 (Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does no ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0621
+CVE-2004-0621 (admin.php in Newsletter ZWS allows remote attackers to gain administra ...)
 	NOT-FOR-US: Newsletter ZWS
-CVE-2004-0620
+CVE-2004-0620 (Cross-site scripting (XSS) vulnerability in (1) newreply.php or (2) ne ...)
 	NOT-FOR-US: vBulletin
-CVE-2004-0619
+CVE-2004-0619 (Integer overflow in the ubsec_keysetup function for Linux Broadcom 582 ...)
 	NOT-FOR-US: Linux Broadcom 5820 cryptonet driver
 	NOTE: does not seem to be part of linux kernel or other package
-CVE-2004-0618
+CVE-2004-0618 (FreeBSD 5.1 for the Alpha processor allows local users to cause a deni ...)
 	NOT-FOR-US: freebsd
-CVE-2004-0617
+CVE-2004-0617 (Cross-site scripting (XSS) vulnerability in ArbitroWeb 0.6 allows remo ...)
 	NOT-FOR-US: ArbitroWeb
-CVE-2004-0616
+CVE-2004-0616 (The BT Voyager 2000 Wireless ADSL Router has a default public SNMP com ...)
 	NOT-FOR-US: BT Voyager 2000 Wireless ADSL Router
-CVE-2004-0615
+CVE-2004-0615 (Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router ...)
 	NOT-FOR-US: D-Link DI-614+ SOHO router
-CVE-2004-0614
+CVE-2004-0614 (osTicket trusts a hidden form field in the submit form to limit the up ...)
 	NOT-FOR-US: osTicket
-CVE-2004-0613
+CVE-2004-0613 (osTicket allows remote attackers to view sensitive uploaded files and  ...)
 	NOT-FOR-US: osTicket
-CVE-2004-0612
+CVE-2004-0612 (The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mo ...)
 	NOT-FOR-US: ZoneAlarm Pro
-CVE-2004-0611
+CVE-2004-0611 (Web-Based Administration in Netgear FVS318 VPN Router allows remote at ...)
 	NOT-FOR-US: Netgear FVS318 VPN Router
-CVE-2004-0610
+CVE-2004-0610 (The Web administration interface in Microsoft MN-500 Wireless Router a ...)
 	NOT-FOR-US: Microsoft MN-500 Wireless Router
-CVE-2004-0609
+CVE-2004-0609 (rssh 2.0 through 2.1.x expands command line arguments before entering  ...)
 	- rssh 2.2.1
-CVE-2004-0608
+CVE-2004-0608 (The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation  ...)
 	NOT-FOR-US: Unreal Engine
-CVE-2004-0607
+CVE-2004-0607 (The eay_check_x509cert function in KAME Racoon successfully verifies c ...)
 	- ipsec-tools 0.3.3-1
-CVE-2004-0606
+CVE-2004-0606 (Cross-site scripting (XSS) vulnerability in Infoblox DNS One running f ...)
 	NOT-FOR-US: Infoblox DNS One
-CVE-2004-0605
+CVE-2004-0605 (Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2)  ...)
 	NOTE: Dossibly fixed in ircd-hybrid 7.0.2: "fixed flood limit bug".
-CVE-2004-0604
+CVE-2004-0604 (The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows  ...)
 	NOT-FOR-US: giFT-FastTrack not in debian
-CVE-2004-0603
+CVE-2004-0603 (gzexe in gzip 1.3.3 and earlier will execute an argument when the crea ...)
 	- gzip <not-affected> (Gentoo-specific bug in gzip introduced by botched security fix)
-CVE-2004-0602
+CVE-2004-0602 (The binary compatibility mode for FreeBSD 4.x and 5.x does not properl ...)
 	NOT-FOR-US: FreeBSD
-CVE-2004-0601
+CVE-2004-0601 (distcc before 2.16, when running on 64-bit platforms, does not interpr ...)
 	- distcc 2.18.1-4
-CVE-2004-0600
+CVE-2004-0600 (Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3 ...)
 	- samba 3.0.5 (bug #260838)
-CVE-2004-0599
+CVE-2004-0599 (Multiple integer overflows in the (1) png_read_png in pngread.c or (2) ...)
 	{DSA-571-1 DSA-570-1 DSA-536}
 	- libpng 1.0.15-6
 	- libpng3 1.2.5.0-7
-CVE-2004-0598
+CVE-2004-0598 (The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote ...)
 	{DSA-536}
 	- libpng 1.0.15-6
 	- libpng3 1.2.5.0-7
-CVE-2004-0597
+CVE-2004-0597 (Multiple buffer overflows in libpng 1.2.5 and earlier, as used in mult ...)
 	{DSA-536}
 	- libpng 1.0.15-6
 	- libpng3 1.2.5.0-7
-CVE-2004-0596
+CVE-2004-0596 (The Equalizer Load-balancer for serial network interfaces (eql.c) in L ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
-CVE-2004-0595
+CVE-2004-0595 (The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3 ...)
 	{DSA-669-1 DSA-531}
 	- php3 3:3.0.18-27
 	- php4 4:4.3.8-1
-CVE-2004-0594
+CVE-2004-0594 (The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5 ...)
 	{DSA-669-1 DSA-531}
 	- php4 4:4.3.8-1
-CVE-2004-0593
+CVE-2004-0593 (Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before aut ...)
 	NOT-FOR-US: Sygate Enforcer
-CVE-2004-0592
+CVE-2004-0592 (The tcp_find_option function of the netfilter subsystem for IPv6 in th ...)
 	NOT-FOR-US: linux 2.4 with usagi patches
-CVE-2004-0591
+CVE-2004-0591 (Cross-site scripting (XSS) vulnerability in the print_header_uc functi ...)
 	{DSA-533}
 	- courier 0.45.4-4
-CVE-2004-0590
+CVE-2004-0590 (FreeS/WAN 1.x and 2.x, and other related products including superfrees ...)
 	- freeswan 2.04-10
 	- openswan 2.2.0
-CVE-2004-0589
+CVE-2004-0589 (Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when co ...)
 	NOT-FOR-US: Cisco
-CVE-2004-0588
+CVE-2004-0588 (Cross-site scripting (XSS) vulnerability in the web mail module for Us ...)
 	- usermin 1.090-1
-CVE-2004-0587
+CVE-2004-0587 (Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Lin ...)
 	- qla2x00 7.01.01-1
-CVE-2004-0586
+CVE-2004-0586 (acpRunner ActiveX 1.2.5.0 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: Windows
 CVE-2004-0585
 	REJECTED
-CVE-2004-0584
+CVE-2004-0584 (Unknown vulnerability in Horde IMP 3.2.3 and earlier, before a "securi ...)
 	- imp3 3.2.4
-CVE-2004-0583
+CVE-2004-0583 (The account lockout functionality in (1) Webmin 1.140 and (2) Usermin  ...)
 	{DSA-526}
 	- usermin 1.090-1
 	- webmin 1.150-1
-CVE-2004-0582
+CVE-2004-0582 (Unknown vulnerability in Webmin 1.140 allows remote attackers to bypas ...)
 	{DSA-526}
 	- usermin 1.090-1
 	- webmin 1.150-1
-CVE-2004-0581
+CVE-2004-0581 (ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate ...)
 	NOT-FOR-US: Mandrake script
-CVE-2004-0580
+CVE-2004-0580 (DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Rout ...)
 	NOT-FOR-US: Linksys routers
-CVE-2004-0579
+CVE-2004-0579 (Format string vulnerability in super before 3.23 allows local users to ...)
 	{DSA-522}
 	- super 3.23.0-1
-CVE-2004-0578
+CVE-2004-0578 (WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions s ...)
 	NOT-FOR-US: Wingate
-CVE-2004-0577
+CVE-2004-0577 (WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions s ...)
 	NOT-FOR-US: Wingate
-CVE-2004-0576
+CVE-2004-0576 (The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the ...)
 	NOT-FOR-US: GNU radius
-CVE-2004-0575
+CVE-2004-0575 (Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP  ...)
 	NOT-FOR-US: Windows
-CVE-2004-0574
+CVE-2004-0574 (The Network News Transfer Protocol (NNTP) component of Microsoft Windo ...)
 	NOT-FOR-US: Windows
-CVE-2004-0573
+CVE-2004-0573 (Buffer overflow in the converter for Microsoft WordPerfect 5.x on Offi ...)
 	NOT-FOR-US: Windows
-CVE-2004-0572
+CVE-2004-0572 (Buffer overflow in the Windows Program Group Converter (grpconv.exe) m ...)
 	NOT-FOR-US: Windows
-CVE-2004-0571
+CVE-2004-0571 (Microsoft Word for Windows 6.0 Converter does not properly validate ce ...)
 	NOT-FOR-US: Microsoft
 CVE-2004-0570
 	RESERVED
-CVE-2004-0569
+CVE-2004-0569 (The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote att ...)
 	NOT-FOR-US: Windows
-CVE-2004-0568
+CVE-2004-0568 (HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP ...)
 	NOT-FOR-US: HyperTerminal
-CVE-2004-0567
+CVE-2004-0567 (The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP ...)
 	NOT-FOR-US: Windows
-CVE-2004-0566
+CVE-2004-0566 (Integer overflow in imgbmp.cxx for Windows 2000 allows remote attacker ...)
 	NOT-FOR-US: Windows
-CVE-2004-0565
+CVE-2004-0565 (Floating point information leak in the context switch code for Linux 2 ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- kernel-source-2.4.27 2.4.27-1
 	- linux-2.6 <not-affected> (fixed before first upload)
-CVE-2004-0564
+CVE-2004-0564 (Roaring Penguin pppoe (rp-ppoe), if installed or configured to run set ...)
 	{DSA-557-1}
 	- rp-pppoe 3.5-4 (bug #343264)
-CVE-2004-0563
+CVE-2004-0563 (The tspc.conf configuration file in freenet6 before 0.9.6 and before 1 ...)
 	{DSA-555-1}
 	- freenet6 1.0-2.2
 CVE-2004-0562
 	REJECTED
-CVE-2004-0561
+CVE-2004-0561 (Format string vulnerability in the log routine for gopher daemon (goph ...)
 	{DSA-638-1}
 	- gopher 3.0.6
 	NOTE: removed, deprecated in favor of pygopherd
-CVE-2004-0560
+CVE-2004-0560 (Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attack ...)
 	{DSA-638-1}
 	- gopher 3.0.6
 	NOTE: removed, deprecated in favor of pygopherd
-CVE-2004-0559
+CVE-2004-0559 (The maketemp.pl script in Usermin 1.070 and 1.080 allows local users t ...)
 	{DSA-544-1}
 	- webmin 1.160-1
 	- usermin 1.090-1
-CVE-2004-0558
+CVE-2004-0558 (The Internet Printing Protocol (IPP) implementation in CUPS before 1.1 ...)
 	{DSA-545-1}
 	- cups 1.1.20final+rc1-6
 	- cupsys 1.1.20final+rc1-6
-CVE-2004-0557
+CVE-2004-0557 (Multiple buffer overflows in the st_wavstartread function in wav.c for ...)
 	{DSA-565-1}
 	- sox 12.17.4-9 (bug #262083)
 CVE-2004-0556
 	REJECTED
-CVE-2004-0555
+CVE-2004-0555 (Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 ...)
 	{DSA-643-1}
 	- queue 1.30.1-5
-CVE-2004-0554
+CVE-2004-0554 (Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a den ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- kernel-source-2.4.27 2.4.27-1
 	- linux-2.6 2.6.12-1 (bug #261521)
 CVE-2004-0553
 	RESERVED
-CVE-2004-0552
+CVE-2004-0552 (Sophos Small Business Suite 1.00 on Windows does not properly handle f ...)
 	NOT-FOR-US: Sophos Small Business Suite
-CVE-2004-0551
+CVE-2004-0551 (Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX ...)
 	NOT-FOR-US: Cisco
-CVE-2004-0550
+CVE-2004-0550 (Buffer overflow in Real Networks RealPlayer 10 allows remote attackers ...)
 	NOT-FOR-US: Real Player
-CVE-2004-0549
+CVE-2004-0549 (The WebBrowser ActiveX control, or the Internet Explorer HTML renderin ...)
 	NOT-FOR-US: Windows
-CVE-2004-0548
+CVE-2004-0548 (Multiple stack-based buffer overflows in the word-list-compress functi ...)
 	- aspell 0.50.5-3
-CVE-2004-0547
+CVE-2004-0547 (Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows  ...)
 	{DSA-516}
 	- postgresql 07.03.0200-3
 CVE-2004-0546
 	RESERVED
-CVE-2004-0545
+CVE-2004-0545 (LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary file ...)
 	NOT-FOR-US: AIX
-CVE-2004-0544
+CVE-2004-0544 (Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users ...)
 	NOT-FOR-US: AIX
-CVE-2004-0543
+CVE-2004-0543 (Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and ...)
 	NOT-FOR-US: Oracle
-CVE-2004-0542
+CVE-2004-0542 (PHP before 4.3.7 on Win32 platforms does not properly filter all shell ...)
 	- php4 <not-affected> (Only affects Windows)
-CVE-2004-0541
+CVE-2004-0541 (Buffer overflow in the ntlm_check_auth (NTLM authentication) function  ...)
 	- squid 2.5.5-5
-CVE-2004-0540
+CVE-2004-0540 (Microsoft Windows 2000, when running in a domain whose Fully Qualified ...)
 	NOT-FOR-US: Windows
-CVE-2004-0539
+CVE-2004-0539 (The "Show in Finder" button in the Safari web browser in Mac OS X 10.3 ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0538
+CVE-2004-0538 (LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers a ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0537
+CVE-2004-0537 (Opera 7.50 and earlier allows remote web sites to provide a "Shortcut  ...)
 	NOT-FOR-US: Opera
-CVE-2004-0536
+CVE-2004-0536 (Format string vulnerability in Tripwire commercial 4.0.1 and earlier,  ...)
 	- tripwire 2.3.1.2.0-2.1
-CVE-2004-0535
+CVE-2004-0535 (The e1000 driver for Linux kernel 2.4.26 and earlier does not properly ...)
 	- kernel-source-2.4.27 2.4.27-1
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.6)
-CVE-2004-0534
+CVE-2004-0534 (Cross-site scripting (XSS) vulnerability in Business Objects InfoView  ...)
 	NOT-FOR-US: Business Objects WebIntelligence
-CVE-2004-0533
+CVE-2004-0533 (Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces acc ...)
 	NOT-FOR-US: Business Objects WebIntelligence
 CVE-2004-0532
 	RESERVED
 CVE-2004-0531
 	RESERVED
-CVE-2004-0530
+CVE-2004-0530 (The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a  ...)
 	- php4 <not-affected> (Slackware specific rpath issue)
-CVE-2004-0529
+CVE-2004-0529 (The modified suexec program in cPanel, when configured for mod_php and ...)
 	NOT-FOR-US: cPanel is not our cpanel
-CVE-2004-0528
+CVE-2004-0528 (Netscape Navigator 7.1 allows remote attackers to spoof a legitimate U ...)
 	NOT-FOR-US: Netscape Navigator 7.1
-CVE-2004-0527
+CVE-2004-0527 (KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a legit ...)
 	- kdebase 2.2.3
-CVE-2004-0526
+CVE-2004-0526 (Unknown versions of Internet Explorer and Outlook allow remote attacke ...)
 	NOT-FOR-US: Windows
-CVE-2004-0525
+CVE-2004-0525 (HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 all ...)
 	NOT-FOR-US: iLO
-CVE-2004-0524
+CVE-2004-0524 (Buffer overflow in the chpasswd command in the Change_passwd plugin be ...)
 	NOT-FOR-US: Change_passwd SquirrelMail plugin not present in debian
-CVE-2004-0523
+CVE-2004-0523 (Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos  ...)
 	{DSA-520}
 	- krb5 1.3.3-2
-CVE-2004-0522
+CVE-2004-0522 (Gallery 1.4.3 and earlier allows remote attackers to bypass authentica ...)
 	{DSA-512}
 	- gallery 1.4.3-pl2-1
-CVE-2004-0521
+CVE-2004-0521 (SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows re ...)
 	{DSA-535}
 	- squirrelmail 2:1.4.3a-0.1
-CVE-2004-0520
+CVE-2004-0520 (Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail  ...)
 	{DSA-535}
 	- squirrelmail 2:1.4.3a-0.1
-CVE-2004-0519
+CVE-2004-0519 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1. ...)
 	{DSA-535}
 	- squirrelmail 2:1.4.3a-0.1
-CVE-2004-0518
+CVE-2004-0518 (Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related  ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0517
+CVE-2004-0517 (Unknown vulnerability in Mac OS X 10.3.4, related to "handling of proc ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0516
+CVE-2004-0516 (Unknown vulnerability in Mac OS X 10.3.4, related to "package installa ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0515
+CVE-2004-0515 (Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to " ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0514
+CVE-2004-0514 (Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to " ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0513
+CVE-2004-0513 (Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0512
+CVE-2004-0512 (Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7 ...)
 	NOT-FOR-US: SCO MMDF
-CVE-2004-0511
+CVE-2004-0511 (Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7 ...)
 	NOT-FOR-US: SCO MMDF
-CVE-2004-0510
+CVE-2004-0510 (Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and p ...)
 	NOT-FOR-US: SCO MMDF
 CVE-2004-0509
 	RESERVED
 CVE-2004-0508
 	RESERVED
-CVE-2004-0507
+CVE-2004-0507 (Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 al ...)
 	- ethereal 0.10.4
-CVE-2004-0506
+CVE-2004-0506 (The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attacke ...)
 	- ethereal 0.10.4
-CVE-2004-0505
+CVE-2004-0505 (The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause  ...)
 	- ethereal 0.10.4
-CVE-2004-0504
+CVE-2004-0504 (Ethereal 0.10.3 allows remote attackers to cause a denial of service ( ...)
 	- ethereal 0.10.4
-CVE-2004-0503
+CVE-2004-0503 (Microsoft Outlook 2003 allows remote attackers to bypass the default z ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0502
+CVE-2004-0502 (Outlook 2003, when replying to an e-mail message, stores certain files ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0501
+CVE-2004-0501 (Outlook 2003 allows remote attackers to bypass intended access restric ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0500
+CVE-2004-0500 (Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c ...)
 	- gaim 1:0.81-3
 CVE-2004-0499
 	REJECTED
-CVE-2004-0498
+CVE-2004-0498 (The H.323 protocol agent in StoneSoft firewall engine 2.2.8 and earlie ...)
 	NOT-FOR-US: StoneSoft firewall engine
-CVE-2004-0497
+CVE-2004-0497 (Unknown vulnerability in Linux kernel 2.x may allow local users to mod ...)
 	- kernel-source-2.4.27 2.4.27-1
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.8)
-CVE-2004-0496
+CVE-2004-0496 (Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users ...)
 	NOTE: fixed in 2.6.7
-CVE-2004-0495
+CVE-2004-0495 (Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow loc ...)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.27-rc1)
-CVE-2004-0494
+CVE-2004-0494 (Multiple extfs backend scripts for GNOME virtual file system (VFS) bef ...)
 	- gnome-vfs 1.0.1
-CVE-2004-0493
+CVE-2004-0493 (The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows re ...)
 	- apache2 2.0.50-1
-CVE-2004-0492
+CVE-2004-0492 (Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3 ...)
 	{DSA-525}
 	- apache 1.3.31-2
-CVE-2004-0491
+CVE-2004-0491 (The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not pr ...)
 	NOTE: appears redhat specific
-CVE-2004-0490
+CVE-2004-0490 (cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec op ...)
 	NOT-FOR-US: cPanel is not our cpanel
-CVE-2004-0489
+CVE-2004-0489 (Argument injection vulnerability in the SSH URI handler for Safari on  ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0488
+CVE-2004-0488 (Stack-based buffer overflow in the ssl_util_uuencode_binary function i ...)
 	{DSA-532}
 	- apache2 2.0.50-1
 	- libapache-mod-ssl 2.8.19-1
-CVE-2004-0487
+CVE-2004-0487 (A certain ActiveX control in Symantec Norton AntiVirus 2004 allows rem ...)
 	NOT-FOR-US: Norton
-CVE-2004-0486
+CVE-2004-0486 (HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0485
+CVE-2004-0485 (The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 1 ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0484
+CVE-2004-0484 (mshtml.dll in Microsoft Internet Explorer 6.0.2800 allows remote attac ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0483
+CVE-2004-0483 (Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote  ...)
 	NOT-FOR-US: IRIX
-CVE-2004-0482
+CVE-2004-0482 (Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs. ...)
 	NOT-FOR-US: OpenBSD
-CVE-2004-0481
+CVE-2004-0481 (The logging feature in kcms_configure in the KCMS package on Solaris 8 ...)
 	NOT-FOR-US: the KCMS on Solaris
-CVE-2004-0480
+CVE-2004-0480 (Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allo ...)
 	NOT-FOR-US: Lotus Notes
-CVE-2004-0479
+CVE-2004-0479 (Internet Explorer 6 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0478
+CVE-2004-0478 (Unknown versions of Mozilla allow remote attackers to cause a denial o ...)
 	NOTE: only a Mozilla DOS
-CVE-2004-0477
+CVE-2004-0477 (Unknown vulnerability in 3Com OfficeConnect Remote 812 ADSL Router all ...)
 	NOT-FOR-US: 3Com OfficeConnect Remote 812 ADSL Router
-CVE-2004-0476
+CVE-2004-0476 (Buffer overflow in 3Com OfficeConnect Remote 812 ADSL Router 1.1.9.4 a ...)
 	NOT-FOR-US: 3Com OfficeConnect Remote 812 ADSL Router
-CVE-2004-0475
+CVE-2004-0475 (The showHelp function in Internet Explorer 6 on Windows XP Pro allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2004-0474
+CVE-2004-0474 (Help Center (HelpCtr.exe) may allow remote attackers to read or execut ...)
 	NOT-FOR-US: Help Center (HelpCtr.exe)
-CVE-2004-0473
+CVE-2004-0473 (Argument injection vulnerability in Opera before 7.50 does not properl ...)
 	NOT-FOR-US: opera
 CVE-2004-0472
 	REJECTED
-CVE-2004-0471
+CVE-2004-0471 (BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 throu ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2004-0470
+CVE-2004-0470 (BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 throu ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2004-0469
+CVE-2004-0469 (Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and  ...)
 	NOT-FOR-US: Check Point VPN
-CVE-2004-0468
+CVE-2004-0468 (Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows rem ...)
 	NOT-FOR-US: Juniper JUNOS
-CVE-2004-0467
+CVE-2004-0467 (Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a ...)
 	NOT-FOR-US: Juniper JUNOS
-CVE-2004-0466
+CVE-2004-0466 (WebConnect 6.5, 6.4.4, and possibly earlier versions allows remote att ...)
 	NOT-FOR-US: WebConnect
-CVE-2004-0465
+CVE-2004-0465 (Directory traversal vulnerability in jretest.html in WebConnect 6.5 an ...)
 	NOT-FOR-US: WebConnect
 CVE-2004-0464
 	REJECTED
 CVE-2004-0463
 	REJECTED
-CVE-2004-0462
+CVE-2004-0462 (The built-in web servers for multiple networking devices do not set th ...)
 	NOT-FOR-US: Multiple embedded hardware vendors
-CVE-2004-0461
+CVE-2004-0461 (The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when com ...)
 	- dhcp3 3.0.1
-CVE-2004-0460
+CVE-2004-0460 (Buffer overflow in the logging capability for the DHCP daemon (DHCPD)  ...)
 	- dhcp3 3.0.1
-CVE-2004-0459
+CVE-2004-0459 (The Clear Channel Assessment (CCA) algorithm in the IEEE 802.11 wirele ...)
 	NOT-FOR-US: DOS in 802.11 protocol
-CVE-2004-0458
+CVE-2004-0458 (mah-jong before 1.6.2 allows remote attackers to cause a denial of ser ...)
 	{DSA-503}
 	- mah-jong 1.6.2-1
-CVE-2004-0457
+CVE-2004-0457 (The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the sc ...)
 	{DSA-540}
 	- mysql-dfsg 4.0.20-11
 	- mysql <removed>
-CVE-2004-0456
+CVE-2004-0456 (Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly ot ...)
 	{DSA-527}
 	- pavuk 0.9pl28-3 (bug #264684)
-CVE-2004-0455
+CVE-2004-0455 (Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to ...)
 	{DSA-523}
 	- www-sql 0.5.7-18
-CVE-2004-0454
+CVE-2004-0454 (Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allow ...)
 	{DSA-524}
 	- rlpr 2.02-7.1 (bug #255402)
-CVE-2004-0453
+CVE-2004-0453 (Format string vulnerability in the monitor "memory dump" command in VI ...)
 	- vice 1.14-2
-CVE-2004-0452
+CVE-2004-0452 (Race condition in the rmtree function in the File::Path module in Perl ...)
 	{DSA-1678-1 DSA-620-1}
 	- perl 5.8.4-5
-CVE-2004-0451
+CVE-2004-0451 (Multiple format string vulnerabilities in the (1) logquit, (2) logerr, ...)
 	{DSA-521}
 	- sup 1.8-11
-CVE-2004-0450
+CVE-2004-0450 (Format string vulnerability in the printlog function in log2mail befor ...)
 	{DSA-513}
 	- log2mail 0.2.8-3
 CVE-2004-0449
 	REJECTED
-CVE-2004-0448
+CVE-2004-0448 (Format string vulnerability in the log function for jftpgw 0.13.4 and  ...)
 	{DSA-510}
 	- jftpgw 0.13.4-1
-CVE-2004-0447
+CVE-2004-0447 (Unknown vulnerability in Linux before 2.4.26 for IA64 allows local use ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26)
 CVE-2004-0446
 	RESERVED
-CVE-2004-0445
+CVE-2004-0445 (The SYMDNS.SYS driver in Symantec Norton Internet Security and Profess ...)
 	NOT-FOR-US: Norton
-CVE-2004-0444
+CVE-2004-0444 (Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Se ...)
 	NOT-FOR-US: Norton
 CVE-2004-0443
 	RESERVED
@@ -5229,555 +5229,555 @@ CVE-2004-0439
 	RESERVED
 CVE-2004-0438
 	RESERVED
-CVE-2004-0437
+CVE-2004-0437 (Titan FTP Server version 3.01 build 163, and possibly other versions b ...)
 	NOT-FOR-US: Titan FTP Server
 CVE-2004-0436
 	RESERVED
-CVE-2004-0435
+CVE-2004-0435 (Certain "programming errors" in the msync system call for FreeBSD 5.2. ...)
 	NOT-FOR-US: FreeBSD
-CVE-2004-0434
+CVE-2004-0434 (k5admind (kadmind) for Heimdal allows remote attackers to execute arbi ...)
 	{DSA-504}
 	- heimdal 0.6.2-1
-CVE-2004-0433
+CVE-2004-0433 (Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) c ...)
 	- mplayer 1.0~pre6a-1
 	- xine-lib 1-rc4
-CVE-2004-0432
+CVE-2004-0432 (ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL  ...)
 	- proftpd 1.2.9-4
-CVE-2004-0431
+CVE-2004-0431 (Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allow ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2004-0430
+CVE-2004-0430 (Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0429
+CVE-2004-0429 (Unknown vulnerability related to "the handling of large requests" in R ...)
 	NOT-FOR-US: RAdmin for Mac OS X
-CVE-2004-0428
+CVE-2004-0428 (Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS  ...)
 	NOT-FOR-US: Mac OS X)
-CVE-2004-0427
+CVE-2004-0427 (The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2. ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload of linux-2.6 package into the archive; 2.6.6)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload of package into the archive; 2.4.26)
-CVE-2004-0426
+CVE-2004-0426 (rsync before 2.6.1 does not properly sanitize paths when running a rea ...)
 	{DSA-499}
 	- rsync 2.6.1-1
-CVE-2004-0425
+CVE-2004-0425 (Heap-based buffer overflow in SiteMinder Affiliate Agent 4.x allows re ...)
 	NOT-FOR-US: windows
-CVE-2004-0424
+CVE-2004-0424 (Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22  ...)
 	NOTE: fixed after 2.6.4/2.4.26 kernel
-CVE-2004-0423
+CVE-2004-0423 (The log_event function in ssmtp 2.50.6 and earlier allows local users  ...)
 	- ssmtp <unfixed> (unimportant)
 	NOTE: bug still exists in the ssmtp source, but is only activated if
 	NOTE: --enable-logfile is used in ./configure
 	NOTE: The package doesn't enable that flag so it is safe.
-CVE-2004-0422
+CVE-2004-0422 (flim before 1.14.3 creates temporary files insecurely, which allows lo ...)
 	{DSA-500}
 	- flim 1:1.14.6+0.20040415-1
-CVE-2004-0421
+CVE-2004-0421 (The Portable Network Graphics library (libpng) 1.0.15 and earlier allo ...)
 	{DSA-498}
 	- libpng 1.0.15-5
 	- libpng3 1.2.5.0-6
-CVE-2004-0420
+CVE-2004-0420 (The Windows Shell application in Windows 98, Windows ME, Windows NT 4. ...)
 	NOT-FOR-US: windows
-CVE-2004-0419
+CVE-2004-0419 (XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.r ...)
 	[sarge] - xfree86 <not-affected> (vulnerable code not present)
 	- xdm <not-affected> (vulnerable code not present)
-CVE-2004-0418
+CVE-2004-0418 (serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, ...)
 	{DSA-519}
 	- cvs 1:1.12.9-1
-CVE-2004-0417
+CVE-2004-0417 (Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_d ...)
 	{DSA-519}
 	- cvs 1:1.12.9-1
-CVE-2004-0416
+CVE-2004-0416 (Double free vulnerability for the error_prog_name string in CVS 1.12.x ...)
 	{DSA-519}
 	- cvs 1:1.12.9-1
-CVE-2004-0415
+CVE-2004-0415 (Linux kernel does not properly convert 64-bit file offset pointers to  ...)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.27-rc6)
-CVE-2004-0414
+CVE-2004-0414 (CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not proper ...)
 	{DSA-517}
 	- cvs 1:1.12.9-1
-CVE-2004-0413
+CVE-2004-0413 (libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn:/ ...)
 	- subversion 1.0.5-1
-CVE-2004-0412
+CVE-2004-0412 (Mailman before 2.1.5 allows remote attackers to obtain user passwords  ...)
 	- mailman 2.1.4-5
-CVE-2004-0411
+CVE-2004-0411 (The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properl ...)
 	{DSA-518}
 	- kdelibs 4:3.2.3
 CVE-2004-0410
 	REJECTED
-CVE-2004-0409
+CVE-2004-0409 (Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0  ...)
 	{DSA-493}
 	- xchat 2.0.8-1
-CVE-2004-0408
+CVE-2004-0408 (Buffer overflow in the child_service function in the ident2 ident daem ...)
 	{DSA-494}
 	- ident2 1.04-2
-CVE-2004-0407
+CVE-2004-0407 (The HTML form upload capability in ColdFusion MX 6.1 does not reclaim  ...)
 	NOT-FOR-US: ColdFusion
 CVE-2004-0406
 	REJECTED
-CVE-2004-0405
+CVE-2004-0405 (CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot ...)
 	{DSA-486}
 	- cvs 1:1.12.5-4 (medium)
-CVE-2004-0404
+CVE-2004-0404 (logcheck before 1.1.1 allows local users to overwrite arbitrary files  ...)
 	{DSA-488}
 	- logcheck 1.1.1-13.2
-CVE-2004-0403
+CVE-2004-0403 (Racoon before 20040408a allows remote attackers to cause a denial of s ...)
 	- ipsec-tools 0.3.1-3
-CVE-2004-0402
+CVE-2004-0402 (Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other v ...)
 	{DSA-508}
 	- xpcd 2.08-10
-CVE-2004-0401
+CVE-2004-0401 (Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before ...)
 	- libtasn1 0.1.2-2
-CVE-2004-0400
+CVE-2004-0400 (Stack-based buffer overflow in Exim 4 before 4.33, when the headers_ch ...)
 	{DSA-502 DSA-501}
 	- exim 3.36-11
 	- exim4 4.33-1
 	- exim-tls <removed>
-CVE-2004-0399
+CVE-2004-0399 (Stack-based buffer overflow in Exim 3.35, and other versions before 4, ...)
 	{DSA-502 DSA-501}
 	- exim 3.36-11
 	- exim4 4.33-1
 	- exim-tls <removed>
-CVE-2004-0398
+CVE-2004-0398 (Heap-based buffer overflow in the ne_rfc1036_parse date parsing functi ...)
 	{DSA-507 DSA-506}
 	- cadaver 0.22.1-3
 	- neon 0.24.6.dfsg-1
-CVE-2004-0397
+CVE-2004-0397 (Stack-based buffer overflow during the apr_time_t data conversion in S ...)
 	- subversion 1.0.3-1 (bug #249791)
-CVE-2004-0396
+CVE-2004-0396 (Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up  ...)
 	{DSA-505}
 	- cvs 1:1.12.5-6
-CVE-2004-0395
+CVE-2004-0395 (The xatitv program in the gatos package does not properly drop root pr ...)
 	{DSA-509}
 	- gatos 0.0.5-12
-CVE-2004-0394
+CVE-2004-0394 (A "potential" buffer overflow exists in the panic() function in Linux  ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected>
 	NOTE: patch: http://www.ultramonkey.org/bugs/cve-patch/CAN-2004-0394.patch
-CVE-2004-0393
+CVE-2004-0393 (Format string vulnerability in the msg function for rlpr daemon (rlprd ...)
 	{DSA-524}
 	- rlpr 2.02-7.1 (bug #255402)
-CVE-2004-0392
+CVE-2004-0392 (racoon before 20040407b allows remote attackers to cause a denial of s ...)
 	- apache 1.3.31-2
-CVE-2004-0391
+CVE-2004-0391 (Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting  ...)
 	NOT-FOR-US: Cisco
-CVE-2004-0390
+CVE-2004-0390 (SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style acce ...)
 	NOT-FOR-US: SCO OpenServer
-CVE-2004-0389
+CVE-2004-0389 (RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote atta ...)
 	NOT-FOR-US: RealNetworks Helix Universal Server
-CVE-2004-0388
+CVE-2004-0388 (The mysqld_multi script in MySQL allows local users to overwrite arbit ...)
 	{DSA-483}
 	- mysql-dfsg 4.0.18-6
-CVE-2004-0387
+CVE-2004-0387 (Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8 ...)
 	NOT-FOR-US: RealPlayer plugin
-CVE-2004-0386
+CVE-2004-0386 (Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0. ...)
 	- mplayer 1.0~pre6a-1
-CVE-2004-0385
+CVE-2004-0385 (Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9 ...)
 	NOT-FOR-US: Oracle 9i Application Server Web Cache
 CVE-2004-0384
 	RESERVED
-CVE-2004-0383
+CVE-2004-0383 (Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unk ...)
 	NOT-FOR-US: Mail for Mac OS X
-CVE-2004-0382
+CVE-2004-0382 (Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 a ...)
 	NOT-FOR-US: CUPS printing system in Mac OS X
-CVE-2004-0381
+CVE-2004-0381 (mysqlbug in MySQL allows local users to overwrite arbitrary files via  ...)
 	{DSA-483}
 	- mysql-dfsg 4.0.18-4
-CVE-2004-0380
+CVE-2004-0380 (The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 throug ...)
 	NOT-FOR-US: Microsoft Outlook Express
-CVE-2004-0379
+CVE-2004-0379 (Multiple cross-site scripting (XSS) vulnerabilities in Microsoft Share ...)
 	NOT-FOR-US: Microsoft SharePoint Portal Server 2001
 CVE-2004-0378
 	REJECTED
-CVE-2004-0377
+CVE-2004-0377 (Buffer overflow in the win32_stat function for (1) ActiveState's Activ ...)
 	- perl <not-affected> (Win32 specific)
-CVE-2004-0376
+CVE-2004-0376 (oftpd 0.3.6 and earlier allows remote attackers to cause a denial of s ...)
 	{DSA-473}
 	- oftpd 20040304-1 (bug #353882)
-CVE-2004-0375
+CVE-2004-0375 (SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton ...)
 	NOT-FOR-US: Symantec Norton Internet Security
-CVE-2004-0374
+CVE-2004-0374 (Interchange before 5.0.1 allows remote attackers to "expose the conten ...)
 	{DSA-471}
 	- interchange 5.0.1-1
 CVE-2004-0373
 	RESERVED
-CVE-2004-0372
+CVE-2004-0372 (xine allows local users to overwrite arbitrary files via a symlink att ...)
 	{DSA-477}
 	- xine-ui 0.99.1-1
-CVE-2004-0371
+CVE-2004-0371 (Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly pe ...)
 	{DSA-476}
 	- heimdal 0.6.1-1
-CVE-2004-0370
+CVE-2004-0370 (The setsockopt call in the KAME Project IPv6 implementation, as used i ...)
 	NOT-FOR-US: KAME
-CVE-2004-0369
+CVE-2004-0369 (Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec  ...)
 	NOT-FOR-US: Entrust LibKmp ISAKMP library
-CVE-2004-0368
+CVE-2004-0368 (Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and oth ...)
 	NOT-FOR-US: CDE
-CVE-2004-0367
+CVE-2004-0367 (Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of ...)
 	- ethereal 0.10.3 (bug #239576)
 	[woody] - ethereal <not-affected> (Not vulnerable per DSA-511)
-CVE-2004-0366
+CVE-2004-0366 (SQL injection vulnerability in the libpam-pgsql library before 0.5.2 a ...)
 	{DSA-469}
 	- pam-pgsql 0.5.2-7.1
 	NOTE: fix was accidentially reverted in a later upload and later re-introduced in 0.5.2-9
-CVE-2004-0365
+CVE-2004-0365 (The dissect_attribute_value_pairs function in packet-radius.c for Ethe ...)
 	- ethereal 0.10.3 (bug #239576)
 	[woody] - ethereal <not-affected> (Not vulnerable per DSA-511)
-CVE-2004-0364
+CVE-2004-0364 (The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Securi ...)
 	NOT-FOR-US: WrapNISUM ActiveX
-CVE-2004-0363
+CVE-2004-0363 (Stack-based buffer overflow in the SymSpamHelper ActiveX component (sy ...)
 	NOT-FOR-US: SymSpamHelper ActiveX
-CVE-2004-0362
+CVE-2004-0362 (Multiple stack-based buffer overflows in the ICQ parsing routines of t ...)
 	NOT-FOR-US: ISS Protocol Analysis Module
-CVE-2004-0361
+CVE-2004-0361 (The Javascript engine in Safari 1.2 and earlier allows remote attacker ...)
 	NOT-FOR-US: safari
-CVE-2004-0360
+CVE-2004-0360 (Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local ...)
 	NOT-FOR-US: solaris
-CVE-2004-0359
+CVE-2004-0359 (Cross-site scripting (XSS) vulnerability in index.php for Invision Pow ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2004-0358
+CVE-2004-0358 (Cross-site scripting (XSS) vulnerability in VirtuaNews Admin Panel Pro ...)
 	NOT-FOR-US: VirtuaNews Admin Panel
-CVE-2004-0357
+CVE-2004-0357 (Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attacke ...)
 	NOT-FOR-US: SL Mail Pro
-CVE-2004-0355
+CVE-2004-0355 (Invision Power Board 1.3 Final allows remote attackers to gain sensiti ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2004-0354
+CVE-2004-0354 (Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6 ...)
 	NOT-FOR-US: GNU Anubis
-CVE-2004-0353
+CVE-2004-0353 (Multiple buffer overflows in auth_ident() function in auth.c for GNU A ...)
 	NOT-FOR-US: GNU Anubis
-CVE-2004-0352
+CVE-2004-0352 (Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x ...)
 	NOT-FOR-US: Cisco
-CVE-2004-0351
+CVE-2004-0351 (Spider Sales shopping cart stores the private key in the same database ...)
 	NOT-FOR-US: Spider Sales
-CVE-2004-0350
+CVE-2004-0350 (SpiderSales shopping cart does not enforce a minimum length for the pr ...)
 	NOT-FOR-US: Spider Sales
-CVE-2004-0349
+CVE-2004-0349 (Directory traversal vulnerability in GWeb HTTP Server 0.6 allows remot ...)
 	NOT-FOR-US: GWeb HTTP Server
-CVE-2004-0348
+CVE-2004-0348 (SQL injection vulnerability in viewCart.asp in SpiderSales shopping ca ...)
 	NOT-FOR-US: SpiderSales
-CVE-2004-0346
+CVE-2004-0346 (Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 th ...)
 	- proftpd 1.2.9
-CVE-2004-0345
+CVE-2004-0345 (Buffer overflow in Red Faction client 1.20 and earlier allows remote s ...)
 	NOT-FOR-US: Red Faction
-CVE-2004-0344
+CVE-2004-0344 (Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5. ...)
 	NOT-FOR-US: YaBB SE
-CVE-2004-0343
+CVE-2004-0343 (Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b ...)
 	NOT-FOR-US: YaBB SE
-CVE-2004-0342
+CVE-2004-0342 (WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled ...)
 	NOT-FOR-US: WFPTD
-CVE-2004-0341
+CVE-2004-0341 (WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a ...)
 	NOT-FOR-US: WFPTD
-CVE-2004-0340
+CVE-2004-0340 (Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Se ...)
 	NOT-FOR-US: WFPTD
-CVE-2004-0339
+CVE-2004-0339 (Cross-site scripting (XSS) vulnerability in ViewTopic.php in phpBB, po ...)
 	- phpbb2 2.0.6d
-CVE-2004-0338
+CVE-2004-0338 (SQL injection vulnerability in search.php for Invision Board Forum all ...)
 	NOT-FOR-US: Invision Board Forum
-CVE-2004-0337
+CVE-2004-0337 (Cross-site scripting (XSS) vulnerability in LAN SUITE Web Mail 602Pro  ...)
 	NOT-FOR-US: 602LAN SUITE
-CVE-2004-0335
+CVE-2004-0335 (LAN SUITE Web Mail 602Pro, when configured to use the "Directory brows ...)
 	NOT-FOR-US: 602LAN SUITE
-CVE-2004-0334
+CVE-2004-0334 (InnoMedia VideoPhone allows remote attackers to bypass Basic Authoriza ...)
 	NOT-FOR-US: AXIS 2100
-CVE-2004-0333
+CVE-2004-0333 (Buffer overflow in the UUDeview package, as used in WinZip 6.2 through ...)
 	- uudeview 0.5.20 (medium)
-CVE-2004-0332
+CVE-2004-0332 (Extremail 1.5.9 does not check passwords correctly when they are all d ...)
 	NOT-FOR-US: extremail
-CVE-2004-0331
+CVE-2004-0331 (Heap-based buffer overflow in Dell OpenManage Web Server 3.4.0 allows  ...)
 	NOT-FOR-US: Dell OpenManage Web Server
-CVE-2004-0330
+CVE-2004-0330 (Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticat ...)
 	NOT-FOR-US: Serv-U
-CVE-2004-0329
+CVE-2004-0329 (FreeChat 1.1.1a allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: FreeChat
-CVE-2004-0328
+CVE-2004-0328 (Gigabyte Gn-B46B 2.4Ghz wireless broadband router firmware 1.003.00 al ...)
 	NOT-FOR-US: Gigabyte Broadband Router
-CVE-2004-0327
+CVE-2004-0327 (Directory traversal vulnerability in functions.php in PhpNewsManager 1 ...)
 	NOT-FOR-US: PhpNewsManager
-CVE-2004-0326
+CVE-2004-0326 (Buffer overflow in the web proxy for GateKeeper Pro 4.7 allows remote  ...)
 	NOT-FOR-US: GateKeeper Pro
-CVE-2004-0325
+CVE-2004-0325 (TYPSoft FTP Server 1.10 allows remote authenticated users to cause a d ...)
 	NOT-FOR-US: TypSoft
-CVE-2004-0324
+CVE-2004-0324 (Confirm 0.62 and earlier could allow remote attackers to execute arbit ...)
 	NOT-FOR-US: confirm 0.70
-CVE-2004-0323
+CVE-2004-0323 (Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remo ...)
 	NOT-FOR-US: xmb 1.8 final sp2
-CVE-2004-0322
+CVE-2004-0322 (Multiple cross-site scripting (XSS) vulnerabilities in XMB 1.8 Final S ...)
 	NOT-FOR-US: xmb 1.8 final sp2
-CVE-2004-0321
+CVE-2004-0321 (Team Factor 1.25 and earlier allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Team Factor
-CVE-2004-0319
+CVE-2004-0319 (Cross-site scripting (XSS) vulnerability in the font tag in ezBoard 7. ...)
 	NOT-FOR-US: ezBoard
-CVE-2004-0318
+CVE-2004-0318 (Load Sharing Facility (LSF) 4.x, 5.x, and 6.x uses the LSF_EAUTH_UID e ...)
 	NOT-FOR-US: Load Sharing Facility
-CVE-2004-0317
+CVE-2004-0317 (Buffer overflow in eauth in Load Sharing Facility 4.x, 5.x, and 6.x al ...)
 	NOT-FOR-US: Load Sharing Facility
-CVE-2004-0316
+CVE-2004-0316 (Buffer overflow in Avirt Soho 4.3 allows remote attackers to cause a d ...)
 	NOT-FOR-US: Avirt
-CVE-2004-0315
+CVE-2004-0315 (Buffer overflow in Avirt Voice 4.0 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Avirt
-CVE-2004-0314
+CVE-2004-0314 (Cross-site scripting (XSS) vulnerability in done.jsp in WebzEdit 1.9 a ...)
 	NOT-FOR-US: WebzEdit
-CVE-2004-0313
+CVE-2004-0313 (Buffer overflow in PSOProxy 0.91 allows remote attackers to cause a de ...)
 	NOT-FOR-US: PSOProxy
-CVE-2004-0312
+CVE-2004-0312 (Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP re ...)
 	NOT-FOR-US: LINKSYS
-CVE-2004-0311
+CVE-2004-0311 (American Power Conversion (APC) Web/SNMP Management SmartSlot Card 3.0 ...)
 	NOT-FOR-US: APC
-CVE-2004-0310
+CVE-2004-0310 (Cross-site scripting (XSS) vulnerability in LiveJournal 1.0 and 1.1 al ...)
 	NOT-FOR-US: LiveJournal
-CVE-2004-0308
+CVE-2004-0308 (Unknown vulnerability in Cisco ONS 15327 before 4.1(3), ONS 15454 befo ...)
 	NOT-FOR-US: cisco
-CVE-2004-0305
+CVE-2004-0305 (Cross-site scripting (XSS) vulnerability in error.asp in WebCortex Web ...)
 	NOT-FOR-US: WebCortex WebStores
-CVE-2004-0304
+CVE-2004-0304 (SQL injection vulnerability in browse_items.asp in WebCortex WebStores ...)
 	NOT-FOR-US: WebCortex WebStores
-CVE-2004-0303
+CVE-2004-0303 (OWLS 1.0 allows remote attackers to retrieve arbitrary files via absol ...)
 	NOT-FOR-US: OWLS 1.0
-CVE-2004-0302
+CVE-2004-0302 (Directory traversal vulnerability in OWLS 1.0 allows remote attackers  ...)
 	NOT-FOR-US: OWLS 1.0
-CVE-2004-0301
+CVE-2004-0301 (Cross-site scripting (XSS) vulnerability in more.php for Online Store  ...)
 	NOT-FOR-US: Online Store Kit
-CVE-2004-0300
+CVE-2004-0300 (SQL injection vulnerability in Online Store Kit 3.0 allows remote atta ...)
 	NOT-FOR-US: Online Store Kit
-CVE-2004-0299
+CVE-2004-0299 (Buffer overflow in smallftpd 0.99 allows local users to cause a denial ...)
 	NOT-FOR-US: smallftpd;
-CVE-2004-0298
+CVE-2004-0298 (CesarFTP 0.99e allows remote attackers to cause a denial of service (C ...)
 	NOT-FOR-US: CesarFTP; Win32
-CVE-2004-0296
+CVE-2004-0296 (TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Broker FTP 6.1.0.0; Win32
-CVE-2004-0295
+CVE-2004-0295 (TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Broker FTP 6.1.0.0 again; Win32
-CVE-2004-0294
+CVE-2004-0294 (YaBB 1 SP 1.3.1 displays different error messages when a user exists o ...)
 	NOT-FOR-US: yabb;
-CVE-2004-0293
+CVE-2004-0293 (Directory traversal vulnerability in ShopCartCGI 2.3 allows remote att ...)
 	NOT-FOR-US: ShopCartCGI 2.3;
-CVE-2004-0292
+CVE-2004-0292 (Buffer overflow in KarjaSoft Sami HTTP Server 1.0.4 allows remote atta ...)
 	NOT-FOR-US: KarjaSoft Sami HTTP Server 1.0.4; Win32
-CVE-2004-0291
+CVE-2004-0291 (SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 al ...)
 	NOT-FOR-US: YaBB;
-CVE-2004-0290
+CVE-2004-0290 (Buffer overflow in Purge Jihad 2.0.1 and earlier allows remote game se ...)
 	NOT-FOR-US: Purge Jihad;
-CVE-2004-0289
+CVE-2004-0289 (Buffer overflow in sdbscan in SignatureDB 0.1.1 allows local users to  ...)
 	NOT-FOR-US: SignatureDB;
-CVE-2004-0288
+CVE-2004-0288 (Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13  ...)
 	- mnogosearch 3.2.18
 	NOTE: it's not quite clear which version exactly fixes the problem;
 	NOTE: I checked the source code of the most recent version and compared
 	NOTE: it with the problematic section described in the advisory
 	NOTE: (http://marc.info/?l=bugtraq&m=107695139930726&w=2)
 	NOTE: and I can confirm the buffer overflow is fixed there
-CVE-2004-0287
+CVE-2004-0287 (Xlight FTP server 1.52 allows remote authenticated users to cause a de ...)
 	NOT-FOR-US: Xlight FTP server 1.52;
-CVE-2004-0286
+CVE-2004-0286 (Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote attackers ...)
 	NOT-FOR-US: RobotFTP;
-CVE-2004-0285
+CVE-2004-0285 (PHP remote file inclusion vulnerabilities in include/footer.inc.php in ...)
 	NOT-FOR-US: PHP scripts
-CVE-2004-0284
+CVE-2004-0284 (Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow  ...)
 	NOT-FOR-US: MSIE bugs
-CVE-2004-0283
+CVE-2004-0283 (Mailmgr 1.2.3 allows local users to overwrite arbitrary files via a sy ...)
 	NOT-FOR-US: mailmgr;
-CVE-2004-0282
+CVE-2004-0282 (Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Crob FTP;
-CVE-2004-0281
+CVE-2004-0281 (Caucho Technology Resin 2.1.12 allows remote attackers to gain sensiti ...)
 	NOT-FOR-US: Caucho Technology Resin;
-CVE-2004-0280
+CVE-2004-0280 (Caucho Technology Resin 2.1.12 allows remote attackers to view JSP sou ...)
 	NOT-FOR-US: Caucho Technology Resin;
-CVE-2004-0279
+CVE-2004-0279 (AIM Sniff (aimSniff.pl) 0.9b allows local users to overwrite arbitrary ...)
 	NOT-FOR-US: AIMSniff;
-CVE-2004-0278
+CVE-2004-0278 (Ratbag game engine, as used in products such as Dirt Track Racing, Lea ...)
 	NOT-FOR-US: Ratbag game engine;
-CVE-2004-0277
+CVE-2004-0277 (Format string vulnerability in Dream FTP 1.02 allows remote attackers  ...)
 	NOT-FOR-US: Dream FTP;
-CVE-2004-0275
+CVE-2004-0275 (SQL injection vulnerability in calendar_download.php in BosDates 3.2 a ...)
 	NOT-FOR-US: BosDates;
-CVE-2004-0272
+CVE-2004-0272 (SQL injection vulnerability in MaxWebPortal allows remote attackers to ...)
 	NOT-FOR-US: MaxWebPortal;
-CVE-2004-0271
+CVE-2004-0271 (Multiple cross-site scripting vulnerabilities (XSS) in MaxWebPortal al ...)
 	NOT-FOR-US: MaxWebPortal;
-CVE-2004-0269
+CVE-2004-0269 (SQL injection vulnerability in PHP-Nuke 6.9 and earlier, and possibly  ...)
 	NOT-FOR-US: PHP-Nuke;
-CVE-2004-0268
+CVE-2004-0268 (Multiple buffer overflows in EvolutionX 3921 and 3935 allow remote att ...)
 	NOT-FOR-US: EvolutionX;
-CVE-2004-0267
+CVE-2004-0267 (The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust I ...)
 	NOT-FOR-US: eTrust InoculateIT;
-CVE-2004-0266
+CVE-2004-0266 (SQL injection vulnerability in the "public message" capability (public ...)
 	NOT-FOR-US: PHP-Nuke;
-CVE-2004-0265
+CVE-2004-0265 (Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6 ...)
 	NOT-FOR-US: PHP-Nuke;
-CVE-2004-0264
+CVE-2004-0264 (palmhttpd for PalmOS allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: PalmOS
-CVE-2004-0262
+CVE-2004-0262 (Stack-based buffer overflow in The Palace 3.5 and earlier client allow ...)
 	NOT-FOR-US: The Palace;
-CVE-2004-0260
+CVE-2004-0260 (The AddToMailingList function in CactuSoft CactuShop 5.0 Lite contains ...)
 	NOT-FOR-US: CactuShop;
-CVE-2004-0259
+CVE-2004-0259 (The check_referer() function in Formmail.php 5.0 and earlier allows re ...)
 	NOT-FOR-US: formmail.php;
-CVE-2004-0258
+CVE-2004-0258 (Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealO ...)
 	NOT-FOR-US: RealPlayer
-CVE-2004-0255
+CVE-2004-0255 (Xlight 1.52, with log to screen enabled, allows remote attackers to ca ...)
 	NOT-FOR-US: Xlight;
-CVE-2004-0254
+CVE-2004-0254 (Cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x  ...)
 	NOT-FOR-US: Discuz;
-CVE-2004-0253
+CVE-2004-0253 (IBM Cloudscape 5.1 running jdk 1.4.2_03 allows remote attackers to exe ...)
 	NOT-FOR-US: IBM Cloudscape
-CVE-2004-0252
+CVE-2004-0252 (TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: TYPSoft FTP Server
-CVE-2004-0251
+CVE-2004-0251 (Cross-site scripting (XSS) vulnerability in rxgoogle.cgi allows remote ...)
 	NOT-FOR-US: rxgoogle.cgi
-CVE-2004-0250
+CVE-2004-0250 (SQL injection vulnerability in PhotoPost PHP Pro 4.6 and earlier allow ...)
 	NOT-FOR-US: PhotoPost PHP Pro
-CVE-2004-0249
+CVE-2004-0249 (PHPX 2.0 through 3.2.4 allows remote attackers to gain access to other ...)
 	NOT-FOR-US: PHPX
-CVE-2004-0248
+CVE-2004-0248 (Cross-site scripting vulnerability (XSS) in PHPX 3.2.3 allows remote a ...)
 	NOT-FOR-US: PHPX
-CVE-2004-0247
+CVE-2004-0247 (The client and server of Chaser 1.50 and earlier allow remote attacker ...)
 	NOT-FOR-US: Chaser
-CVE-2004-0246
+CVE-2004-0246 (Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.li ...)
 	NOT-FOR-US: Les Commentaires
-CVE-2004-0245
+CVE-2004-0245 (Web Crossing 4.x and 5.x allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Web Crossing
-CVE-2004-0244
+CVE-2004-0244 (Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Featu ...)
 	NOT-FOR-US: Cisco
-CVE-2004-0243
+CVE-2004-0243 (AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displ ...)
 	NOT-FOR-US: AIX
-CVE-2004-0242
+CVE-2004-0242 (X-Cart 3.4.3 allows remote attackers to gain sensitive information via ...)
 	NOT-FOR-US: X-Cart 3.4.3
-CVE-2004-0241
+CVE-2004-0241 (X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via ...)
 	NOT-FOR-US: X-Cart 3.4.3
-CVE-2004-0240
+CVE-2004-0240 (Directory traversal vulnerability in X-Cart 3.4.3 allows remote attack ...)
 	NOT-FOR-US: X-Cart 3.4.3
-CVE-2004-0239
+CVE-2004-0239 (SQL injection vulnerability in showphoto.php in PhotoPost PHP Pro 4.6  ...)
 	NOT-FOR-US: PhotoPost PHP Pro
-CVE-2004-0238
+CVE-2004-0238 (Multiple buffer overflows in Overkill (0verkill) 0.15pre3 might allow  ...)
 	- overkill 0.16-7
-CVE-2004-0237
+CVE-2004-0237 (Directory traversal vulnerability in index.php in Aprox PHP Portal all ...)
 	NOT-FOR-US: Aprox PHP Portal
-CVE-2004-0236
+CVE-2004-0236 (SQL injection vulnerability in login.asp in thePHOTOtool allows remote ...)
 	NOT-FOR-US: thePHOTOtool
-CVE-2004-0235
+CVE-2004-0235 (Multiple directory traversal vulnerabilities in LHA 1.14 allow remote  ...)
 	{DSA-515}
 	- lha 1.14i-8
-CVE-2004-0234
+CVE-2004-0234 (Multiple stack-based buffer overflows in the get_header function in he ...)
 	{DSA-515}
 	- lha 1.14i-8
-CVE-2004-0233
+CVE-2004-0233 (Utempter allows device names that contain .. (dot dot) directory trave ...)
 	NOT-FOR-US: utempter
-CVE-2004-0232
+CVE-2004-0232 (Multiple format string vulnerabilities in Midnight Commander (mc) befo ...)
 	{DSA-497}
 	- mc 1:4.6.0-4.6.1-pre1-2
-CVE-2004-0231
+CVE-2004-0231 (Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with ...)
 	{DSA-497}
 	- mc 1:4.6.0-4.6.1-pre1-2
-CVE-2004-0230
+CVE-2004-0230 (TCP, when using a large Window Size, makes it easier for remote attack ...)
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	- linux-2.6.24 <removed> (unimportant)
 	NOTE: the attack works with a certain non-negligible probability, but even
 	NOTE: when successful, it only causes a TCP disconnect, which will (in most
 	NOTE: circumstances) be reestablished right away, causing essentially no impact
-CVE-2004-0229
+CVE-2004-0229 (The framebuffer driver in Linux kernel 2.6.x does not properly use the ...)
 	- linux-2.6 2.6.6-1
 	- linux-2.6.24 <not-affected>
-CVE-2004-0228
+CVE-2004-0228 (Integer signedness error in the cpufreq proc handler (cpufreq_procctl) ...)
 	- kernel-source-2.4.27 <not-affected> (2.4 does not have cpufreq)
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.8)
-CVE-2004-0227
+CVE-2004-0227 (Buffer overflow in the zms script in ZoneMinder before 1.19.2 may allo ...)
 	- zoneminder 1.22.3-1
 	NOTE: fixed in 1.19.2, which was released before initial upload of 1.22.3
-CVE-2004-0226
+CVE-2004-0226 (Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may  ...)
 	{DSA-497}
 	- mc 1:4.6.0-4.6.1-pre1-2
 CVE-2004-0225
 	RESERVED
-CVE-2004-0224
+CVE-2004-0224 (Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Cou ...)
 	- courier 0.45.1-1
 CVE-2004-0223
 	RESERVED
-CVE-2004-0222
+CVE-2004-0222 (Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remo ...)
 	NOT-FOR-US: isakmpd in OpenBSD
-CVE-2004-0221
+CVE-2004-0221 (isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: isakmpd in OpenBSD
-CVE-2004-0220
+CVE-2004-0220 (isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: isakmpd in OpenBSD
-CVE-2004-0219
+CVE-2004-0219 (isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: isakmpd in OpenBSD
-CVE-2004-0218
+CVE-2004-0218 (isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: isakmpd in OpenBSD
-CVE-2004-0217
+CVE-2004-0217 (The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan E ...)
 	NOT-FOR-US: Symantec AntiVirus Scan Engine for Red Hat
-CVE-2004-0216
+CVE-2004-0216 (Integer overflow in the Install Engine (inseng.dll) for Internet Explo ...)
 	NOT-FOR-US: MSIE bug
-CVE-2004-0215
+CVE-2004-0215 (Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial ...)
 	NOT-FOR-US: MS-Outlook-Express
-CVE-2004-0214
+CVE-2004-0214 (Buffer overflow in Microsoft Internet Explorer and Explorer on Windows ...)
 	NOT-FOR-US: MSIE bug
-CVE-2004-0213
+CVE-2004-0213 (Utility Manager in Windows 2000 launches winhlp32.exe while Utility Ma ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0212
+CVE-2004-0212 (Stack-based buffer overflow in the Task Scheduler for Windows 2000 and ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0211
+CVE-2004-0211 (The kernel for Microsoft Windows Server 2003 does not reset certain va ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0210
+CVE-2004-0210 (The POSIX component of Microsoft Windows NT and Windows 2000 allows lo ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0209
+CVE-2004-0209 (Unknown vulnerability in the Graphics Rendering Engine processes of Mi ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0208
+CVE-2004-0208 (The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, W ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0207
+CVE-2004-0207 ("Shatter" style vulnerability in the Window Management application pro ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0206
+CVE-2004-0206 (Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows  ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0205
+CVE-2004-0205 (Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 all ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0204
+CVE-2004-0204 (Directory traversal vulnerability in the web viewers for Business Obje ...)
 	NOT-FOR-US: Visual Studio bug
-CVE-2004-0203
+CVE-2004-0203 (Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exc ...)
 	NOT-FOR-US: Exchange bug
-CVE-2004-0202
+CVE-2004-0202 (IDirectPlay4 Application Programming Interface (API) of Microsoft Dire ...)
 	NOT-FOR-US: DirectX
-CVE-2004-0201
+CVE-2004-0201 (Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML He ...)
 	NOT-FOR-US: Windows HTML Help
-CVE-2004-0200
+CVE-2004-0200 (Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Grap ...)
 	NOT-FOR-US: famous Windows GDI+ JPEG parsing bug
-CVE-2004-0199
+CVE-2004-0199 (Help and Support Center in Microsoft Windows XP and Windows Server 200 ...)
 	NOT-FOR-US: Windows bug
 CVE-2004-0198
 	RESERVED
-CVE-2004-0197
+CVE-2004-0197 (Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote att ...)
 	NOT-FOR-US: MSJet bug
 CVE-2004-0196
 	RESERVED
 CVE-2004-0195
 	RESERVED
-CVE-2004-0192
+CVE-2004-0192 (Cross-site scripting (XSS) vulnerability in the Management Service for ...)
 	NOT-FOR-US: Symantec Gateway Security
 CVE-2004-0187
 	REJECTED
-CVE-2004-0184
+CVE-2004-0184 (Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier ...)
 	{DSA-478}
 	- tcpdump 3.7.2-4
-CVE-2004-0183
+CVE-2004-0183 (TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of ...)
 	{DSA-478}
 	- tcpdump 3.7.2-4
-CVE-2004-0182
+CVE-2004-0182 (Mailman before 2.0.13 allows remote attackers to cause a denial of ser ...)
 	- mailman <not-affected> (RedHat specific bug)
-CVE-2004-0181
+CVE-2004-0181 (The JFS file system code in Linux 2.4.x has an information leak in whi ...)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-pre5)
-CVE-2004-0180
+CVE-2004-0180 (The client for CVS before 1.11 allows a remote malicious CVS server to ...)
 	{DSA-486}
 	- cvs 1:1.12.5-4 (medium)
-CVE-2004-0179
+CVE-2004-0179 (Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, ...)
 	{DSA-487}
 	- neon 0.24.5-1
-CVE-2004-0178
+CVE-2004-0178 (The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before ...)
 	{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.8)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-pre3)
-CVE-2004-0177
+CVE-2004-0177 (The ext3 code in Linux 2.4.x before 2.4.26 does not properly initializ ...)
 	{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.8)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-pre4)
-CVE-2004-0176
+CVE-2004-0176 (Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote at ...)
 	{DSA-511}
 	- ethereal 0.10.3-1 (bug #239576)
-CVE-2004-0175
+CVE-2004-0175 (Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allo ...)
 	{CVE-2000-0992}
 	- openssh 1:3.9p1-1 (low; bug #270770)
 	[sarge] - openssh <no-dsa> (Minor issue)
@@ -5785,50 +5785,50 @@ CVE-2004-0175
 	NOTE: The "SUID/SGID across trust boundaries" issue remains, but is
 	NOTE: largely theoretic. This is a rediscovery of CVE-2000-0992.
 	NOTE: jmm: 3.9p1 thus marked as fixed version
-CVE-2004-0174
+CVE-2004-0174 (Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multip ...)
 	- apache 1.3.29.0.2-5
-CVE-2004-0172
+CVE-2004-0172 (Heap-based buffer overflow in the search_for_command function of ltrac ...)
 	- ltrace <not-affected> (Not setuid/setgid in Debian)
 CVE-2004-0170
 	RESERVED
-CVE-2004-0168
+CVE-2004-0168 (Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related t ...)
 	NOT-FOR-US: CoreFoundation for Mac OS X
-CVE-2004-0166
+CVE-2004-0166 (Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 relate ...)
 	NOT-FOR-US: Safari
-CVE-2004-0164
+CVE-2004-0164 (KAME IKE daemon (racoon) does not properly handle hash values, which a ...)
 	- ipsec-tools 0.3.3-1
 	NOTE: not mentioned in the changelog, so I don't know which version exactly fixes
 	NOTE: the problem, but the patch that fixes the bug is applied:
 	NOTE: http://marc.info/?l=bugtraq&m=107411758202662&w=2
-CVE-2004-0163
+CVE-2004-0163 (Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the  ...)
 	NOT-FOR-US: Sygate Secure Enterprise
-CVE-2004-0162
+CVE-2004-0162 (Multiple content security gateway and antivirus products allow remote  ...)
 	NOT-FOR-US: general MIME bug with security gateways
-CVE-2004-0161
+CVE-2004-0161 (Multiple content security gateway and antivirus products allow remote  ...)
 	NOT-FOR-US: general MIME bug with security gateways
-CVE-2004-0158
+CVE-2004-0158 (Buffer overflow in lbreakout2 allows local users to gain 'games' group ...)
 	{DSA-445}
 	- lbreakout2 2.4
-CVE-2004-0157
+CVE-2004-0157 (x11.c in xonix 1.4 and earlier uses the current working directory to f ...)
 	{DSA-484}
 	- xonix 1.4-21
-CVE-2004-0156
+CVE-2004-0156 (Format string vulnerabilities in the (1) die or (2) log_event function ...)
 	{DSA-485}
 	- ssmtp 2.60.7
-CVE-2004-0155
+CVE-2004-0155 (The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, ...)
 	- ipsec-tools 0.2.5-2
-CVE-2004-0154
+CVE-2004-0154 (rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers  ...)
 	- nfs-utils 1:1.0.5-3
-CVE-2004-0153
+CVE-2004-0153 (Multiple format string vulnerabilities in emil 2.1.0 and earlier may a ...)
 	{DSA-468}
 	- emil 2.1.0-beta9-14
-CVE-2004-0152
+CVE-2004-0152 (Multiple stack-based buffer overflows in (1) the encode_mime function, ...)
 	{DSA-468}
 	- emil 2.1.0-beta9-14
-CVE-2004-0151
+CVE-2004-0151 (Unknown vulnerability in xitalk 1.1.11 and earlier allows local users  ...)
 	{DSA-462}
 	- xitalk 1.1.11-11
-CVE-2004-0149
+CVE-2004-0149 (Multiple buffer overflows in xboing before 2.4 allow local users to ga ...)
 	{DSA-451}
 	- xboing 2.4-26.1 (bug #174924)
 CVE-2004-0147
@@ -5839,7 +5839,7 @@ CVE-2004-0145
 	REJECTED
 CVE-2004-0144
 	REJECTED
-CVE-2004-0143
+CVE-2004-0143 (Multiple vulnerabilities in Nokia 6310(i) Mobile phones allow remote a ...)
 	NOT-FOR-US: Nokia mobile phones
 CVE-2004-0142
 	REJECTED
@@ -5847,66 +5847,66 @@ CVE-2004-0141
 	REJECTED
 CVE-2004-0140
 	REJECTED
-CVE-2004-0139
+CVE-2004-0139 (Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5. ...)
 	NOT-FOR-US: SGI IRIX
-CVE-2004-0138
+CVE-2004-0138 (The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (fixed before first upload)
-CVE-2004-0137
+CVE-2004-0137 (Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows lo ...)
 	NOT-FOR-US: IRIX init
-CVE-2004-0136
+CVE-2004-0136 (The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows lo ...)
 	NOT-FOR-US: IRIX
-CVE-2004-0135
+CVE-2004-0135 (The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allow ...)
 	NOT-FOR-US: IRIX
-CVE-2004-0134
+CVE-2004-0134 (cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain priv ...)
 	NOT-FOR-US: IRIX
-CVE-2004-0133
+CVE-2004-0133 (The XFS file system code in Linux 2.4.x has an information leak in whi ...)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-rc2)
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.5)
-CVE-2004-0132
+CVE-2004-0132 (Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 ...)
 	NOT-FOR-US: ezContents
-CVE-2004-0130
+CVE-2004-0130 (login.php in phpGedView 2.65 and earlier allows remote attackers to ob ...)
 	NOT-FOR-US: phpGedView
-CVE-2004-0127
+CVE-2004-0127 (Directory traversal vulnerability in editconfig_gedcom.php for phpGedV ...)
 	NOT-FOR-US: phpGedView
-CVE-2004-0125
+CVE-2004-0125 (The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verif ...)
 	NOT-FOR-US: FreeBSD jail
-CVE-2004-0124
+CVE-2004-0124 (The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Ser ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0123
+CVE-2004-0123 (Double free vulnerability in the ASN.1 library as used in Windows NT 4 ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0120
+CVE-2004-0120 (The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2 ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0119
+CVE-2004-0119 (The Negotiate Security Software Provider (SSP) interface in Windows 20 ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0118
+CVE-2004-0118 (The component for the Virtual DOS Machine (VDM) subsystem in Windows N ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0117
+CVE-2004-0117 (Unknown vulnerability in the H.323 protocol implementation in Windows  ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0116
+CVE-2004-0116 (An Activation function in the RPCSS Service involved with DCOM activat ...)
 	NOT-FOR-US: Windows bug
-CVE-2004-0112
+CVE-2004-0112 (The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, wh ...)
 	- openssl 0.9.7d-1
-CVE-2004-0110
+CVE-2004-0110 (Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft  ...)
 	{DSA-455}
 	- libxml 1:1.8.17-5
 	- libxml2 2.6.6-1
-CVE-2004-0109
+CVE-2004-0109 (Buffer overflow in the ISO9660 file system component for Linux kernel  ...)
 	{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-rc4)
 	- linux-2.6 <not-affected> (fixed before first upload; 2.6.6)
-CVE-2004-0107
+CVE-2004-0107 (The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allo ...)
 	- sysstat 5.0.2-1
-CVE-2004-0106
+CVE-2004-0106 (Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to ...)
 	{DSA-443}
 	- xfree86 4.3.0-2
-CVE-2004-0105
+CVE-2004-0105 (Multiple buffer overflows in Metamail 2.7 and earlier allow remote att ...)
 	{DSA-449}
 	- metamail 2.7-45.2
-CVE-2004-0104
+CVE-2004-0104 (Multiple format string vulnerabilities in Metamail 2.7 and earlier all ...)
 	{DSA-449}
 	- metamail 2.7-45.2
-CVE-2004-0103
+CVE-2004-0103 (crawl before 4.0.0 beta23 does not properly "apply a size check" when  ...)
 	{DSA-432}
 	- crawl 1:4.0.0beta26-4
 CVE-2004-0102
@@ -5917,113 +5917,113 @@ CVE-2004-0100
 	RESERVED
 CVE-2004-0098
 	REJECTED
-CVE-2004-0097
+CVE-2004-0097 (Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers  ...)
 	{DSA-448}
 	- pwlib 1.5.2-4
-CVE-2004-0092
+CVE-2004-0092 (Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10. ...)
 	NOT-FOR-US: Safari
 CVE-2004-0091
 	NOT-FOR-US: vBulletin
-CVE-2004-0090
+CVE-2004-0090 (Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 thro ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0088
+CVE-2004-0088 (The System Configuration subsystem in Mac OS 10.2.8 allows local users ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0087
+CVE-2004-0087 (The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows  ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0086
+CVE-2004-0086 (Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has  ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0085
+CVE-2004-0085 (Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and  ...)
 	NOT-FOR-US: MacOS
-CVE-2004-0084
+CVE-2004-0084 (Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3. ...)
 	{DSA-443}
 	- xfree86 4.3.0-2
-CVE-2004-0083
+CVE-2004-0083 (Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 throu ...)
 	{DSA-443}
 	- xfree86 4.3.0-2
-CVE-2004-0081
+CVE-2004-0081 (OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message t ...)
 	{DSA-465}
 	- openssl 0.9.6d-1
-CVE-2004-0079
+CVE-2004-0079 (The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0. ...)
 	{DSA-465}
 	- openssl 0.9.7d-1
 	- openssl096 0.9.6m-1
 CVE-2004-0076
 	REJECTED
-CVE-2004-0074
+CVE-2004-0074 (Multiple buffer overflows in xsok 1.02 allows local users to gain priv ...)
 	- xsok <not-affected> (Not vulnerable. See bug #278777)
-CVE-2004-0073
+CVE-2004-0073 (PHP remote file inclusion vulnerability in (1) config.php and (2) conf ...)
 	NOT-FOR-US: EasyDynamicPages
-CVE-2004-0072
+CVE-2004-0072 (Directory traversal vulnerability in Accipiter Direct Server 6.0 allow ...)
 	NOT-FOR-US: Accipiter Direct Server 6.0
-CVE-2004-0071
+CVE-2004-0071 (Directory traversal vulnerability in buildManPage in class.manpagelook ...)
 	NOT-FOR-US: PHP Man Page Lookup 1.2.0
-CVE-2004-0069
+CVE-2004-0069 (Format string vulnerability in HD Soft Windows FTP Server 1.6 and earl ...)
 	NOT-FOR-US: HD Soft Windows FTP Server 1.6
-CVE-2004-0067
+CVE-2004-0067 (Multiple cross-site scripting (XSS) vulnerabilities in phpGedView befo ...)
 	NOT-FOR-US: phpGedView
-CVE-2004-0066
+CVE-2004-0066 (phpGedView before 2.65 allows remote attackers to obtain the absolute  ...)
 	NOT-FOR-US: phpGedView
-CVE-2004-0065
+CVE-2004-0065 (Multiple SQL injection vulnerabilities in phpGedView before 2.65 allow ...)
 	NOT-FOR-US: phpGedView
-CVE-2004-0064
+CVE-2004-0064 (The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows loc ...)
 	NOT-FOR-US: SuSE YaST
-CVE-2004-0062
+CVE-2004-0062 (Integer overflow in the rnd arithmetic rounding function for various v ...)
 	NOT-FOR-US: FishCart
-CVE-2004-0061
+CVE-2004-0061 (WWW File Share Pro 2.42 and earlier allows remote attackers to bypass  ...)
 	NOT-FOR-US: WWW File Share Pro 2.42
-CVE-2004-0060
+CVE-2004-0060 (WWW File Share Pro 2.42 and earlier allows remote attackers to cause a ...)
 	NOT-FOR-US: WWW File Share Pro 2.42
-CVE-2004-0059
+CVE-2004-0059 (Directory traversal vulnerability in upload capability of WWW File Sha ...)
 	NOT-FOR-US: WWW File Share Pro 2.42
-CVE-2004-0058
+CVE-2004-0058 (Antivir / Linux 2.0.9-9, and possibly earlier versions, allows local u ...)
 	NOT-FOR-US: Antivir
-CVE-2004-0057
+CVE-2004-0057 (The rawprint function in the ISAKMP decoding routines (print-isakmp.c) ...)
 	{DSA-425}
 	- tcpdump 3.8.3-1
 	NOTE: Upstream version 3.8.3 is fixed; may have been fixed earlier.
-CVE-2004-0056
+CVE-2004-0056 (Multiple vulnerabilities in the H.323 protocol implementation for Nort ...)
 	NOT-FOR-US: Nortel Networks products
-CVE-2004-0055
+CVE-2004-0055 (The print_attr_string function in print-radius.c for tcpdump 3.8.1 and ...)
 	{DSA-425}
 	- tcpdump 3.8.3-1
 	NOTE: Upstream version 3.8.3 is fixed; may have been fixed earlier.
-CVE-2004-0054
+CVE-2004-0054 (Multiple vulnerabilities in the H.323 protocol implementation for Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2004-0053
+CVE-2004-0053 (Multiple content security gateway and antivirus products allow remote  ...)
 	NOT-FOR-US: Multiple security gateways MIME parsing stuff
-CVE-2004-0052
+CVE-2004-0052 (Multiple content security gateway and antivirus products allow remote  ...)
 	NOT-FOR-US: Multiple security gateways MIME parsing stuff
-CVE-2004-0051
+CVE-2004-0051 (Multiple content security gateway and antivirus products allow remote  ...)
 	NOT-FOR-US: Multiple security gateways MIME parsing stuff
-CVE-2004-0050
+CVE-2004-0050 (Verity Ultraseek before 5.2.2 allows remote attackers to obtain the fu ...)
 	NOT-FOR-US: Verity Ultraseek
 CVE-2004-0048
 	RESERVED
-CVE-2004-0047
+CVE-2004-0047 (Multiple programs in trr19 1.0 do not properly drop privileges before  ...)
 	{DSA-430}
 	- trr19 1.0beta5-17.1 (bug #264702)
-CVE-2004-0046
+CVE-2004-0046 (Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows ...)
 	NOT-FOR-US: SnapStream PVS LITE
-CVE-2004-0043
+CVE-2004-0043 (Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allo ...)
 	NOT-FOR-US: Yahoo Instant Messenger
-CVE-2004-0042
+CVE-2004-0042 (vsftpd 1.1.3 generates different error messages depending on whether o ...)
 	- vsftpd 2.0.1-1
 	NOTE: can't find any mention of the bug being fixed, but vsftpd doesn't
 	NOTE: show the beaviour described in http://www.securitytracker.com/alerts/2004/Jan/1008628.html
-CVE-2004-0041
+CVE-2004-0041 (The mod_auth_shadow module 1.4 and earlier does not properly enforce t ...)
 	{DSA-421}
 	- mod-auth-shadow 1.4-1
-CVE-2004-0039
+CVE-2004-0039 (Multiple format string vulnerabilities in HTTP Application Intelligenc ...)
 	NOT-FOR-US: Check Point Firewall
-CVE-2004-0038
+CVE-2004-0038 (McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3  ...)
 	NOT-FOR-US: McAfee
-CVE-2004-0037
+CVE-2004-0037 (FirstClass Desktop Client 7.1 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: FistClass Desktop Client
-CVE-2004-0034
+CVE-2004-0034 (Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 an ...)
 	NOT-FOR-US: Phorum
-CVE-2004-0030
+CVE-2004-0030 (PHP remote file inclusion vulnerability in (1) functions.php, (2) auth ...)
 	NOT-FOR-US: PHPGEDVIEW
-CVE-2004-0029
+CVE-2004-0029 (Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration ...)
 	NOT-FOR-US: Lotus Notes Domino
 CVE-2004-0027
 	RESERVED
@@ -6045,203 +6045,203 @@ CVE-2004-0019
 	RESERVED
 CVE-2004-0018
 	RESERVED
-CVE-2004-0017
+CVE-2004-0017 (Multiple SQL injection vulnerabilities in the (1) calendar and (2) inf ...)
 	{DSA-419}
 	- phpgroupware 0.9.14.007-4
-CVE-2004-0014
+CVE-2004-0014 (Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier ...)
 	{DSA-412}
 	- nd 0.8.2-1
 CVE-2004-0012
 	REJECTED
-CVE-2004-0010
+CVE-2004-0010 (Stack-based buffer overflow in the ncp_lookup function for ncpfs in Li ...)
 	{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.25-pre7)
-CVE-2004-0008
+CVE-2004-0008 (Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0. ...)
 	{DSA-434}
 	- gaim 1:0.75-2
-CVE-2004-0007
+CVE-2004-0007 (Buffer overflow in the Extract Info Field Function for (1) MSN and (2) ...)
 	{DSA-434}
 	- gaim 1:0.75-2
-CVE-2004-0006
+CVE-2004-0006 (Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic  ...)
 	{DSA-434}
 	- gaim 1:0.75-2
-CVE-2004-0005
+CVE-2004-0005 (Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause ...)
 	{DSA-434}
 	- gaim 1:0.75-2
-CVE-2004-0003
+CVE-2004-0003 (Unknown vulnerability in Linux kernel before 2.4.22 allows local users ...)
 	{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-rc4)
-CVE-2004-0002
+CVE-2004-0002 (The TCP MSS (maximum segment size) functionality in netinet allows rem ...)
 	NOT-FOR-US: FreeBSD netinet
-CVE-2004-0356
+CVE-2004-0356 (Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro ...)
 	NOT-FOR-US: windows mta
-CVE-2004-0347
+CVE-2004-0347 (Cross-site scripting (XSS) vulnerability in delhomepage.cgi in NetScre ...)
 	NOT-FOR-US: juniper router
-CVE-2004-0336
+CVE-2004-0336 (LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive in ...)
 	NOT-FOR-US: windows mta
-CVE-2004-0320
+CVE-2004-0320 (Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67. ...)
 	NOT-FOR-US: ncipher hardware
-CVE-2004-0309
+CVE-2004-0309 (Stack-based buffer overflow in the SMTP service support in vsmon.exe i ...)
 	NOT-FOR-US: windows firewall
-CVE-2004-0307
+CVE-2004-0307 (Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS 15454  ...)
 	NOT-FOR-US: cisco
-CVE-2004-0306
+CVE-2004-0306 (Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD b ...)
 	NOT-FOR-US: cisco
-CVE-2004-0297
+CVE-2004-0297 (Buffer overflow in the Lightweight Directory Access Protocol (LDAP) da ...)
 	NOT-FOR-US: windows mta
-CVE-2004-0276
+CVE-2004-0276 (The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and ...)
 	NOT-FOR-US: monkeyd, not in debian
-CVE-2004-0274
+CVE-2004-0274 (Share.mod in Eggheads Eggdrop IRC bot 1.6.10 through 1.6.15 can mistak ...)
 	- eggdrop 1.6.17
-CVE-2004-0273
+CVE-2004-0273 (Directory traversal vulnerability in RealOne Player, RealOne Player 2. ...)
 	NOT-FOR-US: realone player
-CVE-2004-0270
+CVE-2004-0270 (libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a de ...)
 	- clamav 0.80
-CVE-2004-0263
+CVE-2004-0263 (PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global  ...)
 	- php4 4.3.9
-CVE-2004-0261
+CVE-2004-0261 (oj.cgi in OpenJournal 2.0 through 2.0.5 allows remote attackers to byp ...)
 	NOT-FOR-US: openjournal, not in debian
-CVE-2004-0257
+CVE-2004-0257 (OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a ...)
 	NOT-FOR-US: open/netbsd
-CVE-2004-0256
+CVE-2004-0256 (GNU libtool before 1.5.2, during compile time, allows local users to o ...)
 	- libtool 1.5.6
-CVE-2004-0194
+CVE-2004-0194 (Stack-based buffer overflow in the OutputDebugString function for Adob ...)
 	NOT-FOR-US: acroread
-CVE-2004-0193
+CVE-2004-0193 (Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM),  ...)
 	NOT-FOR-US: realsecure/blackice
-CVE-2004-0191
+CVE-2004-0191 (Mozilla before 1.4.2 executes Javascript events in the context of a ne ...)
 	- mozilla 2:1.7.3
-CVE-2004-0190
+CVE-2004-0190 (Symantec FireWall/VPN Appliance model 200 records a cleartext password ...)
 	NOT-FOR-US: symantec
-CVE-2004-0189
+CVE-2004-0189 (The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows ...)
 	{DSA-474}
 	- squid 2.5.5-1
-CVE-2004-0188
+CVE-2004-0188 (Heap-based buffer overflow in Calife 2.8.5 and earlier may allow local ...)
 	{DSA-461}
 	- calife 2.8.6-1 (bug #235157)
-CVE-2004-0186
+CVE-2004-0186 (smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allow ...)
 	{DSA-463}
 	- samba 3.0.2-2
-CVE-2004-0185
+CVE-2004-0185 (Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp da ...)
 	{DSA-457}
 	- wu-ftpd 2.6.2-17.1
-CVE-2004-0173
+CVE-2004-0173 (Directory traversal vulnerability in Apache 1.3.29 and earlier, and Ap ...)
 	NOT-FOR-US: apache/cygwin
-CVE-2004-0171
+CVE-2004-0171 (FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote att ...)
 	NOT-FOR-US: freebsd/os x
-CVE-2004-0169
+CVE-2004-0169 (QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote  ...)
 	NOT-FOR-US: os x
-CVE-2004-0167
+CVE-2004-0167 (DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initia ...)
 	NOT-FOR-US: os x
-CVE-2004-0165
+CVE-2004-0165 (Format string vulnerability in Point-to-Point Protocol (PPP) daemon (p ...)
 	NOT-FOR-US: os x
-CVE-2004-0160
+CVE-2004-0160 (Synaesthesia 2.2 and earlier allows local users to execute arbitrary c ...)
 	{DSA-446}
 	- synaesthesia 2.1-3
 	NOTE: synaesthesia is no longer setuid in Debian.
-CVE-2004-0159
+CVE-2004-0159 (Format string vulnerability in hsftp 1.11 allows remote authenticated  ...)
 	{DSA-447}
 	- hsftp 1.15-1
-CVE-2004-0150
+CVE-2004-0150 (Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2 ...)
 	{DSA-458-3}
 	- python2.2 2.2.2
-CVE-2004-0148
+CVE-2004-0148 (wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, all ...)
 	{DSA-457}
 	- wu-ftpd 2.6.2-17.1
-CVE-2004-0131
+CVE-2004-0131 (The rad_print_request function in logger.c for GNU Radius daemon (radi ...)
 	NOT-FOR-US: gnu radiusd, not in debian
-CVE-2004-0129
+CVE-2004-0129 (Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 an ...)
 	- phpmyadmin 2:2.6.0-pl2
-CVE-2004-0128
+CVE-2004-0128 (PHP remote file inclusion vulnerability in the GEDCOM configuration sc ...)
 	NOT-FOR-US: phpgedview, not in debian
-CVE-2004-0126
+CVE-2004-0126 (The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directo ...)
 	NOT-FOR-US: freebsd
-CVE-2004-0122
+CVE-2004-0122 (Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain r ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0121
+CVE-2004-0121 (Argument injection vulnerability in Microsoft Outlook 2002 does not su ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0115
+CVE-2004-0115 (VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 all ...)
 	NOT-FOR-US: microsoft
-CVE-2004-0114
+CVE-2004-0114 (The shmat system call in the System V Shared Memory interface for Free ...)
 	NOT-FOR-US: bsd
-CVE-2004-0113
+CVE-2004-0113 (Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 a ...)
 	- apache2 2.0.52
-CVE-2004-0111
+CVE-2004-0111 (gdk-pixbuf before 0.20 allows attackers to cause a denial of service ( ...)
 	{DSA-464}
 	- gdk-pixbuf 0.22.0-3
-CVE-2004-0108
+CVE-2004-0108 (The isag utility, which processes sysstat data, allows local users to  ...)
 	{DSA-460}
 	- sysstat 5.0.2-1
-CVE-2004-0099
+CVE-2004-0099 (mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when cre ...)
 	NOT-FOR-US: freebsd
-CVE-2004-0096
+CVE-2004-0096 (Unknown vulnerability in mod_python 2.7.9 allows remote attackers to c ...)
 	- libapache-mod-python 2:2.7.10
-CVE-2004-0095
+CVE-2004-0095 (McAfee ePolicy Orchestrator agent allows remote attackers to cause a d ...)
 	NOT-FOR-US: mcafee
-CVE-2004-0094
+CVE-2004-0094 (Integer signedness errors in XFree86 4.1.0 allow remote attackers to c ...)
 	{DSA-443}
 	- xfree86 4.2.1-6
-CVE-2004-0093
+CVE-2004-0093 (XFree86 4.1.0 allows remote attackers to cause a denial of service and ...)
 	{DSA-443}
 	- xfree86 4.2.1-6
-CVE-2004-0089
+CVE-2004-0089 (Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x al ...)
 	NOT-FOR-US: os x
-CVE-2004-0082
+CVE-2004-0082 (The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1 ...)
 	- samba 3.0.7
-CVE-2004-0080
+CVE-2004-0080 (The login program in util-linux 2.11 and earlier uses a pointer after  ...)
 	NOT-FOR-US: debian uses different login
-CVE-2004-0078
+CVE-2004-0078 (Buffer overflow in the index menu code (menu_pad_string of menu.c) for ...)
 	- mutt 1.5.6-20040722+1
-CVE-2004-0077
+CVE-2004-0077 (The do_mremap function for the mremap system call in Linux 2.2 to 2.2. ...)
 	{DSA-514 DSA-475 DSA-470 DSA-466 DSA-456 DSA-454 DSA-453 DSA-450 DSA-444 DSA-442 DSA-441 DSA-440 DSA-439 DSA-438}
 	- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.26-pre3)
 	- kernel-source-2.2.20 <removed>
-CVE-2004-0075
+CVE-2004-0075 (The Vicam USB driver in Linux before 2.4.25 does not use the copy_from ...)
 	- kernel-source-2.4.24 2.4.24-3
 	NOTE: fixed in 2.4.26-pre3
-CVE-2004-0070
+CVE-2004-0070 (PHP remote file inclusion vulnerability in module.php for ezContents a ...)
 	NOT-FOR-US: ezcontents, commercial
-CVE-2004-0068
+CVE-2004-0068 (PHP remote file inclusion vulnerability in config.php for PhpDig 1.6.5 ...)
 	NOT-FOR-US: phpdig, not in debian
-CVE-2004-0063
+CVE-2004-0063 (The SPP_VerifyPVV function in nCipher payShield SPP library 1.3.12, 1. ...)
 	NOT-FOR-US: ncipher hsm
-CVE-2004-0049
+CVE-2004-0049 (Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attac ...)
 	NOT-FOR-US: real helix
-CVE-2004-0045
+CVE-2004-0045 (Buffer overflow in the ARTpost function in art.c in the control messag ...)
 	- inn2 2.4.1+20040820
 	[woody] - inn2 <not-affected>
-CVE-2004-0044
+CVE-2004-0044 (Cisco Personal Assistant 1.4(1) and 1.4(2) disables password authentic ...)
 	NOT-FOR-US: cisco
-CVE-2004-0040
+CVE-2004-0040 (Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4. ...)
 	NOT-FOR-US: checkpoint
-CVE-2004-0036
+CVE-2004-0036 (SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x  ...)
 	NOT-FOR-US: vbulletin, commercial
-CVE-2004-0035
+CVE-2004-0035 (SQL injection vulnerability in register.php for Phorum 3.4.5 and earli ...)
 	NOT-FOR-US: phorum, not in debian
-CVE-2004-0033
+CVE-2004-0033 (admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: phpgedview, not in debian
-CVE-2004-0032
+CVE-2004-0032 (Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2 ...)
 	NOT-FOR-US: phpgedview, not in debian
-CVE-2004-0031
+CVE-2004-0031 (PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and  ...)
 	NOT-FOR-US: phpgedview, not in debian
-CVE-2004-0028
+CVE-2004-0028 (jitterbug 1.6.2 does not properly sanitize inputs, which allows remote ...)
 	{DSA-420}
 	- jitterbug 1.6.2-4.5
-CVE-2004-0016
+CVE-2004-0016 (The calendar module for phpgroupware 0.9.14 does not enforce the "save ...)
 	{DSA-419}
 	- phpgroupware 0.9.14.007-4
-CVE-2004-0015
+CVE-2004-0015 (vbox3 0.1.8 and earlier does not properly drop privileges before execu ...)
 	{DSA-418}
 	- vbox3 0.1.8
-CVE-2004-0013
+CVE-2004-0013 (jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly ...)
 	{DSA-414}
 	- jabber 1.4.3-1
-CVE-2004-0011
+CVE-2004-0011 (Buffer overflow in fsp before 2.81.b18 allows remote users to execute  ...)
 	{DSA-416}
 	- fsp 2.81.b18-1
-CVE-2004-0009
+CVE-2004-0009 (Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 ...)
 	- apache-ssl 1.3.31
-CVE-2004-0004
+CVE-2004-0004 (The libCheckSignature function in crypto-utils.lib for OpenCA 0.9.1.6  ...)
 	NOT-FOR-US: openca, not in debian
-CVE-2004-0001
+CVE-2004-0001 (Unknown vulnerability in the eflags checking in the 32-bit ptrace emul ...)
 	- kernel-image-2.6.8-9-amd64-generic <unfixed>
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index f7539708eb..ae04c12361 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -1,4 +1,4 @@
-CVE-2005-4900
+CVE-2005-4900 (SHA-1 is not collision resistant, which makes it easier for context-de ...)
 	NOT-FOR-US: Generic protocol issue
 CVE-2005-4899
 	RESERVED
@@ -11,7 +11,7 @@ CVE-2005-4896
 CVE-2005-XXXX [more related to CVE-2005-4890]
 	- shadow <unfixed> (unimportant; bug #628843)
 	NOTE: only affects the su executable, so if you use sudo you're not affected
-CVE-2005-4895
+CVE-2005-4895 (Multiple integer overflows in TCMalloc (tcmalloc.cc) in gperftools bef ...)
 	- google-perftools 0.7-1
 CVE-2005-4894
 	RESERVED
@@ -29,215 +29,215 @@ CVE-2005-4890 [login: tty hijacking possible in "su" via TIOCSTI ioctl]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=173008
 	- sudo 1.7.4p4 (low; bug #657784)
 	NOTE: sudo might be fixed earlier, use_pty present in stable
-CVE-2005-4889
+CVE-2005-4889 (lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of  ...)
 	- rpm 4.7.0-1 (bug #584257; unimportant)
 	NOTE: Marking as unimportant since rpm isn't used as a package manager
-CVE-2005-4888
+CVE-2005-4888 (NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows r ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2005-4887
+CVE-2005-4887 (NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5  ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2005-4886
+CVE-2005-4886 (The selinux_parse_skb_ipv6 function in security/selinux/hooks.c in the ...)
 	- linux-2.6 2.6.12-1
 	- linux-2.6.24 <not-affected> (fixed before 2.6.24)
-CVE-2005-4885
+CVE-2005-4885 (Unspecified vulnerability on certain Sun StorEdge 6130 (SE6130) Contro ...)
 	NOT-FOR-US: Sun StorEdge 6130
-CVE-2005-4884
+CVE-2005-4884 (Unspecified vulnerability in the Oracle OLAP component in Oracle Datab ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2005-4883
+CVE-2005-4883 (Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote at ...)
 	NOT-FOR-US: Tftpd32
-CVE-2005-4882
+CVE-2005-4882 (tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Sim ...)
 	NOT-FOR-US: Tftpd32
-CVE-2005-4881
+CVE-2005-4881 (The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2. ...)
 	- linux-2.6 2.6.13-1 (low)
 	- linux-2.6.24 <not-affected> (fixed prior to first upload of 2.6.24)
-CVE-2005-4880
+CVE-2005-4880 (Jax Guestbook 3.1 and 3.31 stores sensitive information under the web  ...)
 	NOT-FOR-US: Jax Guestbook
-CVE-2005-4879
+CVE-2005-4879 (Multiple cross-site scripting (XSS) vulnerabilities in jax_guestbook.p ...)
 	NOT-FOR-US: Jax Guestbook
-CVE-2005-4878
+CVE-2005-4878 (Multiple cross-site scripting (XSS) vulnerabilities in (1) acid_qry_ma ...)
 	- acidbase 1.2.1-1
-CVE-2005-4877
+CVE-2005-4877 (Cross-site scripting (XSS) vulnerability in the login form (login.jsp) ...)
 	NOT-FOR-US: Openfire
-CVE-2005-4876
+CVE-2005-4876 (Cross-site scripting (XSS) vulnerability in the login form (login.jsp) ...)
 	NOT-FOR-US: Openfire
-CVE-2005-4875
+CVE-2005-4875 (TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive in ...)
 	- typo3-src 4.0.2-1
-CVE-2005-4874
+CVE-2005-4874 (The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE met ...)
 	- iceweasel <not-affected> (old version and CVE)
-CVE-2005-4873
+CVE-2005-4873 (Multiple stack-based buffer overflows in the phpcups PHP module for CU ...)
 	- cups 1.1.23-10sarge1
 	- cupsys 1.1.23-10sarge1
-CVE-2005-4872
+CVE-2005-4872 (Perl-Compatible Regular Expression (PCRE) library before 6.2 does not  ...)
 	- pcre3 6.2-1
 	[sarge] - pcre3 4.5+7.4-1
 	NOTE: http://www.pcre.org/changelog.txt states fixed in 6.2
-CVE-2005-4871
+CVE-2005-4871 (Certain XML functions in IBM DB2 8.1 run with the privileges of DB2 in ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4870
+CVE-2005-4870 (Stack-based buffer overflows in the (1) xmlvarcharfromfile, (2) xmlclo ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4869
+CVE-2005-4869 (The (1) to_char and (2) to_date function in IBM DB2 8.1 allows local u ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4868
+CVE-2005-4868 (Shared memory sections and events in IBM DB2 8.1 have default permissi ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4867
+CVE-2005-4867 (Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4866
+CVE-2005-4866 (Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allow ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4865
+CVE-2005-4865 (Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remo ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4864
+CVE-2005-4864 (Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4863
+CVE-2005-4863 (Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows lo ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4862
+CVE-2005-4862 (The search functionality in XWiki 0.9.793 indexes cleartext user passw ...)
 	NOT-FOR-US: Xwiki
-CVE-2005-4861
+CVE-2005-4861 (functions.php in Ragnarok Online Control Panel (ROCP) 4.3.4a allows re ...)
 	NOT-FOR-US: Ragnarok
-CVE-2005-4860
+CVE-2005-4860 (Spectrum Cash Receipting System before 6.504 uses weak cryptography (s ...)
 	NOT-FOR-US: Spectrum Cash Receipting System
-CVE-2005-4859
+CVE-2005-4859 (mimicboard2 (Mimic2) 086 and earlier stores sensitive information unde ...)
 	NOT-FOR-US: mimicboard2
-CVE-2005-4858
+CVE-2005-4858 (Multiple cross-site scripting (XSS) vulnerabilities in mimic2.cgi in m ...)
 	NOT-FOR-US: mimicboard2
-CVE-2005-4857
+CVE-2005-4857 (eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3 ...)
 	- ezpublish <removed>
-CVE-2005-4856
+CVE-2005-4856 (The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5,  ...)
 	- ezpublish <removed>
-CVE-2005-4855
+CVE-2005-4855 (Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, ...)
 	- ezpublish <removed> (bug #424790)
-CVE-2005-4854
+CVE-2005-4854 (eZ publish 3.5 through 3.7 before 20050830 does not use a folder's rea ...)
 	- ezpublish <removed> (bug #424790)
-CVE-2005-4853
+CVE-2005-4853 (The default configuration of the forum package in eZ publish 3.5 befor ...)
 	- ezpublish <removed> (bug #424790)
-CVE-2005-4852
+CVE-2005-4852 (The siteaccess URIMatching implementation in eZ publish 3.5 through 3. ...)
 	- ezpublish <removed> (bug #424790)
-CVE-2005-4851
+CVE-2005-4851 (eZ publish 3.4.4 through 3.7 before 20050722 applies certain permissio ...)
 	- ezpublish <removed> (bug #424790)
-CVE-2005-4850
+CVE-2005-4850 (eZ publish 3.5 through 3.7 before 20050608 requires both edit and crea ...)
 	- ezpublish <removed> (bug #424790)
-CVE-2005-4849
+CVE-2005-4849 (Apache Derby before 10.1.2.1 exposes the (1) user and (2) password att ...)
 	- derby <not-affected> (Fixed before initial upload to Debian)
 	NOTE: http://issues.apache.org/jira/browse/DERBY-530
 	NOTE: http://issues.apache.org/jira/browse/DERBY-559
-CVE-2005-4848
+CVE-2005-4848 (Buffer overflow in the decompression algorithm in Research in Motion B ...)
 	NOT-FOR-US: BlackBerry Enterprise Server
-CVE-2005-4847
+CVE-2005-4847 (Unspecified vulnerability in Spey 0.3.3 has unknown impact and attack  ...)
 	NOT-FOR-US: Spey
-CVE-2005-4846
+CVE-2005-4846 (Format string vulnerability in Logger.cc for Spey 0.3.3 allows attacke ...)
 	NOT-FOR-US: Spey
-CVE-2005-4845
+CVE-2005-4845 (The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and  ...)
 	NOT-FOR-US: Sun Java on Microsoft Windows
-CVE-2005-4844
+CVE-2005-4844 (The CLSID_ApprenticeICW control allows remote attackers to cause a den ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-4843
+CVE-2005-4843 (The SmartConnect Class control allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-4842
+CVE-2005-4842 (The System Monitor Source Properties control allows remote attackers t ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-4841
+CVE-2005-4841 (The Outlook Progress Ctl control allows remote attackers to cause a de ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-4840
+CVE-2005-4840 (The Outlook Express Address Book control, when using Internet Explorer ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-4839
+CVE-2005-4839 (PureTLS before 0.9b5 does not clear optional Extensions and Algorithm. ...)
 	NOT-FOR-US: PureTLS
-CVE-2005-4838
+CVE-2005-4838 (Multiple cross-site scripting (XSS) vulnerabilities in the example web ...)
 	- tomcat5.5 5.5.15-1 (low)
-CVE-2005-4837
+CVE-2005-4837 (snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3 ...)
 	- net-snmp 5.2.2-1 (medium)
-CVE-2005-4836
+CVE-2005-4836 (The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not ...)
 	[sarge] - tomcat4 <no-dsa> (affects deprecated HTTP/1.1 connector only)
-CVE-2005-4835
+CVE-2005-4835 (The ath_rate_sample function in the ath_rate/sample/sample.c sample co ...)
 	- madwifi 1:0.9.2+r1842.20061207-2 (low)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
-CVE-2005-4834
+CVE-2005-4834 (IBM WebSphere Application Server (WAS) 5.0.2.5 through 5.1.1.3 allows  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2005-4833
+CVE-2005-4833 (IBM WebSphere Application Server (WAS) 6.0 before 20050201, when servi ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2005-4832
+CVE-2005-4832 (SQL injection vulnerability in the Oracle Database Server 10g allows r ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2005-4831
+CVE-2005-4831 (viewcvs in ViewCVS 0.9.2 allows remote attackers to set the Content-Ty ...)
 	- viewvc 0.9.4+svn20060318-1 (low)
-CVE-2005-4830
+CVE-2005-4830 (CRLF injection vulnerability in viewcvs in ViewCVS 0.9.2 allows remote ...)
 	- viewvc 0.9.4+svn20060318-1 (low)
 	NOTE: referring to http://www.securityfocus.com/archive/1/461427/100/0/threaded this
 	NOTE: has been fixed in cvs for 0.9.3
-CVE-2005-4829
+CVE-2005-4829 (VirtueMart before 1.0.1 does not properly handle errors when a user is ...)
 	NOT-FOR-US: VirtueMart
-CVE-2005-4828
+CVE-2005-4828 (Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large ema ...)
 	- kolabd <not-affected> (Only vulnerable in 2.0-2.1; not packaged Debian)
-CVE-2005-4827
+CVE-2005-4827 (Internet Explorer 6.0, and possibly other versions, allows remote atta ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-4826
+CVE-2005-4826 (Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature  ...)
 	NOT-FOR-US: Cisco
-CVE-2005-4825
+CVE-2005-4825 (Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allow ...)
 	NOT-FOR-US: Cisco
-CVE-2005-4824
+CVE-2005-4824 (PHP remote file inclusion vulnerability in web/classes.php in Sitefram ...)
 	NOT-FOR-US: siteframe
-CVE-2005-4823
+CVE-2005-4823 (Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP Web-e ...)
 	NOT-FOR-US: HP
-CVE-2005-4822
+CVE-2005-4822 (SQL injection vulnerability in projects/project-edit.asp in Digger Sol ...)
 	NOT-FOR-US: Digger Solutions Intranet Open Source (IOS)
-CVE-2005-4821
+CVE-2005-4821 (Multiple SQL injection vulnerabilities in Land Down Under (LDU) v801 a ...)
 	NOT-FOR-US: Land Down Under
-CVE-2005-4820
+CVE-2005-4820 (SMC Wireless Router model SMC7904WBRA allows remote attackers to cause ...)
 	NOT-FOR-US: SMC
-CVE-2005-4819
+CVE-2005-4819 (Cross-site scripting (XSS) vulnerability in Lotus Domino versions befo ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2005-4818
+CVE-2005-4818 (Multiple SQL injection vulnerabilities in Copernicus Europa allow remo ...)
 	NOT-FOR-US: Copernicus Europa
-CVE-2005-4817
+CVE-2005-4817 (Format string vulnerability in ui.c in Textbased MSN Client (TMSNC) be ...)
 	- tmsnc 0.2.5-1
-CVE-2005-4816
+CVE-2005-4816 (Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote ...)
 	{DSA-1245-1}
 	- proftpd-dfsg 1.2.10+1.3.0rc5-1 (bug #404751; medium)
-CVE-2005-4815
+CVE-2005-4815 (SAP 6.4 before 6.40 patch 4, 6.2 before 6.20 patch 1364, 4.6 before 4. ...)
 	NOT-FOR-US: SAP
-CVE-2005-4814
+CVE-2005-4814 (Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when ...)
 	NOT-FOR-US: Segue CMS
-CVE-2005-4813
+CVE-2005-4813 (Unspecified vulnerability in Report Application Server (Crystalras.exe ...)
 	NOT-FOR-US: Business Objects Crystal Reports
-CVE-2005-4812
+CVE-2005-4812 (The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, ...)
 	NOT-FOR-US: SISCO OSI stack for Windows
-CVE-2005-4811
+CVE-2005-4811 (The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and ...)
 	{DSA-1304}
 	- linux-2.6 2.6.14
-CVE-2005-4810
+CVE-2005-4810 (Microsoft Internet Explorer 7.0 Beta3 and earlier allows remote attack ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-4809
+CVE-2005-4809 (Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla a ...)
 	- mozilla <removed> (low)
 	- firefox <not-affected> (at least 1.5.0.6 is not vulnerable)
 	- xulrunner <not-affected>
 	[sarge] - mozilla <no-dsa> (Conceptual problem, not fixable in a backport)
-CVE-2005-4808
+CVE-2005-4808 (Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) a ...)
 	- binutils 2.17-1 (low)
 	[sarge] - binutils <no-dsa> (Only a security-problems in far-fetched configurations)
-CVE-2005-4807
+CVE-2005-4807 (Stack-based buffer overflow in the as_bad function in messages.c in th ...)
 	- binutils 2.17-1 (low)
 	[sarge] - binutils <no-dsa> (Only a security-problems in far-fetched configurations)
-CVE-2005-2468
+CVE-2005-2468 (Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earl ...)
 	NOT-FOR-US: MySQL Eventum
-CVE-2005-2467
+CVE-2005-2467 (Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1 ...)
 	NOT-FOR-US: MySQL Eventum
-CVE-2005-2466
+CVE-2005-2466 (Multiple SQL injection vulnerabilities in the auth_user function in ad ...)
 	NOT-FOR-US: OpenBook
-CVE-2005-2465
+CVE-2005-2465 (Cross-site scripting (XSS) vulnerability in pm.php in PCXP/TOPPE CMS a ...)
 	NOT-FOR-US: PC-EXPERIENCE/TOPPE CMS
-CVE-2005-2464
+CVE-2005-2464 (login.php in PCXP/TOPPE CMS allows remote attackers to bypass authenti ...)
 	NOT-FOR-US: PC-EXPERIENCE/TOPPE CMS
-CVE-2005-2463
+CVE-2005-2463 (Kayako liveResponse 2.x allows remote attackers to obtain sensitive in ...)
 	NOT-FOR-US: Kayako liveResponse
-CVE-2005-2462
+CVE-2005-2462 (Kayako liveResponse 2.x, when logging in a user, records the password  ...)
 	NOT-FOR-US: Kayako liveResponse
-CVE-2005-2461
+CVE-2005-2461 (Multiple SQL injection vulnerabilities in the calendar feature in Kaya ...)
 	NOT-FOR-US: Kayako liveResponse
-CVE-2005-2460
+CVE-2005-2460 (Multiple cross-site scripting (XSS) vulnerabilities in Kayako liveResp ...)
 	NOT-FOR-US: Kayako liveResponse
-CVE-2005-4806
+CVE-2005-4806 (Multiple unspecified vulnerabilities in Sun Java System Web Proxy Serv ...)
 	NOT-FOR-US: Sun Java System Web Proxy Server
-CVE-2005-4805
+CVE-2005-4805 (Unspecified vulnerability in Sun Java System Application Server 7 Stan ...)
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2005-4804
+CVE-2005-4804 (Unspecified vulnerability in Sun Java System Application Server Platfo ...)
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2005-1755
+CVE-2005-1755 (PHP remote file inclusion vulnerability in poll_vote.php in PHP Poll C ...)
 	NOT-FOR-US: PHP Poll Creator
 CVE-2005-1754
 	NOT-FOR-US: JavaMail API
@@ -245,40 +245,40 @@ CVE-2005-1754
 CVE-2005-1753
 	NOT-FOR-US: JavaMail API
 	NOTE: vulnerable file not in Debian
-CVE-2005-1752
+CVE-2005-1752 (viewFile.php in the scm component of Gforge before 4.0 allows remote a ...)
 	- gforge 3.1-30
 	NOTE: viewFile.php disabled in 3.1-30
-CVE-2005-4803
+CVE-2005-4803 (graphviz before 2.2.1 allows local users to overwrite arbitrary files  ...)
 	{DSA-857-1}
 	- graphviz 2.2.1-1sarge1 (bug #336985; low)
-CVE-2005-4802
+CVE-2005-4802 (Flexbackup 1.2.1 and earlier allows local users to overwrite files and ...)
 	{DSA-1216}
 	- flexbackup 1.2.1-3 (bug #334350; low)
-CVE-2005-4801
+CVE-2005-4801 (Multiple cross-site request forgery (CSRF) vulnerabilities in Yet Anot ...)
 	NOT-FOR-US: YaPIG
-CVE-2005-4800
+CVE-2005-4800 (Direct static code injection vulnerability in Yet Another PHP Image Ga ...)
 	NOT-FOR-US: YaPIG
-CVE-2005-4799
+CVE-2005-4799 (Multiple cross-site scripting (XSS) vulnerabilities in Yet Another PHP ...)
 	NOT-FOR-US: YaPIG
-CVE-2005-4798
+CVE-2005-4798 (Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to ...)
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 <not-affected>
-CVE-2005-4797
+CVE-2005-4797 (Directory traversal vulnerability in printd line printer daemon (lpd)  ...)
 	NOT-FOR-US: Solaris
-CVE-2005-4796
+CVE-2005-4796 (Unspecified vulnerability in the XView library (libxview.so) in Solari ...)
 	- xview <not-affected> (xview on Solaris)
 	NOTE: Is only relevant for suid binaries, but xview is not really suitable for
 	NOTE: those anyway. Exact information is not available, but a similar problem
 	NOTE: is already fixed in the Debian package.
-CVE-2005-4795
+CVE-2005-4795 (Unspecified vulnerability in the multi-language environment library (l ...)
 	NOT-FOR-US: Solaris
-CVE-2005-4794
+CVE-2005-4794 (Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and  ...)
 	NOT-FOR-US: Cisco
-CVE-2005-4793
+CVE-2005-4793 (Multiple unspecified vulnerabilities in the web utility function in Hi ...)
 	NOT-FOR-US: Hitachi
-CVE-2005-4792
+CVE-2005-4792 (SQL injection vulnerability in index.php in Appalachian State Universi ...)
 	NOT-FOR-US: phpWebSite
-CVE-2005-4791
+CVE-2005-4791 (Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 caus ...)
 	{DTSA-107-1}
 	- beagle 0.2.13-1 (low)
 	[etch] - beagle <no-dsa> (Minor issue)
@@ -288,417 +288,417 @@ CVE-2005-4791
 	- blam 1.8.4-1 (low)
 	[etch] - blam <no-dsa> (Minor issue)
 	NOTE: lintian bug filed: #451559
-CVE-2005-4790
+CVE-2005-4790 (Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 1 ...)
 	- tomboy 0.8.1-2 (low)
 	[etch] - tomboy <no-dsa> (Minor issue)
-CVE-2005-4789
+CVE-2005-4789 (resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, do ...)
 	- resmgr <not-affected>
-CVE-2005-4788
+CVE-2005-4788 (resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, al ...)
 	- resmgr <not-affected>
 CVE-2005-4787
 	NOT-FOR-US: Turnkey Web Tools SunShop Shopping Cart
-CVE-2005-4786
+CVE-2005-4786 (Buffer overflow in the archive decompression library (vrAZMain.dll 5.8 ...)
 	NOT-FOR-US: HAURI anti-virus
-CVE-2005-4785
+CVE-2005-4785 (Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and earli ...)
 	NOT-FOR-US: QuickBlogger
-CVE-2005-4784
+CVE-2005-4784 (Multiple buffer overflows in the POSIX readdir_r function, as used in  ...)
 	NOTE: this does not affect linux
-CVE-2005-4783
+CVE-2005-4783 (kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not chec ...)
 	NOT-FOR-US: NetBSD
-CVE-2005-4782
+CVE-2005-4782 (NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is c ...)
 	NOT-FOR-US: NetBSD
-CVE-2005-4781
+CVE-2005-4781 (Multiple SQL injection vulnerabilities in SergiDs Top Music module 3.0 ...)
 	NOT-FOR-US: SergiD Top Music module
 CVE-2005-4780
 	NOT-FOR-US: LightHouse CMS
-CVE-2005-4779
+CVE-2005-4779 (verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with ...)
 	NOT-FOR-US: NetBSD
-CVE-2005-4778
+CVE-2005-4778 (The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspeci ...)
 	- powersave 0.12.7-1
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=119628&x=18&y=11&=Find
-CVE-2005-4777
+CVE-2005-4777 (Tashcom ASPEdit 2.9 stores the administration password (aka the FTP pa ...)
 	NOT-FOR-US: Tashcom ASPEdit
-CVE-2005-4776
+CVE-2005-4776 (Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in ...)
 	NOT-FOR-US: NetBSD
-CVE-2005-4775
+CVE-2005-4775 (Michael Scholz and Sebastian Stein Contineo 2.0, when the admin accoun ...)
 	NOT-FOR-US: Contineo
-CVE-2005-4774
+CVE-2005-4774 (Cross-site scripting (XSS) vulnerability in Xerver 4.17 allows remote  ...)
 	NOT-FOR-US: Xerver
-CVE-2005-4773
+CVE-2005-4773 (The configuration of VMware ESX Server 2.x, 2.0.x, 2.1.x, and 2.5.x al ...)
 	NOT-FOR-US: VMware
-CVE-2005-4772
+CVE-2005-4772 (liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 200510 ...)
 	NOT-FOR-US: YaST
-CVE-2005-4771
+CVE-2005-4771 (Trusted Mobility Agent PC Policy in Trust Digital Trusted Mobility Sui ...)
 	NOT-FOR-US: Trusted Mobility Agent
-CVE-2005-4770
+CVE-2005-4770 (SQL injection vulnerability in an unspecified Accelerated Enterprise S ...)
 	NOT-FOR-US: Accelerated E Solutions
-CVE-2005-4769
+CVE-2005-4769 (SQL injection vulnerability in addrbook.php in Belchior Foundry vCard  ...)
 	NOT-FOR-US: Belchior Foundry vCard
-CVE-2005-4768
+CVE-2005-4768 (SQL injection vulnerability in manage_account.php in Tux Racer TuxBank ...)
 	NOT-FOR-US: Tux Racer TuxBank
-CVE-2005-4767
+CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4766
+CVE-2005-4766 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4765
+CVE-2005-4765 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier and 7.0 S ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4764
+CVE-2005-4764 (BEA WebLogic Server and WebLogic Express 9.0, 8.1, and 7.0 lock out th ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4763
+CVE-2005-4763 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4762
+CVE-2005-4762 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4761
+CVE-2005-4761 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4760
+CVE-2005-4760 (BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4759
+CVE-2005-4759 (BEA WebLogic Server and WebLogic Express 8.1 and 7.0, during a migrati ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4758
+CVE-2005-4758 (Unspecified vulnerability in the Administration server in BEA WebLogic ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4757
+CVE-2005-4757 (BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4756
+CVE-2005-4756 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4755
+CVE-2005-4755 (BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier (1) store ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4754
+CVE-2005-4754 (BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allow rem ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4753
+CVE-2005-4753 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4752
+CVE-2005-4752 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4751
+CVE-2005-4751 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Se ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4750
+CVE-2005-4750 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4749
+CVE-2005-4749 (HTTP request smuggling vulnerability in BEA WebLogic Server and WebLog ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4748
+CVE-2005-4748 (PHP remote file include vulnerability in functions_admin.php in Virtua ...)
 	NOT-FOR-US: Virtual War
-CVE-2005-4747
+CVE-2005-4747 (Cross-site scripting (XSS) vulnerability in WebHost Automation Ltd Hel ...)
 	NOT-FOR-US: WebHost Automation Ltd Helm
-CVE-2005-4746
+CVE-2005-4746 (Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote a ...)
 	{DSA-1145-1}
 	- freeradius 1.0.5-1
-CVE-2005-4745
+CVE-2005-4745 (SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS ...)
 	{DSA-1145-1}
 	- freeradius 1.0.5-1
-CVE-2005-4744
+CVE-2005-4744 (Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRA ...)
 	{DSA-1089-1}
 	- freeradius 1.0.5-1
-CVE-2005-4743
+CVE-2005-4743 (Multiple SQL injection vulnerabilities in index.php in NeLogic Nephp P ...)
 	NOT-FOR-US: NeLogic Nephp Publisher
-CVE-2005-4742
+CVE-2005-4742 (Unspecified vulnerability in Echelog 0.6.2 allows attackers to "exploi ...)
 	NOT-FOR-US: Echelog
-CVE-2005-4741
+CVE-2005-4741 (NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 ...)
 	NOT-FOR-US: NetBSD
-CVE-2005-4740
+CVE-2005-4740 (IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4739
+CVE-2005-4739 (IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s0508 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4738
+CVE-2005-4738 (IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4737
+CVE-2005-4737 (IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows r ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4736
+CVE-2005-4736 (IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote aut ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4735
+CVE-2005-4735 (IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote aut ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-4734
+CVE-2005-4734 (Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication ...)
 	NOT-FOR-US: RSA Authentication Agent for Web
-CVE-2005-4733
+CVE-2005-4733 (NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow lo ...)
 	NOT-FOR-US: NetBSD
-CVE-2005-4732
+CVE-2005-4732 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Tu ...)
 	NOT-FOR-US: TuxBank
 CVE-2005-XXXX [xsupplicant information leak]
 	- xsupplicant 1.0.1-5 (bug #317703; low)
-CVE-2005-4731
+CVE-2005-4731 (The Next action in PEAR HTML_QuickForm_Controller 1.0.4 includes the S ...)
 	NOT-FOR-US: PEAR HTML_QuickForm_Controller
-CVE-2005-4730
+CVE-2005-4730 (Unspecified vulnerability in PEAR Text_Password 1.0 has unknown impact ...)
 	NOT-FOR-US: PEAR Text_Password
-CVE-2005-4729
+CVE-2005-4729 (SQL injection vulnerability in show.php in VBZooM Forum allows remote  ...)
 	NOT-FOR-US: VBZooM
-CVE-2005-4728
+CVE-2005-4728 (Untrusted search path vulnerability (RPATH) in amaya 9.2.1 on Debian G ...)
 	- amaya 9.4-1 (bug #341424)
 	[sarge] - amaya <not-affected> (The Sarge version doesn't have an rpath set)
-CVE-2005-4727
+CVE-2005-4727 (Cross-site scripting (XSS) vulnerability in gbook.cgi in gBook before  ...)
 	NOT-FOR-US: gBook
-CVE-2005-4726
+CVE-2005-4726 (MUTE 0.4 uses improper flood protection algorithms, which allows remot ...)
 	NOT-FOR-US: MUTE
-CVE-2005-4725
+CVE-2005-4725 (Geeklog before 1.3.11sr3 allows remote attackers to bypass intended ac ...)
 	NOT-FOR-US: Geeklog
-CVE-2005-4724
+CVE-2005-4724 (SQL injection vulnerability in post.php in PhpTagCool 1.0.3 allows rem ...)
 	NOT-FOR-US: PhpTagCool
-CVE-2005-4723
+CVE-2005-4723 (D-Link DI-524 Wireless Router, DI-624 Wireless Router, and DI-784 allo ...)
 	NOT-FOR-US: D-Link hardware
-CVE-2005-4722
+CVE-2005-4722 (_Request_Message.cfm in tmsPUBLISHER 3.3 allows remote attackers to ob ...)
 	NOT-FOR-US: tmsPUBLISHER
-CVE-2005-4721
+CVE-2005-4721 (Cross-site scripting (XSS) vulnerability in search.cfm in tmsPUBLISHER ...)
 	NOT-FOR-US: tmsPUBLISHER
-CVE-2005-4720
+CVE-2005-4720 (Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to  ...)
 	{DSA-1044-1}
 	- mozilla-firefox 1.5.dfsg+1.5.0.2 (low)
 	- firefox 1.5.dfsg-1
-CVE-2005-4719
+CVE-2005-4719 (Multiple SQL injection vulnerabilities in Sysbotz Systems Panel 1.0.6  ...)
 	NOT-FOR-US: Sysbotz Systems Panel
-CVE-2005-4718
+CVE-2005-4718 (Opera 8.02 and earlier allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Opera
-CVE-2005-4717
+CVE-2005-4717 (Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-4716
+CVE-2005-4716 (Hitachi TP1/Server Base and TP1/NET/Library 2 on IBM AIX allow remote  ...)
 	NOT-FOR-US: Hitachi TP1
-CVE-2005-4715
+CVE-2005-4715 (Multiple SQL injection vulnerabilities in modules.php in PHP-Nuke 7.8, ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-4714
+CVE-2005-4714 (Format string vulnerability in the vmps_log function in OpenVMPS (VLAN ...)
 	NOT-FOR-US: OpenVMPS
-CVE-2005-4713
+CVE-2005-4713 (Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6 ...)
 	- pam-mysql 0.6.2-1 (bug #353589; low)
 	[sarge] - pam-mysql <not-affected> (Vulnerable code not present)
-CVE-2005-4712
+CVE-2005-4712 (CRLF injection vulnerability in process_signup.php in PHP Handicapper  ...)
 	NOT-FOR-US: Handicapper
-CVE-2005-4711
+CVE-2005-4711 (SQL injection vulnerability in Neocrome Land Down Under (LDU) 801 allo ...)
 	NOT-FOR-US: Land Down Under
-CVE-2005-4710
+CVE-2005-4710 (Unspecified vulnerability in multiple Autodesk and AutoCAD products an ...)
 	NOT-FOR-US: AutoCAD
-CVE-2005-4709
+CVE-2005-4709 (The popSubjectContext method in the SecurityAssociation class in JBoss ...)
 	NOT-FOR-US: JBoss Enterprise Java Beans
-CVE-2005-4708
+CVE-2005-4708 (Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute ...)
 	NOT-FOR-US: Adobe Macromedia MX products (Captivate, Contribute and eLicensing client)
-CVE-2005-4707
+CVE-2005-4707 (Multiple cross-site scripting (XSS) vulnerabilities in PHP GEN before  ...)
 	NOT-FOR-US: PHP GEN
-CVE-2005-4706
+CVE-2005-4706 (Unspecified vulnerability in the "privilege management" feature of Sun ...)
 	NOT-FOR-US: Solaris 10
-CVE-2005-4705
+CVE-2005-4705 (BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4704
+CVE-2005-4704 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-4703
+CVE-2005-4703 (Apache Tomcat 4.0.3, when running on Windows, allows remote attackers  ...)
 	NOT-FOR-US: Windows Tomcat vulnerability
-CVE-2005-4702
+CVE-2005-4702 (SQL injection vulnerability in the favorites module in index.php in IP ...)
 	NOT-FOR-US: IPBProArcade
-CVE-2005-4701
+CVE-2005-4701 (Unspecified vulnerability in Process File System (procfs) in Sun Solar ...)
 	NOT-FOR-US: Solaris 10
-CVE-2005-4700
+CVE-2005-4700 (TellMe 1.2 and earlier, when the Server (o_Server) and HEAD (o_Head) o ...)
 	NOT-FOR-US: TellMe
-CVE-2005-4699
+CVE-2005-4699 (Argument injection vulnerability in TellMe 1.2 and earlier allows remo ...)
 	NOT-FOR-US: TellMe
-CVE-2005-4698
+CVE-2005-4698 (Cross-site scripting (XSS) vulnerability in TellMe 1.2 and earlier all ...)
 	NOT-FOR-US: TellMe
-CVE-2005-4697
+CVE-2005-4697 (The Microsoft Wireless Zero Configuration system (WZCS) allows local u ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-4696
+CVE-2005-4696 (The Microsoft Wireless Zero Configuration system (WZCS) stores WEP key ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-4695
+CVE-2005-4695 (Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers ...)
 	NOT-FOR-US: Symantec Brightmail AntiSpam
-CVE-2005-4694
+CVE-2005-4694 (Unspecified vulnerability in the www_add method in Asset.pm in Plain B ...)
 	NOT-FOR-US: WebGUI
-CVE-2005-4693
+CVE-2005-4693 (Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to caus ...)
 	- gaim-encryption 3.0~beta5-3 (low; bug #337127)
 	[sarge] - gaim-encryption <no-dsa> (Minor issue)
-CVE-2005-4692
+CVE-2005-4692 (Unspecified vulnerability in mroovca stats (mroovcastats) before 0.4.5 ...)
 	NOT-FOR-US: mroovca
-CVE-2005-4691
+CVE-2005-4691 (imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, ...)
 	NOT-FOR-US: NetBSD
-CVE-2005-4690
+CVE-2005-4690 (Six Apart Movable Type 3.16 allows local users with blog-creation priv ...)
 	NOT-FOR-US: Six Apart Movable Type
-CVE-2005-4689
+CVE-2005-4689 (Six Apart Movable Type 3.16 stores account names and password hashes i ...)
 	NOT-FOR-US: Six Apart Movable Type
-CVE-2005-4688
+CVE-2005-4688 (PunBB 1.2.9 does not require password entry when changing the e-mail a ...)
 	NOT-FOR-US: PunBB
-CVE-2005-4687
+CVE-2005-4687 (PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's I ...)
 	NOT-FOR-US: PunBB
-CVE-2005-4686
+CVE-2005-4686 (PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.p ...)
 	NOT-FOR-US: PunBB
-CVE-2005-4685
+CVE-2005-4685 (Firefox and Mozilla can associate a cookie with multiple domains when  ...)
 	NOTE: see CVE-2005-4684
 	- firefox <removed> (unimportant)
 	- iceweasel <removed> (unimportant)
 	- mozilla <removed> (unimportant)
 	[sarge] - mozilla <no-dsa> (Hardly exploitable)
 	- xulrunner <unfixed> (unimportant)
-CVE-2005-4684
+CVE-2005-4684 (Konqueror can associate a cookie with multiple domains when the DNS re ...)
 	NOTE: http://www.redhat.com/archives/fedora-extras-commits/2006-August/msg01104.html says "ignore (kdebase) not fixed upstream, low, can't fix"
 	- kdebase <unfixed> (unimportant)
 	[sarge] - kdebase <no-dsa> (Hardly exploitable)
-CVE-2005-4683
+CVE-2005-4683 (PADL MigrationTools 46, when a failure occurs, stores contents of /etc ...)
 	- migrationtools 46-2.1 (bug #338920; unimportant)
 	NOTE: The temp fix makes use of TMPDIR
-CVE-2005-4682
+CVE-2005-4682 (Cross-site scripting (XSS) vulnerability in error.asp in AudienceView  ...)
 	NOT-FOR-US: AudienceView
-CVE-2005-4681
+CVE-2005-4681 (** DISPUTED ** Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 allo ...)
 	NOT-FOR-US: mIRC
-CVE-2005-4680
+CVE-2005-4680 (Sophos Anti-Virus before 4.02, 4.5.x before 4.5.9, 4.6.x before 4.6.9, ...)
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2005-4679
+CVE-2005-4679 (Internet Explorer 6 for Windows XP Service Pack 2 allows remote attack ...)
 	NOT-FOR-US: Internet Explorer 6
-CVE-2005-4678
+CVE-2005-4678 (Apple Safari 2.0.2 (aka 416.12) allows remote attackers to spoof the U ...)
 	NOT-FOR-US: Apple
-CVE-2005-4677
+CVE-2005-4677 (SQL injection vulnerability in additional_images.php (aka the Addition ...)
 	NOT-FOR-US: osCommerce
-CVE-2005-4676
+CVE-2005-4676 (Buffer overflow in Andreas Huggel Exiv2 before 0.9 does not null termi ...)
 	- exiv2 0.9
-CVE-2005-4675
+CVE-2005-4675 (Cross-site scripting (XSS) vulnerability in list.php in Complete PHP C ...)
 	NOT-FOR-US: Complete PHP Counter
-CVE-2005-4674
+CVE-2005-4674 (Multiple SQL injection vulnerabilities in list.php in Complete PHP Cou ...)
 	NOT-FOR-US: Complete PHP Counter
-CVE-2005-4673
+CVE-2005-4673 (ioFTPD 0.5.84 u responds with different messages depending on whether  ...)
 	NOT-FOR-US: ioFTPD
-CVE-2005-4672
+CVE-2005-4672 (Cross-site scripting (XSS) vulnerability in image-editor-52/index.php  ...)
 	NOT-FOR-US: CityPost Simple Image-Editor
-CVE-2005-4671
+CVE-2005-4671 (Cross-site scripting (XSS) vulnerability in simple-upload-53.php in Ci ...)
 	NOT-FOR-US: CityPost Simple PHP Upload
-CVE-2005-4670
+CVE-2005-4670 (Cross-site scripting (XSS) vulnerability in message.php in CityPost Au ...)
 	NOT-FOR-US: CityPost Simple PHP Upload
-CVE-2005-4669
+CVE-2005-4669 (SQL injection vulnerability in RT Internet Solutions (RTIS) WebAdmin a ...)
 	NOT-FOR-US: RT Internet Solutions (RTIS) WebAdmin
-CVE-2005-4668
+CVE-2005-4668 (The embedded HSQLDB in ParosProxy before 3.2.7, when running with JDK  ...)
 	NOT-FOR-US: ParoxProxy
-CVE-2005-4667
+CVE-2005-4667 (Buffer overflow in UnZip 5.50 and earlier allows user-assisted attacke ...)
 	{DSA-1012-1}
 	- unzip 5.52-7 (low; bug #349794)
-CVE-2005-4666
+CVE-2005-4666 (Cross-site scripting (XSS) vulnerability in PHlyMail before 3.3 Beta1  ...)
 	NOT-FOR-US: PHlyMail
-CVE-2005-4665
+CVE-2005-4665 (Cross-site scripting (XSS) vulnerability in PunBB 1.2.6 and earlier al ...)
 	NOT-FOR-US: PunBB
-CVE-2005-4664
+CVE-2005-4664 (SQL injection vulnerability in OcoMon 1.21, and possibly other version ...)
 	NOT-FOR-US: OcoMon
-CVE-2005-4663
+CVE-2005-4663 (Cross-site scripting (XSS) vulnerability in OcoMon 1.20, and possibly  ...)
 	NOT-FOR-US: OcoMon
-CVE-2005-4662
+CVE-2005-4662 (Multiple SQL injection vulnerabilities in OcoMon 1.20, and possibly ea ...)
 	NOT-FOR-US: OcoMon
-CVE-2005-4661
+CVE-2005-4661 (The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail me ...)
 	NOT-FOR-US: Campsite
-CVE-2005-4660
+CVE-2005-4660 (Race condition in IPCop (aka IPCop Firewall) before 1.4.10 might allow ...)
 	NOT-FOR-US: IPCop
-CVE-2005-4659
+CVE-2005-4659 (IPCop (aka IPCop Firewall) before 1.4.10 has world-readable permission ...)
 	NOT-FOR-US: IPCop
-CVE-2005-4658
+CVE-2005-4658 (Multiple cross-site scripting (XSS) vulnerabilities in ASP-Programmers ...)
 	NOT-FOR-US: ASP-Programmers.com ASPKnowledgebase
-CVE-2005-4657
+CVE-2005-4657 (Ocean12 Calendar Manager Pro 1.01 allows remote attackers to bypass au ...)
 	NOT-FOR-US: Ocean12
-CVE-2005-4656
+CVE-2005-4656 (SQL injection vulnerability in index.php in TClanPortal 1.1.3 and earl ...)
 	NOT-FOR-US: TClanPortal
-CVE-2005-4655
+CVE-2005-4655 (Cross-site scripting (XSS) vulnerability in submit.php in PHP-Fusion 6 ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-4654
+CVE-2005-4654 (Multiple unspecified vulnerabilities in Oracle for OpenView (OfO) 8.1. ...)
 	NOT-FOR-US: Oracle
-CVE-2005-4653
+CVE-2005-4653 (Unspecified vulnerability in ss.php in AL-Caricatier 2.5 and earlier a ...)
 	NOT-FOR-US: AL-Caricatier
-CVE-2005-4652
+CVE-2005-4652 (SQL injection vulnerability in PHlyMail 3.02.01 allows remote attacker ...)
 	NOT-FOR-US: PHlyMail
-CVE-2005-4651
+CVE-2005-4651 (SQL injection vulnerability in index.php in AlstraSoft EPay Pro 2.0 al ...)
 	NOT-FOR-US: AlstraSoft EPay Pro
-CVE-2005-4650
+CVE-2005-4650 (Joomla! 1.03 does not restrict the number of "Search" Mambots, which a ...)
 	NOT-FOR-US: Joomla!
-CVE-2005-4649
+CVE-2005-4649 (Multiple cross-site scripting (XSS) vulnerabilities in Advanced Guestb ...)
 	NOT-FOR-US: Advanced Guestbook
-CVE-2005-4648
+CVE-2005-4648 (Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 and earl ...)
 	NOT-FOR-US: Illustrate dBpowerAMP Music Converter
-CVE-2005-4647
+CVE-2005-4647 (Multiple SQL injection vulnerabilities in PEARLINGER Pearl Forums 2.4  ...)
 	NOT-FOR-US: PEARLINGER Pearl Forums
-CVE-2005-4646
+CVE-2005-4646 (Unspecified vulnerability in index.php in PEARLINGER Pearl Forums 2.4  ...)
 	NOT-FOR-US: PEARLINGER Pearl Forums
-CVE-2005-4645
+CVE-2005-4645 (SQL injection vulnerability in index.php in 3CFR allows remote attacke ...)
 	NOT-FOR-US: 3CFR
-CVE-2005-4644
+CVE-2005-4644 (Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in  ...)
 	{DSA-951-2}
 	- trac 0.9.3-1
 	[sarge] - trac 0.8.1-3sarge4 (medium)
-CVE-2005-4643
+CVE-2005-4643 (SQL injection vulnerability in index.php in Antharia OnContent // CMS  ...)
 	NOT-FOR-US: Antharia OnContent
-CVE-2005-4642
+CVE-2005-4642 (Multiple cross-site scripting (XSS) vulnerabilities in HydroBB 1.0.0 B ...)
 	NOT-FOR-US: HydroBB
-CVE-2005-4641
+CVE-2005-4641 (SQL injection vulnerability in home.php in eazyCMS 2.0 allows remote a ...)
 	NOT-FOR-US: eazyCMS
-CVE-2005-4640
+CVE-2005-4640 (SQL injection vulnerability in index.php in class-1 Poll Software 0.4  ...)
 	NOT-FOR-US: class-1 Poll
-CVE-2005-4639
+CVE-2005-4639 (Buffer overflow in the CA-driver (dst_ca.c) for TwinHan DST Frontend/C ...)
 	- linux-2.6 2.6.15-1 (low)
-CVE-2005-4638
+CVE-2005-4638 (index.php in Kayako SupportSuite 3.00.26 and earlier allow remote atta ...)
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2005-4637
+CVE-2005-4637 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ka ...)
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2005-4636
+CVE-2005-4636 (OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, doe ...)
 	- openoffice.org <unfixed> (unimportant)
 	NOTE: This is a non-issue IMO (neilm). OOo just launches a web browser.
 	NOTE: If the admin doesn't web browsing, why is one installed/enabled?
-CVE-2005-4635
+CVE-2005-4635 (The nl_fib_input function in fib_frontend.c in the Linux kernel before ...)
 	NOTE: Unclear, whether this is really exploitable, re-pinged Dann and Horms
-CVE-2005-4634
+CVE-2005-4634 (SQL injection vulnerability in index.php in ActiveCampaign SupportTrio ...)
 	NOT-FOR-US: ActiveCampaign SupportTrio
 CVE-2005-4633
 	REJECTED
-CVE-2005-4632
+CVE-2005-4632 (SQL injection vulnerability in poll_frame.php in Vote! Pro 4.0 and ear ...)
 	NOT-FOR-US: Vote!Pro
-CVE-2005-4631
+CVE-2005-4631 (SQL injection vulnerability in index.php in Zina 0.12.07 and earlier a ...)
 	NOT-FOR-US: Zina
-CVE-2005-4630
+CVE-2005-4630 (SQL injection vulnerability in index.php in ClientExec 2.3 allows remo ...)
 	NOT-FOR-US: ClientExec
-CVE-2005-4629
+CVE-2005-4629 (SQL injection vulnerability in SMBCMS 2.1 allows remote attackers to e ...)
 	NOT-FOR-US: SMBCMS
-CVE-2005-4628
+CVE-2005-4628 (SQL injection vulnerability in index.php in HelpDeskPoint 2.38 and ear ...)
 	NOT-FOR-US: HelpDeskPoint
-CVE-2005-4627
+CVE-2005-4627 (Cross-site scripting (XSS) vulnerability in index.php in (1) GmailSite ...)
 	NOT-FOR-US: GmailSite
-CVE-2005-4626
+CVE-2005-4626 (The default configuration of Recruitment Software installs admin/site. ...)
 	NOT-FOR-US: Recruitment Software
-CVE-2005-4625
+CVE-2005-4625 (Drivers for certain display adapters, including (1) an unspecified ATI ...)
 	NOT-FOR-US: Strange Windows drivers
-CVE-2005-4624
+CVE-2005-4624 (The m_join function in channel.c for PTnet ircd 1.5 and 1.6 allows rem ...)
 	NOT-FOR-US: PTnet ircd
-CVE-2005-4623
+CVE-2005-4623 (upload.exe in eFileGo 3.01 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: eFileGo
-CVE-2005-4622
+CVE-2005-4622 (Directory traversal vulnerability in eFileGo 3.01 allows remote attack ...)
 	NOT-FOR-US: eFileGo
-CVE-2005-4621
+CVE-2005-4621 (Cross-site scripting (XSS) vulnerability in the editavatar page in vBu ...)
 	NOT-FOR-US: vBulletin
-CVE-2005-4620
+CVE-2005-4620 (Buffer overflow in WinRAR 3.50 and earlier allows local users to execu ...)
 	NOT-FOR-US: WinRAR
-CVE-2005-4619
+CVE-2005-4619 (SQL injection vulnerability in index.php in phpoutsourcing Zorum Forum ...)
 	NOT-FOR-US: phpoutsourcing Zorum Forum
-CVE-2005-4618
+CVE-2005-4618 (Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows ...)
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.15-1
 CVE-2005-XXXX [World-readable config file with sensitive data in b2evolution]
 	- b2evolution 0.9.1b-4 (bug #344000)
-CVE-2005-4617
+CVE-2005-4617 (SQL injection vulnerability in tickets.php in cSupport 1.0 and earlier ...)
 	NOT-FOR-US: cSupport
-CVE-2005-4616
+CVE-2005-4616 (SQL injection vulnerability in index.php in iSupport 1.06 allows remot ...)
 	NOT-FOR-US: iSupport
-CVE-2005-4615
+CVE-2005-4615 (SQL injection vulnerability in news.php in DapperDesk 3.0.1 and earlie ...)
 	NOT-FOR-US: DapperDesk
-CVE-2005-4614
+CVE-2005-4614 (Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier  ...)
 	NOT-FOR-US: digiSHOP
-CVE-2005-4613
+CVE-2005-4613 (Cross-site scripting (XSS) vulnerability in VUBB alpha rc1 allows remo ...)
 	NOT-FOR-US: VUBB alpha
-CVE-2005-4612
+CVE-2005-4612 (Multiple SQL injection vulnerabilities in VUBB alpha rc1 allow remote  ...)
 	NOT-FOR-US: VUBB alpha
-CVE-2005-4611
+CVE-2005-4611 (SQL injection vulnerability in search.php in Free ClickBank 1.0 and ea ...)
 	NOT-FOR-US: Free ClickBank
-CVE-2005-4610
+CVE-2005-4610 (Format string vulnerability in the server for Dopewars before 1.5.12,  ...)
 	- dopewars <not-affected> (According to upstream Windows-specific)
-CVE-2005-4609
+CVE-2005-4609 (index.php in BugPort 1.147 and earlier allows remote attackers to obta ...)
 	NOT-FOR-US: BugPort
-CVE-2005-4608
+CVE-2005-4608 (SQL injection vulnerability in index.php in BugPort 1.147 allows remot ...)
 	NOT-FOR-US: BugPort
-CVE-2005-4607
+CVE-2005-4607 (Cross-site scripting (XSS) vulnerability in index.php in BugPort 1.147 ...)
 	NOT-FOR-US: BugPort
-CVE-2005-4606
+CVE-2005-4606 (SQL injection vulnerability in check_user.asp in multiple Web Wiz prod ...)
 	NOT-FOR-US: Web Wiz
-CVE-2005-4605
+CVE-2005-4605 (The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions bef ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.15-1
 	- kernel-source-2.4.27 <not-affected> (2.4's proc_file_lseek contains a sanity check)
 CVE-2005-XXXX [xshisen follows symlinks for shared gid games files]
 	- xshisen 1.51-1-2 (bug #291613)
-CVE-2005-4604
+CVE-2005-4604 (Buffer overflow in MTink in the printer-filters-utils package allows l ...)
 	- mtink <not-affected> (mtink not installed SUID root)
-CVE-2005-4603
+CVE-2005-4603 (Cross-site scripting (XSS) vulnerability in printthread.php in MyBB 1. ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-4602
+CVE-2005-4602 (SQL injection vulnerability in inc/function_upload.php in MyBB before  ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-4600
+CVE-2005-4600 (Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Comp ...)
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
 	- moodle <not-affected> (has newer version)
 	- wordpress 2.5.1-3
@@ -706,133 +706,133 @@ CVE-2005-4600
 	NOTE: this was possibly fixed before 2.5.1 in wordpress but since 2.5.1-3 wordpress
 	NOTE: uses the system copy of tinymce and the exact fixed version is not
 	NOTE: really determinably anymore
-CVE-2005-4599
+CVE-2005-4599 (Cross-site scripting (XSS) vulnerability in tiny_mce_gzip.php in TinyM ...)
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
-CVE-2005-4598
+CVE-2005-4598 (Cross-site scripting (XSS) vulnerability in home.php in OoApp Guestboo ...)
 	NOT-FOR-US: OoApp Guestbook
-CVE-2005-4597
+CVE-2005-4597 (Cross-site scripting (XSS) vulnerability in index.php in iPei Guestboo ...)
 	NOT-FOR-US: iPei Guestbook
-CVE-2005-4596
+CVE-2005-4596 (Cross-site scripting (XSS) vulnerability in read.php in AdesGuestbook  ...)
 	NOT-FOR-US: AdesGuestbook
-CVE-2005-4595
+CVE-2005-4595 (Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView 4 ...)
 	NOT-FOR-US: NView and XnView, different from nview from nvi
-CVE-2005-4594
+CVE-2005-4594 (Stack-based buffer overflow in TUGZip 3.4.0.0 allows remote attackers  ...)
 	NOT-FOR-US: TUGZip
-CVE-2005-4593
+CVE-2005-4593 (PHP remote file inclusion vulnerability in phpDocumentor 1.3.0 rc4 and ...)
 	NOT-FOR-US: phpDocumentor
-CVE-2005-4592
+CVE-2005-4592 (Heap-based buffer overflow in bogofilter and bogolexer 0.96.2 allows r ...)
 	- bogofilter 0.96.3
 	[sarge] - bogofilter <not-affected> (Only some 0.96 CVS versions were affected)
-CVE-2005-4591
+CVE-2005-4591 (Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94 ...)
 	- bogofilter 0.96.3
 	[sarge] - bogofilter <not-affected> (Sarge version doesn't include Unicode)
-CVE-2005-4590
+CVE-2005-4590 (Spb Kiosk Engine 1.0.0.1 allows local users to bypass restrictions on  ...)
 	NOT-FOR-US: Spb Kiosk Engine
-CVE-2005-4589
+CVE-2005-4589 (Spb Kiosk Engine 1.0.0.1 stores the administrator's passcode in the re ...)
 	NOT-FOR-US: Spb Kiosk Engine
-CVE-2005-4588
+CVE-2005-4588 (Cross-site scripting (XSS) vulnerability in Koobi 5 allows remote atta ...)
 	NOT-FOR-US: Koobi
-CVE-2005-4587
+CVE-2005-4587 (Juniper NetScreen-Security Manager (NSM) 2004 FP2 and FP3 allow remote ...)
 	NOT-FOR-US: Juniper
-CVE-2005-4586
+CVE-2005-4586 (Multiple SQL injection vulnerabilities in PHPSurveyor before 0.991 all ...)
 	NOT-FOR-US: PHPSurveyor
 CVE-2005-XXXX [snort: DoS in verbose mode]
 	- snort 2.3.3-2 (bug #328134; low)
 	[woody] - snort <no-dsa> (Only exploitable in obscure setups not used in production environments, see #328134)
 	[sarge] - snort <no-dsa> (Only exploitable in obscure setups not used in production environments, see #328134)
-CVE-2005-4601
+CVE-2005-4601 (The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers t ...)
 	{DSA-957-2}
 	- imagemagick 6:6.2.4.5-0.6 (bug #345238; medium)
 	NOTE: Exploitable through Gnus and Thunderbird.
 	- graphicsmagick 1.1.7-1
-CVE-2005-4585
+CVE-2005-4585 (Unspecified vulnerability in the GTP dissector for Ethereal 0.9.1 to 0 ...)
 	- ethereal 0.10.14-1 (bug #345243; low)
 	NOTE: This affects Woody and Sarge
-CVE-2005-4584
+CVE-2005-4584 (BZFlag server 2.0.4 and earlier allows remote attackers to cause a den ...)
 	- bzflag 2.0.6.20060412-1 (bug #345245; low)
 	[sarge] - bzflag <no-dsa> (Minor DoS against a game)
-CVE-2005-4583
+CVE-2005-4583 (Unspecified vulnerability in the Management Interface in VMware ESX Se ...)
 	NOT-FOR-US: VMWare
-CVE-2005-4582
+CVE-2005-4582 (Electric Sheep 2.6.3 does not require authentication or integrity chec ...)
 	- electricsheep 2.6.3+cvs20051206-1 (unimportant)
 	NOTE: Even an authenticated server might serve unwanted content, so
 	NOTE: this can't be considered a real vulnerability.
-CVE-2005-4581
+CVE-2005-4581 (Buffer overflow in Electric Sheep 2.6.3 client allows local users to e ...)
 	- electricsheep 2.6.3+cvs20051206-1 (unimportant)
 	NOTE: This does not seem to be exploitable.
-CVE-2005-4580
+CVE-2005-4580 (Cross-site scripting (XSS) vulnerability in Day Communique 4 allows re ...)
 	NOT-FOR-US: Day Communique
-CVE-2005-4579
+CVE-2005-4579 (Multiple HTTP response splitting vulnerabilities in Hitachi Business L ...)
 	NOT-FOR-US: Hitachi Business Logic
-CVE-2005-4578
+CVE-2005-4578 (Multiple SQL injection vulnerabilities in Hitachi Business Logic - Con ...)
 	NOT-FOR-US: Hitachi Business Logic
-CVE-2005-4577
+CVE-2005-4577 (Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Busines ...)
 	NOT-FOR-US: Hitachi Business Logic
-CVE-2005-4576
+CVE-2005-4576 (Multiple cross-site scripting (XSS) vulnerabilities in the UpdateEngin ...)
 	NOT-FOR-US: Fatwire Update Engine
-CVE-2005-4575
+CVE-2005-4575 (PaperThin CommonSpot Content Server 4.5 and earlier allow remote attac ...)
 	NOT-FOR-US: CommonSpot Content Server
-CVE-2005-4574
+CVE-2005-4574 (Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin Co ...)
 	{DSA-1201-1}
 	NOT-FOR-US: CommonSpot Content Server
-CVE-2005-4573
+CVE-2005-4573 (PHP remote file include vulnerability in plog-admin-functions.php in P ...)
 	NOT-FOR-US: Plogger
-CVE-2005-4572
+CVE-2005-4572 (Multiple SQL injection vulnerabilities in myEZshop Shopping Cart allow ...)
 	NOT-FOR-US: myEZshop Shopping Cart
-CVE-2005-4571
+CVE-2005-4571 (Cross-site scripting (XSS) vulnerability in myEZshop Shopping Cart all ...)
 	NOT-FOR-US: myEZshop Shopping Cart
-CVE-2005-4570
+CVE-2005-4570 (The Internet Key Exchange version 1 (IKEv1) implementations in Fortine ...)
 	NOT-FOR-US: FortiOS
-CVE-2005-4569
+CVE-2005-4569 (Stack-based buffer overflow in index.fts in FTGate Technology (formerl ...)
 	NOT-FOR-US: FTGate
-CVE-2005-4568
+CVE-2005-4568 (Multiple format string vulnerabilities in FTGate Technology (formerly  ...)
 	NOT-FOR-US: FTGate
-CVE-2005-4567
+CVE-2005-4567 (Multiple cross-site scripting (XSS) vulnerabilities in FTGate Technolo ...)
 	NOT-FOR-US: FTGate
-CVE-2005-4566
+CVE-2005-4566 (Buffer overflow in the Internet Key Exchange version 1 (IKEv1) impleme ...)
 	NOT-FOR-US: NetVanta
-CVE-2005-4565
+CVE-2005-4565 (Format string vulnerability in the Internet Key Exchange version 1 (IK ...)
 	NOT-FOR-US: NetVanta
-CVE-2005-4564
+CVE-2005-4564 (The Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN N ...)
 	NOT-FOR-US: NetVanta
-CVE-2005-4563
+CVE-2005-4563 (SQL injection vulnerability in main.php in Enterprise Heart Enterprise ...)
 	NOT-FOR-US: Enterprise Heart Enterprise Connector
 CVE-2005-4562
 	REJECTED
 CVE-2005-4561
 	REJECTED
-CVE-2005-4560
+CVE-2005-4560 (The Windows Graphical Device Interface library (GDI32.DLL) in Microsof ...)
 	{CVE-2006-0106}
 	NOT-FOR-US: Microsoft
-CVE-2005-4559
+CVE-2005-4559 (mail/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Ser ...)
 	NOT-FOR-US: IceWarp Web Mail
-CVE-2005-4558
+CVE-2005-4558 (IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNet ...)
 	NOT-FOR-US: IceWarp Web Mail
-CVE-2005-4557
+CVE-2005-4557 (dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Serv ...)
 	NOT-FOR-US: IceWarp Web Mail
-CVE-2005-4556
+CVE-2005-4556 (PHP remote file include vulnerability in IceWarp Web Mail 5.5.1, as us ...)
 	NOT-FOR-US: IceWarp Web Mail
-CVE-2005-4555
+CVE-2005-4555 (Cross-site scripting (XSS) vulnerability in add.php in DEV web managem ...)
 	NOT-FOR-US: DEV web management system
-CVE-2005-4554
+CVE-2005-4554 (Multiple SQL injection vulnerabilities in DEV web management system 1. ...)
 	NOT-FOR-US: DEV web management system
-CVE-2005-4553
+CVE-2005-4553 (Buffer overflow in Golden FTP Server 1.92 allows remote attackers to e ...)
 	NOT-FOR-US: Golden FTP Server
-CVE-2005-4552
+CVE-2005-4552 (The (1) slsmgr and (2) slsadmin programs in Sun Solaris PC NetLink 2.0 ...)
 	NOT-FOR-US: Sun Solaris PC NetLink
-CVE-2005-4551
+CVE-2005-4551 (Cross-site scripting (XSS) vulnerability in sign.php in codegrrl SimpB ...)
 	NOT-FOR-US: codegrrl SimpBook
-CVE-2005-4550
+CVE-2005-4550 (The PORTAL schema in Oracle Application Server (OracleAS) Discussion F ...)
 	NOT-FOR-US: Oracle
-CVE-2005-4549
+CVE-2005-4549 (Cross-site scripting (XSS) vulnerability in Oracle Application Server  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-4548
+CVE-2005-4548 (SQL injection vulnerability in the "user area" in RWS Statistics Count ...)
 	NOT-FOR-US: RWS Statistics Counter
-CVE-2005-4547
+CVE-2005-4547 (Cross-site scripting (XSS) vulnerability in home/search.php in eggblog ...)
 	NOT-FOR-US: eggblog
-CVE-2005-4546
+CVE-2005-4546 (search.php in eggblog 2.0 allows remote attackers to obtain the full p ...)
 	NOT-FOR-US: eggblog
-CVE-2005-4545
+CVE-2005-4545 (Cross-site scripting (XSS) vulnerability in search.asp in NetDirect Sh ...)
 	NOT-FOR-US: NetDirect ShopEngine
 CVE-2005-4544
 	REJECTED
@@ -850,140 +850,140 @@ CVE-2005-4538
 	REJECTED
 CVE-2005-4537
 	REJECTED
-CVE-2005-4536
+CVE-2005-4536 (Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enable ...)
 	{DSA-960-3}
 	- libmail-audit-perl 2.1-5.1 (bug #344029; medium)
 CVE-2005-4535
 	REJECTED
-CVE-2005-4533
+CVE-2005-4533 (Argument injection vulnerability in scponlyc in scponly 4.1 and earlie ...)
 	{DSA-969-1}
 	- scponly 4.6-1 (bug #344418)
-CVE-2005-4532
+CVE-2005-4532 (scponlyc in scponly 4.1 and earlier, when the operating system support ...)
 	{DSA-969-1}
 	- scponly 4.6-1 (bug #344418)
 CVE-2005-4531
 	REJECTED
-CVE-2005-4530
+CVE-2005-4530 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay ...)
 	NOT-FOR-US: EPay Enterprise
-CVE-2005-4529
+CVE-2005-4529 (The Chatspot 2.0.0a7 module for phpBB might allow remote attackers to  ...)
 	NOT-FOR-US: phpBB addon
-CVE-2005-4528
+CVE-2005-4528 (SQL injection vulnerability in the Chatspot 2.0.0a7 module for phpBB a ...)
 	NOT-FOR-US: phpBB addon
-CVE-2005-4527
+CVE-2005-4527 (Multiple SQL injection vulnerabilities in Direct News 4.9 allow remote ...)
 	NOT-FOR-US: Direct News
-CVE-2005-4526
+CVE-2005-4526 (Clearswift MIMEsweeper For Web (a.k.a. WEBsweeper) 4.0 through 5.1 all ...)
 	NOT-FOR-US: MIMEsweeper For Web
-CVE-2005-4525
+CVE-2005-4525 (SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local user ...)
 	NOT-FOR-US: Sygate
-CVE-2005-4524
+CVE-2005-4524 (Mantis 1.0.0rc3 does not properly handle "Make note private" when a bu ...)
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4523
+CVE-2005-4523 (Mantis 1.0.0rc3 and earlier discloses private bugs via public RSS feed ...)
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4522
+CVE-2005-4522 (Multiple cross-site scripting (XSS) vulnerabilities in the view_filter ...)
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4521
+CVE-2005-4521 (CRLF injection vulnerability in Mantis 1.0.0rc3 and earlier allows rem ...)
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4520
+CVE-2005-4520 (Unspecified "port injection" vulnerabilities in filters in Mantis 1.0. ...)
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4519
+CVE-2005-4519 (Multiple SQL injection vulnerabilities in the manage user page (manage ...)
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4518
+CVE-2005-4518 (Mantis before 0.19.4 allows remote attackers to bypass the file upload ...)
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4517
+CVE-2005-4517 (SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 al ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-4516
+CVE-2005-4516 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion 6.00 ...)
 	NOT-FOR-US: PHP-Fusion
 CVE-2005-4515
 	NOT-FOR-US: WebDB
 CVE-2005-4514
 	NOT-FOR-US: Webwasher
-CVE-2005-4513
+CVE-2005-4513 (Cross-site scripting (XSS) vulnerability in WANDSOFT e-SEARCH allows r ...)
 	NOT-FOR-US: WANDSOFT e-SEARCH
-CVE-2005-4512
+CVE-2005-4512 (Cross-site scripting (XSS) vulnerability in WAXTRAPP 3.0.1 and earlier ...)
 	NOT-FOR-US: WAXTRAPP
-CVE-2005-4511
+CVE-2005-4511 (Format string vulnerability in TN3270 Resource Gateway 1.1.0 allows lo ...)
 	NOT-FOR-US: TN3270 Resource Gateway
-CVE-2005-4510
+CVE-2005-4510 (Directory traversal vulnerability in server.np in NetPublish Server 7  ...)
 	NOT-FOR-US: Netpublish Server
-CVE-2005-4509
+CVE-2005-4509 (SQL injection vulnerability in index.asp in pTools allows remote attac ...)
 	NOT-FOR-US: pTools
-CVE-2005-4508
+CVE-2005-4508 (Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to o ...)
 	NOT-FOR-US: Nexus Concepts Dev Hound
-CVE-2005-4507
+CVE-2005-4507 (Multiple cross-site scripting (XSS) vulnerabilities in Nexus Concepts  ...)
 	NOT-FOR-US: Nexus Concepts Dev Hound
-CVE-2005-4506
+CVE-2005-4506 (Nexus Concepts Dev Hound 2.24 and earlier stores username and password ...)
 	NOT-FOR-US: Nexus Concepts Dev Hound
-CVE-2005-4505
+CVE-2005-4505 (Unquoted Windows search path vulnerability in McAfee VirusScan Enterpr ...)
 	NOT-FOR-US: McAfee
-CVE-2005-4504
+CVE-2005-4504 (The khtml::RenderTableSection::ensureRows function in KHTMLParser in A ...)
 	- kdelibs <not-affected>
 	NOTE: Konqueror from sid doesn't crash, will test an older version later
-CVE-2005-4503
+CVE-2005-4503 (httprint v202, and possibly other versions before v301, allows remote  ...)
 	NOT-FOR-US: httprint
-CVE-2005-4502
+CVE-2005-4502 (Cross-site scripting (XSS) vulnerability in httprint v202, and possibl ...)
 	NOT-FOR-US: httprint
-CVE-2005-4501
+CVE-2005-4501 (MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string" ...)
 	- mediawiki 1.4.13-1 (bug #345280)
-CVE-2005-4500
+CVE-2005-4500 (SQL injection vulnerability in MusicBox 2.3 allows remote attackers to ...)
 	NOT-FOR-US: MusicBox
-CVE-2005-4499
+CVE-2005-4499 (The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concent ...)
 	NOT-FOR-US: Cisco
-CVE-2005-4498
+CVE-2005-4498 (Cross-site scripting (XSS) vulnerability in Text-e 1.6.4 and earlier a ...)
 	NOT-FOR-US: Text-e
-CVE-2005-4497
+CVE-2005-4497 (Cross-site scripting (XSS) vulnerability in Tangora Portal CMS 4.0 and ...)
 	NOT-FOR-US: Tangora Portal
-CVE-2005-4496
+CVE-2005-4496 (Cross-site scripting (XSS) vulnerability in search in SyntaxCMS 1.2.1  ...)
 	NOT-FOR-US: Syntax CMS
 CVE-2005-4495
 	NOT-FOR-US: SpireMedia
-CVE-2005-4494
+CVE-2005-4494 (Cross-site scripting (XSS) vulnerability in SPIP 1.8.2 and earlier all ...)
 	- spip 2.0.6-1 (medium; bug #352078)
-CVE-2005-4493
+CVE-2005-4493 (Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier a ...)
 	NOT-FOR-US: SpearTek
-CVE-2005-4492
+CVE-2005-4492 (Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18  ...)
 	NOT-FOR-US: Starphire SiteSage
-CVE-2005-4491
+CVE-2005-4491 (Multiple cross-site scripting (XSS) vulnerabilities in Sitekit CMS 6.6 ...)
 	NOT-FOR-US: Sitekit CMS
-CVE-2005-4490
+CVE-2005-4490 (Multiple cross-site scripting (XSS) vulnerabilities in SCOOP! 2.3 and  ...)
 	NOT-FOR-US: SCOOP!
-CVE-2005-4489
+CVE-2005-4489 (Cross-site scripting (XSS) vulnerability in Scoop 1.1 RC1 and earlier  ...)
 	NOT-FOR-US: Scoop
-CVE-2005-4488
+CVE-2005-4488 (Multiple cross-site scripting (XSS) vulnerabilities in index.tpl in Re ...)
 	NOT-FOR-US: Redakto WCMS
-CVE-2005-4487
+CVE-2005-4487 (Cross-site scripting (XSS) vulnerability in RAMSite R|1 CMS 1.0 and ea ...)
 	NOT-FOR-US: RAMSite
 CVE-2005-4486
 	NOT-FOR-US: Quantum Art
-CVE-2005-4485
+CVE-2005-4485 (Multiple cross-site scripting (XSS) vulnerabilities in ProjectApp 3.3  ...)
 	NOT-FOR-US: ProjectApp
-CVE-2005-4484
+CVE-2005-4484 (Multiple cross-site scripting (XSS) vulnerabilities in IntranetApp 3.3 ...)
 	NOT-FOR-US: IntranetApp
-CVE-2005-4483
+CVE-2005-4483 (Cross-site scripting (XSS) vulnerability in login.asp in SiteEnable 3. ...)
 	NOT-FOR-US: SiteEnable
-CVE-2005-4482
+CVE-2005-4482 (Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 ...)
 	NOT-FOR-US: PortalApp
 CVE-2005-4481
 	NOT-FOR-US: Polypoly
-CVE-2005-4480
+CVE-2005-4480 (Cross-site scripting (XSS) vulnerability in Plexcor CMS 4.0 and earlie ...)
 	NOT-FOR-US: Plexcor CMS
-CVE-2005-4479
+CVE-2005-4479 (SQL injection vulnerability in article.php in phpSlash 0.8.1 and earli ...)
 	NOT-FOR-US: phpSlash
-CVE-2005-4478
+CVE-2005-4478 (Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier allo ...)
 	NOT-FOR-US: Papoo
-CVE-2005-4477
+CVE-2005-4477 (Cross-site scripting (XSS) vulnerability in papaya CMS 4.0.4 and earli ...)
 	NOT-FOR-US: papaya CMS
-CVE-2005-4476
+CVE-2005-4476 (Cross-site scripting (XSS) vulnerability in store/search/results.html  ...)
 	NOT-FOR-US: OpenEdit
-CVE-2005-4475
+CVE-2005-4475 (Cross-site scripting (XSS) vulnerability in OpenCms 6.0.3 and earlier  ...)
 	NOT-FOR-US: OpenCms
-CVE-2005-4534
+CVE-2005-4534 (The shadow database feature (syncshadowdb) in Bugzilla 2.9 through 2.1 ...)
 	{DSA-1208-1}
 	- bugzilla 2.18 (bug #329387; low)
 	NOTE: The vulnerable script has been removed in the 2.18 upstream release
@@ -991,361 +991,361 @@ CVE-2005-XXXX [Insecure tempfile in libjpeg6b's exifautotran]
 	- libjpeg6b 6b-11 (bug #340079; low)
 	[woody] - libjpeg6b <not-affected> (Does not include exifautotran)
 	[sarge] - libjpeg6b <no-dsa> (Creates tempfile in cwd, only very far-fetched attack vectors applicable)
-CVE-2005-4474
+CVE-2005-4474 (Buffer overflow in the "Add to archive" command in WinRAR 3.51 allows  ...)
 	NOT-FOR-US: WinRAR
-CVE-2005-4473
+CVE-2005-4473 (Unspecified vulnerability in Macromedia JRun 4 web server (JWS) allows ...)
 	NOT-FOR-US: Macromedia JRun 4 web server
-CVE-2005-4472
+CVE-2005-4472 (Stack-based buffer overflow in the Macromedia JRun 4 web server (JWS)  ...)
 	NOT-FOR-US: Macromedia JRun 4 web server
-CVE-2005-4471
+CVE-2005-4471 (POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2 ...)
 	NOT-FOR-US: Avaya Modular Messaging Message Storage Server
-CVE-2005-4470
+CVE-2005-4470 (Heap-based buffer overflow in the get_bhead function in readfile.c in  ...)
 	{DSA-1039-1 DTSA-29-1}
 	- blender 2.40-1 (bug #344398; medium)
 	[woody] - blender <no-dsa> (Woody has it in non-free and it is binary-only)
-CVE-2005-4469
+CVE-2005-4469 (Multiple direct static code injection vulnerabilities in PHPGedView 3. ...)
 	NOT-FOR-US: PHPGedView
-CVE-2005-4468
+CVE-2005-4468 (PHP remote file include vulnerability in help_text_vars.php in PHPGedV ...)
 	NOT-FOR-US: PHPGedView
-CVE-2005-4467
+CVE-2005-4467 (Directory traversal vulnerability in help_text_vars.php in PHPGedView  ...)
 	NOT-FOR-US: PHPGedView
-CVE-2005-4466
+CVE-2005-4466 (Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll i ...)
 	NOT-FOR-US: SIP Proxy
-CVE-2005-4465
+CVE-2005-4465 (The Internet Key Exchange version 1 (IKEv1) implementation in NEC UNIV ...)
 	NOT-FOR-US: NEC UNIVERGE IX1000, IX2000, and IX3000
-CVE-2005-4464
+CVE-2005-4464 (Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote  ...)
 	NOT-FOR-US: Ingate Firewall / SIParator
-CVE-2005-4463
+CVE-2005-4463 (WordPress before 1.5.2 allows remote attackers to obtain sensitive inf ...)
 	- wordpress 1.5.2-1 (unimportant)
 	NOTE: Only path disclosure
-CVE-2005-4462
+CVE-2005-4462 (PHP remote file include vulnerability in usermods.php in Tolva PHP web ...)
 	NOT-FOR-US: Tolva PHP website system
-CVE-2005-4461
+CVE-2005-4461 (SQL injection vulnerability in index.php in Beehive Forum 0.6.2 and ea ...)
 	NOT-FOR-US: Beehive Forum
-CVE-2005-4460
+CVE-2005-4460 (Cross-site scripting (XSS) vulnerability in Beehive Forum 0.6.2 and ea ...)
 	NOT-FOR-US: Beehive Forum
-CVE-2005-4459
+CVE-2005-4459 (Heap-based buffer overflow in the NAT networking components vmnat.exe  ...)
 	NOT-FOR-US: VMWare
-CVE-2005-4458
+CVE-2005-4458 (Group.pm in Metadot Portal Server 6.4.4 and earlier does not properly  ...)
 	NOT-FOR-US: Metadot Portal Server
-CVE-2005-4457
+CVE-2005-4457 (MailEnable Enterprise 1.1 before patch ME-10009 allows remote attacker ...)
 	NOT-FOR-US: MailEnable
-CVE-2005-4456
+CVE-2005-4456 (Multiple buffer overflows in MailEnable Professional 1.71 and Enterpri ...)
 	NOT-FOR-US: MailEnable
-CVE-2005-4455
+CVE-2005-4455 (cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote ...)
 	NOT-FOR-US: livejournal
 	NOTE: liblivejournal-perl doesn't seem to embed any of the affected code
-CVE-2005-4454
+CVE-2005-4454 (Validate-before-filter vulnerability in cleanhtml.pl 1.129 in LiveJour ...)
 	NOT-FOR-US: livejournal
 	NOTE: liblivejournal-perl doesn't seem to embed any of the affected code
-CVE-2005-4453
+CVE-2005-4453 (UserProfile.cs in Ultraapps Issue Manager before 2.1 allows remote aut ...)
 	NOT-FOR-US: Ultraapps Issue Manager
-CVE-2005-4452
+CVE-2005-4452 (Information Call Center stores the CallCenterData.mdb database under t ...)
 	NOT-FOR-US: Information Call Center
-CVE-2005-4451
+CVE-2005-4451 (Unspecified vulnerability in Software Distributor in HP-UX B.11.11 all ...)
 	NOT-FOR-US: HP-UX
-CVE-2005-4450
+CVE-2005-4450 (Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.7.0 al ...)
 	NOTE: According to the description possibly a dupe of the non-issue CVE-2005-4349
-CVE-2005-4449
+CVE-2005-4449 (verify.php in FlatNuke 2.5.6 allows remote authenticated administrator ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-4448
+CVE-2005-4448 (FlatNuke 2.5.6 verifies authentication credentials based on an MD5 che ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-4447
+CVE-2005-4447 (SQL injection vulnerability in articles\articles_funcs.php in phpCOIN  ...)
 	NOT-FOR-US: phpCOIN
-CVE-2005-4446
+CVE-2005-4446 (Cross-site scripting (XSS) vulnerability in index.asp in ASPBite 8.x a ...)
 	NOT-FOR-US: ASPBite
-CVE-2005-4445
+CVE-2005-4445 (Off-by-one error in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allow ...)
 	NOT-FOR-US: Pegasus Mail
-CVE-2005-4444
+CVE-2005-4444 (Stack-based buffer overflow in the trace message functionality in Pega ...)
 	NOT-FOR-US: Pegasus Mail
-CVE-2005-4443
+CVE-2005-4443 (Untrusted search path vulnerability in Gauche before 0.8.6-r1 on Gento ...)
 	- gauche <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-4442
+CVE-2005-4442 (Untrusted search path vulnerability in OpenLDAP before 2.2.28-r3 on Ge ...)
 	- openldap2 <not-affected> (Gentoo-specific packaging flaw)
 	- openldap2.2 <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-4441
+CVE-2005-4441 (The PVLAN protocol allows remote attackers to bypass network segmentat ...)
 	NOT-FOR-US: VLAN protocol flaws, likely fixed in current kernels
-CVE-2005-4440
+CVE-2005-4440 (The 802.1q VLAN protocol allows remote attackers to bypass network seg ...)
 	NOT-FOR-US: VLAN protocol flaws, likely fixed in current kernels
-CVE-2005-4439
+CVE-2005-4439 (Buffer overflow in ELOG elogd 2.6.0-beta4 allows remote attackers to c ...)
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1 (bug #349528; high)
-CVE-2005-4438
+CVE-2005-4438 (Heap-based buffer overflow in Dec2Rar.dll 3.2.14.3, as distributed in  ...)
 	NOT-FOR-US: Dec2Rar
-CVE-2005-4437
+CVE-2005-4437 (MD5 Neighbor Authentication in Extended Interior Gateway Routing Proto ...)
 	NOT-FOR-US: IOS
-CVE-2005-4436
+CVE-2005-4436 (Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented ...)
 	NOT-FOR-US: IOS
-CVE-2005-4435
+CVE-2005-4435 (Cross-site scripting (XSS) vulnerability in index.php AbleDesign D-Man ...)
 	NOT-FOR-US: AbleDesign D-Man
-CVE-2005-4434
+CVE-2005-4434 (Cross-site scripting (XSS) vulnerability in AbleDesign ReSearch 2.x al ...)
 	NOT-FOR-US: AbleDesign ReSearch
-CVE-2005-4433
+CVE-2005-4433 (Cross-site scripting (XSS) vulnerability in search.php in Esselbach St ...)
 	NOT-FOR-US: Esselbach Storyteller CMS
-CVE-2005-4432
+CVE-2005-4432 (Cross-site scripting (XSS) vulnerability in index.php in PlaySMS 0.8 a ...)
 	NOT-FOR-US: PlaySMS
-CVE-2005-4431
+CVE-2005-4431 (SQL injection vulnerability in WowBB 1.65 allows remote attackers to e ...)
 	NOT-FOR-US: WowBB
-CVE-2005-4430
+CVE-2005-4430 (SQL injection vulnerability in LogicBill 1.0 and earlier allows remote ...)
 	NOT-FOR-US: LogicBill
-CVE-2005-4429
+CVE-2005-4429 (SQL injection vulnerability in CS-Cart 1.3.0 allows remote attackers t ...)
 	NOT-FOR-US: CS-Cart
-CVE-2005-4428
+CVE-2005-4428 (Cross-site scripting (XSS) vulnerability in index.php in Cerberus Help ...)
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2005-4427
+CVE-2005-4427 (Multiple SQL injection vulnerabilities in Cerberus Helpdesk allow remo ...)
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2005-4426
+CVE-2005-4426 (Interpretation conflict in YaBB before 2.1 allows remote authenticated ...)
 	NOT-FOR-US: YaBB
-CVE-2005-4425
+CVE-2005-4425 (Unspecified vulnerability in Kerio WinRoute Firewall before 6.1.3 allo ...)
 	NOT-FOR-US: Kerio Firewall
-CVE-2005-4424
+CVE-2005-4424 (Directory traversal vulnerability in PHPKIT 1.6.1 R2 and earlier might ...)
 	NOT-FOR-US: PHPKIT
-CVE-2005-4423
+CVE-2005-4423 (Unrestricted file upload vulnerability in PHPFM before 0.2.3 allows re ...)
 	NOT-FOR-US: PHPFM
-CVE-2005-4422
+CVE-2005-4422 (Unrestricted file upload vulnerability in toendaCMS before 0.6.2 Stabl ...)
 	NOT-FOR-US: toendaCMS
-CVE-2005-4421
+CVE-2005-4421 (Dev-Editor 3.0 allows remote attackers to access any directory outside ...)
 	NOT-FOR-US: Dev-Editor
-CVE-2005-4420
+CVE-2005-4420 (Cross-site scripting (XSS) vulnerability in Honeycomb Archive Enterpri ...)
 	NOT-FOR-US: Honeycomb Archive Enterprise
-CVE-2005-4419
+CVE-2005-4419 (Multiple SQL injection vulnerabilities in CategoryResults.cfm in Honey ...)
 	NOT-FOR-US: Honeycomb Archive Enterprise
-CVE-2005-4417
+CVE-2005-4417 (The default configuration of Widcomm Bluetooth for Windows (BTW) 4.0.1 ...)
 	NOT-FOR-US: Widcomm Bluetooth for Windows
-CVE-2005-4416
+CVE-2005-4416 (SQL injection vulnerability in index.php in TML CMS 0.5 allows remote  ...)
 	NOT-FOR-US: TML CMS
-CVE-2005-4415
+CVE-2005-4415 (Cross-site scripting (XSS) vulnerability in index.php in TML CMS 0.5 a ...)
 	NOT-FOR-US: TML CMS
-CVE-2005-4414
+CVE-2005-4414 (Unspecified vulnerability in Teamwork 3 before alpha 1.7 has unknown i ...)
 	NOT-FOR-US: Teamwork 3
-CVE-2005-4413
+CVE-2005-4413 (Multiple cross-site scripting (XSS) vulnerabilities in sample scripts  ...)
 	NOT-FOR-US: Websphere
-CVE-2005-4412
+CVE-2005-4412 (Citrix Program Neighborhood client before 9.150 caches the user passwo ...)
 	NOT-FOR-US: Citrix
-CVE-2005-4411
+CVE-2005-4411 (Buffer overflow in Mercury Mail Transport System 4.01b allows remote a ...)
 	NOT-FOR-US: Mercury Mail Transport System
-CVE-2005-4410
+CVE-2005-4410 (Cross-site scripting (XSS) vulnerability in NQcontent 3 allows remote  ...)
 	NOT-FOR-US: NQcontent
-CVE-2005-4409
+CVE-2005-4409 (Cross-site scripting (XSS) vulnerability in MMBase 1.7.4 and earlier a ...)
 	NOT-FOR-US: MMBase
-CVE-2005-4408
+CVE-2005-4408 (Multiple SQL injection vulnerabilities in Miraserver 1.0 RC4 and earli ...)
 	NOT-FOR-US: Miraserver
-CVE-2005-4407
+CVE-2005-4407 (Cross-site scripting (XSS) vulnerability in index.cfm in Mercury CMS 4 ...)
 	NOT-FOR-US: Mercury CMS
-CVE-2005-4406
+CVE-2005-4406 (SQL injection vulnerability in index.cfm in Mercury CMS 4.0 and earlie ...)
 	NOT-FOR-US: Mercury CMS
-CVE-2005-4405
+CVE-2005-4405 (redqueen.cgi in Red Queen 1.02 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Red Queen
-CVE-2005-4404
+CVE-2005-4404 (SQL injection vulnerability in default.asp in Media2 CMS Shop 18.x all ...)
 	NOT-FOR-US: Media2 CMS
-CVE-2005-4403
+CVE-2005-4403 (SQL injection vulnerability in index.php in Marwel 2.7 and earlier all ...)
 	NOT-FOR-US: Marwel
-CVE-2005-4402
+CVE-2005-4402 (Buffer overflow in MailEnable Professional 1.71 and earlier, and Enter ...)
 	NOT-FOR-US: MailEnable Professional
-CVE-2005-4401
+CVE-2005-4401 (Cross-site scripting (XSS) vulnerability in Lutece 1.2.3 and earlier a ...)
 	NOT-FOR-US: Lutece
-CVE-2005-4400
+CVE-2005-4400 (Cross-site scripting (XSS) vulnerability in downloads/portal_ent in Li ...)
 	NOT-FOR-US: Liferay Portal Professional
-CVE-2005-4399
+CVE-2005-4399 (Cross-site scripting (XSS) vulnerability in search/index.php in Libert ...)
 	NOT-FOR-US: Libertas Enterprise CMS
 CVE-2005-4398
 	NOT-FOR-US: lemoon
-CVE-2005-4397
+CVE-2005-4397 (SQL injection vulnerability in RunScript.asp iCMS allows remote attack ...)
 	NOT-FOR-US: iCMS
-CVE-2005-4396
+CVE-2005-4396 (Cross-site scripting (XSS) vulnerability in admin/Default.asp in iCMS  ...)
 	NOT-FOR-US: iCMS
-CVE-2005-4395
+CVE-2005-4395 (Cross-site scripting (XSS) vulnerability in FarCry 3.0 and earlier all ...)
 	NOT-FOR-US: FarCry
-CVE-2005-4394
+CVE-2005-4394 (Cross-site scripting (XSS) vulnerability in EPiX 3.1.2 and earlier all ...)
 	NOT-FOR-US: EPiX
-CVE-2005-4393
+CVE-2005-4393 (Cross-site scripting (XSS) vulnerability in show.cfm in e-publish CMS  ...)
 	NOT-FOR-US: e-publish CMS
-CVE-2005-4392
+CVE-2005-4392 (SQL injection vulnerability in printer_friendly.cfm in e-publish CMS 2 ...)
 	NOT-FOR-US: e-publish CMS
-CVE-2005-4391
+CVE-2005-4391 (Cross-site scripting (XSS) vulnerability in damoon allows remote attac ...)
 	NOT-FOR-US: damoon
-CVE-2005-4390
+CVE-2005-4390 (SQL injection vulnerability in index.php in ContentServ 3.1 and earlie ...)
 	NOT-FOR-US: ContentServ
-CVE-2005-4389
+CVE-2005-4389 (search.cfm in CONTENS 3.0 and earlier allows remote attackers to obtai ...)
 	NOT-FOR-US: CONTENS
-CVE-2005-4388
+CVE-2005-4388 (Cross-site scripting (XSS) vulnerability in search.cfm in CONTENS 3.0  ...)
 	NOT-FOR-US: CONTENS
-CVE-2005-4387
+CVE-2005-4387 (Cross-site scripting (XSS) vulnerability in home.php in contenite 0.11 ...)
 	NOT-FOR-US: contenite
-CVE-2005-4386
+CVE-2005-4386 (Cross-site scripting (XSS) vulnerability in Colony CMS 2.75 and earlie ...)
 	NOT-FOR-US: Colony CMS
-CVE-2005-4385
+CVE-2005-4385 (Cross-site scripting (XSS) vulnerability in search.htm in Cofax 2.0 RC ...)
 	NOT-FOR-US: Cofax
-CVE-2005-4384
+CVE-2005-4384 (CitySoft Community Enterprise 4.x allows remote attackers to obtain th ...)
 	NOT-FOR-US: CitySoft Community Enterprise
-CVE-2005-4383
+CVE-2005-4383 (Cross-site scripting (XSS) vulnerability in index.cfm in CitySoft Comm ...)
 	NOT-FOR-US: CitySoft Community Enterprise
-CVE-2005-4382
+CVE-2005-4382 (SQL injection vulnerability in CitySoft Community Enterprise 4.x allow ...)
 	NOT-FOR-US: CitySoft Community Enterprise
-CVE-2005-4381
+CVE-2005-4381 (Multiple cross-site scripting (XSS) vulnerabilities in Caravel CMS 3.0 ...)
 	NOT-FOR-US: Caravel CMS
-CVE-2005-4380
+CVE-2005-4380 (Multiple SQL injection vulnerabilities in Bitweaver 1.1 and 1.1.1 beta ...)
 	NOT-FOR-US: Bitweaver
-CVE-2005-4379
+CVE-2005-4379 (Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.1 a ...)
 	NOT-FOR-US: Bitweaver
-CVE-2005-4378
+CVE-2005-4378 (SQL injection vulnerability in Page.asp in Baseline CMS 1.95 and earli ...)
 	NOT-FOR-US: Baseline CMS
-CVE-2005-4377
+CVE-2005-4377 (Cross-site scripting (XSS) vulnerability in Page.asp in Baseline CMS 1 ...)
 	NOT-FOR-US: Baseline CMS
-CVE-2005-4376
+CVE-2005-4376 (Directory traversal vulnerability in Amaxus 3 and earlier allows remot ...)
 	NOT-FOR-US: Amaxus
-CVE-2005-4375
+CVE-2005-4375 (Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allow ...)
 	NOT-FOR-US: Amaxus
-CVE-2005-4374
+CVE-2005-4374 (Multiple cross-site scripting (XSS) vulnerabilities in Allinta 2.3.2 a ...)
 	NOT-FOR-US: Allinta
-CVE-2005-4373
+CVE-2005-4373 (Adaptive Website Framework (AWF) 2.10 and earlier allows remote attack ...)
 	NOT-FOR-US: Adaptive Website Framework
-CVE-2005-4372
+CVE-2005-4372 (Cross-site scripting (XSS) vulnerability in account.html in Adaptive W ...)
 	NOT-FOR-US: Adaptive Website Framework
-CVE-2005-4371
+CVE-2005-4371 (Acidcat 2.1.13 and earlier stores the database under the web root with ...)
 	NOT-FOR-US: Acidcat
-CVE-2005-4370
+CVE-2005-4370 (SQL injection vulnerability in main_content.asp in Acidcat 2.1.13 and  ...)
 	NOT-FOR-US: Acidcat
-CVE-2005-4369
+CVE-2005-4369 (Cross-site scripting (XSS) vulnerability in Acuity CMS 2.6.2 allows re ...)
 	NOT-FOR-US: Acuity CMS
-CVE-2005-4368
+CVE-2005-4368 (roundcube webmail Alpha, with a default high verbose level ($rcmail_co ...)
 	- roundcube <not-affected> (Quotes are stripped now and if the task can't be found there is a default of mail)
-CVE-2005-4367
+CVE-2005-4367 (Cross-site scripting (XSS) vulnerability in register_domain.php in DRZ ...)
 	NOT-FOR-US: DRZES HMS
-CVE-2005-4366
+CVE-2005-4366 (Multiple SQL injection vulnerabilities in DRZES HMS 3.2 allow remote a ...)
 	NOT-FOR-US: DRZES HMS
-CVE-2005-4365
+CVE-2005-4365 (Multiple cross-site scripting (XSS) vulnerabilities in FLIP 0.9.0.1029 ...)
 	NOT-FOR-US: FLIP
-CVE-2005-4364
+CVE-2005-4364 (Cross-site scripting (XSS) vulnerability in index.cfm in Hot Banana We ...)
 	NOT-FOR-US: Hot Banana Web Content Management Suite
-CVE-2005-4363
+CVE-2005-4363 (Cross-site scripting (XSS) vulnerability in the search engine in Komod ...)
 	NOT-FOR-US: Komodo CMS
-CVE-2005-4362
+CVE-2005-4362 (SQL injection vulnerability in page.php in Komodo CMS 2.1 allows remot ...)
 	NOT-FOR-US: Komodo CMS
-CVE-2005-4361
+CVE-2005-4361 (Cross-site scripting (XSS) vulnerability in search.html in Magnolia Co ...)
 	NOT-FOR-US: Magnolia Content Management Suite
-CVE-2005-4360
+CVE-2005-4360 (The URL parser in Microsoft Internet Information Services (IIS) 5.1 on ...)
 	NOT-FOR-US: IIS
-CVE-2005-4359
+CVE-2005-4359 (SQL injection vulnerability in includes/core.inc.php in ODFaq 2.1.0 al ...)
 	NOT-FOR-US: ODFaq
-CVE-2005-4358
+CVE-2005-4358 (admin/admin_disallow.php in phpBB 2.0.18 allows remote attackers to ob ...)
 	- phpbb2 <unfixed> (unimportant)
-CVE-2005-4357
+CVE-2005-4357 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.18, when "Allowe ...)
 	- phpbb2 2.0.21-1 (bug #344674; low)
 	[sarge] - phpbb2 <no-dsa> (Affects only an inherently unsafe option only suitable for trusted users)
 	NOTE: According to the maintainer only affects a config option that is strongly
 	NOTE: discouraged due to potential security problems
-CVE-2005-4356
+CVE-2005-4356 (SQL injection vulnerability in UStore allows remote attackers to execu ...)
 	NOT-FOR-US: UStore
-CVE-2005-4355
+CVE-2005-4355 (Multiple cross-site scripting (XSS) vulnerabilities in UStore allow re ...)
 	NOT-FOR-US: UStore
-CVE-2005-4354
+CVE-2005-4354 (Cross-site scripting (XSS) vulnerability in webglimpse.cgi in Webglimp ...)
 	NOT-FOR-US: Webglimpse
-CVE-2005-4353
+CVE-2005-4353 (SQL injection vulnerability in index.php in toendaCMS 0.6.2.1, when co ...)
 	NOT-FOR-US: toendaCMS
-CVE-2005-4352
+CVE-2005-4352 (The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2 ...)
 	- linux-2.6 2.6.18-3
-CVE-2005-4351
+CVE-2005-4351 (The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up ...)
 	- linux-2.6 2.6.18-3
-CVE-2005-4350
+CVE-2005-4350 (Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 an ...)
 	NOT-FOR-US: WBEM Services
 CVE-2005-4349
 	- phpmyadmin <unfixed> (unimportant)
 	NOTE: Only for authenticated used, will possibly be rejected
-CVE-2005-4348
+CVE-2005-4348 (fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidr ...)
 	{DSA-939-1}
 	- fetchmail 6.3.1-1 (bug #343836; bug #345944; low)
-CVE-2005-4418
+CVE-2005-4418 (util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5. ...)
 	{DSA-1011-1}
 	- util-vserver 0.30.208-1
-CVE-2005-4347
+CVE-2005-4347 (The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and  ...)
 	{DSA-1011-1}
 	- util-vserver 0.30.208-1 (bug #329090; medium)
 	- kernel-patch-vserver 2.3 (bug #329087; medium)
 	NOTE: both util-vserver and the kernel-patch-vserver need to be upgraded to fix this vulnerability
-CVE-2005-4346
+CVE-2005-4346 (Invalid SQL syntax error in blog.php in phpBB Blog 2.2.2 and earlier a ...)
 	NOT-FOR-US: phpBB Blog
-CVE-2005-4345
+CVE-2005-4345 (Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password has ...)
 	NOT-FOR-US: ColdFusion MX
-CVE-2005-4344
+CVE-2005-4344 (Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the  ...)
 	NOT-FOR-US: ColdFusion MX
-CVE-2005-4343
+CVE-2005-4343 (Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and ...)
 	NOT-FOR-US: ColdFusion MX
-CVE-2005-4342
+CVE-2005-4342 (ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6 ...)
 	NOT-FOR-US: ColdFusion MX
-CVE-2005-4341
+CVE-2005-4341 (Blackboard Learning and Community Portal System in Academic Suite 6.3. ...)
 	NOT-FOR-US: Academic Suite
 CVE-2005-4340
 	REJECTED
-CVE-2005-4339
+CVE-2005-4339 (Cross-site scripting (XSS) vulnerability in Blackboard Learning and Co ...)
 	NOT-FOR-US: Academic Suite
-CVE-2005-4338
+CVE-2005-4338 (announcement.pl in Blackboard Learning and Community Portal System in  ...)
 	NOT-FOR-US: Academic Suite
-CVE-2005-4337
+CVE-2005-4337 (The login page in Blackboard Learning and Community Portal System in A ...)
 	NOT-FOR-US: Academic Suite
-CVE-2005-4336
+CVE-2005-4336 (Cross-site scripting (XSS) vulnerability in ProjectForum 4.7.0 and ear ...)
 	NOT-FOR-US: ProjectForum
-CVE-2005-4335
+CVE-2005-4335 (ProjectForum 4.7.0 and earlier allows remote attackers to cause a deni ...)
 	NOT-FOR-US: ProjectForum
-CVE-2005-4334
+CVE-2005-4334 (SQL injection vulnerability in ZixForum 1.12 allows remote attackers t ...)
 	NOT-FOR-US: ZixForum
-CVE-2005-4333
+CVE-2005-4333 (Multiple cross-site scripting (XSS) vulnerabilities in Binary Board Sy ...)
 	NOT-FOR-US: Binary Board System
-CVE-2005-4332
+CVE-2005-4332 (Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allow ...)
 	NOT-FOR-US: Secure Smart Manager
-CVE-2005-4331
+CVE-2005-4331 (SQL injection vulnerability in merchant.ihtml in iHTML Merchant Versio ...)
 	NOT-FOR-US: iHTML Merchant
-CVE-2005-4330
+CVE-2005-4330 (SQL injection vulnerability in browse.ihtml in iHTML Merchant Mall all ...)
 	NOT-FOR-US: iHTML Merchant
-CVE-2005-4329
+CVE-2005-4329 (SQL injection vulnerability in pafiledb.php in PHP Arena paFileDB Extr ...)
 	NOT-FOR-US: paFileDB
-CVE-2005-4328
+CVE-2005-4328 (Cross-site scripting (XSS) vulnerability in webglimpse.cgi in Webglimp ...)
 	NOT-FOR-US: WebGlimpse
-CVE-2005-4327
+CVE-2005-4327 (Multiple cross-site scripting (XSS) vulnerabilities in Michael Arndt W ...)
 	NOT-FOR-US: Michael Arndt WebCal
-CVE-2005-4326
+CVE-2005-4326 (The web interface for American Power Conversion (APC) PowerChute Netwo ...)
 	NOT-FOR-US: APC hardware issue
-CVE-2005-4325
+CVE-2005-4325 (Multiple unspecified vulnerabilities in Driverse before 0.56b have unk ...)
 	NOT-FOR-US: Driverse
-CVE-2005-4324
+CVE-2005-4324 (Hitachi Groupmax Mail SMTP 06-50 through 06-52-/A and 07-00 through 07 ...)
 	NOT-FOR-US: Hitachi Groupmax Mail SMTP
-CVE-2005-4323
+CVE-2005-4323 (Unspecified vulnerability in Hitachi Cosminexus Collaboration Portal 0 ...)
 	NOT-FOR-US: Hitachi Cosminexus Collaboration Portal
-CVE-2005-4322
+CVE-2005-4322 (Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosmine ...)
 	NOT-FOR-US: Hitachi Cosminexus Collaboration Portal
-CVE-2005-4321
+CVE-2005-4321 (The Internet Key Exchange version 1 (IKEv1) implementation in Apani Ne ...)
 	NOT-FOR-US: Apani Networks EpiForce
-CVE-2005-4320
+CVE-2005-4320 (Limbo CMS 1.0.4.2 and earlier allows remote attackers to obtain the in ...)
 	NOT-FOR-US: Limbo CMS
-CVE-2005-4319
+CVE-2005-4319 (Directory traversal vulnerability in index2.php in Limbo CMS 1.0.4.2 a ...)
 	NOT-FOR-US: Limbo CMS
-CVE-2005-4318
+CVE-2005-4318 (SQL injection vulnerability in index.php in Limbo CMS 1.0.4.2 and earl ...)
 	NOT-FOR-US: Limbo CMS
-CVE-2005-4317
+CVE-2005-4317 (Limbo CMS 1.0.4.2 and earlier, with register_globals off, does not pro ...)
 	NOT-FOR-US: Limbo CMS
-CVE-2005-4316
+CVE-2005-4316 (HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers t ...)
 	NOT-FOR-US: HP-UX
-CVE-2005-4315
+CVE-2005-4315 (SQL injection vulnerability in the search function in Plexum PLEXCART  ...)
 	NOT-FOR-US: Plexum PLEXCART
-CVE-2005-4314
+CVE-2005-4314 (Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shoppin ...)
 	NOT-FOR-US: PPCal Shopping Cart
-CVE-2005-4313
+CVE-2005-4313 (SQL injection vulnerability in index.php in AlmondSoft Almond Personal ...)
 	NOT-FOR-US: AlmondSoft Almond Personals
-CVE-2005-4312
+CVE-2005-4312 (SQL injection vulnerability in index.php in AlmondSoft Almond Classifi ...)
 	NOT-FOR-US: AlmondSoft Almond Personals
-CVE-2005-4311
+CVE-2005-4311 (Cross-site scripting (XSS) vulnerability in DCForum 6.25 and earlier,  ...)
 	NOT-FOR-US: DCForum
-CVE-2005-4310
+CVE-2005-4310 (SSH Tectia Server 5.0.0 (A, F, and T), when allowing host-based authen ...)
 	NOT-FOR-US: SSH Tectia Server
-CVE-2005-4309
+CVE-2005-4309 (SQL injection vulnerability in ezUpload Pro 2.2 and earlier allows rem ...)
 	NOT-FOR-US: ezUpload Pro
-CVE-2005-4308
+CVE-2005-4308 (index.php in ezUpload Pro 2.2 and earlier allows remote attackers to i ...)
 	NOT-FOR-US: ezUpload Pro
-CVE-2005-4307
+CVE-2005-4307 (Cross-site scripting (XSS) vulnerability in ScareCrow 2.13 and earlier ...)
 	NOT-FOR-US: ScareCrow
-CVE-2005-4306
+CVE-2005-4306 (Multiple cross-site scripting (XSS) vulnerabilities in SiteNet BBS 2.0 ...)
 	NOT-FOR-US: SiteNet BBS
-CVE-2005-4305
+CVE-2005-4305 (Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1,  ...)
 	- trac 0.9.3-1 (bug #344006)
 	[sarge] - trac <unfixed> (medium)
 	NOTE: upstream bts at http://trac.edgewall.org/ticket/2473 claims this is
@@ -1354,244 +1354,244 @@ CVE-2005-4305
 	NOTE: of input being escape()'d are no longer done so, and instead a
 	NOTE: Markup() function replaces them, and special checks are done
 	NOTE: on rendered HTML output to prevent XSS code from being displayed.
-CVE-2005-4304
+CVE-2005-4304 (index.php in ezDatabase 2.1.2 and earlier allows remote attackers to o ...)
 	NOT-FOR-US: ezDatabase
-CVE-2005-4303
+CVE-2005-4303 (SQL injection vulnerability in index.php for ezDatabase 2.1.2 and earl ...)
 	NOT-FOR-US: ezDatabase
-CVE-2005-4302
+CVE-2005-4302 (Directory traversal vulnerability in index.php in ezDatabase 2.1.2 and ...)
 	NOT-FOR-US: ezDatabase
-CVE-2005-4301
+CVE-2005-4301 (Cross-site scripting (XSS) vulnerability in phpXplorer 0.9.12 and earl ...)
 	NOT-FOR-US: pgpXplorer
-CVE-2005-4300
+CVE-2005-4300 (Format string vulnerability in the lire_pop function in pop.c in libre ...)
 	NOT-FOR-US: libremail
-CVE-2005-4299
+CVE-2005-4299 (Cross-site scripting (XSS) vulnerability in atl.cgi in Atlant Pro 4.02 ...)
 	NOT-FOR-US: Atlant Pro
-CVE-2005-4298
+CVE-2005-4298 (Cross-site scripting (XSS) vulnerability in atl.cgi in AtlantForum 4.0 ...)
 	NOT-FOR-US: AtlantForum
-CVE-2005-4297
+CVE-2005-4297 (Cross-site scripting (XSS) vulnerability in bbBoard 2.56 and earlier a ...)
 	NOT-FOR-US: bbBoard
-CVE-2005-4296
+CVE-2005-4296 (AppServ Open Project 2.5.3 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: AppServ Open Project
-CVE-2005-4295
+CVE-2005-4295 (Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE  ...)
 	NOT-FOR-US: Absolute Image Gallery XE
-CVE-2005-4294
+CVE-2005-4294 (Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.0 ...)
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2005-4293
+CVE-2005-4293 (Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro ...)
 	NOT-FOR-US: ClickCartPro
-CVE-2005-4292
+CVE-2005-4292 (Cross-site scripting (XSS) vulnerability in CommerceSQL 1.0 and earlie ...)
 	NOT-FOR-US: CommerceSQL
-CVE-2005-4291
+CVE-2005-4291 (Cross-site scripting (XSS) vulnerability in cart.cgi in ECTOOLS Online ...)
 	NOT-FOR-US: ECTOOLS Onlineshop
-CVE-2005-4290
+CVE-2005-4290 (Cross-site scripting (XSS) vulnerability in index.cgi in ECW-Cart 2.03 ...)
 	NOT-FOR-US: ECW-Cart
-CVE-2005-4289
+CVE-2005-4289 (Cross-site scripting (XSS) vulnerability in EDCstore.pl in eDatCat 0.3 ...)
 	NOT-FOR-US: eDatCat
-CVE-2005-4288
+CVE-2005-4288 (Cross-site scripting (XSS) vulnerability in index.php in MarmaraWeb E- ...)
 	NOT-FOR-US: MarmaraWeb E-commerce
-CVE-2005-4287
+CVE-2005-4287 (PHP remote file include vulnerability in MarmaraWeb E-commerce allows  ...)
 	NOT-FOR-US: MarmaraWeb E-commerce
-CVE-2005-4286
+CVE-2005-4286 (Unspecified vulnerability in PhpLogCon before 1.2.2 allows remote atta ...)
 	NOT-FOR-US: PhpLogCon
-CVE-2005-4285
+CVE-2005-4285 (Cross-site scripting (XSS) vulnerability in pdestore.cgi in Dick Copit ...)
 	NOT-FOR-US: Dick Copits PDEstore
-CVE-2005-4284
+CVE-2005-4284 (Cross-site scripting (XSS) vulnerability in StaticStore Search Engine  ...)
 	NOT-FOR-US: StaticStore Search Engine
-CVE-2005-4283
+CVE-2005-4283 (Cross-site scripting (XSS) vulnerability in The CITY Shop 1.3 and earl ...)
 	NOT-FOR-US: The CITY Shop
-CVE-2005-4282
+CVE-2005-4282 (Cross-site scripting (XSS) vulnerability in Zaygo DomainCart 2.0 and e ...)
 	NOT-FOR-US: Zaygo DomainCart
-CVE-2005-4281
+CVE-2005-4281 (Cross-site scripting (XSS) vulnerability in Zaygo HostingCart 2.0 and  ...)
 	NOT-FOR-US: Zaygo HostingCart
-CVE-2005-4280
+CVE-2005-4280 (Untrusted search path vulnerability in CMake before 2.2.0-r1 on Gentoo ...)
 	- cmake <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-4279
+CVE-2005-4279 (Untrusted search path vulnerability in Qt-UnixODBC before 3.3.4-r1 on  ...)
 	- qt-x11-free <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-4278
+CVE-2005-4278 (Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo  ...)
 	- perl <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-4277
+CVE-2005-4277 (Cross-site scripting (XSS) vulnerability in index.php in toendaCMS bef ...)
 	NOT-FOR-US: toendaCMS
-CVE-2005-4276
+CVE-2005-4276 (Westell Versalink 327W allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Westell Versalink
-CVE-2005-4275
+CVE-2005-4275 (Scientific Atlanta DPX2100 Cable Modem allows remote attackers to caus ...)
 	NOT-FOR-US: Scientific Atlanta DPX2100 Cable Modem
-CVE-2005-4274
+CVE-2005-4274 (Unspecified vulnerability in Business Objects WebIntelligence 6.5x all ...)
 	NOT-FOR-US: Business Objects WebIntelligence
-CVE-2005-4273
+CVE-2005-4273 (Multiple unspecified vulnerabilities in (1) getShell and (2) getComman ...)
 	NOT-FOR-US: AIX
-CVE-2005-4272
+CVE-2005-4272 (Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote at ...)
 	NOT-FOR-US: AIX
-CVE-2005-4271
+CVE-2005-4271 (Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local ...)
 	NOT-FOR-US: AIX
-CVE-2005-4270
+CVE-2005-4270 (Buffer overflow in Watchfire AppScan QA 5.0.609 and 5.0.134 allows rem ...)
 	NOT-FOR-US: Watchfire AppScan
-CVE-2005-4269
+CVE-2005-4269 (mshtml.dll in Microsoft Windows XP, Server 2003, and Internet Explorer ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2005-4268
+CVE-2005-4268 (Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a ...)
 	- cpio 2.6-10 (bug #344134; medium)
 	[sarge] - cpio <unfixed> (medium)
 	[woody] - cpio <unfixed> (medium)
-CVE-2005-4267
+CVE-2005-4267 (Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote at ...)
 	NOT-FOR-US: Qualcomm WorldMail
 CVE-2005-XXXX [rageirc IRC daemon always allows login with empty password]
 	NOTE: not reproducible
 	- rageircd <not-affected> (bug #343543; medium)
-CVE-2005-4266
+CVE-2005-4266 (WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Sessio ...)
 	NOT-FOR-US: Alt-N MDaemon and WorldClient
 CVE-2005-4265
 	REJECTED
-CVE-2005-4264
+CVE-2005-4264 (Multiple SQL injection vulnerabilities in index.php in PHP Support Tic ...)
 	NOT-FOR-US: PHP Support Tickets
-CVE-2005-4263
+CVE-2005-4263 (SQL injection vulnerability in the News module in Envolution allows re ...)
 	NOT-FOR-US: Envolution
-CVE-2005-4262
+CVE-2005-4262 (Cross-site scripting (XSS) vulnerability in the News module in Envolut ...)
 	NOT-FOR-US: Envolution
-CVE-2005-4261
+CVE-2005-4261 (Unspecified vulnerability in Positive Software Corporation CP+ (cpplus ...)
 	NOT-FOR-US: CP+
-CVE-2005-4260
+CVE-2005-4260 (Interpretation conflict in includes/mainfile.php in PHP-Nuke 7.9 and l ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-4259
+CVE-2005-4259 (Multiple SQL injection vulnerabilities in ASPBB 0.4 allow remote attac ...)
 	NOT-FOR-US: ASPBB
-CVE-2005-4258
+CVE-2005-4258 (Unspecified Cisco Catalyst Switches allow remote attackers to cause a  ...)
 	NOT-FOR-US: Cisco
-CVE-2005-4257
+CVE-2005-4257 (Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Linksys hardware
-CVE-2005-4256
+CVE-2005-4256 (Cross-site scripting (XSS) vulnerability in forum.asp in ASP-DEV XM Fo ...)
 	NOT-FOR-US: ASP-DEV XM Forum
-CVE-2005-4255
+CVE-2005-4255 (Cross-site scripting (XSS) vulnerability in TextSearch in WikkaWiki 1. ...)
 	NOT-FOR-US: WikkaWiki
-CVE-2005-4254
+CVE-2005-4254 (SQL injection vulnerability in view_Results.php in DreamLevels DreamPo ...)
 	NOT-FOR-US: DreamLevels DreamPoll
-CVE-2005-4253
+CVE-2005-4253 (Cross-site scripting (XSS) vulnerability in getdox.php in Torrential 1 ...)
 	NOT-FOR-US: Torrential
-CVE-2005-4252
+CVE-2005-4252 (Cross-site scripting (XSS) vulnerability in mcGallery PRO 2.2 and earl ...)
 	NOT-FOR-US: mcGallery PRO
-CVE-2005-4251
+CVE-2005-4251 (Multiple SQL injection vulnerabilities in mcGallery PRO 2.2 and earlie ...)
 	NOT-FOR-US: mcGallery PRO
-CVE-2005-4250
+CVE-2005-4250 (Directory traversal vulnerability in mcGallery PRO 2.2 and earlier all ...)
 	NOT-FOR-US: mcGallery PRO
-CVE-2005-4249
+CVE-2005-4249 (ADP Forum 2.0 through 2.0.3 stores sensitive information in plaintext  ...)
 	NOT-FOR-US: ADP Forum
-CVE-2005-4248
+CVE-2005-4248 (Multiple cross-site scripting (XSS) vulnerabilities in QuickPayPro 3.1 ...)
 	NOT-FOR-US: QuickPayPro
-CVE-2005-4247
+CVE-2005-4247 (Cross-site scripting (XSS) vulnerability in index.php in Plogger Beta  ...)
 	NOT-FOR-US: Plogger
-CVE-2005-4246
+CVE-2005-4246 (SQL injection vulnerability in Plogger Beta 2 and earlier allows remot ...)
 	NOT-FOR-US: Plogger
-CVE-2005-4245
+CVE-2005-4245 (Cross-site scripting (XSS) vulnerability in search.php in Snipe Galler ...)
 	NOT-FOR-US: Snipe Gallery
-CVE-2005-4244
+CVE-2005-4244 (SQL injection vulnerability in Snipe Gallery 3.1.4 and earlier allows  ...)
 	NOT-FOR-US: Snipe Gallery
-CVE-2005-4243
+CVE-2005-4243 (Multiple SQL injection vulnerabilities in QuickPayPro 3.1 allow remote ...)
 	NOT-FOR-US: QuickPayPro
-CVE-2005-4241
+CVE-2005-4241 (Cross-site scripting (XSS) vulnerability in the category page in VCD-d ...)
 	NOT-FOR-US: VCD-db
-CVE-2005-4240
+CVE-2005-4240 (SQL injection vulnerability in search.php in VCD-db 0.98 and earlier a ...)
 	NOT-FOR-US: VCD-db
-CVE-2005-4239
+CVE-2005-4239 (Cross-site scripting (XSS) vulnerability in Search/DisplayResults.php  ...)
 	NOT-FOR-US: PHP JackKnife
-CVE-2005-4238
+CVE-2005-4238 (Cross-site scripting (XSS) vulnerability in view_filters_page.php in M ...)
 	{DSA-944-1}
 	- mantis 0.19.4-1 (bug #345288)
-CVE-2005-4237
+CVE-2005-4237 (Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earl ...)
 	NOT-FOR-US: MySQL Auction
-CVE-2005-4236
+CVE-2005-4236 (Cross-site scripting (XSS) vulnerability in search.php in CKGOLD allow ...)
 	NOT-FOR-US: CKGOLD
-CVE-2005-4235
+CVE-2005-4235 (Cross-site scripting (XSS) vulnerability in knowledgebase.php in WHMCo ...)
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2005-4234
+CVE-2005-4234 (SQL injection vulnerability in gallery.php in EncapsGallery 1.0.0 and  ...)
 	NOT-FOR-US: EncapsGallery
-CVE-2005-4233
+CVE-2005-4233 (SQL injection vulnerability in advertiser_statistic.php in Ad Manager  ...)
 	NOT-FOR-US: Ad Manager Pro
 CVE-2005-4232
 	NOT-FOR-US: Jamit Job Board
-CVE-2005-4231
+CVE-2005-4231 (Cross-site scripting (XSS) vulnerability in Link Up Gold 2.5 and earli ...)
 	NOT-FOR-US: Link Up Gold
-CVE-2005-4230
+CVE-2005-4230 (SQL injection vulnerability in poll.php in Link Up Gold 2.5 and earlie ...)
 	NOT-FOR-US: Link Up Gold
-CVE-2005-4229
+CVE-2005-4229 (Cross-site scripting (XSS) vulnerability in auction.pl in EveryAuction ...)
 	NOT-FOR-US: EveryAuction
-CVE-2005-4228
+CVE-2005-4228 (Multiple SQL injection vulnerabilities in PhpWebGallery 1.5.1 and earl ...)
 	NOT-FOR-US: PhpWebGallery
-CVE-2005-4227
+CVE-2005-4227 (Multiple "potential" SQL injection vulnerabilities in DCP-Portal 6.1.1 ...)
 	NOT-FOR-US: DCP-Portal
-CVE-2005-4226
+CVE-2005-4226 (Multiple "potential" SQL injection vulnerabilities in phpWebThings 1.4 ...)
 	NOT-FOR-US: pgpWebThings
-CVE-2005-4225
+CVE-2005-4225 (Multiple "potential" SQL injection vulnerabilities in myBloggie 2.1.3  ...)
 	NOT-FOR-US: myBloggie
-CVE-2005-4224
+CVE-2005-4224 (Multiple "potential" SQL injection vulnerabilities in e107 0.7 might a ...)
 	NOT-FOR-US: e107
-CVE-2005-4223
+CVE-2005-4223 (Multiple "potential" SQL injection vulnerabilities in Utopia News Pro  ...)
 	NOT-FOR-US: Utopia News Pro
-CVE-2005-4222
+CVE-2005-4222 (Multiple cross-site scripting (XSS) vulnerabilities in guestbook.cgi i ...)
 	NOT-FOR-US: Lars Ellingsen Guestserver
-CVE-2005-4221
+CVE-2005-4221 (SQL injection vulnerability in link.php in Arab Portal System 2 Beta 2 ...)
 	NOT-FOR-US: Arab Portal System
-CVE-2005-4220
+CVE-2005-4220 (Netgear RP114, and possibly other versions and devices, allows remote  ...)
 	NOT-FOR-US: Netgear hardware issue
-CVE-2005-4219
+CVE-2005-4219 (setting.php in Innovative CMS (ICMS, formerly Imoel-CMS) contains user ...)
 	NOT-FOR-US: Innovative CMS
-CVE-2005-4218
+CVE-2005-4218 (SQL injection vulnerability in forum.php in PHPWebThings 1.4 allows re ...)
 	NOT-FOR-US: PHPWebThings
-CVE-2005-4217
+CVE-2005-4217 (Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges ...)
 	- perl <not-affected> (MacOS specific vulnerability)
-CVE-2005-4216
+CVE-2005-4216 (The Administration Service (FMSAdmin.exe) in Macromedia Flash Media Se ...)
 	NOT-FOR-US: Macromedia Flash Media Server
-CVE-2005-4215
+CVE-2005-4215 (Motorola SB5100E Cable Modem allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Motorola hardware
-CVE-2005-4214
+CVE-2005-4214 (phpCOIN 1.2.2 allows remote attackers to obtain the installation path  ...)
 	NOT-FOR-US: phpCOIN
-CVE-2005-4213
+CVE-2005-4213 (SQL injection vulnerability in mod.php in phpCOIN 1.2.2 allows remote  ...)
 	NOT-FOR-US: phpCOIN
-CVE-2005-4212
+CVE-2005-4212 (Directory traversal vulnerability in coin_includes/db.php in phpCOIN 1 ...)
 	NOT-FOR-US: phpCOIN
-CVE-2005-4211
+CVE-2005-4211 (PHP remote file inclusion vulnerability in coin_includes/db.php in php ...)
 	NOT-FOR-US: phpCOIN
-CVE-2005-4210
+CVE-2005-4210 (Opera before 8.51, when running on Windows with Input Method Editor (I ...)
 	NOT-FOR-US: Opera
-CVE-2005-4209
+CVE-2005-4209 (WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to  ...)
 	NOT-FOR-US: Alt-N MDaemon
-CVE-2005-4208
+CVE-2005-4208 (Directory traversal vulnerability in Flatnuke 2.5.6 allows remote atta ...)
 	NOT-FOR-US: Flatnuke
-CVE-2005-4207
+CVE-2005-4207 (SQL injection vulnerability in BTGrup Admin WebController Script allow ...)
 	NOT-FOR-US: BTGrup Admin WebController Script
-CVE-2005-4206
+CVE-2005-4206 (Blackboard Learning and Community Portal System in Academic Suite 6.3. ...)
 	NOT-FOR-US: Blackboard Learning and Community Port Systems
-CVE-2005-4205
+CVE-2005-4205 (Cross-site scripting (XSS) vulnerability in searchdb.asp in LocazoList ...)
 	NOT-FOR-US: LocazoList
-CVE-2005-4204
+CVE-2005-4204 (Cross-site scripting (XSS) vulnerability in LogiSphere 0.9.9j allows r ...)
 	NOT-FOR-US: LogiSphere
-CVE-2005-4203
+CVE-2005-4203 (LogiSphere 0.9.9j does not restrict the number of messages that can be ...)
 	NOT-FOR-US: LogiSphere
-CVE-2005-4202
+CVE-2005-4202 (Multiple directory traversal vulnerabilities in LogiSphere 0.9.9j allo ...)
 	NOT-FOR-US: LogiSphere
-CVE-2005-4201
+CVE-2005-4201 (Directory traversal vulnerability in My Album Online 1.0 allows remote ...)
 	NOT-FOR-US: My Album Online
-CVE-2005-4200
+CVE-2005-4200 (Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before  ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-4199
+CVE-2005-4199 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) befor ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-4198
+CVE-2005-4198 (SQL injection vulnerability in index.php in Netref 3.0 allows remote a ...)
 	NOT-FOR-US: Netref
-CVE-2005-4197
+CVE-2005-4197 (tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to e ...)
 	NOT-FOR-US: Nortel SSL VPN
-CVE-2005-4196
+CVE-2005-4196 (Multiple cross-site scripting (XSS) vulnerabilities in Scout Portal To ...)
 	NOT-FOR-US: Scout Portal Toolkit
-CVE-2005-4195
+CVE-2005-4195 (Multiple SQL injection vulnerabilities in Scout Portal Toolkit (SPT) 1 ...)
 	NOT-FOR-US: Scout Portal Toolkit
-CVE-2005-4194
+CVE-2005-4194 (Buffer overflow in MediaServerList.exe in Sights 'n Sounds Streaming M ...)
 	NOT-FOR-US: Sights 'n Sounds Streaming Media Server
-CVE-2005-4193
+CVE-2005-4193 (Cross-site scripting (XSS) vulnerability in UseBB before 0.7 allows re ...)
 	NOT-FOR-US: UseBB
-CVE-2005-4242
+CVE-2005-4242 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3  ...)
 	- turba2 2.0.5-1 (bug #342946; medium)
-CVE-2005-4192
+CVE-2005-4192 (Multiple cross-site scripting (XSS) vulnerabilities in templates/notep ...)
 	- mnemo2 2.0.3-1 (bug #342944; medium)
-CVE-2005-4191
+CVE-2005-4191 (Multiple cross-site scripting (XSS) vulnerabilities in templates/taskl ...)
 	- nag2 2.0.4-1 (bug #342945; medium)
-CVE-2005-4190
+CVE-2005-4190 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Applicati ...)
 	{DSA-1033-1}
 	- horde3 3.0.9-1 (bug #342942; bug #354512; medium)
-CVE-2005-4189
+CVE-2005-4189 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith ...)
 	{DSA-970-1}
 	- kronolith2 2.0.6-1 (bug #342943; medium)
 	- kronolith <removed> (bug #349261; medium)
@@ -1615,110 +1615,110 @@ CVE-2005-4180
 	RESERVED
 CVE-2005-4179
 	RESERVED
-CVE-2005-4177
+CVE-2005-4177 (Cross-site scripting (XSS) vulnerability in book.cfm in Magic Book Per ...)
 	NOT-FOR-US: Magic Book Personal and Professional
-CVE-2005-4176
+CVE-2005-4176 (AWARD Bios Modular 4.50pg does not clear the keyboard buffer after rea ...)
 	NOT-FOR-US: AWARD BIOS
-CVE-2005-4175
+CVE-2005-4175 (Insyde BIOS V190 does not clear the keyboard buffer after reading the  ...)
 	NOT-FOR-US: Insyde BIOS
-CVE-2005-4174
+CVE-2005-4174 (eFiction 1.0, 1.1, and 2.0, in unspecified environments, might allow r ...)
 	NOT-FOR-US: eFiction
-CVE-2005-4173
+CVE-2005-4173 (eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: eFiction
-CVE-2005-4172
+CVE-2005-4172 (eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: eFiction
-CVE-2005-4171
+CVE-2005-4171 (The "Upload new image" command in the "Manage Images" eFiction 1.1, wh ...)
 	NOT-FOR-US: eFiction
-CVE-2005-4170
+CVE-2005-4170 (SQL injection vulnerability in eFiction 1.1 allows remote attackers to ...)
 	NOT-FOR-US: eFiction
-CVE-2005-4169
+CVE-2005-4169 (Multiple SQL injection vulnerabilities in eFiction 1.0 allow remote at ...)
 	NOT-FOR-US: eFiction
-CVE-2005-4168
+CVE-2005-4168 (Multiple SQL injection vulnerabilities in eFiction 1.0, 1.1, and 2.0 a ...)
 	NOT-FOR-US: eFiction
-CVE-2005-4167
+CVE-2005-4167 (Cross-site scripting (XSS) vulnerability in eFiction 1.0 and 1.1 allow ...)
 	NOT-FOR-US: eFiction
-CVE-2005-4166
+CVE-2005-4166 (Cross-site scripting (XSS) vulnerability in password.asp in DUWare DUp ...)
 	NOT-FOR-US: DUportal
-CVE-2005-4165
+CVE-2005-4165 (Multiple SQL injection vulnerabilities in ASP-DEV ASP Resources Forum  ...)
 	NOT-FOR-US: ASP-DEV ASP Resources Forum
-CVE-2005-4178
+CVE-2005-4178 (Buffer overflow in Dropbear server before 0.47 allows authenticated us ...)
 	{DSA-923-1}
 	- dropbear 0.47-1 (high)
-CVE-2005-4164
+CVE-2005-4164 (SQL injection vulnerability in view.php in PHP-addressbook 1.2 allows  ...)
 	NOT-FOR-US: PHP-addressbook
-CVE-2005-4163
+CVE-2005-4163 (Directory traversal vulnerability in captcha.php in Captcha PHP 0.9 al ...)
 	NOT-FOR-US: Captcha
-CVE-2005-4162
+CVE-2005-4162 (Cross-site scripting (XSS) vulnerability in cal_make.pl in ACME PerlCa ...)
 	NOT-FOR-US: ACME PerlCal
 CVE-2005-4161
 	NOT-FOR-US: MilliScripts
-CVE-2005-4160
+CVE-2005-4160 (Directory traversal vulnerability in getdox.php in Torrential 1.2 allo ...)
 	NOT-FOR-US: Torrential
 CVE-2005-4159
 	NOT-FOR-US: Simple Machines Forum
-CVE-2005-4158
+CVE-2005-4158 (Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear ...)
 	{DSA-946-2}
 	- sudo 1.6.8p12-1 (bug #342948; medium)
-CVE-2005-4157
+CVE-2005-4157 (Unspecified vulnerability in Kerio WinRoute Firewall before 6.1.3 allo ...)
 	NOT-FOR-US: Kerio Firewall
-CVE-2005-4156
+CVE-2005-4156 (Unspecified vulnerability in Mambo 4.5 (1.0.0) through 4.5 (1.0.9), wi ...)
 	NOT-FOR-US: Mambo
-CVE-2005-4155
+CVE-2005-4155 (registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to execut ...)
 	NOT-FOR-US: ATutor
-CVE-2005-4154
+CVE-2005-4154 (Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows u ...)
 	- php5 5.1.1-1
 	NOTE: PHP 5 in Debian is vulnerable according to the changelog.
-CVE-2005-4153
+CVE-2005-4153 (Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial  ...)
 	{DSA-955-1}
 	- mailman 2.1.5-10
-CVE-2005-4152
+CVE-2005-4152 (Soti Pocket Controller-Professional 5.0 allows remote attackers to tur ...)
 	NOT-FOR-US: Soti Pocket Controller-Professional
-CVE-2005-4151
+CVE-2005-4151 (The Wipe Free Space utility in PGP Desktop Home 8.0 and Desktop Profes ...)
 	NOT-FOR-US: PGP Desktop Home
-CVE-2005-4150
+CVE-2005-4150 (Cross-site scripting (XSS) vulnerability in the portal login page in C ...)
 	NOT-FOR-US: CA Clever Path
-CVE-2005-4149
+CVE-2005-4149 (Lyris ListManager 8.8 through 8.9b allows remote attackers to obtain s ...)
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4148
+CVE-2005-4148 (Lyris ListManager 8.5, and possibly other versions before 8.8, include ...)
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4147
+CVE-2005-4147 (The TCLHTTPd service in Lyris ListManager before 8.9b allows remote at ...)
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4146
+CVE-2005-4146 (Lyris ListManager before 8.9b allows remote attackers to obtain sensit ...)
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4145
+CVE-2005-4145 (The MSDE version of Lyris ListManager 5.0 through 8.9b configures the  ...)
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4144
+CVE-2005-4144 (Lyris ListManager 5.0 through 8.9a allows remote attackers to add "ORD ...)
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4143
+CVE-2005-4143 (SQL injection vulnerability in Lyris ListManager 5.0 through 8.9a allo ...)
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4142
+CVE-2005-4142 (The web interface for subscribing new users in Lyris ListManager 5.0 t ...)
 	NOT-FOR-US: Lyris ListManager
-CVE-2005-4141
+CVE-2005-4141 (Multiple SQL injection vulnerabilities in ASPMForum allow remote attac ...)
 	NOT-FOR-US: ASPMForum
-CVE-2005-4140
+CVE-2005-4140 (SQL injection vulnerability in admin/login/index.php in Website Baker  ...)
 	NOT-FOR-US: Website Baker
-CVE-2005-4139
+CVE-2005-4139 (Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84  ...)
 	NOT-FOR-US: ThWboard
-CVE-2005-4138
+CVE-2005-4138 (Multiple cross-site scripting (XSS) vulnerabilities in ThWboard before ...)
 	NOT-FOR-US: ThWboard
-CVE-2005-4137
+CVE-2005-4137 (SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows ...)
 	NOT-FOR-US: DRZES HMS
-CVE-2005-4136
+CVE-2005-4136 (Cross-site scripting (XSS) vulnerability in login.php in DRZES HMS 3.2 ...)
 	NOT-FOR-US: DRZES HMS
-CVE-2005-4135
+CVE-2005-4135 (Direct static code injection vulnerability in includes/newtopic.php in ...)
 	NOT-FOR-US: SimpleBBS
-CVE-2005-4134
+CVE-2005-4134 (Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.1 ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (unimportant)
 	- mozilla 2:1.7.13-0.1 (unimportant)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (unimportant)
 	NOTE: Not exploitable beyond a sluggish browser startup, see
 	NOTE: http://web.archive.org/web/20141206010602/https://www.mozilla.org/security/history-title.html
-CVE-2005-4133
+CVE-2005-4133 (Sun Update Connection in Sun Solaris 10, when configured to use a web  ...)
 	NOT-FOR-US: Solaris
-CVE-2005-4132
+CVE-2005-4132 (Unspecified "security leak" vulnerability in Contenido before 4.6.4, w ...)
 	NOT-FOR-US: Contenido
-CVE-2005-4131
+CVE-2005-4131 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in  ...)
 	NOT-FOR-US: Excel
 CVE-2005-4130
 	NOT-FOR-US: Pre-Notification for RealMedia vulnerability, which never appeared
@@ -1790,102 +1790,102 @@ CVE-2005-4097
 	REJECTED
 CVE-2005-4096
 	REJECTED
-CVE-2005-4095
+CVE-2005-4095 (Directory traversal vulnerability in connector.php in the fckeditor2rc ...)
 	NOT-FOR-US: DoceboLMS
-CVE-2005-4094
+CVE-2005-4094 (connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows rem ...)
 	NOT-FOR-US: DoceboLMS
-CVE-2005-4093
+CVE-2005-4093 (Check Point VPN-1 SecureClient NG with Application Intelligence R56, N ...)
 	NOT-FOR-US: Check Point
-CVE-2005-4092
+CVE-2005-4092 (Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTi ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2005-4091
+CVE-2005-4091 (Cross-site scripting (XSS) vulnerability in 1search.cgi in 1-Script 1- ...)
 	NOT-FOR-US: 1-Script 1-Search
-CVE-2005-4090
+CVE-2005-4090 (Unspecified vulnerability in HP-UX B.11.00 to B.11.23, when IPSEC is r ...)
 	NOT-FOR-US: HP-UX
-CVE-2005-4089
+CVE-2005-4089 (Microsoft Internet Explorer allows remote attackers to bypass cross-do ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2005-4088
+CVE-2005-4088 (SQL injection vulnerability in index.php in phpForumPro 2.2 allows rem ...)
 	NOT-FOR-US: phpForumPro
-CVE-2005-4087
+CVE-2005-4087 (PHP remote file include vulnerability in acceptDecline.php in Sugar Su ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2005-4086
+CVE-2005-4086 (Directory traversal vulnerability in acceptDecline.php in Sugar Suite  ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2005-4085
+CVE-2005-4085 (Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web c ...)
 	NOT-FOR-US: BlueCoat WinProxy
-CVE-2005-4084
+CVE-2005-4084 (xs_edit.php in the phpBB eXtreme Styles module 2.2.1 and earlier allow ...)
 	NOT-FOR-US: phpBB eXtreme Styles module
-CVE-2005-4083
+CVE-2005-4083 (Directory traversal vulnerability in xs_edit.php in the eXtreme Styles ...)
 	NOT-FOR-US: phpBB eXtreme Styles module
-CVE-2005-4082
+CVE-2005-4082 (The dhcp.client program for QNX 4.25 vmware is setuid, possibly by def ...)
 	NOT-FOR-US: QNX
-CVE-2005-4081
+CVE-2005-4081 (Multiple SQL injection vulnerabilities in Alisveristr E-commerce allow ...)
 	NOT-FOR-US: Alisveristr E-commerce
-CVE-2005-4080
+CVE-2005-4080 (Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 ...)
 	- imp4 4.0.4-1 (bug #342654; unimportant)
 	NOTE: Internet Explorer bug, most definitely fixed since long, didn't check though
-CVE-2005-4079
+CVE-2005-4079 (The register_globals emulation in phpMyAdmin 2.7.0 rc1 allows remote a ...)
 	- phpmyadmin <not-affected> (Affects only 2.7.0)
-CVE-2005-4078
+CVE-2005-4078 (Multiple cross-site scripting (XSS) vulnerabilities in Ideal BB.NET 1. ...)
 	NOT-FOR-US: Ideal BB.NET
-CVE-2005-4076
+CVE-2005-4076 (Buffer overflow in Appfluent Technology Database IDS 2.0 allows local  ...)
 	NOT-FOR-US: Appfluent Technology Database IDS 2.0
-CVE-2005-4075
+CVE-2005-4075 (Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in CF ...)
 	NOT-FOR-US: CF_Nuke
-CVE-2005-4074
+CVE-2005-4074 (Directory traversal vulnerability in index.cfm in CF_Nuke 4.6 and earl ...)
 	NOT-FOR-US: CF_Nuke
-CVE-2005-4073
+CVE-2005-4073 (SQL injection vulnerability in view_archive.cfm in CFMagic Magic List  ...)
 	NOT-FOR-US: Magic List Pro
-CVE-2005-4072
+CVE-2005-4072 (Cross-site scripting (XSS) vulnerability in CFMagic Magic Forum Person ...)
 	NOT-FOR-US: Magic Personal Forum
-CVE-2005-4071
+CVE-2005-4071 (Multiple SQL injection vulnerabilities in CFMagic Magic Forum Personal ...)
 	NOT-FOR-US: Magic Personal Forum
 CVE-2005-4070
 	REJECTED
-CVE-2005-4069
+CVE-2005-4069 (SunnComm MediaMax DRM 5.0.21.0, as used by Sony BMG, assigns insecure  ...)
 	NOT-FOR-US: Sony root kit
-CVE-2005-4068
+CVE-2005-4068 (Unspecified "absolute path vulnerability" in umountall in IBM AIX 5.1  ...)
 	NOT-FOR-US: AIX
 CVE-2005-4067
 	REJECTED
-CVE-2005-4066
+CVE-2005-4066 (Total Commander 6.53 uses weak encryption to store FTP usernames and p ...)
 	NOT-FOR-US: Total Commander
-CVE-2005-4065
+CVE-2005-4065 (SQL injection vulnerability in the search module in Edgewall Trac befo ...)
 	{DSA-951-2}
 	- trac 0.9.2-1 (bug #342232; medium)
 	[sarge] - trac 0.8.1-3sarge4
-CVE-2005-4064
+CVE-2005-4064 (Multiple SQL injection vulnerabilities in A-FAQ 1.0 allow remote attac ...)
 	NOT-FOR-US: A-FAQ
-CVE-2005-4063
+CVE-2005-4063 (Multiple cross-site scripting (XSS) vulnerabilities in NetAuctionHelp  ...)
 	NOT-FOR-US: NetAuctionHelp
-CVE-2005-4062
+CVE-2005-4062 (Cross-site scripting (XSS) vulnerability in CPSearch.asp in XcClassifi ...)
 	NOT-FOR-US: XcClassified
-CVE-2005-4061
+CVE-2005-4061 (Cross-site scripting (XSS) vulnerability in PASearch.asp in XcPhotoAlb ...)
 	NOT-FOR-US: XcPhotoAlbum
-CVE-2005-4060
+CVE-2005-4060 (Cross-site scripting (XSS) vulnerability in search.asp in rwAuction Pr ...)
 	NOT-FOR-US: rwAuction
-CVE-2005-4059
+CVE-2005-4059 (SQL injection vulnerability in searchdb.asp in LocazoList 1.03c and ea ...)
 	NOT-FOR-US: LocazoList
-CVE-2005-4058
+CVE-2005-4058 (SQL injection vulnerability in saralblog 1 and earlier allows remote a ...)
 	NOT-FOR-US: saralblog
-CVE-2005-4057
+CVE-2005-4057 (Cross-site scripting (XSS) vulnerability in search.php in PluggedOut N ...)
 	NOT-FOR-US: PluggedOut Nexus
-CVE-2005-4056
+CVE-2005-4056 (SQL injection vulnerability in search.php in PluggedOut Nexus 0.1 allo ...)
 	NOT-FOR-US: PluggedOut Nexus
-CVE-2005-4055
+CVE-2005-4055 (SQL injection vulnerability in index.php in Cars Portal 1.1 and earlie ...)
 	NOT-FOR-US: Cars Portal
-CVE-2005-4054
+CVE-2005-4054 (SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and  ...)
 	NOT-FOR-US: PluggedOut Bot
-CVE-2005-4053
+CVE-2005-4053 (Cross-site scripting (XSS) vulnerability in coWiki 0.3.4 allows remote ...)
 	NOT-FOR-US: coWiki
-CVE-2005-4052
+CVE-2005-4052 (e107 0.6174 allows remote attackers to redirect users to other web sit ...)
 	NOT-FOR-US: e107
-CVE-2005-4051
+CVE-2005-4051 (e107 0.6174 allows remote attackers to vote multiple times for a downl ...)
 	NOT-FOR-US: e107
-CVE-2005-4050
+CVE-2005-4050 (Buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with  ...)
 	NOT-FOR-US: MultiVOIP hardware
-CVE-2005-4049
+CVE-2005-4049 (Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote ...)
 	NOT-FOR-US: Blog System
-CVE-2005-4048
+CVE-2005-4048 (Heap-based buffer overflow in the avcodec_default_get_buffer function  ...)
 	{DSA-1005-1 DSA-1004-1 DSA-992-1}
 	- ffmpeg 0.cvs20050918-5.1 (bug #342207; medium)
 	- xmovie <removed>
@@ -1895,402 +1895,402 @@ CVE-2005-4048
 	- vlc 0.8.4.debian-2 (medium)
 	NOTE: kino, smilutils, motion and vlc link statically against libavcodec, need a recompile once ffmpeg is fixed
 	NOTE: smilutils, motion, kino link statically against libavcodec, but don't use the vulnerable function
-CVE-2005-4047
+CVE-2005-4047 (Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ASPKnow ...)
 	NOT-FOR-US: IISWorks ASPKnowledgeBase
-CVE-2005-4046
+CVE-2005-4046 (Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java Sy ...)
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2005-4045
+CVE-2005-4045 (Unspecified vulnerability in System Communications Services 6 Delegate ...)
 	NOT-FOR-US: Sun Java System Messaging Server
-CVE-2005-4044
+CVE-2005-4044 (Cross-site scripting (XSS) vulnerability in search.cgi in Amazon Searc ...)
 	NOT-FOR-US: Amazon Search Directory
-CVE-2005-4043
+CVE-2005-4043 (SQL injection vulnerability in view.php in Hobosworld HobSR 1.0 and ea ...)
 	NOT-FOR-US: Hobosworld HobSR
-CVE-2005-4042
+CVE-2005-4042 (Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and earli ...)
 	NOT-FOR-US: Warm Links
-CVE-2005-4041
+CVE-2005-4041 (Cross-site scripting (XSS) vulnerability in search.cgi in MR CGI Guy H ...)
 	NOT-FOR-US: MR CGI Guy Hot Links SQL
-CVE-2005-4040
+CVE-2005-4040 (SQL injection vulnerability in FileLister 0.51 and earlier allows remo ...)
 	NOT-FOR-US: FileLister
-CVE-2005-4039
+CVE-2005-4039 (Directory traversal vulnerability in arhiva.php in Web4Future Portal S ...)
 	NOT-FOR-US: Web4Future Portal Solutions News Portal
-CVE-2005-4038
+CVE-2005-4038 (SQL injection vulnerability in comentarii.php in Web4Future Portal Sol ...)
 	NOT-FOR-US: Web4Future Portal Solutions News Portal
-CVE-2005-4037
+CVE-2005-4037 (SQL injection vulnerability in functions.php in Web4Future Affiliate M ...)
 	NOT-FOR-US: Web4Future Affiliate Manager
-CVE-2005-4036
+CVE-2005-4036 (Cross-site scripting (XSS) vulnerability in index.cgi in Web4Future Ke ...)
 	NOT-FOR-US: Web4Future Keyboard Frequency Counter
-CVE-2005-4035
+CVE-2005-4035 (Multiple SQL injection vulnerabilities in Web4Future eCommerce Enterpr ...)
 	NOT-FOR-US: Web4Future eCommerce Enterprise Edition
-CVE-2005-4034
+CVE-2005-4034 (Multiple SQL injection vulnerabilities in Web4Future eDating Professio ...)
 	NOT-FOR-US: Web4Future eDating Professional
-CVE-2005-4033
+CVE-2005-4033 (Nodezilla 0.4.13-corno-fulgure does not properly protect the evl_data  ...)
 	NOT-FOR-US: Nodezilla
-CVE-2005-4032
+CVE-2005-4032 (Cross-site scripting (XSS) vulnerability in search.cgi in Easy Search  ...)
 	NOT-FOR-US: Easy Search System
-CVE-2005-4031
+CVE-2005-4031 (Eval injection vulnerability in MediaWiki 1.5.x before 1.5.3 allows re ...)
 	- mediawiki <not-affected> (Only affects the 1.5 branch)
-CVE-2005-4030
+CVE-2005-4030 (SQL injection vulnerability in Quicksilver Forums before 1.5.1 allows  ...)
 	NOT-FOR-US: Quicksilver Forums
-CVE-2005-4029
+CVE-2005-4029 (WebEOC before 6.0.2 allows remote attackers to obtain valid usernames  ...)
 	NOT-FOR-US: WebEOC
-CVE-2005-4028
+CVE-2005-4028 (Multiple cross-site scripting (XSS) vulnerabilities in aMember allow r ...)
 	NOT-FOR-US: aMember
-CVE-2005-4027
+CVE-2005-4027 (SQL injection vulnerability in SimpleBBS 1.1 allows remote attackers t ...)
 	NOT-FOR-US: SimpleBBS
-CVE-2005-4026
+CVE-2005-4026 (search.php in Geeklog 1.4.x before 1.4.0rc1, and 1.3.x before 1.3.11sr ...)
 	NOT-FOR-US: Geeklog
-CVE-2005-4025
+CVE-2005-4025 (Help Desk Reloaded Free Help Desk does not remove or protect install.p ...)
 	NOT-FOR-US: Help Desk Reloaded Free Help Desk
-CVE-2005-4024
+CVE-2005-4024 (Cross-site scripting (XSS) vulnerability in Interspire FastFind 2004 a ...)
 	NOT-FOR-US: Interspire FastFind
-CVE-2005-4023
+CVE-2005-4023 (Unspecified vulnerability in the zipcart module in Gallery 2.0 before  ...)
 	- gallery2 2.0.2-1 (medium)
-CVE-2005-4022
+CVE-2005-4022 (Cross-site scripting (XSS) vulnerability in the "Add Image From Web" f ...)
 	- gallery2 2.0.2-1 (medium)
-CVE-2005-4021
+CVE-2005-4021 (The installer for Gallery 2.0 before 2.0.2 stores the install log unde ...)
 	- gallery2 2.0.2-1 (low)
-CVE-2005-4020
+CVE-2005-4020 (SQL injection vulnerability in create.php in Widget Imprint 1.0.26 and ...)
 	NOT-FOR-US: Widget Imprint
-CVE-2005-4019
+CVE-2005-4019 (SQL injection vulnerability in index.php in Relative Real Estate Syste ...)
 	NOT-FOR-US: Relative Real Estate Systems
-CVE-2005-4018
+CVE-2005-4018 (SQL injection vulnerability in ls.php in Landshop Real Estate Commerce ...)
 	NOT-FOR-US: Landshop Real Estate Commerce System
-CVE-2005-4017
+CVE-2005-4017 (property.php in Widget Property 1.1.19 allows remote attackers to obta ...)
 	NOT-FOR-US: Widget Property
-CVE-2005-4016
+CVE-2005-4016 (SQL injection vulnerability in Widget Property 1.1.19 allows remote at ...)
 	NOT-FOR-US: Widget Property
-CVE-2005-4015
+CVE-2005-4015 (PHP Web Statistik 1.4 does not rotate the log database or limit the si ...)
 	NOT-FOR-US: PHP Web Statistik
-CVE-2005-4014
+CVE-2005-4014 (stat.php in PHP Web Statistik 1.4 allows remote attackers to cause a d ...)
 	NOT-FOR-US: PHP Web Statistik
-CVE-2005-4013
+CVE-2005-4013 (PHP Web Statistik 1.4 stores the stat.cfg file under the web root with ...)
 	NOT-FOR-US: PHP Web Statistik
-CVE-2005-4012
+CVE-2005-4012 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Web Statist ...)
 	NOT-FOR-US: PHP Web Statistik
-CVE-2005-4011
+CVE-2005-4011 (SQL injection vulnerability in calendar.php in Codewalkers ltwCalendar ...)
 	NOT-FOR-US: Codewalkers ltwCalendar
-CVE-2005-4010
+CVE-2005-4010 (SQL injection vulnerability in KBase Express 1.0.0 and earlier allows  ...)
 	NOT-FOR-US: Kbase Express
-CVE-2005-4009
+CVE-2005-4009 (Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2. ...)
 	NOT-FOR-US: PHP Lite Calender Express
-CVE-2005-4008
+CVE-2005-4008 (SQL injection vulnerability in jax_calendar.php in Jax Calendar 1.34 a ...)
 	NOT-FOR-US: Jax Calendar
-CVE-2005-4077
+CVE-2005-4077 (Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 throug ...)
 	{DSA-919-2}
 	- curl 7.15.1-1 (bug #342339; bug #342696; medium)
-CVE-2005-4007
+CVE-2005-4007 (Multiple unspecified vulnerabilities in SAPID CMS before 1.2.3.03, rel ...)
 	NOT-FOR-US: SAPID CMS
-CVE-2005-4006
+CVE-2005-4006 (SAPID CMS before 1.2.3.03 allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: SAPID CMS
-CVE-2005-4005
+CVE-2005-4005 (SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 all ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-4004
+CVE-2005-4004 (Cross-site scripting (XSS) vulnerability in search.asp in MyTemplateSi ...)
 	NOT-FOR-US: MyTemplateSite
-CVE-2005-4003
+CVE-2005-4003 (Multiple SQL injection vulnerabilities in Absolute Shopping Package So ...)
 	NOT-FOR-US: Absolute Shopping Package Solutions (ASPS) Shopping Cart
-CVE-2005-4002
+CVE-2005-4002 (WebEOC before 6.0.2 uses the same secret key for all installations, wh ...)
 	NOT-FOR-US: WebEOC
-CVE-2005-4001
+CVE-2005-4001 (Multiple SQL injection vulnerabilities in phpYellowTM Pro Edition and  ...)
 	NOT-FOR-US: phpYellowTM Pro Edition
-CVE-2005-4000
+CVE-2005-4000 (Cross-site scripting (XSS) vulnerability in archive.asp in SiteBeater  ...)
 	NOT-FOR-US: SiteBeater News System
-CVE-2005-3999
+CVE-2005-3999 (Cross-site scripting (XSS) vulnerability in Search.asp in SiteBeater M ...)
 	NOT-FOR-US: SiteBeater MP3 Catalog
-CVE-2005-3998
+CVE-2005-3998 (Cross-site scripting (XSS) vulnerability in search.asp in Solupress Ne ...)
 	NOT-FOR-US: Solupress News
-CVE-2005-3997
+CVE-2005-3997 (Zen Cart 1.2.6d and earlier, under certain PHP configurations, allows  ...)
 	NOT-FOR-US: Zen Cart
-CVE-2005-3996
+CVE-2005-3996 (SQL injection vulnerability in admin/password_forgotten.php in Zen Car ...)
 	NOT-FOR-US: Zen Cart
-CVE-2005-3995
+CVE-2005-3995 (Format string vulnerability in the dosyslog function in the OBEX serve ...)
 	NOT-FOR-US: Sobexsrv
 	NOTE: Checked obexserver source package, not vulnerable
 CVE-2005-3994
 	REJECTED
-CVE-2005-3993
+CVE-2005-3993 (Multiple unspecified vulnerabilities in MailEnable Professional 1.6 an ...)
 	NOT-FOR-US: MailEnable
-CVE-2005-3992
+CVE-2005-3992 (Multiple buffer overflows in WinEggDropShell remote access trojan (RAT ...)
 	NOT-FOR-US: WinEggDropShell
-CVE-2005-3991
+CVE-2005-3991 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyChat 0.14. ...)
 	NOT-FOR-US: phpMyChat
 CVE-2005-3990
 	REJECTED
-CVE-2005-3989
+CVE-2005-3989 (Memory leak in Avaya TN2602AP IP Media Resource 320 circuit pack befor ...)
 	NOT-FOR-US: Avaya hardware
-CVE-2005-3988
+CVE-2005-3988 (SQL injection vulnerability in article.php in Pineapple Technologies L ...)
 	NOT-FOR-US: Pineapple Technologies Lore
-CVE-2005-3987
+CVE-2005-3987 (Multiple SQL injection vulnerabilities in Tradesoft CMS allow remote a ...)
 	NOT-FOR-US: Tradesoft CMS
-CVE-2005-3986
+CVE-2005-3986 (Multiple SQL injection vulnerabilities in Instant Photo Gallery 1 and  ...)
 	NOT-FOR-US: Instant Photo Gallery
-CVE-2005-3985
+CVE-2005-3985 (The Internet Key Exchange version 1 (IKEv1) implementation in Astaro S ...)
 	NOT-FOR-US: Astaro Security Linux
-CVE-2005-3984
+CVE-2005-3984 (SQL injection vulnerability in WebCalendar 1.0.1 allows remote attacke ...)
 	{DSA-1002-1}
 	- webcalendar 1.0.2-1 (bug #342090)
-CVE-2005-3983
+CVE-2005-3983 (Unknown vulnerability in the login page for HP Systems Insight Manager ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2005-3982
+CVE-2005-3982 (CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 ...)
 	{DSA-1002-1}
 	- webcalendar 1.0.2-1 (bug #342090)
 CVE-2005-3981
 	NOT-FOR-US: Windows
-CVE-2005-3980
+CVE-2005-3980 (SQL injection vulnerability in the ticket query module in Edgewall Tra ...)
 	- trac 0.9.1-1 (bug #341697; medium)
 	[sarge] - trac <not-affected>
-CVE-2005-3979
+CVE-2005-3979 (relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 be ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2005-3978
+CVE-2005-3978 (Multiple SQL injection vulnerabilities in NetClassifieds Premium Editi ...)
 	NOT-FOR-US: NetClassifieds Premium Edition
-CVE-2005-3977
+CVE-2005-3977 (Cross-site scripting (XSS) vulnerability in QualityEBiz Quality PPC 15 ...)
 	NOT-FOR-US: QualityEBiz Quality PPC
-CVE-2005-3976
+CVE-2005-3976 (SQL injection vulnerability in type.asp, as used in multiple DUware pr ...)
 	NOT-FOR-US: Multipke DuWare products
-CVE-2005-3975
+CVE-2005-3975 (Interpretation conflict in file.inc in Drupal 4.5.0 through 4.5.5 and  ...)
 	{DSA-958-1}
 	- drupal 4.5.6-1 (bug #348811; medium)
-CVE-2005-3974
+CVE-2005-3974 (Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PH ...)
 	{DSA-958-1}
 	- drupal 4.5.6-1 (low)
-CVE-2005-3973
+CVE-2005-3973 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 4.5.0 th ...)
 	{DSA-958-1}
 	- drupal 4.5.6-1 (bug #348811; medium)
-CVE-2005-3972
+CVE-2005-3972 (Cross-site scripting (XSS) vulnerability in extremesearch.php in Extre ...)
 	NOT-FOR-US: Extreme Search Corporate Edition
-CVE-2005-3971
+CVE-2005-3971 (Cross-site scripting (XSS) vulnerability in the login form in Citrix M ...)
 	NOT-FOR-US: Citrix
-CVE-2005-3970
+CVE-2005-3970 (Cross-site scripting (XSS) vulnerability in MXChange before 0.2.0-pre1 ...)
 	NOT-FOR-US: MXChange
-CVE-2005-3969
+CVE-2005-3969 (SQL injection vulnerability in MXChange before 0.2.0-pre10 PL492 allow ...)
 	NOT-FOR-US: MXChange
-CVE-2005-3968
+CVE-2005-3968 (SQL injection vulnerability in auth.inc.php in PHPX 3.5.9 and earlier  ...)
 	NOT-FOR-US: PHPX
-CVE-2005-3967
+CVE-2005-3967 (Cross-site scripting (XSS) vulnerability in the dosearchsite.action mo ...)
 	NOT-FOR-US: Atlassian Confluence
-CVE-2005-3966
+CVE-2005-3966 (Cross-site scripting (XSS) vulnerability in search.jsp in Java Search  ...)
 	NOT-FOR-US: Java Search Engine
 CVE-2005-3965
 	REJECTED
-CVE-2005-3964
+CVE-2005-3964 (Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, an ...)
 	- openmotif 2.2.3-1.4 (bug #342092; medium)
 	[sarge] - openmotif <no-dsa> (Non-free)
-CVE-2005-3963
+CVE-2005-3963 (SQL injection vulnerability in session.php in DotClear before 1.2.3 al ...)
 	NOT-FOR-US: DotClear
-CVE-2005-3962
+CVE-2005-3962 (Integer overflow in the format string functionality (Perl_sv_vcatpvfn) ...)
 	{DSA-943-1}
 	- perl 5.8.7-9 (bug #341542; medium)
-CVE-2005-3961
+CVE-2005-3961 (export_handler.php in WebCalendar 1.0.1 allows remote attackers to ove ...)
 	{DSA-1002-1}
 	- webcalendar 1.0.2-1 (bug #341208; medium)
-CVE-2005-3960
+CVE-2005-3960 (Kadu 0.4.2 and 0.5.0pre allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Kadu
-CVE-2005-3959
+CVE-2005-3959 (Multiple cross-site scripting (XSS) vulnerabilities in FreeWebStat 1.0 ...)
 	NOT-FOR-US: FreeWebStat
-CVE-2005-3958
+CVE-2005-3958 (SQL injection vulnerability in index.php in Entergal MX 2.0 allows rem ...)
 	NOT-FOR-US: Entergal MX
-CVE-2005-3957
+CVE-2005-3957 (Unspecified vulnerability in the Trackback functionality in DotClear 1 ...)
 	NOT-FOR-US: DotClear
-CVE-2005-3956
+CVE-2005-3956 (Multiple SQL injection vulnerabilities in index.php in DMANews 0.904 a ...)
 	NOT-FOR-US: DMANews
-CVE-2005-3955
+CVE-2005-3955 (Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1,  ...)
 	NOT-FOR-US: MagpieRSS
-CVE-2005-3954
+CVE-2005-3954 (Cross-site scripting (XSS) vulnerability in blogBuddies 0.3 allows rem ...)
 	NOT-FOR-US: blogBuddies
-CVE-2005-3953
+CVE-2005-3953 (SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers  ...)
 	NOT-FOR-US: Bedeng PSP
-CVE-2005-3952
+CVE-2005-3952 (SQL injection vulnerability in PHP Labs Top Auction allows remote atta ...)
 	NOT-FOR-US: PHP Labs Top Auction
-CVE-2005-3951
+CVE-2005-3951 (SQL injection vulnerability in survey.php in PHP Labs Survey Wizard al ...)
 	NOT-FOR-US: PHP Labs Survey Wizard
-CVE-2005-3950
+CVE-2005-3950 (nuauth in NuFW 1.0.x before 1.0.16 and 1.1 allows authenticated users  ...)
 	- nufw 1.0.16-1 (bug #341544; medium)
-CVE-2005-3949
+CVE-2005-3949 (Multiple SQL injection vulnerabilities in WebCalendar 1.0.1 allow remo ...)
 	{DSA-1002-1}
 	- webcalendar 1.0.2-1 (bug #341208; medium)
-CVE-2005-3948
+CVE-2005-3948 (Directory traversal vulnerability in main.php in PHPAlbum 0.2.3 and ea ...)
 	NOT-FOR-US: PHPAlbum
-CVE-2005-3947
+CVE-2005-3947 (Directory traversal vulnerability in index.php in PHP Upload Center al ...)
 	NOT-FOR-US: PHP Upload Center
-CVE-2005-3946
+CVE-2005-3946 (Opera 8.50 allows remote attackers to cause a denial of service (crash ...)
 	NOT-FOR-US: Opera
-CVE-2005-3945
+CVE-2005-3945 (The SynAttackProtect protection in Microsoft Windows 2003 before SP1 a ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3944
+CVE-2005-3944 (SQL injection vulnerability in survey.php in ilyav Survey System 1.1 a ...)
 	NOT-FOR-US: ilyav Survey System
-CVE-2005-3943
+CVE-2005-3943 (Multiple SQL injection vulnerabilities in ilyav FAQ System 1.1 and ear ...)
 	NOT-FOR-US: ilyav Survey System
-CVE-2005-3942
+CVE-2005-3942 (SQL injection vulnerability in knowledgebase-control.php in Orca Knowl ...)
 	NOT-FOR-US: Orca Knowledgebase
-CVE-2005-3941
+CVE-2005-3941 (SQL injection vulnerability in blog.php in Orca Blog 1.3b and earlier  ...)
 	NOT-FOR-US: Orca Blog
-CVE-2005-3940
+CVE-2005-3940 (SQL injection vulnerability in ringmaker.php in Orca Ringmaker 2.3c an ...)
 	NOT-FOR-US: Orca Ringmaker
-CVE-2005-3939
+CVE-2005-3939 (Multiple SQL injection vulnerabilities in WSN Knowledge Base 1.2.0 and ...)
 	NOT-FOR-US: WSN Knowledge Base
-CVE-2005-3938
+CVE-2005-3938 (SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allow ...)
 	NOT-FOR-US: Softbiz FAQ
-CVE-2005-3937
+CVE-2005-3937 (SQL injection vulnerability in Softbiz B2B Trading Marketplace Script  ...)
 	NOT-FOR-US: Softbiz B2B
-CVE-2005-3936
+CVE-2005-3936 (PHP file include vulnerability in SocketKB 1.1.0 and earlier allows re ...)
 	NOT-FOR-US: SocketKB
-CVE-2005-3935
+CVE-2005-3935 (SQL injection vulnerability in SocketKB 1.1.0 and earlier allows remot ...)
 	NOT-FOR-US: SocketKB
-CVE-2005-3934
+CVE-2005-3934 (Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 3 ...)
 	NOT-FOR-US: pcAnywhere
-CVE-2005-3933
+CVE-2005-3933 (SQL injection vulnerability in index.php in 88Script's Event Calendar  ...)
 	NOT-FOR-US: 88Script's Event Calendar
-CVE-2005-3932
+CVE-2005-3932 (SQL injection vulnerability in okiraku.php in O-Kiraku Nikki 1.3 and e ...)
 	NOT-FOR-US: O-Kiraku Nikki
-CVE-2005-3931
+CVE-2005-3931 (SQL injection vulnerability in default.asp in ASP-Rider 1.6 allows rem ...)
 	NOT-FOR-US: ASP-Rider
-CVE-2005-3930
+CVE-2005-3930 (SQL injection vulnerability in index.php in N-13 News 1.2 allows remot ...)
 	NOT-FOR-US: N-13 News
-CVE-2005-3929
+CVE-2005-3929 (Directory traversal vulnerability in the create function in xarMLSXML2 ...)
 	NOT-FOR-US: Xaraya
 	NOTE: xarMLSXML2PHPBackend.php, 'nuff said
-CVE-2005-3928
+CVE-2005-3928 (Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users t ...)
 	NOT-FOR-US: QNX
-CVE-2005-3927
+CVE-2005-3927 (Multiple directory traversal vulnerabilities in GuppY 4.5.9 and earlie ...)
 	NOT-FOR-US: GuppY
-CVE-2005-3926
+CVE-2005-3926 (Direct static code injection vulnerability in error.php in GuppY 4.5.9 ...)
 	NOT-FOR-US: GuppY
-CVE-2005-3925
+CVE-2005-3925 (Multiple SQL injection vulnerabilities in Central Manchester CLC Helpd ...)
 	NOT-FOR-US: Central Manchester CLC Helpdesk Issue Manager
-CVE-2005-3924
+CVE-2005-3924 (SQL injection vulnerability in themes/kategorie/index.php in Randshop  ...)
 	NOT-FOR-US: Randshop
-CVE-2005-3923
+CVE-2005-3923 (NetObjects Fusion 9 (NOF9) allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: NetObjects Fusion
-CVE-2005-3922
+CVE-2005-3922 (Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus l ...)
 	NOT-FOR-US: Panda Antivirus
-CVE-2005-3921
+CVE-2005-3921 (Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for I ...)
 	NOT-FOR-US: IOS
-CVE-2005-3920
+CVE-2005-3920 (SQL injection vulnerability in Babe Logger 2 allows remote attackers t ...)
 	NOT-FOR-US: Babe Logger
-CVE-2005-3919
+CVE-2005-3919 (Cross-site scripting (XSS) vulnerability in PBLang 4.65 allows remote  ...)
 	NOT-FOR-US: PBLang
 CVE-2005-3918
 	NOT-FOR-US: OvBB
-CVE-2005-3917
+CVE-2005-3917 (SQL injection vulnerability in usersession in CommodityRentals 2.0 Onl ...)
 	NOT-FOR-US: CommidityRentals
-CVE-2005-3916
+CVE-2005-3916 (SQL injection vulnerability in memberlist.php in WSN Forum 1.21 allows ...)
 	NOT-FOR-US: WSN Forum
-CVE-2005-3915
+CVE-2005-3915 (The Internet Key Exchange version 1 (IKEv1) implementation in Claviste ...)
 	NOT-FOR-US: Clavister Web Client
-CVE-2005-3914
+CVE-2005-3914 (Multiple SQL injection vulnerabilities in AFFcommerce 1.1.4 allow remo ...)
 	NOT-FOR-US: AFFcommerce
-CVE-2005-3913
+CVE-2005-3913 (Unspecified vulnerability in the domain alias management in Virtual Ho ...)
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2005-3912
+CVE-2005-3912 (Format string vulnerability in miniserv.pl Perl web server in Webmin b ...)
 	{DSA-1199-1}
 	- webmin <not-affected> (Fixed through corrected Perl)
 	NOTE: No longer exploitable with Perl 5.8.7-9, thus no dedicated Webmin updated
-CVE-2005-3911
+CVE-2005-3911 (Multiple SQL injection vulnerabilities in calendar.php in BosDates 4.0 ...)
 	NOT-FOR-US: BosDates
-CVE-2005-3910
+CVE-2005-3910 (merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magi ...)
 	NOT-FOR-US: Post Affiliate Pro
-CVE-2005-3909
+CVE-2005-3909 (SQL injection vulnerability in merchants/index.php in Post Affiliate P ...)
 	NOT-FOR-US: Post Affiliate Pro
-CVE-2005-3908
+CVE-2005-3908 (Cross-site scripting (XSS) vulnerability in search.php in GhostScripte ...)
 	NOT-FOR-US: GhostScripter Amazon Shop
-CVE-2005-3907
+CVE-2005-3907 (Unspecified vulnerability in Java Runtime Environment in Java JDK and  ...)
 	NOT-FOR-US: Sun Java
-CVE-2005-3906
+CVE-2005-3906 (Multiple unspecified vulnerabilities in reflection APIs in Java SDK an ...)
 	NOT-FOR-US: Sun Java
-CVE-2005-3905
+CVE-2005-3905 (Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1 ...)
 	NOT-FOR-US: Sun Java
-CVE-2005-3904
+CVE-2005-3904 (Unspecified vulnerability in Java Management Extensions (JMX) in Java  ...)
 	NOT-FOR-US: Sun Java
-CVE-2005-3903
+CVE-2005-3903 (Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows loc ...)
 	NOT-FOR-US: SCO Unixware
-CVE-2005-3902
+CVE-2005-3902 (Cross-site scripting (XSS) vulnerability in gui/errordocs/index.php in ...)
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2005-3901
+CVE-2005-3901 (Macromedia Flash Communication Server MX 1.0 and 1.5 does not sufficie ...)
 	NOT-FOR-US: Flash MX
-CVE-2005-3900
+CVE-2005-3900 (Macromedia Breeze Communication Server and Breeze Live Server does 5.1 ...)
 	NOT-FOR-US: Macromedia Breeze
-CVE-2005-3899
+CVE-2005-3899 (The automatic update feature in Google Talk allows remote attackers to ...)
 	NOT-FOR-US: Google Talk
 CVE-2005-3898
 	REJECTED
-CVE-2005-3897
+CVE-2005-3897 (Apple Safari 2.0.2 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Safari
 	NOTE: Not reproducible with konqueror 4:3.4.2-4.
-CVE-2005-3896
+CVE-2005-3896 (Mozilla allows remote attackers to cause a denial of service (CPU cons ...)
 	NOTE: maintainers don't believe it is a security bug and can't reproduce after 1.5.dfsg-1
 	- firefox 1.5.dfsg-1 (bug #340283; bug #345469; unimportant)
 	- mozilla-firefox 1.4.99+1.5rc3.dfsg-2 (bug #340283; bug #345469; unimportant)
 	- mozilla <removed> (bug #340282; unimportant)
-CVE-2005-3895
+CVE-2005-3895 (Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 throug ...)
 	{DSA-973-1}
 	- otrs 2.0.4p01-1 (bug #340352; medium)
-CVE-2005-3894
+CVE-2005-3894 (Multiple cross-site scripting (XSS) vulnerabilities in index.pl in Ope ...)
 	{DSA-973-1}
 	- otrs 2.0.4p01-1 (bug #340352; medium)
-CVE-2005-3893
+CVE-2005-3893 (Multiple SQL injection vulnerabilities in index.pl in Open Ticket Requ ...)
 	{DSA-973-1}
 	- otrs 2.0.4p01-1 (bug #340352; medium)
-CVE-2005-3892
+CVE-2005-3892 (Gadu-Gadu 7.20 allows remote attackers to eavesdrop on a user via a we ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2005-3891
+CVE-2005-3891 (Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers  ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2005-3890
+CVE-2005-3890 (Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (c ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2005-3889
+CVE-2005-3889 (Gadu-Gadu 7.20 allows remote attackers to cause a denial of service vi ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2005-3888
+CVE-2005-3888 (Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2005-3887
+CVE-2005-3887 (Gadu-Gadu 7.20 does not properly handle MS-DOS device names in filenam ...)
 	NOT-FOR-US: Gadu-Gadu
-CVE-2005-3886
+CVE-2005-3886 (Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5. ...)
 	NOT-FOR-US: Cisco
-CVE-2005-3885
+CVE-2005-3885 (The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.4 ...)
 	{DSA-916-1}
 	- inkscape 0.42-1 (bug #321501; low)
-CVE-2005-3884
+CVE-2005-3884 (Multiple SQL injection vulnerabilities in the search action in Zainu 2 ...)
 	NOT-FOR-US: Zaimu
-CVE-2005-3883
+CVE-2005-3883 (CRLF injection vulnerability in the mb_send_mail function in PHP befor ...)
 	- php4 4:4.4.2-1 (bug #341726; medium)
 	- php5 5.1.1-1 (bug #341368; medium)
 	[sarge] - php4 <no-dsa> (application's job to sanitize input)
-CVE-2005-3882
+CVE-2005-3882 (SQL injection vulnerability in answer.php in FAQSystems FAQRing Knowle ...)
 	NOT-FOR-US: FAQRing Knowledge Base
-CVE-2005-3881
+CVE-2005-3881 (SQL injection vulnerability in search.php in AtlantisFAQ Knowledge Bas ...)
 	NOT-FOR-US: AtlantisFAQ Knowledge Base
-CVE-2005-3880
+CVE-2005-3880 (Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and earli ...)
 	NOT-FOR-US: Omnistar KBase
-CVE-2005-3879
+CVE-2005-3879 (Multiple SQL injection vulnerabilities in Softbiz Resource Repository  ...)
 	NOT-FOR-US: Softbiz Resource Repository Script
-CVE-2005-3878
+CVE-2005-3878 (Directory traversal vulnerability in index.php in PHP Doc System 1.5.1 ...)
 	NOT-FOR-US: PHP Doc System
-CVE-2005-3877
+CVE-2005-3877 (Multiple SQL injection vulnerabilities in Simple Document Management S ...)
 	NOT-FOR-US: Simple Document Management System
-CVE-2005-3876
+CVE-2005-3876 (Multiple SQL injection vulnerabilities in adcbrowres.php in AD Center  ...)
 	NOT-FOR-US: AD Center ADC2000 NG Pro
-CVE-2005-3875
+CVE-2005-3875 (Multiple SQL injection vulnerabilities in Enterprise Connector 1.0.2 a ...)
 	NOT-FOR-US: Enterprise Connector
-CVE-2005-3874
+CVE-2005-3874 (SQL injection vulnerability in netzbr.php in Netzbrett 1.5.1 and earli ...)
 	NOT-FOR-US: Netzbrett
-CVE-2005-3873
+CVE-2005-3873 (SQL injection vulnerability in topic.php in ShockBoard 3.0 and 4.0 all ...)
 	NOT-FOR-US: ShockBoard
-CVE-2005-3872
+CVE-2005-3872 (Multiple SQL injection vulnerabilities in Ugroup 2.6.2 and earlier all ...)
 	NOT-FOR-US: Ugroup
-CVE-2005-3871
+CVE-2005-3871 (Multiple SQL injection vulnerabilities in Joels Bulletin board (JBB) 0 ...)
 	NOT-FOR-US: JBB
-CVE-2005-3870
+CVE-2005-3870 (Multiple SQL injection vulnerabilities in edmobbs9r.php in edmoBBS 0.9 ...)
 	NOT-FOR-US: edmoBBS
-CVE-2005-3869
+CVE-2005-3869 (Cross-site scripting (XSS) vulnerability in index.php in Google API Se ...)
 	NOT-FOR-US: Google API
-CVE-2005-3868
+CVE-2005-3868 (Multiple SQL injection vulnerabilities in K-Search 1.0 and earlier all ...)
 	NOT-FOR-US: K-Search
-CVE-2005-3867
+CVE-2005-3867 (Cross-site scripting (XSS) vulnerability in RevenuePilot Search Engine ...)
 	NOT-FOR-US: RevenuePilot Search Engine
-CVE-2005-3866
+CVE-2005-3866 (Cross-site scripting (XSS) vulnerability in SearchFeed Search Engine 1 ...)
 	NOT-FOR-US: SearchFeed Search Engine
-CVE-2005-3865
+CVE-2005-3865 (SQL injection vulnerability in index.php in AllWeb search 3.0 and earl ...)
 	NOT-FOR-US: AllWeb search
-CVE-2005-3864
+CVE-2005-3864 (SQL injection vulnerability in index.php in SourceWell 1.1.2 and earli ...)
 	NOT-FOR-US: SourceWell
-CVE-2005-3863
+CVE-2005-3863 (Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and e ...)
 	{DSA-1088-1 DSA-1083-1 DTSA-23-1}
 	- centericq 4.21.0-6 (bug #340959; medium)
 	- orpheus 1.5-5 (bug #368402; medium)
@@ -2298,514 +2298,514 @@ CVE-2005-3863
 	NOTE: DTSA is for centericq only
 	NOTE: This affects Sarge and Woody centericq
 	NOTE: This affects Sarge and Woody motor
-CVE-2005-3862
+CVE-2005-3862 (Buffer overflow in unalz before 0.53 allows remote attackers to execut ...)
 	{DSA-959-1}
 	- unalz 0.55-1 (bug #340842; medium)
-CVE-2005-3861
+CVE-2005-3861 (PHP remote file inclusion vulnerability in content.php in phpGreetz 0. ...)
 	NOT-FOR-US: phpGreetz
-CVE-2005-3860
+CVE-2005-3860 (PHP remote file inclusion vulnerability in athena.php in Oliver May At ...)
 	NOT-FOR-US: Oliver May Athena PHP Website Administration
-CVE-2005-3859
+CVE-2005-3859 (PHP remote file inclusion vulnerability in q-news.php in Q-News 2.0 al ...)
 	NOT-FOR-US: Q-News
-CVE-2005-3858
+CVE-2005-3858 (Memory leak in the ip6_input_finish function in ip6_input.c in Linux k ...)
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.12-6
-CVE-2005-3856
+CVE-2005-3856 (The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1. ...)
 	- krusader 1.70.0-1 (bug #336169; low)
 	[sarge] - krusader <not-affected>
 	NOTE: This seems to be a dupe of CVE-2006-3816, pinged MITRE
-CVE-2005-3855
+CVE-2005-3855 (SQL injection vulnerability in process.php in 1-2-3 music store allows ...)
 	NOT-FOR-US: 1-2-3 music store
-CVE-2005-3854
+CVE-2005-3854 (Cross-site scripting (XSS) vulnerability in index.php in EasyPageCMS a ...)
 	NOT-FOR-US: EasyPageCMS
-CVE-2005-3853
+CVE-2005-3853 (SQL injection vulnerability in snews.php in sNews 1.3 and earlier allo ...)
 	NOT-FOR-US: sNews
-CVE-2005-3852
+CVE-2005-3852 (SQL injection vulnerability in search.asp in Online Work Order Suite ( ...)
 	NOT-FOR-US: Online Work Order Suite
-CVE-2005-3851
+CVE-2005-3851 (Cross-site scripting (XSS) vulnerability in search.asp in Online Atten ...)
 	NOT-FOR-US: Online Attendance System
-CVE-2005-3850
+CVE-2005-3850 (Cross-site scripting (XSS) vulnerability in search.asp in Online Knowl ...)
 	NOT-FOR-US: Online Knowledge Base System
-CVE-2005-3846
+CVE-2005-3846 (SQL injection vulnerability in news.php in Fantastic News 2.1.1 and ea ...)
 	NOT-FOR-US: Fantastic News
-CVE-2005-3845
+CVE-2005-3845 (SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allo ...)
 	NOT-FOR-US: EZ Invoice Inc
-CVE-2005-3844
+CVE-2005-3844 (SQL injection vulnerability in phpWordPress PHP News and Article Manag ...)
 	NOT-FOR-US: phpWordpress, this is not the same as Wordpress
-CVE-2005-3843
+CVE-2005-3843 (SQL injection vulnerability in faq.php in Nicecoder iDesk 1.0 allows r ...)
 	NOT-FOR-US: Nicecode iDesk
-CVE-2005-3842
+CVE-2005-3842 (SQL injection vulnerability in index.php in pdjk-support suite 1.1a an ...)
 	NOT-FOR-US: pdjk-support suite
-CVE-2005-3841
+CVE-2005-3841 (Cross-site scripting (XSS) vulnerability in kPlaylist 1.6 (build 400), ...)
 	NOT-FOR-US: kPlaylist
-CVE-2005-3840
+CVE-2005-3840 (SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier ...)
 	NOT-FOR-US: Omnistar Live
-CVE-2005-3839
+CVE-2005-3839 (Cross-site scripting (XSS) vulnerability in SupportPRO Supportdesk all ...)
 	NOT-FOR-US: SupportPRO Supportdesk
-CVE-2005-3838
+CVE-2005-3838 (Multiple SQL injection vulnerabilities in search.php in IsolSoft Suppo ...)
 	NOT-FOR-US: IsolSoft Support Center
-CVE-2005-3837
+CVE-2005-3837 (Cross-site scripting (XSS) vulnerability in the search module in sCssB ...)
 	NOT-FOR-US: sCssBoard
-CVE-2005-3836
+CVE-2005-3836 (SQL injection vulnerability in DeskLance 2.3 and earlier allows remote ...)
 	NOT-FOR-US: DeskLance
-CVE-2005-3835
+CVE-2005-3835 (PHP remote file inclusion vulnerability in support/index.php in DeskLa ...)
 	NOT-FOR-US: DeskLance
-CVE-2005-3834
+CVE-2005-3834 (Cross-site scripting (XSS) vulnerability in search.php in Tunez 1.21 a ...)
 	NOT-FOR-US: Tunez
-CVE-2005-3833
+CVE-2005-3833 (SQL injection vulnerability in songinfo.php in Tunez 1.21 and earlier  ...)
 	NOT-FOR-US: Tunez
-CVE-2005-3832
+CVE-2005-3832 (Stack-based buffer overflow in (1) CxUux60.dll and (2) CxUux60u.dll, a ...)
 	NOT-FOR-US: SpeedProject products
-CVE-2005-3831
+CVE-2005-3831 (Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, a ...)
 	NOT-FOR-US: SpeedProject products
-CVE-2005-3830
+CVE-2005-3830 (index.php in ActiveCampaign SupportTrio 1.4 and earlier allows remote  ...)
 	NOT-FOR-US: ActiveCampaign SupportTrio
-CVE-2005-3829
+CVE-2005-3829 (index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows re ...)
 	NOT-FOR-US: ActiveCampaign SupportTrio
-CVE-2005-3828
+CVE-2005-3828 (SQL injection vulnerability in index.php in ActiveCampaign KnowledgeBu ...)
 	NOT-FOR-US: ActiveCampaign SupportTrio
-CVE-2005-3827
+CVE-2005-3827 (SQL injection vulnerability in product_cat in AgileBill 1.4.92 and ear ...)
 	NOT-FOR-US: AgileBill
-CVE-2005-3826
+CVE-2005-3826 (Multiple SQL injection vulnerabilities in Ezyhelpdesk 1.0 allow remote ...)
 	NOT-FOR-US: Ezyhelpdesk
-CVE-2005-3825
+CVE-2005-3825 (SQL injection vulnerability in index.php in Comdev Vote Caster 3.1 and ...)
 	NOT-FOR-US: Comdev Vote Caster
-CVE-2005-3824
+CVE-2005-3824 (The uploads module in vTiger CRM 4.2 and earlier allows remote attacke ...)
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3823
+CVE-2005-3823 (The Users module in vTiger CRM 4.2 and earlier allows remote attackers ...)
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3822
+CVE-2005-3822 (Multiple SQL injection vulnerabilities in vTiger CRM 4.2 and earlier a ...)
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3821
+CVE-2005-3821 (Cross-site scripting (XSS) vulnerability in vTiger CRM 4.2 and earlier ...)
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3820
+CVE-2005-3820 (Multiple directory traversal vulnerabilities in index.php in vTiger CR ...)
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3819
+CVE-2005-3819 (Multiple SQL injection vulnerabilities in vTiger CRM 4.2 and earlier a ...)
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3818
+CVE-2005-3818 (Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM 4.2  ...)
 	NOT-FOR-US: vTiger CRM
-CVE-2005-3817
+CVE-2005-3817 (Multiple SQL injection vulnerabilities in Softbiz Web Host Directory S ...)
 	NOT-FOR-US: Softbiz Web Host Directory
-CVE-2005-3816
+CVE-2005-3816 (Multiple SQL injection vulnerabilities in forum.php in freeForum 1.1 a ...)
 	NOT-FOR-US: freeForum
-CVE-2005-3815
+CVE-2005-3815 (SQL injection vulnerability in forum.php in Orca Forum 4.3b and earlie ...)
 	NOT-FOR-US: Orca Forum
-CVE-2005-3814
+CVE-2005-3814 (Multiple cross-site scripting (XSS) vulnerabilities in SmartPPC Pro al ...)
 	NOT-FOR-US: SmartPPC Pro
-CVE-2005-3813
+CVE-2005-3813 (IMAP service (meimaps.exe) of MailEnable Professional 1.7 and Enterpri ...)
 	NOT-FOR-US: MailEnable
-CVE-2005-3812
+CVE-2005-3812 (freeFTPd 1.0.10 allows remote authenticated users to cause a denial of ...)
 	NOT-FOR-US: freeFTPd
-CVE-2005-3811
+CVE-2005-3811 (Directory traversal vulnerability in admin/main.php in AMAX Magic Winm ...)
 	NOT-FOR-US: AMAX Magic Winmail Server
-CVE-2005-3806
+CVE-2005-3806 (The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2 ...)
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.14-1 (medium)
-CVE-2005-3805
+CVE-2005-3805 (A locking problem in POSIX timer cleanup handling on exit in Linux ker ...)
 	- linux-2.6 2.6.14-1 (medium)
-CVE-2005-3804
+CVE-2005-3804 (Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support ...)
 	NOT-FOR-US: Cisco
-CVE-2005-3803
+CVE-2005-3803 (Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed" ...)
 	NOT-FOR-US: Cisco
-CVE-2005-3802
+CVE-2005-3802 (Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03  ...)
 	NOT-FOR-US: Belkin hardware
-CVE-2005-3801
+CVE-2005-3801 (CounterPane PasswordSafe 1.x and 2.x allows local users to test possib ...)
 	NOT-FOR-US: PasswordSafe
-CVE-2005-3800
+CVE-2005-3800 (Macromedia Contribute Publishing Server (CPS) before 1.11 uses a weak  ...)
 	NOT-FOR-US: Macromedia Contribute Publishing Server
-CVE-2005-3799
+CVE-2005-3799 (phpBB 2.0.18 allows remote attackers to obtain sensitive information v ...)
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: Not a real security problem, error messages might disclose the installation
 	NOTE: which is known for the Debian package anyway
-CVE-2005-3798
+CVE-2005-3798 (SQL injection vulnerability in admin/index.php in AlstraSoft Template  ...)
 	NOT-FOR-US: AlstraSoft Template Seller
-CVE-2005-3797
+CVE-2005-3797 (PHP remote file inclusion vulnerability in payment_paypal.php in Alstr ...)
 	NOT-FOR-US: AlstraSoft Template Seller
-CVE-2005-3796
+CVE-2005-3796 (Direct static code injection vulnerability in admin_options_manage.php ...)
 	NOT-FOR-US: AlstraSoft Affiliate Network
-CVE-2005-3795
+CVE-2005-3795 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Affi ...)
 	NOT-FOR-US: AlstraSoft Affiliate Network
-CVE-2005-3794
+CVE-2005-3794 (AlstraSoft Affiliate Network Pro 7.2 allows remote attackers to obtain ...)
 	NOT-FOR-US: AlstraSoft Affiliate Network
-CVE-2005-3793
+CVE-2005-3793 (Multiple SQL injection vulnerabilities in AlstraSoft Affiliate Network ...)
 	NOT-FOR-US: AlstraSoft Affiliate Network
-CVE-2005-3792
+CVE-2005-3792 (Multiple SQL injection vulnerabilities in the Search module in PHP-Nuk ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-3791
+CVE-2005-3791 (HTTP response splitting vulnerability in phpAdsNew and phpPgAds 2.0.6  ...)
 	NOT-FOR-US: phpAdsNew and phpPgAds
-CVE-2005-3790
+CVE-2005-3790 (Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter. ...)
 	NOT-FOR-US: phpwcms
-CVE-2005-3789
+CVE-2005-3789 (Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow re ...)
 	NOT-FOR-US: phpwcms
-CVE-2005-3788
+CVE-2005-3788 (Race condition in Cisco Adaptive Security Appliance (ASA) 7.0(0), 7.0( ...)
 	NOT-FOR-US: Cisco
-CVE-2005-3787
+CVE-2005-3787 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...)
 	{DSA-880-1}
 	- phpmyadmin 4:2.6.4-pl4-1 (bug #360726)
-CVE-2005-3786
+CVE-2005-3786 (Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZE ...)
 	NOT-FOR-US: Novell ZENworks
-CVE-2005-3785
+CVE-2005-3785 (Second-order symlink vulnerability in eix-sync.in in Ebuild IndeX (eix ...)
 	NOT-FOR-US: Ebuild IndeX
-CVE-2005-3784
+CVE-2005-3784 (The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 inc ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.15-1 (medium)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3783
+CVE-2005-3783 (The ptrace functionality (ptrace.c) in Linux kernel 2.6 before 2.6.14. ...)
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.14-3 (medium)
-CVE-2005-3782
+CVE-2005-3782 (Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and pass ...)
 	NOT-FOR-US: Apple
-CVE-2005-3848
+CVE-2005-3848 (Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12 ...)
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.13-1
-CVE-2005-3847
+CVE-2005-3847 (The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up  ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.13-1
-CVE-2005-3849
+CVE-2005-3849 (Cross-site scripting (XSS) vulnerability in the Search module in PmWik ...)
 	NOT-FOR-US: PmWiki
-CVE-2005-3781
+CVE-2005-3781 (Unspecified vulnerability in in.named in Solaris 9 allows attackers to ...)
 	NOT-FOR-US: Solaris
-CVE-2005-3780
+CVE-2005-3780 (Multiple buffer overflows in IPUpdate 1.1 might allow attackers to exe ...)
 	NOT-FOR-US: IPUpdate
-CVE-2005-3779
+CVE-2005-3779 (Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 a ...)
 	NOT-FOR-US: HP-UX
-CVE-2005-3778
+CVE-2005-3778 (Unspecified vulnerability in MyBulletinBoard (MyBB) before 1.0 PR2 Rev ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-3777
+CVE-2005-3777 (MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allows remote attackers to dele ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-3776
+CVE-2005-3776 (Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-3775
+CVE-2005-3775 (PHP remote file inclusion vulnerability in pollvote.php in PollVote al ...)
 	NOT-FOR-US: PollVote
-CVE-2005-3774
+CVE-2005-3774 (Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Cisco
-CVE-2005-3773
+CVE-2005-3773 (Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact a ...)
 	NOT-FOR-US: Joomla!
-CVE-2005-3772
+CVE-2005-3772 (Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow r ...)
 	NOT-FOR-US: Joomla!
-CVE-2005-3771
+CVE-2005-3771 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before  ...)
 	NOT-FOR-US: Joomla!
-CVE-2005-3770
+CVE-2005-3770 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Post (PHPp) ...)
 	NOT-FOR-US: PHP-Post
-CVE-2005-3769
+CVE-2005-3769 (SQL injection vulnerability in files.php in PHP Download Manager 1.1.3 ...)
 	NOT-FOR-US: PHP Download Manager
-CVE-2005-3768
+CVE-2005-3768 (Buffer overflow in the Internet Key Exchange version 1 (IKEv1) impleme ...)
 	NOT-FOR-US: Symantec appliances
-CVE-2005-3767
+CVE-2005-3767 (Exponent CMS 0.96.3 and later versions does not properly restrict the  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3766
+CVE-2005-3766 (Exponent CMS 0.96.3 and later versions stores sensitive user pages und ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3765
+CVE-2005-3765 (Exponent CMS 0.96.3 and later versions performs a chmod on uploaded fi ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3764
+CVE-2005-3764 (The image gallery (imagegallery) component in Exponent CMS 0.96.3 and  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3763
+CVE-2005-3763 (Exponent CMS 0.96.3 and later versions includes the full installation  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3762
+CVE-2005-3762 (SQL injection vulnerability in the navigation module (navigationmodule ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3761
+CVE-2005-3761 (Cross-site scripting (XSS) vulnerability in Exponent CMS 0.96.3 and la ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2005-3760
+CVE-2005-3760 (Double free vulnerability in the BBOORB module in IBM WebSphere Applic ...)
 	NOT-FOR-US: WebSphere
-CVE-2005-3758
+CVE-2005-3758 (Cross-site scripting (XSS) vulnerability in Google Mini Search Applian ...)
 	NOT-FOR-US: Google search appliance
-CVE-2005-3757
+CVE-2005-3757 (The Saxon XSLT parser in Google Mini Search Appliance, and possibly Go ...)
 	NOTE: XSLTs can call arbitrary java methods in libsaxon-java. This behaviour
 	NOTE: is well documented and can be switched off. Let's hope that all users
 	NOTE: of saxon are aware of this. A warning has been added to the readme.
 	NOTE: Current rdependencies:
 	- ooo2dbk <not-affected> (uses it's own xslt unless overridden by command line arg)
-CVE-2005-3756
+CVE-2005-3756 (Google Mini Search Appliance, and possibly Google Search Appliance, al ...)
 	NOT-FOR-US: Google search appliance
-CVE-2005-3755
+CVE-2005-3755 (Directory traversal vulnerability in Google Mini Search Appliance, and ...)
 	NOT-FOR-US: Google search appliance
-CVE-2005-3754
+CVE-2005-3754 (Cross-site scripting (XSS) vulnerability in Google Mini Search Applian ...)
 	NOT-FOR-US: Google search appliance
-CVE-2005-3750
+CVE-2005-3750 (Opera before 8.51 on Linux and Unix systems allows remote attackers to ...)
 	NOT-FOR-US: Opera
-CVE-2005-3749
+CVE-2005-3749 (Unspecified "absolute path vulnerabilities" in the diagela command (di ...)
 	NOT-FOR-US: AIX
-CVE-2005-3748
+CVE-2005-3748 (SQL injection vulnerability in the Search module in Tru-Zone Nuke ET 3 ...)
 	NOT-FOR-US: Tru-Zone Nuke ET
-CVE-2005-3747
+CVE-2005-3747 (Unspecified vulnerability in Jetty before 5.1.6 allows remote attacker ...)
 	- jetty 5.1.8-1 (bug #340582; medium)
-CVE-2005-3746
+CVE-2005-3746 (SQL injection vulnerability in thread.php in APBoard allows remote att ...)
 	NOT-FOR-US: APBoard
-CVE-2005-3745
+CVE-2005-3745 (Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and p ...)
 	- libstruts1.2-java 1.2.8-1 (bug #340583; medium)
 	[sarge] - libstruts1.2-java <no-dsa> (Only in contrib, relies on proprietary Java)
-CVE-2005-3744
+CVE-2005-3744 (SQL injection vulnerability in index.php in phpComasy 0.7.5 and earlie ...)
 	NOT-FOR-US: phpComasy
-CVE-2005-3743
+CVE-2005-3743 (SQL injection vulnerability in results.php in SimplePoll allows remote ...)
 	NOT-FOR-US: SimplePoll
-CVE-2005-3742
+CVE-2005-3742 (Cross-site scripting (XSS) vulnerability in popup.php in Advanced Poll ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2005-3741
+CVE-2005-3741 (Almond Classifieds does not properly verify the password, which allows ...)
 	NOT-FOR-US: Almond Classifieds
-CVE-2005-3740
+CVE-2005-3740 (Multiple SQL injection vulnerabilities in PHP-Fusion 6.00.206 and earl ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3739
+CVE-2005-3739 (Unspecified vulnerability in subheader.php in PHP-Fusion 6.00.206 and  ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3738
+CVE-2005-3738 (globals.php in Mambo Site Server 4.0.14 and earlier, when register_glo ...)
 	NOT-FOR-US: Mambo
-CVE-2005-3737
+CVE-2005-3737 (Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 throu ...)
 	{DSA-916-1 DTSA-24-1}
 	- inkscape 0.43-1 (bug #330894; medium)
-CVE-2005-3736
+CVE-2005-3736 (Multiple cross-site scripting (XSS) vulnerabilities in e-Quick Cart al ...)
 	NOT-FOR-US: e-Quick Cart
-CVE-2005-3735
+CVE-2005-3735 (Multiple SQL injection vulnerabilities in e-Quick Cart allow remote at ...)
 	NOT-FOR-US: e-Quick Cart
-CVE-2005-3734
+CVE-2005-3734 (Cross-site scripting (XSS) vulnerability in the "add content" page in  ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2005-3733
+CVE-2005-3733 (The Internet Key Exchange version 1 (IKEv1) implementation in Juniper  ...)
 	NOT-FOR-US: Juniper products using IKE
-CVE-2005-3732
+CVE-2005-3732 (The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg ...)
 	{DSA-965-1}
 	- ipsec-tools 1:0.6.3-1 (bug #340584; low)
-CVE-2005-3808
+CVE-2005-3808 (Integer overflow in the invalidate_inode_pages2_range function in mm/t ...)
 	- linux-2.6 2.6.14-4 (medium)
 	[sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not present)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code not present)
-CVE-2005-3809
+CVE-2005-3809 (The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in ...)
 	- linux-2.6 2.6.14-4 (medium)
 	[sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not present)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code not present)
-CVE-2005-3810
+CVE-2005-3810 (ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2. ...)
 	- linux-2.6 2.6.14-4 (medium)
 	[sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not present)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code not present)
-CVE-2005-3759
+CVE-2005-3759 (Multiple cross-site scripting (XSS) vulnerabilities in Horde before 3. ...)
 	{DSA-909-1}
 	- horde3 3.0.7-1 (bug #340323; medium)
-CVE-2005-3731
+CVE-2005-3731 (Unspecified vulnerability in yaSSL before 1.0.6 has unknown impact and ...)
 	- cyassl <not-affected> (Fixed before initial upload to archive)
-CVE-2005-3730
+CVE-2005-3730 (Multiple cross-site scripting (XSS) vulnerabilities in HTTPTranslatorS ...)
 	NOT-FOR-US: Revize CMS
-CVE-2005-3729
+CVE-2005-3729 (Idetix Software Systems Revize CMS allows remote attackers to obtain s ...)
 	NOT-FOR-US: Revize CMS
-CVE-2005-3728
+CVE-2005-3728 (Idetix Software Systems Revize CMS stores conf/revize.xml under the we ...)
 	NOT-FOR-US: Revize CMS
-CVE-2005-3727
+CVE-2005-3727 (SQL injection vulnerability in debug/query_results.jsp in Idetix Softw ...)
 	NOT-FOR-US: Revize CMS
-CVE-2005-3726
+CVE-2005-3726 (SQL injection vulnerability in Interspire ArticleLive NX 0.3 allows re ...)
 	NOT-FOR-US: ArticleLive NX
-CVE-2005-3725
+CVE-2005-3725 (Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP addr ...)
 	NOT-FOR-US: Zyxel WIFI Phone
-CVE-2005-3724
+CVE-2005-3724 (Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote attacker ...)
 	NOT-FOR-US: Zyxel WIFI Phone
-CVE-2005-3723
+CVE-2005-3723 (Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not allow the user to disabl ...)
 	NOT-FOR-US: Hitachi WIFI Phone
-CVE-2005-3722
+CVE-2005-3722 (The SNMP v1/v2c daemon in Hitachi IP5000 VOIP WIFI Phone 1.5.6 allows  ...)
 	NOT-FOR-US: Hitachi WIFI Phone
-CVE-2005-3721
+CVE-2005-3721 (The default configuration of the HTTP server in Hitachi IP5000 VOIP WI ...)
 	NOT-FOR-US: Hitachi WIFI Phone
-CVE-2005-3720
+CVE-2005-3720 (The default index page in the HTTP server in Hitachi IP5000 VOIP WIFI  ...)
 	NOT-FOR-US: Hitachi WIFI Phone
-CVE-2005-3719
+CVE-2005-3719 (Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator pa ...)
 	NOT-FOR-US: Hitachi WIFI Phone
-CVE-2005-3718
+CVE-2005-3718 (UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel ...)
 	NOT-FOR-US: UTStarcom WIFI Phone
-CVE-2005-3717
+CVE-2005-3717 (The telnet daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWo ...)
 	NOT-FOR-US: UTStarcom WIFI Phone
-CVE-2005-3716
+CVE-2005-3716 (The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWork ...)
 	NOT-FOR-US: UTStarcom WIFI Phone
-CVE-2005-3715
+CVE-2005-3715 (Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWork ...)
 	NOT-FOR-US: Senao Wireless VoIP Phone
-CVE-2005-3699
+CVE-2005-3699 (Opera Web Browser 8.50 and 8.0 through 8.0.2 allows remote attackers t ...)
 	NOT-FOR-US: Opera
-CVE-2005-3698
+CVE-2005-3698 (PHP Easy Download allows remote attackers to bypass authentication via ...)
 	NOT-FOR-US: PHP Easy Download
-CVE-2005-3697
+CVE-2005-3697 (Unspecified vulnerability in the administration interface in Uresk Lin ...)
 	NOT-FOR-US: Uresk Links Lite
-CVE-2005-3696
+CVE-2005-3696 (SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote attac ...)
 	NOT-FOR-US: Arki-DB
-CVE-2005-3695
+CVE-2005-3695 (Cross-site scripting (XSS) vulnerability in admin/config/confMgr.php i ...)
 	NOT-FOR-US: LiteSpeed Webserver
-CVE-2005-3694
+CVE-2005-3694 (centericq 4.20.0-r3 with "Enable peer-to-peer communications" set allo ...)
 	{DSA-912-1}
 	- centericq 4.21.0-4 (bug #334089; low)
-CVE-2005-3693
+CVE-2005-3693 (The AxWebRemoveCtrl ActiveX control for uninstalling the SunnComm Medi ...)
 	NOT-FOR-US: SunnComm MediaMax DRM
-CVE-2005-3692
+CVE-2005-3692 (Cross-site scripting (XSS) vulnerability in AMAX Magic Winmail Server  ...)
 	NOT-FOR-US: AMAX Magic Winmail Server
-CVE-2005-3691
+CVE-2005-3691 (Directory traversal vulnerability in the IMAP service (meimaps.exe) of ...)
 	NOT-FOR-US: MailEnable Professional
-CVE-2005-3690
+CVE-2005-3690 (Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailE ...)
 	NOT-FOR-US: MailEnable Professional
-CVE-2005-3689
+CVE-2005-3689 (post.php in XMB 1.9.2 allows remote attackers to obtain the installati ...)
 	NOT-FOR-US: XMB
-CVE-2005-3688
+CVE-2005-3688 (Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 a ...)
 	NOT-FOR-US: XMB
-CVE-2005-3687
+CVE-2005-3687 (cancel_account.php in WHM AutoPilot 2.5.30 and earlier allows remote a ...)
 	NOT-FOR-US: WHM AutoPilot
-CVE-2005-3686
+CVE-2005-3686 (SQL injection vulnerability in search.inc.php in Unclassified NewsBoar ...)
 	NOT-FOR-US: Unclassified Newsboard
-CVE-2005-3685
+CVE-2005-3685 (Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Sh ...)
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2005-3684
+CVE-2005-3684 (Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled,  ...)
 	NOT-FOR-US: freeFTPd
-CVE-2005-3683
+CVE-2005-3683 (Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enab ...)
 	NOT-FOR-US: freeFTPd
-CVE-2005-3682
+CVE-2005-3682 (Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote ...)
 	NOT-FOR-US: Wizz Forum
-CVE-2005-3681
+CVE-2005-3681 (SQL injection vulnerability in viewcat.php in XOOPS WF-Downloads modul ...)
 	NOT-FOR-US: Xoops
-CVE-2005-3680
+CVE-2005-3680 (Directory traversal vulnerability in editor_registry.php in XOOPS 2.2. ...)
 	NOT-FOR-US: Xoops
-CVE-2005-3679
+CVE-2005-3679 (SQL injection vulnerability in admin/index.php in ActiveCampaign 1-2-A ...)
 	NOT-FOR-US: ActiveCampaign 1-2-All Broadcast Email
-CVE-2005-3678
+CVE-2005-3678 (Google Talk before 1.0.0.76, with email notification enabled, allows r ...)
 	NOT-FOR-US: Google Talk
-CVE-2005-3677
+CVE-2005-3677 (Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote a ...)
 	- helix-player <not-affected>
-CVE-2005-3676
+CVE-2005-3676 (SQL injection vulnerability in download.php in PhpWebThings 1.4.4 allo ...)
 	NOT-FOR-US: PhpWebThings
-CVE-2005-3675
+CVE-2005-3675 (The Transmission Control Protocol (TCP) allows remote attackers to cau ...)
 	NOTE: Generic protocol weakness, likely hard to fix at the kernel
 	NOTE: level without performance impact.
-CVE-2005-3674
+CVE-2005-3674 (The Internet Key Exchange version 1 (IKEv1) implementation in the libi ...)
 	NOT-FOR-US: libike from Solaris
-CVE-2005-3673
+CVE-2005-3673 (The Internet Key Exchange version 1 (IKEv1) implementation in Check Po ...)
 	NOT-FOR-US: Check Point's IKE implementation
-CVE-2005-3672
+CVE-2005-3672 (The Internet Key Exchange version 1 (IKEv1) implementation in Stonesof ...)
 	NOT-FOR-US: StoneGate's IKE implementation
-CVE-2005-3671
+CVE-2005-3671 (The Internet Key Exchange version 1 (IKEv1) implementation in Openswan ...)
 	- openswan 1:2.4.4-1 (bug #339082; low)
 	[sarge] - openswan <no-dsa> (Only exploitable in inherently insecure mode of operation)
 	NOTE: Initial 2.4.3 didn't fix all the issues from the NISCC report
-CVE-2005-3670
+CVE-2005-3670 (Multiple unspecified vulnerabilities in the Internet Key Exchange vers ...)
 	NOT-FOR-US: HP-UX's IKE implementation
-CVE-2005-3669
+CVE-2005-3669 (Multiple unspecified vulnerabilities in the Internet Key Exchange vers ...)
 	NOT-FOR-US: Cisco
-CVE-2005-3668
+CVE-2005-3668 (Multiple buffer overflows in multiple unspecified implementations of I ...)
 	NOT-FOR-US: Just a "meta CVE" for all the IKE issues, will possibly be rejected
-CVE-2005-3667
+CVE-2005-3667 (Multiple unspecified vulnerabilities in multiple unspecified implement ...)
 	NOT-FOR-US: Just a "meta CVE" for all the IKE issues, will possibly be rejected
-CVE-2005-3666
+CVE-2005-3666 (Multiple unspecified format string vulnerabilities in multiple unspeci ...)
 	NOT-FOR-US: Just a "meta CVE" for all the IKE issues, will possibly be rejected
-CVE-2005-3665
+CVE-2005-3665 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...)
 	{DSA-1207-1}
 	- phpmyadmin 4:2.6.4-pl4-2 (bug #340438; medium)
 CVE-2005-XXXX [unsafe file permissions in vpnc]
 	- vpnc 0.3.3+SVN20051028-3 (bug #340105; unimportant)
 	NOTE: Only an example file
-CVE-2005-3714
+CVE-2005-3714 (The network interface for Apple AirPort Express 6.x before Firmware Up ...)
 	NOT-FOR-US: Apple AirPort
-CVE-2005-3713
+CVE-2005-3713 (Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remo ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-3712
+CVE-2005-3712 (Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 al ...)
 	NOT-FOR-US: Apple
-CVE-2005-3711
+CVE-2005-3711 (Integer overflow in Apple Quicktime before 7.0.4 allows remote attacke ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-3710
+CVE-2005-3710 (Integer overflow in Apple Quicktime before 7.0.4 allows remote attacke ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-3709
+CVE-2005-3709 (Integer underflow in Apple Quicktime before 7.0.4 allows remote attack ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-3708
+CVE-2005-3708 (Integer overflow in Apple Quicktime before 7.0.4 allows remote attacke ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-3707
+CVE-2005-3707 (Buffer overflow in Apple Quicktime before 7.0.4 allows remote attacker ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-3706
+CVE-2005-3706 (Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4. ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-3705
+CVE-2005-3705 (Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3. ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-3704
+CVE-2005-3704 (System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allo ...)
 	NOT-FOR-US: Mac OS X
 CVE-2005-3703
 	REJECTED
-CVE-2005-3702
+CVE-2005-3702 (Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote att ...)
 	NOT-FOR-US: Safari
-CVE-2005-3701
+CVE-2005-3701 (Unspecified vulnerability in passwordserver in Mac OS X Server 10.3.9  ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-3700
+CVE-2005-3700 (Unknown vulnerability in iodbcadmintool in the ODBC Administrator util ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-3664
+CVE-2005-3664 (Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in  ...)
 	NOT-FOR-US: Kaspersky AV
-CVE-2005-3663
+CVE-2005-3663 (Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 ...)
 	NOT-FOR-US: Kaspersky AV
-CVE-2005-3662
+CVE-2005-3662 (Off-by-one buffer overflow in pnmtopng before 2.39, when using the -al ...)
 	{DSA-904-1}
 	- netpbm-free 2:10.0-10.1 (medium; bug #351639)
-CVE-2005-3661
+CVE-2005-3661 (Dell TrueMobile 2300 Wireless Broadband Router running firmware 3.0.0. ...)
 	NOT-FOR-US: Dell hardware issue
-CVE-2005-3660
+CVE-2005-3660 (Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service ...)
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Design limitation, for rare corner cases, where this poses a problem advanced
 	NOTE: resource management systems can be deployed
-CVE-2005-3659
+CVE-2005-3659 (nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7 ...)
 	NOT-FOR-US: EMC Legato NetWorker
-CVE-2005-3658
+CVE-2005-3658 (Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x bef ...)
 	NOT-FOR-US: EMC Legato NetWorker
-CVE-2005-3657
+CVE-2005-3657 (The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Cent ...)
 	NOT-FOR-US: McAfee
-CVE-2005-3656
+CVE-2005-3656 (Multiple format string vulnerabilities in logging functions in mod_aut ...)
 	{DSA-935-1}
 	[sarge] - libapache2-mod-auth-pgsql 2.0.2b1-5sarge0
 	- libapache2-mod-auth-pgsql 2.0.2b1-7
 	- libapache-mod-auth-pgsql <not-affected> (Does not contain the vulnerable ap_log_rerror() function)
-CVE-2005-3655
+CVE-2005-3655 (Heap-based buffer overflow in Novell Open Enterprise Server Remote Man ...)
 	NOT-FOR-US: Novell Open Enterprise Server
-CVE-2005-3654
+CVE-2005-3654 (Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to ...)
 	NOT-FOR-US: Blue Coat WinProxy
-CVE-2005-3653
+CVE-2005-3653 (Heap-based buffer overflow in the iGateway service for various Compute ...)
 	NOT-FOR-US: IGateway
-CVE-2005-3652
+CVE-2005-3652 (Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 a ...)
 	NOT-FOR-US: Citrix
-CVE-2005-3651
+CVE-2005-3651 (Stack-based buffer overflow in the dissect_ospf_v3_address_prefix func ...)
 	{DSA-920-1}
 	- ethereal 0.10.13-1.1 (bug #342911; medium)
-CVE-2005-3650
+CVE-2005-3650 (The CodeSupport.ocx ActiveX control, as used by Sony to uninstall the  ...)
 	NOT-FOR-US: Sony Root Kit Uninstaller
-CVE-2005-3649
+CVE-2005-3649 (jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users t ...)
 	NOTE: only exploitable in certian configurations (non-default)
 	NOTE: warning added..
 	- moodle 1.5.3+20060108-1 (bug #338592; low)
 	[sarge] - moodle <not-affected> (Isn't explotable in sarge)
-CVE-2005-3648
+CVE-2005-3648 (Multiple SQL injection vulnerabilities in the get_record function in d ...)
 	- moodle 1.5.3+20060108-1 (bug #338592; low)
 	[sarge] - moodle <no-dsa> (Only exploitable in strange PHP setups)
-CVE-2005-3647
+CVE-2005-3647 (Folder Guard allows local users to bypass protections by running from  ...)
 	NOT-FOR-US: Folder Guard
-CVE-2005-3646
+CVE-2005-3646 (Multiple SQL injection vulnerabilities in lib-sessions.inc.php in phpA ...)
 	NOT-FOR-US: phpAdsNews
-CVE-2005-3645
+CVE-2005-3645 (phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remo ...)
 	NOT-FOR-US: phpAdsNews
-CVE-2005-3644
+CVE-2005-3644 (PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2 ...)
 	NOT-FOR-US: Windows
-CVE-2005-3643
+CVE-2005-3643 (IBM DB2 Database server running on Windows XP with Simple File Sharing ...)
 	NOT-FOR-US: DB2
-CVE-2005-3642
+CVE-2005-3642 (IBM Informix Dynamic Database server running on Windows XP with Simple ...)
 	NOT-FOR-US: Informix
-CVE-2005-3641
+CVE-2005-3641 (Oracle Databases running on Windows XP with Simple File Sharing enable ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3640
+CVE-2005-3640 (Multiple buffer overflows in the IMAP Groupware Mail server of Floosie ...)
 	NOT-FOR-US: FTGate
-CVE-2005-3639
+CVE-2005-3639 (PHP file inclusion vulnerability in the osTicket module in Help Center ...)
 	NOT-FOR-US: Help Center Live
-CVE-2005-3638
+CVE-2005-3638 (Cross-site scripting (XSS) vulnerabilities in Ekinboard 1.0.3 allow re ...)
 	NOT-FOR-US: Ekinboard
 CVE-2005-3637
 	REJECTED
-CVE-2005-3636
+CVE-2005-3636 (Cross-site scripting (XSS) vulnerability in SAP Web Application Server ...)
 	NOT-FOR-US: SAP Web Application Server
-CVE-2005-3635
+CVE-2005-3635 (Multiple cross-site scripting (XSS) vulnerabilities in SAP Web Applica ...)
 	NOT-FOR-US: SAP Web Application Server
-CVE-2005-3634
+CVE-2005-3634 (frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6. ...)
 	NOT-FOR-US: SAP Web Application Server
-CVE-2005-3633
+CVE-2005-3633 (HTTP response splitting vulnerability in frameset.htm in SAP Web Appli ...)
 	NOT-FOR-US: SAP Web Application Server
-CVE-2005-3632
+CVE-2005-3632 (Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow ...)
 	{DSA-904-1}
 	- netpbm-free 2:10.0-10.1 (medium; bug #351639)
-CVE-2005-3631
+CVE-2005-3631 (udev does not properly set permissions on certain files in /dev/input, ...)
 	- udev <not-affected> (Red Hat specific)
-CVE-2005-3630
+CVE-2005-3630 (Fedora Directory Server before 10 allows remote attackers to obtain se ...)
 	NOT-FOR-US: Fedora Directory Server
-CVE-2005-3629
+CVE-2005-3629 (initscripts in Red Hat Enterprise Linux 4 does not properly handle cer ...)
 	NOTE: current sudo cleans the environment, so we are not affected
 	- sysvconfig <not-affected> (sudo cleans env anyway)
-CVE-2005-3628
+CVE-2005-3628 (Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Strea ...)
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- kdegraphics 4:3.5.0-3
 	- gpdf 2.10.0-2 (bug #342286)
@@ -2819,7 +2819,7 @@ CVE-2005-3628
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	- tetex-bin 3.0-12
 	NOTE: tetex-bin switched to poppler in 3.0-12.
-CVE-2005-3627
+CVE-2005-3627 (Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml,  ...)
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
 	- kdegraphics 4:3.5.0-3
@@ -2834,7 +2834,7 @@ CVE-2005-3627
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	- tetex-bin 3.0-12
 	NOTE: tetex-bin switched to poppler in 3.0-12.
-CVE-2005-3626
+CVE-2005-3626 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTe ...)
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.3-2
 	- kdegraphics 4:3.5.0-3
@@ -2849,7 +2849,7 @@ CVE-2005-3626
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	- tetex-bin 3.0-12
 	NOTE: tetex-bin switched to poppler in 3.0-12.
-CVE-2005-3625
+CVE-2005-3625 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTe ...)
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
 	- tetex-bin 3.0-12
@@ -2864,7 +2864,7 @@ CVE-2005-3625
 	- cupsys 1.1.22-7
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	NOTE: tetex-bin switched to poppler in 3.0-12.
-CVE-2005-3624
+CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpd ...)
 	{DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- poppler 0.4.4-1 (bug #346076)
 	- tetex-bin 3.0-12
@@ -2879,16 +2879,16 @@ CVE-2005-3624
 	- cupsys 1.1.22-7
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	NOTE: tetex-bin switched to poppler in 3.0-12.
-CVE-2005-3623
+CVE-2005-3623 (nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR pr ...)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Does not contain NFS ACLs)
 	- linux-2.6 2.6.14-7
-CVE-2005-3622
+CVE-2005-3622 (phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain t ...)
 	- phpmyadmin <unfixed> (unimportant)
-CVE-2005-3620
+CVE-2005-3620 (The management interface for VMware ESX Server 2.0.x before 2.0.2 patc ...)
 	NOT-FOR-US: VMware ESX
-CVE-2005-3619
+CVE-2005-3619 (Cross-site scripting (XSS) vulnerability in the management interface f ...)
 	NOT-FOR-US: VMware ESX
-CVE-2005-3618
+CVE-2005-3618 (Cross-site request forgery (CSRF) vulnerability in the management inte ...)
 	NOT-FOR-US: VMWare ESX
 CVE-2005-3617
 	RESERVED
@@ -2932,72 +2932,72 @@ CVE-2005-3598
 	RESERVED
 CVE-2005-3597
 	REJECTED
-CVE-2005-3596
+CVE-2005-3596 (SQL injection vulnerability in ASPKnowledgebase allows remote attacker ...)
 	NOT-FOR-US: ASPKnowledgebase
-CVE-2005-3595
+CVE-2005-3595 (By default Microsoft Windows XP Home Edition installs with a blank pas ...)
 	NOT-FOR-US: Windows XP
-CVE-2005-3594
+CVE-2005-3594 (game_score.php in e107 allows remote attackers to insert high scores v ...)
 	NOT-FOR-US: e107
-CVE-2005-3592
+CVE-2005-3592 (index.php CuteNews 1.4.0 and earlier allows remote attackers to obtain ...)
 	NOT-FOR-US: CuteNews
-CVE-2005-3591
+CVE-2005-3591 (Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier a ...)
 	- flashplugin-nonfree 7.0.61-1 (bug #339290; high)
 	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash plugin)
-CVE-2005-3589
+CVE-2005-3589 (Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote a ...)
 	NOT-FOR-US: FileZilla Server
-CVE-2005-3588
+CVE-2005-3588 (SQL injection vulnerability in admin.php in Advanced Guestbook 2.2 all ...)
 	NOT-FOR-US: Advanced Guestbook
-CVE-2005-3587
+CVE-2005-3587 (Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before ...)
 	{DSA-947-1}
 	- clamav 0.87.1-1 (medium)
 	NOTE: sarge is affected (not in oldstable)
-CVE-2005-3586
+CVE-2005-3586 (content.php in Mambo 4.5.2 through 4.5.2.3 allows remote attackers to  ...)
 	NOT-FOR-US: Mambo
-CVE-2005-3585
+CVE-2005-3585 (SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows  ...)
 	NOT-FOR-US: PhpWebThings
-CVE-2005-3584
+CVE-2005-3584 (Cross-site scripting (XSS) vulnerability in forum.php in PhpWebThings  ...)
 	NOT-FOR-US: PhpWebThings
-CVE-2005-3583
+CVE-2005-3583 ((1) Java Runtime Environment (JRE) and (2) Software Development Kit (S ...)
 	NOT-FOR-US: Sun Java
-CVE-2005-3582
+CVE-2005-3582 (ImageMagick before 6.2.4.2-r1 allows local users in the portage group  ...)
 	- imagemagick <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-3581
+CVE-2005-3581 (GDAL before 1.3.0-r1 allows local users in the portage group to increa ...)
 	- gdal <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-3580
+CVE-2005-3580 (QDBM before 1.8.33-r2 allows local users in the portage group to incre ...)
 	- qdbm <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-3579
+CVE-2005-3579 (ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote at ...)
 	NOT-FOR-US: Walla TeleSite
-CVE-2005-3578
+CVE-2005-3578 (SQL injection vulnerability in ts.exe (aka ts.cgi) in Walla TeleSite 3 ...)
 	NOT-FOR-US: Walla TeleSite
-CVE-2005-3577
+CVE-2005-3577 (Cross-site scripting vulnerability (XSS) in ts.exe (aka ts.cgi) in Wal ...)
 	NOT-FOR-US: Walla TeleSite
-CVE-2005-3576
+CVE-2005-3576 (ts.exe in Walla TeleSite 3.0 and earlier allows remote attackers to ac ...)
 	NOT-FOR-US: Walla TeleSite
-CVE-2005-3575
+CVE-2005-3575 (SQL injection vulnerability in show.php in Cyphor 0.19 and earlier all ...)
 	NOT-FOR-US: Cyphor
-CVE-2005-3574
+CVE-2005-3574 (PHP file inclusion vulnerability in index.php of iCMS allows remote at ...)
 	NOT-FOR-US: iCMS
-CVE-2005-3573
+CVE-2005-3573 (Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character ...)
 	{DSA-955-1}
 	- mailman 2.1.5-10 (bug #327732; bug #339095; medium)
-CVE-2005-3572
+CVE-2005-3572 (SQL injection vulnerability in index.php in Peel 2.6 through 2.7 allow ...)
 	NOT-FOR-US: Peel
-CVE-2005-3571
+CVE-2005-3571 (PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHP ...)
 	NOT-FOR-US: protection.php from several crappy web apps not in Debian
-CVE-2005-3570
+CVE-2005-3570 (Unspecified cross-site scripting (XSS) vulnerability in Horde before 2 ...)
 	{DSA-914-1}
 	- horde2 2.2.9-1 (bug #338983)
-CVE-2005-3569
+CVE-2005-3569 (INSO service in IBM DB2 Content Manager before 8.2 Fix Pack 10 on AIX  ...)
 	NOT-FOR-US: DB2
-CVE-2005-3568
+CVE-2005-3568 (db2fmp process in IBM DB2 Content Manager before 8.2 Fix Pack 10 allow ...)
 	NOT-FOR-US: DB2
-CVE-2005-3567
+CVE-2005-3567 (slapd daemon in IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0 bin ...)
 	NOT-FOR-US: Tivoli
-CVE-2005-3566
+CVE-2005-3566 (Buffer overflow in various ha commands of VERITAS Cluster Server for U ...)
 	NOT-FOR-US: VERITAS Cluster Server
-CVE-2005-3565
+CVE-2005-3565 (Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and  ...)
 	NOT-FOR-US: HP-UX
-CVE-2005-3564
+CVE-2005-3564 (envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obt ...)
 	NOT-FOR-US: HP-UX
 CVE-2005-3563
 	REJECTED
@@ -3005,180 +3005,180 @@ CVE-2005-3562
 	REJECTED
 CVE-2005-3561
 	REJECTED
-CVE-2005-3560
+CVE-2005-3560 (Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite ...)
 	NOT-FOR-US: Zone Labs
-CVE-2005-3559
+CVE-2005-3559 (Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 throu ...)
 	{DSA-1048-1}
 	- asterisk 1:1.2.7.1.dfsg-2 (bug #338116; medium)
-CVE-2005-3558
+CVE-2005-3558 (PHP file inclusion vulnerability in index.php in OSTE 1.0 allows remot ...)
 	NOT-FOR-US: OSTE
-CVE-2005-3557
+CVE-2005-3557 (Directory traversal vulnerability in admin/defaults.php in PHPlist 2.1 ...)
 	NOT-FOR-US: PHPList
-CVE-2005-3556
+CVE-2005-3556 (Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1  ...)
 	NOT-FOR-US: PHPList
-CVE-2005-3555
+CVE-2005-3555 (Multiple SQL injection vulnerabilities in PHPlist 2.10.1 and earlier a ...)
 	NOT-FOR-US: PHPList
-CVE-2005-3554
+CVE-2005-3554 (Multiple eval injection vulnerabilities in the help function in PHPKIT ...)
 	NOT-FOR-US: PHPKIT
-CVE-2005-3553
+CVE-2005-3553 (Multiple SQL injection vulnerabilities in include.php in PHPKIT 1.6.1  ...)
 	NOT-FOR-US: PHPKIT
-CVE-2005-3552
+CVE-2005-3552 (Multiple cross-site scripting (XSS) vulnerabilities in PHPKIT 1.6.1 R2 ...)
 	NOT-FOR-US: PHPKIT
-CVE-2005-3551
+CVE-2005-3551 (toendaCMS before 0.6.2 stores user account and session data in the web ...)
 	NOT-FOR-US: toendaCMS
-CVE-2005-3550
+CVE-2005-3550 (Directory traversal vulnerability in admin.php in toendaCMS before 0.6 ...)
 	NOT-FOR-US: toendaCMS
-CVE-2005-3549
+CVE-2005-3549 (Direct code injection vulnerability in Task Manager in Invision Power  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2005-3548
+CVE-2005-3548 (Directory traversal vulnerability in Task Manager in Invision Power Bo ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2005-3547
+CVE-2005-3547 (Cross-site scripting (XSS) vulnerability in Invision Power Board 2.1 a ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2005-3546
+CVE-2005-3546 (suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before  ...)
 	NOT-FOR-US: F-Secure Internet Gatekeeper and Antivirus Gateway
-CVE-2005-3545
+CVE-2005-3545 (SQL injection vulnerability in index.php of the report module in ibPro ...)
 	NOT-FOR-US: ibProArcade
-CVE-2005-3544
+CVE-2005-3544 (Cross-site scripting (XSS) vulnerability in u2u.php in XMB 1.9.3 allow ...)
 	NOT-FOR-US: XMB
-CVE-2005-3543
+CVE-2005-3543 (SQL injection vulnerability in search.php in Phorum 5.0.0alpha through ...)
 	NOT-FOR-US: Phorum
 CVE-2005-3542
 	REJECTED
 CVE-2005-3541
 	RESERVED
-CVE-2005-3540
+CVE-2005-3540 (Buffer overflow in petris before 1.0.1 allows remote attackers to exec ...)
 	{DSA-929-1}
 	- petris 1.0.1-5
-CVE-2005-3539
+CVE-2005-3539 (Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier a ...)
 	{DSA-933-1}
 	- hylafax 2:4.2.4-2 (bug #347298)
 	NOTE: First patch had regressions
-CVE-2005-3538
+CVE-2005-3538 (hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrar ...)
 	- hylafax 2:4.2.4-1
 	[sarge] - hylafax <not-affected> (Affected only 4.2.3)
 	[woody] - hylafax <not-affected> (Affected only 4.2.3)
-CVE-2005-3537
+CVE-2005-3537 (A "missing request validation" error in phpBB 2 before 2.0.18 allows r ...)
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; medium)
-CVE-2005-3536
+CVE-2005-3536 (SQL injection vulnerability in phpBB 2 before 2.0.18 allows remote att ...)
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; medium)
-CVE-2005-3535
+CVE-2005-3535 (Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary  ...)
 	{DSA-926-1}
 	- ketm 0.0.6-17sarge1 (low)
-CVE-2005-3534
+CVE-2005-3534 (Buffer overflow in the Network Block Device (nbd) server 2.7.5 and ear ...)
 	{DSA-924-1}
 	- nbd 1:2.8.3-1
-CVE-2005-3533
+CVE-2005-3533 (Buffer overflow in OSH before 1.7-15 allows local users to execute arb ...)
 	{DSA-918-1}
 	- osh 1.7-15
-CVE-2005-3532
+CVE-2005-3532 (authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through ...)
 	{DSA-917-1}
 	- courier 0.47-12 (bug #211920; medium)
-CVE-2005-3531
+CVE-2005-3531 (fusermount in FUSE before 2.4.1, if installed setuid root, allows loca ...)
 	{DTSA-27-1}
 	- fuse 2.4.1-0.1 (bug #340398; low)
 	[sarge] - fuse <no-dsa> (Minor local DoS)
-CVE-2005-3530
+CVE-2005-3530 (Cross-site scripting (XSS) vulnerability in Antville 1.1 allows remote ...)
 	NOT-FOR-US: Antville
-CVE-2005-3529
+CVE-2005-3529 (tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remo ...)
 	NOT-FOR-US: TikiWiki
-CVE-2005-3528
+CVE-2005-3528 (Cross-site scripting (XSS) vulnerability in tiki-view_forum_thread.php ...)
 	NOT-FOR-US: TikiWiki
-CVE-2005-3527
+CVE-2005-3527 (Race condition in do_coredump in signal.c in Linux kernel 2.6 allows l ...)
 	- linux-2.6 2.6.14-1 (low)
 	- kernel-source-2.4.27 <not-affected> (Vulnerable code was introduced later)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code was introduced later)
 	NOTE: http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-3527?op=file&rev=0&sc=0
-CVE-2005-3526
+CVE-2005-3526 (Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite 200 ...)
 	NOT-FOR-US: Ipswitch Collaboration Suite
-CVE-2005-3525
+CVE-2005-3525 (Stack-based buffer overflow in an ActiveX control for the installer fo ...)
 	NOT-FOR-US: Adobe
-CVE-2005-3522
+CVE-2005-3522 (Cross-site scripting (XSS) vulnerability in index.jsp in ManageEngine  ...)
 	NOT-FOR-US: ManageEngine NetflowAnalyzer
-CVE-2005-3521
+CVE-2005-3521 (SQL injection vulnerability in resetcore.php in e107 0.617 through 0.6 ...)
 	NOT-FOR-US: e107
-CVE-2005-3520
+CVE-2005-3520 (Multiple cross-site scripting (XSS) vulnerabilities in MySource 2.14.0 ...)
 	NOT-FOR-US: MySource
-CVE-2005-3519
+CVE-2005-3519 (Multiple PHP file inclusion vulnerabilities in MySource 2.14.0 allow r ...)
 	NOT-FOR-US: MySource
-CVE-2005-3518
+CVE-2005-3518 (SQL injection vulnerability in search.php in PunBB 1.2.7 and 1.2.8 all ...)
 	NOT-FOR-US: PunBB
-CVE-2005-3517
+CVE-2005-3517 (Chipmunk Scripts Guestbook allows remote attackers to obtain the insta ...)
 	NOT-FOR-US: Chipmunk Scripts Guestbook
-CVE-2005-3516
+CVE-2005-3516 (Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk  ...)
 	NOT-FOR-US: Chipmunk Directory
-CVE-2005-3515
+CVE-2005-3515 (Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk  ...)
 	NOT-FOR-US: Chipmunk Topsites
-CVE-2005-3514
+CVE-2005-3514 (Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Forum  ...)
 	NOT-FOR-US: Chipmunk Forum
-CVE-2005-3513
+CVE-2005-3513 (index.php in VUBB alpha rc1 allows remote attackers to obtain the inst ...)
 	NOT-FOR-US: VUBB
-CVE-2005-3512
+CVE-2005-3512 (Cross-site scripting (XSS) vulnerability in index.php in VUBB alpha rc ...)
 	NOT-FOR-US: VUBB
-CVE-2005-3511
+CVE-2005-3511 (Multiple cross-site scripting (XSS) vulnerabilities in Spymac Web OS 4 ...)
 	NOT-FOR-US: Spymac Web OS
-CVE-2005-3510
+CVE-2005-3510 (Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denia ...)
 	- tomcat5 <not-affected> (Debian's 5.0 version is not vulnerable)
-CVE-2005-3509
+CVE-2005-3509 (Multiple SQL injection vulnerabilities in JPortal allow remote attacke ...)
 	NOT-FOR-US: JPortal
-CVE-2005-3508
+CVE-2005-3508 (SQL injection vulnerability in showGallery.php in Gallery (Galerie) 2. ...)
 	NOT-FOR-US: Tonio gallery (not the one in the gallery debian package)
-CVE-2005-3507
+CVE-2005-3507 (Directory traversal vulnerability in CuteNews 1.4.1 allows remote atta ...)
 	NOT-FOR-US: CuteNews
-CVE-2005-3506
+CVE-2005-3506 (Cross-site scripting (XSS) vulnerability in proxy.asp in Sambar Server ...)
 	NOT-FOR-US: Sambar
-CVE-2005-3505
+CVE-2005-3505 (Cross-site scripting (XSS) vulnerability in the Entropy Chat script in ...)
 	NOT-FOR-US: Entropy Chat Script
-CVE-2005-3504
+CVE-2005-3504 (Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled ...)
 	NOT-FOR-US: AIX
-CVE-2005-3503
+CVE-2005-3503 (chfn in pwdutils 3.0.4 and earlier on SuSE Linux, and possibly other o ...)
 	NOT-FOR-US: SuSE fork of passwd
-CVE-2005-3502
+CVE-2005-3502 (attachment_send.php in Cerberus Helpdesk allows remote attackers to vi ...)
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2005-3499
+CVE-2005-3499 (Frisk F-Prot Antivirus allows remote attackers to bypass protection vi ...)
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2005-3498
+CVE-2005-3498 (IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5. ...)
 	NOT-FOR-US: WebSphere
 CVE-2005-3497
 	NOT-FOR-US: PHP Handicapper
-CVE-2005-3496
+CVE-2005-3496 (Cross-site scripting (XSS) vulnerability in PHP Handicapper allows rem ...)
 	NOT-FOR-US: PHP Handicapper
-CVE-2005-3495
+CVE-2005-3495 (Ar-blog 5.2 and earlier allows remote attackers to bypass authenticati ...)
 	NOT-FOR-US: Ar-blog
-CVE-2005-3494
+CVE-2005-3494 (Cross-site scripting (XSS) vulnerability in Ar-blog 5.2 and earlier al ...)
 	NOT-FOR-US: Ar-blog
-CVE-2005-3493
+CVE-2005-3493 (Battle Carry .005 and earlier allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Battle Carry
-CVE-2005-3492
+CVE-2005-3492 (FlatFrag 0.3 and earlier allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: FlatFrag
-CVE-2005-3491
+CVE-2005-3491 (Multiple buffer overflows in the receiver function in loop.c in FlatFr ...)
 	NOT-FOR-US: FlatFrag
-CVE-2005-3490
+CVE-2005-3490 (Directory traversal vulnerability in the web server in Asus Video Secu ...)
 	NOT-FOR-US: Asus Video Security
-CVE-2005-3489
+CVE-2005-3489 (Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using ...)
 	NOT-FOR-US: Asus Video Security
-CVE-2005-3488
+CVE-2005-3488 (Scorched 3D 39.1 (bf) and earlier allows remote attackers to cause a d ...)
 	- scorched3d 39.1+cvs20050929-2 (bug #337403; medium)
-CVE-2005-3487
+CVE-2005-3487 (Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow r ...)
 	- scorched3d 39.1+cvs20050929-2 (bug #337403; medium)
-CVE-2005-3486
+CVE-2005-3486 (Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and ea ...)
 	- scorched3d 39.1+cvs20050929-2 (bug #337403; medium)
-CVE-2005-3485
+CVE-2005-3485 (Buffer overflow in Glider Collect'n kill 1.0.0.0 allows remote attacke ...)
 	NOT-FOR-US: Glider Collect'n kill
-CVE-2005-3484
+CVE-2005-3484 (Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allow ...)
 	NOT-FOR-US: NeroNET
-CVE-2005-3483
+CVE-2005-3483 (Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows ...)
 	NOT-FOR-US: GO-Global
-CVE-2005-3621
+CVE-2005-3621 (CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows rem ...)
 	{DSA-1207-1}
 	- phpmyadmin 4:2.6.4-pl4-1 (bug #339437; medium)
-CVE-2005-3524
+CVE-2005-3524 (Buffer overflow in the SSL-ready version of linux-ftpd (linux-ftpd-ssl ...)
 	{DSA-896-1}
 	- linux-ftpd-ssl 0.17.18+0.3-5 (bug #339074; high)
-CVE-2005-3807
+CVE-2005-3807 (Memory leak in the VFS file lease handling in locks.c in Linux kernels ...)
 	- linux-2.6 2.6.14-4
-CVE-2005-3857
+CVE-2005-3857 (The time_out_leases function in locks.c for Linux kernel before 2.6.15 ...)
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.14-4 (low)
 CVE-2005-XXXX [user logout in drupal has no effect]
@@ -3186,474 +3186,474 @@ CVE-2005-XXXX [user logout in drupal has no effect]
 	- drupal 4.5.5-3 (bug #336719; medium)
 CVE-2005-XXXX [double free() in libungif]
 	- libungif4 4.1.4-1 (bug #338542; medium)
-CVE-2005-3523
+CVE-2005-3523 (Format string vulnerability in friendsd2 in GpsDrive allows remote att ...)
 	{DSA-891-1}
 	- gpsdrive 2.09-2sarge1 (bug #337495; medium)
 CVE-2005-XXXX [Insecure temp files in note]
 	- note 1.3.1-3 (bug #337492; unimportant)
 	NOTE: Second issue not shipped in binary, only example, first issue not sufficiently
 	NOTE: predictable for a real world attack
-CVE-2005-3500
+CVE-2005-3500 (The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) bef ...)
 	{DSA-887-1 DTSA-21-1}
 	- clamav 0.87.1-1 (medium)
-CVE-2005-3501
+CVE-2005-3501 (The cabd_find function in cabd.c of the libmspack library (mspack) for ...)
 	{DSA-887-1 DTSA-21-1}
 	- clamav 0.87.1-1 (medium)
-CVE-2005-3482
+CVE-2005-3482 (Cisco 1200, 1131, and 1240 series Access Points, when operating in Lig ...)
 	NOT-FOR-US: Cisco
-CVE-2005-3481
+CVE-2005-3481 (Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitra ...)
 	NOT-FOR-US: IOS
-CVE-2005-3480
+CVE-2005-3480 (login.asp in Ringtail CaseBook 6.1.0 displays different error messages ...)
 	NOT-FOR-US: Ringtail CaseBook
-CVE-2005-3479
+CVE-2005-3479 (Cross-site scripting (XSS) vulnerability in login.asp in Ringtail Case ...)
 	NOT-FOR-US: Ringtail CaseBook
-CVE-2005-3478
+CVE-2005-3478 (SQL injection vulnerability in index.php in PHPCafe.net Tutorials Mana ...)
 	NOT-FOR-US: PHPCafe Tutorial Manager
-CVE-2005-3477
+CVE-2005-3477 (Multiple interpretation error in the image upload handling code in Inv ...)
 	NOT-FOR-US: Invision Gallery
-CVE-2005-3476
+CVE-2005-3476 (Unspecified vulnerability in HP OpenVMS Integrity 8.2-1 and 8.2, and O ...)
 	NOT-FOR-US: OpenVMS
-CVE-2005-3475
+CVE-2005-3475 (Hasbani Web Server (WindWeb) 2.0 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Hasbani Web Server
-CVE-2005-3474
+CVE-2005-3474 (The aries.sys driver in Sony First4Internet XCP DRM software hides any ...)
 	NOT-FOR-US: XCP DRM
-CVE-2005-3473
+CVE-2005-3473 (Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog ...)
 	NOT-FOR-US: Simple PHP Blog
-CVE-2005-3472
+CVE-2005-3472 (Unspecified vulnerability in Sun Java System Communications Express 20 ...)
 	NOT-FOR-US: Sun Java System Communications Express
-CVE-2005-3471
+CVE-2005-3471 (Directory traversal vulnerability in the ruleset view for MailWatch fo ...)
 	NOT-FOR-US: MailWatch for MailScanner
-CVE-2005-3470
+CVE-2005-3470 (SQL injection vulnerability in in the authenticate function in MailWat ...)
 	NOT-FOR-US: MailWatch for MailScanner
-CVE-2005-3469
+CVE-2005-3469 (SQL injection vulnerability in index.php in News2Net 3.0.0.0 allows re ...)
 	NOT-FOR-US: News2Net
-CVE-2005-3468
+CVE-2005-3468 (Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft ...)
 	NOT-FOR-US: F-Secure
-CVE-2005-3467
+CVE-2005-3467 (Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of ...)
 	NOT-FOR-US: Serv-U FTP Server
-CVE-2005-3466
+CVE-2005-3466 (Unspecified vulnerability in Enterprise CRM Sales in Oracle 8.81 up to ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3465
+CVE-2005-3465 (Unspecified vulnerability in JDEdwards HTML Server in Oracle Enterpris ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3464
+CVE-2005-3464 (Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterpri ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3463
+CVE-2005-3463 (Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterpri ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3462
+CVE-2005-3462 (Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterpri ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3461
+CVE-2005-3461 (Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterpri ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3460
+CVE-2005-3460 (Unspecified vulnerability in Oracle Agent in Oracle Enterprise Manager ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3459
+CVE-2005-3459 (Unspecified vulnerability in Oracle E-Business Suite and Applications  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3458
+CVE-2005-3458 (Unspecified vulnerability in Oracle E-Business Suite and Applications  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3457
+CVE-2005-3457 (Unspecified vulnerability in Oracle E-Business Suite and Applications  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3456
+CVE-2005-3456 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3455
+CVE-2005-3455 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3454
+CVE-2005-3454 (Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10g ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3453
+CVE-2005-3453 (Multiple unspecified vulnerabilities in Web Cache in Oracle Applicatio ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3452
+CVE-2005-3452 (Unspecified vulnerability in Web Cache in Oracle Application Server 1. ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3451
+CVE-2005-3451 (Unspecified vulnerability in SQL*ReportWriter in Oracle Application Se ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3450
+CVE-2005-3450 (Unspecified vulnerability in the HTTP Server in Oracle Application Ser ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3449
+CVE-2005-3449 (Multiple unspecified vulnerabilities in Oracle Application Server 9.0  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3448
+CVE-2005-3448 (Unspecified vulnerability in the OC4J Module in Oracle Application Ser ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3447
+CVE-2005-3447 (Unspecified vulnerability in Single Sign-On in Oracle Database Server  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3446
+CVE-2005-3446 (Unspecified vulnerability in Internet Directory in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3445
+CVE-2005-3445 (Multiple unspecified vulnerabilities in HTTP Server in Oracle Database ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3444
+CVE-2005-3444 (Multiple unspecified vulnerabilities in the Programmatic Interface in  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3443
+CVE-2005-3443 (Unspecified vulnerability in the Spatial component in Oracle Database  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3442
+CVE-2005-3442 (Multiple unspecified vulnerabilities in Oracle Database Server 8i up t ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3441
+CVE-2005-3441 (Unspecified vulnerability in Intelligent Agent in Oracle Database Serv ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3440
+CVE-2005-3440 (Unspecified vulnerability in Database Scheduler in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3439
+CVE-2005-3439 (Multiple unspecified vulnerabilities in Oracle Database Server 10g up  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3438
+CVE-2005-3438 (Multiple unspecified vulnerabilities in Oracle Database Server 9i up t ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3437
+CVE-2005-3437 (Unspecified vulnerability in the PL/SQL component in Oracle Database S ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3436
+CVE-2005-3436 (Cross-site scripting (XSS) vulnerability in Nuked-Klan 1.7 allows remo ...)
 	NOT-FOR-US: Nuked-Klan
-CVE-2005-3435
+CVE-2005-3435 (admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to  ...)
 	NOT-FOR-US: Archilles Newsworld
-CVE-2005-3434
+CVE-2005-3434 (Archilles Newsworld before 1.5.0-rc1 stores (1) account.nwd and (2) se ...)
 	NOT-FOR-US: Archilles Newsworld
-CVE-2005-3433
+CVE-2005-3433 (Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers  ...)
 	NOT-FOR-US: Mirabilis ICQ
-CVE-2005-3432
+CVE-2005-3432 (MiniGal 2 (MG2) 0.5.1 allows remote attackers to list password protect ...)
 	NOT-FOR-US: MiniGal2
-CVE-2005-3431
+CVE-2005-3431 (Absolute path traversal vulnerability in Rockliffe MailSite Express be ...)
 	NOT-FOR-US: MailSite Express
-CVE-2005-3430
+CVE-2005-3430 (Incomplete blacklist vulnerability in Rockliffe MailSite Express befor ...)
 	NOT-FOR-US: MailSite Express
-CVE-2005-3429
+CVE-2005-3429 (Rockliffe MailSite Express before 6.1.22, with the option to save logi ...)
 	NOT-FOR-US: MailSite Express
-CVE-2005-3428
+CVE-2005-3428 (Cross-site scripting (XSS) vulnerability in Rockliffe MailSite Express ...)
 	NOT-FOR-US: MailSite Express
-CVE-2005-3427
+CVE-2005-3427 (The Cisco Management Center (MC) for IPS Sensors (IPS MC) 2.1 can omit ...)
 	NOT-FOR-US: IPS Sensors
-CVE-2005-3426
+CVE-2005-3426 (Cisco CSS 11500 Content Services Switch (CSS) with SSL termination ser ...)
 	NOT-FOR-US: Cisco
-CVE-2005-3425
+CVE-2005-3425 (Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allow ...)
 	{DSA-877-1}
 	- gnump3d 2.9.6-1
-CVE-2005-3424
+CVE-2005-3424 (Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allow ...)
 	{DSA-877-1}
 	- gnump3d 2.9.5-1 (low)
-CVE-2005-3423
+CVE-2005-3423 (Multiple SQL injection vulnerabilities in Subdreamer 2.2.1 allow remot ...)
 	NOT-FOR-US: Subdreamer
-CVE-2005-3422
+CVE-2005-3422 (Cross-site scripting (XSS) vulnerability in error.asp in ASP Fast Foru ...)
 	NOT-FOR-US: ASP Fast Forum
-CVE-2005-3421
+CVE-2005-3421 (estcmd in Hyper Estraier 1.0.1 on Windows systems allows remote attack ...)
 	NOT-FOR-US: Hyper Estraier
-CVE-2005-3420
+CVE-2005-3420 (usercp_register.php in phpBB 2.0.17 allows remote attackers to modify  ...)
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
 	NOTE: http://www.hardened-php.net/advisory_172005.75.html
 	NOTE: http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=336756
 	NOTE: Remote code execution may be possible, especially in conjunction
 	NOTE: with PHP bugs.
-CVE-2005-3419
+CVE-2005-3419 (SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 all ...)
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
-CVE-2005-3418
+CVE-2005-3418 (Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 an ...)
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
-CVE-2005-3417
+CVE-2005-3417 (phpBB 2.0.17 and earlier, when the register_long_arrays directive is d ...)
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
-CVE-2005-3416
+CVE-2005-3416 (phpBB 2.0.17 and earlier, when register_globals is enabled and the ses ...)
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
-CVE-2005-3415
+CVE-2005-3415 (phpBB 2.0.17 and earlier allows remote attackers to bypass protection  ...)
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #336582; bug #336587)
-CVE-2005-3414
+CVE-2005-3414 (eyeOS 0.8.4 stores usrinfo.xml under the web document root with insuff ...)
 	NOT-FOR-US: eyeOS
-CVE-2005-3413
+CVE-2005-3413 (Cross-site scripting (XSS) vulnerability in desktop.php in eyeOS 0.8.4 ...)
 	NOT-FOR-US: eyeOS
-CVE-2005-3412
+CVE-2005-3412 (Cross-site scripting (XSS) vulnerability in Elite Forum 1.0.0.0 allows ...)
 	NOT-FOR-US: Elite Forum
-CVE-2005-3411
+CVE-2005-3411 (Cross-site scripting (XSS) vulnerability in post.asp in Snitz Forums 2 ...)
 	NOT-FOR-US: Snitz Forums
 CVE-2005-3410
 	RESERVED
-CVE-2005-3409
+CVE-2005-3409 (OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote atta ...)
 	{DSA-885-1}
 	- openvpn 2.0.5-1 (bug #337334; low)
-CVE-2005-3408
+CVE-2005-3408 (SQL injection vulnerability in news.php in gCards version 1.43 allows  ...)
 	NOT-FOR-US: gCards
-CVE-2005-3407
+CVE-2005-3407 (SQL injection vulnerability in phpESP 1.7.5 and earlier allows remote  ...)
 	NOT-FOR-US: phpESP
-CVE-2005-3406
+CVE-2005-3406 (Cross-site scripting (XSS) vulnerability in phpESP 1.7.5 and earlier a ...)
 	NOT-FOR-US: phpESP
-CVE-2005-3405
+CVE-2005-3405 (ATutor 1.4.1 through 1.5.1-pl1 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: ATutor
-CVE-2005-3404
+CVE-2005-3404 (Multiple PHP file inclusion vulnerabilities in ATutor 1.4.1 through 1. ...)
 	NOT-FOR-US: ATutor
-CVE-2005-3403
+CVE-2005-3403 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.1 th ...)
 	NOT-FOR-US: ATutor
-CVE-2005-3402
+CVE-2005-3402 (The SMTP client in Mozilla Thunderbird 1.0.5 BETA, 1.0.7, and possibly ...)
 	NOTE: That's a non-issue; only a feature request for an improvement in a corner case.
 	NOTE: If someone wants to use security-sensitive communication a TLS-secured server
 	NOTE: should be used.
-CVE-2005-3401
+CVE-2005-3401 (Multiple interpretation error in TheHacker 5.8.4.128 allows remote att ...)
 	NOT-FOR-US: TheHacker
-CVE-2005-3400
+CVE-2005-3400 (Multiple interpretation error in Fortinet 2.48.0.0 allows remote attac ...)
 	NOT-FOR-US: Fortinet
-CVE-2005-3399
+CVE-2005-3399 (Multiple interpretation error in CAT-QuickHeal 8.0 allows remote attac ...)
 	NOT-FOR-US: CAT-QuickHeal
-CVE-2005-3398
+CVE-2005-3398 (The default configuration of the web server for the Solaris Management ...)
 	NOT-FOR-US: Solaris Management Console
-CVE-2005-3397
+CVE-2005-3397 (Cross-site scripting (XSS) vulnerability in Comersus BackOffice allows ...)
 	NOT-FOR-US: Comersus BackOffice
-CVE-2005-3396
+CVE-2005-3396 (Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3,  ...)
 	NOT-FOR-US: AIX
-CVE-2005-3395
+CVE-2005-3395 (SQL injection vulnerability in Invision Gallery 2.0.3 allows remote at ...)
 	NOT-FOR-US: Invision Gallery
-CVE-2005-3394
+CVE-2005-3394 (Multiple SQL injection vulnerabilities in forum.php in oaboard forum 1 ...)
 	NOT-FOR-US: oaboard
-CVE-2005-3393
+CVE-2005-3393 (Format string vulnerability in the foreign_option function in options. ...)
 	{DSA-885-1}
 	- openvpn 2.0.5-1 (bug #336751; medium)
-CVE-2005-3392
+CVE-2005-3392 (Unspecified vulnerability in PHP before 4.4.1, when using the virtual  ...)
 	- php4 4:4.4.2-1 (bug #336645; bug #354681; low)
 	[sarge] - php4 <no-dsa> (Safe mode violations not supported)
 	- php5 5.1.1-1 (bug #336654; low)
 	NOTE: According to CVE, this is a safe mode violation,
 	NOTE: therefore low impact. (According to SuSE, it's an
 	NOTE: information leak.)
-CVE-2005-3391
+CVE-2005-3391 (Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to ...)
 	- php4 4:4.4.2-1 (bug #336645; bug #354678; low)
 	[sarge] - php4 <no-dsa> (Safe mode violations not supported)
 	- php5 5.1.1-1 (bug #336654; low)
 	NOTE: This is a safe mode violation, therefore low impact.
-CVE-2005-3390
+CVE-2005-3390 (The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5 ...)
 	- php4 4:4.4.2-1 (bug #336645; bug #354680; low)
 	- php5 5.1.1-1 (bug #336654; low)
 	[sarge] - php4 <no-dsa> (Operation with register_globals not supported)
 	NOTE: http://www.hardened-php.net/advisory_202005.79.html
 	NOTE: http://www.hardened-php.net/globals-problem
-CVE-2005-3389
+CVE-2005-3389 (The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, whe ...)
 	- php4 4:4.4.2-1 (bug #336645; bug #354690; low)
 	- php5 5.1.1-1 (bug #336654; low)
 	[sarge] - php4 <no-dsa> (application's job to sanitize input)
 	NOTE: http://www.hardened-php.net/advisory_192005.78.html
-CVE-2005-3388
+CVE-2005-3388 (Cross-site scripting (XSS) vulnerability in the phpinfo function in PH ...)
 	{CVE-2002-1954}
 	- php4 4:4.4.2-1 (bug #336645; low)
 	- php5 5.1.1-1 (bug #336654; low)
 	[sarge] - php4 <no-dsa> (not worth an update)
 	NOTE: http://www.hardened-php.net/advisory_182005.77.html
 	NOTE: fixed in CVS, estimated release of PHP5.1 to fix this issue
-CVE-2005-3387
+CVE-2005-3387 (The startup script in packages/RedHat/ntop.init in ntop before 3.2, wh ...)
 	- ntop <not-affected> (Red Hat specific packaging flaw)
-CVE-2005-3386
+CVE-2005-3386 (SQL injection vulnerability in Techno Dreams Web Directory script allo ...)
 	NOT-FOR-US: Techno Dreams scripts
-CVE-2005-3385
+CVE-2005-3385 (SQL injection vulnerability in Techno Dreams Mailing List script allow ...)
 	NOT-FOR-US: Techno Dreams scripts
-CVE-2005-3384
+CVE-2005-3384 (SQL injection vulnerability in Techno Dreams Guest Book script allows  ...)
 	NOT-FOR-US: Techno Dreams scripts
-CVE-2005-3383
+CVE-2005-3383 (SQL injection vulnerability in Techno Dreams Announcement script allow ...)
 	NOT-FOR-US: Techno Dreams scripts
-CVE-2005-3382
+CVE-2005-3382 (Multiple interpretation error in Sophos 3.91 with the 2.28.4 engine al ...)
 	NOT-FOR-US: Sophos
-CVE-2005-3381
+CVE-2005-3381 (Multiple interpretation error in Ukrainian National Antivirus (UNA) 1. ...)
 	NOT-FOR-US: Ukranian National Antivirus
-CVE-2005-3380
+CVE-2005-3380 (Multiple interpretation error in Panda Titanium 2005 4.02.01 allows re ...)
 	NOT-FOR-US: Panda Titanium
-CVE-2005-3379
+CVE-2005-3379 (Multiple interpretation error in Trend Micro (1) PC-Cillin 2005 12.0.1 ...)
 	NOT-FOR-US: Trend Micro
-CVE-2005-3378
+CVE-2005-3378 (Multiple interpretation error in Norman 5.81 with the 5.83.02 engine a ...)
 	NOT-FOR-US: Norman
-CVE-2005-3377
+CVE-2005-3377 (Multiple interpretation error in (1) McAfee Internet Security Suite 7. ...)
 	NOT-FOR-US: McAfee
-CVE-2005-3376
+CVE-2005-3376 (Multiple interpretation error in Kaspersky 5.0.372 allows remote attac ...)
 	NOT-FOR-US: Kaspersky
-CVE-2005-3375
+CVE-2005-3375 (Multiple interpretation error in Ikarus demo version allows remote att ...)
 	NOT-FOR-US: Ikarus
-CVE-2005-3374
+CVE-2005-3374 (Multiple interpretation error in F-Prot 3.16c allows remote attackers  ...)
 	NOT-FOR-US: F-Prot
-CVE-2005-3373
+CVE-2005-3373 (Multiple interpretation error in Dr.Web 4.32b allows remote attackers  ...)
 	NOT-FOR-US: Dr. Web
-CVE-2005-3372
+CVE-2005-3372 (Multiple interpretation error in eTrust CA 7.0.1.4 with the 11.9.1 eng ...)
 	NOT-FOR-US: eTrust
-CVE-2005-3371
+CVE-2005-3371 (Multiple interpretation error in AVG 7 7.0.323 allows remote attackers ...)
 	NOT-FOR-US: AVG
-CVE-2005-3370
+CVE-2005-3370 (Multiple interpretation error in ArcaVir 2005 package 2005-06-21 allow ...)
 	NOT-FOR-US: ArcaVir
-CVE-2005-3369
+CVE-2005-3369 (Multiple SQL injection vulnerabilities in the Info-DB module (info_db. ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2005-3368
+CVE-2005-3368 (Cross-site scripting (XSS) vulnerability in the Search_Enhanced module ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-3367
+CVE-2005-3367 (Cross-site scripting (XSS) vulnerability in journal.php in SparkleBlog ...)
 	NOT-FOR-US: SparkleBlog
-CVE-2005-3366
+CVE-2005-3366 (PHP file inclusion vulnerability in index.php in PHP iCalendar 2.0a2 t ...)
 	NOT-FOR-US: PHP iCalendar
-CVE-2005-3365
+CVE-2005-3365 (Multiple SQL injection vulnerabilities in DCP-Portal 6 and earlier all ...)
 	NOT-FOR-US: DCP-Portal
-CVE-2005-3364
+CVE-2005-3364 (Multiple SQL injection vulnerabilities in DboardGear allow remote atta ...)
 	NOT-FOR-US: DboardGear
-CVE-2005-3363
+CVE-2005-3363 (SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1  ...)
 	NOT-FOR-US: saphp Lesson
 CVE-2005-3362
 	REJECTED
-CVE-2005-3361
+CVE-2005-3361 (Cross-site scripting (XSS) vulnerability in forum/index.php in FlatNuk ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-3360
+CVE-2005-3360 (The installation of Trend Micro PC-Cillin Internet Security 2005 12.00 ...)
 	NOT-FOR-US: Trend Micro PC-Cillin Internet Security 2005
-CVE-2005-3359
+CVE-2005-3359 (The atm module in Linux kernel 2.6 before 2.6.14 allows local users to ...)
 	{DSA-1103}
 	- linux-2.6 2.6.14
-CVE-2005-3358
+CVE-2005-3358 (Linux kernel before 2.6.15 allows local users to cause a denial of ser ...)
 	{DSA-1017-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
-CVE-2005-3357
+CVE-2005-3357 (mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost  ...)
 	- apache2 2.0.55-4 (bug #351246; low)
 	[sarge] - apache2 2.0.54-5sarge2
-CVE-2005-3356
+CVE-2005-3356 (The mq_open system call in Linux kernel 2.6.9, in certain situations,  ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.15-4
-CVE-2005-3355
+CVE-2005-3355 (Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unkn ...)
 	{DSA-901-1}
 	- gnump3d 2.9.8-1
-CVE-2005-3354
+CVE-2005-3354 (Stack-based buffer overflow in the ldif_get_line function in ldif.c of ...)
 	{DSA-908-1 DSA-906-1}
 	- sylpheed 2.0.4-1 (bug #338434; medium)
 	- sylpheed-gtk1 1.0.6-1 (medium)
 	- sylpheed-claws 1.0.5-2 (bug #338436; medium)
 	- sylpheed-claws-gtk2 1.9.100-1 (bug #339529; medium)
-CVE-2005-3353
+CVE-2005-3353 (The exif_read_data function in the Exif module in PHP before 4.4.1 all ...)
 	{DSA-1206-1}
 	- php4 4:4.4.2-1 (bug #339577; medium)
 	- php5 5.1.1-1 (bug #336654; medium)
-CVE-2005-3352
+CVE-2005-3352 (Cross-site scripting (XSS) vulnerability in the mod_imap module of Apa ...)
 	{DSA-1167-1}
 	- apache 1.3.34-2 (bug #343466; low)
 	- apache2 2.0.55-4 (bug #343467; bug #349793; low)
 	[sarge] - apache2 2.0.54-5sarge2
 	NOTE: Version(s): prior to 1.3.35-dev, 2.0.56-dev are affected
 	NOTE: Means oldstable and stable are affected
-CVE-2005-3351
+CVE-2005-3351 (SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e- ...)
 	- spamassassin 3.1.0a-1 (bug #339526; low)
 	[sarge] - spamassassin <no-dsa> (DoS affects only a single message)
 	[woody] - spamassassin <no-dsa> (DoS affects only a single message)
-CVE-2005-3350
+CVE-2005-3350 (libungif library before 4.1.0 allows attackers to corrupt memory and p ...)
 	{DSA-890-1}
 	- libungif4 4.1.3-4 (bug #337972; high)
 	- giflib 4.1.4-1 (bug #395382)
-CVE-2005-3349
+CVE-2005-3349 (GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitr ...)
 	{DSA-901-1}
 	- gnump3d 2.9.8-1
-CVE-2005-3348
+CVE-2005-3348 (HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 a ...)
 	{DSA-899-1 DSA-898-1 DSA-897-1}
 	- phpsysinfo 2.3-7 (bug #339079)
 	- egroupware 1.0.0.009.dfsg-3-3
 	- phpgroupware 0.9.16.008-2
-CVE-2005-3347
+CVE-2005-3347 (Multiple directory traversal vulnerabilities in index.php in phpSysInf ...)
 	{DSA-899-1 DSA-898-1 DSA-897-1}
 	- phpsysinfo 2.3-7 (bug #339079)
 	- egroupware 1.0.0.009.dfsg-3-3
 	- phpgroupware 0.9.16.008-2
-CVE-2005-3346
+CVE-2005-3346 (Buffer overflow in the environment variable substitution code in main. ...)
 	{DSA-918-1}
 	- osh 1.7-15 (bug #338312; bug #323424; bug #323482; bug #311369; medium)
-CVE-2005-3345
+CVE-2005-3345 (rssh 2.0.0 through 2.2.3 allows local users to bypass access restricti ...)
 	- rssh 2.3.0-1 (bug #344395; bug #344424)
 	[sarge] - rssh 2.2.3-1.sarge.1
 	NOTE: Update was introduced through s-p-u, not a DSA
-CVE-2005-3344
+CVE-2005-3344 (The default installation of Horde 3.0.4 contains an administrative acc ...)
 	{DSA-884-1}
 	- horde3 3.0.5-2 (bug #332290; bug #332289; medium)
-CVE-2005-3343
+CVE-2005-3343 (tkdiff before 4.1.1 allows local users to overwrite arbitrary files vi ...)
 	{DSA-927-1}
 	- tkdiff 1:4.0.2-2 (low)
-CVE-2005-3342
+CVE-2005-3342 (noweb 2.10c and earlier allows local users to overwrite arbitrary file ...)
 	{DSA-968-1}
 	- noweb 2.10c-3.2 (low)
-CVE-2005-3340
+CVE-2005-3340 (The tuxpaint-import.sh script in Tux Paint (tuxpaint) 0.9.14 and earli ...)
 	{DSA-941-1}
 	- tuxpaint 1:0.9.15b-1 (low)
 CVE-2005-XXXX [ntop format string vulnerability]
 	- ntop 3:4.0.3+dfsg1-1 (bug #335996; unimportant)
 	NOTE: Not exploitable
-CVE-2005-3341
+CVE-2005-3341 (DHIS tools DNS package (dhis-tools-dns) before 5.0 allows local users  ...)
 	{DSA-928-1}
 	- dhis-tools-dns 5.0-5
-CVE-2005-3339
+CVE-2005-3339 (Mantis before 0.19.3 caches the User ID longer than necessary, which h ...)
 	{DSA-905-1}
 	- mantis 0.19.3-0.1 (bug #330682)
-CVE-2005-3338
+CVE-2005-3338 (Unspecified vulnerability in Mantis before 0.19.3, when using reminder ...)
 	{DSA-905-1}
 	- mantis 0.19.3-0.1 (bug #330682; low)
-CVE-2005-3337
+CVE-2005-3337 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis before 0 ...)
 	NOTE: This is a duplicate of CVE-2005-3091 (first issue) and CVE-2005-2557 (second
 	NOTE: issue). This will be rejected.
-CVE-2005-3336
+CVE-2005-3336 (SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remot ...)
 	{DSA-905-1}
 	- mantis 0.19.3-0.1 (high)
-CVE-2005-3335
+CVE-2005-3335 (PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php  ...)
 	{DSA-905-1}
 	- mantis 0.19.3-0.1 (bug #335938; medium)
-CVE-2005-3334
+CVE-2005-3334 (Cross-site scripting (XSS) vulnerability in index.php in Flyspray 0.9. ...)
 	{DSA-953-1}
 	- flyspray 0.9.8-4 (bug #335997; low)
 	NOTE: Sarge is confirmed vulnerable
-CVE-2005-3333
+CVE-2005-3333 (SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to ...)
 	NOT-FOR-US: eBASEweb
-CVE-2005-3332
+CVE-2005-3332 (PHP remote file include vulnerability in admin/define.inc.php in Belch ...)
 	NOT-FOR-US: Belchior Foundry vCard
-CVE-2005-3331
+CVE-2005-3331 (viewpatch in mgdiff 1.0 allows local users to overwrite arbitrary file ...)
 	- mgdiff 1.0-28 (bug #335188; unimportant)
-CVE-2005-3330
+CVE-2005-3330 (The _httpsrequest function in Snoopy 1.2, as used in products such as  ...)
 	- wordpress <not-affected> (bug #335817; unimportant)
 	NOTE: Upstream claims the modified Snoopy class is secure
-CVE-2005-3329
+CVE-2005-3329 (Cross-site scripting (XSS) vulnerability in RSA Authentication Agent f ...)
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2005-3328
+CVE-2005-3328 (PHP remote file inclusion vulnerability in common.php in PunBB 1.1.2 t ...)
 	NOT-FOR-US: PunBB
-CVE-2005-3327
+CVE-2005-3327 (Network Appliance Data ONTAP 7.0 and earlier allows iSCSI Initiators t ...)
 	NOT-FOR-US: Data ONTAP
-CVE-2005-3326
+CVE-2005-3326 (SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) al ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-3325
+CVE-2005-3325 (Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Ana ...)
 	{DSA-893-1}
 	- acidbase 1.2.1-1 (bug #335998; bug #336788; medium)
 	NOTE: the fix from 1.2-2 did not address the problem fully
 	- acidlab 0.9.6b20-13
-CVE-2005-3324
+CVE-2005-3324 (SQL injection vulnerability in chat.php in MWChat 6.8 allows remote at ...)
 	NOT-FOR-US: MWChat
-CVE-2005-3323
+CVE-2005-3323 (docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows re ...)
 	{DSA-910-1}
 	- zope2.8 2.8.1-7 (bug #334055; bug #334054; high)
 	- zope2.7 2.7.8-1 (bug #334055; bug #334054; high)
-CVE-2005-3322
+CVE-2005-3322 (Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote att ...)
 	- squid <not-affected>
 	NOTE: see bug #334882 for details
-CVE-2005-3321
+CVE-2005-3321 (chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify pe ...)
 	NOT-FOR-US: SuSE-specific tool
-CVE-2005-3320
+CVE-2005-3320 (Cross-site scripting (XSS) vulnerability in SiteTurn Domain Manager Pr ...)
 	NOT-FOR-US: SiteTurn Domain Manager
-CVE-2005-3319
+CVE-2005-3319 (The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php ...)
 	- php4 4:4.4.2-1 (bug #336004; bug #354684; low)
 	- php5 5.1.1-1 (bug #336005; low)
 	[sarge] - php4 <not-affected>
 	NOTE: can't reproduce, error may not be present in 4.3.
 	NOTE: tentatively marking as not-affected in sarge.
-CVE-2005-3318
+CVE-2005-3318 (Buffer overflow in the _chm_decompress_block function in CHM lib (chml ...)
 	{DSA-886-1}
 	- chmlib 0.37-1 (bug #335931; medium)
-CVE-2005-3317
+CVE-2005-3317 (Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and 6.0.2 ...)
 	NOT-FOR-US: ZipGenius
-CVE-2005-3316
+CVE-2005-3316 (The installation of ON Symantec Discovery 4.5.x and Symantec Discovery ...)
 	NOT-FOR-US: Symantec Discovery
-CVE-2005-3315
+CVE-2005-3315 (Multiple SQL injection vulnerabilities in Novell ZENworks Patch Manage ...)
 	NOT-FOR-US: Novell ZENworks
-CVE-2005-3314
+CVE-2005-3314 (Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 ...)
 	NOT-FOR-US: Novell Netmail
-CVE-2005-3313
+CVE-2005-3313 (The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ...)
 	[woody] - ethereal <not-affected> (Only affects version 0.10.13)
 	[sarge] - ethereal <not-affected> (Only affects version 0.10.13)
 	- ethereal 0.10.14-1 (medium)
-CVE-2005-3312
+CVE-2005-3312 (The HTML rendering engine in Microsoft Internet Explorer 6.0 allows re ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3311
+CVE-2005-3311 (BMC Software Control-M 6.1.03 for Solaris, and possibly other platform ...)
 	NOT-FOR-US: BMC Software Control-M
-CVE-2005-3310
+CVE-2005-3310 (Interpretation conflict in phpBB 2.0.17, with remote avatars and avata ...)
 	{DSA-925-1}
 	- phpbb2 2.0.18-1 (bug #335662; low)
-CVE-2005-3309
+CVE-2005-3309 (Multiple SQL injection vulnerabilities in Zomplog 3.4 allow remote att ...)
 	NOT-FOR-US: Zomplog
-CVE-2005-3308
+CVE-2005-3308 (Multiple cross-site scripting (XSS) vulnerabilities in Zomplog 3.4 all ...)
 	NOT-FOR-US: Zomplog
-CVE-2005-3307
+CVE-2005-3307 (Directory traversal vulnerability in index.php for FlatNuke 2.5.6 allo ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-3306
+CVE-2005-3306 (Cross-site scripting (XSS) vulnerability in index.php for FlatNuke 2.5 ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-3305
+CVE-2005-3305 (Multiple SQL injection vulnerabilities in Nuked Klan 1.7 allow remote  ...)
 	NOT-FOR-US: Nuked Klan
-CVE-2005-3304
+CVE-2005-3304 (Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote at ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-3303
+CVE-2005-3303 (The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87  ...)
 	{DSA-887-1 DTSA-21-1}
 	- clamav 0.87.1-1 (high)
 CVE-2005-XXXX [kernel: Signedness problems in net/core/filter]
@@ -3664,61 +3664,61 @@ CVE-2005-XXXX [kernel: Signedness problems in net/core/filter]
 CVE-2005-XXXX [Insecure temp file usage in thttpd's syslogtocern]
 	- thttpd 2.23beta1-4 (low)
 	[sarge] - thttpd <no-dsa> (Minor issue in addon package)
-CVE-2005-3301
+CVE-2005-3301 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...)
 	{DSA-880-1}
 	- phpmyadmin 4:2.6.4-pl3-1 (bug #335513; medium)
-CVE-2005-3300
+CVE-2005-3300 (The register_globals emulation layer in grab_globals.php for phpMyAdmi ...)
 	{DSA-880-1}
 	- phpmyadmin 4:2.6.4-pl3-1 (bug #335306; high)
-CVE-2005-3299
+CVE-2005-3299 (PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin ...)
 	[sarge] - phpmyadmin <not-affected> (Not affected according to maintainer; #333433)
 	- phpmyadmin 4:2.6.4-pl2-1 (bug #333433; high)
-CVE-2005-3298
+CVE-2005-3298 (Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote att ...)
 	NOT-FOR-US: OpenWBEM
-CVE-2005-3297
+CVE-2005-3297 (Multiple integer overflows in OpenWBEM on SuSE Linux 9 allow remote at ...)
 	NOT-FOR-US: OpenWBEM
-CVE-2005-3296
+CVE-2005-3296 (The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote att ...)
 	NOT-FOR-US: HP-UX
-CVE-2005-3295
+CVE-2005-3295 (Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows ...)
 	NOT-FOR-US: HP-UX
-CVE-2005-3294
+CVE-2005-3294 (Typsoft FTP Server 1.11, with "Sub Directory Include" enabled, allows  ...)
 	NOT-FOR-US: Typsoft FTP Server
-CVE-2005-3293
+CVE-2005-3293 (Xerver 4.17 allows remote attackers to (1) obtain source code of scrip ...)
 	NOT-FOR-US: Xerver
-CVE-2005-3292
+CVE-2005-3292 (Multiple cross-site scripting (XSS) vulnerabilities in Xeobook 0.93 al ...)
 	NOT-FOR-US: Xeobook
-CVE-2005-3291
+CVE-2005-3291 (Stani's Python Editor (SPE) 0.7.5 is installed with world-writable per ...)
 	- spe <not-affected> (Gentoo-specific packaging flaw)
-CVE-2005-3290
+CVE-2005-3290 (SQL injection vulnerability in Accelerated Mortgage Manager allows rem ...)
 	NOT-FOR-US: Accelerated Mortgage manager
-CVE-2005-3289
+CVE-2005-3289 (LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, ...)
 	NOT-FOR-US: AIX
-CVE-2005-3288
+CVE-2005-3288 (Mailsite Express allows remote attackers to upload and execute files w ...)
 	NOT-FOR-US: Mailsite Express
-CVE-2005-3287
+CVE-2005-3287 (Incomplete blacklist vulnerability in Mailsite Express allows remote a ...)
 	NOT-FOR-US: Mailsite Express
-CVE-2005-3286
+CVE-2005-3286 (The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1. ...)
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2005-3285
+CVE-2005-3285 (Cross-site scripting (XSS) vulnerability in comersus_backoffice_search ...)
 	NOT-FOR-US: Comersus Backoffice Plus
-CVE-2005-3284
+CVE-2005-3284 (Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0 ...)
 	NOT-FOR-US: AhnLab
-CVE-2005-3283
+CVE-2005-3283 (Cross-site scripting (XSS) vulnerability in TikiWiki before 1.9.1.1 al ...)
 	NOT-FOR-US: TikiWiki
-CVE-2005-3282
+CVE-2005-3282 (Splatt Forum 3.0 to 3.2 allows remote attackers to bypass authenticati ...)
 	NOT-FOR-US: Splatt Forum
-CVE-2005-3281
+CVE-2005-3281 (Directory traversal vulnerability in NukeFixes 3.1 for PHP-Nuke 7.8 al ...)
 	NOT-FOR-US: PHP-Nuke addon
-CVE-2005-3280
+CVE-2005-3280 (Paros 3.2.5 uses a default password for the "sa" account in the underl ...)
 	NOT-FOR-US: Paros
-CVE-2005-3279
+CVE-2005-3279 (Stack-based buffer overflow in the vgasco_printf function in Jan Kybic ...)
 	- bmv 1.2-18 (bug #335497; unimportant)
 	NOTE: Vulnerable code not activated in binary package
-CVE-2005-3278
+CVE-2005-3278 (Integer overflow in the openpsfile function in gsinterf.c for Jan Kybi ...)
 	{DSA-981-1}
 	- bmv 1.2-18 (bug #335497; medium)
 	NOTE: Sarge and Woody are affected (and the patch applied to fix this in unstable works on both of them, an easy DSA)
-CVE-2005-3277
+CVE-2005-3277 (The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote a ...)
 	NOT-FOR-US: HP-UX
 CVE-2005-XXXX [adduser's deluser creates backup files with world readable permissions]
 	- adduser 3.77 (bug #331720; low)
@@ -3726,209 +3726,209 @@ CVE-2005-XXXX [adduser's deluser creates backup files with world readable permis
 CVE-2005-XXXX [Pavuk Digest Authentication Buffer Overflow]
 	- pavuk 0.9.33-1 (bug #264684; high)
 	NOTE: second hole mentioned in bug report
-CVE-2005-3751
+CVE-2005-3751 (HTTP request smuggling vulnerability in Pound before 1.9.4 allows remo ...)
 	{DSA-934-1}
 	- pound 1.9.4-1 (low)
 	NOTE: see http://www.apsis.ch/pound/pound_list/archive/2005/2005-10/1129827166000/index_html?fullMode=1#1129827166000
-CVE-2005-3276
+CVE-2005-3276 (The sys_get_thread_area function in process.c in Linux 2.6 before 2.6. ...)
 	{DSA-922-1}
 	- linux-2.6 2.6.12-2
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3275
+CVE-2005-3275 (The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linu ...)
 	{DSA-922-1 DSA-921-1}
 	- linux-2.6 2.6.13-1 (low)
 	- kernel-source-2.4.27 2.4.27-11 (low)
-CVE-2005-3274
+CVE-2005-3274 (Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4  ...)
 	{DSA-922-1}
 	- linux-2.6 2.6.13-1 (low)
-CVE-2005-3273
+CVE-2005-3273 (The rose_rt_ioctl function in rose_route.c for Radionet Open Source En ...)
 	{DSA-922-1}
 	- linux-2.6 2.6.12-1
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3272
+CVE-2005-3272 (Linux kernel before 2.6.12 allows remote attackers to poison the bridg ...)
 	{DSA-922-1}
 	- linux-2.6 2.6.12-1
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3271
+CVE-2005-3271 (Exec in Linux kernel 2.6 does not properly clear posix-timers in multi ...)
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.9)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3270
+CVE-2005-3270 (Untrusted search path vulnerability in DiskMountNotify for Symantec No ...)
 	NOT-FOR-US: Symantec Antivirus
-CVE-2005-3269
+CVE-2005-3269 (Stack-based buffer overflow in help.cgi in the HTTP administrative int ...)
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2005-3268
+CVE-2005-3268 (yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and  ...)
 	- yiff 2.14.2-8 (bug #334616; low)
 	[sarge] - yiff <no-dsa> (Only a minor privacy leak)
-CVE-2005-3267
+CVE-2005-3267 (Integer overflow in Skype client before 1.4.x.84 on Windows, before 1. ...)
 	NOT-FOR-US: Skype
 CVE-2005-3266
 	REJECTED
-CVE-2005-3265
+CVE-2005-3265 (Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows r ...)
 	NOT-FOR-US: Skype
-CVE-2005-3264
+CVE-2005-3264 (Cross-site scripting (XSS) vulnerability in thread.php for Zeroblog 1. ...)
 	NOT-FOR-US: Zeroblog
-CVE-2005-3263
+CVE-2005-3263 (Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 thro ...)
 	NOT-FOR-US: WinRAR
-CVE-2005-3262
+CVE-2005-3262 (Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows  ...)
 	NOT-FOR-US: WinRAR
-CVE-2005-3261
+CVE-2005-3261 (getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the ve ...)
 	NOT-FOR-US: versatileBulletinBoard
-CVE-2005-3260
+CVE-2005-3260 (Multiple cross-site scripting (XSS) vulnerabilities in versatileBullet ...)
 	NOT-FOR-US: versatileBulletinBoard
-CVE-2005-3259
+CVE-2005-3259 (Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) ...)
 	NOT-FOR-US: versatileBulletinBoard
-CVE-2005-3258
+CVE-2005-3258 (The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and ear ...)
 	- squid <not-affected> (bug #334882; medium)
 	NOTE: Bug was introduced in a patch to squid-2.5.STABLE10,
 	NOTE: this patch was never applied to the Debian package.
-CVE-2005-3256
+CVE-2005-3256 (The key selection dialogue in Enigmail before 0.92.1 can incorrectly s ...)
 	{DSA-889-1}
 	- enigmail 2:0.93-1 (bug #335731; medium)
-CVE-2005-3253
+CVE-2005-3253 (Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5 ...)
 	NOT-FOR-US: Avaya Wireless Access Points
-CVE-2005-3252
+CVE-2005-3252 (Stack-based buffer overflow in the Back Orifice (BO) preprocessor for  ...)
 	- snort <not-affected> (Vulnerable code was introduced later, see bug #334606)
-CVE-2005-3251
+CVE-2005-3251 (Directory traversal vulnerability in the gallery script in Gallery 2.0 ...)
 	- gallery2 2.0.1-1 (medium)
-CVE-2005-3250
+CVE-2005-3250 (Unknown vulnerability in Solaris 10 allows local users to cause a deni ...)
 	NOT-FOR-US: Solaris
-CVE-2005-3249
+CVE-2005-3249 (Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to 0 ...)
 	{DSA-1171}
 	[woody] - ethereal <not-affected> (This only affects Ethereal 0.10.1 to 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: Sarge is vulnerable
-CVE-2005-3248
+CVE-2005-3248 (Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ...)
 	{DSA-1171}
 	[woody] - ethereal <not-affected> (This only affects Ethereal 0.10.1 to 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: Sarge is vulnerable
-CVE-2005-3247
+CVE-2005-3247 (The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause  ...)
 	[woody] - ethereal <not-affected> (This only affects Ethereal 0.10.12)
 	[sarge] - ethereal <not-affected> (This only affects Ethereal 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
-CVE-2005-3246
+CVE-2005-3246 (Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ...)
 	{DSA-1171}
 	[woody] - ethereal <not-affected> (This only affects Ethereal 0.9.14 to 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: Sarge is vulnerable
-CVE-2005-3245
+CVE-2005-3245 (Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3  ...)
 	- ethereal 0.10.13-1 (bug #334880; medium)
-CVE-2005-3244
+CVE-2005-3244 (The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attacker ...)
 	{DSA-1171}
 	[woody] - ethereal <not-affected> (This only affects Ethereal 0.10.3 to 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: Sarge is vulnerable
-CVE-2005-3243
+CVE-2005-3243 (Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow  ...)
 	{DSA-1171}
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: The SLIMP3 issue affects Woody/Sarge, the AgentX issue only Sarge
-CVE-2005-3242
+CVE-2005-3242 (Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ...)
 	{DSA-1171}
 	[woody] - ethereal <not-affected> (This only affects Ethereal 0.9.7 to 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: Sarge is vulnerable
-CVE-2005-3241
+CVE-2005-3241 (Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote  ...)
 	{DSA-1171}
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: The ISAKMP issue only affects sid, the other three Woody and Sarge
-CVE-2005-3240
+CVE-2005-3240 (Race condition in Microsoft Internet Explorer allows user-assisted att ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2005-3238
+CVE-2005-3238 (Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option  ...)
 	NOT-FOR-US: Solaris
-CVE-2005-3257
+CVE-2005-3257 (The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibl ...)
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.14-4 (bug #334113; medium)
-CVE-2005-3237
+CVE-2005-3237 (Cross-site scripting (XSS) vulnerability in Cyphor 0.19 allows remote  ...)
 	NOT-FOR-US: Cyphor
-CVE-2005-3236
+CVE-2005-3236 (Multiple SQL injection vulnerabilities in Cyphor 0.19 allow remote att ...)
 	NOT-FOR-US: Cyphor
-CVE-2005-3235
+CVE-2005-3235 (Multiple interpretation error in unspecified versions of Proland Prote ...)
 	NOT-FOR-US: Proland Protector Plus
-CVE-2005-3234
+CVE-2005-3234 (Multiple interpretation error in unspecified versions of Grisoft AVG A ...)
 	NOT-FOR-US: Grisoft AVG Antivirus
-CVE-2005-3233
+CVE-2005-3233 (Multiple interpretation error in unspecified versions of Trustix Antiv ...)
 	NOT-FOR-US: Trustix Antivirus
-CVE-2005-3232
+CVE-2005-3232 (Multiple interpretation error in unspecified versions of TheHacker all ...)
 	NOT-FOR-US: TheHacker
-CVE-2005-3231
+CVE-2005-3231 (Multiple interpretation error in unspecified versions of CAT Quick Hea ...)
 	NOT-FOR-US: CAT Quick Heal
-CVE-2005-3230
+CVE-2005-3230 (Multiple interpretation error in unspecified versions of Panda Antivir ...)
 	NOT-FOR-US: Panda Antivirus
-CVE-2005-3229
+CVE-2005-3229 (Multiple interpretation error in unspecified versions of ClamAV Antivi ...)
 	- clamav <not-affected> (predates any supported Debian release)
 	NOTE: Should rather be fixed in the buggy (fringe, proprietary) RAR unpackers
-CVE-2005-3228
+CVE-2005-3228 (Multiple interpretation error in unspecified versions of Ikarus AntiVi ...)
 	NOT-FOR-US: Ikarus Antivirus
-CVE-2005-3227
+CVE-2005-3227 (Multiple interpretation error in unspecified versions of UNA Antivirus ...)
 	NOT-FOR-US: UNA Antivirus
-CVE-2005-3226
+CVE-2005-3226 (Multiple interpretation error in unspecified versions of ArcaVir Antiv ...)
 	NOT-FOR-US: ArcaVir
-CVE-2005-3225
+CVE-2005-3225 (Multiple interpretation error in unspecified versions of (1) eTrust-Ir ...)
 	NOT-FOR-US: eTrust Antivirus
-CVE-2005-3224
+CVE-2005-3224 (Multiple interpretation error in unspecified versions of AntiVir Antiv ...)
 	NOT-FOR-US: AntiVir
-CVE-2005-3223
+CVE-2005-3223 (Multiple interpretation error in unspecified versions of Rising Antivi ...)
 	NOT-FOR-US: Rising Antivirus
-CVE-2005-3222
+CVE-2005-3222 (Multiple interpretation error in unspecified versions of VBA32 Antivir ...)
 	NOT-FOR-US: VBA32 Antivirus
-CVE-2005-3221
+CVE-2005-3221 (Multiple interpretation error in unspecified versions of Fortinet Anti ...)
 	NOT-FOR-US: Fortinet Antivirus
-CVE-2005-3220
+CVE-2005-3220 (Multiple interpretation error in unspecified versions of Norman Virus  ...)
 	NOT-FOR-US: Norman Antivirus
-CVE-2005-3219
+CVE-2005-3219 (Multiple interpretation error in unspecified versions of Avira Antivir ...)
 	NOT-FOR-US: Avira Antivirus
-CVE-2005-3218
+CVE-2005-3218 (Multiple interpretation error in unspecified versions of Dr.Web Antivi ...)
 	NOT-FOR-US: Dr. Web Antivirus
-CVE-2005-3217
+CVE-2005-3217 (Multiple interpretation error in unspecified versions of Symantec Anti ...)
 	NOT-FOR-US: Symantec Antivirus
-CVE-2005-3216
+CVE-2005-3216 (Multiple interpretation error in unspecified versions of Sophos Antivi ...)
 	NOT-FOR-US: Sophos Antivirus
-CVE-2005-3215
+CVE-2005-3215 (Multiple interpretation error in unspecified versions of McAfee Antivi ...)
 	NOT-FOR-US: McAfee Antivirus
-CVE-2005-3214
+CVE-2005-3214 (Multiple interpretation error in unspecified versions of Avast Antivir ...)
 	NOT-FOR-US: Avast Antovirus
-CVE-2005-3213
+CVE-2005-3213 (Multiple interpretation error in unspecified versions of F-Prot Antivi ...)
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2005-3212
+CVE-2005-3212 (Multiple interpretation error in unspecified versions of NOD32 Antivir ...)
 	NOT-FOR-US: NOD32 Antivirus
-CVE-2005-3211
+CVE-2005-3211 (Multiple interpretation error in unspecified versions of BitDefender A ...)
 	NOT-FOR-US: BitDefender Antivirus
-CVE-2005-3210
+CVE-2005-3210 (Multiple interpretation error in unspecified versions of Kaspersky Ant ...)
 	NOT-FOR-US: Kaspersky Antivirus
-CVE-2005-3209
+CVE-2005-3209 (Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store p ...)
 	NOT-FOR-US: aeNovo apps
-CVE-2005-3208
+CVE-2005-3208 (Multiple SQL injection vulnerabilities in (1) aeNovo, (2) aeNovoShop a ...)
 	NOT-FOR-US: aeNovo apps
-CVE-2005-3207
+CVE-2005-3207 (The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3206
+CVE-2005-3206 (iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 9.0.2.4 al ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3205
+CVE-2005-3205 (Cross-site scripting (XSS) vulnerability in iSQL*Plus (iSQLPlus) in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3204
+CVE-2005-3204 (Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3203
+CVE-2005-3203 (The manual installation of Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 s ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3202
+CVE-2005-3202 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-3201
+CVE-2005-3201 (SQL injection vulnerability in news.php for Utopia News Pro (UNP) 1.1. ...)
 	NOT-FOR-US: Utopia News Pro
-CVE-2005-3200
+CVE-2005-3200 (Multiple cross-site scripting (XSS) vulnerabilities in Utopia News Pro ...)
 	NOT-FOR-US: Utopia News Pro
-CVE-2005-3199
+CVE-2005-3199 (Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ ...)
 	NOT-FOR-US: aspReady
-CVE-2005-3198
+CVE-2005-3198 (Webroot Desktop Firewall before 1.3.0build52 allows local users to dis ...)
 	NOT-FOR-US: Webroot Desktop Firewall
-CVE-2005-3197
+CVE-2005-3197 (Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Fire ...)
 	NOT-FOR-US: Webroot Desktop Firewall
-CVE-2005-3196
+CVE-2005-3196 (Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a defau ...)
 	NOT-FOR-US: Planet Technology switch
 CVE-2005-3195
 	REJECTED
-CVE-2005-3194
+CVE-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), ...)
 	NOT-FOR-US: ALZip
-CVE-2005-3193
+CVE-2005-3193 (Heap-based buffer overflow in the JPXStream::readCodestream function i ...)
 	{DSA-984-1 DSA-982-1 DSA-979-1 DSA-961-1 DSA-950-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1}
 	- xpdf 3.01-3 (bug #342281; bug #342337; medium)
 	- gpdf 2.10.0-1 (bug #342286; medium)
@@ -3942,7 +3942,7 @@ CVE-2005-3193
 	- cupsys 1.1.23-13 (unimportant)
 	- cups 1.1.23-13 (unimportant)
 	- pdfkit.framework 0.8-4
-CVE-2005-3192
+CVE-2005-3192 (Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.0 ...)
 	{DSA-1019-1 DSA-983-1 DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
 	- xpdf 3.01-3 (bug #342281; bug #342337; medium)
 	- gpdf 2.10.0-1 (bug #342286; medium)
@@ -3957,7 +3957,7 @@ CVE-2005-3192
 	- cupsys 1.1.23-13 (unimportant)
 	- cups 1.1.23-13 (unimportant)
 	- pdfkit.framework 0.8-4
-CVE-2005-3191
+CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) DCTStream::readProgres ...)
 	{DSA-984-1 DSA-983-1 DSA-982-1 DSA-979-1 DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
 	- xpdf 3.01-3 (bug #342281; bug #342337; medium)
 	- gpdf 2.10.0-1 (bug #342286; medium)
@@ -3971,40 +3971,40 @@ CVE-2005-3191
 	- libextractor 0.5.8-1 (medium)
 	- cups 1.1.23-13 (unimportant)
 	- cupsys 1.1.23-13 (unimportant)
-CVE-2005-3190
+CVE-2005-3190 (Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 befor ...)
 	NOT-FOR-US: iGateway
-CVE-2005-3189
+CVE-2005-3189 (Directory traversal vulnerability in Qualcomm WorldMail IMAP Server al ...)
 	NOT-FOR-US: Qualcomm WorldMail IMAP Server
-CVE-2005-3188
+CVE-2005-3188 (Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to ex ...)
 	NOT-FOR-US: Winamp
-CVE-2005-3187
+CVE-2005-3187 (The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a al ...)
 	NOT-FOR-US: WinProxy
-CVE-2005-3186
+CVE-2005-3186 (Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in ...)
 	{DSA-913-1 DSA-911-1}
 	- gtk+2.0 2.6.10-2 (bug #339431; medium)
 	- gdk-pixbuf 0.22.0-11 (bug #339431; bug #339458; medium)
-CVE-2005-3184
+CVE-2005-3184 (Buffer overflow vulnerability in the unicode_to_bytes in the Service L ...)
 	[woody] - ethereal <not-affected> (Affects only Ethereal 0.10.10 to 0.10.12)
 	- ethereal 0.10.13-1 (bug #334880; medium)
 	NOTE: Sarge is vulnerable
-CVE-2005-3183
+CVE-2005-3183 (The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-lib ...)
 	- w3c-libwww 5.4.0-11 (bug #334443; low)
 	[sarge] - w3c-libwww <no-dsa> (Minor DoS)
-CVE-2005-3182
+CVE-2005-3182 (Buffer overflow in the HTTP management interface for GFI MailSecurity  ...)
 	NOT-FOR-US: GFI MailSecurity
 CVE-2005-XXXX [xscreensaver does not maintain screen locks during upgrade]
 	- xscreensaver 4.23-2 (bug #334193; low)
 	[sarge] - xscreensaver <no-dsa> (Unproblematic for users running stable)
-CVE-2005-3185
+CVE-2005-3185 (Stack-based buffer overflow in the ntlm_output function in http-ntlm.c ...)
 	{DSA-919-2}
 	- wget 1.10.2-1 (medium)
 	[sarge] - wget <not-affected> (Does not contain NTML authentication code)
 	[woody] - wget <not-affected> (Does not contain NTML authentication code)
 	- curl 7.15.0-1 (bug #333734; medium)
-CVE-2005-3239
+CVE-2005-3239 (The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows re ...)
 	{DSA-887-1 DTSA-21-1}
 	- clamav 0.87.1-1 (bug #333566; medium)
-CVE-2005-3181
+CVE-2005-3181 (The audit system in Linux kernel 2.6.6, and other versions before 2.6. ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.13+2.6.14-rc4-0experimental1 (low)
 	- kernel-source-2.4.27 <not-affected> (2.4 kernels don't have CONFIG_AUDITSYSCALL)
@@ -4012,192 +4012,192 @@ CVE-2005-XXXX [Missing safemode checks in PHP's _php_image_output functions]
 	- php5 5.0.5-2 (unimportant)
 	- php4 4:4.4.0-3 (unimportant)
 	NOTE: Safe mode violations not supported
-CVE-2005-3180
+CVE-2005-3180 (The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (medium)
-CVE-2005-3119
+CVE-2005-3119 (Memory leak in the request_key_auth_destroy function in request_key_au ...)
 	- linux-2.6 2.6.13-2 (low)
 	- kernel-source-2.4.27 <not-affected>
 	NOTE: 2.6.12 itself not affected, fixed in SVN
-CVE-2005-3179
+CVE-2005-3179 (drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs w ...)
 	- linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (medium)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3178
+CVE-2005-3178 (Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow us ...)
 	{DSA-859-1 DSA-858-1}
 	- xloadimage 4.1-15 (bug #332524; medium)
 	- xli 1.17.0-20 (medium)
 	NOTE: xli couldn't load the provided test images when I checked?
-CVE-2005-3302
+CVE-2005-3302 (Eval injection vulnerability in bvh_import.py in Blender 2.36 allows a ...)
 	{DSA-1039-1}
 	- blender 2.37a-1 (bug #330895; medium)
 	[woody] - blender <not-affected> (Woody's blender does not contain the bvh_import.py script)
-CVE-2005-3177
+CVE-2005-3177 (CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3176
+CVE-2005-3176 (Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3175
+CVE-2005-3175 (Microsoft Windows 2000 before Update Rollup 1 for SP4 allows a local a ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3174
+CVE-2005-3174 (Microsoft Windows 2000 before Update Rollup 1 for SP4 allows users to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3173
+CVE-2005-3173 (Microsoft Windows 2000 before Update Rollup 1 for SP4 does not apply g ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3172
+CVE-2005-3172 (The WideCharToMultiByte function in Microsoft Windows 2000 before Upda ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3171
+CVE-2005-3171 (Microsoft Windows 2000 before Update Rollup 1 for SP4 records Event ID ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3170
+CVE-2005-3170 (The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for S ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3169
+CVE-2005-3169 (Microsoft Windows 2000 before Update Rollup 1 for SP4, when the "audit ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3168
+CVE-2005-3168 (The SECEDIT command on Microsoft Windows 2000 before Update Rollup 1 f ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3167
+CVE-2005-3167 (Incomplete blacklist vulnerability in MediaWiki before 1.4.11 does not ...)
 	- mediawiki 1.4.11-1 (bug #332408; medium)
-CVE-2005-3166
+CVE-2005-3166 (Unspecified vulnerability in "edit submission handling" for MediaWiki  ...)
 	- mediawiki 1.4.11-1 (bug #332408)
-CVE-2005-3165
+CVE-2005-3165 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki befor ...)
 	- mediawiki 1.4.9
-CVE-2005-3164
+CVE-2005-3164 (The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 throu ...)
 	NOT-FOR-US: Hitachi Cosminexus Application Server
-CVE-2005-3163
+CVE-2005-3163 (Unspecified vulnerability in Polipo 0.9.8 and earlier allows attackers ...)
 	- polipo 0.9.9-1 (bug #332411; low)
 	[sarge] - polipo <no-dsa> (Minor issue)
 CVE-2005-3162
 	REJECTED
-CVE-2005-3161
+CVE-2005-3161 (Multiple SQL injection vulnerabilities in PHP-Fusion before 6.00.110 a ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3160
+CVE-2005-3160 (Multiple SQL injection vulnerabilities in photogallery.php in PHP-Fusi ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3159
+CVE-2005-3159 (SQL injection vulnerability in messages.php in PHP-Fusion allows remot ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3158
+CVE-2005-3158 (SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3157
+CVE-2005-3157 (SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 all ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-3156
+CVE-2005-3156 (Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy  ...)
 	NOT-FOR-US: EasyGuppy
-CVE-2005-3155
+CVE-2005-3155 (Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and P ...)
 	NOT-FOR-US: MailEnable Enterprise
-CVE-2005-3154
+CVE-2005-3154 (Format string vulnerability in the logging functionality in BitDefende ...)
 	NOT-FOR-US: Bitdefender Antivirus
-CVE-2005-3153
+CVE-2005-3153 (login.php in myBloggie 2.1.3 beta and earlier allows remote attackers  ...)
 	NOT-FOR-US: MyBloggie
-CVE-2005-3152
+CVE-2005-3152 (Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.3  ...)
 	NOT-FOR-US: CubeCart
-CVE-2005-3151
+CVE-2005-3151 (Buffer overflow in blenderplay in Blender Player 2.37a allows attacker ...)
 	- blender <unfixed> (bug #332413; unimportant)
 	NOTE: To exploit this an attacker would need to trick a user into opening a file
 	NOTE: with a very suspicious file, no automatic processing of Blender files
 	NOTE: This might even be fixed in 2.42
-CVE-2005-3150
+CVE-2005-3150 (Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, ...)
 	{DSA-855-1}
 	- weex 2.6.1-6sarge1 (bug #332424; medium)
-CVE-2005-3149
+CVE-2005-3149 (Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handl ...)
 	{DSA-895-1 DTSA-22-1}
 	- uim 1:0.4.7-2 (bug #331620; medium)
-CVE-2005-3148
+CVE-2005-3148 (StoreBackup before 1.19 does not properly set the uid and guid for sym ...)
 	{DSA-1022-1}
 	- storebackup 1.19-1 (bug #332434)
-CVE-2005-3147
+CVE-2005-3147 (StoreBackup before 1.19 creates the backup root with world-readable pe ...)
 	{DSA-1022-1}
 	- storebackup 1.19-1 (bug #332434; medium)
-CVE-2005-3146
+CVE-2005-3146 (StoreBackup before 1.19 allows local users to perform unauthorized ope ...)
 	{DSA-1022-1}
 	- storebackup 1.19-2 (bug #332434; medium)
 	NOTE: The upstream fix only mitigated the issue, but didn't fix it
-CVE-2005-3145
+CVE-2005-3145 (httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to ca ...)
 	NOT-FOR-US: Standard Based Linux Instrumentation
-CVE-2005-3144
+CVE-2005-3144 (httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to ca ...)
 	NOT-FOR-US: Standard Based Linux Instrumentation
-CVE-2005-3143
+CVE-2005-3143 (Unspecified vulnerability in the Mailbox Server for 4D WebStar before  ...)
 	NOT-FOR-US: Mailbox Server for 4D WebStar
-CVE-2005-3142
+CVE-2005-3142 (Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kasper ...)
 	NOT-FOR-US: Kaspersky Antivirus
-CVE-2005-3141
+CVE-2005-3141 (Cerulean Studios Trillian 3.0 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2005-3140
+CVE-2005-3140 (Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions send ...)
 	NOT-FOR-US: Procom NetFORCE
-CVE-2005-3137
+CVE-2005-3137 (The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow  ...)
 	{DSA-836-1 DSA-835-1}
 	- cfengine <removed> (bug #332433; low)
 	- cfengine2 2.1.17-1 (bug #332432; low)
 	NOTE: maintainer does not think it's a hole, script is unused/broken
-CVE-2005-3136
+CVE-2005-3136 (Directory traversal vulnerability in Virtools Web Player 3.0.0.100 and ...)
 	NOT-FOR-US: Virtools Web Player
-CVE-2005-3135
+CVE-2005-3135 (Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows re ...)
 	NOT-FOR-US: Virtools Web Player
-CVE-2005-3134
+CVE-2005-3134 (Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attacke ...)
 	NOT-FOR-US: Citrix
-CVE-2005-3133
+CVE-2005-3133 (Multiple directory traversal vulnerabilities in MERAK Mail Server 8.2. ...)
 	NOT-FOR-US: MERAK Mail Server
-CVE-2005-3132
+CVE-2005-3132 (MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly ear ...)
 	NOT-FOR-US: MERAK Mail Server
-CVE-2005-3131
+CVE-2005-3131 (Multiple cross-site scripting (XSS) vulnerabilities in MERAK Mail Serv ...)
 	NOT-FOR-US: MERAK Mail Server
-CVE-2005-3130
+CVE-2005-3130 (SQL injection vulnerability in lucidCMS 1.0.11 allows remote attackers ...)
 	NOT-FOR-US: lucidCMS
-CVE-2005-3129
+CVE-2005-3129 (Cross-site request forgery (CSRF) vulnerability in Serendipity 0.8.4 a ...)
 	- serendipity 1.0-1
-CVE-2005-3128
+CVE-2005-3128 (Cross-site scripting (XSS) vulnerability in add.php in Address Add Plu ...)
 	NOT-FOR-US: Address Add Plugin for Squirrelmail
-CVE-2005-3127
+CVE-2005-3127 (Cross-site scripting (XSS) vulnerability in index.php in lucidCMS 1.0. ...)
 	NOT-FOR-US: lucidCMS
-CVE-2005-3126
+CVE-2005-3126 (The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scri ...)
 	{DSA-945-1}
 	- antiword 0.35-2 (low)
 CVE-2005-3125
 	REJECTED
-CVE-2005-3124
+CVE-2005-3124 (syslogtocern in Acme thttpd before 2.23 allows local users to write ar ...)
 	{DSA-883-1}
 	- thttpd 2.23beta1-4
-CVE-2005-3123
+CVE-2005-3123 (Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remot ...)
 	{DSA-877-1}
 	- gnump3d 2.9.6-1 (medium)
 CVE-2005-3122
 	REJECTED
-CVE-2005-3121
+CVE-2005-3121 (A rule file in module-assistant before 0.9.10 causes a temporary file  ...)
 	{DSA-867-1}
 	- module-assistant 0.9.10
-CVE-2005-3120
+CVE-2005-3120 (Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and e ...)
 	{DSA-1085-1 DSA-876-1 DSA-874-1}
 	- lynx 2.8.5-2sarge1 (bug #335033; high)
 	- lynx-cur 2.8.6-16 (bug #334423; high)
 	- lynx-ssl <removed>
-CVE-2005-3118
+CVE-2005-3118 (Mason before 1.0.0 does not install the init script after the user use ...)
 	{DSA-845-1}
 	- mason 1.0.0-3
 CVE-2005-3117
 	REJECTED
-CVE-2005-3116
+CVE-2005-3116 (Stack-based buffer overflow in a shared library as used by the Volume  ...)
 	NOT-FOR-US: VERITAS Backup
-CVE-2005-3115
+CVE-2005-3115 (mpeg-tools before 1.5b-r2 creates multiple temporary files insecurely, ...)
 	NOT-FOR-US: mpeg-tools
-CVE-2005-3114
+CVE-2005-3114 (Buffer overflow in the ActiveX control for NateOn Messenger (NateonDow ...)
 	NOT-FOR-US: NateOn Messenger
-CVE-2005-3113
+CVE-2005-3113 (The ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) a ...)
 	NOT-FOR-US: NateOn Messenger
-CVE-2005-3112
+CVE-2005-3112 (The "reset password" feature in Macromedia Breeze 5.0 stores passwords ...)
 	NOT-FOR-US: Macromedia Breeze
-CVE-2005-3110
+CVE-2005-3110 (Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, ...)
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.11)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3109
+CVE-2005-3109 (The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to cau ...)
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.12)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3108
+CVE-2005-3108 (mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to  ...)
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.12)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3107
+CVE-2005-3107 (fs/exec.c in Linux 2.6, when one thread is tracing another thread that ...)
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; in 2.6.11)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3106
+CVE-2005-3106 (Race condition in Linux 2.6, when threads are sharing memory mapping v ...)
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
-CVE-2005-3105
+CVE-2005-3105 (The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito  ...)
 	{DSA-922-1}
 	- kernel-source-2.4.27 <unfixed> (bug #332569; unimportant)
 	NOTE: Montecito CPUs are not available on the market yet
@@ -4216,7 +4216,7 @@ CVE-2005-XXXX [coreutils ignores umask when using -m in mkdir, mkfifo and mknod]
 CVE-2005-XXXX [tar's rmt command may have undesired side effects]
 	- tar <unfixed> (bug #290435; unimportant)
 	[sarge] - tar <no-dsa> (Hardly exploitable)
-CVE-2005-3752
+CVE-2005-3752 (Unspecified vulnerability in ldapdiff before 1.1.1 has unknown impact  ...)
 	- ldapdiff <not-affected> (The version in Debian doesn't contain the vulnerable code, see #306878)
 CVE-2005-XXXX [hdup inproperly preserves permissions on directories]
 	- hdup 2.0.14-2 (bug #302790; low)
@@ -4226,15 +4226,15 @@ CVE-2005-XXXX [DoS triggering endless loops in findutils -follow option]
 	- findutils 4.2.22-1 (bug #313081)
 	[woody] - findutils <not-affected> (Only code between 4.2.18 and 4.2.22 affected)
 	[sarge] - findutils <not-affected> (Only code between 4.2.18 and 4.2.22 affected)
-CVE-2005-3138
+CVE-2005-3138 (Bugzilla 2.18rc1 through 2.18.3, 2.19 through 2.20rc2, and 2.21 allows ...)
 	[woody] - bugzilla <not-affected> (Only Bugzilla >= 2.18 is affected)
 	[sarge] - bugzilla <not-affected> (Only Bugzilla >= 2.18 is affected)
 	- bugzilla 2.18.4-1 (bug #331206; medium)
-CVE-2005-3139
+CVE-2005-3139 (Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on ...)
 	[woody] - bugzilla <not-affected> (Only Bugzilla >= 2.19 is affected)
 	[sarge] - bugzilla <not-affected> (Only Bugzilla >= 2.19 is affected)
 	- bugzilla 2.18.4-1 (bug #331206; medium)
-CVE-2005-2966
+CVE-2005-2966 (The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earli ...)
 	{DSA-847-1}
 	- dia 0.94.0-15 (bug #330890; medium)
 CVE-2005-XXXX [Insecure temp files in linux-wlan-ng]
@@ -4243,147 +4243,147 @@ CVE-2005-XXXX [Heap overflow in libosip URI parsing]
 	- libosip2 2.0.9-1 (bug #308737)
 CVE-2005-XXXX [rkhunter: Insecure temporary file]
 	- rkhunter 1.2.7-14 (bug #330627; medium)
-CVE-2005-3104
+CVE-2005-3104 (mt-comments.cgi in Movable Type before 3.2 allows attackers to redirec ...)
 	NOT-FOR-US: Movable Type
-CVE-2005-3103
+CVE-2005-3103 (Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 al ...)
 	NOT-FOR-US: Movable Type
-CVE-2005-3102
+CVE-2005-3102 (The administrative interface in Movable Type allows attackers to uploa ...)
 	NOT-FOR-US: Movable Type
-CVE-2005-3101
+CVE-2005-3101 (The password reset feature in Movable Type before 3.2 generates differ ...)
 	NOT-FOR-US: Movable Type
-CVE-2005-3100
+CVE-2005-3100 (Unspecified "PPTP Remote DoS Vulnerability" in Astaro Security Linux 4 ...)
 	NOT-FOR-US: Astato Security Linux
-CVE-2005-3099
+CVE-2005-3099 (Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Sol ...)
 	NOT-FOR-US: Solaris
-CVE-2005-3098
+CVE-2005-3098 (poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitr ...)
 	- qpopper <not-affected> (bug #330123; Vulnerable code not shipped in binary)
-CVE-2005-3097
+CVE-2005-3097 (Directory traversal vulnerability in Avi Alkalay contribute.cgi (aka c ...)
 	NOT-FOR-US: Avi Alkalay
-CVE-2005-3096
+CVE-2005-3096 (Avi Alkalay nslookup.cgi program, dated 16 June 2002, allows remote at ...)
 	NOT-FOR-US: Avi Alkalay
-CVE-2005-3095
+CVE-2005-3095 (Avi Alkalay notify program, dated 19 Aug 2001, allows remote attackers ...)
 	NOT-FOR-US: Avi Alkalay
-CVE-2005-3094
+CVE-2005-3094 (Avi Alkalay man-cgi script allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: Avi Alkalay
-CVE-2005-3093
+CVE-2005-3093 (Nokia 7610 and 3210 phones allows attackers to cause a denial of servi ...)
 	NOT-FOR-US: Nokia cell phones
-CVE-2005-3092
+CVE-2005-3092 (Heap-based buffer overflow in Image-Line Software FL Studio 5.0.1 allo ...)
 	NOT-FOR-US: Image-Line Software FL Studio
-CVE-2005-3091
+CVE-2005-3091 (Cross-site scripting (XSS) vulnerability in Mantis before 1.0.0rc1 all ...)
 	{DSA-905-1}
 	- mantis 0.19.3-0.1 (bug #330682; low)
-CVE-2005-3090
+CVE-2005-3090 (Cross-site scripting (XSS) vulnerability in bug_actiongroup_page.php i ...)
 	- mantis 0.19.2-4 (bug #330682; medium)
-CVE-2005-3089
+CVE-2005-3089 (Firefox 1.0.6 allows attackers to cause a denial of service (crash) vi ...)
 	- mozilla-firefox 1.0.7-1 (unimportant)
 	NOTE: Browser crashes not treated as security problems
-CVE-2005-3088
+CVE-2005-3088 (fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 create ...)
 	{DSA-900-3}
 	- fetchmail 6.2.5.4-1 (bug #336096; low)
-CVE-2005-3111
+CVE-2005-3111 (The handler code for backupninja 0.8 and earlier creates temporary fil ...)
 	{DSA-827-1}
 	- backupninja 0.8-2 (medium)
 CVE-2005-XXXX [microcode.ctl downloads microcode w/o user confirmation]
 	- microcode.ctl 0.20080131-1 (bug #282583; unimportant)
 	NOTE: The validity of the microcode is ensure inside the CPU
-CVE-2005-3087
+CVE-2005-3087 (The SecureW2 3.0 TLS implementation uses weak random number generators ...)
 	NOT-FOR-US: SecureW2 TLS
-CVE-2005-3086
+CVE-2005-3086 (Directory traversal vulnerability in admin/about.php in contentServ 3. ...)
 	NOT-FOR-US: contentSrv
-CVE-2005-3085
+CVE-2005-3085 (Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Rive ...)
 	NOT-FOR-US: Riverdark Studios RSS Syndicator
-CVE-2005-3084
+CVE-2005-3084 (Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP 2 ...)
 	NOT-FOR-US: Sony PSP
-CVE-2005-3083
+CVE-2005-3083 (Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simp ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2005-3082
+CVE-2005-3082 (SQL injection vulnerability in admin.php in SEO-Board 1.0.2 allows rem ...)
 	NOT-FOR-US: SEO-Board
-CVE-2005-3081
+CVE-2005-3081 (wzdftpd 0.5.4 allows remote authenticated users to execute arbitrary c ...)
 	{DSA-1006-1}
 	- wzdftpd 0.5.5-1 (high)
-CVE-2005-3080
+CVE-2005-3080 (contrib/example.php in GeSHi before 1.0.7.3 allows remote attackers to ...)
 	NOT-FOR-US: GeSHi
-CVE-2005-3079
+CVE-2005-3079 (PunBB before 1.2.8 allows remote attackers to perform "code inclusion" ...)
 	NOT-FOR-US: PunBB
-CVE-2005-3078
+CVE-2005-3078 (Cross-site scripting (XSS) vulnerability in PunBB before 1.2.8 allows  ...)
 	NOT-FOR-US: PunBB
-CVE-2005-3077
+CVE-2005-3077 (Microsoft Internet Explorer 5.2.3 for Mac OS allows remote attackers t ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-3076
+CVE-2005-3076 (Simplog 0.9.1 might allow remote attackers to execute arbitrary SQL co ...)
 	NOT-FOR-US: Simplog
-CVE-2005-3075
+CVE-2005-3075 (SQL injection vulnerability in Zengaia before 0.2 allows remote attack ...)
 	NOT-FOR-US: Zengaia
-CVE-2005-3074
+CVE-2005-3074 (SQL injection vulnerability in rsyslogd in RSyslog before 1.0.1 and be ...)
 	NOT-FOR-US: RSyslog
-CVE-2005-3073
+CVE-2005-3073 (Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, ...)
 	- interchange 5.2.1-1 (bug #329705)
-CVE-2005-3072
+CVE-2005-3072 (SQL injection vulnerability in pages/forum/submit.html in Interchange  ...)
 	- interchange 5.2.1-1 (bug #329705; medium)
-CVE-2005-3071
+CVE-2005-3071 (Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9 ...)
 	NOT-FOR-US: Solaris
-CVE-2005-3070
+CVE-2005-3070 (HylaFax 4.2.1 and earlier does not create or verify ownership of the U ...)
 	- hylafax 1:4.2.2+rc1 (bug #329384; unimportant)
 	NOTE: This was judged non-exploitable
-CVE-2005-3069
+CVE-2005-3069 (xferfaxstats in HylaFax 4.2.1 and earlier allows local users to overwr ...)
 	{DSA-865-1}
 	- hylafax 1:4.2.2+rc1 (bug #329384; low)
-CVE-2005-3068
+CVE-2005-3068 (Unspecified vulnerability in Eric Integrated Development Environment ( ...)
 	{DSA-869-1}
 	- eric 3.7.2-1 (bug #330608; medium)
-CVE-2005-3067
+CVE-2005-3067 (Cross-site scripting (XSS) vulnerability in perldiver.cgi in PerlDiver ...)
 	NOT-FOR-US: PerlDiver
-CVE-2005-3066
+CVE-2005-3066 (Cross-site scripting (XSS) vulnerability in perldiver.pl in PerlDiver  ...)
 	NOT-FOR-US: PerlDiver
-CVE-2005-3065
+CVE-2005-3065 (MultiTheftAuto 0.5 patch 1 and earlier allows remote attackers to caus ...)
 	NOT-FOR-US: MultiTheftAuto
-CVE-2005-3064
+CVE-2005-3064 (MultiTheftAuto 0.5 patch 1 and earlier does not properly verify client ...)
 	NOT-FOR-US: MultiTheftAuto
-CVE-2005-3063
+CVE-2005-3063 (SQL injection vulnerability in MailGust 1.9 allows remote attackers to ...)
 	NOT-FOR-US: MailGust
-CVE-2005-3062
+CVE-2005-3062 (PHP remote file inclusion vulnerability in index.php in AlstraSoft E-F ...)
 	NOT-FOR-US: AlstraSoft E-Friends
-CVE-2005-3061
+CVE-2005-3061 (Multiple stack-based buffer overflows in PowerArchiver 8.10 through 9. ...)
 	NOT-FOR-US: PowerArchiver
 CVE-2005-XXXX [Multiple security issues when using distcc without ssh auth]
 	- distcc 2.18.3-3 (bug #298929; low)
 	[sarge] - distcc <no-dsa> (Only affects distcc in a very non-standard way not recommended for unstrusted environments)
-CVE-2005-3060
+CVE-2005-3060 (Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to ...)
 	NOT-FOR-US: AIX
-CVE-2005-3059
+CVE-2005-3059 (Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Window ...)
 	NOT-FOR-US: Opera
-CVE-2005-3058
+CVE-2005-3058 (Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8 ...)
 	NOT-FOR-US: FortiGate
-CVE-2005-3057
+CVE-2005-3057 (The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, ...)
 	NOT-FOR-US: FortiGate
 CVE-2005-3056 [TWiki INCLUDE function allows arbitrary shell command execution ]
 	RESERVED
 	- twiki 20040902-2 (bug #330733; high)
-CVE-2005-3055
+CVE-2005-3055 (Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial  ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.14-1 (bug #330287; bug #332587; medium)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-3054
+CVE-2005-3054 (fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not p ...)
 	- php4 4:4.4.0-3 (bug #353585; bug #354685; medium)
 	- php5 5.0.5-2 (bug #353585; medium)
 	[sarge] - php4 <no-dsa> (open_basedir violations not supported)
-CVE-2005-3053
+CVE-2005-3053 (The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x al ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.12-3 (bug #330343; bug #330353; medium)
-CVE-2005-3052
+CVE-2005-3052 (SQL injection vulnerability in module/down.inc.php in jportal 2.3.1 al ...)
 	NOT-FOR-US: jportal
-CVE-2005-3051
+CVE-2005-3051 (Stack-based buffer overflow in the ARJ plugin (arj.dll) 3.9.2.0 for 7- ...)
 	NOT-FOR-US: 7-Zip
-CVE-2005-3050
+CVE-2005-3050 (PhpMyFaq 1.5.1 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: PhpMyFaq
-CVE-2005-3049
+CVE-2005-3049 (PhpMyFaq 1.5.1 stores data files under the web document root with insu ...)
 	NOT-FOR-US: PhpMyFaq
-CVE-2005-3048
+CVE-2005-3048 (Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 allow ...)
 	NOT-FOR-US: PhpMyFaq
-CVE-2005-3047
+CVE-2005-3047 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFaq 1.5.1  ...)
 	NOT-FOR-US: PhpMyFaq
-CVE-2005-3046
+CVE-2005-3046 (SQL injection vulnerability in password.php in PhpMyFaq 1.5.1 allows r ...)
 	NOT-FOR-US: PhpMyFaq
-CVE-2005-3045
+CVE-2005-3045 (SQL injection vulnerability in search.php in My Little Forum 1.5 and 1 ...)
 	NOT-FOR-US: My Little Forum
 CVE-2005-XXXX [egroupware unsafe use of /tmp for storing a log file]
 	- egroupware 1.0.0.009.dfsg-3-1 (bug #329597; low)
@@ -4398,306 +4398,306 @@ CVE-2005-XXXX [kdebase uses urandom as an entropy source]
 	- kdebase <unfixed> (bug #325369; unimportant)
 	NOTE: Only affects the unofficial BSD/Hurd ports or 2.2 kernels
 	NOTE: on Linux urandom should provide sufficient entropy
-CVE-2005-3753
+CVE-2005-3753 (Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attac ...)
 	- linux-2.6 2.6.12-7 (low)
-CVE-2005-3043
+CVE-2005-3043 (SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows  ...)
 	NOT-FOR-US: Mall23 eCommerce
-CVE-2005-3042
+CVE-2005-3042 (miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "ful ...)
 	- webmin 1.230-1 (high; bug #329741)
 	[sarge] - webmin <not-affected> (Vulnerable code not present, see #329741)
 	- usermin 1.160-1 (high; bug #329742)
 	NOTE: SNS Advisory 83, http://marc.info:80/?m=112733083203821
-CVE-2005-3041
+CVE-2005-3041 (Unspecified "drag-and-drop vulnerability" in Opera Web Browser before  ...)
 	NOT-FOR-US: Opera
-CVE-2005-3040
+CVE-2005-3040 (Directory traversal vulnerability in the web interface (ISALogin.dll)  ...)
 	NOT-FOR-US: TAC Vista
-CVE-2005-3039
+CVE-2005-3039 (SQL injection vulnerability in infopage.asp in Mall23 eCommerce allows ...)
 	NOT-FOR-US: Mall23 eCommerce
-CVE-2005-3038
+CVE-2005-3038 (Unspecified vulnerability in Hosting Controller 6.1 before Hotfix 2.4  ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2005-3037
+CVE-2005-3037 (Cross-site scripting (XSS) vulnerability in Handy Address Book Server  ...)
 	NOT-FOR-US: Handy Address Book Server
-CVE-2005-3036
+CVE-2005-3036 (File Transfer Anywhere 3.01 stores sensitive password information in p ...)
 	NOT-FOR-US: File Transfer Anywhere
-CVE-2005-3035
+CVE-2005-3035 (Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 ...)
 	NOT-FOR-US: Compuware DriverStudio
-CVE-2005-3034
+CVE-2005-3034 (Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 ...)
 	NOT-FOR-US: Compuware DriverStudio
-CVE-2005-3033
+CVE-2005-3033 (Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to  ...)
 	NOT-FOR-US: vxWeb - WinCE software
-CVE-2005-3032
+CVE-2005-3032 (Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a  ...)
 	NOT-FOR-US: vxTfpSrv - WinCE software
-CVE-2005-3031
+CVE-2005-3031 (Buffer overflow in vxFtpSrv 0.9.7 allows remote attackers to execute a ...)
 	NOT-FOR-US: vxTfpSrv - WinCE software
-CVE-2005-3030
+CVE-2005-3030 (Directory traversal vulnerability in the archive decompression library ...)
 	NOT-FOR-US: Ahnlab Anti virus
-CVE-2005-3029
+CVE-2005-3029 (Stack-based buffer overflow in AhnLab V3Pro 2004 build 6.0.0.383, V3 V ...)
 	NOT-FOR-US: Ahnlab Anti virus
 CVE-2005-3028
 	REJECTED
-CVE-2005-3027
+CVE-2005-3027 (Sybari Antigen 8.0 SR2 does not properly filter SMTP messages, which a ...)
 	NOT-FOR-US: Sybari Antigen anti spam solution
-CVE-2005-3026
+CVE-2005-3026 (Directory traversal vulnerability in index.php in Alstrasoft Epay Pro  ...)
 	NOT-FOR-US: Epay Pro
-CVE-2005-3025
+CVE-2005-3025 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.7 ...)
 	NOT-FOR-US: vBulletin
-CVE-2005-3024
+CVE-2005-3024 (Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and earlier  ...)
 	NOT-FOR-US: vBulletin
-CVE-2005-3023
+CVE-2005-3023 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.9 ...)
 	NOT-FOR-US: vBulletin
-CVE-2005-3022
+CVE-2005-3022 (Multiple SQL injection vulnerabilities in vBulletin 3.0.9 and earlier  ...)
 	NOT-FOR-US: vBulletin
-CVE-2005-3021
+CVE-2005-3021 (image.php in vBulletin 3.0.9 and earlier allows remote attackers with  ...)
 	NOT-FOR-US: vBulletin
-CVE-2005-3020
+CVE-2005-3020 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin befor ...)
 	NOT-FOR-US: vBulletin
-CVE-2005-3019
+CVE-2005-3019 (Multiple SQL injection vulnerabilities in vBulletin before 3.0.9 allow ...)
 	NOT-FOR-US: vBulletin
-CVE-2005-3018
+CVE-2005-3018 (Apple Safari allows remote attackers to cause a denial of service (app ...)
 	NOT-FOR-US: Safari
-CVE-2005-3017
+CVE-2005-3017 (PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 all ...)
 	NOT-FOR-US: Content2Web
-CVE-2005-3016
+CVE-2005-3016 (Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-3015
+CVE-2005-3015 (Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 all ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2005-3014
+CVE-2005-3014 (Cross-site scripting (XSS) vulnerability in Ensim webplliance allows r ...)
 	NOT-FOR-US: Ensim webppliance
-CVE-2005-3013
+CVE-2005-3013 (Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE ...)
 	NOT-FOR-US: YaST
-CVE-2005-3012
+CVE-2005-3012 (The MasterDataCD::createImage function in masterdatacd.cpp for SimpleC ...)
 	NOT-FOR-US: SimpleCDR-X
-CVE-2005-3011
+CVE-2005-3011 (The sort_offline function for texindex in texinfo 4.8 and earlier allo ...)
 	{DSA-1219}
 	- texinfo 4.8-1 (bug #328365; low)
 	[sarge] - texinfo <no-dsa> (Minor issue, hardly exploitable)
-CVE-2005-3010
+CVE-2005-3010 (Direct static code injection vulnerability in the flood protection fea ...)
 	NOT-FOR-US: CuteNews
-CVE-2005-3009
+CVE-2005-3009 (Cross-site scripting (XSS) vulnerability in CuteNews allows remote att ...)
 	NOT-FOR-US: CuteNews
-CVE-2005-3008
+CVE-2005-3008 (Tofu 0.2 allows remote attackers to execute arbitrary Python code via  ...)
 	NOT-FOR-US: Tofu
-CVE-2005-3007
+CVE-2005-3007 (Opera before 8.50 allows remote attackers to spoof the content type of ...)
 	NOT-FOR-US: Opera
-CVE-2005-3006
+CVE-2005-3006 (The mail client in Opera before 8.50 opens attached files from the use ...)
 	NOT-FOR-US: Opera
-CVE-2005-3005
+CVE-2005-3005 (Helpdesk Software Hesk allows remote attackers to bypass authenticatio ...)
 	NOT-FOR-US: Helpdesk Software Hesk
-CVE-2005-3004
+CVE-2005-3004 (SQL injection vulnerability in Interakt MX Shop 3.2.0 allows remote at ...)
 	NOT-FOR-US: Interakt MX Shop
-CVE-2005-3003
+CVE-2005-3003 (SQL injection vulnerability in index.php in NooTopList 1.0.0 release 1 ...)
 	NOT-FOR-US: NooTopList
-CVE-2005-3002
+CVE-2005-3002 (Multi-Computer Control System (MCCS) 1.0 allows remote attackers to ca ...)
 	NOT-FOR-US: Multi-Computer Control System
-CVE-2005-3001
+CVE-2005-3001 (Unspecified vulnerability in the "tl" driver in Solaris 10 allows loca ...)
 	NOT-FOR-US: Solaris
-CVE-2005-3000
+CVE-2005-3000 (Multiple cross-site scripting (XSS) vulnerabilities in viewers/txt.php ...)
 	NOT-FOR-US: PHP Advanced Transfer Manager
-CVE-2005-2999
+CVE-2005-2999 (PHP Advanced Transfer Manager 1.30 allows remote attackers to obtain s ...)
 	NOT-FOR-US: PHP Advanced Transfer Manager
-CVE-2005-2998
+CVE-2005-2998 (PHP Advanced Transfer Manager 1.30 has a default password for the admi ...)
 	NOT-FOR-US: PHP Advanced Transfer Manager
-CVE-2005-2997
+CVE-2005-2997 (Multiple directory traversal vulnerabilities in PHP Advanced Transfer  ...)
 	NOT-FOR-US: PHP Advanced Transfer Manager
-CVE-2005-2996
+CVE-2005-2996 (Multiple heap-based and stack-based buffer overflows in certain DCOM s ...)
 	NOT-FOR-US: VERITAS storage solutions
-CVE-2005-2995
+CVE-2005-2995 (bacula 1.36.3 and earlier allows local users to modify or read sensiti ...)
 	- bacula 1.38.9-1 (bug #329271; low)
 	NOTE: Sarge affected, didn't exist in Woody
-CVE-2005-2994
+CVE-2005-2994 (Unspecified vulnerability in the web client for IBM Rational ClearQues ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2005-2993
+CVE-2005-2993 (Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4 ...)
 	NOT-FOR-US: HP Tru64
-CVE-2005-2991
+CVE-2005-2991 (ncompress 4.2.4 and earlier allows local users to overwrite arbitrary  ...)
 	- ncompress <not-affected> (bug #329052; unimportant)
 	NOTE: see bug close message,  Debian's ncompress doesn't expose affected scripts
-CVE-2005-2992
+CVE-2005-2992 (arc 5.21j and earlier allows local users to overwrite arbitrary files  ...)
 	{DSA-843-1}
 	- arc 5.21m-1 (low)
-CVE-2005-2990
+CVE-2005-2990 (AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores sens ...)
 	NOT-FOR-US: LineControl Java Client
-CVE-2005-2989
+CVE-2005-2989 (Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2005-2988
+CVE-2005-2988 (HP LaserJet 2430, and possibly other printers that use Jetdirect contr ...)
 	NOT-FOR-US: HP printers
-CVE-2005-2987
+CVE-2005-2987 (SQL injection vulnerability in login.php in Digital Scribe 1.4 allows  ...)
 	NOT-FOR-US: Digital Scribe
-CVE-2005-2986
+CVE-2005-2986 (The v3flt2k.sys driver in AhnLab V3Pro 2004 Build 6.0.0.383, V3 VirusB ...)
 	NOT-FOR-US: AhnLab antivirus and related products
-CVE-2005-2985
+CVE-2005-2985 (SQL injection vulnerability in search_result.php in AEwebworks aeDatin ...)
 	NOT-FOR-US: aeDating script
-CVE-2005-2984
+CVE-2005-2984 (Avocent CCM console server running firmware 2.1 CCM4850 allows remote  ...)
 	NOT-FOR-US: Avocent hardware issue
-CVE-2005-2983
+CVE-2005-2983 (SQL injection vulnerability in Oracle Reports that use Lexical Referen ...)
 	NOT-FOR-US: Oracle
-CVE-2005-2982
+CVE-2005-2982 (Cross-site scripting (XSS) vulnerability in CompaqHTTPServer 2.1 allow ...)
 	NOT-FOR-US: CompaqHTTPServer
-CVE-2005-2981
+CVE-2005-2981 (Cross-site scripting (XSS) vulnerability in Orion 1.3.8 and 1.4.5 allo ...)
 	NOT-FOR-US: Orion
-CVE-2005-2980
+CVE-2005-2980 (Cross-site scripting (XSS) vulnerability in index.php in phpoutsourcin ...)
 	NOT-FOR-US: phpoutsourcing Noah's classifieds
-CVE-2005-2979
+CVE-2005-2979 (SQL injection vulnerability in index.php in phpoutsourcing Noah's clas ...)
 	NOT-FOR-US: phpoutsourcing Noah's classifieds
-CVE-2005-2978
+CVE-2005-2978 (pnmtopng in netpbm before 10.25, when using the -trans option, uses un ...)
 	{DSA-878-1}
 	- netpbm-free 2:10.0-10
-CVE-2005-2977
+CVE-2005-2977 (The SELinux version of PAM before 0.78 r3 allows local users to perfor ...)
 	- pam 0.99.7.1-2 (bug #336344; low)
 	[etch] - pam 0.79-5
 	[sarge] - pam <not-affected> (Does not contain SELinux support)
 	[woody] - pam <not-affected> (Does not contain SELinux support)
-CVE-2005-2976
+CVE-2005-2976 (Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 ...)
 	{DSA-913-1 DSA-911-1}
 	- gdk-pixbuf 0.22.0-11 (bug #339431; medium)
 	- gtk+2.0 2.6.10-2
-CVE-2005-2975
+CVE-2005-2975 (io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before  ...)
 	{DSA-913-1 DSA-911-1}
 	- gdk-pixbuf 0.22.0-11 (bug #339431; low)
 	- gtk+2.0 2.6.10-2 (bug #339431; low)
-CVE-2005-2974
+CVE-2005-2974 (libungif library before 4.1.0 allows attackers to cause a denial of se ...)
 	{DSA-890-1}
 	- libungif4 4.1.3-4 (bug #337972; unimportant)
 	- giflib 4.1.4-1 (bug #395382; unimportant)
 	NOTE: Just a bug, hardly security implications
-CVE-2005-2973
+CVE-2005-2973 (The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5,  ...)
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (low)
-CVE-2005-2972
+CVE-2005-2972 (Multiple stack-based buffer overflows in the RTF import feature in Abi ...)
 	{DSA-894-1}
 	- abiword 2.4.1-1 (bug #333740; medium)
-CVE-2005-2971
+CVE-2005-2971 (Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 ...)
 	{DSA-872-1}
 	- koffice 1:1.3.5-5 (bug #333497; medium)
-CVE-2005-2970
+CVE-2005-2970 (Memory leak in the worker MPM (worker.c) for Apache 2, in certain circ ...)
 	- apache2 2.0.55-1 (bug #340337; low)
 	[sarge] - apache2 2.0.54-5sarge2
 	NOTE: this occurs in the binary package apache2-mpm-worker
-CVE-2005-2969
+CVE-2005-2969 (The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0 ...)
 	{DSA-888-1 DSA-882-1 DSA-881-1 DSA-875-1}
 	- openssl 0.9.8-3 (bug #333500; low)
 	- openssl097 0.9.7g-5 (bug #333500; low)
 	- openssl094 <removed>
 	- openssl095 <removed>
 	- openssl096 <removed>
-CVE-2005-2968
+CVE-2005-2968 (Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary ...)
 	{DSA-868-1}
 	- mozilla-firefox <not-affected> (Debian ships a non-vulnerable wrapper script)
 	- mozilla <not-affected> (Debian ships a non-vulnerable wrapper script)
 	- mozilla-thunderbird 1.0.6-4 (bug #329667; bug #329664; high)
-CVE-2005-2967
+CVE-2005-2967 (Format string vulnerability in input_cdda.c in xine-lib 1-beta through ...)
 	{DSA-863-1}
 	- xine-lib 1.0.1-1.4 (bug #332919; bug #333682; medium)
 CVE-2005-2965
 	REJECTED
-CVE-2005-2964
+CVE-2005-2964 (Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers  ...)
 	{DSA-894-1}
 	- abiword 2.2.10-1 (bug #329839; medium)
-CVE-2005-2963
+CVE-2005-2963 (The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with Aut ...)
 	{DSA-844-1}
 	- mod-auth-shadow 1.4-2 (bug #323789; medium)
-CVE-2005-2962
+CVE-2005-2962 (The post-installation script for ntlmaps before 0.9.9 sets world-reada ...)
 	{DSA-830-1}
 	- ntlmaps 0.9.9-4
-CVE-2005-2961
+CVE-2005-2961 (Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4  ...)
 	{DSA-834-1}
 	NOTE: prozilla is not in sarge or etch
-CVE-2005-2960
+CVE-2005-2960 (cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary fi ...)
 	{DSA-836-1 DSA-835-1}
 	- cfengine <removed> (bug #332433; low)
 	- cfengine2 2.1.17-1 (bug #332432; low)
 	NOTE: maintainer does not think it's a hole, script is unused/broken
-CVE-2005-2959
+CVE-2005-2959 (Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows lo ...)
 	{DSA-870-1}
 	- sudo 1.6.8p9-3 (medium)
-CVE-2005-2958
+CVE-2005-2958 (Multiple format string vulnerabilities in the GNOME Data Access librar ...)
 	{DSA-871-1}
 	- libgda2 1.2.2-1 (medium)
-CVE-2005-2957
+CVE-2005-2957 (Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 wi ...)
 	NOT-FOR-US: AVIRA Desktop
-CVE-2005-2956
+CVE-2005-2956 (ATutor 1.5.1, and possibly earlier versions, stores temporary chat log ...)
 	NOT-FOR-US: ATutor
-CVE-2005-2955
+CVE-2005-2955 (config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an ...)
 	NOT-FOR-US: ATutor
-CVE-2005-2954
+CVE-2005-2954 (SQL injection vulnerability in password_reminder.php in ATutor before  ...)
 	NOT-FOR-US: ATutor
-CVE-2005-2953
+CVE-2005-2953 (Cross-site scripting (XSS) vulnerability in merchant.mvc in MIVA Merch ...)
 	NOT-FOR-US: MIVA Merchant
-CVE-2005-2952
+CVE-2005-2952 (Directory traversal vulnerability in s.pl in Subscribe Me Pro 2.044.09 ...)
 	NOT-FOR-US: Subscribe Me Pro
-CVE-2005-2951
+CVE-2005-2951 (Directory traversal vulnerability in security.inc.php in AzDGDatingLit ...)
 	NOT-FOR-US: AzDGDating lite
-CVE-2005-2950
+CVE-2005-2950 (Cross-site scripting (XSS) vulnerability in Sawmill 7.0.0 through 7.1. ...)
 	NOT-FOR-US: Sawmill
-CVE-2005-2949
+CVE-2005-2949 (pam_per_user before 0.4 does not verify if the user name changes betwe ...)
 	NOT-FOR-US: pam_per_user (not in Debian)
-CVE-2005-2948
+CVE-2005-2948 (KillProcess 2.20 and earlier allows local users to bypass kill list re ...)
 	NOT-FOR-US: KillProcess
-CVE-2005-2947
+CVE-2005-2947 (Buffer overflow in KillProcess 2.20 and earlier allows user-assisted a ...)
 	NOT-FOR-US: KillProcess
-CVE-2005-2946
+CVE-2005-2946 (The default configuration on OpenSSL before 0.9.8 uses MD5 for creatin ...)
 	- openssl 0.9.8-1 (bug #314465; unimportant)
 	NOTE: MD5 is still good enough for most applications, second preimage attacks
 	NOTE: haven't been presented yet
-CVE-2005-2944
+CVE-2005-2944 (The perform_file_save function in GNOME Workstation Command Center (gw ...)
 	NOT-FOR-US: GNOME Workstation Command Center
-CVE-2005-2943
+CVE-2005-2943 (Stack-based buffer overflow in sendmail in XMail before 1.22 allows re ...)
 	{DSA-902-1}
 	- xmail 1.22-1 (bug #333863; medium)
 CVE-2005-2942
 	REJECTED
 CVE-2005-2941
 	RESERVED
-CVE-2005-2940
+CVE-2005-2940 (Unquoted Windows search path vulnerability in Microsoft Antispyware 1. ...)
 	NOT-FOR-US: Microsoft Antispyware
-CVE-2005-2939
+CVE-2005-2939 (Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 ...)
 	NOT-FOR-US: VMWare
-CVE-2005-2938
+CVE-2005-2938 (Unquoted Windows search path vulnerability in iTunesHelper.exe in iTun ...)
 	NOT-FOR-US: iTunes
 CVE-2005-2937
 	REJECTED
-CVE-2005-2936
+CVE-2005-2936 (Unquoted Windows search path vulnerability in RealNetworks RealPlayer  ...)
 	NOT-FOR-US: Real Player
-CVE-2005-2935
+CVE-2005-2935 (Unquoted Windows search path vulnerability in Microsoft AntiSpyware mi ...)
 	NOT-FOR-US: Microsoft AntiSpyware
-CVE-2005-2934
+CVE-2005-2934 (Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 al ...)
 	NOT-FOR-US: SCO
-CVE-2005-2933
+CVE-2005-2933 (Buffer overflow in the mail_valid_net_parse_work function in mail.c fo ...)
 	{DSA-861-1}
 	- uw-imap 7:2002edebian1-12 (medium; bug #332215)
 	- pine 4.64-1 (medium; bug #348407)
 	- alpine <not-affected> (alpine is based on pine 4.64, this bug was in a previous version of pine)
 	[sarge] - pine <no-dsa> (pine is non-free; doesn't permit distribution of modified binaries)
-CVE-2005-2932
+CVE-2005-2932 (Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, incl ...)
 	NOT-FOR-US: Check Point Zone Labs ZoneAlarm
-CVE-2005-2931
+CVE-2005-2931 (Format string vulnerability in the SMTP service in IMail Server 8.20 i ...)
 	NOT-FOR-US: Ipswitch Collaboration Suite
-CVE-2005-2929
+CVE-2005-2929 (Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attac ...)
 	- lynx <not-affected> (Debian's default config is not vulnerable)
 CVE-2005-2928
 	RESERVED
-CVE-2005-2927
+CVE-2005-2927 (Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, an ...)
 	NOT-FOR-US: SCO Unixware
-CVE-2005-2926
+CVE-2005-2926 (Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Open ...)
 	NOT-FOR-US: SCO Unixware
-CVE-2005-2925
+CVE-2005-2925 (runpriv in SGI IRIX allows local users to bypass intended restrictions ...)
 	NOT-FOR-US: IRIX
 CVE-2005-2924
 	RESERVED
-CVE-2005-2923
+CVE-2005-2923 (The IMAP server in IMail Server 8.20 in Ipswitch Collaboration Suite ( ...)
 	NOT-FOR-US: Ipswitch Collaboration Suite
-CVE-2005-2922
+CVE-2005-2922 (Heap-based buffer overflow in the embedded player in multiple RealNetw ...)
 	- helix-player 1.0.7-1 (bug #358754; medium)
 CVE-2005-2921
 	RESERVED
-CVE-2005-2916
+CVE-2005-2916 (Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions be ...)
 	NOT-FOR-US: Linksys routers
-CVE-2005-2915
+CVE-2005-2915 (ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default con ...)
 	NOT-FOR-US: Linksys routers
-CVE-2005-2914
+CVE-2005-2914 (ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default con ...)
 	NOT-FOR-US: Linksys routers
 CVE-2005-2913
 	REJECTED
-CVE-2005-2912
+CVE-2005-2912 (Linksys WRT54G router allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Linksys routers
 CVE-2005-2911
 	RESERVED
@@ -4713,62 +4713,62 @@ CVE-2005-2906
 	RESERVED
 CVE-2005-2905
 	RESERVED
-CVE-2005-2904
+CVE-2005-2904 (Zebedee 2.4.1, when "allowed redirection port" is not set, allows remo ...)
 	NOT-FOR-US: Zebedee
-CVE-2005-2903
+CVE-2005-2903 (Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 112 ...)
 	NOT-FOR-US: NOD32 Anti virus
-CVE-2005-2902
+CVE-2005-2902 (SQL injection vulnerability in class-1 Forum Software 0.24.4 allows re ...)
 	NOT-FOR-US: class-1 Forum
-CVE-2005-2901
+CVE-2005-2901 (Multiple Cross-site scripting (XSS) vulnerabilities in CjWeb2Mail 3.0  ...)
 	NOT-FOR-US: CjWeb2Mail
-CVE-2005-2900
+CVE-2005-2900 (Cross-site scripting (XSS) vulnerability in top.php in CjLinkOut 1.0 a ...)
 	NOT-FOR-US: CjLinkOut
-CVE-2005-2899
+CVE-2005-2899 (Multiple cross-site scripting (XSS) vulnerabilities in details.php in  ...)
 	NOT-FOR-US: CjTagBoard
 CVE-2005-2898
 	NOT-FOR-US: Filezilla
-CVE-2005-2897
+CVE-2005-2897 (WEB//NEWS 1.4 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: WEB//NEWS
-CVE-2005-2896
+CVE-2005-2896 (SQL injection vulnerability in WEB//NEWS 1.4 allows remote attackers t ...)
 	NOT-FOR-US: WEB//NEWS
-CVE-2005-2895
+CVE-2005-2895 (setcookie.php in PBLang 4.65, and possibly earlier versions, allows re ...)
 	NOT-FOR-US: PBLang
-CVE-2005-2894
+CVE-2005-2894 (Cross-site scripting (XSS) vulnerability in the user registration in P ...)
 	NOT-FOR-US: PBLang
-CVE-2005-2893
+CVE-2005-2893 (Direct static code injection vulnerability in setcookie.php in PBLang  ...)
 	NOT-FOR-US: PBLang
-CVE-2005-2892
+CVE-2005-2892 (Directory traversal vulnerability in setcookie.php in PBLang 4.65, and ...)
 	NOT-FOR-US: PBLang
-CVE-2005-2891
+CVE-2005-2891 (WebArchiveX.dll 5.5.0.76 installed before September 6th, 2005 is marke ...)
 	NOT-FOR-US: WebArchiveX
-CVE-2005-2890
+CVE-2005-2890 (SecureOL VE2 1.05.1008 does not properly restrict public access to phy ...)
 	NOT-FOR-US: SecureOL
-CVE-2005-2889
+CVE-2005-2889 (Check Point NGX R60 does not properly verify packets against the prede ...)
 	NOT-FOR-US: Check Point
-CVE-2005-2888
+CVE-2005-2888 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) Previ ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-2887
+CVE-2005-2887 (MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote att ...)
 	NOT-FOR-US: MAXDev MD-Pro
-CVE-2005-2886
+CVE-2005-2886 (Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1 ...)
 	NOT-FOR-US: MAXDev MD-Pro
-CVE-2005-2885
+CVE-2005-2885 (The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier versi ...)
 	NOT-FOR-US: MAXDev MD-Pro
-CVE-2005-2884
+CVE-2005-2884 (Cross-site scripting (XSS) vulnerability in events.php in Land Down Un ...)
 	NOT-FOR-US: Land Down Under
 CVE-2005-2883
 	REJECTED
-CVE-2005-2882
+CVE-2005-2882 (Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCal ...)
 	NOT-FOR-US: phpCommunityCalendar
-CVE-2005-2881
+CVE-2005-2881 (phpCommunityCalendar 4.0.3 allows remote attackers to bypass authentic ...)
 	NOT-FOR-US: phpCommunityCalendar
-CVE-2005-2880
+CVE-2005-2880 (Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3,  ...)
 	NOT-FOR-US: phpCommunityCalendar
-CVE-2005-2879
+CVE-2005-2879 (Advansysperu Software USB Lock Auto-Protect (AP) 1.5 uses a weak encry ...)
 	NOT-FOR-US: Advansysperu Software USB Lock Auto-Protect
-CVE-2005-2945
+CVE-2005-2945 (arc 5.21j and earlier create temporary files with world-readable permi ...)
 	{DSA-843-1}
 	- arc 5.21m-1 (bug #329053; low)
-CVE-2005-2917
+CVE-2005-2917 (Squid 2.5.STABLE10 and earlier, while performing NTLM authentication,  ...)
 	{DSA-828-1}
 	- squid 2.5.10-7
 	NOTE: Patch was added to -6, but not listed in dpatch's list of patches
@@ -4780,119 +4780,119 @@ CVE-2005-XXXX [mkzopeinstance.py creates world-readable inituser file]
 CVE-2005-XXXX [wine-safe does not prompt the user/is registered in mailcap]
 	- wine 0.0.20050830-1 (bug #327261; bug #327262; low)
 	[sarge] - wine <no-dsa> (Minor issue)
-CVE-2005-2920
+CVE-2005-2920 (Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0 ...)
 	{DSA-824-1 DTSA-19-1}
 	- clamav 0.87-1 (bug #328660; bug #329280; medium)
-CVE-2005-2919
+CVE-2005-2919 (libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote a ...)
 	{DSA-824-1 DTSA-19-1}
 	- clamav 0.87-1 (bug #328660; medium)
-CVE-2005-2918
+CVE-2005-2918 (The open_cmd_tube function in mount.c for gtkdiskfree 1.9.3 and earlie ...)
 	{DSA-822-1}
 	- gtkdiskfree 1.9.3-4sarge1 (bug #328566; low)
-CVE-2005-3044
+CVE-2005-3044 (Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local u ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.12-7 (medium)
 	- kernel-source-2.4.27 <not-affected> (code is vulnerable but there is no amd64 for 2.4 in Sarge)
-CVE-2005-2877
+CVE-2005-2877 (The history (revision control) function in TWiki 02-Sep-2004 and earli ...)
 	NOTE: proactively fixed by the robustness patch
 	- twiki 20040902-2
-CVE-2005-2876
+CVE-2005-2876 (umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other ...)
 	{DSA-825-1 DSA-823-1}
 	- util-linux 2.12p-8 (bug #328141; bug #329063; medium)
 	- loop-aes-utils 2.12p-9 (bug #328626; medium)
-CVE-2005-2875
+CVE-2005-2875 (Py2Play allows remote attackers to execute arbitrary Python code via p ...)
 	{DSA-856-1}
 	- py2play 0.1.8-1 (bug #326976; medium)
-CVE-2005-2874
+CVE-2005-2874 (The is_path_absolute function in scheduler/client.c for the daemon in  ...)
 	- cups 1.1.23-1
 	- cupsys 1.1.23-1
-CVE-2005-2871
+CVE-2005-2871 (Buffer overflow in the International Domain Name (IDN) support in Mozi ...)
 	{DSA-868-1 DSA-866-1 DSA-837-1}
 	- mozilla-firefox 1.0.6-5 (bug #327452; bug #327802; bug #327366; medium)
 	- mozilla 2:1.7.12-1 (bug #327455; medium)
 	- mozilla-thunderbird 1.0.7-1
 	NOTE: epiphany-browser is apparently fixed fix the mozilla
 	NOTE: upload; see bug #327366
-CVE-2005-2930
+CVE-2005-2930 (Stack-based buffer overflow in the _chm_find_in_PMGL function in chm_l ...)
 	{DSA-886-1}
 	- chmlib 0.36-1 (bug #327431; medium)
 CVE-2005-2802
 	REJECTED
-CVE-2005-2878
+CVE-2005-2878 (Format string vulnerability in search.c in the imap4d server in GNU Ma ...)
 	{DSA-841-1 DTSA-20-1}
 	- mailutils 1:0.6.90-3 (bug #327424; high)
-CVE-2005-2870
+CVE-2005-2870 (Unknown vulnerability in the net-svc script on Solaris 10 allows remot ...)
 	NOT-FOR-US: Solaris
-CVE-2005-2869
+CVE-2005-2869 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...)
 	{DSA-880-1}
 	- phpmyadmin 4:2.6.4-pl1-1 (bug #327345; bug #328501; medium)
-CVE-2005-2868
+CVE-2005-2868 (ZipTorrent 1.3.7.3 stores sensitive information in plaintext in the pr ...)
 	NOT-FOR-US: ZipTorrent
-CVE-2005-2867
+CVE-2005-2867 (SQL injection vulnerability in BlueWhaleCRM allows remote attackers to ...)
 	NOT-FOR-US: BlueWhaleCRM
-CVE-2005-2866
+CVE-2005-2866 (Mercora IMRadio 4.0.0.0 stores usernames and passwords in plaintext in ...)
 	NOT-FOR-US: Mercora IMRadio
-CVE-2005-2865
+CVE-2005-2865 (Multiple PHP remote file inclusion vulnerabilities in aMember Pro 2.3. ...)
 	NOT-FOR-US: aMember Pro
-CVE-2005-2864
+CVE-2005-2864 (URBAN 1.5.3_1 allows local users to overwrite arbitrary files via a sy ...)
 	NOT-FOR-US: URBAN
-CVE-2005-2863
+CVE-2005-2863 (Cross-site scripting (XSS) vulnerability in openwebmail-main.pl in Ope ...)
 	NOT-FOR-US: OpenWebmail
-CVE-2005-2862
+CVE-2005-2862 (ADSL Road Runner modem in the Annex A family has a service running on  ...)
 	NOT-FOR-US: ADSL hardware
-CVE-2005-2861
+CVE-2005-2861 (Cross-site scripting (XSS) vulnerability in N-Stealth Commercial Editi ...)
 	NOT-FOR-US: N-Stealth
-CVE-2005-2860
+CVE-2005-2860 (Cross-site scripting (XSS) vulnerability in Nikto 1.35 and earlier all ...)
 	- nikto 1.35-1.1 (bug #327339; medium)
-CVE-2005-2859
+CVE-2005-2859 (Savant Web Server stores user credentials in plaintext in the Savant\U ...)
 	NOT-FOR-US: Savant Web Server
-CVE-2005-2858
+CVE-2005-2858 (The Fetch.FetchContact.1 ActiveX control (Fetch.dll) for Rediff Bol 7. ...)
 	NOT-FOR-US: Rediff BOL)
-CVE-2005-2857
+CVE-2005-2857 (Free SMTP Server 2.2 allows remote attackers to use the server as an o ...)
 	NOT-FOR-US: Free SMTP Server
-CVE-2005-2856
+CVE-2005-2856 (Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party comp ...)
 	NOT-FOR-US: ALZip
-CVE-2005-2855
+CVE-2005-2855 (Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard 1.5 ...)
 	NOT-FOR-US: Unclassified Newsboard
-CVE-2005-2854
+CVE-2005-2854 (CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedba ...)
 	NOT-FOR-US: thesitewizard.com chfeedback.pl
-CVE-2005-2853
+CVE-2005-2853 (Multiple cross-site scripting (XSS) vulnerabilities in GuppY 4.5.3a an ...)
 	NOT-FOR-US: GuppY
-CVE-2005-2852
+CVE-2005-2852 (Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5 ...)
 	NOT-FOR-US: Novell Netware
-CVE-2005-2851
+CVE-2005-2851 (smb4k 0.4 and other versions before 0.6.3 allows local users to read s ...)
 	{DTSA-25-1}
 	- smb4k 0.6.4-1 (bug #337471; medium)
 	NOTE: fix in 0.6.3-1 was incomplete according to maintainer
-CVE-2005-2850
+CVE-2005-2850 (SlimFTPd 3.17 allows remote attackers to cause a denial of service (cr ...)
 	NOT-FOR-US: SlimFTPD
-CVE-2005-2849
+CVE-2005-2849 (Argument injection vulnerability in Barracuda Spam Firewall running fi ...)
 	NOT-FOR-US: Barracuda antispam solution
-CVE-2005-2848
+CVE-2005-2848 (Directory traversal vulnerability in img.pl in Barracuda Spam Firewall ...)
 	NOT-FOR-US: Barracuda antispam solution
-CVE-2005-2847
+CVE-2005-2847 (img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 a ...)
 	NOT-FOR-US: Barracuda antispam solution
-CVE-2005-2846
+CVE-2005-2846 (PHP remote file inclusion vulnerability in lang.php in CMS Made Simple ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2005-2845
+CVE-2005-2845 (Ariba Spend Management System sends the username and password to the s ...)
 	NOT-FOR-US: Ariba Spend Management System
-CVE-2005-2844
+CVE-2005-2844 (Buffer overflow in MMClient.exe in Indiatimes Messenger 6.0 allows rem ...)
 	NOT-FOR-US: Indiatimes Messenger
-CVE-2005-2843
+CVE-2005-2843 (Helpdesk software Hesk 0.92 does not properly verify usernames and pas ...)
 	NOT-FOR-US: Hesk
-CVE-2005-2842
+CVE-2005-2842 (Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before 4. ...)
 	NOT-FOR-US: DameWare Mini
-CVE-2005-2841
+CVE-2005-2841 (Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet ...)
 	NOT-FOR-US: IOS
-CVE-2005-2840
+CVE-2005-2840 (Multiple unknown vulnerabilities in MAXdev MD-Pro 1.0.72 and earlier h ...)
 	NOT-FOR-US: MAXdev
-CVE-2005-2839
+CVE-2005-2839 (Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1 ...)
 	NOT-FOR-US: MAXdev
-CVE-2005-2838
+CVE-2005-2838 (SQL injection vulnerability in login.php in myBloggie 2.1.3-beta and e ...)
 	NOT-FOR-US: myBloggie
-CVE-2005-2837
+CVE-2005-2837 (Multiple eval injection vulnerabilities in PlainBlack Software WebGUI  ...)
 	NOT-FOR-US: WebGUI
-CVE-2005-2836
+CVE-2005-2836 (Multiple cross-site scripting (XSS) vulnerabilities in Phorum 5.0.17a  ...)
 	NOT-FOR-US: Phorum
 CVE-2005-2835
 	RESERVED
@@ -4902,15 +4902,15 @@ CVE-2005-2833
 	RESERVED
 CVE-2005-2832
 	RESERVED
-CVE-2005-2831
+CVE-2005-2831 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers t ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2005-2830
+CVE-2005-2830 (Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS prox ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2005-2829
+CVE-2005-2829 (Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2005-2828
 	RESERVED
-CVE-2005-2827
+CVE-2005-2827 (The thread termination routine in the kernel for Windows NT 4.0 and 20 ...)
 	NOT-FOR-US: Windows NT
 CVE-2005-2826
 	RESERVED
@@ -4924,423 +4924,423 @@ CVE-2005-2822
 	RESERVED
 CVE-2005-2821
 	RESERVED
-CVE-2005-2820
+CVE-2005-2820 (Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows rem ...)
 	{DSA-820-1}
 	- courier 0.47-9 (bug #327181; medium)
-CVE-2005-2819
+CVE-2005-2819 (DownFile 1.3 allows remote attackers to gain administrator privileges  ...)
 	NOT-FOR-US: DownFile
-CVE-2005-2818
+CVE-2005-2818 (Cross-site scripting (XSS) vulnerability in DownFile 1.3 allows remote ...)
 	NOT-FOR-US: DownFile
-CVE-2005-2817
+CVE-2005-2817 (Simple Machines Forum (SMF) 1-0-5 and earlier supports the use of URLs ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2005-2816
+CVE-2005-2816 (Cross-site scripting (XSS) vulnerability in Greymatter allows remote a ...)
 	NOT-FOR-US: Greymatter
-CVE-2005-2815
+CVE-2005-2815 (print.php in FlatNuke 2.5.6 allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-2814
+CVE-2005-2814 (Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.6 allows remo ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-2813
+CVE-2005-2813 (Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earli ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-2812
+CVE-2005-2812 (man2web allows remote attackers to execute arbitrary commands via -P a ...)
 	NOT-FOR-US: man2web
-CVE-2005-2811
+CVE-2005-2811 (Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, o ...)
 	- net-snmp <not-affected> (Gentoo Portage specific configuration flaw)
-CVE-2005-2810
+CVE-2005-2810 (Multiple stack-based buffer overflows in urban before 1.5.3 allow loca ...)
 	NOT-FOR-US: urban game
-CVE-2005-2809
+CVE-2005-2809 (silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0  ...)
 	NOT-FOR-US: silc daemon
-CVE-2005-2808
+CVE-2005-2808 (frox 0.7.16 and 0.7.17 does not properly parse certain Deny ACLs, whic ...)
 	- frox 0.7.18-1 (medium)
-CVE-2005-2807
+CVE-2005-2807 (frox 0.7.18, when running setuid root, does not properly drop privileg ...)
 	- frox <not-affected> (does not run setuid root in the Debian package)
-CVE-2005-2806
+CVE-2005-2806 (client.cpp in BNBT EasyTracker 7.7r3.2004.10.27 and earlier allows rem ...)
 	NOT-FOR-US: BNBT EasyTracker
-CVE-2005-2805
+CVE-2005-2805 (forum_post.php in e107 0.6 allows remote attackers to post to non-exis ...)
 	NOT-FOR-US: e107
-CVE-2005-2804
+CVE-2005-2804 (Integer overflow in the registry parsing code in GroupWise 6.5.3, and  ...)
 	NOT-FOR-US: GroupWise
-CVE-2005-2803
+CVE-2005-2803 (Cross-site scripting (XSS) vulnerability in Hiki 0.8.1 to 0.8.2 allows ...)
 	[sarge] - hiki <not-affected> (code not present in sarge)
 	- hiki 0.8.3-1
-CVE-2005-2800
+CVE-2005-2800 (Memory leak in the seq_file implementation in the SCSI procfs interfac ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.12-6 (low)
 	- kernel-source-2.4.27 <not-affected> (seq_file introduced in 2.6)
-CVE-2005-2799
+CVE-2005-2799 (Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and po ...)
 	NOT-FOR-US: Linksys routers
-CVE-2005-2798
+CVE-2005-2798 (sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, ...)
 	- openssh 1:4.2p1-1 (bug #326065; unimportant)
 	NOTE: Not enabled in the binary build, see #326065
 	- openssh-krb5 <removed> (bug #327233; medium)
 	[sarge] - openssh-krb5 <no-dsa> (Intended bahaviour, see #327233)
-CVE-2005-2797
+CVE-2005-2797 (OpenSSH 4.0, and other versions before 4.2, does not properly handle d ...)
 	- openssh 1:4.2p1-1 (bug #326065; unimportant)
 	NOTE: GSSAPI features not activated in binary builds
-CVE-2005-2796
+CVE-2005-2796 (The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and ear ...)
 	{DSA-809-1}
 	- squid 2.5.10-5 (medium)
 CVE-2005-2795
 	RESERVED
-CVE-2005-2794
+CVE-2005-2794 (store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to c ...)
 	{DSA-809-3 DSA-809-1}
 	- squid 2.5.10-5 (medium)
-CVE-2005-2793
+CVE-2005-2793 (PHP remote file inclusion vulnerability in welcome.php in phpLDAPadmin ...)
 	[sarge] - phpldapadmin <not-affected> (code not present in sarge)
 	- phpldapadmin 0.9.6c-7 (bug #325785; medium)
 	- egroupware <not-affected> (copy included is older and not vulnerable; bug #339583)
-CVE-2005-2792
+CVE-2005-2792 (Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 ...)
 	[sarge] - phpldapadmin <not-affected> (code not present in sarge)
 	- phpldapadmin 0.9.6c-7 (bug #325785; medium)
 	- egroupware <not-affected> (copy included is older and not vulnerable; bug #339583)
-CVE-2005-2791
+CVE-2005-2791 (BFCommand &amp; Control Server Manager BFCC 1.22_A and earlier, and BF ...)
 	NOT-FOR-US: BFCC
-CVE-2005-2790
+CVE-2005-2790 (BFCommand &amp; Control Server Manager BFCC 1.22_A and earlier, and BF ...)
 	NOT-FOR-US: BFCC
-CVE-2005-2789
+CVE-2005-2789 (BFCommand &amp; Control Server Manager BFCC 1.22_A and earlier, and BF ...)
 	NOT-FOR-US: BFCC
-CVE-2005-2788
+CVE-2005-2788 (Multiple SQL injection vulnerabilities in Land Down Under (LDU) 801 an ...)
 	NOT-FOR-US: Land Down Under
-CVE-2005-2787
+CVE-2005-2787 (comment_delete_cgi.php in Simple PHP Blog allows remote attackers to d ...)
 	NOT-FOR-US: Simple PHP Blog
-CVE-2005-2786
+CVE-2005-2786 (Directory traversal vulnerability in bestmail_edit.cgi in cosmoshop 8. ...)
 	NOT-FOR-US: cosmoshop
-CVE-2005-2785
+CVE-2005-2785 (cosmoshop 8.10.78 and earlier stores passwords in plaintext in the dat ...)
 	NOT-FOR-US: cosmoshop
-CVE-2005-2784
+CVE-2005-2784 (SQL injection vulnerability in the login function for the administrati ...)
 	NOT-FOR-US: cosmoshop
-CVE-2005-2783
+CVE-2005-2783 (Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.00.107 and ea ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-2782
+CVE-2005-2782 (PHP remote file inclusion vulnerability in al_initialize.php for AutoL ...)
 	NOT-FOR-US: AutoLinks Pro
-CVE-2005-2781
+CVE-2005-2781 (The Avatar upload feature in FUD Forum before 2.7.0 does not properly  ...)
 	{DSA-1063-1}
 	- phpgroupware 0.9.16.009-1 (bug #340094; medium)
 	- egroupware 1.0.0.009.dfsg-3-4 (bug #340495; medium)
 	[woody] - phpgroupware <not-affected> (fudforum not included until 0.9.16)
 	NOTE: Sarge affected, woody isn't
-CVE-2005-2780
+CVE-2005-2780 (Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) allo ...)
 	NOT-FOR-US: Land Down Under
-CVE-2005-2779
+CVE-2005-2779 (The iTAN Online-Banking Security System allows remote attackers to obt ...)
 	NOT-FOR-US: iTAN
-CVE-2005-2778
+CVE-2005-2778 (SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) al ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-2777
+CVE-2005-2777 (Looking Glass 20040427 allows remote attackers to execute arbitrary co ...)
 	NOT-FOR-US: Looking Glass
-CVE-2005-2776
+CVE-2005-2776 (Multiple cross-site scripting (XSS) vulnerabilities in Looking Glass 2 ...)
 	NOT-FOR-US: Looking Glass
-CVE-2005-2775
+CVE-2005-2775 (php_api.php in phpWebNotes 2.0.0 uses the extract function to modify k ...)
 	NOT-FOR-US: Looking Glass
-CVE-2005-2774
+CVE-2005-2774 (Format string vulnerability in Lithium II mod 1.24 for Quake 2 allows  ...)
 	NOT-FOR-US: Litium Quake mod
-CVE-2005-2773
+CVE-2005-2773 (HP OpenView Network Node Manager 6.2 through 7.50 allows remote attack ...)
 	NOT-FOR-US: HP OpenView
-CVE-2005-2772
+CVE-2005-2772 (Multiple stack-based buffer overflows in University of Minnesota gophe ...)
 	{DSA-832-1}
 	- gopher 3.0.11 (bug #327722; high)
-CVE-2005-2771
+CVE-2005-2771 (WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-S ...)
 	NOT-FOR-US: Reflection for Secure IT
-CVE-2005-2770
+CVE-2005-2770 (WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-S ...)
 	NOT-FOR-US: Reflection for Secure IT
-CVE-2005-2769
+CVE-2005-2769 (Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possib ...)
 	{DSA-820-1}
 	- courier 0.47-9 (bug #327727; medium)
-CVE-2005-2768
+CVE-2005-2768 (Heap-based buffer overflow in the Sophos Antivirus Library, as used by ...)
 	NOT-FOR-US: Sophos AntiVirus
-CVE-2005-2767
+CVE-2005-2767 (Buffer overflow in LeapFTP allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: LeapFTP
 CVE-2005-XXXX [Four potentially DoS exploitable deadlocks and leaks in kernel 2.6]
 	- linux-2.6 2.6.12-6 (low)
-CVE-2005-2766
+CVE-2005-2766 (Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly ...)
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2005-2765
+CVE-2005-2765 (The user interface in the Windows Firewall does not properly display c ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2005-2764
+CVE-2005-2764 (Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to ...)
 	NOT-FOR-US: OpenTTD
-CVE-2005-2763
+CVE-2005-2763 (Multiple format string vulnerabilities in OpenTTD before 0.4.0.1 allow ...)
 	NOT-FOR-US: OpenTTD
-CVE-2005-2762
+CVE-2005-2762 (Avaya VPNRemote before 4.2.33 stores credentials in cleartext in proce ...)
 	NOT-FOR-US: VPNRemote
 CVE-2005-2760
 	RESERVED
-CVE-2005-2759
+CVE-2005-2759 (** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton An ...)
 	NOT-FOR-US: Symantec Antivirus
-CVE-2005-2758
+CVE-2005-2758 (Integer signedness error in the administrative interface for Symantec  ...)
 	NOT-FOR-US: Symantec Antivirus
-CVE-2005-2757
+CVE-2005-2757 (Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Serv ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2756
+CVE-2005-2756 (Apple QuickTime before 7.0.3 allows user-assisted attackers to overwri ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2005-2755
+CVE-2005-2755 (Apple QuickTime Player before 7.0.3 allows user-assisted attackers to  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2005-2754
+CVE-2005-2754 (Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2005-2753
+CVE-2005-2753 (Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2005-2752
+CVE-2005-2752 (An unspecified kernel interface in Mac OS X 10.4.2 and earlier does no ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2751
+CVE-2005-2751 (memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2750
+CVE-2005-2750 (Software Update in Mac OS X 10.4.2, when the user marks all updates to ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2749
+CVE-2005-2749 (Unspecified vulnerability in the Finder Get Info window for Mac OS X 1 ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2748
+CVE-2005-2748 (The malloc function in the libSystem library in Apple Mac OS X 10.3.9  ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2747
+CVE-2005-2747 (Buffer overflow in ImageIO for Apple Mac OS X 10.4.2, as used by appli ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2746
+CVE-2005-2746 (Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2745
+CVE-2005-2745 (Mail.app in Mail for Apple Mac OS X 10.3.9, when using Kerberos 5 for  ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2744
+CVE-2005-2744 (Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2743
+CVE-2005-2743 (The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 1 ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2742
+CVE-2005-2742 (SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, c ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2741
+CVE-2005-2741 (Authorization Services in securityd for Apple Mac OS X 10.3.9 allows l ...)
 	NOT-FOR-US: Mac OS X
 CVE-2005-2740
 	REJECTED
-CVE-2005-2739
+CVE-2005-2739 (Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visibl ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2738
+CVE-2005-2738 (Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X does not prevent m ...)
 	NOT-FOR-US: Java / Apple
-CVE-2005-2737
+CVE-2005-2737 (Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allo ...)
 	NOT-FOR-US: PhotoPost
-CVE-2005-2736
+CVE-2005-2736 (Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier all ...)
 	NOT-FOR-US: YaPig
-CVE-2005-2735
+CVE-2005-2735 (Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earli ...)
 	NOT-FOR-US: phpGraphy
-CVE-2005-2734
+CVE-2005-2734 (Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earl ...)
 	{DSA-1148-1}
 	- gallery 1.5-2 (bug #325285; medium)
-CVE-2005-2733
+CVE-2005-2733 (upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly res ...)
 	NOT-FOR-US: Simple PHP Blog
-CVE-2005-2732
+CVE-2005-2732 (AWStats 6.4, and possibly earlier versions, allows remote attackers to ...)
 	NOTE: path disclosure, so not very important on debian systems
 	NOTE: unreproducible according to bug #327729
-CVE-2005-2731
+CVE-2005-2731 (Directory traversal vulnerability in Astaro Security Linux 6.0, when u ...)
 	NOT-FOR-US: Astato specific
-CVE-2005-2730
+CVE-2005-2730 (The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to ...)
 	NOT-FOR-US: Astato specific
-CVE-2005-2729
+CVE-2005-2729 (The HTTP proxy in Astaro Security Linux 6.0 does not properly filter H ...)
 	NOT-FOR-US: Astato specific
-CVE-2005-2728
+CVE-2005-2728 (The byte-range filter in Apache 2.0 before 2.0.54 allows remote attack ...)
 	{DSA-805-1}
 	NOTE: The CVE description is wrong, this has been merged for 2.0.55
 	- apache2 2.0.54-5 (bug #326435; medium)
-CVE-2005-2727
+CVE-2005-2727 (Home Ftp Server 1.0.7 stores sensitive user information and server inf ...)
 	NOT-FOR-US: Home Ftp Server
-CVE-2005-2726
+CVE-2005-2726 (Directory traversal vulnerability in Home Ftp Server 1.0.7 allows remo ...)
 	NOT-FOR-US: Home Ftp Server
-CVE-2005-2725
+CVE-2005-2725 (The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier ver ...)
 	NOT-FOR-US: QNX
-CVE-2005-2723
+CVE-2005-2723 (SQL injection vulnerability in auth.php in PaFileDB 3.1, when authmeth ...)
 	NOT-FOR-US: PaFileDB
-CVE-2005-2722
+CVE-2005-2722 (Foojan PHP Weblog allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Foojan PHP Weblog
-CVE-2005-2721
+CVE-2005-2721 (Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php o ...)
 	NOT-FOR-US: Foojan PHP Weblog
-CVE-2005-2720
+CVE-2005-2720 (Stack-based buffer overflow in the ACE archive decompression library ( ...)
 	NOT-FOR-US: HAURI Antivirus
-CVE-2005-2719
+CVE-2005-2719 (Ventrilo 2.1.2 through 2.3.0 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Ventrilo
-CVE-2005-2718
+CVE-2005-2718 (Buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remo ...)
 	NOT-FOR-US: MPlayer
-CVE-2005-2717
+CVE-2005-2717 (PHP remote file inclusion vulnerability in WebCalendar before 1.0.1 al ...)
 	{DSA-799-1}
 	- webcalendar 0.9.45-7 (bug #326223; medium)
-CVE-2005-2715
+CVE-2005-2715 (Format string vulnerability in the Java user interface service (bpjava ...)
 	NOT-FOR-US: VERITAS NetBackup Data and Business Center
-CVE-2005-2714
+CVE-2005-2714 (passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4 ...)
 	NOT-FOR-US: Apple
-CVE-2005-2713
+CVE-2005-2713 (passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4 ...)
 	NOT-FOR-US: Apple
-CVE-2005-2712
+CVE-2005-2712 (The LDAP server (nldap.exe) in IBM Lotus Domino before 7.0.1, 6.5.5, a ...)
 	NOT-FOR-US: IBM
-CVE-2005-2711
+CVE-2005-2711 (ISS BlackIce 3.6, as used in multiple products including BlackICE PC P ...)
 	NOT-FOR-US: ISS
-CVE-2005-2710
+CVE-2005-2710 (Format string vulnerability in Real HelixPlayer and RealPlayer 10 allo ...)
 	{DSA-826-1}
 	NOTE: see  http://www.open-security.org/advisories/13
 	- helix-player 1.0.6-1 (bug #330364; high)
-CVE-2005-2709
+CVE-2005-2709 (The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 al ...)
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 2.6.14-3
-CVE-2005-2708
+CVE-2005-2708 (The search_binary_handler function in exec.c in Linux 2.4 kernel on 64 ...)
 	- kernel-source-2.4.27 <not-affected> (amd64/2.4 not supported)
-CVE-2005-2707
+CVE-2005-2707 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote att ...)
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
 	- mozilla 2:1.7.12-1 (medium)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2706
+CVE-2005-2706 (Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote att ...)
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; high)
 	- mozilla 2:1.7.12-1 (high)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2705
+CVE-2005-2705 (Integer overflow in the JavaScript engine in Firefox before 1.0.7 and  ...)
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; high)
 	- mozilla 2:1.7.12-1 (high)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2704
+CVE-2005-2704 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote att ...)
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
 	- mozilla 2:1.7.12-1 (medium)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2703
+CVE-2005-2703 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote att ...)
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
 	- mozilla 2:1.7.12-1 (medium)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2702
+CVE-2005-2702 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote att ...)
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; high)
 	- mozilla 2:1.7.12-1 (high)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2701
+CVE-2005-2701 (Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite b ...)
 	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
 	- mozilla 2:1.7.12-1 (bug #329778; medium)
 	- mozilla-thunderbird 1.0.7-1
-CVE-2005-2700
+CVE-2005-2700 (ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyCli ...)
 	{DSA-807-1 DSA-805-1}
 	- libapache-mod-ssl 2.8.24-1 (medium)
 	- apache2 2.0.54-5 (bug #327210; medium)
-CVE-2005-2699
+CVE-2005-2699 (Unrestricted file upload vulnerability in admin/admin.php in PHPKit 1. ...)
 	NOT-FOR-US: PHPKit
-CVE-2005-2698
+CVE-2005-2698 (Cross-site scripting (XSS) vulnerability in browse.php in Nephp Publis ...)
 	NOT-FOR-US: Nephp Publisher Enterprise
-CVE-2005-2697
+CVE-2005-2697 (SQL injection vulnerability in search.php for MyBulletinBoard (MyBB) 1 ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-2696
+CVE-2005-2696 (IBM Lotus Notes does not properly restrict access to password hashes i ...)
 	NOT-FOR-US: Notes
-CVE-2005-2695
+CVE-2005-2695 (Unspecified vulnerability in the SSL certificate checking functionalit ...)
 	NOT-FOR-US: Cisco
-CVE-2005-2694
+CVE-2005-2694 (Buffer overflow in WinAce 2.6.0.5, and possibly earlier versions, allo ...)
 	NOT-FOR-US: WinAce
-CVE-2005-2724
+CVE-2005-2724 (Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows rem ...)
 	{DSA-793-1}
 	- courier 0.47-8 (medium; bug #325631)
-CVE-2005-2801
+CVE-2005-2801 (xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 doe ...)
 	{DSA-922-1 DSA-921-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
-CVE-2005-2873
+CVE-2005-2873 (The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and ...)
 	[sarge] - kernel-source-2.4.27 <no-dsa> (Unfixable design issues)
 	[sarge] - kernel-source-2.6.8 <no-dsa> (Unfixable design issues)
 	- kernel-source-2.6.8 <unfixed> (bug #332231; low)
 	- linux-2.6 2.6.18-1 (bug #332381; low)
 	NOTE: Dave Miller didn't like the proposed fix and considers a complete rewrite
 	NOTE: of ipt_recent the best solution, which seems to occur soon
-CVE-2005-2872
+CVE-2005-2872 (The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6 ...)
 	{DSA-922-1 DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (bug #322237; medium)
 	- linux-2.6 2.6.12-1
-CVE-2005-2761
+CVE-2005-2761 (Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 al ...)
 	{DSA-798-1}
 	- phpgroupware 0.9.16.008-1
-CVE-2005-2716
+CVE-2005-2716 (The event_pin_code_request function in the btsrv daemon (btsrv.c) in N ...)
 	{DSA-796-1}
 	- affix 2.1.2-3 (bug #325444; medium)
 CVE-2005-XXXX [Insecure tempfile usage in tleds]
 	- tleds 1.05beta10-9 (bug #276789; low)
-CVE-2005-2693
+CVE-2005-2693 (cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely,  ...)
 	{DSA-806-1 DSA-802-1}
 	NOTE: cvsbug was removed from the cvs binary package in 1:1.11.5-4.
 	NOTE: The copy in the cvs source package was fixed in 1:1.12.9-15.
 	- cvs 1:1.11.5-4 (bug #325106; low)
 	- gcvs 1.0final-8 (bug #324969; low)
-CVE-2005-2692
+CVE-2005-2692 (Multiple SQL injection vulnerabilities in RunCMS 1.2 and earlier allow ...)
 	NOT-FOR-US: RunCMS
-CVE-2005-2691
+CVE-2005-2691 (includes/common.php in RunCMS 1.2 and earlier calls the extract functi ...)
 	NOT-FOR-US: RunCMS
-CVE-2005-2690
+CVE-2005-2690 (SQL injection vulnerability in the Downloads module in PostNuke 0.760- ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-2689
+CVE-2005-2689 (Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.760- ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-2688
+CVE-2005-2688 (Multiple cross-site scripting (XSS) vulnerabilities in SaveWebPortal 3 ...)
 	NOT-FOR-US: SaveWebPortal
-CVE-2005-2687
+CVE-2005-2687 (PHP remote file inclusion vulnerability in SaveWebPortal 3.4 allows re ...)
 	NOT-FOR-US: SaveWebPortal
-CVE-2005-2686
+CVE-2005-2686 (Directory traversal vulnerability in SaveWebPortal 3.4 allows remote a ...)
 	NOT-FOR-US: SaveWebPortal
-CVE-2005-2685
+CVE-2005-2685 (SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP cod ...)
 	NOT-FOR-US: SaveWebPortal
 CVE-2005-XXXX [Insecure temp files in firehol]
 	- firehol 1.231-4 (unimportant)
 	NOTE: Only exploitable inside modified binary installation
-CVE-2005-2684
+CVE-2005-2684 (nquser.php in Virtual Edge Netquery 3.11 allows remote attackers to ex ...)
 	NOT-FOR-US: Virtual Edge Netquery
-CVE-2005-2683
+CVE-2005-2683 (Multiple SQL injection vulnerabilities in PHPKit 1.6.1 allow remote at ...)
 	NOT-FOR-US: PHPKit
-CVE-2005-2682
+CVE-2005-2682 (aspell_setup.php in the SpellChecker plugin in DTLink AreaEdit before  ...)
 	NOT-FOR-US: DTLink AreaEdit
-CVE-2005-2681
+CVE-2005-2681 (Unspecified vulnerability in the command line processing (CLI) logic i ...)
 	NOT-FOR-US: Cisco
-CVE-2005-2680
+CVE-2005-2680 (Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP4, when ...)
 	NOT-FOR-US: BEA WebLogic Portal
-CVE-2005-2679
+CVE-2005-2679 (Buffer overflow in Sysinternals Process Explorer 9.23, and other versi ...)
 	NOT-FOR-US: Sysinternals Process Explorer
-CVE-2005-2678
+CVE-2005-2678 (Microsoft IIS 5.1 and 6 allows remote attackers to spoof the SERVER_NA ...)
 	NOT-FOR-US: MSIE
-CVE-2005-2677
+CVE-2005-2677 (ACNews stores the database in a file under the web document root with  ...)
 	NOT-FOR-US: ACNews
-CVE-2005-2676
+CVE-2005-2676 (Cross-site scripting (XSS) vulnerability in displayimage.php in Copper ...)
 	NOT-FOR-US: Coppermine
-CVE-2005-2675
+CVE-2005-2675 (** DISPUTED ** Note: the vendor has disputed this issue. Multiple SQL  ...)
 	NOT-FOR-US: Land Down Under
-CVE-2005-2674
+CVE-2005-2674 (** DISPUTED ** Note: the vendor has disputed this issue. Multiple cros ...)
 	NOT-FOR-US: Land Down Under
-CVE-2005-2673
+CVE-2005-2673 (SQL injection vulnerability in modcp.php in WoltLab Burning Board 2.2. ...)
 	NOT-FOR-US: Burning Board
 CVE-2005-2671
 	REJECTED
-CVE-2005-2670
+CVE-2005-2670 (Directory traversal vulnerability in HAURI Anti-Virus products includi ...)
 	NOT-FOR-US: HAURI
-CVE-2005-2669
+CVE-2005-2669 (Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 befor ...)
 	NOT-FOR-US: Computer Associates
-CVE-2005-2668
+CVE-2005-2668 (Multiple buffer overflows in Computer Associates (CA) Message Queuing  ...)
 	NOT-FOR-US: Computer Associates
-CVE-2005-2667
+CVE-2005-2667 (Unknown vulnerability in Computer Associates (CA) Message Queuing (CAM ...)
 	NOT-FOR-US: Computer Associates
-CVE-2005-2666
+CVE-2005-2666 (SSH, as implemented in OpenSSH before 4.0 and possibly other implement ...)
 	- openssh 1:4.0p1-1 (unimportant)
 	NOTE: Lack of a security feature, not a vulnerability
-CVE-2005-2665
+CVE-2005-2665 (Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through PL7, a ...)
 	NOT-FOR-US: elm-me+ is no longer in unstable or testing
-CVE-2005-2664
+CVE-2005-2664 (Whisper 32 1.16, and possibly earlier versions, stores passwords in pl ...)
 	NOT-FOR-US: Whisper
-CVE-2005-2663
+CVE-2005-2663 (masqmail before 0.2.18 allows local users to overwrite arbitrary files ...)
 	{DSA-848-1}
 	- masqmail 0.2.21-1 (low; bug #329307)
-CVE-2005-2662
+CVE-2005-2662 (masqmail before 0.2.18 allows remote attackers to execute arbitrary co ...)
 	{DSA-848-1}
 	- masqmail 0.2.21-1 (high; bug #329307)
-CVE-2005-2661
+CVE-2005-2661 (Format string vulnerability in the ParseBannerAndCapability function i ...)
 	{DSA-852-1}
 	- up-imapproxy 1.2.4-2 (high)
-CVE-2005-2660
+CVE-2005-2660 (apachetop 0.12.5 and earlier, when running in debug mode, allows local ...)
 	{DSA-839-1}
 	- apachetop 0.12.5-3
-CVE-2005-2659
+CVE-2005-2659 (Buffer overflow in the LZX decompression in CHM Lib (chmlib) 0.35, as  ...)
 	{DSA-886-1}
 	- chmlib 0.37-2 (medium)
-CVE-2005-2658
+CVE-2005-2658 (Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 ...)
 	{DSA-812-1}
 	- turqstat 2.2.4-1 (medium)
-CVE-2005-2657
+CVE-2005-2657 (Unknown vulnerability in common-lisp-controller 4.18 and earlier allow ...)
 	{DSA-811-2}
 	- common-lisp-controller 4.18 (bug #328633; medium)
-CVE-2005-2656
+CVE-2005-2656 (Polygen before 1.0.6 generates precompiled grammar objects with world- ...)
 	{DSA-794-1}
 	NOTE: Fix in -8 had problems
 	- polygen 1.0.6-9 (bug #325468; low)
-CVE-2005-2655
+CVE-2005-2655 (lockmail in maildrop before 1.5.3 does not drop privileges before exec ...)
 	{DSA-791-1 DTSA-11-1}
 	- maildrop 2.0.2-7 (bug #325135; medium)
-CVE-2005-2654
+CVE-2005-2654 (phpldapadmin before 0.9.6c allows remote attackers to gain anonymous a ...)
 	{DSA-790-1}
 	- phpldapadmin 0.9.6c-5 (bug #322423; medium)
 	- egroupware <not-affected> (copy included is older and not vulnerable; bug #339583)
@@ -5348,348 +5348,348 @@ CVE-2005-XXXX [cplay - still unsafe temporary file handling vulnerable to symlin
 	- cplay 1.49-8 (bug #324913; low)
 	[woody] - cplay <not-affected> (CPLAY_TMP doesn't exist in this version)
 	[sarge] - cplay <no-dsa> (Hardly exploitable)
-CVE-2005-2672
+CVE-2005-2672 (pwmconfig in LM_sensors before 2.9.1 creates temporary files insecurel ...)
 	{DSA-814-1 DTSA-17-1}
 	- lm-sensors 1:2.9.1-7 (bug #324193; medium)
-CVE-2005-2653
+CVE-2005-2653 (Cross-site scripting (XSS) vulnerability in BBCaffe 2.0 allows remote  ...)
 	NOT-FOR-US: BBCaffe
-CVE-2005-2652
+CVE-2005-2652 (Zorum 3.5 allows remote attackers to obtain the full installation path ...)
 	NOT-FOR-US: Zorum
-CVE-2005-2651
+CVE-2005-2651 (gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitra ...)
 	NOT-FOR-US: Zorum
-CVE-2005-2650
+CVE-2005-2650 (Cross-site scripting (XSS) vulnerability in sign.asp in Emefa Guestboo ...)
 	NOT-FOR-US: Emefa Guestbook
-CVE-2005-2649
+CVE-2005-2649 (Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote ...)
 	NOT-FOR-US: ATutor
-CVE-2005-2648
+CVE-2005-2648 (Directory traversal vulnerability in index.php in W-Agora 4.2.0 and ea ...)
 	NOT-FOR-US: W-Agora
-CVE-2005-2647
+CVE-2005-2647 (Cross-site scripting (XSS) vulnerability in Xerox MicroServer Web Serv ...)
 	NOT-FOR-US: Xerox MicroServer Web Server in Document Centre
-CVE-2005-2646
+CVE-2005-2646 (Unknown vulnerability in Xerox MicroServer Web Server in Document Cent ...)
 	NOT-FOR-US: Xerox MicroServer Web Server in Document Centre
-CVE-2005-2645
+CVE-2005-2645 (Unknown vulnerability in Xerox MicroServer Web Server in Document Cent ...)
 	NOT-FOR-US: Xerox MicroServer Web Server in Document Centre
-CVE-2005-2644
+CVE-2005-2644 (Buffer overflow in JaguarEditControl.dll in Isemarket JaguarControl al ...)
 	NOT-FOR-US: JaguarControl
-CVE-2005-2643
+CVE-2005-2643 (Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and  ...)
 	- tor 0.1.0.14-1 (bug #323786; medium)
-CVE-2005-2642
+CVE-2005-2642 (Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt ...)
 	- mutt <not-affected> (bug #323956; high)
 	NOTE: Status is not clear; upstream is unresponsive.
 	NOTE: this bug was closed as it was unreproducable in Debian
-CVE-2005-2641
+CVE-2005-2641 (Unknown vulnerability in pam_ldap before 180 does not properly handle  ...)
 	{DSA-785-1}
 	- libpam-ldap 178-1sarge1 (bug #324899)
-CVE-2005-2640
+CVE-2005-2640 (Behavioral discrepancy information leak in Juniper Netscreen VPN runni ...)
 	NOT-FOR-US: Juniper
-CVE-2005-2639
+CVE-2005-2639 (Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 all ...)
 	NOT-FOR-US: World Poker Championship
-CVE-2005-2638
+CVE-2005-2638 (Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeNews 1.4 ...)
 	NOT-FOR-US: PHPFreeNews
-CVE-2005-2637
+CVE-2005-2637 (Multiple SQL injection vulnerabilities in PHPFreeNews 1.40 and earlier ...)
 	NOT-FOR-US: PHPFreeNews
-CVE-2005-2636
+CVE-2005-2636 (SQL injection vulnerability in lib-view-direct.inc.php in phpAdsNew an ...)
 	NOT-FOR-US: phpAdsNew
-CVE-2005-2635
+CVE-2005-2635 (Multiple directory traversal vulnerabilities in phpAdsNew and phpPgAds ...)
 	NOT-FOR-US: phpAdsNew
-CVE-2005-2634
+CVE-2005-2634 (Buffer overflow in the Log-SCR function in the "Log to Screen" feature ...)
 	NOT-FOR-US: WinFTP Server
-CVE-2005-2633
+CVE-2005-2633 (Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) bo ...)
 	NOT-FOR-US: PHPTB Topic Board
-CVE-2005-2632
+CVE-2005-2632 (SQL injection vulnerability in login_admin_mediabox404.php in mediabox ...)
 	NOT-FOR-US: Mediabox 404
-CVE-2005-2631
+CVE-2005-2631 (Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to  ...)
 	NOT-FOR-US: Cisco
-CVE-2005-2630
+CVE-2005-2630 (Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 1 ...)
 	- helix-player <not-affected> (Only Windows version of Real are affected)
-CVE-2005-2629
+CVE-2005-2629 (Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne P ...)
 	{DSA-915-1}
 	- helix-player 1.0.6-1 (bug #340270; medium)
-CVE-2005-2628
+CVE-2005-2628 (Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execut ...)
 	- flashplugin-nonfree 7.0.61-1.1 (bug #339290; high)
 	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash plugin)
-CVE-2005-2627
+CVE-2005-2627 (Multiple integer underflows in Kismet before 2005-08-R1 allow remote a ...)
 	{DSA-788-1 DTSA-1-1}
 	- kismet 2005.08.R1-1 (bug #323386; high)
-CVE-2005-2626
+CVE-2005-2626 (Unspecified vulnerability in Kismet before 2005-08-R1 allows remote at ...)
 	{DSA-788-1 DTSA-1-1}
 	- kismet 2005.08.R1-1 (bug #323386; high)
-CVE-2005-2625
+CVE-2005-2625 (Incomplete blacklist vulnerability in the checkBlacklist function in C ...)
 	NOT-FOR-US: CPAINT ajax toolkit
-CVE-2005-2624
+CVE-2005-2624 (Eval injection vulnerability in CPAINT 1.3-SP allows remote attackers  ...)
 	NOT-FOR-US: CPAINT ajax toolkit
-CVE-2005-2623
+CVE-2005-2623 (ECW-Shop 6.0.2 allows remote attackers to reduce the total cost of the ...)
 	NOT-FOR-US: ECW Shop
-CVE-2005-2622
+CVE-2005-2622 (Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 6.0. ...)
 	NOT-FOR-US: ECW Shop
-CVE-2005-2621
+CVE-2005-2621 (index.php in ECW-Shop 6.0.2 allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: ECW Shop
-CVE-2005-2620
+CVE-2005-2620 (grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the p ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2005-2619
+CVE-2005-2619 (Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly ...)
 	NOT-FOR-US: Autonomy
-CVE-2005-2618
+CVE-2005-2618 (Multiple stack-based buffer overflows in Autonomy (formerly Verity) Ke ...)
 	NOT-FOR-US: Autonomy
-CVE-2005-2617
+CVE-2005-2617 (The syscall32_setup_pages function in syscall32.c for Linux kernel 2.6 ...)
 	{DTSA-16-1}
 	NOTE: http://lists.debian.org/debian-kernel/2005/08/msg00991.html - amd64 specific DOS
 	- linux-2.6 2.6.12-6
-CVE-2005-2616
+CVE-2005-2616 (Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote ...)
 	NOT-FOR-US: ezUpload
-CVE-2005-2615
+CVE-2005-2615 (Unknown vulnerability in session.php in EQdkp before 1.3.0 has unknown ...)
 	NOT-FOR-US: EQdkp
-CVE-2005-2614
+CVE-2005-2614 (Discuz! 4.0 rc4 does not properly restrict types of files that are upl ...)
 	NOT-FOR-US: Discuz
-CVE-2005-2613
+CVE-2005-2613 (Unknown vulnerability in CPAINT Ajax Toolkit before 1.3-SP allows atta ...)
 	NOT-FOR-US: CPAINT Ajax
-CVE-2005-2612
+CVE-2005-2612 (Direct code injection vulnerability in WordPress 1.5.1.3 and earlier a ...)
 	- wordpress 1.5.2-1 (bug #323040; high)
-CVE-2005-2611
+CVE-2005-2611 (VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec  ...)
 	NOT-FOR-US: VERITAS Backup Exec for Windows Servers
-CVE-2005-2610
+CVE-2005-2610 (Cross-site scripting (XSS) vulnerability in index.php in VegaDNS 0.8.1 ...)
 	NOT-FOR-US: VegaDNS
-CVE-2005-2609
+CVE-2005-2609 (index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows ...)
 	NOT-FOR-US: VegaDNS
-CVE-2005-2608
+CVE-2005-2608 (SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS ...)
 	NOT-FOR-US: SafeHTML
-CVE-2005-2607
+CVE-2005-2607 (PHP file include vulnerability in download.php in PHPSimplicity Simpli ...)
 	NOT-FOR-US: PHPSimplicity
-CVE-2005-2606
+CVE-2005-2606 (Unknown vulnerability in the "frontend authentication" in PHlyMail 3.0 ...)
 	NOT-FOR-US: PHlyMail
-CVE-2005-2605
+CVE-2005-2605 (Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 allo ...)
 	NOT-FOR-US: Lasso Professional Server
-CVE-2005-2604
+CVE-2005-2604 (index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to ...)
 	NOT-FOR-US: My Image Gallery (Mig)
-CVE-2005-2603
+CVE-2005-2603 (Cross-site scripting (XSS) vulnerability in index.php for My Image Gal ...)
 	NOT-FOR-US: My Image Gallery (Mig)
-CVE-2005-2602
+CVE-2005-2602 (Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to o ...)
 	- mozilla-firefox <not-affected> (According to Bugzilla Windows/Mac only)
-CVE-2005-2601
+CVE-2005-2601 (SQL injection vulnerability in MidiCart allows remote attackers to exe ...)
 	NOT-FOR-US: MidiCart
-CVE-2005-2600
+CVE-2005-2600 (FUDForum 2.6.15 with "Tree View" enabled, as used in other products su ...)
 	{DSA-899-1 DSA-798-1}
 	- egroupware 1.0.0.009.dfsg-3-2 (bug #323928; medium)
 	- phpgroupware 0.9.16.008-1 (bug #323929; medium)
-CVE-2005-2599
+CVE-2005-2599 (Hummingbird FTP for Connectivity 10.0 uses weak encryption (trivial en ...)
 	NOT-FOR-US: Hummingbird FTP for Connectivity
-CVE-2005-2598
+CVE-2005-2598 (Multiple directory traversal vulnerabilities in Dokeos 1.6 and earlier ...)
 	NOT-FOR-US: Dokeos
-CVE-2005-2597
+CVE-2005-2597 (AOL Client Software 9.0 uses insecure permissions for its installation ...)
 	NOT-FOR-US: AOL Client
-CVE-2005-2596
+CVE-2005-2596 (User.php in Gallery, as used in Postnuke, allows users with any Admin  ...)
 	{DSA-879-1}
 	- gallery 1.5-2 (medium)
-CVE-2005-2595
+CVE-2005-2595 (Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 Alph ...)
 	NOT-FOR-US: Dada Mail
-CVE-2005-2594
+CVE-2005-2594 (Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to ca ...)
 	NOT-FOR-US: Apple Safari
-CVE-2005-2593
+CVE-2005-2593 (Parlano MindAlign 5.0 and later versions uses weak encryption, with un ...)
 	NOT-FOR-US: MindAlign
-CVE-2005-2592
+CVE-2005-2592 (Unknown vulnerability in Parlano MindAlign 5.0 and later versions allo ...)
 	NOT-FOR-US: MindAlign
-CVE-2005-2591
+CVE-2005-2591 (Parlano MindAlign 5.0 and later versions allows remote attackers to li ...)
 	NOT-FOR-US: MindAlign
-CVE-2005-2590
+CVE-2005-2590 (Cross-site scripting (XSS) vulnerability in Parlano MindAlign 5.0 and  ...)
 	NOT-FOR-US: MindAlign
-CVE-2005-2589
+CVE-2005-2589 (Unknown vulnerability in Linksys WRT54GS wireless router with firmware ...)
 	NOT-FOR-US: WRT54GS wireless router
-CVE-2005-2588
+CVE-2005-2588 (Multiple cross-site scripting (XSS) vulnerabilities in DVBBS 7.1 SP2 a ...)
 	NOT-FOR-US: DVBBS
-CVE-2005-2587
+CVE-2005-2587 (SQL injection vulnerability in emailvalidate.php in PHPTB Topic Boards ...)
 	NOT-FOR-US: PHPTB Topic Boards
-CVE-2005-2586
+CVE-2005-2586 (Mentor ADSL-FR4II router running firmware 2.00.0111 stores the web adm ...)
 	NOT-FOR-US: Mentor ADSL-FR4II router
-CVE-2005-2585
+CVE-2005-2585 (Mentor ADSL-FR4II router running firmware 2.00.0111 allows remote atta ...)
 	NOT-FOR-US: Mentor ADSL-FR4II router
-CVE-2005-2584
+CVE-2005-2584 (The web administration interface in Mentor ADSL-FR4II router running f ...)
 	NOT-FOR-US: Mentor ADSL-FR4II router
-CVE-2005-2583
+CVE-2005-2583 (Mentor ADSL-FR4II router running firmware 2.00.0111 has an undocumente ...)
 	NOT-FOR-US: Mentor ADSL-FR4II router
-CVE-2005-2582
+CVE-2005-2582 (Kaspersky Anti-Virus for Unix/Linux File Servers 5.0-5 uses world-writ ...)
 	NOT-FOR-US: Kaspersky
-CVE-2005-2581
+CVE-2005-2581 (Grandstream BudgeTone 101 and 102 running firmware 1.0.6.7 and possibl ...)
 	NOT-FOR-US: Grandstream BudgeTone
-CVE-2005-2580
+CVE-2005-2580 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00  ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-2579
+CVE-2005-2579 (Nortel Contivity VPN Client V05_01.030, when configuring a certificate ...)
 	NOT-FOR-US: Contivity
 CVE-2005-2578
 	REJECTED
-CVE-2005-2577
+CVE-2005-2577 (Wyse Winterm 1125SE running firmware 4.2.09f or 4.4.061f allows remote ...)
 	NOT-FOR-US: Wyse Winterm
-CVE-2005-2576
+CVE-2005-2576 (CaLogic 1.22, and possibly earlier versions, allows remote attackers t ...)
 	NOT-FOR-US: CaLogic
-CVE-2005-2575
+CVE-2005-2575 (SQL injection vulnerability in u2u.inc.php in XMB Forum 1.9.1 allows r ...)
 	NOT-FOR-US: XMB Forum
-CVE-2005-2574
+CVE-2005-2574 (xmb.php in XMB Forum 1.9.1 extracts and defines all provided variables ...)
 	NOT-FOR-US: XMB Forum
-CVE-2005-2573
+CVE-2005-2573 (The mysql_create_function function in sql_udf.cc for MySQL 4.0 before  ...)
 	- mysql <not-affected> (Windows specific mysql holes)
 	- mysql-dfsg-4.1 <not-affected> (Windows specific mysql holes)
 	- mysql-dfsg-5.0 <not-affected> (Windows specific mysql holes)
-CVE-2005-2572
+CVE-2005-2572 (MySQL, when running on Windows, allows remote authenticated users with ...)
 	- mysql <not-affected> (Windows specific mysql holes)
 	- mysql-dfsg-4.1 <not-affected> (Windows specific mysql holes)
 	- mysql-dfsg-5.0 <not-affected> (Windows specific mysql holes)
-CVE-2005-2571
+CVE-2005-2571 (FunkBoard 0.66CF, and possibly earlier versions, does not properly res ...)
 	NOT-FOR-US: FunkBoard
-CVE-2005-2570
+CVE-2005-2570 (FunkBoard 0.66CF, and possibly earlier versions, allows remote attacke ...)
 	NOT-FOR-US: FunkBoard
-CVE-2005-2569
+CVE-2005-2569 (Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66C ...)
 	NOT-FOR-US: FunkBoard
-CVE-2005-2568
+CVE-2005-2568 (Eval injection vulnerability in the template engine for SysCP 1.2.10 a ...)
 	NOT-FOR-US: SysCP
-CVE-2005-2567
+CVE-2005-2567 (PHP remote file inclusion vulnerability in SysCP 1.2.10 and earlier al ...)
 	NOT-FOR-US: SysCP
-CVE-2005-2566
+CVE-2005-2566 (Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) ...)
 	NOT-FOR-US: OpenBB
-CVE-2005-2565
+CVE-2005-2565 (Gravity Board X (GBX) 1.1 allows remote attackers to obtain sensitive  ...)
 	NOT-FOR-US: Gravity Board X (GBX)
-CVE-2005-2564
+CVE-2005-2564 (Direct static code injection vulnerability in editcss.php in Gravity B ...)
 	NOT-FOR-US: Gravity Board X (GBX)
-CVE-2005-2563
+CVE-2005-2563 (Multiple cross-site scripting (XSS) vulnerabilities in Gravity Board X ...)
 	NOT-FOR-US: Gravity Board X (GBX)
-CVE-2005-2562
+CVE-2005-2562 (SQL injection vulnerability in Gravity Board X (GBX) 1.1 allows remote ...)
 	NOT-FOR-US: Gravity Board X (GBX)
-CVE-2005-2561
+CVE-2005-2561 (Multiple SQL injection vulnerabilities in MYFAQ 1.0 allow remote attac ...)
 	NOT-FOR-US: MYFAQ
-CVE-2005-2560
+CVE-2005-2560 (Cross-site scripting (XSS) vulnerability in index.cfm in CFBB 1.1.0 al ...)
 	NOT-FOR-US: CFBB
-CVE-2005-2559
+CVE-2005-2559 (doping.php in ePing plugin 1.02 and earlier for e107 portal allows rem ...)
 	NOT-FOR-US: e107 portal
-CVE-2005-2558
+CVE-2005-2558 (Stack-based buffer overflow in the init_syms function in MySQL 4.0 bef ...)
 	{DSA-833-2 DSA-831-1 DSA-829-1}
 	- mysql-dfsg-4.1 4.1.13 (medium)
 	- mysql-dfsg-5.0 5.0.7beta-1 (medium)
 	- mysql-dfsg 4.0.24-10sarge1 (bug #322133; medium)
-CVE-2005-2557
+CVE-2005-2557 (Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis ...)
 	{DSA-778-1}
 	- mantis 0.19.2-4 (low)
-CVE-2005-2556
+CVE-2005-2556 (core/database_api.php in Mantis 0.19.0a1 through 1.0.0a3, with registe ...)
 	{DSA-778-1}
 	- mantis 0.19.2-4 (medium)
-CVE-2005-2555
+CVE-2005-2555 (Linux kernel 2.6.x does not properly restrict socket policy access to  ...)
 	{DSA-1018-1 DSA-1017-1 DTSA-16-1}
 	- linux-2.6 2.6.12-6 (medium)
 CVE-2005-XXXX [DoS against clamav through infinite loop in cli_rmdirs]
 	- clamav 0.86.2-1 (low)
 	[sarge] - clamav 0.84-2.sarge.2
-CVE-2005-2554
+CVE-2005-2554 (The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 ...)
 	NOT-FOR-US: Network Associated ePolicy Orchestrator Agent
-CVE-2005-2553
+CVE-2005-2553 (The find_target function in ptrace32.c in the Linux kernel 2.4.x befor ...)
 	{DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-12 (bug #323363; medium)
-CVE-2005-2552
+CVE-2005-2552 (Unknown vulnerability in HP ProLiant DL585 servers running Integrated  ...)
 	NOT-FOR-US: Integrated Light Out in HP servers
-CVE-2005-2551
+CVE-2005-2551 (Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 o ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2005-2547
+CVE-2005-2547 (security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attack ...)
 	{DSA-782-1 DTSA-9-1}
 	- bluez-utils 2.19-1 (bug #323365; medium)
-CVE-2005-2546
+CVE-2005-2546 (Arab Portal 2.0 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Arab Portal
-CVE-2005-2545
+CVE-2005-2545 (Multiple cross-site scripting (XSS) vulnerabilities in PHPOpenChat 3.0 ...)
 	NOT-FOR-US: PHPOpenChat
-CVE-2005-2544
+CVE-2005-2544 (PHP remote file inclusion vulnerability in config.php in Comdev eComme ...)
 	NOT-FOR-US: Comdev eCommerce
-CVE-2005-2543
+CVE-2005-2543 (Directory traversal vulnerability in wce.download.php in Comdev eComme ...)
 	NOT-FOR-US: Comdev eCommerce
-CVE-2005-2542
+CVE-2005-2542 (Invision Power Board (IPB) 1.0.3 allows remote attackers to inject arb ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2005-2541
+CVE-2005-2541 (Tar 1.15.1 does not properly warn the user when extracting setuid or s ...)
 	NOTE: This is intended behaviour, after all tar is an archiving tool and you
 	NOTE: need to give -p as a command line flag
 	- tar <unfixed> (bug #328228; unimportant)
-CVE-2005-2540
+CVE-2005-2540 (CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier ve ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-2539
+CVE-2005-2539 (Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5  ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-2538
+CVE-2005-2538 (FlatNuke 2.5.5 and possibly earlier versions allows remote attackers t ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-2537
+CVE-2005-2537 (FlatNuke 2.5.5 and possibly earlier versions allows remote attackers t ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-2536
+CVE-2005-2536 (pstotext before 1.8g does not properly use the "-dSAFER" option when c ...)
 	{DSA-792-1}
 	- pstotext 1.9-2 (bug #319758; medium)
-CVE-2005-2535
+CVE-2005-2535 (Buffer overflow in the Discovery Service in BrightStor ARCserve Backup ...)
 	NOT-FOR-US: ARCserve Backup
-CVE-2005-2534
+CVE-2005-2534 (Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not ena ...)
 	{DSA-851-1}
 	- openvpn 2.0.2-1 (bug #324167; high)
-CVE-2005-2533
+CVE-2005-2533 (OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode ...)
 	{DSA-851-1}
 	- openvpn 2.0.2-1 (bug #324167; high)
-CVE-2005-2532
+CVE-2005-2532 (OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue w ...)
 	{DSA-851-1}
 	- openvpn 2.0.2-1 (bug #324167; high)
-CVE-2005-2531
+CVE-2005-2531 (OpenVPN before 2.0.1, when running with "verb 0" and without TLS authe ...)
 	{DSA-851-1}
 	- openvpn 2.0.2-1 (bug #324167; high)
-CVE-2005-2530
+CVE-2005-2530 (Unspecified vulnerability in Java 1.3.1 before 1.3.1_16 on Apple Mac O ...)
 	NOT-FOR-US: Java / Apple
-CVE-2005-2529
+CVE-2005-2529 (Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Appl ...)
 	NOT-FOR-US: Java / Apple
 CVE-2005-2528
 	REJECTED
-CVE-2005-2527
+CVE-2005-2527 (Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X  ...)
 	NOT-FOR-US: Java / Apple
-CVE-2005-2526
+CVE-2005-2526 (CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a  ...)
 	NOT-FOR-US: MacOS X
-CVE-2005-2525
+CVE-2005-2525 (CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descri ...)
 	NOT-FOR-US: MacOS X
-CVE-2005-2524
+CVE-2005-2524 (Safari after 2.0 in Apple Mac OS X 10.3.9 allows remote attackers to b ...)
 	NOT-FOR-US: MacOS X
-CVE-2005-2523
+CVE-2005-2523 (Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server i ...)
 	NOT-FOR-US: Weblog Server in Mac OS X
-CVE-2005-2522
+CVE-2005-2522 (Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs wit ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2521
+CVE-2005-2521 (Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2520
+CVE-2005-2520 (The password assistant in Mac OS X 10.4 to 10.4.2, when used to create ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2519
+CVE-2005-2519 (slpd in Directory Services in Mac OS X 10.3.9 creates insecure tempora ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2518
+CVE-2005-2518 (Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows rem ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2517
+CVE-2005-2517 (Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatt ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2516
+CVE-2005-2516 (Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format  ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2515
+CVE-2005-2515 (Quartz Composer Screen Saver in Mac OS X 10.4.2 allows local users to  ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2514
+CVE-2005-2514 (Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execu ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2513
+CVE-2005-2513 (Unknown vulnerability in HItoolbox for Mac OS X 10.4.2 allows VoiceOve ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2512
+CVE-2005-2512 (Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an  ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2511
+CVE-2005-2511 (Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerbe ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2510
+CVE-2005-2510 (The Server Admin tool in servermgr_ipfilter for Mac OS X 10.4 to 10.4. ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2509
+CVE-2005-2509 (Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, w ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2508
+CVE-2005-2508 (dsidentity in Directory Services in Mac OS X 10.4.2 allows local users ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2507
+CVE-2005-2507 (Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 al ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2506
+CVE-2005-2506 (Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10. ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2505
+CVE-2005-2505 (Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers  ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2504
+CVE-2005-2504 (The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with  ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2503
+CVE-2005-2503 (AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical a ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2502
+CVE-2005-2502 (Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in a ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2501
+CVE-2005-2501 (Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows extern ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-2500
+CVE-2005-2500 (Buffer overflow in the xdr_xcode_array2 function in xdr.c in Linux ker ...)
 	- linux-2.6 2.6.12-1 (medium)
-CVE-2005-2499
+CVE-2005-2499 (slocate before 2.7 does not properly process very long paths, which al ...)
 	- slocate <not-affected> (Uses secure glibc code, see #324951)
-CVE-2005-2498
+CVE-2005-2498 (Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML- ...)
 	{DSA-842-1 DSA-840-1 DSA-798-1 DSA-789-1 DTSA-15-1}
 	- drupal 4.5.5-1 (bug #323347; high)
 	- phpgroupware 0.9.16.008-1 (bug #323349; high)
@@ -5700,22 +5700,22 @@ CVE-2005-2498
 	- php5 5.0.5-1 (high)
 CVE-2005-2497
 	REJECTED
-CVE-2005-2496
+CVE-2005-2496 (The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option ...)
 	{DSA-801-1}
 	NOTE: I suspect DSA-801 is fixed by the non-root patches from Ubuntu??
 	- ntp 1:4.2.0a+stable-2sarge1 (medium)
 	[etch] - ntp 1:4.2.0a+stable-2sarge1 (medium)
-CVE-2005-2495
+CVE-2005-2495 (Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted ...)
 	{DSA-816-1}
 	- xorg-x11 6.8.2.dfsg.1-7 (medium)
-CVE-2005-2494
+CVE-2005-2494 (kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root ac ...)
 	{DSA-815-1}
 	- kdebase 4:3.4.2-3 (bug #327039; medium)
 CVE-2005-2493
 	RESERVED
-CVE-2005-2492
+CVE-2005-2492 (The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allow ...)
 	- linux-2.6 2.6.12-7 (bug #327416; medium)
-CVE-2005-2491
+CVE-2005-2491 (Integer overflow in pcre_compile.c in Perl Compatible Regular Expressi ...)
 	{DSA-821-1 DSA-819-1 DSA-817-1 DSA-800-1 DTSA-10-1}
 	- pcre3 6.3-1 (bug #324531; medium)
 	- gnumeric 1.5.1-1 (bug #326628; bug #326898; unimportant)
@@ -5725,7 +5725,7 @@ CVE-2005-2491
 	- python2.1 2.1.3dfsg-3 (medium)
 	- python2.2 2.2.3dfsg-4 (medium)
 	- python2.3 2.3.5-8 (medium)
-CVE-2005-2490
+CVE-2005-2490 (Stack-based buffer overflow in the sendmsg function call in the Linux  ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.12-7 (bug #327416; medium)
 CVE-2005-XXXX [Buffer overflow in Description parsing]
@@ -5740,61 +5740,61 @@ CVE-2005-XXXX [Should include "UNRESTRICTED access to your computer" warning som
 	[etch] - classpath <not-affected> (Doesn't build the gcjwebplugin binary package)
 CVE-2005-XXXX [Inconsistent escaping of user supplied data in dbauthpgsql.c]
 	- dbmail 2.2.1-1 (bug #290833; medium)
-CVE-2005-2548
+CVE-2005-2548 (vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attac ...)
 	{DSA-922-1 DTSA-16-1}
 	NOTE: Will appear in next kernel DSA, fixed in 2.6 since 2.6.9-rc2
 	- kernel-source-2.6.8 2.6.8-16sarge1 (bug #309308; low)
 	NOTE: 2.6.12-1 contained a partially broken fix
 	- linux-2.6 2.6.12-6 (bug #309308; low)
-CVE-2005-2489
+CVE-2005-2489 (Web Content Management News System allows remote attackers to create a ...)
 	NOT-FOR-US: Web Content Management News System
-CVE-2005-2488
+CVE-2005-2488 (Cross-site scripting (XSS) vulnerability in Web Content Management New ...)
 	NOT-FOR-US: Web Content Management News System
-CVE-2005-2487
+CVE-2005-2487 (Unknown vulnerability in Sun McData switches and directors 4300, 4500, ...)
 	NOT-FOR-US: Sun switches
-CVE-2005-2486
+CVE-2005-2486 (SQL injection vulnerability in mod_forum/read_message.php in PortailPH ...)
 	NOT-FOR-US: PortailPHP
-CVE-2005-2485
+CVE-2005-2485 (Cross-site scripting (XSS) vulnerability in the Helpdesk in Logicampus ...)
 	NOT-FOR-US: Logicampus
-CVE-2005-2484
+CVE-2005-2484 (Buffer overflow in the rdb_query function for Denora IRC Stats 1.0 mig ...)
 	NOT-FOR-US: Denora IRC stats
-CVE-2005-2483
+CVE-2005-2483 (Eval injection vulnerability in Karrigell before 2.1.8 allows remote a ...)
 	NOT-FOR-US: Karrigell
-CVE-2005-2482
+CVE-2005-2482 (The StateToOptions function in msfweb in Metasploit Framework 2.4 and  ...)
 	NOT-FOR-US: Metasploit Framework
-CVE-2005-2481
+CVE-2005-2481 (ColdFusion Fusebox 4.1.0 allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: Fusebox
-CVE-2005-2480
+CVE-2005-2480 (Cross-site scripting (XSS) vulnerability in ColdFusion Fusebox 4.1.0 a ...)
 	NOT-FOR-US: Fusebox
-CVE-2005-2479
+CVE-2005-2479 (Quick 'n Easy FTP Server 3.0 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Quick 'n Easy FTP Server
-CVE-2005-2478
+CVE-2005-2478 (SQL injection vulnerability in SilverNews 2.0.3 allows remote attacker ...)
 	NOT-FOR-US: Silvernews
-CVE-2005-2477
+CVE-2005-2477 (shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote at ...)
 	NOT-FOR-US: Naxtor Shopping Cart
-CVE-2005-2476
+CVE-2005-2476 (Cross-site scripting (XSS) vulnerability in lost_passowrd.php in Naxto ...)
 	NOT-FOR-US: Naxtor Shopping Cart
-CVE-2005-2475
+CVE-2005-2475 (Race condition in Unzip 5.52 allows local users to modify permissions  ...)
 	{DSA-903-1}
 	- unzip 5.52-4 (bug #321927; low)
-CVE-2005-2474
+CVE-2005-2474 (ChurchInfo allows remote attackers to execute obtain sensitive informa ...)
 	NOT-FOR-US: ChurchInfo
-CVE-2005-2473
+CVE-2005-2473 (Multiple SQL injection vulnerabilities in ChurchInfo allow remote atta ...)
 	NOT-FOR-US: ChurchInfo
-CVE-2005-2472
+CVE-2005-2472 (Multiple buffer overflows in BusinessMail 4.60.00 allow remote attacke ...)
 	NOT-FOR-US: BusinessMail
-CVE-2005-2471
+CVE-2005-2471 (pstopnm in netpbm does not properly use the "-dSAFER" option when call ...)
 	{DSA-1021-1}
 	- netpbm-free 2:10.0-9 (bug #319757; low)
-CVE-2005-2470
+CVE-2005-2470 (Buffer overflow in a "core application plug-in" for Adobe Reader 5.1 t ...)
 	NOT-FOR-US: Adobe
-CVE-2005-2469
+CVE-2005-2469 (Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C ...)
 	NOT-FOR-US: Novell NetMail
-CVE-2005-2459
+CVE-2005-2459 (The huft_build function in inflate.c in the zlib routines in the Linux ...)
 	{DSA-922-1 DSA-921-1 DTSA-16-1}
 	- linux-2.6 2.6.12-3 (bug #323173)
 	- kernel-source-2.4.27 2.4.27-12 (medium)
-CVE-2005-2458
+CVE-2005-2458 (inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 all ...)
 	{DSA-922-1 DSA-921-1 DTSA-16-1}
 	- linux-2.6 2.6.12-3 (bug #323173; medium)
 	- kernel-source-2.4.27 2.4.27-12 (medium)
@@ -5822,18 +5822,18 @@ CVE-2005-XXXX [fftw3-dev: Insecure tempfile usage in fftw-wisdom-to-conf script]
 CVE-2005-XXXX [clamav-getfile: Insecure use of temporary files]
 	- clamav-getfiles 0.5-1 (bug #321446; medium)
 	[sarge] - clamav-getfiles <not-affected> (Sarge version uses mktemp)
-CVE-2005-3254
+CVE-2005-3254 (The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect m ...)
 	{DTSA-6-1}
 	- cgiwrap 3.9-3.1 (bug #316881; low)
 	[sarge] - cgiwrap <no-dsa> (Minor impact)
-CVE-2005-3255
+CVE-2005-3255 (The (1) cgiwrap and (2) php-cgiwrap packages before 3.9 in Debian GNU/ ...)
 	{DTSA-6-1}
 	- cgiwrap 3.9-3.1 (bug #316901; low)
 	[sarge] - cgiwrap <no-dsa> (Minor information disclosure, only debugging libs)
-CVE-2005-2550
+CVE-2005-2550 (Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows re ...)
 	{DSA-1016-1 DTSA-13-1}
 	- evolution 2.2.3-3 (high; bug #322535)
-CVE-2005-2549
+CVE-2005-2549 (Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6. ...)
 	{DSA-1016-1 DTSA-13-1}
 	- evolution 2.2.3-3 (high; bug #322535)
 CVE-2005-XXXX [libnet-ssleay-perl: /tmp/entropy insecure]
@@ -5846,31 +5846,31 @@ CVE-2005-XXXX [bugzilla: Maintainer's postinst script use temporary files in an
 	- bugzilla 2.18.3-2 (bug #321567; low)
 CVE-2005-XXXX [Crypto weakness in Tor's handshaking process]
 	- tor 0.1.0.14-1 (medium)
-CVE-2005-2457
+CVE-2005-2457 (The driver for compressed ISO file systems (zisofs) in the Linux kerne ...)
 	{DSA-1018-1 DSA-1017-1 DTSA-16-1}
 	- linux-2.6 2.6.12-3 (medium)
-CVE-2005-2456
+CVE-2005-2456 (Array index overflow in the xfrm_sk_policy_insert function in xfrm_use ...)
 	{DSA-922-1 DSA-921-1 DTSA-16-1}
 	- linux-2.6 2.6.12-2 (bug #321401; medium)
 	- kernel-source-2.4.27 2.4.27-11 (medium)
-CVE-2005-2455
+CVE-2005-2455 (Greasemonkey before 0.3.5 allows remote web servers to (1) read arbitr ...)
 	NOT-FOR-US: Greasemonkey
-CVE-2005-2454
+CVE-2005-2454 (IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure de ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2005-2453
+CVE-2005-2453 (Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server 1. ...)
 	NOT-FOR-US: NetworkActiv Web Server
-CVE-2005-2452
+CVE-2005-2452 (libtiff up to 3.7.0 allows remote attackers to cause a denial of servi ...)
 	NOTE: CVE description is broken, this only affects 3.6, it's been fixed in 3.7
 	- tiff 3.7.0-1
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2005-2451
+CVE-2005-2451 (Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled,  ...)
 	NOT-FOR-US: IOS
-CVE-2005-2450
+CVE-2005-2450 (Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file f ...)
 	{DSA-776-1 DTSA-3-1}
 	- clamav 0.86.2-1 (medium)
-CVE-2005-2449
+CVE-2005-2449 (Race condition in sandbox before 1.2.11 allows local users to create o ...)
 	NOT-FOR-US: sandbox
-CVE-2005-2448
+CVE-2005-2448 (Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow rem ...)
 	{DSA-1318-1 DSA-813-1 DTSA-2-1 DTSA-4-1}
 	- ekg 1:1.5+20050718+1.6rc3-1 (low)
 	- centericq 4.20.0-9 (bug #323185; medium)
@@ -5878,113 +5878,113 @@ CVE-2005-2447
 	REJECTED
 CVE-2005-2446
 	REJECTED
-CVE-2005-2445
+CVE-2005-2445 (SQL injection vulnerability in viewPrd.asp in Product Cart 2.6 allows  ...)
 	NOT-FOR-US: Product Cart
-CVE-2005-2444
+CVE-2005-2444 (Trillian Pro 3.1 build 121, when checking Yahoo e-mail, stores the pas ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2005-2443
+CVE-2005-2443 (Kshout 2.x and 3.x stores settings.dat under the web document root wit ...)
 	NOT-FOR-US: KShout
-CVE-2005-2442
+CVE-2005-2442 (Cross-Application Scripting (XAS) vulnerability in SPI Dynamics WebIns ...)
 	NOT-FOR-US: SPI Dynamics Web Inspect
-CVE-2005-2441
+CVE-2005-2441 (Multiple cross-site scripting (XSS) vulnerabilities in VBzoom allow re ...)
 	NOT-FOR-US: VBzoom
-CVE-2005-2440
+CVE-2005-2440 (SQL injection vulnerability in login.asp in Thomson Web Skill Vantage  ...)
 	NOT-FOR-US: Thomson Web Skill Vantage Manager
-CVE-2005-2439
+CVE-2005-2439 (SQL injection vulnerability in UseBB 0.5.1 and earlier, when magic_quo ...)
 	NOT-FOR-US: UseBB
-CVE-2005-2438
+CVE-2005-2438 (Cross-site scripting (XSS) vulnerability in UseBB 0.5.1 and earlier al ...)
 	NOT-FOR-US: UseBB
-CVE-2005-2436
+CVE-2005-2436 (browse.php in Website Baker Project allows remote attackers to obtain  ...)
 	NOT-FOR-US: Website Baker
-CVE-2005-2435
+CVE-2005-2435 (Cross-site scripting (XSS) vulnerability in browse.php in Website Bake ...)
 	NOT-FOR-US: Website Baker
-CVE-2005-2434
+CVE-2005-2434 (Linksys WRT54G router uses the same private key and certificate for ev ...)
 	NOT-FOR-US: Linksys hardware
-CVE-2005-2433
+CVE-2005-2433 (PhpList allows remote attackers to obtain sensitive information via a  ...)
 	NOT-FOR-US: PhpList
-CVE-2005-2432
+CVE-2005-2432 (SQL injection vulnerability in PhpList allows remote attackers to modi ...)
 	NOT-FOR-US: PhpList
-CVE-2005-2431
+CVE-2005-2431 (The (1) lost password and (2) account pending features in GForge 4.5 d ...)
 	- gforge 4.5.14-2 (bug #328224; unimportant)
 	NOTE: Direct flooding is possible as well in most circumstances.
 	NOTE: (Upstream fix was in gforge 4.5.0.1.)
-CVE-2005-2430
+CVE-2005-2430 (Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5 allo ...)
 	{DSA-1094-1}
 	- gforge 4.5.14-9 (bug #328224; medium)
-CVE-2005-2429
+CVE-2005-2429 (Firefox, when opening Microsoft Word documents, does not properly set  ...)
 	- mozilla-firefox <not-affected> (Only affects Firefox on Windows platforms)
-CVE-2005-2428
+CVE-2005-2428 (Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" en ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2005-2427
+CVE-2005-2427 (Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ al ...)
 	NOT-FOR-US: CartWIZ
-CVE-2005-2426
+CVE-2005-2426 (FTPshell Server 3.38 allows remote authenticated users to cause a deni ...)
 	NOT-FOR-US: FTPshell Server
-CVE-2005-2425
+CVE-2005-2425 (Stack-based buffer overflow in Ares FileShare 1.1 allows remote attack ...)
 	NOT-FOR-US: Ares FileShare
-CVE-2005-2424
+CVE-2005-2424 (The management interface for Siemens SANTIS 50 running firmware 4.2.8. ...)
 	NOT-FOR-US: Siemens hardware
-CVE-2005-2423
+CVE-2005-2423 (Beehive Forum allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Beehive
-CVE-2005-2422
+CVE-2005-2422 (Cross-site scripting (XSS) vulnerability in index.php in Beehive Forum ...)
 	NOT-FOR-US: Beehive
-CVE-2005-2421
+CVE-2005-2421 (Multiple SQL injection vulnerabilities in index.php and other pages in ...)
 	NOT-FOR-US: Beehive
-CVE-2005-2420
+CVE-2005-2420 (flsearch.pl in FtpLocate 2.02 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: FtpLocate
-CVE-2005-2419
+CVE-2005-2419 (B-FOCuS Router 312+ allows remote attackers to bypass authentication a ...)
 	NOT-FOR-US: hardware issue
 CVE-2005-2418
 	REJECTED
-CVE-2005-2417
+CVE-2005-2417 (Contrexx before 1.0.5 allows remote attackers to obtain sensitive info ...)
 	NOT-FOR-US: Contrexx
-CVE-2005-2416
+CVE-2005-2416 (Multiple cross-site scripting (XSS) vulnerabilities in Contrexx before ...)
 	NOT-FOR-US: Contrexx
-CVE-2005-2415
+CVE-2005-2415 (Multiple SQL injection vulnerabilities in Contrexx before 1.0.5 allow  ...)
 	NOT-FOR-US: Contrexx
-CVE-2005-2414
+CVE-2005-2414 (Race condition in the xpcom library, as used by web browsers such as F ...)
 	- firefox 1.5.dfsg-1 (unimportant)
 	- mozilla-firefox 1.5.dfsg-1 (bug #327549; unimportant)
 	- mozilla 1.5.dfsg-1 (bug #327550; unimportant)
 	- iceweasel <not-affected>
 	NOTE: The turned out to be non-exploitable
-CVE-2005-2413
+CVE-2005-2413 (PHP remote file inclusion vulnerability in apa_phpinclude.inc.php in A ...)
 	NOT-FOR-US: Atomic Photo Album
-CVE-2005-2412
+CVE-2005-2412 (PHP remote file inclusion vulnerability in block.php in PHP FirstPost  ...)
 	NOT-FOR-US: First Post
-CVE-2005-2411
+CVE-2005-2411 (Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and t ...)
 	{DSA-808-1}
 	- tdiary 2.0.2-1 (bug #319315; medium)
-CVE-2005-2410
+CVE-2005-2410 (Format string vulnerability in the nm_info_handler function in Network ...)
 	NOT-FOR-US: Network Manager
-CVE-2005-2409
+CVE-2005-2409 (Format string vulnerability in util.c in nbsmtp 0.99 and earlier, whil ...)
 	NOT-FOR-US: nbsmtp
 CVE-2005-2408
 	REJECTED
-CVE-2005-2407
+CVE-2005-2407 (A design error in Opera 8.01 and earlier allows user-assisted attacker ...)
 	NOT-FOR-US: Opera
-CVE-2005-2406
+CVE-2005-2406 (Opera 8.01 allows remote attackers to conduct cross-site scripting (XS ...)
 	NOT-FOR-US: Opera
-CVE-2005-2405
+CVE-2005-2405 (Opera 8.01, when the "Arial Unicode MS" font (ARIALUNI.TTF) is install ...)
 	NOT-FOR-US: Opera
-CVE-2005-2404
+CVE-2005-2404 (SQL injection vulnerability in sendcard.php in Sendcard 3.2.3 allows r ...)
 	NOT-FOR-US: Sendcard
-CVE-2005-2403
+CVE-2005-2403 (The login protocol in RealChat 3.5.1b does not use authentication, whi ...)
 	NOT-FOR-US: RealChat
-CVE-2005-2402
+CVE-2005-2402 (Cross-site scripting (XSS) vulnerability in search.php in PHPSiteSearc ...)
 	NOT-FOR-US: PHPSiteSearch
-CVE-2005-2401
+CVE-2005-2401 (PHP-Fusion allows remote attackers to inject arbitrary Cascading Style ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-2400
+CVE-2005-2400 (The inc.login.php scripts in PHPFinance 0.3 allows remote attackers to ...)
 	NOT-FOR-US: PHPFinance
-CVE-2005-2399
+CVE-2005-2399 (PHP Surveyor 0.98 allows remote attackers to trigger SQL errors via mi ...)
 	NOT-FOR-US: PHP Surveyor
-CVE-2005-2398
+CVE-2005-2398 (Multiple SQL injection vulnerabilities in PHP Surveyor 0.98 allows rem ...)
 	NOT-FOR-US: PHP Surveyor
-CVE-2005-2397
+CVE-2005-2397 (Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1 ...)
 	NOT-FOR-US: phpBook
-CVE-2005-2396
+CVE-2005-2396 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.4.6 and earlie ...)
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2005-2395
+CVE-2005-2395 (Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the ...)
 	- firefox <removed> (bug #320539; unimportant)
 	- iceweasel <removed> (bug #320539; unimportant)
 	- mozilla-firefox 1.4.99+1.5rc3.dfsg-2 (bug #320539; unimportant)
@@ -5992,62 +5992,62 @@ CVE-2005-2395
 	NOTE: Firefox and Mozilla follow RFC behaviour. This is more a lack of security
 	NOTE: feature (client-side preference for stronger methods) and not a vulnerabilit
 	NOTE: This also seems like a rare setup.
-CVE-2005-2394
+CVE-2005-2394 (show_news.php in CuteNews 1.3.6 allows remote attackers to obtain the  ...)
 	NOT-FOR-US: CuteNews
-CVE-2005-2393
+CVE-2005-2393 (Cross-site scripting (XSS) vulnerability in CuteNews 1.3.6 allows remo ...)
 	NOT-FOR-US: CuteNews
-CVE-2005-2392
+CVE-2005-2392 (Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 ...)
 	NOT-FOR-US: CMSimple
-CVE-2005-2391
+CVE-2005-2391 (Unknown vulnerability in 3Com OfficeConnect Wireless 11g Access Point  ...)
 	NOT-FOR-US: 3Com OfficeConnect Wireless 11g AP
-CVE-2005-2390
+CVE-2005-2390 (Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allo ...)
 	{DSA-795-2}
 	- proftpd 1.2.10-20 (low)
 	NOTE: ftpshut fixed in -19, SQLShowInfo in -20
-CVE-2005-2389
+CVE-2005-2389 (NDMP server in Veritas NetBackup 5.1 allows attackers to cause a denia ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2005-2388
+CVE-2005-2388 (Buffer overflow in a certain USB driver, as used on Microsoft Windows, ...)
 	NOT-FOR-US: some windows USB driver
-CVE-2005-2387
+CVE-2005-2387 (Multiple stack-based buffer overflows in GoodTech SMTP server 5.16 all ...)
 	NOT-FOR-US: GoodTech SMTP server
-CVE-2005-2386
+CVE-2005-2386 (Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ 1. ...)
 	NOT-FOR-US: CartWIZ
-CVE-2005-2385
+CVE-2005-2385 (Buffer overflow in a third-party compression library (UNACEV2.DLL), as ...)
 	NOT-FOR-US: UNACEV2.DLL
-CVE-2005-2384
+CVE-2005-2384 (Directory traversal vulnerability in a third-party compression library ...)
 	NOT-FOR-US: UNACEV2.DLL
-CVE-2005-2383
+CVE-2005-2383 (SQL injection vulnerability in auth.php in PHPNews 1.2.5 allows remote ...)
 	NOT-FOR-US: PHPNews
-CVE-2005-2382
+CVE-2005-2382 (Oray PeanutHull 3.0.1.0 and earlier does not properly drop SYSTEM priv ...)
 	NOT-FOR-US: Oray PeanutHull
-CVE-2005-2381
+CVE-2005-2381 (PHP Surveyor 0.98 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: PHP Surveyor
-CVE-2005-2380
+CVE-2005-2380 (Multiple cross-site scripting vulnerabilities in PHP Surveyor 0.98 all ...)
 	NOT-FOR-US: PHP Surveyor
-CVE-2005-2379
+CVE-2005-2379 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle Reports  ...)
 	NOT-FOR-US: Oracle Reports
-CVE-2005-2378
+CVE-2005-2378 (Directory traversal vulnerability in Oracle Reports allows remote atta ...)
 	NOT-FOR-US: Oracle Reports
-CVE-2005-2377
+CVE-2005-2377 (nss_ldap 181 to versions before 213, as used in Mandrake Corporate Ser ...)
 	- libnss-ldap <not-affected> (Mandrake specfic vulnerability)
-CVE-2005-2376
+CVE-2005-2376 (Buffer overflow in Race Driver 1.20 and earlier allows remote attacker ...)
 	NOT-FOR-US: Race Driver
-CVE-2005-2375
+CVE-2005-2375 (Format string vulnerability in Race Driver 1.20 and earlier allows rem ...)
 	NOT-FOR-US: Race Driver
-CVE-2005-2374
+CVE-2005-2374 (Belkin 54g wireless routers do not properly set an administrative pass ...)
 	NOT-FOR-US: Belkin 54g wireless routers
-CVE-2005-2373
+CVE-2005-2373 (Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated  ...)
 	NOT-FOR-US: SlimFTPd
-CVE-2005-2372
+CVE-2005-2372 (Oracle Forms 4.5 through 10g starts form executables from arbitrary di ...)
 	NOT-FOR-US: Oracle Forms
-CVE-2005-2371
+CVE-2005-2371 (Directory traversal vulnerability in Oracle Reports 6.0, 6i, 9i, and 1 ...)
 	NOT-FOR-US: Oracle Reports
-CVE-2005-2370
+CVE-2005-2370 (Multiple "memory alignment errors" in libgadu, as used in ekg before 1 ...)
 	{DSA-1318-1 DSA-813-1 DSA-769-1 DTSA-2-1 DTSA-5-1}
 	- gaim 1:1.4.0-5 (low)
 	- centericq 4.20.0-9 (bug #323185; low)
 	- ekg 1:1.5+20050712+1.6rc2-1 (low)
-CVE-2005-2369
+CVE-2005-2369 (Multiple integer signedness errors in libgadu, as used in ekg before 1 ...)
 	{DSA-813-1 DTSA-2-1}
 	- centericq 4.20.0-9 (bug #323185; medium)
 	- gaim 1:1.5.0-1 (bug #350071; medium)
@@ -6056,193 +6056,193 @@ CVE-2005-2369
 	- ekg 1:1.5+20050712+1.6rc2-1 (medium)
 	[sarge] - ekg <not-affected>
 	NOTE: The fixes from centericq for integer overflows are all present in ekg from stable
-CVE-2005-2368
+CVE-2005-2368 (vim 6.3 before 6.3.082, with modelines enabled, allows external user-a ...)
 	{DTSA-12-1}
 	- vim 1:6.3-085+1 (bug #320017; medium)
 	[sarge] - vim 1:6.3-071+1sarge1
 	NOTE: For some reason this was fixed through an upload to s-p-u, not stable-security
-CVE-2005-2367
+CVE-2005-2367 (Format string vulnerability in the proto_item_set_text function in Eth ...)
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; bug #320192; medium)
-CVE-2005-2366
+CVE-2005-2366 (Unknown vulnerability in the BER dissector in Ethereal 0.10.11 allows  ...)
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
-CVE-2005-2365
+CVE-2005-2365 (Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through 0 ...)
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
-CVE-2005-2364
+CVE-2005-2364 (Unknown vulnerability in the (1) GIOP dissector, (2) WBXML, or (3) CAM ...)
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
-CVE-2005-2363
+CVE-2005-2363 (Unknown vulnerability in the (1) SMPP dissector, (2) 802.3 dissector,  ...)
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
-CVE-2005-2362
+CVE-2005-2362 (Unknown vulnerability several dissectors in Ethereal 0.9.0 through 0.1 ...)
 	- ethereal 0.10.12-1 (bug #320183; low)
 	NOTE: This affects partially Woody and Sarge
-CVE-2005-2361
+CVE-2005-2361 (Unknown vulnerability in the (1) AgentX dissector, (2) PER dissector,  ...)
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
-CVE-2005-2360
+CVE-2005-2360 (Unknown vulnerability in the LDAP dissector in Ethereal 0.8.5 through  ...)
 	{DSA-853-1}
 	- ethereal 0.10.12-1 (bug #320183; low)
-CVE-2005-2359
+CVE-2005-2359 (The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used  ...)
 	- kfreebsd-5 5.3-1 (medium)
-CVE-2005-2358
+CVE-2005-2358 (EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to list arbit ...)
 	NOT-FOR-US: EMC Navisphere Manager
-CVE-2005-2357
+CVE-2005-2357 (Directory traversal vulnerability in EMC Navisphere Manager 6.4.1.0.0  ...)
 	NOT-FOR-US: EMC Navisphere Manager
 CVE-2005-2355
 	REJECTED
 CVE-2005-2347
 	RESERVED
-CVE-2005-2346
+CVE-2005-2346 (Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers ...)
 	NOT-FOR-US: Novell
 CVE-2005-2345
 	REJECTED
-CVE-2005-2344
+CVE-2005-2344 (The BlackBerry Attachment Service in Research in Motion (RIM) BlackBer ...)
 	NOT-FOR-US: Research in Motion
-CVE-2005-2343
+CVE-2005-2343 (Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerr ...)
 	NOT-FOR-US: Research in Motion
-CVE-2005-2342
+CVE-2005-2342 (Research in Motion (RIM) BlackBerry Router allows remote attackers to  ...)
 	NOT-FOR-US: Research in Motion
-CVE-2005-2341
+CVE-2005-2341 (Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Atta ...)
 	NOT-FOR-US: Research in Motion
-CVE-2005-2340
+CVE-2005-2340 (Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remo ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2005-2339
+CVE-2005-2339 (Cross-site scripting (XSS) vulnerability in the Unicode version of mse ...)
 	NOT-FOR-US: unicode msearch
-CVE-2005-2338
+CVE-2005-2338 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.12 JP ...)
 	NOT-FOR-US: Xoops
-CVE-2005-2337
+CVE-2005-2337 (Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to ...)
 	{DSA-864-1 DSA-862-1 DSA-860-1}
 	- ruby <removed>
 	- ruby1.6 1.6.8-13 (medium)
 	- ruby1.8 1.8.3-1 (bug #332742; medium)
 	- ruby1.9 1.9.0+20050921-1 (medium)
-CVE-2005-2336
+CVE-2005-2336 (Cross-site scripting (XSS) vulnerability in Hiki 0.8.0 to 0.8.2 allows ...)
 	[sarge] - hiki <not-affected> (code not present in sarge)
 	- hiki 0.8.2-1
-CVE-2005-2334
+CVE-2005-2334 (Y.SAK allows remote attackers to execute arbitrary commands via shell  ...)
 	NOT-FOR-US: Y.SAK
-CVE-2005-2333
+CVE-2005-2333 (Cross-site scripting (XSS) vulnerability in smilies_popup.php in SEO-B ...)
 	NOT-FOR-US: smilies_popup.php
-CVE-2005-2332
+CVE-2005-2332 (Cross-site scripting (XSS) vulnerability in PHPPageProtect 1.0.0a allo ...)
 	NOT-FOR-US: PHPPageProtect
-CVE-2005-2331
+CVE-2005-2331 (PHP remote file inclusion vulnerability in display.php in MooseGallery ...)
 	NOT-FOR-US: MooseGallery
-CVE-2005-2330
+CVE-2005-2330 (Directory traversal vulnerability in extras/update.php in osCommerce 2 ...)
 	NOT-FOR-US: osCommerce
-CVE-2005-2329
+CVE-2005-2329 (MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S 3.5.0, wh ...)
 	NOT-FOR-US: MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S
-CVE-2005-2328
+CVE-2005-2328 (PHP remote file inclusion vulnerability in im.php in Laffer 0.3.2.6 an ...)
 	NOT-FOR-US: Laffer
-CVE-2005-2327
+CVE-2005-2327 (Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier all ...)
 	NOT-FOR-US: e107
-CVE-2005-2326
+CVE-2005-2326 (Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a a ...)
 	NOT-FOR-US: Clever Copy
-CVE-2005-2325
+CVE-2005-2325 (Clever Copy 2.0 and 2.0a allows remote attackers to obtain the full pa ...)
 	NOT-FOR-US: Clever Copy
-CVE-2005-2324
+CVE-2005-2324 (Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a a ...)
 	NOT-FOR-US: Clever Copy
-CVE-2005-2323
+CVE-2005-2323 (Multiple SQL injection vulnerabilities in Class-1 Forum 0.24.4 and 0.2 ...)
 	NOT-FOR-US: Class-1 Forum
-CVE-2005-2322
+CVE-2005-2322 (Cross-site scripting (XSS) vulnerability in Class-1 Forum 0.24.4 and 0 ...)
 	NOT-FOR-US: Class-1 Forum
-CVE-2005-2321
+CVE-2005-2321 (PHP remote file inclusion vulnerability in CaLogic 1.2.2 allows remote ...)
 	NOT-FOR-US: CaLogic
-CVE-2005-2319
+CVE-2005-2319 (PHP remote file include vulnerability in Yawp library 1.0.6 and earlie ...)
 	NOT-FOR-US: Yawp
-CVE-2005-2318
+CVE-2005-2318 (Cross-site scripting (XSS) vulnerability in showerr.asp in DVBBS 7.1 S ...)
 	NOT-FOR-US: DVBBS
-CVE-2005-2317
+CVE-2005-2317 (Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0 ...)
 	{DSA-849-1}
 	- shorewall 2.4.1-2 (bug #318946; medium)
-CVE-2005-2316
+CVE-2005-2316 (Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers  ...)
 	NOT-FOR-US: dnrd
-CVE-2005-2315
+CVE-2005-2315 (Buffer overflow in Domain Name Relay Daemon (DNRD) before 2.19.1 allow ...)
 	NOT-FOR-US: dnrd
-CVE-2005-2314
+CVE-2005-2314 (inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to o ...)
 	NOT-FOR-US: PHPsFTPd
-CVE-2005-2313
+CVE-2005-2313 (Check Point SecuRemote NG with Application Intelligence R54 allows att ...)
 	NOT-FOR-US: Check Point SecuRemote NG with Application Intelligence
-CVE-2005-2312
+CVE-2005-2312 (management.php in Realnode Emilda 1.2.2 and earlier allows remote atta ...)
 	NOT-FOR-US: Realnode Emilda
-CVE-2005-2311
+CVE-2005-2311 (SMS 1.9.2m and earlier allows local users to overwrite arbitrary files ...)
 	- sms-pl 2.1.0-1 (bug #320540; unimportant)
 	NOTE: vulnerable contrib file only in source package
-CVE-2005-2310
+CVE-2005-2310 (Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions be ...)
 	NOT-FOR-US: Winamp
-CVE-2005-2309
+CVE-2005-2309 (Opera 8.01 allows remote attackers to cause a denial of service (CPU c ...)
 	NOT-FOR-US: Opera
-CVE-2005-2308
+CVE-2005-2308 (The JPEG decoder in Microsoft Internet Explorer allows remote attacker ...)
 	NOT-FOR-US: MSIE
-CVE-2005-2307
+CVE-2005-2307 (netman.dll in Microsoft Windows Connections Manager Library allows loc ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-2306
+CVE-2005-2306 (Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when ...)
 	NOT-FOR-US: Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0
-CVE-2005-2305
+CVE-2005-2305 (DG Remote Control Server 1.6.2 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: DG Remote Control Server
-CVE-2005-2304
+CVE-2005-2304 (Microsoft MSN Messenger 9.0 and Internet Explorer 6.0 allows remote at ...)
 	NOT-FOR-US: Microsoft
 CVE-2005-2303
 	REJECTED
-CVE-2005-2302
+CVE-2005-2302 (PowerDNS before 2.9.18, when allowing recursion to a restricted range  ...)
 	{DSA-771-1}
 	- pdns 2.9.18-1 (medium; bug #318798)
-CVE-2005-2301
+CVE-2005-2301 (PowerDNS before 2.9.18, when running with an LDAP backend, does not pr ...)
 	{DSA-771-1}
 	- pdns 2.9.18-1 (medium; bug #318798)
-CVE-2005-2300
+CVE-2005-2300 (Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary f ...)
 	NOT-FOR-US: Skype
-CVE-2005-2299
+CVE-2005-2299 (Multiple cross-site scripting (XSS) vulnerabilities in Simple Message  ...)
 	NOT-FOR-US: Simple Message Board
-CVE-2005-2298
+CVE-2005-2298 (BitDefender Engine 1.6.1 and earlier does not properly scan all attach ...)
 	NOT-FOR-US: BitDefender can be used by AMaViS but is not shipped in Debian
-CVE-2005-2297
+CVE-2005-2297 (Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5  ...)
 	NOT-FOR-US: Sybase EAServer
-CVE-2005-2296
+CVE-2005-2296 (YabbSE 1.5.5c allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: YabbSE
-CVE-2005-2295
+CVE-2005-2295 (NetPanzer 0.8 and earlier allows remote attackers to cause a denial of ...)
 	- netpanzer 0.8+svn20060319-1 (bug #318329; low)
 	[sarge] - netpanzer <no-dsa> (Minor DoS against a game)
-CVE-2005-2294
+CVE-2005-2294 (Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of reco ...)
 	NOT-FOR-US: Oracle
-CVE-2005-2293
+CVE-2005-2293 (Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a ...)
 	NOT-FOR-US: Oracle
-CVE-2005-2292
+CVE-2005-2292 (Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-2291
+CVE-2005-2291 (Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext passwo ...)
 	NOT-FOR-US: Oracle
-CVE-2005-2290
+CVE-2005-2290 (wps_shop.cgi in WPS Web Portal System 0.7.0 allows remote attackers to ...)
 	NOT-FOR-US: WPS
-CVE-2005-2289
+CVE-2005-2289 (PHPCounter 7.2 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: PHPCounter
-CVE-2005-2288
+CVE-2005-2288 (Cross-site scripting (XSS) vulnerability in PHPCounter 7.2 allows remo ...)
 	NOT-FOR-US: PHPCounter
-CVE-2005-2287
+CVE-2005-2287 (SoftiaCom wMailServer 1.0 and 2.0 allows remote attackers to cause a d ...)
 	NOT-FOR-US: SoftiaCom wMailServer
-CVE-2005-2286
+CVE-2005-2286 (WebEOC before 6.0.2 does not properly check user authorization, which  ...)
 	NOT-FOR-US: WebEOC
-CVE-2005-2285
+CVE-2005-2285 (WebEOC before 6.0.2 stores sensitive information in locations such as  ...)
 	NOT-FOR-US: WebEOC
-CVE-2005-2284
+CVE-2005-2284 (Multiple SQL injection vulnerabilities in WebEOC before 6.0.2 allow re ...)
 	NOT-FOR-US: WebEOC
-CVE-2005-2283
+CVE-2005-2283 (WebEOC before 6.0.2 does not properly restrict the size of an uploaded ...)
 	NOT-FOR-US: WebEOC
-CVE-2005-2282
+CVE-2005-2282 (Multiple cross-site scripting (XSS) vulnerabilities in WebEOC before 6 ...)
 	NOT-FOR-US: WebEOC
-CVE-2005-2281
+CVE-2005-2281 (WebEOC before 6.0.2 uses a weak encryption scheme for passwords, which ...)
 	NOT-FOR-US: WebEOC
-CVE-2005-2280
+CVE-2005-2280 (Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Cisco
-CVE-2005-2279
+CVE-2005-2279 (Cisco ONS 15216 Optical Add/Drop Multiplexer (OADM) running firmware 2 ...)
 	NOT-FOR-US: Cisco
-CVE-2005-2278
+CVE-2005-2278 (Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable P ...)
 	NOT-FOR-US: MailEnable
-CVE-2005-2277
+CVE-2005-2277 (Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows rem ...)
 	{DSA-762-1}
 	- affix 2.1.2-2 (bug #318328; medium)
-CVE-2005-2276
+CVE-2005-2276 (Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess ...)
 	NOT-FOR-US: Novell Groupwise WebAccess
 CVE-2005-XXXX [SQL injecton vulnerabilities in vpopmail prior to 5.4.6]
 	NOTE: see http://archives.neohapsis.com/archives/bugtraq/2004-08/0286.html
@@ -6256,264 +6256,264 @@ CVE-2005-XXXX [xgalaga score file segfault]
 CVE-2005-XXXX [xemeraldia games file overwrite]
 	- xemeraldia 0.4-1 (bug #319661; low)
 	[sarge] - xemeraldia <no-dsa> (Very minor issue)
-CVE-2005-2335
+CVE-2005-2335 (Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows  ...)
 	{DSA-774-1}
 	NOTE: previous fix in -15 was broken
 	- fetchmail 6.2.5-16 (bug #320357; bug #212762; medium)
-CVE-2005-2320
+CVE-2005-2320 (WebCalendar before 1.0.0 does not properly restrict access to assistan ...)
 	{DSA-766-1}
 	- webcalendar 0.9.45-7 (bug #315671; medium)
-CVE-2005-2437
+CVE-2005-2437 (Website Baker Project does not properly verify the file extensions of  ...)
 	NOT-FOR-US: Website Baker
 CVE-2005-2275
 	RESERVED
-CVE-2005-2274
+CVE-2005-2274 (Microsoft Internet Explorer 6.0 does not clearly associate a Javascrip ...)
 	NOT-FOR-US: MSIE
-CVE-2005-2273
+CVE-2005-2273 (Opera 7.x and 8 before 8.01 does not clearly associate a Javascript di ...)
 	NOT-FOR-US: Opera
-CVE-2005-2272
+CVE-2005-2272 (Safari version 2.0 (412) does not clearly associate a Javascript dialo ...)
 	NOT-FOR-US: Sfari
-CVE-2005-2271
+CVE-2005-2271 (iCab 2.9.8 does not clearly associate a Javascript dialog box with the ...)
 	NOT-FOR-US: iCab
-CVE-2005-2270
+CVE-2005-2270 (Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone  ...)
 	{DSA-810-1 DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (high)
 	- mozilla 2:1.7.9-1 (bug #318062; bug #325851; high)
 	- mozilla-thunderbird 1.0.6-1 (high)
-CVE-2005-2269
+CVE-2005-2269 (Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does no ...)
 	{DSA-810-1 DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (high)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
 	- mozilla-thunderbird 1.0.6-1 (medium; bug #318728)
-CVE-2005-2268
+CVE-2005-2268 (Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly associa ...)
 	{DSA-810-1 DSA-779-2 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (medium)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
-CVE-2005-2267
+CVE-2005-2267 (Firefox before 1.0.5 allows remote attackers to steal information and  ...)
 	{DSA-779-2 DSA-779-1 DTSA-8-2}
 	- mozilla-firefox 1.0.4-2sarge3 (medium)
-CVE-2005-2266
+CVE-2005-2266 (Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to  ...)
 	{DSA-810-1 DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (medium)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
 	- mozilla-thunderbird 1.0.6-1 (low; bug #318728)
-CVE-2005-2265
+CVE-2005-2265 (Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 ...)
 	{DSA-810-1 DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (high)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
 	- mozilla-thunderbird 1.0.6-1 (medium; bug #318728)
-CVE-2005-2264
+CVE-2005-2264 (Firefox before 1.0.5 allows remote attackers to steal sensitive inform ...)
 	{DSA-779-2 DSA-779-1 DTSA-8-2}
 	- mozilla-firefox 1.0.4-2sarge3 (medium)
-CVE-2005-2263
+CVE-2005-2263 (The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla  ...)
 	{DSA-810-1 DSA-779-2 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (medium)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
-CVE-2005-2262
+CVE-2005-2262 (Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers t ...)
 	{DSA-779-2 DSA-779-1 DTSA-8-2}
 	- mozilla-firefox 1.0.4-2sarge3 (medium)
-CVE-2005-2261
+CVE-2005-2261 (Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before 1.7.9,  ...)
 	{DSA-810-1 DSA-779-2 DSA-781-1 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (medium)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
 	- mozilla-thunderbird 1.0.6-1 (medium; bug #318728)
-CVE-2005-2260
+CVE-2005-2260 (The browser user interface in Firefox before 1.0.5, Mozilla before 1.7 ...)
 	{DSA-810-1 DSA-779-2 DSA-779-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.5-1 (medium)
 	- mozilla 2:1.7.9-1 (medium; bug #318062)
-CVE-2005-2259
+CVE-2005-2259 (The dispallclosed2 function in dispallclosed.pl for multiple USANet Cr ...)
 	NOT-FOR-US: USANet
-CVE-2005-2258
+CVE-2005-2258 (PHP remote file inclusion vulnerability in photolist.inc.php in Squito ...)
 	NOT-FOR-US: Squito Gallery
-CVE-2005-2257
+CVE-2005-2257 (The saveProfile function in PhpSlash 0.8.0 allows remote attackers to  ...)
 	NOT-FOR-US: PhpSlash
-CVE-2005-2256
+CVE-2005-2256 (Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 a ...)
 	{DSA-759-1}
 	- phppgadmin 3.5.4-1 (bug #318284; medium)
-CVE-2005-2255
+CVE-2005-2255 (Directory traversal vulnerability in PhpAuction 2.5 allows remote atta ...)
 	NOT-FOR-US: PhpAuction
-CVE-2005-2254
+CVE-2005-2254 (Multiple cross-site scripting (XSS) vulnerabilities in PhpAuction 2.5  ...)
 	NOT-FOR-US: PhpAuction
-CVE-2005-2253
+CVE-2005-2253 (SQL injection vulnerability in PhpAuction 2.5 allow remote attackers t ...)
 	NOT-FOR-US: PhpAuction
-CVE-2005-2252
+CVE-2005-2252 (PhpAuction 2.5 allows remote attackers to bypass authentication and ga ...)
 	NOT-FOR-US: PhpAuction
-CVE-2005-2251
+CVE-2005-2251 (PHP remote file inclusion vulnerability in secure.php in PHPSecurePage ...)
 	NOT-FOR-US: PHPSecurePages (phpSP)
-CVE-2005-2250
+CVE-2005-2250 (Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 a ...)
 	{DSA-762-1}
 	- affix 2.1.2-2 (bug #318327; medium)
-CVE-2005-2249
+CVE-2005-2249 (Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown impact  ...)
 	NOT-FOR-US: Jinzora
-CVE-2005-2248
+CVE-2005-2248 (Directory traversal vulnerability in DownloadProtect before 1.0.3 allo ...)
 	NOT-FOR-US: DownloadProtect
-CVE-2005-2247
+CVE-2005-2247 (Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown i ...)
 	NOTE: no details available
 	- moodle 1.5.1-1
-CVE-2005-2246
+CVE-2005-2246 (Multiple PHP remote file inclusion vulnerabilities in iPhotoAlbum 1.1  ...)
 	NOT-FOR-US: iPhotoAlbum
-CVE-2005-2245
+CVE-2005-2245 (Unknown vulnerability in F5 BIG-IP 9.0.2 through 9.1 allows attackers  ...)
 	NOT-FOR-US: BIG-IP
-CVE-2005-2244
+CVE-2005-2244 (The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and ear ...)
 	NOT-FOR-US: Cisco
-CVE-2005-2243
+CVE-2005-2243 (Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier ...)
 	NOT-FOR-US: Cisco
-CVE-2005-2242
+CVE-2005-2242 (Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before ...)
 	NOT-FOR-US: Cisco
-CVE-2005-2241
+CVE-2005-2241 (Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before ...)
 	NOT-FOR-US: Cisco
-CVE-2005-2240
+CVE-2005-2240 (xpvm.tcl in xpvm 1.2.5 allows local users to overwrite arbitrary files ...)
 	{DSA-1003-1}
 	- xpvm 1.2.5-8 (bug #318285; medium)
-CVE-2005-2239
+CVE-2005-2239 (oftpd 0.3.7 allows remote attackers to cause a denial of service via a ...)
 	- oftpd 20040304-1 (bug #318286; medium)
 	NOTE: This was fixed in the patch set maintained by Werner Koch, it's included
-CVE-2005-2238
+CVE-2005-2238 (ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated users to  ...)
 	NOT-FOR-US: AIX
-CVE-2005-2237
+CVE-2005-2237 (Format string vulnerability in the swcons command in IBM AIX 5.3, and  ...)
 	NOT-FOR-US: AIX
-CVE-2005-2236
+CVE-2005-2236 (Format string vulnerability in the paginit command in IBM AIX 5.3, and ...)
 	NOT-FOR-US: AIX
-CVE-2005-2235
+CVE-2005-2235 (Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and  ...)
 	NOT-FOR-US: AIX
-CVE-2005-2234
+CVE-2005-2234 (Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3,  ...)
 	NOT-FOR-US: AIX
-CVE-2005-2233
+CVE-2005-2233 (Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 m ...)
 	NOT-FOR-US: AIX
-CVE-2005-2232
+CVE-2005-2232 (Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow ...)
 	NOT-FOR-US: AIX
-CVE-2005-2231
+CVE-2005-2231 (High Availability Linux Project Heartbeat 1.2.3 allows local users to  ...)
 	{DSA-761-2}
 	- heartbeat 1.2.3-12 (bug #318287; medium)
-CVE-2005-2230
+CVE-2005-2230 (Electronic Mail Operator (elmo) 1.3.2-r1 and earlier creates the elmos ...)
 	- elmo 1.3.0-1.1 (bug #318291; low)
 	[sarge] - elmo <no-dsa> (Minor issue)
-CVE-2005-2229
+CVE-2005-2229 (Blog Torrent 0.92 and earlier stores sensitive files under the web doc ...)
 	NOT-FOR-US: Blog Torrent
-CVE-2005-2228
+CVE-2005-2228 (Web Wiz Forums 7.9 and 8.0 allows remote attackers to view message tit ...)
 	NOT-FOR-US: Web Wiz Forums
-CVE-2005-2227
+CVE-2005-2227 (Softiacom wMailserver 1.0 stores passwords in plaintext in the Darsite ...)
 	NOT-FOR-US: Softiacom wMailserver
-CVE-2005-2226
+CVE-2005-2226 (Microsoft Outlook Express 6.0 leaks the default news server account wh ...)
 	NOT-FOR-US: Outlook
-CVE-2005-2225
+CVE-2005-2225 (Microsoft MSN Messenger allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-2224
+CVE-2005-2224 (aspnet_wp.exe in Microsoft ASP.NET web services allows remote attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-2223
+CVE-2005-2223 (Unknown vulnerability in the SMTP service in MailEnable Standard befor ...)
 	NOT-FOR-US: MailEnable
-CVE-2005-2222
+CVE-2005-2222 (Unknown vulnerability in the HTTPMail service in MailEnable Profession ...)
 	NOT-FOR-US: MailEnable
 CVE-2005-2221
 	NOT-FOR-US: Dragonfly
 CVE-2005-2220
 	NOT-FOR-US: Dragonfly
-CVE-2005-2219
+CVE-2005-2219 (Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2005-2218
+CVE-2005-2218 (The device file system (devfs) in FreeBSD 5.x does not properly check  ...)
 	- kfreebsd5-source 5.3-17 (medium)
-CVE-2005-2217
+CVE-2005-2217 (Dansie Shopping Cart stores the vars.dat file under the web root with  ...)
 	NOT-FOR-US: Dansie Shopping Cart
-CVE-2005-2216
+CVE-2005-2216 (PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo  ...)
 	NOT-FOR-US: PhotoGal
-CVE-2005-2215
+CVE-2005-2215 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x bef ...)
 	- mediawiki 1.4.9
-CVE-2005-2214
+CVE-2005-2214 (apt-setup in Debian GNU/Linux installs the apt.conf file with insecure ...)
 	- apt-setup <unfixed> (bug #305142; unimportant)
 	NOTE: That's by design. We want to provide non-root users access to the source code,
 	NOTE: thus it needs to be world-readable. Also, the password can't be too sensitive
 	NOTE: as it'll be sent non-encrypted over the wire.
-CVE-2005-2213
+CVE-2005-2213 (Buffer overflow in the mms_interp_header function in mms.c in MMS Ripp ...)
 	NOT-FOR-US: MMS Ripper
-CVE-2005-2212
+CVE-2005-2212 (Backup Manager 0.5.8a creates an archive repository with world readabl ...)
 	NOTE: duplicate of CVE-2005-1856
 	NOTE: Mitre contacted - micah April 20, 2006
 	NOTE: Mitre re-contacted - micah June 5, 2006
-CVE-2005-2211
+CVE-2005-2211 (Backup Manager 0.5.8a creates temporary files insecurely, which allows ...)
 	NOTE: duplicate of CVE-2005-1855
 	NOTE: Mitre contacted - micah April 20, 2006
 	NOTE: Mitre re-contacted - micah June 5, 2006
-CVE-2005-2210
+CVE-2005-2210 (Stack-based buffer overflow in Internet Download Manager 4.05 allows r ...)
 	NOT-FOR-US: Internet Download Manager
-CVE-2005-2209
+CVE-2005-2209 (Capturix ScanShare 1.06 build 50 stores sensitive information such as  ...)
 	NOT-FOR-US: ScanShare
-CVE-2005-2208
+CVE-2005-2208 (PrivaShare 1.1b allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: PrivaShare
-CVE-2005-2207
+CVE-2005-2207 (Cross-site scripting (XSS) vulnerability in store/login.asp in CartWIZ ...)
 	NOT-FOR-US: CartWIZ
-CVE-2005-2206
+CVE-2005-2206 (Multiple SQL injection vulnerabilities in CartWIZ allow remote attacke ...)
 	NOT-FOR-US: CartWIZ
-CVE-2005-2205
+CVE-2005-2205 (The ReadLog function in kaiseki.cgi in pngren allows remote attackers  ...)
 	NOT-FOR-US: kaiseki.cgi
-CVE-2005-2204
+CVE-2005-2204 (Cross-site scripting (XSS) vulnerability in Computer Associates (CA) e ...)
 	NOT-FOR-US: SiteMinder
-CVE-2005-2203
+CVE-2005-2203 (login.php in phpWishlist before 0.1.15 allows remote attackers to bypa ...)
 	NOT-FOR-US: phpWishlist
-CVE-2005-2202
+CVE-2005-2202 (Cross-site scripting (XSS) vulnerability in the MicroServer Web Server ...)
 	NOT-FOR-US: Xerox Hardware issue
-CVE-2005-2201
+CVE-2005-2201 (Unknown vulnerability in the MicroServer Web Server for Xerox WorkCent ...)
 	NOT-FOR-US: Xerox hardware
-CVE-2005-2200
+CVE-2005-2200 (Multiple unknown vulnerabilities in the MicroServer Web Server for Xer ...)
 	NOT-FOR-US: Xerox hardware
-CVE-2005-2199
+CVE-2005-2199 (PHP remote file inclusion vulnerability in inc/functions.inc.php in PP ...)
 	NOT-FOR-US: PPA web photo gallery
-CVE-2005-2198
+CVE-2005-2198 (PHP remote file inclusion vulnerability in lang.php in SPiD before 1.3 ...)
 	NOT-FOR-US: SPiD
-CVE-2005-2197
+CVE-2005-2197 (SQL injection vulnerability in sql.cls.php in Id Board 1.1.3 allows re ...)
 	NOT-FOR-US: Id Board
-CVE-2005-2196
+CVE-2005-2196 (The Apple AirPort card uses a default WEP key when not connected to a  ...)
 	NOT-FOR-US: Apple Airport
-CVE-2005-2195
+CVE-2005-2195 (Apple Darwin Streaming Server 5.5 and earlier allows remote attackers  ...)
 	NOT-FOR-US: Apple Darwin Streaming Server
-CVE-2005-2194
+CVE-2005-2194 (Unspecified vulnerability in the Apple Mac OS X kernel before 10.4.2 a ...)
 	NOT-FOR-US: Apple
-CVE-2005-2193
+CVE-2005-2193 (SQL injection vulnerability in the user profile edit module in profile ...)
 	NOT-FOR-US: PunBB
-CVE-2005-2192
+CVE-2005-2192 (SimplePHPBlog 0.4.0 stores password hashes in config/password.txt with ...)
 	NOT-FOR-US: SimplePHPBlog
-CVE-2005-2191
+CVE-2005-2191 (Multiple cross-site scripting (XSS) vulnerabilities in Comersus shoppi ...)
 	NOT-FOR-US: Comersus
-CVE-2005-2190
+CVE-2005-2190 (Multiple SQL injection vulnerabilities in Comersus shopping cart allow ...)
 	NOT-FOR-US: Comersus
-CVE-2005-2189
+CVE-2005-2189 (Lantronix SecureLinx console server running firmware 2.0 and 3.0 store ...)
 	NOT-FOR-US: Lantronix SecureLinx
-CVE-2005-2188
+CVE-2005-2188 (McAfee IntruShield Security Management System obtains the user ID from ...)
 	NOT-FOR-US: McAfee IntruShield
-CVE-2005-2187
+CVE-2005-2187 (McAfee IntruShield Security Management System allows remote authentica ...)
 	NOT-FOR-US: McAfee IntruShield
-CVE-2005-2186
+CVE-2005-2186 (Multiple cross-site scripting (XSS) vulnerabilities in McAfee IntruShi ...)
 	NOT-FOR-US: McAfee IntruShield
-CVE-2005-2185
+CVE-2005-2185 (eRoom does not set an expiration for Cookies, which allows remote atta ...)
 	NOT-FOR-US: eRoom
-CVE-2005-2184
+CVE-2005-2184 (eRoom 6.x does not properly restrict files that can be attached, which ...)
 	NOT-FOR-US: eRoom
-CVE-2005-2183
+CVE-2005-2183 (class.xmail.php in PhpXmail 0.7 through 1.1 does not properly handle l ...)
 	NOT-FOR-US: PhpXmail
-CVE-2005-2182
+CVE-2005-2182 (Grandstream BudgeTone (BT) 100 Voice over IP (VoIP) phones do not prop ...)
 	NOT-FOR-US: PhpXmail
-CVE-2005-2181
+CVE-2005-2181 (Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the  ...)
 	NOT-FOR-US: SIP phone hardware issue
-CVE-2005-2180
+CVE-2005-2180 (gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when ins ...)
 	- gnats 4.0 (bug #318481; high)
-CVE-2005-2179
+CVE-2005-2179 (PHP remote file inclusion vulnerability in BlogModel.php in Jaws 0.5.2 ...)
 	NOT-FOR-US: Jaws
-CVE-2005-2178
+CVE-2005-2178 (probe.cgi allows remote attackers to execute arbitrary commands via sh ...)
 	NOTE: How bizarre, they assign a CVE Id without knowing which product contains
 	NOTE: the affected probe.cgi
-CVE-2005-2177
+CVE-2005-2177 (Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when  ...)
 	{DSA-873-1}
 	- net-snmp 5.2.1.2-1 (bug #318420; low)
 	- ucd-snmp 4.2.5-5.1 (bug #337394; low)
 	[sarge] - ucd-snmp <no-dsa> (Minor issue)
-CVE-2005-2176
+CVE-2005-2176 (Novell NetMail automatically processes HTML in an attachment without p ...)
 	NOT-FOR-US: Novell NetMail
-CVE-2005-2175
+CVE-2005-2175 (The web interface for Lotus Notes mail automatically processes HTML in ...)
 	NOT-FOR-US: Notes
-CVE-2005-2174
+CVE-2005-2174 (Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 i ...)
 	[woody] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
 	[sarge] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
 	- bugzilla 2.18.3-1 (low)
-CVE-2005-2173
+CVE-2005-2173 (The Flag::validate and Flag::modify functions in Bugzilla 2.17.1 to 2. ...)
 	[woody] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
 	[sarge] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
 	- bugzilla 2.18.3-1 (low)
@@ -6521,91 +6521,91 @@ CVE-2005-2172
 	RESERVED
 CVE-2005-2171
 	RESERVED
-CVE-2005-2170
+CVE-2005-2170 (The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint a ...)
 	NOT-FOR-US: Tivoli
 CVE-2005-2348
 	REJECTED
-CVE-2005-2169
+CVE-2005-2169 (Directory traversal vulnerability in source.php in Quick &amp; Dirty P ...)
 	NOT-FOR-US: PHPSource Printer
-CVE-2005-2168
+CVE-2005-2168 (delete.php in Plague News System 0.6 and earlier allows remote unauthe ...)
 	NOT-FOR-US: Plague
-CVE-2005-2167
+CVE-2005-2167 (Cross-site scripting (XSS) vulnerability in index.php in Plague News S ...)
 	NOT-FOR-US: Plague
-CVE-2005-2166
+CVE-2005-2166 (SQL injection vulnerability in index.php in Plague News System 0.6 and ...)
 	NOT-FOR-US: Plague
-CVE-2005-2165
+CVE-2005-2165 (read.cgi in GlobalNoteScript allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: GlobalNoteScript
-CVE-2005-2164
+CVE-2005-2164 (SQL injection vulnerability in Covide Groupware-CRM allows remote atta ...)
 	NOT-FOR-US: Covide
-CVE-2005-2163
+CVE-2005-2163 (Cross-site scripting (XSS) vulnerability in index.php in AutoIndex PHP ...)
 	NOT-FOR-US: AutoIndex PHP Script
-CVE-2005-2162
+CVE-2005-2162 (PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestboo ...)
 	NOT-FOR-US: MyGuestbook
-CVE-2005-2161
+CVE-2005-2161 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote ...)
 	{DSA-768-1}
 	- phpbb2 2.0.13+1-6sarge1 (bug #317739; high)
-CVE-2005-2160
+CVE-2005-2160 (IMail stores usernames and passwords in cleartext in a cookie, which a ...)
 	NOT-FOR-US: IMail
-CVE-2005-2159
+CVE-2005-2159 (mshftp.dll in PlanetDNS PlanetFileServer 2.0.1.3 allows remote attacke ...)
 	NOT-FOR-US: PlanetDNS
-CVE-2005-2158
+CVE-2005-2158 (A regression error in the embedded HSQLDB in JBoss jBPM 2.0 allows rem ...)
 	NOT-FOR-US: JBoss
-CVE-2005-2157
+CVE-2005-2157 (PHP remote file inclusion vulnerability in survey.inc.php for nabopoll ...)
 	NOT-FOR-US: nabopoll
-CVE-2005-2156
+CVE-2005-2156 (SQL injection vulnerability in news.php in PHPNews 1.2.5 allows remote ...)
 	NOT-FOR-US: PHPNews
-CVE-2005-2155
+CVE-2005-2155 (PHP remote file inclusion vulnerability in EasyPHPCalendar 6.1.5 and e ...)
 	NOT-FOR-US: EasyPHPCalender
-CVE-2005-2154
+CVE-2005-2154 (PHP local file inclusion vulnerability in (1) view.php and (2) open.ph ...)
 	NOT-FOR-US: osTicket
-CVE-2005-2153
+CVE-2005-2153 (SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta ...)
 	NOT-FOR-US: osTicket
-CVE-2005-2152
+CVE-2005-2152 (SQL injection vulnerability in Geeklog before 1.3.11 allows remote att ...)
 	NOT-FOR-US: Geeklog
-CVE-2005-2151
+CVE-2005-2151 (spf.c in Courier Mail Server does not properly handle DNS failures whe ...)
 	{DSA-784-1}
 	- courier 0.47-6 (bug #320290; low)
-CVE-2005-2150
+CVE-2005-2150 (Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-2149
+CVE-2005-2149 (config.php in Cacti 0.8.6e and earlier allows remote attackers to set  ...)
 	{DSA-764-1}
 	- cacti 0.8.6f-1 (bug #316590; high)
-CVE-2005-2148
+CVE-2005-2148 (Cacti 0.8.6e and earlier does not perform proper input validation to p ...)
 	{DSA-764-1}
 	- cacti 0.8.6f-1 (bug #316590; high)
-CVE-2005-2147
+CVE-2005-2147 (Trac before 0.8.4 allows remote attackers to read or upload arbitrary  ...)
 	{DSA-739-1}
 	- trac 0.8.4-1
 	[sarge] - trac 0.8.1-3sarge1
-CVE-2005-2146
+CVE-2005-2146 (SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows  ...)
 	NOT-FOR-US: SSH Tectia Server
-CVE-2005-2145
+CVE-2005-2145 (The kernel driver in Prevx Pro 2005 1.0 does not verify the source of  ...)
 	NOT-FOR-US: Prevx Pro
-CVE-2005-2144
+CVE-2005-2144 (Prevx Pro 2005 1.0 allows local users to bypass file protection and mo ...)
 	NOT-FOR-US: Prevx Pro
-CVE-2005-2143
+CVE-2005-2143 (Microsoft Front Page allows attackers to cause a denial of service (cr ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-2142
+CVE-2005-2142 (Directory traversal vulnerability in Golden FTP Server 2.60 allows rem ...)
 	NOT-FOR-US: Golden FTP Server
-CVE-2005-2141
+CVE-2005-2141 (TCP Chat 1.0 allows remote attackers to cause a denial of service (cra ...)
 	NOT-FOR-US: TCP Chat
-CVE-2005-2140
+CVE-2005-2140 (Directory traversal vulnerability in default.asp for FSboard 2.0 allow ...)
 	NOT-FOR-US: FSboard
-CVE-2005-2139
+CVE-2005-2139 (PHP remote file inclusion vulnerability in user_check.php for Pavsta A ...)
 	NOT-FOR-US: Pavsta
-CVE-2005-2138
+CVE-2005-2138 (Cross-site scripting (XSS) vulnerability in index.php in Comdev eComme ...)
 	NOT-FOR-US: Comdev eCommerce
-CVE-2005-2137
+CVE-2005-2137 (Unknown vulnerability in NateOn Messenger 3.0 allows remote attackers  ...)
 	NOT-FOR-US: NateOn Messenger
-CVE-2005-2136
+CVE-2005-2136 (Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, an ...)
 	NOT-FOR-US: Raritan Dominion SX
-CVE-2005-2135
+CVE-2005-2135 (SQL injection vulnerability in verify.asp in EtoShop Dynamic Biz Websi ...)
 	NOT-FOR-US: EtoShop
-CVE-2005-2134
+CVE-2005-2134 (The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow  ...)
 	NOT-FOR-US: NetBSD
 CVE-2005-2133
 	REJECTED
-CVE-2005-2132
+CVE-2005-2132 (RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1. ...)
 	NOT-FOR-US: SCO UnixWare
 CVE-2005-2131
 	RESERVED
@@ -6613,80 +6613,80 @@ CVE-2005-2130
 	RESERVED
 CVE-2005-2129
 	RESERVED
-CVE-2005-2128
+CVE-2005-2128 (QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers ...)
 	NOT-FOR-US: Windows
-CVE-2005-2127
+CVE-2005-2127 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers t ...)
 	NOT-FOR-US: Windows
-CVE-2005-2126
+CVE-2005-2126 (The FTP client in Windows XP SP1 and Server 2003, and Internet Explore ...)
 	NOT-FOR-US: Windows
 CVE-2005-2125
 	RESERVED
-CVE-2005-2124
+CVE-2005-2124 (Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) ...)
 	NOT-FOR-US: Windows
-CVE-2005-2123
+CVE-2005-2123 (Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL ...)
 	NOT-FOR-US: Windows
-CVE-2005-2122
+CVE-2005-2122 (Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Serv ...)
 	NOT-FOR-US: Windows
 CVE-2005-2121
 	RESERVED
-CVE-2005-2120
+CVE-2005-2120 (Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPM ...)
 	NOT-FOR-US: Windows
-CVE-2005-2119
+CVE-2005-2119 (The MIDL_user_allocate function in the Microsoft Distributed Transacti ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-2118
+CVE-2005-2118 (Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Serv ...)
 	NOT-FOR-US: Windows
-CVE-2005-2117
+CVE-2005-2117 (Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and ...)
 	NOT-FOR-US: Windows
 CVE-2005-2116
 	REJECTED
-CVE-2005-2115
+CVE-2005-2115 (Soldier of Fortune II 1.02x and 1.03 allows remote attackers to cause  ...)
 	NOT-FOR-US: Soldier of Fortune
-CVE-2005-2114
+CVE-2005-2114 (Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Mele ...)
 	NOTE: cannot reproduce with firefox 1.0.5-1 and Sarge's Mozilla using POC exploits
 	[sarge] - mozilla <not-affected> (Unreproducible)
 	- mozilla 2:1.7.10-1 (bug #318723; medium)
-CVE-2005-2113
+CVE-2005-2113 (SQL injection vulnerability in the loginUser function in the XMLRPC se ...)
 	NOT-FOR-US: Xoops
-CVE-2005-2112
+CVE-2005-2112 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.11 an ...)
 	NOT-FOR-US: Xoops
-CVE-2005-2111
+CVE-2005-2111 (login.cgi in Community Link Pro Web Editor allows remote attackers to  ...)
 	NOT-FOR-US: Community Link Pro Web Editor
-CVE-2005-2110
+CVE-2005-2110 (WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensit ...)
 	- wordpress 1.5.1.3-1 (bug #316402)
-CVE-2005-2109
+CVE-2005-2109 (wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers  ...)
 	- wordpress 1.5.1.3-1 (bug #316402)
-CVE-2005-2108
+CVE-2005-2108 (SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and  ...)
 	- wordpress 1.5.1.3-1 (bug #316402)
-CVE-2005-2107
+CVE-2005-2107 (Multiple cross-site scripting (XSS) vulnerabilities in post.php in Wor ...)
 	- wordpress 1.5.1.3-1 (bug #316402)
-CVE-2005-2106
+CVE-2005-2106 (Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1  ...)
 	{DSA-745-1}
 	- drupal 4.5.4-1 (bug #316362)
-CVE-2005-2105
+CVE-2005-2105 (Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authent ...)
 	NOT-FOR-US: IOS
-CVE-2005-2104
+CVE-2005-2104 (sysreport before 1.3.7 allows local users to obtain sensitive informat ...)
 	NOT-FOR-US: sysreport
-CVE-2005-2103
+CVE-2005-2103 (Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows  ...)
 	{DTSA-5-1}
 	- gaim 1:1.4.0-5 (high; bug #323706)
-CVE-2005-2102
+CVE-2005-2102 (The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cau ...)
 	{DTSA-5-1}
 	- gaim 1:1.4.0-5 (medium; bug #323706)
-CVE-2005-2101
+CVE-2005-2101 (langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in / ...)
 	{DSA-818-1}
 	- kdeedu 4:3.4.2-1 (low)
-CVE-2005-2100
+CVE-2005-2100 (The rw_vm function in usercopy.c in the 4GB split patch for the Linux  ...)
 	- linux-2.6 <not-affected> (Red Hat specific according to Horms)
 	- kernel-source-2.4.27 <not-affected> (Red Hat specific according to Horms)
-CVE-2005-2099
+CVE-2005-2099 (The Linux kernel before 2.6.12.5 does not properly destroy a keyring t ...)
 	{DTSA-16-1}
 	NOTE: 2.6.8 and 2.4.27 not affected
 	- linux-2.6 2.6.12-3 (bug #323039; medium)
-CVE-2005-2098
+CVE-2005-2098 (The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2 ...)
 	{DTSA-16-1}
 	NOTE: 2.6.8 and 2.4.27 not affected
 	- linux-2.6 2.6.12-3 (bug #323039; medium)
-CVE-2005-2097
+CVE-2005-2097 (xpdf and kpdf do not properly validate the "loca" table in PDF files,  ...)
 	{DSA-1136-1 DSA-984-1 DSA-982-1 DSA-936-1 DSA-780-1 DTSA-28-1}
 	- kdegraphics 4:3.4.2-1 (bug #322458; low)
 	- xpdf 3.00-15 (bug #322462; low)
@@ -6701,7 +6701,7 @@ CVE-2005-2097
 	[woody] - cupsys <not-affected> (Vulnerable code not present)
 	- poppler 0.4.0-1 (low)
 	- libextractor 0.5.8-1 (medium)
-CVE-2005-2096
+CVE-2005-2096 (zlib 1.2 and later versions allows remote attackers to cause a denial  ...)
 	{DSA-1026-1 DSA-797-2 DSA-797-1 DSA-740-1}
 	NOTE: Several packages ship embedded copies of zlib, there are a lot probably more
 	NOTE: Florian Weimer is doing a comprehensive audit using clamav
@@ -6748,384 +6748,384 @@ CVE-2005-2096
 	- rsync <not-affected> (Uses zlib 1.1, which is not affected)
 	NOTE: rsync upstream updated the internal zlib copy in 2.6.6 without real need,
 	NOTE: as the included version was never affected, despite claiming them so.
-CVE-2005-2095
+CVE-2005-2095 (options_identities.php in SquirrelMail 1.4.4 and earlier uses the extr ...)
 	{DSA-756-1}
 	- squirrelmail 2:1.4.4-6sarge1 (bug #317094)
-CVE-2005-2094
+CVE-2005-2094 (Sun SunONE web server 6.1 SP1 allows remote attackers to poison the we ...)
 	NOT-FOR-US: Sun
-CVE-2005-2093
+CVE-2005-2093 (Oracle 9i Application Server (Oracle9iAS) 9.0.2 allows remote attacker ...)
 	NOT-FOR-US: Oracle
-CVE-2005-2092
+CVE-2005-2092 (BEA Systems WebLogic 8.1 SP1 allows remote attackers to poison the web ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2005-2091
+CVE-2005-2091 (IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison  ...)
 	NOT-FOR-US: Websphere
-CVE-2005-2090
+CVE-2005-2090 (Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allo ...)
 	- tomcat4 4.1.28-1
 	NOTE: tomcat5 in experimental has this fix as well
-CVE-2005-2089
+CVE-2005-2089 (Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web ca ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-2088
+CVE-2005-2088 (The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when ac ...)
 	{DSA-805-1 DSA-803-1}
 	- apache 1.3.33-8 (bug #322607; medium)
 	- apache2 2.0.54-5 (bug #316173; medium)
-CVE-2005-2087
+CVE-2005-2087 (Internet Explorer 5.01 SP4 up to 6 on various Windows operating system ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-2086
+CVE-2005-2086 (PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0. ...)
 	- phpbb2 <not-affected> (phpbb versions in Debian not affected)
-CVE-2005-2085
+CVE-2005-2085 (Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7  ...)
 	NOT-FOR-US: Inframail
-CVE-2005-2084
+CVE-2005-2084 (Cross-site scripting (XSS) vulnerability in SearchResults.aspx in Comm ...)
 	NOT-FOR-US: Community Forum
-CVE-2005-2083
+CVE-2005-2083 (Format string vulnerability in IMAP4 in IA eMailServer Corporate Editi ...)
 	NOT-FOR-US: IA eMailServer
-CVE-2005-2082
+CVE-2005-2082 (im_trbbs.cgi in imTRSET 1.02 and earlier allows remote attackers to ex ...)
 	NOT-FOR-US: imTRSET
-CVE-2005-2081
+CVE-2005-2081 (Stack-based buffer overflow in the function that parses commands in As ...)
 	- asterisk 1:1.0.9.dfsg-1 (bug #315532; unimportant)
 	NOTE: Can only be exploited by users who already have the privilege to execute arbitrary commands
-CVE-2005-2080
+CVE-2005-2080 (Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in VE ...)
 	NOT-FOR-US: Veritas Backup
-CVE-2005-2079
+CVE-2005-2079 (Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS B ...)
 	NOT-FOR-US: Veritas Backup
-CVE-2005-1932
+CVE-2005-1932 (Lpanel 1.59 and earlier, and other versions before 1.597, allows remot ...)
 	NOT-FOR-US: Lpanel
-CVE-2005-1931
+CVE-2005-1931 (GoodTech SMTP Server 5.14 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: GoodTech SMTP Server
-CVE-2005-2078
+CVE-2005-2078 (BisonFTP Server V4R1 allows remote authenticated users to cause a deni ...)
 	NOT-FOR-US: BisonFTP Server
-CVE-2005-2077
+CVE-2005-2077 (Cross-site scripting (XSS) vulnerability in error.asp for Hosting Cont ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2005-2076
+CVE-2005-2076 (HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not ...)
 	NOT-FOR-US: HP Version Control Repository Manager
-CVE-2005-2075
+CVE-2005-2075 (PHP-Fusion 5.0 and 6.0 stores the database file with a predictable fil ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-2074
+CVE-2005-2074 (Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.0.105 allows  ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-2073
+CVE-2005-2073 (Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through ...)
 	NOT-FOR-US: DB2
-CVE-2005-2072
+CVE-2005-2072 (The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT ...)
 	NOT-FOR-US: Solaris
-CVE-2005-2071
+CVE-2005-2071 (traceroute in Sun Solaris 10 on x86 systems allows local users to exec ...)
 	NOT-FOR-US: Solaris
-CVE-2005-2070
+CVE-2005-2070 (The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used i ...)
 	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1 (bug #318755; medium)
-CVE-2005-2069
+CVE-2005-2069 (pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a sla ...)
 	{DSA-785-1}
 	- openldap2.2 2.2.26-3 (bug #316674; medium)
 	- openldap2 2.1.30-11 (medium)
 	- libpam-ldap 178-1sarge1 (bug #316972; medium)
 	- libnss-ldap 238-1.1 (bug #316973; medium)
-CVE-2005-2068
+CVE-2005-2068 (FreeBSD 4.x through 4.11 and 5.x through 5.4 allows remote attackers t ...)
 	- kfreebsd-source <unfixed>
-CVE-2005-2067
+CVE-2005-2067 (SQL injection vulnerability in article.asp in unknown versions of aspn ...)
 	NOT-FOR-US: ASP Nuke
-CVE-2005-2066
+CVE-2005-2066 (SQL injection vulnerability in comment_post.asp in ASP Nuke 0.80 allow ...)
 	NOT-FOR-US: ASP Nuke
-CVE-2005-2065
+CVE-2005-2065 (HTTP response splitting vulnerability in language_select.asp in ASP Nu ...)
 	NOT-FOR-US: ASP Nuke
-CVE-2005-2064
+CVE-2005-2064 (Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow r ...)
 	NOT-FOR-US: ASP Nuke
-CVE-2005-2063
+CVE-2005-2063 (Multiple cross-site scripting (XSS) vulnerabilities in ActiveBuyAndSel ...)
 	NOT-FOR-US: ActiveBuyAndSell
-CVE-2005-2062
+CVE-2005-2062 (Multiple SQL injection vulnerabilities in ActiveBuyAndSell 6.2 allow r ...)
 	NOT-FOR-US: ActiveBuyAndSell
-CVE-2005-2061
+CVE-2005-2061 (Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to inclu ...)
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2005-2060
+CVE-2005-2060 (Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php ...)
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2005-2059
+CVE-2005-2059 (Multiple cross-site request forgery (CSRF) vulnerabilities in (1) adda ...)
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2005-2058
+CVE-2005-2058 (Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6 ...)
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2005-2057
+CVE-2005-2057 (Multiple cross-site scripting (XSS) vulnerabilities in Infopop UBB.Thr ...)
 	NOT-FOR-US: Infopop UBB.Threads
-CVE-2005-2056
+CVE-2005-2056 (The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.8 ...)
 	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1-1 (bug #318756; medium)
-CVE-2005-2055
+CVE-2005-2055 (RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne  ...)
 	NOT-FOR-US: Affected only Real Player, not Helix Player
 	NOTE: http://service.real.com/help/faq/security/050623_player/EN/
-CVE-2005-2054
+CVE-2005-2054 (Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and ...)
 	NOT-FOR-US: Real Player
 	NOTE: This didn't affected Helix, although the changelog claimed so, see
 	NOTE: http://service.real.com/help/faq/security/050623_player/EN/
-CVE-2005-2053
+CVE-2005-2053 (Just another flat file (JAF) CMS before 3.0 Final allows remote attack ...)
 	NOT-FOR-US: JAF CMS
-CVE-2005-2052
+CVE-2005-2052 (Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6 ...)
 	NOT-FOR-US: Real Player
 	NOTE: This didn't affected Helix, although the changelog claimed so, see
 	NOTE: http://service.real.com/help/faq/security/050623_player/EN/
-CVE-2005-2051
+CVE-2005-2051 (Buffer overflow in the VERITAS Backup Exec Web Administration Console  ...)
 	NOT-FOR-US: BEWAC
-CVE-2005-2050
+CVE-2005-2050 (Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers t ...)
 	- tor 0.0.9.10-1 (medium)
-CVE-2005-2049
+CVE-2005-2049 (Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow ...)
 	NOT-FOR-US: Duware
-CVE-2005-2048
+CVE-2005-2048 (Multiple SQL injection vulnerabilities in DUware DUforum 3.1, and poss ...)
 	NOT-FOR-US: Duware
-CVE-2005-2047
+CVE-2005-2047 (Multiple SQL injection vulnerabilities in DUware DUpaypal Pro 3.0 allo ...)
 	NOT-FOR-US: Duware
-CVE-2005-2046
+CVE-2005-2046 (Multiple SQL injection vulnerabilities in DUware DUamazon Pro 3.0 and  ...)
 	NOT-FOR-US: Duware
-CVE-2005-2045
+CVE-2005-2045 (Multiple SQL injection vulnerabilities in DUware DUportal PRO 3.4.3 al ...)
 	NOT-FOR-US: Duware
-CVE-2005-2044
+CVE-2005-2044 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.3 an ...)
 	NOT-FOR-US: ATutor
-CVE-2005-2043
+CVE-2005-2043 (Directory traversal vulnerability in XAMPP before 1.4.14 allows remote ...)
 	NOT-FOR-US: XAMPP
-CVE-2005-2042
+CVE-2005-2042 (Cross-site scripting (XSS) vulnerability in ajax-spell before 1.8 allo ...)
 	NOT-FOR-US: ajax-spell
-CVE-2005-2041
+CVE-2005-2041 (Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other p ...)
 	NOT-FOR-US: ViRobot
-CVE-2005-2040
+CVE-2005-2040 (Multiple buffer overflows in the getterminaltype function in telnetd f ...)
 	{DSA-758-1}
 	- heimdal 0.6.3-11 (bug #315065; bug #315086; high)
-CVE-2005-2039
+CVE-2005-2039 (Unknown vulnerability in "various plugins" for NanoBlogger 3.2.1 and e ...)
 	- nanoblogger <not-affected> (3.1 version in Debian was not affected by this vulnerability, see #315492)
-CVE-2005-2038
+CVE-2005-2038 (Fortibus CMS 4.0.0 allows remote attackers to modify information of ot ...)
 	NOT-FOR-US: Fortibus CMS
-CVE-2005-2037
+CVE-2005-2037 (Multiple SQL injection vulnerabilities in Fortibus CMS 4.0.0 allow rem ...)
 	NOT-FOR-US: Fortibus CMS
-CVE-2005-2036
+CVE-2005-2036 (modifyUser.asp in Cool Cafe (Cool Caf&#233;) Chat 1.2.1 allows remote  ...)
 	NOT-FOR-US: Cool Cafe Chat
-CVE-2005-2035
+CVE-2005-2035 (SQL injection vulnerability in login.asp for Cool Cafe (Cool Caf&#233; ...)
 	NOT-FOR-US: Cool Cafe Chat
-CVE-2005-2034
+CVE-2005-2034 (Cross-site scripting (XSS) vulnerability in folderview.asp for BlueCol ...)
 	NOT-FOR-US: iGallery
-CVE-2005-2033
+CVE-2005-2033 (Directory traversal vulnerability in folderview.asp for Blue-Collar Pr ...)
 	NOT-FOR-US: iGallery
-CVE-2005-2032
+CVE-2005-2032 (Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows loc ...)
 	NOT-FOR-US: Solaris
-CVE-2005-2031
+CVE-2005-2031 (Multiple SQL injection vulnerabilities in socialMPN allow remote attac ...)
 	NOT-FOR-US: socialMPN
-CVE-2005-2030
+CVE-2005-2030 (Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak encryption for passwords ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-2029
+CVE-2005-2029 (amaroK Web Frontend 1.3 stores the globals.inc file under the web root ...)
 	NOT-FOR-US: external script that allow interaction between amarok and a browser
-CVE-2005-2028
+CVE-2005-2028 (SQL injection vulnerability in index.php for MercuryBoard 1.1.4 and ea ...)
 	NOT-FOR-US: MercuryBoard
-CVE-2005-2027
+CVE-2005-2027 (Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 does no ...)
 	NOT-FOR-US: Enterasys hardware issue
-CVE-2005-2026
+CVE-2005-2026 (Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 has a h ...)
 	NOT-FOR-US: Enterasys hardware issue
-CVE-2005-2025
+CVE-2005-2025 (Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to  ...)
 	NOT-FOR-US: Cisco
-CVE-2005-2024
+CVE-2005-2024 (Vipul Razor Agents (razor-agents) before 2.70 allows remote attackers  ...)
 	{DSA-738-1}
 	NOTE: varying and apparently innacurate info about what versions fix it
 	- razor 2.720-1 (low)
-CVE-2005-2023
+CVE-2005-2023 (The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Li ...)
 	- gnupg2 1.9.15-1
-CVE-2005-2022
+CVE-2005-2022 (Unknown vulnerability in Webmail in iPlanet Messaging Server 5.2 Patch ...)
 	NOT-FOR-US: iPlanet
-CVE-2005-2021
+CVE-2005-2021 (Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier all ...)
 	NOT-FOR-US: cPanel
-CVE-2005-2020
+CVE-2005-2020 (Directory traversal vulnerability in the web server for 3Com Network S ...)
 	NOT-FOR-US: 3com Network Supervisor
-CVE-2005-2019
+CVE-2005-2019 (ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) o ...)
 	NOT-FOR-US: FreeBSD ipfw
 CVE-2005-2018
 	RESERVED
-CVE-2005-2017
+CVE-2005-2017 (Symantec AntiVirus 9 Corporate Edition allows local users to gain priv ...)
 	NOT-FOR-US: Symantec AntiVirus
 CVE-2005-2016
 	RESERVED
 CVE-2005-2015
 	RESERVED
-CVE-2005-2014
+CVE-2005-2014 (The "upload a language pack" feature in paFAQ 1.0 Beta 4 allows remote ...)
 	NOT-FOR-US: paFAQ
-CVE-2005-2013
+CVE-2005-2013 (paFAQ 1.0 Beta 4 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: paFAQ
-CVE-2005-2012
+CVE-2005-2012 (Multiple SQL injection vulnerabilities in login in paFAQ 1.0 Beta 4 al ...)
 	NOT-FOR-US: paFAQ
-CVE-2005-2011
+CVE-2005-2011 (Multiple cross-site scripting (XSS) vulnerabilities in paFAQ 1.0 Beta  ...)
 	NOT-FOR-US: paFAQ
-CVE-2005-2010
+CVE-2005-2010 (Cross-site scripting (XSS) vulnerability in trackback.asp in Ublog Rel ...)
 	NOT-FOR-US: Ublog Reload
-CVE-2005-2009
+CVE-2005-2009 (Multiple SQL injection vulnerabilities in Ublog Reload 1.0.5 allow rem ...)
 	NOT-FOR-US: Ublog Reload
-CVE-2005-2008
+CVE-2005-2008 (Yaws Webserver 1.55 and earlier allows remote attackers to obtain the  ...)
 	- yaws 1.56-1 (low)
-CVE-2005-2007
+CVE-2005-2007 (Directory traversal vulnerability in Edgewall Trac 0.8.3 and earlier a ...)
 	- trac 0.8.4-1 (bug #315145)
 	[sarge] - trac 0.8.1-3sarge1
-CVE-2005-2006
+CVE-2005-2006 (JBOSS 3.2.2 through 3.2.7 and 4.0.2 allows remote attackers to obtain  ...)
 	NOT-FOR-US: JBOSS
-CVE-2005-2005
+CVE-2005-2005 (Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier stores the users.dat f ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-2004
+CVE-2005-2004 (Multiple cross-site scripting vulnerabilities in Ultimate PHP Board (U ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-2003
+CVE-2005-2003 (Ultimate PHP Board (UPB) 1.9.6 GOLD allows remote attackers to obtain  ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-2002
+CVE-2005-2002 (SQL injection vulnerability in content.php in Mambo 4.5.2.2 and earlie ...)
 	NOT-FOR-US: Mambo
-CVE-2005-2001
+CVE-2005-2001 (Directory traversal vulnerability in pafiledb.php in paFileDB 3.1 and  ...)
 	NOT-FOR-US: paFileDB
-CVE-2005-2000
+CVE-2005-2000 (Multiple SQL injection vulnerabilities in paFileDB 3.1 and earlier all ...)
 	NOT-FOR-US: paFileDB
-CVE-2005-1999
+CVE-2005-1999 (Multiple cross-site scripting (XSS) vulnerabilities in pafiledb.php in ...)
 	NOT-FOR-US: paFileDB
-CVE-2005-1998
+CVE-2005-1998 (Directory traversal vulnerability in admin.php in McGallery 1.1 allows ...)
 	NOT-FOR-US: McGallery
-CVE-2005-1997
+CVE-2005-1997 (show.php in McGallery 1.1 allows remote attackers to connect to arbitr ...)
 	NOT-FOR-US: McGallery
-CVE-2005-1996
+CVE-2005-1996 (PHP remote file inclusion vulnerability in start.php in Bitrix Site Ma ...)
 	NOT-FOR-US: Bitrix Site Manager
-CVE-2005-1995
+CVE-2005-1995 (Bitrix Site Manager 4.0.x allows remote attackers to obtain sensitive  ...)
 	NOT-FOR-US: Bitrix Site Manager
-CVE-2005-1994
+CVE-2005-1994 (Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download b ...)
 	NOT-FOR-US: Finjan SurfinGate
-CVE-2005-1993
+CVE-2005-1993 (Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-comman ...)
 	{DSA-735-2 DSA-735-1}
 	- sudo 1.6.8p9-1 (bug #315718; bug #315115; medium)
-CVE-2005-1992
+CVE-2005-1992 (The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets  ...)
 	{DSA-748-1}
 	- ruby1.8 1.8.2-8 (bug #315064; medium)
 	- ruby1.9 1.9.0+20050623-1 (bug #315064; medium)
 CVE-2005-1991
 	RESERVED
-CVE-2005-1990
+CVE-2005-1990 (Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a ...)
 	NOT-FOR-US: MSIE
-CVE-2005-1989
+CVE-2005-1989 (Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows re ...)
 	NOT-FOR-US: MSIE
-CVE-2005-1988
+CVE-2005-1988 (Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows re ...)
 	NOT-FOR-US: MSIE
-CVE-2005-1987
+CVE-2005-1987 (Buffer overflow in Collaboration Data Objects (CDO), as used in Micros ...)
 	NOT-FOR-US: Microsoft
 CVE-2005-1986
 	RESERVED
-CVE-2005-1985
+CVE-2005-1985 (The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, X ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1984
+CVE-2005-1984 (Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microso ...)
 	NOT-FOR-US: Spoolsv.exe
-CVE-2005-1983
+CVE-2005-1983 (Stack-based buffer overflow in the Plug and Play (PnP) service for Mic ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1982
+CVE-2005-1982 (Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1981
+CVE-2005-1981 (Unknown vulnerability in Microsoft Windows 2000 Server and Windows Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1980
+CVE-2005-1980 (Distributed Transaction Controller in Microsoft Windows allows remote  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1979
+CVE-2005-1979 (Distributed Transaction Controller in Microsoft Windows allows remote  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1978
+CVE-2005-1978 (COM+ in Microsoft Windows does not properly "create and use memory str ...)
 	NOT-FOR-US: Microsoft
 CVE-2005-1977
 	RESERVED
-CVE-2005-1976
+CVE-2005-1976 (Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets ...)
 	NOT-FOR-US: Novell NetMail
-CVE-2005-1975
+CVE-2005-1975 (Multiple cross-site scripting (XSS) vulnerabilities in Annuaire 1Two 1 ...)
 	NOT-FOR-US: Annuaire
-CVE-2005-1974
+CVE-2005-1974 (Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE)  ...)
 	NOT-FOR-US: Sun Java
-CVE-2005-1973
+CVE-2005-1973 (Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0  ...)
 	NOT-FOR-US: Sun Java
-CVE-2005-1972
+CVE-2005-1972 (Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11  ...)
 	NOT-FOR-US: InteractivePHP FusionBB
-CVE-2005-1971
+CVE-2005-1971 (Directory traversal vulnerability in InteractivePHP FusionBB .11 Beta  ...)
 	NOT-FOR-US: InteractivePHP FusionBB
-CVE-2005-1970
+CVE-2005-1970 (Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Wind ...)
 	NOT-FOR-US: pcAnywhere
-CVE-2005-1969
+CVE-2005-1969 (Cross-site scripting (XSS) vulnerability in Pragma Systems Telnetserve ...)
 	NOT-FOR-US: Pragma Telnetserver
-CVE-2005-1968
+CVE-2005-1968 (Cross-site scripting (XSS) vulnerability in ProductCart Ecommerce befo ...)
 	NOT-FOR-US: ProductCart Ecommerce
-CVE-2005-1967
+CVE-2005-1967 (Multiple SQL injection vulnerabilities in ProductCart Ecommerce before ...)
 	NOT-FOR-US: ProductCart Ecommerce
-CVE-2005-1966
+CVE-2005-1966 (The eTrace_validaddr function in eTrace plugin for e107 portal allows  ...)
 	NOT-FOR-US: e107
-CVE-2005-1965
+CVE-2005-1965 (PHP remote file inclusion vulnerability in siteframe.php for Broadpool ...)
 	NOT-FOR-US: Broadpool Siteframe
-CVE-2005-1964
+CVE-2005-1964 (PHP remote file inclusion vulnerability in utilit.php for Ovidentia Po ...)
 	NOT-FOR-US: Ovidentia Portal
-CVE-2005-1963
+CVE-2005-1963 (Cerberus Helpdesk 0.97.3 allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2005-1962
+CVE-2005-1962 (Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 a ...)
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2005-1961
+CVE-2005-1961 (Unknown vulnerability in ObjectWeb Consortium C-JDBC before 1.3.1 allo ...)
 	NOT-FOR-US: C-JDBC
-CVE-2005-1960
+CVE-2005-1960 (The getemails function in C.J. Steele Tattle allows remote attackers t ...)
 	NOT-FOR-US: C.J. Steele Tattle
-CVE-2005-1959
+CVE-2005-1959 (jammail.pl in jamchen JamMail 1.8 allows remote attackers to execute a ...)
 	NOT-FOR-US: JamMail
 CVE-2005-1958
 	REJECTED
-CVE-2005-1957
+CVE-2005-1957 (mtnpeak.net File Upload Manager does not properly check user authentic ...)
 	NOT-FOR-US: File Upload Manager
-CVE-2005-1956
+CVE-2005-1956 (File Upload Manager allows remote attackers to upload arbitrary files  ...)
 	NOT-FOR-US: File Upload Manager
-CVE-2005-1955
+CVE-2005-1955 (Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9 ...)
 	NOT-FOR-US: singapore
-CVE-2005-1954
+CVE-2005-1954 (singapore 0.9.11 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: singapore
-CVE-2005-1953
+CVE-2005-1953 (Heap-based buffer overflow in the CGI extension for Pico Server (pServ ...)
 	NOT-FOR-US: Pico Server
-CVE-2005-1952
+CVE-2005-1952 (Directory traversal vulnerability in Pico Server (pServ) 3.3 allows re ...)
 	NOT-FOR-US: Pico Server
-CVE-2005-1951
+CVE-2005-1951 (Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Mil ...)
 	NOT-FOR-US: osCommerce
-CVE-2005-1950
+CVE-2005-1950 (hints.pl in Webhints 1.03 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: Webhints
-CVE-2005-1949
+CVE-2005-1949 (The eping_validaddr function in functions.php for the ePing plugin for ...)
 	NOT-FOR-US: e107
-CVE-2005-1948
+CVE-2005-1948 (Multiple SQL injection vulnerabilities in Invision Gallery before 1.3. ...)
 	NOT-FOR-US: Invision Gallery
-CVE-2005-1947
+CVE-2005-1947 (Cross-site request forgery (CSRF) vulnerability in Invision Gallery be ...)
 	NOT-FOR-US: Invision Gallery
-CVE-2005-1946
+CVE-2005-1946 (Multiple SQL injection vulnerabilities in Invision Blog before 1.1.2 F ...)
 	NOT-FOR-US: Invision Blog
-CVE-2005-1945
+CVE-2005-1945 (Cross-site scripting (XSS) vulnerability in the convert_highlite_words ...)
 	NOT-FOR-US: Invision Blog
-CVE-2005-1944
+CVE-2005-1944 (xmysqladmin 1.0 and earlier allows local users to delete arbitrary fil ...)
 	NOT-FOR-US: xmysqladmin
-CVE-2005-1943
+CVE-2005-1943 (Multiple SQL injection vulnerabilities in Loki download manager 2.0 al ...)
 	NOT-FOR-US: Loki download manager
-CVE-2005-1942
+CVE-2005-1942 (Cisco switches that support 802.1x security allow remote attackers to  ...)
 	NOT-FOR-US: Cisco
-CVE-2005-1941
+CVE-2005-1941 (SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-st ...)
 	NOT-FOR-US: SilverCity
 CVE-2005-1940
 	RESERVED
-CVE-2005-1939
+CVE-2005-1939 (Directory traversal vulnerability in Ipswitch WhatsUp Small Business 2 ...)
 	NOT-FOR-US: Ipswitch WhatsUp
 CVE-2005-1938
 	REJECTED
-CVE-2005-1937
+CVE-2005-1937 (A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote at ...)
 	{DSA-810-1 DSA-777-1 DSA-775-1 DTSA-7-1 DTSA-8-2 DTSA-14-1}
 	- mozilla-firefox 1.0.6-1 (medium)
 	- mozilla 2:1.7.10-1 (medium)
 	[woody] - mozilla <not-affected> (regression of a previous security fix)
-CVE-2005-1936
+CVE-2005-1936 (Unknown vulnerability in the web server for the ESS/ Network Controlle ...)
 	NOT-FOR-US: Xerox hardware issue
-CVE-2005-1935
+CVE-2005-1935 (Heap-based buffer overflow in the BERDecBitString function in Microsof ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1933
+CVE-2005-1933 (Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arb ...)
 	NOT-FOR-US: Apple
-CVE-2005-1934
+CVE-2005-1934 (Gaim before 1.3.1 allows remote attackers to cause a denial of service ...)
 	{DSA-734-1}
 	- gaim 1:1.3.1-1 (bug #315356; low)
-CVE-2005-1930
+CVE-2005-1930 (Directory traversal vulnerability in the Crystal Report component (rpt ...)
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2005-1929
+CVE-2005-1929 (Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2)  ...)
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2005-1928
+CVE-2005-1928 (Trend Micro ServerProtect EarthAgent for Windows Management Console 5. ...)
 	NOT-FOR-US: Trend Micro ServerProtect
 CVE-2005-1927
 	RESERVED
 CVE-2005-1926
 	RESERVED
-CVE-2005-1925
+CVE-2005-1925 (Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1  ...)
 	NOT-FOR-US: Tikiwiki
-CVE-2005-1924
+CVE-2005-1924 (The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote a ...)
 	NOT-FOR-US: External Squirrelmail plugin not packaged in Debian
-CVE-2005-1923
+CVE-2005-1923 (The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, an ...)
 	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1 (bug #316401; bug #316462; medium)
-CVE-2005-1922
+CVE-2005-1922 (The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 all ...)
 	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1-1 (low)
-CVE-2005-1921
+CVE-2005-1921 (Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XM ...)
 	{DSA-789-1 DSA-746-1 DSA-747-1 DSA-745-1 DTSA-15-1}
 	- serendipity 1.0-1
 	- drupal 4.5.4-1 (high; bug #316362)
@@ -7134,126 +7134,126 @@ CVE-2005-1921
 	- phpwiki 1.3.7-4 (bug #316714; high)
 	- php4 4:4.3.10-16 (high; bug #316447)
 	- horde3 <not-affected> (horde3 ships different XMLRPC code)
-CVE-2005-1920
+CVE-2005-1920 (The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4. ...)
 	{DSA-804-2}
 	- kdelibs 4:3.4.2-1 (bug #319016; medium)
 CVE-2005-1919
 	REJECTED
-CVE-2005-1918
+CVE-2005-1918 (The original patch for a GNU tar directory traversal vulnerability (CV ...)
 	- tar 1.14-2.2
 	NOTE: 1.14-2.2 is ok, maybe Debian was not-affected anyway
-CVE-2005-1917
+CVE-2005-1917 (kpopper 1.0 and earlier allows local users to create and overwrite arb ...)
 	NOT-FOR-US: kpopper, there is a kpopper in kerberos4kth-servers, but this is not the same one
-CVE-2005-1916
+CVE-2005-1916 (linki.py in ekg 2005-06-05 and earlier allows local users to overwrite ...)
 	{DSA-760-1 DTSA-4-1}
 	- ekg 1:1.5+20050712+1.6rc2-1 (bug #318059; bug #317027; low)
-CVE-2005-1915
+CVE-2005-1915 (The log4sh_readProperties function in log4sh 1.2.5 and earlier allows  ...)
 	NOT-FOR-US: log4sh
-CVE-2005-1914
+CVE-2005-1914 (CenterICQ 4.20.0 and earlier creates temporary files with predictable  ...)
 	{DSA-754-1 DTSA-2-1}
 	- centericq 4.20.0-7 (medium)
-CVE-2005-1913
+CVE-2005-1913 (The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a den ...)
 	{DTSA-16-1}
 	- linux-2.6 2.6.12-1 (medium)
 	- kernel-source-2.6.11 2.6.11-6 (medium)
 CVE-2005-1912
 	REJECTED
-CVE-2005-1911
+CVE-2005-1911 (The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang whil ...)
 	- leafnode 1.11.3.rel-1 (bug #338886; low)
 	[sarge] - leafnode 1.11.2.rel-1.0sarge0
-CVE-2005-1910
+CVE-2005-1910 (SQL injection vulnerability in login.asp for WWWeb Concepts Events Sys ...)
 	NOT-FOR-US: WWWeb Concepts Events System
-CVE-2005-1909
+CVE-2005-1909 (The web server control panel in 602LAN SUITE 2004 allows remote attack ...)
 	NOT-FOR-US: 602LAN SUITE
-CVE-2005-1908
+CVE-2005-1908 (Perception LiteWeb allows remote attackers to bypass access controls f ...)
 	NOT-FOR-US: Perception LiteWeb
-CVE-2005-1907
+CVE-2005-1907 (The ISA Firewall service in Microsoft Internet Security and Accelerati ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1906
+CVE-2005-1906 (SQL injection vulnerability in login.asp in livingmailing 1.3 allows r ...)
 	NOT-FOR-US: livingmailing
-CVE-2005-1905
+CVE-2005-1905 (The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and ...)
 	NOT-FOR-US: Kaspersky
-CVE-2005-1904
+CVE-2005-1904 (SQL injection vulnerability in login.asp in JiRo's Upload System (JUS) ...)
 	NOT-FOR-US: JiRo's Upload Systems
-CVE-2005-1903
+CVE-2005-1903 (Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 all ...)
 	NOT-FOR-US: SPA-PRO Mail
-CVE-2005-1902
+CVE-2005-1902 (Directory traversal vulnerability in the IMAP service for SPA-PRO Mail ...)
 	NOT-FOR-US: SPA-PRO Mail
-CVE-2005-1901
+CVE-2005-1901 (Multiple cross-site scripting (XSS) vulnerabilities in Sawmill before  ...)
 	NOT-FOR-US: Sawmill
-CVE-2005-1900
+CVE-2005-1900 (Sawmill before 7.1.6 allows remote attackers to bypass authentication  ...)
 	NOT-FOR-US: Sawmill
-CVE-2005-1899
+CVE-2005-1899 (Rakkarsoft RakNet network library 2.33 and earlier, when released befo ...)
 	NOT-FOR-US: RakNet
-CVE-2005-1898
+CVE-2005-1898 (The passthrough functionality in phpThumb.php in phpThumb() before 1.5 ...)
 	NOT-FOR-US: phpThumb
-CVE-2005-1897
+CVE-2005-1897 (Unknown vulnerability in FlexCast Audio Video Streaming Server before  ...)
 	NOT-FOR-US: FlexCast
-CVE-2005-1896
+CVE-2005-1896 (Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3 allow ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-1895
+CVE-2005-1895 (Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3 allows remo ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-1894
+CVE-2005-1894 (Direct code injection vulnerability in FlatNuke 2.5.3 allows remote at ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-1893
+CVE-2005-1893 (FlatNuke 2.5.3 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-1892
+CVE-2005-1892 (FlatNuke 2.5.3 allows remote attackers to cause a denial of service or ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-1891
+CVE-2005-1891 (The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2005-1890
+CVE-2005-1890 (Unknown vulnerability in Mortiforo before 0.9.1 allows users to access ...)
 	NOT-FOR-US: Mortiforo
-CVE-2005-1889
+CVE-2005-1889 (Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenanc ...)
 	NOT-FOR-US: Sun ONE
-CVE-2005-1888
+CVE-2005-1888 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 all ...)
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2005-1887
+CVE-2005-1887 (Unknown vulnerability in the Sun Solaris C library (libc and libprojec ...)
 	NOT-FOR-US: Solaris
-CVE-2005-1886
+CVE-2005-1886 (Cross-site scripting (XSS) vulnerability in view.php in YaPiG 0.92b, 0 ...)
 	NOT-FOR-US: YaPiG
-CVE-2005-1885
+CVE-2005-1885 (view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to ob ...)
 	NOT-FOR-US: YaPiG
-CVE-2005-1884
+CVE-2005-1884 (Directory traversal vulnerability in the (1) rmdir or (2) mkdir comman ...)
 	NOT-FOR-US: YaPiG
-CVE-2005-1883
+CVE-2005-1883 (global.php in YaPiG 0.92b allows remote attackers to include arbitrary ...)
 	NOT-FOR-US: YaPiG
-CVE-2005-1882
+CVE-2005-1882 (PHP remote file inclusion vulnerability in last_gallery.php in YaPiG 0 ...)
 	NOT-FOR-US: YaPiG
-CVE-2005-1881
+CVE-2005-1881 (upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict  ...)
 	NOT-FOR-US: YaPiG
-CVE-2005-1880
+CVE-2005-1880 (everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary ...)
 	NOT-FOR-US: everybuddy
-CVE-2005-1879
+CVE-2005-1879 (LutelWall 0.97 and earlier allows local users to overwrite arbitrary f ...)
 	NOT-FOR-US: LutelWall
-CVE-2005-1878
+CVE-2005-1878 (GIPTables Firewall 1.1 and earlier allows local users to overwrite arb ...)
 	NOT-FOR-US: GIPTables
-CVE-2005-1877
+CVE-2005-1877 (Cross-site scripting (XSS) vulnerability in view_ticket.php in Lpanel  ...)
 	NOT-FOR-US: Lpanel
-CVE-2005-1876
+CVE-2005-1876 (Direct code injection vulnerability in CuteNews 1.3.6 and earlier allo ...)
 	NOT-FOR-US: CuteNews
-CVE-2005-1875
+CVE-2005-1875 (Multiple SQL injection vulnerabilities in list.php in Exhibit Engine ( ...)
 	NOT-FOR-US: Exhibit Engine
-CVE-2005-1874
+CVE-2005-1874 (Directory traversal vulnerability in Dzip before 2.9 allows remote att ...)
 	NOT-FOR-US: Dzip
-CVE-2005-1873
+CVE-2005-1873 (Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier vers ...)
 	NOT-FOR-US: Crob
-CVE-2005-1872
+CVE-2005-1872 (Buffer overflow in the administrative console in IBM WebSphere Applica ...)
 	NOT-FOR-US: WebSphere
-CVE-2005-1871
+CVE-2005-1871 (Unknown vulnerability in the privilege system in Drupal 4.4.0 through  ...)
 	- drupal 4.5.3-1
-CVE-2005-1870
+CVE-2005-1870 (PHP remote file inclusion vulnerability in childwindow.inc.php in Popp ...)
 	NOT-FOR-US: Popper
-CVE-2005-1869
+CVE-2005-1869 (PHP remote file inclusion vulnerability in start_lobby.php in MWChat 6 ...)
 	NOT-FOR-US: MWChat
-CVE-2005-1868
+CVE-2005-1868 (I-Man 0.9, and possibly earlier versions, allows remote attackers to e ...)
 	NOT-FOR-US: I-Man
-CVE-2005-1867
+CVE-2005-1867 (Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database ad ...)
 	NOT-FOR-US: Symantec
-CVE-2005-1866
+CVE-2005-1866 (Cross-site scripting (XSS) vulnerability in calendar.php in Calendarix ...)
 	NOT-FOR-US: Calendarix
-CVE-2005-1865
+CVE-2005-1865 (Multiple SQL injection vulnerabilities in Calendarix Advanced 1.5 allo ...)
 	NOT-FOR-US: Calendarix
-CVE-2005-1864
+CVE-2005-1864 (PHP remote file inclusion vulnerability in cal_admintop.php in Calenda ...)
 	NOT-FOR-US: Calendarix
 CVE-2005-1863
 	REJECTED
@@ -7263,63 +7263,63 @@ CVE-2005-1861
 	REJECTED
 CVE-2005-1860
 	REJECTED
-CVE-2005-1859
+CVE-2005-1859 (Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ...)
 	NOT-FOR-US: arshell
-CVE-2005-1857
+CVE-2005-1857 (Format string vulnerability in simpleproxy before 3.4 allows remote ma ...)
 	{DSA-786-1}
 	- simpleproxy 3.2-4 (medium)
-CVE-2005-1856
+CVE-2005-1856 (The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixe ...)
 	{DSA-787-1}
 	- backup-manager 0.5.8-2 (bug #315582; low)
 	NOTE: maybe a duplicate of CVE-2005-2212, author contacted
-CVE-2005-1855
+CVE-2005-1855 (Backup Manager (backup-manager) before 0.5.8 creates backup files with ...)
 	{DSA-787-1}
 	- backup-manager 0.5.8-2 (medium)
 	NOTE: maybe a duplicate of CVE-2005-2211, author contacted
-CVE-2005-1854
+CVE-2005-1854 (Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing ...)
 	{DSA-772-1}
 	- apt-cacher 0.9.10 (high)
-CVE-2005-1853
+CVE-2005-1853 (gopher.c in the Gopher client 3.0.5 does not properly create temporary ...)
 	{DSA-770-1}
 	- gopher 3.0.8 (low)
-CVE-2005-1852
+CVE-2005-1852 (Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3  ...)
 	{DSA-767-1 DTSA-4-1}
 	- kdenetwork 4:3.3.2-5 (bug #319443; unimportant)
 	NOTE: Kopete embeds the vulnerable code, but it's only used as a fallback when
 	NOTE: no shared lib version is found. As the Debian package has a dependency on
 	NOTE: it the maintainer does not intent to fix it, see # 319443
 	- ekg 1:1.5+20050712+1.6rc3-1 (bug #318970; medium)
-CVE-2005-1851
+CVE-2005-1851 (A certain contributed script for ekg Gadu Gadu client 1.5 and earlier  ...)
 	{DSA-760-1 DTSA-4-1}
 	- ekg 1:1.5+20050712+1.6rc2-1 (low)
-CVE-2005-1850
+CVE-2005-1850 (Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier c ...)
 	{DSA-760-1 DTSA-4-1}
 	- ekg 1:1.5+20050712+1.6rc2-1 (low)
-CVE-2005-1849
+CVE-2005-1849 (inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of  ...)
 	{DSA-1026-1 DSA-797-2 DSA-797-1 DSA-763-1}
 	NOTE: This is only contrib code not built in the binary packages AFAIK
 	- zlib 1:1.2.3-1 (low)
 	- zsync 0.4.1-1 (low)
 	- sash 3.7-5sarge1 (low)
 	NOTE: zsync 0.4.0-2 (mentioned in DSA-797-1) was never uploaded.
-CVE-2005-1848
+CVE-2005-1848 (The dhcpcd DHCP client before 1.3.22 allows remote attackers to cause  ...)
 	{DSA-750-1}
 	- dhcpcd 1:1.3.22pl4-22 (medium)
-CVE-2005-1847
+CVE-2005-1847 (Multiple buffer overflows in YaMT before 0.5_2 allow attackers to exec ...)
 	NOT-FOR-US: YaMT
-CVE-2005-1846
+CVE-2005-1846 (Multiple directory traversal vulnerabilities in YaMT before 0.5_2 allo ...)
 	NOT-FOR-US: YaMT
 CVE-2005-1845
 	REJECTED
 CVE-2005-1844
 	REJECTED
-CVE-2005-1843
+CVE-2005-1843 (VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suit ...)
 	NOT-FOR-US: Windows
-CVE-2005-1842
+CVE-2005-1842 (VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suit ...)
 	NOT-FOR-US: Windows
-CVE-2005-1841
+CVE-2005-1841 (The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX ...)
 	NOT-FOR-US: acroread
-CVE-2005-1858
+CVE-2005-1858 (FUSE 2.x before 2.3.0 does not properly clear previously used memory f ...)
 	{DSA-744-1}
 	- fuse 2.3.0-1
 CVE-2005-2349 [Directory traversal in zoo]
@@ -7328,198 +7328,198 @@ CVE-2005-2349 [Directory traversal in zoo]
 CVE-2005-2350 [Cross Site Scripting in websieve]
 	RESERVED
 	- websieve <removed> (bug #311838; low)
-CVE-2005-1840
+CVE-2005-1840 (Directory traversal vulnerability in class.layout_phpcms.php in phpCMS ...)
 	NOT-FOR-US: phpCMS
-CVE-2005-1839
+CVE-2005-1839 (Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk ...)
 	NOT-FOR-US: Liberum
-CVE-2005-1838
+CVE-2005-1838 (Multiple cross-site scripting vulnerabilities in castnewPost.asp in Li ...)
 	NOT-FOR-US: Liberum
-CVE-2005-1837
+CVE-2005-1837 (Fortinet firewall running FortiOS 2.x contains a hardcoded username wi ...)
 	NOT-FOR-US: Fortinet firewall
-CVE-2005-1836
+CVE-2005-1836 (NEXTWEB (i)Site allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: NEXTWEB
-CVE-2005-1835
+CVE-2005-1835 (NEXTWEB (i)Site stores databases under the web document root with insu ...)
 	NOT-FOR-US: NEXTWEB
-CVE-2005-1834
+CVE-2005-1834 (SQL injection vulnerability in login.asp in NEXTWEB (i)Site allows rem ...)
 	NOT-FOR-US: NEXTWEB
-CVE-2005-1833
+CVE-2005-1833 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00  ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-1832
+CVE-2005-1832 (Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 CVE-2005-1831
 	- sudo <not-affected> (Unreproducable, seems like a broken PAM setup on the submitter's side)
-CVE-2005-1830
+CVE-2005-1830 (The DbgMsg.sys driver in Compuware SoftICE DriverStudio 3.1 and 3.2 al ...)
 	NOT-FOR-US: SoftICE
-CVE-2005-1829
+CVE-2005-1829 (Microsoft Internet Explorer 6 SP2 allows remote attackers to cause a d ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1828
+CVE-2005-1828 (D-Link DSL-504T stores usernames and passwords in cleartext in the rou ...)
 	NOT-FOR-US: D-Link hardware issue
-CVE-2005-1827
+CVE-2005-1827 (D-Link DSL-504T allows remote attackers to bypass authentication and g ...)
 	NOT-FOR-US: D-Link hardware issue
-CVE-2005-1826
+CVE-2005-1826 (Buffer overflow in HP Radia Notify Daemon 3.1.0.0 (formerly by Novadig ...)
 	NOT-FOR-US: HP Radia
-CVE-2005-1825
+CVE-2005-1825 (Multiple stack-based buffer overflows in the nvd_exec function in HP R ...)
 	NOT-FOR-US: HP Radia
-CVE-2005-1824
+CVE-2005-1824 (The sql_escape_string function in auth/sql.c for the mailutils SQL aut ...)
 	- mailutils 1:0.6.1-2
-CVE-2005-1823
+CVE-2005-1823 (Multiple cross-site scripting (XSS) vulnerabilities in Qualiteam X-Car ...)
 	NOT-FOR-US: Qualiteam X-Cart
-CVE-2005-1822
+CVE-2005-1822 (Multiple SQL injection vulnerabilities in Qualiteam X-Cart 4.0.8 allow ...)
 	NOT-FOR-US: Qualiteam X-Cart
-CVE-2005-1821
+CVE-2005-1821 (PHP remote file inclusion vulnerability in pdl_header.inc.php in Power ...)
 	NOT-FOR-US: PowerDownload
-CVE-2005-1820
+CVE-2005-1820 (zboard.php in Zeroboard version 4.1pl2 to 4.1pl5 allows remote attacke ...)
 	NOT-FOR-US: Zeroboard
-CVE-2005-1819
+CVE-2005-1819 (Cross-site scripting (XSS) vulnerability in NikoSoft WebMail before 0. ...)
 	NOT-FOR-US: NikoSoft WebMail
-CVE-2005-1818
+CVE-2005-1818 (Multiple SQL injection vulnerabilities in NewLife Blogger before 3.3.1 ...)
 	NOT-FOR-US: NewLife Blogger
-CVE-2005-1817
+CVE-2005-1817 (Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2005-1816
+CVE-2005-1816 (Invision Power Board (IPB) 1.0 through 2.0.4 allows non-root admins to ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2005-1815
+CVE-2005-1815 (Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 a ...)
 	NOT-FOR-US: Hummingbird Connectivity
-CVE-2005-1814
+CVE-2005-1814 (Stack-based buffer overflow in PicoWebServer 1.0 allows remote attacke ...)
 	NOT-FOR-US: PicoWebServer
-CVE-2005-1813
+CVE-2005-1813 (Directory traversal vulnerability in FutureSoft TFTP Server Evaluation ...)
 	NOT-FOR-US: FutureSoft TFTP Server
-CVE-2005-1812
+CVE-2005-1812 (Multiple stack-based buffer overflows in FutureSoft TFTP Server Evalua ...)
 	NOT-FOR-US: FutureSoft TFTP Server
-CVE-2005-1811
+CVE-2005-1811 (Cross-site scripting (XSS) vulnerability in usercp.php for MyBulletinB ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-1810
+CVE-2005-1810 (SQL injection vulnerability in template-functions-category.php in Word ...)
 	- wordpress 1.5.1.2-1
-CVE-2005-1809
+CVE-2005-1809 (Sony Ericsson P900 Beamer allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Sony hardware issue
-CVE-2005-1808
+CVE-2005-1808 (Firefly Studios Stronghold 2 1.2 and earlier allows remote attackers t ...)
 	NOT-FOR-US: Stronghold game
-CVE-2005-1807
+CVE-2005-1807 (The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier all ...)
 	- libphp-phpmailer 1.73
-CVE-2005-1806
+CVE-2005-1806 (Format string vulnerability in PeerCast 0.1211 and earlier allows remo ...)
 	NOT-FOR-US: PeerCast
-CVE-2005-1805
+CVE-2005-1805 (SQL injection vulnerability in login.asp in an unknown product by Onli ...)
 	NOT-FOR-US: Online Solutions for Educators
-CVE-2005-1804
+CVE-2005-1804 (Multiple SQL injection vulnerabilities in Net Portal Dynamic System (N ...)
 	NOT-FOR-US: Net Portal Dynamic System
-CVE-2005-1803
+CVE-2005-1803 (Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dyna ...)
 	NOT-FOR-US: Net Portal Dynamic System
-CVE-2005-1802
+CVE-2005-1802 (Nortel VPN Router (aka Contivity) allows remote attackers to cause a d ...)
 	NOT-FOR-US: Nortel hardware
-CVE-2005-1801
+CVE-2005-1801 (The vCard viewer in Nokia 9500 allows attackers to cause a denial of s ...)
 	NOT-FOR-US: Nokia hardware
-CVE-2005-1800
+CVE-2005-1800 (Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 t ...)
 	NOT-FOR-US: Jaws glossary gadget
-CVE-2005-1799
+CVE-2005-1799 (Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and W ...)
 	NOT-FOR-US: FreeStyle Wiki
-CVE-2005-1798
+CVE-2005-1798 (Directory traversal vulnerability in ServersCheck Monitoring Software  ...)
 	NOT-FOR-US: ServersCheck
-CVE-2005-1797
+CVE-2005-1797 (The design of Advanced Encryption Standard (AES), aka Rijndael, allows ...)
 	NOTE: Cryptographic attack on AES, cannot be fixed
-CVE-2005-1796
+CVE-2005-1796 (Format string vulnerability in the curses_msg function in the Ncurses  ...)
 	{DSA-749-1}
 	- ettercap 1:0.7.1-1.1 (bug #311615)
-CVE-2005-1795
+CVE-2005-1795 (The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85 ...)
 	NOT-FOR-US: ClamAV on Mac OS X
-CVE-2005-1794
+CVE-2005-1794 (Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stor ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1793
+CVE-2005-1793 (User32.DLL in Microsoft Windows 98SE, and possibly other operating sys ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1792
+CVE-2005-1792 (Memory leak in Windows Management Instrumentation (WMI) service allows ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1791
+CVE-2005-1791 (Microsoft Internet Explorer 6 SP2 (6.0.2900.2180) crashes when the use ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1790
+CVE-2005-1790 (Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and ...)
 	{CVE-2005-3896}
 	NOT-FOR-US: Microsoft
 	NOTE: The exploit causes Mozilla to crash, see CVE-2005-3896.
-CVE-2005-1789
+CVE-2005-1789 (SQL injection vulnerability in SignIn.asp in India Software Solution s ...)
 	NOT-FOR-US: India Software Solution shopping cart
-CVE-2005-1788
+CVE-2005-1788 (SQL injection vulnerability in resellerresources.asp in Hosting Contro ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2005-1787
+CVE-2005-1787 (setup.php in phpStat 1.5 allows remote attackers to bypass authenticat ...)
 	NOT-FOR-US: phpStat
-CVE-2005-1786
+CVE-2005-1786 (SQL injection vulnerability in admin.asp in FunkyASP AD System 1.1 all ...)
 	NOT-FOR-US: FunkyASP
-CVE-2005-1785
+CVE-2005-1785 (SQL injection vulnerability in ad/login.asp in ZonGG 1.2 allows remote ...)
 	NOT-FOR-US: ZonGG
-CVE-2005-1784
+CVE-2005-1784 (Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers  ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2005-1783
+CVE-2005-1783 (BookReview beta 1.0 allows remote attackers to obtain the path of the  ...)
 	NOT-FOR-US: BookReview
-CVE-2005-1782
+CVE-2005-1782 (Multiple cross-site scripting (XSS) vulnerabilities in BookReview beta ...)
 	NOT-FOR-US: BookReview
-CVE-2005-1781
+CVE-2005-1781 (Unknown vulnerability in SMTP authentication for MailEnable allows rem ...)
 	NOT-FOR-US: MailEnable
-CVE-2005-1780
+CVE-2005-1780 (SQL injection vulnerability in admin/login.asp in Active News Manager  ...)
 	NOT-FOR-US: Active News Manager
-CVE-2005-1779
+CVE-2005-1779 (SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36 ...)
 	NOT-FOR-US: MaxWebPortal
-CVE-2005-1778
+CVE-2005-1778 (Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke 0 ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-1777
+CVE-2005-1777 (SQL injection vulnerability in readpmsg.php in PostNuke 0.750 allows r ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-1776
+CVE-2005-1776 (Buffer overflow in the READ_TCP_STRING function in game_message_functi ...)
 	NOT-FOR-US: C'Nedra
-CVE-2005-1775
+CVE-2005-1775 (Terminator 3: War of the Machines 1.16 and earlier allows remote attac ...)
 	NOT-FOR-US: Terminator game
-CVE-2005-1774
+CVE-2005-1774 (WEB-DAV Linux File System (davfs2) 0.2.3 does not properly enforce Uni ...)
 	- davfs2 0.2.4-1 (bug #310757; medium)
-CVE-2005-1773
+CVE-2005-1773 (Multiple unknown vulnerabilities in L-Soft LISTSERV 14.3, 1.8e, and 1. ...)
 	NOT-FOR-US: Listserv
-CVE-2005-1772
+CVE-2005-1772 (Buffer overflow in the client cd-key hash in Terminator 3: War of the  ...)
 	NOT-FOR-US: Terminator game
-CVE-2005-1771
+CVE-2005-1771 (Unknown vulnerability in HP-UX trusted systems B.11.00 through B.11.23 ...)
 	NOT-FOR-US: HPUX
-CVE-2005-1770
+CVE-2005-1770 (Buffer overflow in the Aavmker4 device driver in Avast! Antivirus 4.6  ...)
 	NOT-FOR-US: Avast
-CVE-2005-1769
+CVE-2005-1769 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1. ...)
 	{DSA-756-1}
 	- squirrelmail 2:1.4.4-6sarge1 (bug #314374; medium)
-CVE-2005-1768
+CVE-2005-1768 (Race condition in the ia32 compatibility code for the execve system ca ...)
 	{DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (medium; bug #319629)
-CVE-2005-1767
+CVE-2005-1767 (traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment fau ...)
 	{DSA-922-1 DSA-921-1}
 	- linux-2.6 2.6.12-1
 	- kernel-source-2.4.27 2.4.27-11
 	NOTE: amd64 is not supported for 2.4 (the issue is amd64 speficic)
-CVE-2005-1766
+CVE-2005-1766 (Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1 ...)
 	{DSA-826-1}
 	- helix-player 1.0.5-1 (bug #316276; high)
 	NOTE: Helix Player is affected according to:
 	NOTE: <http://service.real.com/help/faq/security/050623_player/EN/>
-CVE-2005-1765
+CVE-2005-1765 (syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, ...)
 	{DSA-922-1 DTSA-16-1}
 	- linux-2.6 2.6.12-1 (medium)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-1764
+CVE-2005-1764 (Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard pag ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-1763
+CVE-2005-1763 (Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures ...)
 	{DSA-922-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc5)
-CVE-2005-1762
+CVE-2005-1762 (The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 p ...)
 	{DSA-922-1 DSA-921-1 DTSA-16-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc5)
 	- kernel-source-2.4.27 2.4.27-11
-CVE-2005-1761
+CVE-2005-1761 (Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users t ...)
 	{DSA-1018-1 DSA-922-1 DTSA-16-1}
 	- linux-2.6 2.6.12-1 (medium)
-CVE-2005-1760
+CVE-2005-1760 (sysreport 1.3.15 and earlier includes contents of the up2date file in  ...)
 	NOT-FOR-US: sysreport
-CVE-2005-1759
+CVE-2005-1759 (Race condition in shtool 2.0.1 and earlier allows local users to modif ...)
 	- shtool 2.0.1-2 (low)
 	[sarge] - shtool <no-dsa> (Minor issue)
 	- mysql-ocaml 1.0.3-6 (unimportant)
 	- php4 4:4.4.0-1 (unimportant)
-CVE-2005-1758
+CVE-2005-1758 (Buffer overflow in the IMAP command continuation function in Novell Ne ...)
 	NOT-FOR-US: Novell
-CVE-2005-1757
+CVE-2005-1757 (Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.5 ...)
 	NOT-FOR-US: Novell
-CVE-2005-1756
+CVE-2005-1756 (Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novel ...)
 	NOT-FOR-US: Novell
-CVE-2005-1751
+CVE-2005-1751 (Race condition in shtool 2.0.1 and earlier allows local users to creat ...)
 	{DSA-789-1 DTSA-15-1}
 	- shtool 2.0.1-2 (bug #311206; low)
 	[sarge] - shtool <no-dsa> (Minor issue)
@@ -7540,203 +7540,203 @@ CVE-2005-XXXX [osh buffer overflow]
 	- osh 1.7-13 (bug #311369)
 CVE-2005-XXXX [xile buffer overrun in terminal code]
 	- zile 2.0.4-2
-CVE-2005-1750
+CVE-2005-1750 (SQL injection vulnerability in login.asp in ezdwc NewsletterEz 3.0 all ...)
 	NOT-FOR-US: ezwdc NewsletterEz
-CVE-2005-1749
+CVE-2005-1749 (Buffer overflow in BEA WebLogic Server and WebLogic Express 6.1 Servic ...)
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1748
+CVE-2005-1748 (The embedded LDAP server in BEA WebLogic Server and Express 8.1 throug ...)
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1747
+CVE-2005-1747 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Se ...)
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1746
+CVE-2005-1746 (The cluster cookie parsing code in BEA WebLogic Server 7.0 through Ser ...)
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1745
+CVE-2005-1745 (The UserLogin control in BEA WebLogic Portal 8.1 through Service Pack  ...)
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1744
+CVE-2005-1744 (BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 do ...)
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1743
+CVE-2005-1743 (BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 an ...)
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1742
+CVE-2005-1742 (BEA WebLogic Server and WebLogic Express 8.1 SP2 and SP3 allows users  ...)
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1741
+CVE-2005-1741 (Gearbox Software Halo: Combat Evolved 1.6 allows remote attackers to c ...)
 	NOT-FOR-US: Halo
-CVE-2005-1740
+CVE-2005-1740 (fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecu ...)
 	- net-snmp <not-affected> (fixproc not installed in Debian package)
-CVE-2005-1739
+CVE-2005-1739 (The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick befo ...)
 	- imagemagick 6:6.0.6.2-2.4 (bug #310690; bug #310812)
-CVE-2005-1738
+CVE-2005-1738 (Format string vulnerability in the logPrintBadfile function in delbadf ...)
 	NOT-FOR-US: Iron Bars Shell
-CVE-2005-1737
+CVE-2005-1737 (Multiple unknown vulnerabilities in PROMS 0.11 allow "non-authorized u ...)
 	NOT-FOR-US: PROMS
-CVE-2005-1736
+CVE-2005-1736 (PROMS 0.11 does not properly handle "certain combinations of rights,"  ...)
 	NOT-FOR-US: PROMS
-CVE-2005-1735
+CVE-2005-1735 (Multiple cross-site scripting (XSS) vulnerabilities in PROMS before 0. ...)
 	NOT-FOR-US: PROMS
-CVE-2005-1734
+CVE-2005-1734 (Multiple SQL injection vulnerabilities in PROMS before 0.11 allow remo ...)
 	NOT-FOR-US: PROMS
-CVE-2005-1733
+CVE-2005-1733 (Cookie Cart stores the password file under the web document root with  ...)
 	NOT-FOR-US: Cookie Cart
-CVE-2005-1732
+CVE-2005-1732 (Cookie Cart allows remote attackers to read the Order Notification lis ...)
 	NOT-FOR-US: Cookie Cart
 CVE-2005-1731
 	REJECTED
-CVE-2005-1730
+CVE-2005-1730 (Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novel ...)
 	NOT-FOR-US: Novell iManager
-CVE-2005-1729
+CVE-2005-1729 (Novell eDirectory 8.7.3 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Novell
-CVE-2005-1728
+CVE-2005-1728 (MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Port ...)
 	NOT-FOR-US: Apple
-CVE-2005-1727
+CVE-2005-1727 (Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writ ...)
 	NOT-FOR-US: Apple
-CVE-2005-1726
+CVE-2005-1726 (The CoreGraphics Window Server in Mac OS X 10.4.1 allows local users w ...)
 	NOT-FOR-US: Apple
-CVE-2005-1725
+CVE-2005-1725 (launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users t ...)
 	NOT-FOR-US: Apple
-CVE-2005-1724
+CVE-2005-1724 (NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the - ...)
 	NOT-FOR-US: Apple
-CVE-2005-1723
+CVE-2005-1723 (LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly ...)
 	NOT-FOR-US: Apple
-CVE-2005-1722
+CVE-2005-1722 (Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 1 ...)
 	NOT-FOR-US: Apple
-CVE-2005-1721
+CVE-2005-1721 (Buffer overflow in the legacy client support for AFP Server for Mac OS ...)
 	NOT-FOR-US: Apple
-CVE-2005-1720
+CVE-2005-1720 (AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does ...)
 	NOT-FOR-US: Apple
-CVE-2005-1719
+CVE-2005-1719 (Unknown vulnerability in ALWIL avast! antivirus 4 (4.6.6230) and earli ...)
 	NOT-FOR-US: avast! antivirus
-CVE-2005-1718
+CVE-2005-1718 (Buffer overflow in LS Games War Times 1.03 and earlier allows remote a ...)
 	NOT-FOR-US: War Times
-CVE-2005-1717
+CVE-2005-1717 (ZyXEL Prestige 650R-31 router running ZyNOS FW v3.40(KO.1) allows remo ...)
 	NOT-FOR-US: Zyxel hardware
-CVE-2005-1716
+CVE-2005-1716 (TOPo 2.2 (2.2.178) stores data files in the data directory under the w ...)
 	NOT-FOR-US: TOPo
-CVE-2005-1715
+CVE-2005-1715 (Cross-site scripting (XSS) vulnerability in index.php for TOPo 2.2 (2. ...)
 	NOT-FOR-US: TOPo
-CVE-2005-1714
+CVE-2005-1714 (Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 all ...)
 	NOT-FOR-US: SurgeMail
-CVE-2005-1713
+CVE-2005-1713 (Multiple cross-site scripting (XSS) vulnerabilities in Serendipity 0.8 ...)
 	NOT-FOR-US: Serendipity
-CVE-2005-1712
+CVE-2005-1712 (Unknown vulnerability in Serendipity 0.8, when used with multiple auth ...)
 	NOT-FOR-US: Serendipity
-CVE-2005-1711
+CVE-2005-1711 (Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0. ...)
 	NOT-FOR-US: Gibraltar Firewall
-CVE-2005-1710
+CVE-2005-1710 (Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Repor ...)
 	NOT-FOR-US: Blue Coat
-CVE-2005-1709
+CVE-2005-1709 (Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote ...)
 	NOT-FOR-US: Blue Coat
-CVE-2005-1708
+CVE-2005-1708 (templates.admin.users.user_form_processing in Blue Coat Reporter befor ...)
 	NOT-FOR-US: Blue Coat
-CVE-2005-1707
+CVE-2005-1707 (The fn_show_postinst function in Gentoo webapp-config before 1.10-r14  ...)
 	NOT-FOR-US: Gentoo
-CVE-2005-1706
+CVE-2005-1706 (Unknown vulnerability in MailScanner 4.41.3 and earlier, related to "i ...)
 	- mailscanner 4.42.9 (bug #310774; low)
 	[sarge] - mailscanner <no-dsa> (Minor issue)
-CVE-2005-1705
+CVE-2005-1705 (gdb before 6.3 searches the current working directory to load the .gdb ...)
 	- gdb 6.3-6
-CVE-2005-1704
+CVE-2005-1704 (Integer overflow in the Binary File Descriptor (BFD) library for gdb b ...)
 	- gdb 6.3-6
-CVE-2005-1703
+CVE-2005-1703 (Warrior Kings: Battles 1.23 and earlier allows remote attackers to cau ...)
 	NOT-FOR-US: Warrior Kings: Battles
-CVE-2005-1702
+CVE-2005-1702 (Format string vulnerability in Warrior Kings: Battles 1.23 and earlier ...)
 	NOT-FOR-US: Warrior Kings: Battles
-CVE-2005-1701
+CVE-2005-1701 (SQL injection vulnerability in PortailPHP 1.3 allows remote attackers  ...)
 	NOT-FOR-US: PortailPHP
-CVE-2005-1700
+CVE-2005-1700 (SQL injection vulnerability in pnadmin.php in the Xanthia module in Po ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-1699
+CVE-2005-1699 (Directory traversal vulnerability in pnadminapi.php in the Xanthia mod ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-1698
+CVE-2005-1698 (PostNuke 0.750 and 0.760RC3 allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-1697
+CVE-2005-1697 (The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote at ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-1696
+CVE-2005-1696 (Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.750  ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-1695
+CVE-2005-1695 (Multiple cross-site scripting (XSS) vulnerabilities in the RSS module  ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-1694
+CVE-2005-1694 (Multiple SQL injection vulnerabilities in Xanthia.php in the Xanthia m ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-1693
+CVE-2005-1693 (Integer overflow in Computer Associates Vet Antivirus library, as used ...)
 	NOT-FOR-US: CA Antivirus
-CVE-2005-1692
+CVE-2005-1692 (Format string vulnerability in gxine 0.4.1 through 0.4.4, and other ve ...)
 	- gxine 0.4.7-0.1 (bug #310712; medium)
-CVE-2005-1691
+CVE-2005-1691 (Directory traversal vulnerability in Internet Graphics Server in SAP b ...)
 	NOT-FOR-US: SAP
 CVE-2005-1690
 	REJECTED
-CVE-2005-1689
+CVE-2005-1689 (Double free vulnerability in the krb5_recvauth function in MIT Kerbero ...)
 	{DSA-757-1}
 	- krb5 1.3.6-4 (medium)
-CVE-2005-1688
+CVE-2005-1688 (Wordpress 1.5 and earlier allows remote attackers to obtain sensitive  ...)
 	- wordpress 1.5.1-1
-CVE-2005-1687
+CVE-2005-1687 (SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and e ...)
 	- wordpress 1.5.1-1
-CVE-2005-1686
+CVE-2005-1686 (Format string vulnerability in gedit 2.10.2 may allow attackers to cau ...)
 	{DSA-753-1}
 	NOTE: Only exploitable under rare circumstances
 	- gedit 2.10.3-1 (low)
-CVE-2005-1685
+CVE-2005-1685 (episodex guestbook allows remote attackers to bypass authentication an ...)
 	NOT-FOR-US: episodex
-CVE-2005-1684
+CVE-2005-1684 (Cross-site scripting (XSS) vulnerability in default.asp for episodex g ...)
 	NOT-FOR-US: episodex
-CVE-2005-1683
+CVE-2005-1683 (Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft W ...)
 	NOT-FOR-US: Microsoft
 CVE-2005-1682
 	NOT-FOR-US: Solstice Internet Mail Server
-CVE-2005-1681
+CVE-2005-1681 (PHP remote file inclusion vulnerability in common.php in phpATM 1.21,  ...)
 	NOT-FOR-US: phpATM
-CVE-2005-1680
+CVE-2005-1680 (D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firm ...)
 	NOT-FOR-US: D-Link hardware
-CVE-2005-1679
+CVE-2005-1679 (Stack-based buffer overflow in the error directive in picasm 1.12b and ...)
 	- picasm 1.12c-1
-CVE-2005-1678
+CVE-2005-1678 (Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, a ...)
 	NOT-FOR-US: Groove
-CVE-2005-1677
+CVE-2005-1677 (Unknown vulnerability in Groove Virtual Office before 3.1 build 2338,  ...)
 	NOT-FOR-US: Groove
-CVE-2005-1676
+CVE-2005-1676 (Multiple cross-site scripting (XSS) vulnerabilities in Groove Mobile W ...)
 	NOT-FOR-US: Groove
-CVE-2005-1675
+CVE-2005-1675 (Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, a ...)
 	NOT-FOR-US: Groove
-CVE-2005-1674
+CVE-2005-1674 (Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live al ...)
 	NOT-FOR-US: Help Center Live
-CVE-2005-1673
+CVE-2005-1673 (Multiple SQL injection vulnerabilities in Help Center Live allow remot ...)
 	NOT-FOR-US: Help Center Live
-CVE-2005-1672
+CVE-2005-1672 (Multiple cross-site scripting (XSS) vulnerabilities in Help Center Liv ...)
 	NOT-FOR-US: Help Center Live
-CVE-2005-1671
+CVE-2005-1671 (The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activat ...)
 	NOT-FOR-US: Yahoo Messenger
-CVE-2005-1670
+CVE-2005-1670 (Unknown vulnerability in Extreme BlackDiamond 10808 and 8800 switches  ...)
 	NOT-FOR-US: Extreme BlackDiamond hardware
-CVE-2005-1669
+CVE-2005-1669 (Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 ...)
 	NOT-FOR-US: Opera
-CVE-2005-1668
+CVE-2005-1668 (YusASP Web Asset Manager 1.0 allows remote attackers to gain privilege ...)
 	NOT-FOR-US: YusASP Web Asset Manager
-CVE-2005-1667
+CVE-2005-1667 (DataTrac Activity Console 1.1 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: DataTrac Activity Console
-CVE-2005-1666
+CVE-2005-1666 (Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remot ...)
 	NOT-FOR-US: Orenosv
-CVE-2005-1665
+CVE-2005-1665 (The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not crypt ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1664
+CVE-2005-1664 (The __VIEWSTATE functionality in Microsoft ASP.NET 1.x allows remote a ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1663
+CVE-2005-1663 (Jeuce Personal Web Server 2.13 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Jeuce Personal Web Server
-CVE-2005-1662
+CVE-2005-1662 (Directory traversal vulnerability in Jeuce Personal Web Server 2.13 al ...)
 	NOT-FOR-US: Jeuce Personal Web Server
-CVE-2005-1661
+CVE-2005-1661 (Jeuce Personal Webserver 2.13 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Jeuce Personal Web Server
-CVE-2005-1660
+CVE-2005-1660 (HTMLJunction EZGuestbook stores the guestbook.mdb file under the web d ...)
 	NOT-FOR-US: EZGuestbook
-CVE-2005-1659
+CVE-2005-1659 (Cross-site scripting (XSS) vulnerability in filemanager.cpp in MyServe ...)
 	NOT-FOR-US: MyServer
-CVE-2005-1658
+CVE-2005-1658 (Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 a ...)
 	NOT-FOR-US: MyServer
-CVE-2005-1657
+CVE-2005-1657 (Multiple directory traversal vulnerabilities in Mercur Messaging 2005  ...)
 	NOT-FOR-US: Mercur Messaging
-CVE-2005-1656
+CVE-2005-1656 (Mercur Messaging 2005 SP2 allows remote attackers to read the source c ...)
 	NOT-FOR-US: Mercur Messaging
-CVE-2005-1655
+CVE-2005-1655 (AOL Instant Messenger 5.5.x and earlier allows remote attackers to cau ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2005-1654
+CVE-2005-1654 (Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers  ...)
 	NOT-FOR-US: Hosting Controller
 CVE-2005-XXXX [Two DoS condition in ekg]
 	- ekg 1:1.5+20050411-3
@@ -7744,137 +7744,137 @@ CVE-2005-XXXX [lcrash affected by libbfd integer overflows]
 	- lcrash 7.0.0.pre.cvs.20050322-3
 CVE-2005-XXXX [Multiple security problems in lbreakout2]
 	- lbreakout2 2.5.2-2
-CVE-2005-1653
+CVE-2005-1653 (Cross-site scripting (XSS) vulnerability in message.htm for Woppoware  ...)
 	NOT-FOR-US: Woppoware
-CVE-2005-1652
+CVE-2005-1652 (message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote ...)
 	NOT-FOR-US: Woppoware
-CVE-2005-1651
+CVE-2005-1651 (Directory traversal vulnerability in message.htm for Woppoware PostMas ...)
 	NOT-FOR-US: Woppoware
-CVE-2005-1650
+CVE-2005-1650 (The web mail service in Woppoware PostMaster 4.2.2 (build 3.2.5) gener ...)
 	NOT-FOR-US: Woppoware
-CVE-2005-1649
+CVE-2005-1649 (The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, wit ...)
 	NOT-FOR-US: Windows
-CVE-2005-1648
+CVE-2005-1648 (Gurgens (GASoft) Ultimate Forum 1.0 stores the db/Genid.dat database f ...)
 	NOT-FOR-US: GASoft
-CVE-2005-1647
+CVE-2005-1647 (Gurgens (GASoft) Guest Book 2.1 stores the db/Genid.dat database file  ...)
 	NOT-FOR-US: GASoft
-CVE-2005-1646
+CVE-2005-1646 (The default installation of Fastream NETFile FTP/Web Server 7.4.6, whi ...)
 	NOT-FOR-US: Fastream NETFile
-CVE-2005-1645
+CVE-2005-1645 (Keyvan1 ImageGallery stores the image.mdb database under the web docum ...)
 	NOT-FOR-US: Keyvan1 Gallery
-CVE-2005-1644
+CVE-2005-1644 (Cross-site scripting (XSS) vulnerability in guestbook.php for 1Two Liv ...)
 	NOT-FOR-US: Livre d'Or
-CVE-2005-1643
+CVE-2005-1643 (The ZCom_BitStream::Deserialize function in Zoidcom 1.0 beta 4 and ear ...)
 	NOT-FOR-US: Zoidcom
-CVE-2005-1642
+CVE-2005-1642 (SQL injection vulnerability in the verify_email function in Woltlab Bu ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2005-1641
+CVE-2005-1641 (mod_channel in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and ...)
 	NOT-FOR-US: Ignition Project
-CVE-2005-1640
+CVE-2005-1640 (mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6, ...)
 	NOT-FOR-US: Ignition Project
-CVE-2005-1639
+CVE-2005-1639 (SQL injection vulnerability in Sigmaweb.DLL in Sigma ISP Manager 6.6 a ...)
 	NOT-FOR-US: Sigma
-CVE-2005-1638
+CVE-2005-1638 (The _writeAttrs function in SafeHTML before 1.3.2 does not properly ha ...)
 	NOT-FOR-US: SafeHTML
-CVE-2005-1637
+CVE-2005-1637 (Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remot ...)
 	NOT-FOR-US: NPDS
-CVE-2005-1636
+CVE-2005-1636 (mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 crea ...)
 	{DSA-783-1}
 	- mysql-dfsg 4.0.12-2 (bug #319526; low)
 	- mysql-dfsg-4.1 4.1.12 (medium; bug #319526)
 	- mysql-dfsg-5.0 5.0.11beta-3 (medium)
-CVE-2005-1635
+CVE-2005-1635 (JGS-XA JGS-Portal 3.0.2 and earlier allows remote attackers to obtain  ...)
 	NOT-FOR-US: JGS-Portal
-CVE-2005-1634
+CVE-2005-1634 (Multiple cross-site scripting (XSS) vulnerabilities in JGS-XA JGS-Port ...)
 	NOT-FOR-US: JGS-Portal
-CVE-2005-1633
+CVE-2005-1633 (Multiple SQL injection vulnerabilities in JGS-XA JGS-Portal 3.0.2 and  ...)
 	NOT-FOR-US: JGS-Portal
-CVE-2005-1632
+CVE-2005-1632 (Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules befo ...)
 	- cheetah 0.9.16-1
-CVE-2005-1631
+CVE-2005-1631 (booby.php in Booby 1.0.0 and earlier allows remote attackers to view p ...)
 	NOT-FOR-US: Booby
-CVE-2005-1630
+CVE-2005-1630 (Unknown vulnerability in Attachment Mod before 2.3.13, related to a "s ...)
 	NOT-FOR-US: phpbb attachment mod
-CVE-2005-1629
+CVE-2005-1629 (SQL injection vulnerability in member.php for Photopost PHP Pro allows ...)
 	NOT-FOR-US: Photopost
-CVE-2005-1628
+CVE-2005-1628 (apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows r ...)
 	NOT-FOR-US: WebAPP
-CVE-2005-1627
+CVE-2005-1627 (Unknown vulnerability in Viewglob before 2.0.1, related to "a potentia ...)
 	- viewglob 2.0.1-1
 	[sarge] - viewglob <not-affected> (1.x version in Sarge is not vulnerable)
-CVE-2005-1626
+CVE-2005-1626 (Multiple buffer overflows in handlers.c for Pico Server (pServ) before ...)
 	NOT-FOR-US: Pico Server
-CVE-2005-1625
+CVE-2005-1625 (Stack-based buffer overflow in the UnixAppOpenFilePerform function in  ...)
 	NOT-FOR-US: Acrobat Reader
 CVE-2005-1624
 	RESERVED
 CVE-2005-1623
 	RESERVED
-CVE-2005-1622
+CVE-2005-1622 (Cross-site scripting (XSS) vulnerability in productsByCategory.asp in  ...)
 	NOT-FOR-US: MetaCart
-CVE-2005-1621
+CVE-2005-1621 (Directory traversal vulnerability in the pnModFunc function in pnMod.p ...)
 	NOT-FOR-US: Postnuke mod
-CVE-2005-1620
+CVE-2005-1620 (Cross-site scripting (XSS) vulnerability in Skull-Splitter Guestbook 1 ...)
 	NOT-FOR-US: Skull-Splitter Guestbook
-CVE-2005-1619
+CVE-2005-1619 (Multiple cross-site scripting (XSS) vulnerabilities in (1) start_page. ...)
 	NOT-FOR-US: PHPMyChat
-CVE-2005-1618
+CVE-2005-1618 (The YMSGR URL handler in Yahoo! Messenger 5.x through 6.0 allows remot ...)
 	NOT-FOR-US: Yahoo Messenger
-CVE-2005-1617
+CVE-2005-1617 (Willings WebCam and WebCam Lite 2.8 and earlier stores the password in ...)
 	NOT-FOR-US: Willings WebCAM
-CVE-2005-1616
+CVE-2005-1616 (viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows rem ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-1615
+CVE-2005-1615 (viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow  ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-1614
+CVE-2005-1614 (Cross-site scripting (XSS) vulnerability in viewforum.php in Ultimate  ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2005-1613
+CVE-2005-1613 (Cross-site scripting (XSS) vulnerability in member.php in Open Bulleti ...)
 	NOT-FOR-US: OpenBB
-CVE-2005-1612
+CVE-2005-1612 (SQL injection vulnerability in read.php in Open Bulletin Board (OpenBB ...)
 	NOT-FOR-US: OpenBB
-CVE-2005-1611
+CVE-2005-1611 (Cross-site scripting (XSS) vulnerability in WebX in Web Crossing 5.x a ...)
 	NOT-FOR-US: Web Crossing
-CVE-2005-1610
+CVE-2005-1610 (Cross-site scripting (XSS) vulnerability in security.php for Tru-Zone  ...)
 	NOT-FOR-US: Tru-Zone NukeET
-CVE-2005-1609
+CVE-2005-1609 (Unknown vulnerability in Sun StorEdge 6130 Arrays (SE6130) with serial ...)
 	NOT-FOR-US: Sun StorEdge 6130 Arrays
-CVE-2005-1608
+CVE-2005-1608 (Multiple unknown vulnerabilities in the Blocks module in Spidean AutoT ...)
 	NOT-FOR-US: Spidean AutoTheme 1.7 and AT-Lite for PostNuke
-CVE-2005-1607
+CVE-2005-1607 (Cross-site scripting (XSS) vulnerability in shop.cgi in Remote Cart al ...)
 	NOT-FOR-US: Remote Cart
-CVE-2005-1606
+CVE-2005-1606 (H-Sphere Winbox 2.4.2 and 2.4.3 RC1 stores sensitive information such  ...)
 	NOT-FOR-US: H-Sphere Winbox
-CVE-2005-1605
+CVE-2005-1605 (Cross-site scripting (XSS) vulnerability in the guestbook for SiteStud ...)
 	NOT-FOR-US: guestbook for SiteStudio
-CVE-2005-1604
+CVE-2005-1604 (PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to ...)
 	NOT-FOR-US: phpATM
-CVE-2005-1603
+CVE-2005-1603 (NiteEnterprises Remote File Manager 1.0 allows remote attackers to cau ...)
 	NOT-FOR-US: NiteEnterprises Remote File Manager
-CVE-2005-1602
+CVE-2005-1602 (SQL injection vulnerability in login.asp for Net56 Browser Based File  ...)
 	NOT-FOR-US: Net56 Browser Based File Manager
-CVE-2005-1601
+CVE-2005-1601 (MRO Maximo Self Service 4 and 5 stores certain information under the w ...)
 	NOT-FOR-US: MRO Maximo Self Service
-CVE-2005-1600
+CVE-2005-1600 (A "mathematical flaw" in the implementation of the El Gamal signature  ...)
 	NOT-FOR-US: LibTomCrypt
-CVE-2005-1599
+CVE-2005-1599 (Cross-site scripting (XSS) vulnerability in Kryloff Technologies Subje ...)
 	NOT-FOR-US: Kryloff Technologies Subject Search Server
-CVE-2005-1598
+CVE-2005-1598 (SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and ea ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2005-1597
+CVE-2005-1597 (Cross-site scripting (XSS) vulnerability in (1) search.php and (2) top ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2005-1596
+CVE-2005-1596 (index.php in Fusion SBX 1.2 and earlier does not properly use the extr ...)
 	NOT-FOR-US: Fusion SBX
-CVE-2005-1595
+CVE-2005-1595 (CodeThat ShoppingCart 1.3.1 stores config.ini under the web root, whic ...)
 	NOT-FOR-US: CodeThat ShoppingCart
-CVE-2005-1594
+CVE-2005-1594 (SQL injection vulnerability in catalog.php for CodeThat ShoppingCart 1 ...)
 	NOT-FOR-US: CodeThat ShoppingCart
-CVE-2005-1593
+CVE-2005-1593 (Cross-site scripting (XSS) vulnerability in catalog.php for CodeThat S ...)
 	NOT-FOR-US: CodeThat ShoppingCart
-CVE-2005-1592
+CVE-2005-1592 (Multiple "javascript vulerabilities in BB code" in BirdBlog before 1.3 ...)
 	NOT-FOR-US: BirdBlog
-CVE-2005-1591
+CVE-2005-1591 (Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote att ...)
 	NOT-FOR-US: Solaris
-CVE-2005-1590
+CVE-2005-1590 (The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows loc ...)
 	NOT-FOR-US: Altiris Client Service for Windows
 CVE-2005-XXXX [clamav: DoS through multiple empty Content-Disposition header lines]
 	- clamav 0.85.1-1 (low)
@@ -7882,107 +7882,107 @@ CVE-2005-XXXX [clamav: DoS through multiple empty Content-Disposition header lin
 CVE-2005-XXXX [libxpm4: new s_popen() function is insecure garbage]
 	- xfree86 4.3.0.dfsg.1-14 (bug #308783)
 	- xorg-x11 <not-affected> (Xfree-specific, inspected the Subversion tree)
-CVE-2005-1589
+CVE-2005-1589 (The pkt_ioctl function in the pktcdvd block device ioctl handler (pktc ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc5)
 	[sarge] - kernel-source-2.6.8 <not-affected>
 CVE-2005-1588
 	NOT-FOR-US: Quick.cart
-CVE-2005-1587
+CVE-2005-1587 (Cross-site scripting (XSS) vulnerability in index.php for Quick.cart 0 ...)
 	NOT-FOR-US: Quick.cart
-CVE-2005-1586
+CVE-2005-1586 (Quick.Forum 2.1.6 stores potentially sensitive information such as use ...)
 	NOT-FOR-US: Quick.Forum
-CVE-2005-1585
+CVE-2005-1585 (Multiple SQL injection vulnerabilities in Quick.Forum 2.1.6 allow remo ...)
 	NOT-FOR-US: Quick.Forum
-CVE-2005-1584
+CVE-2005-1584 (Cross-site scripting (XSS) vulnerability in index.php for Quick.Forum  ...)
 	NOT-FOR-US: Quick.Forum
-CVE-2005-1583
+CVE-2005-1583 (1Two News 1.0 allows remote attackers to (1) delete images for new sto ...)
 	NOT-FOR-US: 1Two News
-CVE-2005-1582
+CVE-2005-1582 (Cross-site scripting (XSS) vulnerability in index.php for 1Two News 1. ...)
 	NOT-FOR-US: 1Two News
-CVE-2005-1581
+CVE-2005-1581 (Cross-site scripting (XSS) vulnerability in Bug Report 1.0 allows remo ...)
 	NOT-FOR-US: bug_list.php
-CVE-2005-1580
+CVE-2005-1580 (users.ini.php in BoastMachine 3.0 does not properly restrict the types ...)
 	NOT-FOR-US: BoastMachine
-CVE-2005-1579
+CVE-2005-1579 (Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to ...)
 	NOT-FOR-US: Apple
-CVE-2005-1578
+CVE-2005-1578 (EnCase Forensic Edition 4.18a does not support Device Configuration Ov ...)
 	NOT-FOR-US: EnCase
-CVE-2005-1577
+CVE-2005-1577 (APG Technology ClassMaster does not properly restrict access to sensit ...)
 	NOT-FOR-US: APG Classmaster
-CVE-2005-1576
+CVE-2005-1576 (The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows ...)
 	NOTE: appears windows specific
-CVE-2005-1575
+CVE-2005-1575 (The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows ...)
 	NOTE: appears windows specific
-CVE-2005-1574
+CVE-2005-1574 (Windows Media Player 9 and 10, in certain cases, allows content protec ...)
 	NOT-FOR-US: Windows
-CVE-2005-1573
+CVE-2005-1573 (SQL injection vulnerability in admin_login.asp for ASP Virtual News Ma ...)
 	NOT-FOR-US: ASP Virtual News Manager
-CVE-2005-1572
+CVE-2005-1572 (ShowOff! 1.5.4 allows remote attackers to cause a denial of service (s ...)
 	NOT-FOR-US: ShowOff
-CVE-2005-1571
+CVE-2005-1571 (Multiple directory traversal vulnerabilities in ShowOff! 1.5.4 allow r ...)
 	NOT-FOR-US: ShowOff
-CVE-2005-1570
+CVE-2005-1570 (forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full pa ...)
 	NOTE: for-for-us (bttlxeForum)
-CVE-2005-1569
+CVE-2005-1569 (Cross-site scripting (XSS) vulnerability in DirectTopics 2.1 and 2.2 a ...)
 	NOT-FOR-US: DirectTopics
-CVE-2005-1568
+CVE-2005-1568 (topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to obtai ...)
 	NOT-FOR-US: DirectTopics
-CVE-2005-1567
+CVE-2005-1567 (SQL injection vulnerability in topic.php in DirectTopics 2.1 and 2.2 a ...)
 	NOT-FOR-US: DirectTopics
-CVE-2005-1566
+CVE-2005-1566 (Acrowave AAP-3100AR wireless router allows remote attackers to bypass  ...)
 	NOT-FOR-US: Acrowave AAP-3100AR wireless router
-CVE-2005-1565
+CVE-2005-1565 (Bugzilla 2.17.1 through 2.18, 2.19.1, and 2.19.2, when a user is promp ...)
 	[woody] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
 	[sarge] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
 	- bugzilla 2.18-7 (bug #308789; medium)
-CVE-2005-1564
+CVE-2005-1564 (post_bug.cgi in Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 allows  ...)
 	- bugzilla 2.16.7-7sarge1
-CVE-2005-1563
+CVE-2005-1563 (Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 displays a different er ...)
 	- bugzilla 2.16.7-7sarge1
-CVE-2005-1562
+CVE-2005-1562 (Multiple SQL injection vulnerabilities in MaxWebPortal 1.3.5 and earli ...)
 	NOT-FOR-US: MaxWebPortal
-CVE-2005-1561
+CVE-2005-1561 (Multiple cross-site scripting (XSS) vulnerabilities in post.asp in Max ...)
 	NOT-FOR-US: MaxWebPortal
-CVE-2005-1560
+CVE-2005-1560 (The SSH module in Neteyes Nexusway allows remote attackers to execute  ...)
 	NOT-FOR-US: Nexusway
-CVE-2005-1559
+CVE-2005-1559 (The web module in Neteyes Nexusway allows remote attackers to execute  ...)
 	NOT-FOR-US: Nexusway
-CVE-2005-1558
+CVE-2005-1558 (The web module in Neteyes Nexusway allows remote attackers to bypass a ...)
 	NOT-FOR-US: Nexusway
-CVE-2005-1557
+CVE-2005-1557 (Multiple cross-site scripting (XSS) vulnerabilities in WebApp Guestboo ...)
 	NOT-FOR-US: WebApp Guestbook PRO
-CVE-2005-1556
+CVE-2005-1556 (Gamespy cd-key validation system allows remote attackers to cause a de ...)
 	NOT-FOR-US: Gamespy cd-key validation system
-CVE-2005-1555
+CVE-2005-1555 (Cross-site scripting (XSS) vulnerability in the JRun Web Server in Col ...)
 	NOT-FOR-US: JRun
-CVE-2005-1554
+CVE-2005-1554 (SQL injection vulnerability in view_user.php in WowBB 1.6, 1.61, and 1 ...)
 	NOT-FOR-US: WowBB
-CVE-2005-1553
+CVE-2005-1553 (GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0 uses a w ...)
 	NOT-FOR-US: GeoVision Digital Video Surveillance System
-CVE-2005-1552
+CVE-2005-1552 (GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0, when se ...)
 	NOT-FOR-US: GeoVision Digital Video Surveillance System
-CVE-2005-1551
+CVE-2005-1551 (Sophos Anti-Virus 3.93 does not check downloaded files for viruses whe ...)
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2005-1550
+CVE-2005-1550 (easymsgb.pl in Easy Message Board allows remote attackers to execute a ...)
 	NOT-FOR-US: easy message board
-CVE-2005-1549
+CVE-2005-1549 (Directory traversal vulnerability in easymsgb.pl in Easy Message Board ...)
 	NOT-FOR-US: easy message board
-CVE-2005-1548
+CVE-2005-1548 (SQL injection vulnerability in index.php in Advanced Guestbook 2.3.1 a ...)
 	NOT-FOR-US: Advanced Guestbook
-CVE-2005-1547
+CVE-2005-1547 (Heap-based buffer overflow in the demo version of Bakbone Netvault, an ...)
 	NOT-FOR-US: Bakbone Netvault
-CVE-2005-1546
+CVE-2005-1546 (Buffer overflow in the PE parser in HT Editor before 0.8.0 allows remo ...)
 	{DSA-743-1}
 	- ht 0.8.0-3 (bug #308587)
-CVE-2005-1545
+CVE-2005-1545 (Integer overflow in the ELF parser in HT Editor before 0.8.0 allows re ...)
 	{DSA-743-1}
 	- ht 0.8.0-3 (bug #308587)
-CVE-2005-1544
+CVE-2005-1544 (Stack-based buffer overflow in libTIFF before 3.7.2 allows remote atta ...)
 	{DSA-755-1}
 	NOTE: CVE info about vulnerable version number is bogus
 	- tiff 3.7.2-3 (bug #309739)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2005-1543
+CVE-2005-1543 (Multiple stack-based and heap-based buffer overflows in Remote Managem ...)
 	NOT-FOR-US: Novell Zenworks
 CVE-2005-1542
 	RESERVED
@@ -8004,50 +8004,50 @@ CVE-2005-1534
 	RESERVED
 CVE-2005-1533
 	RESERVED
-CVE-2005-1532
+CVE-2005-1532 (Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly li ...)
 	{DSA-781-1}
 	- mozilla-firefox 1.0.4
 	- mozilla 2:1.7.8
 	- mozilla-thunderbird 1.0.6-1 (bug #318728; high)
-CVE-2005-1531
+CVE-2005-1531 (Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly  ...)
 	- mozilla-firefox 1.0.4
 	- mozilla 2:1.7.8
-CVE-2005-1530
+CVE-2005-1530 (Sophos Anti-Virus 5.0.1, with "Scan inside archive files" enabled, all ...)
 	NOT-FOR-US: Sophos
 CVE-2005-1529
 	RESERVED
-CVE-2005-1528
+CVE-2005-1528 (Untrusted search path vulnerability in the crttrap command in QNX Neut ...)
 	NOT-FOR-US: QNX
-CVE-2005-1527
+CVE-2005-1527 (Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, ...)
 	{DSA-892-1}
 	- awstats 6.4-1.1 (bug #322591; bug #334833; bug #336137; medium)
-CVE-2005-1526
+CVE-2005-1526 (PHP remote file inclusion vulnerability in config_settings.php in Cact ...)
 	{DSA-764-1}
 	- cacti 0.8.6e-1 (bug #315703; high)
-CVE-2005-1525
+CVE-2005-1525 (SQL injection vulnerability in config_settings.php for Cacti before 0. ...)
 	{DSA-764-1}
 	- cacti 0.8.6e-1 (bug #315703; high)
-CVE-2005-1524
+CVE-2005-1524 (PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8. ...)
 	{DSA-764-1}
 	- cacti 0.8.6e-1 (bug #315703; high)
-CVE-2005-1523
+CVE-2005-1523 (Format string vulnerability in imap4d server in GNU Mailutils 0.5 and  ...)
 	{DSA-732-1}
 	- mailutils 1:0.6.1-3
-CVE-2005-1522
+CVE-2005-1522 (The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions be ...)
 	{DSA-732-1}
 	- mailutils 1:0.6.1-3
-CVE-2005-1521
+CVE-2005-1521 (Integer overflow in the fetch_io function of the imap4d server in GNU  ...)
 	{DSA-732-1}
 	- mailutils 1:0.6.1-3
-CVE-2005-1520
+CVE-2005-1520 (Buffer overflow in the header_get_field_name function in header.c for  ...)
 	{DSA-732-1}
 	- mailutils 1:0.6.1-3
-CVE-2005-1519
+CVE-2005-1519 (Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered  ...)
 	{DSA-751-1}
 	- squid 2.5.9-9 (bug #309504)
-CVE-2005-1518
+CVE-2005-1518 (Unknown vulnerability in Solaris 7 through 9, when using Federated Nam ...)
 	NOT-FOR-US: Solaris
-CVE-2005-1517
+CVE-2005-1517 (Unknown vulnerability in Cisco Firewall Services Module (FWSM) 2.3.1 a ...)
 	NOT-FOR-US: Cisco
 CVE-2005-XXXX [Buffer overflow in libotr]
 	- libotr 2.0.2-1
@@ -8064,97 +8064,97 @@ CVE-2005-XXXX [kmd affected by binutils's ELF parser vulnerability]
 CVE-2005-XXXX [unrar: opens /tmp/debug_unrar.txt]
 	NOTE: Source package has been renamed from unrar to unrar-free
 	- unrar-free 1:0.0.1-2
-CVE-2005-1512
+CVE-2005-1512 (The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded pict ...)
 	NOT-FOR-US: PwsPHP
-CVE-2005-1511
+CVE-2005-1511 (PwsPHP 1.2.2 allows remote attackers to bypass authentication and post ...)
 	NOT-FOR-US: PwsPHP
-CVE-2005-1510
+CVE-2005-1510 (PwsPHP 1.2.2 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: PwsPHP
-CVE-2005-1509
+CVE-2005-1509 (SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows remot ...)
 	NOT-FOR-US: PwsPHP
-CVE-2005-1508
+CVE-2005-1508 (Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 al ...)
 	NOT-FOR-US: PwsPHP
-CVE-2005-1507
+CVE-2005-1507 (Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows ...)
 	NOT-FOR-US: WebSTAR
-CVE-2005-1506
+CVE-2005-1506 (SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus 1.0. ...)
 	NOT-FOR-US: CJ Ultra Plus
-CVE-2005-1505
+CVE-2005-1505 (The new account wizard in Mail.app 2.0 in Mac OS 10.4, when configurin ...)
 	NOT-FOR-US: MacOS
-CVE-2005-1504
+CVE-2005-1504 (GameSpy SDK CD-Key Validation Toolkit, as used by many online games, a ...)
 	NOT-FOR-US: GameSpy SDK CD-Key Validation Toolkit
-CVE-2005-1503
+CVE-2005-1503 (Multiple SQL injection vulnerabilities in MidiCart PHP Shopping Cart a ...)
 	NOT-FOR-US: MidiCart
-CVE-2005-1502
+CVE-2005-1502 (Cross-site scripting (XSS) vulnerability in MidiCart PHP Shopping Cart ...)
 	NOT-FOR-US: MidiCart
-CVE-2005-1501
+CVE-2005-1501 (MidiCart PHP Shopping Cart allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: MidiCart
-CVE-2005-1500
+CVE-2005-1500 (Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote ...)
 	NOT-FOR-US: myBloggie
-CVE-2005-1499
+CVE-2005-1499 (delcomment.php in myBloggie 2.1.1 allows remote attackers to delete ar ...)
 	NOT-FOR-US: myBloggie
-CVE-2005-1498
+CVE-2005-1498 (Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 ...)
 	NOT-FOR-US: myBloggie
-CVE-2005-1497
+CVE-2005-1497 (index.php in myBloggie 2.1.1 allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: myBloggie
-CVE-2005-1496
+CVE-2005-1496 (The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE J ...)
 	NOT-FOR-US: Oracle
-CVE-2005-1495
+CVE-2005-1495 (Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the ...)
 	NOT-FOR-US: Oracle
-CVE-2005-1494
+CVE-2005-1494 (Multiple cross-site scripting (XSS) vulnerabilities in admin.cgi in Me ...)
 	NOT-FOR-US: MegaBook
-CVE-2005-1493
+CVE-2005-1493 (Directory traversal vulnerability in SimpleCam 1.2 allows remote attac ...)
 	NOT-FOR-US: SimpleCam
-CVE-2005-1492
+CVE-2005-1492 (Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threa ...)
 	NOT-FOR-US: Gossamer Threads Links
-CVE-2005-1491
+CVE-2005-1491 (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote auth ...)
 	NOT-FOR-US: Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2
-CVE-2005-1490
+CVE-2005-1490 (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2, when the mailbox. ...)
 	NOT-FOR-US: Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2
-CVE-2005-1489
+CVE-2005-1489 (Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail ...)
 	NOT-FOR-US: Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2
-CVE-2005-1488
+CVE-2005-1488 (Multiple cross-site scripting (XSS) vulnerabilities in Merak Mail Serv ...)
 	NOT-FOR-US: Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2
 CVE-2005-1487
 	NOT-FOR-US: FishCart
-CVE-2005-1486
+CVE-2005-1486 (Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow re ...)
 	NOT-FOR-US: FishCart
-CVE-2005-1485
+CVE-2005-1485 (Golden FTP Server Pro 2.52 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Golden FTP Server Pro
-CVE-2005-1484
+CVE-2005-1484 (Directory traversal vulnerability in Golden FTP server pro 2.52 allows ...)
 	NOT-FOR-US: Golden FTP Server Pro
-CVE-2005-1483
+CVE-2005-1483 (Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive 200 ...)
 	NOT-FOR-US: ArticleLive
-CVE-2005-1482
+CVE-2005-1482 (ArticleLive 2005 allows remote attackers to gain privileges by modifyi ...)
 	NOT-FOR-US: ArticleLive
-CVE-2005-1481
+CVE-2005-1481 (Multiple SQL injection vulnerabilities in Aaron Outpost ASP Inline Cor ...)
 	NOT-FOR-US: ASP Inline Corporate Calendar
-CVE-2005-1480
+CVE-2005-1480 (Directory traversal vulnerability in RaidenFTPD before 2.4.2241 allows ...)
 	NOT-FOR-US: RaidenFTPD
-CVE-2005-1479
+CVE-2005-1479 (SQL injection vulnerability in jgs_portal.php in JGS-Portal 3.0.1 and  ...)
 	NOT-FOR-US: JGS-Portal
-CVE-2005-1478
+CVE-2005-1478 (Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows  ...)
 	NOT-FOR-US: DMail
-CVE-2005-1516
+CVE-2005-1516 (DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass auth ...)
 	NOT-FOR-US: DMail
-CVE-2005-1515
+CVE-2005-1515 (Integer signedness error in the qmail_put and substdio_put functions i ...)
 	- qmail 1.03-38
-CVE-2005-1514
+CVE-2005-1514 (commands.c in qmail, when running on 64 bit platforms with a large amo ...)
 	- qmail 1.03-38
-CVE-2005-1513
+CVE-2005-1513 (Integer overflow in the stralloc_readyplus function in qmail, when run ...)
 	- qmail 1.03-38
-CVE-2005-1477
+CVE-2005-1477 (The install function in Firefox 1.0.3 allows remote web sites on the b ...)
 	- mozilla-firefox 1.0.4-1
-CVE-2005-1476
+CVE-2005-1476 (Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript  ...)
 	- mozilla-firefox 1.0.4-1
-CVE-2005-1475
+CVE-2005-1475 (The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote  ...)
 	NOT-FOR-US: Opera
-CVE-2005-1474
+CVE-2005-1474 (Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install  ...)
 	NOT-FOR-US: Apple
-CVE-2005-1473
+CVE-2005-1473 (SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical  ...)
 	NOT-FOR-US: Apple
-CVE-2005-1472
+CVE-2005-1472 (Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce  ...)
 	NOT-FOR-US: Apple
-CVE-2005-1471
+CVE-2005-1471 (Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 al ...)
 	NOT-FOR-US: RSA SecurID Web Agent
 CVE-2005-XXXX [mailutils: sql injection vulnerability in sql authentication module]
 	- mailutils 1:0.6.1-2
@@ -8165,7 +8165,7 @@ CVE-2005-2352 [Temp file races in gs-gpl addons scripts]
 	- gs-gpl 8.56.dfsg.1-1 (bug #291373; unimportant)
 CVE-2005-XXXX [Possible SQL injection in freeradius]
 	- freeradius 1.0.2-4
-CVE-2005-2353
+CVE-2005-2353 (run-mozilla.sh in Thunderbird, with debugging enabled, allows local us ...)
 	{DSA-1051-1 DSA-1046-1}
 	- mozilla-thunderbird 1.0.6-1 (bug #306893; low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
@@ -8182,41 +8182,41 @@ CVE-2005-XXXX [trackballs: Follows symlinks as gid games]
 	NOTE: CVE request sent to mitre (who sent this? any response?)
 	NOTE: Trackballs doesn't run as gid games anymore, high-score files are
 	NOTE: stored in user's home directories instead.
-CVE-2005-1470
+CVE-2005-1470 (Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP,  ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1469
+CVE-2005-1469 (Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11  ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1468
+CVE-2005-1468 (Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1467
+CVE-2005-1467 (Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1466
+CVE-2005-1466 (Unknown vulnerability in the DICOM dissector in Ethereal before 0.10.1 ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1465
+CVE-2005-1465 (Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11  ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1464
+CVE-2005-1464 (Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP,  ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1463
+CVE-2005-1463 (Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A  ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1462
+CVE-2005-1462 (Double free vulnerability in the ICEP dissector in Ethereal before 0.1 ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1461
+CVE-2005-1461 (Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS,  ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1460
+CVE-2005-1460 (Multiple unknown dissectors in Ethereal before 0.10.11 allow remote at ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1459
+CVE-2005-1459 (Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1458
+CVE-2005-1458 (Multiple unknown "other problems" in the KINK dissector in Ethereal be ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1457
+CVE-2005-1457 (Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreCh ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1456
+CVE-2005-1456 (Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissec ...)
 	- ethereal 0.10.10-2sarge2
-CVE-2005-1455
+CVE-2005-1455 (Buffer overflow in the sql_escape_func function in the SQL module for  ...)
 	- freeradius 1.0.2-4
-CVE-2005-1454
+CVE-2005-1454 (SQL injection vulnerability in the radius_xlat function in the SQL mod ...)
 	- freeradius 1.0.2-4
-CVE-2005-1453
+CVE-2005-1453 (fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to c ...)
 	- leafnode 1.11.2.rel-1
 CVE-2005-XXXX [Missing input validation in xtradius]
 	- xtradius 1.2.1-beta2-2 (bug #307796; unimportant)
@@ -8233,129 +8233,129 @@ CVE-2005-XXXX [Buffer overflow in elog's header buffer]
 	- elog 2.5.7+r1558-3 (bug #349528; high)
 CVE-2005-XXXX [Unspeficied security issue in ipsec-tool's single DES support]
 	- ipsec-tools 1:0.5.2-1
-CVE-2005-1452
+CVE-2005-1452 (Serendipity before 0.8 allows Chief users to "hide plugins installed b ...)
 	- serendipity 1.0-1
-CVE-2005-1451
+CVE-2005-1451 (The media manager in Serendipity before 0.8 allows remote attackers to ...)
 	- serendipity 1.0-1
-CVE-2005-1450
+CVE-2005-1450 (Unknown vulnerability in "the function used to validate path-names for ...)
 	- serendipity 1.0-1
-CVE-2005-1449
+CVE-2005-1449 (Unknown vulnerability in serendipity_config_local.inc.php for Serendip ...)
 	- serendipity 1.0-1
-CVE-2005-1448
+CVE-2005-1448 (Cross-site scripting (XSS) vulnerability in the BBCode plugin for Sere ...)
 	- serendipity 1.0-1
-CVE-2005-1447
+CVE-2005-1447 (PHP remote file inclusion vulnerability in main.php in SitePanel 2.6.1 ...)
 	NOT-FOR-US: SitePanel
-CVE-2005-1446
+CVE-2005-1446 (SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to up ...)
 	NOT-FOR-US: SitePanel
-CVE-2005-1445
+CVE-2005-1445 (Multiple directory traversal vulnerabilities in SitePanel 2.6.1 and ea ...)
 	NOT-FOR-US: SitePanel
-CVE-2005-1444
+CVE-2005-1444 (Multiple cross-site scripting (XSS) vulnerabilities in SitePanel 2.6.1 ...)
 	NOT-FOR-US: SitePanel
-CVE-2005-1443
+CVE-2005-1443 (Multiple cross-site scripting (XSS) vulnerabilities in index.php for I ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2005-1442
+CVE-2005-1442 (Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4  ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2005-1441
+CVE-2005-1441 (Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and 6.5 ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2005-1440
+CVE-2005-1440 (Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Ente ...)
 	NOT-FOR-US: ViArt Shop
-CVE-2005-1439
+CVE-2005-1439 (Directory traversal vulnerability in attachments.php in osTicket allow ...)
 	NOT-FOR-US: osTicket
-CVE-2005-1438
+CVE-2005-1438 (PHP remote file inclusion vulnerability in main.php in osTicket allows ...)
 	NOT-FOR-US: osTicket
-CVE-2005-1437
+CVE-2005-1437 (Multiple SQL injection vulnerabilities in osTicket allow remote attack ...)
 	NOT-FOR-US: osTicket
-CVE-2005-1436
+CVE-2005-1436 (Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow  ...)
 	NOT-FOR-US: osTicket
-CVE-2005-1435
+CVE-2005-1435 (Open WebMail (OWM) before 2.51 20050430 allows remote authenticated us ...)
 	- openwebmail <removed>
-CVE-2005-1434
+CVE-2005-1434 (Multiple unknown vulnerabilities in OpenView Network Node Manager (OV  ...)
 	NOT-FOR-US: HP OpenView
-CVE-2005-1433
+CVE-2005-1433 (Multiple unknown vulnjerabilities HP OpenView Event Correlation Servic ...)
 	NOT-FOR-US: HP OpenView
 CVE-2005-1432
 	RESERVED
-CVE-2005-1431
+CVE-2005-1431 (The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before  ...)
 	- gnutls11 1.0.16-13.1 (bug #309111; bug #307641)
-CVE-2005-1430
+CVE-2005-1430 (Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo ter ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-1429
+CVE-2005-1429 (SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows re ...)
 	NOT-FOR-US: WWWguestbook
-CVE-2005-1428
+CVE-2005-1428 (edit_image.asp in Uapplication Uphotogallery allows remote attackers t ...)
 	NOT-FOR-US: Uapplication Uphotogallery
-CVE-2005-1427
+CVE-2005-1427 (Uapplication Uphotogallery stores the database under the web document  ...)
 	NOT-FOR-US: Uapplication Uphotogallery
-CVE-2005-1426
+CVE-2005-1426 (Uapplication Ublog Reload stores sensitive information under the web r ...)
 	NOT-FOR-US: Uapplication Ublog
-CVE-2005-1425
+CVE-2005-1425 (Uapplication Uguestbook 1.0 stores sensitive information under the web ...)
 	NOT-FOR-US: Uapplication Uguestbook
-CVE-2005-1424
+CVE-2005-1424 (StumbleInside GoText 1.01 stores sensitive username, mail address,and  ...)
 	NOT-FOR-US: GoText
-CVE-2005-1423
+CVE-2005-1423 (Directory traversal vulnerability in the mail program in 602LAN SUITE  ...)
 	NOT-FOR-US: 602 LAN SUITE
-CVE-2005-1422
+CVE-2005-1422 (Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to ...)
 	NOT-FOR-US: Raysoft Video Cam Server
-CVE-2005-1421
+CVE-2005-1421 (Directory traversal vulnerability in Raysoft/Raybase Video Cam Server  ...)
 	NOT-FOR-US: Raysoft Video Cam Server
-CVE-2005-1420
+CVE-2005-1420 (Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to ...)
 	NOT-FOR-US: Raysoft Video Cam Server
-CVE-2005-1419
+CVE-2005-1419 (SQL injection vulnerability in the admin login panel for Ocean12 Maili ...)
 	NOT-FOR-US: Ocean12 Mailing list manager
-CVE-2005-1418
+CVE-2005-1418 (NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in ...)
 	NOT-FOR-US: Netleaf
-CVE-2005-1417
+CVE-2005-1417 (Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and  ...)
 	NOT-FOR-US: MaxWebPortal
-CVE-2005-1416
+CVE-2005-1416 (Directory traversal vulnerability in 04WebServer 1.81 allows remote at ...)
 	NOT-FOR-US: 04WebServer
-CVE-2005-1415
+CVE-2005-1415 (Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote a ...)
 	NOT-FOR-US: GlobalSCAPE Secure FTP Server
-CVE-2005-1414
+CVE-2005-1414 (ExoticSoft FilePocket 1.2 stores sensitive proxy information, includin ...)
 	NOT-FOR-US: FilePocket
-CVE-2005-1413
+CVE-2005-1413 (Multiple SQL injection vulnerabilities in enVivo!CMS allow remote atta ...)
 	NOT-FOR-US: enVivo
-CVE-2005-1412
+CVE-2005-1412 (SQL injection vulnerability in verify.asp for Ecomm Professional Guest ...)
 	NOT-FOR-US: ECommPro
-CVE-2005-1411
+CVE-2005-1411 (Cybration ICUII 7.0 stores passwords in plaintext in the world-readabl ...)
 	NOT-FOR-US: ICUII
-CVE-2005-1410
+CVE-2005-1410 (The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) d ...)
 	- postgresql 7.4.7-6
-CVE-2005-1409
+CVE-2005-1409 (PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain  ...)
 	- postgresql 7.4.7-6
-CVE-2005-1408
+CVE-2005-1408 (Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary  ...)
 	NOT-FOR-US: Apple
-CVE-2005-1407
+CVE-2005-1407 (Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the ...)
 	NOT-FOR-US: Skype
-CVE-2005-1406
+CVE-2005-1406 (The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly cle ...)
 	- kfreebsd5-source 5.3-10
-CVE-2005-1405
+CVE-2005-1405 (HTTP response splitting vulnerability in the @SetHTTPHeader function i ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2005-1404
+CVE-2005-1404 (MyPHP Forum 1.0 allows remote attackers to spoof the username by modif ...)
 	NOT-FOR-US: MyPHP Forum
-CVE-2005-1403
+CVE-2005-1403 (Multiple cross-site scripting (XSS) vulnerabilities in JustWilliam's A ...)
 	NOT-FOR-US: JW Amazon Web Store
-CVE-2005-1402
+CVE-2005-1402 (Integer signedness error in certain older versions of the NeL library, ...)
 	NOT-FOR-US: NeL libarary
-CVE-2005-1401
+CVE-2005-1401 (Format string vulnerability in the client for Mtp-Target 1.2.2 and ear ...)
 	NOT-FOR-US: Mtp-Target
-CVE-2005-1400
+CVE-2005-1400 (The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 all ...)
 	- kfreebsd5-source 5.3-10
-CVE-2005-1399
+CVE-2005-1399 (FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions f ...)
 	- kfreebsd5-source 5.3-10
-CVE-2005-1398
+CVE-2005-1398 (phpcart.php in PHPCart 3.2 allows remote attackers to change product p ...)
 	NOT-FOR-US: PHPCart
-CVE-2005-1397
+CVE-2005-1397 (SQL injection vulnerability in search.php for PHP-Calendar before 0.10 ...)
 	NOT-FOR-US: PHPCalender
-CVE-2005-1396
+CVE-2005-1396 (Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier allows lo ...)
 	NOT-FOR-US: ARPUS Ceterm
-CVE-2005-1395
+CVE-2005-1395 (Buffer overflow in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier may allo ...)
 	NOT-FOR-US: ARPUS Ceterm
-CVE-2005-1394
+CVE-2005-1394 (Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 ...)
 	NOT-FOR-US: ArcGIS
-CVE-2005-1393
+CVE-2005-1393 (Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 a ...)
 	NOT-FOR-US: ArcGIS
-CVE-2005-1392
+CVE-2005-1392 (The SQL install script in phpMyAdmin 2.6.2 is created with world-reada ...)
 	- phpmyadmin <not-affected> (Only part of examples that an admin would need to modify anyway)
-CVE-2005-1391
+CVE-2005-1391 (Buffer overflow in the add_port function in APSIS Pound 1.8.2 and earl ...)
 	{DSA-934-1}
 	[sarge] - pound 1.8.2-1sarge1
 	- pound 1.8.2-1.1 (bug #307852; bug #311548; medium)
@@ -8363,289 +8363,289 @@ CVE-2005-1390
 	REJECTED
 CVE-2005-1389
 	REJECTED
-CVE-2005-1388
+CVE-2005-1388 (Cross-site scripting (XSS) vulnerability in SURVIVOR before 0.9.6 allo ...)
 	NOT-FOR-US: SURVIVOR
-CVE-2005-1387
+CVE-2005-1387 (Cocktail 3.5.4 and possibly earlier in Mac OS X passes the administrat ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-1386
+CVE-2005-1386 (PHP-Nuke 7.6 and earlier allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1385
+CVE-2005-1385 (Safari 1.3 allows remote attackers to cause a denial of service (appli ...)
 	NOT-FOR-US: Safari
-CVE-2005-1384
+CVE-2005-1384 (Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote a ...)
 	NOT-FOR-US: phpCoin
-CVE-2005-1383
+CVE-2005-1383 (The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled,  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-1382
+CVE-2005-1382 (The webcacheadmin module in Oracle Webcache 9i allows remote attackers ...)
 	NOT-FOR-US: Oracle
-CVE-2005-1381
+CVE-2005-1381 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache ...)
 	NOT-FOR-US: Oracle
-CVE-2005-1380
+CVE-2005-1380 (Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allo ...)
 	NOT-FOR-US: BEA Weblogic
-CVE-2005-1379
+CVE-2005-1379 (The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandra ...)
 	- lam <not-affected> (Mandrake specific packaging flaw)
-CVE-2005-1378
+CVE-2005-1378 (SQL injection vulnerability in posting_notes.php in the notes module f ...)
 	NOT-FOR-US: phpbb mod
-CVE-2005-1377
+CVE-2005-1377 (Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3  ...)
 	NOT-FOR-US: Claroline
-CVE-2005-1376
+CVE-2005-1376 (Multiple directory traversal vulnerabilities in (1) document.php or (2 ...)
 	NOT-FOR-US: Claroline
-CVE-2005-1375
+CVE-2005-1375 (Multiple SQL injection vulnerabilities in Claroline 1.5.3 through 1.6  ...)
 	NOT-FOR-US: Claroline
-CVE-2005-1374
+CVE-2005-1374 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.5.3 ...)
 	NOT-FOR-US: Claroline
-CVE-2005-1373
+CVE-2005-1373 (Multiple SQL injection vulnerabilities in index.php in Dream4 Koobi CM ...)
 	NOT-FOR-US: Koobi CMS
-CVE-2005-1372
+CVE-2005-1372 (nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop ...)
 	NOT-FOR-US: NetVault
-CVE-2005-1371
+CVE-2005-1371 (BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not proper ...)
 	NOT-FOR-US: NetVault
-CVE-2005-1370
+CVE-2005-1370 (Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView R ...)
 	NOT-FOR-US: HP OpenView
-CVE-2005-1369
+CVE-2005-1369 (The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6 ...)
 	- kernel-source-2.4.27 <not-affected>
 	- kernel-source-2.6.8 2.6.8-16
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.8)
-CVE-2005-1368
+CVE-2005-1368 (The key_user_lookup function in security/keys/key.c in Linux kernel 2. ...)
 	[sarge] - kernel-source-2.6.8 <not-affected>
 	- kernel-source-2.4.27 <not-affected>
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.8)
-CVE-2005-1367
+CVE-2005-1367 (Pico Server (pServ) 3.2 and earlier allows local users to read arbitra ...)
 	NOT-FOR-US: pServ
-CVE-2005-1366
+CVE-2005-1366 (Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain  ...)
 	NOT-FOR-US: pServ
-CVE-2005-1365
+CVE-2005-1365 (Pico Server (pServ) 3.2 and earlier allows remote attackers to execute ...)
 	NOT-FOR-US: pServ
 CVE-2005-XXXX [Insecure mailbox generation in passwd's useradd]
 	- shadow 4.0.8
 	[sarge] - shadow <not-affected> (was introduced after version 4.0.3)
 	[woody] - shadow <not-affected> (was introduced after version 4.0.3)
-CVE-2005-1364
+CVE-2005-1364 (Multiple SQL injection vulnerabilities in MetaBid Auctions allow remot ...)
 	NOT-FOR-US: MetaBid Auctions
-CVE-2005-1363
+CVE-2005-1363 (Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow all ...)
 	NOT-FOR-US: MetaCart
-CVE-2005-1362
+CVE-2005-1362 (Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal allo ...)
 	NOT-FOR-US: MetaCart
-CVE-2005-1361
+CVE-2005-1361 (Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow re ...)
 	NOT-FOR-US: MetaCart
-CVE-2005-1360
+CVE-2005-1360 (PHP remote file inclusion vulnerability in error.php in GrayCMS 1.1 al ...)
 	NOT-FOR-US: GrayCMS
-CVE-2005-1359
+CVE-2005-1359 (Cross-site scripting (XSS) vulnerability in text.cgi script allows rem ...)
 	NOT-FOR-US: text.cgi
-CVE-2005-1358
+CVE-2005-1358 (text.cgi script allows remote attackers to execute arbitrary commands  ...)
 	NOT-FOR-US: text.cgi
-CVE-2005-1357
+CVE-2005-1357 (text.cgi script allows remote attackers to read arbitrary files via a  ...)
 	NOT-FOR-US: text.cgi
-CVE-2005-1356
+CVE-2005-1356 (Cross-site scripting (XSS) vulnerability in includer.cgi script in The ...)
 	NOT-FOR-US: includer.cgi
-CVE-2005-1355
+CVE-2005-1355 (includer.cgi in The Includer allows remote attackers to read arbitrary ...)
 	NOT-FOR-US: includer.cgi
-CVE-2005-1354
+CVE-2005-1354 (The forum.pl script allows remote attackers to execute arbitrary comma ...)
 	NOT-FOR-US: forum.pl
-CVE-2005-1353
+CVE-2005-1353 (The forum.pl script allows remote attackers to read arbitrary files vi ...)
 	NOT-FOR-US: forum.pl
-CVE-2005-1352
+CVE-2005-1352 (Cross-site scripting (XSS) vulnerability in the ad.cgi script allows r ...)
 	NOT-FOR-US: ad.cgi
-CVE-2005-1351
+CVE-2005-1351 (The ad.cgi script allows remote attackers to execute arbitrary command ...)
 	NOT-FOR-US: ad.cgi
-CVE-2005-1350
+CVE-2005-1350 (The ad.cgi script allows remote attackers to read arbitrary files via  ...)
 	NOT-FOR-US: ad.cgi
-CVE-2005-1349
+CVE-2005-1349 (Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows  ...)
 	{DSA-727-1}
 	- libconvert-uulib-perl 1.0.5.1
-CVE-2005-1348
+CVE-2005-1348 (Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier  ...)
 	NOT-FOR-US: MailEnable
 CVE-2005-1347
 	NOT-FOR-US: acrobat
-CVE-2005-1346
+CVE-2005-1346 (Multiple Symantec AntiVirus products, including Norton AntiVirus 2005  ...)
 	NOT-FOR-US: Symantec
-CVE-2005-1345
+CVE-2005-1345 (Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it i ...)
 	{DSA-721-1}
 	- squid 2.5.9-7
-CVE-2005-1344
+CVE-2005-1344 (Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to ex ...)
 	- apache2 2.0.54-3 (bug #322604)
-CVE-2005-1343
+CVE-2005-1343 (Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X befo ...)
 	NOT-FOR-US: vpnd for Mac OS X
-CVE-2005-1342
+CVE-2005-1342 (The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3. ...)
 	NOT-FOR-US: Apple Terminal
-CVE-2005-1341
+CVE-2005-1341 (Apple Terminal 1.4.4 allows attackers to execute arbitrary commands vi ...)
 	NOT-FOR-US: Apple Terminal
-CVE-2005-1340
+CVE-2005-1340 (The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not re ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-1339
+CVE-2005-1339 (lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to esca ...)
 	- lukemftpd <not-affected> (our lukemftpd uses pw->pw_name when checking /etc/ftpchroot)
-CVE-2005-1338
+CVE-2005-1338 (Mac OS X 10.3.9, when using an LDAP server that does not use ldap_exte ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-1337
+CVE-2005-1337 (Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote att ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-1336
+CVE-2005-1336 (Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-1335
+CVE-2005-1335 (Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain pr ...)
 	NOT-FOR-US: Mac OS X
 CVE-2005-1334
 	REJECTED
-CVE-2005-1333
+CVE-2005-1333 (Directory traversal vulnerability in the Bluetooth file and object exc ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-1332
+CVE-2005-1332 (Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth fil ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-1331
+CVE-2005-1331 (The AppleScript Editor in Mac OS X 10.3.9 does not properly display sc ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-1330
+CVE-2005-1330 (AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of servic ...)
 	NOT-FOR-US: Mac OS X
-CVE-2005-1329
+CVE-2005-1329 (owOfflineCC.asp in OneWorldStore allows remote attackers to obtain sen ...)
 	NOT-FOR-US: OneWorldStore
-CVE-2005-1328
+CVE-2005-1328 (OneWorldStore allows remote attackers to cause a denial of service (ap ...)
 	NOT-FOR-US: OneWorldStore
-CVE-2005-1327
+CVE-2005-1327 (Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burnin ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2005-1326
+CVE-2005-1326 (Buffer overflow in VooDoo cIRCle BOTNET before 1.0.33 allows remote au ...)
 	NOT-FOR-US: VooDoo cIRCle BOTNET
-CVE-2005-1325
+CVE-2005-1325 (set_lang.php in phpMyVisites 1.3 allows remote attackers to read and i ...)
 	NOT-FOR-US: phpMyVisites
-CVE-2005-1324
+CVE-2005-1324 (Multiple cross-site scripting (XSS) vulnerabilities in index.php for p ...)
 	NOT-FOR-US: phpMyVisites
-CVE-2005-1323
+CVE-2005-1323 (Buffer overflow in NetFtpd for NetTerm 5.1.1 and earlier allows remote ...)
 	NOT-FOR-US: NetTerm
-CVE-2005-1322
+CVE-2005-1322 (Cross-site scripting (XSS) vulnerability in Horde Nag Task List Manage ...)
 	- nag 1.1-3.1 (bug #307173)
-CVE-2005-1321
+CVE-2005-1321 (Cross-site scripting (XSS) vulnerability in Horde Vacation module befo ...)
 	- sork-vacation 2.2.2-1
-CVE-2005-1320
+CVE-2005-1320 (Cross-site scripting (XSS) vulnerability in Horde Mnemo Note Manager b ...)
 	- mnemo 1.1-2.1 (bug #307180)
 	- mnemo2 <not-affected> (fixed before 2.1.1)
-CVE-2005-1319
+CVE-2005-1319 (Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client b ...)
 	- imp4 <not-affected>
 	- imp3 3.2.8-1 (bug #328218; low)
-CVE-2005-1318
+CVE-2005-1318 (Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail Forw ...)
 	- sork-forwards 2.2.2-1
-CVE-2005-1317
+CVE-2005-1317 (Cross-site scripting (XSS) vulnerability in Horde Chora module before  ...)
 	NOT-FOR-US: Hord Chora module
-CVE-2005-1316
+CVE-2005-1316 (Cross-site scripting (XSS) vulnerability in Horde Accounts module befo ...)
 	- sork-accounts 2.1.2-1
-CVE-2005-1315
+CVE-2005-1315 (Cross-site scripting (XSS) vulnerability in Horde Turba module before  ...)
 	- turba 1.2.5-1
-CVE-2005-1314
+CVE-2005-1314 (Cross-site scripting (XSS) vulnerability in Horde Kronolith module bef ...)
 	- kronolith 1.1.4-1
-CVE-2005-1313
+CVE-2005-1313 (Cross-site scripting (XSS) vulnerability in Horde Passwd module before ...)
 	- sork-passwd 2.2.2-1
-CVE-2005-1312
+CVE-2005-1312 (PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 allow ...)
 	NOT-FOR-US: Yappa-NG
-CVE-2005-1311
+CVE-2005-1311 (Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 allo ...)
 	NOT-FOR-US: Yappa-NG
-CVE-2005-1310
+CVE-2005-1310 (SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to  ...)
 	NOT-FOR-US: bBlog
-CVE-2005-1309
+CVE-2005-1309 (Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote  ...)
 	NOT-FOR-US: bBlog
-CVE-2005-1308
+CVE-2005-1308 (SqWebMail allows remote attackers to inject arbitrary web script or HT ...)
 	- courier <unfixed> (bug #307575; unimportant)
-CVE-2005-1307
+CVE-2005-1307 (The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version  ...)
 	NOT-FOR-US: Adobe Version Cue
-CVE-2005-1306
+CVE-2005-1306 (The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 all ...)
 	NOT-FOR-US: Adobe Reader 7
-CVE-2005-1305
+CVE-2005-1305 (The hyper.cgi script allows remote attackers to read arbitrary files v ...)
 	NOT-FOR-US: hyper.cgi
-CVE-2005-1304
+CVE-2005-1304 (The citat.pl script allows remote attackers to execute arbitrary files ...)
 	NOT-FOR-US: citat.pl
-CVE-2005-1303
+CVE-2005-1303 (The citat.pl script allows remote attackers to read arbitrary files vi ...)
 	NOT-FOR-US: citat.pl
-CVE-2005-1302
+CVE-2005-1302 (SQL injection vulnerability in Confixx 3.08 and earlier allows remote  ...)
 	NOT-FOR-US: Confixx
-CVE-2005-1301
+CVE-2005-1301 (nProtect:Netizen 2005.3.17.1 does not properly verify that the update  ...)
 	NOT-FOR-US: nProtect:Netizen
-CVE-2005-1300
+CVE-2005-1300 (Cross-site scripting (XSS) vulnerability in the inserter.cgi script al ...)
 	NOT-FOR-US: inserter.cgi
-CVE-2005-1299
+CVE-2005-1299 (The inserter.cgi script allows remote attackers to execute arbitrary c ...)
 	NOT-FOR-US: inserter.cgi
-CVE-2005-1298
+CVE-2005-1298 (The inserter.cgi script allows remote attackers to read arbitrary file ...)
 	NOT-FOR-US: inserter.cgi
-CVE-2005-1297
+CVE-2005-1297 (Cross-site scripting (XSS) vulnerability in the include.cgi script all ...)
 	NOT-FOR-US: include.cgi
-CVE-2005-1296
+CVE-2005-1296 (include.cgi script allows remote attackers to execute arbitrary comman ...)
 	NOT-FOR-US: include.cgi
-CVE-2005-1295
+CVE-2005-1295 (include.cgi script allows remote attackers to read arbitrary files via ...)
 	NOT-FOR-US: include.cgi
-CVE-2005-1294
+CVE-2005-1294 (The affix_sock_register in the Affix Bluetooth Protocol Stack for Linu ...)
 	- affix-kernel 2.1.1-1.1
-CVE-2005-1293
+CVE-2005-1293 (Multiple SQL injection vulnerabilities in default.asp in StorePortal 2 ...)
 	NOT-FOR-US: StorePortal
-CVE-2005-1292
+CVE-2005-1292 (Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP Car ...)
 	NOT-FOR-US: CartWIZ ASP Cart
-CVE-2005-1291
+CVE-2005-1291 (Multiple SQL injection vulnerabilities in CartWIZ ASP Cart allow remot ...)
 	NOT-FOR-US: CartWIZ ASP Cart
-CVE-2005-1290
+CVE-2005-1290 (Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.14 an ...)
 	- phpbb2 2.0.13-6sarge1 (low)
-CVE-2005-1289
+CVE-2005-1289 (index.cgi in E-Cart 2004 1.1 and earlier allows remote attackers to ex ...)
 	NOT-FOR-US: E-Cart
-CVE-2005-1288
+CVE-2005-1288 (inc_login_check.asp ACS Blog 0.8 through 1.1.3 allows remote attackers ...)
 	NOT-FOR-US: ACS Blog
-CVE-2005-1287
+CVE-2005-1287 (Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote at ...)
 	NOT-FOR-US: BK Forum
-CVE-2005-1286
+CVE-2005-1286 (Unquoted Windows search path vulnerability in BitDefender 8 allows loc ...)
 	NOT-FOR-US: Bitdefender
-CVE-2005-1285
+CVE-2005-1285 (Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burn ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2005-1284
+CVE-2005-1284 (The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote at ...)
 	NOT-FOR-US: Argosoft Mail Server Pro
-CVE-2005-1283
+CVE-2005-1283 (Multiple directory traversal vulnerabilities in Argosoft Mail Server P ...)
 	NOT-FOR-US: Argosoft Mail Server Pro
-CVE-2005-1282
+CVE-2005-1282 (Multiple cross-site scripting (XSS) vulnerabilities in Argosoft Mail S ...)
 	NOT-FOR-US: Argosoft Mail Server Pro
-CVE-2005-1281
+CVE-2005-1281 (Ethereal 0.10.10 and earlier allows remote attackers to cause a denial ...)
 	- ethereal 0.10.10-2
-CVE-2005-1280
+CVE-2005-1280 (The rsvp_print function in tcpdump 3.9.1 and earlier allows remote att ...)
 	- ethereal 0.10.10-2
 	- tcpdump 3.8.3-4
-CVE-2005-1279
+CVE-2005-1279 (tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of ...)
 	{DSA-850-1}
 	- tcpdump 3.8.3-4
-CVE-2005-1278
+CVE-2005-1278 (The isis_print function, as called by isoclns_print, in tcpdump 3.9.1  ...)
 	- tcpdump 3.8.3-4 (bug #307920)
 CVE-2005-1277
 	REJECTED
 CVE-2005-1276
 	RESERVED
-CVE-2005-1275
+CVE-2005-1275 (Heap-based buffer overflow in the ReadPNMImage function in pnm.c for I ...)
 	- imagemagick 6:6.0.6.2-2.3 (bug #306424)
-CVE-2005-1274
+CVE-2005-1274 (Stack-based buffer overflow in the getIfHeader function in the WebDAV  ...)
 	- maxdb-7.5.00 7.5.00.24-3
 CVE-2005-1273
 	RESERVED
-CVE-2005-1272
+CVE-2005-1272 (Stack-based buffer overflow in the Backup Agent for Microsoft SQL Serv ...)
 	NOT-FOR-US: Backup Agent for Microsoft SQL
 CVE-2005-1271
 	REJECTED
-CVE-2005-1270
+CVE-2005-1270 (The (1) check_update.sh and (2) rkhunter script in Rootkit Hunter befo ...)
 	- rkhunter 1.2.7-14 (medium)
 CVE-2005-XXXX [Unspecified buffer overflow in Convert::UUlib perl module]
 	- libconvert-uulib-perl 1.0.5.1-1
-CVE-2005-1269
+CVE-2005-1269 (Gaim before 1.3.1 allows remote attackers to cause a denial of service ...)
 	{DSA-734-1}
 	- gaim 1:1.3.1-1 (bug #315356; low)
-CVE-2005-1268
+CVE-2005-1268 (Off-by-one error in the mod_ssl Certificate Revocation List (CRL) veri ...)
 	{DSA-805-1}
 	- apache2 2.0.54-5 (bug #320048; bug #320063; bug #322613; low)
 	- apache <not-affected> (Not affected, see #322613)
-CVE-2005-1267
+CVE-2005-1267 (The bgp_update_print function in tcpdump 3.x does not properly handle  ...)
 	{DSA-854-1}
 	- tcpdump 3.9.0.cvs.20050614-1 (medium)
-CVE-2005-1266
+CVE-2005-1266 (Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to ...)
 	{DSA-736-2 DSA-736-1}
 	- spamassassin 3.0.4-1 (bug #314447; medium)
-CVE-2005-1265
+CVE-2005-1265 (The mmap function in the Linux Kernel 2.6.10 can be used to create mem ...)
 	{DSA-922-1}
 	- linux-2.6 2.6.12-1
-CVE-2005-1264
+CVE-2005-1264 (Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.10)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
-CVE-2005-1263
+CVE-2005-1263 (The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2 ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc4)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
 	[sarge] - kernel-source-2.4.27 2.4.27-10
 	NOTE: believed not to be exploitable in 2.6 after all, re Greg K-H
-CVE-2005-1262
+CVE-2005-1262 (Gaim 1.2.1 and earlier allows remote attackers to cause a denial of se ...)
 	- gaim 1:1.2.1-1.1
-CVE-2005-1261
+CVE-2005-1261 (Stack-based buffer overflow in the URL parsing function in Gaim before ...)
 	- gaim 1:1.2.1-1.1
-CVE-2005-1260
+CVE-2005-1260 (bzip2 allows remote attackers to cause a denial of service (hard drive ...)
 	{DSA-741-1}
 	- bzip2 1.0.2-7
 CVE-2005-1259
@@ -8654,290 +8654,290 @@ CVE-2005-1258
 	RESERVED
 CVE-2005-1257
 	RESERVED
-CVE-2005-1256
+CVE-2005-1256 (Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail  ...)
 	NOT-FOR-US: IMail
-CVE-2005-1255
+CVE-2005-1255 (Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 ...)
 	NOT-FOR-US: IMail
-CVE-2005-1254
+CVE-2005-1254 (Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 ...)
 	NOT-FOR-US: IMail
 CVE-2005-1253
 	RESERVED
-CVE-2005-1252
+CVE-2005-1252 (Directory traversal vulnerability in the Web Calendaring server in Ips ...)
 	NOT-FOR-US: IMail
 CVE-2005-1251
 	RESERVED
-CVE-2005-1250
+CVE-2005-1250 (SQL injection vulnerability in the logon screen of the web front end ( ...)
 	NOT-FOR-US: IpSwitch
-CVE-2005-1249
+CVE-2005-1249 (The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) al ...)
 	NOT-FOR-US: IMail
-CVE-2005-1248
+CVE-2005-1248 (Buffer overflow in Apple iTunes before 4.8 allows remote attackers to  ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2005-1247
+CVE-2005-1247 (webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to ca ...)
 	NOT-FOR-US: Novell Nsure Audit
-CVE-2005-1246
+CVE-2005-1246 (Format string vulnerability in the snmppd_log function in snmppd_util. ...)
 	NOT-FOR-US: snmppd
 CVE-2005-XXXX [Multiple security problems in Quake 2]
 	NOTE: this release added lots of warnings about the security problems
 	- quake2 1:0.3-1.1
-CVE-2005-1245
+CVE-2005-1245 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, wh ...)
 	- mediawiki 1.4.9 (bug #276057)
 CVE-2005-1244
 	NOT-FOR-US: AS/400 FTP server addon
-CVE-2005-1243
+CVE-2005-1243 (Directory traversal vulnerability in the third party tool from SafeSto ...)
 	NOT-FOR-US: AS/400 FTP server addon
-CVE-2005-1242
+CVE-2005-1242 (Directory traversal vulnerability in the third party tool from Bsafe,  ...)
 	NOT-FOR-US: AS/400 FTP server addon
-CVE-2005-1241
+CVE-2005-1241 (Directory traversal vulnerability in the third party tool from Powerte ...)
 	NOT-FOR-US: AS/400 FTP server addon
-CVE-2005-1240
+CVE-2005-1240 (Directory traversal vulnerability in the third party tool from Castleh ...)
 	NOT-FOR-US: AS/400 FTP server addon
-CVE-2005-1239
+CVE-2005-1239 (Directory traversal vulnerability in the third party tool from Raz-Lee ...)
 	NOT-FOR-US: AS/400 FTP server addon
-CVE-2005-1238
+CVE-2005-1238 (By design, the built-in FTP server for iSeries AS/400 systems does not ...)
 	NOT-FOR-US: AS/400 FTP server
-CVE-2005-1237
+CVE-2005-1237 (SQL injection vulnerability in news.php in FlexPHPNews 0.0.3 allows re ...)
 	NOT-FOR-US: FlexPHPNews
-CVE-2005-1236
+CVE-2005-1236 (Multiple SQL injection vulnerabilities in DUware DUportal 3.1.2 and 3. ...)
 	NOT-FOR-US: DUPortal
-CVE-2005-1235
+CVE-2005-1235 (auction_my_auctions.php in phpbb-Auction 1.2m and earlier allows remot ...)
 	NOT-FOR-US: phpbb-Auction
-CVE-2005-1234
+CVE-2005-1234 (Multiple SQL injection vulnerabilities in phpbb-Auction allow remote a ...)
 	NOT-FOR-US: phpbb-Auction
-CVE-2005-1233
+CVE-2005-1233 (Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proF ...)
 	NOT-FOR-US: PHP Labs proFile
-CVE-2005-1232
+CVE-2005-1232 (Buffer overflow in Sun Java System Web Proxy Server (aka Sun ONE Proxy ...)
 	NOT-FOR-US: Sun ONE Proxy Server
-CVE-2005-1231
+CVE-2005-1231 (Cross-site scripting (XSS) vulnerability in the NewTerm function in Gl ...)
 	NOT-FOR-US: JAWS
-CVE-2005-1230
+CVE-2005-1230 (Directory traversal vulnerability in Yawcam 0.2.5 allows remote attack ...)
 	NOT-FOR-US: Yawcan
-CVE-2005-1229
+CVE-2005-1229 (Directory traversal vulnerability in cpio 2.6 and earlier allows remot ...)
 	{DSA-846-1}
 	- cpio 2.6-6 (bug #306693; medium)
-CVE-2005-1228
+CVE-2005-1228 (Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1 ...)
 	{DSA-752-1}
 	- gzip 1.3.5-10
-CVE-2005-1227
+CVE-2005-1227 (Cross-site scripting (XSS) vulnerability in PHProjekt 4.2 and earlier  ...)
 	NOT-FOR-US: PHPProjekt
-CVE-2005-1226
+CVE-2005-1226 (Coppermine Photo Gallery 1.3.2 stores passwords in plaintext, which al ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2005-1225
+CVE-2005-1225 (SQL injection vulnerability in Coppermine Photo Gallery 1.3.2 allows r ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2005-1224
+CVE-2005-1224 (Multiple SQL injection vulnerabilities in DUware DUportal Pro 3.4 allo ...)
 	NOT-FOR-US: DUPortal
-CVE-2005-1223
+CVE-2005-1223 (Multiple SQL injection vulnerabilities in Ocean12 Calendar manager 1.0 ...)
 	NOT-FOR-US: Ocean12 Calender manager
-CVE-2005-1222
+CVE-2005-1222 (cat_for_gen.php in Annuaire Netref 4.2 allows remote attackers to exec ...)
 	NOT-FOR-US: Annuaire Netref
-CVE-2005-1221
+CVE-2005-1221 (SQL injection vulnerability in login.asp for Ecommerce-Carts EcommPro  ...)
 	NOT-FOR-US: ECommPro
-CVE-2005-1220
+CVE-2005-1220 (Shoutbox SCRIPT 3.0.2 and earlier allows remote attackers to obtain se ...)
 	NOT-FOR-US: Shoutbox
-CVE-2005-1219
+CVE-2005-1219 (Buffer overflow in the Microsoft Color Management Module for Windows a ...)
 	NOT-FOR-US: Microsoft Color Management Module
-CVE-2005-1218
+CVE-2005-1218 (The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows ...)
 	NOT-FOR-US: Microsoft Color Management Module
 CVE-2005-1217
 	RESERVED
-CVE-2005-1216
+CVE-2005-1216 (Microsoft ISA Server 2000 allows remote attackers to connect to servic ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1215
+CVE-2005-1215 (Microsoft ISA Server 2000 allows remote attackers to poison the ISA ca ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1214
+CVE-2005-1214 (Microsoft Agent allows remote attackers to spoof trusted Internet cont ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1213
+CVE-2005-1213 (Stack-based buffer overflow in the news reader for Microsoft Outlook E ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1212
+CVE-2005-1212 (Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32 ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1211
+CVE-2005-1211 (Buffer overflow in the PNG image rendering component of Microsoft Inte ...)
 	NOT-FOR-US: Microsoft
 CVE-2005-1210
 	RESERVED
 CVE-2005-1209
 	RESERVED
-CVE-2005-1208
+CVE-2005-1208 (Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, an ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1207
+CVE-2005-1207 (Buffer overflow in the Web Client service in Microsoft Windows XP and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1206
+CVE-2005-1206 (Buffer overflow in the Server Message Block (SMB) functionality for Mi ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1205
+CVE-2005-1205 (The Telnet client for Microsoft Windows XP, Windows Server 2003, and W ...)
 	NOT-FOR-US: Microsoft
 CVE-2005-XXXX [libpam-ssh: Inproper caching of pwd data with potential security implications]
 	- libpam-ssh 1.91.0-9
-CVE-2005-1204
+CVE-2005-1204 (Desktop Rover 3.0, and possibly earlier versions, allows remote attack ...)
 	NOT-FOR-US: Desktop Rover
-CVE-2005-1203
+CVE-2005-1203 (Multiple SQL injection vulnerabilities in index.php in eGroupware befo ...)
 	- egroupware 1.0.0.007-2.dfsg-1
-CVE-2005-1202
+CVE-2005-1202 (Multiple cross-site scripting (XSS) vulnerabilities in eGroupware befo ...)
 	- egroupware 1.0.0.007-2.dfsg-1
-CVE-2005-1201
+CVE-2005-1201 (Multiple directory traversal vulnerabilities in AZ Bulletin board (AZb ...)
 	NOT-FOR-US: AZbb
-CVE-2005-1200
+CVE-2005-1200 (PHP remote file inclusion vulnerability in main_index.php in AZ Bullet ...)
 	NOT-FOR-US: AZbb
-CVE-2005-1199
+CVE-2005-1199 (SQL injection vulnerability in printthread.php in UBB.Threads allows r ...)
 	NOT-FOR-US: UBB.threads
-CVE-2005-1198
+CVE-2005-1198 (Directory traversal vulnerability in apexec.pl for Anaconda Foundation ...)
 	NOT-FOR-US: Anaconda Foundation Directory
-CVE-2005-1197
+CVE-2005-1197 (SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CH ...)
 	NOT-FOR-US: Oracle
-CVE-2005-1196
+CVE-2005-1196 (SQL injection vulnerability in kb.php in the Knowledge Base module for ...)
 	NOT-FOR-US: PHPBB Knowledgebase Mod
-CVE-2005-1195
+CVE-2005-1195 (Multiple heap-based buffer overflows in the code used to handle (1) MM ...)
 	- xine-lib 1.0.1-1
 	- mplayer <not-affected> (fixed in 1.0-pre7, which was released before etch)
-CVE-2005-1194
+CVE-2005-1194 (Stack-based buffer overflow in the ieee_putascii function for nasm 0.9 ...)
 	- nasm 0.98.38-1.2 (bug #309049)
-CVE-2005-1193
+CVE-2005-1193 (The bbencode_second_pass and make_clickable functions in bbcode.php fo ...)
 	- phpbb2 2.0.13-6sarge1 (medium)
-CVE-2005-1192
+CVE-2005-1192 (Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and ...)
 	NOT-FOR-US: HP-UX
-CVE-2005-1191
+CVE-2005-1191 (The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2 ...)
 	NOT-FOR-US: Windows
-CVE-2005-1190
+CVE-2005-1190 (WebcamXP PRO v2.16.468 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: WebcamXP
-CVE-2005-1189
+CVE-2005-1189 (Cross-site scripting (XSS) vulnerability in WebcamXP PRO v2.16.468 and ...)
 	NOT-FOR-US: WebcamXP
-CVE-2005-1188
+CVE-2005-1188 (Cross-site scripting (XSS) vulnerability in comersus_searchItem.asp in ...)
 	NOT-FOR-US: ComersusCart
-CVE-2005-1187
+CVE-2005-1187 (Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other v ...)
 	NOT-FOR-US: WinHex
-CVE-2005-1186
+CVE-2005-1186 (Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com doma ...)
 	NOT-FOR-US: Musicmatch
-CVE-2005-1185
+CVE-2005-1185 (Unquoted Windows search path vulnerability in Musicmatch Jukebox 10.00 ...)
 	NOT-FOR-US: Musicmatch
-CVE-2005-1184
+CVE-2005-1184 (The TCP/IP stack in multiple operating systems allows remote attackers ...)
 	NOT-FOR-US: Apparently bogus report. at least on Linux it couldn't be reproduced
-CVE-2005-1183
+CVE-2005-1183 (Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows re ...)
 	NOT-FOR-US: mvnForum
-CVE-2005-1182
+CVE-2005-1182 (Unknown vulnerability in Incoming Remote Command (iSeries Access for W ...)
 	NOT-FOR-US: iSeries OS
 CVE-2005-1181
 	NOT-FOR-US: Ariadne CMS
-CVE-2005-1180
+CVE-2005-1180 (HTTP Response Splitting vulnerability in the Surveys module in PHP-Nuk ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1179
+CVE-2005-1179 (Unknown vulnerability in Xerox MicroServer Web Server for various Work ...)
 	NOT-FOR-US: Xerox
-CVE-2005-1178
+CVE-2005-1178 (SQL injection vulnerability in Oracle Forms 10g allows remote attacker ...)
 	NOT-FOR-US: Oracle
-CVE-2005-1177
+CVE-2005-1177 (Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 cause ...)
 	- webmin <not-affected>
 	NOTE: I haven't found further information on this, but this appears to only
 	NOTE: affect non-Debian setups
-CVE-2005-1176
+CVE-2005-1176 (Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while  ...)
 	NOT-FOR-US: AIX
-CVE-2005-1175
+CVE-2005-1175 (Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT ...)
 	{DSA-757-1}
 	- krb5 1.3.6-4 (bug #318437; medium)
-CVE-2005-1174
+CVE-2005-1174 (MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC)  ...)
 	{DSA-757-1}
 	- krb5 1.3.6-4 (bug #318437; medium)
-CVE-2005-1173
+CVE-2005-1173 (Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote atta ...)
 	NOT-FOR-US: PMSoftware Simple Web Server
-CVE-2005-1172
+CVE-2005-1172 (Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2005-1171
+CVE-2005-1171 (Cross-site scripting (XSS) vulnerability in mod.php in the datenbank m ...)
 	NOT-FOR-US: moddb phpbb2 add-on
-CVE-2005-1170
+CVE-2005-1170 (SQL injection vulnerability in mod.php in the datenbank module for php ...)
 	NOT-FOR-US: moddb phpbb2 add-on
-CVE-2005-1169
+CVE-2005-1169 (Mafia Blog .4 BETA does not properly protect the admin directory, whic ...)
 	NOT-FOR-US: Mafia Blog
-CVE-2005-1168
+CVE-2005-1168 (DiagCollectionControl.dll in Musicmatch 10.00.2047 and earlier allows  ...)
 	NOT-FOR-US: Musicmatch
-CVE-2005-1167
+CVE-2005-1167 (Musicmatch 10.00.2047 and earlier store log files in the Program Files ...)
 	NOT-FOR-US: Musicmatch
-CVE-2005-1166
+CVE-2005-1166 (The DNTUS26 process in Dameware NT Utilities and the DWRCS process in  ...)
 	NOT-FOR-US: Dameware
-CVE-2005-1165
+CVE-2005-1165 (Yager 5.24 and earlier allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Yager game
-CVE-2005-1164
+CVE-2005-1164 (Yager 5.24 and earlier allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Yager game
-CVE-2005-1163
+CVE-2005-1163 (Multiple buffer overflows in Yager 5.24 and earlier allow remote attac ...)
 	NOT-FOR-US: Yager game
-CVE-2005-1162
+CVE-2005-1162 (Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore a ...)
 	NOT-FOR-US: OneWorldStore
-CVE-2005-1161
+CVE-2005-1161 (Multiple SQL injection vulnerabilities in OneWorldStore allow remote a ...)
 	NOT-FOR-US: OneWorldStore
-CVE-2005-1160
+CVE-2005-1160 (The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Su ...)
 	{DSA-781-1}
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
 	- mozilla-thunderbird 1.0.6-1 (bug #318728; high)
-CVE-2005-1159
+CVE-2005-1159 (The native implementations of InstallTrigger and other functions in Fi ...)
 	{DSA-781-1}
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
 	- mozilla-thunderbird 1.0.6-1 (bug #318728; medium)
-CVE-2005-1158
+CVE-2005-1158 (Multiple "missing security checks" in Firefox before 1.0.3 allow remot ...)
 	- mozilla-firefox 1.0.3-1
-CVE-2005-1157
+CVE-2005-1157 (Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 all ...)
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
-CVE-2005-1156
+CVE-2005-1156 (Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 all ...)
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
-CVE-2005-1155
+CVE-2005-1155 (The favicon functionality in Firefox before 1.0.3 and Mozilla Suite be ...)
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
-CVE-2005-1154
+CVE-2005-1154 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote atta ...)
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
-CVE-2005-1153
+CVE-2005-1153 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a p ...)
 	- mozilla-firefox 1.0.3-1
 	- mozilla 2:1.7.7-1
-CVE-2005-1152
+CVE-2005-1152 (popauth.c in qpopper 4.0.5 and earlier does not properly set the umask ...)
 	{DSA-728-1}
 	- qpopper 4.0.5-4sarge1
-CVE-2005-1151
+CVE-2005-1151 (qpopper 4.0.5 and earlier does not properly drop privileges before pro ...)
 	{DSA-728-1}
 	- qpopper 4.0.5-4sarge1
-CVE-2005-1150
+CVE-2005-1150 (Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlie ...)
 	NOT-FOR-US: Sun Java
-CVE-2005-1149
+CVE-2005-1149 (SQL injection vulnerability in admin/login.asp in aspclick.it ACNews 1 ...)
 	NOT-FOR-US: ACNews
-CVE-2005-1148
+CVE-2005-1148 (calendar.pl in CalendarScript 3.21 allows remote attackers to obtain s ...)
 	NOT-FOR-US: CalenderScript
-CVE-2005-1147
+CVE-2005-1147 (calendar.pl in CalendarScript 3.20 allows remote attackers to obtain s ...)
 	NOT-FOR-US: CalenderScript
 CVE-2005-1146
 	NOT-FOR-US: CalenderScript
 CVE-2005-1145
 	NOT-FOR-US: CalenderScript
-CVE-2005-1144
+CVE-2005-1144 (popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to o ...)
 	NOT-FOR-US: EasyPHPCalender
-CVE-2005-1143
+CVE-2005-1143 (Cross-site scripting (XSS) vulnerability in index.php in EasyPHPCalend ...)
 	NOT-FOR-US: EasyPHPCalender
-CVE-2005-1142
+CVE-2005-1142 (Heap-based buffer overflow in the readpgm function in pnm.c for GOCR 0 ...)
 	- gocr 0.39-5
-CVE-2005-1141
+CVE-2005-1141 (Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when  ...)
 	- gocr 0.39-5
-CVE-2005-1140
+CVE-2005-1140 (Cross-site scripting (XSS) vulnerability in myBloggie 2.1.1 allows rem ...)
 	NOT-FOR-US: MyBloggie
-CVE-2005-1139
+CVE-2005-1139 (Opera 8 Beta 3, when using first-generation vetted digital certificate ...)
 	NOT-FOR-US: Opera
-CVE-2005-1138
+CVE-2005-1138 (Unknown vulnerability in WebMail in Kerio MailServer before 6.0.9 allo ...)
 	NOT-FOR-US: Kerio
-CVE-2005-1137
+CVE-2005-1137 (Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to obtain sen ...)
 	NOT-FOR-US: sphpBlog
-CVE-2005-1136
+CVE-2005-1136 (Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) c ...)
 	NOT-FOR-US: sphpBlog
-CVE-2005-1135
+CVE-2005-1135 (Cross-site scripting (XSS) vulnerability in search.php for Simple PHP  ...)
 	NOT-FOR-US: sphpBlog
-CVE-2005-1134
+CVE-2005-1134 (SQL injection vulnerability in exit.php for Serendipity 0.8 and earlie ...)
 	NOT-FOR-US: Serendipity
-CVE-2005-1133
+CVE-2005-1133 (The POP3 server in IBM iSeries AS/400 returns different error messages ...)
 	NOT-FOR-US: AS/400 system software
-CVE-2005-1132
+CVE-2005-1132 (LG U8120 mobile phone allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: LG mobile phone
-CVE-2005-1131
+CVE-2005-1131 (Unknown vulnerability in Veritas i3 Focalpoint Server 7.1 and earlier  ...)
 	NOT-FOR-US: Veritas Focalpoint Server
-CVE-2005-1130
+CVE-2005-1130 (Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart ...)
 	NOT-FOR-US: PinnacleCart
-CVE-2005-1129
+CVE-2005-1129 (eGroupWare 1.0.6 and earlier, when an e-mail is composed with an attac ...)
 	- egroupware 1.0.0.007-2.dfsg-1
-CVE-2005-1128
+CVE-2005-1128 (Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow r ...)
 	NOT-FOR-US: VHCS
-CVE-2005-1127
+CVE-2005-1127 (Format string vulnerability in the log function in Net::Server 0.87 an ...)
 	{DSA-1122 DSA-1121}
 	- libnet-server-perl 0.89-1 (bug #378640)
 	NOTE: Net::Server was already fixed in 0.87-1, although the changelog doesn't mention
@@ -8946,242 +8946,242 @@ CVE-2005-1127
 	NOTE: but DSA-1122 thinks it was fixed in 0.89-1, so mark that version to make
 	NOTE: scripts happy (at time of writing, 0.90-1 is in testing)
 	- postgrey 1.22-1
-CVE-2005-1126
+CVE-2005-1126 (The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 an ...)
 	NOT-FOR-US: Free BSD
-CVE-2005-1125
+CVE-2005-1125 (Race condition in libsafe 2.0.16 and earlier, when running in multi-th ...)
 	- libsafe <removed>
-CVE-2005-1124
+CVE-2005-1124 (Unknown vulnerability in the libgss Generic Security Services Library  ...)
 	NOT-FOR-US: Solaris
-CVE-2005-1123
+CVE-2005-1123 (Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause  ...)
 	NOT-FOR-US: monkeyd
-CVE-2005-1122
+CVE-2005-1122 (Format string vulnerability in cgi.c for Monkey daemon (monkeyd) befor ...)
 	NOT-FOR-US: monkeyd
-CVE-2005-1121
+CVE-2005-1121 (Format string vulnerability in the my_xlog function in lib.c for Oops! ...)
 	{DSA-726-1}
 	- oops 1.5.23.cvs-2.2 (bug #307360; high)
-CVE-2005-1120
+CVE-2005-1120 (Multiple cross-site scripting (XSS) vulnerabilities in IlohaMail 0.8.1 ...)
 	{DSA-1010-1}
 	- ilohamail 0.8.14-0rc3sarge1 (bug #304525; medium)
-CVE-2005-1119
+CVE-2005-1119 (Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary  ...)
 	- sudo <unfixed> (bug #283161; unimportant)
 	NOTE: That's a policy violation, but not a security problem
-CVE-2005-1118
+CVE-2005-1118 (Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the R ...)
 	NOT-FOR-US: RSA authentication agent
-CVE-2005-1117
+CVE-2005-1117 (PHP remote file inclusion vulnerability in index.php in All4WWW-Homepa ...)
 	NOT-FOR-US: All4WWW Homepage creator
-CVE-2005-1116
+CVE-2005-1116 (Cross-site scripting (XSS) vulnerability in the Calendar module for ph ...)
 	NOT-FOR-US: phpbb2 calendar addon
-CVE-2005-1115
+CVE-2005-1115 (Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0 ...)
 	NOT-FOR-US: Photo Album
-CVE-2005-1114
+CVE-2005-1114 (Multiple SQL injection vulnerabilities in album_search.php in Photo Al ...)
 	NOT-FOR-US: Photo Album
-CVE-2005-1113
+CVE-2005-1113 (Multiple cross-site scripting (XSS) vulnerabilities in PhpBB Plus 1.52 ...)
 	NOT-FOR-US: PhpBB Plus
-CVE-2005-1112
+CVE-2005-1112 (IBM WebSphere Application Server 6.0 and earlier, when sharing the doc ...)
 	NOT-FOR-US: IBM Websphere
-CVE-2005-1111
+CVE-2005-1111 (Race condition in cpio 2.6 and earlier allows local users to modify pe ...)
 	{DSA-846-1}
 	- cpio 2.6-6 (bug #305372; low)
-CVE-2005-1110
+CVE-2005-1110 (Stack-based buffer overflow in the RespondeHTTPPendiente function in t ...)
 	NOT-FOR-US: Sumus web server
-CVE-2005-1109
+CVE-2005-1109 (The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote atta ...)
 	{DSA-713-1}
 	- junkbuster <removed> (bug #304793)
 	- privoxy <not-affected>
-CVE-2005-1108
+CVE-2005-1108 (The ij_untrusted_url function in JunkBuster 2.0.2-r2, with single-thre ...)
 	{DSA-713-1}
 	- junkbuster <removed>
 	- privoxy <not-affected>
-CVE-2005-1107
+CVE-2005-1107 (McAfee Internet Security Suite 2005 uses insecure default ACLs for ins ...)
 	NOT-FOR-US: McAfee
 CVE-2005-XXXX [Remote DoS vulnerabilities in postgrey]
 	- postgrey 1.21-1
-CVE-2005-1106
+CVE-2005-1106 (PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers t ...)
 	NOT-FOR-US: Windows
-CVE-2005-1105
+CVE-2005-1105 (Directory traversal vulnerability in the MimeBodyPart.getFileName meth ...)
 	- libgnumail-java <unfixed> (bug #304712; unimportant)
 	NOTE: This just provides an Java API function to receive a file name, sanitising
 	NOTE: this file name for further use must be done inside the application calling
 	NOTE: the function
-CVE-2005-1104
+CVE-2005-1104 (Multiple cross-site scripting (XSS) vulnerabilities in Centra 7 allow  ...)
 	NOT-FOR-US: Centra
-CVE-2005-1103
+CVE-2005-1103 (Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5 through 4. ...)
 	NOT-FOR-US: Sygate Secure Enterprise
-CVE-2005-1102
+CVE-2005-1102 (Multiple cross-site scripting (XSS) vulnerabilities in template-functi ...)
 	NOTE: Upstream developers don't consider this an issue, see bug #304468
-CVE-2005-1101
+CVE-2005-1101 (Multiple buffer overflows in Lotus Domino Server 6.0.5 and 6.5.4 allow ...)
 	NOT-FOR-US: Lotus Domino Server
-CVE-2005-1100
+CVE-2005-1100 (Format string vulnerability in the ErrorLog function in cnf.c in Greyl ...)
 	- postfix-gld 1.5-1
-CVE-2005-1099
+CVE-2005-1099 (Multiple buffer overflows in the HandleChild function in server.c in G ...)
 	- postfix-gld 1.5-1
-CVE-2005-1098
+CVE-2005-1098 (GetDataBack for NTFS 2.31 stores the username and license key in plain ...)
 	NOT-FOR-US: GetDataBack for NTFS (Windows)
-CVE-2005-1097
+CVE-2005-1097 (Rebrand P2P Share Spy 2.2 stores the user password in plaintext in the ...)
 	NOT-FOR-US: Rebrand P2P Share Spy
-CVE-2005-1096
+CVE-2005-1096 (SQL injection vulnerability in main.asp for Ocean12 Membership Manager ...)
 	NOT-FOR-US: Ocean12 Membership Manager Pro
-CVE-2005-1095
+CVE-2005-1095 (Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membe ...)
 	NOT-FOR-US: Ocean12 Membership Manager Pro
-CVE-2005-1094
+CVE-2005-1094 (FTP Now 2.6.14 stores usernames and passwords in plaintext in sites.xm ...)
 	NOT-FOR-US: FTP Now
-CVE-2005-1093
+CVE-2005-1093 (Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with  ...)
 	NOT-FOR-US: Miranda IM
-CVE-2005-1092
+CVE-2005-1092 (Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext  ...)
 	NOT-FOR-US: DeluxeFTP
-CVE-2005-1091
+CVE-2005-1091 (Maxthon 1.2.0 and 1.2.1 allows remote attackers to bypass the security ...)
 	NOT-FOR-US: Maxthon
-CVE-2005-1090
+CVE-2005-1090 (Directory traversal vulnerability in the readFile and writeFile API fo ...)
 	NOT-FOR-US: Maxthon
-CVE-2005-1089
+CVE-2005-1089 (Unknown vulnerability in DC++ before 0.674 allows attackers to append  ...)
 	NOT-FOR-US: DC++
-CVE-2005-1088
+CVE-2005-1088 (Unknown vulnerability in DameWare NT Utilities 4.8 and earlier, and Mi ...)
 	NOT-FOR-US: DameWare NT Utilities and Mini Remote Control
-CVE-2005-1087
+CVE-2005-1087 (CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Serv ...)
 	NOT-FOR-US: AN HTTPD
-CVE-2005-1086
+CVE-2005-1086 (Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allo ...)
 	NOT-FOR-US: AN HTTPD
-CVE-2005-1085
+CVE-2005-1085 (Cross-site scripting (XSS) vulnerability in the control panel in aeDat ...)
 	NOT-FOR-US: aeDating
-CVE-2005-1084
+CVE-2005-1084 (SQL injection vulnerability in sdating.php in aeDating 3.2 allows remo ...)
 	NOT-FOR-US: aeDating
-CVE-2005-1083
+CVE-2005-1083 (index.php in aeDating 3.2 allows remote attackers to include arbitrary ...)
 	NOT-FOR-US: aeDating
-CVE-2005-1082
+CVE-2005-1082 (Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 all ...)
 	NOT-FOR-US: AtDGDatingPlatinum
-CVE-2005-1081
+CVE-2005-1081 (Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlat ...)
 	NOT-FOR-US: AtDGDatingPlatinum
-CVE-2005-1080
+CVE-2005-1080 (Directory traversal vulnerability in the Java Archive Tool (Jar) utili ...)
 	NOT-FOR-US: JAR in J2SE SDK
-CVE-2005-1079
+CVE-2005-1079 (SQL injection vulnerability in index.php for zOOm Media Gallery 2.1.2  ...)
 	NOT-FOR-US: zOOm Media Gallery
-CVE-2005-1078
+CVE-2005-1078 (XAMPP 1.4.x has multiple default or null passwords, which allows attac ...)
 	NOT-FOR-US: XAMPP Apache distribution specific issue
-CVE-2005-1077
+CVE-2005-1077 (Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x all ...)
 	NOT-FOR-US: XAMPP Apache distribution specific issue
-CVE-2005-1076
+CVE-2005-1076 (Cross-site scripting (XSS) vulnerability in the discussion board funct ...)
 	NOT-FOR-US: WebCT
-CVE-2005-1075
+CVE-2005-1075 (Multiple cross-site scripting (XSS) vulnerabilities in RadScripts RadB ...)
 	NOT-FOR-US: RadScripts RadBids Gold
-CVE-2005-1074
+CVE-2005-1074 (SQL injection vulnerability in index.php for RadScripts RadBids Gold 2 ...)
 	NOT-FOR-US: RadScripts RadBids Gold
-CVE-2005-1073
+CVE-2005-1073 (Directory traversal vulnerability in index.php for RadScripts RadBids  ...)
 	NOT-FOR-US: RadScripts RadBids Gold
-CVE-2005-1072
+CVE-2005-1072 (Cross-site scripting (XSS) vulnerability in PunBB before 1.2.5 allows  ...)
 	NOT-FOR-US: PunBB
-CVE-2005-1071
+CVE-2005-1071 (SQL injection vulnerability in banner.inc.php in JPortal Web Portal 2. ...)
 	NOT-FOR-US: JPortal
-CVE-2005-1070
+CVE-2005-1070 (SQL injection vulnerability in index.php in Invision Power Board 1.3.1 ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2005-1069
+CVE-2005-1069 (Unknown vulnerability in sCssBoard 1.11 and earlier has unknown impact ...)
 	NOT-FOR-US: sCssBoard
-CVE-2005-1068
+CVE-2005-1068 (Cross-site scripting (XSS) vulnerability in sCssBoard 1.11 and earlier ...)
 	NOT-FOR-US: sCssBoard
-CVE-2005-1067
+CVE-2005-1067 (Vulnerability in Access_user Class before 1.75 allows local users to g ...)
 	NOT-FOR-US: Access_user class
-CVE-2005-1066
+CVE-2005-1066 (Race condition in rpdump in Pine 4.62 and earlier allows local users t ...)
 	- pine 4.63-1 (unimportant)
 	- alpine <not-affected> (alpine is based on pine 4.64, this bug was in a previous version of pine)
 	NOTE: Not shipped in the binary package
-CVE-2005-1065
+CVE-2005-1065 (tetex in Novell Linux Desktop 9 allows local users to determine the ex ...)
 	- tetex-base <not-affected> (/var/cache/fonts is not writable by normal users in Debian)
-CVE-2005-1064
+CVE-2005-1064 (The copy_symlink function in rsnapshot 1.2.0 and 1.1.x before 1.1.7 ch ...)
 	- rsnapshot 1.2.1-1
-CVE-2005-1063
+CVE-2005-1063 (The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0. ...)
 	NOT-FOR-US: Kerio
-CVE-2005-1062
+CVE-2005-1062 (The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0. ...)
 	NOT-FOR-US: Kerio
-CVE-2005-1061
+CVE-2005-1061 (The secure script in LogWatch before 2.6-2 allows attackers to prevent ...)
 	- logwatch 5.0-1
-CVE-2005-1060
+CVE-2005-1060 (Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novel ...)
 	NOT-FOR-US: Novell Netware
-CVE-2005-1059
+CVE-2005-1059 (Linksys WET11 1.5.4 allows remote attackers to change the password wit ...)
 	NOT-FOR-US: Linksys WET11
-CVE-2005-1058
+CVE-2005-1058 (Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile tha ...)
 	NOT-FOR-US: Cisco
-CVE-2005-1057
+CVE-2005-1057 (Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH vers ...)
 	NOT-FOR-US: Cisco
-CVE-2005-1056
+CVE-2005-1056 (Unknown vulnerability in HP OpenView Network Node Manager (NMM) 6.2 th ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2005-1055
+CVE-2005-1055 (TowerBlog 0.6 and earlier stores the login data file under the web roo ...)
 	NOT-FOR-US: TowerBlog
-CVE-2005-1054
+CVE-2005-1054 (PHP remote file inclusion vulnerability in news.php in ModernBill 4.3. ...)
 	NOT-FOR-US: ModernBill
-CVE-2005-1053
+CVE-2005-1053 (Multiple cross-site scripting (XSS) vulnerabilities in orderwiz.php in ...)
 	NOT-FOR-US: ModernBill
-CVE-2005-1052
+CVE-2005-1052 (Microsoft Outlook 2003 and Outlook Web Access (OWA) 2003 do not proper ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1051
+CVE-2005-1051 (SQL injection vulnerability in profile.php in PunBB 1.2.4 allows remot ...)
 	NOT-FOR-US: PunBB
-CVE-2005-1050
+CVE-2005-1050 (The modload op in the Reviews module for PostNuke 0.760-RC3 allows rem ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-1049
+CVE-2005-1049 (Multiple cross-site scripting vulnerabilities in PostNuke 0.760-RC3 al ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-1048
+CVE-2005-1048 (SQL injection vulnerability in modules.php in PostNuke 0.760 RC3 allow ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-1047
+CVE-2005-1047 (Meilad File upload script (up.php) mod for phpBB 2.0.x does not proper ...)
 	NOT-FOR-US: PunBB
-CVE-2005-1046
+CVE-2005-1046 (Buffer overflow in the kimgio library for KDE 3.4.0 allows remote atta ...)
 	{DSA-714-1}
 	- kdelibs 4:3.3.2-6
-CVE-2005-1045
+CVE-2005-1045 (OpenText FirstClass 8.0 client does not properly sanitize strings befo ...)
 	NOT-FOR-US: OpenText
 CVE-2005-1044
 	REJECTED
-CVE-2005-1043
+CVE-2005-1043 (exif.c in PHP before 4.3.11 allows remote attackers to cause a denial  ...)
 	- php4 4:4.3.10-10 (bug #306003)
-CVE-2005-1042
+CVE-2005-1042 (Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP ...)
 	- php4 4:4.3.10-10 (bug #306003)
-CVE-2005-1041
+CVE-2005-1041 (The fib_seq_start function in fib_hash.c in Linux kernel allows local  ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.5)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
 	- kernel-source-2.4.27 <not-affected>
-CVE-2005-1040
+CVE-2005-1040 (Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop  ...)
 	- netapplet <not-affected> (Not vulnerable, see bug #310833)
-CVE-2005-1039
+CVE-2005-1039 (Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2 ...)
 	- coreutils 6.10-1 (bug #304556; unimportant)
 	NOTE: Minor issue, generic UNIX design issue, see discussion in #304556)
-CVE-2005-1038
+CVE-2005-1038 (crontab in Vixie cron 4.1, when running with the -e option, allows loc ...)
 	NOTE: long fixed in Debian's cron
-CVE-2005-1037
+CVE-2005-1037 (Unknown vulnerability in AIX 5.3.0, when configured as an NIS client,  ...)
 	NOT-FOR-US: AIX
-CVE-2005-1036
+CVE-2005-1036 (FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permis ...)
 	NOT-FOR-US: FreeBSD
-CVE-2005-1035
+CVE-2005-1035 (Multiple buffer overflows in Pavuk before 0.9.32 have unknown attack v ...)
 	- pavuk 0.9.32-1
-CVE-2005-1034
+CVE-2005-1034 (SurgeFTP 2.2m1 allows remote attackers to cause a denial of service (a ...)
 	NOT-FOR-US: SurgeFTP
-CVE-2005-1033
+CVE-2005-1033 (CubeCart 2.0.6 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: CubeCart
 CVE-2005-1032
 	REJECTED
-CVE-2005-1031
+CVE-2005-1031 (RUNCMS 1.1A, and possibly other products based on e-Xoops (exoops), wh ...)
 	NOT-FOR-US: exoops
-CVE-2005-1030
+CVE-2005-1030 (Multiple cross-site scripting (XSS) vulnerabilities in Active Auction  ...)
 	NOT-FOR-US: Active Auction House
-CVE-2005-1029
+CVE-2005-1029 (Multiple SQL injection vulnerabilities in Active Auction House allow r ...)
 	NOT-FOR-US: Active Auction House
-CVE-2005-1028
+CVE-2005-1028 (PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1027
+CVE-2005-1027 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x th ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1026
+CVE-2005-1026 (Multiple SQL injection vulnerabilities in SnailSource phpBB 2.0.x mods ...)
 	NOT-FOR-US: SnailSource phpBB mod
-CVE-2005-1025
+CVE-2005-1025 (The FTP server in AS/400 4.3, when running in IFS mode, allows remote  ...)
 	NOT-FOR-US: IBM
-CVE-2005-1024
+CVE-2005-1024 (modules.php in PHP-Nuke 6.x to 7.6 allows remote attackers to obtain s ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1023
+CVE-2005-1023 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x to ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1022
+CVE-2005-1022 (ColdFusion 6.1 Updater 1 places Java .class files under the web root i ...)
 	NOT-FOR-US: ColdFusion
-CVE-2005-1021
+CVE-2005-1021 (Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when ...)
 	NOT-FOR-US: IOS
-CVE-2005-1020
+CVE-2005-1020 (Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote atta ...)
 	NOT-FOR-US: IOS
-CVE-2005-1019
+CVE-2005-1019 (Buffer overflow in the getConfig function in Aeon 0.2a and earlier all ...)
 	NOT-FOR-US: Aeon
-CVE-2005-1018
+CVE-2005-1018 (Buffer overflow in the UniversalAgent for Computer Associates (CA) Bri ...)
 	NOT-FOR-US: CA ArcServe Backup
 CVE-2005-XXXX [Some security issues in mod_security]
 	NOTE: I don't understand mod_security fully, so I'm not entirely sure which of
@@ -9195,143 +9195,143 @@ CVE-2005-XXXX [Variable function calls in Smarty allow bypassing security settin
 	- smarty 2.6.9-1
 CVE-2005-XXXX [Possible problem with insecure usage of sscanf in obexftp client]
 	- obexftp 0.10.7-3
-CVE-2005-1017
+CVE-2005-1017 (SQL injection vulnerability in the Update_Events function in events_fu ...)
 	NOT-FOR-US: MaxWebPortal
-CVE-2005-1016
+CVE-2005-1016 (Cross-site scripting (XSS) vulnerability in links_add_form.asp for Max ...)
 	NOT-FOR-US: MaxWebPortal
-CVE-2005-1015
+CVE-2005-1015 (Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attacke ...)
 	NOT-FOR-US: MailEnable
-CVE-2005-1014
+CVE-2005-1014 (Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and ...)
 	NOT-FOR-US: MailEnable
-CVE-2005-1013
+CVE-2005-1013 (The SMTP service in MailEnable Enterprise 1.04 and earlier and Profess ...)
 	NOT-FOR-US: MailEnable
-CVE-2005-1012
+CVE-2005-1012 (Cross-site scripting (XSS) vulnerability in Iatek SiteEnable allows re ...)
 	NOT-FOR-US: SiteEnable
-CVE-2005-1011
+CVE-2005-1011 (SQL injection vulnerability in content.asp in SiteEnable allows remote ...)
 	NOT-FOR-US: SiteEnable
-CVE-2005-1010
+CVE-2005-1010 (Cross-site scripting (XSS) vulnerability in Comersus Cart 6 allows rem ...)
 	NOT-FOR-US: ComersusCart
-CVE-2005-1009
+CVE-2005-1009 (Multiple buffer overflows in BakBone NetVault 6.x and 7.x allow (1) re ...)
 	NOT-FOR-US: NetVault
-CVE-2005-1008
+CVE-2005-1008 (Cross-site scripting (XSS) vulnerability in posts.asp for ASP-DEv XM F ...)
 	NOT-FOR-US: XM Forum
-CVE-2005-1007
+CVE-2005-1007 (Unknown vulnerability in the LIST functionality in CommuniGate Pro bef ...)
 	NOT-FOR-US: CommuniGate Pro
-CVE-2005-1006
+CVE-2005-1006 (Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO  ...)
 	NOT-FOR-US: SonicWALL
-CVE-2005-1005
+CVE-2005-1005 (ProfitCode PayProCart 3.0 allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: PayProCart
-CVE-2005-1004
+CVE-2005-1004 (Cross-site scripting (XSS) vulnerability in usrdetails.php in ProfitCo ...)
 	NOT-FOR-US: PayProCart
-CVE-2005-1003
+CVE-2005-1003 (Directory traversal vulnerability in index.php for ProfitCode PayProCa ...)
 	NOT-FOR-US: PayProCart
-CVE-2005-1002
+CVE-2005-1002 (logwebftbs2000.exe in Logics Software File Transfer (LOG-FT) allows re ...)
 	NOT-FOR-US: LOG-FT File Transfer
-CVE-2005-1001
+CVE-2005-1001 (PHP-Nuke 7.6 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-1000
+CVE-2005-1000 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 al ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0999
+CVE-2005-0999 (SQL injection vulnerability in the Top module for PHP-Nuke 6.x through ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0998
+CVE-2005-0998 (The Web_Links module for PHP-Nuke 7.6 allows remote attackers to obtai ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0997
+CVE-2005-0997 (Multiple SQL injection vulnerabilities in the Web_Links module for PHP ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0996
+CVE-2005-0996 (Multiple SQL injection vulnerabilities in the Downloads module for PHP ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0995
+CVE-2005-0995 (Multiple cross-site scripting (XSS) vulnerabilities in ProductCart 2.7 ...)
 	NOT-FOR-US: ProductCart
-CVE-2005-0994
+CVE-2005-0994 (Multiple SQL injection vulnerabilities in ProductCart 2.7 allow remote ...)
 	NOT-FOR-US: ProductCart
-CVE-2005-0993
+CVE-2005-0993 (Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users  ...)
 	NOT-FOR-US: SCO
-CVE-2005-0992
+CVE-2005-0992 (Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin be ...)
 	- phpmyadmin 3:2.6.2-rc1-1
-CVE-2005-0991
+CVE-2005-0991 (RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location f ...)
 	NOT-FOR-US: AIX
-CVE-2005-0990
+CVE-2005-0990 (unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite a ...)
 	- sharutils 1:4.2.1-13
-CVE-2005-0989
+CVE-2005-0989 (The find_replen function in jsstr.c in the Javascript engine for Mozil ...)
 	{DSA-781-1}
 	- mozilla 2:1.7.7-1 (bug #306001)
 	- mozilla-firefox 1.0.2-3
 	- mozilla-thunderbird 1.0.6-1 (bug #318728; medium)
-CVE-2005-0988
+CVE-2005-0988 (Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a ...)
 	{DSA-752-1}
 	- gzip 1.3.5-10
-CVE-2005-0987
+CVE-2005-0987 (Unknown vulnerability in IRC Services NickServ LISTLINKS before 5.0.50 ...)
 	NOT-FOR-US: IRC Services NickServ
-CVE-2005-0986
+CVE-2005-0986 (NLSCCSTR.DLL in the web service in IBM Lotus Domino Server 6.5.1, 6.0. ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2005-0985
+CVE-2005-0985 (Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows  ...)
 	NOT-FOR-US: Apple
-CVE-2005-0984
+CVE-2005-0984 (Buffer overflow in the G_Printf function in Star Wars Jedi Knight: Jed ...)
 	NOT-FOR-US: Star Wars game
-CVE-2005-0983
+CVE-2005-0983 (Quake 3 engine, as used in multiple games, allows remote attackers to  ...)
 	NOT-FOR-US: Quake 3 based games
-CVE-2005-0982
+CVE-2005-0982 (Multiple cross-site scripting (XSS) vulnerabilities in Yet Another For ...)
 	NOT-FOR-US: Yet Another Forum.net
-CVE-2005-0981
+CVE-2005-0981 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay ...)
 	NOT-FOR-US: Alstrasoft EPay
-CVE-2005-0980
+CVE-2005-0980 (PHP remote file inclusion vulnerability in index.php in AlstraSoft EPa ...)
 	NOT-FOR-US: Alstrasoft EPay
-CVE-2005-0979
+CVE-2005-0979 (Multiple buffer overflows in RUMBA 7.3 and earlier allow remote attack ...)
 	NOT-FOR-US: Rumba
-CVE-2005-0978
+CVE-2005-0978 (Directory traversal vulnerability in the Object Push service in IVT Bl ...)
 	NOT-FOR-US: IVT BlueSoleil
-CVE-2005-0977
+CVE-2005-0977 (The shmem_nopage function in shmem.c for the tmpfs driver in Linux ker ...)
 	[sarge] - kernel-source-2.6.8 2.6.8-16 (bug #303177)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
-CVE-2005-0976
+CVE-2005-0976 (AppleWebKit (WebCore and WebKit), as used in multiple products such as ...)
 	NOT-FOR-US: Apple
-CVE-2005-0975
+CVE-2005-0975 (Integer signedness error in the parse_machfile function in the mach-o  ...)
 	NOT-FOR-US: Apple
-CVE-2005-0974
+CVE-2005-0974 (Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and ear ...)
 	NOT-FOR-US: Apple
-CVE-2005-0973
+CVE-2005-0973 (Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 ...)
 	NOT-FOR-US: Apple
-CVE-2005-0972
+CVE-2005-0972 (Integer overflow in the searchfs system call in Mac OS X 10.3.9 and ea ...)
 	NOT-FOR-US: Apple
-CVE-2005-0971
+CVE-2005-0971 (Stack-based buffer overflow in the semop system call in Mac OS X 10.3. ...)
 	NOT-FOR-US: Apple
-CVE-2005-0970
+CVE-2005-0970 (Mac OS X 10.3.9 and earlier allows users to install, create, and execu ...)
 	NOT-FOR-US: Apple
-CVE-2005-0969
+CVE-2005-0969 (Heap-based buffer overflow in the syscall emulation functionality in M ...)
 	NOT-FOR-US: Apple
-CVE-2005-0968
+CVE-2005-0968 (Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote  ...)
 	NOT-FOR-US: CA eTrust IDS
-CVE-2005-0967
+CVE-2005-0967 (Gaim 1.2.0 allows remote attackers to cause a denial of service (appli ...)
 	- gaim 1:1.2.1-1
 CVE-2005-XXXX [Insecure tempfile handling in openwebmail CGI scripts]
 	- openwebmail <removed>
-CVE-2005-0966
+CVE-2005-0966 (The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions,  ...)
 	- gaim 1:1.2.1-1 (bug #303581)
-CVE-2005-0965
+CVE-2005-0965 (The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlie ...)
 	- gaim 1:1.2.1-1 (bug #303581)
-CVE-2005-0964
+CVE-2005-0964 (Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier all ...)
 	NOT-FOR-US: Kerio firewall
-CVE-2005-0963
+CVE-2005-0963 (An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine  ...)
 	NOT-FOR-US: ACPI BIOS hardware issue
-CVE-2005-0962
+CVE-2005-0962 (SQL injection vulnerability in index.php for Lighthouse Squirrelcart a ...)
 	NOT-FOR-US: SquirrelCart
-CVE-2005-0961
+CVE-2005-0961 (Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-R ...)
 	- horde3 3.0.4-1
 	- horde2 2.2.8-1
-CVE-2005-0960
+CVE-2005-0960 (Multiple vulnerabilities in the SACK functionality in (1) tcp_input.c  ...)
 	NOT-FOR-US: OpenBSD
-CVE-2005-0959
+CVE-2005-0959 (Buffer overflow in the mt_do_dir function in YepYep mtftpd 0.0.3 may a ...)
 	NOT-FOR-US: YepYep mtftpd
-CVE-2005-0958
+CVE-2005-0958 (Format string vulnerability in the log_do function in log.c for YepYep ...)
 	NOT-FOR-US: YepYep mtftpd
-CVE-2005-0957
+CVE-2005-0957 (Bay Technical Associates RPC-3 Telnet Host 3.05 allows remote attacker ...)
 	NOT-FOR-US: BayTech RPC
-CVE-2005-0956
+CVE-2005-0956 (Multiple SQL injection vulnerabilities in index.php in InterAKT MX Kar ...)
 	NOT-FOR-US: InterAKT MX Kart
-CVE-2005-0955
+CVE-2005-0955 (SQL injection vulnerability in InterAKT MX Shop 1.1.1 allows remote at ...)
 	NOT-FOR-US: InterAKT MX Shop
-CVE-2005-0954
+CVE-2005-0954 (Windows Explorer and Internet Explorer in Windows 2000 SP1 allows remo ...)
 	NOT-FOR-US: Windows
-CVE-2005-0953
+CVE-2005-0953 (Race condition in bzip2 1.0.2 and earlier allows local users to modify ...)
 	{DSA-730-1}
 	- bzip2 1.0.2-6
 	NOTE: This "vulnerability" is only exploitable under rarest circumstances: A (local)
@@ -9339,35 +9339,35 @@ CVE-2005-0953
 	NOTE: the file and chmodding it to delete the file and place a hardlink to another
 	NOTE: file of the "attacked" user. Additionally the attacker needs write permissions
 	NOTE: to the directory where the file is being uncompressed, ruling out /~ etc.
-CVE-2005-0952
+CVE-2005-0952 (Cross-site scripting vulnerability in pafiledb.php in PaFileDB 3.1 all ...)
 	NOT-FOR-US: PafileDB
 CVE-2005-0951
 	REJECTED
-CVE-2005-0950
+CVE-2005-0950 (Directory traversal vulnerability in FastStone 4in1 Browser 1.2 allows ...)
 	NOT-FOR-US: FastStone 4in1 Browser
-CVE-2005-0949
+CVE-2005-0949 (Multiple cross-site scripting (XSS) vulnerabilities in content.asp in  ...)
 	NOT-FOR-US: PortalApp
-CVE-2005-0948
+CVE-2005-0948 (SQL injection vulnerability in ad_click.asp for PortalApp allows remot ...)
 	NOT-FOR-US: PortalApp
-CVE-2005-0947
+CVE-2005-0947 (Directory traversal vulnerability in auxpage.php in phpCoin 1.2.1b and ...)
 	NOT-FOR-US: phpCoin
-CVE-2005-0946
+CVE-2005-0946 (SQL injection vulnerability in phpCoin 1.2.1b and earlier allows remot ...)
 	NOT-FOR-US: phpCoin
-CVE-2005-0945
+CVE-2005-0945 (Cross-site scripting (XSS) vulnerability in ACS Blog 1.1.1 allows remo ...)
 	NOT-FOR-US: ACS Blog
-CVE-2005-0944
+CVE-2005-0944 (Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.86 ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0943
+CVE-2005-0943 (Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlie ...)
 	NOT-FOR-US: Cisco
-CVE-2005-0942
+CVE-2005-0942 (The XP Server process (xp_server) in Sybase Adaptive Server Enterprise ...)
 	NOT-FOR-US: Sybase ASE
-CVE-2005-0941
+CVE-2005-0941 (The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 ...)
 	- openoffice.org 1.1.3-9
 CVE-2005-0939
 	RESERVED
-CVE-2005-0938
+CVE-2005-0938 (Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web ro ...)
 	NOT-FOR-US: UBlog
-CVE-2005-0937
+CVE-2005-0937 (Some futex functions in futex.c for Linux kernel 2.6.x perform get_use ...)
 	- kernel-source-2.6.8 2.6.8-16
 CVE-2005-XXXX [Several DoS possibilities of clients against the server in Freeciv]
 	- freeciv 2.0.1-1
@@ -9375,742 +9375,742 @@ CVE-2005-XXXX [mailscanner: lock/pid file location symlink attack]
 	- mailscanner 4.40.11-1
 CVE-2005-XXXX [KDE Kopete ICQ remote DoS]
 	- kdenetwork 4:3.3.2-2
-CVE-2005-0936
+CVE-2005-0936 (Cross-site scripting vulnerability in products1h.php in ESMI PayPal St ...)
 	NOT-FOR-US: ESMI PayPal Storefront
-CVE-2005-0935
+CVE-2005-0935 (Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow ...)
 	NOT-FOR-US: ESMI PayPal Storefront
-CVE-2005-0934
+CVE-2005-0934 (Multiple cross-site scripting (XSS) vulnerabilities in WackoWiki R4 al ...)
 	NOT-FOR-US: WackoWiki
-CVE-2005-0933
+CVE-2005-0933 (Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b an ...)
 	NOT-FOR-US: phpCOIN
-CVE-2005-0932
+CVE-2005-0932 (Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier a ...)
 	NOT-FOR-US: phpCOIN
-CVE-2005-0931
+CVE-2005-0931 (PHP remote file inclusion vulnerability in The Includer 1.0 and 1.1 al ...)
 	NOT-FOR-US: The Includer
-CVE-2005-0930
+CVE-2005-0930 (Cross-site scripting (XSS) vulnerability in message.php in Chatness 2. ...)
 	NOT-FOR-US: Chatness
-CVE-2005-0929
+CVE-2005-0929 (SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote  ...)
 	NOT-FOR-US: PhotoPost PHP Pro
-CVE-2005-0928
+CVE-2005-0928 (Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP P ...)
 	NOT-FOR-US: PhotoPost PHP Pro
-CVE-2005-0927
+CVE-2005-0927 (Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has  ...)
 	NOT-FOR-US: WebAPP
-CVE-2005-0926
+CVE-2005-0926 (Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to ca ...)
 	- sylpheed 1.0.4-1
 	- sylpheed-claws 1.0.4-1
-CVE-2005-0925
+CVE-2005-0925 (Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload ...)
 	NOT-FOR-US: Uapplication Ublog
-CVE-2005-0924
+CVE-2005-0924 (Cross-site scripting (XSS) vulnerability in Adventia E-Data 2.0 allows ...)
 	NOT-FOR-US: Adventia E-Data
-CVE-2005-0923
+CVE-2005-0923 (The SmartScan feature in the Auto-Protect module for Symantec Norton A ...)
 	NOT-FOR-US: Norton AntiVirus
-CVE-2005-0922
+CVE-2005-0922 (Unknown vulnerability in the Auto-Protect module in Symantec Norton An ...)
 	NOT-FOR-US: Norton AntiVirus
-CVE-2005-0921
+CVE-2005-0921 (Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local ...)
 	NOT-FOR-US: Lotus
-CVE-2005-0920
+CVE-2005-0920 (Multiple SQL injection vulnerabilities in Bugtracker.NET 2.0.1 allow r ...)
 	NOT-FOR-US: Bugtracker.NET
-CVE-2005-0919
+CVE-2005-0919 (Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject ...)
 	NOT-FOR-US: Adventia E-Data
-CVE-2005-0918
+CVE-2005-0918 (The NPSVG3.dll ActiveX control for Adobe SVG Viewer 3.02 and earlier,  ...)
 	NOT-FOR-US: Adobe SVG Viewer
-CVE-2005-0917
+CVE-2005-0917 (PHP remote file inclusion vulnerability in index_header.php for Encaps ...)
 	NOT-FOR-US: EncapsBB
-CVE-2005-0916
+CVE-2005-0916 (AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with ...)
 	- kernel-source-2.6.8 2.6.8-16
 	- kernel-source-2.4.27 <not-affected>
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
-CVE-2005-0915
+CVE-2005-0915 (Webmasters-Debutants WD Guestbook 2.8 allows remote attackers to bypas ...)
 	NOT-FOR-US: Webmasters-Debutants WD Guestbook
-CVE-2005-0914
+CVE-2005-0914 (Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly 9 ...)
 	NOT-FOR-US: CPG Dragonfly
-CVE-2005-0913
+CVE-2005-0913 (Unknown vulnerability in the regex_replace modifier (modifier.regex_re ...)
 	- smarty 2.6.8-1
-CVE-2005-0912
+CVE-2005-0912 (Unknown vulnerabilities in deplate before 0.7.2 have unknown impact, p ...)
 	NOT-FOR-US: deplate
-CVE-2005-0911
+CVE-2005-0911 (Multiple SQL injection vulnerabilities in exoops may allow remote atta ...)
 	NOT-FOR-US: exoops
-CVE-2005-0910
+CVE-2005-0910 (Multiple cross-site scripting (XSS) vulnerabilities in exoops allow re ...)
 	NOT-FOR-US: exoops
-CVE-2005-0909
+CVE-2005-0909 (PHP remote file inclusion vulnerability in shoutact.php for TKai's Sho ...)
 	NOT-FOR-US: THai's Shoutbox
-CVE-2005-0908
+CVE-2005-0908 (Multiple cross-site scripting (XSS) vulnerabilities in Valdersoft Shop ...)
 	NOT-FOR-US: Valdersoft Shopping Cart
-CVE-2005-0907
+CVE-2005-0907 (Multiple SQL injection vulnerabilities in Valdersoft Shopping Cart 3.0 ...)
 	NOT-FOR-US: Valdersoft Shopping Cart
-CVE-2005-0906
+CVE-2005-0906 (Buffer overflow in a player logging function in the Tincat network lib ...)
 	NOT-FOR-US: Tincat network library
-CVE-2005-0905
+CVE-2005-0905 (Maxthon 1.2.0 allows remote malicious web sites to obtain potentially  ...)
 	NOT-FOR-US: Maxthon
-CVE-2005-0904
+CVE-2005-0904 (Remote Desktop in Windows XP SP1 does not verify the "Force shutdown f ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0903
+CVE-2005-0903 (Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attacke ...)
 	NOT-FOR-US: QuickTime PictureViewer
-CVE-2005-0902
+CVE-2005-0902 (SQL injection vulnerability in marks.php in NukeBookmarks 0.6 for PHP- ...)
 	NOT-FOR-US: NukeBookmarks for php-nuke
-CVE-2005-0901
+CVE-2005-0901 (Multiple cross-site scripting (XSS) vulnerabilities in NukeBookmarks 0 ...)
 	NOT-FOR-US: NukeBookmarks for php-nuke
-CVE-2005-0900
+CVE-2005-0900 (marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to ...)
 	NOT-FOR-US: NukeBookmarks for php-nuke
-CVE-2005-0899
+CVE-2005-0899 (AS/400 running OS400 5.2 installs and enables LDAP by default, which a ...)
 	NOT-FOR-US: AS/400 running OS400
-CVE-2005-0898
+CVE-2005-0898 (Cross-site scripting (XSS) vulnerability in downloadform.php in E-Stor ...)
 	NOT-FOR-US: E-Store Kit-2 PayPal Edition
-CVE-2005-0897
+CVE-2005-0897 (PHP remote file inclusion vulnerability in catalog.php in E-Store Kit- ...)
 	NOT-FOR-US: E-Store Kit-2 PayPal Edition
-CVE-2005-0896
+CVE-2005-0896 (Multiple cross-site scripting (XSS) vulnerabilities in review.php in p ...)
 	NOT-FOR-US: phpMyDirectory
-CVE-2005-0895
+CVE-2005-0895 (Netcomm 1300NB DSL Modem allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Netcomm 1300NB DSL Modem
-CVE-2005-0894
+CVE-2005-0894 (OpenmosixCollector and OpenMosixView in OpenMosixView 1.5 allow local  ...)
 	- openmosixview 1.5-7
-CVE-2005-0893
+CVE-2005-0893 (modes.c in smail 3.2.0.120 implements signal handlers with certain uns ...)
 	- smail <removed> (bug #335042; unimportant)
 	NOTE: cording to upstream impossible to exploit
-CVE-2005-0892
+CVE-2005-0892 (Buffer overflow in smail 3.2.0.120 allows remote attackers or local us ...)
 	{DSA-722-1}
 	- smail 3.2.0.115-7 (bug #301428; high)
-CVE-2005-0891
+CVE-2005-0891 (Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote a ...)
 	NOTE: The description is wrong; 2.6 is affected as well
 	- gtk+2.0 2.6.4-1
 	- gdk-pixbuf 0.22.0-7.1
-CVE-2005-0890
+CVE-2005-0890 (SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote at ...)
 	NOT-FOR-US: Dream4 Koobi CMS
-CVE-2005-0889
+CVE-2005-0889 (Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi ...)
 	NOT-FOR-US: Dream4 Koobi CMS
-CVE-2005-0888
+CVE-2005-0888 (Multiple cross-site scripting (XSS) vulnerabilities in functions.inc.p ...)
 	- dcl <not-affected> (Vulnerable code not present, affected dcl "Double Choco Latte")
 	NOTE: Until 2008 src:dcl was for the source for "Double Choco Latte". On
 	NOTE: 2017-08-30 an unrelated source took over the source package name dcl.
 	NOTE: Original issue fixed in dcl/1:0.9.4.4-1
-CVE-2005-0887
+CVE-2005-0887 (Eval injection vulnerability in Double Choco Latte before 0.9.4.3 allo ...)
 	- dcl <not-affected> (Vulnerable code not present, affected dcl "Double Choco Latte")
 	NOTE: Until 2008 src:dcl was for the source for "Double Choco Latte". On
 	NOTE: 2017-08-30 an unrelated source took over the source package name dcl.
 	NOTE: Original issue fixed in dcl/1:0.9.4.4-1
-CVE-2005-0886
+CVE-2005-0886 (Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2005-0885
+CVE-2005-0885 (Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 ...)
 	NOT-FOR-US: XMB Forum
-CVE-2005-0884
+CVE-2005-0884 (DigitalHive 2.0 allows remote attackers to re-install the product by d ...)
 	NOT-FOR-US: DigitalHive
-CVE-2005-0883
+CVE-2005-0883 (Multiple cross-site scripting (XSS) vulnerabilities in base.php for Di ...)
 	NOT-FOR-US: DigitalHive
-CVE-2005-0882
+CVE-2005-0882 (SQL injection vulnerability in admincore.php in BirdBlog before 1.2.0  ...)
 	NOT-FOR-US: BirdBlog
-CVE-2005-0881
+CVE-2005-0881 (Cross-site scripting (XSS) vulnerability in articles.newcomment for In ...)
 	NOT-FOR-US: Interspire ArticleLive
-CVE-2005-0880
+CVE-2005-0880 (content.php in Vortex Portal allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: Vortex Portal
-CVE-2005-0879
+CVE-2005-0879 (PHP remote file include vulnerability in (1) content.php and (2) index ...)
 	NOT-FOR-US: Vortex Portal
-CVE-2005-0878
+CVE-2005-0878 (Cross-site scripting (XSS) vulnerability in MercuryBoard before 1.1.3  ...)
 	NOT-FOR-US: MercuryBoard
-CVE-2005-0877
+CVE-2005-0877 (Dnsmasq before 2.21 allows remote attackers to poison the DNS cache vi ...)
 	- dnsmasq 2.21
-CVE-2005-0876
+CVE-2005-0876 (Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers  ...)
 	- dnsmasq 2.21
-CVE-2005-0875
+CVE-2005-0875 (Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0,  ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2005-0874
+CVE-2005-0874 (Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other  ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2005-0873
+CVE-2005-0873 (Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2005-0872
+CVE-2005-0872 (Cross-site scripting (XSS) vulnerability in calendar_scheduler.php in  ...)
 	NOT-FOR-US: Topic Calendar phpbb2 plugin
-CVE-2005-0871
+CVE-2005-0871 (calendar_scheduler.php in Topic Calendar 1.0.1 module for phpBB, when  ...)
 	NOT-FOR-US: Topic Calendar phpbb2 plugin
-CVE-2005-0870
+CVE-2005-0870 (Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, ...)
 	{DSA-899-1 DSA-898-1 DSA-897-1 DSA-724-1}
 	NOTE: Fix in phpsysinfo 2.3-3 was apparently incomplete.
 	- phpsysinfo 2.3-7
 	- egroupware 1.0.0.009.dfsg-3-3
 	- phpgroupware 0.9.16.008-2
-CVE-2005-0869
+CVE-2005-0869 (phpSysInfo 2.3 allows remote attackers to obtain sensitive information ...)
 	- phpsysinfo 2.3-3 (bug #301118; unimportant)
-CVE-2005-0868
+CVE-2005-0868 (AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) I ...)
 	- tn5250 <not-affected> (cannot find STRPCO or STRPCCMD in tn5250)
-CVE-2005-0867
+CVE-2005-0867 (Integer overflow in Linux kernel 2.6 allows local users to overwrite k ...)
 	- kernel-source-2.4.27 <not-affected> (kernel 2.4 doesn't have sysfs)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Not vulnerable, see #306137)
-CVE-2005-0866
+CVE-2005-0866 (cdrecord before 4:2.0, when DEBUG is enabled, allows local users to ov ...)
 	- cdrtools 4:2.01+01a01-4 (bug #291376; low)
 	[sarge] - cdrtools <no-dsa> (Only exploitable in rare debugging mode)
 	[woody] - cdrtools <no-dsa> (Only exploitable in rare debugging mode)
-CVE-2005-0865
+CVE-2005-0865 (Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) roo ...)
 	NOT-FOR-US: Samsung ADSL modems
-CVE-2005-0864
+CVE-2005-0864 (The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and pos ...)
 	NOT-FOR-US: Samsung ASDL modems, Debian's boa has been fixed years ago
-CVE-2005-0863
+CVE-2005-0863 (Cross-site scripting (XSS) vulnerability in PHPOpenChat v3.x allows re ...)
 	NOT-FOR-US: PHPOpenChat
-CVE-2005-0862
+CVE-2005-0862 (Multiple PHP remote file inclusion vulnerabilities in PHPOpenChat 3.0. ...)
 	NOT-FOR-US: PHPOpenChat
-CVE-2005-0861
+CVE-2005-0861 (Multiple buffer overflows in DeleGate before 8.11.1 may allow attacker ...)
 	NOT-FOR-US: Delegate
-CVE-2005-0860
+CVE-2005-0860 (PHP remote file inclusion vulnerability in TRG News Script 3.0 allows  ...)
 	NOT-FOR-US: TRG News Script
-CVE-2005-0859
+CVE-2005-0859 (PHP remote file inclusion vulnerability in CzarNews 1.13b allows remot ...)
 	NOT-FOR-US: CzarNews
-CVE-2005-0858
+CVE-2005-0858 (Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier al ...)
 	NOT-FOR-US: CoolForum
-CVE-2005-0857
+CVE-2005-0857 (Cross-site scripting (XSS) vulnerability in avatar.php for CoolForum 0 ...)
 	NOT-FOR-US: CoolForum
-CVE-2005-0856
+CVE-2005-0856 (CoolForum 0.8.1 beta and earlier allows remote attackers to manipulate ...)
 	NOT-FOR-US: CoolForum
-CVE-2005-0855
+CVE-2005-0855 (CoolForum 0.8.1 beta and earlier allows remote attackers to obtain sen ...)
 	NOT-FOR-US: CoolForum
-CVE-2005-0854
+CVE-2005-0854 (betaparticle blog (bp blog), posisbly before version 4, allows remote  ...)
 	NOT-FOR-US: betaparticle blog
-CVE-2005-0853
+CVE-2005-0853 (betaparticle blog (bp blog) stores the database under the web root, wh ...)
 	NOT-FOR-US: betaparticle blog
-CVE-2005-0852
+CVE-2005-0852 (Microsoft Windows XP SP1 allows local users to cause a denial of servi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2005-0851
+CVE-2005-0851 (FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression ...)
 	NOT-FOR-US: FileZilla FTP server
-CVE-2005-0850
+CVE-2005-0850 (FileZilla FTP server before 0.9.6 allows remote attackers to cause a d ...)
 	NOT-FOR-US: FileZilla FTP server
-CVE-2005-0849
+CVE-2005-0849 (Multiple games developed by FUN labs, including 4X4 Off-road Adventure ...)
 	NOT-FOR-US: Multiple commercial games by FUN Labs
-CVE-2005-0848
+CVE-2005-0848 (Multiple games developed by FUN labs, including 4X4 Off-road Adventure ...)
 	NOT-FOR-US: Multiple commercial games by FUN Labs
-CVE-2005-0847
+CVE-2005-0847 (Code Ocean FTP server 1.0 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Code Ocean FTP Server
-CVE-2005-0846
+CVE-2005-0846 (Multiple cross-site scripting (XSS) vulnerabilities in the email auto- ...)
 	NOT-FOR-US: SurgeMail
-CVE-2005-0845
+CVE-2005-0845 (Directory traversal vulnerability in the Webmail interface in SurgeMai ...)
 	NOT-FOR-US: SurgeMail
-CVE-2005-0844
+CVE-2005-0844 (Nortel VPN client 5.01 stores the cleartext password in the memory of  ...)
 	NOT-FOR-US: Nortel Contivity
-CVE-2005-0843
+CVE-2005-0843 (CRLF injection vulnerability in search.php in Phorum 5.0.14a allows re ...)
 	NOT-FOR-US: Phorum
-CVE-2005-0842
+CVE-2005-0842 (Cross-site scripting (XSS) vulnerability in index.php in Kayako eSuppo ...)
 	NOT-FOR-US: Kayako eSupport
-CVE-2005-0841
+CVE-2005-0841 (SQL injection vulnerability in (1) people.php, (2) track.php, (3) edit ...)
 	NOT-FOR-US: phpmyfamily
 CVE-2005-0840
 	REJECTED
-CVE-2005-0839
+CVE-2005-0839 (Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
-CVE-2005-0838
+CVE-2005-0838 (Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow ...)
 	- icecast2 <unfixed> (bug #301368; unimportant)
 	NOTE: According to upstream a non-issue
-CVE-2005-0837
+CVE-2005-0837 (IceCast 2.20 allows remote attackers to bypass the XSL parser and obta ...)
 	- icecast2 <unfixed> (bug #301368; unimportant)
 	NOTE: According to upstream a non-issue
-CVE-2005-0836
+CVE-2005-0836 (Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up t ...)
 	NOT-FOR-US: Java Web Start for proprietary Sun Java
-CVE-2005-0835
+CVE-2005-0835 (The SNMP service in the Belkin 54G (F5D7130) wireless router allows re ...)
 	NOT-FOR-US: Belkin 54G router
-CVE-2005-0834
+CVE-2005-0834 (Belkin 54G (F5D7130) wireless router enables SNMP by default in a mann ...)
 	NOT-FOR-US: Belkin 54G router
-CVE-2005-0833
+CVE-2005-0833 (Belkin 54G (F5D7130) wireless router allows remote attackers to access ...)
 	NOT-FOR-US: Belkin 54G router
-CVE-2005-0832
+CVE-2005-0832 (Cross-site scripting (XSS) vulnerability in PHP-Post before 0.33 allow ...)
 	NOT-FOR-US: PHP-Post
-CVE-2005-0831
+CVE-2005-0831 (PHP-Post allows remote attackers to spoof the names of other users by  ...)
 	NOT-FOR-US: PHP-Post
-CVE-2005-0830
+CVE-2005-0830 (Multiple buffer overflows in Xzabite DYNDNSUpdate 0.6.15 and earlier,  ...)
 	NOT-FOR-US: Xzabite DynDNS Updater
-CVE-2005-0829
+CVE-2005-0829 (Cross-site scripting (XSS) vulnerability in setuser.php of the Digitan ...)
 	NOT-FOR-US: PHP-Fusion Addon
-CVE-2005-0828
+CVE-2005-0828 (highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1. ...)
 	NOT-FOR-US: e-Xoops based products
-CVE-2005-0827
+CVE-2005-0827 (Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev ...)
 	NOT-FOR-US: e-Xoops based products
-CVE-2005-0826
+CVE-2005-0826 (OllyDbg 1.10 and earlier allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: OllyDbg MS Windows debugger
-CVE-2005-0825
+CVE-2005-0825 (Buffer overflow in LTris before 1.0.10 allows local users to execute a ...)
 	- ltris 1.0.6-1.1 (bug #291620)
-CVE-2005-0824
+CVE-2005-0824 (The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1. ...)
 	- mathopd 1.5p5-1
 CVE-2005-XXXX [Various /tmp related security issues in cernlib]
 	- cernlib 2004.11.04-3
-CVE-2005-0823
+CVE-2005-0823 (ThePoolClub (1) iPool and (2) iSnooker 1.6.81 and earlier stores usern ...)
 	NOT-FOR-US: iSnooker
-CVE-2005-0822
+CVE-2005-0822 (Citrix Metaframe Password Manager 2.5 and earlier stores a password in ...)
 	NOT-FOR-US: Citrix
-CVE-2005-0821
+CVE-2005-0821 (Unknown vulnerability in Citrix MetaFrame Conferencing Manager 3.0 all ...)
 	NOT-FOR-US: Citrix
-CVE-2005-0820
+CVE-2005-0820 (Microsoft Office InfoPath 2003 SP1 includes sensitive information in t ...)
 	NOT-FOR-US: MS Office
-CVE-2005-0819
+CVE-2005-0819 (The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attacke ...)
 	NOT-FOR-US: Novell Netware
-CVE-2005-0818
+CVE-2005-0818 (Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote  ...)
 	NOT-FOR-US: Pun BB
-CVE-2005-0817
+CVE-2005-0817 (Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway S ...)
 	NOT-FOR-US: Symantec Gateway
-CVE-2005-0816
+CVE-2005-0816 (Buffer overflow in newgrp in Solaris 7 through 9 allows local users to ...)
 	NOT-FOR-US: Solaris
-CVE-2005-0815
+CVE-2005-0815 (Multiple "range checking flaws" in the ISO9660 filesystem handler in L ...)
 	- kernel-source-2.4.27 2.4.27-10 (bug #300783; medium)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc1)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
-CVE-2005-0814
+CVE-2005-0814 (Unknown vulnerability in lshd in Lysator LSH 1.x and 2.x before 2.0.1  ...)
 	{DSA-717-1}
 	- lsh-utils 2.0.1-1
-CVE-2005-0813
+CVE-2005-0813 (Buffer overflow in Initial Redirect (ir) Squid Proxy Plug-In 0.1 and 0 ...)
 	NOT-FOR-US: ir
-CVE-2005-0812
+CVE-2005-0812 (The web interface in NotifyLink 3.0 displays passwords in cleartext on ...)
 	NOT-FOR-US: NotifyLink
-CVE-2005-0811
+CVE-2005-0811 (The web interface in NotifyLink 3.0 does not properly restrict access  ...)
 	NOT-FOR-US: NotifyLink
-CVE-2005-0810
+CVE-2005-0810 (SQL injection vulnerability in NotifyLink before 3.0 allows remote att ...)
 	NOT-FOR-US: NotifyLink
-CVE-2005-0809
+CVE-2005-0809 (NotifyLink, when configured for client key retrieval, allows remote at ...)
 	NOT-FOR-US: NotifyLink
-CVE-2005-0808
+CVE-2005-0808 (Apache Tomcat before 5.x allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Does not affect Tomcat 4.x according to http://www.securityfocus.com/bid/12795/info/
-CVE-2005-0807
+CVE-2005-0807 (Multiple buffer overflows in Cain &amp; Abel before 2.67 allow remote  ...)
 	NOT-FOR-US: Cain &amp; Abel
-CVE-2005-0806
+CVE-2005-0806 (Evolution 2.0.3 allows remote attackers to cause a denial of service ( ...)
 	- evolution 2.0.4-2
-CVE-2005-0805
+CVE-2005-0805 (SQL injection vulnerability in index.php in Subdreamer Light, when mag ...)
 	NOT-FOR-US: Subdreamer
-CVE-2005-0804
+CVE-2005-0804 (Format string vulnerability in MailEnable 1.8 allows remote attackers  ...)
 	NOT-FOR-US: MailEnable
-CVE-2005-0803
+CVE-2005-0803 (The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allo ...)
 	NOT-FOR-US: Windows
-CVE-2005-0802
+CVE-2005-0802 (Cross-site scripting (XSS) vulnerability in search.asp in ACS Blog 0.8 ...)
 	NOT-FOR-US: ACS Blog
-CVE-2005-0801
+CVE-2005-0801 (Directory traversal vulnerability in includer.cgi in The Includer allo ...)
 	NOT-FOR-US: The Includer
-CVE-2005-0800
+CVE-2005-0800 (PHP remote file inclusion vulnerability in install.php in mcNews 1.3 a ...)
 	NOT-FOR-US: mcNews
-CVE-2005-0799
+CVE-2005-0799 (MySQL 4.1.9, and possibly earlier versions, allows remote attackers wi ...)
 	NOT-FOR-US: MySQL on Windows
-CVE-2005-0798
+CVE-2005-0798 (Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does ...)
 	NOT-FOR-US: Novell iChain
-CVE-2005-0797
+CVE-2005-0797 (Novell iChain Mini FTP Server 2.3 displays different error messages if ...)
 	NOT-FOR-US: Novell iChain
-CVE-2005-0796
+CVE-2005-0796 (Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote att ...)
 	NOT-FOR-US: Hola CMS
-CVE-2005-0795
+CVE-2005-0795 (HolaCMS 1.4.9 does not restrict file access to the holaDB/votes direct ...)
 	NOT-FOR-US: Hola CMS
-CVE-2005-0794
+CVE-2005-0794 (ZPanel 2.0 and 2.5 beta 10 does not remove or protect installation scr ...)
 	NOT-FOR-US: ZPanel
-CVE-2005-0793
+CVE-2005-0793 (PHP remote file inclusion vulnerability in zpanel.php in ZPanel allows ...)
 	NOT-FOR-US: ZPanel
-CVE-2005-0792
+CVE-2005-0792 (SQL injection vulnerability in ZPanel 2.0 allows remote attackers to e ...)
 	NOT-FOR-US: ZPanel
-CVE-2005-0791
+CVE-2005-0791 (Cross-site scripting (XSS) vulnerability in adframe.php in phpAdsNew 2 ...)
 	NOT-FOR-US: phpAdsNew
-CVE-2005-0790
+CVE-2005-0790 (phpAdsNew 2.0.4 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: phpAdsNew
-CVE-2005-0786
+CVE-2005-0786 (SQL injection vulnerability in gb_new.inc in SimpGB allows remote atta ...)
 	NOT-FOR-US: SimpGB
-CVE-2005-0785
+CVE-2005-0785 (Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2 ...)
 	NOT-FOR-US: YaBB
-CVE-2005-0784
+CVE-2005-0784 (Multiple cross-site scripting (XSS) vulnerabilities in Phorum before 5 ...)
 	NOT-FOR-US: Phorum
-CVE-2005-0783
+CVE-2005-0783 (Cross-site scripting (XSS) vulnerability in Phorum before 5.0.14a allo ...)
 	NOT-FOR-US: Phorum
-CVE-2005-0782
+CVE-2005-0782 (Cross-site scripting (XSS) vulnerability in (1) viewall.php and (2) ca ...)
 	NOT-FOR-US: paFileDB
-CVE-2005-0781
+CVE-2005-0781 (SQL injection vulnerability in (1) viewall.php and (2) category.php in ...)
 	NOT-FOR-US: paFileDB
-CVE-2005-0780
+CVE-2005-0780 (paFileDB 3.1 and earlier allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: paFileDB
-CVE-2005-0779
+CVE-2005-0779 (PlatinumFTP 1.0.18, and possibly earlier versions, allows remote attac ...)
 	NOT-FOR-US: PlatinumFTP
-CVE-2005-0778
+CVE-2005-0778 (PhotoPost PHP 5.0 RC3 does not fully verify that an uploaded file is a ...)
 	NOT-FOR-US: PhotoPost
-CVE-2005-0777
+CVE-2005-0777 (Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP 5 ...)
 	NOT-FOR-US: PhotoPost
-CVE-2005-0776
+CVE-2005-0776 (adm-photo.php in PhotoPost PHP 5.0 RC3 does not properly verify admini ...)
 	NOT-FOR-US: PhotoPost
-CVE-2005-0775
+CVE-2005-0775 (The reportpost action in misc.php for PhotoPost PHP 5.0 RC3 does not l ...)
 	NOT-FOR-US: PhotoPost
-CVE-2005-0774
+CVE-2005-0774 (SQL injection vulnerability in member.php and possibly other scripts i ...)
 	NOT-FOR-US: PhotoPost
-CVE-2005-0773
+CVE-2005-0773 (Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 th ...)
 	NOT-FOR-US: VERITAS Backup Exec
-CVE-2005-0772
+CVE-2005-0772 (VERITAS Backup Exec 9.0 through 10.0 for Windows Servers, and 9.0.4019 ...)
 	NOT-FOR-US: VERITAS Backup Exec
-CVE-2005-0771
+CVE-2005-0771 (VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows ...)
 	NOT-FOR-US: VERITAS Backup Exec
-CVE-2005-0770
+CVE-2005-0770 (Format string vulnerability in DataRescue Interactive Disassembler and ...)
 	NOT-FOR-US: IDA Pro
-CVE-2005-0768
+CVE-2005-0768 (Buffer overflow in the administration web server for GoodTech Telnet S ...)
 	NOT-FOR-US: GoodTech Telnet Server
-CVE-2005-0767
+CVE-2005-0767 (Race condition in the Radeon DRI driver for Linux kernel 2.6.8.1 allow ...)
 	- kernel-source-2.6.8 2.6.8-15
-CVE-2005-0766
+CVE-2005-0766 (Unknown vulnerability in the sFlow dissector in Ethereal 0.9.14 throug ...)
 	- ethereal 0.10.10-1
-CVE-2005-0765
+CVE-2005-0765 (Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows  ...)
 	- ethereal 0.10.10-1
-CVE-2005-0764
+CVE-2005-0764 (Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote ...)
 	- rxvt-unicode 5.3-1
-CVE-2005-0763
+CVE-2005-0763 (Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allo ...)
 	{DSA-698-1}
 	- mc 1:4.6.0-4.6.1-pre3-1
 	NOTE: Sarge-specific regression correcting a previous DSA.
-CVE-2005-0762
+CVE-2005-0762 (Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 ...)
 	{DSA-702-1}
 	- imagemagick 5:6.0.0-1
 	NOTE: Does only affect imagemagick releases prior to 6
-CVE-2005-0761
+CVE-2005-0761 (Unknown vulnerability in ImageMagick before 6.1.8 allows remote attack ...)
 	- imagemagick 5:6.0.2.5 (bug #301110)
-CVE-2005-0760
+CVE-2005-0760 (The TIFF decoder in ImageMagick before 6.0 allows remote attackers to  ...)
 	{DSA-702-1}
 	- imagemagick 5:6.0.0-1
 	NOTE: Does only affect imagemagick releases prior to 6
-CVE-2005-0759
+CVE-2005-0759 (ImageMagick before 6.0 allows remote attackers to cause a denial of se ...)
 	{DSA-702-1}
 	- imagemagick 5:6.0.0-1
 	NOTE: Does only affect imagemagick releases prior to 6
-CVE-2005-0758
+CVE-2005-0758 (zgrep in gzip before 1.3.5 does not properly sanitize arguments, which ...)
 	NOTE: see http://bugs.gentoo.org/show_bug.cgi?id=90626
 	- gzip 1.3.5-10 (low)
 	- bzip2 1.0.2-8.1 (bug #321286; low)
 	[sarge] - bzip2 <no-dsa> (Minor issue)
-CVE-2005-0757
+CVE-2005-0757 (The xattr file system code, as backported in Red Hat Enterprise Linux  ...)
 	{DSA-922-1 DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (bug #311164)
 	- linux-2.6 <not-affected> (Fixed before upload in archive)
-CVE-2005-0756
+CVE-2005-0756 (ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on t ...)
 	{DSA-922-1 DSA-921-1}
 	- kernel-source-2.4.27 2.4.27-11 (medium)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.12-rc5)
-CVE-2005-0755
+CVE-2005-0755 (Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player  ...)
 	- helix-player 1.0.4-1
-CVE-2005-0754
+CVE-2005-0754 (Kommander in KDE 3.2 through KDE 3.4.0 executes data files without con ...)
 	- kdewebdev 1:3.3.2-6
-CVE-2005-0753
+CVE-2005-0753 (Buffer overflow in CVS before 1.11.20 allows remote attackers to execu ...)
 	{DSA-742-1}
 	- cvs 1:1.12.9-13
-CVE-2005-0752
+CVE-2005-0752 (The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote  ...)
 	- mozilla-firefox 1.0.3-1
 CVE-2005-0751
 	REJECTED
-CVE-2005-0750
+CVE-2005-0750 (The bluez_sock_create function in the Bluetooth stack for Linux kernel ...)
 	- kernel-source-2.4.27 2.4.27-10
 	[sarge] - kernel-source-2.6.8 2.6.8-16
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.5)
-CVE-2005-0749
+CVE-2005-0749 (The load_elf_library in the Linux kernel before 2.6.11.6 allows local  ...)
 	[sarge] - kernel-source-2.6.8 2.6.8-16
 	- kernel-source-2.4.27 2.4.27-10
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.6)
 CVE-2005-XXXX [Connection related DoS possibility in OmniORB 4]
 	- omniorb4 4.0.5-2
-CVE-2005-0789
+CVE-2005-0789 (Directory traversal vulnerability in LimeWire 3.9.6 through 4.6.0 allo ...)
 	NOT-FOR-US: not part of Woody, has been removed from sarge/sid
-CVE-2005-0788
+CVE-2005-0788 (LimeWire 4.1.2 through 4.5.6 allows remote attackers to read arbitrary ...)
 	NOT-FOR-US: Limewire has been removed from Sarge and sid, was never part of stable
-CVE-2005-0787
+CVE-2005-0787 (Wine 20050211 and earlier creates temp files with world readable permi ...)
 	- wine 0.0.20050310-1.1
-CVE-2005-0769
+CVE-2005-0769 (Multiple buffer overflows in OpenSLP before 1.1.5 allow remote attacke ...)
 	- openslp 1.0.11a-2
-CVE-2005-0748
+CVE-2005-0748 (PHP remote file inclusion vulnerability in initdb.php for WEBInsta Mai ...)
 	NOT-FOR-US: WEBInsta
-CVE-2005-0747
+CVE-2005-0747 (ApplyYourself i-Class allows remote attackers to obtain sensitive info ...)
 	NOT-FOR-US: ApplyYourself
-CVE-2005-0746
+CVE-2005-0746 (The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier allow ...)
 	NOT-FOR-US: Novell iChain
-CVE-2005-0745
+CVE-2005-0745 (UTStarcom iAN-02EX VoIP Analog Terminal Adaptor (ATA) allows local use ...)
 	NOT-FOR-US: UTStarcom iAN-02EX VoIP Analog Terminal Adaptor
-CVE-2005-0744
+CVE-2005-0744 (The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers ...)
 	NOT-FOR-US: Novell iChain
-CVE-2005-0743
+CVE-2005-0743 (The custom avatar uploading feature (uploader.php) for XOOPS 2.0.9.2 a ...)
 	NOT-FOR-US: Xoops
-CVE-2005-0742
+CVE-2005-0742 (Cross-site scripting (XSS) vulnerability in Sun Java System Applicatio ...)
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2005-0741
+CVE-2005-0741 (Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 a ...)
 	NOT-FOR-US: YaBB
-CVE-2005-0740
+CVE-2005-0740 (The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attac ...)
 	NOT-FOR-US: OpenBSD
-CVE-2005-0739
+CVE-2005-0739 (The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does n ...)
 	{DSA-718-1}
 	- ethereal 0.10.10-1
-CVE-2005-0738
+CVE-2005-0738 (Stack consumption vulnerability in Microsoft Exchange Server 2003 SP1  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0737
+CVE-2005-0737 (Buffer overflow in Yahoo! Messenger allows remote attackers to execute ...)
 	NOT-FOR-US: Yahoo Messenger
-CVE-2005-0736
+CVE-2005-0736 (Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 ...)
 	- kernel-source-2.4.27 <not-affected> (There is no epoll in kernel 2.4)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.1)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2005-0735
+CVE-2005-0735 (newsscript.pl for NewsScript allows remote attackers to gain privilege ...)
 	NOT-FOR-US: newsscript
-CVE-2005-0734
+CVE-2005-0734 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote att ...)
 	NOT-FOR-US: PY Software Active Webcam WebServer
-CVE-2005-0733
+CVE-2005-0733 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote att ...)
 	NOT-FOR-US: PY Software Active Webcam WebServer
-CVE-2005-0732
+CVE-2005-0732 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote att ...)
 	NOT-FOR-US: PY Software Active Webcam WebServer
-CVE-2005-0731
+CVE-2005-0731 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote att ...)
 	NOT-FOR-US: PY Software Active Webcam WebServer
-CVE-2005-0730
+CVE-2005-0730 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote att ...)
 	NOT-FOR-US: PY Software Active Webcam WebServer
-CVE-2005-0729
+CVE-2005-0729 (Format string vulnerability in Xpand Rally 1.1.0.0 and earlier allows  ...)
 	NOT-FOR-US: Xpand Rally
 CVE-2005-0728
 	REJECTED
 CVE-2005-0727
 	REJECTED
-CVE-2005-0726
+CVE-2005-0726 (SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows  ...)
 	NOT-FOR-US: UBB.threads
-CVE-2005-0725
+CVE-2005-0725 (SQL injection vulnerability in the getAllbyArticle function in wfsfile ...)
 	NOT-FOR-US: wfsections
-CVE-2005-0724
+CVE-2005-0724 (paFileDB 3.1 and earlier allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: paFileDB
-CVE-2005-0723
+CVE-2005-0723 (Cross-site scripting (XSS) vulnerability in the jumpmenu function in f ...)
 	NOT-FOR-US: paFileDB
-CVE-2005-0722
+CVE-2005-0722 (eXPerience2 allows remote attackers to obtain the full path for the we ...)
 	NOT-FOR-US: eXPerience2
-CVE-2005-0721
+CVE-2005-0721 (PHP remote file inclusion vulnerability in modules.php in eXPerience2  ...)
 	NOT-FOR-US: eXPerience2
-CVE-2005-0720
+CVE-2005-0720 (PHP remote file inclusion vulnerability in admin/header.php in PHP mcN ...)
 	NOT-FOR-US: mcNews
-CVE-2005-0719
+CVE-2005-0719 (Unknown vulnerability in the systems message queue in HP Tru64 Unix 4. ...)
 	NOT-FOR-US: Tru64
-CVE-2005-0718
+CVE-2005-0718 (Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denia ...)
 	- squid 2.5.8 (bug #305605)
 CVE-2005-0717
 	RESERVED
-CVE-2005-0716
+CVE-2005-0716 (Stack-based buffer overflow in the Core Foundation Library in Mac OS X ...)
 	NOT-FOR-US: Mac OS
-CVE-2005-0715
+CVE-2005-0715 (AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Dr ...)
 	NOT-FOR-US: Mac OS
 CVE-2005-0714
 	REJECTED
-CVE-2005-0713
+CVE-2005-0713 (The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launch ...)
 	NOT-FOR-US: Mac OS
-CVE-2005-0712
+CVE-2005-0712 (Mac OS X before 10.3.8 users world-writable permissions for certain di ...)
 	NOT-FOR-US: Mac OS
-CVE-2005-0711
+CVE-2005-0711 (MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable fil ...)
 	{DSA-707-1}
 	- mysql-dfsg 4.0.24
 	- mysql-dfsg-4.1 4.1.10a
-CVE-2005-0710
+CVE-2005-0710 (MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authen ...)
 	{DSA-707-1}
 	- mysql-dfsg 4.0.24
 	- mysql-dfsg-4.1 4.1.10a
-CVE-2005-0709
+CVE-2005-0709 (MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authen ...)
 	{DSA-707-1}
 	- mysql-dfsg 4.0.24
 	- mysql-dfsg-4.1 4.1.10a
-CVE-2005-0708
+CVE-2005-0708 (The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 ...)
 	- kfreebsd-8 <not-affected> (Fixed before initial release; bug #613311)
 	- kfreebsd-7 <not-affected> (Fixed before initial release; bug #613311)
-CVE-2005-0707
+CVE-2005-0707 (Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collabo ...)
 	NOT-FOR-US: Ipswitch Collaboration Suite
-CVE-2005-0706
+CVE-2005-0706 (Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a ...)
 	[sarge] - gnome-vfs2 <not-affected> (does not install the module with the vulnerable code)
 	- grip 3.2.0-4 (low)
 	- libcdaudio 0.99.9-2.1 (bug #304799; low)
 	- gnome-vfs 1.0.5-5.1 (bug #305163; low)
 	- gnome-vfs2 2.10.1-3
-CVE-2005-0705
+CVE-2005-0705 (The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the "ig ...)
 	- ethereal 0.10.10-1
-CVE-2005-0704
+CVE-2005-0704 (Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0. ...)
 	- ethereal 0.10.10-1
-CVE-2005-0703
+CVE-2005-0703 (Xerox MicroServer Web Server for various WorkCentre products including ...)
 	NOT-FOR-US: Xerox MicroServer Web Server
-CVE-2005-0702
+CVE-2005-0702 (SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote atta ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2005-0701
+CVE-2005-0701 (Directory traversal vulnerability in Oracle Database Server 8i and 9i  ...)
 	NOT-FOR-US: Oracle
-CVE-2005-0700
+CVE-2005-0700 (The export_index action in myadmin.php for Aztek Forum 4.0 allows remo ...)
 	NOT-FOR-US: Aztek
-CVE-2005-0699
+CVE-2005-0699 (Multiple buffer overflows in the dissect_a11_radius function in the CD ...)
 	- ethereal 0.10.9-2
-CVE-2005-0698
+CVE-2005-0698 (PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier ...)
 	NOT-FOR-US: PHPWebLog
-CVE-2005-0697
+CVE-2005-0697 (SQL injection vulnerability in the process_picture function xp_publish ...)
 	NOT-FOR-US: CopperExport
-CVE-2005-0696
+CVE-2005-0696 (Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote authentic ...)
 	NOT-FOR-US: ArGoSoft
-CVE-2005-0695
+CVE-2005-0695 (The password recovery feature (forgotpassword.asp) in Hosting Controll ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2005-0694
+CVE-2005-0694 (Hosting Controller 6.1 Hotfix 1.7 and earlier stores log files under t ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2005-0693
+CVE-2005-0693 (Buffer overflow in JoWood Chaser 1.50 and earlier allows remote attack ...)
 	NOT-FOR-US: JoWood Chaser (for Windows)
-CVE-2005-0692
+CVE-2005-0692 (Cross-site scripting (XSS) vulnerability in fusion_core.php for PHP-Fu ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2005-0691
+CVE-2005-0691 (PHP remote file inclusion vulnerability in article mode for modules.ph ...)
 	NOT-FOR-US: SocialMPN
-CVE-2005-0690
+CVE-2005-0690 (Gene6 FTP Server does not properly restrict access to the control cons ...)
 	NOT-FOR-US: Gene6 FTP Server for Win
-CVE-2005-0689
+CVE-2005-0689 (includer.cgi in The Includer allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: The Includer
-CVE-2005-0688
+CVE-2005-0688 (Windows Server 2003 and XP SP2, with Windows Firewall turned off, allo ...)
 	NOT-FOR-US: Windows
-CVE-2005-0687
+CVE-2005-0687 (Format string vulnerability in Hashcash 1.16 allows remote attackers t ...)
 	- hashcash 1.17-1
-CVE-2005-0686
+CVE-2005-0686 (Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf suppor ...)
 	- mlterm 2.9.2 (bug #298621)
-CVE-2005-0685
+CVE-2005-0685 (Multiple access validation errors in OutStart Participate Enterprise ( ...)
 	NOT-FOR-US: OutStart Participate Enterprise
-CVE-2005-0684
+CVE-2005-0684 (Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.0 ...)
 	- maxdb-7.5.00 7.5.00.24-3
 CVE-2005-0683
 	REJECTED
-CVE-2005-0682
+CVE-2005-0682 (Cross-site scripting (XSS) vulnerability in common.inc in Drupal befor ...)
 	- drupal 4.5.2
-CVE-2005-0681
+CVE-2005-0681 (Nokia Symbian 60 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Nokia
-CVE-2005-0680
+CVE-2005-0680 (PHP remote file inclusion vulnerability in download_center_lite.inc.ph ...)
 	NOT-FOR-US: Download Center Lite
-CVE-2005-0679
+CVE-2005-0679 (PHP remote file inclusion vulnerability in tell_a_friend.inc.php for T ...)
 	NOT-FOR-US: Tell A Friend Script
-CVE-2005-0678
+CVE-2005-0678 (PHP remote file inclusion vulnerability in formmail.inc.php for Form M ...)
 	NOT-FOR-US: Form Mail Script
-CVE-2005-0677
+CVE-2005-0677 (index.php for Zorum 3.5 allows remote attackers to perform certain act ...)
 	NOT-FOR-US: Zorum
-CVE-2005-0676
+CVE-2005-0676 (index.php in Zorum 3.5 allows remote attackers to trigger an SQL error ...)
 	NOT-FOR-US: Zorum
-CVE-2005-0675
+CVE-2005-0675 (Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.5 al ...)
 	NOT-FOR-US: Zorum
-CVE-2005-0674
+CVE-2005-0674 (Cross-site scripting (XSS) vulnerability in the News module for paBox  ...)
 	NOT-FOR-US: Pabox for PHPNuke
-CVE-2005-0673
+CVE-2005-0673 (Cross-site scripting (XSS) vulnerability in usercp_register.php for ph ...)
 	- phpbb2 2.0.13-2
-CVE-2005-0672
+CVE-2005-0672 (Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows re ...)
 	NOT-FOR-US: Ca3DE
-CVE-2005-0671
+CVE-2005-0671 (Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 ...)
 	NOT-FOR-US: Ca3DE
-CVE-2005-0670
+CVE-2005-0670 (Cross-site scripting (XSS) vulnerability in phpCOIN 1.2.0 through 1.2. ...)
 	NOT-FOR-US: phpCOIN
-CVE-2005-0669
+CVE-2005-0669 (Multiple SQL injection vulnerabilities in mod.php for phpCOIN 1.2.0 th ...)
 	NOT-FOR-US: phpCOIN
-CVE-2005-0668
+CVE-2005-0668 (Unknown vulnerability in HTTP Anti Virus Proxy (HAVP) before 0.51 prev ...)
 	NOT-FOR-US: HAVP
-CVE-2005-0667
+CVE-2005-0667 (Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9 ...)
 	- sylpheed 1.0.3-1
 	- sylpheed-claws 1.0.3-1
-CVE-2005-0666
+CVE-2005-0666 (Unknown vulnerability in PaX from the September 2003 release to 2.2 be ...)
 	- kernel-patch-adamantix 1.7
-CVE-2005-0665
+CVE-2005-0665 (Format string vulnerability in xv before 3.10a allows remote attackers ...)
 	NOT-FOR-US: XV
-CVE-2005-0664
+CVE-2005-0664 (Buffer overflow in the EXIF library (libexif) 0.6.9 does not properly  ...)
 	{DSA-709-1}
 	- libexif 0.6.9-5
-CVE-2005-0663
+CVE-2005-0663 (SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows ...)
 	NOT-FOR-US: Mercury Board
-CVE-2005-0662
+CVE-2005-0662 (Cross-site scripting (XSS) vulnerability in index.php for MercuryBoard ...)
 	NOT-FOR-US: Mercury Board
-CVE-2005-0661
+CVE-2005-0661 (SQL injection vulnerability in the getwbbuserdata function in session. ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2005-0660
+CVE-2005-0660 (Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 al ...)
 	NOT-FOR-US: D-Forum
-CVE-2005-0659
+CVE-2005-0659 (phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive i ...)
 	- phpbb2 <unfixed> (unimportant)
-CVE-2005-0658
+CVE-2005-0658 (SQL injection vulnerability in a third party extension to TYPO3 allows ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2005-0657
+CVE-2005-0657 (Directory traversal vulnerability in Computalynx CProxy 3.3.x and 3.4. ...)
 	NOT-FOR-US: Computalynx CProxy
-CVE-2005-0656
+CVE-2005-0656 (Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 all ...)
 	NOT-FOR-US: auraCMS
-CVE-2005-0655
+CVE-2005-0655 (auraCMS 1.5 allows remote attackers to obtain sensitive information vi ...)
 	NOT-FOR-US: auraCMS
-CVE-2005-0654
+CVE-2005-0654 (gifload.exe in GIMP 2.0.5, 2.2.3, and possibly 2.2.4 allows remote att ...)
 	NOTE: this is not a security issue according to maintainer
-CVE-2005-0653
+CVE-2005-0653 (phpMyAdmin 2.6.1 does not properly grant permissions on tables with an ...)
 	- phpmyadmin 3:2.6.1-pl3-1
-CVE-2005-0652
+CVE-2005-0652 (Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha  ...)
 	NOT-FOR-US: OpenVMS
-CVE-2005-0651
+CVE-2005-0651 (Multiple SQL injection vulnerabilities in ProjectBB 0.4.5.1 allow remo ...)
 	NOT-FOR-US: ProjectBB
-CVE-2005-0650
+CVE-2005-0650 (Multiple cross-site scripting (XSS) vulnerabilities in ProjectBB 0.4.5 ...)
 	NOT-FOR-US: ProjectBB
-CVE-2005-0649
+CVE-2005-0649 (Pixel-Apes SafeHTML before 1.2.1 allows remote attackers to bypass cro ...)
 	NOT-FOR-US: Pixel-Apes SafeHTML
-CVE-2005-0648
+CVE-2005-0648 (Multiple vulnerabilities in Pixel-Apes SafeHTML before 1.3.0 allow rem ...)
 	NOT-FOR-US: Pixel-Apes SafeHTML
-CVE-2005-0647
+CVE-2005-0647 (admin_setup.php in paNews 2.0.4b allows remote attackers to inject arb ...)
 	NOT-FOR-US: paNews
-CVE-2005-0646
+CVE-2005-0646 (SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote ...)
 	NOT-FOR-US: paNews
-CVE-2005-0645
+CVE-2005-0645 (Cross-site scripting (XSS) vulnerability in show.inc.php in cuteNews 1 ...)
 	NOT-FOR-US: CuteNews
-CVE-2005-0644
+CVE-2005-0644 (Buffer overflow in McAfee Scan Engine 4320 with DAT version before 443 ...)
 	NOT-FOR-US: McAfee Virus Scanners
-CVE-2005-0643
+CVE-2005-0643 (Buffer overflow in McAfee Scan Engine 4320 with DAT version before 435 ...)
 	NOT-FOR-US: McAfee Virus Scanners
-CVE-2005-0642
+CVE-2005-0642 (SQL injection vulnerability in the Query Designer for Computer Associa ...)
 	NOT-FOR-US: Computer Associates UAM
-CVE-2005-0641
+CVE-2005-0641 (Cross-site scripting (XSS) vulnerability in the Reporter for Computer  ...)
 	NOT-FOR-US: Computer Associates UAM
-CVE-2005-0640
+CVE-2005-0640 (Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 does not ...)
 	NOT-FOR-US: Computer Associates UAM
-CVE-2005-0639
+CVE-2005-0639 (Multiple vulnerabilities in xli before 1.17 may allow remote attackers ...)
 	{DSA-695-1 DSA-694-1}
 	- xloadimage 4.1-14.2
 	- xli 1.17.0-17
-CVE-2005-0638
+CVE-2005-0638 (xloadimage before 4.1-r2, and xli before 1.17, allows attackers to exe ...)
 	{DSA-695-1 DSA-694-1}
 	- xli 1.17.0-18
 	- xloadimage 4.1-14.1 (bug #298926)
-CVE-2005-0637
+CVE-2005-0637 (The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, ...)
 	NOT-FOR-US: OpenBSD
-CVE-2005-0636
+CVE-2005-0636 (Format string vulnerability in Foxmail Server 2.0 allows remote attack ...)
 	NOT-FOR-US: Foxmail
-CVE-2005-0635
+CVE-2005-0635 (Buffer overflow in Foxmail Server 2.0 allows remote attackers to execu ...)
 	NOT-FOR-US: Foxmail
-CVE-2005-0634
+CVE-2005-0634 (Buffer overflow in Golden FTP Server 1.92 allows remote attackers to e ...)
 	NOT-FOR-US: Golden FTP Server
-CVE-2005-0633
+CVE-2005-0633 (Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2005-0632
+CVE-2005-0632 (PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 a ...)
 	NOT-FOR-US: PHPNews
-CVE-2005-0631
+CVE-2005-0631 (delpm.php in PBLang 4.63 allows remote authenticated users to delete a ...)
 	NOT-FOR-US: PBLang
-CVE-2005-0630
+CVE-2005-0630 (sendpm.php in PBLang 4.63 allows remote authenticated users to read ar ...)
 	NOT-FOR-US: PBLang
-CVE-2005-0629
+CVE-2005-0629 (Multiple cross-site scripting (XSS) vulnerabilities in profile.php in  ...)
 	NOT-FOR-US: 427BB
-CVE-2005-0628
+CVE-2005-0628 (Multiple cross-site scripting (XSS) vulnerabilities in Forumwa 1.0 all ...)
 	NOT-FOR-US: Forumwa
-CVE-2005-0627
+CVE-2005-0627 (Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be wo ...)
 	- qt-x11-free <not-affected> (RPATH disabled in Debian's build)
-CVE-2005-0626
+CVE-2005-0626 (Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Net ...)
 	- squid 2.5.9-2
 CVE-2005-0940
 	REJECTED
-CVE-2005-0625
+CVE-2005-0625 (reportbug 3.2 includes settings from .reportbugrc in bug reports, whic ...)
 	- reportbug 3.8 (bug #295407)
-CVE-2005-0624
+CVE-2005-0624 (reportbug before 2.62 creates the .reportbugrc configuration file with ...)
 	- reportbug 3.8 (bug #295407)
-CVE-2005-0623
+CVE-2005-0623 (Buffer overflow in RaidenHTTPD 1.1.32, and possibly other versions bef ...)
 	NOT-FOR-US: RaidenHTTPD
-CVE-2005-0622
+CVE-2005-0622 (RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows  ...)
 	NOT-FOR-US: RaidenHTTPD
-CVE-2005-0621
+CVE-2005-0621 (Scrapland 1.0 and earlier allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Scrapland
-CVE-2005-0620
+CVE-2005-0620 (Einstein 1.0 stores credit card information in plaintext in the world- ...)
 	NOT-FOR-US: Einstein
-CVE-2005-0619
+CVE-2005-0619 (Einstein 1.0.1 stores sensitive information such as usernames and pass ...)
 	NOT-FOR-US: Einstein
-CVE-2005-0618
+CVE-2005-0618 (The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R  ...)
 	NOT-FOR-US: Symantec Firewall/VPN Appliance 200/200R firmware
-CVE-2005-0617
+CVE-2005-0617 (SQL injection vulnerability in dl-search.php in PostNuke 0.750 and 0.7 ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-0616
+CVE-2005-0616 (Multiple cross-site scripting (XSS) vulnerabilities in the Download mo ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-0615
+CVE-2005-0615 (Multiple SQL injection vulnerabilities in (1) index.php, (2) modules.p ...)
 	NOT-FOR-US: PostNuke
-CVE-2005-0614
+CVE-2005-0614 (sessions.php in phpBB 2.0.12 and earlier allows remote attackers to ga ...)
 	- phpbb2 2.0.13-1
-CVE-2005-0613
+CVE-2005-0613 (Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, a ...)
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
-CVE-2005-0612
+CVE-2005-0612 (Cisco IP/VC Videoconferencing System 3510, 3520, 3525 and 3530 contain ...)
 	NOT-FOR-US: Cisco
-CVE-2005-0611
+CVE-2005-0611 (Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.105 ...)
 	NOT-FOR-US: Real
-CVE-2005-0610
+CVE-2005-0610 (Multiple symlink vulnerabilities in portupgrade before 20041226_2 in F ...)
 	NOT-FOR-US: FreeBSD portupgrade
 CVE-2005-0609
 	REJECTED
-CVE-2005-0608
+CVE-2005-0608 (Heap-based buffer overflow in server.cpp for WebMod 0.47 allows remote ...)
 	NOT-FOR-US: Half Life WebMod
-CVE-2005-0607
+CVE-2005-0607 (CubeCart 2.0.0 through 2.0.5 allows remote attackers to determine the  ...)
 	NOT-FOR-US: CubeCert
-CVE-2005-0606
+CVE-2005-0606 (Cross-site scripting (XSS) vulnerability in settings.inc.php for CubeC ...)
 	NOT-FOR-US: CubeCert
-CVE-2005-0605
+CVE-2005-0605 (scan.c for LibXPM may allow attackers to execute arbitrary code via a  ...)
 	{DSA-723-1}
 	- lesstif2 1:0.93.94-11.1 (bug #298183; bug #299236)
 	NOTE: libxmp4 is the real culprit
@@ -10118,266 +10118,266 @@ CVE-2005-0605
 	- xorg-x11 <not-affected> (Fixed before upload into archive)
 	- openmotif 2.2.3-1.1 (bug #308819; medium)
 	[sarge] - openmotif <no-dsa> (Non-free)
-CVE-2005-0604
+CVE-2005-0604 (lnss.exe in GFI Languard Network Security Scanner 5.0 stores the usern ...)
 	NOT-FOR-US: GFI Languard Network Security Scanner
-CVE-2005-0603
+CVE-2005-0603 (viewtopic.php in phpBB 2.0.12 and earlier allows remote attackers to o ...)
 	- phpbb2 2.0.13-1
-CVE-2005-0602
+CVE-2005-0602 (Unzip 5.51 and earlier does not properly warn the user when extracting ...)
 	- unzip 5.52-1
 	NOTE: um, tar does this too, not really considered a security hole
-CVE-2005-0601
+CVE-2005-0601 (Cisco devices running Application and Content Networking System (ACNS) ...)
 	NOT-FOR-US: Cisco
-CVE-2005-0600
+CVE-2005-0600 (Cisco devices running Application and Content Networking System (ACNS) ...)
 	NOT-FOR-US: Cisco
-CVE-2005-0599
+CVE-2005-0599 (Cisco devices running Application and Content Networking System (ACNS) ...)
 	NOT-FOR-US: Cisco
-CVE-2005-0598
+CVE-2005-0598 (The RealServer RealSubscriber on Cisco devices running Application and ...)
 	NOT-FOR-US: Real
-CVE-2005-0597
+CVE-2005-0597 (Cisco devices running Application and Content Networking System (ACNS) ...)
 	NOT-FOR-US: Cisco
-CVE-2005-0596
+CVE-2005-0596 (PHP 4 (PHP4) allows attackers to cause a denial of service (daemon cra ...)
 	NOTE: Fixed in CVS after 4.3.4 release; see http://bugs.php.net/bug.php?id=27037
 	- php4 4:4.3.8-1
-CVE-2005-0595
+CVE-2005-0595 (Buffer overflow in ext.dll in BadBlue 2.55 allows remote attackers to  ...)
 	NOT-FOR-US: BadBlue
-CVE-2005-0594
+CVE-2005-0594 (Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to ...)
 	NOT-FOR-US: Apple
-CVE-2005-0593
+CVE-2005-0593 (Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers  ...)
 	- mozilla-firefox 1.0.1
 	- mozilla 2:1.7.6-1
-CVE-2005-0592
+CVE-2005-0592 (Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefo ...)
 	- mozilla-firefox 1.0.1
 	- mozilla 2:1.7.6-1
 	- mozilla-thunderbird 1.0.2-1
-CVE-2005-0591
+CVE-2005-0591 (Firefox before 1.0.1 allows remote attackers to spoof the (1) security ...)
 	- mozilla-firefox 1.0.1
-CVE-2005-0590
+CVE-2005-0590 (The installation confirmation dialog in Firefox before 1.0.1, Thunderb ...)
 	- mozilla-firefox 1.0.1
 	- mozilla-thunderbird 1.0.2-1
-CVE-2005-0589
+CVE-2005-0589 (The Form Fill feature in Firefox before 1.0.1 allows remote attackers  ...)
 	- mozilla-firefox 1.0.1
-CVE-2005-0588
+CVE-2005-0588 (Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:in ...)
 	- mozilla-firefox 1.0.1
 	- mozilla 2:1.7.6-1
-CVE-2005-0587
+CVE-2005-0587 (Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious  ...)
 	NOTE: windows only
-CVE-2005-0586
+CVE-2005-0586 (Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious  ...)
 	- mozilla-firefox 1.0.1
 	- mozilla 2:1.7.6-1
-CVE-2005-0585
+CVE-2005-0585 (Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domai ...)
 	- mozilla-firefox 1.0.1
 	- mozilla 2:1.7.6-1
-CVE-2005-0584
+CVE-2005-0584 (Firefox before 1.0.1 and Mozilla before 1.7.6, when displaying the HTT ...)
 	- mozilla-firefox 1.0.1
 	- mozilla 2:1.7.6-1
-CVE-2005-0583
+CVE-2005-0583 (Directory traversal vulnerability in Computer Associates (CA) License  ...)
 	NOT-FOR-US: Computer Associates (CA) License Client
-CVE-2005-0582
+CVE-2005-0582 (Buffer overflow in Computer Associates (CA) License Client 0.1.0.15 al ...)
 	NOT-FOR-US: Computer Associates (CA) License Client
-CVE-2005-0581
+CVE-2005-0581 (Multiple buffer overflows in Computer Associates (CA) License Client a ...)
 	NOT-FOR-US: Computer Associates (CA) License Client
-CVE-2005-0580
+CVE-2005-0580 (cmd5checkpw, when running setuid, does not properly drop privileges be ...)
 	NOT-FOR-US: cmd5checkpw
-CVE-2005-0579
+CVE-2005-0579 (nxagent in FreeNX before 0.2.8 does not properly handle when the XAUTH ...)
 	NOT-FOR-US: FreeNX
-CVE-2005-0578
+CVE-2005-0578 (Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable  ...)
 	- mozilla-firefox 1.0.1-1
-CVE-2005-0577
+CVE-2005-0577 (Format string vulnerability in DNA MKBold-MKItalic 0.06_1 and earlier  ...)
 	NOT-FOR-US: MKBold-MKItalic
-CVE-2005-0576
+CVE-2005-0576 (Unknown vulnerability in Standard Type Services Framework (STSF) Font  ...)
 	NOT-FOR-US: STSF in Solaris
-CVE-2005-0575
+CVE-2005-0575 (Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote ...)
 	NOT-FOR-US: Stormy Studios Knet
-CVE-2005-0574
+CVE-2005-0574 (Directory traversal vulnerability in CIS WebServer 3.5.13 allows remot ...)
 	NOT-FOR-US: CIS Webserver
-CVE-2005-0573
+CVE-2005-0573 (Gaim 1.1.3 on Windows systems allows remote attackers to cause a denia ...)
 	NOTE: Historic Gaim on Windows
-CVE-2005-0572
+CVE-2005-0572 (index.php in phpWebSite 0.10.0 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: phpWebSite
-CVE-2005-0571
+CVE-2005-0571 (admin_loader.php in PunBB 1.2.1 allows remote attackers to read arbitr ...)
 	NOT-FOR-US: PunBB
-CVE-2005-0570
+CVE-2005-0570 (profile.php in PunBB 1.2.1 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: PunBB
-CVE-2005-0569
+CVE-2005-0569 (Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remote att ...)
 	NOT-FOR-US: PunBB
-CVE-2005-0568
+CVE-2005-0568 (Soldier of Fortune II 1.03 gold allows remote attackers to cause a den ...)
 	NOT-FOR-US: Soldier of Fortune II
-CVE-2005-0567
+CVE-2005-0567 (Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 ...)
 	- phpmyadmin 3:2.6.1-pl2-1
-CVE-2005-0566
+CVE-2005-0566 (Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remot ...)
 	NOT-FOR-US: Golden FTP Server
-CVE-2005-0565
+CVE-2005-0565 (The Announce module in phpWebSite 0.10.0 and earlier allows remote att ...)
 	NOT-FOR-US: phpWebSite
-CVE-2005-0564
+CVE-2005-0564 (Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and  ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2005-0563
+CVE-2005-0563 (Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Acce ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0562
+CVE-2005-0562 (GIF file validation error in MSN Messenger 6.2 allows remote attackers ...)
 	NOT-FOR-US: MSN Messenger
 CVE-2005-0561
 	RESERVED
-CVE-2005-0560
+CVE-2005-0560 (Heap-based buffer overflow in the SvrAppendReceivedChunk function in x ...)
 	NOT-FOR-US: Exchange server
 CVE-2005-0559
 	RESERVED
-CVE-2005-0558
+CVE-2005-0558 (Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allow ...)
 	NOT-FOR-US: Microsoft Word
 CVE-2005-0557
 	RESERVED
 CVE-2005-0556
 	RESERVED
-CVE-2005-0555
+CVE-2005-0555 (Buffer overflow in the Content Advisor in Microsoft Internet Explorer  ...)
 	NOT-FOR-US: MSIE
-CVE-2005-0554
+CVE-2005-0554 (Buffer overflow in the URL processor of Microsoft Internet Explorer 5. ...)
 	NOT-FOR-US: MSIE
-CVE-2005-0553
+CVE-2005-0553 (Race condition in the memory management routines in the DHTML object p ...)
 	NOT-FOR-US: MSIE
 CVE-2005-0552
 	RESERVED
-CVE-2005-0551
+CVE-2005-0551 (Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0550
+CVE-2005-0550 (Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0549
+CVE-2005-0549 (Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Docume ...)
 	NOT-FOR-US: Solaris
-CVE-2005-0548
+CVE-2005-0548 (Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Docume ...)
 	NOT-FOR-US: Solaris
-CVE-2005-0547
+CVE-2005-0547 (Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11 ...)
 	NOT-FOR-US: ftpd on HP-UX
-CVE-2005-0546
+CVE-2005-0546 (Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attac ...)
 	- cyrus21-imapd 2.1.18-1
-CVE-2005-0545
+CVE-2005-0545 (Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running Activ ...)
 	NOT-FOR-US: MS Office
-CVE-2005-0544
+CVE-2005-0544 (phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of th ...)
 	- phpmyadmin 3:2.6.1-pl2-1
-CVE-2005-0543
+CVE-2005-0543 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows re ...)
 	- phpmyadmin 3:2.6.1-pl2-1
-CVE-2005-0542
+CVE-2005-0542 (saveUser.do in Cyclades AlterPath Manager (APM) Console Server 1.2.1 a ...)
 	NOT-FOR-US: Cyclades AlterPath Manager
-CVE-2005-0541
+CVE-2005-0541 (consoleConnect.jsp in Cyclades AlterPath Manager (APM) Console Server  ...)
 	NOT-FOR-US: Cyclades AlterPath Manager
-CVE-2005-0540
+CVE-2005-0540 (Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote at ...)
 	NOT-FOR-US: Cyclades AlterPath Manager
-CVE-2005-0539
+CVE-2005-0539 (Unknown vulnerability in IBM Hardware Management Console (HMC) before  ...)
 	NOT-FOR-US: IBM
-CVE-2005-0538
+CVE-2005-0538 (Directory traversal vulnerability in (1) GinpPictureServlet.java and ( ...)
 	NOT-FOR-US: ginp
-CVE-2005-0537
+CVE-2005-0537 (Multiple SQL injection vulnerabilities in page.php for iGeneric (iG) S ...)
 	NOT-FOR-US: iGeneric (iG) Shop
-CVE-2005-0536
+CVE-2005-0536 (Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and ...)
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2005-0535
+CVE-2005-0535 (Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x bef ...)
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2005-0534
+CVE-2005-0534 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x ...)
 	- mediawiki 1.4.9 (bug #276057)
-CVE-2005-0533
+CVE-2005-0533 (Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI befo ...)
 	NOT-FOR-US: Trend Micro AntiVirus
-CVE-2005-0532
+CVE-2005-0532 (The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11-rc4)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2005-0531
+CVE-2005-0531 (The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11-rc4)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
 	- kernel-source-2.4.27 2.4.27-9
-CVE-2005-0530
+CVE-2005-0530 (Signedness error in the copy_from_read_buf function in n_tty.c for Lin ...)
 	- kernel-source-2.6.8 2.6.8-14
 	NOTE: affects only 2.6 (see #296906)
-CVE-2005-0529
+CVE-2005-0529 (Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for of ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
 CVE-2005-0528
 	REJECTED
-CVE-2005-0527
+CVE-2005-0527 (Firefox 1.0 allows remote attackers to execute arbitrary code via plug ...)
 	- mozilla-firefox 1.0.1
 	NOTE: didn't other with YA mozilla-browser bug, it has enough for 1.7.6 already..
 	- mozilla 2:1.7.6
-CVE-2005-0526
+CVE-2005-0526 (Multiple cross-site scripting (XSS) vulnerabilities in PBLang 4.65 all ...)
 	NOT-FOR-US: PBLang
-CVE-2005-0525
+CVE-2005-0525 (The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 a ...)
 	{DSA-729-1 DSA-708-1}
 	- php4 4:4.3.10-10
 	- php3 3:3.0.18-31
-CVE-2005-0524
+CVE-2005-0524 (The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 an ...)
 	- php3 <not-affected>
 	- php4 4:4.3.10-10
-CVE-2005-0523
+CVE-2005-0523 (Format string vulnerability in ProZilla 1.3.7.3 and earlier allows rem ...)
 	{DSA-719-1}
 	- prozilla 1:1.3.7.4-1
-CVE-2005-0522
+CVE-2005-0522 (Chat Anywhere 2.72a stores sensitive information such as passwords in  ...)
 	NOT-FOR-US: Chat Anywhere
-CVE-2005-0521
+CVE-2005-0521 (SendLink 1.5 stores sensitive information, possibly including password ...)
 	NOT-FOR-US: SendLink
-CVE-2005-0520
+CVE-2005-0520 (ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arb ...)
 	NOT-FOR-US: ArGoSoft
-CVE-2005-0519
+CVE-2005-0519 (ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arb ...)
 	NOT-FOR-US: ArGoSoft
-CVE-2005-0518
+CVE-2005-0518 (eXeem 0.21 stores sensitive information such as passwords in plaintext ...)
 	NOT-FOR-US: eXeem
-CVE-2005-0517
+CVE-2005-0517 (PeerFTP_5 stores sensitive information such as passwords in plaintext  ...)
 	NOT-FOR-US: PeerFTP
-CVE-2005-0516
+CVE-2005-0516 (The ImageGalleryPlugin (ImageGalleryPlugin.pm) in Twiki allows remote  ...)
 	NOT-FOR-US: ImageGalleryPlugin for Twiki
-CVE-2005-0515
+CVE-2005-0515 (Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other version ...)
 	NOT-FOR-US: My Firewall Plus
-CVE-2005-0514
+CVE-2005-0514 (Cross-site scripting (XSS) vulnerability in Verity Ultraseek before 5. ...)
 	NOT-FOR-US: Verity Ultraseek
-CVE-2005-0513
+CVE-2005-0513 (PHP remote file inclusion vulnerability in mail_autocheck.php in the E ...)
 	NOT-FOR-US: pMachine
-CVE-2005-0512
+CVE-2005-0512 (PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allo ...)
 	NOT-FOR-US: Mambo
-CVE-2005-0511
+CVE-2005-0511 (misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in H ...)
 	NOT-FOR-US: vBulletin
-CVE-2005-0510
+CVE-2005-0510 (The daemon for fallback-reboot before 0.995 allows attackers to cause  ...)
 	NOT-FOR-US: fallback-reboot
-CVE-2005-0509
+CVE-2005-0509 (Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5  ...)
 	NOTE: default config of Mono not vulnerable
 	- mono 1.1.6-4 (medium)
-CVE-2005-0508
+CVE-2005-0508 (Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attack ...)
 	- batik 1.5.1-1
-CVE-2005-0507
+CVE-2005-0507 (Directory traversal vulnerability in SD Server 4.0.70 and earlier allo ...)
 	NOT-FOR-US: SD Server
-CVE-2005-0506
+CVE-2005-0506 (The Avaya IP Office Phone Manager, and other products such as the IP S ...)
 	NOT-FOR-US: Avaya IP Office Phone Manager
-CVE-2005-0505
+CVE-2005-0505 (Unknown vulnerability in Information Resource Manager (IRM) before 1.5 ...)
 	- irm 1.5.3.1-1
-CVE-2005-0504
+CVE-2005-0504 (Buffer overflow in the MoxaDriverIoctl function for the moxa serial dr ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- kernel-source-2.6.8 2.6.8-12
 	- kernel-source-2.6.9 2.6.9-5
 	- kernel-source-2.6.10 2.6.10-2
 	- kernel-source-2.4.27 2.4.27-8
-CVE-2005-0503
+CVE-2005-0503 (uim before 0.4.5.1 trusts certain environment variables when libUIM is ...)
 	- uim 1:0.4.6beta2-1
-CVE-2005-0502
+CVE-2005-0502 (Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows r ...)
 	NOT-FOR-US: Xinkaa
-CVE-2005-0501
+CVE-2005-0501 (Buffer overflow in Bontago 1.1 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Bontago
-CVE-2005-0500
+CVE-2005-0500 (Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spo ...)
 	NOT-FOR-US: MSIE6
-CVE-2005-0499
+CVE-2005-0499 (Gigafast router (aka CompUSA router) with the DNS proxy option enabled ...)
 	NOT-FOR-US: Gigafast router
-CVE-2005-0498
+CVE-2005-0498 (Gigafast router (aka CompUSA router) allows remote attackers to gain s ...)
 	NOT-FOR-US: Gigafast router
-CVE-2005-0497
+CVE-2005-0497 (ADP Elite System Max 9000 allows remote authenticated users to gain pr ...)
 	NOT-FOR-US: ADP Elite System
-CVE-2005-0496
+CVE-2005-0496 (Arkeia Network Backup Client 5.x contains hard-coded credentials that  ...)
 	NOT-FOR-US: Arkeia Network Backup
-CVE-2005-0495
+CVE-2005-0495 (Cross-site scripting (XSS) vulnerability in ZeroBoard allows remote at ...)
 	NOT-FOR-US: ZeroBoard
-CVE-2005-0494
+CVE-2005-0494 (The RgSecurity form in the HTTP server for the Thomson TCW690 cable mo ...)
 	NOT-FOR-US: Thomson TCW690 cable modem
-CVE-2005-0493
+CVE-2005-0493 (CRLF injection vulnerability in bizmail.cgi in Biz Mail Form before 2. ...)
 	NOT-FOR-US: Biz Mail From
-CVE-2005-0492
+CVE-2005-0492 (Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause  ...)
 	NOT-FOR-US: Acrobat Reader
-CVE-2005-0491
+CVE-2005-0491 (Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows  ...)
 	NOT-FOR-US: Arkeia Server Backup
-CVE-2005-0490
+CVE-2005-0490 (Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and  ...)
 	- curl 7.13.0-2
-CVE-2005-0489
+CVE-2005-0489 (The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before initial release)
-CVE-2005-0488
+CVE-2005-0488 (Certain BSD-based Telnet clients, including those used on Solaris and  ...)
 	- krb4 <unfixed> (unimportant)
 	[woody] - krb4 <no-dsa> (Documented behaviour in MIT Kerberos)
 	[sarge] - krb4 <no-dsa> (Documented behaviour in MIT Kerberos)
@@ -10386,312 +10386,312 @@ CVE-2005-0488
 	[sarge] - krb5 <no-dsa> (Documented behaviour in MIT Kerberos)
 	- netkit-telnet <not-affected> (netkit-telnet is not affected)
 	NOTE: telnet code was removed earlier than 1.8.3, but that's the version that was available to check
-CVE-2005-0487
+CVE-2005-0487 (Cross-site scripting (XSS) vulnerability in index.php for Kayako ESupp ...)
 	NOT-FOR-US: Kyako ESupport
-CVE-2005-0486
+CVE-2005-0486 (Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and ...)
 	NOT-FOR-US: Tarantella Secure Global Desktop
-CVE-2005-0485
+CVE-2005-0485 (Cross-site scripting (XSS) vulnerability in comment.php for paNews 2.0 ...)
 	NOT-FOR-US: paNews
-CVE-2005-0484
+CVE-2005-0484 (Format string vulnerability in gprostats for GProFTPD before 8.1.9 may ...)
 	NOT-FOR-US: GProFTPD
-CVE-2005-0483
+CVE-2005-0483 (Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk ...)
 	NOT-FOR-US: Glftpd
-CVE-2005-0482
+CVE-2005-0482 (TrackerCam 5.12 and earlier allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: TrackerCam
-CVE-2005-0481
+CVE-2005-0481 (TrackerCam 5.12 and earlier allows remote attackers to read log files  ...)
 	NOT-FOR-US: TrackerCam
-CVE-2005-0480
+CVE-2005-0480 (Cross-site scripting (XSS) vulnerability in TrackerCam 5.12 and earlie ...)
 	NOT-FOR-US: TrackerCam
-CVE-2005-0479
+CVE-2005-0479 (Directory traversal vulnerability in ComGetLogFile.php3 for TrackerCam ...)
 	NOT-FOR-US: TrackerCam
-CVE-2005-0478
+CVE-2005-0478 (Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote  ...)
 	NOT-FOR-US: TrackerCam
-CVE-2005-0477
+CVE-2005-0477 (Cross-site scripting (XSS) vulnerability in the SML code for Invision  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2005-0476
+CVE-2005-0476 (Cross-site scripting (XSS) vulnerability in hpm_guestbook.cgi allows r ...)
 	NOT-FOR-US: hpm_guestbook.cgi
-CVE-2005-0475
+CVE-2005-0475 (SQL injection vulnerability in paFAQ Beta4, and possibly other version ...)
 	NOT-FOR-US: paFAQ
-CVE-2005-0474
+CVE-2005-0474 (SQL injection vulnerability in the user_valid_crypt function in user.p ...)
 	- webcalendar 0.9.45-3
-CVE-2005-0473
+CVE-2005-0473 (The HTML parsing functions in Gaim before 1.1.3 allow remote attackers ...)
 	- gaim 1:1.1.3-1
-CVE-2005-0472
+CVE-2005-0472 (Gaim before 1.1.3 allows remote attackers to cause a denial of service ...)
 	{DSA-716-1}
 	- gaim 1:1.1.3-1
-CVE-2005-0471
+CVE-2005-0471 (Sun Java JRE 1.1.x through 1.4.x writes temporary files with long file ...)
 	NOT-FOR-US: SUN JRE
-CVE-2005-0470
+CVE-2005-0470 (Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers ...)
 	- wpasupplicant 0.3.8-1
-CVE-2005-0469
+CVE-2005-0469 (Buffer overflow in the slc_add_reply function in various BSD-based Tel ...)
 	{DSA-765-1 DSA-731-1 DSA-703-1 DSA-699-1 DSA-697-1}
 	- krb4 1.2.2-11.2 (bug #306141)
 	- krb5 1.3.6-2
 	- netkit-telnet-ssl 0.17.24+0.1-7.1 (bug #302036)
 	- netkit-telnet 0.17-28
 	- heimdal 0.6.3-10
-CVE-2005-0468
+CVE-2005-0468 (Heap-based buffer overflow in the env_opt_add function in telnet.c for ...)
 	{DSA-731-1 DSA-703-1}
 	- krb5 1.3.6-2
 	- krb4 1.2.2-11.2 (bug #306141)
-CVE-2005-0467
+CVE-2005-0467 (Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_r ...)
 	- putty 0.57-1
 CVE-2005-0466
 	RESERVED
-CVE-2005-0465
+CVE-2005-0465 (gr_osview in SGI IRIX does not drop privileges before opening files, w ...)
 	NOT-FOR-US: SGI IRIX
-CVE-2005-0464
+CVE-2005-0464 (gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does no ...)
 	NOT-FOR-US: SGI IRIX
-CVE-2005-0463
+CVE-2005-0463 (Unknown "major security flaws" in Ulog-php before 1.0, related to inpu ...)
 	NOT-FOR-US: ulog-php
-CVE-2005-0462
+CVE-2005-0462 (Cross-site scripting (XSS) vulnerability in MercuryBoard 1.0.x and 1.1 ...)
 	NOT-FOR-US: MercuryBoard
-CVE-2005-0461
+CVE-2005-0461 (Unknown vulnerability in NewsBruiser 2.x before 2.6.1 allows remote at ...)
 	NOT-FOR-US: NewsBruiser
-CVE-2005-0460
+CVE-2005-0460 (index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to o ...)
 	NOT-FOR-US: MercuryBoard
-CVE-2005-0459
+CVE-2005-0459 (phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote att ...)
 	- phpmyadmin 4:2.6.2 (unimportant)
 	NOTE: From maintainer Piotr Roszatycki <Piotr_Roszatycki@netia.net.pl> :
 	NOTE: I think it is not a problem on Debian as far as everybody knows the full
 	NOTE: path of phpMyAdmin is /usr/share/phpmyadmin.
-CVE-2005-0458
+CVE-2005-0458 (Cross-site scripting (XSS) vulnerability in contact_us.php in osCommer ...)
 	- oscommerce <itp> (bug #532489)
-CVE-2005-0457
+CVE-2005-0457 (Opera 7.54 and earlier on Gentoo Linux uses an insecure path for plugi ...)
 	NOT-FOR-US: Opera
-CVE-2005-0456
+CVE-2005-0456 (Opera 7.54 and earlier does not properly validate base64 encoded binar ...)
 	NOT-FOR-US: Opera
-CVE-2005-0455
+CVE-2005-0455 (Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed f ...)
 	NOT-FOR-US: Real
-CVE-2005-0454
+CVE-2005-0454 (Multiple SQL injection vulnerabilities in DCP-Portal 6.1.1 and earlier ...)
 	NOT-FOR-US: DCP-Portal
-CVE-2005-0453
+CVE-2005-0453 (The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not p ...)
 	NOT-FOR-US: Lighttpd
-CVE-2005-0452
+CVE-2005-0452 (Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.N ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0451
+CVE-2005-0451 (Sami HTTP Server 1.0.5 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Sami HTTP Server
-CVE-2005-0450
+CVE-2005-0450 (Directory traversal vulnerability in Sami HTTP Server 1.0.5 allows rem ...)
 	NOT-FOR-US: Sami HTTP Server
-CVE-2005-0449
+CVE-2005-0449 (The netfilter/iptables module in Linux before 2.6.8.1 allows remote at ...)
 	{DSA-1018-1 DSA-1017-1}
 	- linux-2.6 <not-affected> (Vulnerable code was removed betwen 2.6.11 and 2.6.12)
-CVE-2005-0448
+CVE-2005-0448 (Race condition in the rmtree function in File::Path.pm in Perl before  ...)
 	{DSA-1678-1 DSA-696-1}
 	- perl 5.8.4-7
-CVE-2005-0430
+CVE-2005-0430 (The Quake 3 engine, as used in multiple game packages, allows remote a ...)
 	NOT-FOR-US: Quake 3
-CVE-2005-0447
+CVE-2005-0447 (Solaris 7, 8, and 9 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Solaris
-CVE-2005-0446
+CVE-2005-0446 (Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denia ...)
 	{DSA-688-1}
 	- squid 2.5.8-3
-CVE-2005-0445
+CVE-2005-0445 (Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows re ...)
 	- openwebmail <removed>
-CVE-2005-0444
+CVE-2005-0444 (VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries u ...)
 	NOT-FOR-US: VMware
-CVE-2005-0443
+CVE-2005-0443 (index.php in CubeCart 2.0.4 allows remote attackers to (1) obtain the  ...)
 	NOT-FOR-US: CubeCart
-CVE-2005-0442
+CVE-2005-0442 (Directory traversal vulnerability in index.php for CubeCart 2.0.4 allo ...)
 	NOT-FOR-US: CubeCart
-CVE-2005-0441
+CVE-2005-0441 (Multiple stack-based buffer overflows in Sybase Adaptive Server Enterp ...)
 	NOT-FOR-US: Sybase
-CVE-2005-0440
+CVE-2005-0440 (ELOG before 2.5.7 allows remote attackers to bypass authentication and ...)
 	- elog 2.5.7+r1558-1
-CVE-2005-0439
+CVE-2005-0439 (Buffer overflow in the decode_post function in ELOG before 2.5.7 allow ...)
 	- elog 2.5.7+r1558-1
-CVE-2005-0438
+CVE-2005-0438 (awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain se ...)
 	- awstats 6.3-1
-CVE-2005-0437
+CVE-2005-0437 (Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 ...)
 	- awstats 6.3-1
-CVE-2005-0436
+CVE-2005-0436 (Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6 ...)
 	- awstats 6.3-1
-CVE-2005-0435
+CVE-2005-0435 (awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read serv ...)
 	- awstats 6.3-1
-CVE-2005-0434
+CVE-2005-0434 (Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 7.5 al ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0433
+CVE-2005-0433 (Php-Nuke 7.5 allows remote attackers to determine the full path of the ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2005-0432
+CVE-2005-0432 (BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service Pa ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2005-0431
+CVE-2005-0431 (Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domai ...)
 	NOT-FOR-US: Barracuda Spam Firewall
-CVE-2005-0429
+CVE-2005-0429 (Direct code injection vulnerability in forumdisplay.php in vBulletin 3 ...)
 	NOT-FOR-US: vBulletin
-CVE-2005-0428
+CVE-2005-0428 (The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 ...)
 	- pdns 2.9.16-6
-CVE-2005-0427
+CVE-2005-0427 (The ebuild of Webmin before 1.170-r3 on Gentoo Linux includes the encr ...)
 	- webmin <not-affected> (Gentoo specific)
-CVE-2005-0426
+CVE-2005-0426 (Unknown vulnerability in Solaris 8 and 9 allows remote attackers to ca ...)
 	NOT-FOR-US: Solaris
-CVE-2005-0425
+CVE-2005-0425 (Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, an ...)
 	NOT-FOR-US: Websphere
-CVE-2005-0424
+CVE-2005-0424 (Unknown vulnerability in the delete.asp program in certain versions of ...)
 	NOT-FOR-US: ASPjar Guestbook
-CVE-2005-0423
+CVE-2005-0423 (SQL injection vulnerability in login.asp in ASPjar Guestbook allows re ...)
 	NOT-FOR-US: ASPjar Guestbook
-CVE-2005-0422
+CVE-2005-0422 (DelphiTurk CodeBank (aka KodBank) 3.1 and earlier stores usernames and ...)
 	NOT-FOR-US: DelphiTurk
-CVE-2005-0421
+CVE-2005-0421 (DelphiTurk FTP 1.0 stores usernames and passwords in the profile.dat f ...)
 	NOT-FOR-US: DelphiTurk
-CVE-2005-0420
+CVE-2005-0420 (Microsoft Outlook Web Access (OWA), when used with Exchange, allows re ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0419
+CVE-2005-0419 (Multiple heap-based buffer overflows in 3Com 3CServer allow remote aut ...)
 	NOT-FOR-US: 3com
-CVE-2005-0418
+CVE-2005-0418 (Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up t ...)
 	NOT-FOR-US: Sun Java
-CVE-2005-0417
+CVE-2005-0417 (Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and ea ...)
 	NOT-FOR-US: IBM DB2
-CVE-2005-0416
+CVE-2005-0416 (The Windows Animated Cursor (ANI) capability in Windows NT, Windows 20 ...)
 	NOT-FOR-US: Windows
-CVE-2005-0415
+CVE-2005-0415 (Multiple memory leaks in the MQL parser in Emdros before 1.1.22 allow  ...)
 	NOT-FOR-US: Emdros
-CVE-2005-0414
+CVE-2005-0414 (SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows  ...)
 	NOT-FOR-US: MercuryBoard
-CVE-2005-0413
+CVE-2005-0413 (Multiple SQL injection vulnerabilities in MyPHP Forum 1.0 allow remote ...)
 	NOT-FOR-US: MyPHP Forum
-CVE-2005-0412
+CVE-2005-0412 (Cross-site scripting (XSS) vulnerability in Spidean PostWrap allows re ...)
 	NOT-FOR-US: Spidean PostWrap
-CVE-2005-0411
+CVE-2005-0411 (Directory traversal vulnerability in index.php for CitrusDB 0.3.6 and  ...)
 	NOT-FOR-US: CitrusDB
-CVE-2005-0410
+CVE-2005-0410 (SQL injection vulnerability in importcc.php for CitrusDB 0.3.6 and ear ...)
 	NOT-FOR-US: CitrusDB
-CVE-2005-0409
+CVE-2005-0409 (CitrusDB 0.3.6 and earlier does not verify authorization for the (1) i ...)
 	NOT-FOR-US: CitrusDB
-CVE-2005-0408
+CVE-2005-0408 (CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of  ...)
 	NOT-FOR-US: CitrusDB
-CVE-2005-0407
+CVE-2005-0407 (Cross-site scripting (XSS) vulnerability in Openconf 1.04, and possibl ...)
 	NOT-FOR-US: Openconf
-CVE-2005-0406
+CVE-2005-0406 (A design flaw in image processing software that modifies JPEG images m ...)
 	- imagemagick <unfixed> (bug #298051; unimportant)
 	NOTE: <Maulkin> The EXIF spec says "if your app can't handle $foo, don't touch $foo"
 	NOTE: <Piet> 'convert -strip' will remove exif data according to http://web.archive.org/web/20130922031724/http://www.imagemagick.org:80/pipermail/magick-users/2006-May/017538.html
 CVE-2005-0405
 	RESERVED
-CVE-2005-0404
+CVE-2005-0404 (KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email inform ...)
 	NOTE: see http://bugs.kde.org/show_bug.cgi?id=96020
 	- kdepim 3.4-1 (bug #305601; low)
 	[sarge] - kdepim <no-dsa> (Hardly exploitable)
 	NOTE: According to the KDE bug the URL bar in 3.4 cannot be manipulated. Kmail also
 	NOTE: warns that HTML mails introduce the risk of phishing. This could as well
 	NOTE: be unimportant
-CVE-2005-0403
+CVE-2005-0403 (init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterp ...)
 	- glibc <not-affected> (Specific to the NPTL backport for RHEL 3)
-CVE-2005-0402
+CVE-2005-0402 (Firefox before 1.0.2 allows remote attackers to execute arbitrary code ...)
 	- mozilla-firefox 1.0.2-1
-CVE-2005-0401
+CVE-2005-0401 (FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all ...)
 	- mozilla-firefox 1.0.2-1
 	- mozilla-thunderbird 1.0.2-1
-CVE-2005-0400
+CVE-2005-0400 (The ext2_make_empty function call in the Linux kernel before 2.6.11.6  ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.6)
 	- kernel-source-2.4.27 2.4.27-10 (bug #303294)
-CVE-2005-0399
+CVE-2005-0399 (Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozill ...)
 	- mozilla-firefox 1.0.2-1
 	- mozilla-thunderbird 1.0.2-1
-CVE-2005-0398
+CVE-2005-0398 (The KAME racoon daemon in ipsec-tools before 0.5 allows remote attacke ...)
 	- ipsec-tools 1:0.5-5
-CVE-2005-0397
+CVE-2005-0397 (Format string vulnerability in the SetImageInfo function in image.c fo ...)
 	{DSA-702-1}
 	- imagemagick 6:6.0.6.2-2.2 (bug #297990)
 	- graphicsmagick 1.1.7-1
-CVE-2005-0396
+CVE-2005-0396 (Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE b ...)
 	NOTE: fix in -4 was broken
 	- kdelibs 4:3.3.2-6
 CVE-2005-0395
 	REJECTED
 CVE-2005-0394
 	RESERVED
-CVE-2005-0393
+CVE-2005-0393 (The helper scripts for crip 3.5 do not properly use temporary files, w ...)
 	{DSA-733-1}
 	- crip 3.5-1sarge2 (low)
-CVE-2005-0392
+CVE-2005-0392 (ppxp does not drop root privileges before opening log files, which all ...)
 	{DSA-725-2 DSA-725-1}
 	- ppxp 0.2001080415-11
-CVE-2005-0391
+CVE-2005-0391 (geneweb 4.10 and earlier does not properly check file permissions and  ...)
 	{DSA-712-1}
 	- geneweb 4.10-7 (bug #304405)
-CVE-2005-0390
+CVE-2005-0390 (Buffer overflow in the HTTP redirection capability in conn.c for Axel  ...)
 	{DSA-706-1}
 	- axel 1.0b-1
 CVE-2005-0389
 	REJECTED
-CVE-2005-0388
+CVE-2005-0388 (Unknown vulnerability in the remoteping service in remstats 1.0.13 and ...)
 	{DSA-704-1}
 	- remstats 1.0.13a-5
-CVE-2005-0387
+CVE-2005-0387 (remstats 1.0.13 and earlier, when processing uptime data, allows local ...)
 	{DSA-704-1}
 	- remstats 1.0.13a-5
-CVE-2005-0386
+CVE-2005-0386 (Cross-site scripting (XSS) vulnerability in network.cgi in mailreader  ...)
 	{DSA-700-1}
 	- mailreader 2.3.29-11
-CVE-2005-0385
+CVE-2005-0385 (Buffer overflow in luxman before 0.41, if used with certain insecure s ...)
 	{DSA-693-1}
 	- luxman 0.41-20 (bug #299857)
-CVE-2005-0384
+CVE-2005-0384 (Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 a ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-9
-CVE-2005-0383
+CVE-2005-0383 (Trend Micro Control Manager 3.0 Enterprise Edition allows remote attac ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2005-0382
+CVE-2005-0382 (Breed patch 1 and earlier allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Breed game
-CVE-2005-0381
+CVE-2005-0381 (Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 all ...)
 	NOT-FOR-US: forumKIT
-CVE-2005-0380
+CVE-2005-0380 (Multiple PHP remote file inclusion vulnerabilities in (1) print_catego ...)
 	NOT-FOR-US: ZeroBoard
-CVE-2005-0379
+CVE-2005-0379 (Multiple directory traversal vulnerabilities in ZeroBoard 4.1pl5 and e ...)
 	NOT-FOR-US: ZeroBoard
-CVE-2005-0378
+CVE-2005-0378 (Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow ...)
 	- horde2 <not-affected>
 	- horde3 3.0.1-1
-CVE-2005-0377
+CVE-2005-0377 (SQL injection vulnerability in imageview.php for SGallery 1.01 allows  ...)
 	NOT-FOR-US: sgallery
-CVE-2005-0376
+CVE-2005-0376 (PHP remote file inclusion vulnerability in SGallery 1.01 allows local  ...)
 	NOT-FOR-US: sgallery
-CVE-2005-0375
+CVE-2005-0375 (imageview.php in SGallery 1.01 allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: sgallery
-CVE-2005-0374
+CVE-2005-0374 (Cross-site scripting (XSS) vulnerability in Bitboard 2.5 and earlier a ...)
 	NOT-FOR-US: bitboard
-CVE-2005-0373
+CVE-2005-0373 (Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as  ...)
 	NOTE: had to extract gentoo ebuild from rsync.gentoo.org to get details
 	NOTE: see cyrus-sasl-2.1.18-cvs-1.172.patch in there
 	NOTE: cyrus-sasl2 already has patch applied
 	NOTE: oldstable version not affected, thus marking it as done with the oldstable version
 	- cyrus-sasl <not-affected> (cyrus-sasl code seems too old for any of the problems to apply)
 	- cyrus-sasl2 2.1.19.dfsg1-0sarge2
-CVE-2005-0372
+CVE-2005-0372 (Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allow ...)
 	{DSA-686-1}
 	- gftp 2.0.18-1
 	NOTE: CVE entry claims that 2.0.18 is vulnerable, but this is wrong.
-CVE-2005-0371
+CVE-2005-0371 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and ear ...)
 	- armagetron 0.2.8.2.1-1 (bug #296840; low)
 	[sarge] - armagetron <no-dsa> (Remaining vulnerabilities are minor)
 	[etch] - armagetron <no-dsa> (Remaining vulnerabilities are minor)
-CVE-2005-0370
+CVE-2005-0370 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and ear ...)
 	- armagetron 0.2.7.0-1
 	NOTE: Sarge has this version number, but oldstable is affected
-CVE-2005-0369
+CVE-2005-0369 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier ...)
 	- armagetron 0.2.7.0-1
 	NOTE: Sarge has this version number, but olstable is affected
-CVE-2005-0368
+CVE-2005-0368 (Multiple SQL injection vulnerabilities in CMScore allow remote attacke ...)
 	NOT-FOR-US: CMScore
-CVE-2005-0367
+CVE-2005-0367 (Multiple directory traversal vulnerabilities in ArGoSoft Mail Server 1 ...)
 	NOT-FOR-US: ArGoSoft Mail Server
-CVE-2005-0366
+CVE-2005-0366 (The integrity check feature in OpenPGP, when handling a message that w ...)
 	- gnupg 1.4.1-1
-CVE-2005-0364
+CVE-2005-0364 (Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.1 ...)
 	- bind9 <not-affected> (Bind on hp-ux)
 CVE-2005-0361
 	RESERVED
-CVE-2005-0360
+CVE-2005-0360 (The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0359
+CVE-2005-0359 (The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 ...)
 	NOT-FOR-US: EMC Legato
-CVE-2005-0358
+CVE-2005-0358 (EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterp ...)
 	NOT-FOR-US: EMC Legato
-CVE-2005-0357
+CVE-2005-0357 (EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge En ...)
 	NOT-FOR-US: EMC Legato
-CVE-2005-0356
+CVE-2005-0356 (Multiple TCP implementations with Protection Against Wrapped Sequence  ...)
 	- linux-2.6 <not-affected> (Linux is not vulnerable, see #310804)
 	- kernel-source-2.4.27 <not-affected> (Linux is not vulnerable, see #310804)
 	- kfreebsd5-source 5.3-15 (medium)
@@ -10699,328 +10699,328 @@ CVE-2005-0355
 	RESERVED
 CVE-2005-0354
 	RESERVED
-CVE-2005-0353
+CVE-2005-0353 (Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel L ...)
 	NOT-FOR-US: Sentinel License Manager
-CVE-2005-0352
+CVE-2005-0352 (Servers Alive 4.1 and 5.0, when running as a service, does not drop SY ...)
 	NOT-FOR-US: Servers Alive
-CVE-2005-0351
+CVE-2005-0351 (Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO Op ...)
 	NOT-FOR-US: SCO OpenServer
-CVE-2005-0350
+CVE-2005-0350 (Heap-based buffer overflow in multiple F-Secure Anti-Virus and Interne ...)
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2005-0349
+CVE-2005-0349 (The production release of the UniversalAgent for UNIX in BrightStor AR ...)
 	NOT-FOR-US: BrightStor ARCserve Backup
-CVE-2005-0365
+CVE-2005-0365 (The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files wi ...)
 	- kdelibs 4:3.3.2-2
-CVE-2005-0363
+CVE-2005-0363 (awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute a ...)
 	{DSA-682-1}
 	- awstats 6.2-1.2
-CVE-2005-0362
+CVE-2005-0362 (awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary ...)
 	- awstats 6.2-1.2
 	NOTE: http://patches.ubuntu.com/patches/awstats.more-CVE-2005-0016.diff
 	NOTE: http://packetstormsecurity.nl/0501-exploits/AWStatsVulnAnalysis.pdf
-CVE-2005-0284
+CVE-2005-0284 (SQL injection vulnerability in addentry.php in Woltlab Burning Book 1. ...)
 	NOT-FOR-US: Woltlab Burning Book
-CVE-2005-0348
+CVE-2005-0348 (Directory traversal vulnerability in RealArcade 1.2.0.994 allows remot ...)
 	NOT-FOR-US: RealArcade
-CVE-2005-0347
+CVE-2005-0347 (Integer overflow in RealArcade 1.2.0.994 and earlier allows remote att ...)
 	NOT-FOR-US: RealArcade
-CVE-2005-0346
+CVE-2005-0346 (SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) ...)
 	NOT-FOR-US: SafeNet
-CVE-2005-0345
+CVE-2005-0345 (viewthread.php in php-fusion 4.x does not check the (1) forum_id or (2 ...)
 	NOT-FOR-US: php-fusion
-CVE-2005-0344
+CVE-2005-0344 (Directory traversal vulnerability in 602LAN SUITE 2004.0.04.1221 allow ...)
 	NOT-FOR-US: 602LAN SUITE
-CVE-2005-0343
+CVE-2005-0343 (SQL injection vulnerability in PerlDesk 1.x allows remote attackers to ...)
 	NOT-FOR-US: PerlDesk
-CVE-2005-0342
+CVE-2005-0342 (The Finder in Mac OS X and earlier allows local users to overwrite arb ...)
 	NOT-FOR-US: Apple
-CVE-2005-0341
+CVE-2005-0341 (Apple Safari 1.2.4 does not obey the Content-type field in the HTTP he ...)
 	NOT-FOR-US: Apple
-CVE-2005-0340
+CVE-2005-0340 (Integer signedness error in Apple File Service (AFP Server) allows rem ...)
 	NOT-FOR-US: Apple
-CVE-2005-0339
+CVE-2005-0339 (Buffer overflow in Foxmail 2.0 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Foxmail
-CVE-2005-0338
+CVE-2005-0338 (Buffer overflow in Savant Web Server 3.1 allows remote attackers to ex ...)
 	NOT-FOR-US: Savant Web Server
-CVE-2005-0337
+CVE-2005-0337 (Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_ ...)
 	- postfix 2.1.4-5
-CVE-2005-0336
+CVE-2005-0336 (Cross-site scripting (XSS) vulnerability in EMotion MediaPartner Web S ...)
 	NOT-FOR-US: eMotion MediaPartner
-CVE-2005-0335
+CVE-2005-0335 (Directory traversal vulnerability in EMotion MediaPartner Web Server 5 ...)
 	NOT-FOR-US: eMotion MediaPartner
-CVE-2005-0334
+CVE-2005-0334 (Linksys PSUS4 running firmware 6032 allows remote attackers to cause a ...)
 	NOT-FOR-US: Linksys
-CVE-2005-0333
+CVE-2005-0333 (LANChat Pro Revival 1.666c allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: LanChat
-CVE-2005-0332
+CVE-2005-0332 (Directory traversal vulnerability in DeskNow Mail and Collaboration Se ...)
 	NOT-FOR-US: DeskNow Mail server
-CVE-2005-0331
+CVE-2005-0331 (Directory traversal vulnerability in WinRAR 3.42 and earlier, when the ...)
 	NOT-FOR-US: Winrar
-CVE-2005-0330
+CVE-2005-0330 (Buffer overflow in Painkiller 1.35 and earlier, and possibly other ver ...)
 	NOT-FOR-US: Painkiller
-CVE-2005-0329
+CVE-2005-0329 (Directory traversal vulnerability in ZipGenius 5.5 and earlier allows  ...)
 	NOT-FOR-US: ZipGenius
-CVE-2005-0328
+CVE-2005-0328 (Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest fir ...)
 	NOT-FOR-US: Netgear
-CVE-2005-0327
+CVE-2005-0327 (pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arb ...)
 	NOT-FOR-US: PafileDB
-CVE-2005-0326
+CVE-2005-0326 (pafiledb.php in PaFileDB 3.1 allows remote attackers to gain sensitive ...)
 	NOT-FOR-US: PafileDB
-CVE-2005-0325
+CVE-2005-0325 (Xpand Rally 1.0.0.0 allows remote attackers or remote malicious game s ...)
 	NOT-FOR-US: Xpand Rally
-CVE-2005-0324
+CVE-2005-0324 (Infinite Mobile Delivery Webmail 2.6 allows remote attackers to gain s ...)
 	NOT-FOR-US: Infinite Mobile Delivery Webmail
-CVE-2005-0323
+CVE-2005-0323 (Cross-site scripting (XSS) vulnerability in Infinite Mobile Delivery W ...)
 	NOT-FOR-US: Infinite Mobile Delivery Webmail
-CVE-2005-0322
+CVE-2005-0322 (MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server 7. ...)
 	NOT-FOR-US: Merak Mail server
-CVE-2005-0321
+CVE-2005-0321 (MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allows remote auth ...)
 	NOT-FOR-US: Merak Mail server
-CVE-2005-0320
+CVE-2005-0320 (Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6 ...)
 	NOT-FOR-US: Merak Mail server
-CVE-2005-0319
+CVE-2005-0319 (Direct remote injection vulnerability in modalfram.wdm in Alt-N WebAdm ...)
 	NOT-FOR-US: Webadmin
-CVE-2005-0318
+CVE-2005-0318 (useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validat ...)
 	NOT-FOR-US: Webadmin
-CVE-2005-0317
+CVE-2005-0317 (Cross-site scripting (XSS) vulnerability in useredit_account.wdm in Al ...)
 	NOT-FOR-US: Webadmin
-CVE-2005-0316
+CVE-2005-0316 (WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not ...)
 	NOT-FOR-US: WebWasher
-CVE-2005-0315
+CVE-2005-0315 (The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify ...)
 	NOT-FOR-US: Magic Winmail
-CVE-2005-0314
+CVE-2005-0314 (Cross-site scripting (XSS) vulnerability in user.php in Magic Winmail  ...)
 	NOT-FOR-US: Magic Winmail
-CVE-2005-0313
+CVE-2005-0313 (Multiple directory traversal vulnerabilities in Magic Winmail Server 4 ...)
 	NOT-FOR-US: Magic Winmail
-CVE-2005-0312
+CVE-2005-0312 (WarFTPD 1.82 RC9, when running as an NT service, allows remote authent ...)
 	NOT-FOR-US: WarFTPD under NT
-CVE-2005-0311
+CVE-2005-0311 (Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session  ...)
 	NOT-FOR-US: Ingate
-CVE-2005-0310
+CVE-2005-0310 (Exponent 0.95 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Exponent
-CVE-2005-0309
+CVE-2005-0309 (Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php o ...)
 	NOT-FOR-US: Exponent
-CVE-2005-0308
+CVE-2005-0308 (Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier a ...)
 	NOT-FOR-US: W32Dasm
-CVE-2005-0307
+CVE-2005-0307 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Me ...)
 	NOT-FOR-US: MercuryBoard
-CVE-2005-0306
+CVE-2005-0306 (MercuryBoard 1.1.1 allows remote attackers to gain sensitive informati ...)
 	NOT-FOR-US: MercuryBoard
-CVE-2005-0305
+CVE-2005-0305 (CRLF injection vulnerability in users.php in Siteman 1.1.10 and earlie ...)
 	NOT-FOR-US: Siteman
-CVE-2005-0304
+CVE-2005-0304 (Directory traversal vulnerability in DivX Player 2.6 and earlier allow ...)
 	NOT-FOR-US: DivX Player
-CVE-2005-0303
+CVE-2005-0303 (Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_su ...)
 	NOT-FOR-US: BackOffice Lite
-CVE-2005-0302
+CVE-2005-0302 (SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and  ...)
 	NOT-FOR-US: BackOffice Lite
-CVE-2005-0301
+CVE-2005-0301 (comersus_backoffice_install10.asp in BackOffice Lite 6.0 and 6.01 allo ...)
 	NOT-FOR-US: BackOffice Lite
-CVE-2005-0300
+CVE-2005-0300 (Directory traversal vulnerability in session.php in JSBoard 2.0.9 and  ...)
 	- jsboard 2.0.10-1
-CVE-2005-0299
+CVE-2005-0299 (Directory traversal vulnerability in GForge 3.3 and earlier allows rem ...)
 	- gforge 3.1-26
-CVE-2005-0298
+CVE-2005-0298 (The DIRECTORY objects in Oracle 8i through Oracle 10g contain the loca ...)
 	NOT-FOR-US: Oracle
-CVE-2005-0297
+CVE-2005-0297 (SQL injection vulnerability in Oracle Database 9i and 10g allows remot ...)
 	NOT-FOR-US: Oracle
 CVE-2005-0296
 	NOT-FOR-US: Novell
-CVE-2005-0295
+CVE-2005-0295 (npptnt2.sys in nProtect Gameguard provides unrestricted I/O to any pro ...)
 	NOT-FOR-US: nProtect
-CVE-2005-0294
+CVE-2005-0294 (minis.php in Minis 0.2.1 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Minis
-CVE-2005-0293
+CVE-2005-0293 (Directory traversal vulnerability in minis.php in Minis 0.2.1 allows r ...)
 	NOT-FOR-US: Minis
-CVE-2005-0292
+CVE-2005-0292 (Multiple SQL injection vulnerabilities in index.php in PHP Gift Regist ...)
 	NOT-FOR-US: phpGiftReg
-CVE-2005-0291
+CVE-2005-0291 (Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR  ...)
 	NOT-FOR-US: NetGear
-CVE-2005-0290
+CVE-2005-0290 (NETGEAR FVS318 running firmware 2.4, and possibly other versions, allo ...)
 	NOT-FOR-US: NetGear
-CVE-2005-0289
+CVE-2005-0289 (Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, confi ...)
 	NOT-FOR-US: Apple
-CVE-2005-0288
+CVE-2005-0288 (The change password functionality in Bottomline Webseries Payment Appl ...)
 	NOT-FOR-US: BottomLine WebSeries
-CVE-2005-0287
+CVE-2005-0287 (Bottomline Webseries Payment Application allows remote attackers to re ...)
 	NOT-FOR-US: BottomLine WebSeries
-CVE-2005-0286
+CVE-2005-0286 (eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to ...)
 	NOT-FOR-US: eMotion MediaPartner
-CVE-2005-0285
+CVE-2005-0285 (Webseries Payment Application does not properly restrict privileged op ...)
 	NOT-FOR-US: BottomLine WebSeries
-CVE-2005-0283
+CVE-2005-0283 (Directory traversal vulnerability in index.php in QwikiWiki allows rem ...)
 	NOT-FOR-US: QwikiWiki
-CVE-2005-0282
+CVE-2005-0282 (SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) al ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2005-0281
+CVE-2005-0281 (Cross-site scripting (XSS) vulnerability in the web interface in Soldn ...)
 	NOT-FOR-US: Soldner Secret
-CVE-2005-0280
+CVE-2005-0280 (Format string vulnerability in Soldner Secret Wars 30830 and earlier a ...)
 	NOT-FOR-US: Soldner Secret
-CVE-2005-0279
+CVE-2005-0279 (Soldner Secret Wars 30830 and earlier does not properly handle the "me ...)
 	NOT-FOR-US: Soldner Secret
-CVE-2005-0278
+CVE-2005-0278 (The FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attacke ...)
 	NOT-FOR-US: 3COM 3CDaemon
-CVE-2005-0277
+CVE-2005-0277 (Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 al ...)
 	NOT-FOR-US: 3COM 3CDaemon
-CVE-2005-0276
+CVE-2005-0276 (Multiple format string vulnerabilities in the FTP service in 3Com 3CDa ...)
 	NOT-FOR-US: 3COM 3CDaemon
-CVE-2005-0275
+CVE-2005-0275 (TFTP in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause ...)
 	NOT-FOR-US: 3COM 3CDaemon
-CVE-2005-0274
+CVE-2005-0274 (Multiple cross-site scripting (XSS) vulnerabilities in showgallery.php ...)
 	NOT-FOR-US: PhotoPost
-CVE-2005-0273
+CVE-2005-0273 (Multiple SQL injection vulnerabilities in showgallery.php in PhotoPost ...)
 	NOT-FOR-US: PhotoPost
-CVE-2005-0272
+CVE-2005-0272 (ReviewPost PHP Pro before 2.84 allows remote attackers to upload and e ...)
 	NOT-FOR-US: ReviewPost
-CVE-2005-0271
+CVE-2005-0271 (Multiple SQL injection vulnerabilities in ReviewPost PHP Pro before 2. ...)
 	NOT-FOR-US: ReviewPost
-CVE-2005-0270
+CVE-2005-0270 (Multiple cross-site scripting (XSS) vulnerabilities in ReviewPost PHP  ...)
 	NOT-FOR-US: ReviewPost
-CVE-2005-0269
+CVE-2005-0269 (The file extension check in GNUBoard 3.40 and earlier only verifies ex ...)
 	NOT-FOR-US: GNUBoard
-CVE-2005-0268
+CVE-2005-0268 (Direct code injection vulnerability in FlatNuke 2.5.1 allows remote at ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-0267
+CVE-2005-0267 (index.php in FlatNuke 2.5.1 allows remote attackers to create an admin ...)
 	NOT-FOR-US: FlatNuke
-CVE-2005-0266
+CVE-2005-0266 (Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X  ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2005-0265
+CVE-2005-0265 (Multiple SQL injection vulnerabilities in browse.php in OWL 0.7 and 0. ...)
 	NOT-FOR-US: OWL intranet
-CVE-2005-0264
+CVE-2005-0264 (Multiple cross-site scripting (XSS) vulnerabilities in browse.php in O ...)
 	NOT-FOR-US: OWL intranet
-CVE-2005-0263
+CVE-2005-0263 (Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users ...)
 	NOT-FOR-US: AIX
-CVE-2005-0262
+CVE-2005-0262 (Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local us ...)
 	NOT-FOR-US: AIX
-CVE-2005-0261
+CVE-2005-0261 (lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop p ...)
 	NOT-FOR-US: AIX
-CVE-2005-0260
+CVE-2005-0260 (Stack-based buffer overflow in the Discovery Service for BrightStor AR ...)
 	NOT-FOR-US: ARCserve Backup
-CVE-2005-0259
+CVE-2005-0259 (phpBB 2.0.11, and possibly other versions, with remote avatars and ava ...)
 	- phpbb2 2.0.12-1
-CVE-2005-0258
+CVE-2005-0258 (Directory traversal vulnerability in (1) usercp_register.php and (2) u ...)
 	- phpbb2 2.0.12-1
 CVE-2005-0257
 	RESERVED
-CVE-2005-0256
+CVE-2005-0256 (The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 all ...)
 	{DSA-705-1}
 	- wu-ftpd 2.6.2-19
-CVE-2005-0255
+CVE-2005-0255 (String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbi ...)
 	- mozilla-firefox 1.0.1
 	NOTE: didn't other with YA mozilla-browser bug, it has enough for 1.7.6 already..
 	- mozilla 2:1.7.6
-CVE-2005-0254
+CVE-2005-0254 (BibORB 1.3.2, and possibly earlier versions, does not properly enforce ...)
 	NOT-FOR-US: BibORB
-CVE-2005-0253
+CVE-2005-0253 (Directory traversal vulnerability in index.php for BibORB 1.3.2, and p ...)
 	NOT-FOR-US: BibORB
-CVE-2005-0252
+CVE-2005-0252 (SQL injection vulnerability in BibORB 1.3.2, and possibly earlier vers ...)
 	NOT-FOR-US: BibORB
-CVE-2005-0251
+CVE-2005-0251 (Cross-site scripting (XSS) vulnerability in bibindex.php for BibORB 1. ...)
 	NOT-FOR-US: BibORB
-CVE-2005-0250
+CVE-2005-0250 (Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5. ...)
 	NOT-FOR-US: AIX
-CVE-2005-0249
+CVE-2005-0249 (Heap-based buffer overflow in the DEC2EXE module for Symantec AntiViru ...)
 	NOT-FOR-US: Symantec AntiVirus Library
-CVE-2005-0248
+CVE-2005-0248 (The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when cre ...)
 	NOT-FOR-US: Solaris
-CVE-2005-0247
+CVE-2005-0247 (Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier m ...)
 	{DSA-683-1}
 	- postgresql 7.4.7-2
-CVE-2005-0246
+CVE-2005-0246 (The intagg contrib module for PostgreSQL 8.0.0 and earlier allows atta ...)
 	- postgresql 7.4.7-1
-CVE-2005-0245
+CVE-2005-0245 (Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow a ...)
 	{DSA-683-1}
 	- postgresql 7.4.7-1
-CVE-2005-0244
+CVE-2005-0244 (PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE  ...)
 	- postgresql 7.4.7-1
-CVE-2005-0243
+CVE-2005-0243 (Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0. ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2005-0242
+CVE-2005-0242 (The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and p ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2005-0241
+CVE-2005-0241 (The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 an ...)
 	- squid 2.5.7-7
-CVE-2005-0240
+CVE-2005-0240 (Format string vulnerability in chdev on IBM AIX 5.2 allows local users ...)
 	NOT-FOR-US: AIX
-CVE-2005-0239
+CVE-2005-0239 (viewcert.php in the S/MIME plugin 0.4 and 0.5 for Squirrelmail allows  ...)
 	NOT-FOR-US: S/MIME plugin
-CVE-2005-0238
+CVE-2005-0238 (The International Domain Name (IDN) support in Epiphany allows remote  ...)
 	NOTE: upstream bug https://bugzilla.mozilla.org/show_bug.cgi?id=281381
 	- epiphany-browser 1.4.8-2
-CVE-2005-0237
+CVE-2005-0237 (The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE  ...)
 	- kdelibs 4:3.3.2-3
-CVE-2005-0236
+CVE-2005-0236 (The International Domain Name (IDN) support in Omniweb 5 allows remote ...)
 	NOT-FOR-US: Omniweb
-CVE-2005-0235
+CVE-2005-0235 (The International Domain Name (IDN) support in Opera 7.54 allows remot ...)
 	NOT-FOR-US: Opera
-CVE-2005-0234
+CVE-2005-0234 (The International Domain Name (IDN) support in Safari 1.2.5 allows rem ...)
 	NOT-FOR-US: Safari
-CVE-2005-0233
+CVE-2005-0233 (The International Domain Name (IDN) support in Firefox 1.0, Camino .8. ...)
 	NOTE: IDN is now disabled by default in firefox, but there may be a more elegant
 	NOTE: solution in the future
 	- mozilla-firefox 1.0.1-1
 	- mozilla 2:1.7.6-1
-CVE-2005-0232
+CVE-2005-0232 (Firefox 1.0 allows remote attackers to modify Boolean configuration pa ...)
 	- mozilla-firefox 1.0+dfsg.1-6
-CVE-2005-0231
+CVE-2005-0231 (Firefox 1.0 does not invoke the Javascript Security Manager when a use ...)
 	- mozilla-firefox 1.0+dfsg.1-6
-CVE-2005-0230
+CVE-2005-0230 (Firefox 1.0 does not prevent the user from dragging an executable file ...)
 	NOTE: I don't know if this could work under Linux, anything I drag on the Desktop from firefox is convert to a Link
 	NOTE: "when it has an image/gif content type but has a dangerous extension such as .bat or .exe, allows remote attackers
 	NOTE: to ... execute arbitrary commands via malformed GIF files ... parsed by the Windows batch file parser
 	NOTE: any interpretor would require the file to be +x to execute it and then would spit if handed a GIF
 	NOTE: < vorlon> hacim: it's specific to Windows, home to the dumbest interpreter on the planet.
 	- mozilla-firefox <not-affected> (Affects only Firefox on Windows)
-CVE-2005-0229
+CVE-2005-0229 (CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file  ...)
 	NOT-FOR-US: CitrusDB
 CVE-2005-0228
 	REJECTED
-CVE-2005-0227
+CVE-2005-0227 (PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users ...)
 	{DSA-668-1}
 	- postgresql 7.4.7-1
-CVE-2005-0226
+CVE-2005-0226 (Format string vulnerability in the Log_Resolver function in log.c for  ...)
 	NOT-FOR-US: ngIRCd
-CVE-2005-0225
+CVE-2005-0225 (firehol.sh in FireHOL before 1.224 creates temporary files with predic ...)
 	- firehol 1.214-4
-CVE-2005-0224
+CVE-2005-0224 (Unknown vulnerability in HP-UX B.11.04 running Virtualvault 4.5 throug ...)
 	NOT-FOR-US: HP-UX
-CVE-2005-0223
+CVE-2005-0223 (The Software Development Kit (SDK) and Run Time Environment (RTE) 1.4. ...)
 	NOT-FOR-US: Java SDK and RTE for Tru64 UNIX
-CVE-2005-0222
+CVE-2005-0222 (main.php in Gallery 2.0 Alpha allows remote attackers to gain sensitiv ...)
 	- gallery 1.4.4-pl5-1
-CVE-2005-0221
+CVE-2005-0221 (Cross-site scripting (XSS) vulnerability in login.php in Gallery 2.0 A ...)
 	- gallery 1.4.4-pl5-1
-CVE-2005-0220
+CVE-2005-0220 (Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 a ...)
 	- gallery 1.4.4-pl5-1
-CVE-2005-0219
+CVE-2005-0219 (Multiple cross-site scripting (XSS) vulnerabilities in Gallery 1.3.4-p ...)
 	- gallery 1.4.4-pl5-1
-CVE-2005-0217
+CVE-2005-0217 (SQL injection vulnerability in index.php in Invision Community Blog al ...)
 	NOT-FOR-US: Invision Community Blog
-CVE-2005-0216
+CVE-2005-0216 (Cross-site scripting (XSS) vulnerability in formmail.php in Woltlab Bu ...)
 	NOT-FOR-US: Woltlab Burning Board Lite
-CVE-2005-0215
+CVE-2005-0215 (Mozilla 1.6 and possibly other versions allows remote attackers to cau ...)
 	- mozilla <not-affected> (Mozilla 1.6 for Windows)
-CVE-2005-0214
+CVE-2005-0214 (Directory traversal vulnerability in Simple PHP Blog (SPHPBlog) 0.3.7c ...)
 	NOT-FOR-US: SPHPBlog
-CVE-2005-0213
+CVE-2005-0213 (Directory traversal vulnerability in WinHKI 1.4d allows remote attacke ...)
 	NOT-FOR-US: WinHKI
-CVE-2005-0212
+CVE-2005-0212 (The Amp II engine as used by Gore: Ultimate Soldier 1.50 and earlier a ...)
 	NOT-FOR-US: The Amp II engine as used by Gore: Ultimate Soldier
-CVE-2005-0211
+CVE-2005-0211 (Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remot ...)
 	{DSA-667-1}
 	- squid 2.5.7-6
-CVE-2005-0210
+CVE-2005-0210 (Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a de ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	[sarge] - kernel-source-2.6.8 2.6.8-15
 	- kernel-source-2.4.27 2.4.27-9 (bug #300838)
-CVE-2005-0209
+CVE-2005-0209 (Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a d ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-9
-CVE-2005-0208
+CVE-2005-0208 (The HTML parsing functions in Gaim before 1.1.4 allow remote attackers ...)
 	- gaim 1:1.1.4
-CVE-2005-0207
+CVE-2005-0207 (Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows N ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2005-0206
+CVE-2005-0206 (The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CV ...)
 	- xpdf <not-affected> (Initial Debian fix was already correct)
 	- gpdf <not-affected> (Initial Debian fix was already correct)
 	- kdegraphics <not-affected> (Initial Debian fix was already correct)
@@ -11030,85 +11030,85 @@ CVE-2005-0206
 	- cupsys 1.1.22-7
 	NOTE: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135393
 	NOTE: cupsys uses an external xpdf now.
-CVE-2005-0205
+CVE-2005-0205 (KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain  ...)
 	{DSA-692-1}
 	- kdenetwork 4:3.1.6
-CVE-2005-0204
+CVE-2005-0204 (Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T a ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 2.4.27-9 (bug #296700; high)
 CVE-2005-0203
 	REJECTED
-CVE-2005-0202
+CVE-2005-0202 (Directory traversal vulnerability in the true_path function in private ...)
 	{DSA-674-1}
 	- mailman 2.1.5-6
-CVE-2005-0201
+CVE-2005-0201 (D-BUS (dbus) before 0.22 does not properly restrict access to a socket ...)
 	- dbus 0.22
-CVE-2005-0200
+CVE-2005-0200 (TikiWiki before 1.8.5 does not properly validate files that have been  ...)
 	NOT-FOR-US: TikiWiki
-CVE-2005-0199
+CVE-2005-0199 (Integer underflow in the Lists_MakeMask() function in lists.c in ngIRC ...)
 	NOT-FOR-US: ngIRCd
-CVE-2005-0197
+CVE-2005-0197 (Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Labe ...)
 	NOT-FOR-US: Cisco
-CVE-2005-0196
+CVE-2005-0196 (Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp lo ...)
 	NOT-FOR-US: Cisco
-CVE-2005-0195
+CVE-2005-0195 (Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Cisco
-CVE-2005-0194
+CVE-2005-0194 (Squid 2.5, when processing the configuration file, parses empty Access ...)
 	{DSA-667-1}
 	- squid 2.5.7-7
-CVE-2005-0193
+CVE-2005-0193 (Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync  ...)
 	NOT-FOR-US: mRouter in iSync in OS X
-CVE-2005-0192
+CVE-2005-0192 (Directory traversal vulnerability in the parsing of Skin file names in ...)
 	NOT-FOR-US: RealPlayer
-CVE-2005-0191
+CVE-2005-0191 (Off-by-one buffer overflow in the processing of tags in Real Metadata  ...)
 	NOT-FOR-US: RealPlayer
-CVE-2005-0190
+CVE-2005-0190 (Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and ...)
 	NOT-FOR-US: RealPlayer
-CVE-2005-0189
+CVE-2005-0189 (Stack-based buffer overflow in the HandleAction function in RealPlayer ...)
 	NOT-FOR-US: RealPlayer
-CVE-2005-0188
+CVE-2005-0188 (Format string vulnerability in the SetBaseURL function in AtHoc toolba ...)
 	NOT-FOR-US: AtHoc toolbar
-CVE-2005-0187
+CVE-2005-0187 (Stack-based buffer overflow in the SetSkin function in AtHoc toolbar a ...)
 	NOT-FOR-US: AtHoc toolbar
-CVE-2005-0186
+CVE-2005-0186 (Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS T ...)
 	NOT-FOR-US: Cisco
-CVE-2005-0185
+CVE-2005-0185 (Stack-based buffer overflow in NodeManager Professional 2.00 allows re ...)
 	NOT-FOR-US: NodeManager Professional
-CVE-2005-0184
+CVE-2005-0184 (Directory traversal vulnerability in ftpfile in the Vacation plugin 0. ...)
 	NOT-FOR-US: vacation plugin
-CVE-2005-0183
+CVE-2005-0183 (ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail allow ...)
 	NOT-FOR-US: vacation plugin
-CVE-2005-0182
+CVE-2005-0182 (The mod_dosevasive module 1.9 and earlier for Apache creates temporary ...)
 	NOT-FOR-US: mod_dosevasive module for apache
 CVE-2005-0181
 	RESERVED
-CVE-2005-0180
+CVE-2005-0180 (Multiple integer signedness errors in the sg_scsi_ioctl function in sc ...)
 	[sarge] - kernel-source-2.6.8 2.6.8-12
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
 	- kernel-source-2.4.27 <not-affected> (intlen and outlen are unsigned in 2.4)
-CVE-2005-0179
+CVE-2005-0179 (Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of s ...)
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code was only introduced in 2.6.9)
 	- linux-2.6 <not-affected> (Fixed before initial release)
-CVE-2005-0178
+CVE-2005-0178 (Race condition in the setsid function in Linux before 2.6.8.1 allows l ...)
 	- kernel-source-2.4.27 <not-affected> (v2.4 is safe because back there current->signal was not shared.)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.8.1)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2005-0177
+CVE-2005-0177 (nls_ascii.c in Linux before 2.6.8.1 uses an incorrect table size, whic ...)
 	- kernel-source-2.4.27 <not-affected> (According to joshk, doesn't apply to 2.4.27)
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.8.1)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2005-0176
+CVE-2005-0176 (The shmctl function in Linux 2.6.9 and earlier allows local users to u ...)
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
-CVE-2005-0218
+CVE-2005-0218 (ClamAV 0.80 and earlier allows remote attackers to bypass virus scanni ...)
 	- clamav 0.81
-CVE-2005-0198
+CVE-2005-0198 (A logic error in the CRAM-MD5 code for the University of Washington IM ...)
 	- uw-imap 7:2002edebian1-6
-CVE-2005-0175
+CVE-2005-0175 (Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cach ...)
 	{DSA-667-1}
 	- squid 2.5.7-6
-CVE-2005-0174
+CVE-2005-0174 (Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cach ...)
 	- squid 2.5.7-6
-CVE-2005-0173
+CVE-2005-0173 (squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated u ...)
 	{DSA-667-1}
 	- squid 2.5.7-4
 CVE-2005-0172
@@ -11131,255 +11131,255 @@ CVE-2005-0164
 	RESERVED
 CVE-2005-0163
 	RESERVED
-CVE-2005-0162
+CVE-2005-0162 (Stack-based buffer overflow in the get_internal_addresses function in  ...)
 	- openswan 2.3.0-2
 	- freeswan <not-affected>
-CVE-2005-0161
+CVE-2005-0161 (Multiple directory traversal vulnerabilities in unace 1.2b allow attac ...)
 	- unace 1.2b-3
-CVE-2005-0160
+CVE-2005-0160 (Multiple buffer overflows in unace 1.2b allow attackers to execute arb ...)
 	- unace 1.2b-3
-CVE-2005-0159
+CVE-2005-0159 (The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian GNU ...)
 	{DSA-679-1}
 	- toolchain-source 3.4-5
-CVE-2005-0158
+CVE-2005-0158 (Format string vulnerability in bidwatcher before 1.3.17 allows remote  ...)
 	{DSA-687-1}
 	- bidwatcher 1.3.17-1
-CVE-2005-0157
+CVE-2005-0157 (The confirm add-on in SmartList 3.15 and earlier allows attackers to s ...)
 	{DSA-720-1}
 	- smartlist 3.15-18
-CVE-2005-0156
+CVE-2005-0156 (Buffer overflow in the PerlIO implementation in Perl 5.8.0, when insta ...)
 	- perl 5.8.4-6
-CVE-2005-0155
+CVE-2005-0155 (The PerlIO implementation in Perl 5.8.0, when installed with setuid su ...)
 	- perl 5.8.4-6
 	- mooix 1.0rc5.pre4
 CVE-2005-0154
 	RESERVED
 CVE-2005-0153
 	RESERVED
-CVE-2005-0152
+CVE-2005-0152 (PHP remote file inclusion vulnerability in Squirrelmail 1.2.6 allows r ...)
 	{DSA-662-1}
 	- squirrelmail 1:1.2.7-1
 	NOTE: This bug exists only in version 1.2.6.
-CVE-2005-0151
+CVE-2005-0151 (Unknown vulnerability in the installation of Adobe License Management  ...)
 	NOT-FOR-US: Adobe License Management Software
-CVE-2005-0150
+CVE-2005-0150 (Firefox before 1.0 allows the user to store a (1) javascript: or (2) d ...)
 	- mozilla-firefox 1.0
-CVE-2005-0149
+CVE-2005-0149 (Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obe ...)
 	- mozilla-thunderbird 0.7
 	- mozilla 2:1.7.4
-CVE-2005-0148
+CVE-2005-0148 (Thunderbird before 0.9, when running on Windows systems, uses the defa ...)
 	- mozilla-thunderbird <not-affected> (Affects only Thunderbird on Windows)
-CVE-2005-0147
+CVE-2005-0147 (Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a  ...)
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2005-0146
+CVE-2005-0146 (Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to  ...)
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2005-0145
+CVE-2005-0145 (Firefox before 1.0 does not properly distinguish between user-generate ...)
 	- mozilla-firefox 1.0
-CVE-2005-0144
+CVE-2005-0144 (Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lo ...)
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2005-0143
+CVE-2005-0143 (Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon  ...)
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2005-0142
+CVE-2005-0142 (Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozill ...)
 	- mozilla-firefox 1.0
 	- mozilla-thunderbird 0.7
 	- mozilla 2:1.7.5
-CVE-2005-0141
+CVE-2005-0141 (Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to  ...)
 	- mozilla-firefox 1.0
 	- mozilla 2:1.7.5
-CVE-2005-0140
+CVE-2005-0140 (Buffer overflow in PeID allows attackers to execute arbitrary code via ...)
 	NOT-FOR-US: PeID
-CVE-2005-0139
+CVE-2005-0139 (Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6. ...)
 	NOT-FOR-US: Irix
-CVE-2005-0138
+CVE-2005-0138 (rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly a ...)
 	NOT-FOR-US: Irix
-CVE-2005-0137
+CVE-2005-0137 (Linux kernel 2.6 on Itanium (ia64) architectures allows local users to ...)
 	- linux-2.6 <not-affected>
 	- kernel-source-2.4.27 2.4.27-10 (bug #308584)
-CVE-2005-0136
+CVE-2005-0136 (The Linux kernel before 2.6.11 on the Itanium IA64 platform has certai ...)
 	[sarge] - kernel-source-2.6.8 2.6.8-14
 	- linux-2.6 2.6.11
-CVE-2005-0135
+CVE-2005-0135 (The unw_unwind_to_user function in unwind.c on Itanium (ia64) architec ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1067-1}
 	- linux-2.6 <not-affected>
 	[sarge] - kernel-source-2.6.8 2.6.8-14
-CVE-2005-0134
+CVE-2005-0134 (The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly ...)
 	NOT-FOR-US: SCO UnixWare
-CVE-2005-0133
+CVE-2005-0133 (ClamAV 0.80 and earlier allows remote attackers to cause a denial of s ...)
 	- clamav 0.80-0.81rc1-1
 CVE-2005-0132
 	RESERVED
-CVE-2005-0131
+CVE-2005-0131 (The Quick Connection dialog in Konversation 0.15 inadvertently uses th ...)
 	- konversation 0.15-3
-CVE-2005-0130
+CVE-2005-0130 (Certain Perl scripts in Konversation 0.15 allow remote attackers to ex ...)
 	- konversation 0.15-3
-CVE-2005-0129
+CVE-2005-0129 (The Quick Buttons feature in Konversation 0.15 allows remote attackers ...)
 	- konversation 0.15-3
 CVE-2005-0128
 	REJECTED
-CVE-2005-0127
+CVE-2005-0127 (Mail in Mac OS X 10.3.7, when generating a Message-ID header, generate ...)
 	NOT-FOR-US: MacOS
-CVE-2005-0126
+CVE-2005-0126 (ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute ar ...)
 	NOT-FOR-US: MacOS
-CVE-2005-0125
+CVE-2005-0125 (The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop  ...)
 	NOT-FOR-US: MacOS
-CVE-2005-0124
+CVE-2005-0124 (The coda_pioctl function in the coda functionality (pioctl.c) for Linu ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1 DSA-1017-1}
 	- linux-2.6 2.6.12-1
 CVE-2005-0123
 	REJECTED
 CVE-2005-0122
 	REJECTED
-CVE-2005-0121
+CVE-2005-0121 (Multiple buffer overflows in golddig 2.0 and earlier allow local users ...)
 	NOT-FOR-US: golddig
-CVE-2005-0120
+CVE-2005-0120 (helvis 1.8h2_1 and earlier allows local users to delete arbitrary file ...)
 	NOT-FOR-US: helvis
-CVE-2005-0119
+CVE-2005-0119 (helvis 1.8h2_1 and earlier allows local users to recover and read the  ...)
 	NOT-FOR-US: helvis
-CVE-2005-0118
+CVE-2005-0118 (helvis 1.8h2_1 and earlier stores recovery files in world readable dir ...)
 	NOT-FOR-US: helvis
-CVE-2005-0117
+CVE-2005-0117 (Buffer overflow in XShisen before 1.36 allows local users to execute a ...)
 	- xshisen 1.51-1-1.1 (bug #289784)
-CVE-2005-0116
+CVE-2005-0116 (AWStats 6.1, and other versions before 6.3, allows remote attackers to ...)
 	- awstats 6.2-1.1
-CVE-2005-0115
+CVE-2005-0115 (Stack-based buffer overflow in DataRescue Interactive Disassembler (ID ...)
 	NOT-FOR-US: DataRescue Interactive Disassembler
-CVE-2005-0114
+CVE-2005-0114 (vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wirel ...)
 	NOT-FOR-US: ZoneAlarm
-CVE-2005-0113
+CVE-2005-0113 (inpview in SGI IRIX allows local users to execute arbitrary commands v ...)
 	NOT-FOR-US: IRIX
-CVE-2005-0112
+CVE-2005-0112 (The web-based administrative interface for 3Com OfficeConnect Wireless ...)
 	NOT-FOR-US: 3Com OfficeConnect Wireless 11g Access Point
-CVE-2005-0111
+CVE-2005-0111 (Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7 ...)
 	- maxdb-7.5.00 7.5.00.18
-CVE-2005-0110
+CVE-2005-0110 (Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypas ...)
 	NOT-FOR-US: MSIE
-CVE-2005-0109
+CVE-2005-0109 (Hyper-Threading technology, as used in FreeBSD and other operating sys ...)
 	NOTE: According to Linus Torvalds and others on linux-kernel this is a theoretical
 	NOTE: attack, paranoid people should disable hyper threading
 	- kfreebsd5-source 5.3-11
-CVE-2005-0108
+CVE-2005-0108 (Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malic ...)
 	{DSA-659-1}
 	- libapache-mod-auth-radius 1.5.7-6
 	- libpam-radius-auth 1.3.16-3
-CVE-2005-0107
+CVE-2005-0107 (bsmtpd 2.3 and earlier does not properly sanitize e-mail addresses, wh ...)
 	{DSA-690-1}
 	- bsmtpd 2.3pl8b-16
-CVE-2005-0106
+CVE-2005-0106 (SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file ...)
 	- libnet-ssleay-perl 1.25-1.1
-CVE-2005-0105
+CVE-2005-0105 (Unknown vulnerability in typespeed 0.4.1 and earlier allows local user ...)
 	{DSA-684-1}
 	- typespeed 0.4.4-8
-CVE-2005-0104
+CVE-2005-0104 (Cross-site scripting (XSS) vulnerability in webmail.php in SquirrelMai ...)
 	{DSA-662-1}
 	- squirrelmail 2:1.4.4
-CVE-2005-0103
+CVE-2005-0103 (PHP remote file inclusion vulnerability in webmail.php in SquirrelMail ...)
 	- squirrelmail 2:1.4.4-1
-CVE-2005-0102
+CVE-2005-0102 (Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier a ...)
 	{DSA-673-1}
 	- evolution 2.0.3-1.2 (bug #295548)
-CVE-2005-0101
+CVE-2005-0101 (Buffer overflow in the socket_getline function in Newspost 2.1.1 and e ...)
 	- newspost 2.1.1-2
-CVE-2005-0100
+CVE-2005-0100 (Format string vulnerability in the movemail utility in (1) Emacs 20.x, ...)
 	{DSA-685-1 DSA-671-1 DSA-670-1}
 	- emacs21 21.3+1-9
 	- xemacs21 21.4.16-2
-CVE-2005-0099
+CVE-2005-0099 (The SDL port of abuse (abuse-SDL) before 2.00 does not properly drop p ...)
 	{DSA-691-1}
 	- abuse <removed>
-CVE-2005-0098
+CVE-2005-0098 (Multiple buffer overflows in the SDL port of abuse (abuse-SDL) before  ...)
 	{DSA-691-1}
 	- abuse <removed>
-CVE-2005-0097
+CVE-2005-0097 (The NTLM component in Squid 2.5.STABLE7 and earlier allows remote atta ...)
 	- squid 2.5.7-4
-CVE-2005-0096
+CVE-2005-0096 (Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and ...)
 	- squid 2.5.7-4
-CVE-2005-0095
+CVE-2005-0095 (The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows  ...)
 	{DSA-651-1}
 	- squid 2.5.7-4
-CVE-2005-0094
+CVE-2005-0094 (Buffer overflow in the gopherToHTML function in the Gopher reply parse ...)
 	{DSA-651-1}
 	- squid 2.5.7-4
 CVE-2005-0093
 	REJECTED
-CVE-2005-0092
+CVE-2005-0092 (Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB ...)
 	- linux-2.6 <not-affected> (Apparently specific to Red hat hugemem kernel)
-CVE-2005-0091
+CVE-2005-0091 (Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB ...)
 	- linux-2.6 <not-affected> (Apparently specific to Red hat hugemem kernel)
-CVE-2005-0090
+CVE-2005-0090 (A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB sp ...)
 	- linux-2.6 <not-affected> (Apparently specific to Red hat hugemem kernel)
-CVE-2005-0089
+CVE-2005-0089 (The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, ...)
 	{DSA-666-1}
 	- python2.2 2.2.3-14
 	- python2.3 2.3.4+2.3.5c1-2
 	- python2.4 2.4-5
-CVE-2005-0088
+CVE-2005-0088 (The publisher handler for mod_python 2.7.8 and earlier allows remote a ...)
 	{DSA-689-1}
 	- libapache2-mod-python 3.1.3-3
 	- libapache-mod-python 2:2.7.10-4
-CVE-2005-0087
+CVE-2005-0087 (The alsa-lib package in Red Hat Linux 4 disables stack protection for  ...)
 	NOTE: debian does not have stack protection, but it's fixed anyway since 1.0.9
 	- alsa-lib 1.0.9-1 (unimportant)
-CVE-2005-0086
+CVE-2005-0086 (Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allow ...)
 	- less <not-affected> (Red Hat specific less bug)
-CVE-2005-0085
+CVE-2005-0085 (Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3. ...)
 	{DSA-680-1}
 	- htdig 1:3.1.6-11 (bug #305996)
-CVE-2005-0084
+CVE-2005-0084 (Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 ...)
 	{DSA-653-1}
 	- ethereal 0.10.9-1
-CVE-2005-0083
+CVE-2005-0083 (MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and othe ...)
 	- maxdb-7.5.00 7.5.00.24-1
-CVE-2005-0082
+CVE-2005-0082 (The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other ver ...)
 	- maxdb-7.5.00 7.5.00.21-1
-CVE-2005-0081
+CVE-2005-0081 (MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote ...)
 	- maxdb-7.5.00 7.5.00.21-1
-CVE-2005-0080
+CVE-2005-0080 (The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 ...)
 	- mailman 2.1.5-5
-CVE-2005-0079
+CVE-2005-0079 (Buffer overflow in xtrlock 2.0 allows local users to cause a denial of ...)
 	{DSA-649-1}
 	- xtrlock 2.0-9
-CVE-2005-0078
+CVE-2005-0078 (The KDE screen saver in KDE before 3.0.5 does not properly check the r ...)
 	{DSA-660-1}
 	- kdebase 4:3.0.5
-CVE-2005-0077
+CVE-2005-0077 (The DBI library (libdbi-perl) for Perl allows local users to overwrite ...)
 	{DSA-658-1}
 	- libdbi-perl 1.46-6
-CVE-2005-0076
+CVE-2005-0076 (Multiple buffer overflows in the XView library 3.2 may allow local use ...)
 	{DSA-672-1}
 	- xview 3.2p1.4-19
-CVE-2005-0075
+CVE-2005-0075 (prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, ...)
 	- squirrelmail 2:1.4.4-1
-CVE-2005-0074
+CVE-2005-0074 (Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to exec ...)
 	{DSA-676-1}
 	- xpcd 2.08-11.1 (bug #294793)
-CVE-2005-0073
+CVE-2005-0073 (Buffer overflow in queue.c in a support script for sympa 3.3.3, when r ...)
 	{DSA-677-1}
 	- sympa 4.1.2-2.1
-CVE-2005-0072
+CVE-2005-0072 (zhcon before 0.2 does not drop privileges before reading a user config ...)
 	{DSA-655-1}
 	- zhcon 1:0.2.3-8.1 (bug #292210)
-CVE-2005-0071
+CVE-2005-0071 (vdr before 1.2.6 does not securely create files, which allows attacker ...)
 	{DSA-656-1}
 	- vdr 1.2.6-6
-CVE-2005-0070
+CVE-2005-0070 (Synaesthesia 2.1 and earlier, and possibly other versions, when instal ...)
 	{DSA-681-1}
 	- synaesthesia 2.1-3
 	NOTE: does not apply for sarge, program is not setuid anymore
-CVE-2005-0069
+CVE-2005-0069 (The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local user ...)
 	- vim 1:6.3-058+1
-CVE-2005-0068
+CVE-2005-0068 (The original design of ICMP does not require authentication for host-g ...)
 	NOTE: general icmp design error
-CVE-2005-0067
+CVE-2005-0067 (The original design of TCP does not require that port numbers be assig ...)
 	NOTE: general tcp design error, no indication it affects linux
-CVE-2005-0066
+CVE-2005-0066 (The original design of TCP does not check that the TCP Acknowledgement ...)
 	NOTE: general tcp design error
-CVE-2005-0065
+CVE-2005-0065 (The original design of TCP does not check that the TCP sequence number ...)
 	NOTE: general tcp design error
-CVE-2005-0064
+CVE-2005-0064 (Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc fo ...)
 	{DSA-648-1 DSA-645-1}
 	- xpdf 3.00-13
 	- gpdf 2.8.2-1.2
@@ -11391,72 +11391,72 @@ CVE-2005-0064
 	NOTE: cupsys switched to an xpdf-utils wrapper in version 1.1.22-6.
 	NOTE: In version 1.1.23-13, the dormant code in the source
 	NOTE: package was fixed.
-CVE-2005-0063
+CVE-2005-0063 (The document processing application used by the Windows Shell in Micro ...)
 	NOT-FOR-US: Microsoft
 CVE-2005-0062
 	RESERVED
-CVE-2005-0061
+CVE-2005-0061 (The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0060
+CVE-2005-0060 (Buffer overflow in the font processing component of Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0059
+CVE-2005-0059 (Buffer overflow in the Message Queuing component of Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0058
+CVE-2005-0058 (Buffer overflow in the Telephony Application Programming Interface (TA ...)
 	NOT-FOR-US: TAPI for Windows
-CVE-2005-0057
+CVE-2005-0057 (The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0056
+CVE-2005-0056 (Internet Explorer 5.01, 5.5, and 6 does not properly validate certain  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0055
+CVE-2005-0055 (Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0054
+CVE-2005-0054 (Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a  ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0053
+CVE-2005-0053 (Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute  ...)
 	NOT-FOR-US: Microsoft
 CVE-2005-0052
 	RESERVED
-CVE-2005-0051
+CVE-2005-0051 (The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remot ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0050
+CVE-2005-0050 (The License Logging service for Windows NT Server, Windows 2000 Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0049
+CVE-2005-0049 (Windows SharePoint Services and SharePoint Team Services for Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0048
+CVE-2005-0048 (Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0047
+CVE-2005-0047 (Windows 2000, XP, and Server 2003 does not properly "validate the use  ...)
 	NOT-FOR-US: Microsoft
 CVE-2005-0046
 	RESERVED
-CVE-2005-0045
+CVE-2005-0045 (The Server Message Block (SMB) implementation for Windows NT 4.0, 2000 ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0044
+CVE-2005-0044 (The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchan ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-0043
+CVE-2005-0043 (Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute ...)
 	NOT-FOR-US: iTunes
 CVE-2005-0042
 	RESERVED
 CVE-2005-0041
 	RESERVED
-CVE-2005-0040
+CVE-2005-0040 (Multiple cross-site scripting (XSS) vulnerabilities in DotNetNuke befo ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2005-0039
+CVE-2005-0039 (Certain configurations of IPsec, when using Encapsulating Security Pay ...)
 	NOTE: These are known issues of IPSEC and basically every VPN system using
 	NOTE: encryption without authentication.
 	NOTE: openswan even prevents such configurations
-CVE-2005-0038
+CVE-2005-0038 (The DNS implementation of PowerDNS 2.9.16 and earlier allows remote at ...)
 	- pdns 2.9.17-1
-CVE-2005-0037
+CVE-2005-0037 (The DNS implementation of DNRD before 2.10 allows remote attackers to  ...)
 	NOT-FOR-US: dnrd
-CVE-2005-0036
+CVE-2005-0036 (The DNS implementation in DeleGate 8.10.2 and earlier allows remote at ...)
 	NOT-FOR-US: DeleGate
-CVE-2005-0035
+CVE-2005-0035 (The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and ea ...)
 	NOT-FOR-US: Adobe
-CVE-2005-0034
+CVE-2005-0034 (An "incorrect assumption" in the authvalidated validator function in B ...)
 	- bind9 1:9.3.1
 	[woody] - bind9 <not-affected>
 	[sarge] - bind9 <not-affected>
 	NOTE: only affects bind9 9.3.0, sarge and woody have an earlier versions
-CVE-2005-0033
+CVE-2005-0033 (Buffer overflow in the code for recursion and glue fetching in BIND 8. ...)
 	- bind 1:8.4.6-1
 CVE-2005-0032
 	RESERVED
@@ -11476,69 +11476,69 @@ CVE-2005-0025
 	RESERVED
 CVE-2005-0024
 	RESERVED
-CVE-2005-0023
+CVE-2005-0023 (gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to sp ...)
 	- gnome-libs <unfixed> (bug #329156; unimportant)
 	- vte <unfixed> (bug #330907; unimportant)
 	NOTE: Not considered a security problem, see #329156
-CVE-2005-0022
+CVE-2005-0022 (Buffer overflow in the spa_base64_to_bits function in Exim before 4.43 ...)
 	- exim4 4.34-10
-CVE-2005-0021
+CVE-2005-0021 (Multiple buffer overflows in Exim before 4.43 may allow attackers to e ...)
 	{DSA-637-1 DSA-635-1}
 	- exim4 4.34-10
 	- exim 3.36-13 (bug #290036)
 	- exim-tls <removed>
-CVE-2005-0020
+CVE-2005-0020 (Buffer overflow in playmidi before 2.4 allows local users to execute a ...)
 	{DSA-641-1}
 	- playmidi 2.4debian-3
-CVE-2005-0019
+CVE-2005-0019 (Unknown vulnerability in hztty 2.0 and earlier allows local users to e ...)
 	{DSA-675-1}
 	- hztty 2.0-6.1
-CVE-2005-0018
+CVE-2005-0018 (The f2 shell script in the f2c package 3.1 allows local users to read  ...)
 	{DSA-661-2}
 	- f2c 20020621-3.4 (bug #292792)
-CVE-2005-0017
+CVE-2005-0017 (The f2c translator in the f2c package 3.1 allows local users to read a ...)
 	{DSA-661-2}
 	- f2c 20020621-3.4 (bug #292792)
-CVE-2005-0016
+CVE-2005-0016 (Buffer overflow in the exported_display function in xatitv in gatos be ...)
 	{DSA-640-1}
 	- gatos 0.0.5-15
-CVE-2005-0015
+CVE-2005-0015 (diatheke.pl in Sword 1.5.7a allows remote attackers to execute arbitra ...)
 	{DSA-650-1}
 	- sword 1.5.7-7 (bug #291433)
-CVE-2005-0014
+CVE-2005-0014 (Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malici ...)
 	- ncpfs 2.2.6-1
-CVE-2005-0013
+CVE-2005-0013 (nwclient.c in ncpfs before 2.2.6 does not drop root privileges before  ...)
 	{DSA-665-1}
 	- ncpfs 2.2.6-1
-CVE-2005-0012
+CVE-2005-0012 (Format string vulnerability in the a_Interface_msg function in Dillo b ...)
 	- dillo 0.8.3-1
-CVE-2005-0011
+CVE-2005-0011 (Multiple vulnerabilities in fliccd, when installed setuid root as part ...)
 	- kdeedu 4:3.3.2-2
-CVE-2005-0010
+CVE-2005-0010 (Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through ...)
 	- ethereal 0.10.9-1
-CVE-2005-0009
+CVE-2005-0009 (Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 thr ...)
 	- ethereal 0.10.9-1
-CVE-2005-0008
+CVE-2005-0008 (Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through  ...)
 	- ethereal 0.10.9-1
-CVE-2005-0007
+CVE-2005-0007 (Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through ...)
 	- ethereal 0.10.9-1
-CVE-2005-0006
+CVE-2005-0006 (The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote att ...)
 	- ethereal 0.10.9-1
-CVE-2005-0005
+CVE-2005-0005 (Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and  ...)
 	{DSA-646-1}
 	- imagemagick 6:6.0.6.2-2.1 (bug #291118; bug #291033)
-CVE-2005-0004
+CVE-2005-0004 (The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.1 ...)
 	{DSA-647-1}
 	- mysql-dfsg-4.1 4.1.8a-6
 	- mysql-dfsg 4.0.23-3
-CVE-2005-0003
+CVE-2005-0003 (The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit ar ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.10)
 	- kernel-source-2.4.27 2.4.27-9
 	[sarge] - kernel-source-2.6.8 2.6.8-9
-CVE-2005-0002
+CVE-2005-0002 (poppassd_pam 1.0 and earlier, when changing a user password, does not  ...)
 	NOT-FOR-US: poppassd_pam
-CVE-2005-0001
+CVE-2005-0001 (Race condition in the page fault handler (fault.c) for Linux kernel 2. ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	NOTE: i386 and smp specific
 	- linux-2.6 <not-affected> (Fixed before upload into archive)
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index b4d22a4abd..f24c30bd61 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -1,10 +1,10 @@
-CVE-2006-7253
+CVE-2006-7253 (GE Healthcare Infinia II has a default password of (1) infinia for the ...)
 	NOT-FOR-US: GE Healthcare Infinia II
-CVE-2006-7252
+CVE-2006-7252 (Integer overflow in the calloc function in libc/stdlib/malloc.c in jem ...)
 	NOT-FOR-US: NetBSD/FreeBSD libc
 CVE-2006-7251
 	RESERVED
-CVE-2006-7250
+CVE-2006-7250 (The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t  ...)
 	{DSA-2454-1}
 	- openssl 1.0.0h-1
 	NOTE: DSA addressed it in patch for CVE-2012-1165
@@ -12,7 +12,7 @@ CVE-2006-7249
 	REJECTED
 CVE-2006-7248
 	REJECTED
-CVE-2006-7247
+CVE-2006-7247 (SQL injection vulnerability in the Weblinks (com_weblinks) component f ...)
 	NOT-FOR-US: Joomla!
 CVE-2006-7246
 	RESERVED
@@ -21,72 +21,72 @@ CVE-2006-7246
 	- network-manager 0.9.4.0-1
 	[squeeze] - network-manager <no-dsa> (Minor issue)
 	NOTE: might be fixed earlier; I checked the source versions in Wheezy
-CVE-2006-7245
+CVE-2006-7245 (Monkey's Audio before 4.01b2 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Monkey's Audio
-CVE-2006-7244
+CVE-2006-7244 (Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions be ...)
 	- libpng 1.2.39-1 (unimportant)
-CVE-2006-7243
+CVE-2006-7243 (PHP before 5.3.4 accepts the \0 character in a pathname, which might a ...)
 	- php5 5.3.3-6 (low)
 	NOTE: old, known, issue -- partial protection by the suhosin extension
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=305507
-CVE-2006-7242
+CVE-2006-7242 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine  ...)
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2006-7241
+CVE-2006-7241 (The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) ...)
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2006-7240
+CVE-2006-7240 (gnome-power-manager 2.14.0 does not properly implement the lock_on_sus ...)
 	- gnome-power-manager 2.28.0-1 (unimportant)
-CVE-2006-7239
+CVE-2006-7239 (The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c ...)
 	- gnutls26 <not-affected> (fix is present in lenny/sid; fixed originally in upstream 1.4.2, which precedes 26)
-CVE-2006-7238
+CVE-2006-7238 (Cross-site scripting (XSS) vulnerability in MyShoutPro before 1.2 allo ...)
 	NOT-FOR-US: MyShoutPro
-CVE-2006-7237
+CVE-2006-7237 (PHP remote file inclusion vulnerability in mod/nc_phpmyadmin/core/libr ...)
 	NOT-FOR-US: Ixprim
-CVE-2006-7236
+CVE-2006-7236 (The default configuration of xterm on Debian GNU/Linux sid and possibl ...)
 	{DTSA-182-1}
 	- xterm 238-1 (medium; bug #510030)
 	[etch] - xterm <not-affected> (allowWindowOps disabled in configuration)
 	NOTE: Somewhat mitigated by a filter for control characters in
 	NOTE: post-etch versions.
-CVE-2006-7235
+CVE-2006-7235 (Teamtek Universal FTP Server 1.0.50 allows remote attackers to cause a ...)
 	NOT-FOR-US: Teamtek Universal FTP Server
-CVE-2006-7234
+CVE-2006-7234 (Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows l ...)
 	- lynx-cur 2.8.7dev4-1 (low)
 	- lynx <not-affected> (Doesn't include the current directory in the search path)
-CVE-2006-7233
+CVE-2006-7233 (Cross-site scripting (XSS) vulnerability in the login form (login.jsp) ...)
 	NOT-FOR-US: Openfire
-CVE-2006-7232
+CVE-2006-7232 (sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 all ...)
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg-5.0 5.0.32-1
-CVE-2006-7231
+CVE-2006-7231 (SQL injection vulnerability in display.asp in Civica Software Civica a ...)
 	NOT-FOR-US: Civica Software Civica
-CVE-2006-7230
+CVE-2006-7230 (Perl-Compatible Regular Expression (PCRE) library before 7.0 does not  ...)
 	{DSA-1570-1}
 	- pcre3 7.0-1
 	- kazehakase 0.5.2-1
 	[sarge] - pcre3 4.5+7.4-1
 	[etch] - pcre3 6.7+7.4-2
-CVE-2006-7229
+CVE-2006-7229 (The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly ...)
 	- linux-2.6 2.6.20-1
 	[etch] - linux-2.6 <not-affected> (Ubuntu-specific regression)
-CVE-2006-7228
+CVE-2006-7228 (Integer overflow in Perl-Compatible Regular Expression (PCRE) library  ...)
 	{DSA-1570-1}
 	- pcre3 6.2-1
 	- kazehakase 0.5.2-1
 	[sarge] - pcre3 4.5+7.4-1
 	NOTE: http://www.pcre.org/changelog.txt states fixed in 6.2
-CVE-2006-7227
+CVE-2006-7227 (Integer overflow in Perl-Compatible Regular Expression (PCRE) library  ...)
 	{DSA-1570-1}
 	- pcre3 6.2-1
 	- kazehakase 0.5.2-1
 	[sarge] - pcre3 4.5+7.4-1
 	NOTE: http://www.pcre.org/changelog.txt states fixed in 6.2
-CVE-2006-7226
+CVE-2006-7226 (Perl-Compatible Regular Expression (PCRE) library before 6.7 does not  ...)
 	- pcre3 6.7-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
 	[sarge] - pcre3 4.5+7.4-1
 	[etch] - pcre3 6.7+7.4-2
-CVE-2006-7225
+CVE-2006-7225 (Perl-Compatible Regular Expression (PCRE) library before 6.7 allows co ...)
 	- pcre3 6.7-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
@@ -94,1397 +94,1397 @@ CVE-2006-7225
 	[etch] - pcre3 6.7+7.4-2
 CVE-2006-7224
 	REJECTED
-CVE-2006-7223
+CVE-2006-7223 (PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the Autho ...)
 	NOT-FOR-US: Xwiki
-CVE-2006-7222
+CVE-2006-7222 (Buffer overflow in the CFLICStream::_deltachunk function in FLICSource ...)
 	NOT-FOR-US: Media Player Classic
-CVE-2006-7221
+CVE-2006-7221 (Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow atta ...)
 	- gftp 2.0.18-17 (unimportant; bug #437710)
-CVE-2006-7220
+CVE-2006-7220 (Unspecified vulnerability in SAP SAPLPD and SAPSPRINT allows remote at ...)
 	NOT-FOR-US: SAP SAPLPD
-CVE-2006-7219
+CVE-2006-7219 (eZ publish before 3.8.5 does not properly enforce permissions for edit ...)
 	- ezpublish <not-affected> (Debian's version is too old)
-CVE-2006-7218
+CVE-2006-7218 (eZ publish before 3.8.1 does not properly enforce permissions for "con ...)
 	- ezpublish <not-affected> (Debian's version is too old)
-CVE-2006-7217
+CVE-2006-7217 (Apache Derby before 10.2.1.6 does not determine schema privilege requi ...)
 	- derby <not-affected> (Fixed before initial upload to Debian)
 	NOTE: http://issues.apache.org/jira/browse/DERBY-1858
-CVE-2006-7216
+CVE-2006-7216 (Apache Derby before 10.2.1.6 does not determine privilege requirements ...)
 	- derby <not-affected> (Fixed before initial upload to Debian)
 	NOTE: http://issues.apache.org/jira/browse/DERBY-1708
-CVE-2006-7215
+CVE-2006-7215 (The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop proces ...)
 	NOT-FOR-US: Intel processor
-CVE-2006-7214
+CVE-2006-7214 (Multiple unspecified vulnerabilities in Firebird 1.5 allow remote atta ...)
 	{DSA-1529-1}
 	- firebird1.5 <removed> (bug #432753)
 	- firebird2 <removed>
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	- firebird2.0 <not-affected> (fixed in 2.0)
-CVE-2006-7213
+CVE-2006-7213 (Firebird 1.5 allows remote authenticated users without SYSDBA and owne ...)
 	{DSA-1529-1}
 	- firebird1.5 <removed> (bug #432753)
 	- firebird2 <removed>
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	- firebird2.0 <not-affected> (fixed in 2.0)
-CVE-2006-7212
+CVE-2006-7212 (Multiple buffer overflows in Firebird 1.5, one of which affects WNET,  ...)
 	{DSA-1529-1}
 	- firebird1.5 <removed> (bug #432753)
 	- firebird2 <removed>
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	- firebird2.0 <not-affected> (fixed in 2.0)
-CVE-2006-7211
+CVE-2006-7211 (fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semap ...)
 	{DSA-1529-1}
 	- firebird1.5 <not-affected> (fixed before rename to firebird1.5)
 	- firebird2 1.5.3.4870-4 (low; bug #362001)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	- firebird2.0 <not-affected> (fixed in 2.0)
 	[sarge] - firebird2 <no-dsa> (Minor issue)
-CVE-2006-7210
+CVE-2006-7210 (Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to ...)
 	NOT-FOR-US: Windows
-CVE-2006-7209
+CVE-2006-7209 (Multiple cross-site scripting (XSS) vulnerabilities in phpTrafficA bef ...)
 	NOT-FOR-US: phpTrafficA
-CVE-2006-7208
+CVE-2006-7208 (PHP remote file inclusion vulnerability in download.php in the Adam va ...)
 	NOT-FOR-US: phpBB component com_forum
-CVE-2006-7207
+CVE-2006-7207 (Buffer overflow in ageet AGEphone before 1.4.0 might allow remote atta ...)
 	NOT-FOR-US: AGEphone
-CVE-2006-7206
+CVE-2006-7206 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attacker ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2006-XXXX [Owl Intranet Engine multiple cross-site scripting, SQL-injection]
 	- owl-dms 0.94-1 (medium; bug #416296)
-CVE-2006-7205
+CVE-2006-7205 (The array_fill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 ...)
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: local DoS when Apache memory limit is set high
-CVE-2006-7204
+CVE-2006-7204 (The imap_body function in PHP before 4.4.4 does not implement safemode ...)
 	- php4 <removed> (unimportant)
 	NOTE: open_basedir bypasses not supported
-CVE-2006-7203
+CVE-2006-7203 (The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 an ...)
 	{DSA-1504-1}
 	- linux-2.6 2.6.18.dfsg.1-9 (low)
-CVE-2006-7202
+CVE-2006-7202 (The dofreePDF function in includes/pdf.php in Mambo 4.6.1 does not pro ...)
 	NOT-FOR-US: Mambo
-CVE-2006-7201
+CVE-2006-7201 (EMC RSA Security SiteKey does not set the secure qualifier on the Site ...)
 	NOT-FOR-US: EMC RSA Security SiteKey
-CVE-2006-7200
+CVE-2006-7200 (EMC RSA Security SiteKey issues challenge-bypass tokens that persist f ...)
 	NOT-FOR-US: EMC RSA Security SiteKey
-CVE-2006-7199
+CVE-2006-7199 (EMC RSA Security SiteKey allows remote attackers to display the correc ...)
 	NOT-FOR-US: EMC RSA Security SiteKey
-CVE-2006-7198
+CVE-2006-7198 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) be ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2006-7197
+CVE-2006-7197 (The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for ...)
 	- tomcat5.5 5.5.17-1 (low)
-CVE-2006-7196
+CVE-2006-7196 (Cross-site scripting (XSS) vulnerability in the calendar application e ...)
 	- tomcat5.5 5.5.16-1 (unimportant)
 	- tomcat5 <removed> (unimportant)
 	- tomcat4 <removed> (unimportant)
 	NOTE: Only present in an example, not in production code
-CVE-2006-7195
+CVE-2006-7195 (Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Ap ...)
 	- tomcat5.5 5.5.20-1 (unimportant)
 	- tomcat5 <removed> (unimportant)
 	- tomcat4 <removed> (unimportant)
 	NOTE: Only present in an example, not in production code
-CVE-2006-7194
+CVE-2006-7194 (PHP remote file inclusion vulnerability in modules/Mysqlfinder/Mysqlfi ...)
 	NOT-FOR-US: Agora
 CVE-2006-7193
 	NOT-FOR-US: disputed (SMARTY_DIR is a constant)
-CVE-2006-7192
+CVE-2006-7192 (Microsoft ASP .NET Framework 2.0.50727.42 does not properly handle com ...)
 	NOT-FOR-US: Microsoft ASP .NET Framework
-CVE-2006-7191
+CVE-2006-7191 (Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Ma ...)
 	{DSA-1287-1}
 	- ldap-account-manager 1.0.0-1 (medium)
-CVE-2006-7190
+CVE-2006-7190 (Cross-site scripting (XSS) vulnerability in cgi-bin/user-lib/topics.pl ...)
 	NOT-FOR-US: WebAPP
-CVE-2006-7189
+CVE-2006-7189 (Cross-site scripting (XSS) vulnerability in cgi-bin/admin/logs.cgi in  ...)
 	NOT-FOR-US: WebAPP
-CVE-2006-7188
+CVE-2006-7188 (The search function in cgi-lib/user-lib/search.pl in web-app.net WebAP ...)
 	NOT-FOR-US: WebAPP
-CVE-2006-7187
+CVE-2006-7187 (Cross-site scripting (XSS) vulnerability in the show_recent_searches f ...)
 	NOT-FOR-US: WebAPP
-CVE-2006-7186
+CVE-2006-7186 (cgi-lib/subs.pl in web-app.net WebAPP before 0.9.9.3.5 allows attacker ...)
 	NOT-FOR-US: WebAPP
-CVE-2006-7185
+CVE-2006-7185 (PHP remote file inclusion vulnerability in includes/user_standard.php  ...)
 	NOT-FOR-US: CMSmelborp
-CVE-2006-7184
+CVE-2006-7184 (Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine ( ...)
 	NOT-FOR-US: Exhibit Engine
-CVE-2006-7183
+CVE-2006-7183 (PHP remote file inclusion vulnerability in styles.php in Exhibit Engin ...)
 	NOT-FOR-US: Exhibit Engine
-CVE-2006-7182
+CVE-2006-7182 (PHP remote file inclusion vulnerability in noticias.php in MNews 2.0 a ...)
 	NOT-FOR-US: MNews
 CVE-2006-7181
 	NOT-FOR-US: Morcego CMS
-CVE-2006-7180
+CVE-2006-7180 (ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets b ...)
 	- madwifi 1:0.9.2+r1842.20061207-2 (low)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
-CVE-2006-7179
+CVE-2006-7179 (ieee80211_input.c in MadWifi before 0.9.3 does not properly process Ch ...)
 	- madwifi 1:0.9.2+r1842.20061207-2 (low)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
-CVE-2006-7178
+CVE-2006-7178 (MadWifi before 0.9.3 does not properly handle reception of an AUTH fra ...)
 	- madwifi 1:0.9.2+r1842.20061207-2 (low)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
-CVE-2006-7177
+CVE-2006-7177 (MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a  ...)
 	- madwifi 1:0.9.2+r1842.20061207-2 (low)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
-CVE-2006-7176
+CVE-2006-7176 (The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update  ...)
 	- sendmail <not-affected> (Not a program flaw, a DNS error)
-CVE-2006-7175
+CVE-2006-7175 (The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update  ...)
 	- sendmail <not-affected> (Debian compiles with FFR_TLS correctly)
-CVE-2006-7174
+CVE-2006-7174 (PHP remote file inclusion vulnerability in includes/functions.php in t ...)
 	NOT-FOR-US: Dimension module of phpBB
-CVE-2006-7173
+CVE-2006-7173 (Direct static code injection vulnerability in admin.php in PHP-Stats 0 ...)
 	NOT-FOR-US: PHP-Stats
-CVE-2006-7172
+CVE-2006-7172 (Multiple SQL injection vulnerabilities in php-stats.recphp.php in PHP- ...)
 	NOT-FOR-US: PHP-Stats
-CVE-2006-7171
+CVE-2006-7171 (product_review.php in Koan Software Mega Mall allows remote attackers  ...)
 	NOT-FOR-US: Mega Mall
-CVE-2006-7170
+CVE-2006-7170 (Multiple SQL injection vulnerabilities in Koan Software Mega Mall allo ...)
 	NOT-FOR-US: Mega Mall
-CVE-2006-7169
+CVE-2006-7169 (PHP remote file inclusion vulnerability in includes/header_simple.php  ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-7168
+CVE-2006-7168 (PHP remote file inclusion vulnerability in includes/not_mem.php in the ...)
 	NOT-FOR-US: phpBB module Add Name
-CVE-2006-7167
+CVE-2006-7167 (Unspecified vulnerability in ProRat Server 1.9 Fix2 allows remote atta ...)
 	NOT-FOR-US: ProRat Server
-CVE-2006-7166
+CVE-2006-7166 (IBM WebSphere Application Server (WAS) 5.1.1.9 and earlier allows remo ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2006-7165
+CVE-2006-7165 (IBM WebSphere Application Server (WAS) 5.0 through 5.1.1.0 allows remo ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2006-7164
+CVE-2006-7164 (SimpleFileServlet in IBM WebSphere Application Server 5.0.1 through 5. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2006-7163
+CVE-2006-7163 (DreameeSoft Password Master 1.0 stores the database in an unencrypted  ...)
 	NOT-FOR-US: DreameeSoft Password Master
-CVE-2006-7162
+CVE-2006-7162 (PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files co ...)
 	- putty 0.59-1 (bug #400804; unimportant)
 	NOTE: Unsafe default, but not a vulnerability
 	NOTE: Sensitive operations like key generation should only be done in private home
-CVE-2006-7161
+CVE-2006-7161 (SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows  ...)
 	NOT-FOR-US: Hazir Site
-CVE-2006-7160
+CVE-2006-7160 (The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earli ...)
 	NOT-FOR-US: Outpost Firewall PRO
-CVE-2006-7159
+CVE-2006-7159 (Directory traversal vulnerability in include/prune_torrents.php in BTI ...)
 	NOT-FOR-US: BTI-Tracker
-CVE-2006-7158
+CVE-2006-7158 (Cross-site scripting (XSS) vulnerability in Oracle Application Express ...)
 	NOT-FOR-US: Oracle Application Express
-CVE-2006-7157
+CVE-2006-7157 (Buffer overflow in Google Earth v4.0.2091 (beta) allows remote user-as ...)
 	NOT-FOR-US: Google Earth
-CVE-2006-7156
+CVE-2006-7156 (PHP remote file inclusion vulnerability in addon_keywords.php in Keywo ...)
 	NOT-FOR-US: miniBB module Keyword Replacer
-CVE-2006-7155
+CVE-2006-7155 (Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the ...)
 	NOT-FOR-US: Novell BorderManager
-CVE-2006-7154
+CVE-2006-7154 (Iono allows remote attackers to obtain the full server path via certai ...)
 	NOT-FOR-US: Iono
-CVE-2006-7153
+CVE-2006-7153 (PHP remote file inclusion vulnerability in index.php in MiniBB Forum 2 ...)
 	NOT-FOR-US: MiniBB Forum
-CVE-2006-7152
+CVE-2006-7152 (default.asp in ASP-Nuke Community 1.5 and earlier allows remote attack ...)
 	NOT-FOR-US: ASP-Nuke Community
-CVE-2006-7151
+CVE-2006-7151 (Untrusted search path vulnerability in the libtool-ltdl library (liblt ...)
 	- libtool <not-affected> (Specific to Fedora build)
-CVE-2006-7150
+CVE-2006-7150 (Multiple SQL injection vulnerabilities in Mambo 4.6.x allow remote att ...)
 	NOT-FOR-US: Mambo
-CVE-2006-7149
+CVE-2006-7149 (Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.x all ...)
 	NOT-FOR-US: Mambo
-CVE-2006-7148
+CVE-2006-7148 (PHP remote file inclusion vulnerability in includes/bb_usage_stats.php ...)
 	NOT-FOR-US: phpBB module maluinfo
-CVE-2006-7147
+CVE-2006-7147 (PHP remote file inclusion vulnerability in includes/functions_mod_user ...)
 	NOT-FOR-US: phpBB module Import Tools
 CVE-2006-7146
 	NOT-FOR-US: communityPortals
-CVE-2006-7145
+CVE-2006-7145 (edit_user.php in Call Center Software 0.93 and earlier allows remote a ...)
 	NOT-FOR-US: Call Center Software
-CVE-2006-7144
+CVE-2006-7144 (SQL injection vulnerability in Call Center Software 0.93 and earlier a ...)
 	NOT-FOR-US: Call Center Software
-CVE-2006-7143
+CVE-2006-7143 (Cross-site scripting (XSS) vulnerability in Call Center Software 0.93  ...)
 	NOT-FOR-US: Call Center Software
-CVE-2006-7142
+CVE-2006-7142 (The centralized management feature for Utimaco Safeguard stores hard-c ...)
 	NOT-FOR-US: Utimaco Safeguard
 CVE-2006-7141
 	NOT-FOR-US: Oracle Database
-CVE-2006-7140
+CVE-2006-7140 (The libike library, as used by in.iked, elfsign, and kcfd in Sun Solar ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2006-7139
+CVE-2006-7139 (Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, al ...)
 	- kdepim <unfixed> (unimportant)
 	NOTE: Annoying bug, but neglectable "security implications"
-CVE-2006-7138
+CVE-2006-7138 (SQL injection vulnerability in wwv_flow_utilities.gen_popup_list in th ...)
 	NOT-FOR-US: Oracle APEX
-CVE-2006-7137
+CVE-2006-7137 (Cross-site scripting (XSS) vulnerability in TinyPortal before 0.8.6 al ...)
 	NOT-FOR-US: TinyPortal
-CVE-2006-7136
+CVE-2006-7136 (Multiple PHP remote file inclusion vulnerabilities in PHP Poll Creator ...)
 	NOT-FOR-US: PHP Poll Creator
-CVE-2006-7135
+CVE-2006-7135 (PHP remote file inclusion vulnerability in lib/functions.inc.php in PH ...)
 	NOT-FOR-US: PHP Poll Creator
-CVE-2006-7134
+CVE-2006-7134 (Unrestricted file upload vulnerability in main_user.php in Upload Tool ...)
 	NOT-FOR-US: Upload Tool for PHP
-CVE-2006-7133
+CVE-2006-7133 (Directory traversal vulnerability in upload/bin/download.php in Upload ...)
 	NOT-FOR-US: Upload Tool for PHP
-CVE-2006-7132
+CVE-2006-7132 (Directory traversal vulnerability in pmd-config.php in PHPMyDesk 1.0be ...)
 	NOT-FOR-US: PHPMyDesk
-CVE-2006-7131
+CVE-2006-7131 (PHP remote file inclusion vulnerability in extras/mt.php in Jinzora 2. ...)
 	NOT-FOR-US: Jinzora
-CVE-2006-7130
+CVE-2006-7130 (PHP remote file inclusion vulnerability in backend/primitives/cache/me ...)
 	NOT-FOR-US: Jinzora
-CVE-2006-7129
+CVE-2006-7129 (ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versi ...)
 	NOT-FOR-US: ISS BlackICE
-CVE-2006-7128
+CVE-2006-7128 (PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 ...)
 	NOT-FOR-US: JAF CMS
-CVE-2006-7127
+CVE-2006-7127 (Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and  ...)
 	NOT-FOR-US: JAF CMS
-CVE-2006-7126
+CVE-2006-7126 (SQL injection vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 al ...)
 	NOT-FOR-US: Joomla component BSQ Sitestats
-CVE-2006-7125
+CVE-2006-7125 (Cross-site scripting (XSS) vulnerability in Joomla BSQ Sitestats 1.8.0 ...)
 	NOT-FOR-US: Joomla component BSQ Sitestats
-CVE-2006-7124
+CVE-2006-7124 (PHP remote file inclusion vulnerability in external/rssfeeds.php in BS ...)
 	NOT-FOR-US: Joomla component BSQ Sitestats
-CVE-2006-7123
+CVE-2006-7123 (Multiple SQL injection vulnerabilities in BSQ Sitestats (component for ...)
 	NOT-FOR-US: Joomla component BSQ Sitestats
-CVE-2006-7122
+CVE-2006-7122 (Cross-site scripting (XSS) vulnerability in the IP Address Lookup func ...)
 	NOT-FOR-US: Joomla component BSQ Sitestats
-CVE-2006-7121
+CVE-2006-7121 (The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote at ...)
 	NOT-FOR-US: Linksys SPA-921
 CVE-2006-7120
 	NOT-FOR-US: OSL maintain
-CVE-2006-7119
+CVE-2006-7119 (PHP remote file inclusion vulnerability in kernel/system/startup.php i ...)
 	NOT-FOR-US: PHPGiggle
-CVE-2006-7118
+CVE-2006-7118 (SQL injection vulnerability in index.asp in DMXReady Site Engine Manag ...)
 	NOT-FOR-US: DMXReady Site Engine Manager
-CVE-2006-7117
+CVE-2006-7117 (Multiple directory traversal vulnerabilities in Kubix 0.7 and earlier  ...)
 	NOT-FOR-US: Kubix
-CVE-2006-7116
+CVE-2006-7116 (SQL injection vulnerability in includes/functions.php in Kubix 0.7 and ...)
 	NOT-FOR-US: Kubix
-CVE-2006-7115
+CVE-2006-7115 (SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attacker ...)
 	NOT-FOR-US: PHPKit
-CVE-2006-7114
+CVE-2006-7114 (P-News 2.0 stores db/user.txt under the web document root with insuffi ...)
 	NOT-FOR-US: P-News
-CVE-2006-7113
+CVE-2006-7113 (Unrestricted file upload vulnerability in P-News 2.0 allows remote att ...)
 	NOT-FOR-US: P-News
-CVE-2006-7112
+CVE-2006-7112 (Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and ea ...)
 	NOT-FOR-US: MD-Pro
-CVE-2006-7111
+CVE-2006-7111 (Unspecified vulnerability in Futomi's CGI Cafe KMail CGI 1.0.3 and ear ...)
 	NOT-FOR-US: KMail CGI
-CVE-2006-7110
+CVE-2006-7110 (Directory traversal vulnerability in the delete function in IMCE befor ...)
 	NOT-FOR-US: Drupal module IMCE
-CVE-2006-7109
+CVE-2006-7109 (Unrestricted file upload vulnerability in IMCE before 1.6, a Drupal mo ...)
 	NOT-FOR-US: Drupal module IMCE
-CVE-2006-7108
+CVE-2006-7108 (login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when auth ...)
 	- util-linux 2.17.2-9 (unimportant)
 	NOTE: likely fixed far before this, which is the version in squeeze that was checked
-CVE-2006-7107
+CVE-2006-7107 (PHP remote file inclusion vulnerability in upgrade.php in Coalescent S ...)
 	NOT-FOR-US: freePBX
-CVE-2006-7106
+CVE-2006-7106 (PHP remote file inclusion vulnerability in config.inc.php3 in Power Ph ...)
 	NOT-FOR-US: Power Phlogger
 CVE-2006-7105
 	- smarty <not-affected> (described vulnerability never existed)
-CVE-2006-7104
+CVE-2006-7104 (PHP remote file inclusion vulnerability in htmltemplate.php in the Cha ...)
 	NOT-FOR-US: MOStlyContent Editor
-CVE-2006-7103
+CVE-2006-7103 (Multiple directory traversal vulnerabilities in EZOnlineGallery 1.3 an ...)
 	NOT-FOR-US: EZOnlineGallery
-CVE-2006-7102
+CVE-2006-7102 (Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal ...)
 	NOT-FOR-US: phpBurningPortal quiz-modul
-CVE-2006-7101
+CVE-2006-7101 (SQL injection vulnerability in admin.php in PHPWind 5.0.1 and earlier  ...)
 	NOT-FOR-US: PHPWind
-CVE-2006-7100
+CVE-2006-7100 (PHP remote file inclusion vulnerability in includes/functions_mod_user ...)
 	NOT-FOR-US: phpBB Insert User
-CVE-2006-7099
+CVE-2006-7099 (Directory traversal vulnerability in index.php in SolarPay allows remo ...)
 	NOT-FOR-US: SolarPay
-CVE-2006-7098
+CVE-2006-7098 (The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server ...)
 	- apache 1.3.34-4.1 (low; bug #357561)
-CVE-2006-7097
+CVE-2006-7097 (Multiple unspecified vulnerabilities in TaskFreak! before 0.1.4 have u ...)
 	NOT-FOR-US: TaskFreak!
-CVE-2006-7096
+CVE-2006-7096 (Buffer overflow in the network_host_handle_join function in host.c in  ...)
 	NOT-FOR-US: dimension 3 engine
-CVE-2006-7095
+CVE-2006-7095 (Integer signedness error in the network_receive_packet function in soc ...)
 	NOT-FOR-US: dimension 3 engine
-CVE-2006-7094
+CVE-2006-7094 (ftpd, as used by Gentoo and Debian Linux, sets the gid to the effectiv ...)
 	- linux-ftpd 0.17-23 (bug #384454; low)
-CVE-2006-7093
+CVE-2006-7093 (Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Securi ...)
 	NOT-FOR-US: Mambo LaiThai
-CVE-2006-7092
+CVE-2006-7092 (SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5 ...)
 	NOT-FOR-US: Mambo LaiThai
-CVE-2006-7091
+CVE-2006-7091 (PHP remote file inclusion vulnerability in config.php in phpht Topsite ...)
 	NOT-FOR-US: Topsites FREE
-CVE-2006-7090
+CVE-2006-7090 (PHP remote file inclusion vulnerability in phpbb_security.php in phpBB ...)
 	NOT-FOR-US: phpBB Security
-CVE-2006-7089
+CVE-2006-7089 (SQL injection vulnerability in connexion.php in Ban 0.1 allows remote  ...)
 	NOT-FOR-US: Ban
-CVE-2006-7088
+CVE-2006-7088 (Multiple SQL injection vulnerabilities in Simple PHP Forum before 0.4  ...)
 	NOT-FOR-US: Simple PHP Forum
-CVE-2006-7087
+CVE-2006-7087 (CRLF injection vulnerability in the mail function in Dotdeb PHP before ...)
 	NOT-FOR-US: Dotdeb PHP
-CVE-2006-7086
+CVE-2006-7086 (The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remot ...)
 	NOT-FOR-US: Hot Links
-CVE-2006-7085
+CVE-2006-7085 (Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers t ...)
 	NOT-FOR-US: Rigter Portal System
 CVE-2006-7084
 	REJECTED
-CVE-2006-7083
+CVE-2006-7083 (Directory traversal vulnerability in index.php in Rigter Portal System ...)
 	NOT-FOR-US: Rigter Portal System
-CVE-2006-7082
+CVE-2006-7082 (Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers t ...)
 	NOT-FOR-US: Rigter Portal System
-CVE-2006-7081
+CVE-2006-7081 (Multiple PHP remote file inclusion vulnerabilities in PhpNews 1.0 allo ...)
 	NOT-FOR-US: PhpNews
-CVE-2006-7080
+CVE-2006-7080 (Directory traversal vulnerability in the avatar upload feature in exV2 ...)
 	NOT-FOR-US: exV2
-CVE-2006-7079
+CVE-2006-7079 (Variable extraction vulnerability in include/common.php in exV2 2.0.4. ...)
 	NOT-FOR-US: exV2
-CVE-2006-7078
+CVE-2006-7078 (Multiple cross-site scripting (XSS) vulnerabilities in Professional Ho ...)
 	NOT-FOR-US: Professional Home Page Tools Login Script
-CVE-2006-7077
+CVE-2006-7077 (SQL injection vulnerability in guestbook.php in Advanced Guestbook 2.4 ...)
 	NOT-FOR-US: Advanced Guestbook
-CVE-2006-7076
+CVE-2006-7076 (Cross-site scripting (XSS) vulnerability in guestbook.php in Advanced  ...)
 	NOT-FOR-US: Advanced Guestbook
-CVE-2006-7075
+CVE-2006-7075 (Buffer overflow in the meta_read_flac function in meta_decoder.c for A ...)
 	- aqualung 0.9~beta6-1 (medium)
-CVE-2006-7074
+CVE-2006-7074 (admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass authen ...)
 	NOT-FOR-US: SmartSiteCMS
-CVE-2006-7073
+CVE-2006-7073 (Cross-site scripting (XSS) vulnerability in Opentools Attachment Mod b ...)
 	NOT-FOR-US: Opentools Attachment Mod
-CVE-2006-7072
+CVE-2006-7072 (Cross-site scripting (XSS) vulnerability in GeoClassifieds Enterprise  ...)
 	NOT-FOR-US: GeoClassifieds Enterprise
-CVE-2006-7071
+CVE-2006-7071 (SQL injection vulnerability in classes/class_session.php in Invision P ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-7070
+CVE-2006-7070 (Unrestricted file upload vulnerability in manager/media/ibrowser/scrip ...)
 	NOT-FOR-US: Etomite CMS
-CVE-2006-7069
+CVE-2006-7069 (PHP remote file inclusion vulnerability in smarty_config.php in Socket ...)
 	NOT-FOR-US: Socketwiz Bookmarks
-CVE-2006-7068
+CVE-2006-7068 (PHP remote file inclusion vulnerability in CliServ Web Community 0.65  ...)
 	NOT-FOR-US: CliServ Web Community
-CVE-2006-7067
+CVE-2006-7067 (Oracle 10g R2 and possibly other versions allows remote attackers to t ...)
 	NOT-FOR-US: Oracle
-CVE-2006-7066
+CVE-2006-7066 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attacker ...)
 	NOT-FOR-US: Microsoft IE
-CVE-2006-7065
+CVE-2006-7065 (Microsoft Internet Explorer allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Microsoft IE
-CVE-2006-7064
+CVE-2006-7064 (Cross-site scripting (XSS) vulnerability in forum/admin.php for Invisi ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-7063
+CVE-2006-7063 (Directory traversal vulnerability in profile.php in TinyPHPforum 3.6 a ...)
 	NOT-FOR-US: TinyPHPforum
-CVE-2006-7062
+CVE-2006-7062 (calendar.php in Kamgaing Email System (kmail) 2.3 and earlier allows r ...)
 	NOT-FOR-US: Kamgaing Email System
-CVE-2006-7061
+CVE-2006-7061 (Scriptsez.net E-Dating System stores data files with predictable names ...)
 	NOT-FOR-US: E-Dating System
-CVE-2006-7060
+CVE-2006-7060 (cindex.php in Scriptsez.net E-Dating System allows remote attackers to ...)
 	NOT-FOR-US: E-Dating System
-CVE-2006-7059
+CVE-2006-7059 (Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net E ...)
 	NOT-FOR-US: E-Dating System
-CVE-2006-7058
+CVE-2006-7058 (Multiple cross-site scripting (XSS) vulnerabilities in Sphider before  ...)
 	NOT-FOR-US: Sphider
-CVE-2006-7057
+CVE-2006-7057 (SQL injection vulnerability in search.php in Sphider before 1.3.1c all ...)
 	NOT-FOR-US: Sphider
-CVE-2006-7056
+CVE-2006-7056 (Multiple PHP remote file inclusion vulnerabilities in DreamCost HostAd ...)
 	NOT-FOR-US: HostAdmin
-CVE-2006-7055
+CVE-2006-7055 (PHP remote file inclusion vulnerability in index.php in TotalCalendar  ...)
 	NOT-FOR-US: TotalCalendar
-CVE-2006-7054
+CVE-2006-7054 (The DNS module in Arkoon FAST360 UTM appliances 3.0 up to 3.0/29, 3.1  ...)
 	NOT-FOR-US: FAST360 UTM
-CVE-2006-7053
+CVE-2006-7053 (Unspecified vulnerability in Arkoon FAST360 UTM appliances 3.0 through ...)
 	NOT-FOR-US: FAST360 UTM
-CVE-2006-7052
+CVE-2006-7052 (Multiple PHP remote file inclusion vulnerabilities in DotWidget For Ar ...)
 	NOT-FOR-US: DotWidget
-CVE-2006-7051
+CVE-2006-7051 (The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x ...)
 	- linux-2.6 2.6.23-1 (low)
 	[etch] - linux-2.6 <no-dsa> (Design limitation, use resource limits if it poses a problem)
-CVE-2006-7050
+CVE-2006-7050 (Cross-site scripting (XSS) vulnerability in WikkaWiki (Wikka Wiki) bef ...)
 	NOT-FOR-US: WikkaWiki
-CVE-2006-7049
+CVE-2006-7049 (The Method method in WikkaWiki (Wikka Wiki) before 1.1.6.2 calls the s ...)
 	NOT-FOR-US: WikkaWiki
-CVE-2006-7048
+CVE-2006-7048 (Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5  ...)
 	NOT-FOR-US: Claroline
-CVE-2006-7047
+CVE-2006-7047 (include.php in Shoutpro 1.0 might allow remote attackers to bypass IP  ...)
 	NOT-FOR-US: Shoutpro
-CVE-2006-7046
+CVE-2006-7046 (PHP remote file inclusion vulnerability in cmpro.intern/login.inc.php  ...)
 	NOT-FOR-US: Clan Manager Pro
-CVE-2006-7045
+CVE-2006-7045 (PHP remote file inclusion vulnerability in Clan Manager Pro (CMPRO) 1. ...)
 	NOT-FOR-US: Clan Manager Pro
-CVE-2006-7044
+CVE-2006-7044 (PHP remote file inclusion vulnerability in comment.core.inc.php in Cla ...)
 	NOT-FOR-US: Clan Manager Pro
-CVE-2006-7043
+CVE-2006-7043 (Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blogge ...)
 	NOT-FOR-US: Chipmunk
-CVE-2006-7042
+CVE-2006-7042 (Cross-site scripting (XSS) vulnerability in directory/index.php in Chi ...)
 	NOT-FOR-US: Chipmunk
-CVE-2006-7041
+CVE-2006-7041 (The SMTP service in MERCUR Messaging 2005 before Service Pack 4 allows ...)
 	NOT-FOR-US: MERCUR Messaging
-CVE-2006-7040
+CVE-2006-7040 (Unspecified vulnerability in MERCUR Messaging 2005 before Service Pack ...)
 	NOT-FOR-US: MERCUR Messaging
-CVE-2006-7039
+CVE-2006-7039 (The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 allow ...)
 	NOT-FOR-US: MERCUR Messaging
-CVE-2006-7038
+CVE-2006-7038 (Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack ...)
 	NOT-FOR-US: MERCUR Messaging
-CVE-2006-7037
+CVE-2006-7037 (Mathcad 12 through 13.1 allows local users to bypass the security feat ...)
 	NOT-FOR-US: MathCAD
-CVE-2006-7036
+CVE-2006-7036 (PHP remote file inclusion vulnerability in register.php for Andys Chat ...)
 	NOT-FOR-US: Andy's Chat
-CVE-2006-7035
+CVE-2006-7035 (Directory traversal vulnerability in make_thumbnail.php in Super Link  ...)
 	NOT-FOR-US: Super Link Exchange Script
-CVE-2006-7034
+CVE-2006-7034 (SQL injection vulnerability in directory.php in Super Link Exchange Sc ...)
 	NOT-FOR-US: Super Link Exchange Script
-CVE-2006-7033
+CVE-2006-7033 (Cross-site scripting (XSS) vulnerability in Super Link Exchange Script ...)
 	NOT-FOR-US: Super Link Exchange Script
-CVE-2006-7032
+CVE-2006-7032 (PHP remote file inclusion vulnerability in phpbb/getmsg.php in FlashBB ...)
 	NOT-FOR-US: FlashBB
-CVE-2006-7031
+CVE-2006-7031 (Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote att ...)
 	NOT-FOR-US: Microsoft IE
-CVE-2006-7030
+CVE-2006-7030 (Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers  ...)
 	NOT-FOR-US: Microsoft IE
-CVE-2006-7029
+CVE-2006-7029 (Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers  ...)
 	NOT-FOR-US: Microsoft IE
-CVE-2006-7028
+CVE-2006-7028 (Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allo ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2006-7027
+CVE-2006-7027 (Microsoft Internet Security and Acceleration (ISA) Server 2004 logs un ...)
 	NOT-FOR-US: Microsoft ISA
-CVE-2006-7026
+CVE-2006-7026 (PHP remote file inclusion vulnerability in sources/join.php in Aardvar ...)
 	NOT-FOR-US: Topsites PHP
-CVE-2006-7025
+CVE-2006-7025 (SQL injection vulnerability in admin/config.php in Bookmark4U 2.0 and  ...)
 	NOT-FOR-US: Bookmark4U
 CVE-2006-XXXX [pure-ftpd-mysql: any problems with a home dir will allow rw to the entire filesystem]
 	- pure-ftpd 1.0.21-1 (low)
 	NOTE: oldstable is affected
-CVE-2006-7024
+CVE-2006-7024 (Multiple PHP remote file inclusion vulnerabilities in Harpia CMS 1.0.5 ...)
 	NOT-FOR-US: Harpia CMS
-CVE-2006-7023
+CVE-2006-7023 (Multiple cross-site scripting (XSS) vulnerabilities in fx-APP 0.0.8.1  ...)
 	NOT-FOR-US: fx-APP
-CVE-2006-7022
+CVE-2006-7022 (The Tools module in fx-APP 0.0.8.1 allows remote attackers to misrepre ...)
 	NOT-FOR-US: fx-APP
-CVE-2006-7021
+CVE-2006-7021 (PHP remote file inclusion vulnerability in manager/tools/link/dbinstal ...)
 	NOT-FOR-US: Plume CMS
-CVE-2006-7020
+CVE-2006-7020 (CRLF injection vulnerability in (1) include/inc_act/act_formmailer.php ...)
 	NOT-FOR-US: phpwcms
-CVE-2006-7019
+CVE-2006-7019 (phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attac ...)
 	NOT-FOR-US: phpwcms
-CVE-2006-7018
+CVE-2006-7018 (phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attac ...)
 	NOT-FOR-US: phpwcms
-CVE-2006-7017
+CVE-2006-7017 (Multiple PHP remote file inclusion vulnerabilities in Indexu 5.0.1 all ...)
 	NOT-FOR-US: Indexu
-CVE-2006-7016
+CVE-2006-7016 (phpjobboard allows remote attackers to bypass authentication and gain  ...)
 	NOT-FOR-US: Jobline
 CVE-2006-7015
 	NOT-FOR-US: Jobline
-CVE-2006-7014
+CVE-2006-7014 (admin.php in BloggIT 1.01 and earlier does not properly establish a us ...)
 	NOT-FOR-US: BloggIT
 CVE-2006-7013
 	NOT-FOR-US: Simple Machine Forum
-CVE-2006-7012
+CVE-2006-7012 (scart.cgi in SCart 2.0 allows remote attackers to execute arbitrary co ...)
 	NOT-FOR-US: SCart
 CVE-2006-7011
 	NOT-FOR-US: FlashChat
-CVE-2006-7010
+CVE-2006-7010 (The mosgetparam implementation in Joomla! before 1.0.10, does not set  ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-7009
+CVE-2006-7009 (Joomla! before 1.0.10 allows remote attackers to spoof the frontend su ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-7008
+CVE-2006-7008 (Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact  ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-7007
+CVE-2006-7007 (Buffer overflow in Tiny FTPd 1.4 and earlier allows remote attackers t ...)
 	NOT-FOR-US: Tiny FTPd
 CVE-2006-7006
 	NOT-FOR-US: Somery
-CVE-2006-7005
+CVE-2006-7005 (SQL injection vulnerability in item.php in PSY Auction allows remote a ...)
 	NOT-FOR-US: PSY Auction
-CVE-2006-7004
+CVE-2006-7004 (Cross-site scripting (XSS) vulnerability in email_request.php in PSY A ...)
 	NOT-FOR-US: PSY Auction
-CVE-2006-7003
+CVE-2006-7003 (PHP remote file inclusion vulnerability in admin/index.php in Fusion P ...)
 	NOT-FOR-US: Fusion Polls
-CVE-2006-7002
+CVE-2006-7002 (Cross-site scripting (XSS) vulnerability in add_comment.php in Wheatbl ...)
 	NOT-FOR-US: Wheatblog
-CVE-2006-7001
+CVE-2006-7001 (Directory traversal vulnerability in avatar.php in PhpMyChat Plus 1.9  ...)
 	NOT-FOR-US: PhpMyChat Plus
-CVE-2006-7000
+CVE-2006-7000 (Headstart Solutions DeskPRO allows remote attackers to obtain the full ...)
 	NOT-FOR-US: DeskPRO
-CVE-2006-6999
+CVE-2006-6999 (attachment.php in Headstart Solutions DeskPRO allows remote attackers  ...)
 	NOT-FOR-US: DeskPRO
-CVE-2006-6998
+CVE-2006-6998 (install/loader_help.php in Headstart Solutions DeskPRO allows remote a ...)
 	NOT-FOR-US: DeskPRO
-CVE-2006-6997
+CVE-2006-6997 (Unspecified vulnerability in a cryptographic feature in MailEnable Sta ...)
 	NOT-FOR-US: MailEnable
-CVE-2006-6996
+CVE-2006-6996 (Multiple cross-site scripting (XSS) vulnerabilities in warforge.NEWS 1 ...)
 	NOT-FOR-US: warforge.NEWS
-CVE-2006-6995
+CVE-2006-6995 (mycontacts.php in V3 Chat allows remote authenticated users to gain pr ...)
 	NOT-FOR-US: V3 Chat
-CVE-2006-6994
+CVE-2006-6994 (Unrestricted file upload vulnerability in add.asp in OzzyWork Gallery, ...)
 	NOT-FOR-US: OzzyWork Gallery
-CVE-2006-6993
+CVE-2006-6993 (Multiple SQL injection vulnerabilities in pages/addcomment2.php in Neu ...)
 	NOT-FOR-US: Neuron Blog
-CVE-2006-6992
+CVE-2006-6992 (Cross-domain vulnerability in GoSuRF Browser 2.62 allows remote attack ...)
 	NOT-FOR-US: GoSuRF Browser
-CVE-2006-6991
+CVE-2006-6991 (Cross-domain vulnerability in Fast Browser Pro 8.1 allows remote attac ...)
 	NOT-FOR-US: Fast Browser Pro
-CVE-2006-6990
+CVE-2006-6990 (Cross-domain vulnerability in Enigma Browser 3.8.8 allows remote attac ...)
 	NOT-FOR-US: Enigma Browser
-CVE-2006-6989
+CVE-2006-6989 (Cross-domain vulnerability in NetCaptor 4.5.7 Personal Edition allows  ...)
 	NOT-FOR-US: NetCaptor
-CVE-2006-6988
+CVE-2006-6988 (Cross-domain vulnerability in Slim Browser 4.07 build 100 allows remot ...)
 	NOT-FOR-US: Slim Browser
-CVE-2006-6987
+CVE-2006-6987 (Cross-domain vulnerability in FineBrowser Freeware 3.2.2 allows remote ...)
 	NOT-FOR-US: FineBrowser Freeware
-CVE-2006-6986
+CVE-2006-6986 (Cross-domain vulnerability in PhaseOut 5.4.4 allows remote attackers t ...)
 	NOT-FOR-US: PhaseOut
-CVE-2006-6985
+CVE-2006-6985 (Cross-domain vulnerability in Maxthon 1.5.6 build 42 allows remote att ...)
 	NOT-FOR-US: Maxthon
-CVE-2006-6984
+CVE-2006-6984 (Cross-domain vulnerability in GreenBrowser 3.4.0622 allows remote atta ...)
 	NOT-FOR-US: GreenBrowser
-CVE-2006-6983
+CVE-2006-6983 (Cross-domain vulnerability in MYweb4net Browser 3.8.8.0 allows remote  ...)
 	NOT-FOR-US: MYweb4net Browser
-CVE-2006-6982
+CVE-2006-6982 (3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic au ...)
 	NOT-FOR-US: 3proxy
-CVE-2006-6981
+CVE-2006-6981 (3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows  ...)
 	NOT-FOR-US: 3proxy
-CVE-2006-6980
+CVE-2006-6980 (The magnatune.com album browser in Amarok allows attackers to cause a  ...)
 	- amarok 1.4.4-4 (bug #410850; unimportant)
 	NOTE: This could only be exploited through the Magnatune shop
-CVE-2006-6979
+CVE-2006-6979 (The ruby handlers in the Magnatune component in Amarok do not properly ...)
 	- amarok 1.4.4-1 (bug #410850; low)
 	[sarge] - amarok <not-affected> (Vulnerable code not present)
-CVE-2006-6978
+CVE-2006-6978 (Cross-site scripting (XSS) vulnerability in the "Basic Toolbar Selecti ...)
 	NOT-FOR-US: FCKEditor
-CVE-2006-6977
+CVE-2006-6977 (Cross-site scripting (XSS) vulnerability in the "Basic Toolbar Selecti ...)
 	NOT-FOR-US: FreeTextBox
-CVE-2006-6976
+CVE-2006-6976 (PHP remote file inclusion vulnerability in centipaid_class.php in Cent ...)
 	NOT-FOR-US: CentiPaid
 CVE-2006-6975
 	NOT-FOR-US: CentiPaid
-CVE-2006-6974
+CVE-2006-6974 (Headstart Solutions DeskPRO stores sensitive information under the web ...)
 	NOT-FOR-US: DeskPRO
-CVE-2006-6973
+CVE-2006-6973 (Headstart Solutions DeskPRO does not require authentication for certai ...)
 	NOT-FOR-US: DeskPRO
-CVE-2006-6972
+CVE-2006-6972 (SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows  ...)
 	NOT-FOR-US: BtitTracker
-CVE-2006-6971
+CVE-2006-6971 (Mozilla Firefox 2.0, possibly only when running on Windows, allows rem ...)
 	- iceweasel <not-affected> (Windows only)
-CVE-2006-6970
+CVE-2006-6970 (Opera 9.10 Final allows remote attackers to bypass the Fraud Protectio ...)
 	NOT-FOR-US: Opera
-CVE-2006-6969
+CVE-2006-6969 (Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 befo ...)
 	- jetty 5.1.10-4 (medium; bug #445283)
 	NOTE: http://jetty.cvs.sourceforge.net/jetty/Jetty/src/org/mortbay/jetty/servlet/AbstractSessionManager.java?r1=1.52&r2=1.53&view=patch
-CVE-2006-6968
+CVE-2006-6968 (Cross-site scripting (XSS) vulnerability in the group moderation contr ...)
 	NOT-FOR-US: Phorum
 CVE-2006-6967
 	REJECTED
-CVE-2006-6966
+CVE-2006-6966 (phpGraphy before 0.9.13a does not properly unset variables when the in ...)
 	NOT-FOR-US: phpGraphy
-CVE-2006-6965
+CVE-2006-6965 (CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03- ...)
 	- dokuwiki 0.0.20061106-1 (low)
-CVE-2006-6964
+CVE-2006-6964 (MailEnable Professional before 1.78 provides a cleartext user password ...)
 	NOT-FOR-US: MailEnable
-CVE-2006-6963
+CVE-2006-6963 (Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 3.0.3 ...)
 	NOT-FOR-US: Docebo
-CVE-2006-6962
+CVE-2006-6962 (PHP remote file inclusion vulnerability in rsgallery2.html.php in the  ...)
 	NOT-FOR-US: RS Gallery2
-CVE-2006-6961
+CVE-2006-6961 (WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on ...)
 	NOT-FOR-US: WebRoot Spy Sweeper
-CVE-2006-6960
+CVE-2006-6960 (The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier ...)
 	NOT-FOR-US: WebRoot Spy Sweeper
-CVE-2006-6959
+CVE-2006-6959 (WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the ...)
 	NOT-FOR-US: WebRoot Spy Sweeper
-CVE-2006-6958
+CVE-2006-6958 (Multiple PHP remote file inclusion vulnerabilities in phpBlueDragon 2. ...)
 	NOT-FOR-US: phpBlueDragon CMS
-CVE-2006-6957
+CVE-2006-6957 (PHP remote file inclusion vulnerability in addons/mod_media/body.php i ...)
 	NOT-FOR-US: Docebo
-CVE-2006-6956
+CVE-2006-6956 (Microsoft Internet Explorer allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6955
+CVE-2006-6955 (Opera allows remote attackers to cause a denial of service (applicatio ...)
 	NOT-FOR-US: Opera
-CVE-2006-6954
+CVE-2006-6954 (Flock beta 1 0.7 allows remote attackers to cause a denial of service  ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security problems
 	NOTE: Tested the proof of concept in iceweasel 2.0.0.1 and it crash.
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=239840
-CVE-2006-6953
+CVE-2006-6953 (The virtual keyboard implementation in GlobeTrotter Mobility Manager c ...)
 	NOT-FOR-US: GlobeTrotter Mobility Manager
-CVE-2006-6952
+CVE-2006-6952 (Computer Associates Host Intrusion Prevention System (HIPS) drivers (1 ...)
 	NOT-FOR-US: Computer Associates (CA)
-CVE-2006-6951
+CVE-2006-6951 (Cross-site scripting (XSS) vulnerability in blog.php in OdysseusBlog a ...)
 	NOT-FOR-US: Odysseus Blog
-CVE-2006-6950
+CVE-2006-6950 (Directory traversal vulnerability in Conti FTPServer 1.0 Build 2.8 all ...)
 	NOT-FOR-US: Conti FtpServer
-CVE-2006-6949
+CVE-2006-6949 (Conti FTPServer 1.0 Build 2.8 stores user passwords in cleartext in My ...)
 	NOT-FOR-US: Conti FtpServer
-CVE-2006-6948
+CVE-2006-6948 (MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allow ...)
 	NOT-FOR-US: JVN
-CVE-2006-6947
+CVE-2006-6947 (The FTP server in the NEC MultiWriter 1700C allows remote attackers to ...)
 	NOT-FOR-US: NEC
-CVE-2006-6946
+CVE-2006-6946 (The web server in the NEC MultiWriter 1700C allows remote attackers to ...)
 	NOT-FOR-US: NEC
-CVE-2006-6945
+CVE-2006-6945 (SQL injection vulnerability in Virtuemart 1.0.7 allows remote attacker ...)
 	NOT-FOR-US: VirtueMart
-CVE-2006-6944
+CVE-2006-6944 (phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny ...)
 	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.9.1.1-2 (medium)
-CVE-2006-6943
+CVE-2006-6943 (PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full s ...)
 	- phpmyadmin 4:2.9.1.1-2 (unimportant)
 	NOTE: Only path disclosure
-CVE-2006-6942
+CVE-2006-6942 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin befo ...)
 	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.9.1.1-2 (medium)
 	NOTE: All versions 2.9.1 is vulnerable, solution is 2.9.1.1 or newer.
-CVE-2006-6941
+CVE-2006-6941 (index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: FreeWebshop
-CVE-2006-6940
+CVE-2006-6940 (Buffer overflow in the ParseHeader function in clsOWA.cls in POP3/SMTP ...)
 	NOT-FOR-US: OWA
-CVE-2006-6939
+CVE-2006-6939 (GNU ed before 0.3 allows local users to overwrite arbitrary files via  ...)
 	- ed 0.2-19
-CVE-2006-6938
+CVE-2006-6938 (Directory traversal vulnerability in includes/common.php in NitroTech  ...)
 	NOT-FOR-US: NitroTech CMS
-CVE-2006-6937
+CVE-2006-6937 (SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo Gall ...)
 	NOT-FOR-US: ASP Photo Gallery
-CVE-2006-6936
+CVE-2006-6936 (Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery a ...)
 	NOT-FOR-US: ASP Photo Gallery
-CVE-2006-6935
+CVE-2006-6935 (SQL injection vulnerability in the login component in Portix-PHP 0.4.2 ...)
 	NOT-FOR-US: Portix
-CVE-2006-6934
+CVE-2006-6934 (Multiple cross-site scripting (XSS) vulnerabilities in Portix-PHP 0.4. ...)
 	NOT-FOR-US: Portix
-CVE-2006-6933
+CVE-2006-6933 (Easy Chat Server 2.1 stores sensitive information under the web root w ...)
 	NOT-FOR-US: Easy Chat Server
-CVE-2006-6932
+CVE-2006-6932 (Multiple SQL injection vulnerabilities in Image Gallery with Access Da ...)
 	NOT-FOR-US: Image Gallery
-CVE-2006-6931
+CVE-2006-6931 (Algorithmic complexity vulnerability in Snort before 2.6.1, during pre ...)
 	- snort 2.7.0-1 (low; bug #407421)
 	[sarge] - snort <no-dsa> (Minor issue)
 	[etch] - snort <no-dsa> (Minor issue)
-CVE-2006-6930
+CVE-2006-6930 (SQL injection vulnerability in viewad.asp in Rapid Classified 3.1 allo ...)
 	NOT-FOR-US: Rapid Classified
-CVE-2006-6929
+CVE-2006-6929 (Multiple cross-site scripting (XSS) vulnerabilities in Rapid Classifie ...)
 	NOT-FOR-US: Rapid Classified
-CVE-2006-6928
+CVE-2006-6928 (Multiple cross-site scripting (XSS) vulnerabilities in Rialto 1.6 allo ...)
 	NOT-FOR-US: Rialto
-CVE-2006-6927
+CVE-2006-6927 (Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote atta ...)
 	NOT-FOR-US: Rialto
-CVE-2006-6926
+CVE-2006-6926 (Buffer overflow in eXtremail 2.1 has unknown impact and attack vectors ...)
 	NOT-FOR-US: eXtremail
-CVE-2006-6925
+CVE-2006-6925 (Multiple cross-site scripting (XSS) vulnerabilities in bitweaver 1.3.1 ...)
 	NOT-FOR-US: bitweaver
-CVE-2006-6924
+CVE-2006-6924 (bitweaver 1.3.1 and earlier allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: bitweaver
-CVE-2006-6923
+CVE-2006-6923 (SQL injection vulnerability in newsletters/edition.php in bitweaver 1. ...)
 	NOT-FOR-US: bitweaver
-CVE-2006-6922
+CVE-2006-6922 (SQL injection vulnerability in Deadlock User Management System (phpdea ...)
 	NOT-FOR-US: Deadlock
-CVE-2006-6921
+CVE-2006-6921 (Unspecified versions of the Linux kernel allow local users to cause a  ...)
 	- linux-2.6 2.6.18-1 (low)
-CVE-2006-6920
+CVE-2006-6920 (Cross-site scripting (XSS) vulnerability in Nucleus before 3.24 allows ...)
 	NOT-FOR-US: Nucleus
-CVE-2006-6919
+CVE-2006-6919 (Firefox Sage extension 1.3.8 and earlier allows remote attackers to ex ...)
 	- firefox-sage 1.3.6-3
 	NOTE: 1.3.6-3 disabled HTML mode entirely
-CVE-2006-6918
+CVE-2006-6918 (Unspecified vulnerability in the Admin login for Georgian discussion b ...)
 	NOT-FOR-US: GeoBB
-CVE-2006-6917
+CVE-2006-6917 (Multiple buffer overflows in Computer Associates (CA) BrightStor ARCse ...)
 	NOT-FOR-US: Computer Associates (CA)
-CVE-2006-6916
+CVE-2006-6916 (Getahead Direct Web Remoting (DWR) before 1.1.3 allows attackers to ca ...)
 	NOT-FOR-US: Getahead
-CVE-2006-6915
+CVE-2006-6915 (ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to c ...)
 	NOT-FOR-US: IBM
-CVE-2006-6914
+CVE-2006-6914 (Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows re ...)
 	NOT-FOR-US: IBM
-CVE-2006-6913
+CVE-2006-6913 (Unspecified vulnerability in phpMyFAQ 1.6.7 and earlier allows remote  ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2006-6912
+CVE-2006-6912 (SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remot ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2006-6911
+CVE-2006-6911 (SQL injection vulnerability in search.asp in Digitizing Quote And Orde ...)
 	NOT-FOR-US: DIGITIZING QUOTE AND ORDERING SYSTEM
-CVE-2006-6910
+CVE-2006-6910 (formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO begin ...)
 	NOT-FOR-US: Fersch Formbankserver
-CVE-2006-6909
+CVE-2006-6909 (Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka Com ...)
 	NOT-FOR-US: Karl Dahlke Edbrowse
-CVE-2006-6908
+CVE-2006-6908 (Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluet ...)
 	NOT-FOR-US: Bluetooth Stack COM Server (Windows)
-CVE-2006-6907
+CVE-2006-6907 (Unspecified vulnerability in the Bluesoil Bluetooth stack has unknown  ...)
 	NOT-FOR-US: Bluesoil Bluetooth
-CVE-2006-6906
+CVE-2006-6906 (Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and  ...)
 	NOT-FOR-US: Bluetooth stack on Mac OS
-CVE-2006-6905
+CVE-2006-6905 (Unspecified vulnerability in the Widcomm Bluetooth stack allows remote ...)
 	NOT-FOR-US: Widcomm Bluetooth
-CVE-2006-6904
+CVE-2006-6904 (Unspecified vulnerability in the Broadcom Bluetooth stack allows remot ...)
 	NOT-FOR-US: Broadcom
-CVE-2006-6903
+CVE-2006-6903 (Unspecified vulnerability in the Toshiba Bluetooth stack allows remote ...)
 	NOT-FOR-US: Toshiba Bluetooth stack
-CVE-2006-6902
+CVE-2006-6902 (Unspecified vulnerability in the Bluetooth stack in Microsoft Windows  ...)
 	NOT-FOR-US: Windows Mobile
-CVE-2006-6901
+CVE-2006-6901 (Unspecified vulnerability in the Bluetooth stack in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2006-6900
+CVE-2006-6900 (Unspecified vulnerability in the Bluetooth stack in Apple Mac OS 10.4  ...)
 	NOT-FOR-US: Mac OS
-CVE-2006-6899
+CVE-2006-6899 (hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obt ...)
 	- bluez-utils 3.7-1 (bug #408889; medium)
-CVE-2006-6898
+CVE-2006-6898 (Widcomm Bluetooth for Windows (BTW) before 4.0.1.1500 allows remote at ...)
 	NOT-FOR-US: Widcomm Bluetooth
-CVE-2006-6897
+CVE-2006-6897 (Directory traversal vulnerability in Widcomm Bluetooth for Windows (BT ...)
 	NOT-FOR-US: Widcomm Bluetooth
-CVE-2006-6896
+CVE-2006-6896 (The Bluetooth stack in the Plantronic Headset does not properly implem ...)
 	NOT-FOR-US: Plantronic Headset
-CVE-2006-6895
+CVE-2006-6895 (The Bluetooth stack in the Sony Ericsson T60 does not properly impleme ...)
 	NOT-FOR-US: Sony Ericsson T60
-CVE-2006-6894
+CVE-2006-6894 (Multiple unspecified vulnerabilities in SPINE before 1.2 have unknown  ...)
 	NOT-FOR-US: SPINE
-CVE-2006-6893
+CVE-2006-6893 (Tor allows remote attackers to discover the IP address of a hidden ser ...)
 	- tor <unfixed> (unimportant)
 	NOTE: It could be argued that this is a laws-of-physics vulnerability
 	NOTE: that is a fundamental design limitation of certain hardware
 	NOTE: implementations.
-CVE-2006-6892
+CVE-2006-6892 (Cross-site scripting (XSS) vulnerability in the GetLocation function i ...)
 	NOT-FOR-US: Jonathon J. Freeman OvBB
-CVE-2006-6891
+CVE-2006-6891 (Vz (Adp) Forum 2.0.3 stores sensitive information under the web root w ...)
 	NOT-FOR-US: Vz Scripts ADP Forum
-CVE-2006-6890
+CVE-2006-6890 (Voodoo chat 1.0RC1b stores sensitive information under the web root wi ...)
 	NOT-FOR-US: Voodoo chat
-CVE-2006-6889
+CVE-2006-6889 (FreeStyle Wiki (fswiki) 3.6.2 and earlier stores sensitive information ...)
 	NOT-FOR-US: FreeStyle Wiki
-CVE-2006-6888
+CVE-2006-6888 (P-News 1.16 and 1.17 store sensitive information under the web root wi ...)
 	NOT-FOR-US: P-News
-CVE-2006-6887
+CVE-2006-6887 (Unrestricted file upload vulnerability in logahead UNU 1.0 allows remo ...)
 	NOT-FOR-US: logahead UNU
-CVE-2006-6886
+CVE-2006-6886 (phpwcms 1.2.5-DEV allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: phpwcms
-CVE-2006-6885
+CVE-2006-6885 (An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remo ...)
 	- flashplugin-nonfree <not-affected> (Windows-specific)
-CVE-2006-6884
+CVE-2006-6884 (Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka ...)
 	NOT-FOR-US: Sky Software
 CVE-2006-6883
 	NOT-FOR-US: PHPIrc_bot
-CVE-2006-6882
+CVE-2006-6882 (Cross-site scripting (XSS) vulnerability in golden book allows remote  ...)
 	NOT-FOR-US: Golden Book
-CVE-2006-6881
+CVE-2006-6881 (Buffer overflow in the Get_Wep function in cofvnet.c for ATMEL Linux P ...)
 	NOT-FOR-US: ATMEL WLAN drivers
-CVE-2006-6880
+CVE-2006-6880 (Multiple SQL injection vulnerabilities in code/guestadd.php in PHP-Upd ...)
 	NOT-FOR-US: PHP-Update
-CVE-2006-6879
+CVE-2006-6879 (Unrestricted file upload vulnerability in admin/uploads.php in PHP-Upd ...)
 	NOT-FOR-US: PHP-Update
-CVE-2006-6878
+CVE-2006-6878 (admin/uploads.php in PHP-Update 2.7 and earlier allows remote attacker ...)
 	NOT-FOR-US: PHP-Update
-CVE-2006-6877
+CVE-2006-6877 (Directory traversal vulnerability in index.php in Matteo Lucarelli 3ed ...)
 	NOT-FOR-US: Matteo Lucarelli 3editor
-CVE-2006-6876
+CVE-2006-6876 (Buffer overflow in the fetchsms function in the SMS handling module (l ...)
 	- openser 1.1.1-1 (medium)
 	[etch] - openser 1.1.0-9etch1
 	NOTE: http://web.archive.org/web/20151126200215/http://www.openser.org/pub/openser/1.1.1/ChangeLog
-CVE-2006-6875
+CVE-2006-6875 (Buffer overflow in the validateospheader function in the Open Settleme ...)
 	- openser 1.1.1-1 (medium)
 	[etch] - openser 1.1.0-9etch1
 	NOTE: http://web.archive.org/web/20151126200215/http://www.openser.org/pub/openser/1.1.1/ChangeLog
-CVE-2006-6874
+CVE-2006-6874 (Multiple cross-site scripting (XSS) vulnerabilities in friend.php in e ...)
 	NOT-FOR-US: eNdonesia CMS
-CVE-2006-6873
+CVE-2006-6873 (Multiple SQL injection vulnerabilities in mod.php in eNdonesia 8.4 all ...)
 	NOT-FOR-US: eNdonesia CMS
-CVE-2006-6872
+CVE-2006-6872 (Directory traversal vulnerability in mod.php in eNdonesia 8.4 allows r ...)
 	NOT-FOR-US: eNdonesia CMS
-CVE-2006-6871
+CVE-2006-6871 (Multiple cross-site scripting (XSS) vulnerabilities in eNdonesia 8.4 a ...)
 	NOT-FOR-US: eNdonesia CMS
-CVE-2006-6869
+CVE-2006-6869 (Directory traversal vulnerability in includes/search/search_mdforum.ph ...)
 	NOT-FOR-US: MAXdev
-CVE-2006-6868
+CVE-2006-6868 (Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web Sh ...)
 	NOT-FOR-US: Zen Cart
-CVE-2006-6867
+CVE-2006-6867 (Multiple PHP remote file inclusion vulnerabilities in Vladimir Menshak ...)
 	NOT-FOR-US: buratinable templator (aka bubla)
-CVE-2006-6866
+CVE-2006-6866 (STphp EasyNews PRO 4.0 stores sensitive information under the web root ...)
 	NOT-FOR-US: Ahead4
-CVE-2006-6865
+CVE-2006-6865 (Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp  ...)
 	NOT-FOR-US: Softartisans
-CVE-2006-6864
+CVE-2006-6864 (PHP remote file inclusion vulnerability in E2_header.inc.php in Enigma ...)
 	NOT-FOR-US: Enigma2
 CVE-2006-6863
 	NOT-FOR-US: Enigma2
-CVE-2006-6862
+CVE-2006-6862 (Multiple cross-site scripting (XSS) vulnerabilities in Outfront Spooky ...)
 	NOT-FOR-US: Outfront Spooky Login
-CVE-2006-6861
+CVE-2006-6861 (Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 al ...)
 	NOT-FOR-US: Outfront Spooky Login
-CVE-2006-6860
+CVE-2006-6860 (Buffer overflow in the sendToMythTV function in MythControlServer.c in ...)
 	NOT-FOR-US: MythControl
-CVE-2006-6859
+CVE-2006-6859 (SQL injection vulnerability in coupon_detail.asp in Website Designs Fo ...)
 	NOT-FOR-US: Website Designs for Less
 CVE-2006-XXXX [ssmtp password leak]
 	- ssmtp 2.61-10.1 (bug #369542; low)
-CVE-2006-6870
+CVE-2006-6870 (The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 ...)
 	- avahi 0.6.16-1 (low)
-CVE-2006-6858
+CVE-2006-6858 (Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bub ...)
 	- miredo 1.0.4-2 (bug #405412; bug #405111; medium)
-CVE-2006-6857
+CVE-2006-6857 (Cross-site scripting (XSS) vulnerability in modules/credits/credits.ph ...)
 	NOT-FOR-US: Docebo LMS
-CVE-2006-6856
+CVE-2006-6856 (Direct static code injection vulnerability in WebText CMS 0.4.5.2 and  ...)
 	NOT-FOR-US: WebText CMS
-CVE-2006-6855
+CVE-2006-6855 (AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to ca ...)
 	NOT-FOR-US: AIDeX Mini-WebServer
-CVE-2006-6854
+CVE-2006-6854 (The qcamvc_video_init function in qcamvc.c in De Marchi Daniele QuickC ...)
 	NOT-FOR-US: QuickCam VC (linux-uvc and qc-usb in Debian are not related)
-CVE-2006-6853
+CVE-2006-6853 (Buffer overflow in Durian Web Application Server 3.02 freeware on Wind ...)
 	NOT-FOR-US: Durian Web Application Server
-CVE-2006-6852
+CVE-2006-6852 (Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 allow ...)
 	- tdiary 2.0.2+20060303-5 (bug #403345; bug #404940; medium)
-CVE-2006-6851
+CVE-2006-6851 (Multiple cross-site scripting (XSS) vulnerabilities in contact_us.php  ...)
 	NOT-FOR-US: ac4p Mobilelib gold
-CVE-2006-6850
+CVE-2006-6850 (PHP remote file inclusion vulnerability in include.php in the Roster M ...)
 	NOT-FOR-US: Shadowed Portal / Roster Module
-CVE-2006-6849
+CVE-2006-6849 (administration/index.php in Cahier de texte (CDT) 2.2 does not properl ...)
 	NOT-FOR-US: Cahier de texte (CDT)
-CVE-2006-6848
+CVE-2006-6848 (SQL injection vulnerability in admin.asp in ASPTicker 1.0 allows remot ...)
 	NOT-FOR-US: ASPTicker
-CVE-2006-6847
+CVE-2006-6847 (An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 al ...)
 	NOT-FOR-US: RealPlayer for Windows
-CVE-2006-6846
+CVE-2006-6846 (Multiple SQL injection vulnerabilities in While You Were Out (WYWO) In ...)
 	NOT-FOR-US: WYWO - InOut Board
-CVE-2006-6845
+CVE-2006-6845 (Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simp ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2006-6844
+CVE-2006-6844 (Cross-site scripting (XSS) vulnerability in the optional user comment  ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2006-6843
+CVE-2006-6843 (PHP remote file inclusion vulnerability in the BE IT EasyPartner 0.0.9 ...)
 	NOT-FOR-US: EasyPartner component for Joomla!
-CVE-2006-6842
+CVE-2006-6842 (SQL injection vulnerability in admin/admin_acronyms.php in the Acronym ...)
 	NOT-FOR-US: Acronym Mod for phpBB2
-CVE-2006-6841
+CVE-2006-6841 (Certain forms in phpBB before 2.0.22 lack session checks, which has un ...)
 	{DSA-1488-1}
 	- phpbb2 2.0.21-6 (bug #405980)
-CVE-2006-6840
+CVE-2006-6840 (Unspecified vulnerability in phpBB before 2.0.22 has unknown impact an ...)
 	{DSA-1488-1}
 	- phpbb2 2.0.21-6 (bug #405980)
-CVE-2006-6839
+CVE-2006-6839 (Unspecified vulnerability in phpBB before 2.0.22 has unknown impact an ...)
 	{DSA-1488-1}
 	- phpbb2 2.0.21-6 (bug #405980)
-CVE-2006-6838
+CVE-2006-6838 (Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to ...)
 	NOT-FOR-US: Rediff Bol Downloader ActiveX (OCX) control
-CVE-2006-6837
+CVE-2006-6837 (Multiple stack-based buffer overflows in the (1) LoadTree, (2) ReadHea ...)
 	NOT-FOR-US: Total Commander
-CVE-2006-6836
+CVE-2006-6836 (Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0  ...)
 	NOT-FOR-US: IBM
-CVE-2006-6835
+CVE-2006-6835 (SQL injection vulnerability in Journal.inc.php in Neocrome Land Down U ...)
 	NOT-FOR-US: Land Down Under
-CVE-2006-6834
+CVE-2006-6834 (Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unk ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-6833
+CVE-2006-6833 (com_categories in Joomla! before 1.0.12 does not validate input, which ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-6832
+CVE-2006-6832 (Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allo ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-6831
+CVE-2006-6831 (SQL injection vulnerability in faqDsp.asp in aFAQ 1.0 allows remote at ...)
 	NOT-FOR-US: aFAQ
-CVE-2006-6830
+CVE-2006-6830 (PHP remote file inclusion vulnerability in b2verifauth.php in b2 Blog  ...)
 	NOT-FOR-US: b2 Blog
-CVE-2006-6829
+CVE-2006-6829 (Efkan Forum 1.0 and earlier store sensitive information under the web  ...)
 	NOT-FOR-US: Efkan Forum
-CVE-2006-6828
+CVE-2006-6828 (Multiple SQL injection vulnerabilities in Efkan Forum 1.0 and earlier  ...)
 	NOT-FOR-US: Efkan Forum
-CVE-2006-6827
+CVE-2006-6827 (Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a d ...)
 	- flashplugin-nonfree <not-affected> (Windows-specific)
-CVE-2006-6826
+CVE-2006-6826 (Unspecified vulnerability in the tab editor for Personal .NET Portal b ...)
 	NOT-FOR-US: Personal .NET Portal
-CVE-2006-6825
+CVE-2006-6825 (Calendar MX BASIC 1.0.2 and earlier store sensitive information under  ...)
 	NOT-FOR-US: Calendar MX
-CVE-2006-6824
+CVE-2006-6824 (Multiple cross-site scripting (XSS) vulnerabilities in Jim Hu and Chad ...)
 	NOT-FOR-US: iCalendar
-CVE-2006-6823
+CVE-2006-6823 (PHP remote file inclusion vulnerability in plugins/metasearch/plug.inc ...)
 	NOT-FOR-US: Yrch!
-CVE-2006-6822
+CVE-2006-6822 (myprofile.asp in Enthrallweb eClassifieds does not properly validate t ...)
 	NOT-FOR-US: Enthrallweb eClassifieds
-CVE-2006-6821
+CVE-2006-6821 (myprofile.asp in Enthrallweb eNews does not properly validate the MM_r ...)
 	NOT-FOR-US: Enthrallweb eNews
-CVE-2006-6820
+CVE-2006-6820 (myprofile.asp in Enthrallweb eCoupons does not properly validate the M ...)
 	NOT-FOR-US: Enthrallweb eCoupons
-CVE-2006-6819
+CVE-2006-6819 (AlstraSoft Web Host Directory stores sensitive information under the w ...)
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2006-6818
+CVE-2006-6818 (AlstraSoft Web Host Directory allows remote attackers to bypass authen ...)
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2006-6817
+CVE-2006-6817 (AlstraSoft Web Host Directory allows remote attackers to obtain sensit ...)
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2006-6816
+CVE-2006-6816 (Multiple SQL injection vulnerabilities in DMXReady Secure Login Manage ...)
 	NOT-FOR-US: DMXReady Secure Login Manager
-CVE-2006-6815
+CVE-2006-6815 (Multiple cross-site scripting (XSS) vulnerabilities in DMXReady Secure ...)
 	NOT-FOR-US: DMXReady Secure Login Manager
-CVE-2006-6814
+CVE-2006-6814 (Directory traversal vulnerability in FolderManager/FolderManager.aspx  ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2006-6813
+CVE-2006-6813 (SQL injection vulnerability in detail.asp in Mxmania File Upload Manag ...)
 	NOT-FOR-US: Mxmania File Upload Manager
-CVE-2006-6812
+CVE-2006-6812 (Multiple PHP remote file inclusion vulnerabilities in myPHPCalendar 10 ...)
 	NOT-FOR-US: myPHPCalendar
-CVE-2006-6811
+CVE-2006-6811 (KsIRC 1.3.12 allows remote attackers to cause a denial of service (cra ...)
 	- kdenetwork 4:3.5.5-4 (low; bug #405828)
 	[sarge] - kdenetwork <no-dsa> (Minor issue)
-CVE-2006-6810
+CVE-2006-6810 (Unspecified vulnerability in the clear_user_list function in src/main. ...)
 	NOT-FOR-US: DB Hub
-CVE-2006-6809
+CVE-2006-6809 (Multiple PHP remote file inclusion vulnerabilities in process.php in V ...)
 	NOT-FOR-US: buratinable templator (aka bubla)
-CVE-2006-6808
+CVE-2006-6808 (Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in  ...)
 	- wordpress 2.0.6-1 (bug #405299)
-CVE-2006-6807
+CVE-2006-6807 (SQL injection vulnerability in list.asp in Softwebs Nepal (aka Ananda  ...)
 	NOT-FOR-US: Ananda Real Estate
-CVE-2006-6806
+CVE-2006-6806 (SQL injection vulnerability in newsdetail.asp in Enthrallweb eMates 1. ...)
 	NOT-FOR-US: Enthrallweb eMates
-CVE-2006-6805
+CVE-2006-6805 (SQL injection vulnerability in newsdetail.asp in Enthrallweb eJobs all ...)
 	NOT-FOR-US: Enthrallweb eJobs
-CVE-2006-6804
+CVE-2006-6804 (SQL injection vulnerability in bus_details.asp in Dragon Business Dire ...)
 	NOT-FOR-US: Dragon Business Directory - Pro
-CVE-2006-6803
+CVE-2006-6803 (SQL injection vulnerability in Types.asp in Enthrallweb eCars 1.0 allo ...)
 	NOT-FOR-US: Enthrallweb eCars
-CVE-2006-6802
+CVE-2006-6802 (SQL injection vulnerability in actualpic.asp in Enthrallweb ePages all ...)
 	NOT-FOR-US: Enthrallweb ePages
-CVE-2006-6801
+CVE-2006-6801 (PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, w ...)
 	NOT-FOR-US: SH-News
-CVE-2006-6800
+CVE-2006-6800 (PHP remote file inclusion in eventcal/mod_eventcal.php in the event mo ...)
 	NOT-FOR-US: Limbo CMS
-CVE-2006-6799
+CVE-2006-6799 (SQL injection vulnerability in Cacti 0.8.6i and earlier, when register ...)
 	{DSA-1250-1}
 	- cacti 0.8.6i-3 (bug #404818; high)
 CVE-2006-6798
 	RESERVED
-CVE-2006-6797
+CVE-2006-6797 (The Client Server Run-Time Subsystem (CSRSS) in Microsoft Windows allo ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6796
+CVE-2006-6796 (PHP remote file inclusion vulnerability in admin/admin_settings.php in ...)
 	NOT-FOR-US: MTCMS
-CVE-2006-6795
+CVE-2006-6795 (PHP remote file inclusion vulnerability in gallery/displayCategory.php ...)
 	NOT-FOR-US: myPHPNuke
-CVE-2006-6794
+CVE-2006-6794 (SQL injection vulnerability in default.asp in Efkan Forum 1.0 allows r ...)
 	NOT-FOR-US: Efkan Forum
-CVE-2006-6793
+CVE-2006-6793 (PHP remote file inclusion vulnerability in ataturk.php in Okul Merkezi ...)
 	NOT-FOR-US: Okul Merkezi Portal
-CVE-2006-6792
+CVE-2006-6792 (SQL injection vulnerability in calendar_detail.asp in Calendar MX BASI ...)
 	NOT-FOR-US: Calendar MX
-CVE-2006-6791
+CVE-2006-6791 (SQL injection vulnerability in SelGruFra.asp in chatwm 1.0 allows remo ...)
 	NOT-FOR-US: chatwm
-CVE-2006-6790
+CVE-2006-6790 (Direct static code injection vulnerability in chat/login.php in Ultima ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-6789
+CVE-2006-6789 (PHP remote file inclusion vulnerability in includes/archive/archive_to ...)
 	NOT-FOR-US: Phpbbxtra
-CVE-2006-6788
+CVE-2006-6788 (Multiple PHP remote file inclusion vulnerabilities in LuckyBot 3 allow ...)
 	NOT-FOR-US: LuckyBot
-CVE-2006-6787
+CVE-2006-6787 (SQL injection vulnerability in admin/admin_mail_adressee.asp in Newsle ...)
 	NOT-FOR-US: Newsletter MX
-CVE-2006-6786
+CVE-2006-6786 (Open Newsletter 2.5 and earlier allows remote authenticated administra ...)
 	NOT-FOR-US: Open Newsletter
-CVE-2006-6785
+CVE-2006-6785 (The (1) settings.php and (2) subscribers.php scripts in Open Newslette ...)
 	NOT-FOR-US: Open Newsletter
-CVE-2006-6784
+CVE-2006-6784 (SQL injection vulnerability in Netbula Anyboard allows remote attacker ...)
 	NOT-FOR-US: Netbula Anyboard
-CVE-2006-6783
+CVE-2006-6783 (logahead UNU 1.0 before 20061226 allows remote attackers to upload arb ...)
 	NOT-FOR-US: logahead UNU
-CVE-2006-6782
+CVE-2006-6782 (Cross-site scripting (XSS) vulnerability in pnamazu 2006.02.28 and ear ...)
 	NOT-FOR-US: pnamazu
-CVE-2006-6781
+CVE-2006-6781 (HLstats 1.20 through 1.34 allows remote attackers to obtain sensitive  ...)
 	NOT-FOR-US: HLstats
-CVE-2006-6780
+CVE-2006-6780 (SQL injection vulnerability in the login form in HLstats 1.20 through  ...)
 	NOT-FOR-US: HLstats
-CVE-2006-6779
+CVE-2006-6779 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin allows r ...)
 	NOT-FOR-US: vBulletin
-CVE-2006-6778
+CVE-2006-6778 (Cross-site scripting (XSS) vulnerability in shownews.php in TimberWolf ...)
 	NOT-FOR-US: TimberWolf
-CVE-2006-6777
+CVE-2006-6777 (Cross-site scripting (XSS) vulnerability in index.cfm in Future Intern ...)
 	NOT-FOR-US: Future Internet
-CVE-2006-6776
+CVE-2006-6776 (Multiple SQL injection vulnerabilities in Future Internet allow remote ...)
 	NOT-FOR-US: Future Internet
-CVE-2006-6775
+CVE-2006-6775 (acFTP 1.5 allows remote authenticated users to cause a denial of servi ...)
 	NOT-FOR-US: acFTP
-CVE-2006-6774
+CVE-2006-6774 (PHP remote file inclusion vulnerability in socios/maquetacion_socio.ph ...)
 	NOT-FOR-US: Content Federator
-CVE-2006-6773
+CVE-2006-6773 (pages/register/register.php in Fishyshoop 0.930 beta allows remote att ...)
 	NOT-FOR-US: Fishyshoop
-CVE-2006-6772
+CVE-2006-6772 (Format string vulnerability in the inputAnswer function in file.c in w ...)
 	- w3m 0.5.1-5.1 (bug #404564; low)
 	- w3mmee <not-affected> (Does not include this format string vuln in the code)
 	[sarge] - w3m <no-dsa> (Minor issue, only exploitable in dump mode)
-CVE-2006-6771
+CVE-2006-6771 (Multiple PHP remote file inclusion vulnerabilities in Irokez CMS 0.7.1 ...)
 	NOT-FOR-US: Irokez CMS
-CVE-2006-6770
+CVE-2006-6770 (Multiple PHP remote file inclusion vulnerabilities in Jinzora Media Ju ...)
 	NOT-FOR-US: Jinzora Media Jukebox
-CVE-2006-6769
+CVE-2006-6769 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 ...)
 	NOT-FOR-US: PHP Live!
-CVE-2006-6768
+CVE-2006-6768 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in  ...)
 	NOT-FOR-US: PWP Technologies The Classified Ad System
-CVE-2006-6767
+CVE-2006-6767 (oftpd before 0.3.7 allows remote attackers to cause a denial of servic ...)
 	- oftpd <removed>
-CVE-2006-6766
+CVE-2006-6766 (Multiple SQL injection vulnerabilities in cwmExplorer 1.1.0 and earlie ...)
 	NOT-FOR-US: cwmExplorer
-CVE-2006-6765
+CVE-2006-6765 (Multiple PHP file inclusion vulnerabilities in src/admin/pt_upload.php ...)
 	NOT-FOR-US: Pagetool
-CVE-2006-6764
+CVE-2006-6764 (PHP remote file inclusion vulnerability in authenticate.php in Keep It ...)
 	NOT-FOR-US: Keep It Simple Guest Book (KISGB)
-CVE-2006-6763
+CVE-2006-6763 (Multiple PHP remote file inclusion vulnerabilities in the Keep It Simp ...)
 	NOT-FOR-US: Keep It Simple Guest Book (KISGB)
-CVE-2006-6762
+CVE-2006-6762 (The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows rem ...)
 	NOT-FOR-US: Novell NetMail
-CVE-2006-6761
+CVE-2006-6761 (Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMa ...)
 	NOT-FOR-US: Novell NetMail
-CVE-2006-6760
+CVE-2006-6760 (Multiple PHP remote file inclusion vulnerabilities in template.php in  ...)
 	NOT-FOR-US: phpMyAnime (aka phpmymanga)
-CVE-2006-6759
+CVE-2006-6759 (A certain ActiveX control in rpau3260.dll in RealNetworks RealPlayer 1 ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2006-6758
+CVE-2006-6758 (Directory traversal vulnerability in Http explorer 1.02 allows remote  ...)
 	NOT-FOR-US: Http explorer
-CVE-2006-6757
+CVE-2006-6757 (Directory traversal vulnerability in index.php in cwmExplorer 1.0 allo ...)
 	NOT-FOR-US: cwmExplorer
-CVE-2006-6756
+CVE-2006-6756 (The code function in install.fct.php in Ixprim 1.2 produces a guessabl ...)
 	NOT-FOR-US: Ixprim
-CVE-2006-6755
+CVE-2006-6755 (Ixprim 1.2 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: Ixprim
-CVE-2006-6754
+CVE-2006-6754 (Multiple SQL injection vulnerabilities in Ixprim 1.2 allow remote atta ...)
 	NOT-FOR-US: Ixprim
-CVE-2006-6753
+CVE-2006-6753 (Event Viewer (eventvwr.exe) in Microsoft Windows does not properly dis ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6752
+CVE-2006-6752 (Buffer overflow in FTPRush 1.0.0.610 might allow attackers to gain pri ...)
 	NOT-FOR-US: FTPRush
-CVE-2006-6751
+CVE-2006-6751 (Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allow ...)
 	NOT-FOR-US: XM Easy Personal FTP Server
-CVE-2006-6750
+CVE-2006-6750 (Format string vulnerability in XM Easy Personal FTP Server 5.0.1 allow ...)
 	NOT-FOR-US: XM Easy Personal FTP Server
-CVE-2006-6748
+CVE-2006-6748 (PHP remote file inclusion vulnerability in i-accueil.php in Newxooper  ...)
 	NOT-FOR-US: Newxooper
-CVE-2006-6747
+CVE-2006-6747 (SQL injection vulnerability in show_news.php in Xt-News 0.1 allows rem ...)
 	NOT-FOR-US: Xt-News
-CVE-2006-6746
+CVE-2006-6746 (Multiple cross-site scripting (XSS) vulnerabilities in Xt-News 0.1 all ...)
 	NOT-FOR-US: Xt-News
-CVE-2006-6745
+CVE-2006-6745 (Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) ...)
 	- sun-java5 1.5.0-08-1
-CVE-2006-6744
+CVE-2006-6744 (phpProfiles before 2.1.1 does not have an index.php or other index fil ...)
 	NOT-FOR-US: phpProfiles
-CVE-2006-6743
+CVE-2006-6743 (phpProfiles before 2.1.1 uses world writable permissions for certain p ...)
 	NOT-FOR-US: phpProfiles
-CVE-2006-6742
+CVE-2006-6742 (Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP Lase ...)
 	NOT-FOR-US: HP
-CVE-2006-6741
+CVE-2006-6741 (Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal ...)
 	NOT-FOR-US: MKPortal
-CVE-2006-6740
+CVE-2006-6740 (Multiple PHP remote file inclusion vulnerabilities in phpProfiles 3.1. ...)
 	NOT-FOR-US: phpProfiles
-CVE-2006-6739
+CVE-2006-6739 (PHP remote file inclusion vulnerability in buycd.php in Paristemi 0.8. ...)
 	NOT-FOR-US: Paristemi
-CVE-2006-6738
+CVE-2006-6738 (PHP remote file inclusion vulnerability in statistic.php in cwmCounter ...)
 	NOT-FOR-US: cwmCounter
-CVE-2006-6737
+CVE-2006-6737 (Unspecified vulnerability in Sun Java Development Kit (JDK) and Java R ...)
 	- sun-java5 1.5.0-07-1
-CVE-2006-6736
+CVE-2006-6736 (Unspecified vulnerability in Sun Java Development Kit (JDK) and Java R ...)
 	- sun-java5 1.5.0-07-1
-CVE-2006-6735
+CVE-2006-6735 (modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Sh ...)
 	NOT-FOR-US: Website Mini Web Shop
-CVE-2006-6734
+CVE-2006-6734 (Cross-site scripting (XSS) vulnerability in modules/viewcategory.php i ...)
 	NOT-FOR-US: Website Mini Web Shop
-CVE-2006-6733
+CVE-2006-6733 (Cross-site scripting (XSS) vulnerability in support/view.php in Suppor ...)
 	NOT-FOR-US: Support Cards 1 (osTicket)
-CVE-2006-6732
+CVE-2006-6732 (PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0  ...)
 	NOT-FOR-US: cwmVote
-CVE-2006-6731
+CVE-2006-6731 (Multiple buffer overflows in Sun Java Development Kit (JDK) and Java R ...)
 	- sun-java5 1.5.0-08-1
-CVE-2006-6730
+CVE-2006-6730 (OpenBSD and NetBSD permit usermode code to kill the display server and ...)
 	NOTE: Access to DMA-capable hardware such as graphics cards can,
 	NOTE: by design, bypass security restrictions. Not a real issue.
-CVE-2006-6729
+CVE-2006-6729 (Cross-site scripting (XSS) vulnerability in a-blog 1.51 and earlier al ...)
 	NOT-FOR-US: a-blog
-CVE-2006-6728
+CVE-2006-6728 (Unspecified vulnerability in the info request mechanism in LAN Messeng ...)
 	NOT-FOR-US: LAN Messenger
-CVE-2006-6727
+CVE-2006-6727 (PHP remote file inclusion vulnerability in inertianews_class.php in in ...)
 	NOT-FOR-US: inertianews
-CVE-2006-6726
+CVE-2006-6726 (PHP remote file inclusion vulnerability in inertianews_main.php in ine ...)
 	NOT-FOR-US: inertianews
-CVE-2006-6725
+CVE-2006-6725 (Multiple directory traversal vulnerabilities in PHPBuilder 0.0.2 and e ...)
 	NOT-FOR-US: PHPBuilder
-CVE-2006-6724
+CVE-2006-6724 (BolinTech Dream FTP Server 1.02 allows remote authenticated users, inc ...)
 	NOT-FOR-US: BolinTech Dream FTP Server
-CVE-2006-6723
+CVE-2006-6723 (The Workstation service in Microsoft Windows 2000 SP4 and XP SP2 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6722
+CVE-2006-6722 (Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers t ...)
 	NOT-FOR-US: Bandwebsite (aka Bandsite portal system)
-CVE-2006-6721
+CVE-2006-6721 (Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Kn ...)
 	NOT-FOR-US: Knusperleicht ShoutBox
-CVE-2006-6720
+CVE-2006-6720 (PHP remote file inclusion vulnerability in admin/index_sitios.php in A ...)
 	NOT-FOR-US: Azucar CMS
-CVE-2006-6719
+CVE-2006-6719 (The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) ...)
 	- wget 1.13-1 (unimportant)
 	NOTE: An FTP server crashing a download utility is a bug, but not a DoS security issue
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=bd7f4ef701ce5db64659db496d3f47aeedfadac2 (v1.13)
-CVE-2006-6718
+CVE-2006-6718 (The Allied Telesis AT-9000/24 Ethernet switch has a default password f ...)
 	NOT-FOR-US: Allied Telesis
-CVE-2006-6717
+CVE-2006-6717 (The Allied Telesis AT-9000/24 Ethernet switch accepts management packe ...)
 	NOT-FOR-US: Allied Telesis
-CVE-2006-6716
+CVE-2006-6716 (SQL injection vulnerability in administration/administre2.php in Eric  ...)
 	NOT-FOR-US: uploader&downloader
-CVE-2006-6715
+CVE-2006-6715 (PHP remote file inclusion vulnerability in footer.inc.php in PowerClan ...)
 	NOT-FOR-US: PowerClan
-CVE-2006-6714
+CVE-2006-6714 (Multiple memory leaks in Hitachi Directory Server 2 P-2444-A124 before ...)
 	NOT-FOR-US: Hitachi Directory Server
-CVE-2006-6713
+CVE-2006-6713 (Buffer overflow in Hitachi Directory Server 2 P-2444-A124 before 02-11 ...)
 	NOT-FOR-US: Hitachi Directory Server
-CVE-2006-6712
+CVE-2006-6712 (Cross-site scripting (XSS) vulnerability in SugarCRM Open Source 4.5.0 ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2006-6711
+CVE-2006-6711 (PHP remote file inclusion vulnerability in compteur/mapage.php in Newx ...)
 	NOT-FOR-US: Newxooper
-CVE-2006-6710
+CVE-2006-6710 (Multiple PHP remote file inclusion vulnerabilities in PgmReloaded 0.8. ...)
 	NOT-FOR-US: PgmReloaded
-CVE-2006-6709
+CVE-2006-6709 (Multiple SQL injection vulnerabilities in MGinternet Property Site Man ...)
 	NOT-FOR-US: MGinternet Property Site Manager
-CVE-2006-6708
+CVE-2006-6708 (Cross-site scripting (XSS) vulnerability in listings.asp in MGinternet ...)
 	NOT-FOR-US: MGinternet Property Site Manager
-CVE-2006-6707
+CVE-2006-6707 (Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader Act ...)
 	NOT-FOR-US: NeoTraceExplorer.NeoTraceLoader ActiveX control
-CVE-2006-6706
+CVE-2006-6706 (SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 throu ...)
 	NOT-FOR-US: Soumu Workflow
-CVE-2006-6705
+CVE-2006-6705 (Multiple unspecified vulnerabilities in the template files in Soumu Wo ...)
 	NOT-FOR-US: Soumu Workflow
-CVE-2006-6704
+CVE-2006-6704 (Cross-site scripting (XSS) vulnerability in the Webadmin in @Mail befo ...)
 	NOT-FOR-US: @Mail
-CVE-2006-6703
+CVE-2006-6703 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9 ...)
 	NOT-FOR-US: Oracle Portal
-CVE-2006-6702
+CVE-2006-6702 (Cross-site scripting (XSS) vulnerability in Global.pm in @Mail before  ...)
 	NOT-FOR-US: @Mail
-CVE-2006-6701
+CVE-2006-6701 (Cross-site request forgery (CSRF) vulnerability in util.pl in @Mail We ...)
 	NOT-FOR-US: @Mail
-CVE-2006-6700
+CVE-2006-6700 (Cross-site scripting (XSS) vulnerability in @Mail WebMail allows remot ...)
 	NOT-FOR-US: @Mail
-CVE-2006-6699
+CVE-2006-6699 (Multiple CRLF injection vulnerabilities in Oracle Portal 9.0.2 and pos ...)
 	NOT-FOR-US: Oracle Portal
-CVE-2006-6698
+CVE-2006-6698 (The GConf daemon (gconfd) in GConf 2.14.0 creates temporary files unde ...)
 	- gconf2 2.24.0-1 (unimportant; bug #404743)
 	NOTE: Minor nuisance, not much of a security problem
-CVE-2006-6749
+CVE-2006-6749 (Buffer overflow in the parse_expression function in parse_config in Op ...)
 	- openser 1.1.0-8 (medium; bug #404591)
 CVE-2006-XXXX [insecure rpath in libflash-mozplugin]
 	- libflash 0.4.13-9 (low; bug #399508)
 	[etch] - libflash <no-dsa> (Not exploitable through directory writable by an unprivileged user)
-CVE-2006-6697
+CVE-2006-6697 (CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle Port ...)
 	NOT-FOR-US: Oracle
-CVE-2006-6696
+CVE-2006-6696 (Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vis ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6695
+CVE-2006-6695 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ca ...)
 	NOT-FOR-US: Carsen Klock TextSend
-CVE-2006-6694
+CVE-2006-6694 (Directory traversal vulnerability in include/config.php in E-Uploader  ...)
 	NOT-FOR-US: E-Uploader
-CVE-2006-6693
+CVE-2006-6693 (Multiple buffer overflows in zabbix before 20061006 allow attackers to ...)
 	- zabbix 1:1.1.2-4 (medium; bug #391388)
-CVE-2006-6692
+CVE-2006-6692 (Multiple format string vulnerabilities in zabbix before 20061006 allow ...)
 	- zabbix 1:1.1.2-4 (medium; bug #391388)
-CVE-2006-6691
+CVE-2006-6691 (Multiple PHP remote file inclusion vulnerabilities in Valdersoft Shopp ...)
 	NOT-FOR-US: Valdersoft Shopping Cart
-CVE-2006-6690
+CVE-2006-6690 (rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4. ...)
 	- typo3-src 4.0.2+debian-2 (high; bug #403906)
 	NOTE: http://typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9
-CVE-2006-6689
+CVE-2006-6689 (Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3  ...)
 	NOT-FOR-US: Paristemi
-CVE-2006-6688
+CVE-2006-6688 (Web Automated Perl Portal (WebAPP) 0.9.9.4, and 0.9.9.3.4 Network Edit ...)
 	NOT-FOR-US: Web Automated Perl Portal (WebAPP)
-CVE-2006-6687
+CVE-2006-6687 (Cross-site scripting (XSS) vulnerability in Web Automated Perl Portal  ...)
 	NOT-FOR-US: Web Automated Perl Portal (WebAPP)
-CVE-2006-6686
+CVE-2006-6686 (PHP remote file inclusion vulnerability in sender.php in Carsen Klock  ...)
 	NOT-FOR-US: Carsen Klock TextSend
-CVE-2006-6685
+CVE-2006-6685 (Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 allow ...)
 	- chetcpasswd <removed> (medium)
-CVE-2006-6684
+CVE-2006-6684 (Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4  ...)
 	- chetcpasswd <removed> (medium)
-CVE-2006-6683
+CVE-2006-6683 (Pedro Lineu Orso chetcpasswd 2.4.1 and earlier verifies and updates us ...)
 	- chetcpasswd <removed> (medium)
-CVE-2006-6682
+CVE-2006-6682 (Pedro Lineu Orso chetcpasswd 2.3.3 provides a different error message  ...)
 	- chetcpasswd <removed> (medium)
-CVE-2006-6681
+CVE-2006-6681 (Pedro Lineu Orso chetcpasswd 2.3.3 does not have a rate limit for clie ...)
 	- chetcpasswd <removed> (medium)
-CVE-2006-6680
+CVE-2006-6680 (Pedro Lineu Orso chetcpasswd before 2.3.1 does not document the need f ...)
 	- chetcpasswd <removed> (low)
-CVE-2006-6679
+CVE-2006-6679 (Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For  ...)
 	- chetcpasswd <removed> (medium)
-CVE-2006-6678
+CVE-2006-6678 (The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier ...)
 	{DSA-1251-1}
 	- netrik 1.15.3-1.1 (medium; bug #404233)
-CVE-2006-6677
+CVE-2006-6677 (ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a  ...)
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2006-6676
+CVE-2006-6676 (Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 An ...)
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2006-6675
+CVE-2006-6675 (Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support ...)
 	NOT-FOR-US: Novell
-CVE-2006-6674
+CVE-2006-6674 (Ozeki HTTP-SMS Gateway 1.0, and possibly earlier, stores usernames and ...)
 	NOT-FOR-US: Ozeki HTTP-SMS Gateway
-CVE-2006-6673
+CVE-2006-6673 (WinFtp Server 2.0.2 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: WinFtp Server
-CVE-2006-6672
+CVE-2006-6672 (Multiple SQL injection vulnerabilities in Burak Yylmaz Download Portal ...)
 	NOT-FOR-US: Download Portal
-CVE-2006-6671
+CVE-2006-6671 (SQL injection vulnerability in down.asp in Burak Yylmaz Download Porta ...)
 	NOT-FOR-US: Download Portal
-CVE-2006-6670
+CVE-2006-6670 (Unspecified vulnerability in Nortel CallPilot 4.x Server has unknown i ...)
 	NOT-FOR-US: Nortel CallPilot
-CVE-2006-6669
+CVE-2006-6669 (Cross-site scripting (XSS) vulnerability in export_handler.php in WebC ...)
 	{DSA-1279-1}
 	- webcalendar 1.0.5-2 (low; bug #404234)
-CVE-2006-6668
+CVE-2006-6668 (Cross-site scripting (XSS) vulnerability in VerliAdmin 0.3 and earlier ...)
 	NOT-FOR-US: VerliAdmin
-CVE-2006-6667
+CVE-2006-6667 (Multiple SQL injection vulnerabilities in VerliAdmin 0.3 and earlier a ...)
 	NOT-FOR-US: VerliAdmin
-CVE-2006-6666
+CVE-2006-6666 (PHP remote file inclusion vulnerability in index.php in VerliAdmin 0.3 ...)
 	NOT-FOR-US: VerliAdmin
-CVE-2006-6665
+CVE-2006-6665 (Buffer overflow in Astonsoft DeepBurner Pro and Free 1.8.0 and earlier ...)
 	NOT-FOR-US: DeepBurner
-CVE-2006-6664
+CVE-2006-6664 (Format string vulnerability in Marathon Aleph One before 0.17.1 and 20 ...)
 	NOT-FOR-US: Aleph One
-CVE-2006-6663
+CVE-2006-6663 (The server component in Marathon Aleph One before 0.17.1 and 2006-12-1 ...)
 	NOT-FOR-US: Aleph One
-CVE-2006-6662
+CVE-2006-6662 (Unspecified vulnerability in Linux User Management (novell-lum) on SUS ...)
 	NOT-FOR-US: Linux User Management (novell-lum)
-CVE-2006-6661
+CVE-2006-6661 (Variable overwrite vulnerability in blog.php in PHP-Update 2.7 and ear ...)
 	NOT-FOR-US: PHP-Update
-CVE-2006-6660
+CVE-2006-6660 (The nodeType function in KDE libkhtml 4.2.0 and earlier, as used by Ko ...)
 	- kdelibs <not-affected> (at least it is fixed in 4:3.5.5a.dfsg.1-5)
 	NOTE: is DoS only, anyway
-CVE-2006-6659
+CVE-2006-6659 (The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6658
+CVE-2006-6658 (Inktomi Search 4.1.4 allows remote attackers to obtain sensitive infor ...)
 	NOT-FOR-US: Inktomi
-CVE-2006-6657
+CVE-2006-6657 (The if_clone_list function in NetBSD-current before 20061027, NetBSD 3 ...)
 	NOT-FOR-US: NetBSD
-CVE-2006-6656
+CVE-2006-6656 (Unspecified vulnerability in ptrace in NetBSD-current before 20061027, ...)
 	NOT-FOR-US: NetBSD
-CVE-2006-6655
+CVE-2006-6655 (The procfs implementation in NetBSD-current before 20061023, NetBSD 3. ...)
 	NOT-FOR-US: NetBSD
-CVE-2006-6654
+CVE-2006-6654 (The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and ...)
 	NOT-FOR-US: NetBSD
-CVE-2006-6653
+CVE-2006-6653 (The accept function in NetBSD-current before 20061023, NetBSD 3.0 and  ...)
 	NOT-FOR-US: NetBSD
-CVE-2006-6652
+CVE-2006-6652 (Buffer overflow in the glob implementation (glob.c) in libc in NetBSD- ...)
 	NOT-FOR-US: NetBSD
-CVE-2006-6651
+CVE-2006-6651 (Race condition in W29N51.SYS in the Intel 2200BG wireless driver 9.0.3 ...)
 	NOT-FOR-US: Intel
-CVE-2006-6650
+CVE-2006-6650 (PHP remote file inclusion vulnerability in charts_constants.php in the ...)
 	NOT-FOR-US: mxBB
-CVE-2006-6649
+CVE-2006-6649 (Cross-site scripting (XSS) vulnerability in display.php in HyperVM 1.2 ...)
 	NOT-FOR-US: HyperVM
-CVE-2006-6648
+CVE-2006-6648 (PHP remote file inclusion vulnerability in main.inc.php in planetluc.c ...)
 	NOT-FOR-US: RateMe
-CVE-2006-6647
+CVE-2006-6647 (Cross-site scripting (XSS) vulnerability in the MySite 4.7.x before 4. ...)
 	NOT-FOR-US: MySite for Drupal
-CVE-2006-6646
+CVE-2006-6646 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal (1) Proj ...)
 	NOT-FOR-US: Drupal Project Issue Tracking
-CVE-2006-6645
+CVE-2006-6645 (PHP remote file inclusion vulnerability in language/lang_english/lang_ ...)
 	NOT-FOR-US: Web Links module for mxBB
-CVE-2006-6644
+CVE-2006-6644 (PHP remote file inclusion vulnerability in pages/meeting_constants.php ...)
 	NOT-FOR-US: Meeting module for mxBB
-CVE-2006-6643
+CVE-2006-6643 (Fightersoft Multimedia Star FTP server 1.10 allows remote attackers to ...)
 	NOT-FOR-US: Fightersoft Multimedia Star FTP server
-CVE-2006-6642
+CVE-2006-6642 (SQL injection vulnerability in haber.asp in Contra Haber Sistemi 1.0 a ...)
 	NOT-FOR-US: Sistemi
-CVE-2006-6641
+CVE-2006-6641 (Unspecified vulnerability in CA CleverPath Portal before maintenance v ...)
 	NOT-FOR-US: CA CleverPath Portal
-CVE-2006-6640
+CVE-2006-6640 (Multiple cross-site scripting (XSS) vulnerabilities in Omniture SiteCa ...)
 	NOT-FOR-US: SiteCatalyst
-CVE-2006-6639
+CVE-2006-6639 (Multiple unspecified vulnerabilities in chetcpasswd 2.4.1 allow local  ...)
 	- chetcpasswd <removed> (medium)
-CVE-2006-6638
+CVE-2006-6638 (IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: IBM
-CVE-2006-6637
+CVE-2006-6637 (The Servlet Engine and Web Container in IBM WebSphere Application Serv ...)
 	NOT-FOR-US: IBM
-CVE-2006-6636
+CVE-2006-6636 (Unspecified vulnerability in the Utility Classes for IBM WebSphere App ...)
 	NOT-FOR-US: IBM
-CVE-2006-6635
+CVE-2006-6635 (PHP remote file inclusion vulnerability in includes/functions.php in J ...)
 	NOT-FOR-US: JumbaCMS
-CVE-2006-6634
+CVE-2006-6634 (Multiple PHP remote file inclusion vulnerabilities in the ExtCalThai ( ...)
 	NOT-FOR-US: ExtCalThai for Mambo
-CVE-2006-6633
+CVE-2006-6633 (PHP remote file inclusion vulnerability in include/yapbb_session.php i ...)
 	NOT-FOR-US: YapBB
-CVE-2006-6632
+CVE-2006-6632 (PHP remote file inclusion vulnerability in genepi.php in Genepi 1.6 an ...)
 	NOT-FOR-US: Genepi
-CVE-2006-6631
+CVE-2006-6631 (PHP remote file inclusion vulnerability in lib/xml/oai/GetRecord.php i ...)
 	NOT-FOR-US: osprey
-CVE-2006-6630
+CVE-2006-6630 (PHP remote file inclusion vulnerability in ListRecords.php in osprey 1 ...)
 	NOT-FOR-US: osprey
-CVE-2006-6629
+CVE-2006-6629 (lib/WeBWorK/PG/Translator.pm in WeBWorK Program Generation (PG) Langua ...)
 	NOT-FOR-US: WeBWorK
-CVE-2006-6628
+CVE-2006-6628 (Integer overflow in OpenOffice.org (OOo) 2.1 allows user-assisted remo ...)
 	- openoffice.org 2.0.4.dfsg.2-3 (unimportant; bug #404105)
 	NOTE: No code injection possible, just a crash
-CVE-2006-6627
+CVE-2006-6627 (Integer overflow in the packed PE file parsing implementation in BitDe ...)
 	NOT-FOR-US: BitDefender
-CVE-2006-6626
+CVE-2006-6626 (Cross-site scripting (XSS) vulnerability in an unspecified component o ...)
 	- moodle 1.6-1
 	NOTE: Does not affect moodle 1.6 according to SecurityFocus.
-CVE-2006-6625
+CVE-2006-6625 (Cross-site scripting (XSS) vulnerability in mod/forum/discuss.php in M ...)
 	- moodle 1.6.3-2 (low)
 	NOTE: "SC#341 fixed initilaization of navtail variable"
 	NOTE: http://moodle.cvs.sourceforge.net/moodle/moodle/mod/forum/discuss.php?view=log
-CVE-2006-6624
+CVE-2006-6624 (The FTP Server in Sambar Server 6.4 allows remote authenticated users  ...)
 	NOT-FOR-US: Sambar
-CVE-2006-6623
+CVE-2006-6623 (Sygate Personal Firewall 5.6.2808 relies on the Process Environment Bl ...)
 	NOT-FOR-US: Sygate
-CVE-2006-6622
+CVE-2006-6622 (Soft4Ever Look 'n' Stop (LnS) 2.05p2 before 20061215 relies on the Pro ...)
 	NOT-FOR-US: Soft4Ever Look 'n' Stop
-CVE-2006-6621
+CVE-2006-6621 (Filseclab Personal Firewall 3.0.0.8686 relies on the Process Environme ...)
 	NOT-FOR-US: Filseclab Personal Firewall
-CVE-2006-6620
+CVE-2006-6620 (Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Bl ...)
 	NOT-FOR-US: Comodo Personal Firewall
-CVE-2006-6619
+CVE-2006-6619 (AVG Anti-Virus plus Firewall 7.5.431 relies on the Process Environment ...)
 	NOT-FOR-US: AVG Anti-Virus plus Firewall
-CVE-2006-6618
+CVE-2006-6618 (AntiHook 3.0.0.23 - Desktop relies on the Process Environment Block (P ...)
 	NOT-FOR-US: AntiHook 3.0.0.23 - Desktop
-CVE-2006-6617
+CVE-2006-6617 (projectserver/logon/pdsrequest.asp in Microsoft Project Server 2003 al ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6616
+CVE-2006-6616 (index.php in w00t Gallery 1.4.0 allows remote authenticated users with ...)
 	NOT-FOR-US: w00t Gallery
-CVE-2006-6615
+CVE-2006-6615 (PHP remote file inclusion vulnerability in includes/act_constants.php  ...)
 	NOT-FOR-US: Activity Games module for mxBB
-CVE-2006-6614
+CVE-2006-6614 (The save_log_local function in Fully Automatic Installation (FAI) 2.10 ...)
 	- fai 3.1.3 (low; bug #402644)
 	[sarge] - fai <no-dsa> (Minor issue, only in rare configs and use cases)
-CVE-2006-6613
+CVE-2006-6613 (Directory traversal vulnerability in language.php in phpAlbum 0.4.1 Be ...)
 	NOT-FOR-US: phpAlbum
-CVE-2006-6612
+CVE-2006-6612 (PHP remote file inclusion vulnerability in basic.inc.php in PhpMyCms 0 ...)
 	NOT-FOR-US: PhpMyCms
-CVE-2006-6611
+CVE-2006-6611 (PHP remote file inclusion vulnerability in interface.php in Barman 0.0 ...)
 	NOT-FOR-US: Barman
-CVE-2006-6610
+CVE-2006-6610 (clientcommands in Nexuiz before 2.2.1 has unknown impact and remote at ...)
 	- nexuiz 2.2.1-1 (low)
 	NOTE: Only game console command execution possible, not shell commands
-CVE-2006-6609
+CVE-2006-6609 (Nexuiz before 2.2.1 allows remote attackers to cause a denial of servi ...)
 	- nexuiz 2.2.1-1
-CVE-2006-6608
+CVE-2006-6608 (Unspecified vulnerability in SSH key based authentication in HP Integr ...)
 	NOT-FOR-US: HP
-CVE-2006-6607
+CVE-2006-6607 (The Java Key Store (JKS) for WebSphere Application Server (WAS) for IB ...)
 	NOT-FOR-US: IBM
-CVE-2006-6606
+CVE-2006-6606 (Multiple SQL injection vulnerabilities in Clarens jclarens before 0.6. ...)
 	NOT-FOR-US: jclarens
-CVE-2006-6605
+CVE-2006-6605 (Stack-based buffer overflow in the POP service in MailEnable Standard  ...)
 	NOT-FOR-US: MailEnable
-CVE-2006-6604
+CVE-2006-6604 (Directory traversal vulnerability in downloaddetails.php in TorrentFlu ...)
 	- torrentflux 2.1-7 (medium; bug #400582)
-CVE-2006-6603
+CVE-2006-6603 (Buffer overflow in the YMMAPI.YMailAttach ActiveX control (ymmapi.dll) ...)
 	NOT-FOR-US: YMMAPI.YMailAttach
-CVE-2006-6602
+CVE-2006-6602 (explorer.exe in Windows Explorer 6.00.2900.2180 in Microsoft Windows X ...)
 	NOT-FOR-US: Windows
-CVE-2006-6601
+CVE-2006-6601 (Windows Media Player 10.00.00.4036 in Microsoft Windows XP SP2 allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6600
+CVE-2006-6600 (Cross-site scripting (XSS) vulnerability in dir.php in TorrentFlux 2.2 ...)
 	- torrentflux 2.1-7 (medium; bug #400582)
-CVE-2006-6599
+CVE-2006-6599 (maketorrent.php in TorrentFlux 2.2 allows remote authenticated users t ...)
 	- torrentflux 2.1-7 (medium; bug #400582)
-CVE-2006-6598
+CVE-2006-6598 (Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux be ...)
 	- torrentflux 2.1-6
-CVE-2006-6597
+CVE-2006-6597 (Argument injection vulnerability in HyperAccess 8.4 allows user-assist ...)
 	NOT-FOR-US: HyperAccess
-CVE-2006-6596
+CVE-2006-6596 (HyperAccess 8.4 allows user-assisted remote attackers to execute arbit ...)
 	NOT-FOR-US: HyperAccess
-CVE-2006-6595
+CVE-2006-6595 (Multiple SQL injection vulnerabilities in ScriptMate User Manager 2.1  ...)
 	NOT-FOR-US: ScriptMate User Manager
-CVE-2006-6594
+CVE-2006-6594 (SQL injection vulnerability in utilities/usermessages.asp in ScriptMat ...)
 	NOT-FOR-US: ScriptMate User Manager
-CVE-2006-6593
+CVE-2006-6593 (PHP remote file inclusion vulnerability in zufallscodepart.php in AMAZ ...)
 	NOT-FOR-US: AMAZONIA MOD for phpBB
-CVE-2006-6592
+CVE-2006-6592 (Multiple PHP remote file inclusion vulnerabilities in Bloq 0.5.4 allow ...)
 	NOT-FOR-US: Bloq
-CVE-2006-6591
+CVE-2006-6591 (PHP remote file inclusion vulnerability in fonctions/template.php in E ...)
 	NOT-FOR-US: EXlor
-CVE-2006-6590
+CVE-2006-6590 (PHP remote file inclusion vulnerability in usercp_menu.php in AR Membe ...)
 	NOT-FOR-US: AR Memberscript
-CVE-2006-6589
+CVE-2006-6589 (Cross-site scripting (XSS) vulnerability in ecommerce/control/keywords ...)
 	NOT-FOR-US: Apache Open For BusinessProject (OFBiz)
-CVE-2006-6588
+CVE-2006-6588 (The forum implementation in the ecommerce component in the Apache Open ...)
 	NOT-FOR-US: Apache Open For BusinessProject (OFBiz)
-CVE-2006-6587
+CVE-2006-6587 (Cross-site scripting (XSS) vulnerability in the forum implementation i ...)
 	NOT-FOR-US: Apache Open For BusinessProject (OFBiz)
-CVE-2006-6586
+CVE-2006-6586 (Multiple PHP remote file inclusion vulnerabilities in Vortex Blog (vBl ...)
 	NOT-FOR-US: Vortex Blog
-CVE-2006-6585
+CVE-2006-6585 (The Extensions manager in Mozilla Firefox 2.0 does not properly popula ...)
 	- iceweasel 2.0.0.1+dfsg-1
 	- firefox 45.0-1
 	- firefox-esr 45.0esr-1
-CVE-2006-6584
+CVE-2006-6584 (Multiple buffer overflows in italkplus (Italk+) before 0.92.1 allow re ...)
 	NOT-FOR-US: italkplus (Italk+)
-CVE-2006-6583
+CVE-2006-6583 (ScriptMate User Manager 2.1 and earlier allow remote attackers to obta ...)
 	NOT-FOR-US: ScriptMate User Manager
-CVE-2006-6582
+CVE-2006-6582 (Multiple cross-site scripting (XSS) vulnerabilities in ScriptMate User ...)
 	NOT-FOR-US: ScriptMate User Manager
-CVE-2006-6581
+CVE-2006-6581 (PHP remote file inclusion vulnerability in tests/debug_test.php in Ver ...)
 	NOT-FOR-US: PHP_Debug
-CVE-2006-6580
+CVE-2006-6580 (admin/change.php in ProNews 1.5 does not check whether a user is permi ...)
 	NOT-FOR-US: ProNews
-CVE-2006-6579
+CVE-2006-6579 (Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_RE ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6578
+CVE-2006-6578 (Microsoft Internet Information Services (IIS) 5.1 permits the IUSR_Mac ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6577
+CVE-2006-6577 (SQL injection vulnerability in polls.php in Neocrome Land Down Under ( ...)
 	NOT-FOR-US: Neocrome Land Down Under
-CVE-2006-6576
+CVE-2006-6576 (Heap-based buffer overflow in Golden FTP Server (goldenftpd) 1.92 allo ...)
 	NOT-FOR-US: Golden FTP Server
-CVE-2006-6575
+CVE-2006-6575 (PHP remote file inclusion vulnerability in ldap.php in Brian Drawert Y ...)
 	NOT-FOR-US: Yet Another PHP LDAP Admin Project (yaplap)
-CVE-2006-6574
+CVE-2006-6574 (Mantis before 1.1.0a2 does not implement per-item access control for I ...)
 	{DSA-1467-1}
 	- mantis 1.0.6+dfsg-3 (bug #402802)
 	[sarge] - mantis 0.19.2-5sarge5
@@ -1505,161 +1505,161 @@ CVE-2006-XXXX [moodle unspecified security bug in the forum module (discuss.php)
 	- moodle 1.6.3-2
 CVE-2006-XXXX [znc file access security hole]
 	- znc 0.045-3 (bug #403141; medium)
-CVE-2006-6573
+CVE-2006-6573 (Unspecified vulnerability in Citrix Access Gateway 4.5 Advanced Editio ...)
 	NOT-FOR-US: Citrix
-CVE-2006-6572
+CVE-2006-6572 (Unspecified vulnerability in Citrix Advanced Access Control (AAC) Opti ...)
 	NOT-FOR-US: Citrix
-CVE-2006-6571
+CVE-2006-6571 (Multiple cross-site scripting (XSS) vulnerabilities in form.php in Gen ...)
 	NOT-FOR-US: GenesisTrader
-CVE-2006-6570
+CVE-2006-6570 (Unrestricted file upload vulnerability in upload.php in GenesisTrader  ...)
 	NOT-FOR-US: GenesisTrader
-CVE-2006-6569
+CVE-2006-6569 (form.php in GenesisTrader 1.0 allows remote attackers to read source c ...)
 	NOT-FOR-US: GenesisTrader
-CVE-2006-6568
+CVE-2006-6568 (Directory traversal vulnerability in includes/kb_constants.php in the  ...)
 	NOT-FOR-US: Knowledge Base (mx_kb) 2.0.2 module for mxBB
-CVE-2006-6567
+CVE-2006-6567 (PHP remote file inclusion vulnerability in includes/kb_constants.php i ...)
 	NOT-FOR-US: Knowledge Base (mx_kb) 2.0.2 module for mxBB
-CVE-2006-6566
+CVE-2006-6566 (PHP remote file inclusion vulnerability in includes/profilcp_constants ...)
 	NOT-FOR-US: Profile Control Panel (CPanel) module for mxBB
-CVE-2006-6565
+CVE-2006-6565 (FileZilla Server before 0.9.22 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: FileZilla Server
-CVE-2006-6564
+CVE-2006-6564 (FileZilla Server before 0.9.22 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: FileZilla Server
-CVE-2006-6563
+CVE-2006-6563 (Stack-based buffer overflow in the pr_ctrls_recv_request function in c ...)
 	- proftpd-dfsg 1.3.0-17 (medium)
 	[sarge] - proftpd <not-affected> (Vulnerable code not activated in binary build)
 CVE-2006-6562
 	RESERVED
-CVE-2006-6561
+CVE-2006-6561 (Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewe ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6560
+CVE-2006-6560 (PHP remote file inclusion vulnerability in includes/common.php in the  ...)
 	NOT-FOR-US: mx_modsdb 1.0.0 module for MxBBmx_modsdb 1.0.0 module for MxBB
-CVE-2006-6559
+CVE-2006-6559 (SQL injection vulnerability in ProductDetails.asp in Lotfian Request F ...)
 	NOT-FOR-US: Lotfian Request For Travel
-CVE-2006-6558
+CVE-2006-6558 (Crob FTP Server 3.6.1 b.263 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Crob FTP Server
-CVE-2006-6557
+CVE-2006-6557 (Multiple unspecified vulnerabilities in Skulls! before 0.2.6 have unkn ...)
 	NOT-FOR-US: Skulls!
-CVE-2006-6556
+CVE-2006-6556 (The eyeHome function in apps/eyeHome.eyeapp/aplic.php in EyeOS before  ...)
 	NOT-FOR-US: EyeOS
-CVE-2006-6555
+CVE-2006-6555 (Multiple SQL injection vulnerabilities in EasyFill before 0.5.1 allow  ...)
 	NOT-FOR-US: EasyFill
-CVE-2006-6554
+CVE-2006-6554 (Unspecified vulnerability in Kerio MailServer before 6.3.1 allows remo ...)
 	NOT-FOR-US: Kerio MailServer
-CVE-2006-6553
+CVE-2006-6553 (PHP remote file inclusion vulnerability in includes/newssuite_constant ...)
 	NOT-FOR-US: NewsSuite 1.03 module for mxBB
-CVE-2006-6552
+CVE-2006-6552 (PHP remote file inclusion vulnerability in admin/plugins/NP_UserSharin ...)
 	NOT-FOR-US: BLOG:CMS
-CVE-2006-6551
+CVE-2006-6551 (PHP remote file inclusion vulnerability in libs/tucows/api/cartridges/ ...)
 	NOT-FOR-US: Tucows Client Code Suite (CCS)
 CVE-2006-6550
 	NOT-FOR-US: Phorum
 CVE-2006-6549
 	NOT-FOR-US: Rad Upload
-CVE-2006-6548
+CVE-2006-6548 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost  ...)
 	NOT-FOR-US: cPanel WebHost Manager
-CVE-2006-6547
+CVE-2006-6547 (Buffer overflow in the readAA function in read_aa.cpp in Winamp iPod P ...)
 	NOT-FOR-US: Winamp
-CVE-2006-6546
+CVE-2006-6546 (PHP remote file inclusion vulnerability in inc/shows.inc.php in cutene ...)
 	NOT-FOR-US: cutenews
-CVE-2006-6545
+CVE-2006-6545 (PHP remote file inclusion vulnerability in includes/common.php in the  ...)
 	NOT-FOR-US: ErrorDocs 1.0.0 and earlier module for mxBB
-CVE-2006-6544
+CVE-2006-6544 (Cross-site scripting (XSS) vulnerability in CM68 News allows remote at ...)
 	NOT-FOR-US: CM68 News
-CVE-2006-6543
+CVE-2006-6543 (Multiple SQL injection vulnerabilities in login.asp in AppIntellect Sp ...)
 	NOT-FOR-US: AppIntellect SpotLight CRM
-CVE-2006-6542
+CVE-2006-6542 (SQL injection vulnerability in news.php in Fantastic News 2.1.4 and ea ...)
 	NOT-FOR-US: Fantastic News
 CVE-2006-6541
 	NOT-FOR-US: Animated Smiley Generator
-CVE-2006-6540
+CVE-2006-6540 (SQL injection vulnerability in bt-trackback.php in Bluetrait before 1. ...)
 	NOT-FOR-US: Bluetrait
-CVE-2006-6539
+CVE-2006-6539 (Multiple buffer overflows in Winamp Web Interface (Wawi) 7.5.13 and ea ...)
 	NOT-FOR-US: Winamp Web Interface
-CVE-2006-6538
+CVE-2006-6538 (D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1)  ...)
 	NOT-FOR-US: D-LINK
-CVE-2006-6537
+CVE-2006-6537 (IBM WebSphere Host On-Demand 6.0, 7.0, 8.0, 9.0, and possibly 10, allo ...)
 	NOT-FOR-US: IBM
-CVE-2006-6536
+CVE-2006-6536 (Cross-site scripting (XSS) vulnerability in hata.asp in Cilem Haber Fr ...)
 	NOT-FOR-US: Cilem Haber Free Edition
-CVE-2006-6535
+CVE-2006-6535 (The dev_queue_xmit function in Linux kernel 2.6 can fail before callin ...)
 	{DSA-1304}
 	- linux-2.6 <not-affected> (Fixed before upload into the archive; 2.6.10)
-CVE-2006-6534
+CVE-2006-6534 (Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 3.0a ...)
 	NOT-FOR-US: osCommerce
-CVE-2006-6533
+CVE-2006-6533 (Directory traversal vulnerability in admin/templates_boxes_layout.php  ...)
 	NOT-FOR-US: osCommerce
-CVE-2006-6532
+CVE-2006-6532 (Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite 1 ...)
 	NOT-FOR-US: Vt-Forum Lite
-CVE-2006-6531
+CVE-2006-6531 (Cross-site scripting (XSS) vulnerability in the Help Tip module before ...)
 	NOT-FOR-US: Help Tip module for Drupal
-CVE-2006-6530
+CVE-2006-6530 (SQL injection vulnerability in the Help Tip module before 4.7.x-1.0 fo ...)
 	NOT-FOR-US: Help Tip module for Drupal
-CVE-2006-6529
+CVE-2006-6529 (The Chatroom Module before 4.7.x.-1.0 for Drupal displays private mess ...)
 	NOT-FOR-US: Chatroom Module for Drupal
-CVE-2006-6528
+CVE-2006-6528 (The Chatroom Module before 4.7.x.-1.0 for Drupal broadcasts Chatroom v ...)
 	NOT-FOR-US: Chatroom Module for Drupal
-CVE-2006-6527
+CVE-2006-6527 (PHP remote file inclusion vulnerability in guest.php in Gizzar 0316200 ...)
 	NOT-FOR-US: Gizzar
-CVE-2006-6526
+CVE-2006-6526 (PHP remote file inclusion vulnerability in index.php in Gizzar 0316200 ...)
 	NOT-FOR-US: Gizzar
-CVE-2006-6525
+CVE-2006-6525 (SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 an ...)
 	NOT-FOR-US: EzHRS HR Assist
-CVE-2006-6524
+CVE-2006-6524 (SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 an ...)
 	NOT-FOR-US: EzHRS HR Assist
-CVE-2006-6523
+CVE-2006-6523 (Cross-site scripting (XSS) vulnerability in mail/manage.html in BoxTra ...)
 	NOT-FOR-US: BoxTrapper in cPanel
-CVE-2006-6522
+CVE-2006-6522 (Multiple cross-site scripting (XSS) vulnerabilities in WikiTimeScale T ...)
 	NOT-FOR-US: WikiTimeScale TwoZero
-CVE-2006-6521
+CVE-2006-6521 (SQL injection vulnerability in lire-avis.php in Messageriescripthp 2.0 ...)
 	NOT-FOR-US: Messageriescripthp
-CVE-2006-6520
+CVE-2006-6520 (Multiple cross-site scripting (XSS) vulnerabilities in Messageriescrip ...)
 	NOT-FOR-US: Messageriescripthp
-CVE-2006-6519
+CVE-2006-6519 (SQL injection vulnerability in lire-avis.php in ProNews 1.5 allows rem ...)
 	NOT-FOR-US: ProNews
-CVE-2006-6518
+CVE-2006-6518 (Multiple cross-site scripting (XSS) vulnerabilities in ProNews 1.5 all ...)
 	NOT-FOR-US: ProNews
-CVE-2006-6517
+CVE-2006-6517 (Multiple cross-site scripting (XSS) vulnerabilities in KDPics 1.16 and ...)
 	NOT-FOR-US: KDPics
-CVE-2006-6516
+CVE-2006-6516 (Multiple PHP remote file inclusion vulnerabilities in KDPics 1.16 and  ...)
 	NOT-FOR-US: KDPics
-CVE-2006-6515
+CVE-2006-6515 (Mantis before 1.1.0a2 sets the default value of $g_bug_reminder_thresh ...)
 	- mantis 1.0.6+dfsg-1 (unimportant)
 	NOTE: http://www.mantisbt.org/bugs/print_bug_page.php?bug_id=5163
 	NOTE: Not a security bug, only a very annoying feature.
-CVE-2006-6514
+CVE-2006-6514 (Winamp Web Interface (Wawi) 7.5.13 and earlier uses an insufficient co ...)
 	NOT-FOR-US: Winamp Web Interface (Wawi)
-CVE-2006-6513
+CVE-2006-6513 (The CControl::Download function (/dl URI) in Winamp Web Interface (Waw ...)
 	NOT-FOR-US: Winamp Web Interface (Wawi)
-CVE-2006-6512
+CVE-2006-6512 (Directory traversal vulnerability in the Browse function (/browse URI) ...)
 	NOT-FOR-US: Winamp Web Interface (Wawi)
-CVE-2006-6511
+CVE-2006-6511 (dadaIMC .99.3 uses an insufficiently restrictive FilesMatch directive  ...)
 	NOT-FOR-US: dadaIMC
-CVE-2006-6510
+CVE-2006-6510 (An unspecified ActiveX control in SiteKiosk before 6.5.150 is installe ...)
 	NOT-FOR-US: SiteKiosk
-CVE-2006-6509
+CVE-2006-6509 (Cross-site scripting (XSS) vulnerability in the skinning feature in Si ...)
 	NOT-FOR-US: SiteKiosk
-CVE-2006-6508
+CVE-2006-6508 (Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.21 allows ...)
 	{DSA-1488-1}
 	NOTE: This is covered/duped by CVE-2006-6841
 	- phpbb2 2.0.21-6
-CVE-2006-6507
+CVE-2006-6507 (Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass C ...)
 	NOTE: MFSA-2006-76
 	- iceweasel 2.0.0.1+dfsg-1 (high)
 	- xulrunner <not-affected> (maintainer reported)
 	- iceape <not-affected> (maintainer reported)
-CVE-2006-6506
+CVE-2006-6506 (The "Feed Preview" feature in Mozilla Firefox 2.0 before 2.0.0.1 sends ...)
 	NOTE: MFSA-2006-75
 	- iceweasel 2.0.0.1+dfsg-1 (low)
 	- iceape <not-affected> (maintainer reported)
-CVE-2006-6505
+CVE-2006-6505 (Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5 ...)
 	{DSA-1265-1}
 	NOTE: MFSA-2006-74
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
 	- icedove 1.5.0.9.dfsg1-1 (high)
 	- iceape 1.0.7-1 (high)
 	- mozilla <removed>
-CVE-2006-6504
+CVE-2006-6504 (Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonke ...)
 	NOTE: MFSA-2006-73
 	- iceweasel 2.0.0.1+dfsg-1 (high)
 	- xulrunner 1.8.0.9-1 (high)
@@ -1668,7 +1668,7 @@ CVE-2006-6504
 	- firefox-esr 45.0esr-1 (high)
 	NOTE: Flaw was introduced in Firefox 1.5.0.4
 	- icedove 1.5.0.9.dfsg1-1 (high)
-CVE-2006-6503
+CVE-2006-6503 (Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird  ...)
 	{DSA-1265-1 DSA-1258-1 DSA-1253-1}
 	NOTE: MFSA-2006-72
 	- iceweasel 2.0.0.1+dfsg-1 (high)
@@ -1680,7 +1680,7 @@ CVE-2006-6503
 	- mozilla-firefox <removed> (high)
 	- mozilla-thunderbird <removed> (high)
 	- icedove 1.5.0.9.dfsg1-1 (high)
-CVE-2006-6502
+CVE-2006-6502 (Use-after-free vulnerability in the LiveConnect bridge code for Mozill ...)
 	{DSA-1265-1 DSA-1258-1 DSA-1253-1}
 	NOTE: MFSA-2006-71
 	- iceweasel 2.0.0.1+dfsg-1 (high)
@@ -1693,7 +1693,7 @@ CVE-2006-6502
 	- mozilla-thunderbird <removed> (unimportant)
 	- icedove 1.5.0.9.dfsg1-1 (unimportant)
 	NOTE: Not exploitable in standard Icedove configuration
-CVE-2006-6501
+CVE-2006-6501 (Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x ...)
 	{DSA-1265-1 DSA-1258-1 DSA-1253-1}
 	NOTE: MFSA-2006-70
 	- iceweasel 2.0.0.1+dfsg-1 (high)
@@ -1705,7 +1705,7 @@ CVE-2006-6501
 	- mozilla-firefox <removed> (high)
 	- mozilla-thunderbird <removed> (low)
 	- icedove 1.5.0.9.dfsg1-1 (low)
-CVE-2006-6500
+CVE-2006-6500 (Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5. ...)
 	NOTE: MFSA-2006-69
 	- iceweasel <not-affected> (windows only)
 	- xulrunner <not-affected> (Windows only)
@@ -1715,7 +1715,7 @@ CVE-2006-6500
 	- mozilla-firefox <not-affected> (windows only)
 	- mozilla-thunderbird <not-affected> (windows only)
 	- icedove <not-affected> (windows only)
-CVE-2006-6499
+CVE-2006-6499 (The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x befo ...)
 	{DSA-1265-1 DSA-1258-1 DSA-1253-1}
 	NOTE: MFSA-2006-68
 	- iceweasel 2.0.0.1+dfsg-1 (high)
@@ -1729,7 +1729,7 @@ CVE-2006-6499
 	- icedove 1.5.0.9.dfsg1-1 (low)
 	NOTE: Is it possible to reduce the floating point precision in Linux as a non-priv
 	NOTE: user? I don't think so
-CVE-2006-6498
+CVE-2006-6498 (Multiple unspecified vulnerabilities in the JavaScript engine for Mozi ...)
 	{DSA-1265-1 DSA-1258-1 DSA-1253-1}
 	NOTE: MFSA-2006-68
 	- iceweasel 2.0.0.1+dfsg-1 (high)
@@ -1741,7 +1741,7 @@ CVE-2006-6498
 	- mozilla-firefox <removed> (high)
 	- mozilla-thunderbird <removed> (low)
 	- icedove 1.5.0.9.dfsg1-1 (low)
-CVE-2006-6497
+CVE-2006-6497 (Multiple unspecified vulnerabilities in the layout engine for Mozilla  ...)
 	{DSA-1265-1 DSA-1258-1 DSA-1253-1}
 	NOTE: MFSA-2006-68
 	- iceweasel 2.0.0.1+dfsg-1 (medium)
@@ -1753,356 +1753,356 @@ CVE-2006-6497
 	- mozilla-firefox <removed> (medium)
 	- mozilla-thunderbird <removed> (low)
 	- icedove 1.5.0.9.dfsg1-1 (low)
-CVE-2006-6496
+CVE-2006-6496 (The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 200 ...)
 	NOT-FOR-US: CA Anti-Virus
-CVE-2006-6495
+CVE-2006-6495 (Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 all ...)
 	NOT-FOR-US: Solaris
-CVE-2006-6494
+CVE-2006-6494 (Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and  ...)
 	NOT-FOR-US: Solaris
-CVE-2006-6493
+CVE-2006-6493 (Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerbe ...)
 	- openldap2.3 <not-affected> (kerberos support not enabled)
 	- openldap2 <not-affected> (kerberos support not enabled)
 CVE-2006-6492
 	REJECTED
 CVE-2006-6491
 	REJECTED
-CVE-2006-6490
+CVE-2006-6490 (Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.d ...)
 	NOT-FOR-US: SupportSoft ActiveX
-CVE-2006-6489
+CVE-2006-6489 (The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-E ...)
 	NOT-FOR-US: SISCO OSI stack
-CVE-2006-6488
+CVE-2006-6488 (Stack-based buffer overflow in the DoModal function in the Dialog Wrap ...)
 	NOT-FOR-US: ICONICS
-CVE-2006-6487
+CVE-2006-6487 (Cross-site scripting (XSS) vulnerability in index.php in DT Guestbook  ...)
 	NOT-FOR-US: DT Guestbook
-CVE-2006-6486
+CVE-2006-6486 (SQL injection vulnerability in EasyPage allows remote attackers to exe ...)
 	NOT-FOR-US: EasyPage
-CVE-2006-6485
+CVE-2006-6485 (Multiple cross-site scripting (XSS) vulnerabilities in ShopSite 8.1 an ...)
 	NOT-FOR-US: ShopSite
-CVE-2006-6484
+CVE-2006-6484 (The IMAP service for MailEnable Professional and Enterprise Edition 2. ...)
 	NOT-FOR-US: MailEnable
-CVE-2006-6483
+CVE-2006-6483 (Adobe ColdFusion MX 7.x before 7.0.2 does not properly filter HTML tag ...)
 	NOT-FOR-US: ColdFusion
-CVE-2006-6482
+CVE-2006-6482 (Adobe ColdFusion MX7 allows remote attackers to obtain sensitive infor ...)
 	NOT-FOR-US: ColdFusion
-CVE-2006-6481
+CVE-2006-6481 (Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a deni ...)
 	{DSA-1238-1}
 	- clamav 0.88.7-1 (low; bug #401874)
-CVE-2006-6480
+CVE-2006-6480 (admin/admin_membre/fiche_membre.php in AnnonceScriptHP 2.0 allows remo ...)
 	NOT-FOR-US: AnnonceScriptHP
-CVE-2006-6479
+CVE-2006-6479 (Multiple cross-site scripting (XSS) vulnerabilities in AnnonceScriptHP ...)
 	NOT-FOR-US: AnnonceScriptHP
-CVE-2006-6478
+CVE-2006-6478 (Multiple SQL injection vulnerabilities in AnnonceScriptHP 2.0 allow re ...)
 	NOT-FOR-US: AnnonceScriptHP
-CVE-2006-6477
+CVE-2006-6477 (FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in ...)
 	NOT-FOR-US: Mandiant First Response (MFR)
-CVE-2006-6476
+CVE-2006-6476 (FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in ...)
 	NOT-FOR-US: Mandiant First Response (MFR)
-CVE-2006-6475
+CVE-2006-6475 (FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in ...)
 	NOT-FOR-US: Mandiant First Response (MFR)
-CVE-2006-6474
+CVE-2006-6474 (Untrusted search path vulnerability in McAfee VirusScan for Linux 4510 ...)
 	NOT-FOR-US: McAfee
-CVE-2006-6473
+CVE-2006-6473 (Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentr ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6472
+CVE-2006-6472 (The httpd.conf file in Xerox WorkCentre and WorkCentre Pro before 12.0 ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6471
+CVE-2006-6471 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before  ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6470
+CVE-2006-6470 (The SNMP Agent in Xerox WorkCentre and WorkCentre Pro before 12.050.03 ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6469
+CVE-2006-6469 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before  ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6468
+CVE-2006-6468 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before  ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6467
+CVE-2006-6467 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before  ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-6466
+CVE-2006-6466 (Multiple cross-site scripting (XSS) vulnerabilities in WBmap.php in Wi ...)
 	NOT-FOR-US: WikyBlog
 CVE-2006-6465
 	NOT-FOR-US: WikyBlog
-CVE-2006-6464
+CVE-2006-6464 (viewcart in Midicart accepts negative numbers in the Qty (quantity) fi ...)
 	NOT-FOR-US: Midicart
-CVE-2006-6463
+CVE-2006-6463 (Unrestricted file upload vulnerability in admin/add.php in Midicart al ...)
 	NOT-FOR-US: Midicart
-CVE-2006-6462
+CVE-2006-6462 (PHP remote file inclusion vulnerability in engine/oldnews.inc.php in C ...)
 	NOT-FOR-US: CM68 News
-CVE-2006-6461
+CVE-2006-6461 (tr1.php in Yourfreeworld Stylish Text Ads Script allows remote attacke ...)
 	NOT-FOR-US: Yourfreeworld Stylish Text Ads Script
-CVE-2006-6460
+CVE-2006-6460 (Yourfreeworld.com Short Url &amp; Url Tracker Script allows remote att ...)
 	NOT-FOR-US: Yourfreeworld.com Short Url Script
-CVE-2006-6459
+CVE-2006-6459 (Cross-site scripting (XSS) vulnerability in toplist.php in PhpBB Topli ...)
 	NOT-FOR-US: Toplist for phpBB
-CVE-2006-6458
+CVE-2006-6458 (The Trend Micro scan engine before 8.320 for Windows and before 8.150  ...)
 	NOT-FOR-US: Trend Micro (Windows)
-CVE-2006-6457
+CVE-2006-6457 (tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other version ...)
 	- tikiwiki <removed> (bug #404472)
 	NOTE: Might be a mis-report, check with upstream
-CVE-2006-6456
+CVE-2006-6456 (Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and W ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2006-6455
+CVE-2006-6455 (Multiple SQL injection vulnerabilities in admin/default.asp in DUware  ...)
 	NOT-FOR-US: DUware
-CVE-2006-6454
+CVE-2006-6454 (execInBackground.php in J-OWAMP Web Interface 2.1b and earlier allows  ...)
 	NOT-FOR-US: J-OWAMP Web Interface
-CVE-2006-6453
+CVE-2006-6453 (PHP remote file inclusion vulnerability in JOWAMP_ShowPage.php in J-OW ...)
 	NOT-FOR-US: J-OWAMP Web Interface
-CVE-2006-6452
+CVE-2006-6452 (Multiple cross-site scripting (XSS) vulnerabilities in the MyArticles  ...)
 	NOT-FOR-US: RunCMS
-CVE-2006-6451
+CVE-2006-6451 (Multiple cross-site scripting (XSS) vulnerabilities in SWsoft Plesk 8. ...)
 	NOT-FOR-US: Plesk
-CVE-2006-6450
+CVE-2006-6450 (Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in ...)
 	NOT-FOR-US: Novell ZENworks Patch Management
-CVE-2006-6449
+CVE-2006-6449 (Vt-Forum Lite 1.3 and earlier store sensitive information under the we ...)
 	NOT-FOR-US: Vt-Forum Lite
-CVE-2006-6448
+CVE-2006-6448 (Multiple SQL injection vulnerabilities in Vt-Forum Lite 1.3 and earlie ...)
 	NOT-FOR-US: Vt-Forum
-CVE-2006-6447
+CVE-2006-6447 (Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite 1 ...)
 	NOT-FOR-US: Vt-Forum Lite
-CVE-2006-6446
+CVE-2006-6446 (SQL injection vulnerability in index.php in iWare Professional 5.0.4,  ...)
 	NOT-FOR-US: iWare Professional
-CVE-2006-6445
+CVE-2006-6445 (Directory traversal vulnerability in error.php in Envolution 1.1.0 and ...)
 	NOT-FOR-US: Envolution
-CVE-2006-6444
+CVE-2006-6444 (Stack-based buffer overflow in Nostra DivX Player 2.1, 2.2.00.0, and p ...)
 	NOT-FOR-US: Nostra DivX Player
-CVE-2006-6443
+CVE-2006-6443 (Buffer overflow in the Novell Distributed Print Services (NDPS) Print  ...)
 	NOT-FOR-US: Novell Distributed Print Services
-CVE-2006-6442
+CVE-2006-6442 (Stack-based buffer overflow in the SetClientInfo function in the CDDBC ...)
 	NOT-FOR-US: America Online
-CVE-2006-6441
+CVE-2006-6441 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before  ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6440
+CVE-2006-6440 (Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentr ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6439
+CVE-2006-6439 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before  ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6438
+CVE-2006-6438 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before  ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6437
+CVE-2006-6437 (ops3-dmn in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000,  ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6436
+CVE-2006-6436 (Cross-site scripting (XSS) vulnerability in the Network controller in  ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6435
+CVE-2006-6435 (The SNMP implementation in Xerox WorkCentre and WorkCentre Pro before  ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6434
+CVE-2006-6434 (Unspecified vulnerability in the Web User Interface in Xerox WorkCentr ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6433
+CVE-2006-6433 (Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before  ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6432
+CVE-2006-6432 (Unspecified vulnerability in the Scan-to-mailbox feature in Xerox Work ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6431
+CVE-2006-6431 (Unspecified vulnerability in Xerox WorkCentre and WorkCentre Pro befor ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6430
+CVE-2006-6430 (Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.0 ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6429
+CVE-2006-6429 (Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before  ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6428
+CVE-2006-6428 (Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before  ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6427
+CVE-2006-6427 (The Web User Interface in Xerox WorkCentre and WorkCentre Pro before 1 ...)
 	NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
-CVE-2006-6426
+CVE-2006-6426 (PHP remote file inclusion vulnerability in design/thinkedit/render.php ...)
 	NOT-FOR-US: ThinkEdit
-CVE-2006-6425
+CVE-2006-6425 (Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMa ...)
 	NOT-FOR-US: Novell NetMail
-CVE-2006-6424
+CVE-2006-6424 (Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow re ...)
 	NOT-FOR-US: Novell NetMail
-CVE-2006-6423
+CVE-2006-6423 (Stack-based buffer overflow in the IMAP service for MailEnable Profess ...)
 	NOT-FOR-US: MailEnable
-CVE-2006-6422
+CVE-2006-6422 (Agileco AgileBill 1.4.x and AgileVoice 1.4.x do not properly handle ce ...)
 	NOT-FOR-US: AgileBill AgileVoice
-CVE-2006-6421
+CVE-2006-6421 (Cross-site scripting (XSS) vulnerability in the private message box im ...)
 	- phpbb2 2.0.21-6 (medium)
 	[sarge] - phpbb2 <not-affected>
-CVE-2006-6420
+CVE-2006-6420 (Multiple cross-site scripting (XSS) vulnerabilities in jce.php in the  ...)
 	NOT-FOR-US: Joomla Content Editor (JCE)
-CVE-2006-6419
+CVE-2006-6419 (jce.php in the JCE Admin Component in Ryan Demmer Joomla Content Edito ...)
 	NOT-FOR-US: Joomla Content Editor (JCE)
-CVE-2006-6418
+CVE-2006-6418 (Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64  ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2006-6417
+CVE-2006-6417 (PHP remote file inclusion vulnerability in inc/CONTROL/import/import-m ...)
 	- b2evolution <not-affected> (vulnerable code added later)
-CVE-2006-6416
+CVE-2006-6416 (Multiple PHP remote file inclusion vulnerabilities in PhpLeague - Univ ...)
 	NOT-FOR-US: PhpLeague
 CVE-2006-6415
 	NOT-FOR-US: phpAdsNew
-CVE-2006-6414
+CVE-2006-6414 (Multiple SQL injection vulnerabilities in dettaglio.asp in dol storye  ...)
 	NOT-FOR-US: dol storye
-CVE-2006-6413
+CVE-2006-6413 (Cross-site scripting (XSS) vulnerability in Amateras sns 3.11 and earl ...)
 	NOT-FOR-US: Amateras sns
 CVE-2006-6412
 	RESERVED
-CVE-2006-6411
+CVE-2006-6411 (PhoneCtrl.exe in Linksys WIP 330 Wireless-G IP Phone 1.00.06A allows r ...)
 	NOT-FOR-US: Linksys
-CVE-2006-6410
+CVE-2006-6410 (Buffer overflow in an ActiveX control in VMWare 5.5.1 allows local use ...)
 	NOT-FOR-US: VMWare
-CVE-2006-6409
+CVE-2006-6409 (F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to ...)
 	NOT-FOR-US: F-Secure
-CVE-2006-6408
+CVE-2006-6408 (Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attac ...)
 	NOT-FOR-US: Kaspersky
-CVE-2006-6407
+CVE-2006-6407 (F-Prot Antivirus for Linux x86 Mail Servers 4.6.6 allows remote attack ...)
 	NOT-FOR-US: F-Prot
-CVE-2006-6406
+CVE-2006-6406 (Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus ...)
 	{DSA-1238-1}
 	- clamav 0.88.7-1 (medium; bug #401873)
-CVE-2006-6405
+CVE-2006-6405 (BitDefender Mail Protection for SMB 2.0 allows remote attackers to byp ...)
 	NOT-FOR-US: BitDefender
-CVE-2006-6404
+CVE-2006-6404 (INNOVATION Data Processing FDR/UPSTREAM 3.3.0 (GA Oct 2003) allows rem ...)
 	NOT-FOR-US: Innovation Data Processing's FDR Backup
-CVE-2006-6403
+CVE-2006-6403 (mystats.php in MyStats 1.0.8 and earlier allows remote attackers to ob ...)
 	NOT-FOR-US: MyStats
-CVE-2006-6402
+CVE-2006-6402 (SQL injection vulnerability in mystats.php in MyStats 1.0.8 and earlie ...)
 	NOT-FOR-US: MyStats
-CVE-2006-6401
+CVE-2006-6401 (Multiple cross-site scripting (XSS) vulnerabilities in mystats.php in  ...)
 	NOT-FOR-US: MyStats
-CVE-2006-6400
+CVE-2006-6400 (Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer ...)
 	NOT-FOR-US: JustSystems
-CVE-2006-6399
+CVE-2006-6399 (SQL injection vulnerability in Superfreaker Studios UPublisher 1.0 all ...)
 	NOT-FOR-US: Superfreaker Studios UPublisher
-CVE-2006-6398
+CVE-2006-6398 (Multiple SQL injection vulnerabilities in Superfreaker Studios UPublis ...)
 	NOT-FOR-US: Superfreaker Studios UPublisher
 CVE-2006-6397
 	NOTE: not a vuln
-CVE-2006-6396
+CVE-2006-6396 (Stack-based buffer overflow in BlazeVideo HDTV Player 2.1, and possibl ...)
 	NOT-FOR-US: BlazeVideo HDTV Player
-CVE-2006-6395
+CVE-2006-6395 (Multiple memory leaks in Ulrik Petersen Emdros Database Engine before  ...)
 	NOT-FOR-US: Ulrik Petersen Emdros Database Engine
-CVE-2006-6394
+CVE-2006-6394 (SQL injection vulnerability in certain database classes in Jonas Gauff ...)
 	NOT-FOR-US: Jonas Gauffin Publicera
-CVE-2006-6393
+CVE-2006-6393 (Cross-site scripting (XSS) vulnerability in Jonas Gauffin Publicera 1. ...)
 	NOT-FOR-US: Jonas Gauffin Publicera
-CVE-2006-6392
+CVE-2006-6392 (Directory traversal vulnerability in index.php in plx Web Studio (aka  ...)
 	NOT-FOR-US: plxWebDev
-CVE-2006-6391
+CVE-2006-6391 (Multiple directory traversal vulnerabilities in Open Solution Quick.Ca ...)
 	NOT-FOR-US: Open Solution Quick.Cart
-CVE-2006-6390
+CVE-2006-6390 (Multiple directory traversal vulnerabilities in Open Solution Quick.Ca ...)
 	NOT-FOR-US: Open Solution Quick.Cart
-CVE-2006-6389
+CVE-2006-6389 (Multiple cross-site scripting (XSS) vulnerabilities in ac4p Mobile all ...)
 	NOT-FOR-US: ac4p Mobile
-CVE-2006-6388
+CVE-2006-6388 (Cross-site scripting (XSS) vulnerability in naprednaPretraga.php in LI ...)
 	NOT-FOR-US: LINK Content Management Server
-CVE-2006-6387
+CVE-2006-6387 (Multiple SQL injection vulnerabilities in LINK Content Management Serv ...)
 	NOT-FOR-US: LINK Content Management Server
-CVE-2006-6386
+CVE-2006-6386 (Cross-site scripting (XSS) vulnerability in the CVS management/tracker ...)
 	NOT-FOR-US: CVS management/tracker (drupal plugin)
-CVE-2006-6384
+CVE-2006-6384 (Absolute path traversal vulnerability in abitwhizzy.php before 2006120 ...)
 	NOT-FOR-US: abitwhizzy.php
-CVE-2006-6383
+CVE-2006-6383 (PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_base ...)
 	- php5 <removed> (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: safe-mode and basedir violations not treated as security issues
-CVE-2006-6382
+CVE-2006-6382 (The control panel for Positive Software H-Sphere before 2.5.0 RC3 crea ...)
 	NOT-FOR-US: Positive Software H-Sphere
-CVE-2006-6381
+CVE-2006-6381 (Directory traversal vulnerability in getfile.asp in Ultimate HelpDesk  ...)
 	NOT-FOR-US: Ultimate HelpDesk
-CVE-2006-6380
+CVE-2006-6380 (Cross-site scripting (XSS) vulnerability in index.asp in Ultimate Help ...)
 	NOT-FOR-US: Ultimate HelpDesk
-CVE-2006-6379
+CVE-2006-6379 (Buffer overflow in the BrightStor Backup Discovery Service in multiple ...)
 	NOT-FOR-US: BrightStor Backup Discovery Service
-CVE-2006-6378
+CVE-2006-6378 (BTSaveMySql 1.2 stores sensitive data under the web root with insuffic ...)
 	NOT-FOR-US: BTSaveMySql
-CVE-2006-6377
+CVE-2006-6377 (Uploadscript 1.2 and earlier stores sensitive data under the web root  ...)
 	NOT-FOR-US: Uploadscript
-CVE-2006-6376
+CVE-2006-6376 (Multiple directory traversal vulnerabilities in fm.php in Simple File  ...)
 	NOT-FOR-US: Simple File Manager
-CVE-2006-6375
+CVE-2006-6375 (Cross-site scripting (XSS) vulnerability in display.php in Simple Mach ...)
 	NOT-FOR-US: Simple machines Forum
-CVE-2006-6374
+CVE-2006-6374 (Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow  ...)
 	- phpmyadmin <not-affected> (low; bug #404744)
 	[sarge] - phpmyadmin <not-affected> (doesn't use sessions at all)
 	[etch] - phpmyadmin <not-affected> (not exploitable with Etch's php versions)
 	NOTE: not exploitable with PHP 5.1.2+ and 4.4.2+
-CVE-2006-6373
+CVE-2006-6373 (PhpMyAdmin 2.7.0-pl2 allows remote attackers to obtain sensitive infor ...)
 	- phpmyadmin <unfixed> (unimportant)
 	NOTE: path is known in Debian anyway
-CVE-2006-6372
+CVE-2006-6372 (Multiple cross-site scripting (XSS) vulnerabilities in pbguestbook.php ...)
 	NOT-FOR-US: JAB Guest Book
-CVE-2006-6371
+CVE-2006-6371 (Cross-site scripting (XSS) vulnerability in pbguestbook.php in JAB Gue ...)
 	NOT-FOR-US: JAB Guest Book
-CVE-2006-6370
+CVE-2006-6370 (SQL injection vulnerability in forum/modules/gallery/post.php in Invis ...)
 	NOT-FOR-US: Invision Gallery
-CVE-2006-6369
+CVE-2006-6369 (SQL injection vulnerability in lib/entry_reply_entry.php in Invision C ...)
 	NOT-FOR-US: Invision Community Blog Mod
-CVE-2006-6385
+CVE-2006-6385 (Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10G ...)
 	NOT-FOR-US: Affects only Windows despite other claims
-CVE-2006-6368
+CVE-2006-6368 (PHP remote file inclusion vulnerability in login.php.inc in awrate 1.0 ...)
 	NOT-FOR-US: awrate
-CVE-2006-6367
+CVE-2006-6367 (Multiple SQL injection vulnerabilities in detail.asp in DUware DUdownl ...)
 	NOT-FOR-US: Duware
-CVE-2006-6366
+CVE-2006-6366 (Cross-site scripting (XSS) vulnerability in includes/elements/spellche ...)
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2006-6365
+CVE-2006-6365 (SQL injection vulnerability in detail.asp in DUware DUpaypal 3.1, and  ...)
 	NOT-FOR-US: Duware
-CVE-2006-6364
+CVE-2006-6364 (Cross-site scripting (XSS) vulnerability in error.php in Inside System ...)
 	NOT-FOR-US: Inside Systems Mail (ISMail)
-CVE-2006-6363
+CVE-2006-6363 (Cross-site scripting (XSS) vulnerability in admin.pl in BlueSocket Sec ...)
 	NOT-FOR-US: BlueSocket Secure Controller
 CVE-2006-6362
 	REJECTED
-CVE-2006-6361
+CVE-2006-6361 (Heap-based buffer overflow in the uploadprogress_php_rfc1867_file func ...)
 	NOT-FOR-US: Bitflux Upload Progress Mete
-CVE-2006-6360
+CVE-2006-6360 (PHP remote file inclusion vulnerability in activate.php in PHP Upload  ...)
 	NOT-FOR-US: PHP Upload Center
-CVE-2006-6359
+CVE-2006-6359 (Cross-site scripting (XSS) vulnerability in Stefan Frech online-bookma ...)
 	NOT-FOR-US: Stefan Frech online-bookmarks
-CVE-2006-6358
+CVE-2006-6358 (SQL injection vulnerability in the login function in auth.inc in Stefa ...)
 	NOT-FOR-US: Stefan Frech online-bookmarks
-CVE-2006-6357
+CVE-2006-6357 (Cross-site scripting (XSS) vulnerability in templates/cat_temp.php in  ...)
 	NOT-FOR-US: PHPNews
-CVE-2006-6356
+CVE-2006-6356 (Multiple cross-site scripting (XSS) vulnerabilities in templates/link_ ...)
 	NOT-FOR-US: PHPNews
-CVE-2006-6355
+CVE-2006-6355 (SQL injection vulnerability in default.asp in DuWare DuClassmate allow ...)
 	NOT-FOR-US: DuWare
-CVE-2006-6354
+CVE-2006-6354 (Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews  ...)
 	NOT-FOR-US: DuWare
-CVE-2006-6353
+CVE-2006-6353 (Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X a ...)
 	NOT-FOR-US: Mac OS X
-CVE-2006-6352
+CVE-2006-6352 (FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remo ...)
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2006-6351
+CVE-2006-6351 (KhaledMuratList stores sensitive data under the web root with insuffic ...)
 	NOT-FOR-US: KhaledMuratList
-CVE-2006-6350
+CVE-2006-6350 (listpics 5 stores sensitive data under the web root with insufficient  ...)
 	NOT-FOR-US: listpics 5
-CVE-2006-6349
+CVE-2006-6349 (Multiple SQL injection vulnerabilities in PWP Technologies The Classif ...)
 	NOT-FOR-US: PWP Technologies The Classified Ad System
-CVE-2006-6348
+CVE-2006-6348 (Cross-site scripting (XSS) vulnerability in board.php in mowdBB RC-6 a ...)
 	NOT-FOR-US: mowdBB
-CVE-2006-6347
+CVE-2006-6347 (Unrestricted file upload vulnerability in TFT-Gallery allows remote au ...)
 	NOT-FOR-US: TFT-Gallery
-CVE-2006-6346
+CVE-2006-6346 (Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40  ...)
 	NOT-FOR-US: SAP
-CVE-2006-6345
+CVE-2006-6345 (Directory traversal vulnerability in SAP Internet Graphics Service (IG ...)
 	NOT-FOR-US: SAP
-CVE-2006-6344
+CVE-2006-6344 (Multiple unspecified vulnerabilities in Neocrome Seditio 1.10 and earl ...)
 	NOT-FOR-US: Neocrome Seditio
-CVE-2006-6343
+CVE-2006-6343 (SQL injection vulnerability in polls.php in Neocrome Seditio 1.10 and  ...)
 	NOT-FOR-US: Neocrome Seditio
-CVE-2006-6342
+CVE-2006-6342 (Multiple SQL injection vulnerabilities in KLF-DESIGN (aka Kim L. Frase ...)
 	NOT-FOR-US: KLF-DESIGN
-CVE-2006-6341
+CVE-2006-6341 (Multiple PHP remote file inclusion vulnerabilities in mg.applanix 1.3. ...)
 	NOT-FOR-US: mg.applanix
-CVE-2006-6340
+CVE-2006-6340 (keystone.exe in nVIDIA nView allows attackers to cause a denial of ser ...)
 	NOT-FOR-US: nVIDIA nView
-CVE-2006-6339
+CVE-2006-6339 (SQL injection vulnerability in sites/index.php in deV!L`z Clanportal ( ...)
 	NOT-FOR-US: deV!L`z Clanportal
-CVE-2006-6338
+CVE-2006-6338 (Unrestricted file upload vulnerability in upload/index.php in deV!L`z  ...)
 	NOT-FOR-US: deV!L`z Clanportal
-CVE-2006-6337
+CVE-2006-6337 (Multiple SQL injection vulnerabilities in giris.asp in Aspee and Dogan ...)
 	NOT-FOR-US: Aspee Ziyaretci Defteri
-CVE-2006-6336
+CVE-2006-6336 (Heap-based buffer overflow in the Mail Management Server (MAILMA.exe)  ...)
 	NOT-FOR-US: Eudora WorldMail
-CVE-2006-6335
+CVE-2006-6335 (Multiple buffer overflows in Sophos Anti-Virus scanning engine before  ...)
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2006-6334
+CVE-2006-6334 (Heap-based buffer overflow in the SendChannelData function in wfica.oc ...)
 	NOT-FOR-US: Citrix Presentation Server Client
-CVE-2006-6333
+CVE-2006-6333 (The tr_rx function in ibmtr.c for Linux kernel 2.6.19 assigns the wron ...)
 	- linux-2.6 2.6.20-1
 	[etch] - linux-2.6 <not-affected> (Only affects 2.6.19, introduced after 2.6.18)
-CVE-2006-6332
+CVE-2006-6332 (Stack-based buffer overflow in net80211/ieee80211_wireless.c in MadWif ...)
 	- madwifi 1:0.9.2+r1842.20061207-2 (high; bug #402836; bug #402111)
 	[etch] - madwifi <no-dsa> (Non-free not supported)
-CVE-2006-6331
+CVE-2006-6331 (metaInfo.php in TorrentFlux 2.2, when $cfg["enable_file_priority"] is  ...)
 	- torrentflux 2.1-7 (bug #400582; medium)
-CVE-2006-6330
+CVE-2006-6330 (index.php for TorrentFlux 2.2 allows remote registered users to execut ...)
 	- torrentflux 2.1-6 (bug #399169; medium)
-CVE-2006-6329
+CVE-2006-6329 (index.php for TorrentFlux 2.2 allows remote attackers to delete files  ...)
 	- torrentflux 2.1-6 (bug #399169)
-CVE-2006-6328
+CVE-2006-6328 (Directory traversal vulnerability in index.php for TorrentFlux 2.2 all ...)
 	- torrentflux 2.1-5 (bug #395930; medium)
 	NOTE: duplicate of CVE-2006-5609
 CVE-2006-6327
@@ -2123,7 +2123,7 @@ CVE-2006-6320
 	RESERVED
 CVE-2006-6319
 	RESERVED
-CVE-2006-6318
+CVE-2006-6318 (The show_elog_list function in elogd.c in elog 2.6.2 and earlier allow ...)
 	{DSA-1242-1}
 	- elog 2.6.2+r1754-1
 CVE-2006-6317
@@ -2138,459 +2138,459 @@ CVE-2006-6313
 	RESERVED
 CVE-2006-6312
 	RESERVED
-CVE-2006-6311
+CVE-2006-6311 (Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to c ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6310
+CVE-2006-6310 (Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6309
+CVE-2006-6309 (Multiple array index errors in IBM Tivoli Storage Manager (TSM) before ...)
 	NOT-FOR-US: Tivoli
 CVE-2006-6308
 	NOT-FOR-US: Symantec LiveState
-CVE-2006-6307
+CVE-2006-6307 (srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote  ...)
 	NOT-FOR-US: Novell Netware
-CVE-2006-6306
+CVE-2006-6306 (Format string vulnerability in Novell Modular Authentication Services  ...)
 	NOT-FOR-US: Novell Netware
-CVE-2006-6305
+CVE-2006-6305 (Unspecified vulnerability in Net-SNMP 5.3 before 5.3.0.1, when configu ...)
 	- net-snmp <not-affected> (Only affects version 5.3.0)
-CVE-2006-6304
+CVE-2006-6304 (The do_coredump function in fs/exec.c in the Linux kernel 2.6.19 sets  ...)
 	- linux-2.6 <not-affected> (Only affects plain 2.6.19)
-CVE-2006-6303
+CVE-2006-6303 (The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not ...)
 	NOTE: http://www.ruby-lang.org/en/news/2006/12/04/another-dos-vulnerability-in-cgi-library/
 	- ruby1.8 1.8.5-4 (low)
-CVE-2006-6300
+CVE-2006-6300 (Cross-site scripting (XSS) vulnerability in CuteNews 1.3.6 allows remo ...)
 	NOT-FOR-US: CuteNews
-CVE-2006-6299
+CVE-2006-6299 (Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM ...)
 	NOT-FOR-US: Novell ZENworks
-CVE-2006-6298
+CVE-2006-6298 (SQL injection vulnerability in uye_giris_islem.asp in Metyus Okul Yone ...)
 	NOT-FOR-US: Metyus Okul Yonetim Sistemi
-CVE-2006-6297
+CVE-2006-6297 (Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin  ...)
 	- kdegraphics <unfixed> (unimportant)
 	NOTE: Generic bug, treating it as a security problem is quite a stretch
-CVE-2006-6296
+CVE-2006-6296 (The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-6295
+CVE-2006-6295 (PHP remote file inclusion vulnerability in includes/mx_common.php in t ...)
 	NOT-FOR-US: MxBB Portal
-CVE-2006-6294
+CVE-2006-6294 (Multiple unspecified vulnerabilities in FRISK Software F-Prot Antiviru ...)
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2006-6293
+CVE-2006-6293 (Heap-based buffer overflow in FRISK Software F-Prot Antivirus before 4 ...)
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2006-6292
+CVE-2006-6292 (Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini,  ...)
 	NOT-FOR-US: Apple Airport
-CVE-2006-6291
+CVE-2006-6291 (Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professi ...)
 	NOT-FOR-US: MailEnable Professional
-CVE-2006-6290
+CVE-2006-6290 (Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) ...)
 	NOT-FOR-US: MailEnable
-CVE-2006-6289
+CVE-2006-6289 (Woltlab Burning Board (wBB) Lite 1.0.2 does not properly unset variabl ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-6288
+CVE-2006-6288 (Multiple buffer overflows in Niek Albers CoolPlayer 216 and earlier al ...)
 	NOT-FOR-US: Niek Albers CoolPlayer
-CVE-2006-6287
+CVE-2006-6287 (Stack-based buffer overflow in AtomixMP3 2.3 and earlier allows remote ...)
 	NOT-FOR-US: AtomixMP3
-CVE-2006-6286
+CVE-2006-6286 (Palm Desktop 4.1.4 and earlier stores user data with weak permissions  ...)
 	NOT-FOR-US: Palm Desktop
 CVE-2006-6285
 	NOT-FOR-US: Kai Blankenhorn Bitfolge
-CVE-2006-6284
+CVE-2006-6284 (Directory traversal vulnerability in admin.php in Vikingboard 0.1.2 al ...)
 	NOT-FOR-US: Vikingboard
-CVE-2006-6283
+CVE-2006-6283 (Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1 ...)
 	NOT-FOR-US: Vikingboard
-CVE-2006-6282
+CVE-2006-6282 (members.php in Vikingboard 0.1.2 allows remote attackers to trigger a  ...)
 	NOT-FOR-US: Vikingboard
-CVE-2006-6281
+CVE-2006-6281 (PHP remote file inclusion vulnerability in check_status.php in dicshun ...)
 	NOT-FOR-US: dicshunary
-CVE-2006-6280
+CVE-2006-6280 (SQL injection vulnerability in viewthread.php in Oxygen (O2PHP Bulleti ...)
 	NOT-FOR-US: Oxygen (O2PHP Bulletin Board)
-CVE-2006-6279
+CVE-2006-6279 (index.php in @lex Guestbook 4.0.1 allows remote attackers to obtain se ...)
 	NOT-FOR-US: @lex Guestbook
-CVE-2006-6278
+CVE-2006-6278 (Cross-site scripting (XSS) vulnerability in index.php in @lex Guestboo ...)
 	NOT-FOR-US: @lex Guestbook
-CVE-2006-6277
+CVE-2006-6277 (Directory traversal vulnerability in admin/FileServer.php in ContentSe ...)
 	NOT-FOR-US: ContentServ
-CVE-2006-6276
+CVE-2006-6276 (HTTP request smuggling vulnerability in Sun Java System Proxy Server b ...)
 	NOT-FOR-US: Sun Java System Proxy Server
-CVE-2006-6275
+CVE-2006-6275 (Race condition in the kernel in Sun Solaris 8 through 10 allows local  ...)
 	NOT-FOR-US: Solaris
-CVE-2006-6274
+CVE-2006-6274 (SQL injection vulnerability in articles.asp in Expinion.net iNews (1)  ...)
 	NOT-FOR-US: Expinion.net iNews
-CVE-2006-6302
+CVE-2006-6302 (fail2ban 0.7.4 and earlier does not properly parse sshd log files, whi ...)
 	- fail2ban <not-affected> (looks fixed in 0.6, see #401793)
-CVE-2006-6301
+CVE-2006-6301 (DenyHosts 2.5 does not properly parse sshd log files, which allows rem ...)
 	- denyhosts 2.6-1 (medium; bug #401795)
-CVE-2006-6273
+CVE-2006-6273 (sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to obta ...)
 	NOT-FOR-US: Simple PHP Gallery
-CVE-2006-6272
+CVE-2006-6272 (Cross-site scripting (XSS) vulnerability in sp_index.php in Simple PHP ...)
 	NOT-FOR-US: Simple PHP Gallery
-CVE-2006-6271
+CVE-2006-6271 (Multiple cross-site scripting (XSS) vulnerabilities in PHPOLL 0.96 all ...)
 	NOT-FOR-US: PHPOLL
-CVE-2006-6270
+CVE-2006-6270 (Multiple SQL injection vulnerabilities in ASPMForum allow remote attac ...)
 	NOT-FOR-US: ASPMForum
-CVE-2006-6269
+CVE-2006-6269 (Multiple SQL injection vulnerabilities in Infinitytechs Restaurants CM ...)
 	NOT-FOR-US: Infinitytechs Restaurants CM
-CVE-2006-6268
+CVE-2006-6268 (SQL injection vulnerability in system/core/profile/profile.inc.php in  ...)
 	NOT-FOR-US: Neocrome Land Down Under
-CVE-2006-6267
+CVE-2006-6267 (PostNuke 0.7.5.0, and certain minor versions, allows remote attackers  ...)
 	NOT-FOR-US: PostNuke
-CVE-2006-6266
+CVE-2006-6266 (Teredo clients, when following item 6 of RFC4380 section 5.2.3, start  ...)
 	NOTE: It seems that no significant packet amplification takes place.
 	NOTE: Probably harmless.
-CVE-2006-6265
+CVE-2006-6265 (Teredo clients, when located behind a restricted NAT, allow remote att ...)
 	NOTE: Potential firewall bypass is inherent to tunneling software.
 	NOTE: Not a bug.
-CVE-2006-6264
+CVE-2006-6264 (Teredo creates trusted peer entries for arbitrary incoming source Tere ...)
 	NOTE: Potential firewall bypass is inherent to tunneling software.
 	NOTE: Not a bug.
-CVE-2006-6263
+CVE-2006-6263 (Teredo clients, when source routing is enabled, recognize a Routing he ...)
 	NOTE: Potential firewall bypass is inherent to tunneling software.
 	NOTE: Not a bug.
-CVE-2006-6262
+CVE-2006-6262 (Directory traversal vulnerability in mboard.php in PHPJunkYard (aka Kl ...)
 	NOT-FOR-US: PHPJunkYard MBoard
-CVE-2006-6261
+CVE-2006-6261 (Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows  ...)
 	NOT-FOR-US: Quintessential Player
-CVE-2006-6260
+CVE-2006-6260 (SQL injection vulnerability in login.asp in Redbinaria Sistema Integra ...)
 	NOT-FOR-US: Redbinaria Sistema Integrado de Administracion de Portales (SIAP)
-CVE-2006-6259
+CVE-2006-6259 (Multiple directory traversal vulnerabilities in (a) class/functions.ph ...)
 	NOT-FOR-US: AlternC
-CVE-2006-6258
+CVE-2006-6258 (The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQ ...)
 	NOT-FOR-US: AlternC
-CVE-2006-6257
+CVE-2006-6257 (The file manager in AlternC 0.9.5 and earlier, when warnings are enabl ...)
 	NOT-FOR-US: AlternC
-CVE-2006-6256
+CVE-2006-6256 (Cross-site scripting (XSS) vulnerability in the file manager in admin/ ...)
 	NOT-FOR-US: AlternC
-CVE-2006-6255
+CVE-2006-6255 (Direct static code injection vulnerability in util.php in the NukeAI 0 ...)
 	NOT-FOR-US: NukeAI
-CVE-2006-6254
+CVE-2006-6254 (administration/telecharger.php in Cahier de texte 2.0 allows remote at ...)
 	NOT-FOR-US: Cahier de texte
-CVE-2006-6253
+CVE-2006-6253 (Cahier de texte 2.0 stores sensitive information under the web root, p ...)
 	NOT-FOR-US: Cahier de texte
-CVE-2006-6252
+CVE-2006-6252 (Microsoft Windows Live Messenger 8.0 and earlier, when gestual emotico ...)
 	NOT-FOR-US: Microsoft Windows Live Messenger
-CVE-2006-6251
+CVE-2006-6251 (Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote ...)
 	NOT-FOR-US: VUPlayer
-CVE-2006-6250
+CVE-2006-6250 (Format string vulnerability in Songbird Media Player 0.2 and earlier a ...)
 	NOT-FOR-US: Songbird Media Player
-CVE-2006-6249
+CVE-2006-6249 (Cross-site scripting (XSS) vulnerability in Chama Cargo 4.36 and earli ...)
 	NOT-FOR-US: Chama Cargo
-CVE-2006-6248
+CVE-2006-6248 (index.php in GPhotos 1.5 allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: GPhotos
-CVE-2006-6247
+CVE-2006-6247 (Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1 ...)
 	NOT-FOR-US: UPhotoGallery
-CVE-2006-6246
+CVE-2006-6246 (Photo Organizer 2.32b and earlier does not properly check the ownershi ...)
 	NOT-FOR-US: Photo Organizer
-CVE-2006-6245
+CVE-2006-6245 (Multiple SQL injection vulnerabilities in Photo Organizer (PO) 2.32b a ...)
 	NOT-FOR-US: Photo Organizer
-CVE-2006-6244
+CVE-2006-6244 (Coalescent Systems freePBX (formerly Asterisk Management Portal) befor ...)
 	NOT-FOR-US: Coalescent Systems freePBX
-CVE-2006-6243
+CVE-2006-6243 (Multiple SQL injection vulnerabilities in index.asp in FipsSHOP allow  ...)
 	NOT-FOR-US: FipsSHOP
-CVE-2006-6242
+CVE-2006-6242 (Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and  ...)
 	- serendipity 1.0.4-1 (unimportant; bug #401614)
 	NOTE: Only exploitable with register_globals
-CVE-2006-6241
+CVE-2006-6241 (Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to ...)
 	NOT-FOR-US: Sorin Chitu Telnet-FTP Server
-CVE-2006-6240
+CVE-2006-6240 (Directory traversal vulnerability in Sorin Chitu Telnet-FTP Server 1.0 ...)
 	NOT-FOR-US: Sorin Chitu Telnet-FTP Server
-CVE-2006-6239
+CVE-2006-6239 (webadmin in MailEnable NetWebAdmin Professional 2.32 and Enterprise 2. ...)
 	NOT-FOR-US: MailEnable NetWebAdmin
-CVE-2006-6238
+CVE-2006-6238 (The AutoFill feature in Apple Safari 2.0.4 does not properly verify th ...)
 	NOT-FOR-US: Apple Safari
-CVE-2006-6237
+CVE-2006-6237 (SQL injection vulnerability in the decode_cookie function in thread.ph ...)
 	NOT-FOR-US: Woltlab Burning Board Lite
-CVE-2006-6236
+CVE-2006-6236 (Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote at ...)
 	NOT-FOR-US: Acrobat Reader
-CVE-2006-6235
+CVE-2006-6235 (A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x ...)
 	{DSA-1231-1}
 	- gnupg 1.4.6-1 (high; bug #401894; bug #401898; bug #401914)
 	- gnupg2 2.0.0-5.2 (high; bug #401895; bug #401913)
-CVE-2006-6234
+CVE-2006-6234 (Multiple SQL injection vulnerabilities in the Content module in PHP-Nu ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-6233
+CVE-2006-6233 (SQL injection vulnerability in the Downloads module for unknown versio ...)
 	NOT-FOR-US: PostNuke
-CVE-2006-6232
+CVE-2006-6232 (PHP remote file inclusion vulnerability in admin/index.php in DreamAcc ...)
 	NOT-FOR-US: DreamAccount
-CVE-2006-6231
+CVE-2006-6231 (vuBB 0.2.1 and earlier allows remote attackers to obtain sensitive inf ...)
 	NOT-FOR-US: VuBB
-CVE-2006-6230
+CVE-2006-6230 (SQL injection vulnerability in vuBB 0.2.1 and earlier allows remote at ...)
 	NOT-FOR-US: VuBB
-CVE-2006-6229
+CVE-2006-6229 (Codewalkers ltwCalendar (aka PHP Event Calendar) before 4.2.1 logs fai ...)
 	NOT-FOR-US: Codewalkers ltwCalendar
-CVE-2006-6228
+CVE-2006-6228 (Cross-site scripting (XSS) vulnerability in Codewalkers ltwCalendar (a ...)
 	NOT-FOR-US: Codewalkers ltwCalendar
-CVE-2006-6227
+CVE-2006-6227 (The Core::Receive function in neonet/core.cpp for NeoEngine 0.8.2 and  ...)
 	NOT-FOR-US: NeoEngine
-CVE-2006-6226
+CVE-2006-6226 (Multiple format string vulnerabilities in NeoEngine 0.8.2 and earlier, ...)
 	NOT-FOR-US: NeoEngine
-CVE-2006-6225
+CVE-2006-6225 (Multiple PHP remote file inclusion vulnerabilities in GeekLog 1.4 allo ...)
 	NOT-FOR-US: GeekLog
-CVE-2006-6224
+CVE-2006-6224 (PHP remote file inclusion vulnerability in the installation scripts in ...)
 	NOT-FOR-US: Puntal
-CVE-2006-6223
+CVE-2006-6223 (Cross-site scripting (XSS) vulnerability in Google Search Appliance an ...)
 	NOT-FOR-US: Google Search Appliance
-CVE-2006-6222
+CVE-2006-6222 (Stack-based buffer overflow in the NetBackup bpcd daemon (bpcd.exe) in ...)
 	NOT-FOR-US: Symantec Veritas NetBackup
-CVE-2006-6221
+CVE-2006-6221 (2X ThinClientServer Enterprise Edition before 4.0.2248 allows remote a ...)
 	NOT-FOR-US: 2X ThinClientServer Enterprise Edition
-CVE-2006-6220
+CVE-2006-6220 (Multiple SQL injection vulnerabilities in Recipes Website (Recipes Com ...)
 	NOT-FOR-US: Recipes Complete Website
-CVE-2006-6219
+CVE-2006-6219 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in de ...)
 	NOT-FOR-US: dev4u CMS
-CVE-2006-6218
+CVE-2006-6218 (Multiple SQL injection vulnerabilities in index.php in dev4u CMS allow ...)
 	NOT-FOR-US: dev4u CMS
-CVE-2006-6217
+CVE-2006-6217 (PHP remote file inclusion vulnerability in formdisp.php in the Mermaid ...)
 	NOT-FOR-US: Mermaid module for PHP-NUKE
-CVE-2006-6216
+CVE-2006-6216 (SQL injection vulnerability in admin_hacks_list.php in the Nivisec Hac ...)
 	NOT-FOR-US: Nivisec Hacks List
-CVE-2006-6215
+CVE-2006-6215 (Multiple SQL injection vulnerabilities in Wallpaper Website (Wallpaper ...)
 	NOT-FOR-US: Wallpaper Complete Website
-CVE-2006-6214
+CVE-2006-6214 (SQL injection vulnerability in wallpaper.php in Wallpaper Website (Wal ...)
 	NOT-FOR-US: Wallpaper Complete Website
-CVE-2006-6213
+CVE-2006-6213 (index.php in PEGames uses the extract function to overwrite critical v ...)
 	NOT-FOR-US: PEGames
-CVE-2006-6212
+CVE-2006-6212 (PHP remote file inclusion vulnerability in centre.php in Site News (si ...)
 	NOT-FOR-US: Site News
-CVE-2006-6211
+CVE-2006-6211 (Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog 1.4.0  ...)
 	NOT-FOR-US: BirdBlog
-CVE-2006-6210
+CVE-2006-6210 (SQL injection vulnerability in listpics.asp in ASP ListPics 5.0 allows ...)
 	NOT-FOR-US: ASP ListPics
-CVE-2006-6209
+CVE-2006-6209 (Multiple SQL injection vulnerabilities in MidiCart ASP Shopping Cart a ...)
 	NOT-FOR-US: MidiCart ASP Shopping Cart
-CVE-2006-6208
+CVE-2006-6208 (Multiple SQL injection vulnerabilities in Enthrallweb eClassifieds all ...)
 	NOT-FOR-US: Enthreallweb eClassifieds
 CVE-2006-6207
 	NOT-FOR-US: Evolve Merchant
-CVE-2006-6206
+CVE-2006-6206 (SQL injection vulnerability in item.asp in WarHound General Shopping C ...)
 	NOT-FOR-US: WarHound General Shopping Cart
-CVE-2006-6205
+CVE-2006-6205 (Multiple cross-site scripting (XSS) vulnerabilities in result.asp in E ...)
 	NOT-FOR-US: Enthrallweb eHomes
-CVE-2006-6204
+CVE-2006-6204 (Multiple SQL injection vulnerabilities in Enthrallweb eHomes allow rem ...)
 	NOT-FOR-US: Enthrallweb eHomes
-CVE-2006-6203
+CVE-2006-6203 (Directory traversal vulnerability in startdown.php in the Flyspray ME  ...)
 	NOT-FOR-US: Flyspray componenten for Mamba, this appears to be different from the Flyspray bug tracker
-CVE-2006-6202
+CVE-2006-6202 (PHP remote file inclusion vulnerability in modules/NukeAI/util.php in  ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-6201
+CVE-2006-6201 (Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by  ...)
 	NOT-FOR-US: Borland idsql32.dll
-CVE-2006-6200
+CVE-2006-6200 (Multiple SQL injection vulnerabilities in the (1) rate_article and (2) ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-6199
+CVE-2006-6199 (Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Profes ...)
 	NOT-FOR-US: BlazeVideo BlazeDVD
-CVE-2006-6198
+CVE-2006-6198 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost  ...)
 	NOT-FOR-US: cPanel
-CVE-2006-6197
+CVE-2006-6197 (Multiple cross-site scripting (XSS) vulnerabilities in b2evolution 1.8 ...)
 	- b2evolution <not-affected> (0.9 releases not vulnerable)
-CVE-2006-6196
+CVE-2006-6196 (Cross-site scripting (XSS) vulnerability in the search functionality i ...)
 	NOT-FOR-US: Fixit iDMS Pro Image Gallery
-CVE-2006-6195
+CVE-2006-6195 (Multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery ...)
 	NOT-FOR-US: Fixit iDMS Pro Image Gallery
-CVE-2006-6194
+CVE-2006-6194 (Multiple SQL injection vulnerabilities in index.asp in Ultimate Survey ...)
 	NOT-FOR-US: Ultimate Survey Pro
-CVE-2006-6193
+CVE-2006-6193 (SQL injection vulnerability in edit.asp in BasicForum 1.1 and earlier  ...)
 	NOT-FOR-US: BasicForum
-CVE-2006-6192
+CVE-2006-6192 (Unspecified scripts in the admin directory in 8pixel.net SimpleBlog 3. ...)
 	NOT-FOR-US: 8pixel.net SimpleBlog
-CVE-2006-6191
+CVE-2006-6191 (SQL injection vulnerability in admin/edit.asp in 8pixel.net simpleblog ...)
 	NOT-FOR-US: 8pixel.net SimpleBlog
-CVE-2006-6190
+CVE-2006-6190 (SQL injection vulnerability in anna.pl in Anna^ IRC Bot before 0.30 (a ...)
 	NOT-FOR-US: Anna^ IRC Bot
-CVE-2006-6189
+CVE-2006-6189 (SQL injection vulnerability in displayCalendar.asp in ClickTech Click  ...)
 	NOT-FOR-US: ClickTech Click Blog
-CVE-2006-6188
+CVE-2006-6188 (Cross-site scripting (XSS) vulnerability in view_search.asp in ClickTe ...)
 	NOT-FOR-US: ClickTech Click Gallery
-CVE-2006-6187
+CVE-2006-6187 (Multiple SQL injection vulnerabilities in ClickTech Click Gallery allo ...)
 	NOT-FOR-US: ClickTech Click Gallery
-CVE-2006-6186
+CVE-2006-6186 (Multiple directory traversal vulnerabilities in enomphp 4.0 allow remo ...)
 	NOT-FOR-US: enomphp
-CVE-2006-6185
+CVE-2006-6185 (Directory traversal vulnerability in script.php in Wabbit PHP Gallery  ...)
 	NOT-FOR-US: Wabbit PHP Gallery
-CVE-2006-6184
+CVE-2006-6184 (Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (A ...)
 	NOT-FOR-US: Allied Telesyn TFTP Server
-CVE-2006-6183
+CVE-2006-6183 (Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and pos ...)
 	NOT-FOR-US: 3Com 3CTftpSvc
-CVE-2006-6182
+CVE-2006-6182 (The Gabriele Teotino GNotebook 0.7.0.1 gadget for Google Desktop store ...)
 	NOT-FOR-US: Gabriele Teotino GNotebook
-CVE-2006-6181
+CVE-2006-6181 (Multiple SQL injection vulnerabilities in default.asp in ClickTech Cli ...)
 	NOT-FOR-US: ClickTech ClickContact
-CVE-2006-6180
+CVE-2006-6180 (Cross-site scripting (XSS) vulnerability in articles.asp in Expinion.n ...)
 	NOT-FOR-US: iNews Publisher
-CVE-2006-6179
+CVE-2006-6179 (Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\CgiRemoteInstal ...)
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2006-6178
+CVE-2006-6178 (Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe for  ...)
 	NOT-FOR-US: Trend Micro OfficeScan
 CVE-2006-XXXX [libxslt segfault / DoS]
 	- libxslt 1.1.19-1 (low)
 	[sarge] - libxslt <not-affected> (vulnerability added later)
-CVE-2006-6177
+CVE-2006-6177 (SQL injection vulnerability in system/core/users/users.profile.inc.php ...)
 	NOT-FOR-US: Neocrome Seditio
-CVE-2006-6176
+CVE-2006-6176 (Cross-site scripting (XSS) vulnerability in admin.php in Blogn before  ...)
 	NOT-FOR-US: Blogn
-CVE-2006-6175
+CVE-2006-6175 (Directory traversal vulnerability in lib/FBView.php in Horde Kronolith ...)
 	- kronolith2 2.1.4-1 (bug #400899; bug #401061)
 	- kronolith <not-affected> (Vulnerable code not present)
-CVE-2006-6174
+CVE-2006-6174 (Cross-site scripting (XSS) vulnerability in tDiary before 2.0.3 and 2. ...)
 	- tdiary 2.0.2+20060303-4.1 (bug #400447; bug #400650)
-CVE-2006-6173
+CVE-2006-6173 (Buffer overflow in the shared_region_make_private_np function in vm/vm ...)
 	NOT-FOR-US: Mac OS X
-CVE-2006-6172
+CVE-2006-6172 (Buffer overflow in the asmrp_eval function in the RealMedia RTSP strea ...)
 	{DSA-1244-1}
 	- xine-lib 1.1.2+dfsg-2 (medium; bug #401740)
 	- mplayer 1.0~rc1-11 (medium)
 CVE-2006-6171
 	{DSA-1218}
 	- proftpd-dfsg 1.3.0-13 (low; bug #399070)
-CVE-2006-6170
+CVE-2006-6170 (Buffer overflow in the tls_x509_name_oneline function in the mod_tls m ...)
 	{DSA-1222-1}
 	- proftpd-dfsg 1.3.0-16 (medium; bug #400793)
-CVE-2006-6168
+CVE-2006-6168 (tiki-register.php in TikiWiki before 1.9.7 allows remote attackers to  ...)
 	- tikiwiki 1.9.7+dfsg-1 (low)
 CVE-2006-6167
 	NOT-FOR-US: Active PHP Bookmarks
-CVE-2006-6166
+CVE-2006-6166 (Cross-site scripting (XSS) vulnerability in jce.php in the JCE Admin C ...)
 	NOT-FOR-US: Joomla Content Editor (JCE) for Joomla!
 CVE-2006-6165
 	NOTE: non-issue
-CVE-2006-6164
+CVE-2006-6164 (The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9  ...)
 	NOT-FOR-US: OpenBSD
-CVE-2006-6163
+CVE-2006-6163 (Cross-site scripting (XSS) vulnerability in tiki-setup_base.php in Tik ...)
 	- tikiwiki 1.9.7+dfsg-1 (low)
-CVE-2006-6162
+CVE-2006-6162 (Cross-site scripting (XSS) vulnerability in tiki-edit_structures.php i ...)
 	- tikiwiki 1.9.7+dfsg-1 (low)
-CVE-2006-6161
+CVE-2006-6161 (Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk ...)
 	NOT-FOR-US: Doug Luxem Liberum Help Desk
-CVE-2006-6160
+CVE-2006-6160 (SQL injection vulnerability in details.asp in Doug Luxem Liberum Help  ...)
 	NOT-FOR-US: Doug Luxem Liberum Help Desk
-CVE-2006-6159
+CVE-2006-6159 (Multiple cross-site scripting (XSS) vulnerabilities in newticket.php i ...)
 	NOT-FOR-US: DeskPRO
-CVE-2006-6158
+CVE-2006-6158 (Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS Help D ...)
 	NOT-FOR-US: PMOS Help Desk
-CVE-2006-6157
+CVE-2006-6157 (SQL injection vulnerability in index.php in ContentNow 1.39 and earlie ...)
 	NOT-FOR-US: ContentNow
-CVE-2006-6156
+CVE-2006-6156 (Cross-site scripting (XSS) vulnerability in auth/message.php in HIOX S ...)
 	NOT-FOR-US: HIOX Star Rating System Script (HSRS)
-CVE-2006-6155
+CVE-2006-6155 (Multiple SQL injection vulnerabilities in addrating.php in HIOX Star R ...)
 	NOT-FOR-US: HIOX Star Rating System Script (HSRS)
-CVE-2006-6154
+CVE-2006-6154 (PHP remote file inclusion vulnerability in addcode.php in HIOX Star Ra ...)
 	NOT-FOR-US: HIOX Star Rating System Script (HSRS)
-CVE-2006-6153
+CVE-2006-6153 (Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net Class ...)
 	NOT-FOR-US: vSpin.net
-CVE-2006-6152
+CVE-2006-6152 (Multiple SQL injection vulnerabilities in vSpin.net Classified System  ...)
 	NOT-FOR-US: vSpin.net
-CVE-2006-6151
+CVE-2006-6151 (PHP remote file inclusion vulnerability in centre.php in Messagerie Lo ...)
 	NOT-FOR-US: Messagerie Locale
-CVE-2006-6150
+CVE-2006-6150 (PHP remote file inclusion vulnerability in memory/OWLMemoryProperty.ph ...)
 	NOT-FOR-US: OWLLib
-CVE-2006-6149
+CVE-2006-6149 (SQL injection vulnerability in index.asp in JiRos FAQ Manager 1.0 allo ...)
 	NOT-FOR-US: JiRos FAQ Manager
-CVE-2006-6148
+CVE-2006-6148 (Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp  ...)
 	NOT-FOR-US: JiRos FAQ Manager
-CVE-2006-6147
+CVE-2006-6147 (Multiple SQL injection vulnerabilities in JiRos Links Manager allow re ...)
 	NOT-FOR-US: JiRos Links Manager
-CVE-2006-6146
+CVE-2006-6146 (Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator ...)
 	NOT-FOR-US: libharu
-CVE-2006-6145
+CVE-2006-6145 (CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in plai ...)
 	NOT-FOR-US: CRYPTOCard
-CVE-2006-6144
+CVE-2006-6144 (The "mechglue" abstraction interface of the GSS-API library for Kerber ...)
 	- krb5 <not-affected> (Only 1.5 onwards are vulnerable)
-CVE-2006-6143
+CVE-2006-6143 (The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1 ...)
 	- krb5 1.4.4-6 (high)
 	[sarge] - krb5 <not-affected>
-CVE-2006-6142
+CVE-2006-6142 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1. ...)
 	{DSA-1241-1}
 	- squirrelmail 2:1.4.9a-1
-CVE-2006-6141
+CVE-2006-6141 (Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Tftpd32
-CVE-2006-6140
+CVE-2006-6140 (PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang ...)
 	NOT-FOR-US: Sisfo Kampus
-CVE-2006-6139
+CVE-2006-6139 (Directory traversal vulnerability in downloadexcel.php in Sisfo Kampus ...)
 	NOT-FOR-US: Sisfo Kampus
-CVE-2006-6138
+CVE-2006-6138 (Directory traversal vulnerability in download.php in Sisfo Kampus 0.8  ...)
 	NOT-FOR-US: Sisfo Kampus
-CVE-2006-6137
+CVE-2006-6137 (Multiple PHP remote file inclusion vulnerabilities in Sisfo Kampus 0.8 ...)
 	NOT-FOR-US: Sisfo Kampus
-CVE-2006-6136
+CVE-2006-6136 (IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) doe ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-6135
+CVE-2006-6135 (Multiple unspecified vulnerabilities in IBM WebSphere Application Serv ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-6134
+CVE-2006-6134 (Heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE ...)
 	NOT-FOR-US: Windows Media
-CVE-2006-6133
+CVE-2006-6133 (Stack-based buffer overflow in Visual Studio Crystal Reports for Micro ...)
 	NOT-FOR-US: Business Objects Crystal Reports
-CVE-2006-6132
+CVE-2006-6132 (Multiple SQL injection vulnerabilities in Link Exchange Lite allow rem ...)
 	NOT-FOR-US: Link Exchange Lite
-CVE-2006-6131
+CVE-2006-6131 (Untrusted search path vulnerability in (1) WSAdminServer and (2) WSWeb ...)
 	NOT-FOR-US: Kerio WebSTAR
-CVE-2006-6130
+CVE-2006-6130 (Apple Mac OS X AppleTalk allows local users to cause a denial of servi ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-6169
+CVE-2006-6169 (Heap-based buffer overflow in the ask_outfile_name function in openfil ...)
 	{DSA-1231-1}
 	- gnupg 1.4.5-3 (medium; bug #401765)
 	- gnupg2 2.0.0-5.1 (medium; bug #400777)
 CVE-2006-XXXX [smb4k security issue]
 	- smb4k 0.7.5-1
 	[sarge] - smb4k <not-affected> (Vulnerable code not present)
-CVE-2006-6129
+CVE-2006-6129 (Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows loca ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-6128
+CVE-2006-6128 (The ReiserFS functionality in Linux kernel 2.6.18, and possibly other  ...)
 	- linux <not-affected> (Kernel rejects the malformed filesystem)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Kernel rejects the malformed filesystem)
 	NOTE: It's not obvious when or how this was fixed
-CVE-2006-6127
+CVE-2006-6127 (Apple Mac OS X kernel allows local users to cause a denial of service  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-6126
+CVE-2006-6126 (Apple Mac OS X allows local users to cause a denial of service (memory ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-6125
+CVE-2006-6125 (Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) 2.3.1 ...)
 	NOT-FOR-US: NetGear
-CVE-2006-6124
+CVE-2006-6124 (Cross-site scripting (XSS) vulnerability in SeleniumServer Web Server  ...)
 	NOT-FOR-US: SeleniumServer Web Server
-CVE-2006-6123
+CVE-2006-6123 (Coppermine Photo Gallery (CPG) 1.4.8 stable, with register_globals ena ...)
 	NOT-FOR-US: Coppermine Photo Gallery (CPG)
-CVE-2006-6122
+CVE-2006-6122 (Multiple buffer overflows in TIN before 1.8.2 have unspecified impact  ...)
 	- tin 1:1.8.2-1
-CVE-2006-6121
+CVE-2006-6121 (Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers ...)
 	NOT-FOR-US: Acer
-CVE-2006-6120
+CVE-2006-6120 (Integer overflow in the KPresenter import filter for Microsoft PowerPo ...)
 	- koffice 1:1.6.1-1 (bug #401230; medium)
-CVE-2006-6119
+CVE-2006-6119 (mmgallery 1.55 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: mmgallery
-CVE-2006-6118
+CVE-2006-6118 (Cross-site scripting (XSS) vulnerability in thumbs.php in mmgallery 1. ...)
 	NOT-FOR-US: mmgallery
-CVE-2006-6117
+CVE-2006-6117 (SQL injection vulnerability in index1.asp in fipsGallery 1.5 and earli ...)
 	NOT-FOR-US: fipsGallery
-CVE-2006-6116
+CVE-2006-6116 (SQL injection vulnerability in default2.asp in fipsForum 2.6 and earli ...)
 	NOT-FOR-US: fipsForum
-CVE-2006-6115
+CVE-2006-6115 (SQL injection vulnerability in index.asp in fipsCMS 4.5 and earlier al ...)
 	NOT-FOR-US: fipsCMS
 CVE-2006-6114
 	REJECTED
-CVE-2006-6113
+CVE-2006-6113 (Monkey Boards 0.3.5 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: Monkey Boards
-CVE-2006-6112
+CVE-2006-6112 (LifeType 1.0.x and 1.1.x have insufficient access control for all of t ...)
 	NOT-FOR-US: LifeType
-CVE-2006-6111
+CVE-2006-6111 (Multiple SQL injection vulnerabilities in Alan Ward A-Cart Pro 2.0 all ...)
 	NOT-FOR-US: Alan Ward A-Cart Pro
-CVE-2006-6110
+CVE-2006-6110 (Multiple SQL injection vulnerabilities in an unspecified BPG-InfoTech  ...)
 	NOT-FOR-US: BPG-InfoTech Content Management System
-CVE-2006-6109
+CVE-2006-6109 (Multiple SQL injection vulnerabilities in CandyPress Store 3.5.2.14 al ...)
 	NOT-FOR-US: CandyPress Store
-CVE-2006-6108
+CVE-2006-6108 (Cross-site scripting (XSS) vulnerability in EC-CUBE before 1.0.1a-beta ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2006-6107
+CVE-2006-6107 (Unspecified vulnerability in the match_rule_equal function in bus/sign ...)
 	- dbus 1.0.2-1 (low)
 	[sarge] - dbus <no-dsa> (Minor issue)
-CVE-2006-6106
+CVE-2006-6106 (Multiple buffer overflows in the cmtp_recv_interopmsg function in the  ...)
 	{DSA-1503-2 DSA-1503-1 DSA-1304}
 	- linux-2.6 2.6.18.dfsg.1-9
-CVE-2006-6105
+CVE-2006-6105 (Format string vulnerability in the host chooser window (gdmchooser) in ...)
 	- gdm 2.16.4-1 (medium; bug #403219)
 	[sarge] - gdm <not-affected> (Vulnerable code not present)
-CVE-2006-6104
+CVE-2006-6104 (The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in  ...)
 	- mono 1.2.2.1-1 (low)
-CVE-2006-6103
+CVE-2006-6103 (Integer overflow in the ProcDbeSwapBuffers function in the DBE extensi ...)
 	{DSA-1249-1}
 	- xorg-server 2:1.1.1-15
-CVE-2006-6102
+CVE-2006-6102 (Integer overflow in the ProcDbeGetVisualInfo function in the DBE exten ...)
 	{DSA-1249-1}
 	- xorg-server 2:1.1.1-15
-CVE-2006-6101
+CVE-2006-6101 (Integer overflow in the ProcRenderAddGlyphs function in the Render ext ...)
 	{DSA-1249-1}
 	- xorg-server 2:1.1.1-15
 CVE-2006-6100
@@ -2599,49 +2599,49 @@ CVE-2006-6099
 	REJECTED
 CVE-2006-6098
 	REJECTED
-CVE-2006-6097
+CVE-2006-6097 (GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assi ...)
 	{DSA-1223-1}
 	- tar 1.16-2 (high; bug #399845)
-CVE-2006-6096
+CVE-2006-6096 (Cross-site scripting (XSS) vulnerability in activenews_search.asp in A ...)
 	NOT-FOR-US: ActiveNews Manage
-CVE-2006-6095
+CVE-2006-6095 (Multiple SQL injection vulnerabilities in ActiveNews Manager allow rem ...)
 	NOT-FOR-US: ActiveNews Manage
-CVE-2006-6094
+CVE-2006-6094 (Multiple SQL injection vulnerabilities in ActiveNews Manager allow rem ...)
 	NOT-FOR-US: ActiveNews Manage
-CVE-2006-6093
+CVE-2006-6093 (Multiple PHP remote file inclusion vulnerabilities in adminprint.php i ...)
 	NOT-FOR-US: PicturesPro Photo Cart
-CVE-2006-6092
+CVE-2006-6092 (Multiple SQL injection vulnerabilities in vehiclelistings.asp in 20/20 ...)
 	NOT-FOR-US: Auto Gallery
-CVE-2006-6091
+CVE-2006-6091 (Cross-site scripting (XSS) vulnerability in Grim Pirate GrimBB before  ...)
 	NOT-FOR-US: GrimBB
-CVE-2006-6090
+CVE-2006-6090 (Multiple SQL injection vulnerabilities in BaalAsp forum allow remote a ...)
 	NOT-FOR-US: BaalAsp
-CVE-2006-6089
+CVE-2006-6089 (Multiple cross-site scripting (XSS) vulnerabilities in addpost1.asp in ...)
 	NOT-FOR-US: BaalAsp forum
-CVE-2006-6088
+CVE-2006-6088 (Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar i-Ga ...)
 	NOT-FOR-US: i-Gallery
-CVE-2006-6087
+CVE-2006-6087 (Cross-site scripting (XSS) vulnerability in weblog.php in my little we ...)
 	NOT-FOR-US: my little weblog
-CVE-2006-6086
+CVE-2006-6086 (PHP remote file inclusion vulnerability in src/ark_inc.php in e-Ark 1. ...)
 	NOT-FOR-US: e-Ark
-CVE-2006-6085
+CVE-2006-6085 (Kile before 1.9.3 does not assign a backup file the same permissions a ...)
 	- kile 1:1.9.3-1 (low)
 	[sarge] - kile <no-dsa> (Minor issue)
-CVE-2006-6084
+CVE-2006-6084 (Directory traversal vulnerability in abitwhizzy.php in aBitWhizzy allo ...)
 	NOT-FOR-US: aBitWhizzy
-CVE-2006-6083
+CVE-2006-6083 (SQL injection vulnerability in search.asp in CreaScripts Creadirectory ...)
 	NOT-FOR-US: CreaScripts Creadirectory
-CVE-2006-6082
+CVE-2006-6082 (Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts Cre ...)
 	NOT-FOR-US: CreaScripts Creadirectory
-CVE-2006-6081
+CVE-2006-6081 (PHP remote file inclusion vulnerability in Smarty_Compiler.class.php i ...)
 	NOT-FOR-US: Telaen
-CVE-2006-6080
+CVE-2006-6080 (Multiple SQL injection vulnerabilities in categories.asp in gNews Publ ...)
 	NOT-FOR-US: gNews
-CVE-2006-6079
+CVE-2006-6079 (Multiple PHP remote file inclusion vulnerabilities in LoudMouth 2.4 al ...)
 	NOT-FOR-US: LoudMouth (PHP thingy, not libloudmouth)
-CVE-2006-6078
+CVE-2006-6078 (PHP remote file inclusion vulnerability in common.inc.php in a-ConMan  ...)
 	NOT-FOR-US: a-ConMan
-CVE-2006-6077
+CVE-2006-6077 (The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earli ...)
 	{DSA-1336-1}
 	NOTE: MFSA-2007-02
 	- iceweasel 2.0.0.2+dfsg-1 (high; bug #409220)
@@ -2650,158 +2650,158 @@ CVE-2006-6077
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
 	- xulrunner 1.8.0.10-1 (medium)
 	NOTE: Epiphany affected by xulrunner
-CVE-2006-6076
+CVE-2006-6076 (Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Compu ...)
 	NOT-FOR-US: BrightStor
-CVE-2006-6075
+CVE-2006-6075 (Cross-site scripting (XSS) vulnerability in addpost1.asp in BaalAsp fo ...)
 	NOT-FOR-US: BaalAsp forum
-CVE-2006-6074
+CVE-2006-6074 (Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart a ...)
 	NOT-FOR-US: Enthrallweb eShopping Cart
-CVE-2006-6073
+CVE-2006-6073 (Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart a ...)
 	NOT-FOR-US: Enthrallweb eShopping Cart
-CVE-2006-6072
+CVE-2006-6072 (SQL injection vulnerability in bpg/publications_list.asp in BPG-InfoTe ...)
 	NOT-FOR-US: BPG-InfoTech Easy Publisher
-CVE-2006-6071
+CVE-2006-6071 (TWiki 4.0.5 and earlier, when running under Apache 1.3 using ApacheLog ...)
 	- twiki 1:4.0.5-2 (bug #401303; low)
-CVE-2006-6070
+CVE-2006-6070 (SQL injection vulnerability in module/account/register/register.asp in ...)
 	NOT-FOR-US: ASP Nuke
-CVE-2006-6069
+CVE-2006-6069 (index.php in mAlbum 0.3 and earlier allows remote attackers to obtain  ...)
 	NOT-FOR-US: mAlbum
-CVE-2006-6068
+CVE-2006-6068 (Directory traversal vulnerability in the cached_album function in func ...)
 	NOT-FOR-US: mAlbum
-CVE-2006-6067
+CVE-2006-6067 (Multiple SQL injection vulnerabilities in 20/20 DataShed (aka Real Est ...)
 	NOT-FOR-US: DataShed
-CVE-2006-6066
+CVE-2006-6066 (Multiple SQL injection vulnerabilities in Dragon Calendar / Events Lis ...)
 	NOT-FOR-US: Dragon Calendar
-CVE-2006-6065
+CVE-2006-6065 (PHP remote file inclusion vulnerability in includes/mx_common.php in t ...)
 	NOT-FOR-US: CalSnails Module for MxBB Portal
-CVE-2006-6064
+CVE-2006-6064 (Multiple buffer overflows in the Message Parsing Interpreter (MPI) in  ...)
 	NOT-FOR-US: Fuzzball MUCK
-CVE-2006-6063
+CVE-2006-6063 (Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allo ...)
 	NOT-FOR-US: XMPlay
-CVE-2006-6062
+CVE-2006-6062 (Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-6061
+CVE-2006-6061 (com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possi ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-6060
+CVE-2006-6060 (The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and possi ...)
 	{DSA-1304}
 	- linux-2.6 2.6.18.dfsg.1-10 (unimportant)
 	NOTE: Mounting filesystem partitions should be limited to root
-CVE-2006-6059
+CVE-2006-6059 (Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear MA52 ...)
 	NOT-FOR-US: NetGear
-CVE-2006-6058
+CVE-2006-6058 (The minix filesystem code in Linux kernel 2.6.x before 2.6.24, includi ...)
 	{DSA-1504-1 DSA-1436-1}
 	- linux-2.6 2.6.22-6
 	NOTE: Mounting filesystem partitions should be limited to root
-CVE-2006-6057
+CVE-2006-6057 (The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on F ...)
 	- linux-2.6 <not-affected> (Debian kernels up to 2.6.18 didn't include GFS)
-CVE-2006-6056
+CVE-2006-6056 (Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when SELi ...)
 	{DSA-1304}
 	- linux-2.6 2.6.18.dfsg.1-10 (unimportant)
 	NOTE: Mounting filesystem partitions should be limited to root
-CVE-2006-6055
+CVE-2006-6055 (Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G ...)
 	NOT-FOR-US: D-Link
-CVE-2006-6054
+CVE-2006-6054 (The ext2 file system code in Linux kernel 2.6.x allows local users to  ...)
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1}
 	- linux-2.6 2.6.18.dfsg.1-10 (unimportant)
 	NOTE: Mounting filesystem partitions should be limited to root
-CVE-2006-6053
+CVE-2006-6053 (The ext3fs_dirhash function in Linux kernel 2.6.x allows local users t ...)
 	{DSA-1503-2 DSA-1503-1 DSA-1304}
 	- linux-2.6 2.6.18.dfsg.1-10 (unimportant)
 	NOTE: Mounting filesystem partitions should be limited to root
-CVE-2006-6052
+CVE-2006-6052 (NetEpi Case Manager before 0.98 generates different error messages dep ...)
 	NOT-FOR-US: NetEpi Case Manager
-CVE-2006-6051
+CVE-2006-6051 (PHP remote file inclusion vulnerability in reporter.logic.php in the M ...)
 	NOT-FOR-US: MosReporter (com_reporter) component for Joomla!
-CVE-2006-6050
+CVE-2006-6050 (Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em allo ...)
 	NOT-FOR-US: Rank'em
-CVE-2006-6049
+CVE-2006-6049 (PHP remote file inclusion vulnerability in shambo2.php in the Shambo2  ...)
 	NOT-FOR-US: Shambo2 (com_shambo2) component for Mambo
-CVE-2006-6048
+CVE-2006-6048 (SQL injection vulnerability in index.php in Etomite CMS 0.6.1.2, when  ...)
 	NOT-FOR-US: Etomite CMS
-CVE-2006-6047
+CVE-2006-6047 (Directory traversal vulnerability in manager/index.php in Etomite 0.6. ...)
 	NOT-FOR-US: Etomite CMSEtomite CMS
-CVE-2006-6046
+CVE-2006-6046 (Multiple cross-site scripting (XSS) vulnerabilities in eggblog 3.1.0 a ...)
 	NOT-FOR-US: eggblog
-CVE-2006-6045
+CVE-2006-6045 (Multiple PHP remote file inclusion vulnerabilities in Comdev One Admin ...)
 	NOT-FOR-US: omdev One Admin
-CVE-2006-6044
+CVE-2006-6044 (PHP remote file inclusion vulnerability in gallery_top.inc.php in PHPQ ...)
 	NOT-FOR-US: PHPQuickGallery
-CVE-2006-6043
+CVE-2006-6043 (PHP file inclusion vulnerability in loginform-inc.php in Oliver (forme ...)
 	NOT-FOR-US: Oliver (formerly Webshare)
-CVE-2006-6042
+CVE-2006-6042 (PHP remote file inclusion vulnerability in core/editor.php in phpWebTh ...)
 	NOT-FOR-US: phpWebThings
-CVE-2006-6041
+CVE-2006-6041 (Multiple PHP remote file inclusion vulnerabilities in Laurent Van den  ...)
 	NOT-FOR-US: WORK system e-commerce
-CVE-2006-6040
+CVE-2006-6040 (Multiple cross-site scripting (XSS) vulnerabilities in admincp/index.p ...)
 	NOT-FOR-US: vBulletin
-CVE-2006-6039
+CVE-2006-6039 (SQL injection vulnerability in matchdetail.php in Powie's PHP MatchMak ...)
 	NOT-FOR-US: MatchMaker
-CVE-2006-6038
+CVE-2006-6038 (SQL injection vulnerability in editpoll.php in Powie's PHP Forum (pFor ...)
 	NOT-FOR-US: Powie's PHP Forum
-CVE-2006-6037
+CVE-2006-6037 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Da ...)
 	NOT-FOR-US: Travelsized CMS
-CVE-2006-6036
+CVE-2006-6036 (SQL injection vulnerability in OpenHuman before 1.0 allows remote atta ...)
 	NOT-FOR-US: OpenHuman
-CVE-2006-6035
+CVE-2006-6035 (Cross-site scripting (XSS) vulnerability in list.php in BLOG:CMS 4.1.3 ...)
 	NOT-FOR-US: BLOG:CMS
-CVE-2006-6034
+CVE-2006-6034 (Multiple SQL injection vulnerabilities in SitesOutlet E-commerce Kit-1 ...)
 	NOT-FOR-US: SitesOutlet E-commerce Kit-1
-CVE-2006-6033
+CVE-2006-6033 (Multiple directory traversal vulnerabilities in Simple PHP Blog (SPHPB ...)
 	NOT-FOR-US: Simple PHP Blog
-CVE-2006-6032
+CVE-2006-6032 (Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog ...)
 	NOT-FOR-US: Simple PHP Blog
-CVE-2006-6031
+CVE-2006-6031 (Multiple SQL injection vulnerabilities in Greater Cincinnati Internet  ...)
 	NOT-FOR-US: ASPCart
-CVE-2006-6030
+CVE-2006-6030 (Multiple SQL injection vulnerabilities in E-Calendar Pro 3.0 allow rem ...)
 	NOT-FOR-US: E-Calendar ProE-Calendar Pro
-CVE-2006-6029
+CVE-2006-6029 (SQL injection vulnerability in vir_Login.asp in Property Pro 1.0 allow ...)
 	NOT-FOR-US: Property Pro
-CVE-2006-6028
+CVE-2006-6028 (Directory traversal vulnerability in textview.php in Anton Vlasov DoSe ...)
 	NOT-FOR-US: DoSePa
-CVE-2006-6027
+CVE-2006-6027 (Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote at ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2006-6026
+CVE-2006-6026 (Heap-based buffer overflow in Real Networks Helix Server and Helix Mob ...)
 	NOT-FOR-US: Helix DNA Server
-CVE-2006-6025
+CVE-2006-6025 (QUALCOMM Eudora WorldMail 4.0 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: QUALCOMM Eudora WorldMail
-CVE-2006-6024
+CVE-2006-6024 (Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 ve ...)
 	NOT-FOR-US: Eudora Worldmail
 CVE-2006-6023
 	NOT-FOR-US: Bloo
-CVE-2006-6022
+CVE-2006-6022 (Cross-site scripting (XSS) vulnerability in login_form.asp in BestWebA ...)
 	NOT-FOR-US: BestWebApp Dating Site
-CVE-2006-6021
+CVE-2006-6021 (SQL injection vulnerability in the login component in BestWebApp Datin ...)
 	NOT-FOR-US: BestWebApp Dating Site
-CVE-2006-6020
+CVE-2006-6020 (Cross-site scripting (XSS) vulnerability in announce.php in Blog Torre ...)
 	NOT-FOR-US: Blog Torrent Preview
-CVE-2006-6019
+CVE-2006-6019 (Cross-site scripting (XSS) vulnerability in extensions/googiespell/goo ...)
 	NOT-FOR-US: Bloo
 CVE-2006-6018
 	NOT-FOR-US: My-BIC
-CVE-2006-6017
+CVE-2006-6017 (WordPress before 2.0.5 does not properly store a profile containing a  ...)
 	- wordpress 2.0.5-0.1
-CVE-2006-6016
+CVE-2006-6016 (wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authent ...)
 	- wordpress 2.0.5-0.1
-CVE-2006-6015
+CVE-2006-6015 (Buffer overflow in the JavaScript implementation in Safari on Apple Ma ...)
 	- kdebase <unfixed> (unimportant; bug #400121)
 	NOTE: Browser crashes are not treated as security problems
-CVE-2006-6014
+CVE-2006-6014 (The NetBSD-current kernel before 20061028 does not properly perform bo ...)
 	NOT-FOR-US: NetBSD
-CVE-2006-6013
+CVE-2006-6013 (Integer signedness error in the fw_ioctl (FW_IOCTL) function in the Fi ...)
 	- kfreebsd-5 5.4-21
 	[etch] - kfreebsd-5 <no-dsa> (no security support)
-CVE-2006-6012
+CVE-2006-6012 (Cross-site scripting (XSS) vulnerability in csm/asp/listings.asp in MG ...)
 	NOT-FOR-US: Car Site Manager
-CVE-2006-6011
+CVE-2006-6011 (Unspecified vulnerability in SAP Web Application Server before 6.40 pa ...)
 	NOT-FOR-US: SAP
-CVE-2006-6010
+CVE-2006-6010 (SAP allows remote attackers to obtain potentially sensitive informatio ...)
 	NOT-FOR-US: SAP
-CVE-2006-6009
+CVE-2006-6009 (Unspecified vulnerability in the Java Runtime Environment (JRE) Swing  ...)
 	- sun-java5 1.5.0-08-1
-CVE-2006-6008
+CVE-2006-6008 (ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, d ...)
 	{DSA-1217}
 	- linux-ftpd 0.17-23
-CVE-2006-6007
+CVE-2006-6007 (save_profile.asp in WebEvents (Online Event Registration Template) 2.0 ...)
 	NOT-FOR-US: WebEvents (Online Event Registration Template)
 CVE-2006-6006
 	REJECTED
@@ -2827,437 +2827,437 @@ CVE-2006-5996
 	REJECTED
 CVE-2006-5995
 	REJECTED
-CVE-2006-5994
+CVE-2006-5994 (Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word ...)
 	NOT-FOR-US: Microsoft Word
 CVE-2006-5993
 	REJECTED
 CVE-2006-5992
 	REJECTED
-CVE-2006-5991
+CVE-2006-5991 (Multiple SQL injection vulnerabilities in wwweb concepts CactuShop all ...)
 	NOT-FOR-US: CactuShop
-CVE-2006-5990
+CVE-2006-5990 (VMWare VirtualCenter client 2.x before 2.0.1 Patch 1 (Build 33643) and ...)
 	NOT-FOR-US: VMWare
-CVE-2006-5989
+CVE-2006-5989 (Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allo ...)
 	{DSA-1247-1}
 	- libapache-mod-auth-kerb 5.3-1 (low; bug #400589)
-CVE-2006-5988
+CVE-2006-5988 (Unspecified vulnerability in Windows 2000 Advanced Server SP4 running  ...)
 	NOT-FOR-US: Windows
-CVE-2006-5987
+CVE-2006-5987 (SQL injection vulnerability in default.asp in ASPintranet, possibly 1. ...)
 	NOT-FOR-US: ASPintranet
-CVE-2006-5986
+CVE-2006-5986 (admin/options.php in Extreme CMS 0.9, and possibly earlier, does not r ...)
 	NOT-FOR-US: Extreme CMS
-CVE-2006-5985
+CVE-2006-5985 (Multiple cross-site scripting (XSS) vulnerabilities in admin/options.p ...)
 	NOT-FOR-US: Extreme CMS
-CVE-2006-5984
+CVE-2006-5984 (Multiple cross-site scripting (XSS) vulnerabilities in Helm Web Hostin ...)
 	NOT-FOR-US: Helm Hosting Control Panel
-CVE-2006-5983
+CVE-2006-5983 (Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software D ...)
 	NOT-FOR-US: DirectAdmin
-CVE-2006-5982
+CVE-2006-5982 (SeleniumServer FTP Server 1.0, and possibly earlier, stores user passw ...)
 	NOT-FOR-US: Selenium Server
-CVE-2006-5981
+CVE-2006-5981 (Multiple directory traversal vulnerabilities in SeleniumServer FTP Ser ...)
 	NOT-FOR-US: Selenium Server
-CVE-2006-5980
+CVE-2006-5980 (adm_lgn_admin.asp in Renasoft NetJetServer 2.5.3.939, and possibly ear ...)
 	NOT-FOR-US: NetJetServer
-CVE-2006-5979
+CVE-2006-5979 (Renasoft NetJetServer 2.5.3.939, and possibly earlier, uses insecure p ...)
 	NOT-FOR-US: NetJetServer
-CVE-2006-5978
+CVE-2006-5978 (Unspecified vulnerability in E-Xoopport before 2.2.0 has unknown impac ...)
 	NOT-FOR-US: E-Xoopport
-CVE-2006-5977
+CVE-2006-5977 (Multiple SQL injection vulnerabilities in MultiCalendars allow remote  ...)
 	NOT-FOR-US: MultiCalendars
-CVE-2006-5976
+CVE-2006-5976 (Multiple SQL injection vulnerabilities in admin_login.asp in BlogMe 3. ...)
 	NOT-FOR-US: BlogMe
-CVE-2006-5975
+CVE-2006-5975 (Multiple cross-site scripting (XSS) vulnerabilities in comments.asp in ...)
 	NOT-FOR-US: BlogMe
-CVE-2006-5974
+CVE-2006-5974 (fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message de ...)
 	- fetchmail 6.3.6-1 (low)
 	[sarge] - fetchmail <not-affected> (Vulnerable code not present)
-CVE-2006-5973
+CVE-2006-5973 (Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and  ...)
 	- dovecot 1.0.rc15-1
 	[sarge] - dovecot <not-affected> (Vulnerable code not present)
 CVE-2006-XXXX [Firefox Sage Extension Feed Script Insertion Vulnerability]
 	- firefox-sage <not-affected> (medium; bug #399170)
 	NOTE: Debian's version has HTML disabled
-CVE-2006-5972
+CVE-2006-5972 (Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless ...)
 	NOT-FOR-US: NetGear
-CVE-2006-5971
+CVE-2006-5971 (Absolute path traversal vulnerability in admin/logfile.txt in Verity U ...)
 	NOT-FOR-US: Verity Ultraseek
-CVE-2006-5970
+CVE-2006-5970 (Verity Ultraseek before 5.7 allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: Verity Ultraseek
-CVE-2006-5969
+CVE-2006-5969 (CRLF injection vulnerability in the evalFolderLine function in fvwm 2. ...)
 	- fvwm 1:2.5.18-2 (low; bug #400303)
 	[sarge] - fvwm <no-dsa> (Minor issue)
-CVE-2006-5968
+CVE-2006-5968 (MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other versions, ins ...)
 	NOT-FOR-US: MDaemon
-CVE-2006-5967
+CVE-2006-5967 (Race condition in Panda ActiveScan 5.53.00, and other versions before  ...)
 	NOT-FOR-US: Panda ActiveScan
-CVE-2006-5966
+CVE-2006-5966 (Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows re ...)
 	NOT-FOR-US: Panda ActiveScan
-CVE-2006-5965
+CVE-2006-5965 (PassGo SSO Plus 2.1.0.32, and probably earlier versions, uses insecure ...)
 	NOT-FOR-US: PassGo SSO Plus
-CVE-2006-5964
+CVE-2006-5964 (choShilA.bpl in PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221 allows ...)
 	NOT-FOR-US: PentaZip
-CVE-2006-5963
+CVE-2006-5963 (Directory traversal vulnerability in PentaZip 8.5.1.190 and PentaSuite ...)
 	NOT-FOR-US: PentaZip
-CVE-2006-5962
+CVE-2006-5962 (Multiple SQL injection vulnerabilities in Hpecs Shopping Cart allow re ...)
 	NOT-FOR-US: Hpecs Shopping Cart
-CVE-2006-5961
+CVE-2006-5961 (Buffer overflow in Mercury Mail Transport System 4.01b for Windows has ...)
 	NOT-FOR-US: Mercury Mail Transport
-CVE-2006-5960
+CVE-2006-5960 (Multiple cross-site scripting (XSS) vulnerabilities in account_login.a ...)
 	NOT-FOR-US: A+ Store E-Commerce
-CVE-2006-5959
+CVE-2006-5959 (SQL injection vulnerability in browse.asp in A+ Store E-Commerce allow ...)
 	NOT-FOR-US: A+ Store E-Commerce
-CVE-2006-5958
+CVE-2006-5958 (Multiple cross-site scripting (XSS) vulnerabilities in INFINICART allo ...)
 	NOT-FOR-US: INFINICART
 CVE-2006-5957
 	NOT-FOR-US: INFINICART
-CVE-2006-5956
+CVE-2006-5956 (XLineSoft PHPRunner 3.1 stores the (1) database server name, (2) datab ...)
 	NOT-FOR-US: PHPRunner
-CVE-2006-5955
+CVE-2006-5955 (SQL injection vulnerability in listings.asp in 20/20 DataShed (aka Rea ...)
 	NOT-FOR-US: DataShed
-CVE-2006-5954
+CVE-2006-5954 (SQL injection vulnerability in page.asp in NetVIOS 2.0 and earlier all ...)
 	NOT-FOR-US: NetVIOS
-CVE-2006-5953
+CVE-2006-5953 (SQL injection vulnerability in viewcart.asp in Evolve shopping cart (a ...)
 	NOT-FOR-US: Evolve shopping cart
-CVE-2006-5952
+CVE-2006-5952 (SQL injection vulnerability in admin/default.asp in ASP Smiley 1.0 all ...)
 	NOT-FOR-US: ASP Smiley
-CVE-2006-5951
+CVE-2006-5951 (PHP remote file inclusion vulnerability in pipe.php in Exophpdesk 1.2  ...)
 	NOT-FOR-US: Exophpdesk
-CVE-2006-5950
+CVE-2006-5950 (Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and  ...)
 	NOT-FOR-US: ALTools ALFTP FTP Server
-CVE-2006-5949
+CVE-2006-5949 (Directory traversal vulnerability in ALTools ALFTP FTP Server 4.1 beta ...)
 	NOT-FOR-US: ALTools ALFTP FTP Server
-CVE-2006-5948
+CVE-2006-5948 (PHP remote file inclusion vulnerability in pntUnit/Inspect.php in phpP ...)
 	NOT-FOR-US: phpPeanuts
-CVE-2006-5947
+CVE-2006-5947 (Multiple directory traversal vulnerabilities in Conxint FTP Server 2.2 ...)
 	NOT-FOR-US: Conxint FTP Server
-CVE-2006-5946
+CVE-2006-5946 (SQL injection vulnerability in demo/glossary/glossary.asp in FunkyASP  ...)
 	NOT-FOR-US: FunkyASP Glossary
-CVE-2006-5945
+CVE-2006-5945 (Multiple SQL injection vulnerabilities in MGinternet Car Site Manager  ...)
 	NOT-FOR-US: MGinternet Car Site Manager
-CVE-2006-5944
+CVE-2006-5944 (Cross-site scripting (XSS) vulnerability in csm/asp/listings.asp in MG ...)
 	NOT-FOR-US: MGinternet Car Site Manager
-CVE-2006-5943
+CVE-2006-5943 (Multiple SQL injection vulnerabilities in inventory/display/imager.asp ...)
 	NOT-FOR-US: Less Inventory Manager
-CVE-2006-5942
+CVE-2006-5942 (Cross-site scripting (XSS) vulnerability in inventory/display/display_ ...)
 	NOT-FOR-US: Less Inventory Manager
 CVE-2006-5941
 	REJECTED
-CVE-2006-5940
+CVE-2006-5940 (Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has ...)
 	NOT-FOR-US: Grisoft AVG Anti-Virus
-CVE-2006-5939
+CVE-2006-5939 (Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause ...)
 	NOT-FOR-US: Grisoft AVG Anti-Virus
-CVE-2006-5938
+CVE-2006-5938 (Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote at ...)
 	NOT-FOR-US: Grisoft AVG Anti-Virus
-CVE-2006-5937
+CVE-2006-5937 (Multiple integer overflows in Grisoft AVG Anti-Virus before 7.1.407 al ...)
 	NOT-FOR-US: Grisoft AVG Anti-Virus
-CVE-2006-5936
+CVE-2006-5936 (SQL injection vulnerability in dept.asp in SiteXpress E-Commerce Syste ...)
 	NOT-FOR-US: SiteXpress E-Commerce
-CVE-2006-5935
+CVE-2006-5935 (SQL injection vulnerability in index.php in ShopSystems 4.0 and earlie ...)
 	NOT-FOR-US: ShopSystems
-CVE-2006-5934
+CVE-2006-5934 (SQL injection vulnerability in admin/default.asp in Estate Agent Manag ...)
 	NOT-FOR-US: Estate Agent Manager
-CVE-2006-5933
+CVE-2006-5933 (SQL injection vulnerability in update.asp in UltraSite 1.0 allows remo ...)
 	NOT-FOR-US: UltraSite
-CVE-2006-5932
+CVE-2006-5932 (Kahua before 0.7, when running multiple applications under a single su ...)
 	NOT-FOR-US: Kahua
-CVE-2006-5931
+CVE-2006-5931 (Multiple PHP remote file inclusion vulnerabilities in Aigaion Web base ...)
 	NOT-FOR-US: Aigaion
-CVE-2006-5930
+CVE-2006-5930 (Multiple PHP remote file inclusion vulnerabilities in Aigaion Web base ...)
 	NOT-FOR-US: Aigaion
-CVE-2006-5929
+CVE-2006-5929 (PHP remote file inclusion vulnerability in firepjs.php in Phpjobschedu ...)
 	NOT-FOR-US: Phpjobscheduler
-CVE-2006-5928
+CVE-2006-5928 (Multiple PHP remote file inclusion vulnerabilities in Phpjobscheduler  ...)
 	NOT-FOR-US: Phpjobscheduler
-CVE-2006-5927
+CVE-2006-5927 (SQL injection vulnerability in cpLogin.asp in ASP Scripter Easy Portal ...)
 	NOT-FOR-US: ASP Scripter Easy Portal
-CVE-2006-5926
+CVE-2006-5926 (Multiple SQL injection vulnerabilities in mail.php in Vallheru before  ...)
 	NOT-FOR-US: Vallheru
-CVE-2006-5925
+CVE-2006-5925 (Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed  ...)
 	{DSA-1240-1 DSA-1228-1 DSA-1226-1}
 	- links 0.99+1.00pre12-1.1 (medium; bug #399188)
 	- elinks 0.11.1-1.2 (medium; bug #399187)
 	- links2 2.1pre25-2 (medium; bug #400718)
-CVE-2006-5924
+CVE-2006-5924 (Cross-site scripting (XSS) vulnerability in index.php in Efficient IP  ...)
 	NOT-FOR-US: Efficient IP iPmanager (IPm)
-CVE-2006-5923
+CVE-2006-5923 (PHP remote file inclusion vulnerability in index.php in Chris Mac gtca ...)
 	NOT-FOR-US: gtcatalog
-CVE-2006-5922
+CVE-2006-5922 (index.php in Wheatblog (wB) allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: Wheatblog
-CVE-2006-5921
+CVE-2006-5921 (Multiple cross-site scripting (XSS) vulnerabilities in add_comment.php ...)
 	NOT-FOR-US: Wheatblog
 CVE-2006-5920
 	NOT-FOR-US: Exporia
-CVE-2006-5919
+CVE-2006-5919 (PHP remote file inclusion vulnerability in admin/e_data/visEdit_contro ...)
 	NOT-FOR-US: KnowledgeBuilder
-CVE-2006-5918
+CVE-2006-5918 (Unrestricted file upload vulnerability in RapidKill (aka PHP Rapid Kil ...)
 	NOT-FOR-US: RapidKill
-CVE-2006-5917
+CVE-2006-5917 (Multiple SQL injection vulnerabilities in OmniStar Article Manager all ...)
 	NOT-FOR-US: OmniStar Article Manager
-CVE-2006-5916
+CVE-2006-5916 (Intego VirusBarrier X4 allows context-dependent attackers to bypass vi ...)
 	NOT-FOR-US: Intego VirusBarrier
-CVE-2006-5915
+CVE-2006-5915 (Multiple cross-site scripting (XSS) vulnerabilities in ls.php in SAMED ...)
 	NOT-FOR-US: LandShop
-CVE-2006-5914
+CVE-2006-5914 (SQL injection vulnerability in ls.php in SAMEDIA LandShop allows remot ...)
 	NOT-FOR-US: LandShop
-CVE-2006-5913
+CVE-2006-5913 (Microsoft Internet Explorer 7 allows remote attackers to (1) cause a s ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5912
+CVE-2006-5912 (Unspecified vulnerability in Campware Campsite before 2.6.2 has unknow ...)
 	NOT-FOR-US: Campware Campsite
-CVE-2006-5911
+CVE-2006-5911 (Multiple PHP remote file inclusion vulnerabilities in Campware Campsit ...)
 	NOT-FOR-US: Campware Campsite
-CVE-2006-5910
+CVE-2006-5910 (Multiple PHP remote file inclusion vulnerabilities in Campware Campsit ...)
 	NOT-FOR-US: Campware Campsite
-CVE-2006-5909
+CVE-2006-5909 (generaloptions.php in Paul Tarjan Stanford Conference And Research For ...)
 	NOT-FOR-US: Stanford Conference And Research Forum (SCARF)
-CVE-2006-5908
+CVE-2006-5908 (Multiple SQL injection vulnerabilities in the login_user function in y ...)
 	NOT-FOR-US: Yet Another News System
-CVE-2006-5907
+CVE-2006-5907 (SQL injection vulnerability in modules/bannieres/bannieres.php in Jean ...)
 	NOT-FOR-US: SCRIPT BANNIERES
 CVE-2006-5906
 	NOT-FOR-US: SCRIPT BANNIERES
-CVE-2006-5905
+CVE-2006-5905 (Web Directory Pro allows remote attackers to (1) backup the database a ...)
 	NOT-FOR-US: Web Directory Pro
-CVE-2006-5904
+CVE-2006-5904 (Multiple PHP remote file inclusion vulnerabilities in MWChat Pro 7.0 a ...)
 	NOT-FOR-US: MWChat Pro
-CVE-2006-5903
+CVE-2006-5903 (Rahul Jonna Gmail File Space (GSpace) allows remote attackers to perfo ...)
 	NOT-FOR-US: GSpace
-CVE-2006-5902
+CVE-2006-5902 (viksoe GMail Drive shell extension allows remote attackers to perform  ...)
 	NOT-FOR-US: viksoe GMail Drive
-CVE-2006-5901
+CVE-2006-5901 (Hawking Technology wireless router WR254-CA uses a hardcoded IP addres ...)
 	NOT-FOR-US: Hawking Technology wireless router WR254-CA
-CVE-2006-5900
+CVE-2006-5900 (Cross-site scripting (XSS) vulnerability in the incubator/tests/Zend/H ...)
 	NOT-FOR-US: Zend Framework Preview
 CVE-2006-5899
 	NOT-FOR-US: @cid stat
-CVE-2006-5898
+CVE-2006-5898 (Directory traversal vulnerability in localization/languages.lib.php3 i ...)
 	NOT-FOR-US: PhpMyChat
-CVE-2006-5897
+CVE-2006-5897 (Multiple directory traversal vulnerabilities in PhpMyChat Plus 1.9 and ...)
 	NOT-FOR-US: PhpMyChat Plus
-CVE-2006-5896
+CVE-2006-5896 (REMLAB Web Mech Designer 2.0.5 allows remote attackers to obtain the f ...)
 	NOT-FOR-US: Web Mech Designer
-CVE-2006-5895
+CVE-2006-5895 (PHP remote file inclusion vulnerability in core/core.php in EncapsCMS  ...)
 	NOT-FOR-US: EncapsCMS
-CVE-2006-5894
+CVE-2006-5894 (Directory traversal vulnerability in lang.php in Rama CMS 0.68 and ear ...)
 	NOT-FOR-US: Rama CMS
-CVE-2006-5893
+CVE-2006-5893 (Multiple PHP remote file inclusion vulnerabilities in iWonder Designs  ...)
 	NOT-FOR-US: iWonder Designs Storystream
-CVE-2006-5892
+CVE-2006-5892 (SQL injection vulnerability in MoreInfo.asp in The Net Guys ASPired2Po ...)
 	NOT-FOR-US: The Net Guys ASPired2Poll
-CVE-2006-5891
+CVE-2006-5891 (SQL injection vulnerability in detail.asp in Superfreaker Studios USto ...)
 	NOT-FOR-US: Superfreaker Studios UStore
-CVE-2006-5890
+CVE-2006-5890 (SQL injection vulnerability in detail.asp in Superfreaker Studios USup ...)
 	NOT-FOR-US: Superfreaker Studios UStore
-CVE-2006-5889
+CVE-2006-5889 (SQL injection vulnerability in printLog.php in BrewBlogger (BB) 1.3.1  ...)
 	NOT-FOR-US: BrewBlogger
-CVE-2006-5888
+CVE-2006-5888 (SQL injection vulnerability in viewarticle.asp in Superfreaker Studios ...)
 	NOT-FOR-US: Superfreaker Studios UPublisher
-CVE-2006-5887
+CVE-2006-5887 (SQL injection vulnerability in CampusNewsDetails.asp in Dynamic Datawo ...)
 	NOT-FOR-US: Dynamic Dataworx NuSchool
-CVE-2006-5886
+CVE-2006-5886 (SQL injection vulnerability in propertysdetails.asp in Dynamic Datawor ...)
 	NOT-FOR-US: Dynamic Dataworx NuRealestate (NuRems)
-CVE-2006-5885
+CVE-2006-5885 (SQL injection vulnerability in Products.asp in NuStore 1.0 allows remo ...)
 	NOT-FOR-US: NuStore
-CVE-2006-5884
+CVE-2006-5884 (Multiple unspecified vulnerabilities in DirectAnimation ActiveX contro ...)
 	NOT-FOR-US: DirectAnimation ActiveX controls for Microsoft Internet Explorer
-CVE-2006-5883
+CVE-2006-5883 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow ...)
 	NOT-FOR-US: cPanel 10
-CVE-2006-5882
+CVE-2006-5882 (Stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device ...)
 	NOT-FOR-US: Broadcom BCMWL5.SYS
-CVE-2006-5881
+CVE-2006-5881 (SQL injection vulnerability in cl_CatListing.asp in Dynamic Dataworx N ...)
 	NOT-FOR-US: Dynamic Dataworx NuCommunity
-CVE-2006-5880
+CVE-2006-5880 (SQL injection vulnerability on the subMenu page in switch.asp in Munch ...)
 	NOT-FOR-US: Munch Pro
-CVE-2006-5879
+CVE-2006-5879 (SQL injection vulnerability in default1.asp in ASPPortal 4.0.0 beta an ...)
 	NOT-FOR-US: ASPPortal
-CVE-2006-5878
+CVE-2006-5878 (Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10  ...)
 	{DSA-1209}
 	- trac 0.10.1-1 (bug #397683)
-CVE-2006-5877
+CVE-2006-5877 (The enigmail extension before 0.94.2 does not properly handle large, e ...)
 	- enigmail 2:0.94.2-1 (bug #406604)
-CVE-2006-5876
+CVE-2006-5876 (The soup_headers_parse function in soup-headers.c for libsoup HTTP lib ...)
 	{DSA-1248-1}
 	- libsoup 2.2.98-2 (bug #405197; medium)
-CVE-2006-5875
+CVE-2006-5875 (eoc.py in Enemies of Carlotta (EoC) before 1.2.4 allows remote attacke ...)
 	{DSA-1236-1}
 	- enemies-of-carlotta 1.2.4-1 (medium)
-CVE-2006-5874
+CVE-2006-5874 (Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to ca ...)
 	{DSA-1232-1}
 	- clamav 0.86-1
-CVE-2006-5873
+CVE-2006-5873 (Buffer overflow in the cluster_process_heartbeat function in cluster.c ...)
 	{DSA-1230-1}
 	- l2tpns 2.1.21-1 (medium; bug #401742)
 	NOTE: http://secunia.com/advisories/23230/
-CVE-2006-5872
+CVE-2006-5872 (login.pl in SQL-Ledger before 2.6.21 and LedgerSMB before 1.1.5 allows ...)
 	{DSA-1239-1}
 	- sql-ledger 2.6.21-1
-CVE-2006-5871
+CVE-2006-5871 (smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.3 ...)
 	{DSA-1237 DSA-1233}
 	- linux-2.6 <not-affected> (Current Linux versions already implement intended behaviour)
-CVE-2006-5870
+CVE-2006-5870 (Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier,  ...)
 	{DSA-1246-1}
 	- openoffice.org 2.0.4-1 (medium; bug #405986; bug #405679)
-CVE-2006-5869
+CVE-2006-5869 (pstotext before 1.9 allows user-assisted attackers to execute arbitrar ...)
 	{DSA-1220}
 	- pstotext 1.9-4 (bug #356988; medium)
-CVE-2006-5868
+CVE-2006-5868 (Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 b ...)
 	{DSA-1213}
 	- imagemagick 7:6.2.4.5.dfsg1-0.11
-CVE-2006-5867
+CVE-2006-5867 (fetchmail before 6.3.6-rc4 does not properly enforce TLS and may trans ...)
 	{DSA-1259-1}
 	- fetchmail 6.3.6-1 (low)
-CVE-2006-5866
+CVE-2006-5866 (Directory traversal vulnerability in Mdoc/view-sourcecode.php for phpM ...)
 	NOT-FOR-US: phpManta
-CVE-2006-5865
+CVE-2006-5865 (PHP remote file inclusion vulnerability in language.inc.php in MyAlbum ...)
 	NOT-FOR-US: Script Dowload
-CVE-2006-5863
+CVE-2006-5863 (PHP remote file inclusion vulnerability in inc/session.php for LetterI ...)
 	NOT-FOR-US: LetterIt
-CVE-2006-5862
+CVE-2006-5862 (Directory traversal vulnerability in the session mechanism of the web  ...)
 	NOT-FOR-US: Network Administration Visualized
-CVE-2006-5861
+CVE-2006-5861 (The Independent Management Architecture (IMA) service (ImaSrv.exe) in  ...)
 	NOT-FOR-US: Citrix
-CVE-2006-5860
+CVE-2006-5860 (Cross-site scripting (XSS) vulnerability in the administrator console  ...)
 	NOT-FOR-US: Adobe JRun
-CVE-2006-5859
+CVE-2006-5859 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 7.0  ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2006-5858
+CVE-2006-5858 (Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft ...)
 	NOT-FOR-US: Adobe
-CVE-2006-5857
+CVE-2006-5857 (Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote ...)
 	NOT-FOR-US: Adobe
-CVE-2006-5856
+CVE-2006-5856 (Stack-based buffer overflow in the Adobe Download Manager before 2.2 a ...)
 	NOT-FOR-US: Adobe Download Manager
-CVE-2006-5855
+CVE-2006-5855 (Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5 ...)
 	NOT-FOR-US: Tivoli
-CVE-2006-5854
+CVE-2006-5854 (Multiple buffer overflows in the Spooler service (nwspool.dll) in Nove ...)
 	NOT-FOR-US: Novell Netware
-CVE-2006-5853
+CVE-2006-5853 (Cross-site scripting (XSS) vulnerability in logon.aspx in Immediacy CM ...)
 	NOT-FOR-US: Immediacy CMS
-CVE-2006-5852
+CVE-2006-5852 (Untrusted search path vulnerability in openexec in OpenBase SQL before ...)
 	NOT-FOR-US: OpenBase SQL
-CVE-2006-5851
+CVE-2006-5851 (openexec in OpenBase SQL before 10.0.1 allows local users to create ar ...)
 	NOT-FOR-US: OpenBase SQL
-CVE-2006-5850
+CVE-2006-5850 (Stack-based buffer overflow in Essentia Web Server 2.15 for Windows al ...)
 	NOT-FOR-US: Essentia Web Server
-CVE-2006-5849
+CVE-2006-5849 (PHP remote file inclusion vulnerability in inc/irayofuncs.php in Irayo ...)
 	NOT-FOR-US: IrayoBlog
 CVE-2006-5848
 	REJECTED
-CVE-2006-5847
+CVE-2006-5847 (Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop 2 ...)
 	NOT-FOR-US: FreeWebshop
-CVE-2006-5846
+CVE-2006-5846 (Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 an ...)
 	NOT-FOR-US: FreeWebshop
-CVE-2006-5845
+CVE-2006-5845 (Unrestricted file upload vulnerability in index.php in Speedywiki 2.0  ...)
 	NOT-FOR-US: Speedywiki
-CVE-2006-5844
+CVE-2006-5844 (Speedywiki 2.0 allows remote attackers to obtain the full path of the  ...)
 	NOT-FOR-US: Speedywiki
-CVE-2006-5843
+CVE-2006-5843 (Cross-site scripting (XSS) vulnerability in index.php in Speedywiki 2. ...)
 	NOT-FOR-US: Speedywiki
-CVE-2006-5842
+CVE-2006-5842 (The keystore file in Unicore Client before 5.6 build 5, when running o ...)
 	NOT-FOR-US: Unicore
-CVE-2006-5841
+CVE-2006-5841 (Multiple PHP remote file inclusion vulnerabilities in dodosmail.php in ...)
 	NOT-FOR-US: DodosMail
 CVE-2006-5840
 	NOT-FOR-US: Abarcar Realty Portal
-CVE-2006-5839
+CVE-2006-5839 (PHP remote file inclusion vulnerability in ad_main.php in PHPAdventure ...)
 	NOT-FOR-US: PHPAdventure
-CVE-2006-5838
+CVE-2006-5838 (PHP remote file inclusion vulnerability in lib/class.Database.php in N ...)
 	NOT-FOR-US: NewP News Publication System
-CVE-2006-5837
+CVE-2006-5837 (Static code injection vulnerability in chat_panel.php in the SimpleCha ...)
 	NOT-FOR-US: SimpleChat 1.0.0 module for iWare Professional CMS
-CVE-2006-5836
+CVE-2006-5836 (The fpathconf syscall function in bsd/kern/kern_descrip.c in the Darwi ...)
 	NOT-FOR-US: Darwin kernel (XNU) 8.8.1 in Apple Mac OS X
-CVE-2006-5835
+CVE-2006-5835 (The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Dom ...)
 	NOT-FOR-US: IBM Lotus Notes Domino
-CVE-2006-5834
+CVE-2006-5834 (Directory traversal vulnerability in general.php in OpenSolution Quick ...)
 	NOT-FOR-US: OpenSolution Quick.Cms.Lite
-CVE-2006-5833
+CVE-2006-5833 (gbcms_php_files/up_loader.php GreenBeast CMS 1.3 does not require auth ...)
 	NOT-FOR-US: GreenBeast CMS
-CVE-2006-5832
+CVE-2006-5832 (All In One Control Panel (AIOCP) 1.3.007 and earlier allows remote att ...)
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2006-5831
+CVE-2006-5831 (PHP remote file inclusion vulnerability in admin/code/index.php in All ...)
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2006-5830
+CVE-2006-5830 (Multiple cross-site scripting (XSS) vulnerabilities in All In One Cont ...)
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2006-5829
+CVE-2006-5829 (Multiple SQL injection vulnerabilities in All In One Control Panel (AI ...)
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2006-5828
+CVE-2006-5828 (SQL injection vulnerability in detail.php in DeltaScripts PHP Classifi ...)
 	NOT-FOR-US: PHP Classifieds
-CVE-2006-5827
+CVE-2006-5827 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ph ...)
 	NOT-FOR-US: phpComasy CMS
-CVE-2006-5826
+CVE-2006-5826 (Buffer overflow in Texas Imperial Software WFTPD Pro Server 3.23.1.1 a ...)
 	NOT-FOR-US: Texas Imperial Software WFTPD Pro Server
-CVE-2006-5825
+CVE-2006-5825 (Cross-site scripting (XSS) vulnerability in index.php in Kayako Suppor ...)
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2006-5824
+CVE-2006-5824 (Integer overflow in the ffs_rdextattr function in FreeBSD 6.1 allows l ...)
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
-CVE-2006-5823
+CVE-2006-5823 (The zlib_inflate function in Linux kernel 2.6.x allows local users to  ...)
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1}
 	- linux-2.6 2.6.18.dfsg.1-10 (low)
-CVE-2006-5822
+CVE-2006-5822 (Stack-based buffer overflow in the NetBackup bpcd daemon (bpcd.exe) in ...)
 	NOT-FOR-US: Symantec Veritas NetBackup
-CVE-2006-5821
+CVE-2006-5821 (Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in  ...)
 	NOT-FOR-US: Citrix
-CVE-2006-5820
+CVE-2006-5820 (The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBudd ...)
 	NOT-FOR-US: SuperBuddy ActiveX control
-CVE-2006-5819
+CVE-2006-5819 (Verity Ultraseek before 5.7 allows remote attackers to use the server  ...)
 	NOT-FOR-US: Verity Ultraseek
-CVE-2006-5864
+CVE-2006-5864 (Stack-based buffer overflow in the ps_gettext function in ps.c for GNU ...)
 	{DSA-1243-1 DSA-1214}
 	- gv 1:3.6.2-3 (medium; bug #398292)
 	- evince 0.4.0-3 (medium; bug #400904; bug #400906; bug #402063)
-CVE-2006-5818
+CVE-2006-5818 (Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before 6 ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2006-5817
+CVE-2006-5817 (prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure permis ...)
 	NOT-FOR-US: Parallels
-CVE-2006-5816
+CVE-2006-5816 (Multiple PHP remote file inclusion vulnerabilities in Dmitry Sheiko Bu ...)
 	NOT-FOR-US: Business Card Web Builder
-CVE-2006-5815
+CVE-2006-5815 (Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0  ...)
 	{DSA-1222-1}
 	- proftpd-dfsg 1.3.0-15 (bug #399070; high)
-CVE-2006-5814
+CVE-2006-5814 (Unspecified vulnerability in Novell eDirectory allows remote attackers ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-5813
+CVE-2006-5813 (Unspecified vulnerability in Novell eDirectory 8.8 allows attackers to ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-5812
+CVE-2006-5812 (Unspecified vulnerability in Kerio MailServer allows attackers to caus ...)
 	NOT-FOR-US: Kerio
-CVE-2006-5811
+CVE-2006-5811 (PHP remote file inclusion vulnerability in library/translation.inc.php ...)
 	NOT-FOR-US: OpenEMR
-CVE-2006-5810
+CVE-2006-5810 (Cross-site scripting (XSS) vulnerability in modules/wfdownloads/newlis ...)
 	NOT-FOR-US: XOOPS
-CVE-2006-5809
+CVE-2006-5809 (Multiple unspecified vulnerabilities in Jonathon J. Freeman OvBB befor ...)
 	NOT-FOR-US: OvBB
-CVE-2006-5808
+CVE-2006-5808 (The installation of Cisco Secure Desktop (CSD) before 3.1.1.45 uses in ...)
 	NOT-FOR-US: Cisco
-CVE-2006-5807
+CVE-2006-5807 (Cisco Secure Desktop (CSD) before 3.1.1.45 allows local users to escap ...)
 	NOT-FOR-US: Cisco
-CVE-2006-5806
+CVE-2006-5806 (SSL VPN Client in Cisco Secure Desktop before 3.1.1.45, when configure ...)
 	NOT-FOR-US: Cisco
-CVE-2006-5805
+CVE-2006-5805 (Microsoft Internet Explorer 7 allows remote attackers to cause a secur ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5804
+CVE-2006-5804 (PHP remote file inclusion vulnerability in admin.php in Advanced Guest ...)
 	NOT-FOR-US: Advanced Guestbook
-CVE-2006-5803
+CVE-2006-5803 (PHP remote file inclusion vulnerability in modules/mx_smartor/album.ph ...)
 	NOT-FOR-US: mxBB Smartor Album
-CVE-2006-5802
+CVE-2006-5802 (SQL injection vulnerability in message_details.php in The Web Drivers  ...)
 	NOT-FOR-US: The Web Drivers Simple Forum
-CVE-2006-5801
+CVE-2006-5801 (The owserver module in owfs and owhttpd 2.5p5 and earlier does not pro ...)
 	NOT-FOR-US: owfs
-CVE-2006-5800
+CVE-2006-5800 (Cross-site scripting (XSS) vulnerability in default.asp in xenis.creat ...)
 	NOT-FOR-US: Xenis.creator
-CVE-2006-5799
+CVE-2006-5799 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in  ...)
 	NOT-FOR-US: Xenis.creator
-CVE-2006-5798
+CVE-2006-5798 (SQL injection vulnerability in default.asp in Xenis.creator CMS allows ...)
 	NOT-FOR-US: Xenis.creator
-CVE-2006-5797
+CVE-2006-5797 (Multiple SQL injection vulnerabilities in default.asp in Xenis.creator ...)
 	NOT-FOR-US: Xenis.creator
-CVE-2006-5796
+CVE-2006-5796 (Multiple PHP remote file inclusion vulnerabilities in Soholaunch Pro E ...)
 	NOT-FOR-US: Soholaunch Pro
-CVE-2006-5795
+CVE-2006-5795 (Multiple PHP remote file inclusion vulnerabilities in OpenEMR 2.8.1 an ...)
 	NOT-FOR-US: OpenEMR
-CVE-2006-5794
+CVE-2006-5794 (Unspecified vulnerability in the sshd Privilege Separation Monitor in  ...)
 	- openssh 1:4.3p2-6 (unimportant)
 	NOTE: Not a direct vulnerability
-CVE-2006-5793
+CVE-2006-5793 (The sPLT chunk handling code (png_set_sPLT function in pngset.c) in li ...)
 	- libpng 1.2.13-0 (low; bug #398706)
 	[sarge] - libpng <no-dsa> (Minor issue)
 CVE-2006-XXXX [obexpushd arbitrary command execution]
@@ -3265,105 +3265,105 @@ CVE-2006-XXXX [obexpushd arbitrary command execution]
 CVE-2006-XXXX [motion insecure tempfile creation]
 	- motion 3.2.3-2 (bug #393846; low)
 	[sarge] - motion <no-dsa> (Minor issue)
-CVE-2006-5792
+CVE-2006-5792 (Unspecified vulnerability in XLink Omni-NFS Enterprise allows remote a ...)
 	NOT-FOR-US: XLink Omni-NFS Enterprise
-CVE-2006-5791
+CVE-2006-5791 (Multiple cross-site scripting (XSS) vulnerabilities in elogd.c in ELOG ...)
 	{DSA-1242-1}
 	- elog 2.6.2+r1754-1 (medium; bug #392016)
-CVE-2006-5790
+CVE-2006-5790 (Multiple format string vulnerabilities in elogd.c in ELOG 2.6.2 and ea ...)
 	{DSA-1242-1}
 	- elog 2.6.2+r1754-1 (medium; bug #392016)
-CVE-2006-5789
+CVE-2006-5789 (War FTP Daemon (WarFTPd) 1.82.00-RC11 allows remote authenticated user ...)
 	NOT-FOR-US: WarFTPd
-CVE-2006-5788
+CVE-2006-5788 (PHP remote file inclusion vulnerability in (1) index.php and (2) admin ...)
 	NOT-FOR-US: IPrimal Forums
-CVE-2006-5787
+CVE-2006-5787 (admin/index.php in IPrimal Forums as of 20061105 allows remote attacke ...)
 	NOT-FOR-US: IPrimal Forums
-CVE-2006-5786
+CVE-2006-5786 (Directory traversal vulnerability in class2.php in e107 0.7.5 and earl ...)
 	NOT-FOR-US: e107
-CVE-2006-5785
+CVE-2006-5785 (Unspecified vulnerability in SAP Web Application Server 6.40 before pa ...)
 	NOT-FOR-US: SAP Web Application Server
-CVE-2006-5784
+CVE-2006-5784 (Unspecified vulnerability in enserver.exe in SAP Web Application Serve ...)
 	NOT-FOR-US: SAP Web Application Server
 CVE-2006-5783
 	NOTE: irreproducible firefox issue
-CVE-2006-5782
+CVE-2006-5782 (radexecd.exe in HP OpenView Client Configuraton Manager (CCM) does not ...)
 	NOT-FOR-US: HP OpenView
-CVE-2006-5781
+CVE-2006-5781 (Stack-based buffer overflow in the handshake function in iodine 0.3.2  ...)
 	NOT-FOR-US: iodine
-CVE-2006-5780
+CVE-2006-5780 (Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 a ...)
 	NOT-FOR-US: XLink Omni-NFS
-CVE-2006-5779
+CVE-2006-5779 (OpenLDAP before 2.3.29 allows remote attackers to cause a denial of se ...)
 	- openldap2.2 <removed> (bug #397673)
 	- openldap2.3 2.3.29-1
-CVE-2006-5777
+CVE-2006-5777 (Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to  ...)
 	NOT-FOR-US: Creasito E-Commerce Content Manager
 CVE-2006-5776
 	NOT-FOR-US: Ariadne
-CVE-2006-5775
+CVE-2006-5775 (Cross-site scripting (XSS) vulnerability in profile.php in FunkBoard 0 ...)
 	NOT-FOR-US: FunkBoard
-CVE-2006-5774
+CVE-2006-5774 (Cross-site scripting (XSS) vulnerability in Hyper NIKKI System before  ...)
 	NOT-FOR-US: Hyper NIKKI System
-CVE-2006-5773
+CVE-2006-5773 (Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 an ...)
 	NOT-FOR-US: FreeWebshop
-CVE-2006-5772
+CVE-2006-5772 (Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2 ...)
 	NOT-FOR-US: FreeWebshop
-CVE-2006-5771
+CVE-2006-5771 (Cross-site scripting (XSS) vulnerability in Arkoon SSL360 1.0 and 2.0  ...)
 	NOT-FOR-US: Arkoon SSL360
-CVE-2006-5770
+CVE-2006-5770 (Multiple cross-site scripting (XSS) vulnerabilities in ac4p Mobile all ...)
 	NOT-FOR-US: Mobile
-CVE-2006-5769
+CVE-2006-5769 (Multiple cross-site scripting (XSS) vulnerabilities in admin.tool CMS  ...)
 	NOT-FOR-US: admin.tool CMS
-CVE-2006-5768
+CVE-2006-5768 (Multiple PHP remote file inclusion vulnerabilities in Cyberfolio 2.0 R ...)
 	NOT-FOR-US: Cyberfolio
-CVE-2006-5767
+CVE-2006-5767 (PHP remote file inclusion vulnerability in includes/xhtml.php in Drake ...)
 	NOT-FOR-US: Drake CMS
-CVE-2006-5766
+CVE-2006-5766 (PHP remote file inclusion vulnerability in volume.php in Article Syste ...)
 	NOT-FOR-US: Article System
-CVE-2006-5765
+CVE-2006-5765 (SQL injection vulnerability in rss.php in Article Script 1.6.3 and ear ...)
 	NOT-FOR-US: Article Script
-CVE-2006-5764
+CVE-2006-5764 (PHP remote file inclusion vulnerability in contact.php in Free File Ho ...)
 	NOT-FOR-US: Free File Hosting
-CVE-2006-5763
+CVE-2006-5763 (Multiple PHP remote file inclusion vulnerabilities in Free File Hostin ...)
 	NOT-FOR-US: Free File Hosting
-CVE-2006-5762
+CVE-2006-5762 (PHP remote file inclusion vulnerability in forgot_pass.php in Free Fil ...)
 	NOT-FOR-US: Free File Hosting
-CVE-2006-5761
+CVE-2006-5761 (Cross-site scripting (XSS) vulnerability in index.php in Rhadrix If-CM ...)
 	NOT-FOR-US: Rhadrix If-CMS
-CVE-2006-5760
+CVE-2006-5760 (Multiple PHP remote file inclusion vulnerabilities in phpDynaSite 3.2. ...)
 	NOT-FOR-US: phpDynaSite
-CVE-2006-5759
+CVE-2006-5759 (index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote att ...)
 	NOT-FOR-US: Rhadrix If-CMS
-CVE-2006-5758
+CVE-2006-5758 (The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5757
+CVE-2006-5757 (Race condition in the __find_get_block_slow function in the ISO9660 fi ...)
 	{DSA-1304}
 	- linux-2.6 2.6.18.dfsg.1-10 (low)
 CVE-2006-5756
 	REJECTED
-CVE-2006-5755
+CVE-2006-5755 (Linux kernel before 2.6.18, when running on x86_64 systems, does not p ...)
 	{DSA-1381-2}
 	- linux-2.6 2.6.18.dfsg.1-10
-CVE-2006-5754
+CVE-2006-5754 (The aio_setup_ring function in Linux kernel does not properly initiali ...)
 	{DSA-1304}
 	- linux-2.6 <not-affected> (Fixed before initial upload; 2.6.10)
-CVE-2006-5753
+CVE-2006-5753 (Unspecified vulnerability in the listxattr system call in Linux kernel ...)
 	{DSA-1503-2 DSA-1503-1 DSA-1356-1 DSA-1304}
 	- linux-2.6 2.6.20-1
-CVE-2006-5752
+CVE-2006-5752 (Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_st ...)
 	- apache2 2.2.4-2 (low)
 	[sarge] - apache2 2.0.54-5sarge2
 	[etch] - apache2 2.2.3-4+etch2
 	- apache <removed> (low)
 	[etch] - apache 1.3.34-4.1+etch1
-CVE-2006-5751
+CVE-2006-5751 (Integer overflow in the get_fdb_entries function in net/bridge/br_ioct ...)
 	{DSA-1233}
 	- linux-2.6 2.6.18-8 (medium)
-CVE-2006-5750
+CVE-2006-5750 (Directory traversal vulnerability in the DeploymentFileRepository clas ...)
 	NOT-FOR-US: JBoss
-CVE-2006-5749
+CVE-2006-5749 (The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c ...)
 	- linux-2.6 2.6.18.dfsg.1-10
-CVE-2006-5748
+CVE-2006-5748 (Multiple unspecified vulnerabilities in the JavaScript engine in Mozil ...)
 	{DSA-1227-1 DSA-1225-1 DSA-1224-1}
 	NOTE: MFSA-2006-65
 	- firefox 45.0-1 (high)
@@ -3372,7 +3372,7 @@ CVE-2006-5748
 	- icedove 1.5.0.8-1 (medium)
 	- mozilla <removed> (high)
 	- xulrunner 1.8.0.8-1 (high)
-CVE-2006-5747
+CVE-2006-5747 (Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbi ...)
 	NOTE: MFSA-2006-65
 	- firefox 45.0-1 (high)
 	- firefox-esr 45.0esr-1 (high)
@@ -3385,98 +3385,98 @@ CVE-2006-5747
 	[sarge] - mozilla <not-affected> (Vulnerable code not present)
 	[sarge] - mozilla-firefox <not-affected> (Vulnerable code not present)
 	[sarge] - mozilla-thunderbird <not-affected> (Vulnerable code not present)
-CVE-2006-5746
+CVE-2006-5746 (The console in AirMagnet Enterprise before 7.5 build 6307 does not pro ...)
 	NOT-FOR-US: AirMagnet
-CVE-2006-5745
+CVE-2006-5745 (Unspecified vulnerability in the setRequestHeader method in the XMLHTT ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5744
+CVE-2006-5744 (Multiple SQL injection vulnerabilities in Highwall Enterprise and High ...)
 	NOT-FOR-US: Highwall Enterprise
-CVE-2006-5743
+CVE-2006-5743 (Multiple cross-site scripting (XSS) vulnerabilities in Highwall Enterp ...)
 	NOT-FOR-US: Highwall Enterprise
-CVE-2006-5742
+CVE-2006-5742 (The AirMagnet Enterprise console and Remote Sensor console (Laptop) in ...)
 	NOT-FOR-US: AirMagnet Enterprise
-CVE-2006-5741
+CVE-2006-5741 (Multiple cross-site scripting (XSS) vulnerabilities in AirMagnet Enter ...)
 	NOT-FOR-US: AirMagnet Enterprise
-CVE-2006-5739
+CVE-2006-5739 (PHP remote file inclusion vulnerability in cpadmin/cpa_index.php in Le ...)
 	NOT-FOR-US: communityPortals
-CVE-2006-5738
+CVE-2006-5738 (Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow re ...)
 	NOT-FOR-US: PunBB
-CVE-2006-5737
+CVE-2006-5737 (PunBB uses a predictable cookie_seed value that can be derived from th ...)
 	NOT-FOR-US: PunBB
-CVE-2006-5736
+CVE-2006-5736 (SQL injection vulnerability in search.php in PunBB before 1.2.14, when ...)
 	NOT-FOR-US: PunBB
-CVE-2006-5735
+CVE-2006-5735 (Directory traversal vulnerability in include/common.php in PunBB befor ...)
 	NOT-FOR-US: PunBB
-CVE-2006-5734
+CVE-2006-5734 (Multiple PHP remote file inclusion vulnerabilities in ATutor 1.5.3.2 a ...)
 	NOT-FOR-US: ATutor
-CVE-2006-5733
+CVE-2006-5733 (Directory traversal vulnerability in error.php in PostNuke 0.763 and e ...)
 	NOT-FOR-US: PostNuke
-CVE-2006-5732
+CVE-2006-5732 (SQL injection vulnerability in logout.php in T.G.S. CMS 0.1.7 and earl ...)
 	NOT-FOR-US: T.G.S. CMS
-CVE-2006-5731
+CVE-2006-5731 (Directory traversal vulnerability in classes/index.php in Lithium CMS  ...)
 	NOT-FOR-US: Lithium CMS
-CVE-2006-5730
+CVE-2006-5730 (PHP remote file inclusion vulnerability in manager/media/browser/mcpuk ...)
 	NOT-FOR-US: Modx CMS
-CVE-2006-5729
+CVE-2006-5729 (Yazd Discussion Forum before 3.0 beta does not properly manage forum p ...)
 	NOT-FOR-US: Yazd Discussion Forum
-CVE-2006-5728
+CVE-2006-5728 (XM Easy Personal FTP Server 5.2.1 and earlier allows remote authentica ...)
 	NOT-FOR-US: XM Easy Personal FTP Server
-CVE-2006-5727
+CVE-2006-5727 (PHP remote file inclusion vulnerability in admin/controls/cart.php in  ...)
 	NOT-FOR-US: sazcart
-CVE-2006-5726
+CVE-2006-5726 (alloccgblk in the UFS filesystem in Solaris 10 allows local users to c ...)
 	NOT-FOR-US: Solaris
-CVE-2006-5725
+CVE-2006-5725 (The SSL server in AEP Smartgate 4.3b allows remote attackers to determ ...)
 	NOT-FOR-US: AEP Smartgate
-CVE-2006-5724
+CVE-2006-5724 (Heap-based buffer overflow the "Answering Service" function in ICQ 200 ...)
 	NOT-FOR-US: ICQ
-CVE-2006-5723
+CVE-2006-5723 (SQL injection vulnerability in DataparkSearch Engine 4.42 and earlier  ...)
 	NOT-FOR-US: DataparkSearch Engine
-CVE-2006-5722
+CVE-2006-5722 (Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9  ...)
 	NOT-FOR-US: Segue CMS
-CVE-2006-5721
+CVE-2006-5721 (The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) a ...)
 	NOT-FOR-US: Outpost Firewall PRO
-CVE-2006-5720
+CVE-2006-5720 (SQL injection vulnerability in modules/journal/search.php in the Journ ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-5719
+CVE-2006-5719 (SQL injection vulnerability in libs/sessions.lib.php in BytesFall Expl ...)
 	NOT-FOR-US: BytesFall Explorer (bfExplorer)
-CVE-2006-5718
+CVE-2006-5718 (Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2. ...)
 	- phpmyadmin 4:2.9.0.3-1 (low; bug #396638)
 	[sarge]	- phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-5717
+CVE-2006-5717 (Multiple cross-site scripting (XSS) vulnerabilities in Zend Google Dat ...)
 	NOT-FOR-US: Zend Google Data Client Library (ZendGData)
-CVE-2006-5716
+CVE-2006-5716 (Directory traversal vulnerability in aff_news.php in FreeNews 2.1 allo ...)
 	NOT-FOR-US: FreeNews
-CVE-2006-5715
+CVE-2006-5715 (Easy File Sharing (EFS) Easy Address Book 1.2, when run on an NTFS fil ...)
 	NOT-FOR-US: Easy File Sharing (EFS) Easy Address Book
-CVE-2006-5714
+CVE-2006-5714 (Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file s ...)
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2006-5713
+CVE-2006-5713 (Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) We ...)
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2006-5712
+CVE-2006-5712 (Cross-site scripting (XSS) vulnerability in Mirapoint WebMail allows r ...)
 	NOT-FOR-US: Mirapoint WebMail
-CVE-2006-5711
+CVE-2006-5711 (ECI Telecom B-FOCuS Wireless 802.11b/g ADSL2+ Router allows remote att ...)
 	NOT-FOR-US: ECI Telecom
-CVE-2006-5710
+CVE-2006-5710 (The Airport driver for certain Orinoco based Airport cards in Darwin k ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-5709
+CVE-2006-5709 (Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon ...)
 	NOT-FOR-US: Alt-N Technologies MDaemon
-CVE-2006-5708
+CVE-2006-5708 (Multiple unspecified vulnerabilities in MDaemon and WorldClient in Alt ...)
 	NOT-FOR-US: Alt-N Technologies MDaemon
-CVE-2006-5707
+CVE-2006-5707 (SQL injection vulnerability in index.php in PHPEasyData Pro 1.4.1 and  ...)
 	NOT-FOR-US: PHPEasyData
-CVE-2006-5706
+CVE-2006-5706 (Unspecified vulnerabilities in PHP, probably before 5.2.0, allow local ...)
 	- php5 5.2.0-1 (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: lack of basedir restrictions are not security-relevant by Debian PHP security policy
-CVE-2006-5705
+CVE-2006-5705 (Multiple directory traversal vulnerabilities in plugins/wp-db-backup.p ...)
 	- wordpress 2.0.5-0.1
-CVE-2006-5704
+CVE-2006-5704 (HP NonStop Server G06.29, when running Standard Security T6533G06 befo ...)
 	NOT-FOR-US: HP
-CVE-2006-5703
+CVE-2006-5703 (Cross-site scripting (XSS) vulnerability in tiki-featured_link.php in  ...)
 	- tikiwiki 1.9.6+dfsg-1 (low)
-CVE-2006-5702
+CVE-2006-5702 (Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information ...)
 	- tikiwiki 1.9.6+dfsg-1 (medium)
-CVE-2006-5701
+CVE-2006-5701 (Double free vulnerability in squashfs module in the Linux kernel 2.6.x ...)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- squashfs 1:3.1r2-6.1
 	NOTE: Mounting filesystem partitions should be limited to root
@@ -3518,105 +3518,105 @@ CVE-2006-5683
 	REJECTED
 CVE-2006-5682
 	REJECTED
-CVE-2006-5681
+CVE-2006-5681 (QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Qua ...)
 	NOT-FOR-US: QuickTime on Mac OS X
-CVE-2006-5680
+CVE-2006-5680 (The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and before ...)
 	- libarchive 1.3.1-1 (unimportant)
-CVE-2006-5679
+CVE-2006-5679 (Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows loc ...)
 	- kfreebsd-5 <removed> (medium)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5678
 	NOT-FOR-US: Les Visiteurs
-CVE-2006-5677
+CVE-2006-5677 (resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and  ...)
 	- torque 2.1.6-1
-CVE-2006-5676
+CVE-2006-5676 (SQL injection vulnerability in consult/classement.php in Uni-Vert PhpL ...)
 	NOT-FOR-US: PhpLeague
-CVE-2006-5675
+CVE-2006-5675 (Multiple unspecified vulnerabilities in Pentaho Business Intelligence  ...)
 	NOT-FOR-US: Pentaho Business Intelligence (BI) Suite
-CVE-2006-5674
+CVE-2006-5674 (Multiple PHP remote file inclusion vulnerabilities in miniBB 2.0.2 and ...)
 	NOT-FOR-US: miniBB
-CVE-2006-5673
+CVE-2006-5673 (PHP remote file inclusion vulnerability in bb_func_txt.php in miniBB 2 ...)
 	NOT-FOR-US: miniBB
-CVE-2006-5672
+CVE-2006-5672 (PHP remote file inclusion vulnerability in web/init_mysource.php in My ...)
 	NOT-FOR-US: MySource CMS
-CVE-2006-5671
+CVE-2006-5671 (PHP remote file inclusion vulnerability in contact.php in Free Image H ...)
 	NOT-FOR-US: Free Image Hosting
-CVE-2006-5670
+CVE-2006-5670 (PHP remote file inclusion vulnerability in forgot_pass.php in Free Ima ...)
 	NOT-FOR-US: Free Image Hosting
-CVE-2006-5669
+CVE-2006-5669 (PHP remote file inclusion vulnerability in gestion/savebackup.php in G ...)
 	NOT-FOR-US: Gepi
-CVE-2006-5668
+CVE-2006-5668 (Unspecified vulnerability in Ampache 3.3.2 and earlier, when register_ ...)
 	NOT-FOR-US: Ampache
-CVE-2006-5667
+CVE-2006-5667 (Multiple PHP remote file inclusion vulnerabilities in P-Book 1.17 and  ...)
 	NOT-FOR-US: P-Book
-CVE-2006-5666
+CVE-2006-5666 (SQL injection vulnerability in includes/menu.inc.php in E-Annu 1.0 all ...)
 	NOT-FOR-US: E-Annu
-CVE-2006-5665
+CVE-2006-5665 (PHP remote file inclusion vulnerability in admin/modules_data.php in t ...)
 	NOT-FOR-US: phpBB module Spider Friendly
-CVE-2006-5664
+CVE-2006-5664 (The installation script in IBM Informix Dynamic Server 10.00, Informix ...)
 	NOT-FOR-US: IBM Informix
-CVE-2006-5663
+CVE-2006-5663 (IBM Informix Dynamic Server 10.00, Informix Client Software Developmen ...)
 	NOT-FOR-US: IBM Informix
-CVE-2006-5662
+CVE-2006-5662 (SQL injection vulnerability in easy notesManager (eNM) 0.0.1 allows re ...)
 	NOT-FOR-US: easy notesManager (eNM)
-CVE-2006-5661
+CVE-2006-5661 (Cross-site scripting (XSS) vulnerability in nquser.php in VIRtech Netq ...)
 	NOT-FOR-US: Netquery
-CVE-2006-5660
+CVE-2006-5660 (Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 doe ...)
 	NOT-FOR-US: Cisco
-CVE-2006-5659
+CVE-2006-5659 (PAM_extern before 0.2 sends a password as a command line argument, whi ...)
 	NOT-FOR-US: PAM_extern
-CVE-2006-5658
+CVE-2006-5658 (BlooMooWeb ActiveX control (AidemATL.dll) allows remote attackers to ( ...)
 	NOT-FOR-US: BlooMooWeb ActiveX control
-CVE-2006-5657
+CVE-2006-5657 (Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 h ...)
 	NOT-FOR-US: Vilistextum
-CVE-2006-5656
+CVE-2006-5656 (Memory leak in the push_align function in src/util.c in Vilistextum be ...)
 	NOT-FOR-US: Vilistextum
-CVE-2006-5655
+CVE-2006-5655 (SQL injection vulnerability in index.php in OpenDocMan 1.2p3 allows re ...)
 	NOT-FOR-US: OpenDocMan
-CVE-2006-5654
+CVE-2006-5654 (Unspecified vulnerability in the Network Security Services (NSS) in Su ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2006-5653
+CVE-2006-5653 (Cross-site scripting (XSS) vulnerability in the errorHTML function in  ...)
 	NOT-FOR-US: Sun Java System Messenger Express
-CVE-2006-5652
+CVE-2006-5652 (Cross-site scripting (XSS) vulnerability in Sun iPlanet Messaging Serv ...)
 	NOT-FOR-US: Sun
-CVE-2006-5651
+CVE-2006-5651 (list.php in DigiOz Guestbook before 1.7.1 allows remote attackers to o ...)
 	NOT-FOR-US: DigiOz Guestbook
-CVE-2006-5650
+CVE-2006-5650 (The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ 5. ...)
 	NOT-FOR-US: ICQPhone.SipxPhoneManager
-CVE-2006-5649
+CVE-2006-5649 (Unspecified vulnerability in the "alignment check exception handling"  ...)
 	{DSA-1237 DSA-1233}
 	- linux-2.6 2.6.18-4
-CVE-2006-5648
+CVE-2006-5648 (Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a  ...)
 	- linux-2.6 2.6.18-1 (low)
-CVE-2006-5647
+CVE-2006-5647 (Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for L ...)
 	NOT-FOR-US: Sophos
-CVE-2006-5646
+CVE-2006-5646 (Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security  ...)
 	NOT-FOR-US: Sophos
-CVE-2006-5645
+CVE-2006-5645 (Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for L ...)
 	NOT-FOR-US: Sophos
 CVE-2006-5644
 	RESERVED
-CVE-2006-5643
+CVE-2006-5643 (Cross-site scripting (XSS) vulnerability in search_de.html in foresite ...)
 	NOT-FOR-US: foresite CMS
-CVE-2006-5642
+CVE-2006-5642 (Unspecified vulnerability in NmnLogger 1.0.0 and earlier has unknown i ...)
 	NOT-FOR-US: NmnLogger
-CVE-2006-5641
+CVE-2006-5641 (SQL injection vulnerability in MainAnnounce2.asp in Techno Dreams Anno ...)
 	NOT-FOR-US: Techno Dreams
-CVE-2006-5640
+CVE-2006-5640 (SQL injection vulnerability in guestbookview.asp in Techno Dreams Gues ...)
 	NOT-FOR-US: Techno Dreams
-CVE-2006-5639
+CVE-2006-5639 (Unspecified vulnerability in the random number generator in OpenWBEM ( ...)
 	NOT-FOR-US: OpenWBEM
-CVE-2006-5638
+CVE-2006-5638 (Multiple SQL injection vulnerabilities in cherche.php in PHPMyRing 4.2 ...)
 	NOT-FOR-US: PHPMyRing
-CVE-2006-5637
+CVE-2006-5637 (PHP remote file inclusion vulnerability in faq_reply.php in Faq Admini ...)
 	NOT-FOR-US: Faq Administrator
-CVE-2006-5636
+CVE-2006-5636 (PHP remote file inclusion vulnerability in common.php in Simple Websit ...)
 	NOT-FOR-US: Simple Website Software
-CVE-2006-5635
+CVE-2006-5635 (SQL injection vulnerability in forum/search.asp in Web Wiz Forums allo ...)
 	NOT-FOR-US: Web Wiz Forums
-CVE-2006-5634
+CVE-2006-5634 (Multiple PHP remote file inclusion vulnerabilities in phpProfiles 2.1  ...)
 	NOT-FOR-US: phpProfiles
-CVE-2006-5633
+CVE-2006-5633 (Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers t ...)
 	- firefox 45.0-1 (unimportant)
 	- firefox-esr 45.0esr-1 (unimportant)
 	- iceweasel <removed> (unimportant)
@@ -3625,366 +3625,366 @@ CVE-2006-5633
 	- xulrunner <unfixed> (unimportant)
 	- mozilla-firefox <removed> (unimportant)
 	- mozilla-thunderbird <removed> (unimportant)
-CVE-2006-5632
+CVE-2006-5632 (Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop ...)
 	NOT-FOR-US: iG Shop
-CVE-2006-5631
+CVE-2006-5631 (Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop ...)
 	NOT-FOR-US: iG Shop
-CVE-2006-5630
+CVE-2006-5630 (Hosting Controller 6.1 before Hotfix 3.3 allows remote attackers to (1 ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2006-5629
+CVE-2006-5629 (Multiple SQL injection vulnerabilities in Hosting Controller 6.1 befor ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2006-5628
+CVE-2006-5628 (SQL injection vulnerability in login.asp in UNISOR Content Management  ...)
 	NOT-FOR-US: UNISOR Content Management System (CMS)
-CVE-2006-5627
+CVE-2006-5627 (Multiple PHP remote file inclusion vulnerabilities in QnECMS 2.5.6 and ...)
 	NOT-FOR-US: QnECMS
-CVE-2006-5626
+CVE-2006-5626 (Cross-site scripting (XSS) vulnerability in cms_images/js/htmlarea/htm ...)
 	NOT-FOR-US: phpFaber
-CVE-2006-5625
+CVE-2006-5625 (PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in  ...)
 	NOT-FOR-US: N/X 2002 Professional Edition Web Content Management System (WCMS)
-CVE-2006-5624
+CVE-2006-5624 (Multiple PHP remote file inclusion vulnerabilities in Multi-Page Comme ...)
 	NOT-FOR-US: Multi-Page Comment System (MPCS)
-CVE-2006-5623
+CVE-2006-5623 (PHP remote file inclusion vulnerability in ip.inc.php in Electronic En ...)
 	NOT-FOR-US: Electronic Engineering Tool (EE Tool)
-CVE-2006-5622
+CVE-2006-5622 (SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery  ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2006-5621
+CVE-2006-5621 (PHP remote file inclusion vulnerability in end.php in ask_rave 0.9 PR, ...)
 	NOT-FOR-US: ask_rave
-CVE-2006-5620
+CVE-2006-5620 (PHP remote file inclusion vulnerability in include/menu_builder.php in ...)
 	NOT-FOR-US: MiniBILL
-CVE-2006-5619
+CVE-2006-5619 (The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linu ...)
 	{DSA-1233}
 	- linux-2.6 2.6.18-4 (low)
-CVE-2006-5618
+CVE-2006-5618 (Directory traversal vulnerability in script/cat_for_aff.php in Netref  ...)
 	NOT-FOR-US: Netref
-CVE-2006-5617
+CVE-2006-5617 (Directory traversal vulnerability in index.php in Thepeak File Upload  ...)
 	NOT-FOR-US: Thepeak File Upload Manager
-CVE-2006-5616
+CVE-2006-5616 (Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux ...)
 	NOT-FOR-US: OpenPBS
-CVE-2006-5615
+CVE-2006-5615 (PHP remote file inclusion vulnerability in publish.php in Textpattern  ...)
 	NOT-FOR-US: Textpattern
-CVE-2006-5614
+CVE-2006-5614 (Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP S ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5613
+CVE-2006-5613 (PHP remote file inclusion in Core/core.inc.php in MP3 Streaming DownSa ...)
 	NOT-FOR-US: MP3 Streaming DownSampler (mp3SDS)
-CVE-2006-5612
+CVE-2006-5612 (PHP remote file inclusion vulnerability in aide.php3 (aka aide.php) in ...)
 	NOT-FOR-US: GestArt
-CVE-2006-5611
+CVE-2006-5611 (Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 ha ...)
 	NOT-FOR-US: Toshiba
-CVE-2006-5610
+CVE-2006-5610 (PHP remote file inclusion vulnerability in player/includes/common.php  ...)
 	NOT-FOR-US: Teake Nutma Foing
-CVE-2006-5609
+CVE-2006-5609 (Directory traversal vulnerability in dir.php in TorrentFlux 2.1 allows ...)
 	- torrentflux 2.1-5 (bug #395930; medium)
-CVE-2006-5608
+CVE-2006-5608 (SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before  ...)
 	NOT-FOR-US: Extended Tracker (xtracker) for Drupal
-CVE-2006-5607
+CVE-2006-5607 (Directory traversal vulnerability in /cgi-bin/webcm in INCA IM-204 all ...)
 	NOT-FOR-US: INCA IM-204
-CVE-2006-5606
+CVE-2006-5606 (Multiple SQL injection vulnerabilities in BytesFall Explorer (bfExplor ...)
 	NOT-FOR-US: BytesFall Explorer (bfExplorer)
-CVE-2006-5605
+CVE-2006-5605 (Multiple cross-site scripting (XSS) vulnerabilities in phpcards.footer ...)
 	NOT-FOR-US: phpCards
-CVE-2006-5604
+CVE-2006-5604 (Directory traversal vulnerability in phpcards.header.php in phpCards 1 ...)
 	NOT-FOR-US: phpCards
-CVE-2006-5603
+CVE-2006-5603 (SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.0 ...)
 	NOT-FOR-US: Snitz Forums
-CVE-2006-5600
+CVE-2006-5600 (Axalto Protiva 1.1, possibly only non-commercial versions, stores pass ...)
 	NOT-FOR-US: Axalto Protiva
-CVE-2006-5599
+CVE-2006-5599 (Cross-site scripting (XSS) vulnerability in Oracle Application Express ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5598
+CVE-2006-5598 (Cross-site scripting (XSS) vulnerability in index.php for GOOP Gallery ...)
 	NOT-FOR-US: GOOP Gallery
-CVE-2006-5597
+CVE-2006-5597 (join.asp in MiniHTTP Web Forum &amp; File Server PowerPack 4.0 allows  ...)
 	NOT-FOR-US: MiniHTTP Web Forum
-CVE-2006-5596
+CVE-2006-5596 (Directory traversal vulnerability in the SSL server in AEP Smartgate 4 ...)
 	NOT-FOR-US: AEP Smartgate
-CVE-2006-5595
+CVE-2006-5595 (Unspecified vulnerability in the AirPcap support in Wireshark (formerl ...)
 	- wireshark 0.99.4-1 (bug #396258)
-CVE-2006-5594
+CVE-2006-5594 (PHP remote file inclusion vulnerability in University of British Colum ...)
 	NOT-FOR-US: iPeer
-CVE-2006-5593
+CVE-2006-5593 (Buffer overflow in Desknet's (niokeru) before 5.0J R1.0 might allow re ...)
 	NOT-FOR-US: Desknet's (niokeru)
-CVE-2006-5592
+CVE-2006-5592 (Admin/adpoll.asp in PacPoll 4.0 and earlier allows remote attackers to ...)
 	NOT-FOR-US: PacPoll
-CVE-2006-5591
+CVE-2006-5591 (Multiple SQL injection vulnerabilities in Admin/check.asp in PacPoll 4 ...)
 	NOT-FOR-US: PacPoll
-CVE-2006-5590
+CVE-2006-5590 (PHP remote file inclusion vulnerability in index.php in ArticleBeach S ...)
 	NOT-FOR-US: ArticleBeach Script
-CVE-2006-5589
+CVE-2006-5589 (Multiple SQL injection vulnerabilities in LedgerSMB (LSMB) 1.1.0 and e ...)
 	NOT-FOR-US: LedgerSMB (LSMB)
-CVE-2006-5588
+CVE-2006-5588 (Multiple PHP remote file inclusion vulnerabilities in CMS Faethon 2.0  ...)
 	NOT-FOR-US: CMS Faethon
-CVE-2006-5587
+CVE-2006-5587 (Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and ea ...)
 	NOT-FOR-US: MDweb
-CVE-2006-5586
+CVE-2006-5586 (The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 ...)
 	NOT-FOR-US: Microsoft GDI
-CVE-2006-5585
+CVE-2006-5585 (The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and S ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5584
+CVE-2006-5584 (The Remote Installation Service (RIS) in Microsoft Windows 2000 SP4 us ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5583
+CVE-2006-5583 (Buffer overflow in the SNMP Service in Microsoft Windows 2000 SP4, XP  ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-5582
 	REJECTED
-CVE-2006-5581
+CVE-2006-5581 (Unspecified vulnerability in Microsoft Internet Explorer 6 allows remo ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-5580
 	RESERVED
-CVE-2006-5579
+CVE-2006-5579 (Microsoft Internet Explorer 6 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5578
+CVE-2006-5578 (Microsoft Internet Explorer 6 and earlier allows remote attackers to r ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5577
+CVE-2006-5577 (Microsoft Internet Explorer 6 and earlier allows remote attackers to o ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-5576
 	REJECTED
 CVE-2006-5575
 	REJECTED
-CVE-2006-5574
+CVE-2006-5574 (Unspecified vulnerability in the Brazilian Portuguese Grammar Checker  ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-5573
 	REJECTED
 CVE-2006-5572
 	REJECTED
-CVE-2006-5571
+CVE-2006-5571 (Stack-based buffer overflow in /scripts/cruise/cws.exe in CruiseWorks  ...)
 	NOT-FOR-US: CruiseWorks
-CVE-2006-5570
+CVE-2006-5570 (Directory traversal vulnerability in /scripts/cruise/cws.exe in Cruise ...)
 	NOT-FOR-US: CruiseWorks
-CVE-2006-5569
+CVE-2006-5569 (FtpXQ Server 3.0.1 installs with two default testing accounts, which a ...)
 	NOT-FOR-US: FtpXQ
-CVE-2006-5568
+CVE-2006-5568 (FtpXQ Server 3.0.1 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: FtpXQ
-CVE-2006-5567
+CVE-2006-5567 (Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before 5.3 ...)
 	NOT-FOR-US: WinAmp
-CVE-2006-5566
+CVE-2006-5566 (CRLF injection vulnerability in premium/index.php in Shop-Script allow ...)
 	NOT-FOR-US: Shop-Script
-CVE-2006-5565
+CVE-2006-5565 (CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote att ...)
 	NOT-FOR-US: MAXdev MD-Pro
-CVE-2006-5564
+CVE-2006-5564 (Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro  ...)
 	NOT-FOR-US: MAXdev MD-Pro
-CVE-2006-5563
+CVE-2006-5563 (Unspecified vulnerability in Yahoo! Messenger (Service 18) before 8.1. ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2006-5562
+CVE-2006-5562 (PHP remote file inclusion vulnerability in include/database.php in Sou ...)
 	NOT-FOR-US: SourceForge (gforge is not affected)
-CVE-2006-5561
+CVE-2006-5561 (SQL injection vulnerability in admincp.php in Discuz! GBK 5.0.0 allows ...)
 	NOT-FOR-US: Discuz! GBK
-CVE-2006-5560
+CVE-2006-5560 (Cross-site scripting (XSS) vulnerability in heading.php in Boesch Prog ...)
 	NOT-FOR-US: ProgSys
-CVE-2006-5559
+CVE-2006-5559 (The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control ...)
 	NOT-FOR-US: ADODB.Connection 2.7 ActiveX control
-CVE-2006-5558
+CVE-2006-5558 (Format string vulnerability in the swask command in HP-UX B.11.11 and  ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-5557
+CVE-2006-5557 (Stack-based buffer overflow in the (1) swpackage and (2) swmodify comm ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-5556
+CVE-2006-5556 (Buffer overflow in the localtime_r function, and certain other functio ...)
 	NOT-FOR-US: swask
-CVE-2006-5555
+CVE-2006-5555 (PHP remote file inclusion vulnerability in constantes.inc.php in EPNad ...)
 	NOT-FOR-US: EPNadmin
-CVE-2006-5554
+CVE-2006-5554 (Directory traversal vulnerability in index.php in Imageview 5 allows r ...)
 	NOT-FOR-US: Imageview
-CVE-2006-5553
+CVE-2006-5553 (Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 befo ...)
 	NOT-FOR-US: Cisco
-CVE-2006-5552
+CVE-2006-5552 (Multiple heap-based buffer overflows in RevilloC MailServer 1.21 and e ...)
 	NOT-FOR-US: RevilloC MailServer
-CVE-2006-5551
+CVE-2006-5551 (Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow re ...)
 	NOT-FOR-US: QK SMTP
-CVE-2006-5550
+CVE-2006-5550 (The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause  ...)
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5549
 	NOT-FOR-US: Adobe PHP SDK
-CVE-2006-5548
+CVE-2006-5548 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open T ...)
 	NOT-FOR-US: Open Tibia Server Content Management System
-CVE-2006-5547
+CVE-2006-5547 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open T ...)
 	NOT-FOR-US: Open Tibia Server Content Management System
-CVE-2006-5546
+CVE-2006-5546 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open T ...)
 	NOT-FOR-US: Open Tibia Server Content Management System
-CVE-2006-5545
+CVE-2006-5545 (Premium Antispam in Symantec Mail Security for Domino Server 5.1.x bef ...)
 	NOT-FOR-US: Symantec
-CVE-2006-5544
+CVE-2006-5544 (Visual truncation vulnerability in Microsoft Internet Explorer 7 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5543
+CVE-2006-5543 (PHP remote file inclusion vulnerability in misc/function.php3 in PHP G ...)
 	NOT-FOR-US: PHP Generator of Object SQL Database
-CVE-2006-5542
+CVE-2006-5542 (backend/tcop/postgres.c in PostgreSQL 8.1.x before 8.1.5 allows remote ...)
 	- postgresql-8.1 8.1.5-1 (unimportant)
 	NOTE: All crashes can only be triggered by authenticated users, these are not
 	NOTE: treated as vulnerabilities.
-CVE-2006-5541
+CVE-2006-5541 (backend/parser/parse_coerce.c in PostgreSQL 7.4.1 through 7.4.14, 8.0. ...)
 	- postgresql-7.4 1:7.4.14-1 (unimportant)
 	- postgresql-8.1 8.1.5-1 (unimportant)
 	[sarge] - postgresql <unfixed> (unimportant)
 	NOTE: All crashes can only be triggered by authenticated users, these are not
 	NOTE: treated as vulnerabilities.
-CVE-2006-5540
+CVE-2006-5540 (backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remot ...)
 	- postgresql-8.1 8.1.5-1 (unimportant)
 	NOTE: All crashes can only be triggered by authenticated users, these are not
 	NOTE: treated as vulnerabilities.
-CVE-2006-5539
+CVE-2006-5539 (PHP remote file inclusion vulnerability in login/secure.php in UeberPr ...)
 	NOT-FOR-US: UeberProject Management System
-CVE-2006-5538
+CVE-2006-5538 (D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attac ...)
 	NOT-FOR-US: D-Link
-CVE-2006-5537
+CVE-2006-5537 (Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm i ...)
 	NOT-FOR-US: D-Link
-CVE-2006-5536
+CVE-2006-5536 (Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T ...)
 	NOT-FOR-US: D-Link
-CVE-2006-5535
+CVE-2006-5535 (Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager  ...)
 	NOT-FOR-US: WebHostManager cPanel
-CVE-2006-5534
+CVE-2006-5534 (Multiple cross-site scripting (XSS) vulnerabilities in index.htm in Zw ...)
 	NOT-FOR-US: Zwahlen Online Shop Freeware
-CVE-2006-5533
+CVE-2006-5533 (Multiple PHP remote file inclusion vulnerabilities in AROUNDMe 0.6.9,  ...)
 	NOT-FOR-US: AROUNDMe
-CVE-2006-5532
+CVE-2006-5532 (Cross-site scripting (XSS) vulnerability in rmgs/images.php in RMSOFT  ...)
 	NOT-FOR-US: RMSOFT Gallery System
-CVE-2006-5531
+CVE-2006-5531 (PHP remote file inclusion vulnerability in embedded.php in Ascended Gu ...)
 	NOT-FOR-US: Ascended Guestbook
-CVE-2006-5530
+CVE-2006-5530 (Multiple cross-site scripting (XSS) vulnerabilities in Boesch SimpNews ...)
 	NOT-FOR-US: SimpNews
-CVE-2006-5529
+CVE-2006-5529 (Cross-site scripting (XSS) vulnerability in smumdadotcom_ascyb_alumni/ ...)
 	NOT-FOR-US: SchoolAlumni Portal
-CVE-2006-5528
+CVE-2006-5528 (Directory traversal vulnerability in mod.php in SchoolAlumni Portal 2. ...)
 	NOT-FOR-US: SchoolAlumni Portal
-CVE-2006-5527
+CVE-2006-5527 (PHP remote file inclusion vulnerability in lib.editor.inc.php in Intel ...)
 	NOT-FOR-US: InteliEditor
-CVE-2006-5526
+CVE-2006-5526 (Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foin ...)
 	NOT-FOR-US: Fully Modded phpBB (phpbbfm) / Teake Nutma Foing
-CVE-2006-5525
+CVE-2006-5525 (Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke 7.9 and ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-5524
+CVE-2006-5524 (Cross-site scripting (XSS) vulnerability in index.php in phplist 2.10. ...)
 	NOT-FOR-US: phplist
-CVE-2006-5523
+CVE-2006-5523 (PHP remote file inclusion vulnerability in common.php in EZ-Ticket 0.0 ...)
 	NOT-FOR-US: EZ-Ticket
-CVE-2006-5522
+CVE-2006-5522 (Multiple PHP remote file inclusion vulnerabilities in Johannes Erdfelt ...)
 	NOT-FOR-US: Kawf
-CVE-2006-5521
+CVE-2006-5521 (PHP remote file inclusion vulnerability in DNS/RR.php in Net_DNS 0.03  ...)
 	NOT-FOR-US: Net_DNS
-CVE-2006-5520
+CVE-2006-5520 (PHP remote file inclusion vulnerability in functions.php in DeltaScrip ...)
 	NOT-FOR-US: PHP Classifieds
-CVE-2006-5519
+CVE-2006-5519 (PHP remote file inclusion vulnerability in Savant2/Savant2_Plugin_opti ...)
 	- egroupware <not-affected> (there is no path variable used to include plugin.php)
-CVE-2006-5518
+CVE-2006-5518 (Multiple PHP remote file inclusion vulnerabilities in Christopher Fowl ...)
 	NOT-FOR-US: RSSonate
-CVE-2006-5517
+CVE-2006-5517 (Multiple PHP remote file inclusion vulnerabilities in Rhode Island Ope ...)
 	NOT-FOR-US: Open Meetings Filing Application
-CVE-2006-5516
+CVE-2006-5516 (Multiple cross-site scripting (XSS) vulnerabilities in actions/userset ...)
 	NOT-FOR-US: WikiNi
-CVE-2006-5515
+CVE-2006-5515 (Cross-site scripting (XSS) vulnerability in lib-history.inc.php in php ...)
 	NOT-FOR-US: phpPgAds / phpAdsNew
-CVE-2006-5514
+CVE-2006-5514 (SQL injection vulnerability in quiz.php in Web Group Communication Cen ...)
 	NOT-FOR-US: Web Group Communication
-CVE-2006-5513
+CVE-2006-5513 (SQL injection vulnerability in GeoNetwork opensource before 2.0.3 allo ...)
 	NOT-FOR-US: GeoNetwork opensource
-CVE-2006-5740
+CVE-2006-5740 (Unspecified vulnerability in the LDAP dissector in Wireshark (formerly ...)
 	- wireshark 0.99.4-1 (bug #396258; medium)
-CVE-2006-5602
+CVE-2006-5602 (Multiple memory leaks in xsupplicant before 1.2.6, and possibly other  ...)
 	- xsupplicant 1.2.4.dfsg.1-3 (bug #396204; medium)
-CVE-2006-5601
+CVE-2006-5601 (Stack-based buffer overflow in the eap_do_notify function in eap.c in  ...)
 	- xsupplicant 1.2.4.dfsg.1-3 (bug #396204; medium)
 CVE-2006-XXXX [several possible mysql 5.0 local DoS vulnerabilities]
 	- mysql-dfsg-5.0 5.0.26-1 (low)
-CVE-2006-5512
+CVE-2006-5512 (Cross-site scripting (XSS) vulnerability in article.htm in Zwahlen Onl ...)
 	NOT-FOR-US: Zwahlen Online Shop
-CVE-2006-5511
+CVE-2006-5511 (Direct static code injection vulnerability in delete.php in JaxUltraBB ...)
 	NOT-FOR-US: JaxUltraBB
-CVE-2006-5510
+CVE-2006-5510 (Directory traversal vulnerability in explorer_load_lang.php in PH Pexp ...)
 	NOT-FOR-US: Pexplorer
-CVE-2006-5509
+CVE-2006-5509 (Eval injection vulnerability in addentry.php in WoltLab Burning Book 1 ...)
 	NOT-FOR-US: Burning Book
-CVE-2006-5508
+CVE-2006-5508 (Multiple SQL injection vulnerabilities in addentry.php in WoltLab Burn ...)
 	NOT-FOR-US: Burning Book
-CVE-2006-5507
+CVE-2006-5507 (Multiple PHP remote file inclusion vulnerabilities in Der Dirigent (De ...)
 	NOT-FOR-US: Der Dirigent
-CVE-2006-5506
+CVE-2006-5506 (Multiple PHP remote file inclusion vulnerabilities in WiClear 0.10 all ...)
 	NOT-FOR-US: WiClear
-CVE-2006-5505
+CVE-2006-5505 (Multiple PHP file inclusion vulnerabilities in 2BGal 3.0 allow remote  ...)
 	NOT-FOR-US: 2BGal
-CVE-2006-5504
+CVE-2006-5504 (Cross-site scripting (XSS) vulnerability in index.php in Simple Machin ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2006-5503
+CVE-2006-5503 (Cross-site scripting (XSS) vulnerability in index.php in Simple Machin ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2006-5502
+CVE-2006-5502 (Heap-based buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX contro ...)
 	NOT-FOR-US: AOL Security Edition
-CVE-2006-5501
+CVE-2006-5501 (Buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDo ...)
 	NOT-FOR-US: AOL Security Edition
-CVE-2006-5500
+CVE-2006-5500 (Multiple SQL injection vulnerabilities in the checkUser function in in ...)
 	NOT-FOR-US: XchangeBoard
-CVE-2006-5499
+CVE-2006-5499 (Multiple cross-site scripting (XSS) vulnerabilities in Serendipity (s9 ...)
 	- serendipity 1.0.2-1
-CVE-2006-5498
+CVE-2006-5498 (Directory traversal vulnerability in themes/program/themesettings.inc. ...)
 	NOT-FOR-US: Segue CMS
-CVE-2006-5497
+CVE-2006-5497 (PHP remote file inclusion vulnerability in themes/program/themesetting ...)
 	NOT-FOR-US: Segue CMS
-CVE-2006-5496
+CVE-2006-5496 (Multiple cross-site scripting (XSS) vulnerabilities in Timothy Claason ...)
 	NOT-FOR-US: Timothy Claason KnowledgeBank
-CVE-2006-5495
+CVE-2006-5495 (Multiple PHP remote file inclusion vulnerabilities in Trawler Web CMS  ...)
 	NOT-FOR-US: Trawler Web CMS
-CVE-2006-5494
+CVE-2006-5494 (Multiple PHP remote file inclusion vulnerabilities in modules/My_eGall ...)
 	NOT-FOR-US: pandaBB for PHP-Nuke
-CVE-2006-5493
+CVE-2006-5493 (PHP remote file inclusion vulnerability in template/purpletech/base_in ...)
 	NOT-FOR-US: DigitalHive
-CVE-2006-5492
+CVE-2006-5492 (Unspecified vulnerability in Maerys Archive (Maarch) before 2.0.1 allo ...)
 	NOT-FOR-US: Maarch
-CVE-2006-5491
+CVE-2006-5491 (Multiple SQL injection vulnerabilities in include/index.php in UltraCM ...)
 	NOT-FOR-US: UltraCMS
-CVE-2006-5490
+CVE-2006-5490 (Multiple SQL injection vulnerabilities in Segue Content Management Sys ...)
 	NOT-FOR-US: Segue CMS
-CVE-2006-5489
+CVE-2006-5489 (Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before H ...)
 	NOT-FOR-US: RIM BlackBerry Enterprise Server
-CVE-2006-5488
+CVE-2006-5488 (SQL injection vulnerability in XchangeBoard 1.70, and possibly earlier ...)
 	NOT-FOR-US: XchangeBoard
-CVE-2006-5487
+CVE-2006-5487 (Directory traversal vulnerability in Marshal MailMarshal SMTP 5.x, 6.x ...)
 	NOT-FOR-US: Marshal MailMarshal SMTP
-CVE-2006-5486
+CVE-2006-5486 (Cross-site scripting (XSS) vulnerability in Webmail in Sun Java System ...)
 	NOT-FOR-US: Sun Java System Messaging Server
-CVE-2006-5485
+CVE-2006-5485 (Multiple PHP remote file inclusion vulnerabilities in SpeedBerg 1.2bet ...)
 	NOT-FOR-US: SpeedBerg
-CVE-2006-5484
+CVE-2006-5484 (SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 an ...)
 	NOT-FOR-US: SSH Tectia
-CVE-2006-5483
+CVE-2006-5483 (p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified d ...)
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
-CVE-2006-5482
+CVE-2006-5482 (ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified  ...)
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
-CVE-2006-5481
+CVE-2006-5481 (Multiple PHP remote file inclusion vulnerabilities in 2le.net Castor P ...)
 	NOT-FOR-US: Castor
-CVE-2006-5480
+CVE-2006-5480 (PHP remote file inclusion vulnerability in lib/rs.php in 2le.net Casto ...)
 	NOT-FOR-US: Castor
-CVE-2006-5479
+CVE-2006-5479 (The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote  ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-5478
+CVE-2006-5478 (Multiple stack-based buffer overflows in Novell eDirectory 8.8.x befor ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-5477
+CVE-2006-5477 (Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form submissi ...)
 	- drupal <not-affected> (Our version of drupal is too old)
-CVE-2006-5476
+CVE-2006-5476 (Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before ...)
 	- drupal <not-affected> (Our version of drupal is too old)
-CVE-2006-5475
+CVE-2006-5475 (Multiple cross-site scripting (XSS) vulnerabilities in the XML parser  ...)
 	- drupal <not-affected> (Our version of drupal is too old)
-CVE-2006-5474
+CVE-2006-5474 (The "forgot password" function in OneOrZero Helpdesk before 1.6.5.4 ge ...)
 	NOT-FOR-US: OneOrZero Helpdesk
 CVE-2006-5473
 	NOT-FOR-US: Softerra PHP Developer Library
-CVE-2006-5472
+CVE-2006-5472 (PHP remote file inclusion vulnerability in Softerra PHP Developer Libr ...)
 	NOT-FOR-US: Softerra PHP Developer Library
-CVE-2006-5471
+CVE-2006-5471 (PHP remote file inclusion vulnerability in example/lib/grid3.lib.php i ...)
 	NOT-FOR-US: Softerra PHP Developer Library
 CVE-2006-5470
 	REJECTED
-CVE-2006-5469
+CVE-2006-5469 (Unspecified vulnerability in the WBXML dissector in Wireshark (formerl ...)
 	- wireshark 0.99.4-1 (bug #396258; medium)
-CVE-2006-5468
+CVE-2006-5468 (Unspecified vulnerability in the HTTP dissector in Wireshark (formerly ...)
 	- wireshark 0.99.4-1 (bug #396258; medium)
-CVE-2006-5467
+CVE-2006-5467 (The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a ...)
 	{DSA-1235-1 DSA-1234-1}
 	- ruby1.8 1.8.5-3 (low; bug #398457)
 	- ruby1.9 1.9.0+20070606-1 (low)
 	[etch] - ruby1.9 <no-dsa> (Minor issue)
-CVE-2006-5466
+CVE-2006-5466 (Heap-based buffer overflow in the showQueryPackage function in librpm  ...)
 	- rpm 4.4.1-11 (low; bug #397076)
 	[sarge] - rpm <no-dsa> (You need to trust the RPMs you're installing)
 	NOTE: Only hypothetical, far-fetched attacks feasible
-CVE-2006-5465
+CVE-2006-5465 (Buffer overflow in PHP before 5.2.0 allows remote attackers to execute ...)
 	{DSA-1206-1}
 	- php4 4:4.4.4-4 (high; bug #396764)
 	- php5 5.1.6-6 (high; bug #396766)
-CVE-2006-5464
+CVE-2006-5464 (Multiple unspecified vulnerabilities in the layout engine in Mozilla F ...)
 	{DSA-1227-1 DSA-1225-1 DSA-1224-1}
 	NOTE: MFSA-2006-65
 	- firefox 45.0-1 (low)
@@ -3993,7 +3993,7 @@ CVE-2006-5464
 	- icedove 1.5.0.8-1 (low)
 	- mozilla <removed> (low)
 	- xulrunner 1.8.0.8-1 (low)
-CVE-2006-5463
+CVE-2006-5463 (Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbi ...)
 	{DSA-1227-1 DSA-1225-1 DSA-1224-1}
 	NOTE: MFSA-2006-67
 	- firefox 45.0-1 (high)
@@ -4002,7 +4002,7 @@ CVE-2006-5463
 	- icedove 1.5.0.8-1 (medium)
 	- mozilla <removed> (high)
 	- xulrunner 1.8.0.8-1 (high)
-CVE-2006-5462
+CVE-2006-5462 (Mozilla Network Security Service (NSS) library before 3.11.3, as used  ...)
 	{DSA-1227-1 DSA-1225-1 DSA-1224-1}
 	NOTE: MFSA-2006-66
 	NOTE: this is the similar to CVE-2006-4339, see also CVE-2006-4340
@@ -4013,284 +4013,284 @@ CVE-2006-5462
 	- icedove 1.5.0.8-1 (medium)
 	- mozilla <removed> (high)
 	- xulrunner 1.8.0.8-1 (high)
-CVE-2006-5461
+CVE-2006-5461 (Avahi before 0.6.15 does not verify the sender identity of netlink mes ...)
 	- avahi 0.6.15-1 (low)
 CVE-2006-XXXX [diffmon information leakage]
 	- diffmon 20020222-2.2 (bug #382132)
 CVE-2006-5460
 	NOT-FOR-US: phpht Topsites
-CVE-2006-5459
+CVE-2006-5459 (Multiple PHP remote file inclusion vulnerabilities in Download-Engine  ...)
 	NOT-FOR-US: Download-Engine
-CVE-2006-5458
+CVE-2006-5458 (PHP remote file inclusion vulnerability in common.php in Hinton Design ...)
 	NOT-FOR-US: phpht Topsites
-CVE-2006-5457
+CVE-2006-5457 (Multiple cross-site scripting (XSS) vulnerabilities in the registratio ...)
 	NOT-FOR-US: Casino Script (Masvet)
-CVE-2006-5456
+CVE-2006-5456 (Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagi ...)
 	{DSA-1213}
 	- graphicsmagick 1.1.7-9 (medium)
 	- imagemagick 7:6.2.4.5.dfsg1-0.11 (bug #393025)
-CVE-2006-5455
+CVE-2006-5455 (Cross-site request forgery (CSRF) vulnerability in editversions.cgi in ...)
 	- bugzilla 2.22.1-1 (bug #395094; low)
 	[sarge] - bugzilla <no-dsa> (CSRF infrastructure not present, too intrusive to backport)
-CVE-2006-5454
+CVE-2006-5454 (Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.2 ...)
 	- bugzilla 2.22.1-1 (bug #395094; low)
 	[sarge] - bugzilla <not-affected> (Vulnerable code not present)
-CVE-2006-5453
+CVE-2006-5453 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x ...)
 	{DSA-1208-1}
 	- bugzilla 2.22.1-1 (bug #395094; low)
-CVE-2006-5452
+CVE-2006-5452 (Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX ...)
 	NOT-FOR-US: HP Tru64
-CVE-2006-5451
+CVE-2006-5451 (Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.1 ...)
 	- torrentflux 2.1-5 (bug #395099; low)
-CVE-2006-5450
+CVE-2006-5450 (SQL injection vulnerability in index.asp in Kinesis Interactive Cinema ...)
 	NOT-FOR-US: Kinesis Interactive Cinema System (KICS) CMS
-CVE-2006-5449
+CVE-2006-5449 (procmail in Ingo H3 before 1.1.2 Horde module allows remote authentica ...)
 	{DSA-1204-1}
 	- ingo1 1.1.2-1 (bug #396099)
-CVE-2006-5448
+CVE-2006-5448 (The drmstor.dll ActiveX object in Microsoft Windows Digital Rights Man ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5447
+CVE-2006-5447 (Cross-site scripting (XSS) vulnerability in index.php in DEV Web Manag ...)
 	NOT-FOR-US: DEV Web Management System (WMS)
-CVE-2006-5446
+CVE-2006-5446 (SQL injection vulnerability in lobby/config.php in Casinosoft Casino S ...)
 	NOT-FOR-US: Casinosoft Casino Script (aka Masvet)
-CVE-2006-5445
+CVE-2006-5445 (Unspecified vulnerability in the SIP channel driver (channels/chan_sip ...)
 	- asterisk 1:1.2.13~dfsg-1 (medium; bug #395080)
-CVE-2006-5444
+CVE-2006-5444 (Integer overflow in the get_input function in the Skinny channel drive ...)
 	{DSA-1229-1}
 	- asterisk 1:1.2.13~dfsg-1 (medium; bug #395080; bug #394025)
-CVE-2006-5443
+CVE-2006-5443 (Unspecified vulnerability in XIAO Gang WWW Interactive Mathematics Ser ...)
 	- wims 3.60-1 (bug #395102)
-CVE-2006-5442
+CVE-2006-5442 (ViewVC 1.0.2 and earlier does not specify a charset in its HTTP header ...)
 	- viewvc 1.0.3-1 (medium; bug #397669)
-CVE-2006-5441
+CVE-2006-5441 (PHP remote file inclusion vulnerability in adminfoot.php in Comdev Web ...)
 	NOT-FOR-US: Comdev Web Blogger
-CVE-2006-5440
+CVE-2006-5440 (PHP remote file inclusion vulnerability in adminfoot.php in Comdev For ...)
 	NOT-FOR-US: Comdev Web Blogger
-CVE-2006-5439
+CVE-2006-5439 (PHP remote file inclusion vulnerability in adminfoot.php in Comdev Mis ...)
 	NOT-FOR-US: Comdev Web Blogger
-CVE-2006-5438
+CVE-2006-5438 (PHP remote file inclusion vulnerability in adminfoot.php in Comdev For ...)
 	NOT-FOR-US: Comdev Web Blogger
 CVE-2006-5437
 	NOT-FOR-US: phpAdsNew
-CVE-2006-5436
+CVE-2006-5436 (PHP remote file inclusion vulnerability in index.php in FreeFAQ 1.0.e  ...)
 	NOT-FOR-US: FreeFAQ
 CVE-2006-5435
 	- phpbb2 <not-affected> (not vulnerable)
-CVE-2006-5434
+CVE-2006-5434 (PHP remote file inclusion vulnerability in p-news.php in P-News 1.16 a ...)
 	NOT-FOR-US: P-News
-CVE-2006-5433
+CVE-2006-5433 (PHP remote file inclusion vulnerability in modules/guestbook/index.php ...)
 	NOT-FOR-US: ALiCE-CMS
-CVE-2006-5432
+CVE-2006-5432 (Multiple direct static code injection vulnerabilities in db/txt.inc.ph ...)
 	NOT-FOR-US: phpPowerCards
-CVE-2006-5431
+CVE-2006-5431 (PHP remote file inclusion vulnerability in gorum/dbproperty.php in PHP ...)
 	NOT-FOR-US: PHPOutsourcing Zorum
-CVE-2006-5430
+CVE-2006-5430 (Cross-site scripting (XSS) vulnerability in the search functionality i ...)
 	NOT-FOR-US: db-central (dbc) Enterprise CMS
-CVE-2006-5429
+CVE-2006-5429 (Multiple PHP remote file inclusion vulnerabilities in Barry Nauta BRIM ...)
 	NOT-FOR-US: BRIM
-CVE-2006-5428
+CVE-2006-5428 (rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileg ...)
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2006-5427
+CVE-2006-5427 (PHP remote file inclusion vulnerability in plugins/main.php in Php AMX ...)
 	NOT-FOR-US: Php AMX
-CVE-2006-5426
+CVE-2006-5426 (PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Cal ...)
 	NOT-FOR-US: LoCal Calendar System
-CVE-2006-5425
+CVE-2006-5425 (XORP (eXtensible Open Router Platform) 1.2 and 1.3 allows remote attac ...)
 	NOT-FOR-US: XORP (eXtensible Open Router Platform)
-CVE-2006-5424
+CVE-2006-5424 (Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial vers ...)
 	NOT-FOR-US: Justsystem Ichitaro
-CVE-2006-5423
+CVE-2006-5423 (PHP remote file inclusion vulnerability in admin/admin_module.php in L ...)
 	NOT-FOR-US: Lou Portail
-CVE-2006-5422
+CVE-2006-5422 (PHP remote file inclusion vulnerability in calcul-page.php in Lodel (p ...)
 	NOT-FOR-US: Lodel
-CVE-2006-5421
+CVE-2006-5421 (WSN Forum 1.3.4 and earlier allows remote attackers to execute arbitra ...)
 	NOT-FOR-US: WSN Forum
-CVE-2006-5420
+CVE-2006-5420 (Kerio WinRoute Firewall 6.2.2 and earlier allows remote attackers to c ...)
 	NOT-FOR-US: Kerio WinRoute Firewall
-CVE-2006-5419
+CVE-2006-5419 (PHP remote file inclusion vulnerability in client.php in University of ...)
 	NOT-FOR-US: Specimen Image Database (SID)
-CVE-2006-5418
+CVE-2006-5418 (PHP remote file inclusion vulnerability in archive/archive_topic.php i ...)
 	NOT-FOR-US: pbpbb archive for search engines (SearchIndexer) (aka phpBBSEI) for phpBB
-CVE-2006-5417
+CVE-2006-5417 (McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAf ...)
 	NOT-FOR-US: McAfee
-CVE-2006-5416
+CVE-2006-5416 (Cross-site scripting (XSS) vulnerability in my.acctab.php3 in F5 Netwo ...)
 	NOT-FOR-US: F5
-CVE-2006-5415
+CVE-2006-5415 (PHP remote file inclusion vulnerability in includes/functions_newshr.p ...)
 	NOT-FOR-US: News Defilante Horizontale
-CVE-2006-5414
+CVE-2006-5414 (Barry Nauta BRIM before 1.2.1 allows remote authenticated users to rea ...)
 	NOT-FOR-US: Barry Nauta BRIM
-CVE-2006-5413
+CVE-2006-5413 (Multiple PHP remote file inclusion vulnerabilities in SuperMod 3.0.0 f ...)
 	NOT-FOR-US: SuperMod for YABB (YaBBSM)
-CVE-2006-5412
+CVE-2006-5412 (admin.php in PHP Outburst Easynews 4.4.1 and earlier, when register_gl ...)
 	NOT-FOR-US: PHP Outburst Easynews
-CVE-2006-5411
+CVE-2006-5411 (Unrestricted file upload vulnerability in upload.php for Free Web Publ ...)
 	NOT-FOR-US: Free Web Publishing System (FreeWPS)
-CVE-2006-5410
+CVE-2006-5410 (PHP remote file inclusion vulnerability in templates/tmpl_dfl/scripts/ ...)
 	NOT-FOR-US: BoonEx Dolphin
-CVE-2006-5409
+CVE-2006-5409 (Multiple SQL injection vulnerabilities in the wireless IDS management  ...)
 	NOT-FOR-US: Highwall Enterprise and Highwall Endpoint
-CVE-2006-5408
+CVE-2006-5408 (Multiple cross-site scripting (XSS) vulnerabilities in the wireless ID ...)
 	NOT-FOR-US: Highwall Enterprise and Highwall Endpoint
-CVE-2006-5407
+CVE-2006-5407 (PHP remote file inclusion vulnerability in open_form.php in osTicket a ...)
 	NOT-FOR-US: osTicket
-CVE-2006-5406
+CVE-2006-5406 (Passgo Defender 5.2 creates the application directory with insecure pe ...)
 	NOT-FOR-US: Passgo Defender
-CVE-2006-5405
+CVE-2006-5405 (Unspecified vulnerability in Toshiba Bluetooth wireless device driver  ...)
 	NOT-FOR-US: Toshiba Bluetooth wireless device driver
-CVE-2006-5404
+CVE-2006-5404 (Unspecified vulnerability in an ActiveX control used in Symantec Autom ...)
 	NOT-FOR-US: Symantec
-CVE-2006-5403
+CVE-2006-5403 (Stack-based buffer overflow in an ActiveX control used in Symantec Aut ...)
 	NOT-FOR-US: Symantec
-CVE-2006-5402
+CVE-2006-5402 (Multiple PHP remote file inclusion vulnerabilities in PHPmybibli 3.0.1 ...)
 	NOT-FOR-US: PHPMyBibli
-CVE-2006-5401
+CVE-2006-5401 (PHP remote file inclusion vulnerability in template/barnraiser_01/p_ne ...)
 	NOT-FOR-US: AROUNDMe
-CVE-2006-5400
+CVE-2006-5400 (PHP remote file inclusion vulnerability in forum/track.php in CyberBra ...)
 	NOT-FOR-US: CyberBrau
-CVE-2006-5399
+CVE-2006-5399 (PHP remote file inclusion vulnerability in classes/Import_MM.class.php ...)
 	NOT-FOR-US: PHPRecipeBook
-CVE-2006-5398
+CVE-2006-5398 (SQL injection vulnerability in comments.php in Simplog 0.9.3.1 allows  ...)
 	NOT-FOR-US: Simplog
-CVE-2006-5397
+CVE-2006-5397 (The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 an ...)
 	- libx11 2:1.0.3-3 (low; bug #398460)
-CVE-2006-5396
+CVE-2006-5396 (The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20 ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2006-5395
+CVE-2006-5395 (Buffer overflow in Microsoft Class Package Export Tool (aka clspack.ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5394
+CVE-2006-5394 (The default configuration of Cisco Secure Desktop (CSD) has an uncheck ...)
 	NOT-FOR-US: Cisco
-CVE-2006-5393
+CVE-2006-5393 (Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtSh ...)
 	NOT-FOR-US: Cisco
-CVE-2006-5392
+CVE-2006-5392 (Multiple PHP remote file inclusion vulnerabilities in OpenDock FullCor ...)
 	NOT-FOR-US: OpenDock FullCore
-CVE-2006-5391
+CVE-2006-5391 (Xfire 1.64 and earlier allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Xfire
-CVE-2006-5390
+CVE-2006-5390 (PHP remote file inclusion vulnerability in includes/functions_mod_user ...)
 	NOT-FOR-US: ACP User Registration (MMW) module for phpBB
-CVE-2006-5389
+CVE-2006-5389 (tools/tellhim.php in PHP-Wyana allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: PHP-Wyana
-CVE-2006-5388
+CVE-2006-5388 (SQL injection vulnerability in index.php in WebSPELL 4.01.01 and earli ...)
 	NOT-FOR-US: WebSPELL
-CVE-2006-5387
+CVE-2006-5387 (PHP remote file inclusion vulnerability in mods/iai/includes/constants ...)
 	NOT-FOR-US: PlusXL phpBB module
-CVE-2006-5386
+CVE-2006-5386 (PHP remote file inclusion vulnerability in process.php in NuralStorm W ...)
 	NOT-FOR-US: NuralStorm Webmail
-CVE-2006-5385
+CVE-2006-5385 (PHP remote file inclusion vulnerability in admin/admin_spam.php in the ...)
 	NOT-FOR-US: SpamOborona phpBB module
-CVE-2006-5384
+CVE-2006-5384 (PHP remote file inclusion vulnerability in modification/SendAlertEmail ...)
 	NOT-FOR-US: CDS Agenda
-CVE-2006-5383
+CVE-2006-5383 (SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and earlie ...)
 	NOT-FOR-US: Def-Blog
-CVE-2006-5382
+CVE-2006-5382 (3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlie ...)
 	NOT-FOR-US: 3Com
 CVE-2006-XXXX [unspecified steam cache vulnerability]
 	- steam <not-affected> (affects the old steam environment for corporate knowledge management package shipped in lenny and before, not the new Valve steam package)
-CVE-2006-5381
+CVE-2006-5381 (Contenido CMS stores sensitive data under the web root with insufficie ...)
 	NOT-FOR-US: Contenido CMS
 CVE-2006-5380
 	NOT-FOR-US: Contenido CMS
-CVE-2006-5379
+CVE-2006-5379 (The accelerated rendering functionality of NVIDIA Binary Graphics Driv ...)
 	- nvidia-graphics-drivers 1.0.8776-1 (bug #393573)
 	[sarge] - nvidia-graphics-drivers <not-affected> (1.0.7174 not affected)
 	NOTE: see http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
-CVE-2006-5378
+CVE-2006-5378 (Unspecified vulnerability in JD Edwards HTML Server in JD Edwards Ente ...)
 	NOT-FOR-US: EnterpriseOne
-CVE-2006-5377
+CVE-2006-5377 (Unspecified vulnerability in PeopleSoft component in Oracle PeopleSoft ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2006-5376
+CVE-2006-5376 (Multiple unspecified vulnerabilities in PeopleTools component in Oracl ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2006-5375
+CVE-2006-5375 (Multiple unspecified vulnerabilities in PeopleTools component in Oracl ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2006-5374
+CVE-2006-5374 (Unspecified vulnerability in Oracle Pharmaceutical Applications 4.5.1  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5373
+CVE-2006-5373 (Unspecified vulnerability in Oracle Install Base component in Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5372
+CVE-2006-5372 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.1 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5371
+CVE-2006-5371 (Unspecified vulnerability in Oracle Email Center component in Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5370
+CVE-2006-5370 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.1 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5369
+CVE-2006-5369 (Unspecified vulnerability in Oracle Application Object Library in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5368
+CVE-2006-5368 (Unspecified vulnerability in Oracle Exchange component in Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5367
+CVE-2006-5367 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.7 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5366
+CVE-2006-5366 (Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5365
+CVE-2006-5365 (Unspecified vulnerability in Oracle Forms in Oracle Application Server ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5364
+CVE-2006-5364 (Unspecified vulnerability in Oracle Containers for J2EE component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5363
+CVE-2006-5363 (Unspecified vulnerability in Oracle Single Sign-On component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5362
+CVE-2006-5362 (Unspecified vulnerability in Oracle Containers for J2EE component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5361
+CVE-2006-5361 (Unspecified vulnerability in Oracle Containers for J2EE in Oracle Appl ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5360
+CVE-2006-5360 (Unspecified vulnerability in Oracle Forms component in Oracle Applicat ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5359
+CVE-2006-5359 (Multiple unspecified vulnerabilities in Oracle Reports Developer compo ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5358
+CVE-2006-5358 (Unspecified vulnerability in Oracle Forms component in Oracle Applicat ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5357
+CVE-2006-5357 (Unspecified vulnerability in Oracle HTTP Server component in Oracle Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5356
+CVE-2006-5356 (Unspecified vulnerability in Oracle Containers for J2EE component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5355
+CVE-2006-5355 (Unspecified vulnerability in Oracle Single Sign-On component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5354
+CVE-2006-5354 (Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and 10.1.0.5,  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5353
+CVE-2006-5353 (Unspecified vulnerability in Oracle HTTP Server component in Oracle Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5352
+CVE-2006-5352 (Multiple unspecified vulnerabilities in Oracle Application Express 1.5 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5351
+CVE-2006-5351 (Multiple unspecified vulnerabilities in Oracle Application Express (fo ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5350
+CVE-2006-5350 (Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5349
+CVE-2006-5349 (Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, when running  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5348
+CVE-2006-5348 (Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, Oracle Collab ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5347
+CVE-2006-5347 (Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle Col ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5346
+CVE-2006-5346 (Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, as used in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5345
+CVE-2006-5345 (Unspecified vulnerability in Oracle Spatial component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5344
+CVE-2006-5344 (Multiple unspecified vulnerabilities in Oracle Spatial component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5343
+CVE-2006-5343 (Unspecified vulnerability in Database Scheduler component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5342
+CVE-2006-5342 (Unspecified vulnerability in Oracle Spatial component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5341
+CVE-2006-5341 (Multiple unspecified vulnerabilities in XMLDB component in Oracle Data ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5340
+CVE-2006-5340 (Multiple unspecified vulnerabilities in Oracle Spatial component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5339
+CVE-2006-5339 (Unspecified vulnerability in Oracle Spatial component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5338
+CVE-2006-5338 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5337
+CVE-2006-5337 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5336
+CVE-2006-5336 (Multiple unspecified vulnerabilities in the Change Data Capture (CDC)  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5335
+CVE-2006-5335 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 1 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5334
+CVE-2006-5334 (Unspecified vulnerability in Oracle Spatial component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5333
+CVE-2006-5333 (Unspecified vulnerability in Oracle Spatial component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5332
+CVE-2006-5332 (Unspecified vulnerability in xdb.dbms_xdbz in the XMLDB component for  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-5331
+CVE-2006-5331 (The altivec_unavailable_exception function in arch/powerpc/kernel/trap ...)
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: Fixed by: https://git.kernel.org/linus/6c4841c2b6c32a134f9f36e5e08857138cc12b10 (2.6.19-rc3)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=213229
-CVE-2006-5330
+CVE-2006-5330 (CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and e ...)
 	- flashplugin-nonfree 9.0.31.0.1 (bug #402822; medium)
 	NOTE: It is not clear if this is already fix in 9.0.21.78.X (previous version)
 	NOTE: or not but it's fix in 9.0.31.0.1 for sure.
@@ -4298,748 +4298,748 @@ CVE-2006-5330
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported, only installer package)
 CVE-2006-5329
 	REJECTED
-CVE-2006-5328
+CVE-2006-5328 (OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earl ...)
 	NOT-FOR-US: OpenBase SQL
-CVE-2006-5327
+CVE-2006-5327 (Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier,  ...)
 	NOT-FOR-US: OpenBase SQL
-CVE-2006-5326
+CVE-2006-5326 (PHP remote file inclusion vulnerability in language/lang/lang_contact_ ...)
 	NOT-FOR-US: Prillian French module for phpBB
-CVE-2006-5325
+CVE-2006-5325 (Multiple PHP remote file inclusion vulnerabilities in Dimitri Seitz Se ...)
 	NOT-FOR-US: dwingmods for phpBB
-CVE-2006-5324
+CVE-2006-5324 (The Web Services Notification (WSN) security component of IBM WebSpher ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-5323
+CVE-2006-5323 (Unspecified vulnerability in IBM WebSphere Application Server before 6 ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-5322
+CVE-2006-5322 (Multiple SQL injection vulnerabilities in phplist before 2.10.3 allow  ...)
 	NOT-FOR-US: phplist
-CVE-2006-5321
+CVE-2006-5321 (Multiple cross-site scripting (XSS) vulnerabilities in phplist before  ...)
 	NOT-FOR-US: phplist
-CVE-2006-5320
+CVE-2006-5320 (Directory traversal vulnerability in getimg.php in Album Photo Sans No ...)
 	NOT-FOR-US: Album Photo Sans Nom
-CVE-2006-5319
+CVE-2006-5319 (Directory traversal vulnerability in redir.php in Foafgen 0.3 allows r ...)
 	NOT-FOR-US: Foafgen
-CVE-2006-5318
+CVE-2006-5318 (PHP remote file inclusion vulnerability in index.php in Nayco JASmine  ...)
 	NOT-FOR-US: Nayco JASmine
-CVE-2006-5317
+CVE-2006-5317 (PHP remote file inclusion vulnerability in index.php in eboli allows r ...)
 	NOT-FOR-US: eboli
-CVE-2006-5316
+CVE-2006-5316 (registroTL stores sensitive information under the web root with insuff ...)
 	NOT-FOR-US: registroTL
-CVE-2006-5315
+CVE-2006-5315 (PHP remote file inclusion vulnerability in main.php in registroTL allo ...)
 	NOT-FOR-US: registroTL
-CVE-2006-5314
+CVE-2006-5314 (PHP remote file inclusion vulnerability in ftag.php in TribunaLibre 3. ...)
 	NOT-FOR-US: TribunaLibre
-CVE-2006-5313
+CVE-2006-5313 (Hastymail 1.5 and earlier before 20061008 allows remote authenticated  ...)
 	- hastymail <removed>
-CVE-2006-5312
+CVE-2006-5312 (PHP remote file inclusion vulnerability in shoutbox.php in the Ajax Sh ...)
 	NOT-FOR-US: Ajax Shoutbox
-CVE-2006-5311
+CVE-2006-5311 (PHP remote file inclusion vulnerability in includes/archive/archive_to ...)
 	NOT-FOR-US: Buzlas
-CVE-2006-5310
+CVE-2006-5310 (PHP remote file inclusion vulnerability in common/visiteurs/include/me ...)
 	NOT-FOR-US: phpMyConferences
-CVE-2006-5309
+CVE-2006-5309 (PHP remote file inclusion vulnerability in language/lang_french/lang_p ...)
 	NOT-FOR-US: Prillian French module for phpBB
-CVE-2006-5308
+CVE-2006-5308 (Multiple PHP remote file inclusion vulnerabilities in Open Conference  ...)
 	NOT-FOR-US: Open Conference Systems
-CVE-2006-5307
+CVE-2006-5307 (Multiple PHP remote file inclusion vulnerabilities in AFGB GUESTBOOK 2 ...)
 	NOT-FOR-US: AFGB GUESTBOOK
-CVE-2006-5306
+CVE-2006-5306 (Multiple PHP remote file inclusion vulnerabilities in the Journals Sys ...)
 	NOT-FOR-US: Journals System module for phpBB
-CVE-2006-5305
+CVE-2006-5305 (PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr  ...)
 	NOT-FOR-US: lat2cyr
-CVE-2006-5304
+CVE-2006-5304 (PHP remote file inclusion vulnerability in inc/settings.php in IncCMS  ...)
 	NOT-FOR-US: IncCMS Core
-CVE-2006-5303
+CVE-2006-5303 (Secure Computing SafeWord RemoteAccess 2.1 allows local users to obtai ...)
 	NOT-FOR-US: Secure Computing SafeWord RemoteAccess
-CVE-2006-5302
+CVE-2006-5302 (Multiple PHP remote file inclusion vulnerabilities in Redaction System ...)
 	NOT-FOR-US: Redaction System
-CVE-2006-5301
+CVE-2006-5301 (PHP remote file inclusion vulnerability in includes/antispam.php in th ...)
 	NOT-FOR-US: SpamBlockerMODv module for phpBB
-CVE-2006-5300
+CVE-2006-5300 (Unspecified vulnerability in HP Version Control Agent before 2.1.5 all ...)
 	NOT-FOR-US: HP
-CVE-2006-5299
+CVE-2006-5299 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Gc ...)
 	NOT-FOR-US: Gcontact
-CVE-2006-5298
+CVE-2006-5298 (The mutt_adv_mktemp function in the Mutt mail client 1.5.12 and earlie ...)
 	- mutt 1.5.13-1.1 (bug #396104; low)
 	[sarge] - mutt <no-dsa> (Minor issue, tmp dirs on NFS cause problems in many scenarios)
-CVE-2006-5297
+CVE-2006-5297 (Race condition in the safe_open function in the Mutt mail client 1.5.1 ...)
 	- mutt 1.5.13-1.1 (bug #396104; low)
 	[sarge] - mutt <no-dsa> (Minor issue, tmp dirs on NFS cause problems in many scenarios)
-CVE-2006-5296
+CVE-2006-5296 (PowerPoint in Microsoft Office 2003 does not properly handle a contain ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5294
+CVE-2006-5294 (Cross-site scripting (XSS) vulnerability in index.php in phplist befor ...)
 	NOT-FOR-US: phplist
-CVE-2006-5293
+CVE-2006-5293 (Cross-site scripting (XSS) vulnerability in index.php in PhpOutsourcin ...)
 	NOT-FOR-US: PhpOutsourcing Noah's Classifieds
-CVE-2006-5292
+CVE-2006-5292 (PHP remote file inclusion vulnerability in photo_comment.php in Exhibi ...)
 	NOT-FOR-US: Exhibit Engine
-CVE-2006-5291
+CVE-2006-5291 (PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_co ...)
 	NOT-FOR-US: Download-Engine
-CVE-2006-5290
+CVE-2006-5290 (The ESS/ Network Controller and MicroServer Web Server components of X ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2006-5289
+CVE-2006-5289 (Multiple PHP remote file inclusion vulnerabilities in Vtiger CRM 4.2 a ...)
 	NOT-FOR-US: Vtiger CRM
-CVE-2006-5288
+CVE-2006-5288 (Cisco 2700 Series Wireless Location Appliances before 2.1.34.0 have a  ...)
 	NOT-FOR-US: Cisco
-CVE-2006-5287
+CVE-2006-5287 (Multiple SQL injection vulnerabilities in sign.php in Xeobook 0.93 all ...)
 	NOT-FOR-US: Xeobook
-CVE-2006-5286
+CVE-2006-5286 (Unspecified vulnerability in IKE.NLM in Novell BorderManager 3.8 allow ...)
 	NOT-FOR-US: Novell BorderManager
-CVE-2006-5285
+CVE-2006-5285 (SQL injection vulnerability in index.php in XeoPort 0.81, and possibly ...)
 	NOT-FOR-US: XeoPort
-CVE-2006-5284
+CVE-2006-5284 (PHP remote file inclusion vulnerability in auth/phpbb.inc.php in Shen  ...)
 	NOT-FOR-US: PHP News Reader (aka pnews)
-CVE-2006-5283
+CVE-2006-5283 (PHP remote file inclusion vulnerability in ftag.php in Minichat 6.0 al ...)
 	NOT-FOR-US: Minichat
-CVE-2006-5282
+CVE-2006-5282 (Multiple PHP remote file inclusion vulnerabilities in SH-News 3.1 and  ...)
 	NOT-FOR-US: SH-News
-CVE-2006-5281
+CVE-2006-5281 (PHP remote file inclusion vulnerability in naboard_pnr.php in n@board  ...)
 	NOT-FOR-US: n@board
-CVE-2006-5280
+CVE-2006-5280 (PHP remote file inclusion vulnerability in includes/import-archive.php ...)
 	NOT-FOR-US: communityPortals
 CVE-2006-5279
 	RESERVED
-CVE-2006-5278
+CVE-2006-5278 (Integer overflow in the Real-Time Information Server (RIS) Data Collec ...)
 	NOT-FOR-US: Cisco
-CVE-2006-5277
+CVE-2006-5277 (Off-by-one error in the Certificate Trust List (CTL) Provider service  ...)
 	NOT-FOR-US: Cisco
-CVE-2006-5276
+CVE-2006-5276 (Stack-based buffer overflow in the DCE/RPC preprocessor in Snort befor ...)
 	- snort <not-affected> (snort versions 2.3.x do not contain the DCE RPC preprocessor)
 CVE-2006-5275
 	RESERVED
-CVE-2006-5274
+CVE-2006-5274 (Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, Pro ...)
 	NOT-FOR-US: McAfee
-CVE-2006-5273
+CVE-2006-5273 (Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through  ...)
 	NOT-FOR-US: McAfee
-CVE-2006-5272
+CVE-2006-5272 (Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through ...)
 	NOT-FOR-US: McAfee
-CVE-2006-5271
+CVE-2006-5271 (Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, Pr ...)
 	NOT-FOR-US: McAfee
-CVE-2006-5270
+CVE-2006-5270 (Integer overflow in the Microsoft Malware Protection Engine (mpengine. ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5269
+CVE-2006-5269 (Heap-based buffer overflow in an unspecified procedure in Trend Micro  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2006-5268
+CVE-2006-5268 (Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 al ...)
 	NOT-FOR-US: Trend Micro
 CVE-2006-5267
 	RESERVED
-CVE-2006-5266
+CVE-2006-5266 (Multiple buffer overflows in Microsoft Dynamics GP (formerly Great Pla ...)
 	NOT-FOR-US: Microsoft issue
-CVE-2006-5265
+CVE-2006-5265 (Unspecified vulnerability in Microsoft Dynamics GP (formerly Great Pla ...)
 	NOT-FOR-US: Microsoft issue
-CVE-2006-5264
+CVE-2006-5264 (Cross-site scripting (XSS) vulnerability in sql.php in MysqlDumper 1.2 ...)
 	NOT-FOR-US: MysqlDumper
-CVE-2006-5263
+CVE-2006-5263 (Directory traversal vulnerability in templates/header.php3 in phpMyAge ...)
 	NOT-FOR-US: phpMyAgenda
-CVE-2006-5262
+CVE-2006-5262 (CRLF injection vulnerability in lib/session.php in Hastymail 1.5 and e ...)
 	- hastymail <removed>
-CVE-2006-5261
+CVE-2006-5261 (Multiple PHP remote file inclusion vulnerabilities in PHPMyNews 1.4 an ...)
 	NOT-FOR-US: PHPMyNews
-CVE-2006-5260
+CVE-2006-5260 (PHP remote file inclusion vulnerability in compteur.php in Compteur 2  ...)
 	NOT-FOR-US: Compteur 2
-CVE-2006-5259
+CVE-2006-5259 (PHP remote file inclusion vulnerability in param_editor.php in Compteu ...)
 	NOT-FOR-US: Compteur 2
-CVE-2006-5258
+CVE-2006-5258 (The spell checking component of (1) Asbru Web Content Management befor ...)
 	NOT-FOR-US: Asbru Web Content Management
-CVE-2006-5257
+CVE-2006-5257 (PHP remote file inclusion vulnerability in modules/forum/include/confi ...)
 	NOT-FOR-US: Ciamos Content Management System
-CVE-2006-5256
+CVE-2006-5256 (PHP remote file inclusion vulnerability in claroline/inc/lib/import.li ...)
 	NOT-FOR-US: Claroline
 CVE-2006-5255
 	NOT-FOR-US: gCards
-CVE-2006-5254
+CVE-2006-5254 (PHP remote file inclusion vulnerability in registration_detailed.inc.p ...)
 	NOT-FOR-US: Detailed User Registration (com_registration_detailed), aka regdetailed
-CVE-2006-5253
+CVE-2006-5253 (PHP remote file inclusion vulnerability in strload.php in Dayana Netwo ...)
 	NOT-FOR-US: phpOnline (aka PHP-Online)
-CVE-2006-5252
+CVE-2006-5252 (PHP remote file inclusion vulnerability in includes/core.lib.php in We ...)
 	NOT-FOR-US: Webmedia Explorer
-CVE-2006-5251
+CVE-2006-5251 (PHP remote file inclusion vulnerability in index.php in Deep CMS 2.0a  ...)
 	NOT-FOR-US: Deep CMS
-CVE-2006-5250
+CVE-2006-5250 (PHP remote file inclusion vulnerability in lib/googlesearch/GoogleSear ...)
 	NOT-FOR-US: BlueShoes
-CVE-2006-5249
+CVE-2006-5249 (PHP remote file inclusion vulnerability in tagmin/delTagUser.php in Ta ...)
 	NOT-FOR-US: TagIt! Tagboard
-CVE-2006-5248
+CVE-2006-5248 (Eazy Cart stores sensitive information under the web root with insuffi ...)
 	NOT-FOR-US: Eazy Cart
-CVE-2006-5247
+CVE-2006-5247 (Multiple cross-site scripting (XSS) vulnerabilities in Eazy Cart allow ...)
 	NOT-FOR-US: Eazy Cart
-CVE-2006-5246
+CVE-2006-5246 (Eazy Cart allows remote attackers to change prices and other critical  ...)
 	NOT-FOR-US: Eazy Cart
-CVE-2006-5245
+CVE-2006-5245 (Eazy Cart allows remote attackers to bypass authentication and gain ad ...)
 	NOT-FOR-US: Eazy Cart
-CVE-2006-5244
+CVE-2006-5244 (Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Bl ...)
 	NOT-FOR-US: Easy Blog
-CVE-2006-5243
+CVE-2006-5243 (Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Do ...)
 	NOT-FOR-US: Easy Blog
-CVE-2006-5242
+CVE-2006-5242 (SQL injection vulnerability in Etomite Content Management System (CMS) ...)
 	NOT-FOR-US: Etomite Content Management System
-CVE-2006-5241
+CVE-2006-5241 (Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Ga ...)
 	NOT-FOR-US: Easy Gallery
-CVE-2006-5240
+CVE-2006-5240 (PHP remote file inclusion vulnerability in engine/require.php in Docmi ...)
 	NOT-FOR-US: Docmint
-CVE-2006-5239
+CVE-2006-5239 (Multiple cross-site scripting (XSS) vulnerabilities in eXpBlog 0.3.5 a ...)
 	NOT-FOR-US: eXpBlog
-CVE-2006-5238
+CVE-2006-5238 (Unspecified vulnerability in the file upload module in Blue Smiley Org ...)
 	NOT-FOR-US: Blue Smiley Organizer
-CVE-2006-5237
+CVE-2006-5237 (SQL injection vulnerability in Blue Smiley Organizer before 4.46 allow ...)
 	NOT-FOR-US: Blue Smiley Organizer
-CVE-2006-5236
+CVE-2006-5236 (SQL injection vulnerability in search.php in 4images 1.7.x allows remo ...)
 	NOT-FOR-US: 4images
-CVE-2006-5235
+CVE-2006-5235 (PHP remote file inclusion vulnerability in includes/functions_kb.php i ...)
 	NOT-FOR-US: Dimension of phpBB
 CVE-2006-5234
 	NOT-FOR-US: phpWebSite
-CVE-2006-5233
+CVE-2006-5233 (Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware version 1.4.1.0 ...)
 	NOT-FOR-US: Polycom SoundPoint IP 301 VoIP Desktop Phone
 CVE-2006-5232
 	NOT-FOR-US: iSearch
-CVE-2006-5231
+CVE-2006-5231 (Grandstream GXP-2000 VoIP Desktop Phone, firmware version 1.1.0.5, all ...)
 	NOT-FOR-US: Grandstream GXP-2000 VoIP Desktop Phone
-CVE-2006-5230
+CVE-2006-5230 (PHP remote file inclusion vulnerability in forum.php in FreeForum 0.9. ...)
 	NOT-FOR-US: FreeForum
-CVE-2006-5295
+CVE-2006-5295 (Unspecified vulnerability in ClamAV before 0.88.5 allows remote attack ...)
 	{DSA-1196-1}
 	- clamav 0.88.5-1 (high; bug #393445)
-CVE-2006-5229
+CVE-2006-5229 (OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and v ...)
 	NOTE: This issues depends on the stack of selected authentication modules, while
 	NOTE: some are resilient against such timing attacks, some aren't
 	NOTE: This is inside responsibility of an admin
-CVE-2006-5228
+CVE-2006-5228 (Multiple SQL injection vulnerabilities in the Google Gadget login.php  ...)
 	NOT-FOR-US: ackerTodo
-CVE-2006-5227
+CVE-2006-5227 (Cross-site scripting (XSS) vulnerability in admin.php in TorrentFlux 2 ...)
 	- torrentflux 2.1-4 (bug #392501; low)
-CVE-2006-5226
+CVE-2006-5226 (PHP remote file inclusion vulnerability in moteur/moteur.php in Prolog ...)
 	NOT-FOR-US: Freenews
-CVE-2006-5225
+CVE-2006-5225 (Multiple SQL injection vulnerabilities in AAIportal before 1.4.0 allow ...)
 	NOT-FOR-US: AAIportal
-CVE-2006-5224
+CVE-2006-5224 (PHP remote file inclusion vulnerability in includes/logger_engine.php  ...)
 	NOT-FOR-US: Security Suite IP Logger in dwingmods for phpBB
-CVE-2006-5223
+CVE-2006-5223 (PHP remote file inclusion vulnerability in includes/functions_user_vie ...)
 	NOT-FOR-US: User Viewed Posts Tracker module for phpBB
-CVE-2006-5222
+CVE-2006-5222 (Multiple PHP remote file inclusion vulnerabilities in Dimension of php ...)
 	NOT-FOR-US: Dimension of phpBB
-CVE-2006-5221
+CVE-2006-5221 (Multiple SQL injection vulnerabilities in Cahier de texte 2.0 allow re ...)
 	NOT-FOR-US: Cahier de textes
-CVE-2006-5220
+CVE-2006-5220 (Multiple PHP remote file inclusion vulnerabilities in WebYep 1.1.9, wh ...)
 	NOT-FOR-US: WebYep
-CVE-2006-5219
+CVE-2006-5219 (SQL injection vulnerability in blog/index.php in the blog module in Mo ...)
 	- moodle 1.6.2+20060930-1 (medium; bug #390294)
 	[sarge] - moodle <not-affected> (Vulnerable code not present)
-CVE-2006-5218
+CVE-2006-5218 (Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in  ...)
 	NOT-FOR-US: systrace in OpenBSD and NetBSD
-CVE-2006-5217
+CVE-2006-5217 (SQL injection vulnerability in giris_yap.asp in Emek Portal 2.1 allows ...)
 	NOT-FOR-US: Emek Portal
-CVE-2006-5216
+CVE-2006-5216 (Stack-based buffer overflow in Sergey Lyubka Simple HTTPD (shttpd) 1.3 ...)
 	NOT-FOR-US: Simple HTTPD
-CVE-2006-5215
+CVE-2006-5215 (The Xsession script, as used by X Display Manager (xdm) in NetBSD befo ...)
 	- xdm 1:1.0.5-1 (low)
 	[sarge] - xfree86 <no-dsa> (Minor issue)
 	NOTE: probably fixed earlier than 1:1.0.5
-CVE-2006-5214
+CVE-2006-5214 (Race condition in the Xsession script, as used by X Display Manager (x ...)
 	- xdm 1:1.0.5-1 (low)
 	- xorg 1:7.1.0-13 (low)
 	[sarge] - xfree86 <no-dsa> (Minor issue)
 	NOTE: probably fixed earlier than 1:1.0.5
-CVE-2006-5213
+CVE-2006-5213 (Sun Solaris 10 before 20061006 uses "incorrect and insufficient permis ...)
 	NOT-FOR-US: Solaris
-CVE-2006-5212
+CVE-2006-5212 (Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for  ...)
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2006-5211
+CVE-2006-5211 (Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for  ...)
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2006-5210
+CVE-2006-5210 (Directory traversal vulnerability in IronWebMail before 6.1.1 HotFix-1 ...)
 	NOT-FOR-US: IronWebMail
-CVE-2006-5209
+CVE-2006-5209 (PHP remote file inclusion vulnerability in admin/admin_topic_action_lo ...)
 	NOT-FOR-US: Admin Topic Action Logging Mod for phpBB
-CVE-2006-5208
+CVE-2006-5208 (Multiple SQL injection vulnerabilities in PHP Classifieds 7.1 allow re ...)
 	NOT-FOR-US: PHP Classifieds
-CVE-2006-5207
+CVE-2006-5207 (PHP remote file inclusion vulnerability in images/smileys/smileys_pack ...)
 	NOT-FOR-US: phpMyTeam
-CVE-2006-5206
+CVE-2006-5206 (SQL injection vulnerability in Invision Gallery 2.0.7 allows remote at ...)
 	NOT-FOR-US: Invision Gallery
-CVE-2006-5205
+CVE-2006-5205 (Directory traversal vulnerability in Invision Gallery 2.0.7 allows rem ...)
 	NOT-FOR-US: Invision Gallery
-CVE-2006-5204
+CVE-2006-5204 (Cross-site scripting (XSS) vulnerability in action_admin/member.php in ...)
 	NOT-FOR-US: Invision Power Board (IPB)
-CVE-2006-5203
+CVE-2006-5203 (Invision Power Board (IPB) 2.1.7 and earlier allows remote restricted  ...)
 	NOT-FOR-US: Invision Power Board (IPB)
-CVE-2006-5202
+CVE-2006-5202 (Linksys WRT54g firmware 1.00.9 does not require credentials when makin ...)
 	NOT-FOR-US: Linksys
-CVE-2006-5201
+CVE-2006-5201 (Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and  ...)
 	- sun-java5 1.5.0-10-1 (bug #393042)
 	NOTE: this is similar to CVE-2006-4339
-CVE-2006-5200
+CVE-2006-5200 (Unspecified vulnerability in Adobe Breeze 5 Licensed Server and Breeze ...)
 	NOT-FOR-US: Adobe
-CVE-2006-5199
+CVE-2006-5199 (Adobe Contribute Publishing Server leaks the administrator password in ...)
 	NOT-FOR-US: Adobe
-CVE-2006-5198
+CVE-2006-5198 (The WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "File ...)
 	NOT-FOR-US: WinZip
-CVE-2006-5197
+CVE-2006-5197 (PDshopPro stores sensitive information under the web root with insuffi ...)
 	NOT-FOR-US: PDshopPro
-CVE-2006-5196
+CVE-2006-5196 (The HTTP interface in the Motorola SURFboard SB4200 Cable Modem allows ...)
 	NOT-FOR-US: Motorola SURFboard
-CVE-2006-5195
+CVE-2006-5195 (Multiple cross-site scripting (XSS) vulnerabilities in Wheatblog 1.0 a ...)
 	NOT-FOR-US: Wheatblog
-CVE-2006-5194
+CVE-2006-5194 (Cross-site scripting (XSS) vulnerability in index.php in net2ftp 0.93  ...)
 	NOT-FOR-US: net2ftp
-CVE-2006-5193
+CVE-2006-5193 (PHP remote file inclusion vulnerability in index.php in Josh Schmidt W ...)
 	NOT-FOR-US: WikyBlog
-CVE-2006-5192
+CVE-2006-5192 (PHP remote file inclusion vulnerability in includes/footer.php in phpG ...)
 	NOT-FOR-US: phpGreetz
-CVE-2006-5191
+CVE-2006-5191 (PHP remote file inclusion vulnerability in includes/functions_static_t ...)
 	NOT-FOR-US: Nivisec Static Topics module for phpBB
-CVE-2006-5190
+CVE-2006-5190 (Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 2.2  ...)
 	NOT-FOR-US: osCommerce
-CVE-2006-5189
+CVE-2006-5189 (PHP remote file inclusion vulnerability in funzioni/lib/show_hlp.php i ...)
 	NOT-FOR-US: klinza professional cms
-CVE-2006-5188
+CVE-2006-5188 (Directory traversal vulnerability in download.php in webGENEius GOOP G ...)
 	NOT-FOR-US: webGENEius GOOP Gallery
-CVE-2006-5187
+CVE-2006-5187 (PHP remote file inclusion vulnerability in includes/functions.php in B ...)
 	NOT-FOR-US: Bulletin Board Ace (BBaCE)
-CVE-2006-5186
+CVE-2006-5186 (PHP remote file inclusion vulnerability in functions.php in phpMyProfi ...)
 	NOT-FOR-US: phpMyProfiler
-CVE-2006-5185
+CVE-2006-5185 (Eval injection vulnerability in Template.php in HAMweather 3.9.8.4 and ...)
 	NOT-FOR-US: HAMweather
-CVE-2006-5184
+CVE-2006-5184 (SQL injection vulnerability in PKR Internet Taskjitsu before 2.0.6 all ...)
 	NOT-FOR-US: PKR Internet Taskjitsu
-CVE-2006-5183
+CVE-2006-5183 (Multiple PHP remote file inclusion vulnerabilities in Dayfox Designs D ...)
 	NOT-FOR-US: Dayfox Blog
-CVE-2006-5182
+CVE-2006-5182 (PHP remote file inclusion vulnerability in frontpage.php in Dan Jensen ...)
 	NOT-FOR-US: Travelsized CMS
-CVE-2006-5181
+CVE-2006-5181 (Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim ph ...)
 	NOT-FOR-US: phpMyWebmin
-CVE-2006-5180
+CVE-2006-5180 (PHP remote file inclusion vulnerability in include/main.inc.php in Seb ...)
 	NOT-FOR-US: Newswriter SW
-CVE-2006-5179
+CVE-2006-5179 (Intoto iGateway VPN and iGateway SSL-VPN allow context-dependent attac ...)
 	NOT-FOR-US: Intoto iGateway
-CVE-2006-5178
+CVE-2006-5178 (Race condition in the symlink function in PHP 5.1.6 and earlier allows ...)
 	- php5 5.2.0-1 (bug #391281; unimportant)
 	- php4 4:4.4.4-1 (bug #391282; unimportant)
 	NOTE: open_basedir is not supported
-CVE-2006-5177
+CVE-2006-5177 (The NTLM authentication in MailEnable Professional 2.0 and Enterprise  ...)
 	NOT-FOR-US: MailEnable Professional
-CVE-2006-5176
+CVE-2006-5176 (Buffer overflow in NTLM authentication in MailEnable Professional 2.0  ...)
 	NOT-FOR-US: MailEnable Professional
-CVE-2006-5175
+CVE-2006-5175 (Cross-site request forgery (CSRF) vulnerability in the administrative  ...)
 	NOT-FOR-US: TeraStation HD-HTGL
-CVE-2006-5174
+CVE-2006-5174 (The copy_from_user function in the uaccess code in Linux kernel 2.6 be ...)
 	{DSA-1237 DSA-1233}
 	- linux-2.6 2.6.18-5
 	NOTE: s390 only, fix in 2.6.18-3 was reverted in 2.6.18-4
-CVE-2006-5173
+CVE-2006-5173 (Linux kernel does not properly save or restore EFLAGS during a context ...)
 	- linux-2.6 2.6.18-1
-CVE-2006-5172
+CVE-2006-5172 (Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Co ...)
 	NOT-FOR-US: Computer Associates (CA) Brightstor
-CVE-2006-5171
+CVE-2006-5171 (Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Co ...)
 	NOT-FOR-US: Computer Associates (CA) Brightstor
-CVE-2006-5170
+CVE-2006-5170 (pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and  ...)
 	{DSA-1203-1}
 	- libpam-ldap 180-1.2 (bug #392984; medium)
-CVE-2006-5169
+CVE-2006-5169 (Cross-site scripting (XSS) vulnerability in John Himmelman (aka DaRk2k ...)
 	NOT-FOR-US: PowerPortal
-CVE-2006-5168
+CVE-2006-5168 (Cross-site scripting (XSS) vulnerability in the search functionality i ...)
 	NOT-FOR-US: Pebble
 CVE-2006-XXXX [zabbix format string vulnerabilities]
 	- zabbix 1:1.1.2-4 (bug #391388)
 CVE-2006-XXXX [zabbix buffer overflows]
 	- zabbix 1:1.1.2-4 (bug #391388)
-CVE-2006-5167
+CVE-2006-5167 (Multiple PHP remote file inclusion vulnerabilities in BasiliX 1.1.1 an ...)
 	NOT-FOR-US: BasiliX
-CVE-2006-5166
+CVE-2006-5166 (PHP remote file inclusion vulnerability in functions.php in PHP Web Sc ...)
 	NOT-FOR-US: PHP Web Scripts Easy Banner Free
-CVE-2006-5165
+CVE-2006-5165 (PHP remote file inclusion vulnerability in inc/functions.inc.php in Sk ...)
 	NOT-FOR-US: Skrypty PPA Gallery
-CVE-2006-5164
+CVE-2006-5164 (Multiple cross-site scripting (XSS) vulnerabilities in cart.php in Sum ...)
 	NOT-FOR-US: digiSHOP
-CVE-2006-5163
+CVE-2006-5163 (IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly oth ...)
 	NOT-FOR-US: IBM
-CVE-2006-5162
+CVE-2006-5162 (wininet.dll in Microsoft Internet Explorer 6.0 SP2 and earlier allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5161
+CVE-2006-5161 (IBM Client Security Password Manager stores and distributes saved pass ...)
 	NOT-FOR-US: IBM
 CVE-2006-5160
 	- firefox <not-affected> (no real issues)
 CVE-2006-5159
 	NOT-FOR-US: Bogus Firefox issue
-CVE-2006-5158
+CVE-2006-5158 (The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel be ...)
 	- linux-2.6 2.6.15
-CVE-2006-5157
+CVE-2006-5157 (Format string vulnerability in the ActiveX control (ATXCONSOLE.OCX) in ...)
 	NOT-FOR-US: TrendMicro OfficeScan
-CVE-2006-5156
+CVE-2006-5156 (Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and Pr ...)
 	NOT-FOR-US: McAfee
-CVE-2006-5155
+CVE-2006-5155 (PHP remote file inclusion vulnerability in core/pdf.php in VideoDB 2.2 ...)
 	NOT-FOR-US: VideoDB
-CVE-2006-5154
+CVE-2006-5154 (PHP remote file inclusion vulnerability in cp/sig.php in DeluxeBB 1.09 ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-5153
+CVE-2006-5153 (The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal  ...)
 	NOT-FOR-US: Kerio Personal Firewall
-CVE-2006-5152
+CVE-2006-5152 (Cross-site scripting (XSS) vulnerability in Microsoft Internet Explore ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-5151
+CVE-2006-5151 (Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for  ...)
 	NOT-FOR-US: HP
-CVE-2006-5150
+CVE-2006-5150 (SQL injection vulnerability in the reports system in OpenBiblio before ...)
 	NOT-FOR-US: OpenBiblio
-CVE-2006-5149
+CVE-2006-5149 (Multiple directory traversal vulnerabilities in OpenBiblio before 0.5. ...)
 	NOT-FOR-US: OpenBiblio
-CVE-2006-5148
+CVE-2006-5148 (Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b a ...)
 	NOT-FOR-US: Forum82
-CVE-2006-5147
+CVE-2006-5147 (PHP remote file inclusion vulnerability in wamp_dir/setup/yesno.phtml  ...)
 	NOT-FOR-US: VAMP Webmail
-CVE-2006-5146
+CVE-2006-5146 (Multiple cross-site scripting (XSS) vulnerabilities in Yblog allow rem ...)
 	NOT-FOR-US: Yblog
-CVE-2006-5145
+CVE-2006-5145 (Multiple SQL injection vulnerabilities in OlateDownload 3.4.0 allow re ...)
 	NOT-FOR-US: OlateDownload
-CVE-2006-5144
+CVE-2006-5144 (Cross-site scripting (XSS) vulnerability in userupload.php in OlateDow ...)
 	NOT-FOR-US: OlateDownload
-CVE-2006-5143
+CVE-2006-5143 (Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 a ...)
 	NOT-FOR-US: Backup Agent RPC Server
-CVE-2006-5142
+CVE-2006-5142 (Stack-based buffer overflow in CA BrightStor ARCserve Backup R11.5 cli ...)
 	NOT-FOR-US: CA BrightStor ARCserver Backup
-CVE-2006-5141
+CVE-2006-5141 (PHP remote file inclusion vulnerability in script.php in Kevin A. Gord ...)
 	NOT-FOR-US: Open Geo Targeting (aka geotarget)
-CVE-2006-5140
+CVE-2006-5140 (SQL injection vulnerability in display.php in Lappy512 PHP Krazy Image ...)
 	NOT-FOR-US: Image Host Script (phpkimagehost)
-CVE-2006-5139
+CVE-2006-5139 (Unspecified vulnerability in MkPortal allows remote attackers to corru ...)
 	NOT-FOR-US: MkPortal
-CVE-2006-5138
+CVE-2006-5138 (Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: Groupee UBB.threads
-CVE-2006-5137
+CVE-2006-5137 (Multiple direct static code injection vulnerabilities in Groupee UBB.t ...)
 	NOT-FOR-US: Groupee UBB.threads
-CVE-2006-5136
+CVE-2006-5136 (Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in  ...)
 	NOT-FOR-US: Groupee UBB.threads
-CVE-2006-5135
+CVE-2006-5135 (Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow r ...)
 	NOT-FOR-US: A-Blog
-CVE-2006-5134
+CVE-2006-5134 (Mercury SiteScope 8.2 (8.1.2.0) allows remote authenticated users to c ...)
 	NOT-FOR-US: Mercury SiteScope
-CVE-2006-5133
+CVE-2006-5133 (Buffer overflow in GuildFTPd 0.999.13 allows remote attackers to have  ...)
 	NOT-FOR-US: GuildFTPd
-CVE-2006-5132
+CVE-2006-5132 (Multiple PHP remote file inclusion vulnerabilities in phpMyAgenda 3.0  ...)
 	NOT-FOR-US: phpMyAgenda
-CVE-2006-5131
+CVE-2006-5131 (module/shout/jafshout.php (aka the shoutbox) in ph03y3nk just another  ...)
 	NOT-FOR-US: just another flat file (JAF) CMS
-CVE-2006-5130
+CVE-2006-5130 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just a ...)
 	NOT-FOR-US: ust another flat file (JAF) CMS
-CVE-2006-5129
+CVE-2006-5129 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just a ...)
 	NOT-FOR-US: ust another flat file (JAF) CMS
-CVE-2006-5128
+CVE-2006-5128 (SQL injection vulnerability in index.php in Bartels Schoene ConPresso  ...)
 	NOT-FOR-US: ConPresso
-CVE-2006-5127
+CVE-2006-5127 (Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ...)
 	NOT-FOR-US: ConPresso
-CVE-2006-5126
+CVE-2006-5126 (PHP remote file inclusion vulnerability in index.php in John Himmelman ...)
 	NOT-FOR-US: PowerPortal
-CVE-2006-5125
+CVE-2006-5125 (Directory traversal vulnerability in window.php, possibly used by home ...)
 	NOT-FOR-US: phpMyWebmin
-CVE-2006-5124
+CVE-2006-5124 (Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim ph ...)
 	NOT-FOR-US: phpMyWebmin
-CVE-2006-5123
+CVE-2006-5123 (Multiple PHP remote file inclusion vulnerabilities in Albrecht Guenthe ...)
 	NOT-FOR-US: PHProjekt
-CVE-2006-5122
+CVE-2006-5122 (Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteSco ...)
 	NOT-FOR-US: SiteScope
-CVE-2006-5121
+CVE-2006-5121 (SQL injection vulnerability in modules/Downloads/admin.php in the Admi ...)
 	NOT-FOR-US: PostNuke
-CVE-2006-5120
+CVE-2006-5120 (Multiple cross-site scripting (XSS) vulnerabilities in Scott Metoyer R ...)
 	NOT-FOR-US: Red Mombin
-CVE-2006-5119
+CVE-2006-5119 (Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart 1.3.5  ...)
 	NOT-FOR-US: Zen Cart
-CVE-2006-5118
+CVE-2006-5118 (PHP remote file inclusion vulnerability in index.php3 in the PDD packa ...)
 	NOT-FOR-US: PHPSelect Web Development Division
-CVE-2006-5117
+CVE-2006-5117 (phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web do ...)
 	- phpmyadmin 4:2.9.0.2-0.1 (bug #391090; unimportant)
 	NOTE: Only path disclosure
-CVE-2006-5116
+CVE-2006-5116 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdm ...)
 	{DSA-1207-1}
 	- phpmyadmin 4:2.9.0.2-0.1 (bug #391090; bug #400553; low)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-5115
+CVE-2006-5115 (Directory traversal vulnerability in kgcall.php in KGB 1.87 allows rem ...)
 	NOT-FOR-US: KGB
-CVE-2006-5114
+CVE-2006-5114 (Multiple cross-site scripting (XSS) vulnerabilities in wgate in SAP In ...)
 	NOT-FOR-US: SAP
-CVE-2006-5113
+CVE-2006-5113 (Directory traversal vulnerability in common.php in Yuuki Yoshizawa Exp ...)
 	NOT-FOR-US: Exporia
-CVE-2006-5112
+CVE-2006-5112 (Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows remote ...)
 	NOT-FOR-US: NaviCOPA Web Server
-CVE-2006-5111
+CVE-2006-5111 (The libksba library 0.9.12 and possibly other versions, as used by gpg ...)
 	- libksba 0.9.14-1 (low; bug #391278)
 	[sarge] - libksba <no-dsa> (Minor issue)
-CVE-2006-5110
+CVE-2006-5110 (Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice 2. ...)
 	NOT-FOR-US: PHP Invoice
-CVE-2006-5109
+CVE-2006-5109 (Devellion CubeCart 2.0.x allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: CubeCart
-CVE-2006-5108
+CVE-2006-5108 (Multiple cross-site scripting (XSS) vulnerabilities in Devellion CubeC ...)
 	NOT-FOR-US: CubeCart
-CVE-2006-5107
+CVE-2006-5107 (Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x all ...)
 	NOT-FOR-US: CubeCart
-CVE-2006-5106
+CVE-2006-5106 (Cross-site scripting (XSS) vulnerability in FacileForms before 1.4.7 f ...)
 	NOT-FOR-US: FacileForms for Mambo and Joomla!
-CVE-2006-5105
+CVE-2006-5105 (Multiple PHP remote file inclusion vulnerabilities in SyntaxCMS 1.1.1  ...)
 	NOT-FOR-US: SyntaxCMS
-CVE-2006-5104
+CVE-2006-5104 (SQL injection vulnerability in global.php in Jelsoft vBulletin 2.x all ...)
 	NOT-FOR-US: vBulletin
-CVE-2006-5103
+CVE-2006-5103 (PHP remote file inclusion vulnerability in admin/index2.php in bbsNew  ...)
 	NOT-FOR-US: bbsNew
-CVE-2006-5102
+CVE-2006-5102 (PHP remote file inclusion vulnerability in include/editfunc.inc.php in ...)
 	NOT-FOR-US: Newswriter SW
-CVE-2006-5101
+CVE-2006-5101 (PHP remote file inclusion vulnerability in include.php in Comdev CSV I ...)
 	NOT-FOR-US: Comdev CSV Importer
-CVE-2006-5100
+CVE-2006-5100 (PHP remote file inclusion vulnerability in parse/parser.php in WEB//NE ...)
 	NOT-FOR-US: WEB//NEWS (aka webnews)
-CVE-2006-5099
+CVE-2006-5099 (lib/exec/fetch.php in DokuWiki before 2006-03-09e, when conf[imconvert ...)
 	- dokuwiki 0.0.20060309-5.2 (bug #391291; medium)
-CVE-2006-5098
+CVE-2006-5098 (lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote attack ...)
 	- dokuwiki 0.0.20060309-5.2 (bug #391291; medium)
 CVE-2006-5097
 	NOT-FOR-US: net2ftp
-CVE-2006-5096
+CVE-2006-5096 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Vi ...)
 	NOT-FOR-US: VirtueMart
 CVE-2006-5095
 	NOT-FOR-US: MyPhotos
-CVE-2006-5094
+CVE-2006-5094 (PHP remote file inclusion vulnerability in includes/functions_kb.php i ...)
 	NOT-FOR-US: phpBB XS
-CVE-2006-5093
+CVE-2006-5093 (PHP remote file inclusion vulnerability in index.php in Tagmin Control ...)
 	NOT-FOR-US: TagIt! Tagboard
-CVE-2006-5092
+CVE-2006-5092 (PHP remote file inclusion vulnerability in navigation/menu.php in A-Bl ...)
 	NOT-FOR-US: A-Blog
-CVE-2006-5091
+CVE-2006-5091 (Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Sa ...)
 	NOT-FOR-US: HP-UX Samba
-CVE-2006-5090
+CVE-2006-5090 (Multiple cross-site scripting (XSS) vulnerabilities in Phoenix Evoluti ...)
 	NOT-FOR-US: Phoenix Evolution CMS (PECMS)
 CVE-2006-5089
 	NOT-FOR-US: My-BIC
-CVE-2006-5088
+CVE-2006-5088 (PHP remote file inclusion vulnerability in connected_users.lib.php3 in ...)
 	NOT-FOR-US: phpMyChat
-CVE-2006-5087
+CVE-2006-5087 (Multiple PHP remote file inclusion vulnerabilities in evoBB 0.3 and ea ...)
 	NOT-FOR-US: evoBB
-CVE-2006-5086
+CVE-2006-5086 (Blog Pixel Motion 2.1.1 allows remote attackers to change the username ...)
 	NOT-FOR-US: Blog Pixel Motion
-CVE-2006-5085
+CVE-2006-5085 (Static code injection vulnerability in config.php in Blog Pixel Motion ...)
 	NOT-FOR-US: Blog Pixel Motion
-CVE-2006-5084
+CVE-2006-5084 (Format string vulnerability in the NSRunAlertPanel function in eBay Sk ...)
 	NOT-FOR-US: Skype
-CVE-2006-5083
+CVE-2006-5083 (PHP remote file inclusion vulnerability in includes/functions_portal.p ...)
 	NOT-FOR-US: Integrated MODs (IM) Portal
-CVE-2006-5082
+CVE-2006-5082 (Unspecified vulnerability in Sugar Suite Open Source (SugarCRM) before ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2006-5081
+CVE-2006-5081 (PHP remote file inclusion vulnerability in acc.php in QuickBlogger (QB ...)
 	NOT-FOR-US: QuickBlogger
-CVE-2006-5080
+CVE-2006-5080 (Cross-site scripting (XSS) vulnerability in the search function in Six ...)
 	NOT-FOR-US: Movable Type
-CVE-2006-5079
+CVE-2006-5079 (PHP remote file inclusion vulnerability in class.mysql.php in Matt Hum ...)
 	NOT-FOR-US: paBugs
-CVE-2006-5078
+CVE-2006-5078 (PHP remote file inclusion vulnerability in view/general.php in Kristia ...)
 	NOT-FOR-US: Polaring
-CVE-2006-5077
+CVE-2006-5077 (PHP remote file inclusion vulnerability in admin/admin_topic_action_lo ...)
 	NOT-FOR-US: Minerva
-CVE-2006-5076
+CVE-2006-5076 (Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back ...)
 	NOT-FOR-US: OpenConcept Back-End
-CVE-2006-5075
+CVE-2006-5075 (The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 1 ...)
 	NOT-FOR-US: Solaris
-CVE-2006-5074
+CVE-2006-5074 (Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice 2. ...)
 	NOT-FOR-US: PHP Invoice
-CVE-2006-5073
+CVE-2006-5073 (Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote att ...)
 	NOT-FOR-US: Solaris
-CVE-2006-5072
+CVE-2006-5072 (The System.CodeDom.Compiler classes in Novell Mono create temporary fi ...)
 	- mono 1.1.17.1-5
-CVE-2006-5071
+CVE-2006-5071 (Multiple cross-site scripting (XSS) vulnerabilities in eyeOS before 0. ...)
 	NOT-FOR-US: eyeOS
-CVE-2006-5070
+CVE-2006-5070 (PHP remote file inclusion vulnerability in fsl2/objects/fs_form_links. ...)
 	NOT-FOR-US: faceStones Personal
-CVE-2006-5069
+CVE-2006-5069 (Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php ...)
 	- typo3-src <not-affected> (only versions 4.0.0+4.0.1 affected)
-CVE-2006-5068
+CVE-2006-5068 (PHP remote file inclusion vulnerability in admin/index.php in Brudaswe ...)
 	NOT-FOR-US: BrudaNews
 CVE-2006-5067
 	NOT-FOR-US: PHP System Administration Toolkit (PHPSaTK)
-CVE-2006-5066
+CVE-2006-5066 (Multiple cross-site scripting (XSS) vulnerabilities in DanPHPSupport 0 ...)
 	NOT-FOR-US: DanPHPSupport
-CVE-2006-5065
+CVE-2006-5065 (PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in Zoo ...)
 	NOT-FOR-US: ZoomStats
-CVE-2006-5064
+CVE-2006-5064 (Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog 1.4 an ...)
 	NOT-FOR-US: BirdBlog
-CVE-2006-5063
+CVE-2006-5063 (Cross-site scripting (XSS) vulnerability in Elog 2.6.1 allows remote a ...)
 	{DSA-1242-1}
 	- elog 2.6.2+r1719-1 (bug #389361)
-CVE-2006-5062
+CVE-2006-5062 (PHP remote file inclusion vulnerability in templates/pb/language/lang_ ...)
 	NOT-FOR-US: PBLang (PBL)
-CVE-2006-5061
+CVE-2006-5061 (PHP remote file inclusion vulnerability in mcf.php in Advanced-Clan-Sc ...)
 	NOT-FOR-US: Advanced-Clan-Script (AVCX)
-CVE-2006-5060
+CVE-2006-5060 (Cross-site scripting (XSS) vulnerability in login.php in Jamroom 3.0.1 ...)
 	NOT-FOR-US: Jamroom
-CVE-2006-5059
+CVE-2006-5059 (Multiple cross-site scripting (XSS) vulnerabilities in WWWthreads 5.4. ...)
 	NOT-FOR-US: WWWthreads
-CVE-2006-5058
+CVE-2006-5058 (Buffer overflow in (1) Call of Duty 1.5b and earlier, (2) Call of Duty ...)
 	NOT-FOR-US: Call of Duty
-CVE-2006-5057
+CVE-2006-5057 (Multiple cross-site scripting (XSS) vulnerabilities in Ktools.net Phot ...)
 	NOT-FOR-US: PhotoStore
-CVE-2006-5056
+CVE-2006-5056 (Cross-site scripting (XSS) vulnerability in index.php in Opial Audio/V ...)
 	NOT-FOR-US: Opial Audio/Video Download Management
-CVE-2006-5055
+CVE-2006-5055 (PHP remote file inclusion vulnerability in admin/testing/tests/0004_in ...)
 	NOT-FOR-US: syntaxCMS
-CVE-2006-5054
+CVE-2006-5054 (SQL injection vulnerability in uye/uye_ayrinti.asp in iyzi Forum 1 Bet ...)
 	NOT-FOR-US: iyzi Forum
-CVE-2006-5053
+CVE-2006-5053 (PHP remote file inclusion vulnerability in webnews/template.php in Web ...)
 	NOT-FOR-US: Web-News
-CVE-2006-5052
+CVE-2006-5052 (Unspecified vulnerability in portable OpenSSH before 4.4, when running ...)
 	[etch] - openssh <no-dsa> (Minor issue)
 	- openssh 1:4.6p1-1 (low)
-CVE-2006-5051
+CVE-2006-5051 (Signal handler race condition in OpenSSH before 4.4 allows remote atta ...)
 	{DSA-1638-1 DSA-1212 DSA-1189-1}
 	- openssh 1:4.6p1-1 (low)
 	- openssh-krb5 <removed> (high)
 	NOTE: From my analysis only openssh with Kerberos support should be vulnerable
 	NOTE: However, we'll fix openssh as well just to make sure
-CVE-2006-5050
+CVE-2006-5050 (Directory traversal vulnerability in httpd in Rob Landley BusyBox allo ...)
 	- busybox <not-affected> (bug #390555; irreproducible)
 	[sarge] - busybox <not-affected> (Vulnerable code not present)
-CVE-2006-5049
+CVE-2006-5049 (Unspecified vulnerability in Classifieds (com_classifieds) component 1 ...)
 	NOT-FOR-US: Classifieds (com_classifieds) component for Joomla!
-CVE-2006-5048
+CVE-2006-5048 (Multiple PHP remote file inclusion vulnerabilities in Security Images  ...)
 	NOT-FOR-US: Security Images (com_securityimages) component for Joomla!
-CVE-2006-5047
+CVE-2006-5047 (Unspecified vulnerability in rsgallery2.html.php in RS Gallery2 compon ...)
 	NOT-FOR-US: RS Gallery2 component for Joomla! (com_rsgallery2)
-CVE-2006-5046
+CVE-2006-5046 (Unspecified vulnerability in RS Gallery2 (com_rsgallery2) 1.11.3 and e ...)
 	NOT-FOR-US: RS Gallery2 component for Joomla! (com_rsgallery2)
-CVE-2006-5045
+CVE-2006-5045 (Unspecified vulnerability in PollXT component (com_pollxt) 1.22.07 and ...)
 	NOT-FOR-US: PollXT component (com_pollxt) for Joomla!
-CVE-2006-5044
+CVE-2006-5044 (Unspecified vulnerability in Prince Clan (Princeclan) Chess component  ...)
 	NOT-FOR-US: Prince Clan (Princeclan) Chess componen (com_pcchess) for Mambo and Joomla!
-CVE-2006-5043
+CVE-2006-5043 (Multiple PHP remote file inclusion vulnerabilities in the Joomlaboard  ...)
 	NOT-FOR-US: JoomlaBoard (com_joomlaboard) for Joomla!
-CVE-2006-5042
+CVE-2006-5042 (Unspecified vulnerability in mosMedia (com_mosmedia) 1.0.8 and earlier ...)
 	NOT-FOR-US: mosMedia (com_mosmedia) for Joomla!
-CVE-2006-5041
+CVE-2006-5041 (Unspecified vulnerability in Hot Properties (possibly com_hotpropertie ...)
 	NOT-FOR-US: Hot Properties (possibly com_hotproperties) for Joomla!
-CVE-2006-5040
+CVE-2006-5040 (Unspecified vulnerability in SEF404x (com_sef) for Joomla! has unspeci ...)
 	NOT-FOR-US: SEF404x (com_sef) for Joomla!
-CVE-2006-5039
+CVE-2006-5039 (Unspecified vulnerability in Events 1.3 beta module (com_events) for J ...)
 	NOT-FOR-US: Events 1.3 beta module (com_events) for Joomla!
-CVE-2006-5038
+CVE-2006-5038 (The FiWin SS28S WiFi VoIP SIP/Skype Phone, firmware version 01_02_07,  ...)
 	NOT-FOR-US: FiWin
 CVE-2006-5037
 	NOT-FOR-US: MySource Matrix
 CVE-2006-5036
 	NOT-FOR-US: MySource Matrix
-CVE-2006-5035
+CVE-2006-5035 (Multiple cross-site scripting (XSS) vulnerabilities in Paul Smith Comp ...)
 	NOT-FOR-US: vCAP
-CVE-2006-5034
+CVE-2006-5034 (Directory traversal vulnerability in Paul Smith Computer Services vCAP ...)
 	NOT-FOR-US: vCAP
-CVE-2006-5033
+CVE-2006-5033 (Unspecified vulnerability in StoresAndCalendarsList.cgi in Paul Smith  ...)
 	NOT-FOR-US: vCAP
-CVE-2006-5032
+CVE-2006-5032 (PHP remote file inclusion vulnerability in dix.php3 in PHPartenaire 1. ...)
 	NOT-FOR-US: PHPartenaire
-CVE-2006-5031
+CVE-2006-5031 (Directory traversal vulnerability in app/webroot/js/vendors.php in Cak ...)
 	- cakephp 1.1.13.4450-1
-CVE-2006-5030
+CVE-2006-5030 (SQL injection vulnerability in modules/messages/index.php in exV2 2.0. ...)
 	NOT-FOR-US: exV2
-CVE-2006-5029
+CVE-2006-5029 (SQL injection vulnerability in thread.php in WoltLab Burning Board (wB ...)
 	NOT-FOR-US: WoltLab Burning Board (wBB)
-CVE-2006-5028
+CVE-2006-5028 (Directory traversal vulnerability in filemanager/filemanager.php in SW ...)
 	NOT-FOR-US: Plesk
-CVE-2006-5027
+CVE-2006-5027 (Jeroen Vennegoor JevonCMS, possibly pre alpha, allows remote attackers ...)
 	NOT-FOR-US: JevonCMS
-CVE-2006-5026
+CVE-2006-5026 (Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner ...)
 	NOT-FOR-US: Paisterist Simple HTTP Scanner (sHTTPScanner)
-CVE-2006-5025
+CVE-2006-5025 (Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner ...)
 	NOT-FOR-US: Paisterist Simple HTTP Scanner (sHTTPScanner)
-CVE-2006-5024
+CVE-2006-5024 (Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner ...)
 	NOT-FOR-US: Paisterist Simple HTTP Scanner (sHTTPScanner)
-CVE-2006-5023
+CVE-2006-5023 (SQL injection vulnerability in kategori.asp in xweblog 2.1 and earlier ...)
 	NOT-FOR-US: xweblog
-CVE-2006-5022
+CVE-2006-5022 (PHP remote file inclusion vulnerability in includes/global.php in Josh ...)
 	NOT-FOR-US: pNews System 1.1.0 (aka PowerNews)
-CVE-2006-5021
+CVE-2006-5021 (Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0 ...)
 	NOT-FOR-US: RedBLoG
-CVE-2006-5020
+CVE-2006-5020 (Multiple PHP remote file inclusion vulnerabilities in SolidState 0.4 a ...)
 	NOT-FOR-US: SolidState
-CVE-2006-5019
+CVE-2006-5019 (Google Mini 4.4.102.M.36 and earlier allows remote attackers to obtain ...)
 	NOT-FOR-US: Google Mini
-CVE-2006-5018
+CVE-2006-5018 (ContentKeeper 123.25 and earlier places passwords in cleartext in an I ...)
 	NOT-FOR-US: ContentKeeper
-CVE-2006-5017
+CVE-2006-5017 (SQL injection vulnerability in admin/all_users.php in Szava Gyula and  ...)
 	NOT-FOR-US: e-Vision CMS
-CVE-2006-5016
+CVE-2006-5016 (Unrestricted file upload vulnerability in admin/x_image.php in Szava G ...)
 	NOT-FOR-US: e-Vision CMS
-CVE-2006-5015
+CVE-2006-5015 (PHP remote file inclusion vulnerability in hit.php in Kietu 3.2 allows ...)
 	NOT-FOR-US: Kietu
-CVE-2006-5014
+CVE-2006-5014 (Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remot ...)
 	NOT-FOR-US: cPanel
-CVE-2006-5013
+CVE-2006-5013 (Sun Solaris 10 before patch 118855-16 (20060925), when run on x64 syst ...)
 	NOT-FOR-US: Solaris
-CVE-2006-5012
+CVE-2006-5012 (Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925  ...)
 	NOT-FOR-US: Solaris
-CVE-2006-5011
+CVE-2006-5011 (Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and 5.3 ...)
 	NOT-FOR-US: AIX
-CVE-2006-5010
+CVE-2006-5010 (Untrusted search path vulnerability in acctctl in IBM AIX 5.3.0 allows ...)
 	NOT-FOR-US: AIX
-CVE-2006-5009
+CVE-2006-5009 (Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows l ...)
 	NOT-FOR-US: AIX
-CVE-2006-5008
+CVE-2006-5008 (Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows a ...)
 	NOT-FOR-US: AIX
-CVE-2006-5007
+CVE-2006-5007 (Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 ...)
 	NOT-FOR-US: AIX
-CVE-2006-5006
+CVE-2006-5006 (Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local user ...)
 	NOT-FOR-US: AIX
-CVE-2006-5005
+CVE-2006-5005 (Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5 ...)
 	NOT-FOR-US: AIX
-CVE-2006-5004
+CVE-2006-5004 (Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5. ...)
 	NOT-FOR-US: AIX
-CVE-2006-5003
+CVE-2006-5003 (Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5 ...)
 	NOT-FOR-US: AIX
-CVE-2006-5002
+CVE-2006-5002 (Unspecified vulnerability in IBM Inventory Scout for AIX 2.2.0.0 throu ...)
 	NOT-FOR-US: AIX
-CVE-2006-5001
+CVE-2006-5001 (Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 be ...)
 	NOT-FOR-US: WS_FTP
-CVE-2006-5000
+CVE-2006-5000 (Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and p ...)
 	NOT-FOR-US: WS_FTP
 CVE-2006-4999
 	RESERVED
 CVE-2006-4998
 	RESERVED
-CVE-2006-4997
+CVE-2006-4997 (The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux ...)
 	{DSA-1237 DSA-1233}
 	- linux-2.6 2.6.18-1
-CVE-2006-4996
+CVE-2006-4996 (Unspecified vulnerability in JoomlaLib (com_joomlalib) before 1.2.2 fo ...)
 	NOT-FOR-US: JoomlaLib (com_joomlalib) for Joomla!
-CVE-2006-4995
+CVE-2006-4995 (PHP remote file inclusion vulnerability in BSQ Sitestats (bsq_sitestat ...)
 	NOT-FOR-US: BSQ Sitestats for Joomla!
-CVE-2006-4994
+CVE-2006-4994 (Multiple unquoted Windows search path vulnerabilities in Apache Friend ...)
 	NOT-FOR-US: XAMPP
-CVE-2006-4993
+CVE-2006-4993 (Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.4. ...)
 	NOT-FOR-US: AllMyGuests
-CVE-2006-4992
+CVE-2006-4992 (Multiple PHP remote file inclusion vulnerabilities in JD-WordPress for ...)
 	NOT-FOR-US: JD-WordPress for Joomla!
-CVE-2006-4991
+CVE-2006-4991 (RSA Keon Certificate Authority (KeonCA) Manager 6.5.1 and 6.6 allows p ...)
 	NOT-FOR-US: RSA Keon Certificate Authority (KeonCA) Manager
-CVE-2006-4990
+CVE-2006-4990 (Multiple PHP remote file inclusion vulnerabilities in PhotoPost allow  ...)
 	NOT-FOR-US: PhotoPost
-CVE-2006-4989
+CVE-2006-4989 (Patrick Michaelis Wili-CMS allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Wili-CMS
-CVE-2006-4988
+CVE-2006-4988 (Multiple cross-site scripting (XSS) vulnerabilities in Patrick Michael ...)
 	NOT-FOR-US: Wili-CMS
-CVE-2006-4987
+CVE-2006-4987 (Multiple PHP remote file inclusion vulnerabilities in Patrick Michaeli ...)
 	NOT-FOR-US: Wili-CMS
-CVE-2006-4986
+CVE-2006-4986 (Grayscale BandSite CMS allows remote attackers to obtain sensitive inf ...)
 	NOT-FOR-US: BandSite CMS
-CVE-2006-4985
+CVE-2006-4985 (Multiple cross-site scripting (XSS) vulnerabilities in Grayscale BandS ...)
 	NOT-FOR-US: BandSite CMS
-CVE-2006-4984
+CVE-2006-4984 (Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSi ...)
 	NOT-FOR-US: BandSite CMS
-CVE-2006-4983
+CVE-2006-4983 (Cisco NAC allows quarantined devices to communicate over the network w ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4982
+CVE-2006-4982 (Cisco NAC maintains an exception list that does not record device prop ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4981
+CVE-2006-4981 (Symantec Sygate NAC allows physically proximate attackers to bypass co ...)
 	NOT-FOR-US: Symantec
-CVE-2006-4980
+CVE-2006-4980 (Buffer overflow in the repr function in Python 2.3 through 2.6 before  ...)
 	{DSA-1198-1 DSA-1197-1}
 	- python2.5 2.5-1 (bug #391589)
 	- python2.4 2.4.3-9 (bug #391589)
 	- python2.3 2.3.5-16 (bug #393053)
 	- python2.2 <not-affected> (Compiled without UCS-4 support)
-CVE-2006-4979
+CVE-2006-4979 (Direct static code injection vulnerability in cfgphpquiz/install.php i ...)
 	NOT-FOR-US: PhpQuiz
-CVE-2006-4978
+CVE-2006-4978 (Multiple SQL injection vulnerabilities in Walter Beschmout PhpQuiz 1.2 ...)
 	NOT-FOR-US: PhpQuiz
-CVE-2006-4977
+CVE-2006-4977 (Multiple unrestricted file upload vulnerabilities in (1) back/upload_i ...)
 	NOT-FOR-US: PhpQuiz
-CVE-2006-4976
+CVE-2006-4976 (The Date Library in John Lim ADOdb Library for PHP allows remote attac ...)
 	- libphp-adodb <unfixed> (unimportant)
 	- gallery2 <removed> (unimportant)
 	- phppgadmin <unfixed> (unimportant)
@@ -5047,93 +5047,93 @@ CVE-2006-4976
 	- phpwiki <unfixed> (unimportant)
 	- moodle <removed> (unimportant)
 	NOTE: full path is known in Debian anyway
-CVE-2006-4975
+CVE-2006-4975 (Yahoo! Messenger for WAP permits saving messages that contain JavaScri ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2006-4974
+CVE-2006-4974 (Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows re ...)
 	NOT-FOR-US: WS_FTP
-CVE-2006-4973
+CVE-2006-4973 (Cross-site scripting (XSS) vulnerability in Default.aspx in Perpetual  ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2006-4972
+CVE-2006-4972 (Cross-site scripting (XSS) vulnerability in archive/index.php/forum-4. ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-4971
+CVE-2006-4971 (MyBB (aka MyBulletinBoard) allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-4970
+CVE-2006-4970 (PHP remote file inclusion vulnerability in enc/content.php in WAHM E-C ...)
 	NOT-FOR-US: Pie Cart Pro
-CVE-2006-4969
+CVE-2006-4969 (Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce  ...)
 	NOT-FOR-US: Pie Cart Pro
-CVE-2006-4968
+CVE-2006-4968 (PHP remote file inclusion vulnerability in includes/functions_admin.ph ...)
 	NOT-FOR-US: PNphpBB
 	NOTE: code in phpBB is different and not affected
-CVE-2006-4967
+CVE-2006-4967 (Multiple cross-site scripting (XSS) vulnerabilities in NextAge Cart al ...)
 	NOT-FOR-US: NextAge Cart
-CVE-2006-4966
+CVE-2006-4966 (PHP remote file inclusion vulnerability in inc/ifunctions.php in chump ...)
 	NOT-FOR-US: phpQuestionnaire
-CVE-2006-4965
+CVE-2006-4965 (Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to ex ...)
 	NOT-FOR-US: Apple
 	NOTE: also used for related MFSA-2007-28, but still a QuickTime/Windows only issue
-CVE-2006-4964
+CVE-2006-4964 (Cross-site scripting (XSS) vulnerability in MAXdev MDPro 1.0.76 before ...)
 	NOT-FOR-US: MAXdev MDPro
-CVE-2006-4963
+CVE-2006-4963 (Directory traversal vulnerability in index.php in Exponent CMS 0.96.3  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2006-4962
+CVE-2006-4962 (Directory traversal vulnerability in pbd_engine.php in Php Blue Dragon ...)
 	NOT-FOR-US: Php Blue Dragon
-CVE-2006-4961
+CVE-2006-4961 (SQL injection vulnerability in the GetModuleConfig function in public_ ...)
 	NOT-FOR-US: Php Blue Dragon
-CVE-2006-4960
+CVE-2006-4960 (Cross-site scripting (XSS) vulnerability in index.php Php Blue Dragon  ...)
 	NOT-FOR-US: Php Blue Dragon
-CVE-2006-4959
+CVE-2006-4959 (Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows rem ...)
 	NOT-FOR-US: Sun Secure Global Desktop
-CVE-2006-4958
+CVE-2006-4958 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Glob ...)
 	NOT-FOR-US: Sun Secure Global Desktop
-CVE-2006-4957
+CVE-2006-4957 (SQL injection vulnerability in the GetMember function in functions.php ...)
 	NOT-FOR-US: MyReview
-CVE-2006-4956
+CVE-2006-4956 (Cross-site scripting (XSS) vulnerability in the updateuser servlet in  ...)
 	NOT-FOR-US: Neon WebMail for Java
-CVE-2006-4955
+CVE-2006-4955 (Directory traversal vulnerability in the downloadfile servlet in Neon  ...)
 	NOT-FOR-US: Neon WebMail for Java
-CVE-2006-4954
+CVE-2006-4954 (The updateuser servlet in Neon WebMail for Java before 5.08 does not v ...)
 	NOT-FOR-US: Neon WebMail for Java
-CVE-2006-4953
+CVE-2006-4953 (Multiple SQL injection vulnerabilities in Neon WebMail for Java before ...)
 	NOT-FOR-US: Neon WebMail for Java
-CVE-2006-4952
+CVE-2006-4952 (The updatemail servlet in Neon WebMail for Java before 5.08 allows rem ...)
 	NOT-FOR-US: Neon WebMail for Java
-CVE-2006-4951
+CVE-2006-4951 (Neon WebMail for Java before 5.08 allows remote attackers to execute a ...)
 	NOT-FOR-US: Neon WebMail for Java
-CVE-2006-4950
+CVE-2006-4950 (Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4949
+CVE-2006-4949 (Cross-site scripting (XSS) vulnerability in the Drupal 4.6 Site Profil ...)
 	NOT-FOR-US: Profile Directory (profile_pages.module) for Drupal
-CVE-2006-4948
+CVE-2006-4948 (Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFT ...)
 	NOT-FOR-US: TFTPDWIN
-CVE-2006-4947
+CVE-2006-4947 (Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Search Keyw ...)
 	NOT-FOR-US: Search Keywords module for Drupal
-CVE-2006-4946
+CVE-2006-4946 (PHP remote file inclusion vulnerability in include/startup.inc.php in  ...)
 	NOT-FOR-US: CMSDevelopment Business Card Web Builder (BCWB)
-CVE-2006-4945
+CVE-2006-4945 (Multiple PHP remote file inclusion vulnerabilities in Cardway (aka Fre ...)
 	NOT-FOR-US: DigitalWebShop
-CVE-2006-4944
+CVE-2006-4944 (PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.ph ...)
 	NOT-FOR-US: ProgSys
-CVE-2006-4943
+CVE-2006-4943 (course/jumpto.php in Moodle before 1.6.2 does not validate the session ...)
 	- moodle 1.6.2-1
 	[sarge] - moodle <not-affected> (File not present)
-CVE-2006-4942
+CVE-2006-4942 (Moodle before 1.6.2, when the configuration lacks (1) algebra or (2) t ...)
 	- moodle 1.6.2-1
-CVE-2006-4941
+CVE-2006-4941 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1 ...)
 	- moodle 1.6.2-1
-CVE-2006-4940
+CVE-2006-4940 (login/forgot_password.php in Moodle before 1.6.2 allows remote attacke ...)
 	- moodle 1.6.2-1
 	[sarge] - moodle <not-affected> (Function not present)
-CVE-2006-4939
+CVE-2006-4939 (backup/backup_scheduled.php in Moodle before 1.6.2 generates trace dat ...)
 	- moodle 1.6.2-1 (unimportant)
 	NOTE: Path disclosure
-CVE-2006-4938
+CVE-2006-4938 (help.php in Moodle before 1.6.2 does not check the existence of certai ...)
 	- moodle 1.6.2-1 (unimportant)
 	NOTE: Path disclosure
-CVE-2006-4937
+CVE-2006-4937 (lib/setup.php in Moodle before 1.6.2 sets the error reporting level to ...)
 	- moodle 1.6.2-1
-CVE-2006-4936
+CVE-2006-4936 (Moodle before 1.6.2 does not properly validate the module instance id  ...)
 	- moodle 1.6.2-1
-CVE-2006-4935
+CVE-2006-4935 (The Database module in Moodle before 1.6.2 does not properly handle up ...)
 	- moodle 1.6.2-1
 CVE-2006-4934
 	RESERVED
@@ -5149,180 +5149,180 @@ CVE-2006-4929
 	RESERVED
 CVE-2006-4928
 	RESERVED
-CVE-2006-4927
+CVE-2006-4927 (The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drive ...)
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2006-4926
+CVE-2006-4926 (The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and  ...)
 	NOT-FOR-US: Kaspersky Labs
-CVE-2006-4925
+CVE-2006-4925 (packet.c in ssh in OpenSSH allows remote attackers to cause a denial o ...)
 	- openssh 1:5.1p1-5 (unimportant)
 	NOTE: That's a non-issue
-CVE-2006-4924
+CVE-2006-4924 (sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, all ...)
 	{DSA-1212 DSA-1189-1}
 	- openssh 1:4.3p2-4 (low; bug #389995)
 	- openssh-krb5 <unfixed> (low)
-CVE-2006-4923
+CVE-2006-4923 (Cross-site scripting (XSS) vulnerability in search.php in eSyndiCat Po ...)
 	NOT-FOR-US: eSyndiCat Portal System
-CVE-2006-4922
+CVE-2006-4922 (Unrestricted file upload vulnerability in starnet/editors/htmlarea/pop ...)
 	NOT-FOR-US: Site@School
-CVE-2006-4921
+CVE-2006-4921 (PHP remote file inclusion vulnerability in Site@School (S@S) 2.4.03 an ...)
 	NOT-FOR-US: Site@School
-CVE-2006-4920
+CVE-2006-4920 (Multiple PHP remote file inclusion vulnerabilities in Site@School (S@S ...)
 	NOT-FOR-US: Site@School
-CVE-2006-4919
+CVE-2006-4919 (Directory traversal vulnerability in starnet/editors/htmlarea/popups/i ...)
 	NOT-FOR-US: Site@School
-CVE-2006-4918
+CVE-2006-4918 (Multiple PHP remote file inclusion vulnerabilities in Simple Discussio ...)
 	NOT-FOR-US: Simple Discussion Board
-CVE-2006-4917
+CVE-2006-4917 (Cross-site scripting (XSS) vulnerability in search.php in PT News 1.7. ...)
 	NOT-FOR-US: PT News
-CVE-2006-4916
+CVE-2006-4916 (SQL injection vulnerability in uye_profil.asp in Tekman Portal (TR) 1. ...)
 	NOT-FOR-US: Tekman Portal
-CVE-2006-4915
+CVE-2006-4915 (Cross-site scripting (XSS) vulnerability in index.php in Innovate Port ...)
 	NOT-FOR-US: Innovate Portal
-CVE-2006-4914
+CVE-2006-4914 (Directory traversal vulnerability in A.l-Pifou 1.8p2 allows remote att ...)
 	NOT-FOR-US: A.l-Pifou
-CVE-2006-4913
+CVE-2006-4913 (Directory traversal vulnerability in chat/getStartOptions.php in Alstr ...)
 	NOT-FOR-US: AlstraSoft E-friends
-CVE-2006-4912
+CVE-2006-4912 (PHP remote file inclusion vulnerability in PHP DocWriter 0.3 and earli ...)
 	NOT-FOR-US: PHP DocWriter
-CVE-2006-4911
+CVE-2006-4911 (Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 bef ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4910
+CVE-2006-4910 (The web administration interface (mainApp) to Cisco IDS before 4.1(5c) ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4909
+CVE-2006-4909 (Cross-site scripting (XSS) vulnerability in Cisco Guard DDoS Mitigatio ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4908
+CVE-2006-4908 (OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive in ...)
 	NOT-FOR-US: OSU
-CVE-2006-4907
+CVE-2006-4907 (OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive in ...)
 	NOT-FOR-US: OSU
-CVE-2006-4906
+CVE-2006-4906 (SQL injection vulnerability in modules/calendar/week.php in More.group ...)
 	NOT-FOR-US: More.groupware
-CVE-2006-4905
+CVE-2006-4905 (PHP remote file inclusion vulnerability in index.php in Artmedic Links ...)
 	NOT-FOR-US: Artmedic Links
-CVE-2006-4904
+CVE-2006-4904 (Dynamic variable evaluation vulnerability in cmpi.php in Qualiteam X-C ...)
 	NOT-FOR-US: X-Cart
 CVE-2006-4903
 	RESERVED
-CVE-2006-4902
+CVE-2006-4902 (The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 ...)
 	NOT-FOR-US: Symantec Veritas NetBackup
-CVE-2006-4901
+CVE-2006-4901 (Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up  ...)
 	NOT-FOR-US: CA eTrust
-CVE-2006-4900
+CVE-2006-4900 (Directory traversal vulnerability in Computer Associates (CA) eTrust S ...)
 	NOT-FOR-US: CA eTrust
-CVE-2006-4899
+CVE-2006-4899 (The ePPIServlet script in Computer Associates (CA) eTrust Security Com ...)
 	NOT-FOR-US: CA eTrust
-CVE-2006-4898
+CVE-2006-4898 (PHP remote file inclusion vulnerability in include/phpxd/phpXD.php in  ...)
 	NOT-FOR-US: guanxiCRM
-CVE-2006-4897
+CVE-2006-4897 (CMtextS 1.0 and earlier stores users_logins/admin.txt under the web do ...)
 	NOT-FOR-US: CMtextS
 CVE-2006-4896
 	REJECTED
-CVE-2006-4895
+CVE-2006-4895 (IDevSpot NexieAffiliate 1.9 and earlier allows remote attackers to del ...)
 	NOT-FOR-US: IDevSpot NexieAffiliate
-CVE-2006-4894
+CVE-2006-4894 (Cross-site scripting (XSS) vulnerability in forms/lostpassword.php in  ...)
 	NOT-FOR-US: IDevSpot NexieAffiliate
-CVE-2006-4893
+CVE-2006-4893 (PHP remote file inclusion vulnerability in bb_usage_stats/includes/bb_ ...)
 	NOT-FOR-US: phpBB XS
-CVE-2006-4892
+CVE-2006-4892 (SQL injection vulnerability in faqview.asp in Techno Dreams FAQ Manage ...)
 	NOT-FOR-US: Techno Dreams FAQ
-CVE-2006-4891
+CVE-2006-4891 (SQL injection vulnerability in ArticlesTableview.asp in Techno Dreams  ...)
 	NOT-FOR-US: Techno Dreams
-CVE-2006-4890
+CVE-2006-4890 (Multiple PHP remote file inclusion vulnerabilities in UNAK-CMS 1.5 and ...)
 	NOT-FOR-US: UNAK-CMS
-CVE-2006-4889
+CVE-2006-4889 (Multiple PHP remote file inclusion vulnerabilities in Telekorn SignKor ...)
 	NOT-FOR-US: Telekorn SignKorn Guestbook
-CVE-2006-4888
+CVE-2006-4888 (Microsoft Internet Explorer 6 and earlier allows remote attackers to c ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4887
+CVE-2006-4887 (Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop ...)
 	NOT-FOR-US: Apple
-CVE-2006-4886
+CVE-2006-4886 (The VirusScan On-Access Scan component in McAfee VirusScan Enterprise  ...)
 	NOT-FOR-US: McAfee
-CVE-2006-4885
+CVE-2006-4885 (PHP remote file inclusion vulnerability in Shadowed Portal 5.599 and e ...)
 	NOT-FOR-US: Shadowed Portal
-CVE-2006-4884
+CVE-2006-4884 (Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot iSuppo ...)
 	NOT-FOR-US: IDevSpot iSupport
-CVE-2006-4883
+CVE-2006-4883 (Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot BizDir ...)
 	NOT-FOR-US: IDevSpot BizDirectory
-CVE-2006-4882
+CVE-2006-4882 (SQL injection vulnerability in Review.asp in Julian Roberts Charon Car ...)
 	NOT-FOR-US: Cart 3
-CVE-2006-4881
+CVE-2006-4881 (Multiple cross-site scripting (XSS) vulnerabilities in David Bennett P ...)
 	NOT-FOR-US: PHP-Post (PHPp)
-CVE-2006-4880
+CVE-2006-4880 (David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers  ...)
 	NOT-FOR-US: PHP-Post (PHPp)
-CVE-2006-4879
+CVE-2006-4879 (SQL injection vulnerability in profile.php in David Bennett PHP-Post ( ...)
 	NOT-FOR-US: PHP-Post (PHPp)
-CVE-2006-4878
+CVE-2006-4878 (Directory traversal vulnerability in footer.php in David Bennett PHP-P ...)
 	NOT-FOR-US: PHP-Post (PHPp)
-CVE-2006-4877
+CVE-2006-4877 (Variable overwrite vulnerability in David Bennett PHP-Post (PHPp) 1.0  ...)
 	NOT-FOR-US: PHP-Post (PHPp)
-CVE-2006-4876
+CVE-2006-4876 (Multiple SQL injection vulnerabilities in Jupiter CMS allow remote att ...)
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-4875
+CVE-2006-4875 (Unrestricted file upload vulnerability in modules/galleryuploadfunctio ...)
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-4874
+CVE-2006-4874 (Multiple cross-site scripting (XSS) vulnerabilities in Jupiter CMS all ...)
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-4873
+CVE-2006-4873 (Jupiter CMS allows remote attackers to obtain sensitive information vi ...)
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-4872
+CVE-2006-4872 (SQL injection vulnerability in search.asp in Keyvan1 (aka Keyvan Jangh ...)
 	NOT-FOR-US: ECardPro
-CVE-2006-4871
+CVE-2006-4871 (SQL injection vulnerability in search_run.asp in Keyvan1 (aka Keyvan J ...)
 	NOT-FOR-US: EShoppingPro
-CVE-2006-4870
+CVE-2006-4870 (Multiple PHP remote file inclusion vulnerabilities in AEDating 4.1, an ...)
 	NOT-FOR-US: AEDating
-CVE-2006-4869
+CVE-2006-4869 (PHP remote file inclusion vulnerability in phpunity-postcard.php in ph ...)
 	NOT-FOR-US: phpunity.postcard
-CVE-2006-4868
+CVE-2006-4868 (Stack-based buffer overflow in the Vector Graphics Rendering engine (v ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4867
+CVE-2006-4867 (SQL injection vulnerability in mods.php in GNUTurk 2G and earlier allo ...)
 	NOT-FOR-US: GNUTurk
-CVE-2006-4866
+CVE-2006-4866 (Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in R ...)
 	NOT-FOR-US: Apple
-CVE-2006-4865
+CVE-2006-4865 (Walter Beschmout PhpQuiz allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: PhpQuiz
-CVE-2006-4864
+CVE-2006-4864 (PHP remote file inclusion vulnerability in index.php in All Enthusiast ...)
 	NOT-FOR-US: ReviewPost
 CVE-2006-4863
 	NOT-FOR-US: mcLinksCounter
-CVE-2006-4862
+CVE-2006-4862 (SQL injection vulnerability in default.aspx in easypage allows remote  ...)
 	NOT-FOR-US: easypage
-CVE-2006-4861
+CVE-2006-4861 (SQL injection vulnerability in loginprocess.asp in Mohammed Mehdi Panj ...)
 	NOT-FOR-US: Complain Center
-CVE-2006-4860
+CVE-2006-4860 (Multiple unspecified vulnerabilities in (1) index.php, (2) minixml.inc ...)
 	NOT-FOR-US: Limbo
-CVE-2006-4859
+CVE-2006-4859 (Unrestricted file upload vulnerability in contact.html.php in the Cont ...)
 	NOT-FOR-US: Limbo
-CVE-2006-4858
+CVE-2006-4858 (PHP remote file inclusion vulnerability in install.serverstat.php in t ...)
 	NOT-FOR-US: Serverstat (com_serverstat) component for Mambo
-CVE-2006-4857
+CVE-2006-4857 (SQL injection vulnerability in default.asp (aka the login page) in Cli ...)
 	NOT-FOR-US: ClickBlog
-CVE-2006-4856
+CVE-2006-4856 (Multiple cross-site scripting (XSS) vulnerabilities in Roller WebLogge ...)
 	NOT-FOR-US: WebLogger
-CVE-2006-4855
+CVE-2006-4855 (The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006  ...)
 	NOT-FOR-US: Symantec
 CVE-2006-4854
 	REJECTED
-CVE-2006-4853
+CVE-2006-4853 (SQL injection vulnerability in kategorix.asp in Haberx 1.02 through 1. ...)
 	NOT-FOR-US: Haberx
-CVE-2006-4852
+CVE-2006-4852 (SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 allow ...)
 	NOT-FOR-US: QuadComm Q-Shop
-CVE-2006-4851
+CVE-2006-4851 (PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHT ...)
 	NOT-FOR-US: BolinOS
-CVE-2006-4850
+CVE-2006-4850 (PHP remote file inclusion vulnerability in system/_b/contentFiles/gBIn ...)
 	NOT-FOR-US: BolinOS
-CVE-2006-4849
+CVE-2006-4849 (PHP remote file inclusion vulnerability in header.php in MobilePublish ...)
 	NOT-FOR-US: MobilePublisherPHP
 CVE-2006-4848
 	NOT-FOR-US: Hitweb
-CVE-2006-4847
+CVE-2006-4847 (Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix ...)
 	NOT-FOR-US: WS_FTP
-CVE-2006-4846
+CVE-2006-4846 (Unspecified vulnerability in Citrix Access Gateway with Advanced Acces ...)
 	NOT-FOR-US: Citrix
-CVE-2006-4845
+CVE-2006-4845 (PHP remote file inclusion vulnerability in includes/footer.html.inc.ph ...)
 	NOT-FOR-US: TeamCal
-CVE-2006-4844
+CVE-2006-4844 (PHP remote file inclusion vulnerability in inc/claro_init_local.inc.ph ...)
 	NOT-FOR-US: Claroline
-CVE-2006-4843
+CVE-2006-4843 (Cross-site scripting (XSS) vulnerability in the Active Content Filter  ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2006-4842
+CVE-2006-4842 (The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in S ...)
 	- xulrunner 1.8.0.9-1 (low; bug #405062)
 	[sarge] - mozilla <no-dsa> (Minor issue)
 	NOTE: could not find setuid binary in sid, but evolution-data-server has a setgid mail binary
@@ -5331,47 +5331,47 @@ CVE-2006-4841
 	RESERVED
 CVE-2006-4840
 	REJECTED
-CVE-2006-4839
+CVE-2006-4839 (Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Sophos
-CVE-2006-4838
+CVE-2006-4838 (Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal SE 6 ...)
 	NOT-FOR-US: DCP-Portal
-CVE-2006-4837
+CVE-2006-4837 (Multiple PHP remote file inclusion vulnerabilities in DCP-Portal SE 6. ...)
 	NOT-FOR-US: DCP-Portal
-CVE-2006-4836
+CVE-2006-4836 (SQL injection vulnerability in login.php in DCP-Portal SE 6.0 allows r ...)
 	NOT-FOR-US: DCP-Portal
-CVE-2006-4835
+CVE-2006-4835 (Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attacke ...)
 	NOT-FOR-US: Blue Magic Board (BMB) (aka BMForum)
-CVE-2006-4834
+CVE-2006-4834 (PHP remote file inclusion vulnerability in index.php in Jule Slootbeek ...)
 	NOT-FOR-US: phpQuiz
-CVE-2006-4833
+CVE-2006-4833 (Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 1 ...)
 	NOT-FOR-US: NetPerformer
-CVE-2006-4832
+CVE-2006-4832 (Buffer overflow in the telnet service in Verso NetPerformer FRAD ACT S ...)
 	NOT-FOR-US: NetPerformer
-CVE-2006-4831
+CVE-2006-4831 (Unspecified vulnerability in IP over DNS is now easy (iodine) before 0 ...)
 	NOT-FOR-US: IP over DNS is now easy (iodine)
-CVE-2006-4830
+CVE-2006-4830 (Directory traversal vulnerability in EditBlogTemplatesPlugin.java in D ...)
 	NOT-FOR-US: Blojsom
-CVE-2006-4829
+CVE-2006-4829 (Multiple cross-site scripting (XSS) vulnerabilities in David Czarnecki ...)
 	NOT-FOR-US: Blojsom
-CVE-2006-4828
+CVE-2006-4828 (PHP remote file inclusion vulnerability in zipndownload.php in PhotoPo ...)
 	NOT-FOR-US: PhotoPost
-CVE-2006-4827
+CVE-2006-4827 (Multiple PHP remote file inclusion vulnerabilities in Vmist Downstat 1 ...)
 	NOT-FOR-US: Vmist Downstat
-CVE-2006-4826
+CVE-2006-4826 (PHP remote file inclusion vulnerability in bottom.php in Shadowed Port ...)
 	NOT-FOR-US: Shadowed Portal
-CVE-2006-4825
+CVE-2006-4825 (Multiple cross-site scripting (XSS) vulnerabilities in cl_files/index. ...)
 	NOT-FOR-US: PHP Event Calendar
-CVE-2006-4824
+CVE-2006-4824 (PHP remote file inclusion vulnerability in lib/activeutil.php in Quick ...)
 	NOT-FOR-US: Quicksilver Forums (QSF)
-CVE-2006-4823
+CVE-2006-4823 (PHP remote file inclusion vulnerability in scripts/news_page.php in Re ...)
 	NOT-FOR-US: Magic News
-CVE-2006-4822
+CVE-2006-4822 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in eM ...)
 	NOT-FOR-US: emuCMS
-CVE-2006-4821
+CVE-2006-4821 (Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Userreview  ...)
 	NOT-FOR-US: Drupal Userreview module
-CVE-2006-4820
+CVE-2006-4820 (Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11. ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-4819
+CVE-2006-4819 (Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote attacke ...)
 	NOT-FOR-US: Opera
 CVE-2006-4818
 	RESERVED
@@ -5381,43 +5381,43 @@ CVE-2006-4816
 	RESERVED
 CVE-2006-4815
 	RESERVED
-CVE-2006-4814
+CVE-2006-4814 (The mincore function in the Linux kernel before 2.4.33.6 does not prop ...)
 	{DSA-1503-2 DSA-1503-1 DSA-1304}
 	- linux-2.6 2.6.18.dfsg.1-9 (low)
 	- kernel-patch-openvz 028.18.1
-CVE-2006-4813
+CVE-2006-4813 (The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6 ...)
 	{DSA-1233}
 	- linux-2.6 2.6.13-1
-CVE-2006-4812
+CVE-2006-4812 (Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote ...)
 	- php4 <not-affected>
 	- php5 5.1.6-5 (bug #391586)
-CVE-2006-4811
+CVE-2006-4811 (Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 bef ...)
 	{DSA-1200-1}
 	- qt-x11-free 3:3.3.7-1 (bug #394192; bug #394313)
 	- qt4-x11 4.2.1-1 (bug #394192)
-CVE-2006-4810
+CVE-2006-4810 (Buffer overflow in the readline function in util/texindex.c, as used b ...)
 	{DSA-1219}
 	- texinfo 4.8.dfsg.1-4
-CVE-2006-4809
+CVE-2006-4809 (Stack-based buffer overflow in loader_pnm.c in imlib2 before 1.2.1, an ...)
 	- imlib2 1.3.0.0debian1-3 (medium; bug #397371)
-CVE-2006-4808
+CVE-2006-4808 (Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and ...)
 	- imlib2 1.3.0.0debian1-3 (medium; bug #397371)
-CVE-2006-4807
+CVE-2006-4807 (loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allo ...)
 	- imlib2 1.3.0.0debian1-3 (medium; bug #397371)
-CVE-2006-4806
+CVE-2006-4806 (Multiple integer overflows in imlib2 allow user-assisted remote attack ...)
 	- imlib2 1.3.0.0debian1-3 (medium; bug #397371)
-CVE-2006-4805
+CVE-2006-4805 (epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in ...)
 	{DSA-1201-1}
 	- wireshark 0.99.4-1 (bug #396258; medium)
 CVE-2006-4804
 	RESERVED
-CVE-2006-4803
+CVE-2006-4803 (The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager ...)
 	NOT-FOR-US: Novell Identity Manager
-CVE-2006-4802
+CVE-2006-4802 (Format string vulnerability in the Real Time Virus Scan service in Sym ...)
 	NOT-FOR-US: Symantec
-CVE-2006-4801
+CVE-2006-4801 (Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and possi ...)
 	NOT-FOR-US: Roxio Toast
-CVE-2006-4800
+CVE-2006-4800 (Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p200605 ...)
 	{DSA-1215}
 	- ffmpeg 0.cvs20060329-1
 	- xmovie <removed>
@@ -5426,23 +5426,23 @@ CVE-2006-4800
 	- gstreamer0.10-ffmpeg 0.10.1-3 (medium; bug #401311)
 	- mplayer 1.0~rc1-1
 	NOTE: according to the changelog, libxine (starting from 1.1.2-4) links dynamically against ffmpeg
-CVE-2006-4799
+CVE-2006-4799 (Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow contex ...)
 	{DSA-1215}
 	- xine-lib 1.1.2-1 (bug #369876; medium)
 	NOTE: according to the changelog, libxine (starting from 1.1.2-4) links dynamically against ffmpeg
-CVE-2006-4798
+CVE-2006-4798 (SQL-Ledger before 2.4.4 stores a password in a query string, which mig ...)
 	- sql-ledger 2.4.5-1
-CVE-2006-4797
+CVE-2006-4797 (Cross-site scripting (XSS) vulnerability in tag.php in CloudNine Inter ...)
 	NOT-FOR-US: CJ Tag Board
-CVE-2006-4796
+CVE-2006-4796 (Cross-site scripting (XSS) vulnerability in forum.asp in Snitz Forums  ...)
 	NOT-FOR-US: Snitz Forums
-CVE-2006-4795
+CVE-2006-4795 (Unspecified vulnerability in the Address and Routing Parameter Area (A ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-4794
+CVE-2006-4794 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allo ...)
 	NOT-FOR-US: e107
-CVE-2006-4793
+CVE-2006-4793 (Multiple SQL injection vulnerabilities in icerik.asp in TualBLOG 1.0 a ...)
 	NOT-FOR-US: TualBLOG
-CVE-2006-5778
+CVE-2006-5778 (ftpd in linux-ftpd 0.17, and possibly other versions, performs a chdir ...)
 	{DSA-1217}
 	- linux-ftpd 0.17-23 (low; bug #384454)
 CVE-2006-XXXX [ejabberd HTML code injection]
@@ -5451,127 +5451,127 @@ CVE-2006-4792
 	RESERVED
 CVE-2006-4791
 	RESERVED
-CVE-2006-4789
+CVE-2006-4789 (Buffer overflow in Open Movie Editor 0.0.20060901 allows local users t ...)
 	NOT-FOR-US: Open Movie Editor
-CVE-2006-4788
+CVE-2006-4788 (PHP remote file inclusion vulnerability in includes/log.inc.php in Tel ...)
 	NOT-FOR-US: SignKorn Guestbook
-CVE-2006-4787
+CVE-2006-4787 (AlphaMail before 1.0.16 allows local users to obtain sensitive informa ...)
 	NOT-FOR-US: AlphaMail
-CVE-2006-4786
+CVE-2006-4786 (Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive i ...)
 	- moodle 1.6.2-1 (low)
-CVE-2006-4785
+CVE-2006-4785 (SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earli ...)
 	- moodle 1.6.2-1 (medium; bug #387177)
-CVE-2006-4784
+CVE-2006-4784 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 an ...)
 	- moodle 1.6.2-1 (low)
-CVE-2006-4783
+CVE-2006-4783 (SQL injection vulnerability in squads.php in WebSPELL 4.01.01 and earl ...)
 	NOT-FOR-US: WebSPELL
-CVE-2006-4782
+CVE-2006-4782 (src/index.php in WebSPELL 4.01.01 and earlier, when register_globals i ...)
 	NOT-FOR-US: WebSPELL
-CVE-2006-4781
+CVE-2006-4781 (Heap-based buffer overflow in FutureSoft TFTP Server Multithreaded (MT ...)
 	NOT-FOR-US: FutureSoft TFTP Server
-CVE-2006-4780
+CVE-2006-4780 (PHP remote file inclusion vulnerability in includes/functions.php in p ...)
 	NOT-FOR-US: phpBB XS
-CVE-2006-4779
+CVE-2006-4779 (PHP remote file inclusion vulnerability in includes/functions_portal.p ...)
 	NOT-FOR-US: Vitrax Premodded phpBB
-CVE-2006-4778
+CVE-2006-4778 (SQL injection vulnerability in Creative Commons Tools ccHost before 3. ...)
 	NOT-FOR-US: Creative Commons Tools ccHost
-CVE-2006-4777
+CVE-2006-4777 (Heap-based buffer overflow in the DirectAnimation Path Control (Direct ...)
 	NOT-FOR-US: DirectAnimation.PathControl
-CVE-2006-4776
+CVE-2006-4776 (Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4775
+CVE-2006-4775 (The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and Cat ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4774
+CVE-2006-4774 (The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows  ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4773
+CVE-2006-4773 (Sun StorEdge 6130 Array Controllers with firmware 06.12.10.11 and earl ...)
 	NOT-FOR-US: Sun StorEdge
-CVE-2006-4772
+CVE-2006-4772 (HotPlug CMS stores sensitive information under the web root with insuf ...)
 	NOT-FOR-US: HotPlug CMS
-CVE-2006-4771
+CVE-2006-4771 (Cross-site scripting (XSS) vulnerability in haut.php in ForumJBC 4 all ...)
 	NOT-FOR-US: ForumJBC
-CVE-2006-4770
+CVE-2006-4770 (PHP remote file inclusion vulnerability in menu.php in MiniPort@l 2.0  ...)
 	NOT-FOR-US: MiniPort@l
-CVE-2006-4769
+CVE-2006-4769 (PHP remote file inclusion vulnerability in abf_js.php in p4CMS 1.05 al ...)
 	NOT-FOR-US: p4CMS
-CVE-2006-4768
+CVE-2006-4768 (Multiple direct static code injection vulnerabilities in add_go.php in ...)
 	NOT-FOR-US: Stefan Ernst Newsscript (aka WM-News)
-CVE-2006-4767
+CVE-2006-4767 (Multiple directory traversal vulnerabilities in Stefan Ernst Newsscrip ...)
 	NOT-FOR-US: Stefan Ernst Newsscript (aka WM-News)
-CVE-2006-4766
+CVE-2006-4766 (Directory traversal vulnerability in print.php in Stefan Ernst Newsscr ...)
 	NOT-FOR-US: Stefan Ernst Newsscript (aka WM-News)
-CVE-2006-4765
+CVE-2006-4765 (NETGEAR DG834GT Wireless ADSL router running firmware 1.01.28 allows a ...)
 	NOT-FOR-US: NETGEAR
-CVE-2006-4764
+CVE-2006-4764 (PHP remote file inclusion vulnerability in common.php in Thomas LETE W ...)
 	NOT-FOR-US: WTools
-CVE-2006-4763
+CVE-2006-4763 (IBM Lotus Domino Web Access (DWA) 7.0.1 does not expire a client's Lig ...)
 	NOT-FOR-US: IBM Lotus Domino Web Access
-CVE-2006-4762
+CVE-2006-4762 (Multiple cross-site scripting (XSS) vulnerabilities in Ykoon RssReader ...)
 	NOT-FOR-US: Ykoon RssReader
-CVE-2006-4761
+CVE-2006-4761 (Multiple cross-site scripting (XSS) vulnerabilities in Luke Hutteman S ...)
 	NOT-FOR-US: SharpReader
-CVE-2006-4760
+CVE-2006-4760 (Multiple cross-site scripting (XSS) vulnerabilities in Benjamin Pasero ...)
 	NOT-FOR-US: RSSOwl
-CVE-2006-4759
+CVE-2006-4759 (PunBB 1.2.12 does not properly handle an avatar directory pathname end ...)
 	NOT-FOR-US: PunBB
-CVE-2006-4758
+CVE-2006-4758 (phpBB 2.0.21 does not properly handle pathnames ending in %00, which a ...)
 	{DSA-1488-1}
 	- phpbb2 2.0.21-4 (bug #388120; unimportant)
 	NOTE: Only exploitable by admins, which you'd need to trust
-CVE-2006-4757
+CVE-2006-4757 (Multiple SQL injection vulnerabilities in the admin section in e107 0. ...)
 	NOT-FOR-US: e107
-CVE-2006-4756
+CVE-2006-4756 (SQL injection vulnerability in alpha.php in phpMyDirectory 10.4.6 and  ...)
 	NOT-FOR-US: phpMyDirectory
-CVE-2006-4755
+CVE-2006-4755 (Cross-site scripting (XSS) vulnerability in alpha.php in phpMyDirector ...)
 	NOT-FOR-US: phpMyDirectory
-CVE-2006-4754
+CVE-2006-4754 (Cross-site scripting (XSS) vulnerability in index.php in PHProg before ...)
 	NOT-FOR-US: PHProg
-CVE-2006-4753
+CVE-2006-4753 (Directory traversal vulnerability in index.php in PHProg before 1.1 al ...)
 	NOT-FOR-US: PHProg
-CVE-2006-4752
+CVE-2006-4752 (Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote att ...)
 	NOT-FOR-US: Laurentiu Matei eXpandable Home Page (XHP) CMS
-CVE-2006-4751
+CVE-2006-4751 (Cross-site scripting (XSS) vulnerability in index.php in Laurentiu Mat ...)
 	NOT-FOR-US: Laurentiu Matei eXpandable Home Page (XHP) CMS
-CVE-2006-4750
+CVE-2006-4750 (PHP remote file inclusion vulnerability in openi-admin/base/fileloader ...)
 	NOT-FOR-US: OPENi-CMS
-CVE-2006-4749
+CVE-2006-4749 (Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Tra ...)
 	NOT-FOR-US: PHP Advanced Transfer Manager (phpATM)
-CVE-2006-4748
+CVE-2006-4748 (Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow rem ...)
 	NOT-FOR-US: F-ART BLOG:CMS
-CVE-2006-4747
+CVE-2006-4747 (Multiple cross-site scripting (XSS) vulnerabilities in IdevSpot TextAd ...)
 	NOT-FOR-US: IdevSpot TextAds
-CVE-2006-4746
+CVE-2006-4746 (PHP remote file inclusion vulnerability in news/include/customize.php  ...)
 	NOT-FOR-US: Web Server Creator
-CVE-2006-4745
+CVE-2006-4745 (ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to p ...)
 	NOT-FOR-US: ScaryBear PocketExpense Pro
-CVE-2006-4744
+CVE-2006-4744 (Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication  ...)
 	NOT-FOR-US: Abidia (1) O-Anywhere and (2) Abidia Wireless
-CVE-2006-4743
+CVE-2006-4743 (WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain sensit ...)
 	- wordpress 2.0.5-0.1 (unimportant)
 	NOTE: path disclosure only
-CVE-2006-4742
+CVE-2006-4742 (Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot P ...)
 	NOT-FOR-US: PhpLinkExchange
-CVE-2006-4741
+CVE-2006-4741 (PHP remote file inclusion vulnerability in bits_listings.php in IDevSp ...)
 	NOT-FOR-US: PhpLinkExchange
-CVE-2006-4740
+CVE-2006-4740 (Jetbox CMS allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-4739
+CVE-2006-4739 (Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allo ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-4738
+CVE-2006-4738 (PHP remote file inclusion vulnerability in phpthumb.php in Jetbox CMS  ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-4737
+CVE-2006-4737 (SQL injection vulnerability in index.php in Jetbox CMS allows remote a ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-4736
+CVE-2006-4736 (Multiple SQL injection vulnerabilities in index.php in CMS.R. 5.5 allo ...)
 	NOT-FOR-US: CMS.R
-CVE-2006-4735
+CVE-2006-4735 (Kellan Elliott-McCrea MagpieRSS allows remote attackers to obtain sens ...)
 	- magpierss <unfixed> (unimportant)
 	NOTE: path disclosure only
-CVE-2006-4734
+CVE-2006-4734 (Multiple SQL injection vulnerabilities in tiki-g-admin_processes.php i ...)
 	- tikiwiki 1.9.5+dfsg1-2 (medium; bug #388122)
-CVE-2006-4733
+CVE-2006-4733 (PHP remote file inclusion vulnerability in sipssys/code/box.inc.php in ...)
 	NOT-FOR-US: simple, integrated publishing system (SIPS)
-CVE-2006-4732
+CVE-2006-4732 (Unspecified vulnerability in Microsoft Visual Basic (VB) 6 has an unkn ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4731
+CVE-2006-4731 (Multiple directory traversal vulnerabilities in (1) login.pl and (2) a ...)
 	{DSA-1239-1}
 	- sql-ledger 2.6.19-1
 CVE-2006-4730
@@ -5580,57 +5580,57 @@ CVE-2006-4729
 	RESERVED
 CVE-2006-4728
 	RESERVED
-CVE-2006-4727
+CVE-2006-4727 (Cross-site scripting (XSS) vulnerability in emfadmin/statusView.do in  ...)
 	NOT-FOR-US: Tumbleweed EMF Administration Module
-CVE-2006-4726
+CVE-2006-4726 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 th ...)
 	NOT-FOR-US: Adobe
-CVE-2006-4725
+CVE-2006-4725 (Adobe ColdFusion MX 7 and 7.01 allows local users to bypass security r ...)
 	NOT-FOR-US: Adobe
-CVE-2006-4724
+CVE-2006-4724 (Unspecified vulnerability in the ColdFusion Flash Remoting Gateway in  ...)
 	NOT-FOR-US: Adobe
-CVE-2006-4723
+CVE-2006-4723 (PHP remote file inclusion vulnerability in raidenhttpd-admin/slice/che ...)
 	NOT-FOR-US: RaidenHTTPD
-CVE-2006-4722
+CVE-2006-4722 (PHP remote file inclusion vulnerability in Open Bulletin Board (OpenBB ...)
 	NOT-FOR-US: Open Bulletin Board (OpenBB)
-CVE-2006-4721
+CVE-2006-4721 (Directory traversal vulnerability in admin.php in CCleague Pro Sports  ...)
 	NOT-FOR-US: CCleague Pro Sports CMS
-CVE-2006-4720
+CVE-2006-4720 (PHP remote file inclusion vulnerability in random2.php in mcGalleryPRO ...)
 	NOT-FOR-US: mcGalleryPRO
-CVE-2006-4719
+CVE-2006-4719 (Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1. ...)
 	NOT-FOR-US: MyABraCaDaWeb
-CVE-2006-4718
+CVE-2006-4718 (Multiple cross-site scripting (XSS) vulnerabilities in livre_or.php in ...)
 	NOT-FOR-US: KorviBlog
-CVE-2006-4717
+CVE-2006-4717 (The login redirection mechanism in the Drupal 4.7 Pubcookie module bef ...)
 	NOT-FOR-US: Pubcookie module for Drupal
-CVE-2006-4716
+CVE-2006-4716 (PHP remote file inclusion vulnerability in demarrage.php in Fire Soft  ...)
 	NOT-FOR-US: Fire Soft Board (FSB)
-CVE-2006-4715
+CVE-2006-4715 (SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo Arti ...)
 	NOT-FOR-US: SpoonLabs Vivvo Article Management CMS
-CVE-2006-4714
+CVE-2006-4714 (PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivv ...)
 	NOT-FOR-US: SpoonLabs Vivvo Article Management CMS
-CVE-2006-4713
+CVE-2006-4713 (PHP remote file inclusion vulnerability in config.php in PSYWERKS PUMA ...)
 	NOT-FOR-US: PSYWERKS PUMA
-CVE-2006-4712
+CVE-2006-4712 (Multiple cross-site scripting (XSS) vulnerabilities in Sage 1.3.6 allo ...)
 	- firefox-sage 1.3.6-3 (bug #388149; medium)
-CVE-2006-4711
+CVE-2006-4711 (Multiple cross-site scripting (XSS) vulnerabilities in Sage allow remo ...)
 	- firefox-sage 1.3.6-3 (bug #388149; medium)
-CVE-2006-4710
+CVE-2006-4710 (Multiple cross-site scripting (XSS) vulnerabilities in NewsGator FeedD ...)
 	NOT-FOR-US: NewsGator FeedDemon
-CVE-2006-4709
+CVE-2006-4709 (SQL injection vulnerability in topic.php in Vikingboard 0.1b allows re ...)
 	NOT-FOR-US: Vikingboard
-CVE-2006-4708
+CVE-2006-4708 (Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1 ...)
 	NOT-FOR-US: Vikingboard
-CVE-2006-4707
+CVE-2006-4707 (Cross-site scripting (XSS) vulnerability in admin/global.php (aka the  ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-4706
+CVE-2006-4706 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in  ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-4705
+CVE-2006-4705 (SQL injection vulnerability in login.php in dwayner79 and Dominic Gamb ...)
 	NOT-FOR-US: Timesheet (aka Timesheet.php)
-CVE-2006-4704
+CVE-2006-4704 (Cross-zone scripting vulnerability in the WMI Object Broker (WMIScript ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-4703
 	REJECTED
-CVE-2006-4702
+CVE-2006-4702 (Buffer overflow in the Windows Media Format Runtime in Microsoft Windo ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-4701
 	REJECTED
@@ -5640,164 +5640,164 @@ CVE-2006-4699
 	REJECTED
 CVE-2006-4698
 	REJECTED
-CVE-2006-4697
+CVE-2006-4697 (Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects fr ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4696
+CVE-2006-4696 (Unspecified vulnerability in the Server service in Microsoft Windows 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4695
+CVE-2006-4695 (Unspecified vulnerability in certain COM objects in Microsoft Office W ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2006-4694
+CVE-2006-4694 (Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Offi ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4693
+CVE-2006-4693 (Unspecified vulnerability in Microsoft Word 2004 for Mac and v.X for M ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2006-4692
+CVE-2006-4692 (Argument injection vulnerability in the Windows Object Packager (packa ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2006-4691
+CVE-2006-4691 (Stack-based buffer overflow in the NetpManageIPCConnect function in th ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-4690
 	REJECTED
-CVE-2006-4689
+CVE-2006-4689 (Unspecified vulnerability in the driver for the Client Service for Net ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4688
+CVE-2006-4688 (Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4687
+CVE-2006-4687 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4686
+CVE-2006-4686 (Buffer overflow in the Extensible Stylesheet Language Transformations  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4685
+CVE-2006-4685 (The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core S ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4684
+CVE-2006-4684 (The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 thro ...)
 	{DSA-1176-1}
 	- zope2.7 <removed>
 	- zope2.8 2.8.8-2
-CVE-2006-4683
+CVE-2006-4683 (IBM Director before 5.10 allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: IBM Director
-CVE-2006-4682
+CVE-2006-4682 (Multiple unspecified vulnerabilities in IBM Director before 5.10 allow ...)
 	NOT-FOR-US: IBM Director
-CVE-2006-4681
+CVE-2006-4681 (Directory traversal vulnerability in Redirect.bat in IBM Director befo ...)
 	NOT-FOR-US: IBM Director
-CVE-2006-4680
+CVE-2006-4680 (The Remote UI in Canon imageRUNNER includes usernames and passwords wh ...)
 	NOT-FOR-US: Canon imageRUNNER
-CVE-2006-4679
+CVE-2006-4679 (DokuWiki before 2006-03-09c enables the debug feature by default, whic ...)
 	- dokuwiki 0.0.20060309-5.1 (low; bug #388082)
-CVE-2006-4678
+CVE-2006-4678 (PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows ...)
 	NOT-FOR-US: News Evolution
 CVE-2006-4677
 	NOT-FOR-US: phpopenchat
-CVE-2006-4676
+CVE-2006-4676 (TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and  ...)
 	NOT-FOR-US: TIBCO RendezVous
-CVE-2006-4675
+CVE-2006-4675 (Unrestricted file upload vulnerability in lib/exe/media.php in DokuWik ...)
 	- dokuwiki 0.0.20060309-5.1 (medium; bug #388082)
-CVE-2006-4674
+CVE-2006-4674 (Direct static code injection vulnerability in doku.php in DokuWiki bef ...)
 	- dokuwiki 0.0.20060309-5.1 (medium; bug #388082)
-CVE-2006-4673
+CVE-2006-4673 (Global variable overwrite vulnerability in maincore.php in PHP-Fusion  ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2006-4672
+CVE-2006-4672 (PHP remote file inclusion vulnerability in profitCode ppalCart 2.5 EE, ...)
 	NOT-FOR-US: ppalCart
-CVE-2006-4671
+CVE-2006-4671 (PHP remote file inclusion vulnerability in headlines.php in Fantastic  ...)
 	NOT-FOR-US: Fantastic News
-CVE-2006-4670
+CVE-2006-4670 (Multiple PHP remote file inclusion vulnerabilities in PhotoKorn Galler ...)
 	NOT-FOR-US: PhotoKorn Gallery
-CVE-2006-4669
+CVE-2006-4669 (PHP remote file inclusion vulnerability in admin/system/include.php in ...)
 	NOT-FOR-US: Somery
-CVE-2006-4668
+CVE-2006-4668 (Cross-site scripting (XSS) vulnerability in index.php in Rob Hensley A ...)
 	NOT-FOR-US: AckerTodo
-CVE-2006-4667
+CVE-2006-4667 (Multiple SQL injection vulnerabilities in RunCMS 1.4.1 allow remote at ...)
 	NOT-FOR-US: RunCMS
-CVE-2006-4666
+CVE-2006-4666 (Multiple PHP remote file inclusion vulnerabilities in Stefan Ernst New ...)
 	NOT-FOR-US: Newsscript (aka WM-News)
-CVE-2006-4665
+CVE-2006-4665 (Cross-site scripting (XSS) vulnerability in index.php in MKPortal M1.1 ...)
 	NOT-FOR-US: MKPortal
-CVE-2006-4664
+CVE-2006-4664 (PHP remote file inclusion vulnerability in includes/functions_portal.p ...)
 	NOT-FOR-US: Premod Shadow
 CVE-2006-4663
 	NOT-FOR-US: User problem
-CVE-2006-4662
+CVE-2006-4662 (Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ  ...)
 	NOT-FOR-US: AOL ICQ
-CVE-2006-4661
+CVE-2006-4661 (AOL ICQ Toolbar 1.3 for Internet Explorer (toolbaru.dll) does not prop ...)
 	NOT-FOR-US: AOL ICQ Toolbar
-CVE-2006-4660
+CVE-2006-4660 (Multiple cross-site scripting (XSS) vulnerabilities in the RSS Feed mo ...)
 	NOT-FOR-US: AOL ICQ Toolbar
-CVE-2006-4659
+CVE-2006-4659 (The Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 u ...)
 	NOT-FOR-US: Panda Platinum Internet Security
-CVE-2006-4658
+CVE-2006-4658 (Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses  ...)
 	NOT-FOR-US: Panda Platinum Internet Security
-CVE-2006-4657
+CVE-2006-4657 (Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 store ...)
 	NOT-FOR-US: Panda Platinum Internet Security
-CVE-2006-4656
+CVE-2006-4656 (PHP remote file inclusion vulnerability in admin/editeur/spaw_control. ...)
 	NOT-FOR-US: Web Provence SL_Site
-CVE-2006-4655
+CVE-2006-4655 (Buffer overflow in the Strcmp function in the XKEYBOARD extension in X ...)
 	NOT-FOR-US: X11R6.4
-CVE-2006-4654
+CVE-2006-4654 (Format string vulnerability in Easy Address Book Web Server 1.2 allows ...)
 	NOT-FOR-US: Address Book Web Server
-CVE-2006-4653
+CVE-2006-4653 ((1) Amazing Little Poll and (2) Amazing Little Picture Poll store sens ...)
 	NOT-FOR-US: Amazing Little Poll
-CVE-2006-4652
+CVE-2006-4652 ((1) Amazing Little Poll and (2) Amazing Little Picture Poll have a def ...)
 	NOT-FOR-US: Amazing Little Poll
-CVE-2006-4651
+CVE-2006-4651 (Directory traversal vulnerability in download/index.php, and possibly  ...)
 	NOT-FOR-US: Php download
-CVE-2006-4650
+CVE-2006-4650 (Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the  ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4649
+CVE-2006-4649 (PHP remote file inclusion vulnerability in bp_news.php in BinGo News ( ...)
 	NOT-FOR-US: BinGo News
-CVE-2006-4648
+CVE-2006-4648 (PHP remote file inclusion vulnerability in bp_ncom.php in BinGo News ( ...)
 	NOT-FOR-US: BinGo News
-CVE-2006-4647
+CVE-2006-4647 (PHP remote file inclusion vulnerability in news.php in Sponge News 2.2 ...)
 	NOT-FOR-US: Sponge News
-CVE-2006-4646
+CVE-2006-4646 (Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Pathauto mo ...)
 	NOT-FOR-US: Drupal Pathauto module
-CVE-2006-4645
+CVE-2006-4645 (PHP remote file inclusion vulnerability in akarru.gui/main_content.php ...)
 	NOT-FOR-US: Social BookMarking Engine
-CVE-2006-4644
+CVE-2006-4644 (PHP remote file inclusion vulnerability in modules/home.module.php in  ...)
 	NOT-FOR-US: phpFullAnnu
-CVE-2006-4643
+CVE-2006-4643 (SQL injection vulnerability in consult/joueurs.php in Uni-Vert PhpLeag ...)
 	NOT-FOR-US: PhpLeague
-CVE-2006-4642
+CVE-2006-4642 (AuditWizard 6.3.2, when using "Remote Audit," logs the administrator p ...)
 	NOT-FOR-US: AuditWizard
-CVE-2006-4641
+CVE-2006-4641 (SQL injection vulnerability in kategori.asp in Muratsoft Haber Portal  ...)
 	NOT-FOR-US: Muratsoft Haber Portal
-CVE-2006-4640
+CVE-2006-4640 (Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows ...)
 	- flashplugin-nonfree 7.0.68.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2006-4639
+CVE-2006-4639 (Multiple PHP remote file inclusion vulnerabilities in C-News.fr C-News ...)
 	NOT-FOR-US: C-News.fr C-News
-CVE-2006-4638
+CVE-2006-4638 (PHP remote file inclusion vulnerability in article.php in ACGV News 0. ...)
 	NOT-FOR-US: ACGV News
-CVE-2006-4637
+CVE-2006-4637 (Multiple PHP remote file inclusion vulnerabilities in ACGV News 0.9.1  ...)
 	NOT-FOR-US: ACGV News
-CVE-2006-4636
+CVE-2006-4636 (Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlie ...)
 	NOT-FOR-US: PhpCommander
-CVE-2006-4635
+CVE-2006-4635 (Unspecified vulnerability in MySource Classic 2.14.6, and possibly ear ...)
 	NOT-FOR-US: MySource Classic
-CVE-2006-4634
+CVE-2006-4634 (Cross-site scripting (XSS) vulnerability in index.php in VBZooM allows ...)
 	NOT-FOR-US: VBZooM
-CVE-2006-4633
+CVE-2006-4633 (index.php in SoftBB 0.1, and possibly earlier, allows remote attackers ...)
 	NOT-FOR-US: SoftBB
-CVE-2006-4632
+CVE-2006-4632 (Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly ear ...)
 	NOT-FOR-US: SoftBB
-CVE-2006-4631
+CVE-2006-4631 (Direct static code injection vulnerability in admin/save_opt.php in So ...)
 	NOT-FOR-US: SoftBB
-CVE-2006-4630
+CVE-2006-4630 (PHP remote file inclusion vulnerability in jscript.php in Sky GUNNING  ...)
 	NOT-FOR-US: MySpeach
-CVE-2006-4629
+CVE-2006-4629 (PHP remote file inclusion vulnerability in affichage/commentaires.php  ...)
 	NOT-FOR-US: C-News.fr C-News
-CVE-2006-4628
+CVE-2006-4628 (Cross-site scripting (XSS) vulnerability in VCD-db before 0.983 allows ...)
 	NOT-FOR-US: VCD-db
-CVE-2006-4627
+CVE-2006-4627 (System Information ActiveX control (msinfo.dll), when accessed via Mic ...)
 	NOT-FOR-US: System Information ActiveX control
-CVE-2006-4626
+CVE-2006-4626 (Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4. ...)
 	NOT-FOR-US: avast! Anti-virus Engine
-CVE-2006-4625
+CVE-2006-4625 (PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass ...)
 	- php4 4:4.4.4-1 (bug #391282; unimportant)
 	- php5 5.2.0-1 (bug #391281; unimportant)
 	NOTE: open_basedir violations not supported in Debian's PHP
-CVE-2006-4624
+CVE-2006-4624 (CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 al ...)
 	{DSA-1188-1}
 	- mailman 1:2.1.8-3
-CVE-2006-4623
+CVE-2006-4623 (The Unidirectional Lightweight Encapsulation (ULE) decapsulation compo ...)
 	{DSA-1304}
 	- linux-2.6 2.6.18-1
-CVE-2006-4790
+CVE-2006-4790 (verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3 ...)
 	{DSA-1182-1}
 	NOTE: GNUTLS-SA-2006-4
 	- gnutls13 1.4.4-1 (high)
@@ -5808,426 +5808,426 @@ CVE-2006-XXXX [gnutls Adaptive Chosen Ciphertext Attack]
 	- gnutls13 1.4.3-1 (unimportant)
 	- gnutls12 <removed> (unimportant)
 	- gnutls11 <removed> (unimportant)
-CVE-2006-4622
+CVE-2006-4622 (PHP remote file inclusion vulnerability in annonce.php in AnnonceV (ak ...)
 	NOT-FOR-US: AnnonceV
-CVE-2006-4621
+CVE-2006-4621 (PHP remote file inclusion vulnerability in settings.php in Pheap 1.2,  ...)
 	NOT-FOR-US: Pheap
-CVE-2006-4620
+CVE-2006-4620 (The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with M ...)
 	NOT-FOR-US: Alt-N WebAdmin
-CVE-2006-4619
+CVE-2006-4619 (The start update window in update.exe in Avira AntiVir PersonalEdition ...)
 	NOT-FOR-US: Avira
-CVE-2006-4618
+CVE-2006-4618 (PHP remote file inclusion vulnerability in adodb-postgres7.inc.php in  ...)
 	- libphp-adodb <not-affected> (vulnerable code seems to be In-link specific)
 	- egroupware <not-affected> (vulnerable code seems to be In-link specific)
 	- moodle <not-affected> (vulnerable code seems to be In-link specific)
 	- phppgadmin <not-affected> (vulnerable code seems to be In-link specific)
 	- gallery2 <not-affected> (vulnerable code seems to be In-link specific)
 	- phpwiki <not-affected> (vulnerable code seems to be In-link specific)
-CVE-2006-4617
+CVE-2006-4617 (Unrestricted file upload vulnerability in fileupload.html in vtiger CR ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2006-4616
+CVE-2006-4616 (SMTP service in MailEnable Standard, Professional, and Enterprise befo ...)
 	NOT-FOR-US: MailEnable
-CVE-2006-4615
+CVE-2006-4615 (Shape Services IM+ Mobile Instant Messenger for Pocket PC 3.10 stores  ...)
 	NOT-FOR-US: Shape Services
-CVE-2006-4614
+CVE-2006-4614 (PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords i ...)
 	NOT-FOR-US: PDAapps Verichat
-CVE-2006-4613
+CVE-2006-4613 (Multiple unspecified vulnerabilities in SnapGear before 3.1.4u1 allow  ...)
 	NOT-FOR-US: SnapGear
-CVE-2006-4612
+CVE-2006-4612 (SQL injection vulnerability in ReplyNew.asp in ZIXForum 1.12 allows re ...)
 	NOT-FOR-US: ZIXForum
-CVE-2006-4611
+CVE-2006-4611 (Buffer overflow in the _tor_resolve function in dsocks.c in dsocks bef ...)
 	NOT-FOR-US: dsocks
-CVE-2006-4610
+CVE-2006-4610 (PHP remote file inclusion vulnerability in index.php in GrapAgenda 0.1 ...)
 	NOT-FOR-US: GrapAgenda
 CVE-2006-4609
 	NOT-FOR-US: PHProjekt
-CVE-2006-4608
+CVE-2006-4608 (Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome  ...)
 	NOT-FOR-US: php-Revista
-CVE-2006-4607
+CVE-2006-4607 (admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote atta ...)
 	NOT-FOR-US: php-Revista
-CVE-2006-4606
+CVE-2006-4606 (Multiple SQL injection vulnerabilities in Longino Jacome php-Revista 1 ...)
 	NOT-FOR-US: php-Revista
-CVE-2006-4605
+CVE-2006-4605 (PHP remote file inclusion vulnerability in index.php in Longino Jacome ...)
 	NOT-FOR-US: php-Revista
-CVE-2006-4604
+CVE-2006-4604 (PHP remote file inclusion vulnerability in LFXlib/access_manager.php i ...)
 	NOT-FOR-US: Lanifex Database of Managed Objects (DMO)
-CVE-2006-4603
+CVE-2006-4603 (NCH Swift Sound Web Dictate 1.02 allows remote attackers to bypass aut ...)
 	NOT-FOR-US: Swift Sound Web Dictate
-CVE-2006-4601
+CVE-2006-4601 (SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows r ...)
 	NOT-FOR-US: 1Two
-CVE-2006-4600
+CVE-2006-4600 (slapd in OpenLDAP before 2.3.25 allows remote authenticated users with ...)
 	- openldap2.3 2.3.25-1
 	- openldap2.2 <removed> (low)
 	- openldap2 <not-affected> (low) (slapd not built from this version)
-CVE-2006-4599
+CVE-2006-4599 (SQL injection vulnerability in aut_verifica.inc.php in Autentificator  ...)
 	NOT-FOR-US: Autentificator
-CVE-2006-4598
+CVE-2006-4598 (Multiple SQL injection vulnerabilities in links.php in ssLinks 1.22 al ...)
 	NOT-FOR-US: ssLinks
-CVE-2006-4597
+CVE-2006-4597 (SQL injection vulnerability in devam.asp in ICBlogger 2.0 and earlier  ...)
 	NOT-FOR-US: ICBlogger
-CVE-2006-4596
+CVE-2006-4596 (PHP remote file inclusion in MyBace Light Skrip, when register_globals ...)
 	NOT-FOR-US: MyBace Light Skrip
-CVE-2006-4595
+CVE-2006-4595 (muforum (&#181;forum) 0.4c stores membres/members.dat under the web do ...)
 	NOT-FOR-US: muforum
-CVE-2006-4594
+CVE-2006-4594 (Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Tra ...)
 	NOT-FOR-US: phpAtm
-CVE-2006-4593
+CVE-2006-4593 (Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 an ...)
 	NOT-FOR-US: SoftBB
-CVE-2006-4592
+CVE-2006-4592 (Incomplete blacklist vulnerability in default.asp in 8pixel.net Simple ...)
 	NOT-FOR-US: Simple Blog
-CVE-2006-4591
+CVE-2006-4591 (Multiple PHP remote file inclusion vulnerabilities in AlstraSoft Templ ...)
 	NOT-FOR-US: AltraSoft Template Seller
-CVE-2006-4590
+CVE-2006-4590 (SQL injection vulnerability in admin/default.asp in Jetstat.com JS ASP ...)
 	NOT-FOR-US: Jetstat.com JS ASP Faq Manager
-CVE-2006-4589
+CVE-2006-4589 (PHP remote file inclusion vulnerability in 0_admin/modules/Wochenkarte ...)
 	NOT-FOR-US: DynCMS
-CVE-2006-4588
+CVE-2006-4588 (vtiger CRM 4.2.4, and possibly earlier, allows remote attackers to byp ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2006-4587
+CVE-2006-4587 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 4.2. ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2006-4586
+CVE-2006-4586 (The admin panel in Tr Forum 2.0 accepts a username and password hash f ...)
 	NOT-FOR-US: Tr Forum
-CVE-2006-4585
+CVE-2006-4585 (SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows ...)
 	NOT-FOR-US: Tr Forum
-CVE-2006-4584
+CVE-2006-4584 (Tr Forum 2.0 allows remote attackers to bypass authentication and add  ...)
 	NOT-FOR-US: Tr Forum
-CVE-2006-4583
+CVE-2006-4583 (Multiple PHP remote file inclusion vulnerabilities in FlashChat before ...)
 	NOT-FOR-US: FlashChat
-CVE-2006-4582
+CVE-2006-4582 (Cross-site request forgery (CSRF) vulnerability in The Address Book 1. ...)
 	NOT-FOR-US: The Address Book
-CVE-2006-4581
+CVE-2006-4581 (Unrestricted file upload vulnerability in The Address Book 1.04e valid ...)
 	NOT-FOR-US: The Address Book
-CVE-2006-4580
+CVE-2006-4580 (register.php in The Address Book 1.04e allows remote attackers to bypa ...)
 	NOT-FOR-US: The Address Book
-CVE-2006-4579
+CVE-2006-4579 (Directory traversal vulnerability in users.php in The Address Book 1.0 ...)
 	NOT-FOR-US: The Address Book
-CVE-2006-4578
+CVE-2006-4578 (export.php in The Address Book 1.04e writes username and password hash ...)
 	NOT-FOR-US: The Address Book
-CVE-2006-4577
+CVE-2006-4577 (Multiple cross-site scripting (XSS) vulnerabilities in The Address Boo ...)
 	NOT-FOR-US: The Address Book
-CVE-2006-4576
+CVE-2006-4576 (Cross-site scripting (XSS) vulnerability in The Address Book 1.04e all ...)
 	NOT-FOR-US: The Address Book
-CVE-2006-4575
+CVE-2006-4575 (Multiple SQL injection vulnerabilities in The Address Book 1.04e allow ...)
 	NOT-FOR-US: The Address Book
-CVE-2006-4574
+CVE-2006-4574 (Off-by-one error in the MIME Multipart dissector in Wireshark (formerl ...)
 	- wireshark 0.99.4-1 (bug #396258; medium)
-CVE-2006-4573
+CVE-2006-4573 (Multiple unspecified vulnerabilities in the "utf8 combining characters ...)
 	{DSA-1202-1}
 	- screen 4.0.3-0.1 (bug #395225; bug #395999; medium)
-CVE-2006-4572
+CVE-2006-4572 (ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows re ...)
 	- linux-2.6 2.6.18.dfsg.1-9 (medium)
-CVE-2006-4571
+CVE-2006-4571 (Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunde ...)
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-64
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
 	- thunderbird 1.5.0.7-1 (high)
 	- xulrunner 1.8.0.7-1 (high)
-CVE-2006-4570
+CVE-2006-4570 (Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "L ...)
 	{DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-63
 	- thunderbird 1.5.0.7-1
 	- mozilla <removed>
-CVE-2006-4569
+CVE-2006-4569 (The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked ...)
 	NOTE: MFSA-2006-62
 	- firefox 1.5.dfsg+1.5.0.7-1 (low)
 	- xulrunner 1.8.0.7-1 (low)
 	- thunderbird 1.5.0.7-1
 	[sarge] - mozilla-firefox <not-affected> (Regression only affecting 1.5)
-CVE-2006-4568
+CVE-2006-4568 (Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remot ...)
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-61
 	- mozilla <removed> (low)
 	- firefox 1.5.dfsg+1.5.0.7-1 (low)
 	- xulrunner 1.8.0.7-1 (low)
 	- thunderbird 1.5.0.7-1
-CVE-2006-4567
+CVE-2006-4567 (Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it ...)
 	NOTE: MFSA-2006-58
 	- firefox 1.5.dfsg+1.5.0.7-1 (unimportant)
 	- thunderbird 1.5.0.7-1 (unimportant)
 	[sarge] - mozilla-firefox <unfixed> (unimportant)
 	[sarge] - mozilla-thunderbird <unfixed> (unimportant)
 	NOTE: The internal update mechanism is disabled in Debian
-CVE-2006-4566
+CVE-2006-4566 (Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMon ...)
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-57
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
 	- thunderbird 1.5.0.7-1 (low)
 	- xulrunner 1.8.0.7-1 (high)
-CVE-2006-4565
+CVE-2006-4565 (Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderb ...)
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-57
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
 	- xulrunner 1.8.0.7-1 (high)
 	- thunderbird 1.5.0.7-1 (low)
-CVE-2006-4564
+CVE-2006-4564 (SQL injection vulnerability in Sources/ManageBoards.php in Simple Mach ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2006-4563
+CVE-2006-4563 (Cross-site scripting (XSS) vulnerability in the MyHeadlines before 4.3 ...)
 	NOT-FOR-US: PHP-Nuke
 CVE-2006-4562
 	NOT-FOR-US: Symantec
-CVE-2006-4561
+CVE-2006-4561 (Mozilla Firefox 1.5.0.6 allows remote attackers to execute arbitrary J ...)
 	- xulrunner 1.8.0.7-1 (low)
 	- firefox 1.5.dfsg+1.5.0.7-1 (low)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2006-4560
+CVE-2006-4560 (Internet Explorer 6 on Windows XP SP2 allows remote attackers to execu ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2006-4559
+CVE-2006-4559 (Multiple PHP remote file inclusion vulnerabilities in Yet Another Comm ...)
 	NOT-FOR-US: Yet Another Community System (YACS) CMS
-CVE-2006-4558
+CVE-2006-4558 (DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the ...)
 	NOT-FOR-US: DeluxeBB
 CVE-2006-4557
 	NOT-FOR-US: Discloser
 CVE-2006-4556
 	NOT-FOR-US: JIM component for Mambo and Joomla!
-CVE-2006-4555
+CVE-2006-4555 (Buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control a ...)
 	NOT-FOR-US: Miniclip CR64Loader ActiveX control
-CVE-2006-4554
+CVE-2006-4554 (Stack-based buffer overflow in the ReadFile function in the ZOO-proces ...)
 	NOT-FOR-US: BeCubed Compression Plus
-CVE-2006-4553
+CVE-2006-4553 (PHP remote file inclusion vulnerability in plugin.class.php in the com ...)
 	NOT-FOR-US: com_comprofiler Components for Mambo and Joomla!
-CVE-2006-4552
+CVE-2006-4552 (Cross-site scripting (XSS) vulnerability in CHXO Feedsplitter 2006-01- ...)
 	NOT-FOR-US: CHXO Feedsplitter
-CVE-2006-4551
+CVE-2006-4551 (Eval injection vulnerability in CHXO Feedsplitter 2006-01-21 allows re ...)
 	NOT-FOR-US: CHXO Feedsplitter
-CVE-2006-4550
+CVE-2006-4550 (Directory traversal vulnerability in CHXO Feedsplitter 2006-01-21 allo ...)
 	NOT-FOR-US: CHXO Feedsplitter
-CVE-2006-4549
+CVE-2006-4549 (CHXO Feedsplitter 2006-01-21 allows remote attackers to read the sourc ...)
 	NOT-FOR-US: CHXO Feedsplitter
-CVE-2006-4548
+CVE-2006-4548 (e107 0.75 and earlier does not properly unset variables when the input ...)
 	NOTE: this should be fixed in PHP (CVE-2006-3017)
-CVE-2006-4547
+CVE-2006-4547 (Lyris ListManager 8.95 allows remote authenticated users to obtain sen ...)
 	NOT-FOR-US: Lyris ListManager
-CVE-2006-4546
+CVE-2006-4546 (Lyris ListManager 8.95 allows remote authenticated users, who have adm ...)
 	NOT-FOR-US: Lyris ListManager
 CVE-2006-4545
 	NOT-FOR-US: ModuleBased CMS Pre-Alpha
-CVE-2006-4544
+CVE-2006-4544 (Multiple PHP remote file inclusion vulnerabilities in ExBB 1.9.1, when ...)
 	NOT-FOR-US: ExBB
-CVE-2006-4543
+CVE-2006-4543 (Cross-site scripting (XSS) vulnerability in index.php in HLStats 1.34  ...)
 	NOT-FOR-US: HLStats
-CVE-2006-4542
+CVE-2006-4542 (Webmin before 1.296 and Usermin before 1.226 do not properly handle a  ...)
 	{DSA-1199-1}
 	- webmin <removed> (bug #391284)
 	- usermin <removed>
-CVE-2006-4541
+CVE-2006-4541 (RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly  ...)
 	NOT-FOR-US: BlackICE PC Protection
-CVE-2006-4540
+CVE-2006-4540 (Cross-site scripting (XSS) vulnerability in learncenter.asp in Learn.c ...)
 	NOT-FOR-US: Learn.com LearnCenter
-CVE-2006-4539
+CVE-2006-4539 ((1) includes/widgets/module_company_tickets.php and (2) includes/widge ...)
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2006-4538
+CVE-2006-4538 (Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platfor ...)
 	{DSA-1237 DSA-1233}
 	- linux-2.6 2.6.17-9
-CVE-2006-4537
+CVE-2006-4537 (NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alph ...)
 	NOT-FOR-US: OpenVMS
-CVE-2006-4536
+CVE-2006-4536 (SQL injection vulnerability in module/rejestracja.php in CMS Frogss 0. ...)
 	NOT-FOR-US: CMS Frogss
-CVE-2006-4535
+CVE-2006-4535 (The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local u ...)
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 2.6.18-1
-CVE-2006-4534
+CVE-2006-4534 (Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4533
+CVE-2006-4533 (Multiple PHP remote file inclusion vulnerabilities in Plume CMS 1.0.6  ...)
 	NOT-FOR-US: Plume CMS
-CVE-2006-4532
+CVE-2006-4532 (PHP remote file inclusion vulnerability in articles/article.php in Yet ...)
 	NOT-FOR-US: Yet Another Community System (YACS) CMS
-CVE-2006-4531
+CVE-2006-4531 (PHP remote file inclusion vulnerability in lib/config.php in Pheap CMS ...)
 	NOT-FOR-US: Pheap CMS
-CVE-2006-4530
+CVE-2006-4530 (Direct static code injection vulnerability in include/change.php in me ...)
 	NOT-FOR-US: membrepass
-CVE-2006-4529
+CVE-2006-4529 (SQL injection vulnerability in recherchemembre.php in membrepass 1.5.  ...)
 	NOT-FOR-US: membrepass
-CVE-2006-4528
+CVE-2006-4528 (Multiple cross-site scripting (XSS) vulnerabilities in membrepass 1.5  ...)
 	NOT-FOR-US: membrepass
-CVE-2006-4527
+CVE-2006-4527 (includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when  ...)
 	NOT-FOR-US: CubeCart
-CVE-2006-4526
+CVE-2006-4526 (SQL injection vulnerability in includes/content/viewCat.inc.php in Cub ...)
 	NOT-FOR-US: CubeCart
-CVE-2006-4525
+CVE-2006-4525 (Cross-site scripting (XSS) vulnerability in CubeCart 3.0.12 and earlie ...)
 	NOT-FOR-US: CubeCart
-CVE-2006-4524
+CVE-2006-4524 (Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz  ...)
 	NOT-FOR-US: Digiappz Freekot
-CVE-2006-4523
+CVE-2006-4523 (The web-based management interface in 2Wire, Inc. HomePortal and Offic ...)
 	NOT-FOR-US: 2Wire
-CVE-2006-4522
+CVE-2006-4522 (Unspecified vulnerability in dtterm in IBM AIX 5.2 and 5.3 allows loca ...)
 	NOT-FOR-US: IBM AIX
 CVE-2006-XXXX [hostapd dos]
 	- hostapd 1:0.5.4-1
 	[sarge] - hostapd <not-affected> (Vulnerable code not present)
-CVE-2006-4521
+CVE-2006-4521 (The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS modu ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-4520
+CVE-2006-4520 (ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2 ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-4519
+CVE-2006-4519 (Multiple integer overflows in the image loader plug-ins in GIMP before ...)
 	{DSA-1335-1}
 	- gimp 2.2.16-1 (medium)
 	NOTE: Security problems were fixed in 2.2.16, but only 2.2.17 fixes a PSD regression
-CVE-2006-4518
+CVE-2006-4518 (Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Qbik WinGate
-CVE-2006-4517
+CVE-2006-4517 (Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Novell iManager
-CVE-2006-4516
+CVE-2006-4516 (Integer signedness error in FreeBSD 6.0-RELEASE allows local users to  ...)
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-4515
 	RESERVED
-CVE-2006-4514
+CVE-2006-4514 (Heap-based buffer overflow in the ole_info_read_metabat function in Gn ...)
 	{DSA-1221-1}
 	- libgsf 1.14.2-1
-CVE-2006-4513
+CVE-2006-4513 (Multiple integer overflows in the WV library in wvWare (formerly mswor ...)
 	- wv 1.2.4-1 (bug #396256; medium)
 	- abiword 2.4.6-1
 	[sarge] - abiword 2.4.6-1.1 (bug #396360)
 	NOTE: exact abiword fixed version not known, but <= 2.4.6-1
 CVE-2006-4512
 	RESERVED
-CVE-2006-4511
+CVE-2006-4511 (Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6 allows ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2006-4510
+CVE-2006-4510 (The evtFilteredMonitorEventsRequest function in the LDAP service in No ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-4509
+CVE-2006-4509 (Integer overflow in the evtFilteredMonitorEventsRequest function in th ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-4508
+CVE-2006-4508 (Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1 ...)
 	- tor 0.1.1.23-1
-CVE-2006-4507
+CVE-2006-4507 (Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the ...)
 	NOT-FOR-US: Sony
 	NOTE: According to the original advisory, this is just CVE-2006-3459
-CVE-2006-4506
+CVE-2006-4506 (idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local ...)
 	NOT-FOR-US: Novell Identity Manager
-CVE-2006-4505
+CVE-2006-4505 (CRLF injection vulnerability in links.php in NX5Linx 1.0 allows remote ...)
 	NOT-FOR-US: NX5Linx
-CVE-2006-4504
+CVE-2006-4504 (SQL injection vulnerability in NX5Linx 1.0 allows remote attackers to  ...)
 	NOT-FOR-US: NX5Linx
-CVE-2006-4503
+CVE-2006-4503 (Directory traversal vulnerability in link.php in NX5Linx 1.0 allows re ...)
 	NOT-FOR-US: NX5Linx
-CVE-2006-4502
+CVE-2006-4502 (ezPortal/ztml CMS 1.0 allows remote attackers to bypass authentication ...)
 	NOT-FOR-US: ezPortal/ztml CMS
-CVE-2006-4501
+CVE-2006-4501 (SQL injection vulnerability in index.php in ezPortal/ztml CMS 1.0 allo ...)
 	NOT-FOR-US: ezPortal/ztml CMS
-CVE-2006-4500
+CVE-2006-4500 (Cross-site scripting (XSS) vulnerability in index.php in ezPortal/ztml ...)
 	NOT-FOR-US: ezPortal/ztml CMS
-CVE-2006-4499
+CVE-2006-4499 (ModernBill 5.0.4 and earlier uses cURL with insecure settings for CURL ...)
 	NOT-FOR-US: ModernBill
-CVE-2006-4498
+CVE-2006-4498 (PHP remote file inclusion vulnerability in sommaire_admin.php in PhpAl ...)
 	NOT-FOR-US: PortailPHP
-CVE-2006-4497
+CVE-2006-4497 (SQL injection vulnerability in comments.php in IwebNegar 1.1 allows re ...)
 	NOT-FOR-US: IwebNegar
-CVE-2006-4496
+CVE-2006-4496 (Cross-site scripting (XSS) vulnerability in comments.php in IwebNegar  ...)
 	NOT-FOR-US: IwebNegar
-CVE-2006-4495
+CVE-2006-4495 (Microsoft Internet Explorer allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-4494
+CVE-2006-4494 (Microsoft Visual Studio 6.0 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4493
+CVE-2006-4493 (xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with ins ...)
 	NOT-FOR-US: xbiff2
 	NOTE: xbase-clients contains xbiff, but it is not affected as it doesn't use a .xbiffrc
-CVE-2006-4492
+CVE-2006-4492 (Unspecified vulnerability in Cybozu Office 6.5 Build 1.2 for Windows a ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2006-4491
+CVE-2006-4491 (Directory traversal vulnerability in Cybozu Collaborex, AG before 1.2( ...)
 	NOT-FOR-US: Cybozu Collaborex
-CVE-2006-4490
+CVE-2006-4490 (Multiple directory traversal vulnerabilities in Cybozu Office before 6 ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2006-4489
+CVE-2006-4489 (Multiple PHP remote file inclusion vulnerabilities in MiniBill 2006-07 ...)
 	NOT-FOR-US: MiniBill
-CVE-2006-4488
+CVE-2006-4488 (PHP remote file inclusion vulnerability in modules/userstop/userstop.p ...)
 	NOT-FOR-US: ExBB Italia
-CVE-2006-4487
+CVE-2006-4487 (DUware DUpoll 3.0 and 3.1 stores _private/Dupoll.mdb under the web doc ...)
 	NOT-FOR-US: DUpoll
-CVE-2006-4486
+CVE-2006-4486 (Integer overflow in memory allocation routines in PHP before 5.1.6, wh ...)
 	{DSA-1331-1}
 	- php5 5.1.6-1
 	- php4 4:4.4.4-1
-CVE-2006-4485
+CVE-2006-4485 (The stripos function in PHP before 5.1.5 has unknown impact and attack ...)
 	- php5 5.1.6-1
 	- php4 <not-affected> (Vulnerable function doesn't exist)
-CVE-2006-4484
+CVE-2006-4484 (Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in ...)
 	- libgd2 2.0.33-5.1 (medium; bug #384838)
 	- xloadimage <unfixed> (unimportant; bug #384841)
 	NOTE: xloadimage is a crasher only, not a security problem
-CVE-2006-4483
+CVE-2006-4483 (The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/str ...)
 	- php5 5.1.6-1 (unimportant)
 	- php4 4:4.4.4-1 (unimportant)
 	NOTE: Safe mode violations not supported, insufficient measure
-CVE-2006-4482
+CVE-2006-4482 (Multiple heap-based buffer overflows in the (1) str_repeat and (2) wor ...)
 	{DSA-1206-1}
 	- php5 5.1.6-1 (medium)
 	- php4 4:4.4.4-1 (medium)
-CVE-2006-4481
+CVE-2006-4481 (The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5  ...)
 	- php5 5.1.6-1 (unimportant)
 	- php4 4:4.4.4-1 (unimportant)
 	NOTE: Basedir violations not supported
-CVE-2006-4480
+CVE-2006-4480 (Incomplete blacklist vulnerability in the nk_CSS function in nuked.php ...)
 	NOT-FOR-US: Nuked-Klan
-CVE-2006-4479
+CVE-2006-4479 (Cross-site scripting (XSS) vulnerability in loginreq2.php in Visual Sh ...)
 	NOT-FOR-US: ezContents
-CVE-2006-4478
+CVE-2006-4478 (SQL injection vulnerability in headeruserdata.php in Visual Shapers ez ...)
 	NOT-FOR-US: ezContents
-CVE-2006-4477
+CVE-2006-4477 (Multiple PHP remote file inclusion vulnerabilities in Visual Shapers e ...)
 	NOT-FOR-US: ezContents
-CVE-2006-4476
+CVE-2006-4476 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-4475
+CVE-2006-4475 (Joomla! before 1.0.11 does not limit access to the Admin Popups functi ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-4474
+CVE-2006-4474 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before  ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-4473
+CVE-2006-4473 (Unspecified vulnerability in com_content in Joomla! before 1.0.11, whe ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-4472
+CVE-2006-4472 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow at ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-4471
+CVE-2006-4471 (The Admin Upload Image functionality in Joomla! before 1.0.11 allows r ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-4470
+CVE-2006-4470 (Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is defi ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-4469
+CVE-2006-4469 (Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows  ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-4468
+CVE-2006-4468 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-4467
+CVE-2006-4467 (Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x before 1.0 ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2006-4466
+CVE-2006-4466 (Joomla! before 1.0.11 does not properly unset variables when the input ...)
 	NOT-FOR-US: Joomla!
 CVE-2006-4465
 	NOT-FOR-US: Microsoft
-CVE-2006-4464
+CVE-2006-4464 (The Nokia Browser, possibly Nokia Symbian 60 Browser 3rd edition, allo ...)
 	NOT-FOR-US: Nokia
-CVE-2006-4463
+CVE-2006-4463 (SQL injection vulnerability in the administrator control panel in Jets ...)
 	NOT-FOR-US: JS ASP Faq Manager
-CVE-2006-4462
+CVE-2006-4462 (Gonafish.com LinksCaffe 2.0 and 3.0 do not properly restrict access to ...)
 	NOT-FOR-US: LinksCaffe
-CVE-2006-4461
+CVE-2006-4461 (Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly ...)
 	NOT-FOR-US: Paessler IPCheck Server Monitor (not related to ipcheck in Debian)
-CVE-2006-4460
+CVE-2006-4460 (Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0. ...)
 	NOT-FOR-US: iAddressBook
-CVE-2006-4459
+CVE-2006-4459 (Integer overflow in AnywhereUSB/5 1.80.00 allows local users to cause  ...)
 	NOT-FOR-US: AnywhereUSB/5
-CVE-2006-4458
+CVE-2006-4458 (Directory traversal vulnerability in calendar/inc/class.holidaycalc.in ...)
 	- phpgroupware 0.9.16.011-1 (bug #386061; medium)
-CVE-2006-4457
+CVE-2006-4457 (PHP remote file inclusion vulnerability in index.php in phpECard 2.1.4 ...)
 	NOT-FOR-US: phpECard
-CVE-2006-4456
+CVE-2006-4456 (PHP remote file inclusion vulnerability in functions.php in phpECard 2 ...)
 	NOT-FOR-US: phpECard
 CVE-2006-4455
 	- xchat <not-affected> (not reproducible)
-CVE-2006-4454
+CVE-2006-4454 (Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats 1.3 ...)
 	NOT-FOR-US: HLstats
-CVE-2006-4453
+CVE-2006-4453 (Cross-site scripting (XSS) vulnerability in PmWiki before 2.1.18 allow ...)
 	NOT-FOR-US: PmWiki
-CVE-2006-4452
+CVE-2006-4452 (PHP remote file inclusion vulnerability in security/include/_class.sec ...)
 	NOT-FOR-US: Web3news
-CVE-2006-4451
+CVE-2006-4451 (Direct static code injection vulnerability in CJ Tag Board 3.0 allows  ...)
 	NOT-FOR-US: Tag Board
-CVE-2006-4450
+CVE-2006-4450 (usercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, a ...)
 	- phpbb2 2.0.21-1 (unimportant)
 	NOTE: That's by design and even disabled by default
-CVE-2006-4449
+CVE-2006-4449 (Cross-site scripting (XSS) vulnerability in attachment.php in MyBullet ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-4448
+CVE-2006-4448 (Multiple PHP remote file inclusion vulnerabilities in interact 2.2, wh ...)
 	NOT-FOR-US: interact
-CVE-2006-4447
+CVE-2006-4447 (X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtran ...)
 	{DSA-1193-1}
 	- xbase-clients 1:7.1.ds-2 (unimportant)
 	- xtrans 1.0.0-6 (unimportant)
@@ -6235,318 +6235,318 @@ CVE-2006-4447
 	- libx11 2:1.0.0-7 (unimportant)
 	- xdm 1:1.0.5-1 (unimportant)
 	- xterm <unfixed> (unimportant)
-CVE-2006-4446
+CVE-2006-4446 (Heap-based buffer overflow in DirectAnimation.PathControl COM object ( ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-4445
 	NOT-FOR-US: CuteNews
-CVE-2006-4444
+CVE-2006-4444 (Multiple SQL injection vulnerabilities in Cybozu Garoon 2.1.0 for Wind ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2006-4443
+CVE-2006-4443 (PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft ...)
 	NOT-FOR-US: AlstraSoft Video Share Enterprise
-CVE-2006-4442
+CVE-2006-4442 (Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0. ...)
 	NOT-FOR-US: iAddressBook
-CVE-2006-4441
+CVE-2006-4441 (Multiple PHP remote file inclusion vulnerabilities in Ay System Soluti ...)
 	NOT-FOR-US: Ay System Solutions CMS
-CVE-2006-4440
+CVE-2006-4440 (PHP remote file inclusion vulnerability in main.php in Ay System Solut ...)
 	NOT-FOR-US: Ay System Solutions CMS
-CVE-2006-4439
+CVE-2006-4439 (pkgadd in Sun Solaris 10 before 20060825 installs files with insecure  ...)
 	NOT-FOR-US: Solaris
-CVE-2006-4438
+CVE-2006-4438 (Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33 ...)
 	NOT-FOR-US: SpIDer for Dr.Web Scanner
-CVE-2006-4437
+CVE-2006-4437 (Eval injection vulnerability in Tagger LE allows remote attackers to e ...)
 	NOT-FOR-US: Tagger LE
-CVE-2006-4602
+CVE-2006-4602 (Unrestricted file upload vulnerability in jhot.php in TikiWiki 1.9.4 S ...)
 	- tikiwiki 1.9.4+dfsg2-3
-CVE-2006-4436
+CVE-2006-4436 (isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Se ...)
 	{DSA-1175-1}
 	- isakmpd 20041012-4 (bug #385894; medium)
-CVE-2006-4435
+CVE-2006-4435 (OpenBSD 3.8, 3.9, and possibly earlier versions allows context-depende ...)
 	NOT-FOR-US: OpenBSD
-CVE-2006-4434
+CVE-2006-4434 (Use-after-free vulnerability in Sendmail before 8.13.8 allows remote a ...)
 	{DSA-1164}
 	- sendmail 8.13.8-1 (bug #385054; medium)
-CVE-2006-4433
+CVE-2006-4433 (PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set ...)
 	- php4 4:4.4.4-1 (unimportant)
 	- php5 5.1.4-0.1 (unimportant)
 	NOTE: Sanitising this is an application's job
-CVE-2006-4432
+CVE-2006-4432 (Directory traversal vulnerability in Zend Platform 2.2.1 and earlier a ...)
 	NOT-FOR-US: Zend Platform
-CVE-2006-4431
+CVE-2006-4431 (Multiple buffer overflows in the (a) Session Clustering Daemon and the ...)
 	NOT-FOR-US: Zend Platform
-CVE-2006-4430
+CVE-2006-4430 (The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows r ...)
 	NOT-FOR-US: Cisco
 CVE-2006-4429
 	NOT-FOR-US: PHlyMail Lite
 CVE-2006-4428
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-4427
+CVE-2006-4427 (index.php in eFiction before 2.0.7 allows remote attackers to bypass a ...)
 	NOT-FOR-US: eFiction
-CVE-2006-4426
+CVE-2006-4426 (PHP remote file inclusion vulnerability in AES/modules/auth/phpsecurit ...)
 	NOT-FOR-US: AlberT-EasySite
-CVE-2006-4425
+CVE-2006-4425 (Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 al ...)
 	NOT-FOR-US: phpCOIN
-CVE-2006-4424
+CVE-2006-4424 (PHP remote file inclusion vulnerability in coin_includes/constants.php ...)
 	NOT-FOR-US: phpCOIN
-CVE-2006-4423
+CVE-2006-4423 (Multiple PHP remote file inclusion vulnerabilities in Bigace 1.8.2 all ...)
 	NOT-FOR-US: Bigace
 CVE-2006-4422
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-4421
+CVE-2006-4421 (Cross-site scripting (XSS) vulnerability in template/default/thanks_co ...)
 	NOT-FOR-US: Yet Another PHP Image Gallery
-CVE-2006-4420
+CVE-2006-4420 (Directory traversal vulnerability in include_lang.php in Phaos 0.9.2 a ...)
 	NOT-FOR-US: Phaos
-CVE-2006-4419
+CVE-2006-4419 (SQL injection vulnerability in note.php in ProManager 0.73 allows remo ...)
 	NOT-FOR-US: ProManager
-CVE-2006-4418
+CVE-2006-4418 (Directory traversal vulnerability in index.php for Wikepage 2006.2a Op ...)
 	NOT-FOR-US: Wikepage
-CVE-2006-4417
+CVE-2006-4417 (SQL injection vulnerability in edituser.php in Xoops before 2.0.15 all ...)
 	NOT-FOR-US: Xoops
-CVE-2006-4416
+CVE-2006-4416 (Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 ...)
 	NOT-FOR-US: IBM AIX
 CVE-2006-4415
 	RESERVED
 CVE-2006-4414
 	RESERVED
-CVE-2006-4413
+CVE-2006-4413 (Apple Remote Desktop before 3.1 uses insecure permissions for certain  ...)
 	NOT-FOR-US: Apple Remote Desktop
-CVE-2006-4412
+CVE-2006-4412 (WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4411
+CVE-2006-4411 (The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x thr ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4410
+CVE-2006-4410 (The Security Framework in Apple Mac OS X 10.3.9, and 10.4.x before 10. ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4409
+CVE-2006-4409 (The Online Certificate Status Protocol (OCSP) service in the Security  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4408
+CVE-2006-4408 (The Security Framework in Apple Mac OS X 10.4 through 10.4.8 allows re ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4407
+CVE-2006-4407 (The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4406
+CVE-2006-4406 (Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3. ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2006-4405
 	RESERVED
-CVE-2006-4404
+CVE-2006-4404 (The Installer application in Apple Mac OS X 10.4.8 and earlier, when u ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4403
+CVE-2006-4403 (The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access i ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4402
+CVE-2006-4402 (Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4401
+CVE-2006-4401 (Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier al ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4400
+CVE-2006-4400 (Stack-based buffer overflow in the Apple Type Services (ATS) server in ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4399
+CVE-2006-4399 (User interface inconsistency in Workgroup Manager in Apple Mac OS X 10 ...)
 	NOT-FOR-US: Mac OS
-CVE-2006-4398
+CVE-2006-4398 (Multiple buffer overflows in the Apple Type Services (ATS) server in M ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4397
+CVE-2006-4397 (Unchecked error condition in LoginWindow in Apple Mac OS X 10.4 throug ...)
 	NOT-FOR-US: Mac OS
-CVE-2006-4396
+CVE-2006-4396 (The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier do ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-4395
+CVE-2006-4395 (Unspecified vulnerability in QuickDraw Manager in Apple Mac OS X 10.3. ...)
 	NOT-FOR-US: Mac OS
-CVE-2006-4394
+CVE-2006-4394 (A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, al ...)
 	NOT-FOR-US: Mac OS
-CVE-2006-4393
+CVE-2006-4393 (Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 throug ...)
 	NOT-FOR-US: Mac OS
-CVE-2006-4392
+CVE-2006-4392 (The Mach kernel, as used in operating systems including (1) Mac OS X 1 ...)
 	NOT-FOR-US: Mac OS
-CVE-2006-4391
+CVE-2006-4391 (Buffer overflow in Apple ImageIO on Apple Mac OS X 10.4 through 10.4.7 ...)
 	NOT-FOR-US: Mac OS
-CVE-2006-4390
+CVE-2006-4390 (CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remo ...)
 	NOT-FOR-US: Mac OS
-CVE-2006-4389
+CVE-2006-4389 (Apple QuickTime before 7.1.3 allows user-assisted remote attackers to  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2006-4388
+CVE-2006-4388 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2006-4387
+CVE-2006-4387 (Apple Mac OS X 10.4 through 10.4.7, when the administrator clears the  ...)
 	NOT-FOR-US: Mac OS
-CVE-2006-4386
+CVE-2006-4386 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2006-4385
+CVE-2006-4385 (Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted r ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2006-4384
+CVE-2006-4384 (Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user ...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2006-4383
 	RESERVED
-CVE-2006-4382
+CVE-2006-4382 (Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-a ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2006-4381
+CVE-2006-4381 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2006-4380
+CVE-2006-4380 (MySQL before 4.1.13 allows local users to cause a denial of service (p ...)
 	{DSA-1169}
 	- mysql-dfsg-5.0 <not-affected> (only 4.1 affected)
 	- mysql-dfsg <not-affected> (only 4.1 affected)
 	- mysql-dfsg-4.1 <removed>
-CVE-2006-4379
+CVE-2006-4379 (Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaborati ...)
 	NOT-FOR-US: Ipswitch Collaboration 2006 Suite
 CVE-2006-4378
 	NOT-FOR-US: Rssxt component for Joomla! (com_rssxt)
-CVE-2006-4377
+CVE-2006-4377 (Multiple SQL injection vulnerabilities in Guder und Koch Netzwerktechn ...)
 	NOT-FOR-US: Eichhorn Portal
-CVE-2006-4376
+CVE-2006-4376 (Multiple cross-site scripting (XSS) vulnerabilities in Guder und Koch  ...)
 	NOT-FOR-US: Eichhorn Portal
 CVE-2006-4375
 	NOT-FOR-US: Contacts XTD (ContXTD) component for Mambo (com_contxtd)
-CVE-2006-4374
+CVE-2006-4374 (IrfanView 3.98 (with plugins) allows user-assisted attackers to cause  ...)
 	NOT-FOR-US: IrfanView
-CVE-2006-4373
+CVE-2006-4373 (PHP remote file inclusion vulnerability in modules/visitors2/include/c ...)
 	NOT-FOR-US: pSlash
-CVE-2006-4372
+CVE-2006-4372 (PHP remote file inclusion vulnerability in admin.lurm_constructor.php  ...)
 	NOT-FOR-US: Lurm Constructor component (com_lurm_constructor) for Mambo
-CVE-2006-4371
+CVE-2006-4371 (Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 a ...)
 	NOT-FOR-US: Alt-N WebAdmin
-CVE-2006-4370
+CVE-2006-4370 (Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibl ...)
 	NOT-FOR-US: Alt-N WebAdmin
-CVE-2006-4369
+CVE-2006-4369 (Absolute path traversal vulnerability in includes/functions_portal.php ...)
 	NOT-FOR-US: IntegraMOD Portal
-CVE-2006-4368
+CVE-2006-4368 (PHP remote file inclusion vulnerability in includes/functions_portal.p ...)
 	NOT-FOR-US: IntegraMOD Portal
-CVE-2006-4367
+CVE-2006-4367 (SQL injection vulnerability in alltopics.php in the All Topics Hack 1. ...)
 	NOT-FOR-US: All Topics Hack for phpBB
-CVE-2006-4366
+CVE-2006-4366 (PHP remote file inclusion vulnerability in index.php in RedBLoG 0.5 al ...)
 	NOT-FOR-US: RedBLoG
-CVE-2006-4365
+CVE-2006-4365 (Multiple PHP remote file inclusion vulnerabilities in VistaBB 2.0.33 a ...)
 	NOT-FOR-US: VistaBB
-CVE-2006-4364
+CVE-2006-4364 (Multiple heap-based buffer overflows in the POP3 server in Alt-N Techn ...)
 	NOT-FOR-US: Alt-N Technologies MDaemon
-CVE-2006-4363
+CVE-2006-4363 (PHP remote file inclusion vulnerability in admin.cropcanvas.php in the ...)
 	NOT-FOR-US: CropImage component (com_cropimage) for Mambo
-CVE-2006-4362
+CVE-2006-4362 (Cross-site scripting (XSS) vulnerability in getad.php in Diesel Paid M ...)
 	NOT-FOR-US: Diesel Paid Mail
-CVE-2006-4361
+CVE-2006-4361 (Multiple cross-site scripting (XSS) vulnerabilities in jobseekers/forg ...)
 	NOT-FOR-US: Diesel Job Site
-CVE-2006-4360
+CVE-2006-4360 (Cross-site scripting (XSS) vulnerability in E-commerce 4.7 for Drupal  ...)
 	NOT-FOR-US: E-commerce for Drupal
-CVE-2006-4359
+CVE-2006-4359 (Stack-based buffer overflow in Trident Software PowerZip 7.06 Build 38 ...)
 	NOT-FOR-US: PowerZip
-CVE-2006-4358
+CVE-2006-4358 (Cross-site scripting (XSS) vulnerability in index.php in Diesel Pay al ...)
 	NOT-FOR-US: Diesel Pay
-CVE-2006-4357
+CVE-2006-4357 (PHP remote file inclusion vulnerability in clients/index.php in Diesel ...)
 	NOT-FOR-US: Diesel Smart Traffic
-CVE-2006-4356
+CVE-2006-4356 (SQL injection vulnerability in Drupal Easylinks Module (easylinks.modu ...)
 	NOT-FOR-US: Easylinks Module for Drupal
-CVE-2006-4355
+CVE-2006-4355 (Cross-site scripting (XSS) vulnerability in Drupal Easylinks Module (e ...)
 	NOT-FOR-US: Easylinks Module for Drupal
-CVE-2006-4354
+CVE-2006-4354 (PHP remote file inclusion vulnerability in e/class/CheckLevel.php in P ...)
 	NOT-FOR-US: Phome Empire CMS
-CVE-2006-4353
+CVE-2006-4353 (Unspecified vulnerability in Sun Java System Content Delivery Server 4 ...)
 	NOT-FOR-US: Sun Java System Content Delivery Server
-CVE-2006-4352
+CVE-2006-4352 (The ArrowPoint cookie functionality for Cisco 11000 series Content Ser ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4351
+CVE-2006-4351 (Cross-site scripting (XSS) vulnerability in index.php in OneOrZero 1.6 ...)
 	NOT-FOR-US: OneOrZero
-CVE-2006-4350
+CVE-2006-4350 (SQL injection vulnerability in index.php in OneOrZero 1.6.4.1 allows r ...)
 	NOT-FOR-US: OneOrZero
 CVE-2006-4349
 	NOT-FOR-US: ToendaCMS
-CVE-2006-4348
+CVE-2006-4348 (PHP remote file inclusion vulnerability in config.kochsuite.php in the ...)
 	NOT-FOR-US: Kochsuite (com_kochsuite) component for Mambo and Joomla!
-CVE-2006-4347
+CVE-2006-4347 (SQL injection vulnerability in user logon authentication request handl ...)
 	NOT-FOR-US: Cool Manager
-CVE-2006-4346
+CVE-2006-4346 (Asterisk 1.2.10 supports the use of client-controlled variables to det ...)
 	- asterisk 1:1.2.11.dfsg-1 (medium; bug #385060)
-CVE-2006-4345
+CVE-2006-4345 (Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in Asteris ...)
 	- asterisk 1:1.2.11.dfsg-1 (medium; bug #385060)
-CVE-2006-4344
+CVE-2006-4344 (CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) bef ...)
 	NOT-FOR-US: CGI-Rescue Mail F/W System
-CVE-2006-4343
+CVE-2006-4343 (The get_server_hello function in the SSLv2 client code in OpenSSL 0.9. ...)
 	{DSA-1195-1 DSA-1185-2}
 	- openssl 0.9.8c-2 (bug #389940)
 	- openssl097 0.9.7k-2
 	- openssl096 <removed>
-CVE-2006-4342
+CVE-2006-4342 (The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, ...)
 	- linux-2.6 <not-affected> (Flaw specific to Red Hat backport)
 CVE-2006-4341
 	REJECTED
-CVE-2006-4340
+CVE-2006-4340 (Mozilla Network Security Service (NSS) library before 3.11.3, as used  ...)
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-60, this is the similar to CVE-2006-4339
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
 	- thunderbird 1.5.0.7-1 (high)
 	- xulrunner 1.8.0.7-1 (high)
-CVE-2006-4339
+CVE-2006-4339 (OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, wh ...)
 	{DSA-1174-1 DSA-1173-1}
 	- openssl 0.9.8b-3 (medium)
 	- openssl097 0.9.7i-2 (medium)
 	- openssl096 <removed>
-CVE-2006-4338
+CVE-2006-4338 (unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent at ...)
 	{DSA-1181-1}
 	- gzip 1.3.5-15 (medium)
 	- lha 1.14i-10.1 (medium; bug #401301)
 	[sarge] - lha <no-dsa> (Non-free not supported)
 	[etch] - lha <no-dsa> (Non-free not supported)
-CVE-2006-4337
+CVE-2006-4337 (Buffer overflow in the make_table function in the LHZ component in gzi ...)
 	{DSA-1181-1}
 	- gzip 1.3.5-15 (high)
 	- lha 1.14i-10.1 (high; bug #401301)
 	[sarge] - lha <no-dsa> (Non-free not supported)
 	[etch] - lha <no-dsa> (Non-free not supported)
-CVE-2006-4336
+CVE-2006-4336 (Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5  ...)
 	{DSA-1181-1}
 	- gzip 1.3.5-15 (high)
-CVE-2006-4335
+CVE-2006-4335 (Array index error in the make_table function in unlzh.c in the LZH dec ...)
 	{DSA-1181-1}
 	- gzip 1.3.5-15 (high)
 	- lha 1.14i-10.1 (high; bug #401301)
 	[sarge] - lha <no-dsa> (Non-free not supported)
 	[etch] - lha <no-dsa> (Non-free not supported)
-CVE-2006-4334
+CVE-2006-4334 (Unspecified vulnerability in gzip 1.3.5 allows context-dependent attac ...)
 	{DSA-1974-1 DSA-1181-1}
 	- gzip 1.3.5-15 (high)
-CVE-2006-4333
+CVE-2006-4333 (The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 all ...)
 	{DSA-1171}
 	- wireshark 0.99.2-5.1 (low; bug #384529)
 	- ethereal <removed> (low; bug #384528)
-CVE-2006-4332
+CVE-2006-4332 (Unspecified vulnerability in the DHCP dissector in Wireshark (formerly ...)
 	- wireshark <not-affected> (windows only)
 	- ethereal <not-affected> (windows only)
-CVE-2006-4331
+CVE-2006-4331 (Multiple off-by-one errors in the IPSec ESP preference parser in Wires ...)
 	- wireshark 0.99.2-5.1 (medium; bug #384529)
 	- ethereal <not-affected> (only wireshark 0.99.2 affected)
-CVE-2006-4330
+CVE-2006-4330 (Unspecified vulnerability in the SCSI dissector in Wireshark (formerly ...)
 	- wireshark 0.99.2-5 (medium; bug #384529)
 	- ethereal <not-affected> (only wireshark 0.99.2 affected)
-CVE-2006-4329
+CVE-2006-4329 (Multiple PHP remote file inclusion vulnerabilities in Shadows Rising R ...)
 	NOT-FOR-US: Shadows Rising
-CVE-2006-4328
+CVE-2006-4328 (SQL injection vulnerability in admin.php in CloudNine Interactive Link ...)
 	NOT-FOR-US: CloudNine
-CVE-2006-4327
+CVE-2006-4327 (Multiple cross-site scripting (XSS) vulnerabilities in add_url.php in  ...)
 	NOT-FOR-US: CloudNine
-CVE-2006-4326
+CVE-2006-4326 (Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, I ...)
 	NOT-FOR-US: Ichitaro
-CVE-2006-4325
+CVE-2006-4325 (Cross-site scripting (XSS) vulnerability in gbook.php in Doika guestbo ...)
 	NOT-FOR-US: Doika
-CVE-2006-4324
+CVE-2006-4324 (Cross-site scripting (XSS) vulnerability in add_url2.php in CityForFre ...)
 	NOT-FOR-US: CityForFree
-CVE-2006-4323
+CVE-2006-4323 (SQL injection vulnerability in list.php in CityForFree indexcity 1.0,  ...)
 	NOT-FOR-US: CityForFree
-CVE-2006-4322
+CVE-2006-4322 (PHP remote file inclusion vulnerability in estateagent.php in the Esta ...)
 	NOT-FOR-US: Mambo
-CVE-2006-4321
+CVE-2006-4321 (PHP remote file inclusion vulnerability in cpg.php in the Coppermine P ...)
 	NOT-FOR-US: Mambo
-CVE-2006-4320
+CVE-2006-4320 (PHP remote file inclusion vulnerability in sef.php in the OpenSEF 2.0. ...)
 	NOT-FOR-US: OpenSEF for Joomla
-CVE-2006-4319
+CVE-2006-4319 (Buffer overflow in the format command in Solaris 8, 9, and 10 allows l ...)
 	NOT-FOR-US: Solaris
-CVE-2006-4318
+CVE-2006-4318 (Buffer overflow in WFTPD Server 3.23 allows remote attackers to execut ...)
 	NOT-FOR-US: WFTPD
-CVE-2006-4317
+CVE-2006-4317 (Cross-site scripting (XSS) vulnerability in attachment.php in WoltLab  ...)
 	NOT-FOR-US: WoltLab
-CVE-2006-4316
+CVE-2006-4316 (SSH Tectia Management Agent 2.1.2 allows local users to gain root priv ...)
 	NOT-FOR-US: SSH Tectia Management Agent
-CVE-2006-4315
+CVE-2006-4315 (Unquoted Windows search path vulnerability in multiple SSH Tectia prod ...)
 	NOT-FOR-US: SSH Tectia Management Agent
-CVE-2006-4314
+CVE-2006-4314 (The manager server in Symantec Enterprise Security Manager (ESM) 6 and ...)
 	NOT-FOR-US: Symantec
-CVE-2006-4313
+CVE-2006-4313 (Multiple unspecified vulnerabilities in Cisco VPN 3000 series concentr ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4312
+CVE-2006-4312 (Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive  ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4311
+CVE-2006-4311 (PHP remote file inclusion vulnerability in Sonium Enterprise Adressboo ...)
 	NOT-FOR-US: Sonium Enterprise Adressbook
-CVE-2006-4310
+CVE-2006-4310 (Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of s ...)
 	{DSA-1227-1 DSA-1225-1 DSA-1224-1}
 	- firefox 45.0-1
 	- firefox-esr 45.0esr-1
@@ -6554,124 +6554,124 @@ CVE-2006-4310
 	- mozilla <removed>
 	- mozilla-firefox <removed>
 	- xulrunner 1.8.0.8-1
-CVE-2006-4309
+CVE-2006-4309 (VNC server on the AK-Systems Windows Terminal 1.2.5 ExVLP is not passw ...)
 	NOT-FOR-US: AK-Systems Windows Terminal
-CVE-2006-4308
+CVE-2006-4308 (Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Lear ...)
 	NOT-FOR-US: Blackboard Learning System
-CVE-2006-4307
+CVE-2006-4307 (Unspecified vulnerability in the format command in Sun Solaris 8 and 9 ...)
 	NOT-FOR-US: Solaris
-CVE-2006-4306
+CVE-2006-4306 (Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allow ...)
 	NOT-FOR-US: Solaris
-CVE-2006-4305
+CVE-2006-4305 (Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote att ...)
 	{DSA-1190-1}
 	- maxdb-7.5.00 7.5.00.34-5 (high; bug #386182)
-CVE-2006-4304
+CVE-2006-4304 (Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD ...)
 	- kfreebsd-5 5.4-18 (bug #391289)
 	[etch] - kfreebsd-5 <no-dsa> (Etch doesn't have security support for the FreeBSD kernel)
-CVE-2006-4303
+CVE-2006-4303 (Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun Solar ...)
 	NOT-FOR-US: Solaris
-CVE-2006-4302
+CVE-2006-4302 (The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Star ...)
 	- sun-java5 1.5.0-07-1
-CVE-2006-4301
+CVE-2006-4301 (Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4300
+CVE-2006-4300 (SQL injection vulnerability in comments.asp in SimpleBlog 2.0 and earl ...)
 	NOT-FOR-US: SimpleBlog
-CVE-2006-4299
+CVE-2006-4299 (Cross-site scripting (XSS) vulnerability in tiki-searchindex.php in Ti ...)
 	- tikiwiki 1.9.4+dfsg2-2 (low; bug #384796)
-CVE-2006-4298
+CVE-2006-4298 (Multiple directory traversal vulnerabilities in cache.php in osCommerc ...)
 	NOT-FOR-US: osCommerce
-CVE-2006-4297
+CVE-2006-4297 (SQL injection vulnerability in shopping_cart.php in osCommerce before  ...)
 	NOT-FOR-US: osCommerce
-CVE-2006-4296
+CVE-2006-4296 (PHP remote file inclusion vulnerability in classes/Tar.php in bigAPE-B ...)
 	NOT-FOR-US: bigAPE-Backup component (com_babackup) for Mambo
-CVE-2006-4295
+CVE-2006-4295 (Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda Activ ...)
 	NOT-FOR-US: Panda ActiveScan
-CVE-2006-4294
+CVE-2006-4294 (Directory traversal vulnerability in viewfile in TWiki 4.0.0 through 4 ...)
 	- twiki 1:4.0.4-3 (bug #389267; low)
-CVE-2006-4293
+CVE-2006-4293 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow ...)
 	NOT-FOR-US: cPanel
-CVE-2006-4292
+CVE-2006-4292 (Unspecified vulnerability in Niels Provos Honeyd before 1.5b allows re ...)
 	- honeyd 1.5b-1 (low; bug #384806)
 	[sarge] - honeyd <no-dsa> (Minor issue)
-CVE-2006-4291
+CVE-2006-4291 (PHP remote file inclusion vulnerability in handlers/email/mod.listmail ...)
 	NOT-FOR-US: PHlyMail Lite
-CVE-2006-4290
+CVE-2006-4290 (Directory traversal vulnerability in Sony VAIO Media Server 2.x, 3.x,  ...)
 	NOT-FOR-US: Sony
-CVE-2006-4289
+CVE-2006-4289 (Buffer overflow in Sony VAIO Media Server 2.x, 3.x, 4.x, and 5.x befor ...)
 	NOT-FOR-US: Sony
-CVE-2006-4288
+CVE-2006-4288 (PHP remote file inclusion vulnerability in admin.a6mambocredits.php in ...)
 	NOT-FOR-US: a6mambocredits component (com_a6mambocredits) for Mambo
-CVE-2006-4287
+CVE-2006-4287 (Multiple PHP remote file inclusion vulnerabilities in NES Game and NES ...)
 	NOT-FOR-US: NES Game and NES System
 CVE-2006-4286
 	NOT-FOR-US: contentpublisher component (com_contentpublisher) for Mambo
-CVE-2006-4285
+CVE-2006-4285 (PHP remote file inclusion vulnerability in news.php in Fantastic News  ...)
 	NOT-FOR-US: Fantastic News
-CVE-2006-4284
+CVE-2006-4284 (SQL injection vulnerability in comments.asp in LBlog 1.05 and earlier  ...)
 	NOT-FOR-US: LBlog
-CVE-2006-4283
+CVE-2006-4283 (Multiple PHP remote file inclusion vulnerabilities in SOLMETRA SPAW Ed ...)
 	NOT-FOR-US: SOLMETRA SPAW Editor
-CVE-2006-4282
+CVE-2006-4282 (PHP remote file inclusion vulnerability in MamboLogin.php in the Mambo ...)
 	NOT-FOR-US: MamboWiki component (com_mambowiki) for Mambo and Joomla!
-CVE-2006-4281
+CVE-2006-4281 (PHP remote file inclusion vulnerability in akocomments.php in AkoComme ...)
 	NOT-FOR-US: AkoComment 1.1 module (com_akocomment) for Mambo
 CVE-2006-4280
 	NOT-FOR-US: ANJEL (formerly MaMML) Component (com_anjel) for Mambo
-CVE-2006-4279
+CVE-2006-4279 (SQL injection vulnerability in topic_post.php in XennoBB 2.2.1 and ear ...)
 	NOT-FOR-US: XennoBB
-CVE-2006-4278
+CVE-2006-4278 (PHP remote file inclusion vulnerability in includes/layout/plain.foote ...)
 	NOT-FOR-US: SportsPHool
-CVE-2006-4277
+CVE-2006-4277 (Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 a ...)
 	NOT-FOR-US: Tutti Nova
-CVE-2006-4276
+CVE-2006-4276 (PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier  ...)
 	NOT-FOR-US: Tutti Nova
-CVE-2006-4275
+CVE-2006-4275 (PHP remote file inclusion vulnerability in catalogshop.php in the Cata ...)
 	NOT-FOR-US: CatalogShop component for Mambo (com_catalogshop)
 CVE-2006-4274
 	REJECTED
-CVE-2006-4273
+CVE-2006-4273 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 3.5.4 an ...)
 	NOT-FOR-US: Jelsoft vBulletin
 CVE-2006-4272
 	NOT-FOR-US: Jelsoft vBulletin
 CVE-2006-4271
 	NOT-FOR-US: Jelsoft vBulletin
-CVE-2006-4270
+CVE-2006-4270 (PHP remote file inclusion vulnerability in mambelfish.class.php in the ...)
 	NOT-FOR-US: mambelfish component (com_mambelfish) for Mambo
 CVE-2006-4269
 	NOT-FOR-US: x-shop component (com_x-shop) for Mambo and Joomla!
-CVE-2006-4268
+CVE-2006-4268 (Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.11 ...)
 	NOT-FOR-US: CubeCart
-CVE-2006-4267
+CVE-2006-4267 (Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and earlier  ...)
 	NOT-FOR-US: CubeCart
-CVE-2006-4266
+CVE-2006-4266 (Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, ...)
 	NOT-FOR-US: Symantec
-CVE-2006-4265
+CVE-2006-4265 (Kaspersky Anti-Hacker 1.8.180, when Stealth Mode is enabled, allows re ...)
 	NOT-FOR-US: Kaspersky
 CVE-2006-4264
 	NOT-FOR-US: lmtg_myhomepage Component (com_lmtg_myhomepage) for Mambo
-CVE-2006-4263
+CVE-2006-4263 (Multiple PHP remote file inclusion vulnerabilities in the Product Scro ...)
 	NOT-FOR-US: mambo-phpshop (com_phpshop) for Mambo and Joomla!
-CVE-2006-4262
+CVE-2006-4262 (Multiple buffer overflows in cscope 15.5 and earlier allow user-assist ...)
 	{DSA-1186-1}
 	- cscope 15.5+cvs20060902-1 (low; bug #385893)
 CVE-2006-4261
 	REJECTED
-CVE-2006-4260
+CVE-2006-4260 (Directory traversal vulnerability in index.php in Fotopholder 1.8 allo ...)
 	NOT-FOR-US: Fotopholder
-CVE-2006-4259
+CVE-2006-4259 (Cross-site scripting (XSS) vulnerability in index.php in Fotopholder 1 ...)
 	NOT-FOR-US: Fotopholder
-CVE-2006-4258
+CVE-2006-4258 (Absolute path traversal vulnerability in the get functionality in Anti ...)
 	NOT-FOR-US: Anti-Spam SMTP Proxy
-CVE-2006-4257
+CVE-2006-4257 (IBM DB2 Universal Database (UDB) before 8.1 FixPak 13 allows remote au ...)
 	NOT-FOR-US: IBM DB2
-CVE-2006-4256
+CVE-2006-4256 (index.php in Horde Application Framework before 3.1.2 allows remote at ...)
 	{DSA-1406-1}
 	- horde3 3.1.3-1 (low; bug #383416)
-CVE-2006-4255
+CVE-2006-4255 (Cross-site scripting (XSS) vulnerability in horde/imp/search.php in Ho ...)
 	- imp4 4.1.3-1 (low; bug #383416)
-CVE-2006-4254
+CVE-2006-4254 (Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2006-4253
+CVE-2006-4253 (Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allow ...)
 	NOTE: MFSA-2006-59
 	- xulrunner 1.8.0.7-1 (medium)
 	- firefox 1.5.dfsg+1.5.0.7-1 (medium)
@@ -6681,139 +6681,139 @@ CVE-2006-4253
 	[sarge] - mozilla <unfixed> (unimportant)
 	[sarge] - mozilla-thunderbird <unfixed> (unimportant)
 	NOTE: On Sarge this is only a crasher, code injection is only possible for Firefox 1.5 et al.
-CVE-2006-4252
+CVE-2006-4252 (PowerDNS Recursor 3.1.3 and earlier allows remote attackers to cause a ...)
 	- pdns-recursor 3.1.4-1 (bug #398559)
 	- pdns <not-affected> (Recursor module has been moved to pdns-recursor)
-CVE-2006-4251
+CVE-2006-4251 (Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow rem ...)
 	{DSA-1211}
 	- pdns-recursor 3.1.4-1 (bug #398557; high)
 	- pdns 2.9.20-4
 	NOTE: Recursor module has been moved to pdns-recursor
-CVE-2006-4250
+CVE-2006-4250 (Buffer overflow in man and mandb (man-db) 2.4.3 and earlier allows loc ...)
 	{DSA-1278-1}
 	- man-db 2.4.3-5
-CVE-2006-4249
+CVE-2006-4249 (Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when ano ...)
 	- zope-cmfplone 2.5.1-3 (bug #401796)
 	[sarge] - zope-cmfplone <not-affected> (Vulnerable code not present)
-CVE-2006-4248
+CVE-2006-4248 (thttpd on Debian GNU/Linux, and possibly other distributions, allows l ...)
 	{DSA-1205-1}
 	- thttpd 2.23beta1-5 (bug #396277)
-CVE-2006-4247
+CVE-2006-4247 (Unspecified vulnerability in the Password Reset Tool before 0.4.1 on P ...)
 	[sarge] - zope-cmfplone <not-affected> (Vulnerable code not present)
 	- zope-cmfplone 2.5.1-1
-CVE-2006-4246
+CVE-2006-4246 (Usermin before 1.220 (20060629) allows remote attackers to read arbitr ...)
 	{DSA-1177-1}
 	- usermin <removed> (bug #374609)
 CVE-2006-4245
 	RESERVED
 	- archivemail 0.6.2-2 (bug #385253)
-CVE-2006-4244
+CVE-2006-4244 (SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that  ...)
 	{DSA-1239-1}
 	- sql-ledger 2.6.18-1 (medium; bug #386519)
 CVE-2006-4243 [linux vserver priviledge escalation in remount code]
 	RESERVED
 	- linux-2.6 2.6.17-9
-CVE-2006-4242
+CVE-2006-4242 (PHP remote file inclusion vulnerability in install.jim.php in the JIM  ...)
 	NOT-FOR-US: JIM component for Joomla or Mambo
-CVE-2006-4241
+CVE-2006-4241 (PHP remote file inclusion vulnerability in processor/reporter.sql.php  ...)
 	NOT-FOR-US: Reporter Mambo component (com_reporter)
-CVE-2006-4240
+CVE-2006-4240 (PHP remote file inclusion vulnerability in index.php in Fusion News 3. ...)
 	NOT-FOR-US: Fusion News
-CVE-2006-4239
+CVE-2006-4239 (PHP remote file inclusion vulnerability in include/urights.php in Outr ...)
 	NOT-FOR-US: Outreach Project Tool
-CVE-2006-4238
+CVE-2006-4238 (SQL injection vulnerability in torrents.php in WebTorrent (WTcom) 0.2. ...)
 	NOT-FOR-US: WebTorrent (WTcom)
-CVE-2006-4237
+CVE-2006-4237 (PHP remote file inclusion vulnerability in pageheaderdefault.inc.php i ...)
 	NOT-FOR-US: Invisionix Roaming System Remote (IRSR)
-CVE-2006-4236
+CVE-2006-4236 (Multiple PHP remote file inclusion vulnerabilities in POWERGAP allow r ...)
 	NOT-FOR-US: POWERGAP
-CVE-2006-4235
+CVE-2006-4235 (Buffer overflow in the import project functionality in Sony SonicStage ...)
 	NOT-FOR-US: Sony
-CVE-2006-4234
+CVE-2006-4234 (PHP remote file inclusion vulnerability in classes/query.class.php in  ...)
 	NOT-FOR-US: dotProject
-CVE-2006-4233
+CVE-2006-4233 (Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allow local use ...)
 	NOT-FOR-US: Globus Toolkit
-CVE-2006-4232
+CVE-2006-4232 (Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4. ...)
 	NOT-FOR-US: Globus Toolkit
-CVE-2006-4231
+CVE-2006-4231 (IrfanView 3.98 (with plugins) allows remote attackers to cause a denia ...)
 	NOT-FOR-US: IrfanView
-CVE-2006-4230
+CVE-2006-4230 (Multiple PHP remote file inclusion vulnerabilities in index.php in Liz ...)
 	NOT-FOR-US: Lizge Web Portal
-CVE-2006-4229
+CVE-2006-4229 (PHP remote file inclusion vulnerability in archive.php in the mosListM ...)
 	NOT-FOR-US: mosListMessenger Component (com_lm) for Mambo and Joomla!
-CVE-2006-4228
+CVE-2006-4228 (Symantec Veritas NetBackup PureDisk Remote Office Edition 6.0 before M ...)
 	NOT-FOR-US: Symantec
-CVE-2006-4227
+CVE-2006-4227 (MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid  ...)
 	- mysql-dfsg-5.0 5.0.24-3 (low; bug #384798)
-CVE-2006-4226
+CVE-2006-4226 (MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when ru ...)
 	{DSA-1169}
 	- mysql-dfsg-5.0 5.0.24-3 (low; bug #384798)
 	[sarge] - mysql-dfsg <not-affected> (Vulnerable code not present)
 CVE-2006-4225
 	REJECTED
-CVE-2006-4224
+CVE-2006-4224 (Cross-site scripting (XSS) vulnerability in calendar.php in Virtual Wa ...)
 	NOT-FOR-US: Virtual War
-CVE-2006-4223
+CVE-2006-4223 (IBM WebSphere Application Server (WAS) before 6.0.2.13 allows context- ...)
 	NOT-FOR-US: IBM WebSphere Application
-CVE-2006-4222
+CVE-2006-4222 (Multiple unspecified vulnerabilities in IBM WebSphere Application Serv ...)
 	NOT-FOR-US: IBM WebSphere Application
-CVE-2006-4221
+CVE-2006-4221 (Stack-based buffer overflow in the IBM Access Support eGatherer Active ...)
 	NOT-FOR-US: IBM
-CVE-2006-4220
+CVE-2006-4220 (Multiple cross-site scripting (XSS) vulnerabilities in webacc in Novel ...)
 	NOT-FOR-US: Novell GroupWise WebAccess
-CVE-2006-4219
+CVE-2006-4219 (The Terminal Services COM object (tsuserex.dll) allows remote attacker ...)
 	NOT-FOR-US: Terminal Services COM object
-CVE-2006-4218
+CVE-2006-4218 (Directory traversal vulnerability in Zen Cart 1.3.0.2 and earlier allo ...)
 	NOT-FOR-US: Zen Cart
-CVE-2006-4217
+CVE-2006-4217 (PHP remote file inclusion vulnerability in modules/usersonline/users.p ...)
 	NOT-FOR-US: WEBInsta CMS
 CVE-2006-4216
 	REJECTED
-CVE-2006-4215
+CVE-2006-4215 (PHP remote file inclusion vulnerability in index.php in Zen Cart 1.3.0 ...)
 	NOT-FOR-US: Zen Cart
-CVE-2006-4214
+CVE-2006-4214 (Multiple SQL injection vulnerabilities in Zen Cart 1.3.0.2 and earlier ...)
 	NOT-FOR-US: Zen Cart
-CVE-2006-4213
+CVE-2006-4213 (PHP remote file inclusion vulnerability in config.php in David Kent No ...)
 	NOT-FOR-US: Thatware
-CVE-2006-4212
+CVE-2006-4212 (SQL injection vulnerability in b0zz and Chris Vincent Owl Intranet Eng ...)
 	NOT-FOR-US: Owl Intranet Engine
-CVE-2006-4211
+CVE-2006-4211 (Cross-site scripting (XSS) vulnerability in b0zz and Chris Vincent Owl ...)
 	NOT-FOR-US: Owl Intranet Engine
-CVE-2006-4210
+CVE-2006-4210 (nu_mail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when register ...)
 	NOT-FOR-US: phPay
-CVE-2006-4209
+CVE-2006-4209 (PHP remote file inclusion vulnerability in install3.php in WEBInsta Ma ...)
 	NOT-FOR-US: WEBInsta Mailing List Manager
-CVE-2006-4208
+CVE-2006-4208 (Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB- ...)
 	- wordpress 2.0.5-0.1 (unimportant; bug #384800)
 	NOTE: Only exploitable by admin users, someone with the privilege to backup
 	NOTE: your data must be trustworthy
-CVE-2006-4207
+CVE-2006-4207 (Multiple PHP remote file inclusion vulnerabilities in Bob Jewell Discl ...)
 	NOT-FOR-US: Discloser
-CVE-2006-4206
+CVE-2006-4206 (Cross-site scripting (XSS) vulnerability in calendar.asp in ASPPlaygro ...)
 	NOT-FOR-US: ASPPlayground.NET Forum Advanced Edition
-CVE-2006-4205
+CVE-2006-4205 (Multiple PHP remote file inclusion vulnerabilities in WebDynamite Proj ...)
 	NOT-FOR-US: WebDynamite ProjectButler
-CVE-2006-4204
+CVE-2006-4204 (Multiple PHP remote file inclusion vulnerabilities in PHProjekt 5.1 an ...)
 	NOT-FOR-US: PHProjekt
-CVE-2006-4203
+CVE-2006-4203 (PHP remote file inclusion vulnerability in help.mmp.php in the MMP Com ...)
 	NOT-FOR-US: MMP Component (com_mmp) for Mambo
-CVE-2006-4202
+CVE-2006-4202 (SQL injection vulnerability in proje_goster.php in Spidey Blog Script  ...)
 	NOT-FOR-US: Spidey Blog Script
-CVE-2006-4201
+CVE-2006-4201 (Unspecified vulnerability in the backup agent and Cell Manager in HP O ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2006-4200
+CVE-2006-4200 (Unspecified vulnerability in 04WebServer 1.83 and earlier allows remot ...)
 	NOT-FOR-US: 04WebServer
-CVE-2006-4199
+CVE-2006-4199 (Cross-site scripting (XSS) vulnerability in Soft3304 04WebServer 1.83  ...)
 	NOT-FOR-US: 04WebServer
-CVE-2006-4198
+CVE-2006-4198 (PHP remote file inclusion vulnerability in includes/session.php in Whe ...)
 	NOT-FOR-US: Wheatblog
-CVE-2006-4197
+CVE-2006-4197 (Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBra ...)
 	{DSA-1162}
 	- libmusicbrainz-2.1 2.1.4-1 (medium; bug #383030)
 	- libmusicbrainz-2.0 <removed> (medium; bug #383031)
-CVE-2006-4196
+CVE-2006-4196 (PHP remote file inclusion vulnerability in index.php in WEBInsta CMS 0 ...)
 	NOT-FOR-US: WEBInsta CMS
-CVE-2006-4195
+CVE-2006-4195 (PHP remote file inclusion vulnerability in param.peoplebook.php in the ...)
 	NOT-FOR-US: Peoplebook Component for Mambo (com_peoplebook)
 CVE-2006-XXXX [gallery2 session ID disclosure]
 	- gallery2 2.1.2-1
@@ -6822,90 +6822,90 @@ CVE-2006-XXXX [insecure filehandling in mysql_upgrade]
 	NOTE: mysql_upgrade not in 4.x
 CVE-2006-4194
 	NOT-FOR-US: Cisco
-CVE-2006-4193
+CVE-2006-4193 (Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows ...)
 	NOT-FOR-US: MS IE
-CVE-2006-4192
+CVE-2006-4192 (Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and  ...)
 	- libmodplug 1:0.7-5.2 (medium; bug #383574)
 	- gst-plugins-bad0.10 0.10.3-3.1 (medium; bug #407956)
-CVE-2006-4191
+CVE-2006-4191 (Directory traversal vulnerability in memcp.php in XMB (Extreme Message ...)
 	NOT-FOR-US: XMB
-CVE-2006-4190
+CVE-2006-4190 (Directory traversal vulnerability in autohtml.php in the AutoHTML modu ...)
 	NOT-FOR-US: PHP-Nuke module AutoHTML
-CVE-2006-4189
+CVE-2006-4189 (Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allo ...)
 	NOT-FOR-US: Dolphin
-CVE-2006-4188
+CVE-2006-4188 (Unspecified vulnerability in the LP subsystem in HP-UX B.11.00, B.11.0 ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-4187
+CVE-2006-4187 (Unspecified vulnerability in HP-UX B.11.00, B.11.11 and B.11.23, when  ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-4186
+CVE-2006-4186 (The iManager in eMBoxClient.jar in Novell eDirectory 8.7.3.8 writes pa ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-4185
+CVE-2006-4185 (Unspecified vulnerability in the NCPENGINE in Novell eDirectory 8.7.3. ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2006-4184
+CVE-2006-4184 (SmartLine DeviceLock before 5.73 Build 305 does not properly enforce a ...)
 	NOT-FOR-US: SmartLine DeviceLock
-CVE-2006-4183
+CVE-2006-4183 (Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) an ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4182
+CVE-2006-4182 (Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions befor ...)
 	{DSA-1196-1}
 	- clamav 0.88.5-1 (high; bug #393445)
-CVE-2006-4181
+CVE-2006-4181 (Format string vulnerability in the sqllog function in the SQL accounti ...)
 	NOT-FOR-US: GNU Radius
 CVE-2006-4180
 	REJECTED
 CVE-2006-4179
 	RESERVED
-CVE-2006-4178
+CVE-2006-4178 (Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and  ...)
 	- kfreebsd-5 <removed> (bug #391289; low)
 	[etch] - kfreebsd-5 <no-dsa> (Etch doesn't have security support for the FreeBSD kernel)
-CVE-2006-4177
+CVE-2006-4177 (Heap-based buffer overflow in the NCP engine in Novell eDirectory befo ...)
 	NOT-FOR-US: Novell eDirectory
 CVE-2006-4176
 	RESERVED
-CVE-2006-4175
+CVE-2006-4175 (The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Pat ...)
 	NOT-FOR-US: Sun Java System Directory Server
 CVE-2006-4174
 	RESERVED
 CVE-2006-4173
 	RESERVED
-CVE-2006-4172
+CVE-2006-4172 (Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5 ...)
 	- kfreebsd-5 <removed> (bug #391289; low)
 	[etch] - kfreebsd-5 <no-dsa> (Etch doesn't have security support for the FreeBSD kernel)
 CVE-2006-4171
 	RESERVED
 CVE-2006-4170
 	REJECTED
-CVE-2006-4169
+CVE-2006-4169 (Multiple directory traversal vulnerabilities in the G/PGP (GPG) Plugin ...)
 	NOT-FOR-US: G/PGP (GPG) plugin for Squirrelmail
-CVE-2006-4168
+CVE-2006-4168 (Integer overflow in the exif_data_load_data_entry function in libexif/ ...)
 	{DSA-1310-1}
 	- libexif 0.6.16-1 (bug #430012)
 CVE-2006-4167
 	RESERVED
-CVE-2006-4166
+CVE-2006-4166 (PHP remote file inclusion vulnerability in TinyWebGallery 1.5 and earl ...)
 	NOT-FOR-US: TinyWebGallery
-CVE-2006-4165
+CVE-2006-4165 (Cross-site scripting (XSS) vulnerability in NetCommons 1.0.8 and earli ...)
 	NOT-FOR-US: NetCommons
-CVE-2006-4164
+CVE-2006-4164 (PHP remote file inclusion vulnerability in inc/header.inc.php in phpPr ...)
 	NOT-FOR-US: phpPrintAnalyzer
 CVE-2006-4163
 	NOT-FOR-US: miniBloggie
-CVE-2006-4162
+CVE-2006-4162 (Cross-site scripting (XSS) vulnerability in Dragonfly CMS 9.0.6.1 and  ...)
 	NOT-FOR-US: Dragonfly CMS
-CVE-2006-4161
+CVE-2006-4161 (Directory traversal vulnerability in the avatar_gallery action in prof ...)
 	NOT-FOR-US: XennoBB
-CVE-2006-4160
+CVE-2006-4160 (Multiple PHP remote file inclusion vulnerabilities in Tony Bibbs and V ...)
 	NOT-FOR-US: MVCnPHP
-CVE-2006-4159
+CVE-2006-4159 (Multiple PHP remote file inclusion vulnerabilities in Chaussette 08070 ...)
 	NOT-FOR-US: Chaussette
-CVE-2006-4158
+CVE-2006-4158 (PHP remote file inclusion vulnerability in Login.php in Spaminator 1.7 ...)
 	NOT-FOR-US: Spaminator
-CVE-2006-4157
+CVE-2006-4157 (Cross-site scripting (XSS) vulnerability in index.php in Yet another B ...)
 	NOT-FOR-US: Yet another Bulletin Board (YaBB)
 CVE-2006-4156
 	NOT-FOR-US: pearlabs mafia moblog
-CVE-2006-4155
+CVE-2006-4155 (Unspecified vulnerability in func_topic_threaded.php (aka threaded vie ...)
 	NOT-FOR-US: Invision Power Board (IPB)
-CVE-2006-4154
+CVE-2006-4154 (Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x a ...)
 	NOT-FOR-US: mod_tcl
 CVE-2006-4153
 	RESERVED
@@ -6921,166 +6921,166 @@ CVE-2006-4148
 	RESERVED
 CVE-2006-4147
 	RESERVED
-CVE-2006-4146
+CVE-2006-4146 (Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2r ...)
 	- gdb 7.3-1 (unimportant)
 	NOTE: Every sensible use of gdb involves executing the debugged binary
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=d53d4ac5aaf62c631e8d915e049eaf3f52fe24c8
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=204841
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/gdb/+bug/62695
-CVE-2006-4145
+CVE-2006-4145 (The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6. ...)
 	{DSA-1184-2}
 	- linux-2.6 2.6.17-7
-CVE-2006-4143
+CVE-2006-4143 (Netgear FVG318 running firmware 1.0.40 allows remote attackers to caus ...)
 	NOT-FOR-US: Netgear
-CVE-2006-4142
+CVE-2006-4142 (SQL injection vulnerability in extra/online.php in Virtual War (VWar)  ...)
 	NOT-FOR-US: Virtual War (VWar)
-CVE-2006-4141
+CVE-2006-4141 (SQL injection vulnerability in news.php in Virtual War (VWar) 1.5.0 an ...)
 	NOT-FOR-US: Virtual War (VWar)
-CVE-2006-4140
+CVE-2006-4140 (Directory traversal vulnerability in IPCheck Server Monitor before 5.3 ...)
 	NOT-FOR-US: IPCheck Server Monitor
-CVE-2006-4139
+CVE-2006-4139 (Race condition in Sun Solaris 10 allows attackers to cause a denial of ...)
 	NOT-FOR-US: Solaris
-CVE-2006-4138
+CVE-2006-4138 (Multiple unspecified vulnerabilities in Microsoft Windows Help File vi ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4137
+CVE-2006-4137 (IBM WebSphere Application Server before 6.1.0.1 allows attackers to ob ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-4136
+CVE-2006-4136 (Multiple unspecified vulnerabilities in IBM WebSphere Application Serv ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2006-4135
 	NOT-FOR-US: Calendarix
-CVE-2006-4134
+CVE-2006-4134 (Unspecified vulnerability related to a "design flaw" in SAP Internet G ...)
 	NOT-FOR-US: SAP
-CVE-2006-4133
+CVE-2006-4133 (Heap-based buffer overflow in SAP Internet Graphics Service (IGS) 6.40 ...)
 	NOT-FOR-US: SAP
-CVE-2006-4132
+CVE-2006-4132 (ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and po ...)
 	NOT-FOR-US: ArcSoft MMS Composer
-CVE-2006-4131
+CVE-2006-4131 (Multiple buffer overflows in ArcSoft MMS Composer 1.5.5.6, and possibl ...)
 	NOT-FOR-US: ArcSoft MMS Composer
-CVE-2006-4130
+CVE-2006-4130 (PHP remote file inclusion vulnerability in admin.remository.php in the ...)
 	NOT-FOR-US: Remository Component (com_remository) for Mambo and Joomla!
-CVE-2006-4129
+CVE-2006-4129 (PHP remote file inclusion vulnerability in admin.webring.docs.php in t ...)
 	NOT-FOR-US: Webring Component (com_webring) for Joomla!
-CVE-2006-4128
+CVE-2006-4128 (Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec f ...)
 	NOT-FOR-US: Symantec VERITAS
-CVE-2006-4127
+CVE-2006-4127 (Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and ea ...)
 	NOT-FOR-US: DConnect Daemon (dcd)
-CVE-2006-4126
+CVE-2006-4126 (The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and earlier  ...)
 	NOT-FOR-US: DConnect Daemon (dcd)
-CVE-2006-4125
+CVE-2006-4125 (Stack-based buffer overflow in main.c in DConnect Daemon 0.7.0 and ear ...)
 	NOT-FOR-US: DConnect Daemon (dcd)
-CVE-2006-4124
+CVE-2006-4124 (The libXm library in LessTif 0.95.0 and earlier allows local users to  ...)
 	- lesstif2 1:0.94.4-1 (bug #382411; medium)
-CVE-2006-4123
+CVE-2006-4123 (PHP remote file inclusion vulnerability in boitenews4/index.php in Boi ...)
 	NOT-FOR-US: Boite de News
-CVE-2006-4122
+CVE-2006-4122 (Simple one-file guestbook 1.0 and earlier allows remote attackers to b ...)
 	NOT-FOR-US: Simple one-file guestbook
-CVE-2006-4121
+CVE-2006-4121 (PHP remote file inclusion vulnerability in owimg.php3 in See-Commerce  ...)
 	NOT-FOR-US: See-Commerce
-CVE-2006-4120
+CVE-2006-4120 (Cross-site scripting (XSS) vulnerability in the Recipe module (recipe. ...)
 	NOT-FOR-US: Recipe module (recipe.module) for Drupal
-CVE-2006-4119
+CVE-2006-4119 (SQL injection vulnerability in gc.php in GeheimChaos 0.5 and earlier a ...)
 	NOT-FOR-US: GeheimChaos
-CVE-2006-4118
+CVE-2006-4118 (Multiple SQL injection vulnerabilities in GeheimChaos 0.5 and earlier  ...)
 	NOT-FOR-US: GeheimChaos
-CVE-2006-4117
+CVE-2006-4117 (The squeue_drain function in Sun Solaris 10, possibly only when run on ...)
 	NOT-FOR-US: Solaris
-CVE-2006-4116
+CVE-2006-4116 (Multiple stack-based buffer overflows in Lhaz before 1.32 allow user-a ...)
 	NOT-FOR-US: Lhaz
-CVE-2006-4115
+CVE-2006-4115 (PHP remote file inclusion vulnerability in common.inc.php in PgMarket  ...)
 	NOT-FOR-US: PgMarket
-CVE-2006-4114
+CVE-2006-4114 (SQL injection vulnerability in view_com.php in Nicolas Grandjean PHPMy ...)
 	NOT-FOR-US: PHPMyRing
-CVE-2006-4113
+CVE-2006-4113 (PHP remote file inclusion vulnerability in genpage-cgi.php in Brian Fr ...)
 	NOT-FOR-US: hitweb
-CVE-2006-4112
+CVE-2006-4112 (Unspecified vulnerability in the "dependency resolution mechanism" in  ...)
 	- rails 1.1.6-1 (bug #382255; medium)
-CVE-2006-4111
+CVE-2006-4111 (Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby cod ...)
 	- rails 1.1.5-1 (bug #382255; medium)
-CVE-2006-4110
+CVE-2006-4110 (Apache 2.2.2, when running on Windows, allows remote attackers to read ...)
 	- apache2 <not-affected> (Affects Apache on Windows only)
-CVE-2006-4109
+CVE-2006-4109 (Cross-site scripting (XSS) vulnerability in Bibliography (biblio.modul ...)
 	NOT-FOR-US: Bibliography (biblio.module) for Drupal
-CVE-2006-4108
+CVE-2006-4108 (SQL injection vulnerability in Bibliography (biblio.module) 4.6 before ...)
 	NOT-FOR-US: Bibliography (biblio.module) for Drupal
-CVE-2006-4107
+CVE-2006-4107 (SQL injection vulnerability in the Job Search module (job.module) 4.6  ...)
 	NOT-FOR-US: Job Search module (job.module) for Drupal
-CVE-2006-4106
+CVE-2006-4106 (Cross-site scripting (XSS) vulnerability in blursoft blur6ex 0.3 allow ...)
 	NOT-FOR-US: blur6ex
-CVE-2006-4105
+CVE-2006-4105 (Cross-site scripting (XSS) vulnerability in Fill Threads Database (FTD ...)
 	NOT-FOR-US: Fill Threads Database
-CVE-2006-4104
+CVE-2006-4104 (Cross-site scripting (XSS) vulnerability in admin.cgi in mojoscripts.c ...)
 	NOT-FOR-US: mojoGallery
-CVE-2006-4103
+CVE-2006-4103 (PHP remote file inclusion vulnerability in article-raw.php in Jason Al ...)
 	NOT-FOR-US: phNNTP
-CVE-2006-4102
+CVE-2006-4102 (PHP remote file inclusion vulnerability in tpl.inc.php in Falko Timme  ...)
 	NOT-FOR-US: SQLiteWebAdmin
 CVE-2006-4101
 	RESERVED
 CVE-2006-4100
 	RESERVED
-CVE-2006-4099
+CVE-2006-4099 (Business Objects Crystal Enterprise 9 and 10 generates predictable ses ...)
 	NOT-FOR-US: Business Objects
-CVE-2006-4098
+CVE-2006-4098 (Stack-based buffer overflow in the CSRadius service in Cisco Secure Ac ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4097
+CVE-2006-4097 (Multiple unspecified vulnerabilities in the CSRadius service in Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4096
+CVE-2006-4096 (BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers ...)
 	{DSA-1172-1}
 	- bind <not-affected> (Not vulnerable according to CERT advisory)
 	- bind9 1:9.3.2-P1-1 (medium; bug #386245; bug #386237)
-CVE-2006-4095
+CVE-2006-4095 (BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers ...)
 	{DSA-1172-1}
 	- bind <not-affected> (Not vulnerable according to CERT advisory)
 	- bind9 1:9.3.2-P1-1 (medium; bug #386245; bug #386237)
 CVE-2006-4094
 	RESERVED
-CVE-2006-4093
+CVE-2006-4093 (Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerP ...)
 	{DSA-1184-2 DSA-1237}
 	- linux-2.6 2.6.17-7
-CVE-2006-4092
+CVE-2006-4092 (Simpliciti Locked Browser does not properly limit a user's actions to  ...)
 	NOT-FOR-US: Simpliciti Locked Browser
-CVE-2006-4091
+CVE-2006-4091 (Multiple cross-site scripting (XSS) vulnerabilities in Archangel Manag ...)
 	NOT-FOR-US: Archangel Weblog
-CVE-2006-4090
+CVE-2006-4090 (Cross-site scripting (XSS) vulnerability in Webligo BlogHoster 2.2 all ...)
 	NOT-FOR-US: Webligo BlogHoster
-CVE-2006-4089
+CVE-2006-4089 (Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earl ...)
 	{DSA-1179-1}
 	- alsaplayer 0.99.76-9 (medium; bug #382842)
-CVE-2006-4088
+CVE-2006-4088 (Multiple cross-site scripting (XSS) vulnerabilities in CivicSpace 0.8. ...)
 	NOT-FOR-US: CivicSpace
-CVE-2006-4087
+CVE-2006-4087 (Cross-site scripting (XSS) vulnerability in admin.cgi in mojoscripts.c ...)
 	NOT-FOR-US: mojoGallery
-CVE-2006-4086
+CVE-2006-4086 (Cross-site scripting (XSS) vulnerability in index.php in Elaine Aquino ...)
 	NOT-FOR-US: Online Zone Journals (OZJournals)
-CVE-2006-4085
+CVE-2006-4085 (PHP remote file inclusion vulnerability in Olaf Noehring The Search En ...)
 	NOT-FOR-US: The Search Engine Project (TSEP)
-CVE-2006-4084
+CVE-2006-4084 (Unspecified vulnerability in phpAutoMembersArea (phpAMA) before 3.2.4  ...)
 	NOT-FOR-US: phpAutoMembersArea (phpAMA)
-CVE-2006-4083
+CVE-2006-4083 (PHP remote file inclusion vulnerability in viewevent.php in myWebland  ...)
 	NOT-FOR-US: myEvent
-CVE-2006-4082
+CVE-2006-4082 (Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcod ...)
 	NOT-FOR-US: Barracuda Spam Firewall
-CVE-2006-4081
+CVE-2006-4081 (preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through  ...)
 	NOT-FOR-US: Barracuda Spam Firewall
-CVE-2006-4080
+CVE-2006-4080 (DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-4079
+CVE-2006-4079 (Cross-site scripting (XSS) vulnerability in newpost.php in DeluxeBB 1. ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-4078
+CVE-2006-4078 (pm.php (aka the PM system) in DeluxeBB 1.08, and possibly earlier, all ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-4077
+CVE-2006-4077 (PHP remote file inclusion vulnerability in CheckUpload.php in Vincenzo ...)
 	NOT-FOR-US: Comet WebFileManager
-CVE-2006-4076
+CVE-2006-4076 (Multiple PHP remote file inclusion vulnerabilities in Wim Fleischhauer ...)
 	NOT-FOR-US: docpile: wim's edition
-CVE-2006-4075
+CVE-2006-4075 (Multiple PHP remote file inclusion vulnerabilities in Wim Fleischhauer ...)
 	NOT-FOR-US: docpile: wim's edition
-CVE-2006-4074
+CVE-2006-4074 (PHP remote file inclusion vulnerability in lib/tpl/default/main.php in ...)
 	NOT-FOR-US: JD-Wiki Component (com_jd-wiki) for Joomla!
-CVE-2006-4073
+CVE-2006-4073 (Multiple PHP remote file inclusion vulnerabilities in Fabian Hainz php ...)
 	NOT-FOR-US: phpCC
-CVE-2006-4072
+CVE-2006-4072 (Multiple SQL injection vulnerabilities in Club-Nuke [XP] 2.0 LCID 2048 ...)
 	NOT-FOR-US: Club-Nuke [XP]
-CVE-2006-4144
+CVE-2006-4144 (Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick  ...)
 	{DSA-1213}
 	- imagemagick 7:6.2.4.5.dfsg1-0.10 (medium; bug #383314)
 	- graphicsmagick 1.1.7-7 (medium; bug #383333)
@@ -7090,100 +7090,100 @@ CVE-2006-XXXX [crash in the certificate verification logic]
 	- gnutls12 1.2.11-3 (unimportant)
 	- gnutls13 1.4.2-1 (unimportant)
 	NOTE: Normal bug, no reliable denial of service potential
-CVE-2006-4071
+CVE-2006-4071 (Sign extension vulnerability in the createBrushIndirect function in th ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4070
+CVE-2006-4070 (Format string vulnerability in Imendio Planner 0.13 allows user-assist ...)
 	NOT-FOR-US: Imendio Planner
-CVE-2006-4069
+CVE-2006-4069 (Multiple cross-site scripting (XSS) vulnerabilities in Elaine Aquino O ...)
 	NOT-FOR-US: Online Zone Journals (OZJournals)
-CVE-2006-4068
+CVE-2006-4068 (The pswd.js script relies on the client to calculate whether a usernam ...)
 	NOT-FOR-US: pswd.js
-CVE-2006-4067
+CVE-2006-4067 (Cross-site scripting (XSS) vulnerability in cake/libs/error.php in Cak ...)
 	- cakephp 1.1.13.4450-1
-CVE-2006-4066
+CVE-2006-4066 (The Graphical Device Interface Plus library (gdiplus.dll) in Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-4065
+CVE-2006-4065 (Multiple PHP remote file inclusion vulnerabilities in Dmitry Sheiko SA ...)
 	NOT-FOR-US: SAPID Gallery
-CVE-2006-4064
+CVE-2006-4064 (SQL injection vulnerability in default.asp in YenerTurk Haber Script 1 ...)
 	NOT-FOR-US: YenerTurk Haber Script
-CVE-2006-4063
+CVE-2006-4063 (Multiple PHP remote file inclusion vulnerabilities in Csaba Godor SAPI ...)
 	NOT-FOR-US: SAPID Blog
-CVE-2006-4062
+CVE-2006-4062 (PHP remote file inclusion vulnerability in usr/extensions/get_tree.inc ...)
 	NOT-FOR-US: SAPID Shop
 CVE-2006-4061
 	NOT-FOR-US: phpPrintAnalyzer
-CVE-2006-4060
+CVE-2006-4060 (PHP remote file inclusion vulnerability in calendar.php in Visual Even ...)
 	NOT-FOR-US: Visual Events Calendar
-CVE-2006-4059
+CVE-2006-4059 (Multiple PHP remote file inclusion vulnerabilities in USOLVED NEWSolve ...)
 	NOT-FOR-US: USOLVED NEWSolved Lite
-CVE-2006-4058
+CVE-2006-4058 (Cross-site scripting (XSS) vulnerability in archive.php in Simplog 0.9 ...)
 	NOT-FOR-US: Simplog
-CVE-2006-4057
+CVE-2006-4057 (Buffer overflow in the preview_create function in gui.cpp in Mitch Mur ...)
 	NOT-FOR-US: Eremove
-CVE-2006-4056
+CVE-2006-4056 (Multiple SQL injection vulnerabilities in the authentication process i ...)
 	NOT-FOR-US: katzlbt The Address Book
-CVE-2006-4055
+CVE-2006-4055 (Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring Th ...)
 	NOT-FOR-US: The Search Engine Project (TSEP)
-CVE-2006-4054
+CVE-2006-4054 (Multiple PHP remote file inclusion vulnerabilities in ME Download Syst ...)
 	NOT-FOR-US: ME Download System
-CVE-2006-4053
+CVE-2006-4053 (PHP remote file inclusion vulnerability in templates/header.php in ME  ...)
 	NOT-FOR-US: ME Download System
-CVE-2006-4052
+CVE-2006-4052 (Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tool ...)
 	NOT-FOR-US: Turnkey Web Tools PHP Simple Shop
-CVE-2006-4051
+CVE-2006-4051 (PHP remote file inclusion vulnerability in global.php in Turnkey Web T ...)
 	NOT-FOR-US: Turnkey Web Tools PHP Live Helper
-CVE-2006-4050
+CVE-2006-4050 (PHP remote file inclusion vulnerability in auto_check_renewals.php in  ...)
 	NOT-FOR-US: phpAutoMembersArea (phpAMA)
-CVE-2006-4049
+CVE-2006-4049 (Unspecified vulnerability in the utxconfig utility in Sun Ray Server S ...)
 	NOT-FOR-US: Sun
-CVE-2006-4048
+CVE-2006-4048 (Netious CMS 0.4 initializes session IDs based on the client IP address ...)
 	NOT-FOR-US: Netious CMS
-CVE-2006-4047
+CVE-2006-4047 (SQL injection vulnerability in index.php in Netious CMS 0.4 and earlie ...)
 	NOT-FOR-US: Netious CMS
-CVE-2006-4045
+CVE-2006-4045 (PHP remote file inclusion vulnerability in news.php in Torbstoff News  ...)
 	NOT-FOR-US: Torbstoff News
-CVE-2006-4044
+CVE-2006-4044 (PHP remote file inclusion vulnerability in Beautifier/Core.php in Brad ...)
 	NOT-FOR-US: phpCodeCabinet
-CVE-2006-4043
+CVE-2006-4043 (index.php in myWebland myBloggie 2.1.4 and earlier allows remote attac ...)
 	NOT-FOR-US: myWebland myBloggie
-CVE-2006-4042
+CVE-2006-4042 (Multiple SQL injection vulnerabilities in trackback.php in myWebland m ...)
 	NOT-FOR-US: myWebland myBloggie
-CVE-2006-4041
+CVE-2006-4041 (SQL injection vulnerability in Pike before 7.6.86, when using a Postgr ...)
 	- pike7.6 7.6.86-1
 	[sarge] - pike7.6 <unfixed> (unimportant; bug #382607; bug #383766)
 	[sarge] - pike7.2 <unfixed> (unimportant; bug #382607; bug #383766)
 	NOTE: No applications using pike+postgres in Sarge, fix provides
 	NOTE: new functions for proper quoting
-CVE-2006-4040
+CVE-2006-4040 (PHP remote file inclusion vulnerability in myevent.php in myWebland my ...)
 	NOT-FOR-US: myWebland myEvent
-CVE-2006-4039
+CVE-2006-4039 (Multiple SQL injection vulnerabilities in eintragen.php in GaesteChaos ...)
 	NOT-FOR-US: GaesteChaos
-CVE-2006-4038
+CVE-2006-4038 (Multiple cross-site scripting (XSS) vulnerabilities in eintragen.php i ...)
 	NOT-FOR-US: GaesteChaos
-CVE-2006-4037
+CVE-2006-4037 (Unspecified vulnerability in Fenestrae Faxination Server allows remote ...)
 	NOT-FOR-US: Fenestrae Faxination Server
-CVE-2006-4036
+CVE-2006-4036 (PHP remote file inclusion vulnerability in includes/usercp_register.ph ...)
 	NOT-FOR-US: ZoneX Publishers
-CVE-2006-4035
+CVE-2006-4035 (SQL injection vulnerability in counterchaos.php in CounterChaos 0.48c  ...)
 	NOT-FOR-US: CounterChaos
-CVE-2006-4034
+CVE-2006-4034 (PHP remote file inclusion vulnerability in include/html/config.php in  ...)
 	NOT-FOR-US: ModernGigabyte ModernBill
-CVE-2006-4033
+CVE-2006-4033 (Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibl ...)
 	NOT-FOR-US: Lhaplus
-CVE-2006-4032
+CVE-2006-4032 (Unspecified vulnerability in Cisco IOS CallManager Express (CME) allow ...)
 	NOT-FOR-US: Cisco
-CVE-2006-4031
+CVE-2006-4031 (MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to a ...)
 	- mysql-dfsg-5.0 5.0.24-1 (bug #382415; low)
 	- mysql-dfsg <removed> (bug #380271; low)
 	[sarge] - mysql-dfsg-4.1 <no-dsa> (Now documented design error, no real fix feasible)
 	[sarge] - mysql-dfsg <no-dsa> (Now documented design error, no real fix feasible)
-CVE-2006-4030
+CVE-2006-4030 (Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and ...)
 	{DSA-1148-1}
 	- gallery 1.5.3-1
 	- gallery2 <not-affected> (vulnerable code not present)
-CVE-2006-4029
+CVE-2006-4029 (Stack-based buffer overflow in sipd.dll in AGEphone 1.24 and 1.38.1 al ...)
 	NOT-FOR-US: AGEphone
-CVE-2006-4028
+CVE-2006-4028 (Multiple unspecified vulnerabilities in WordPress before 2.0.4 have un ...)
 	- wordpress 2.0.4-1
 CVE-2006-4027
 	RESERVED
@@ -7191,13 +7191,13 @@ CVE-2006-XXXX [realtime-lsm-source: wrong permissions might lead to local root]
 	- realtime-lsm 0.8.7-2 (bug #382161; low)
 	[sarge] - realtime-lsm <not-affected>
 	NOTE: only to user 1017 or group 1001 and only while root is building the module
-CVE-2006-4026
+CVE-2006-4026 (PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows re ...)
 	NOT-FOR-US: SAPID CMS
-CVE-2006-4025
+CVE-2006-4025 (SQL injection vulnerability in profile.php in XennoBB 2.1.0 and earlie ...)
 	NOT-FOR-US: XennoBB
-CVE-2006-4024
+CVE-2006-4024 (The FESTAHES_Load function in pce/hes.c in Festalon 0.5.0 through 0.5. ...)
 	- festalon <not-affected> (vuln. code introduced in 0.5.0)
-CVE-2006-4023
+CVE-2006-4023 (The ip2long function in PHP 5.1.4 and earlier may incorrectly validate ...)
 	- php5 <removed> (unimportant; bug #382257)
 	- php4 <removed> (unimportant; bug #382270)
 	NOTE: Not every lack of protection of programmer's flaws is a vulnerability
@@ -7207,325 +7207,325 @@ CVE-2006-4023
 	NOTE: > and i tend to agree based on the php.net documentation, which
 	NOTE: > states: "ip2long() should not be used as the sole form of IP
 	NOTE: > validation. Combine it with long2ip()".
-CVE-2006-4022
+CVE-2006-4022 (Intel 2100 PRO/Wireless Network Connection driver PROSet before 7.1.4. ...)
 	NOT-FOR-US: Intel Windows driver
-CVE-2006-4021
+CVE-2006-4021 (The cryptographic module in ScatterChat 1.0.x allows attackers to iden ...)
 	NOT-FOR-US: ScatterChat
-CVE-2006-4020
+CVE-2006-4020 (scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows contex ...)
 	- php5 5.1.6-1 (unimportant; bug #382256; bug #382262)
 	- php4 4:4.4.4-1 (unimportant; bug #382261)
 	NOTE: Only exploitable by malicious, local user
-CVE-2006-4019
+CVE-2006-4019 (Dynamic variable evaluation vulnerability in compose.php in SquirrelMa ...)
 	{DSA-1154}
 	- squirrelmail 2:1.4.8-1 (bug #382621)
-CVE-2006-4018
+CVE-2006-4018 (Heap-based buffer overflow in the pefromupx function in libclamav/upx. ...)
 	{DSA-1153}
 	- clamav 0.88.4-1 (high; bug #382004; bug #382007)
-CVE-2006-4017
+CVE-2006-4017 (Cross-site scripting (XSS) vulnerability in the search module in Inter ...)
 	NOT-FOR-US: Inter Network Marketing (INM) CMS G3
-CVE-2006-4016
+CVE-2006-4016 (Cross-site scripting (XSS) vulnerability in /toendaCMS in toendaCMS st ...)
 	NOT-FOR-US: toendaCMS
-CVE-2006-4015
+CVE-2006-4015 (Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with ...)
 	NOT-FOR-US: Hewlett-Packard
-CVE-2006-4014
+CVE-2006-4014 (Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Cen ...)
 	NOT-FOR-US: Symantec
-CVE-2006-4013
+CVE-2006-4013 (Multiple directory traversal vulnerabilities in Symantec Brightmail An ...)
 	NOT-FOR-US: Symantec
-CVE-2006-4012
+CVE-2006-4012 (Multiple PHP remote file inclusion vulnerabilities in circeOS SaveWeb  ...)
 	NOT-FOR-US: circeOS SaveWeb
-CVE-2006-4011
+CVE-2006-4011 (PHP remote file inclusion vulnerability in esupport/admin/autoclose.ph ...)
 	NOT-FOR-US: Kayako eSupport
-CVE-2006-4010
+CVE-2006-4010 (SQL injection vulnerability in war.php in Virtual War (Vwar) 1.5.0 and ...)
 	NOT-FOR-US: Virtual War
-CVE-2006-4009
+CVE-2006-4009 (Cross-site scripting (XSS) vulnerability in war.php in Virtual War (Vw ...)
 	NOT-FOR-US: Virtual War
-CVE-2006-4008
+CVE-2006-4008 (PHP remote file inclusion vulnerability in index.php in Knusperleicht  ...)
 	NOT-FOR-US: Knusperleicht Guestbook
-CVE-2006-4007
+CVE-2006-4007 (PHP remote file inclusion vulnerability in index.php in Knusperleicht  ...)
 	NOT-FOR-US: Knusperleicht Faq
-CVE-2006-4006
+CVE-2006-4006 (The do_gameinfo function in BomberClone 0.11.6 and earlier, and possib ...)
 	{DSA-1180-1}
 	- bomberclone 0.11.7-1 (bug #382082; medium)
-CVE-2006-4005
+CVE-2006-4005 (BomberClone 0.11.6 and earlier allows remote attackers to cause a deni ...)
 	{DSA-1180-1}
 	- bomberclone 0.11.7-1 (bug #382082; medium)
-CVE-2006-4004
+CVE-2006-4004 (Directory traversal vulnerability in index.php in vbPortal 3.0.2 throu ...)
 	NOT-FOR-US: vbPortal
-CVE-2006-4003
+CVE-2006-4003 (The config method in Henrik Storner Hobbit monitor before 4.1.2p2 perm ...)
 	NOT-FOR-US: Henrik Storner Hobbit monitor
-CVE-2006-4002
+CVE-2006-4002 (Cross-site scripting (XSS) vulnerability in user.module in Drupal 4.6  ...)
 	{DSA-1147-1}
 	- drupal 4.5.8-2 (bug #382087; medium)
-CVE-2006-4001
+CVE-2006-4001 (Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.05 ...)
 	NOT-FOR-US: Barracuda Spam Firewall
-CVE-2006-4000
+CVE-2006-4000 (Directory traversal vulnerability in cgi-bin/preview_email.cgi in Barr ...)
 	NOT-FOR-US: Barracuda Spam Firewall
-CVE-2006-3999
+CVE-2006-3999 (ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier ver ...)
 	NOT-FOR-US: ISS BlackICE
-CVE-2006-3998
+CVE-2006-3998 (PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka  ...)
 	NOT-FOR-US: WoWRoster
-CVE-2006-3997
+CVE-2006-3997 (PHP remote file inclusion vulnerability in hsList.php in WoWRoster (ak ...)
 	NOT-FOR-US: WoWRoster
-CVE-2006-3996
+CVE-2006-3996 (SQL injection vulnerability in links/index.php in ATutor 1.5.3.1 and e ...)
 	NOT-FOR-US: ATutor
-CVE-2006-3995
+CVE-2006-3995 (Multiple PHP remote file inclusion vulnerabilities in (1) uhp_config.p ...)
 	NOT-FOR-US: UHP (User Home Pages) 0.5 component (aka com_uhp) for Mambo
-CVE-2006-3994
+CVE-2006-3994 (SQL injection vulnerability in the u2u_send_recp function in u2u.inc.p ...)
 	NOT-FOR-US: XMB (aka extreme message board)
-CVE-2006-3993
+CVE-2006-3993 (PHP remote file inclusion vulnerability in copyright.php in Olaf Noehr ...)
 	NOT-FOR-US: The Search Engine Project
-CVE-2006-3992
+CVE-2006-3992 (Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) w22n51.s ...)
 	NOT-FOR-US: Intel
-CVE-2006-3991
+CVE-2006-3991 (PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh  ...)
 	NOT-FOR-US: Voodoo chat
-CVE-2006-3990
+CVE-2006-3990 (Multiple PHP remote file inclusion vulnerabilities in Paul M. Jones Sa ...)
 	- egroupware <not-affected>
 	NOTE: According to upstream egroupware is not affected, see #382207
-CVE-2006-3989
+CVE-2006-3989 (PHP remote file inclusion vulnerability in index.php in Knusperleicht  ...)
 	NOT-FOR-US: Knusperleicht
-CVE-2006-3988
+CVE-2006-3988 (PHP remote file inclusion vulnerability in index.php in Knusperleicht  ...)
 	NOT-FOR-US: Knusperleicht
-CVE-2006-3987
+CVE-2006-3987 (Multiple PHP remote file inclusion vulnerabilities in index.php in Knu ...)
 	NOT-FOR-US: Knusperleicht
-CVE-2006-3986
+CVE-2006-3986 (PHP remote file inclusion vulnerability in index.php in Knusperleicht  ...)
 	NOT-FOR-US: Knusperleicht
-CVE-2006-3985
+CVE-2006-3985 (Stack-based buffer overflow in DZIPS32.DLL 6.0.0.4 in ConeXware PowerA ...)
 	NOT-FOR-US: ConeXware
-CVE-2006-3984
+CVE-2006-3984 (PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in A ...)
 	NOT-FOR-US: Phpauction
-CVE-2006-3983
+CVE-2006-3983 (PHP remote file inclusion vulnerability in editprofile.php in php(Reac ...)
 	NOT-FOR-US: php(Reactor)
-CVE-2006-3982
+CVE-2006-3982 (PHP remote file inclusion vulnerability in quickie.php in Knusperleich ...)
 	NOT-FOR-US: Knusperleicht
-CVE-2006-3981
+CVE-2006-3981 (PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gall ...)
 	NOT-FOR-US: Mambo Gallery Manager for Mambo
-CVE-2006-3980
+CVE-2006-3980 (PHP remote file inclusion vulnerability in administrator/components/co ...)
 	NOT-FOR-US: Mambo Gallery Manager for Mambo
-CVE-2006-3979
+CVE-2006-3979 (The AdminAPI of ColdFusion MX 7 allows attackers to bypass authenticat ...)
 	NOT-FOR-US: ColdFusion MX
-CVE-2006-3978
+CVE-2006-3978 (Unspecified vulnerability in a Verity third party library, as used on  ...)
 	NOT-FOR-US: Adobe ColdFusion MX
-CVE-2006-3977
+CVE-2006-3977 (Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0. ...)
 	NOT-FOR-US: CA eTrust Antivirus WebScan
-CVE-2006-3976
+CVE-2006-3976 (Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0. ...)
 	NOT-FOR-US: CA eTrust Antivirus WebScan
-CVE-2006-3975
+CVE-2006-3975 (Unspecified vulnerability in CA eTrust Antivirus WebScan allows remote ...)
 	NOT-FOR-US: CA eTrust Antivirus WebScan
-CVE-2006-3974
+CVE-2006-3974 (Cross-site scripting (XSS) vulnerability in cgi-bin/admin in 3Com Offi ...)
 	NOT-FOR-US: 3Com
-CVE-2006-3973
+CVE-2006-3973 (My Firewall Plus 5.0 Build 1119 does not verify if explorer.exe is run ...)
 	NOT-FOR-US: My Firewall Plus
-CVE-2006-3972
+CVE-2006-3972 (Directory traversal vulnerability in includes/operator_chattranscript. ...)
 	NOT-FOR-US: Ajax Chat
-CVE-2006-3971
+CVE-2006-3971 (Cross-site scripting (XSS) vulnerability in visitor/livesupport/chat.p ...)
 	NOT-FOR-US: Ajax Chat
 CVE-2006-XXXX [Buffer overflow in XML::Parser::Expat triggered by utf8]
 	- libxml-parser-perl 2.34-4.2 (bug #378411; medium)
 CVE-2006-XXXX [Buffer overflow in XML::Parser::Expat triggered by deep nesting]
 	- libxml-parser-perl 2.34-4.1 (bug #378412; medium)
-CVE-2006-3970
+CVE-2006-3970 (PHP remote file inclusion vulnerability in lmo.php in the LMO Componen ...)
 	NOT-FOR-US: LMO for joomla
-CVE-2006-3969
+CVE-2006-3969 (PHP remote file inclusion vulnerability in administrator/components/co ...)
 	NOT-FOR-US: Colophon for joomla
-CVE-2006-3968
+CVE-2006-3968 (The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01 ...)
 	NOT-FOR-US: Solaris
-CVE-2006-3967
+CVE-2006-3967 (PHP remote file inclusion vulnerability in component/option,com_moskoo ...)
 	NOT-FOR-US: moskool
-CVE-2006-3966
+CVE-2006-3966 (PHP remote file inclusion vulnerability in /lib/tree/layersmenu.inc.ph ...)
 	NOT-FOR-US: MyNewsGroups
-CVE-2006-3965
+CVE-2006-3965 (Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web docu ...)
 	NOT-FOR-US: Banex PHP MySQL Banner Exchange
-CVE-2006-3964
+CVE-2006-3964 (PHP remote file inclusion vulnerability in members.php in Banex PHP My ...)
 	NOT-FOR-US: Banex PHP MySQL Banner Exchange
-CVE-2006-3963
+CVE-2006-3963 (Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Excha ...)
 	NOT-FOR-US: Banex PHP MySQL Banner Exchange
-CVE-2006-3962
+CVE-2006-3962 (PHP remote file inclusion vulnerability in administrator/components/co ...)
 	NOT-FOR-US: com_bayesiannaivefilter for mambo
-CVE-2006-3961
+CVE-2006-3961 (Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee S ...)
 	NOT-FOR-US: McAfee
-CVE-2006-3960
+CVE-2006-3960 (SQL injection vulnerability in top.php in X-Scripts X-Poll, probably 2 ...)
 	NOT-FOR-US: X-Scripts X-Poll
-CVE-2006-3959
+CVE-2006-3959 (SQL injection vulnerability in protect.php in X-Scripts X-Protection 1 ...)
 	NOT-FOR-US: X-Scripts X-Protection
-CVE-2006-3958
+CVE-2006-3958 (Multiple unspecified cross-site scripting (XSS) vulnerabilities in Tas ...)
 	NOT-FOR-US: Taskjitsu
-CVE-2006-3957
+CVE-2006-3957 (PHP remote file inclusion vulnerability in payment.php in BosDev BosDa ...)
 	NOT-FOR-US: BosDates
-CVE-2006-3956
+CVE-2006-3956 (Multiple cross-site scripting (XSS) vulnerabilities in contact.php in  ...)
 	NOT-FOR-US: Advanced Webhost Billing System
-CVE-2006-3955
+CVE-2006-3955 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5 ...)
 	NOT-FOR-US: MiniBB Forum
-CVE-2006-3954
+CVE-2006-3954 (Directory traversal vulnerability in usercp.php in MyBB (aka MyBulleti ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3953
+CVE-2006-3953 (Cross-site scripting (XSS) vulnerability in usercp.php in MyBB (aka My ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3952
+CVE-2006-3952 (Stack-based buffer overflow in EFS Software Easy File Sharing FTP Serv ...)
 	NOT-FOR-US: EFS Software Easy File Sharing FTP
-CVE-2006-3951
+CVE-2006-3951 (PHP remote file inclusion vulnerability in moodle.php in Mam-moodle al ...)
 	NOT-FOR-US: Mam-moodle alpha component (com_moodle) for Mambo
-CVE-2006-3950
+CVE-2006-3950 (SQL injection vulnerability in x-statistics.php in X-Scripts X-Statist ...)
 	NOT-FOR-US: X-Statistics
-CVE-2006-3949
+CVE-2006-3949 (PHP remote file inclusion vulnerability in artlinks.dispnew.php in the ...)
 	NOT-FOR-US: com_artlinks for Mambo
-CVE-2006-3948
+CVE-2006-3948 (Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke IN ...)
 	NOT-FOR-US: php-nuke
-CVE-2006-3947
+CVE-2006-3947 (PHP remote file inclusion vulnerability in components/com_mambatstaff/ ...)
 	NOT-FOR-US: Mambatstaff
-CVE-2006-3946
+CVE-2006-3946 (WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote ...)
 	NOT-FOR-US: Apple Safari 2.0.4
 	NOTE: konqueror 3.5.x is not affected
 	NOTE: PoC http://web.archive.org/web/20130701013045/http://browserfun.blogspot.com/2006/07/mobb-31-safari-khtmlparserpoponeblock.html
-CVE-2006-3945
+CVE-2006-3945 (The CSS functionality in Opera 9 on Windows XP SP2 allows remote attac ...)
 	NOT-FOR-US: Opera
-CVE-2006-3944
+CVE-2006-3944 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3943
+CVE-2006-3943 (Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3942
+CVE-2006-3942 (The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3941
+CVE-2006-3941 (Unspecified vulnerability in the daemons for Sun N1 Grid Engine 5.3 an ...)
 	NOT-FOR-US: N1 Grid Engine
-CVE-2006-3940
+CVE-2006-3940 (Multiple SQL injection vulnerabilities in phpbb-Auction allow remote a ...)
 	NOT-FOR-US: phpbb-Auction
-CVE-2006-3939
+CVE-2006-3939 (ScriptsCenter ezUpload Pro 2.2.0 allows remote attackers to perform ad ...)
 	NOT-FOR-US: ScriptsCenter ezUpload Pro
-CVE-2006-3938
+CVE-2006-3938 (DotClear allows remote attackers to obtain sensitive information via a ...)
 	NOT-FOR-US: DotClear
-CVE-2006-3937
+CVE-2006-3937 (post.php in x_atrix xGuestBook 1.02 allows remote attackers to obtain  ...)
 	NOT-FOR-US: x_atrix xGuestBook
-CVE-2006-3936
+CVE-2006-3936 (system/workplace/editors/editor.jsp in Alkacon OpenCms before 6.2.2 al ...)
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2006-3935
+CVE-2006-3935 (system/workplace/views/admin/admin-main.jsp in Alkacon OpenCms before  ...)
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2006-3934
+CVE-2006-3934 (Absolute path traversal vulnerability in downloadTrigger.jsp in Alkaco ...)
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2006-3933
+CVE-2006-3933 (Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.2 ...)
 	NOT-FOR-US: OpenCms
-CVE-2006-3932
+CVE-2006-3932 (SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 al ...)
 	NOT-FOR-US: LinksCaffe
-CVE-2006-3931
+CVE-2006-3931 (Buffer overflow in the daemon function in midirecord.cc in Tuomas Aira ...)
 	NOT-FOR-US: Midirecord
-CVE-2006-3930
+CVE-2006-3930 (PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php i ...)
 	NOT-FOR-US: a6mambohelpdesk Mambo Component 18RC1
-CVE-2006-3929
+CVE-2006-3929 (Cross-site scripting (XSS) vulnerability in the Forms/rpSysAdmin scrip ...)
 	NOT-FOR-US: Zyxel
-CVE-2006-3928
+CVE-2006-3928 (PHP remote file inclusion vulnerability in index.php in WMNews 0.2a an ...)
 	NOT-FOR-US: WMNews
-CVE-2006-3927
+CVE-2006-3927 (Cross-site scripting (XSS) vulnerability in auctionsearch.php in PhpPr ...)
 	NOT-FOR-US: PhpProBid
-CVE-2006-3926
+CVE-2006-3926 (Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote  ...)
 	NOT-FOR-US: PhpProBid
-CVE-2006-3925
+CVE-2006-3925 (Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control ...)
 	NOT-FOR-US: ITIRecorder.MicRecorder ActiveX control
-CVE-2006-3924
+CVE-2006-3924 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before 1 ...)
 	NOT-FOR-US: Dokeos
-CVE-2006-3923
+CVE-2006-3923 (Cross-site scripting (XSS) vulnerability in add.php in Fire-Mouse Topl ...)
 	NOT-FOR-US: Fire-Mouse Toplist
-CVE-2006-3922
+CVE-2006-3922 (PHP remote file inclusion vulnerability in mod_membre/inscription.php  ...)
 	NOT-FOR-US: PortailPHP
-CVE-2006-3921
+CVE-2006-3921 (Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Serve ...)
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2006-3920
+CVE-2006-3920 (The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 all ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2006-3919
+CVE-2006-3919 (SQL injection vulnerability in index.php in SD Studio CMS allows remot ...)
 	NOT-FOR-US: SD Studio CMS
-CVE-2006-3918
+CVE-2006-3918 (http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 bef ...)
 	{DSA-1167-1}
 	- apache2 2.0.55-4.1 (bug #381376; low)
 	[sarge] - apache2 2.0.54-5sarge2
 	- apache 1.3.34-3 (bug #381381; medium)
-CVE-2006-3917
+CVE-2006-3917 (PHP remote file inclusion vulnerability in inc/gabarits.php in R. Cors ...)
 	NOT-FOR-US: PHP Forge
-CVE-2006-3916
+CVE-2006-3916 (Cross-site scripting (XSS) vulnerability in snews.php in sNews (aka So ...)
 	NOT-FOR-US: Solucija News
-CVE-2006-3915
+CVE-2006-3915 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3914
+CVE-2006-3914 (Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite  ...)
 	NOT-FOR-US: Academic Suite
-CVE-2006-3913
+CVE-2006-3913 (Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 200 ...)
 	{DSA-1142-1}
 	- freeciv 2.0.8-3 (bug #381378; medium)
-CVE-2006-3912
+CVE-2006-3912 (Stack-based buffer overflow in the SFX module in WinRAR before 3.60 be ...)
 	NOT-FOR-US: WinRAR
-CVE-2006-3911
+CVE-2006-3911 (PHP remote file inclusion vulnerability in OSI Codes PHP Live! 3.2.1 a ...)
 	NOT-FOR-US: PHP Live
-CVE-2006-3910
+CVE-2006-3910 (Internet Explorer 6 on Windows XP SP2, when Outlook is installed, allo ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3909
+CVE-2006-3909 (Cross-site scripting (XSS) vulnerability in calendar.php in WWWthreads ...)
 	NOT-FOR-US: WWWthreads
-CVE-2006-3908
+CVE-2006-3908 (Format string vulnerability in the flush_output function in ConsoleStr ...)
 	- gnelib 0.75+svn20091130-1
 	NOTE: issue was fixed back in 2006 but there hasn't been any
 	NOTE: release since 0.70 which is affected
-CVE-2006-3907
+CVE-2006-3907 (Siemens SpeedStream 2624 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Siemens
-CVE-2006-3906
+CVE-2006-3906 (Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3905
+CVE-2006-3905 (SQL injection vulnerability in Webland MyBloggie 2.1.3 allows remote a ...)
 	NOT-FOR-US: Webland MyBloggie
-CVE-2006-3904
+CVE-2006-3904 (SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1  ...)
 	NOT-FOR-US: Etomite CMS
-CVE-2006-3903
+CVE-2006-3903 (CRLF injection vulnerability in (1) index.php and (2) admin.php in myW ...)
 	NOT-FOR-US: Webland MyBloggie
-CVE-2006-3902
+CVE-2006-3902 (Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopS ...)
 	NOT-FOR-US: phpFaber TopSites
-CVE-2006-3901
+CVE-2006-3901 (Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EM ...)
 	NOT-FOR-US: Tumbleweed Email Firewall
-CVE-2006-3900
+CVE-2006-3900 (Cross-site scripting (XSS) vulnerability in guestbook.php in TP-Book 1 ...)
 	NOT-FOR-US: TP-Book
-CVE-2006-3899
+CVE-2006-3899 (Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attack ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3898
+CVE-2006-3898 (Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attack ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3897
+CVE-2006-3897 (Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3896
+CVE-2006-3896 (The NeoScale Systems CryptoStor 700 series appliance before 2.6 relies ...)
 	NOT-FOR-US: NeoScale Systems CryptoStor
 CVE-2006-3895
 	RESERVED
-CVE-2006-3894
+CVE-2006-3894 (The RSA Crypto-C before 6.3.1 and Cert-C before 2.8 libraries, as used ...)
 	NOT-FOR-US: RSA BSAFE
-CVE-2006-3893
+CVE-2006-3893 (Multiple buffer overflows in the ActiveX controls in Newtone ImageKit  ...)
 	NOT-FOR-US: Newtone ImageKit
-CVE-2006-3892
+CVE-2006-3892 (The Management Console server in EMC NetWorker (formerly Legato NetWor ...)
 	NOT-FOR-US: EMC NetWorker
 CVE-2006-3891
 	RESERVED
-CVE-2006-3890
+CVE-2006-3890 (Stack-based buffer overflow in the Sky Software FileView ActiveX contr ...)
 	NOT-FOR-US: Sky Software FileView ActiveX
 CVE-2006-3889
 	RESERVED
-CVE-2006-3888
+CVE-2006-3888 (Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDo ...)
 	NOT-FOR-US: AOL
-CVE-2006-3887
+CVE-2006-3887 (Buffer overflow in AOL You've Got Pictures (YGP) Screensaver ActiveX c ...)
 	NOT-FOR-US: AOL
-CVE-2006-3886
+CVE-2006-3886 (SQL injection vulnerability in Shalwan MusicBox 2.3.4 and earlier allo ...)
 	NOT-FOR-US: Shalwan MusicBox
-CVE-2006-3885
+CVE-2006-3885 (Directory traversal vulnerability in Check Point Firewall-1 R55W befor ...)
 	NOT-FOR-US: Check Point Firewall-1
-CVE-2006-3884
+CVE-2006-3884 (Multiple SQL injection vulnerabilities in links.php in Gonafish LinksC ...)
 	NOT-FOR-US: Gonafish LinksCaffe
-CVE-2006-3883
+CVE-2006-3883 (Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksC ...)
 	NOT-FOR-US: Gonafish LinksCaffe
-CVE-2006-3882
+CVE-2006-3882 (Shalwan MusicBox 2.3.4 and earlier allows remote attackers to obtain c ...)
 	NOT-FOR-US: Shalwan MusicBox
-CVE-2006-3881
+CVE-2006-3881 (Cross-site scripting (XSS) vulnerability in Shalwan MusicBox 2.3.4 and ...)
 	NOT-FOR-US: Shalwan MusicBox
 CVE-2006-3880
 	NOT-FOR-US: Zen Cart
-CVE-2006-3879
+CVE-2006-3879 (Integer overflow in the loadChunk function in loaders/load_gt2.c in li ...)
 	- libmikmod <not-affected> (Debian's 3.1.1 version doesn't have GT2 support)
-CVE-2006-3878
+CVE-2006-3878 (Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql ...)
 	NOT-FOR-US: Opsware Network Automation System
-CVE-2006-3877
+CVE-2006-3877 (Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Offi ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3876
+CVE-2006-3876 (Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Offi ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3875
+CVE-2006-3875 (Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 fo ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-3874
 	REJECTED
-CVE-2006-3873
+CVE-2006-3873 (Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explore ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-3872
 	REJECTED
@@ -7533,70 +7533,70 @@ CVE-2006-3871
 	REJECTED
 CVE-2006-3870
 	REJECTED
-CVE-2006-3869
+CVE-2006-3869 (Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explore ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3868
+CVE-2006-3868 (Unspecified vulnerability in Microsoft Office XP and 2003 allows remot ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3867
+CVE-2006-3867 (Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 fo ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-3866
 	REJECTED
 CVE-2006-3865
 	REJECTED
-CVE-2006-3864
+CVE-2006-3864 (Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-3863
 	REJECTED
-CVE-2006-3862
+CVE-2006-3862 (Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through  ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3861
+CVE-2006-3861 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10. ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3860
+CVE-2006-3860 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10. ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3859
+CVE-2006-3859 (IBM Informix Dynamic Server (IDS) allows remote authenticated users to ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3858
+CVE-2006-3858 (IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before 10. ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3857
+CVE-2006-3857 (Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before  ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3856
+CVE-2006-3856 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10. ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3855
+CVE-2006-3855 (The ifx_load_internal function in IBM Informix Dynamic Server (IDS) al ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3854
+CVE-2006-3854 (Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC7, 9.40.TC ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3853
+CVE-2006-3853 (Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 a ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2006-3852
+CVE-2006-3852 (Cross-site scripting (XSS) vulnerability in index.php in Micro GuestBo ...)
 	NOT-FOR-US: Micro GuestBook
-CVE-2006-3851
+CVE-2006-3851 (SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and earl ...)
 	NOT-FOR-US: X7 Chat
 CVE-2006-3850
 	NOT-FOR-US: Vanilla CMS
-CVE-2006-3849
+CVE-2006-3849 (Stack-based buffer overflow in Warzone 2100 and Warzone Resurrection 2 ...)
 	NOT-FOR-US: Warzone
-CVE-2006-3848
+CVE-2006-3848 (Cross-site scripting (XSS) vulnerability in CGI wrapper for IP Calcula ...)
 	- ipcalc 0.41-1 (bug #381469; low)
 	[sarge] - ipcalc <no-dsa> (No exploit potential)
-CVE-2006-3847
+CVE-2006-3847 (PHP remote file inclusion vulnerability in (1) admin.php, and possibly ...)
 	NOT-FOR-US: MoSpray
-CVE-2006-3846
+CVE-2006-3846 (PHP remote file inclusion vulnerability in extadminmenus.class.php in  ...)
 	NOT-FOR-US: MultiBanners
-CVE-2006-3845
+CVE-2006-3845 (Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 bet ...)
 	NOT-FOR-US: WinRAR
-CVE-2006-3844
+CVE-2006-3844 (Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote authenti ...)
 	NOT-FOR-US: Quick 'n Easy FTP Server
-CVE-2006-3843
+CVE-2006-3843 (PHP remote file inclusion vulnerability in com_calendar.php in Calenda ...)
 	NOT-FOR-US: Calendar Mambo Module
-CVE-2006-3842
+CVE-2006-3842 (Cross-site scripting (XSS) vulnerability in Zoho Virtual Office 3.2 Bu ...)
 	NOT-FOR-US: Zoho Virtual Office
-CVE-2006-3841
+CVE-2006-3841 (Cross-site scripting (XSS) vulnerability in WebScarab before 20060718- ...)
 	NOT-FOR-US: WebScarab
-CVE-2006-3840
+CVE-2006-3840 (The SMB Mailslot parsing functionality in PAM in multiple ISS products ...)
 	NOT-FOR-US: various ISS products
 CVE-2006-3839
 	RESERVED
-CVE-2006-3838
+CVE-2006-3838 (Multiple stack-based buffer overflows in eIQnetworks Enterprise Securi ...)
 	NOT-FOR-US: eIQnetworks Enterprise
 CVE-2006-XXXX [syslog-ng dos]
 	- syslog-ng 2.0rc1-2 (low)
@@ -7604,65 +7604,65 @@ CVE-2006-XXXX [syslog-ng dos]
 CVE-2006-XXXX [courier-authdaemon: wrong socket permissions may lead to password disclosure]
 	- courier-authlib 0.58-3.1 (bug #378571; medium)
 	[sarge] - courier-authlib <not-affected> (bug #378571; medium)
-CVE-2006-4046
+CVE-2006-4046 (Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 a ...)
 	- ocp 0.1.10rc6-1 (medium; bug #381098)
 CVE-2006-XXXX [uqwk buffer overflow]
 	- uqwk 2.21-13 (bug #376577; low)
 	[sarge] - uqwk <no-dsa> (Minor issue)
-CVE-2006-3837
+CVE-2006-3837 (delcookie.php in Professional Home Page Tools Guestbook changes the ex ...)
 	NOT-FOR-US: Professional Home Page Tools Guestbook
-CVE-2006-3836
+CVE-2006-3836 (Directory traversal vulnerability in index.php in UNIDOmedia Chameleon ...)
 	NOT-FOR-US: UNIDOmedia Chameleon
-CVE-2006-3835
+CVE-2006-3835 (Apache Tomcat 5 before 5.5.17 allows remote attackers to list director ...)
 	- tomcat5 <not-affected> (bug #380361; maintainter can't reproduce)
 	- tomcat5.5 <not-affected> (bug #380376; maintainer can't reproduce)
-CVE-2006-3834
+CVE-2006-3834 (EJ3 TOPo 2.2.178 includes the password in cleartext in the ID field to ...)
 	NOT-FOR-US: EJ3 TOPo
-CVE-2006-3833
+CVE-2006-3833 (index.php in EJ3 TOPo 2.2.178 allows remote attackers to overwrite exi ...)
 	NOT-FOR-US: EJ3 TOPo
-CVE-2006-3832
+CVE-2006-3832 (SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog  ...)
 	NOT-FOR-US: Gerrit van Aaken Loudblog
-CVE-2006-3831
+CVE-2006-3831 (The Backup selection in Kailash Nadh boastMachine (formerly bMachine)  ...)
 	NOT-FOR-US: Kailash Nadh boastMachine (formerly bMachine)
-CVE-2006-3830
+CVE-2006-3830 (The Languages selection in the admin interface in Kailash Nadh boastMa ...)
 	NOT-FOR-US: Kailash Nadh boastMachine (formerly bMachine)
-CVE-2006-3829
+CVE-2006-3829 (Cross-site request forgery (CSRF) vulnerability in bmc/admin.php in Ka ...)
 	NOT-FOR-US: Kailash Nadh boastMachine (formerly bMachine)
-CVE-2006-3828
+CVE-2006-3828 (Incomplete blacklist vulnerability in Kailash Nadh boastMachine (forme ...)
 	NOT-FOR-US: Kailash Nadh boastMachine (formerly bMachine)
-CVE-2006-3827
+CVE-2006-3827 (SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Ka ...)
 	NOT-FOR-US: Kailash Nadh boastMachine (formerly bMachine)
-CVE-2006-3826
+CVE-2006-3826 (Multiple cross-site scripting (XSS) vulnerabilities in Kailash Nadh bo ...)
 	NOT-FOR-US: Kailash Nadh boastMachine (formerly bMachine)
-CVE-2006-3825
+CVE-2006-3825 (The IPv4 implementation in Sun Solaris 10 before 20060721 allows local ...)
 	NOT-FOR-US: Solaris
-CVE-2006-3824
+CVE-2006-3824 (systeminfo.c for Sun Solaris allows local users to read kernel memory  ...)
 	NOT-FOR-US: Solaris
-CVE-2006-3823
+CVE-2006-3823 (SQL injection vulnerability in index.php in GeodesicSolutions (1) GeoA ...)
 	NOT-FOR-US: GeodesicSolutions GeoAuctions Premier and GeoClassifieds Basic
-CVE-2006-3822
+CVE-2006-3822 (SQL injection vulnerability in index.php in GeodesicSolutions GeoAucti ...)
 	NOT-FOR-US: GeodesicSolutions GeoAuctions
-CVE-2006-3821
+CVE-2006-3821 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.3 al ...)
 	NOT-FOR-US: ATutor
-CVE-2006-3820
+CVE-2006-3820 (Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loud ...)
 	NOT-FOR-US: Loudblog
-CVE-2006-3819
+CVE-2006-3819 (Eval injection vulnerability in the configure script in TWiki 4.0.0 th ...)
 	- twiki <not-affected> (only 4.0.x is affected)
-CVE-2006-3818
+CVE-2006-3818 (Cross-site scripting (XSS) vulnerability in the login page in Novell G ...)
 	NOT-FOR-US: Novell GroupWise WebAccess
-CVE-2006-3817
+CVE-2006-3817 (Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess ...)
 	NOT-FOR-US: Novell GroupWise WebAccess
-CVE-2006-3816
+CVE-2006-3816 (Krusader 1.50-beta1 up to 1.70.0 stores passwords for remote connectio ...)
 	- krusader <not-affected> (bug #380063; file in directory with 0700 permissions)
-CVE-2006-3815
+CVE-2006-3815 (heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a s ...)
 	{DSA-1128}
 	- heartbeat 1.2.4-13 (bug #379904; bug #380289)
-CVE-2006-3814
+CVE-2006-3814 (Buffer overflow in the Loader_XM::load_instrument_internal function in ...)
 	{DSA-1166}
 	- cheesetracker 0.9.9-6 (bug #380364; low)
-CVE-2006-3813
+CVE-2006-3813 (A regression error in the Perl package for Red Hat Enterprise Linux 4  ...)
 	NOT-FOR-US: Perl in Red Hat Enterprise Linux 4
-CVE-2006-3812
+CVE-2006-3812 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...)
 	NOTE: MFSA-2006-56
 	[sarge] - mozilla <not-affected>
 	- mozilla <removed> (medium)
@@ -7671,7 +7671,7 @@ CVE-2006-3812
 	- firefox 1.5.dfsg+1.5.0.5-1 (medium)
 	- thunderbird 1.5.0.5-1 (unimportant)
 	[sarge] - mozilla-thunderbird <not-affected> (unimportant)
-CVE-2006-3811
+CVE-2006-3811 (Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbir ...)
 	{DSA-1161 DSA-1160 DSA-1159}
 	NOTE: MFSA-2006-55
 	- mozilla <removed> (high)
@@ -7680,7 +7680,7 @@ CVE-2006-3811
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <removed> (medium)
-CVE-2006-3810
+CVE-2006-3810 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before ...)
 	{DSA-1159}
 	NOTE: MFSA-2006-54
 	- mozilla <not-affected> (mozilla 1.7 not affected)
@@ -7688,7 +7688,7 @@ CVE-2006-3810
 	- mozilla-firefox <not-affected> (only firefox >= 1.5)
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
-CVE-2006-3809
+CVE-2006-3809 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...)
 	{DSA-1161 DSA-1160 DSA-1159}
 	NOTE: MFSA-2006-53
 	- mozilla <removed> (medium)
@@ -7697,7 +7697,7 @@ CVE-2006-3809
 	- firefox 1.5.dfsg+1.5.0.5-1 (medium)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <removed> (medium)
-CVE-2006-3808
+CVE-2006-3808 (Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remot ...)
 	{DSA-1161 DSA-1160 DSA-1159}
 	NOTE: MFSA-2006-52
 	- mozilla <removed> (medium)
@@ -7705,7 +7705,7 @@ CVE-2006-3808
 	- mozilla-firefox <removed> (medium)
 	- firefox 1.5.dfsg+1.5.0.5-1 (medium)
 	- thunderbird 1.5.0.5-1
-CVE-2006-3807
+CVE-2006-3807 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...)
 	{DSA-1161 DSA-1160 DSA-1159}
 	NOTE: MFSA-2006-51
 	- mozilla <removed> (high)
@@ -7714,7 +7714,7 @@ CVE-2006-3807
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <removed> (medium)
-CVE-2006-3806
+CVE-2006-3806 (Multiple integer overflows in the Javascript engine in Mozilla Firefox ...)
 	{DSA-1161 DSA-1160 DSA-1159}
 	NOTE: MFSA-2006-50
 	- mozilla <removed> (high)
@@ -7723,7 +7723,7 @@ CVE-2006-3806
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <removed> (medium)
-CVE-2006-3805
+CVE-2006-3805 (The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird b ...)
 	{DSA-1161 DSA-1160 DSA-1159}
 	NOTE: MFSA-2006-50
 	- mozilla <removed> (high)
@@ -7732,14 +7732,14 @@ CVE-2006-3805
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <removed> (medium)
-CVE-2006-3804
+CVE-2006-3804 (Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and S ...)
 	NOTE: MFSA-2006-49
 	- mozilla-firefox <not-affected> (only firefox >= 1.5)
 	[sarge] - mozilla <not-affected> (mozilla 1.7 not affected)
 	- mozilla <removed> (high)
 	- thunderbird 1.5.0.5-1 (high)
 	- mozilla-thunderbird <not-affected> (high)
-CVE-2006-3803
+CVE-2006-3803 (Race condition in the JavaScript garbage collection in Mozilla Firefox ...)
 	NOTE: MFSA-2006-48
 	- mozilla <not-affected> (mozilla 1.7 not affected)
 	- xulrunner 1.8.0.5-1 (high)
@@ -7747,7 +7747,7 @@ CVE-2006-3803
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <not-affected>
-CVE-2006-3802
+CVE-2006-3802 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...)
 	NOTE: MFSA-2006-47
 	- mozilla <not-affected> (mozilla 1.7 not affected)
 	- xulrunner 1.8.0.5-1 (medium)
@@ -7755,7 +7755,7 @@ CVE-2006-3802
 	- firefox 1.5.dfsg+1.5.0.5-1 (medium)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <not-affected>
-CVE-2006-3801
+CVE-2006-3801 (Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not ...)
 	NOTE: MFSA-2006-44
 	- mozilla-firefox <not-affected> (only firefox >= 1.5)
 	- mozilla-thunderbird <not-affected> (only firefox >= 1.5)
@@ -7763,144 +7763,144 @@ CVE-2006-3801
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- xulrunner 1.8.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
-CVE-2006-3800
+CVE-2006-3800 (Cross-site scripting (XSS) vulnerability in Amazing Flash AFCommerce S ...)
 	NOT-FOR-US: AFCommerce
-CVE-2006-3799
+CVE-2006-3799 (DeluxeBB 1.07 and earlier allows remote attackers to bypass SQL inject ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3798
+CVE-2006-3798 (DeluxeBB 1.07 and earlier allows remote attackers to overwrite the (1) ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3797
+CVE-2006-3797 (SQL injection vulnerability in DeluxeBB 1.07 and earlier allows remote ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3796
+CVE-2006-3796 (DeluxeBB 1.07 and earlier does not properly handle a username composed ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3795
+CVE-2006-3795 (Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before ...)
 	NOT-FOR-US: DeluxeBB
 CVE-2006-3794
 	NOT-FOR-US: AFCommerce
-CVE-2006-3793
+CVE-2006-3793 (PHP remote file inclusion vulnerability in constants.php in SiteDepth  ...)
 	NOT-FOR-US: SiteDepth
-CVE-2006-3792
+CVE-2006-3792 (SQL injection vulnerability in ServerClientUfo::recv_packet in server_ ...)
 	NOT-FOR-US: UFO2000
-CVE-2006-3791
+CVE-2006-3791 (The decode_stringmap function in server_transport.cpp for UFO2000 svn  ...)
 	NOT-FOR-US: UFO2000
-CVE-2006-3790
+CVE-2006-3790 (The decode_stringmap function in server_transport.cpp for UFO2000 svn  ...)
 	NOT-FOR-US: UFO2000
-CVE-2006-3789
+CVE-2006-3789 (Multiple array index errors in the (1) recv_rules, (2) recv_select_uni ...)
 	NOT-FOR-US: UFO2000
-CVE-2006-3788
+CVE-2006-3788 (Multiple buffer overflows in multiplay.cpp in UFO2000 svn 1057 allow r ...)
 	NOT-FOR-US: UFO2000
-CVE-2006-3787
+CVE-2006-3787 (kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 doe ...)
 	NOT-FOR-US: Sunbelt Kerio Personal Firewall
-CVE-2006-3786
+CVE-2006-3786 (Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka  ...)
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2006-3785
+CVE-2006-3785 (Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox wit ...)
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2006-3784
+CVE-2006-3784 (Symantec pcAnywhere 12.5 uses weak default permissions for the "Symant ...)
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2006-3783
+CVE-2006-3783 (Sun Solaris 10 allows local users to cause a denial of service (panic) ...)
 	NOT-FOR-US: Solaris
-CVE-2006-3782
+CVE-2006-3782 (Unspecified vulnerability in the kernel debugger (kmdb) in Sun Solaris ...)
 	NOT-FOR-US: Solaris
-CVE-2006-3781
+CVE-2006-3781 (Unspecified vulnerability in Sun Solaris 10 allows context-dependent a ...)
 	NOT-FOR-US: Solaris
-CVE-2006-3780
+CVE-2006-3780 (Keyifweb Keyif Portal 2.0 stores sensitive information under the web r ...)
 	NOT-FOR-US: Keyifweb Keyif Portal
-CVE-2006-3779
+CVE-2006-3779 (Citrix MetaFrame up to XP 1.0 Feature 1, except when running on Window ...)
 	NOT-FOR-US: Citrix
-CVE-2006-3778
+CVE-2006-3778 (IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to  ...)
 	NOT-FOR-US: IBM
-CVE-2006-3777
+CVE-2006-3777 (PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLi ...)
 	NOT-FOR-US: IDevSpot PhpLinkExchange
-CVE-2006-3776
+CVE-2006-3776 (PHP remote file inclusion vulnerability in order/index.php in IDevSpot ...)
 	NOT-FOR-US: IDevSpot (1) PhpHostBot 1.0 and (2) AutoHost 3.0
-CVE-2006-3775
+CVE-2006-3775 (SQL injection vulnerability in the init function in class_session.php  ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3774
+CVE-2006-3774 (PHP remote file inclusion vulnerability in performs.php in the perForm ...)
 	NOT-FOR-US: perForms component (com_performs) for Joomla!
-CVE-2006-3773
+CVE-2006-3773 (PHP remote file inclusion vulnerability in smf.php in the SMF-Forum 1. ...)
 	NOT-FOR-US: MF-Forum Bridge Component (com_smf) For Joomla! and Mambo
-CVE-2006-3772
+CVE-2006-3772 (PHP-Post 0.21 and 1.0, and possibly earlier versions, when auto-login  ...)
 	NOT-FOR-US: PHP-Post
-CVE-2006-3771
+CVE-2006-3771 (Multiple PHP remote file inclusion vulnerabilities in component.php in ...)
 	NOT-FOR-US: iManage CMS
-CVE-2006-3770
+CVE-2006-3770 (Multiple SQL injection vulnerabilities in index.php in phpFaber TopSit ...)
 	NOT-FOR-US: phpFaber TopSites
-CVE-2006-3769
+CVE-2006-3769 (Multiple cross-site scripting (XSS) vulnerabilities in Top XL 1.1 and  ...)
 	NOT-FOR-US: Top XL
-CVE-2006-3768
+CVE-2006-3768 (Integer underflow in filecpnt.exe in FileCOPA FTP Server 1.01 before 2 ...)
 	NOT-FOR-US: FileCOPA FTP Server
-CVE-2006-3767
+CVE-2006-3767 (Cross-site scripting (XSS) vulnerability in showprofile.php in Darren' ...)
 	NOT-FOR-US: Darren's $5 Script Archive osDate
-CVE-2006-3766
+CVE-2006-3766 (Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to bo ...)
 	NOT-FOR-US: Darren's $5 Script Archive osDate
-CVE-2006-3765
+CVE-2006-3765 (Multiple cross-site scripting (XSS) vulnerabilities in Huttenlocher We ...)
 	NOT-FOR-US: uttenlocher Webdesign hwdeGUEST
-CVE-2006-3764
+CVE-2006-3764 (Till Gerken phpPolls 1.0.3 allows remote attackers to create a new pol ...)
 	NOT-FOR-US: phpPolls
-CVE-2006-3763
+CVE-2006-3763 (SQL injection vulnerability in category.php in Diesel Joke Site allows ...)
 	NOT-FOR-US: Diesel Joke Site
-CVE-2006-3762
+CVE-2006-3762 (The Touch Control ActiveX control 2.0.0.55 allows remote attackers to  ...)
 	NOT-FOR-US: Touch Control ActiveX control
-CVE-2006-3761
+CVE-2006-3761 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in  ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3760
+CVE-2006-3760 (Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1 ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3759
+CVE-2006-3759 (Unspecified vulnerability in MyBB (aka MyBulletinBoard) 1.1.4, related ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3758
+CVE-2006-3758 (inc/init.php in Archive Mode (Light) in MyBB (aka MyBulletinBoard) 1.1 ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3757
+CVE-2006-3757 (index.php in Zen Cart 1.3.0.2 allows remote attackers to obtain sensit ...)
 	NOT-FOR-US: Zen Cart
-CVE-2006-3756
+CVE-2006-3756 (Cross-site scripting (XSS) vulnerability in Geeklog 1.4.0sr4 and earli ...)
 	NOT-FOR-US: Geeklog
-CVE-2006-3755
+CVE-2006-3755 (PHP remote file inclusion vulnerability in Include/editor/class.rich.p ...)
 	NOT-FOR-US: FlushCMS
-CVE-2006-3754
+CVE-2006-3754 (PHP remote file inclusion vulnerability in Include/editor/rich_files/c ...)
 	NOT-FOR-US: FlushCMS
-CVE-2006-3753
+CVE-2006-3753 (setcookie.php for the administration login in Professional Home Page T ...)
 	NOT-FOR-US: Professional Home Page Tools Guestbook
-CVE-2006-3752
+CVE-2006-3752 (Multiple SQL injection vulnerabilities in class.php in Professional Ho ...)
 	NOT-FOR-US: Professional Home Page Tools Guestbook
-CVE-2006-3751
+CVE-2006-3751 (PHP remote file inclusion vulnerability in popups/ImageManager/config. ...)
 	NOT-FOR-US: HTMLArea3
-CVE-2006-3750
+CVE-2006-3750 (PHP remote file inclusion vulnerability in server.php in the Hashcash  ...)
 	NOT-FOR-US: Hashcash Component (com_hashcash) for Joomla
-CVE-2006-3749
+CVE-2006-3749 (PHP remote file inclusion vulnerability in sitemap.xml.php in Sitemap  ...)
 	NOT-FOR-US: Sitemap component (com_sitemap) for Mambo
-CVE-2006-3748
+CVE-2006-3748 (PHP remote file inclusion vulnerability in includes/abbc/abbc.class.ph ...)
 	NOT-FOR-US: LoudMouth Component for Mambo
-CVE-2006-3747
+CVE-2006-3747 (Off-by-one error in the ldap scheme handling in the Rewrite module (mo ...)
 	{DSA-1132-1 DSA-1131-1}
 	- apache 1.3.34-3 (medium; bug #380231)
 	- apache2 2.0.55-4.1 (medium; bug #380182)
-CVE-2006-3746
+CVE-2006-3746 (Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote a ...)
 	{DSA-1141-1 DSA-1140-1}
 	- gnupg 1.4.5-1 (medium; bug #381204)
 	- gnupg2 1.9.20-2 (medium)
-CVE-2006-3745
+CVE-2006-3745 (Unspecified vulnerability in the sctp_make_abort_user function in the  ...)
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 2.6.17-7
-CVE-2006-3744
+CVE-2006-3744 (Multiple integer overflows in ImageMagick before 6.2.9 allows user-ass ...)
 	{DSA-1168-1}
 	- imagemagick 7:6.2.4.5.dfsg1-0.10 (bug #385062)
 	- graphicsmagick 1.1.7-7
-CVE-2006-3743
+CVE-2006-3743 (Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assis ...)
 	{DSA-1168-1}
 	- imagemagick 7:6.2.4.5.dfsg1-0.10 (bug #385062)
 	- graphicsmagick 1.1.7-8
-CVE-2006-3742
+CVE-2006-3742 (The KDE PAM configuration shipped with Fedora Core 5 causes KDM passwo ...)
 	- kdebase <not-affected>
 	NOTE: only in Fedora
-CVE-2006-3741
+CVE-2006-3741 (The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and  ...)
 	{DSA-1233}
 	- linux-2.6 2.6.18-1
-CVE-2006-3740
+CVE-2006-3740 (Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree ...)
 	{DSA-1193-1}
 	- libxfont 1:1.2.2-1
-CVE-2006-3739
+CVE-2006-3739 (Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X s ...)
 	{DSA-1193-1}
 	- libxfont 1:1.2.2-1
-CVE-2006-3738
+CVE-2006-3738 (Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9. ...)
 	{DSA-1195-1 DSA-1185-2}
 	- openssl 0.9.8c-2 (bug #389940)
 	- openssl097 0.9.7k-2
@@ -7913,131 +7913,131 @@ CVE-2006-XXXX [ldap account manager sets trivial password instead of disabling i
 CVE-2006-XXXX [ldap account manager wrongly unlocks some passwords]
 	- ldap-account-manager 1.0.3-1 (bug #375453; medium)
 	[sarge] - ldap-account-manager <not-affected>
-CVE-2006-3737
+CVE-2006-3737 (Cross-site scripting (XSS) vulnerability in filemanager/filemanager.ph ...)
 	NOT-FOR-US: Plesk
-CVE-2006-3736
+CVE-2006-3736 (PHP remote file inclusion vulnerability in core/videodb.class.xml.php  ...)
 	NOT-FOR-US: VideoDB for Mambo
-CVE-2006-3735
+CVE-2006-3735 (Multiple PHP remote file inclusion vulnerabilities in Mail2Forum (modu ...)
 	NOT-FOR-US: Mail2Forum
-CVE-2006-3734
+CVE-2006-3734 (Multiple unspecified vulnerabilities in the Command Line Interface (CL ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3733
+CVE-2006-3733 (jmx-console/HtmlAdaptor in the jmx-console in the JBoss web applicatio ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3732
+CVE-2006-3732 (Cisco Security Monitoring, Analysis and Response System (CS-MARS) befo ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3731
+CVE-2006-3731 (Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attack ...)
 	- firefox 1.5.dfsg+1.5.0.6-1 (bug #379050; low)
 	[sarge] - mozilla-firefox <not-affected> (Unreproducible on Sarge)
-CVE-2006-3730
+CVE-2006-3730 (Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 al ...)
 	NOT-FOR-US: MSIE
-CVE-2006-3729
+CVE-2006-3729 (DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office ...)
 	NOT-FOR-US: MSIE
-CVE-2006-3728
+CVE-2006-3728 (Unspecified vulnerability in the kernel in Solaris 10 with patch 11882 ...)
 	NOT-FOR-US: Solaris
-CVE-2006-3727
+CVE-2006-3727 (Multiple SQL injection vulnerabilities in Eskolar CMS 0.9.0.0 allow re ...)
 	NOT-FOR-US: Eskolar CMS
-CVE-2006-3726
+CVE-2006-3726 (Buffer overflow in FileCOPA FTP Server before 1.01 released on 18th Ju ...)
 	NOT-FOR-US: FileCOPA FTP Server
-CVE-2006-3725
+CVE-2006-3725 (Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a d ...)
 	NOT-FOR-US: Norton Personal Firewall
-CVE-2006-3724
+CVE-2006-3724 (Unspecified vulnerability in JD Edwards HTML Server for Oracle OneWorl ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3723
+CVE-2006-3723 (Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle P ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3722
+CVE-2006-3722 (Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle P ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3721
+CVE-2006-3721 (Multiple unspecified vulnerabilities in Oracle Management Service for  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3720
+CVE-2006-3720 (Unspecified vulnerability in Enterprise Config Management for Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3719
+CVE-2006-3719 (Unspecified vulnerability in CORE: Repository for Oracle Enterprise Ma ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3718
+CVE-2006-3718 (Multiple unspecified vulnerabilities in Oracle Exchange for Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3717
+CVE-2006-3717 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3716
+CVE-2006-3716 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3715
+CVE-2006-3715 (Unspecified vulnerability in Calendar for Oracle Collaboration Suite 1 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3714
+CVE-2006-3714 (Unspecified vulnerability in OC4J for Oracle Application Server 10.1.2 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3713
+CVE-2006-3713 (Unspecified vulnerability in OC4J for Oracle Application Server 10.1.3 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3712
+CVE-2006-3712 (Unspecified vulnerability in OC4J for Oracle Application Server 9.0.4. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3711
+CVE-2006-3711 (Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3710
+CVE-2006-3710 (Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3709
+CVE-2006-3709 (Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3708
+CVE-2006-3708 (Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3707
+CVE-2006-3707 (Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3706
+CVE-2006-3706 (Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3705
+CVE-2006-3705 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3704
+CVE-2006-3704 (Unspecified vulnerability in the Oracle ODBC Driver for Oracle Databas ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3703
+CVE-2006-3703 (Unspecified vulnerability in InterMedia for Oracle Database 9.0.1.5, 9 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3702
+CVE-2006-3702 (Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3701
+CVE-2006-3701 (Unspecified vulnerability in the Dictionary component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3700
+CVE-2006-3700 (Multiple unspecified vulnerabilities in Oracle Database 9.2.0.6 and 10 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3699
+CVE-2006-3699 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3698
+CVE-2006-3698 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-3697
+CVE-2006-3697 (Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavas ...)
 	NOT-FOR-US: Outpost Firewall Pro
-CVE-2006-3696
+CVE-2006-3696 (filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows l ...)
 	NOT-FOR-US: Outpost Firewall Pro
-CVE-2006-3694
+CVE-2006-3694 (Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote ...)
 	{DSA-1157 DSA-1139-1}
 	- ruby1.8 1.8.4-3 (bug #378029; medium)
 	- ruby1.9 1.9.0+20060609-1 (medium)
-CVE-2006-3693
+CVE-2006-3693 (Rocks Clusters 4.1 and earlier allows local users to gain privileges v ...)
 	NOT-FOR-US: Rocks Clusters
 CVE-2006-3692
 	NOT-FOR-US: ListMessenger
-CVE-2006-3691
+CVE-2006-3691 (Multiple SQL injection vulnerabilities in VBZooM 1.11 and earlier allo ...)
 	NOT-FOR-US: VBZooM
-CVE-2006-3690
+CVE-2006-3690 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5 ...)
 	NOT-FOR-US: MiniBB
 CVE-2006-3689
 	NOT-FOR-US: Codeworks Gnomedia SubberZ[Lite]
-CVE-2006-3688
+CVE-2006-3688 (SQL injection vulnerability in Room.php in Francisco Charrua Photo-Gal ...)
 	NOT-FOR-US: Francisco Charrua Photo-Gallery
-CVE-2006-3687
+CVE-2006-3687 (Stack-based buffer overflow in the Universal Plug and Play (UPnP) serv ...)
 	NOT-FOR-US: D-Link
-CVE-2006-3686
+CVE-2006-3686 (Unspecified vulnerability in [SYSEXE]SMPUTIL.EXE in HP OpenVMS 7.3-2 a ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2006-3685
+CVE-2006-3685 (PHP remote file inclusion vulnerability in CzarNews 1.12 through 1.14  ...)
 	NOT-FOR-US: CzarNews
-CVE-2006-3684
+CVE-2006-3684 (PHP remote file inclusion vulnerability in calendar.php in SoftComplex ...)
 	NOT-FOR-US: SoftComplex PHP Event Calendar
-CVE-2006-3683
+CVE-2006-3683 (PHP remote file inclusion vulnerability in poll.php in Flipper Poll 1. ...)
 	NOT-FOR-US: Flipper Poll
-CVE-2006-3682
+CVE-2006-3682 (awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote attack ...)
 	- awstats 6.5-2 (bug #378960; low)
 	[sarge] - awstats 6.4-1sarge3
 	NOTE: A previous DSA introduced a fix that renders this vulnerability in ineffective
-CVE-2006-3681
+CVE-2006-3681 (Multiple cross-site scripting (XSS) vulnerabilities in awstats.pl in A ...)
 	- awstats 6.5-2 (bug #378960; unimportant)
 	NOTE: Path disclosure is not an issue for Debian
-CVE-2006-3680
+CVE-2006-3680 (Cross-site scripting (XSS) vulnerability in photocycle in Photocycle 1 ...)
 	NOT-FOR-US: Photocycle
-CVE-2006-3679
+CVE-2006-3679 (FatWire Content Server 5.5.0 allows remote attackers to bypass access  ...)
 	NOT-FOR-US: FatWire Content Server
-CVE-2006-3678
+CVE-2006-3678 (TippingPoint IPS running the TippingPoint Operating System (TOS) befor ...)
 	NOT-FOR-US: TippingPoint
-CVE-2006-3677
+CVE-2006-3677 (Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows r ...)
 	NOTE: MFSA-2006-45
 	- mozilla <not-affected> (mozilla 1.7 not affected)
 	- xulrunner 1.8.0.5-1 (high)
@@ -8045,74 +8045,74 @@ CVE-2006-3677
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird <not-affected>
 	- mozilla-thunderbird <not-affected>
-CVE-2006-3676
+CVE-2006-3676 (admin/gallery_admin.php in planetGallery before 14.07.2006 allows remo ...)
 	NOT-FOR-US: planetGallery
-CVE-2006-3675
+CVE-2006-3675 (Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configurati ...)
 	NOT-FOR-US: Password Safe
 	NOTE: mypasswordsafe and pwsafe might use code from Password Safe,
 	NOTE: but the problematic functionality is not present
-CVE-2006-3674
+CVE-2006-3674 (nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote  ...)
 	- armagetron 0.2.8.2.1-1 (bug #379062; low)
 	[sarge] - armagetron <no-dsa> (Minor game DoS)
 	[etch] - armagetron <no-dsa> (Minor game DoS)
-CVE-2006-3673
+CVE-2006-3673 (nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote  ...)
 	- armagetron 0.2.8.2.1-1 (bug #379062; low)
 	[sarge] - armagetron <no-dsa> (Minor game DoS)
 	[etch] - armagetron <no-dsa> (Minor game DoS)
-CVE-2006-3672
+CVE-2006-3672 (KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a den ...)
 	- kdelibs 4:3.5.4-1 (bug #378962; unimportant)
-CVE-2006-3671
+CVE-2006-3671 (Cross-site request forgery (CSRF) vulnerability in the communicate fun ...)
 	{DTSA-31-1}
 	- hyperestraier 1.3.3-1 (bug #379060; low)
-CVE-2006-3670
+CVE-2006-3670 (Stack-based buffer overflow in Winlpd 1.26 allows remote attackers to  ...)
 	NOT-FOR-US: Winlpd
-CVE-2006-3669
+CVE-2006-3669 (Mercury Messenger, possibly 1.7.1.1 and other versions, when running o ...)
 	NOT-FOR-US: Mercury Messenger
-CVE-2006-3668
+CVE-2006-3668 (Heap-based buffer overflow in the it_read_envelope function in Dynamic ...)
 	{DSA-1123}
 	- libdumb 1:0.9.3-5 (bug #379064; medium)
-CVE-2006-3667
+CVE-2006-3667 (Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking  ...)
 	NOT-FOR-US: Sybase/Financial Fusion Consumer Banking Suite
-CVE-2006-3666
+CVE-2006-3666 (SQL injection vulnerability in AjaxPortal 3.0, with magic_quotes_gpc d ...)
 	NOT-FOR-US: AjaxPortal
-CVE-2006-3665
+CVE-2006-3665 (SquirrelMail 1.4.6 and earlier, with register_globals enabled, allows  ...)
 	- squirrelmail 2:1.4.7-1 (unimportant)
 	NOTE: Operation with registers_globals not supported
-CVE-2006-3664
+CVE-2006-3664 (Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 al ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2006-3663
+CVE-2006-3663 (Finjan Vital Security Appliance 5100/8100 NG 8.3.5 stores passwords in ...)
 	NOT-FOR-US: Finjan Appliance
 CVE-2006-3662
 	NOT-FOR-US: ATutor
-CVE-2006-3661
+CVE-2006-3661 (Cross-site scripting (XSS) vulnerability in Index.PHP in CuteNews 1.4. ...)
 	NOT-FOR-US: CuteNews
-CVE-2006-3660
+CVE-2006-3660 (Unspecified vulnerability in Microsoft PowerPoint 2003 has unknown imp ...)
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2006-3659
+CVE-2006-3659 (Microsoft Internet Explorer 6 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3658
+CVE-2006-3658 (Microsoft Internet Explorer 6 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3657
+CVE-2006-3657 (Microsoft Internet Explorer 6 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3656
+CVE-2006-3656 (Unspecified vulnerability in Microsoft PowerPoint 2003 allows user-ass ...)
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2006-3655
+CVE-2006-3655 (Unspecified vulnerability in mso.dll in Microsoft PowerPoint 2003 allo ...)
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2006-3654
+CVE-2006-3654 (Buffer overflow in wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet  ...)
 	NOT-FOR-US: Microsoft Works Spreadsheet
-CVE-2006-3653
+CVE-2006-3653 (wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote a ...)
 	NOT-FOR-US: Microsoft Works Spreadsheet
-CVE-2006-3652
+CVE-2006-3652 (Microsoft Internet Security and Acceleration (ISA) Server 2004 allows  ...)
 	NOT-FOR-US: Microsoft Internet Security and Acceleration Server
-CVE-2006-3651
+CVE-2006-3651 (Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3650
+CVE-2006-3650 (Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3649
+CVE-2006-3649 (Buffer overflow in Microsoft Visual Basic for Applications (VBA) SDK 6 ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3648
+CVE-2006-3648 (Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3647
+CVE-2006-3647 (Integer overflow in Microsoft Word 2000, 2002, 2003, 2004 for Mac, and ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-3646
 	REJECTED
@@ -8120,416 +8120,416 @@ CVE-2006-3645
 	REJECTED
 CVE-2006-3644
 	REJECTED
-CVE-2006-3643
+CVE-2006-3643 (Cross-site scripting (XSS) vulnerability in Internet Explorer 5.01 and ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-3642
 	REJECTED
 CVE-2006-3641
 	REJECTED
-CVE-2006-3640
+CVE-2006-3640 (Microsoft Internet Explorer 5.01 and 6 allows certain script to persis ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3639
+CVE-2006-3639 (Microsoft Internet Explorer 5.01 and 6 does not properly identify the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3638
+CVE-2006-3638 (Microsoft Internet Explorer 5.01 and 6 does not properly handle uninit ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3637
+CVE-2006-3637 (Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle va ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3636
+CVE-2006-3636 (Multiple cross-site scripting (XSS) vulnerabilities in Mailman before  ...)
 	{DSA-1188-1}
 	- mailman 1:2.1.8-3
-CVE-2006-3635
+CVE-2006-3635 (The ia64 subsystem in the Linux kernel before 2.6.26 allows local user ...)
 	- linux <not-affected> (Fixed before initial rename to src:linux)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=199440
 	NOTE: Fixed by: https://git.kernel.org/linus/4dcc29e1574d88f4465ba865ed82800032f76418 (2.6.26-rc5)
-CVE-2006-3634
+CVE-2006-3634 (The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functi ...)
 	- linux-2.6 2.6.17-1 (medium)
-CVE-2006-3633
+CVE-2006-3633 (OSSP shiela 1.1.5 and earlier allows remote authenticated users to exe ...)
 	NOT-FOR-US: shiela
-CVE-2006-3632
+CVE-2006-3632 (Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows re ...)
 	{DSA-1127}
 	- ethereal <removed> (bug #378745; high)
 	- wireshark 0.99.2-1 (high)
-CVE-2006-3631
+CVE-2006-3631 (Unspecified vulnerability in the SSH dissector in Wireshark (aka Ether ...)
 	{DSA-1127}
 	- ethereal <removed> (bug #378745; high)
 	- wireshark 0.99.2-1 (high)
-CVE-2006-3630
+CVE-2006-3630 (Multiple off-by-one errors in Wireshark (aka Ethereal) 0.9.7 to 0.99.0 ...)
 	{DSA-1127}
 	- ethereal <removed> (bug #378745; high)
 	- wireshark 0.99.2-1 (high)
-CVE-2006-3629
+CVE-2006-3629 (Unspecified vulnerability in the MOUNT dissector in Wireshark (aka Eth ...)
 	{DSA-1127}
 	- ethereal <removed> (bug #378745; high)
 	- wireshark 0.99.2-1 (high)
-CVE-2006-3628
+CVE-2006-3628 (Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.1 ...)
 	{DSA-1127}
 	- ethereal <removed> (bug #378745; high)
 	- wireshark 0.99.2-1 (high)
-CVE-2006-3627
+CVE-2006-3627 (Unspecified vulnerability in the GSM BSSMAP dissector in Wireshark (ak ...)
 	- ethereal <removed> (bug #378745; high)
 	- wireshark 0.99.2-1 (high)
 	[sarge] - ethereal <no-dsa> (Vulnerable code not present)
-CVE-2006-3625
+CVE-2006-3625 (FLV Players 8 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: FLV Players
-CVE-2006-3624
+CVE-2006-3624 (Multiple cross-site scripting (XSS) vulnerabilities in FLV Players 8 a ...)
 	NOT-FOR-US: FLV Players
-CVE-2006-3623
+CVE-2006-3623 (Directory traversal vulnerability in Framework Service component in Mc ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2006-3622
+CVE-2006-3622 (The showtopic module in Koobi Pro CMS 5.6 allows remote attackers to o ...)
 	NOT-FOR-US: Koobi Pro CMS
-CVE-2006-3621
+CVE-2006-3621 (SQL injection vulnerability in the showtopic module in Koobi Pro CMS 5 ...)
 	NOT-FOR-US: Koobi Pro CMS
-CVE-2006-3620
+CVE-2006-3620 (Cross-site scripting (XSS) vulnerability in the showtopic module in Ko ...)
 	NOT-FOR-US: Koobi Pro CMS
-CVE-2006-3619
+CVE-2006-3619 (Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC  ...)
 	{DSA-1170}
 	- gcc-4.1 4.1.1-11 (bug #368397; low)
 	- gcc-3.4 3.4.4-0
 	NOTE: gcc-3.4 no longer builds the fastjar package
-CVE-2006-3618
+CVE-2006-3618 (SQL injection vulnerability in pblguestbook.php in Pixelated By Lev (P ...)
 	NOT-FOR-US: Pixelated By Lev (PBL) Guestbook
-CVE-2006-3617
+CVE-2006-3617 (Cross-site scripting (XSS) vulnerability in pblguestbook.php in Pixela ...)
 	NOT-FOR-US: Pixelated By Lev (PBL) Guestbook
-CVE-2006-3616
+CVE-2006-3616 (Multiple cross-site scripting (XSS) vulnerabilities in Carbonize Lazar ...)
 	NOT-FOR-US: Carbonize Lazarus Guestbook
-CVE-2006-3615
+CVE-2006-3615 (Multiple PHP remote file inclusion vulnerabilities in Phorum 5.1.14, w ...)
 	NOT-FOR-US: Phorum
-CVE-2006-3614
+CVE-2006-3614 (index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to tr ...)
 	NOT-FOR-US: Orbitcoders OrbitMATRIX
-CVE-2006-3613
+CVE-2006-3613 (Multiple cross-site scripting (XSS) vulnerabilities in Chamberland Tec ...)
 	NOT-FOR-US: Chamberland Technology ezWaiter
-CVE-2006-3612
+CVE-2006-3612 (Cross-site scripting (XSS) vulnerability in Phorum 5.1.14 allows remot ...)
 	NOT-FOR-US: Phorum
-CVE-2006-3611
+CVE-2006-3611 (Directory traversal vulnerability in pm.php in Phorum 5 allows remote  ...)
 	NOT-FOR-US: Phorum
-CVE-2006-3610
+CVE-2006-3610 (index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to ob ...)
 	NOT-FOR-US: Orbitcoders OrbitMATRIX
-CVE-2006-3609
+CVE-2006-3609 (Cross-site scripting (XSS) vulnerability in index.php in Orbitcoders O ...)
 	NOT-FOR-US: Orbitcoders OrbitMATRIX
-CVE-2006-3608
+CVE-2006-3608 (The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when G ...)
 	NOT-FOR-US: Simone Vellei Flatnuke
-CVE-2006-3607
+CVE-2006-3607 (Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Banner  ...)
 	NOT-FOR-US: Softbiz Banner Exchange Script (aka Banner Exchange Network Script)
-CVE-2006-3606
+CVE-2006-3606 (Unspecified vulnerability in Sun Solaris X Inter Client Exchange libra ...)
 	NOTE: Sun Solaris
-CVE-2006-3605
+CVE-2006-3605 (Microsoft Internet Explorer 6 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3604
+CVE-2006-3604 (Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and  ...)
 	NOT-FOR-US: FlexWATCH Network Camera
-CVE-2006-3603
+CVE-2006-3603 (Cross-site scripting (XSS) vulnerability in index.php in FlexWATCH Net ...)
 	NOT-FOR-US: FlexWATCH Network Camera
-CVE-2006-3602
+CVE-2006-3602 (Directory traversal vulnerability in jscripts/tiny_mce/tiny_mce_gzip.p ...)
 	NOTE: this is CVE-2005-4600
 	NOT-FOR-US: Farsinews
 CVE-2006-3601
 	NOT-FOR-US: DotNetNuke
-CVE-2006-3600
+CVE-2006-3600 (Multiple stack-based buffer overflows in the LookupTRM::lookup functio ...)
 	{DSA-1135-1}
 	- libtunepimp 0.4.2-4 (bug #378091; medium)
-CVE-2006-3599
+CVE-2006-3599 (SQL injection vulnerability in the Nuke Advanced Classifieds module fo ...)
 	NOT-FOR-US: Nuke Advanced Classifieds module for PHP-Nuke
-CVE-2006-3598
+CVE-2006-3598 (SQL injection vulnerability in the Sections module for PHP-Nuke allows ...)
 	NOT-FOR-US: Sections module for PHP-Nuke
-CVE-2006-3597
+CVE-2006-3597 (passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password bla ...)
 	- shadow <not-affected> (fix for a mistake in the Ubuntu installer)
-CVE-2006-3596
+CVE-2006-3596 (The device driver for Intel-based gigabit network adapters in Cisco In ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3595
+CVE-2006-3595 (The default configuration of IOS HTTP server in Cisco Router Web Setup ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3594
+CVE-2006-3594 (Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0 ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3593
+CVE-2006-3593 (The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5 ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3592
+CVE-2006-3592 (Unspecified vulnerability in the command line interface (CLI) in Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3591
+CVE-2006-3591 (Microsoft Internet Explorer 6 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3626
+CVE-2006-3626 (Race condition in Linux kernel 2.6.17.4 and earlier allows local users ...)
 	{DSA-1111}
 	- linux-2.6 2.6.17-4 (bug #378324; high)
 CVE-2006-XXXX [insufficient form variable escaping]
 	- webauth 3.5.2-1
-CVE-2006-3590
+CVE-2006-3590 (mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows use ...)
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2006-3589
+CVE-2006-3589 (vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructu ...)
 	NOT-FOR-US: VMware
-CVE-2006-3588
+CVE-2006-3588 (Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0  ...)
 	- flashplugin-nonfree 7.0.68.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2006-3587
+CVE-2006-3587 (Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0  ...)
 	- flashplugin-nonfree 7.0.68.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2006-3586
+CVE-2006-3586 (SQL injection vulnerability in Jetbox CMS 2.1 SR1 allows remote attack ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-3585
+CVE-2006-3585 (Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS 2.1  ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-3584
+CVE-2006-3584 (Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2 ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-3583
+CVE-2006-3583 (Session fixation vulnerability in Jetbox CMS 2.1 SR1 allows remote att ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-3582
+CVE-2006-3582 (Multiple heap-based buffer overflows in Audacious AdPlug 2.0 and earli ...)
 	- adplug 2.0.1-1 (bug #378279; medium)
-CVE-2006-3581
+CVE-2006-3581 (Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and earl ...)
 	- adplug 2.0.1-1 (bug #378279; medium)
-CVE-2006-3580
+CVE-2006-3580 (SQL injection vulnerability in pages.asp in ASP Stats Generator before ...)
 	NOT-FOR-US: ASP Stats Generator
-CVE-2006-3579
+CVE-2006-3579 (Cross-site scripting (XSS) vulnerability in Fujitsu ServerView 2.50 up ...)
 	NOT-FOR-US: Fujitsu ServerView
-CVE-2006-3578
+CVE-2006-3578 (Directory traversal vulnerability in Fujitsu ServerView 2.50 up to 3.6 ...)
 	NOT-FOR-US: Fujitsu ServerView
-CVE-2006-3577
+CVE-2006-3577 (SQL injection vulnerability in index.php in LifeType 1.0.5 allows remo ...)
 	NOT-FOR-US: LifeType
-CVE-2006-3576
+CVE-2006-3576 (SQL injection vulnerability in search.php in SenseSites CommonSense CM ...)
 	NOT-FOR-US: SenseSites CommonSense
-CVE-2006-3575
+CVE-2006-3575 (Unknown vulnerability in the Buffer Overflow Protection in McAfee Viru ...)
 	NOT-FOR-US: McAfee VirusScan Enterprise
-CVE-2006-3574
+CVE-2006-3574 (Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Groupma ...)
 	NOT-FOR-US: Hitachi Groupmax Collaboration Portal and Web Client and uCosminexus Collaboration Portal and Forum/File Sharing
-CVE-2006-3573
+CVE-2006-3573 (Format string vulnerability in the WriteText function in agl_text.cpp  ...)
 	NOT-FOR-US: Milan Mimica Sparklet
-CVE-2006-3572
+CVE-2006-3572 (SQL injection vulnerability in forumthread.php in Papoo 3 RC3 and earl ...)
 	NOT-FOR-US: Papoo
-CVE-2006-3571
+CVE-2006-3571 (Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.p ...)
 	NOT-FOR-US: Papoo
-CVE-2006-3570
+CVE-2006-3570 (Cross-site scripting (XSS) vulnerability in the webform module in Drup ...)
 	- drupal <not-affected> (webform module is not in Debian Drupal 4.5 package)
-CVE-2006-3569
+CVE-2006-3569 (Unspecified vulnerability in NetApp Data ONTAP 7.0x through 7.0.4P8D9, ...)
 	NOT-FOR-US: IBM Data ONTAP
-CVE-2006-3568
+CVE-2006-3568 (Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php i ...)
 	NOT-FOR-US: Fantastic Guestbook
-CVE-2006-3567
+CVE-2006-3567 (Cross-site scripting (XSS) vulnerability in the web administration int ...)
 	NOT-FOR-US: Juniper
-CVE-2006-3566
+CVE-2006-3566 (search.results.php in HiveMail 3.1 and earlier allows remote attackers ...)
 	NOT-FOR-US: HiveMail
-CVE-2006-3565
+CVE-2006-3565 (SQL injection vulnerability in search.results.php in HiveMail 1.3 and  ...)
 	NOT-FOR-US: HiveMail
-CVE-2006-3564
+CVE-2006-3564 (Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 an ...)
 	NOT-FOR-US: HiveMail
-CVE-2006-3563
+CVE-2006-3563 (Cross-site scripting (XSS) vulnerability in gallery/thumb.php in Winge ...)
 	NOT-FOR-US: Winged Gallery
-CVE-2006-3562
+CVE-2006-3562 (PHP remote file inclusion vulnerabilities in plume cms 1.0.4 allow rem ...)
 	NOT-FOR-US: Plume CMS
-CVE-2006-3561
+CVE-2006-3561 (BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB018c1.d16d and earli ...)
 	NOT-FOR-US: BT Voyager
-CVE-2006-3560
+CVE-2006-3560 (SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums ...)
 	NOT-FOR-US: Blue Dojo Graffiti Forums
-CVE-2006-3559
+CVE-2006-3559 (Multiple SQL injection vulnerabilities in Arif Supriyanto auraCMS 1.62 ...)
 	NOT-FOR-US: auraCMS
-CVE-2006-3558
+CVE-2006-3558 (Multiple cross-site scripting (XSS) vulnerabilities in Arif Supriyanto ...)
 	NOT-FOR-US: auraCMS
-CVE-2006-3557
+CVE-2006-3557 (MT Orumcek Toplist 2.2 stores DB/orumcektoplist.mdb under the web root ...)
 	NOT-FOR-US: MT Orumcek Toplist
-CVE-2006-3556
+CVE-2006-3556 (PHP remote file inclusion vulnerability in extcalendar.php in Mohamed  ...)
 	NOT-FOR-US: Mohamed Moujami ExtCalendar
-CVE-2006-3555
+CVE-2006-3555 (Multiple cross-site scripting (XSS) vulnerabilities in submit.php in P ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2006-3554
+CVE-2006-3554 (Directory traversal vulnerability in index.php in MKPortal 1.0.1 Final ...)
 	NOT-FOR-US: MKPortal
-CVE-2006-3553
+CVE-2006-3553 (PlaNet Concept planetNews allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: planetNews
-CVE-2006-3552
+CVE-2006-3552 (Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and Collaborati ...)
 	NOT-FOR-US: Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium
-CVE-2006-3551
+CVE-2006-3551 (NCP Secure Enterprise Client (aka VPN/PKI client) 8.30 Build 59, and p ...)
 	NOT-FOR-US: NCP VPN/PKI Client (apparently nothing to do with Novell)
-CVE-2006-3550
+CVE-2006-3550 (Multiple cross-site scripting (XSS) vulnerabilities in F5 Networks Fir ...)
 	NOT-FOR-US: F5 Netowrks FirePass
-CVE-2006-3549
+CVE-2006-3549 (services/go.php in Horde Application Framework 3.0.0 through 3.0.10 an ...)
 	{DSA-1406-1}
 	- horde3 3.1.2-1 (bug #378281; low)
-CVE-2006-3548
+CVE-2006-3548 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Applicati ...)
 	{DSA-1406-1}
 	- horde3 3.1.2-1 (bug #378281; low)
 CVE-2006-3547
 	NOT-FOR-US: EMC VMware Player
-CVE-2006-3546
+CVE-2006-3546 (Patrice Freydiere ImgSvr (aka ADA Image Server) allows remote attacker ...)
 	NOT-FOR-US: Patrice Freydiere ImgSvr
-CVE-2006-3545
+CVE-2006-3545 (** DISPUTED ** Microsoft Internet Explorer 7.0 Beta allows remote atta ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2006-3544
 	NOT-FOR-US: Invision Power Board
 CVE-2006-3543
 	NOT-FOR-US: Invision Power Board
-CVE-2006-3542
+CVE-2006-3542 (Multiple cross-site scripting (XSS) vulnerabilities in Garry Glendown  ...)
 	NOT-FOR-US: Garry Glendown Shopping Cart
-CVE-2006-3541
+CVE-2006-3541 (SQL injection vulnerability in Meine Links (aka My Links) in Kyberna k ...)
 	NOT-FOR-US: Meine Links (aka My Links) in Kyberna ky2help
-CVE-2006-3540
+CVE-2006-3540 (Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6 ...)
 	NOT-FOR-US: Check Point Zone Labs ZoneAlarm Internet Security Suite
-CVE-2006-3539
+CVE-2006-3539 (Multiple cross-site scripting (XSS) vulnerabilities in DKScript.com Dr ...)
 	NOT-FOR-US: DKScript.com Dragon's Kingdom Script
-CVE-2006-3538
+CVE-2006-3538 (Multiple cross-site scripting (XSS) vulnerabilities in demo.php in Bea ...)
 	NOT-FOR-US: BeatificFaith Eprayer
-CVE-2006-3537
+CVE-2006-3537 (PHP remote file inclusion vulnerability in index.php in Randshop befor ...)
 	NOT-FOR-US: Randshop
-CVE-2006-3536
+CVE-2006-3536 (Direct static code injection vulnerability in code/class_db_text.php i ...)
 	NOT-FOR-US: EJ3 TOPo
-CVE-2006-3535
+CVE-2006-3535 (Directory traversal vulnerability in Nullsoft SHOUTcast DSP before 1.9 ...)
 	NOT-FOR-US: Nullsoft SHOUTcast DSP
-CVE-2006-3534
+CVE-2006-3534 (Directory traversal vulnerability in Nullsoft SHOUTcast DSP before 1.9 ...)
 	NOT-FOR-US: Nullsoft SHOUTcast DSP
-CVE-2006-3533
+CVE-2006-3533 (Multiple cross-site scripting (XSS) vulnerabilities in Pivot 1.30 RC2  ...)
 	- pivot <itp> (bug #305786)
-CVE-2006-3532
+CVE-2006-3532 (PHP file inclusion vulnerability in includes/edit_new.php in Pivot 1.3 ...)
 	- pivot <itp> (bug #305786)
-CVE-2006-3531
+CVE-2006-3531 (includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates ...)
 	- pivot <itp> (bug #305786)
-CVE-2006-3530
+CVE-2006-3530 (PHP remote file inclusion vulnerability in com_pccookbook/pccookbook.p ...)
 	NOT-FOR-US: PccookBook Component for Mambo and Joomla
-CVE-2006-3529
+CVE-2006-3529 (Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 200 ...)
 	NOT-FOR-US: Juniper JUNOS
-CVE-2006-3528
+CVE-2006-3528 (Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mamb ...)
 	NOT-FOR-US: Simpleboard Mambo module
-CVE-2006-3527
+CVE-2006-3527 (Multiple PHP remote file inclusion vulnerabilities in BosClassifieds C ...)
 	NOT-FOR-US: BosClassifieds Classified Ads
-CVE-2006-3526
+CVE-2006-3526 (Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php i ...)
 	NOT-FOR-US: Sport-slo Advanced Guestbook
-CVE-2006-3525
+CVE-2006-3525 (SQL injection vulnerability in category.php in PHCDownload 1.0.0 Final ...)
 	NOT-FOR-US: PHCDownload
-CVE-2006-3524
+CVE-2006-3524 (Buffer overflow in SIPfoundry sipXtapi released before 20060324 allows ...)
 	NOT-FOR-US: SIPfoundry sipXtapi
-CVE-2006-3523
+CVE-2006-3523 (Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote atta ...)
 	NOT-FOR-US: Clearswift MIMEsweeper
-CVE-2006-3522
+CVE-2006-3522 (Cross-site scripting (XSS) vulnerability in Clearswift MIMEsweeper for ...)
 	NOT-FOR-US: Clearswift MIMEsweeper
-CVE-2006-3521
+CVE-2006-3521 (Multiple cross-site scripting (XSS) vulnerabilities in index/siteforge ...)
 	NOT-FOR-US: SiteForge Collaborative Development Platform
-CVE-2006-3520
+CVE-2006-3520 (PHP remote file inclusion vulnerability in skins/advanced/advanced1.ph ...)
 	NOT-FOR-US: Sabdrimer Pro
-CVE-2006-3519
+CVE-2006-3519 (Multiple cross-site scripting (XSS) vulnerabilities in The Banner Engi ...)
 	NOT-FOR-US: The Banner Engine
-CVE-2006-3518
+CVE-2006-3518 (SQL injection vulnerability in SayfalaAltList.asp in Webvizyon Portal  ...)
 	NOT-FOR-US: Webvizyon Portal
-CVE-2006-3517
+CVE-2006-3517 (PHP remote file inclusion vulnerability in stats.php in RW::Download,  ...)
 	NOT-FOR-US: RW::Download
-CVE-2006-3516
+CVE-2006-3516 (Multiple SQL injection vulnerabilities in FreeHost allow remote attack ...)
 	NOT-FOR-US: FreeHost
-CVE-2006-3515
+CVE-2006-3515 (SQL injection vulnerability in the loginADP function in ajaxp.php in A ...)
 	NOT-FOR-US: AjaxPortal
-CVE-2006-3514
+CVE-2006-3514 (Multiple cross-site scripting (XSS) vulnerabilities in admin/actions.p ...)
 	NOT-FOR-US: PHP-Blogger
-CVE-2006-3513
+CVE-2006-3513 (danim.dll in Microsoft Internet Explorer 6 allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3512
+CVE-2006-3512 (Internet Explorer 6 on Windows XP allows remote attackers to cause a d ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3511
+CVE-2006-3511 (Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3510
+CVE-2006-3510 (The Remote Data Service Object (RDS.DataControl) in Microsoft Internet ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3509
+CVE-2006-3509 (Integer overflow in the API for the AirPort wireless driver on Apple M ...)
 	NOT-FOR-US: Apple
-CVE-2006-3508
+CVE-2006-3508 (Heap-based buffer overflow in the AirPort wireless driver on Apple Mac ...)
 	NOT-FOR-US: Apple
-CVE-2006-3507
+CVE-2006-3507 (Multiple stack-based buffer overflows in the AirPort wireless driver o ...)
 	NOT-FOR-US: Apple
-CVE-2006-3506
+CVE-2006-3506 (Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and O ...)
 	NOT-FOR-US: Mac OS X
-CVE-2006-3505
+CVE-2006-3505 (WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to  ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3504
+CVE-2006-3504 (The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 ca ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3503
+CVE-2006-3503 (Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assis ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3502
+CVE-2006-3502 (Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows u ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3501
+CVE-2006-3501 (Integer overflow in ImageIO for Apple Mac OS X 10.4.7 allows user-assi ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3500
+CVE-2006-3500 (The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users  ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3499
+CVE-2006-3499 (The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users  ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3498
+CVE-2006-3498 (Stack-based buffer overflow in bootpd in the DHCP component for Apple  ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3497
+CVE-2006-3497 (Unspecified vulnerability in the "compression state handling" in Bom f ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3496
+CVE-2006-3496 (AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3495
+CVE-2006-3495 (AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 stores reconnect keys i ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2006-3494
+CVE-2006-3494 (Multiple cross-site scripting (XSS) vulnerabilities in Buddy Zone 1.0. ...)
 	NOT-FOR-US: Buddy Zone
-CVE-2006-3493
+CVE-2006-3493 (Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9 ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2006-3492
+CVE-2006-3492 (The CORBA::ORBInvokeRec::set_answer_invoke function in orb.cc in MICO  ...)
 	NOT-FOR-US: MICO
-CVE-2006-3491
+CVE-2006-3491 (Stack-based buffer overflow in Kaillera Server 0.86 and earlier allows ...)
 	NOT-FOR-US: Kaillera Server
-CVE-2006-3490
+CVE-2006-3490 (F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Sec ...)
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2006-3489
+CVE-2006-3489 (F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Sec ...)
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2006-3488
+CVE-2006-3488 (Absolute path traversal vulnerability in administrador.asp in VirtuaSt ...)
 	NOT-FOR-US: VirtuaStore
-CVE-2006-3487
+CVE-2006-3487 (VirtuaStore 2.0 stores sensitive files under the web root with insuffi ...)
 	NOT-FOR-US: VirtuaStore
-CVE-2006-3485
+CVE-2006-3485 (Multiple SQL injection vulnerabilities in AstroDog Press Some Chess 1. ...)
 	NOT-FOR-US: AstroDog Press Some Chess
-CVE-2006-3484
+CVE-2006-3484 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 1 ...)
 	NOT-FOR-US: ATutor
-CVE-2006-3483
+CVE-2006-3483 (PHPMailList 1.8.0 stores sensitive information under the web document  ...)
 	NOT-FOR-US: PHPMailList
-CVE-2006-3482
+CVE-2006-3482 (Cross-site scripting (XSS) vulnerability in maillist.php in PHPMailLis ...)
 	NOT-FOR-US: PHPMailList
-CVE-2006-3481
+CVE-2006-3481 (Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow  ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-3480
+CVE-2006-3480 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before  ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-3479
+CVE-2006-3479 (Cross-site request forgery (CSRF) vulnerability in the del_block funct ...)
 	NOT-FOR-US: Nuked-Klan
-CVE-2006-3478
+CVE-2006-3478 (PHP remote file inclusion vulnerability in styles/default/global_heade ...)
 	NOT-FOR-US: MyPHP CMS
-CVE-2006-3477
+CVE-2006-3477 (Unspecified vulnerability in the POP service in Stalker CommuniGate Pr ...)
 	NOT-FOR-US: Stalker CommuniGate Pro
-CVE-2006-3476
+CVE-2006-3476 (Cross-site scripting (XSS) vulnerability in comments.php in PhpWebGall ...)
 	NOT-FOR-US: PhpWebGallery
-CVE-2006-3475
+CVE-2006-3475 (Multiple PHP remote file inclusion vulnerabilities in free QBoard 1.1  ...)
 	NOT-FOR-US: QBoard
-CVE-2006-3474
+CVE-2006-3474 (Multiple SQL injection vulnerabilities in Belchior Foundry vCard PRO a ...)
 	NOT-FOR-US: Belchior Foundry vCard PRO
-CVE-2006-3473
+CVE-2006-3473 (CRLF injection vulnerability in form_mail Drupal Module before 1.8.2.2 ...)
 	- drupal <not-affected> (form_mail Module not in debian)
-CVE-2006-3472
+CVE-2006-3472 (Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3471
+CVE-2006-3471 (Microsoft Internet Explorer 6 on Windows XP allows remote attackers to ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3470
+CVE-2006-3470 (The Dell Openmanage CD launches X11 and SSH daemons that do not requir ...)
 	NOT-FOR-US: Dell Openmanage CD
-CVE-2006-3469
+CVE-2006-3469 (Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1. ...)
 	{DSA-1112}
 	- mysql-dfsg-5.0 5.0.22-1 (bug #375694)
-CVE-2006-3468
+CVE-2006-3468 (Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attack ...)
 	{DSA-1184-2}
 	- linux-2.6 2.6.17-6
-CVE-2006-3467
+CVE-2006-3467 (Integer overflow in FreeType before 2.2 allows remote attackers to cau ...)
 	{DSA-1193-1 DSA-1178-1}
 	- freetype 2.2.1-5 (bug #379920; medium)
 	- libxfont 1:1.2.0-2 (medium; bug #383353)
 CVE-2006-3466
 	REJECTED
-CVE-2006-3465
+CVE-2006-3465 (Unspecified vulnerability in the custom tag support for the TIFF libra ...)
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3464
+CVE-2006-3464 (TIFF library (libtiff) before 3.8.2 allows context-dependent attackers ...)
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3463
+CVE-2006-3463 (The EstimateStripByteCounts function in TIFF library (libtiff) before  ...)
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3462
+CVE-2006-3462 (Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library ...)
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3461
+CVE-2006-3461 (Heap-based buffer overflow in the PixarLog decoder in the TIFF library ...)
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3460
+CVE-2006-3460 (Heap-based buffer overflow in the JPEG decoder in the TIFF library (li ...)
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-3459
+CVE-2006-3459 (Multiple stack-based buffer overflows in the TIFF library (libtiff) be ...)
 	{DSA-1137-1}
 	- tiff 3.8.2-6
 	- tiff3 <not-affected> (fixed prior to initial upload)
@@ -8538,743 +8538,743 @@ CVE-2006-3486
 	[sarge] - mysql-dfsg-4.1 <not-affected> (Vulnerable code not present)
 	[sarge] - mysql-dfsg <not-affected> (Vulnerable code not present)
 	NOTE: Only DoS possible, only root can trigger this -> non-issue
-CVE-2006-3457
+CVE-2006-3457 (Symantec On-Demand Agent (SODA) before 2.5 MR2 Build 2157, and the Vir ...)
 	NOT-FOR-US: Symantec
-CVE-2006-3456
+CVE-2006-3456 (The Symantec NAVOPTS.DLL ActiveX control (aka Symantec.Norton.AntiViru ...)
 	NOT-FOR-US: Symantec
-CVE-2006-3455
+CVE-2006-3455 (The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate E ...)
 	NOT-FOR-US: Symantec
-CVE-2006-3454
+CVE-2006-3454 (Multiple format string vulnerabilities in Symantec AntiVirus Corporate ...)
 	NOT-FOR-US: Symantec
-CVE-2006-3453
+CVE-2006-3453 (Buffer overflow in Adobe Acrobat 6.0 to 6.0.4 allows remote attackers  ...)
 	NOT-FOR-US: Adobe acrobat
-CVE-2006-3452
+CVE-2006-3452 (Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure f ...)
 	NOT-FOR-US: Adobe acrobat
-CVE-2006-3451
+CVE-2006-3451 (Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collec ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3450
+CVE-2006-3450 (Microsoft Internet Explorer 6 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3449
+CVE-2006-3449 (Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, p ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3448
+CVE-2006-3448 (Buffer overflow in the Step-by-Step Interactive Training in Microsoft  ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-3447
 	REJECTED
 CVE-2006-3446
 	REJECTED
-CVE-2006-3445
+CVE-2006-3445 (Integer overflow in the ReadWideString function in agentdpv.dll in Mic ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3444
+CVE-2006-3444 (Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3443
+CVE-2006-3443 (Untrusted search path vulnerability in Winlogon in Microsoft Windows 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3442
+CVE-2006-3442 (Unspecified vulnerability in Pragmatic General Multicast (PGM) in Micr ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3441
+CVE-2006-3441 (Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3440
+CVE-2006-3440 (Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP S ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3439
+CVE-2006-3439 (Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, X ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3438
+CVE-2006-3438 (Unspecified vulnerability in Microsoft Hyperlink Object Library (hlink ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-3437
 	REJECTED
-CVE-2006-3436
+CVE-2006-3436 (Cross-site scripting (XSS) vulnerability in Microsoft .NET Framework 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3435
+CVE-2006-3435 (PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X f ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3434
+CVE-2006-3434 (Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-3433
 	REJECTED
 CVE-2006-3432
 	REJECTED
-CVE-2006-3431
+CVE-2006-3431 (Buffer overflow in certain Asian language versions of Microsoft Excel  ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2006-3430
+CVE-2006-3430 (SQL injection vulnerability in checkprofile.asp in (1) PatchLink Updat ...)
 	NOT-FOR-US: Novell PatchLink Update Server
-CVE-2006-3429
+CVE-2006-3429 (Cross-site scripting (XSS) vulnerability in TigerTom TTCalc 1.0 allows ...)
 	NOT-FOR-US: TTCalc
-CVE-2006-3428
+CVE-2006-3428 (Cross-site scripting (XSS) vulnerability in TigerTom TTCalc 1.0 allows ...)
 	NOT-FOR-US: TTCalc
-CVE-2006-3427
+CVE-2006-3427 (Microsoft Internet Explorer 6 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3426
+CVE-2006-3426 (Directory traversal vulnerability in (a) PatchLink Update Server (PLUS ...)
 	NOT-FOR-US: Novell PatchLink Update Server
-CVE-2006-3425
+CVE-2006-3425 (FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2 ...)
 	NOT-FOR-US: Novell PatchLink Update Server
-CVE-2006-3424
+CVE-2006-3424 (Multiple buffer overflows in WebEx Downloader ActiveX Control, possibl ...)
 	NOT-FOR-US: WebEx Downloader ActiveX Control
-CVE-2006-3423
+CVE-2006-3423 (WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1. ...)
 	NOT-FOR-US: WebEx Downloader ActiveX Control
-CVE-2006-3422
+CVE-2006-3422 (PHP remote file inclusion vulnerability in WonderEdit Pro CMS allows r ...)
 	NOT-FOR-US: WonderEdit Pro CMS
-CVE-2006-3421
+CVE-2006-3421 (PHP remote file inclusion vulnerability in SmartSiteCMS 1.0 and earlie ...)
 	NOT-FOR-US: SmartSiteCMS
-CVE-2006-3420
+CVE-2006-3420 (Cross-site request forgery (CSRF) vulnerability in editpost.php in MyB ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3419
+CVE-2006-3419 (Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_byte ...)
 	- tor 0.1.1.20-1
-CVE-2006-3418
+CVE-2006-3418 (Tor before 0.1.1.20 does not validate that a server descriptor's finge ...)
 	- tor 0.1.1.20-1
-CVE-2006-3417
+CVE-2006-3417 (Tor client before 0.1.1.20 prefers entry points based on is_fast or is ...)
 	- tor 0.1.1.20-1
 CVE-2006-3416
 	- tor 0.1.1.20-1
-CVE-2006-3415
+CVE-2006-3415 (Tor before 0.1.1.20 uses improper logic to validate the "OR" destinati ...)
 	- tor 0.1.1.20-1
-CVE-2006-3414
+CVE-2006-3414 (Tor before 0.1.1.20 supports server descriptors that contain hostnames ...)
 	- tor 0.1.1.20-1
-CVE-2006-3413
+CVE-2006-3413 (The privoxy configuration file in Tor before 0.1.1.20, when run on App ...)
 	- tor 0.1.1.20-1
-CVE-2006-3412
+CVE-2006-3412 (Tor before 0.1.1.20 does not sufficiently obey certain firewall option ...)
 	- tor 0.1.1.20-1
-CVE-2006-3411
+CVE-2006-3411 (TLS handshakes in Tor before 0.1.1.20 generate public-private keys bas ...)
 	- tor 0.1.1.20-1
-CVE-2006-3410
+CVE-2006-3410 (Tor before 0.1.1.20 creates "internal circuits" primarily consisting o ...)
 	- tor 0.1.1.20-1
-CVE-2006-3409
+CVE-2006-3409 (Integer overflow in Tor before 0.1.1.20 allows remote attackers to exe ...)
 	- tor 0.1.1.20-1
-CVE-2006-3408
+CVE-2006-3408 (Unspecified vulnerability in the directory server (dirserver) in Tor b ...)
 	- tor 0.1.1.20-1
-CVE-2006-3407
+CVE-2006-3407 (Tor before 0.1.1.20 allows remote attackers to spoof log entries or po ...)
 	- tor 0.1.1.20-1
-CVE-2006-3406
+CVE-2006-3406 (Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 a ...)
 	NOT-FOR-US: QTOFileManager
-CVE-2006-3405
+CVE-2006-3405 (Cross-site scripting (XSS) vulnerability in qtofm.php in QTOFileManage ...)
 	NOT-FOR-US: QTOFileManager
-CVE-2006-3403
+CVE-2006-3403 (The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows  ...)
 	{DSA-1110}
 	- samba 3.0.23a-1 (bug #378070)
-CVE-2006-3402
+CVE-2006-3402 (SQL injection vulnerability in VirtuaStore 2.0 allows remote attackers ...)
 	NOT-FOR-US: VirtuaStore
-CVE-2006-3401
+CVE-2006-3401 (Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: Aren ...)
 	NOT-FOR-US: Quake 3
-CVE-2006-3400
+CVE-2006-3400 (Stack-based buffer overflow in the CG_ServerCommand function in Quake  ...)
 	NOT-FOR-US: Soldier of Fortune 2
-CVE-2006-3399
+CVE-2006-3399 (Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki befor ...)
 	NOT-FOR-US: MoniWiki
-CVE-2006-3398
+CVE-2006-3398 (The "change password forms" in Taskjitsu before 2.0.1 includes passwor ...)
 	NOT-FOR-US: Taskjitsu
-CVE-2006-3397
+CVE-2006-3397 (Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu befor ...)
 	NOT-FOR-US: Taskjitsu
-CVE-2006-3396
+CVE-2006-3396 (PHP remote file inclusion vulnerability in galleria.html.php in Galler ...)
 	NOT-FOR-US: Galleria Mambo Module
-CVE-2006-3395
+CVE-2006-3395 (PHP remote file inclusion vulnerability in top.php in SiteBuilder-FX 3 ...)
 	NOT-FOR-US: SiteBuilder-FX
-CVE-2006-3394
+CVE-2006-3394 (SQL injection vulnerability in the files mod in index.php in BXCP 0.3. ...)
 	NOT-FOR-US: BXCP
-CVE-2006-3393
+CVE-2006-3393 (Papyrus NASCAR Racing 4 4.1.3.1.6 and earlier, 2002 Season 1.1.0.2 and ...)
 	NOT-FOR-US: Papyrus NASCAR Racing
-CVE-2006-3392
+CVE-2006-3392 (Webmin before 1.290 and Usermin before 1.220 calls the simplify_path f ...)
 	{DSA-1199-1}
 	- webmin <removed> (medium; bug #381537)
-CVE-2006-3391
+CVE-2006-3391 (The Execute function in iMBCContents ActiveX Control before 2.0.0.59 a ...)
 	NOT-FOR-US: iMBCContents
-CVE-2006-3390
+CVE-2006-3390 (WordPress 2.0.3 allows remote attackers to obtain the installation pat ...)
 	- wordpress 2.0.4-1 (unimportant)
 	NOTE: http://wordpress.org/news/2006/07/wordpress-204/
-CVE-2006-3389
+CVE-2006-3389 (index.php in WordPress 2.0.3 allows remote attackers to obtain sensiti ...)
 	- wordpress 2.0.4-1 (unimportant)
 	NOTE: http://wordpress.org/news/2006/07/wordpress-204/
-CVE-2006-3388
+CVE-2006-3388 (Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 al ...)
 	- phpmyadmin 4:2.8.2-0.1 (bug #377748; low)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-3387
+CVE-2006-3387 (Directory traversal vulnerability in sources/post.php in Fusion News 1 ...)
 	NOT-FOR-US: Fusion News
-CVE-2006-3386
+CVE-2006-3386 (index.php in Vincent Leclercq News 5.2 allows remote attackers to obta ...)
 	NOT-FOR-US: Vincent Leclercq News
-CVE-2006-3385
+CVE-2006-3385 (Cross-site scripting (XSS) vulnerability in divers.php in Vincent Lecl ...)
 	NOT-FOR-US: Vincent Leclercq News
-CVE-2006-3384
+CVE-2006-3384 (SQL injection vulnerability in divers.php in Vincent Leclercq News 5.2 ...)
 	NOT-FOR-US: Vincent Leclercq News
-CVE-2006-3383
+CVE-2006-3383 (Cross-site scripting (XSS) vulnerability in index.php in mAds 1.0 allo ...)
 	NOT-FOR-US: mAds
-CVE-2006-3382
+CVE-2006-3382 (Cross-site scripting (XSS) vulnerability in search.php in mAds 1.0 all ...)
 	NOT-FOR-US: mAds
-CVE-2006-3381
+CVE-2006-3381 (SturGeoN Upload allows remote attackers to execute arbitrary PHP code  ...)
 	NOT-FOR-US: SturGeoN
-CVE-2006-3380
+CVE-2006-3380 (Algorithmic complexity vulnerability in FreeStyle Wiki before 3.6.2 al ...)
 	NOT-FOR-US: FreeStyle Wiki
-CVE-2006-3379
+CVE-2006-3379 (Algorithmic complexity vulnerability in Hiki Wiki 0.6.0 through 0.6.5  ...)
 	{DSA-1119}
 	- hiki 0.8.6-1 (bug #378059; low)
-CVE-2006-3378
+CVE-2006-3378 (passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called  ...)
 	{DSA-1150-1}
 	- shadow 1:4.0.14-1 (bug #379174)
-CVE-2006-3377
+CVE-2006-3377 (Cross-site scripting (XSS) vulnerability in JMB Software AutoRank PHP  ...)
 	NOT-FOR-US: JMB Software AutoRank PHP
-CVE-2006-3376
+CVE-2006-3376 (Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple pr ...)
 	{DSA-1194-1}
 	- libwmf 0.2.8.4-2 (bug #381538; medium)
-CVE-2006-3375
+CVE-2006-3375 (PHP remote file inclusion vulnerability in includes/header.inc.php in  ...)
 	NOT-FOR-US: Randshop
-CVE-2006-3374
+CVE-2006-3374 (PHP remote file inclusion vulnerability in index.php in Randshop 1.2 a ...)
 	NOT-FOR-US: Randshop
-CVE-2006-3373
+CVE-2006-3373 (Unspecified vulnerability in the client/bin/logfetch script in Hobbit  ...)
 	NOT-FOR-US: Hobbit
-CVE-2006-3372
+CVE-2006-3372 (Apple Safari 2.0.4/419.3 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2006-3371
+CVE-2006-3371 (Eupla Foros 1.0 stores the inc/config.inc file under the web document  ...)
 	NOT-FOR-US: Eupla Foros
-CVE-2006-3370
+CVE-2006-3370 (Blueboy 1.0.3 stores bb_news_config.inc under the web document root wi ...)
 	NOT-FOR-US: Blueboy
-CVE-2006-3369
+CVE-2006-3369 (Kamikaze-QSCM 0.1 stores config.inc under the web document root with i ...)
 	NOT-FOR-US: Kamikaze-QSCM
-CVE-2006-3368
+CVE-2006-3368 (Efone 20000723 stores config.inc under the web document root with insu ...)
 	NOT-FOR-US: Efone
-CVE-2006-3367
+CVE-2006-3367 (Mp3 JudeBox Server (Mp3NetBox) Beta 1 stores config.inc under the web  ...)
 	NOT-FOR-US: Mp3NetBox
-CVE-2006-3366
+CVE-2006-3366 (Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow r ...)
 	NOT-FOR-US: V3 Chat
-CVE-2006-3365
+CVE-2006-3365 (V3 Chat allows remote attackers to obtain the installation path via (1 ...)
 	NOT-FOR-US: V3 Chat
-CVE-2006-3364
+CVE-2006-3364 (SQL injection vulnerability in index.php in the NP_SEO plugin in BLOG: ...)
 	NOT-FOR-US: BLOG:CMS
-CVE-2006-3363
+CVE-2006-3363 (PHP remote file inclusion vulnerability in index.php in the Glossaire  ...)
 	NOT-FOR-US: Glossaire for Xoops
-CVE-2006-3362
+CVE-2006-3362 (Unrestricted file upload vulnerability in connectors/php/connector.php ...)
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
-CVE-2006-3361
+CVE-2006-3361 (PHP remote file inclusion vulnerability in Stud.IP 1.3.0-2 and earlier ...)
 	NOT-FOR-US: Stud.IP
-CVE-2006-3360
+CVE-2006-3360 (Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 all ...)
 	- phpsysinfo <unfixed> (unimportant)
 	- egroupware <unfixed> (unimportant)
 	- phpgroupware <unfixed> (unimportant)
 	NOTE: Only the existence of files inside the WWW root is leaked. If this is
 	NOTE: a threat to your setup you most probably shouldn't install a script which
 	NOTE: exposes all your system data, either.
-CVE-2006-3359
+CVE-2006-3359 (Multiple SQL injection vulnerabilities in index.php in NewsPHP 2006 PR ...)
 	NOT-FOR-US: NewsPHP
-CVE-2006-3358
+CVE-2006-3358 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ne ...)
 	NOT-FOR-US: NewsPHP
-CVE-2006-3357
+CVE-2006-3357 (Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) i ...)
 	NOT-FOR-US: HTML Help ActiveX control
-CVE-2006-3356
+CVE-2006-3356 (The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and ear ...)
 	NOT-FOR-US: Apple
-CVE-2006-3355
+CVE-2006-3355 (Heap-based buffer overflow in httpdget.c in mpg123 before 0.59s-rll al ...)
 	- mpg123 0.60-1 (bug #377264; medium)
 	[sarge] - mpg123 <no-dsa> (Non-free not supported)
-CVE-2006-3354
+CVE-2006-3354 (Microsoft Internet Explorer 6 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3353
+CVE-2006-3353 (Opera 9 allows remote attackers to cause a denial of service (crash) v ...)
 	NOT-FOR-US: Opera
 CVE-2006-3352
 	NOTE: firefox, but invalid
-CVE-2006-3351
+CVE-2006-3351 (Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2 ...)
 	NOT-FOR-US: Windows Explorer
-CVE-2006-3695
+CVE-2006-3695 (Trac before 0.9.6 does not disable the "raw" or "include" commands whe ...)
 	{DSA-1152}
 	- trac 0.9.6-1 (medium)
 	[sarge] - trac 0.8.1-3sarge5
-CVE-2006-3458
+CVE-2006-3458 (Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does n ...)
 	{DSA-1113}
 	- zope2.7 <removed> (bug #377285; medium)
 	- zope2.8 2.8.7-2 (bug #377277; medium)
 	- zope2.9 2.9.3-3 (bug #377286; medium)
-CVE-2006-3404
+CVE-2006-3404 (Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c  ...)
 	{DSA-1116}
 	- gimp 2.2.11-3.1 (bug #377049; medium)
-CVE-2006-3350
+CVE-2006-3350 (Stack-based buffer overflow in AutoVue SolidModel Professional Desktop ...)
 	NOT-FOR-US: AutoVue SolidModel Professional Desktop
-CVE-2006-3349
+CVE-2006-3349 (Multiple SQL injection vulnerabilities in SmS Script allow remote atta ...)
 	NOT-FOR-US: SmS Script
-CVE-2006-3348
+CVE-2006-3348 (Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and 3.3 Be ...)
 	NOT-FOR-US: HSPcomplete
-CVE-2006-3347
+CVE-2006-3347 (SQL injection vulnerability in index.php in deV!Lz Clanportal DZCP 1.3 ...)
 	NOT-FOR-US: deV!Lz Clanportal DZCP
-CVE-2006-3346
+CVE-2006-3346 (SQL injection vulnerability in tree.php in MyNewsGroups 0.6 allows rem ...)
 	NOT-FOR-US: MyNewsGroups
-CVE-2006-3345
+CVE-2006-3345 (Cross-site scripting (XSS) vulnerability in AliPAGER, possibly 1.5 and ...)
 	NOT-FOR-US: AliPAGER
-CVE-2006-3344
+CVE-2006-3344 (Siemens Speedstream Wireless Router 2624 allows local users to bypass  ...)
 	NOT-FOR-US: Siemens Speedstream Wireless Router
-CVE-2006-3343
+CVE-2006-3343 (PHP remote file inclusion vulnerability in recipe/cookbook.php in Cris ...)
 	NOT-FOR-US: CrisoftRicette
-CVE-2006-3342
+CVE-2006-3342 (Cross-site scripting (XSS) vulnerability in index.php in Arctic 1.0.2  ...)
 	NOT-FOR-US: Arctic
-CVE-2006-3341
+CVE-2006-3341 (SQL injection vulnerability in annonces-p-f.php in MyAds module 2.04jp ...)
 	NOT-FOR-US: MyAds module for Xoops
-CVE-2006-3340
+CVE-2006-3340 (Multiple PHP remote file inclusion vulnerabilities in Pearl For Mambo  ...)
 	NOT-FOR-US: Pearl For Mambo
-CVE-2006-3339
+CVE-2006-3339 (secure/ConfigureReleaseNote.jspa in Atlassian JIRA 3.6.2-#156 allows r ...)
 	NOT-FOR-US: Atlassian
-CVE-2006-3338
+CVE-2006-3338 (Cross-site scripting (XSS) vulnerability in Atlassian JIRA 3.6.2-#156  ...)
 	NOT-FOR-US: Atlassian
-CVE-2006-3337
+CVE-2006-3337 (Cross-site scripting (XSS) vulnerability in frontend/x/files/select.ht ...)
 	NOT-FOR-US: cPanel (not the Chinese language tool in Debian)
-CVE-2006-3336
+CVE-2006-3336 (TWiki 01-Dec-2000 up to 4.0.3 allows remote attackers to bypass the up ...)
 	- twiki 1:4.0.4-3 (low; bug #381907)
 	NOTE: only in some server configurations
-CVE-2006-3335
+CVE-2006-3335 (Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-3334
+CVE-2006-3334 (Buffer overflow in the png_decompress_chunk function in pngrutil.c in  ...)
 	- libpng 1.2.8rel-5.2 (bug #377298; bug #397892; unimportant)
 	NOTE: A static 50 char array consumes 13 machine words on 32bit archs, so the overflow
 	NOTE: cannot overwrite other memory sections
-CVE-2006-3333
+CVE-2006-3333 (Cross-site scripting (XSS) vulnerability in index.php in Zorum Forum 3 ...)
 	NOT-FOR-US: Zorum Forum
-CVE-2006-3332
+CVE-2006-3332 (SQL injection vulnerability in index.php in Zorum Forum 3.5 allows rem ...)
 	NOT-FOR-US: Zorum Forum
-CVE-2006-3331
+CVE-2006-3331 (Opera before 9.0 does not reset the SSL security bar after displaying  ...)
 	NOT-FOR-US: Opera
-CVE-2006-3330
+CVE-2006-3330 (Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL ...)
 	NOT-FOR-US: PHP/MySQL Classifieds
-CVE-2006-3329
+CVE-2006-3329 (SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PH ...)
 	NOT-FOR-US: PHP/MySQL Classifieds
-CVE-2006-3328
+CVE-2006-3328 (new_ticket.cgi in Hostflow 2.2.1-15 allows remote attackers to steal a ...)
 	NOT-FOR-US: Hostflow
-CVE-2006-3327
+CVE-2006-3327 (Cross-site scripting (XSS) vulnerability in Custom dating biz dating s ...)
 	NOT-FOR-US: Custom dating biz dating script
-CVE-2006-3326
+CVE-2006-3326 (Directory traversal vulnerability in QuickZip 3.06.3 allows remote use ...)
 	NOT-FOR-US: QuickZip
-CVE-2006-3325
+CVE-2006-3325 (client/cl_parse.c in the id3 Quake 3 Engine 1.32c and the Icculus Quak ...)
 	- ioquake3 1.36+svn1788j-1
 	- tremulous 1.1.0-6 (bug #660834)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2006-3324
+CVE-2006-3324 (The Automatic Downloading option in the id3 Quake 3 Engine and the Icc ...)
 	- ioquake3 1.36+svn1788j-1
 	- tremulous 1.1.0-6 (bug #660832)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2006-3323
+CVE-2006-3323 (PHP remote file inclusion vulnerability in admin/admin.php in MF Piada ...)
 	NOT-FOR-US: MF Piadas
-CVE-2006-3322
+CVE-2006-3322 (SQL injection vulnerability in includes/functions_logging.php in phpRa ...)
 	NOT-FOR-US: phpRaid
-CVE-2006-3321
+CVE-2006-3321 (Multiple cross-site scripting (XSS) vulnerabilities in openforum.asp i ...)
 	NOT-FOR-US: OpenForum
-CVE-2006-3320
+CVE-2006-3320 (Cross-site scripting (XSS) vulnerability in command.php in SiteBar 3.3 ...)
 	{DSA-1130-1}
 	- sitebar 3.3.8-1.1 (bug #377299; low)
-CVE-2006-3319
+CVE-2006-3319 (Cross-site scripting (XSS) vulnerability in rss/index.php in PHP iCale ...)
 	NOT-FOR-US: PHP iCalendar
-CVE-2006-3318
+CVE-2006-3318 (SQL injection vulnerability in register.php for phpRaid 3.0.6 and poss ...)
 	NOT-FOR-US: phpRaid
-CVE-2006-3317
+CVE-2006-3317 (PHP remote file inclusion vulnerability in phpRaid 3.0.6 allows remote ...)
 	NOT-FOR-US: phpRaid
-CVE-2006-3316
+CVE-2006-3316 (Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.5 al ...)
 	NOT-FOR-US: phpRaid
-CVE-2006-3315
+CVE-2006-3315 (PHP remote file inclusion vulnerability in page.php in an unspecified  ...)
 	NOT-FOR-US: "unspecified RahnemaCo.com product, possibly eShop"
-CVE-2006-3314
+CVE-2006-3314 (PHP remote file inclusion vulnerability in page.php in an unspecified  ...)
 	NOT-FOR-US: "unspecified RahnemaCo.com product, possibly eShop"
-CVE-2006-3313
+CVE-2006-3313 (Cross-site scripting (XSS) vulnerability in search.jsp in Netsoft smar ...)
 	NOT-FOR-US: Netsoft smartNet
-CVE-2006-3312
+CVE-2006-3312 (Multiple cross-site scripting (XSS) vulnerabilities in ashmans and Bil ...)
 	NOT-FOR-US: QaTraq
-CVE-2006-3311
+CVE-2006-3311 (Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Prof ...)
 	- flashplugin-nonfree 7.0.68.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 CVE-2006-3310
 	RESERVED
-CVE-2006-3309
+CVE-2006-3309 (SQL injection vulnerability in SPT--ForumTopics.php in Scout Portal To ...)
 	NOT-FOR-US: Scout Portal
-CVE-2006-3308
+CVE-2006-3308 (Unspecified vulnerability in the wpprop code for Project EROS bbsengin ...)
 	NOT-FOR-US: bbsengine
-CVE-2006-3307
+CVE-2006-3307 (Multiple SQL injection vulnerabilities in Project EROS bbsengine befor ...)
 	NOT-FOR-US: bbsengine
-CVE-2006-3306
+CVE-2006-3306 (Cross-site scripting (XSS) vulnerability in the preparestring function ...)
 	NOT-FOR-US: bbsengine
-CVE-2006-3305
+CVE-2006-3305 (Multiple cross-site scripting (XSS) vulnerabilities in UebiMiau Webmai ...)
 	NOT-FOR-US: UebiMiau
-CVE-2006-3304
+CVE-2006-3304 (SQL injection vulnerability in cp.php in DeluxeBB 1.07 and earlier all ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3303
+CVE-2006-3303 (Multiple cross-site scripting (XSS) vulnerabilities in pm.php in Delux ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-3302
+CVE-2006-3302 (PHP remote file inclusion vulnerability in mod_cbsms.php in CBSMS Mamb ...)
 	NOT-FOR-US: CBSMS Mambo module
-CVE-2006-3301
+CVE-2006-3301 (Multiple cross-site scripting (XSS) vulnerabilities in phpQLAdmin 2.2. ...)
 	- phpqladmin <removed> (bug #376442; low)
-CVE-2006-3300
+CVE-2006-3300 (PHP remote file inclusion vulnerability in sms_config/gateway.php in P ...)
 	NOT-FOR-US: phpmysms
-CVE-2006-3299
+CVE-2006-3299 (Cross-site scripting (XSS) vulnerability in index.php in Usenet Script ...)
 	NOT-FOR-US: Usenet Script
-CVE-2006-3298
+CVE-2006-3298 (Yahoo! Messenger 7.5.0.814 and 7.0.438 allows remote attackers to caus ...)
 	NOT-FOR-US: Offical Yahoo! Messenger client
-CVE-2006-3297
+CVE-2006-3297 (Cross-site scripting (XSS) vulnerability in error.php in UebiMiau Webm ...)
 	NOT-FOR-US: UebiMiau
-CVE-2006-3296
+CVE-2006-3296 (SQL injection vulnerability in view.php in Open Guestbook 0.5 allows r ...)
 	NOT-FOR-US: Open Guestbook
-CVE-2006-3295
+CVE-2006-3295 (Cross-site scripting (XSS) vulnerability in header.php in Open Guestbo ...)
 	NOT-FOR-US: Open Guestbook
-CVE-2006-3294
+CVE-2006-3294 (PHP remote file inclusion vulnerability in mod_cbsms_messages.php in C ...)
 	NOT-FOR-US: CBSMS Mambo module
-CVE-2006-3293
+CVE-2006-3293 (parse_notice (TiCPU) in EnergyMech (emech) before 3.0.2 allows remote  ...)
 	NOT-FOR-US: EnergyMech
-CVE-2006-3292
+CVE-2006-3292 (SQL injection vulnerability in the Search gadget in Jaws 0.6.2 allows  ...)
 	NOT-FOR-US: Jaws
-CVE-2006-3291
+CVE-2006-3291 (The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on th ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3290
+CVE-2006-3290 (HTTP server in Cisco Wireless Control System (WCS) for Linux and Windo ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3289
+CVE-2006-3289 (Cross-site scripting (XSS) vulnerability in the login page of the HTTP ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3288
+CVE-2006-3288 (Unspecified vulnerability in the TFTP server in Cisco Wireless Control ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3287
+CVE-2006-3287 (Cisco Wireless Control System (WCS) for Linux and Windows 4.0(1) and e ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3286
+CVE-2006-3286 (The internal database in Cisco Wireless Control System (WCS) for Linux ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3285
+CVE-2006-3285 (The internal database in Cisco Wireless Control System (WCS) for Linux ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3284
+CVE-2006-3284 (Cross-site scripting (XSS) vulnerability in Dating Agent PRO 4.7.1 all ...)
 	NOT-FOR-US: Dating Agent PRO
-CVE-2006-3283
+CVE-2006-3283 (SQL injection vulnerability in Dating Agent PRO 4.7.1 allows remote at ...)
 	NOT-FOR-US: Dating Agent PRO
-CVE-2006-3282
+CVE-2006-3282 (requirements.php in Dating Agent PRO 4.7.1 allows remote attackers to  ...)
 	NOT-FOR-US: Dating Agent PRO
-CVE-2006-3281
+CVE-2006-3281 (Microsoft Internet Explorer 6.0 does not properly handle Drag and Drop ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3280
+CVE-2006-3280 (Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3279
+CVE-2006-3279 (Cross-site scripting (XSS) vulnerability in aeDating 4.1 allows remote ...)
 	NOT-FOR-US: aeDating
-CVE-2006-3278
+CVE-2006-3278 (Cross-site scripting (XSS) vulnerability in H-Sphere 2.5.1 Beta 1 and  ...)
 	NOT-FOR-US: H-Sphere
-CVE-2006-3277
+CVE-2006-3277 (The SMTP service of MailEnable Standard 1.92 and earlier, Professional ...)
 	NOT-FOR-US: MailEnable
-CVE-2006-3276
+CVE-2006-3276 (Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 1 ...)
 	NOT-FOR-US: Helix DNA Server
-CVE-2006-3275
+CVE-2006-3275 (SQL injection vulnerability in profile.php in YaBB SE 1.5.5 and earlie ...)
 	NOT-FOR-US: YaBB
-CVE-2006-3274
+CVE-2006-3274 (Directory traversal vulnerability in Webmin before 1.280, when run on  ...)
 	- webmin <not-affected> (only windows)
-CVE-2006-3273
+CVE-2006-3273 (Cross-site scripting (XSS) vulnerability in menu.php in Some Chess 1.5 ...)
 	NOT-FOR-US: Some Chess
-CVE-2006-3272
+CVE-2006-3272 (Cross-site request forgery (CSRF) vulnerability in menu.php in Some Ch ...)
 	NOT-FOR-US: Some Chess
-CVE-2006-3271
+CVE-2006-3271 (Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow rem ...)
 	NOT-FOR-US: Softbiz Dating
-CVE-2006-3270
+CVE-2006-3270 (SQL injection vulnerability in cms_admin.php in THoRCMS 1.3.1 allows r ...)
 	NOT-FOR-US: THoRCMS
-CVE-2006-3269
+CVE-2006-3269 (PHP remote file inclusion vulnerability in includes/functions_cms.php  ...)
 	NOT-FOR-US: THoRCMS
-CVE-2006-3268
+CVE-2006-3268 (Unspecified vulnerability in the Windows Client API in Novell GroupWis ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2006-3267
+CVE-2006-3267 (SQL injection vulnerability in index.php in Infinite Core Technologies ...)
 	NOT-FOR-US: Infinite Core Technologies
-CVE-2006-3266
+CVE-2006-3266 (Multiple PHP remote file inclusion vulnerabilities in Bee-hive Lite 1. ...)
 	NOT-FOR-US: Bee-hive
-CVE-2006-3265
+CVE-2006-3265 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Qd ...)
 	NOT-FOR-US: Qdig
-CVE-2006-3264
+CVE-2006-3264 (Cross-site scripting (XSS) vulnerability in mclient.cgi in Namo DeepSe ...)
 	NOT-FOR-US: Namo DeepSearch
-CVE-2006-3263
+CVE-2006-3263 (SQL injection vulnerability in the Weblinks module (weblinks.php) in M ...)
 	- mambo 4.5.3h-2 (medium)
-CVE-2006-3262
+CVE-2006-3262 (SQL injection vulnerability in the Weblinks module (weblinks.php) in M ...)
 	- mambo 4.5.3h-2 (medium)
-CVE-2006-3261
+CVE-2006-3261 (Cross-site scripting (XSS) vulnerability in Trend Micro Control Manage ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2006-3260
+CVE-2006-3260 (Cross-site scripting (XSS) vulnerability in index.php in vlbook 1.02 a ...)
 	NOT-FOR-US: vlbook
-CVE-2006-3259
+CVE-2006-3259 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allo ...)
 	NOT-FOR-US: e107
-CVE-2006-3258
+CVE-2006-3258 (Multiple cross-site scripting (XSS) vulnerabilities in index.html in B ...)
 	NOT-FOR-US: BNBT TrinEdit and EasyTracker
-CVE-2006-3257
+CVE-2006-3257 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.7.7 ...)
 	NOT-FOR-US: Claroline
-CVE-2006-3256
+CVE-2006-3256 (SQL injection vulnerability in report.php in Woltlab Burning Board (WB ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-3255
+CVE-2006-3255 (SQL injection vulnerability in showmods.php in Woltlab Burning Board ( ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-3254
+CVE-2006-3254 (SQL injection vulnerability in newthread.php in Woltlab Burning Board  ...)
 	NOT-FOR-US: Woltlab Burning Board
 CVE-2006-3253
 	NOT-FOR-US: vBulletin
-CVE-2006-3252
+CVE-2006-3252 (Buffer overflow in the Online Registration Facility for Algorithmic Re ...)
 	NOT-FOR-US: Algorithmic Research PrivateWire VPN
-CVE-2006-3251
+CVE-2006-3251 (Heap-based buffer overflow in the array_push function in hashcash.c fo ...)
 	{DSA-1114}
 	- hashcash 1.21 (bug #376444)
-CVE-2006-3250
+CVE-2006-3250 (Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-a ...)
 	NOT-FOR-US: Windows Live Messenger
 CVE-2006-3249
 	NOT-FOR-US: Phorum
 CVE-2006-3248
 	REJECTED
-CVE-2006-3247
+CVE-2006-3247 (Multiple cross-site scripting (XSS) vulnerabilities in show.php in GL- ...)
 	NOT-FOR-US: GL-SH Deaf Forum
-CVE-2006-3246
+CVE-2006-3246 (Cross-site scripting (XSS) vulnerability in show.php in GL-SH Deaf For ...)
 	NOT-FOR-US: GL-SH Deaf Forum
-CVE-2006-3245
+CVE-2006-3245 (Multiple cross-site scripting (XSS) vulnerabilities in activatemember  ...)
 	NOT-FOR-US: mvnForum
-CVE-2006-3244
+CVE-2006-3244 (Multiple SQL injection vulnerabilities in Anthill 0.2.6 and earlier al ...)
 	NOT-FOR-US: Anthill
-CVE-2006-3243
+CVE-2006-3243 (SQL injection vulnerability in usercp.php in MyBB (MyBulletinBoard) 1. ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-3242
+CVE-2006-3242 (Stack-based buffer overflow in the browse_get_namespace function in im ...)
 	{DSA-1108}
 	- mutt 1.5.11+cvs20060403-2 (low; bug #375828)
-CVE-2006-3241
+CVE-2006-3241 (Cross-site scripting (XSS) vulnerability in messages.php in XennoBB 1. ...)
 	NOT-FOR-US: XennoBB
-CVE-2006-3240
+CVE-2006-3240 (Cross-site scripting (XSS) vulnerability in classes/ui.class.php in do ...)
 	NOT-FOR-US: dotProject
-CVE-2006-3239
+CVE-2006-3239 (SQL injection vulnerability in message.php in VBZooM 1.11 and earlier  ...)
 	NOT-FOR-US: VBZooM
-CVE-2006-3238
+CVE-2006-3238 (Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier allo ...)
 	NOT-FOR-US: VBZooM
-CVE-2006-3237
+CVE-2006-3237 (Cross-site scripting (XSS) vulnerability in index.php in Enterprise Gr ...)
 	NOT-FOR-US: Enterprise Groupware System
-CVE-2006-3236
+CVE-2006-3236 (Multiple SQL injection vulnerabilities in thinkWMS 1.0 and earlier all ...)
 	NOT-FOR-US: thinkWMS
-CVE-2006-3235
+CVE-2006-3235 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Fi ...)
 	NOT-FOR-US: FineShop
-CVE-2006-3234
+CVE-2006-3234 (Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 an ...)
 	NOT-FOR-US: FineShop
-CVE-2006-3233
+CVE-2006-3233 (Cross-site scripting (XSS) vulnerability in openwebmail-read.pl in Ope ...)
 	NOT-FOR-US: OpenWebMail
-CVE-2006-3232
+CVE-2006-3232 (Unspecified vulnerability in IBM WebSphere Application Server before 6 ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-3231
+CVE-2006-3231 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) be ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-3230
+CVE-2006-3230 (Cross-site scripting (XSS) vulnerability in index.tmpl in Azureus Trac ...)
 	NOT-FOR-US: Azureus plugin that isn't distributed by default
-CVE-2006-3229
+CVE-2006-3229 (Cross-site scripting (XSS) vulnerability in Open WebMail (OWM) 2.52, a ...)
 	NOT-FOR-US: OpenWebMail
-CVE-2006-3228
+CVE-2006-3228 (Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5 ...)
 	NOT-FOR-US: WinAmp
-CVE-2006-3227
+CVE-2006-3227 (Interpretation conflict between Internet Explorer and other web browse ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2006-3226
+CVE-2006-3226 (Cisco Secure Access Control Server (ACS) 4.x for Windows uses the clie ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3225
+CVE-2006-3225 (Cross-site scripting (XSS) vulnerability in Sun ONE Application Server ...)
 	NOT-FOR-US: Sun ONE Application Server
-CVE-2006-3224
+CVE-2006-3224 (Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote attacker ...)
 	NOT-FOR-US: Apple Safari
-CVE-2006-3223
+CVE-2006-3223 (Format string vulnerability in CA Integrated Threat Management (ITM),  ...)
 	NOT-FOR-US: CA Integrated Threat Management (ITM), eTrust Antivirus (eAV), and eTrust PestPatrol (ePP)
-CVE-2006-3222
+CVE-2006-3222 (The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12  ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2006-3221
+CVE-2006-3221 (SQL injection vulnerability in index.php in DataLife Engine 4.1 and ea ...)
 	NOT-FOR-US: DataLife
-CVE-2006-3220
+CVE-2006-3220 (SQL injection vulnerability in studienplatztausch.php in Woltlab Burni ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-3219
+CVE-2006-3219 (SQL injection vulnerability in thread.php in Woltlab Burning Board (WB ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-3218
+CVE-2006-3218 (SQL injection vulnerability in profile.php in Woltlab Burning Board (W ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-3217
+CVE-2006-3217 (JaguarEditControl (JEdit) ActiveX Control 1.1.0.20 and earlier allows  ...)
 	NOT-FOR-US: JaguarEditControl
-CVE-2006-3216
+CVE-2006-3216 (Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exch ...)
 	NOT-FOR-US: MAILsweeper
-CVE-2006-3215
+CVE-2006-3215 (Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exch ...)
 	NOT-FOR-US: MAILsweeper
-CVE-2006-3214
+CVE-2006-3214 (Unspecified vulnerability in Hitachi Groupmax Address Server 7 and ear ...)
 	NOT-FOR-US: Hitachi Groupmax
-CVE-2006-3213
+CVE-2006-3213 (SQL injection vulnerability in WeBBoA Hosting 1.1 allows remote attack ...)
 	NOT-FOR-US: WeBBoA Hosting
-CVE-2006-3212
+CVE-2006-3212 (Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1. ...)
 	NOT-FOR-US: cjGuestbook
-CVE-2006-3211
+CVE-2006-3211 (Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1. ...)
 	NOT-FOR-US: cjGuestbook
-CVE-2006-3210
+CVE-2006-3210 (Ralf Image Gallery (RIG) 0.7.4 and other versions before 1.0, when reg ...)
 	NOT-FOR-US: Ralf Image Gallery
-CVE-2006-3209
+CVE-2006-3209 (** DISPUTED ** The Task scheduler (at.exe) on Microsoft Windows XP spa ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2006-3208
+CVE-2006-3208 (Direct static code injection vulnerability in Ultimate PHP Board (UPB) ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-3207
+CVE-2006-3207 (Directory traversal vulnerability in newpost.php in Ultimate PHP Board ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-3206
+CVE-2006-3206 (register.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remo ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-3205
+CVE-2006-3205 (Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-3204
+CVE-2006-3204 (Ultimate PHP Board (UPB) 1.9.6 and earlier uses a cryptographically we ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-3203
+CVE-2006-3203 (The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier include ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2006-3202
+CVE-2006-3202 (The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain  ...)
 	NOT-FOR-US: NetBSD's KAME stack
-CVE-2006-3201
+CVE-2006-3201 (Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-3200
+CVE-2006-3200 (Unspecified versions of Internet Explorer allow remote attackers to ca ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2006-3199
+CVE-2006-3199 (Opera 9 allows remote attackers to cause a denial of service (crash) v ...)
 	NOT-FOR-US: Opera
-CVE-2006-3198
+CVE-2006-3198 (Integer overflow in Opera 8.54 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Opera
-CVE-2006-3197
+CVE-2006-3197 (Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-3196
+CVE-2006-3196 (index.php in singapore 0.10.0 and earlier allows remote attackers to o ...)
 	NOT-FOR-US: singapore
-CVE-2006-3195
+CVE-2006-3195 (Cross-site scripting (XSS) vulnerability in index.php in singapore 0.1 ...)
 	NOT-FOR-US: singapore
-CVE-2006-3194
+CVE-2006-3194 (Directory traversal vulnerability in index.php in singapore 0.10.0 and ...)
 	NOT-FOR-US: singapore
-CVE-2006-3193
+CVE-2006-3193 (Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSi ...)
 	NOT-FOR-US: BandSite
-CVE-2006-3192
+CVE-2006-3192 (PHP remote file inclusion vulnerability in Ad Manager Pro 2.6 allows r ...)
 	NOT-FOR-US: Ad Manager
-CVE-2006-3191
+CVE-2006-3191 (Cross-site scripting (XSS) vulnerability in comment.php in MPCS 0.2 al ...)
 	NOT-FOR-US: MPCS
-CVE-2006-3190
+CVE-2006-3190 (SQL injection vulnerability in administration/includes/login/auth.php  ...)
 	NOT-FOR-US: HotPlug CMS
-CVE-2006-3189
+CVE-2006-3189 (Cross-site scripting (XSS) vulnerability in administration/tblcontent/ ...)
 	NOT-FOR-US: HotPlug CMS
-CVE-2006-3188
+CVE-2006-3188 (Multiple SQL injection vulnerabilities in Sharky e-shop 3.05 and earli ...)
 	NOT-FOR-US: Sharky e-shop
-CVE-2006-3187
+CVE-2006-3187 (Multiple cross-site scripting (XSS) vulnerabilities in Sharky e-shop 3 ...)
 	NOT-FOR-US: Sharky e-shop
-CVE-2006-3186
+CVE-2006-3186 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Faethon 1.3 ...)
 	NOT-FOR-US: CMS Faethon
-CVE-2006-3185
+CVE-2006-3185 (PHP remote file inclusion vulnerability in data/header.php in CMS Faet ...)
 	NOT-FOR-US: CMS Faethon
-CVE-2006-3184
+CVE-2006-3184 (Direct static code injection vulnerability in ASP Stats Generator befo ...)
 	NOT-FOR-US: ASP Stats Generator
-CVE-2006-3183
+CVE-2006-3183 (Cross-site scripting (XSS) vulnerability in index.php in MobeScripts M ...)
 	NOT-FOR-US: Mobile Space Community
-CVE-2006-3182
+CVE-2006-3182 (Directory traversal vulnerability in index.php in MobeScripts Mobile S ...)
 	NOT-FOR-US: Mobile Space Community
-CVE-2006-3181
+CVE-2006-3181 (SQL injection vulnerability in index.php in MobeScripts Mobile Space C ...)
 	NOT-FOR-US: Mobile Space Community
-CVE-2006-3180
+CVE-2006-3180 (Cross-site scripting (XSS) vulnerability in ftp_index.php in Confixx P ...)
 	NOT-FOR-US: Confixx Pro
-CVE-2006-3179
+CVE-2006-3179 (Cross-site scripting (XSS) vulnerability in tools_ftp_pwaendern.php in ...)
 	NOT-FOR-US: Confixx Pro
-CVE-2006-3178
+CVE-2006-3178 (Directory traversal vulnerability in extract_chmLib example program in ...)
 	{DSA-1144-1}
 	- chmlib 0.38-1 (bug #374085; low)
-CVE-2006-3177
+CVE-2006-3177 (PHP remote file inclusion vulnerability in Admin/rtf_parser.php in The ...)
 	NOT-FOR-US: The Bible Portal Project
-CVE-2006-3176
+CVE-2006-3176 (SQL injection vulnerability in xarancms_haupt.php in xarancms 2.0 allo ...)
 	NOT-FOR-US: xarancms
-CVE-2006-3175
+CVE-2006-3175 (Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3  ...)
 	NOT-FOR-US: mcGuestbook
-CVE-2006-3174
+CVE-2006-3174 (Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail ...)
 	- squirrelmail 2:1.4.7-1 (bug #375782; unimportant)
 	NOTE: Operation with registers_globals not supported
-CVE-2006-3173
+CVE-2006-3173 (Multiple PHP remote file inclusion vulnerabilities in Content*Builder  ...)
 	NOT-FOR-US: Content*Builder
-CVE-2006-3172
+CVE-2006-3172 (Multiple PHP remote file inclusion vulnerabilities in Content*Builder  ...)
 	NOT-FOR-US: Content*Builder
-CVE-2006-3171
+CVE-2006-3171 (CRLF injection vulnerability in CS-Forum before 0.82 allows remote att ...)
 	NOT-FOR-US: CS-Forum
-CVE-2006-3170
+CVE-2006-3170 (CS-Forum before 0.82 allows remote attackers to obtain sensitive infor ...)
 	NOT-FOR-US: CS-Forum
-CVE-2006-3169
+CVE-2006-3169 (Multiple cross-site scripting (XSS) vulnerabilities in CS-Forum 0.81 a ...)
 	NOT-FOR-US: CS-Forum
-CVE-2006-3168
+CVE-2006-3168 (SQL injection vulnerability in CS-Forum before 0.82 allows remote atta ...)
 	NOT-FOR-US: CS-Forum
-CVE-2006-3167
+CVE-2006-3167 (Free Realty before 2.9 allows remote attackers to obtain the full path ...)
 	NOT-FOR-US: Free Realty
-CVE-2006-3166
+CVE-2006-3166 (Cross-site scripting (XSS) vulnerability in propview.php in Free Realt ...)
 	NOT-FOR-US: Free Realty
-CVE-2006-3165
+CVE-2006-3165 (SQL injection vulnerability in propview.php in Free Realty 2.9-0.7 and ...)
 	NOT-FOR-US: Free Realty
-CVE-2006-3164
+CVE-2006-3164 (SQL injection vulnerability in category.php in TPL Design tplShop 2.0  ...)
 	NOT-FOR-US: tplShop
-CVE-2006-3163
+CVE-2006-3163 (Multiple SQL injection vulnerabilities in galeria.php in IMGallery 2.4 ...)
 	NOT-FOR-US: IMGallery
-CVE-2006-3162
+CVE-2006-3162 (PHP remote file inclusion vulnerability in include/inc_foot.php in Sma ...)
 	NOT-FOR-US: SmartSiteCMS
-CVE-2006-3161
+CVE-2006-3161 (SQL injection vulnerability in misc.php in SaphpLesson 1.1 and earlier ...)
 	NOT-FOR-US: SaphpLesson
-CVE-2006-3160
+CVE-2006-3160 (Cross-site scripting (XSS) vulnerability in fm.php in ONEdotOH Simple  ...)
 	NOT-FOR-US: Simple File Manager
-CVE-2006-3159
+CVE-2006-3159 (pipe_master in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 (built ...)
 	NOT-FOR-US: Sun ONE/iPlanet Messaging Server
-CVE-2006-3158
+CVE-2006-3158 (index.php in Eduha Meeting does not properly restrict file extensions  ...)
 	NOT-FOR-US: Eduha Meeting
-CVE-2006-3157
+CVE-2006-3157 (Cross-site scripting (XSS) vulnerability in index.php in Thinkfactory  ...)
 	NOT-FOR-US: UltimateGoogle
-CVE-2006-3156
+CVE-2006-3156 (Cross-site scripting (XSS) vulnerability in index.cgi in Ultimate eSho ...)
 	NOT-FOR-US: Ultimate eShop
-CVE-2006-3155
+CVE-2006-3155 (Multiple cross-site scripting (XSS) vulnerabilities in Ultimate Auctio ...)
 	NOT-FOR-US: Ultimate Auction
-CVE-2006-3154
+CVE-2006-3154 (SQL injection vulnerability in index.pl in Ultimate Estate 1.0 and ear ...)
 	NOT-FOR-US: Ultimate Estate
-CVE-2006-3153
+CVE-2006-3153 (Cross-site scripting (XSS) vulnerability in index.pl in Ultimate Estat ...)
 	NOT-FOR-US: Ultimate Estate
-CVE-2006-3152
+CVE-2006-3152 (Multiple SQL injection vulnerabilities in phpTRADER 4.9 SP5 and earlie ...)
 	NOT-FOR-US: phpTRADER
-CVE-2006-3151
+CVE-2006-3151 (Cross-site scripting (XSS) vulnerability in index.php in AssoCIateD (a ...)
 	NOT-FOR-US: AssoCIateD
-CVE-2006-3150
+CVE-2006-3150 (SQL injection vulnerability in index.php in CavoxCms 1.0.16 and earlie ...)
 	NOT-FOR-US: CavoxCms
-CVE-2006-3149
+CVE-2006-3149 (Cross-site scripting (XSS) vulnerability in topic.php in phpMyForum 4. ...)
 	NOT-FOR-US: phpMyForum
-CVE-2006-3148
+CVE-2006-3148 (SQL injection vulnerability, possibly in search.inc.php, in Open-Realt ...)
 	NOT-FOR-US: Open-Realty
-CVE-2006-3147
+CVE-2006-3147 (Unspecified vulnerability in Hosting Controller before 6.1 (aka Hotfix ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2006-3146
+CVE-2006-3146 (The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier ...)
 	NOT-FOR-US: Toshiba drivers for Windows
-CVE-2006-3145
+CVE-2006-3145 (Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remo ...)
 	- netpbm-free <not-affected> (Debian's version is too old; affects 10.30 to 10.33 only)
-CVE-2006-3144
+CVE-2006-3144 (PHP remote file inclusion vulnerability in micro_cms_files/microcms-in ...)
 	NOT-FOR-US: IBD Micro CMS
-CVE-2006-3143
+CVE-2006-3143 (Cross-site scripting (XSS) vulnerability in icue_login.asp in Maximus  ...)
 	NOT-FOR-US: Maximus SchoolMAX
-CVE-2006-3142
+CVE-2006-3142 (SQL injection vulnerability in forum.php in VBZooM 1.11 allows remote  ...)
 	NOT-FOR-US: VBZooM
-CVE-2006-3141
+CVE-2006-3141 (Cross-site scripting (XSS) vulnerability in details.cfm in Tradingeye  ...)
 	NOT-FOR-US: Tradingeye Shop
-CVE-2006-3140
+CVE-2006-3140 (SQL injection vulnerability in index.php in openCI 1.0 BETA 0.20.1 and ...)
 	NOT-FOR-US: openCI
-CVE-2006-3139
+CVE-2006-3139 (Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar ...)
 	NOT-FOR-US: Virtual War
-CVE-2006-3138
+CVE-2006-3138 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyDirectory  ...)
 	NOT-FOR-US: phpMyDirectory
-CVE-2006-3137
+CVE-2006-3137 (Cross-site scripting (XSS) vulnerability in productDetail.asp in Edge  ...)
 	NOT-FOR-US: Edge eCommerce Shop
 CVE-2006-3136
 	NOT-FOR-US: Nucleus
-CVE-2006-3135
+CVE-2006-3135 (Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and ...)
 	NOT-FOR-US: CMS Mundo
-CVE-2006-3134
+CVE-2006-3134 (Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by m ...)
 	NOT-FOR-US: GraceNote ActiveX Control
 CVE-2006-3133
 	RESERVED
-CVE-2006-3132
+CVE-2006-3132 (Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManag ...)
 	NOT-FOR-US: QTOFileManager
-CVE-2006-3131
+CVE-2006-3131 (Multiple cross-site scripting (XSS) vulnerabilities in Clubpage allow  ...)
 	NOT-FOR-US: Clubpage
-CVE-2006-3130
+CVE-2006-3130 (SQL injection vulnerability in index.php in Clubpage allows remote att ...)
 	NOT-FOR-US: Clubpage
-CVE-2006-3129
+CVE-2006-3129 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in NC ...)
 	NOT-FOR-US: LinkList
-CVE-2006-3128
+CVE-2006-3128 (choose_file.php in easy-CMS 0.1.2, when mod_mime is installed, does no ...)
 	NOT-FOR-US: easy-CMS
-CVE-2006-3127
+CVE-2006-3127 (Memory leak in Network Security Services (NSS) 3.11, as used in Sun Ja ...)
 	- mozilla <not-affected> (SunSolve claims it is only in 3.11; latest released is 3.10)
-CVE-2006-3126
+CVE-2006-3126 (c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute  ...)
 	{DSA-1165}
 	- capi4hylafax 1:01.03.00.99.svn.300-3
-CVE-2006-3125
+CVE-2006-3125 (Array index error in tetrinet.c in gtetrinet 0.7.8 and earlier allows  ...)
 	{DSA-1163}
 	- gtetrinet 0.7.10-1
-CVE-2006-3124
+CVE-2006-3124 (Buffer overflow in the HTTP header parsing in Streamripper before 1.61 ...)
 	{DSA-1158}
 	- streamripper 1.61.25-2
-CVE-2006-3123
+CVE-2006-3123 (Multiple integer overflows in the (1) dodecrypt and (2) doencrypt func ...)
 	{DSA-1138-1}
 	- cfs 1.4.1-17
-CVE-2006-3122
+CVE-2006-3122 (The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2. ...)
 	{DSA-1143-1}
 	- dhcp 2.0pl5-19.5 (bug #380273)
-CVE-2006-3121
+CVE-2006-3121 (The peel_netstring function in cl_netstring.c in the heartbeat subsyst ...)
 	{DSA-1151-1}
 	- heartbeat-2 2.0.6-2
 	- heartbeat 1.2.4-14
-CVE-2006-3120
+CVE-2006-3120 (Format string vulnerability in Brian Wotring Osiris before 4.2.1 allow ...)
 	{DSA-1129}
 	- osiris 4.2.0-2 (medium)
-CVE-2006-3119
+CVE-2006-3119 (The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a ty ...)
 	{DSA-1124}
 	- fbi 2.05-1
-CVE-2006-3118
+CVE-2006-3118 (spread uses a temporary file with a static filename based on the port  ...)
 	- spread 3.17.3-4 (bug #375617; low)
 	[sarge] - spread <no-dsa> (Minimal security implications)
-CVE-2006-3117
+CVE-2006-3117 (Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up ...)
 	{DSA-1104}
 	- openoffice.org 2.0.3-1
-CVE-2006-3116
+CVE-2006-3116 (Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.4 an ...)
 	NOT-FOR-US: phpRaid
-CVE-2006-3115
+CVE-2006-3115 (SQL injection vulnerability in view.php in phpRaid 3.0.4, and possibly ...)
 	NOT-FOR-US: phpRaid
-CVE-2006-3114
+CVE-2006-3114 (PC Tools AntiVirus 2.1.0.51 uses insecure default permissions on the " ...)
 	NOT-FOR-US: PC Tools AntiVirus
-CVE-2006-3113
+CVE-2006-3113 (Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and Se ...)
 	NOTE: MFSA-2006-46
 	- mozilla <not-affected> (mozilla 1.7 not affected)
 	- xulrunner 1.8.0.5-1 (high)
@@ -9282,153 +9282,153 @@ CVE-2006-3113
 	- firefox 1.5.dfsg+1.5.0.5-1 (high)
 	- thunderbird 1.5.0.5-1 (medium)
 	- mozilla-thunderbird <not-affected>
-CVE-2006-3112
+CVE-2006-3112 (Chipmailer 1.09 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Chipmailer
-CVE-2006-3111
+CVE-2006-3111 (Multiple SQL injection vulnerabilities in main.php in Chipmailer 1.09  ...)
 	NOT-FOR-US: Chipmailer
-CVE-2006-3110
+CVE-2006-3110 (Cross-site scripting (XSS) vulnerability in main.php in Chipmailer 1.0 ...)
 	NOT-FOR-US: Chipmailer
-CVE-2006-3109
+CVE-2006-3109 (Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 befo ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3108
+CVE-2006-3108 (Cross-site scripting (XSS) vulnerability in EmailArchitect Email Serve ...)
 	NOT-FOR-US: EmailArchitect
-CVE-2006-3107
+CVE-2006-3107 (Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and ...)
 	NOT-FOR-US: Docebo
-CVE-2006-3106
+CVE-2006-3106 (Cross-site scripting (XSS) vulnerability in index.php in phpMyDesktop| ...)
 	NOT-FOR-US: phpMyDesktop
-CVE-2006-3105
+CVE-2006-3105 (CRLF injection vulnerability in Bitweaver 1.3 allows remote attackers  ...)
 	NOT-FOR-US: Bitweaver
-CVE-2006-3104
+CVE-2006-3104 (users/index.php in Bitweaver 1.3 allows remote attackers to obtain sen ...)
 	NOT-FOR-US: Bitweaver
-CVE-2006-3103
+CVE-2006-3103 (Cross-site scripting (XSS) vulnerability in Bitweaver 1.3 allows remot ...)
 	NOT-FOR-US: Bitweaver
-CVE-2006-3102
+CVE-2006-3102 (Race condition in articles/BitArticle.php in Bitweaver 1.3, when run o ...)
 	NOT-FOR-US: Bitweaver
-CVE-2006-3101
+CVE-2006-3101 (Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Se ...)
 	NOT-FOR-US: Cisco
 CVE-2006-3099
 	RESERVED
 CVE-2006-3098
 	RESERVED
-CVE-2006-3097
+CVE-2006-3097 (Unspecified vulnerability in Support Tools Manager (xstm, cstm, and st ...)
 	NOT-FOR-US: HP-UX Support Tools Manager
-CVE-2006-3096
+CVE-2006-3096 (Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier ...)
 	NOT-FOR-US: iPostMX
-CVE-2006-3095
+CVE-2006-3095 (Multiple cross-site scripting (XSS) vulnerabilities in iPostMX 2005 2. ...)
 	NOT-FOR-US: iPostMX
-CVE-2006-3094
+CVE-2006-3094 (Multiple SQL injection vulnerabilities in Calendarix Basic 0.7.2006040 ...)
 	NOT-FOR-US: Calendarix Basic
-CVE-2006-3093
+CVE-2006-3093 (Multiple unspecified vulnerabilities in Adobe Acrobat Reader (acroread ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2006-3092
+CVE-2006-3092 (PhpMyFactures 1.2 and earlier allows remote attackers to bypass authen ...)
 	NOT-FOR-US: PhpMyFactures
-CVE-2006-3091
+CVE-2006-3091 (PhpMyFactures 1.0, and possibly 1.2 and earlier, allows remote attacke ...)
 	NOT-FOR-US: PhpMyFactures
-CVE-2006-3090
+CVE-2006-3090 (Multiple SQL injection vulnerabilities in PhpMyFactures 1.0, and possi ...)
 	NOT-FOR-US: PhpMyFactures
-CVE-2006-3089
+CVE-2006-3089 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFactures 1 ...)
 	NOT-FOR-US: PhpMyFactures
-CVE-2006-3088
+CVE-2006-3088 (Cross-site scripting (XSS) vulnerability in index.php in Car Classifie ...)
 	NOT-FOR-US: Car Classifieds
-CVE-2006-3087
+CVE-2006-3087 (Multiple cross-site scripting (XSS) vulnerabilities in EZGallery 1.5 a ...)
 	NOT-FOR-US: EZGallery
-CVE-2006-3086
+CVE-2006-3086 (Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName f ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3084
+CVE-2006-3084 (The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1 ...)
 	{DSA-1146-1}
 	- krb5 1.4.3-9 (medium)
-CVE-2006-3083
+CVE-2006-3083 (The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5)  ...)
 	{DSA-1146-1}
 	- krb5 1.4.3-9 (medium)
-CVE-2006-3082
+CVE-2006-3082 (parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions,  ...)
 	{DSA-1115 DSA-1107}
 	- gnupg 1.4.3-2 (bug #375052; bug #375473; low)
 	- gnupg2 1.9.20-1.1 (bug #375053; low)
-CVE-2006-3081
+CVE-2006-3081 (mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x be ...)
 	{DSA-1112}
 	- mysql-dfsg-5.0 5.0.19-1 (bug #373913; high)
 CVE-2006-3100 [termnetd buffer overflow]
 	RESERVED
 	- termpkg 3.3-7 (bug #358028; medium)
-CVE-2006-3085
+CVE-2006-3085 (xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers ...)
 	- linux-2.6 2.6.16-15
 CVE-2006-XXXX [webalizer-stonesteps XSS]
 	- webalizer-stonesteps 2.4.1.2-1
-CVE-2006-3080
+CVE-2006-3080 (Cross-site scripting (XSS) vulnerability in viewposts.cfm in aXentForu ...)
 	NOT-FOR-US: aXentForum
-CVE-2006-3079
+CVE-2006-3079 (Cross-site scripting (XSS) vulnerability in index.cfm in SSPwiz Plus 1 ...)
 	NOT-FOR-US: SSPwiz Plus
-CVE-2006-3078
+CVE-2006-3078 (Multiple SQL injection vulnerabilities in APBoard 2.2-r3 and earlier a ...)
 	NOT-FOR-US: APBoard
-CVE-2006-3077
+CVE-2006-3077 (Cross-site scripting (XSS) vulnerability in guestbook.cfm in aXentGues ...)
 	NOT-FOR-US: aXentGuestbook
-CVE-2006-3076
+CVE-2006-3076 (PHP remote file inclusion vulnerability in software_upload/public_incl ...)
 	NOT-FOR-US: PhpBlueDragon
-CVE-2006-3075
+CVE-2006-3075 (Multiple PHP remote file inclusion vulnerabilities in PictureDis Profe ...)
 	NOT-FOR-US: PictureDis Professional
-CVE-2006-3074
+CVE-2006-3074 (klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Vi ...)
 	NOT-FOR-US: Several Kaspersky products
-CVE-2006-3073
+CVE-2006-3073 (Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feat ...)
 	NOT-FOR-US: Cisco
-CVE-2006-3072
+CVE-2006-3072 (M4 Macro Library in Symantec Security Information Manager before 4.0.2 ...)
 	NOT-FOR-US: Symantec Security Information Manager
-CVE-2006-3071
+CVE-2006-3071 (Cross-site scripting (XSS) vulnerability in index.php in MP3 Search/Ar ...)
 	NOT-FOR-US: MP3 Search/Archive
-CVE-2006-3070
+CVE-2006-3070 (write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_m ...)
 	NOT-FOR-US: Zeroboard
 CVE-2006-3069
 	NOT-FOR-US: DoubleSpeak
-CVE-2006-3068
+CVE-2006-3068 (IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote at ...)
 	NOT-FOR-US: IBM DB2
-CVE-2006-3067
+CVE-2006-3067 (Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UD ...)
 	NOT-FOR-US: IBM DB2
-CVE-2006-3066
+CVE-2006-3066 (Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database ( ...)
 	NOT-FOR-US: IBM DB2
-CVE-2006-3065
+CVE-2006-3065 (SQL injection vulnerability in engine/shards/blog.php in blur6ex 0.3.4 ...)
 	NOT-FOR-US: blur6ex
-CVE-2006-3064
+CVE-2006-3064 (SQL injection vulnerability in the add_hit function in include/functio ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2006-3063
+CVE-2006-3063 (Multiple cross-site scripting (XSS) vulnerabilities in myPHP Guestbook ...)
 	NOT-FOR-US: myPHP Guestbook
-CVE-2006-3062
+CVE-2006-3062 (Cross-site scripting (XSS) vulnerability in index.php in myPHP Guestbo ...)
 	NOT-FOR-US: myPHP Guestbook
-CVE-2006-3061
+CVE-2006-3061 (Multiple cross-site scripting (XSS) vulnerabilities in 5 Star Review a ...)
 	NOT-FOR-US: 5 Star Review
-CVE-2006-3060
+CVE-2006-3060 (Cross-site scripting (XSS) vulnerability in P.A.I.D 2.2 allows remote  ...)
 	NOT-FOR-US: P.A.I.D
-CVE-2006-3059
+CVE-2006-3059 (Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows  ...)
 	NOT-FOR-US: Microsoft Excel
 CVE-2006-3058
 	RESERVED
-CVE-2006-3057
+CVE-2006-3057 (Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) a ...)
 	- dhcdbd 1.14-1
-CVE-2006-3056
+CVE-2006-3056 (SQL injection vulnerability in language.php in VBZooM 1.01 allows remo ...)
 	NOT-FOR-US: VBZooM
-CVE-2006-3055
+CVE-2006-3055 (Multiple SQL injection vulnerabilities in VBZooM 1.02 allow remote att ...)
 	NOT-FOR-US: VBZooM
-CVE-2006-3054
+CVE-2006-3054 (Multiple SQL injection vulnerabilities in VBZooM 1.11 allow remote att ...)
 	NOT-FOR-US: VBZooM
 CVE-2006-3053
 	NOT-FOR-US: PHORUM
-CVE-2006-3052
+CVE-2006-3052 (Cross-site scripting (XSS) vulnerability in Event Registration allows  ...)
 	NOT-FOR-US: Event Registration
-CVE-2006-3051
+CVE-2006-3051 (Cross-site scripting (XSS) vulnerability in list.php in SixCMS 6.0, an ...)
 	NOT-FOR-US: SixCMS
-CVE-2006-3050
+CVE-2006-3050 (Directory traversal vulnerability in detail.php in SixCMS 6.0, and oth ...)
 	NOT-FOR-US: SixCMS
-CVE-2006-3049
+CVE-2006-3049 (Multiple cross-site scripting (XSS) vulnerabilities in booking3.php in ...)
 	NOT-FOR-US: Mole Group Ticket Booking Script
-CVE-2006-3048
+CVE-2006-3048 (SQL injection vulnerability in TikiWiki 1.9.3.2 and possibly earlier v ...)
 	- tikiwiki 1.9.4-1 (medium)
-CVE-2006-3047
+CVE-2006-3047 (Cross-site scripting (XSS) vulnerability in TikiWiki 1.9.3.2 and possi ...)
 	- tikiwiki 1.9.4-1 (medium)
-CVE-2006-3046
+CVE-2006-3046 (Unspecified vulnerability in the admin login feature in Subtext 1.5, i ...)
 	NOT-FOR-US: Subtext
-CVE-2006-3045
+CVE-2006-3045 (PHP remote file inclusion vulnerability in manage_songs.php in Foing 0 ...)
 	NOT-FOR-US: Foing
-CVE-2006-3044
+CVE-2006-3044 (Cross-site scripting (XSS) vulnerability in LogiSphere 1.6.0 allows re ...)
 	NOT-FOR-US: LogiSphere
-CVE-2006-3043
+CVE-2006-3043 (Cross-site scripting (XSS) vulnerability in search.cfm in CreaFrameXe  ...)
 	NOT-FOR-US: CFXe-CMS
 CVE-2006-3042
 	NOT-FOR-US: ISPConfig
@@ -9436,218 +9436,218 @@ CVE-2006-3041
 	NOT-FOR-US: Codewalkers Ltwcalendar
 CVE-2006-3040
 	NOT-FOR-US: Amr Talkbox
-CVE-2006-3039
+CVE-2006-3039 (Cross-site scripting (XSS) vulnerability in index.php in Cescripts Rea ...)
 	NOT-FOR-US: Cescripts Realty Home Rent
-CVE-2006-3038
+CVE-2006-3038 (Cross-site scripting (XSS) vulnerability in index.php in Cescripts Rea ...)
 	NOT-FOR-US: Cescripts Realty Home Rent
-CVE-2006-3037
+CVE-2006-3037 (Multiple cross-site scripting (XSS) vulnerabilities in publish.php in  ...)
 	NOT-FOR-US: ST AdManager Lite
-CVE-2006-3036
+CVE-2006-3036 (Multiple cross-site scripting (XSS) vulnerabilities in 35mmslidegaller ...)
 	NOT-FOR-US: 35mmslidegallery
-CVE-2006-3035
+CVE-2006-3035 (Multiple cross-site scripting (XSS) vulnerabilities in addwords.php in ...)
 	NOT-FOR-US: MyScrapbook
-CVE-2006-3034
+CVE-2006-3034 (MyScrapbook 3.1 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: MyScrapbook
-CVE-2006-3033
+CVE-2006-3033 (Cross-site scripting (XSS) vulnerability in MyScrapbook 3.1 allows rem ...)
 	NOT-FOR-US: MyScrapbook
-CVE-2006-3032
+CVE-2006-3032 (Multiple cross-site scripting (XSS) vulnerabilities in Xtreme ASP Phot ...)
 	NOT-FOR-US: Xtreme ASP Photo Gallery
-CVE-2006-3031
+CVE-2006-3031 (Multiple cross-site scripting (XSS) vulnerabilities in index.asp in fi ...)
 	NOT-FOR-US: fipsCMS
-CVE-2006-3030
+CVE-2006-3030 (Multiple cross-site scripting (XSS) vulnerabilities in DwZone Shopping ...)
 	NOT-FOR-US: DwZone Shopping Cart
-CVE-2006-3029
+CVE-2006-3029 (Cross-site scripting (XSS) vulnerability in default.asp in ClickTech C ...)
 	NOT-FOR-US: ClickTech Clickcart
-CVE-2006-3028
+CVE-2006-3028 (PHP remote file inclusion vulnerability in stat_modules/users_age/modu ...)
 	NOT-FOR-US: Minerva
-CVE-2006-3027
+CVE-2006-3027 (Multiple SQL injection vulnerabilities in Enthrallwebe ePhotos 2.2 and ...)
 	NOT-FOR-US: Enthrallwebe ePhotos
-CVE-2006-3026
+CVE-2006-3026 (Multiple cross-site scripting (XSS) vulnerabilities in ClickGallery 5. ...)
 	NOT-FOR-US: ClickGallery
-CVE-2006-3025
+CVE-2006-3025 (Cross-site scripting (XSS) vulnerability in Cal.PHP3 in Chris Lea Luci ...)
 	NOT-FOR-US: Chris Lea Lucid Calendar
-CVE-2006-3024
+CVE-2006-3024 (Multiple cross-site scripting (XSS) vulnerabilities in EvGenius Counte ...)
 	NOT-FOR-US: EvGenius Counter
-CVE-2006-3023
+CVE-2006-3023 (Multiple cross-site scripting (XSS) vulnerabilities in thumbnails.asp  ...)
 	NOT-FOR-US: Uapplication Uphotogallery
-CVE-2006-3022
+CVE-2006-3022 (Cross-site scripting (XSS) vulnerability in zoom.php in fipsGallery 1. ...)
 	NOT-FOR-US: fipsGallery
-CVE-2006-3021
+CVE-2006-3021 (Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar i-Ga ...)
 	NOT-FOR-US: BlueCollar i-Gallery
-CVE-2006-3020
+CVE-2006-3020 (Multiple cross-site scripting (XSS) vulnerabilities in FullPhoto.asp i ...)
 	NOT-FOR-US: WS-Album
-CVE-2006-3019
+CVE-2006-3019 (Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2  ...)
 	NOT-FOR-US: phpCMS
-CVE-2006-3018
+CVE-2006-3018 (Unspecified vulnerability in the session extension functionality in PH ...)
 	- php5 5.1.4-0.1 (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: Sanitising is the application's responsibilitys
-CVE-2006-3017
+CVE-2006-3017 (zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x  ...)
 	{DSA-1206-1}
 	- php5 5.1.4-0.1 (medium)
 	- php4 4:4.4.4-1 (medium; bug #381998)
-CVE-2006-3016
+CVE-2006-3016 (Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown ...)
 	- php5 5.1.4-0.1 (unimportant)
 	- php4 4:4.4.4-1 (unimportant; bug #382259)
 	NOTE: Sanitising is the application's responsibilitys
-CVE-2006-3015
+CVE-2006-3015 (Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remo ...)
 	NOT-FOR-US: WinSCP
-CVE-2006-3014
+CVE-2006-3014 (Microsoft Excel allows user-assisted attackers to execute arbitrary ja ...)
 	NOT-FOR-US: Microsoft Excel / Flashplayer for Windows
-CVE-2006-3013
+CVE-2006-3013 (Interpretation conflict in resetpw.php in phpBannerExchange before 2.0 ...)
 	NOT-FOR-US: phpBannerExchange
-CVE-2006-3012
+CVE-2006-3012 (SQL injection vulnerability in phpBannerExchange before 2.0 Update 6 a ...)
 	NOT-FOR-US: phpBannerExchange
-CVE-2006-3011
+CVE-2006-3011 (The error_log function in basic_functions.c in PHP before 4.4.4 and 5. ...)
 	- php4 4:4.4.4-1 (unimportant)
 	- php5 5.1.6-1 (unimportant)
 	NOTE: Safe mode violations are not supported
-CVE-2006-3010
+CVE-2006-3010 (Multiple SQL injection vulnerabilities in Open Business Management (OB ...)
 	NOT-FOR-US: Open Business Management
-CVE-2006-3009
+CVE-2006-3009 (Multiple cross-site scripting (XSS) vulnerabilities in Open Business M ...)
 	NOT-FOR-US: Open Business Management
 CVE-2006-3008
 	REJECTED
-CVE-2006-3007
+CVE-2006-3007 (Multiple cross-site scripting (XSS) vulnerabilities in SHOUTcast 1.9.5 ...)
 	NOT-FOR-US: SHOUTcast
-CVE-2006-3006
+CVE-2006-3006 (Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly o ...)
 	NOT-FOR-US: iFoto
-CVE-2006-3005
+CVE-2006-3005 (The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is bu ...)
 	- libjpeg6b <not-affected> (--maxmem is set during configure)
 	- libjpeg-mmx <removed> (bug #373672; low)
 	[sarge] - libjpeg-mmx <no-dsa> (If this poses a threat, the admin can apply resource limits)
-CVE-2006-3004
+CVE-2006-3004 (Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Man ...)
 	NOT-FOR-US: Ez Ringtone
-CVE-2006-3003
+CVE-2006-3003 (details.php in Easy Ad-Manager allows remote attackers to obtain the f ...)
 	NOT-FOR-US: Easy Ad-Manager
-CVE-2006-3002
+CVE-2006-3002 (Cross-site scripting (XSS) vulnerability in details.php in Easy Ad-Man ...)
 	NOT-FOR-US: OkScripts product
-CVE-2006-3001
+CVE-2006-3001 (Cross-site scripting (XSS) vulnerability in search.php in OkScripts Ok ...)
 	NOT-FOR-US: OkScripts product
-CVE-2006-3000
+CVE-2006-3000 (Cross-site scripting (XSS) vulnerability in search.php in OkScripts Ok ...)
 	NOT-FOR-US: OkScripts product
-CVE-2006-2999
+CVE-2006-2999 (Cross-site scripting (XSS) vulnerability in search.php in OkScripts Qu ...)
 	NOT-FOR-US: OkScripts product
-CVE-2006-2998
+CVE-2006-2998 (PHP remote file inclusion vulnerability in board/post.php in free QBoa ...)
 	NOT-FOR-US: QBoard
-CVE-2006-2997
+CVE-2006-2997 (Cross-site scripting (XSS) vulnerability in ZMS 2.9 and earlier, when  ...)
 	- zope-zms <unfixed> (bug #373667; unimportant)
 	[sarge] - zope-zms <no-dsa> (Only exploitable with register_globals)
 	NOTE: register_globals is an unsupported mode of operation in Debian
-CVE-2006-2996
+CVE-2006-2996 (PHP remote file inclusion vulnerability in inc/design.inc.php in LoveC ...)
 	NOT-FOR-US: aePartner
-CVE-2006-2995
+CVE-2006-2995 (Multiple PHP remote file inclusion vulnerabilities in WebprojectDB 0.1 ...)
 	NOT-FOR-US: WebprojectDB
-CVE-2006-2994
+CVE-2006-2994 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ph ...)
 	NOT-FOR-US: phazizGuestbook
-CVE-2006-2993
+CVE-2006-2993 (Multiple SQL injection vulnerabilities in My Photo Scrapbook 1.0 and e ...)
 	NOT-FOR-US: My Photo Scrapbook
-CVE-2006-2992
+CVE-2006-2992 (Cross-site scripting (XSS) vulnerability in display.asp in My Photo Sc ...)
 	NOT-FOR-US: My Photo Scrapbook
-CVE-2006-2991
+CVE-2006-2991 (Multiple cross-site scripting (XSS) vulnerabilities in Ringlink 3.2 al ...)
 	NOT-FOR-US: Ringlink
-CVE-2006-2990
+CVE-2006-2990 (Cross-site scripting (XSS) vulnerability in default.asp in VanillaSoft ...)
 	NOT-FOR-US: VanillaSoft
-CVE-2006-2989
+CVE-2006-2989 (Cross-site scripting (XSS) vulnerability in listpics.asp in ASP ListPi ...)
 	NOT-FOR-US: ASP ListPics
-CVE-2006-2988
+CVE-2006-2988 (Cross-site scripting (XSS) vulnerability in dictionary.php in Chemical ...)
 	NOT-FOR-US: Chemical Dictionary
-CVE-2006-2987
+CVE-2006-2987 (Multiple SQL injection vulnerabilities in Dominios Europa PICRATE (aka ...)
 	NOT-FOR-US: PICRATE
-CVE-2006-2986
+CVE-2006-2986 (Multiple cross-site scripting (XSS) vulnerabilities in Baby Katie Medi ...)
 	NOT-FOR-US: vSCAL and vsREAL
-CVE-2006-2985
+CVE-2006-2985 (SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earli ...)
 	NOT-FOR-US: IntegraMOD
-CVE-2006-2984
+CVE-2006-2984 (Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1. ...)
 	NOT-FOR-US: IntegraMOD
-CVE-2006-2983
+CVE-2006-2983 (PHP remote file inclusion vulnerability in Enterprise Timesheet and Pa ...)
 	NOT-FOR-US: Enterprise Timesheet and Payroll Systems (EPS)
-CVE-2006-2982
+CVE-2006-2982 (Multiple PHP remote file inclusion vulnerabilities in Enterprise Times ...)
 	NOT-FOR-US: Enterprise Timesheet and Payroll Systems (EPS)
-CVE-2006-2981
+CVE-2006-2981 (SQL injection vulnerability in vs_search.php in Arantius Vice Stats be ...)
 	NOT-FOR-US: Arantius Vice Stats
-CVE-2006-2980
+CVE-2006-2980 (SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop ...)
 	NOT-FOR-US: ViArt
-CVE-2006-2979
+CVE-2006-2979 (Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free ...)
 	NOT-FOR-US: ViArt
-CVE-2006-2978
+CVE-2006-2978 (Mafia Moblog 0.6M1 and earlier allows remote attackers to obtain the i ...)
 	NOT-FOR-US: Moblog
-CVE-2006-2977
+CVE-2006-2977 (SQL injection vulnerability in big.php in Mafia Moblog 0.6M1 and earli ...)
 	NOT-FOR-US: Moblog
-CVE-2006-2976
+CVE-2006-2976 (Unspecified vulnerability in usermgr.php in Coppermine Photo Gallery b ...)
 	NOT-FOR-US: Coppermine
-CVE-2006-2975
+CVE-2006-2975 (Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.ph ...)
 	NOT-FOR-US: PBL Guestbook
-CVE-2006-2974
+CVE-2006-2974 (Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect  ...)
 	NOT-FOR-US: EmailArchitect
-CVE-2006-2973
+CVE-2006-2973 (Multiple SQL injection vulnerabilities in month.php in PHP Lite Calend ...)
 	NOT-FOR-US: PHP Lite Calendar
-CVE-2006-2972
+CVE-2006-2972 (SQL injection vulnerability in vs_resource.php in Arantius Vice Stats  ...)
 	NOT-FOR-US: Arantius Vice Stats
-CVE-2006-2971
+CVE-2006-2971 (Integer overflow in the recv_packet function in 0verkill 0.16 allows r ...)
 	- overkill 0.16-9 (bug #373687; low)
 	[sarge] - overkill <no-dsa> (Only DoS against an obscure game, no code injection possible)
-CVE-2006-2970
+CVE-2006-2970 (videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain ...)
 	NOT-FOR-US: tinyMuw
-CVE-2006-2969
+CVE-2006-2969 (Cross-site scripting (XSS) vulnerability in L0j1k tinyMuw 0.1.0 allow  ...)
 	NOT-FOR-US: tinyMuw
-CVE-2006-2968
+CVE-2006-2968 (Cross-site scripting (XSS) vulnerability in search.php in PHP Labware  ...)
 	NOT-FOR-US: LabWiki
-CVE-2006-2967
+CVE-2006-2967 (Syworks SafeNET allows local users to bypass restrictions on network r ...)
 	NOT-FOR-US: SafeNET
-CVE-2006-2966
+CVE-2006-2966 (Cross-site scripting (XSS) vulnerability in Particle Soft Particle Wik ...)
 	NOT-FOR-US: Particle Wiki
-CVE-2006-2965
+CVE-2006-2965 (Multiple cross-site scripting (XSS) vulnerabilities in Particle Soft P ...)
 	NOT-FOR-US: Particle Whois
-CVE-2006-2964
+CVE-2006-2964 (Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts D ...)
 	NOT-FOR-US: Xtreme Downloads
-CVE-2006-2963
+CVE-2006-2963 (Cross-site scripting (XSS) vulnerability in Suchergebnisse.asp in Caba ...)
 	NOT-FOR-US: Cabacos Web CMS
-CVE-2006-2962
+CVE-2006-2962 (PHP remote file inclusion vulnerability in sql_fcnsOLD.php in Emergeni ...)
 	NOT-FOR-US: Empris
-CVE-2006-2961
+CVE-2006-2961 (Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remot ...)
 	NOT-FOR-US: CesarFTP
-CVE-2006-2960
+CVE-2006-2960 (PHP remote file inclusion vulnerability in includes/joomla.php in Joom ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-2959
+CVE-2006-2959 (SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 an ...)
 	NOT-FOR-US: Snitz Forum
-CVE-2006-2958
+CVE-2006-2958 (Directory traversal vulnerability in FilZip 3.05 allows remote attacke ...)
 	NOT-FOR-US: FilZip
-CVE-2006-2957
+CVE-2006-2957 (Cross-site scripting (XSS) vulnerability in i.List 1.5 beta and earlie ...)
 	NOT-FOR-US: i.List
-CVE-2006-2956
+CVE-2006-2956 (Multiple cross-site scripting (XSS) vulnerabilities in i.List 1.5 beta ...)
 	NOT-FOR-US: i.List
-CVE-2006-2955
+CVE-2006-2955 (Multiple cross-site scripting (XSS) vulnerabilities in KAPhotoservice  ...)
 	NOT-FOR-US: KAPhotoservice
-CVE-2006-2954
+CVE-2006-2954 (SQL injection vulnerability in files.asp in OfficeFlow 2.6 and earlier ...)
 	NOT-FOR-US: OfficeFlow
-CVE-2006-2953
+CVE-2006-2953 (Cross-site scripting (XSS) vulnerability in default.asp in OfficeFlow  ...)
 	NOT-FOR-US: OfficeFlow
-CVE-2006-2952
+CVE-2006-2952 (Directory traversal vulnerability in Net Portal Dynamic System (NPDS)  ...)
 	NOT-FOR-US: NPDS
-CVE-2006-2951
+CVE-2006-2951 (Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dyna ...)
 	NOT-FOR-US: NPDS
-CVE-2006-2950
+CVE-2006-2950 (Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attack ...)
 	NOT-FOR-US: NPDS
-CVE-2006-2949
+CVE-2006-2949 (Cross-site scripting (XSS) vulnerability in private.php in MyBB 1.1.2  ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-2948
+CVE-2006-2948 (A-CART 2.0 stores the acart2_0.mdb file under the web document root wi ...)
 	NOT-FOR-US: A-CART
-CVE-2006-2947
+CVE-2006-2947 (Dmx Forum 2.1a allows remote attackers to obtain username and password ...)
 	NOT-FOR-US: Dmx Forum
-CVE-2006-2946
+CVE-2006-2946 (Dmx Forum 2.1a stores _includes/bd.inc under the web root with insuffi ...)
 	NOT-FOR-US: Dmx Forum
-CVE-2006-2945
+CVE-2006-2945 (Unspecified vulnerability in the user profile change functionality in  ...)
 	- dokuwiki 0.0.20060309-4 (bug #373689; low)
-CVE-2006-2944
+CVE-2006-2944 (Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier all ...)
 	NOT-FOR-US: FORM2MAIL
-CVE-2006-2943
+CVE-2006-2943 (Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows ...)
 	NOT-FOR-US: WebFORM
-CVE-2006-2942
+CVE-2006-2942 (TWiki 4.0.0, 4.0.1, and 4.0.2 allows remote attackers to gain Twiki ad ...)
 	- twiki <not-affected> (Debian's version is old and does not include affected file)
-CVE-2006-2941
+CVE-2006-2941 (Mailman before 2.1.9rc1 allows remote attackers to cause a denial of s ...)
 	- mailman <not-affected> (Mailman uses the system version of the affected Python lib)
-CVE-2006-2940
+CVE-2006-2940 (OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions ...)
 	{DSA-1195-1 DSA-1185-2}
 	- openssl 0.9.8c-2 (bug #389940)
 	- openssl097 0.9.7k-2
@@ -9656,298 +9656,298 @@ CVE-2006-2939
 	REJECTED
 CVE-2006-2938
 	REJECTED
-CVE-2006-2937
+CVE-2006-2937 (OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote atta ...)
 	{DSA-1185-2}
 	- openssl 0.9.8c-2 (bug #389940)
 	- openssl097 0.9.7k-2
 	- openssl096 <not-affected>
-CVE-2006-2936
+CVE-2006-2936 (The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up t ...)
 	{DSA-1184-2}
 	- linux-2.6 2.6.17-5 (low)
-CVE-2006-2935
+CVE-2006-2935 (The dvd_read_bca function in the DVD handling code in drivers/cdrom/cd ...)
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 2.6.17-5 (low)
-CVE-2006-2934
+CVE-2006-2934 (SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kern ...)
 	- linux-2.6 2.6.17-3
-CVE-2006-2933
+CVE-2006-2933 (kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterpri ...)
 	[sarge] - kdebase <not-affected> (Only KDE < 3.2 vulnerable)
 	- kdebase 3.5.2-1 (medium)
 	NOTE: exact fixed version not known, however bug only affects < 3.2
-CVE-2006-2932
+CVE-2006-2932 (A regression error in the restore_all code path of the 4/4GB split sup ...)
 	- linux-2.6 <not-affected> (vulnerable code not present)
-CVE-2006-2931
+CVE-2006-2931 (CMS Mundo before 1.0 build 008 does not properly verify uploaded image ...)
 	NOT-FOR-US: CMS Mundo
-CVE-2006-2930
+CVE-2006-2930 (Unspecified vulnerability in Sun Grid Engine 5.3 and Sun N1 Grid Engin ...)
 	NOT-FOR-US: Sun
-CVE-2006-2929
+CVE-2006-2929 (PHP remote file inclusion vulnerability in contrib/forms/evaluation/C_ ...)
 	NOT-FOR-US: OpenEMR
-CVE-2006-2928
+CVE-2006-2928 (Multiple PHP remote file inclusion vulnerabilities in CMS-Bandits 2.5  ...)
 	NOT-FOR-US: CMS-Bandits
-CVE-2006-2927
+CVE-2006-2927 (Multiple cross-site scripting (XSS) vulnerabilities in post.asp in Cod ...)
 	NOT-FOR-US: CAForum
-CVE-2006-2926
+CVE-2006-2926 (Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6. ...)
 	NOT-FOR-US: Qbik
-CVE-2006-2925
+CVE-2006-2925 (Cross-site scripting (XSS) vulnerability in the web interface in Ingat ...)
 	NOT-FOR-US: Ingate
-CVE-2006-2924
+CVE-2006-2924 (Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4. ...)
 	NOT-FOR-US: Ingate
-CVE-2006-2923
+CVE-2006-2923 (The iax_net_read function in the iaxclient open source library, as use ...)
 	- iaxclient 0.0+svn20060520-2
-CVE-2006-2922
+CVE-2006-2922 (Multiple PHP remote file inclusion vulnerabilities in MiraksGalerie 2. ...)
 	NOT-FOR-US: MiraksGalerie
-CVE-2006-2921
+CVE-2006-2921 (PHP remote file inclusion vulnerability in cmpro_header.inc.php in Cla ...)
 	NOT-FOR-US: CMPro
-CVE-2006-2920
+CVE-2006-2920 (Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote att ...)
 	- sylpheed 2.2.6-1 (low)
 	[sarge] - sylpheed <no-dsa> (Minor evasion of phishing protection feature)
 	- sylpheed-gtk1 1.0.6-3 (bug #373187; low)
 	- sylpheed-claws 1.0.5-3 (bug #372891; low)
 	[sarge] - sylpheed-claws <no-dsa> (Minor evasion of phishing protection feature)
 	- sylpheed-claws-gtk2 2.3.0-1 (bug #372889; low)
-CVE-2006-2919
+CVE-2006-2919 (Unspecified vulnerability in Microsoft NetMeeting 3.01 allows remote a ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2918
+CVE-2006-2918 (The Lanap BotDetect APS.NET CAPTCHA component before 1.5.4.0 stores th ...)
 	NOT-FOR-US: Lanap BotDetect APS.NET CAPTCHA component
-CVE-2006-2917
+CVE-2006-2917 (Directory traversal vulnerability in the IMAP server in WinGate 6.1.2. ...)
 	NOT-FOR-US: WinGate
-CVE-2006-2916
+CVE-2006-2916 (artswrapper in aRts, when running setuid root on Linux 2.6.0 or later  ...)
 	- arts 1.5.3-2 (bug #374003; low)
 	[sarge] - arts <not-affected> (Not setuid root in Debian)
 	NOTE: artswrapper is not suid root by default, but README.Debian describes it
-CVE-2006-2915
+CVE-2006-2915 (Multiple SQL injection vulnerabilities in DeluxeBB 1.06 allow remote a ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-2914
+CVE-2006-2914 (PHP remote file inclusion vulnerability in DeluxeBB 1.06 allows remote ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-2913
+CVE-2006-2913 (Cross-site scripting (XSS) vulnerability in SelectaPix 1.31 allows rem ...)
 	NOT-FOR-US: SelectaPix
-CVE-2006-2912
+CVE-2006-2912 (Multiple SQL injection vulnerabilities in SelectaPix 1.31 allow remote ...)
 	NOT-FOR-US: SelectaPix
-CVE-2006-2911
+CVE-2006-2911 (SQL injection vulnerability in controlpanel/index.php in CMS Mundo bef ...)
 	NOT-FOR-US: CMS Mundo
-CVE-2006-2910
+CVE-2006-2910 (Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other ver ...)
 	NOT-FOR-US: jetAudio
-CVE-2006-2909
+CVE-2006-2909 (Stack-based buffer overflow in the info tip shell extension (zipinfo.d ...)
 	NOT-FOR-US: PicoZip
-CVE-2006-2908
+CVE-2006-2908 (The domecode function in inc/functions_post.php in MyBulletinBoard (My ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 CVE-2006-2907
 	RESERVED
-CVE-2006-2906
+CVE-2006-2906 (The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas ...)
 	{DSA-1117}
 	- libgd2 2.0.33-5 (bug #372912; low)
 	- tetex-bin <not-affected> (Links dynamically, see #382506)
-CVE-2006-2905
+CVE-2006-2905 (Partial Links 1.2.2 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: Partial Links
-CVE-2006-2904
+CVE-2006-2904 (SQL injection vulnerability in index.php in Partial Links 1.2.2 allows ...)
 	NOT-FOR-US: Partial Links
-CVE-2006-2903
+CVE-2006-2903 (Cross-site scripting (XSS) vulnerability in admin.php in Particle Link ...)
 	NOT-FOR-US: Partial Links
-CVE-2006-2902
+CVE-2006-2902 (Directory traversal vulnerability in Particle Links 1.2.2 might allow  ...)
 	NOT-FOR-US: Partial Links
-CVE-2006-2901
+CVE-2006-2901 (The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware  ...)
 	NOT-FOR-US: D-Link
-CVE-2006-2900
+CVE-2006-2900 (Internet Explorer 6 allows user-assisted remote attackers to read arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2899
+CVE-2006-2899 (Unspecified vulnerability in ESTsoft InternetDISK versions before 2006 ...)
 	NOT-FOR-US: ESTsoft InternetDISK
-CVE-2006-2898
+CVE-2006-2898 (The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 an ...)
 	{DSA-1126}
 	- asterisk 1:1.2.10.dfsg-2 (bug #380054)
 	- iax 0.2.2-5
 	[sarge] - iax <not-affected> (Vulnerable code not present)
 	- iaxmodem 0.1.8.dfsg-2
-CVE-2006-2897
+CVE-2006-2897 (Cross-site scripting (XSS) vulnerability in FunkBoard 0.71 allows remo ...)
 	NOT-FOR-US: Funkboard
-CVE-2006-2896
+CVE-2006-2896 (profile.php in FunkBoard CF0.71 allows remote attackers to change arbi ...)
 	NOT-FOR-US: Funkboard
-CVE-2006-2895
+CVE-2006-2895 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.6.0 up to vers ...)
 	- mediawiki <not-affected> (Affects only 1.6.0-1.6.6)
-CVE-2006-2894
+CVE-2006-2894 (Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, M ...)
 	{DSA-1401-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5
-CVE-2006-2893
+CVE-2006-2893 (index.php in GANTTy 1.0.3 allows remote attackers to obtain the full p ...)
 	NOT-FOR-US: GANTTy
-CVE-2006-2892
+CVE-2006-2892 (Cross-site scripting (XSS) vulnerability in index.php in GANTTy 1.0.3  ...)
 	NOT-FOR-US: GANTTy
-CVE-2006-2891
+CVE-2006-2891 (Cross-site scripting (XSS) vulnerability in admin/index.php for Pixelp ...)
 	NOT-FOR-US: Pixelpost
-CVE-2006-2890
+CVE-2006-2890 (Pixelpost 1-5rc1-2 and earlier, when register_globals is enabled, allo ...)
 	NOT-FOR-US: Pixelpost
-CVE-2006-2889
+CVE-2006-2889 (Multiple SQL injection vulnerabilities in index.php in Pixelpost 1-5rc ...)
 	NOT-FOR-US: Pixelpost
-CVE-2006-2888
+CVE-2006-2888 (PHP remote file inclusion vulnerability in _wk/wk_lang.php in Wikiwig  ...)
 	NOT-FOR-US: Wikiwig
-CVE-2006-2887
+CVE-2006-2887 (Multiple SQL injection vulnerabilities in myNewsletter 1.1.2 and earli ...)
 	NOT-FOR-US: myNewsletter
-CVE-2006-2886
+CVE-2006-2886 (view.php in KnowledgeTree Open Source 3.0.3 and earlier allows remote  ...)
 	- knowledgetree <removed> (bug #373137; low)
-CVE-2006-2885
+CVE-2006-2885 (Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree O ...)
 	- knowledgetree <removed> (bug #373137; low)
-CVE-2006-2884
+CVE-2006-2884 (SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows remot ...)
 	NOT-FOR-US: Kmita
-CVE-2006-2883
+CVE-2006-2883 (Cross-site scripting (XSS) vulnerability in search.php in Kmita FAQ 1. ...)
 	NOT-FOR-US: Kmita
-CVE-2006-2882
+CVE-2006-2882 (Multiple cross-site scripting (XSS) vulnerabilities submit.asp in ASPS ...)
 	NOT-FOR-US: ASPScriptz
-CVE-2006-2881
+CVE-2006-2881 (Multiple PHP remote file inclusion vulnerabilities in DreamAccount 3.1 ...)
 	NOT-FOR-US: DreamAccount
-CVE-2006-2880
+CVE-2006-2880 (Cross-site scripting (XSS) vulnerability in the Contributed Packages f ...)
 	NOT-FOR-US: pyblosxom package doesn't ship plugins
-CVE-2006-2879
+CVE-2006-2879 (SQL injection vulnerability in newscomments.php in Alex News-Engine 1. ...)
 	NOT-FOR-US: Alex News-Engine
-CVE-2006-2878
+CVE-2006-2878 (The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and earlier a ...)
 	- dokuwiki 0.0.20060309-4 (bug #370369; bug #370785; high)
-CVE-2006-2877
+CVE-2006-2877 (PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlie ...)
 	NOT-FOR-US: Bookmark4U
-CVE-2006-2876
+CVE-2006-2876 (Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish ...)
 	NOT-FOR-US: PHP Pro Publish
-CVE-2006-2875
+CVE-2006-2875 (Stack-based buffer overflow in the CL_ParseDownload function of Quake  ...)
 	- tremulous 1.1.0-6 (bug #660827)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
 	- ioquake3 1.36+svn1788j-1
-CVE-2006-2874
+CVE-2006-2874 (Unspecified vulnerability in OSADS Alliance Database before 1.4 has un ...)
 	NOT-FOR-US: OSADS
-CVE-2006-2873
+CVE-2006-2873 (Cross-site scripting (XSS) vulnerability in hava.asp in Enigma Haber 4 ...)
 	NOT-FOR-US: Enigma Haber
-CVE-2006-2872
+CVE-2006-2872 (PHP remote file inclusion vulnerability in config.php in Rumble 1.02 a ...)
 	NOT-FOR-US: Rumble
 CVE-2006-2871
 	NOT-FOR-US: CyBoards
-CVE-2006-2870
+CVE-2006-2870 (Cross-site scripting (XSS) vulnerability in forum_search.asp in Intell ...)
 	NOT-FOR-US: Intelligent Solutions Inc.
-CVE-2006-2869
+CVE-2006-2869 (Unspecified vulnerability in the CHM unpacker in avast! before 4.7.844 ...)
 	NOT-FOR-US: Avast
-CVE-2006-2868
+CVE-2006-2868 (Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6  ...)
 	NOT-FOR-US: Claroline
-CVE-2006-2867
+CVE-2006-2867 (SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta an ...)
 	NOT-FOR-US: CoolForum
-CVE-2006-2866
+CVE-2006-2866 (PHP remote file inclusion vulnerability in layout/prepend.php in DotCl ...)
 	NOT-FOR-US: DotClear
 CVE-2006-2865
 	NOTE: phpbb2, but invalid
-CVE-2006-2864
+CVE-2006-2864 (Multiple PHP remote file inclusion vulnerabilities in BlueShoes Framew ...)
 	NOT-FOR-US: BlueShoes
-CVE-2006-2863
+CVE-2006-2863 (PHP remote file inclusion vulnerability in class.cs_phpmailer.php in C ...)
 	NOT-FOR-US: CS-Cart
-CVE-2006-2862
+CVE-2006-2862 (SQL injection vulnerability in viewimage.php in Particle Gallery 1.0.0 ...)
 	NOT-FOR-US: Particle Gallery
-CVE-2006-2861
+CVE-2006-2861 (SQL injection vulnerability in index.php in Particle Wiki 1.0.2 and ea ...)
 	NOT-FOR-US: Particle Wiki
-CVE-2006-2860
+CVE-2006-2860 (PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 allow ...)
 	NOT-FOR-US: Webspotblogging
 CVE-2006-2859
 	NOT-FOR-US: MyBloggie
-CVE-2006-2858
+CVE-2006-2858 (SQL injection vulnerability in viewmsg.asp in LocazoList Classifieds 1 ...)
 	NOT-FOR-US: LocazoList
-CVE-2006-2857
+CVE-2006-2857 (SQL injection vulnerability in index.php in LifeType 1.0.4 allows remo ...)
 	NOT-FOR-US: LifeType
-CVE-2006-2856
+CVE-2006-2856 (ActiveState ActivePerl 5.8.8.817 for Windows configures the site/lib d ...)
 	NOT-FOR-US: ActiveState
-CVE-2006-2855
+CVE-2006-2855 (SQL injection vulnerability in index.php in xueBook 1.0 allows remote  ...)
 	NOT-FOR-US: xueBook
-CVE-2006-2854
+CVE-2006-2854 (SQL injection vulnerability in index.php in iBWd Guestbook 1.0 allows  ...)
 	NOT-FOR-US: iBWd
-CVE-2006-2853
+CVE-2006-2853 (SQL injection vulnerability in content.php in abarcar Realty Portal 5. ...)
 	NOT-FOR-US: abarcar
-CVE-2006-2852
+CVE-2006-2852 (PHP remote file inclusion vulnerability in dotWidget CMS 1.0.6 and ear ...)
 	NOT-FOR-US: dotWidget
-CVE-2006-2851
+CVE-2006-2851 (Cross-site scripting (XSS) vulnerability in index.php in dotProject 2. ...)
 	NOT-FOR-US: dotProject
-CVE-2006-2850
+CVE-2006-2850 (Cross-site scripting (XSS) vulnerability in recentchanges.php in PHP L ...)
 	NOT-FOR-US: LabWiki
-CVE-2006-2849
+CVE-2006-2849 (PHP remote file inclusion vulnerability in includes/webdav/server.php  ...)
 	NOT-FOR-US: Bytehoard
-CVE-2006-2848
+CVE-2006-2848 (links.asp in aspWebLinks 2.0 allows remote attackers to change the adm ...)
 	NOT-FOR-US: aspWebLinks
-CVE-2006-2847
+CVE-2006-2847 (SQL injection vulnerability in links.asp in aspWebLinks 2.0 allows rem ...)
 	NOT-FOR-US: aspWebLinks
-CVE-2006-2846
+CVE-2006-2846 (Cross-site scripting (XSS) vulnerability in Print.PHP in VisionGate Po ...)
 	NOT-FOR-US: VisionGate
-CVE-2006-2845
+CVE-2006-2845 (PHP remote file inclusion vulnerability in Redaxo 3.0 up to 3.2 allows ...)
 	NOT-FOR-US: Redaxo
-CVE-2006-2844
+CVE-2006-2844 (Multiple PHP remote file inclusion vulnerabilities in Redaxo 3.0 allow ...)
 	NOT-FOR-US: Redaxo
-CVE-2006-2843
+CVE-2006-2843 (PHP remote file inclusion vulnerability in Redaxo 2.7.4 allows remote  ...)
 	NOT-FOR-US: Redaxo
-CVE-2006-2841
+CVE-2006-2841 (Multiple PHP remote file inclusion vulnerabilities in AssoCIateD (aka  ...)
 	NOT-FOR-US: AssoCIateD
-CVE-2006-2840
+CVE-2006-2840 (Cross-site scripting (XSS) vulnerability in (1) uploads.php and (2) "u ...)
 	NOT-FOR-US: PmWiki
-CVE-2006-2839
+CVE-2006-2839 (Directory traversal vulnerability in PG Problem Editor module (PGProbl ...)
 	NOT-FOR-US: WeBWorK
-CVE-2006-2838
+CVE-2006-2838 (Buffer overflow in the web console in F-Secure Anti-Virus for Microsof ...)
 	NOT-FOR-US: F-Secure
-CVE-2006-2837
+CVE-2006-2837 (Cross-site scripting (XSS) vulnerability in Techno Dreams Guest Book a ...)
 	NOT-FOR-US: Techno Dreams
-CVE-2006-2836
+CVE-2006-2836 (SQL injection vulnerability in comment.php in Pineapple Technologies L ...)
 	NOT-FOR-US: Pineapple Technologies Lore
-CVE-2006-2835
+CVE-2006-2835 (SQL injection vulnerability in saphplesson 2.0 allows remote attackers ...)
 	NOT-FOR-US: saphplesson
-CVE-2006-2834
+CVE-2006-2834 (PHP remote file inclusion vulnerability in includes/common.php in gnop ...)
 	NOT-FOR-US: gnopaste
-CVE-2006-2833
+CVE-2006-2833 (Cross-site scripting (XSS) vulnerability in the taxonomy module in Dru ...)
 	{DSA-1125}
 	- drupal 4.5.8-1.1 (medium)
-CVE-2006-2832
+CVE-2006-2832 (Cross-site scripting (XSS) vulnerability in the upload module (upload. ...)
 	{DSA-1125}
 	- drupal 4.5.8-1.1 (medium)
-CVE-2006-2831
+CVE-2006-2831 (Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under c ...)
 	{DSA-1125}
 	NOTE: Although not in the changelog, sesse@ (responsible for 4.5.8-1.1)
 	NOTE: says he pulled in the entire patch for DRUPAL-SA-2006-007, which
 	NOTE: fixes CVE-2006-2831.
 	- drupal 4.5.8-1.1 (medium)
-CVE-2006-2830
+CVE-2006-2830 (Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent  ...)
 	NOT-FOR-US: TIBCO
-CVE-2006-2829
+CVE-2006-2829 (Buffer overflow in Hawk Monitoring Agent (HMA) for TIBCO Hawk before 4 ...)
 	NOT-FOR-US: TIBCO
-CVE-2006-2828
+CVE-2006-2828 (Global variable overwrite vulnerability in PHP-Nuke allows remote atta ...)
 	NOT-FOR-US: PHP-Nuke
 CVE-2006-2827
 	NOT-FOR-US: X-Cart
-CVE-2006-2826
+CVE-2006-2826 (SQL injection vulnerability in sessions.inc in PHP Base Library (PHPLi ...)
 	NOT-FOR-US: PHPLIB
-CVE-2006-2825
+CVE-2006-2825 (cPanel does not automatically synchronize the PHP open_basedir configu ...)
 	NOT-FOR-US: cPanel the vhost manager, not cpanel the Chinese desktop configuration tool
-CVE-2006-2824
+CVE-2006-2824 (Logicalware MailManager before 2.0.10 does not remove 0xc8 0x27 (0xc8  ...)
 	NOT-FOR-US: Logicalware
-CVE-2006-2823
+CVE-2006-2823 (Katrien De Graeve a.shopKart 2.0 (aka ashopKart20) stores sensitive in ...)
 	NOT-FOR-US: ashopKart
-CVE-2006-2822
+CVE-2006-2822 (SQL injection vulnerability in admin/default.asp in Dusan Drobac CodeA ...)
 	NOT-FOR-US: cforum
-CVE-2006-2821
+CVE-2006-2821 (Multiple cross-site scripting (XSS) vulnerabilities in DeltaScripts Pr ...)
 	NOT-FOR-US: DeltaScripts
-CVE-2006-2820
+CVE-2006-2820 (Cross-site scripting (XSS) vulnerability in HotWebScripts.com Weblog O ...)
 	NOT-FOR-US: HotWebScripts
-CVE-2006-2819
+CVE-2006-2819 (PHP remote file inclusion vulnerability in Wiki.php in Barnraiser Iglo ...)
 	NOT-FOR-US: Barnraiser Igloo
-CVE-2006-2818
+CVE-2006-2818 (PHP remote file inclusion vulnerability in common-menu.php in Cameron  ...)
 	NOT-FOR-US: Cameron McKay Informium
-CVE-2006-2817
+CVE-2006-2817 (SQL injection vulnerability in bolum.php in tekno.Portal allows remote ...)
 	NOT-FOR-US: tekno.Portal
-CVE-2006-2816
+CVE-2006-2816 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in co ...)
 	NOT-FOR-US: CoolPHP
-CVE-2006-2815
+CVE-2006-2815 (Multiple cross-site scripting (XSS) vulnerabilities in Two Shoes M-Fac ...)
 	NOT-FOR-US: SimpleBoard
-CVE-2006-2814
+CVE-2006-2814 (Multiple buffer overflows in the (1) vGetPost and (2) main functions i ...)
 	NOT-FOR-US: iShopCart
-CVE-2006-2813
+CVE-2006-2813 (Directory traversal vulnerability in easy-scart.cgi in iShopCart allow ...)
 	NOT-FOR-US: iShopCart
-CVE-2006-2812
+CVE-2006-2812 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Do ...)
 	NOT-FOR-US: PICRATE
-CVE-2006-2811
+CVE-2006-2811 (Multiple PHP remote file inclusion vulnerabilities in Cantico Ovidenti ...)
 	NOT-FOR-US: Ovidentia
-CVE-2006-2810
+CVE-2006-2810 (Multiple cross-site scripting (XSS) vulnerabilities in Belchior Foundr ...)
 	NOT-FOR-US: Belchior vCard
-CVE-2006-2809
+CVE-2006-2809 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ar ...)
 	NOT-FOR-US: ar-blog
-CVE-2006-2808
+CVE-2006-2808 (Cross-site scripting (XSS) vulnerability in Lycos Tripod htmlGEAR gues ...)
 	NOT-FOR-US: Lycos
-CVE-2006-2807
+CVE-2006-2807 (ASPwebSoft Speedy Asp Discussion Forum allows remote attackers to chan ...)
 	NOT-FOR-US: ASPwebSoft
-CVE-2006-2806
+CVE-2006-2806 (The SMTP server in Apache Java Mail Enterprise Server (aka Apache Jame ...)
 	NOT-FOR-US: Apache James
 CVE-2006-2842
 	- squirrelmail 2:1.4.7-1 (unimportant; bug #373731)
@@ -9956,76 +9956,76 @@ CVE-2006-XXXX [webalizer: symlink vulnerability]
 	- webalizer 2.01.10-29 (low; bug #359745)
 	[sarge] - webalizer <no-dsa> (Minor issue)
 	NOTE: Only exploitable in far-fetched scenarios, running it as root is insecure anyway
-CVE-2006-2805
+CVE-2006-2805 (SQL injection vulnerability in VBulletin 3.0.10 allows remote attacker ...)
 	NOT-FOR-US: vBulletin
-CVE-2006-2804
+CVE-2006-2804 (Cross-site scripting (XSS) vulnerability in index.cfm in Goss Intellig ...)
 	NOT-FOR-US: Goss iCM
-CVE-2006-2803
+CVE-2006-2803 (Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker ...)
 	NOT-FOR-US: PHP ManualMaker
-CVE-2006-2802
+CVE-2006-2802 (Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib ...)
 	{DSA-1105}
 	- xine-lib 1.1.1-2 (bug #369876; medium)
-CVE-2006-2801
+CVE-2006-2801 (Multiple SQL injection vulnerabilities in Unak CMS 1.5 RC2 and earlier ...)
 	NOT-FOR-US: Unak CMS
-CVE-2006-2800
+CVE-2006-2800 (Multiple cross-site scripting (XSS) vulnerabilities in Unak CMS 1.5 RC ...)
 	NOT-FOR-US: Unak CMS
-CVE-2006-2799
+CVE-2006-2799 (Cross-site scripting (XSS) vulnerability in content_footer.php in toen ...)
 	NOT-FOR-US: toendaCMS
-CVE-2006-2798
+CVE-2006-2798 (Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCal ...)
 	NOT-FOR-US: phpCommunityCalendar
-CVE-2006-2797
+CVE-2006-2797 (Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3 a ...)
 	NOT-FOR-US: phpCommunityCalendar
-CVE-2006-2796
+CVE-2006-2796 (Cross-site scripting (XSS) vulnerability in gallery.php in Captivate 1 ...)
 	NOT-FOR-US: Captivate gallery.php
-CVE-2006-2795
+CVE-2006-2795 (Multiple cross-site scripting (XSS) vulnerabilities in XiTi Tracking S ...)
 	NOT-FOR-US: XiTi Tracking Script
-CVE-2006-2794
+CVE-2006-2794 (Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to rea ...)
 	NOT-FOR-US: ASPSitem
-CVE-2006-2793
+CVE-2006-2793 (SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and earlier a ...)
 	NOT-FOR-US: ASPSitem
-CVE-2006-2792
+CVE-2006-2792 (SQL injection vulnerability in misc.php in Woltlab Burning Board (WBB) ...)
 	NOT-FOR-US: wbboard
-CVE-2006-2791
+CVE-2006-2791 (Directory traversal vulnerability in index.php in iBoutique.MALL and p ...)
 	NOT-FOR-US: iBoutique.MALL
-CVE-2006-2790
+CVE-2006-2790 (A package component in Sun Storage Automated Diagnostic Environment (S ...)
 	NOT-FOR-US: Sun StorADE
-CVE-2006-2789
+CVE-2006-2789 (Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if s ...)
 	- evolution 2.4.0-1 (low)
 	[sarge] - evolution <not-affected> (Not reproducible on Sarge's evolution)
 	NOTE: Verified that the patch has been applied in 2.4.0-1,
 	NOTE: may have been fixed earlier.
-CVE-2006-2788
+CVE-2006-2788 (Double free vulnerability in the getRawDER function for nsIX509Cert in ...)
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	- mozilla <removed> (high)
 	- firefox 1.5.dfsg+1.5.0.4 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2787
+CVE-2006-2787 (EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows ...)
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-31
 	- firefox 1.5.dfsg+1.5.0.4-1 (medium)
 	- thunderbird 1.5.0.4-1 (medium)
 	- mozilla 2:1.7.13-0.3 (medium)
 	- xulrunner 1.8.0.4-1 (medium)
-CVE-2006-2786
+CVE-2006-2786 (HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbi ...)
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-33
 	- firefox 1.5.dfsg+1.5.0.4-1 (medium)
 	- thunderbird 1.5.0.4-1 (medium)
 	- mozilla 2:1.7.13-0.3 (medium)
 	- xulrunner 1.8.0.4-1 (medium)
-CVE-2006-2785
+CVE-2006-2785 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5 ...)
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-34
 	- firefox 1.5.dfsg+1.5.0.4-1 (medium)
 	- mozilla 2:1.7.13-0.3 (medium)
 	- xulrunner 1.8.0.4-1 (medium)
-CVE-2006-2784
+CVE-2006-2784 (The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows ...)
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-36
 	- firefox 1.5.dfsg+1.5.0.4-1 (medium)
 	- mozilla <removed> (medium)
 	- xulrunner 1.8.0.4-1 (medium)
-CVE-2006-2783
+CVE-2006-2783 (Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte- ...)
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-42
 	- firefox 1.5.dfsg+1.5.0.4-1 (medium)
@@ -10038,164 +10038,164 @@ CVE-2006-2783
 	[lenny] - qt4-x11 <no-dsa> (Minor impact, no apps in Lenny which use qtwebkit )
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against, Lenny is affected
 	- kdelibs <not-affected> (bug #561765)
-CVE-2006-2782
+CVE-2006-2782 (Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1 ...)
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-41
 	- firefox 1.5.dfsg+1.5.0.4-1 (medium)
 	- mozilla 2:1.7.13-0.3 (medium)
 	- xulrunner 1.8.0.4-1 (medium)
-CVE-2006-2781
+CVE-2006-2781 (Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before ...)
 	{DSA-1134-1 DSA-1118}
 	NOTE: MFSA-2006-40
 	- thunderbird 1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
-CVE-2006-2780
+CVE-2006-2780 (Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 all ...)
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-32
 	- firefox 1.5.dfsg+1.5.0.4-1 (high)
 	- thunderbird 1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2779
+CVE-2006-2779 (Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers  ...)
 	{DSA-1160 DSA-1159 DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-32
 	- firefox 1.5.dfsg+1.5.0.4-1 (high)
 	- thunderbird 1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2778
+CVE-2006-2778 (The crypto.signText function in Mozilla Firefox and Thunderbird before ...)
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-38
 	- firefox 1.5.dfsg+1.5.0.4-1 (high)
 	- thunderbird 1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2777
+CVE-2006-2777 (Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and SeaMon ...)
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-43
 	- firefox 1.5.dfsg+1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2776
+CVE-2006-2776 (Certain privileged UI code in Mozilla Firefox and Thunderbird before 1 ...)
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-37
 	- firefox 1.5.dfsg+1.5.0.4-1 (high)
 	- thunderbird 1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2775
+CVE-2006-2775 (Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attribut ...)
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-35
 	- firefox 1.5.dfsg+1.5.0.4-1 (high)
 	- thunderbird 1.5.0.4-1 (high)
 	- mozilla 2:1.7.13-0.3 (high)
 	- xulrunner 1.8.0.4-1 (high)
-CVE-2006-2774
+CVE-2006-2774 (Cross-site scripting (XSS) vulnerability in search.php in QontentOne C ...)
 	NOT-FOR-US: QontentOne
-CVE-2006-2773
+CVE-2006-2773 (admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does  ...)
 	NOT-FOR-US: Hogstorps
-CVE-2006-2772
+CVE-2006-2772 (Cross-site scripting (XSS) vulnerability in add.asp in Hogstorps hogst ...)
 	NOT-FOR-US: Hogstorps
-CVE-2006-2771
+CVE-2006-2771 (admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not v ...)
 	NOT-FOR-US: Hogstorps
-CVE-2006-2770
+CVE-2006-2770 (Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 an ...)
 	NOT-FOR-US: pppBLOG
-CVE-2006-2769
+CVE-2006-2769 (The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2. ...)
 	- snort 2.3.3-8 (low; bug #381726)
 	[sarge] - snort <no-dsa> (Minor impact)
-CVE-2006-2768
+CVE-2006-2768 (PHP remote file inclusion vulnerability in METAjour 2.1, when register ...)
 	NOT-FOR-US: METAjour
-CVE-2006-2767
+CVE-2006-2767 (PHP remote file inclusion vulnerability in Ottoman 1.1.2, when registe ...)
 	NOT-FOR-US: Ottoman
-CVE-2006-2766
+CVE-2006-2766 (Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explore ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2765
+CVE-2006-2765 (Cross-site scripting (XSS) vulnerability in news_information.php in In ...)
 	NOT-FOR-US: Interlink
-CVE-2006-2764
+CVE-2006-2764 (Cross-site scripting (XSS) vulnerability in GuestbookXL 1.3 allows rem ...)
 	NOT-FOR-US: GuestbookXL
-CVE-2006-2763
+CVE-2006-2763 (SQL injection vulnerability in Pre News Manager 1.0 allows remote atta ...)
 	NOT-FOR-US: Pre News Manager
-CVE-2006-2762
+CVE-2006-2762 (PHP remote file inclusion vulnerability in includes/config.php in WebC ...)
 	{DSA-1096-1}
 	- webcalendar 1.0.4-1 (medium)
-CVE-2006-2761
+CVE-2006-2761 (SQL injection vulnerability in Hitachi HITSENSER3 HITSENSER3/PRP, HITS ...)
 	NOT-FOR-US: Hitachi
-CVE-2006-2760
+CVE-2006-2760 (SQL injection vulnerability in modules.php in 4nNukeWare 4nForum 0.91  ...)
 	NOT-FOR-US: 4nForum
-CVE-2006-2759
+CVE-2006-2759 (jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary  ...)
 	- jetty <not-affected> (vulnerable code not in Debian version)
-CVE-2006-2758
+CVE-2006-2758 (Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allow ...)
 	- jetty <not-affected> (vulnerable code not in Debian version)
-CVE-2006-2757
+CVE-2006-2757 (Cross-site scripting (XSS) vulnerability in Chipmunk guestbook allows  ...)
 	NOT-FOR-US: Chipmunk guestbook
-CVE-2006-2756
+CVE-2006-2756 (Eitsop My Web Server 1.0 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Eitsop
-CVE-2006-2755
+CVE-2006-2755 (Cross-site scripting (XSS) vulnerability in index.php in UBBThreads 5. ...)
 	NOT-FOR-US: UBBThreads
-CVE-2006-2754
+CVE-2006-2754 (Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3. ...)
 	- openldap2.3 2.3.24-1 (bug #375494; bug #377047; unimportant)
 	NOTE: File is only written and read by slurpd, only editable by root
-CVE-2006-2752
+CVE-2006-2752 (The RedCarpet /etc/ximian/rcd.conf configuration file in Novell Linux  ...)
 	NOT-FOR-US: RedCarpet
-CVE-2006-2751
+CVE-2006-2751 (Cross-site scripting (XSS) vulnerability in Open Searchable Image Cata ...)
 	NOT-FOR-US: OSIC
-CVE-2006-2750
+CVE-2006-2750 (Cross-site scripting (XSS) vulnerability in the do_mysql_query functio ...)
 	NOT-FOR-US: OSIC
-CVE-2006-2749
+CVE-2006-2749 (SQL injection vulnerability in search.php in Open Searchable Image Cat ...)
 	NOT-FOR-US: OSIC
-CVE-2006-2748
+CVE-2006-2748 (SQL injection vulnerability in the do_mysql_query function in core.php ...)
 	NOT-FOR-US: OSIC
-CVE-2006-2747
+CVE-2006-2747 (Directory traversal vulnerability in index.php in PhpMyDesktop|arcade  ...)
 	NOT-FOR-US: PhpMyDesktop
-CVE-2006-2746
+CVE-2006-2746 (Multiple cross-site scripting (XSS) vulnerabilities in F@cile Interact ...)
 	NOT-FOR-US: F@cile
-CVE-2006-2745
+CVE-2006-2745 (Multiple PHP remote file inclusion vulnerabilities in F@cile Interacti ...)
 	NOT-FOR-US: F@cile
-CVE-2006-2744
+CVE-2006-2744 (PHP remote file inclusion vulnerability in p-popupgallery.php in F@cil ...)
 	NOT-FOR-US: F@cile
-CVE-2006-2743
+CVE-2006-2743 (Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_m ...)
 	{DSA-1125}
 	- drupal 4.5.8-1.1 (bug #368835; medium)
-CVE-2006-2742
+CVE-2006-2742 (SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 all ...)
 	{DSA-1125}
 	- drupal 4.5.8-1.1 (medium)
-CVE-2006-2741
+CVE-2006-2741 (Cross-site scripting (XSS) vulnerability in Epicdesigns tinyBB 0.3 all ...)
 	NOT-FOR-US: tinyBB
-CVE-2006-2740
+CVE-2006-2740 (Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow ...)
 	NOT-FOR-US: tinyBB
-CVE-2006-2739
+CVE-2006-2739 (PHP remote file inclusion vulnerability in footers.php in Epicdesigns  ...)
 	NOT-FOR-US: tinyBB
-CVE-2006-2738
+CVE-2006-2738 (The open source version of Open-Xchange 0.8.2 and earlier uses a stati ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2006-2737
+CVE-2006-2737 (utilities/register.asp in Nukedit 4.9.6 and earlier allows remote atta ...)
 	NOT-FOR-US: Nukedit
-CVE-2006-2736
+CVE-2006-2736 (PHP remote file inclusion vulnerability in blend_data/blend_common.php ...)
 	NOT-FOR-US: Blend Portal
-CVE-2006-2735
+CVE-2006-2735 (PHP remote file inclusion vulnerability in language/lang_english/lang_ ...)
 	NOT-FOR-US: Amod
-CVE-2006-2734
+CVE-2006-2734 (enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote atta ...)
 	NOT-FOR-US: Mini-Nuke
-CVE-2006-2733
+CVE-2006-2733 (membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security co ...)
 	NOT-FOR-US: Mini-Nuke
-CVE-2006-2732
+CVE-2006-2732 (SQL injection vulnerability in Your_Account.asp in Mini-Nuke 2.3 and e ...)
 	NOT-FOR-US: Mini-Nuke
-CVE-2006-2731
+CVE-2006-2731 (Multiple SQL injection vulnerabilities in Enigma Haber 4.3 and earlier ...)
 	NOT-FOR-US: Enigma Haber
-CVE-2006-2730
+CVE-2006-2730 (PHP remote file inclusion vulnerability in admin/lib_action_step.php i ...)
 	NOT-FOR-US: Hot Open Tickets
-CVE-2006-2729
+CVE-2006-2729 (Cross-site scripting (XSS) vulnerability in superalbum/index.php in Ph ...)
 	NOT-FOR-US: Photoalbum
-CVE-2006-2728
+CVE-2006-2728 (Cross-site scripting (XSS) vulnerability in superalbum/index.php in Ph ...)
 	NOT-FOR-US: Photoalbum
-CVE-2006-2727
+CVE-2006-2727 (home/register.php in Eggblog before 3.0 allows remote attackers to cha ...)
 	NOT-FOR-US: Eggblog
-CVE-2006-2726
+CVE-2006-2726 (PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d all ...)
 	NOT-FOR-US: Fastpublish
-CVE-2006-2725
+CVE-2006-2725 (SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 al ...)
 	NOT-FOR-US: Eggblog
-CVE-2006-2724
+CVE-2006-2724 (Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote ...)
 	NOT-FOR-US: PunBB
-CVE-2006-2723
+CVE-2006-2723 (Unspecified versions of Mozilla Firefox allow remote attackers to caus ...)
 	- firefox 45.0-1 (unimportant)
 	- firefox-esr 45.0esr-1 (unimportant)
 	- iceweasel <removed> (unimportant)
@@ -10203,132 +10203,132 @@ CVE-2006-2723
 	- mozilla-firefox <removed> (unimportant)
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Non-issue
-CVE-2006-2722
+CVE-2006-2722 (SQL injection vulnerability in view_album.php in SelectaPix 1.4 allows ...)
 	NOT-FOR-US: SelectaPix
-CVE-2006-2721
+CVE-2006-2721 (Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT allow ...)
 	NOT-FOR-US: VARIOMAT
-CVE-2006-2720
+CVE-2006-2720 (SQL injection vulnerability in news.php in VARIOMAT allows remote atta ...)
 	NOT-FOR-US: VARIOMAT
-CVE-2006-2719
+CVE-2006-2719 (JIWA Financials 6.4.14 stores usernames and passwords for all accounts ...)
 	NOT-FOR-US: JIWA
-CVE-2006-2718
+CVE-2006-2718 (JIWA Financials 6.4.14 passes a Microsoft SQL Server account's usernam ...)
 	NOT-FOR-US: JIWA
-CVE-2006-2717
+CVE-2006-2717 (Unspecified vulnerability in Secure Elements Class 5 AVR client and se ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2716
+CVE-2006-2716 (Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a ha ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2715
+CVE-2006-2715 (The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2714
+CVE-2006-2714 (Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 does not  ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2713
+CVE-2006-2713 (Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 generates ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2712
+CVE-2006-2712 (Secure Elements Class 5 AVR (aka C5 EVM) client and server before 2.8. ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2711
+CVE-2006-2711 (Secure Elements Class 5 AVR (aka C5 EVM) 2.8.1 and earlier, and possib ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2710
+CVE-2006-2710 (Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 uses the same in ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2709
+CVE-2006-2709 (Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 do not validate  ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2708
+CVE-2006-2708 (Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows re ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2707
+CVE-2006-2707 (Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not  ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2706
+CVE-2006-2706 (Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows re ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2705
+CVE-2006-2705 (Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows re ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2704
+CVE-2006-2704 (Secure Elements Class 5 AVR server and client (aka C5 EVM) before 2.8. ...)
 	NOT-FOR-US: C5 EVM
-CVE-2006-2703
+CVE-2006-2703 (The RedCarpet command-line client (rug) does not verify SSL certificat ...)
 	NOT-FOR-US: RedCarpet
-CVE-2006-2702
+CVE-2006-2702 (vars.php in WordPress 2.0.2, possibly when running on Mac OS X, allows ...)
 	- wordpress 2.0.3-1 (bug #369014; medium)
-CVE-2006-2701
+CVE-2006-2701 (SQL injection vulnerability in Geeklog 1.4.0sr2 and earlier allows rem ...)
 	NOT-FOR-US: Geeklog
-CVE-2006-2700
+CVE-2006-2700 (SQL injection vulnerability in admin/auth.inc.php in Geeklog 1.4.0sr2  ...)
 	NOT-FOR-US: Geeklog
-CVE-2006-2699
+CVE-2006-2699 (Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1. ...)
 	NOT-FOR-US: Geeklog
-CVE-2006-2698
+CVE-2006-2698 (Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the ful ...)
 	NOT-FOR-US: Geeklog
-CVE-2006-2697
+CVE-2006-2697 (Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allo ...)
 	NOT-FOR-US: Easy-Content
-CVE-2006-2696
+CVE-2006-2696 (Cross-site scripting (XSS) vulnerabilities in Easy-Content Forums 1.0  ...)
 	NOT-FOR-US: Easy-Content
-CVE-2006-2695
+CVE-2006-2695 (admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers  ...)
 	NOT-FOR-US: DGNews
-CVE-2006-2694
+CVE-2006-2694 (Multiple PHP remote file inclusion vulnerabilities in EzUpload Pro 2.1 ...)
 	NOT-FOR-US: EzUpload
-CVE-2006-2693
+CVE-2006-2693 (Directory traversal vulnerability in admin/admin_hacks_list.php in Niv ...)
 	NOT-FOR-US: Nivisec
-CVE-2006-2692
+CVE-2006-2692 (Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1. ...)
 	- amule 2.1.2-1 (medium)
-CVE-2006-2691
+CVE-2006-2691 (Unspecified "information leakage" vulnerabilities in aMuleWeb for AMul ...)
 	- amule 2.1.2-1 (medium)
-CVE-2006-2690
+CVE-2006-2690 (An unspecified script in EVA-Web 2.1.2 and earlier, probably index.php ...)
 	NOT-FOR-US: EVA-Web
-CVE-2006-2689
+CVE-2006-2689 (Multiple cross-site scripting (XSS) vulnerabilities in EVA-Web 2.1.2 a ...)
 	NOT-FOR-US: EVA-Web
-CVE-2006-2688
+CVE-2006-2688 (SQL injection vulnerability in the employees node (class.employee.inc) ...)
 	NOT-FOR-US: Achievo
-CVE-2006-2687
+CVE-2006-2687 (Cross-site scripting (XSS) vulnerability in adduser.php in PHP-AGTC Me ...)
 	NOT-FOR-US: AGTC
-CVE-2006-2686
+CVE-2006-2686 (PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow re ...)
 	NOT-FOR-US: ActionApps
-CVE-2006-2685
+CVE-2006-2685 (PHP remote file inclusion vulnerability in Basic Analysis and Security ...)
 	- acidbase 1.2.5-1 (bug #370576; low)
-CVE-2006-2684
+CVE-2006-2684 (Cross-site scripting (XSS) vulnerability in the search module in CMS M ...)
 	NOT-FOR-US: Mundo
-CVE-2006-2683
+CVE-2006-2683 (PHP remote file inclusion vulnerability in 404.php in open-medium.CMS  ...)
 	NOT-FOR-US: open-medium
-CVE-2006-2682
+CVE-2006-2682 (PHP remote file inclusion vulnerability in BE_config.php in Back-End C ...)
 	NOT-FOR-US: Back-End
-CVE-2006-2681
+CVE-2006-2681 (PHP remote file inclusion vulnerability in SocketMail Lite and Pro 2.2 ...)
 	NOT-FOR-US: SocketMail
-CVE-2006-2680
+CVE-2006-2680 (Cross-site scripting (XSS) vulnerability in index.php in AZ Photo Albu ...)
 	NOT-FOR-US: AZ Photo Album
-CVE-2006-2679
+CVE-2006-2679 (Unspecified vulnerability in the VPN Client for Windows Graphical User ...)
 	NOT-FOR-US: Cisco
-CVE-2006-2678
+CVE-2006-2678 (Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manage ...)
 	NOT-FOR-US: Pre News Manager
-CVE-2006-2677
+CVE-2006-2677 (SiteScape Forum 7.2 and possibly earlier stores the avf.rc configurait ...)
 	NOT-FOR-US: SiteScape Forum
-CVE-2006-2676
+CVE-2006-2676 (Dispatch.cgi/_user/uservCard/ in SiteScape Forum 7.2 and possibly earl ...)
 	NOT-FOR-US: SiteScape Forum
-CVE-2006-2675
+CVE-2006-2675 (PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads  ...)
 	NOT-FOR-US: UBBThreads
-CVE-2006-2674
+CVE-2006-2674 (Multiple SQL injection vulnerabilities in Tamber Forum 1.9.13 and earl ...)
 	NOT-FOR-US: Tamber Forum
-CVE-2006-2673
+CVE-2006-2673 (Cross-site scripting (XSS) vulnerability in search.html in Bulletin Bo ...)
 	NOT-FOR-US: Elite-Board
-CVE-2006-2672
+CVE-2006-2672 (Multiple cross-site scripting (XSS) vulnerabilities in Realty Pro One  ...)
 	NOT-FOR-US: Realty Pro One
-CVE-2006-2671
+CVE-2006-2671 (SQL injection vulnerability in ChatPat 1.0 allows remote attackers to  ...)
 	NOT-FOR-US: ChatPat
-CVE-2006-2670
+CVE-2006-2670 (Multiple cross-site scripting (XSS) vulnerabilities in ChatPat 1.0 all ...)
 	NOT-FOR-US: ChatPat
-CVE-2006-2669
+CVE-2006-2669 (Multiple cross-site scripting (XSS) vulnerabilities in Pre Shopping Ma ...)
 	NOT-FOR-US: Pre Shopping Mall
-CVE-2006-2668
+CVE-2006-2668 (Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 2.05  ...)
 	NOT-FOR-US: Docebo LMS
-CVE-2006-2667
+CVE-2006-2667 (Direct static code injection vulnerability in WordPress 2.0.2 and earl ...)
 	- wordpress 2.0.3-1 (bug #369014; medium)
-CVE-2006-2666
+CVE-2006-2666 (PHP remote file inclusion vulnerability in includes/mailaccess/pop3.ph ...)
 	NOT-FOR-US: V-Webmail
-CVE-2006-2665
+CVE-2006-2665 (PHP remote file inclusion vulnerability in includes/mailaccess/pop3/co ...)
 	NOT-FOR-US: V-Webmail
-CVE-2006-2664
+CVE-2006-2664 (Cross-site scripting (XSS) vulnerability in iFdate 1.2 allows remote a ...)
 	NOT-FOR-US: iFdate
-CVE-2006-2663
+CVE-2006-2663 (Multiple cross-site scripting (XSS) vulnerabilities in iFlance 1.1 all ...)
 	NOT-FOR-US: iFlance
-CVE-2006-2662
+CVE-2006-2662 (VMware Server before RC1 does not clear user credentials from memory a ...)
 	NOT-FOR-US: VMware Server
-CVE-2006-2661
+CVE-2006-2661 (ftutil.c in Freetype before 2.2 allows remote attackers to cause a den ...)
 	{DSA-1095-1}
 	- freetype 2.2.1-1 (medium)
-CVE-2006-2660
+CVE-2006-2660 (Buffer consumption vulnerability in the tempnam function in PHP 5.1.4  ...)
 	- php4 4:4.4.4-1 (unimportant)
 	- php5 5.1.6-1 (unimportant)
 	NOTE: using a long enough path (>MAXPATHLEN) allows you to have
@@ -10337,81 +10337,81 @@ CVE-2006-2660
 	NOTE: could just as easily create the file manually, and if the
 	NOTE: tempnam function is taking unsanitized input, it's an
 	NOTE: application error
-CVE-2006-2658
+CVE-2006-2658 (Directory traversal vulnerability in the xsp component in mod_mono in  ...)
 	- xsp 1.1.15-1
 CVE-2006-2657
 	REJECTED
-CVE-2006-2655
+CVE-2006-2655 (The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally dis ...)
 	NOT-FOR-US: build process for ypserv in FreeBSD
-CVE-2006-2654
+CVE-2006-2654 (Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to ...)
 	NOT-FOR-US: FreeBSD-specific (see CVE-2006-1864 for Linux-specific CVE)
-CVE-2006-2653
+CVE-2006-2653 (Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Li ...)
 	NOT-FOR-US: D-Link
-CVE-2006-2652
+CVE-2006-2652 (Cross-site scripting (XSS) vulnerability in WikiNi 0.4.2 and earlier a ...)
 	NOT-FOR-US: WikiNi
-CVE-2006-2651
+CVE-2006-2651 (Cross-site scripting (XSS) vulnerability in index.php in Vacation Rent ...)
 	NOT-FOR-US: Vacation Rental Script
-CVE-2006-2650
+CVE-2006-2650 (SQL injection vulnerability in cosmicshop/search.php in CosmicShopping ...)
 	NOT-FOR-US: CosmicShoppingCart
-CVE-2006-2649
+CVE-2006-2649 (Multiple cross-site scripting (XSS) vulnerabilities in (a) search.php, ...)
 	NOT-FOR-US: CosmicShoppingCart
-CVE-2006-2648
+CVE-2006-2648 (Cross-site scripting (XSS) vulnerability in perform_search.asp for ASP ...)
 	NOT-FOR-US: ASPBB
-CVE-2006-2647
+CVE-2006-2647 (Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5 ...)
 	NOT-FOR-US: IBM AIX
-CVE-2006-2646
+CVE-2006-2646 (Buffer overflow in Alt-N MDaemon, possibly 9.0.1 and earlier, allows r ...)
 	NOT-FOR-US: Alt-N MDaemon
-CVE-2006-2645
+CVE-2006-2645 (PHP remote file inclusion vulnerability in manager/frontinc/prepend.ph ...)
 	NOT-FOR-US: Plume
-CVE-2006-2644
+CVE-2006-2644 (AWStats 6.5, and possibly other versions, allows remote authenticated  ...)
 	{DSA-1075-1}
 	- awstats 6.5-2 (bug #365910)
 CVE-2006-XXXX [specialy crafted WAV turns mkvmerge into a malloc bomb]
 	- mkvtoolnix 1.7.0-2 (bug #370144; low)
 CVE-2006-XXXX ['Cache' shell injection vulnerability]
 	- wordpress 2.0.3-1 (high; bug #369014)
-CVE-2006-2753
+CVE-2006-2753 (SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x bef ...)
 	{DSA-1092-1}
 	- mysql-dfsg <not-affected> (Vulnerable code was introduced in 4.1, see #369741)
 	- mysql <not-affected> (Vulnerable code was introduced in 4.1, see #369754)
 	- mysql-dfsg-5.0 5.0.22-1 (bug #369735; medium)
 	- mysql-dfsg-4.1 <removed> (bug #369754; medium)
-CVE-2006-2659
+CVE-2006-2659 (libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause  ...)
 	{DSA-1101}
 	- courier 0.53.2-1 (bug #368834)
-CVE-2006-2656
+CVE-2006-2656 (Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2  ...)
 	{DSA-1091-1}
 	- tiff 3.8.2-3 (bug #369819; low)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-2643
+CVE-2006-2643 (Cross-site scripting (XSS) vulnerability in index.php in Monster Top L ...)
 	NOT-FOR-US: Monster Top List
 CVE-2006-2642
 	NOT-FOR-US: Php-residence
 CVE-2006-2641
 	NOT-FOR-US: John Frank Asset Manager
-CVE-2006-2640
+CVE-2006-2640 (Cross-site scripting (XSS) vulnerability in OmegaMw7a.ASP in OMEGA (ak ...)
 	NOT-FOR-US: OMEGA INterneSErvicesLosungen (INSEL)
-CVE-2006-2639
+CVE-2006-2639 (Cross-site scripting (XSS) vulnerability in the input forms in prattmi ...)
 	NOT-FOR-US: PHPSimpleChoose
-CVE-2006-2638
+CVE-2006-2638 (SQL injection vulnerability in member.asp in qjForum allows remote att ...)
 	NOT-FOR-US: qjForum
-CVE-2006-2637
+CVE-2006-2637 (Cross-site scripting (XSS) vulnerability in view.php in TuttoPhp (1) M ...)
 	NOT-FOR-US: TuttoPhp
-CVE-2006-2636
+CVE-2006-2636 (newsadmin.asp in Katy Whitton NewsCMSLite allows remote attackers to b ...)
 	NOT-FOR-US: Katy Whitton NewsCMSLite
-CVE-2006-2635
+CVE-2006-2635 (Multiple cross-site scripting (XSS) vulnerabilities in Tikiwiki (aka T ...)
 	- tikiwiki 1.9.4-1 (medium)
-CVE-2006-2634
+CVE-2006-2634 (Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under ( ...)
 	NOT-FOR-US: Neocrome Seditio
-CVE-2006-2633
+CVE-2006-2633 (Absolute path traversal vulnerability in the copy action in index.php  ...)
 	NOT-FOR-US: Andrew Godwin ByteHoard
-CVE-2006-2632
+CVE-2006-2632 (Cross-site scripting (XSS) vulnerability in Andrew Godwin ByteHoard 2. ...)
 	NOT-FOR-US: Andrew Godwin ByteHoard
-CVE-2006-2631
+CVE-2006-2631 (phpFoX allows remote authenticated users to modify arbitrary accounts  ...)
 	NOT-FOR-US: phpFoX
-CVE-2006-2630
+CVE-2006-2630 (Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Secu ...)
 	NOT-FOR-US: Symantec
-CVE-2006-2629
+CVE-2006-2629 (Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP p ...)
 	- linux-2.6 2.6.18-1 (low)
 CVE-2006-2628
 	RESERVED
@@ -10433,39 +10433,39 @@ CVE-2006-2620
 	RESERVED
 CVE-2006-2619
 	RESERVED
-CVE-2006-2618
+CVE-2006-2618 (Cross-site scripting (XSS) vulnerability in (1) AlstraSoft Web Host Di ...)
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2006-2617
+CVE-2006-2617 ((1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Direc ...)
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2006-2616
+CVE-2006-2616 (SQL injection vulnerability in the search script in (1) AlstraSoft Web ...)
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2006-2615
+CVE-2006-2615 (ping.php in Russcom.Ping allows remote attackers to execute arbitrary  ...)
 	NOT-FOR-US: Russcom.Ping
-CVE-2006-2614
+CVE-2006-2614 (Sun N1 System Manager 1.1 for Solaris 10 before patch 121161-01 record ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2006-2613
+CVE-2006-2613 (Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versi ...)
 	NOTE: Installation path disclosure is uninteresting on Debian systems.
 	NOTE: The profile path might be more sensitive, but exploit that
 	NOTE: requires another, real security bug.
-CVE-2006-2612
+CVE-2006-2612 (Novell Client for Windows 4.8 and 4.9 does not restrict access to the  ...)
 	NOT-FOR-US: Novell Client for Windows
 	NOTE: The Windows clipboard is a public resource anyway.
-CVE-2006-2611
+CVE-2006-2611 (Cross-site scripting (XSS) vulnerability in includes/Sanitizer.php in  ...)
 	- mediawiki1.7 <not-affected> (Fixed in 1.7 prior to release)
 	- mediawiki1.5 <removed>
-CVE-2006-2610
+CVE-2006-2610 (Cross-site scripting (XSS) vulnerability in view.php in phpRaid 2.9.5  ...)
 	NOT-FOR-US: phpRaid
-CVE-2006-2609
+CVE-2006-2609 (artmedic newsletter 4.1.2 and possibly other versions, when register_g ...)
 	NOT-FOR-US: artmedic newsletter
-CVE-2006-2608
+CVE-2006-2608 (artmedic newsletter 4.1 and possibly other versions, when register_glo ...)
 	NOT-FOR-US: artmedic newsletter
 CVE-2006-XXXX [mono xsp file disclosure]
 	- xsp 1.1.15-1 (medium)
-CVE-2006-2607
+CVE-2006-2607 (do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return  ...)
 	- cron 3.0pl1-64 (bug #85609; bug #86775; medium)
-CVE-2006-2606
+CVE-2006-2606 (Cross-site scripting (XSS) vulnerability in Chatty, possibly 1.0.2 and ...)
 	NOT-FOR-US: Chatty
-CVE-2006-2605
+CVE-2006-2605 (Cross-site scripting (XSS) vulnerability in DSChat 1.0 and earlier all ...)
 	NOT-FOR-US: DSChat
 CVE-2006-2604
 	REJECTED
@@ -10491,284 +10491,284 @@ CVE-2006-2594
 	REJECTED
 CVE-2006-2593
 	REJECTED
-CVE-2006-2592
+CVE-2006-2592 (Unspecified vulnerability in DSChat 1.0 allows remote attackers to exe ...)
 	NOT-FOR-US: DSChat
-CVE-2006-2591
+CVE-2006-2591 (Unspecified vulnerability in e107 before 0.7.5 has unknown impact and  ...)
 	NOT-FOR-US: e107
-CVE-2006-2590
+CVE-2006-2590 (SQL injection vulnerability in e107 before 0.7.5 allows remote attacke ...)
 	NOT-FOR-US: e107
-CVE-2006-2589
+CVE-2006-2589 (SQL injection vulnerability in rss.php in MyBB (aka MyBulletinBoard) 1 ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-2588
+CVE-2006-2588 (Russcom PHPImages allows remote attackers to upload files of arbitrary ...)
 	NOT-FOR-US: Russcom PHPImages
-CVE-2006-2587
+CVE-2006-2587 (Buffer overflow in the WebTool HTTP server component in (1) PunkBuster ...)
 	NOT-FOR-US: WebTool HTTP server
-CVE-2006-2586
+CVE-2006-2586 (Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier a ...)
 	NOT-FOR-US: IpLogger
-CVE-2006-2585
+CVE-2006-2585 (SQL injection vulnerability in Destiney Links Script 2.1.2 allows remo ...)
 	NOT-FOR-US: Destiney Links Script
-CVE-2006-2584
+CVE-2006-2584 (Multiple cross-site scripting (XSS) vulnerabilities in post.php in Sky ...)
 	NOT-FOR-US: SkyeBox
-CVE-2006-2583
+CVE-2006-2583 (PHP remote file inclusion vulnerability in nucleus/libs/PLUGINADMIN.ph ...)
 	NOT-FOR-US: Nucleus
-CVE-2006-2582
+CVE-2006-2582 (The editing form in RWiki 2.1.0pre1 through 2.1.0 allows remote attack ...)
 	NOT-FOR-US: RWiki
-CVE-2006-2581
+CVE-2006-2581 (Cross-site scripting (XSS) vulnerability in Wiki content in RWiki 2.1. ...)
 	NOT-FOR-US: RWiki
-CVE-2006-2580
+CVE-2006-2580 (Multiple unspecified vulnerabilities in HP OpenView Network Node Manag ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2006-2579
+CVE-2006-2579 (Unspecified vulnerability in HP OpenView Storage Data Protector 5.1 an ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2006-2578
+CVE-2006-2578 (admin/cron.php in eSyndicat Directory 1.2, when register_globals is en ...)
 	NOT-FOR-US: eSyndicat Directory
-CVE-2006-2577
+CVE-2006-2577 (Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and ...)
 	NOT-FOR-US: Docebo
-CVE-2006-2576
+CVE-2006-2576 (Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and ...)
 	NOT-FOR-US: Docebo
-CVE-2006-2575
+CVE-2006-2575 (The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and earl ...)
 	- netpanzer 0.8+svn20060319-2 (bug #370146; low)
 	[sarge] - netpanzer <no-dsa> (Minor DoS against a game)
-CVE-2006-2574
+CVE-2006-2574 (Multiple unspecified vulnerabilities in Software Distributor in HP-UX  ...)
 	NOT-FOR-US: Software Distributor in HP-UX
-CVE-2006-2573
+CVE-2006-2573 (SQL injection vulnerability in index.php in DGBook 1.0, with magic_quo ...)
 	NOT-FOR-US: DGBook
-CVE-2006-2572
+CVE-2006-2572 (Cross-site scripting (XSS) vulnerability in index.php in DGBook 1.0 al ...)
 	NOT-FOR-US: DGBook
-CVE-2006-2571
+CVE-2006-2571 (Cross-site scripting (XSS) vulnerability in search.html in Alkacon Ope ...)
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2006-2570
+CVE-2006-2570 (PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 all ...)
 	NOT-FOR-US: CaLogic Calendars
-CVE-2006-2569
+CVE-2006-2569 (SQL injection vulnerability in links.php in 4R Linklist 1.0 RC2 and ea ...)
 	NOT-FOR-US: Linklist
-CVE-2006-2568
+CVE-2006-2568 (PHP remote file inclusion vulnerability in addpost_newpoll.php in UBB. ...)
 	NOT-FOR-US: UBB.threads
-CVE-2006-2567
+CVE-2006-2567 (Cross-site scripting (XSS) vulnerability in submit_article.php in Alst ...)
 	NOT-FOR-US: Alstrasoft Article Manager Pro
-CVE-2006-2566
+CVE-2006-2566 (Alstrasoft Article Manager Pro 1.6 allows remote attackers to obtain s ...)
 	NOT-FOR-US: Alstrasoft Article Manager Pro
-CVE-2006-2565
+CVE-2006-2565 (SQL injection vulnerability in Alstrasoft Article Manager Pro 1.6 allo ...)
 	NOT-FOR-US: Alstrasoft Article Manager Pro
-CVE-2006-2564
+CVE-2006-2564 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Al ...)
 	NOT-FOR-US: Alstrasoft Article Manager Pro
-CVE-2006-2563
+CVE-2006-2563 (The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to  ...)
 	- php4 4:4.4.4-1 (bug #370166; unimportant)
 	- php5 5.1.6-1 (bug #370165; unimportant)
 	NOTE: Safe mode violations are not supported
-CVE-2006-2562
+CVE-2006-2562 (ZyXEL P-335WT router allows remote attackers to bypass access restrict ...)
 	NOT-FOR-US: ZyXEL P-335WT router
-CVE-2006-2561
+CVE-2006-2561 (Edimax BR-6104K router allows remote attackers to bypass access restri ...)
 	NOT-FOR-US: Edimax BR-6104K router
-CVE-2006-2560
+CVE-2006-2560 (Sitecom WL-153 router firmware before 1.38 allows remote attackers to  ...)
 	NOT-FOR-US: Sitecom WL-153 router
-CVE-2006-2559
+CVE-2006-2559 (Linksys WRT54G Wireless-G Broadband Router allows remote attackers to  ...)
 	NOT-FOR-US: Linksys WRT54G router
-CVE-2006-2558
+CVE-2006-2558 (Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier a ...)
 	NOT-FOR-US: IpLogger
-CVE-2006-2557
+CVE-2006-2557 (PHP remote file inclusion vulnerability in extras/poll/poll.php in Flo ...)
 	NOT-FOR-US: Newsportal
-CVE-2006-2556
+CVE-2006-2556 (Cross-site scripting (XSS) vulnerability in Florian Amrhein NewsPortal ...)
 	- newsportal <itp> (bug #149069)
 	NOTE: RFP #149069 closed after no activity since too long time
-CVE-2006-2555
+CVE-2006-2555 (The parse_command function in Genecys 0.2 and earlier allows remote at ...)
 	NOT-FOR-US: Genecys
-CVE-2006-2554
+CVE-2006-2554 (Buffer overflow in the tell_player_surr_changes function in Genecys 0. ...)
 	NOT-FOR-US: Genecys
-CVE-2006-2553
+CVE-2006-2553 (Cross-site scripting (XSS) vulnerability in Jemscripts DownloadControl ...)
 	NOT-FOR-US: DownloadControl
-CVE-2006-2552
+CVE-2006-2552 (Jemscripts DownloadControl 1.0 allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: DownloadControl
-CVE-2006-2551
+CVE-2006-2551 (Unspecified vulnerability in the kernel in HP-UX B.11.00 allows local  ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-2550
+CVE-2006-2550 (perlpodder before 0.5 allows remote attackers to execute arbitrary cod ...)
 	NOT-FOR-US: perlpodder
-CVE-2006-2549
+CVE-2006-2549 (Stack-based buffer overflow in PDF Form Filling and Flattening Tool be ...)
 	NOT-FOR-US: PDF Form Filling and Flattening Tool
-CVE-2006-2548
+CVE-2006-2548 (Prodder before 0.5, and perlpodder before 0.5, allows remote attackers ...)
 	NOT-FOR-US: prodder/perlpodder
-CVE-2006-2547
+CVE-2006-2547 (Unspecified vulnerability in the sapdba command in SAP with Informix b ...)
 	NOT-FOR-US: Sap
-CVE-2006-2546
+CVE-2006-2546 (A recommended admin password reset mechanism for BEA WebLogic Server 8 ...)
 	NOT-FOR-US: BEA
-CVE-2006-2545
+CVE-2006-2545 (Multiple cross-site scripting (XSS) vulnerabilities in Xtreme Topsites ...)
 	NOT-FOR-US: Xtreme Topsites
-CVE-2006-2544
+CVE-2006-2544 (Multiple SQL injection vulnerabilities in Xtreme Topsites 1.1, with ma ...)
 	NOT-FOR-US: Xtreme Topsites
-CVE-2006-2543
+CVE-2006-2543 (Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors an ...)
 	NOT-FOR-US: Xtreme Topsites
-CVE-2006-2542
+CVE-2006-2542 (xmcdconfig in xmcd for Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb ...)
 	{DSA-1086-1}
 	- xmcd 2.6-17.2 (bug #366816; medium)
-CVE-2006-2541
+CVE-2006-2541 (SQL injection vulnerability in settings.asp in Zixforum 1.12 allows re ...)
 	NOT-FOR-US: Zixforum
-CVE-2006-2540
+CVE-2006-2540 (Privacy leak in install.php for Diesel PHP Job Site sends sensitive in ...)
 	NOT-FOR-US: Diesel
-CVE-2006-2539
+CVE-2006-2539 (Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, ...)
 	NOT-FOR-US: Sybase
-CVE-2006-2538
+CVE-2006-2538 (IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-ass ...)
 	NOT-FOR-US: Windows-only Firefox plugin
-CVE-2006-2537
+CVE-2006-2537 (Multiple format string vulnerabilities in (a) OpenBOR 2.0046 and earli ...)
 	NOT-FOR-US: *BOR
-CVE-2006-2536
+CVE-2006-2536 (Cross-site scripting (XSS) vulnerability in Destiney Links Script 2.1. ...)
 	NOT-FOR-US: Destiney
-CVE-2006-2535
+CVE-2006-2535 (index.php in Destiney Links Script 2.1.2 allows remote attackers to ob ...)
 	NOT-FOR-US: Destiney
-CVE-2006-2534
+CVE-2006-2534 (Destiney Links Script 2.1.2 does not protect library and other support ...)
 	NOT-FOR-US: Destiney
-CVE-2006-2533
+CVE-2006-2533 (Cross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2)  ...)
 	NOT-FOR-US: Destiney
-CVE-2006-2532
+CVE-2006-2532 (stats.php in Destiney Rated Images Script 0.5.0 allows remote attacker ...)
 	NOT-FOR-US: Destiney
-CVE-2006-2531
+CVE-2006-2531 (Ipswitch WhatsUp Professional 2006 only verifies the user's identity v ...)
 	NOT-FOR-US: Ipswitch
-CVE-2006-2530
+CVE-2006-2530 (avatar_upload.asp in Avatar MOD 1.3 for Snitz Forums 3.4, and possibly ...)
 	NOT-FOR-US: Snitz mod
-CVE-2006-2529
+CVE-2006-2529 (editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, ...)
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
-CVE-2006-2528
+CVE-2006-2528 (PHP remote file inclusion vulnerability in classified_right.php in php ...)
 	NOT-FOR-US: phpBazar
-CVE-2006-2527
+CVE-2006-2527 (Admin/admin.php in phpBazar 2.1.0 and earlier allows remote attackers  ...)
 	NOT-FOR-US: phpBazar
-CVE-2006-2526
+CVE-2006-2526 (PHP remote file inclusion vulnerability in index.php in PHP Easy Galer ...)
 	NOT-FOR-US: PHP Easy Galerie
-CVE-2006-2525
+CVE-2006-2525 (SQL injection vulnerability in UseBB 1.0 RC1 and earlier allows remote ...)
 	NOT-FOR-US: UseBB
-CVE-2006-2524
+CVE-2006-2524 (Cross-site scripting (XSS) vulnerability in UseBB 1.0 RC1 and earlier  ...)
 	NOT-FOR-US: UseBB
-CVE-2006-2523
+CVE-2006-2523 (PHP remote file inclusion vulnerability in config.php in phpListPro 2. ...)
 	NOT-FOR-US: phpListPro
-CVE-2006-2522
+CVE-2006-2522 (Dayfox Blog 2.0 and earlier stores user credentials in edit/slog_users ...)
 	NOT-FOR-US: Dayfox
-CVE-2006-2521
+CVE-2006-2521 (PHP remote file inclusion vulnerability in cron.php in phpMyDirectory  ...)
 	NOT-FOR-US: phpMyDirectory
-CVE-2006-2520
+CVE-2006-2520 (Directory traversal vulnerability in BitZipper 4.1.2 SR-1 and earlier  ...)
 	NOT-FOR-US: BitZipper
-CVE-2006-2519
+CVE-2006-2519 (Directory traversal vulnerability in include/inc_ext/spaw/spaw_control ...)
 	NOT-FOR-US: phpwcms
-CVE-2006-2518
+CVE-2006-2518 (Cross-site scripting (XSS) vulnerability in phpwcms 1.2.5-DEV allows r ...)
 	NOT-FOR-US: phpwcms
-CVE-2006-2517
+CVE-2006-2517 (SQL injection vulnerability in MyWeb Portal Office, Standard Edition,  ...)
 	NOT-FOR-US: MyWeb
-CVE-2006-2516
+CVE-2006-2516 (mainfile.php in XOOPS 2.0.13.2 and earlier, when register_globals is e ...)
 	NOT-FOR-US: XOOPS
-CVE-2006-2515
+CVE-2006-2515 (Cross-site scripting (XSS) vulnerability in index.php in Hiox Guestboo ...)
 	NOT-FOR-US: Hiox
-CVE-2006-2514
+CVE-2006-2514 (Coppermine galleries before 1.4.6, when running on Apache with mod_mim ...)
 	NOT-FOR-US: Coppermine
-CVE-2006-2513
+CVE-2006-2513 (Unspecified vulnerability in the installation process in Sun Java Syst ...)
 	NOT-FOR-US: Sun
-CVE-2006-2512
+CVE-2006-2512 (SQL injection vulnerability in Hitachi EUR Professional Edition, EUR V ...)
 	NOT-FOR-US: Hitachi
-CVE-2006-2511
+CVE-2006-2511 (The ActiveX version of FrontRange iHEAT allows remote authenticated us ...)
 	NOT-FOR-US: FrontRange
-CVE-2006-2510
+CVE-2006-2510 (Cross-site scripting (XSS) vulnerability in the URL submission form in ...)
 	NOT-FOR-US: YourFreeWorld.com
-CVE-2006-2509
+CVE-2006-2509 (SQL injection vulnerability in login.php in YourFreeWorld.com Short Ur ...)
 	NOT-FOR-US: YourFreeWorld.com
-CVE-2006-2508
+CVE-2006-2508 (SQL injection vulnerability in tr1.php in YourFreeWorld.com Stylish Te ...)
 	NOT-FOR-US: YourFreeWorld.com
-CVE-2006-2507
+CVE-2006-2507 (Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foin ...)
 	NOT-FOR-US: phpbb2 mod
-CVE-2006-2506
+CVE-2006-2506 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in S ...)
 	NOT-FOR-US: Sphider
-CVE-2006-2505
+CVE-2006-2505 (Oracle Database Server 10g Release 2 allows local users to execute arb ...)
 	NOT-FOR-US: Oracle
-CVE-2006-2504
+CVE-2006-2504 (Multiple SQL injection vulnerabilities in mono AZBOARD 1.0 and earlier ...)
 	NOT-FOR-US: AZBOARD
-CVE-2006-2503
+CVE-2006-2503 (SQL injection vulnerability in misc.php in DeluxeBB 1.06 allows remote ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2006-2502
+CVE-2006-2502 (Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3. ...)
 	- cyrus-imapd-2.2 <not-affected> (Vulnerable code not present)
-CVE-2006-2501
+CVE-2006-2501 (Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 ...)
 	NOT-FOR-US: Sun
-CVE-2006-2500
+CVE-2006-2500 (Cross-site scripting (XSS) vulnerability in add_news.asp in CodeAvalan ...)
 	NOT-FOR-US: CodeAvalanche News
-CVE-2006-2499
+CVE-2006-2499 (SQL injection vulnerability in default.asp in CodeAvalanche News (CANe ...)
 	NOT-FOR-US: CodeAvalanche News
-CVE-2006-2498
+CVE-2006-2498 (Invision Power Board (IPB) before 2.1.6 allows remote attackers to exe ...)
 	NOT-FOR-US: Invision
-CVE-2006-2497
+CVE-2006-2497 (Multiple cross-site scripting (XSS) vulnerabilities in AspBB 0.5.2 all ...)
 	NOT-FOR-US: AspBB
-CVE-2006-2496
+CVE-2006-2496 (Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote ...)
 	NOT-FOR-US: Novell
-CVE-2006-2495
+CVE-2006-2495 (Cross-site request forgery (CSRF) vulnerability in the Entry Manager i ...)
 	- serendipity 1.0-1
-CVE-2006-2494
+CVE-2006-2494 (Stack-based buffer overflow in IntelliTamper 2.07 allows remote attack ...)
 	NOT-FOR-US: IntelliTampe
 CVE-2006-2493
 	REJECTED
-CVE-2006-2492
+CVE-2006-2492 (Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, O ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2491
+CVE-2006-2491 (Cross-site scripting (XSS) vulnerability in (1) index.php and (2) bmc/ ...)
 	NOT-FOR-US: BoastMachine
-CVE-2006-2490
+CVE-2006-2490 (Multiple cross-site scripting (XSS) vulnerabilities in Mobotix IP Netw ...)
 	NOT-FOR-US: Mobotix
-CVE-2006-2489
+CVE-2006-2489 (Integer overflow in CGI scripts in Nagios 1.x before 1.4.1 and 2.x bef ...)
 	{DSA-1072-1}
 	- nagios 2:1.4-1 (bug #366682; bug #366803; bug #368193; high)
 	- nagios2 2.3-1 (bug #366683; bug #368199; high)
-CVE-2006-2488
+CVE-2006-2488 (Multiple cross-site scripting (XSS) vulnerabilities in Spymac WebOS (W ...)
 	NOT-FOR-US: Spymac
-CVE-2006-2487
+CVE-2006-2487 (Multiple PHP remote file inclusion vulnerabilities in ScozNews 1.2.1 a ...)
 	NOT-FOR-US: ScozNews
-CVE-2006-2486
+CVE-2006-2486 (SQL injection vulnerability in find.php in YapBB 1.2 Beta2 and earlier ...)
 	NOT-FOR-US: YapBB
-CVE-2006-2485
+CVE-2006-2485 (PHP remote file inclusion vulnerability in includes/class_template.php ...)
 	NOT-FOR-US: Quezza
-CVE-2006-2484
+CVE-2006-2484 (Cross-site scripting (XSS) vulnerability in index.html in IceWarp WebM ...)
 	NOT-FOR-US: IceWarp
-CVE-2006-2483
+CVE-2006-2483 (PHP remote file inclusion vulnerability in cart_content.php in Squirre ...)
 	NOT-FOR-US: Squirrelcart
-CVE-2006-2482
+CVE-2006-2482 (Heap-based buffer overflow in the TZipTV component in (1) ZipTV for De ...)
 	NOT-FOR-US: ZipTV
-CVE-2006-2481
+CVE-2006-2481 (VMware ESX Server 2.0.x before 2.0.2 and 2.x before 2.5.2 patch 4 stor ...)
 	NOT-FOR-US: VMware ESX
-CVE-2006-2480
+CVE-2006-2480 (Format string vulnerability in Dia 0.94 allows user-assisted attackers ...)
 	- dia 0.95.0-4 (bug #368202; low)
 	[sarge] - dia <no-dsa> (Hardly exploitable, would require obviously malformed file names)
-CVE-2006-2479
+CVE-2006-2479 (The Update functionality in Bitrix Site Manager 4.1.x does not verify  ...)
 	NOT-FOR-US: Bitrix
-CVE-2006-2478
+CVE-2006-2478 (Bitrix Site Manager 4.1.x allows remote attackers to redirect users to ...)
 	NOT-FOR-US: Bitrix
-CVE-2006-2477
+CVE-2006-2477 (Cross-site scripting (XSS) vulnerability in the administrative interfa ...)
 	NOT-FOR-US: Bitrix
-CVE-2006-2476
+CVE-2006-2476 (Bitrix Site Manager 4.1.x stores updater.log under the web document ro ...)
 	NOT-FOR-US: Bitrix
-CVE-2006-2475
+CVE-2006-2475 (Directory traversal vulnerability in (1) edit_mailtexte.cgi and (2) be ...)
 	NOT-FOR-US: Cosmoshop
-CVE-2006-2474
+CVE-2006-2474 (SQL injection vulnerability in lshop.cgi in Cosmoshop 8.11.106 and ear ...)
 	NOT-FOR-US: Cosmoshop
 CVE-2006-2473
 	NOT-FOR-US: OpenWiki
-CVE-2006-2472
+CVE-2006-2472 (Unspecified vulnerability in BEA WebLogic Server 9.1 and 9.0, 8.1 thro ...)
 	NOT-FOR-US: BEA
-CVE-2006-2471
+CVE-2006-2471 (Multiple vulnerabilities in BEA WebLogic Server 8.1 through SP4, 7.0 t ...)
 	NOT-FOR-US: BEA
-CVE-2006-2470
+CVE-2006-2470 (Unspecified vulnerability in the WebLogic Server Administration Consol ...)
 	NOT-FOR-US: BEA
-CVE-2006-2469
+CVE-2006-2469 (The HTTP handlers in BEA WebLogic Server 9.0, 8.1 up to SP5, 7.0 up to ...)
 	NOT-FOR-US: BEA
-CVE-2006-2468
+CVE-2006-2468 (The WebLogic Server Administration Console in BEA WebLogic Server 8.1  ...)
 	NOT-FOR-US: BEA
-CVE-2006-2467
+CVE-2006-2467 (BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 di ...)
 	NOT-FOR-US: BEA
-CVE-2006-2466
+CVE-2006-2466 (BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 allows remote atta ...)
 	NOT-FOR-US: BEA
-CVE-2006-2465
+CVE-2006-2465 (Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary ...)
 	- mp3info 0.8.4-9.1 (bug #368207; low)
 	[sarge] - mp3info <no-dsa> (Hardly exploitable)
-CVE-2006-2464
+CVE-2006-2464 (stopWebLogic.sh in BEA WebLogic Server 8.1 before Service Pack 4 and 7 ...)
 	NOT-FOR-US: BEA
-CVE-2006-2463
+CVE-2006-2463 (view_album.php in SelectaPix 1.31 and earlier allows remote attackers  ...)
 	NOT-FOR-US: SelectaPix
-CVE-2006-2462
+CVE-2006-2462 (BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service P ...)
 	NOT-FOR-US: BEA
-CVE-2006-2461
+CVE-2006-2461 (BEA WebLogic Server before 8.1 Service Pack 4 does not properly set th ...)
 	NOT-FOR-US: BEA
-CVE-2006-2460
+CVE-2006-2460 (Sugar Suite Open Source (SugarCRM) 4.2 and earlier, when register_glob ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2006-2459
+CVE-2006-2459 (SQL injection vulnerability in messages.php in PHP-Fusion 6.00.307 and ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2006-2458
+CVE-2006-2458 (Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlie ...)
 	{DSA-1081-1}
 	- libextractor 0.5.14-1
 CVE-2006-2457
@@ -10779,305 +10779,305 @@ CVE-2006-2455
 	RESERVED
 CVE-2006-2454
 	RESERVED
-CVE-2006-2453
+CVE-2006-2453 (Multiple unspecified format string vulnerabilities in Dia have unspeci ...)
 	- dia 0.95.0-4 (bug #368202; medium)
 	[sarge] - dia <no-dsa> (Hardly exploitable, would require obviously malformed file names)
-CVE-2006-2452
+CVE-2006-2452 (GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature i ...)
 	- gdm 2.16.1-1 (bug #375281; medium)
 	[sarge] - gdm <not-affected> (Vulnerable code has only been introduced with 2.8)
-CVE-2006-2451
+CVE-2006-2451 (The suid_dumpable support in Linux kernel 2.6.13 up to versions before ...)
 	- linux-2.6 2.6.17-3 (high)
-CVE-2006-2450
+CVE-2006-2450 (auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authent ...)
 	- libvncserver 0.8.2-1 (high; bug #376824)
-CVE-2006-2449
+CVE-2006-2449 (KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users  ...)
 	{DSA-1156}
 	- kdebase 4:3.5.2-2 (bug #374002; medium)
-CVE-2006-2448
+CVE-2006-2448 (Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, doe ...)
 	- linux-2.6 2.6.16-15
-CVE-2006-2447
+CVE-2006-2447 (SpamAssassin before 3.1.3, when running with vpopmail and the paranoid ...)
 	{DSA-1090-1}
 	- spamassassin 3.1.3-1 (medium)
-CVE-2006-2446
+CVE-2006-2446 (Race condition between the kfree_skb and __skb_unlink functions in the ...)
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 2.6.16-1
 	NOTE: I'm not sure at which point this was merged, but I checked 2.6.16 and the
 	NOTE: patch is included there
-CVE-2006-2445
+CVE-2006-2445 (Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.2 ...)
 	- linux-2.6 2.6.16-15
-CVE-2006-2444
+CVE-2006-2444 (The snmp_trap_decode function in the SNMP NAT helper for Linux kernel  ...)
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 2.6.16-15
-CVE-2006-2442
+CVE-2006-2442 (kphone 4.2 creates .qt/kphonerc with world-readable permissions, which ...)
 	{DSA-1062-1}
 	- kphone 1:4.2-3 (bug #337830; medium)
-CVE-2006-2439
+CVE-2006-2439 (Stack-based buffer overflow in ZipCentral 4.01 allows remote user-assi ...)
 	NOT-FOR-US: ZipCentral
-CVE-2006-2438
+CVE-2006-2438 (Directory traversal vulnerability in the viewfile servlet in the docum ...)
 	NOT-FOR-US: Caucho
-CVE-2006-2437
+CVE-2006-2437 (The viewfile servlet in the documentation package (resin-doc) for Cauc ...)
 	NOT-FOR-US: Caucho
-CVE-2006-2436
+CVE-2006-2436 (WebSphere Application Server 5.0.2 (or any earlier cumulative fix) sto ...)
 	NOT-FOR-US: IBM
-CVE-2006-2435
+CVE-2006-2435 (Unspecified vulnerability in IBM WebSphere Application Server 5.0.2 an ...)
 	NOT-FOR-US: IBM
-CVE-2006-2434
+CVE-2006-2434 (Unspecified vulnerability in WebSphere 5.1.1 (or any earlier cumulativ ...)
 	NOT-FOR-US: IBM
-CVE-2006-2433
+CVE-2006-2433 (Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6 ...)
 	NOT-FOR-US: IBM
-CVE-2006-2432
+CVE-2006-2432 (IBM WebSphere Application Server 5.0.2 (or any earlier cumulative fix) ...)
 	NOT-FOR-US: IBM
-CVE-2006-2431
+CVE-2006-2431 (Cross-site scripting (XSS) vulnerability in the 500 Internal Server Er ...)
 	NOT-FOR-US: IBM
-CVE-2006-2430
+CVE-2006-2430 (IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, ...)
 	NOT-FOR-US: IBM
-CVE-2006-2429
+CVE-2006-2429 (Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6 ...)
 	NOT-FOR-US: IBM
-CVE-2006-2428
+CVE-2006-2428 (add.asp in DUware DUbanner 3.1 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Duware
-CVE-2006-2427
+CVE-2006-2427 (freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h a ...)
 	- clamav <not-affected> (clamav-freshclam doesn't ship freshclam setuid or setgid)
-CVE-2006-2426
+CVE-2006-2426 (Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 an ...)
 	{DSA-1769-1}
 	- sun-java5 1.5.0-10-1 (bug #384734)
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b14-1.5~pre1-3 (bug #566766)
-CVE-2006-2425
+CVE-2006-2425 (Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in PhpR ...)
 	NOT-FOR-US: phpRemoteView
-CVE-2006-2424
+CVE-2006-2424 (PHP remote file inclusion vulnerability in ezUserManager 1.6 and earli ...)
 	NOT-FOR-US: ezUserManager
-CVE-2006-2423
+CVE-2006-2423 (Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Conf ...)
 	NOT-FOR-US: Confixx
-CVE-2006-2422
+CVE-2006-2422 (phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, ...)
 	NOT-FOR-US: phpCOIN
-CVE-2006-2421
+CVE-2006-2421 (Stack-based buffer overflow in Pragma FortressSSH 4.0.7.20 allows remo ...)
 	NOT-FOR-US: Pragma
-CVE-2006-2420
+CVE-2006-2420 (Bugzilla 2.20rc1 through 2.20 and 2.21.1, when using RSS 1.0, allows r ...)
 	NOTE: "this issue normally would not be included in CVE, it is being identified since the Bugzilla developers have addressed it."
 	- bugzilla <unfixed> (unimportant)
-CVE-2006-2419
+CVE-2006-2419 (Cross-site scripting (XSS) vulnerability in index.php in Directory Lis ...)
 	NOT-FOR-US: Directory Listing Script
-CVE-2006-2418
+CVE-2006-2418 (Cross-site scripting (XSS) vulnerabilities in certain versions of phpM ...)
 	{DSA-1207-1}
 	- phpmyadmin 4:2.8.1-1 (bug #368082; medium)
-CVE-2006-2417
+CVE-2006-2417 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before  ...)
 	- phpmyadmin 4:2.8.1-1 (bug #368082; medium)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-2416
+CVE-2006-2416 (SQL injection vulnerability in class2.php in e107 0.7.2 and earlier al ...)
 	NOT-FOR-US: e107
-CVE-2006-2415
+CVE-2006-2415 (Multiple cross-site scripting (XSS) vulnerabilities in FlexChat 2.0 an ...)
 	NOT-FOR-US: FlexChat
-CVE-2006-2414
+CVE-2006-2414 (Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows r ...)
 	{DSA-1080-1}
 	- dovecot 1.0.beta8-1 (low)
 	[sarge] - dovecot <not-affected> (vulnerability introduced in 1.0)
-CVE-2006-2413
+CVE-2006-2413 (GNUnet before SVN revision 2781 allows remote attackers to cause a den ...)
 	- gnunet 0.7.0e-1 (bug #368159; medium)
 	[sarge] - gnunet <not-affected> (according to maintainer)
-CVE-2006-2412
+CVE-2006-2412 (The raydium_network_read function in network.c in Raydium SVN revision ...)
 	NOT-FOR-US: Raydium
-CVE-2006-2411
+CVE-2006-2411 (Buffer overflow in raydium_network_read function in network.c in Raydi ...)
 	NOT-FOR-US: Raydium
-CVE-2006-2410
+CVE-2006-2410 (raydium_network_netcall_exec function in network.c in Raydium SVN revi ...)
 	NOT-FOR-US: Raydium
-CVE-2006-2409
+CVE-2006-2409 (Format string vulnerability in the raydium_log function in console.c i ...)
 	NOT-FOR-US: Raydium
-CVE-2006-2408
+CVE-2006-2408 (Multiple buffer overflows in Raydium before SVN revision 310 allow rem ...)
 	NOT-FOR-US: Raydium
-CVE-2006-2407
+CVE-2006-2407 (Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Compo ...)
 	NOT-FOR-US: ActiveX component
-CVE-2006-2406
+CVE-2006-2406 (Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassifi ...)
 	NOT-FOR-US: Unclassified NewsBoard
-CVE-2006-2405
+CVE-2006-2405 (Directory traversal vulnerability in unb_lib/abbc.conf.php in Unclassi ...)
 	NOT-FOR-US: Unclassified NewsBoard
-CVE-2006-2404
+CVE-2006-2404 (Directory traversal vulnerability in popup.php in RadScripts RadLance  ...)
 	NOT-FOR-US: RadScripts
-CVE-2006-2403
+CVE-2006-2403 (Buffer overflow in FileZilla before 2.2.23 allows remote attackers to  ...)
 	- filezilla <not-affected> (fixed before the first Debian upload)
-CVE-2006-2402
+CVE-2006-2402 (Buffer overflow in the changeRegistration function in servernet.cpp fo ...)
 	NOT-FOR-US: Outgun
-CVE-2006-2401
+CVE-2006-2401 (The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and ear ...)
 	NOT-FOR-US: Outgun
-CVE-2006-2400
+CVE-2006-2400 (The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and ear ...)
 	NOT-FOR-US: Outgun
-CVE-2006-2399
+CVE-2006-2399 (Stack-based buffer overflow in the ServerNetworking::incoming_client_d ...)
 	NOT-FOR-US: Outgun
-CVE-2006-2398
+CVE-2006-2398 (Directory traversal vulnerability in index.php in GPhotos 1.5 and earl ...)
 	NOT-FOR-US: GPhotos web gallery
-CVE-2006-2397
+CVE-2006-2397 (Multiple cross-site scripting (XSS) vulnerabilities in GPhotos 1.5 and ...)
 	NOT-FOR-US: GPhotos web gallery
-CVE-2006-2396
+CVE-2006-2396 (Cross-site scripting (XSS) vulnerability in phpODP 1.5h allows remote  ...)
 	NOT-FOR-US: phpODP
-CVE-2006-2395
+CVE-2006-2395 (PHP remote file inclusion vulnerability in resources/includes/popp.con ...)
 	NOT-FOR-US: PopPhoto
-CVE-2006-2394
+CVE-2006-2394 (Cross-site scripting (XSS) vulnerability in chat.php in PHP Live Helpe ...)
 	NOT-FOR-US: PHP Live Support
-CVE-2006-2393
+CVE-2006-2393 (The client_cmd function in Empire 4.3.2 and earlier allows remote atta ...)
 	NOT-FOR-US: Debian's 'empire' is a different game
-CVE-2006-2392
+CVE-2006-2392 (PHP remote file inclusion vulnerability in public_includes/pub_popup/p ...)
 	NOT-FOR-US: PHP Blue Dragon Platinum
-CVE-2006-2391
+CVE-2006-2391 (Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote ...)
 	NOT-FOR-US: EMC Retrospect
-CVE-2006-2390
+CVE-2006-2390 (Cross-site scripting (XSS) vulnerability in OZJournals 1.2 allows remo ...)
 	NOT-FOR-US: OZJournals
-CVE-2006-2389
+CVE-2006-2389 (Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2388
+CVE-2006-2388 (Microsoft Office Excel 2000 through 2004 allows user-assisted attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2387
+CVE-2006-2387 (Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 fo ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2386
+CVE-2006-2386 (Unspecified vulnerability in Microsoft Outlook Express 6 and earlier a ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2385
+CVE-2006-2385 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2384
+CVE-2006-2384 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2383
+CVE-2006-2383 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2382
+CVE-2006-2382 (Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-2381
 	REJECTED
-CVE-2006-2380
+CVE-2006-2380 (Microsoft Windows 2000 SP4 does not properly validate an RPC server du ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2379
+CVE-2006-2379 (Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2378
+CVE-2006-2378 (Buffer overflow in the ART Image Rendering component (jgdw400.dll) in  ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-2377
 	REJECTED
-CVE-2006-2376
+CVE-2006-2376 (Integer overflow in the PolyPolygon function in Graphics Rendering Eng ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-2375
 	REJECTED
-CVE-2006-2374
+CVE-2006-2374 (The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2373
+CVE-2006-2373 (The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2372
+CVE-2006-2372 (Buffer overflow in the DHCP Client service for Microsoft Windows 2000  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2371
+CVE-2006-2371 (Buffer overflow in the Remote Access Connection Manager service (RASMA ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2370
+CVE-2006-2370 (Buffer overflow in the Routing and Remote Access service (RRAS) in Mic ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2369
+CVE-2006-2369 (RealVNC 4.1.1, and other products that use RealVNC such as AdderLink I ...)
 	- vnc4 4.1.1+X4.3.0-10 (high)
 	[sarge] - vnc4 <not-affected> (vuln not in 4.0)
-CVE-2006-2368
+CVE-2006-2368 (Cross-site scripting (XSS) vulnerability in index.php in Clansys (aka  ...)
 	NOT-FOR-US: Clansys
-CVE-2006-2367
+CVE-2006-2367 (Cross-site scripting (XSS) vulnerability in index.php in Clansys (aka  ...)
 	NOT-FOR-US: Clansys
-CVE-2006-2366
+CVE-2006-2366 (ircp_io.c in libopenobex for ircp 1.2, when ircp is run with the -r op ...)
 	- libopenobex 1.2-3 (bug #366484)
-CVE-2006-2365
+CVE-2006-2365 (Cross-site scripting (XSS) vulnerability in a_login.php in Vizra allow ...)
 	NOT-FOR-US: Vizra
-CVE-2006-2364
+CVE-2006-2364 (Cross-site scripting (XSS) vulnerability in the validation feature in  ...)
 	NOT-FOR-US: Macromedia
-CVE-2006-2363
+CVE-2006-2363 (SQL injection vulnerability in the weblinks option (weblinks.html.php) ...)
 	NOT-FOR-US: Limbo
-CVE-2006-2362
+CVE-2006-2362 (Buffer overflow in getsym in tekhex.c in libbfd in Free Software Found ...)
 	- binutils 2.17-1 (low; bug #368237)
 	[sarge] - binutils <no-dsa> (Very minor issue)
-CVE-2006-2361
+CVE-2006-2361 (PHP remote file inclusion vulnerability in pafiledb_constants.php in D ...)
 	NOT-FOR-US: phpbb mod
-CVE-2006-2360
+CVE-2006-2360 (SQL injection vulnerability in charts.php in the Chart mod for phpBB a ...)
 	NOT-FOR-US: phpbb mod
-CVE-2006-2359
+CVE-2006-2359 (Cross-site scripting (XSS) vulnerability in charts.php in the Chart mo ...)
 	NOT-FOR-US: phpbb mod
 CVE-2006-2192
 	RESERVED
-CVE-2006-2358
+CVE-2006-2358 (Multiple cross-site scripting (XSS) vulnerabilities in various scripts ...)
 	NOT-FOR-US: Web Labs CMS
-CVE-2006-2357
+CVE-2006-2357 (Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premi ...)
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2006-2356
+CVE-2006-2356 (NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006  ...)
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2006-2355
+CVE-2006-2355 (Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2 ...)
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2006-2354
+CVE-2006-2354 (NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch ...)
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2006-2353
+CVE-2006-2353 (NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 an ...)
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2006-2352
+CVE-2006-2352 (Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsU ...)
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2006-2351
+CVE-2006-2351 (Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsU ...)
 	NOT-FOR-US: Ipswitch WhatsUp
 CVE-2006-2350
 	REJECTED
-CVE-2006-2349
+CVE-2006-2349 (E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to ...)
 	NOT-FOR-US: E-Business Designer
-CVE-2006-2348
+CVE-2006-2348 (Cross-site scripting (XSS) vulnerability in form_grupo.html in E-Busin ...)
 	NOT-FOR-US: E-Business Designer
-CVE-2006-2347
+CVE-2006-2347 (E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to ...)
 	NOT-FOR-US: E-Business Designer
-CVE-2006-2346
+CVE-2006-2346 (vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows r ...)
 	- vpopmail <not-affected> (vulnerability introduced in 5.4.14)
 	NOTE: Unable to reach CVS to determine if prior versions are affected
 	NOTE: Micah will return to this one
-CVE-2006-2345
+CVE-2006-2345 (Cross-site scripting (XSS) vulnerability in inc/elementz.php in AliPAG ...)
 	NOT-FOR-US: AliPAGER
-CVE-2006-2344
+CVE-2006-2344 (SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with  ...)
 	NOT-FOR-US: AliPAGER
-CVE-2006-2343
+CVE-2006-2343 (Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine  ...)
 	NOT-FOR-US: ManageEngine OpManager
-CVE-2006-2342
+CVE-2006-2342 (IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2006-2341
+CVE-2006-2341 (The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, ...)
 	NOT-FOR-US: Symantec Gateway Security
-CVE-2006-2340
+CVE-2006-2340 (Cross-site scripting (XSS) vulnerability in PassMasterFlex and PassMas ...)
 	NOT-FOR-US: PassMasterFlex
-CVE-2006-2339
+CVE-2006-2339 (SQL injection vulnerability in index.php in evoTopsites 2.x and evoTop ...)
 	NOT-FOR-US: evoTopsites
-CVE-2006-2338
+CVE-2006-2338 (PlaNet Concept plaNetStat 20050127 allows remote attackers to gain adm ...)
 	NOT-FOR-US: PlaNet
-CVE-2006-2337
+CVE-2006-2337 (Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wir ...)
 	NOT-FOR-US: D-Link
-CVE-2006-2336
+CVE-2006-2336 (SQL injection vulnerability in showthread.php in MyBB (aka MyBulletinB ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-2335
+CVE-2006-2335 (Jelsoft vBulletin accepts uploads of Cascading Style Sheets (CSS) and  ...)
 	NOT-FOR-US: vBulletin
-CVE-2006-2334
+CVE-2006-2334 (The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsof ...)
 	NOT-FOR-US: Windows
-CVE-2006-2333
+CVE-2006-2333 (Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1 ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-2332
+CVE-2006-2332 (Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of s ...)
 	NOTE: 1.5.dfsg+1.5.0.3-2 didn't crash or do anything but stutter on the sample pages, marking it fixed in there
 	- firefox 1.5.dfsg+1.5.0.3-2
-CVE-2006-2331
+CVE-2006-2331 (Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 al ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2006-2330
+CVE-2006-2330 (PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3. ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2006-2329
+CVE-2006-2329 (AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensiti ...)
 	NOT-FOR-US: AngelineCMS
-CVE-2006-2328
+CVE-2006-2328 (SQL injection vulnerability in lib/adodb/server.php in AngelineCMS 0.6 ...)
 	NOT-FOR-US: AngelineCMS
-CVE-2006-2327
+CVE-2006-2327 (Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iP ...)
 	NOT-FOR-US: Novell
-CVE-2006-2326
+CVE-2006-2326 (Directory traversal vulnerability in index.php in OnlyScript.info Onli ...)
 	NOT-FOR-US: OnlyScript.info
-CVE-2006-2325
+CVE-2006-2325 (Cross-site scripting (XSS) vulnerability in index.php in OnlyScript.in ...)
 	NOT-FOR-US: OnlyScript.info
-CVE-2006-2324
+CVE-2006-2324 (180solutions Zango downloads "required Adware components" without chec ...)
 	NOT-FOR-US: 180solutions
-CVE-2006-2323
+CVE-2006-2323 (Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpLi ...)
 	NOT-FOR-US: SmartISoft
-CVE-2006-2322
+CVE-2006-2322 (The transparent proxy feature of the Cisco Application Velocity System ...)
 	NOT-FOR-US: Cisco
-CVE-2006-2321
+CVE-2006-2321 (Multiple cross-site scripting (XSS) vulnerabilities in Ideal Science I ...)
 	NOT-FOR-US: Ideal Science
-CVE-2006-2320
+CVE-2006-2320 (Multiple SQL injection vulnerabilities in Ideal Science Ideal BB 1.5.4 ...)
 	NOT-FOR-US: Ideal Science
-CVE-2006-2319
+CVE-2006-2319 (Ideal Science Ideal BB 1.5.4a and earlier does not properly check file ...)
 	NOT-FOR-US: Ideal Science
-CVE-2006-2318
+CVE-2006-2318 (Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a an ...)
 	NOT-FOR-US: Ideal Science
-CVE-2006-2317
+CVE-2006-2317 (Unspecified vulnerability in Ideal Science Ideal BB 1.5.4a and earlier ...)
 	NOT-FOR-US: Ideal Science
-CVE-2006-2316
+CVE-2006-2316 (S24EvMon.exe in the Intel PROset/Wireless software, possibly 10.1.0.33 ...)
 	NOT-FOR-US: Intel Windows software
 CVE-2006-2315
 	NOT-FOR-US: ISPConfig
-CVE-2006-2314
+CVE-2006-2314 (PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13 ...)
 	{DSA-1087-1}
 	- postgresql 7.5.4 (medium; bug #368645)
 	- postgresql-7.4 1:7.4.13-1 (medium)
@@ -11093,7 +11093,7 @@ CVE-2006-2314
 	NOTE: pygresql 1:3.8-1.1 (bug #369239)
 	NOTE: dovecot 1.0.beta8-3 (bug #369359)
 	NOTE: postfix 2.2.10-2 (bug #369349)
-CVE-2006-2313
+CVE-2006-2313 (PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13 ...)
 	{DSA-1087-1}
 	- postgresql 7.5.4 (high; bug #368645)
 	- postgresql-7.4 1:7.4.13-1 (high)
@@ -11101,273 +11101,273 @@ CVE-2006-2313
 	NOTE: Beginning with version 7.5.4, postgresql is a transition
 	NOTE: package which does not contain actual code. That's why
 	NOTE: it's marked as fixed here. (Previous versions are vulnerable.)
-CVE-2006-2312
+CVE-2006-2312 (Argument injection vulnerability in the URI handler in Skype 2.0.*.104 ...)
 	NOT-FOR-US: Skype
-CVE-2006-2311
+CVE-2006-2311 (Cross-site scripting (XSS) vulnerability in BlueDragon Server and Serv ...)
 	NOT-FOR-US: BlueDragon Server and Server JX
-CVE-2006-2310
+CVE-2006-2310 (BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote at ...)
 	NOT-FOR-US: BlueDragon Server and Server JX
-CVE-2006-2309
+CVE-2006-2309 (The HTTP service in EServ/3 3.25 allows remote attackers to obtain sen ...)
 	NOT-FOR-US: EServ
-CVE-2006-2308
+CVE-2006-2308 (Directory traversal vulnerability in the IMAP service in EServ/3 3.25  ...)
 	NOT-FOR-US: EServ
-CVE-2006-2307
+CVE-2006-2307 (Cross-site scripting (XSS) vulnerability in Website Baker CMS before 2 ...)
 	NOT-FOR-US: Website Baker
-CVE-2006-2306
+CVE-2006-2306 (Cross-site scripting (XSS) vulnerability in moreinfo.asp in EPublisher ...)
 	NOT-FOR-US: EPublisherPro
-CVE-2006-2305
+CVE-2006-2305 (Multiple cross-site scripting (XSS) vulnerabilities in Jadu CMS allow  ...)
 	NOT-FOR-US: Jadu
-CVE-2006-2304
+CVE-2006-2304 (Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Nove ...)
 	NOT-FOR-US: Novell software for Windows
-CVE-2006-2303
+CVE-2006-2303 (Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 bui ...)
 	NOT-FOR-US: Windows ICQ client
-CVE-2006-2302
+CVE-2006-2302 (SQL injection vulnerability in admin_default.asp in DUGallery 2.x allo ...)
 	NOT-FOR-US: DUGallery
-CVE-2006-2301
+CVE-2006-2301 (SQL injection vulnerability in admin_default.asp in OzzyWork Galeri al ...)
 	NOT-FOR-US: OzzyWork
-CVE-2006-2300
+CVE-2006-2300 (Multiple SQL injection vulnerabilities in EImagePro allow remote attac ...)
 	NOT-FOR-US: EImagePro
 CVE-2006-2299
 	RESERVED
-CVE-2006-2298
+CVE-2006-2298 (The Internet Key Exchange version 1 (IKEv1) implementation in the libi ...)
 	NOT-FOR-US: Solaris
-CVE-2006-2297
+CVE-2006-2297 (Heap-based buffer overflow in Microsoft Infotech Storage System Librar ...)
 	NOT-FOR-US: Microsoft Infotech Storage System
-CVE-2006-2296
+CVE-2006-2296 (SQL injection vulnerability in search_result.asp in EDirectoryPro 2.0  ...)
 	NOT-FOR-US: EDirectoryPro
-CVE-2006-2295
+CVE-2006-2295 (Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote ...)
 	NOT-FOR-US: Dynamic Galerie
-CVE-2006-2294
+CVE-2006-2294 (Cross-site scripting (XSS) vulnerability in Dynamic Galerie 1.0 allows ...)
 	NOT-FOR-US: Dynamic Galerie
-CVE-2006-2293
+CVE-2006-2293 (SQL injection vulnerability in all_calendars.asp in MultiCalendars 3.0 ...)
 	NOT-FOR-US: MultiCalendars
-CVE-2006-2292
+CVE-2006-2292 (Multiple SQL injection vulnerabilities in IA-Calendar allow remote att ...)
 	NOT-FOR-US: IA-Calendar
-CVE-2006-2291
+CVE-2006-2291 (Cross-site scripting (XSS) vulnerability in calendar_new.asp in IA-Cal ...)
 	NOT-FOR-US: IA-Calendar
-CVE-2006-2290
+CVE-2006-2290 (Multiple cross-site scripting (XSS) vulnerabilities in kommentar.php i ...)
 	NOT-FOR-US: 2005-Comments-Script
-CVE-2006-2289
+CVE-2006-2289 (Buffer overflow in avahi-core in Avahi before 0.6.10 allows local user ...)
 	- avahi 0.6.10-1 (medium)
-CVE-2006-2288
+CVE-2006-2288 (Avahi before 0.6.10 allows local users to cause a denial of service (m ...)
 	- avahi 0.6.10-1 (low)
-CVE-2006-2287
+CVE-2006-2287 (Multiple cross-site scripting (XSS) vulnerabilities in Vision Source 0 ...)
 	NOT-FOR-US: Vision Source
-CVE-2006-2286
+CVE-2006-2286 (Multiple PHP remote file inclusion vulnerabilities in claro_init_globa ...)
 	NOT-FOR-US: Dokeos
-CVE-2006-2285
+CVE-2006-2285 (PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6. ...)
 	NOT-FOR-US: Dokeos
-CVE-2006-2284
+CVE-2006-2284 (Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5  ...)
 	NOT-FOR-US: Claroline
-CVE-2006-2283
+CVE-2006-2283 (Multiple PHP remote file inclusion vulnerabilities in SpiffyJr phpRaid ...)
 	NOT-FOR-US: phpRaid
-CVE-2006-2282
+CVE-2006-2282 (Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and earlier  ...)
 	NOT-FOR-US: X7 Chat
-CVE-2006-2281
+CVE-2006-2281 (X-Scripts X-Poll (xpoll) 2.30 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: X-Scripts X-Poll
-CVE-2006-2280
+CVE-2006-2280 (Directory traversal vulnerability in website.php in openEngine 1.8 Bet ...)
 	NOT-FOR-US: openEngine
-CVE-2006-2279
+CVE-2006-2279 (Multiple SQL injection vulnerabilities in SaphpLesson 3.0 allow remote ...)
 	NOT-FOR-US: SaphpLesson
-CVE-2006-2278
+CVE-2006-2278 (SaphpLesson 3.0 does not initialize array variables, which allows remo ...)
 	NOT-FOR-US: SaphpLesson
-CVE-2006-2277
+CVE-2006-2277 (Multiple Apple Mac OS X 10.4 applications might allow context-dependen ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2006-2276
+CVE-2006-2276 (bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cau ...)
 	{DSA-1059-1}
 	- quagga 0.99.4-1 (bug #366980; low)
-CVE-2006-2275
+CVE-2006-2275 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a d ...)
 	- linux-2.6 2.6.16-13
-CVE-2006-2274
+CVE-2006-2274 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a d ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-13
-CVE-2006-2273
+CVE-2006-2273 (The InstallProduct routine in the Verisign VUpdater.Install (aka i-Nav ...)
 	NOT-FOR-US: Verisign
-CVE-2006-2272
+CVE-2006-2272 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a d ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-13
-CVE-2006-2271
+CVE-2006-2271 (The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows re ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-13
-CVE-2006-2270
+CVE-2006-2270 (PHP remote file inclusion vulnerability in includes/config.php in Jetb ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2006-2269
+CVE-2006-2269 (Cross-site scripting (XSS) vulnerability in myWebland MyBloggie 2.1.3  ...)
 	NOT-FOR-US: myWebland MyBloggie
-CVE-2006-2268
+CVE-2006-2268 (SQL injection vulnerability in FlexCustomer 0.0.4 and earlier allows r ...)
 	NOT-FOR-US: FlexCustomer
-CVE-2006-2267
+CVE-2006-2267 (Kerio WinRoute Firewall before 6.2.1 allows remote attackers to cause  ...)
 	NOT-FOR-US: Kerio WinRoute Firewall
-CVE-2006-2266
+CVE-2006-2266 (SQL injection vulnerability in Chirpy! 0.1 allows remote attackers to  ...)
 	NOT-FOR-US: Chirpy!
-CVE-2006-2265
+CVE-2006-2265 (Cross-site scripting vulnerability in admin/main.asp in Ocean12 Calend ...)
 	NOT-FOR-US: Ocean12 Calendar Manager Pro
-CVE-2006-2264
+CVE-2006-2264 (Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro ...)
 	NOT-FOR-US: Ocean12 Calendar Manager Pro
-CVE-2006-2263
+CVE-2006-2263 (SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows  ...)
 	NOT-FOR-US: VP-ASP
-CVE-2006-2262
+CVE-2006-2262 (Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9 ...)
 	NOT-FOR-US: singapore
-CVE-2006-2261
+CVE-2006-2261 (PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 allow ...)
 	NOT-FOR-US: ACal
-CVE-2006-2260
+CVE-2006-2260 (Cross-site scripting (XSS) vulnerability in the project module (projec ...)
 	- drupal <not-affected> (bug #366947)
-CVE-2006-2259
+CVE-2006-2259 (SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows re ...)
 	NOT-FOR-US: MaxxSchedule
-CVE-2006-2258
+CVE-2006-2258 (Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule  ...)
 	NOT-FOR-US: MaxxSchedule
-CVE-2006-2257
+CVE-2006-2257 (Cross-site scripting (XSS) vulnerability in index.php in easyEvent 1.2 ...)
 	NOT-FOR-US: easyEvent
-CVE-2006-2256
+CVE-2006-2256 (PHP remote file inclusion vulnerability in includes/dbal.php in EQdkp  ...)
 	NOT-FOR-US: EQdkp
-CVE-2006-2255
+CVE-2006-2255 (Multiple SQL injection vulnerabilities in Creative Community Portal 1. ...)
 	NOT-FOR-US: Creative Community Portal
-CVE-2006-2254
+CVE-2006-2254 (Buffer overflow in filecpnt.exe in FileCOPA 1.01 allows remote attacke ...)
 	NOT-FOR-US: FileCOPA
-CVE-2006-2253
+CVE-2006-2253 (PHP remote file inclusion vulnerability in visible_count_inc.php in St ...)
 	NOT-FOR-US: Statit
-CVE-2006-2252
+CVE-2006-2252 (Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 allo ...)
 	NOT-FOR-US: OpenFAQ
-CVE-2006-2251
+CVE-2006-2251 (SQL injection vulnerability in the do_mmod function in mod.php in Invi ...)
 	NOT-FOR-US: Invision Community Blog
-CVE-2006-2250
+CVE-2006-2250 (CuteNews 1.4.1 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: CuteNews
-CVE-2006-2249
+CVE-2006-2249 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in C ...)
 	NOT-FOR-US: CuteNews
-CVE-2006-2248
+CVE-2006-2248 (Xeneo Web Server 2.2.22.0 allows remote attackers to obtain the source ...)
 	NOT-FOR-US: Xeneo Web Server
-CVE-2006-2247
+CVE-2006-2247 (WebCalendar 1.0.1 to 1.0.3 generates different error messages dependin ...)
 	{DSA-1056-1}
 	- webcalendar 1.0.2-2.2 (medium; bug #366927)
-CVE-2006-2246
+CVE-2006-2246 (Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition a ...)
 	NOT-FOR-US: UBlog
-CVE-2006-2245
+CVE-2006-2245 (PHP remote file inclusion vulnerability in auction\auction_common.php  ...)
 	NOT-FOR-US: Auction mod 1.3m for phpBB
-CVE-2006-2244
+CVE-2006-2244 (Multiple SQL injection vulnerabilities in Web4Future News Portal allow ...)
 	NOT-FOR-US: Web4Future News Portal
-CVE-2006-2243
+CVE-2006-2243 (Multiple cross-site scripting (XSS) vulnerabilities in Web4Future News ...)
 	NOT-FOR-US: Web4Future News Portal
-CVE-2006-2242
+CVE-2006-2242 (acFTP 1.4 allows remote attackers to cause a denial of service (applic ...)
 	NOT-FOR-US: acFTP
-CVE-2006-2241
+CVE-2006-2241 (PHP remote file inclusion vulnerability in show.php in Fast Click SQL  ...)
 	NOT-FOR-US: Fast Click SQL Lite
-CVE-2006-2240
+CVE-2006-2240 (Unspecified vulnerability in the (1) web cache or (2) web proxy in Fuj ...)
 	NOT-FOR-US: Fujitsu NetShelter/FW
-CVE-2006-2239
+CVE-2006-2239 (SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows ...)
 	NOT-FOR-US: Newsadmin
-CVE-2006-2238
+CVE-2006-2238 (Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote ...)
 	NOT-FOR-US: Apple
-CVE-2006-2237
+CVE-2006-2237 (The web interface for AWStats 6.4 and 6.5, when statistics updates are ...)
 	{DSA-1058-1}
 	- awstats 6.5-2 (bug #365909; bug #365910; medium)
-CVE-2006-2236
+CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) Ret ...)
 	- tremulous 1.1.0-6 (bug #660827)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
 	- ioquake3 1.36+svn1788j-1
-CVE-2006-2235
+CVE-2006-2235 (CodeMunkyX (aka free-php.net) Simple Poll 1.0, when authentication is  ...)
 	NOT-FOR-US: Simple Poll
-CVE-2006-2234
+CVE-2006-2234 (Multiple cross-site scripting (XSS) vulnerabilities in TyroCMS beta 1. ...)
 	NOT-FOR-US: TyroCMS
-CVE-2006-2233
+CVE-2006-2233 (Buffer overflow in BankTown Client Control (aka BtCxCtl20Com) 1.4.2.51 ...)
 	NOT-FOR-US: BankTown Client Control
-CVE-2006-2232
+CVE-2006-2232 (Cross-site scripting (XSS) vulnerability in Scriptsez Cute Guestbook 2 ...)
 	NOT-FOR-US: Scriptsez Cute Guestbook
-CVE-2006-2231
+CVE-2006-2231 (Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in ...)
 	NOT-FOR-US: Big Webmaster Guestbook Script
-CVE-2006-2230
+CVE-2006-2230 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0 ...)
 	{DSA-1093-1}
 	- xine-ui 0.99.4-2 (medium; bug #363370; bug #372172)
-CVE-2006-2229
+CVE-2006-2229 (OpenVPN 2.0.7 and earlier, when configured to use the --management opt ...)
 	- openvpn <unfixed> (unimportant)
 	NOTE: One needs to explicitly set the IP to something else than 127.0.0.1
 	NOTE: in order to be vulnerable. The man page recommends not to do it.
-CVE-2006-2228
+CVE-2006-2228 (Cross-site scripting (XSS) vulnerability in w-Agora (aka Web-Agora) 4. ...)
 	NOT-FOR-US: Web-Agora
-CVE-2006-2227
+CVE-2006-2227 (Cross-site scripting (XSS) vulnerability in misc.php in PunBB 1.2.11 a ...)
 	NOT-FOR-US: PunBB
-CVE-2006-2226
+CVE-2006-2226 (Buffer overflow in XM Easy Personal FTP Server 4.2 and 5.0.1 allows re ...)
 	NOT-FOR-US: Easy Personal FTP Server
-CVE-2006-2225
+CVE-2006-2225 (Buffer overflow in XM Easy Personal FTP Server 4.3 and earlier allows  ...)
 	NOT-FOR-US: Easy Personal FTP Server
-CVE-2006-2224
+CVE-2006-2224 (RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce ...)
 	{DSA-1059-1}
 	- quagga 0.99.3-2 (bug #365940; medium)
-CVE-2006-2223
+CVE-2006-2223 (RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly impleme ...)
 	{DSA-1059-1}
 	- quagga 0.99.3-2 (bug #365940; medium)
-CVE-2006-2222
+CVE-2006-2222 (Buffer overflow in zawhttpd 0.8.23, and possibly previous versions, al ...)
 	NOT-FOR-US: zawhttpd
-CVE-2006-2221
+CVE-2006-2221 (A third-party installer generation tool, possibly BitRock InstallBuild ...)
 	- ejabberd <not-affected> (only binary distribution is affected)
-CVE-2006-2220
+CVE-2006-2220 (phpBB 2.0.20 does not properly verify user-specified input variables u ...)
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: SQL query disclosure
-CVE-2006-2219
+CVE-2006-2219 (phpBB 2.0.20 does not verify user-specified input variable types befor ...)
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: path disclosure
-CVE-2006-2218
+CVE-2006-2218 (Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Window ...)
 	NOT-FOR-US: MS IE
-CVE-2006-2217
+CVE-2006-2217 (SQL injection vulnerability in index.php in Invision Power Board allow ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-2216
+CVE-2006-2216 (Open Bulletin Board (OpenBB) 1.0.8 allows remote attackers to obtain t ...)
 	NOT-FOR-US: OpenBB
 CVE-2006-2215
 	REJECTED
 CVE-2006-XXXX [cyrus-imapd allows user probes]
 	- cyrus-imapd-2.2 2.2.13-3
 	- kolab-cyrus-imapd 2.2.13-1
-CVE-2006-2214
+CVE-2006-2214 (Multiple SQL injection vulnerabilities in 4images 1.7.1 and earlier al ...)
 	NOT-FOR-US: 4images
-CVE-2006-2213
+CVE-2006-2213 (Hostapd 0.3.7-2 allows remote attackers to cause a denial of service ( ...)
 	{DSA-1065-1}
 	- hostapd 1:0.5.0-1 (bug #365897; high)
-CVE-2006-2212
+CVE-2006-2212 (Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows  ...)
 	NOT-FOR-US: KarjaSoft Sami FTP Server
-CVE-2006-2211
+CVE-2006-2211 (Absolute path traversal vulnerability in index.php in 321soft PhP-Gall ...)
 	NOT-FOR-US: 321soft PhP-Gallery
-CVE-2006-2210
+CVE-2006-2210 (Cross-site scripting (XSS) vulnerability in index.php in 321soft PhP-G ...)
 	NOT-FOR-US: 321soft PhP-Gallery
-CVE-2006-2209
+CVE-2006-2209 (Multiple SQL injection vulnerabilities in index.php in PHP Arena paChe ...)
 	NOT-FOR-US: paCheckBook
-CVE-2006-2208
+CVE-2006-2208 (Multiple cross-site scripting (XSS) vulnerabilities in mynews.inc.php  ...)
 	NOT-FOR-US: paCheckBook
 CVE-2006-2207
 	RESERVED
-CVE-2006-2206
+CVE-2006-2206 (The MS-Logon authentication scheme in UltraVNC (aka Ultr@VNC) 1.0.1 us ...)
 	NOT-FOR-US: UltraVNC
-CVE-2006-2205
+CVE-2006-2205 (The audio_write function in NetBSD 3.0 allows local users to cause a d ...)
 	NOT-FOR-US: NetBSD kernel
-CVE-2006-2204
+CVE-2006-2204 (SQL injection vulnerability in the topic deletion functionality (post_ ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-2203
+CVE-2006-2203 (Unspecified vulnerability in Kerio MailServer before 6.1.4 has unknown ...)
 	NOT-FOR-US: Kerio MailServer
-CVE-2006-2202
+CVE-2006-2202 (SQL injection vulnerability in post.php in Invision Gallery 2.0.6 allo ...)
 	NOT-FOR-US: Invision Gallery
-CVE-2006-2201
+CVE-2006-2201 (Unspecified vulnerability in CA Resource Initialization Manager (CAIRI ...)
 	NOT-FOR-US: CA Resource Initialization Manager
-CVE-2006-2200
+CVE-2006-2200 (Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and  ...)
 	- libmms 0.2-7 (bug #374577; medium)
 	- mimms 2.0.0-1 (bug #374577; medium)
 	- xine-lib 1.1.2-2 (bug #374577; unimportant)
 	NOTE: Not exploitable within xine, as alloced buffer are large enough
-CVE-2006-2199
+CVE-2006-2199 (Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka ...)
 	{DSA-1104}
 	- openoffice.org 2.0.3-1
-CVE-2006-2198
+CVE-2006-2198 (OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0 ...)
 	{DSA-1104}
 	- openoffice.org 2.0.3-1
-CVE-2006-2197
+CVE-2006-2197 (Integer overflow in wv2 before 0.2.3 might allow context-dependent att ...)
 	{DSA-1100}
 	- wv2 0.2.2-6 (medium)
-CVE-2006-2196
+CVE-2006-2196 (Unspecified vulnerability in pinball 0.3.1 allows local users to gain  ...)
 	{DSA-1102}
 	- pinball 0.3.1-6
-CVE-2006-2195
+CVE-2006-2195 (Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3. ...)
 	{DSA-1099-1 DSA-1098-1}
 	- horde3 3.1.1-3
-CVE-2006-2194
+CVE-2006-2194 (The winbind plugin in pppd for ppp 2.4.4 and earlier does not check th ...)
 	{DSA-1106}
 	- ppp 2.4.4rel-1 (medium)
-CVE-2006-2193
+CVE-2006-2193 (Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in li ...)
 	{DSA-1091-1}
 	- tiff 3.8.2-4 (bug #371064; bug #370355; medium)
 	- tiff3 <not-affected> (fixed prior to initial upload)
@@ -11375,185 +11375,185 @@ CVE-2006-2191
 	- mailman 1:2.1.9-1 (unimportant)
 	NOTE: https://mail.python.org/pipermail/mailman-announce/2006-September/000087.html
 	NOTE: not exploitable
-CVE-2006-2190
+CVE-2006-2190 (Cross-site scripting (XSS) vulnerability in ow-shared.pl in OpenWebMai ...)
 	NOT-FOR-US: OpenWebMail
-CVE-2006-2189
+CVE-2006-2189 (SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 allow ...)
 	NOT-FOR-US: Servous sBLOG
-CVE-2006-2188
+CVE-2006-2188 (Multiple cross-site scripting (XSS) vulnerabilities in CMScout 1.10 an ...)
 	NOT-FOR-US: CMScout
-CVE-2006-2187
+CVE-2006-2187 (Multiple cross-site scripting (XSS) vulnerabilities in zenphoto 1.0.1  ...)
 	NOT-FOR-US: zenphoto
-CVE-2006-2186
+CVE-2006-2186 (zenphoto 1.0.1 beta and earlier allow remote attackers to obtain sensi ...)
 	NOT-FOR-US: zenphoto
-CVE-2006-2185
+CVE-2006-2185 (PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password  ...)
 	NOT-FOR-US: Novell
-CVE-2006-2184
+CVE-2006-2184 (Cross-site scripting (XSS) vulnerability in search.php in PHPKB Knowle ...)
 	NOT-FOR-US: PHPKB Knowledge Base
-CVE-2006-2183
+CVE-2006-2183 (Untrusted search path vulnerability in Truecrypt 4.1, when running sui ...)
 	NOT-FOR-US: Truecrypt
-CVE-2006-2182
+CVE-2006-2182 (Multiple PHP remote file inclusion vulnerabilities in (1) eday.php, (2 ...)
 	NOT-FOR-US: albinator
-CVE-2006-2181
+CVE-2006-2181 (Multiple cross-site scripting (XSS) vulnerabilities in Albinator 2.0.8 ...)
 	NOT-FOR-US: albinator
-CVE-2006-2180
+CVE-2006-2180 (Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers  ...)
 	NOT-FOR-US: Golden FTP Server Pro
-CVE-2006-2179
+CVE-2006-2179 (Multiple SQL injection vulnerabilities in CyberBuild allow remote atta ...)
 	NOT-FOR-US: CyberBuild
-CVE-2006-2178
+CVE-2006-2178 (Multiple cross-site scripting (XSS) vulnerabilities in CyberBuild allo ...)
 	NOT-FOR-US: CyberBuild
-CVE-2006-2177
+CVE-2006-2177 (Cross-site scripting (XSS) vulnerability in viewcat.php in geoBlog 1.0 ...)
 	NOT-FOR-US: geoBlog
-CVE-2006-2176
+CVE-2006-2176 (Multiple cross-site scripting (XSS) vulnerabilities in links.php in PH ...)
 	NOT-FOR-US: PHP Linkliste
-CVE-2006-2175
+CVE-2006-2175 (PHP remote file inclusion vulnerability in FtrainSoft Fast Click 2.3.8 ...)
 	NOT-FOR-US: Fast Click
-CVE-2006-2174
+CVE-2006-2174 (Multiple cross-site scripting (XSS) vulnerabilities in admin/server_da ...)
 	NOT-FOR-US: Virtual Hosting Control System (VHCS)
-CVE-2006-2173
+CVE-2006-2173 (Buffer overflow in FileZilla FTP Server 2.2.22 allows remote authentic ...)
 	NOT-FOR-US: FileZilla FTP Server
-CVE-2006-2172
+CVE-2006-2172 (Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated  ...)
 	NOT-FOR-US: Gene6 FTP Server
-CVE-2006-2171
+CVE-2006-2171 (Buffer overflow in WDM.exe in WarFTPD allows remote attackers to execu ...)
 	NOT-FOR-US: WarFTPD
-CVE-2006-2170
+CVE-2006-2170 (Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers ...)
 	NOT-FOR-US: ArgoSoft FTP Server
-CVE-2006-2169
+CVE-2006-2169 (RT: Request Tracker 3.5.HEAD allows remote attackers to obtain sensiti ...)
 	- request-tracker3.4 <not-affected> (file not included in 3.4)
-CVE-2006-2168
+CVE-2006-2168 (FileProtection Express 1.0.1 and earlier allows remote attackers to by ...)
 	NOT-FOR-US: FileProtection Express
-CVE-2006-2167
+CVE-2006-2167 (Cross-site scripting (XSS) vulnerability in SloughFlash SF-Users 1.0,  ...)
 	NOT-FOR-US: SloughFlash
-CVE-2006-2166
+CVE-2006-2166 (Unspecified vulnerability in the HTTP management interface in Cisco Un ...)
 	NOT-FOR-US: Cisco
-CVE-2006-2165
+CVE-2006-2165 (Multiple cross-site scripting (XSS) vulnerabilities in Avactis Shoppin ...)
 	NOT-FOR-US: Avactis
-CVE-2006-2164
+CVE-2006-2164 (Multiple SQL injection vulnerabilities in Avactis Shopping Cart 0.1.2  ...)
 	NOT-FOR-US: Avactis
-CVE-2006-2163
+CVE-2006-2163 (Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart ...)
 	NOT-FOR-US: Pinnacle
-CVE-2006-2162
+CVE-2006-2162 (Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before ...)
 	{DSA-1072-1}
 	- nagios 2:1.4-1 (bug #366682; bug #366803; medium)
 	- nagios2 2.3-1 (bug #366683; medium)
-CVE-2006-2161
+CVE-2006-2161 (Buffer overflow in (1) TZipBuilder 1.79.03.01, (2) Abakt 0.9.2 and 0.9 ...)
 	NOT-FOR-US: TZipBuilder/Abakt
-CVE-2006-2160
+CVE-2006-2160 (Cross-site scripting (XSS) vulnerability in Russcom Network Loginphp ( ...)
 	NOT-FOR-US: Russcom
-CVE-2006-2159
+CVE-2006-2159 (CRLF injection vulnerability in help.php in Russcom Network Loginphp a ...)
 	NOT-FOR-US: Russcom
-CVE-2006-2158
+CVE-2006-2158 (Dynamic variable evaluation vulnerability in index.php in Stadtaus Gue ...)
 	NOT-FOR-US: Stadtaus
-CVE-2006-2157
+CVE-2006-2157 (SQL injection vulnerability in gallery.php in Plogger Beta 2.1 and ear ...)
 	NOT-FOR-US: Plogger
-CVE-2006-2156
+CVE-2006-2156 (Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and ...)
 	NOT-FOR-US: X7 Chat
-CVE-2006-2155
+CVE-2006-2155 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and ...)
 	NOT-FOR-US: EMC Retrospect
-CVE-2006-2154
+CVE-2006-2154 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and ...)
 	NOT-FOR-US: EMC Retrospect
-CVE-2006-2153
+CVE-2006-2153 (Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin  ...)
 	NOT-FOR-US: DirectAdmin
-CVE-2006-2152
+CVE-2006-2152 (PHP remote file inclusion vulnerability in admin/addentry.php in phpBB ...)
 	NOT-FOR-US: phpBB Advanced Guestbook
-CVE-2006-2151
+CVE-2006-2151 (PHP remote file inclusion vulnerability in toplist.php in phpBB TopLis ...)
 	NOT-FOR-US: phpBB TopList
-CVE-2006-2150
+CVE-2006-2150 (PHP remote file inclusion vulnerability in top/list.php in phpBB TopLi ...)
 	NOT-FOR-US: phpBB TopList
-CVE-2006-2149
+CVE-2006-2149 (PHP remote file inclusion vulnerability in sources/lostpw.php in Aardv ...)
 	NOT-FOR-US: Aardvark Topsites
-CVE-2006-2147
+CVE-2006-2147 (resmgrd in resmgr for SUSE Linux and other distributions does not prop ...)
 	{DSA-1047-1}
 	- resmgr 1.0-4 (low)
-CVE-2006-2146
+CVE-2006-2146 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in HB ...)
 	NOT-FOR-US: HB-NS
-CVE-2006-2145
+CVE-2006-2145 (Multiple SQL injection vulnerabilities in index.php in HB-NS 1.1.6 all ...)
 	NOT-FOR-US: HB-NS
-CVE-2006-2144
+CVE-2006-2144 (PHP remote file inclusion vulnerability in kopf.php in DMCounter 0.9.2 ...)
 	NOT-FOR-US: DMCounter
-CVE-2006-2143
+CVE-2006-2143 (Multiple cross-site scripting (XSS) vulnerabilities in TextFileBB 1.0. ...)
 	NOT-FOR-US: TextFileBB
-CVE-2006-2142
+CVE-2006-2142 (PHP remote file inclusion vulnerability in classes/adodbt/sql.php in L ...)
 	NOT-FOR-US: Limbo
-CVE-2006-2141
+CVE-2006-2141 (Cross-site scripting (XSS) vulnerability in popup_image in Collaborati ...)
 	NOT-FOR-US: Collaborative Portal Server
-CVE-2006-2140
+CVE-2006-2140 (Multiple cross-site scripting (XSS) vulnerabilities in OrbitHYIP 2.0 a ...)
 	NOT-FOR-US: OrbitHYIP
-CVE-2006-2139
+CVE-2006-2139 (Multiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow  ...)
 	NOT-FOR-US: PHP Newsfeed
-CVE-2006-2138
+CVE-2006-2138 (Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.29 ...)
 	NOT-FOR-US: NeoMail
-CVE-2006-2137
+CVE-2006-2137 (PHP remote file inclusion vulnerability in master.php in OpenPHPNuke a ...)
 	NOT-FOR-US: OpenPHPNuke
-CVE-2006-2136
+CVE-2006-2136 (SQL injection vulnerability in news.php in AZNEWS allows remote attack ...)
 	NOT-FOR-US: AZNEWS
-CVE-2006-2135
+CVE-2006-2135 (SQL injection vulnerability in login.php in Ruperts News allows remote ...)
 	NOT-FOR-US: Ruperts News
-CVE-2006-2134
+CVE-2006-2134 (PHP remote file inclusion vulnerability in /includes/kb_constants.php  ...)
 	NOT-FOR-US: phpbb2 mod
-CVE-2006-2148
+CVE-2006-2148 (Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 ...)
 	{DSA-1052-1}
 	- cgiirc 0.5.9-1 (bug #365680; medium)
 	[sarge] - cgiirc 0.5.4-6sarge1 (bug #365680; medium)
-CVE-2006-2133
+CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and e ...)
 	NOT-FOR-US: BoonEx Barracuda
-CVE-2006-2132
+CVE-2006-2132 (SQL injection vulnerability in detail.asp in DUclassified allows remot ...)
 	NOT-FOR-US: DUclassified
-CVE-2006-2131
+CVE-2006-2131 (include/class_poll.php in Advanced Poll 2.0.4 uses the HTTP_X_FORWARDE ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2006-2130
+CVE-2006-2130 (SQL injection vulnerability in include/class_poll.php in Advanced Poll ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2006-2129
+CVE-2006-2129 (Direct static code injection vulnerability in Pro Publish 2.0 allows r ...)
 	NOT-FOR-US: Pro Publish
-CVE-2006-2128
+CVE-2006-2128 (Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote ...)
 	NOT-FOR-US: Pro Publish
-CVE-2006-2127
+CVE-2006-2127 (SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2.x al ...)
 	NOT-FOR-US: Blog Mod
-CVE-2006-2126
+CVE-2006-2126 (SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and  ...)
 	NOT-FOR-US: MaxTrade
 CVE-2006-2125
 	REJECTED
-CVE-2006-2124
+CVE-2006-2124 (Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and ...)
 	NOT-FOR-US: SunShop
-CVE-2006-2123
+CVE-2006-2123 (Multiple SQL injection vulnerabilities in the report interface in Netw ...)
 	NOT-FOR-US: Network Administration Visualiazed
-CVE-2006-2122
+CVE-2006-2122 (PHP remote file inclusion vulnerability in index.php in CoolMenus allo ...)
 	NOT-FOR-US: CoolMenus
-CVE-2006-2121
+CVE-2006-2121 (PHP remote file include vulnerability in admin/config_settings.tpl.php ...)
 	NOT-FOR-US: I-RATER Platinum
-CVE-2006-2120
+CVE-2006-2120 (The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers ...)
 	{DSA-1078-1}
 	- tiff 3.8.1 (bug #366588; medium)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-2119
+CVE-2006-2119 (PHP remote file inclusion vulnerability in event/index.php in Artmedic ...)
 	NOT-FOR-US: Artmedic
-CVE-2006-2118
+CVE-2006-2118 (JMK's Picture Gallery allows remote attackers to bypass authentication ...)
 	NOT-FOR-US: JMK
-CVE-2006-2117
+CVE-2006-2117 (Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote at ...)
 	NOT-FOR-US: Thyme
-CVE-2006-2116
+CVE-2006-2116 (planetGallery allows remote attackers to gain administrator privileges ...)
 	NOT-FOR-US: planetGallery
-CVE-2006-2115
+CVE-2006-2115 (Format string vulnerability in SWS web Server 0.1.7 allows remote atta ...)
 	NOT-FOR-US: SWS
-CVE-2006-2114
+CVE-2006-2114 (Buffer overflow in SWS web Server 0.1.7 allows remote attackers to exe ...)
 	NOT-FOR-US: SWS
-CVE-2006-2113
+CVE-2006-2113 (The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print e ...)
 	NOT-FOR-US: Fuji Xerox Printing Systems
-CVE-2006-2112
+CVE-2006-2112 (Fuji Xerox Printing Systems (FXPS) print engine, as used in products i ...)
 	NOT-FOR-US: Fuji Xerox Printing Systems
-CVE-2006-2111
+CVE-2006-2111 (A component in Microsoft Outlook Express 6 allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-2110
+CVE-2006-2110 (Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x bef ...)
 	{DSA-1060-1}
 	- kernel-patch-vserver 2:2.0.1-4 (low)
 	- linux-2.6 2.6.16-11 (low)
-CVE-2006-2109
+CVE-2006-2109 (Cross-site scripting (XSS) vulnerability in the parse_query_str functi ...)
 	NOTE: #357204: request for removal
 	- jsboard 2.0.10-2 (bug #368305; low)
-CVE-2006-2108
+CVE-2006-2108 (parser.exe in Oc&#233; (OCE) 3121/3122 Printer allows remote attackers ...)
 	NOT-FOR-US: OCE
-CVE-2006-2107
+CVE-2006-2107 (Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote att ...)
 	NOT-FOR-US: BL4
-CVE-2006-2106
+CVE-2006-2106 (Cross-site scripting (XSS) vulnerability in Edgewall Software Trac 0.9 ...)
 	- trac 0.9.5-1 (medium)
 	[sarge] - trac <unfixed> (medium)
 	NOTE: http://trac.edgewall.org/changeset/3201
@@ -11561,299 +11561,299 @@ CVE-2006-2106
 	NOTE: the second reference fixes a regression in the first. i *believe*
 	NOTE: that these correctly solve the problem, though we really ought
 	NOTE: to run this by upstream or the reporter.
-CVE-2006-2105
+CVE-2006-2105 (Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 an ...)
 	NOT-FOR-US: Jupiter
-CVE-2006-2104
+CVE-2006-2104 (Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email  ...)
 	NOT-FOR-US: Kamgaing
-CVE-2006-2103
+CVE-2006-2103 (SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows rem ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-2102
+CVE-2006-2102 (Directory traversal vulnerability in PowerISO 2.9 allows remote attack ...)
 	NOT-FOR-US: PowerISO
-CVE-2006-2101
+CVE-2006-2101 (Directory traversal vulnerability in WinISO 5.3 allows remote attacker ...)
 	NOT-FOR-US: WinISO
-CVE-2006-2100
+CVE-2006-2100 (Directory traversal vulnerability in Magic ISO 5.0 Build 0166 allows r ...)
 	NOT-FOR-US: Magic ISO
-CVE-2006-2099
+CVE-2006-2099 (Directory traversal vulnerability in UltraISO 8.0.0.1392 allows remote ...)
 	NOT-FOR-US: UltraISO
-CVE-2006-2098
+CVE-2006-2098 (PHP remote file inclusion vulnerability in Thumbnail AutoIndex before  ...)
 	NOT-FOR-US: Thumbnail AutoIndex
-CVE-2006-2097
+CVE-2006-2097 (SQL injection vulnerability in func_msg.php in Invision Power Board (I ...)
 	NOT-FOR-US: Invision
-CVE-2006-2096
+CVE-2006-2096 (plug.php in Land Down Under (LDU) 802 and earlier allows remote attack ...)
 	NOT-FOR-US: LDU
-CVE-2006-2095
+CVE-2006-2095 (Phex before 2.8.6 allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Phex
-CVE-2006-2094
+CVE-2006-2094 (Microsoft Internet Explorer before Windows XP Service Pack 2 and Windo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-2093
+CVE-2006-2093 (Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attack ...)
 	- libnasl 2.2.8-1 (bug #365898; low)
 	[sarge] - libnasl <no-dsa> (Hardly exploitable, see #365898)
-CVE-2006-2092
+CVE-2006-2092 (Unspecified vulnerability in HP StorageWorks Secure Path for Windows 4 ...)
 	NOT-FOR-US: HP
-CVE-2006-2091
+CVE-2006-2091 (admin.php in Virtual War (VWar) 1.5 and versions before 1.2 allows rem ...)
 	NOT-FOR-US: Virtual War
-CVE-2006-2090
+CVE-2006-2090 (Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x  ...)
 	NOT-FOR-US: MySmartBB
-CVE-2006-2089
+CVE-2006-2089 (Multiple cross-site scripting (XSS) vulnerabilities in misc.php in MyS ...)
 	NOT-FOR-US: OpenBB
-CVE-2006-2088
+CVE-2006-2088 (Multiple cross-site scripting (XSS) vulnerabilities in Devsyn Open Bul ...)
 	NOT-FOR-US: OpenBB
-CVE-2006-2087
+CVE-2006-2087 (The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote ...)
 	NOT-FOR-US: Hitachi Groupmax
-CVE-2006-2086
+CVE-2006-2086 (Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx b ...)
 	NOT-FOR-US: juniper SSL-VPN
-CVE-2006-2085
+CVE-2006-2085 (Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in S ...)
 	NOT-FOR-US: SpeedProject Squeez
-CVE-2006-2084
+CVE-2006-2084 (Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 ...)
 	NOT-FOR-US: FarsiNews
-CVE-2006-2083
+CVE-2006-2083 (Integer overflow in the receive_xattr function in the extended attribu ...)
 	- rsync 2.6.8-1 (bug #365614; high)
 	[sarge] - rsync <not-affected> (xattr patch appeared in 2.6.7)
 	[woody] - rsync <not-affected> (xattr patch appeared in 2.6.7)
-CVE-2006-2082
+CVE-2006-2082 (Directory traversal vulnerability in Quake 3 engine, as used in produc ...)
 	- ioquake3 1.36+svn1788j-1
 	- tremulous 1.1.0-6 (bug #660831)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2006-2081
+CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to execute arb ...)
 	NOT-FOR-US: Oracle
-CVE-2006-2080
+CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in Verosky Me ...)
 	NOT-FOR-US: Verosky
-CVE-2006-2079
+CVE-2006-2079 (Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky M ...)
 	NOT-FOR-US: Verosky
-CVE-2006-2078
+CVE-2006-2078 (Multiple unspecified vulnerabilities in multiple FITELnet products, in ...)
 	NOT-FOR-US: FITELnet
-CVE-2006-2077
+CVE-2006-2077 (Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact ...)
 	- pdnsd 1.2.4par-0.1 (bug #368268; medium)
-CVE-2006-2076
+CVE-2006-2076 (Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote attacker ...)
 	- pdnsd 1.2.4par-0.1 (bug #368268; medium)
-CVE-2006-2075
+CVE-2006-2075 (Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to ca ...)
 	[sarge] - mydns 1.0.0-4sarge1
 	- mydns 1.1.0+pre-3 (medium; bug #348826)
-CVE-2006-2074
+CVE-2006-2074 (Unspecified vulnerability in Juniper Networks JUNOSe E-series routers  ...)
 	NOT-FOR-US: Juniper Networks JUNOSe
-CVE-2006-2073
+CVE-2006-2073 (Unspecified vulnerability in ISC BIND allows remote attackers to cause ...)
 	- bind9 1:9.3.3-1 (low)
 	NOTE: Only exploitable by trusted users after TSIG transaction
 	NOTE: https://lists.isc.org/pipermail/bind-users/2011-October/085298.html
-CVE-2006-2072
+CVE-2006-2072 (Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and  ...)
 	NOT-FOR-US: DeleGate
-CVE-2006-2071
+CVE-2006-2071 (Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass ...)
 	- linux-2.6 2.6.16-8
-CVE-2006-2070
+CVE-2006-2070 (Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0  ...)
 	NOT-FOR-US: DevBB
-CVE-2006-2069
+CVE-2006-2069 (The recursor in PowerDNS before 3.0.1 allows remote attackers to cause ...)
 	- pdns-recursor 3.0.1-1 (medium)
-CVE-2006-2068
+CVE-2006-2068 (Unspecified vulnerability in Hitachi JP1 products allow remote attacke ...)
 	NOT-FOR-US: Hitachi JP1
-CVE-2006-2067
+CVE-2006-2067 (SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, ...)
 	NOT-FOR-US: MKPortal
-CVE-2006-2066
+CVE-2006-2066 (Multiple cross-site scripting (XSS) vulnerabilities pm_popup.php in MK ...)
 	NOT-FOR-US: MKPortal
-CVE-2006-2065
+CVE-2006-2065 (SQL injection vulnerability in save.php in PHPSurveyor 0.995 and earli ...)
 	NOT-FOR-US: PHPSurveyor
-CVE-2006-2064
+CVE-2006-2064 (Unspecified vulnerability in the libpkcs11 library in Sun Solaris 10 m ...)
 	NOT-FOR-US: Sun
-CVE-2006-2063
+CVE-2006-2063 (Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full  ...)
 	NOT-FOR-US: Leadhound
-CVE-2006-2062
+CVE-2006-2062 (Multiple SQL injection vulnerabilities in Leadhound Full and LITE 2.1, ...)
 	NOT-FOR-US: Leadhound
-CVE-2006-2061
+CVE-2006-2061 (SQL injection vulnerability in lib/func_taskmanager.php in Invision Po ...)
 	NOT-FOR-US: Invision
-CVE-2006-2060
+CVE-2006-2060 (Directory traversal vulnerability in action_admin/paysubscriptions.php ...)
 	NOT-FOR-US: Invision
-CVE-2006-2059
+CVE-2006-2059 (action_public/search.php in Invision Power Board (IPB) 2.1.x and 2.0.x ...)
 	NOT-FOR-US: Invision
-CVE-2006-2058
+CVE-2006-2058 (Argument injection vulnerability in Avant Browser 10.1 Build 17 allows ...)
 	NOT-FOR-US: Avant
-CVE-2006-2057
+CVE-2006-2057 (Argument injection vulnerability in Mozilla Firefox 1.0.6 allows user- ...)
 	NOT-FOR-US: Only on Windows
-CVE-2006-2056
+CVE-2006-2056 (Argument injection vulnerability in Internet Explorer 6 for Windows XP ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-2055
+CVE-2006-2055 (Argument injection vulnerability in Microsoft Outlook 2003 SP1 allows  ...)
 	NOT-FOR-US: Micrsoft Outlook
-CVE-2006-2054
+CVE-2006-2054 (3Com Baseline Switch 2848-SFP Plus Model #3C16486 with firmware before ...)
 	NOT-FOR-US: 3Com
-CVE-2006-2053
+CVE-2006-2053 (Multiple SQL injection vulnerabilities in QuickEStore 7.9 and earlier  ...)
 	NOT-FOR-US: QuickEStore
-CVE-2006-2052
+CVE-2006-2052 (Cross-site scripting (XSS) vulnerability in Verosky Media Instant Phot ...)
 	NOT-FOR-US: Verosky
-CVE-2006-2051
+CVE-2006-2051 (Multiple cross-site scripting (XSS) vulnerabilities in myadmin/index.p ...)
 	NOT-FOR-US: NextAge
-CVE-2006-2050
+CVE-2006-2050 (SQL injection vulnerability in dcboard.cgi in DCScripts DCForumLite 3. ...)
 	NOT-FOR-US: DCScripts
-CVE-2006-2049
+CVE-2006-2049 (Cross-site scripting (XSS) vulnerability in dcboard.cgi in DCScripts D ...)
 	NOT-FOR-US: DCScripts
-CVE-2006-2048
+CVE-2006-2048 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ed ...)
 	NOT-FOR-US: phpWebFTP
-CVE-2006-2047
+CVE-2006-2047 (Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allows  ...)
 	NOT-FOR-US: ColdFusion
-CVE-2006-2046
+CVE-2006-2046 (Multiple SQL injection vulnerabilities in Application Dynamics Cartwea ...)
 	NOT-FOR-US: ColdFusion
-CVE-2006-2045
+CVE-2006-2045 (The (1) shadow password file in na-img-4.0.34.bin for the IP3 Networks ...)
 	NOT-FOR-US: IP3
-CVE-2006-2044
+CVE-2006-2044 (na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has a default us ...)
 	NOT-FOR-US: IP3
-CVE-2006-2043
+CVE-2006-2043 (na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 allows local use ...)
 	NOT-FOR-US: IP3
-CVE-2006-2042
+CVE-2006-2042 (Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that al ...)
 	NOT-FOR-US: Adobe
-CVE-2006-2041
+CVE-2006-2041 (PhpWebGallery before 1.6.0RC1 allows remote attackers to obtain arbitr ...)
 	NOT-FOR-US: PhpWebGallery
-CVE-2006-2040
+CVE-2006-2040 (Multiple SQL injection vulnerabilities in photokorn 1.53 and 1.542 all ...)
 	NOT-FOR-US: photokorn
-CVE-2006-2039
+CVE-2006-2039 (Multiple SQL injection vulnerabilities in the osTicket module in Help  ...)
 	NOT-FOR-US: Help Center Live
-CVE-2006-2038
+CVE-2006-2038 (Multiple SQL injection vulnerabilities in ampleShop 2.1 and earlier al ...)
 	NOT-FOR-US: ampleShop
-CVE-2006-2037
+CVE-2006-2037 (Cross-site scripting (XSS) vulnerability in index.php in Thwboard 3.0  ...)
 	NOT-FOR-US: Thwboard
-CVE-2006-2036
+CVE-2006-2036 (iOpus Secure Email Attachments (SEA), probably 1.0, does not properly  ...)
 	NOT-FOR-US: iOpus
-CVE-2006-2035
+CVE-2006-2035 (Websense, when configured to permit access to the dynamic content cate ...)
 	NOT-FOR-US: Websense
-CVE-2006-2034
+CVE-2006-2034 (SQL injection vulnerability in function/showprofile.php in FlexBB 0.5. ...)
 	NOT-FOR-US: FlexBB
-CVE-2006-2033
+CVE-2006-2033 (PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and ear ...)
 	NOT-FOR-US: Core
-CVE-2006-2032
+CVE-2006-2032 (Multiple SQL injection vulnerabilities in Core CoreNews 2.0.1 and earl ...)
 	NOT-FOR-US: Core
-CVE-2006-2031
+CVE-2006-2031 (Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2. ...)
 	- phpmyadmin 4:2.8.1-1 (bug #363519; low)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-2030
+CVE-2006-2030 (The Allied Telesyn AT-9724TS switch allows remote attackers to cause a ...)
 	NOT-FOR-US: Allied Telesyn
-CVE-2006-2029
+CVE-2006-2029 (Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9. ...)
 	NOT-FOR-US: Simplog
-CVE-2006-2028
+CVE-2006-2028 (Cross-site scripting (XSS) vulnerability in imagelist.php in Jeremy As ...)
 	NOT-FOR-US: Simplog
-CVE-2006-2027
+CVE-2006-2027 (Buffer overflow in Unicode processing in the logging functionality in  ...)
 	NOT-FOR-US: Pablo Software
-CVE-2006-2026
+CVE-2006-2026 (Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows ...)
 	{DSA-1054-1}
 	[sarge] - tiff 3.7.2-3sarge1
 	[woody] - tiff 3.5.5-7woody1
 	- tiff 3.8.1
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-2025
+CVE-2006-2025 (Integer overflow in the TIFFFetchData function in tif_dirread.c for li ...)
 	{DSA-1054-1}
 	[sarge] - tiff 3.7.2-3sarge1
 	[woody] - tiff 3.5.5-7woody1
 	- tiff 3.8.1
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-2024
+CVE-2006-2024 (Multiple vulnerabilities in libtiff before 3.8.1 allow context-depende ...)
 	{DSA-1054-1}
 	[sarge] - tiff 3.7.2-3sarge1
 	[woody] - tiff 3.5.5-7woody1
 	- tiff 3.8.1
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2006-2023
+CVE-2006-2023 (Integer overflow in the RTSP_msg_len function in rtsp/RTSP_msg_len.c i ...)
 	NOT-FOR-US: Fenice
-CVE-2006-2022
+CVE-2006-2022 (Buffer overflow in the parse_url function in the RTSP module (rtsp/par ...)
 	NOT-FOR-US: Fenice
-CVE-2006-2021
+CVE-2006-2021 (Absolute path traversal vulnerability in recordings/misc/audio.php in  ...)
 	NOT-FOR-US: Asterisk@Home
-CVE-2006-2020
+CVE-2006-2020 (Asterisk Recording Interface (ARI) in Asterisk@Home before 2.8 stores  ...)
 	NOT-FOR-US: Asterisk@Home
-CVE-2006-2019
+CVE-2006-2019 (Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows ...)
 	NOT-FOR-US: Apple
 CVE-2006-XXXX [librsvg2 crash on certain svg files]
 	- librsvg 2.14.3-2 (bug #361653; bug #361540; medium)
-CVE-2006-2018
+CVE-2006-2018 (SQL injection vulnerability in calendar.php in vBulletin 3.0.x allows  ...)
 	NOT-FOR-US: vBulletin
-CVE-2006-2017
+CVE-2006-2017 (Dnsmasq 2.29 allows remote attackers to cause a denial of service (app ...)
 	- dnsmasq 2.30-1 (medium)
 	[sarge] - dnsmasq <not-affected> (Vulnerability was introduced in 2.28)
-CVE-2006-2016
+CVE-2006-2016 (Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin 0. ...)
 	{DSA-1057-1}
 	- phpldapadmin 0.9.8.3-1 (bug #365313; low)
 	- egroupware 1.2-104.dfsg-1 (bug #365314; low)
 	NOTE: egroupware 1.2-1.dfsg-1 dropped phpldapadmin
-CVE-2006-2015
+CVE-2006-2015 (Cross-site scripting (XSS) vulnerability in SL_site 1.0 allows remote  ...)
 	NOT-FOR-US: SL_site
-CVE-2006-2014
+CVE-2006-2014 (Directory traversal vulnerability in gallerie.php in SL_site 1.0 allow ...)
 	NOT-FOR-US: SL_site
-CVE-2006-2013
+CVE-2006-2013 (SQL injection vulnerability in page.php in SL_site 1.0 allows remote a ...)
 	NOT-FOR-US: SL_site
-CVE-2006-2012
+CVE-2006-2012 (Format string vulnerability in Skulltag 0.96f and earlier allows remot ...)
 	NOT-FOR-US: Skulltag
-CVE-2006-2011
+CVE-2006-2011 (Cross-site scripting (XSS) vulnerability in member.php in 4images 1.7  ...)
 	NOT-FOR-US: 4images
-CVE-2006-2010
+CVE-2006-2010 (Multiple SQL injection vulnerabilities in check_login.asp in Bloggage  ...)
 	NOT-FOR-US: Bloggage
-CVE-2006-2009
+CVE-2006-2009 (PHP remote file inclusion vulnerability in agenda.php3 in phpMyAgenda  ...)
 	NOT-FOR-US: phpMyAgenda
-CVE-2006-2008
+CVE-2006-2008 (PHP remote file inclusion vulnerability in movie_cls.php in Built2Go P ...)
 	NOT-FOR-US: Built2Go
-CVE-2006-2007
+CVE-2006-2007 (Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote ...)
 	NOT-FOR-US: Winny
-CVE-2006-2006
+CVE-2006-2006 (Multiple directory traversal vulnerabilities in IZArc Archiver 3.5 bet ...)
 	NOT-FOR-US: IZArc Archiver
-CVE-2006-2005
+CVE-2006-2005 (Eval injection vulnerability in index.php in ClanSys 1.1 allows remote ...)
 	NOT-FOR-US: ClanSys
-CVE-2006-2004
+CVE-2006-2004 (Multiple SQL injection vulnerabilities in RI Blog 1.1 allow remote att ...)
 	NOT-FOR-US: RI Blog
-CVE-2006-2003
+CVE-2006-2003 (Cross-site scripting (XSS) vulnerability in cgi-bin/guest in Community ...)
 	NOT-FOR-US: Community Architect Guestbook
-CVE-2006-2002
+CVE-2006-2002 (PHP remote file inclusion vulnerability in stats.php in MyGamingLadder ...)
 	NOT-FOR-US: MyGamingLadder
-CVE-2006-2001
+CVE-2006-2001 (Cross-site scripting (XSS) vulnerability in index.php in Scry Gallery  ...)
 	NOT-FOR-US: Scry Gallery
-CVE-2006-2000
+CVE-2006-2000 (Cross-site scripting (XSS) vulnerability in /lms/a2z.jsp in logMethods ...)
 	NOT-FOR-US: logMethods
-CVE-2006-1999
+CVE-2006-1999 (The multiplayer menu in OpenTTD 0.4.7 allows remote attackers to cause ...)
 	NOT-FOR-US: OpenTTD
-CVE-2006-1998
+CVE-2006-1998 (OpenTTD 0.4.7 and earlier allows local users to cause a denial of serv ...)
 	NOT-FOR-US: OpenTTD
-CVE-2006-1997
+CVE-2006-1997 (Unspecified vulnerability in Sybase Pylon Anywhere groupware synchroni ...)
 	NOT-FOR-US: Sybase Pylon Anywhere
-CVE-2006-1996
+CVE-2006-1996 (Scry Gallery 1.1 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Scry Gallery
-CVE-2006-1995
+CVE-2006-1995 (Directory traversal vulnerability in index.php in Scry Gallery 1.1 all ...)
 	NOT-FOR-US: Scry Gallery
-CVE-2006-1994
+CVE-2006-1994 (PHP remote file inclusion vulnerability in dForum 1.5 and earlier allo ...)
 	NOT-FOR-US: dForum
-CVE-2006-1992
+CVE-2006-1992 (mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, all ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-1991
+CVE-2006-1991 (The substr_compare function in string.c in PHP 5.1.2 allows context-de ...)
 	- php4 <not-affected> (substr_compare does not exist in PHP 4.4.2)
 	- php5 5.1.4-0.1 (bug #365312; medium)
-CVE-2006-1990
+CVE-2006-1990 (Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and ...)
 	- php4 4:4.4.2-1.1 (bug #365311; unimportant)
 	- php5 5.1.4-0.1 (bug #365312; unimportant)
 	NOTE: This could only be exploited by a malicious, local user, which is an
 	NOTE: unsupported use case
-CVE-2006-1989
+CVE-2006-1989 (Buffer overflow in the get_database function in the HTTP client in Fre ...)
 	{DSA-1050-1}
 	- clamav 0.88.2
 	[sarge] - clamav 0.84-2.sarge.9
-CVE-2006-1988
+CVE-2006-1988 (The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function  ...)
 	NOT-FOR-US: Apple Safari
 	NOTE: PoC exploit does not work with konqueror 4:3.5.2-2
-CVE-2006-1987
+CVE-2006-1987 (Apple Safari 2.0.3 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Apple Safari
 	NOTE: PoC exploit does not work with konqueror 4:3.5.2-2
-CVE-2006-1986
+CVE-2006-1986 (Apple Safari 2.0.3 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Apple Safari
 	NOTE: PoC exploit does not work with konqueror 4:3.5.2-2
-CVE-2006-1985
+CVE-2006-1985 (Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 31 ...)
 	NOT-FOR-US: BOMArchiveHelper
-CVE-2006-1984
+CVE-2006-1984 (Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X ...)
 	NOT-FOR-US: Mac OS X
-CVE-2006-1983
+CVE-2006-1983 (Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier al ...)
 	NOT-FOR-US: Mac OS X
-CVE-2006-1982
+CVE-2006-1982 (Heap-based buffer overflow in the LZWDecodeVector function in Mac OS X ...)
 	NOT-FOR-US: Mac OS X
-CVE-2006-1981
+CVE-2006-1981 (Unspecified vulnerability in Java InputMethods on Mac OS X 10.4.5 may  ...)
 	NOT-FOR-US: Mac OS X
-CVE-2006-1980
+CVE-2006-1980 (Cross-site scripting (XSS) vulnerability in W2B Online Banking allows  ...)
 	NOT-FOR-US: W2B Online Banking
-CVE-2006-1979
+CVE-2006-1979 (Cross-site scripting (XSS) vulnerability in mwguest.php in Manic Web M ...)
 	NOT-FOR-US: Manic Web MWGuest
-CVE-2006-1978
+CVE-2006-1978 (SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earli ...)
 	NOT-FOR-US: FlexBB
-CVE-2006-1977
+CVE-2006-1977 (Cross-site scripting (XSS) vulnerability in FlexBB 0.5.7 BETA and earl ...)
 	NOT-FOR-US: FlexBB
-CVE-2006-1993
+CVE-2006-1993 (Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote att ...)
 	{DSA-1055-1 DSA-1053-1}
 	- firefox 1.5.dfsg+1.5.0.3-1 (bug #364810; high)
 	- mozilla <removed> (high)
@@ -11862,319 +11862,319 @@ CVE-2006-XXXX [typo3 mailforms can be abused to send spam]
 	- typo3-src 4.0.2-1 (bug #364350)
 CVE-2006-XXXX [moinmoin XSS]
 	- moin 1.5.3-1
-CVE-2006-1976
+CVE-2006-1976 (Cross-site scripting (XSS) vulnerability in addRequest.php in Prayer R ...)
 	NOT-FOR-US: Prayer Request Board
-CVE-2006-1975
+CVE-2006-1975 (Cross-site scripting (XSS) vulnerability in guestbook_newentry.php in  ...)
 	NOT-FOR-US: PHP-Gastebuch
-CVE-2006-1974
+CVE-2006-1974 (SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) bef ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1973
+CVE-2006-1973 (Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router all ...)
 	NOT-FOR-US: Linksys router
-CVE-2006-1972
+CVE-2006-1972 (Cross-site scripting (XSS) vulnerability in EasyGallery.php in Wingnut ...)
 	NOT-FOR-US: EasyGallery
-CVE-2006-1971
+CVE-2006-1971 (Cross-site scripting (XSS) vulnerability in login.php in KRANKIKOM Con ...)
 	NOT-FOR-US: KRANKIKOM ContentBoxX
-CVE-2006-1970
+CVE-2006-1970 (Cross-site scripting (XSS) vulnerability in classifieds/viewcat.cgi in ...)
 	NOT-FOR-US: KCScripts Classifieds
-CVE-2006-1969
+CVE-2006-1969 (Cross-site scripting (XSS) vulnerability in search/search.cgi in an un ...)
 	NOT-FOR-US: KCScripts
-CVE-2006-1968
+CVE-2006-1968 (Cross-site scripting (XSS) vulnerability in news/NsVisitor.cgi in KCSc ...)
 	NOT-FOR-US: KCScripts
-CVE-2006-1967
+CVE-2006-1967 (Cross-site scripting (XSS) vulnerability in calendar/Visitor.cgi in KC ...)
 	NOT-FOR-US: KCScripts
-CVE-2006-1966
+CVE-2006-1966 (An unspecified Fortinet product, possibly Fortinet28, allows remote at ...)
 	NOT-FOR-US: Fortinet
-CVE-2006-1965
+CVE-2006-1965 (Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net  ...)
 	NOT-FOR-US: Net Clubs Pro
-CVE-2006-1964
+CVE-2006-1964 (SQL injection vulnerability in Haberler.asp in ASPSitem 1.83 and earli ...)
 	NOT-FOR-US: ASPSitem
-CVE-2006-1963
+CVE-2006-1963 (Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and  ...)
 	NOT-FOR-US: PCPIN Chat
-CVE-2006-1962
+CVE-2006-1962 (SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier allows rem ...)
 	NOT-FOR-US: PCPIN Chat
-CVE-2006-1961
+CVE-2006-1961 (Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express  ...)
 	NOT-FOR-US: Cisco
-CVE-2006-1960
+CVE-2006-1960 (Cross-site scripting (XSS) vulnerability in the appliance web user int ...)
 	NOT-FOR-US: Cisco
-CVE-2006-1959
+CVE-2006-1959 (PHP remote file inclusion vulnerability in direct.php in ActualScripts ...)
 	NOT-FOR-US: ActualScripts ActualAnalyzer Lite
-CVE-2006-1958
+CVE-2006-1958 (Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote ...)
 	NOT-FOR-US: WWWThreads
-CVE-2006-1957
+CVE-2006-1957 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remot ...)
 	- mambo 4.6.1-4 (bug #364769; medium)
-CVE-2006-1956
+CVE-2006-1956 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remot ...)
 	- mambo 4.6.1-4 (bug #364769; medium)
-CVE-2006-1955
+CVE-2006-1955 (PHP remote file inclusion vulnerability in authent.php4 in Nicolas Fis ...)
 	NOT-FOR-US: RechnungsZentrale
-CVE-2006-1954
+CVE-2006-1954 (SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka NF ...)
 	NOT-FOR-US: RechnungsZentrale
-CVE-2006-1953
+CVE-2006-1953 (Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 fo ...)
 	NOT-FOR-US: Caucho
-CVE-2006-1952
+CVE-2006-1952 (Directory traversal vulnerability in WinAgents TFTP Server for Windows ...)
 	NOT-FOR-US: WinAgents TFTP Server for Windows
-CVE-2006-1951
+CVE-2006-1951 (Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and ea ...)
 	NOT-FOR-US: SolarWinds TFTP Server
-CVE-2006-1950
+CVE-2006-1950 (Multiple cross-site scripting (XSS) vulnerabilities in banners.cgi in  ...)
 	NOT-FOR-US: PerlCoders BannerFarm
-CVE-2006-1949
+CVE-2006-1949 (SQL injection vulnerability in plexcart.pl in NicPlex PlexCart X3 and  ...)
 	NOT-FOR-US: NicPlex PlexCart
-CVE-2006-1948
+CVE-2006-1948 (The "Add Sender to Address Book" operation (AddSenderToAddressBook.lss ...)
 	NOT-FOR-US: Lotus Notes
-CVE-2006-1947
+CVE-2006-1947 (Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum ...)
 	NOT-FOR-US: NicPlex PlexCart
-CVE-2006-1946
+CVE-2006-1946 (Multiple cross-site scripting (XSS) vulnerabilities in Visale 1.0 and  ...)
 	NOT-FOR-US: Visale
-CVE-2006-1945
+CVE-2006-1945 (Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5  ...)
 	{DSA-1075-1}
 	- awstats 6.5-2 (bug #364443; medium)
 	NOTE: this might be the same core issue as CVE-2005-2732
-CVE-2006-1944
+CVE-2006-1944 (Multiple cross-site scripting (XSS) vulnerabilities in SibSoft Communi ...)
 	NOT-FOR-US: SibSoft CommuniMail
-CVE-2006-1943
+CVE-2006-1943 (Multiple cross-site scripting (XSS) vulnerabilities in Smarter Scripts ...)
 	NOT-FOR-US: Smarter Scripts IntelliLink Pro
-CVE-2006-1942
+CVE-2006-1942 (Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Ne ...)
 	{DSA-1134-1 DSA-1120 DSA-1118}
 	NOTE: MFSA-2006-39
 	- firefox 1.5.dfsg+1.5.0.4-1 (low)
 	- thunderbird <not-affected> (Windows-specific)
 	- mozilla 2:1.7.13-0.3 (low)
 	- xulrunner <not-affected> (Windows-specific)
-CVE-2006-1941
+CVE-2006-1941 (Neon Responder 5.4 for LANsurveyor allows remote attackers to cause a  ...)
 	NOT-FOR-US: Neon Responder
-CVE-2006-1940
+CVE-2006-1940 (Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows remo ...)
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1939
+CVE-2006-1939 (Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 a ...)
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1938
+CVE-2006-1938 (Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 a ...)
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1937
+CVE-2006-1937 (Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14  ...)
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1936
+CVE-2006-1936 (Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attacker ...)
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1935
+CVE-2006-1935 (Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote attacke ...)
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1934
+CVE-2006-1934 (Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remot ...)
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1933
+CVE-2006-1933 (Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14  ...)
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1932
+CVE-2006-1932 (Off-by-one error in the OID printing routine in Ethereal 0.10.x up to  ...)
 	{DSA-1049-1}
 	- ethereal 0.99.0-1 (bug #364758; medium)
 	[sarge] - ethereal 0.10.10-2sarge5 (bug #364758; medium)
 	[woody] - ethereal 0.9.4-1woody15 (bug #364758; medium)
-CVE-2006-1931
+CVE-2006-1931 (The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, whi ...)
 	{DSA-1157}
 	NOTE: the redhat bugzilla entry says this is fixed in 1.8.3
 	- ruby1.8 1.8.3 (bug #365520)
 CVE-2006-1930
 	NOT-FOR-US: Green Minute
-CVE-2006-1929
+CVE-2006-1929 (PHP remote file inclusion vulnerability in include/common.php in I-Rat ...)
 	NOT-FOR-US: I-Rater Platinum
-CVE-2006-1928
+CVE-2006-1928 (Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS ...)
 	NOT-FOR-US: Cisco
-CVE-2006-1927
+CVE-2006-1927 (Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS ...)
 	NOT-FOR-US: Cisco
-CVE-2006-1926
+CVE-2006-1926 (SQL injection vulnerability in showtopic.php in ThWboard 2.84 beta 3 a ...)
 	NOT-FOR-US: ThWboard
-CVE-2006-1925
+CVE-2006-1925 (Directory traversal vulnerability in the editnews module (inc/editnews ...)
 	NOT-FOR-US: CuteNews
-CVE-2006-1924
+CVE-2006-1924 (SQL injection vulnerability in functions/db_api.php in LinPHA 1.1.1 al ...)
 	NOT-FOR-US: LinPHA
-CVE-2006-1923
+CVE-2006-1923 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1 ...)
 	NOT-FOR-US: LinPHA
-CVE-2006-1922
+CVE-2006-1922 (PHP remote file inclusion vulnerability in (1) about.php or (2) auth.p ...)
 	NOT-FOR-US: TotalCalendar
-CVE-2006-1921
+CVE-2006-1921 (nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute ...)
 	NOT-FOR-US: PHP Net Tools
-CVE-2006-1920
+CVE-2006-1920 (SQL injection vulnerability in index.php in PMTool 1.2.2 allows remote ...)
 	NOT-FOR-US: PMTool
-CVE-2006-1919
+CVE-2006-1919 (PHP remote file inclusion vulnerability in index.php in Internet Photo ...)
 	NOT-FOR-US: Internet Photoshow
-CVE-2006-1918
+CVE-2006-1918 (Multiple cross-site scripting (XSS) vulnerabilities in Papoo 2.1.5 all ...)
 	NOT-FOR-US: Papoo
-CVE-2006-1917
+CVE-2006-1917 (SQL injection vulnerability in member.php in Blackorpheus ClanMemberSk ...)
 	NOT-FOR-US: Blackorpheus ClanMemberSkript
-CVE-2006-1916
+CVE-2006-1916 (Multiple cross-site scripting (XSS) vulnerabilities in profile.php in  ...)
 	NOT-FOR-US: DbbS
-CVE-2006-1915
+CVE-2006-1915 (SQL injection vulnerability in topics.php in DbbS 2.0-alpha and earlie ...)
 	NOT-FOR-US: DbbS
-CVE-2006-1914
+CVE-2006-1914 (DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: DbbS
-CVE-2006-1913
+CVE-2006-1913 (Cross-site scripting (XSS) vulnerability in jax_guestbook.php in Jax G ...)
 	NOT-FOR-US: Jax Guestbook
-CVE-2006-1912
+CVE-2006-1912 (MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL var ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1911
+CVE-2006-1911 (Cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) 1.1 ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1910
+CVE-2006-1910 (config.php in S9Y Serendipity 1.0 beta 2 allows remote attackers to in ...)
 	- serendipity 1.0-1
-CVE-2006-1909
+CVE-2006-1909 (Directory traversal vulnerability in index.php in Coppermine 1.4.4 all ...)
 	NOT-FOR-US: Coppermine
-CVE-2006-1908
+CVE-2006-1908 (Cross-site scripting vulnerability in addevent.php in myEvent 1.x allo ...)
 	NOT-FOR-US: myEvent
-CVE-2006-1907
+CVE-2006-1907 (Multiple SQL injection vulnerabilities in myEvent 1.x allow remote att ...)
 	NOT-FOR-US: myEvent
-CVE-2006-1906
+CVE-2006-1906 (Cross-site scripting (XSS) vulnerability in index.php in jjgan852 phpL ...)
 	NOT-FOR-US: phpLister
-CVE-2006-1905
+CVE-2006-1905 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0 ...)
 	- xine-ui 0.99.4-1 (bug #363370; unimportant)
 	NOTE: This is a non-issue: An attacker would need to trick the user into opening
 	NOTE: an MP3 file with a very obviously manipulated filename containing the shellcode
-CVE-2006-1904
+CVE-2006-1904 (Cross-site scripting (XSS) vulnerability in index.php in AnimeGenesis  ...)
 	NOT-FOR-US: AnimeGenesis Gallery
-CVE-2006-1903
+CVE-2006-1903 (Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila ...)
 	NOT-FOR-US: UserLand Manila
-CVE-2006-1902
+CVE-2006-1902 (fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 impro ...)
 	- gcc-4.1 4.1.0-2 (bug #356896; unimportant)
 	NOTE: Turned out to be a non-issue
-CVE-2006-1901
+CVE-2006-1901 (Mozilla Camino 1.0 and earlier allow remote attackers to cause a denia ...)
 	NOT-FOR-US: Mozilla Camino
-CVE-2006-1900
+CVE-2006-1900 (Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4 ...)
 	- amaya 9.51-1 (bug #362575; medium)
-CVE-2006-1899
+CVE-2006-1899 (Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog ...)
 	NOT-FOR-US: Neuron Blog
-CVE-2006-1898
+CVE-2006-1898 (Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper Ti ...)
 	NOT-FOR-US: Tiny PHP Forum
-CVE-2006-1897
+CVE-2006-1897 (Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for "Script ...)
 	NOT-FOR-US: Webplus (aka talentsoft) Web+Shop
-CVE-2006-1896
+CVE-2006-1896 (Unspecified vulnerability in phpBB allows remote authenticated users w ...)
 	{DSA-1066-1}
 	- phpbb2 2.0.18-3 (bug #365533; medium)
-CVE-2006-1895
+CVE-2006-1895 (Direct static code injection vulnerability in includes/template.php in ...)
 	- phpbb2 <not-affected> (bug #365535)
-CVE-2006-1894
+CVE-2006-1894 (Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as derived  ...)
 	NOT-FOR-US: RevoBoard / PunBB
-CVE-2006-1893
+CVE-2006-1893 (Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 a ...)
 	NOT-FOR-US: ar-blog
-CVE-2006-1892
+CVE-2006-1892 (avast! 4 Linux Home Edition 1.0.5 allows local users to modify permiss ...)
 	NOT-FOR-US: avast! 4 Linux Home Edition
-CVE-2006-1891
+CVE-2006-1891 (Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard ...)
 	NOT-FOR-US: betaboard
-CVE-2006-1890
+CVE-2006-1890 (Multiple PHP remote file inclusion vulnerabilities in myWebland myEven ...)
 	NOT-FOR-US: myWebland
-CVE-2006-1889
+CVE-2006-1889 (Cross-site scripting (XSS) vulnerability in the search action handler  ...)
 	NOT-FOR-US: Boardsolution
-CVE-2006-1888
+CVE-2006-1888 (phpGraphy 0.9.11 and earlier allows remote attackers to bypass authent ...)
 	NOT-FOR-US: phpGraphy
-CVE-2006-1887
+CVE-2006-1887 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security  ...)
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2006-1886
+CVE-2006-1886 (Unspecified vulnerability in the PeopleTools component in Oracle Peopl ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1885
+CVE-2006-1885 (Multiple unspecified vulnerabilities in the Reporting Framework compon ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1884
+CVE-2006-1884 (Unspecified vulnerability in the Oracle Thesaurus Management System co ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1883
+CVE-2006-1883 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1882
+CVE-2006-1882 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1881
+CVE-2006-1881 (Unspecified vulnerability in the Financials for Asia/Pacific component ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1880
+CVE-2006-1880 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1879
+CVE-2006-1879 (Multiple unspecified vulnerabilities in the Email Server component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1878
+CVE-2006-1878 (Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopS ...)
 	NOT-FOR-US: phpFaber TopSites
-CVE-2006-1877
+CVE-2006-1877 (Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5,  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1876
+CVE-2006-1876 (Unspecified vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1875
+CVE-2006-1875 (Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7,  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1874
+CVE-2006-1874 (Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5,  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1873
+CVE-2006-1873 (Unspecified vulnerability in Oracle Database Server 9.2.0.7, 10.1.0.4, ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1872
+CVE-2006-1872 (Unspecified vulnerability in Oracle Database Server 9.0.1.5 and 9.2.0. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1871
+CVE-2006-1871 (SQL injection vulnerability in Oracle Database Server 9.2.0.7 and 10.1 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1870
+CVE-2006-1870 (Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5,  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1869
+CVE-2006-1869 (Unspecified vulnerability in Oracle Database Server 8.1.7.4 and 9.0.1. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1868
+CVE-2006-1868 (Buffer overflow in the Advanced Replication component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1867
+CVE-2006-1867 (Unspecified vulnerability in Oracle Database Server 9.2.0.6 has unknow ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1866
+CVE-2006-1866 (Multiple unspecified vulnerabilities in Oracle Database Server 8.1.7.4 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1865
+CVE-2006-1865 (Argument injection vulnerability in Beagle before 0.2.5 allows attacke ...)
 	- beagle 0.2.6-2 (bug #365371; medium)
-CVE-2006-1864
+CVE-2006-1864 (Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-13
-CVE-2006-1863
+CVE-2006-1863 (Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier  ...)
 	{DSA-1103}
 	- linux-2.6 2.6.16-10
-CVE-2006-1862
+CVE-2006-1862 (The virtual memory implementation in Linux kernel 2.6.x allows local u ...)
 	- linux-2.6 <not-affected> (seems to be RedHat-specific)
-CVE-2006-1861
+CVE-2006-1861 (Multiple integer overflows in FreeType before 2.2 allow remote attacke ...)
 	{DSA-1095-1}
 	- freetype 2.2.1-1
-CVE-2006-1860
+CVE-2006-1860 (lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attac ...)
 	- linux-2.6 2.6.16-14
-CVE-2006-1859
+CVE-2006-1859 (Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16. ...)
 	- linux-2.6 2.6.16-14
-CVE-2006-1858
+CVE-2006-1858 (SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-14
-CVE-2006-1857
+CVE-2006-1857 (Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-14
-CVE-2006-1856
+CVE-2006-1856 (Certain modifications to the Linux kernel 2.6.16 and earlier do not ad ...)
 	{DSA-1184-2}
 	- linux-2.6 2.6.16-12
-CVE-2006-1855
+CVE-2006-1855 (choose_new_parent in Linux kernel before 2.6.11.12 includes certain de ...)
 	{DSA-1184-2}
 	NOTE: probably fixed before, but this is the oldest linux-2.6 in the changelog
 	- linux-2.6 2.6.12-1
 CVE-2006-1854
 	NOT-FOR-US: BluePay Manager
-CVE-2006-1853
+CVE-2006-1853 (Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and earlier ...)
 	NOT-FOR-US: ModernBill
-CVE-2006-1852
+CVE-2006-1852 (SQL injection vulnerability in category.php in Article Publisher Pro 1 ...)
 	NOT-FOR-US: Article Publisher Pro
-CVE-2006-1851
+CVE-2006-1851 (xFlow 5.46.11 and earlier allows remote attackers to determine the ins ...)
 	NOT-FOR-US: xFlow
-CVE-2006-1850
+CVE-2006-1850 (Multiple cross-site scripting (XSS) vulnerabilities in xFlow 5.46.11 a ...)
 	NOT-FOR-US: xFlow
-CVE-2006-1849
+CVE-2006-1849 (Multiple SQL injection vulnerabilities in members_only/index.cgi in xF ...)
 	NOT-FOR-US: xFlow
-CVE-2006-1848
+CVE-2006-1848 (Multiple cross-site scripting (XSS) vulnerabilities in stats_view.php  ...)
 	NOT-FOR-US: LinPHA
-CVE-2006-1847
+CVE-2006-1847 (SQL injection vulnerability in the Your_Account module in PHP-Nuke 7.8 ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-1846
+CVE-2006-1846 (Cross-site scripting (XSS) vulnerability in the Your_Account module in ...)
 	NOT-FOR-US: PHP-Nuke
 CVE-2006-1845
 	REJECTED
-CVE-2006-1844
+CVE-2006-1844 (The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.5 ...)
 	[sarge] - shadow 1:4.0.3-31sarge8
 	[sarge] - base-config <not-affected>
 	NOTE: The installer is fixed separately, but the postinst of the shadow update
@@ -12182,222 +12182,222 @@ CVE-2006-1844
 	NOTE: seems to be a duplicate of CVE-2006-1376
 	- shadow 1:4.0.14-9 (bug #358210; bug #356939)
 	- base-config 2.68 (bug #254068; low)
-CVE-2006-1843
+CVE-2006-1843 (Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1. ...)
 	NOT-FOR-US: ShoutBOOK
-CVE-2006-1842
+CVE-2006-1842 (Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1. ...)
 	NOT-FOR-US: ShoutBOOK
-CVE-2006-1841
+CVE-2006-1841 (Cross-site scripting (XSS) vulnerability in search.php in boastMachine ...)
 	NOT-FOR-US: boastMachine
-CVE-2006-1840
+CVE-2006-1840 (Multiple format string vulnerabilities in Empire Server before 4.3.1 a ...)
 	NOT-FOR-US: Wolfpack Empire Server (vms-empire in Debian is a different game)
-CVE-2006-1839
+CVE-2006-1839 (PHP remote file inclusion vulnerability in language.php in PHP Album 0 ...)
 	NOT-FOR-US: PHP Album
-CVE-2006-1838
+CVE-2006-1838 (edit_kategorie.php in Fuju News 1.0 allows remote attackers to bypass  ...)
 	NOT-FOR-US: Fuju News
-CVE-2006-1837
+CVE-2006-1837 (SQL injection vulnerability in archiv2.php in Fuju News 1.0 allows rem ...)
 	NOT-FOR-US: Fuju News
-CVE-2006-1836
+CVE-2006-1836 (Untrusted search path vulnerability in unspecified components in Syman ...)
 	NOT-FOR-US: Symantec LiveUpdate
-CVE-2006-1835
+CVE-2006-1835 (Cross-site scripting (XSS) vulnerability in yearcal.php in Calendarix  ...)
 	NOT-FOR-US: Calendarix
-CVE-2006-1834
+CVE-2006-1834 (Integer signedness error in Opera before 8.54 allows remote attackers  ...)
 	NOT-FOR-US: Opera
-CVE-2006-1833
+CVE-2006-1833 (Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the  ...)
 	NOT-FOR-US: NetBSD
-CVE-2006-1832
+CVE-2006-1832 (sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the inst ...)
 	NOT-FOR-US: sysinfo
-CVE-2006-1831
+CVE-2006-1831 (Direct static code injection vulnerability in sysinfo.cgi in sysinfo 1 ...)
 	NOT-FOR-US: sysinfo
-CVE-2006-1830
+CVE-2006-1830 (Sun Java Studio Enterprise 8, when installed as root, creates certain  ...)
 	NOT-FOR-US: Sun Java Studio Enterprise
-CVE-2006-1829
+CVE-2006-1829 (EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote authenti ...)
 	NOT-FOR-US: EAServer Manager in Sybase EAServer
-CVE-2006-1828
+CVE-2006-1828 (SQL injection vulnerability in php121language.php in PHP121 1.4 allows ...)
 	NOT-FOR-US: PHP121
-CVE-2006-1827
+CVE-2006-1827 (Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlie ...)
 	{DSA-1048-1}
 	- asterisk 1:1.2.7.1.dfsg-1 (bug #364195; medium)
 	[sarge] - asterisk 1:1.0.7.dfsg.1-2sarge2 (bug #364195; medium)
 	[woody] - asterisk 0.1.11-3woody1 (bug #364195; medium)
-CVE-2006-1826
+CVE-2006-1826 (Multiple cross-site scripting (XSS) vulnerabilities in Snipe Gallery 3 ...)
 	NOT-FOR-US: Snipe Gallery
-CVE-2006-1825
+CVE-2006-1825 (Cross-site scripting (XSS) vulnerability in index.php in phpLinks 2.1. ...)
 	NOT-FOR-US: phpLinks
-CVE-2006-1824
+CVE-2006-1824 (Multiple cross-site scripting (XSS) vulnerabilities in PhpGuestbook.ph ...)
 	NOT-FOR-US: PhpGuestbook
-CVE-2006-1823
+CVE-2006-1823 (Directory traversal vulnerability in FarsiNews 2.5.3 Pro and earlier a ...)
 	NOT-FOR-US: FarsiNews
-CVE-2006-1822
+CVE-2006-1822 (Cross-site scripting (XSS) vulnerability in search.php in FarsiNews 2. ...)
 	NOT-FOR-US: FarsiNews
-CVE-2006-1821
+CVE-2006-1821 (Directory traversal vulnerability in index.php in ModX 0.9.1 allows re ...)
 	NOT-FOR-US: ModX CMS
-CVE-2006-1820
+CVE-2006-1820 (Cross-site scripting (XSS) vulnerability in index.php in ModX 0.9.1 al ...)
 	NOT-FOR-US: ModX CMS
-CVE-2006-1819
+CVE-2006-1819 (Directory traversal vulnerability in the loadConfig function in index. ...)
 	NOT-FOR-US: phpWebSite
-CVE-2006-1818
+CVE-2006-1818 (Multiple cross-site scripting (XSS) vulnerabilities in warforge.NEWS 1 ...)
 	NOT-FOR-US: warforge.NEWS
-CVE-2006-1817
+CVE-2006-1817 (SQL injection vulnerability in authcheck.php in warforge.NEWS 1.0, wit ...)
 	NOT-FOR-US: warforge.NEWS
-CVE-2006-1816
+CVE-2006-1816 (PHP remote file inclusion vulnerability in VBulletin 3.5.1, 3.5.2, and ...)
 	NOT-FOR-US: VBulletin
-CVE-2006-1815
+CVE-2006-1815 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
 	NOT-FOR-US: Tritanium Bulletin Board
-CVE-2006-1814
+CVE-2006-1814 (NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of s ...)
 	NOT-FOR-US: NetBSD kernel
-CVE-2006-1813
+CVE-2006-1813 (Directory traversal vulnerability in index.php in phpWebFTP 3.2 and ea ...)
 	NOT-FOR-US: phpWebFTP
-CVE-2006-1812
+CVE-2006-1812 (phpWebFTP 3.2 and earlier stores script.js under the web document root ...)
 	NOT-FOR-US: phpWebFTP
-CVE-2006-1811
+CVE-2006-1811 (Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow remo ...)
 	NOT-FOR-US: FlexBB
-CVE-2006-1810
+CVE-2006-1810 (Multiple cross-site scripting (XSS) vulnerabilities in FlexBB 0.5.5 BE ...)
 	NOT-FOR-US: FlexBB
-CVE-2006-1809
+CVE-2006-1809 (index.php in Lifetype 1.0.3 allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: Lifetype
-CVE-2006-1808
+CVE-2006-1808 (Cross-site scripting (XSS) vulnerability in index.php in Lifetype 1.0. ...)
 	NOT-FOR-US: Lifetype
-CVE-2006-1807
+CVE-2006-1807 (Multiple SQL injection vulnerabilities in index.php in Musicbox 2.3.3  ...)
 	NOT-FOR-US: Musicbox
-CVE-2006-1806
+CVE-2006-1806 (Cross-site scripting (XSS) vulnerability in index.php in Musicbox 2.3. ...)
 	NOT-FOR-US: Musicbox
-CVE-2006-1805
+CVE-2006-1805 (SQL injection vulnerability in member.php in PowerClan 1.14 allows rem ...)
 	NOT-FOR-US: PowerClan
-CVE-2006-1804
+CVE-2006-1804 (SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows  ...)
 	- phpmyadmin 4:2.8.1-1 (bug #363519; low)
 	[sarge] - phpmyadmin <not-affected>
-CVE-2006-1803
+CVE-2006-1803 (Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7. ...)
 	- phpmyadmin 4:2.8.1-1 (bug #363519; low)
 	[sarge] - phpmyadmin <not-affected> (CSRF code not present in Sarge, too intrusive to backport)
 	NOTE: maintainer considers this not-affected.
-CVE-2006-1802
+CVE-2006-1802 (Cross-site scripting (XSS) vulnerability in index.php in TinyWebGaller ...)
 	NOT-FOR-US: TinyWebGallery
-CVE-2006-1801
+CVE-2006-1801 (Cross-site scripting (XSS) vulnerability in planetsearchplus.php in pl ...)
 	NOT-FOR-US: planetSearch+
-CVE-2006-1800
+CVE-2006-1800 (Directory traversal vulnerability in posts.php in SimpleBBS 1.0.6 thro ...)
 	NOT-FOR-US: SimpleBBS
-CVE-2006-1799
+CVE-2006-1799 (censtore.cgi in Censtore 7.3.002 and earlier allows remote attackers t ...)
 	NOT-FOR-US: Censtore
-CVE-2006-1798
+CVE-2006-1798 (SQL injection vulnerability in rateit.php in RateIt 2.2 allows remote  ...)
 	NOT-FOR-US: RateIt
-CVE-2006-1797
+CVE-2006-1797 (The kernel in NetBSD-current before September 28, 2005 allows local us ...)
 	NOT-FOR-US: NetBSD kernel
-CVE-2006-1796
+CVE-2006-1796 (Cross-site scripting (XSS) vulnerability in the paging links functiona ...)
 	- wordpress 2.0.1 (bug #328909)
-CVE-2006-1795
+CVE-2006-1795 (Cross-site scripting (XSS) vulnerability in tablepublisher.cgi in UPDI ...)
 	NOT-FOR-US: UPDI Network Enterprise
-CVE-2006-1794
+CVE-2006-1794 (SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earli ...)
 	NOTE: only in experimental
 	- mambo 4.5.3h-1 (bug #354468)
-CVE-2006-1793
+CVE-2006-1793 (Directory traversal vulnerability in runCMS 1.2 and earlier allows rem ...)
 	NOT-FOR-US: runCMS
-CVE-2006-1792
+CVE-2006-1792 (Unspecified vulnerability in the POP service in MailEnable Standard Ed ...)
 	NOT-FOR-US: MailEnable
-CVE-2006-1791
+CVE-2006-1791 (Directory traversal vulnerability in acc.php in QuickBlogger 1.4 allow ...)
 	NOT-FOR-US: QuickBlogger
-CVE-2006-1790
+CVE-2006-1790 (A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to c ...)
 	{DSA-1051-1 DSA-1046-1}
 	- firefox 1.5
 	- mozilla-firefox <not-affected> (problematic fix not backported into 1.0.4-2sarge5)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
 	- thunderbird 1.5.0.2-1
 	- mozilla 2:1.7.13-0.1
-CVE-2006-1789
+CVE-2006-1789 (Directory traversal vulnerability in pajax_call_dispatcher.php in PAJA ...)
 	NOT-FOR-US: pajax
-CVE-2006-1788
+CVE-2006-1788 (Adobe Document Server for Reader Extensions 6.0, during log on, provid ...)
 	NOT-FOR-US: Adobe
-CVE-2006-1787
+CVE-2006-1787 (Adobe Document Server for Reader Extensions 6.0 includes a user's sess ...)
 	NOT-FOR-US: Adobe
-CVE-2006-1786
+CVE-2006-1786 (Cross-site scripting (XSS) vulnerability in Adobe Document Server for  ...)
 	NOT-FOR-US: Adobe
-CVE-2006-1785
+CVE-2006-1785 (Adobe Document Server for Reader Extensions 6.0 allows remote authenti ...)
 	NOT-FOR-US: Adobe
-CVE-2006-1784
+CVE-2006-1784 (PHP remote file inclusion vulnerability in admin/configset.php in Sphi ...)
 	NOT-FOR-US: Sphider
-CVE-2006-1783
+CVE-2006-1783 (Cross-site scripting (XSS) vulnerability in PatroNet CMS allows remote ...)
 	NOT-FOR-US: PatroNet CMS
-CVE-2006-1782
+CVE-2006-1782 (Unspecified vulnerability in Solaris 8 and 9 allows local users to obt ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2006-1781
+CVE-2006-1781 (PHP remote file inclusion vulnerability in functions.php in Circle R M ...)
 	NOT-FOR-US: Circle R Monster Top List
-CVE-2006-1780
+CVE-2006-1780 (The Bourne shell (sh) in Solaris 8, 9, and 10 allows local users to ca ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2006-1779
+CVE-2006-1779 (Cross-site scripting (XSS) vulnerability in login.php in Jeremy Ashcra ...)
 	NOT-FOR-US: Simplog
-CVE-2006-1778
+CVE-2006-1778 (Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9. ...)
 	NOT-FOR-US: Simplog
-CVE-2006-1777
+CVE-2006-1777 (Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft  ...)
 	NOT-FOR-US: Simplog
-CVE-2006-1776
+CVE-2006-1776 (PHP remote file inclusion vulnerability in doc/index.php in Jeremy Ash ...)
 	NOT-FOR-US: Simplog
-CVE-2006-1775
+CVE-2006-1775 (Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 al ...)
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: Only exploitable by authenticated admin users
-CVE-2006-1774
+CVE-2006-1774 (HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqH ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2006-1773
+CVE-2006-1773 (SQL injection vulnerability in include.php in PHPKIT 1.6.1 Release 2 a ...)
 	NOT-FOR-US: PHPKIT
-CVE-2006-1772
+CVE-2006-1772 (debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogo ...)
 	- mnogosearch 3.2.37-3.1 (bug #361775)
 	[sarge] - mnogosearch <no-dsa> (Minor issue)
-CVE-2006-1771
+CVE-2006-1771 (Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXo ...)
 	NOT-FOR-US: SAXoPRESS
-CVE-2006-1770
+CVE-2006-1770 (Multiple PHP remote file inclusion vulnerabilities in Azerbaijan Desig ...)
 	NOT-FOR-US: AzDGVote
-CVE-2006-1769
+CVE-2006-1769 (Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila ...)
 	NOT-FOR-US: UserLand Manila
-CVE-2006-1768
+CVE-2006-1768 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
 	NOT-FOR-US: Tritanium Bulletin Board
-CVE-2006-1767
+CVE-2006-1767 (Multiple PHP remote file inclusion vulnerabilities in nicecoder.com IN ...)
 	NOT-FOR-US: INDEXU
-CVE-2006-1766
+CVE-2006-1766 (Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and ...)
 	NOT-FOR-US: Papoo
-CVE-2006-1765
+CVE-2006-1765 (Cross-site scripting (XSS) vulnerability in index.php in JBook 1.3 all ...)
 	NOT-FOR-US: JBook
-CVE-2006-1764
+CVE-2006-1764 (Hosting Controller 6.1 stores forum/db/forum.mdb under the web documen ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2006-1763
+CVE-2006-1763 (Multiple SQL injection vulnerabilities in index.php in blur6ex 0.3.452 ...)
 	NOT-FOR-US: blur6ex
-CVE-2006-1762
+CVE-2006-1762 (Directory traversal vulnerability in index.php in blur6ex 0.3.452 allo ...)
 	NOT-FOR-US: blur6ex
-CVE-2006-1761
+CVE-2006-1761 (Cross-site scripting vulnerability in index.php in blur6ex 0.3.452 all ...)
 	NOT-FOR-US: blur6ex
-CVE-2006-1760
+CVE-2006-1760 (Multiple cross-site scripting (XSS) vulnerabilities in JetPhoto allow  ...)
 	NOT-FOR-US: JetPhoto
-CVE-2006-1759
+CVE-2006-1759 (Cross-site scripting (XSS) vulnerability in allgemein_transfer.php in  ...)
 	NOT-FOR-US: SWSoft Confixx
-CVE-2006-1758
+CVE-2006-1758 (SQL injection vulnerability in index.php in Vegadns 0.99 allows remote ...)
 	NOT-FOR-US: Vegadns
-CVE-2006-1757
+CVE-2006-1757 (Cross-site scripting (XSS) vulnerability in index.php in Vegadns 0.99  ...)
 	NOT-FOR-US: Vegadns
-CVE-2006-1756
+CVE-2006-1756 (MD News 1 allows remote attackers to bypass authentication via a direc ...)
 	NOT-FOR-US: MD News 1
-CVE-2006-1755
+CVE-2006-1755 (SQL injection vulnerability in admin.php in MD News 1 allows remote at ...)
 	NOT-FOR-US: MD News 1
-CVE-2006-1754
+CVE-2006-1754 (SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0. ...)
 	NOT-FOR-US: SWSoft Confixx
-CVE-2006-1753
+CVE-2006-1753 (A cron job in fcheck before 2.7.59 allows local users to overwrite arb ...)
 	{DSA-1035-1}
 	- fcheck 2.7.59-8
-CVE-2006-1752
+CVE-2006-1752 (Multiple cross-site scripting (XSS) vulnerabilities in the backend in  ...)
 	NOT-FOR-US: MvBlog
-CVE-2006-1751
+CVE-2006-1751 (Multiple SQL injection vulnerabilities in MvBlog before 1.6 allow remo ...)
 	NOT-FOR-US: MvBlog
-CVE-2006-1750
+CVE-2006-1750 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Au ...)
 	NOT-FOR-US: Autogallery
-CVE-2006-1749
+CVE-2006-1749 (PHP remote file inclusion vulnerability in config.php in phpListPro 2. ...)
 	NOT-FOR-US: phpListPro
-CVE-2006-1748
+CVE-2006-1748 (Cross-site scripting (XSS) vulnerability in XMB Forum 1.9.5 allows rem ...)
 	NOT-FOR-US: XMB Forum
-CVE-2006-1747
+CVE-2006-1747 (PHP remote file inclusion vulnerability in Virtual War (VWar) 1.5.0 al ...)
 	NOT-FOR-US: Virtual War
-CVE-2006-1746
+CVE-2006-1746 (Directory traversal vulnerability in PHPList 2.10.2 and earlier allows ...)
 	NOT-FOR-US: PHPList
-CVE-2006-1745
+CVE-2006-1745 (Cross-site scripting (XSS) vulnerability in login.php in Bitweaver 1.3 ...)
 	NOT-FOR-US: Bitweaver
-CVE-2006-1743
+CVE-2006-1743 (Multiple SQL injection vulnerabilities in form.php in JBook 1.4 allow  ...)
 	NOT-FOR-US: JBook
-CVE-2006-1742
+CVE-2006-1742 (The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1. ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
@@ -12407,69 +12407,69 @@ CVE-2006-1742
 	- xulrunner 1.8.0.1-9
 	NOTE: The Mozilla Foundation labels this as "critical", but it's not
 	NOTE: clear if this bug is exploitable.
-CVE-2006-1741
+CVE-2006-1741 (Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite b ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla 2:1.7.13-0.1 (medium)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-1740
+CVE-2006-1740 (Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite b ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (low)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (low)
 	- mozilla 2:1.7.13-0.1 (low)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-1739
+CVE-2006-1739 (The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x b ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla 2:1.7.13-0.1 (medium)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-1738
+CVE-2006-1738 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla 2:1.7.13-0.1 (medium)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-1737
+CVE-2006-1737 (Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla 2:1.7.13-0.1 (medium)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-1736
+CVE-2006-1736 (Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite b ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (low)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (low)
 	- mozilla 2:1.7.13-0.1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
-CVE-2006-1735
+CVE-2006-1735 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (high)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (high)
 	- mozilla 2:1.7.13-0.1 (high)
 	- thunderbird 1.5.0.2-1 (medium)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (medium)
-CVE-2006-1734
+CVE-2006-1734 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (high)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (high)
 	- mozilla 2:1.7.13-0.1 (high)
 	- thunderbird 1.5.0.2-1 (medium)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (medium)
-CVE-2006-1733
+CVE-2006-1733 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (high)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (high)
 	- mozilla 2:1.7.13-0.1 (high)
 	- thunderbird 1.5.0.2-1 (medium)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (medium)
-CVE-2006-1732
+CVE-2006-1732 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
@@ -12477,14 +12477,14 @@ CVE-2006-1732
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
 	- xulrunner 1.8.0.1-9
-CVE-2006-1731
+CVE-2006-1731 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-2 (medium)
 	- mozilla 2:1.7.13-0.1 (medium)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-1730
+CVE-2006-1730 (Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-1 (high)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-1 (high)
@@ -12494,7 +12494,7 @@ CVE-2006-1730
 	NOTE: MFSA2006-22 says that it is not clear whether Thunderbird is
 	NOTE: exploitable in the default configuration.
 	- xulrunner 1.8.0.1-9
-CVE-2006-1729
+CVE-2006-1729 (Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Sui ...)
 	{DSA-1134-1 DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-1 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-1 (medium)
@@ -12502,7 +12502,7 @@ CVE-2006-1729
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (medium)
 	- xulrunner 1.8.0.1-9
 	NOTE: Can likely be used to steal OpenSSH keys and the like.
-CVE-2006-1728
+CVE-2006-1728 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-1 (high)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-1 (high)
@@ -12510,7 +12510,7 @@ CVE-2006-1728
 	- thunderbird 1.5.0.2-1 (medium)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (medium)
 	- xulrunner 1.8.0.1-9
-CVE-2006-1727
+CVE-2006-1727 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-1 (medium)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-1 (medium)
@@ -12520,16 +12520,16 @@ CVE-2006-1727
 	- xulrunner 1.8.0.1-9
 	NOTE: If print preview (and this bug) can be triggered from JavaScript,
 	NOTE: the urgency should probably be raised.
-CVE-2006-1726
+CVE-2006-1726 (Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0. ...)
 	- firefox 1.5.dfsg+1.5.0.2-1 (high)
 	- thunderbird 1.5.0.2-1 (medium)
 	- xulrunner 1.8.0.1-9
 	NOTE: New bug in Firefox 1.5.
-CVE-2006-1725
+CVE-2006-1725 (Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes c ...)
 	- firefox 1.5.dfsg+1.5.0.2-1 (low)
 	- xulrunner 1.8.0.1-9
 	NOTE: New bug in Firefox 1.5.
-CVE-2006-1724
+CVE-2006-1724 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1 ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-1 (medium)
 	- mozilla <removed> (medium)
@@ -12539,7 +12539,7 @@ CVE-2006-1724
 	NOTE: MFSA2006-20 says exploitability has not been confirmed.
 	NOTE: Thunderbird is potentially affected as well, but not in the
 	NOTE: default configuration.
-CVE-2006-1723
+CVE-2006-1723 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ...)
 	{DSA-1051-1 DSA-1046-1}
 	- firefox 1.5.dfsg+1.5.0.2 (medium)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
@@ -12547,434 +12547,434 @@ CVE-2006-1723
 	- thunderbird 1.5.0.2-1 (low)
 	- xulrunner 1.8.0.1-9
 	NOTE: This is probably: https://bugzilla.mozilla.org/show_bug.cgi?id=320459
-CVE-2006-1722
+CVE-2006-1722 (Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS 4.0 al ...)
 	NOT-FOR-US: ShopXS
-CVE-2006-1721
+CVE-2006-1721 (digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer  ...)
 	{DSA-1042-1}
 	- cyrus-sasl2 2.1.19.dfsg1-0.2 (bug #361937; low)
 	- cyrus-sasl2-mit <not-affected> (does not install digest-md5)
-CVE-2006-1720
+CVE-2006-1720 (Cross-site scripting (XSS) vulnerability in search.php in SaphpLesson  ...)
 	NOT-FOR-US: SaphpLesson
-CVE-2006-1719
+CVE-2006-1719 (Internet Explorer 6 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2006-1718
+CVE-2006-1718 (Magus Perde Clever Copy 3.0 and earlier stores sensitive information u ...)
 	NOT-FOR-US: Clever Copy
-CVE-2006-1717
+CVE-2006-1717 (Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1716
+CVE-2006-1716 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in  ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1715
+CVE-2006-1715 (Multiple directory traversal vulnerabilities in Christian Kindahl TUGZ ...)
 	NOT-FOR-US: TUGZip
-CVE-2006-1714
+CVE-2006-1714 (CRLF injection vulnerability in index.php in Christoph Roeder phpMyFor ...)
 	NOT-FOR-US: phpMyForum
-CVE-2006-1713
+CVE-2006-1713 (Cross-site scripting (XSS) vulnerability in index.php in Christoph Roe ...)
 	NOT-FOR-US: phpMyForum
-CVE-2006-1710
+CVE-2006-1710 (SQL injection vulnerability in admin.php in Design Nation DNGuestbook  ...)
 	NOT-FOR-US: DNGuestbook
-CVE-2006-1744
+CVE-2006-1744 (Buffer overflow in pl_main.c in sail in BSDgames before 2.17-7 allows  ...)
 	{DSA-1036-1}
 	- bsdgames 2.17-7 (bug #360989)
-CVE-2006-1712
+CVE-2006-1712 (Cross-site scripting (XSS) vulnerability in the private archive script ...)
 	- mailman 0:2.1.7-2.1.8rc1-1
 	[sarge] - mailman <not-affected> (Only affects Mailman 2.1.7)
-CVE-2006-1711
+CVE-2006-1711 (Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1)  ...)
 	{DSA-1032-1}
 	- zope-cmfplone 2.1.2-2
-CVE-2006-1709
+CVE-2006-1709 (Cross-site scripting (XSS) vulnerability in shop_main.cgi in interakti ...)
 	NOT-FOR-US: interaktiv.shop
-CVE-2006-1708
+CVE-2006-1708 (SQL injection vulnerability in member.php in Clansys 1.1 allows remote ...)
 	NOT-FOR-US: Clansys
-CVE-2006-1707
+CVE-2006-1707 (index.php in Shopweezle 2.0 allows remote attackers to include arbitra ...)
 	NOT-FOR-US: Shopweezle
-CVE-2006-1706
+CVE-2006-1706 (Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote  ...)
 	NOT-FOR-US: Shopweezle
-CVE-2006-1705
+CVE-2006-1705 (Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" p ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1704
+CVE-2006-1704 (Sire 2.0 nws allows remote attackers to upload arbitrary image files w ...)
 	NOT-FOR-US: Sire 2.0 nws
-CVE-2006-1703
+CVE-2006-1703 (PHP remote file inclusion vulnerability in lire.php in Sire 2.0 nws al ...)
 	NOT-FOR-US: Sire 2.0 nws
-CVE-2006-1702
+CVE-2006-1702 (PHP remote file inclusion vulnerability in spip_login.php3 in SPIP 1.8 ...)
 	- spip 2.0.6-1
-CVE-2006-1701
+CVE-2006-1701 (Cross-site scripting (XSS) vulnerability in the Pages module in Shadow ...)
 	NOT-FOR-US: Shadowed Portal
-CVE-2006-1700
+CVE-2006-1700 (Buy.php in Aweb Scripts Seller uses predictable cookies for authentica ...)
 	NOT-FOR-US: Aweb Scripts Seller
-CVE-2006-1699
+CVE-2006-1699 (Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner G ...)
 	NOT-FOR-US: Aweb Banner
-CVE-2006-1698
+CVE-2006-1698 (Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3. ...)
 	NOT-FOR-US: Matt Wright Guestbook
-CVE-2006-1697
+CVE-2006-1697 (Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3. ...)
 	NOT-FOR-US: Matt Wright Guestbook
-CVE-2006-1696
+CVE-2006-1696 (Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allow ...)
 	- gallery 1.5.3-1 (bug #361758)
-CVE-2006-1695
+CVE-2006-1695 (The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environme ...)
 	{DSA-1068-1}
 	- fbi 2.05-1 (bug #361370)
-CVE-2006-1694
+CVE-2006-1694 (SQL injection vulnerability in members.php in XBrite Members 1.1 and e ...)
 	NOT-FOR-US: XBrite Members
-CVE-2006-1693
+CVE-2006-1693 (Unspecified vulnerability in GlobalSCAPE Secure FTP Server before 3.1. ...)
 	NOT-FOR-US: GlobalSCAPE Secure FTP Server
-CVE-2006-1692
+CVE-2006-1692 (Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b allow re ...)
 	NOT-FOR-US: MWNewsletter
-CVE-2006-1691
+CVE-2006-1691 (SQL injection vulnerability in MWNewsletter 1.0.0b allows remote attac ...)
 	NOT-FOR-US: MWNewsletter
-CVE-2006-1690
+CVE-2006-1690 (Cross-site scripting (XSS) vulnerability in subscribe.php in MWNewslet ...)
 	NOT-FOR-US: MWNewsletter
-CVE-2006-1689
+CVE-2006-1689 (Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LD ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-1688
+CVE-2006-1688 (Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and e ...)
 	NOT-FOR-US: SQuery / Autonomous LAN party
-CVE-2006-1687
+CVE-2006-1687 (Cross-site scripting (XSS) vulnerability in APT-webshop-system 4.0 PRO ...)
 	NOT-FOR-US: APT-webshop-system
-CVE-2006-1686
+CVE-2006-1686 (Unspecified vulnerability in modules.php in APT-webshop-system 4.0 PRO ...)
 	NOT-FOR-US: APT-webshop-system
-CVE-2006-1685
+CVE-2006-1685 (Multiple SQL injection vulnerabilities in modules.php in APT-webshop-s ...)
 	NOT-FOR-US: APT-webshop-system
-CVE-2006-1684
+CVE-2006-1684 (Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier all ...)
 	NOT-FOR-US: ecotwo Shopsystem
-CVE-2006-1683
+CVE-2006-1683 (SQL injection vulnerability in admin/login.php in Chipmunk Guestbook a ...)
 	NOT-FOR-US: Chipmunk Guestbook
-CVE-2006-1682
+CVE-2006-1682 (Cross-site scripting (XSS) vulnerability in webplus.exe in TalentSoft  ...)
 	NOT-FOR-US: TalentSoft Web+Shop
-CVE-2006-1681
+CVE-2006-1681 (Cross-site scripting (XSS) vulnerability in Cherokee HTTPD 0.5 and ear ...)
 	- cherokee 0.5.1-1
-CVE-2006-1680
+CVE-2006-1680 (Jupiter CMS 1.1.5, when display_errors is enabled, allows remote attac ...)
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-1679
+CVE-2006-1679 (Cross-site scripting (XSS) vulnerability in modules/online.php in Jupi ...)
 	NOT-FOR-US: Jupiter CMS
-CVE-2006-1678
+CVE-2006-1678 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...)
 	{DSA-1207-1}
 	- phpmyadmin 4:2.8.0.3-1 (bug #362567)
-CVE-2006-1677
+CVE-2006-1677 (MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before 1.0 ...)
 	NOT-FOR-US: MAXdev MD-Pro
-CVE-2006-1676
+CVE-2006-1676 (SQL injection vulnerability in the display function in the Topics modu ...)
 	NOT-FOR-US: MAXdev MD-Pro
-CVE-2006-1675
+CVE-2006-1675 (Multiple cross-site scripting (XSS) vulnerabilities in PHPWebGallery 1 ...)
 	NOT-FOR-US: PHPWebGallery
-CVE-2006-1674
+CVE-2006-1674 (Cross-site scripting (XSS) vulnerability in search.php in PHPWebGaller ...)
 	NOT-FOR-US: PHPWebGallery
-CVE-2006-1673
+CVE-2006-1673 (Cross-site scripting (XSS) vulnerability in vbugs.php in Dark_Wizard v ...)
 	NOT-FOR-US: Dark_Wizard vBug Tracker
-CVE-2006-1672
+CVE-2006-1672 (The installation of Cisco Transport Controller (CTC) for Cisco Optical ...)
 	NOT-FOR-US: Cisco
-CVE-2006-1671
+CVE-2006-1671 (Control cards for Cisco Optical Networking System (ONS) 15000 series n ...)
 	NOT-FOR-US: Cisco
-CVE-2006-1670
+CVE-2006-1670 (Control cards for Cisco Optical Networking System (ONS) 15000 series n ...)
 	NOT-FOR-US: Cisco
-CVE-2006-1669
+CVE-2006-1669 (SQL injection vulnerability in chat/messagesL.php3 in phpHeaven Team P ...)
 	NOT-FOR-US: PHPMyChat
-CVE-2006-1668
+CVE-2006-1668 (newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PH ...)
 	NOT-FOR-US: Crafty Syntax Image Gallery
-CVE-2006-1667
+CVE-2006-1667 (SQL injection vulnerability in slides.php in Eric Gerdes Crafty Syntax ...)
 	NOT-FOR-US: Crafty Syntax Image Gallery
-CVE-2006-1666
+CVE-2006-1666 (SQL injection vulnerability in forum.php in Arab Portal 2.0.1 stable a ...)
 	NOT-FOR-US: Arab Portal
-CVE-2006-1665
+CVE-2006-1665 (Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 ...)
 	NOT-FOR-US: Arab Portal
-CVE-2006-1664
+CVE-2006-1664 (Buffer overflow in xine_list_delete_current in libxine 1.14 and earlie ...)
 	- xine-lib <not-affected> (Not reproducible with Debian version, see bug #363127)
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
 CVE-2006-1663
 	REJECTED
-CVE-2006-1662
+CVE-2006-1662 (The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote at ...)
 	NOT-FOR-US: Limbo CMS
-CVE-2006-1661
+CVE-2006-1661 (Multiple cross-site scripting (XSS) vulnerabilities in SKForum 1.5 and ...)
 	NOT-FOR-US: SKForum
-CVE-2006-1660
+CVE-2006-1660 (Cross-site scripting (XSS) vulnerability in image_desc.php in Softbiz  ...)
 	NOT-FOR-US: Softbiz Image Gallery
-CVE-2006-1659
+CVE-2006-1659 (Multiple SQL injection vulnerabilities in Softbiz Image Gallery allow  ...)
 	NOT-FOR-US: Softbiz Image Gallery
-CVE-2006-1658
+CVE-2006-1658 (Direct static code injection vulnerability in ticker.db.php in Chucky  ...)
 	NOT-FOR-US: Chucky A. Ivey N.T.
-CVE-2006-1657
+CVE-2006-1657 (Cross-site scripting (XSS) vulnerability in index.php in Chucky A. Ive ...)
 	NOT-FOR-US: Chucky A. Ivey N.T.
 CVE-2006-XXXX [linphone insecure password leakage]
 	- linphone 1.3.5-1 (bug #361913)
-CVE-2006-1656
+CVE-2006-1656 (vserver in util-vserver 0.30.209 executes a command as root when the s ...)
 	- util-vserver 0.30.210-1 (bug #360438; unimportant)
-CVE-2006-1655
+CVE-2006-1655 (Multiple buffer overflows in mpg123 0.59r allow user-assisted attacker ...)
 	{DSA-1074-1}
 	- mpg123 0.59r-22 (bug #361863)
 	- mp3gain 1.5.2-r2-6 (low)
 	[wheezy] - mp3gain 1.5.2-r2-2+deb7u1
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
-CVE-2006-1654
+CVE-2006-1654 (Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbo ...)
 	NOT-FOR-US: HP Colour LaserJet 2500 and 4600 Toolbox
-CVE-2006-1653
+CVE-2006-1653 (PHP remote file inclusion vulnerability in loadkernel.php in AngelineC ...)
 	NOT-FOR-US: AngelineCMS
-CVE-2006-1652
+CVE-2006-1652 (Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and ear ...)
 	NOT-FOR-US: UltraVNC
 CVE-2006-1651
 	NOT-FOR-US: MS ISA
-CVE-2006-1650
+CVE-2006-1650 (Firefox 1.5.0.1 allows remote attackers to spoof the address bar and p ...)
 	NOTE: other reports indicate that Firefox is not vulnerable
-CVE-2006-1649
+CVE-2006-1649 (The "restore to" selection in the "quarantine a file" capability of ES ...)
 	NOT-FOR-US: Eset Software NOD32 Antivirus 2.5
-CVE-2006-1648
+CVE-2006-1648 (SMART SynchronEyes Student and Teacher 6.0, and possibly earlier versi ...)
 	NOT-FOR-US: SMART SynchronEyes
-CVE-2006-1647
+CVE-2006-1647 (An unspecified "logical programming mistake" in SMART SynchronEyes Stu ...)
 	NOT-FOR-US: SMART SynchronEyes
-CVE-2006-1646
+CVE-2006-1646 (The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg ...)
 	NOT-FOR-US: This is a slightly different racoon version, the Linux fork in Debian was already addressed in CVE-2005-3732
-CVE-2006-1645
+CVE-2006-1645 (Cross-site scripting (XSS) vulnerability in Anton Vlasov and Rostislav ...)
 	NOT-FOR-US: ReloadCMS
-CVE-2006-1644
+CVE-2006-1644 (login.php in Interact 2.1.1 generates different responses depending on ...)
 	NOT-FOR-US: Interact
-CVE-2006-1643
+CVE-2006-1643 (SQL injection vulnerability in login.php in Interact 2.1.1 allows remo ...)
 	NOT-FOR-US: Interact
-CVE-2006-1642
+CVE-2006-1642 (Cross-site scripting (XSS) vulnerability in Interact 2.1.1 allows remo ...)
 	NOT-FOR-US: Interact
-CVE-2006-1641
+CVE-2006-1641 (Multiple SQL injection vulnerabilities in CzarNews 1.14 allow remote a ...)
 	NOT-FOR-US: CzarNews
-CVE-2006-1640
+CVE-2006-1640 (Cross-site scripting (XSS) vulnerability in news.php in CzarNews 1.14  ...)
 	NOT-FOR-US: CzarNews
-CVE-2006-1639
+CVE-2006-1639 (SQL injection vulnerability in index.php in wpBlog 0.4 allows remote a ...)
 	NOT-FOR-US: wpBlog
-CVE-2006-1638
+CVE-2006-1638 (Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote atta ...)
 	NOT-FOR-US: aWebBB
-CVE-2006-1637
+CVE-2006-1637 (Multiple cross-site scripting (XSS) vulnerabilities in aWebBB 1.2 allo ...)
 	NOT-FOR-US: aWebBB
-CVE-2006-1636
+CVE-2006-1636 (PHP remote file inclusion vulnerability in get_header.php in VWar 1.5. ...)
 	NOT-FOR-US: VWar
-CVE-2006-1635
+CVE-2006-1635 (LucidCMS 2.0.0 RC4 allows remote attackers to obtain sensitive informa ...)
 	NOT-FOR-US: LucidCMS
-CVE-2006-1634
+CVE-2006-1634 (Cross-site scripting (XSS) vulnerability in index.php in LucidCMS 2.0. ...)
 	NOT-FOR-US: LucidCMS
 CVE-2006-1633
 	RESERVED
 CVE-2006-1632
 	RESERVED
-CVE-2006-1631
+CVE-2006-1631 (Unspecified vulnerability in the HTTP compression functionality in Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2006-1629
+CVE-2006-1629 (OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute a ...)
 	{DSA-1045-1}
 	- openvpn 2.0.6-1 (bug #360559; medium)
-CVE-2006-1628
+CVE-2006-1628 (Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 allows  ...)
 	NOT-FOR-US: Adobe LiveCycle
-CVE-2006-1627
+CVE-2006-1627 (Adobe Document Server for Reader Extensions 6.0 does not provide prope ...)
 	NOT-FOR-US: Adobe Document Server
-CVE-2006-1626
+CVE-2006-1626 (Internet Explorer 6 for Windows XP SP2 and earlier allows remote attac ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2006-1625
+CVE-2006-1625 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in  ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1624
+CVE-2006-1624 (The default configuration of syslogd in the Linux sysklogd package doe ...)
 	- sysklogd <unfixed> (unimportant)
 	NOTE: No sane person will open a network socket for syslog without apropriate
 	NOTE: firewall rules. The default is not to listen to the network.
-CVE-2006-1623
+CVE-2006-1623 (Unspecified vulnerability in main.php in an unspecified "file created  ...)
 	NOT-FOR-US: FleXiBle Development
-CVE-2006-1622
+CVE-2006-1622 (Cross-site scripting (XSS) vulnerability in PHPSelect linksubmit allow ...)
 	NOT-FOR-US: PHPSelect
-CVE-2006-1621
+CVE-2006-1621 (Directory traversal vulnerability in admin/folders/saveuploadfiles.asp ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2006-1620
+CVE-2006-1620 (admin/accounts/AccountActions.asp in Hosting Controller 2002 RC 1 allo ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2006-1619
+CVE-2006-1619 (IBM WebSphere Application Server 4.0.1 through 4.0.3 allows remote att ...)
 	NOT-FOR-US: WebSphere
-CVE-2006-1618
+CVE-2006-1618 (Format string vulnerability in the (1) Con_message and (2) conPrintf f ...)
 	NOT-FOR-US: Doomsday/deng
-CVE-2006-1617
+CVE-2006-1617 (Multiple cross-site scripting (XSS) vulnerabilities in Advanced Poll 2 ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2006-1616
+CVE-2006-1616 (Multiple SQL injection vulnerabilities in Advanced Poll 2.02 allow rem ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2006-1613
+CVE-2006-1613 (Multiple SQL injection vulnerabilities in aWebNews 1.0 allow remote at ...)
 	NOT-FOR-US: aWebNews
-CVE-2006-1612
+CVE-2006-1612 (Multiple cross-site scripting (XSS) vulnerabilities in visview.php in  ...)
 	NOT-FOR-US: aWebNews
-CVE-2006-1611
+CVE-2006-1611 (Directory traversal vulnerability in KGB Archiver before 1.1.5.22 allo ...)
 	NOT-FOR-US: KGB Archiver
-CVE-2006-1610
+CVE-2006-1610 (PHP remote file inclusion vulnerability in lib/armygame.php in SQuery  ...)
 	NOT-FOR-US: SQuery / Autonomous LAN party
-CVE-2006-1609
+CVE-2006-1609 (Unspecified vulnerability in Hitachi XFIT/S, XFIT/S/JCA, XFIT/S/ZGN, a ...)
 	NOT-FOR-US: Hitachi XFIT
-CVE-2006-1608
+CVE-2006-1608 (The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users  ...)
 	- php4 4:4.4.4-1 (bug #361856; unimportant)
 	- php5 5.1.4-0.1 (bug #361915; unimportant)
 	NOTE: Safe mode violations not supported
-CVE-2006-1607
+CVE-2006-1607 (Unspecified vulnerability in the banner module in Exponent CMS before  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2006-1606
+CVE-2006-1606 (Unspecified vulnerability in the image module in Exponent CMS before 0 ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2006-1605
+CVE-2006-1605 (Unspecified vulnerability in the image module in Exponent CMS before 0 ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2006-1604
+CVE-2006-1604 (Unspecified vulnerability in Exponent CMS before 0.96.5 RC 1 has unkno ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2006-1603
+CVE-2006-1603 (Cross-site scripting (XSS) vulnerability in profile.php in phpBB 2.0.1 ...)
 	- phpbb2 <not-affected> (According to Jeroen a non-issue, see notes)
 	NOTE: <jvw> jmm: unable to everify, the variable in question is only printed
 	NOTE: at one single page, and there it doesn't get taken from GET nor POST in my tests
 	NOTE: <jvw> and, shock, the password isn't saved unhashed in the DB, so having
 	NOTE: javascript in your password can't be exposed otherwise
 	NOTE: <jvw> I'd forget about it unless someone comes with a proof of concept
-CVE-2006-1602
+CVE-2006-1602 (PHP remote file inclusion vulnerability in includes/functions_common.p ...)
 	NOT-FOR-US: PHPNuke Clan
-CVE-2006-1601
+CVE-2006-1601 (Unspecified vulnerability in SunPlex Manager in Sun Cluster 3.1 4/04 a ...)
 	NOT-FOR-US: Sun Cluster
-CVE-2006-1600
+CVE-2006-1600 (SQL injection vulnerability in category.php in PhpWebGallery 1.4.1 all ...)
 	NOT-FOR-US: PhpWebGallery
-CVE-2006-1599
+CVE-2006-1599 (Unspecified vulnerability in VCEngine.php in v-creator before 1.3-pre3 ...)
 	NOT-FOR-US: v-creator
-CVE-2006-1598
+CVE-2006-1598 (AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remot ...)
 	NOT-FOR-US: AN HTTPD
 CVE-2006-1597
 	RESERVED
-CVE-2006-1596
+CVE-2006-1596 (PHP remote file inclusion vulnerability in learnPath/include/scormExpo ...)
 	NOT-FOR-US: Claroline
-CVE-2006-1595
+CVE-2006-1595 (Cross-site scripting (XSS) vulnerability in document/rqmkhtml.php in C ...)
 	NOT-FOR-US: Claroline
-CVE-2006-1594
+CVE-2006-1594 (Multiple directory traversal vulnerabilities in document/rqmkhtml.php  ...)
 	NOT-FOR-US: Claroline
-CVE-2006-1593
+CVE-2006-1593 (The (1) ZD_MissingPlayer, (2) ZD_UseItem, and (3) ZD_LoadNewClientLeve ...)
 	NOT-FOR-US: X-Doom, ZDaemon
 	NOTE: vulnerable functions don't exist in lxdoom, prboom
-CVE-2006-1592
+CVE-2006-1592 (Buffer overflow in the is_client_wad_ok function in w_wad.cpp for (1)  ...)
 	NOT-FOR-US: X-Doom, ZDaemon
 	NOTE: vulnerable functions don't exist in lxdoom, prboom
-CVE-2006-1591
+CVE-2006-1591 (Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allo ...)
 	NOT-FOR-US: Microsoft Windows Help
-CVE-2006-1590
+CVE-2006-1590 (Cross-site scripting (XSS) vulnerability in the PrintFreshPage functio ...)
 	- acidbase 1.2.5-1 (bug #363548; unimportant)
 	[sarge] - acidbase <no-dsa> (Hardly exploitable)
 	- acidlab <removed> (bug #363549; unimportant)
 	[sarge] - acidlab <no-dsa> (Hardly exploitable)
 	NOTE: Not exploitable with the default configuration anyway.
-CVE-2006-1589
+CVE-2006-1589 (The elf_load_file function in NetBSD 2.0 through 3.0 allows local user ...)
 	NOT-FOR-US: NetBSD kernel
-CVE-2006-1588
+CVE-2006-1588 (The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not c ...)
 	NOT-FOR-US: NetBSD kernel
-CVE-2006-1587
+CVE-2006-1587 (NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the ...)
 	NOT-FOR-US: NetBSD
-CVE-2006-1614
+CVE-2006-1614 (Integer overflow in the cli_scanpe function in the PE header parser (l ...)
 	{DSA-1024-1}
 	- clamav 0.88.1-1
-CVE-2006-1630
+CVE-2006-1630 (The cli_bitset_set function in libclamav/others.c in Clam AntiVirus (C ...)
 	{DSA-1024-1}
 	- clamav 0.88.1-1
-CVE-2006-1615
+CVE-2006-1615 (Multiple format string vulnerabilities in the logging code in Clam Ant ...)
 	{DSA-1024-1}
 	- clamav 0.88.1-1
-CVE-2006-1586
+CVE-2006-1586 (SQL injection vulnerability in admin_login.asp in ISP of Egypt SiteMan ...)
 	NOT-FOR-US: Egypt SiteMan
-CVE-2006-1585
+CVE-2006-1585 (Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote  ...)
 	NOT-FOR-US: MonAlbum
-CVE-2006-1584
+CVE-2006-1584 (Unspecified vulnerability in index.php in Warcraft III Replay Parser f ...)
 	NOT-FOR-US: Warcraft III Replay
-CVE-2006-1583
+CVE-2006-1583 (Cross-site scripting (XSS) vulnerability in index.php in Warcraft III  ...)
 	NOT-FOR-US: Warcraft III Replay
-CVE-2006-1582
+CVE-2006-1582 (Cross-site scripting (XSS) vulnerability in index.php in Blank'N'Berg  ...)
 	NOT-FOR-US: Blank'N'Berg
-CVE-2006-1581
+CVE-2006-1581 (Directory traversal vulnerability in index.php in Blank'N'Berg 0.2 all ...)
 	NOT-FOR-US: Blank'N'Berg
-CVE-2006-1580
+CVE-2006-1580 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 a ...)
 	NOT-FOR-US: Bugzero
-CVE-2006-1579
+CVE-2006-1579 (SQL injection vulnerability in topics.php in Dynamic Bulletin Board Sy ...)
 	NOT-FOR-US: Dynamic Bulletin Board System
-CVE-2006-1578
+CVE-2006-1578 (Multiple SQL injection vulnerabilities in Keystone Digital Library Sui ...)
 	NOT-FOR-US: Keystone Digital Library Suite
-CVE-2006-1577
+CVE-2006-1577 (Multiple cross-site scripting (XSS) vulnerabilities in view_all_set.ph ...)
 	{DSA-1133-1}
 	[woody] - mantis <not-affected> (Vulnerable code not present)
 	- mantis 0.19.4-3.1 (bug #361138)
-CVE-2006-1576
+CVE-2006-1576 (Direct static code injection vulnerability in QLnews 1.2 allows remote ...)
 	NOT-FOR-US: QLnews
-CVE-2006-1575
+CVE-2006-1575 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in QLn ...)
 	NOT-FOR-US: QLnews
-CVE-2006-1574
+CVE-2006-1574 (Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, W ...)
 	NOT-FOR-US: Groupmax World Wide Web et. al.
-CVE-2006-1573
+CVE-2006-1573 (PHP remote file inclusion vulnerability in index.php in MediaSlash Gal ...)
 	NOT-FOR-US: MediaSlash Gallery
-CVE-2006-1572
+CVE-2006-1572 (SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote  ...)
 	NOT-FOR-US: Oxygen
-CVE-2006-1571
+CVE-2006-1571 (Multiple SQL injection vulnerabilities in loginprocess.php in qliteNew ...)
 	NOT-FOR-US: qliteNews
-CVE-2006-1570
+CVE-2006-1570 (Cross-site scripting (XSS) vulnerability in Esqlanelapse 2.0 and 2.2 a ...)
 	NOT-FOR-US: Esqlanelapse
-CVE-2006-1569
+CVE-2006-1569 (Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote atta ...)
 	NOT-FOR-US: RedCMS
-CVE-2006-1568
+CVE-2006-1568 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
 	NOT-FOR-US: RedCMS
-CVE-2006-1567
+CVE-2006-1567 (Cross-site scripting (XSS) vulnerability in searchresults.asp in SiteS ...)
 	NOT-FOR-US: SiteSearch Indexer
-CVE-2006-1566
+CVE-2006-1566 (Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Deb ...)
 	- libtunepimp 0.4.2-3 (bug #359241; low)
 	[sarge] - libtunepimp <not-affected> (rpath not set to /tmp in Sarge)
-CVE-2006-1565
+CVE-2006-1565 (Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian ...)
 	- gpib 3.2.06-3 (bug #359239; low)
 	[sarge] - gpib <not-affected> (rpath not set to /tmp in Sarge)
-CVE-2006-1564
+CVE-2006-1564 (Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subv ...)
 	- subversion 1.3.0-5 (bug #359234; low)
 	[sarge] - subversion <not-affected> (No rpaths set in Sarge)
-CVE-2006-1563
+CVE-2006-1563 (Direct static code injection vulnerability in config.php in vscripts ( ...)
 	NOT-FOR-US: VBook
-CVE-2006-1562
+CVE-2006-1562 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in vs ...)
 	NOT-FOR-US: VBook
-CVE-2006-1561
+CVE-2006-1561 (SQL injection vulnerability in index.php in vscripts (aka Kuba Kunkiew ...)
 	NOT-FOR-US: VBook
-CVE-2006-1560
+CVE-2006-1560 (Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 ...)
 	NOT-FOR-US: SkinTech phpNewsManager
-CVE-2006-1559
+CVE-2006-1559 (SQL injection vulnerability in PHP Script Index allows remote attacker ...)
 	NOT-FOR-US: PHP Script Index
-CVE-2006-1558
+CVE-2006-1558 (Cross-site scripting (XSS) vulnerability in search.php in PHP Script I ...)
 	NOT-FOR-US: PHP Script Index
-CVE-2006-1557
+CVE-2006-1557 (Multiple SQL injection vulnerabilities in X-Changer 0.2 allow remote a ...)
 	NOT-FOR-US: X-Changer
-CVE-2006-1556
+CVE-2006-1556 (Multiple cross-site scripting (XSS) vulnerabilities in view_caricatier ...)
 	NOT-FOR-US: AL-Caricatier
-CVE-2006-1555
+CVE-2006-1555 (VSNS Lemon 3.2.0 allows remote attackers to bypass authentication and  ...)
 	NOT-FOR-US: VSNS Lemon
-CVE-2006-1554
+CVE-2006-1554 (Cross-site scripting (XSS) vulnerability in VSNS Lemon 3.2.0 allows re ...)
 	NOT-FOR-US: VSNS Lemon
-CVE-2006-1553
+CVE-2006-1553 (SQL injection vulnerability in functions/final_functions.php in VSNS L ...)
 	NOT-FOR-US: VSNS Lemon
-CVE-2006-1552
+CVE-2006-1552 (Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows ...)
 	NOT-FOR-US: Apple
-CVE-2006-1551
+CVE-2006-1551 (Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX 0.5 ...)
 	NOT-FOR-US: PAJAX
-CVE-2006-1549
+CVE-2006-1549 (PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation  ...)
 	- php4 <removed> (bug #361854; unimportant)
 	- php5 5.1.4-0.1 (bug #361917; unimportant)
 	[sarge] - php4 <no-dsa> (there are easier ways to segfault your own program)
-CVE-2006-1548
+CVE-2006-1548 (Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction a ...)
 	- libstruts1.2-java 1.2.9-1 (bug #360551)
 	[sarge] - libstruts1.2-java <no-dsa> (Only in contrib, relies on proprietary Java)
-CVE-2006-1547
+CVE-2006-1547 (ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 wit ...)
 	- libstruts1.2-java 1.2.9-1 (bug #360551)
 	[sarge] - libstruts1.2-java <no-dsa> (Only in contrib, relies on proprietary Java)
-CVE-2006-1546
+CVE-2006-1546 (Apache Software Foundation (ASF) Struts before 1.2.9 allows remote att ...)
 	- libstruts1.2-java 1.2.9-1 (bug #360551)
 	[sarge] - libstruts1.2-java <no-dsa> (Only in contrib, relies on proprietary Java)
-CVE-2006-1545
+CVE-2006-1545 (Direct static code injection vulnerability in admin/config.php in vscr ...)
 	NOT-FOR-US: VNews
-CVE-2006-1544
+CVE-2006-1544 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in vsc ...)
 	NOT-FOR-US: VNews
-CVE-2006-1543
+CVE-2006-1543 (Multiple SQL injection vulnerabilities in vscripts (aka Kuba Kunkiewic ...)
 	NOT-FOR-US: VNews
-CVE-2006-1542
+CVE-2006-1542 (Stack-based buffer overflow in Python 2.4.2 and earlier, running on Li ...)
 	NOT-FOR-US: Bogus issue, this doesn't trigger any local overflow
 	NOTE: Should be rejected
-CVE-2006-1541
+CVE-2006-1541 (SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and ea ...)
 	NOT-FOR-US: EzASPSite
-CVE-2006-1540
+CVE-2006-1540 (MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 al ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1539
+CVE-2006-1539 (Multiple buffer overflows in the checkscores function in scores.c in t ...)
 	- bsdgames 2.17-6 (bug #361160)
 	[sarge] - bsdgames <no-dsa> (Minor impact)
-CVE-2006-1538
+CVE-2006-1538 (The Enova X-Wall ASIC encrypts with a key obtained via Microwire from  ...)
 	NOT-FOR-US: Enova X-Wall ASIC
-CVE-2006-1537
+CVE-2006-1537 (Craig Knudsen WebCalendar 1.1.0-CVS allows remote attackers to obtain  ...)
 	- webcalendar <unfixed> (unimportant)
-CVE-2006-1536
+CVE-2006-1536 (Multiple SQL injection vulnerabilities in Phoetux.net PhxContacts 0.93 ...)
 	NOT-FOR-US: Phoetux.net PhxContacts
-CVE-2006-1535
+CVE-2006-1535 (Cross-site scripting (XSS) vulnerability in login.php in Phoetux.net P ...)
 	NOT-FOR-US: Phoetux.net PhxContacts
-CVE-2006-1534
+CVE-2006-1534 (Multiple SQL injection vulnerabilities in Null news allow remote attac ...)
 	NOT-FOR-US: Null news
-CVE-2006-1533
+CVE-2006-1533 (SQL injection vulnerability in newsletter.php in Sourceworkshop newsle ...)
 	NOT-FOR-US: Sourceworkshop newsletter
-CVE-2006-1532
+CVE-2006-1532 (Cross-site scripting (XSS) vulnerability in search.php in PHP Classifi ...)
 	NOT-FOR-US: PHP Classifieds
-CVE-2006-1531
+CVE-2006-1531 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ...)
 	{DSA-1046-1}
 	- firefox 1.5.0.2 (medium)
 	- mozilla-firefox <not-affected> (pre-1.5 version not vulnerable)
@@ -12984,7 +12984,7 @@ CVE-2006-1531
 	NOTE: MFSA2006-20 says exploitability has not been confirmed.
 	NOTE: Thunderbird is potentially affected as well, but not in the
 	NOTE: default configuration.
-CVE-2006-1530
+CVE-2006-1530 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ...)
 	{DSA-1046-1}
 	- firefox 1.5.0.2 (medium)
 	- mozilla-firefox <not-affected> (pre-1.5 version not vulnerable)
@@ -12994,7 +12994,7 @@ CVE-2006-1530
 	NOTE: MFSA2006-20 says exploitability has not been confirmed.
 	NOTE: Thunderbird is potentially affected as well, but not in the
 	NOTE: default configuration.
-CVE-2006-1529
+CVE-2006-1529 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ...)
 	{DSA-1046-1}
 	- firefox 1.5.0.2-1 (medium)
 	- mozilla-firefox <not-affected> (pre-1.5 version not vulnerable)
@@ -13004,103 +13004,103 @@ CVE-2006-1529
 	NOTE: MFSA2006-20 says exploitability has not been confirmed.
 	NOTE: Thunderbird is potentially affected as well, but not in the
 	NOTE: default configuration.
-CVE-2006-1528
+CVE-2006-1528 (Linux kernel before 2.6.13 allows local users to cause a denial of ser ...)
 	{DSA-1184-2 DSA-1183-1}
 	- linux-2.6 2.6.13-1
-CVE-2006-1527
+CVE-2006-1527 (The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote ...)
 	- linux-2.6 2.6.16-12 (low)
-CVE-2006-1526
+CVE-2006-1526 (Buffer overflow in the X render (Xrender) extension in X.org X server  ...)
 	- xorg-server 1:1.0.2-8 (bug #378464)
 	[sarge] - xfree86 <not-affected> (Vulnerable code not present)
-CVE-2006-1525
+CVE-2006-1525 (ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users  ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-9
-CVE-2006-1524
+CVE-2006-1524 (madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow f ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-8
-CVE-2006-1523
+CVE-2006-1523 (The __group_complete_signal function in the RCU signal handling (signa ...)
 	{DSA-1103}
 	- linux-2.6 2.6.16-7
-CVE-2006-1522
+CVE-2006-1522 (The sys_add_key function in the keyring code in Linux kernel 2.6.16.1  ...)
 	- linux-2.6 2.6.16-7
 CVE-2006-1521
 	REJECTED
-CVE-2006-1520
+CVE-2006-1520 (Format string vulnerability in ANSI C Sender Policy Framework library  ...)
 	NOTE: Debian ships debugging disabled (this isn't a problem with a debugging command-line flag)
 	- libspf <not-affected> (bug #368780; low)
 CVE-2006-1519
 	REJECTED
-CVE-2006-1518
+CVE-2006-1518 (Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0 ...)
 	{DSA-1079-1 DSA-1073-1 DSA-1071-1}
 	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; medium)
 	- mysql-dfsg-4.1 <removed> (bug #365939; medium)
 	- mysql-dfsg <removed> (bug #365939; bug #356751; medium)
 	- mysql <removed> (bug #365939; medium)
-CVE-2006-1517
+CVE-2006-1517 (sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0. ...)
 	{DSA-1079-1 DSA-1073-1 DSA-1071-1}
 	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; low)
 	- mysql-dfsg-4.1 <removed> (bug #365939; low)
 	- mysql-dfsg <removed> (bug #365939; bug #356751; low)
 	- mysql <removed> (bug #365939; low)
-CVE-2006-1516
+CVE-2006-1516 (The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0 ...)
 	{DSA-1079-1 DSA-1073-1 DSA-1071-1}
 	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; bug #365938; bug #366044; low)
 	- mysql-dfsg-4.1 <removed> (bug #365939; bug #366043; low)
 	- mysql-dfsg <removed> (bug #365939; bug #356751; low)
 	- mysql <removed> (bug #365939; low)
-CVE-2006-1515
+CVE-2006-1515 (Buffer overflow in the addnewword function in typespeed 0.4.4 and earl ...)
 	{DSA-1084-1}
 	- typespeed 0.4.4-10
-CVE-2006-1514
+CVE-2006-1514 (Multiple buffer overflows in the abcmidi-yaps translator in abcmidi 20 ...)
 	{DSA-1043-1}
 	- abcmidi 20060422-1
-CVE-2006-1513
+CVE-2006-1513 (Multiple buffer overflows in abc2ps before 1.3.3 allow user-assisted a ...)
 	{DSA-1041-1}
 	- abc2ps <removed> (bug #373685; low)
 CVE-2006-1512
 	REJECTED
-CVE-2006-1511
+CVE-2006-1511 (Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0 and 1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1510
+CVE-2006-1510 (Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1509
+CVE-2006-1509 (/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "d ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-1508
+CVE-2006-1508 (Multiple cross-site scripting (XSS) vulnerabilities in MH Software Con ...)
 	NOT-FOR-US: MH Software Connect Daily Web Calendar
-CVE-2006-1507
+CVE-2006-1507 (Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows remot ...)
 	NOT-FOR-US: PHPKIT
-CVE-2006-1506
+CVE-2006-1506 (Unspecified vulnerability in rsh in Sun Microsystems Sun Grid Engine 5 ...)
 	NOT-FOR-US: Sun Microsystems Sun Grid Engine 5.3
-CVE-2006-1505
+CVE-2006-1505 (base_maintenance.php in Basic Analysis and Security Engine (BASE) befo ...)
 	- acidbase 1.2.4-1 (bug #361139)
-CVE-2006-1504
+CVE-2006-1504 (Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 ...)
 	NOT-FOR-US: Arab Portal
-CVE-2006-1503
+CVE-2006-1503 (PHP remote file inclusion vulnerability in includes/functions_install. ...)
 	NOT-FOR-US: Virtual Wa
-CVE-2006-1502
+CVE-2006-1502 (Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attacke ...)
 	NOT-FOR-US: MPlayer
 	NOTE: I can't find the vulnerable code in xine-lib
-CVE-2006-1501
+CVE-2006-1501 (SQL injection vulnerability in index.php in OneOrZero 1.6.3.0 allows r ...)
 	NOT-FOR-US: OneOrZero
-CVE-2006-1500
+CVE-2006-1500 (SQL injection vulnerability in index.php in Tilde CMS 3.0 allows remot ...)
 	NOT-FOR-US: Tilde CMS 3.0
-CVE-2006-1499
+CVE-2006-1499 (SQL injection vulnerability in vCounter.php in vCounter 1.0 allows rem ...)
 	NOT-FOR-US: vCounter
-CVE-2006-1497
+CVE-2006-1497 (Directory traversal vulnerability in index.php in ViHor Design allows  ...)
 	NOT-FOR-US: ViHor Design
-CVE-2006-1496
+CVE-2006-1496 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Vi ...)
 	NOT-FOR-US: ViHor Design
-CVE-2006-1495
+CVE-2006-1495 (SQL injection vulnerability in general/sendpassword.php in (1) PHPColl ...)
 	NOT-FOR-US: PHPCollab / NetOffice
-CVE-2006-1494
+CVE-2006-1494 (Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 all ...)
 	- php4 4:4.4.4-1 (bug #361855; unimportant)
 	- php5 5.1.4-0.1 (bug #361916; unimportant)
 	NOTE: open_basedir violations are not supported
-CVE-2006-1493
+CVE-2006-1493 (Cross-site scripting (XSS) vulnerability in dir.php in Explorer XP all ...)
 	NOT-FOR-US: Explorer XP
-CVE-2006-1492
+CVE-2006-1492 (Directory traversal vulnerability in dir.php in Explorer XP allows rem ...)
 	NOT-FOR-US: Explorer XP
-CVE-2006-1489
+CVE-2006-1489 (Multiple SQL injection vulnerabilities in FusionZONE CouponZONE local. ...)
 	NOT-FOR-US: FusionZONE CouponZONE
 CVE-2006-XXXX [unixodbc rpath set to /home]
 	- unixodbc 2.2.11-11 (bug #358142; low)
@@ -13117,658 +13117,658 @@ CVE-2006-XXXX [tcpquota rpath set to user home]
 CVE-2006-XXXX [hamlib3-perl rpath set to user home]
 	- hamlib 1.2.5-3 (bug #358166; low)
 	[sarge] - hamlib <no-dsa> (Only exploitable with strange user name)
-CVE-2006-1550
+CVE-2006-1550 (Multiple buffer overflows in the xfig import code (xfig-import.c) in D ...)
 	{DSA-1025-1}
 	- dia 0.94.0-18 (bug #360566)
-CVE-2006-1498
+CVE-2006-1498 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and ...)
 	- mediawiki 1.4.15-1
 	- mediawiki1.5 1.5.8-1
-CVE-2006-1491
+CVE-2006-1491 (Eval injection vulnerability in Horde Application Framework versions 3 ...)
 	{DSA-1034-1 DSA-1033-1}
 	- horde3 3.1.1-1 (bug #361967)
-CVE-2006-1490
+CVE-2006-1490 (PHP before 5.1.3-RC1 might allow remote attackers to obtain portions o ...)
 	- php5 5.1.4-0.1 (bug #359907; low)
 	- php4 4:4.4.2-1.1 (bug #359904; low)
 	[sarge] - php4 <no-dsa> (Application's responsibility to sanitize input)
-CVE-2006-1488
+CVE-2006-1488 (ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the f ...)
 	NOT-FOR-US: ActiveCampaign SupportTrio
-CVE-2006-1487
+CVE-2006-1487 (Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio ...)
 	NOT-FOR-US: ActiveCampaign SupportTrio
-CVE-2006-1486
+CVE-2006-1486 (Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in re ...)
 	NOT-FOR-US: realestateZONE
-CVE-2006-1485
+CVE-2006-1485 (gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users wi ...)
 	NOT-FOR-US: Greymatter
-CVE-2006-1484
+CVE-2006-1484 (Genius VideoCAM NB Driver does not drop privileges when saving files,  ...)
 	NOT-FOR-US: Genius VideoCAM NB Driver
-CVE-2006-1483
+CVE-2006-1483 (Blazix Web Server before 1.2.6, when running on Windows, allows remote ...)
 	NOT-FOR-US: Blazix Web Server
-CVE-2006-1482
+CVE-2006-1482 (Cross-site scripting (XSS) vulnerability in index.php in ConfTool 1.1  ...)
 	NOT-FOR-US: ConfTool
-CVE-2006-1481
+CVE-2006-1481 (SQL injection vulnerability in search.php in PHP Ticket 0.71 allows re ...)
 	NOT-FOR-US: PHP Ticket
-CVE-2006-1480
+CVE-2006-1480 (Directory traversal vulnerability in start.php in WebAlbum 2.02 allows ...)
 	NOT-FOR-US: WebAlbum
-CVE-2006-1479
+CVE-2006-1479 (Multiple cross-site scripting (XSS) vulnerabilities in Serge Rey gtd-p ...)
 	NOT-FOR-US: Serge Rey gtd-php
-CVE-2006-1478
+CVE-2006-1478 (Directory traversal vulnerability in (1) initiate.php and (2) possibly ...)
 	NOT-FOR-US: Turnkey Web Tools PHP Live Helper
-CVE-2006-1477
+CVE-2006-1477 (Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tool ...)
 	NOT-FOR-US: Turnkey Web Tools PHP Live Helper
-CVE-2006-1476
+CVE-2006-1476 (Windows Firewall in Microsoft Windows XP SP2 produces incorrect applic ...)
 	NOT-FOR-US: Windows Firewall
-CVE-2006-1475
+CVE-2006-1475 (Windows Firewall in Microsoft Windows XP SP2 does not produce applicat ...)
 	NOT-FOR-US: Windows Firewall
-CVE-2006-1474
+CVE-2006-1474 (Cross-site scripting (XSS) vulnerability in the "failed" functionality ...)
 	NOT-FOR-US: Raindance Web Conferencing Pro
-CVE-2006-1473
+CVE-2006-1473 (Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 al ...)
 	NOT-FOR-US: Apple
-CVE-2006-1472
+CVE-2006-1472 (Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allow ...)
 	NOT-FOR-US: Apple
-CVE-2006-1471
+CVE-2006-1471 (Format string vulnerability in the CF_syslog function launchd in Apple ...)
 	NOT-FOR-US: Apple
-CVE-2006-1470
+CVE-2006-1470 (OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers t ...)
 	- openldap2 <not-affected> (Vulnerable code not present)
 	- openldap2.2 <removed> (medium)
-CVE-2006-1469
+CVE-2006-1469 (Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10 ...)
 	NOT-FOR-US: Apple
-CVE-2006-1468
+CVE-2006-1468 (Unspecified vulnerability in Apple File Protocol (AFP) server in Apple ...)
 	NOT-FOR-US: Apple
-CVE-2006-1467
+CVE-2006-1467 (Integer overflow in the AAC file parsing code in Apple iTunes before 6 ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2006-1466
+CVE-2006-1466 (Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects  ...)
 	NOT-FOR-US: Apple
-CVE-2006-1465
+CVE-2006-1465 (Buffer overflow in Apple QuickTime before 7.1 allows remote attackers  ...)
 	NOT-FOR-US: Apple
-CVE-2006-1464
+CVE-2006-1464 (Buffer overflow in Apple QuickTime before 7.1 allows remote attackers  ...)
 	NOT-FOR-US: Apple
-CVE-2006-1463
+CVE-2006-1463 (Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote ...)
 	NOT-FOR-US: Apple
-CVE-2006-1462
+CVE-2006-1462 (Multiple integer overflows in Apple QuickTime before 7.1 allow remote  ...)
 	NOT-FOR-US: Apple
-CVE-2006-1461
+CVE-2006-1461 (Multiple buffer overflows in Apple QuickTime before 7.1 allow remote a ...)
 	NOT-FOR-US: Apple
-CVE-2006-1460
+CVE-2006-1460 (Multiple buffer overflows in Apple QuickTime before 7.1 allow remote a ...)
 	NOT-FOR-US: Apple
-CVE-2006-1459
+CVE-2006-1459 (Multiple integer overflows in Apple QuickTime before 7.1 allow remote  ...)
 	NOT-FOR-US: Apple
-CVE-2006-1458
+CVE-2006-1458 (Integer overflow in Apple QuickTime Player before 7.1 allows remote at ...)
 	NOT-FOR-US: Apple
-CVE-2006-1457
+CVE-2006-1457 (Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloa ...)
 	NOT-FOR-US: Apple
-CVE-2006-1456
+CVE-2006-1456 (Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 ...)
 	NOT-FOR-US: Apple
-CVE-2006-1455
+CVE-2006-1455 (QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows  ...)
 	NOT-FOR-US: Apple
-CVE-2006-1454
+CVE-2006-1454 (Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote ...)
 	NOT-FOR-US: Apple
-CVE-2006-1453
+CVE-2006-1453 (Stack-based buffer overflow in Apple QuickTime before 7.1 allows remot ...)
 	NOT-FOR-US: Apple
-CVE-2006-1452
+CVE-2006-1452 (Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4 ...)
 	NOT-FOR-US: Apple
-CVE-2006-1451
+CVE-2006-1451 (MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a n ...)
 	NOT-FOR-US: MySQL Manager
-CVE-2006-1450
+CVE-2006-1450 (Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to ex ...)
 	NOT-FOR-US: Apple
-CVE-2006-1449
+CVE-2006-1449 (Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows re ...)
 	NOT-FOR-US: Apple
-CVE-2006-1448
+CVE-2006-1448 (Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-assisted attack ...)
 	NOT-FOR-US: Apple
-CVE-2006-1447
+CVE-2006-1447 (LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cau ...)
 	NOT-FOR-US: Apple
-CVE-2006-1446
+CVE-2006-1446 (Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an applicatio ...)
 	NOT-FOR-US: Apple
-CVE-2006-1445
+CVE-2006-1445 (Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 ...)
 	NOT-FOR-US: Apple
-CVE-2006-1444
+CVE-2006-1444 (CoreGraphics in Apple Mac OS X 10.4.6, when "Enable access for assisti ...)
 	NOT-FOR-US: Apple
-CVE-2006-1443
+CVE-2006-1443 (Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4. ...)
 	NOT-FOR-US: Apple
-CVE-2006-1442
+CVE-2006-1442 (The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 l ...)
 	NOT-FOR-US: Apple
-CVE-2006-1441
+CVE-2006-1441 (Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote a ...)
 	NOT-FOR-US: Apple
-CVE-2006-1440
+CVE-2006-1440 (BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite  ...)
 	NOT-FOR-US: Apple
-CVE-2006-1439
+CVE-2006-1439 (NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enabl ...)
 	NOT-FOR-US: Apple
-CVE-2006-1438
+CVE-2006-1438 (Multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP Know ...)
 	NOT-FOR-US: aphpkb
-CVE-2006-1437
+CVE-2006-1437 (UPOINT @1 Event Publisher stores sensitive information under the web d ...)
 	NOT-FOR-US: UPOINT
-CVE-2006-1436
+CVE-2006-1436 (Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event ...)
 	NOT-FOR-US: UPOINT
-CVE-2006-1435
+CVE-2006-1435 (Cross-site scripting (XSS) vulnerability in genmessage.php in Accounti ...)
 	NOT-FOR-US: Accounting Receiving and Inventory Administration (ARIA), different from debian aria
-CVE-2006-1434
+CVE-2006-1434 (Cross-site scripting (XSS) vulnerability in inscription.php in Annuair ...)
 	NOT-FOR-US: Annuaire (Directory)
-CVE-2006-1433
+CVE-2006-1433 (Annuaire (Directory) 1.0 allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: Annuaire (Directory)
-CVE-2006-1432
+CVE-2006-1432 (fusionZONE couponZONE 4.2 allows remote attackers to obtain the full p ...)
 	NOT-FOR-US: fusionZONE couponZONE
-CVE-2006-1431
+CVE-2006-1431 (Cross-site scripting (XSS) vulnerability in local.cfm in fusionZONE co ...)
 	NOT-FOR-US: fusionZONE couponZONE
-CVE-2006-1430
+CVE-2006-1430 (Multiple cross-site scripting (XSS) vulnerabilities in CONTROLzx HMS ( ...)
 	NOT-FOR-US: CONTROLzx HMS
-CVE-2006-1429
+CVE-2006-1429 (Cross-site scripting (XSS) vulnerability in accountlogon.cfm in classi ...)
 	NOT-FOR-US: classifiedZONE
-CVE-2006-1428
+CVE-2006-1428 (Multiple cross-site scripting (XSS) vulnerabilities in phpCOIN 1.2.2 a ...)
 	NOT-FOR-US: phpCOIN
-CVE-2006-1427
+CVE-2006-1427 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP 0.9.9.3. ...)
 	NOT-FOR-US: WebAPP
-CVE-2006-1426
+CVE-2006-1426 (Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remo ...)
 	NOT-FOR-US: Blog Pixel Motion
-CVE-2006-1425
+CVE-2006-1425 (Cross-site scripting (XSS) vulnerability in track.php in phpmyfamily 1 ...)
 	NOT-FOR-US: phpmyfamily
 CVE-2006-1424
 	REJECTED
-CVE-2006-1423
+CVE-2006-1423 (SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0  ...)
 	NOT-FOR-US: UBB.threads
-CVE-2006-1422
+CVE-2006-1422 (SQL injection vulnerability in details_view.php in PHP Booking Calenda ...)
 	NOT-FOR-US: PHP Booking Calendar
-CVE-2006-1421
+CVE-2006-1421 (Multiple SQL injection vulnerabilities in akocomment.php in AkoComment ...)
 	NOT-FOR-US: AkoComment
-CVE-2006-1420
+CVE-2006-1420 (SQL injection vulnerability in print.php in SaphpLesson 2.0 allows rem ...)
 	NOT-FOR-US: SaphpLesson
-CVE-2006-1419
+CVE-2006-1419 (SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 ...)
 	NOT-FOR-US: nuked-klan
-CVE-2006-1418
+CVE-2006-1418 (Cross-site scripting (XSS) vulnerability in default.asp in Caloris Pla ...)
 	NOT-FOR-US: Caloris Planitia E-School Management
-CVE-2006-1417
+CVE-2006-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Caloris Planiti ...)
 	NOT-FOR-US: Caloris Planitia Online Quiz System
-CVE-2006-1416
+CVE-2006-1416 (Cross-site scripting (XSS) vulnerability in afmsearch.aspx in Absolute ...)
 	NOT-FOR-US: Absolute FAQ Manager .NET
-CVE-2006-1415
+CVE-2006-1415 (Cross-site scripting (XSS) vulnerability in iforget.aspx in dotNetBB 2 ...)
 	NOT-FOR-US: dotNetBB
-CVE-2006-1414
+CVE-2006-1414 (Multiple cross-site scripting (XSS) vulnerabilities in toast.asp in To ...)
 	NOT-FOR-US: Toast Forums
-CVE-2006-1413
+CVE-2006-1413 (Multiple cross-site scripting (XSS) vulnerabilities in EZHomepagePro 1 ...)
 	NOT-FOR-US: EZHomepagePro
-CVE-2006-1412
+CVE-2006-1412 (TFT Gallery 0.10 stores sensitive information under the web root with  ...)
 	NOT-FOR-US: TFT Gallery
-CVE-2006-1411
+CVE-2006-1411 (Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE  ...)
 	NOT-FOR-US: Absolute Image Gallery
-CVE-2006-1410
+CVE-2006-1410 (Multiple cross-site scripting (XSS) vulnerabilities in XIGLA Absolute  ...)
 	NOT-FOR-US: XIGLA Absolute Live Support
-CVE-2006-1409
+CVE-2006-1409 (Buffer overflow in Vavoom 1.19.1 and earlier allows remote attackers t ...)
 	NOT-FOR-US: Vavoom
 	NOTE: code in prboom and lxdoom looks completely different
-CVE-2006-1408
+CVE-2006-1408 (Vavoom 1.19.1 and earlier allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Vavoom
 	NOTE: code in prboom and lxdoom looks completely different
-CVE-2006-1407
+CVE-2006-1407 (Multiple cross-site scripting (XSS) vulnerabilities in Helm Web Hostin ...)
 	NOT-FOR-US: Helm Web Hosting Control Panel
-CVE-2006-1406
+CVE-2006-1406 (Multiple cross-site scripting (XSS) vulnerabilities in wbadmlog.aspx i ...)
 	NOT-FOR-US: uniForum
-CVE-2006-1405
+CVE-2006-1405 (Cross-site scripting (XSS) vulnerability in search.aspx in SweetSuite. ...)
 	NOT-FOR-US: SweetSuite.NET Content Management System
-CVE-2006-1404
+CVE-2006-1404 (Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in Blan ...)
 	NOT-FOR-US: BlankOL
-CVE-2006-1403
+CVE-2006-1403 (Format string vulnerability in the PrintString function in c_console.c ...)
 	NOT-FOR-US: csDoom
 	NOTE: prboom, lxdoom not affected
-CVE-2006-1402
+CVE-2006-1402 (Buffer overflow in client/server Doom (csDoom) 0.7 and earlier allows  ...)
 	NOT-FOR-US: csDoom
 	NOTE: prboom, lxdoom not affected
-CVE-2006-1401
+CVE-2006-1401 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in C ...)
 	NOT-FOR-US: Calendar Express
-CVE-2006-1400
+CVE-2006-1400 (Cross-site scripting (XSS) vulnerability in MyTasks/PersonalTaskEdit.a ...)
 	NOT-FOR-US: Metisware Instructor
-CVE-2006-1399
+CVE-2006-1399 (Cross-site scripting (XSS) vulnerability in searchresult.php in Meetin ...)
 	NOT-FOR-US: Meeting Reserve
-CVE-2006-1398
+CVE-2006-1398 (Cross-site scripting (XSS) vulnerability in guestbook.php in G-Book 1. ...)
 	NOT-FOR-US: G-Book
-CVE-2006-1397
+CVE-2006-1397 (Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew a ...)
 	NOT-FOR-US: phpAdsNew
-CVE-2006-1396
+CVE-2006-1396 (Multiple cross-site scripting (XSS) vulnerabilities in Cholod MySQL Ba ...)
 	NOT-FOR-US: Cholod
-CVE-2006-1395
+CVE-2006-1395 (SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message Bo ...)
 	NOT-FOR-US: Cholod
-CVE-2006-1394
+CVE-2006-1394 (Multiple cross-site scripting (XSS) vulnerabilities in the Microsoft I ...)
 	NOT-FOR-US: Pubcookie
-CVE-2006-1393
+CVE-2006-1393 (Multiple cross-site scripting (XSS) vulnerabilities in the mod_pubcook ...)
 	NOT-FOR-US: Pubcookie
-CVE-2006-1392
+CVE-2006-1392 (Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in th ...)
 	NOT-FOR-US: Pubcookie
-CVE-2006-1391
+CVE-2006-1391 (The (a) Quick 'n Easy Web Server before 3.1.1 and (b) Baby ASP Web Ser ...)
 	NOT-FOR-US: Quick 'n Easy/Baby Web Server
-CVE-2006-1390
+CVE-2006-1390 (The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a ...)
 	NOT-FOR-US: Shortcoming of Gentoo-specific games packaging
-CVE-2006-1389
+CVE-2006-1389 (Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-1388
+CVE-2006-1388 (Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows re ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2006-1387
+CVE-2006-1387 (TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows remote authenti ...)
 	- twiki 1:4.0.4-3 (bug #367973)
-CVE-2006-1386
+CVE-2006-1386 (The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 ignore ac ...)
 	- twiki <not-affected> (only affects 4.0.0 - 4.1.0, version in Debian too young)
-CVE-2006-1385
+CVE-2006-1385 (Stack-based buffer overflow in the parseTaggedData function in WavePac ...)
 	NOT-FOR-US: Cisco
-CVE-2006-1384
+CVE-2006-1384 (Cross-site scripting (XSS) vulnerability in apwc_win_main.jsp in the w ...)
 	NOT-FOR-US: IBM Tivoli Business Systems Manager
-CVE-2006-1383
+CVE-2006-1383 (Directory traversal vulnerability in Baby FTP Server (BabyFTP) 1.24 al ...)
 	NOT-FOR-US: Baby FTP Server
-CVE-2006-1382
+CVE-2006-1382 (PHP remote file inclusion vulnerability in impex/ImpExData.php in vBul ...)
 	NOT-FOR-US: vBulletin
-CVE-2006-1381
+CVE-2006-1381 (Trend Micro OfficeScan 5.5, and probably other versions before 6.5, us ...)
 	NOT-FOR-US: Trend Micro
-CVE-2006-1380
+CVE-2006-1380 (ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite ( ...)
 	NOT-FOR-US: Trend Micro
-CVE-2006-1379
+CVE-2006-1379 (Trend Micro PC-cillin Internet Security 2006 14.00.1485 and 14.10.0.10 ...)
 	NOT-FOR-US: Trend Micro
-CVE-2006-1378
+CVE-2006-1378 (PasswordSafe 3.0 beta, when running on Windows before XP, uses a weak  ...)
 	NOT-FOR-US: PasswordSafe
-CVE-2006-1377
+CVE-2006-1377 (Cross-site scripting (XSS) vulnerability in img.php in (1) EasyMoblog  ...)
 	NOT-FOR-US: EasyMoblog
-CVE-2006-1376
+CVE-2006-1376 (The installation of Debian GNU/Linux 3.1r1 from the network install CD ...)
 	[sarge] - shadow 1:4.0.3-31sarge8
 	[sarge] - base-config <not-affected>
 	NOTE: The installer is fixed separately, but the postinst of the shadow update
 	NOTE: corrects permissions of a faulty install
 	- shadow 1:4.0.14-9 (bug #358210; bug #356939)
 	- base-config 2.68 (bug #254068; low)
-CVE-2006-1375
+CVE-2006-1375 (AdMan 1.0.20051221 and earlier allows remote attackers to obtain the f ...)
 	NOT-FOR-US: AdMan
-CVE-2006-1374
+CVE-2006-1374 (SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 ...)
 	NOT-FOR-US: AdMan
-CVE-2006-1373
+CVE-2006-1373 (Cross-site scripting (XSS) vulnerability in status_image.php in PHP Li ...)
 	NOT-FOR-US: PHP Live!
-CVE-2006-1372
+CVE-2006-1372 (Multiple SQL injection vulnerabilities in 1WebCalendar 4.0 and earlier ...)
 	NOT-FOR-US: 1WebCalendar
-CVE-2006-1371
+CVE-2006-1371 (Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows  ...)
 	NOT-FOR-US: Laurentiu Matei eXpandable Home Page
-CVE-2006-1370
+CVE-2006-1370 (Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6. ...)
 	NOT-FOR-US: Real Player, according to Real Helix not affected
-CVE-2006-1369
+CVE-2006-1369 (Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-1368
+CVE-2006-1368 (Buffer overflow in the USB Gadget RNDIS implementation in the Linux ke ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-1
-CVE-2006-1367
+CVE-2006-1367 (The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Mo ...)
 	NOT-FOR-US: Motorola hardware
-CVE-2006-1366
+CVE-2006-1366 (Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other  ...)
 	NOT-FOR-US: Motorola hardware
-CVE-2006-1365
+CVE-2006-1365 (The Motorola PEBL U6, the Motorola V600, and possibly the Motorola E39 ...)
 	NOT-FOR-US: Motorola hardware
-CVE-2006-1364
+CVE-2006-1364 (Microsoft w3wp (aka w3wp.exe) does not properly handle when the AspCom ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1363
+CVE-2006-1363 (images.php in Justin White (aka YTZ) Free Web Publishing System (FreeW ...)
 	NOT-FOR-US: Justin White (aka YTZ) Free Web Publishing System
-CVE-2006-1362
+CVE-2006-1362 (Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 a ...)
 	NOT-FOR-US: Mini-Nuke
-CVE-2006-1361
+CVE-2006-1361 (Cross-site scripting (XSS) vulnerability in OSWiki before 0.3.1 allows ...)
 	NOT-FOR-US: OSWiki
-CVE-2006-1360
+CVE-2006-1360 (Multiple SQL injection vulnerabilities in MusicBox 2.3 Beta 2 allow re ...)
 	NOT-FOR-US: MusicBox
-CVE-2006-1359
+CVE-2006-1359 (Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1358
+CVE-2006-1358 (Unspecified vulnerability in BEA WebLogic Portal 8.1 up to SP5 causes  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-1357
+CVE-2006-1357 (Cross-site scripting (XSS) vulnerability in my.support.php3 in F5 Fire ...)
 	NOT-FOR-US: F5 Firepass 4100 SSL VPN
-CVE-2006-1356
+CVE-2006-1356 (Stack-based buffer overflow in the count_vcards function in LibVC 3, a ...)
 	- libvc 003-4
-CVE-2006-1355
+CVE-2006-1355 (avast! Antivirus 4.6.763 and earlier sets "BUILTIN\Everyone" permissio ...)
 	NOT-FOR-US: avast AV
-CVE-2006-1354
+CVE-2006-1354 (Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remot ...)
 	{DSA-1089-1}
 	- freeradius 1.1.0-1.2 (bug #359042; high)
-CVE-2006-1353
+CVE-2006-1353 (Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier  ...)
 	NOT-FOR-US: ASPPortal
-CVE-2006-1352
+CVE-2006-1352 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-1351
+CVE-2006-1351 (BEA WebLogic Server 6.1 SP7 and earlier allows remote attackers to rea ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-1350
+CVE-2006-1350 (PHP remote file include vulnerability in index.php in 99Articles.com ( ...)
 	NOT-FOR-US: 99Articles.com
-CVE-2006-1349
+CVE-2006-1349 (Multiple cross-site scripting (XSS) vulnerabilities in Musicbox 2.3 Be ...)
 	NOT-FOR-US: MusicBox
-CVE-2006-1348
+CVE-2006-1348 (Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaet ...)
 	NOT-FOR-US: Greg Neustaetter gCards
-CVE-2006-1347
+CVE-2006-1347 (SQL injection vulnerability in loginfunction.php in Greg Neustaetter g ...)
 	NOT-FOR-US: Greg Neustaetter gCards
-CVE-2006-1346
+CVE-2006-1346 (Directory traversal vulnerability in inc/setLang.php in Greg Neustaett ...)
 	NOT-FOR-US: Greg Neustaetter gCards
-CVE-2006-1345
+CVE-2006-1345 (polls.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers t ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1344
+CVE-2006-1344 (Cross-site scripting (XSS) vulnerability in VeriSign haydn.exe, as use ...)
 	NOT-FOR-US: VeriSign haydn.exe
-CVE-2006-1343
+CVE-2006-1343 (net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, an ...)
 	{DSA-1184-2 DSA-1097-1}
 	- linux-2.6 2.6.16-15
-CVE-2006-1342
+CVE-2006-1342 (net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_ ...)
 	- linux-2.6 <not-affected> (Only affects 2.4 kernels)
-CVE-2006-1341
+CVE-2006-1341 (SQL injection vulnerability in events.php in Maian Events 1.0 allows r ...)
 	NOT-FOR-US: Maian Events
-CVE-2006-1340
+CVE-2006-1340 (CuteNews 1.4.1 and possibly other versions allows remote attackers to  ...)
 	NOT-FOR-US: CuteNews
-CVE-2006-1339
+CVE-2006-1339 (Directory traversal vulnerability in inc/functions.inc.php in CuteNews ...)
 	NOT-FOR-US: CuteNews
-CVE-2006-1338
+CVE-2006-1338 (Webmail in MailEnable Professional Edition before 1.73 and Enterprise  ...)
 	NOT-FOR-US: MailEnable
-CVE-2006-1337
+CVE-2006-1337 (Buffer overflow in the POP 3 (POP3) service in MailEnable Standard Edi ...)
 	NOT-FOR-US: MailEnable
-CVE-2006-1336
+CVE-2006-1336 (Cross-site scripting vulnerability in calendar.php in ExtCalendar 1.0  ...)
 	NOT-FOR-US: ExtCalendar
-CVE-2006-1335
+CVE-2006-1335 (gnome screensaver before 2.14, when running on an X server with AllowD ...)
 	- gnome-screensaver 2.14.1-1 (bug #357885)
-CVE-2006-1334
+CVE-2006-1334 (Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remot ...)
 	NOT-FOR-US: Maian Weblog
-CVE-2006-1333
+CVE-2006-1333 (Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and ea ...)
 	NOT-FOR-US: BetaParticle Blog
-CVE-2006-1332
+CVE-2006-1332 (Noah's Classifieds 1.3 and earlier allows remote attackers to obtain s ...)
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-1331
+CVE-2006-1331 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in No ...)
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-1330
+CVE-2006-1330 (Multiple SQL injection vulnerabilities in phpWebsite 0.83 and earlier  ...)
 	NOT-FOR-US: phpWebsite
-CVE-2006-1329
+CVE-2006-1329 (The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows rem ...)
 	- jabberd2 2.0s11-1 (bug #357874)
-CVE-2006-1328
+CVE-2006-1328 (SQL injection vulnerability in count.php in Skull-Splitter PHP Downloa ...)
 	NOT-FOR-US: Skull-Splitter PHP
-CVE-2006-1327
+CVE-2006-1327 (SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote att ...)
 	NOT-FOR-US: SoftBB
-CVE-2006-1326
+CVE-2006-1326 (Multiple cross-site scripting (XSS) vulnerabilities in Invision Power  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-1325
+CVE-2006-1325 (Cross-site scripting (XSS) vulnerability in Streber 0.055 allows remot ...)
 	NOT-FOR-US: Streber
-CVE-2006-1324
+CVE-2006-1324 (Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-1323
+CVE-2006-1323 (Directory traversal vulnerability in WinHKI 1.6 and earlier allows use ...)
 	NOT-FOR-US: WinHKI
-CVE-2006-1322
+CVE-2006-1322 (Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Netware
-CVE-2006-1318
+CVE-2006-1318 (Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Off ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2006-1317
 	REJECTED
-CVE-2006-1316
+CVE-2006-1316 (Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1315
+CVE-2006-1315 (The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1314
+CVE-2006-1314 (Heap-based buffer overflow in the Server Service (SRV.SYS driver) in M ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1313
+CVE-2006-1313 (Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Wi ...)
 	NOT-FOR-US: Microsoft JScript
 CVE-2006-1312
 	REJECTED
-CVE-2006-1311
+CVE-2006-1311 (The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-1310
 	REJECTED
-CVE-2006-1309
+CVE-2006-1309 (Microsoft Excel 2000 through 2004 allows user-assisted attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1308
+CVE-2006-1308 (Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows  ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-1307
 	REJECTED
-CVE-2006-1306
+CVE-2006-1306 (Microsoft Excel 2000 through 2004 allows user-assisted attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1305
+CVE-2006-1305 (Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote att ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1304
+CVE-2006-1304 (Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assis ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1303
+CVE-2006-1303 (Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5. ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1302
+CVE-2006-1302 (Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assis ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1301
+CVE-2006-1301 (Microsoft Excel 2000 through 2004 allows user-assisted attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1300
+CVE-2006-1300 (Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4,  ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-1299
 	REJECTED
-CVE-2006-1298
+CVE-2006-1298 (Format string vulnerability in the Job Engine service (bengine.exe) in ...)
 	NOT-FOR-US: Veritas Backup
-CVE-2006-1297
+CVE-2006-1297 (Unspecified vulnerability in Veritas Backup Exec for Windows Server Re ...)
 	NOT-FOR-US: Veritas Backup
-CVE-2006-1296
+CVE-2006-1296 (Untrusted search path vulnerability in Beagle 0.2.2.1 might allow loca ...)
 	- beagle 0.2.3-1 (bug #357392; low)
-CVE-2006-1295
+CVE-2006-1295 (Cross-site scripting (XSS) vulnerability in recherche.php3 in SPIP 1.8 ...)
 	- spip 2.0.6-1
-CVE-2006-1294
+CVE-2006-1294 (PHP remote file include vulnerability in PageController.php in Knowled ...)
 	NOT-FOR-US: KnowledgebasePublisher
-CVE-2006-1293
+CVE-2006-1293 (Cross-site scripting (XSS) vulnerability in index.php in Contrexx CMS  ...)
 	NOT-FOR-US: Contrexx
-CVE-2006-1292
+CVE-2006-1292 (Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalen ...)
 	NOT-FOR-US: Jim Hu and Chad Little PHP iCalendar
-CVE-2006-1291
+CVE-2006-1291 (publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and earl ...)
 	NOT-FOR-US: Jim Hu and Chad Little PHP iCalendar
-CVE-2006-1290
+CVE-2006-1290 (Multiple cross-site scripting (XSS) vulnerabilities in Milkeyway Capti ...)
 	NOT-FOR-US: Milkeyway Captive Portal
-CVE-2006-1289
+CVE-2006-1289 (Multiple SQL injection vulnerabilities in Milkeyway Captive Portal 0.1 ...)
 	NOT-FOR-US: Milkeyway Captive Portal
-CVE-2006-1288
+CVE-2006-1288 (Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 2 ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-1287
+CVE-2006-1287 (Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-1286
+CVE-2006-1286 (Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for  ...)
 	NOT-FOR-US: Symantec Ghost
-CVE-2006-1285
+CVE-2006-1285 (SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost S ...)
 	NOT-FOR-US: Symantec Ghost
-CVE-2006-1284
+CVE-2006-1284 (The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used ...)
 	NOT-FOR-US: Symantec Ghost
-CVE-2006-1283
+CVE-2006-1283 (opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10- ...)
 	- libpam-opie <not-affected> (FreeBSD specific vulnerability)
-CVE-2006-1282
+CVE-2006-1282 (CRLF injection vulnerability in inc/function.php in MyBulletinBoard (M ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1281
+CVE-2006-1281 (Cross-site scripting (XSS) vulnerability in member.php in MyBulletinBo ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1280
+CVE-2006-1280 (CGI::Session 4.03-1 does not set proper permissions on temporary files ...)
 	- libcgi-session-perl 4.07-1 (low; bug #356555)
 	[sarge] - libcgi-session-perl <no-dsa> (Minor issues)
-CVE-2006-1279
+CVE-2006-1279 (CGI::Session 4.03-1 allows local users to overwrite arbitrary files vi ...)
 	- libcgi-session-perl 4.11-1 (low; bug #356555)
 	[sarge] - libcgi-session-perl <no-dsa> (Minor issues)
-CVE-2006-1278
+CVE-2006-1278 (SQL injection vulnerability in @1 File Store 2006.03.07 allows remote  ...)
 	NOT-FOR-US: @1 File Store
-CVE-2006-1277
+CVE-2006-1277 (Cross-site scripting (XSS) vulnerability in signup.php in @1 File Stor ...)
 	NOT-FOR-US: @1 File Store
-CVE-2006-1276
+CVE-2006-1276 (admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows re ...)
 	NOT-FOR-US: PHP SimpleNEWS
-CVE-2006-1275
+CVE-2006-1275 (GGZ Gaming Zone 0.0.12 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: GGZ Gaming Zone
-CVE-2006-1274
+CVE-2006-1274 (Classic Planer in AntiVir PersonalEdition Classic 7 does not drop priv ...)
 	NOT-FOR-US: Antivir
 CVE-2006-1273
 	NOT-FOR-US: Reportedly problem with a firefox addon
-CVE-2006-1272
+CVE-2006-1272 (Multiple cross-site scripting (XSS) vulnerabilities in member.php in M ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1271
+CVE-2006-1271 (SQL injection vulnerability in index.php in OxyNews allows remote atta ...)
 	NOT-FOR-US: OxyNews
-CVE-2006-1270
+CVE-2006-1270 (Multiple cross-site scripting (XSS) vulnerabilities in zones.php in In ...)
 	NOT-FOR-US: Inprotect
-CVE-2006-1269
+CVE-2006-1269 (Buffer overflow in the parse function in parse.c in zoo 2.10 might all ...)
 	- zoo 2.10-18 (bug #367858; low)
 	[sarge] - zoo <no-dsa> (Attack vector very far-fetched, hardly exploitable)
-CVE-2006-1268
+CVE-2006-1268 (The Internet Key Exchange implementation in Funkwerk X2300 7.2.1 allow ...)
 	NOT-FOR-US: Funkwerk X2300
-CVE-2006-1267
+CVE-2006-1267 (Invision Power Board 2.1.4 allows remote attackers to hijack sessions  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-1266
+CVE-2006-1266 (Cross-site scripting (XSS) vulnerability in Service_Requests.asp in VP ...)
 	NOT-FOR-US: VPMi Enterprise
-CVE-2006-1265
+CVE-2006-1265 (SQL injection vulnerability in discussion.class.php in xhawk.net discu ...)
 	NOT-FOR-US: xhawk.net discussion
-CVE-2006-1264
+CVE-2006-1264 (Cross-site scripting (XSS) vulnerability in xhawk.net discussion 2.0 b ...)
 	NOT-FOR-US: xhawk.net discussion
-CVE-2006-1263
+CVE-2006-1263 (Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in W ...)
 	- wordpress 2.0.2-1
-CVE-2006-1262
+CVE-2006-1262 (Multiple SQL injection vulnerabilities in ASPPortal 3.00 have unknown  ...)
 	NOT-FOR-US: ASPPortal
-CVE-2006-1261
+CVE-2006-1261 (Multiple cross-site scripting (XSS) vulnerabilities in ASPPortal 3.00  ...)
 	NOT-FOR-US: ASPPortal
-CVE-2006-1260
+CVE-2006-1260 (Horde Application Framework 3.0.9 allows remote attackers to read arbi ...)
 	{DSA-1034-1 DSA-1033-1}
 	- horde3 3.1-1 (bug #358812)
-CVE-2006-1259
+CVE-2006-1259 (Multiple SQL injection vulnerabilities in Maian Support 1.0 allow remo ...)
 	NOT-FOR-US: Maian Support
-CVE-2006-1258
+CVE-2006-1258 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows  ...)
 	- phpmyadmin 4:2.8.0.2-2 (bug #382228)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2006-1257
+CVE-2006-1257 (The sample files in the authfiles directory in Microsoft Commerce Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1256
+CVE-2006-1256 (Cross-site scripting (XSS) vulnerability in guestbook.php in Soren Boy ...)
 	NOT-FOR-US: Soren Boysen (SkullSplitter) PHP Guestbook
-CVE-2006-1255
+CVE-2006-1255 (Stack-based buffer overflow in the IMAP service in Mercur Messaging 5. ...)
 	NOT-FOR-US: Mercur Messaging
-CVE-2006-1254
+CVE-2006-1254 (Unspecified vulnerability in BorderWare MXtreme 5.0 and 6.0 allows rem ...)
 	NOT-FOR-US: BorderWare MXtreme
-CVE-2006-1253
+CVE-2006-1253 (Unspecified vulnerability in glFTPd before 2.01 RC5 allows remote atta ...)
 	NOT-FOR-US: glFTPd
-CVE-2006-1252
+CVE-2006-1252 (Eval injection vulnerability in cal.php in Light Weight Calendar (LWC) ...)
 	NOT-FOR-US: Light Weight Calendar
-CVE-2006-1251
+CVE-2006-1251 (Argument injection vulnerability in greylistclean.cron in sa-exim 4.2  ...)
 	- sa-exim 4.2.1-1 (bug #345071; bug #356301)
-CVE-2006-1250
+CVE-2006-1250 (Unspecified vulnerability in the Webmail module in Winmail before 4.3  ...)
 	NOT-FOR-US: Winmail
-CVE-2006-1249
+CVE-2006-1249 (Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes  ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2006-1248
+CVE-2006-1248 (Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B. ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-1247
+CVE-2006-1247 (rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows l ...)
 	NOT-FOR-US: AIX
-CVE-2006-1246
+CVE-2006-1246 (Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 al ...)
 	NOT-FOR-US: AIX
-CVE-2006-1245
+CVE-2006-1245 (Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900. ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1244
+CVE-2006-1244 (Unspecified vulnerability in certain versions of xpdf after 3.00, as u ...)
 	{DSA-1019-1 DSA-982-1}
 	- xpdf <not-affected> (All issues previously fixed)
 	NOTE: Discussion has shown that the revamp patch doesn't fix new vulnerabilities
 	- gpdf 2.10.0-3
 	- koffice 2.3.3-1
 	NOTE: xpdf (and therewith the questionable code) is not part of koffice for some time now
-CVE-2006-1243
+CVE-2006-1243 (Directory traversal vulnerability in install05.php in Simple PHP Blog  ...)
 	NOT-FOR-US: Simple PHP Blog
-CVE-2006-1242
+CVE-2006-1242 (The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2. ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-4
-CVE-2006-1241
+CVE-2006-1241 (Firebird 1.5.2.4731 installs (1) fb_lock_mgr, (2) gds_drop, and (3) fb ...)
 	- firebird2 <not-affected> (Not setuid in Debian)
-CVE-2006-1240
+CVE-2006-1240 (Buffer overflow in inet_server.cpp in (1) fb_inet_server and (2) fbser ...)
 	- firebird2 <not-affected> (Not setuid in Debian)
-CVE-2006-1239
+CVE-2006-1239 (Cross-site scripting (XSS) vulnerability in issue/createissue.aspx in  ...)
 	NOT-FOR-US: Gemini
-CVE-2006-1238
+CVE-2006-1238 (SQL injection vulnerability in DSLogin 1.0, with magic_quotes_gpc disa ...)
 	NOT-FOR-US: DSLogin
-CVE-2006-1237
+CVE-2006-1237 (Multiple SQL injection vulnerabilities in DSNewsletter 1.0, with magic ...)
 	NOT-FOR-US: DSNewsletter
-CVE-2006-1236
+CVE-2006-1236 (Buffer overflow in the SetUp function in socket/request.c in CrossFire ...)
 	{DSA-1009-1}
 	- crossfire 1.9.0-2 (medium)
-CVE-2006-1235
+CVE-2006-1235 (Directory traversal vulnerability in admin/deleteuser.php in HitHost 1 ...)
 	NOT-FOR-US: HitHost
-CVE-2006-1234
+CVE-2006-1234 (SQL injection vulnerability in index.php in DSCounter 1.2, with magic_ ...)
 	NOT-FOR-US: DSCounter
-CVE-2006-1233
+CVE-2006-1233 (Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow re ...)
 	NOT-FOR-US: WMNews
-CVE-2006-1232
+CVE-2006-1232 (Multiple SQL injection vulnerabilities in DSDownload 1.0, with magic_q ...)
 	NOT-FOR-US: DSDownload
-CVE-2006-1231
+CVE-2006-1231 (CAPI4HylaFAX 1.3, when compiled with GENERATE_DEBUGSFFDATAFILE set, al ...)
 	- capi4hylafax <not-affected> (Affected DEFINE not defined)
-CVE-2006-1230
+CVE-2006-1230 (Multiple cross-site scripting (XSS) vulnerabilities in create.php in v ...)
 	NOT-FOR-US: vCard
-CVE-2006-1229
+CVE-2006-1229 (SQL injection vulnerability in search.asp in Hosting Controller 6.1 (H ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2006-1228
+CVE-2006-1228 (Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x  ...)
 	{DSA-1007-1}
 	- drupal 4.5.8-1
-CVE-2006-1227
+CVE-2006-1227 (Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8, when menu.module is  ...)
 	{DSA-1007-1}
 	- drupal 4.5.8-1
-CVE-2006-1226
+CVE-2006-1226 (Cross-site scripting (XSS) vulnerability in Drupal 4.5.x before 4.5.8  ...)
 	{DSA-1007-1}
 	- drupal 4.5.8-1
-CVE-2006-1225
+CVE-2006-1225 (CRLF injection vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x be ...)
 	{DSA-1007-1}
 	- drupal 4.5.8-1
-CVE-2006-1224
+CVE-2006-1224 (Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows  ...)
 	NOT-FOR-US: GuppY
-CVE-2006-1223
+CVE-2006-1223 (Cross-site scripting (XSS) vulnerability in Jupiter Content Manager 1. ...)
 	NOT-FOR-US: Jupiter Content Manager
-CVE-2006-1222
+CVE-2006-1222 (Multiple cross-site scripting (XSS) vulnerabilities in zeroboard 4.1 p ...)
 	NOT-FOR-US: zeroboard
-CVE-2006-1221
+CVE-2006-1221 (Untrusted search path vulnerability in the TrueVector service (VSMON.e ...)
 	NOT-FOR-US: TrueVector
 CVE-2006-XXXX [Insufficient filename sanitising in darcsweb]
 	- darcsweb 0.15-1
-CVE-2006-1220
+CVE-2006-1220 (Integer overflow in the mach_msg_send function in the kernel for Mac O ...)
 	NOT-FOR-US: MacOS X
-CVE-2006-1219
+CVE-2006-1219 (Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2. ...)
 	- gallery2 2.0.4-1
-CVE-2006-1218
+CVE-2006-1218 (Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3. ...)
 	NOT-FOR-US: Novell BorderManager
-CVE-2006-1217
+CVE-2006-1217 (SQL injection vulnerability in DSPoll 1.1 allows remote attackers to e ...)
 	NOT-FOR-US: DSPoll
-CVE-2006-1216
+CVE-2006-1216 (Cross-site scripting (XSS) vulnerability in bigshow.php in Runcms 1.x  ...)
 	NOT-FOR-US: Runcms
-CVE-2006-1215
+CVE-2006-1215 (Cross-site scripting (XSS) vulnerability in misc.php in Woltlab Burnin ...)
 	NOT-FOR-US: Woltlab BB
-CVE-2006-1214
+CVE-2006-1214 (UnrealIRCd 3.2.3 allows remote attackers to cause an unspecified denia ...)
 	NOT-FOR-US: UnrealIRCd
-CVE-2006-1213
+CVE-2006-1213 (JiRo's Banner System Experience and Professional 1.0 and earlier allow ...)
 	NOT-FOR-US: JiRo's Banner System Experience and Professional
-CVE-2006-1212
+CVE-2006-1212 (Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows r ...)
 	NOT-FOR-US: CoreNews
-CVE-2006-1211
+CVE-2006-1211 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL data ...)
 	NOT-FOR-US: Tivoli
-CVE-2006-1210
+CVE-2006-1210 (The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 i ...)
 	NOT-FOR-US: Tivoli
-CVE-2006-1209
+CVE-2006-1209 (PHP Advanced Transfer Manager 1.00 through 1.30 stores sensitive infor ...)
 	NOT-FOR-US: PHP Advanced Transfer Manager
-CVE-2006-1208
+CVE-2006-1208 (Sergey Korostel PHP Upload Center allows remote attackers to execute a ...)
 	NOT-FOR-US: Sergey Korostel PHP Upload Center
-CVE-2006-1207
+CVE-2006-1207 (PHP Upload Center stores password hashes under the web root with insuf ...)
 	NOT-FOR-US: PHP Upload Center
-CVE-2006-1206
+CVE-2006-1206 (Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedde ...)
 	- dropbear 0.48-1
-CVE-2006-1205
+CVE-2006-1205 (Multiple cross-site scripting (XSS) vulnerabilities in myWebland myBlo ...)
 	NOT-FOR-US: myBloggie
-CVE-2006-1204
+CVE-2006-1204 (Multiple cross-site scripting (XSS) vulnerabilities in txtForum 1.0.4- ...)
 	NOT-FOR-US: txtForum
-CVE-2006-1203
+CVE-2006-1203 (PHP remote file include vulnerability in common.php in txtForum 1.0.4- ...)
 	NOT-FOR-US: txtForum
-CVE-2006-1202
+CVE-2006-1202 (Multiple cross-site scripting (XSS) vulnerabilities in textfileBB 1.0  ...)
 	NOT-FOR-US: textfileBB
-CVE-2006-1201
+CVE-2006-1201 (Directory traversal vulnerability in resetpw.php in eschew.net phpBann ...)
 	NOT-FOR-US: phpBannerExchange
-CVE-2006-1200
+CVE-2006-1200 (Direct static code injection vulnerability in add_link.txt in daverave ...)
 	NOT-FOR-US: daverave Link Bank
-CVE-2006-1199
+CVE-2006-1199 (Cross-site scripting (XSS) vulnerability in iframe.php in daverave Lin ...)
 	NOT-FOR-US: daverave Link Bank
-CVE-2006-1198
+CVE-2006-1198 (Comvigo IM Lock 2006 uses a simple substitution cipher to encrypt a pa ...)
 	NOT-FOR-US: Comvigo IM Lock
-CVE-2006-1197
+CVE-2006-1197 (SafeDisc installs the driver service for the secdrv.sys driver with in ...)
 	NOT-FOR-US: SafeDisc
-CVE-2006-1196
+CVE-2006-1196 (Multiple cross-site scripting (XSS) vulnerabilities in QwikiWiki 1.5 a ...)
 	NOT-FOR-US: QwikiWiki
-CVE-2006-1195
+CVE-2006-1195 (The enet_protocol_handle_send_fragment function in protocol.c for ENet ...)
 	NOT-FOR-US: Enet lib (Cube, Sauerbraten)
-CVE-2006-1194
+CVE-2006-1194 (Integer signedness error in the enet_protocol_handle_incoming_commands ...)
 	NOT-FOR-US: Enet lib (Cube, Sauerbraten)
-CVE-2006-1193
+CVE-2006-1193 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server  ...)
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2006-1192
+CVE-2006-1192 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1191
+CVE-2006-1191 (Microsoft Internet Explorer 5.01 through 6 does not always correctly i ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1190
+CVE-2006-1190 (Microsoft Internet Explorer 5.01 through 6 does not always return the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1189
+CVE-2006-1189 (Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 thro ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1188
+CVE-2006-1188 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-1187
 	REJECTED
-CVE-2006-1186
+CVE-2006-1186 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1185
+CVE-2006-1185 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 through  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1184
+CVE-2006-1184 (Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4 ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1183
+CVE-2006-1183 (The Ubuntu 5.10 installer does not properly clear passwords from the i ...)
 	- base-config <not-affected> (UBuntu specific)
 	- shadow <not-affected> (UBuntu specific)
-CVE-2006-1182
+CVE-2006-1182 (Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Docum ...)
 	NOT-FOR-US: Adobe Graphics Server
 CVE-2006-1181
 	RESERVED
@@ -13776,21 +13776,21 @@ CVE-2006-1180
 	RESERVED
 CVE-2006-1179
 	RESERVED
-CVE-2006-1178
+CVE-2006-1178 (Tamarack MMSd before 7.992 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Tamarack MMSd
 CVE-2006-1177
 	RESERVED
-CVE-2006-1176
+CVE-2006-1176 (Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl ...)
 	NOT-FOR-US: eBay Enhanced Picture Services
-CVE-2006-1175
+CVE-2006-1175 (The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scr ...)
 	NOT-FOR-US: WeOnlyDo! SFTP
-CVE-2006-1174
+CVE-2006-1174 (useradd in shadow-utils before 4.0.3, and possibly other versions befo ...)
 	- shadow 1:4.0.15-10 (low)
 	[sarge] - shadow <not-affected> (Vulnerable code was introduced later)
-CVE-2006-1173
+CVE-2006-1173 (Sendmail before 8.13.7 allows remote attackers to cause a denial of se ...)
 	{DSA-1155}
 	- sendmail 8.13.7-1 (low; bug #373801)
-CVE-2006-1172
+CVE-2006-1172 (Stack-based buffer overflow in the createPKCS10 function in Cryptomath ...)
 	NOT-FOR-US: ActiveX control
 CVE-2006-1171
 	REJECTED
@@ -13798,476 +13798,476 @@ CVE-2006-1170
 	REJECTED
 CVE-2006-1169
 	REJECTED
-CVE-2006-1168
+CVE-2006-1168 (The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) ...)
 	{DSA-1149-1}
 	- ncompress 4.2.4-16
-CVE-2006-1167
+CVE-2006-1167 (SGI ProPack 3 SP6 kernel displays the frame buffer contents of the las ...)
 	NOT-FOR-US: SGI
-CVE-2006-1165
+CVE-2006-1165 (Cross-site scripting (XSS) vulnerability in the mediamanager module in ...)
 	- dokuwiki 0.0.20060309-3 (bug #357436)
-CVE-2006-1164
+CVE-2006-1164 (Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file ...)
 	NOT-FOR-US: Nodez
-CVE-2006-1163
+CVE-2006-1163 (Cross-site scripting (XSS) vulnerability in Nodez 4.6.1.1 allows remot ...)
 	NOT-FOR-US: Nodez
-CVE-2006-1162
+CVE-2006-1162 (Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows  ...)
 	NOT-FOR-US: Nodez
-CVE-2006-1161
+CVE-2006-1161 (Absolute path traversal vulnerability in Easy File Sharing (EFS) Web S ...)
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2006-1160
+CVE-2006-1160 (Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) We ...)
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2006-1159
+CVE-2006-1159 (Format string vulnerability in Easy File Sharing (EFS) Web Server 3.2  ...)
 	NOT-FOR-US: Easy File Sharing (EFS) Web Server
-CVE-2006-1158
+CVE-2006-1158 (Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause ...)
 	NOT-FOR-US: Kerio MailServer
-CVE-2006-1157
+CVE-2006-1157 (Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 ...)
 	NOT-FOR-US: Vz Scripts ADP Forum
-CVE-2006-1156
+CVE-2006-1156 (SQL injection vulnerability in manas tungare Site Membership Script be ...)
 	NOT-FOR-US: manas tungare Site Membership Script
-CVE-2006-1155
+CVE-2006-1155 (Cross-site scripting (XSS) vulnerability in manas tungare Site Members ...)
 	NOT-FOR-US: manas tungare Site Membership Script
-CVE-2006-1154
+CVE-2006-1154 (PHP remote file inclusion vulnerability in archive.php in Fantastic Ne ...)
 	NOT-FOR-US: Fantastic News
-CVE-2006-1153
+CVE-2006-1153 (SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers ...)
 	NOT-FOR-US: D2-Shoutbox
-CVE-2006-1152
+CVE-2006-1152 (PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 a ...)
 	NOT-FOR-US: M-Phorum
-CVE-2006-1151
+CVE-2006-1151 (Cross-site scripting vulnerability in index.php in M-Phorum 0.2 allows ...)
 	NOT-FOR-US: M-Phorum
-CVE-2006-1150
+CVE-2006-1150 (Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automaticall ...)
 	- teg 0.11.1-3 (bug #357645; low)
 	[sarge] - teg <no-dsa> (Only DoS against exotic, mostly single player game)
-CVE-2006-1149
+CVE-2006-1149 (PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL Intr ...)
 	NOT-FOR-US: OWL Intranet Engine
-CVE-2006-1148
+CVE-2006-1148 (Multiple stack-based buffer overflows in the procConnectArgs function  ...)
 	- peercast 0.1217.toots.20060314-1
-CVE-2006-1147
+CVE-2006-1147 (The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Editio ...)
 	NOT-FOR-US: Alien Arena Gold
-CVE-2006-1146
+CVE-2006-1146 (Stack-based buffer overflow in the Cmd_Say_f function in g_cmds.c in A ...)
 	NOT-FOR-US: Alien Arena Gold
-CVE-2006-1145
+CVE-2006-1145 (Format string vulnerability in the safe_cprintf function in acebot_cmd ...)
 	NOT-FOR-US: Alien Arena Gold
-CVE-2006-1144
+CVE-2006-1144 (Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remot ...)
 	NOT-FOR-US: Hit Host
-CVE-2006-1143
+CVE-2006-1143 (Cross-site scripting (XSS) vulnerability in FTPoed Blog Engine 1.1 all ...)
 	NOT-FOR-US: FTPoed Blog Engine
-CVE-2006-1142
+CVE-2006-1142 (Unspecified vulnerability in Ravenous Web Server before 0.7.1 allows r ...)
 	NOT-FOR-US: Ravenous Web Server
-CVE-2006-1141
+CVE-2006-1141 (Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows rem ...)
 	- qmailadmin <removed> (bug #357896; medium)
-CVE-2006-1140
+CVE-2006-1140 (SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote at ...)
 	NOT-FOR-US: RedBLoG
-CVE-2006-1139
+CVE-2006-1139 (Unspecified vulnerability in the ESS/ Network Controller in Xerox Copy ...)
 	NOT-FOR-US: Xerox CopyCentre
-CVE-2006-1138
+CVE-2006-1138 (Unspecified vulnerability in the web server code in Xerox CopyCentre a ...)
 	NOT-FOR-US: Xerox CopyCentre
-CVE-2006-1137
+CVE-2006-1137 (Multiple unspecified vulnerabilities in Xerox CopyCentre and Xerox Wor ...)
 	NOT-FOR-US: Xerox CopyCentre
-CVE-2006-1136
+CVE-2006-1136 (Buffer overflow in the PostScript file interpreter code for Xerox Copy ...)
 	NOT-FOR-US: Xerox CopyCentre
-CVE-2006-1135
+CVE-2006-1135 (Multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2 all ...)
 	NOT-FOR-US: sBlog
-CVE-2006-1134
+CVE-2006-1134 (SQL injection vulnerability in CyBoards PHP Lite 1.25, when magic_quot ...)
 	NOT-FOR-US: CyBoards
-CVE-2006-1133
+CVE-2006-1133 (Multiple cross-site scripting (XSS) vulnerabilities in vbzoom 1.11 all ...)
 	NOT-FOR-US: vbzoom
-CVE-2006-1132
+CVE-2006-1132 (SQL injection vulnerability in show.php in vbzoom 1.11 allow remote at ...)
 	NOT-FOR-US: vbzoom
-CVE-2006-1131
+CVE-2006-1131 (Cross-site scripting (XSS) vulnerability in read.php in bitweaver CMS  ...)
 	NOT-FOR-US: bitweaver
-CVE-2006-1130
+CVE-2006-1130 (Cross-site scripting (XSS) vulnerability in EKINboard 1.0.3 allows rem ...)
 	NOT-FOR-US: EKINboard
-CVE-2006-1129
+CVE-2006-1129 (SQL injection vulnerability in config.php in EKINboard 1.0.3 allows re ...)
 	NOT-FOR-US: EKINboard
-CVE-2006-1166
+CVE-2006-1166 (Monotone 0.25 and earlier, when a user creates a file in a directory c ...)
 	- monotone 0.26pre1-0.1 (low)
 	[sarge] - monotone <no-dsa> (Only exploitable in very far-fetched situation)
 	NOTE: Needs a case-insensitive file system (e.g. VFAT or Samba) on the client
 	NOTE: and massive social engineering
-CVE-2006-1128
+CVE-2006-1128 (Directory traversal vulnerability in the session handling class (Galle ...)
 	- gallery2 2.0.3
-CVE-2006-1127
+CVE-2006-1127 (Cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2 allo ...)
 	- gallery2 2.0.3
-CVE-2006-1126
+CVE-2006-1126 (Gallery 2 up to 2.0.2 allows remote attackers to spoof their IP addres ...)
 	- gallery2 2.0.3
-CVE-2006-1125
+CVE-2006-1125 (Grisoft AVG Free 7.1, and other versions including 7.0.308, sets Every ...)
 	NOT-FOR-US: Grisoft AVG
-CVE-2006-1124
+CVE-2006-1124 (Buffer overflow in RevilloC MailServer and Proxy 1.21 allows remote at ...)
 	NOT-FOR-US: RevilloC MailServer and Proxy
-CVE-2006-1123
+CVE-2006-1123 (SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote ...)
 	NOT-FOR-US: D2KBlog
-CVE-2006-1122
+CVE-2006-1122 (Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0 ...)
 	NOT-FOR-US: D2KBlog
-CVE-2006-1121
+CVE-2006-1121 (Cross-site scripting (XSS) vulnerability in CuteNews 1.4.1 allows remo ...)
 	NOT-FOR-US: CuteNews
-CVE-2006-1120
+CVE-2006-1120 (Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 6.1. ...)
 	NOT-FOR-US: DCP-Portal
-CVE-2006-1119
+CVE-2006-1119 (fantastico in Cpanel does not properly handle when it has insufficient ...)
 	NOT-FOR-US: Cpanel (PHP)
-CVE-2006-1118
+CVE-2006-1118 (SQL injection vulnerability in bmail before Aardvark PR9.1 allows remo ...)
 	NOT-FOR-US: Aardvark
-CVE-2006-1117
+CVE-2006-1117 (nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) n ...)
 	NOT-FOR-US: nCipher
-CVE-2006-1116
+CVE-2006-1116 (The CBC-MAC integrity functions in the nCipher nCore API before 2.18 t ...)
 	NOT-FOR-US: nCipher
-CVE-2006-1115
+CVE-2006-1115 (nCipher HSM before 2.22.6, when generating a Diffie-Hellman public/pri ...)
 	NOT-FOR-US: nCipher
-CVE-2006-1114
+CVE-2006-1114 (Multiple directory traversal vulnerabilities in Loudblog before 0.42 a ...)
 	NOT-FOR-US: Loudblog
-CVE-2006-1113
+CVE-2006-1113 (SQL injection vulnerability in podcast.php in Loudblog before 0.42 all ...)
 	NOT-FOR-US: Loudblog
-CVE-2006-1112
+CVE-2006-1112 (Aztek Forum 4.0 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Aztek Forum
-CVE-2006-1111
+CVE-2006-1111 (Aztek Forum 4.0 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Aztek Forum
-CVE-2006-1110
+CVE-2006-1110 (Cross-site scripting (XSS) vulnerability in Aztek Forum 4.0 allows rem ...)
 	NOT-FOR-US: Aztek Forum
-CVE-2006-1109
+CVE-2006-1109 (SQL injection vulnerability in index.asp in Total Ecommerce 1.0 allows ...)
 	NOT-FOR-US: Total Ecommerce
-CVE-2006-1108
+CVE-2006-1108 (SQL injection vulnerability in news.php in NMDeluxe before 1.0.1 allow ...)
 	NOT-FOR-US: NMDeluxe
-CVE-2006-1107
+CVE-2006-1107 (Cross-site scripting (XSS) vulnerability in news.php in NMDeluxe befor ...)
 	NOT-FOR-US: NMDeluxe
-CVE-2006-1106
+CVE-2006-1106 (Cross-site scripting (XSS) vulnerability in Pixelpost 1.5 beta 1 and e ...)
 	NOT-FOR-US: Pixelpost
-CVE-2006-1105
+CVE-2006-1105 (Pixelpost 1.5 beta 1 and earlier allows remote attackers to obtain con ...)
 	NOT-FOR-US: Pixelpost
-CVE-2006-1104
+CVE-2006-1104 (Multiple SQL injection vulnerabilities in Pixelpost 1.5 beta 1 and ear ...)
 	NOT-FOR-US: Pixelpost
-CVE-2006-1103
+CVE-2006-1103 (engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube  ...)
 	NOT-FOR-US: Sauerbraten / cube engine
-CVE-2006-1102
+CVE-2006-1102 (Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote ...)
 	NOT-FOR-US: Sauerbraten / cube engine
-CVE-2006-1101
+CVE-2006-1101 (The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as ...)
 	NOT-FOR-US: Sauerbraten / cube engine
-CVE-2006-1100
+CVE-2006-1100 (Buffer overflow in the sgetstr function in shared/cube.h in Sauerbrate ...)
 	NOT-FOR-US: Sauerbraten / cube engine
-CVE-2006-1099
+CVE-2006-1099 (PHP remote file include vulnerability in logIT 1.3 and 1.4 allows remo ...)
 	NOT-FOR-US: logIT
-CVE-2006-1098
+CVE-2006-1098 (** DISPUTED ** Multiple SQL injection vulnerabilities in NZ Ecommerce  ...)
 	NOT-FOR-US: NZ Ecommerce
-CVE-2006-1097
+CVE-2006-1097 (Multiple cross-site scripting (XSS) vulnerabilities in Datenbank MOD 2 ...)
 	NOT-FOR-US: Woltlab Burning Board
 CVE-2006-1096
 	NOT-FOR-US: NZ Ecommerce
-CVE-2006-1095
+CVE-2006-1095 (Directory traversal vulnerability in the FileSession object in Mod_pyt ...)
 	NOTE: only version 3.2.7 is vulnerable, 3.2.8 is out
 	NOTE: currently 3.1.3 is in Debian; very unlikely that 3.2.7 will be packaged
-CVE-2006-1094
+CVE-2006-1094 (SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltl ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-1093
+CVE-2006-1093 (Unspecified vulnerability in IBM WebSphere 5.0.2.10 through 5.0.2.15 a ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2006-1092
+CVE-2006-1092 (Unspecified vulnerability in the pagedata subsystem of the process fil ...)
 	NOT-FOR-US: Solaris
-CVE-2006-1091
+CVE-2006-1091 (Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a ...)
 	NOT-FOR-US: Kaspersky Antivirus
-CVE-2006-1090
+CVE-2006-1090 (register.php in PunBB 1.2.10 allows remote attackers to cause an unspe ...)
 	NOT-FOR-US: PunBB
-CVE-2006-1089
+CVE-2006-1089 (Cross-site scripting (XSS) vulnerability in header.php in PunBB 1.2.10 ...)
 	NOT-FOR-US: PunBB
-CVE-2006-1088
+CVE-2006-1088 (PHP-Stats 0.1.9.1 and earlier allows remote attackers to obtain potent ...)
 	NOT-FOR-US: PHP-Stats
-CVE-2006-1087
+CVE-2006-1087 (Direct static code injection vulnerability in the modify_config action ...)
 	NOT-FOR-US: PHP-Stats
 CVE-2006-1086
 	REJECTED
-CVE-2006-1085
+CVE-2006-1085 (admin.php in PHP-Stats 0.1.9.1 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: PHP-Stats
-CVE-2006-1084
+CVE-2006-1084 (Multiple SQL injection vulnerabilities in PHP-Stats 0.1.9.1 and earlie ...)
 	NOT-FOR-US: PHP-Stats
-CVE-2006-1083
+CVE-2006-1083 (Multiple directory traversal vulnerabilities in PHP-Stats 0.1.9.1 and  ...)
 	NOT-FOR-US: PHP-Stats
-CVE-2006-1082
+CVE-2006-1082 (Multiple cross-site scripting (XSS) vulnerabilities in phpArcadeScript ...)
 	NOT-FOR-US: phpArcadeScript
-CVE-2006-1081
+CVE-2006-1081 (SQL injection vulnerability in forgotten_password.php in Jonathan Beck ...)
 	NOT-FOR-US: PluggedOut Nexus
-CVE-2006-1080
+CVE-2006-1080 (Cross-site scripting (XSS) vulnerability in login.php in Game-Panel 2. ...)
 	NOT-FOR-US: Game-Panel
-CVE-2006-1079
+CVE-2006-1079 (htpasswd, as used in Acme thttpd 2.25b and possibly other products suc ...)
 	- thttpd 2.23beta1-2.4 (bug #253816; low)
 	NOTE: apache's htpasswd not vulnerable, but source contains note about
 	NOTE: not being safe for sudo
 	NOTE: filed whishlist bug to add this to manpage
-CVE-2006-1078
+CVE-2006-1078 (Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, a ...)
 	- thttpd 2.23beta1-2.4 (bug #253816; low)
 	NOTE: apache's htpasswd not vulnerable
-CVE-2006-1077
+CVE-2006-1077 (Multiple cross-site scripting (XSS) vulnerabilities in the commentary  ...)
 	NOT-FOR-US: Evo-Dev evoBlog
-CVE-2006-1076
+CVE-2006-1076 (SQL injection vulnerability in index.php, possibly during a showtopic  ...)
 	NOT-FOR-US: checkInvision Power Board
-CVE-2006-1075
+CVE-2006-1075 (Format string vulnerability in the visualization function in Jason Boe ...)
 	NOT-FOR-US: Liero Xtreme
-CVE-2006-1074
+CVE-2006-1074 (Jason Boettcher Liero Xtreme 0.62b and earlier allow remote attackers  ...)
 	NOT-FOR-US: Liero Xtreme
-CVE-2006-1073
+CVE-2006-1073 (Directory traversal vulnerability in index.php in Daverave Simplog 1.0 ...)
 	NOT-FOR-US: Daverave Simplog
-CVE-2006-1072
+CVE-2006-1072 (Cross-site scripting (XSS) vulnerability in Daverave Simplog 1.0.2 and ...)
 	NOT-FOR-US: Daverave Simplog
-CVE-2006-1071
+CVE-2006-1071 (Cross-site scripting (XSS) vulnerability in index.php in DVguestbook 1 ...)
 	NOT-FOR-US: DVguestbook
-CVE-2006-1070
+CVE-2006-1070 (Cross-site scripting (XSS) vulnerability in dv_gbook.php in DVguestboo ...)
 	NOT-FOR-US: DVguestbook
-CVE-2006-1069
+CVE-2006-1069 (Unspecified vulnerability in the session handling for Geeklog 1.4.x be ...)
 	NOT-FOR-US: Geeklog
-CVE-2006-1068
+CVE-2006-1068 (Netgear 614 and 624 routers, possibly running VXWorks, allow remote at ...)
 	NOT-FOR-US: VXWorks
-CVE-2006-1067
+CVE-2006-1067 (Linksys WRT54G routers version 5 (running VXWorks) allow remote attack ...)
 	NOT-FOR-US: VXWorks
-CVE-2006-1066
+CVE-2006-1066 (Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems wi ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.16-1
-CVE-2006-1065
+CVE-2006-1065 (SQL injection vulnerability in search.php in MyBulletinBoard (MyBB) 1. ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-1064
+CVE-2006-1064 (Multiple cross-site scripting (XSS) vulnerabilities in Lurker 2.0 and  ...)
 	{DSA-999-1}
 	- lurker 2.1-1
-CVE-2006-1063
+CVE-2006-1063 (Unspecified vulnerability in Lurker 2.0 and earlier allows remote atta ...)
 	{DSA-999-1}
 	- lurker 2.1-1
-CVE-2006-1062
+CVE-2006-1062 (Unspecified vulnerability in lurker.cgi for Lurker 2.0 and earlier all ...)
 	{DSA-999-1}
 	- lurker 2.1-1
-CVE-2006-1061
+CVE-2006-1061 (Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 a ...)
 	- curl 7.15.3-1
 	[woody] - curl <not-affected> (Vulnerable code not present)
 	[sarge] - curl <not-affected> (Vulnerable code not present)
-CVE-2006-1060
+CVE-2006-1060 (Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might ...)
 	{DSA-1038-1 DSA-1037-1}
 	- xzgv 0.8-5.1 (bug #362288; medium)
 	- zgv 5.9-2
-CVE-2006-1059
+CVE-2006-1059 (The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trus ...)
 	- samba 3.0.22-1
 	[woody] - samba <not-affected>
 	[sarge] - samba <not-affected>
-CVE-2006-1058
+CVE-2006-1058 (BusyBox 1.1.1 does not use a salt when generating passwords, which mak ...)
 	- busybox 1:1.1.3-1 (low; bug #360578)
 	[woody] - busybox <not-affected>
 	[sarge] - busybox <not-affected>
-CVE-2006-1057
+CVE-2006-1057 (Race condition in daemon/slave.c in gdm before 2.14.1 allows local use ...)
 	{DSA-1040-1}
 	- gdm 2.14.4-1
-CVE-2006-1056
+CVE-2006-1056 (The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running  ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-9
 	- kfreebsd-5 5.4-17
 	- xen-3.0 3.0.2+hg9656-1
-CVE-2006-1055
+CVE-2006-1055 (The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12  ...)
 	- linux-2.6 2.6.16-6
 CVE-2006-1054
 	REJECTED
 CVE-2006-1053
 	RESERVED
-CVE-2006-1052
+CVE-2006-1052 (The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows  ...)
 	{DSA-1184-2}
 	- linux-2.6 2.6.15+2.6.16-rc5-0experimental.1 (low)
-CVE-2006-1051
+CVE-2006-1051 (SQL injection vulnerability in Akarru Social BookMarking Engine before ...)
 	NOT-FOR-US: Akurru Social BookMarking Engine
 CVE-2006-1050
 	NOT-FOR-US: Kwik-Pay Payroll
-CVE-2006-1319
+CVE-2006-1319 (chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little e ...)
 	- runit 1.4.1-1 (bug #356016; medium)
 	[sarge] - runit <not-affected>
-CVE-2006-1049
+CVE-2006-1049 (Multiple SQL injection vulnerabilities in the Admin functionality in J ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-1048
+CVE-2006-1048 (Joomla! 1.0.7 and earlier allows attackers to bypass intended access r ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-1047
+CVE-2006-1047 (Unspecified vulnerability in the "Remember Me login functionality" in  ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-1046
+CVE-2006-1046 (server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial o ...)
 	- monopd 0.9.3-2 (bug #355797; low)
 	[sarge] - monopd <no-dsa> (Very minor security ramifications)
-CVE-2006-1045
+CVE-2006-1045 (The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block load ...)
 	{DSA-1051-1 DSA-1046-1}
 	- thunderbird 1.5.0.2-1
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
 	- firefox 1.5.dfsg+1.5.0.2-1
 	- xulrunner 1.8.0.1-9
-CVE-2006-1044
+CVE-2006-1044 (Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSER ...)
 	NOT-FOR-US: LISTSERV
-CVE-2006-1043
+CVE-2006-1043 (Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microso ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-1042
+CVE-2006-1042 (Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote ...)
 	NOT-FOR-US: Gregarius
-CVE-2006-1041
+CVE-2006-1041 (Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 ...)
 	NOT-FOR-US: Gregarius
-CVE-2006-1040
+CVE-2006-1040 (Cross-site scripting (XSS) vulnerability in vBulletin 3.0.12 and 3.5.3 ...)
 	NOT-FOR-US: vBulletin
-CVE-2006-1039
+CVE-2006-1039 (SAP Web Application Server (WebAS) Kernel before 7.0 allows remote att ...)
 	NOT-FOR-US: SAP
-CVE-2006-1038
+CVE-2006-1038 (Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and  ...)
 	NOT-FOR-US: SecureCRT
-CVE-2006-1037
+CVE-2006-1037 (SQL injection vulnerability in the Oracle Diagnostics module 2.2 and e ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1036
+CVE-2006-1036 (Multiple unspecified vulnerabilities in the Oracle Diagnostics module  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1035
+CVE-2006-1035 (Unspecified vulnerability in the Oracle Diagnostics module 2.2 and ear ...)
 	NOT-FOR-US: Oracle
-CVE-2006-1034
+CVE-2006-1034 (Multiple cross-site scripting (XSS) vulnerabilities in Woltlab Burning ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-1033
+CVE-2006-1033 (Multiple cross-site scripting (XSS) vulnerabilities in Dragonfly CMS b ...)
 	NOT-FOR-US: Dragonfly CMS
-CVE-2006-1032
+CVE-2006-1032 (Eval injection vulnerability in the decode function in rpc_decoder.php ...)
 	NOT-FOR-US: phpRPC
-CVE-2006-1031
+CVE-2006-1031 (config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote ...)
 	NOT-FOR-US: iGENUS Webmail
-CVE-2006-1030
+CVE-2006-1030 (Unspecified vulnerability in mod_templatechooser in Joomla! 1.0.7 allo ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-1029
+CVE-2006-1029 (The cross-site scripting (XSS) countermeasures in class.inputfilter.ph ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-1028
+CVE-2006-1028 (feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-1027
+CVE-2006-1027 (feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-1026
+CVE-2006-1026 (JFacets before 0.2 allows remote attackers to gain privileges as any a ...)
 	NOT-FOR-US: JFacets
-CVE-2006-1025
+CVE-2006-1025 (Cross-site scripting (XSS) vulnerability in manage.asp in Addsoft Stor ...)
 	NOT-FOR-US: Addsoft StoreBot
-CVE-2006-1024
+CVE-2006-1024 (SQL injection vulnerability in MgrLogin.asp in Addsoft StoreBot 2005 P ...)
 	NOT-FOR-US: Addsoft StoreBot
-CVE-2006-1023
+CVE-2006-1023 (Directory traversal vulnerability in HP System Management Homepage (SM ...)
 	NOT-FOR-US: HP System Management
-CVE-2006-1022
+CVE-2006-1022 (PHP remote file include vulnerability in sol_menu.php in PeHePe Uyelik ...)
 	NOT-FOR-US: PeHePe Uyelik Sistemi
-CVE-2006-1021
+CVE-2006-1021 (Cross-site scripting (XSS) vulnerability in sol_menu.php in PeHePe Uye ...)
 	NOT-FOR-US: PeHePe Uyelik Sistemi
-CVE-2006-1020
+CVE-2006-1020 (SQL injection vulnerability in forumlib.php in Johnny_Vegas Vegas Foru ...)
 	NOT-FOR-US: Johnny_Vegas Vegas Forum
-CVE-2006-1019
+CVE-2006-1019 (Cross-site scripting (XSS) vulnerability in fce.php in UKiBoard 3.0.1  ...)
 	NOT-FOR-US: UkiBoard
-CVE-2006-1018
+CVE-2006-1018 (SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03  ...)
 	NOT-FOR-US: DCI-Design Dawaween
-CVE-2006-1017
+CVE-2006-1017 (The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x  ...)
 	NOT-FOR-US: c-client
-CVE-2006-1016
+CVE-2006-1016 (Buffer overflow in the IsComponentInstalled method in Internet Explore ...)
 	NOT-FOR-US: Windows
-CVE-2006-1015
+CVE-2006-1015 (Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x appl ...)
 	- php5 5.1.4-0.1 (bug #368595; unimportant)
 	- php4 <removed> (bug #368592; unimportant)
 	NOTE: It's the application's job to sanitize input passed to a function
-CVE-2006-1014
+CVE-2006-1014 (Argument injection vulnerability in certain PHP 4.x and 5.x applicatio ...)
 	- php5 5.1.4-0.1 (bug #368595; unimportant)
 	- php4 <removed> (bug #368592; unimportant)
 	NOTE: It's the application's job to sanitize input passed to a function
-CVE-2006-1013
+CVE-2006-1013 (PHP remote file include vulnerability in index.php in SMartBlog (aka S ...)
 	NOT-FOR-US: SMartBlog
-CVE-2006-1012
+CVE-2006-1012 (SQL injection vulnerability in WordPress 1.5.2, and possibly other ver ...)
 	- wordpress 2.0.1-1
-CVE-2006-1011
+CVE-2006-1011 (LetterMerger 1.2 stores user information in Access database files with ...)
 	NOT-FOR-US: LetterMerger
-CVE-2006-1010
+CVE-2006-1010 (Buffer overflow in socket/request.c in CrossFire before 1.9.0, when ol ...)
 	{DSA-1001-1}
 	- crossfire 1.9.0-1
-CVE-2006-1009
+CVE-2006-1009 (M4 Project enigma-suite before 0.73.3 (Windows) has a default password ...)
 	NOT-FOR-US: M4 Project enigma-suite
-CVE-2006-1008
+CVE-2006-1008 (Multiple cross-site scripting (XSS) vulnerabilities in N8cms 1.1 and 1 ...)
 	NOT-FOR-US: N8cms
-CVE-2006-1007
+CVE-2006-1007 (Multiple SQL injection vulnerabilities in N8cms 1.1 and 1.2 allow remo ...)
 	NOT-FOR-US: N8cms
-CVE-2006-1006
+CVE-2006-1006 (Multiple SQL injection vulnerabilities in sendcard.php in sendcard bef ...)
 	NOT-FOR-US: sendcard
-CVE-2006-1005
+CVE-2006-1005 (agencyprofile.asp in Parodia 6.2 and earlier might allow remote attack ...)
 	NOT-FOR-US: Parodia
-CVE-2006-1004
+CVE-2006-1004 (Cross-site scripting (XSS) vulnerability in agencyprofile.asp in Parod ...)
 	NOT-FOR-US: Parodia
-CVE-2006-1003
+CVE-2006-1003 (The backup configuration option in NETGEAR WGT624 Wireless Firewall Ro ...)
 	NOT-FOR-US: NETGEAR hardware issue
-CVE-2006-1002
+CVE-2006-1002 (NETGEAR WGT624 Wireless DSL router has a default account of super_user ...)
 	NOT-FOR-US: NETGEAR hardware issue
-CVE-2006-1001
+CVE-2006-1001 (SQL injection vulnerability in the board module in LanSuite LanParty I ...)
 	NOT-FOR-US: LanSuite LanParty Intranet System
-CVE-2006-1000
+CVE-2006-1000 (Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 an ...)
 	NOT-FOR-US: Pentacle In-Out Board
-CVE-2006-0999
+CVE-2006-0999 (The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and No ...)
 	NOT-FOR-US: Novell
-CVE-2006-0998
+CVE-2006-0998 (The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and No ...)
 	NOT-FOR-US: Novell
-CVE-2006-0997
+CVE-2006-0997 (The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and No ...)
 	NOT-FOR-US: Novell
-CVE-2006-0996
+CVE-2006-0996 (Cross-site scripting (XSS) vulnerability in phpinfo (info.c) in PHP 5. ...)
 	- php4 4:4.4.4-1 (bug #361853; unimportant)
 	- php5 5.1.4-0.1 (bug #361914; unimportant)
 	NOTE: Non-issue, explicit debug feature
-CVE-2006-0995
+CVE-2006-0995 (EMC Dantz Retrospect 7 backup client 7.0.107, and other versions befor ...)
 	NOT-FOR-US: EMC Dantz Retrospect
-CVE-2006-0994
+CVE-2006-0994 (Multiple Sophos Anti-Virus products, including Anti-Virus for Windows  ...)
 	NOT-FOR-US: Sophos
-CVE-2006-0993
+CVE-2006-0993 (The web management interface in 3Com TippingPoint SMS Server before 2. ...)
 	NOT-FOR-US: 3Com
-CVE-2006-0992
+CVE-2006-0992 (Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 P ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2006-0991
+CVE-2006-0991 (Buffer overflow in the NetBackup Sharepoint Services server daemon (bp ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2006-0990
+CVE-2006-0990 (Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2006-0989
+CVE-2006-0989 (Stack-based buffer overflow in the volume manager daemon (vmd) in Veri ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2006-0988
+CVE-2006-0988 (The default configuration of the DNS Server service on Windows Server  ...)
 	NOT-FOR-US: MS Windows issue
-CVE-2006-0987
+CVE-2006-0987 (The default configuration of ISC BIND before 9.4.1-P1, when configured ...)
 	- bind <unfixed> (bug #355787; unimportant)
 	- bind9 1:9.4.0-1 (bug #356266; unimportant)
 	NOTE: This is within the responsibilities of a local admin, especially when
 	NOTE: operating a DNS server, affected sites can configure AllowRecursion
-CVE-2006-0986
+CVE-2006-0986 (WordPress 2.0.1 and earlier allows remote attackers to obtain sensitiv ...)
 	- wordpress 2.0.2-1 (bug #355055; unimportant)
-CVE-2006-0985
+CVE-2006-0985 (Multiple cross-site scripting (XSS) vulnerabilities in the "post comme ...)
 	- wordpress 2.0.2-1 (bug #355055; medium)
-CVE-2006-0984
+CVE-2006-0984 (Cross-site scripting (XSS) vulnerability in inc_header.php in EJ3 TOPo ...)
 	NOT-FOR-US: EJ3 TOPo not in debian
-CVE-2006-0983
+CVE-2006-0983 (Cross-site scripting (XSS) vulnerability in index.php in QwikiWiki 1.4 ...)
 	NOT-FOR-US: QWikiWiki not in debian
-CVE-2006-0982
+CVE-2006-0982 (The on-access scanner for McAfee Virex 7.7 for Macintosh, in some circ ...)
 	NOT-FOR-US: McAfee Virex 7.7 for Macintosh
-CVE-2006-0981
+CVE-2006-0981 (Directory traversal vulnerability in e-merge WinAce 2.6 and earlier al ...)
 	NOT-FOR-US: WinAce
-CVE-2006-0980
+CVE-2006-0980 (Multiple cross-site scripting (XSS) vulnerabilities in Jay Eckles CGI  ...)
 	NOT-FOR-US: Jay Eckles CGI Calendar
-CVE-2006-0979
+CVE-2006-0979 (Unspecified vulnerability in the local weblog publisher in Nidelven IT ...)
 	NOT-FOR-US: Nidelven IT Issue Dealer
-CVE-2006-0978
+CVE-2006-0978 (Multiple cross-site scripting (XSS) vulnerabilities in the View Header ...)
 	NOT-FOR-US: ArGoSoft Mail Server
-CVE-2006-0977
+CVE-2006-0977 (Craig Morrison Mail Transport System Professional (aka MTS Pro) acts a ...)
 	NOT-FOR-US: MTS Pro
-CVE-2006-0976
+CVE-2006-0976 (Directory traversal vulnerability in scan_lang_insert.php in Boris Her ...)
 	NOT-FOR-US: SPiD
 CVE-2006-0975
 	REJECTED
-CVE-2006-0974
+CVE-2006-0974 (Cross-site scripting (XSS) vulnerability in failure.asp in Battleaxe b ...)
 	NOT-FOR-US: bttlxeForum 2.0
-CVE-2006-0973
+CVE-2006-0973 (SQL injection vulnerability in topics.php in Appalachian State Univers ...)
 	NOT-FOR-US: phpWebSite
-CVE-2006-0972
+CVE-2006-0972 (SQL injection vulnerability in news.php in Tony Baird Fantastic News 2 ...)
 	NOT-FOR-US: Tony Baird Fantastic News
-CVE-2006-0971
+CVE-2006-0971 (Directory traversal vulnerability in Lionel Reyero DirectContact 0.3b  ...)
 	NOT-FOR-US: DirectContact
-CVE-2006-0970
+CVE-2006-0970 (PHP remote file inclusion vulnerability in index.php in one or more Ac ...)
 	NOT-FOR-US: ActiveCampaign products
-CVE-2006-0969
+CVE-2006-0969 (PHP remote file inclusion vulnerability in index.php in Top sites de P ...)
 	NOT-FOR-US: PixelArtKingdom TopSites
-CVE-2006-0968
+CVE-2006-0968 (The ncprwsnt service in NCP Network Communication Secure Client 8.11 B ...)
 	NOT-FOR-US: NCP Network Communication Secure Client
-CVE-2006-0967
+CVE-2006-0967 (NCP Network Communication Secure Client 8.11 Build 146, and possibly o ...)
 	NOT-FOR-US: NCP Network Communication Secure Client
-CVE-2006-0966
+CVE-2006-0966 (NCP Network Communication Secure Client 8.11 Build 146, and possibly o ...)
 	NOT-FOR-US: NCP Network Communication Secure Client
-CVE-2006-0965
+CVE-2006-0965 (NCP Network Communication Secure Client 8.11 Build 146, and possibly o ...)
 	NOT-FOR-US: NCP Network Communication Secure Client
-CVE-2006-0964
+CVE-2006-0964 (Client Firewall in NCP Network Communication Secure Client 8.11 Build  ...)
 	NOT-FOR-US: NCP Network Communication Secure Client
-CVE-2006-0963
+CVE-2006-0963 (Multiple buffer overflows in STLport 5.0.2 might allow local users to  ...)
 	- stlport5 5.0.2-1 (bug #358471; medium)
-CVE-2006-0962
+CVE-2006-0962 (SQL injection vulnerability in vuBB 0.2 allows remote attackers to exe ...)
 	NOT-FOR-US: VuBB
-CVE-2006-0961
+CVE-2006-0961 (SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 allows re ...)
 	NOT-FOR-US: Cilem Hiber
-CVE-2006-0960
+CVE-2006-0960 (uConfig agent in Compex NetPassage WPE54G router allows remote attacke ...)
 	NOT-FOR-US: Compex NetPassage WPE54G router
-CVE-2006-0959
+CVE-2006-0959 (SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) 1.03 ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0958
+CVE-2006-0958 (Cross-site scripting (XSS) vulnerability in func.inc.php in ZoneO-Soft ...)
 	NOT-FOR-US: ZoneO-Soft freeForum
-CVE-2006-0957
+CVE-2006-0957 (Direct static code injection vulnerability in func.inc.php in ZoneO-So ...)
 	NOT-FOR-US: ZoneO-Soft freeForum
-CVE-2006-0956
+CVE-2006-0956 (nuauth in NuFW before 1.0.21 does not properly handle blocking TLS soc ...)
 	- nufw 1.0.23-1 (bug #358475; low)
 CVE-2006-0955
 	RESERVED
@@ -14277,332 +14277,332 @@ CVE-2006-0953
 	RESERVED
 CVE-2006-0952
 	RESERVED
-CVE-2006-0951
+CVE-2006-0951 (The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the  ...)
 	NOT-FOR-US: NOD32
-CVE-2006-0950
+CVE-2006-0950 (unalz 0.53 allows user-assisted attackers to overwrite arbitrary files ...)
 	- unalz 0.55-1 (bug #356832; low)
 	[sarge] - unalz <no-dsa> (Minor issue)
-CVE-2006-0949
+CVE-2006-0949 (RaidenHTTPD 1.1.47 allows remote attackers to obtain source code of sc ...)
 	NOT-FOR-US: RaidenHTTPD
-CVE-2006-0948
+CVE-2006-0948 (AOL 9.0 Security Edition revision 4184.2340, and probably other versio ...)
 	NOT-FOR-US: AOL
-CVE-2006-0947
+CVE-2006-0947 (Thomson SpeedTouch modem running firmware 5.3.2.6.0 allows remote atta ...)
 	NOT-FOR-US: Thomson modem firmware
-CVE-2006-0946
+CVE-2006-0946 (Cross-site scripting (XSS) vulnerability in Thomson SpeedTouch modems  ...)
 	NOT-FOR-US: Thomson modem firmware
-CVE-2006-0945
+CVE-2006-0945 (PHP remote file include vulnerability in admin/index.php in Archangel  ...)
 	NOT-FOR-US: Archangel Weblog
-CVE-2006-0944
+CVE-2006-0944 (Archangel Weblog 0.90.02 allows remote attackers to bypass authenticat ...)
 	NOT-FOR-US: Archangel Weblog
-CVE-2006-0943
+CVE-2006-0943 (SQL injection vulnerability in the sondages module in index.php in Pws ...)
 	NOT-FOR-US: PwsPHP
-CVE-2006-0942
+CVE-2006-0942 (SQL injection vulnerability in profil.php in PwsPHP 1.2.3, and possibl ...)
 	NOT-FOR-US: PwsPHP
-CVE-2006-0941
+CVE-2006-0941 (Multiple cross-site scripting (XSS) vulnerabilities in post.php in Sho ...)
 	NOT-FOR-US: ShoutLIVE
-CVE-2006-0940
+CVE-2006-0940 (Multiple direct static code injection vulnerabilities in savesettings. ...)
 	NOT-FOR-US: ShoutLIVE
-CVE-2006-0939
+CVE-2006-0939 (SQL injection vulnerability in DCI-Taskeen 1.03 allows remote attacker ...)
 	NOT-FOR-US: DCI-Taskeen
-CVE-2006-0938
+CVE-2006-0938 (Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and earli ...)
 	- ezpublish <removed>
-CVE-2006-1320
+CVE-2006-1320 (util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a ...)
 	{DSA-1109}
 	- rssh 2.3.0-1.1 (bug #346322; bug #363978; low)
-CVE-2006-1321
+CVE-2006-1321 (Cross-site scripting (XSS) vulnerability in webcheck before 1.9.6 allo ...)
 	- webcheck 1.9.6
-CVE-2006-0937
+CVE-2006-0937 (U.N.U. Mailgust 1.9 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: U.N.U. Mailgust
-CVE-2006-0936
+CVE-2006-0936 (Free Host Shop Website Generator 3.3 allows remote authenticated users ...)
 	NOT-FOR-US: Free Host Shop Website Generator
-CVE-2006-0935
+CVE-2006-0935 (Microsoft Word 2003 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0934
+CVE-2006-0934 (Cross-site scripting (XSS) vulnerability in webinsta Limbo 1.0.4.2 all ...)
 	NOT-FOR-US: webinsta Limbo
-CVE-2006-0933
+CVE-2006-0933 (Cross-site scripting (XSS) vulnerability in PHPX 3.5.9 allows remote a ...)
 	NOT-FOR-US: PHPX
-CVE-2006-0932
+CVE-2006-0932 (Directory traversal vulnerability in zip.lib.php 0.1.1 in PEAR::Archiv ...)
 	NOT-FOR-US: zip.lib.php
-CVE-2006-0931
+CVE-2006-0931 (Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other  ...)
 	- php5 <removed> (bug #368545; unimportant)
 	- php4 <removed> (bug #368545; unimportant)
 	NOTE: is this really a vulnerability in pear?  it seems it should be a bug
 	NOTE: in any application not checking for such archives.
 	NOTE: Lack of a security feature is not a vulnerability
-CVE-2006-0930
+CVE-2006-0930 (Directory traversal vulnerability in Webmail in ArGoSoft Mail Server P ...)
 	NOT-FOR-US: ArgoSoft Mail Server
-CVE-2006-0929
+CVE-2006-0929 (Directory traversal vulnerability in the IMAP server in ArGoSoft Mail  ...)
 	NOT-FOR-US: ArgoSoft Mail Server
-CVE-2006-0928
+CVE-2006-0928 (The POP3 Server in ArGoSoft Mail Server Pro 1.8 allows remote attacker ...)
 	NOT-FOR-US: ArgoSoft Mail Server
-CVE-2006-0927
+CVE-2006-0927 (Multiple cross-site scripting (XSS) vulnerabilities in the JGS-XA JGS- ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2006-0926
+CVE-2006-0926 (Multiple directory traversal vulnerabilities in Allume StuffIt Standar ...)
 	NOT-FOR-US: StuffIt
-CVE-2006-0925
+CVE-2006-0925 (Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon 8 ...)
 	NOT-FOR-US: Alt-N MDaemon
-CVE-2006-0924
+CVE-2006-0924 (Cross-site scripting (XSS) vulnerability in Brown Bear iCal 3.10 allow ...)
 	NOT-FOR-US: iCal
-CVE-2006-0923
+CVE-2006-0923 (Multiple cross-site scripting (XSS) vulnerabilities in MyPHPNuke (MPN) ...)
 	NOT-FOR-US: MyPHPNuke
-CVE-2006-0922
+CVE-2006-0922 (CubeCart 3.0 through 3.6 does not properly check authorization for an  ...)
 	NOT-FOR-US: CubeCart
-CVE-2006-0921
+CVE-2006-0921 (Multiple directory traversal vulnerabilities in connector.php in FCKed ...)
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
-CVE-2006-0920
+CVE-2006-0920 (Oi! Email Marketing System 3.0 (aka Oi! 3) stores the server's FTP pas ...)
 	NOT-FOR-US: Oi! Email Marketing System
-CVE-2006-0919
+CVE-2006-0919 (SQL injection vulnerability in index.php (aka the login page) in Oi! E ...)
 	NOT-FOR-US: Oi! Email Marketing System
-CVE-2006-0918
+CVE-2006-0918 (Buffer overflow in RITLabs The Bat! 3.60.07 allows remote attackers to ...)
 	NOT-FOR-US: The Bat!
-CVE-2006-0917
+CVE-2006-0917 (Melange Chat Server (aka M-Chat), when accessed via a web browser, aut ...)
 	NOT-FOR-US: Melange Chat Server
-CVE-2006-0916
+CVE-2006-0916 (Bugzilla 2.19.3 through 2.20 does not properly handle "//" sequences i ...)
 	- bugzilla 2.20.1-1 (bug #354457; high)
 	[woody] - bugzilla <not-affected> (Only 2.17 and above are affected)
 	[sarge] - bugzilla <not-affected> (Only 2.17 and above are affected)
-CVE-2006-0915
+CVE-2006-0915 (Bugzilla 2.16.10 does not properly handle certain characters in the (1 ...)
 	- bugzilla 2.20.1-1 (bug #354457; high)
 	[woody] - bugzilla <not-affected> (Only 2.17 and above are affected)
 	[sarge] - bugzilla <not-affected> (Only 2.17 and above are affected)
-CVE-2006-0914
+CVE-2006-0914 (Bugzilla 2.16.10, 2.17 through 2.18.4, and 2.20 does not properly hand ...)
 	- bugzilla 2.20.1-1 (bug #354457; high)
 	[woody] - bugzilla <not-affected> (Only 2.17 and above are affected)
 	[sarge] - bugzilla <not-affected> (Only 2.17 and above are affected)
-CVE-2006-0913
+CVE-2006-0913 (SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through ...)
 	- bugzilla 2.20.1-1 (bug #354457; high)
 	[woody] - bugzilla <not-affected> (Only 2.17 and above are affected)
 	[sarge] - bugzilla <not-affected> (Only 2.17 and above are affected)
-CVE-2006-0912
+CVE-2006-0912 (Oreka before 0.5 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Oreka
-CVE-2006-0911
+CVE-2006-0911 (NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote atta ...)
 	NOT-FOR-US: WhatsUp Professional
-CVE-2006-0910
+CVE-2006-0910 (Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers t ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-0909
+CVE-2006-0909 (Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers t ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-0908
+CVE-2006-0908 (PHP-Nuke 7.8 Patched 3.2 allows remote attackers to bypass SQL injecti ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-0907
+CVE-2006-0907 (SQL injection vulnerability in PHP-Nuke before 7.8 Patched 3.2 allows  ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-0906
+CVE-2006-0906 (SQL injection vulnerability in D3Jeeb Pro 3 allows remote attackers to ...)
 	NOT-FOR-US: D3Jeeb Pro
-CVE-2006-0905
+CVE-2006-0905 (A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1 ...)
 	- kfreebsd-5 5.4-16
 CVE-2006-0904
 	REJECTED
-CVE-2006-0903
+CVE-2006-0903 (MySQL 5.0.18 and earlier allows local users to bypass logging mechanis ...)
 	{DSA-1079-1 DSA-1073-1 DSA-1071-1}
 	- mysql-dfsg-5.0 5.0.19-3 (bug #359701; bug #366162; bug #366163)
 CVE-2006-0902
 	RESERVED
-CVE-2006-0901
+CVE-2006-0901 (Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and  ...)
 	NOT-FOR-US: Solaris
-CVE-2006-0900
+CVE-2006-0900 (nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial o ...)
 	- kfreebsd-5 5.4-15
-CVE-2006-0899
+CVE-2006-0899 (Directory traversal vulnerability in index.php in 4Images 1.7.1 and ea ...)
 	NOT-FOR-US: 4Images
-CVE-2006-0898
+CVE-2006-0898 (Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode ...)
 	{DSA-996-1}
 	- libcrypt-cbc-perl 2.17-1
 CVE-2006-0897
 	NOT-FOR-US: VCS Virtual Program Management Intranet
-CVE-2006-0896
+CVE-2006-0896 (Cross-site scripting (XSS) vulnerability in Sources/Register.php in Si ...)
 	NOT-FOR-US: Simple Machine Forum
-CVE-2006-0895
+CVE-2006-0895 (NOCC Webmail 1.0 allows remote attackers to obtain the installation pa ...)
 	NOT-FOR-US: NOCC Webmail
-CVE-2006-0894
+CVE-2006-0894 (Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1. ...)
 	NOT-FOR-US: NOCC Webmail
-CVE-2006-0893
+CVE-2006-0893 (NOCC Webmail 1.0 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: NOCC Webmail
-CVE-2006-0892
+CVE-2006-0892 (NOCC Webmail 1.0 stores e-mail attachments in temporary files with pre ...)
 	NOT-FOR-US: NOCC Webmail
-CVE-2006-0891
+CVE-2006-0891 (Multiple directory traversal vulnerabilities in NOCC Webmail 1.0 allow ...)
 	NOT-FOR-US: NOCC Webmail
-CVE-2006-0890
+CVE-2006-0890 (Directory traversal vulnerability in SpeedProject Squeez 5.1, as used  ...)
 	NOT-FOR-US: SpeedProject Squeez
-CVE-2006-0889
+CVE-2006-0889 (Cross-site scripting (XSS) vulnerability in Calcium 3.10.1 allows remo ...)
 	NOT-FOR-US: Calcium
-CVE-2006-0888
+CVE-2006-0888 (index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-0887
+CVE-2006-0887 (Eval injection vulnerability in sessions.inc in PHP Base Library (PHPL ...)
 	NOT-FOR-US: PHPLIB
-CVE-2006-0886
+CVE-2006-0886 (Cross-site scripting (XSS) vulnerability in register.php in DEV web ma ...)
 	NOT-FOR-US: DEV web management system
-CVE-2006-0885
+CVE-2006-0885 (Cross-site scripting (XSS) vulnerability in show_news.php in CuteNews  ...)
 	NOT-FOR-US: CuteNews
-CVE-2006-0884
+CVE-2006-0884 (The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbi ...)
 	{DSA-1051-1 DSA-1046-1}
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
 	- thunderbird 1.5.0.2-1
 	- firefox 1.5.dfsg+1.5.0.2-1
 	- xulrunner 1.8.0.1-9
 	- mozilla 2:1.7.13-0.1
-CVE-2006-0883
+CVE-2006-0883 (OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not prope ...)
 	- openssh 1:3.8.1p1-4
 	[woody] - openssh <not-affected>
-CVE-2006-0882
+CVE-2006-0882 (Directory traversal vulnerability in include.php in Noah's Classifieds ...)
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-0881
+CVE-2006-0881 (Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php ...)
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-0880
+CVE-2006-0880 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in No ...)
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-0879
+CVE-2006-0879 (SQL injection vulnerability in the search tool in Noah's Classifieds 1 ...)
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-0878
+CVE-2006-0878 (Noah's Classifieds 1.3 allows remote attackers to obtain the installat ...)
 	NOT-FOR-US: Noah's Classifieds
-CVE-2006-0877
+CVE-2006-0877 (Cross-site scripting vulnerability in Easy Forum 2.5 allows remote att ...)
 	NOT-FOR-US: Easy Forum
-CVE-2006-0876
+CVE-2006-0876 (POPFile before 0.22.4 allows remote attackers to cause a denial of ser ...)
 	{DSA-1061-1}
 	- popfile 0.22.4-1 (bug #354464; medium)
-CVE-2006-0875
+CVE-2006-0875 (Cross-site scripting vulnerability in ratefile.php in RunCMS 1.3a5 all ...)
 	NOT-FOR-US: runCMS
-CVE-2006-0874
+CVE-2006-0874 (Multiple unspecified vulnerabilities in Intensive Point iUser Ecommerc ...)
 	NOT-FOR-US: Intensive Point iUser Ecommerce
-CVE-2006-0873
+CVE-2006-0873 (Absolute path traversal vulnerability in docs/showdocs.php in Coppermi ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2006-0872
+CVE-2006-0872 (Directory traversal vulnerability in init.inc.php in Coppermine Photo  ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2006-0871
+CVE-2006-0871 (Directory traversal vulnerability in the _setTemplate function in Mamb ...)
 	- mambo 4.5.3h-1 (bug #354468)
 	NOTE: only in experimental
-CVE-2006-0870
+CVE-2006-0870 (SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 ...)
 	NOT-FOR-US: Mini-Nuke CMS
-CVE-2006-0869
+CVE-2006-0869 (Directory traversal vulnerability in the "remember me" feature in live ...)
 	NOT-FOR-US: PHP PEAR LiveUser
-CVE-2006-0868
+CVE-2006-0868 (Multiple unspecified injection vulnerabilities in unspecified Auth Con ...)
 	- php-auth 1.2.4-0.1 (bug #354474)
-CVE-2006-0867
+CVE-2006-0867 (Buffer overflow in certain versions of South River (aka SRT) WebDrive, ...)
 	NOT-FOR-US: WebDrive
-CVE-2006-0866
+CVE-2006-0866 (PunBB 1.2.10 and earlier allows remote attackers to conduct brute forc ...)
 	NOT-FOR-US: PunBB
-CVE-2006-0865
+CVE-2006-0865 (PunBB 1.2.10 and earlier allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: PunBB
-CVE-2006-0864
+CVE-2006-0864 (filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cook ...)
 	NOT-FOR-US: Global Hauri ViRobot
-CVE-2006-0863
+CVE-2006-0863 (InfoVista PortalSE 2.0 Build 20087 on Solaris 8 allows remote attacker ...)
 	NOT-FOR-US: InfoVista PortalSE
-CVE-2006-0862
+CVE-2006-0862 (Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on Sol ...)
 	NOT-FOR-US: InfoVista PortalSE
-CVE-2006-0861
+CVE-2006-0861 (Michael Salzer Guestbox 0.6, and other versions before 0.8, allows rem ...)
 	NOT-FOR-US: Michael Salzer Guestbox
-CVE-2006-0860
+CVE-2006-0860 (Multiple cross-site scripting (XSS) vulnerabilities in Michael Salzer  ...)
 	NOT-FOR-US: Michael Salzer Guestbox
-CVE-2006-0859
+CVE-2006-0859 (Michael Salzer Guestbox 0.6, and other versions before 0.8, allows rem ...)
 	NOT-FOR-US: Michael Salzer Guestbox
-CVE-2006-0858
+CVE-2006-0858 (Unquoted Windows search path vulnerability in (1) snsmcon.exe, (2) the ...)
 	NOT-FOR-US: StarForce Safe'n'Sec Personal
-CVE-2006-0857
+CVE-2006-0857 (Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 in e107 ...)
 	NOT-FOR-US: e107 CMS Chatbox plugin
-CVE-2006-0856
+CVE-2006-0856 (SQL injection vulnerability in login.php in Scriptme SmE GB Host 1.21  ...)
 	NOT-FOR-US: SmE GB Host
-CVE-2006-0855
+CVE-2006-0855 (Stack-based buffer overflow in the fullpath function in misc.c for zoo ...)
 	{DSA-991-1}
 	- zoo 2.10-17 (bug #354461)
-CVE-2006-0854
+CVE-2006-0854 (PHP remote file inclusion vulnerability in common.php in Intensive Poi ...)
 	NOT-FOR-US: Intensive Point iUser Ecommerce
-CVE-2006-0853
+CVE-2006-0853 (Buffer overflow in the IMAP service of TrueNorth Internet Anywhere (IA ...)
 	NOT-FOR-US: TrueNorth Internet Anywhere
-CVE-2006-0852
+CVE-2006-0852 (Direct static code injection vulnerability in write.php in Admbook 1.2 ...)
 	NOT-FOR-US: Admbook
-CVE-2006-0851
+CVE-2006-0851 (SQL injection vulnerability in the forum module of ilchClan 1.05g and  ...)
 	NOT-FOR-US: ilchClan
-CVE-2006-0850
+CVE-2006-0850 (SQL injection vulnerability in include/includes/user/login.php in ilch ...)
 	NOT-FOR-US: ilchClan
 CVE-2006-0849
 	RESERVED
-CVE-2006-0848
+CVE-2006-0848 (The "Open 'safe' files after downloading" option in Safari on Apple Ma ...)
 	NOT-FOR-US: Apple Safari
-CVE-2006-0847
+CVE-2006-0847 (Directory traversal vulnerability in the staticfilter component in Che ...)
 	- cherrypy2.1 2.1.1-1 (bug #353542)
 	- python-cherrypy 2.1.1-1 (bug #354479)
-CVE-2006-0846
+CVE-2006-0846 (Multiple cross-site scripting (XSS) vulnerabilities in Leif M. Wright' ...)
 	NOT-FOR-US: Leif M. Wright's Blog
-CVE-2006-0845
+CVE-2006-0845 (Leif M. Wright's Blog 3.5 allows remote authenticated users with admin ...)
 	NOT-FOR-US: Leif M. Wright's Blog
-CVE-2006-0844
+CVE-2006-0844 (Leif M. Wright's Blog 3.5 does not make a password comparison when aut ...)
 	NOT-FOR-US: Leif M. Wright's Blog
-CVE-2006-0843
+CVE-2006-0843 (Leif M. Wright's Blog 3.5 stores the config file and other txt files u ...)
 	NOT-FOR-US: Leif M. Wright's Blog
-CVE-2006-0842
+CVE-2006-0842 (Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows  ...)
 	NOT-FOR-US: Calacode @Mail
-CVE-2006-0841
+CVE-2006-0841 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4  ...)
 	{DSA-1133-1}
 	- mantis 0.19.4-3.1 (bug #378353)
-CVE-2006-0840
+CVE-2006-0840 (manage_user_page.php in Mantis 1.00rc4 and earlier does not properly h ...)
 	{DSA-944-1}
 	- mantis 1.0
 	NOTE: This was actually fixed upstream in Mantis 1.0.0rc5,
 	NOTE: which was never uploaded.
-CVE-2006-0839
+CVE-2006-0839 (The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly rea ...)
 	- snort <not-affected> (frag3 is only in 2.4, currently there is 2.3.3 in sid)
-CVE-2006-0838
+CVE-2006-0838 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwo ...)
 	NOT-FOR-US: Tivoli
-CVE-2006-0837
+CVE-2006-0837 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable perm ...)
 	NOT-FOR-US: Tivoli
-CVE-2006-0836
+CVE-2006-0836 (Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an uns ...)
 	NOTE: Denial of service by tricking someone into importing a manipulated LDIF file
 	NOTE: That's a bug, but calling it a security problem is very far-fetched
-CVE-2006-0835
+CVE-2006-0835 (SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar P ...)
 	NOT-FOR-US: MitriDAT Web Calendar
-CVE-2006-0834
+CVE-2006-0834 (Uniden UIP1868P VoIP Telephone and Router has a default password of ad ...)
 	NOT-FOR-US: Uniden UIP1868P VoIP Telephone
-CVE-2006-0833
+CVE-2006-0833 (Multiple cross-site scripting (XSS) vulnerabilities in Barracuda Direc ...)
 	NOT-FOR-US: Barracuda Directory
-CVE-2006-0832
+CVE-2006-0832 (Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow  ...)
 	NOT-FOR-US: WPC.easy
-CVE-2006-0831
+CVE-2006-0831 (PHP remote file include vulnerability in index.php in Tasarim Rehberi  ...)
 	NOT-FOR-US: Tasarim Rehberi
-CVE-2006-0830
+CVE-2006-0830 (The scripting engine in Internet Explorer allows remote attackers to c ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0829
+CVE-2006-0829 (Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows remot ...)
 	NOT-FOR-US: E-Blah Platinum
-CVE-2006-0828
+CVE-2006-0828 (Unspecified vulnerability in ESS/ Network Controller and MicroServer W ...)
 	NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
-CVE-2006-0827
+CVE-2006-0827 (Cross-site scripting vulnerability in ESS/ Network Controller and Micr ...)
 	NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
-CVE-2006-0826
+CVE-2006-0826 (Unspecified vulnerability in ESS/ Network Controller and MicroServer W ...)
 	NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
-CVE-2006-0825
+CVE-2006-0825 (Multiple unspecified vulnerabilities in ESS/ Network Controller and Mi ...)
 	NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
-CVE-2006-0824
+CVE-2006-0824 (Multiple unspecified vulnerabilities in lib-common.php in Geeklog 1.4. ...)
 	NOT-FOR-US: Geeklog
-CVE-2006-0823
+CVE-2006-0823 (Multiple SQL injection vulnerabilities in Geeklog 1.4.0 before 1.4.0sr ...)
 	NOT-FOR-US: Geeklog
-CVE-2006-0822
+CVE-2006-0822 (Unspecified vulnerability in EmuLinker Kaillera Server before 0.99.17  ...)
 	NOT-FOR-US: EmuLinker Kaillera Server
-CVE-2006-0821
+CVE-2006-0821 (SQL injection vulnerability in index.php in BXCP 0.299 allows remote a ...)
 	NOT-FOR-US: BXCP
-CVE-2006-0820
+CVE-2006-0820 (Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 al ...)
 	NOT-FOR-US: Dwarf HTTP Server
-CVE-2006-0819
+CVE-2006-0819 (Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source c ...)
 	NOT-FOR-US: Dwarf HTTP Server
-CVE-2006-0818
+CVE-2006-0818 (Absolute path directory traversal vulnerability in (1) MERAK Mail Serv ...)
 	NOT-FOR-US: MERAK Mail Server and VisNetic MailServer
-CVE-2006-0817
+CVE-2006-0817 (Absolute path directory traversal vulnerability in (a) MERAK Mail Serv ...)
 	NOT-FOR-US: MERAK Mail Server and VisNetic MailServer
-CVE-2006-0816
+CVE-2006-0816 (Orion Application Server before 2.0.7, when running on Windows, allows ...)
 	NOT-FOR-US: Orion Application Server
-CVE-2006-0815
+CVE-2006-0815 (NetworkActiv Web Server 3.5.15 allows remote attackers to read script  ...)
 	NOT-FOR-US: NetworkActiv Web Server
-CVE-2006-0814
+CVE-2006-0814 (response.c in Lighttpd 1.4.10 and possibly previous versions, when run ...)
 	NOT-FOR-US: Lighttpd under windows
-CVE-2006-0813
+CVE-2006-0813 (Heap-based buffer overflow in WinACE 2.60 allows user-assisted attacke ...)
 	NOT-FOR-US: WinACE
-CVE-2006-0812
+CVE-2006-0812 (The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server 4.6.0.4 ...)
 	NOT-FOR-US: WinACE VisNetic AntiVirus
-CVE-2006-0811
+CVE-2006-0811 (Cross-site scripting (XSS) vulnerability in reguser.php in Skate Board ...)
 	NOT-FOR-US: Skate Board
-CVE-2006-0810
+CVE-2006-0810 (Unspecified vulnerability in config.php in Skate Board 0.9 allows remo ...)
 	NOT-FOR-US: Skate Board
-CVE-2006-0809
+CVE-2006-0809 (Multiple SQL injection vulnerabilities in Skate Board 0.9 allow remote ...)
 	NOT-FOR-US: Skate Board
-CVE-2006-0808
+CVE-2006-0808 (MUTE 0.4 allows remote attackers to cause a denial of service (message ...)
 	NOT-FOR-US: MUTE
-CVE-2006-0807
+CVE-2006-0807 (Stack-based buffer overflow in NJStar Chinese and Japanese Word Proces ...)
 	NOT-FOR-US: NJStar
-CVE-2006-0806
+CVE-2006-0806 (Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as  ...)
 	{DSA-1031-1 DSA-1030-1 DSA-1029-1}
 	- libphp-adodb 4.72-0.1 (bug #358872; medium)
 	- moodle 1.6.1+20060825-1 (bug #360396; medium)
@@ -14610,129 +14610,129 @@ CVE-2006-0806
 	NOTE: according to maintainer, "Moodle neither uses nor plans to use
 	NOTE: ADODB_Pager, so it's not affected by #360396, but include patch for
 	NOTE: it anyway, just in case somebody decides to use it out of the blue
-CVE-2006-0805
+CVE-2006-0805 (The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed chall ...)
 	NOT-FOR-US: php-Nuke
-CVE-2006-0804
+CVE-2006-0804 (Off-by-one error in TIN 1.8.0 and earlier might allow attackers to exe ...)
 	- tin 1:1.8.2-1
 	[sarge] - tin <not-affected> (Vulnerable code not present)
-CVE-2006-0803
+CVE-2006-0803 (The signature verification functionality in the YaST Online Update (YO ...)
 	NOT-FOR-US: YaSt Online Update
-CVE-2006-0802
+CVE-2006-0802 (Cross-site scripting (XSS) vulnerability in the NS-Languages module fo ...)
 	NOT-FOR-US: PostNuke
-CVE-2006-0801
+CVE-2006-0801 (SQL injection vulnerability in the NS-Languages module for PostNuke 0. ...)
 	NOT-FOR-US: PostNuke
-CVE-2006-0800
+CVE-2006-0800 (Interpretation conflict in PostNuke 0.761 and earlier allows remote at ...)
 	NOT-FOR-US: PostNuke
-CVE-2006-0799
+CVE-2006-0799 (Microsoft Internet Explorer allows remote attackers to spoof a legitim ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0798
+CVE-2006-0798 (Multiple directory traversal vulnerabilities in the IMAP service in Ma ...)
 	NOT-FOR-US: Macallan Mail Solution
-CVE-2006-0797
+CVE-2006-0797 (Nokia N70 cell phone allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: Nokia cell phone
-CVE-2006-0796
+CVE-2006-0796 (Cross-site scripting (XSS) vulnerability in default.php in Clever Copy ...)
 	NOT-FOR-US: Clever Copy
-CVE-2006-0795
+CVE-2006-0795 (Absolute path traversal vulnerability in convert.cgi in Quirex 2.0.2 a ...)
 	NOT-FOR-US: Quirex
-CVE-2006-0794
+CVE-2006-0794 (help.php in V-webmail 1.6.2 allows remote attackers to obtain the inst ...)
 	NOT-FOR-US: V-webmail
-CVE-2006-0793
+CVE-2006-0793 (frameset.php in V-webmail 1.6.2 allows remote attackers to conduct phi ...)
 	NOT-FOR-US: V-webmail
-CVE-2006-0792
+CVE-2006-0792 (Cross-site scripting (XSS) vulnerability in preferences.personal.php i ...)
 	NOT-FOR-US: V-webmail
-CVE-2006-0791
+CVE-2006-0791 (PHP remote file inclusion vulnerability in index.php in DreamCost Host ...)
 	NOT-FOR-US: DreamCost HostAdmin
-CVE-2006-0790
+CVE-2006-0790 (Rockliffe MailSite 7.0 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: Rockliffe MailSite
-CVE-2006-0789
+CVE-2006-0789 (Certain unspecified Kyocera printers have a default "admin" account wi ...)
 	NOT-FOR-US: Kyocera printers
-CVE-2006-0788
+CVE-2006-0788 (Kyocera 3830 (aka FS-3830N) printers have a back door that allows remo ...)
 	NOT-FOR-US: Kyocera printers
-CVE-2006-0787
+CVE-2006-0787 (wimpy_trackplays.php in Plaino Wimpy MP3 Player, possibly 5.2 and earl ...)
 	NOT-FOR-US: Plaino Wimpy
-CVE-2006-0786
+CVE-2006-0786 (Incomplete blacklist vulnerability in include.php in PHPKIT 1.6.1 Rele ...)
 	NOT-FOR-US: PHPKIT
-CVE-2006-0785
+CVE-2006-0785 (Absolute path traversal vulnerability in include.php in PHPKIT 1.6.1 R ...)
 	NOT-FOR-US: PHPKIT
-CVE-2006-0784
+CVE-2006-0784 (D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers  ...)
 	NOT-FOR-US: D-Link hardware
-CVE-2006-0783
+CVE-2006-0783 (Cross-site scripting (XSS) vulnerability in page.php in in Siteframe B ...)
 	NOT-FOR-US: Siteframe Beaumont
-CVE-2006-0782
+CVE-2006-0782 (Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier a ...)
 	NOT-FOR-US: PerlBlog
-CVE-2006-0781
+CVE-2006-0781 (Directory traversal vulnerability in weblog.pl in PerlBlog 1.09b and e ...)
 	NOT-FOR-US: PerlBlog
-CVE-2006-0780
+CVE-2006-0780 (Multiple cross-site scripting (XSS) vulnerabilities in weblog.pl in Pe ...)
 	NOT-FOR-US: PerlBlog
-CVE-2006-0779
+CVE-2006-0779 (Cross-site scripting (XSS) vulnerability in u2u.php in XMB Forums 1.9. ...)
 	NOT-FOR-US: XMB Forums
-CVE-2006-0778
+CVE-2006-0778 (Multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and earlier ...)
 	NOT-FOR-US: XMB Forums
-CVE-2006-0777
+CVE-2006-0777 (Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 al ...)
 	NOT-FOR-US: Teca Scripts Guestex
-CVE-2006-0776
+CVE-2006-0776 (Cross-site scripting (XSS) vulnerability in guestex.pl in Teca Scripts ...)
 	NOT-FOR-US: Teca Scripts Guestex
-CVE-2006-0775
+CVE-2006-0775 (Multiple SQL injection vulnerabilities in show.php in BirthSys 3.1 all ...)
 	NOT-FOR-US: BirthSys
-CVE-2006-0774
+CVE-2006-0774 (SQL injection vulnerability in deleteSession() in DB_eSession library  ...)
 	NOT-FOR-US: DB_eSession
-CVE-2006-0773
+CVE-2006-0773 (Cross-site scripting (XSS) vulnerability in Hitachi Business Logic - C ...)
 	NOT-FOR-US: Hitachi Business Logic
-CVE-2006-0772
+CVE-2006-0772 (SQL injection vulnerability in Hitachi Business Logic - Container 02-0 ...)
 	NOT-FOR-US: Hitachi Business Logic
-CVE-2006-0771
+CVE-2006-0771 (Format string vulnerability in PunkBuster 1.180 and earlier, as used b ...)
 	NOT-FOR-US: PunkBuster
-CVE-2006-0770
+CVE-2006-0770 (Cross-site scripting (XSS) vulnerability in calendar.php in MyBulletin ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0769
+CVE-2006-0769 (Unspecified vulnerability in in.rexecd in Solaris 10 allows local user ...)
 	NOT-FOR-US: Solaris
-CVE-2006-0768
+CVE-2006-0768 (Kadu 0.4.3 allows remote attackers to cause a denial of service (appli ...)
 	NOT-FOR-US: Kadu
-CVE-2006-0767
+CVE-2006-0767 (CGIWrap before 3.10 allows remote attackers to obtain sensitive inform ...)
 	- cgiwrap 3.9-3.1
 	[sarge] - cgiwrap <no-dsa> (Only leaks information about the existance of users on a system)
-CVE-2006-0766
+CVE-2006-0766 (ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, an ...)
 	NOT-FOR-US: ICQ
-CVE-2006-0765
+CVE-2006-0765 (GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis)  ...)
 	NOT-FOR-US: ICQ
-CVE-2006-0764
+CVE-2006-0764 (The Authentication, Authorization, and Accounting (AAA) capability in  ...)
 	NOT-FOR-US: Cisco
-CVE-2006-0763
+CVE-2006-0763 (Cross-site scripting (XSS) vulnerability in dowebmailforward.cgi in cP ...)
 	NOT-FOR-US: cPanel (not the same as in the cpanel package)
-CVE-2006-0762
+CVE-2006-0762 (WinAbility Folder Guard 4.11 allows local users to gain unauthorized a ...)
 	NOT-FOR-US: WinAbility Folder Guard
-CVE-2006-0761
+CVE-2006-0761 (Buffer overflow in BlackBerry Attachment Service in Research in Motion ...)
 	NOT-FOR-US: BlackBerry
-CVE-2006-0760
+CVE-2006-0760 (LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive ...)
 	NOT-FOR-US: LightTPD on windows
-CVE-2006-0759
+CVE-2006-0759 (Multiple SQL injection vulnerabilities in HiveMail 1.3 and earlier all ...)
 	NOT-FOR-US: HiveMail
-CVE-2006-0758
+CVE-2006-0758 (Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 an ...)
 	NOT-FOR-US: HiveMail
-CVE-2006-0757
+CVE-2006-0757 (Multiple eval injection vulnerabilities in HiveMail 1.3 and earlier al ...)
 	NOT-FOR-US: HiveMail
-CVE-2006-0756
+CVE-2006-0756 (** DISPUTED ** dotProject 2.0.1 and earlier leaves (1) phpinfo.php and ...)
 	NOT-FOR-US: dotProject
-CVE-2006-0755
+CVE-2006-0755 (** DISPUTED ** Multiple PHP remote file include vulnerabilities in dot ...)
 	NOT-FOR-US: dotProject
-CVE-2006-0754
+CVE-2006-0754 (** DISPUTED ** dotProject 2.0.1 and earlier allows remote attackers to ...)
 	NOT-FOR-US: dotProject
-CVE-2006-0753
+CVE-2006-0753 (Memory leak in Microsoft Internet Explorer 6 for Windows XP Service Pa ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0752
+CVE-2006-0752 (Niels Provos Honeyd before 1.5 replies to certain illegal IP packet fr ...)
 	- honeyd 1.5a-1 (bug #353064; low)
 	[sarge] - honeyd <no-dsa> (Too insignificant)
-CVE-2006-0751
+CVE-2006-0751 (Multiple unspecified vulnerabilities in the (1) Filesystem in USErspac ...)
 	NOT-FOR-US: Network Object Oriented File System (NOOFS)
-CVE-2006-0750
+CVE-2006-0750 (SQL injection vulnerability in army.php in supersmashbrothers (SSB) Ar ...)
 	NOT-FOR-US: supersmashbrothers
-CVE-2006-0749
+CVE-2006-0749 (nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1. ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2 (low)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2 (low)
 	- mozilla 2:1.7.13-0.1 (low)
 	- thunderbird 1.5.0.2-1 (low)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (low)
-CVE-2006-0748
+CVE-2006-0748 (Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1. ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2-1 (high)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2-1 (high)
@@ -14740,238 +14740,238 @@ CVE-2006-0748
 	- thunderbird 1.5.0.2-1 (high)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (high)
 	- xulrunner 1.8.0.1-9
-CVE-2006-0747
+CVE-2006-0747 (Integer underflow in Freetype before 2.2 allows remote attackers to ca ...)
 	{DSA-1095-1}
 	- freetype 2.2.1-1 (medium)
-CVE-2006-0746
+CVE-2006-0746 (Certain patches for kpdf do not include all relevant patches from xpdf ...)
 	{DSA-1008-1}
 	- kdegraphics 4:3.5.0-3
 	NOTE: Only affected the 3.3.2 KDE backport
-CVE-2006-0745
+CVE-2006-0745 (X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 ina ...)
 	- xorg-x11 6.9.0.dfsg.1-5 (bug #360388; medium)
 	- xorg-server 1:1.0.2-1 (bug #378465; medium)
 	- xfree86 <not-affected>
-CVE-2006-0744
+CVE-2006-0744 (Linux kernel before 2.6.16.5 does not properly handle uncanonical retu ...)
 	{DSA-1103}
 	- linux-2.6 2.6.16-7
-CVE-2006-0743
+CVE-2006-0743 (Format string vulnerability in LocalSyslogAppender in Apache log4net 1 ...)
 	NOT-FOR-US: Log4Net
-CVE-2006-0742
+CVE-2006-0742 (The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux ke ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.15-8
-CVE-2006-0741
+CVE-2006-0741 (Linux kernel before 2.6.15.5, when running on Intel processors, allows ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.15-8
 CVE-2006-0740
 	RESERVED
-CVE-2006-0739
+CVE-2006-0739 (eStara SIP softphone allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: eStara SIP softphone
-CVE-2006-0738
+CVE-2006-0738 (Multiple format string vulnerabilities in eStara SIP softphone allow r ...)
 	NOT-FOR-US: eStara SIP softphone
-CVE-2006-0737
+CVE-2006-0737 (eStara SIP softphone allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: eStara SIP softphone
-CVE-2006-0736
+CVE-2006-0736 (Stack-based buffer overflow in the pam_micasa PAM authentication modul ...)
 	NOT-FOR-US: pam_micasa / Novell
-CVE-2006-2440
+CVE-2006-2440 (Heap-based buffer overflow in the libMagick component of ImageMagick 6 ...)
 	{DSA-1168-1}
 	- imagemagick 6:6.2.4.5-0.6 (bug #345595)
-CVE-2006-0735
+CVE-2006-0735 (Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML: ...)
 	NOT-FOR-US: My Blog
-CVE-2006-0734
+CVE-2006-0734 (The SV_CheckForDuplicateNames function in Valve Software Half-Life CST ...)
 	NOT-FOR-US: Half-Life
-CVE-2006-0733
+CVE-2006-0733 (** DISPUTED ** Cross-site scripting (XSS) vulnerability in WordPress 2 ...)
 	- wordpress <unfixed> (unimportant)
-CVE-2006-0732
+CVE-2006-0732 (Directory traversal vulnerability in SAP Business Connector (BC) 4.6 a ...)
 	NOT-FOR-US: SAP Business Connector
-CVE-2006-0731
+CVE-2006-0731 (WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earl ...)
 	NOT-FOR-US: SAP Business Connector
-CVE-2006-0730
+CVE-2006-0730 (Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow  ...)
 	- dovecot 1.0.beta3-1 (bug #353341; medium)
 	[sarge] - dovecot <not-affected> (Vulnerable code was introduced in 1.0beta1)
-CVE-2006-0729
+CVE-2006-0729 (SQL injection vulnerability in functions.php in Teca Diary PE 1.0 allo ...)
 	NOT-FOR-US: Teca Diary
-CVE-2006-0728
+CVE-2006-0728 (SQL injection vulnerability in search.php in webSPELL 4.01.00 and earl ...)
 	NOT-FOR-US: webSPELL
-CVE-2006-0727
+CVE-2006-0727 (SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis (DFM ...)
 	NOT-FOR-US: MusOX DF
-CVE-2006-0726
+CVE-2006-0726 (Cross-site scripting (XSS) vulnerability in linking.php in CPG-Nuke Dr ...)
 	NOT-FOR-US: CPG-Nuke
-CVE-2006-0725
+CVE-2006-0725 (PHP remote file inclusion vulnerability in prepend.php in Plume CMS 1. ...)
 	NOT-FOR-US: Plume CMS
-CVE-2006-0724
+CVE-2006-0724 (profile.php in Reamday Enterprises Magic News Lite 1.2.3, when registe ...)
 	NOT-FOR-US: Reamday Enterprises Magic News Lite
-CVE-2006-0723
+CVE-2006-0723 (PHP remote file inclusion vulnerability in preview.php in Reamday Ente ...)
 	NOT-FOR-US: Reamday Enterprises Magic News Lite
-CVE-2006-0722
+CVE-2006-0722 (settings.php in Reamday Enterprises Magic Downloads 1.1.3, when regist ...)
 	NOT-FOR-US: Reamday Enterprises Magic News Lite
-CVE-2006-0721
+CVE-2006-0721 (SQL injection vulnerability in pmlite.php in RunCMS 1.2 and 1.3a allow ...)
 	NOT-FOR-US: RunCMS
-CVE-2006-0720
+CVE-2006-0720 (Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows us ...)
 	NOT-FOR-US: Winamp
-CVE-2006-0719
+CVE-2006-0719 (SQL injection vulnerability in member_login.php in PHP Classifieds 6.1 ...)
 	NOT-FOR-US: PHP Classifieds
-CVE-2006-0718
+CVE-2006-0718 (The Internet Key Exchange version 1 (IKEv1) implementation in Avaya VS ...)
 	NOT-FOR-US: Avaya VSU
-CVE-2006-0717
+CVE-2006-0717 (IBM Tivoli Directory Server 6.0 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Tivoli
-CVE-2006-0716
+CVE-2006-0716 (SQL injection vulnerability in index.php in sNews 1.3 allows remote at ...)
 	NOT-FOR-US: sNews
-CVE-2006-0715
+CVE-2006-0715 (Cross-site scripting (XSS) vulnerability in sNews 1.3 allows remote at ...)
 	NOT-FOR-US: sNews
-CVE-2006-0714
+CVE-2006-0714 (Directory traversal vulnerability in the installation file (sql/instal ...)
 	- flyspray <not-affected> (Vulnerable code not included in Debian)
-CVE-2006-0713
+CVE-2006-0713 (Directory traversal vulnerability in LinPHA 1.0 allows remote attacker ...)
 	NOT-FOR-US: LinPHA
-CVE-2006-0712
+CVE-2006-0712 (mail_html template in Squishdot 1.5.0 and earlier does not properly va ...)
 	NOT-FOR-US: Squishdot
-CVE-2006-0711
+CVE-2006-0711 (The (1) addfolder and (2) deletefolder functions in neomail-prefs.pl i ...)
 	NOT-FOR-US: NeoMail
-CVE-2006-0710
+CVE-2006-0710 (Double free vulnerability in isode.eddy in Isode M-Vault Server 11.3 a ...)
 	NOT-FOR-US: Isode M-Vault
-CVE-2006-0709
+CVE-2006-0709 (Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a  ...)
 	{DSA-995-1}
 	- metamail 2.7-51 (bug #352482; bug #353539)
-CVE-2006-0708
+CVE-2006-0708 (Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow re ...)
 	NOT-FOR-US: Winamp
-CVE-2006-0707
+CVE-2006-0707 (PyBlosxom before 1.3.2, when running on certain webservers, allows rem ...)
 	- pyblosxom 1.3.2-1 (high)
 	[sarge] - pyblosxom <not-affected> (Vulnerable path handling code not present)
-CVE-2006-0706
+CVE-2006-0706 (Cross-site scripting vulnerability in eintrag.php in G&#228;stebuch (G ...)
 	NOT-FOR-US: Gaestebuch
-CVE-2006-0705
+CVE-2006-0705 (Format string vulnerability in a logging function as used by various S ...)
 	NOT-FOR-US: Proprietary SFTP servers
-CVE-2006-0704
+CVE-2006-0704 (iE Integrator 4.4.220114, when configured without a "bespoke error pag ...)
 	NOT-FOR-US: iE Integrator
-CVE-2006-0703
+CVE-2006-0703 (Unspecified vulnerability in index.php in imageVue 16.1 has unknown im ...)
 	NOT-FOR-US: imageVue
-CVE-2006-0702
+CVE-2006-0702 (admin/upload.php in imageVue 16.1 allows remote attackers to upload ar ...)
 	NOT-FOR-US: imageVue
-CVE-2006-0701
+CVE-2006-0701 (readfolder.php in imageVue 16.1 allows remote attackers to list direct ...)
 	NOT-FOR-US: imageVue
-CVE-2006-0700
+CVE-2006-0700 (imageVue 16.1 allows remote attackers to obtain folder permission sett ...)
 	NOT-FOR-US: imageVue
-CVE-2006-0699
+CVE-2006-0699 (Cross-site scripting (XSS) vulnerability in search.php in QWikiWiki 1. ...)
 	NOT-FOR-US: QWikiWiki
-CVE-2006-0698
+CVE-2006-0698 (Unspecified vulnerabilities in Zen Cart before 1.2.7 allow remote atta ...)
 	NOT-FOR-US: Zen Cart
-CVE-2006-0697
+CVE-2006-0697 (Zen Cart before 1.2.7 does not protect the admin/includes directory, w ...)
 	NOT-FOR-US: Zen Cart
-CVE-2006-0696
+CVE-2006-0696 (SQL injection vulnerability in Zen Cart before 1.2.7 allows remote att ...)
 	NOT-FOR-US: Zen Cart
-CVE-2006-0695
+CVE-2006-0695 (Ansilove before 1.03 does not filter uploaded file extensions, which a ...)
 	NOT-FOR-US: Ansilove
-CVE-2006-0694
+CVE-2006-0694 (Unspecified vulnerability in the loaders (load_*.php) in Ansilove befo ...)
 	NOT-FOR-US: Ansilove
-CVE-2006-0693
+CVE-2006-0693 (Multiple SQL injection vulnerabilities in rb_auth.php in Roberto Butti ...)
 	NOT-FOR-US: Roberto Butti CALimba
-CVE-2006-0692
+CVE-2006-0692 (Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL Times ...)
 	NOT-FOR-US: Carey Briggs Timesheet
-CVE-2006-0691
+CVE-2006-0691 (edituser.php in TTS Time Tracking Software 3.0 does not verify that th ...)
 	NOT-FOR-US: TTS Time Tracking Software
-CVE-2006-0690
+CVE-2006-0690 (Multiple SQL injection vulnerabilities in TTS Time Tracking Software 3 ...)
 	NOT-FOR-US: TTS Time Tracking Software
-CVE-2006-0689
+CVE-2006-0689 (Cross-site scripting (XSS) vulnerability in the Registration Form in T ...)
 	NOT-FOR-US: TTS Time Tracking Software
-CVE-2006-0688
+CVE-2006-0688 (PHP remote file include vulnerability in application.php in nicecoder. ...)
 	NOT-FOR-US: nicecoder.com indexu
-CVE-2006-0687
+CVE-2006-0687 (process.php in DocMGR 0.54.2 does not initialize the $siteModInfo vari ...)
 	NOT-FOR-US: DocMGR
-CVE-2006-0686
+CVE-2006-0686 (add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earl ...)
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2006-0685
+CVE-2006-0685 (The check_login function in login.php in Virtual Hosting Control Syste ...)
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2006-0684
+CVE-2006-0684 (change_password.php in Virtual Hosting Control System (VHCS) 2.4.7.1 a ...)
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2006-0683
+CVE-2006-0683 (Cross-site scripting (XSS) vulnerability in Virtual Hosting Control Sy ...)
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2006-0682
+CVE-2006-0682 (Multiple cross-site scripting (XSS) vulnerabilities in bbcodes system  ...)
 	NOT-FOR-US: e107
-CVE-2006-0681
+CVE-2006-0681 (Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 ...)
 	NOT-FOR-US: powerd
 	NOTE: powerd supposedly normally comes with sysvinit, but not in debian
-CVE-2006-0680
+CVE-2006-0680 (Unspecified vulnerability in WebGUI before 6.8.6-gamma allows remote a ...)
 	NOT-FOR-US: WebGUI
-CVE-2006-0679
+CVE-2006-0679 (SQL injection vulnerability in index.php in the Your_Account module in ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-0678
+CVE-2006-0678 (PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before 8.0. ...)
 	NOTE: Only vulnerable when compiled with asserts
 	- postgresql <unfixed> (unimportant)
 	- postgresql-8.0 8.0.7-1 (unimportant)
 	- postgresql-8.1 8.1.3-1 (unimportant)
-CVE-2006-0677
+CVE-2006-0677 (telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows re ...)
 	{DSA-977-1}
 	- heimdal 0.7.2-1
-CVE-2006-0676
+CVE-2006-0676 (Cross-site scripting (XSS) vulnerability in header.php in PHP-Nuke 6.0 ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-0675
+CVE-2006-0675 (Cross-site scripting (XSS) vulnerability in search.php in Siteframe 5. ...)
 	NOT-FOR-US: SiteFrame
-CVE-2006-0674
+CVE-2006-0674 (Buffer overflow in the arp command of IBM AIX 5.3 L, 5.3, 5.2.2, 5.2 L ...)
 	NOT-FOR-US: IBM AIX
-CVE-2006-0673
+CVE-2006-0673 (Multiple SQL injection vulnerabilities in cms/index.php in Magic Calen ...)
 	NOT-FOR-US: Magic Calendar Lite
-CVE-2006-0672
+CVE-2006-0672 (Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before 1.0 ...)
 	NOT-FOR-US: HP PSC 1210 All-in-One printer
-CVE-2006-0671
+CVE-2006-0671 (Buffer overflow in Sony Ericsson K600i, V600i, W800i, and T68i cell ph ...)
 	NOT-FOR-US: Sony Ericsson
-CVE-2006-0670
+CVE-2006-0670 (Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to  ...)
 	{DSA-990-1}
 	- bluez-hcidump 1.30-1 (bug #351881; medium)
 CVE-2006-0669
 	NOT-FOR-US: Forum Light
-CVE-2006-0668
+CVE-2006-0668 (SQL injection vulnerability in index.php in PwsPHP 1.2.3 allows remote ...)
 	NOT-FOR-US: PwsPHP
-CVE-2006-0667
+CVE-2006-0667 (lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary fi ...)
 	NOT-FOR-US: AIX
-CVE-2006-0666
+CVE-2006-0666 (Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels i ...)
 	NOT-FOR-US: AIX
-CVE-2006-0665
+CVE-2006-0665 (Unspecified vulnerability in (1) query_store.php and (2) manage_proj_c ...)
 	{DSA-1133-1}
 	- mantis 0.19.4-3
 	[woody] - mantis <not-affected> (Complete rewrite in 0.19)
-CVE-2006-0664
+CVE-2006-0664 (Cross-site scripting (XSS) vulnerability in config_defaults_inc.php in ...)
 	{DSA-1133-1}
 	- mantis 0.19.4-3
 	[woody] - mantis <not-affected> (Complete rewrite in 0.19)
-CVE-2006-0663
+CVE-2006-0663 (Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iN ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2006-0662
+CVE-2006-0662 (Cross-site scripting (XSS) vulnerability in Lotus Domino iNotes Client ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2006-0661
+CVE-2006-0661 (Cross-site scripting (XSS) vulnerability in Scriptme SmE GB Host 1.21  ...)
 	NOT-FOR-US: SmE GB Host
-CVE-2006-0660
+CVE-2006-0660 (Multiple directory traversal vulnerabilities in FarsiNews 2.5 and earl ...)
 	NOT-FOR-US: FarsiNews
-CVE-2006-0659
+CVE-2006-0659 (Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and ear ...)
 	NOT-FOR-US: Runcms
-CVE-2006-0658
+CVE-2006-0658 (Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 a ...)
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
 	- moin 1.5.8-4.1
 	[etch] - moin <not-affected> (Vulnerable php code not present)
 	- karrigell <not-affected> (Vulnerable php code not present)
-CVE-2006-0657
+CVE-2006-0657 (Cross-site scripting (XSS) vulnerability in Softcomplex PHP Event Cale ...)
 	NOT-FOR-US: Softcomplex
-CVE-2006-0656
+CVE-2006-0656 (Directory traversal vulnerability in HP Systems Insight Manager 4.2 th ...)
 	NOT-FOR-US: HP
-CVE-2006-0655
+CVE-2006-0655 (Multiple cross-site scripting (XSS) vulnerabilities in (1) link_edited ...)
 	NOT-FOR-US: Hinton Design phpht Topsites
-CVE-2006-0654
+CVE-2006-0654 (check.php in Hinton Design phpht Topsites 1.3 does not validate passwo ...)
 	NOT-FOR-US: Hinton Design phpht Topsites
-CVE-2006-0653
+CVE-2006-0653 (Multiple SQL injection vulnerabilities in Hinton Design phpht Topsites ...)
 	NOT-FOR-US: Hinton Design phpht Topsites
-CVE-2006-0652
+CVE-2006-0652 (WHMCompleteSolution (WHMCS) before 2.3 assigns incorrect permissions t ...)
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2006-0651
+CVE-2006-0651 (SQL injection vulnerability in index.php in vwdev allows remote attack ...)
 	NOT-FOR-US: vwdev
-CVE-2006-0650
+CVE-2006-0650 (Cross-site scripting (XSS) vulnerability in cpaint2.inc.php in the CPA ...)
 	NOT-FOR-US: CPAINT
-CVE-2006-0649
+CVE-2006-0649 (Cross-site scripting (XSS) vulnerability in DataparkSearch before 4.37 ...)
 	NOT-FOR-US: DataparkSearch
-CVE-2006-0648
+CVE-2006-0648 (Multiple directory traversal vulnerabilities in PHP iCalendar 2.0.1, 2 ...)
 	NOT-FOR-US: PHP iCalendar
-CVE-2006-0647
+CVE-2006-0647 (LDAP service in Sun Java System Directory Server 5.2, running on Linux ...)
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2006-0646
+CVE-2006-0646 (ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstance ...)
 	- binutils <not-affected> (SuSE specific vulnerability)
-CVE-2006-0645
+CVE-2006-0645 (Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2 ...)
 	{DSA-986-1 DSA-985-1}
 	- libtasn1-2 <removed> (bug #352182; bug #365234)
 	NOTE: upload of libtasn1-2 0.3.1-1 was reverted in 1:0.2.17-2 because of soname change
@@ -14982,36 +14982,36 @@ CVE-2006-0645
 CVE-2006-XXXX [dpkg-sig: insecure temp file bug]
 	- dpkg-sig 0.13 (bug #352723; low)
 	[sarge] - dpkg-sig <no-dsa> (Only affected in debug mode)
-CVE-2006-2441
+CVE-2006-2441 (Pioneers meta-server before 0.9.55, when the server-console is not ins ...)
 	- pioneers 0.9.55-1 (bug #351986; medium)
 	[sarge] - gnocatan <not-affected> (Not exploitable in Sarge per maintainer)
-CVE-2006-0644
+CVE-2006-0644 (Multiple directory traversal vulnerabilities in install.php in CPG-Nuk ...)
 	NOT-FOR-US: CPG-Nuke Dragonfly CMS
-CVE-2006-0643
+CVE-2006-0643 (Cross-site scripting (XSS) vulnerability in WiredRed e/pop Web Confere ...)
 	NOT-FOR-US: WiredRed e/pop Web Conferencing
-CVE-2006-0642
+CVE-2006-0642 (Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Secur ...)
 	NOT-FOR-US: Trend Micro
-CVE-2006-0641
+CVE-2006-0641 (Orbicule Undercover uses a third-party web server to determine the IP  ...)
 	NOT-FOR-US: Orbicule Undercover
-CVE-2006-0640
+CVE-2006-0640 (Orbicule Undercover allows attackers with physical or root access to d ...)
 	NOT-FOR-US: Orbicule Undercover
-CVE-2006-0639
+CVE-2006-0639 (Cross-site scripting (XSS) vulnerability in search.php in MyBB (aka My ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0638
+CVE-2006-0638 (SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinB ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0637
+CVE-2006-0637 (Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows re ...)
 	NOT-FOR-US: QUALCOMM Eudora WorldMail
-CVE-2006-0636
+CVE-2006-0636 (desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the  ...)
 	NOT-FOR-US: eyeOS
-CVE-2006-0635
+CVE-2006-0635 (Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the "i&gt;sizeof(i ...)
 	- tcc 0.9.24~cvs20070502-1 (bug #352202; low)
 	[sarge] - tcc <no-dsa> (Only incorrect code gen, hardly any production use)
 	[etch] - tcc <no-dsa> (Documented as insecure; only incorrect code gen, hardly any production use)
-CVE-2006-0634
+CVE-2006-0634 (Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent ...)
 	NOT-FOR-US: Borland C++Builder
-CVE-2006-0633
+CVE-2006-0633 (The make_password function in ipsclass.php in Invision Power Board (IP ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-0632
+CVE-2006-0632 (The gen_rand_string function in phpBB 2.0.19 uses insufficiently rando ...)
 	- phpbb2 2.0.20 (low)
 	[sarge] - phpbb2 <no-dsa> (Minor issue)
 	NOTE: According to maintainers phpbb2 doesn't have useful countermeasures against
@@ -15019,61 +15019,61 @@ CVE-2006-0632
 	NOTE: NTP-timed attacks may even be in the area of a couple thousands attempts
 	NOTE: instead of a million
 	NOTE: Fixed in 2.0.20
-CVE-2006-0631
+CVE-2006-0631 (CRLF injection vulnerability in mailback.pl in Erik C. Thauvin mailbac ...)
 	NOT-FOR-US: Erik C. Thauvin mailback
-CVE-2006-0630
+CVE-2006-0630 (RITLabs The Bat! before 3.0.0.15 displays certain important headers fr ...)
 	NOT-FOR-US: The Bat!
-CVE-2006-0629
+CVE-2006-0629 (Unspecified vulnerability in AOL Instant Messenger (AIM) 5.9.3861 allo ...)
 	NOT-FOR-US: AIM
-CVE-2006-0628
+CVE-2006-0628 (myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute a ...)
 	NOT-FOR-US: Dale Ray MyQuiz
-CVE-2006-0627
+CVE-2006-0627 (Cross-site scripting (XSS) vulnerability in Clever Copy 2.0, 2.0a, and ...)
 	NOT-FOR-US: Clever Copy
-CVE-2006-0624
+CVE-2006-0624 (SQL injection vulnerability in check.asp in Whomp Real Estate Manager  ...)
 	NOT-FOR-US: Whomp Real Estate Manager
-CVE-2006-0623
+CVE-2006-0623 (QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable p ...)
 	NOT-FOR-US: QNX
-CVE-2006-0622
+CVE-2006-0622 (QNX Neutrino RTOS 6.3.0 allows local users to cause a denial of servic ...)
 	NOT-FOR-US: QNX
-CVE-2006-0621
+CVE-2006-0621 (Multiple buffer overflows in QNX Neutrino RTOS 6.2.0 allow local users ...)
 	NOT-FOR-US: QNX
-CVE-2006-0620
+CVE-2006-0620 (Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users ...)
 	NOT-FOR-US: QNX
-CVE-2006-0619
+CVE-2006-0619 (Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow ...)
 	NOT-FOR-US: QNX
-CVE-2006-0618
+CVE-2006-0618 (Format string vulnerability in fontsleuth in QNX Neutrino RTOS 6.3.0 a ...)
 	NOT-FOR-US: QNX
-CVE-2006-0617
+CVE-2006-0617 (Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Updat ...)
 	NOT-FOR-US: Sun Java
-CVE-2006-0616
+CVE-2006-0616 (Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and ear ...)
 	NOT-FOR-US: Sun Java
-CVE-2006-0615
+CVE-2006-0615 (Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Updat ...)
 	NOT-FOR-US: Sun Java
-CVE-2006-0614
+CVE-2006-0614 (Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and ear ...)
 	NOT-FOR-US: Sun Java
-CVE-2006-0613
+CVE-2006-0613 (Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in ...)
 	NOT-FOR-US: Sun Java
-CVE-2006-0612
+CVE-2006-0612 (Powersave daemon before 0.10.15.2 allows local users to gain privilege ...)
 	- powersave 0.11.2-1
-CVE-2006-0611
+CVE-2006-0611 (Directory traversal vulnerability in compose.pl in @Mail 4.3 and earli ...)
 	NOT-FOR-US: @Mail
-CVE-2006-0610
+CVE-2006-0610 (Multiple SQL injection vulnerabilities in 2200net Calendar system 1.2, ...)
 	NOT-FOR-US: 2200net Calender system
-CVE-2006-0609
+CVE-2006-0609 (Cross-site scripting (XSS) vulnerability in add.php in Hinton Design p ...)
 	NOT-FOR-US: Hinton Design phphd
-CVE-2006-0608
+CVE-2006-0608 (Multiple SQL injection vulnerabilities in Hinton Design phphd 1.0 allo ...)
 	NOT-FOR-US: Hinton Design phphd
-CVE-2006-0607
+CVE-2006-0607 (check.php in Hinton Design phphd 1.0 does not check passwords when cer ...)
 	NOT-FOR-US: Hinton Design phphd
-CVE-2006-0606
+CVE-2006-0606 (SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 allo ...)
 	NOT-FOR-US: Unknown Domain Shoutbox
-CVE-2006-0605
+CVE-2006-0605 (Multiple cross-site scripting (XSS) vulnerabilities in Unknown Domain  ...)
 	NOT-FOR-US: Unknown Domain Shoutbox
-CVE-2006-0604
+CVE-2006-0604 (check.php in Hinton Design phphg Guestbook 1.2 does not check the user ...)
 	NOT-FOR-US: Hinton Design phphd
-CVE-2006-0603
+CVE-2006-0603 (Multiple cross-site scripting vulnerabilities in signed.php in Hinton  ...)
 	NOT-FOR-US: Hinton Design phphd
-CVE-2006-0602
+CVE-2006-0602 (Multiple SQL injection vulnerabilities in Hinton Design phphg Guestboo ...)
 	NOT-FOR-US: Hinton Design phphd
 CVE-2006-0601
 	RESERVED
@@ -15083,238 +15083,238 @@ CVE-2006-0595
 	RESERVED
 CVE-2006-0594
 	RESERVED
-CVE-2006-0598
+CVE-2006-0598 (Buffer overflow in elogd.c in elog before 2.5.7 r1558-4 allows attacke ...)
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1
-CVE-2006-0597
+CVE-2006-0597 (Multiple stack-based buffer overflows in elogd.c in elog before 2.5.7  ...)
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1
-CVE-2006-0599
+CVE-2006-0599 (The (1) elog.c and (2) elogd.c components in elog before 2.5.7 r1558-4 ...)
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1
-CVE-2006-0600
+CVE-2006-0600 (elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of ...)
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1
-CVE-2006-0593
+CVE-2006-0593 (Cross-site scripting (XSS) vulnerability in PHP-Fusion before 6.00.304 ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2006-0592
+CVE-2006-0592 (Unspecified vulnerability in the Lexmark Printer Sharing LexBce Server ...)
 	NOT-FOR-US: Lexmark Printer
-CVE-2006-0591
+CVE-2006-0591 (The crypt_gensalt functions for BSDI-style extended DES-based and Free ...)
 	NOT-FOR-US: crypt_blowfish implementation from OWL, does not seem to be in Debian
-CVE-2006-0590
+CVE-2006-0590 (MyTopix 1.2.3 allows remote attackers to obtain the installation path  ...)
 	NOT-FOR-US: MyTopix
-CVE-2006-0589
+CVE-2006-0589 (MyTopix 1.2.3 allows remote attackers to obtain the installation path  ...)
 	NOT-FOR-US: MyTopix
-CVE-2006-0588
+CVE-2006-0588 (SQL injection vulnerability in search.php in MyTopix 1.2.3 allows remo ...)
 	NOT-FOR-US: MyTopix
-CVE-2006-0587
+CVE-2006-0587 (Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 allo ...)
 	- gallery 1.5.2-pl2-1
-CVE-2006-0586
+CVE-2006-0586 (Multiple SQL injection vulnerabilities in Oracle 10g Release 1 before  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0585
+CVE-2006-0585 (jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0584
+CVE-2006-0584 (The PSCipher function in PeopleSoft People Tools 8.4x uses PKCS #5 wit ...)
 	NOT-FOR-US: PeopleSoft People Tools
-CVE-2006-0583
+CVE-2006-0583 (SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and  ...)
 	NOT-FOR-US: Clever Copy
-CVE-2006-0582
+CVE-2006-0582 (Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0. ...)
 	{DSA-977-1}
 	- heimdal 0.7.2-1
-CVE-2006-0581
+CVE-2006-0581 (SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allow ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2006-0580
+CVE-2006-0580 (IBM Lotus Domino Server 7.0 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2006-0579
+CVE-2006-0579 (Multiple integer overflows in (1) the new_demux_packet function in dem ...)
 	- mplayer <not-affected> (fixed before first upload; 1.0pre7try3)
 	NOTE: code not in ffmpeg and xine-lib
-CVE-2006-0578
+CVE-2006-0578 (Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce CO ...)
 	NOT-FOR-US: Blue Coat Proxy Security Gateway OS
-CVE-2006-0577
+CVE-2006-0577 (Lexmark X1185 printer allows local users to gain SYSTEM privileges by  ...)
 	NOT-FOR-US: Lexmark printer
-CVE-2006-0576
+CVE-2006-0576 (Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and ...)
 	- oprofile 0.9.1-9 (bug #352910; low)
 	[sarge] - oprofile <no-dsa> (requires sudo access to be vulnerable)
-CVE-2006-0575
+CVE-2006-0575 (convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to c ...)
 	- fcron <not-affected> (Not included in Debian package)
-CVE-2006-0574
+CVE-2006-0574 (Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel ...)
 	NOT-FOR-US: cPanel
-CVE-2006-0573
+CVE-2006-0573 (Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and ear ...)
 	NOT-FOR-US: cPanel
-CVE-2006-0572
+CVE-2006-0572 (phpstatus 1.0 does not require passwords when using cookies to identif ...)
 	NOT-FOR-US: phpstatus
-CVE-2006-0571
+CVE-2006-0571 (Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 a ...)
 	NOT-FOR-US: phpstatus
-CVE-2006-0570
+CVE-2006-0570 (Multiple SQL injection vulnerabilities in phpstatus 1.0, when gpc_magi ...)
 	NOT-FOR-US: phpstatus
-CVE-2006-0569
+CVE-2006-0569 (Cross-site scripting (XSS) vulnerability in user_class.php in Papoo 2. ...)
 	NOT-FOR-US: Papoo
-CVE-2006-0568
+CVE-2006-0568 (Cross-site scripting (XSS) vulnerability in throw.main in Outblaze all ...)
 	NOT-FOR-US: Outblaze
-CVE-2006-0567
+CVE-2006-0567 (Directory traversal vulnerability in Files Xaraya module before 0.5.1, ...)
 	NOT-FOR-US: Xaraya
-CVE-2006-0566
+CVE-2006-0566 (The LDAP component in CommuniGate Pro Core Server 5.0.7 allows remote  ...)
 	NOT-FOR-US: Communigate Pro
-CVE-2006-0565
+CVE-2006-0565 (PHP remote file include vulnerability in inc/backend_settings.php in L ...)
 	NOT-FOR-US: LoudBlog
-CVE-2006-0564
+CVE-2006-0564 (Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702. ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0563
+CVE-2006-0563 (SQL injection vulnerability in exec.php in PluggedOut Blog 1.9.9c allo ...)
 	NOT-FOR-US: PluggedOut Blog
-CVE-2006-0562
+CVE-2006-0562 (Cross-site scripting (XSS) vulnerability in problem.php in PluggedOut  ...)
 	NOT-FOR-US: PluggedOut Blog
-CVE-2006-0561
+CVE-2006-0561 (Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS ad ...)
 	NOT-FOR-US: Cisco
 CVE-2006-0560
 	REJECTED
-CVE-2006-0559
+CVE-2006-0559 (Format string vulnerability in the SMTP server for McAfee WebShield 4. ...)
 	NOT-FOR-US: McAfee WebShield
-CVE-2006-0558
+CVE-2006-0558 (perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local ...)
 	{DSA-1103}
 	- linux-2.6 2.6.16-1 (bug #365375; low)
-CVE-2006-0557
+CVE-2006-0557 (sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not s ...)
 	{DSA-1103}
 	- linux-2.6 2.6.15-8
 CVE-2006-0556
 	REJECTED
-CVE-2006-0555
+CVE-2006-0555 (The Linux Kernel before 2.6.15.5 allows local users to cause a denial  ...)
 	{DSA-1103}
 	- linux-2.6 2.6.15-8
-CVE-2006-0554
+CVE-2006-0554 (Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitiv ...)
 	{DSA-1103}
 	- linux-2.6 2.6.15-8
-CVE-2006-0553
+CVE-2006-0553 (PostgreSQL 8.1.0 through 8.1.2 allows authenticated database users to  ...)
 	- postgresql-8.1 8.1.3-1
-CVE-2006-0552
+CVE-2006-0552 (Unspecified vulnerability in the Net Listener component of Oracle Data ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0551
+CVE-2006-0551 (SQL injection vulnerability in the Data Pump Metadata API in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0550
+CVE-2006-0550 (Buffer overflow in an unspecified Oracle Client utility might allow re ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0549
+CVE-2006-0549 (SQL injection vulnerability in the SYS.DBMS_METADATA_UTIL package in O ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0548
+CVE-2006-0548 (SQL injection vulnerability in the Oracle Text component of Oracle Dat ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0547
+CVE-2006-0547 (Oracle Database 8i, 9i, and 10g allow remote authenticated users to ex ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0546
+CVE-2006-0546 (Unspecified vulnerability in index.php in a certain application availa ...)
 	NOT-FOR-US: Strange app at www.egeinternet.com
-CVE-2006-0545
+CVE-2006-0545 (SQL injection vulnerability in showflat.php in Groupee (formerly known ...)
 	NOT-FOR-US: UBB.threads
-CVE-2006-0544
+CVE-2006-0544 (urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0)  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0543
+CVE-2006-0543 (Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2006-0542
+CVE-2006-0542 (Multiple SQL injection vulnerabilities in config.php in NukedWeb Guest ...)
 	NOT-FOR-US: NukedWeb
-CVE-2006-0541
+CVE-2006-0541 (Multiple cross-site scripting (XSS) vulnerabilities in Tachyon Vanilla ...)
 	NOT-FOR-US: Tachyon Vanilla Guestbook
-CVE-2006-0540
+CVE-2006-0540 (Multiple SQL injection vulnerabilities in Tachyon Vanilla Guestbook 1. ...)
 	NOT-FOR-US: Tachyon Vanilla Guestbook
-CVE-2006-0539
+CVE-2006-0539 (The convert-fcrontab program in fcron 3.0.0 might allow local users to ...)
 	- fcron <not-affected> (Vulnerable app in the Debian package, not setuid anyway)
-CVE-2006-0538
+CVE-2006-0538 (CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is ena ...)
 	NOT-FOR-US: IronMail
-CVE-2006-0537
+CVE-2006-0537 (Buffer overflow in the POP3 server in Kinesphere Corporation eXchange  ...)
 	NOT-FOR-US: eXchange POP3
-CVE-2006-0536
+CVE-2006-0536 (Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.27 ...)
 	NOT-FOR-US: NeoMail
-CVE-2006-0535
+CVE-2006-0535 (Multiple cross-site scripting (XSS) vulnerabilities in Community Serve ...)
 	NOT-FOR-US: Community Server
-CVE-2006-0534
+CVE-2006-0534 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in  ...)
 	NOT-FOR-US: CyberShop Ultimate E-commerce
-CVE-2006-0533
+CVE-2006-0533 (Cross-site scripting (XSS) vulnerability in webmailaging.cgi in cPanel ...)
 	NOT-FOR-US: cPanel
 	NOTE: Not Debian's cpanel
-CVE-2006-0532
+CVE-2006-0532 (Cross-site scripting (XSS) vulnerability in resultat.asp in SoftMaker  ...)
 	NOT-FOR-US: SoftMaker Shop
-CVE-2006-0531
+CVE-2006-0531 (Unspecified vulnerability in Sun Java System Access Manager 7.0 allows ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2006-0530
+CVE-2006-0530 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Buil ...)
 	NOT-FOR-US: CA Message Queuing
 	NOTE: CA Message Queuing is embeded in a lot of products, but they all seem
 	NOTE: to be commercial products (see list in referenced URL)
-CVE-2006-0529
+CVE-2006-0529 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Buil ...)
 	NOT-FOR-US: CA Message Queuing
 	NOTE: CA Message Queuing is embeded in a lot of products, but they all seem
 	NOTE: to be commercial products (see list in referenced URL)
-CVE-2006-0528
+CVE-2006-0528 (The cairo library (libcairo), as used in GNOME Evolution and possibly  ...)
 	- evolution 2.2.3-4 (low)
 	[sarge] - evolution <not-affected> (Vulnerability was apparantly introduced in 2.3.1)
 	[woody] - evolution <not-affected> (Vulnerability was apparantly introduced in 2.3.1)
-CVE-2006-0527
+CVE-2006-0527 (BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allo ...)
 	- bind 1:8.4.7-1 (low)
 	[sarge] - bind <no-dsa> (Architectual limitatiom, upgrade to BIND 9 as a a fix)
 	NOTE: BIND 8 is unsuitable for forwarder use because of its
 	NOTE: architecture. Upgrade to BIND 9 as a fix.
 	NOTE: This was fixed in sid by documenting it as an unfixable design limitation
-CVE-2006-0526
+CVE-2006-0526 (The default configuration of the America Online (AOL) client software  ...)
 	NOT-FOR-US: AOL
-CVE-2006-0525
+CVE-2006-0525 (Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator  ...)
 	NOT-FOR-US: Windows issue
-CVE-2006-0524
+CVE-2006-0524 (Cross-site scripting (XSS) vulnerability in ashnews.php in Derek Ashau ...)
 	NOT-FOR-US: Derek Ashauer ashnews
-CVE-2006-0523
+CVE-2006-0523 (SQL injection vulnerability in global.php in MyBB before 1.03 allows r ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0522
+CVE-2006-0522 (SQL injection vulnerability in the Authentication Servlet in Symantec  ...)
 	NOT-FOR-US: Symantec Sygate Management Server
-CVE-2006-0521
+CVE-2006-0521 (Cross-site scripting (XSS) vulnerability in results.php in BrowserCRM  ...)
 	NOT-FOR-US: Browser CRM
-CVE-2006-0520
+CVE-2006-0520 (SQL injection vulnerability index.php in Dragoran Portal module 1.3 fo ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2006-0519
+CVE-2006-0519 (SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows rem ...)
 	- spip 2.0.6-1 (medium; bug #351336)
-CVE-2006-0518
+CVE-2006-0518 (Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e ...)
 	- spip 2.0.6-1 (medium; bug #351335)
-CVE-2006-0517
+CVE-2006-0517 (Multiple SQL injection vulnerabilities in formulaires/inc-formulaire_f ...)
 	- spip 2.0.6-1 (medium; bug #351334)
-CVE-2006-0625
+CVE-2006-0625 (Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and e ...)
 	- spip 2.0.6-1 (medium; bug #352076)
 	NOTE: http://www.securityfocus.com/bid/16556
-CVE-2006-0626
+CVE-2006-0626 (SQL injection vulnerability in spip_acces_doc.php3 in SPIP 1.8.2g and  ...)
 	- spip 2.0.6-1 (medium; bug #352077)
 	NOTE: http://www.securityfocus.com/bid/16551
-CVE-2006-0516
+CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris 10 64 bi ...)
 	NOT-FOR-US: Solaris
-CVE-2006-0515
+CVE-2006-0515 (Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x b ...)
 	NOT-FOR-US: Cisco
 CVE-2006-0514
 	RESERVED
-CVE-2006-0513
+CVE-2006-0513 (Directory traversal vulnerability in pkmslogout in Tivoli Web Server P ...)
 	NOT-FOR-US: Tivoli
-CVE-2006-0512
+CVE-2006-0512 (PADL MigrationTools 46 creates temporary files insecurely, which allow ...)
 	{DSA-1187-1}
 	- migrationtools 46-2.1 (bug #338920; medium)
-CVE-2006-0511
+CVE-2006-0511 (** DISPUTED ** Blackboard Academic Suite 6.0 and earlier does not prop ...)
 	NOT-FOR-US: Blackboard Academic Suite
-CVE-2006-0510
+CVE-2006-0510 (SQL injection vulnerability in userlogin.jsp in Daffodil CRM 1.5 allow ...)
 	NOT-FOR-US: Daffodil
-CVE-2006-0509
+CVE-2006-0509 (Multiple cross-site scripting (XSS) vulnerabilities in clients.php in  ...)
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2006-0508
+CVE-2006-0508 (Easy CMS stores the images directory under the web document root with  ...)
 	NOT-FOR-US: Easy CMS
-CVE-2006-0507
+CVE-2006-0507 (Multiple cross-site scripting (XSS) vulnerabilities in Easy CMS allow  ...)
 	NOT-FOR-US: Easy CMS
-CVE-2006-0506
+CVE-2006-0506 (Cross-site scripting (XSS) vulnerability in index.php in Nuked-klaN 1. ...)
 	NOT-FOR-US: Nuked-klaN
-CVE-2006-0505
+CVE-2006-0505 (zbattle.net Zbattle client 1.09 SR-1 beta allows remote attackers to c ...)
 	NOT-FOR-US: Zbattle
-CVE-2006-0504
+CVE-2006-0504 (Unspecified vulnerability in MailEnable Enterprise Edition before 1.2  ...)
 	NOT-FOR-US: MailEnable Enterprise Edition
-CVE-2006-0503
+CVE-2006-0503 (IMAP service in MailEnable Professional Edition before 1.72 allows rem ...)
 	NOT-FOR-US: MailEnable Professional Edition
-CVE-2006-0502
+CVE-2006-0502 (PHP remote file inclusion vulnerability in loginout.php in FarsiNews 2 ...)
 	NOT-FOR-US: FarsiNews
-CVE-2006-0501
+CVE-2006-0501 (Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows  ...)
 	NOT-FOR-US: MyCo Guestbook
-CVE-2006-0500
+CVE-2006-0500 (MyCO Guestbook 1.0 stores the admin directory under the web document r ...)
 	NOT-FOR-US: MyCo Guestbook
-CVE-2006-0499
+CVE-2006-0499 (Cross-site scripting (XSS) vulnerability in rlink.php in Rlink 1.0.0 m ...)
 	NOT-FOR-US: Rlink module add-on for phpbb (not included in Debian package)
-CVE-2006-0498
+CVE-2006-0498 (Multiple cross-site scripting (XSS) vulnerabilities in PHP GEN before  ...)
 	NOT-FOR-US: PHP GEN
-CVE-2006-0497
+CVE-2006-0497 (Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow rem ...)
 	NOT-FOR-US: PHP GEN
-CVE-2006-0496
+CVE-2006-0496 (Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and possibl ...)
 	- iceweasel 3.0-1 (unimportant; bug #349339)
 	- mozilla-firefox <removed> (unimportant; bug #349339)
 	- iceape <removed> (unimportant)
@@ -15322,437 +15322,437 @@ CVE-2006-0496
 	NOTE: This is not a direct vulnerability, but rather the lack of protection
 	NOTE: for shooting into own's own foot, so we should treat it as a security
 	NOTE: enhancement bug and not as a vulnerability.
-CVE-2006-0495
+CVE-2006-0495 (Cross-site scripting (XSS) vulnerability in the Add Thread to Favorite ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0494
+CVE-2006-0494 (Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 a ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0493
+CVE-2006-0493 (Cross-site scripting (XSS) vulnerability in MG2 (formerly known as Min ...)
 	NOT-FOR-US: MG2
-CVE-2006-0492
+CVE-2006-0492 (Multiple SQL injection vulnerabilities in Calendarix allow remote atta ...)
 	NOT-FOR-US: Calendarix
-CVE-2006-0491
+CVE-2006-0491 (SQL injection vulnerability in SZUserMgnt.class.php in SZUserMgnt 1.4  ...)
 	NOT-FOR-US: SZUserMgnt
-CVE-2006-0490
+CVE-2006-0490 (SQL injection vulnerability in login.asp in ASPThai.Net ASPThai Forums ...)
 	NOT-FOR-US: ASPThai Forums
-CVE-2006-0489
+CVE-2006-0489 (** DISPUTED ** Buffer overflow in the font command of mIRC, probably 6 ...)
 	NOT-FOR-US: mIRC
-CVE-2006-0488
+CVE-2006-0488 (The VDM (Virtual DOS Machine) emulation environment for MS-DOS applica ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0487
+CVE-2006-0487 (Multiple unspecified vulnerabilities in Tumbleweed MailGate Email Fire ...)
 	NOT-FOR-US: Tumbleweed MailGate Email Firewall
-CVE-2006-0486
+CVE-2006-0486 (Certain Cisco IOS releases in 12.2S based trains with maintenance rele ...)
 	NOT-FOR-US: IOS
-CVE-2006-0485
+CVE-2006-0485 (The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S bef ...)
 	NOT-FOR-US: IOS
-CVE-2006-0484
+CVE-2006-0484 (Directory traversal vulnerability in Vis.pl, as part of the FACE CONTR ...)
 	NOT-FOR-US: FACE CONTROL product
-CVE-2006-0483
+CVE-2006-0483 (Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7 ...)
 	NOT-FOR-US: Cisco
-CVE-2006-0482
+CVE-2006-0482 (Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.15-4
-CVE-2006-0481
+CVE-2006-0481 (Heap-based buffer overflow in the alpha strip capability in libpng 1.2 ...)
 	- libpng 1.2.8rel-3 (bug #352902; bug #352918)
 	[sarge] - libpng <not-affected> (Only 1.2.7 affected)
 	[woody] - libpng <not-affected> (Only 1.2.7 affected)
 	[sarge] - libpng3 1.2.8rel-1
-CVE-2006-0480
+CVE-2006-0480 (Cross-site scripting (XSS) vulnerability in the Articles module in sPa ...)
 	NOT-FOR-US: sPaiz-Nuke
-CVE-2006-0479
+CVE-2006-0479 (pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, allow ...)
 	NOT-FOR-US: PmWiki
-CVE-2006-0478
+CVE-2006-0478 (CRE Loaded 6.15 allows remote attackers to perform privileged actions, ...)
 	NOT-FOR-US: CRE Loaded
-CVE-2006-0477
+CVE-2006-0477 (Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remot ...)
 	- git-core 1.1.5-1 (bug #350274)
-CVE-2006-0476
+CVE-2006-0476 (Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to exe ...)
 	NOT-FOR-US: Winamp
-CVE-2006-0475
+CVE-2006-0475 (PHP-Ping 1.3 does not properly validate ping counts, which allows remo ...)
 	NOT-FOR-US: PHP-Ping
-CVE-2006-0474
+CVE-2006-0474 (Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers  ...)
 	NOT-FOR-US: Shareaza
-CVE-2006-0473
+CVE-2006-0473 (Cross-site scripting (XSS) vulnerability in the bbcode function in web ...)
 	NOT-FOR-US: My little homepage
-CVE-2006-0472
+CVE-2006-0472 (Cross-site scripting (XSS) vulnerability in guestbook.php in my little ...)
 	NOT-FOR-US: My little homepage
-CVE-2006-0471
+CVE-2006-0471 (Cross-site scripting (XSS) vulnerability in the bbcode function in fun ...)
 	NOT-FOR-US: My little homepage
-CVE-2006-0470
+CVE-2006-0470 (Cross-site scripting (XSS) vulnerability in search.php in MyBulletinBo ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0469
+CVE-2006-0469 (Cross-site scripting (XSS) vulnerability in UebiMiau 2.7.9, and possib ...)
 	NOT-FOR-US: uebimiau
 	NOTE: this had an ITP back in 2002, but it never was done (bug #164116)
-CVE-2006-0468
+CVE-2006-0468 (CommuniGate Pro Core Server before 5.0.7 allows remote attackers to ca ...)
 	NOT-FOR-US: CommuniGate Pro
-CVE-2006-0467
+CVE-2006-0467 (Unspecified vulnerability in Pioneers (formerly gnocatan) before 0.9.4 ...)
 	{DSA-964-1}
 	[woody] - gnocatan 0.6.1-5woody3
 	[sarge] - gnocatan 0.8.1.59-1sarge1
 	- pioneers 0.9.49-1 (bug #350237; medium)
-CVE-2006-0466
+CVE-2006-0466 (Cross-site scripting (XSS) vulnerability in search.asp in Goldstag Con ...)
 	NOT-FOR-US: Goldstag Content Management System
-CVE-2006-0465
+CVE-2006-0465 (Cross-site scripting (XSS) vulnerability in risultati_ricerca.php in a ...)
 	NOT-FOR-US: active121 Site Manager
-CVE-2006-0464
+CVE-2006-0464 (Multiple SQL injection vulnerabilities in index.php in IdeoContent Man ...)
 	NOT-FOR-US: IdeoContent Manager
-CVE-2006-0463
+CVE-2006-0463 (Cross-site scripting (XSS) vulnerability in IdeoContent Manager allows ...)
 	NOT-FOR-US: IdeoContent Manager
-CVE-2006-0462
+CVE-2006-0462 (SQL injection vulnerability in comentarios.php in AndoNET Blog 2004.09 ...)
 	NOT-FOR-US: AndoNET Blog
-CVE-2006-0461
+CVE-2006-0461 (Cross-site scripting (XSS) vulnerability in core.input.php in Expressi ...)
 	NOT-FOR-US: ExpressionEngine
-CVE-2006-0460
+CVE-2006-0460 (Multiple buffer overflows in BomberClone before 0.11.6.2 allow remote  ...)
 	{DSA-997-1}
 	- bomberclone 0.11.6.2-1
-CVE-2006-0459
+CVE-2006-0459 (flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generat ...)
 	{DSA-1020-1}
 	- flex 2.5.33-1
-CVE-2006-0458
+CVE-2006-0458 (The DCC ACCEPT command handler in irssi before 0.8.9+0.8.10rc5-0ubuntu ...)
 	- irssi-text <not-affected> (Only 0.8.10rc versions are affected)
-CVE-2006-0457
+CVE-2006-0457 (Race condition in the (1) add_key, (2) request_key, and (3) keyctl fun ...)
 	- linux-2.6 2.6.15-6
-CVE-2006-0456
+CVE-2006-0456 (The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 c ...)
 	{DSA-1103}
 	- linux-2.6 2.6.16-1
-CVE-2006-0455
+CVE-2006-0455 (gpgv in GnuPG before 1.4.2.1, when using unattended signature verifica ...)
 	{DSA-978-1}
 	- gnupg 1.4.2.2-1 (bug #353017; bug #353019; bug #354620; medium)
 	- gnupg2 <not-affected> (Vulnerable code not activated)
-CVE-2006-0454
+CVE-2006-0454 (Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICM ...)
 	- linux-2.6 2.6.15-5
 	[sarge] - kernel-source-2.6.8 <not-affected>
 	[sarge] - kernel-source-2.4.27 <not-affected>
-CVE-2006-0453
+CVE-2006-0453 (The LDAP component in Fedora Directory Server 1.0 allow remote attacke ...)
 	NOT-FOR-US: Fedora Directory Server
-CVE-2006-0452
+CVE-2006-0452 (dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allow ...)
 	NOT-FOR-US: Fedora Directory Server
-CVE-2006-0451
+CVE-2006-0451 (Multiple memory leaks in the LDAP component in Fedora Directory Server ...)
 	NOT-FOR-US: Fedora Directory Server
-CVE-2006-0450
+CVE-2006-0450 (phpBB 2.0.19 and earlier allows remote attackers to cause a denial of  ...)
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: As discussed with the phpbb maintainers; this is only a lack of feature
 	NOTE: (phpbb2 doesn't allow a kind of rate control for maximum login/searches for
 	NOTE: a certain time frame), but not a directly fixable security problem
-CVE-2006-0449
+CVE-2006-0449 (Early termination vulnerability in the IMAP service in E-Post Mail 4.0 ...)
 	NOT-FOR-US: E-Post Mail / SPA-PRO Mail
-CVE-2006-0448
+CVE-2006-0448 (Multiple directory traversal vulnerabilities in (1) EPSTIMAP4S.EXE and ...)
 	NOT-FOR-US: E-Post Mail / SPA-PRO Mail
-CVE-2006-0447
+CVE-2006-0447 (Multiple buffer overflows in E-Post Mail Server 4.10 and SPA-PRO Mail  ...)
 	NOT-FOR-US: E-Post Mail / SPA-PRO Mail
-CVE-2006-0446
+CVE-2006-0446 (Unspecified vulnerability in WeBWorK 2.1.3 and 2.2-pre1 allows remote  ...)
 	NOT-FOR-US: WeBWorK
-CVE-2006-0445
+CVE-2006-0445 (index.php in Phpclanwebsite 1.23.1 allows remote authenticated users t ...)
 	NOT-FOR-US: Phpclanwebsite
-CVE-2006-0444
+CVE-2006-0444 (SQL injection vulnerability in index.php in Phpclanwebsite (aka PCW) 1 ...)
 	NOT-FOR-US: Phpclanwebsite
-CVE-2006-0443
+CVE-2006-0443 (Cross-site scripting (XSS) vulnerability in archive.php in CheesyBlog  ...)
 	NOT-FOR-US: CheesyBlog
-CVE-2006-0442
+CVE-2006-0442 (Multiple cross-site scripting (XSS) vulnerabilities in usercp.php in M ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0441
+CVE-2006-0441 (Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote att ...)
 	NOT-FOR-US: Sami FTP Server
-CVE-2006-0440
+CVE-2006-0440 (Text Rider 2.4 allows attackers to bypass authentication and upload fi ...)
 	NOT-FOR-US: Text Rider
-CVE-2006-0439
+CVE-2006-0439 (Text Rider 2.4 stores sensitive data in the data directory under the w ...)
 	NOT-FOR-US: Text Rider
-CVE-2006-0438
+CVE-2006-0438 (Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when  ...)
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: No real world risk according to maintainer
-CVE-2006-0437
+CVE-2006-0437 (Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB ...)
 	- phpbb2 <unfixed> (unimportant)
 	NOTE: Intended behaviour according to maintainer
-CVE-2006-0436
+CVE-2006-0436 (Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 al ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-0435
+CVE-2006-0435 (Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Databas ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0434
+CVE-2006-0434 (Directory traversal vulnerability in action.php in phpXplorer allows r ...)
 	NOT-FOR-US: phpXplorer
-CVE-2006-0433
+CVE-2006-0433 (Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not prope ...)
 	- kfreebsd-5 5.4-13
-CVE-2006-0432
+CVE-2006-0432 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0431
+CVE-2006-0431 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0430
+CVE-2006-0430 (Certain configurations of BEA WebLogic Server and WebLogic Express 9.0 ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0429
+CVE-2006-0429 (BEA WebLogic Server and WebLogic Express 9.0 causes new security provi ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0428
+CVE-2006-0428 (Unspecified vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5,  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0427
+CVE-2006-0427 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0426
+CVE-2006-0426 (BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configu ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0425
+CVE-2006-0425 (BEA WebLogic Portal 8.1 through SP4 allows remote attackers to obtain  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0424
+CVE-2006-0424 (BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0423
+CVE-2006-0423 (BEA WebLogic Portal 8.1 through SP3 stores the password for the RDBMS  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0422
+CVE-2006-0422 (Multiple unspecified vulnerabilities in BEA WebLogic Server and WebLog ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0421
+CVE-2006-0421 (By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0420
+CVE-2006-0420 (BEA WebLogic Server and WebLogic Express 8.1 through SP4 and 7.0 throu ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0419
+CVE-2006-0419 (BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2006-0418
+CVE-2006-0418 (Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 allo ...)
 	NOT-FOR-US: 123 Flash Chat Server
-CVE-2006-0417
+CVE-2006-0417 (SQL injection vulnerability in login.php in miniBloggie 1.0 and earlie ...)
 	NOT-FOR-US: miniBloggie
-CVE-2006-0416
+CVE-2006-0416 (SleeperChat 0.3f and earlier allows remote attackers to bypass authent ...)
 	NOT-FOR-US: SleeperChat
-CVE-2006-0415
+CVE-2006-0415 (Cross-site scripting (XSS) vulnerability in index.php in SleeperChat 0 ...)
 	NOT-FOR-US: SleeperChat
-CVE-2006-0414
+CVE-2006-0414 (Tor before 0.1.1.20 allows remote attackers to identify hidden service ...)
 	- tor 0.1.1.11-alpha-1 (bug #349283)
-CVE-2006-0413
+CVE-2006-0413 (Multiple SQL injection vulnerabilities in index.php in NewsPHP allow r ...)
 	NOT-FOR-US: NewsPHP
-CVE-2006-0412
+CVE-2006-0412 (SQL injection vulnerability in CyberShop allows remote attackers to ex ...)
 	NOT-FOR-US: CyberShop
-CVE-2006-0411
+CVE-2006-0411 (claro_init_local.inc.php in Claroline 1.7.2 uses guessable session coo ...)
 	NOT-FOR-US: Claroline
-CVE-2006-0410
+CVE-2006-0410 (SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQ ...)
 	{DSA-1031-1 DSA-1030-1 DSA-1029-1}
 	- libphp-adodb 4.72-0.1 (bug #349985; medium)
 	- moodle 1.6-1 (bug #360395; medium)
 	- cacti 0.8.6d-1 (medium)
-CVE-2006-0409
+CVE-2006-0409 (Cross-site scripting (XSS) vulnerability in index.php in Pixelpost Pho ...)
 	NOT-FOR-US: Pixelpost Photoblog
-CVE-2006-0408
+CVE-2006-0408 (rsh utility in Sun Grid Engine (SGE) before 6.0u7_1 allows local users ...)
 	NOT-FOR-US: Sun Grid Engine
-CVE-2006-0407
+CVE-2006-0407 (Cross-site scripting (XSS) vulnerability in post.php in AZ Bulletin Bo ...)
 	NOT-FOR-US: AZ Bulletin Board
-CVE-2006-0406
+CVE-2006-0406 (search.php in MyBB 1.0.2 allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0405
+CVE-2006-0405 (The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allo ...)
 	- tiff 3.8.0-2 (bug #350715)
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	[sarge] - tiff <not-affected> (Vulnerability was introduced later)
 	[woody] - tiff <not-affected> (Vulnerability was introduced later)
-CVE-2006-0404
+CVE-2006-0404 (Note-A-Day Weblog 2.2 stores sensitive data under the web document roo ...)
 	NOT-FOR-US: Note-A-Day Weblog
-CVE-2006-0403
+CVE-2006-0403 (Multiple SQL injection vulnerabilities in e-moBLOG 1.3 allow remote at ...)
 	NOT-FOR-US: e-moBLOG
-CVE-2006-0402
+CVE-2006-0402 (SQL injection vulnerability in Zoph before 0.5pre1 allows remote attac ...)
 	{DSA-989-1}
 	- zoph 0.5-1 (bug #350717)
-CVE-2006-0401
+CVE-2006-0401 (Unspecified vulnerability in Mac OS X before 10.4.6, when running on a ...)
 	NOT-FOR-US: Apple
-CVE-2006-0400
+CVE-2006-0400 (CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers  ...)
 	NOT-FOR-US: Apple
-CVE-2006-0399
+CVE-2006-0399 (Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes  ...)
 	NOT-FOR-US: Apple
-CVE-2006-0398
+CVE-2006-0398 (Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes  ...)
 	NOT-FOR-US: Apple
-CVE-2006-0397
+CVE-2006-0397 (Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes  ...)
 	NOT-FOR-US: Apple
-CVE-2006-0396
+CVE-2006-0396 (Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patc ...)
 	NOT-FOR-US: Apple
-CVE-2006-0395
+CVE-2006-0395 (The Download Validation in Mail in Mac OS X 10.4 does not properly rec ...)
 	NOT-FOR-US: Apple
 CVE-2006-0394
 	REJECTED
-CVE-2006-0393
+CVE-2006-0393 (OpenSSH in Apple Mac OS X 10.4.7 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Apple
-CVE-2006-0392
+CVE-2006-0392 (Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attacker ...)
 	NOT-FOR-US: Apple
-CVE-2006-0391
+CVE-2006-0391 (Directory traversal vulnerability in the BOM framework in Mac OS X 10. ...)
 	NOT-FOR-US: Apple
 CVE-2006-0390
 	REJECTED
-CVE-2006-0389
+CVE-2006-0389 (Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) i ...)
 	NOT-FOR-US: Apple
-CVE-2006-0388
+CVE-2006-0388 (Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows re ...)
 	NOT-FOR-US: Apple
-CVE-2006-0387
+CVE-2006-0387 (Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier,  ...)
 	NOT-FOR-US: Apple
-CVE-2006-0386
+CVE-2006-0386 (FileVault in Mac OS X 10.4.5 and earlier does not properly mount user  ...)
 	NOT-FOR-US: Apple
 CVE-2006-0385
 	RESERVED
-CVE-2006-0384
+CVE-2006-0384 (automount in Mac OS X 10.4.5 and earlier allows remote file servers to ...)
 	NOT-FOR-US: Apple
-CVE-2006-0383
+CVE-2006-0383 (IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allo ...)
 	NOT-FOR-US: Apple
-CVE-2006-0382
+CVE-2006-0382 (Apple Mac OS X 10.4.5 and allows local users to cause a denial of serv ...)
 	NOT-FOR-US: Apple
-CVE-2006-0381
+CVE-2006-0381 (A logic error in the IP fragment cache functionality in pf in FreeBSD  ...)
 	- kfreebsd-5 5.4-14
-CVE-2006-0380
+CVE-2006-0380 (A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel t ...)
 	NOT-FOR-US: FreeBSD, possibly affects kfreebsd-5
-CVE-2006-0379
+CVE-2006-0379 (FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buf ...)
 	NOT-FOR-US: FreeBSD, possibly affects kfreebsd-5
-CVE-2006-0378
+CVE-2006-0378 (Cross-site scripting (XSS) vulnerability in Netrix X-Site Manager allo ...)
 	NOT-FOR-US: Netrix X-Site Manager
-CVE-2006-0377
+CVE-2006-0377 (CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows rem ...)
 	{DSA-988-1}
 	- squirrelmail 2:1.4.6-1 (bug #354063; bug #355424)
-CVE-2006-0376
+CVE-2006-0376 (The 802.11 wireless client in certain operating systems including Wind ...)
 	NOT-FOR-US: Windows
-CVE-2006-0375
+CVE-2006-0375 (Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 runni ...)
 	NOT-FOR-US: Advantage Century Telecommunication (ACT) P202S IP Phone
-CVE-2006-0374
+CVE-2006-0374 (Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 runni ...)
 	NOT-FOR-US: Advantage Century Telecommunication (ACT) P202S IP Phone
-CVE-2006-0373
+CVE-2006-0373 (Cross-site scripting (XSS) vulnerability in register.aspx in Douran Fo ...)
 	NOT-FOR-US: Douran FollowWeb
-CVE-2006-0372
+CVE-2006-0372 (Multiple SQL injection vulnerabilities in config.php in Insane Visions ...)
 	NOT-FOR-US: Insane Visions BlogPHP
-CVE-2006-0371
+CVE-2006-0371 (Directory traversal vulnerability in index.php in Noah Medling RCBlog  ...)
 	NOT-FOR-US: Noah Medling RCBlog
-CVE-2006-0370
+CVE-2006-0370 (Noah Medling RCBlog 1.03 stores the data and config directories under  ...)
 	NOT-FOR-US: Noah Medling RCBlog
 CVE-2006-0369
 	- mysql-dfsg-4.1 <unfixed> (unimportant)
 	NOTE: This isn't a security hole, it's expected behaviour
-CVE-2006-0368
+CVE-2006-0368 (Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4. ...)
 	NOT-FOR-US: Cisco
-CVE-2006-0367
+CVE-2006-0367 (Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 be ...)
 	NOT-FOR-US: Cisco
-CVE-2006-0366
+CVE-2006-0366 (Cross-site scripting (XSS) vulnerability in Phpclanwebsite (aka PCW) a ...)
 	NOT-FOR-US: Phpclanwebsite
-CVE-2006-0365
+CVE-2006-0365 (Cross-site scripting (XSS) vulnerability in XMB (aka extreme message b ...)
 	NOT-FOR-US: XMB
-CVE-2006-0364
+CVE-2006-0364 (Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) all ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0363
+CVE-2006-0363 (The "Remember my Password" feature in MSN Messenger 7.5 stores passwor ...)
 	NOT-FOR-US: MSN Messenger
-CVE-2006-0362
+CVE-2006-0362 (TippingPoint Intrusion Prevention System (IPS) TOS before 2.1.4.6324,  ...)
 	NOT-FOR-US: TippingPoint IPS
-CVE-2006-0361
+CVE-2006-0361 (Cross-site scripting (XSS) vulnerability in addcomment.php in Bit 5 Bl ...)
 	NOT-FOR-US: Bit 5 Blog
-CVE-2006-0360
+CVE-2006-0360 (MPM SIP HP-180W Wireless IP Phone WE.00.17 allows remote attackers to  ...)
 	NOT-FOR-US: MPM SIP IP Phone
-CVE-2006-0359
+CVE-2006-0359 (Buffer overflow in CounterPath eyeBeam SIP Softphone allows remote att ...)
 	NOT-FOR-US: eyeBeam SIP Softphone
-CVE-2006-0358
+CVE-2006-0358 (Multiple SQL injection vulnerabilities in PowerPortal, possibly 1.1 be ...)
 	NOT-FOR-US: PowerPortal
-CVE-2006-0357
+CVE-2006-0357 (Grant Averett Cerberus FTP Server 2.32, and possibly earlier versions, ...)
 	NOT-FOR-US: Grant Averett Cerberus FTP Server
-CVE-2006-0356
+CVE-2006-0356 (Ari Pikivirta Home Ftp Server 1.0.7 allows remote attackers to cause a ...)
 	NOT-FOR-US: Ari Pikivirta Home Ftp Server
-CVE-2006-0355
+CVE-2006-0355 (Helmsman Research (aka CoolUtils) HomeFtp 1.1 allows remote attackers  ...)
 	NOT-FOR-US: Helmsman Research (aka CoolUtils) HomeFtp
-CVE-2006-0354
+CVE-2006-0354 (Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) al ...)
 	NOT-FOR-US: Cisco
-CVE-2006-0352
+CVE-2006-0352 (The default configuration of Fluffington FLog 1.01 installs users.0.da ...)
 	NOT-FOR-US: Fluffington FLog
-CVE-2006-0351
+CVE-2006-0351 (Unspecified "critical denial-of-service vulnerability" in MyDNS before ...)
 	{DSA-963-1}
 	[sarge] - mydns 1.0.0-4sarge1
 	- mydns 1.1.0+pre-3 (medium; bug #348826)
-CVE-2006-0350
+CVE-2006-0350 (Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote a ...)
 	NOT-FOR-US: eggblog
-CVE-2006-0349
+CVE-2006-0349 (SQL injection vulnerability in eggblog 2.0 allows remote attackers to  ...)
 	NOT-FOR-US: eggblog
-CVE-2006-0348
+CVE-2006-0348 (Format string vulnerability in the write_logfile function in ELOG befo ...)
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1 (bug #349528; medium)
-CVE-2006-0347
+CVE-2006-0347 (Directory traversal vulnerability in ELOG before 2.6.1 allows remote a ...)
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1 (bug #349528; medium)
-CVE-2006-0346
+CVE-2006-0346 (Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows remot ...)
 	NOT-FOR-US: SaralBlog
-CVE-2006-0345
+CVE-2006-0345 (Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote a ...)
 	NOT-FOR-US: SaralBlog
-CVE-2006-0344
+CVE-2006-0344 (Directory traversal vulnerability in Intervations FileCOPA FTP Server  ...)
 	NOT-FOR-US: FileCOPA FTP Server
-CVE-2006-0343
+CVE-2006-0343 (Unspecified vulnerability in the Port Discovery Standard and Advanced  ...)
 	NOT-FOR-US: Hitachi JP1/NetInsight II
-CVE-2006-0342
+CVE-2006-0342 (RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows  ...)
 	NOT-FOR-US: RockLiffe MailSite
-CVE-2006-0341
+CVE-2006-0341 (Cross-site scripting (XSS) vulnerability in WCONSOLE.DLL in Rockliffe  ...)
 	NOT-FOR-US: RockLiffe MailSite
-CVE-2006-0340
+CVE-2006-0340 (Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) suppo ...)
 	NOT-FOR-US: Cisco
-CVE-2006-0339
+CVE-2006-0339 (Buffer overflow in BitComet Client 0.60 allows remote attackers to exe ...)
 	NOT-FOR-US: BitComet
-CVE-2006-0338
+CVE-2006-0338 (Multiple F-Secure Anti-Virus products and versions for Windows and Lin ...)
 	NOT-FOR-US: F-Secure
-CVE-2006-0337
+CVE-2006-0337 (Buffer overflow in multiple F-Secure Anti-Virus products and versions  ...)
 	NOT-FOR-US: F-Secure
-CVE-2006-0336
+CVE-2006-0336 (Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause ...)
 	NOT-FOR-US: Kerio Firewall
-CVE-2006-0335
+CVE-2006-0335 (Multiple unspecified vulnerabilities in Kerio WinRoute Firewall before ...)
 	NOT-FOR-US: Kerio Firewall
-CVE-2006-0334
+CVE-2006-0334 (Cross-site scripting (XSS) vulnerability in search.php in My Amazon St ...)
 	NOT-FOR-US: My Amazon Store Manager
-CVE-2006-0333
+CVE-2006-0333 (Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote  ...)
 	NOT-FOR-US: ar-blog
-CVE-2006-0332
+CVE-2006-0332 (Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments ...)
 	- ecartis 1.0.0+cvs.20030911-11 (low; bug #348824)
 	[sarge] - ecartis <no-dsa> (No real fix available, only rare setups affected, minor exploit potential)
-CVE-2006-0331
+CVE-2006-0331 (Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin al ...)
 	NOT-FOR-US: Squirrelmail plugin
-CVE-2006-0330
+CVE-2006-0330 (Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allow ...)
 	{DSA-1148-1}
 	- gallery 1.5.2-1
-CVE-2006-0329
+CVE-2006-0329 (SQL injection vulnerability in HITSENSER Data Mart Server BS, BS-S, BS ...)
 	NOT-FOR-US: HITSENSER Data Mart Server BS
-CVE-2006-0328
+CVE-2006-0328 (Format string vulnerability in Tftpd32 2.81 allows remote attackers to ...)
 	NOT-FOR-US: Tftpd32, different from the tftpd in Debian
-CVE-2006-0327
+CVE-2006-0327 (TYPO3 3.7.1 allows remote attackers to obtain sensitive information vi ...)
 	- typo3-src 4.0.2-1 (bug #364351; unimportant)
 	NOTE: Only path disclosure
 CVE-2006-0326
 	RESERVED
-CVE-2006-0325
+CVE-2006-0325 (Etomite Content Management System 0.6, and possibly earlier versions,  ...)
 	NOT-FOR-US: Etomite CMS
-CVE-2006-0324
+CVE-2006-0324 (SQL injection vulnerability in WebspotBlogging 3.0 allows remote attac ...)
 	NOT-FOR-US: WebspotBlogging
-CVE-2006-0323
+CVE-2006-0323 (Buffer overflow in swfformat.dll in multiple RealNetworks products and ...)
 	NOT-FOR-US: Real Player (initial advisory claimed Helix affected, which is incorrect
-CVE-2006-0322
+CVE-2006-0322 (Unspecified vulnerability the edit comment formatting functionality in ...)
 	- mediawiki 1.4.15-1 (low)
-CVE-2006-0353
+CVE-2006-0353 (unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to  ...)
 	{DSA-956-1}
 	- lsh-utils 2.0.1cdbs-4 (low; bug #349303)
 	NOTE: woody seems to be vulnerable as well (looking at the source code).
-CVE-2006-0283
+CVE-2006-0283 (Unspecified vulnerability in Oracle Database Server 10.1.0.4.2, Applic ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0321
+CVE-2006-0321 (fetchmail 6.3.0 and other versions before 6.3.2 allows remote attacker ...)
 	- fetchmail 6.3.2-1 (bug #348747; low)
 	[sarge] - fetchmail <not-affected> (regression in fetchmail 6.3.0 and 6.3.1)
 	[woody] - fetchmail <not-affected> (regression in fetchmail 6.3.0 and 6.3.1)
-CVE-2006-0320
+CVE-2006-0320 (SQL injection vulnerability in admin/processlogin.php in Bit 5 Blog 8. ...)
 	NOT-FOR-US: Bit 5 Blog
-CVE-2006-0319
+CVE-2006-0319 (Directory traversal vulnerability in the FTP server (port 22003/tcp) i ...)
 	NOT-FOR-US: Farmers WIFE
-CVE-2006-0318
+CVE-2006-0318 (SQL injection vulnerability in index.php in BlogPHP 1.0, when magic_qu ...)
 	NOT-FOR-US: BlogPHP
-CVE-2006-0317
+CVE-2006-0317 (Cross-site scripting (XSS) vulnerability in rkrt_stats.php in RedKerne ...)
 	NOT-FOR-US: RedKernel Referrer Tracker
-CVE-2006-0316
+CVE-2006-0316 (Buffer overflow in YGPPicFinder.DLL in AOL You've Got Pictures (YGP) P ...)
 	NOT-FOR-US: AOL You've Got Pictures (YGP) Picture Finder Tool ActiveX Control
-CVE-2006-0315
+CVE-2006-0315 (index.php in EZDatabase before 2.1.2 does not properly cleanse the p p ...)
 	NOT-FOR-US: EZDatabase
-CVE-2006-0314
+CVE-2006-0314 (PDFdirectory before 1.0 stores sensitive data in plaintext, which allo ...)
 	NOT-FOR-US: PDFdirectory
-CVE-2006-0313
+CVE-2006-0313 (Multiple SQL injection vulnerabilities in PDFdirectory before 1.0 allo ...)
 	NOT-FOR-US: PDFdirectory
-CVE-2006-0312
+CVE-2006-0312 (create.php in aoblogger 2.3 allows remote attackers to bypass authenti ...)
 	NOT-FOR-US: aoblogger
-CVE-2006-0311
+CVE-2006-0311 (SQL injection vulnerability in login.php in aoblogger 2.3 allows remot ...)
 	NOT-FOR-US: aoblogger
-CVE-2006-0310
+CVE-2006-0310 (Cross-site scripting (XSS) vulnerability in aoblogger 2.3 allows remot ...)
 	NOT-FOR-US: aoblogger
-CVE-2006-0309
+CVE-2006-0309 (Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote att ...)
 	NOT-FOR-US: Linksys hardware issue
-CVE-2006-0308
+CVE-2006-0308 (PHP remote file inclusion vulnerability in htmltonuke.php in the htmlt ...)
 	NOT-FOR-US: HTMLtoNuke
-CVE-2006-0307
+CVE-2006-0307 (The DM Primer in the DM Deployment Common Component in Computer Associ ...)
 	NOT-FOR-US: CA BrightStor products
-CVE-2006-0306
+CVE-2006-0306 (The DM Primer (dmprimer.exe) in the DM Deployment Common Component in  ...)
 	NOT-FOR-US: CA BrightStor products
-CVE-2006-0305
+CVE-2006-0305 (Clipcomm CPW-100E VoIP 802.11b Wireless Handset Phone running firmware ...)
 	NOT-FOR-US: Clipcomm hardware
-CVE-2006-0304
+CVE-2006-0304 (Buffer overflow in Dual DHCP DNS Server 1.0 allows remote attackers to ...)
 	NOT-FOR-US: dual dns server
-CVE-2006-0303
+CVE-2006-0303 (Multiple unspecified vulnerabilities in the (1) publishing component,  ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-0302
+CVE-2006-0302 (ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 all ...)
 	NOT-FOR-US: ZyXel hardware
-CVE-2006-0301
+CVE-2006-0301 (Heap-based buffer overflow in Splash.cc in xpdf, as used in other prod ...)
 	{DSA-1019-1 DSA-998-1 DSA-984-1 DSA-983-1 DSA-982-1 DSA-979-1 DSA-974-1 DSA-972-1 DSA-971-1}
 	- poppler 0.4.5-1 (medium)
 	- tetex-bin 3.0-12 (medium)
@@ -15764,563 +15764,563 @@ CVE-2006-0301
 	- libextractor 0.5.10-1 (medium)
 	- pdfkit.framework 0.8-4 (medium)
 	- swftools <not-affected> (splash/ is not included, therefore no vulnerable code)
-CVE-2006-0300
+CVE-2006-0300 (Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attac ...)
 	{DSA-987-1}
 	- tar 1.15.1-3 (bug #354091; high)
 	- dpkg <not-affected> (has completely different tar implementation)
 	[woody] - tar <not-affected>
-CVE-2006-0299
+CVE-2006-0299 (The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird  ...)
 	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
 	- mozilla <not-affected> (E4X not implemented in Mozilla 1.7)
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-thunderbird <not-affected> (Only 1.5 is affected)
 	- thunderbird 1.5.0.2-1
-CVE-2006-0298
+CVE-2006-0298 (The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before  ...)
 	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
 	- mozilla <not-affected> (Mozilla 1.7 is not affected)
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-thunderbird <not-affected> (Only 1.5 is affected)
 	- thunderbird 1.5.0.2-1
-CVE-2006-0297
+CVE-2006-0297 (Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if  ...)
 	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
 	- mozilla <not-affected> (Mozilla 1.7 is not affected)
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-thunderbird <not-affected> (Only 1.5 is affected)
 	- thunderbird 1.5.0.2-1
 	- xulrunner 1.8.0.1-9
-CVE-2006-0296
+CVE-2006-0296 (The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, a ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	- mozilla 2:1.7.13-0.1
 	- thunderbird 1.5.0.2-1
-CVE-2006-0295
+CVE-2006-0295 (Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, ...)
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-firefox <not-affected>
 	[sarge] - mozilla-thunderbird <not-affected> (Only 1.5 is affected)
 	- thunderbird 1.5.0.2-1
-CVE-2006-0294
+CVE-2006-0294 (Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript  ...)
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
 	[sarge] - mozilla-thunderbird <not-affected> (Only 1.5 is affected)
 	- mozilla-thunderbird <removed>
 	- thunderbird 1.5.0.2-1
-CVE-2006-0293
+CVE-2006-0293 (The function allocation code (js_NewFunction in jsfun.c) in Firefox 1. ...)
 	{DSA-1051-1 DSA-1046-1}
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
 	- mozilla 2:1.7.13-0.1
-CVE-2006-0292
+CVE-2006-0292 (The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before  ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
 	[sarge] - mozilla-firefox 1.0.4-2sarge6
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
 	- thunderbird 1.5.0.2-1
 	- mozilla 2:1.7.13-0.1
-CVE-2006-0291
+CVE-2006-0291 (Multiple unspecified vulnerabilities in Oracle Database Server 10.2.0. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0290
+CVE-2006-0290 (Unspecified vulnerability in Oracle Database Server 9.2.0.7, Applicati ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0289
+CVE-2006-0289 (Multiple unspecified vulnerabilities in Oracle Application Server 6.0. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0288
+CVE-2006-0288 (Multiple unspecified vulnerabilities in the Oracle Reports Developer c ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0287
+CVE-2006-0287 (Unspecified vulnerability in the Oracle HTTP Server component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0286
+CVE-2006-0286 (Unspecified vulnerability in the Oracle HTTP Server component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0285
+CVE-2006-0285 (Unspecified vulnerability in the Java Net component of Oracle Database ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0284
+CVE-2006-0284 (Multiple unspecified vulnerabilities in Oracle Application Server 9.0. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0282
+CVE-2006-0282 (Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5,  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0281
+CVE-2006-0281 (Unspecified vulnerability in Oracle JD Edwards HTML Server 8.95.F1 SP2 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0280
+CVE-2006-0280 (Unspecified vulnerability in Oracle PeopleSoft Enterprise Portal 8.4 B ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0279
+CVE-2006-0279 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0278
+CVE-2006-0278 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0277
+CVE-2006-0277 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0276
+CVE-2006-0276 (Multiple unspecified vulnerabilities in Oracle Collaboration Suite Rel ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0275
+CVE-2006-0275 (Unspecified vulnerability in the Oracle Reports Developer component of ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0274
+CVE-2006-0274 (Unspecified vulnerability in the Oracle Reports Developer component of ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0273
+CVE-2006-0273 (Unspecified vulnerability in the Portal component of Oracle Applicatio ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0272
+CVE-2006-0272 (Unspecified vulnerability in the XML Database component of Oracle Data ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0271
+CVE-2006-0271 (Unspecified vulnerability in the Upgrade &amp; Downgrade component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0270
+CVE-2006-0270 (Unspecified vulnerability in the Transparent Data Encryption (TDE) Wal ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0269
+CVE-2006-0269 (Unspecified vulnerability in the Streams Capture component of Oracle D ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0268
+CVE-2006-0268 (Unspecified vulnerability in the Security component of Oracle Database ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0267
+CVE-2006-0267 (Unspecified vulnerability in the Query Optimizer component of Oracle D ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0266
+CVE-2006-0266 (Unspecified vulnerability in the Query Optimizer component of Oracle D ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0265
+CVE-2006-0265 (Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4 ...)
 	NOT-FOR-US: Oracle
 CVE-2006-0264
 	REJECTED
-CVE-2006-0263
+CVE-2006-0263 (Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0262
+CVE-2006-0262 (Unspecified vulnerability in the Net Foundation Layer component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0261
+CVE-2006-0261 (Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0260
+CVE-2006-0260 (Multiple unspecified vulnerabilities in Oracle Database server 9.2.0.7 ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0259
+CVE-2006-0259 (Multiple unspecified vulnerabilities in Oracle Database server 10.1.0. ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0258
+CVE-2006-0258 (Unspecified vulnerability in the Connection Manager component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0257
+CVE-2006-0257 (Unspecified vulnerability in the Change Data Capture component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0256
+CVE-2006-0256 (Unspecified vulnerability in the Advanced Queuing component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2006-0255
+CVE-2006-0255 (Unquoted Windows search path vulnerability in Check Point VPN-1 Secure ...)
 	NOT-FOR-US: Check Point VPN
-CVE-2006-0254
+CVE-2006-0254 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo ...)
 	- geronimo <itp> (bug #481869)
-CVE-2006-0253
+CVE-2006-0253 (Buffer overflow in the Bluetooth OBEX Object Push service in "Blue Nei ...)
 	NOT-FOR-US: AmbiCom Blue Neighbors
-CVE-2006-0252
+CVE-2006-0252 (SQL injection vulnerability in Benders Calendar 1.0 allows remote atta ...)
 	NOT-FOR-US: Benders Calendar
-CVE-2006-0251
+CVE-2006-0251 (Cross-site scripting (XSS) vulnerability in fom.cgi in Faq-O-Matic 2.7 ...)
 	- faqomatic 2.712-3
-CVE-2006-0250
+CVE-2006-0250 (Format string vulnerability in the snmp_input function in snmptrapd in ...)
 	NOT-FOR-US: cmu-snmp-linux fork from CMU SNMP
 	NOTE: This bug is present in a fork, not in the mainline
 	NOTE: CMU-SNMP/UCD-SNMP/NET-SNMP versions.
-CVE-2006-0249
+CVE-2006-0249 (SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD_1 ...)
 	NOT-FOR-US: geoBlog
-CVE-2006-0248
+CVE-2006-0248 (Virata-EmWeb web server 6_1_0, as used in (1) Intracom JetSpeed 500 an ...)
 	NOT-FOR-US: Virata-EmWeb web server
-CVE-2006-0247
+CVE-2006-0247 (Cross-site scripting (XSS) vulnerability in anyboard.cgi in Netbula An ...)
 	NOT-FOR-US: Anyboard
-CVE-2006-0246
+CVE-2006-0246 (Cross-site scripting (XSS) vulnerability in down.pl in Widexl Download ...)
 	NOT-FOR-US: Widexl Download Tracker
-CVE-2006-0245
+CVE-2006-0245 (Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.7- ...)
 	NOT-FOR-US: CubeCart
-CVE-2006-0244
+CVE-2006-0244 (** DISPUTED ** Directory traversal vulnerability in workspaces.php in  ...)
 	NOT-FOR-US: phpXplorer
-CVE-2006-0243
+CVE-2006-0243 (Cross-site scripting (XSS) vulnerability in SMBCMS 2.1 allows remote a ...)
 	NOT-FOR-US: SMBCMS
-CVE-2006-0242
+CVE-2006-0242 (Cross-site scripting vulnerability in index.php in PHP Fusebox 4.0.6 a ...)
 	NOT-FOR-US: PHP Fusebox
-CVE-2006-0241
+CVE-2006-0241 (Cross-site scripting vulnerability in WBNews 1.1.0 and earlier allows  ...)
 	NOT-FOR-US: WBNews
-CVE-2006-0240
+CVE-2006-0240 (Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote ...)
 	NOT-FOR-US: Simple Blog
-CVE-2006-0239
+CVE-2006-0239 (Multiple cross-site scripting (XSS) vulnerabilities in Simple Blog 2.1 ...)
 	NOT-FOR-US: Simple Blog
-CVE-2006-0238
+CVE-2006-0238 (SQL injection vulnerability in wp-stats.php in GaMerZ WP-Stats 2.0 all ...)
 	NOT-FOR-US: GaMerZ WP-Stats
-CVE-2006-0237
+CVE-2006-0237 (Cross-site scripting (XSS) vulnerability in index.php in GTP iCommerce ...)
 	NOT-FOR-US: GTP iCommerce
-CVE-2006-0236
+CVE-2006-0236 (GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0 ...)
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2006-0235
+CVE-2006-0235 (SQL injection vulnerability in WhiteAlbum 2.5 allows remote attackers  ...)
 	NOT-FOR-US: WhiteAlbum
-CVE-2006-0234
+CVE-2006-0234 (SQL injection vulnerability in index.php in microBlog 2.0 RC-10 allows ...)
 	NOT-FOR-US: microBlog
-CVE-2006-0233
+CVE-2006-0233 (Cross-site scripting (XSS) vulnerability in functions.php in microBlog ...)
 	NOT-FOR-US: microBlog
-CVE-2006-0232
+CVE-2006-0232 (Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1. ...)
 	NOT-FOR-US: Symantec Scan Engine
-CVE-2006-0231
+CVE-2006-0231 (Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1. ...)
 	NOT-FOR-US: Symantec Scan Engine
-CVE-2006-0230
+CVE-2006-0230 (Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1. ...)
 	NOT-FOR-US: Symantec Scan Engine
-CVE-2006-0229
+CVE-2006-0229 (Unquoted Windows search path vulnerability in Wehntrust might allow lo ...)
 	NOT-FOR-US: Wehntrust
-CVE-2006-0228
+CVE-2006-0228 (The RBAC functionality in grsecurity before 2.1.8 does not properly ha ...)
 	- kernel-patch-grsecurity2 2.1.8-1 (bug #349246; medium)
 	- kernel-patch-2.4-grsecurity <removed> (bug #349247; medium)
-CVE-2006-0227
+CVE-2006-0227 (Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, a ...)
 	NOT-FOR-US: lpsched in Sun Solaris
-CVE-2006-0226
+CVE-2006-0226 (Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c)  ...)
 	NOT-FOR-US: freebsd kernel
-CVE-2006-0225
+CVE-2006-0225 (scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands vi ...)
 	- openssh 1:4.3p2-1 (low; bug #349645; bug #352254)
 	[sarge] - openssh <no-dsa> (Protocol flaws inherited from rcp)
 	- dropbear 0.48-1 (unimportant)
 	NOTE: dropbear doesn't include scp in binary package
-CVE-2006-0224
+CVE-2006-0224 (Buffer overflow in Library of Assorted Spiffy Things (LibAST) 0.6.1 an ...)
 	{DSA-976-1}
 	- libast 0.7-1
-CVE-2006-0223
+CVE-2006-0223 (Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Se ...)
 	NOT-FOR-US: TopCMM
-CVE-2006-0222
+CVE-2006-0222 (Cross-site scripting (XSS) vulnerability in fullview.php in AlstraSoft ...)
 	NOT-FOR-US: AlstraSoft Template Seller Pro
-CVE-2006-0221
+CVE-2006-0221 (SQL injection vulnerability in index.asp in the Admin Panel in Dragon  ...)
 	NOT-FOR-US: Dragon Design Services Network (DDSN)
-CVE-2006-0220
+CVE-2006-0220 (Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3  ...)
 	NOT-FOR-US: DCP-Portal
-CVE-2006-0219
+CVE-2006-0219 (The original distribution of MyBulletinBoard (MyBB) to update from old ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0218
+CVE-2006-0218 (Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before  ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2006-0217
+CVE-2006-0217 (Multiple cross-site scripting (XSS) vulnerabilities in Ultimate Auctio ...)
 	NOT-FOR-US: Ultimate Auction
-CVE-2006-0216
+CVE-2006-0216 (admin.php in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 allows remo ...)
 	NOT-FOR-US: QualityEBiz Quality PPC
-CVE-2006-0215
+CVE-2006-0215 (Cross-site scripting (XSS) vulnerability in admin.php in QualityEBiz Q ...)
 	NOT-FOR-US: QualityEBiz Quality PPC
-CVE-2006-0214
+CVE-2006-0214 (Eval injection vulnerability in ezDatabase 2.0 and earlier allows remo ...)
 	NOT-FOR-US: ezDatabase
-CVE-2006-0213
+CVE-2006-0213 (Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 an ...)
 	NOT-FOR-US: Kolab Server
 	NOTE: libkolab-perl are extensions for this server, but server does not seem to be in debian
-CVE-2006-0212
+CVE-2006-0212 (Directory traversal vulnerability in OBEX Push services in Toshiba Blu ...)
 	NOT-FOR-US: Toshiba Bluetooth Stack
-CVE-2006-0211
+CVE-2006-0211 (Cross-site scripting (XSS) vulnerability in forgotPassword.asp in Helm ...)
 	NOT-FOR-US: Helm Hosting Control Panel
-CVE-2006-0210
+CVE-2006-0210 (Cross-site scripting (XSS) vulnerability in index.php in Interspire Tr ...)
 	NOT-FOR-US: Interspire TrackPoint NX
-CVE-2006-0209
+CVE-2006-0209 (SQL injection vulnerability in general_functions.php in TankLogger 2.4 ...)
 	NOT-FOR-US: TankLogger
-CVE-2006-0208
+CVE-2006-0208 (Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5 ...)
 	- php5 5.1.2-1
 	- php4 4:4.4.2-1 (bug #354682; low)
 	[sarge] - php4 <no-dsa> (html_errors shouldn't be used)
-CVE-2006-0207
+CVE-2006-0207 (Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow re ...)
 	{DSA-1331-1}
 	- php5 5.1.2-1 (bug #347894)
 	- php4 4:4.4.2-1 (bug #354683)
-CVE-2006-0206
+CVE-2006-0206 (Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040 ...)
 	NOT-FOR-US: Light Weight Calendar
-CVE-2006-0205
+CVE-2006-0205 (Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote ...)
 	NOT-FOR-US: Wordcircle
-CVE-2006-0204
+CVE-2006-0204 (Multiple cross-site scripting (XSS) vulnerabilities in Wordcircle 2.17 ...)
 	NOT-FOR-US: Wordcircle
-CVE-2006-0203
+CVE-2006-0203 (membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not veri ...)
 	NOT-FOR-US: Mini-Nuke
-CVE-2006-0202
+CVE-2006-0202 (Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Tool ...)
 	NOT-FOR-US: PayPal Web Services
-CVE-2006-0201
+CVE-2006-0201 (Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Tool ...)
 	NOT-FOR-US: PayPal Web Services
-CVE-2006-0200
+CVE-2006-0200 (Format string vulnerability in the error-reporting feature in the mysq ...)
 	- php5 5.1.2-1 (bug #347894; unimportant)
 	- php4 <not-affected> (vulnerable code was introduced in PHP5)
 	NOTE: Not built into the binary packages
-CVE-2006-0199
+CVE-2006-0199 (SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2  ...)
 	NOT-FOR-US: Mini-Nuke
-CVE-2006-0198
+CVE-2006-0198 (Cross-site scripting (XSS) vulnerability in a certain module, possibly ...)
 	NOT-FOR-US: XOOPS
-CVE-2006-0197
+CVE-2006-0197 (The XClientMessageEvent struct used in certain components of X.Org 6.8 ...)
 	NOTE: Historic X11 bug #349251
-CVE-2006-0196
+CVE-2006-0196 (Unspecified vulnerability in Serial line sniffer (aka slsnif) 0.4.4 al ...)
 	NOT-FOR-US: slsnif
-CVE-2006-0195
+CVE-2006-0195 (Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0  ...)
 	{DSA-988-1}
 	- squirrelmail 2:1.4.6-1 (bug #354062)
-CVE-2006-0194
+CVE-2006-0194 (Cross-site scripting (XSS) vulnerability in default.asp in FogBugz 4.0 ...)
 	NOT-FOR-US: FogBugz
-CVE-2006-0193
+CVE-2006-0193 (Cross-site scripting (XSS) vulnerability in the Hosting Control Panel  ...)
 	NOT-FOR-US: Positive Software H-Sphere
-CVE-2006-0192
+CVE-2006-0192 (SQL injection vulnerability in Login_Validate.asp in ASPSurvey 1.10 al ...)
 	NOT-FOR-US: ASPSurvey
-CVE-2006-0191
+CVE-2006-0191 (Unspecified vulnerability in Sun Solaris 10 allows local users to caus ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2006-0190
+CVE-2006-0190 (Unspecified vulnerability in Sun Solaris 9 and 10 for the x86 platform ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2006-0189
+CVE-2006-0189 (Buffer overflow in eStara Softphone 3.0.1.14 through 3.0.1.46 allows r ...)
 	NOT-FOR-US: eStara Softphone
-CVE-2006-0188
+CVE-2006-0188 (webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to  ...)
 	{DSA-988-1}
 	- squirrelmail 2:1.4.6-1 (bug #354064)
-CVE-2006-2443
+CVE-2006-2443 (The Debian package of knowledgetree 2.0.7 creates environment.php with ...)
 	- knowledgetree 2.0.7-2 (bug #348306; medium)
-CVE-2006-0187
+CVE-2006-0187 (By design, Microsoft Visual Studio 2005 automatically executes code in ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-0186
 	REJECTED
-CVE-2006-0185
+CVE-2006-0185 (Multiple cross-site scripting vulnerabilities in the (1) Pool or (2) N ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-0184
+CVE-2006-0184 (Multiple SQL injection vulnerabilities in AspTopSites allow remote att ...)
 	NOT-FOR-US: AspTopSites
-CVE-2006-0183
+CVE-2006-0183 (Direct static code injection vulnerability in edit.php in ACal Calenda ...)
 	NOT-FOR-US: ACal Calendar Project
-CVE-2006-0182
+CVE-2006-0182 (login.php in ACal Calendar Project 2.2.5 allows remote attackers to by ...)
 	NOT-FOR-US: ACal Calendar Project
-CVE-2006-0181
+CVE-2006-0181 (Cisco Security Monitoring, Analysis and Response System (CS-MARS) befo ...)
 	NOT-FOR-US: Cisco
-CVE-2006-0180
+CVE-2006-0180 (Cross-site scripting (XSS) vulnerability in CaLogic Calendars 1.2.2 al ...)
 	NOT-FOR-US: CaLogic Calendars
-CVE-2006-0179
+CVE-2006-0179 (The Cisco IP Phone 7940 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Cisco
-CVE-2006-0178
+CVE-2006-0178 (Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local ...)
 	NOT-FOR-US: Cray UNICOS
-CVE-2006-0177
+CVE-2006-0177 (Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local use ...)
 	NOT-FOR-US: Cray UNICOS
-CVE-2006-0176
+CVE-2006-0176 (Buffer overflow in certain functions in src/fileio.c and src/unix/file ...)
 	- xmame 0.104-1 (medium; bug #349653)
 	NOTE: Only xmame-svgalib is vulnerable, the xmame-x package has a debconf
 	NOTE: question, that makes it very clear that setuid root is only for single-user
 	NOTE: systems and xmame-sdl and xmess aren't setuid at all
 	[sarge] - xmame <no-dsa> (XMame is non-free software)
-CVE-2006-0175
+CVE-2006-0175 (Cross-site scripting (XSS) vulnerability in search_form.asp in Web Wiz ...)
 	NOT-FOR-US: Web Wiz Forums
-CVE-2006-0174
+CVE-2006-0174 (Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5 ...)
 	NOT-FOR-US: Hummingbird Collaboration
-CVE-2006-0173
+CVE-2006-0173 (Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5 ...)
 	NOT-FOR-US: Hummingbird Collaboration
-CVE-2006-0172
+CVE-2006-0172 (Cross-site scripting (XSS) vulnerability in the file manager utility i ...)
 	NOT-FOR-US: Hummingbird Collaboration
-CVE-2006-0171
+CVE-2006-0171 (PHP remote file include vulnerability in index.php in OrjinWeb E-comme ...)
 	NOT-FOR-US: OrjinWeb E-commerce
 CVE-2006-0170
 	REJECTED
-CVE-2006-0169
+CVE-2006-0169 (addresses.php3 in MyPhPim 01.05 does not restrict uploaded files, whic ...)
 	NOT-FOR-US: MyPhPim
-CVE-2006-0168
+CVE-2006-0168 (Cross-site scripting (XSS) vulnerability in MyPhPim 01.05 allows remot ...)
 	NOT-FOR-US: MyPhPim
-CVE-2006-0167
+CVE-2006-0167 (SQL injection vulnerability in MyPhPim 01.05 allows remote attackers t ...)
 	NOT-FOR-US: MyPhPim
-CVE-2006-0166
+CVE-2006-0166 (Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 stor ...)
 	NOT-FOR-US: Symantec SystemWorks
-CVE-2006-0165
+CVE-2006-0165 (Cross-site scripting (XSS) vulnerability in the DataForm Entries funct ...)
 	NOT-FOR-US: WebGUI
-CVE-2006-0164
+CVE-2006-0164 (phgstats.inc.php in phgstats before 0.5.1, if register_globals is enab ...)
 	NOT-FOR-US: phgstats
-CVE-2006-0163
+CVE-2006-0163 (SQL injection vulnerability in the search module (modules/Search/index ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2006-0161
+CVE-2006-0161 (Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown i ...)
 	NOT-FOR-US: Solaris
-CVE-2006-0160
+CVE-2006-0160 (SQL injection vulnerability in add_post.php3 in Venom Board 1.22 allow ...)
 	NOT-FOR-US: Venom Board
-CVE-2006-0159
+CVE-2006-0159 (SQL injection vulnerability in escribir.php in Foro Domus 2.10 allows  ...)
 	NOT-FOR-US: Foro Domus
-CVE-2006-0158
+CVE-2006-0158 (SQL injection vulnerability in index.php in CyberDoc SiteSuite CMS all ...)
 	NOT-FOR-US: CyberDoc SiteSuite CMS
-CVE-2006-0157
+CVE-2006-0157 (settings.php in Reamday Enterprises Magic News Plus 1.0.3 allows remot ...)
 	NOT-FOR-US: Reamday Enterprises Magic News Plus
-CVE-2006-0156
+CVE-2006-0156 (Cross-site scripting (XSS) vulnerability in Foxrum 4.0.4f allows remot ...)
 	NOT-FOR-US: Foxforum
-CVE-2006-0155
+CVE-2006-0155 (Cross-site scripting (XSS) vulnerability in posts.php in 427BB 2.2 and ...)
 	NOT-FOR-US: 427BB
-CVE-2006-0154
+CVE-2006-0154 (SQL injection vulnerability in showthread.php in 427BB 2.2 and 2.2.1 a ...)
 	NOT-FOR-US: 427BB
-CVE-2006-0153
+CVE-2006-0153 (427BB 2.2 and 2.2.1 verifies authentication credentials based on the u ...)
 	NOT-FOR-US: 427BB
-CVE-2006-0152
+CVE-2006-0152 (Cross-site scripting (XSS) in search_result.php in phpChamber 1.2 and  ...)
 	NOT-FOR-US: phpChamber
-CVE-2006-0151
+CVE-2006-0151 (sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environ ...)
 	{DSA-946-2}
 	- sudo 1.6.8p12-1 (medium)
 	NOTE: The whole black list approach is flawed, for the DSA we'll switch to
 	NOTE: a white list approach of known to be safe env vars.
-CVE-2006-0150
+CVE-2006-0150 (Multiple format string vulnerabilities in the auth_ldap_log_reason fun ...)
 	{DSA-952-1}
 	- libapache-auth-ldap <removed> (bug #347416)
-CVE-2006-0149
+CVE-2006-0149 (Cross-site scripting (XSS) vulnerability in SimpBook 1.0, with html_en ...)
 	NOT-FOR-US: SimpBook
-CVE-2006-0148
+CVE-2006-0148 (NetSarang Xlpd 2.1 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: NetSarang Xlpd
-CVE-2006-0147
+CVE-2006-0147 (Dynamic code evaluation vulnerability in tests/tmssql.php test script  ...)
 	{DSA-1031-1 DSA-1030-1 DSA-1029-1}
 	- libphp-adodb 4.72-0.1 (medium; bug #349985)
 	- cacti 0.8.6d-1 (medium)
 	- moodle 1.6.3-2 (medium)
 	NOTE: exact moodle fixed version not known, but at least <= 1.6.3-2
-CVE-2006-0146
+CVE-2006-0146 (The server.php test script in ADOdb for PHP before 4.70, as used in mu ...)
 	{DSA-1031-1 DSA-1030-1 DSA-1029-1}
 	- libphp-adodb 4.72-0.1 (medium; bug #349985)
 	- cacti 0.8.6d-1 (medium)
 	- moodle 1.6.3-2 (medium)
 	NOTE: exact moodle fixed version not known, but at least <= 1.6.3-2
-CVE-2006-0145
+CVE-2006-0145 (The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and Ope ...)
 	NOT-FOR-US: NetBSD
-CVE-2006-0144
+CVE-2006-0144 (The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in  ...)
 	NOT-FOR-US: Neither php-pear nor php4-pear ship this file
-CVE-2006-0143
+CVE-2006-0143 (Microsoft Windows Graphics Rendering Engine (GRE) allows remote attack ...)
 	NOT-FOR-US: Windows
-CVE-2006-0142
+CVE-2006-0142 (Cross-site scripting (XSS) vulnerability in andromeda.php in Andromeda ...)
 	NOT-FOR-US: Andromeda
-CVE-2006-0141
+CVE-2006-0141 (Qualcomm Eudora Internet Mail Server (EIMS) before 3.2.8 allows remote ...)
 	NOT-FOR-US: Eudora
-CVE-2006-0140
+CVE-2006-0140 (Cross-site scripting (XSS) vulnerability in post.php in NavBoard V16 S ...)
 	NOT-FOR-US: Navboard
-CVE-2006-0139
+CVE-2006-0139 (The send-private-message functionality (send-private-message.asp) in P ...)
 	NOT-FOR-US: PD9 Software MegaBBS
-CVE-2006-0162
+CVE-2006-0162 (Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamA ...)
 	{DSA-947-1}
 	- clamav 0.88-1
-CVE-2006-0138
+CVE-2006-0138 (aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denia ...)
 	- amsn 0.98.9-1 (low; bug #557754)
 	[squeeze] - amsn <no-dsa> (minor issue)
 	[etch] - amsn <no-dsa> (minor issue)
 	[lenny] - amsn <no-dsa> (minor issue)
-CVE-2006-0137
+CVE-2006-0137 (SQL injection vulnerability in linkcategory.php in Phanatic Softwares  ...)
 	NOT-FOR-US: Phanatic Softwares Chimera Web Portal System
-CVE-2006-0136
+CVE-2006-0136 (Multiple cross-site scripting (XSS) vulnerabilities in the guestbook m ...)
 	NOT-FOR-US: Phanatic Softwares Chimera Web Portal System
-CVE-2006-0135
+CVE-2006-0135 (SQL injection vulnerability in login.php in TheWebForum (twf) 1.2.1 al ...)
 	NOT-FOR-US: TheWebForum
-CVE-2006-0134
+CVE-2006-0134 (Cross-site scripting (XSS) vulnerability in register.php in TheWebForu ...)
 	NOT-FOR-US: TheWebForum
-CVE-2006-0133
+CVE-2006-0133 (Multiple directory traversal vulnerabilities in AIX 5.3 ML03 allow loc ...)
 	NOT-FOR-US: AIX
-CVE-2006-0132
+CVE-2006-0132 (Directory traversal vulnerability in webftp.php in SysCP WebFTP 1.2.6  ...)
 	NOT-FOR-US: SysCP WebFTP
-CVE-2006-0131
+CVE-2006-0131 (boastMachine 3.1 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: boastMachine
-CVE-2006-0130
+CVE-2006-0130 (Mail Management Agent (MAILMA) (aka Mail Management Server) in Rocklif ...)
 	NOT-FOR-US: Mail Management Agent
-CVE-2006-0129
+CVE-2006-0129 (Mail Management Agent (MAILMA) (aka Mail Management Server) in Rocklif ...)
 	NOT-FOR-US: Mail Management Agent
-CVE-2006-0128
+CVE-2006-0128 (Buffer overflow in the IMAP service of Rockliffe MailSite before 6.1.2 ...)
 	NOT-FOR-US: Rockliffe MailSite
-CVE-2006-0127
+CVE-2006-0127 (Directory traversal vulnerability in the IMAP service of Rockliffe Mai ...)
 	NOT-FOR-US: Rockliffe MailSite
-CVE-2006-0126
+CVE-2006-0126 (rxvt-unicode before 6.3, on certain platforms that use openpty and non ...)
 	- rxvt-unicode 6.3-1
 	[sarge] - rxvt-unicode <not-affected> (rxvt-unicode author disagrees with CVE, GNU/Linux not affected - see 6.3 entry in http://dist.schmorp.de/rxvt-unicode/Changes)
 	[woody] - rxvt-unicode <not-affected> (rxvt-unicode author disagrees with CVE, GNU/Linux not affected - see 6.3 entry in http://dist.schmorp.de/rxvt-unicode/Changes)
-CVE-2006-0125
+CVE-2006-0125 (Unspecified vulnerability in appserv/main.php in AppServ 2.4.5 allows  ...)
 	NOT-FOR-US: AppServ
-CVE-2006-0124
+CVE-2006-0124 (Cross-site scripting (XSS) vulnerability in crear.php in ADN Forum 1.0 ...)
 	NOT-FOR-US: ADN Forum
-CVE-2006-0123
+CVE-2006-0123 (Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote  ...)
 	NOT-FOR-US: ADN Forum
-CVE-2006-0122
+CVE-2006-0122 (Cross-site scripting (XSS) vulnerability in Public/Index.asp in Aquife ...)
 	NOT-FOR-US: Aquifer CMS
-CVE-2006-0121
+CVE-2006-0121 (Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5. ...)
 	NOT-FOR-US: Notes/Domino
-CVE-2006-0120
+CVE-2006-0120 (Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Ser ...)
 	NOT-FOR-US: Notes/Domino
-CVE-2006-0119
+CVE-2006-0119 (Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Ser ...)
 	NOT-FOR-US: Notes/Domino
-CVE-2006-0118
+CVE-2006-0118 (Unspecified vulnerability in IBM Lotus Notes and Domino Server before  ...)
 	NOT-FOR-US: Notes/Domino
-CVE-2006-0117
+CVE-2006-0117 (Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allo ...)
 	NOT-FOR-US: Notes/Domino
-CVE-2006-0116
+CVE-2006-0116 (Cross-site scripting vulnerability search.inetstore in iNETstore Ebusi ...)
 	NOT-FOR-US: iNETstore Ebusiness Software
-CVE-2006-0115
+CVE-2006-0115 (Multiple SQL injection vulnerabilities in OnePlug Solutions OnePlug CM ...)
 	NOT-FOR-US: OnePlug Solutions OnePlug CMS
-CVE-2006-0114
+CVE-2006-0114 (The vCard functions in Joomla! 1.0.5 use predictable sequential IDs fo ...)
 	NOT-FOR-US: Joomla!
-CVE-2006-0113
+CVE-2006-0113 (Enhanced Simple PHP Gallery 1.7 allows remote attackers to obtain the  ...)
 	NOT-FOR-US: Enhanced Simple PHP Gallery
-CVE-2006-0112
+CVE-2006-0112 (Cross-site scripting (XSS) vulnerability in index.php in Enhanced Simp ...)
 	NOT-FOR-US: Enhanced Simple PHP Gallery
-CVE-2006-0111
+CVE-2006-0111 (Cross-site scripting vulnerability in index.php in Boxcar Media Shoppi ...)
 	NOT-FOR-US: Boxcar Media Shopping Cart
-CVE-2006-0110
+CVE-2006-0110 (Cross-site scripting (XSS) vulnerability in escribir.php in Foro Domus ...)
 	NOT-FOR-US: Foro Domus
-CVE-2006-0109
+CVE-2006-0109 (Cross-site scripting vulnerability in category.php in Modular Merchant ...)
 	NOT-FOR-US: Modular Merchant Shopping Cart
-CVE-2006-0108
+CVE-2006-0108 (SQL injection vulnerability in mcl_login.asp in Timecan CMS allows rem ...)
 	NOT-FOR-US: Timecan CMS
-CVE-2006-0107
+CVE-2006-0107 (SQL injection vulnerability in Timecan CMS allows remote attackers to  ...)
 	NOT-FOR-US: Timecan CMS
-CVE-2006-0105
+CVE-2006-0105 (PostgreSQL 8.0.x before 8.0.6 and 8.1.x before 8.1.2, when running on  ...)
 	NOT-FOR-US: PostgreSQL on Windows
-CVE-2006-0104
+CVE-2006-0104 (Directory traversal vulnerability in TinyPHPForum 3.6 and earlier allo ...)
 	NOT-FOR-US: TinyPHPForum
-CVE-2006-0103
+CVE-2006-0103 (TinyPHPForum 3.6 and earlier stores the (1) users/[USERNAME].hash and  ...)
 	NOT-FOR-US: TinyPHPForum
-CVE-2006-0102
+CVE-2006-0102 (Cross-site scripting (XSS) vulnerability in TinyPHPForum (TPF) 3.6 and ...)
 	NOT-FOR-US: TinyPHPForum
-CVE-2006-0101
+CVE-2006-0101 (Multiple cross-site scripting (XSS) vulnerabilities in sBLOG 0.7.1 Bet ...)
 	NOT-FOR-US: sBLOG
-CVE-2006-0100
+CVE-2006-0100 (Buffer overflow in NicoFTP 3.0.1.19 and earlier might allow local user ...)
 	NOT-FOR-US: NicoFTP
-CVE-2006-0099
+CVE-2006-0099 (PHP remote file include vulnerability in (1) include/templates/categor ...)
 	NOT-FOR-US: Valdersoft Shopping Cart
-CVE-2006-0098
+CVE-2006-0098 (The dupfdopen function in sys/kern/kern_descrip.c in OpenBSD 3.7 and 3 ...)
 	NOT-FOR-US: OpenBSD
-CVE-2006-0097
+CVE-2006-0097 (Stack-based buffer overflow in the create_named_pipe function in libmy ...)
 	- php4 <not-affected> (Windows specific)
 	- php5 <not-affected> (Windows specific)
-CVE-2006-0096
+CVE-2006-0096 (wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 ...)
 	{DSA-1017-1}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
 	- kernel-source-2.4.27 2.4.27-8
-CVE-2006-0095
+CVE-2006-0095 (dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.16-1
 	- kernel-source-2.4.27 <not-affected> (2.4 doesn't have dm-crypt)
-CVE-2006-0094
+CVE-2006-0094 (PHP remote file include vulnerability in forum.php in oaBoard 1.0 allo ...)
 	NOT-FOR-US: oaBoard
-CVE-2006-0093
+CVE-2006-0093 (Cross-site scripting (XSS) vulnerability in index.php in @Card ME PHP  ...)
 	NOT-FOR-US: @Card ME PHP
 CVE-2006-0092
 	REJECTED
-CVE-2006-0091
+CVE-2006-0091 (Cross-site scripting (XSS) vulnerability in webmail in Open-Xchange 0. ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2006-0090
+CVE-2006-0090 (Directory traversal vulnerability in index.php in IDV Directory Viewer ...)
 	NOT-FOR-US: IDV Directory Viewer
-CVE-2006-0089
+CVE-2006-0089 (Buffer overflow in ESRI ArcPad 7.0.0.156 allows remote attackers to ca ...)
 	NOT-FOR-US: ESRI ArcPad
-CVE-2006-0088
+CVE-2006-0088 (SQL injection vulnerability in intouch.lib.php in inTouch 0.5.1 Alpha  ...)
 	NOT-FOR-US: inTouch
-CVE-2006-0087
+CVE-2006-0087 (SQL injection vulnerability in (1) pages.php and (2) detail.php in Liz ...)
 	NOT-FOR-US: Lizard Cart
-CVE-2006-0086
+CVE-2006-0086 (Cross-site scripting vulnerability in index.php in Next Generation Ima ...)
 	NOT-FOR-US: Next Generation Image Gallery
-CVE-2006-0085
+CVE-2006-0085 (SQL injection vulnerability in Nkads 1.0 alfa 3 allows remote attacker ...)
 	NOT-FOR-US: Nkads
-CVE-2006-0084
+CVE-2006-0084 (Cross-site scripting vulnerability in index.php in raSMP 2.0.0 and ear ...)
 	NOT-FOR-US: raSMP
-CVE-2006-0083
+CVE-2006-0083 (Format string vulnerability in the logging code of SMS Server Tools (s ...)
 	{DSA-930-2 DSA-930-1}
 	- smstools 1.16-1.1 (bug #347221; medium)
-CVE-2006-0106
+CVE-2006-0106 (gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other versions,  ...)
 	{DSA-954-1 CVE-2005-4560}
 	- wine 0.9.2-1 (bug #346197; medium)
-CVE-2006-0082
+CVE-2006-0082 (Format string vulnerability in the SetImageInfo function in image.c fo ...)
 	{DSA-1213}
 	- imagemagick 6:6.2.4.5-0.6 (bug #345876)
-CVE-2006-0081
+CVE-2006-0081 (ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerat ...)
 	NOT-FOR-US: Intel
-CVE-2006-0080
+CVE-2006-0080 (Cross-site scripting (XSS) vulnerability in vBulletin 3.5.2, and possi ...)
 	NOT-FOR-US: vBulletin
-CVE-2006-0079
+CVE-2006-0079 (SQL injection vulnerability in auth.php in ScozNet ScozBook BETA 1.1 a ...)
 	NOT-FOR-US: ScozNet
-CVE-2006-0078
+CVE-2006-0078 (Multiple cross-site scripting (XSS) vulnerabilities in B-net Software  ...)
 	NOT-FOR-US: B-Net Software
-CVE-2006-0077
+CVE-2006-0077 (Off-by-one error in the getfattr function in File::ExtAttr before 0.03 ...)
 	NOT-FOR-US: File::ExtAttr
-CVE-2006-0076
+CVE-2006-0076 (PHP remote file include vulnerability in forum.php in oaBoard 1.0 allo ...)
 	NOT-FOR-US: oaBoard
-CVE-2006-0075
+CVE-2006-0075 (Direct static code injection vulnerability in phpBook 1.3.2 and earlie ...)
 	NOT-FOR-US: phpBook
-CVE-2006-0074
+CVE-2006-0074 (SQL injection vulnerability in profile.php in PHPenpals allows remote  ...)
 	NOT-FOR-US: PHPenpals
-CVE-2006-0073
+CVE-2006-0073 (Cross-site scripting (XSS) vulnerability in DiscusWare Discus Freeware ...)
 	NOT-FOR-US: DiscusWare Discus
-CVE-2006-0072
+CVE-2006-0072 (Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attack ...)
 	NOT-FOR-US: SCO Openserver
-CVE-2006-0071
+CVE-2006-0071 (The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid bi ...)
 	- pinentry <not-affected> (Gentoo-specific packaging flaw)
 CVE-2006-0070
 	- drupal <not-affected> (According to upstream advisory is junk, behaviour intentional)
 	NOTE: This will probably be REJECTED anyway
-CVE-2006-0069
+CVE-2006-0069 (Cross-site scripting (XSS) vulnerability in addentry.php in Chipmunk G ...)
 	NOT-FOR-US: Chipmunk Guestbook
-CVE-2006-0068
+CVE-2006-0068 (SQL injection vulnerability in Primo Cart 1.0 and earlier allows remot ...)
 	NOT-FOR-US: Primo Cart
-CVE-2006-0067
+CVE-2006-0067 (SQL injection vulnerability in login.php in VEGO Links Builder 2.00 an ...)
 	NOT-FOR-US: VEGO Links Builder
-CVE-2006-0066
+CVE-2006-0066 (SQL injection vulnerability in index.php in PHPjournaler 1.0 allows re ...)
 	NOT-FOR-US: PHPjournaler
-CVE-2006-0065
+CVE-2006-0065 (SQL injection vulnerability in (1) functions.php, (2) functions_update ...)
 	NOT-FOR-US: VEGO Web Forum
-CVE-2006-0064
+CVE-2006-0064 (PHP remote file include vulnerability in includes/orderSuccess.inc.php ...)
 	NOT-FOR-US: CubeCart
-CVE-2006-0063
+CVE-2006-0063 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.19, when "Allowe ...)
 	- phpbb2 2.0.21-1 (unimportant)
 	[sarge] - phpbb2 <no-dsa> (Affects only an inherently unsafe option only suitable for trusted users)
 	NOTE: According to the maintainer only affects a config option that is strongly
@@ -16335,114 +16335,114 @@ CVE-2006-0061 [xlock segfaults when using libpam-opensc]
 	[sarge] - xlockmore <no-dsa> (Minor issue)
 CVE-2006-0060
 	RESERVED
-CVE-2006-0059
+CVE-2006-0059 (Heap-based buffer overflow in the ISO Transport Service over TCP (RFC  ...)
 	NOT-FOR-US: LiveData
-CVE-2006-0058
+CVE-2006-0058 (Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows  ...)
 	{DSA-1015-1}
 	- sendmail 8.13.6-1 (bug #358440; high)
-CVE-2006-0057
+CVE-2006-0057 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers t ...)
 	NOT-FOR-US: Windows
-CVE-2006-0056
+CVE-2006-0056 (Double free vulnerability in the authentication and authentication tok ...)
 	- pam-mysql 0.6.2-1 (bug #353589; medium)
 	[sarge] - pam-mysql <not-affected> (Vulnerable code not present)
-CVE-2006-0055
+CVE-2006-0055 (The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable f ...)
 	- ee 1:1.4.2-5 (bug #348322)
-CVE-2006-0054
+CVE-2006-0054 (The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to ca ...)
 	NOT-FOR-US: FreeBSD
-CVE-2006-0053
+CVE-2006-0053 (Imager (libimager-perl) before 0.50 allows user-assisted attackers to  ...)
 	{DSA-1028-1}
 	- libimager-perl 0.50-1 (bug #359661)
-CVE-2006-0052
+CVE-2006-0052 (The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, wh ...)
 	{DSA-1027-1}
 	- mailman 2.1.6-1 (bug #358892)
-CVE-2006-0051
+CVE-2006-0051 (Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through ...)
 	{DSA-1023-1}
 	- kaffeine 0.8-1
-CVE-2006-0050
+CVE-2006-0050 (snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary fi ...)
 	{DSA-1013-1}
 	- snmptrapfmt 1.10
-CVE-2006-0049
+CVE-2006-0049 (gpg in GnuPG before 1.4.2.2 does not properly verify non-detached sign ...)
 	{DSA-993-2}
 	- gnupg 1.4.2.2-1 (bug #356125; medium)
 	- gnupg2 <not-affected> (Vulnerable code not activated)
-CVE-2006-0048
+CVE-2006-0048 (Francesco Stablum tcpick 0.2.1 allows remote attackers to cause a deni ...)
 	- tcpick 0.2.1-3 (bug #360571; low)
 	[sarge] - tcpick <no-dsa> (Minor issue)
-CVE-2006-0047
+CVE-2006-0047 (packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause ...)
 	{DSA-994-1}
 	- freeciv 2.0.8-1 (medium; bug #355211)
-CVE-2006-0046
+CVE-2006-0046 (squid_redirect script in adzapper before 2006-01-29 allows remote atta ...)
 	{DSA-966-1}
 	- adzapper 20060115-1
-CVE-2006-0045
+CVE-2006-0045 (crawl before 4.0.0 does not securely call programs when saving and loa ...)
 	{DSA-949-1}
 	- crawl 1:4.0.0beta26-7 (medium)
-CVE-2006-0044
+CVE-2006-0044 (Unspecified vulnerability in context.py in Albatross web application t ...)
 	{DSA-942-1}
 	- albatross 1.33-1
-CVE-2006-0043
+CVE-2006-0043 (Buffer overflow in the realpath function in nfs-server rpc.mountd, as  ...)
 	{DSA-975-1}
 	- nfs-user-server 2.2beta47-22 (high; bug #350020)
 	NOTE: nfs-utils (kernel NFS server) is not affected
 	NOTE: (it uses PATH_MAX for the buffer passed to realpath).
-CVE-2006-0042
+CVE-2006-0042 (Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_par ...)
 	{DSA-1000-2}
 	- libapreq2 2.07-1
 CVE-2006-0041
 	REJECTED
-CVE-2006-0040
+CVE-2006-0040 (GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a ...)
 	- evolution 2.10.1 (bug #398064; low)
 	[etch] - evolution <no-dsa> (Minor issue)
 	[sarge] - evolution <not-affected> (Not reproducable on Sarge)
-CVE-2006-0039
+CVE-2006-0039 (Race condition in the do_add_counters function in netfilter for Linux  ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-14
-CVE-2006-0038
+CVE-2006-0038 (Integer overflow in the do_replace function in netfilter for Linux bef ...)
 	{DSA-1103 DSA-1097-1}
 	- linux-2.6 2.6.16-1
-CVE-2006-0037
+CVE-2006-0037 (ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in ...)
 	- linux-2.6 2.6.15-3
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code not present)
 	[sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not present)
-CVE-2006-0036
+CVE-2006-0036 (ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in ...)
 	- linux-2.6 2.6.15-3
 	[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code not present)
 	[sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not present)
-CVE-2006-0035
+CVE-2006-0035 (The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 an ...)
 	- linux-2.6 2.6.15-3
-CVE-2006-0019
+CVE-2006-0019 (Heap-based buffer overflow in the encodeURI and decodeURI functions in ...)
 	{DSA-948-1}
 	- kdelibs 4:3.5.1-1 (medium)
-CVE-2006-0034
+CVE-2006-0034 (Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext fu ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0033
+CVE-2006-0033 (Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0032
+CVE-2006-0032 (Cross-site scripting (XSS) vulnerability in the Indexing Service in Mi ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0031
+CVE-2006-0031 (Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, i ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0030
+CVE-2006-0030 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0029
+CVE-2006-0029 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0028
+CVE-2006-0028 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0027
+CVE-2006-0027 (Unspecified vulnerability in Microsoft Exchange allows remote attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0026
+CVE-2006-0026 (Buffer overflow in Microsoft Internet Information Services (IIS) 5.0,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0025
+CVE-2006-0025 (Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2006-0024
+CVE-2006-0024 (Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 an ...)
 	- flashplugin-nonfree 7.0.61-4 (bug #357038; bug #357105)
 	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash plugin)
-CVE-2006-0023
+CVE-2006-0023 (Microsoft Windows XP SP1 and SP2 before August 2004, and possibly othe ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0022
+CVE-2006-0022 (Unspecified vulnerability in Microsoft PowerPoint in Microsoft Office  ...)
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2006-0021
+CVE-2006-0021 (Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows re ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0020
+CVE-2006-0020 (An unspecified Microsoft WMF parsing application, as used in Internet  ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-0018
 	REJECTED
@@ -16450,33 +16450,33 @@ CVE-2006-0017
 	RESERVED
 CVE-2006-0016
 	RESERVED
-CVE-2006-0015
+CVE-2006-0015 (Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0014
+CVE-2006-0014 (Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote a ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0013
+CVE-2006-0013 (Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0012
+CVE-2006-0012 (Unspecified vulnerability in Windows Explorer in Microsoft Windows 200 ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-0011
 	REJECTED
-CVE-2006-0010
+CVE-2006-0010 (Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0009
+CVE-2006-0009 (Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versio ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0008
+CVE-2006-0008 (The ShellAbout API call in Korean Input Method Editor (IME) in Korean  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0007
+CVE-2006-0007 (Buffer overflow in GIFIMP32.FLT, as used in Microsoft Office 2003 SP1  ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0006
+CVE-2006-0006 (Heap-based buffer overflow in the bitmap processing routine in Microso ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0005
+CVE-2006-0005 (Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0004
+CVE-2006-0004 (Microsoft PowerPoint 2000 in Office 2000 SP3 has an interaction with I ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0003
+CVE-2006-0003 (Unspecified vulnerability in the RDS.Dataspace ActiveX control, which  ...)
 	NOT-FOR-US: RDS.Dataspace
-CVE-2006-0002
+CVE-2006-0002 (Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exch ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0001
+CVE-2006-0001 (Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 a ...)
 	NOT-FOR-US: Microsoft
diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index de8b9cd0ea..e5c77889cd 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -1,28 +1,28 @@
-CVE-2007-6761
+CVE-2007-6761 (drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6. ...)
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: Fixed by: https://git.kernel.org/linus/0b29669c065f60501e7289e1950fa2a618962358 (v2.6.24-rc6)
-CVE-2007-6760
+CVE-2007-6760 (Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware)  ...)
 	NOT-FOR-US: Dataprobe iBootBar
-CVE-2007-6759
+CVE-2007-6759 (Dataprobe iBootBar (with 2007-09-20 and possibly later released firmwa ...)
 	NOT-FOR-US: Dataprobe iBootBar
 CVE-2007-6758
 	RESERVED
-CVE-2007-6757
+CVE-2007-6757 (GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 has a password of Muse! ...)
 	NOT-FOR-US: GE Healthcare Centricity DMS
-CVE-2007-6756
+CVE-2007-6756 (ZOLL Defibrillator / Monitor M Series, E Series, and R Series have a d ...)
 	NOT-FOR-US: ZOLL Defibrillator / Monitor M Series, E Series, and R Series
-CVE-2007-6755
+CVE-2007-6755 (The NIST SP 800-90A default statement of the Dual Elliptic Curve Deter ...)
 	- openssl <unfixed> (unimportant)
 	NOTE: Unused/broken in OpenSSL, see http://marc.info/?l=openssl-announce&m=138747119822324&w=2
-CVE-2007-6754
+CVE-2007-6754 (The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for F ...)
 	NOT-FOR-US: NetBSD/FreeBSD libc
-CVE-2007-6753
+CVE-2007-6753 (Untrusted search path vulnerability in Shell32.dll in Microsoft Window ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-6752
+CVE-2007-6752 (** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in Drup ...)
 	- drupal7 <removed> (unimportant)
-CVE-2007-6751
+CVE-2007-6751 (Cross-site scripting (XSS) vulnerability in the MailForm plugin before ...)
 	NOT-FOR-US: MailForm plugin for Movable Type
-CVE-2007-6750
+CVE-2007-6750 (The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a  ...)
 	- apache2 2.2.15-3 (medium; bug #533661)
 	- apache <removed> (medium; bug #533662)
 	[lenny] - apache2 <no-dsa> (Minor issue)
@@ -32,7 +32,7 @@ CVE-2007-6748
 	RESERVED
 CVE-2007-6747
 	RESERVED
-CVE-2007-6746
+CVE-2007-6746 (telepathy-idle before 0.1.15 does not verify (1) that the issuer is a  ...)
 	- telepathy-idle 0.1.15-1 (low; bug #706094)
 	[wheezy] - telepathy-idle <no-dsa> (Minor issue)
 	[squeeze] - telepathy-idle <no-dsa> (Minor issue)
@@ -41,61 +41,61 @@ CVE-2007-6745 [clamav floating point exception in OLE2 scanner DoS]
 	- clamav 0.91.2-1~volatile1
 	[etch] - clamav <not-affected> (Vulnerable code not present)
 	[sarge] - clamav <not-affected> (Vulnerable code not present)
-CVE-2007-6744
+CVE-2007-6744 (Flexera Macrovision InstallShield before 2008 sends a digital-signatur ...)
 	NOT-FOR-US: Flexera Macrovision InstallShield
-CVE-2007-6743
+CVE-2007-6743 (Double free vulnerability in IBM Tivoli Directory Server (TDS) 5.2 bef ...)
 	NOT-FOR-US: Tivoli
-CVE-2007-6742
+CVE-2007-6742 (The get_filter_list function in IBM Tivoli Directory Server (TDS) 5.2  ...)
 	NOT-FOR-US: Tivoli
-CVE-2007-6741
+CVE-2007-6741 (The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does n ...)
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2007-6740
+CVE-2007-6740 (The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does n ...)
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2007-6739
+CVE-2007-6739 (FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to caus ...)
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2007-6738
+CVE-2007-6738 (pyftpdlib before 0.1.1 does not choose a random value for the port ass ...)
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2007-6737
+CVE-2007-6737 (FTPServer.py in pyftpdlib before 0.2.0 does not increment the attempte ...)
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2007-6736
+CVE-2007-6736 (Multiple directory traversal vulnerabilities in FTPServer.py in pyftpd ...)
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2007-6735
+CVE-2007-6735 (NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2007-6734
+CVE-2007-6734 (NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7  ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2007-6733
+CVE-2007-6733 (The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9 does  ...)
 	- linux-2.6 2.6.10-1
-CVE-2007-6732
+CVE-2007-6732 (Multiple buffer overflows in the dtt_load function in loaders/dtt_load ...)
 	- xmp 2.6.1-1 (low; bug #546730)
 	[etch] - xmp <no-dsa> (Minor issue, fringe app/formats)
 	[lenny] - xmp <no-dsa> (Minor issue, fringe app/formats)
-CVE-2007-6731
+CVE-2007-6731 (Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers  ...)
 	- xmp 2.6.1-1 (low; bug #546730)
 	[etch] - xmp <no-dsa> (Minor issue, fringe app/formats)
 	[lenny] - xmp <no-dsa> (Minor issue, fringe app/formats)
-CVE-2007-6730
+CVE-2007-6730 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web  ...)
 	NOT-FOR-US: ZyXEL P-330W
-CVE-2007-6729
+CVE-2007-6729 (Cross-site scripting (XSS) vulnerability in the web management interfa ...)
 	NOT-FOR-US: ZyXEL P-330W
-CVE-2007-6728
+CVE-2007-6728 (Cross-site scripting (XSS) vulnerability in XMB 1.5 allows remote atta ...)
 	NOT-FOR-US: XMB
-CVE-2007-6727
+CVE-2007-6727 (SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows  ...)
 	NOT-FOR-US: KerviNet Forum
-CVE-2007-6726
+CVE-2007-6726 (Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and  ...)
 	NOT-FOR-US: Dojo
-CVE-2007-6725
+CVE-2007-6725 (The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly o ...)
 	{DSA-2080-1}
 	- ghostscript 8.63.dfsg.1-1 (medium; bug #524803)
 	- gs-gpl <removed> (medium; bug #561717)
-CVE-2007-6724
+CVE-2007-6724 (Vidalia bundle before 0.1.2.18, when running on Windows, installs Priv ...)
 	NOT-FOR-US: Vidalia
-CVE-2007-6723
+CVE-2007-6723 (TorK before 0.22, when running on Windows and Mac OS X, installs Privo ...)
 	- tork <not-affected> (Affects only Windows and MacOS)
-CVE-2007-6722
+CVE-2007-6722 (Vidalia bundle before 0.1.2.18, when running on Windows and Mac OS X,  ...)
 	NOT-FOR-US: Vidalia
-CVE-2007-6721
+CVE-2007-6721 (The Legion of the Bouncy Castle Java Cryptography API before release 1 ...)
 	- bouncycastle 1.38-1
-CVE-2007-6720
+CVE-2007-6720 (libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possi ...)
 	- libmikmod 3.1.11-6.1 (low; bug #461519)
 	[etch] - libmikmod <no-dsa> (Minor issue)
 	[lenny] - libmikmod <no-dsa> (Minor issue)
@@ -106,297 +106,297 @@ CVE-2007-XXXX [tdiary XSS]
 	[etch] - tdiary 2.0.2+20060303-5
 	NOTE: fixed in r6 point update
 	NOTE: http://www.tdiary.org/20071215.html
-CVE-2007-6719
+CVE-2007-6719 (SQL injection vulnerability in Wiz-Ad 1.3 allows remote attackers to e ...)
 	NOT-FOR-US: Wiz-Ad
-CVE-2007-6718
+CVE-2007-6718 (MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of ...)
 	- mplayer 1.0~rc3+svn20100502-1 (low; bug #407010)
 	[lenny] - mplayer <no-dsa> (Some have been fixed in Lenny/libavcodec, some crashers left)
 	NOTE: http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities
-CVE-2007-6717
+CVE-2007-6717 (Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3 ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-6716
+CVE-2007-6716 (fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23  ...)
 	{DSA-1653-1}
 	- linux-2.6 2.6.23-1
 	- linux-2.6.24 <not-affected> (Vulnerable code not present)
 	NOTE: 848c4dd5153c7a0de55470ce99a8e13a63b4703f
-CVE-2007-6715
+CVE-2007-6715 (Mozilla Firefox allows remote attackers to cause a denial of service ( ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: browser dos not treated as security issues
 	NOTE: cant reproduce on 2.0.0.12-1 and 2.0.0.14-2, already fixed?
-CVE-2007-6713
+CVE-2007-6713 (Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has unknown  ...)
 	NOT-FOR-US: Flip4Mac
-CVE-2007-6714
+CVE-2007-6714 (DBMail before 2.2.9, when using authldap with an LDAP server that supp ...)
 	- dbmail 2.2.9
-CVE-2007-6712
+CVE-2007-6712 (Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux  ...)
 	{DSA-1588-1}
 	- linux-2.6 2.6.26-1
 	- linux-2.6.24 <not-affected>
 	NOTE: upstream commit 13788ccc41ceea5893f9c747c59bc0b28f2416c2, not present in 2.6.25.x,
 	NOTE: but fixed in git, so marking as fixed in 2.6.26-1
-CVE-2007-6711
+CVE-2007-6711 (Unspecified vulnerability in customer.php in FreeWebshop.org 2.2.5, 2. ...)
 	NOT-FOR-US: FreeWebShop.org
 CVE-2007-6710
 	RESERVED
-CVE-2007-6709
+CVE-2007-6709 (The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and ear ...)
 	NOT-FOR-US: Cisco Linksys
-CVE-2007-6708
+CVE-2007-6708 (Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisc ...)
 	NOT-FOR-US: Cisco Linksys
-CVE-2007-6707
+CVE-2007-6707 (Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Links ...)
 	NOT-FOR-US: Cisco Linksys
-CVE-2007-6706
+CVE-2007-6706 (Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus No ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2007-6705
+CVE-2007-6705 (The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client fo ...)
 	NOT-FOR-US: WebSphere
-CVE-2007-6704
+CVE-2007-6704 (Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 410 ...)
 	NOT-FOR-US: F5 FirePass
-CVE-2007-6703
+CVE-2007-6703 (Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) ...)
 	- vdccm <removed>
-CVE-2007-6702
+CVE-2007-6702 (goform/QuickStart_c0 on the GoAhead Web Server on the FS4104-AW (aka r ...)
 	NOT-FOR-US: FS4104-AW firmware
-CVE-2007-6701
+CVE-2007-6701 (Multiple stack-based buffer overflows in the Spooler service (nwspool. ...)
 	NOT-FOR-US: Novell Client
-CVE-2007-6700
+CVE-2007-6700 (Cross-site scripting (XSS) vulnerability in cgi-bin/bgplg in the web i ...)
 	NOT-FOR-US: openbsd
-CVE-2007-6699
+CVE-2007-6699 (Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control ...)
 	NOT-FOR-US: AIM PicEditor
-CVE-2007-6698
+CVE-2007-6698 (The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote auth ...)
 	{DSA-1541-1}
 	- openldap2.3 2.3.38-1
 	- openldap2.2 <removed>
 	- openldap2 <not-affected> (slapd not built)
-CVE-2007-6696
+CVE-2007-6696 (Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.1 ...)
 	- webcalendar 1.1.6-7 (bug #466935)
 	[lenny] - webcalendar <not-affected> (See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466935#37)
-CVE-2007-6695
+CVE-2007-6695 (Cross-site scripting (XSS) vulnerability in index.php in Drake CMS 0.4 ...)
 	NOT-FOR-US: Drake CMS
-CVE-2007-6694
+CVE-2007-6694 (The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 t ...)
 	{DSA-1565-1 DSA-1503-2 DSA-1504-1 DSA-1503-1}
 	- linux-2.6 2.6.24-1
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, upstream in 2.6.24)
 	NOTE: Upstream commit 9ac71d00398674aaec664f30559f0a21d963862f, part of 2.6.24
-CVE-2007-6697
+CVE-2007-6697 (Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image  ...)
 	{DSA-1493-2 DSA-1493-1}
 	- sdl-image1.2 1.2.6-2 (medium)
-CVE-2007-6693
+CVE-2007-6693 (Unspecified vulnerability in the WebCam module in Menalto Gallery befo ...)
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6692
+CVE-2007-6692 (Open redirect vulnerability in Menalto Gallery before 2.2.4 allows rem ...)
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6691
+CVE-2007-6691 (Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 h ...)
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6690
+CVE-2007-6690 (The Gallery Remote module in Menalto Gallery before 2.2.4 does not che ...)
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6689
+CVE-2007-6689 (Menalto Gallery before 2.2.4 does not properly check for malicious fil ...)
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6688
+CVE-2007-6688 (Unspecified vulnerability in the Installation application in Menalto G ...)
 	- gallery <not-affected> (Vulnerable code not present)
 	- gallery2 2.2.4-1 (bug #457644)
-CVE-2007-6687
+CVE-2007-6687 (Multiple cross-site scripting (XSS) vulnerabilities in Menalto Gallery ...)
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6686
+CVE-2007-6686 (The URL rewrite module in Menalto Gallery before 2.2.4 allows attacker ...)
 	- gallery2 2.2.4-1 (bug #457644)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2007-6685
+CVE-2007-6685 (Unspecified vulnerability in the Publish XP module Menalto Gallery bef ...)
 	- gallery <not-affected> (Vulnerable code not present)
 	- gallery2 2.2.4-1 (bug #457644)
-CVE-2007-6680
+CVE-2007-6680 (Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument i ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-6679
+CVE-2007-6679 (Unspecified vulnerability in the Administrative Console in IBM WebSphe ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2007-6678
 	REJECTED
-CVE-2007-6677
+CVE-2007-6677 (Cross-site scripting (XSS) vulnerability in Peter's Random Anti-Spam I ...)
 	NOT-FOR-US: Peter's Random Anti-Spam Image
-CVE-2007-6676
+CVE-2007-6676 (The default configuration of Uber Uploader (UU) 5.3.6 and earlier does ...)
 	NOT-FOR-US: Uber Uploader
-CVE-2007-6675
+CVE-2007-6675 (The b_system_comments_show function in htdocs/modules/system/blocks/sy ...)
 	NOT-FOR-US: XOOPS
-CVE-2007-6674
+CVE-2007-6674 (Cross-site scripting (XSS) vulnerability in Default.asp in RapidShare  ...)
 	NOT-FOR-US: RapidShare Database
-CVE-2007-6673
+CVE-2007-6673 (Cross-site scripting (XSS) vulnerability in Makale Scripti allows remo ...)
 	NOT-FOR-US: Makale Scripti
-CVE-2007-6672
+CVE-2007-6672 (Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protec ...)
 	- jetty 6.1.18-1 (medium; bug #462793; bug #559765)
-CVE-2007-6671
+CVE-2007-6671 (SQL injection vulnerability in login_form.asp in Instant Softwares Dat ...)
 	NOT-FOR-US: Instant Softwares Dating Site
-CVE-2007-6670
+CVE-2007-6670 (SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows  ...)
 	NOT-FOR-US: PHCDownload
-CVE-2007-6669
+CVE-2007-6669 (Cross-site scripting (XSS) vulnerability in search.php in PHCDownload  ...)
 	NOT-FOR-US: PHCDownload
-CVE-2007-6668
+CVE-2007-6668 (admin/uploadgames.php in MySpace Content Zone (MCZ) 3.x does not requi ...)
 	NOT-FOR-US: MySpace Content Zone
-CVE-2007-6667
+CVE-2007-6667 (SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and earlier  ...)
 	NOT-FOR-US: MyPHP Forum
-CVE-2007-6666
+CVE-2007-6666 (SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 a ...)
 	NOT-FOR-US: Zenphoto
-CVE-2007-6665
+CVE-2007-6665 (SQL injection vulnerability in admin/login.asp in Netchemia oneSCHOOL  ...)
 	NOT-FOR-US: Netchemia
-CVE-2007-6664
+CVE-2007-6664 (SQL injection vulnerability in index.php in WebPortal CMS 0.6.0 and ea ...)
 	NOT-FOR-US: WebPortal
-CVE-2007-6663
+CVE-2007-6663 (SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html. ...)
 	NOT-FOR-US: Pragmatic Utopia PU Arcade
-CVE-2007-6662
+CVE-2007-6662 (Directory traversal vulnerability in file.php in CuteNews 2.6 allows r ...)
 	NOT-FOR-US: CuteNews
-CVE-2007-6661
+CVE-2007-6661 (2z project 0.9.6.1 allows attackers to change the password without sup ...)
 	NOT-FOR-US: 2z project
-CVE-2007-6660
+CVE-2007-6660 (2z project 0.9.6.1 allows remote attackers to obtain sensitive informa ...)
 	NOT-FOR-US: 2z project
-CVE-2007-6659
+CVE-2007-6659 (Multiple cross-site scripting (XSS) vulnerabilities in 2z project 0.9. ...)
 	NOT-FOR-US: 2z project
-CVE-2007-6658
+CVE-2007-6658 (SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS)  ...)
 	NOT-FOR-US: CCMS
-CVE-2007-6657
+CVE-2007-6657 (PHP remote file inclusion vulnerability in source/includes/load_forum. ...)
 	NOT-FOR-US: Mihalism
-CVE-2007-6656
+CVE-2007-6656 (SQL injection vulnerability in content_css.php in the TinyMCE module f ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2007-6655
+CVE-2007-6655 (PHP remote file inclusion vulnerability in includes/function.php in Ko ...)
 	NOT-FOR-US: Kontakt Formular
-CVE-2007-6654
+CVE-2007-6654 (Buffer overflow in a certain ActiveX control in Macrovision InstallShi ...)
 	NOT-FOR-US: Macrovision InstallShield Update Service Web Agent
-CVE-2007-6653
+CVE-2007-6653 (Directory traversal vulnerability in download.php in Mihalism Multi Ho ...)
 	NOT-FOR-US: Mihalism
-CVE-2007-6652
+CVE-2007-6652 (cpie.php in XCMS 1.83 and earlier sends a redirect to the web browser  ...)
 	NOT-FOR-US: XCMS
-CVE-2007-6651
+CVE-2007-6651 (Directory traversal vulnerability in wiki/edit.php in Bitweaver R2 CMS ...)
 	NOT-FOR-US: Bitweaver
-CVE-2007-6650
+CVE-2007-6650 (Unrestricted file upload vulnerability in fisheye/upload.php in Bitwea ...)
 	NOT-FOR-US: Bitweaver
-CVE-2007-6649
+CVE-2007-6649 (PHP remote file inclusion vulnerability in includes/tumbnail.php in Ma ...)
 	NOT-FOR-US: MatPo Bilder Gallery
-CVE-2007-6648
+CVE-2007-6648 (Directory traversal vulnerability in index.php in SanyBee Gallery 0.1. ...)
 	NOT-FOR-US: SanyBee Gallery
-CVE-2007-6647
+CVE-2007-6647 (SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier  ...)
 	NOT-FOR-US: w-Agora
-CVE-2007-6646
+CVE-2007-6646 (Multiple cross-site scripting (XSS) vulnerabilities in LiveCart 1.0.1, ...)
 	NOT-FOR-US: LiveCart
-CVE-2007-6645
+CVE-2007-6645 (Unspecified vulnerability in Joomla! before 1.5 RC4 allows remote auth ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-6644
+CVE-2007-6644 (Joomla! before 1.5 RC4 allows remote authenticated administrators to p ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-6643
+CVE-2007-6643 (Cross-site scripting (XSS) vulnerability in the com_poll component in  ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-6642
+CVE-2007-6642 (Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla!  ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-6641
+CVE-2007-6641 (Cross-site scripting (XSS) vulnerability in dir.php in milliscripts Re ...)
 	NOT-FOR-US: milliscripts
-CVE-2007-6640
+CVE-2007-6640 (Creammonkey 0.9 through 1.1 and GreaseKit 1.2 through 1.3 does not pro ...)
 	NOT-FOR-US: Creammonkey and GreaseKit
-CVE-2007-6639
+CVE-2007-6639 (SQL injection vulnerability in index.php in IPTBB 0.5.4 and earlier al ...)
 	NOT-FOR-US: IPTBB
-CVE-2007-6638
+CVE-2007-6638 (March Networks DVR 3204 stores sensitive information under the web roo ...)
 	NOT-FOR-US: March Networks
-CVE-2007-6637
+CVE-2007-6637 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Pla ...)
 	- flashplugin-nonfree 1:1.4 (bug #459071)
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	NOTE: http://www.adobe.com/support/security/advisories/apsa07-06.html
-CVE-2007-6636
+CVE-2007-6636 (Unspecified vulnerability in the StorageFarabDb module in Bitflu befor ...)
 	NOT-FOR-US: Bitflu
-CVE-2007-6635
+CVE-2007-6635 (FAQMasterFlexPlus, possibly 1.5 or 1.52, stores the admin password in  ...)
 	NOT-FOR-US: FAQMasterFlexPlus
-CVE-2007-6634
+CVE-2007-6634 (Multiple SQL injection vulnerabilities in FAQMasterFlexPlus, possibly  ...)
 	NOT-FOR-US: FAQMasterFlexPlus
-CVE-2007-6633
+CVE-2007-6633 (Multiple cross-site scripting (XSS) vulnerabilities in FAQMasterFlexPl ...)
 	NOT-FOR-US: FAQMasterFlexPlus
-CVE-2007-6632
+CVE-2007-6632 (showCode.php in xml2owl 0.1.1 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: xml2owl
-CVE-2007-6631
+CVE-2007-6631 (Multiple buffer overflows in LScube libnemesi 0.6.4-rc1 and earlier al ...)
 	NOT-FOR-US: LScube libnemesi
-CVE-2007-6630
+CVE-2007-6630 (The Url_init function in utils/url.c in Netembryo 0.0.4, when used by  ...)
 	NOT-FOR-US: Netembryo
-CVE-2007-6629
+CVE-2007-6629 (Interpretation conflict in LScube Feng 0.1.15 and earlier allows remot ...)
 	NOT-FOR-US: LScube Feng
-CVE-2007-6628
+CVE-2007-6628 (LScube Feng 0.1.15 and earlier allows remote attackers to cause a deni ...)
 	NOT-FOR-US: LScube Feng
-CVE-2007-6627
+CVE-2007-6627 (Integer overflow in the RTSP_remove_msg function in RTSP_lowlevel.c in ...)
 	NOT-FOR-US: LScube Feng
-CVE-2007-6626
+CVE-2007-6626 (Multiple buffer overflows in the RTSP_valid_response_msg function in R ...)
 	NOT-FOR-US: LScube Feng
-CVE-2007-6625
+CVE-2007-6625 (The Platform Service Process (asampsp) in Fan-Out Driver Platform Serv ...)
 	NOT-FOR-US: Platform Service Process (asampsp)
-CVE-2007-6624
+CVE-2007-6624 (Directory traversal vulnerability in printview.php in PNphpBB2 1.2i an ...)
 	NOT-FOR-US: PNphpBB2
-CVE-2007-6623
+CVE-2007-6623 (Absolute path traversal vulnerability in ZeusCMS 0.3 and earlier might ...)
 	NOT-FOR-US: ZeusCMS
-CVE-2007-6622
+CVE-2007-6622 (SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier ...)
 	NOT-FOR-US: ZeusCMS
-CVE-2007-6621
+CVE-2007-6621 (Directory traversal vulnerability in joovili.images.php in Joovili 3.0 ...)
 	NOT-FOR-US: Joovili
-CVE-2007-6620
+CVE-2007-6620 (Directory traversal vulnerability in include/images.inc.php in Joovili ...)
 	NOT-FOR-US: Joovili
-CVE-2007-6619
+CVE-2007-6619 (The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 do ...)
 	NOT-FOR-US: Setup Wizard in Atlassian JIRA Enterprise Edition
-CVE-2007-6618
+CVE-2007-6618 (JIRA Enterprise Edition before 3.12.1 allows remote attackers to delet ...)
 	NOT-FOR-US: JIRA Enterprise Edition
-CVE-2007-6617
+CVE-2007-6617 (Cross-site scripting (XSS) vulnerability in 500page.jsp in JIRA Enterp ...)
 	NOT-FOR-US: JIRA Enterprise Edition
-CVE-2007-6616
+CVE-2007-6616 (Cross-site scripting (XSS) vulnerability in simpleforum.cgi in SimpleF ...)
 	NOT-FOR-US: SimpleForum
-CVE-2007-6615
+CVE-2007-6615 (Directory traversal vulnerability in includes/block.php in Agares Medi ...)
 	NOT-FOR-US: Agares Media phpAutoVideo
-CVE-2007-6614
+CVE-2007-6614 (PHP remote file inclusion vulnerability in admin/frontpage_right.php i ...)
 	NOT-FOR-US: Agares Media phpAutoVideo
-CVE-2007-6613
+CVE-2007-6613 (Stack-based buffer overflow in the print_iso9660_recurse function in i ...)
 	- libcdio 0.78.2+dfsg1-2 (low; bug #459129)
 	[sarge] - libcdio <not-affected> (Packages prior to 0.78.2 didn't build the tools into binary package)
 	[etch] - libcdio <not-affected> (Packages prior to 0.78.2 didn't build the tools into binary package)
 	NOTE: applications that use libcdio are not vulnerable, problem only lies in the info tool
-CVE-2007-6610
+CVE-2007-6610 (unp 1.0.12, and other versions before 1.0.14, does not properly escape ...)
 	- unp 1.0.13 (bug #448437; low)
 	[etch] - unp <no-dsa> (Only used as archiver in third-party software)
-CVE-2007-6609
+CVE-2007-6609 (Multiple stack-based buffer overflows in the CPLI_ReadTag_OGG function ...)
 	NOT-FOR-US: CoolPlayer
-CVE-2007-6608
+CVE-2007-6608 (Multiple cross-site scripting (XSS) vulnerabilities in OpenBiblio 0.5. ...)
 	NOT-FOR-US: OpenBiblio
-CVE-2007-6607
+CVE-2007-6607 (OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain se ...)
 	NOT-FOR-US: OpenBiblio
-CVE-2007-6606
+CVE-2007-6606 (OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain co ...)
 	NOT-FOR-US: OpenBiblio
-CVE-2007-6605
+CVE-2007-6605 (Buffer overflow in a certain ActiveX control in SkyFexClient.ocx 1.0.2 ...)
 	NOT-FOR-US: SkyFex Client
-CVE-2007-6604
+CVE-2007-6604 (Multiple directory traversal vulnerabilities in index.php in XCMS 1.82 ...)
 	NOT-FOR-US: XCMS
-CVE-2007-6603
+CVE-2007-6603 (Hot or Not Clone has insufficient access control for producing and rea ...)
 	NOT-FOR-US: Hot or Not Clone
-CVE-2007-6602
+CVE-2007-6602 (SQL injection vulnerability in app/models/identity.php in NoseRub 0.5. ...)
 	NOT-FOR-US: NoseRub
-CVE-2007-6601
+CVE-2007-6601 (The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8 ...)
 	{DSA-1463-1 DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
-CVE-2007-6600
+CVE-2007-6600 (PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 ...)
 	{DSA-1463-1 DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
 	[sarge] - postgresql <unfixed>
-CVE-2007-6597
+CVE-2007-6597 (Multiple cross-site scripting (XSS) vulnerabilities in IPortalX before ...)
 	NOT-FOR-US: IPortalX
-CVE-2007-6599
+CVE-2007-6599 (Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 ...)
 	{DSA-1458-1}
 	- openafs 1.4.6.dfsg1-1 (medium)
 	NOTE: http://www.openafs.org/security/OPENAFS-SA-2007-003.txt
-CVE-2007-6595
+CVE-2007-6595 (ClamAV 0.92 allows local users to overwrite arbitrary files via a syml ...)
 	{DSA-1497-1}
 	- clamav 0.92.1~dfsg-1 (low; bug #458532)
 	[etch] - clamav <not-affected> (Minor issue, first issue doesn't apply)
 	[sarge] - clamav <no-dsa> (Security Support has stopped)
-CVE-2007-6596
+CVE-2007-6596 (ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows ...)
 	- clamav 0.92.1~dfsg-1 (unimportant; bug #458532)
 	[etch] - clamav <no-dsa> (Minor issue)
 	[sarge] - clamav <no-dsa> (Security Support has stopped)
 	NOTE: this is more a feature request than a bug
-CVE-2007-6594
+CVE-2007-6594 (IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak per ...)
 	NOT-FOR-US: Lotus Notes
-CVE-2007-6593
+CVE-2007-6593 (Multiple stack-based buffer overflows in l123sr.dll in Autonomy (forme ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2007-6592
+CVE-2007-6592 (Apple Safari 2, when a user accepts an SSL server certificate on the b ...)
 	NOT-FOR-US: Safari
-CVE-2007-6591
+CVE-2007-6591 (KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server cer ...)
 	- kdebase 4:4.0.3-1 (low; bug #458968)
 	[etch] - kdebase <no-dsa> (Minor issue)
 	[lenny] - kdebase <no-dsa> (Minor issue)
@@ -404,209 +404,209 @@ CVE-2007-6591
 	NOTE: No longer occurs in KDE 4.0.3 according to upstream bug
 CVE-2007-6590
 	REJECTED
-CVE-2007-6589
+CVE-2007-6589 (The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMon ...)
 	{DSA-1534-1}
 	- iceape 1.1.7-1 (medium)
 	- iceweasel 2.0.0.10-1 (medium)
-CVE-2007-6588
+CVE-2007-6588 (Cross-site scripting (XSS) vulnerability in PHCDownload 1.10 allows re ...)
 	NOT-FOR-US: PHCDownload
-CVE-2007-6587
+CVE-2007-6587 (SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 al ...)
 	NOT-FOR-US: Plogger
-CVE-2007-6586
+CVE-2007-6586 (SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows r ...)
 	NOT-FOR-US: nicLOR-CMS
-CVE-2007-6585
+CVE-2007-6585 (PHP remote file inclusion vulnerability in confirmUnsubscription.php i ...)
 	NOT-FOR-US: NmnNewsletter
-CVE-2007-6584
+CVE-2007-6584 (Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow r ...)
 	NOT-FOR-US: 1024 CMS
-CVE-2007-6583
+CVE-2007-6583 (SQL injection vulnerability in admin/ops/findip/ajax/search.php in 102 ...)
 	NOT-FOR-US: 1024 CMS
-CVE-2007-6582
+CVE-2007-6582 (Directory traversal vulnerability in index.php in mBlog 1.2 allows rem ...)
 	NOT-FOR-US: mBlog
-CVE-2007-6581
+CVE-2007-6581 (Multiple directory traversal vulnerabilities in Social Engine 2.0 allo ...)
 	NOT-FOR-US: Social Engine
-CVE-2007-6580
+CVE-2007-6580 (Multiple SQL injection vulnerabilities in Wallpaper Site 1.0.09 allow  ...)
 	NOT-FOR-US: Wallpaper Site
-CVE-2007-6579
+CVE-2007-6579 (Multiple SQL injection vulnerabilities in Ip Reg 0.3 allow remote atta ...)
 	NOT-FOR-US: Ip Reg
-CVE-2007-6578
+CVE-2007-6578 (SQL injection vulnerability in go.php in PHP ZLink 0.3 allows remote a ...)
 	NOT-FOR-US: PHP ZLink
-CVE-2007-6577
+CVE-2007-6577 (Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow ...)
 	NOT-FOR-US: zBlog
-CVE-2007-6576
+CVE-2007-6576 (Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earli ...)
 	NOT-FOR-US: Adult Script
-CVE-2007-6575
+CVE-2007-6575 (SQL injection vulnerability in default.php in MMSLamp allows remote at ...)
 	NOT-FOR-US: MMSLamp
-CVE-2007-6574
+CVE-2007-6574 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 an ...)
 	NOT-FOR-US: Dokeos
-CVE-2007-6573
+CVE-2007-6573 (QK SMTP Server 3 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: QK SMTP
-CVE-2007-6572
+CVE-2007-6572 (Cross-site scripting (XSS) vulnerability in Sun Java System Web Server ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2007-6571
+CVE-2007-6571 (Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy  ...)
 	NOT-FOR-US: Sun Java System Web Proxy
-CVE-2007-6570
+CVE-2007-6570 (Cross-site scripting (XSS) vulnerability in the View URL Database func ...)
 	NOT-FOR-US: Sun Java System Web Proxy Server
-CVE-2007-6569
+CVE-2007-6569 (Cross-site scripting (XSS) vulnerability in the View Error Log functio ...)
 	NOT-FOR-US: Sun Java System Web Proxy Server
-CVE-2007-6568
+CVE-2007-6568 (PHP remote file inclusion vulnerability in config.inc.php in XZero Com ...)
 	NOT-FOR-US: XZero Community Classifieds
-CVE-2007-6567
+CVE-2007-6567 (Directory traversal vulnerability in index.php in XZero Community Clas ...)
 	NOT-FOR-US: XZero Community Classifieds
-CVE-2007-6566
+CVE-2007-6566 (SQL injection vulnerability in post.php in XZero Community Classifieds ...)
 	NOT-FOR-US: XZero Community Classifieds
-CVE-2007-6565
+CVE-2007-6565 (Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta an ...)
 	NOT-FOR-US: Blakord Portal
-CVE-2007-6611
+CVE-2007-6611 (Cross-site scripting (XSS) vulnerability in view.php in Mantis before  ...)
 	{DSA-1467-1}
 	- mantis 1.0.8-4 (low; bug #458377)
-CVE-2007-6683
+CVE-2007-6683 (The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to o ...)
 	{DSA-1543-1 DTSA-132-1}
 	- vlc 0.8.6.c-4.1 (medium; bug #458318)
 	- mozilla-browser-plugin 0.8.6.e-2.2 (bug #480370)
 	NOTE: the plugin is in the same srcpkg but has its own implementation for VLCOPT
 	[lenny] - vlc 0.8.6.c-4.1~lenny1
 	NOTE: see https://trac.videolan.org/vlc/ticket/1371
-CVE-2007-6682
+CVE-2007-6682 (Format string vulnerability in the httpd_FileCallBack function (networ ...)
 	{DSA-1543-1}
 	- vlc 0.8.6.c-4.1 (medium; bug #458318)
 	[lenny] - vlc 0.8.6.c-4.1~lenny1
 	NOTE: see http://www.securityfocus.com/archive/1/485488/30/0/threaded
-CVE-2007-6681
+CVE-2007-6681 (Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VL ...)
 	{DSA-1543-1}
 	- vlc 0.8.6.c-4.1 (low; bug #458318)
 	[lenny] - vlc 0.8.6.c-4.1~lenny1
 	NOTE: see http://www.securityfocus.com/archive/1/485488/30/0/threaded
-CVE-2007-6684
+CVE-2007-6684 (The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to caus ...)
 	- vlc 0.8.6.c-4.1 (bug #458318)
 	[lenny] - vlc 0.8.6.c-4.1~lenny1
 	NOTE: That's hardly a security problem, just a bug
-CVE-2007-6598
+CVE-2007-6598 (Dovecot before 1.0.10, with certain configuration options including us ...)
 	{DSA-1457-1}
 	- dovecot 1:1.0.10-1 (low; bug #458315)
 	[sarge] - dovecot <not-affected> (Vulnerable code not present)
 	[etch] - dovecot <no-dsa> (very minor issue)
 	NOTE: http://dovecot.org/list/dovecot-news/2007-December/000057.html
 	NOTE: low, because issue is only with quite rare configurations
-CVE-2007-6612
+CVE-2007-6612 (Directory traversal vulnerability in DirHandler (lib/mongrel/handlers. ...)
 	- mongrel 1.1.3-1 (medium)
-CVE-2007-6564
+CVE-2007-6564 (Cross-site scripting (XSS) vulnerability in admin.php in Limbo CMS 1.0 ...)
 	NOT-FOR-US: Limbo CMS
-CVE-2007-6563
+CVE-2007-6563 (Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly ot ...)
 	NOT-FOR-US: WinAce
-CVE-2007-6562
+CVE-2007-6562 (Multiple stack-based buffer overflows in the use of FD_SET in TCPreen  ...)
 	{DSA-1443-1}
 	- tcpreen 1.4.3-0.3 (medium; bug #457781)
-CVE-2007-6561
+CVE-2007-6561 (Multiple stack-based buffer overflows in PDFLib allow user-assisted re ...)
 	NOT-FOR-US: PDFLib
-CVE-2007-6560
+CVE-2007-6560 (Multiple cross-site scripting (XSS) vulnerabilities in Logaholic befor ...)
 	NOT-FOR-US: Logaholic
-CVE-2007-6559
+CVE-2007-6559 (Multiple SQL injection vulnerabilities in Logaholic before 2.0 RC8 all ...)
 	NOT-FOR-US: Logaholic
-CVE-2007-6558
+CVE-2007-6558 (TotalPlayer 3.0 allows user-assisted remote attackers to cause a denia ...)
 	NOT-FOR-US: TotalPlayer
-CVE-2007-6557
+CVE-2007-6557 (Multiple SQL injection vulnerabilities in MeGaCheatZ 1.1 allow remote  ...)
 	NOT-FOR-US: MeGaCheatZ
-CVE-2007-6556
+CVE-2007-6556 (Multiple SQL injection vulnerabilities in websihirbazi 5.1.1 allow rem ...)
 	NOT-FOR-US: websihirbazi
-CVE-2007-6555
+CVE-2007-6555 (PHP remote file inclusion vulnerability in modules/mod_pxt_latest.php  ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-6554
+CVE-2007-6554 (Multiple directory traversal vulnerabilities in TeamCal Pro 3.1.000 an ...)
 	NOT-FOR-US: TeamCal
-CVE-2007-6553
+CVE-2007-6553 (Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1. ...)
 	NOT-FOR-US: TeamCal
-CVE-2007-6552
+CVE-2007-6552 (Directory traversal vulnerability in index.php in AuraCMS 2.2 allows r ...)
 	NOT-FOR-US: AuraCMS
-CVE-2007-6551
+CVE-2007-6551 (SQL injection vulnerability in showMsg.php in MailMachine Pro 2.2.4, a ...)
 	NOT-FOR-US: MailMachine
-CVE-2007-6550
+CVE-2007-6550 (form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web ...)
 	NOT-FOR-US: PMOS Help Desk
-CVE-2007-6549
+CVE-2007-6549 (Unspecified vulnerability in RunCMS before 1.6.1 has unknown impact an ...)
 	NOT-FOR-US: RunCMS
-CVE-2007-6548
+CVE-2007-6548 (Multiple direct static code injection vulnerabilities in RunCMS before ...)
 	NOT-FOR-US: RunCMS
-CVE-2007-6547
+CVE-2007-6547 (RunCMS before 1.6.1 does not require entry of the old password during  ...)
 	NOT-FOR-US: RunCMS
-CVE-2007-6546
+CVE-2007-6546 (RunCMS before 1.6.1 uses a predictable session id, which makes it easi ...)
 	NOT-FOR-US: RunCMS
-CVE-2007-6545
+CVE-2007-6545 (Multiple cross-site scripting (XSS) vulnerabilities in RunCMS before 1 ...)
 	NOT-FOR-US: RunCMS
-CVE-2007-6544
+CVE-2007-6544 (Multiple SQL injection vulnerabilities in RunCMS before 1.6.1 allow re ...)
 	NOT-FOR-US: RunCMS
-CVE-2007-6543
+CVE-2007-6543 (SQL injection vulnerability in suggest-link.php in eSyndiCat Link Exch ...)
 	NOT-FOR-US: eSyndiCat Link Exchange Script
-CVE-2007-6542
+CVE-2007-6542 (PHP remote file inclusion vulnerability in admin/frontpage_right.php i ...)
 	NOT-FOR-US: Arcadem LEArcadem LE
-CVE-2007-6541
+CVE-2007-6541 (Multiple cross-site scripting (XSS) vulnerabilities in neuron news 1.0 ...)
 	NOT-FOR-US: neuron news
-CVE-2007-6540
+CVE-2007-6540 (SQL injection vulnerability in neuron news 1.0 allows remote attackers ...)
 	NOT-FOR-US: neuron news
-CVE-2007-6539
+CVE-2007-6539 (PHP local file inclusion vulnerability in index.php in IDevspot iSuppo ...)
 	NOT-FOR-US: IDevspot iSupport
-CVE-2007-6538
+CVE-2007-6538 (SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php ...)
 	- moodle <not-affected> (Vulnerable code not present, third party module)
-CVE-2007-6537
+CVE-2007-6537 (Stack-based buffer overflow in the zfile_gunzip function in zfile.c in ...)
 	NOT-FOR-US: WinUAE
-CVE-2007-6536
+CVE-2007-6536 (The Custom Button Installer dialog in Google Toolbar 4 and 5 beta pres ...)
 	NOT-FOR-US: Google Toolbar
-CVE-2007-6535
+CVE-2007-6535 (Buffer overflow in the YShortcut ActiveX control in YShortcut.dll 2006 ...)
 	NOT-FOR-US: YShortcut ActiveX control
-CVE-2007-6534
+CVE-2007-6534 (Multiple unspecified vulnerabilities in Microsoft Office Publisher all ...)
 	NOT-FOR-US: Microsoft Office Publisher
-CVE-2007-6533
+CVE-2007-6533 (Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-ass ...)
 	NOT-FOR-US: Zoom Player
-CVE-2007-6532
+CVE-2007-6532 (Double free vulnerability in the Widget Library (libxfcegui4) in Xfce  ...)
 	- libxfcegui4 4.4.2 (low)
 	[sarge] - libxfcegui4 <no-dsa> (Minor issue)
 	[etch] - libxfcegui4 <no-dsa> (Minor issue)
-CVE-2007-6531
+CVE-2007-6531 (Stack-based buffer overflow in the Panel (xfce4-panel) component in Xf ...)
 	- xfce4-panel 4.4.2 (low)
 	[sarge] - xfce4-panel <no-dsa> (Minor issue)
 	[etch] - xfce4-panel <no-dsa> (Minor issue)
-CVE-2007-6530
+CVE-2007-6530 (Buffer overflow in the XUpload.ocx ActiveX control in Persits Software ...)
 	NOT-FOR-US: XUpload
-CVE-2007-6529
+CVE-2007-6529 (Multiple unspecified vulnerabilities in TikiWiki before 1.9.9 have unk ...)
 	- tikiwiki <removed>
-CVE-2007-6528
+CVE-2007-6528 (Directory traversal vulnerability in tiki-listmovies.php in TikiWiki b ...)
 	- tikiwiki <removed>
-CVE-2007-6527
+CVE-2007-6527 (uploadimg.php in the Automatic Image Upload with Thumbnails (imgUpload ...)
 	NOT-FOR-US: PunBB
-CVE-2007-6526
+CVE-2007-6526 (Cross-site scripting (XSS) vulnerability in tiki-special_chars.php in  ...)
 	- tikiwiki <removed>
-CVE-2007-6525
+CVE-2007-6525 (Unspecified vulnerability in eClient in IBM DB2 Content Manager (CM) T ...)
 	NOT-FOR-US: IBM DB2 Content Manager
-CVE-2007-6524
+CVE-2007-6524 (Opera before 9.25 allows remote attackers to obtain potentially sensit ...)
 	NOT-FOR-US: Opera
-CVE-2007-6523
+CVE-2007-6523 (Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before ...)
 	NOT-FOR-US: Opera
-CVE-2007-6522
+CVE-2007-6522 (The rich text editing functionality in Opera before 9.25 allows remote ...)
 	NOT-FOR-US: Opera
-CVE-2007-6521
+CVE-2007-6521 (Unspecified vulnerability in Opera before 9.25 allows remote attackers ...)
 	NOT-FOR-US: Opera
-CVE-2007-6520
+CVE-2007-6520 (Opera before 9.25 allows remote attackers to conduct cross-domain scri ...)
 	NOT-FOR-US: Opera
-CVE-2007-6519
+CVE-2007-6519 (Unspecified vulnerability in the File-on-File Mounting File System (FF ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2007-6518
+CVE-2007-6518 (Multiple SQL injection vulnerabilities in search.php in WoltLab Burnin ...)
 	NOT-FOR-US: WoltLab Burning Board
-CVE-2007-6517
+CVE-2007-6517 (SQL injection vulnerability in the forget password section (LostPwd.as ...)
 	NOT-FOR-US: Eagle Software Aeries Browser Interface
-CVE-2007-6516
+CVE-2007-6516 (Buffer overflow in RavWare Software MAS Flic ActiveX Control (masflc.o ...)
 	NOT-FOR-US: RavWare Software MAS Flic ActiveX Control
-CVE-2007-6515
+CVE-2007-6515 (support/dispatch.cgi in SiteScape Forum allows remote attackers to exe ...)
 	NOT-FOR-US: SiteScape
-CVE-2007-6513
+CVE-2007-6513 (HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports  ...)
 	NOT-FOR-US: HP eSupportDiagnostics ActiveX control
-CVE-2007-6512
+CVE-2007-6512 (PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the ...)
 	NOT-FOR-US: PHP MySQL Banner Exchange
-CVE-2007-6511
+CVE-2007-6511 (Websense Enterprise 6.3.1 allows remote attackers to bypass content fi ...)
 	NOT-FOR-US: Websense Enterprise
-CVE-2007-6510
+CVE-2007-6510 (Multiple stack-based buffer overflows in ProWizard 4 PC (prowiz) 1.62  ...)
 	NOT-FOR-US: ProWizard
-CVE-2007-6509
+CVE-2007-6509 (Unspecified vulnerability in Appian Enterprise Business Process Manage ...)
 	NOT-FOR-US: Appian Enterprise Business Process Management Suite
-CVE-2007-6508
+CVE-2007-6508 (Directory traversal vulnerability in view.php in xeCMS 1.0 allows remo ...)
 	NOT-FOR-US: xeCMS
-CVE-2007-6514
+CVE-2007-6514 (Apache HTTP Server, when running on Linux with a document root on a Wi ...)
 	- linux-2.6 2.6.17-1 (low; bug #529318)
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, 2.6.17)
 	NOTE: While labeled as an Apache flaw, fix required in smbfs
@@ -618,127 +618,127 @@ CVE-2007-XXXX [venkman preinst symlink dos]
 CVE-2007-XXXX [unace unspecified security issue related to uninitialized variable]
 	- unace-nonfree 2.5-3
 	[etch] - unace-nonfree 2.5-1etch1
-CVE-2007-6507
+CVE-2007-6507 (SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, befo ...)
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-6506
+CVE-2007-6506 (The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.d ...)
 	NOT-FOR-US: HP Software Update
-CVE-2007-6505
+CVE-2007-6505 (Solaris 9, with Solaris Auditing enabled and certain patches for sshd  ...)
 	NOT-FOR-US: Solaris
-CVE-2007-6504
+CVE-2007-6504 (Unspecified vulnerability in IIS/iibind.asp in Hosting Controller 6.1  ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6503
+CVE-2007-6503 (Multiple unspecified vulnerabilities in Hosting Controller 6.1 Hot fix ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6502
+CVE-2007-6502 (Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authentic ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6501
+CVE-2007-6501 (Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and ea ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6500
+CVE-2007-6500 (Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and ea ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6499
+CVE-2007-6499 (Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and ea ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6498
+CVE-2007-6498 (Multiple SQL injection vulnerabilities in Hosting Controller 6.1 Hot f ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6497
+CVE-2007-6497 (Hosting Controller 6.1 Hot fix 3.3 and earlier (1) allows remote attac ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6496
+CVE-2007-6496 (Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6495
+CVE-2007-6495 (inc_newuser.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allo ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6494
+CVE-2007-6494 (Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers ...)
 	NOT-FOR-US: Hosting Controller
-CVE-2007-6493
+CVE-2007-6493 (The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and pos ...)
 	NOT-FOR-US: iMesh
-CVE-2007-6492
+CVE-2007-6492 (The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and pos ...)
 	NOT-FOR-US: iMesh
-CVE-2007-6491
+CVE-2007-6491 (Multiple SQL injection vulnerabilities in Kvaliitti WebDoc 3.0 CMS all ...)
 	NOT-FOR-US: Kvaliitti WebDoc CMS
-CVE-2007-6490
+CVE-2007-6490 (Cross-site request forgery (CSRF) vulnerability in Falcon Series One C ...)
 	NOT-FOR-US: Falcon Series One CMS
-CVE-2007-6489
+CVE-2007-6489 (Multiple cross-site scripting (XSS) vulnerabilities in Falcon Series O ...)
 	NOT-FOR-US: Falcon Series One CMS
-CVE-2007-6488
+CVE-2007-6488 (Multiple PHP remote file inclusion vulnerabilities in Falcon Series On ...)
 	NOT-FOR-US: Falcon Series One CMS
-CVE-2007-6487
+CVE-2007-6487 (Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 a ...)
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2007-6486
+CVE-2007-6486 (Multiple cross-site scripting (XSS) vulnerabilities in shout.php (aka  ...)
 	NOT-FOR-US: LineShout
-CVE-2007-6485
+CVE-2007-6485 (Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 ( ...)
 	NOT-FOR-US: Centreon
-CVE-2007-6484
+CVE-2007-6484 (SQL injection vulnerability in index.php in phpRPG 0.8 allows remote a ...)
 	NOT-FOR-US: phpRPG
-CVE-2007-6483
+CVE-2007-6483 (Directory traversal vulnerability in SafeNet Sentinel Protection Serve ...)
 	NOT-FOR-US: SafeNet Sentinel Protection and Keys Server
-CVE-2007-6482
+CVE-2007-6482 (Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in  ...)
 	NOT-FOR-US: utdevmgrd in Sun Ray Server Software
-CVE-2007-6481
+CVE-2007-6481 (Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in  ...)
 	NOT-FOR-US: utdevmgrd in Sun Ray Server Software
-CVE-2007-6480
+CVE-2007-6480 (The Oracle database component in Sun Management Center (Sun MC) 3.6.1, ...)
 	NOT-FOR-US: Oracle database component in Sun Management Center
-CVE-2007-6479
+CVE-2007-6479 (Unrestricted file upload vulnerability in the "My productions" compone ...)
 	NOT-FOR-US: Dokeos
-CVE-2007-6478
+CVE-2007-6478 (Stack-based buffer overflow in Rosoft Media Player 4.1.7, 4.1.8, and p ...)
 	NOT-FOR-US: Rosoft Media Player
-CVE-2007-6477
+CVE-2007-6477 (Cross-site scripting (XSS) vulnerability in the on-line help feature i ...)
 	NOT-FOR-US: Citrix Web Interface and NFuse
-CVE-2007-6476
+CVE-2007-6476 (GF-3XPLORER 2.4 allows remote attackers to obtain configuration inform ...)
 	NOT-FOR-US: GF-3XPLORER
-CVE-2007-6475
+CVE-2007-6475 (Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow  ...)
 	NOT-FOR-US: GF-3XPLORER
-CVE-2007-6474
+CVE-2007-6474 (Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 ...)
 	NOT-FOR-US: GF-3XPLORER
-CVE-2007-6473
+CVE-2007-6473 (Heap-based buffer overflow in Texas Imperial Software WFTPD Pro Explor ...)
 	NOT-FOR-US: WFTPD Explorer Pro
-CVE-2007-6472
+CVE-2007-6472 (Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 allo ...)
 	NOT-FOR-US: phpMyRealty
-CVE-2007-6471
+CVE-2007-6471 (Incomplete blacklist vulnerability in main.php in phPay 2.02.01 on Win ...)
 	NOT-FOR-US: phPay
-CVE-2007-6470
+CVE-2007-6470 (phpRPG 0.8 stores sensitive information under the web root with insuff ...)
 	NOT-FOR-US: phpRPG
-CVE-2007-6469
+CVE-2007-6469 (SQL injection vulnerability in index.php in phpRPG 0.8, when magic_qut ...)
 	NOT-FOR-US: phpRPG
-CVE-2007-6468
+CVE-2007-6468 (Buffer overflow in the HuffDecode function in hw_utils/hwrcon/huffman. ...)
 	NOT-FOR-US: Hammer of Thyrion
-CVE-2007-6467
+CVE-2007-6467 (SQL injection vulnerability in index.php in MKPortal 1.1 RC1 allows re ...)
 	NOT-FOR-US: MKPortal
-CVE-2007-6466
+CVE-2007-6466 (Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2 ...)
 	NOT-FOR-US: FreeWebshop
-CVE-2007-6465
+CVE-2007-6465 (Multiple cross-site scripting (XSS) vulnerabilities in ganglia-web in  ...)
 	- ganglia-monitor-core <not-affected> (ganglia web-frontend not included)
-CVE-2007-6464
+CVE-2007-6464 (Multiple PHP remote file inclusion vulnerabilities in Form tools 1.5.0 ...)
 	NOT-FOR-US: Form tools
-CVE-2007-6463
+CVE-2007-6463 (Multiple cross-site scripting (XSS) vulnerabilities in the admin panel ...)
 	NOT-FOR-US: PHP Real Estate Classifieds
-CVE-2007-6462
+CVE-2007-6462 (SQL injection vulnerability in fullnews.php in PHP Real Estate Classif ...)
 	NOT-FOR-US: PHP Real Estate Classifieds
-CVE-2007-6461
+CVE-2007-6461 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Fl ...)
 	- flyspray <removed>
-CVE-2007-6460
+CVE-2007-6460 (Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Serv ...)
 	NOT-FOR-US: Anon Proxy Server
-CVE-2007-6459
+CVE-2007-6459 (Anon Proxy Server 0.100, and probably 0.101, allows remote attackers t ...)
 	NOT-FOR-US: Anon Proxy Server
-CVE-2007-6458
+CVE-2007-6458 (SQL injection vulnerability in shop/mainfile.php in 123tkShop 0.9.1 al ...)
 	NOT-FOR-US: 123tkShop
-CVE-2007-6457
+CVE-2007-6457 (Stack-based buffer overflow in the webmail feature in SurgeMail 38k4 a ...)
 	NOT-FOR-US: NetWin SurgeMail 38k4
-CVE-2007-6456
+CVE-2007-6456 (Unspecified vulnerability in OpenOffice.org code in Planamesa NeoOffic ...)
 	NOT-FOR-US: Planamesa NeoOffice
 	NOTE: referring to OpenOffice security team this is what is described in CVE-2007-4575 for OO
-CVE-2007-6455
+CVE-2007-6455 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ma ...)
 	NOT-FOR-US: Mambo
 	NOTE: Mambo is in experimental
-CVE-2007-6454
+CVE-2007-6454 (Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp ...)
 	{DSA-1583-1 DSA-1441-1}
 	- peercast 0.1218+svn20071220+2 (medium; bug #457300)
 	- gnome-peercast 0.5.4-1.2 (medium; bug #466539)
-CVE-2007-6453
+CVE-2007-6453 (Directory traversal vulnerability in raidenhttpd-admin/workspace.php i ...)
 	NOT-FOR-US: RaidenHTTPD
-CVE-2007-6452
+CVE-2007-6452 (Unspecified vulnerability in the benchmark reporting system in Google  ...)
 	- gwt 1.6.4-1 (low; bug #563542)
-CVE-2007-6451
+CVE-2007-6451 (Unspecified vulnerability in the CIP dissector in Wireshark (formerly  ...)
 	{DSA-1446-1 DTSA-104-1}
 	- wireshark 0.99.7-1
 	- ethereal <removed>
-CVE-2007-6450
+CVE-2007-6450 (The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 all ...)
 	{DSA-1446-1 DTSA-104-1}
 	- wireshark 0.99.7-1
 	- ethereal <removed>
@@ -758,146 +758,146 @@ CVE-2007-6443
 	REJECTED
 CVE-2007-6442
 	REJECTED
-CVE-2007-6441
+CVE-2007-6441 (The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows rem ...)
 	{DTSA-104-1}
 	- wireshark 0.99.7-1
 	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.99.6)
 	[etch] - wireshark <not-affected> (vulnerable code introduced in 0.99.6)
 CVE-2007-6440
 	REJECTED
-CVE-2007-6439
+CVE-2007-6439 (Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause  ...)
 	{DTSA-104-1}
 	- wireshark 0.99.7-1
 	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.99.6)
 	[etch] - wireshark <not-affected> (vulnerable code introduced in 0.99.6)
-CVE-2007-6438
+CVE-2007-6438 (Unspecified vulnerability in the SMB dissector in Wireshark (formerly  ...)
 	{DTSA-104-1}
 	- wireshark 0.99.7-1
 	[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.99.6)
 	[etch] - wireshark <not-affected> (vulnerable code introduced in 0.99.6)
-CVE-2007-6437
+CVE-2007-6437 (Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows rem ...)
 	{DSA-1464-1 DTSA-105-1}
 	- syslog-ng 2.0.6-1 (low; bug #457334)
 	[sarge] - syslog-ng <not-affected> (Vulnerable code not present)
-CVE-2007-6436
+CVE-2007-6436 (Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, ...)
 	NOT-FOR-US: JustSystems
-CVE-2007-6435
+CVE-2007-6435 (Stack-based buffer overflow in Novell GroupWise before 6.5.7, when HTM ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2007-6434
+CVE-2007-6434 (Linux kernel 2.6.23 allows local users to create low pages in virtual  ...)
 	- linux-2.6 2.6.23-2
 	[etch] - linux-2.6 <not-affected> (Only Linux 2.6.23 and above affected)
-CVE-2007-6433
+CVE-2007-6433 (The getRenderedEjbql method in the org.jboss.seam.framework.Query clas ...)
 	- jbosseam <itp> (bug #451956)
-CVE-2007-6432
+CVE-2007-6432 (Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 an ...)
 	NOT-FOR-US: Adobe PageMaker
-CVE-2007-6431
+CVE-2007-6431 (Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5,  ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2007-6430
+CVE-2007-6430 (Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and  ...)
 	{DSA-1525-1}
 	- asterisk 1:1.4.16.2~dfsg-1 (low; bug #457063)
 	[etch] - asterisk <no-dsa> (Minor issue, eventually fix in a later DSA)
 	[sarge] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2007-6429
+CVE-2007-6429 (Multiple integer overflows in X.Org Xserver before 1.4.1 allow context ...)
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
-CVE-2007-6428
+CVE-2007-6428 (The ProcGetReservedColormapEntries function in the TOG-CUP extension i ...)
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
-CVE-2007-6427
+CVE-2007-6427 (The XInput extension in X.Org Xserver before 1.4.1 allows context-depe ...)
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
-CVE-2007-6426
+CVE-2007-6426 (Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and pos ...)
 	NOT-FOR-US: EMC RepliStor
-CVE-2007-6425
+CVE-2007-6425 (Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transpor ...)
 	NOT-FOR-US: HP-UX
-CVE-2007-6424
+CVE-2007-6424 (registry.pl in Fonality Trixbox 2.0 PBX products, when running in cert ...)
 	NOT-FOR-US: Fonality Trixbox
 CVE-2007-6423
 	- apache2 <not-affected> (disputed / only for Windows)
-CVE-2007-6422
+CVE-2007-6422 (The balancer_handler function in mod_proxy_balancer in the Apache HTTP ...)
 	- apache2 2.2.8-1 (low)
 	[sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2)
 	[etch] - apache2 2.2.3-4+etch4 (low)
-CVE-2007-6421
+CVE-2007-6421 (Cross-site scripting (XSS) vulnerability in balancer-manager in mod_pr ...)
 	- apache2 2.2.8-1 (low)
 	[sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2)
 	[etch] - apache2 2.2.3-4+etch4 (low)
-CVE-2007-6420
+CVE-2007-6420 (Cross-site request forgery (CSRF) vulnerability in the balancer-manage ...)
 	- apache2 2.2.9-1 (low)
 	[etch] - apache2 <no-dsa> (minor issue)
 	[sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2)
 	NOTE: Won't be fixed in etch.
-CVE-2007-6419
+CVE-2007-6419 (Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.2 ...)
 	NOT-FOR-US: HP-UX
-CVE-2007-6417
+CVE-2007-6417 (The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through ...)
 	{DSA-1436-1}
 	- linux-2.6 2.6.23-2
-CVE-2007-6416
+CVE-2007-6416 (The copy_to_user function in the PAL emulation functionality for Xen 3 ...)
 	- xen-unstable <not-affected> (We only have xen for i386 and amd64)
 	- xen-3 <not-affected> (We only have xen for i386 and amd64)
 	- xen-3.0 <not-affected> (We only have xen for i386 and amd64)
-CVE-2007-6415
+CVE-2007-6415 (scponly 4.6 and earlier allows remote authenticated users to bypass in ...)
 	{DSA-1473-1}
 	- scponly 4.6-1.2 (high)
-CVE-2007-6414
+CVE-2007-6414 (admin/administrator.php in Adult Script 1.6 and earlier sends a redire ...)
 	NOT-FOR-US: Adult ScriptAdult Script
-CVE-2007-6413
+CVE-2007-6413 (Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later 120 ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-6412
+CVE-2007-6412 (Direct static code injection vulnerability in wiki/index.php in Bitwea ...)
 	NOT-FOR-US: Bitweaver
-CVE-2007-6411
+CVE-2007-6411 (Multiple buffer overflows in the HandleEmotsConfig function in the GG  ...)
 	NOT-FOR-US: Gadu-Gadu client
-CVE-2007-6410
+CVE-2007-6410 (Gadu-Gadu does not properly perform protocol handling, which allows re ...)
 	NOT-FOR-US: Gadu-Gadu client
-CVE-2007-6409
+CVE-2007-6409 (The gg protocol handler in Gadu-Gadu, when this product is installed b ...)
 	NOT-FOR-US: Gadu-Gadu client
-CVE-2007-6408
+CVE-2007-6408 (IBM Tivoli Provisioning Manager Express provides unspecified informati ...)
 	NOT-FOR-US: IBM Tivoli Provisioning Manager Express
-CVE-2007-6407
+CVE-2007-6407 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Prov ...)
 	NOT-FOR-US: IBM Tivoli Provisioning Manager Express
-CVE-2007-6406
+CVE-2007-6406 (Multiple cross-site scripting (XSS) vulnerabilities in CA (formerly Co ...)
 	NOT-FOR-US: CA eTrust Threat Management Console
-CVE-2007-6405
+CVE-2007-6405 (Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows ...)
 	NOT-FOR-US: Simple HTTPD
-CVE-2007-6404
+CVE-2007-6404 (Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttp ...)
 	NOT-FOR-US: Simple HTTPD
-CVE-2007-6403
+CVE-2007-6403 (Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assist ...)
 	NOT-FOR-US: Winamp
-CVE-2007-6402
+CVE-2007-6402 (Stack-based buffer overflow in mplayerc.exe in Media Player Classic (M ...)
 	NOT-FOR-US: Media Player Classic
-CVE-2007-6401
+CVE-2007-6401 (Stack-based buffer overflow in mplayer2.exe in Microsoft Windows Media ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2007-6400
+CVE-2007-6400 (Directory traversal vulnerability in download_file.php in PolDoc CMS ( ...)
 	NOT-FOR-US: PolDoc CMS
-CVE-2007-6399
+CVE-2007-6399 (index.php in Flat PHP Board 1.2 and earlier allows remote authenticate ...)
 	NOT-FOR-US: Flat PHP Board
-CVE-2007-6398
+CVE-2007-6398 (Flat PHP Board 1.2 and earlier allows remote attackers to bypass authe ...)
 	NOT-FOR-US: Flat PHP Board
-CVE-2007-6397
+CVE-2007-6397 (Multiple directory traversal vulnerabilities in index.php in Flat PHP  ...)
 	NOT-FOR-US: Flat PHP Board
-CVE-2007-6396
+CVE-2007-6396 (Direct static code injection vulnerability in index.php in Flat PHP Bo ...)
 	NOT-FOR-US: Flat PHP Board
-CVE-2007-6395
+CVE-2007-6395 (Flat PHP Board 1.2 and earlier stores sensitive information under the  ...)
 	NOT-FOR-US: Flat PHP Board
-CVE-2007-6394
+CVE-2007-6394 (SQL injection vulnerability in index.php in Content Injector 1.53 allo ...)
 	NOT-FOR-US: Content Injector
-CVE-2007-6393
+CVE-2007-6393 (SQL injection vulnerability in albums.php in Ace Image Hosting Script  ...)
 	NOT-FOR-US: Ace Image Hosting Script
-CVE-2007-6392
+CVE-2007-6392 (SQL injection vulnerability in DWdirectory 2.1 and earlier allows remo ...)
 	NOT-FOR-US: DWdirectory
-CVE-2007-6391
+CVE-2007-6391 (SQL injection vulnerability in patch/comments.php in SH-News 3.0 allow ...)
 	NOT-FOR-US: SH-News
-CVE-2007-6390
+CVE-2007-6390 (Cross-site request forgery (CSRF) vulnerability in the mycalendar plug ...)
 	- serendipity <not-affected> (This is an external plugin not included in our packages)
-CVE-2007-6389
+CVE-2007-6389 (The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 mig ...)
 	- gnome-screensaver 2.22.0-1 (low; bug #455484)
 	[etch] - gnome-screensaver <no-dsa> (Minor issue)
-CVE-2007-6388
+CVE-2007-6388 (Cross-site scripting (XSS) vulnerability in mod_status in the Apache H ...)
 	- apache <removed> (low)
 	- apache2 2.2.8-1 (low)
 	[etch] - apache2 2.2.3-4+etch6
 	[etch] - apache 1.3.34-4.1+etch1
-CVE-2007-6358
+CVE-2007-6358 (pdftops.pl before 1.20 in alternate pdftops filter allows local users  ...)
 	{DSA-1437-1}
 	- cups 1.3.5-1 (low; bug #456960)
 	- cupsys 1.3.5-1 (low; bug #456960)
@@ -905,535 +905,535 @@ CVE-2007-6358
 	NOTE: the debian package is a bit confusing here as it also ships a pdftops
 	NOTE: wrapper script as an example but the original script is installed
 	NOTE: under /usr/lib/cups/filters
-CVE-2007-6356
+CVE-2007-6356 (exiftags before 1.01 allows attackers to cause a denial of service (in ...)
 	{DSA-1533-2 DSA-1533-1}
 	- exiftags 1.01-0.1 (low; bug #457062)
-CVE-2007-6355
+CVE-2007-6355 (Integer overflow in exiftags before 1.01 has unknown impact and attack ...)
 	{DSA-1533-2 DSA-1533-1}
 	- exiftags 1.01-0.1 (bug #457062)
-CVE-2007-6354
+CVE-2007-6354 (Unspecified vulnerability in exiftags before 1.01 has unknown impact a ...)
 	{DSA-1533-2 DSA-1533-1}
 	- exiftags 1.01-0.1 (bug #457062)
-CVE-2007-6352
+CVE-2007-6352 (Integer overflow in libexif 0.6.16 and earlier allows context-dependen ...)
 	{DSA-1487-1}
 	- libexif 0.6.16-2.1 (medium; bug #457330)
-CVE-2007-6351
+CVE-2007-6351 (libexif 0.6.16 and earlier allows context-dependent attackers to cause ...)
 	{DSA-1487-1}
 	- libexif 0.6.16-2.1 (low; bug #457330)
-CVE-2007-6349
+CVE-2007-6349 (P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windo ...)
 	NOT-FOR-US: P4Web
-CVE-2007-6418
+CVE-2007-6418 (The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQ ...)
 	{DSA-1501-1}
 	- dspam 3.6.8-5.1 (low; bug #448519)
-CVE-2007-6387
+CVE-2007-6387 (Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 Acti ...)
 	NOT-FOR-US: Vantage Linguistics AnswerWorks ActiveX
-CVE-2007-6386
+CVE-2007-6386 (Stack-based buffer overflow in PccScan.dll before build 1451 in Trend  ...)
 	NOT-FOR-US: Trend Micro AntiVirus
-CVE-2007-6385
+CVE-2007-6385 (The proxy server in Kerio WinRoute Firewall before 6.4.1 does not prop ...)
 	NOT-FOR-US: Kerio WinRoute Firewall
-CVE-2007-6384
+CVE-2007-6384 (Unspecified vulnerability in the Image Converter functionality in BEA  ...)
 	NOT-FOR-US: BEA WebLogic Mobility Server
-CVE-2007-6383
+CVE-2007-6383 (The DAV component in Chandler Server (Cosmo) before 0.10.1 does not ch ...)
 	NOT-FOR-US: Chandler
-CVE-2007-6382
+CVE-2007-6382 (The Event Dispatch Thread in Robocode before 1.5.1 allows remote attac ...)
 	NOT-FOR-US: Robocode
-CVE-2007-6381
+CVE-2007-6381 (SQL injection vulnerability in the indexed_search system extension in  ...)
 	{DSA-1439-1}
 	- typo3-src 4.1.5-1 (low; bug #457446)
 	NOTE: you need to be a logged in backend user to exploit this
-CVE-2007-6380
+CVE-2007-6380 (Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08, and 1 ...)
 	NOT-FOR-US: e-Xoops
-CVE-2007-6379
+CVE-2007-6379 (BadBlue 2.72b and earlier allows remote attackers to obtain sensitive  ...)
 	NOT-FOR-US: BadBlue
-CVE-2007-6378
+CVE-2007-6378 (Directory traversal vulnerability in upload.dll in BadBlue 2.72b and e ...)
 	NOT-FOR-US: BadBlue
-CVE-2007-6377
+CVE-2007-6377 (Stack-based buffer overflow in the PassThru functionality in ext.dll i ...)
 	NOT-FOR-US: BadBlue
-CVE-2007-6376
+CVE-2007-6376 (Directory traversal vulnerability in autohtml.php in Francisco Burzi P ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-6375
+CVE-2007-6375 (Multiple SQL injection vulnerabilities in Bitweaver 2.0.0 and earlier  ...)
 	NOT-FOR-US: Bitweaver
-CVE-2007-6374
+CVE-2007-6374 (Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 2.0.0 ...)
 	NOT-FOR-US: Bitweaver
-CVE-2007-6373
+CVE-2007-6373 (Multiple SQL injection vulnerabilities in GestDown 1.00 Beta allow rem ...)
 	NOT-FOR-US: GestDown
-CVE-2007-6372
+CVE-2007-6372 (Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remo ...)
 	NOT-FOR-US: JUNOS
-CVE-2007-6371
+CVE-2007-6371 (Nokia N95 cell phone with RM-159 12.0.013 firmware allows remote attac ...)
 	NOT-FOR-US: Nokia N95
 CVE-2007-6370
 	REJECTED
-CVE-2007-6369
+CVE-2007-6369 (Multiple directory traversal vulnerabilities in resize.php in the Pict ...)
 	NOT-FOR-US: PictPress
-CVE-2007-6368
+CVE-2007-6368 (Directory traversal vulnerability in index.php in ezContents 1.4.5 all ...)
 	NOT-FOR-US: ezContents
-CVE-2007-6367
+CVE-2007-6367 (Multiple cross-site scripting (XSS) vulnerabilities in the guestbook i ...)
 	NOT-FOR-US: SineCMS
-CVE-2007-6366
+CVE-2007-6366 (Multiple SQL injection vulnerabilities in SineCMS 2.3.4 and earlier al ...)
 	NOT-FOR-US: SineCMS
-CVE-2007-6365
+CVE-2007-6365 (Cross-site scripting (XSS) vulnerability in modules/ecal/display.php i ...)
 	NOT-FOR-US: bcoos
-CVE-2007-6364
+CVE-2007-6364 (Cross-site scripting (XSS) vulnerability in modificarPerfil.php in JLM ...)
 	NOT-FOR-US: JLMForo System
-CVE-2007-6363
+CVE-2007-6363 (IBM Tivoli Netcool Security Manager 1.3.0 before Interim Fix 1, when u ...)
 	NOT-FOR-US: IBM Tivoli Netcool Security Manager
-CVE-2007-6362
+CVE-2007-6362 (SQL injection vulnerability in index.php in the RSGallery (com_rsgalle ...)
 	NOT-FOR-US: RSGallery
-CVE-2007-6361
+CVE-2007-6361 (Gekko 0.8.2 and earlier stores sensitive information under the web roo ...)
 	NOT-FOR-US: Gekko
-CVE-2007-6360
+CVE-2007-6360 (Unspecified vulnerability in the Sun eXtended System Control Facility  ...)
 	NOT-FOR-US: Sun eXtended System Control Facility
-CVE-2007-6359
+CVE-2007-6359 (The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-6357
+CVE-2007-6357 (Stack-based buffer overflow in Microsoft Office Access allows remote,  ...)
 	NOT-FOR-US: Microsoft Office Access
-CVE-2007-6353
+CVE-2007-6353 (Integer overflow in exif.cpp in exiv2 library allows context-dependent ...)
 	{DSA-1474-1}
 	- exiv2 0.15-2 (medium; bug #456760)
-CVE-2007-6350
+CVE-2007-6350 (scponly 4.6 and earlier allows remote authenticated users to bypass in ...)
 	{DSA-1473-1}
 	- scponly 4.6-1.1 (high; bug #437148)
-CVE-2007-6348
+CVE-2007-6348 (SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net befo ...)
 	- squirrelmail <not-affected> (Compromised packages were never in Debian)
-CVE-2007-6347
+CVE-2007-6347 (PHP remote file inclusion vulnerability in blocks/block_site_map.php i ...)
 	NOT-FOR-US: ViArt, CMS, HelpDesk, Shop Evaluation, Shop Free
-CVE-2007-6346
+CVE-2007-6346 (Cross-site scripting (XSS) vulnerability in Rainboard before 2.10 allo ...)
 	NOT-FOR-US: Rainboard
-CVE-2007-6345
+CVE-2007-6345 (SQL injection vulnerability in aurora framework before 20071208 allows ...)
 	NOT-FOR-US: aurora
-CVE-2007-6344
+CVE-2007-6344 (Directory traversal vulnerability in modules/cms/index.php in Mcms Eas ...)
 	NOT-FOR-US: Mcms Easy Web Make
-CVE-2007-6343
+CVE-2007-6343 (Cross-site scripting (XSS) vulnerability in HP OpenView Network Node M ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2007-6342
+CVE-2007-6342 (SQL injection vulnerability in the David Castro AuthCAS module (AuthCA ...)
 	NOT-FOR-US: Apache AuthCAS module
-CVE-2007-6341
+CVE-2007-6341 (Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such a ...)
 	{DSA-1515-1}
 	- libnet-dns-perl 0.63-1 (low; bug #457445)
 	NOTE: maybe this should be unimportant as applications using net-dns should handle this croak
-CVE-2007-6340
+CVE-2007-6340 (Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream ciph ...)
 	NOT-FOR-US: Geert Moernaut LSrunasE and Supercrypt
-CVE-2007-6339
+CVE-2007-6339 (The Akamai Download Manager (aka DLM or dlmanager) ActiveX control (Do ...)
 	NOT-FOR-US: Akamai Download Manager
-CVE-2007-6338
+CVE-2007-6338 (SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill E ...)
 	NOT-FOR-US: Trivantis CourseMill Enterprise Learning Management System
-CVE-2007-6337
+CVE-2007-6337 (Unspecified vulnerability in the bzip2 decompression algorithm in nsis ...)
 	{DTSA-101-1}
 	- clamav 0.92~dfsg-1~volatile2
 	[sarge] - clamav <not-affected> (Vulnerable code not present)
 	[etch] - clamav <not-affected> (Vulnerable code not present)
-CVE-2007-6336
+CVE-2007-6336 (Off-by-one error in ClamAV before 0.92 allows remote attackers to exec ...)
 	{DSA-1435-1 DTSA-101-1}
 	- clamav 0.92~dfsg-1~volatile2
 	[sarge] - clamav <not-affected> (Vulnerable code not present)
-CVE-2007-6335
+CVE-2007-6335 (Integer overflow in libclamav in ClamAV before 0.92 allows remote atta ...)
 	{DSA-1435-1 DTSA-101-1}
 	- clamav 0.92~dfsg-1~volatile2
 	[sarge] - clamav <not-affected> (Vulnerable code not present)
-CVE-2007-6334
+CVE-2007-6334 (Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and pos ...)
 	NOT-FOR-US: Ingres on Windows
-CVE-2007-6333
+CVE-2007-6333 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shippe ...)
 	NOT-FOR-US: HP Info Center / HP Quick Launch Buttons
-CVE-2007-6332
+CVE-2007-6332 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shippe ...)
 	NOT-FOR-US: HP Info Center HP Quick Launch Buttons
-CVE-2007-6331
+CVE-2007-6331 (Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 Active ...)
 	NOT-FOR-US: HP Info Center / HP Quick Launch Buttons
-CVE-2007-6330
+CVE-2007-6330 (Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames ...)
 	NOT-FOR-US: Meridian Prolog Manager
-CVE-2007-6329
+CVE-2007-6329 (Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not sig ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2007-6328
 	- dosbox 0.72-1 (unimportant; bug #458950)
 	NOTE: this is not a security issue, its a feature of dosbox and the first
 	NOTE: thing documented in the manpage
-CVE-2007-6327
+CVE-2007-6327 (Buffer overflow in a certain ActiveX control in Online Media Technolog ...)
 	NOT-FOR-US: Online Media Technologies
-CVE-2007-6326
+CVE-2007-6326 (Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote attac ...)
 	NOT-FOR-US: Simple HTTPD
-CVE-2007-6325
+CVE-2007-6325 (PHP remote file inclusion vulnerability in adminbereich/designconfig.p ...)
 	NOT-FOR-US: Fastpublish
-CVE-2007-6324
+CVE-2007-6324 (PHP remote file inclusion vulnerability in head.php in CityWriter 0.9. ...)
 	NOT-FOR-US: CityWriter
-CVE-2007-6323
+CVE-2007-6323 (Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 al ...)
 	NOT-FOR-US: MMS Gallery PHP
-CVE-2007-6322
+CVE-2007-6322 (Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 ...)
 	NOT-FOR-US: xml2owl
-CVE-2007-6320
+CVE-2007-6320 (Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does n ...)
 	NOT-FOR-US: Feature (third party drupal module)
-CVE-2007-6319
+CVE-2007-6319 (Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8 ...)
 	NOT-FOR-US: Lyris ListManager
-CVE-2007-6318
+CVE-2007-6318 (SQL injection vulnerability in wp-includes/query.php in WordPress 2.3. ...)
 	- wordpress 2.3.2-1 (low; bug #459305)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: Patch: https://bugs.edge.launchpad.net/ubuntu/+source/wordpress/+bug/181416
-CVE-2007-6317
+CVE-2007-6317 (Multiple directory traversal vulnerabilities in BarracudaDrive Web Ser ...)
 	NOT-FOR-US: BarracudaDrive
-CVE-2007-6316
+CVE-2007-6316 (Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server  ...)
 	NOT-FOR-US: BarracudaDrive
-CVE-2007-6315
+CVE-2007-6315 (Group Chat in BarracudaDrive Web Server before 3.8 allows remote authe ...)
 	NOT-FOR-US: BarracudaDrive
-CVE-2007-6314
+CVE-2007-6314 (BarracudaDrive Web Server before 3.8 allows remote attackers to read t ...)
 	NOT-FOR-US: BarracudaDrive
-CVE-2007-6313
+CVE-2007-6313 (MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check ...)
 	- mysql-dfsg-5.0 <not-affected> (this only affects >= 5.1.x, update for experimental is on its way)
 	- mysql-dfsg-4.1 <removed>
-CVE-2007-6312
+CVE-2007-6312 (Cross-site scripting (XSS) vulnerability in the logon page in Web Repo ...)
 	NOT-FOR-US: Web Security Suite
-CVE-2007-6311
+CVE-2007-6311 (SQL injection vulnerability in (1) index.php, and possibly (2) admin/i ...)
 	NOT-FOR-US: Falt4Extreme
-CVE-2007-6310
+CVE-2007-6310 (Multiple cross-site scripting (XSS) vulnerabilities in Falt4Extreme RC ...)
 	NOT-FOR-US: Falt4Extreme
-CVE-2007-6309
+CVE-2007-6309 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in we ...)
 	NOT-FOR-US: webSPELL
-CVE-2007-6308
+CVE-2007-6308 (Cross-site scripting (XSS) vulnerability in HttpLogger 0.8.1 allows re ...)
 	NOT-FOR-US: HttpLogger
-CVE-2007-6307
+CVE-2007-6307 (Multiple cross-site scripting (XSS) vulnerabilities in clickstats.php  ...)
 	NOT-FOR-US: wwwstats
-CVE-2007-6306
+CVE-2007-6306 (Multiple cross-site scripting (XSS) vulnerabilities in the image map f ...)
 	- libjfreechart-java 1.0.9-1 (low; bug #456148)
 	[sarge] - libjfreechart-java <no-dsa> (Contrib not supported)
-CVE-2007-6305
+CVE-2007-6305 (Multiple unspecified vulnerabilities in IBM Hardware Management Consol ...)
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2007-6302
+CVE-2007-6302 (Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3 ...)
 	NOT-FOR-US: Novell NetMail
-CVE-2007-6301
+CVE-2007-6301 (Cross-site scripting (XSS) vulnerability in compose.php in OpenNewslet ...)
 	NOT-FOR-US: OpenNewsletter
-CVE-2007-6300
+CVE-2007-6300 (Cross-site request forgery (CSRF) vulnerability in Fusion News 3.9.0 a ...)
 	NOT-FOR-US: Fusion News
-CVE-2007-6298
+CVE-2007-6298 (Cross-site scripting (XSS) vulnerability in the Shoutbox module for Dr ...)
 	NOT-FOR-US: shoutbox (third party module for Drupal)
-CVE-2007-6297
+CVE-2007-6297 (Multiple cross-site scripting (XSS) vulnerabilities in PHPMyChat 0.14. ...)
 	NOT-FOR-US: PHPMyChat
-CVE-2007-6296
+CVE-2007-6296 (PHP remote file inclusion vulnerability in users_popupL.php3 in phpMyC ...)
 	NOT-FOR-US: PHPMyChat
-CVE-2007-6295
+CVE-2007-6295 (Cross-site scripting (XSS) vulnerability in the WebRunMenuFrame page i ...)
 	NOT-FOR-US: IBM Lotus Sametime
-CVE-2007-6294
+CVE-2007-6294 (Multiple unspecified vulnerabilities in IBM Hardware Management Consol ...)
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2007-6293
+CVE-2007-6293 (Multiple unspecified vulnerabilities in IBM Hardware Management Consol ...)
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2007-6292
+CVE-2007-6292 (SQL injection vulnerability in leggi_commenti.asp in MWOpen 1.4 and ea ...)
 	NOT-FOR-US: MWOpen
-CVE-2007-6291
+CVE-2007-6291 (SQL injection vulnerability in abm.aspx in Xigla Absolute Banner Manag ...)
 	NOT-FOR-US: Xigla Absolute Banner Manager .NET
-CVE-2007-6290
+CVE-2007-6290 (Multiple directory traversal vulnerabilities in js/get_js.php in SERWe ...)
 	NOT-FOR-US: SERWeb
-CVE-2007-6289
+CVE-2007-6289 (Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev ...)
 	NOT-FOR-US: SERWeb
-CVE-2007-6288
+CVE-2007-6288 (Multiple SQL injection vulnerabilities in TCExam before 5.1.000 allow  ...)
 	NOT-FOR-US: TCExam
-CVE-2007-6287
+CVE-2007-6287 (Cross-site scripting (XSS) vulnerability in the login page in Lxlabs H ...)
 	NOT-FOR-US: HyperVM
-CVE-2007-6286
+CVE-2007-6286 (Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the ...)
 	- tomcat5.5 <not-affected> (Does not use apr connector)
 	- tomcat5 <removed>
-CVE-2007-6285
+CVE-2007-6285 (The default configuration for autofs 5 (autofs5) in some Linux distrib ...)
 	- autofs <not-affected> (-hosts feature not present, auto.net has nosuid,nodev)
 	- autofs5 5.0.3-1
 	NOTE: for autofs5 see 12disable_default_auto_master.dpatch
-CVE-2007-6284
+CVE-2007-6284 (The xmlCurrentChar function in libxml2 before 2.6.31 allows context-de ...)
 	{DSA-1461-1}
 	- libxml2 2.6.30.dfsg-3.1 (medium; bug #460292)
 	- libxml 1.8.17-14.1 (medium)
-CVE-2007-6283
+CVE-2007-6283 (Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key f ...)
 	- bind9 <not-affected> (On Debian this file is rw for user bind and just readable for group bind)
-CVE-2007-6282
+CVE-2007-6282 (The IPsec implementation in Linux kernel before 2.6.25 allows remote r ...)
 	{DSA-1630-1}
 	- linux-2.6 2.6.25-1
 	- linux-2.6.24 2.6.24-6~etchnhalf.4
 	NOTE: Upstream commit 920fc941a9617f95ccb283037fe6f8a38d95bb69
-CVE-2007-6281
+CVE-2007-6281 (Heap-based buffer overflow in Open File Manager service (ofmnt.exe) in ...)
 	NOT-FOR-US: St. Bernard Open File Manager
-CVE-2007-6304
+CVE-2007-6304 (The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.2 ...)
 	{DSA-1451-1}
 	- mysql-dfsg-5.0 5.0.45-5 (low; bug #455737)
 	- mysql-dfsg-4.1 <removed>
-CVE-2007-6303
+CVE-2007-6303 (MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0. ...)
 	- mysql-dfsg-5.0 5.0.45-5 (low; bug #455737)
 	- mysql-dfsg-4.1 <removed>
 	[etch] - mysql-dfsg-5.0 <not-affected> (Vulnerable code introduced after 5.0.32)
-CVE-2007-6299
+CVE-2007-6299 (Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x be ...)
 	- drupal5 5.5-1
 	- drupal 4.7.10-1
-CVE-2007-6321
+CVE-2007-6321 (Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2,  ...)
 	- roundcube 0.1~rc2-6 (low; bug #455840)
 	NOTE: http://seclists.org/bugtraq/2007/Dec/0107.html
 CVE-2007-6280
 	RESERVED
-CVE-2007-6279
+CVE-2007-6279 (Multiple double free vulnerabilities in Free Lossless Audio Codec (FLA ...)
 	- flac 1.2.1-1 (unimportant)
 	NOTE: According to upstream this issue is not exploitable for code injection
 	NOTE: due to the layout of the seektable memory
-CVE-2007-6278
+CVE-2007-6278 (Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows user-assi ...)
 	- flac 1.2.1-1 (unimportant)
 	NOTE: Such validations are within the responsibility of the respective applications
-CVE-2007-6277
+CVE-2007-6277 (Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC  ...)
 	{DSA-1469-1}
 	- flac 1.2.1-1
-CVE-2007-6276
+CVE-2007-6276 (The accept_connections function in the virtual private network daemon  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-6275
+CVE-2007-6275 (SQL injection vulnerability in modules/adresses/ratefile.php in bcoos  ...)
 	NOT-FOR-US: bcoos
-CVE-2007-6274
+CVE-2007-6274 (Multiple cross-site scripting (XSS) vulnerabilities in modules/ecal/di ...)
 	NOT-FOR-US: bcoos
-CVE-2007-6273
+CVE-2007-6273 (Multiple format string vulnerabilities in the configuration file in So ...)
 	NOT-FOR-US: SonicWALL GLobal VPN Client
-CVE-2007-6272
+CVE-2007-6272 (Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-6271
+CVE-2007-6271 (Absolute News Manager.NET 5.1 allows remote attackers to obtain sensit ...)
 	NOT-FOR-US: Absolute News Manager.NET
-CVE-2007-6270
+CVE-2007-6270 (Multiple cross-site scripting (XSS) vulnerabilities in Absolute News M ...)
 	NOT-FOR-US: Absolute News Manager.NET
-CVE-2007-6269
+CVE-2007-6269 (Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in Absolu ...)
 	NOT-FOR-US: Absolute News Manager.NET
-CVE-2007-6268
+CVE-2007-6268 (Directory traversal vulnerability in pages/default.aspx in Absolute Ne ...)
 	NOT-FOR-US: Absolute News Manager.NET
-CVE-2007-6267
+CVE-2007-6267 (Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 an ...)
 	NOT-FOR-US: Citrix EdgeSight
-CVE-2007-6266
+CVE-2007-6266 (Multiple SQL injection vulnerabilities in bcoos 1.0.10 and earlier all ...)
 	NOT-FOR-US: bcoos
-CVE-2007-6265
+CVE-2007-6265 (Unspecified vulnerability in avast! 4 Home and Professional Editions b ...)
 	NOT-FOR-US: avast!
 CVE-2007-6264
 	RESERVED
-CVE-2007-6263
+CVE-2007-6263 (The dataconn function in ftpd.c in netkit ftpd (netkit-ftpd) 0.17, whe ...)
 	- linux-ftpd-ssl 0.17.18+0.3-9.1 (low; bug #454733)
 	[sarge] - linux-ftpd-ssl <no-dsa> (Minor issue)
 	[etch] - linux-ftpd-ssl <no-dsa> (Minor issue)
-CVE-2007-6262
+CVE-2007-6262 (A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0. ...)
 	- vlc <not-affected> (Windows only issue)
-CVE-2007-6261
+CVE-2007-6261 (Integer overflow in the load_threadstack function in the Mach-O loader ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-6260
+CVE-2007-6260 (The installation process for Oracle 10g and llg uses accounts with def ...)
 	NOT-FOR-US: Oracle
 CVE-2007-6259
 	RESERVED
-CVE-2007-6258
+CVE-2007-6258 (Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV  ...)
 	- libapache2-mod-jk2 2.0.4-1
 CVE-2007-6257
 	RESERVED
 CVE-2007-6256
 	REJECTED
-CVE-2007-6255
+CVE-2007-6255 (Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBE ...)
 	NOT-FOR-US: Microsoft HRTBEAT.OCX
-CVE-2007-6254
+CVE-2007-6254 (Stack-based buffer overflow in the SAP Business Objects BusinessObject ...)
 	NOT-FOR-US: SAP
-CVE-2007-6253
+CVE-2007-6253 (Multiple buffer overflows in Adobe Form Designer 5.0 and Form Client 5 ...)
 	NOT-FOR-US: Adobe Form Designer
-CVE-2007-6252
+CVE-2007-6252 (Multiple stack-based buffer overflows in the Learn2 Corporation STRunn ...)
 	NOT-FOR-US: Street Technologies
 CVE-2007-6251
 	RESERVED
-CVE-2007-6250
+CVE-2007-6250 (Stack-based buffer overflow in AOL AOLMediaPlaybackControl (AOLMediaPl ...)
 	NOT-FOR-US: AmpX ActiveX control
-CVE-2007-6249
+CVE-2007-6249 (etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the um ...)
 	NOT-FOR-US: Gentoo portage
 CVE-2007-6248
 	RESERVED
 CVE-2007-6247
 	REJECTED
-CVE-2007-6246
+CVE-2007-6246 (Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up  ...)
 	- flashplugin-nonfree 9.0.115.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2007-6245
+CVE-2007-6245 (Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up  ...)
 	- flashplugin-nonfree 9.0.115.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2007-6244
+CVE-2007-6244 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Pla ...)
 	- flashplugin-nonfree 9.0.115.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2007-6243
+CVE-2007-6243 (Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up  ...)
 	- flashplugin-nonfree 9.0.115.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2007-6242
+CVE-2007-6242 (Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier m ...)
 	- flashplugin-nonfree 9.0.115.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2007-6241
+CVE-2007-6241 (Multiple unspecified vulnerabilities in Beehive Forum 0.7.1 have unkno ...)
 	NOT-FOR-US: Beehive Forum
-CVE-2007-6240
+CVE-2007-6240 (SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06  ...)
 	NOT-FOR-US: Snitz Forums
-CVE-2007-6239
+CVE-2007-6239 (The "cache update reply processing" functionality in Squid 2.x before  ...)
 	{DSA-1646-2 DSA-1482-1}
 	- squid 2.6.17-1 (medium; bug #455910)
-CVE-2007-6238
+CVE-2007-6238 (Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-6237
+CVE-2007-6237 (cp.php in DeluxeBB 1.09 does not verify that the membercookie paramete ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2007-6236
+CVE-2007-6236 (Microsoft Windows Media Player (WMP) allows remote attackers to cause  ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2007-6235
+CVE-2007-6235 (A certain ActiveX control in RealNetworks RealPlayer 11 allows remote  ...)
 	NOT-FOR-US: RealNetworks RealPlayer 11
-CVE-2007-6234
+CVE-2007-6234 (index.php in FTP Admin 0.1.0 allows remote attackers to bypass authent ...)
 	NOT-FOR-US: FTP Admin 0.1.0
-CVE-2007-6233
+CVE-2007-6233 (Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allo ...)
 	NOT-FOR-US: FTP Admin 0.1.0
-CVE-2007-6232
+CVE-2007-6232 (Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1 ...)
 	NOT-FOR-US: FTP Admin 0.1.0
-CVE-2007-6231
+CVE-2007-6231 (Multiple PHP remote file inclusion vulnerabilities in tellmatic 1.0.7  ...)
 	NOT-FOR-US: tellmatic
-CVE-2007-6230
+CVE-2007-6230 (Directory traversal vulnerability in common/classes/class_HeaderHandle ...)
 	NOT-FOR-US: Rayzz
-CVE-2007-6229
+CVE-2007-6229 (PHP remote file inclusion vulnerability in common/classes/class_Header ...)
 	NOT-FOR-US: Rayzz
-CVE-2007-6228
+CVE-2007-6228 (Stack-based buffer overflow in the Helper class in the yt.ythelper.2 A ...)
 	NOT-FOR-US: Yahoo! Toolbar
-CVE-2007-6227
+CVE-2007-6227 (QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating syst ...)
 	- qemu <not-affected> (Windows issue)
-CVE-2007-6226
+CVE-2007-6226 (The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Powe ...)
 	NOT-FOR-US: American Power Conversion (APC)
-CVE-2007-6225
+CVE-2007-6225 (Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used o ...)
 	NOT-FOR-US: Sun Solaris 10
-CVE-2007-6224
+CVE-2007-6224 (The RealNetworks RealAudioObjects.RealAudio ActiveX control in rmoc326 ...)
 	NOT-FOR-US: RealAudioObjects.RealAudio ActiveX
-CVE-2007-6223
+CVE-2007-6223 (SQL injection vulnerability in garage.php in phpBB Garage 1.2.0 Beta3  ...)
 	NOT-FOR-US: phpBB Garage
-CVE-2007-6222
+CVE-2007-6222 (The CheckCustomerAccess function in functions.php in CRM-CTT Interleav ...)
 	NOT-FOR-US: Interleave
-CVE-2007-6221
+CVE-2007-6221 (TuMusika Evolution 1.7R5 allows remote attackers to obtain configurati ...)
 	NOT-FOR-US: TuMusika
-CVE-2007-6220
+CVE-2007-6220 (typespeed before 0.6.4 allows remote attackers to cause a denial of se ...)
 	- typespeed 0.6.4-1 (unimportant; bug #454527)
-CVE-2007-6219
+CVE-2007-6219 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool Securit ...)
 	NOT-FOR-US: IBM Tivoli Netcool Security Manager
-CVE-2007-6218
+CVE-2007-6218 (Multiple PHP remote file inclusion vulnerabilities in Ossigeno CMS 2.2 ...)
 	NOT-FOR-US: Ossigeno CMS
-CVE-2007-6217
+CVE-2007-6217 (Multiple SQL injection vulnerabilities in login.asp in Irola My-Time ( ...)
 	NOT-FOR-US: Irola My-Time
-CVE-2007-6216
+CVE-2007-6216 (Race condition in the Fibre Channel protocol (fcp) driver and Devices  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-6215
+CVE-2007-6215 (Multiple directory traversal vulnerabilities in play.php in Web-MeetMe ...)
 	NOT-FOR-US: Web-MeetMe
-CVE-2007-6214
+CVE-2007-6214 (Directory traversal vulnerability in include/file_download.php in Lear ...)
 	NOT-FOR-US: LearnLoop
-CVE-2007-6213
+CVE-2007-6213 (Multiple directory traversal vulnerabilities in mod/chat/index.php in  ...)
 	NOT-FOR-US: WebED
-CVE-2007-6212
+CVE-2007-6212 (Directory traversal vulnerability in region.php in KML share 1.1 allow ...)
 	NOT-FOR-US: KML share
-CVE-2007-6207
+CVE-2007-6207 (Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not ...)
 	- xen-3 3.1.2-1
-CVE-2007-6206
+CVE-2007-6206 (The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x  ...)
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1436-1}
 	- linux-2.6 2.6.24-1
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, upstream in 2.6.24)
-CVE-2007-6205
+CVE-2007-6205 (Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plu ...)
 	{DSA-1528-1}
 	- serendipity 1.2.1-1 (low)
-CVE-2007-6204
+CVE-2007-6204 (Multiple stack-based buffer overflows in HP OpenView Network Node Mana ...)
 	NOT-FOR-US: HP OpenView
-CVE-2007-6203
+CVE-2007-6203 (Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method s ...)
 	- apache2 2.2.6-3 (low)
 	[sarge] - apache2 <no-dsa> (minor issue)
 	- apache <not-affected> (vulnerable code not present)
 	NOTE: Might be exploitable with older flash plugins via HTTP Request Splitting
 	[etch] - apache2 2.2.3-4+etch4
-CVE-2007-6208
+CVE-2007-6208 (sylprint.pl in claws mail tools (claws-mail-tools) allows local users  ...)
 	- claws-mail 3.1.0-2 (low; bug #454089)
-CVE-2007-6210
+CVE-2007-6210 (zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" script ...)
 	{DSA-1420-1 DTSA-93-1}
 	- zabbix 1:1.4.2-4 (bug #452682)
-CVE-2007-6202
+CVE-2007-6202 (SQL injection vulnerability in plugins/search/search.php in Neocrome S ...)
 	NOT-FOR-US: Neocrome Seditio CMS
-CVE-2007-6211
+CVE-2007-6211 (Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users  ...)
 	- sing 1.1-16 (low; bug #454167)
 	[etch] - sing 1.1-13etch1
 	[sarge] - sing 1.1-9sarge1
-CVE-2007-6209
+CVE-2007-6209 (Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary ...)
 	- zsh 4.3.4-dev-3-2 (low; bug #454073)
 	[etch] - zsh <no-dsa> (Minor issue)
 	[sarge] - zsh <no-dsa> (Minor issue)
-CVE-2007-6201
+CVE-2007-6201 (Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x bef ...)
 	- wesnoth 1:1.2.8-1 (low)
 	[etch] - wesnoth 1.2-4
 	[sarge] - wesnoth 0.9.0-8
-CVE-2007-6200
+CVE-2007-6200 (Unspecified vulnerability in rsync before 3.0.0pre6, when running a wr ...)
 	- rsync 2.6.9-6 (low; bug #453652)
 	[etch] - rsync <no-dsa> (Minor issue)
-CVE-2007-6199
+CVE-2007-6199 (rsync before 3.0.0pre6, when running a writable rsync daemon that is n ...)
 	- rsync 2.6.9-6 (unimportant; bug #453652)
 	NOTE: Security feature enhancement, not really a security problem
-CVE-2007-6198
+CVE-2007-6198 (portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction 5 ...)
 	NOT-FOR-US: Plumtree
-CVE-2007-6197
+CVE-2007-6197 (The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 a ...)
 	NOT-FOR-US: Plumtree
-CVE-2007-6196
+CVE-2007-6196 (Cross-site scripting (XSS) vulnerability in util.php in Calacode @Mail ...)
 	NOT-FOR-US: Calacode
-CVE-2007-6195
+CVE-2007-6195 (Buffer overflow in the sw_rpc_agent_init function in swagentd in Softw ...)
 	NOT-FOR-US: HP-UX
-CVE-2007-6194
+CVE-2007-6194 (Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 a ...)
 	NOT-FOR-US: HP Select Identity
-CVE-2007-6193
+CVE-2007-6193 (The web management interface in Citrix NetScaler 8.0 build 47.8 stores ...)
 	NOT-FOR-US: Citrix
-CVE-2007-6192
+CVE-2007-6192 (The web management interface in Citrix NetScaler 8.0 build 47.8 uses w ...)
 	NOT-FOR-US: Citrix
-CVE-2007-6191
+CVE-2007-6191 (Multiple PHP remote file inclusion vulnerabilities in Armin Burger p.m ...)
 	NOT-FOR-US: Armin Burger p.mapper
-CVE-2007-6190
+CVE-2007-6190 (The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobi ...)
 	NOT-FOR-US: Cisco Unified IP Phone
-CVE-2007-6189
+CVE-2007-6189 (A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in Bit ...)
 	NOT-FOR-US: BitDefender Online Anti-Virus Scanner
-CVE-2007-6188
+CVE-2007-6188 (Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7 ...)
 	NOT-FOR-US: TuMusika Evolution
-CVE-2007-6187
+CVE-2007-6187 (Multiple directory traversal vulnerabilities in PHP Content Architect  ...)
 	NOT-FOR-US: PHP Content Architect
-CVE-2007-6186
+CVE-2007-6186 (Unspecified vulnerability in PHPDevShell before 0.7.0 has unknown impa ...)
 	NOT-FOR-US: PHPDevShell
-CVE-2007-6185
+CVE-2007-6185 (Directory traversal vulnerability in users/files.php in Eurologon CMS  ...)
 	NOT-FOR-US: Eurologon CMS
-CVE-2007-6184
+CVE-2007-6184 (Directory traversal vulnerability in index.php in Project Alumni 1.0.9 ...)
 	NOT-FOR-US: Project Alumni
-CVE-2007-6182
+CVE-2007-6182 (The responder program in ISPsystem ISPmanager (aka ISPmgr) 4.2.15.1 al ...)
 	NOT-FOR-US: ISPmanager
-CVE-2007-6181
+CVE-2007-6181 (Heap-based buffer overflow in cygwin1.dll in Cygwin 1.5.7 and earlier  ...)
 	NOT-FOR-US: Cygwin
-CVE-2007-6180
+CVE-2007-6180 (Race condition in the Remote Procedure Call kernel module (rpcmod) in  ...)
 	NOT-FOR-US: Solaris
-CVE-2007-6179
+CVE-2007-6179 (Multiple PHP remote file inclusion vulnerabilities in Charray's CMS 0. ...)
 	NOT-FOR-US: Charray's CMS
-CVE-2007-6178
+CVE-2007-6178 (Multiple PHP remote file inclusion vulnerabilities in Easy Hosting Con ...)
 	NOT-FOR-US: Easy Hosting Control Panel for Ubuntu
-CVE-2007-6177
+CVE-2007-6177 (PHP remote file inclusion vulnerability in Exchange/include.php in PHP ...)
 	NOT-FOR-US: PHP-CON
-CVE-2007-6176
+CVE-2007-6176 (kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows remote ...)
 	NOT-FOR-US: KB-Bestellsystem
-CVE-2007-6175
+CVE-2007-6175 (Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Lhaplus
-CVE-2007-6174
+CVE-2007-6174 (PHPDevShell before 0.7.0 allows remote authenticated users to gain pri ...)
 	NOT-FOR-US: PHPDevShell
-CVE-2007-6173
+CVE-2007-6173 (Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay  ...)
 	- liferay-portal <itp> (bug #569819)
-CVE-2007-6172
+CVE-2007-6172 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote atta ...)
 	NOT-FOR-US: wpQuiz
-CVE-2007-6169
+CVE-2007-6169 (SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty al ...)
 	NOT-FOR-US: GOUAE DWD Realty
-CVE-2007-6168
+CVE-2007-6168 (SQL injection vulnerability in default.asp in VU Case Manager allows r ...)
 	NOT-FOR-US: VU Case Manager
-CVE-2007-6167
+CVE-2007-6167 (Untrusted search path vulnerability in yast2-core in SUSE Linux might  ...)
 	NOT-FOR-US: Yast2
-CVE-2007-6166
+CVE-2007-6166 (Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used i ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-6165
+CVE-2007-6165 (Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote at ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-6164
+CVE-2007-6164 (Multiple SQL injection vulnerabilities in Eurologon CMS allow remote a ...)
 	NOT-FOR-US: Eurologon CMS
-CVE-2007-6163
+CVE-2007-6163 (SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty al ...)
 	NOT-FOR-US: GOUAE DWD Realty
-CVE-2007-6162
+CVE-2007-6162 (Cross-site scripting (XSS) vulnerability in index.php in FMDeluxe 2.1. ...)
 	NOT-FOR-US: FMDeluxe
-CVE-2007-6161
+CVE-2007-6161 (index.php in Tilde CMS 4.x and earlier allows remote attackers to obta ...)
 	NOT-FOR-US: Tilde CMS
-CVE-2007-6160
+CVE-2007-6160 (Cross-site scripting (XSS) vulnerability in index.php in Tilde CMS 4.x ...)
 	NOT-FOR-US: Tilde CMS
-CVE-2007-6159
+CVE-2007-6159 (SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier  ...)
 	NOT-FOR-US: Tilde CMS
-CVE-2007-6158
+CVE-2007-6158 (Multiple SQL injection vulnerabilities in caladmin.inc.php in Proverbs ...)
 	NOT-FOR-US: Proverbs Web Calendar
-CVE-2007-6157
+CVE-2007-6157 (Cross-site scripting (XSS) vulnerability in index.php in SimpleGallery ...)
 	NOT-FOR-US: SimpleGallery
-CVE-2007-6156
+CVE-2007-6156 (Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.p ...)
 	- acidbase 1.3.9-1 (low; bug #453838)
 	[etch] - acidbase <not-affected> (vulnerable code not present, in etch acidbase exits in this case)
 CVE-2007-6155
@@ -1444,89 +1444,89 @@ CVE-2007-6153
 	RESERVED
 CVE-2007-6152
 	RESERVED
-CVE-2007-6151
+CVE-2007-6151 (The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows ...)
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1479-1}
 	- linux-2.6 2.6.23-2
-CVE-2007-6149
+CVE-2007-6149 (Multiple integer overflows in the Edge server in Adobe Flash Media Ser ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2007-6148
+CVE-2007-6148 (Use-after-free vulnerability in the Edge server in Adobe Flash Media S ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2007-6147
+CVE-2007-6147 (Multiple PHP remote file inclusion vulnerabilities in IAPR COMMENCE 1. ...)
 	NOT-FOR-US: IAPR COMMENCE
-CVE-2007-6146
+CVE-2007-6146 (Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-02 on Win ...)
 	NOT-FOR-US: JP1/File Transmission Server/FTP on windows
-CVE-2007-6145
+CVE-2007-6145 (Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP  ...)
 	NOT-FOR-US: Hitachi JP1/File Transmission Server/FTP
-CVE-2007-6144
+CVE-2007-6144 (Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control i ...)
 	NOT-FOR-US: Xunlei Thunder
-CVE-2007-6143
+CVE-2007-6143 (SQL injection vulnerability in default.asp (aka the Login Page) in VU  ...)
 	NOT-FOR-US: VU Case Manager
-CVE-2007-6142
+CVE-2007-6142 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just a ...)
 	NOT-FOR-US: JAF CMS
-CVE-2007-6141
+CVE-2007-6141 (Cross-site scripting (XSS) vulnerability in vBTube.php in vBTube 1.1 B ...)
 	NOT-FOR-US: vBTube
-CVE-2007-6140
+CVE-2007-6140 (Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow remote  ...)
 	NOT-FOR-US: Dora Emlak
-CVE-2007-6139
+CVE-2007-6139 (PHP remote file inclusion vulnerability in index.php in Mp3 ToolBox 1. ...)
 	NOT-FOR-US: Mp3 ToolBox
-CVE-2007-6138
+CVE-2007-6138 (SQL injection vulnerability in redir.asp in VU Mass Mailer allows remo ...)
 	NOT-FOR-US: VU Mass Mailer
-CVE-2007-6137
+CVE-2007-6137 (SQL injection vulnerability in news.php in Content Injector 1.52 allow ...)
 	NOT-FOR-US: Content Injector
-CVE-2007-6136
+CVE-2007-6136 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in M2 ...)
 	NOT-FOR-US: M2Scripts MySpace Scripts
-CVE-2007-6135
+CVE-2007-6135 (Cross-site scripting (XSS) vulnerability in phpslideshow.php in PHPSli ...)
 	NOT-FOR-US: PHPSlideShow
-CVE-2007-6134
+CVE-2007-6134 (SQL injection vulnerability in pkinc/public/article.php in PHPKIT 1.6. ...)
 	NOT-FOR-US: PHPKIT
-CVE-2007-6133
+CVE-2007-6133 (PHP remote file inclusion vulnerability in admin/kfm/initialise.php in ...)
 	NOT-FOR-US: DevMass Shopping Cart
-CVE-2007-6183
+CVE-2007-6183 (Format string vulnerability in the mdiag_initialize function in gtk/sr ...)
 	{DSA-1431-1 DTSA-102-1}
 	- ruby-gnome2 0.16.0-10 (medium; bug #453689)
-CVE-2007-6171
+CVE-2007-6171 (SQL injection vulnerability in the Postgres Realtime Engine (res_confi ...)
 	- asterisk 1:1.4.15~dfsg-1 (medium)
 	[sarge] - asterisk <not-affected> (Vulnerable code not present)
 	[etch] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2007-6170
+CVE-2007-6170 (SQL injection vulnerability in the Call Detail Record Postgres logging ...)
 	{DSA-1417-1}
 	- asterisk 1:1.4.15~dfsg-1 (medium)
-CVE-2007-6150
+CVE-2007-6150 (The "internal state tracking" code for the random and urandom devices  ...)
 	- kfreebsd-7 7.0~cvs20080107-1
 	- kfreebsd-6 6.3~cvs20080107-1
 	- kfreebsd-5 <removed> (medium; bug #453944)
 	[etch] - kfreebsd-5 <no-dsa> (kfreebsd not supported)
 CVE-2007-6132
 	REJECTED
-CVE-2007-6131
+CVE-2007-6131 (buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite  ...)
 	- scanbuttond 0.2.3-6 (unimportant; bug #453239)
 	NOTE: this is just an example script, maintainer adds a note about it
 	NOTE: 0.2.3-6 adds a security note about this script
-CVE-2007-6130
+CVE-2007-6130 (gnump3d 2.9final does not apply password protection to its plugins, wh ...)
 	- gnump3d 3.0-1 (medium)
 	[sarge] - gnump3d <not-affected> (Vulnerable code not present)
 	[etch] - gnump3d <not-affected> (Vulnerable code not present)
-CVE-2007-6129
+CVE-2007-6129 (Directory traversal vulnerability in scripts/include/show_content.php  ...)
 	NOT-FOR-US: Amber script
-CVE-2007-6128
+CVE-2007-6128 (SQL injection vulnerability in events.php in WorkingOnWeb 2.0.1400 all ...)
 	NOT-FOR-US: WorkingOnWeb
-CVE-2007-6127
+CVE-2007-6127 (Multiple SQL injection vulnerabilities in project alumni 1.0.9 and ear ...)
 	NOT-FOR-US: Alumni
-CVE-2007-6126
+CVE-2007-6126 (Multiple cross-site scripting (XSS) vulnerabilities in project alumni  ...)
 	NOT-FOR-US: Alumni
-CVE-2007-6125
+CVE-2007-6125 (SQL injection vulnerability in search_form.php in Softbiz Freelancers  ...)
 	NOT-FOR-US: Softbiz Freelancers Script
-CVE-2007-6124
+CVE-2007-6124 (Cross-site scripting (XSS) vulnerability in signin.php in Softbiz Free ...)
 	NOT-FOR-US: Softbiz Freelancers Script
-CVE-2007-6123
+CVE-2007-6123 (Unspecified vulnerability in IRC Services 5.1.8 has unknown impact and ...)
 	NOT-FOR-US: IRC Services
-CVE-2007-6122
+CVE-2007-6122 (The default_encrypt function in encrypt.c in IRC Services before 5.0.6 ...)
 	NOT-FOR-US: IRC Services
-CVE-2007-6110
+CVE-2007-6110 (Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6  ...)
 	{DSA-1429-1}
 	- htdig 1:3.2.0b6-4 (low; bug #453278)
 	[sarge] - htdig <not-affected> (Vulnerable code not present)
-CVE-2007-6109
+CVE-2007-6109 (Stack-based buffer overflow in emacs allows user-assisted attackers to ...)
 	{DTSA-98-1 DTSA-99-1}
 	- emacs22 22.1+1-2.2 (bug #455432)
 	- emacs21 21.4a+1-5.2 (bug #455433)
@@ -1537,66 +1537,66 @@ CVE-2007-6108
 	RESERVED
 CVE-2007-6107
 	RESERVED
-CVE-2007-6106
+CVE-2007-6106 (SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98  ...)
 	NOT-FOR-US: AlstraSoft E-Friends
-CVE-2007-6105
+CVE-2007-6105 (Multiple PHP remote file inclusion vulnerabilities in TalkBack 2.2.7 a ...)
 	NOT-FOR-US: TalkBack
-CVE-2007-6104
+CVE-2007-6104 (Cross-site scripting (XSS) vulnerability in the Instant Web Publishing ...)
 	NOT-FOR-US: FileMaker Pro
-CVE-2007-6103
+CVE-2007-6103 (I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1)  ...)
 	- ihu 0.5.6-3.1 (unimportant; bug #453280)
 	NOTE: Would only terminate normal phone call by hanging up, not a real security bug
-CVE-2007-6102
+CVE-2007-6102 (Cross-site scripting (XSS) vulnerability in Feed to JavaScript (Feed2J ...)
 	NOT-FOR-US: feed2js
-CVE-2007-6101
+CVE-2007-6101 (Ability Mail Server before 2.61 allows remote authenticated users to c ...)
 	NOT-FOR-US: Ability Mail Server
-CVE-2007-6100
+CVE-2007-6100 (Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth ...)
 	- phpmyadmin 4:2.11.2.2-1
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2007-6099
+CVE-2007-6099 (Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParato ...)
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6098
+CVE-2007-6098 (Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log tru ...)
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6097
+CVE-2007-6097 (Unspecified vulnerability in the ICMP implementation in Ingate Firewal ...)
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6096
+CVE-2007-6096 (Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext  ...)
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6095
+CVE-2007-6095 (The SIP component in Ingate Firewall before 4.6.0 and SIParator before ...)
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6094
+CVE-2007-6094 (The IPsec module in the VPN component in Ingate Firewall before 4.6.0  ...)
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6093
+CVE-2007-6093 (The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator  ...)
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6092
+CVE-2007-6092 (Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParat ...)
 	NOT-FOR-US: Ingate Firewall Siparator
-CVE-2007-6091
+CVE-2007-6091 (Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Ba ...)
 	NOT-FOR-US: JiRo's Banner System (JBS)
-CVE-2007-6090
+CVE-2007-6090 (Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan 1. ...)
 	NOT-FOR-US: Nuked-Klan
-CVE-2007-6089
+CVE-2007-6089 (PHP remote file inclusion vulnerability in index.php in meBiblio 0.4.5 ...)
 	NOT-FOR-US: meBiblio
-CVE-2007-6088
+CVE-2007-6088 (PHP remote file inclusion vulnerability in includes/functions_mod_user ...)
 	NOT-FOR-US: phpBBViet
-CVE-2007-6087
+CVE-2007-6087 (Cross-site request forgery (CSRF) vulnerability in index.php in Vigile ...)
 	NOT-FOR-US: VigileCMS
-CVE-2007-6086
+CVE-2007-6086 (Directory traversal vulnerability in index.php in VigileCMS 1.4 allows ...)
 	NOT-FOR-US: VigileCMS
-CVE-2007-6085
+CVE-2007-6085 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Vi ...)
 	NOT-FOR-US: VigileCMS
-CVE-2007-6084
+CVE-2007-6084 (SQL injection vulnerability in software-description.php in HotScripts  ...)
 	NOT-FOR-US: HotScripts Clone script
-CVE-2007-6083
+CVE-2007-6083 (SQL injection vulnerability in admin/index.php in IceBB 1.0-rc6 allows ...)
 	NOT-FOR-US: IceBB
-CVE-2007-6082
+CVE-2007-6082 (Direct static code injection vulnerability in acp/savenews.php in Sciu ...)
 	NOT-FOR-US: Sciurus Hosting Panel
-CVE-2007-6081
+CVE-2007-6081 (AdventNet EventLog Analyzer build 4030 for Windows, and possibly other ...)
 	NOT-FOR-US: Windows
-CVE-2007-6080
+CVE-2007-6080 (SQL injection vulnerability in modules/banners/click.php in the banner ...)
 	NOT-FOR-US: bcoos
-CVE-2007-6079
+CVE-2007-6079 (Directory traversal vulnerability in include/common.php in bcoos 1.0.1 ...)
 	NOT-FOR-US: bcoos
-CVE-2007-6078
+CVE-2007-6078 (Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote a ...)
 	NOT-FOR-US: SkyPortal
 CVE-2007-6076
 	RESERVED
@@ -1616,7 +1616,7 @@ CVE-2007-6069
 	RESERVED
 CVE-2007-6068
 	RESERVED
-CVE-2007-6067
+CVE-2007-6067 (Algorithmic complexity vulnerability in the regular expression parser  ...)
 	{DSA-1463-1 DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
@@ -1631,138 +1631,138 @@ CVE-2007-6065
 	RESERVED
 CVE-2007-6064
 	RESERVED
-CVE-2007-6063
+CVE-2007-6063 (Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux ...)
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1436-1}
 	- linux-2.6 2.6.23-2
-CVE-2007-6062
+CVE-2007-6062 (irc-channel.c in ngIRCd before 0.10.3 allows remote attackers to cause ...)
 	- ngircd 0.10.3-1 (bug #451875)
 	[etch] - ngircd 0.10.0-2etch1
-CVE-2007-6061
+CVE-2007-6061 (Audacity 1.3.2 creates a temporary directory with a predictable name w ...)
 	- audacity 1.3.4-1.1 (bug #453283; low)
 	[etch] - audacity <no-dsa> (Minor issue)
-CVE-2007-6060
+CVE-2007-6060 (AhnLab Antivirus 3 Internet Security 2008 Platinum appends data to a f ...)
 	NOT-FOR-US: AhnLab Antivirus 3 Internet Security 2008 Platinum
 CVE-2007-6059
 	NOT-FOR-US: Javamail
-CVE-2007-6058
+CVE-2007-6058 (Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0  ...)
 	NOT-FOR-US: ProfileCMS
-CVE-2007-6057
+CVE-2007-6057 (PHP remote file inclusion vulnerability in index.php in datecomm Socia ...)
 	NOT-FOR-US: datecomm Social Networking Script
-CVE-2007-6056
+CVE-2007-6056 (frame.html in Aida-Web (Aida Web) allows remote attackers to bypass a  ...)
 	NOT-FOR-US: Aida-Web
-CVE-2007-6055
+CVE-2007-6055 (Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay  ...)
 	- liferay-portal <itp> (bug #569819)
-CVE-2007-6054
+CVE-2007-6054 (Cross-site scripting (XSS) vulnerability in the login page in the mana ...)
 	NOT-FOR-US: Aruba 800 Mobility Controller
-CVE-2007-6053
+CVE-2007-6053 (IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-6052
+CVE-2007-6052 (IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggre ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-6051
+CVE-2007-6051 (IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-6050
+CVE-2007-6050 (Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-6049
+CVE-2007-6049 (Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-6048
+CVE-2007-6048 (IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-6047
+CVE-2007-6047 (Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 befor ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-6046
+CVE-2007-6046 (Unspecified vulnerability in unspecified setuid programs in IBM DB2 UD ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-6045
+CVE-2007-6045 (Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-6044
+CVE-2007-6044 (Multiple unspecified vulnerabilities in IBM WebSphere MQ 6.0 have unkn ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-6043
+CVE-2007-6043 (The CryptGenRandom function in Microsoft Windows 2000 generates predic ...)
 	NOT-FOR-US: Windows
-CVE-2007-6042
+CVE-2007-6042 (PHP remote file inclusion vulnerability in fehler.inc.php in SWSoft Co ...)
 	NOT-FOR-US: SWSoft Confixx Professional
-CVE-2007-6041
+CVE-2007-6041 (Buffer overflow in the Sequencer::queueMessage function in sequencer.c ...)
 	NOT-FOR-US: Rigs of Rods (RoR)
-CVE-2007-6040
+CVE-2007-6040 (The Belkin F5D7230-4 Wireless G Router allows remote attackers to caus ...)
 	NOT-FOR-US: Belkin F5D7230-4 Wireless G Router
-CVE-2007-6039
+CVE-2007-6039 (PHP 5.2.5 and earlier allows context-dependent attackers to cause a de ...)
 	- php5 5.2.5-1 (unimportant; bug #453295)
 	NOTE: Not a vulnerability per Debian PHP security policy, requires malicious
 	NOTE: script to trigger this issue
-CVE-2007-6077
+CVE-2007-6077 (The session fixation protection mechanism in cgi_process.rb in Rails 1 ...)
 	- rails 1.2.6-1 (low; bug #452748)
-CVE-2007-6111
+CVE-2007-6111 (Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal)  ...)
 	{DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (low; bug #452381)
 	[etch] - wireshark <not-affected> (Vulnerable code not present)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6112
+CVE-2007-6112 (Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.9 ...)
 	{DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (medium; bug #452381)
 	[etch] - wireshark <not-affected> (Vulnerable code not present)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6113
+CVE-2007-6113 (Integer signedness error in the DNP3 dissector in Wireshark (formerly  ...)
 	{DTSA-92-1}
 	- wireshark 0.99.6pre1-1 (low)
 	[etch] - wireshark <no-dsa> (Minor issue, exotic dissector, very intrusive backport)
-CVE-2007-6114
+CVE-2007-6114 (Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 thro ...)
 	{DSA-1414-1 DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (medium; bug #452381)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6115
+CVE-2007-6115 (Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethe ...)
 	{DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (medium; bug #452381)
 	[etch] - wireshark <not-affected> (Vulnerable code not present)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6116
+CVE-2007-6116 (The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99 ...)
 	{DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (low; bug #452381)
 	[etch] - wireshark <not-affected> (Vulnerable code not present)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6117
+CVE-2007-6117 (Unspecified vulnerability in the HTTP dissector for Wireshark (formerl ...)
 	{DSA-1414-1 DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (bug #452381)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6118
+CVE-2007-6118 (The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 ...)
 	{DSA-1414-1 DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (low; bug #452381)
-CVE-2007-6119
+CVE-2007-6119 (The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows  ...)
 	{DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (low; bug #452381)
 	[etch] - wireshark <not-affected> (Vulnerable code not present)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6120
+CVE-2007-6120 (The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0. ...)
 	{DSA-1414-1 DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (low; bug #452381)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-6121
+CVE-2007-6121 (Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers ...)
 	{DSA-1414-1 DTSA-92-1}
 	- wireshark 0.99.7~pre1-1 (low; bug #452381)
-CVE-2007-6038
+CVE-2007-6038 (PHP remote file inclusion vulnerability in xajax_functions.php in the  ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-6037
+CVE-2007-6037 (Cross-site scripting (XSS) vulnerability in ws/generic_api_call.pl in  ...)
 	NOT-FOR-US: Citrix NetScaler
-CVE-2007-6036
+CVE-2007-6036 (The parseRTSPRequestString function in LIVE555 Media Server 2007.11.01 ...)
 	NOT-FOR-US: LIVE555 Media Server
 CVE-2007-6034
 	REJECTED
-CVE-2007-6033
+CVE-2007-6033 (Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure p ...)
 	NOT-FOR-US: Invensys Wonderware InTouch
-CVE-2007-6032
+CVE-2007-6032 (SQL injection vulnerability in calendar/page.asp in Aleris Web Publish ...)
 	NOT-FOR-US: Aleris Web Publishing Server
-CVE-2007-6031
+CVE-2007-6031 (Unspecified vulnerability in VanDyke VShell 3.0.1 allows remote attack ...)
 	NOT-FOR-US: VanDyke VShell
-CVE-2007-6030
+CVE-2007-6030 (Unspecified vulnerability in Weird Solutions BOOTPTurbo 1.2 has unknow ...)
 	NOT-FOR-US: Weird Solutions BOOTPTurbo
-CVE-2007-6029
+CVE-2007-6029 (Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote at ...)
 	NOTE: this information is based upon a vague advisory by a vulnerability
 	NOTE: information sales organization that does not coordinate with vendors or
 	NOTE: release actionable advisories. So maybe it is not fixed _but_ since it is
 	NOTE: not disclosed it would be hard to fix and track it.
-CVE-2007-6028
+CVE-2007-6028 (Multiple stack-based buffer overflows in the VSFlexGrid.VSFlexGridL Ac ...)
 	NOT-FOR-US: ComponentOne FlexGrid
-CVE-2007-6027
+CVE-2007-6027 (PHP remote file inclusion vulnerability in admin.jjgallery.php in the  ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-6026
+CVE-2007-6026 (Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka M ...)
 	NOT-FOR-US: Microsoft Jet Engine
-CVE-2007-6025
+CVE-2007-6025 (Stack-based buffer overflow in driver_wext.c in wpa_supplicant 0.6.0 a ...)
 	- wpasupplicant 0.6.0-4
 	[etch] - wpasupplicant <not-affected> (Vulnerable code not present)
 	[sarge] - wpasupplicant <not-affected> (Vulnerable code not present)
@@ -1772,137 +1772,137 @@ CVE-2007-6023
 	RESERVED
 CVE-2007-6022
 	RESERVED
-CVE-2007-6021
+CVE-2007-6021 (Heap-based buffer overflow in Adobe PageMaker 7.0.1 and 7.0.2 allows u ...)
 	NOT-FOR-US: Adobe PageMaker
-CVE-2007-6020
+CVE-2007-6020 (Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat ...)
 	NOT-FOR-US: KeyView
-CVE-2007-6019
+CVE-2007-6019 (Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, al ...)
 	- flashplugin-nonfree 1:1.4
-CVE-2007-6018
+CVE-2007-6018 (IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde ...)
 	{DSA-1470-1}
 	- horde3 3.1.6-1 (bug #461131; low)
 	- imp4 <not-affected> (xss.php is only present in horde3 package)
-CVE-2007-6017
+CVE-2007-6017 (The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in th ...)
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2007-6016
+CVE-2007-6016 (Multiple stack-based buffer overflows in the PVATLCalendar.PVCalendar. ...)
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2007-6015
+CVE-2007-6015 (Stack-based buffer overflow in the send_mailslot function in nmbd in S ...)
 	{DSA-1427-1 DTSA-100-1}
 	- samba 3.0.28-1 (high)
-CVE-2007-6014
+CVE-2007-6014 (SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and ear ...)
 	NOT-FOR-US: Beehive Forum
-CVE-2007-6013
+CVE-2007-6013 (Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash o ...)
 	- wordpress 2.5.0-1 (low; bug #452251)
 	[etch] - wordpress <no-dsa> (Minor issue)
 	NOTE: if untrusted people are allowed to read the database they could still
 	NOTE: crack the hash with more work, so maybe this is unimportant?
-CVE-2007-6012
+CVE-2007-6012 (SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 and 4.1.2 ...)
 	NOT-FOR-US: DocuSafe
-CVE-2007-6035
+CVE-2007-6035 (SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows ...)
 	{DSA-1418-1}
 	- cacti 0.8.7a-1 (medium; bug #452085)
-CVE-2007-6011
+CVE-2007-6011 (Unspecified vulnerability in main.php of BugHotel Reservation System b ...)
 	NOT-FOR-US: BugHotel
-CVE-2007-6010
+CVE-2007-6010 (Unspecified vulnerability in pioneers (formerly gnocatan) 0.11.3 allow ...)
 	{DTSA-89-1}
 	- pioneers 0.11.3-2 (low; bug #449541)
 	[etch] - pioneers <no-dsa> (Minor issue)
-CVE-2007-6009
+CVE-2007-6009 (Multiple buffer overflows in ACD products allow user-assisted remote a ...)
 	NOT-FOR-US: ACD products
-CVE-2007-6008
+CVE-2007-6008 (Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (fo ...)
 	NOT-FOR-US: Autonomy
-CVE-2007-6007
+CVE-2007-6007 (Integer overflow in the ID_PSP.apl plug-in for ACD ACDSee Photo Manage ...)
 	NOT-FOR-US: Pro Photo Manager
-CVE-2007-6006
+CVE-2007-6006 (TestLink before 1.7.1 does not enforce an unspecified authorization me ...)
 	NOT-FOR-US: TestLink
-CVE-2007-6005
+CVE-2007-6005 (Unspecified vulnerability in the GpcContainer.GpcContainer.1 ActiveX c ...)
 	NOT-FOR-US: WebEx
-CVE-2007-6004
+CVE-2007-6004 (Multiple SQL injection vulnerabilities in index.php in Toko Instan 7.6 ...)
 	NOT-FOR-US: Toko Instan
-CVE-2007-6003
+CVE-2007-6003 (Cross-site scripting (XSS) vulnerability in cgi/b/ic/connect in the Th ...)
 	NOT-FOR-US: SpeedTouch
-CVE-2007-6002
+CVE-2007-6002 (Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.1 ...)
 	NOT-FOR-US: Fenriru
-CVE-2007-6001
+CVE-2007-6001 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ba ...)
 	- bandersnatch <removed> (low; bug #435709)
-CVE-2007-6000
+CVE-2007-6000 (KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a den ...)
 	- kdebase <unfixed> (unimportant; bug #451794)
 	NOTE: not reproducible with 4:3.5.8.dfsg.1-1, poked maintainer
 	NOTE: it seems konqueror only treats the cookie value until some special length
 	NOTE: as cookie, after this length it will open the rest as site content. This eats alot
 	NOTE: ram and cpu but depending on how much ram the system has, konqueror will die after
 	NOTE: no memory is left, not treated as security problem.
-CVE-2007-5999
+CVE-2007-5999 (SQL injection vulnerability in product_desc.php in Softbiz Auctions Sc ...)
 	NOT-FOR-US: Softbiz
-CVE-2007-5998
+CVE-2007-5998 (SQL injection vulnerability in ads.php in Softbiz Ad Management plus S ...)
 	NOT-FOR-US: Softbiz
-CVE-2007-5997
+CVE-2007-5997 (SQL injection vulnerability in campaign_stats.php in Softbiz Banner Ex ...)
 	NOT-FOR-US: Softbiz Banner Exchange Network Script
-CVE-2007-5996
+CVE-2007-5996 (SQL injection vulnerability in searchresult.php in Softbiz Link Direct ...)
 	NOT-FOR-US: Softbiz Link Directory Script
-CVE-2007-5995
+CVE-2007-5995 (PHP remote file inclusion vulnerability in examples/patExampleGen/bbco ...)
 	NOT-FOR-US: patBBcode
-CVE-2007-5994
+CVE-2007-5994 (PHP remote file inclusion vulnerability in check_noimage.php in Fritz  ...)
 	NOT-FOR-US: php photo album
-CVE-2007-5993
+CVE-2007-5993 (Cross-site scripting (XSS) vulnerability in Visionary Technology in Li ...)
 	NOT-FOR-US: vtls
-CVE-2007-5992
+CVE-2007-5992 (SQL injection vulnerability in index.php in datecomm Social Networking ...)
 	NOT-FOR-US: Social Networking Script
-CVE-2007-5991
+CVE-2007-5991 (SQL injection vulnerability in index.php in ExoPHPdesk allows remote a ...)
 	NOT-FOR-US: ExoPHPdesk
-CVE-2007-5990
+CVE-2007-5990 (Cross-site scripting (XSS) vulnerability in ExoPHPdesk allows remote a ...)
 	NOT-FOR-US: ExoPHPdesk
-CVE-2007-5989
+CVE-2007-5989 (Unspecified vulnerability in the skype4com URI handler in Skype before ...)
 	NOT-FOR-US: Skype
-CVE-2007-5988
+CVE-2007-5988 (blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user acc ...)
 	NOT-FOR-US: BtiTracker
-CVE-2007-5987
+CVE-2007-5987 (details.php in BtiTracker before 1.4.5, when torrent viewing is disabl ...)
 	NOT-FOR-US: BtiTracker
-CVE-2007-5986
+CVE-2007-5986 (SQL injection vulnerability in include/functions.php in BtiTracker bef ...)
 	NOT-FOR-US: BtiTracker
-CVE-2007-5985
+CVE-2007-5985 (Multiple cross-site scripting (XSS) vulnerabilities in BtiTracker befo ...)
 	NOT-FOR-US: BtiTracker
-CVE-2007-5984
+CVE-2007-5984 (classes/Url.php in Justin Hagstrom AutoIndex PHP Script before 2.2.4 a ...)
 	NOT-FOR-US: AutoIndex
-CVE-2007-5983
+CVE-2007-5983 (Cross-site scripting (XSS) vulnerability in index.php in Justin Hagstr ...)
 	NOT-FOR-US: AutoIndex
-CVE-2007-5982
+CVE-2007-5982 (Multiple cross-site scripting (XSS) vulnerabilities in X7 Chat 2.0.4,  ...)
 	NOT-FOR-US: X7 Chat
-CVE-2007-5981
+CVE-2007-5981 (Lantronix SCS3200 does not properly handle public-key requests, which  ...)
 	NOT-FOR-US: Lantronix
-CVE-2007-5980
+CVE-2007-5980 (Cross-site scripting (XSS) vulnerability in home/rss.php in eggblog be ...)
 	NOT-FOR-US: eggblog
-CVE-2007-5979
+CVE-2007-5979 (Cross-site scripting (XSS) vulnerability in download_plugin.php3 in F5 ...)
 	NOT-FOR-US: F5 Firepass
-CVE-2007-5978
+CVE-2007-5978 (SQL injection vulnerability in brokenlink.php in the mylinks module fo ...)
 	NOT-FOR-US: XOOPS
-CVE-2007-5977
+CVE-2007-5977 (Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmi ...)
 	- phpmyadmin 4:2.11.2.1-1 (unimportant; bug #451465)
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2007-5976
+CVE-2007-5976 (SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11 ...)
 	- phpmyadmin 4:2.11.2.1-1 (unimportant; bug #451465)
-CVE-2007-5975
+CVE-2007-5975 (SQL injection vulnerability in index.php in TBSource, as used in (1) T ...)
 	NOT-FOR-US: TBSource
-CVE-2007-5974
+CVE-2007-5974 (SQL injection vulnerability in mailer.php in JPortal 2 allows remote a ...)
 	NOT-FOR-US: JPortal
-CVE-2007-5973
+CVE-2007-5973 (SQL injection vulnerability in articles.php in JPortal 2.3.1 and earli ...)
 	NOT-FOR-US: JPortal
-CVE-2007-5972
+CVE-2007-5972 (Double free vulnerability in the krb5_def_store_mkey function in lib/k ...)
 	- krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
 	NOTE: potential attackers must have privileges to store the krb5kdc master key
 	NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
-CVE-2007-5971
+CVE-2007-5971 (Double free vulnerability in the gss_krb5int_make_seal_token_v3 functi ...)
 	- krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
 	NOTE: Not exploitable in real-world circumstances:
 	NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
-CVE-2007-5970
+CVE-2007-5970 (MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authent ...)
 	- mysql-dfsg-5.0 <not-affected> (Vulnerable code not present referring to maintainer)
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg <removed>
 	NOTE: version in experimental is affected by this
 	NOTE: the debian maintainers do not yet have access to this issue: http://lists.mysql.com/packagers/377
-CVE-2007-5969
+CVE-2007-5969 (MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x be ...)
 	{DSA-1451-1}
 	- mysql-dfsg-5.0 5.0.45-4 (low; bug #455010)
 	- mysql-dfsg-4.1 <removed>
@@ -1910,196 +1910,196 @@ CVE-2007-5968
 	REJECTED
 CVE-2007-5967
 	RESERVED
-CVE-2007-5966
+CVE-2007-5966 (Integer overflow in the hrtimer_start function in kernel/hrtimer.c in  ...)
 	{DSA-1436-1}
 	- linux-2.6 2.6.23-2
-CVE-2007-5965
+CVE-2007-5965 (QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly verif ...)
 	- qt4-x11 4.3.3-1
 	[etch] - qt4-x11 <not-affected> (Vulnerable code was introduced in 4.3)
 	- qt-x11-free <not-affected> (Vulnerable code was introduced in 4.3)
-CVE-2007-5964
+CVE-2007-5964 (The default configuration of autofs 5 in some Linux distributions, suc ...)
 	- autofs 3.1.4-8 (medium)
 	- autofs5 5.0.3-1
-CVE-2007-5963
+CVE-2007-5963 (Unspecified vulnerability in kdebase allows local users to cause a den ...)
 	- kdebase <unfixed> (unimportant)
 	NOTE: This has only theoretical security impact
-CVE-2007-5962
+CVE-2007-5962 (Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red ...)
 	- vsftpd <not-affected> (Vulnerability in Red Hat-specific patch)
-CVE-2007-5961
+CVE-2007-5961 (Cross-site scripting (XSS) vulnerability in the Red Hat Network channe ...)
 	NOT-FOR-US: Red Hat Network channel search feature
-CVE-2007-5960
+CVE-2007-5960 (Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Re ...)
 	{DSA-1506-1 DSA-1425-1 DSA-1424-1}
 	- iceweasel 2.0.0.10-1
 	- iceape 1.1.7-1
 	- xulrunner 1.8.1.11-1
 	NOTE: MFSA2007-39
-CVE-2007-5959
+CVE-2007-5959 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.1 ...)
 	{DSA-1506-1 DSA-1425-1 DSA-1424-1}
 	- iceweasel 2.0.0.10-1
 	- iceape 1.1.7-1
 	- xulrunner 1.8.1.11-1
 	NOTE: MFSA2007-38
-CVE-2007-5958
+CVE-2007-5958 (X.Org Xserver before 1.4.1 allows local users to determine the existen ...)
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
-CVE-2007-5957
+CVE-2007-5957 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.T ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2007-5956
+CVE-2007-5956 (Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2007-5955
+CVE-2007-5955 (Cross-site scripting (XSS) vulnerability in updir.php in UPDIR.NET bef ...)
 	NOT-FOR-US: UPDIR.NET
-CVE-2007-5954
+CVE-2007-5954 (Cross-site scripting (XSS) vulnerability in buscador.php in JLMForo Sy ...)
 	NOT-FOR-US: JLMForo System
-CVE-2007-5953
+CVE-2007-5953 (Unspecified vulnerability in Really Simple CalDAV Store (RSCDS) before ...)
 	NOT-FOR-US: Really Simple CalDAV Store
-CVE-2007-5952
+CVE-2007-5952 (Cross-site scripting (XSS) vulnerability in admin/index.php in Helios  ...)
 	NOT-FOR-US: Helios Calendar
-CVE-2007-5951
+CVE-2007-5951 (SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows re ...)
 	NOT-FOR-US: E-Vendejo
-CVE-2007-5950
+CVE-2007-5950 (Cross-site scripting (XSS) vulnerability in NetCommons before 1.0.11,  ...)
 	NOT-FOR-US: NetCommons
-CVE-2007-5949
+CVE-2007-5949 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Service Desk 6. ...)
 	NOT-FOR-US: IBM Tivoli Service Desk
-CVE-2007-5948
+CVE-2007-5948 (Multiple cross-site scripting (XSS) vulnerabilities in main.php in SF- ...)
 	NOT-FOR-US: SF-Shoutbox
-CVE-2007-5947
+CVE-2007-5947 (The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMon ...)
 	{DSA-1506-1 DSA-1425-1 DSA-1424-1}
 	- iceweasel 2.0.0.10-1 (low; bug #451624)
 	- iceape 1.1.7-1
 	- xulrunner 1.8.1.11-1
 	NOTE: MFSA2007-37
-CVE-2007-5946
+CVE-2007-5946 (Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11. ...)
 	NOT-FOR-US: HP-UX
-CVE-2007-5945
+CVE-2007-5945 (USVN before 0.6.5 allows remote attackers to obtain a list of reposito ...)
 	NOT-FOR-US: usvn
-CVE-2007-5944
+CVE-2007-5944 (Cross-site scripting (XSS) vulnerability in Servlet Engine / Web Conta ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-5943
+CVE-2007-5943 (Simple Machines Forum (SMF) 1.1.4 allows remote attackers to read a me ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2007-5942
+CVE-2007-5942 (Bandersnatch 0.4 allows remote attackers to obtain sensitive informati ...)
 	- bandersnatch <removed> (unimportant; bug #451365)
 	NOTE: Installation path disclosure not treated as a security issue
-CVE-2007-5941
+CVE-2007-5941 (Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adob ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2007-5940
+CVE-2007-5940 (feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users  ...)
 	- texlive-bin 2005.dfsg.2-1
 	- feynmf 1.08-1
-CVE-2007-5939
+CVE-2007-5939 (The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 ...)
 	- heimdal <not-affected> (vulnerable code not present, ticketfile is just unlinked which is ok)
-CVE-2007-5938
+CVE-2007-5938 (The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1. ...)
 	- linux-2.6 2.6.23-2
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: we ship the iwl code in /debian/patches/features/all/v7-iwlwifi-add-iwlwifi-wireless-drivers.patch
-CVE-2007-5937
+CVE-2007-5937 (Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2 ...)
 	- texlive-bin 2007-13
 	[etch] - texlive-bin <no-dsa> (Minor issue)
-CVE-2007-5936
+CVE-2007-5936 (dvips in teTeX and TeXlive 2007 and earlier allows local users to obta ...)
 	- texlive-bin 2007-13
 	[etch] - texlive-bin <no-dsa> (Minor issue)
-CVE-2007-5935
+CVE-2007-5935 (Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 200 ...)
 	{DTSA-97-1}
 	- texlive-bin 2007.dfsg.1-1
 	[etch] - texlive-bin <no-dsa> (Minor issue)
-CVE-2007-5934
+CVE-2007-5934 (The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request ...)
 	- php-mdb2 2.5.0b2-1
-CVE-2007-5933
+CVE-2007-5933 (Pioneers (formerly gnocatan) before 0.11.3 allows remote attackers to  ...)
 	{DTSA-89-1}
 	- pioneers 0.11.3-2 (low; bug #449541)
 	[etch] - pioneers <no-dsa> (Minor issue)
-CVE-2007-5932
+CVE-2007-5932 (Multiple cross-site scripting (XSS) vulnerabilities in Fatwire Content ...)
 	NOT-FOR-US: Fatwire Content Server
-CVE-2007-5931
+CVE-2007-5931 (The reDirect function in lib/controllers/RepViewController.php in Oran ...)
 	NOT-FOR-US: OrangeHRM
-CVE-2007-5930
+CVE-2007-5930 (Cross-site scripting (XSS) vulnerability in the web interface in Cerbe ...)
 	NOT-FOR-US: Cerberus Ftp Server
-CVE-2007-5929
+CVE-2007-5929 (Buffer overflow in OpenBase 10.0.5 and earlier might allow remote auth ...)
 	NOT-FOR-US: OpenBase
-CVE-2007-5928
+CVE-2007-5928 (OpenBase 10.0.5 and earlier allows remote authenticated users to trigg ...)
 	NOT-FOR-US: OpenBase
-CVE-2007-5927
+CVE-2007-5927 (Directory traversal vulnerability in OpenBase 10.0.5 and earlier allow ...)
 	NOT-FOR-US: OpenBase
-CVE-2007-5926
+CVE-2007-5926 (OpenBase 10.0.5 and earlier allows remote authenticated users to execu ...)
 	NOT-FOR-US: OpenBase
-CVE-2007-5925
+CVE-2007-5925 (The convert_search_mode_to_innobase function in ha_innodb.cc in the In ...)
 	{DSA-1413-1 DTSA-91-1}
 	- mysql-dfsg-5.0 5.0.45-3 (medium; bug #451235)
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg <removed>
-CVE-2007-5924
+CVE-2007-5924 (Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-5923
+CVE-2007-5923 (Cross-site scripting (XSS) vulnerability in forms/smpwservices.fcc in  ...)
 	NOT-FOR-US: eTrust SiteMinder Agent
-CVE-2007-5922
+CVE-2007-5922 (The modules/mdop.m in the Cypress 1.0k script for BitchX, as downloade ...)
 	- ircii-pana <not-affected> (Does not ship this script)
-CVE-2007-5921
+CVE-2007-5921 (Unspecified vulnerability in the ioctl interface in the Solaris Volume ...)
 	NOT-FOR-US: Solaris
-CVE-2007-5920
+CVE-2007-5920 (index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote ...)
 	NOT-FOR-US: Domenico Mancini PicoFlat CMS
-CVE-2007-5919
+CVE-2007-5919 (MyWebFTP, possibly 5.3.2, stores sensitive information under the web r ...)
 	NOT-FOR-US: MyWebFTP
-CVE-2007-5918
+CVE-2007-5918 (Cross-site request forgery (CSRF) vulnerability in edit.php in the MS  ...)
 	NOT-FOR-US: MS TopSites
-CVE-2007-5917
+CVE-2007-5917 (Cross-site request forgery (CSRF) vulnerability in admin/admin_account ...)
 	NOT-FOR-US: Skalinks
-CVE-2007-5916
+CVE-2007-5916 (SQL injection vulnerability in the login page in phphelpdesk 0.6.16 al ...)
 	NOT-FOR-US: phphelpdesk
-CVE-2007-5915
+CVE-2007-5915 (Directory traversal vulnerability in index.php in phphelpdesk 0.6.16 a ...)
 	NOT-FOR-US: phphelpdesk
-CVE-2007-5914
+CVE-2007-5914 (Direct static code injection vulnerability in dirsys/modules/config/po ...)
 	NOT-FOR-US: JBC Explorer
-CVE-2007-5913
+CVE-2007-5913 (dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and earlier does not  ...)
 	NOT-FOR-US: JBC Explorer
-CVE-2007-5912
+CVE-2007-5912 (SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote a ...)
 	NOT-FOR-US: jPORTAL
-CVE-2007-5911
+CVE-2007-5911 (Multiple stack-based buffer overflows in the AxMetaStream ActiveX cont ...)
 	NOT-FOR-US: Viewpoint Media Player
-CVE-2007-5910
+CVE-2007-5910 (Stack-based buffer overflow in Autonomy (formerly Verity) KeyView View ...)
 	NOT-FOR-US: IBM Lotus Notes, Symantec Mail Security, and others
-CVE-2007-5909
+CVE-2007-5909 (Multiple stack-based buffer overflows in Autonomy (formerly Verity) Ke ...)
 	NOT-FOR-US: IBM Lotus Notes, Symantec Mail Security, and others
 CVE-2007-5908
 	REJECTED
-CVE-2007-5907
+CVE-2007-5907 (Xen 3.1.1 does not prevent modification of the CR4 TSC from applicatio ...)
 	- xen-3 3.1.2-1 (unimportant; bug #451626)
 	- xen-3.0 <removed> (unimportant)
 	NOTE: CONFIG_SECCOMP isn't activated in Debian kernels
-CVE-2007-5906
+CVE-2007-5906 (Xen 3.1.1 allows virtual guest system users to cause a denial of servi ...)
 	- xen-3 3.1.2-1 (medium; bug #451626)
 	- xen-3.0 <removed>
-CVE-2007-5905
+CVE-2007-5905 (Adobe ColdFusion 8 and MX 7 allows remote attackers to hijack sessions ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2007-5904
+CVE-2007-5904 (Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earli ...)
 	{DSA-1428-1}
 	- linux-2.6 2.6.24-1
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, upstream in 2.6.24)
 	NOTE: Upstream commit 133672efbc1085f9af990bdc145e1822ea93bcf3
 CVE-2007-5903
 	RESERVED
-CVE-2007-5902
+CVE-2007-5902 (Integer overflow in the svcauth_gss_get_principal function in lib/rpc/ ...)
 	- krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
 	NOTE: Not exploitable in real-world circumstances:
 	NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
-CVE-2007-5901
+CVE-2007-5901 (Use-after-free vulnerability in the gss_indicate_mechs function in lib ...)
 	- krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
 	NOTE: Not exploitable in real-world circumstances:
 	NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
-CVE-2007-5900
+CVE-2007-5900 (PHP before 5.2.5 allows local users to bypass protection mechanisms co ...)
 	NOTE: Apparently a dupe of CVE-2007-4659 due to temporary revoke of the patch
 	NOTE: from CVS and later re-introduction
 	NOTE: http://bugs.php.net/bug.php?id=41561
-CVE-2007-5899
+CVE-2007-5899 (The output_add_rewrite_var function in PHP before 5.2.5 rewrites local ...)
 	{DSA-1444-1}
 	- php5 5.2.5-1 (bug #453295)
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/url_scanner_ex.re?r1=1.76.2.2.2.1&r2=1.76.2.2.2.2&view=patch
 	NOTE: fixed in php5/etch svn
-CVE-2007-5898
+CVE-2007-5898 (The (1) htmlentities and (2) htmlspecialchars functions in PHP before  ...)
 	{DSA-1444-1}
 	- php5 5.2.5-1 (bug #453295)
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/html.c?r1=1.111.2.2.2.14&r2=1.111.2.2.2.15&view=patch
 	NOTE: fixed in php5/etch svn
-CVE-2007-5897
+CVE-2007-5897 (Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1,  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5896
+CVE-2007-5896 (Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of s ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security problems
 CVE-2007-5895
@@ -2108,19 +2108,19 @@ CVE-2007-5894
 	- krb5 1.6.dfsg.4~beta1-1 (unimportant; bug #454974)
 	NOTE: Not exploitable in real-world circumstances:
 	NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html
-CVE-2007-5893
+CVE-2007-5893 (HTTPSocket.cpp in the C++ Sockets Library before 2.2.5 allows remote a ...)
 	NOT-FOR-US: Sockets Library
-CVE-2007-5892
+CVE-2007-5892 (Stack-based buffer overflow in the pdg2.dll ActiveX control in SSReade ...)
 	NOT-FOR-US: SSReader
-CVE-2007-5891
+CVE-2007-5891 (Multiple cross-site scripting (XSS) vulnerabilities in jsp/Login.do in ...)
 	NOT-FOR-US: ManageEngine OpManager and OpManager
-CVE-2007-5890
+CVE-2007-5890 (Directory traversal vulnerability in index.php in easyGB 2.1.1 allows  ...)
 	NOT-FOR-US: easyGB
-CVE-2007-5889
+CVE-2007-5889 (Multiple PHP remote file inclusion vulnerabilities in IDMOS 1.0 Alpha  ...)
 	NOT-FOR-US: IDMOS
-CVE-2007-5888
+CVE-2007-5888 (Cross-site scripting (XSS) vulnerability in displayecard.php in Copper ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-5887
+CVE-2007-5887 (SQL injection vulnerability in boards/printer.asp in ASP Message Board ...)
 	NOT-FOR-US: ASP Message Board
 CVE-2007-5886
 	RESERVED
@@ -2168,255 +2168,255 @@ CVE-2007-5865
 	RESERVED
 CVE-2007-5864
 	RESERVED
-CVE-2007-5863
+CVE-2007-5863 (Software Update in Apple Mac OS X 10.5.1 allows remote attackers to ex ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-5862
+CVE-2007-5862 (Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypas ...)
 	NOT-FOR-US: Cisco IP Phone 7940
-CVE-2007-5861
+CVE-2007-5861 (Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allow ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-5860
+CVE-2007-5860 (Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allo ...)
 	NOT-FOR-US: Spin Tracer (Apple Mac OS X)
-CVE-2007-5859
+CVE-2007-5859 (Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allo ...)
 	NOT-FOR-US: Safari RSS (Apple Mac OS X)
-CVE-2007-5858
+CVE-2007-5858 (WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 thro ...)
 	NOT-FOR-US: Safari (Apple Mac OS X)
-CVE-2007-5857
+CVE-2007-5857 (Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from acce ...)
 	NOT-FOR-US: Quick Look (Apple Mac OS X)
-CVE-2007-5856
+CVE-2007-5856 (Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does n ...)
 	NOT-FOR-US: Quick Look (Apple Mac OS X)
-CVE-2007-5855
+CVE-2007-5855 (Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has be ...)
 	NOT-FOR-US: Mail (Apple Mac OS X)
-CVE-2007-5854
+CVE-2007-5854 (Launch Services in Apple Mac OS X 10.4.11 and 10.5.1 does not treat HT ...)
 	NOT-FOR-US: Launch Services (Apple Mac OS X)
-CVE-2007-5853
+CVE-2007-5853 (Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4. ...)
 	NOT-FOR-US: IO Storage Family (Apple Mac OS X)
 CVE-2007-5852
 	RESERVED
-CVE-2007-5851
+CVE-2007-5851 (iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attacke ...)
 	NOT-FOR-US: iChat (Apple Mac OS X)
-CVE-2007-5850
+CVE-2007-5850 (Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4. ...)
 	NOT-FOR-US: Desktop Services (Apple Mac OS X)
-CVE-2007-5849
+CVE-2007-5849 (Integer underflow in the asn1_get_string function in the SNMP back end ...)
 	{DSA-1437-1}
 	- cupsys 1.3.5-1 (medium; bug #457453)
 	- cups 1.3.5-1 (medium; bug #457453)
 	[sarge] - cupsys <not-affected> (Vulnerable code not present)
-CVE-2007-5848
+CVE-2007-5848 (Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin u ...)
 	- cupsys 1.2.0
 	- cups 1.2.0
 	NOTE: This only affects the Cups 1.1 series
 	[sarge] - cupsys <no-dsa> (Minor issue, may only lead to an infinite loop)
-CVE-2007-5847
+CVE-2007-5847 (Race condition in the CFURLWriteDataAndPropertiesToResource API in Cor ...)
 	NOT-FOR-US: Core Foundation (Apple Mac OS X)
-CVE-2007-5846
+CVE-2007-5846 (The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote a ...)
 	{DSA-1483-1 DTSA-88-1}
 	- net-snmp 5.4.1~dfsg-1
 	NOTE: 5.4.1 already includes a fix by the upstream author
-CVE-2007-5845
+CVE-2007-5845 (Directory traversal vulnerability in error.php in GuppY 4.6.3, 4.5.16, ...)
 	NOT-FOR-US: GuppY
-CVE-2007-5844
+CVE-2007-5844 (Directory traversal vulnerability in inc/includes.inc in GuppY 4.6.3 a ...)
 	NOT-FOR-US: GuppY
-CVE-2007-5843
+CVE-2007-5843 (PHP remote file inclusion vulnerability in includes/common.php in scWi ...)
 	NOT-FOR-US: scWiki
-CVE-2007-5842
+CVE-2007-5842 (Multiple PHP remote file inclusion vulnerabilities in Vortex Portal 1. ...)
 	NOT-FOR-US: Vortex Portal
-CVE-2007-5841
+CVE-2007-5841 (PHP remote file inclusion vulnerability in admin/index.php in nuBoard  ...)
 	NOT-FOR-US: nuBoard
-CVE-2007-5840
+CVE-2007-5840 (PHP remote file inclusion vulnerability in starnet/themes/c-sky/main.i ...)
 	NOT-FOR-US: SyndeoCMS
-CVE-2007-5838
+CVE-2007-5838 (Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 a ...)
 	NOT-FOR-US: Symantec
-CVE-2007-5837
+CVE-2007-5837 (GUI.pm in yarssr 0.2.2, when Gnome default URL handling is disabled, a ...)
 	{DSA-1477-1}
 	- yarssr 0.2.2-3 (bug #448721)
-CVE-2007-5836
+CVE-2007-5836 (SQL injection vulnerability in Amazing Flash AFCommerce allows remote  ...)
 	NOT-FOR-US: Amazing Flash AFCommerce
-CVE-2007-5835
+CVE-2007-5835 (Install.php in BosDev BosNews 4 and 5 does not require authentication  ...)
 	NOT-FOR-US: BosDev BosNews
-CVE-2007-5834
+CVE-2007-5834 (Cross-site scripting (XSS) vulnerability in BosDev BosNews 4 allows re ...)
 	NOT-FOR-US: BosDev BosNews
-CVE-2007-5833
+CVE-2007-5833 (Multiple cross-site scripting (XSS) vulnerabilities in BosDev BosMarke ...)
 	NOT-FOR-US: BosDev BosMarket Business Directory System
-CVE-2007-5832
+CVE-2007-5832 (Unspecified vulnerability in selectLanguage.do in SSL-Explorer before  ...)
 	NOT-FOR-US: SSL-Explorer
-CVE-2007-5831
+CVE-2007-5831 (Directory traversal vulnerability in fileSystem.do in SSL-Explorer bef ...)
 	NOT-FOR-US: SSL-Explorer
-CVE-2007-5830
+CVE-2007-5830 (Unspecified vulnerability in the administrative interface in Avaya Mes ...)
 	NOT-FOR-US: Avaya Messaging Storage Server
-CVE-2007-5829
+CVE-2007-5829 (The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10. ...)
 	NOT-FOR-US: Symantec AntiVirus
 CVE-2007-5828
 	- python-django 1.2.1 (unimportant)
 	NOTE: this is documented in docs/csrf.txt included in the python-django package and
 	NOTE: there is a plugin enabling this feature. This is intended behaviour pre-1.2.
 	NOTE: https://docs.djangoproject.com/en/1.10/ref/csrf/#using-csrf
-CVE-2007-5827
+CVE-2007-5827 (iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for ...)
 	{DTSA-106-1}
 	- iscsitarget 0.4.15-5 (bug #448873)
 	NOTE: init script has "dump" function, which marks conffile correctly
-CVE-2007-5826
+CVE-2007-5826 (Absolute path traversal vulnerability in the EDraw Flowchart ActiveX c ...)
 	NOT-FOR-US: EDraw Flowchart
-CVE-2007-5825
+CVE-2007-5825 (Format string vulnerability in the ws_addarg function in webserver.c i ...)
 	{DSA-1597-1}
 	- mt-daapd 0.9~r1696-1 (bug #459961)
-CVE-2007-5824
+CVE-2007-5824 (webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allo ...)
 	{DSA-1597-1}
 	- mt-daapd 0.9~r1696-1.1 (bug #459961)
-CVE-2007-5823
+CVE-2007-5823 (Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 an ...)
 	NOT-FOR-US: Ben Ng Scribe
-CVE-2007-5822
+CVE-2007-5822 (Direct static code injection vulnerability in forum.php in Ben Ng Scri ...)
 	NOT-FOR-US: Ben Ng Scribe
-CVE-2007-5821
+CVE-2007-5821 (Multiple directory traversal vulnerabilities in DM Guestbook 0.4.1 and ...)
 	NOT-FOR-US: DM Guestbook
-CVE-2007-5820
+CVE-2007-5820 (Directory traversal vulnerability in index.php in Ax Developer CMS (Ax ...)
 	NOT-FOR-US: Ax Developer CMS
-CVE-2007-5819
+CVE-2007-5819 (IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak  ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2007-5818
+CVE-2007-5818 (Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php  ...)
 	NOT-FOR-US: sBlog
-CVE-2007-5817
+CVE-2007-5817 (dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attack ...)
 	NOT-FOR-US: CONTENTCustomizer
-CVE-2007-5816
+CVE-2007-5816 (dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attack ...)
 	NOT-FOR-US: CONTENTCustomizer
-CVE-2007-5815
+CVE-2007-5815 (Absolute path traversal vulnerability in the WebCacheCleaner ActiveX c ...)
 	NOT-FOR-US: WebCacheCleaner
-CVE-2007-5814
+CVE-2007-5814 (Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunc ...)
 	NOT-FOR-US: SonicWall SSL-VPN NetExtender
-CVE-2007-5813
+CVE-2007-5813 (Multiple directory traversal vulnerabilities in download.php in ISPwor ...)
 	NOT-FOR-US: ISPworker
-CVE-2007-5812
+CVE-2007-5812 (Directory traversal vulnerability in modules/Builder/DownloadModule.ph ...)
 	NOT-FOR-US: ModuleBuilder
 CVE-2007-5811
 	NOT-FOR-US: phpMyConferences
-CVE-2007-5810
+CVE-2007-5810 (Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminex ...)
 	NOT-FOR-US: Hitachi Web Server
-CVE-2007-5809
+CVE-2007-5809 (Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 t ...)
 	NOT-FOR-US: Hitachi Web Server
-CVE-2007-5808
+CVE-2007-5808 (Unspecified vulnerability in the Groupmax Collaboration - Schedule com ...)
 	NOT-FOR-US: Hitachi Groupmax Collaboration Portal
-CVE-2007-5807
+CVE-2007-5807 (Buffer overflow in the register function in Ultra Star Reader ActiveX  ...)
 	NOT-FOR-US: SSReader
-CVE-2007-5806
+CVE-2007-5806 (Cross-site scripting (XSS) vulnerability in Services/Utilities/classes ...)
 	NOT-FOR-US: ILIAS
-CVE-2007-5805
+CVE-2007-5805 (cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-5804
+CVE-2007-5804 (cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-5803
+CVE-2007-5803 (Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in ...)
 	{DSA-1883-2 DSA-1883-1}
 	- nagios2 <removed> (low; bug #482445)
 	- nagios3 3.0.2-1 (low; bug #485439)
-CVE-2007-5802
+CVE-2007-5802 (Directory traversal vulnerability in index.php in Firewolf Technologie ...)
 	NOT-FOR-US: Firewolf Technologies Synergiser
-CVE-2007-5801
+CVE-2007-5801 (Unspecified vulnerability in WORK system e-commerce before 4.0.2 has u ...)
 	NOT-FOR-US: WORK system e-commerce
-CVE-2007-5800
+CVE-2007-5800 (Multiple PHP remote file inclusion vulnerabilities in the BackUpWordPr ...)
 	NOT-FOR-US: BackUpWordPress
-CVE-2007-5799
+CVE-2007-5799 (Multiple cross-site request forgery (CSRF) vulnerabilities in uddigui/ ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-5798
+CVE-2007-5798 (Multiple cross-site scripting (XSS) vulnerabilities in uddigui/navigat ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-5797
+CVE-2007-5797 (SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an ex ...)
 	- geronimo <itp> (bug #481869)
-CVE-2007-5796
+CVE-2007-5796 (Cross-site scripting (XSS) vulnerability in the management console in  ...)
 	NOT-FOR-US: Blue Coat ProxySG
-CVE-2007-5794
+CVE-2007-5794 (Race condition in nss_ldap, when used in applications that are linked  ...)
 	{DSA-1430-1}
 	- libnss-ldap 256-1 (bug #453868)
-CVE-2007-5839
+CVE-2007-5839 (The e_hostname function in commands.c in BitchX 1.1a allows local user ...)
 	- ircii-pana <removed> (low; bug #449149)
 	[etch] - ircii-pana <no-dsa> (Minor issue)
 	[sarge] - ircii-pana <no-dsa> (Minor issue)
-CVE-2007-5795
+CVE-2007-5795 (The hack-local-variables function in Emacs before 22.2, when enable-lo ...)
 	{DTSA-79-1}
 	- emacs22 22.1+1-2.1 (medium; bug #449008)
 	NOTE: Emacs 21 is not affected
-CVE-2007-5793
+CVE-2007-5793 (Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/ ...)
 	NOT-FOR-US: Stonesoft StoneGate IPS
-CVE-2007-5792
+CVE-2007-5792 (The Vonage Motorola Phone Adapter VT 2142-VD does not encrypt RTP pack ...)
 	NOT-FOR-US: Vonage Motorola Phone Adapter
-CVE-2007-5791
+CVE-2007-5791 (The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify  ...)
 	NOT-FOR-US: Vonage Motorola Phone Adapter
-CVE-2007-5790
+CVE-2007-5790 (The Globe7 soft phone client 7.3 uses weak cryptography (reversed sequ ...)
 	NOT-FOR-US: Globe7 soft phone client
-CVE-2007-5789
+CVE-2007-5789 (The Grandstream HT-488 0.1 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Grandstream HT-488
-CVE-2007-5788
+CVE-2007-5788 (Buffer overflow in the SIP parser on the Grandstream HT-488 0.1 allows ...)
 	NOT-FOR-US: Grandstream HT-488
-CVE-2007-5787
+CVE-2007-5787 (Micro Login System 1.0 stores sensitive information under the web root ...)
 	NOT-FOR-US: Micro Login System
-CVE-2007-5786
+CVE-2007-5786 (Multiple PHP remote file inclusion vulnerabilities in GoSamba 1.0.1 al ...)
 	NOT-FOR-US: GoSamba
-CVE-2007-5785
+CVE-2007-5785 (SQL injection vulnerability in file.php in JobSite Professional 2.0 al ...)
 	NOT-FOR-US: JobSite
-CVE-2007-5784
+CVE-2007-5784 (PHP remote file inclusion vulnerability in index.php in CaupoShop Pro  ...)
 	NOT-FOR-US: CaupoShop Pro
-CVE-2007-5783
+CVE-2007-5783 (SQL injection vulnerability in emc.asp in emagiC CMS.Net 4.0 allows re ...)
 	NOT-FOR-US: emagiC cms
-CVE-2007-5782
+CVE-2007-5782 (Directory traversal vulnerability in dl.php in FireConfig 0.5 allows r ...)
 	NOT-FOR-US: FireConfig
-CVE-2007-5781
+CVE-2007-5781 (PHP remote file inclusion vulnerability in inc/sige_init.php in Sige 0 ...)
 	NOT-FOR-US: Sige
-CVE-2007-5780
+CVE-2007-5780 (PHP remote file inclusion vulnerability in pub/pub08_comments.php in t ...)
 	NOT-FOR-US: teatro
-CVE-2007-5779
+CVE-2007-5779 (Buffer overflow in the GomManager (GomWeb Control) ActiveX control in  ...)
 	NOT-FOR-US: Gretech Online Movie Player
-CVE-2007-5778
+CVE-2007-5778 (Mobile Spy (1) stores login credentials in cleartext under the Retinax ...)
 	NOT-FOR-US: Mobile Spy
-CVE-2007-5777
+CVE-2007-5777 (Blue-Collar Productions i-Gallery 3.4 stores sensitive information und ...)
 	NOT-FOR-US: Blue-Collar Productions i-Gallery
-CVE-2007-5776
+CVE-2007-5776 (Directory traversal vulnerability in igallery.asp in Blue-Collar Produ ...)
 	NOT-FOR-US: Blue-Collar Productions i-Gallery
-CVE-2007-5775
+CVE-2007-5775 (Unspecified vulnerability in BitDefender allows attackers to execute a ...)
 	NOT-FOR-US: BitDefender
-CVE-2007-5774
+CVE-2007-5774 (index.php in the File Manager module in Flatnuke 3 allows remote attac ...)
 	NOT-FOR-US: Flatnuke
-CVE-2007-5773
+CVE-2007-5773 (Cross-site request forgery (CSRF) vulnerability in index.php in the Fi ...)
 	NOT-FOR-US: Flatnuke
-CVE-2007-5772
+CVE-2007-5772 (Direct static code injection vulnerability in the download module in F ...)
 	NOT-FOR-US: Flatnuke
-CVE-2007-5771
+CVE-2007-5771 (Flatnuke 3 (aka FlatnuX) allows remote attackers to obtain administrat ...)
 	NOT-FOR-US: Flatnuke
-CVE-2007-5770
+CVE-2007-5770 (The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, an ...)
 	{DSA-1412-1 DSA-1411-1 DSA-1410-1}
 	- ruby1.9 1.9.0+20071016-1
 	- ruby1.8 1.8.6.111-1 (low; bug #451374)
-CVE-2007-5769
+CVE-2007-5769 (Double free vulnerability in the getreply function in ftp.c in netkit  ...)
 	- netkit-ftp <not-affected> (Vulnerable code not present)
-CVE-2007-5768
+CVE-2007-5768 (The Globe7 soft phone client 7.3 sends username and password informati ...)
 	NOT-FOR-US: Globe7 soft phone client
-CVE-2007-5767
+CVE-2007-5767 (Heap-based buffer overflow in the Client Trust application (clntrust.e ...)
 	NOT-FOR-US: Geronimo Apache
-CVE-2007-5766
+CVE-2007-5766 (SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 1 ...)
 	NOT-FOR-US: Oracle
 CVE-2007-5765
 	RESERVED
-CVE-2007-5764
+CVE-2007-5764 (Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2,  ...)
 	NOT-FOR-US: IBM AIX
 CVE-2007-5763
 	REJECTED
-CVE-2007-5762
+CVE-2007-5762 (NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, al ...)
 	NOT-FOR-US: Novell NetWare Client
-CVE-2007-5761
+CVE-2007-5761 (The NantSys device 5.0.0.115 in Motorola netOctopus 5.1.2 build 1011 h ...)
 	NOT-FOR-US: Motorola netOctopus
-CVE-2007-5760
+CVE-2007-5760 (Array index error in the XFree86-Misc extension in X.Org Xserver befor ...)
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
 CVE-2007-5759
 	REJECTED
-CVE-2007-5758
+CVE-2007-5758 (Stack-based buffer overflow in db2dasrrm in the DB2 Administration Ser ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-5757
+CVE-2007-5757 (Untrusted search path vulnerability in db2pd in IBM DB2 Universal Data ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-5756
+CVE-2007-5756 (Multiple array index errors in the bpf_filter_init function in NPF.SYS ...)
 	NOT-FOR-US: WinPcap
-CVE-2007-5755
+CVE-2007-5755 (Multiple stack-based buffer overflows in the AOL AmpX ActiveX control  ...)
 	NOT-FOR-US: AOL Radio
-CVE-2007-5754
+CVE-2007-5754 (PHP remote file inclusion vulnerability in urlinn_includes/config.php  ...)
 	NOT-FOR-US: phpFaber
-CVE-2007-5753
+CVE-2007-5753 (Unspecified vulnerability in Light FMan PHP (lfman or lightfman) befor ...)
 	NOT-FOR-US: Light FMan PHP
-CVE-2007-5752
+CVE-2007-5752 (adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does  ...)
 	NOT-FOR-US: PHP-AGTC Membership
 CVE-2007-5750
 	RESERVED
@@ -2424,13 +2424,13 @@ CVE-2007-5749
 	RESERVED
 CVE-2007-5748
 	RESERVED
-CVE-2007-5747
+CVE-2007-5747 (Integer underflow in OpenOffice.org before 2.4 allows remote attackers ...)
 	{DSA-1547-1}
 	- openoffice.org 2.4.0~ooh680m5-1
-CVE-2007-5746
+CVE-2007-5746 (Integer overflow in OpenOffice.org before 2.4 allows remote attackers  ...)
 	{DSA-1547-1}
 	- openoffice.org 2.4.0~ooh680m5-1
-CVE-2007-5745
+CVE-2007-5745 (Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allo ...)
 	{DSA-1547-1}
 	- openoffice.org 2.4.0~ooh680m5-1
 CVE-2007-5744
@@ -2438,197 +2438,197 @@ CVE-2007-5744
 CVE-2007-5743
 	RESERVED
 	- viewvc 1.0.3-2.1 (bug #416696)
-CVE-2007-5742
+CVE-2007-5742 (Directory traversal vulnerability in the WML engine preprocessor for W ...)
 	{DSA-1421-1 DTSA-90-1}
 	- wesnoth 1:1.2.8-1 (medium; bug #453500)
-CVE-2007-5741
+CVE-2007-5741 (Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers  ...)
 	{DSA-1405-2 DSA-1405-1}
 	- zope-cmfplone 2.5.2-2 (bug #449523)
 	[sarge] - zope-cmfplone <not-affected> (Upstream confirms that 2.0 branch is not vulnerable)
 	NOTE: Fix available:
 	NOTE: http://plone.org/about/security/advisories/cve-2007-5741
-CVE-2007-5740
+CVE-2007-5740 (The format string protection mechanism in IMAPD for Perdition Mail Ret ...)
 	{DSA-1398-1 DTSA-84-1}
 	- perdition 1.17.1-1 (medium; bug #448853)
-CVE-2007-5751
+CVE-2007-5751 (Liferea before 1.4.6 uses weak permissions (0644) for the feedlist.opm ...)
 	{DTSA-107-1}
 	- liferea 1.4.6-1 (low; bug #448850)
 	[etch] - liferea <not-affected> (backup feedlist introduced in 1.2.7)
 	[sarge] - liferea <not-affected> (backup feedlist introduced in 1.2.7)
 	NOTE: this file can contain credentials for rss feeds
-CVE-2007-5739
+CVE-2007-5739 (Directory traversal vulnerability in component/flashupload/download.js ...)
 	NOT-FOR-US: Korean GHBoard
-CVE-2007-5738
+CVE-2007-5738 (The FlashUpload component in Korean GHBoard uses a client-side protect ...)
 	NOT-FOR-US: Korean GHBoard
-CVE-2007-5737
+CVE-2007-5737 (Unrestricted file upload vulnerability in component/upload.jsp in Kore ...)
 	NOT-FOR-US: Korean GHBoard
-CVE-2007-5736
+CVE-2007-5736 (Unrestricted file upload vulnerability in upload.php in SeeBlick 1.0 B ...)
 	NOT-FOR-US: SeeBlick
-CVE-2007-5735
+CVE-2007-5735 (eFileMan 7.1.0.87-88 stores sensitive information under the web root w ...)
 	NOT-FOR-US: eFileMan
-CVE-2007-5734
+CVE-2007-5734 (Unrestricted file upload vulnerability in eFileMan 7.1.0.87-88 allows  ...)
 	NOT-FOR-US: eFileMan
-CVE-2007-5733
+CVE-2007-5733 (Unrestricted file upload vulnerability in upload/upload.php in Japanes ...)
 	NOT-FOR-US: Japanese PHP Gallery Hosting
-CVE-2007-5732
+CVE-2007-5732 (Directory traversal vulnerability in downloadfile.php in eLouai's Forc ...)
 	NOT-FOR-US: eLouai's Force Download
-CVE-2007-5731
+CVE-2007-5731 (Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and  ...)
 	- slide-webdavclient <not-affected> (Vulnerable code is only in the server part, but debian only has the client part)
-CVE-2007-5730
+CVE-2007-5730 (Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly  ...)
 	{DSA-1284-1}
 	- qemu 0.9.0-2 (bug #424070)
 	- kvm 72+dfsg-1
 	- linux-2.6 <not-affected> (vulnerability does not affected kernel module)
 	- linux-2.6.24 <not-affected> (vulnerability does not affected kernel module)
-CVE-2007-5729
+CVE-2007-5729 (The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitr ...)
 	{DSA-1284-1}
 	- qemu 0.9.0-2 (bug #424070)
 	- kvm 72+dfsg-1
 	- linux-2.6 <not-affected> (vulnerability does not affected kernel module)
 	- linux-2.6.24 <not-affected> (vulnerability does not affected kernel module)
-CVE-2007-5728
+CVE-2007-5728 (Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, a ...)
 	{DSA-1693-1}
 	- phppgadmin 4.1.3-0.1 (bug #449103; low)
-CVE-2007-5727
+CVE-2007-5727 (Incomplete blacklist vulnerability in the stripScripts function in com ...)
 	NOT-FOR-US: OneOrZero Helpdesk
-CVE-2007-5726
+CVE-2007-5726 (Unspecified vulnerability in the Stream Control Transmission Protocol  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-5725
+CVE-2007-5725 (Multiple cross-site scripting (XSS) vulnerabilities in Smart-Shop allo ...)
 	NOT-FOR-US: Smart-Shop
-CVE-2007-5724
+CVE-2007-5724 (Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live a ...)
 	NOT-FOR-US: Omnistar Live
-CVE-2007-5723
+CVE-2007-5723 (Heap-based buffer overflow in the samp_send function in nuauth/sasl.c  ...)
 	{DTSA-82-1}
 	- nufw 2.2.7-1 (low)
 	[etch] - nufw <not-affected> (Vulnerable code not present)
-CVE-2007-5722
+CVE-2007-5722 (Stack-based buffer overflow in a certain ActiveX control in GLChat.ocx ...)
 	NOT-FOR-US: GlobalLink
-CVE-2007-5721
+CVE-2007-5721 (PHP remote file inclusion vulnerability in _theme/breadcrumb.php in My ...)
 	NOT-FOR-US: MySpacePros MySpace Resource Script
-CVE-2007-5720
+CVE-2007-5720 (Unrestricted file upload vulnerability in the profiles script in Profi ...)
 	NOT-FOR-US: ProfileCMS
-CVE-2007-5719
+CVE-2007-5719 (SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows ...)
 	NOT-FOR-US: miniBB
-CVE-2007-5717
+CVE-2007-5717 (Unspecified vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded L ...)
 	NOT-FOR-US: Sun Fire
-CVE-2007-5716
+CVE-2007-5716 (Unspecified vulnerability in the Internet Protocol (IP) functionality  ...)
 	NOT-FOR-US: Sun Solaris 10
-CVE-2007-5715
+CVE-2007-5715 (DenyHosts 2.6 processes OpenSSH sshd "not listed in AllowUsers" log me ...)
 	- denyhosts 2.6-2 (low)
 	[etch] - denyhosts <no-dsa> (Minor issue)
 	NOTE: bug was fixed with 06_permit_rootlogin_no.dpatch
-CVE-2007-5714
+CVE-2007-5714 (The Gentoo ebuild of MLDonkey before 2.9.0-r3 has a p2p user account w ...)
 	- mldonkey <not-affected> (Gentoo-specific packaging flaw)
-CVE-2007-5713
+CVE-2007-5713 (Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for ...)
 	NOT-FOR-US: Half-Life Server
-CVE-2007-5712
+CVE-2007-5712 (The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1 ...)
 	{DSA-1640-1}
 	- python-django 0.96-1.1 (low; bug #448838)
-CVE-2007-5711
+CVE-2007-5711 (Massive Entertainment World in Conflict 1.001 and earlier allows remot ...)
 	NOT-FOR-US: Conflict
-CVE-2007-5710
+CVE-2007-5710 (Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.ph ...)
 	- wordpress 2.3.1-1 (unimportant)
 	NOTE: requires register_globals On, which we don't support
-CVE-2007-5709
+CVE-2007-5709 (Stack-based buffer overflow in Sony SonicStage CONNECT Player (CP) 4.3 ...)
 	NOT-FOR-US: Sony SonicStage CONNECT Player
-CVE-2007-5718
+CVE-2007-5718 (vobcopy 0.5.14 allows local users to append data to an arbitrary file, ...)
 	- vobcopy 1.0.2-1 (low; bug #448319)
 	[etch] - vobcopy <no-dsa> (Minor issue)
 	[sarge] - vobcopy <no-dsa> (Minor issue)
-CVE-2007-5706
+CVE-2007-5706 (Absolute path traversal vulnerability in download.php in Jeebles Direc ...)
 	NOT-FOR-US: Jeebles
-CVE-2007-5705
+CVE-2007-5705 (Unspecified vulnerability in the Settings component in the administrat ...)
 	NOT-FOR-US: Jeebles
-CVE-2007-5704
+CVE-2007-5704 (Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event ...)
 	NOT-FOR-US: CodeWidgets
-CVE-2007-5703
+CVE-2007-5703 (Multiple cross-site scripting (XSS) vulnerabilities in (1) Request-spk ...)
 	NOT-FOR-US: RSA KEON
-CVE-2007-5702
+CVE-2007-5702 (Cross-site scripting (XSS) vulnerability in swamp/action/LoginActions  ...)
 	NOT-FOR-US: SWAMP OpenSUSE
-CVE-2007-5701
+CVE-2007-5701 (Incomplete blacklist vulnerability in the Certificate Authority (CA) i ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-5700
+CVE-2007-5700 (The Evaluate LotusScript method in IBM Lotus Domino before 7.0.3 uses  ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-5699
+CVE-2007-5699 (Stack-based buffer overflow in eIQNetworks Enterprise Security Analyze ...)
 	NOT-FOR-US: eIQNetworks
-CVE-2007-5698
+CVE-2007-5698 (Cross-site scripting (XSS) vulnerability in default.asp in CREApark GO ...)
 	NOT-FOR-US: CREApark GOLD KOY PORTALI
-CVE-2007-5697
+CVE-2007-5697 (Multiple PHP remote file inclusion vulnerabilities in PHP Image 1.2 al ...)
 	NOT-FOR-US: phpImage
-CVE-2007-5696
+CVE-2007-5696 (PHP remote file inclusion vulnerability in includes.php in phpBasic al ...)
 	NOT-FOR-US: phpBasic
-CVE-2007-5695
+CVE-2007-5695 (Open redirect vulnerability in command.php in SiteBar 3.3.8 allows rem ...)
 	{DSA-1423-1}
 	- sitebar 3.3.8-12.1 (low; bug #448690)
 	NOTE: there is no real exploit scenario
-CVE-2007-5694
+CVE-2007-5694 (Absolute path traversal vulnerability in the translation module (trans ...)
 	{DSA-1423-1}
 	- sitebar 3.3.8-12.1 (low; bug #447135)
-CVE-2007-5693
+CVE-2007-5693 (Eval injection vulnerability in the translation module (translator.php ...)
 	{DSA-1423-1}
 	- sitebar 3.3.8-12.1 (low; bug #447135)
-CVE-2007-5692
+CVE-2007-5692 (Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 a ...)
 	{DSA-1423-1}
 	- sitebar 3.3.8-12.1 (low; bug #448689)
-CVE-2007-5691
+CVE-2007-5691 (ParseFTPList.cpp in Mozilla Firefox 2.0.0.7 allows remote FTP servers  ...)
 	- iceweasel 2.0.0.8-1 (unimportant)
 	NOTE: Browser crashes not treated as security problems
 CVE-2007-5690
 	- zaptel 1:1.4.8~dfsg-1 (unimportant; bug #448763)
 	NOTE: zaptel does copy argv[1] into ifr_name but zaptel is not suid root or something
 	NOTE: similar so this is no security issue in Debian even if sethdl-new will segfault
-CVE-2007-5689
+CVE-2007-5689 (The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) i ...)
 	- sun-java6 6-03-1 (medium)
 	- sun-java5 1.5.0-13-1 (medium)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5688
+CVE-2007-5688 (Multiple SQL injection vulnerabilities in directory.php in the Multi-F ...)
 	NOT-FOR-US: Multi Host Forum Pro
-CVE-2007-5687
+CVE-2007-5687 (Multiple buffer overflows in the rich text processing functionality in ...)
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2007-5686
+CVE-2007-5686 (initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...)
 	- shadow <unfixed> (unimportant)
 	NOTE: See #290803, on Debian LOG_UNKFAIL_ENAB in login.defs is set to no so
 	NOTE: unknown usernames are not recorded on login failures
-CVE-2007-5685
+CVE-2007-5685 (The safe_path function in shttp before 0.0.5 allows remote attackers t ...)
 	NOT-FOR-US: shttp
-CVE-2007-5684
+CVE-2007-5684 (Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and e ...)
 	- tikiwiki <removed>
-CVE-2007-5683
+CVE-2007-5683 (Multiple cross-site scripting (XSS) vulnerabilities in TikiWiki 1.9.8. ...)
 	- tikiwiki <removed>
-CVE-2007-5682
+CVE-2007-5682 (Incomplete blacklist vulnerability in tiki-graph_formula.php in TikiWi ...)
 	- tikiwiki <removed>
 CVE-2007-5681
 	RESERVED
 CVE-2007-5680
 	RESERVED
-CVE-2007-5707
+CVE-2007-5707 (OpenLDAP before 2.3.39 allows remote attackers to cause a denial of se ...)
 	{DSA-1541-1}
 	- openldap2.3 2.3.38-1 (medium; bug #440632)
 	- openldap2.2 <removed>
 	- openldap2 <not-affected> (slapd not built)
-CVE-2007-5708
+CVE-2007-5708 (slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, w ...)
 	{DSA-1541-1 DTSA-87-1}
 	- openldap2.3 2.3.39-1 (medium; bug #448644)
-CVE-2007-2983
+CVE-2007-2983 (Multiple buffer overflows in the British Telecommunications Consumer w ...)
 	NOT-FOR-US: British Telecommunications Consumer webhelper
-CVE-2007-5679
+CVE-2007-5679 (SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Be ...)
 	NOT-FOR-US: DM CMS
-CVE-2007-5678
+CVE-2007-5678 (SQL injection vulnerability in the Music module in phpBasic allows rem ...)
 	NOT-FOR-US: phpBasic
-CVE-2007-5677
+CVE-2007-5677 (Cross-site scripting (XSS) vulnerability in shoutbox/blocco.php in Hac ...)
 	NOT-FOR-US: Hackish
-CVE-2007-5676
+CVE-2007-5676 (PHP remote file inclusion vulnerability in modules/Forums/favorites.ph ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-5675
+CVE-2007-5675 (Stack-based buffer overflow in the DebugPrint function in MultiXTpm Ap ...)
 	NOT-FOR-US: MultiXTpm Application Server
-CVE-2007-5674
+CVE-2007-5674 (Directory traversal vulnerability in index.php in InstaGuide Weather ( ...)
 	NOT-FOR-US: InstaGuide Weather
-CVE-2007-5673
+CVE-2007-5673 (Cross-site scripting (XSS) vulnerability in cgi-bin/webif.exe in ifnet ...)
 	NOT-FOR-US: ifnet WebIf
 CVE-2007-5672
 	RESERVED
-CVE-2007-5671
+CVE-2007-5671 (HGFS.sys in the VMware Tools package in VMware Workstation 5.x before  ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
 CVE-2007-5670
 	REJECTED
@@ -2636,235 +2636,235 @@ CVE-2007-5669
 	RESERVED
 CVE-2007-5668
 	RESERVED
-CVE-2007-5667
+CVE-2007-5667 (NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, ...)
 	NOT-FOR-US: Novell Client
-CVE-2007-5666
+CVE-2007-5666 (Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2007-5665
+CVE-2007-5665 (STEngine.exe 3.5.0.20 in Novell ZENworks Endpoint Security Management  ...)
 	NOT-FOR-US: Novell ZENworks Endpoint Security Management
-CVE-2007-5664
+CVE-2007-5664 (db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-5663
+CVE-2007-5663 (Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2007-5662
 	RESERVED
-CVE-2007-5661
+CVE-2007-5661 (The Macrovision InstallShield InstallScript One-Click Install (OCI) Ac ...)
 	NOT-FOR-US: Macrovision InstallShield
-CVE-2007-5660
+CVE-2007-5660 (Unspecified vulnerability in the Update Service ActiveX control in isu ...)
 	NOT-FOR-US: MacroVision FLEXnet Connect and InstallShield 2008
-CVE-2007-5659
+CVE-2007-5659 (Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlie ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2007-5658
+CVE-2007-5658 (Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and ea ...)
 	NOT-FOR-US: TIBCO SmartSockets RTserver
-CVE-2007-5657
+CVE-2007-5657 (TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, a ...)
 	NOT-FOR-US: TIBCO SmartSockets RTserver
-CVE-2007-5656
+CVE-2007-5656 (TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, a ...)
 	NOT-FOR-US: TIBCO SmartSockets RTserver
-CVE-2007-5655
+CVE-2007-5655 (TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, a ...)
 	NOT-FOR-US: TIBCO SmartSockets RTserver
-CVE-2007-5654
+CVE-2007-5654 (LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger u ...)
 	NOT-FOR-US: LiteSpeed
-CVE-2007-5653
+CVE-2007-5653 (The Component Object Model (COM) functions in PHP 5.x on Windows do no ...)
 	- php5 <not-affected> (windows only)
-CVE-2007-5652
+CVE-2007-5652 (IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-5651
+CVE-2007-5651 (Unspecified vulnerability in the Extensible Authentication Protocol (E ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2007-5650
+CVE-2007-5650 (Directory traversal vulnerability in system.php in ReloadCMS 1.2.7 all ...)
 	NOT-FOR-US: ReloadCMS
-CVE-2007-5649
+CVE-2007-5649 (Cross-site scripting (XSS) vulnerability in lostpwd.php in Creative Di ...)
 	NOT-FOR-US: Creative Digital Resources SocketMail
-CVE-2007-5648
+CVE-2007-5648 (Multiple cross-site scripting (XSS) vulnerabilities in rnote.php in rN ...)
 	NOT-FOR-US: rnote
-CVE-2007-5647
+CVE-2007-5647 (Multiple cross-site scripting (XSS) vulnerabilities in SocketKB 1.1.5  ...)
 	NOT-FOR-US: SocketKB
-CVE-2007-5646
+CVE-2007-5646 (SQL injection vulnerability in Sources/Search.php in Simple Machines F ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2007-5644
+CVE-2007-5644 (Lussumo Vanilla 1.1.3 and earlier does not require admin privileges fo ...)
 	NOT-FOR-US: Lussumo Vanilla
-CVE-2007-5643
+CVE-2007-5643 (Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and ea ...)
 	NOT-FOR-US: Lussumo Vanilla
-CVE-2007-5642
+CVE-2007-5642 (Multiple directory traversal vulnerabilities in PHP Project Management ...)
 	NOT-FOR-US: PHP Project Management
-CVE-2007-5641
+CVE-2007-5641 (Multiple PHP remote file inclusion vulnerabilities in PHP Project Mana ...)
 	NOT-FOR-US: PHP Project Management
-CVE-2007-5640
+CVE-2007-5640 (The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional N ...)
 	NOT-FOR-US: Nortel VOIP products
-CVE-2007-5639
+CVE-2007-5639 (The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel ...)
 	NOT-FOR-US: Nortel VOIP products
-CVE-2007-5638
+CVE-2007-5638 (The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional N ...)
 	NOT-FOR-US: Nortel VOIP products
-CVE-2007-5637
+CVE-2007-5637 (The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional N ...)
 	NOT-FOR-US: Nortel VOIP products
-CVE-2007-5636
+CVE-2007-5636 (Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows remote  ...)
 	NOT-FOR-US: Nortel VOIP products
-CVE-2007-5635
+CVE-2007-5635 (Multiple unspecified vulnerabilities in Salford Software Support Incid ...)
 	NOT-FOR-US: Salford Software Support Incident Tracke
-CVE-2007-5634
+CVE-2007-5634 (Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on  ...)
 	NOT-FOR-US: SpeedFan
-CVE-2007-5633
+CVE-2007-5633 (Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on  ...)
 	NOT-FOR-US: SpeedFan
-CVE-2007-5632
+CVE-2007-5632 (Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 th ...)
 	NOT-FOR-US: Solaris
-CVE-2007-5631
+CVE-2007-5631 (Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator ...)
 	NOT-FOR-US: PeopleAggregator
-CVE-2007-5630
+CVE-2007-5630 (SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.1 ...)
 	NOT-FOR-US: BBsProcesS BBPortalS
-CVE-2007-5629
+CVE-2007-5629 (Cross-site scripting (XSS) vulnerability in admin/logon.asp in Shoppin ...)
 	NOT-FOR-US: ShoppingTree CandyPress Store #
-CVE-2007-5628
+CVE-2007-5628 (PHP remote file inclusion vulnerability in src/scripture.php in The On ...)
 	NOT-FOR-US: TOWeLS
-CVE-2007-5627
+CVE-2007-5627 (PHP remote file inclusion vulnerability in content/fnc-readmail3.php i ...)
 	NOT-FOR-US: Socketmail
-CVE-2007-5626
+CVE-2007-5626 (make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MyS ...)
 	- bacula 5.0.0-1 (unimportant; bug #446809)
 	NOTE: this script needs the default database password and name needs to be set which
 	NOTE: would be a bigger problem in a non-trusted environment. Apart from
 	NOTE: this is documented in the bacula documentation
 	NOTE: Since bacula 5.0.0 "make_catalog_backup.pl" is used by default, which is not affected
-CVE-2007-5625
+CVE-2007-5625 (Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site S ...)
 	NOT-FOR-US: Site Search SearchSimon Lite
-CVE-2007-5624
+CVE-2007-5624 (Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 all ...)
 	{DSA-1883-2 DSA-1883-1}
 	- nagios2 2.9-1.1 (low; bug #448371)
-CVE-2007-5623
+CVE-2007-5623 (Buffer overflow in the check_snmp function in Nagios Plugins (nagios-p ...)
 	{DSA-1495-1}
 	- nagios-plugins 1.4.8-2.2 (medium; bug #448372)
 	[sarge] - nagios-plugins <not-affected> (Vulnerable code not present)
-CVE-2007-5622
+CVE-2007-5622 (Double free vulnerability in the ftpprchild function in ftppr in 3prox ...)
 	NOT-FOR-US: 3proxy
-CVE-2007-5621
+CVE-2007-5621 (Multiple cross-site scripting (XSS) vulnerabilities in the Token modul ...)
 	NOT-FOR-US: Token Drupal
 	NOTE: Token is not included in the drupal packages
-CVE-2007-5620
+CVE-2007-5620 (Directory traversal vulnerability in admin/inc/help.php in ZZ:FlashCha ...)
 	NOT-FOR-US: ZZ:FlashChat
-CVE-2007-5619
+CVE-2007-5619 (Unspecified vulnerability in VMware Server before 1.0.4 causes user pa ...)
 	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
-CVE-2007-5618
+CVE-2007-5618 (Unquoted Windows search path vulnerability in the Authorization and ot ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
-CVE-2007-5617
+CVE-2007-5617 (Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0  ...)
 	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
-CVE-2007-5616
+CVE-2007-5616 (ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x ...)
 	NOT-FOR-US: SSH Tectia Client and Server
-CVE-2007-5615
+CVE-2007-5615 (CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows r ...)
 	- jetty 6.1.19-1 (low; bug #454529)
-CVE-2007-5614
+CVE-2007-5614 (Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote  ...)
 	- jetty 6.1.19-1 (low; bug #454529)
-CVE-2007-5613
+CVE-2007-5613 (Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Je ...)
 	- jetty 6.1.19-1 (low; bug #454529)
-CVE-2007-5612
+CVE-2007-5612 (CIM Server in IBM Director 5.20.1 and earlier allows remote attackers  ...)
 	NOT-FOR-US: IBM Director
 CVE-2007-5611
 	RESERVED
-CVE-2007-5610
+CVE-2007-5610 (The DeleteSingleFile function in the HPISDataManagerLib.Datamgr Active ...)
 	NOT-FOR-US: ActiveX control
 CVE-2007-5609
 	RESERVED
-CVE-2007-5608
+CVE-2007-5608 (The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX co ...)
 	NOT-FOR-US: ActiveX control
-CVE-2007-5607
+CVE-2007-5607 (Buffer overflow in the RegistryString function in the HPISDataManagerL ...)
 	NOT-FOR-US: ActiveX control
-CVE-2007-5606
+CVE-2007-5606 (Buffer overflow in the MoveFile function in the HPISDataManagerLib.Dat ...)
 	NOT-FOR-US: ActiveX control
-CVE-2007-5605
+CVE-2007-5605 (Buffer overflow in the GetFileTime function in the HPISDataManagerLib. ...)
 	NOT-FOR-US: ActiveX control
-CVE-2007-5604
+CVE-2007-5604 (Buffer overflow in the ExtractCab function in the HPISDataManagerLib.D ...)
 	NOT-FOR-US: ActiveX control
-CVE-2007-5603
+CVE-2007-5603 (Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELau ...)
 	NOT-FOR-US: SonicWall SSL-VPN NetExtender
-CVE-2007-5602
+CVE-2007-5602 (Multiple stack-based buffer overflows in SwiftView Viewer before 8.3.5 ...)
 	NOT-FOR-US: SwiftView Viewer
-CVE-2007-5601
+CVE-2007-5601 (Stack-based buffer overflow in the Database Component in MPAMedia.dll  ...)
 	NOT-FOR-US: RealPlayer (windows only issue)
-CVE-2007-5600
+CVE-2007-5600 (Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 an ...)
 	NOT-FOR-US: Artmedic CMS
-CVE-2007-5599
+CVE-2007-5599 (Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow ...)
 	NOT-FOR-US: awrate
-CVE-2007-5598
+CVE-2007-5598 (Cross-site scripting (XSS) vulnerability in Weblinks for Drupal 4.7.x  ...)
 	- drupal5 <not-affected> (bug #447748)
 	- drupal <not-affected> (bug #447746)
 	NOTE: drupal weblinks is not included in the drupal package in debian
-CVE-2007-5597
+CVE-2007-5597 (The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3  ...)
 	- drupal5 5.3-1
 	- drupal 4.7.8-1
-CVE-2007-5596
+CVE-2007-5596 (The core Upload module in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 ...)
 	- drupal5 5.3-1
 	- drupal 4.7.8-1
-CVE-2007-5595
+CVE-2007-5595 (CRLF injection vulnerability in the drupal_goto function in includes/c ...)
 	- drupal5 5.3-1
 	- drupal 4.7.8-1
-CVE-2007-5594
+CVE-2007-5594 (Drupal 5.x before 5.3 does not apply its Drupal Forms API protection a ...)
 	- drupal5 5.3-1
 	- drupal 4.7.8-1
-CVE-2007-5593
+CVE-2007-5593 (install.php in Drupal 5.x before 5.3, when the configured database ser ...)
 	- drupal5 5.3-1
 	- drupal 4.7.8-1
-CVE-2007-5592
+CVE-2007-5592 (Multiple PHP remote file inclusion vulnerabilities in awzMB 4.2 beta 1 ...)
 	NOT-FOR-US: awzMB
-CVE-2007-5591
+CVE-2007-5591 (The CS1000 signaling server in Nortel Enterprise VoIP-Core-CS 1000M Ch ...)
 	NOT-FOR-US: Nortel Enterprise VoIP-Core-CS
-CVE-2007-5590
+CVE-2007-5590 (Multiple buffer overflows in Miranda before 0.7.1 allow remote attacke ...)
 	NOT-FOR-US: Miranda
-CVE-2007-5588
+CVE-2007-5588 (Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43  ...)
 	{DTSA-103-1}
 	- mnogosearch 3.3.4-4.1 (low; bug #447753)
 	[sarge] - mnogosearch <no-dsa> (Minor issue)
 	[etch] - mnogosearch <no-dsa> (Minor issue)
-CVE-2007-5587
+CVE-2007-5587 (Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2007-5586
 	REJECTED
-CVE-2007-5585
+CVE-2007-5585 (xscreensaver 5.03 and earlier, when running without xscreensaver-gl-ex ...)
 	{DTSA-83-1}
 	- xscreensaver 5.03-3.1 (medium; bug #448157)
 	[etch] - xscreensaver <not-affected> (Vulnerable code not present)
 	[sarge] - xscreensaver <not-affected> (Vulnerable code not present)
-CVE-2007-5584
+CVE-2007-5584 (Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2 ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5583
+CVE-2007-5583 (Cisco IP Phone 7940 with firmware P0S3-08-7-00 allows remote attackers ...)
 	NOT-FOR-US: Cisco IP Phone
-CVE-2007-5582
+CVE-2007-5582 (Cross-site scripting (XSS) vulnerability in the login page in Cisco Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5581
+CVE-2007-5581 (Multiple cross-site scripting (XSS) vulnerabilities in mpweb/scripts/m ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2007-5580
+CVE-2007-5580 (Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 befo ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5589
+CVE-2007-5589 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...)
 	{DSA-1403-1}
 	- phpmyadmin 4:2.11.1.2-1
-CVE-2007-5579
+CVE-2007-5579 (login.php in Pligg CMS 9.5 uses a guessable confirmation code when res ...)
 	NOT-FOR-US: Pligg CMS
-CVE-2007-5578
+CVE-2007-5578 (Basic Analysis and Security Engine (BASE) before 1.3.8 sends a redirec ...)
 	- acidbase 1.3.8 (low)
 	[etch] - acidbase <no-dsa> (Minor issue)
-CVE-2007-5577
+CVE-2007-5577 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before  ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-5576
+CVE-2007-5576 (BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterpr ...)
 	NOT-FOR-US: BEA Tuxedo
-CVE-2007-5575
+CVE-2007-5575 (Cross-site request forgery (CSRF) vulnerability in 1024 CMS 1.2.5 allo ...)
 	NOT-FOR-US: 1024 CMS
-CVE-2007-5574
+CVE-2007-5574 (PHP remote file inclusion vulnerability in djpage.php in PHPDJ 0.5 all ...)
 	NOT-FOR-US: PHPDJPHPDJ
-CVE-2007-5573
+CVE-2007-5573 (PHP remote file inclusion vulnerability in classes/core/language.php i ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2007-5572
+CVE-2007-5572 (Multiple cross-site request forgery (CSRF) vulnerabilities in Simple P ...)
 	NOT-FOR-US: SPHPBlog
-CVE-2007-5571
+CVE-2007-5571 (Cisco Firewall Services Module (FWSM) 3.1(6), and 3.2(2) and earlier,  ...)
 	NOT-FOR-US: Cisco Firewall Services Module
-CVE-2007-5570
+CVE-2007-5570 (Cisco Firewall Services Module (FWSM) 3.2(1), and 3.1(5) and earlier,  ...)
 	NOT-FOR-US: Cisco Firewall Services Module
-CVE-2007-5569
+CVE-2007-5569 (Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configure ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5568
+CVE-2007-5568 (Cisco PIX and ASA appliances with 7.0 through 8.0 software, and Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5567
+CVE-2007-5567 (PHP remote file inclusion vulnerability in _lib/fckeditor/upload_confi ...)
 	- moin <not-affected> (Does not contain the vulnerable code)
 	- karrigell <not-affected> (Does not contain the vulnerable code)
 	- knowledgeroot <not-affected> (Does not contain the vulnerable code)
@@ -2872,369 +2872,369 @@ CVE-2007-5566
 	NOT-FOR-US: PHPBlog
 CVE-2007-5565
 	NOT-FOR-US: phpSCMS
-CVE-2007-5564
+CVE-2007-5564 (Multiple cross-site scripting (XSS) vulnerabilities in NSSboard (forme ...)
 	NOT-FOR-US: NSSboard
-CVE-2007-5563
+CVE-2007-5563 (Unspecified vulnerability in VirtueMart before 1.0.13 allows remote at ...)
 	NOT-FOR-US: VirtueMart
-CVE-2007-5562
+CVE-2007-5562 (Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the l ...)
 	NOT-FOR-US: Netgear firmware
-CVE-2007-5561
+CVE-2007-5561 (Format string vulnerability in the logging function in the Oracle OPMN ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5560
+CVE-2007-5560 (Heap-based buffer overflow in the Juniper HTTP Service allows remote a ...)
 	NOT-FOR-US: Juniper HTTP Service
-CVE-2007-5559
+CVE-2007-5559 (Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows  ...)
 	NOT-FOR-US: IBM ThinkVantage TPM Service
-CVE-2007-5558
+CVE-2007-5558 (Integer overflow in the LG Mobile handset allows remote attackers to c ...)
 	NOT-FOR-US: LG Mobile handset
-CVE-2007-5557
+CVE-2007-5557 (Unspecified vulnerability in the NEC mobile handset allows remote atta ...)
 	NOT-FOR-US: NEC mobile handset
-CVE-2007-5556
+CVE-2007-5556 (Unspecified vulnerability in the Avaya VoIP Handset allows remote atta ...)
 	NOT-FOR-US: Avaya VoIP Handset
-CVE-2007-5555
+CVE-2007-5555 (Unspecified vulnerability in Symantec Altiris Deployment Solution allo ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2007-5554
+CVE-2007-5554 (Oracle allows remote attackers to obtain server memory contents via cr ...)
 	NOT-FOR-US: Oracle
 CVE-2007-5553
 	REJECTED
-CVE-2007-5552
+CVE-2007-5552 (Integer overflow in Cisco IOS allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5551
+CVE-2007-5551 (Off-by-one error in Cisco IOS allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5550
+CVE-2007-5550 (Unspecified vulnerability in Cisco IOS allows remote attackers to obta ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5549
+CVE-2007-5549 (Unspecified vulnerability in Command EXEC in Cisco IOS allows local us ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5548
+CVE-2007-5548 (Multiple stack-based buffer overflows in Command EXEC in Cisco IOS all ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5547
+CVE-2007-5547 (Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote at ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5546
+CVE-2007-5546 (Multiple stack-based buffer overflows in TIBCO SmartPGM FX allow remot ...)
 	NOT-FOR-US: TIBCO SmartPGM FX
-CVE-2007-5545
+CVE-2007-5545 (Format string vulnerability in TIBCO SmartPGM FX allows remote attacke ...)
 	NOT-FOR-US: TIBCO SmartPGM FX
-CVE-2007-5544
+CVE-2007-5544 (IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before  ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2007-5543
+CVE-2007-5543 (Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remot ...)
 	NOT-FOR-US: Miranda
-CVE-2007-5542
+CVE-2007-5542 (Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attacker ...)
 	NOT-FOR-US: Miranda
-CVE-2007-5541
+CVE-2007-5541 (Unspecified vulnerability in Opera before 9.24, when using an "externa ...)
 	NOT-FOR-US: Opera
-CVE-2007-5540
+CVE-2007-5540 (Unspecified vulnerability in Opera before 9.24 allows remote attackers ...)
 	NOT-FOR-US: Opera
-CVE-2007-5539
+CVE-2007-5539 (Unspecified vulnerability in Cisco Unified Intelligent Contact Managem ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5538
+CVE-2007-5538 (Buffer overflow in the Centralized TFTP File Locator Service in Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5537
+CVE-2007-5537 (Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5536
+CVE-2007-5536 (Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11. ...)
 	NOT-FOR-US: HP-UX
-CVE-2007-5535
+CVE-2007-5535 (Unspecified vulnerability in newbb_plus in RunCms 1.5.2 has unknown im ...)
 	NOT-FOR-US: RunCms
-CVE-2007-5534
+CVE-2007-5534 (Unspecified vulnerability in the HCM component in Oracle PeopleSoft En ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5533
+CVE-2007-5533 (Unspecified vulnerability in the People Tools component in Oracle Peop ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5532
+CVE-2007-5532 (Unspecified vulnerability in the People Tools component in Oracle Peop ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5531
+CVE-2007-5531 (Unspecified vulnerability in Oracle Help for Web, as used in Oracle Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5530
+CVE-2007-5530 (Unspecified vulnerability in the Database Control component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5529
+CVE-2007-5529 (Unspecified vulnerability in the Oracle Self-Service Web Applications  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5528
+CVE-2007-5528 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.2 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5527
+CVE-2007-5527 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.1 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5526
+CVE-2007-5526 (Unspecified vulnerability in the Oracle Portal component in Oracle App ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5525
+CVE-2007-5525 (Unspecified vulnerability in the Oracle Single Sign-On component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5524
+CVE-2007-5524 (Unspecified vulnerability in the Oracle Single Sign-On component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5523
+CVE-2007-5523 (Unspecified vulnerability in the Oracle Internet Directory component i ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5522
+CVE-2007-5522 (Unspecified vulnerability in the Oracle Portal component in Oracle App ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5521
+CVE-2007-5521 (Unspecified vulnerability in the Oracle Containers for J2EE component  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5520
+CVE-2007-5520 (Unspecified vulnerability in the Oracle Internet Directory component i ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5519
+CVE-2007-5519 (Unspecified vulnerability in the Oracle Portal component in Oracle App ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5518
+CVE-2007-5518 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5517
+CVE-2007-5517 (Unspecified vulnerability in the Oracle Portal component in Oracle App ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5516
+CVE-2007-5516 (Unspecified vulnerability in the Oracle Process Mgmt &amp; Notificatio ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5515
+CVE-2007-5515 (Unspecified vulnerability in the Spatial component in Oracle Database  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5514
+CVE-2007-5514 (Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5513
+CVE-2007-5513 (The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, an ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5512
+CVE-2007-5512 (Unspecified vulnerability in the Oracle Database Vault component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5511
+CVE-2007-5511 (SQL injection vulnerability in Workspace Manager for Oracle Database b ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5510
+CVE-2007-5510 (Multiple unspecified vulnerabilities in the Workspace Manager componen ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5509
+CVE-2007-5509 (Unspecified vulnerability in the Spatial component in Oracle Database  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5508
+CVE-2007-5508 (Multiple SQL injection vulnerabilities in the CTXSYS Intermedia applic ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5507
+CVE-2007-5507 (The GIOP service in TNS Listener in the Oracle Net Services component  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5506
+CVE-2007-5506 (The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5505
+CVE-2007-5505 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2. ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5504
+CVE-2007-5504 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 1 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-5503
+CVE-2007-5503 (Multiple integer overflows in Cairo before 1.4.12 might allow remote a ...)
 	{DSA-1542-1 DTSA-96-1}
 	- libcairo 1.4.10-1.1 (medium; bug #453686)
-CVE-2007-5502
+CVE-2007-5502 (The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does  ...)
 	NOT-FOR-US: OpenSSL Fips object module
-CVE-2007-5501
+CVE-2007-5501 (The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux  ...)
 	- linux-2.6 2.6.23-1 (high)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.21)
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=96a2d41a3e495734b63bff4e5dd0112741b93b38
-CVE-2007-5500
+CVE-2007-5500 (The wait_task_stopped function in the Linux kernel before 2.6.23.8 che ...)
 	{DSA-1428-1}
 	- linux-2.6 2.6.23-2
 CVE-2007-5499
 	REJECTED
-CVE-2007-5498
+CVE-2007-5498 (The Xen hypervisor block backend driver for Linux kernel 2.6.18, when  ...)
 	- xen-unstable <not-affected> (Vulnerable code not present)
 	- xen-3 <not-affected> (Vulnerable code not present)
-CVE-2007-5497
+CVE-2007-5497 (Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 all ...)
 	{DSA-1422-1 DTSA-95-1}
 	- e2fsprogs 1.40.3-1 (bug #454760)
-CVE-2007-5496
+CVE-2007-5496 (Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allow ...)
 	NOT-FOR-US: setroubleshoot
-CVE-2007-5495
+CVE-2007-5495 (sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitr ...)
 	NOT-FOR-US: setroubleshoot
-CVE-2007-5494
+CVE-2007-5494 (Memory leak in the Red Hat Content Accelerator kernel patch in Red Hat ...)
 	- linux-2.6 <not-affected> (RedHat specific patch)
-CVE-2007-5493
+CVE-2007-5493 (The SMS handler for Windows Mobile 2005 Pocket PC Phone edition allows ...)
 	NOT-FOR-US: Windows Mobile
-CVE-2007-5492
+CVE-2007-5492 (Static code injection vulnerability in the translation module (transla ...)
 	{DSA-1423-1}
 	- sitebar 3.3.8-12.1 (bug #447135)
-CVE-2007-5491
+CVE-2007-5491 (Directory traversal vulnerability in the translation module (translato ...)
 	{DSA-1423-1}
 	- sitebar 3.3.8-12.1 (bug #447135)
-CVE-2007-5490
+CVE-2007-5490 (SQL injection vulnerability in default.asp in Okul Otomasyon Portal 2. ...)
 	NOT-FOR-US: Okul Otomasyon Portal
-CVE-2007-5489
+CVE-2007-5489 (Directory traversal vulnerability in index.php in Artmedic CMS 3.4 and ...)
 	NOT-FOR-US: Artmedic CMS
-CVE-2007-5487
+CVE-2007-5487 (Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allo ...)
 	NOT-FOR-US: COWON America jetAudioc
-CVE-2007-5486
+CVE-2007-5486 (dotProject before 2.1 does not properly check privileges when invoking ...)
 	NOT-FOR-US: dotProject
-CVE-2007-5485
+CVE-2007-5485 (SQL injection vulnerability in index.php in the mg2 1.0 module for Kws ...)
 	NOT-FOR-US: KwsPHP
-CVE-2007-5484
+CVE-2007-5484 (Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows lo ...)
 	NOT-FOR-US: WWWISIS
-CVE-2007-5483
+CVE-2007-5483 (Unspecified vulnerability in the Administrative Scripting Tools (such  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-5482
+CVE-2007-5482 (Unspecified vulnerability in the FTP service in Sun StorEdge/StorageTe ...)
 	NOT-FOR-US: Sun firmware
-CVE-2007-5481
+CVE-2007-5481 (Distributed Checksum Clearinghouse (DCC) 1.3.65 allows remote attacker ...)
 	- dcc <not-affected> (vulnerable code introduced in 1.3.65)
-CVE-2007-5480
+CVE-2007-5480 (Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge Innov ...)
 	NOT-FOR-US: ZInnovaAge InnovaShop
-CVE-2007-5479
+CVE-2007-5479 (Cross-site scripting (XSS) vulnerability in Search.asp in Xcomputer al ...)
 	NOT-FOR-US: Xcomputer
-CVE-2007-5478
+CVE-2007-5478 (Cross-site scripting (XSS) vulnerability in projects in Nabh Stringbea ...)
 	NOT-FOR-US: Sbportal
-CVE-2007-5477
+CVE-2007-5477 (Cross-site scripting (XSS) vulnerability in auth.w in djeyl.net WebMod ...)
 	NOT-FOR-US: djeyl.net WebMod
-CVE-2007-5476
+CVE-2007-5476 (Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier,  ...)
 	NOT-FOR-US: Opera specific flash vulnerability
-CVE-2007-5475
+CVE-2007-5475 (Multiple buffer overflows in the Marvell wireless driver, as used in L ...)
 	NOT-FOR-US: Linksys WAP4400N Wi-Fi access point
-CVE-2007-5474
+CVE-2007-5474 (The driver for the Linksys WRT350N Wi-Fi access point with firmware 2. ...)
 	NOT-FOR-US: Linksys WRT350N Wi-Fi access point
-CVE-2007-5473
+CVE-2007-5473 (StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when runnin ...)
 	- mono <not-affected> (Windows-specific vulnerability)
-CVE-2007-5472
+CVE-2007-5472 (Cross-site scripting (XSS) vulnerability in the Server component in CA ...)
 	NOT-FOR-US: HIPS
-CVE-2007-5488
+CVE-2007-5488 (Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk- ...)
 	- asterisk-addons 1.4.4-1
-CVE-2007-5471
+CVE-2007-5471 (libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUS ...)
 	- libgssapi 0.8-1
-CVE-2007-5470
+CVE-2007-5470 (Microsoft Expression Media stores the catalog password in cleartext in ...)
 	NOT-FOR-US: Microsoft Expression Media
 CVE-2007-5469
 	- openser 1.3.0-1 (unimportant; bug #446956)
 	NOTE: should be only "exploitable" in local network with untrusted users
-CVE-2007-5468
+CVE-2007-5468 (Cisco CallManager 5.1.1.3000-5 does not verify the Digest authenticati ...)
 	NOT-FOR-US: Cisco
-CVE-2007-5467
+CVE-2007-5467 (Integer overflow in eXtremail 2.1.1 and earlier allows remote attacker ...)
 	NOT-FOR-US: eXtremail
-CVE-2007-5466
+CVE-2007-5466 (Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote  ...)
 	NOT-FOR-US: eXtremail
-CVE-2007-5465
+CVE-2007-5465 (Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows ...)
 	NOT-FOR-US: doop CMS
-CVE-2007-5464
+CVE-2007-5464 (Stack-based buffer overflow in Live for Speed 0.5X10 and earlier allow ...)
 	NOT-FOR-US: Live for Speed
-CVE-2007-5463
+CVE-2007-5463 (ideal_process.php in the iDEAL payment module in ViArt Shop 3.3 beta a ...)
 	NOT-FOR-US: ViArt Shop
-CVE-2007-5462
+CVE-2007-5462 (Unspecified vulnerability in the Sun Solaris RPC services library (lib ...)
 	NOT-FOR-US: Solaris
-CVE-2007-5460
+CVE-2007-5460 (Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak enc ...)
 	NOT-FOR-US: Microsoft ActiveSync
-CVE-2007-5459
+CVE-2007-5459 (Cross-site scripting (XSS) vulnerability in the sidebar HTML page in t ...)
 	NOT-FOR-US: MouseoverDictionary
-CVE-2007-5458
+CVE-2007-5458 (SQL injection vulnerability in index.php in the newsletter module 1.0  ...)
 	NOT-FOR-US: KwsPHP
-CVE-2007-5457
+CVE-2007-5457 (Multiple PHP remote file inclusion vulnerabilities in Michael Dempfle  ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5456
+CVE-2007-5456 (Microsoft Internet Explorer 7 and earlier allows remote attackers to b ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2007-5455
+CVE-2007-5455 (Cross-site scripting (XSS) vulnerability in wxis.exe in WWWISIS 7.1 an ...)
 	NOT-FOR-US: WWWISIS
-CVE-2007-5454
+CVE-2007-5454 (Directory traversal vulnerability in index.php in PHP File Sharing Sys ...)
 	NOT-FOR-US: PHP File Sharing
-CVE-2007-5453
+CVE-2007-5453 (Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow rem ...)
 	NOT-FOR-US: Php-Stats
-CVE-2007-5452
+CVE-2007-5452 (Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-S ...)
 	NOT-FOR-US: Php-Stats
-CVE-2007-5451
+CVE-2007-5451 (PHP remote file inclusion vulnerability in admin.color.php in the com_ ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5450
+CVE-2007-5450 (Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouc ...)
 	NOT-FOR-US: Apple firmware
-CVE-2007-5449
+CVE-2007-5449 (SQL injection vulnerability in searchresult.php in Softbiz Recipes Por ...)
 	NOT-FOR-US: Softbiz Recipes Portal Script
-CVE-2007-5448
+CVE-2007-5448 (Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial  ...)
 	- madwifi 1:0.9.3.2-2 (medium; bug #446824)
 	[etch] - madwifi 1:0.9.2+r1842.20061207-2etch2
-CVE-2007-5447
+CVE-2007-5447 (ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP ...)
 	NOT-FOR-US: ionCube
-CVE-2007-5446
+CVE-2007-5446 (Absolute path traversal vulnerability in a certain ActiveX control in  ...)
 	NOT-FOR-US: PBEmail
-CVE-2007-5445
+CVE-2007-5445 (Buffer overflow in the DB Software Laboratory VImpX (VImpAX1) ActiveX  ...)
 	NOT-FOR-US: VImpX
-CVE-2007-5444
+CVE-2007-5444 (CMS Made Simple 1.1.3.1 allows remote attackers to obtain the full pat ...)
 	NOT-FOR-US: CMS Made Simpe
-CVE-2007-5443
+CVE-2007-5443 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple ...)
 	NOT-FOR-US: CMS Made Simpe
-CVE-2007-5442
+CVE-2007-5442 (CMS Made Simple 1.1.3.1 does not check the permissions assigned to use ...)
 	NOT-FOR-US: CMS Made Simpe
-CVE-2007-5441
+CVE-2007-5441 (CMS Made Simple 1.1.3.1 does not check the permissions assigned to use ...)
 	NOT-FOR-US: CMS Made Simpe
 CVE-2007-5440
 	NOT-FOR-US: Crs Manager
-CVE-2007-5439
+CVE-2007-5439 (CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stor ...)
 	NOT-FOR-US: eTrust ITM
-CVE-2007-5438
+CVE-2007-5438 (Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL ...)
 	- vmware-package <not-affected> (Windows only)
-CVE-2007-5437
+CVE-2007-5437 (The web console in CA (formerly Computer Associates) eTrust ITM (Threa ...)
 	NOT-FOR-US: eTrust ITM
-CVE-2007-5436
+CVE-2007-5436 (Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL  ...)
 	NOT-FOR-US: G DATA Antivirus
-CVE-2007-5435
+CVE-2007-5435 (Unspecified vulnerability in CA ERwin Process Modeler (formerly AllFus ...)
 	NOT-FOR-US: CA ERwin Process Modeler
-CVE-2007-5434
+CVE-2007-5434 (Cross-site scripting (XSS) vulnerability in PRO-search 0.17.1 and earl ...)
 	NOT-FOR-US: PRO-search
-CVE-2007-5433
+CVE-2007-5433 (Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Si ...)
 	NOT-FOR-US: Site-Up
-CVE-2007-5432
+CVE-2007-5432 (Stride 1.0 has a default administrator username of "scott" with the pa ...)
 	NOT-FOR-US: Stride
-CVE-2007-5431
+CVE-2007-5431 (include/imageupload.js in the MyFTPUploader module in Stride 1.0 conta ...)
 	NOT-FOR-US: Stride module
-CVE-2007-5430
+CVE-2007-5430 (Multiple SQL injection vulnerabilities in Stride 1.0 allow remote atta ...)
 	NOT-FOR-US: Stride
-CVE-2007-5429
+CVE-2007-5429 (Cross-site scripting (XSS) vulnerability in index.php in Nucleus 3.01  ...)
 	NOT-FOR-US: Nucleus
-CVE-2007-5428
+CVE-2007-5428 (Cross-site scripting (XSS) vulnerability in UMI CMS allows remote atta ...)
 	NOT-FOR-US: UMI CMS
-CVE-2007-5427
+CVE-2007-5427 (Cross-site scripting (XSS) vulnerability in the com_search component i ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-5426
+CVE-2007-5426 (Multiple cross-site scripting (XSS) vulnerabilities in ActiveKB NX 2.5 ...)
 	NOT-FOR-US: ActiveKB NX
-CVE-2007-5425
+CVE-2007-5425 (SQL injection vulnerability in admin/index.php in Interspire ActiveKB  ...)
 	NOT-FOR-US: ActiveKB NX
-CVE-2007-5424
+CVE-2007-5424 (The disable_functions feature in PHP 4 and 5 allows attackers to bypas ...)
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: if the function is blacklisted but not its alias it is a configuration
 	NOTE: issue of the site not a vulnerability in php
-CVE-2007-5423
+CVE-2007-5423 (tiki-graph_formula.php in TikiWiki 1.9.8 allows remote attackers to ex ...)
 	- tikiwiki <removed>
-CVE-2007-5422
+CVE-2007-5422 (Unspecified vulnerability in "Solaris Auditing" in the Basic Security  ...)
 	NOT-FOR-US: Solaris Auditing
 CVE-2007-5421
 	REJECTED
-CVE-2007-5420
+CVE-2007-5420 (The 3Com 3CRWER100-75 router with 1.2.10ww software, when remote manag ...)
 	NOT-FOR-US: 3Com 3CRWER100-75
-CVE-2007-5419
+CVE-2007-5419 (The 3Com 3CRWER100-75 router with 1.2.10ww software, when enabling an  ...)
 	NOT-FOR-US: 3Com 3CRWER100-75
-CVE-2007-5418
+CVE-2007-5418 (Multiple PHP remote file inclusion vulnerabilities in CARE2X 2G 2.2 al ...)
 	NOT-FOR-US: CARE2X
-CVE-2007-5417
+CVE-2007-5417 (Directory traversal vulnerability in index.php in boastMachine (aka bM ...)
 	NOT-FOR-US: boastMachine
-CVE-2007-5416
+CVE-2007-5416 (Drupal 5.2 and earlier does not properly unset variables when the inpu ...)
 	- drupal5 <unfixed> (unimportant; bug #446887)
 	- drupal <unfixed> (unimportant)
 	NOTE: The underlying PHP issue has been fixed in DSA 1206.
 	NOTE: Plus, register_globals is not supported in Debian
-CVE-2007-5415
+CVE-2007-5415 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 2.0, when  ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: if you are on a site which allows UTF-7 sure you need to sanitize the
 	NOTE: equivalent strings in UTF-7
 	NOTE: referring to the mozilla security team this is a non-issue and a duplicate of
 	NOTE: CVE-2007-5414, mailed mitre
-CVE-2007-5414
+CVE-2007-5414 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0 ...)
 	- iceweasel 2.0+dfsg-1
-CVE-2007-5413
+CVE-2007-5413 (httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView ...)
 	NOT-FOR-US: HP OpenView
-CVE-2007-5412
+CVE-2007-5412 (Multiple PHP remote file inclusion vulnerabilities in the Quoc-Huy MP3 ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5411
+CVE-2007-5411 (Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Ph ...)
 	NOT-FOR-US: Linksys
-CVE-2007-5410
+CVE-2007-5410 (PHP remote file inclusion vulnerability in admin.wmtrssreader.php in t ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5409
+CVE-2007-5409 (PHP remote file inclusion vulnerability in admin/nuseo_admin_d.php in  ...)
 	NOT-FOR-US: NuSEO
-CVE-2007-5408
+CVE-2007-5408 (SQL injection vulnerability in category.php in cpDynaLinks 1.02 allows ...)
 	NOT-FOR-US: cpDynaLinks
-CVE-2007-5407
+CVE-2007-5407 (Multiple PHP remote file inclusion vulnerabilities in the JContentSubs ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5406
+CVE-2007-5406 (kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Auto ...)
 	NOT-FOR-US: KeyView
-CVE-2007-5405
+CVE-2007-5405 (Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the A ...)
 	NOT-FOR-US: KeyView
-CVE-2007-5404
+CVE-2007-5404 (Layton HelpBox 3.7.1 generates different responses depending on whethe ...)
 	NOT-FOR-US: Layton HelpBox
-CVE-2007-5403
+CVE-2007-5403 (Multiple cross-site scripting (XSS) vulnerabilities in Layton HelpBox  ...)
 	NOT-FOR-US: Layton HelpBox
-CVE-2007-5402
+CVE-2007-5402 (Multiple SQL injection vulnerabilities in Layton HelpBox 3.7.1 allow ( ...)
 	NOT-FOR-US: Layton HelpBox
-CVE-2007-5401
+CVE-2007-5401 (Unrestricted file upload vulnerability in uploadrequest.asp in Layton  ...)
 	NOT-FOR-US: Layton HelpBox
-CVE-2007-5400
+CVE-2007-5400 (Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling ...)
 	NOT-FOR-US: RealPlayer
-CVE-2007-5399
+CVE-2007-5399 (Multiple heap-based buffer overflows in emlsr.dll in the EML reader in ...)
 	NOT-FOR-US: KeyView
-CVE-2007-5398
+CVE-2007-5398 (Stack-based buffer overflow in the reply_netbios_packet function in nm ...)
 	{DSA-1409-3 DSA-1409-2 DSA-1409-1}
 	- samba 3.0.27-1 (high)
-CVE-2007-5397
+CVE-2007-5397 (Heap-based buffer overflow in the activePDF Server service (aka APServ ...)
 	NOT-FOR-US: activePDF Server
-CVE-2007-5396
+CVE-2007-5396 (Format string vulnerability in the ext_yahoo_contact_added function in ...)
 	NOT-FOR-US: Miranda
-CVE-2007-5395
+CVE-2007-5395 (Stack-based buffer overflow in the separate_word function in tokenize. ...)
 	{DSA-1432-1}
 	- link-grammar 4.2.5-1 (medium; bug #450695)
-CVE-2007-5394
+CVE-2007-5394 (Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 an ...)
 	NOT-FOR-US: Adobe PageMaker
-CVE-2007-5393
+CVE-2007-5393 (Heap-based buffer overflow in the CCITTFaxStream::lookChar method in x ...)
 	{DSA-1537-1 DSA-1509-1 DSA-1480-1 DSA-1408-1 DTSA-85-1 DTSA-86-1}
 	- poppler 0.6.2-1 (medium; bug #450628)
 	- kdegraphics 4:3.5.8-2 (medium; bug #450630)
@@ -3251,7 +3251,7 @@ CVE-2007-5393
 	- libextractor 0.5.12-1
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
 	- swftools 0.9.2+ds1-2
-CVE-2007-5392
+CVE-2007-5392 (Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in X ...)
 	{DSA-1537-1 DSA-1509-1 DSA-1480-1 DTSA-85-1 DTSA-86-1}
 	- poppler 0.6.2-1 (medium; bug #450628)
 	- kdegraphics 4:3.5.8-2 (medium; bug #450630)
@@ -3269,94 +3269,94 @@ CVE-2007-5392
 	- libextractor 0.5.12-1
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
 	- swftools 0.9.2+ds1-2
-CVE-2007-5461
+CVE-2007-5461 (Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4 ...)
 	{DSA-1453-1 DSA-1447-1}
 	- tomcat5.5 5.5.25-2 (low; bug #448664)
 	- tomcat5 <removed>
 	NOTE: patch: http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E
-CVE-2007-5391
+CVE-2007-5391 (Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010  ...)
 	NOT-FOR-US: HP Select Identity
-CVE-2007-5390
+CVE-2007-5390 (PHP remote file inclusion vulnerability in index.php in PicoFlat CMS 0 ...)
 	NOT-FOR-US: PicoFlat
 CVE-2007-5389
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5388
+CVE-2007-5388 (Multiple PHP remote file inclusion vulnerabilities in WebDesktop 0.1 a ...)
 	NOT-FOR-US: WebDesktop
-CVE-2007-5387
+CVE-2007-5387 (PHP remote file inclusion vulnerability in active/components/xmlrpc/cl ...)
 	NOT-FOR-US: Pindorama
-CVE-2007-5386
+CVE-2007-5386 (Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMy ...)
 	{DSA-1403-1}
 	- phpmyadmin 4:2.11.1.2-1 (bug #446451)
 	[sarge] - phpmyadmin <not-affected> (vulnerable script not present)
-CVE-2007-5385
+CVE-2007-5385 (Multiple cross-site scripting (XSS) vulnerabilities in the Thomson/Alc ...)
 	NOT-FOR-US: Thomson/Alcatel SpeedTouch 7G router
-CVE-2007-5384
+CVE-2007-5384 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Thom ...)
 	NOT-FOR-US: Thomson/Alcatel SpeedTouch 7G router
-CVE-2007-5383
+CVE-2007-5383 (The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub  ...)
 	NOT-FOR-US: Thomson/Alcatel SpeedTouch 7G router
-CVE-2007-5382
+CVE-2007-5382 (The conversion utility for converting CiscoWorks Wireless LAN Solution ...)
 	NOT-FOR-US: CiscoWorks
-CVE-2007-5381
+CVE-2007-5381 (Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco  ...)
 	NOT-FOR-US: Line Printer Daemon (LPD) Cisco
-CVE-2007-5380
+CVE-2007-5380 (Session fixation vulnerability in Rails before 1.2.4, as used for Ruby ...)
 	- rails 1.2.5-1
-CVE-2007-5379
+CVE-2007-5379 (Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers ...)
 	- rails 1.2.5-1
 	[etch] - rails <not-affected> (Vulnerable code not present)
-CVE-2007-5378
+CVE-2007-5378 (Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolk ...)
 	{DSA-1743-1 DSA-1416-1 DSA-1415-1}
 	- tk8.3 8.3.5-10 (medium; bug #446465)
 	- tk8.4 8.4.16-1 (medium)
 	- libtk-img 1.3-release-8 (medium)
-CVE-2007-5377
+CVE-2007-5377 (The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functi ...)
 	- tramp <not-affected> (the version we ship still uses make-temp-file)
 	- emacs22 <not-affected> (the version we ship still uses make-temp-file)
 CVE-2007-5376
 	RESERVED
-CVE-2007-5375
+CVE-2007-5375 (Interpretation conflict in the Sun Java Virtual Machine (JVM) allows u ...)
 	- sun-java6 6-03-1 (low)
 	- sun-java5 1.5.0-13-1 (low)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5374
+CVE-2007-5374 (cp_memberedit.php in LightBlog 8.4.1.1 does not check for administrati ...)
 	NOT-FOR-US: LightBlog
-CVE-2007-5373
+CVE-2007-5373 (ldapscripts 1.4 and 1.7 sends a password as a command line argument wh ...)
 	{DSA-1517-1 DTSA-68-1}
 	- ldapscripts 1.7.1-2 (bug #445582; medium)
-CVE-2007-5372
+CVE-2007-5372 (Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through  ...)
 	- sql-ledger <unfixed> (unimportant; bug #446366)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
-CVE-2007-5371
+CVE-2007-5371 (Multiple SQL injection vulnerabilities in mutate_content.dynamic.php i ...)
 	NOT-FOR-US: MODx
-CVE-2007-5370
+CVE-2007-5370 (Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/dnewswe ...)
 	NOT-FOR-US: NetWin
-CVE-2007-5369
+CVE-2007-5369 (The GetMagicNumberString function in Massive Entertainment World in Co ...)
 	NOT-FOR-US: conflict
-CVE-2007-5368
+CVE-2007-5368 (Multiple unspecified vulnerabilities in labeld in Trusted Extensions i ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-5367
+CVE-2007-5367 (Unspecified vulnerability in the Virtual File System (VFS) in Sun Sola ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-5366
+CVE-2007-5366 (The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application ...)
 	NOT-FOR-US: Fujitsu Interstage Application Server
-CVE-2007-5365
+CVE-2007-5365 (Stack-based buffer overflow in the cons_options function in options.c  ...)
 	{DSA-1388-3 DSA-1388-1}
 	- dhcp 2.0pl5dfsg1-20.2 (medium; bug #446354)
 	- dhcp3 <not-affected> (dhcp3 does enforce a fixed minimum paket size if it is lower, see line 513 in options.c)
 	NOTE: dhcp has a request for removal #446386
 CVE-2007-5364
 	NOT-FOR-US: ViArt Shopping Cart
-CVE-2007-5363
+CVE-2007-5363 (PHP remote file inclusion vulnerability in admin.panoramic.php in the  ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5362
+CVE-2007-5362 (Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde  ...)
 	NOT-FOR-US: Joomla! and mambo extension
-CVE-2007-5361
+CVE-2007-5361 (The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and  ...)
 	NOT-FOR-US: Alcatel-Lucent OmniPCX Enterprise
-CVE-2007-5360
+CVE-2007-5360 (Buffer overflow in OpenPegasus Management server, when compiled to use ...)
 	NOT-FOR-US: OpenPegasus Management server
 CVE-2007-5359
 	RESERVED
-CVE-2007-5358
+CVE-2007-5358 (Multiple buffer overflows in the voicemail functionality in Asterisk 1 ...)
 	- asterisk 1:1.4.13~dfsg-1 (medium)
 	[sarge] - asterisk <not-affected> (Only Asterisk 1.4.x is affected)
 	[etch] - asterisk <not-affected> (Only Asterisk 1.4.x is affected)
@@ -3364,59 +3364,59 @@ CVE-2007-5357
 	REJECTED
 CVE-2007-5356
 	REJECTED
-CVE-2007-5355
+CVE-2007-5355 (The Web Proxy Auto-Discovery (WPAD) feature in Microsoft Internet Expl ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-5354
 	REJECTED
 CVE-2007-5353
 	REJECTED
-CVE-2007-5352
+CVE-2007-5352 (Unspecified vulnerability in Local Security Authority Subsystem Servic ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-5351
+CVE-2007-5351 (Unspecified vulnerability in Server Message Block Version 2 (SMBv2) si ...)
 	NOT-FOR-US: Microsoft Vista
-CVE-2007-5350
+CVE-2007-5350 (Unspecified vulnerability in the Windows Advanced Local Procedure Call ...)
 	NOT-FOR-US: Microsoft Vista
 CVE-2007-5349
 	REJECTED
-CVE-2007-5348
+CVE-2007-5348 (Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-5347
+CVE-2007-5347 (Microsoft Internet Explorer 5.01 through 7 allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-5346
 	REJECTED
 CVE-2007-5345
 	REJECTED
-CVE-2007-5344
+CVE-2007-5344 (Microsoft Internet Explorer 5.01 through 7 allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-5343
 	REJECTED
-CVE-2007-5342
+CVE-2007-5342 (The default catalina.policy in the JULI logging component in Apache To ...)
 	{DSA-1447-1}
 	- tomcat5.5 5.5.25-4 (low; bug #458237)
 	- tomcat5 <not-affected> (Vulnerable code not present)
-CVE-2007-5341
+CVE-2007-5341 (Remote code execution in the Venkman script debugger in Mozilla Firefo ...)
 	- iceweasel 2.0.0.8-1
-CVE-2007-5340
+CVE-2007-5340 (Multiple vulnerabilities in the Javascript engine in Mozilla Firefox b ...)
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DSA-1391-1 DTSA-69-1 DTSA-71-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1 (high)
 	- xulrunner 1.8.1.9-1 (high)
 	- icedove 2.0.0.9-1 (low)
 	- iceape 1.1.5 (high)
 	NOTE: MFSA2007-29
-CVE-2007-5339
+CVE-2007-5339 (Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbir ...)
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DSA-1391-1 DTSA-69-1 DTSA-71-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1 (high)
 	- xulrunner 1.8.1.9-1 (bug #447734; high)
 	- icedove 2.0.0.9-1 (low)
 	- iceape 1.1.5
 	NOTE: MFSA2007-29
-CVE-2007-5338
+CVE-2007-5338 (Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote ...)
 	{DSA-1534-2 DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5
 	NOTE: MFSA2007-35
-CVE-2007-5337
+CVE-2007-5337 (Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when runnin ...)
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1
 	- xulrunner 1.8.1.9-1
@@ -3424,108 +3424,108 @@ CVE-2007-5337
 	NOTE: MFSA2007-34
 CVE-2007-5336
 	REJECTED
-CVE-2007-5335
+CVE-2007-5335 (Mozilla Firefox 2.0 before 2.0.0.8 allows remote attackers to obtain s ...)
 	{DSA-1396-1}
 	- iceweasel 2.0.0.8-1 (low)
 	NOTE: Firefox 2.0-specific issue, doesn't affect xulrunner, iceape or icedove
 	NOTE: not mentioned in debian changelog, but mozilla #390983 confirms it went into 2.0.0.8
-CVE-2007-5334
+CVE-2007-5334 (Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the ...)
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5
 	NOTE: MFSA2007-33
-CVE-2007-5333
+CVE-2007-5333 (Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 th ...)
 	- tomcat5.5 5.5.26-1 (low; bug #465645)
 	- tomcat5 <removed>
-CVE-2007-5332
+CVE-2007-5332 (Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd ...)
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5331
+CVE-2007-5331 (Queue.dll for the message queuing service (LQserver.exe) in CA BrightS ...)
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5330
+CVE-2007-5330 (The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R ...)
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5329
+CVE-2007-5329 (Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v ...)
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5328
+CVE-2007-5328 (The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01  ...)
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5327
+CVE-2007-5327 (Stack-based buffer overflow in the RPC interface for the Message Engin ...)
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5326
+CVE-2007-5326 (Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ...)
 	NOT-FOR-US: ARCServe BackUp
-CVE-2007-5325
+CVE-2007-5325 (Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll ...)
 	NOT-FOR-US: ARCServe BackUp
 CVE-2007-5324
 	REJECTED
-CVE-2007-5323
+CVE-2007-5323 (The RepliStor Server Service in EMC Replistor 6.1.3 allows remote atta ...)
 	NOT-FOR-US: RepliStor Server Service
-CVE-2007-5322
+CVE-2007-5322 (Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX cont ...)
 	NOT-FOR-US: Microsoft Visual FoxPro
-CVE-2007-5321
+CVE-2007-5321 (Directory traversal vulnerability in index.php in Verlihub Control Pan ...)
 	NOT-FOR-US: Verlihub Control Panel
-CVE-2007-5320
+CVE-2007-5320 (Multiple absolute path traversal vulnerabilities in Pegasus Imaging Im ...)
 	NOT-FOR-US: Imaging ImagXpress
-CVE-2007-5319
+CVE-2007-5319 (Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solar ...)
 	NOT-FOR-US: Solaris
-CVE-2007-5318
+CVE-2007-5318 (Unspecified vulnerability in preview.php in TYPOlight webCMS 2.4.6 all ...)
 	NOT-FOR-US: Typolight webCMS
 CVE-2007-5317
 	REJECTED
-CVE-2007-5316
+CVE-2007-5316 (SQL injection vulnerability in browsecats.php in Softbiz Jobs and Recr ...)
 	NOT-FOR-US: Softbiz Jobs
-CVE-2007-5315
+CVE-2007-5315 (PHP remote file inclusion vulnerability in common.php in LiveAlbum 0.9 ...)
 	NOT-FOR-US: LiveAlbum
-CVE-2007-5314
+CVE-2007-5314 (PHP remote file inclusion vulnerability in system/funcs/xkurl.php in x ...)
 	NOT-FOR-US: xKiosk WEB
-CVE-2007-5313
+CVE-2007-5313 (PHP remote file inclusion vulnerability in install/config.php in Pictu ...)
 	NOT-FOR-US: Picturesolution
-CVE-2007-5312
+CVE-2007-5312 (Cross-site scripting (XSS) vulnerability in TorrentTrader Classic 1.07 ...)
 	NOT-FOR-US: TorrentTrader Classic
-CVE-2007-5311
+CVE-2007-5311 (Directory traversal vulnerability in backend/admin-functions.php in To ...)
 	NOT-FOR-US: TorrentTrader Classic
-CVE-2007-5310
+CVE-2007-5310 (PHP remote file inclusion vulnerability in admin.wmtportfolio.php in t ...)
 	NOT-FOR-US: TorrentTrader Classic
-CVE-2007-5309
+CVE-2007-5309 (PHP remote file inclusion vulnerability in admin.wmtgallery.php in the ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5308
+CVE-2007-5308 (SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm)  ...)
 	NOT-FOR-US: phpHPm)
-CVE-2007-5307
+CVE-2007-5307 (ELSEIF CMS Beta 0.6 does not properly unset variables when the input d ...)
 	NOT-FOR-US: ELSEIF CMS
-CVE-2007-5306
+CVE-2007-5306 (ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: ELSEIF CMS
-CVE-2007-5305
+CVE-2007-5305 (Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta  ...)
 	NOT-FOR-US: ELSEIF CMS
-CVE-2007-5304
+CVE-2007-5304 (Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta ...)
 	NOT-FOR-US: ELSEIF CMS
-CVE-2007-5303
+CVE-2007-5303 (Cross-site scripting (XSS) vulnerability in news_page.php in SnewsCMS  ...)
 	NOT-FOR-US: SnewsCMS
-CVE-2007-5302
+CVE-2007-5302 (Multiple cross-site scripting (XSS) vulnerabilities in HP System Manag ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2007-5300
+CVE-2007-5300 (Off-by-one error in the do_login_loop function in libwzd-core/wzd_logi ...)
 	{DSA-1452-1}
 	- wzdftpd 0.8.2-2.1 (medium; bug #446192)
-CVE-2007-5299
+CVE-2007-5299 (Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, a ...)
 	NOT-FOR-US: SkaDate
-CVE-2007-5298
+CVE-2007-5298 (Multiple PHP remote file inclusion vulnerabilities in CMS Creamotion a ...)
 	NOT-FOR-US: CMS Creamotion
-CVE-2007-5297
+CVE-2007-5297 (Cross-site scripting (XSS) vulnerability in index.php in Minki 1.30 al ...)
 	NOT-FOR-US: Minki
-CVE-2007-5296
+CVE-2007-5296 (Multiple cross-site scripting (XSS) vulnerabilities in dblisttest.asp  ...)
 	NOT-FOR-US: dbList
-CVE-2007-5295
+CVE-2007-5295 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in (a ...)
 	NOT-FOR-US: Wikepage Opus
-CVE-2007-5294
+CVE-2007-5294 (PHP remote file inclusion vulnerability in core/aural.php in IDMOS 1.0 ...)
 	NOT-FOR-US: IDMOS
-CVE-2007-5293
+CVE-2007-5293 (Multiple cross-site scripting (XSS) vulnerabilities in IDMOS 1.0-beta  ...)
 	NOT-FOR-US: IDMOS
-CVE-2007-5292
+CVE-2007-5292 (Cross-site scripting (XSS) vulnerability in photos.cfm in Directory Im ...)
 	NOT-FOR-US: Directory Image Gallery
-CVE-2007-5291
+CVE-2007-5291 (Cross-site scripting (XSS) vulnerability in Edit.asp in DB Manager 2.0 ...)
 	NOT-FOR-US: DB Manager
-CVE-2007-5290
+CVE-2007-5290 (Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail ...)
 	NOT-FOR-US: MailBee WebMail Pro
-CVE-2007-5289
+CVE-2007-5289 (HP Mercury Quality Center (QC) 9.2 and earlier, and possibly TestDirec ...)
 	NOT-FOR-US: HP Mercury Quality Center
-CVE-2007-5301
+CVE-2007-5301 (Buffer overflow in the vorbis_stream_info function in input/vorbis/vor ...)
 	{DSA-1538-1 DTSA-66-1}
 	- alsaplayer 0.99.80~rc4-1 (low; bug #446034)
 CVE-2007-5288
@@ -3538,195 +3538,195 @@ CVE-2007-5285
 	REJECTED
 CVE-2007-5284
 	REJECTED
-CVE-2007-5283
+CVE-2007-5283 (The TSC Domain Manager in Hitachi TPBroker Object Transaction Monitor  ...)
 	NOT-FOR-US: Hitachi TPBroker
-CVE-2007-5282
+CVE-2007-5282 (Hitachi Cosminexus Agent 03-00 through 03-05, and Cosminexus Library S ...)
 	NOT-FOR-US: Hitachi Cosminexus
-CVE-2007-5281
+CVE-2007-5281 (The Java Secure Socket Extension (JSSE) in the Hitachi Cosminexus Deve ...)
 	NOT-FOR-US: Hitachi Cosminexus
-CVE-2007-5280
+CVE-2007-5280 (Multiple cross-site scripting (XSS) vulnerabilities in messages.jsp in ...)
 	NOT-FOR-US: Appfuse
-CVE-2007-5279
+CVE-2007-5279 (Heap-based buffer overflow in ConeXware PowerArchiver before 10.20.21  ...)
 	NOT-FOR-US: PowerArchiver
-CVE-2007-5278
+CVE-2007-5278 (Zomplog 3.8.1 and earlier stores potentially sensitive information und ...)
 	NOT-FOR-US: Zomplog
-CVE-2007-5277
+CVE-2007-5277 (Microsoft Internet Explorer 6 drops DNS pins based on failed connectio ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2007-5276
+CVE-2007-5276 (Opera 9 drops DNS pins based on failed connections to irrelevant TCP p ...)
 	NOT-FOR-US: Opera
-CVE-2007-5275
+CVE-2007-5275 (The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause  ...)
 	- flashplugin-nonfree 9.0.115.0.1 (bug #449110)
 	[sarge] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2007-5274
+CVE-2007-5274 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earli ...)
 	- sun-java6 6-03-1 (low)
 	- sun-java5 1.5.0-13-1 (low)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5273
+CVE-2007-5273 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earli ...)
 	- sun-java6 6-03-1 (low)
 	- sun-java5 1.5.0-13-1 (low)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5272
+CVE-2007-5272 (SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allo ...)
 	NOT-FOR-US: Furkan Tastan Blog
-CVE-2007-5271
+CVE-2007-5271 (Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS ...)
 	NOT-FOR-US: Trionic Cite CMS
-CVE-2007-5270
+CVE-2007-5270 (Unspecified vulnerability in the Boost module before 4.7.x-1.0, and 5. ...)
 	- drupal <not-affected> (does not ship this module)
-CVE-2007-5269
+CVE-2007-5269 (Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 ...)
 	- libpng 1.2.15~beta5-3 (low; bug #446308)
 	[sarge] - libpng <no-dsa> (Minor issue)
 	[etch] - libpng 1.2.15~beta5-1+etch2
-CVE-2007-5268
+CVE-2007-5268 (pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) log ...)
 	- libpng <not-affected> (Vulnerable code not present in Debian version, introduced in 1.2.19)
-CVE-2007-5267
+CVE-2007-5267 (Off-by-one error in ICC profile chunk handling in the png_set_iCCP fun ...)
 	- libpng <not-affected> (vulnerable code not present)
 	NOTE: the version in Debian does not use strncpy to copy the buffer so this off-by-one
 	NOTE: is not present in this old version. Instead it allocates space for strlen(name)+1
 	NOTE: and uses strcpy(new_iccp_name, name) which is not nice but safe
-CVE-2007-5266
+CVE-2007-5266 (Off-by-one error in ICC profile chunk handling in the png_set_iCCP fun ...)
 	- libpng <not-affected> (vulnerable code not present)
 	NOTE: the version in Debian does not use strncpy to copy the buffer so this off-by-one
 	NOTE: is not present in this old version. Instead it allocates space for strlen(name)+1
 	NOTE: and uses strcpy(new_iccp_name, name) which is not nice but safe
-CVE-2007-5265
+CVE-2007-5265 (Multiple format string vulnerabilities in websrv.cpp in Dawn of Time 1 ...)
 	NOT-FOR-US: Dawn of Time
-CVE-2007-5264
+CVE-2007-5264 (Battlefront Dropteam 1.3.3 and earlier sends the client's online accou ...)
 	NOT-FOR-US: Battlefront
-CVE-2007-5263
+CVE-2007-5263 (Multiple buffer overflows in Battlefront Dropteam 1.3.3 and earlier al ...)
 	NOT-FOR-US: Battlefront
-CVE-2007-5262
+CVE-2007-5262 (Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 a ...)
 	NOT-FOR-US: Battlefront
-CVE-2007-5261
+CVE-2007-5261 (Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote a ...)
 	NOT-FOR-US: MultiCart
-CVE-2007-5260
+CVE-2007-5260 (ASP-CMS 1.0 stores sensitive information under the web root with insuf ...)
 	NOT-FOR-US: ASP-CMS
-CVE-2007-5259
+CVE-2007-5259 (Cross-site request forgery (CSRF) vulnerability in Ilient SysAid 4.5.0 ...)
 	NOT-FOR-US: SysAid
-CVE-2007-5258
+CVE-2007-5258 (PHP remote file inclusion vulnerability in log.php in phpFreeLog alpha ...)
 	NOT-FOR-US: FreeLog
-CVE-2007-5257
+CVE-2007-5257 (Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control  ...)
 	NOT-FOR-US: EDraw Office Viewer
-CVE-2007-5256
+CVE-2007-5256 (Multiple stack-based buffer overflows in FSD 2.052 d9 and earlier, and ...)
 	NOT-FOR-US: FSD
-CVE-2007-5255
+CVE-2007-5255 (Cross-site scripting (XSS) vulnerability in Google Mini Search Applian ...)
 	NOT-FOR-US: Google Mini Search Appliance
-CVE-2007-5254
+CVE-2007-5254 (VirusBlokAda Vba32 AntiVirus 3.12.2 uses weak permissions (Everyone:Wr ...)
 	NOT-FOR-US: VirusBlokAda Vba32 AntiVirus
-CVE-2007-5253
+CVE-2007-5253 (c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attac ...)
 	NOT-FOR-US: Cart32
-CVE-2007-5252
+CVE-2007-5252 (Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, an ...)
 	NOT-FOR-US: NetSupport Manager/School Student
-CVE-2007-5251
+CVE-2007-5251 (Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 all ...)
 	NOT-FOR-US: Helm
-CVE-2007-5250
+CVE-2007-5250 (The Windows dedicated server for the Unreal engine, as used by America ...)
 	NOT-FOR-US: Americas Army
-CVE-2007-5249
+CVE-2007-5249 (Multiple buffer overflows in the logging function in the Unreal engine ...)
 	NOT-FOR-US: Americas Army
-CVE-2007-5248
+CVE-2007-5248 (Multiple format string vulnerabilities in the ID Software Doom 3 engin ...)
 	NOT-FOR-US: Doom 3 engine
-CVE-2007-5247
+CVE-2007-5247 (Multiple format string vulnerabilities in the Monolith Lithtech engine ...)
 	NOT-FOR-US: Monolith engine
-CVE-2007-5246
+CVE-2007-5246 (Multiple stack-based buffer overflows in Firebird LI 2.0.0.12748 and 2 ...)
 	- firebird2.0 2.0.3.12981.ds1-1
 	- firebird1.5 <removed> (medium; bug #446472)
-CVE-2007-5245
+CVE-2007-5245 (Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1. ...)
 	- firebird2.0 2.0.3.12981.ds1-1
 	- firebird1.5 <removed> (medium; bug #446475)
-CVE-2007-5244
+CVE-2007-5244 (Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8 ...)
 	NOT-FOR-US: Borland InterBase
-CVE-2007-5243
+CVE-2007-5243 (Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 ...)
 	NOT-FOR-US: Borland InterBase
-CVE-2007-5242
+CVE-2007-5242 (Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2007-5241
+CVE-2007-5241 (Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2007-5240
+CVE-2007-5240 (Visual truncation vulnerability in the Java Runtime Environment in Sun ...)
 	- sun-java6 6-03-1 (low)
 	- sun-java5 1.5.0-13-1 (low)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5239
+CVE-2007-5239 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE  ...)
 	- sun-java6 6-03-1 (low)
 	- sun-java5 1.5.0-13-1 (low)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5238
+CVE-2007-5238 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE  ...)
 	- sun-java6 6-03-1 (unimportant)
 	- sun-java5 1.5.0-13-1 (unimportant)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
 	NOTE: Leaked information hardly sensitive
-CVE-2007-5237
+CVE-2007-5237 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not prop ...)
 	- sun-java6 6-03-1 (medium)
 	- sun-java5 1.5.0-13-1 (medium)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5236
+CVE-2007-5236 (Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK a ...)
 	- sun-java6 <not-affected> (Windows only)
 	- sun-java5 <not-affected> (Windows only)
 	- openjdk-6 <not-affected> (Windows only)
-CVE-2007-5235
+CVE-2007-5235 (Cross-site scripting (XSS) vulnerability in index.php in Uebimiau 2.7. ...)
 	NOT-FOR-US: Uebimiau
-CVE-2007-5234
+CVE-2007-5234 (PHP remote file inclusion vulnerability in upload/common/footer.php in ...)
 	NOT-FOR-US: Ossigeno CMS
-CVE-2007-5233
+CVE-2007-5233 (SQL injection vulnerability in index.php in Web Template Management Sy ...)
 	NOT-FOR-US: Web Template Management System
-CVE-2007-5232
+CVE-2007-5232 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earli ...)
 	- sun-java6 6-03-1 (low)
 	- sun-java5 1.5.0-13-1 (low)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-5231
+CVE-2007-5231 (Unrestricted file upload vulnerability in admin/upload_files.php in Zo ...)
 	NOT-FOR-US: Zomplog
-CVE-2007-5230
+CVE-2007-5230 (admin/upload_files.php in Zomplog 3.8.1 and earlier does not check for ...)
 	NOT-FOR-US: Zomplog
-CVE-2007-5229
+CVE-2007-5229 (Cross-site request forgery (CSRF) vulnerability in the FeedBurner Feed ...)
 	NOT-FOR-US: FeedBurner FeedSmith wordpress plugin
-CVE-2007-5228
+CVE-2007-5228 (Cross-site scripting (XSS) vulnerability in the subscription functiona ...)
 	- drupal <not-affected> (does not shipt this module)
-CVE-2007-5227
+CVE-2007-5227 (Multiple cross-site scripting (XSS) vulnerabilities in messaging/cours ...)
 	NOT-FOR-US: BlackBoard Learning System
-CVE-2007-5226
+CVE-2007-5226 (irc_server.c in dircproxy 1.2.0 and earlier allows remote attackers to ...)
 	- dircproxy 1.0.5-5.1 (low; bug #445883)
 	[sarge] - dircproxy <no-dsa> (Minor issue)
 	[etch] - dircproxy 1.0.5-5etch1
-CVE-2007-5225
+CVE-2007-5225 (Integer signedness error in FIFO filesystems (named pipes) on Sun Sola ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-5224
+CVE-2007-5224 (inc/exif.inc.php in Original Photo Gallery 0.11.2 and earlier allows r ...)
 	NOT-FOR-US: Original Photo Gallery
-CVE-2007-5223
+CVE-2007-5223 (Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network P ...)
 	NOT-FOR-US: AlstraSoft
-CVE-2007-5222
+CVE-2007-5222 (SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0. ...)
 	NOT-FOR-US: MAXdev
-CVE-2007-5221
+CVE-2007-5221 (PHP remote file inclusion vulnerability in mail/childwindow.inc.php in ...)
 	NOT-FOR-US: Poppawid
-CVE-2007-5220
+CVE-2007-5220 (SQL injection vulnerability in catalog.asp in ASP Product Catalog allo ...)
 	NOT-FOR-US: ASP Product Catalog
-CVE-2007-5219
+CVE-2007-5219 (Directory traversal vulnerability in the CLAVSetting.CLSetting.1 Activ ...)
 	NOT-FOR-US: CyberLink Power DVD
-CVE-2007-5218
+CVE-2007-5218 (Cross-site scripting (XSS) vulnerability in index.php in Don Barnes DR ...)
 	NOT-FOR-US: Don Barnes DRBGuestbook
-CVE-2007-5217
+CVE-2007-5217 (Stack-based buffer overflow in the ADM4 ActiveX control in adm4.dll in ...)
 	NOT-FOR-US: Altnet Download Manager
-CVE-2007-5216
+CVE-2007-5216 (Multiple PHP remote file inclusion vulnerabilities in eArk (e-Ark) 1.0 ...)
 	NOT-FOR-US: eArk
-CVE-2007-5215
+CVE-2007-5215 (Multiple PHP remote file inclusion vulnerabilities in Jacob Hinkle God ...)
 	NOT-FOR-US: GodSend
-CVE-2007-5214
+CVE-2007-5214 (Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 N ...)
 	NOT-FOR-US: Axis Network Camera
-CVE-2007-5213
+CVE-2007-5213 (Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS ...)
 	NOT-FOR-US: Axis Network Camera
-CVE-2007-5212
+CVE-2007-5212 (Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 N ...)
 	NOT-FOR-US: Axis Network Camera
-CVE-2007-5211
+CVE-2007-5211 (Multiple cross-site scripting (XSS) vulnerabilities in Arbor Networks  ...)
 	NOT-FOR-US: Peakflow
-CVE-2007-5210
+CVE-2007-5210 (Arbor Networks Peakflow SP before 3.5.1 patch 14, and 3.6.x before 3.6 ...)
 	NOT-FOR-US: Peakflow
-CVE-2007-5209
+CVE-2007-5209 (Stack-based buffer overflow in DriveLock.exe in CenterTools DriveLock  ...)
 	NOT-FOR-US: CenterTools
-CVE-2007-5208
+CVE-2007-5208 (hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1. ...)
 	{DSA-1462-1 DTSA-72-1}
 	- hplip 1.6.10-4.3 (medium; bug #447341)
 	[sarge] - hplip <not-affected> (This code was using smtp directly)
@@ -3740,94 +3740,94 @@ CVE-2007-5203
 	RESERVED
 CVE-2007-5202
 	RESERVED
-CVE-2007-5201
+CVE-2007-5201 (The FTP backend for Duplicity before 0.4.9 sends the password as a com ...)
 	- duplicity 0.4.3-2 (low; bug #442840)
 	[etch] - duplicity <not-affected> (Vulnerable code introduced in 0.4.3)
 	[sarge] - duplicity <not-affected> (Vulnerable code introduced in 0.4.3)
 	NOTE: ftp is an inherently insecure protocol, any security-sensitive data would
 	NOTE: be transferred through the scp, sftp or rsync backends.
 	NOTE: http://lists.debian.org/debian-release/2008/01/msg00190.html
-CVE-2007-5200
+CVE-2007-5200 (hugin, as used on various operating systems including SUSE openSUSE 10 ...)
 	{DTSA-74-1}
 	- hugin 0.6.1-1.1 (low; bug #447344)
 	[etch] - hugin <no-dsa> (Minor issue)
-CVE-2007-5199
+CVE-2007-5199 (A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows r ...)
 	- libxfont 1:1.3.2-1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=327854
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5bf703700ee4a5d6eae20da07cb7a29369667aef
-CVE-2007-5198
+CVE-2007-5198 (Buffer overflow in the redir function in check_http.c in Nagios Plugin ...)
 	{DSA-1495-1 DTSA-67-1}
 	- nagios-plugins 1.4.8-2.2 (low; bug #445475)
 	NOTE: Requires the webserver, which has to be checked, to be compromised
-CVE-2007-5197
+CVE-2007-5197 (Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and  ...)
 	{DSA-1397-1 DTSA-76-1}
 	- mono 1.2.5.1-2
-CVE-2007-5196
+CVE-2007-5196 (Unspecified vulnerability in the SSL implementation in Groupwise clien ...)
 	NOT-FOR-US: novell-groupwise-client
-CVE-2007-5195
+CVE-2007-5195 (Unspecified vulnerability in the SSL implementation in Groupwise clien ...)
 	NOT-FOR-US: novell-groupwise-client
-CVE-2007-5194
+CVE-2007-5194 (The Chroot server in rMake 1.0.11 creates a /dev/zero device file with ...)
 	NOT-FOR-US: rMake
 CVE-2007-5192
 	RESERVED
-CVE-2007-5191
+CVE-2007-5191 (mount and umount in util-linux and loop-aes-utils call the setuid and  ...)
 	{DSA-1450-1 DSA-1449-1 DTSA-64-1 DTSA-70-1}
 	- util-linux 2.13-8 (low)
 	- loop-aes-utils 2.13-2 (low)
-CVE-2007-5190
+CVE-2007-5190 (Multiple cross-site scripting (XSS) vulnerabilities in Alcatel OmniVis ...)
 	NOT-FOR-US: Alcatel OmniVista
-CVE-2007-5189
+CVE-2007-5189 (Multiple SQL injection vulnerabilities in mes_add.php in x-script Gues ...)
 	NOT-FOR-US: X-Script
-CVE-2007-5188
+CVE-2007-5188 (Unspecified vulnerability in the XOOPS uploader class in Xoops 2.0.17. ...)
 	NOT-FOR-US: Xoops
-CVE-2007-5187
+CVE-2007-5187 (SQL injection vulnerability in infusions/calendar_events_panel/show_si ...)
 	NOT-FOR-US: Php-Fusion
-CVE-2007-5186
+CVE-2007-5186 (PHP remote file inclusion vulnerability in index.php in Segue CMS 1.8. ...)
 	NOT-FOR-US: Segue CMS
-CVE-2007-5185
+CVE-2007-5185 (Multiple PHP remote file inclusion vulnerabilities in phpWCMS XT 0.0.7 ...)
 	NOT-FOR-US: phpWCMS XT
-CVE-2007-5184
+CVE-2007-5184 (Format string vulnerability in the SMBDirList function in dirlist.c in ...)
 	NOT-FOR-US: smbFtpd
-CVE-2007-5183
+CVE-2007-5183 (Cross-site scripting (XSS) vulnerability in Mailbox.mws in OdysseySuit ...)
 	NOT-FOR-US: OdysseySuite
-CVE-2007-5182
+CVE-2007-5182 (Cross-site scripting (XSS) vulnerability in mail.asp in Netkamp Emlak  ...)
 	NOT-FOR-US: Netkamp Emlak Scripti
-CVE-2007-5181
+CVE-2007-5181 (SQL injection vulnerability in detay.asp in Netkamp Emlak Scripti allo ...)
 	NOT-FOR-US: Netkamp Emlak Scripti
-CVE-2007-5180
+CVE-2007-5180 (Multiple SQL injection vulnerabilities in Ohesa Emlak Portali allow re ...)
 	NOT-FOR-US: Ohesa Emlak Portali
-CVE-2007-5179
+CVE-2007-5179 (Multiple cross-site scripting (XSS) vulnerabilities in iletisim.asp in ...)
 	NOT-FOR-US: Iletisim Formu
-CVE-2007-5178
+CVE-2007-5178 (contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB pla ...)
 	NOT-FOR-US: mxBB
-CVE-2007-5177
+CVE-2007-5177 (SQL injection vulnerability in index.php in the MambAds (com_mambads)  ...)
 	NOT-FOR-US: Mambo extension
-CVE-2007-5176
+CVE-2007-5176 (Multiple cross-site scripting (XSS) vulnerabilities in GroupLink eHelp ...)
 	NOT-FOR-US: eHelpDesk
-CVE-2007-5175
+CVE-2007-5175 (PHP remote file inclusion vulnerability lib/base.php in actSite 1.991  ...)
 	NOT-FOR-US: actSite
-CVE-2007-5174
+CVE-2007-5174 (Directory traversal vulnerability in phpinc/news.php in actSite 1.56 a ...)
 	NOT-FOR-US: actSite
-CVE-2007-5173
+CVE-2007-5173 (PHP remote file inclusion vulnerability in includes/openid/Auth/OpenID ...)
 	NOT-FOR-US: phpBB Openid
-CVE-2007-5207
+CVE-2007-5207 (guilt 0.27 allows local users to overwrite arbitrary files via a symli ...)
 	- guilt 0.27-1.2 (medium; bug #445308)
-CVE-2007-5193
+CVE-2007-5193 (The default configuration for twiki 4.1.2 on Debian GNU/Linux, and pos ...)
 	- twiki 1:4.1.2-3 (bug #444982; low)
 	[etch] - twiki <no-dsa> (Minor packaging flaw, doesn't warrant an update)
-CVE-2007-5172
+CVE-2007-5172 (Quicksilver Forums before 1.4.1 allows remote attackers to obtain sens ...)
 	NOT-FOR-US: Quicksilver Forums
-CVE-2007-5171
+CVE-2007-5171 (Unspecified vulnerability in Quicksilver Forums before 1.4.1 allows re ...)
 	NOT-FOR-US: Quicksilver Forums
-CVE-2007-5170
+CVE-2007-5170 (Unspecified vulnerability in the embedded service processor (SP) befor ...)
 	NOT-FOR-US: Sun Fire
-CVE-2007-5169
+CVE-2007-5169 (Stack-based buffer overflow in MAIPM6.dll in Adobe PageMaker 7.0.1 and ...)
 	NOT-FOR-US: Adobe PageMaker
-CVE-2007-5168
+CVE-2007-5168 (Multiple PHP remote file inclusion vulnerabilities in ClanLite 1.23.01 ...)
 	NOT-FOR-US: Clan lite
-CVE-2007-5167
+CVE-2007-5167 (PHP remote file inclusion vulnerability in .systeme/fonctions.php in p ...)
 	NOT-FOR-US: phpLister
-CVE-2007-5166
+CVE-2007-5166 (Multiple PHP remote file inclusion vulnerabilities in SiteSys 1.0a all ...)
 	NOT-FOR-US: SiteSys
 CVE-2007-5165
 	NOT-FOR-US: myIpacNG-stats
@@ -3835,23 +3835,23 @@ CVE-2007-5164
 	NOT-FOR-US: UniversiBO
 CVE-2007-5163
 	NOT-FOR-US: nexty
-CVE-2007-5162
+CVE-2007-5162 (The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net ...)
 	{DSA-1412-1 DSA-1411-1 DSA-1410-1}
 	- ruby1.9 1.9.0+20071016-1 (low)
 	- ruby1.8 1.8.6.111-1 (low; bug #444929)
 	NOTE: fix for 1.8 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13504
-CVE-2007-5161
+CVE-2007-5161 (Cross-zone scripting vulnerability in the internal browser in i-System ...)
 	NOT-FOR-US: Feedreader 3
 	NOTE: editor not included in native wordpress
-CVE-2007-5160
+CVE-2007-5160 (Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche  ...)
 	NOT-FOR-US: Thierry Leriche Restaurant Management System
-CVE-2007-5159
+CVE-2007-5159 (The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g pac ...)
 	- ntfs-3g 1:1.913-2 (medium; bug #445315)
-CVE-2007-5158
+CVE-2007-5158 (The focus handling for the onkeydown event in Microsoft Internet Explo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-5157
+CVE-2007-5157 (PHP remote file inclusion vulnerability in phfito-post.php in Alex Koc ...)
 	NOT-FOR-US: PHP Fidonet Tosser
-CVE-2007-5156
+CVE-2007-5156 (Incomplete blacklist vulnerability in editor/filemanager/upload/php/up ...)
 	- knowledgeroot 0.9.8.4-1.1 (unimportant; bug #444928)
 	- moin 1.5.8-4.1 (unimportant)
 	NOTE: This problem should rather be addressed by proper httpd config
@@ -3860,174 +3860,174 @@ CVE-2007-5156
 	- gforge 4.6.99+svn6169-1 (low; bug #447590)
 	[etch] - gforge <not-affected> (fckeditor is not shipped in these versions)
 	[sarge] - gforge <not-affected> (fckeditor is not shipped in these versions)
-CVE-2007-5155
+CVE-2007-5155 (IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect arguments ...)
 	NOT-FOR-US: ICEOWS
-CVE-2007-5154
+CVE-2007-5154 (Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and earlie ...)
 	NOT-FOR-US: Aipo
-CVE-2007-5153
+CVE-2007-5153 (Unspecified vulnerability in Sun Java System Access Manager 7.1, when  ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2007-5152
+CVE-2007-5152 (Sun Java System Access Manager 7.1, when installed in a Sun Java Syste ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2007-5151
+CVE-2007-5151 (SQL injection vulnerability in the abget_admin function in includes/nu ...)
 	NOT-FOR-US: NukeSentinel
-CVE-2007-5150
+CVE-2007-5150 (SQL injection vulnerability in the is_god function in includes/nukesen ...)
 	NOT-FOR-US: NukeSentinel
-CVE-2007-5149
+CVE-2007-5149 (PHP remote file inclusion vulnerability in NewsCMS/news/newstopic_inc. ...)
 	NOT-FOR-US: North Country Public Radio Public Media Manager
 CVE-2007-5148
 	NOT-FOR-US: FrontAccounting
-CVE-2007-5147
+CVE-2007-5147 (Multiple PHP remote file inclusion vulnerabilities in Puzzle Apps CMS  ...)
 	NOT-FOR-US: Puzzle Apps CMS
-CVE-2007-5146
+CVE-2007-5146 (Multiple PHP remote file inclusion vulnerabilities in dedi-group Der D ...)
 	NOT-FOR-US: Der Dirigent
-CVE-2007-5145
+CVE-2007-5145 (Multiple buffer overflows in system DLL files in Microsoft Windows XP, ...)
 	NOT-FOR-US: Windows XP
-CVE-2007-5144
+CVE-2007-5144 (Buffer overflow in the GDI engine in Windows Live Messenger, as used f ...)
 	NOT-FOR-US: Windows Live Messenger
-CVE-2007-5143
+CVE-2007-5143 (F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows loca ...)
 	NOT-FOR-US: Anti-Virus for Windows Servers
-CVE-2007-5142
+CVE-2007-5142 (Cross-site scripting (XSS) vulnerability in buscar.asp in Solidweb Nov ...)
 	NOT-FOR-US: Solidweb Novus
-CVE-2007-5141
+CVE-2007-5141 (SQL injection vulnerability in search.php in SiteX CMS 0.7.3 Beta allo ...)
 	NOT-FOR-US: SiteX
-CVE-2007-5140
+CVE-2007-5140 (PHP remote file inclusion vulnerability in includes/archive/archive_to ...)
 	NOT-FOR-US: IntegraMOD Nederland
-CVE-2007-5139
+CVE-2007-5139 (PHP remote file inclusion vulnerability in admin/include/header.php in ...)
 	NOT-FOR-US: Chupix
-CVE-2007-5138
+CVE-2007-5138 (PHP remote file inclusion vulnerability in forum/forum.php in lustig.c ...)
 	NOT-FOR-US: lustig.cms
-CVE-2007-5137
+CVE-2007-5137 (Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl ...)
 	{DSA-1743-1}
 	- tk8.4 8.4.16-1
 	[etch] - tk8.4 <not-affected> (Vulnerability was introduced in 8.4.13)
 	[sarge] - tk8.4 <not-affected> (Vulnerability was introduced in 8.4.13)
 	- tk8.3 <not-affected> (Vulnerability was introduced in 8.4.13)
 	- libtk-img 1.3-release-8
-CVE-2007-5136
+CVE-2007-5136 (Cross-site scripting (XSS) vulnerability in DFD Cart 1.1.4 and earlier ...)
 	NOT-FOR-US: DFD Cart
-CVE-2007-5134
+CVE-2007-5134 (Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP address ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2007-5133
+CVE-2007-5133 (Microsoft Windows Explorer (explorer.exe) allows user-assisted remote  ...)
 	NOT-FOR-US: Microsoft Windows Explorer
-CVE-2007-5132
+CVE-2007-5132 (Race condition in the kernel in Sun Solaris 8 through 10 allows local  ...)
 	NOT-FOR-US: Solaris
-CVE-2007-5131
+CVE-2007-5131 (SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x ...)
 	NOT-FOR-US: ActiveKB
-CVE-2007-5130
+CVE-2007-5130 (SimpGB 1.46.02 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: SimpGB
-CVE-2007-5129
+CVE-2007-5129 (SimpGB 1.46.02 stores sensitive information under the web root with in ...)
 	NOT-FOR-US: SimpGB
-CVE-2007-5128
+CVE-2007-5128 (SimpNews 2.41.03 on Windows, when PHP before 5.0.0 is used, allows rem ...)
 	NOT-FOR-US: SimpNews
-CVE-2007-5127
+CVE-2007-5127 (Multiple cross-site scripting (XSS) vulnerabilities in SimpGB 1.46.02  ...)
 	NOT-FOR-US: SimpGB
-CVE-2007-5126
+CVE-2007-5126 (Unspecified vulnerability in the client in Symantec Veritas Backup Exe ...)
 	NOT-FOR-US: Symantec Veritas Backup Exec
 CVE-2007-5125
 	REJECTED
-CVE-2007-5124
+CVE-2007-5124 (The embedded Internet Explorer server control in AOL Instant Messenger ...)
 	NOT-FOR-US: AOL Messenger
-CVE-2007-5123
+CVE-2007-5123 (SQL injection vulnerability in notas.asp in Novus 1.0 allows remote at ...)
 	NOT-FOR-US: Solidweb Novus
-CVE-2007-5122
+CVE-2007-5122 (SQL injection vulnerability in store_info.php in SoftBiz Classifieds P ...)
 	NOT-FOR-US: SoftBiz Classifieds PLUS
-CVE-2007-5121
+CVE-2007-5121 (Cross-site scripting (XSS) vulnerability in JSPWiki 2.5.139-beta allow ...)
 	- jspwiki <not-affected> (The version we ship does not process a redirect parameter in Login.jsp and other source files)
 	[sarge] - jspwiki <no-dsa> (Contrib not supported)
-CVE-2007-5120
+CVE-2007-5120 (Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 ...)
 	- jspwiki 2.5.139-1 (medium; bug #445477)
 	[sarge] - jspwiki <no-dsa> (Contrib not supported)
-CVE-2007-5119
+CVE-2007-5119 (JSPWiki 2.4.103 and 2.5.139-beta allows remote attackers to obtain sen ...)
 	- jspwiki 2.5.139-1 (unimportant; bug #445477)
 	[sarge] - jspwiki <no-dsa> (Contrib not supported)
-CVE-2007-5118
+CVE-2007-5118 (Unspecified vulnerability in the HID (Human Interface Device) class dr ...)
 	NOT-FOR-US: Solaris
-CVE-2007-5117
+CVE-2007-5117 (Multiple PHP remote file inclusion vulnerabilities in FrontAccounting  ...)
 	NOT-FOR-US: FrontAccounting
-CVE-2007-5116
+CVE-2007-5116 (Buffer overflow in the polymorphic opcode support in the Regular Expre ...)
 	{DSA-1400-1 DTSA-78-1}
 	- perl 5.8.8-12 (medium; bug #450794)
 	NOTE: http://public.activestate.com/cgi-bin/perlbrowse/30647
-CVE-2007-5135
+CVE-2007-5135 (Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9 ...)
 	{DSA-1379-1}
 	- openssl 0.9.8e-9 (low; bug #444435)
 	[sarge] - openssl 0.9.7e-3sarge5
-CVE-2007-5115
+CVE-2007-5115 (Multiple PHP remote file inclusion vulnerabilities in Ekke Doerre Cont ...)
 	NOT-FOR-US: Ekke Doerre Contenido
 CVE-2007-5114
 	NOT-FOR-US: phpmyProfiler
-CVE-2007-5113
+CVE-2007-5113 (report.cgi in Google Urchin allows remote attackers to bypass authenti ...)
 	NOT-FOR-US: Google Urchin
-CVE-2007-5112
+CVE-2007-5112 (Cross-site scripting (XSS) vulnerability in session.cgi (aka the login ...)
 	NOT-FOR-US: Google Urchin
-CVE-2007-5111
+CVE-2007-5111 (A certain ActiveX control in EBCRYPT.DLL 2.0 in EB Design ebCrypt allo ...)
 	NOT-FOR-US: ebCrypt
-CVE-2007-5110
+CVE-2007-5110 (Absolute path traversal vulnerability in the EbCrypt.eb_c_PRNGenerator ...)
 	NOT-FOR-US: ebCrypt
-CVE-2007-5109
+CVE-2007-5109 (Cross-site request forgery (CSRF) vulnerability in index.php in FlatNu ...)
 	NOT-FOR-US: flatnuke
-CVE-2007-5108
+CVE-2007-5108 (Unspecified vulnerability in IAC Search &amp; Media ask.com toolbar ha ...)
 	NOT-FOR-US: IAC Search & Media ask.com toolbar
-CVE-2007-5107
+CVE-2007-5107 (Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 A ...)
 	NOT-FOR-US: AskJeevesToolBar
-CVE-2007-5106
+CVE-2007-5106 (Cross-site scripting (XSS) vulnerability in wp-register.php in WordPre ...)
 	- wordpress 2.0.2-1 (low)
-CVE-2007-5105
+CVE-2007-5105 (Cross-site scripting (XSS) vulnerability in wp-register.php in WordPre ...)
 	- wordpress 2.0.4-1 (low)
-CVE-2007-5104
+CVE-2007-5104 (SQL injection vulnerability in index.php in the Arcade module in bcoos ...)
 	NOT-FOR-US: bcoos
-CVE-2007-5103
+CVE-2007-5103 (Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 R ...)
 	NOT-FOR-US: Wordsmith
-CVE-2007-5102
+CVE-2007-5102 (PHP remote file inclusion vulnerability in config.inc.php in Wordsmith ...)
 	NOT-FOR-US: Wordsmith
-CVE-2007-5101
+CVE-2007-5101 (ChironFS before 1.0 RC7 sets user/group ownership to the mounter accou ...)
 	NOT-FOR-US: ChironFS
-CVE-2007-5100
+CVE-2007-5100 (Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, ...)
 	NOT-FOR-US: phpBB plus (phpbb2 does not include this module)
-CVE-2007-5099
+CVE-2007-5099 (PHP remote file inclusion vulnerability in show.php in David Watters H ...)
 	NOT-FOR-US: helplink
-CVE-2007-5098
+CVE-2007-5098 (Multiple PHP remote file inclusion vulnerabilities in DFD Cart 1.1.4 a ...)
 	NOT-FOR-US: DFD Cart
 CVE-2007-5097
 	NOT-FOR-US: Online Fantasy Football League
-CVE-2007-5096
+CVE-2007-5096 (PHP remote file inclusion vulnerability in modules/webmail2/inc/rfc822 ...)
 	NOT-FOR-US: guanxiCRM Business Solution
-CVE-2007-5095
+CVE-2007-5095 (Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes Inter ...)
 	NOT-FOR-US: Windows Media Player
-CVE-2007-5094
+CVE-2007-5094 (Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitc ...)
 	NOT-FOR-US: Ipswitch IMail Server
-CVE-2007-5093
+CVE-2007-5093 (The disconnect method in the Philips USB Webcam (pwc) driver in Linux  ...)
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1381-2}
 	- linux-2.6 2.6.23-1
-CVE-2007-5092
+CVE-2007-5092 (Directory traversal vulnerability in index.php in the Dance Music modu ...)
 	NOT-FOR-US: phpNuke module
-CVE-2007-5091
+CVE-2007-5091 (Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare 1.4. ...)
 	- egroupware 1.2.107-2.dfsg-2 (low; bug #444351)
-CVE-2007-5090
+CVE-2007-5090 (Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a Micr ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2007-5089
+CVE-2007-5089 (PHP remote file inclusion vulnerability in php-inc/log.inc.php in sk.l ...)
 	NOT-FOR-US: Sklog
-CVE-2007-5088
+CVE-2007-5088 (Cross-site scripting (XSS) vulnerability in search/cust_bill_event.cgi ...)
 	NOT-FOR-US: freeside
-CVE-2007-5087
+CVE-2007-5087 (The ATM module in the Linux kernel before 2.4.35.3, when CLIP support  ...)
 	- linux-2.6 <not-affected> (2.6 code base handles ARP entries differently)
-CVE-2007-5086
+CVE-2007-5086 (Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not  ...)
 	NOT-FOR-US: Kaspersky Anti-Virus and Internet Security 7.0
-CVE-2007-5085
+CVE-2007-5085 (Unspecified vulnerability in the management EJB (MEJB) in Apache Geron ...)
 	NOT-FOR-US: Geronimo Apache
-CVE-2007-5084
+CVE-2007-5084 (Multiple SQL injection vulnerabilities in Computer Associates (CA) Bri ...)
 	NOT-FOR-US: CA BrightStor Hierarchical Storage Manager
-CVE-2007-5083
+CVE-2007-5083 (Multiple integer overflows in Computer Associates (CA) BrightStor Hier ...)
 	NOT-FOR-US: CA BrightStor Hierarchical Storage Manager
-CVE-2007-5082
+CVE-2007-5082 (Multiple stack-based buffer overflows in Computer Associates (CA) Brig ...)
 	NOT-FOR-US: CA BrightStor Hierarchical Storage Manager
-CVE-2007-5081
+CVE-2007-5081 (Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and ...)
 	NOT-FOR-US: RealPlayer
-CVE-2007-5080
+CVE-2007-5080 (Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Playe ...)
 	NOT-FOR-US: RealPlayer
-CVE-2007-5079
+CVE-2007-5079 (Red Hat Enterprise Linux 4 does not properly compile and link gdm with ...)
 	- gdm <not-affected> (Red Hat-specific packaging flaw)
-CVE-2007-5078
+CVE-2007-5078 (Multiple cross-site scripting (XSS) vulnerabilities in eGov Manager al ...)
 	NOT-FOR-US: eGov Manager
 CVE-2007-5077
 	RESERVED
@@ -4039,243 +4039,243 @@ CVE-2007-5074
 	RESERVED
 CVE-2007-5073
 	RESERVED
-CVE-2007-5072
+CVE-2007-5072 (Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog ...)
 	NOT-FOR-US: Simple PHP Blog
-CVE-2007-5071
+CVE-2007-5071 (Incomplete blacklist vulnerability in upload_img_cgi.php in Simple PHP ...)
 	NOT-FOR-US: Simple PHP Blog
-CVE-2007-5070
+CVE-2007-5070 (Heap-based buffer overflow in the EasyMailMessagePrinter ActiveX contr ...)
 	NOT-FOR-US: Easy Mail Message Printer
-CVE-2007-5069
+CVE-2007-5069 (Directory traversal vulnerability in data/compatible.php in the Nuke M ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-5068
+CVE-2007-5068 (SQL injection vulnerability in index.php in phpFullAnnu (PFA) 6.0 allo ...)
 	NOT-FOR-US: phpFullAnnu
-CVE-2007-5067
+CVE-2007-5067 (Multiple buffer overflows in iMatix Xitami Web Server 2.5c2 allow remo ...)
 	NOT-FOR-US: iMatix Xitami Web Server
-CVE-2007-5066
+CVE-2007-5066 (Unspecified vulnerability in Webmin before 1.370 on Windows allows rem ...)
 	- webmin <removed>
-CVE-2007-5065
+CVE-2007-5065 (PHP remote file inclusion vulnerability in admin.slideshow1.php in the ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-5064
+CVE-2007-5064 (Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6 ...)
 	NOT-FOR-US: Xunlei Web Thunder
-CVE-2007-5063
+CVE-2007-5063 (Adam Scheinberg Flip 3.0 and earlier stores sensitive information unde ...)
 	NOT-FOR-US: Adam Scheinberg Flip
-CVE-2007-5062
+CVE-2007-5062 (account.php in Adam Scheinberg Flip 3.0 and earlier allows remote atta ...)
 	NOT-FOR-US: Adam Scheinberg Flip
-CVE-2007-5061
+CVE-2007-5061 (SQL injection vulnerability in mods/banners/navlist.php in Clansphere  ...)
 	NOT-FOR-US: Clansphere
-CVE-2007-5060
+CVE-2007-5060 (Cross-site request forgery (CSRF) vulnerability in the cpass functiona ...)
 	NOT-FOR-US: XCMS
-CVE-2007-5059
+CVE-2007-5059 (Multiple cross-site scripting (XSS) vulnerabilities in GreenSQL allow  ...)
 	NOT-FOR-US: GreenSQL
-CVE-2007-5058
+CVE-2007-5058 (Cross-site scripting (XSS) vulnerability in the Web administration int ...)
 	NOT-FOR-US: Barracuda
-CVE-2007-5057
+CVE-2007-5057 (NetSupport Manager Client before 10.20.0004 allows remote attackers to ...)
 	NOT-FOR-US: NetSupport Manager Client
-CVE-2007-5056
+CVE-2007-5056 (Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lit ...)
 	NOT-FOR-US: ADOdb Lite
-CVE-2007-5055
+CVE-2007-5055 (Multiple directory traversal vulnerabilities in iziContents 1 RC6 and  ...)
 	NOT-FOR-US: iziContents
-CVE-2007-5054
+CVE-2007-5054 (Multiple PHP remote file inclusion vulnerabilities in iziContents 1 RC ...)
 	NOT-FOR-US: iziContents
-CVE-2007-5053
+CVE-2007-5053 (Multiple incomplete blacklist vulnerabilities in iziContents 1 RC6 and ...)
 	NOT-FOR-US: iziContents
-CVE-2007-5052
+CVE-2007-5052 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Vi ...)
 	NOT-FOR-US: Vigile CMS
-CVE-2007-5051
+CVE-2007-5051 (Multiple cross-site scripting (XSS) vulnerabilities in PhpGedView 4.1. ...)
 	{DSA-1559-1}
 	- phpgedview 4.1.e+4.1.1-2 (low; bug #443901)
-CVE-2007-5050
+CVE-2007-5050 (Directory traversal vulnerability in index.php in Neuron News 1.0 allo ...)
 	NOT-FOR-US: Neuron News
 CVE-2007-5049
 	REJECTED
-CVE-2007-5048
+CVE-2007-5048 (Heap-based buffer overflow in Lhaplus before 1.55 allows remote attack ...)
 	NOT-FOR-US: lhaplus
-CVE-2007-5047
+CVE-2007-5047 (Norton Internet Security 2008 15.0.0.60 does not properly validate cer ...)
 	NOT-FOR-US: Norton Internet Security
-CVE-2007-5046
+CVE-2007-5046 (Cross-site scripting (XSS) vulnerability in the Webmail interface for  ...)
 	NOT-FOR-US: IceWarp Merak Mail Server
-CVE-2007-5045
+CVE-2007-5045 (Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, ...)
 	- iceweasel <not-affected> (Only affects Firefox/Thunderbird on Windows)
 	- icedove <not-affected> (Only affects Firefox/Thunderbird on Windows)
-CVE-2007-5044
+CVE-2007-5044 (ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameter ...)
 	NOT-FOR-US: ZoneAlam Pro
-CVE-2007-5043
+CVE-2007-5043 (Kaspersky Internet Security 7.0.0.125 does not properly validate certa ...)
 	NOT-FOR-US: Kaspersky Internet Security
-CVE-2007-5042
+CVE-2007-5042 (Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain  ...)
 	NOT-FOR-US: Outpost Firewall PRO
-CVE-2007-5041
+CVE-2007-5041 (G DATA InternetSecurity 2007 does not properly validate certain parame ...)
 	NOT-FOR-US: G DATA InternetSecurity
-CVE-2007-5040
+CVE-2007-5040 (Ghost Security Suite alpha 1.200 does not properly validate certain pa ...)
 	NOT-FOR-US: Ghost Security Suite
-CVE-2007-5039
+CVE-2007-5039 (Ghost Security Suite beta 1.110 does not properly validate certain par ...)
 	NOT-FOR-US: Ghost Security Suite
-CVE-2007-5038
+CVE-2007-5038 (The offer_account_by_email function in User.pm in the WebService for B ...)
 	- bugzilla <not-affected> (Affected versions were never present in the archive)
-CVE-2007-5037
+CVE-2007-5037 (Buffer overflow in the inotifytools_snprintf function in src/inotifyto ...)
 	{DSA-1440-1}
 	- inotify-tools 3.11-1 (medium; bug #443913)
-CVE-2007-5036
+CVE-2007-5036 (Multiple buffer overflows in the AirDefense Airsensor M520 with firmwa ...)
 	NOT-FOR-US: AirDefense firmware
 CVE-2007-5035
 	NOT-FOR-US: openEngine
-CVE-2007-5034
+CVE-2007-5034 (ELinks before 0.11.3, when sending a POST request for an https URL, ap ...)
 	{DSA-1380-1}
 	- elinks 0.11.1-1.5 (low; bug #443914)
-CVE-2007-5033
+CVE-2007-5033 (Cross-site scripting (XSS) vulnerability in profile.php in phpBB XS 2  ...)
 	NOT-FOR-US: phpBB XS
-CVE-2007-5032
+CVE-2007-5032 (Cross-site request forgery (CSRF) vulnerability in admin.php in Franci ...)
 	NOT-FOR-US: Php-Nuke
-CVE-2007-5031
+CVE-2007-5031 (The TSrvOptIA_NA::rebind method in SrvOptions/SrvOptIA_NA.cpp in Dibbl ...)
 	- dibbler 0.6.1-1 (low; bug #444002)
-CVE-2007-5030
+CVE-2007-5030 (Multiple integer overflows in Dibbler 0.6.0 allow remote attackers to  ...)
 	- dibbler 0.6.1-1 (low; bug #444002)
-CVE-2007-5029
+CVE-2007-5029 (Dibbler 0.6.0 does not verify that certain length parameters are appro ...)
 	- dibbler 0.6.1-1 (low; bug #444002)
-CVE-2007-5028
+CVE-2007-5028 (Dibbler 0.6.0 on Linux uses weak world-writable permissions for unspec ...)
 	- dibbler 0.6.1-1 (medium; bug #444002)
-CVE-2007-5027
+CVE-2007-5027 (Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/ddns in ...)
 	NOT-FOR-US: WBR3404TX firmware
-CVE-2007-5026
+CVE-2007-5026 (dBlog CMS, probably 2.0, stores sensitive information under the web ro ...)
 	NOT-FOR-US: dBlog CMS
-CVE-2007-5025
+CVE-2007-5025 (Unspecified vulnerability in EMC VMware ACE before 1.0.3 Build 54075 a ...)
 	NOT-FOR-US: VMware
-CVE-2007-5024
+CVE-2007-5024 (EMC VMware Server before 1.0.4 Build 56528 writes passwords in clearte ...)
 	NOT-FOR-US: VMware
-CVE-2007-5023
+CVE-2007-5023 (Unquoted Windows search path vulnerability in EMC VMware Workstation b ...)
 	NOT-FOR-US: VMware
-CVE-2007-5022
+CVE-2007-5022 (Unspecified vulnerability in certain IBM Tivoli Storage Manager (TSM)  ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
 CVE-2007-5021
 	REJECTED
-CVE-2007-5020
+CVE-2007-5020 (Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows a ...)
 	NOT-FOR-US: Acrobat Reader
 CVE-2007-XXXX [mimep insecure tempfile usage and insecure calls to LaTeX and dvips]
 	- mp 3.7.1-8 (low)
 	[sarge] - mp <no-dsa> (Minor issue)
 	[etch] - mp <no-dsa> (Minor issue)
 	NOTE: Can be fixed in a point update
-CVE-2007-5019
+CVE-2007-5019 (Buffer overflow in the Sun Java Web Start ActiveX control in Java Runt ...)
 	- sun-java6 <removed> (unimportant)
 	- sun-java5 <removed> (unimportant)
 	- openjdk-6 <removed> (unimportant)
 	NOTE: exploiting this would not work under Linux
-CVE-2007-5018
+CVE-2007-5018 (Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote  ...)
 	NOT-FOR-US: Pegasus Mail Mercury
-CVE-2007-5017
+CVE-2007-5017 (Absolute path traversal vulnerability in a certain ActiveX control in  ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-5016
+CVE-2007-5016 (SQL injection vulnerability in userreviews.php in OneCMS 2.4 allows re ...)
 	NOT-FOR-US: OneCMS
-CVE-2007-5015
+CVE-2007-5015 (Multiple PHP remote file inclusion vulnerabilities in Streamline PHP M ...)
 	NOT-FOR-US: Streamline
-CVE-2007-5014
+CVE-2007-5014 (Multiple PHP remote file inclusion vulnerabilities in pSlash 0.70 allo ...)
 	NOT-FOR-US: pSlash
-CVE-2007-5013
+CVE-2007-5013 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ph ...)
 	NOT-FOR-US: Phormer
-CVE-2007-5012
+CVE-2007-5012 (Cross-site scripting (XSS) vulnerability in picture.php in PhpWebGalle ...)
 	NOT-FOR-US: PhpWebGallery
-CVE-2007-5011
+CVE-2007-5011 (webbatch.exe in WebBatch allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: WebBatch
-CVE-2007-5010
+CVE-2007-5010 (Cross-site scripting (XSS) vulnerability in WebBatch allows remote att ...)
 	NOT-FOR-US: WebBatch
-CVE-2007-5009
+CVE-2007-5009 (PHP remote file inclusion vulnerability in language/lang_german/lang_m ...)
 	NOT-FOR-US: Phpbb Plus
 	NOTE: vulnerable code not included in phpbb2
-CVE-2007-5008
+CVE-2007-5008 (The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not cor ...)
 	NOT-FOR-US: HP-UX
-CVE-2007-5007
+CVE-2007-5007 (Stack-based buffer overflow in the ir_fetch_seq function in balsa befo ...)
 	- balsa 2.3.20-1 (low)
 	[etch] - balsa 2.3.13-3
 	NOTE: Minor issue fixed in 4.0r4 point release
 	[sarge] - balsa <no-dsa> (Minor issue)
 	NOTE: attacker needs to get the victim a prepared server to use
-CVE-2007-5006
+CVE-2007-5006 (Multiple command handlers in CA (Computer Associates) BrightStor ARCse ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2007-5005
+CVE-2007-5005 (Directory traversal vulnerability in rxRPC.dll in CA (Computer Associa ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2007-5004
+CVE-2007-5004 (Integer overflow in CA (Computer Associates) BrightStor ARCserve Backu ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2007-5003
+CVE-2007-5003 (Multiple stack-based buffer overflows in CA (Computer Associates) Brig ...)
 	NOT-FOR-US: CA ARCserve Backup
 CVE-2007-5002
 	RESERVED
-CVE-2007-5001
+CVE-2007-5001 (Linux kernel before 2.4.21 allows local users to cause a denial of ser ...)
 	- linux-2.6 <not-affected> (RedHat/RHEL3 specific patch only)
-CVE-2007-5000
+CVE-2007-5000 (Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in ...)
 	[sarge] - apache2 <no-dsa> (minor issue)
 	[sarge] - apache <no-dsa> (minor issue)
 	- apache2 2.2.8-1 (low)
 	- apache <removed> (low)
 	[etch] - apache2 2.2.3-4+etch4
 	[etch] - apache 1.3.34-4.1+etch1
-CVE-2007-4999
+CVE-2007-4999 (libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allo ...)
 	- pidgin 2.2.2-1 (medium)
-CVE-2007-4998
+CVE-2007-4998 (cp, when running with an option to preserve symlinks on multiple OSes, ...)
 	- coreutils 4.1.2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=356471
-CVE-2007-4997
+CVE-2007-4997 (Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80 ...)
 	{DSA-1428-1}
 	- linux-2.6 2.6.23-1
-CVE-2007-4996
+CVE-2007-4996 (libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge me ...)
 	- pidgin 2.2.1-1 (medium)
 	NOTE: Gaim not affected, vulnerable code was introduced in 2.2.0
-CVE-2007-4995
+CVE-2007-4995 (Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0. ...)
 	{DSA-1571-1}
 	- openssl 0.9.8f-1 (low)
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
 	- openssl096 <not-affected> (DTLS support was introduced in 0.9.8)
 	[sarge] - openssl <not-affected> (DTLS support was introduced in 0.9.8)
-CVE-2007-4994
+CVE-2007-4994 (Certificate Server 7.2 in Red Hat Certificate System (RHCS) does not p ...)
 	NOT-FOR-US: Redhat Certificate Server
-CVE-2007-4993
+CVE-2007-4993 (pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a gue ...)
 	{DSA-1384-1}
 	- xen-3 3.1.1-1 (medium; bug #444430)
 	- xen-3.0 <removed>
-CVE-2007-4992
+CVE-2007-4992 (Stack-based buffer overflow in the process_packet function in fbserver ...)
 	- firebird1.5 <removed> (medium; bug #446373)
 	- firebird2.0 2.0.3.12981.ds1-1 (medium)
-CVE-2007-4991
+CVE-2007-4991 (The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) ...)
 	NOT-FOR-US: Microsoft Internet Security and Acceleration
-CVE-2007-4990
+CVE-2007-4990 (The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 all ...)
 	{DSA-1385-1}
 	- xfs 1:1.0.5-1
 CVE-2007-4989
 	REJECTED
-CVE-2007-4988
+CVE-2007-4988 (Sign extension error in the ReadDIBImage function in ImageMagick befor ...)
 	{DSA-1903-1 DSA-1858-1 DTSA-63-1}
 	- imagemagick 7:6.2.4.5.dfsg1-2 (medium; bug #444267)
 	- graphicsmagick 1.1.11-1 (medium; bug #444266)
-CVE-2007-4987
+CVE-2007-4987 (Off-by-one error in the ReadBlobString function in blob.c in ImageMagi ...)
 	{DSA-1858-1 DTSA-63-1}
 	- imagemagick 7:6.2.4.5.dfsg1-2 (medium; bug #444267)
-CVE-2007-4986
+CVE-2007-4986 (Multiple integer overflows in ImageMagick before 6.3.5-9 allow context ...)
 	{DSA-1903-1 DSA-1858-1 DTSA-63-1}
 	- imagemagick 7:6.2.4.5.dfsg1-2 (medium; bug #444267)
 	- graphicsmagick 1.1.11-1 (medium; bug #444266)
-CVE-2007-4985
+CVE-2007-4985 (ImageMagick before 6.3.5-9 allows context-dependent attackers to cause ...)
 	{DSA-1903-1 DSA-1858-1 DTSA-63-1}
 	- imagemagick 7:6.2.4.5.dfsg1-2 (medium; bug #444267)
 	- graphicsmagick 1.1.11-1 (medium; bug #444266)
-CVE-2007-4984
+CVE-2007-4984 (SQL injection vulnerability in index.php in the Ktauber.com StylesDemo ...)
 	NOT-FOR-US: StylesDemo
-CVE-2007-4983
+CVE-2007-4983 (Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX  ...)
 	NOT-FOR-US: jetAudio
-CVE-2007-4982
+CVE-2007-4982 (Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCo ...)
 	NOT-FOR-US: QRCode
-CVE-2007-4981
+CVE-2007-4981 (Cross-site scripting (XSS) vulnerability in the save function in Obedi ...)
 	NOT-FOR-US: Obedit
-CVE-2007-4980
+CVE-2007-4980 (The readRequest method in org/gcaldaemon/core/http/HTTPListener.java i ...)
 	NOT-FOR-US: GCALDaemon
-CVE-2007-4979
+CVE-2007-4979 (SQL injection vulnerability in index.php in the sondages module in Kws ...)
 	NOT-FOR-US: KwsPHP
-CVE-2007-4978
+CVE-2007-4978 (Multiple PHP remote file inclusion vulnerabilities in phpSyncML 0.1.2  ...)
 	NOT-FOR-US: phpSyncML
-CVE-2007-4977
+CVE-2007-4977 (Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Pho ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-4976
+CVE-2007-4976 (Directory traversal vulnerability in viewlog.php in Coppermine Photo G ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-4975
+CVE-2007-4975 (Cross-site scripting (XSS) vulnerability in hilfe.php in b1gMail 6.3.1 ...)
 	NOT-FOR-US: b1gMail
-CVE-2007-4974
+CVE-2007-4974 (Heap-based buffer overflow in the flac_buffer_copy function in libsndf ...)
 	{DSA-1442-1}
 	- libsndfile 1.0.17-4 (bug #443386; medium)
 	[sarge] - libsndfile <not-affected> (Vulnerable code not present)
@@ -4284,52 +4284,52 @@ CVE-2007-4974
 	[etch] - ardour <not-affected> (Vulnerable code not present)
 CVE-2007-4973
 	RESERVED
-CVE-2007-4972
+CVE-2007-4972 (RegMon 7.04 does not properly validate certain parameters to System Se ...)
 	NOT-FOR-US: NtRegmon
-CVE-2007-4971
+CVE-2007-4971 (ProSecurity 1.40 Beta 2 does not properly validate certain parameters  ...)
 	NOT-FOR-US: ProSecurity
-CVE-2007-4970
+CVE-2007-4970 (ProcessGuard 3.410 does not properly validate certain parameters to Sy ...)
 	NOT-FOR-US: ProcessGuard
-CVE-2007-4969
+CVE-2007-4969 (Process Monitor 1.22 does not properly validate certain parameters to  ...)
 	NOT-FOR-US: Process Monitor
-CVE-2007-4968
+CVE-2007-4968 (Privatefirewall 5.0.14.2 does not properly validate certain parameters ...)
 	NOT-FOR-US: Privatefirewal
-CVE-2007-4967
+CVE-2007-4967 (Online Armor Personal Firewall 2.0.1.215 does not properly validate ce ...)
 	NOT-FOR-US: Online Armor Personal Firewall
-CVE-2007-4966
+CVE-2007-4966 (SQL injection vulnerability in www/people/editprofile.php in GForge 4. ...)
 	NOTE: Duplicate of CVE-2007-3913
-CVE-2007-4965
+CVE-2007-4965 (Multiple integer overflows in the imageop module in Python 2.5.1 and e ...)
 	{DSA-1620-1 DSA-1551-1}
 	- python2.5 2.5.1-6 (low; bug #443333)
 	[etch] - python2.5 <no-dsa> (Minor issue)
 	[sarge] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 2.4.4-7 (low; bug #443335)
 	[etch] - python2.4 <no-dsa> (Minor issue)
-CVE-2007-4964
+CVE-2007-4964 (WinImage 8.10 and earlier allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: WinImage
-CVE-2007-4963
+CVE-2007-4963 (Visual truncation vulnerability in WinImage 8.10 and earlier allows re ...)
 	NOT-FOR-US: WinImage
-CVE-2007-4962
+CVE-2007-4962 (Directory traversal vulnerability in WinImage 8.10 and earlier allows  ...)
 	NOT-FOR-US: WinImage
-CVE-2007-4961
+CVE-2007-4961 (The login_to_simulator method in Linden Lab Second Life, as used by th ...)
 	- secondlife-client <itp> (low; bug #406335)
-CVE-2007-4960
+CVE-2007-4960 (Argument injection vulnerability in the Linden Lab Second Life secondl ...)
 	- secondlife-client <itp> (low; bug #406335)
-CVE-2007-4959
+CVE-2007-4959 (Cross-site scripting (XSS) vulnerability in catalog_products_with_imag ...)
 	NOT-FOR-US: osCMax
-CVE-2007-4958
+CVE-2007-4958 (Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery  ...)
 	NOT-FOR-US: TinyWebGallery
-CVE-2007-4957
+CVE-2007-4957 (Multiple directory traversal vulnerabilities in download.php in Chupix ...)
 	NOT-FOR-US: ChupixCMS
-CVE-2007-4956
+CVE-2007-4956 (Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote atta ...)
 	NOT-FOR-US: KwsPhp
-CVE-2007-4955
+CVE-2007-4955 (PHP remote file inclusion vulnerability in admin.joomlaflashfun.php in ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-4954
+CVE-2007-4954 (PHP remote file inclusion vulnerability in admin.joom12pic.php in the  ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2007-4953
+CVE-2007-4953 (SQL injection vulnerability in index.php in SimpCMS allows remote atta ...)
 	NOT-FOR-US: SimpCMS
-CVE-2007-4952
+CVE-2007-4952 (SQL injection vulnerability in article.php in OmniStar Article Manager ...)
 	NOT-FOR-US: OmniStar Article Manager
 CVE-2007-4951
 	NOT-FOR-US: YaPiG
@@ -4337,130 +4337,130 @@ CVE-2007-4950
 	NOT-FOR-US: Phportal
 CVE-2007-4949
 	NOT-FOR-US: phpreactor
-CVE-2007-4948
+CVE-2007-4948 (Multiple PHP remote file inclusion vulnerabilities in Webmedia Explore ...)
 	NOT-FOR-US: Webmedia Explorer
-CVE-2007-4947
+CVE-2007-4947 (Multiple PHP remote file inclusion vulnerabilities in myphpPagetool 0. ...)
 	NOT-FOR-US: myphpPagetool
-CVE-2007-4946
+CVE-2007-4946 (LetterGrade allows remote attackers to obtain sensitive information (i ...)
 	NOT-FOR-US: LetterGrade
-CVE-2007-4945
+CVE-2007-4945 (Multiple cross-site scripting (XSS) vulnerabilities in LetterGrade all ...)
 	NOT-FOR-US: LetterGrade
-CVE-2007-4944
+CVE-2007-4944 (The canvas.createPattern function in Opera 9.x before 9.22 for Linux,  ...)
 	NOT-FOR-US: Opera
-CVE-2007-4943
+CVE-2007-4943 (Multiple buffer overflows in a certain ActiveX control in sparser.dll  ...)
 	NOT-FOR-US: Baofeng Storm
-CVE-2007-4942
+CVE-2007-4942 (PHP remote file inclusion vulnerability in modules/Discipline/StudentF ...)
 	NOT-FOR-US: Focus/SIS
-CVE-2007-4941
+CVE-2007-4941 (KMPlayer 2.9.3.1210 and earlier allows remote attackers to cause a den ...)
 	NOT-FOR-US: KMPlayer for windows
 	NOTE: its not kmplayer we ship its a windows only media player
-CVE-2007-4940
+CVE-2007-4940 (Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and e ...)
 	NOT-FOR-US: Media Player Classic
-CVE-2007-4939
+CVE-2007-4939 (Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MP ...)
 	NOT-FOR-US: Media Player Classic
-CVE-2007-4938
+CVE-2007-4938 (Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 ...)
 	{DTSA-65-1}
 	- mplayer 1.0~rc1-16.1 (bug #443478)
-CVE-2007-4937
+CVE-2007-4937 (CS Guestbook stores sensitive information under the web root with insu ...)
 	NOT-FOR-US: CS Guestbook
-CVE-2007-4936
+CVE-2007-4936 (Unspecified vulnerability in Office Efficiencies SafeSquid 4.1.x has u ...)
 	NOT-FOR-US: SafeSquid
-CVE-2007-4935
+CVE-2007-4935 (Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allo ...)
 	NOT-FOR-US: phpFFL
-CVE-2007-4934
+CVE-2007-4934 (Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allo ...)
 	NOT-FOR-US: phpFFL
-CVE-2007-4933
+CVE-2007-4933 (Direct static code injection vulnerability in includes/admin/sub/conf_ ...)
 	NOT-FOR-US: Shop-Script FREE
-CVE-2007-4932
+CVE-2007-4932 (admin.php in Shop-Script FREE 2.0 and earlier sends a redirect to the  ...)
 	NOT-FOR-US: Shop-Script FREE
-CVE-2007-4931
+CVE-2007-4931 (HP System Management Homepage (SMH) for Windows, when used in conjunct ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2007-4930
+CVE-2007-4930 (Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS ...)
 	NOT-FOR-US: Axis firmware
-CVE-2007-4929
+CVE-2007-4929 (Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 207W c ...)
 	NOT-FOR-US: Axis firmware
-CVE-2007-4928
+CVE-2007-4928 (The AXIS 207W camera stores a WEP or WPA key in cleartext in the confi ...)
 	NOT-FOR-US: Axis firmware
-CVE-2007-4927
+CVE-2007-4927 (axis-cgi/buffer/command.cgi on the AXIS 207W camera allows remote auth ...)
 	NOT-FOR-US: Axis firmware
-CVE-2007-4926
+CVE-2007-4926 (The AXIS 207W camera uses a base64-encoded cleartext username and pass ...)
 	NOT-FOR-US: Axis firmware
-CVE-2007-4925
+CVE-2007-4925 (The ewirePC_Decrypt function in ewirepcfunctions.php in eWire Payment  ...)
 	NOT-FOR-US: eWire Payment Client
-CVE-2007-4924
+CVE-2007-4924 (The Open Phone Abstraction Library (opal), as used by (1) Ekiga before ...)
 	- opal 2.2.11~dfsg1-1 (low)
 	[etch] - opal 2.2.3.dfsg-3+etch1 (bug #454141)
 	NOTE: will be fixed by regular stable update
-CVE-2007-4923
+CVE-2007-4923 (PHP remote file inclusion vulnerability in admin.joomlaradiov5.php in  ...)
 	NOT-FOR-US: Joomla extension
-CVE-2007-4922
+CVE-2007-4922 (SQL injection vulnerability in play.php in the jeuxflash 1.0 module fo ...)
 	NOT-FOR-US: KwsPhp
-CVE-2007-4921
+CVE-2007-4921 (PHP remote file inclusion vulnerability in _includes/settings.inc.php  ...)
 	NOT-FOR-US: Ajax File Browser
-CVE-2007-4920
+CVE-2007-4920 (SQL injection vulnerability in soporte_derecha_w.php in PHP Webquest 2 ...)
 	NOT-FOR-US: Webquest
-CVE-2007-4919
+CVE-2007-4919 (Multiple SQL injection vulnerabilities in JBlog 1.0 allow (1) remote a ...)
 	NOT-FOR-US: Jblog
-CVE-2007-4918
+CVE-2007-4918 (SQL injection vulnerability in classes/gelato.class.php in Gelato allo ...)
 	NOT-FOR-US: Gelato
-CVE-2007-4917
+CVE-2007-4917 (Cross-site scripting (XSS) vulnerability in tracking.php in PHP-Stats  ...)
 	NOT-FOR-US: Php-Stats
-CVE-2007-4916
+CVE-2007-4916 (Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC ...)
 	NOT-FOR-US: MFC Library
-CVE-2007-4915
+CVE-2007-4915 (The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLa ...)
 	- boa <not-affected> (We don't ship this extension)
-CVE-2007-4914
+CVE-2007-4914 (Unspecified vulnerability in the subscriptions manager in Invision Pow ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2007-4913
+CVE-2007-4913 (ips_kernel/class_upload.php in Invision Power Board (IPB or IP.Board)  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2007-4912
+CVE-2007-4912 (Cross-site scripting (XSS) vulnerability in ips_kernel/class_ajax.php  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2007-4911
+CVE-2007-4911 (JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to ...)
 	NOT-FOR-US: JetCast Server
-CVE-2007-4910
+CVE-2007-4910 (Unspecified vulnerability in netInvoicing before 2.7.3 has unknown imp ...)
 	NOT-FOR-US: Netinvoicing
-CVE-2007-4909
+CVE-2007-4909 (Interpretation conflict in WinSCP before 4.0.4 allows remote attackers ...)
 	NOT-FOR-US: WinSCP
-CVE-2007-4908
+CVE-2007-4908 (Directory traversal vulnerability in index.php in AuraCMS 2.1 and earl ...)
 	NOT-FOR-US: AuraCMS
-CVE-2007-4907
+CVE-2007-4907 (Multiple PHP remote file inclusion vulnerabilities in X-Cart allow rem ...)
 	NOT-FOR-US: X-Cart
-CVE-2007-4906
+CVE-2007-4906 (PHP remote file inclusion vulnerability in tasks/send_queued_emails.ph ...)
 	NOT-FOR-US: NuclearBB
-CVE-2007-4905
+CVE-2007-4905 (Unrestricted file upload vulnerability in mod/contak.php in AuraCMS 2. ...)
 	NOT-FOR-US: AuraCMS
-CVE-2007-4904
+CVE-2007-4904 (RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0. ...)
 	- helix-player <unfixed> (unimportant; bug #443130)
 	NOTE: Just a floating point exception by via a crafted .au file)
-CVE-2007-4903
+CVE-2007-4903 (Multiple buffer overflows in a certain ActiveX control in CryptoX.dll  ...)
 	NOT-FOR-US: Ultra Crypto Component
-CVE-2007-4902
+CVE-2007-4902 (Absolute path traversal vulnerability in a certain ActiveX control in  ...)
 	NOT-FOR-US: Ultra Crypto Component
-CVE-2007-4901
+CVE-2007-4901 (The embedded Internet Explorer server control in AOL Instant Messenger ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2007-4900
+CVE-2007-4900 (Cross-site scripting (XSS) vulnerability in the logon page in RSA EnVi ...)
 	NOT-FOR-US: RSA EnVision
-CVE-2007-4899
+CVE-2007-4899 (Multiple cross-site scripting (XSS) vulnerabilities in Boinc Forum 5.1 ...)
 	NOT-FOR-US: Boinc Forum
-CVE-2007-4898
+CVE-2007-4898 (Unspecified vulnerability in the Multiwiki plugin in XWiki before 1.1  ...)
 	NOT-FOR-US: Xwiki
-CVE-2007-4897
+CVE-2007-4897 (pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remo ...)
 	{DTSA-94-1}
 	- pwlib 1.10.10-1.1 (low; bug #454133)
 	- pwlib-titan 1.11.2-1.1 (low; bug #454139)
 	[etch] - pwlib 1.10.2-2+etch1
 	[sarge] - pwlib 1.8.4-1+sarge1.1
-CVE-2007-4896
+CVE-2007-4896 (Multiple cross-site scripting (XSS) vulnerabilities in admin/header.ph ...)
 	NOT-FOR-US: Toms Gaestebuch
-CVE-2007-4895
+CVE-2007-4895 (Directory traversal vulnerability in dwoprn.php in Sisfo Kampus 2006 ( ...)
 	NOT-FOR-US: Sisfo Kampus
-CVE-2007-4894
+CVE-2007-4894 (Multiple SQL injection vulnerabilities in Wordpress before 2.2.3 and W ...)
 	- wordpress 2.2.3-1 (medium)
 	[etch] - wordpress <not-affected> (Vulnerable code not yet introduced)
-CVE-2007-4893
+CVE-2007-4893 (wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress m ...)
 	- wordpress 2.2.3-1 (low)
 	[etch] - wordpress <not-affected> (Vulnerable code not yet introduced)
-CVE-2007-4892
+CVE-2007-4892 (Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, 8 ...)
 	NOT-FOR-US: Plesk (Windows)
 CVE-2007-XXXX [libgd2: gdImageColorTransparent can write outside buffer]
 	- libwmf <unfixed>  (unimportant)
@@ -4468,33 +4468,33 @@ CVE-2007-XXXX [libgd2: gdImageColorTransparent can write outside buffer]
 	NOTE: Only present in one of the sample pl-scheme packages (plot)
 	- libgd2 2.0.35.dfsg-3
 	[etch] - libgd2 2.0.33-5.2etch1
-CVE-2007-4891
+CVE-2007-4891 (A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Mi ...)
 	NOT-FOR-US: PDWizard
-CVE-2007-4890
+CVE-2007-4890 (Absolute directory traversal vulnerability in a certain ActiveX contro ...)
 	NOT-FOR-US: Microsoft Visual Studio
-CVE-2007-4889
+CVE-2007-4889 (The MySQL extension in PHP 5.2.4 and earlier allows remote attackers t ...)
 	- php5 <removed> (unimportant)
 	NOTE: basedir and safemode not supported
-CVE-2007-4888
+CVE-2007-4888 (The "You are not allowed..." error handler in XWiki 1.0 B1 and 1.0 B2  ...)
 	NOT-FOR-US: Xwiki
-CVE-2007-4887
+CVE-2007-4887 (The dl function in PHP 5.2.4 and earlier allows context-dependent atta ...)
 	- php5 5.2.5-1 (unimportant)
 	NOTE: Only triggerable by malicious script
-CVE-2007-4886
+CVE-2007-4886 (Incomplete blacklist vulnerability in index.php in AuraCMS 1.x and pro ...)
 	NOT-FOR-US: Aura CMS
-CVE-2007-4885
+CVE-2007-4885 (Avnex AV MP3 Player allows user-assisted remote attackers to cause a d ...)
 	NOT-FOR-US: Avnex AV MP3 Player
-CVE-2007-4884
+CVE-2007-4884 (Media Player Classic (MPC) allows user-assisted remote attackers to ca ...)
 	NOT-FOR-US: Windows
-CVE-2007-4883
+CVE-2007-4883 (Cross-site scripting (XSS) vulnerability in the BotQuery extension in  ...)
 	- mediawiki-extensions <not-affected> (We don't ship this extension)
-CVE-2007-4882
+CVE-2007-4882 (Multiple cross-site scripting (XSS) vulnerabilities in TechExcel Custo ...)
 	NOT-FOR-US: TechExcel CustomerWise
-CVE-2007-4881
+CVE-2007-4881 (SQL injection vulnerability in profile/myprofile.php in psi-labs.com s ...)
 	NOT-FOR-US: Psilabs
-CVE-2007-4880
+CVE-2007-4880 (Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in ce ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager (TSM)
-CVE-2007-4879
+CVE-2007-4879 (Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, c ...)
 	{DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1 (low; bug #444803)
 	- iceape 1.1.9-1 (low; bug #444805)
@@ -4507,11 +4507,11 @@ CVE-2007-4876
 	RESERVED
 CVE-2007-4875
 	RESERVED
-CVE-2007-4874
+CVE-2007-4874 (Multiple cross-site scripting (XSS) vulnerabilities in SimpNews 2.41.0 ...)
 	NOT-FOR-US: SimpNews
-CVE-2007-4873
+CVE-2007-4873 (SimpNews 2.41.03 stores sensitive information under the web root with  ...)
 	NOT-FOR-US: SimpNews
-CVE-2007-4872
+CVE-2007-4872 (SimpNews 2.41.03 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: SimpNews
 CVE-2007-4871
 	RESERVED
@@ -4529,11 +4529,11 @@ CVE-2007-4865
 	RESERVED
 CVE-2007-4864
 	RESERVED
-CVE-2007-4863
+CVE-2007-4863 (SQL injection vulnerability in example.php in SAXON 5.4 allows remote  ...)
 	NOT-FOR-US: SAXON
-CVE-2007-4862
+CVE-2007-4862 (Cross-site scripting (XSS) vulnerability in admin/menu.php in SAXON 5. ...)
 	NOT-FOR-US: SAXON
-CVE-2007-4861
+CVE-2007-4861 (SAXON 5.4, with display_errors enabled, allows remote attackers to obt ...)
 	NOT-FOR-US: SAXON
 CVE-2007-4860
 	RESERVED
@@ -4555,177 +4555,177 @@ CVE-2007-4852
 	RESERVED
 CVE-2007-4851
 	REJECTED
-CVE-2007-4850
+CVE-2007-4850 (curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5. ...)
 	- php4 <removed> (unimportant)
 	- php5 5.2.6-1 (unimportant)
 	NOTE: Safe mode bypasses not treated as security problems
-CVE-2007-4849
+CVE-2007-4849 (JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly o ...)
 	{DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.23-1 (bug #442245; low)
-CVE-2007-4848
+CVE-2007-4848 (Microsoft Internet Explorer 4.0 through 7 allows remote attackers to d ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-4847
+CVE-2007-4847 (Google Picasa allows remote attackers to read image files stored by Pi ...)
 	NOT-FOR-US: Google Picasa
-CVE-2007-4846
+CVE-2007-4846 (SQL injection vulnerability in start.php in Webace-Linkscript (wls) 1. ...)
 	NOT-FOR-US: Webace-Linkscript
-CVE-2007-4845
+CVE-2007-4845 (Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Down ...)
 	NOT-FOR-US: RW::Download
-CVE-2007-4844
+CVE-2007-4844 (X-Diesel Unreal Commander 0.92 build 565 and 573 does not properly rea ...)
 	NOT-FOR-US: Unreal Commander
-CVE-2007-4843
+CVE-2007-4843 (Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 bu ...)
 	NOT-FOR-US: Unreal Commander
-CVE-2007-4842
+CVE-2007-4842 (Directory traversal vulnerability in Enriva Development Magellan Explo ...)
 	NOT-FOR-US: Magellan Explorer
-CVE-2007-4841
+CVE-2007-4841 (Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMon ...)
 	- iceweasel <not-affected> (windows only issue)
 	- iceape <not-affected> (windows only issue)
 	- xulrunner <not-affected> (windows only issue)
 	- icedove <not-affected> (windows only issue)
 	NOTE: MFSA2007-36
 	NOTE: see https://bugzilla.mozilla.org/show_bug.cgi?id=394974
-CVE-2007-4840
+CVE-2007-4840 (PHP 5.2.4 and earlier allows context-dependent attackers to cause a de ...)
 	- glibc 2.7-1 (unimportant)
 	NOTE: Original PHP issue only triggerable by malicious script
-CVE-2007-4839
+CVE-2007-4839 (Unspecified vulnerability in the PD tools component in IBM WebSphere A ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-4838
+CVE-2007-4838 (Multiple buffer overflows in CellFactor Revolution 1.03 and earlier al ...)
 	NOT-FOR-US: CellFactor Revolution
-CVE-2007-4837
+CVE-2007-4837 (SQL injection vulnerability in anket.asp in Proxy Anket 3.0.1 allows r ...)
 	NOT-FOR-US: Proxy Anket
-CVE-2007-4836
+CVE-2007-4836 (Cross-site scripting (XSS) vulnerability in index.php in phpMyQuote 0. ...)
 	NOT-FOR-US: phpMyQuote
-CVE-2007-4835
+CVE-2007-4835 (SQL injection vulnerability in index.php in phpMyQuote 0.20 allows rem ...)
 	NOT-FOR-US: phpMyQuote
-CVE-2007-4834
+CVE-2007-4834 (Multiple PHP remote file inclusion vulnerabilities in phpRealty 0.02 a ...)
 	NOT-FOR-US: phpRealty
-CVE-2007-4833
+CVE-2007-4833 (Unspecified vulnerability in the Edge Component in IBM WebSphere Appli ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-4832
+CVE-2007-4832 (Format string vulnerability in CellFactor Revolution 1.03 and earlier  ...)
 	NOT-FOR-US: CellFactor Revolution
-CVE-2007-4831
+CVE-2007-4831 (Multiple cross-site scripting (XSS) vulnerabilities in account_setting ...)
 	NOT-FOR-US: TorrentTrader
-CVE-2007-4830
+CVE-2007-4830 (Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in ...)
 	NOT-FOR-US: DirectAdmin
-CVE-2007-4829
+CVE-2007-4829 (Directory traversal vulnerability in the Archive::Tar Perl module 1.36 ...)
 	- perl 5.10.0-19
 	[etch] - perl <not-affected> (Was merged into Perl as of 5.10)
 	- libarchive-tar-perl 1.38-1 (low; bug #449544)
 	[sarge] - libarchive-tar-perl <no-dsa> (Minor issue)
 	[etch] - libarchive-tar-perl <no-dsa> (Minor issue)
-CVE-2007-4828
+CVE-2007-4828 (Cross-site scripting (XSS) vulnerability in the API pretty-printing mo ...)
 	- mediawiki 1.10.2-1 (low; bug #442255)
 	[etch] - mediawiki <not-affected> (Does not include the vulnerable code)
-CVE-2007-4827
+CVE-2007-4827 (Unspecified vulnerability in the Modbus/TCP Diagnostic function in Min ...)
 	NOT-FOR-US: Modbus Slave ActiveX Control
-CVE-2007-4826
+CVE-2007-4826 (bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to ...)
 	{DSA-1382-1}
 	- quagga 0.99.9-1 (low; bug #442133)
 	NOTE: Upstream says that this can only be exploited by configured peers.
-CVE-2007-4825
+CVE-2007-4825 (Directory traversal vulnerability in PHP 5.2.4 and earlier allows atta ...)
 	- php5 5.2.5-1 (unimportant)
 	- php4 <not-affected> (error message "Allowed memory size of 8388608 bytes exhausted...")
 	NOTE: php5 PoC can be reproduced, basedir violations not treated as security problems
-CVE-2007-4824
+CVE-2007-4824 (Multiple cross-application scripting (XAS) vulnerabilities in Google P ...)
 	NOT-FOR-US: Google Picasa
-CVE-2007-4823
+CVE-2007-4823 (Multiple buffer overflows in Google Picasa have unspecified attack vec ...)
 	NOT-FOR-US: Google Picasa
-CVE-2007-4822
+CVE-2007-4822 (Cross-site request forgery (CSRF) vulnerability in the device manageme ...)
 	NOT-FOR-US: Buffalo AirStation firmware
-CVE-2007-4821
+CVE-2007-4821 (Buffer overflow in a certain ActiveX control in officeviewer.ocx 5.2.2 ...)
 	NOT-FOR-US: EDraw Office Viewer
-CVE-2007-4820
+CVE-2007-4820 (Absolute path traversal vulnerability in blanko.preview.php in Sisfo K ...)
 	NOT-FOR-US: Sisfo Kampus
-CVE-2007-4819
+CVE-2007-4819 (Multiple cross-site scripting (XSS) vulnerabilities in Txx CMS 0.2 all ...)
 	NOT-FOR-US: Txx CMS
-CVE-2007-4818
+CVE-2007-4818 (Multiple PHP remote file inclusion vulnerabilities in Txx CMS 0.2 allo ...)
 	NOT-FOR-US: Txx CMS
-CVE-2007-4817
+CVE-2007-4817 (Unrestricted file upload vulnerability in the Restaurante (com_restaur ...)
 	NOT-FOR-US: Joomla component
 	NOTE: not included in standard joomla installation, joomla has an itp though
-CVE-2007-4816
+CVE-2007-4816 (Multiple buffer overflows in the BaoFeng2 storm ActiveX control in Mps ...)
 	NOT-FOR-US: BaoFeng2
-CVE-2007-4815
+CVE-2007-4815 (Multiple PHP remote file inclusion vulnerabilities in WebED in Markus  ...)
 	NOT-FOR-US: WebED
-CVE-2007-4814
+CVE-2007-4814 (Buffer overflow in the SQLServer ActiveX control in the Distributed Ma ...)
 	NOT-FOR-US: Microsoft SQL Server Enterprise Manager
-CVE-2007-4813
+CVE-2007-4813 (Cross-site scripting (XSS) vulnerability in Domino Blogsphere 3.01 Bet ...)
 	NOT-FOR-US: Domino Blogsphere
-CVE-2007-4812
+CVE-2007-4812 (Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions bef ...)
 	NOT-FOR-US: Mac OS
-CVE-2007-4811
+CVE-2007-4811 (Multiple cross-site scripting (XSS) vulnerabilities in Netjuke 1.0-rc2 ...)
 	NOT-FOR-US: Netjuke
-CVE-2007-4810
+CVE-2007-4810 (Multiple SQL injection vulnerabilities in Netjuke 1.0-rc2 allow remote ...)
 	NOT-FOR-US: Netjuke
-CVE-2007-4809
+CVE-2007-4809 (Multiple PHP remote file inclusion vulnerabilities in Online Fantasy F ...)
 	NOT-FOR-US: Online Fantasy Football League
-CVE-2007-4808
+CVE-2007-4808 (Multiple SQL injection vulnerabilities in TLM CMS 3.2 allow remote att ...)
 	NOT-FOR-US: TLM CMS
-CVE-2007-4807
+CVE-2007-4807 (Multiple PHP remote file inclusion vulnerabilities in Focus/SIS 2.2 al ...)
 	NOT-FOR-US: Focus/SIS
-CVE-2007-4806
+CVE-2007-4806 (PHP remote file inclusion vulnerability in modules/Discipline/Category ...)
 	NOT-FOR-US: Focus/SIS
-CVE-2007-4805
+CVE-2007-4805 (Directory traversal vulnerability in getgalldata.php in fuzzylime (cms ...)
 	NOT-FOR-US: Fuzzylime CMS
-CVE-2007-4804
+CVE-2007-4804 (Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote a ...)
 	NOT-FOR-US: AuraCMS
-CVE-2007-4803
+CVE-2007-4803 (Buffer overflow in AtomixMP3 2.3 allows user-assisted remote attackers ...)
 	NOT-FOR-US: AtomixMP3
-CVE-2007-4802
+CVE-2007-4802 (Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow remot ...)
 	NOT-FOR-US: GlobalLink
 CVE-2007-4801
 	RESERVED
 CVE-2007-4800
 	RESERVED
-CVE-2007-4799
+CVE-2007-4799 (The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not ...)
 	NOT-FOR-US: AIX perfstat kernel extension
-CVE-2007-4798
+CVE-2007-4798 (Unspecified vulnerability in invscout in Inventory Scout in invscout.r ...)
 	NOT-FOR-US: invscout
-CVE-2007-4797
+CVE-2007-4797 (Multiple buffer overflows in unspecified svprint (System V print) comm ...)
 	NOT-FOR-US: System V print
-CVE-2007-4796
+CVE-2007-4796 (Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows  ...)
 	NOT-FOR-US: uucp IBM AIX
-CVE-2007-4795
+CVE-2007-4795 (Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 al ...)
 	NOT-FOR-US: mkpath IBM AIX
-CVE-2007-4794
+CVE-2007-4794 (Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2  ...)
 	NOT-FOR-US: fcstat IBM AIX
-CVE-2007-4793
+CVE-2007-4793 (Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allo ...)
 	NOT-FOR-US: xlplm IBM AIX
-CVE-2007-4792
+CVE-2007-4792 (Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3  ...)
 	NOT-FOR-US: ibstat IBM AIX
-CVE-2007-4791
+CVE-2007-4791 (Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5. ...)
 	NOT-FOR-US: swcons IBM AIX
-CVE-2007-4790
+CVE-2007-4790 (Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.O ...)
 	NOT-FOR-US: Microsoft Visual FoxPro
-CVE-2007-4789
+CVE-2007-4789 (Cisco Content Switching Modules (CSM) 4.2 before 4.2.7, and Cisco Cont ...)
 	NOT-FOR-US: Cisco CSM
-CVE-2007-4788
+CVE-2007-4788 (Cisco Content Switching Modules (CSM) 4.2 before 4.2.3a, and Cisco Con ...)
 	NOT-FOR-US: Cisco CSM
-CVE-2007-4787
+CVE-2007-4787 (The virus detection engine in Sophos Anti-Virus before 2.49.0 does not ...)
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2007-4786
+CVE-2007-4786 (Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1 ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2007-4785
+CVE-2007-4785 (Sony Micro Vault Fingerprint Access Software, as distributed with Sony ...)
 	NOT-FOR-US: Sony Micro Vault
-CVE-2007-4784
+CVE-2007-4784 (The setlocale function in PHP before 5.2.4 allows context-dependent at ...)
 	- php5 5.2.5-1 (unimportant; bug #441972)
 	NOTE: Only triggerable by malicious script
-CVE-2007-4783
+CVE-2007-4783 (The iconv_substr function in PHP 5.2.4 and earlier allows context-depe ...)
 	- php5 5.2.5-1 (unimportant; bug #441972)
 	NOTE: Only triggerable by malicious script
-CVE-2007-4782
+CVE-2007-4782 (PHP before 5.2.3 allows context-dependent attackers to cause a denial  ...)
 	- php5 5.2.3-1 (unimportant)
 	NOTE: Only triggerable by malicious script
-CVE-2007-4781
+CVE-2007-4781 (administrator/index.php in the installer component (com_installer) in  ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-4780
+CVE-2007-4780 (Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to obtain ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-4779
+CVE-2007-4779 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 (ak ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-4778
+CVE-2007-4778 (Multiple SQL injection vulnerabilities in the content component (com_c ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-4777
+CVE-2007-4777 (SQL injection vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) al ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-4776
+CVE-2007-4776 (Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6 ...)
 	NOT-FOR-US: Microsoft Visual Basic
 CVE-2007-4775
 	RESERVED
@@ -4733,7 +4733,7 @@ CVE-2007-4774
 	RESERVED
 CVE-2007-4773
 	RESERVED
-CVE-2007-4772
+CVE-2007-4772 (The regular expression parser in TCL before 8.4.17, as used in Postgre ...)
 	{DSA-1463-1 DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
@@ -4742,32 +4742,32 @@ CVE-2007-4772
 	- tcl8.4 8.4.17-1 (low)
 	[etch] - tcl8.4 <no-dsa> (Minor issue)
 	[sarge] - postgresql <unfixed>
-CVE-2007-4771
+CVE-2007-4771 (Heap-based buffer overflow in the doInterval function in regexcmp.cpp  ...)
 	{DSA-1511-1}
 	- icu 3.8-6 (bug #463688)
-CVE-2007-4770
+CVE-2007-4770 (libicu in International Components for Unicode (ICU) 3.8.1 and earlier ...)
 	{DSA-1511-1}
 	- icu 3.8-6 (bug #463688)
-CVE-2007-4769
+CVE-2007-4769 (The regular expression parser in TCL before 8.4.17, as used in Postgre ...)
 	{DSA-1463-1 DSA-1460-1}
 	- postgresql-8.2 8.2.6-1
 	- postgresql-8.1 8.1.11-1
 	- tcl8.3 <not-affected> (only builds with UCS-4 internal char encoding affected, Debian builds use UCS-2 referring to maintainer)
 	- tcl8.4 <not-affected> (only builds with UCS-4 internal char encoding affected, Debian builds use UCS-2 referring to maintainer)
 	[sarge] - postgresql <unfixed>
-CVE-2007-4768
+CVE-2007-4768 (Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE ...)
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-4767
+CVE-2007-4767 (Perl-Compatible Regular Expression (PCRE) library before 7.3 does not  ...)
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-4766
+CVE-2007-4766 (Multiple integer overflows in Perl-Compatible Regular Expression (PCRE ...)
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
@@ -4775,37 +4775,37 @@ CVE-2007-4766
 	NOTE: glib only embeds pcre in the udeb, no attack vector
 CVE-2007-4765
 	RESERVED
-CVE-2007-4764
+CVE-2007-4764 (Directory traversal vulnerability in pawfaliki.php in Pawfaliki 0.5.1  ...)
 	NOT-FOR-US: Pawfaliki
-CVE-2007-4763
+CVE-2007-4763 (PHP remote file inclusion vulnerability in dbmodules/DB_adodb.class.ph ...)
 	NOT-FOR-US: PHPOF
-CVE-2007-4762
+CVE-2007-4762 (Multiple SQL injection vulnerabilities in embadmin/login.asp in E-SMAR ...)
 	NOT-FOR-US: E-SMARTCART
-CVE-2007-4761
+CVE-2007-4761 (Unrestricted file upload vulnerability in upload.php in Barbo91 1.1 al ...)
 	NOT-FOR-US: Barbo91
-CVE-2007-4760
+CVE-2007-4760 (The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus  ...)
 	NOT-FOR-US: Cosminexus Developer's Kit
-CVE-2007-4759
+CVE-2007-4759 (Multiple unspecified vulnerabilities in the image-processing APIs in C ...)
 	NOT-FOR-US: Cosminexus Developer's Kit
-CVE-2007-4758
+CVE-2007-4758 (Multiple buffer overflows in the image-processing APIs in Cosminexus D ...)
 	NOT-FOR-US: Cosminexus Developer's Kit
-CVE-2007-4757
+CVE-2007-4757 (PHP remote file inclusion vulnerability in menu.php in phpMytourney al ...)
 	NOT-FOR-US: phpMytourney
-CVE-2007-4756
+CVE-2007-4756 (Directory traversal vulnerability in the FTP client in Total Commander ...)
 	NOT-FOR-US: Total Commander
-CVE-2007-4755
+CVE-2007-4755 (Alien Arena 2007 6.10 and earlier allows remote attackers to cause a d ...)
 	- alien-arena 6.05-4.1 (low; bug #442075)
-CVE-2007-4754
+CVE-2007-4754 (Format string vulnerability in the safe_bprintf function in acesrc/ace ...)
 	- alien-arena 6.05-4.1 (medium; bug #442075)
-CVE-2007-4753
+CVE-2007-4753 (The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attac ...)
 	NOT-FOR-US: Thomson ST 2030 SIP phone
-CVE-2007-4751
+CVE-2007-4751 (RemoteDocs R-Viewer before 1.6.3768 stores encrypted RDZ file data in  ...)
 	NOT-FOR-US: RemoteDocs R-Viewer
-CVE-2007-4750
+CVE-2007-4750 (Unspecified vulnerability in RemoteDocs R-Viewer before 1.6.3768 allow ...)
 	NOT-FOR-US: RemoteDocs R-Viewer
-CVE-2007-4749
+CVE-2007-4749 (The cmdjob utility in Autodesk Backburner 3.0.2 allows remote attacker ...)
 	NOT-FOR-US: Autodesk Backburner
-CVE-2007-4752
+CVE-2007-4752 (ssh in OpenSSH before 4.7 does not properly handle when an untrusted c ...)
 	{DSA-1576-1}
 	- openssh 1:4.7p1-1 (low; bug #444738)
 	[etch] - openssh <no-dsa> (minor issue in weak security measure)
@@ -4814,51 +4814,51 @@ CVE-2007-4752
 	NOTE: trusted X client, so this is only a slight privilege
 	NOTE: escalation. The X Security extension is merely an afterthought
 	NOTE: and is unlikely to provide strong security guarantees.
-CVE-2007-4748
+CVE-2007-4748 (Buffer overflow in the PowerPlayer.dll ActiveX control in PPStream 2.0 ...)
 	NOT-FOR-US: PowerPlayer
-CVE-2007-4747
+CVE-2007-4747 (The telnet service in Cisco Video Surveillance IP Gateway Encoder/Deco ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2007-4746
+CVE-2007-4746 (The Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone an ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2007-4745
+CVE-2007-4745 (Multiple cross-site scripting (XSS) vulnerabilities in the AkoBook 3.4 ...)
 	NOT-FOR-US: AkoBook
-CVE-2007-4744
+CVE-2007-4744 (PHP remote file inclusion vulnerability in environment.php in AnyInven ...)
 	NOT-FOR-US: AnyInventory
-CVE-2007-4742
+CVE-2007-4742 (Claroline before 1.8.6 allows remote authenticated administrators to o ...)
 	NOT-FOR-US: Claroline
-CVE-2007-4741
+CVE-2007-4741 (Cross-site scripting (XSS) vulnerability in admin/adminusers.php in Cl ...)
 	NOT-FOR-US: Claroline
-CVE-2007-4740
+CVE-2007-4740 (The HPRevolutionRegistryManager ActiveX control in Hp.Revolution.Regis ...)
 	NOT-FOR-US: HPRevolutionRegistryManager
-CVE-2007-4739
+CVE-2007-4739 (reprepro 1.3.0 through 2.2.3 does not properly verify signatures when  ...)
 	{DSA-1394-1}
 	- reprepro 2.2.4-1 (high; bug #440535)
 	NOTE: patch for etch in the BTS
 	[sarge] - reprepro <not-affected> (Vulnerable code introduced in 1.3.0)
-CVE-2007-4738
+CVE-2007-4738 (Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Li ...)
 	NOT-FOR-US: SpeedTech PHP Library
-CVE-2007-4737
+CVE-2007-4737 (Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Li ...)
 	NOT-FOR-US: SpeedTech PHP Library
-CVE-2007-4736
+CVE-2007-4736 (SQL injection vulnerability in category.php in CartKeeper CKGold Shopp ...)
 	NOT-FOR-US: CartKeeper CKGold Shopping Cart
-CVE-2007-4735
+CVE-2007-4735 (Buffer overflow in Next Generation Software Virtual DJ (VDJ) 5.0 allow ...)
 	NOT-FOR-US: Virtual DJ
-CVE-2007-4734
+CVE-2007-4734 (Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted re ...)
 	NOT-FOR-US: OTSTurntables
-CVE-2007-4733
+CVE-2007-4733 (The Aztech DSL600EU router, when WAN access to the web interface is di ...)
 	NOT-FOR-US: Aztech firmware
-CVE-2007-4732
+CVE-2007-4732 (Unspecified vulnerability in the strfreectty function in the Special F ...)
 	NOT-FOR-US: Special File System
-CVE-2007-4743
+CVE-2007-4743 (The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_G ...)
 	{DSA-1387-1 DSA-1367-1}
 	- krb5 1.6.dfsg.1-7 (high; bug #441209)
 	[sarge] - krb5 <not-affected> (Vulnerable code not present)
 	- librpcsecgss 0.14-4 (high; bug #441393)
 	NOTE: http://article.gmane.org/gmane.comp.encryption.kerberos.announce/86
 	NOTE: 1.6.dfsg.1-7 somehow already includes the updated version
-CVE-2007-4731
+CVE-2007-4731 (Stack-based buffer overflow in the TMregChange function in TMReg.dll i ...)
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-4730
+CVE-2007-4730 (Buffer overflow in the compNewPixmap function in compalloc.c in the Co ...)
 	{DSA-1372-1 DTSA-73-1}
 	- xorg-server 2:1.4-1
 	NOTE: XFree86 is not affected
@@ -4866,425 +4866,425 @@ CVE-2007-4729
 	RESERVED
 CVE-2007-4728
 	RESERVED
-CVE-2007-4727
+CVE-2007-4727 (Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fast ...)
 	{DSA-1362-1}
 	- lighttpd 1.4.18-1 (medium; bug #441555)
 	NOTE: http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt
 	NOTE: http://www.lighttpd.net/download/lighttpd-1.4.x_mod_fastcgi_overrun.patch
 	NOTE: http://www.milw0rm.com/exploits/4391
-CVE-2007-4726
+CVE-2007-4726 (Directory traversal vulnerability in Web Oddity 0.09b allows remote at ...)
 	NOT-FOR-US: Web Oddity
-CVE-2007-4725
+CVE-2007-4725 (Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4. ...)
 	NOT-FOR-US: AkkyWareHOUSE
-CVE-2007-4724
+CVE-2007-4724 (Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the cal ...)
 	- tomcat5.5 <not-affected> (Version already ships fixed files)
 	- tomcat5 <removed> (unimportant; bug #441205)
 	- libservlet2.4-java 5.0.30-6 (unimportant)
 	NOTE: DSA should not be required, minor issue, jsp just present as example
-CVE-2007-4723
+CVE-2007-4723 (Directory traversal vulnerability in Ragnarok Online Control Panel 4.3 ...)
 	NOT-FOR-US: Ragnarok
-CVE-2007-4722
+CVE-2007-4722 (Multiple stack-based buffer overflows in the Quantum Streaming Interne ...)
 	NOT-FOR-US: Quantum Streaming
 CVE-2007-4721
 	REJECTED
-CVE-2007-4720
+CVE-2007-4720 (Unspecified vulnerability in the Shared Trace Service in Hitachi JP1/C ...)
 	NOT-FOR-US: Hitachi
-CVE-2007-4719
+CVE-2007-4719 (SQL injection vulnerability in read.php in 212cafeBoard 6.30 Beta allo ...)
 	NOT-FOR-US: 212cafeBoard
-CVE-2007-4718
+CVE-2007-4718 (Directory traversal vulnerability in inc/lib/language.lib.php in Claro ...)
 	NOT-FOR-US: Claroline
-CVE-2007-4717
+CVE-2007-4717 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline befor ...)
 	NOT-FOR-US: Claroline
-CVE-2007-4716
+CVE-2007-4716 (Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 al ...)
 	NOT-FOR-US: PHD Help Desk
-CVE-2007-4715
+CVE-2007-4715 (Multiple PHP remote file inclusion vulnerabilities in Weblogicnet allo ...)
 	NOT-FOR-US: Weblogicnet
-CVE-2007-4714
+CVE-2007-4714 (SQL injection vulnerability in error_view.php in Yvora 1.0 allows remo ...)
 	NOT-FOR-US: Yvora
-CVE-2007-4713
+CVE-2007-4713 (Multiple cross-site scripting (XSS) vulnerabilities in urchin.cgi in U ...)
 	NOT-FOR-US: Urchin
-CVE-2007-4712
+CVE-2007-4712 (PHP remote file inclusion vulnerability in index.php in eNetman 1 allo ...)
 	NOT-FOR-US: eNetman
-CVE-2007-4711
+CVE-2007-4711 (Multiple cross-site scripting (XSS) vulnerabilities in Toms Gaestebuch ...)
 	NOT-FOR-US: Toms Gaestebuch
-CVE-2007-4710
+CVE-2007-4710 (Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allow ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4709
+CVE-2007-4709 (Directory traversal vulnerability in CFNetwork in Apple Mac OS X 10.5. ...)
 	NOT-FOR-US: CFNetwork (Apple Mac OS X)
-CVE-2007-4708
+CVE-2007-4708 (Format string vulnerability in Address Book in Apple Mac OS X 10.4.11  ...)
 	NOT-FOR-US: Address Book (Apple Mac OS X)
-CVE-2007-4707
+CVE-2007-4707 (Multiple unspecified vulnerabilities in the Flash media handler in App ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4706
+CVE-2007-4706 (Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2007-4705
 	RESERVED
-CVE-2007-4704
+CVE-2007-4704 (The Application Firewall in Apple Mac OS X 10.5 does not apply changed ...)
 	NOT-FOR-US: Mac OS X
-CVE-2007-4703
+CVE-2007-4703 (The Application Firewall in Apple Mac OS X 10.5 does not prevent a roo ...)
 	NOT-FOR-US: Mac OS X
-CVE-2007-4702
+CVE-2007-4702 (The Application Firewall in Apple Mac OS X 10.5, when "Block all incom ...)
 	NOT-FOR-US: Mac OS X
-CVE-2007-4701
+CVE-2007-4701 (WebKit on Apple Mac OS X 10.4 through 10.4.10 does not create temporar ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4700
+CVE-2007-4700 (Unspecified vulnerability in WebKit on Apple Mac OS X 10.4 through 10. ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4699
+CVE-2007-4699 (The default configuration of Safari in Apple Mac OS X 10.4 through 10. ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4698
+CVE-2007-4698 (Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4  ...)
 	NOT-FOR-US: Apple Mac OS X, Windows
-CVE-2007-4697
+CVE-2007-4697 (Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4696
+CVE-2007-4696 (Race condition in WebCore in Apple Mac OS X 10.4 through 10.4.10 allow ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4695
+CVE-2007-4695 (Unspecified "input validation" vulnerability in WebCore in Apple Mac O ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4694
+CVE-2007-4694 (Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4693
+CVE-2007-4693 (The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows at ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4692
+CVE-2007-4692 (The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4691
+CVE-2007-4691 (The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs ca ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4690
+CVE-2007-4690 (Double free vulnerability in the NFS component in Apple Mac OS X 10.4  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4689
+CVE-2007-4689 (Double free vulnerability in the Networking component in Apple Mac OS  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4688
+CVE-2007-4688 (The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4687
+CVE-2007-4687 (The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 conta ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4686
+CVE-2007-4686 (Integer signedness error in the ttioctl function in bsd/kern/tty.c in  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4685
+CVE-2007-4685 (The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users t ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4684
+CVE-2007-4684 (Integer overflow in the kernel in Apple Mac OS X 10.4 through 10.4.10  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4683
+CVE-2007-4683 (Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4682
+CVE-2007-4682 (CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to ca ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4681
+CVE-2007-4681 (Buffer overflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 th ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4680
+CVE-2007-4680 (CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not p ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4679
+CVE-2007-4679 (CFFTP in CFNetwork for Apple Mac OS X 10.4 through 10.4.10 allows remo ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4678
+CVE-2007-4678 (AppleRAID in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows att ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4677
+CVE-2007-4677 (Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4676
+CVE-2007-4676 (Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4675
+CVE-2007-4675 (Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4674
+CVE-2007-4674 (An "integer arithmetic" error in Apple QuickTime 7.2 allows remote att ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4673
+CVE-2007-4673 (Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4672
+CVE-2007-4672 (Stack-based buffer overflow in Apple QuickTime before 7.3 allows remot ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-4671
+CVE-2007-4671 (Unspecified vulnerability in Safari in Apple iPhone 1.1.1, and Safari  ...)
 	NOT-FOR-US: Safari
-CVE-2007-4670
+CVE-2007-4670 (Unspecified vulnerability in PHP before 5.2.4 has unknown impact and a ...)
 	- php5 5.2.4-1 (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: This refers to an improved fix for MOPB 03-2007, which is CVE-2007-1285 and a non-issue
-CVE-2007-4669
+CVE-2007-4669 (The Services API in Firebird before 2.0.2 allows remote authenticated  ...)
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-4668
+CVE-2007-4668 (Unspecified vulnerability in the server in Firebird before 2.0.2 allow ...)
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-4667
+CVE-2007-4667 (Unspecified vulnerability in the Services API in Firebird before 2.0.2 ...)
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-4666
+CVE-2007-4666 (Unspecified vulnerability in the server in Firebird before 2.0.2, when ...)
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-4665
+CVE-2007-4665 (Unspecified vulnerability in the server in Firebird before 2.0.2 allow ...)
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-4664
+CVE-2007-4664 (Unspecified vulnerability in the (1) attach database and (2) create da ...)
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-4663
+CVE-2007-4663 (Directory traversal vulnerability in PHP before 5.2.4 allows attackers ...)
 	- php5 5.2.4-1 (unimportant)
 	NOTE: open_basedir not supported
-CVE-2007-4662
+CVE-2007-4662 (Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2 ...)
 	{DSA-1444-1 DTSA-61-1}
 	- php5 5.2.4-1
 	NOTE: fixed in php5/etch svn
 	NOTE: fix is at http://cvs.php.net/viewcvs.cgi/php-src/ext/openssl/openssl.c?r1=1.146&r2=1.147
-CVE-2007-4661
+CVE-2007-4661 (The chunk_split function in string.c in PHP 5.2.3 does not properly ca ...)
 	- php5 5.2.4-1 (unimportant)
 	NOTE: This CVE refers to an incomplete fix for CVE-2007-2872, an issue only
 	NOTE: triggerable by malicious script
-CVE-2007-4660
+CVE-2007-4660 (Unspecified vulnerability in the chunk_split function in PHP before 5. ...)
 	{DSA-1444-1 DTSA-61-1}
 	- php5 5.2.4-1
 	NOTE: fixed in php5/etch svn
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.60&r2=1.445.2.14.2.61&pathrev=PHP_5_2
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.61&r2=1.445.2.14.2.62&pathrev=PHP_5_2
-CVE-2007-4659
+CVE-2007-4659 (The zend_alter_ini_entry function in PHP before 5.2.4 does not properl ...)
 	{DTSA-61-1}
 	- php5 5.2.4-1 (low)
 	[etch] - php5 <no-dsa> (Backport prone to regressions, causes more problems that it does resolved, minor issue anyway)
-CVE-2007-4658
+CVE-2007-4658 (The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4. ...)
 	{DSA-1444-1 DTSA-61-1}
 	- php5 5.2.4-1 (low)
 	NOTE: fixed in php5/etch svn
 	NOTE: http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/string.c?r1=1.640&r2=1.641, starting "Line 7667"
 	NOTE: limited format string vulnerability, the will be put into strfmon and the format string chars are limited to i,n and %
-CVE-2007-4657
+CVE-2007-4657 (Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2 ...)
 	{DSA-1578-1 DSA-1444-1 DTSA-61-1}
 	- php5 5.2.4-1
 	- php4 <removed>
 	NOTE: http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/string.c?r1=1.640&r2=1.641
 	NOTE: Only exploitable by malicious script
-CVE-2007-4656
+CVE-2007-4656 (backup-manager-upload in Backup Manager before 0.6.3 provides the FTP  ...)
 	{DSA-1518-1}
 	- backup-manager 0.7.6-3 (bug #439392)
-CVE-2007-4655
+CVE-2007-4655 (Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Ba ...)
 	NOT-FOR-US: CGI RESCUE Shopping Basket
-CVE-2007-4654
+CVE-2007-4654 (Unspecified vulnerability in SSHield 1.6.1 with OpenSSH 3.0.2p1 on Cis ...)
 	NOT-FOR-US: SSHield
-CVE-2007-4653
+CVE-2007-4653 (SQL injection vulnerability in links.php in the Links MOD 1.2.2 and ea ...)
 	NOT-FOR-US: Cisco Content Services Switch
-CVE-2007-4652
+CVE-2007-4652 (The session extension in PHP before 5.2.4 might allow local users to b ...)
 	- php5 5.2.4-1 (unimportant)
 	NOTE: open_basedir() not supported
-CVE-2007-4651
+CVE-2007-4651 (Unspecified vulnerability in Adobe Connect Enterprise Server 6 allows  ...)
 	NOT-FOR-US: Adobe Connect Enterprise Server
-CVE-2007-4650
+CVE-2007-4650 (Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow att ...)
 	{DSA-1404-1}
 	- gallery2 2.2.3-1
 	NOTE: does not affect gallery 1.x (package 'gallery')
-CVE-2007-4649
+CVE-2007-4649 (MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and In ...)
 	NOT-FOR-US: MicroWorld eScan Virus Contro
-CVE-2007-4648
+CVE-2007-4648 (The nvcoaft51 driver in Norman Virus Control (NVC) 5.82 uses weak perm ...)
 	NOT-FOR-US: Norman Virus Control
-CVE-2007-4647
+CVE-2007-4647 (newswire/uploadmedia.cgi in 2coolcode Our Space (Ourspace) 2.0.9 allow ...)
 	NOT-FOR-US: Ourspace
-CVE-2007-4646
+CVE-2007-4646 (Buffer overflow in the pop3 service in Hexamail Server 3.0.0.001 Lite  ...)
 	NOT-FOR-US: Hexamail
-CVE-2007-4645
+CVE-2007-4645 (SQL injection vulnerability in index.php in NMDeluxe 2.0.0 allows remo ...)
 	NOT-FOR-US: NMDeluxe
-CVE-2007-4644
+CVE-2007-4644 (Format string vulnerability in the Cl_GetPackets function in cl_main.c ...)
 	NOT-FOR-US: Doomsday/deng
-CVE-2007-4643
+CVE-2007-4643 (Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier all ...)
 	NOT-FOR-US: Doomsday/deng
-CVE-2007-4642
+CVE-2007-4642 (Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and ear ...)
 	NOT-FOR-US: Doomsday/deng
-CVE-2007-4641
+CVE-2007-4641 (Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and ...)
 	NOT-FOR-US: Pakupaku
-CVE-2007-4640
+CVE-2007-4640 (Unrestricted file upload vulnerability in index.php in Pakupaku CMS 0. ...)
 	NOT-FOR-US: Pakupaku
-CVE-2007-4639
+CVE-2007-4639 (EnterpriseDB Advanced Server 8.2 does not properly handle certain debu ...)
 	NOT-FOR-US: EnterpriseDB
-CVE-2007-4638
+CVE-2007-4638 (Blizzard Entertainment StarCraft Brood War 1.15.1 and earlier allows r ...)
 	NOT-FOR-US: StarCraft
-CVE-2007-4637
+CVE-2007-4637 (xGB.php in xGB 2.0 does not require authentication for an admin edit a ...)
 	NOT-FOR-US: xGB
-CVE-2007-4636
+CVE-2007-4636 (Multiple PHP remote file inclusion vulnerabilities in phpBG 0.9.1 allo ...)
 	NOT-FOR-US: phpBG
-CVE-2007-4635
+CVE-2007-4635 (Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote attackers to ca ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-4634
+CVE-2007-4634 (Multiple SQL injection vulnerabilities in Cisco CallManager and Unifie ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4633
+CVE-2007-4633 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManag ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4632
+CVE-2007-4632 (Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VT ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4631
+CVE-2007-4631 (The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and o ...)
 	- qgit 1.5.5-1.1 (bug #440950; low)
 	[etch] - qgit <no-dsa> (Minor issue)
-CVE-2007-4630
+CVE-2007-4630 (Cross-site scripting (XSS) vulnerability in xlaapmview.asp in Absolute ...)
 	NOT-FOR-US: Absolute Poll Manager
-CVE-2007-4629
+CVE-2007-4629 (Buffer overflow in the processLine function in maptemplate.c in MapSer ...)
 	{DSA-1539-1}
 	- mapserver 4.10.3-1
-CVE-2007-4628
+CVE-2007-4628 (SQL injection vulnerability in shownews.php in phpns 1.1 allows remote ...)
 	NOT-FOR-US: phpns
-CVE-2007-4627
+CVE-2007-4627 (SQL injection vulnerability in index.php in ABC eStore 3.0 allows remo ...)
 	NOT-FOR-US: ABC eStore
-CVE-2007-4626
+CVE-2007-4626 (Unspecified vulnerability in Polipo before 1.0.2 allows remote attacke ...)
 	- polipo 1.0.2-1 (low)
 	[sarge] - polipo <no-dsa> (Minor issue)
 	[etch] - polipo <no-dsa> (Minor issue)
-CVE-2007-4625
+CVE-2007-4625 (Polipo before 1.0.2 allows remote HTTP servers to cause a denial of se ...)
 	- polipo 1.0.2-1 (low)
 	[sarge] - polipo <no-dsa> (Minor issue)
 	[etch] - polipo <no-dsa> (Minor issue)
-CVE-2007-4624
+CVE-2007-4624 (Cross-site scripting (XSS) vulnerability in pframe.php in AbleDesign D ...)
 	NOT-FOR-US: AbleDesign Dynamic Picture Frame
-CVE-2007-4623
+CVE-2007-4623 (Stack-based buffer overflow in the sendrmt function in bellmail in IBM ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-4622
+CVE-2007-4622 (Integer underflow in the dns_name_fromtext function in (1) libdns_nons ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-4621
+CVE-2007-4621 (Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain p ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-4620
+CVE-2007-4620 (Multiple stack-based buffer overflows in Computer Associates (CA) Aler ...)
 	NOT-FOR-US: CA products
-CVE-2007-4619
+CVE-2007-4619 (Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC ...)
 	{DSA-1469-1}
 	- flac 1.2.1-1 (medium)
-CVE-2007-4618
+CVE-2007-4618 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-4617
+CVE-2007-4617 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-4616
+CVE-2007-4616 (The SSL server implementation in BEA WebLogic Server 7.0 Gold through  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-4615
+CVE-2007-4615 (The SSL client implementation in BEA WebLogic Server 7.0 SP7, 8.1 SP2  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-4614
+CVE-2007-4614 (BEA WebLogic Server 9.1 does not properly handle propagation of an adm ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-4613
+CVE-2007-4613 (SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold th ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-4612
+CVE-2007-4612 (CRLF injection vulnerability in contact.php in Moonware (aka Dale Moon ...)
 	NOT-FOR-US: Moonware
-CVE-2007-4611
+CVE-2007-4611 (SQL injection vulnerability in viewevent.php in Moonware (aka Dale Moo ...)
 	NOT-FOR-US: Moonware
-CVE-2007-4610
+CVE-2007-4610 (Unrestricted file upload vulnerability in config/upload.php in Moonwar ...)
 	NOT-FOR-US: Moonware
-CVE-2007-4609
+CVE-2007-4609 (eyeOS uses predictable checksum values in the checknum parameter for a ...)
 	NOT-FOR-US: eyeOS
-CVE-2007-4608
+CVE-2007-4608 (PHP remote file inclusion vulnerability in protection.php in ePersonne ...)
 	NOT-FOR-US: ePersonnel
-CVE-2007-4607
+CVE-2007-4607 (Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6 ...)
 	NOT-FOR-US: EasyMailSMTPObj ActiveX control
-CVE-2007-4606
+CVE-2007-4606 (PHP remote file inclusion vulnerability in convert/mvcw_conver.php in  ...)
 	NOT-FOR-US: Php-Nuke
-CVE-2007-4605
+CVE-2007-4605 (PHP remote file inclusion vulnerability in convert/mvcw.php in Virtual ...)
 	NOT-FOR-US: Vwar
-CVE-2007-4604
+CVE-2007-4604 (SQL injection vulnerability in viewitem.php in DL PayCart 1.01 allows  ...)
 	NOT-FOR-US: DL PayCart
-CVE-2007-4603
+CVE-2007-4603 (Multiple SQL injection vulnerabilities in index.php in ACG News 1.0 al ...)
 	NOT-FOR-US: ACG news
-CVE-2007-4602
+CVE-2007-4602 (SQL injection vulnerability in cms/revert-content.php in Implied by De ...)
 	NOT-FOR-US: Micro-CMS
-CVE-2007-4600
+CVE-2007-4600 (The "Protect Worksheet" functionality in Mathsoft Mathcad 12 through 1 ...)
 	NOT-FOR-US: Mathsoft Mathcad
-CVE-2007-4599
+CVE-2007-4599 (Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly ...)
 	NOT-FOR-US: RealPlayer
-CVE-2007-4598
+CVE-2007-4598 (IBM SurePOS 500 has (1) a default password of "12345" for the manager  ...)
 	NOT-FOR-US: IBM
-CVE-2007-4597
+CVE-2007-4597 (SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Sh ...)
 	NOT-FOR-US: SunShop Shopping Cart
-CVE-2007-4596
+CVE-2007-4596 (The perl extension in PHP does not follow safe_mode restrictions, whic ...)
 	- php5 <removed> (unimportant)
 	NOTE: Safe mode violations not treated as vulnerabilities
-CVE-2007-4595
+CVE-2007-4595 (Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.12 allows ...)
 	NOT-FOR-US: Mayaa
-CVE-2007-4594
+CVE-2007-4594 (Entrust Entelligence Security Provider (ESP) 8 does not properly valid ...)
 	NOT-FOR-US: Entrust Entelligence Security Provider
-CVE-2007-4593
+CVE-2007-4593 (Unspecified vulnerability in vstor2-ws60.sys in VMWare Workstation 6.0 ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2007-4592
+CVE-2007-4592 (Multiple cross-site scripting (XSS) vulnerabilities in the web interfa ...)
 	NOT-FOR-US: Rational
-CVE-2007-4591
+CVE-2007-4591 (vstor-ws60.sys in VMWare Workstation 6.0 allows local users to cause a ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2007-4590
+CVE-2007-4590 (The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynR ...)
 	NOT-FOR-US: Ignite-UX
-CVE-2007-4589
+CVE-2007-4589 (Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosti ...)
 	NOT-FOR-US: InterWorx Hosting Control Panel
-CVE-2007-4588
+CVE-2007-4588 (Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosti ...)
 	NOT-FOR-US: InterWorx Hosting Control Panel
-CVE-2007-4587
+CVE-2007-4587 (Cross-site scripting (XSS) vulnerability in Easy Software Cafeteria es ...)
 	NOT-FOR-US: escafeWeb
-CVE-2007-4586
+CVE-2007-4586 (Multiple buffer overflows in php_iisfunc.dll in the iisfunc extension  ...)
 	NOT-FOR-US: iisfunc (windows only)
-CVE-2007-4585
+CVE-2007-4585 (Directory traversal vulnerability in activateuser.php in 2532|Gigs 1.2 ...)
 	NOT-FOR-US: 2532|Gigs
-CVE-2007-4584
+CVE-2007-4584 (Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC serv ...)
 	- ircii-pana <removed> (medium; bug #443544)
-CVE-2007-4583
+CVE-2007-4583 (Multiple absolute path traversal vulnerabilities in the nvUtility.Util ...)
 	NOT-FOR-US: ACTi Network Video Recorder
-CVE-2007-4582
+CVE-2007-4582 (Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX cont ...)
 	NOT-FOR-US: ACTi Network Video Recorder
-CVE-2007-4581
+CVE-2007-4581 (SQL injection vulnerability in acrotxt.php in WBB2-Addon: Acrotxt 1 al ...)
 	NOT-FOR-US: WBB2-Addon: Acrotxt 1
-CVE-2007-4601
+CVE-2007-4601 (A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might all ...)
 	- tcp-wrappers 7.6.dbs-12 (bug #405342; medium)
 	[etch] - tcp-wrappers <not-affected> (Vulnerability was introduced in -10)
 	[sarge] - tcp-wrappers <not-affected> (Vulnerability was introduced in -10)
-CVE-2007-4580
+CVE-2007-4580 (Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows loca ...)
 	NOT-FOR-US: BufferZone (Windows)
 CVE-2007-4579
 	REJECTED
-CVE-2007-4578
+CVE-2007-4578 (Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows  ...)
 	NOT-FOR-US: Sophos
-CVE-2007-4577
+CVE-2007-4577 (Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers ...)
 	NOT-FOR-US: Sophos
 CVE-2007-4576
 	REJECTED
-CVE-2007-4575
+CVE-2007-4575 (HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, ...)
 	{DSA-1419-1}
 	- openoffice.org 2.3.1~rc1-1 (medium; bug #454463)
 	- hsqldb 1.8.0.9-1
-CVE-2007-4574
+CVE-2007-4574 (Unspecified vulnerability in the "stack unwinder fixes" in kernel in R ...)
 	- linux-2.6 <not-affected> (Redhat specific vulnerability)
 	NOTE: I contacted the redhat security team about this, this was caused by an incomplete
 	NOTE: backport for stack unwinder fixes in the linux kernel made by them.
 	NOTE: redhat sent a reproducer to the vendor-sec list
-CVE-2007-4573
+CVE-2007-4573 (The IA32 system call emulation functionality in Linux kernel 2.4.x and ...)
 	{DSA-1504-1 DSA-1381-2 DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.22-5 (medium)
-CVE-2007-4572
+CVE-2007-4572 (Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, wh ...)
 	{DSA-1409-3 DSA-1409-2 DSA-1409-1}
 	- samba 3.0.27-1 (high; bug #451385)
-CVE-2007-4571
+CVE-2007-4571 (The snd_mem_proc_read function in sound/core/memalloc.c in the Advance ...)
 	{DSA-1505-1 DSA-1479-1}
 	- linux-2.6 2.6.22-5 (low; bug #444571)
 	- alsa-driver 1.0.15-1
 	NOTE: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212
 	NOTE: very easy to exploit locally
-CVE-2007-4570
+CVE-2007-4570 (Algorithmic complexity vulnerability in the MCS translation daemon in  ...)
 	NOT-FOR-US: MCS translation daemon
-CVE-2007-4569
+CVE-2007-4569 (backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is ...)
 	{DSA-1376-1 DTSA-60-1}
 	- kdebase 4:3.5.7-4
 	[sarge] - kdebase <not-affected> (problem not present in code)
 	NOTE: http://www.kde.org/info/security/advisory-20070919-1.txt
-CVE-2007-4568
+CVE-2007-4568 (Integer overflow in the build_range function in X.Org X Font Server (x ...)
 	{DSA-1385-1}
 	- xfs 1:1.0.5-1
-CVE-2007-4567
+CVE-2007-4567 (The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel  ...)
 	- linux-2.6 2.6.22-1
 	[etch] - linux-2.6 <not-affected> (Introduced in 2.6.20)
-CVE-2007-4566
+CVE-2007-4566 (Multiple buffer overflows in the login mechanism in sidvault in Alpha  ...)
 	NOT-FOR-US: SIDVault
-CVE-2007-4565
+CVE-2007-4565 (sink.c in fetchmail before 6.3.9 allows context-dependent attackers to ...)
 	{DSA-1377-2}
 	- fetchmail 6.3.8-8 (bug #440006; low)
 	[etch] - fetchmail <no-dsa> (Hardly a security problem)
 	[sarge] - fetchmail <not-affected> (problem not present in source)
-CVE-2007-4564
+CVE-2007-4564 (Cosminexus Manager in Cosminexus Application Server 07-00 and later mi ...)
 	NOT-FOR-US: Hitachi Cosminexus
-CVE-2007-4563
+CVE-2007-4563 (Cosminexus Manager in Cosminexus Application Server 06-50 and later mi ...)
 	NOT-FOR-US: Hitachi Cosminexus
-CVE-2007-4562
+CVE-2007-4562 (Unspecified vulnerability in Hitachi DABroker before 03-02-/D and Cosm ...)
 	NOT-FOR-US: Hitachi DABroker
-CVE-2007-4561
+CVE-2007-4561 (Heap-based buffer overflow in the RTSP service in Helix DNA Server bef ...)
 	NOT-FOR-US: Helix DNA Server
-CVE-2007-4560
+CVE-2007-4560 (clamav-milter in ClamAV before 0.91.2, when run in black hole mode, al ...)
 	{DSA-1366-1}
 	- clamav 0.91.2-1~volatile1 (high)
-CVE-2007-4559
+CVE-2007-4559 (Directory traversal vulnerability in the (1) extract and (2) extractal ...)
 	- python2.3 <removed> (unimportant)
 	- python2.4 <unfixed> (unimportant; bug #440097)
 	- python2.5 <unfixed> (unimportant; bug #440099)
@@ -5298,82 +5298,82 @@ CVE-2007-4559
 	NOTE: provided by design.
 CVE-2007-4558
 	REJECTED
-CVE-2007-4557
+CVE-2007-4557 (Cross-site scripting (XSS) vulnerability in the webacc servlet in Nove ...)
 	NOT-FOR-US: Novell
-CVE-2007-4556
+CVE-2007-4556 (Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0. ...)
 	NOT-FOR-US: OpenSymphony XWork
-CVE-2007-4555
+CVE-2007-4555 (Cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP allows rem ...)
 	NOT-FOR-US: Ipswitch WS_FTP
-CVE-2007-4554
+CVE-2007-4554 (Cross-site scripting (XSS) vulnerability in tiki-remind_password.php i ...)
 	- tikiwiki <removed>
-CVE-2007-4553
+CVE-2007-4553 (The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attac ...)
 	NOT-FOR-US: Thomson ST 2030 SIP phone
-CVE-2007-4552
+CVE-2007-4552 (SQL injection vulnerability in index.php in Agares Media Arcadem 2.01  ...)
 	NOT-FOR-US: Agares Media Arcadem
-CVE-2007-4551
+CVE-2007-4551 (PHP remote file inclusion vulnerability in index.php in Agares Media A ...)
 	NOT-FOR-US: Agares Media Arcadem
-CVE-2007-4550
+CVE-2007-4550 (Format string vulnerability in ALPass 2.7 English and 3.02 Korean migh ...)
 	NOT-FOR-US: ALPass
-CVE-2007-4549
+CVE-2007-4549 (Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow  ...)
 	NOT-FOR-US: ALPass
-CVE-2007-4548
+CVE-2007-4548 (The login method in LoginModule implementations in Apache Geronimo 2.0 ...)
 	NOT-FOR-US: Apache Geronimo
-CVE-2007-4547
+CVE-2007-4547 (Unreal Commander 0.92 build 565 and 573 writes portions of heap memory ...)
 	NOT-FOR-US: Unreal Commander
-CVE-2007-4546
+CVE-2007-4546 (Unreal Commander 0.92 build 565 and 573 lists the filenames from the C ...)
 	NOT-FOR-US: Unreal Commander
-CVE-2007-4545
+CVE-2007-4545 (Multiple directory traversal vulnerabilities in Unreal Commander 0.92  ...)
 	NOT-FOR-US: Unreal Commander
-CVE-2007-4544
+CVE-2007-4544 (Cross-site scripting (XSS) vulnerability in wp-newblog.php in WordPres ...)
 	NOT-FOR-US: WordPress multi-user (MU)
-CVE-2007-4543
+CVE-2007-4543 (Cross-site scripting (XSS) vulnerability in enter_bug.cgi in Bugzilla  ...)
 	- bugzilla 2.22.1-2.2 (low; bug #440106)
 	[etch] - bugzilla <no-dsa> (Affected code only shipped in example, minor issue anyway)
 	[sarge] - bugzilla <not-affected> (Vulnerable code not present)
-CVE-2007-4542
+CVE-2007-4542 (Multiple cross-site scripting (XSS) vulnerabilities in MapServer befor ...)
 	{DSA-1539-1}
 	- mapserver 4.10.3-1 (bug #439346)
-CVE-2007-4541
+CVE-2007-4541 (Multiple cross-site scripting (XSS) vulnerabilities in Olate Download  ...)
 	NOT-FOR-US: Olate Download
-CVE-2007-4540
+CVE-2007-4540 (Multiple SQL injection vulnerabilities in download.php in Olate Downlo ...)
 	NOT-FOR-US: Olate Download
-CVE-2007-4539
+CVE-2007-4539 (The WebService (XML-RPC) interface in Bugzilla 2.23.3 through 3.0.0 do ...)
 	- bugzilla <not-affected> (Affected versions were never present in the archive)
-CVE-2007-4538
+CVE-2007-4538 (email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers t ...)
 	- bugzilla <not-affected> (Affected versions were never present in the archive)
-CVE-2007-4537
+CVE-2007-4537 (Heap-based buffer overflow in the Huffman decompression algorithm impl ...)
 	NOT-FOR-US: Skulltag
-CVE-2007-4536
+CVE-2007-4536 (TorrentTrader 1.07 and earlier sets insecure permissions for files in  ...)
 	NOT-FOR-US: TorrentTrader
-CVE-2007-4535
+CVE-2007-4535 (The VStr::Resize function in str.cpp in Vavoom 1.24 and earlier allows ...)
 	NOT-FOR-US: Vavoom
-CVE-2007-4534
+CVE-2007-4534 (Buffer overflow in the VThinker::BroadcastPrintf function in p_thinker ...)
 	NOT-FOR-US: Vavoom
-CVE-2007-4533
+CVE-2007-4533 (Format string vulnerability in the Say command in sv_main.cpp in Vavoo ...)
 	NOT-FOR-US: Vavoom
-CVE-2007-4532
+CVE-2007-4532 (Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and e ...)
 	NOT-FOR-US: Soldat game server
-CVE-2007-4531
+CVE-2007-4531 (Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and e ...)
 	NOT-FOR-US: Soldat game server
-CVE-2007-4530
+CVE-2007-4530 (Multiple cross-site scripting (XSS) vulnerabilities in TeamSpeak Serve ...)
 	- teamspeak-server 2.0.23.19-1
-CVE-2007-4529
+CVE-2007-4529 (The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote auth ...)
 	- teamspeak-server 2.0.23.19-1
-CVE-2007-4528
+CVE-2007-4528 (The Foreign Function Interface (ffi) extension in PHP 5.0.5 does not f ...)
 	NOT-FOR-US: ffi extension for php
-CVE-2007-4527
+CVE-2007-4527 (Unrestricted file upload vulnerability in phUploader.php in phphq.Net  ...)
 	NOT-FOR-US: phUploader
-CVE-2007-4526
+CVE-2007-4526 (The Client Login Extension (CLE) in Novell Identity Manager before 3.5 ...)
 	NOT-FOR-US: Novell Identity Manager
 CVE-2007-4525
 	- spip 2.0.6-1
-CVE-2007-4524
+CVE-2007-4524 (PHP remote file inclusion vulnerability in adisplay.php in PhPress 0.2 ...)
 	NOT-FOR-US: PhPress
-CVE-2007-4523
+CVE-2007-4523 (Multiple cross-site scripting (XSS) vulnerabilities in Ripe Website Ma ...)
 	NOT-FOR-US: Ripe Website Manager
-CVE-2007-4522
+CVE-2007-4522 (Multiple SQL injection vulnerabilities in Ripe Website Manager 0.8.9 a ...)
 	NOT-FOR-US: Ripe Website Manager
-CVE-2007-4521
+CVE-2007-4521 (Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an I ...)
 	- asterisk <not-affected> (The voicemail backend is not enabled in Debian)
 	[sarge] - asterisk <not-affected> (Only Asterisk 1.4.x is affected)
 	[etch] - asterisk <not-affected> (Only Asterisk 1.4.x is affected)
@@ -5385,117 +5385,117 @@ CVE-2007-4519
 	RESERVED
 CVE-2007-4518
 	RESERVED
-CVE-2007-4517
+CVE-2007-4517 (Buffer overflow in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedur ...)
 	NOT-FOR-US: Oracle
-CVE-2007-4516
+CVE-2007-4516 (The Volume Manager Scheduler Service (aka VxSchedService.exe) in Syman ...)
 	NOT-FOR-US: Volume Manager Scheduler Service
-CVE-2007-4515
+CVE-2007-4515 (Buffer overflow in a certain ActiveX control in YVerInfo.dll before 20 ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-4514
+CVE-2007-4514 (Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manag ...)
 	NOT-FOR-US: HP ProCurve Manager
-CVE-2007-4513
+CVE-2007-4513 (Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow loc ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-4512
+CVE-2007-4512 (Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Wind ...)
 	NOT-FOR-US: Sophos Anti-Virus for Windows
-CVE-2007-4511
+CVE-2007-4511 (The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply ...)
 	NOT-FOR-US: Sun Application Server
-CVE-2007-4510
+CVE-2007-4510 (ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and ...)
 	{DSA-1366-1}
 	- clamav 0.91.2-1~volatile1
 	[sarge] - clamav <not-affected> (Vulnerable code not present)
 	NOTE: Only exploitable if CL_EXPERIMENTAL is set
-CVE-2007-4509
+CVE-2007-4509 (SQL injection vulnerability in index.php in the EventList component (c ...)
 	NOT-FOR-US: EventList component for Joomla!
-CVE-2007-4508
+CVE-2007-4508 (Stack-based buffer overflow in Rebellion Asura engine, as used for the ...)
 	NOT-FOR-US: Rebellion Asura engine
-CVE-2007-4507
+CVE-2007-4507 (Multiple buffer overflows in the php_ntuser component for PHP 5.2.3 al ...)
 	NOT-FOR-US: External PHP component only relevant for Windows
-CVE-2007-4506
+CVE-2007-4506 (SQL injection vulnerability in index.php in the NeoRecruit component ( ...)
 	NOT-FOR-US: NeoRecruit component for Joomla!
-CVE-2007-4505
+CVE-2007-4505 (SQL injection vulnerability in index.php in the RemoSitory component ( ...)
 	NOT-FOR-US: RemoSitory component for Mambo
-CVE-2007-4504
+CVE-2007-4504 (Directory traversal vulnerability in index.php in the RSfiles componen ...)
 	NOT-FOR-US: RSfiles component for Joomla!
-CVE-2007-4503
+CVE-2007-4503 (SQL injection vulnerability in index.php in the Nice Talk component (c ...)
 	NOT-FOR-US: Nice Talk component for Joomla!
-CVE-2007-4502
+CVE-2007-4502 (SQL injection vulnerability in index.php in the BibTeX component (com_ ...)
 	NOT-FOR-US: BibTeX component for Joomla!
-CVE-2007-4501
+CVE-2007-4501 (Unspecified vulnerability in PassphraseRequester in SSHKeychain before ...)
 	NOT-FOR-US: SSHKeychain
-CVE-2007-4500
+CVE-2007-4500 (Unspecified vulnerability in TunnelRunner in SSHKeychain before 0.8.2  ...)
 	NOT-FOR-US: SSHKeychain
-CVE-2007-4499
+CVE-2007-4499 (Unrestricted file upload vulnerability in output.php in American Finan ...)
 	NOT-FOR-US: American Financing eMail Image Upload
-CVE-2007-4498
+CVE-2007-4498 (The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0 ...)
 	NOT-FOR-US: Grandstream SIP Phone
-CVE-2007-4497
+CVE-2007-4497 (Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build ...)
 	- vmware-package 0.16
-CVE-2007-4496
+CVE-2007-4496 (Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build ...)
 	- vmware-package 0.16
-CVE-2007-4495
+CVE-2007-4495 (Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on  ...)
 	NOT-FOR-US: Solaris
-CVE-2007-4494
+CVE-2007-4494 (The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9 ...)
 	- ezpublish <removed>
-CVE-2007-4493
+CVE-2007-4493 (eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check ...)
 	- ezpublish <removed>
-CVE-2007-4492
+CVE-2007-4492 (Multiple unspecified vulnerabilities in the ata disk driver in Sun Sol ...)
 	NOT-FOR-US: Solaris
-CVE-2007-4491
+CVE-2007-4491 (SQL injection vulnerability in uyeler2.php in Gurur haber 2.0 allows r ...)
 	NOT-FOR-US: Gurur haber
-CVE-2007-4490
+CVE-2007-4490 (Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProte ...)
 	NOT-FOR-US: Trend Micro
-CVE-2007-4489
+CVE-2007-4489 (Buffer overflow in the IUAComFormX ActiveX control in uacomx.ocx 2.0.1 ...)
 	NOT-FOR-US: eCentrex VOIP
-CVE-2007-4488
+CVE-2007-4488 (Multiple cross-site scripting (XSS) vulnerabilities in the Siemens Gig ...)
 	NOT-FOR-US: Siemens GigaSet firmware
-CVE-2007-4487
+CVE-2007-4487 (Cross-site scripting (XSS) vulnerability in D22-Shoutbox for Invision  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2007-4486
+CVE-2007-4486 (Multiple PHP remote file inclusion vulnerabilities in index.php in Lin ...)
 	NOT-FOR-US: Linkliste
-CVE-2007-4485
+CVE-2007-4485 (PHP remote file inclusion vulnerability in visitor.php in Butterfly on ...)
 	NOT-FOR-US: Butterfly online visitors counter
-CVE-2007-4484
+CVE-2007-4484 (PHP remote file inclusion vulnerability in login.php in My_REFERER 1.0 ...)
 	NOT-FOR-US: My_REFERER
-CVE-2007-4483
+CVE-2007-4483 (Cross-site scripting (XSS) vulnerability in index.php in the WordPress ...)
 	{DSA-1285-1}
 	- wordpress 2.1.3-1 (medium)
-CVE-2007-4482
+CVE-2007-4482 (Cross-site scripting (XSS) vulnerability in index.php in the Pool 1.0. ...)
 	NOT-FOR-US: Pool 1.0.7 theme for WordPress
-CVE-2007-4481
+CVE-2007-4481 (Cross-site scripting (XSS) vulnerability in index.php in the (1) Blix  ...)
 	NOT-FOR-US: Rus themes for WordPress
-CVE-2007-4480
+CVE-2007-4480 (Cross-site scripting (XSS) vulnerability in index.php in the Sirius 1. ...)
 	NOT-FOR-US: Sirius 1.0 theme for WordPress
-CVE-2007-4479
+CVE-2007-4479 (Cross-site scripting (XSS) vulnerability in search.html in Search Engi ...)
 	NOT-FOR-US: Search Engine Builder
-CVE-2007-4478
+CVE-2007-4478 (Cross-site scripting (XSS) vulnerability in Microsoft Internet Explore ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2007-4477
+CVE-2007-4477 (The administration interface in the Planet VC-200M VDSL2 router allows ...)
 	NOT-FOR-US: Planet VC-200M VDSL2 router
-CVE-2007-4476
+CVE-2007-4476 (Buffer overflow in the safer_name_suffix function in GNU tar has unspe ...)
 	{DSA-1566-1 DSA-1438-1}
 	- tar 1.18-1 (low; bug #441444)
 	- cpio 2.9-5 (low; bug #449222)
-CVE-2007-4475
+CVE-2007-4475 (Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webvie ...)
 	NOT-FOR-US: EAI WebViewer3D ActiveX control
-CVE-2007-4474
+CVE-2007-4474 (Multiple stack-based buffer overflows in the IBM Lotus Domino Web Acce ...)
 	NOT-FOR-US: IBM Lotus Domino Web Access
-CVE-2007-4473
+CVE-2007-4473 (Gesytec Easylon OPC Server before 2.3.44 does not properly validate se ...)
 	NOT-FOR-US: Gesytec Easylon OPC Server
-CVE-2007-4472
+CVE-2007-4472 (Multiple buffer overflows in the Broderbund Expressit 3DGreetings Play ...)
 	NOT-FOR-US: Broderbund Expressit
-CVE-2007-4471
+CVE-2007-4471 (Multiple unspecified vulnerabilities in the Intuit QuickBooks Online E ...)
 	NOT-FOR-US: QuickBooks
-CVE-2007-4470
+CVE-2007-4470 (Multiple stack-based buffer overflows in the Earth Resource Mapping NC ...)
 	NOT-FOR-US: Earth Resource Mapping NCSView
 CVE-2007-4469
 	RESERVED
 CVE-2007-4468
 	RESERVED
-CVE-2007-4467
+CVE-2007-4467 (Multiple stack-based buffer overflows in the Oracle JInitiator ActiveX ...)
 	NOT-FOR-US: Oracle
-CVE-2007-4466
+CVE-2007-4466 (Multiple stack-based buffer overflows in Electronic Arts (EA) SnoopyCt ...)
 	NOT-FOR-US: Electronic Arts (EA) SnoopyCtrl ActiveX
-CVE-2007-4465
+CVE-2007-4465 (Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apa ...)
 	- apache <removed> (low)
 	- apache2 2.2.6-1 (bug #453783)
 	[sarge] - apache <no-dsa> (browser issue, low impact)
@@ -5504,258 +5504,258 @@ CVE-2007-4465
 	NOTE: Etch's default configuration not vulnerable due to AddDefaultCharset,
 	NOTE: but many users change this.
 	NOTE: The apache2 fix is actually a workaround. It will not be applied to apache 1.3.
-CVE-2007-4464
+CVE-2007-4464 (CRLF injection vulnerability in the Fileinfo 2.0.9 plugin for Total Co ...)
 	NOT-FOR-US: Total Commander
-CVE-2007-4463
+CVE-2007-4463 (The Fileinfo 2.0.9 plugin for Total Commander allows user-assisted rem ...)
 	NOT-FOR-US: Total Commander
-CVE-2007-4462
+CVE-2007-4462 (lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwr ...)
 	- po4a 0.31-1 (bug #439226)
 	[etch] - po4a 0.29-1etch1
 	[sarge] - po4a 0.20-2sarge1
-CVE-2007-4461
+CVE-2007-4461 (NuFW 2.2.3, and certain other versions after 2.0, allows remote attack ...)
 	- nufw 2.2.4-1 (bug #439227)
 	[etch] - nufw <not-affected>
-CVE-2007-4460
+CVE-2007-4460 (The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) 3.8 ...)
 	{DSA-1365-3 DSA-1365-2 DSA-1365-1}
 	- id3lib3.8.3 3.8.3-7 (low; bug #438540)
-CVE-2007-4459
+CVE-2007-4459 (Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP ...)
 	NOT-FOR-US: Cisco IP Phone
-CVE-2007-4458
+CVE-2007-4458 (PHP remote file inclusion vulnerability in includes/class/class_tpl.ph ...)
 	NOT-FOR-US: Firesoft
-CVE-2007-4457
+CVE-2007-4457 (Directory traversal vulnerability in forumreply.php in Dalai Forum 1.1 ...)
 	NOT-FOR-US: Dalai Forum
-CVE-2007-4456
+CVE-2007-4456 (SQL injection vulnerability in index.php in the SimpleFAQ (com_simplef ...)
 	NOT-FOR-US: mambo
 	NOTE: mambo is in experimental though
-CVE-2007-4455
+CVE-2007-4455 (The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before ...)
 	- asterisk 1:1.4.11~dfsg-1
 	[sarge] - asterisk <not-affected> (not affected according to advisory)
 	[etch] - asterisk <not-affected> (not affected according to advisory)
-CVE-2007-4454
+CVE-2007-4454 (Eval injection vulnerability in environment.php in Olate Download (od) ...)
 	NOT-FOR-US: Olate Download
 CVE-2007-4453
 	NOT-FOR-US: vBulletin
-CVE-2007-4452
+CVE-2007-4452 (The client in Toribash 2.71 and earlier allows remote attackers to cau ...)
 	NOT-FOR-US: Toribash
-CVE-2007-4451
+CVE-2007-4451 (The server in Toribash 2.71 and earlier on Windows allows remote attac ...)
 	NOT-FOR-US: Toribash
-CVE-2007-4450
+CVE-2007-4450 (The server in Toribash 2.71 and earlier does not properly handle long  ...)
 	NOT-FOR-US: Toribash
-CVE-2007-4449
+CVE-2007-4449 (The client in Toribash 2.71 and earlier allows remote attackers to cau ...)
 	NOT-FOR-US: Toribash
-CVE-2007-4448
+CVE-2007-4448 (The server in Toribash 2.71 and earlier does not properly handle parti ...)
 	NOT-FOR-US: Toribash
-CVE-2007-4447
+CVE-2007-4447 (Multiple buffer overflows in the client in Toribash 2.71 and earlier a ...)
 	NOT-FOR-US: Toribash
-CVE-2007-4446
+CVE-2007-4446 (Format string vulnerability in the server in Toribash 2.71 and earlier ...)
 	NOT-FOR-US: Toribash
-CVE-2007-4445
+CVE-2007-4445 (Image Space rFactor 1.250 and earlier allows remote attackers to cause ...)
 	NOT-FOR-US: Image space rfactor
-CVE-2007-4444
+CVE-2007-4444 (Multiple buffer overflows in Image Space rFactor 1.250 and earlier all ...)
 	NOT-FOR-US: Image space rfactor
-CVE-2007-4443
+CVE-2007-4443 (The UCC dedicated server for the Unreal engine, possibly 2003 and 2004 ...)
 	NOT-FOR-US: Unreal on Windows
-CVE-2007-4442
+CVE-2007-4442 (Stack-based buffer overflow in the logging function in the Unreal engi ...)
 	NOT-FOR-US: Unreal on Windows
-CVE-2007-4441
+CVE-2007-4441 (Buffer overflow in php_win32std.dll in the win32std extension for PHP  ...)
 	- php5 <not-affected> (Windows-specific)
-CVE-2007-4440
+CVE-2007-4440 (Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mai ...)
 	NOT-FOR-US: Mercury mail system
-CVE-2007-4439
+CVE-2007-4439 (PHP remote file inclusion vulnerability in popup_window.php in Squirre ...)
 	NOT-FOR-US: Squirrelcart
-CVE-2007-4438
+CVE-2007-4438 (Session fixation vulnerability in Ampache before 3.3.3.5 allows remote ...)
 	- ampache 3.3.3.5-dfsg-1 (bug #407337)
-CVE-2007-4437
+CVE-2007-4437 (SQL injection vulnerability in albums.php in Ampache before 3.3.3.5 al ...)
 	- ampache 3.3.3.5-dfsg-1 (bug #407337)
-CVE-2007-4436
+CVE-2007-4436 (The Drupal Project module before 5.x-1.0, 4.7.x-2.3, and 4.7.x-1.3 and ...)
 	- drupal <not-affected> (External addon, see bug #439379)
-CVE-2007-4435
+CVE-2007-4435 (Multiple SQL injection vulnerabilities in TorrentTrader before 1.07 al ...)
 	NOT-FOR-US: TorrentTrader
-CVE-2007-4434
+CVE-2007-4434 (Cross-site scripting (XSS) vulnerability in textfilesearch.asp in the  ...)
 	NOT-FOR-US: Text File Search ASP
-CVE-2007-4433
+CVE-2007-4433 (Cross-site scripting (XSS) vulnerability in textfilesearch.aspx in the ...)
 	NOT-FOR-US: Text File Search ASP
-CVE-2007-4432
+CVE-2007-4432 (Untrusted search path vulnerability in the wrapper scripts for the (1) ...)
 	NOT-FOR-US: SUSE
-CVE-2007-4431
+CVE-2007-4431 (Cross-domain vulnerability in Apple Safari for Windows 3.0.3 and earli ...)
 	NOT-FOR-US: Safari/windows
-CVE-2007-4430
+CVE-2007-4430 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows contex ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2007-4429
+CVE-2007-4429 (Unspecified vulnerability in Skype allows remote attackers to cause a  ...)
 	NOT-FOR-US: Skype
-CVE-2007-4428
+CVE-2007-4428 (Lhaz 1.33 allows remote attackers to execute arbitrary code via unknow ...)
 	NOT-FOR-US: lhaz
-CVE-2007-4427
+CVE-2007-4427 (Unspecified vulnerability in the login page redirection logic in the C ...)
 	NOT-FOR-US: InterSystems Cache
-CVE-2007-4426
+CVE-2007-4426 (Live for Speed (LFS) S1 and S2 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Live for Speed
-CVE-2007-4425
+CVE-2007-4425 (Multiple buffer overflows in Live for Speed (LFS) demo, S1, and S2 all ...)
 	NOT-FOR-US: Live for Speed
-CVE-2007-4424
+CVE-2007-4424 (Apple Safari for Windows 3.0.3 and earlier does not prompt the user be ...)
 	NOT-FOR-US: Safari
-CVE-2007-4423
+CVE-2007-4423 (Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID functio ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-4422
+CVE-2007-4422 (The login interface in Symantec Enterprise Firewall 6.x, when a VPN wi ...)
 	NOT-FOR-US: Symantec Enterprise Firewall
-CVE-2007-4421
+CVE-2007-4421 (SQL injection vulnerability in Admin.php in Olate Download (od) 3.4.1  ...)
 	NOT-FOR-US: Olate Download
-CVE-2007-4420
+CVE-2007-4420 (Absolute path traversal vulnerability in a certain ActiveX control in  ...)
 	NOT-FOR-US: EDraw Office Viewer Component
-CVE-2007-4419
+CVE-2007-4419 (Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin u ...)
 	NOT-FOR-US: Olate Download
-CVE-2007-4418
+CVE-2007-4418 (IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization,  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-4417
+CVE-2007-4417 (IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not proper ...)
 	NOT-FOR-US: IBM DB2
 CVE-2007-4416
 	NOT-FOR-US: BellaBook
-CVE-2007-4415
+CVE-2007-4415 (Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 In ...)
 	NOT-FOR-US: Cisco VPN client/windows
-CVE-2007-4414
+CVE-2007-4414 (Cisco VPN Client on Windows before 4.8.02.0010 allows local users to g ...)
 	NOT-FOR-US: Cisco VPN client/windows
-CVE-2007-4413
+CVE-2007-4413 (Direct static code injection vulnerability in admincp/user_help.php in ...)
 	NOT-FOR-US: Headstart Solutions DeskPRO 3.0.2
-CVE-2007-4412
+CVE-2007-4412 (Multiple cross-site scripting (XSS) vulnerabilities in Headstart Solut ...)
 	NOT-FOR-US: Deskpro
-CVE-2007-4411
+CVE-2007-4411 (ircu 2.10.12.05 and earlier allows remote attackers to discover the hi ...)
 	- ircd-ircu 2.10.12.10.dfsg1-1 (low; bug #439314)
 	[etch] - ircd-ircu <no-dsa> (Minor issue)
-CVE-2007-4410
+CVE-2007-4410 (ircu 2.10.12.05 and earlier does not properly synchronize a kick actio ...)
 	- ircd-ircu 2.10.12.10.dfsg1-1 (low; bug #439314)
 	[etch] - ircd-ircu <no-dsa> (Minor issue)
-CVE-2007-4409
+CVE-2007-4409 (Race condition in ircu 2.10.12.01 through 2.10.12.05 allows remote att ...)
 	- ircd-ircu <not-affected> (Version affected not yet in unstable, maintainer informed)
-CVE-2007-4408
+CVE-2007-4408 (ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allow ...)
 	- ircd-ircu 2.10.12.10.dfsg1-1 (low; bug #439314)
 	[etch] - ircd-ircu <no-dsa> (Minor issue)
-CVE-2007-4407
+CVE-2007-4407 (ircu 2.10.12.03 and 2.10.12.04 does not associate a timestamp with ops ...)
 	- ircd-ircu <not-affected> (Version affected not yet in unstable, maintainer informed)
-CVE-2007-4406
+CVE-2007-4406 (ircu 2.10.12.01 through 2.10.12.04 does not remove ops privilege after ...)
 	- ircd-ircu <not-affected> (Version affected not yet in unstable, maintainer informed)
-CVE-2007-4405
+CVE-2007-4405 (ircu 2.10.12.02 through 2.10.12.04 allows remote attackers to cause a  ...)
 	- ircd-ircu <not-affected> (Version affected not yet in unstable, maintainer informed)
-CVE-2007-4404
+CVE-2007-4404 (ircu 2.10.12.01 allows remote attackers to (1) cause a denial of servi ...)
 	- ircd-ircu <not-affected> (Version affected not yet in unstable, maintainer informed)
-CVE-2007-4403
+CVE-2007-4403 (The mIRC Control Plug-in for Winamp allows user-assisted remote attack ...)
 	NOT-FOR-US: mirc/winamp
-CVE-2007-4402
+CVE-2007-4402 (Multiple unspecified scripts in mIRC allow user-assisted remote attack ...)
 	NOT-FOR-US: mirc
-CVE-2007-4401
+CVE-2007-4401 (Multiple CRLF injection vulnerabilities in the Advanced mIRC Integrati ...)
 	NOT-FOR-US: mirc
-CVE-2007-4400
+CVE-2007-4400 (CRLF injection vulnerability in the included media script in Konversat ...)
 	- konversation 1.0.1-4 (low; bug #439837)
 	[etch] - konversation <no-dsa> (minor issue)
 	[sarge] - konversation <no-dsa> (minor issue)
-CVE-2007-4399
+CVE-2007-4399 (CRLF injection vulnerability in the xmms.bx 1.0 script for BitchX allo ...)
 	NOT-FOR-US: xmms.bx 1.0 script for BitchX (not included in Debian package)
-CVE-2007-4398
+CVE-2007-4398 (Multiple CRLF injection vulnerabilities in the (1) now-playing.rb and  ...)
 	- irssi-scripts 20070925 (low; bug #439840)
 	- weechat-scripts 20070425-0.1 (low; bug #439839)
 	[etch] - irssi-scripts <no-dsa> (minor issue)
 	[etch] - weechat-scripts <no-dsa> (minor issue)
 	[sarge] - irssi-scripts <no-dsa> (minor issue)
-CVE-2007-4397
+CVE-2007-4397 (Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMM ...)
 	NOT-FOR-US: various IRC now_playing scripts
-CVE-2007-4396
+CVE-2007-4396 (Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3, (2) l33t ...)
 	- irssi-scripts 20070925 (low; bug #439840)
 	[etch] - irssi-scripts <no-dsa> (minor issue)
 	[sarge] - irssi-scripts <no-dsa> (minor issue)
 	NOTE: weechat-scripts does not include the mentioned scripts
-CVE-2007-4395
+CVE-2007-4395 (Multiple unspecified vulnerabilities in the Role Based Access Control  ...)
 	NOT-FOR-US: Sun Solaris 8
-CVE-2007-4394
+CVE-2007-4394 (Unspecified vulnerability in a "core clean" cron job created by the fi ...)
 	NOT-FOR-US: findutils-locate on SUSE Linux
-CVE-2007-4393
+CVE-2007-4393 (The installation script for orarun on SUSE Linux before 20070810 place ...)
 	NOT-FOR-US: oracle
-CVE-2007-4392
+CVE-2007-4392 (Winamp 5.35 allows remote attackers to cause a denial of service (prog ...)
 	NOT-FOR-US: winamp
-CVE-2007-4391
+CVE-2007-4391 (Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger  ...)
 	NOT-FOR-US: kakadu
-CVE-2007-4390
+CVE-2007-4390 (The Command Line Interface (CLI), aka Adonis Administration Console, o ...)
 	NOT-FOR-US: BlueCat
-CVE-2007-4389
+CVE-2007-4389 (Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701 ...)
 	NOT-FOR-US: 2wire
-CVE-2007-4388
+CVE-2007-4388 (2wire 1701HG and 2071 Gateway routers, with 5.29.51 and possibly 3.17. ...)
 	NOT-FOR-US: 2wire
-CVE-2007-4387
+CVE-2007-4387 (Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701 ...)
 	NOT-FOR-US: 2wire
-CVE-2007-4386
+CVE-2007-4386 (SQL injection vulnerability in search.php in GetMyOwnArcade allows rem ...)
 	NOT-FOR-US: GetMyOwnArcade
-CVE-2007-4385
+CVE-2007-4385 (OWASP Stinger before 2.5 allows remote attackers to bypass input valid ...)
 	NOT-FOR-US: Stinger
-CVE-2007-4384
+CVE-2007-4384 (Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in ...)
 	NOT-FOR-US: Stephane Pineau VOTE
 CVE-2007-4383
 	NOT-FOR-US: Trackeur
-CVE-2007-4382
+CVE-2007-4382 (CounterPath X-Lite 3.0 34025, and possibly eyeBeam, allows remote atta ...)
 	NOT-FOR-US: CounterPath X-Lite
-CVE-2007-4381
+CVE-2007-4381 (Unspecified vulnerability in the font parsing implementation in Sun JD ...)
 	- sun-java5 1.5.0-10-1
-CVE-2007-4380
+CVE-2007-4380 (Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 (6.8. ...)
 	NOT-FOR-US: Altiris Deployment Solution
-CVE-2007-4379
+CVE-2007-4379 (Babo Violent 2 2.08.00 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: Babo Violent
-CVE-2007-4378
+CVE-2007-4378 (Multiple format string vulnerabilities in Babo Violent 2 2.08.00 and e ...)
 	NOT-FOR-US: Babo Violent
-CVE-2007-4377
+CVE-2007-4377 (Stack-based buffer overflow in the IMAP service in SurgeMail 38k allow ...)
 	NOT-FOR-US: SurgeMail
-CVE-2007-4376
+CVE-2007-4376 (Unrestricted file upload vulnerability in banner-upload.php in Szymon  ...)
 	NOT-FOR-US: Szymon Kosok Best Top List
-CVE-2007-4375
+CVE-2007-4375 (The administrative interface (aka DkService.exe) in Diskeeper 9 Profes ...)
 	NOT-FOR-US: Diskeeper
-CVE-2007-4374
+CVE-2007-4374 (Babo Violent 2 2.08.00 does not validate the sender field of a chat me ...)
 	NOT-FOR-US: Babo Violent
-CVE-2007-4373
+CVE-2007-4373 (The server in Babo Violent 2 2.08.00 and earlier does not properly imp ...)
 	NOT-FOR-US: Babo Violent
-CVE-2007-4372
+CVE-2007-4372 (Unspecified vulnerability in NetWin SurgeMail 38k on Windows Server 20 ...)
 	NOT-FOR-US: SurgeMail
 CVE-2007-XXXX [pam usb wrongly allows authentication without password in ssh sessions]
 	- libpam-usb 0.4.1-1 (medium)
 	NOTE: see http://sourceforge.net/mailarchive/forum.php?thread_name=7D75703BC8E1C149BF78A1E79AAAB169B8A2E4%40svits28.main.ad.rit.edu&forum_name=pamusb-devel
 CVE-2007-XXXX [lwat sometimes logs passwords in access.log]
 	- lwat 0.15-2 (low)
-CVE-2007-4371
+CVE-2007-4371 (Unrestricted file upload vulnerability in admin/pages/blog-add.php in  ...)
 	NOT-FOR-US: Neuron Blog
-CVE-2007-4370
+CVE-2007-4370 (Multiple buffer overflows in the (1) client and (2) server in Racer 0. ...)
 	NOT-FOR-US: Racer
-CVE-2007-4369
+CVE-2007-4369 (Directory traversal vulnerability in go/_files in SOTEeSKLEP before 4. ...)
 	NOT-FOR-US: SOTEeSKLEP
-CVE-2007-4368
+CVE-2007-4368 (SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) W ...)
 	NOT-FOR-US: IBM Rational ClearQuest (CQ)
-CVE-2007-4367
+CVE-2007-4367 (Opera before 9.23 allows remote attackers to execute arbitrary code vi ...)
 	NOT-FOR-US: Opera
-CVE-2007-4366
+CVE-2007-4366 (WengoPhone 2.1 allows remote attackers to cause a denial of service (d ...)
 	- wengophone 2.1.1.dfsg0-3 (bug #438419)
-CVE-2007-4365
+CVE-2007-4365 (Cross-site scripting (XSS) vulnerability in eXV2 CMS 2.0.5 and earlier ...)
 	NOT-FOR-US: eXV2 CMS
-CVE-2007-4364
+CVE-2007-4364 (Fedora Commons before 2.2.1 does not properly handle certain authentic ...)
 	NOT-FOR-US: Fedora Commons
-CVE-2007-4363
+CVE-2007-4363 (Multiple cross-site scripting (XSS) vulnerabilities in the nodereferen ...)
 	NOT-FOR-US: Drupal Content Construction Kit (CCK)
-CVE-2007-4362
+CVE-2007-4362 (SQL injection vulnerability in category.php in Prozilla Webring allows ...)
 	NOT-FOR-US: Prozilla Webring
-CVE-2007-4361
+CVE-2007-4361 (NETGEAR (formerly Infrant) ReadyNAS RAIDiator before 4.00b2-p2-T1 beta ...)
 	NOT-FOR-US: ReadyNAS RAIDiator
-CVE-2007-4360
+CVE-2007-4360 (Unspecified vulnerability in Dell Remote Access Card 4 (DRAC4) with fi ...)
 	NOT-FOR-US: Dell
-CVE-2007-4359
+CVE-2007-4359 (Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems J ...)
 	NOT-FOR-US: JobLister3
-CVE-2007-4358
+CVE-2007-4358 (Zoidcom 0.6.7 and earlier allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Zoidcom
-CVE-2007-4357
+CVE-2007-4357 (Mozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof t ...)
 	- mozilla-firefox <removed> (unimportant)
 	- mozilla <removed> (unimportant)
 	- iceweasel <removed> (unimportant)
 	- iceape <removed> (unimportant)
-CVE-2007-4356
+CVE-2007-4356 (Microsoft Internet Explorer 6 and 7 embeds FTP credentials in HTML fil ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-4355
+CVE-2007-4355 (Buffer overflow in the at program on IBM AIX 5.3 allows local users to ...)
 	NOT-FOR-US: AIX
-CVE-2007-4354
+CVE-2007-4354 (Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3  ...)
 	NOT-FOR-US: AIX
-CVE-2007-4353
+CVE-2007-4353 (Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in  ...)
 	NOT-FOR-US: AIX
-CVE-2007-4352
+CVE-2007-4352 (Array index error in the DCTStream::readProgressiveDataUnit method in  ...)
 	{DSA-1537-1 DSA-1509-1 DSA-1480-1 DTSA-85-1 DTSA-86-1}
 	- poppler 0.6.2-1 (medium; bug #450628)
 	- kdegraphics 4:3.5.8-2 (medium; bug #450630)
@@ -5773,120 +5773,120 @@ CVE-2007-4352
 	- libextractor 0.5.12-1
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
 	- swftools 0.9.2+ds1-2
-CVE-2007-4351
+CVE-2007-4351 (Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 ...)
 	{DSA-1407-1 DTSA-81-1}
 	- cupsys 1.3.4-1 (medium; bug #448866)
 	- cups 1.3.4-1 (medium; bug #448866)
 	[sarge] - cupsys <not-affected> (Only vulnerable to code injection since 1.2.x, effects are harmless otherwise)
-CVE-2007-4350
+CVE-2007-4350 (Cross-site scripting (XSS) vulnerability in the management interface i ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2007-4349
+CVE-2007-4349 (The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 ...)
 	NOT-FOR-US: HP OpenView Report
-CVE-2007-4348
+CVE-2007-4348 (Cross-site scripting (XSS) vulnerability in the CAD service in IBM Tiv ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2007-4347
+CVE-2007-4347 (Multiple integer overflows in the Job Engine (bengine.exe) service in  ...)
 	NOT-FOR-US: Job Engine
-CVE-2007-4346
+CVE-2007-4346 (The Job Engine (bengine.exe) service in Symantec Backup Exec for Windo ...)
 	NOT-FOR-US: Job Engine
-CVE-2007-4345
+CVE-2007-4345 (Buffer overflow in IMail Client 9.22, as shipped with IPSwitch IMail S ...)
 	NOT-FOR-US: IMail Client
-CVE-2007-4344
+CVE-2007-4344 (Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build ...)
 	NOT-FOR-US: ACDSee
-CVE-2007-4343
+CVE-2007-4343 (Stack-based buffer overflow in IrfanView 3.99 and 4.00 allows user-ass ...)
 	NOT-FOR-US: IrfanView
-CVE-2007-4342
+CVE-2007-4342 (PHP remote file inclusion vulnerability in include.php in PHPCentral L ...)
 	NOT-FOR-US: PHPCentral
-CVE-2007-4341
+CVE-2007-4341 (PHP remote file inclusion vulnerability in adm/my_statistics.php in Om ...)
 	NOT-FOR-US: Omnistar Lib2 PHP
-CVE-2007-4340
+CVE-2007-4340 (PHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 a ...)
 	NOT-FOR-US: phpDVD
-CVE-2007-4339
+CVE-2007-4339 (Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll  ...)
 	NOT-FOR-US: PHPCentral Poll Script
-CVE-2007-4338
+CVE-2007-4338 (index.php in Ryan Haudenschilt Family Connections (FCMS) before 0.9 al ...)
 	NOT-FOR-US: Family Connections
-CVE-2007-4337
+CVE-2007-4337 (Multiple buffer overflows in the httplib_parse_sc_header function in l ...)
 	{DSA-1683-1}
 	- streamripper 1.62.2-1 (low)
-CVE-2007-4336
+CVE-2007-4336 (Buffer overflow in the Live Picture Corporation DXSurface.LivePicture. ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-4335
+CVE-2007-4335 (Format string vulnerability in the SMTP server component in Qbik WinGa ...)
 	NOT-FOR-US: Qbik WinGate
-CVE-2007-4334
+CVE-2007-4334 (Cross-site scripting (XSS) vulnerability in whois.php in Php-stats 0.1 ...)
 	NOT-FOR-US: Php-stats
-CVE-2007-4333
+CVE-2007-4333 (Multiple cross-site scripting (XSS) vulnerabilities in signup.php in A ...)
 	NOT-FOR-US: Article Dashboard
-CVE-2007-4332
+CVE-2007-4332 (SQL injection vulnerability in article.php in Article Dashboard, when  ...)
 	NOT-FOR-US: Article Dashboard
-CVE-2007-4331
+CVE-2007-4331 (PHP remote file inclusion vulnerability in index.php in FindNix allows ...)
 	NOT-FOR-US: FindNix
-CVE-2007-4330
+CVE-2007-4330 (PHP remote file inclusion vulnerability in shoutbox.php in Shoutbox 1. ...)
 	NOT-FOR-US: Shoutbox
-CVE-2007-4329
+CVE-2007-4329 (Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 all ...)
 	NOT-FOR-US: Web News
-CVE-2007-4328
+CVE-2007-4328 (Multiple PHP remote file inclusion vulnerabilities in Mapos Bilder Gal ...)
 	NOT-FOR-US: Bilder Galerie
-CVE-2007-4327
+CVE-2007-4327 (Multiple PHP remote file inclusion vulnerabilities in File Uploader 1. ...)
 	NOT-FOR-US: File Uploader
-CVE-2007-4326
+CVE-2007-4326 (Multiple PHP remote file inclusion vulnerabilities in Bilder Uploader  ...)
 	NOT-FOR-US: Bilder Uploader
-CVE-2007-4325
+CVE-2007-4325 (PHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 ...)
 	NOT-FOR-US: Gaestebuch
-CVE-2007-4324
+CVE-2007-4324 (ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other version ...)
 	- flashplugin-nonfree 9.0.115.0.1
 	[etch] - flashplugin-nonfree 9.0.115.0.1~etch1
 	[sarge] - flashplugin-nonfree <no-dsa> (Non-free not supported)
-CVE-2007-4323
+CVE-2007-4323 (DenyHosts 2.6 does not properly parse sshd log files, which allows rem ...)
 	- denyhosts 2.6-2.1 (bug #438162; medium)
 	[etch] - denyhosts 2.6-1etch1
-CVE-2007-4322
+CVE-2007-4322 (BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftp ...)
 	NOT-FOR-US: BlockHosts
-CVE-2007-4321
+CVE-2007-4321 (fail2ban 0.8 and earlier does not properly parse sshd log files, which ...)
 	{DSA-1456-1}
 	- fail2ban 0.8.0-4 (bug #438187; medium)
-CVE-2007-4320
+CVE-2007-4320 (PHP remote file inclusion vulnerability in admin/addons/archive/archiv ...)
 	NOT-FOR-US: Ncaster
-CVE-2007-4319
+CVE-2007-4319 (The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zyw ...)
 	NOT-FOR-US: Zyxel
-CVE-2007-4318
+CVE-2007-4318 (Cross-site scripting (XSS) vulnerability in Forms/General_1 in the man ...)
 	NOT-FOR-US: Zyxel
-CVE-2007-4317
+CVE-2007-4317 (Multiple cross-site request forgery (CSRF) vulnerabilities in the mana ...)
 	NOT-FOR-US: Zyxel
-CVE-2007-4316
+CVE-2007-4316 (The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zyw ...)
 	NOT-FOR-US: Zyxel
-CVE-2007-4315
+CVE-2007-4315 (The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows loca ...)
 	NOT-FOR-US: ATI
-CVE-2007-4314
+CVE-2007-4314 (pixlie.php in Pixlie 1.7 allows remote attackers to trigger the readin ...)
 	NOT-FOR-US: Pixlie
-CVE-2007-4313
+CVE-2007-4313 (PHP remote file inclusion vulnerability in public_includes/pub_blocks/ ...)
 	NOT-FOR-US: Php Blue Dragon CMS
-CVE-2007-4312
+CVE-2007-4312 (SQL injection vulnerability in index.php in Php Blue Dragon CMS 3.0.0  ...)
 	NOT-FOR-US: Php Blue Dragon CMS
-CVE-2007-4311
+CVE-2007-4311 (The xfer_secondary_pool function in drivers/char/random.c in the Linux ...)
 	{DSA-1503-2 DSA-1503-1}
 	- linux-2.6 <not-affected> (buffer is local to the function that uses sizeof on it)
-CVE-2007-4310
+CVE-2007-4310 (The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remot ...)
 	NOT-FOR-US: Solaris
-CVE-2007-4309
+CVE-2007-4309 (IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenti ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2007-4308
+CVE-2007-4308 (The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI la ...)
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1363-1}
 	- linux-2.6 2.6.22-4 (medium; bug #443694)
-CVE-2007-4307
+CVE-2007-4307 (Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 a ...)
 	NOT-FOR-US: Storesprite
-CVE-2007-4306
+CVE-2007-4306 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10 ...)
 	- phpmyadmin <unfixed> (unimportant)
 	[sarge] - phpmyadmin <not-affected>
 	NOTE: It seems that this requires knowledge of a unguessable session token.
 	NOTE: Confirmed by upstream. Sarge is not affected at all.
-CVE-2007-4305
+CVE-2007-4305 (Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail  ...)
 	NOT-FOR-US: NetBSD and OpenBSD
-CVE-2007-4304
+CVE-2007-4304 (CerbNG for FreeBSD 4.8 does not properly implement VM protection when  ...)
 	NOT-FOR-US: CerbNG for FreeBSD
-CVE-2007-4303
+CVE-2007-4303 (Multiple race conditions in (1) certain rules and (2) argument copying ...)
 	NOT-FOR-US: CerbNG for FreeBSD
-CVE-2007-4302
+CVE-2007-4302 (Multiple race conditions in certain system call wrappers in Generic So ...)
 	NOT-FOR-US: Generic Software Wrappers Toolkit
-CVE-2007-4301
+CVE-2007-4301 (Multiple cross-site scripting (XSS) vulnerabilities in the management  ...)
 	NOT-FOR-US: WebCart
 CVE-2007-4300
 	RESERVED
@@ -5894,397 +5894,397 @@ CVE-2007-4299
 	RESERVED
 CVE-2007-4298
 	RESERVED
-CVE-2007-4297
+CVE-2007-4297 (Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp ...)
 	NOT-FOR-US: Modulu
-CVE-2007-4296
+CVE-2007-4296 (Unspecified vulnerability in assp.pl in Anti-Spam SMTP Proxy Server (A ...)
 	NOT-FOR-US: Anti-Spam SMTP Proxy Server
-CVE-2007-4295
+CVE-2007-4295 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4294
+CVE-2007-4294 (Unspecified vulnerability in Cisco Unified Communications Manager (CUC ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4293
+CVE-2007-4293 (Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4292
+CVE-2007-4292 (Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote atta ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4291
+CVE-2007-4291 (Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Cisco
 CVE-2007-4290
 	NOT-FOR-US: Guestbook Script
-CVE-2007-4289
+CVE-2007-4289 (Sun Java System Portal Server 7.0 does not properly process XSLT style ...)
 	NOT-FOR-US: Sun Java System Portal Server
-CVE-2007-4288
+CVE-2007-4288 (Microsoft Windows Media Player 11 (wmplayer.exe) allows user-assisted  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-4287
+CVE-2007-4287 (PHP remote file inclusion vulnerability in fc_functions/fc_example.php ...)
 	NOT-FOR-US: FishCart
-CVE-2007-4286
+CVE-2007-4286 (Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionali ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4285
+CVE-2007-4285 (Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12. ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4284
+CVE-2007-4284 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified M ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4283
+CVE-2007-4283 (PHP remote file inclusion vulnerability in bridge/yabbse.inc.php in Co ...)
 	NOT-FOR-US: Coppermine Photo Gallery (CPG)
-CVE-2007-4282
+CVE-2007-4282 (The "Extended properties for entries" (entryproperties) plugin in sere ...)
 	- serendipity 1.1.4-1
 	[etch] - serendipity <not-affected> (introduced in 1.1.x)
-CVE-2007-4281
+CVE-2007-4281 (Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source  ...)
 	- knowledgetree <removed>
-CVE-2007-4279
+CVE-2007-4279 (PHP remote file inclusion vulnerability in config.php in FrontAccounti ...)
 	NOT-FOR-US: FrontAccounting
-CVE-2007-4278
+CVE-2007-4278 (Stack-based buffer overflow in the giomgr process in ESRI ArcSDE servi ...)
 	NOT-FOR-US: ESRI ArcSDE
-CVE-2007-4277
+CVE-2007-4277 (The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Tr ...)
 	NOT-FOR-US: Trend Micro AntiVirus
-CVE-2007-4276
+CVE-2007-4276 (Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-4275
+CVE-2007-4275 (Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before ...)
 	NOT-FOR-US: IBM DB2
 CVE-2007-4274
 	REJECTED
-CVE-2007-4273
+CVE-2007-4273 (IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local us ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-4272
+CVE-2007-4272 (Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 bef ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-4271
+CVE-2007-4271 (Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 an ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-4270
+CVE-2007-4270 (Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 bef ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-4269
+CVE-2007-4269 (Integer overflow in the Networking component in Apple Mac OS X 10.4 th ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4268
+CVE-2007-4268 (Integer signedness error in the Networking component in Apple Mac OS X ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4267
+CVE-2007-4267 (Stack-based buffer overflow in the Networking component in Apple Mac O ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2007-4266
 	RESERVED
-CVE-2007-4265
+CVE-2007-4265 (Multiple cross-site scripting (XSS) vulnerabilities in VisionProject 3 ...)
 	NOT-FOR-US: VisionProject
-CVE-2007-4264
+CVE-2007-4264 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ka ...)
 	NOT-FOR-US: snif
-CVE-2007-4280
+CVE-2007-4280 (The Skinny channel driver (chan_skinny) in Asterisk Open Source before ...)
 	- asterisk 1:1.4.10~dfsg-1
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-019.htm
 	[sarge] - asterisk <not-affected> (not affected according to advisory)
 	[etch] - asterisk <not-affected> (not affected according to advisory)
-CVE-2007-4263
+CVE-2007-4263 (Unspecified vulnerability in the server side of the Secure Copy (SCP)  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4262
+CVE-2007-4262 (Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and earli ...)
 	NOT-FOR-US: EZPhotoSales
-CVE-2007-4261
+CVE-2007-4261 (EZPhotoSales 1.9.3 and earlier stores sensitive information under the  ...)
 	NOT-FOR-US: EZPhotoSales
-CVE-2007-4260
+CVE-2007-4260 (EZPhotoSales 1.9.3 and earlier has a default "admin" account for galle ...)
 	NOT-FOR-US: EZPhotoSales
-CVE-2007-4259
+CVE-2007-4259 (EZPhotoSales 1.9.3 and earlier allows remote attackers to download arb ...)
 	NOT-FOR-US: EZPhotoSales
-CVE-2007-4258
+CVE-2007-4258 (SQL injection vulnerability in directory.php in Prozilla Pub Site Dire ...)
 	NOT-FOR-US: Prozilla
-CVE-2007-4257
+CVE-2007-4257 (Multiple buffer overflows in Live for Speed (LFS) S1 and S2 allow user ...)
 	NOT-FOR-US: Live for Speed
-CVE-2007-4256
+CVE-2007-4256 (Directory traversal vulnerability in showpage.cgi in YNP Portal System ...)
 	NOT-FOR-US: YNP Portal System
-CVE-2007-4255
+CVE-2007-4255 (Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-depe ...)
 	- php5 <removed> (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: Only exploitable by malicious script
-CVE-2007-4254
+CVE-2007-4254 (Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-4253
+CVE-2007-4253 (SQL injection vulnerability in the News module in modules.php in Envol ...)
 	NOT-FOR-US: Envolution
-CVE-2007-4252
+CVE-2007-4252 (Absolute path traversal vulnerability in a certain ActiveX control in  ...)
 	NOT-FOR-US: CHILKAT ASP String
-CVE-2007-4251
+CVE-2007-4251 (OpenOffice.org (OOo) 2.2 does not properly handle files with multiple  ...)
 	- openoffice.org <unfixed> (unimportant)
 	NOTE: Only a crasher with malformed documents
-CVE-2007-4250
+CVE-2007-4250 (The isChecked function in Toolbar.DLL in Advanced Searchbar before 3.3 ...)
 	NOT-FOR-US: Advanced Searchbar
-CVE-2007-4249
+CVE-2007-4249 (The isChecked function in Toolbar.DLL in the ExportNation toolbar for  ...)
 	NOT-FOR-US: ExportNation toolbar
-CVE-2007-4248
+CVE-2007-4248 (The CallCmd function in toolbar_gaming.dll in the Toolbar Gaming toolb ...)
 	NOT-FOR-US: Toolbar Gaming toolbar
-CVE-2007-4247
+CVE-2007-4247 (Windows Calendar on Microsoft Windows Vista allows remote attackers to ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-4246
+CVE-2007-4246 (Unspecified vulnerability, possibly a buffer overflow, in Justsystem I ...)
 	NOT-FOR-US: Justsystem Ichitaro
-CVE-2007-4245
+CVE-2007-4245 (Cross-site scripting (XSS) vulnerability in Search.php in DiMeMa CONTE ...)
 	NOT-FOR-US: DiMeMa CONTENTdm
-CVE-2007-4244
+CVE-2007-4244 (PHP remote file inclusion vulnerability in langset.php in J! Reactions ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-4243
+CVE-2007-4243 (Unspecified vulnerability in pfilter-reporter.pl in Astaro Security Ga ...)
 	NOT-FOR-US: Astaro Security Gateway
-CVE-2007-4242
+CVE-2007-4242 (The pop3 Proxy in Astaro Security Gateway (ASG) 7 does not perform vir ...)
 	NOT-FOR-US: Astaro Security Gateway
-CVE-2007-4241
+CVE-2007-4241 (Buffer overflow in ldcconn in Hewlett-Packard (HP) Controller for Cisc ...)
 	NOT-FOR-US: Hewlett-Packard
-CVE-2007-4240
+CVE-2007-4240 (The check_logout function in class/auth.php in Help Center Live (hcl)  ...)
 	NOT-FOR-US: Help Center Live
-CVE-2007-4239
+CVE-2007-4239 (Cross-site scripting (XSS) vulnerability in user/forgotPassStep2.jsp i ...)
 	NOT-FOR-US: C-SAM oneWallet
-CVE-2007-4238
+CVE-2007-4238 (AIX 5.2 and 5.3 install pioinit with user and group ownership of bin,  ...)
 	NOT-FOR-US: AIX
-CVE-2007-4237
+CVE-2007-4237 (Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte ...)
 	NOT-FOR-US: AIX
-CVE-2007-4236
+CVE-2007-4236 (Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows l ...)
 	NOT-FOR-US: AIX
-CVE-2007-4235
+CVE-2007-4235 (Multiple PHP remote file inclusion vulnerabilities in VietPHP allow re ...)
 	NOT-FOR-US: VietPHP
-CVE-2007-4234
+CVE-2007-4234 (Unspecified vulnerability in Camera Life before 2.6 allows remote atta ...)
 	NOT-FOR-US: Camera Life
-CVE-2007-4233
+CVE-2007-4233 (Multiple unspecified vulnerabilities in Camera Life before 2.6 allow a ...)
 	NOT-FOR-US: Camera Life
-CVE-2007-4232
+CVE-2007-4232 (PHP remote file inclusion vulnerability in admin/inc/change_action.php ...)
 	NOT-FOR-US: PHPNews
-CVE-2007-4231
+CVE-2007-4231 (PHP remote file inclusion vulnerability in order/login.php in IDevSpot ...)
 	NOT-FOR-US: PhpHostBot
 CVE-2007-4230
 	NOT-FOR-US: BellaBiblio
-CVE-2007-4229
+CVE-2007-4229 (Unspecified vulnerability in KDE Konqueror 3.5.7 and earlier allows re ...)
 	- kdebase <unfixed> (unimportant)
 	NOTE: Browser DoS not treated as vulnerabilities
-CVE-2007-4228
+CVE-2007-4228 (rmpvc on IBM AIX 4.3 allows local users to cause a denial of service ( ...)
 	NOT-FOR-US: AIX
-CVE-2007-4227
+CVE-2007-4227 (Microsoft Windows Explorer (explorer.exe) allows user-assisted remote  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-4226
+CVE-2007-4226 (Directory traversal vulnerability in the BlueCat Networks Proteus IPAM ...)
 	NOT-FOR-US: BlueCat Networks Proteus IPAM appliance
-CVE-2007-4225
+CVE-2007-4225 (Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote a ...)
 	- kdebase 4:3.5.7-3 (bug #433072; low)
 	[sarge] - kdebase <no-dsa> (Minor issue)
 	[etch] - kdebase <no-dsa> (Minor issue)
-CVE-2007-4224
+CVE-2007-4224 (KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address b ...)
 	- kdebase 4:3.5.7-3 (bug #433072; low)
 	[sarge] - kdebase <no-dsa> (Minor issue)
 	[etch] - kdebase <no-dsa> (Minor issue)
-CVE-2007-4223
+CVE-2007-4223 (Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an u ...)
 	NOT-FOR-US: Microsoft Sysinternals DebugView
-CVE-2007-4222
+CVE-2007-4222 (Buffer overflow in the TagAttributeListCopy function in nnotes.dll in  ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2007-4221
+CVE-2007-4221 (Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for Wi ...)
 	NOT-FOR-US: Motorola Timbuktu
-CVE-2007-4220
+CVE-2007-4220 (Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6. ...)
 	NOT-FOR-US: Motorola Timbuktu
-CVE-2007-4219
+CVE-2007-4219 (Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as u ...)
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-4218
+CVE-2007-4218 (Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) i ...)
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-4217
+CVE-2007-4217 (Stack-based buffer overflow in the domacro function in ftp in IBM AIX  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-4216
+CVE-2007-4216 (vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.3 ...)
 	NOT-FOR-US: ZoneAlarm
 CVE-2007-4215
 	RESERVED
 CVE-2007-4214
 	RESERVED
-CVE-2007-4213
+CVE-2007-4213 (Palm OS on Treo 650, 680, 700p, and 755p Smart phones allows remote at ...)
 	NOT-FOR-US: Palm OS
-CVE-2007-4212
+CVE-2007-4212 (Multiple cross-site scripting (XSS) vulnerabilities in the Search Modu ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-4211
+CVE-2007-4211 (The ACL plugin in Dovecot before 1.0.3 allows remote authenticated use ...)
 	- dovecot 1:1.0.3-2 (low)
 	[etch] - dovecot <no-dsa> (minor issue)
 	[sarge] - dovecot <no-dsa> (minor issue)
-CVE-2007-4210
+CVE-2007-4210 (Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) ...)
 	NOT-FOR-US: LANAI CMS
-CVE-2007-4209
+CVE-2007-4209 (SQL injection vulnerability in Recherche.php in Aceboard forum allows  ...)
 	NOT-FOR-US: Aceboard forum
-CVE-2007-4208
+CVE-2007-4208 (SQL injection vulnerability in default.asp in Next Gen Portfolio Manag ...)
 	NOT-FOR-US: Next Gen Portfolio Manager
-CVE-2007-4207
+CVE-2007-4207 (SQL injection vulnerability in admin_console/index.asp in Gallery In A ...)
 	NOT-FOR-US: Gallery In A Box
-CVE-2007-4206
+CVE-2007-4206 (Kaspersky Anti-Spam 3.0 MP1 before Critical Fix 2 (3.0.278.4) sets inc ...)
 	NOT-FOR-US: Kaspersky Anti-Spam
-CVE-2007-4205
+CVE-2007-4205 (XHA (Linux-HA) on the BlueCat Networks Adonis DNS/DHCP Appliance 5.0.2 ...)
 	NOT-FOR-US: BlueCat Networks Adonis
-CVE-2007-4204
+CVE-2007-4204 (Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collabo ...)
 	NOT-FOR-US: Hitachi Groupmax Collaboration
-CVE-2007-4203
+CVE-2007-4203 (Session fixation vulnerability in Mambo 4.6.2 CMS allows remote attack ...)
 	NOT-FOR-US: Mambo
-CVE-2007-4202
+CVE-2007-4202 (Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly  ...)
 	NOT-FOR-US: Guidance Software EnCase
-CVE-2007-4201
+CVE-2007-4201 (Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume ...)
 	NOT-FOR-US: Guidance Software EnCase
-CVE-2007-4200
+CVE-2007-4200 (ntfs.c in fsstat in Brian Carrier The Sleuth Kit (TSK) before 2.09 int ...)
 	- sleuthkit 2.09-1 (unimportant)
 	NOTE: Labelling this as a security problem is a bit far-fetched.
-CVE-2007-4199
+CVE-2007-4199 (Brian Carrier The Sleuth Kit (TSK) before 2.09 allows user-assisted re ...)
 	- sleuthkit 2.09-1 (unimportant)
 	NOTE: Labelling this as a security problem is a bit far-fetched.
-CVE-2007-4198
+CVE-2007-4198 (The fs_data_put_str function in ntfs.c in fls in Brian Carrier The Sle ...)
 	- sleuthkit 2.09-1 (unimportant)
 	NOTE: Labelling this as a security problem is a bit far-fetched.
-CVE-2007-4197
+CVE-2007-4197 (icat in Brian Carrier The Sleuth Kit (TSK) before 2.09 omits NULL poin ...)
 	- sleuthkit 2.09-1 (unimportant)
 	NOTE: Labelling this as a security problem is a bit far-fetched.
-CVE-2007-4196
+CVE-2007-4196 (icat in Brian Carrier The Sleuth Kit (TSK) before 2.09 misinterprets a ...)
 	- sleuthkit 2.09-1 (unimportant)
 	NOTE: Labelling this as a security problem is a bit far-fetched.
-CVE-2007-4195
+CVE-2007-4195 (Use-after-free vulnerability in ext2fs.c in Brian Carrier The Sleuth K ...)
 	- sleuthkit 2.09-1 (unimportant)
 	NOTE: Labelling this as a security problem is a bit far-fetched.
-CVE-2007-4194
+CVE-2007-4194 (Guidance Software EnCase 5.0 allows user-assisted remote attackers to  ...)
 	NOT-FOR-US: Guidance Software EnCase
-CVE-2007-4193
+CVE-2007-4193 (Multiple cross-site request forgery (CSRF) vulnerabilities in index.ph ...)
 	NOT-FOR-US: DVD Rental System
-CVE-2007-4192
+CVE-2007-4192 (Multiple cross-site scripting (XSS) vulnerabilities in IDE Group DVD R ...)
 	NOT-FOR-US: DVD Rental System
-CVE-2007-4191
+CVE-2007-4191 (Panda Antivirus 2008 stores service executables under the product's in ...)
 	NOT-FOR-US: Panda Antivirus
-CVE-2007-4190
+CVE-2007-4190 (CRLF injection vulnerability in Joomla! before 1.0.13 (aka Sunglow) al ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-4189
+CVE-2007-4189 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before  ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-4188
+CVE-2007-4188 (Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow)  ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-4187
+CVE-2007-4187 (Multiple eval injection vulnerabilities in the com_search component in ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-4186
+CVE-2007-4186 (PHP remote file inclusion vulnerability in admin.tour_toto.php in the  ...)
 	NOT-FOR-US: Joomla! addon
-CVE-2007-4185
+CVE-2007-4185 (Joomla! 1.0.12 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-4184
+CVE-2007-4184 (SQL injection vulnerability in administrator/popups/pollwindow.php in  ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-4183
+CVE-2007-4183 (SQL injection vulnerability in main.php in paBugs 2.0 Beta 3 and earli ...)
 	NOT-FOR-US: paBugs
-CVE-2007-4182
+CVE-2007-4182 (Unrestricted file upload vulnerability in index.php in WikiWebWeaver 1 ...)
 	NOT-FOR-US: WikiWebWeaver
 CVE-2007-4181
 	NOT-FOR-US: Pluck
 CVE-2007-4180
 	NOT-FOR-US: Pluck
-CVE-2007-4179
+CVE-2007-4179 (Unspecified vulnerability in the Address and Routing Parameter Area (A ...)
 	NOT-FOR-US: HPUX
-CVE-2007-4178
+CVE-2007-4178 (Cross-site scripting (XSS) vulnerability in index.php in WebDirector 2 ...)
 	NOT-FOR-US: Webdirector
-CVE-2007-4177
+CVE-2007-4177 (Multiple cross-site scripting (XSS) vulnerabilities in Interact before ...)
 	NOT-FOR-US: Interact
-CVE-2007-4176
+CVE-2007-4176 (Multiple unspecified vulnerabilities in EQDKP Plus before 0.4.4.5 have ...)
 	NOT-FOR-US: EQDKP Plus
-CVE-2007-4175
+CVE-2007-4175 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Op ...)
 	NOT-FOR-US: Openrat CMS
-CVE-2007-4174
+CVE-2007-4174 (Tor before 0.1.2.16, when ControlPort is enabled, does not properly re ...)
 	- tor 0.1.2.16-1 (medium)
-CVE-2007-4173
+CVE-2007-4173 (SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali  ...)
 	NOT-FOR-US: Hunkaray Okul Portali
-CVE-2007-4172
+CVE-2007-4172 (Multiple cross-site scripting (XSS) vulnerabilities in Open Webmail (O ...)
 	NOT-FOR-US: Openwebmail
-CVE-2007-4171
+CVE-2007-4171 (SQL injection vulnerability in komentar.php in the Forum Module for au ...)
 	NOT-FOR-US: Aura CMS
-CVE-2007-4170
+CVE-2007-4170 (Multiple PHP remote file inclusion vulnerabilities in AL-Athkar 2.0 al ...)
 	NOT-FOR-US: AL-Athkar
 CVE-2007-4169
 	NOT-FOR-US: vgallite
-CVE-2007-4167
+CVE-2007-4167 (PHP remote file inclusion vulnerability in cat_viewed.php in AL-Carica ...)
 	NOT-FOR-US: AL-Caricatier
-CVE-2007-4166
+CVE-2007-4166 (Cross-site scripting (XSS) vulnerability in index.php in the Unnamed t ...)
 	NOT-FOR-US: Xu Yiyang
-CVE-2007-4165
+CVE-2007-4165 (Cross-site scripting (XSS) vulnerability in index.php in the Blue Memo ...)
 	- wordpress <not-affected> (Wordpress doesn't ship this theme)
-CVE-2007-4164
+CVE-2007-4164 (CRLF injection vulnerability in the redirect feature in Sun Java Syste ...)
 	NOT-FOR-US: IndexScript
-CVE-2007-4163
+CVE-2007-4163 (Multiple SQL injection vulnerabilities in IndexScript 2.7 and 2.8 befo ...)
 	NOT-FOR-US: IndexScript
-CVE-2007-4162
+CVE-2007-4162 (TIBCO Rendezvous (RV) 7.5.2 does not protect confidentiality or integr ...)
 	NOT-FOR-US: TIBCO Rendezvous (RV)
-CVE-2007-4161
+CVE-2007-4161 (rvd in TIBCO Rendezvous (RV) 7.5.2, when -no-lead-wc is omitted, might ...)
 	NOT-FOR-US: TIBCO Rendezvous (RV)
-CVE-2007-4160
+CVE-2007-4160 (The default configuration of TIBCO Rendezvous (RV) 7.5.2 clients, when ...)
 	NOT-FOR-US: TIBCO Rendezvous (RV)
-CVE-2007-4159
+CVE-2007-4159 (index.html in the HTTP administration interface in certain daemons in  ...)
 	NOT-FOR-US: TIBCO Rendezvous (RV)
-CVE-2007-4158
+CVE-2007-4158 (Memory leak in TIBCO Rendezvous (RV) daemon (rvd) 7.5.2, 7.5.3 and 7.5 ...)
 	NOT-FOR-US: TIBCO Rendezvous (RV)
-CVE-2007-4157
+CVE-2007-4157 (PHPBlogger stores sensitive information under the web root with insuff ...)
 	NOT-FOR-US: PHPBlogger
-CVE-2007-4156
+CVE-2007-4156 (Multiple SQL injection vulnerabilities in wolioCMS allow remote attack ...)
 	NOT-FOR-US: wolioCMS
-CVE-2007-4155
+CVE-2007-4155 (Absolute path traversal vulnerability in a certain ActiveX control in  ...)
 	- vmware-package 0.16
-CVE-2007-4154
+CVE-2007-4154 (SQL injection vulnerability in options.php in WordPress 2.2.1 allows r ...)
 	{DSA-1564-1}
 	- wordpress 2.2.2-1
-CVE-2007-4153
+CVE-2007-4153 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 ...)
 	{DSA-1564-1}
 	- wordpress 2.2.2-1 (low)
 	NOTE: see issue 4690 and 4691 in wordpress trac
-CVE-2007-4152
+CVE-2007-4152 (The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12. ...)
 	NOT-FOR-US: Visionsoft Audit on Demand Service
-CVE-2007-4151
+CVE-2007-4151 (The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12. ...)
 	NOT-FOR-US: Visionsoft Audit on Demand Service
-CVE-2007-4150
+CVE-2007-4150 (The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12. ...)
 	NOT-FOR-US: Visionsoft Audit on Demand Service
-CVE-2007-4149
+CVE-2007-4149 (The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12. ...)
 	NOT-FOR-US: Visionsoft Audit on Demand Service
-CVE-2007-4148
+CVE-2007-4148 (Heap-based buffer overflow in the Visionsoft Audit on Demand Service ( ...)
 	NOT-FOR-US: Visionsoft Audit on Demand Service
-CVE-2007-4147
+CVE-2007-4147 (Multiple unspecified vulnerabilities in Interspire ArticleLive NX befo ...)
 	NOT-FOR-US: Interspire ArticleLive NX
-CVE-2007-4146
+CVE-2007-4146 (Cross-site scripting (XSS) vulnerability in webevent.cgi in WebEvent 2 ...)
 	NOT-FOR-US: WebEvent
-CVE-2007-4145
+CVE-2007-4145 (Heap-based buffer overflow in the BlueSkychat (BlueSkyCat) ActiveX con ...)
 	NOT-FOR-US: BlueSkychat
-CVE-2007-4144
+CVE-2007-4144 (Cross-site scripting (XSS) vulnerability in sample-forms/simple-contac ...)
 	NOT-FOR-US: MitriDAT eMail Form Processor Pro
-CVE-2007-4143
+CVE-2007-4143 (user.php in the Billing Control Panel in phpCoupon allows remote authe ...)
 	NOT-FOR-US: Billing Control Panel in phpCoupon
-CVE-2007-4142
+CVE-2007-4142 (Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server  ...)
 	NOT-FOR-US: IBM Lotus Sametime Server
-CVE-2007-4141
+CVE-2007-4141 (OpenRat CMS 0.8-beta1 and earlier allows remote attackers to obtain se ...)
 	NOT-FOR-US: OpenRat CMS
-CVE-2007-4140
+CVE-2007-4140 (Buffer overflow in Live for Speed (LFS) S2 ALPHA PATCH 0.5x allows use ...)
 	NOT-FOR-US: Live for Speed
-CVE-2007-4139
+CVE-2007-4139 (Cross-site scripting (XSS) vulnerability in the Temporary Uploads edit ...)
 	NOT-FOR-US: Temporary Uploads
-CVE-2007-4138
+CVE-2007-4138 (The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in ...)
 	- samba 3.0.26-1
 	[etch] - samba <not-affected> (Vulnerable code was introduced in 3.0.25)
 	[sarge] - samba <not-affected> (Vulnerable code was introduced in 3.0.25)
-CVE-2007-4137
+CVE-2007-4137 (Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech  ...)
 	{DSA-1426-1}
 	- qt-x11-free 3:3.3.7-8 (medium; bug #442780)
 	- qt4-x11 <not-affected> (Not exploitable according to upstream)
-CVE-2007-4136
+CVE-2007-4136 (The ricci daemon in Red Hat Conga 0.10.0 allows remote attackers to ca ...)
 	NOT-FOR-US: Conga
-CVE-2007-4135
+CVE-2007-4135 (The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle re ...)
 	- libnfsidmap 0.18-0 (low; bug #442935)
 	NOTE: https://issues.rpath.com/browse/RPL-1731
-CVE-2007-4134
+CVE-2007-4134 (Directory traversal vulnerability in extract.c in star before 1.5a84 a ...)
 	- star 1.5a67-1.1 (bug #440100; low)
 	[etch] - star <no-dsa> (Minor issue)
-CVE-2007-4133
+CVE-2007-4133 (The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions i ...)
 	{DSA-1504-1 DSA-1381-2}
 	- linux-2.6 2.6.20-1
-CVE-2007-4132
+CVE-2007-4132 (Unspecified vulnerability in Red Hat Network Satellite Server 5.0.0 al ...)
 	NOT-FOR-US: Red Hat Satellite Server
-CVE-2007-4131
+CVE-2007-4131 (Directory traversal vulnerability in the contains_dot_dot function in  ...)
 	{DSA-1438-1}
 	- tar 1.18-2 (medium; bug #439335)
-CVE-2007-4130
+CVE-2007-4130 (The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RH ...)
 	- linux-2.6 2.6.12-1 (low)
 	NOTE: a fix is included in 2.6, see line 854 mempolicy.c
 	NOTE: it was maybe fixed earlier, 2.6.12 is the first version in git
 	NOTE: which I can see and ships the fix
-CVE-2007-4129
+CVE-2007-4129 (CoolKey 1.1.0 allows local users to overwrite arbitrary files via a sy ...)
 	- coolkey 1.1.0-3
-CVE-2007-4128
+CVE-2007-4128 (SQL injection vulnerability in index.php in the Firestorm Technologies ...)
 	NOT-FOR-US: com_gmaps for Joomla!
 CVE-2007-4127
 	NOT-FOR-US: Ralf Image Gallery
-CVE-2007-4126
+CVE-2007-4126 (Unspecified vulnerability in the dynamic tracing framework (DTrace) on ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-4125
+CVE-2007-4125 (Unspecified vulnerability in the Address and Routing Parameter Area (A ...)
 	NOT-FOR-US: HP-UX
-CVE-2007-4124
+CVE-2007-4124 (The session failover function in Cosminexus Component Container in Cos ...)
 	NOT-FOR-US: Cosminexus
-CVE-2007-4123
+CVE-2007-4123 (The Groupmax Scheduler_Facilities management tool in Hitachi Groupmax  ...)
 	NOT-FOR-US: Hitachi Groupmax
-CVE-2007-4122
+CVE-2007-4122 (Unspecified vulnerability in Hitachi JP1/Cm2/Hierarchical Viewer (HV)  ...)
 	NOT-FOR-US: Hitachi Hierarchical Viewer
-CVE-2007-4121
+CVE-2007-4121 (Multiple SQL injection vulnerabilities in admin.aspx in E-Commerce Scr ...)
 	NOT-FOR-US: E-Commerce Scripts Shopping Cart Script
 CVE-2007-4120
 	NOT-FOR-US: vBulletin
-CVE-2007-4119
+CVE-2007-4119 (Multiple SQL injection vulnerabilities in yonetici.asp in Berthanas Zi ...)
 	NOT-FOR-US: Defteri
-CVE-2007-4118
+CVE-2007-4118 (PHP remote file inclusion vulnerability in includes/functions.inc.php  ...)
 	NOT-FOR-US: phpVoter
 CVE-2007-4117
 	NOT-FOR-US: phpVoter
@@ -6292,188 +6292,188 @@ CVE-2007-XXXX [teamspeak-server arbitrary file disclosure]
 	- teamspeak-server 2.0.23.19-1 (bug #435707; medium)
 CVE-2007-XXXX [tor insufficient authentication on control port]
 	- tor 0.1.2.16-1
-CVE-2007-4116
+CVE-2007-4116 (SQL injection vulnerability in philboard_forum.asp in Metyus Forum Por ...)
 	NOT-FOR-US: Metyus Forum Portal
-CVE-2007-4115
+CVE-2007-4115 (Multiple cross-site scripting (XSS) vulnerabilities in IT!CMS (itcms)  ...)
 	NOT-FOR-US: IT!CMS (itcms)
-CVE-2007-4114
+CVE-2007-4114 (Multiple SQL injection vulnerabilities in unuttum.asp in SuskunDuygula ...)
 	NOT-FOR-US: SuskunDuygular Uyelik Sistemi
-CVE-2007-4113
+CVE-2007-4113 (Unspecified vulnerability in Advanced Webhost Billing System (AWBS) be ...)
 	NOT-FOR-US: Advanced Webhost Billing System (AWBS)
-CVE-2007-4112
+CVE-2007-4112 (Multiple SQL injection vulnerabilities in Advanced Webhost Billing Sys ...)
 	NOT-FOR-US: Advanced Webhost Billing System (AWBS)
-CVE-2007-4111
+CVE-2007-4111 (SQL injection vulnerability in the login script in Real Estate listing ...)
 	NOT-FOR-US: Real Estate listing website
-CVE-2007-4110
+CVE-2007-4110 (SQL injection vulnerability in sign_in.aspx in Message Board / Threade ...)
 	NOT-FOR-US: Message Board / Threaded Discussion Forum Application Template
-CVE-2007-4109
+CVE-2007-4109 (SQL injection vulnerability in sign_in.aspx in WebStore (Online Store  ...)
 	NOT-FOR-US: WebStore (Online StoreWebStore (Online Store Application Template)
-CVE-2007-4108
+CVE-2007-4108 (SQL injection vulnerability in sign_in.aspx in WebEvents (Online Event ...)
 	NOT-FOR-US: WebEvents (Online Event Registration Template)
-CVE-2007-4107
+CVE-2007-4107 (SQL injection vulnerability in editpost.php in phpMyForum before 4.1.4 ...)
 	NOT-FOR-US: phpMyForum
-CVE-2007-4106
+CVE-2007-4106 (SQL injection vulnerability in login.asp in CodeWidgets Pay Roll - Tim ...)
 	NOT-FOR-US: CodeWidgets Pay Roll - Time Sheet and Punch Card Application With Web Interface
-CVE-2007-4105
+CVE-2007-4105 (A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 ...)
 	NOT-FOR-US: Baidu Soba Search Bar
-CVE-2007-4104
+CVE-2007-4104 (Multiple cross-site scripting (XSS) vulnerabilities in the WP-FeedStat ...)
 	NOT-FOR-US: WP-FeedStats plugin for WordPress
-CVE-2007-4103
+CVE-2007-4103 (The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2. ...)
 	- asterisk 1:1.4.9~dfsg-1
 	[etch] - asterisk <not-affected> (Only 1.2.20, 1.2.21, 1.2.21.1 and 1.2.22 affected)
 	[sarge] - asterisk <not-affected> (1.0 not affected)
-CVE-2007-4102
+CVE-2007-4102 (Cross-site scripting (XSS) vulnerability in search.php for sBlog 0.7.3 ...)
 	NOT-FOR-US: sBlog
-CVE-2007-4101
+CVE-2007-4101 (Multiple PHP remote file inclusion vulnerabilities in Madoa Poll 1.1 a ...)
 	NOT-FOR-US: Madoa Poll
-CVE-2007-4100
+CVE-2007-4100 (MLDonkey before 2.9.0 does not load certain code from $MLDONKEY/web_in ...)
 	- mldonkey 2.9.0-1 (bug #435439)
 	[etch] - mldonkey <no-dsa> (Minor issue)
-CVE-2007-4099
+CVE-2007-4099 (Tor before 0.1.2.15 can select a guard node beyond the first listed ne ...)
 	- tor 0.1.2.15-1
-CVE-2007-4098
+CVE-2007-4098 (Tor before 0.1.2.15 does not properly distinguish "streamids from diff ...)
 	- tor 0.1.2.15-1
-CVE-2007-4097
+CVE-2007-4097 (Tor before 0.1.2.15 sends "destroy cells" containing the reason for te ...)
 	- tor 0.1.2.15-1
-CVE-2007-4096
+CVE-2007-4096 (Buffer overflow in Tor before 0.1.2.15, when using BSD natd support, a ...)
 	- tor 0.1.2.15-1
-CVE-2007-4095
+CVE-2007-4095 (SQL injection vulnerability in BSM Store Dependent Forums 1.02 allows  ...)
 	NOT-FOR-US: BSM Store Dependent Forums
-CVE-2007-4094
+CVE-2007-4094 (PHP remote file inclusion vulnerability in library/authorize.php in ID ...)
 	NOT-FOR-US: IDevSpot PhpHostBot
-CVE-2007-4093
+CVE-2007-4093 (Minb Is Not a Blog (minb) stores sensitive information under the web r ...)
 	NOT-FOR-US: Minb Is Not a Blog (minb)
-CVE-2007-4092
+CVE-2007-4092 (Directory traversal vulnerability in index.php in iFoto 1.0.1 and earl ...)
 	NOT-FOR-US: iFoto
-CVE-2007-4091
+CVE-2007-4091 (Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow  ...)
 	{DSA-1360-1}
 	- rsync 2.6.9-5 (bug #438125; medium)
-CVE-2007-4090
+CVE-2007-4090 (Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1 ...)
 	NOT-FOR-US: Vikingboard
-CVE-2007-4089
+CVE-2007-4089 (Vikingboard 0.1.2 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Vikingboard
-CVE-2007-4088
+CVE-2007-4088 (Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1 ...)
 	NOT-FOR-US: Vikingboard
-CVE-2007-4087
+CVE-2007-4087 (AlstraSoft Video Share Enterprise allows remote attackers to obtain se ...)
 	NOT-FOR-US: AlstraSoft Video Share Enterprise
-CVE-2007-4086
+CVE-2007-4086 (Multiple SQL injection vulnerabilities in AlstraSoft Video Share Enter ...)
 	NOT-FOR-US: AlstraSoft Video Share Enterprise
-CVE-2007-4085
+CVE-2007-4085 (Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow r ...)
 	NOT-FOR-US: AlstraSoft AskMe Pro
-CVE-2007-4084
+CVE-2007-4084 (Multiple SQL injection vulnerabilities in AlstraSoft Affiliate Network ...)
 	NOT-FOR-US: AlstraSoft Affiliate Network
-CVE-2007-4083
+CVE-2007-4083 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft AskM ...)
 	NOT-FOR-US: AlstraSoft AskMe Pro
-CVE-2007-4082
+CVE-2007-4082 (Cross-site scripting (XSS) vulnerability in contact_author.php AlstraS ...)
 	NOT-FOR-US: AlstraSoft Article Manager Pro
-CVE-2007-4081
+CVE-2007-4081 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Affi ...)
 	NOT-FOR-US: AlstraSoft Affiliate Network Pro
-CVE-2007-4080
+CVE-2007-4080 (Cross-site scripting (XSS) vulnerability in index.php AlstraSoft E-Fri ...)
 	NOT-FOR-US: AlstraSoft
-CVE-2007-4079
+CVE-2007-4079 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft SMS  ...)
 	NOT-FOR-US: AlstraSoft
-CVE-2007-4078
+CVE-2007-4078 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Text ...)
 	NOT-FOR-US: AlstraSoft
-CVE-2007-4077
+CVE-2007-4077 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Vide ...)
 	NOT-FOR-US: AlstraSoft
-CVE-2007-4076
+CVE-2007-4076 (Multiple SQL injection vulnerabilities in index.asp in Alisveris Sites ...)
 	NOT-FOR-US: Alisveris Sitesi Scripti
-CVE-2007-4075
+CVE-2007-4075 (Cross-site scripting (XSS) vulnerability in index.asp in Alisveris Sit ...)
 	NOT-FOR-US: Alisveris Sitesi Scripti
-CVE-2007-4074
+CVE-2007-4074 (The default configuration of Centre for Speech Technology Research (CS ...)
 	- festival 1.96~beta-6 (bug #435445; low)
 	[etch] - festival <no-dsa> (Minor issue)
-CVE-2007-4073
+CVE-2007-4073 (Webbler CMS before 3.1.6 does not properly restrict use of "mail a fri ...)
 	NOT-FOR-US: Webbler CMS
-CVE-2007-4072
+CVE-2007-4072 (Webbler CMS before 3.1.6 provides the full installation path within HT ...)
 	NOT-FOR-US: Webbler CMS
-CVE-2007-4071
+CVE-2007-4071 (Multiple cross-site scripting (XSS) vulnerabilities in uploader/index. ...)
 	NOT-FOR-US: Webbler CMS
-CVE-2007-4070
+CVE-2007-4070 (Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun S ...)
 	- lbxproxy <removed>
-CVE-2007-4069
+CVE-2007-4069 (SQL injection vulnerability in show_cat.php in IndexScript 2.8 and ear ...)
 	NOT-FOR-US: IndexScript
-CVE-2007-4068
+CVE-2007-4068 (Multiple SQL injection vulnerabilities in Webyapar 2.0 allow remote at ...)
 	NOT-FOR-US: Webyapar
-CVE-2007-4067
+CVE-2007-4067 (Absolute path traversal vulnerability in the clInetSuiteX6.clWebDav Ac ...)
 	NOT-FOR-US: Clever Internet ActiveX Suite
-CVE-2007-4066
+CVE-2007-4066 (Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow con ...)
 	{DSA-1471-1}
 	- libvorbisidec 1.0.2+svn16259-2 (bug #669196)
 	- libvorbis 1.2.0.dfsg-1
 	NOTE: svn revisionsions fixing this: https://bugzilla.redhat.com/show_bug.cgi?id=249780
-CVE-2007-4065
+CVE-2007-4065 (lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 a ...)
 	{DSA-1471-1}
 	- libvorbisidec 1.0.2+svn16259-2 (bug #669196)
 	- libvorbis 1.2.0.dfsg-1
 	NOTE: Just an infinite loop in an enduser multimedia libarary, not treated as a vulnerability
 	NOTE: svn revisionions fixing this: https://bugzilla.redhat.com/show_bug.cgi?id=249780
-CVE-2007-4064
+CVE-2007-4064 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x befo ...)
 	- drupal 4.7.7-1 (low)
 	- drupal5 5.2-1 (low)
 	[sarge] - drupal <not-affected> (Only Drupal 5.x is affected)
-CVE-2007-4063
+CVE-2007-4063 (Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5 ...)
 	- drupal5 5.2-1 (low)
 	NOTE: DRUPAL-SA-2007-017
-CVE-2007-4062
+CVE-2007-4062 (The SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll in Nessus Vuln ...)
 	- nessus-core <not-affected> (Windows only)
-CVE-2007-4061
+CVE-2007-4061 (Directory traversal vulnerability in a certain ActiveX control in Ness ...)
 	- nessus-core <not-affected> (Windows only)
-CVE-2007-4060
+CVE-2007-4060 (Multiple buffer overflows in the HttpSprockMake function in http.c in  ...)
 	NOT-FOR-US: corehttp
-CVE-2007-4059
+CVE-2007-4059 (Absolute path traversal vulnerability in a certain ActiveX control in  ...)
 	- vmware-package 0.16
-CVE-2007-4058
+CVE-2007-4058 (Absolute path traversal vulnerability in a certain ActiveX control in  ...)
 	- vmware-package 0.16
-CVE-2007-4057
+CVE-2007-4057 (Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio  ...)
 	NOT-FOR-US: Neocrome Seditio
-CVE-2007-4056
+CVE-2007-4056 (SQL injection vulnerability in directory.php in Prozilla Adult Directo ...)
 	NOT-FOR-US: Adult Directory
-CVE-2007-4055
+CVE-2007-4055 (SQL injection vulnerability in comments_get.asp in SimpleBlog 3.0 allo ...)
 	NOT-FOR-US: SimpleBlog
-CVE-2007-4054
+CVE-2007-4054 (SQL injection vulnerability in category.php in PHP123 Top Sites allows ...)
 	NOT-FOR-US: PHP123 Top Sites
-CVE-2007-4053
+CVE-2007-4053 (SQL injection vulnerability in include/img_view.class.php in LinPHA 1. ...)
 	NOT-FOR-US: LinPHA
-CVE-2007-4052
+CVE-2007-4052 (Cross-site scripting (XSS) vulnerability in utilities/login.asp in nuk ...)
 	NOT-FOR-US: nukedit
-CVE-2007-4051
+CVE-2007-4051 (Heap-based buffer overflow in the FindFiles function in UltraDefrag 1. ...)
 	NOT-FOR-US: UltraDefrag
-CVE-2007-4050
+CVE-2007-4050 (Unspecified vulnerability in WebUI in ADempiere Bazaar before 3.3 beta ...)
 	NOT-FOR-US: ADempiere Bazaar
 CVE-2007-4049
 	REJECTED
-CVE-2007-4048
+CVE-2007-4048 (Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2. ...)
 	{DTSA-58-1}
 	- phpsysinfo 2.5.1-6.1 (unimportant; bug #435935)
 	- phpgroupware 0.9.16.012-1 (low; bug #435936; bug #472685)
 	[etch] - phpgroupware <not-affected> (Affected code is not used in phpgroupware)
 	- egroupware 1.2.107-2.dfsg-1.1 (low; bug #435937)
 	NOTE: phpsysinfo alone doesn't maintain any data, which makes this an issue
-CVE-2007-4047
+CVE-2007-4047 (geoBlog (aka BitDamaged) 1 does not require authentication for (1) del ...)
 	NOT-FOR-US: geoBlog
-CVE-2007-4046
+CVE-2007-4046 (SQL injection vulnerability in index.php in the Pony Gallery (com_pony ...)
 	NOT-FOR-US: Pony Gallery
-CVE-2007-4045
+CVE-2007-4045 (The CUPS service, as used in SUSE Linux before 20070720 and other Linu ...)
 	- cupsys 1.2
 	- cups 1.2
 	NOTE: Since 1.2 allocation has changed and this issue is no longer exploitable
 CVE-2007-4044
 	REJECTED
-CVE-2007-4043
+CVE-2007-4043 (file.cgi in Secure Computing SecurityReporter (aka Network Security An ...)
 	NOT-FOR-US: Secure Computing SecurityReporter
-CVE-2007-4042
+CVE-2007-4042 (Multiple argument injection vulnerabilities in Netscape Navigator 9 al ...)
 	NOT-FOR-US: Netscape Navigator
-CVE-2007-4041
+CVE-2007-4041 (Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 ...)
 	{DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1}
 	- iceweasel 2.0.0.6-1
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5-1
-CVE-2007-4040
+CVE-2007-4040 (Argument injection vulnerability involving Microsoft Outlook and Outlo ...)
 	NOT-FOR-US: Micrsoft Outlook
-CVE-2007-4039
+CVE-2007-4039 (Argument injection vulnerability involving Mozilla, when certain URIs  ...)
 	- icedove <not-affected> (Windows-specific)
-CVE-2007-4038
+CVE-2007-4038 (Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, wh ...)
 	{DSA-1338-1}
 	- iceweasel 2.0.0.5-1
 CVE-2007-4037
@@ -6482,92 +6482,92 @@ CVE-2007-4036
 	NOT-FOR-US: Guidance Software
 CVE-2007-4035
 	NOT-FOR-US: Guidance Software
-CVE-2007-4034
+CVE-2007-4034 (Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! Ins ...)
 	NOT-FOR-US: Yahoo! Widgets
-CVE-2007-4033
+CVE-2007-4033 (Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/ ...)
 	{DSA-1390-1}
 	- t1lib 5.1.0-3 (bug #439927)
 	NOTE: originally posted as a php vuln, actually in libt1
 	NOTE: http://www.securityfocus.com/bid/25079 (particularly the discussions)
-CVE-2007-4032
+CVE-2007-4032 (Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote  ...)
 	NOT-FOR-US: CrystalPlayer
-CVE-2007-4031
+CVE-2007-4031 (Directory traversal vulnerability in a certain ActiveX control in Ness ...)
 	NOT-FOR-US: Nessus ActiveX control
 CVE-2007-4030
 	RESERVED
-CVE-2007-4029
+CVE-2007-4029 (libvorbis 1.1.2, and possibly other versions before 1.2.0, allows cont ...)
 	{DSA-1471-1}
 	- libvorbisidec 1.0.2+svn16259-2 (bug #669196)
 	- libvorbis 1.2.0.dfsg-1 (medium; bug #437916)
 	NOTE: svn revisions fixing this https://bugzilla.redhat.com/show_bug.cgi?id=249780
-CVE-2007-4028
+CVE-2007-4028 (Absolute path traversal vulnerability in index.php in Webspell 4.01.02 ...)
 	NOT-FOR-US: WebSPELL
-CVE-2007-4027
+CVE-2007-4027 (Buffer overflow in cli32 in Areca CLI 1.72.250 and earlier might allow ...)
 	NOT-FOR-US: Areca
-CVE-2007-4026
+CVE-2007-4026 (epesi framework before 0.8.6 does not properly verify file extensions, ...)
 	NOT-FOR-US: epesi
-CVE-2007-4025
+CVE-2007-4025 (Unspecified vulnerability in Sun Java System (SJS) Application Server  ...)
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2007-4024
+CVE-2007-4024 (Cross-site scripting (XSS) vulnerability in W1L3D4_aramasonuc.asp in W ...)
 	NOT-FOR-US: W1L3D4
-CVE-2007-4023
+CVE-2007-4023 (Cross-site scripting (XSS) vulnerability in the login CGI program in A ...)
 	NOT-FOR-US: Aruba Mobility Controller
-CVE-2007-4022
+CVE-2007-4022 (Cross-site scripting (XSS) vulnerability in frontend/x/htaccess/change ...)
 	NOT-FOR-US: cPanel
-CVE-2007-4021
+CVE-2007-4021 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in Br ...)
 	NOT-FOR-US: Brain Book Software Secure
-CVE-2007-4020
+CVE-2007-4020 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in Ad ...)
 	NOT-FOR-US: AdMan
 CVE-2007-4019
 	REJECTED
 CVE-2007-5645
 	REJECTED
-CVE-2007-4018
+CVE-2007-4018 (Citrix Access Gateway Advanced Edition before firmware 4.5.5 allows at ...)
 	NOT-FOR-US: Citrix
-CVE-2007-4017
+CVE-2007-4017 (Cross-site request forgery (CSRF) vulnerability in the web-based admin ...)
 	NOT-FOR-US: Citrix
-CVE-2007-4016
+CVE-2007-4016 (Unspecified vulnerability in the client components in Citrix Access Ga ...)
 	NOT-FOR-US: Citrix
 CVE-2007-4015
 	REJECTED
-CVE-2007-4014
+CVE-2007-4014 (Cross-site scripting (XSS) vulnerability in a certain index.php instal ...)
 	NOT-FOR-US: Blix themes for WordPress
-CVE-2007-4013
+CVE-2007-4013 (Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka Net6La ...)
 	NOT-FOR-US: Citrix
-CVE-2007-4012
+CVE-2007-4012 (Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wirele ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4011
+CVE-2007-4011 (Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wirele ...)
 	NOT-FOR-US: Cisco
-CVE-2007-4010
+CVE-2007-4010 (The win32std extension in PHP 5.2.3 does not follow safe_mode and disa ...)
 	- php5 <not-affected> (Windows-specific issue)
-CVE-2007-4009
+CVE-2007-4009 (PHP remote file inclusion vulnerability in admin/business_inc/saveserv ...)
 	NOT-FOR-US: SWSoft Confixx
-CVE-2007-4008
+CVE-2007-4008 (Directory traversal vulnerability in custom.php in Entertainment Media ...)
 	NOT-FOR-US: Entertainment CMS
-CVE-2007-4007
+CVE-2007-4007 (PHP remote file inclusion vulnerability in index.php in Article Direct ...)
 	NOT-FOR-US: Article Directory
-CVE-2007-4006
+CVE-2007-4006 (Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has unkno ...)
 	NOT-FOR-US: Mike Dubman Windows RSH daemon
-CVE-2007-4005
+CVE-2007-4005 (Stack-based buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1 ...)
 	NOT-FOR-US: Mike Dubman Windows RSH daemon
-CVE-2007-4004
+CVE-2007-4004 (Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-4003
+CVE-2007-4003 (pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code ...)
 	NOT-FOR-US: IBM AIX
 CVE-2007-4002
 	RESERVED
 CVE-2007-4001
 	RESERVED
-CVE-2007-4000
+CVE-2007-4000 (The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy. ...)
 	- krb5 1.6.dfsg.1-7 (high)
 	[etch] - krb5 <not-affected> (Vulnerable code not present)
 	[sarge] - krb5 <not-affected> (Vulnerable code not present)
-CVE-2007-3999
+CVE-2007-3999 (Stack-based buffer overflow in the svcauth_gss_validate function in li ...)
 	{DSA-1368-1 DSA-1367-1}
 	- librpcsecgss 0.14-3
 	- krb5 1.6.dfsg.1-7 (high)
 	[sarge] - krb5 <not-affected> (Vulnerable code not present)
-CVE-2007-3998
+CVE-2007-3998 (The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, d ...)
 	{DSA-1578-1 DSA-1444-1 DTSA-61-1}
 	- php5 5.2.4-1 (low)
 	- php4 <removed> (low)
@@ -6577,11 +6577,11 @@ CVE-2007-3998
 	NOTE: so maybe this is already fixed in 5.2.3, not sure
 	NOTE: fixed in php5/etch svn
 	NOTE: http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.63&r2=1.445.2.14.2.64
-CVE-2007-3997
+CVE-2007-3997 (The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP ...)
 	- php5 5.2.4-1 (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: only exploitable by malicious script
-CVE-2007-3996
+CVE-2007-3996 (Multiple integer overflows in libgd in PHP before 5.2.4 allow remote a ...)
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (bug #443456; medium)
 	- libwmf <unfixed> (unimportant)
@@ -6593,178 +6593,178 @@ CVE-2007-3995
 	RESERVED
 CVE-2007-3994
 	RESERVED
-CVE-2007-3993
+CVE-2007-3993 (Unspecified vulnerability in the attachment filter in Kerio MailServer ...)
 	NOT-FOR-US: Kerio MailServer
-CVE-2007-3992
+CVE-2007-3992 (SQL injection vulnerability in vir_login.asp in iExpress Property Pro  ...)
 	NOT-FOR-US: iExpress Property Pro
-CVE-2007-3991
+CVE-2007-3991 (Multiple cross-site scripting (XSS) vulnerabilities in cv.asp in Asp c ...)
 	NOT-FOR-US: Asp cvmatik
-CVE-2007-3990
+CVE-2007-3990 (SQL injection vulnerability in default.asp in Dora Emlak 1.0, when the ...)
 	NOT-FOR-US: Dora Emlak
-CVE-2007-3989
+CVE-2007-3989 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in  ...)
 	NOT-FOR-US: Dora Emlak
-CVE-2007-3988
+CVE-2007-3988 (Session fixation vulnerability in Virtual Hosting Control System (VHCS ...)
 	NOT-FOR-US: Virtual Hosting Control System
-CVE-2007-3987
+CVE-2007-3987 (SQL injection vulnerability in SearchResults.asp in ImageRacer 1.0, wh ...)
 	NOT-FOR-US: ImageRacer
-CVE-2007-3986
+CVE-2007-3986 (file.cgi in Secure Computing SecurityReporter (aka Network Security An ...)
 	NOT-FOR-US: Secure Computing SecurityReporter
-CVE-2007-3985
+CVE-2007-3985 (Directory traversal vulnerability in file.cgi in Secure Computing Secu ...)
 	NOT-FOR-US: Secure Computing SecurityReporter
-CVE-2007-3984
+CVE-2007-3984 (Buffer overflow in a certain ActiveX control in the NixonMyPrograms cl ...)
 	NOT-FOR-US: Zenturi ProgramChecker
-CVE-2007-3983
+CVE-2007-3983 (Absolute path traversal vulnerability in the Data Dynamics DDActiveRep ...)
 	NOT-FOR-US: ActiveReports
-CVE-2007-3982
+CVE-2007-3982 (Absolute path traversal vulnerability in the Data Dynamics ActiveRepor ...)
 	NOT-FOR-US: ActiveReports
-CVE-2007-3981
+CVE-2007-3981 (SQL injection vulnerability in index.php in WSN Links Basic Edition al ...)
 	NOT-FOR-US: WSN Links
-CVE-2007-3980
+CVE-2007-3980 (PHP remote file inclusion vulnerability in page.php in RCMS Pro RGameS ...)
 	NOT-FOR-US: RCMS Pro RGameScript Pro
-CVE-2007-3979
+CVE-2007-3979 (SQL injection vulnerability in index.php in BlogSite Professional (aka ...)
 	NOT-FOR-US: BlogSite Professional
-CVE-2007-3978
+CVE-2007-3978 (Session fixation vulnerability in bwired allows remote attackers to hi ...)
 	NOT-FOR-US: bwired
-CVE-2007-3977
+CVE-2007-3977 (Cross-site scripting (XSS) vulnerability in bwired allows remote attac ...)
 	NOT-FOR-US: bwired
-CVE-2007-3976
+CVE-2007-3976 (SQL injection vulnerability in index.php in bwired allows remote attac ...)
 	NOT-FOR-US: bwired
-CVE-2007-3975
+CVE-2007-3975 (Cross-site scripting (XSS) vulnerability in index.php in Elite Forum 1 ...)
 	NOT-FOR-US: Elite Forum
-CVE-2007-3974
+CVE-2007-3974 (admin/ajoutaut.php in JBlog 1.0 does not require authentication, which ...)
 	NOT-FOR-US: JBlog
-CVE-2007-3973
+CVE-2007-3973 (Multiple cross-site scripting (XSS) vulnerabilities in JBlog 1.0 allow ...)
 	NOT-FOR-US: JBlog
-CVE-2007-3972
+CVE-2007-3972 (ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a  ...)
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2007-3971
+CVE-2007-3971 (Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote a ...)
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2007-3970
+CVE-2007-3970 (Race condition in ESET NOD32 Antivirus before 2.2289 allows remote att ...)
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2007-3969
+CVE-2007-3969 (Buffer overflow in Panda Antivirus before 20070720 allows remote attac ...)
 	NOT-FOR-US: Panda Antivirus
-CVE-2007-3968
+CVE-2007-3968 (index.php in dirLIST before 0.1.1 allows remote attackers to list the  ...)
 	NOT-FOR-US: dirLIST
-CVE-2007-3967
+CVE-2007-3967 (Directory traversal vulnerability in index.php in PHP Directory Lister ...)
 	NOT-FOR-US: dirLIST
-CVE-2007-3966
+CVE-2007-3966 (SQL injection vulnerability in Munch Pro allows remote attackers to ex ...)
 	NOT-FOR-US: Munch Pro
-CVE-2007-3965
+CVE-2007-3965 (Unspecified vulnerability in uFMOD before 1.2.5 has unknown impact and ...)
 	NOT-FOR-US: uFMOD
-CVE-2007-3964
+CVE-2007-3964 (Itaka before 0.2.1, when using Authentication mode, allows remote atta ...)
 	NOT-FOR-US: Itaka
-CVE-2007-3963
+CVE-2007-3963 (Multiple cross-site scripting (XSS) vulnerabilities in UseBB 1.0.7, an ...)
 	NOT-FOR-US: UseBB
-CVE-2007-3962
+CVE-2007-3962 (Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 ...)
 	NOT-FOR-US: fsplib, vulnerable code not present in lib.c from fsp source package
-CVE-2007-3961
+CVE-2007-3961 (Off-by-one error in the fsp_readdir_r function in fsplib.c in fsplib b ...)
 	NOT-FOR-US: fsplib, vulnerable code not present in lib.c from fsp source package
-CVE-2007-3960
+CVE-2007-3960 (Multiple unspecified vulnerabilities in IBM WebSphere Application Serv ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2007-3959
+CVE-2007-3959 (The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably earlier  ...)
 	NOT-FOR-US: Ipswitch Collaboration Suite (ICS)
-CVE-2007-3958
+CVE-2007-3958 (Microsoft Windows Explorer (explorer.exe) allows user-assisted remote  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3957
+CVE-2007-3957 (Buffer overflow in Nipun Jain xserver 0.1 alpha allows remote attacker ...)
 	NOT-FOR-US: Nipun Jain xserver
-CVE-2007-3956
+CVE-2007-3956 (TeamSpeak WebServer 2.0 for Windows does not validate parameter value  ...)
 	- teamspeak-server 2.0.23.19-1 (bug #435707)
-CVE-2007-3955
+CVE-2007-3955 (Buffer overflow in the IEToolbar.IEContextMenu.1 ActiveX control in Li ...)
 	NOT-FOR-US: LinkedIn Toolbar
-CVE-2007-3954
+CVE-2007-3954 (Argument injection vulnerability in Microsoft Internet Explorer, when  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3953
+CVE-2007-3953 (The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote atta ...)
 	NOT-FOR-US: Norman Antivirus
-CVE-2007-3952
+CVE-2007-3952 (The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote atta ...)
 	NOT-FOR-US: Norman Antivirus
-CVE-2007-3951
+CVE-2007-3951 (Multiple buffer overflows in Norman Antivirus 5.90 allow remote attack ...)
 	NOT-FOR-US: Norman Antivirus
-CVE-2007-3950
+CVE-2007-3950 (lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers ...)
 	{DSA-1362-1}
 	- lighttpd 1.4.16-1 (bug #434888)
-CVE-2007-3949
+CVE-2007-3949 (mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters  ...)
 	{DSA-1362-1}
 	- lighttpd 1.4.16-1 (bug #434888)
-CVE-2007-3948
+CVE-2007-3948 (connections.c in lighttpd before 1.4.16 might accept more connections  ...)
 	- lighttpd 1.4.16-1 (low; bug #434888)
-CVE-2007-3947
+CVE-2007-3947 (request.c in lighttpd 1.4.15 allows remote attackers to cause a denial ...)
 	{DSA-1362-1}
 	- lighttpd 1.4.16-1 (bug #428368)
 	[etch] - libghttpd <no-dsa> (Accidentally omitted in DSA, but doesn't warrant another update itself)
-CVE-2007-3946
+CVE-2007-3946 (mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote attacke ...)
 	{DSA-1362-1}
 	- lighttpd 1.4.16-1 (bug #434888)
-CVE-2007-3945
+CVE-2007-3945 (Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly u ...)
 	NOT-FOR-US: Rule Set Based Access Control (RSBAC)
-CVE-2007-3944
+CVE-2007-3944 (Multiple heap-based buffer overflows in the Perl Compatible Regular Ex ...)
 	NOT-FOR-US: MobileSafari
-CVE-2007-3943
+CVE-2007-3943 (SQL injection vulnerability in Infinite Responder before 1.48 allows r ...)
 	NOT-FOR-US: Infinite Responder
 CVE-2007-3942
 	NOT-FOR-US: Simple Machines Forum
-CVE-2007-3941
+CVE-2007-3941 (Cross-site scripting (XSS) vulnerability in profile.php in Jasmine CMS ...)
 	NOT-FOR-US: Jasmine CMS
-CVE-2007-3940
+CVE-2007-3940 (Cross-site scripting (XSS) vulnerability in default.asp in QuickerSite ...)
 	NOT-FOR-US: QuickerSite
-CVE-2007-3939
+CVE-2007-3939 (SQL injection vulnerability in index.php in SpoonLabs Vivvo Article Ma ...)
 	NOT-FOR-US: Vivvo Article Management CMS
-CVE-2007-3938
+CVE-2007-3938 (SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0. ...)
 	NOT-FOR-US: MAXdev MDPro (MD-Pro)
-CVE-2007-3937
+CVE-2007-3937 (Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier allo ...)
 	NOT-FOR-US: A-shop
-CVE-2007-3936
+CVE-2007-3936 (Directory traversal vulnerability in admin/filebrowser.asp in A-shop 0 ...)
 	NOT-FOR-US: A-shopA-shop
-CVE-2007-3935
+CVE-2007-3935 (PHP remote file inclusion vulnerability in link_main.php in the SupaNa ...)
 	NOT-FOR-US: SupaNav
-CVE-2007-3934
+CVE-2007-3934 (PHP remote file inclusion vulnerability in postscript/postscript.php i ...)
 	NOT-FOR-US: BBS E-Market
-CVE-2007-3933
+CVE-2007-3933 (SQL injection vulnerability in insertorder.cfm in QuickEStore 8.2 and  ...)
 	NOT-FOR-US: QuickEStore
-CVE-2007-3932
+CVE-2007-3932 (uploadimg.php in the Expose RC35 and earlier (com_expose) component fo ...)
 	NOT-FOR-US: Expose RC35 for Joomla
-CVE-2007-3931
+CVE-2007-3931 (The wrap_setuid_third_party_application function in the installation s ...)
 	NOT-FOR-US: Samsung SCX-4200 Driver installation script
-CVE-2007-3930
+CVE-2007-3930 (Interpretation conflict between Microsoft Internet Explorer and DocuWi ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3929
+CVE-2007-3929 (Use-after-free vulnerability in the BitTorrent support in Opera before ...)
 	NOT-FOR-US: Opera
-CVE-2007-3928
+CVE-2007-3928 (Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote au ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-3927
+CVE-2007-3927 (Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 ...)
 	NOT-FOR-US: Ipswitch IMail Server
-CVE-2007-3926
+CVE-2007-3926 (Ipswitch IMail Server 2006 before 2006.21 allows remote attackers to c ...)
 	NOT-FOR-US: Ipswitch IMail Server
-CVE-2007-3925
+CVE-2007-3925 (Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitc ...)
 	NOT-FOR-US: Ipswitch IMail Server
-CVE-2007-3924
+CVE-2007-3924 (Argument injection vulnerability in Microsoft Internet Explorer, when  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3923
+CVE-2007-3923 (The Common Internet File System (CIFS) optimization in Cisco Wide Area ...)
 	NOT-FOR-US: Cisco
-CVE-2007-3922
+CVE-2007-3922 (Unspecified vulnerability in the Java Runtime Environment (JRE) Applet ...)
 	- sun-java5 1.5.0-12-2
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- sun-java6 6-02-1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-3921
+CVE-2007-3921 (gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files v ...)
 	{DSA-1402-1}
 	- gforge 4.6.99+svn6169-1
-CVE-2007-3920
+CVE-2007-3920 (GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not ...)
 	{DTSA-75-1}
 	[etch] - gnome-screensaver <not-affected> (Affected Compiz not present in Etch version)
 	[etch] - xorg-server <not-affected> (Affected Compiz not present in Etch version)
 	- gnome-screensaver 2.20.0-1.1
 	- xorg-server 2:1.4.1~git20080118-1 (bug #449108; medium)
-CVE-2007-3919
+CVE-2007-3919 ((1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local user ...)
 	{DSA-1395-1}
 	- xen-unstable 3.0-unstable+hg11561-1 (low; bug #464044)
 	- xen-3 3.1.2-1 (low)
-CVE-2007-3918
+CVE-2007-3918 (Cross-site scripting (XSS) vulnerability in account/verify.php in GFor ...)
 	{DSA-1383-1}
 	- gforge 4.6.99+svn6094-1
-CVE-2007-3917
+CVE-2007-3917 (The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before  ...)
 	{DSA-1386-1}
 	- wesnoth 1.2.7-1
-CVE-2007-3916
+CVE-2007-3916 (The main function in skkdic-expr.c in SKK Tools 1.2 allows local users ...)
 	- skktools 1.2+0.20061004-3 (low)
 	[sarge] - skktools <no-dsa> (Minor issue)
 	[etch] - skktools <no-dsa> (Minor issue)
@@ -6773,76 +6773,76 @@ CVE-2007-3915 [mondo insecure handling of temporary files]
 	- mondo 2.24-2 (low)
 CVE-2007-3914
 	RESERVED
-CVE-2007-3913
+CVE-2007-3913 (SQL injection vulnerability in Gforge before 3.1 allows remote attacke ...)
 	{DSA-1369-1 DTSA-57-1}
 	- gforge 4.6.99+svn6086-1
-CVE-2007-3912
+CVE-2007-3912 (checkrestart in debian-goodies before 0.34 allows local users to gain  ...)
 	{DSA-1527-1}
 	- debian-goodies 0.34 (bug #440411; medium)
-CVE-2007-3911
+CVE-2007-3911 (Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka sche ...)
 	NOT-FOR-US: BakBone NetVault Reporter
-CVE-2007-3910
+CVE-2007-3910 (Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4 allows re ...)
 	- bandersnatch <removed> (low; bug #435709)
-CVE-2007-3909
+CVE-2007-3909 (Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow remot ...)
 	- bandersnatch <removed> (low; bug #435709)
-CVE-2007-3908
+CVE-2007-3908 (Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat Ent ...)
 	NOT-FOR-US: HP ServiceGuard
-CVE-2007-3907
+CVE-2007-3907 (Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through 1.2.6 ...)
 	NOT-FOR-US: LedgerSMB
-CVE-2007-3906
+CVE-2007-3906 (Unspecified vulnerability in Kaspersky Anti-Virus for Check Point Fire ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2007-3905
+CVE-2007-3905 (SQL injection vulnerability in Zoph before 0.7.0.1 might allow remote  ...)
 	{DSA-1389-2 DSA-1389-1}
 	- zoph 0.7.0.2-1 (bug #435711)
 CVE-2007-3904
 	REJECTED
-CVE-2007-3903
+CVE-2007-3903 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3902
+CVE-2007-3902 (Use-after-free vulnerability in the CRecalcProperty function in mshtml ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3901
+CVE-2007-3901 (Stack-based buffer overflow in the DirectShow Synchronized Accessible  ...)
 	NOT-FOR-US: Microsoft DirectX
 CVE-2007-3900
 	REJECTED
-CVE-2007-3899
+CVE-2007-3899 (Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, a ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2007-3898
+CVE-2007-3898 (The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-3897
+CVE-2007-3897 (Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, ...)
 	NOT-FOR-US: Outlook Express
-CVE-2007-3896
+CVE-2007-3896 (The URL handling in Shell32.dll in the Windows shell in Microsoft Wind ...)
 	NOT-FOR-US: Windows
-CVE-2007-3895
+CVE-2007-3895 (Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 throu ...)
 	NOT-FOR-US: Microsoft DirectX
 CVE-2007-3894
 	REJECTED
-CVE-2007-3893
+CVE-2007-3893 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 through  ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2007-3892
+CVE-2007-3892 (Microsoft Internet Explorer 5.01 through 7 allows remote attackers to  ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2007-3891
+CVE-2007-3891 (Unspecified vulnerability in Windows Vista Weather Gadgets in Windows  ...)
 	NOT-FOR-US: Windows Vista
-CVE-2007-3890
+CVE-2007-3890 (Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, an ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3889
+CVE-2007-3889 (Multiple SQL injection vulnerabilities in Insanely Simple Blog 0.5 and ...)
 	NOT-FOR-US: Insanely Simple Blog
-CVE-2007-3888
+CVE-2007-3888 (Multiple cross-site scripting (XSS) vulnerabilities in Insanely Simple ...)
 	NOT-FOR-US: Insanely Simple Blog
-CVE-2007-3887
+CVE-2007-3887 (Multiple cross-site scripting (XSS) vulnerabilities in mesaj_formu.asp ...)
 	NOT-FOR-US: ASP Ziyaretci Defteri
-CVE-2007-3886
+CVE-2007-3886 (Cross-site scripting (XSS) vulnerability in default.asp in Element CMS ...)
 	NOT-FOR-US: Element CMS
-CVE-2007-3885
+CVE-2007-3885 (Cross-site scripting (XSS) vulnerability in philboard_search.asp in hu ...)
 	NOT-FOR-US: husrevforum
-CVE-2007-3884
+CVE-2007-3884 (SQL injection vulnerability in philboard_forum.asp in husrevforum 1.0. ...)
 	NOT-FOR-US: husrevforum
-CVE-2007-3883
+CVE-2007-3883 (The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.2 and earl ...)
 	NOT-FOR-US: Data Dynamics ActiveBar ActiveX control
-CVE-2007-3882
+CVE-2007-3882 (SQL injection vulnerability in index.php in Expert Advisor allows remo ...)
 	NOT-FOR-US: Expert Advisor
-CVE-2007-3881
+CVE-2007-3881 (SQL injection vulnerability in index.php in Pictures Rating (Picture R ...)
 	NOT-FOR-US: Pictures Rating
-CVE-2007-3880
+CVE-2007-3880 (Format string vulnerability in srsexec in Sun Remote Services (SRS) Ne ...)
 	NOT-FOR-US: Net Connect
 CVE-2007-3879
 	RESERVED
@@ -6850,187 +6850,187 @@ CVE-2007-3878
 	RESERVED
 CVE-2007-3877
 	RESERVED
-CVE-2007-3876
+CVE-2007-3876 (Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows lo ...)
 	NOT-FOR-US: SMB (Apple Mac OS X)
-CVE-2007-3875
+CVE-2007-3875 (arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) ...)
 	NOT-FOR-US: CA Anti-Virus
-CVE-2007-3874
+CVE-2007-3874 (Directory traversal vulnerability in the tftp/mftp daemon in the PXE s ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2007-3873
+CVE-2007-3873 (Stack-based buffer overflow in vstlib32.dll 1.2.0.1012 in the SSAPI En ...)
 	NOT-FOR-US: SSAPI Engine
-CVE-2007-3872
+CVE-2007-3872 (Multiple stack-based buffer overflows in the Shared Trace Service (OVT ...)
 	NOT-FOR-US: HP OpenView
-CVE-2007-3871
+CVE-2007-3871 (Stampit Web uses guessable id values for online stamp purchases, which ...)
 	NOT-FOR-US: Stampit
 CVE-2007-XXXX [dokuwiki XSS in spellchecker]
 	- dokuwiki 0.0.20070626b-1 (unimportant; bug #434134)
 	NOTE: IE browser bug are not treated as security issues in packages applications
-CVE-2007-3870
+CVE-2007-3870 (Multiple unspecified vulnerabilities in the Human Capital Management c ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3869
+CVE-2007-3869 (Multiple unspecified vulnerabilities in the Customer Relationship Mana ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3868
+CVE-2007-3868 (Multiple unspecified vulnerabilities in PeopleTools in Oracle PeopleSo ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3867
+CVE-2007-3867 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.1 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3866
+CVE-2007-3866 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.1 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3865
+CVE-2007-3865 (Unspecified vulnerability in the Oracle Customer Intelligence componen ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3864
+CVE-2007-3864 (Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10. ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3863
+CVE-2007-3863 (Unspecified vulnerability in Oracle JDeveloper for Application Server  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3862
+CVE-2007-3862 (Unspecified vulnerability in Oracle Application Server 9.0.4.3 and 10. ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3861
+CVE-2007-3861 (Unspecified vulnerability in Oracle Jdeveloper in Oracle Application S ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3860
+CVE-2007-3860 (Unspecified vulnerability in Oracle Application Express (formerly Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3859
+CVE-2007-3859 (Unspecified vulnerability in the Oracle Internet Directory component f ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3858
+CVE-2007-3858 (Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 allow ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3857
+CVE-2007-3857 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 allow ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3856
+CVE-2007-3856 (Unspecified vulnerability in the Oracle Data Mining component for Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3855
+CVE-2007-3855 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2. ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3854
+CVE-2007-3854 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2. ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3853
+CVE-2007-3853 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 1 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3852
+CVE-2007-3852 (The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates /tmp ...)
 	- sysstat <not-affected> (We have our own init script not prone to this vulnerability)
-CVE-2007-3851
+CVE-2007-3851 (The drm/i915 component in the Linux kernel before 2.6.22.2, when used  ...)
 	{DSA-1356-1}
 	- linux-2.6 2.6.22-4
-CVE-2007-3850
+CVE-2007-3850 (The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on Pow ...)
 	- linux-2.6 <not-affected> (Debian's kernel doesn't enable CONFIG_PPC_64K_PAGES)
-CVE-2007-3849
+CVE-2007-3849 (Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intru ...)
 	NOT-FOR-US: RedHat Advanced Intrusion Detection Environment
-CVE-2007-3848
+CVE-2007-3848 (Linux kernel 2.4.35 and other versions allows local users to send arbi ...)
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1356-1}
 	- linux-2.6 2.6.22-4
-CVE-2007-3847
+CVE-2007-3847 (The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Ap ...)
 	- apache2 2.2.6-1 (bug #441845; low)
 	[etch] - apache2 2.2.3-4+etch3 (bug #441845; low)
 	- apache <removed> (unimportant)
 	NOTE: Apache 1.3 is non-threaded, therefore unimportant
-CVE-2007-3846
+CVE-2007-3846 (Directory traversal vulnerability in Subversion before 1.4.5, as used  ...)
 	NOT-FOR-US: TortoiseSVN on Windows
-CVE-2007-3845
+CVE-2007-3845 (Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x be ...)
 	{DSA-1391-1 DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1 DTSA-71-1}
 	- iceweasel 2.0.0.6-1 (medium)
 	- xulrunner 1.8.1.6-1 (medium)
 	- iceape 1.1.3-2 (medium)
 	- icedove 2.0.0.6-1 (medium)
 	NOTE: MFSA2007-27
-CVE-2007-3844
+CVE-2007-3844 (Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and  ...)
 	{DSA-1391-1 DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1 DTSA-52-1 DTSA-53-1 DTSA-71-1}
 	- iceweasel 2.0.0.6-1 (medium)
 	- xulrunner 1.8.1.6-1 (medium)
 	- iceape 1.1.3-2 (medium)
 	- icedove 2.0.0.6-1 (medium)
 	NOTE: MFSA2007-26
-CVE-2007-3843
+CVE-2007-3843 (The Linux kernel before 2.6.23-rc1 checks the wrong global variable fo ...)
 	{DSA-1363-1}
 	- linux-2.6 2.6.23-1 (bug #446073)
-CVE-2007-3842
+CVE-2007-3842 (Cross-site scripting (XSS) vulnerability in the 8e6 R3000 Enterprise F ...)
 	NOT-FOR-US: 8e6 R3000 Enterprise Filter
-CVE-2007-3841
+CVE-2007-3841 (Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for Linux al ...)
 	NOTE: this information is based upon a vague advisory by a vulnerability
 	NOTE: information sales organization that does not coordinate with vendors or
 	NOTE: release actionable advisories. So maybe it is not fixed _but_ since it is
 	NOTE: not disclosed it would be hard to fix and track it.
-CVE-2007-3840
+CVE-2007-3840 (SQL injection vulnerability in referralUrl.php in Traffic Stats allows ...)
 	NOT-FOR-US: Traffic Stats
-CVE-2007-3839
+CVE-2007-3839 (Cross-site scripting (XSS) vulnerability in takeprofedit.php in TBDev. ...)
 	NOT-FOR-US: TBDev.NET
-CVE-2007-3838
+CVE-2007-3838 (Cross-site scripting (XSS) vulnerability in takeprofedit.php in TBDev. ...)
 	NOT-FOR-US: TBDev.NET
-CVE-2007-3837
+CVE-2007-3837 (Heap-based buffer overflow in HydraIRC 0.3.151 allows remote IRC serve ...)
 	NOT-FOR-US: HydraIRC
-CVE-2007-3836
+CVE-2007-3836 (Format string vulnerability in HydraIRC 0.3.151 allows remote attacker ...)
 	NOT-FOR-US: HydraIRC
-CVE-2007-3835
+CVE-2007-3835 (Cross-site scripting (XSS) vulnerability in Ex Libris MetaLib 3.13 and ...)
 	NOT-FOR-US: Ex Libris MetaLib
-CVE-2007-3834
+CVE-2007-3834 (Multiple cross-site scripting (XSS) vulnerabilities in Ex Libris ALEPH ...)
 	NOT-FOR-US: Ex Libris ALEPH
-CVE-2007-3833
+CVE-2007-3833 (The AOL Instant Messenger (AIM) protocol handler in Cerulean Studios T ...)
 	NOT-FOR-US: Trillian
-CVE-2007-3832
+CVE-2007-3832 (Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in ...)
 	NOT-FOR-US: Trillian
-CVE-2007-3831
+CVE-2007-3831 (PHP remote file inclusion in main.php in ISS Proventia Network IPS GX5 ...)
 	NOT-FOR-US: ISS Proventia Network IPS
-CVE-2007-3830
+CVE-2007-3830 (Cross-site scripting (XSS) vulnerability in alert.php in ISS Proventia ...)
 	NOT-FOR-US: ISS Proventia Network IPS
-CVE-2007-3829
+CVE-2007-3829 (Multiple stack-based buffer overflows in (a) InterActual Player 2.60.1 ...)
 	NOT-FOR-US: InterActual Player
-CVE-2007-3828
+CVE-2007-3828 (Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows re ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-3827
+CVE-2007-3827 (Mozilla Firefox allows for cookies to be set with a null domain (aka " ...)
 	NOTE: Unreproducible for upstream
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=388097
-CVE-2007-3826
+CVE-2007-3826 (Microsoft Internet Explorer 7 on Windows XP SP2 allows remote attacker ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3825
+CVE-2007-3825 (Multiple stack-based buffer overflows in the RPC implementation in ale ...)
 	NOT-FOR-US: CA Alert Notification Server
-CVE-2007-3824
+CVE-2007-3824 (SQL injection vulnerability in katgoster.asp in MzK Blog (tr) allows r ...)
 	NOT-FOR-US: MzK Blog
-CVE-2007-3823
+CVE-2007-3823 (The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows rem ...)
 	NOT-FOR-US: IPSwitch WS_FTP
-CVE-2007-3822
+CVE-2007-3822 (Multiple cross-site scripting (XSS) vulnerabilities in Webcit before 7 ...)
 	NOT-FOR-US: Webcit
-CVE-2007-3821
+CVE-2007-3821 (Cross-site request forgery (CSRF) vulnerability in Webcit before 7.11  ...)
 	NOT-FOR-US: Webcit
-CVE-2007-3819
+CVE-2007-3819 (Opera 9.21 allows remote attackers to spoof the data: URI scheme in th ...)
 	NOT-FOR-US: Opera
-CVE-2007-3818
+CVE-2007-3818 (Cross-site scripting (XSS) vulnerability in the LoginToboggan module 5 ...)
 	NOT-FOR-US: LoginToboggan
-CVE-2007-3817
+CVE-2007-3817 (Cross-site scripting (XSS) vulnerability in the LoginToboggan module 4 ...)
 	NOT-FOR-US: LoginToboggan
 CVE-2007-3816
 	NOT-FOR-US: JWIG
-CVE-2007-3815
+CVE-2007-3815 (Buffer overflow in pirs32.exe in Poslovni informator Republike Sloveni ...)
 	NOT-FOR-US: Poslovni informator Republike Slovenije
-CVE-2007-3814
+CVE-2007-3814 (Multiple SQL injection vulnerabilities in MKPortal 1.1.1 allow remote  ...)
 	NOT-FOR-US: MKPortal
-CVE-2007-3813
+CVE-2007-3813 (PHP remote file inclusion vulnerability in include/user.php in the NoB ...)
 	NOT-FOR-US: NoBoard BETA module for MKPortal
-CVE-2007-3812
+CVE-2007-3812 (SQL injection vulnerability in forums.php in CMScout 1.23 and earlier  ...)
 	NOT-FOR-US: CMScout
-CVE-2007-3811
+CVE-2007-3811 (Multiple SQL injection vulnerabilities in eSyndiCat allow remote attac ...)
 	NOT-FOR-US: eSyndiCat
-CVE-2007-3810
+CVE-2007-3810 (SQL injection vulnerability in index.php in Realtor 747 allows remote  ...)
 	NOT-FOR-US: Realtor 747
-CVE-2007-3809
+CVE-2007-3809 (Multiple SQL injection vulnerabilities in Prozilla Directory Script al ...)
 	NOT-FOR-US: Prozilla Directory Script
-CVE-2007-3808
+CVE-2007-3808 (SQL injection vulnerability in includes/search.php in paFileDB 3.6 all ...)
 	NOT-FOR-US: paFileDB
-CVE-2007-3807
+CVE-2007-3807 (Multiple cross-site scripting (XSS) vulnerabilities in SiteScape Forum ...)
 	NOT-FOR-US: SiteScape Forum
-CVE-2007-3806
+CVE-2007-3806 (The glob function in PHP 5.2.3 allows context-dependent attackers to c ...)
 	{DSA-1578-1 DSA-1572-1 DTSA-61-1}
 	- php5 5.2.4-1 (medium; bug #441433)
 	- php4 <removed>
 	[etch] - php5 <no-dsa> (requires malicious script)
 	[etch] - php4 <no-dsa> (requires malicious script)
 	[sarge] - php4 <no-dsa> (requires malicious script)
-CVE-2007-3805
+CVE-2007-3805 (The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80. ...)
 	NOT-FOR-US: Clavister CorePlus
-CVE-2007-3804
+CVE-2007-3804 (The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before 8.81 ...)
 	NOT-FOR-US: Clavister CorePlus
-CVE-2007-3803
+CVE-2007-3803 (The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does n ...)
 	NOT-FOR-US: Clavister CorePlus
 CVE-2007-3802
 	REJECTED
 CVE-2007-3801
 	REJECTED
-CVE-2007-3800
+CVE-2007-3800 (Unspecified vulnerability in the Real-time scanner (RTVScan) component ...)
 	NOT-FOR-US: Symantec
-CVE-2007-3799
+CVE-2007-3799 (The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5 ...)
 	{DSA-1578-1 DSA-1444-1 DTSA-61-1}
 	NOTE: this does not affect default installs, only those who have written
 	NOTE: custom session handlers (which isn't *that* uncommon though), and
@@ -7040,178 +7040,178 @@ CVE-2007-3799
 	NOTE: fixed in php4/etch, php5/etch, php4/sarge svn
 	- php4 <removed> (low)
 	- php5 5.2.4-1 (low; bug #441433)
-CVE-2007-3798
+CVE-2007-3798 (Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6  ...)
 	{DSA-1353-1}
 	- tcpdump 3.9.5-3 (bug #434030)
 CVE-2007-3797
 	RESERVED
-CVE-2007-3796
+CVE-2007-3796 (The password reset feature in the Spam Quarantine HTTP interface for M ...)
 	NOT-FOR-US: Spam Quarantine HTTP interface for MailMarshal SMTP
-CVE-2007-3795
+CVE-2007-3795 (Unspecified vulnerability in Hitachi TP1/Server Base before 03-05-/P,  ...)
 	NOT-FOR-US: Hitachi
-CVE-2007-3794
+CVE-2007-3794 (Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit fo ...)
 	NOT-FOR-US: Hitachi
-CVE-2007-3793
+CVE-2007-3793 (SQL injection vulnerability in Job Management Partner 1/NETM/DM (JP1/N ...)
 	NOT-FOR-US: Job Management Partner
-CVE-2007-3792
+CVE-2007-3792 (Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold ...)
 	NOT-FOR-US: AzDG Dating Gold
-CVE-2007-3791
+CVE-2007-3791 (Buffer overflow in the w_read function in sockets.c in Cami Sardinha a ...)
 	{DSA-1361-1}
 	- postfix-policyd 1.80-2.2 (bug #435735)
-CVE-2007-3790
+CVE-2007-3790 (The com_print_typeinfo function in the bz2 extension in PHP 5.2.3 allo ...)
 	- php5 <not-affected> (com_print_typeinfo is a windows only func)
 	- php4 <not-affected> (com_print_typeinfo is a windows only func)
-CVE-2007-3789
+CVE-2007-3789 (SQL injection vulnerability in admin/index.php in Inmostore 4.0 allows ...)
 	NOT-FOR-US: Inmostore
-CVE-2007-3788
+CVE-2007-3788 (The eSoft InstaGate EX2 UTM device stores the admin password within th ...)
 	NOT-FOR-US: eSoft InstaGate
-CVE-2007-3787
+CVE-2007-3787 (The eSoft InstaGate EX2 UTM device does not require entry of the old p ...)
 	NOT-FOR-US: eSoft InstaGate
 CVE-2007-3786
 	NOT-FOR-US: eSoft InstaGate
-CVE-2007-3785
+CVE-2007-3785 (Absolute path traversal vulnerability in a certain ActiveX control in  ...)
 	NOT-FOR-US: EldoS SecureBlackbox
-CVE-2007-3784
+CVE-2007-3784 (Cross-site scripting (XSS) vulnerability in the Belkin G Plus Router F ...)
 	NOT-FOR-US: Belkin
-CVE-2007-3783
+CVE-2007-3783 (SQL injection vulnerability in default.asp in enVivo!CMS allows remote ...)
 	NOT-FOR-US: enVivo!CMS
-CVE-2007-3782
+CVE-2007-3782 (MySQL Community Server before 5.0.45 allows remote authenticated users ...)
 	{DSA-1413-1}
 	- mysql-dfsg-5.0 5.0.42
 	[sarge] - mysql-dfsg <not-affected> (Vulnerable functionality was introduced in 5.0)
 	[sarge] - mysql-dfsg-4.1 <not-affected> (Vulnerable functionality was introduced in 5.0)
-CVE-2007-3781
+CVE-2007-3781 (MySQL Community Server before 5.0.45 does not require privileges such  ...)
 	{DSA-1451-1}
 	- mysql-dfsg-5.0 5.0.45-1
 	[etch] - mysql-dfsg-5.0 <no-dsa> (Minor issue, too intrusive to backport)
 	[sarge] - mysql-dfsg <no-dsa> (Minor issue, too intrusive to backport)
 	[sarge] - mysql-dfsg-4.1 <no-dsa> (Minor issue, too intrusive to backport)
-CVE-2007-3780
+CVE-2007-3780 (MySQL Community Server before 5.0.45 allows remote attackers to cause  ...)
 	{DSA-1413-1}
 	- mysql-dfsg-5.0 5.0.44
 	[sarge] - mysql-dfsg <not-affected> (Introduced with SSL support in 4.1)
-CVE-2007-3779
+CVE-2007-3779 (PHP local file inclusion vulnerability in gpg_pop_init.php in the G/PG ...)
 	NOT-FOR-US: G/PGP (GPG) Plugin for Squirrelmail
-CVE-2007-3778
+CVE-2007-3778 (The G/PGP (GPG) Plugin 2.0, and 2.1dev before 20060912, for Squirrelma ...)
 	NOT-FOR-US: G/PGP (GPG) Plugin for Squirrelmail
-CVE-2007-3777
+CVE-2007-3777 (avg7core.sys 7.5.0.444 in Grisoft AVG Anti-Virus 7.5.448 and Free Edit ...)
 	NOT-FOR-US: Grisoft AVG Anti-Virus
-CVE-2007-3776
+CVE-2007-3776 (Cisco Unified Communications Manager (CUCM, formerly CallManager) and  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-3775
+CVE-2007-3775 (Unspecified vulnerability in Cisco Unified Communications Manager (CUC ...)
 	NOT-FOR-US: Cisco
-CVE-2007-3774
+CVE-2007-3774 (Dvbbs 7.1.0 SP1 stores sensitive information under the web root with i ...)
 	NOT-FOR-US: Dvbbs
-CVE-2007-3773
+CVE-2007-3773 (Cross-site request forgery (CSRF) vulnerability in the Email-Template  ...)
 	NOT-FOR-US: Generic YouTube Clone Script
-CVE-2007-3772
+CVE-2007-3772 (Directory traversal vulnerability in news/show.php in PsNews 1.1 allow ...)
 	NOT-FOR-US: PsNews
-CVE-2007-3771
+CVE-2007-3771 (Stack-based buffer overflow in the Internet E-mail Auto-Protect featur ...)
 	NOT-FOR-US: Symantec Antivirus
-CVE-2007-3770
+CVE-2007-3770 (The terminal_helper_execute function in terminal/terminal.c in Xfce Te ...)
 	{DSA-1393-1}
 	- xfce4-terminal 0.2.6-3 (bug #437454)
-CVE-2007-3769
+CVE-2007-3769 (Cross-site scripting (XSS) vulnerability in the mirrored server manage ...)
 	NOT-FOR-US: SurgeFTP
-CVE-2007-3768
+CVE-2007-3768 (The mirror mechanism in SurgeFTP 2.3a1 allows user-assisted, remote FT ...)
 	NOT-FOR-US: SurgeFTP
 CVE-2007-3767
 	RESERVED
 CVE-2007-3766
 	RESERVED
-CVE-2007-3765
+CVE-2007-3765 (The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW be ...)
 	- asterisk 1:1.4.8~dfsg-1 (bug #433681)
 	[sarge] - asterisk <not-affected> (1.0.x not affected)
 	[etch] - asterisk <not-affected> (1.2.x not affected)
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-017.htm
-CVE-2007-3764
+CVE-2007-3764 (The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and  ...)
 	{DSA-1358-1}
 	- asterisk 1:1.4.8~dfsg-1
 	NOTE: Etch and Sarge affected
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-016.htm
-CVE-2007-3763
+CVE-2007-3763 (The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4. ...)
 	{DSA-1358-1}
 	- asterisk 1:1.4.8~dfsg-1
 	NOTE: Etch and Sarge affected
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-015.htm
-CVE-2007-3762
+CVE-2007-3762 (Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in  ...)
 	{DSA-1358-1}
 	- asterisk 1:1.4.8~dfsg-1 (high)
 	NOTE: Etch and Sarge affected
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-014.htm
-CVE-2007-3820
+CVE-2007-3820 (konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to  ...)
 	- kdebase 4:3.5.7-3 (bug #433072; low)
 	[sarge] - kdebase <no-dsa> (Minor issue)
 	[etch] - kdebase <no-dsa> (Minor issue)
 	NOTE: http://marc.info/?l=full-disclosure&m=118437069815691&w=2
-CVE-2007-3761
+CVE-2007-3761 (Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1 ...)
 	NOT-FOR-US: Safari
-CVE-2007-3760
+CVE-2007-3760 (Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1 ...)
 	NOT-FOR-US: Safari
-CVE-2007-3759
+CVE-2007-3759 (Safari in Apple iPhone 1.1.1, when requested to disable Javascript, do ...)
 	NOT-FOR-US: Safari
-CVE-2007-3758
+CVE-2007-3758 (Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on ...)
 	NOT-FOR-US: Safari
-CVE-2007-3757
+CVE-2007-3757 (Safari in Apple iPhone 1.1.1 allows remote user-assisted attackers to  ...)
 	NOT-FOR-US: Safari
-CVE-2007-3756
+CVE-2007-3756 (Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on ...)
 	NOT-FOR-US: Safari
-CVE-2007-3755
+CVE-2007-3755 (Mail in Apple iPhone 1.1.1 allows remote user-assisted attackers to fo ...)
 	NOT-FOR-US: Aplle iPhone
-CVE-2007-3754
+CVE-2007-3754 (Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user whe ...)
 	NOT-FOR-US: Aplle iPhone
-CVE-2007-3753
+CVE-2007-3753 (Apple iPhone 1.1.1, with Bluetooth enabled, allows physically proximat ...)
 	NOT-FOR-US: Aplle iPhone
-CVE-2007-3752
+CVE-2007-3752 (Heap-based buffer overflow in Apple iTunes before 7.4 allows remote at ...)
 	NOT-FOR-US: iTunes
-CVE-2007-3751
+CVE-2007-3751 (Unspecified vulnerability in QuickTime for Java in Apple QuickTime bef ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-3750
+CVE-2007-3750 (Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-3749
+CVE-2007-3749 (The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the c ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-3748
+CVE-2007-3748 (Buffer overflow in the UPnP IGD (Internet Gateway Device Standardized  ...)
 	NOT-FOR-US: iChat on Apple Mac OS X
-CVE-2007-3747
+CVE-2007-3747 (The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 d ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-3746
+CVE-2007-3746 (The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 d ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-3745
+CVE-2007-3745 (The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 c ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-3744
+CVE-2007-3744 (Heap-based buffer overflow in the UPnP IGD (Internet Gateway Device St ...)
 	NOT-FOR-US: Apple Mac OSX
-CVE-2007-3743
+CVE-2007-3743 (Stack-based buffer overflow in bookmark handling in Apple Safari 3 Bet ...)
 	NOT-FOR-US: Apple Safari
-CVE-2007-3742
+CVE-2007-3742 (WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1 ...)
 	NOT-FOR-US: Apple Safari
-CVE-2007-3741
+CVE-2007-3741 (The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp  ...)
 	- gimp 2.2.17-1 (unimportant)
 	NOTE: Only DoS by memleaks or double-frees, not treated as security problems
-CVE-2007-3740
+CVE-2007-3740 (The CIFS filesystem in the Linux kernel before 2.6.22, when Unix exten ...)
 	{DSA-1504-1 DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.22
-CVE-2007-3739
+CVE-2007-3739 (mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not ...)
 	{DSA-1504-1 DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.20-1
-CVE-2007-3738
+CVE-2007-3738 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 ...)
 	{DSA-1534-2 DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	- iceape 1.1.3-1 (medium)
 	- xulrunner 1.8.1.5-1 (medium)
 	- iceweasel 2.0.0.5-1 (medium)
 	NOTE: MFSA2007-25
-CVE-2007-3737
+CVE-2007-3737 (Mozilla Firefox before 2.0.0.5 allows remote attackers to execute arbi ...)
 	{DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	- iceape 1.1.3-1 (high)
 	- xulrunner 1.8.1.5-1 (high)
 	- iceweasel 2.0.0.5-1 (high)
 	NOTE: MFSA2007-21
-CVE-2007-3736
+CVE-2007-3736 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0 ...)
 	{DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	- iceweasel 2.0.0.5-1 (high)
 	- iceape 1.1.3-1 (high)
 	- xulrunner 1.8.1.5-1 (high)
 	NOTE: MFSA2007-19
-CVE-2007-3735
+CVE-2007-3735 (Multiple unspecified vulnerabilities in the JavaScript engine in Mozil ...)
 	{DSA-1391-1 DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1 DTSA-71-1}
 	- iceweasel 2.0.0.5-1 (high)
 	- icedove 2.0.0.6-1 (low)
@@ -7219,7 +7219,7 @@ CVE-2007-3735
 	- iceape 1.1.3-1 (high)
 	- xulrunner 1.8.1.5-1 (high)
 	NOTE: MFSA2007-18
-CVE-2007-3734
+CVE-2007-3734 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-1391-1 DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1 DTSA-71-1}
 	- iceweasel 2.0.0.5-1 (high)
 	- icedove 2.0.0.6-1 (high; bug #444010)
@@ -7232,774 +7232,774 @@ CVE-2007-3732
 	RESERVED
 	- linux-2.6 2.6.23-1
 	NOTE: Upstream fix: https://git.kernel.org/linus/a10d9a71bafd3a283da240d2868e71346d2aef6f (v2.6.23-rc1)
-CVE-2007-3731
+CVE-2007-3731 (The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid ...)
 	{DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.23-1
-CVE-2007-3730
+CVE-2007-3730 (The default configuration of the POP server in TCP/IP Services 5.6 for ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2007-3729
+CVE-2007-3729 (The default configuration of the POP server in TCP/IP Services 5.6 for ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2007-3728
+CVE-2007-3728 (Buffer overflow in lib/silcclient/client_notify.c of SILC Client and S ...)
 	- silc-toolkit 1.1.2-1
 	[etch] - silc-toolkit <not-affected> (Only the 1.1.x branch is affected)
 	NOTE: http://silcnet.org/docs/changelog/SILC Toolkit 1.1.2
-CVE-2007-3727
+CVE-2007-3727 (Multiple unspecified vulnerabilities in Webmatic before 2.7 have unkno ...)
 	NOT-FOR-US: WebMatic
-CVE-2007-3726
+CVE-2007-3726 (Integer signedness error in the SET_VALUE function in rarvm.cpp in unr ...)
 	- unrar-nonfree 3.7.3-1.1 (low; bug #437703)
 	[etch] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[sarge] - unrar-nonfree <no-dsa> (Non-free not supported)
 	- rar 1:3.7b1-1 (low; bug #437704)
 	[etch] - rar <not-affected> (Vulnerable code was fixed already)
 	[sarge] - rar <no-dsa> (Non-free not supported)
-CVE-2007-3725
+CVE-2007-3725 (The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows u ...)
 	{DSA-1340-1 DTSA-43-1}
 	- clamav 0.91-1
 	[sarge] - clamav <not-affected> (Vulnerable code was introduced in 0.9x)
-CVE-2007-3724
+CVE-2007-3724 (The process scheduler in the Microsoft Windows XP kernel does not make ...)
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2007-3723
+CVE-2007-3723 (The process scheduler in the Sun Solaris kernel does not make use of t ...)
 	NOT-FOR-US: Solaris
-CVE-2007-3722
+CVE-2007-3722 (The 4BSD process scheduler in the FreeBSD kernel performs scheduling b ...)
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (kfreebsd not supported)
-CVE-2007-3721
+CVE-2007-3721 (The ULE process scheduler in the FreeBSD kernel gives preference to "i ...)
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (kfreebsd not supported)
-CVE-2007-3720
+CVE-2007-3720 (The process scheduler in the Linux kernel 2.4 performs scheduling base ...)
 	- linux-2.6 <not-affected> (There's a separate ID for 2.6, see CVE-2007-3719)
-CVE-2007-3719
+CVE-2007-3719 (The process scheduler in the Linux kernel 2.6.16 gives preference to " ...)
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: This is the existing default behaviour of the scheduler, can be tuned
 	NOTE: to suit individual needs
-CVE-2007-3718
+CVE-2007-3718 (Multiple unspecified vulnerabilities in the SVG parsing engine in Appl ...)
 	NOT-FOR-US: Apple Safari
-CVE-2007-3717
+CVE-2007-3717 (rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-3716
+CVE-2007-3716 (The Java XML Digital Signature implementation in Sun JDK and JRE 6 bef ...)
 	- sun-java6 6-02-1 (medium)
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-3715
+CVE-2007-3715 (Sun Java System Application Server and Web Server 7.0 through 9.0 befo ...)
 	NOT-FOR-US: Sun Java System Application Server and Web Server
-CVE-2007-3714
+CVE-2007-3714 (Directory traversal vulnerability in Ada Image Server (ImgSvr) 0.6.5 a ...)
 	NOT-FOR-US: Ada Image Server
-CVE-2007-3713
+CVE-2007-3713 (Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow ...)
 	{DSA-1433-1 DTSA-55-1}
 	- centericq 4.22.1-2.1 (bug #438511; medium)
 	- centerim 4.22.1-2.1 (medium)
-CVE-2007-3712
+CVE-2007-3712 (Multiple cross-site scripting (XSS) vulnerabilities in HiddenChest "is ...)
 	NOT-FOR-US: HiddenChest
-CVE-2007-3711
+CVE-2007-3711 (Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x  ...)
 	NOT-FOR-US: TippingPoint IPS
-CVE-2007-3710
+CVE-2007-3710 (PHP remote file inclusion vulnerability in example/gamedemo/inc.functi ...)
 	NOT-FOR-US: PHP Comet-Server
-CVE-2007-3709
+CVE-2007-3709 (CRLF injection vulnerability in the redirect function in url_helper.ph ...)
 	- codeigniter <itp> (bug #471583)
-CVE-2007-3708
+CVE-2007-3708 (Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before 2 ...)
 	- codeigniter <itp> (bug #471583)
-CVE-2007-3707
+CVE-2007-3707 (Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 be ...)
 	- codeigniter <itp> (bug #471583)
-CVE-2007-3706
+CVE-2007-3706 (The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 al ...)
 	- codeigniter <itp> (bug #471583)
-CVE-2007-3705
+CVE-2007-3705 (SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to ...)
 	NOT-FOR-US: FuseTalk
-CVE-2007-3704
+CVE-2007-3704 (Entertainment CMS allows remote attackers to bypass authentication and ...)
 	NOT-FOR-US: Entertainment CMS
-CVE-2007-3703
+CVE-2007-3703 (Stack-based buffer overflow in a certain ActiveX control in sasatl.dll ...)
 	NOT-FOR-US: Zenturi ProgramChecker
-CVE-2007-3702
+CVE-2007-3702 (Directory traversal vulnerability in the load function in cgi-bin/mail ...)
 	NOT-FOR-US: Mail Machine
-CVE-2007-3701
+CVE-2007-3701 (TippingPoint IPS before 20070710 does not properly handle a hex-encode ...)
 	NOT-FOR-US: TippingPoint IPS
-CVE-2007-3700
+CVE-2007-3700 (Sun Java System Access Manager (formerly Java System Identity Server)  ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2007-3699
+CVE-2007-3699 (The Decomposer component in multiple Symantec products allows remote a ...)
 	NOT-FOR-US: Symantec
-CVE-2007-3698
+CVE-2007-3698 (The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1  ...)
 	- sun-java5 1.5.0-12-1
 	- sun-java6 6-02-1
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-3697
+CVE-2007-3697 (PHP remote file inclusion vulnerability in phpbb/sendmsg.php in FlashB ...)
 	NOT-FOR-US: FlashBB
-CVE-2007-3696
+CVE-2007-3696 (CA ERwin Data Model Validator (formerly AllFusion Data Model Validator ...)
 	NOT-FOR-US: CA ERwin Data Model Validator
-CVE-2007-3695
+CVE-2007-3695 (Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly A ...)
 	NOT-FOR-US: CA ERwin
-CVE-2007-3694
+CVE-2007-3694 (Cross-site scripting (XSS) vulnerability in login.php in Miro Project  ...)
 	NOT-FOR-US: Broadcast Machine
-CVE-2007-3693
+CVE-2007-3693 (Cross-site scripting (XSS) vulnerability in Gobi as of 20070711, built ...)
 	NOT-FOR-US: gobi
-CVE-2007-3692
+CVE-2007-3692 (Directory traversal vulnerability in download.cgi in EZFactory KDDI Do ...)
 	NOT-FOR-US: EZFactory KDDI Download CGI
-CVE-2007-3691
+CVE-2007-3691 (Multiple SQL injection vulnerabilities in changePW.php in AV Tutorial  ...)
 	NOT-FOR-US: AV Tutorial
-CVE-2007-3690
+CVE-2007-3690 (The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal al ...)
 	NOT-FOR-US: Forward module for Drupal
-CVE-2007-3689
+CVE-2007-3689 (The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allo ...)
 	NOT-FOR-US: Print module for Drupal
-CVE-2007-3688
+CVE-2007-3688 (Multiple cross-site request forgery (CSRF) vulnerabilities in DotClear ...)
 	NOT-FOR-US: DotClear
-CVE-2007-3687
+CVE-2007-3687 (SQL injection vulnerability in inferno.php in the Inferno Technologies ...)
 	NOT-FOR-US: Inferno Technologies
-CVE-2007-3686
+CVE-2007-3686 (CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating ...)
 	NOT-FOR-US: Unobtrusive Ajax Star Rating Bar
-CVE-2007-3685
+CVE-2007-3685 (Cross-site scripting (XSS) vulnerability in rpc.php in Unobtrusive Aja ...)
 	NOT-FOR-US: Unobtrusive Ajax Star Rating Bar
-CVE-2007-3684
+CVE-2007-3684 (Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating ...)
 	NOT-FOR-US: Unobtrusive Ajax Star Rating Bar
-CVE-2007-3683
+CVE-2007-3683 (SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3 and earl ...)
 	NOT-FOR-US: Aigaion
-CVE-2007-3682
+CVE-2007-3682 (SQL injection vulnerability in index.php in OpenLD 1.2.2 and earlier a ...)
 	NOT-FOR-US: OpenLD
-CVE-2007-3681
+CVE-2007-3681 (The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in Wi ...)
 	NOT-FOR-US: WinPcap
-CVE-2007-3680
+CVE-2007-3680 (Stack-based buffer overflow in the odm_searchpath function in libodm i ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-3679
+CVE-2007-3679 (The Citrix EPA ActiveX control (aka the "endpoint checking control" or ...)
 	NOT-FOR-US: Citrix
-CVE-2007-3678
+CVE-2007-3678 (Stack-based buffer overflow in the MSWord text-import extension (Word  ...)
 	NOT-FOR-US: QuarkXPress
-CVE-2007-3677
+CVE-2007-3677 (Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow r ...)
 	NOT-FOR-US: Maxsi eVisit Analyst
-CVE-2007-3676
+CVE-2007-3676 (IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-3675
+CVE-2007-3675 (Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan A ...)
 	NOT-FOR-US: Kaspersky Online Scanner
 CVE-2007-3674
 	RESERVED
-CVE-2007-3673
+CVE-2007-3673 (Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus ...)
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2007-3672
+CVE-2007-3672 (Cross-site scripting (XSS) vulnerability in ecrire/tools.php in DotCle ...)
 	NOT-FOR-US: DotClear
-CVE-2007-3671
+CVE-2007-3671 (Unspecified vulnerability in the kernel in Microsoft Windows Vista has ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-3670
+CVE-2007-3670 (Argument injection vulnerability in Microsoft Internet Explorer, when  ...)
 	- iceweasel <not-affected> (Only affects Firefox/Thunderbird on Windows)
 	- icedove <not-affected> (Only affects Firefox/Thunderbird on Windows)
 	NOTE: MFSA2007-23
-CVE-2007-3669
+CVE-2007-3669 (Multiple unspecified vulnerabilities in the Innovasys DockStudioXP Inn ...)
 	NOT-FOR-US: InnovaDSXP2.OCX ActiveX Control
-CVE-2007-3668
+CVE-2007-3668 (Multiple unspecified vulnerabilities in NMSDVDXU.DLL in NuMedia NMSDVD ...)
 	NOT-FOR-US: NMSDVDXLib
-CVE-2007-3667
+CVE-2007-3667 (Unspecified vulnerability in EXCLEXPT.DLL in ActiveReportsExcelReport  ...)
 	NOT-FOR-US: ActiveReportsExcelReport
-CVE-2007-3666
+CVE-2007-3666 (Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 all ...)
 	NOT-FOR-US: Symantec Ghost
-CVE-2007-3665
+CVE-2007-3665 (Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Nor ...)
 	NOT-FOR-US: Symantec Ghost
-CVE-2007-3664
+CVE-2007-3664 (Multiple unspecified vulnerabilities in Eltima Software RunService Act ...)
 	NOT-FOR-US: Eltima Software
-CVE-2007-3663
+CVE-2007-3663 (Divide-by-zero error in Media Player Classic (MPC) 6.4.9.0 allows user ...)
 	NOT-FOR-US: guliverkli Media Player Classic
-CVE-2007-3662
+CVE-2007-3662 (Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attacke ...)
 	NOT-FOR-US: guliverkli Media Player Classic
-CVE-2007-3661
+CVE-2007-3661 (Eltima Software Virtual Serial Port (VSPAX) ActiveX control (VSPort.DL ...)
 	NOT-FOR-US: Eltima Software
-CVE-2007-3660
+CVE-2007-3660 (The Nonnoi ASP/Barcode ActiveX control (nonnoi_ASPBarcode.dll) allows  ...)
 	NOT-FOR-US: Nonnoi
-CVE-2007-3659
+CVE-2007-3659 (Buffer overflow in the doBrowserAction function in FreeWRL 1.19.3 allo ...)
 	NOT-FOR-US: FreeWRL
-CVE-2007-3658
+CVE-2007-3658 (Unspecified vulnerability in Microsoft Register Server (REGSVR) allows ...)
 	NOT-FOR-US: Microsoft
 CVE-2007-3657
 	NOTE: Disputed Firefox issue, browser crashes not treated as security problems anyway
-CVE-2007-3656
+CVE-2007-3656 (Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not pe ...)
 	{DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	- iceweasel 2.0.0.5-1 (high)
 	- iceape 1.1.3-1 (high)
 	- xulrunner 1.8.1.5-1 (high)
 	NOTE: MFSA2007-24
-CVE-2007-3655
+CVE-2007-3655 (Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE ...)
 	- sun-java5 1.5.0-12-1
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- sun-java6 6-02-1
-CVE-2007-3654
+CVE-2007-3654 (The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2 ...)
 	NOT-FOR-US: NetBSD
-CVE-2007-3653
+CVE-2007-3653 (Multiple cross-site scripting (XSS) vulnerabilities in Farsi Script (a ...)
 	NOT-FOR-US: Farsi Script
-CVE-2007-3652
+CVE-2007-3652 (SQL injection vulnerability in class/page.php in Farsi Script (aka FaS ...)
 	NOT-FOR-US: Farsi Script
-CVE-2007-3651
+CVE-2007-3651 (class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote ...)
 	NOT-FOR-US: Farsi Script
-CVE-2007-3650
+CVE-2007-3650 (myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: myWebland myBloggie
-CVE-2007-3649
+CVE-2007-3649 (Absolute path traversal vulnerability in a certain ActiveX control in  ...)
 	NOT-FOR-US: Hewlett-Packard (HP) Photo Digital Imaging ActiveX control
-CVE-2007-3648
+CVE-2007-3648 (SQL injection vulnerability in Webmatic before 2.6.2, and possibly oth ...)
 	NOT-FOR-US: WebMatic
-CVE-2007-3647
+CVE-2007-3647 (The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and  ...)
 	NOT-FOR-US: phpTrafficA
-CVE-2007-3646
+CVE-2007-3646 (SQL injection vulnerability in index.php in FlashGameScript 1.7 and ea ...)
 	NOT-FOR-US: FlashGameScript
-CVE-2007-3645
+CVE-2007-3645 (archive_read_support_format_tar.c in libarchive before 2.2.4 allows us ...)
 	{DSA-1455-1}
 	- libarchive 2.2.4-1 (bug #432924; low)
-CVE-2007-3644
+CVE-2007-3644 (archive_read_support_format_tar.c in libarchive before 2.2.4 allows us ...)
 	{DSA-1455-1}
 	- libarchive 2.2.4-1 (bug #432924; low)
-CVE-2007-3643
+CVE-2007-3643 (admin/index.php in AV Arcade 2.1b grants administrative privileges whe ...)
 	NOT-FOR-US: AV Arcade
-CVE-2007-3642
+CVE-2007-3642 (The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c i ...)
 	{DSA-1356-1}
 	- linux-2.6 2.6.22-2
-CVE-2007-3641
+CVE-2007-3641 (archive_read_support_format_tar.c in libarchive before 2.2.4 does not  ...)
 	{DSA-1455-1}
 	- libarchive 2.2.4-1 (bug #432924; low)
-CVE-2007-3640
+CVE-2007-3640 (Adobe Integrated Runtime (AIR, aka Apollo) allows context-dependent at ...)
 	NOT-FOR-US: Adobe Apollo
-CVE-2007-3639
+CVE-2007-3639 (WordPress before 2.2.2 allows remote attackers to redirect visitors to ...)
 	{DSA-1564-1}
 	- wordpress 2.2.2-1
-CVE-2007-3638
+CVE-2007-3638 (Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote au ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-3637
+CVE-2007-3637 (SQL injection vulnerability in MKPortal 1.1.1 allows remote attackers  ...)
 	NOT-FOR-US: MKPortal
-CVE-2007-3636
+CVE-2007-3636 (Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin 2.1 for ...)
 	NOT-FOR-US: G/PGP (GPG) Plugin for Squirrelmail
-CVE-2007-3635
+CVE-2007-3635 (Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before  ...)
 	NOT-FOR-US: G/PGP (GPG) Plugin for Squirrelmail
-CVE-2007-3634
+CVE-2007-3634 (Unspecified vulnerability in the G/PGP (GPG) Plugin 2.0 for Squirrelma ...)
 	NOT-FOR-US: G/PGP (GPG) Plugin for Squirrelmail
-CVE-2007-3633
+CVE-2007-3633 (Absolute path traversal vulnerability in the Chilkat Software Chilkat  ...)
 	NOT-FOR-US: Chilkat Software
-CVE-2007-3632
+CVE-2007-3632 (Multiple PHP remote file inclusion vulnerabilities in LimeSurvey (aka  ...)
 	NOTE: Moodle contains a copy of the files, but not the string
 	NOTE: "homedir", so it is not affected.
-CVE-2007-3631
+CVE-2007-3631 (SQL injection vulnerability in index.php in GameSiteScript (gss) 3.1 a ...)
 	NOT-FOR-US: GameSiteScript
-CVE-2007-3630
+CVE-2007-3630 (changePW.php in AV Tutorial Script (avtutorial) 1.0 does not require a ...)
 	NOT-FOR-US: AV Tutorial
-CVE-2007-3629
+CVE-2007-3629 (SQL injection vulnerability in oku.asp in Levent Veysi Portal 1.0 allo ...)
 	NOT-FOR-US: Levent Veysi Portal
-CVE-2007-3628
+CVE-2007-3628 (Unspecified vulnerability in the fetch function in MDB2.php in PEAR St ...)
 	NOT-FOR-US: Structures-DataGrid-DataSource-MDB2
-CVE-2007-3627
+CVE-2007-3627 (Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2. ...)
 	NOT-FOR-US: PHP Lite Calender Express
-CVE-2007-3626
+CVE-2007-3626 (Unspecified vulnerability in the ADM daemon in Hitachi TPBroker before ...)
 	NOT-FOR-US: Hitachi
-CVE-2007-3625
+CVE-2007-3625 (The Program Neighborhood Agent in Citrix Presentation Server Clients f ...)
 	NOT-FOR-US: Citrix
-CVE-2007-3624
+CVE-2007-3624 (Heap-based buffer overflow in the Message HTTP Server in SAP Message S ...)
 	NOT-FOR-US: SAP
-CVE-2007-3623
+CVE-2007-3623 (Cross-site scripting (XSS) vulnerability in the Hitachi JP1/HiCommand  ...)
 	NOT-FOR-US: Hitachi
-CVE-2007-3622
+CVE-2007-3622 (Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon b ...)
 	NOT-FOR-US: MDaemon
-CVE-2007-3621
+CVE-2007-3621 (Multiple CRLF injection vulnerabilities in callboth.php in AsteriDex 3 ...)
 	NOT-FOR-US: AsteriDex
-CVE-2007-3620
+CVE-2007-3620 (Multiple directory traversal vulnerabilities in Maia Mailguard 1.0.2 a ...)
 	NOT-FOR-US: Maia Mailguard
-CVE-2007-3619
+CVE-2007-3619 (Directory traversal vulnerability in login.php in Maia Mailguard 1.0.2 ...)
 	NOT-FOR-US: Maia Mailguard
-CVE-2007-3618
+CVE-2007-3618 (Stack-based buffer overflow in the NetWorker Remote Exec Service (nsre ...)
 	NOT-FOR-US: EMC Software NetWorker
-CVE-2007-3617
+CVE-2007-3617 (The report module in vtiger CRM before 5.0.3 does not properly apply s ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3616
+CVE-2007-3616 (index.php in vtiger CRM before 5.0.3 allows remote authenticated users ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3615
+CVE-2007-3615 (Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver ...)
 	NOT-FOR-US: SAP
-CVE-2007-3614
+CVE-2007-3614 (Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB We ...)
 	NOT-FOR-US: SAP DB Web Server
-CVE-2007-3613
+CVE-2007-3613 (Cross-site scripting (XSS) vulnerability in ADM:GETLOGFILE in SAP Inte ...)
 	NOT-FOR-US: SAP
-CVE-2007-3612
+CVE-2007-3612 (Stack-based buffer overflow in Visual IRC (ViRC) 2.0 allows remote IRC ...)
 	NOT-FOR-US: Visual IRC
-CVE-2007-3611
+CVE-2007-3611 (admin.php in VRNews 1.1.1, and possibly other 1.x versions, does not r ...)
 	NOT-FOR-US: VRNews
-CVE-2007-3610
+CVE-2007-3610 (SQL injection vulnerability in categories_type.php in phpVID 0.9.9 all ...)
 	NOT-FOR-US: phpVID
-CVE-2007-3609
+CVE-2007-3609 (Multiple SQL injection vulnerabilities in eMeeting Online Dating Softw ...)
 	NOT-FOR-US: eMeeting
-CVE-2007-3608
+CVE-2007-3608 (Multiple unspecified vulnerabilities in ActiveX controls in the EnjoyS ...)
 	NOT-FOR-US: SAP
-CVE-2007-3607
+CVE-2007-3607 (Multiple unspecified vulnerabilities in ActiveX controls in the EnjoyS ...)
 	NOT-FOR-US: SAP
-CVE-2007-3606
+CVE-2007-3606 (Heap-based buffer overflow in the rfcguisink.rfcguisink.1 ActiveX cont ...)
 	NOT-FOR-US: SAP
-CVE-2007-3605
+CVE-2007-3605 (Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX cont ...)
 	NOT-FOR-US: SAP
-CVE-2007-3604
+CVE-2007-3604 (vtiger CRM before 5.0.3 allows remote authenticated users with access  ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3603
+CVE-2007-3603 (SQL injection vulnerability in the dashboard (include/utils/SearchUtil ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3602
+CVE-2007-3602 (The SOAP webservice in vtiger CRM before 5.0.3 does not ensure that au ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3601
+CVE-2007-3601 (vtiger CRM before 5.0.3, when a migrated build is used, allows remote  ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3600
+CVE-2007-3600 (WordPlugin in the wordintegration component in vtiger CRM before 5.0.3 ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3599
+CVE-2007-3599 (vtiger CRM before 5.0.3 allows remote authenticated users to import an ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3598
+CVE-2007-3598 (index.php in vtiger CRM before 5.0.3 allows remote authenticated users ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2007-3597
+CVE-2007-3597 (Session fixation vulnerability in Zen Cart 1.3.7 and earlier allows re ...)
 	NOT-FOR-US: Zen Cart
-CVE-2007-3596
+CVE-2007-3596 (inc/vul_check.inc in phpVideoPro before 0.8.8 permits non-alphanumeric ...)
 	NOT-FOR-US: phpVideoPro
 CVE-2007-3595
 	REJECTED
-CVE-2007-3594
+CVE-2007-3594 (Multiple cross-site scripting (XSS) vulnerabilities in AdventNet Manag ...)
 	NOT-FOR-US: ManageEngine OpManager
-CVE-2007-3593
+CVE-2007-3593 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Ne ...)
 	NOT-FOR-US: ManageEngine NetflowAnalyzer
-CVE-2007-3592
+CVE-2007-3592 (PM.php in Elite Bulletin Board before 1.0.10 allows remote authenticat ...)
 	NOT-FOR-US: Elite Bulletin Board
-CVE-2007-3591
+CVE-2007-3591 (Unspecified vulnerability in Profile.php in Elite Bulletin Board befor ...)
 	NOT-FOR-US: Elite Bulletin Board
-CVE-2007-3590
+CVE-2007-3590 (Cross-site scripting (XSS) vulnerability in visitenkarte.php in b1gBB  ...)
 	NOT-FOR-US: b1gBB
-CVE-2007-3589
+CVE-2007-3589 (Multiple SQL injection vulnerabilities in b1gbb 2.24.0 allow remote at ...)
 	NOT-FOR-US: b1gbb
-CVE-2007-3588
+CVE-2007-3588 (SQL injection vulnerability in reply.php in VBZooM 1.12 allows remote  ...)
 	NOT-FOR-US: VBZooM
-CVE-2007-3587
+CVE-2007-3587 (MyCMS 0.9.8 and earlier allows remote attackers to gain privileges via ...)
 	NOT-FOR-US: MyCMS
-CVE-2007-3586
+CVE-2007-3586 (Multiple direct static code injection vulnerabilities in MyCMS 0.9.8 a ...)
 	NOT-FOR-US: MyCMS
-CVE-2007-3585
+CVE-2007-3585 (PHP remote file inclusion vulnerability in games.php in MyCMS 0.9.8 an ...)
 	NOT-FOR-US: MyCMS
-CVE-2007-3584
+CVE-2007-3584 (SQL injection vulnerability in viewforum.php in PNphpBB2 1.2i and earl ...)
 	NOT-FOR-US: PNphpBB2
-CVE-2007-3583
+CVE-2007-3583 (SQL injection vulnerability in details_news.php in Girlserv ads 1.5 an ...)
 	NOT-FOR-US: Girlserv ads
-CVE-2007-3582
+CVE-2007-3582 (SQL injection vulnerability in index.php in SuperCali PHP Event Calend ...)
 	NOT-FOR-US: SuperCali PHP Event Calendar
-CVE-2007-3581
+CVE-2007-3581 (The Jedox Palo 1.5 client transmits the password in cleartext, which m ...)
 	NOT-FOR-US: Jedox
-CVE-2007-3580
+CVE-2007-3580 (PHPIDS does not properly handle certain code containing newlines, as d ...)
 	NOT-FOR-US: PHPIDS
-CVE-2007-3579
+CVE-2007-3579 (PHPIDS before 20070703 does not properly handle setting the .text prop ...)
 	NOT-FOR-US: PHPIDS
-CVE-2007-3578
+CVE-2007-3578 (PHPIDS before 20070703 does not properly handle (1) arithmetic express ...)
 	NOT-FOR-US: PHPIDS
-CVE-2007-3577
+CVE-2007-3577 (PHPIDS before 20070703 does not properly handle use of the substr meth ...)
 	NOT-FOR-US: PHPIDS
 CVE-2007-3576
 	NOT-FOR-US: Microsoft
-CVE-2007-3575
+CVE-2007-3575 (SQL injection vulnerability in includes/functions in FreeDomain.co.nr  ...)
 	NOT-FOR-US: FreeDomain.co.nr Clone
-CVE-2007-3574
+CVE-2007-3574 (Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on th ...)
 	NOT-FOR-US: Linksys
-CVE-2007-3573
+CVE-2007-3573 (Multiple SQL injection vulnerabilities in akocomment allow remote atta ...)
 	NOT-FOR-US: AkoComment
-CVE-2007-3572
+CVE-2007-3572 (Incomplete blacklist vulnerability in cgi-bin/runDiagnostics.cgi in th ...)
 	NOT-FOR-US: Yoggie
-CVE-2007-3571
+CVE-2007-3571 (The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allo ...)
 	NOT-FOR-US: Novell
-CVE-2007-3570
+CVE-2007-3570 (The Linux Access Gateway in Novell Access Manager before 3.0 SP1 Relea ...)
 	NOT-FOR-US: Novell
-CVE-2007-3569
+CVE-2007-3569 (Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library  ...)
 	NOT-FOR-US: Oliver Library Management System
-CVE-2007-3568
+CVE-2007-3568 (The _LoadBMP function in imlib 1.9.15 and earlier allows context-depen ...)
 	- imlib 1.9.15-3 (bug #437708; low)
 	[sarge] - imlib <no-dsa> (Minor issue, just a crash)
 	[etch] - imlib <no-dsa> (Minor issue, just a crash)
-CVE-2007-3567
+CVE-2007-3567 (MySQLDumper 1.21b through 1.23 REV227 uses a "Limit GET" statement in  ...)
 	NOT-FOR-US: MysqlDumper
-CVE-2007-3566
+CVE-2007-3566 (Stack-based buffer overflow in the database service (ibserver.exe) in  ...)
 	NOT-FOR-US: Borland InterBase
 CVE-2007-3565
 	RESERVED
-CVE-2007-3564
+CVE-2007-3564 (libcurl 7.14.0 through 7.16.3, when built with GnuTLS support, does no ...)
 	{DSA-1333-1}
 	- curl 7.16.4-1 (low)
-CVE-2007-3563
+CVE-2007-3563 (SQL injection vulnerability in includes/view_page.php in AV Arcade 2.1 ...)
 	NOT-FOR-US: AV Arcade
-CVE-2007-3562
+CVE-2007-3562 (SQL injection vulnerability in videos.php in PHP Director 0.21 and ear ...)
 	NOT-FOR-US: PHP Director
-CVE-2007-3561
+CVE-2007-3561 (Cross-site scripting (XSS) vulnerability in ara.asp in Efendy Blog 1.0 ...)
 	NOT-FOR-US: Efendy Blog
-CVE-2007-3560
+CVE-2007-3560 (Multiple unspecified vulnerabilities in Esqlanelapse before 2.6 have u ...)
 	NOT-FOR-US: Esqlanelapse
-CVE-2007-3559
+CVE-2007-3559 (Cross-site scripting (XSS) vulnerability in infusions/shoutbox_panel/s ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2007-3558
+CVE-2007-3558 (SQL injection vulnerability in Coppermine Photo Gallery (CPG) before 1 ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-3557
+CVE-2007-3557 (SQL injection vulnerability in admin/login.php in Wheatblog (wB) 1.1,  ...)
 	NOT-FOR-US: Wheatblog
-CVE-2007-3556
+CVE-2007-3556 (Liesbeth base CMS stores sensitive information under the web root with ...)
 	NOT-FOR-US: Liesbeth
-CVE-2007-3555
+CVE-2007-3555 (Cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1  ...)
 	{DSA-1691-1}
 	- moodle 1.8.2-1 (low; bug #432264)
-CVE-2007-3554
+CVE-2007-3554 (Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control  ...)
 	NOT-FOR-US: HP
-CVE-2007-3553
+CVE-2007-3553 (Cross-site scripting (XSS) vulnerability in Rapid Install Web Server i ...)
 	NOT-FOR-US: Oracle
-CVE-2007-3552
+CVE-2007-3552 (Multiple unspecified vulnerabilities in bbs100 before 3.2 allow remote ...)
 	NOT-FOR-US: bbs100
-CVE-2007-3551
+CVE-2007-3551 (Buffer overflow in bbs100 before 3.2 allows remote attackers to cause  ...)
 	NOT-FOR-US: bbs100
 CVE-2007-3550
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3549
+CVE-2007-3549 (SQL injection vulnerability in view_sub_cat.php in Buddy Zone 1.5 allo ...)
 	NOT-FOR-US: Buddy Zone
-CVE-2007-3548
+CVE-2007-3548 (Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers ...)
 	NOT-FOR-US: W3Filer
-CVE-2007-3547
+CVE-2007-3547 (Directory traversal vulnerability in qti_checkname.php in QuickTicket  ...)
 	NOT-FOR-US: QuickTicket
-CVE-2007-3546
+CVE-2007-3546 (Cross-site scripting (XSS) vulnerability in the Windows GUI in Nessus  ...)
 	NOT-FOR-US: Nessus Windows GUI
-CVE-2007-3545
+CVE-2007-3545 (Buffer overflow in Warzone 2100 Resurrection before 2.0.7 allows remot ...)
 	NOT-FOR-US: Warzone
-CVE-2007-3544
+CVE-2007-3544 (Unrestricted file upload vulnerability in (1) wp-app.php and (2) app.p ...)
 	- wordpress 2.2.2-1
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
-CVE-2007-3543
+CVE-2007-3543 (Unrestricted file upload vulnerability in WordPress before 2.2.1 and W ...)
 	- wordpress 2.2.1-1
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
-CVE-2007-3542
+CVE-2007-3542 (Cross-site scripting (XSS) vulnerability in admin/auth.php in Pluxml 0 ...)
 	NOT-FOR-US: Pluxml
-CVE-2007-3541
+CVE-2007-3541 (Cross-site scripting (XSS) vulnerability in Kurinton sHTTPd 20070408 a ...)
 	NOT-FOR-US: Kurinton sHTTPd
-CVE-2007-3540
+CVE-2007-3540 (Multiple cross-site scripting (XSS) vulnerabilities in search.asp in r ...)
 	NOT-FOR-US: rwAuction
-CVE-2007-3539
+CVE-2007-3539 (Multiple SQL injection vulnerabilities in QuickTicket 1.2 build:200706 ...)
 	NOT-FOR-US: QuickTicket
-CVE-2007-3538
+CVE-2007-3538 (SQL injection vulnerability in qtg_msg_view.php in QuickTalk guestbook ...)
 	NOT-FOR-US: QuickTalk
-CVE-2007-3537
+CVE-2007-3537 (IBM OS/400 (aka i5/OS) V4R2M0 through V5R3M0 on iSeries machines sends ...)
 	NOT-FOR-US: IBM OS/400
-CVE-2007-3536
+CVE-2007-3536 (Multiple buffer overflows in the AMX NetLinx VNC (AmxVnc) ActiveX cont ...)
 	NOT-FOR-US: AMX NetLinx VNC
-CVE-2007-3535
+CVE-2007-3535 (Multiple directory traversal vulnerabilities in GL-SH Deaf Forum 6.4.4 ...)
 	NOT-FOR-US: GL-SH Deaf Forum
-CVE-2007-3534
+CVE-2007-3534 (SQL injection vulnerability in login.php in WebChat 0.78 allows remote ...)
 	NOT-FOR-US: WebChat
-CVE-2007-3533
+CVE-2007-3533 (The 3Com IntelliJack Switch NJ220 before 2.0.23 allows remote attacker ...)
 	NOT-FOR-US: 3Com
-CVE-2007-3532
+CVE-2007-3532 (NVIDIA drivers (nvidia-drivers) before 1.0.7185, 1.0.9639, and 100.14. ...)
 	- nvidia-kernel-common 20051028+1-0.1 (bug #434398; low)
 	[sarge] - nvidia-kernel-common <no-dsa> (Contrib and non-free not supported)
 	[etch] - nvidia-kernel-common <no-dsa> (Contrib and non-free not supported)
-CVE-2007-3531
+CVE-2007-3531 (The set_default_speeds function in backend/backend.c in NVidia NVClock ...)
 	- nvclock 0.8b-1 (low)
-CVE-2007-3530
+CVE-2007-3530 (PHPDirector 0.21 and earlier stores the admin account name and passwor ...)
 	NOT-FOR-US: PHPDirector
-CVE-2007-3529
+CVE-2007-3529 (videos.php in PHPDirector 0.21 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: PHPDirector
-CVE-2007-3528
+CVE-2007-3528 (The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptogra ...)
 	- dar 2.3.3-1 (low; bug #425335)
 	[etch] - dar <no-dsa> (Minor issue)
 	[sarge] - dar <no-dsa> (Minor issue)
-CVE-2007-3527
+CVE-2007-3527 (Integer overflow in Firebird 2.0.0 allows remote authenticated users t ...)
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (bug #441405)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed>
-CVE-2007-3526
+CVE-2007-3526 (Multiple SQL injection vulnerabilities in Buddy Zone 1.5 and earlier a ...)
 	NOT-FOR-US: Buddy Zone
-CVE-2007-3525
+CVE-2007-3525 (Ripe Website Manager 0.8.9 and earlier allows remote attackers to obta ...)
 	NOT-FOR-US: Ripe Website Manager
-CVE-2007-3524
+CVE-2007-3524 (Multiple PHP remote file inclusion vulnerabilities in Ripe Website Man ...)
 	NOT-FOR-US: Ripe Website Manager
-CVE-2007-3523
+CVE-2007-3523 (Multiple directory traversal vulnerabilities in Module/Galerie.php in  ...)
 	NOT-FOR-US: XCMS
-CVE-2007-3522
+CVE-2007-3522 (Multiple PHP remote file inclusion vulnerabilities in sPHPell 1.01 all ...)
 	NOT-FOR-US: sPHPell
-CVE-2007-3521
+CVE-2007-3521 (SQL injection vulnerability in ArcadeBuilder Game Portal Manager 1.7 a ...)
 	NOT-FOR-US: ArcadeBuilder Game Portal Manager
-CVE-2007-3520
+CVE-2007-3520 (SQL injection vulnerability in process.php in Easybe 1-2-3 Music Store ...)
 	NOT-FOR-US: Easybe
-CVE-2007-3519
+CVE-2007-3519 (SQL injection vulnerability in eventdisplay.php in phpEventCalendar 0. ...)
 	NOT-FOR-US: phpEventCalendar
-CVE-2007-3518
+CVE-2007-3518 (SQL injection vulnerability in msg.php in HispaH YouTube Clone Script  ...)
 	NOT-FOR-US: HispaH YouTube Clone Script
-CVE-2007-3517
+CVE-2007-3517 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.3 ...)
 	NOT-FOR-US: Claroline
-CVE-2007-3516
+CVE-2007-3516 (Multiple cross-site scripting (XSS) vulnerabilities in kayit.asp in Go ...)
 	NOT-FOR-US: Gorki Online Santrac Sitesi
-CVE-2007-3515
+CVE-2007-3515 (SQL injection vulnerability in view_event.php in TotalCalendar 2.402 a ...)
 	NOT-FOR-US: TotalCalendar
-CVE-2007-3514
+CVE-2007-3514 (Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows re ...)
 	NOT-FOR-US: Apple Safari
-CVE-2007-3513
+CVE-2007-3513 (The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kerne ...)
 	{DSA-1356-1}
 	- linux-2.6 2.6.22-1
 	NOTE: Fixed in commit 5afeb104e7901168b21aad0437fb51dc620dfdd3
 	NOTE: in Linus' tree.
-CVE-2007-3512
+CVE-2007-3512 (Stack-based buffer overflow in Lhaca File Archiver before 1.22 allows  ...)
 	NOT-FOR-US: Lhaca
-CVE-2007-3511
+CVE-2007-3511 (The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12 ...)
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1 (bug #438873; low)
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5
 	NOTE: MFSA2007-32
-CVE-2007-3510
+CVE-2007-3510 (Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 F ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-3509
+CVE-2007-3509 (Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exe ...)
 	NOT-FOR-US: Symantec
 CVE-2007-3508
 	- glibc 2.6-2 (unimportant; bug #431858)
 	NOTE: Not security-relevant
-CVE-2007-3507
+CVE-2007-3507 (Stack-based buffer overflow in the local__vcentry_parse_value function ...)
 	- flac123 0.0.11-1 (low; bug #432008)
 	[etch] - flac123 <no-dsa> (Minor issue)
-CVE-2007-3506
+CVE-2007-3506 (The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType ...)
 	- freetype 2.3.4 (bug #432013)
 	[sarge] - freetype <not-affected> (Vulnerable code introduced in 2.3.x)
 	[etch] - freetype <not-affected> (Vulnerable code introduced in 2.3.x)
 	[lenny] - freetype <not-affected> (Vulnerable code introduced in 2.3.x)
-CVE-2007-3505
+CVE-2007-3505 (Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 al ...)
 	NOT-FOR-US: QuickTalk forum
-CVE-2007-3504
+CVE-2007-3504 (Directory traversal vulnerability in the PersistenceService in Sun Jav ...)
 	- sun-java5 <not-affected>
 	NOTE: Sun Alert ID 102957 says issue is Windows only
-CVE-2007-3503
+CVE-2007-3503 (The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML  ...)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- sun-java5 1.5.0-12-1
 	[etch] - sun-java6 <no-dsa> (non-free)
 	- sun-java6 6-01-1 (bug #432006)
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-3502
+CVE-2007-3502 (Unspecified vulnerability in the web-based product configuration syste ...)
 	NOT-FOR-US: Kaspersky Anti-Spam
-CVE-2007-3501
+CVE-2007-3501 (Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAd ...)
 	NOT-FOR-US: DirectAdmin
-CVE-2007-3500
+CVE-2007-3500 (Xeweb XEForum allows remote attackers to gain privileges via a modifie ...)
 	NOT-FOR-US: Xeweb XEForum
-CVE-2007-3499
+CVE-2007-3499 (SlackRoll before 8 accepts gpg exit codes other than 0 and 1 as eviden ...)
 	NOT-FOR-US: SlackRoll
-CVE-2007-3498
+CVE-2007-3498 (Cross-site scripting (XSS) vulnerability in smoketests/configForm.php  ...)
 	NOT-FOR-US: HTML Purifier
-CVE-2007-3497
+CVE-2007-3497 (Microsoft Internet Explorer 7 allows remote attackers to determine the ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3496
+CVE-2007-3496 (Cross-site scripting (XSS) vulnerability in SAP Web Dynpro Java (BC-WD ...)
 	NOT-FOR-US: SAP Web Dynpro Java
-CVE-2007-3495
+CVE-2007-3495 (Multiple cross-site scripting (XSS) vulnerabilities in the SAP Interne ...)
 	NOT-FOR-US: SAP Internet Communication Framework
-CVE-2007-3494
+CVE-2007-3494 (Papoo CMS 3.6, and possibly earlier, does not verify user privileges w ...)
 	NOT-FOR-US: Papoo CMS
-CVE-2007-3493
+CVE-2007-3493 (A certain ActiveX control in NCTWavChunksEditor2.dll 2.6.1.148 in NCTA ...)
 	NOT-FOR-US: NCTAudioStudio
-CVE-2007-3492
+CVE-2007-3492 (Conti FtpServer 1.0 allows remote authenticated users to cause a denia ...)
 	NOT-FOR-US: Conti FtpServer
-CVE-2007-3491
+CVE-2007-3491 (Buffer overflow in _mprosrv in Progress Software OpenEdge before 9.1E0 ...)
 	NOT-FOR-US: Progress Software OpenEdge
-CVE-2007-3490
+CVE-2007-3490 (Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote at ...)
 	NOT-FOR-US: Microsoft Excel 2003 SP2
-CVE-2007-3489
+CVE-2007-3489 (Cross-site request forgery (CSRF) vulnerability in pop/WizU.html in th ...)
 	NOT-FOR-US: Check Point VPN-1 Edge X
-CVE-2007-3488
+CVE-2007-3488 (Heap-based buffer overflow in the viewer ActiveX control in Sony Netwo ...)
 	NOT-FOR-US: Sony Network Camera SNC-P5 1.0
-CVE-2007-3487
+CVE-2007-3487 (Absolute path traversal in a certain ActiveX control in hpqxml.dll 2.0 ...)
 	NOT-FOR-US: Hewlett-Packard (HP) Photo Digital Imaging ActiveX control
-CVE-2007-3486
+CVE-2007-3486 (Cross-site scripting (XSS) vulnerability in AltaVista search engine al ...)
 	NOT-FOR-US: AltaVista
-CVE-2007-3485
+CVE-2007-3485 (Multiple cross-site scripting (XSS) vulnerabilities in Yandex.Server a ...)
 	NOT-FOR-US: Yandex.Server
 CVE-2007-3484
 	NOT-FOR-US: Google Custom Search Engine
-CVE-2007-3483
+CVE-2007-3483 (Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a  ...)
 	NOT-FOR-US: BlackBerry Enterprise Server
-CVE-2007-3482
+CVE-2007-3482 (Cross-domain vulnerability in Apple Safari for Windows 3.0.1 allows re ...)
 	NOT-FOR-US: Apple Safari
 CVE-2007-3481
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3480
+CVE-2007-3480 (PCSoft WinDEV 11 (01F110053p) allows user-assisted remote attackers to ...)
 	NOT-FOR-US: PCSoft WinDEV
-CVE-2007-3479
+CVE-2007-3479 (Stack-based buffer overflow in PCSoft WinDEV 11 (01F110053p) allows us ...)
 	NOT-FOR-US: PCSoft WinDEV
-CVE-2007-3478
+CVE-2007-3478 (Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in th ...)
 	- libgd2 2.0.35.dfsg-1 (unimportant)
 	NOTE: this is a crash, and does not seem to be attacker controlled.
-CVE-2007-3477
+CVE-2007-3477 (The (a) imagearc and (b) imagefilledarc functions in GD Graphics Libra ...)
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (low)
 	- libwmf <unfixed>  (unimportant)
 	- racket 5.0.2-1 (unimportant; bug #601525)
 	NOTE: Only present in one of the sample pl-scheme packages (plot)
 	NOTE: CPU consumption DoS
-CVE-2007-3476
+CVE-2007-3476 (Array index error in gd_gif_in.c in the GD Graphics Library (libgd) be ...)
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (low)
 	- libwmf <unfixed> (unimportant)
 	- racket 5.0.2-1 (unimportant; bug #601525)
 	NOTE: Only present in one of the sample pl-scheme packages (plot)
 	NOTE: can write a 0 to a 4k window in heap, very unlikely to be controllable.
-CVE-2007-3475
+CVE-2007-3475 (The GD Graphics Library (libgd) before 2.0.35 allows user-assisted rem ...)
 	- libgd2 2.0.35.dfsg-1 (unimportant)
 	NOTE: out-of-band memory read, does not appear attacker controlled.
-CVE-2007-3474
+CVE-2007-3474 (Multiple unspecified vulnerabilities in the GIF reader in the GD Graph ...)
 	NOTE: appears to be prophylactic dup of CVE-2007-3476.
-CVE-2007-3473
+CVE-2007-3473 (The gdImageCreateXbm function in the GD Graphics Library (libgd) befor ...)
 	- libgd2 2.0.35.dfsg-1 (unimportant)
 	NOTE: this is only a NULL deref crash (same as CVE-2007-3472)
-CVE-2007-3472
+CVE-2007-3472 (Integer overflow in gdImageCreateTrueColor function in the GD Graphics ...)
 	- libgd2 2.0.35.dfsg-1 (unimportant)
 	NOTE: this is only a NULL deref crash.
-CVE-2007-3471
+CVE-2007-3471 (Buffer overflow in the dtsession Common Desktop Environment (CDE) Sess ...)
 	NOT-FOR-US: Sun Solaris dtsession
-CVE-2007-3470
+CVE-2007-3470 (Multiple unspecified vulnerabilities in the KSSL kernel module in Sun  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-3469
+CVE-2007-3469 (Unspecified vulnerability in the TCP Loopback/Fusion implementation in ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-3468
+CVE-2007-3468 (input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attac ...)
 	{DSA-1332-1}
 	- vlc 0.8.6.c.debian-1 (bug #429726)
-CVE-2007-3467
+CVE-2007-3467 (Integer overflow in the __status_Update function in stats.c VideoLAN V ...)
 	{DSA-1332-1}
 	- vlc 0.8.6.c-1 (bug #429726)
 CVE-2007-3466
 	RESERVED
-CVE-2007-3465
+CVE-2007-3465 (Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7. ...)
 	NOT-FOR-US: Check Point SofaWare Safe
-CVE-2007-3464
+CVE-2007-3464 (Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7. ...)
 	NOT-FOR-US: Check Point SofaWare Safe
 CVE-2007-3463
 	NOT-FOR-US: Microsoft Windows XP SP2
-CVE-2007-3462
+CVE-2007-3462 (Cross-site request forgery (CSRF) vulnerability in Check Point SofaWar ...)
 	NOT-FOR-US: Check Point SofaWare Safe
-CVE-2007-3461
+CVE-2007-3461 (SQL injection vulnerability in property.php in elkagroup Image Gallery ...)
 	NOT-FOR-US: elkagroup Image Gallery
-CVE-2007-3460
+CVE-2007-3460 (Multiple PHP remote file inclusion vulnerabilities in index.php3 in EV ...)
 	NOT-FOR-US: EVA-Web
-CVE-2007-3459
+CVE-2007-3459 (A certain ActiveX control in Avaxswf.dll 1.0.0.1 in Civitech Avax Vect ...)
 	NOT-FOR-US: Civitech Avax Vector
-CVE-2007-3458
+CVE-2007-3458 (The libsldap library in Sun Solaris 8, 9, and 10 allows local users to ...)
 	NOT-FOR-US: Sun Solaris libsldap
-CVE-2007-3457
+CVE-2007-3457 (Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP  ...)
 	- flashplugin-nonfree 9.0.48.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (non-free not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (non-free not supported)
-CVE-2007-3456
+CVE-2007-3456 (Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allo ...)
 	- flashplugin-nonfree 9.0.48.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (non-free not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (non-free not supported)
-CVE-2007-3455
+CVE-2007-3455 (cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micro OfficeScan Corpora ...)
 	NOT-FOR-US: Trend Micro OfficeScan Corporate Edition
-CVE-2007-3454
+CVE-2007-3454 (Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Tre ...)
 	NOT-FOR-US: Trend Micro OfficeScan Corporate Edition
-CVE-2007-3453
+CVE-2007-3453 (SQL injection vulnerability in Papoo 3.6, and possibly earlier, allows ...)
 	NOT-FOR-US: Papoo
-CVE-2007-3452
+CVE-2007-3452 (SQL injection vulnerability in essentials/minutes/doc.php in eDocStore ...)
 	NOT-FOR-US: eDocStore
-CVE-2007-3451
+CVE-2007-3451 (PHP remote file inclusion vulnerability in admin/index.php in 6ALBlog  ...)
 	NOT-FOR-US: 6ALBlog
-CVE-2007-3450
+CVE-2007-3450 (SQL injection vulnerability in member.php in 6ALBlog allows remote att ...)
 	NOT-FOR-US: 6ALBlog
-CVE-2007-3449
+CVE-2007-3449 (SQL injection vulnerability in member.php in 6ALBlog allows remote att ...)
 	NOT-FOR-US: 6ALBlog
-CVE-2007-3448
+CVE-2007-3448 (Cross-site scripting (XSS) vulnerability in index.php in BugMall Shopp ...)
 	NOT-FOR-US: BugMall Shopping Cart
-CVE-2007-3447
+CVE-2007-3447 (SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier a ...)
 	NOT-FOR-US: BugMall Shopping Cart
-CVE-2007-3446
+CVE-2007-3446 (BugMall Shopping Cart 2.5 and earlier has a default username "demo" an ...)
 	NOT-FOR-US: BugMall Shopping Cart
-CVE-2007-3445
+CVE-2007-3445 (Buffer overflow in SJ Labs SJphone 1.60.303c, running under Windows Mo ...)
 	NOT-FOR-US: SJphone
-CVE-2007-3444
+CVE-2007-3444 (The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows r ...)
 	NOT-FOR-US: BlackBerry 7270
-CVE-2007-3443
+CVE-2007-3443 (The Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 does  ...)
 	NOT-FOR-US: BlackBerry 7270
-CVE-2007-3442
+CVE-2007-3442 (Format string vulnerability on the Research in Motion BlackBerry 7270  ...)
 	NOT-FOR-US: BlackBerry 7270
-CVE-2007-3441
+CVE-2007-3441 (Format string vulnerability in the Aastra 9112i SIP Phone with firmwar ...)
 	NOT-FOR-US: Aastra 9112i SIP Phone
-CVE-2007-3440
+CVE-2007-3440 (The Snom 320 SIP Phone, running snom320 linux 3.25, snom320-SIP 6.2.3, ...)
 	NOT-FOR-US: Snom 320 SIP Phone
-CVE-2007-3439
+CVE-2007-3439 (The Snom 320 SIP Phone, running snom320 linux 3.25, snom320-SIP 6.2.3, ...)
 	NOT-FOR-US: Snom 320 SIP Phone
-CVE-2007-3438
+CVE-2007-3438 (Buffer overflow in the SIP header parsing module in the Nortel PC Clie ...)
 	NOT-FOR-US: Nortel PC Client SIP Soft Phone
-CVE-2007-3437
+CVE-2007-3437 (AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attac ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2007-3436
+CVE-2007-3436 (Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to c ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3435
+CVE-2007-3435 (Stack-based buffer overflow in the BeginPrint method in a certain Acti ...)
 	NOT-FOR-US: BarCodeAx.dll
-CVE-2007-3434
+CVE-2007-3434 (index.php in Pharmacy System 2 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Pharmacy System
-CVE-2007-3433
+CVE-2007-3433 (SQL injection vulnerability in index.php in Pharmacy System 2 and earl ...)
 	NOT-FOR-US: Pharmacy System
-CVE-2007-3432
+CVE-2007-3432 (Unrestricted file upload vulnerability in admin/images.php in Pluxml 0 ...)
 	NOT-FOR-US: Pluxml
-CVE-2007-3431
+CVE-2007-3431 (PHP remote file inclusion vulnerability in cal.func.php in Valerio Cap ...)
 	NOT-FOR-US: Dagger
-CVE-2007-3430
+CVE-2007-3430 (SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 ...)
 	NOT-FOR-US: Simple Invoices
-CVE-2007-3429
+CVE-2007-3429 (Unrestricted file upload vulnerability in signup.php in e107 0.7.8 and ...)
 	NOT-FOR-US: e107
-CVE-2007-3428
+CVE-2007-3428 (Multiple unspecified vulnerabilities in phpTrafficA before 1.4.2 allow ...)
 	NOT-FOR-US: phpTrafficA
-CVE-2007-3427
+CVE-2007-3427 (SQL injection vulnerability in index.php in phpTrafficA 1.4.2 and earl ...)
 	NOT-FOR-US: phpTrafficA
-CVE-2007-3426
+CVE-2007-3426 (Cross-site scripting (XSS) vulnerability in index.php in phpTrafficA 1 ...)
 	NOT-FOR-US: phpTrafficA
-CVE-2007-3425
+CVE-2007-3425 (Directory traversal vulnerability in index.php in phpTrafficA 1.4.2 an ...)
 	NOT-FOR-US: phpTrafficA
-CVE-2007-3424
+CVE-2007-3424 (The moveim function in cgi-bin/cgi-lib/instantmessage.pl in web-app.or ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-3423
+CVE-2007-3423 (cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-3422
+CVE-2007-3422 (The getcgi function in cgi-bin/cgi-lib/subs.pl in web-app.org WebAPP b ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-3421
+CVE-2007-3421 (The (1) login, (2) admin profile edit, (3) reminder, (4) edit profile, ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-3420
+CVE-2007-3420 (The Random Cookie Password functionality in the loaduser function in c ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-3419
+CVE-2007-3419 (The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org We ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-3418
+CVE-2007-3418 (The displaypost function in cgi-bin/cgi-lib/forum_display.pl in web-ap ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-3417
+CVE-2007-3417 (Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/cgi-lib ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-3416
+CVE-2007-3416 (Multiple cross-site request forgery (CSRF) vulnerabilities in the admi ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-3415
+CVE-2007-3415 (Multiple SQL injection vulnerabilities in index.php in phpRaider 1.0.0 ...)
 	NOT-FOR-US: phpRaider
-CVE-2007-3414
+CVE-2007-3414 (Multiple cross-site scripting (XSS) vulnerabilities in access2asp 4.5  ...)
 	NOT-FOR-US: access2asp
-CVE-2007-3413
+CVE-2007-3413 (Multiple cross-site scripting (XSS) vulnerabilities in bosDataGrid 2.5 ...)
 	NOT-FOR-US: bosDataGrid
-CVE-2007-3412
+CVE-2007-3412 (Cross-site scripting (XSS) vulnerability in edit_image.asp in ClickGal ...)
 	NOT-FOR-US: ClickGallery Server
-CVE-2007-3411
+CVE-2007-3411 (SQL injection vulnerability in edit_image.asp in ClickGallery Server 5 ...)
 	NOT-FOR-US: ClickGallery Server
-CVE-2007-3410
+CVE-2007-3410 (Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue  ...)
 	- helix-player <not-affected> (Debian versions of Helix player not affected according to maintainer)
-CVE-2007-3409
+CVE-2007-3409 (Net::DNS before 0.60, a Perl module, allows remote attackers to cause  ...)
 	{DSA-1515-1}
 	- libnet-dns-perl 0.60-1 (low)
-CVE-2007-3408
+CVE-2007-3408 (Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspe ...)
 	- dia <not-affected> (Windows packaging with bundled FreeType libs)
-CVE-2007-3407
+CVE-2007-3407 (Sergey Lyubka Simple HTTPD (shttpd) 1.38 allows remote attackers to ob ...)
 	NOT-FOR-US: Simple HTTPD
-CVE-2007-3406
+CVE-2007-3406 (Multiple absolute path traversal vulnerabilities in Microsoft Internet ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3405
+CVE-2007-3405 (Multiple cross-site scripting (XSS) vulnerabilities in defter_yaz.asp  ...)
 	NOT-FOR-US: Lebisoft zdefter
-CVE-2007-3404
+CVE-2007-3404 (Directory traversal vulnerability in ShowImage.php in SiteDepth CMS 3. ...)
 	NOT-FOR-US: SiteDepth CMS
-CVE-2007-3403
+CVE-2007-3403 (Unrestricted file upload vulnerability in upload.php in dreamLog (aka  ...)
 	NOT-FOR-US: dreamLog
-CVE-2007-3402
+CVE-2007-3402 (SQL injection vulnerability in index.php in pagetool 1.07 allows remot ...)
 	NOT-FOR-US: pagetool
-CVE-2007-3401
+CVE-2007-3401 (PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB ...)
 	NOT-FOR-US: B1GBB
-CVE-2007-3400
+CVE-2007-3400 (The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as d ...)
 	NOT-FOR-US: NCTAudioEditor2 ActiveX control
-CVE-2007-3399
+CVE-2007-3399 (SQL injection vulnerability in include/get_userdata.php in Power Phlog ...)
 	NOT-FOR-US: Power Phlogger
-CVE-2007-3398
+CVE-2007-3398 (LiteWEB 2.7 allows remote attackers to cause a denial of service (hang ...)
 	NOT-FOR-US: LiveWEB
-CVE-2007-3397
+CVE-2007-3397 (The web container in IBM WebSphere Application Server (WAS) before 6.0 ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-3396
+CVE-2007-3396 (Cross-site scripting (XSS) vulnerability in index.wkf in KeyFocus (KF) ...)
 	NOT-FOR-US: KeyFocus
 CVE-2007-3395
 	REJECTED
-CVE-2007-3394
+CVE-2007-3394 (Multiple SQL injection vulnerabilities in eNdonesia 8.4 allow remote a ...)
 	NOT-FOR-US: eNdonesia
-CVE-2007-3388
+CVE-2007-3388 (Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdata ...)
 	{DSA-1426-1}
 	- qt-x11-free 3:3.3.7-6
 	- qt4-x11 <not-affected> (This problem is not present in any version of Qt 4)
 	NOTE: http://web.archive.org/web/20080206133848/http://trolltech.com:80/company/newsroom/announcements/press.2007-07-27.7503755960
-CVE-2007-3387
+CVE-2007-3387 (Integer overflow in the StreamPredictor::StreamPredictor function in x ...)
 	{DSA-1357-1 DSA-1355-1 DSA-1354-1 DSA-1352-1 DSA-1350-1 DSA-1349-1 DSA-1348-1 DSA-1347-1 DTSA-49-1 DTSA-50-1 DTSA-54-1 DTSA-62-1}
 	- poppler 0.5.4-6.1 (bug #435460)
 	- gpdf <removed>
@@ -8019,406 +8019,406 @@ CVE-2007-3387
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
 	- ipe <not-affected> (Does not include the vulnerable code)
 	- swftools 0.9.2+ds1-2
-CVE-2007-3386
+CVE-2007-3386 (Cross-site scripting (XSS) vulnerability in the Host Manager Servlet f ...)
 	{DSA-1447-1}
 	- tomcat5.5 5.5.25-1
-CVE-2007-3385
+CVE-2007-3385 (Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 ...)
 	{DSA-1453-1 DSA-1447-1}
 	- tomcat5.5 5.5.25-1
 	- tomcat5 <removed>
-CVE-2007-3384
+CVE-2007-3384 (Multiple cross-site scripting (XSS) vulnerabilities in examples/servle ...)
 	NOT-FOR-US: tomcat 3.3
-CVE-2007-3383
+CVE-2007-3383 (Cross-site scripting (XSS) vulnerability in SendMailServlet in the exa ...)
 	- tomcat4 <removed> (low)
 	[sarge] - tomcat4 <no-dsa> (Contrib not supported)
 	NOTE: affects example app in tomcat4-webapps
-CVE-2007-3382
+CVE-2007-3382 (Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 ...)
 	{DSA-1453-1 DSA-1447-1}
 	- tomcat5.5 5.5.25-1
 	- tomcat5 <removed>
-CVE-2007-3381
+CVE-2007-3381 (The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x b ...)
 	- gdm 2.18.4-1 (low)
 	[sarge] - gdm <no-dsa> (Minor issue)
 	[etch] - gdm <no-dsa> (Minor issue)
-CVE-2007-3380
+CVE-2007-3380 (The Distributed Lock Manager (DLM) in the cluster manager for Linux ke ...)
 	- linux-2.6 2.6.23-1
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2007-3379
+CVE-2007-3379 (Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (R ...)
 	- linux-2.6 <not-affected> (Red Hat-specific vulnerability)
-CVE-2007-3378
+CVE-2007-3378 (The (1) session_save_path, (2) ini_set, and (3) error_log functions in ...)
 	- php4 <removed> (unimportant)
 	- php5 5.2.4-1 (unimportant)
-CVE-2007-3377
+CVE-2007-3377 (Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predic ...)
 	{DSA-1515-1}
 	- libnet-dns-perl 0.60-1 (low)
-CVE-2007-3376
+CVE-2007-3376 (Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows user-as ...)
 	NOT-FOR-US: Apple Safari
-CVE-2007-3375
+CVE-2007-3375 (Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows  ...)
 	NOT-FOR-US: Lhaca
-CVE-2007-3374
+CVE-2007-3374 (Buffer overflow in cluster/cman/daemon/daemon.c in cman (redhat-cluste ...)
 	- redhat-cluster <not-affected> (Just relevant in newer versions, we don't ship this file)
-CVE-2007-3373
+CVE-2007-3373 (daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear ...)
 	- redhat-cluster <not-affected> (Just relevant in newer versions, we don't ship this file)
-CVE-2007-3389
+CVE-2007-3389 (Wireshark before 0.99.6 allows remote attackers to cause a denial of s ...)
 	- wireshark 0.99.6pre1-1
 	[etch] - wireshark <not-affected> (Only affected 0.99.5)
 	- ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-3390
+CVE-2007-3390 (Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain sys ...)
 	{DSA-1322-1}
 	- wireshark 0.99.6pre1-1
 	- ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-3391
+CVE-2007-3391 (Wireshark 0.99.5 allows remote attackers to cause a denial of service  ...)
 	- wireshark 0.99.6pre1-1
 	[etch] - wireshark <not-affected> (Only affected 0.99.5)
 	- ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-3392
+CVE-2007-3392 (Wireshark before 0.99.6 allows remote attackers to cause a denial of s ...)
 	{DSA-1322-1}
 	- wireshark 0.99.6pre1-1
 	- ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-3393
+CVE-2007-3393 (Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99. ...)
 	{DSA-1322-1}
 	- wireshark 0.99.6pre1-1
 	- ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-3372
+CVE-2007-3372 (The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a de ...)
 	{DSA-1690-1}
 	- avahi 0.6.20-2 (low)
 	[etch] - avahi <no-dsa> (Minor issue, only affects local users)
-CVE-2007-3371
+CVE-2007-3371 (PHP remote file inclusion vulnerability in plugins/widgets/htmledit/ht ...)
 	NOT-FOR-US: Powl
-CVE-2007-3370
+CVE-2007-3370 (Multiple PHP remote file inclusion vulnerabilities in Sun Board 1.00.0 ...)
 	NOT-FOR-US: Sun Board
-CVE-2007-3369
+CVE-2007-3369 (Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootRO ...)
 	NOT-FOR-US: Polycom SoundPoint IP 601 SIP phone
-CVE-2007-3368
+CVE-2007-3368 (Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 SI ...)
 	NOT-FOR-US: Polycom SoundPoint IP 601 SIP phone
-CVE-2007-3367
+CVE-2007-3367 (Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before ...)
 	NOT-FOR-US: cPanel
-CVE-2007-3366
+CVE-2007-3366 (Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper (scgiwr ...)
 	NOT-FOR-US: cPanel
-CVE-2007-3365
+CVE-2007-3365 (MyServer 0.8.9 and earlier does not properly handle uppercase characte ...)
 	NOT-FOR-US: MyServer
-CVE-2007-3364
+CVE-2007-3364 (Cross-site scripting (XSS) vulnerability in the cgi-bin/post.mscgi sam ...)
 	NOT-FOR-US: MyServer
-CVE-2007-3363
+CVE-2007-3363 (Multiple unspecified vulnerabilities in ageet AGEphone before 1.6.3 al ...)
 	NOT-FOR-US: AGEphone
-CVE-2007-3362
+CVE-2007-3362 (ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the HTC Hy ...)
 	NOT-FOR-US: AGEphone
-CVE-2007-3361
+CVE-2007-3361 (The Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows remot ...)
 	NOT-FOR-US: Nortel PC Client SIP Soft Phone
-CVE-2007-3360
+CVE-2007-3360 (hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitr ...)
 	- ircii-pana <removed> (medium; bug #432120)
 	NOTE: http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=10;filename=bitchx_CVE-2007-3360.patch;att=1;bug=432120
-CVE-2007-3359
+CVE-2007-3359 (Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and ...)
 	NOT-FOR-US: SerWeb
-CVE-2007-3358
+CVE-2007-3358 (PHP remote file inclusion vulnerability in html/load_lang.php in SerWe ...)
 	NOT-FOR-US: SerWeb
-CVE-2007-3357
+CVE-2007-3357 (NetClassifieds Premium Edition does not use encryption for (1) stored  ...)
 	NOT-FOR-US: NetClassifieds Premium Edition
-CVE-2007-3356
+CVE-2007-3356 (NetClassifieds Premium Edition allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: NetClassifieds Premium Edition
-CVE-2007-3355
+CVE-2007-3355 (Multiple cross-site scripting (XSS) vulnerabilities in NetClassifieds  ...)
 	NOT-FOR-US: NetClassifieds Premium Edition
-CVE-2007-3354
+CVE-2007-3354 (Multiple SQL injection vulnerabilities in NetClassifieds Premium Editi ...)
 	NOT-FOR-US: NetClassifieds Premium Edition
 CVE-2007-3353
 	NOT-FOR-US: MyEvent
-CVE-2007-3352
+CVE-2007-3352 (Cross-site scripting (XSS) vulnerability in the preview form in Stephe ...)
 	NOT-FOR-US: Stephen Ostermiller Contact Form
-CVE-2007-3351
+CVE-2007-3351 (The SJPhone SIP soft phone 1.60.303c, when installed on the Dell Axim  ...)
 	NOT-FOR-US: SJPhone SIP
-CVE-2007-3350
+CVE-2007-3350 (AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attac ...)
 	NOT-FOR-US: AIM
-CVE-2007-3349
+CVE-2007-3349 (The Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version 1 ...)
 	NOT-FOR-US: Aastra 9112i SIP Phone
-CVE-2007-3348
+CVE-2007-3348 (The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a de ...)
 	NOT-FOR-US: D-Link DPH-540/DPH-541 phone
-CVE-2007-3347
+CVE-2007-3347 (The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are  ...)
 	NOT-FOR-US: D-Link DPH-540/DPH-541 phone
-CVE-2007-3346
+CVE-2007-3346 (Directory traversal vulnerability in index.php in PHPAccounts 0.5 allo ...)
 	NOT-FOR-US: PHPAccounts
-CVE-2007-3345
+CVE-2007-3345 (Multiple SQL injection vulnerabilities in index.php in PHPAccounts 0.5 ...)
 	NOT-FOR-US: PHPAccounts
-CVE-2007-3344
+CVE-2007-3344 (Multiple cross-site scripting (XSS) vulnerabilities in netjukebox 4.01 ...)
 	NOT-FOR-US: netjukebox
-CVE-2007-3343
+CVE-2007-3343 (Cross-site scripting (XSS) vulnerability in RaidenHTTPD before 2.0.14  ...)
 	NOT-FOR-US: RaidenHTTPD
-CVE-2007-3342
+CVE-2007-3342 (Multiple cross-site scripting (XSS) vulnerabilities in Movable Type (M ...)
 	NOT-FOR-US: Movable Type
-CVE-2007-3341
+CVE-2007-3341 (Unspecified vulnerability in the FTP implementation in Microsoft Inter ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3340
+CVE-2007-3340 (BugHunter HTTP SERVER (httpsv.exe) 1.6.2 allows remote attackers to ca ...)
 	NOT-FOR-US: HTTP Server 1.6.2
-CVE-2007-3339
+CVE-2007-3339 (Multiple cross-site scripting (XSS) vulnerabilities in forum/include/e ...)
 	NOT-FOR-US: ColdFusion
-CVE-2007-3338
+CVE-2007-3338 (Multiple stack-based buffer overflows in Ingres database server 2006 9 ...)
 	NOT-FOR-US: Ingres
-CVE-2007-3337
+CVE-2007-3337 (wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used ...)
 	NOT-FOR-US: Ingres
-CVE-2007-3336
+CVE-2007-3336 (Multiple "pointer overwrite" vulnerabilities in Ingres database server ...)
 	NOT-FOR-US: Ingres
-CVE-2007-3335
+CVE-2007-3335 (Multiple SQL injection vulnerabilities in the admin panel in PHPEcho C ...)
 	NOT-FOR-US: PHPEcho CMS
-CVE-2007-3334
+CVE-2007-3334 (Multiple heap-based buffer overflows in the (1) Communications Server  ...)
 	NOT-FOR-US: Ingres
-CVE-2007-3333
+CVE-2007-3333 (Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and 5.2.0 al ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-3332
+CVE-2007-3332 (Directory traversal vulnerability in Satellite.php in Satel Lite for P ...)
 	NOT-FOR-US: Satel Lite for PhpNuke
-CVE-2007-3331
+CVE-2007-3331 (Cross-site request forgery (CSRF) vulnerability in STphp EasyNews PRO  ...)
 	NOT-FOR-US: STphp EasyNews PRO
-CVE-2007-3330
+CVE-2007-3330 (Cross-site scripting (XSS) vulnerability in STphp EasyNews PRO 4.0 all ...)
 	NOT-FOR-US: STphp EasyNews PRO
-CVE-2007-3329
+CVE-2007-3329 (Multiple array index errors in the (1) get_intra_block, (2) get_inter_ ...)
 	NOT-FOR-US: Xvid
-CVE-2007-3328
+CVE-2007-3328 (Multiple cross-site scripting (XSS) vulnerabilities in Interact 2.4 be ...)
 	NOT-FOR-US: Interact
-CVE-2007-3327
+CVE-2007-3327 (httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain sens ...)
 	NOT-FOR-US: HTTP Server 1.6.2
-CVE-2007-3326
+CVE-2007-3326 (Multiple directory traversal vulnerabilities in vBulletin 3.x.x allow  ...)
 	NOT-FOR-US: vBulletin
-CVE-2007-3325
+CVE-2007-3325 (PHP remote file inclusion vulnerability in lib/language.php in LAN Man ...)
 	NOT-FOR-US: LAN Management System
-CVE-2007-3324
+CVE-2007-3324 (Multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart 7 ...)
 	NOT-FOR-US: Comersus Cart
-CVE-2007-3323
+CVE-2007-3323 (SQL injection vulnerability in comersus_optReviewReadExec.asp in Comer ...)
 	NOT-FOR-US: Comersus Shop Cart
 CVE-2007-4168
 	REJECTED
-CVE-2007-3322
+CVE-2007-3322 (The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP ...)
 	NOT-FOR-US: Avaya IP Phone
-CVE-2007-3321
+CVE-2007-3321 (The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP ...)
 	NOT-FOR-US: Avaya IP Phone
-CVE-2007-3320
+CVE-2007-3320 (The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP  ...)
 	NOT-FOR-US: Avaya IP Phone
-CVE-2007-3319
+CVE-2007-3319 (The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP  ...)
 	NOT-FOR-US: Avaya IP Phone
-CVE-2007-3318
+CVE-2007-3318 (Buffer overflow in the Session Initiation Protocol (SIP) User Access C ...)
 	NOT-FOR-US: Avaya one-X Desktop Edition
-CVE-2007-3317
+CVE-2007-3317 (The Session Initiation Protocol (SIP) User Access Client (UAC) message ...)
 	NOT-FOR-US: Avaya one-X Desktop Edition
-CVE-2007-3316
+CVE-2007-3316 (Multiple format string vulnerabilities in plugins in VideoLAN VLC Medi ...)
 	{DSA-1332-1}
 	- vlc 0.8.6.c-1 (medium; bug #429726)
-CVE-2007-3315
+CVE-2007-3315 (Multiple PHP remote file inclusion vulnerabilities in YourFreeScreamer ...)
 	NOT-FOR-US: YourFreeScreamer
-CVE-2007-3314
+CVE-2007-3314 (Stack-based buffer overflow in peviewer.spl in Altap Servant Salamande ...)
 	NOT-FOR-US: Altap Servant Salamander
-CVE-2007-3313
+CVE-2007-3313 (Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote ...)
 	NOT-FOR-US: Jasmine CMS
-CVE-2007-3312
+CVE-2007-3312 (Directory traversal vulnerability in admin/plugin_manager.php in Jasmi ...)
 	NOT-FOR-US: Jasmine CMS
-CVE-2007-3311
+CVE-2007-3311 (SQL injection vulnerability in print.php in the Articles 1.02 and earl ...)
 	NOT-FOR-US: Articles
-CVE-2007-3310
+CVE-2007-3310 (Cross-site scripting (XSS) vulnerability in arama.asp in TDizin allows ...)
 	NOT-FOR-US: TDizin
-CVE-2007-3309
+CVE-2007-3309 (Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.2 allows  ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2007-3308
+CVE-2007-3308 (Simple Machines Forum (SMF) 1.1.2 uses a concatenation method with ins ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2007-3307
+CVE-2007-3307 (SQL injection vulnerability in game_listing.php in Solar Empire 2.9.1. ...)
 	NOT-FOR-US: Solar Empire
-CVE-2007-3306
+CVE-2007-3306 (PHP remote file inclusion vulnerability in crontab/run_billing.php in  ...)
 	NOT-FOR-US: MiniBill
-CVE-2007-3305
+CVE-2007-3305 (Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1 ...)
 	NOT-FOR-US: Cerulean Studios Trillian
-CVE-2007-3304
+CVE-2007-3304 (Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, al ...)
 	- apache <removed> (low)
 	- apache2 2.2.4-2 (low)
 	[etch] - apache2 2.2.3-4+etch2
 	[sarge] - apache2 2.0.54-5sarge2 (low)
 	[etch] - apache 1.3.34-4.1+etch1
-CVE-2007-3303
+CVE-2007-3303 (Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ...)
 	- apache2 <unfixed> (unimportant)
 	NOTE: If you can execute arbitrary code, a DoS is not a problem.
-CVE-2007-3302
+CVE-2007-3302 (The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3. ...)
 	NOT-FOR-US: CA
-CVE-2007-3301
+CVE-2007-3301 (SQL injection vulnerability in forum/include/error/autherror.cfm in Fu ...)
 	NOT-FOR-US: FuseTalk
-CVE-2007-3300
+CVE-2007-3300 (Multiple F-Secure anti-virus products for Microsoft Windows and Linux  ...)
 	NOT-FOR-US: F-Secure
-CVE-2007-3299
+CVE-2007-3299 (Cross-site scripting (XSS) vulnerability in AWFFull before 3.7.4, when ...)
 	- awffull 3.7.4final-1 (unimportant)
 	NOTE: awffull (a webalizer fork) does not have any cookie based authentication
 	NOTE: or other sensitive data that could be leaked through this
-CVE-2007-3298
+CVE-2007-3298 (SQL injection vulnerability in Spey before 0.4.1 allows remote attacke ...)
 	NOT-FOR-US: Spey
-CVE-2007-3297
+CVE-2007-3297 (Multiple PHP remote file inclusion vulnerabilities in Musoo 0.21 allow ...)
 	NOT-FOR-US: Musoo
-CVE-2007-3296
+CVE-2007-3296 (The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbo ...)
 	NOT-FOR-US: Web Thunderbolt
-CVE-2007-3295
+CVE-2007-3295 (Directory traversal vulnerability in Yet another Bulletin Board (YaBB) ...)
 	NOT-FOR-US: YaBB
-CVE-2007-3294
+CVE-2007-3294 (Multiple buffer overflows in libtidy, as used in the Tidy extension fo ...)
 	- php5 <removed> (unimportant)
 	NOTE: Only exploitable by malicious script
-CVE-2007-3293
+CVE-2007-3293 (SQL injection vulnerability in categoria.php in LiveCMS 3.4 and earlie ...)
 	NOT-FOR-US: LiveCMS
-CVE-2007-3292
+CVE-2007-3292 (Unrestricted file upload vulnerability in LiveCMS 3.4 and earlier allo ...)
 	NOT-FOR-US: LiveCMS
-CVE-2007-3291
+CVE-2007-3291 (Cross-site scripting (XSS) vulnerability in LiveCMS 3.4 and earlier al ...)
 	NOT-FOR-US: LiveCMS
-CVE-2007-3290
+CVE-2007-3290 (categoria.php in LiveCMS 3.4 and earlier allows remote attackers to ob ...)
 	NOT-FOR-US: LiveCMS
-CVE-2007-3289
+CVE-2007-3289 (PHP remote file inclusion vulnerability in spaw/spaw_control.class.php ...)
 	NOT-FOR-US: WiwiMod for XOOPS
-CVE-2007-3288
+CVE-2007-3288 (Cross-site scripting (XSS) vulnerability in the skeltoac stats (Automa ...)
 	NOT-FOR-US: skeltoac stats plugin for WordPress
 CVE-2007-3287
 	RESERVED
-CVE-2007-3286
+CVE-2007-3286 (Multiple buffer overflows in unspecified ActiveX controls in COM objec ...)
 	NOT-FOR-US: Avaya IP Softphone
-CVE-2007-3285
+CVE-2007-3285 (Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote att ...)
 	- iceweasel <not-affected> (Affects only Firefox in Windows)
 	NOTE: MFSA2007-22
-CVE-2007-3284
+CVE-2007-3284 (corefoundation.dll in Apple Safari 3.0.1 (552.12.2) for Windows allows ...)
 	NOT-FOR-US: Apple Safari
-CVE-2007-3283
+CVE-2007-3283 (GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root i ...)
 	- xscreensaver <not-affected> (Not a security issue: works as documented)
-CVE-2007-3282
+CVE-2007-3282 (Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX o ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2007-3281
+CVE-2007-3281 (Cross-site scripting (XSS) vulnerability in index.php in Php Hosting B ...)
 	NOT-FOR-US: Php Hosting Biller
-CVE-2007-3280
+CVE-2007-3280 (The Database Link library (dblink) in PostgreSQL 8.1 implements functi ...)
 	- postgresql-8.1 <not-affected> (Neither PL/pgsql nor dblink are enabled by default)
 	- postgresql-8.2 <not-affected> (Neither PL/pgsql nor dblink are enabled by default)
-CVE-2007-3279
+CVE-2007-3279 (PostgreSQL 8.1 and probably later versions, when the PL/pgSQL (plpgsql ...)
 	- postgresql-8.1 <not-affected> (Neither PL/pgsql nor dblink are enabled by default)
 	- postgresql-8.2 <not-affected> (Neither PL/pgsql nor dblink are enabled by default)
-CVE-2007-3278
+CVE-2007-3278 (PostgreSQL 8.1 and probably later versions, when local trust authentic ...)
 	{DSA-1463-1 DSA-1460-1}
 	- postgresql-8.1 <not-affected> (local trust authentication is not enabled in Debian)
 	- postgresql-8.2 <not-affected> (local trust authentication is not enabled in Debian)
-CVE-2007-3277
+CVE-2007-3277 (Unspecified vulnerability in the localization before 1.2 module for WI ...)
 	NOT-FOR-US: localization module for WIKINDX
-CVE-2007-3276
+CVE-2007-3276 (Cross-site scripting (XSS) vulnerability in index.php in Site@School ( ...)
 	NOT-FOR-US: Site
-CVE-2007-3275
+CVE-2007-3275 (MailWasher Server before 2.2.1, when used with LDAP or Active Director ...)
 	NOT-FOR-US: MailWasher Server
-CVE-2007-3274
+CVE-2007-3274 (Apple Safari 3.0 and 3.0.1 on Windows XP SP2 allows attackers to cause ...)
 	NOT-FOR-US: Apple Safari
-CVE-2007-3273
+CVE-2007-3273 (SQL injection vulnerability in index.cfm in FuseTalk 2.0 allows remote ...)
 	NOT-FOR-US: FuseTalk
-CVE-2007-3272
+CVE-2007-3272 (Directory traversal vulnerability in index.php in MiniBB 2.0.5 allows  ...)
 	NOT-FOR-US: MiniBB
-CVE-2007-3271
+CVE-2007-3271 (PHP remote file inclusion vulnerability in templates/2blue/bodyTemplat ...)
 	NOT-FOR-US: YourFreeScreamer
-CVE-2007-3270
+CVE-2007-3270 (PHP remote file inclusion vulnerability in Includes/global.inc.php in  ...)
 	NOT-FOR-US: phpMyInventory
-CVE-2007-3269
+CVE-2007-3269 (Multiple cross-site scripting (XSS) vulnerabilities in Papoo Light 3.6 ...)
 	NOT-FOR-US: Papoo Light
-CVE-2007-3268
+CVE-2007-3268 (The TFTP implementation in IBM Tivoli Provisioning Manager for OS Depl ...)
 	NOT-FOR-US: IBM Tivoli Provisioning Manager
-CVE-2007-3267
+CVE-2007-3267 (Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum ...)
 	NOT-FOR-US: Fuzzylime Forum
-CVE-2007-3266
+CVE-2007-3266 (Directory traversal vulnerability in webif.cgi in ifnet WEBIF allows r ...)
 	NOT-FOR-US: WEBIF
-CVE-2007-3265
+CVE-2007-3265 (Cross-site scripting (XSS) vulnerability in the Samples component in I ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-3264
+CVE-2007-3264 (Unspecified vulnerability in the PD tools component in IBM WebSphere A ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-3263
+CVE-2007-3263 (Unspecified vulnerability in the Default Messaging Component in IBM We ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-3262
+CVE-2007-3262 (Unspecified vulnerability in the Default Messaging Component in IBM We ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-3261
+CVE-2007-3261 (Cross-site scripting (XSS) vulnerability in widgets/widget_search.php  ...)
 	NOT-FOR-US: dKret
-CVE-2007-3260
+CVE-2007-3260 (HP System Management Homepage (SMH) before 2.1.9 for Linux, when used  ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2007-3259
+CVE-2007-3259 (Calendarix 0.7.20070307 allows remote attackers to obtain sensitive in ...)
 	NOT-FOR-US: Calendarix
-CVE-2007-3258
+CVE-2007-3258 (calendar.php in Calendarix 0.7.20070307 allows remote attackers to obt ...)
 	NOT-FOR-US: Calendarix
-CVE-2007-3257
+CVE-2007-3257 (Camel (camel-imap-folder.c) in the mailer component for Evolution Data ...)
 	{DSA-1325-1 DSA-1321-1}
 	- evolution 2.12.0-1
 	- evolution-data-server 1.10.2-2 (bug #429876)
 	[sarge] - evolution-data-server <not-affected> (Vulnerable code present in a different source package)
-CVE-2007-3256
+CVE-2007-3256 (Xythos Enterprise Document Manager (XEDM), Digital Locker (XDL), and p ...)
 	NOT-FOR-US: Xythos Enterprise Document Manager
-CVE-2007-3255
+CVE-2007-3255 (Multiple cross-site request forgery (CSRF) vulnerabilities in Xythos E ...)
 	NOT-FOR-US: Xythos Enterprise Document Manager
-CVE-2007-3254
+CVE-2007-3254 (Multiple cross-site scripting (XSS) vulnerabilities in Xythos Enterpri ...)
 	NOT-FOR-US: Xythos Enterprise Document Manager
-CVE-2007-3253
+CVE-2007-3253 (Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG)  ...)
 	NOT-FOR-US: Astaro Security Gateway
-CVE-2007-3252
+CVE-2007-3252 (PortalApp stores sensitive information under the web root with insuffi ...)
 	NOT-FOR-US: PortalApp
-CVE-2007-3251
+CVE-2007-3251 (Multiple directory traversal vulnerabilities in e-Vision CMS 2.02 and  ...)
 	NOT-FOR-US: e-Vision CMS
-CVE-2007-3250
+CVE-2007-3250 (SQL injection vulnerability in mod_banners.php in Elxis CMS before 200 ...)
 	NOT-FOR-US: Elxis CMS
-CVE-2007-3249
+CVE-2007-3249 (Cross-site scripting (XSS) vulnerability in mod_lettermansubscribe.php ...)
 	NOT-FOR-US: Letterman Subscriber
-CVE-2007-3248
+CVE-2007-3248 (Unspecified vulnerability in Sun Solaris 10 before 20070614, when IPv6 ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-3247
+CVE-2007-3247 (SQL injection vulnerability in VirtueMart before 1.0.11 allows remote  ...)
 	NOT-FOR-US: VirtueMart
-CVE-2007-3246
+CVE-2007-3246 (The do_set_password function in modules/chanserv/set.c in IRC Services ...)
 	NOT-FOR-US: IRC Services
-CVE-2007-3245
+CVE-2007-3245 (IRC Services before 5.0.62, and 5.1 before 5.1pre3, allows remote atta ...)
 	NOT-FOR-US: IRC Services
-CVE-2007-3244
+CVE-2007-3244 (SQL injection vulnerability in bb-includes/formatting-functions.php in ...)
 	NOT-FOR-US: bbPress
-CVE-2007-3243
+CVE-2007-3243 (Cross-site scripting (XSS) vulnerability in bb-login.php in bbPress 0. ...)
 	NOT-FOR-US: bbPress
-CVE-2007-3242
+CVE-2007-3242 (The Menu Manager Mod for (1) web-app.net WebAPP (aka WebAPP NE) 0.9.9. ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-3241
+CVE-2007-3241 (Cross-site scripting (XSS) vulnerability in blogroll.php in the cordob ...)
 	NOT-FOR-US: cordobo-green-park theme for WordPress
-CVE-2007-3240
+CVE-2007-3240 (Cross-site scripting (XSS) vulnerability in 404.php in the Vistered-Li ...)
 	NOT-FOR-US: Vistered-Little theme for WordPress
-CVE-2007-3239
+CVE-2007-3239 (Cross-site scripting (XSS) vulnerability in searchform.php in the Andy ...)
 	NOT-FOR-US: AndyBlue theme for WordPress
-CVE-2007-3238
+CVE-2007-3238 (Cross-site scripting (XSS) vulnerability in functions.php in the defau ...)
 	{DSA-1502-1}
 	- wordpress 2.2.2-1 (low)
-CVE-2007-3237
+CVE-2007-3237 (PHP remote file inclusion vulnerability in admin/spaw/spaw_control.cla ...)
 	NOT-FOR-US: XOOPS
-CVE-2007-3236
+CVE-2007-3236 (PHP remote file inclusion vulnerability in footer.php in the Horoscope ...)
 	NOT-FOR-US: XOOPS
-CVE-2007-3235
+CVE-2007-3235 (Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum ...)
 	NOT-FOR-US: Fuzzylime Forum
-CVE-2007-3234
+CVE-2007-3234 (SQL injection vulnerability in low.php in Fuzzylime Forum 1.0 allows r ...)
 	NOT-FOR-US: Fuzzylime Forum
-CVE-2007-3233
+CVE-2007-3233 (The TEC-IT TBarCode OCX ActiveX control (TBarCode7.ocx) 7.0.2.3524 all ...)
 	NOT-FOR-US: TEC-IT
-CVE-2007-3232
+CVE-2007-3232 (The IBM TotalStorage DS400 with firmware 4.15 uses a blank password fo ...)
 	NOT-FOR-US: IBM
-CVE-2007-3231
+CVE-2007-3231 (Buffer overflow in MeCab before 0.96 has unknown impact and attack vec ...)
 	- mecab 0.95-1.1 (bug #429174; low)
 	[etch] - mecab <no-dsa> (Minor issue)
 	[sarge] - mecab <no-dsa> (Minor issue)
-CVE-2007-3230
+CVE-2007-3230 (PHP remote file inclusion vulnerability in phphtml.php in Idan Sofer P ...)
 	NOT-FOR-US: PHP::HTML
-CVE-2007-3229
+CVE-2007-3229 (index.php in Singapore Gallery allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: Singapore Gallery
-CVE-2007-3228
+CVE-2007-3228 (PHP remote file inclusion vulnerability in saf/lib/PEAR/PhpDocumentor/ ...)
 	NOT-FOR-US: Sitellite CMS
-CVE-2007-3227
+CVE-2007-3227 (Cross-site scripting (XSS) vulnerability in the to_json (ActiveRecord: ...)
 	- rails 1.2.5-1 (bug #429177)
-CVE-2007-3226
+CVE-2007-3226 (Cross-site scripting (XSS) vulnerability in dotProject before 2.1 RC2  ...)
 	NOT-FOR-US: dotProject
-CVE-2007-3225
+CVE-2007-3225 (Unspecified vulnerability in Sun Java System Directory Server (slapd)  ...)
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2007-3224
+CVE-2007-3224 (Unspecified vulnerability in Sun ONE/Java System Directory Server (sla ...)
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2007-3223
+CVE-2007-3223 (Unspecified vulnerability in the NFS server in Sun Solaris 10 before 2 ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-3222
+CVE-2007-3222 (PHP remote file inclusion vulnerability in modify.php in the XFsection ...)
 	NOT-FOR-US: XOOPS
-CVE-2007-3221
+CVE-2007-3221 (PHP remote file inclusion vulnerability in admin/spaw/spaw_control.cla ...)
 	NOT-FOR-US: XOOPS
-CVE-2007-3220
+CVE-2007-3220 (PHP remote file inclusion vulnerability in admin/editor2/spaw_control. ...)
 	NOT-FOR-US: XOOPS
-CVE-2007-3219
+CVE-2007-3219 (Unspecified vulnerability in sources/action_public/xmlout.php in Invis ...)
 	NOT-FOR-US: Invision Power Board (IPB)
-CVE-2007-3218
+CVE-2007-3218 (Cross-site scripting (XSS) vulnerability in request.php in PHP Live! 3 ...)
 	NOT-FOR-US: PHP Live!
-CVE-2007-3217
+CVE-2007-3217 (Multiple PHP remote file inclusion vulnerabilities in Prototype of an  ...)
 	NOT-FOR-US: Prototype of an PHP application
-CVE-2007-3216
+CVE-2007-3216 (Multiple buffer overflows in the LGServer component of CA (Computer As ...)
 	NOT-FOR-US: CA BrightStor products
-CVE-2007-3215
+CVE-2007-3215 (PHPMailer 1.7, when configured to use sendmail, allows remote attacker ...)
 	{DSA-1315-1}
 	- libphp-phpmailer 1.73-4 (high; bug #429179)
 	- flyspray 0.9.8-12 (bug #429191; bug #429195)
@@ -8439,126 +8439,126 @@ CVE-2007-3215
 	[etch] - phpgroupware <not-affected> (bug #504255; Vulnerable code not used)
 	- phpgroupware 0.9.16.012+dfsg-9 (medium; bug #504255)
 	- egroupware <not-affected> (bug #504283; Vulnerable code not used)
-CVE-2007-3214
+CVE-2007-3214 (SQL injection vulnerability in style.php in e-Vision CMS 2.02 and earl ...)
 	NOT-FOR-US: e-Vision CMS
-CVE-2007-3213
+CVE-2007-3213 (Multiple cross-site scripting (XSS) vulnerabilities in comments.cgi in ...)
 	NOT-FOR-US: Sporum Forum
-CVE-2007-3212
+CVE-2007-3212 (Multiple cross-site scripting (XSS) vulnerabilities in links.php in Be ...)
 	NOT-FOR-US: Beehive Forum
-CVE-2007-3211
+CVE-2007-3211 (Cross-site scripting (XSS) vulnerability in 404.php in Domain Technolo ...)
 	NOT-FOR-US: Domain Technologie Control (DTC)
-CVE-2007-3210
+CVE-2007-3210 (Stack-based buffer overflow in nptoken.mox in the Cellosoft Tokens Obj ...)
 	NOT-FOR-US: Cellosoft Tokens Object
-CVE-2007-3209
+CVE-2007-3209 (Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses ...)
 	- mail-notification 4.0.dfsg.1-2 (low; bug #428157)
 	[sarge] - mail-notification <not-affected> (Only affects 3.x and 4.x)
 	[etch] - mail-notification <no-dsa> (Minor issue, needs proper documentation in errata)
-CVE-2007-3208
+CVE-2007-3208 (CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1  ...)
 	NOT-FOR-US: YaBB
-CVE-2007-3207
+CVE-2007-3207 (Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6 ...)
 	NOT-FOR-US: Novell NetWare
 CVE-2007-3206
 	RESERVED
-CVE-2007-3205
+CVE-2007-3205 (The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin,  ...)
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: That's by design
-CVE-2007-3204
+CVE-2007-3204 (SQL injection vulnerability in auth.php in Just For Fun Network Manage ...)
 	NOTE: This is an jffnms ID, which has been wrongly reported by an external party,
 	NOTE: The data is sufficiently sanitised with the Debian fix for CVE-2007-3192
-CVE-2007-3203
+CVE-2007-3203 (Stack-based buffer overflow in smtpdll.dll in the SMTP service in 602P ...)
 	NOT-FOR-US: 602Pro LAN SUITE
-CVE-2007-3202
+CVE-2007-3202 (Cross-site scripting (XSS) vulnerability in the rich text editor in We ...)
 	NOT-FOR-US: Webwiz
-CVE-2007-3201
+CVE-2007-3201 (Visual truncation vulnerability in Windows Privacy Tray (WinPT) 1.2.0  ...)
 	NOT-FOR-US: Windows Privacy Tray (WinPT)
-CVE-2007-3200
+CVE-2007-3200 (NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and ear ...)
 	NOT-FOR-US: Novell
-CVE-2007-3199
+CVE-2007-3199 (Unrestricted file upload vulnerability in Link Request Contact Form 3. ...)
 	NOT-FOR-US: Link Request Contact Form
-CVE-2007-3198
+CVE-2007-3198 (Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP  ...)
 	NOT-FOR-US: Maran PHP Blog
-CVE-2007-3197
+CVE-2007-3197 (SQL injection vulnerability in vBSupport.php in vBSupport 1.1 before 1 ...)
 	NOT-FOR-US: vBulletin
-CVE-2007-3196
+CVE-2007-3196 (SQL injection vulnerability in vBSupport.php in vSupport Integrated Ti ...)
 	NOT-FOR-US: VBulletin
-CVE-2007-3195
+CVE-2007-3195 (Cross-site scripting (XSS) vulnerability in index.php in ERFAN WIKI 1. ...)
 	NOT-FOR-US: ERFAN WIKI
 CVE-2007-3194
 	NOT-FOR-US: myBloggie
-CVE-2007-3193
+CVE-2007-3193 (lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configurati ...)
 	{DSA-1371-1}
 	- phpwiki 1.3.12p3-6.1 (low; bug #429201)
-CVE-2007-3192
+CVE-2007-3192 (admin/setup.php in Just For Fun Network Management System (JFFNMS) 0.8 ...)
 	{DSA-1374-1}
 	- jffnms 0.8.3dfsg.1-4 (medium)
 	NOTE: 20_security.dpatch is addressing this bug however the maintainer didn't include
 	NOTE: a note about the CVE id.
-CVE-2007-3191
+CVE-2007-3191 (Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote at ...)
 	{DSA-1374-1}
 	- jffnms 0.8.3dfsg.1-4
-CVE-2007-3190
+CVE-2007-3190 (Multiple SQL injection vulnerabilities in auth.php in Just For Fun Net ...)
 	{DSA-1374-1}
 	- jffnms 0.8.3dfsg.1-4
-CVE-2007-3189
+CVE-2007-3189 (Cross-site scripting (XSS) vulnerability in auth.php in Just For Fun N ...)
 	{DSA-1374-1}
 	- jffnms 0.8.3dfsg.1-4
-CVE-2007-3188
+CVE-2007-3188 (SQL injection vulnerability in down_indir.asp in Fullaspsite GeometriX ...)
 	NOT-FOR-US: Fullaspsite GeometriX Download Portal
-CVE-2007-3187
+CVE-2007-3187 (Multiple unspecified vulnerabilities in Apple Safari for Windows allow ...)
 	NOT-FOR-US: Apple
-CVE-2007-3186
+CVE-2007-3186 (Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute ...)
 	NOT-FOR-US: Apple
-CVE-2007-3185
+CVE-2007-3185 (Apple Safari Beta 3.0.1 for Windows public beta allows remote attacker ...)
 	NOT-FOR-US: Apple
-CVE-2007-3184
+CVE-2007-3184 (Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, all ...)
 	NOT-FOR-US: Cisco
-CVE-2007-3183
+CVE-2007-3183 (Multiple SQL injection vulnerabilities in Calendarix 0.7.20070307, whe ...)
 	NOT-FOR-US: Calendarix
-CVE-2007-3182
+CVE-2007-3182 (Multiple cross-site scripting (XSS) vulnerabilities in Calendarix 0.7. ...)
 	NOT-FOR-US: Calendarix
-CVE-2007-3181
+CVE-2007-3181 (Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows  ...)
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (medium)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed> (medium)
 	NOTE: maybe fixed prior to 2.0.3.12981.ds1-1 (2.0.1) but couldn't find any earlier source code
 	NOTE: in the pool to check and since this version is in testing and unstable...
-CVE-2007-3180
+CVE-2007-3180 (Buffer overflow in Help and Support Center before 4.4 C on HP Windows  ...)
 	NOT-FOR-US: HP
-CVE-2007-3179
+CVE-2007-3179 (Multiple SQL injection vulnerabilities in archives.php in Particle Blo ...)
 	NOT-FOR-US: Particle Blogger
-CVE-2007-3178
+CVE-2007-3178 (Multiple SQL injection vulnerabilities in Zindizayn Okul Web Sistemi 1 ...)
 	NOT-FOR-US: Sistemi
-CVE-2007-3177
+CVE-2007-3177 (Ingate Firewall and SIParator before 4.5.2 allow remote attackers to b ...)
 	NOT-FOR-US: Ingate Firewall / SIParator
-CVE-2007-3176
+CVE-2007-3176 (Unspecified vulnerability in Ingate Firewall and SIParator before 4.5. ...)
 	NOT-FOR-US: Ingate Firewall / SIParator
-CVE-2007-3175
+CVE-2007-3175 (Multiple SQL injection vulnerabilities in W2B Online Banking allow rem ...)
 	NOT-FOR-US: W2B Online Banking
-CVE-2007-3174
+CVE-2007-3174 (Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online Ban ...)
 	NOT-FOR-US: W2B Online Banking
-CVE-2007-3173
+CVE-2007-3173 (Almnzm allows remote attackers to obtain sensitive information via an  ...)
 	NOT-FOR-US: Almnzm
-CVE-2007-3172
+CVE-2007-3172 (Directory traversal vulnerability in demo/pop3/error.php in Uebimiau W ...)
 	NOT-FOR-US: UebiMiau
-CVE-2007-3171
+CVE-2007-3171 (Uebimiau Webmail allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: UebiMiau
-CVE-2007-3170
+CVE-2007-3170 (Multiple cross-site scripting (XSS) vulnerabilities in Uebimiau Webmai ...)
 	NOT-FOR-US: Uebimiau
-CVE-2007-3169
+CVE-2007-3169 (Buffer overflow in a certain ActiveX control in the EDraw Office Viewe ...)
 	NOT-FOR-US: EDraw Office Viewer Component
-CVE-2007-3168
+CVE-2007-3168 (A certain ActiveX control in the EDraw Office Viewer Component (edrawo ...)
 	NOT-FOR-US: EDraw Office Viewer Component
-CVE-2007-3167
+CVE-2007-3167 (Stack-based buffer overflow in the Vivotek Motion Jpeg ActiveX control ...)
 	NOT-FOR-US: Vivotek
-CVE-2007-3166
+CVE-2007-3166 (Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remot ...)
 	NOT-FOR-US: Qualcomm Eudora
-CVE-2007-3165
+CVE-2007-3165 (Tor before 0.1.2.14 can construct circuits in which an entry guard is  ...)
 	- tor 0.1.2.14-1 (medium)
-CVE-2007-3164
+CVE-2007-3164 (Microsoft Internet Explorer 7, when prompting for HTTP Basic Authentic ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3163
+CVE-2007-3163 (Incomplete blacklist vulnerability in the filemanager in Frederico Cal ...)
 	- moin 1.5.8-4.1 (unimportant; bug #429205)
 	- knowledgeroot 0.9.8.2-2 (unimportant; bug #429204)
 	- karrigell <removed> (unimportant; bug #429207)
@@ -8566,473 +8566,473 @@ CVE-2007-3163
 	NOTE: Given the state of Linux' NTFS support it seems highly unlikely
 	NOTE: and given the state of ext3/XFS highly stupid to run a Debian-based
 	NOTE: web server with NTFS
-CVE-2007-3162
+CVE-2007-3162 (Buffer overflow in the NotSafe function in the idaiehlp ActiveX contro ...)
 	NOT-FOR-US: Internet Download Accelerator
-CVE-2007-3161
+CVE-2007-3161 (Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote F ...)
 	NOT-FOR-US: Ace-FTP Client
-CVE-2007-3160
+CVE-2007-3160 (PHP remote file inclusion vulnerability in admin/header.php in PHP Rea ...)
 	NOT-FOR-US: PHP Real Estate Classifieds Premium Plus
-CVE-2007-3159
+CVE-2007-3159 (http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a ...)
 	NOT-FOR-US: MiniWeb
-CVE-2007-3158
+CVE-2007-3158 (download_script.asp in ASP Folder Gallery allows remote attackers to r ...)
 	NOT-FOR-US: ASP Folder Gallery
-CVE-2007-3157
+CVE-2007-3157 (IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12 ...)
 	NOT-FOR-US: SafeNET
-CVE-2007-3156
+CVE-2007-3156 (Multiple cross-site scripting (XSS) vulnerabilities in pam_login.cgi i ...)
 	- webmin <removed>
-CVE-2007-3155
+CVE-2007-3155 (Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown i ...)
 	- egroupware 1.2.107-2.dfsg-1 (bug #429208)
-CVE-2007-3154
+CVE-2007-3154 (Unspecified vulnerability in Walter Zorn wz_tooltip.js (aka wz_tooltip ...)
 	NOTE: Apparently a bogus issue; upstream developer of wz_tooltip.js isn't aware
 	NOTE: of any security problem, see #429215, #429209, #429214, #429213
-CVE-2007-3153
+CVE-2007-3153 (The ares_init:randomize_key function in c-ares, on platforms other tha ...)
 	NOT-FOR-US: c-ares
-CVE-2007-3152
+CVE-2007-3152 (c-ares before 1.4.0 uses a predictable seed for the random number gene ...)
 	NOT-FOR-US: c-ares
-CVE-2007-3151
+CVE-2007-3151 (rpttop.htm in the web management interface in Packeteer PacketShaper 7 ...)
 	NOT-FOR-US: Packeteer PacketShaper
-CVE-2007-3150
+CVE-2007-3150 (Google Desktop allows user-assisted remote attackers to execute arbitr ...)
 	NOT-FOR-US: Google Desktop
-CVE-2007-3149
+CVE-2007-3149 (sudo, when linked with MIT Kerberos 5 (krb5), does not properly check  ...)
 	- sudo <not-affected> (Not linked with krb5)
-CVE-2007-3148
+CVE-2007-3148 (Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr. ...)
 	NOT-FOR-US: Yahoo! Webcam Viewer
-CVE-2007-3147
+CVE-2007-3147 (Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl. ...)
 	NOT-FOR-US: Yahoo! Webcam Upload
-CVE-2007-3146
+CVE-2007-3146 (Zen Help Desk 2.1 stores sensitive information under the web root with ...)
 	NOT-FOR-US: Zen Help Desk
-CVE-2007-3145
+CVE-2007-3145 (Visual truncation vulnerability in Galeon 2.0.1 allows remote attacker ...)
 	- galeon <removed> (unimportant; bug #429216)
 	NOTE: Hardly a problem, Galeon's rotting any way and doesn't offer up-to-date
 	NOTE: phishing protections anyway
-CVE-2007-3144
+CVE-2007-3144 (Visual truncation vulnerability in Mozilla 1.7.12 allows remote attack ...)
 	NOTE: Minor issue, exact details unknown to upstream
-CVE-2007-3143
+CVE-2007-3143 (Visual truncation vulnerability in Konqueror 3.5.5 allows remote attac ...)
 	- kdebase 4:3.5.7-3 (low)
 	[sarge] - kdebase <no-dsa> (Minor issue)
 	[etch] - kdebase <no-dsa> (Minor issue)
 	NOTE: referring to maintainer this is definetly fixed in 4:3.5.7-3
-CVE-2007-3142
+CVE-2007-3142 (Visual truncation vulnerability in Opera 9.21 allows remote attackers  ...)
 	NOT-FOR-US: Opera
-CVE-2007-3141
+CVE-2007-3141 (PHP remote file inclusion vulnerability in core/editor.php in phpWebTh ...)
 	NOT-FOR-US: phpWebThings
-CVE-2007-3140
+CVE-2007-3140 (SQL injection vulnerability in xmlrpc.php in WordPress 2.2 allows remo ...)
 	- wordpress 2.2.1-1 (bug #428073)
 	[etch] - wordpress <not-affected> (Doesn't affect 2.0.x branch)
-CVE-2007-3139
+CVE-2007-3139 (config/general.php in Quick.Cart 2.2 and earlier uses a default userna ...)
 	NOT-FOR-US: Quick.Cart
-CVE-2007-3138
+CVE-2007-3138 (Directory traversal vulnerability in index.php in Open Solution Quick. ...)
 	NOT-FOR-US: Quick.Cart
-CVE-2007-3137
+CVE-2007-3137 (Multiple cross-site scripting (XSS) vulnerabilities in 4print.asp in W ...)
 	NOT-FOR-US: WmsCMS
-CVE-2007-3136
+CVE-2007-3136 (PHP remote file inclusion vulnerability in inc/nuke_include.php in new ...)
 	NOT-FOR-US: newsSync
-CVE-2007-3135
+CVE-2007-3135 (Cross-site scripting (XSS) vulnerability in atomPhotoBlog.php in Atom  ...)
 	NOT-FOR-US: Atom Photoblog
-CVE-2007-3134
+CVE-2007-3134 (Multiple cross-site scripting (XSS) vulnerabilities in atomPhotoBlog.p ...)
 	NOT-FOR-US: Atom PhotoBlog
-CVE-2007-3133
+CVE-2007-3133 (SQL injection vulnerability in urunbak.asp in W1L3D4 WEBmarket 0.1 all ...)
 	NOT-FOR-US: W1L3D4
-CVE-2007-3132
+CVE-2007-3132 (Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and ea ...)
 	NOT-FOR-US: Symantec Ghost
-CVE-2007-3131
+CVE-2007-3131 (Cross-site scripting (XSS) vulnerability in add_comment.php in Light B ...)
 	NOT-FOR-US: Light Blog
-CVE-2007-3130
+CVE-2007-3130 (Multiple PHP remote file inclusion vulnerabilities in the OpenWiki (fo ...)
 	NOT-FOR-US: OpenWiki
-CVE-2007-3129
+CVE-2007-3129 (Cross-site scripting (XSS) vulnerability in login.php in Utopia News P ...)
 	NOT-FOR-US: Utopia News Pro
-CVE-2007-3128
+CVE-2007-3128 (SQL injection vulnerability in content.php in WSPortal 1.0, when magic ...)
 	NOT-FOR-US: WSPortal
-CVE-2007-3127
+CVE-2007-3127 (content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows ...)
 	NOT-FOR-US: WSPortal
-CVE-2007-3126
+CVE-2007-3126 (Gimp before 2.8.22 allows context-dependent attackers to cause a denia ...)
 	- gimp 2.8.22-1 (unimportant; bug #885382)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=773233
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=46bcd82800e37b0f5aead76184430ef2fe802748 (master)
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=323ecb73f7bf36788fb7066eb2d6678830cd5de7 (gimp-2-8)
 CVE-2007-3125
 	REJECTED
-CVE-2007-3124
+CVE-2007-3124 (Buffer overflow in backup/src/vmsbackup.c (aka the backup utility) in  ...)
 	NOT-FOR-US: FreeVMS
-CVE-2007-3123
+CVE-2007-3123 (unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 a ...)
 	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.3-1
-CVE-2007-3122
+CVE-2007-3122 (The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 all ...)
 	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.3-1
-CVE-2007-3121
+CVE-2007-3121 (Buffer overflow in the CCdecode function in contrib/ntsc-cc.c in the z ...)
 	- zvbi 0.2.25-1 (bug #429221; unimportant)
 	NOTE: Only exploitable through malformed closed captions
 	NOTE: Malicious TV networks have more subtle methods to control people...
-CVE-2007-3120
+CVE-2007-3120 (Cross-site scripting (XSS) vulnerability in public/code/cp_dpage.php i ...)
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2007-3119
+CVE-2007-3119 (SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (a ...)
 	NOT-FOR-US: Kartli Alisveris Sistemi
-CVE-2007-3118
+CVE-2007-3118 (Multiple PHP remote file inclusion vulnerabilities in Kravchuk letter  ...)
 	NOT-FOR-US: Kravchuk letter
-CVE-2007-3117
+CVE-2007-3117 (Cross-site scripting (XSS) vulnerability in the SEO module in ADPLAN 3 ...)
 	NOT-FOR-US: ADPLAN
-CVE-2007-3116
+CVE-2007-3116 (Memory leak in server/MaraDNS.c in MaraDNS 1.2.12.06 and 1.3.05 allows ...)
 	{DSA-1319-1}
 	- maradns 1.2.12.06-1
 	[sarge] - maradns <not-affected> (1.0.x branch not affected)
-CVE-2007-3115
+CVE-2007-3115 (Multiple memory leaks in server/MaraDNS.c in MaraDNS before 1.2.12.06, ...)
 	{DSA-1319-1}
 	- maradns 1.2.12.06-1
 	[sarge] - maradns <not-affected> (1.0.x branch not affected)
-CVE-2007-3114
+CVE-2007-3114 (Memory leak in server/MaraDNS.c in MaraDNS before 1.2.12.05, and 1.3.x ...)
 	{DSA-1319-1}
 	- maradns 1.2.12.05-1
 	[sarge] - maradns <not-affected> (1.0.x branch not affected)
-CVE-2007-3113
+CVE-2007-3113 (Cacti 0.8.6i, and possibly other versions, allows remote authenticated ...)
 	{DSA-1954-1}
 	- cacti 0.8.6j-1.1 (low; bug #429224)
 	[sarge] - cacti <no-dsa> (Minor issue, would only be run within authentication)
 	[etch] - cacti <no-dsa> (Minor issue, would only be run within authentication)
-CVE-2007-3112
+CVE-2007-3112 (graph_image.php in Cacti 0.8.6i, and possibly other versions, allows r ...)
 	{DSA-1954-1}
 	- cacti 0.8.6j-1.1 (low; bug #429224)
 	[sarge] - cacti <no-dsa> (Minor issue, would only be run within authentication)
 	[etch] - cacti <no-dsa> (Minor issue, would only be run within authentication)
-CVE-2007-3111
+CVE-2007-3111 (Buffer overflow in the Provideo Camimage ActiveX control in ISSCamCont ...)
 	NOT-FOR-US: Provideo Camimage
-CVE-2007-3110
+CVE-2007-3110 (Cross-site scripting (XSS) vulnerability in the Andy Frank Beatnik 1.0 ...)
 	NOT-FOR-US: Andy Frank Beatnik
-CVE-2007-3109
+CVE-2007-3109 (The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage all ...)
 	NOT-FOR-US: Microsoft FrontPage
-CVE-2007-3108
+CVE-2007-3108 (The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9. ...)
 	{DSA-1571-1}
 	- openssl 0.9.8e-6 (bug #438142; low)
 	- openssl097 <removed> (bug #438180)
 	[sarge] - openssl <no-dsa> (Not exploitable in a real-world scenario)
 	[etch] - openssl097 <no-dsa> (Not exploitable in a real-world scenario)
-CVE-2007-3107
+CVE-2007-3107 (The signal handling in the Linux kernel before 2.6.22, including 2.6.2 ...)
 	- linux-2.6 2.6.22-1 (unimportant)
 	NOTE: Not reproducibly reliably by an attacker, mostly a bug
 	NOTE: This is fixed by 9a08e732533b940d2d31f4e9999dfee5e1ca3914
 	NOTE: in Linus' tree.
-CVE-2007-3106
+CVE-2007-3106 (lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2. ...)
 	{DSA-1471-1}
 	- libvorbisidec 1.0.2+svn16259-2 (bug #669196)
 	- libvorbis 1.2.0.dfsg-1 (medium)
-CVE-2007-3105
+CVE-2007-3105 (Stack-based buffer overflow in the random number generator (RNG) imple ...)
 	{DSA-1504-1 DSA-1363-1}
 	- linux-2.6 2.6.22-4
-CVE-2007-3104
+CVE-2007-3104 (The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat ...)
 	{DSA-1428-1}
 	- linux-2.6 2.6.22-4 (low)
-CVE-2007-3103
+CVE-2007-3103 (The init.d script for the X.Org X11 xfs font server on various Linux d ...)
 	{DSA-1342-1}
 	- xfs 1:1.0.8-2.1 (low)
 	NOTE: i've checked 1.0.8, and this problem is no longer present
-CVE-2007-3102
+CVE-2007-3102 (Unspecified vulnerability in the linux_audit_record_event function in  ...)
 	- openssh <not-affected> (This is a redhat/fedora specific issue)
 	NOTE: this issue was introduced by a patch of redhat (openssh-4.3p1-audit.patch)
 	NOTE: The patch fixing this (openssh-4.3p2-cve-2007-3102.patch) can be found on:
 	NOTE: http://mirror.linux.duke.edu/pub/fedora/linux/core/updates/6/SRPMS/openssh-4.3p2-25.fc6.src.rpm
-CVE-2007-3101
+CVE-2007-3101 (Multiple cross-site scripting (XSS) vulnerabilities in certain JSF app ...)
 	NOT-FOR-US: Apache MyFaces Tomahawk
-CVE-2007-3100
+CVE-2007-3100 (usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-8 ...)
 	{DSA-1314-1}
 	- open-iscsi 2.0.865-1 (low; bug #429225)
-CVE-2007-3099
+CVE-2007-3099 (usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before  ...)
 	{DSA-1314-1}
 	- open-iscsi 2.0.865-1 (medium; bug #429225)
-CVE-2007-3098
+CVE-2007-3098 (The SNMPc Server (crserv.exe) process in Castle Rock Computing SNMPc b ...)
 	NOT-FOR-US: Castle Rock Computing SNMPc
-CVE-2007-3097
+CVE-2007-3097 (my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers ...)
 	NOT-FOR-US: F5 Firepass 4100 SSL VPN
-CVE-2007-3096
+CVE-2007-3096 (Directory traversal vulnerability in login.php in PBLang (PBL) 4.67.16 ...)
 	NOT-FOR-US: PBLang (PBL)
-CVE-2007-3095
+CVE-2007-3095 (Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and  ...)
 	NOT-FOR-US: Symantec Reporting Server
-CVE-2007-3094
+CVE-2007-3094 (Unspecified vulnerability in the authentication mechanism in Solaris M ...)
 	NOT-FOR-US: Solaris Management Console
-CVE-2007-3093
+CVE-2007-3093 (Unspecified vulnerability in the logging mechanism in Solaris Manageme ...)
 	NOT-FOR-US: Solaris Management Console
-CVE-2007-3092
+CVE-2007-3092 (Microsoft Internet Explorer 6 allows remote attackers to spoof the URL ...)
 	NOT-FOR-US: MSIE6
-CVE-2007-3091
+CVE-2007-3091 (Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-3090
 	REJECTED
-CVE-2007-3089
+CVE-2007-3089 (Mozilla Firefox before 2.0.0.5 does not prevent use of document.write  ...)
 	{DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	- iceweasel 2.0.0.5-1 (low; bug #427691)
 	- iceape 1.1.3-1 (low)
 	- xulrunner 1.8.1.5-1 (low)
 	NOTE: MFSA2007-20
-CVE-2007-3088
+CVE-2007-3088 (SQL injection vulnerability in index.php in Comicsense allows remote a ...)
 	NOT-FOR-US: Comicsense
-CVE-2007-3087
+CVE-2007-3087 (Peercast places a cleartext password in a query string, which might al ...)
 	NOT-FOR-US: PeerCast
-CVE-2007-3086
+CVE-2007-3086 (Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4. ...)
 	NOT-FOR-US: Outpost Firewall PRO
-CVE-2007-3085
+CVE-2007-3085 (Multiple PHP remote file inclusion vulnerabilities in PBSite allow rem ...)
 	NOT-FOR-US: PBSite
-CVE-2007-3084
+CVE-2007-3084 (PHP remote file inclusion vulnerability in sampleblogger.php in Comdev ...)
 	NOT-FOR-US: Comdev Web Blogger
-CVE-2007-3083
+CVE-2007-3083 (Z-Blog 1.7 stores sensitive information under the web root with insuff ...)
 	NOT-FOR-US: Z-Blog
-CVE-2007-3082
+CVE-2007-3082 (Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 an ...)
 	NOT-FOR-US: Sendcard
-CVE-2007-3081
+CVE-2007-3081 (PHP remote file inclusion vulnerability in sampleecommerce.php in Comd ...)
 	NOT-FOR-US: Comdev eCommerce
-CVE-2007-3080
+CVE-2007-3080 (SQL injection vulnerability in haberoku.asp in Hunkaray Okul Portaly 1 ...)
 	NOT-FOR-US: Hunkaray Okul Portaly
-CVE-2007-3079
+CVE-2007-3079 (listmembers.php in EQdkp 1.3.2c and earlier allows remote attackers to ...)
 	NOT-FOR-US: EQdkp
-CVE-2007-3078
+CVE-2007-3078 (Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before  ...)
 	NOT-FOR-US: Aigaion
-CVE-2007-3077
+CVE-2007-3077 (SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and earl ...)
 	NOT-FOR-US: EQdkp
-CVE-2007-3076
+CVE-2007-3076 (A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker allo ...)
 	NOT-FOR-US: Zenturi ProgramChecker
-CVE-2007-3075
+CVE-2007-3075 (Directory traversal vulnerability in Microsoft Internet Explorer allow ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3074
+CVE-2007-3074 (Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read fi ...)
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1}
 	- iceweasel 2.0.0.4-1 (low)
 	- iceape 1.0.9-1 (low)
 	- xulrunner 1.8.1.4-1 (low)
-CVE-2007-3073
+CVE-2007-3073 (Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earli ...)
 	NOTE: Duplicate of CVE-2008-4067
-CVE-2007-3072
+CVE-2007-3072 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on ...)
 	- iceweasel <not-affected> (Only affects Windows versions of Firefox)
-CVE-2007-3071
+CVE-2007-3071 (Buffer overflow in the GetWebStoreURL function in a certain ActiveX co ...)
 	NOT-FOR-US: eSellerate
-CVE-2007-3070
+CVE-2007-3070 (Cross-site scripting (XSS) vulnerability in index.php in BDigital Web  ...)
 	NOT-FOR-US: BDigital Web Solutions WebStudio
-CVE-2007-3069
+CVE-2007-3069 (xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session w ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-3068
+CVE-2007-3068 (Stack-based buffer overflow in DVD X Player 4.1 Professional allows re ...)
 	NOT-FOR-US: DVD X Player
-CVE-2007-3067
+CVE-2007-3067 (Cross-site scripting (XSS) vulnerability in the Attunement and Key Tra ...)
 	NOT-FOR-US: EQdkp
-CVE-2007-3066
+CVE-2007-3066 (Multiple PHP remote file inclusion vulnerabilities in php(Reactor) 1.2 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-3065
+CVE-2007-3065 (SQL injection vulnerability in viewimage.php in Particle Soft Particle ...)
 	NOT-FOR-US: Particle Gallery
-CVE-2007-3064
+CVE-2007-3064 (Cross-site scripting (XSS) vulnerability in diary.php in My Databook a ...)
 	NOT-FOR-US: My Datebook
-CVE-2007-3063
+CVE-2007-3063 (SQL injection vulnerability in diary.php in My Databook allows remote  ...)
 	NOT-FOR-US: My Datebook
-CVE-2007-3062
+CVE-2007-3062 (Cross-site scripting (XSS) vulnerability in HP System Management Homep ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2007-3061
+CVE-2007-3061 (Cactushop 6 and earlier stores sensitive information under the web roo ...)
 	NOT-FOR-US: Cactushop
-CVE-2007-3060
+CVE-2007-3060 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 ...)
 	NOT-FOR-US: PHP Live!
-CVE-2007-3059
+CVE-2007-3059 (SendCard 3.3.0 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: SendCard
-CVE-2007-3058
+CVE-2007-3058 (Multiple PHP remote file inclusion vulnerabilities in Madirish Webmail ...)
 	NOT-FOR-US: Madirish Webmail
-CVE-2007-3057
+CVE-2007-3057 (PHP remote file inclusion vulnerability in include/wysiwyg/spaw_contro ...)
 	NOT-FOR-US: XOOPS
-CVE-2007-3056
+CVE-2007-3056 (Cross-site scripting (XSS) vulnerability in filedetails.php in WebSVN  ...)
 	- websvn 1.61-22.3 (unimportant; bug #439337)
 	NOTE: Websvn does not have cookie based authentication by itself.
 	NOTE: I therefore don't think this is serious enough for a stable update.
-CVE-2007-3055
+CVE-2007-3055 (Cross-site scripting (XSS) vulnerability in index.php in Codelib Linke ...)
 	NOT-FOR-US: Codelib Linker
-CVE-2007-3054
+CVE-2007-3054 (Cross-site scripting (XSS) vulnerability in search.php in Codelib Link ...)
 	NOT-FOR-US: Codelib Linker
-CVE-2007-3053
+CVE-2007-3053 (Session fixation vulnerability in Calimero.CMS 3.3.1232 and earlier al ...)
 	NOT-FOR-US: Calimero
-CVE-2007-3052
+CVE-2007-3052 (SQL injection vulnerability in index.php in the PNphpBB2 1.2i and earl ...)
 	NOT-FOR-US: PostNuke
-CVE-2007-3051
+CVE-2007-3051 (SQL injection vulnerability in inc/class_users.php in RevokeSoft Revok ...)
 	NOT-FOR-US: RevokeSoft RevokeBB
-CVE-2007-3050
+CVE-2007-3050 (Session fixation vulnerability in chameleon cms 3.0 and earlier allows ...)
 	NOT-FOR-US: chameleon cms
-CVE-2007-3049
+CVE-2007-3049 (Cross-site scripting (XSS) vulnerability in index.php in Buttercup web ...)
 	NOT-FOR-US: Buttercup BWFM
 CVE-2007-3048
 	- screen <not-affected> (not reproducible)
-CVE-2007-3047
+CVE-2007-3047 (The Vonage VoIP Telephone Adapter has a default administrator username ...)
 	NOT-FOR-US: Vonage
-CVE-2007-3046
+CVE-2007-3046 (Buffer overflow in Advanced Software Production Line Vortex Library be ...)
 	NOT-FOR-US: Advanced Software Production Line Vortex Library
-CVE-2007-3045
+CVE-2007-3045 (Unspecified vulnerability in Hitachi TP1/NET/OSI-TP-Extended on HI-UX/ ...)
 	NOT-FOR-US: Hitachi TP1
-CVE-2007-3044
+CVE-2007-3044 (Unspecified vulnerability in the Map I/O Service (xpwmap) in Hitachi X ...)
 	NOT-FOR-US: Hitachi
-CVE-2007-3043
+CVE-2007-3043 (Cross-site scripting (XSS) vulnerability in Collaboration - File Shari ...)
 	NOT-FOR-US: Hitachi Collaboration
-CVE-2007-3042
+CVE-2007-3042 (Cross-site scripting (XSS) vulnerability in Meneame before 2 allows re ...)
 	NOT-FOR-US: Meneame
-CVE-2007-3041
+CVE-2007-3041 (Unspecified vulnerability in the pdwizard.ocx ActiveX object for Inter ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3040
+CVE-2007-3040 (Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Ag ...)
 	NOT-FOR-US: Windows
-CVE-2007-3039
+CVE-2007-3039 (Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) se ...)
 	NOT-FOR-US: Windows
-CVE-2007-3038
+CVE-2007-3038 (The Teredo interface in Microsoft Windows Vista and Vista x64 Edition  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3037
+CVE-2007-3037 (Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attack ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3036
+CVE-2007-3036 (Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and ...)
 	NOT-FOR-US: Windows Services for UNIX
-CVE-2007-3035
+CVE-2007-3035 (Unspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10 ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3034
+CVE-2007-3034 (Integer overflow in the AttemptWrite function in Graphics Rendering En ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3033
+CVE-2007-3033 (Cross-site scripting (XSS) vulnerability in Windows Vista Feed Headlin ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3032
+CVE-2007-3032 (Unspecified vulnerability in Windows Vista Contacts Gadget in Windows  ...)
 	NOT-FOR-US: Microsoft
 CVE-2007-3031
 	REJECTED
-CVE-2007-3030
+CVE-2007-3030 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows u ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-3029
+CVE-2007-3029 (Unspecified vulnerability in Microsoft Excel 2002 SP3 and 2003 SP2 all ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-3028
+CVE-2007-3028 (The LDAP service in Windows Active Directory in Microsoft Windows 2000 ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-3027
+CVE-2007-3027 (Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows re ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3026
+CVE-2007-3026 (Integer overflow in Panda Software AdminSecure allows remote attackers ...)
 	NOT-FOR-US: Panda
-CVE-2007-3025
+CVE-2007-3025 (Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before 0 ...)
 	- clamav <not-affected> (Solaris-specific bug)
-CVE-2007-3024
+CVE-2007-3024 (libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 use ...)
 	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.3-1
-CVE-2007-3023
+CVE-2007-3023 (unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not proper ...)
 	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.3-1
-CVE-2007-3022
+CVE-2007-3022 (Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224 ...)
 	NOT-FOR-US: Symantec
-CVE-2007-3021
+CVE-2007-3021 (Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224 ...)
 	NOT-FOR-US: Symantec
 CVE-2007-3020
 	RESERVED
 CVE-2007-3019
 	RESERVED
-CVE-2007-3018
+CVE-2007-3018 (activeWeb contentserver CMS before 5.6.2964 does not limit the file-cr ...)
 	NOT-FOR-US: activeWeb contentserver CMS
-CVE-2007-3017
+CVE-2007-3017 (The WYSIWYG editor applet in activeWeb contentserver CMS before 5.6.29 ...)
 	NOT-FOR-US: activeWeb contentserver CMS
 CVE-2007-3016
 	RESERVED
 CVE-2007-3015
 	RESERVED
-CVE-2007-3014
+CVE-2007-3014 (Multiple cross-site scripting (XSS) vulnerabilities in activeWeb conte ...)
 	NOT-FOR-US: activeWeb contentserver CMS
-CVE-2007-3013
+CVE-2007-3013 (SQL injection vulnerability in activeWeb contentserver before 5.6.2964 ...)
 	NOT-FOR-US: activeWeb contentserver CMS
-CVE-2007-3012
+CVE-2007-3012 (The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch B ...)
 	NOT-FOR-US: Fujitsu-Siemens
-CVE-2007-3011
+CVE-2007-3011 (The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens C ...)
 	NOT-FOR-US: Fujitsu-Siemens
-CVE-2007-3010
+CVE-2007-3010 (masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterpris ...)
 	NOT-FOR-US: Alcatel OmniPCX Enterprise Communication Server
-CVE-2007-3009
+CVE-2007-3009 (Format string vulnerability in the MprLogToFile::logEvent function in  ...)
 	NOT-FOR-US: Mbedthis AppWeb
-CVE-2007-3008
+CVE-2007-3008 (Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has  ...)
 	NOT-FOR-US: Mbedthis AppWeb
-CVE-2007-3007
+CVE-2007-3007 (PHP 5 before 5.2.3 does not enforce the open_basedir or safe_mode rest ...)
 	- php5 5.2.3-1 (unimportant)
-CVE-2007-3006
+CVE-2007-3006 (Buffer overflow in Acoustica MP3 CD Burner 4.32 allows user-assisted r ...)
 	NOT-FOR-US: Acoustica MP3 CD Burner
 CVE-2007-3005
 	REJECTED
 CVE-2007-3004
 	REJECTED
-CVE-2007-3003
+CVE-2007-3003 (Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier  ...)
 	NOT-FOR-US: myBloggie
-CVE-2007-3002
+CVE-2007-3002 (PHP JackKnife (PHPJK) allows remote attackers to obtain sensitive info ...)
 	NOT-FOR-US: PHP JackKnife
-CVE-2007-3001
+CVE-2007-3001 (Multiple cross-site scripting (XSS) vulnerabilities in PHP JackKnife ( ...)
 	NOT-FOR-US: PHP JackKnife
-CVE-2007-3000
+CVE-2007-3000 (Multiple SQL injection vulnerabilities in PHP JackKnife (PHPJK) allow  ...)
 	NOT-FOR-US: PHP JackKnife
-CVE-2007-2999
+CVE-2007-2999 (Microsoft Windows Server 2003, when time restrictions are in effect fo ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-2998
+CVE-2007-2998 (The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS f ...)
 	NOT-FOR-US: OpenVMS
 CVE-2007-2997
 	NOT-FOR-US: SalesCart Shopping Cart
-CVE-2007-2996
+CVE-2007-2996 (Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-2995
+CVE-2007-2995 (Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3 ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-2994
+CVE-2007-2994 (SQL injection vulnerability in news.php in DGNews 2.1 allows remote at ...)
 	NOT-FOR-US: DGNews
-CVE-2007-2993
+CVE-2007-2993 (Multiple cross-site scripting (XSS) vulnerabilities in OmegaMw7.asp in ...)
 	NOT-FOR-US: OMEGA INterneSErvicesLosungen (INSEL)
-CVE-2007-2992
+CVE-2007-2992 (Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA (aka O ...)
 	NOT-FOR-US: OMEGA INterneSErvicesLosungen (INSEL)
-CVE-2007-2991
+CVE-2007-2991 (Cross-site scripting (XSS) vulnerability in includes/send.inc.php in E ...)
 	NOT-FOR-US: Evenzia CMS
-CVE-2007-2990
+CVE-2007-2990 (Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 a ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-2989
+CVE-2007-2989 (The libike library in Sun Solaris 9 before 20070529 contains a logic e ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-2988
+CVE-2007-2988 (A certain admin script in Inout Meta Search Engine sends a redirect to ...)
 	NOT-FOR-US: Inout Meta Search Engine
-CVE-2007-2987
+CVE-2007-2987 (Multiple buffer overflows in certain ActiveX controls in sasatl.dll in ...)
 	NOT-FOR-US: Zenturi ProgramChecker
-CVE-2007-2986
+CVE-2007-2986 (PHP remote file inclusion vulnerability in lib/live_status.lib.php in  ...)
 	NOT-FOR-US: AdminBot
-CVE-2007-2985
+CVE-2007-2985 (Pheap 2.0 allows remote attackers to bypass authentication by setting  ...)
 	NOT-FOR-US: Pheap
-CVE-2007-2984
+CVE-2007-2984 (Multiple stack-based buffer overflows in the Media Technology Group CD ...)
 	NOT-FOR-US: Media Technology Group CDPass
-CVE-2007-2982
+CVE-2007-2982 (Multiple buffer overflows in the British Telecommunications Business C ...)
 	NOT-FOR-US: British Telecommunications Business Connect
-CVE-2007-2981
+CVE-2007-2981 (Buffer overflow in a certain ActiveX control in LEAD Technologies LEAD ...)
 	NOT-FOR-US: LeadTools
-CVE-2007-2980
+CVE-2007-2980 (Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS L ...)
 	NOT-FOR-US: LeadTools
-CVE-2007-2979
+CVE-2007-2979 (Techno Dreams Web Directory / Search Engine 2.0 stores sensitive infor ...)
 	NOT-FOR-US: Techno Dreams Web Directory / Search Engine
-CVE-2007-2978
+CVE-2007-2978 (Session fixation vulnerability in eggblog 3.1.0 and earlier allows rem ...)
 	NOT-FOR-US: eggblog
-CVE-2007-2977
+CVE-2007-2977 (Buffer overflow in the receive function in submit/submitcommon.c in th ...)
 	NOT-FOR-US: DOMjudge
-CVE-2007-2976
+CVE-2007-2976 (Centrinity FirstClass 8.3 and earlier, and Server and Internet Service ...)
 	NOT-FOR-US: Centrinity
-CVE-2007-2975
+CVE-2007-2975 (The admin console in Ignite Realtime Openfire 3.3.0 and earlier (forme ...)
 	NOT-FOR-US: Ignite Realtime
-CVE-2007-2974
+CVE-2007-2974 (Buffer overflow in the file parsing engine in Avira Antivir Antivirus  ...)
 	NOT-FOR-US: Avira Antivirus
-CVE-2007-2973
+CVE-2007-2973 (Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to c ...)
 	NOT-FOR-US: Avira Antivirus
-CVE-2007-2972
+CVE-2007-2972 (The file parsing engine in Avira Antivir Antivirus before 7.04.00.24 a ...)
 	NOT-FOR-US: Avira Antivirus
-CVE-2007-2971
+CVE-2007-2971 (SQL injection vulnerability in getnewsitem.php in gCards 1.46 and earl ...)
 	NOT-FOR-US: gCards
-CVE-2007-2970
+CVE-2007-2970 (Multiple cross-site scripting (XSS) vulnerabilities in cgi/block.cgi i ...)
 	NOT-FOR-US: 8e6 R3000 Internet Filter
-CVE-2007-2969
+CVE-2007-2969 (PHP remote file inclusion vulnerability in newsletter.php in WAnewslet ...)
 	NOT-FOR-US: WAnewsletter
-CVE-2007-2968
+CVE-2007-2968 (Cross-site scripting (XSS) vulnerability in register.php in cpCommerce ...)
 	NOT-FOR-US: cpCommerce
 CVE-2007-XXXX [webpy HTTP response splitting vulnerability]
 	- webpy 0.210-1 (bug #427715; unimportant)
 	NOTE: This is not a vulnerability, but an additional precaution function for
 	NOTE: a development framework. If someone wants to have this updated in Etch, this
 	NOTE: needs to go through a point update
-CVE-2007-2967
+CVE-2007-2967 (Multiple F-Secure anti-virus products for Microsoft Windows and Linux  ...)
 	NOT-FOR-US: F-Secure
-CVE-2007-2966
+CVE-2007-2966 (Buffer overflow in the LHA decompression component in F-Secure anti-vi ...)
 	NOT-FOR-US: F-Secure
-CVE-2007-2965
+CVE-2007-2965 (Unspecified vulnerability in the Real-time Scanning component in multi ...)
 	NOT-FOR-US: F-Secure
-CVE-2007-2964
+CVE-2007-2964 (The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and e ...)
 	NOT-FOR-US: F-Secure
-CVE-2007-2963
+CVE-2007-2963 (Multiple cross-site scripting (XSS) vulnerabilities in Invision Power  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2007-2962
+CVE-2007-2962 (Cross-site scripting (XSS) vulnerability in search.php in Particle Gal ...)
 	NOT-FOR-US: Particle Gallery
-CVE-2007-2961
+CVE-2007-2961 (Unrestricted file upload vulnerability in FileCloset before 1.1.5 allo ...)
 	NOT-FOR-US: FileCloset
-CVE-2007-2960
+CVE-2007-2960 (Multiple directory traversal vulnerabilities in Scallywag 2005-04-25 a ...)
 	NOT-FOR-US: Scallywag
-CVE-2007-2959
+CVE-2007-2959 (SQL injection vulnerability in manufacturer.php in cpCommerce before 1 ...)
 	NOT-FOR-US: cpCommerce
-CVE-2007-2958
+CVE-2007-2958 (Format string vulnerability in the inc_put_error function in src/inc.c ...)
 	- sylpheed-claws 1.0.5-5.2 (low; bug #441854)
 	[etch] - sylpheed-claws <no-dsa> (Minor issue)
 	[sarge] - sylpheed-claws <no-dsa> (Minor issue)
@@ -9041,221 +9041,221 @@ CVE-2007-2958
 	[sarge] - sylpheed <no-dsa> (Minor issue)
 	NOTE: the cvs referenced in redhat bugzilla is not available anymore however
 	NOTE: http://www.colino.net/claws-mail/getpatchset.php3?ver=2.10.0cvs153 fixes the bug
-CVE-2007-2957
+CVE-2007-2957 (Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, ...)
 	NOT-FOR-US: McAfee on Solaris
-CVE-2007-2956
+CVE-2007-2956 (Stack-based buffer overflow in the readRadianceHeader function in (1)  ...)
 	NOT-FOR-US: Qtpfsgui and pfstools
-CVE-2007-2955
+CVE-2007-2955 (Multiple unspecified "input validation error" vulnerabilities in multi ...)
 	NOT-FOR-US: Norton Antivirus/Internet Security/System Works
-CVE-2007-2954
+CVE-2007-2954 (Multiple stack-based buffer overflows in the Spooler service (nwspool. ...)
 	NOT-FOR-US: Novell Client
-CVE-2007-2953
+CVE-2007-2953 (Format string vulnerability in the helptags_one function in src/ex_cmd ...)
 	{DSA-1364-2 DSA-1364-1}
 	- vim 1:7.1-056+1 (low)
-CVE-2007-2952
+CVE-2007-2952 (Multiple stack-based buffer overflows in the filter service (aka k9fil ...)
 	NOT-FOR-US: Blue Coat K9 Web Protection
-CVE-2007-2951
+CVE-2007-2951 (The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3 ...)
 	- kvirc 2:3.2.4-5 (bug #434419; medium)
-CVE-2007-2950
+CVE-2007-2950 (Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara  ...)
 	NOT-FOR-US: Centennial
-CVE-2007-2949
+CVE-2007-2949 (Integer overflow in the seek_to_and_unpack_pixeldata function in the p ...)
 	{DSA-1335-1}
 	- gimp 2.2.16-1 (medium)
 	- ingimp 2.2.16.20070710-1
 	NOTE: http://secunia.com/secunia_research/2007-63/advisory
-CVE-2007-2948
+CVE-2007-2948 (Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlay ...)
 	{DSA-1313-1}
 	- mplayer 1.0~rc1-14
-CVE-2007-2947
+CVE-2007-2947 (Multiple PHP remote file inclusion vulnerabilities in OpenBASE Alpha 0 ...)
 	NOT-FOR-US: OpenBASE Alpha
-CVE-2007-2946
+CVE-2007-2946 (Buffer overflow in a certain ActiveX control in LeadTools Raster Dialo ...)
 	NOT-FOR-US: LeadTools Raster Dialog File_D Object (LTRDFD14e.DLL)
-CVE-2007-2945
+CVE-2007-2945 (RMForum stores sensitive information under the web root with insuffici ...)
 	NOT-FOR-US: RMForum
-CVE-2007-2944
+CVE-2007-2944 (WabCMS 1.0 stores sensitive information under the web root with insuff ...)
 	NOT-FOR-US: WabCMS
-CVE-2007-2943
+CVE-2007-2943 (PHP remote file inclusion vulnerability in class/class.php in Webavis  ...)
 	NOT-FOR-US: Webavis
-CVE-2007-2942
+CVE-2007-2942 (SQL injection vulnerability in user.php in My Little Forum 1.7 and ear ...)
 	NOT-FOR-US: My Little Forum
-CVE-2007-2941
+CVE-2007-2941 (Multiple PHP remote file inclusion vulnerabilities in the creator in v ...)
 	NOT-FOR-US: vBulletin Google Yahoo Site Map
-CVE-2007-2940
+CVE-2007-2940 (Multiple PHP remote file inclusion vulnerabilities in FlaP 1.0b (1.0 B ...)
 	NOT-FOR-US: FlaP
-CVE-2007-2939
+CVE-2007-2939 (Multiple PHP remote file inclusion vulnerabilities in Mazen's PHP Chat ...)
 	NOT-FOR-US: Mazen's PHP Chat
-CVE-2007-2938
+CVE-2007-2938 (Buffer overflow in the BaseRunner ActiveX control in the Ademco ATNBas ...)
 	NOT-FOR-US: BaseRunner ActiveX control in the Ademco ATNBaseLoader100 Module
-CVE-2007-2937
+CVE-2007-2937 (PHP remote file inclusion vulnerability in admin/admin.php in TROforum ...)
 	NOT-FOR-US: TROforum
-CVE-2007-2936
+CVE-2007-2936 (Multiple PHP remote file inclusion vulnerabilities in Frequency Clock  ...)
 	NOT-FOR-US: Frequency Clock
-CVE-2007-2935
+CVE-2007-2935 (core/spellcheck/spellcheck.php in Fundanemt before 2.2.0.1 allows remo ...)
 	NOT-FOR-US: Fundanemt
-CVE-2007-2934
+CVE-2007-2934 (Directory traversal vulnerability in skins/common.css.php in Vistered  ...)
 	NOT-FOR-US: Vistered Little
-CVE-2007-2933
+CVE-2007-2933 (SQL injection vulnerability in index.php in the Phil-a-Form (com_phila ...)
 	NOT-FOR-US: Phil-a-Form
-CVE-2007-2932
+CVE-2007-2932 (Cross-site scripting (XSS) vulnerability in index.php in BoastMachine  ...)
 	NOT-FOR-US: BoastMachine
-CVE-2007-2931
+CVE-2007-2931 (Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7. ...)
 	NOT-FOR-US: MSN Messenger
-CVE-2007-2930
+CVE-2007-2930 (The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC ...)
 	- bind <removed> (bug #442910)
 	[etch] - bind <no-dsa> (It's documented in README.Debian that Bind 8 has architectual limitations and should not be used unless you know what you're doing)
 	[sarge] - bind <no-dsa> (It's documented in README.Debian that Bind 8 has architectual limitations and should not be used unless you know what you're doing)
-CVE-2007-2929
+CVE-2007-2929 (The IBM Lenovo Access Support acpRunner ActiveX control, as distribute ...)
 	NOT-FOR-US: IBM Lenovo Access Support
-CVE-2007-2928
+CVE-2007-2928 (Format string vulnerability in the IBM Lenovo Access Support acpRunner ...)
 	NOT-FOR-US: IBM Lenovo Access Support
-CVE-2007-2927
+CVE-2007-2927 (Unspecified vulnerability in Atheros 802.11 a/b/g wireless adapter dri ...)
 	NOT-FOR-US: Windows Atheros drivers
-CVE-2007-2926
+CVE-2007-2926 (ISC BIND 9 through 9.5.0a5 uses a weak random number generator during  ...)
 	{DSA-1341-2}
 	- bind9 1:9.4.1-P1-1
-CVE-2007-2925
+CVE-2007-2925 (The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9 ...)
 	- bind9 1:9.4.1-P1-1 (medium)
 	[etch] - bind9 <not-affected> (Only 9.4.x and 9.5.x are affected)
 	[sarge] - bind9 <not-affected> (Only 9.4.x and 9.5.x are affected)
-CVE-2007-2924
+CVE-2007-2924 (Multiple buffer overflows in RealNetworks GameHouse dldisplay ActiveX  ...)
 	NOT-FOR-US: RealNetworks GameHouse
-CVE-2007-2923
+CVE-2007-2923 (The launch method in the LocalExec ActiveX control (LocalExec.ocx) in  ...)
 	NOT-FOR-US: LocalExec ActiveX control
 CVE-2007-2922
 	RESERVED
-CVE-2007-2921
+CVE-2007-2921 (Multiple buffer overflows in acgm.dll in the Corel / Micrografx Active ...)
 	NOT-FOR-US: Corel
-CVE-2007-2920
+CVE-2007-2920 (Multiple stack-based buffer overflows in the Zoomify Viewer ActiveX co ...)
 	NOT-FOR-US: Zoomify Viewer
-CVE-2007-2919
+CVE-2007-2919 (Multiple stack-based buffer overflows in the FViewerLoading ActiveX co ...)
 	NOT-FOR-US: FViewerLoading
-CVE-2007-2918
+CVE-2007-2918 (Multiple stack-based buffer overflows in ActiveX controls (1) VibeC in ...)
 	NOT-FOR-US: Logitech
-CVE-2007-2917
+CVE-2007-2917 (Multiple buffer overflows in a certain ActiveX control in odapi.dll in ...)
 	NOT-FOR-US: Authentium
-CVE-2007-2916
+CVE-2007-2916 (Cross-site scripting (XSS) vulnerability in showown.php in GMTT Music  ...)
 	NOT-FOR-US: GMTT Music Distro
-CVE-2007-2915
+CVE-2007-2915 (Cross-site scripting (XSS) vulnerability in RM EasyMail Plus allows re ...)
 	NOT-FOR-US: RM EasyMail Plus
-CVE-2007-2914
+CVE-2007-2914 (Multiple cross-site scripting (XSS) vulnerabilities in PsychoStats 3.0 ...)
 	NOT-FOR-US: PsychoStats
-CVE-2007-2913
+CVE-2007-2913 (Cross-site scripting (XSS) vulnerability in index.php in ClonusWiki .5 ...)
 	NOT-FOR-US: ClonusWiki
-CVE-2007-2912
+CVE-2007-2912 (Unspecified vulnerability in Jelsoft vBulletin before 3.6.6, when unau ...)
 	NOT-FOR-US: Jelsoft vBulletin
-CVE-2007-2911
+CVE-2007-2911 (SQL injection vulnerability in admincp/attachment.php in Jelsoft vBull ...)
 	NOT-FOR-US: Jelsoft vBulletin
-CVE-2007-2910
+CVE-2007-2910 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before 3 ...)
 	NOT-FOR-US: Jelsoft vBulletin
-CVE-2007-2909
+CVE-2007-2909 (Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vB ...)
 	NOT-FOR-US: Jelsoft vBulletin
-CVE-2007-2908
+CVE-2007-2908 (Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vB ...)
 	NOT-FOR-US: vBulletin
-CVE-2007-2907
+CVE-2007-2907 (Unspecified vulnerability in SSL-Explorer before 0.2.13 allows remote  ...)
 	NOT-FOR-US: SSL-Explorer
-CVE-2007-2906
+CVE-2007-2906 (Java Embedding Plugin 0.9.6.1 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Java Embedding Plugin for Mac OS X
-CVE-2007-2905
+CVE-2007-2905 (SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 ...)
 	NOT-FOR-US: 2z Project
-CVE-2007-2904
+CVE-2007-2904 (Cross-site scripting (XSS) vulnerability in Sun Java System Messaging  ...)
 	NOT-FOR-US: Sun Java System Messaging Server
-CVE-2007-2903
+CVE-2007-2903 (Buffer overflow in the HelpPopup method in the Microsoft Office 2000 C ...)
 	NOT-FOR-US: Microsoft Office ActiveX control
-CVE-2007-2902
+CVE-2007-2902 (SQL injection vulnerability in main/auth/my_progress.php in Dokeos 1.8 ...)
 	NOT-FOR-US: Dokeos
-CVE-2007-2901
+CVE-2007-2901 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.0 an ...)
 	NOT-FOR-US: Dokeos
-CVE-2007-2900
+CVE-2007-2900 (Multiple PHP remote file inclusion vulnerabilities in Scallywag 2005-0 ...)
 	NOT-FOR-US: Scallywag
-CVE-2007-2899
+CVE-2007-2899 (Direct static code injection vulnerability in admin_config.php in NavB ...)
 	NOT-FOR-US: Navboard
-CVE-2007-2898
+CVE-2007-2898 (SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 ...)
 	NOT-FOR-US: 2z Project
-CVE-2007-2897
+CVE-2007-2897 (Microsoft Internet Information Services (IIS) 6.0 allows remote attack ...)
 	NOT-FOR-US: Microsoft IIS
-CVE-2007-2896
+CVE-2007-2896 (Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 ...)
 	NOT-FOR-US: Symantec
-CVE-2007-2895
+CVE-2007-2895 (Buffer overflow in a certain ActiveX control in LTRDF14e.DLL 14.5.0.44 ...)
 	NOT-FOR-US: LeadTools Raster Dialog File_D Object (LTRDFD14e.DLL)
-CVE-2007-2894
+CVE-2007-2894 (The emulated floppy disk controller in Bochs 2.3 allows local users of ...)
 	- bochs <unfixed> (unimportant)
-CVE-2007-2893
+CVE-2007-2893 (Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iode ...)
 	{DSA-1351-1}
 	- bochs 2.3+20070705-1 (low; bug #427144)
 	NOTE: kvm/qemu are tracked as CVE-2007-5729 and CVE-2007-5730
-CVE-2007-2892
+CVE-2007-2892 (Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke 2.0.7 ...)
 	NOT-FOR-US: ASP-Nuke
-CVE-2007-2891
+CVE-2007-2891 (Multiple PHP remote file inclusion vulnerabilities in FirmWorX 0.1.2 a ...)
 	NOT-FOR-US: FirmWorX
-CVE-2007-2890
+CVE-2007-2890 (SQL injection vulnerability in category.php in cpCommerce 1.1.0 and ea ...)
 	NOT-FOR-US: cpCommerce
-CVE-2007-2889
+CVE-2007-2889 (SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5  ...)
 	NOT-FOR-US: Dokeos
-CVE-2007-2888
+CVE-2007-2888 (Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows  ...)
 	NOT-FOR-US: UltraISO
-CVE-2007-2887
+CVE-2007-2887 (Cross-site scripting (XSS) vulnerability in index.php in Web Icerik Yo ...)
 	NOT-FOR-US: WIYS
-CVE-2007-2886
+CVE-2007-2886 (Unspecified vulnerability in the Nortel CS 1000 M media card in Enterp ...)
 	NOT-FOR-US: Nortel
-CVE-2007-2885
+CVE-2007-2885 (The NotSafe function in the MSVDTDatabaseDesigner7 ActiveX control in  ...)
 	NOT-FOR-US: Microsoft Visual Database Tools
-CVE-2007-2884
+CVE-2007-2884 (Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allo ...)
 	NOT-FOR-US: Microsoft Visual Basic
-CVE-2007-2883
+CVE-2007-2883 (Credant Mobile Guardian Shield for Windows 5.2.1.105 and earlier store ...)
 	NOT-FOR-US: Credant
-CVE-2007-2882
+CVE-2007-2882 (Unspecified vulnerability in the NFS client module in Sun Solaris 8 th ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-2881
+CVE-2007-2881 (Multiple stack-based buffer overflows in the SOCKS proxy support (sock ...)
 	NOT-FOR-US: Sun Java Web Proxy Server
-CVE-2007-2880
+CVE-2007-2880 (Multiple cross-site scripting (XSS) vulnerabilities in Digirez 3.4 all ...)
 	NOT-FOR-US: Digirez
-CVE-2007-2879
+CVE-2007-2879 (Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk Po ...)
 	NOT-FOR-US: GNUTurk
-CVE-2007-2878
+CVE-2007-2878 (The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run o ...)
 	{DSA-1479-1}
 	- linux-2.6 2.6.21-3
-CVE-2007-2877
+CVE-2007-2877 (Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 al ...)
 	NOTE: Not a security issue; Windows-only anyway.
-CVE-2007-2876
+CVE-2007-2876 (The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conn ...)
 	{DSA-1356-1}
 	- linux-2.6 2.6.21-5 (medium)
-CVE-2007-2875
+CVE-2007-2875 (Integer underflow in the cpuset_tasks_read function in the Linux kerne ...)
 	{DSA-1363-1}
 	- linux-2.6 2.6.21-5 (medium)
-CVE-2007-2874
+CVE-2007-2874 (Buffer overflow in the wpa_printf function in the debugging code in wp ...)
 	- wpasupplicant <not-affected> (Fedora-only issue)
-CVE-2007-2873
+CVE-2007-2873 (SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as  ...)
 	- spamassassin 3.2.1-1 (low)
 	[sarge] - spamassassin <no-dsa> (Only obscure setups affected, only locally exploitable)
 	[etch] - spamassassin 3.1.7-2etch1
 	NOTE: Minor issue fixed in etch r6 point update
 	NOTE: Only obscure setups affected, only locally exploitable
-CVE-2007-2872
+CVE-2007-2872 (Multiple integer overflows in the chunk_split function in PHP 5 before ...)
 	- php5 5.2.3-1 (unimportant)
 	NOTE: Only triggerable by malicious script
 	NOTE: Fix from 5.2.3 was ineffective
-CVE-2007-2871
+CVE-2007-2871 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaM ...)
 	{DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	NOTE: MFSA2007-17
 	- iceweasel 2.0.0.4-1 (low)
 	- iceape 1.1.2-1 (low)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
 	- xulrunner 1.8.1.4-1 (low)
-CVE-2007-2870
+CVE-2007-2870 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaM ...)
 	{DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	NOTE: MFSA2007-16
 	- iceweasel 2.0.0.4-1 (medium)
 	- iceape 1.1.2-1 (medium)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
 	- xulrunner 1.8.1.4-1 (medium)
-CVE-2007-2869
+CVE-2007-2869 (The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12 ...)
 	{DSA-1308-1 DSA-1306-1 DTSA-45-1 DTSA-51-1}
 	NOTE: MFSA2007-13
 	- iceweasel 2.0.0.4-1
 	- iceape 1.1.2-1
 	- mozilla <removed>
 	- xulrunner 1.8.1.4-1
-CVE-2007-2868
+CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox  ...)
 	{DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1 DTSA-47-1 DTSA-51-1}
 	NOTE: MFSA2007-12
 	- iceweasel 2.0.0.4-1 (high)
@@ -9264,7 +9264,7 @@ CVE-2007-2868
 	- icedove 2.0.0.4-1 (low)
 	- xulrunner 1.8.1.4-1 (high)
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-2867
+CVE-2007-2867 (Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5. ...)
 	{DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1 DTSA-47-1 DTSA-51-1}
 	NOTE: MFSA2007-12
 	- iceweasel 2.0.0.4-1 (high)
@@ -9273,57 +9273,57 @@ CVE-2007-2867
 	- icedove 2.0.0.4-1 (low)
 	- xulrunner 1.8.1.4-1 (high)
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-2866
+CVE-2007-2866 (Multiple SQL injection vulnerabilities in modules/admin/modules/galler ...)
 	NOT-FOR-US: PHPEcho CMS
-CVE-2007-2865
+CVE-2007-2865 (Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin  ...)
 	{DSA-1693-1}
 	- phppgadmin 4.1.2-1 (low; bug #427151)
 	[sarge] - phppgadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://phppgadmin.cvs.sourceforge.net/phppgadmin/webdb/classes/Misc.php?r1=1.156&r2=1.157&pathrev=MAIN
-CVE-2007-2864
+CVE-2007-2864 (Stack-based buffer overflow in the Anti-Virus engine before content up ...)
 	NOT-FOR-US: CA Anti-Virus
-CVE-2007-2863
+CVE-2007-2863 (Stack-based buffer overflow in the Anti-Virus engine before content up ...)
 	NOT-FOR-US: CA Anti-Virus
-CVE-2007-2862
+CVE-2007-2862 (Multiple SQL injection vulnerabilities in CubeCart 3.0.16 might allow  ...)
 	NOT-FOR-US: CubeCart
-CVE-2007-2861
+CVE-2007-2861 (Multiple PHP remote file inclusion vulnerabilities in Simple Accessibl ...)
 	NOT-FOR-US: SAXON
-CVE-2007-2860
+CVE-2007-2860 (user.php in BoastMachine 3.0 platinum allows remote authenticated user ...)
 	NOT-FOR-US: BoastMachine
-CVE-2007-2859
+CVE-2007-2859 (Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 al ...)
 	NOT-FOR-US: SimpGB
-CVE-2007-2858
+CVE-2007-2858 (SQL injection vulnerability in the IP-Search functionality in the IP-T ...)
 	NOT-FOR-US: IP-Tracking Mod for phpBB
-CVE-2007-2857
+CVE-2007-2857 (PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Exc ...)
 	NOT-FOR-US: ABC Excel Parser Pro
-CVE-2007-2856
+CVE-2007-2856 (Buffer overflow in the Dart Communications PowerTCP ZIP Compression Ac ...)
 	NOT-FOR-US: Dart Communications PowerTCP
-CVE-2007-2855
+CVE-2007-2855 (Buffer overflow in a certain ActiveX control in DartZipLite.dll 1.8.5. ...)
 	NOT-FOR-US: Dart ZipLite
-CVE-2007-2854
+CVE-2007-2854 (Multiple SQL injection vulnerabilities in account_change.php in BtiTra ...)
 	NOT-FOR-US: BtiTracker
-CVE-2007-2853
+CVE-2007-2853 (The VCDAPILibApi ActiveX control in vc9api.DLL 9.0.0.57 in Virtual CD  ...)
 	NOT-FOR-US: Virtual CD
-CVE-2007-2852
+CVE-2007-2852 (Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2 ...)
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2007-2851
+CVE-2007-2851 (A certain ActiveX control in LeadTools Raster Variant Object Library ( ...)
 	NOT-FOR-US: LeadTools
-CVE-2007-2850
+CVE-2007-2850 (The Session Reliability Service (XTE) in Citrix MetaFrame Presentation ...)
 	NOT-FOR-US: Citrix
-CVE-2007-2849
+CVE-2007-2849 (KnowledgeTree Document Management (aka KnowledgeTree Open Source) befo ...)
 	- knowledgetree <removed> (bug #432123)
-CVE-2007-2848
+CVE-2007-2848 (Stack-based buffer overflow in the SetPath function in the shComboBox  ...)
 	NOT-FOR-US: Sky Software
-CVE-2007-2847
+CVE-2007-2847 (Multiple cross-site scripting (XSS) vulnerabilities in hlstats.php in  ...)
 	NOT-FOR-US: HLstats
-CVE-2007-2846
+CVE-2007-2846 (Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Ma ...)
 	NOT-FOR-US: Avast
-CVE-2007-2845
+CVE-2007-2845 (Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Ma ...)
 	NOT-FOR-US: Avast
-CVE-2007-2844
+CVE-2007-2844 (PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems,  ...)
 	- php5 <not-affected> (Multi-threaded operation not supported in Debian)
 	- php4 <not-affected> (Multi-threaded operation not supported in Debian)
-CVE-2007-2843
+CVE-2007-2843 (Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attacke ...)
 	NOT-FOR-US: Apple Safari
 	NOTE: Does not seem to work with Konqueror.
 CVE-2007-2842
@@ -9335,110 +9335,110 @@ CVE-2007-2841 [lighttpd DoS]
 	NOTE: assignment
 CVE-2007-2840
 	RESERVED
-CVE-2007-2839
+CVE-2007-2839 (gfax 0.4.2 and probably other versions creates temporary files insecur ...)
 	{DSA-1329-1}
 	- gfax 0.6 (bug #431893; low)
 	NOTE: Vulnerable code no longer present since 0.6, so marking this as fixed version
-CVE-2007-2838
+CVE-2007-2838 (The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 a ...)
 	{DSA-1327-1}
 	- gsambad 0.1.6-2 (bug #431331)
-CVE-2007-2837
+CVE-2007-2837 (The (1) getRule and (2) getChains functions in server/rules.cpp in fir ...)
 	{DSA-1326-1}
 	- fireflier 1.1.7
-CVE-2007-2836
+CVE-2007-2836 (Directory traversal vulnerability in session.rb in Hiki 0.8.0 through  ...)
 	{DSA-1324-1}
 	- hiki 0.8.7-1 (bug #430691; medium)
 	[sarge] - hiki <not-affected> (Vulnerable code not present)
-CVE-2007-2835
+CVE-2007-2835 (Multiple stack-based buffer overflows in (1) CCE_pinyin.c and (2) xl_p ...)
 	{DSA-1328-1}
 	- unicon 3.0.4-12 (bug #431336)
-CVE-2007-2834
+CVE-2007-2834 (Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3 ...)
 	{DSA-1375-1}
 	- openoffice.org 2.2.1-9 (medium)
 	[sarge] - openoffice.org 1.1.3-9sarge8
-CVE-2007-2833
+CVE-2007-2833 (Emacs 21 allows user-assisted attackers to cause a denial of service ( ...)
 	{DSA-1316-1}
 	- emacs21 21.4a+1-5.1 (bug #408929; low)
 	- emacs-snapshot <removed>
 	NOTE: The bug is not present in emacs22 22.2+1-1. It was probably
 	NOTE: fixed before the first emacs22 upload.
-CVE-2007-2832
+CVE-2007-2832 (Cross-site scripting (XSS) vulnerability in the web application firewa ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2831
+CVE-2007-2831 (Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ieee ...)
 	- madwifi 1:0.9.3-2 (high; bug #425738)
 	[etch] - madwifi 1:0.9.2+r1842.20061207-2etch1
-CVE-2007-2830
+CVE-2007-2830 (The ath_beacon_config function in if_ath.c in MadWifi before 0.9.3.1 a ...)
 	- madwifi 1:0.9.3-2 (medium; bug #425738)
 	[etch] - madwifi 1:0.9.2+r1842.20061207-2etch1
-CVE-2007-2829
+CVE-2007-2829 (The 802.11 network stack in net80211/ieee80211_input.c in MadWifi befo ...)
 	- madwifi 1:0.9.3-2 (medium; bug #425738)
 	[etch] - madwifi 1:0.9.2+r1842.20061207-2etch1
-CVE-2007-2828
+CVE-2007-2828 (Cross-site request forgery (CSRF) vulnerability in adsense-deluxe.php  ...)
 	NOT-FOR-US: AdSense-Deluxe
-CVE-2007-2827
+CVE-2007-2827 (Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX ...)
 	NOT-FOR-US: LeadTools
-CVE-2007-2826
+CVE-2007-2826 (PHP remote file inclusion vulnerability in lib/addressbook.php in Madi ...)
 	NOT-FOR-US: Madirish Webmail
-CVE-2007-2825
+CVE-2007-2825 (Multiple cross-site scripting (XSS) vulnerabilities in ReadMsg.php in  ...)
 	NOT-FOR-US: @Mail
-CVE-2007-2824
+CVE-2007-2824 (SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 ...)
 	NOT-FOR-US: AlstraSoft E-Friends
-CVE-2007-2823
+CVE-2007-2823 (Multiple buffer overflows in HT Editor before 2.0.6 might allow remote ...)
 	NOT-FOR-US: HT Editor
-CVE-2007-2822
+CVE-2007-2822 (TutorialCMS 1.01 and earlier, when register_globals is enabled, allows ...)
 	NOT-FOR-US: TutorialCMS
-CVE-2007-2821
+CVE-2007-2821 (SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress be ...)
 	{DSA-1502-1}
 	- wordpress 2.2-1 (high)
 	NOTE: seems present in etch even though admin-ajax.php was not shipped yet
-CVE-2007-2820
+CVE-2007-2820 (Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX C ...)
 	NOT-FOR-US: KSign
-CVE-2007-2819
+CVE-2007-2819 (Cross-site scripting (XSS) vulnerability in reportItem.do in Track+ 3. ...)
 	NOT-FOR-US: Track+
-CVE-2007-2818
+CVE-2007-2818 (Cross-site scripting (XSS) vulnerability in cand_login.asp in CactuSof ...)
 	NOT-FOR-US: Parodia
-CVE-2007-2817
+CVE-2007-2817 (SQL injection vulnerability in read/index.php in ol'bookmarks 0.7.4 al ...)
 	NOT-FOR-US: ol'bookmarks
-CVE-2007-2816
+CVE-2007-2816 (Multiple PHP remote file inclusion vulnerabilities in ol'bookmarks 0.7 ...)
 	NOT-FOR-US: ol'bookmarks
-CVE-2007-2815
+CVE-2007-2815 (The "hit-highlighting" functionality in webhits.dll in Microsoft Inter ...)
 	NOT-FOR-US: Microsoft IIS
-CVE-2007-2814
+CVE-2007-2814 (Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX co ...)
 	NOT-FOR-US: Pegasus ImagN'
-CVE-2007-2813
+CVE-2007-2813 (Cisco IOS 12.4 and earlier, when using the crypto packages and SSL sup ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2812
+CVE-2007-2812 (Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats 1.3 ...)
 	NOT-FOR-US: HLstats
-CVE-2007-2811
+CVE-2007-2811 (Cross-site scripting (XSS) vulnerability in OSK Advance-Flow 4.41 and  ...)
 	NOT-FOR-US: OSK Advance-Flow
-CVE-2007-2810
+CVE-2007-2810 (SQL injection vulnerability in down_indir.asp in Gazi Download Portal  ...)
 	NOT-FOR-US: Gazi Download Portal
-CVE-2007-2809
+CVE-2007-2809 (Buffer overflow in the transfer manager in Opera before 9.21 for Windo ...)
 	NOT-FOR-US: Opera
-CVE-2007-2808
+CVE-2007-2808 (Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb 4. ...)
 	{DSA-1486-1}
 	- gnatsweb 4.00-1.1 (low; bug #427156)
-CVE-2007-2807
+CVE-2007-2807 (Stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop 1. ...)
 	{DSA-1826-1 DSA-1448-1}
 	- eggdrop 1.6.18-1.1 (medium; bug #427157)
-CVE-2007-2806
+CVE-2007-2806 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ga ...)
 	NOT-FOR-US: GaliX
-CVE-2007-2805
+CVE-2007-2805 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Cl ...)
 	NOT-FOR-US: ClientExec
-CVE-2007-2804
+CVE-2007-2804 (Multiple cross-site scripting (XSS) vulnerabilities in scripts/prodLis ...)
 	NOT-FOR-US: CandyPress Store
-CVE-2007-2803
+CVE-2007-2803 (SQL injection vulnerability in default.asp in Vizayn Urun Tanitim Site ...)
 	NOT-FOR-US: Vizayn Urun Tanitim Sitesi
-CVE-2007-2802
+CVE-2007-2802 (Cross-site scripting (XSS) vulnerability in cp/ps/Main/login/Login in  ...)
 	NOT-FOR-US: RM EasyMail Plus
-CVE-2007-2801
+CVE-2007-2801 (Multiple cross-site scripting (XSS) vulnerabilities in open.php in eTi ...)
 	NOT-FOR-US: eTicket
-CVE-2007-2800
+CVE-2007-2800 (index.php in eTicket 1.5.5.1 and earlier allows remote attackers to ob ...)
 	NOT-FOR-US: eTicket
-CVE-2007-2799
+CVE-2007-2799 (Integer overflow in the "file" program 4.20, when running on 32-bit sy ...)
 	{DSA-1343-2 DSA-1343-1}
 	- file 4.21-1 (medium; bug #428293)
-CVE-2007-2798
+CVE-2007-2798 (Stack-based buffer overflow in the rename_principal_2_svc function in  ...)
 	{DSA-1323-1}
 	- krb5 1.6.dfsg.1-5 (high; bug #430785)
 CVE-2007-XXXX [mantis multiple issues fixed in 1.0.7]
@@ -9448,101 +9448,101 @@ CVE-2007-XXXX [mantis multiple issues fixed in 1.0.7]
 CVE-2007-XXXX [NTFS driver for FUSE unspecified issue]
 	- ntfs-3g 1:1.516-1
 	NOTE: local root exploit
-CVE-2007-2797
+CVE-2007-2797 (xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in  ...)
 	- xterm <not-affected> (Debian uses safe compile-time settings)
-CVE-2007-2796
+CVE-2007-2796 (Arris Cadant C3 CMTS allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: Arris Cadant
-CVE-2007-2795
+CVE-2007-2795 (Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remot ...)
 	NOT-FOR-US: Ipswitch IMail
 CVE-2007-2794
 	RESERVED
-CVE-2007-2793
+CVE-2007-2793 (PHP remote file inclusion vulnerability in ImageImageMagick.php in Gee ...)
 	NOT-FOR-US: Geeklog
-CVE-2007-2792
+CVE-2007-2792 (SQL injection vulnerability in the Yet another Newsletter Component (a ...)
 	NOT-FOR-US: com_yanc for Mambo
 	NOTE: com_yanc component not in Mambo Debian package
-CVE-2007-2791
+CVE-2007-2791 (Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5 ...)
 	NOT-FOR-US: HP Tru64
-CVE-2007-2790
+CVE-2007-2790 (Cross-site scripting (XSS) vulnerability in shopcontent.asp in VP-ASP  ...)
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2007-2789
+CVE-2007-2789 (The BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11 ...)
 	- sun-java5 1.5.0-11-1 (medium)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- sun-java6 6-01-1 (bug #422403)
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-2788
+CVE-2007-2788 (Integer overflow in the embedded ICC profile image parser in Sun Java  ...)
 	- sun-java5 1.5.0-11-1 (medium)
 	[etch] - sun-java5 1.5.0-14-1etch1
 	- sun-java6 6-01-1 (bug #422403)
 	- openjdk-6 6b08-1 (bug #566766)
-CVE-2007-2787
+CVE-2007-2787 (Stack-based buffer overflow in the BrowseDir function in the (1) lttmb ...)
 	NOT-FOR-US: LeadTools Raster Thumbnail Object Library
-CVE-2007-2786
+CVE-2007-2786 (Ratbox IRC Daemon (aka ircd-ratbox) 2.2.5 and earlier allows remote at ...)
 	NOT-FOR-US: ircd-ratbox
-CVE-2007-2785
+CVE-2007-2785 (manage-admins.php in eSyndiCat Pro 1.x allows remote attackers to crea ...)
 	NOT-FOR-US: eSyndiCat Pro
-CVE-2007-2784
+CVE-2007-2784 (Unspecified vulnerability in globus-job-manager in Globus Toolkit 4.1. ...)
 	NOT-FOR-US: Globus Toolkit
-CVE-2007-2783
+CVE-2007-2783 (Unspecified vulnerability in Rational Soft Hidden Administrator 1.7 an ...)
 	NOT-FOR-US: Rational Soft Hidden Administrator
-CVE-2007-2782
+CVE-2007-2782 (Packeteer PacketShaper uses fixed increments in TCP initial sequence n ...)
 	NOT-FOR-US: Packeteer PacketShaper
-CVE-2007-2781
+CVE-2007-2781 (Cross-site scripting (XSS) vulnerability in include/sessionRegister.ph ...)
 	NOT-FOR-US: WikyBlog
-CVE-2007-2780
+CVE-2007-2780 (PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: PsychoStats
-CVE-2007-2779
+CVE-2007-2779 (PHP remote file inclusion vulnerability in template_csv.php in Libstat ...)
 	NOT-FOR-US: Libstats
-CVE-2007-2778
+CVE-2007-2778 (Multiple directory traversal vulnerabilities in MolyX BOARD 2.5.0 allo ...)
 	NOT-FOR-US: MolyX BOARD
-CVE-2007-2777
+CVE-2007-2777 (Unrestricted file upload vulnerability in admin/addsptemplate.php in A ...)
 	NOT-FOR-US: AlstraSoft Template Seller Pro
-CVE-2007-2776
+CVE-2007-2776 (AlstraSoft Template Seller Pro 3.25 and earlier sends a redirect to th ...)
 	NOT-FOR-US: AlstraSoft Template Seller Pro
-CVE-2007-2775
+CVE-2007-2775 (AlstraSoft Live Support 1.21 sends a redirect to the web browser but d ...)
 	NOT-FOR-US: AlstraSoft Live Support
-CVE-2007-2774
+CVE-2007-2774 (Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 ...)
 	NOT-FOR-US: SunLight CMS
-CVE-2007-2773
+CVE-2007-2773 (SQL injection vulnerability in plugins/mp3playlist/mp3playlist.php in  ...)
 	NOT-FOR-US: Zomplog
-CVE-2007-2772
+CVE-2007-2772 ((1) caloggerd.exe (camt70.dll) and (2) mediasvr.exe (catirpc.dll and r ...)
 	NOT-FOR-US: CA BrightStor Backup
-CVE-2007-2771
+CVE-2007-2771 (Stack-based buffer overflow in the LEAD Technologies LeadTools JPEG 20 ...)
 	NOT-FOR-US: LeadTools JPEG 2000
-CVE-2007-2770
+CVE-2007-2770 (Stack-based buffer overflow in Eudora 7.1 allows user-assisted, remote ...)
 	NOT-FOR-US: Eudora
-CVE-2007-2769
+CVE-2007-2769 (BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 does not properly  ...)
 	NOT-FOR-US: OPeNDAP
-CVE-2007-2768
+CVE-2007-2768 (OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, a ...)
 	- openssh <unfixed> (bug #436571; unimportant)
 	[etch] - openssh <no-dsa> (Minor issue)
 	[sarge] - openssh <no-dsa> (Minor issue)
 	NOTE: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=112279
-CVE-2007-2767
+CVE-2007-2767 (Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 (Hydrax) be ...)
 	NOT-FOR-US: OPeNDAP
-CVE-2007-2766
+CVE-2007-2766 (lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQ ...)
 	- backup-manager 0.7.6-1 (low)
 	[sarge] - backup-manager <no-dsa> (Minor issue)
 	[etch] - backup-manager 0.7.5-5
-CVE-2007-2765
+CVE-2007-2765 (blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemo ...)
 	NOT-FOR-US: BlockHosts
-CVE-2007-2764
+CVE-2007-2764 (The embedded Linux kernel in certain Sun-Brocade SilkWorm switches bef ...)
 	NOT-FOR-US: Sun-Brocade SilkWorm
-CVE-2007-2763
+CVE-2007-2763 (Buffer overflow in the UnlockSupport function in the LockModules subsy ...)
 	NOT-FOR-US: Sienzo Digital Music Mentor ActiveX control
-CVE-2007-2762
+CVE-2007-2762 (Multiple PHP remote file inclusion vulnerabilities in Build it Fast (b ...)
 	NOT-FOR-US: Build it Fast
-CVE-2007-2761
+CVE-2007-2761 (Stack-based buffer overflow in MagicISO 5.4 build 239 and earlier allo ...)
 	NOT-FOR-US: MagicISO
-CVE-2007-2760
+CVE-2007-2760 (The canUpdate function in model/MRole.java in Adempiere before 3.1.6 d ...)
 	NOT-FOR-US: Adempiere
-CVE-2007-2759
+CVE-2007-2759 (Multiple SQL injection vulnerabilities in the insert function in the V ...)
 	NOT-FOR-US: Adempiere
-CVE-2007-2758
+CVE-2007-2758 (Multiple buffer overflows in WinImage 8.0.8000 allow user-assisted rem ...)
 	NOT-FOR-US: WinImage
-CVE-2007-2757
+CVE-2007-2757 (Multiple cross-site scripting (XSS) vulnerabilities in Redoable 1.2 al ...)
 	NOT-FOR-US: Redoable
-CVE-2007-2756
+CVE-2007-2756 (The gdPngReadData function in libgd 2.0.34 allows user-assisted attack ...)
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (bug #426100; bug #426099; bug #425584; low)
 	[etch] - libgd <no-dsa> (Minor issue)
@@ -9550,529 +9550,529 @@ CVE-2007-2756
 	[etch] - libgd2 <no-dsa> (Minor issue)
 	[sarge] - libgd2 <no-dsa> (Minor issue)
 	NOTE: https://web.archive.org/web/20090212193455/http://bugs.libgd.org/?do=details&task_id=86
-CVE-2007-2755
+CVE-2007-2755 (The PrecisionID Barcode 1.9 ActiveX control in PrecisionID_Barcode.dll ...)
 	NOT-FOR-US: PrecisionID
-CVE-2007-2754
+CVE-2007-2754 (Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and e ...)
 	{DSA-1334-1 DSA-1302-1}
 	- freetype 2.2.1-6 (bug #425625)
 	[sarge] - freetype 2.1.7-8
-CVE-2007-2753
+CVE-2007-2753 (RunawaySoft Haber portal 1.0 stores sensitive information under the we ...)
 	NOT-FOR-US: RunawaySoft
-CVE-2007-2752
+CVE-2007-2752 (SQL injection vulnerability in devami.asp in RunawaySoft Haber portal  ...)
 	NOT-FOR-US: RunawaySoft
-CVE-2007-2751
+CVE-2007-2751 (Multiple PHP remote file inclusion vulnerabilities in PHPGlossar 0.8 a ...)
 	NOT-FOR-US: PHPGlossar
-CVE-2007-2750
+CVE-2007-2750 (SQL injection vulnerability in print.php in SimpNews 2.40.01 and earli ...)
 	NOT-FOR-US: SimpNews
-CVE-2007-2749
+CVE-2007-2749 (SQL injection vulnerability in question.php in FAQEngine 4.16.03 and e ...)
 	NOT-FOR-US: FAQEngine
-CVE-2007-2748
+CVE-2007-2748 (The substr_count function in PHP 5.2.1 and earlier allows context-depe ...)
 	- php4 <not-affected> (Debian shipped the correct fix from the beginning)
 	- php5 <not-affected> (Debian shipped the correct fix from the beginning)
-CVE-2007-2747
+CVE-2007-2747 (Directory traversal vulnerability in rdw_helpers.py in rdiffWeb before ...)
 	NOT-FOR-US: rdiffWeb
-CVE-2007-2746
+CVE-2007-2746 (The viewList function in lib/WebGUI/Asset/Wobject/DataForm.pm in Plain ...)
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2007-2745
+CVE-2007-2745 (Cross-site scripting (XSS) vulnerability in printcal.pl in vDesk Webma ...)
 	NOT-FOR-US: vDesk Webmail
-CVE-2007-2744
+CVE-2007-2744 (Stack-based buffer overflow in the PrecisionID Barcode 1.9 ActiveX con ...)
 	NOT-FOR-US: PrecisionID
-CVE-2007-2743
+CVE-2007-2743 (PHP remote file inclusion vulnerability in custom_vars.php in GlossWor ...)
 	NOT-FOR-US: GlossWord
-CVE-2007-2742
+CVE-2007-2742 (Unrestricted file upload vulnerability in labs.beffa.org w2box 4.0.0 B ...)
 	NOT-FOR-US: w2box
-CVE-2007-2741
+CVE-2007-2741 (Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows re ...)
 	- lcms 1.15-1 (medium)
-CVE-2007-2740
+CVE-2007-2740 (Unspecified vulnerability in xajax before 0.2.5 has unknown impact and ...)
 	- php-xajax 0.2.5-1 (bug #426103; unimportant)
 	NOTE: This issue was created because of an upstream changelog entry, which however
 	NOTE: was meant for the XSS, which is the general issue.
-CVE-2007-2739
+CVE-2007-2739 (Cross-site scripting (XSS) vulnerability in xajax before 0.2.5 allows  ...)
 	{DSA-1692-1}
 	- php-xajax 0.2.5-1 (bug #426103; low)
-CVE-2007-2738
+CVE-2007-2738 (SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7  ...)
 	NOT-FOR-US: Glossaire for Xoops
-CVE-2007-2737
+CVE-2007-2737 (SQL injection vulnerability in index.php in the MyConference 1.0 modul ...)
 	NOT-FOR-US: MyConference for Xoops
-CVE-2007-2736
+CVE-2007-2736 (PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0  ...)
 	NOT-FOR-US: Achievo
-CVE-2007-2735
+CVE-2007-2735 (SQL injection vulnerability in edit_day.php in the ResManager 1.2.1 an ...)
 	NOT-FOR-US: ResManager for Xoops
-CVE-2007-2734
+CVE-2007-2734 (The 3Com TippingPoint IPS do not properly handle certain full-width an ...)
 	NOT-FOR-US: 3Com TippingPoint IPS
-CVE-2007-2733
+CVE-2007-2733 (Unrestricted file upload vulnerability in Jetbox CMS allows remote aut ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-2732
+CVE-2007-2732 (Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allo ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-2731
+CVE-2007-2731 (CRLF injection vulnerability in formmail.php in Jetbox CMS 2.1 might a ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-2730
+CVE-2007-2730 (Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test fo ...)
 	NOT-FOR-US: Check Point Zone Labs ZoneAlarm Internet Security Suite
-CVE-2007-2729
+CVE-2007-2729 (Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81,  ...)
 	NOT-FOR-US: Comodo Personal Firewall
-CVE-2007-2728
+CVE-2007-2728 (The soap extension in PHP calls php_rand_r with an uninitialized seed  ...)
 	- php5 5.2.3-1 (low)
 	[etch] - php5 <not-affected> (Version from 5.2.0 correctly uses rand())
 	- php4 <not-affected> (no soap functions in php4)
-CVE-2007-2727
+CVE-2007-2727 (The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4 ...)
 	[etch] - php5 <not-affected> (Version from 5.2.0 correctly uses rand())
 	- php5 5.2.2-1 (low)
 	NOTE: Code not present in PHP 4.
-CVE-2007-2726
+CVE-2007-2726 (BitsCast 0.13.0 allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: BitsCast
-CVE-2007-2725
+CVE-2007-2725 (The DB Software Laboratory DeWizardX (DEWizardAX.ocx) ActiveX control  ...)
 	NOT-FOR-US: DeWizardX
-CVE-2007-2724
+CVE-2007-2724 (Cross-site scripting (XSS) vulnerability in all_photos.html in fotolog ...)
 	NOT-FOR-US: fotolog
-CVE-2007-2723
+CVE-2007-2723 (Media Player Classic 6.4.9.0 allows user-assisted remote attackers to  ...)
 	NOT-FOR-US: guliverkli Media Player Classic
-CVE-2007-2722
+CVE-2007-2722 (Unspecified vulnerability in NewzCrawler 1.8 allows remote attackers t ...)
 	NOT-FOR-US: NewzCrawler
-CVE-2007-2721
+CVE-2007-2721 (The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG- ...)
 	{DSA-2036-1}
 	- jasper 1.900.1-6 (medium; bug #413033; bug #528543)
 	NOTE: Jasper was initially fixed in 1.900.1-3, but the fix got dropped later, see #528543
 	- ghostscript 8.61.dfsg.1~svn8187-1.1 (medium; bug #447188)
 	- gs-gpl <removed> (medium; bug #561717)
 	NOTE: see http://ghostscript.com/pipermail/gs-cvs/2007-October/007877.html
-CVE-2007-2720
+CVE-2007-2720 (Group-Office before 2.16-13 does not properly validate user IDs, which ...)
 	NOT-FOR-US: Group-Office
-CVE-2007-2719
+CVE-2007-2719 (Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2007-2718
+CVE-2007-2718 (Cross-site scripting (XSS) vulnerability in the WebMail system in Stal ...)
 	NOT-FOR-US: Stalker CommuniGate Pro
-CVE-2007-2717
+CVE-2007-2717 (SQL injection vulnerability in shop/page.php in iGeneric (iG) Shop 1.4 ...)
 	NOT-FOR-US: iGeneric (iG) Shop
-CVE-2007-2716
+CVE-2007-2716 (Multiple cross-site scripting (XSS) vulnerabilities in EQdkp 1.3.2c an ...)
 	NOT-FOR-US: EQdkp
-CVE-2007-2715
+CVE-2007-2715 (Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to cha ...)
 	NOT-FOR-US: Snaps! Gallery
-CVE-2007-2714
+CVE-2007-2714 (Unspecified vulnerability in akismet.php in Matt Mullenweg Akismet bef ...)
 	- wordpress 2.2-1
 	NOTE: See http://plugins.trac.wordpress.org/changeset/12812/akismet/trunk/akismet.php
-CVE-2007-2713
+CVE-2007-2713 (ifdate 2.x sends a redirect to the web browser but does not exit when  ...)
 	NOT-FOR-US: iFdate
-CVE-2007-2712
+CVE-2007-2712 (Unspecified vulnerability in MH Software Connect Daily before 3.3.3 ha ...)
 	NOT-FOR-US: MH Software Connect Daily Web Calendar
-CVE-2007-2711
+CVE-2007-2711 (Stack-based buffer overflow in TinyIdentD 2.2 and earlier allows remot ...)
 	NOT-FOR-US: TinyIdentD
-CVE-2007-2710
+CVE-2007-2710 (PHP remote file inclusion vulnerability in functions/prepend_adm.php i ...)
 	NOT-FOR-US: NagiosQL
-CVE-2007-2709
+CVE-2007-2709 (PHP remote file inclusion vulnerability in functions/prepend_adm.php i ...)
 	NOT-FOR-US: NagiosQL
-CVE-2007-2708
+CVE-2007-2708 (PHP remote file inclusion vulnerability in newsadmin.php in Feindt Com ...)
 	NOT-FOR-US: News-Script
-CVE-2007-2707
+CVE-2007-2707 (PHP remote file inclusion vulnerability in linksnet_linkslog_rss.php i ...)
 	NOT-FOR-US: Linksnet Newsfeed
-CVE-2007-2706
+CVE-2007-2706 (PHP remote file inclusion vulnerability in maint/ftpmedia.php in Media ...)
 	NOT-FOR-US: Geeklog
-CVE-2007-2705
+CVE-2007-2705 (Directory traversal vulnerability in the Test View Console in BEA WebL ...)
 	NOT-FOR-US: BEA WebLogic Integration
-CVE-2007-2704
+CVE-2007-2704 (BEA WebLogic Server 9.0 through 9.2 allows remote attackers to cause a ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2007-2703
+CVE-2007-2703 (BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if  ...)
 	NOT-FOR-US: BEA WebLogic Portal
-CVE-2007-2702
+CVE-2007-2702 (Cross-site scripting (XSS) vulnerability in the GroupSpace application ...)
 	NOT-FOR-US: BEA WebLogic Portal
-CVE-2007-2701
+CVE-2007-2701 (The JMS Message Bridge in BEA WebLogic Server 7.0 through SP7 and 8.1  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2700
+CVE-2007-2700 (The WLST script generated by the configToScript command in BEA WebLogi ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2699
+CVE-2007-2699 (The Administration Console in BEA WebLogic Express and WebLogic Server ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2698
+CVE-2007-2698 (The Administration Console in BEA WebLogic Server 9.0 may show plainte ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2697
+CVE-2007-2697 (The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7 ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2696
+CVE-2007-2696 (The JMS Server in BEA WebLogic Server 6.1 through SP7, 7.0 through SP6 ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2695
+CVE-2007-2695 (The HttpClusterServlet and HttpProxyServlet in BEA WebLogic Express an ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2694
+CVE-2007-2694 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Ex ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2007-2693
+CVE-2007-2693 (MySQL before 5.1.18 allows remote authenticated users without SELECT p ...)
 	- mysql-dfsg-5.0 <not-affected> (Only MySQL 5.1 affected)
 	[sarge] - mysql-dfsg-4.1 <not-affected> (Only MySQL 5.1 affected)
 	[sarge] - mysql-dfsg <not-affected> (Only MySQL 5.1 affected)
-CVE-2007-2692
+CVE-2007-2692 (The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x be ...)
 	{DSA-1413-1}
 	- mysql-dfsg-5.0 5.0.42 (bug #424778)
 	[sarge] - mysql-dfsg-4.1 <not-affected> (Vulnerable functionality not implemented)
 	[sarge] - mysql-dfsg <not-affected> (Vulnerable functionality not implemented)
 	NOTE: http://bugs.mysql.com/bug.php?id=28499
-CVE-2007-2691
+CVE-2007-2691 (MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does ...)
 	{DSA-1413-1}
 	- mysql-dfsg-5.0 5.0.41a-1 (bug #424778; bug #424830)
-CVE-2007-2690
+CVE-2007-2690 (Multiple IBM ISS Proventia Series products, including the A, G, and M  ...)
 	NOT-FOR-US: ISS
-CVE-2007-2689
+CVE-2007-2689 (Check Point Web Intelligence does not properly handle certain full-wid ...)
 	NOT-FOR-US: Check Point
-CVE-2007-2688
+CVE-2007-2688 (The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2687
+CVE-2007-2687 (Stack-based buffer overflow in the MicroWorld Agent service (MWAGENT.E ...)
 	NOT-FOR-US: MicroWorld
-CVE-2007-2686
+CVE-2007-2686 (Cross-site scripting (XSS) vulnerability in index.php in Jetbox CMS 2. ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-2685
+CVE-2007-2685 (Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1  ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-2684
+CVE-2007-2684 (Jetbox CMS 2.1 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-2683
+CVE-2007-2683 (Buffer overflow in Mutt 1.4.2 might allow local users to execute arbit ...)
 	- mutt 1.5.15+20070608-1 (low; bug #426116)
 	[etch] - mutt <no-dsa> (Minor issue, hardly exploitable)
 	[sarge] - mutt <no-dsa> (Minor issue, hardly exploitable)
-CVE-2007-2682
+CVE-2007-2682 (The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as u ...)
 	NOT-FOR-US: Adobe
-CVE-2007-2681
+CVE-2007-2681 (Directory traversal vulnerability in blogs/index.php in b2evolution 1. ...)
 	- b2evolution <unfixed> (unimportant)
 	NOTE: This is a register_globals=on issue.
 	NOTE: More than just blogs/index.php is affected (that file isn't
 	NOTE: installed by the Debian package).
-CVE-2007-2680
+CVE-2007-2680 (Cross-site scripting (XSS) vulnerability in the management interface i ...)
 	NOT-FOR-US: Canon
-CVE-2007-2679
+CVE-2007-2679 (PHP file inclusion vulnerability in index.php in Ivan Peevski gallery  ...)
 	NOT-FOR-US: Simple PHP Scripts
-CVE-2007-2678
+CVE-2007-2678 (Buffer overflow in the isChecked function in toolbar.dll in Netsprint  ...)
 	NOT-FOR-US: Netsprint
-CVE-2007-2677
+CVE-2007-2677 (Multiple PHP remote file inclusion vulnerabilities in phpChess Communi ...)
 	NOT-FOR-US: phpChess
-CVE-2007-2676
+CVE-2007-2676 (PHP remote file inclusion vulnerability in skins/header.php in Open Tr ...)
 	NOT-FOR-US: Open Translation Engine
-CVE-2007-2675
+CVE-2007-2675 (SQL injection vulnerability in search.php in Pre Classifieds Listings  ...)
 	NOT-FOR-US: Pre Classifieds Listings
-CVE-2007-2674
+CVE-2007-2674 (SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 all ...)
 	NOT-FOR-US: Pre Shopping Mall
-CVE-2007-2673
+CVE-2007-2673 (SQL injection vulnerability in includes/funcs_vendors.php in Censura 1 ...)
 	NOT-FOR-US: Censura
-CVE-2007-2672
+CVE-2007-2672 (SQL injection vulnerability in index.php in PHP Coupon Script 3.0 allo ...)
 	NOT-FOR-US: PHP Coupon Script
-CVE-2007-2671
+CVE-2007-2671 (Mozilla Firefox 2.0.0.3 allows remote attackers to cause a denial of s ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security problems
-CVE-2007-2670
+CVE-2007-2670 (PHPChain 1.0 and earlier allows remote attackers to obtain the install ...)
 	NOT-FOR-US: PHPChain
-CVE-2007-2669
+CVE-2007-2669 (Multiple cross-site scripting (XSS) vulnerabilities in PHPChain 1.0 an ...)
 	NOT-FOR-US: PHPChain
-CVE-2007-2668
+CVE-2007-2668 (Buffer overflow in webdesproxy 0.0.1 allows remote attackers to execut ...)
 	NOT-FOR-US: webdesproxy
-CVE-2007-2667
+CVE-2007-2667 (Buffer overflow in the DB Software Laboratory VImpX ActiveX control in ...)
 	NOT-FOR-US: VImpX
-CVE-2007-2666
+CVE-2007-2666 (Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla ...)
 	NOT-FOR-US: notepad++
-CVE-2007-2665
+CVE-2007-2665 (PHP remote file inclusion vulnerability in block.php in PhpFirstPost 0 ...)
 	NOT-FOR-US: PhpFirstPost
-CVE-2007-2664
+CVE-2007-2664 (PHP remote file inclusion vulnerability in includes/common.php in Yaap ...)
 	NOT-FOR-US: Yaap
-CVE-2007-2663
+CVE-2007-2663 (PHP remote file inclusion vulnerability in language/1/splash.lang.php  ...)
 	NOT-FOR-US: Beacon
-CVE-2007-2662
+CVE-2007-2662 (SQL injection vulnerability in EfesTECH Haber 5.0 allows remote attack ...)
 	NOT-FOR-US: EfesTECH
-CVE-2007-2661
+CVE-2007-2661 (SQL injection vulnerability in archshow.asp in BlogMe 3.0 allows remot ...)
 	NOT-FOR-US: BlogMe
 CVE-2007-2660
 	NOT-FOR-US: PhpConcept
-CVE-2007-2659
+CVE-2007-2659 (Directory traversal vulnerability in index.php in PHP Advanced Transfe ...)
 	NOT-FOR-US: PHP Advanced Transfer Manager (phpATM)
-CVE-2007-2658
+CVE-2007-2658 (Unspecified vulnerability in the ID Automation Linear Barcode 1.6.0.5  ...)
 	NOT-FOR-US: ID Automation
-CVE-2007-2657
+CVE-2007-2657 (Unspecified vulnerability in the PrecisionID Barcode 1.3 ActiveX contr ...)
 	NOT-FOR-US: PrecisionID
-CVE-2007-2656
+CVE-2007-2656 (Stack-based buffer overflow in the Hewlett-Packard (HP) Magview Active ...)
 	NOT-FOR-US: HP
-CVE-2007-2655
+CVE-2007-2655 (Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before ...)
 	NOT-FOR-US: NetWin
-CVE-2007-2654
+CVE-2007-2654 (xfs_fsr in xfsdump creates a .fsr temporary directory with insecure pe ...)
 	- xfsdump 2.2.45-1 (bug #417894; low)
 	[etch] - xfsdump <no-dsa> (Minor issue)
 CVE-2007-2653
 	REJECTED
-CVE-2007-2652
+CVE-2007-2652 (Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow rem ...)
 	NOT-FOR-US: Free-SA
-CVE-2007-2651
+CVE-2007-2651 (Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow re ...)
 	NOT-FOR-US: VooDoo cIRCle
-CVE-2007-2650
+CVE-2007-2650 (The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to  ...)
 	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.2-1
-CVE-2007-2649
+CVE-2007-2649 (Deutsche Telekom (T-com) Speedport W 700v uses JavaScript delays for i ...)
 	NOT-FOR-US: Speedport W 700v
-CVE-2007-2648
+CVE-2007-2648 (Stack-based buffer overflow in the Clever Database Comparer 2.2 Active ...)
 	NOT-FOR-US: Clever Database Comparer
-CVE-2007-2647
+CVE-2007-2647 (Static code injection vulnerability in admin/admin_configuration.php i ...)
 	NOT-FOR-US: MonAlbum
-CVE-2007-2646
+CVE-2007-2646 (Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted re ...)
 	NOT-FOR-US: yEnc32
-CVE-2007-2645
+CVE-2007-2645 (Integer overflow in the exif_data_load_data_entry function in exif-dat ...)
 	{DSA-1487-1}
 	- libexif 0.6.15-1 (bug #424775)
-CVE-2007-2644
+CVE-2007-2644 (A certain ActiveX control in Morovia Barcode ActiveX Professional 3.3. ...)
 	NOT-FOR-US: Morovia
-CVE-2007-2643
+CVE-2007-2643 (Directory traversal vulnerability in phpThumb.php in PinkCrow Designs  ...)
 	NOT-FOR-US: maGAZIn
-CVE-2007-2642
+CVE-2007-2642 (Directory traversal vulnerability in galeria.php in R2K Gallery 1.7 al ...)
 	NOT-FOR-US: R2K Gallery
-CVE-2007-2641
+CVE-2007-2641 (SQL injection vulnerability in W1L3D4_bolum.asp in W1L3D4 Philboard 0. ...)
 	NOT-FOR-US: W1L3D4
-CVE-2007-2640
+CVE-2007-2640 (LibTMCG before 1.1.1 does not perform a range check to avoid "trivial  ...)
 	NOT-FOR-US: LibTMCG
-CVE-2007-2639
+CVE-2007-2639 (Directory traversal vulnerability in TFTPdWin 0.4.2 allows remote atta ...)
 	NOT-FOR-US: TFTPDWIN
-CVE-2007-2638
+CVE-2007-2638 (eFileCabinet 3.3 allows remote attackers to bypass authentication and  ...)
 	NOT-FOR-US: eFileCabinet
-CVE-2007-2637
+CVE-2007-2637 (MoinMoin before 20070507 does not properly enforce ACLs for calendars  ...)
 	{DSA-1514-1}
 	- moin 1.5.7-2 (low)
-CVE-2007-2636
+CVE-2007-2636 (Unspecified vulnerability in phpTodo before 0.8.1 allows remote attack ...)
 	NOT-FOR-US: phpTodo
-CVE-2007-2635
+CVE-2007-2635 (Unspecified vulnerability in Interchange before 5.4.2 allows remote at ...)
 	- interchange 5.4.2-1 (low)
-CVE-2007-2634
+CVE-2007-2634 (PHP remote file inclusion vulnerability in common/errormsg.php in aFor ...)
 	NOT-FOR-US: aForum
-CVE-2007-2633
+CVE-2007-2633 (Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows re ...)
 	NOT-FOR-US: H-Sphere
-CVE-2007-2632
+CVE-2007-2632 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Multi User  ...)
 	NOT-FOR-US: phpMUR
-CVE-2007-2631
+CVE-2007-2631 (Cross-site request forgery (CSRF) vulnerability in SquirrelMail 1.4.8- ...)
 	NOTE: Duplicate of CVE-2007-2589
-CVE-2007-2630
+CVE-2007-2630 (Incomplete blacklist vulnerability in filemanager/browser/default/conn ...)
 	- moin 1.5.8-4.1 (unimportant)
 	- karrigell <not-affected> (Vulnerable php code not present)
 	- knowledgeroot 0.9.8.2-2 (unimportant)
-CVE-2007-2629
+CVE-2007-2629 (Bradford CampusManager Network Control Application Server 3.1(6) allow ...)
 	NOT-FOR-US: Bradford
-CVE-2007-2628
+CVE-2007-2628 (PHP remote file inclusion vulnerability in include/logout.php in Justi ...)
 	NOT-FOR-US: PHPSecurityAdmin
-CVE-2007-2627
+CVE-2007-2627 (Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress,  ...)
 	- wordpress 2.2.2-1 (low)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 CVE-2007-2626
 	NOT-FOR-US: SchoolBoard
-CVE-2007-2625
+CVE-2007-2625 (Cross-site scripting (XSS) vulnerability in shared/code/cp_authorizati ...)
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2007-2624
+CVE-2007-2624 (Dynamic variable evaluation vulnerability in shared/config/cp_config.p ...)
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2007-2623
+CVE-2007-2623 (Multiple buffer overflows in RControl.dll in Remote Display Dev kit 1. ...)
 	NOT-FOR-US: Remote Display Dev kit
-CVE-2007-2622
+CVE-2007-2622 (Multiple SQL injection vulnerabilities in TaskDriver 1.2 and earlier a ...)
 	NOT-FOR-US: TaskDriver
-CVE-2007-2621
+CVE-2007-2621 (SQL injection vulnerability in event_view.php in Thyme Calendar 1.3 al ...)
 	NOT-FOR-US: Thyme Calendar
-CVE-2007-2620
+CVE-2007-2620 (PHP remote file inclusion vulnerability in inc/config.inc.php in Jakub ...)
 	NOT-FOR-US: Jakub Steiner (aka jimmac) original
-CVE-2007-2619
+CVE-2007-2619 (Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login creden ...)
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2007-2618
+CVE-2007-2618 (CRLF injection vulnerability in index.php in Drake CMS 0.4.0 allows re ...)
 	NOT-FOR-US: Drake CMS
-CVE-2007-2617
+CVE-2007-2617 (srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core p ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-2616
+CVE-2007-2616 (Stack-based buffer overflow in the SSL version of the NMDMC.EXE servic ...)
 	NOT-FOR-US: Novell NetMail
-CVE-2007-2615
+CVE-2007-2615 (Multiple PHP remote file inclusion vulnerabilities in Crie seu PHPLoja ...)
 	NOT-FOR-US: PHPLojaFacil
-CVE-2007-2614
+CVE-2007-2614 (PHP remote file inclusion vulnerability in examples/widget8.php in php ...)
 	NOT-FOR-US: phpHtmlLib
-CVE-2007-2613
+CVE-2007-2613 (WikkaWiki (Wikka Wiki) before 1.1.6.3 allows attackers in a shared vir ...)
 	NOT-FOR-US: WikkaWiki
-CVE-2007-2612
+CVE-2007-2612 (SQL injection vulnerability in libs/Wakka.class.php in WikkaWiki (Wikk ...)
 	NOT-FOR-US: WikkaWiki
-CVE-2007-2611
+CVE-2007-2611 (Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 all ...)
 	NOT-FOR-US: CGX
-CVE-2007-2610
+CVE-2007-2610 (Cross-site scripting (XSS) vulnerability in OpenLD before 1.1.9, and 1 ...)
 	NOT-FOR-US: OpenLD
-CVE-2007-2609
+CVE-2007-2609 (Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 all ...)
 	NOT-FOR-US: gnuedu
-CVE-2007-2608
+CVE-2007-2608 (PHP remote file inclusion vulnerability in lib/smarty/SmartyFU.class.p ...)
 	NOT-FOR-US: Miplex2
-CVE-2007-2607
+CVE-2007-2607 (PHP remote file inclusion vulnerability in views/print/printbar.php in ...)
 	NOT-FOR-US: LaVague
-CVE-2007-2606
+CVE-2007-2606 (Multiple buffer overflows in Firebird 2.1 allow attackers to trigger m ...)
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-1 (low; bug #444976)
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	[sarge] - firebird2 <unfixed> (low)
 	NOTE: Minor issue, because conffile is restricted
-CVE-2007-2605
+CVE-2007-2605 (Unspecified vulnerability in the GetPropertyById function in ISoftomat ...)
 	NOT-FOR-US: Brujula Toolbar
-CVE-2007-2604
+CVE-2007-2604 (Unspecified vulnerability in the FlexLabel ActiveX control allows remo ...)
 	NOT-FOR-US: FlexLabel
-CVE-2007-2603
+CVE-2007-2603 (Unspecified vulnerability in the Init function in the Audio CD Ripper  ...)
 	NOT-FOR-US: Audio CD Ripper
-CVE-2007-2602
+CVE-2007-2602 (Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows att ...)
 	NOT-FOR-US: Ipswitch WhatsUp
-CVE-2007-2601
+CVE-2007-2601 (Buffer overflow in a certain ActiveX control in the GDivX Zenith Playe ...)
 	NOT-FOR-US: GDivX Zenith Player
-CVE-2007-2600
+CVE-2007-2600 (Multiple cross-site scripting (XSS) vulnerabilities in TutorialCMS (ak ...)
 	NOT-FOR-US: TutorialCMS
-CVE-2007-2599
+CVE-2007-2599 (Multiple SQL injection vulnerabilities in TutorialCMS (aka Photoshop T ...)
 	NOT-FOR-US: TutorialCMS
-CVE-2007-2598
+CVE-2007-2598 (SQL injection vulnerability in print.php in SimpleNews 1.0.0 FINAL all ...)
 	NOT-FOR-US: PHP SimpleNEWS
-CVE-2007-2597
+CVE-2007-2597 (Multiple PHP remote file inclusion vulnerabilities in telltarget CMS 1 ...)
 	NOT-FOR-US: telltarget CMS
-CVE-2007-2596
+CVE-2007-2596 (PHP remote file inclusion vulnerability in common/func.php in aForum 1 ...)
 	NOT-FOR-US: aForum
-CVE-2007-2595
+CVE-2007-2595 (RSAuction 2.73.1.3 allows remote authenticated users to move their own ...)
 	NOT-FOR-US: RSAuction
-CVE-2007-2594
+CVE-2007-2594 (PHP remote file inclusion vulnerability in inc/articles.inc.php in php ...)
 	NOT-FOR-US: phpMyPortal
-CVE-2007-2593
+CVE-2007-2593 (The Terminal Server in Microsoft Windows 2003 Server, when using TLS,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-2592
+CVE-2007-2592 (Multiple cross-site scripting (XSS) vulnerabilities in Nokia Intellisy ...)
 	NOT-FOR-US: Nokia
-CVE-2007-2591
+CVE-2007-2591 (usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0. ...)
 	NOT-FOR-US: Nokia
-CVE-2007-2590
+CVE-2007-2590 (Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possi ...)
 	NOT-FOR-US: Nokia
-CVE-2007-2589
+CVE-2007-2589 (Cross-site request forgery (CSRF) vulnerability in compose.php in Squi ...)
 	{DSA-1290-1}
 	- squirrelmail 2:1.4.10a-1 (low)
 	NOTE: CVE id has later been assigned to a part of this issue
-CVE-2007-2588
+CVE-2007-2588 (Multiple buffer overflows in the Office Viewer OCX ActiveX control (oa ...)
 	NOT-FOR-US: Office Viewer OCX ActiveX
-CVE-2007-2587
+CVE-2007-2587 (The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authen ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2586
+CVE-2007-2586 (The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2585
+CVE-2007-2585 (Stack-based buffer overflow in the Verify function in the BarCodeWiz A ...)
 	NOT-FOR-US: BarCodeWiz ActiveX control
-CVE-2007-2584
+CVE-2007-2584 (Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSu ...)
 	NOT-FOR-US: Subscription Manager ActiveX control
-CVE-2007-2583
+CVE-2007-2583 (The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40 ...)
 	{DSA-1413-1}
 	- mysql-dfsg-5.0 5.0.41-1 (low; bug #426353)
 	[sarge] - mysql-dfsg <not-affected> (Vulnerable functionality not implemented)
 	NOTE: [sarge] Not affected, test case doesn't crash the daemon
-CVE-2007-2582
+CVE-2007-2582 (Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) servi ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-2581
+CVE-2007-2581 (Multiple cross-site scripting (XSS) vulnerabilities in Microsoft Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-2580
+CVE-2007-2580 (Unspecified vulnerability in Apple Safari allows local users to obtain ...)
 	NOT-FOR-US: Safari
-CVE-2007-2579
+CVE-2007-2579 (Multiple cross-site scripting (XSS) vulnerabilities in ACP3 4.0 beta 3 ...)
 	NOT-FOR-US: ACP3
-CVE-2007-2578
+CVE-2007-2578 (Unspecified vulnerability in search/list/action_search/index.php in AC ...)
 	NOT-FOR-US: ACP3
-CVE-2007-2577
+CVE-2007-2577 (Multiple SQL injection vulnerabilities in ACP3 4.0 beta 3 allow remote ...)
 	NOT-FOR-US: ACP3
-CVE-2007-2576
+CVE-2007-2576 (Buffer overflow in the East Wind Software advdaudio.ocx 1.5.1.1 Active ...)
 	NOT-FOR-US: advdaudio.ocx ActiveX control
-CVE-2007-2575
+CVE-2007-2575 (PHP remote file inclusion vulnerability in watermark.php in the vm (ak ...)
 	NOT-FOR-US: vm watermark 0.4.1 mod for Gallery
-CVE-2007-2574
+CVE-2007-2574 (Directory traversal vulnerability in index.php in Archangel Weblog 0.9 ...)
 	NOT-FOR-US: Archangel Weblog
-CVE-2007-2573
+CVE-2007-2573 (PHP remote file inclusion vulnerability in plugin/HP_DEV/cms2.php in P ...)
 	NOT-FOR-US: PHPtree
-CVE-2007-2572
+CVE-2007-2572 (PHP remote file inclusion vulnerability in modules/noevents/templates/ ...)
 	NOT-FOR-US: NoAh (aka PHP Content Architect, phparch)
-CVE-2007-2571
+CVE-2007-2571 (SQL injection vulnerability in index.php in the wfquotes 1.0 0 module  ...)
 	NOT-FOR-US: wfquotes module for XOOPS
-CVE-2007-2570
+CVE-2007-2570 (PHP remote file inclusion vulnerability in handlers/page/show.php in W ...)
 	NOT-FOR-US: Wikivi5
-CVE-2007-2569
+CVE-2007-2569 (Multiple PHP remote file inclusion vulnerabilities in Friendly 1.0d1 a ...)
 	NOT-FOR-US: Friendly
-CVE-2007-2568
+CVE-2007-2568 (Multiple stack-based buffer overflows in VCDGear 3.55 allow user-assis ...)
 	NOT-FOR-US: VCDGear
-CVE-2007-2567
+CVE-2007-2567 (Buffer overflow in the SaveBarCode function in the Taltech Tal Bar Cod ...)
 	NOT-FOR-US: Taltech Tal Bar Code ActiveX control
-CVE-2007-2566
+CVE-2007-2566 (The SaveBarCode function in the Taltech Tal Bar Code ActiveX control a ...)
 	NOT-FOR-US: Taltech Tal Bar Code ActiveX control
-CVE-2007-2565
+CVE-2007-2565 (Cdelia Software ImageProcessing allows user-assisted remote attackers  ...)
 	NOT-FOR-US: Cdelia Software ImageProcessing
-CVE-2007-2564
+CVE-2007-2564 (Multiple stack-based buffer overflows in the Sienzo Digital Music Ment ...)
 	NOT-FOR-US: Sienzo Digital Music Mentor ActiveX control
-CVE-2007-2563
+CVE-2007-2563 (Buffer overflow in the AddFile function in VersalSoft HTTP File Upload ...)
 	NOT-FOR-US: VersalSoft HTTP File Upload ActiveX control
-CVE-2007-2562
+CVE-2007-2562 (Cross-site scripting (XSS) vulnerability in index.php in Kayako eSuppo ...)
 	NOT-FOR-US: Kayako eSupport
-CVE-2007-2561
+CVE-2007-2561 (SQL injection vulnerability in index.asp in fipsCMS 2.1 allows remote  ...)
 	NOT-FOR-US: fipsCMS
-CVE-2007-2560
+CVE-2007-2560 (Directory traversal vulnerability in theme/acgv.php in ACGVannu 1.3 an ...)
 	NOT-FOR-US: ACGVannu
-CVE-2007-2559
+CVE-2007-2559 (Multiple PHP remote file inclusion vulnerabilities in american cart 3. ...)
 	NOT-FOR-US: american cart
 CVE-2007-2558
 	NOT-FOR-US: pfa CMS
-CVE-2007-2557
+CVE-2007-2557 (MOStlyDB Admin in Mambo 4.6.1 does not properly check privileges, whic ...)
 	NOT-FOR-US: Mambo
-CVE-2007-2556
+CVE-2007-2556 (SQL injection vulnerability in Nuked-klaN 1.7.6 allows remote attacker ...)
 	NOT-FOR-US: Nuked-klaN
-CVE-2007-2555
+CVE-2007-2555 (Unspecified vulnerability in Default.aspx in Podium CMS allows remote  ...)
 	NOT-FOR-US: Podium CMS
-CVE-2007-2554
+CVE-2007-2554 (Associated Press (AP) Newspower 4.0.1 and earlier uses a default blank ...)
 	NOT-FOR-US: Newspower
-CVE-2007-2553
+CVE-2007-2553 (Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and  ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2007-2552
+CVE-2007-2552 (The RecentChanges feature in WikkaWiki (Wikka Wiki) before 1.1.6.3 all ...)
 	NOT-FOR-US: WikkaWiki
-CVE-2007-2551
+CVE-2007-2551 (Cross-site scripting (XSS) vulnerability in usersettings.php in WikkaW ...)
 	NOT-FOR-US: WikkaWiki
-CVE-2007-2550
+CVE-2007-2550 (Multiple CRLF injection vulnerabilities in Devellion CubeCart 3.0.15 a ...)
 	NOT-FOR-US: CubeCart
-CVE-2007-2549
+CVE-2007-2549 (SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Sh ...)
 	NOT-FOR-US: TurnkeyWebTools
-CVE-2007-2548
+CVE-2007-2548 (Unspecified vulnerability in index.php in TurnkeyWebTools SunShop Shop ...)
 	NOT-FOR-US: TurnkeyWebTools
-CVE-2007-2547
+CVE-2007-2547 (Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebToo ...)
 	NOT-FOR-US: TurnkeyWebTools
-CVE-2007-2546
+CVE-2007-2546 (Session fixation vulnerability in Simple Machines Forum (SMF) 1.1.2 an ...)
 	NOT-FOR-US: SMF
-CVE-2007-2545
+CVE-2007-2545 (Multiple PHP remote file inclusion vulnerabilities in Persism CMS 0.9. ...)
 	NOT-FOR-US: Persism
-CVE-2007-2544
+CVE-2007-2544 (PHP remote file inclusion vulnerability in templates/default/tpl_messa ...)
 	NOT-FOR-US: TopTree BBS
-CVE-2007-2543
+CVE-2007-2543 (SQL injection vulnerability in game.php in the Flashgames 1.0.1 module ...)
 	NOT-FOR-US: XOOPS
-CVE-2007-2542
+CVE-2007-2542 (PHP remote file inclusion vulnerability in header.php in workbench sur ...)
 	NOT-FOR-US: workbench survival guide
-CVE-2007-2541
+CVE-2007-2541 (PHP remote file inclusion vulnerability in includes/ajax_listado.php i ...)
 	NOT-FOR-US: Versado
-CVE-2007-2540
+CVE-2007-2540 (Multiple PHP remote file inclusion vulnerabilities in PMECMS 1.0 and e ...)
 	NOT-FOR-US: PMECMS
-CVE-2007-2539
+CVE-2007-2539 (The show_files function in RunCms 1.5.2 and earlier allows remote atta ...)
 	NOT-FOR-US: RunCms
-CVE-2007-2538
+CVE-2007-2538 (SQL injection vulnerability in class/debug/debug_show.php in RunCms 1. ...)
 	NOT-FOR-US: RunCms
-CVE-2007-2537
+CVE-2007-2537 (Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 an ...)
 	NOT-FOR-US: NPDS
-CVE-2007-2536
+CVE-2007-2536 (PicoZip allows remote attackers to cause a denial of service (infinite ...)
 	NOT-FOR-US: Picozip
-CVE-2007-2535
+CVE-2007-2535 (WinAce allows remote attackers to cause a denial of service (infinite  ...)
 	NOT-FOR-US: WinAce
 CVE-2007-2534
 	NOT-FOR-US: phpHoo3
-CVE-2007-2533
+CVE-2007-2533 (Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Sec ...)
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-2532
+CVE-2007-2532 (Multiple cross-site scripting (XSS) vulnerabilities in Minh Nguyen Duo ...)
 	NOT-FOR-US: Minh Nguyen Duong Obie Website Mini Web Shop
-CVE-2007-2531
+CVE-2007-2531 (PHP remote file inclusion vulnerability in berylium-classes.php in Ber ...)
 	NOT-FOR-US: Berylium2
-CVE-2007-2530
+CVE-2007-2530 (Multiple PHP remote file inclusion vulnerabilities in Tropicalm Crowel ...)
 	NOT-FOR-US: Tropicalm
-CVE-2007-2529
+CVE-2007-2529 (Integer signedness error in the acl (facl) system call in Solaris 10 b ...)
 	NOT-FOR-US: Solaris 10
-CVE-2007-2528
+CVE-2007-2528 (Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for ...)
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-2527
+CVE-2007-2527 (Multiple PHP remote file inclusion vulnerabilities in DynamicPAD befor ...)
 	NOT-FOR-US: DynamicPAD
-CVE-2007-2526
+CVE-2007-2526 (Heap-based buffer overflow in the ConnectAsyncEx function in VNC Viewe ...)
 	NOT-FOR-US: VNC Viewer ActiveX control
-CVE-2007-2525
+CVE-2007-2525 (Memory leak in the PPP over Ethernet (PPPoE) socket implementation in  ...)
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1356-1}
 	- linux-2.6 2.6.22-1
 	NOTE: Fixed in commit 202a03acf9994076055df40ae093a5c5474ad0bd in
 	NOTE: Linus' tree.
-CVE-2007-2524
+CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in Open Ticket Re ...)
 	{DSA-1298-1}
 	- otrs2 2.1.1-1 (bug #423524)
 	NOTE: 2.1 and 2.2 are not affected, so recording earliest 2.1 version as fix
-CVE-2007-2523
+CVE-2007-2523 (CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070 ...)
 	NOT-FOR-US: CA Anti-Virus
-CVE-2007-2522
+CVE-2007-2522 (Stack-based buffer overflow in the inoweb Console Server in CA Anti-Vi ...)
 	NOT-FOR-US: CA Anti-Virus
-CVE-2007-2521
+CVE-2007-2521 (PHP remote file inclusion vulnerability in common.php in E-GADS! befor ...)
 	NOT-FOR-US: E-GADS!
-CVE-2007-2520
+CVE-2007-2520 (SQL injection vulnerability in admin.php in MyNews 0.10, when magic_qu ...)
 	NOT-FOR-US: MyNews
-CVE-2007-2519
+CVE-2007-2519 (Directory traversal vulnerability in the installer in PEAR 1.0 through ...)
 	- php5 5.2.3-1 (unimportant; bug #441433)
 	- php4 <removed> (unimportant)
 	NOTE: The installation of the PEAR needs to be trusted anyway, this doesn't
@@ -10085,174 +10085,174 @@ CVE-2007-2516
 	RESERVED
 CVE-2007-2515
 	RESERVED
-CVE-2007-2514
+CVE-2007-2514 (Stack-based buffer overflow in XferWan.exe as used in multiple product ...)
 	NOT-FOR-US: Symantec
-CVE-2007-2513
+CVE-2007-2513 (Novell GroupWise 7 before SP2 20070524, and GroupWise 6 before 6.5 pos ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2007-2512
+CVE-2007-2512 (Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and l ...)
 	NOT-FOR-US: Alcatel-Lucent
-CVE-2007-2511
+CVE-2007-2511 (Buffer overflow in the user_filter_factory_create function in PHP befo ...)
 	{DTSA-39-1}
 	- php5 5.2.2-1
 	NOTE: Only triggerable by malicious script
-CVE-2007-2510
+CVE-2007-2510 (Buffer overflow in the make_http_soap_request function in PHP before 5 ...)
 	{DSA-1295-1 DTSA-39-1}
 	- php5 5.2.2-1 (low)
-CVE-2007-2509
+CVE-2007-2509 (CRLF injection vulnerability in the ftp_putcmd function in PHP before  ...)
 	{DSA-1296-1 DSA-1295-1 DTSA-39-1 DTSA-40-1}
 	- php5 5.2.2-1 (low)
 	- php4 4.4.7-1 (low)
-CVE-2007-2508
+CVE-2007-2508 (Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.5 ...)
 	NOT-FOR-US: Trend Micro
-CVE-2007-2507
+CVE-2007-2507 (Directory traversal vulnerability in includes/download.php in Treble D ...)
 	NOT-FOR-US: Treble Designs 1024 CMS
-CVE-2007-2506
+CVE-2007-2506 (WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and  ...)
 	NOT-FOR-US: OpenEdge WebSpeed
-CVE-2007-2505
+CVE-2007-2505 (Stack-based buffer overflow in InterVations MailCOPA 8.01 20070323 all ...)
 	NOT-FOR-US: MailCOPA
 CVE-2007-2504
 	NOT-FOR-US: PHP Turbulence
 CVE-2007-2503
 	NOT-FOR-US: PHP Turbulence
-CVE-2007-2502
+CVE-2007-2502 (Unspecified vulnerability in HP ProCurve 9300m Series switches with so ...)
 	NOT-FOR-US: HP ProCurve 9300m Series switches
-CVE-2007-2501
+CVE-2007-2501 (Eval injection vulnerability in codepress.html in CodePress before 0.9 ...)
 	NOT-FOR-US: CodePress
-CVE-2007-2500
+CVE-2007-2500 (server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash Player ...)
 	{DTSA-48-1}
 	- gnash 0.7.2+cvs20070518.1557-1 (bug #423433)
-CVE-2007-2499
+CVE-2007-2499 (Multiple cross-site scripting (XSS) vulnerabilities in DVDdb 0.6 and e ...)
 	NOT-FOR-US: DVDdb
-CVE-2007-2498
+CVE-2007-2498 (libmp4v2.dll in Winamp 5.02 through 5.34 allows user-assisted remote a ...)
 	NOT-FOR-US: Winamp
-CVE-2007-2497
+CVE-2007-2497 (RealNetworks RealPlayer 10 Gold allows remote attackers to cause a den ...)
 	NOT-FOR-US: RealPlayer
 	NOTE: helix-player not affected
-CVE-2007-2496
+CVE-2007-2496 (The WordOCX ActiveX control in WordViewer.ocx 3.2.0.5 allows remote at ...)
 	NOT-FOR-US: WordViewer.ocx
-CVE-2007-2495
+CVE-2007-2495 (Multiple stack-based buffer overflows in the ExcelOCX ActiveX control  ...)
 	NOT-FOR-US: ExcelViewer .ocx
-CVE-2007-2494
+CVE-2007-2494 (Multiple stack-based buffer overflows in the PowerPointOCX ActiveX con ...)
 	NOT-FOR-US: PowerPointViewer .ocx
-CVE-2007-2493
+CVE-2007-2493 (PHP remote file inclusion vulnerability in faq.php in the FAQ &amp; RU ...)
 	NOT-FOR-US: FAQ & RULES module for mxBB
-CVE-2007-2492
+CVE-2007-2492 (SQL injection vulnerability in index.php in the v4bJournal module for  ...)
 	NOT-FOR-US: v4bJournal module for PostNuke
-CVE-2007-2491
+CVE-2007-2491 (The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.3 ...)
 	NOT-FOR-US: EMC VMware
-CVE-2007-2490
+CVE-2007-2490 (Unspecified vulnerability in LiveData Server before 5.00.62 allows rem ...)
 	NOT-FOR-US: LiveData Server
-CVE-2007-2489
+CVE-2007-2489 (Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and o ...)
 	NOT-FOR-US: LiveData Protocol Server
-CVE-2007-2487
+CVE-2007-2487 (Stack-based buffer overflow in AtomixMP3 allows remote attackers to ex ...)
 	NOT-FOR-US: AtomixMP3
-CVE-2007-2486
+CVE-2007-2486 (Directory traversal vulnerability in download.asp in Motobit 1.3 and 1 ...)
 	NOT-FOR-US: Motobit
-CVE-2007-2485
+CVE-2007-2485 (PHP remote file inclusion vulnerability in myflash-button.php in the m ...)
 	NOT-FOR-US: myflash plugin for WordPress
-CVE-2007-2484
+CVE-2007-2484 (PHP remote file inclusion vulnerability in js/wptable-button.php in th ...)
 	NOT-FOR-US: wp-Table plugin for WordPress
-CVE-2007-2483
+CVE-2007-2483 (Directory traversal vulnerability in js/wptable-button.php in the wp-T ...)
 	NOT-FOR-US: wp-Table plugin for WordPress
-CVE-2007-2482
+CVE-2007-2482 (Directory traversal vulnerability in wordtube-button.php in the wordTu ...)
 	NOT-FOR-US: wordTube plugin for WordPress
-CVE-2007-2481
+CVE-2007-2481 (PHP remote file inclusion vulnerability in wordtube-button.php in the  ...)
 	NOT-FOR-US: wordTube plugin for WordPress
 CVE-2007-XXXX [schroot may use outdated configuration information]
 	- schroot <not-affected> (Upstream: "This bug was never present in a Debian release.")
-CVE-2007-2488
+CVE-2007-2488 (The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does n ...)
 	{DSA-1358-1}
 	- asterisk 1:1.4.5~dfsg-1 (low)
 	NOTE: no-dsa / unimportant candidate, the opposite side of the telephone line
 	NOTE: could just as well hang-up
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-013.htm
-CVE-2007-2480
+CVE-2007-2480 (The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.2 ...)
 	- linux-2.6 2.6.22-1 (medium)
-CVE-2007-2479
+CVE-2007-2479 (Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers t ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2007-2478
+CVE-2007-2478 (Multiple heap-based buffer overflows in the IRC component in Cerulean  ...)
 	NOT-FOR-US: Cerulean Trillian
 CVE-2007-2477
 	NOT-FOR-US: phpMyChat
-CVE-2007-2476
+CVE-2007-2476 (Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 before 6.0 ...)
 	NOT-FOR-US: Novell
-CVE-2007-2475
+CVE-2007-2475 (Unspecified vulnerability in the ADSCHEMA utility in Novell SecureLogi ...)
 	NOT-FOR-US: Novell
-CVE-2007-2474
+CVE-2007-2474 (Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tool ...)
 	NOT-FOR-US: Turnkey Web Tools SunShop Shopping Cart
-CVE-2007-2473
+CVE-2007-2473 (SQL injection vulnerability in stylesheet.php in CMS Made Simple 1.0.5 ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2007-2472
+CVE-2007-2472 (Cross-site scripting (XSS) vulnerability in sendcard.php in Sendcard 3 ...)
 	NOT-FOR-US: Sendcard
-CVE-2007-2471
+CVE-2007-2471 (Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 an ...)
 	NOT-FOR-US: Sendcard
-CVE-2007-2470
+CVE-2007-2470 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Fi ...)
 	NOT-FOR-US: FileRun
-CVE-2007-2469
+CVE-2007-2469 (SQL injection vulnerability in index.php in FileRun 1.0 and earlier al ...)
 	NOT-FOR-US: FileRun
-CVE-2007-2468
+CVE-2007-2468 (Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 an ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2007-2467
+CVE-2007-2467 (ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions  ...)
 	NOT-FOR-US: Check Point Zone Labs ZoneAlarm Internet Security Suite
-CVE-2007-2466
+CVE-2007-2466 (Unspecified vulnerability in the LDAP Software Development Kit (SDK) f ...)
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2007-2465
+CVE-2007-2465 (Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-2464
+CVE-2007-2464 (Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2463
+CVE-2007-2463 (Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) a ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2462
+CVE-2007-2462 (Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) a ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2461
+CVE-2007-2461 (The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PI ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2460
+CVE-2007-2460 (PHP remote file inclusion vulnerability in modules/admin/include/confi ...)
 	NOT-FOR-US: FireFly
-CVE-2007-2459
+CVE-2007-2459 (Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl mo ...)
 	{DSA-1498-1}
 	- libimager-perl 0.58-1 (bug #421582)
-CVE-2007-2458
+CVE-2007-2458 (Multiple PHP remote file inclusion vulnerabilities in Pixaria Gallery  ...)
 	NOT-FOR-US: Pixaria Gallery
-CVE-2007-2457
+CVE-2007-2457 (PHP remote file inclusion vulnerability in resources/includes/class.Sm ...)
 	NOT-FOR-US: Pixaria Gallery
-CVE-2007-2456
+CVE-2007-2456 (Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 a ...)
 	NOT-FOR-US: FireFly
-CVE-2007-2455
+CVE-2007-2455 (Parallels allows local users to cause a denial of service (virtual mac ...)
 	NOT-FOR-US: Parallels
-CVE-2007-2454
+CVE-2007-2454 (Heap-based buffer overflow in the VGA device in Parallels allows local ...)
 	NOT-FOR-US: Parallels
-CVE-2007-2453
+CVE-2007-2453 (The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2. ...)
 	{DSA-1356-1}
 	- linux-2.6 2.6.21-5 (low)
-CVE-2007-2452
+CVE-2007-2452 (Heap-based buffer overflow in the visit_old_format function in locate/ ...)
 	- findutils 4.2.31-1 (low; bug #426862)
 	[sarge] - findutils <no-dsa> (Not vulnerable in default configuration, minor issue)
 	[etch] - findutils 4.2.28-1etch1 (low)
-CVE-2007-2451
+CVE-2007-2451 (Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES i ...)
 	- linux-2.6 2.6.21-3
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.20)
-CVE-2007-2450
+CVE-2007-2450 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager ...)
 	{DSA-1468-1}
 	- tomcat4 <removed> (low)
 	- tomcat5 <removed> (low)
 	- tomcat5.5 5.5.25-1 (low)
 	[sarge] - tomcat4 <no-dsa> (Contrib not supported)
-CVE-2007-2449
+CVE-2007-2449 (Multiple cross-site scripting (XSS) vulnerabilities in certain JSP fil ...)
 	- tomcat4 <removed> (unimportant)
 	- tomcat5 <removed> (unimportant)
 	- tomcat5.5 5.5.25-1 (unimportant)
 	NOTE: Only present in the examples, not in production code
-CVE-2007-2448
+CVE-2007-2448 (Subversion 1.4.3 and earlier does not properly implement the "partial  ...)
 	- subversion 1.4.4dfsg1-1 (bug #428194; low)
 	[etch] - subversion <no-dsa> (Minor issue)
 	[sarge] - subversion <no-dsa> (Minor issue)
-CVE-2007-2447
+CVE-2007-2447 (The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allo ...)
 	{DSA-1291-2 DTSA-41-1}
 	- samba 3.0.25-1 (high)
-CVE-2007-2446
+CVE-2007-2446 (Multiple heap-based buffer overflows in the NDR parsing in smbd in Sam ...)
 	{DSA-1291-2 DTSA-41-1}
 	- samba 3.0.25-1 (high)
-CVE-2007-2445
+CVE-2007-2445 (The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and ...)
 	{DSA-1613-1}
 	- libgd2 2.0.35.dfsg-1 (low)
 	[etch] - libgd2 2.0.33-5.2etch1 (low)
@@ -10260,27 +10260,27 @@ CVE-2007-2445
 	- libpng3 <not-affected>
 	[etch] - libpng 1.2.15~beta5-1+etch2
 	NOTE: Only a crash, no code injection. Calling this DoS stretches things rather far
-CVE-2007-2444
+CVE-2007-2444 (Logic error in the SID/Name translation functionality in smbd in Samba ...)
 	{DSA-1291-2 DTSA-41-1}
 	- samba 3.0.25-1
-CVE-2007-2443
+CVE-2007-2443 (Integer signedness error in the gssrpc__svcauth_unix function in svc_a ...)
 	{DSA-1323-1}
 	- krb5 1.6.dfsg.1-5 (bug #430787; medium)
-CVE-2007-2442
+CVE-2007-2442 (The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos ...)
 	{DSA-1323-1}
 	- krb5 1.6.dfsg.1-5 (bug #430787; high)
-CVE-2007-2441
+CVE-2007-2441 (Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for ...)
 	NOT-FOR-US: Caucho Resin Professional
-CVE-2007-2440
+CVE-2007-2440 (Directory traversal vulnerability in Caucho Resin Professional 3.1.0 a ...)
 	NOT-FOR-US: Caucho Resin Professional
-CVE-2007-2439
+CVE-2007-2439 (Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for ...)
 	NOT-FOR-US: Caucho Resin Professional
-CVE-2007-2438
+CVE-2007-2438 (The sandbox for vim allows dangerous functions such as (1) writefile,  ...)
 	{DSA-1364-2 DSA-1364-1}
 	- vim 1:7.1-022+1 (bug #435401; low)
 	[sarge] - vim <not-affected> (Vulnerable code not present)
 	NOTE: Exploitable through modelines, needs to be used with care in any case
-CVE-2007-2437
+CVE-2007-2437 (The X render (Xrender) extension in X.org X Window System 7.0, 7.1, an ...)
 	- xorg-server 2:1.3.0.0.dfsg-4 (unimportant; bug #422936)
 	NOTE: etch vulnerable (patch below applies)
 	NOTE: git url to fix the issue
@@ -10290,51 +10290,51 @@ CVE-2007-2437
 	NOTE: just as well provide a binary which does more harm
 CVE-2007-2436
 	REJECTED
-CVE-2007-2435
+CVE-2007-2435 (Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java  ...)
 	- sun-java5 1.5.0-11-1 (medium; bug #423062)
 	[etch] - sun-java5 1.5.0-14-1etch1
-CVE-2007-2434
+CVE-2007-2434 (Buffer overflow in asnsp.dll in Aventail Connect 4.1.2.13 allows remot ...)
 	NOT-FOR-US: Aventail Connect
-CVE-2007-2433
+CVE-2007-2433 (Cross-site scripting (XSS) vulnerability in index.php in Ariadne 2.4.1 ...)
 	NOT-FOR-US: Ariadne
-CVE-2007-2432
+CVE-2007-2432 (Cross-site scripting (XSS) vulnerability in utilities/search.asp in nu ...)
 	NOT-FOR-US: Nukedit
-CVE-2007-2431
+CVE-2007-2431 (Dynamic variable evaluation vulnerability in shared/config/tce_config. ...)
 	NOT-FOR-US: TCExam
-CVE-2007-2430
+CVE-2007-2430 (shared/code/tce_tmx.php in TCExam 4.0.011 and earlier allows remote at ...)
 	NOT-FOR-US: TCExam
-CVE-2007-2429
+CVE-2007-2429 (ManageEngine PasswordManager Pro (PMP) allows remote attackers to obta ...)
 	NOT-FOR-US: ManageEngine PasswordManager Pro (PMP)
-CVE-2007-2428
+CVE-2007-2428 (Multiple PHP remote file inclusion vulnerabilities in page.php in Ahhp ...)
 	NOT-FOR-US: Ahhp-Portal
-CVE-2007-2427
+CVE-2007-2427 (SQL injection vulnerability in index.php in the pnFlashGames 1.5 modul ...)
 	NOT-FOR-US: pnFlashGames
-CVE-2007-2426
+CVE-2007-2426 (PHP remote file inclusion vulnerability in myfunctions/mygallerybrowse ...)
 	NOT-FOR-US: myGallery
-CVE-2007-2425
+CVE-2007-2425 (Directory traversal vulnerability in fileview.php in Imageview 5.3 all ...)
 	NOT-FOR-US: Imageview
-CVE-2007-2424
+CVE-2007-2424 (PHP remote file inclusion vulnerability in help/index.php in The Merch ...)
 	NOT-FOR-US: The Merchant
-CVE-2007-2423
+CVE-2007-2423 (Cross-site scripting (XSS) vulnerability in index.php in MoinMoin 1.5. ...)
 	{DSA-1514-1}
 	- moin 1.5.7-3 (medium; bug #422408)
 CVE-2007-2422
 	NOT-FOR-US: Comdev One Admin
-CVE-2007-2421
+CVE-2007-2421 (Buffer overflow in Hitachi Groupmax Mobile Option for Mobile-Phone 07- ...)
 	NOT-FOR-US: Hitachi Groupmax
-CVE-2007-2420
+CVE-2007-2420 (SQL injection vulnerability in bry.asp in Burak Yilmaz Blog 1.0 allows ...)
 	NOT-FOR-US: Burak Yilmaz Blog
-CVE-2007-2419
+CVE-2007-2419 (Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macro ...)
 	NOT-FOR-US: Macrovision
-CVE-2007-2418
+CVE-2007-2418 (Heap-based buffer overflow in the Rendezvous / Extensible Messaging an ...)
 	NOT-FOR-US: Cerulean Trillian
-CVE-2007-2417
+CVE-2007-2417 (Heap-based buffer overflow in _mprosrv.exe in Progress Software Progre ...)
 	NOT-FOR-US: Progress Software Progress and OpenEdge
-CVE-2007-2416
+CVE-2007-2416 (SQL injection vulnerability in home.php in E-Annu allows remote attack ...)
 	NOT-FOR-US: E-Annu
-CVE-2007-2415
+CVE-2007-2415 (Pi3Web Web Server 2.0.3 PL1 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Pi3Web Web Server
-CVE-2007-2414
+CVE-2007-2414 (MyServer before 0.8.8 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: MyServer
 CVE-2007-2413
 	REJECTED
@@ -10342,57 +10342,57 @@ CVE-2007-2412
 	NOT-FOR-US: Seir Anphin
 CVE-2007-2411
 	NOT-FOR-US: Sphider
-CVE-2007-2410
+CVE-2007-2410 (WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of cer ...)
 	NOT-FOR-US: Mac OS X
-CVE-2007-2409
+CVE-2007-2409 (Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10. ...)
 	NOT-FOR-US: Mac OS X
-CVE-2007-2408
+CVE-2007-2408 (WebKit in Apple Safari 3 Beta before Update 3.0.3 does not properly re ...)
 	NOT-FOR-US: Apple Safari
-CVE-2007-2407
+CVE-2007-2407 (The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows fi ...)
 	- samba <not-affected> (MacOS/Apple-specific vulnerability)
-CVE-2007-2406
+CVE-2007-2406 (Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a certai ...)
 	NOT-FOR-US: Mac OS X
-CVE-2007-2405
+CVE-2007-2405 (Integer underflow in Preview in PDFKit on Apple Mac OS X 10.4.10 allow ...)
 	NOT-FOR-US: Mac OS X
-CVE-2007-2404
+CVE-2007-2404 (CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and ...)
 	NOT-FOR-US: Mac OS X
-CVE-2007-2403
+CVE-2007-2403 (CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly valid ...)
 	NOT-FOR-US: Mac OS X
-CVE-2007-2402
+CVE-2007-2402 (QuickTime for Java in Apple Quicktime before 7.2 does not perform suff ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-2401
+CVE-2007-2401 (CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, 10.4 ...)
 	NOT-FOR-US: Apple
-CVE-2007-2400
+CVE-2007-2400 (Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Window ...)
 	NOT-FOR-US: Apple
-CVE-2007-2399
+CVE-2007-2399 (WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1 ...)
 	NOT-FOR-US: Apple
-CVE-2007-2398
+CVE-2007-2398 (Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers ...)
 	NOT-FOR-US: Apple Safari
-CVE-2007-2397
+CVE-2007-2397 (QuickTime for Java in Apple Quicktime before 7.2 does not properly che ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-2396
+CVE-2007-2396 (The JDirect support in QuickTime for Java in Apple Quicktime before 7. ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-2395
+CVE-2007-2395 (Unspecified vulnerability in Apple QuickTime before 7.3 allows remote  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-2394
+CVE-2007-2394 (Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and  ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-2393
+CVE-2007-2393 (The design of QuickTime for Java in Apple Quicktime before 7.2 allows  ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-2392
+CVE-2007-2392 (Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-a ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-2391
+CVE-2007-2391 (Cross-site scripting (XSS) vulnerability in Apple Safari Beta 3.0.1 fo ...)
 	NOT-FOR-US: Apple
-CVE-2007-2390
+CVE-2007-2390 (Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows re ...)
 	NOT-FOR-US: Apple
-CVE-2007-2389
+CVE-2007-2389 (Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear  ...)
 	NOT-FOR-US: Apple
-CVE-2007-2388
+CVE-2007-2388 (Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not proper ...)
 	NOT-FOR-US: Apple
-CVE-2007-2387
+CVE-2007-2387 (Apple Xserve Lights-Out Management before Firmware Update 1.0 on Intel ...)
 	NOT-FOR-US: Apple
-CVE-2007-2386
+CVE-2007-2386 (Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 a ...)
 	NOT-FOR-US: Apple mDNSResponder
-CVE-2007-2385
+CVE-2007-2385 (The Yahoo! UI framework exchanges data using JavaScript Object Notatio ...)
 	- yui <removed> (unimportant; bug #557745)
 	- bcfg2 <not-affected> (present in source but not included in any binary files)
 	- serendipity 1.5.3-1 (low; bug #557746)
@@ -10404,12 +10404,12 @@ CVE-2007-2385
 	NOTE: This allows to steal data from affected websites. Therefore web applications should
 	NOTE: only be considered vunerabile if they process confidential data.
 	NOTE: The frameworks should be fixed in any case.
-CVE-2007-2384
+CVE-2007-2384 (The Script.aculo.us framework exchanges data using JavaScript Object N ...)
 	NOTE: see http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
 	NOTE: This allows to steal data from affected websites. Therefore web applications should
 	NOTE: only be considered vunerabile if they process confidential data.
 	NOTE: The frameworks should be fixed in any case.
-CVE-2007-2383
+CVE-2007-2383 (The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data  ...)
 	{DSA-1952-1}
 	- prototypejs <not-affected> (fixed before initial upload)
 	- auth2db 0.2.5-2+dfsg-1 (low; bug #555217)
@@ -10467,135 +10467,135 @@ CVE-2007-2383
 	NOTE: This allows to steal data from affected websites. Therefore web applications should
 	NOTE: only be considered vunerabile if they process confidential data.
 	NOTE: The frameworks should be fixed in any case.
-CVE-2007-2382
+CVE-2007-2382 (The Moo.fx framework exchanges data using JavaScript Object Notation ( ...)
 	NOT-FOR-US: Moo.fx framework
 	NOTE: see http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
 	NOTE: This allows to steal data from affected websites. Therefore web applications should
 	NOTE: only be considered vunerabile if they process confidential data.
 	NOTE: The frameworks should be fixed in any case.
-CVE-2007-2381
+CVE-2007-2381 (The MochiKit framework exchanges data using JavaScript Object Notation ...)
 	NOTE: see http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
 	NOTE: This allows to steal data from affected websites. Therefore web applications should
 	NOTE: only be considered vunerabile if they process confidential data.
 	NOTE: The frameworks should be fixed in any case.
-CVE-2007-2380
+CVE-2007-2380 (The Microsoft Atlas framework exchanges data using JavaScript Object N ...)
 	NOT-FOR-US: Microsoft Atlas
-CVE-2007-2379
+CVE-2007-2379 (The jQuery framework exchanges data using JavaScript Object Notation ( ...)
 	- jquery <unfixed> (unimportant)
 	NOTE: the paper in this reference is a guideline on how to avoid writing unsafe jquery applications. there really isn't anything to fix in the library itself.
 	NOTE: https://www.fortify.com/vulncat/en/vulncat/javascript/javascript_hijacking_ad_hoc_ajax.html
-CVE-2007-2378
+CVE-2007-2378 (The Google Web Toolkit (GWT) framework exchanges data using JavaScript ...)
 	- gwt <removed> (unimportant; bug #563542)
 	NOTE: javascript security guidelines provided to developers to avoid these issues
 	NOTE: https://developers.google.com/web-toolkit/articles/security_for_gwt_applications
-CVE-2007-2377
+CVE-2007-2377 (The Getahead Direct Web Remoting (DWR) framework 1.1.4 exchanges data  ...)
 	NOT-FOR-US: Getahead Direct Web Remoting
-CVE-2007-2376
+CVE-2007-2376 (The Dojo framework exchanges data using JavaScript Object Notation (JS ...)
 	NOT-FOR-US: Dojo
-CVE-2007-2375
+CVE-2007-2375 (The agent remote upgrade interface in Symantec Enterprise Security Man ...)
 	NOT-FOR-US: Symantec
-CVE-2007-2374
+CVE-2007-2374 (Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-2373
+CVE-2007-2373 (SQL injection vulnerability in viewcat.php in the WF-Links (wflinks) 1 ...)
 	NOT-FOR-US: WF-Links (wflinks) module for XOOPS
-CVE-2007-2372
+CVE-2007-2372 (admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and  ...)
 	NOT-FOR-US: phpMyNewsletter
-CVE-2007-2371
+CVE-2007-2371 (admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and ear ...)
 	NOT-FOR-US: phpMyNewsletter
-CVE-2007-2370
+CVE-2007-2370 (SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 an ...)
 	NOT-FOR-US: Jobs module for XOOPS
-CVE-2007-2369
+CVE-2007-2369 (Directory traversal vulnerability in picture.php in WebSPELL 4.01.02 a ...)
 	NOT-FOR-US: WebSPELL
-CVE-2007-2368
+CVE-2007-2368 (picture.php in WebSPELL 4.01.02 and earlier allows remote attackers to ...)
 	NOT-FOR-US: WebSPELL
-CVE-2007-2367
+CVE-2007-2367 (Buffer overflow in wserve_console.exe in Wserve HTTP Server (whttp) 4. ...)
 	NOT-FOR-US: Wserve HTTP Server (whttp)
-CVE-2007-2366
+CVE-2007-2366 (Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted rem ...)
 	NOT-FOR-US: Corel
-CVE-2007-2365
+CVE-2007-2365 (Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2007-2364
+CVE-2007-2364 (Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and  ...)
 	NOT-FOR-US: burnCMS
-CVE-2007-2363
+CVE-2007-2363 (Buffer overflow in IrfanView 4.00 and earlier allows user-assisted rem ...)
 	NOT-FOR-US: IrfanView
-CVE-2007-2362
+CVE-2007-2362 (Multiple buffer overflows in MyDNS 1.1.0 allow remote attackers to (1) ...)
 	{DSA-1434-1 DTSA-36-1}
 	- mydns 1:1.1.0-8
 	[sarge] - mydns <not-affected> (Vulnerable code not present)
-CVE-2007-2361
+CVE-2007-2361 (Symantec Norton Ghost, Norton Save &amp; Recovery, LiveState Recovery, ...)
 	NOT-FOR-US: Symantec
-CVE-2007-2360
+CVE-2007-2360 (Symantec Norton Ghost, Norton Save &amp; Recovery, LiveState Recovery, ...)
 	NOT-FOR-US: Symantec
-CVE-2007-2359
+CVE-2007-2359 (Buffer overflow in Ghost Service Manager, as used in Symantec Norton G ...)
 	NOT-FOR-US: Symantec
 CVE-2007-2358
 	- b2evolution <not-affected> (Debian's version does not contain the affected variables)
-CVE-2007-2357
+CVE-2007-2357 (Cross-site scripting (XSS) vulnerability in mods/Core/result.php in Si ...)
 	NOT-FOR-US: SineCms
-CVE-2007-2356
+CVE-2007-2356 (Stack-based buffer overflow in the set_color_table function in sunras. ...)
 	{DSA-1301-1}
 	- gimp 2.2.14-2
-CVE-2007-2355
+CVE-2007-2355 (The get_url function in DODS_Dispatch.pm for the CGI_server in OPeNDAP ...)
 	NOT-FOR-US: OPeNDAP
-CVE-2007-2354
+CVE-2007-2354 (Progress Webspeed Messenger allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: Progress Webspeed Messenger
-CVE-2007-2353
+CVE-2007-2353 (Apache Axis 1.0 allows remote attackers to obtain sensitive informatio ...)
 	- axis <unfixed> (unimportant)
 	NOTE: only path disclosure
-CVE-2007-2352
+CVE-2007-2352 (Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote at ...)
 	NOT-FOR-US: AFFLIB
-CVE-2007-2351
+CVE-2007-2351 (Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4. ...)
 	NOT-FOR-US: HP Power Manager Remote Agent
-CVE-2007-2350
+CVE-2007-2350 (admin/config.php in the music-on-hold module in freePBX 2.2.x allows r ...)
 	NOT-FOR-US: freePBX
-CVE-2007-2349
+CVE-2007-2349 (Cross-site scripting (XSS) vulnerability in Invision Power Board (IP.B ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2007-2348
+CVE-2007-2348 (mirror --script in lftp before 3.5.9 does not properly quote shell met ...)
 	- lftp 3.5.9-1 (unimportant)
 	NOTE: Non-issue, also already documented as potentially risky
-CVE-2007-2347
+CVE-2007-2347 (PHP remote file inclusion vulnerability in main/forum/komentar.php in  ...)
 	NOT-FOR-US: OneClick CMS
-CVE-2007-2346
+CVE-2007-2346 (Multiple PHP remote file inclusion vulnerabilities in PHP-Generics 1.0 ...)
 	NOT-FOR-US: PHP-Generics
-CVE-2007-2345
+CVE-2007-2345 (PHP remote file inclusion vulnerability in include/include_stream.inc. ...)
 	NOT-FOR-US: phpBrowse
-CVE-2007-2344
+CVE-2007-2344 (The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight In ...)
 	NOT-FOR-US: Enterasys
-CVE-2007-2343
+CVE-2007-2343 (Stack-based buffer overflow in the TFTPD component in Enterasys NetSig ...)
 	NOT-FOR-US: Enterasys
-CVE-2007-2342
+CVE-2007-2342 (SQL injection vulnerability in error.asp in CreaScripts CreaDirectory  ...)
 	NOT-FOR-US: CreaScripts Creadirectory
-CVE-2007-2341
+CVE-2007-2341 (PHP remote file inclusion vulnerability in suite/index.php in phpBandM ...)
 	NOT-FOR-US: phpBandManager
-CVE-2007-2340
+CVE-2007-2340 (Multiple PHP remote file inclusion vulnerabilities in inc/include_all. ...)
 	NOT-FOR-US: phporacleview
-CVE-2007-2339
+CVE-2007-2339 (Multiple SQL injection vulnerabilities in Phorum before 5.1.22 allow r ...)
 	NOT-FOR-US: Phorum
-CVE-2007-2338
+CVE-2007-2338 (Cross-site request forgery (CSRF) vulnerability in include/admin/banli ...)
 	NOT-FOR-US: Phorum
-CVE-2007-2337
+CVE-2007-2337 (Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS 0. ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2007-2336
+CVE-2007-2336 (Unspecified vulnerability in InterVations NaviCOPA Web Server 2.01 200 ...)
 	NOT-FOR-US: NaviCOPA HTTP Server
-CVE-2007-2335
+CVE-2007-2335 (Cross-site scripting (XSS) vulnerability in the RSS feed reader functi ...)
 	NOT-FOR-US: Lunascape
-CVE-2007-2334
+CVE-2007-2334 (Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_ ...)
 	NOT-FOR-US: Nortel
-CVE-2007-2333
+CVE-2007-2333 (Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_ ...)
 	NOT-FOR-US: Nortel
-CVE-2007-2332
+CVE-2007-2332 (Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_ ...)
 	NOT-FOR-US: Nortel
-CVE-2007-2331
+CVE-2007-2331 (PHP remote file inclusion vulnerability in cart.php in Shop-Script 2.0 ...)
 	NOT-FOR-US: Shop-Script
-CVE-2007-2330
+CVE-2007-2330 (PHP remote file inclusion vulnerability in includes_handler.php in Dyn ...)
 	NOT-FOR-US: DynaTracker
-CVE-2007-2329
+CVE-2007-2329 (PHP remote file inclusion vulnerability in searchbot.php in Searchacti ...)
 	NOT-FOR-US: Searchactivity
-CVE-2007-2328
+CVE-2007-2328 (PHP remote file inclusion vulnerability in addvip.php in phpMYTGP 1.4b ...)
 	NOT-FOR-US: phpMYTGP
-CVE-2007-2327
+CVE-2007-2327 (PHP remote file inclusion vulnerability in _editor.php in HTMLeditbox  ...)
 	NOT-FOR-US: HTMLeditbox
-CVE-2007-2326
+CVE-2007-2326 (Multiple PHP remote file inclusion vulnerabilities in HYIP Manager Pro ...)
 	- smarty <removed> (unimportant; bug #488523)
 	- moodle 1.8.2-2 (unimportant; bug #488525)
 	- gallery2 2.2.5-2 (unimportant; bug #488527)
@@ -10603,474 +10603,474 @@ CVE-2007-2326
 	NOTE: to exploit this, the smarty files need to be installed in a http daemon accessible directory
 	NOTE: (should be the case for embedded copies), however
 	NOTE: additionally this relies on register_globals being switched on.
-CVE-2007-2325
+CVE-2007-2325 (PHP remote file inclusion vulnerability in include.php in MyNewsGroups ...)
 	NOT-FOR-US: MyNewsGroups
-CVE-2007-2324
+CVE-2007-2324 (Directory traversal vulnerability in file.php in JulmaCMS 1.4 allows r ...)
 	NOT-FOR-US: JulmaCMS
-CVE-2007-2323
+CVE-2007-2323 (Multiple buffer overflows in the WinDVDX ActiveX control in InterVideo ...)
 	NOT-FOR-US: InterVideo
-CVE-2007-2322
+CVE-2007-2322 (NMMediaServer.exe in Nero MediaHome 2.5.5.0 and CE 1.3.0.4 allows remo ...)
 	NOT-FOR-US: Nero
-CVE-2007-2321
+CVE-2007-2321 (Unspecified vulnerability in the search functionality in SilverStripe  ...)
 	NOT-FOR-US: SilverStripe
-CVE-2007-2320
+CVE-2007-2320 (SQL injection vulnerability in kontakt.php in Papoo 3.02 and earlier a ...)
 	NOT-FOR-US: Papoo
-CVE-2007-2319
+CVE-2007-2319 (PHP remote file inclusion vulnerability in the AutoStand 1.1 and earli ...)
 	NOT-FOR-US: AutoStand
-CVE-2007-2318
+CVE-2007-2318 (Multiple format string vulnerabilities in FileZilla before 2.2.32 allo ...)
 	- filezilla 3.0.0~beta2-3 (bug #421776)
 	NOTE: http://sourceforge.net/project/shownotes.php?release_id=501534&group_id=21558
-CVE-2007-2317
+CVE-2007-2317 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5 ...)
 	NOT-FOR-US: MiniBB
-CVE-2007-2316
+CVE-2007-2316 (Unspecified vulnerability in the admin script in Open Business Managem ...)
 	NOT-FOR-US: Open Business Management
-CVE-2007-2315
+CVE-2007-2315 (MiniShare 1.5.4, and possibly earlier, allows remote attackers to caus ...)
 	NOT-FOR-US: MiniShare
-CVE-2007-2314
+CVE-2007-2314 (Multiple SQL injection vulnerabilities in Crea-Book 1.0, and possibly  ...)
 	NOT-FOR-US: Crea-Book
-CVE-2007-2313
+CVE-2007-2313 (PHP remote file inclusion vulnerability in getinfo1.php in the Shotcas ...)
 	NOT-FOR-US: Shotcast module for mxBB
-CVE-2007-2312
+CVE-2007-2312 (Multiple SQL injection vulnerabilities in the Virtual War (VWar) 1.5.0 ...)
 	NOT-FOR-US: Virtual War (VWar)
 CVE-2007-2311
 	NOT-FOR-US: BlooFoxCMS
-CVE-2007-2310
+CVE-2007-2310 (Cross-site scripting (XSS) vulnerability in plugins/spaw/img_popup.php ...)
 	NOT-FOR-US: BloofoxCMS
-CVE-2007-2309
+CVE-2007-2309 (Cross-site scripting (XSS) vulnerability in cas.php in FloweRS 2.0 all ...)
 	NOT-FOR-US: FloweRS
-CVE-2007-2308
+CVE-2007-2308 (Cross-site scripting (XSS) vulnerability in cas.php in FloweRS 2.0 all ...)
 	NOT-FOR-US: FloweRS
-CVE-2007-2307
+CVE-2007-2307 (PHP remote file inclusion vulnerability in engine/engine.inc.php in We ...)
 	NOT-FOR-US: WebKalk2
-CVE-2007-2306
+CVE-2007-2306 (Multiple cross-site scripting (XSS) vulnerabilities in the Virtual War ...)
 	NOT-FOR-US: Virtual War (VWar)
-CVE-2007-2305
+CVE-2007-2305 (Multiple SQL injection vulnerabilities in authenticate.php in Quick an ...)
 	NOT-FOR-US: QDBlog
-CVE-2007-2304
+CVE-2007-2304 (Multiple directory traversal vulnerabilities in Quick and Dirty Blog ( ...)
 	NOT-FOR-US: QDBlog
-CVE-2007-2303
+CVE-2007-2303 (Directory traversal vulnerability in includes/footer.php in News Manag ...)
 	NOT-FOR-US: NMDeluxe
-CVE-2007-2302
+CVE-2007-2302 (PHP remote file inclusion vulnerability in autoindex.php in Expow 0.8  ...)
 	NOT-FOR-US: Expow
-CVE-2007-2301
+CVE-2007-2301 (Multiple PHP remote file inclusion vulnerabilities in audioCMS arash 0 ...)
 	NOT-FOR-US: audioCMS
-CVE-2007-2300
+CVE-2007-2300 (Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto  ...)
 	NOT-FOR-US: phpwebnews
-CVE-2007-2299
+CVE-2007-2299 (Multiple SQL injection vulnerabilities in Frogss CMS 0.7 and earlier a ...)
 	NOT-FOR-US: CMS Frogss
-CVE-2007-2298
+CVE-2007-2298 (Multiple PHP remote file inclusion vulnerabilities in Garennes 0.6.1 a ...)
 	NOT-FOR-US: Garennes
-CVE-2007-2297
+CVE-2007-2297 (The SIP channel driver (chan_sip) in Asterisk before 1.2.18 and 1.4.x  ...)
 	{DSA-1358-1}
 	- asterisk 1:1.4.2~dfsg-1 (medium; bug #419820)
 	[sarge] - asterisk <not-affected> (correctly logs a warning)
-CVE-2007-2296
+CVE-2007-2296 (Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quickt ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-2295
+CVE-2007-2295 (Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-2294
+CVE-2007-2294 (The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 ...)
 	{DSA-1358-1}
 	- asterisk 1:1.4.3~dfsg-1 (low)
 	NOTE: Etch and Sarge affected
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-012.htm
-CVE-2007-2293
+CVE-2007-2293 (Multiple stack-based buffer overflows in the process_sdp function in c ...)
 	- asterisk 1:1.4.3~dfsg-1 (high)
 	[sarge] - asterisk <not-affected> (1.0.x not affected)
 	[etch] - asterisk <not-affected> (1.2.x not affected)
 	[lenny] - asterisk <not-affected> (vulnerable code not present)
 	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-010.htm
-CVE-2007-2292
+CVE-2007-2292 (CRLF injection vulnerability in the Digest Authentication support for  ...)
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1 (low)
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5
-CVE-2007-2291
+CVE-2007-2291 (CRLF injection vulnerability in the Digest Authentication support for  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-2290
+CVE-2007-2290 (Multiple PHP remote file inclusion vulnerabilities in B2 Weblog and Ne ...)
 	NOT-FOR-US: B2 Weblog
 	NOTE: Debian's b2evolution does not contain the string "b2inc",
 	NOTE: and does not seem to suffer from this vulnerability.
-CVE-2007-2289
+CVE-2007-2289 (PHP remote file inclusion vulnerability in admin/includes/spaw/dialogs ...)
 	NOT-FOR-US: Download-Engine
-CVE-2007-2288
+CVE-2007-2288 (PHP remote file inclusion vulnerability in info.php in Doruk100.net do ...)
 	NOT-FOR-US: doruk100net
-CVE-2007-2287
+CVE-2007-2287 (PHP remote file inclusion vulnerability in accept.php in comus 2.0 Fin ...)
 	NOT-FOR-US: comus
-CVE-2007-2286
+CVE-2007-2286 (PHP remote file inclusion vulnerability in config.php in Built2Go PHP  ...)
 	NOT-FOR-US: Built2Go
-CVE-2007-2285
+CVE-2007-2285 (Directory traversal vulnerability in examples/layout/feed-proxy.php in ...)
 	NOT-FOR-US: Jack Slocum Ext
-CVE-2007-2284
+CVE-2007-2284 (Buffer overflow in ABC-View Manager 1.42 allows user-assisted remote a ...)
 	NOT-FOR-US: ABC-View Manager
-CVE-2007-2283
+CVE-2007-2283 (Buffer overflow in Fresh View 7.15 allows user-assisted remote attacke ...)
 	NOT-FOR-US: Fresh View
-CVE-2007-2282
+CVE-2007-2282 (Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6. ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2281
+CVE-2007-2281 (Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe  ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2007-2280
+CVE-2007-2280 (Stack-based buffer overflow in OmniInet.exe (aka the backup client ser ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2007-2279
+CVE-2007-2279 (The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundat ...)
 	NOT-FOR-US: Symantec
-CVE-2007-2278
+CVE-2007-2278 (Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 ...)
 	NOT-FOR-US: DCP-Portal
-CVE-2007-2277
+CVE-2007-2277 (Session fixation vulnerability in Plogger allows remote attackers to h ...)
 	NOT-FOR-US: Plogger
 CVE-2007-2276
 	NOT-FOR-US: TippingPoint IPS
-CVE-2007-2275
+CVE-2007-2275 (Unspecified vulnerability in HP StorageWorks Command View Advanced Edi ...)
 	NOT-FOR-US: HP StorageWorks
-CVE-2007-2274
+CVE-2007-2274 (The BitTorrent implementation in Opera 9.2 allows remote attackers to  ...)
 	NOT-FOR-US: Opera
-CVE-2007-2273
+CVE-2007-2273 (PHP remote file inclusion vulnerability in include/loading.php in Ales ...)
 	NOT-FOR-US: wavewoo
-CVE-2007-2272
+CVE-2007-2272 (PHP remote file inclusion vulnerability in docs/front-end-demo/cart2.p ...)
 	NOT-FOR-US: Advanced Webhost Billing System
-CVE-2007-2271
+CVE-2007-2271 (Directory traversal vulnerability in Rajneel Lal TotaRam USP FOSS Dist ...)
 	NOT-FOR-US: TotaRam
-CVE-2007-2270
+CVE-2007-2270 (The Linksys SPA941 VoIP Phone allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Linksys
-CVE-2007-2269
+CVE-2007-2269 (Directory traversal vulnerability in top.php3 in SWsoft Plesk for Wind ...)
 	NOT-FOR-US: Plesk
-CVE-2007-2268
+CVE-2007-2268 (Multiple directory traversal vulnerabilities in SWsoft Plesk for Windo ...)
 	NOT-FOR-US: Plesk
-CVE-2007-2267
+CVE-2007-2267 (Unspecified vulnerability in Sun Cluster 3.1 and Solaris Cluster 3.2 b ...)
 	NOT-FOR-US: Sun Cluster
-CVE-2007-2266
+CVE-2007-2266 (Progress Webspeed Messenger allows remote attackers to read, create, m ...)
 	NOT-FOR-US: Progress Webspeed Messenger
-CVE-2007-2265
+CVE-2007-2265 (Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha allows  ...)
 	NOT-FOR-US: YA Book
-CVE-2007-2264
+CVE-2007-2264 (Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and ...)
 	NOT-FOR-US: RealPlayer
-CVE-2007-2263
+CVE-2007-2263 (Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and  ...)
 	NOT-FOR-US: RealPlayer
-CVE-2007-2262
+CVE-2007-2262 (Multiple PHP remote file inclusion vulnerabilities in html/php/detail. ...)
 	NOT-FOR-US: jmuffin
-CVE-2007-2261
+CVE-2007-2261 (PHP remote file inclusion vulnerability in espaces/communiques/annotat ...)
 	NOT-FOR-US: C-Arbre
-CVE-2007-2260
+CVE-2007-2260 (Multiple PHP remote file inclusion vulnerabilities in bibtex mase beta ...)
 	NOT-FOR-US: bibtex mase
-CVE-2007-2259
+CVE-2007-2259 (SQL injection vulnerability in forum.php in EsForum 3.0 allows remote  ...)
 	NOT-FOR-US: EsForum
-CVE-2007-2258
+CVE-2007-2258 (PHP remote file inclusion vulnerability in includes/init.inc.php in PH ...)
 	NOT-FOR-US: PHPMyBibli
-CVE-2007-2257
+CVE-2007-2257 (PHP remote file inclusion vulnerability in subscp.php in Fully Modded  ...)
 	NOT-FOR-US: Fully Modded phpBB2
-CVE-2007-2256
+CVE-2007-2256 (Cross-site scripting (XSS) vulnerability in you.php in TJSChat 0.95 al ...)
 	NOT-FOR-US: TJSChat
-CVE-2007-2255
+CVE-2007-2255 (Multiple PHP remote file inclusion vulnerabilities in Download-Engine  ...)
 	NOT-FOR-US: Download-Engine
-CVE-2007-2254
+CVE-2007-2254 (PHP remote file inclusion vulnerability in admin/setup/level2.php in P ...)
 	NOT-FOR-US: PHP Classifieds
-CVE-2007-2253
+CVE-2007-2253 (Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtai ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2007-2252
+CVE-2007-2252 (Directory traversal vulnerability in iconspopup.php in Exponent CMS 0. ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2007-2251
+CVE-2007-2251 (Unspecified vulnerability in the Roles module in Xaraya 1.1.2 and earl ...)
 	NOT-FOR-US: Xaraya
-CVE-2007-2250
+CVE-2007-2250 (admin.php in Phorum before 5.1.22 allows remote attackers to obtain th ...)
 	NOT-FOR-US: Phorum
-CVE-2007-2249
+CVE-2007-2249 (include/controlcenter/users.php in Phorum before 5.1.22 allows remote  ...)
 	NOT-FOR-US: Phorum
-CVE-2007-2248
+CVE-2007-2248 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Ph ...)
 	NOT-FOR-US: Phorum
-CVE-2007-2247
+CVE-2007-2247 (SQL injection vulnerability in modules/news/article.php in phpMySpace  ...)
 	NOT-FOR-US: phpMySpace
-CVE-2007-2246
+CVE-2007-2246 (Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running s ...)
 	NOT-FOR-US: HP-UX
-CVE-2007-2245
+CVE-2007-2245 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...)
 	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.10.1-1 (low)
 	NOTE: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-4
-CVE-2007-2244
+CVE-2007-2244 (Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator  ...)
 	NOT-FOR-US: Adobe Photoshop
-CVE-2007-2243
+CVE-2007-2243 (OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabl ...)
 	- openssh <unfixed> (bug #436571; unimportant)
 	[etch] - openssh <no-dsa> (Minor issue)
 	[sarge] - openssh <no-dsa> (Minor issue)
-CVE-2007-2242
+CVE-2007-2242 (The IPv6 protocol allows remote attackers to cause a denial of service ...)
 	{DSA-1356-1}
 	- linux-2.6 2.6.21-1 (low; bug #421595)
 	- kfreebsd-5 <removed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (No security support for KFreeBSD)
 	NOTE: This should be off by default, tweakable by a simple knob.
 	NOTE: (FreeBSD has it turned on for hosts, too.)
-CVE-2007-2241
+CVE-2007-2241 (Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 th ...)
 	- bind9 1:9.4.1-1 (medium)
 	[etch] - bind9 <not-affected> (Only 9.4/9.5 branches affected)
 	[sarge] - bind9 <not-affected> (Only 9.4/9.5 branches affected)
-CVE-2007-2240
+CVE-2007-2240 (The IBM Lenovo Access Support acpRunner ActiveX control, as distribute ...)
 	NOT-FOR-US: IBM Lenovo Access Support acpRunner ActiveX control
-CVE-2007-2239
+CVE-2007-2239 (Stack-based buffer overflow in the SaveBMP method in the AXIS Camera C ...)
 	NOT-FOR-US: AXIS Camera Control
-CVE-2007-2238
+CVE-2007-2238 (Multiple stack-based buffer overflows in the Whale Client Components A ...)
 	NOT-FOR-US: Whale Client Components ActiveX control
-CVE-2007-2237
+CVE-2007-2237 (Microsoft Windows Graphics Device Interface (GDI+, GdiPlus.dll) allows ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-2236
+CVE-2007-2236 (footer.php in PunBB 1.2.14 and earlier allows remote attackers to incl ...)
 	NOT-FOR-US: PunBB
-CVE-2007-2235
+CVE-2007-2235 (Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 an ...)
 	NOT-FOR-US: PunBB
-CVE-2007-2234
+CVE-2007-2234 (include/common.php in PunBB 1.2.14 and earlier does not properly handl ...)
 	NOT-FOR-US: PunBB
-CVE-2007-2233
+CVE-2007-2233 (cosign-bin/cosign.cgi in Cosign 2.0.2 and earlier allows remote authen ...)
 	NOT-FOR-US: CoSign
-CVE-2007-2232
+CVE-2007-2232 (The CHECK command in Cosign 2.0.1 and earlier allows remote attackers  ...)
 	NOT-FOR-US: CoSign
-CVE-2007-2231
+CVE-2007-2231 (Directory traversal vulnerability in index/mbox/mbox-storage.c in Dove ...)
 	{DSA-1359-1}
 	- dovecot 1.0.rc29-1
 	[sarge] - dovecot <not-affected> (Vulnerable code not present)
-CVE-2007-2230
+CVE-2007-2230 (SQL injection vulnerability in CA Clever Path Portal allows remote aut ...)
 	NOT-FOR-US: CA Clever Path
-CVE-2007-2229
+CVE-2007-2229 (Microsoft Windows Vista uses insecure default permissions for unspecif ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-2228
+CVE-2007-2228 (rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2,  ...)
 	NOT-FOR-US: Windows
-CVE-2007-2227
+CVE-2007-2227 (The MHTML protocol handler in Microsoft Outlook Express 6 and Windows  ...)
 	NOT-FOR-US: Microsoft
 CVE-2007-2226
 	REJECTED
-CVE-2007-2225
+CVE-2007-2225 (A component in Microsoft Outlook Express 6 and Windows Mail in Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-2224
+CVE-2007-2224 (Object linking and embedding (OLE) Automation, as used in Microsoft Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-2223
+CVE-2007-2223 (Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote atta ...)
 	NOT-FOR-US: Microsoft XML
-CVE-2007-2222
+CVE-2007-2222 (Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-2221
+CVE-2007-2221 (Unspecified vulnerability in the mdsauth.dll COM object in Microsoft W ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-2220
 	REJECTED
-CVE-2007-2219
+CVE-2007-2219 (Unspecified vulnerability in the Win32 API on Microsoft Windows 2000,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-2218
+CVE-2007-2218 (Unspecified vulnerability in the Windows Schannel Security Package for ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-2217
+CVE-2007-2217 (Kodak Image Viewer in Microsoft Windows 2000 SP4, and in some cases XP ...)
 	NOT-FOR-US: Kodak Image Viewer
-CVE-2007-2216
+CVE-2007-2216 (The tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-2215
 	REJECTED
-CVE-2007-2214
+CVE-2007-2214 (Unrestricted file upload vulnerability in includes/upload_file.php in  ...)
 	NOT-FOR-US: DmCMS
-CVE-2007-2213
+CVE-2007-2213 (Unspecified vulnerability in the Initialize function in NetscapeFTPHan ...)
 	NOT-FOR-US: WS_FTP
-CVE-2007-2212
+CVE-2007-2212 (Multiple SQL injection vulnerabilities in calendar.php in MyBB (aka My ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2007-2211
+CVE-2007-2211 (SQL injection vulnerability in calendar.php in MyBB (aka MyBulletinBoa ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2007-2210
+CVE-2007-2210 (A certain ActiveX control in askPopStp.dll in Netsprint Ask IE Toolbar ...)
 	NOT-FOR-US: Netsprint
-CVE-2007-2209
+CVE-2007-2209 (Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft Im ...)
 	NOT-FOR-US: AccuSoft
-CVE-2007-2208
+CVE-2007-2208 (Multiple PHP remote file inclusion vulnerabilities in Extreme PHPBB2 3 ...)
 	NOT-FOR-US: Extreme PHPBB2
-CVE-2007-2207
+CVE-2007-2207 (SQL injection vulnerability in contact/index.php in Ripe Website Manag ...)
 	NOT-FOR-US: Ripe Website Manager
-CVE-2007-2206
+CVE-2007-2206 (Cross-site scripting (XSS) vulnerability in contact/index.php in Ripe  ...)
 	NOT-FOR-US: Ripe Website Manager
-CVE-2007-2205
+CVE-2007-2205 (PHP remote file inclusion vulnerability in modules/rtmessageadd.php in ...)
 	NOT-FOR-US: LAN Management System
-CVE-2007-2204
+CVE-2007-2204 (Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (G ...)
 	NOT-FOR-US: GPL PHP Board
-CVE-2007-2203
+CVE-2007-2203 (Cross-site scripting (XSS) vulnerability in Big Blue Guestbook allows  ...)
 	NOT-FOR-US: Big Blue Guestbook
-CVE-2007-2202
+CVE-2007-2202 (PHP remote file inclusion vulnerability in inc_ACVS/SOAP/Transport.php ...)
 	NOT-FOR-US: Accueil et Conseil en Visites et Sejours Web Services
-CVE-2007-2201
+CVE-2007-2201 (Multiple PHP remote file inclusion vulnerabilities in Post Revolution  ...)
 	NOT-FOR-US: Post Revolution
-CVE-2007-2200
+CVE-2007-2200 (Directory traversal vulnerability in navigator/navigator_ok.php in Pag ...)
 	NOT-FOR-US: Pagode
-CVE-2007-2199
+CVE-2007-2199 (PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcl ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-2198
+CVE-2007-2198 (Cross-site scripting (XSS) vulnerability in LAN Management System (LMS ...)
 	NOT-FOR-US: LAN Management System
-CVE-2007-2197
+CVE-2007-2197 (Race condition in the NeatUpload ASP.NET component 1.2.11 through 1.2. ...)
 	NOT-FOR-US: NeatUpload
 CVE-2007-2196
 	NOT-FOR-US: Jambook module for Mambo and Joomla
-CVE-2007-2195
+CVE-2007-2195 (aMSN (aka Alvaro's Messenger) 0.96 and earlier allows remote attackers ...)
 	- amsn <not-affected> (Appears bogus, no such port is opened; bug #557754)
-CVE-2007-2194
+CVE-2007-2194 (Stack-based buffer overflow in XnView 1.90.3 allows user-assisted remo ...)
 	NOT-FOR-US: XnView
-CVE-2007-2193
+CVE-2007-2193 (Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build ...)
 	NOT-FOR-US: ACDSee
-CVE-2007-2192
+CVE-2007-2192 (Buffer overflow in Photofiltre Studio 8.1.1 allows user-assisted remot ...)
 	NOT-FOR-US: Photofiltre
-CVE-2007-2191
+CVE-2007-2191 (Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x a ...)
 	NOT-FOR-US: freePBX
-CVE-2007-2190
+CVE-2007-2190 (PHP remote file inclusion vulnerability in admin/public/webpages.php i ...)
 	NOT-FOR-US: Eba News
-CVE-2007-2189
+CVE-2007-2189 (PHP remote file inclusion vulnerability in admin/admin_album_otf.php i ...)
 	NOT-FOR-US: mxBB Smartor Album
-CVE-2007-2188
+CVE-2007-2188 (eXtremail 2.1.1 and earlier does not verify the ID field (aka transact ...)
 	NOT-FOR-US: eXtremail
-CVE-2007-2187
+CVE-2007-2187 (Stack-based buffer overflow in eXtremail 2.1.1 and earlier allows remo ...)
 	NOT-FOR-US: eXtremail
-CVE-2007-2186
+CVE-2007-2186 (Foxit Reader 2.0 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2007-2185
+CVE-2007-2185 (Multiple PHP remote file inclusion vulnerabilities in Supasite 1.23b a ...)
 	NOT-FOR-US: Supasite
-CVE-2007-2184
+CVE-2007-2184 (Directory traversal vulnerability in imgsrv.php in jchit counter 1.0.0 ...)
 	NOT-FOR-US: jchit
-CVE-2007-2183
+CVE-2007-2183 (SQL injection vulnerability in index.php in PHP-Ring Webring System (a ...)
 	NOT-FOR-US: PHP-Ring Webring System
-CVE-2007-2182
+CVE-2007-2182 (Unrestricted file upload vulnerability in forum_write.php in Maran PHP ...)
 	NOT-FOR-US: Maran PHP Forum
-CVE-2007-2181
+CVE-2007-2181 (PHP remote file inclusion vulnerability in admin/login.php in Webinsta ...)
 	NOT-FOR-US: WEBInsta
-CVE-2007-2180
+CVE-2007-2180 (Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote att ...)
 	NOT-FOR-US: Nullsoft Winamp
-CVE-2007-2179
+CVE-2007-2179 (Multiple unspecified vulnerabilities in IXceedCompression in XceddZipL ...)
 	NOT-FOR-US: RaidenFTPD
-CVE-2007-2178
+CVE-2007-2178 (Multiple unspecified vulnerabilities in Objective Development Sharity  ...)
 	NOT-FOR-US: Sharity
-CVE-2007-2177
+CVE-2007-2177 (Stack-based buffer overflow in the Microgaming Download Helper ActiveX ...)
 	NOT-FOR-US: Microgaming Download Helper
-CVE-2007-2176
+CVE-2007-2176 (Unspecified vulnerability in Mozilla Firefox allows remote attackers t ...)
 	NOT-FOR-US: Related to Apple QuickTime as well, no information about Mozilla being affected is available
-CVE-2007-2175
+CVE-2007-2175 (Apple QuickTime Java extensions (QTJava.dll), as used in Safari and ot ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-2174
+CVE-2007-2174 (The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Eng ...)
 	NOT-FOR-US: ZoneAlarm
-CVE-2007-2173
+CVE-2007-2173 (Eval injection vulnerability in (1) courier-imapd.indirect and (2) cou ...)
 	NOT-FOR-US: Gentoo's packaging of courier
-CVE-2007-2172
+CVE-2007-2172 (A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 cau ...)
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1363-1 DSA-1356-1}
 	- linux-2.6 2.6.21-1 (medium)
-CVE-2007-2171
+CVE-2007-2171 (Stack-based buffer overflow in the base64_decode function in GWINTER.e ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2007-2170
+CVE-2007-2170 (The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not c ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2007-2169
+CVE-2007-2169 (Static code injection vulnerability in add.php in Mozzers SubSystem 1. ...)
 	NOT-FOR-US: Mozzers SubSystem
-CVE-2007-2168
+CVE-2007-2168 (Static code injection vulnerability in process.php in AimStats 3.2 and ...)
 	NOT-FOR-US: AimStats
-CVE-2007-2167
+CVE-2007-2167 (Static code injection vulnerability in process.php in AimStats 3.2 all ...)
 	NOT-FOR-US: AimStats
-CVE-2007-2166
+CVE-2007-2166 (PHP remote file inclusion vulnerability in administration/user/lib/gro ...)
 	NOT-FOR-US: OpenSurveyPilot
-CVE-2007-2165
+CVE-2007-2165 (The Auth API in ProFTPD before 20070417, when multiple simultaneous au ...)
 	- proftpd 1.3.0-24 (low)
 	[sarge] - proftpd <no-dsa> (Minor issue)
 	- proftpd-dfsg 1.3.0-24 (low)
 	[etch] - proftpd-dfsg 1.3.0-19etch1
 	NOTE: Minor issue Fixed in 4.0r4 point release
-CVE-2007-2164
+CVE-2007-2164 (Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial ...)
 	- kdelibs <unfixed> (unimportant)
 	NOTE: Browser crashes are not treated as security problems
-CVE-2007-2163
+CVE-2007-2163 (Apple Safari allows remote attackers to cause a denial of service (bro ...)
 	NOT-FOR-US: Apple Safari
-CVE-2007-2162
+CVE-2007-2162 ((1) Mozilla Firefox 2.0.0.3 and (2) GNU IceWeasel 2.0.0.3 allow remote ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes are not treated as security problems
-CVE-2007-2161
+CVE-2007-2161 (Microsoft Internet Explorer 7 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-2160
+CVE-2007-2160 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Data ...)
 	NOT-FOR-US: dba module for Drupal
-CVE-2007-2159
+CVE-2007-2159 (Multiple cross-site scripting (XSS) vulnerabilities in the Database Ad ...)
 	NOT-FOR-US: dba module for Drupal
-CVE-2007-2158
+CVE-2007-2158 (PHP remote file inclusion vulnerability in index.php in jGallery 1.3 a ...)
 	NOT-FOR-US: jGallery
-CVE-2007-2157
+CVE-2007-2157 (Directory traversal vulnerability in upload/force_download.php in Zomp ...)
 	NOT-FOR-US: Zomplog
-CVE-2007-2156
+CVE-2007-2156 (Multiple PHP remote file inclusion vulnerabilities in Rezervi Generic  ...)
 	NOT-FOR-US: Rezervi Generic
-CVE-2007-2155
+CVE-2007-2155 (Directory traversal vulnerability in template.php in in phpFaber TopSi ...)
 	NOT-FOR-US: phpFaber TopSites
-CVE-2007-2154
+CVE-2007-2154 (PHP remote file inclusion vulnerability in services/samples/inclusionS ...)
 	NOT-FOR-US: Cabron Connector
-CVE-2007-2153
+CVE-2007-2153 (Cross-site scripting (XSS) vulnerability in atmail.php in @Mail 5.0 al ...)
 	NOT-FOR-US: @Mail
-CVE-2007-2152
+CVE-2007-2152 (Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterpris ...)
 	NOT-FOR-US: McAfee VirusScan Enterprise
-CVE-2007-2151
+CVE-2007-2151 (The administration server in McAfee e-Business Server before 8.1.1 and ...)
 	NOT-FOR-US: McAfee
-CVE-2007-2150
+CVE-2007-2150 (BlueArc-FTPD in BlueArc Titan 2x00 devices with firmware 4.2.944b allo ...)
 	NOT-FOR-US: BlueArc
-CVE-2007-2149
+CVE-2007-2149 (Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier stores userna ...)
 	NOT-FOR-US: Chatness
-CVE-2007-2148
+CVE-2007-2148 (Direct static code injection vulnerability in admin/save.php in Stephe ...)
 	NOT-FOR-US: Chatness
-CVE-2007-2147
+CVE-2007-2147 (admin/options.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and  ...)
 	NOT-FOR-US: Chatness
-CVE-2007-2146
+CVE-2007-2146 (The imagecomments function in classes.php in MiniGal b13 allow remote  ...)
 	NOT-FOR-US: MiniGal
-CVE-2007-2145
+CVE-2007-2145 (The imagecomments function in classes.php in MiniGal b13 allows remote ...)
 	NOT-FOR-US: MiniGal
-CVE-2007-2144
+CVE-2007-2144 (PHP remote file inclusion vulnerability in includes/CAltInstaller.php  ...)
 	NOT-FOR-US: JoomlaPack
-CVE-2007-2143
+CVE-2007-2143 (PHP remote file inclusion vulnerability in index.php in the Be2004-2 t ...)
 	NOT-FOR-US: Be2004-2 template for Joomla
-CVE-2007-2142
+CVE-2007-2142 (Multiple PHP remote file inclusion vulnerabilities in AjPortal2Php all ...)
 	NOT-FOR-US: AjPortal2Php
-CVE-2007-2141
+CVE-2007-2141 (Direct static code injection vulnerability in shoutbox.php in ShoutPro ...)
 	NOT-FOR-US: ShoutPro
-CVE-2007-2140
+CVE-2007-2140 (PHP remote file inclusion vulnerability in everything.php in Franklin  ...)
 	NOT-FOR-US: Flip-search-add-on
-CVE-2007-2139
+CVE-2007-2139 (Multiple stack-based buffer overflows in the SUN RPC service in CA (fo ...)
 	NOT-FOR-US: CA BrightStor
-CVE-2007-2137
+CVE-2007-2137 (Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express ...)
 	NOT-FOR-US: Tivoli
-CVE-2007-2136
+CVE-2007-2136 (Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol Perform ...)
 	NOT-FOR-US: BMC Patrol PerformAgent
-CVE-2007-2135
+CVE-2007-2135 (The ADI_BINARY component in the Oracle E-Business Suite allows remote  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2134
+CVE-2007-2134 (Unspecified vulnerability in the HTML Server in Oracle JD Edwards Ente ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2133
+CVE-2007-2133 (Unspecified vulnerability in the PeopleSoft Enterprise Human Capital M ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2132
+CVE-2007-2132 (Unspecified vulnerability in the PeopleTools component in Oracle Peopl ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2131
+CVE-2007-2131 (Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterpri ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2130
+CVE-2007-2130 (Unspecified vulnerability in Workflow Cartridge, as used in Oracle Dat ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2129
+CVE-2007-2129 (Unspecified vulnerability in the Agent component in Oracle Enterprise  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2128
+CVE-2007-2128 (Unspecified vulnerability in the Sales Online component for Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2127
+CVE-2007-2127 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.0 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2126
+CVE-2007-2126 (Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2 has un ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2125
+CVE-2007-2125 (Unspecified vulnerability in Collaborative Workspace in Oracle Collabo ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2124
+CVE-2007-2124 (Unspecified vulnerability in the Portal component in Oracle Applicatio ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2123
+CVE-2007-2123 (Unspecified vulnerability in the Portal component in Oracle Applicatio ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2122
+CVE-2007-2122 (Unspecified vulnerability in the Wireless component in Oracle Applicat ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2121
+CVE-2007-2121 (Unspecified vulnerability in the COREid Access component in Oracle App ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2120
+CVE-2007-2120 (The Oracle Discoverer servlet in Oracle Application Server 9.0.4.3, 10 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2119
+CVE-2007-2119 (Cross-site scripting (XSS) vulnerability in boundary_rules.jsp in the  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2118
+CVE-2007-2118 (Unspecified vulnerability in the Upgrade/Downgrade component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2117
+CVE-2007-2117 (Unspecified vulnerability in the Oracle Text component in Oracle Datab ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2116
+CVE-2007-2116 (Unspecified vulnerability in the Advanced Replication component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2115
+CVE-2007-2115 (Unspecified vulnerability in the Change Data Capture (CDC) component i ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2114
+CVE-2007-2114 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 1 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2113
+CVE-2007-2113 (SQL injection vulnerability in the Upgrade/Downgrade component (DBMS_U ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2112
+CVE-2007-2112 (Unspecified vulnerability in the Authentication component for Oracle D ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2111
+CVE-2007-2111 (SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2110
+CVE-2007-2110 (Unspecified vulnerability in the Core RDBMS component for Oracle Datab ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2109
+CVE-2007-2109 (Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-2108
+CVE-2007-2108 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
 CVE-2007-XXXX [buffer overflow in mixmaster importing type 2 messages]
 	- mixmaster 3.0b2-5 (low; bug #418662)
@@ -11082,571 +11082,571 @@ CVE-2007-XXXX [heap-based buffer overflow in git-blame with long file names]
 	NOTE: http://git.kernel.org/?p=git/git.git;a=commit;h=1bb88be99e4fdedcd5cc5292c11b566a00028deb
 	NOTE: http://git.kernel.org/?p=git/git.git;a=commitdiff;h=1cfe77333f274c9ba9879c2eb61057a790eb050f
 	NOTE: http://git.kernel.org/?p=git/git.git;a=tag;h=ae9ced19800491a5d80de5ee36bc07d68868a4dd
-CVE-2007-2138
+CVE-2007-2138 (Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x ...)
 	{DSA-1311-1 DSA-1309-1}
 	- postgresql-8.2 8.2.4-1
 	- postgresql-8.1 8.1.9-1
 	- postgresql-7.4 1:7.4.17-1
-CVE-2007-2107
+CVE-2007-2107 (SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7do ...)
 	NOT-FOR-US: Rha7 Downloads
-CVE-2007-2106
+CVE-2007-2106 (Directory traversal vulnerability in index.php in Kai Content Manageme ...)
 	NOT-FOR-US: Kai Content Management System
-CVE-2007-2105
+CVE-2007-2105 (Directory traversal vulnerability in admin/index.php in Monkey CMS 0.0 ...)
 	NOT-FOR-US: Monkey CMS
-CVE-2007-2104
+CVE-2007-2104 (Multiple directory traversal vulnerabilities in iXon CMS 0.30 allow re ...)
 	NOT-FOR-US: iXon CMS
-CVE-2007-2103
+CVE-2007-2103 (Multiple PHP remote file inclusion vulnerabilities in my little forum  ...)
 	NOT-FOR-US: my little forum
-CVE-2007-2102
+CVE-2007-2102 (Cross-site scripting (XSS) vulnerability in weblog.php in my little we ...)
 	NOT-FOR-US: my little weblog
-CVE-2007-2101
+CVE-2007-2101 (FAC Guestbook 3.01 stores sensitive information under the web root wit ...)
 	NOT-FOR-US: FAC Guestbook
-CVE-2007-2100
+CVE-2007-2100 (FAC Guestbook 2.0 stores sensitive information under the web root with ...)
 	NOT-FOR-US: FAC Guestbook
-CVE-2007-2099
+CVE-2007-2099 (Cross-site scripting (XSS) vulnerability in htdocs/php.php in OpenConc ...)
 	NOT-FOR-US: OpenConcept Back-End CMS
-CVE-2007-2098
+CVE-2007-2098 (Multiple cross-site scripting (XSS) vulnerabilities in showpic.php in  ...)
 	NOT-FOR-US: Wabbit PHP Gallery
 CVE-2007-2097
 	NOT-FOR-US: OpenConcept Back-End CMS
-CVE-2007-2096
+CVE-2007-2096 (PHP remote file inclusion vulnerability in common.php in Hinton Design ...)
 	NOT-FOR-US: PHPHD Download System
-CVE-2007-2095
+CVE-2007-2095 (PHP remote file inclusion vulnerability in chat.php in MySpeach 1.9 al ...)
 	NOT-FOR-US: MySpeach
-CVE-2007-2094
+CVE-2007-2094 (PHP remote file inclusion vulnerability in index.php in Anthologia 0.5 ...)
 	NOT-FOR-US: Anthologia
-CVE-2007-2093
+CVE-2007-2093 (Direct static code injection vulnerability in index.php in Limesoft Gu ...)
 	NOT-FOR-US: Limesoft Guestbook
-CVE-2007-2092
+CVE-2007-2092 (Direct static code injection vulnerability in index.php in Limesoft Gu ...)
 	NOT-FOR-US: Limesoft Guestbook
-CVE-2007-2091
+CVE-2007-2091 (PHP remote file inclusion vulnerability in blocks/tsdisplay4xoops_bloc ...)
 	NOT-FOR-US: tsdisplay4xoops
-CVE-2007-2090
+CVE-2007-2090 (Cross-site scripting (XSS) vulnerability in index.php in TuMusika Evol ...)
 	NOT-FOR-US: TuMusika Evolution
-CVE-2007-2089
+CVE-2007-2089 (Multiple PHP remote file inclusion vulnerabilities in the Jx Developme ...)
 	NOT-FOR-US: Jx Development Article component for Mambo and Joomla
-CVE-2007-2088
+CVE-2007-2088 (Multiple PHP remote file inclusion vulnerabilities in Sitebar 3.3.5 an ...)
 	- sitebar 3.3.8-7 (low)
 	NOTE: this was register globals only and is fixed in Debian anyway
-CVE-2007-2087
+CVE-2007-2087 (Multiple PHP remote file inclusion vulnerabilities in CNStats 2.12, wh ...)
 	NOT-FOR-US: CNStats
-CVE-2007-2086
+CVE-2007-2086 (Multiple PHP remote file inclusion vulnerabilities in CNStats 2.9 allo ...)
 	NOT-FOR-US: CNStats
-CVE-2007-2085
+CVE-2007-2085 (Cross-site scripting (XSS) vulnerability in oe2edit.cgi in oe2edit CMS ...)
 	NOT-FOR-US: oe2edit CMS
 CVE-2007-2084
 	NOT-FOR-US: MobilePublisherphp
-CVE-2007-2083
+CVE-2007-2083 (vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 ...)
 	NOT-FOR-US: Check Point Zone Labs ZoneAlarm Internet Security Suite
-CVE-2007-2082
+CVE-2007-2082 (Direct static code injection vulnerability in admin/settings.php in My ...)
 	NOT-FOR-US: MyBlog
-CVE-2007-2081
+CVE-2007-2081 (MyBlog 0.9.8 and earlier allows remote attackers to bypass authenticat ...)
 	NOT-FOR-US: MyBlog
-CVE-2007-2080
+CVE-2007-2080 (Multiple SQL injection vulnerabilities in XAMPP 1.6.0a for Windows all ...)
 	NOT-FOR-US: XAMPP
-CVE-2007-2079
+CVE-2007-2079 (The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and ...)
 	NOT-FOR-US: XAMPP
 CVE-2007-2078
 	NOT-FOR-US: Maian Weblog
-CVE-2007-2077
+CVE-2007-2077 (PHP remote file inclusion vulnerability in search.php in Maian Search  ...)
 	NOT-FOR-US: Maian Search
-CVE-2007-2076
+CVE-2007-2076 (PHP remote file inclusion vulnerability in index.php in Maian Gallery  ...)
 	NOT-FOR-US: Maian Gallery
-CVE-2007-2075
+CVE-2007-2075 (ScramDisk 4 Linux before 1.0-1 does not perform permission checks on m ...)
 	NOT-FOR-US: ScramDisk
-CVE-2007-2074
+CVE-2007-2074 (Certain programs in containers in ScramDisk 4 Linux before 1.0-1 execu ...)
 	NOT-FOR-US: ScramDisk
-CVE-2007-2073
+CVE-2007-2073 (PHP remote file inclusion vulnerability in index.php in Ivan Gallery S ...)
 	NOT-FOR-US: Ivan Gallery Script
 CVE-2007-2072
 	NOT-FOR-US: Ivan Gallery Script
-CVE-2007-2071
+CVE-2007-2071 (Multiple cross-site scripting (XSS) vulnerabilities in Open-gorotto 2. ...)
 	NOT-FOR-US: Open-gorotto
-CVE-2007-2070
+CVE-2007-2070 (Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tool ...)
 	NOT-FOR-US: SunShop Shopping Cart
-CVE-2007-2069
+CVE-2007-2069 (Directory traversal vulnerability in scr/soustab.php in openMairie 1.1 ...)
 	NOT-FOR-US: openMairie
-CVE-2007-2068
+CVE-2007-2068 (Multiple PHP remote file inclusion vulnerabilities in the StoreFront m ...)
 	NOT-FOR-US: StoreFront extension for Gallery
-CVE-2007-2067
+CVE-2007-2067 (Multiple PHP remote file inclusion vulnerabilities in Marco Antonio Is ...)
 	NOT-FOR-US: WebSlider
-CVE-2007-2066
+CVE-2007-2066 (UseBB before 1.0.6 allows remote attackers to obtain sensitive informa ...)
 	NOT-FOR-US: UseBB
-CVE-2007-2065
+CVE-2007-2065 (PHP remote file inclusion vulnerability in db/PollDB.php in Robert Lad ...)
 	NOT-FOR-US: ActionPoll
-CVE-2007-2064
+CVE-2007-2064 (Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaett ...)
 	NOT-FOR-US: ActionPoll
-CVE-2007-2063
+CVE-2007-2063 (SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure world-writab ...)
 	NOT-FOR-US: IBM zOS
-CVE-2007-2062
+CVE-2007-2062 (Stack-based buffer overflow in VCDGear 3.55 and 3.56 BETA allows user- ...)
 	NOT-FOR-US: VCDGear
-CVE-2007-2061
+CVE-2007-2061 (Cross-site scripting (XSS) vulnerability in check_login.asp in AfterLo ...)
 	NOT-FOR-US: MailBee WebMail Pro
-CVE-2007-2060
+CVE-2007-2060 (Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 ...)
 	NOT-FOR-US: Wizz RSS Reader
-CVE-2007-2059
+CVE-2007-2059 (Multiple buffer overflows in the ESA protocol implementation in eIQnet ...)
 	NOT-FOR-US: eIQnetworks Enterprise Security Analyzer
-CVE-2007-2058
+CVE-2007-2058 (Directory traversal vulnerability in Acubix PicoZip 4.02 allows user-a ...)
 	NOT-FOR-US: Acubix PicoZip
-CVE-2007-2057
+CVE-2007-2057 (Stack-based buffer overflow in aircrack-ng airodump-ng 0.7 allows remo ...)
 	{DSA-1280-1 DTSA-35-1}
 	- aircrack-ng 1:0.7-3 (medium)
 	NOTE: http://trac.aircrack-ng.org/changeset/288
 CVE-2007-2056
 	REJECTED
-CVE-2007-2055
+CVE-2007-2055 (AFFLIB 2.2.8 and earlier allows attackers to execute arbitrary command ...)
 	NOT-FOR-US: AFFLIB
-CVE-2007-2054
+CVE-2007-2054 (Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow re ...)
 	NOT-FOR-US: AFFLIB
-CVE-2007-2053
+CVE-2007-2053 (Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow rem ...)
 	NOT-FOR-US: AFFLIB
-CVE-2007-2052
+CVE-2007-2052 (Off-by-one error in the PyLocale_strxfrm function in Modules/_localemo ...)
 	{DSA-1620-1 DSA-1551-1}
 	- python2.4 2.4.4-3 (bug #416931; low)
 	- python2.5 2.5.1-1 (bug #416934; low)
 	- python2.3 <removed> (low)
-CVE-2007-2051
+CVE-2007-2051 (Buffer overflow in the parsecmd function in bftpd before 1.8 has unkno ...)
 	NOT-FOR-US: bftpd
-CVE-2007-2050
+CVE-2007-2050 (Multiple directory traversal vulnerabilities in header.php in RicarGBo ...)
 	NOT-FOR-US: RicarGBooK
-CVE-2007-2049
+CVE-2007-2049 (Multiple PHP remote file inclusion vulnerabilities in the Calendar Mod ...)
 	NOT-FOR-US: Calendar Module for Mambo
-CVE-2007-2048
+CVE-2007-2048 (Directory traversal vulnerability in /console in the Management Consol ...)
 	NOT-FOR-US: webMethods Glue
-CVE-2007-2047
+CVE-2007-2047 (CRLF injection vulnerability in www/delivery/ck.php in Openads 2.3 (ak ...)
 	NOT-FOR-US: Openads
-CVE-2007-2046
+CVE-2007-2046 (Multiple CRLF injection vulnerabilities in adclick.php in (a) Openads  ...)
 	NOT-FOR-US: Openads
-CVE-2007-2045
+CVE-2007-2045 (Unspecified vulnerability in the IP implementation in Sun Solaris 8 an ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-2044
+CVE-2007-2044 (PHP remote file inclusion vulnerability in mod_weather.php in the Anto ...)
 	NOT-FOR-US: Weather module for Mambo and Joomla
-CVE-2007-2043
+CVE-2007-2043 (Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde  ...)
 	NOT-FOR-US: MOSMedia Lite
-CVE-2007-2042
+CVE-2007-2042 (Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde  ...)
 	NOT-FOR-US: MOSMedia Lite
-CVE-2007-2041
+CVE-2007-2041 (Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN AC ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2040
+CVE-2007-2040 (Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points be ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2039
+CVE-2007-2039 (The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2038
+CVE-2007-2038 (The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2037
+CVE-2007-2037 (Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x befor ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2036
+CVE-2007-2036 (The SNMP implementation in the Cisco Wireless LAN Controller (WLC) bef ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2035
+CVE-2007-2035 (Cisco Wireless Control System (WCS) before 4.0.66.0 stores sensitive i ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2034
+CVE-2007-2034 (Unspecified vulnerability in Cisco Wireless Control System (WCS) befor ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2033
+CVE-2007-2033 (Unspecified vulnerability in Cisco Wireless Control System (WCS) befor ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2032
+CVE-2007-2032 (Cisco Wireless Control System (WCS) before 4.0.96.0 has a hard-coded F ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2031
+CVE-2007-2031 (Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, an ...)
 	NOT-FOR-US: 3proxy
-CVE-2007-2030
+CVE-2007-2030 (lharc.c in lha does not securely create temporary files, which might a ...)
 	- lha 1.14i-10.2 (bug #437621; low)
 	[sarge] - lha <no-dsa> (Non-free not supported)
 	[etch] - lha <no-dsa> (Non-free not supported)
-CVE-2007-2029
+CVE-2007-2029 (File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) all ...)
 	{DSA-1281-1 DTSA-37-1}
 	- clamav 0.90.2-1 (low; bug #418849)
 	NOTE: closed report: https://bugzilla.clamav.net/show_bug.cgi?id=459
 	NOTE: Commit r3021 looks as if it's just a null pointer dereference.
-CVE-2007-2028
+CVE-2007-2028 (Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to ...)
 	- freeradius 1.1.6-1 (low)
 	[sarge] - freeradius <no-dsa> (Minor issue)
 	[etch] - freeradius <no-dsa> (Minor issue)
-CVE-2007-2027
+CVE-2007-2027 (Untrusted search path vulnerability in the add_filename_to_string func ...)
 	- elinks 0.11.1-1.4 (bug #417789; low)
 	[sarge] - elinks <no-dsa> (Hardly exploitable)
 	[etch] - elinks <no-dsa> (Hardly exploitable)
 	NOTE: Unrealistic attack vector, no evidence code injection is possible
-CVE-2007-2026
+CVE-2007-2026 (The gnu regular expression code in file 4.20 allows context-dependent  ...)
 	- file 4.20-6 (low)
 	[etch] - file 4.17-5etch3
 	[sarge] - file <not-affected> (version too old)
-CVE-2007-2025
+CVE-2007-2025 (Unrestricted file upload vulnerability in the UpLoad feature (lib/plug ...)
 	{DSA-1371-1}
 	- phpwiki 1.3.12p3-6.1 (bug #441390)
-CVE-2007-2024
+CVE-2007-2024 (Unrestricted file upload vulnerability in the UpLoad feature (lib/plug ...)
 	{DSA-1371-1}
 	- phpwiki 1.3.12p3-6.1 (bug #441390)
-CVE-2007-2023
+CVE-2007-2023 (USB20.dll in Secustick USB flash drive decouples the authorization and ...)
 	NOT-FOR-US: Secustick USB flash drive
-CVE-2007-2022
+CVE-2007-2022 (Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.2 ...)
 	- flashplugin-nonfree 9.0.48.0.1
 	[sarge] - flashplugin-nonfree <no-dsa> (Non-free not supported)
 	[etch] - flashplugin-nonfree <no-dsa> (Non-free not supported)
 	NOTE: Flash Plugin has a vulnerablity, which will only be disclosed in a few months
 	NOTE: Some browser vendors produce updates, which fix this issue on the browser side,
 	NOTE: but that it not of concern for Debian
-CVE-2007-2021
+CVE-2007-2021 (Multiple PHP remote file inclusion vulnerabilities in Pineapple Techno ...)
 	NOT-FOR-US: Pineapple Technologies Lore
 CVE-2007-2020
 	NOT-FOR-US: xodagallery
-CVE-2007-2019
+CVE-2007-2019 (PHP remote file inclusion vulnerability in init.gallery.php in phpGall ...)
 	NOT-FOR-US: phpGalleryScript
-CVE-2007-2018
+CVE-2007-2018 (SQL injection vulnerability in msg.php in AlstraSoft Video Share Enter ...)
 	NOT-FOR-US: AlstraSoft Video Share Enterprise
-CVE-2007-2017
+CVE-2007-2017 (siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not c ...)
 	NOT-FOR-US: AlstraSoft Video Share Enterprise
-CVE-2007-2016
+CVE-2007-2016 (Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMy ...)
 	- phpmyadmin 4:2.6.2-3 (unimportant)
-CVE-2007-2015
+CVE-2007-2015 (PHP remote file inclusion vulnerability in index.php in Request It 1.0 ...)
 	NOT-FOR-US: Request It
-CVE-2007-2014
+CVE-2007-2014 (PHP remote file inclusion vulnerability in include/blocks/week_events. ...)
 	NOT-FOR-US: MyNews
-CVE-2007-2013
+CVE-2007-2013 (Cross-site scripting (XSS) vulnerability in index.php in JEx-Treme Ein ...)
 	NOT-FOR-US: Passworschutz
-CVE-2007-2012
+CVE-2007-2012 (Multiple directory traversal vulnerabilities in MimarSinan CompreXX 4. ...)
 	NOT-FOR-US: CompreXX
-CVE-2007-2011
+CVE-2007-2011 (Cross-site scripting (XSS) vulnerability in login.php in DeskPro 2.0.1 ...)
 	NOT-FOR-US: DeskPro
-CVE-2007-2010
+CVE-2007-2010 (Double free vulnerability in bftpd before 1.8 allows remote authentica ...)
 	NOT-FOR-US: bftpd
-CVE-2007-2009
+CVE-2007-2009 (PHP remote file inclusion vulnerability in index.php in SimpCMS Light  ...)
 	NOT-FOR-US: SimpCMS Light
-CVE-2007-2008
+CVE-2007-2008 (Directory traversal vulnerability in admin.php in pL-PHP beta 0.9 allo ...)
 	NOT-FOR-US: pL-PHP
-CVE-2007-2007
+CVE-2007-2007 (admin.php in pL-PHP beta 0.9 allows remote attackers to bypass authent ...)
 	NOT-FOR-US: pL-PHP
-CVE-2007-2006
+CVE-2007-2006 (Multiple SQL injection vulnerabilities in login.php in pL-PHP beta 0.9 ...)
 	NOT-FOR-US: pL-PHP
-CVE-2007-2005
+CVE-2007-2005 (Multiple PHP remote file inclusion vulnerabilities in the Taskhopper 1 ...)
 	NOT-FOR-US: Taskhopper component for Mambo and Joomla
-CVE-2007-2004
+CVE-2007-2004 (Multiple SQL injection vulnerabilities in InoutMailingListManager 3.1  ...)
 	NOT-FOR-US: InoutMailingListManager
-CVE-2007-2003
+CVE-2007-2003 (InoutMailingListManager 3.1 and earlier sends a Location redirect head ...)
 	NOT-FOR-US: InoutMailingListManager
-CVE-2007-2002
+CVE-2007-2002 (InoutMailingListManager 3.1 and earlier allows remote attackers to acc ...)
 	NOT-FOR-US: InoutMailingListManager
-CVE-2007-2001
+CVE-2007-2001 (Multiple direct static code injection vulnerabilities in admin/configu ...)
 	NOT-FOR-US: Crea-Book
-CVE-2007-2000
+CVE-2007-2000 (Multiple SQL injection vulnerabilities in admin/admin.php in Crea-Book ...)
 	NOT-FOR-US: Crea-Book
-CVE-2007-1999
+CVE-2007-1999 (PHP remote file inclusion vulnerability in index.php in Weatimages 1.7 ...)
 	NOT-FOR-US: Weatimages
-CVE-2007-1998
+CVE-2007-1998 (Direct static code injection vulnerability in HIOX Guest Book (HGB) 4. ...)
 	NOT-FOR-US: HIOX Guest Book
-CVE-2007-1997
+CVE-2007-1997 (Integer signedness error in the (1) cab_unstore and (2) cab_extract fu ...)
 	{DSA-1281-1 DTSA-37-1}
 	- clamav 0.90.2-1 (high)
-CVE-2007-1996
+CVE-2007-1996 (PHP remote file inclusion vulnerability in codebreak.php in CodeBreak, ...)
 	NOT-FOR-US: CodeBreak
-CVE-2007-1995
+CVE-2007-1995 (bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0 ...)
 	{DSA-1293-1}
 	- quagga 0.99.6-5 (low; bug #418323)
 	NOTE: The attributes are non-transitive, which means that they
 	NOTE: are not propagated via BGP and therefore must originate
 	NOTE: from a peer (which is explicitly configured).
-CVE-2007-1994
+CVE-2007-1994 (Unspecified vulnerability in the Address and Routing Parameter Area (A ...)
 	NOT-FOR-US: HP-UX ARPA transport
-CVE-2007-1993
+CVE-2007-1993 (Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File  ...)
 	NOT-FOR-US: HP-UX Portable File System
-CVE-2007-1992
+CVE-2007-1992 (Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 ...)
 	NOT-FOR-US: com_zoom
-CVE-2007-1991
+CVE-2007-1991 (Cross-site scripting (XSS) vulnerability in mail/signup.asp in CmailSe ...)
 	NOT-FOR-US: CmailServer WebMail
-CVE-2007-1990
+CVE-2007-1990 (PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlo ...)
 	NOT-FOR-US: MyBlog
-CVE-2007-1989
+CVE-2007-1989 (Multiple cross-site scripting (XSS) vulnerabilities in DotClear before ...)
 	NOT-FOR-US: DotClear
-CVE-2007-1988
+CVE-2007-1988 (Cross-site scripting (XSS) vulnerability in kernel/filters.inc.php in  ...)
 	NOT-FOR-US: PHPEcho CMS
 CVE-2007-1987
 	NOT-FOR-US: PHPEcho CMS
-CVE-2007-1986
+CVE-2007-1986 (Multiple PHP remote file inclusion vulnerabilities in barnraiser AROUN ...)
 	NOT-FOR-US: AROUNDMe
-CVE-2007-1985
+CVE-2007-1985 (Multiple PHP remote file inclusion vulnerabilities in phpexplorator.ph ...)
 	NOT-FOR-US: phpexplorator
-CVE-2007-1984
+CVE-2007-1984 (PHP remote file inclusion vulnerability in index.php in lite-cms 0.2.1 ...)
 	NOT-FOR-US: lite-cms
-CVE-2007-1983
+CVE-2007-1983 (PHP remote file inclusion vulnerability in include/default_header.php  ...)
 	NOT-FOR-US: Cyboards PHP Lite
-CVE-2007-1982
+CVE-2007-1982 (Multiple PHP remote file inclusion vulnerabilities in Really Simple PH ...)
 	NOT-FOR-US: Really Simple PHP and Ajax
-CVE-2007-1981
+CVE-2007-1981 (The safevoid_vsnprintf function in Metamod-P 1.19p29 and earlier on Wi ...)
 	NOT-FOR-US: Metamod-P
-CVE-2007-1980
+CVE-2007-1980 (SQL injection vulnerability in index.php in the Topliste 1.0 module fo ...)
 	NOT-FOR-US: Topliste module for PHP-Fusion
-CVE-2007-1979
+CVE-2007-1979 (SQL injection vulnerability in index.php in the PopnupBlog 2.52 and ea ...)
 	NOT-FOR-US: PopnupBlog module for Xoops
-CVE-2007-1978
+CVE-2007-1978 (SQL injection vulnerability in index.php in the Arcade 1.00 module for ...)
 	NOT-FOR-US: Arcade module for PHP-Fusion
-CVE-2007-1977
+CVE-2007-1977 (Cross-site scripting (XSS) vulnerability in index_cms.php in holaCMS 1 ...)
 	NOT-FOR-US: holaCMS
 CVE-2007-1976
 	NOT-FOR-US: Virii Info module for Xoops
-CVE-2007-1975
+CVE-2007-1975 (Multiple PHP remote file inclusion vulnerabilities in SLAED CMS 2 allo ...)
 	NOT-FOR-US: SLAED CMS
-CVE-2007-1974
+CVE-2007-1974 (SQL injection vulnerability in the getArticle function in class/wfsart ...)
 	NOT-FOR-US: Xoops modules
-CVE-2007-1973
+CVE-2007-1973 (Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2007-1972
 	NOT-FOR-US: BMC Patrol PerformAgent
 CVE-2007-XXXX [mydms SQL injection]
 	- mydms 1.4.4+1-5
-CVE-2007-1971
+CVE-2007-1971 (SQL injection vulnerability in fotokategori.asp in Gazi Okul Sitesi 20 ...)
 	NOT-FOR-US: fotokategori.asp
-CVE-2007-1970
+CVE-2007-1970 (Mozilla Firefox does not warn the user about HTTP elements on an HTTPS ...)
 	- iceweasel <removed> (unimportant; bug #556267)
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
 	[lenny] - iceweasel <no-dsa> (Minor issue)
-CVE-2007-1969
+CVE-2007-1969 (Cross-site scripting (XSS) vulnerability in admin/modify.php in Sam Cr ...)
 	NOT-FOR-US: MyBlog
-CVE-2007-1968
+CVE-2007-1968 (PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlo ...)
 	NOT-FOR-US: MyBlog
 CVE-2007-1967
 	NOT-FOR-US: stat12
-CVE-2007-1966
+CVE-2007-1966 (Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows  ...)
 	NOT-FOR-US: eXV2 CMS
-CVE-2007-1965
+CVE-2007-1965 (Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.0.4. ...)
 	NOT-FOR-US: eXV2 CMS
-CVE-2007-1964
+CVE-2007-1964 (member.php in MyBB (aka MyBulletinBoard), when debug mode is available ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2007-1963
+CVE-2007-1963 (SQL injection vulnerability in the create_session function in class_se ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2007-1962
+CVE-2007-1962 (SQL injection vulnerability in index.php in the WF-Snippets 1.02 and e ...)
 	NOT-FOR-US: WF-Snippets module for Xoops
-CVE-2007-1961
+CVE-2007-1961 (PHP remote file inclusion vulnerability in mutant_functions.php in the ...)
 	NOT-FOR-US: Mutant portal for phpBB
-CVE-2007-1960
+CVE-2007-1960 (SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7do ...)
 	NOT-FOR-US: Rha7 Downloads
-CVE-2007-1959
+CVE-2007-1959 (Unspecified vulnerability in the process_cmdent function in command.cp ...)
 	- tinymux <unfixed> (unimportant)
-CVE-2007-1958
+CVE-2007-1958 (Buffer overflow in TinyMUX before 2.4 allows attackers to cause a deni ...)
 	- tinymux 2.4.3.31-1
-CVE-2007-1957
+CVE-2007-1957 (Multiple PHP remote file inclusion vulnerabilities in Guernion Sylvain ...)
 	NOT-FOR-US: Portail Web Php
-CVE-2007-1956
+CVE-2007-1956 (SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6 ...)
 	NOT-FOR-US: Groupee UBB.threads
-CVE-2007-1955
+CVE-2007-1955 (Multiple stack-based buffer overflows in the SignKorea SKCrypAX Active ...)
 	NOT-FOR-US: SKCrypAX ActiveX control
-CVE-2007-1954
+CVE-2007-1954 (Multiple directory traversal vulnerabilities in ArchiveXpert 2.02 buil ...)
 	NOT-FOR-US: ArchiveXpert
-CVE-2007-1953
+CVE-2007-1953 (Session fixation vulnerability in onelook courts on-line allows remote ...)
 	NOT-FOR-US: onelook courts on-line
-CVE-2007-1952
+CVE-2007-1952 (Session fixation vulnerability in onelook onebyone CMS allows remote a ...)
 	NOT-FOR-US: onelook onebyone CMS
-CVE-2007-1951
+CVE-2007-1951 (Session fixation vulnerability in onelook obo Shop allows remote attac ...)
 	NOT-FOR-US: onelook obo Shop
-CVE-2007-1950
+CVE-2007-1950 (Cross-site scripting (XSS) vulnerability in index_cms.php in WebBlizza ...)
 	NOT-FOR-US: WebBlizzard CMS
-CVE-2007-1949
+CVE-2007-1949 (Session fixation vulnerability in WebBlizzard CMS allows remote attack ...)
 	NOT-FOR-US: WebBlizzard CMS
-CVE-2007-1948
+CVE-2007-1948 (Buffer overflow in IrfanView 3.99 allows context-dependent attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2007-1947
+CVE-2007-1947 (Cross-zone scripting vulnerability in the DOM templates (domplates) us ...)
 	NOT-FOR-US: Firebug extension for Firefox
-CVE-2007-1946
+CVE-2007-1946 (Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might ...)
 	NOT-FOR-US: WIndows Explorer
-CVE-2007-1945
+CVE-2007-1945 (Unspecified vulnerability in the Servlet Engine/Web Container in IBM W ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-1944
+CVE-2007-1944 (The Java Message Service (JMS) in IBM WebSphere Application Server (WA ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-1943
+CVE-2007-1943 (Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent  ...)
 	NOT-FOR-US: ACDSee Photo Manager
-CVE-2007-1942
+CVE-2007-1942 (Integer overflow in FastStone Image Viewer 2.9 allows context-dependen ...)
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2007-1941
+CVE-2007-1941 (Cross-site scripting (XSS) vulnerability in the Active Content Filter  ...)
 	NOT-FOR-US: Domino Web Access
-CVE-2007-1940
+CVE-2007-1940 (IBM Tivoli Business Service Manager (TBSM) 4.1 before Interim Fix 1 lo ...)
 	NOT-FOR-US: IBM Tivoli Business Service Manager
-CVE-2007-1939
+CVE-2007-1939 (Cross-site scripting (XSS) vulnerability in the embedded webserver in  ...)
 	NOT-FOR-US: LanguageTool
-CVE-2007-1938
+CVE-2007-1938 (Ichitaro 2005 through 2007, and possibly related products, allows remo ...)
 	NOT-FOR-US: Ichitaro
-CVE-2007-1937
+CVE-2007-1937 (PHP remote file inclusion vulnerability in smilies.php in Scorp Book 1 ...)
 	NOT-FOR-US: Scorp Book
-CVE-2007-1936
+CVE-2007-1936 (PHP remote file inclusion vulnerability in scaradcontrol.php in ScarAd ...)
 	NOT-FOR-US: ScarAdControl
-CVE-2007-1935
+CVE-2007-1935 (PHP file inclusion vulnerability in admin/index.php in ScarAdControl ( ...)
 	NOT-FOR-US: ScarAdControl
-CVE-2007-1934
+CVE-2007-1934 (Directory traversal vulnerability in member.php in the eBoard 1.0.7 mo ...)
 	NOT-FOR-US: eBoard module for PHP-Nuke
-CVE-2007-1933
+CVE-2007-1933 (Multiple directory traversal vulnerabilities in PcP-Guestbook (PcP-Boo ...)
 	NOT-FOR-US: PcP-Guestbook
-CVE-2007-1932
+CVE-2007-1932 (Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2. ...)
 	NOT-FOR-US: ScarNews
-CVE-2007-1931
+CVE-2007-1931 (SQL injection vulnerability in index.php in the slownik module in Smod ...)
 	NOT-FOR-US: SmodCMS
-CVE-2007-1930
+CVE-2007-1930 (Directory traversal vulnerability in download2.php in cattaDoc 2.21, a ...)
 	NOT-FOR-US: cattaDoc
-CVE-2007-1929
+CVE-2007-1929 (Directory traversal vulnerability in downloadpic.php in Beryo 2.0, and ...)
 	NOT-FOR-US: Beryo
-CVE-2007-1928
+CVE-2007-1928 (Directory traversal vulnerability in index.php in witshare 0.9 allows  ...)
 	NOT-FOR-US: witshare
-CVE-2007-1927
+CVE-2007-1927 (Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer  ...)
 	NOT-FOR-US: CmailServer WebMail
-CVE-2007-1926
+CVE-2007-1926 (Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin  ...)
 	NOT-FOR-US: JBMC Software DirectAdmin
-CVE-2007-1925
+CVE-2007-1925 (The borrado function in modules/Your_Account/index.php in Tru-Zone Nuk ...)
 	NOT-FOR-US: Tru-Zone Nuke ET
 CVE-2007-1924
 	NOT-FOR-US: phpContact
-CVE-2007-1923
+CVE-2007-1923 ((1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control  ...)
 	- sql-ledger <unfixed> (unimportant; bug #409703)
-CVE-2007-1922
+CVE-2007-1922 (The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in IN_MOD.D ...)
 	NOT-FOR-US: Winamp
-CVE-2007-1921
+CVE-2007-1921 (LIBSNDFILE.DLL, as used by AOL Nullsoft Winamp 5.33 and possibly other ...)
 	NOT-FOR-US: Winamp
-CVE-2007-1920
+CVE-2007-1920 (SQL injection vulnerability in index.php in the aktualnosci module in  ...)
 	NOT-FOR-US: aktualnosci module in SmodBIP
-CVE-2007-1919
+CVE-2007-1919 (Cross-site scripting (XSS) vulnerability in index.php in Arizona Dream ...)
 	NOT-FOR-US: Arizona Dream Livre d'or
-CVE-2007-1918
+CVE-2007-1918 (The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 a ...)
 	NOT-FOR-US: SAP RFC Library
-CVE-2007-1917
+CVE-2007-1917 (Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC  ...)
 	NOT-FOR-US: SAP RFC Library
-CVE-2007-1916
+CVE-2007-1916 (Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6 ...)
 	NOT-FOR-US: SAP RFC Library
-CVE-2007-1915
+CVE-2007-1915 (Buffer overflow in the RFC_START_PROGRAM function in the SAP RFC Libra ...)
 	NOT-FOR-US: SAP RFC Library
-CVE-2007-1914
+CVE-2007-1914 (The RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 be ...)
 	NOT-FOR-US: SAP RFC Library
-CVE-2007-1913
+CVE-2007-1913 (The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7 ...)
 	NOT-FOR-US: SAP RFC Library
-CVE-2007-1912
+CVE-2007-1912 (Heap-based buffer overflow in Microsoft Windows allows user-assisted r ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1911
+CVE-2007-1911 (Multiple unspecified vulnerabilities in Microsoft Word 2007 allow remo ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2007-1910
+CVE-2007-1910 (Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote atta ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2007-1909
+CVE-2007-1909 (SQL injection vulnerability in login.php in Ryan Haudenschilt Battle.n ...)
 	NOT-FOR-US: Battle.net Clan Script
-CVE-2007-1908
+CVE-2007-1908 (PHP file inclusion vulnerability in php121db.php in PHP121 Instant Mes ...)
 	NOT-FOR-US: PHP121 Instant Messenger
-CVE-2007-1907
+CVE-2007-1907 (PHP remote file inclusion vulnerability in warn.php in Pathos Content  ...)
 	NOT-FOR-US: Pathos CMS
-CVE-2007-1906
+CVE-2007-1906 (Directory traversal vulnerability in richedit/keyboard.php in eCardMAX ...)
 	NOT-FOR-US: eCardMAX HotEditor
-CVE-2007-1905
+CVE-2007-1905 (Cross-site scripting (XSS) vulnerability in auth.php in Pineapple Tech ...)
 	NOT-FOR-US: QuizShock
-CVE-2007-1904
+CVE-2007-1904 (Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 a ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2007-1903
+CVE-2007-1903 (Cross-site scripting (XSS) vulnerability in search.php in SonicBB 1.0  ...)
 	NOT-FOR-US: SonicBB
-CVE-2007-1902
+CVE-2007-1902 (Multiple SQL injection vulnerabilities in SonicBB 1.0 allow remote att ...)
 	NOT-FOR-US: SonicBB
-CVE-2007-1901
+CVE-2007-1901 (SonicBB 1.0 allows remote attackers to obtain sensitive information vi ...)
 	NOT-FOR-US: SonicBB
-CVE-2007-1900
+CVE-2007-1900 (CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ex ...)
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-11 (low)
-CVE-2007-1899
+CVE-2007-1899 (Multiple SQL injection vulnerabilities in myWebland myBloggie 2.1.6 al ...)
 	NOT-FOR-US: myWebland myBloggie
-CVE-2007-1898
+CVE-2007-1898 (formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitra ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2007-1897
+CVE-2007-1897 (SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, ...)
 	{DSA-1285-1}
 	- wordpress 2.1.3-1 (medium)
-CVE-2007-1896
+CVE-2007-1896 (Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach  ...)
 	NOT-FOR-US: Sky GUNNING MySpeach
-CVE-2007-1895
+CVE-2007-1895 (PHP remote file inclusion vulnerability in chat.php in Sky GUNNING MyS ...)
 	NOT-FOR-US: Sky GUNNING MySpeach
-CVE-2007-1894
+CVE-2007-1894 (Cross-site scripting (XSS) vulnerability in wp-includes/general-templa ...)
 	{DSA-1285-1}
 	- wordpress 2.1.3-1 (medium)
-CVE-2007-1893
+CVE-2007-1893 (xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows r ...)
 	{DSA-1285-1}
 	- wordpress 2.1.3-1 (medium)
-CVE-2007-1892
+CVE-2007-1892 (Stack-based buffer overflow in Akamai Technologies Download Manager Ac ...)
 	NOT-FOR-US: Akamai
-CVE-2007-1891
+CVE-2007-1891 (Stack-based buffer overflow in the GetPrivateProfileSectionW function  ...)
 	NOT-FOR-US: Akamai
-CVE-2007-1890
+CVE-2007-1890 (Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and ...)
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: local code execution only, possibly only on FreeBSD
-CVE-2007-1889
+CVE-2007-1889 (Integer signedness error in the _zend_mm_alloc_int function in the Zen ...)
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-11 (medium)
-CVE-2007-1888
+CVE-2007-1888 (Buffer overflow in the sqlite_decode_binary function in src/encode.c i ...)
 	- sqlite 2.8.17-2.1 (unimportant; bug #441233; bug #526328)
 	NOTE: this is really just an "unsafe" API, not really a security issue against sqlite itself.
 	NOTE: SQLite 3 no longer contains the affected function.
-CVE-2007-1887
+CVE-2007-1887 (Buffer overflow in the sqlite_decode_binary function in the bundled sq ...)
 	{DSA-1283-1 DTSA-39-1}
 	- php4 <not-affected> (SQLite not enabled in PHP 4 packages)
 	- php5 5.2.0-11 (medium)
 	- php4-sqlite <removed> (medium; bug #420456)
 	NOTE: php5 is vulnerable due to improper use of the system sqlite libs
-CVE-2007-1886
+CVE-2007-1886 (Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2. ...)
 	NOTE: Duplicate of CVE-2007-1885
-CVE-2007-1885
+CVE-2007-1885 (Integer overflow in the str_replace function in PHP 4 before 4.4.5 and ...)
 	NOTE: Dupe of CVE-2007-0906; Fixed in DSA-1264, php5 5.2.0-9, php4 6:4.4.4-9
-CVE-2007-1884
+CVE-2007-1884 (Multiple integer signedness errors in the printf function family in PH ...)
 	NOTE: Dupe of CVE-2007-0909; Fixed in DSA-1264, php5 5.2.0-9, php4 6:4.4.4-9
-CVE-2007-1883
+CVE-2007-1883 (PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-depende ...)
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable by malicious script
-CVE-2007-1882
+CVE-2007-1882 (qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury Qualit ...)
 	NOT-FOR-US: HP Mercury Quality Center
-CVE-2007-1881
+CVE-2007-1881 (Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus,  ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2007-1880
+CVE-2007-1880 (Integer overflow in the _NtSetValueKey function in klif.sys in Kaspers ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2007-1879
+CVE-2007-1879 (The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo ...)
 	NOT-FOR-US: KL.SysInfo ActiveX control
-CVE-2007-1878
+CVE-2007-1878 (Cross-zone scripting vulnerability in the DOM templates (domplates) us ...)
 	NOT-FOR-US: Firebug extension for Firefox
-CVE-2007-1877
+CVE-2007-1877 (VMware Workstation before 5.5.4 allows attackers to cause a denial of  ...)
 	NOT-FOR-US: VMware
-CVE-2007-1876
+CVE-2007-1876 (VMware Workstation before 5.5.4, when running a 64-bit Windows guest o ...)
 	NOT-FOR-US: VMware
 CVE-2007-1875
 	RESERVED
-CVE-2007-1874
+CVE-2007-1874 (Adobe ColdFusion MX 7 for Linux and Solaris uses insecure permissions  ...)
 	NOT-FOR-US: Adobe ColdFusion MX
-CVE-2007-1873
+CVE-2007-1873 (Cross-site scripting (XSS) vulnerability in Mephisto 0.7.3 allows remo ...)
 	NOT-FOR-US: mephisto
-CVE-2007-1872
+CVE-2007-1872 (Cross-site scripting (XSS) vulnerability in toendaCMS 1.5.3 allows rem ...)
 	NOT-FOR-US: toendaCMS
-CVE-2007-1871
+CVE-2007-1871 (Cross-site scripting (XSS) vulnerability in chcounter 3.1.3 allows rem ...)
 	NOT-FOR-US: chcounter
-CVE-2007-1870
+CVE-2007-1870 (lighttpd before 1.4.14 allows attackers to cause a denial of service ( ...)
 	{DSA-1303-1}
 	- lighttpd 1.4.15-1 (low; bug #422254)
-CVE-2007-1869
+CVE-2007-1869 (lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial o ...)
 	{DSA-1303-1}
 	- lighttpd 1.4.15-1 (medium; bug #422254)
-CVE-2007-1868
+CVE-2007-1868 (The management service in IBM Tivoli Provisioning Manager for OS Deplo ...)
 	NOT-FOR-US: IBM Tivoli Provisioning Manager
-CVE-2007-1867
+CVE-2007-1867 (Buffer overflow in IrfanView 3.99 allows remote attackers to execute a ...)
 	NOT-FOR-US: IrfanView
-CVE-2007-1866
+CVE-2007-1866 (Stack-based buffer overflow in the dns_decode_reverse_name function in ...)
 	NOT-FOR-US: dproxy-nexgen
 CVE-2007-1865
 	NOT-FOR-US: not a bug
-CVE-2007-1864
+CVE-2007-1864 (Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7,  ...)
 	{DSA-1331-1 DSA-1330-1}
 	- php4 <removed>
 	- php5 5.2.2-1
-CVE-2007-1863
+CVE-2007-1863 (cache_util.c in the mod_cache module in Apache HTTP Server (httpd), wh ...)
 	- apache2 2.2.4-1 (low)
 	- apache <removed> (unimportant)
 	[sarge] - apache2 2.0.54-5sarge2
 	[etch] - apache2 2.2.3-4+etch2
 	NOTE: Apache 1.3 is non-threaded, therefore unimportant
-CVE-2007-1862
+CVE-2007-1862 (The recall_headers function in mod_mem_cache in Apache 2.2.4 does not  ...)
 	- apache2 <not-affected> (Only Apache 2.2.4 was affected, and all versions of 2.2.4 in Debian are fixed)
-CVE-2007-1861
+CVE-2007-1861 (The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel  ...)
 	{DSA-1289-1}
 	- linux-2.6 2.6.21-1
-CVE-2007-1860
+CVE-2007-1860 (mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 de ...)
 	{DSA-1312-1}
 	- libapache-mod-jk 1:1.2.23-1 (bug #425836)
-CVE-2007-1859
+CVE-2007-1859 (XScreenSaver 4.10, when using a remote directory service for credentia ...)
 	- xscreensaver 5.03-1 (low; bug #433964)
 	[etch] - xscreensaver <no-dsa> (Minor issue, requires attacker with high level of control, see #433964)
 	[sarge] - xscreensaver <no-dsa> (Minor issue, requires attacker with high level of control, see #433964)
-CVE-2007-1858
+CVE-2007-1858 (The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4 ...)
 	NOTE: insecure ciphers should not be (and usually are not) enabled in browsers
 	[sarge] - tomcat4 <no-dsa> (low)
 	[etch] - tomcat5 <no-dsa> (low; bug #423435)
@@ -11655,165 +11655,165 @@ CVE-2007-1858
 	- tomcat4 <removed> (low)
 CVE-2007-1857
 	RESERVED
-CVE-2007-1856
+CVE-2007-1856 (Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure p ...)
 	- cron <not-affected> (Debian uses proper permission scheme)
-CVE-2007-1855
+CVE-2007-1855 (Multiple PHP remote file inclusion vulnerabilities in smarty/smarty_cl ...)
 	NOT-FOR-US: Shop-Script
-CVE-2007-1854
+CVE-2007-1854 (Unspecified vulnerability in Hitachi Cosminexus Component Container 07 ...)
 	NOT-FOR-US: Hitachi Cosminexus Component Container
-CVE-2007-1853
+CVE-2007-1853 (Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, Glob ...)
 	NOT-FOR-US: Hitachi DeviceManager
 CVE-2007-1852
 	NOT-FOR-US: 2BGal
-CVE-2007-1851
+CVE-2007-1851 (Multiple directory traversal vulnerabilities in Really Simple PHP and  ...)
 	NOT-FOR-US: Really Simple PHP and Ajax
-CVE-2007-1850
+CVE-2007-1850 (Directory traversal vulnerability in classes/captcha/captcha.jpg.php i ...)
 	NOT-FOR-US: Drake CMS
-CVE-2007-1849
+CVE-2007-1849 (Directory traversal vulnerability in 404.php in Drake CMS allows remot ...)
 	NOT-FOR-US: Drake CMS
-CVE-2007-1848
+CVE-2007-1848 (Cross-site scripting (XSS) vulnerability in admin/classes/ui.dta.php i ...)
 	NOT-FOR-US: Drake CMS
-CVE-2007-1847
+CVE-2007-1847 (SQL injection vulnerability in viewcat.php in the Repository module fo ...)
 	NOT-FOR-US: Repository module for Xoops
-CVE-2007-1846
+CVE-2007-1846 (SQL injection vulnerability in index.php in the MyAds 2.04jp and earli ...)
 	NOT-FOR-US: MyAds
-CVE-2007-1845
+CVE-2007-1845 (SQL injection vulnerability in show_event.php in the Expanded Calendar ...)
 	NOT-FOR-US: Expanded Calendar module for PHP-Fusion
-CVE-2007-1844
+CVE-2007-1844 (Multiple PHP remote file inclusion vulnerabilities in Aardvark Topsite ...)
 	NOT-FOR-US: Aardvark Topsites
-CVE-2007-1843
+CVE-2007-1843 (PHP remote file inclusion vulnerability in gmapfactory/params.php in M ...)
 	NOT-FOR-US: MapLab
-CVE-2007-1842
+CVE-2007-1842 (Directory traversal vulnerability in login.php in JSBoard before 2.0.1 ...)
 	NOT-FOR-US: JSBoard
-CVE-2007-1841
+CVE-2007-1841 (The isakmp_info_recv function in src/racoon/isakmp_inf.c in racoon in  ...)
 	{DSA-1299-1 DTSA-42-1}
 	- ipsec-tools 1:0.6.6-3.2 (medium; bug #423252)
 	[sarge] - ipsec-tools <not-affected> (the older stream of development used in the sarge package is not vulnerable - a code change that went into that branch coincidentally fixed it and this change was already there in sarge)
 CVE-2007-XXXX [initramfs-tools creates /dev/root world-readable]
 	- initramfs-tools 0.85g (low; bug #417995)
-CVE-2007-1840
+CVE-2007-1840 (lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not es ...)
 	{DSA-1287-1}
 	- ldap-account-manager 1.1.1-2 (medium; bug #415379)
-CVE-2007-1839
+CVE-2007-1839 (Multiple PHP remote file inclusion vulnerabilities in CodeBB 1.1b3 and ...)
 	NOT-FOR-US: CodeBB
-CVE-2007-1838
+CVE-2007-1838 (SQL injection vulnerability in view.php in the Friendfinder 3.3 and ea ...)
 	NOT-FOR-US: Friendfinder module for Xoops
-CVE-2007-1837
+CVE-2007-1837 (Multiple PHP remote file inclusion vulnerabilities in MangoBery CMS 0. ...)
 	NOT-FOR-US: MangoBery CMS
-CVE-2007-1836
+CVE-2007-1836 (The command line administration interface in Data Domain OS before 4.0 ...)
 	NOT-FOR-US: Data Domain OS
-CVE-2007-1835
+CVE-2007-1835 (PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session ...)
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: open_basedir bypasses not supported
-CVE-2007-1834
+CVE-2007-1834 (Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unifi ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1833
+CVE-2007-1833 (The Skinny Call Control Protocol (SCCP) implementation in Cisco Unifie ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1832
+CVE-2007-1832 (web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1831
+CVE-2007-1831 (web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1830
+CVE-2007-1830 (Unspecified vulnerability in the Username Hijacking Patch 20070312 for ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1829
+CVE-2007-1829 (Multiple unspecified vulnerabilities in web-app.net WebAPP have unknow ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1828
+CVE-2007-1828 (Multiple cross-site scripting (XSS) vulnerabilities in web-app.org Web ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1827
+CVE-2007-1827 (Multiple unspecified vulnerabilities in form input validation in web-a ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1826
+CVE-2007-1826 (Unspecified vulnerability in the IPSec Manager Service for Cisco Unifi ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1825
+CVE-2007-1825 (Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2. ...)
 	NOTE: Dupe of CVE-2007-0906; Fixed in DSA-1264, php5 5.2.0-9, php4 6:4.4.4-9
-CVE-2007-1824
+CVE-2007-1824 (Buffer overflow in the php_stream_filter_create function in PHP 5 befo ...)
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-11 (medium)
-CVE-2007-1823
+CVE-2007-1823 (T-Mobile voice mail systems allow remote attackers to retrieve or remo ...)
 	NOT-FOR-US: T-Mobile
-CVE-2007-1822
+CVE-2007-1822 (Alcatel-Lucent Lucent Technologies voice mail systems allow remote att ...)
 	NOT-FOR-US: Alcatel-Lucent
-CVE-2007-1821
+CVE-2007-1821 (Sprint Nextel Sprint voice mail systems allow remote attackers to retr ...)
 	NOT-FOR-US: Sprint Nextel
-CVE-2007-1820
+CVE-2007-1820 (Nortel Networks CallPilot and Meridian Mail voicemail systems, when a  ...)
 	NOT-FOR-US: Nortel Networks
-CVE-2007-1819
+CVE-2007-1819 (Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (S ...)
 	NOT-FOR-US: ActiveX control in TestDirector
-CVE-2007-1818
+CVE-2007-1818 (PHP remote file inclusion vulnerability in MOD_forum_fields_parse.php  ...)
 	NOT-FOR-US: Forum picture and META tags module for phpBB
-CVE-2007-1817
+CVE-2007-1817 (SQL injection vulnerability in index.php in the Lykos Reviews (lykos_r ...)
 	NOT-FOR-US: Lykos Reviews module for Xoops
-CVE-2007-1816
+CVE-2007-1816 (SQL injection vulnerability in viewcat.php in the Tutoriais module for ...)
 	NOT-FOR-US: Tutorials module for Xoops
-CVE-2007-1815
+CVE-2007-1815 (SQL injection vulnerability in viewcat.php in the Library module for X ...)
 	NOT-FOR-US: Library module for Xoops
-CVE-2007-1814
+CVE-2007-1814 (SQL injection vulnerability in viewcat.php in the Core module for Xoop ...)
 	NOT-FOR-US: Core module for Xoops
-CVE-2007-1813
+CVE-2007-1813 (SQL injection vulnerability in display.php in the eCal 2.24 and earlie ...)
 	NOT-FOR-US: eCal module for Xoops
-CVE-2007-1812
+CVE-2007-1812 (PHP remote file inclusion vulnerability in utilitaires/gestion_sondage ...)
 	NOT-FOR-US: BT-Sondage
-CVE-2007-1811
+CVE-2007-1811 (SQL injection vulnerability in index.php in the Tiny Event (tinyevent) ...)
 	NOT-FOR-US: Tiny Event module for Xoops
-CVE-2007-1810
+CVE-2007-1810 (SQL injection vulnerability in product_details.php in the Kshop 1.17 a ...)
 	NOT-FOR-US: Kshop module for Xoops
-CVE-2007-1809
+CVE-2007-1809 (Multiple PHP remote file inclusion vulnerabilities in GraFX Company We ...)
 	NOT-FOR-US: WebSite Builder
-CVE-2007-1808
+CVE-2007-1808 (SQL injection vulnerability in show.php in the Camportail 1.1 and earl ...)
 	NOT-FOR-US: Camportail module for Xoops
-CVE-2007-1807
+CVE-2007-1807 (SQL injection vulnerability in modules/myalbum/viewcat.php in the myAl ...)
 	NOT-FOR-US: myAlbum-P module for Xoops
-CVE-2007-1806
+CVE-2007-1806 (SQL injection vulnerability in categos.php in the RM+Soft Gallery (rmg ...)
 	NOT-FOR-US: RM+Soft Gallery module for Xoops
-CVE-2007-1805
+CVE-2007-1805 (SQL injection vulnerability in genre.php in the debaser 0.92 and earli ...)
 	NOT-FOR-US: debaser module for Xoops
-CVE-2007-1804
+CVE-2007-1804 (PulseAudio 0.9.5 allows remote attackers to cause a denial of service  ...)
 	{DTSA-44-1}
 	- pulseaudio 0.9.6-1 (low)
 	[etch] - pulseaudio <no-dsa> (Minor issue)
-CVE-2007-1803
+CVE-2007-1803 (Unspecified vulnerability in MailDwarf 3.01 and earlier allows remote  ...)
 	NOT-FOR-US: MailDwarf
-CVE-2007-1802
+CVE-2007-1802 (Cross-site scripting (XSS) vulnerability in MailDwarf 3.01 and earlier ...)
 	NOT-FOR-US: MailDwarf
-CVE-2007-1801
+CVE-2007-1801 (Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta  ...)
 	NOT-FOR-US: sBLOG
-CVE-2007-1800
+CVE-2007-1800 (Cisco Secure ACS does not require authentication when Cisco Trust Agen ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1799
+CVE-2007-1799 (Directory traversal vulnerability in torrent.cpp in KTorrent before 2. ...)
 	{DSA-1373-2 DSA-1373-1}
 	- ktorrent 2.1.4.dfsg.1-1 (medium; bug #432007)
-CVE-2007-1798
+CVE-2007-1798 (Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows loc ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-1797
+CVE-2007-1797 (Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote  ...)
 	{DSA-1903-1 DSA-1858-1}
 	- imagemagick 7:6.2.4.5.dfsg1-1 (medium)
 	- graphicsmagick 1.1.7-15 (medium)
-CVE-2007-1796
+CVE-2007-1796 (Multiple unspecified vulnerabilities in JCcorp URLshrink before 1.3.2  ...)
 	NOT-FOR-US: URLshrink
-CVE-2007-1795
+CVE-2007-1795 (JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary PH ...)
 	NOT-FOR-US: URLshrink
-CVE-2007-1794
+CVE-2007-1794 (The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9,  ...)
 	NOTE: Duplicate of CVE-2006-3805
-CVE-2007-1793
+CVE-2007-1793 (SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9. ...)
 	NOT-FOR-US: Symantec Norton Personal Firewall
-CVE-2007-1792
+CVE-2007-1792 (libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec  ...)
 	NOT-FOR-US: Symantec Mail Security
-CVE-2007-1791
+CVE-2007-1791 (SQL injection vulnerability in wall.php in Picture-Engine 1.2.0 and ea ...)
 	NOT-FOR-US: Picture-Engine
-CVE-2007-1790
+CVE-2007-1790 (Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction So ...)
 	NOT-FOR-US: Kaqoo Auction Software
-CVE-2007-1789
+CVE-2007-1789 (Flyspray 0.9.9 allows remote attackers to obtain sensitive information ...)
 	- flyspray <not-affected> (Code was introduced in 0.9.9, not sensitive anyway)
-CVE-2007-1788
+CVE-2007-1788 (Flyspray 0.9.9, when output_buffering is disabled or "set to a low val ...)
 	- flyspray 0.9.8-10 (medium)
 	[sarge] - flyspray <not-affected> (Vulnerable code not present)
-CVE-2007-1787
+CVE-2007-1787 (Multiple PHP remote file inclusion vulnerabilities in lib/timesheet.cl ...)
 	NOT-FOR-US: Time-Assistant
-CVE-2007-1786
+CVE-2007-1786 (SQL injection vulnerability in Hitachi Collaboration - Online Communit ...)
 	NOT-FOR-US: Hitachi Collaboration
-CVE-2007-1785
+CVE-2007-1785 (The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5  ...)
 	NOT-FOR-US: CA BrightStor ARCserve Backup
-CVE-2007-1784
+CVE-2007-1784 (The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus  ...)
 	NOT-FOR-US: JNILoader ActiveX control
 CVE-2007-1783
 	REJECTED
@@ -11829,49 +11829,49 @@ CVE-2007-XXXX [double-free vulnerability in the Real Media demuxer]
 CVE-2007-XXXX [various crashes and infinite loops in ffmpeg]
 	- ffmpeg 0.cvs20060823-8 (low; bug #407003)
 	- xmovie <removed>
-CVE-2007-1782
+CVE-2007-1782 (CruiseWorks 1.09e and earlier does not properly restrict user access t ...)
 	NOT-FOR-US: CruiseWorks
-CVE-2007-1781
+CVE-2007-1781 (Minna De Office 1.x and 2.x does not properly restrict user access to  ...)
 	NOT-FOR-US: Minna De Office
-CVE-2007-1780
+CVE-2007-1780 (Cross-site scripting (XSS) vulnerability in the DHT shell (owdhtshell) ...)
 	NOT-FOR-US: Overlay Weaver
-CVE-2007-1779
+CVE-2007-1779 (Multiple SQL injection vulnerabilities in the MySQL back-end in Advanc ...)
 	NOT-FOR-US: Advanced Website Creator
-CVE-2007-1778
+CVE-2007-1778 (PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuk ...)
 	NOT-FOR-US: Eve-Nuke
-CVE-2007-1777
+CVE-2007-1777 (Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5  ...)
 	{DSA-1283-1 DSA-1282-1 DTSA-39-1 DTSA-40-1}
 	- php4 6:4.4.6-1 (medium)
 	- php5 5.2.0-11 (medium)
-CVE-2007-1776
+CVE-2007-1776 (SQL injection vulnerability in index.php in the DesignForJoomla.com D4 ...)
 	NOT-FOR-US: D4J eZine
-CVE-2007-1775
+CVE-2007-1775 (Unrestricted file upload vulnerability in upload.php3 in JBrowser 2.4  ...)
 	NOT-FOR-US: JBrowser
-CVE-2007-1774
+CVE-2007-1774 (Multiple cross-site scripting (XSS) vulnerabilities in aBitWhizzy allo ...)
 	NOT-FOR-US: aBitWhizzy
-CVE-2007-1773
+CVE-2007-1773 (Multiple directory traversal vulnerabilities in aBitWhizzy allow remot ...)
 	NOT-FOR-US: aBitWhizzy
-CVE-2007-1772
+CVE-2007-1772 (The FTP service in HP JetDirect print servers allows remote attackers  ...)
 	NOT-FOR-US: HP JetDirect
-CVE-2007-1771
+CVE-2007-1771 (PHP remote file inclusion vulnerability in manage/javascript/formjavas ...)
 	NOT-FOR-US: Ay System Solutions Web Content System
-CVE-2007-1770
+CVE-2007-1770 (Buffer overflow in the ArcSDE service (giomgr) in Environmental System ...)
 	NOT-FOR-US: ArcSDE
 CVE-2007-1769
 	REJECTED
-CVE-2007-1768
+CVE-2007-1768 (Cross-site scripting (XSS) vulnerability in app/helpers/application_he ...)
 	NOT-FOR-US: Mephisto
-CVE-2007-1767
+CVE-2007-1767 (Unspecified vulnerability in (1) Deskbar.dll and (2) Toolbar.dll in AO ...)
 	NOT-FOR-US: AOL
-CVE-2007-1766
+CVE-2007-1766 (PHP remote file inclusion vulnerability in login/engine/db/profiledit. ...)
 	NOT-FOR-US: Advanced Login
-CVE-2007-1765
+CVE-2007-1765 (Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1764
+CVE-2007-1764 (Stack-based buffer overflow in FastStone Image Viewer 2.8 allows user- ...)
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2007-1763
+CVE-2007-1763 (The ATI kernel driver (atikmdag.sys) in Microsoft Windows Vista allows ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1762
+CVE-2007-1762 (Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs bef ...)
 	- iceweasel 3.0.1-1 (unimportant; bug #445515)
 	NOTE: I don't believe this has relevant security impact, such a black list
 	NOTE: will register URLs found in the wild and the used adresses will be
@@ -11886,139 +11886,139 @@ CVE-2007-1758
 	REJECTED
 CVE-2007-1757
 	REJECTED
-CVE-2007-1756
+CVE-2007-1756 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office  ...)
 	NOT-FOR-US: Microsoft Excel
 CVE-2007-1755
 	REJECTED
-CVE-2007-1754
+CVE-2007-1754 (PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2007-1753
 	REJECTED
 CVE-2007-1752
 	REJECTED
-CVE-2007-1751
+CVE-2007-1751 (Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1750
+CVE-2007-1750 (Unspecified vulnerability in Microsoft Internet Explorer 6 allows remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1749
+CVE-2007-1749 (Integer underflow in the CDownloadSink class code in the Vector Markup ...)
 	NOT-FOR-US: Vector Markup Language
-CVE-2007-1748
+CVE-2007-1748 (Stack-based buffer overflow in the RPC interface in the Domain Name Sy ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1747
+CVE-2007-1747 (Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 200 ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2007-1746
 	RESERVED
-CVE-2007-1745
+CVE-2007-1745 (The chm_decompress_stream function in libclamav/chmunpack.c in Clam An ...)
 	{DSA-1281-1 DTSA-37-1}
 	- clamav 0.90.2-1 (high)
-CVE-2007-1744
+CVE-2007-1744 (Directory traversal vulnerability in the Shared Folders feature for VM ...)
 	NOT-FOR-US: VMware
-CVE-2007-1743
+CVE-2007-1743 (suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ...)
 	- apache2 <unfixed> (unimportant)
-CVE-2007-1742
+CVE-2007-1742 (suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison f ...)
 	- apache2 2.2.8-5 (unimportant)
-CVE-2007-1741
+CVE-2007-1741 (Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 ...)
 	- apache2 2.2.8-5 (unimportant)
 CVE-2007-1740
 	REJECTED
-CVE-2007-1739
+CVE-2007-1739 (Heap-based buffer overflow in the LDAP server in IBM Lotus Domino befo ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-1738
+CVE-2007-1738 (TrueCrypt 4.3, when installed setuid root, allows local users to cause ...)
 	NOT-FOR-US: TrueCrypt
-CVE-2007-1737
+CVE-2007-1737 (Opera 9.10 does not check URLs embedded in (1) object or (2) iframe HT ...)
 	NOT-FOR-US: Opera
-CVE-2007-1736
+CVE-2007-1736 (Mozilla Firefox 2.0.0.3 does not check URLs embedded in (1) object or  ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: I don't believe this has relevant security impact, such a black list
 	NOTE: will register URLs found in the wild and the used adresses will be
 	NOTE: volatile anyway
-CVE-2007-1735
+CVE-2007-1735 (Stack-based buffer overflow in Corel WordPerfect Office X3 (13.0.0.565 ...)
 	NOT-FOR-US: Corel WordPerfect
-CVE-2007-1734
+CVE-2007-1734 (The DCCP support in the do_dccp_getsockopt function in net/dccp/proto. ...)
 	- linux-2.6 2.6.20-1 (medium; bug #420875)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2007-1733
+CVE-2007-1733 (Buffer overflow in InterVations NaviCOPA HTTP Server 2.01 allows remot ...)
 	NOT-FOR-US: NaviCOPA HTTP Server
 CVE-2007-1732
 	- wordpress 2.1.3-1 (unimportant)
 	NOTE: Administrators can post full HTML, that is a feature. Rightly disputed.
-CVE-2007-1731
+CVE-2007-1731 (Multiple stack-based buffer overflows in High Performance Anonymous FT ...)
 	NOT-FOR-US: hpaftpd
-CVE-2007-1730
+CVE-2007-1730 (Integer signedness error in the DCCP support in the do_dccp_getsockopt ...)
 	- linux-2.6 2.6.21-1 (medium)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2007-1729
+CVE-2007-1729 (SQL injection vulnerability in includes/start.php in Flexbb 1.0.0 1000 ...)
 	NOT-FOR-US: Flexbb
-CVE-2007-1728
+CVE-2007-1728 (The Remote Play feature in Sony Playstation 3 (PS3) 1.60 and Playstati ...)
 	NOT-FOR-US: Sony Playstation 3
-CVE-2007-1727
+CVE-2007-1727 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: HP OpenView
-CVE-2007-1726
+CVE-2007-1726 (Unrestricted file upload vulnerability in index.php in IceBB 1.0-rc5 a ...)
 	NOT-FOR-US: IceBB
-CVE-2007-1725
+CVE-2007-1725 (SQL injection vulnerability in index.php in IceBB 1.0-rc5 allows remot ...)
 	NOT-FOR-US: IceBB
-CVE-2007-1724
+CVE-2007-1724 (Unspecified vulnerability in ReactOS 0.3.1 has unknown impact and atta ...)
 	NOT-FOR-US: ReactOS
-CVE-2007-1723
+CVE-2007-1723 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: IronMail
-CVE-2007-1722
+CVE-2007-1722 (Buffer overflow in the DownloadCertificateExt function in SignKorea SK ...)
 	NOT-FOR-US: SKCommAX ActiveX control
-CVE-2007-1721
+CVE-2007-1721 (Multiple PHP remote file inclusion vulnerabilities in C-Arbre 0.6PR7 a ...)
 	NOT-FOR-US: C-Arbre
-CVE-2007-1720
+CVE-2007-1720 (Directory traversal vulnerability in addressbook.php in the Addressboo ...)
 	NOT-FOR-US: Addressbook 1.2 module for PHP-Nuke
-CVE-2007-1719
+CVE-2007-1719 (Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD,  ...)
 	NOT-FOR-US: mcweject
-CVE-2007-1718
+CVE-2007-1718 (CRLF injection vulnerability in the mail function in PHP 4.0.0 through ...)
 	{DSA-1283-1 DSA-1282-1 DTSA-39-1 DTSA-40-1}
 	- php4 <removed> (medium)
 	[sarge] - php4 <not-affected> (Vulnerable code not present)
 	- php5 5.2.0-11 (medium)
-CVE-2007-1717
+CVE-2007-1717 (The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 t ...)
 	- php4 6:4.4.6-2 (unimportant)
 	- php5 5.2.2-1 (unimportant)
 	NOTE: This is a regular bug, not a security problem
-CVE-2007-1716
+CVE-2007-1716 (pam_console does not properly restore ownership for certain console de ...)
 	NOT-FOR-US: pam_console
-CVE-2007-1715
+CVE-2007-1715 (PHP remote file inclusion vulnerability in frontpage.php in Free Image ...)
 	NOT-FOR-US: Free Image Hosting
-CVE-2007-1714
+CVE-2007-1714 (Cross-site scripting (XSS) vulnerability in index.php in CcCounter 2.0 ...)
 	NOT-FOR-US: CcCounter
-CVE-2007-1713
+CVE-2007-1713 (CRLF injection vulnerability in BSMTP.DLL in B21Soft BASP21 2003.0211, ...)
 	NOT-FOR-US: BASP21
-CVE-2007-1712
+CVE-2007-1712 (SQL injection vulnerability in default.asp in ActiveWebSoftwares Activ ...)
 	NOT-FOR-US: Active Auction Pro
-CVE-2007-1711
+CVE-2007-1711 (Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 a ...)
 	{DSA-1283-1 DSA-1282-1}
 	- php4 6:4.4.6-2
 	- php5 5.2.0-9
 	NOTE: register_globals not supported
-CVE-2007-1710
+CVE-2007-1710 (The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-de ...)
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: Safe mode violations not supported, insufficient measure
-CVE-2007-1709
+CVE-2007-1709 (Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC  ...)
 	NOT-FOR-US: PECL phpDOC
-CVE-2007-1708
+CVE-2007-1708 (PHP remote file inclusion vulnerability in lib/db/ez_sql.php in ttCMS  ...)
 	NOT-FOR-US: ttCMS
-CVE-2007-1707
+CVE-2007-1707 (PHP remote file inclusion vulnerability in index.php in Net Side Conte ...)
 	NOT-FOR-US: Net-Side.net CMS
-CVE-2007-1706
+CVE-2007-1706 (SQL injection vulnerability in eWebQuiz.asp in eWebQuiz 8 allows remot ...)
 	NOT-FOR-US: eWebQuiz
-CVE-2007-1705
+CVE-2007-1705 (SQL injection vulnerability in default.asp in Active Trade 2 allows re ...)
 	NOT-FOR-US: Active Trade
-CVE-2007-1704
+CVE-2007-1704 (SQL injection vulnerability in index.php in the Car Manager (com_resma ...)
 	NOT-FOR-US: Joomla module Car Manager
-CVE-2007-1703
+CVE-2007-1703 (SQL injection vulnerability in index.php in the RWCards (com_rwcards)  ...)
 	NOT-FOR-US: Joomla module RWCards
-CVE-2007-1702
+CVE-2007-1702 (PHP remote file inclusion vulnerability in mod_flatmenu.php in the Fla ...)
 	NOT-FOR-US: Flatmenu
-CVE-2007-1701
+CVE-2007-1701 (PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is e ...)
 	- php5 5.2.0-9 (unimportant)
 	- php4 6:4.4.4-9 (unimportant)
 	NOTE: register_globals not supported
 	NOTE: Dupe of CVE-2007-0910
-CVE-2007-1700
+CVE-2007-1700 (The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, c ...)
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-9
 	- php4 6:4.4.4-9
@@ -12028,331 +12028,331 @@ CVE-2007-1700
 	NOTE: This was fixed as a side-effect of previous security fixes, noting the
 	NOTE: status as of DSA-1286 as fixed version. likewise the oldstable
 	NOTE: version was fixed.
-CVE-2007-1699
+CVE-2007-1699 (Multiple PHP remote file inclusion vulnerabilities in the SWmenu (com_ ...)
 	NOT-FOR-US: Mambo module SWmenu
-CVE-2007-1698
+CVE-2007-1698 (download.php in Philex 0.2.3 and earlier allows remote attackers to re ...)
 	NOT-FOR-US: Philex
-CVE-2007-1697
+CVE-2007-1697 (PHP remote file inclusion vulnerability in header.inc.php in Philex 0. ...)
 	NOT-FOR-US: Philex
-CVE-2007-1696
+CVE-2007-1696 (SQL injection vulnerability in ViewNewspapers.asp in Active Newsletter ...)
 	NOT-FOR-US: Active Newsletter
 CVE-2007-1695
 	- phpbb2 <not-affected> (requires register_globals to exploit)
 	NOTE: Vulnerability is disputed, but is a non-issue anyway.
 CVE-2007-1694
 	RESERVED
-CVE-2007-1693
+CVE-2007-1693 (The SIP channel module in Yet Another Telephony Engine (Yate) before 1 ...)
 	- yate 1.2.0-1.dfsg-1 (low; bug #421994)
 	[etch] - yate <no-dsa> (Minor issue, fringe application)
-CVE-2007-1692
+CVE-2007-1692 (The default configuration of Microsoft Windows uses the Web Proxy Auto ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1691
+CVE-2007-1691 (Stack-based buffer overflow in Second Sight Software ActiveMod ActiveX ...)
 	NOT-FOR-US: Second Sight Software
-CVE-2007-1690
+CVE-2007-1690 (Multiple stack-based buffer overflows in Second Sight Software ActiveG ...)
 	NOT-FOR-US: Second Sight Software
-CVE-2007-1689
+CVE-2007-1689 (Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL  ...)
 	NOT-FOR-US: Norton
-CVE-2007-1688
+CVE-2007-1688 (Buffer overflow in the PhPInfo ActiveX control in PhPCtrl.dll in Calli ...)
 	NOT-FOR-US: PhPInfo ActiveX control
-CVE-2007-1687
+CVE-2007-1687 (Multiple buffer overflows in the Internet Pictures Corporation iPIX Im ...)
 	NOT-FOR-US: iPIX Image Well ActiveX control
 CVE-2007-1686
 	RESERVED
-CVE-2007-1685
+CVE-2007-1685 (Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36,  ...)
 	NOT-FOR-US: BlueCoat
-CVE-2007-1684
+CVE-2007-1684 (The Run function in SolidWorks sldimdownload ActiveX control in sldimd ...)
 	NOT-FOR-US: sldimdownload ActiveX control
-CVE-2007-1683
+CVE-2007-1683 (Stack-based buffer overflow in the DoWebMenuAction function in the Inc ...)
 	NOT-FOR-US: IncrediMail
-CVE-2007-1682
+CVE-2007-1682 (Multiple stack-based buffer overflows in the FileManager ActiveX contr ...)
 	NOT-FOR-US: FileManager ActiveX
-CVE-2007-1681
+CVE-2007-1681 (Format string vulnerability in libwebconsole_services.so in Sun Java W ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-1680
+CVE-2007-1680 (Stack-based buffer overflow in the createAndJoinConference function in ...)
 	NOT-FOR-US: AudioConf ActiveX control
 CVE-2007-1679
 	NOTE: Allegedly a duplicate of CVE-2006-4255.
 	NOTE: The other issue needs a CSRF attack to exploit.
-CVE-2007-1678
+CVE-2007-1678 (Cross-site scripting (XSS) vulnerability in the Fizzle 0.5 extension f ...)
 	NOT-FOR-US: Fizzle 0.5 extension for Firefox
-CVE-2007-1677
+CVE-2007-1677 (Multiple buffer overflows in the ISO network protocol support in the N ...)
 	NOT-FOR-US: NetBSD
 CVE-2007-1676
 	RESERVED
-CVE-2007-1675
+CVE-2007-1675 (Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP s ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-1674
+CVE-2007-1674 (Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LAN ...)
 	NOT-FOR-US: LANDesk Management Suite
-CVE-2007-1673
+CVE-2007-1673 (unzoo.c, as used in multiple products including AMaViS 2.4.1 and earli ...)
 	[sarge] - zoo <no-dsa> (Minor issue)
 	[etch] - zoo <no-dsa> (Minor issue)
 	- zoo 2.10-19 (bug #424686)
 	- unzoo 4.4-7 (bug #424690)
 	[sarge] - unzoo <no-dsa> (Minor issue)
 	[etch] - unzoo <no-dsa> (Minor issue)
-CVE-2007-1672
+CVE-2007-1672 (avast! antivirus before 4.7.981 allows remote attackers to cause a den ...)
 	NOT-FOR-US: avast
-CVE-2007-1671
+CVE-2007-1671 (avpack32.dll before 7.3.0.6 in Avira AntiVir allows remote attackers t ...)
 	NOT-FOR-US: Avira
-CVE-2007-1670
+CVE-2007-1670 (Panda Software Antivirus before 20070402 allows remote attackers to ca ...)
 	NOT-FOR-US: Panda
-CVE-2007-1669
+CVE-2007-1669 (zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1 ...)
 	NOT-FOR-US: Barracuda
 CVE-2007-1668
 	RESERVED
-CVE-2007-1666
+CVE-2007-1666 (The processor_request function in the debugger server for DataRescue I ...)
 	NOT-FOR-US: IDA Pro
-CVE-2007-1665
+CVE-2007-1665 (Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1et ...)
 	{DSA-1318-1}
 	- ekg 1:1.7~rc2-2 (low)
 	[sarge] - ekg <not-affected> (Vulnerable code not present)
-CVE-2007-1664
+CVE-2007-1664 (ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote att ...)
 	{DSA-1318-1}
 	- ekg 1:1.7~rc2-2 (low)
 	[sarge] - ekg <not-affected> (Vulnerable code not present)
-CVE-2007-1663
+CVE-2007-1663 (Memory leak in the image message functionality in ekg before 1:1.7~rc2 ...)
 	{DSA-1318-1}
 	- ekg 1:1.7~rc2-2 (low)
 	[sarge] - ekg <not-affected> (Vulnerable code not present)
-CVE-2007-1662
+CVE-2007-1662 (Perl-Compatible Regular Expression (PCRE) library before 7.3 reads pas ...)
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-1661
+CVE-2007-1661 (Perl-Compatible Regular Expression (PCRE) library before 7.3 backtrack ...)
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-1660
+CVE-2007-1660 (Perl-Compatible Regular Expression (PCRE) library before 7.0 does not  ...)
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- pcre3 7.3-1
 	- kazehakase 0.5.2-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-1659
+CVE-2007-1659 (Perl-Compatible Regular Expression (PCRE) library before 7.3 allows co ...)
 	{DSA-1570-1 DSA-1399-1 DTSA-77-1}
 	- kazehakase 0.5.2-1
 	- pcre3 7.3-1
 	- glib2.0 2.14.3-1 (unimportant)
 	NOTE: glib only embeds pcre in the udeb, no attack vector
-CVE-2007-1658
+CVE-2007-1658 (Windows Mail in Microsoft Windows Vista might allow user-assisted remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1657
+CVE-2007-1657 (Stack-based buffer overflow in the file_compress function in minigzip  ...)
 	- python2.5 <not-affected> (does not build minigzip.c)
-CVE-2007-1656
+CVE-2007-1656 (Multiple SQL injection vulnerabilities in index.php in Katalog Plyt Au ...)
 	NOT-FOR-US: Plyt Audio
-CVE-2007-1655
+CVE-2007-1655 (Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX bef ...)
 	{DSA-1317-1}
 	- tinymux 2.4.3.31-1.1 (bug #417539)
-CVE-2007-1654
+CVE-2007-1654 (Buffer overflow in the Ne7sshSftp::addOpenHandle function in ne7ssh_sf ...)
 	NOT-FOR-US: ne7ssh
-CVE-2007-1653
+CVE-2007-1653 (GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: GlowWorm FW
-CVE-2007-1652
+CVE-2007-1652 (OpenID allows remote attackers to forcibly log a user into an OpenID e ...)
 	NOT-FOR-US: MyOpenID.com
-CVE-2007-1651
+CVE-2007-1651 (Cross-site request forgery (CSRF) vulnerability in OpenID allows remot ...)
 	NOT-FOR-US: MyOpenID.com
-CVE-2007-1650
+CVE-2007-1650 (pcapsipdump.cpp in pcapsipdump before 0.1.3 allows remote attackers to ...)
 	NOT-FOR-US: pcapsipdump
-CVE-2007-1649
+CVE-2007-1649 (PHP 5.2.1 allows context-dependent attackers to read portions of heap  ...)
 	- php5 5.2.2-1
 	[etch] - php5 <not-affected> (Only affects PHP 5.2.1)
-CVE-2007-1648
+CVE-2007-1648 (0irc 1345 build 20060823 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: 0irc
-CVE-2007-1647
+CVE-2007-1647 (Moodle 1.5.2 and earlier stores sensitive information under the web ro ...)
 	- moodle 1.5.3-1 (low)
-CVE-2007-1646
+CVE-2007-1646 (Multiple cross-site scripting (XSS) vulnerabilities in SubHub 2.3.0 al ...)
 	NOT-FOR-US: SubHub
-CVE-2007-1645
+CVE-2007-1645 (Buffer overflow in FutureSoft TFTP Server 2000 on Microsoft Windows 20 ...)
 	NOT-FOR-US: FutureSoft TFTP Server
-CVE-2007-1644
+CVE-2007-1644 (The dynamic DNS update mechanism in the DNS Server service on Microsof ...)
 	NOT-FOR-US: Microsoft DNS Server
-CVE-2007-1643
+CVE-2007-1643 (Multiple PHP remote file inclusion vulnerabilities in LAN Management S ...)
 	NOT-FOR-US: LAN Management System
-CVE-2007-1642
+CVE-2007-1642 (Unspecified vulnerability in ManageEngine Firewall Analyzer allows rem ...)
 	NOT-FOR-US: ManageEngine Firewall Analyzer
-CVE-2007-1641
+CVE-2007-1641 (SQL injection vulnerability in index.php in PortailPHP 2.0 allows remo ...)
 	NOT-FOR-US: PortailPHP
-CVE-2007-1640
+CVE-2007-1640 (Multiple PHP remote file inclusion vulnerabilities in ClassWeb 2.03 an ...)
 	NOT-FOR-US: ClassWeb
-CVE-2007-1639
+CVE-2007-1639 (Unrestricted file upload vulnerability in PHProjekt 5.2.0, when magic_ ...)
 	NOT-FOR-US: PHProjekt
-CVE-2007-1638
+CVE-2007-1638 (Multiple cross-site request forgery (CSRF) vulnerabilities in the chec ...)
 	NOT-FOR-US: PHProjekt
-CVE-2007-1637
+CVE-2007-1637 (Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI ...)
 	NOT-FOR-US: IMAILAPILib ActiveX control
-CVE-2007-1636
+CVE-2007-1636 (Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 a ...)
 	NOT-FOR-US: RoseOnlineCMS
-CVE-2007-1635
+CVE-2007-1635 (Static code injection vulnerability in admin/settings.php in Net Porta ...)
 	NOT-FOR-US: Net Portal Dynamic System
-CVE-2007-1634
+CVE-2007-1634 (Variable extraction vulnerability in grab_globals.php in Net Portal Dy ...)
 	NOT-FOR-US: Net Portal Dynamic System
-CVE-2007-1633
+CVE-2007-1633 (Directory traversal vulnerability in bbcode_ref.php in the Giorgio Cir ...)
 	NOT-FOR-US: Splatt Forum
-CVE-2007-1632
+CVE-2007-1632 (Unspecified vulnerability in TYPOlight webCMS before 2.2 Build 5 has u ...)
 	NOT-FOR-US: webCMS
 CVE-2007-1631
 	NOT-FOR-US: CLBOX
-CVE-2007-1630
+CVE-2007-1630 (SQL injection vulnerability in default.asp in ActiveWebSoftwares Activ ...)
 	NOT-FOR-US: Active Link Engine
-CVE-2007-1629
+CVE-2007-1629 (SQL injection vulnerability in default.asp in ActiveWebSoftwares Activ ...)
 	NOT-FOR-US: Active Photo Gallery
-CVE-2007-1628
+CVE-2007-1628 (Multiple PHP remote file inclusion vulnerabilities in Study planner (S ...)
 	NOT-FOR-US: Study planner
 CVE-2007-1627
 	REJECTED
-CVE-2007-1626
+CVE-2007-1626 (PHP remote file inclusion vulnerability in iframe.php in the iFrame Mo ...)
 	NOT-FOR-US: iFrame Module for PHP-NUKE
-CVE-2007-1625
+CVE-2007-1625 (Cross-site scripting (XSS) vulnerability in save_entry.php in realGues ...)
 	NOT-FOR-US: realGuestbook
-CVE-2007-1624
+CVE-2007-1624 (Multiple SQL injection vulnerabilities in realGuestbook 5.01 allow rem ...)
 	NOT-FOR-US: realGuestbook
-CVE-2007-1623
+CVE-2007-1623 (Multiple cross-site scripting (XSS) vulnerabilities in realGuestbook 5 ...)
 	NOT-FOR-US: realGuestbook
-CVE-2007-1622
+CVE-2007-1622 (Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordP ...)
 	{DSA-1285-1}
 	- wordpress 2.1.3-1 (medium)
-CVE-2007-1621
+CVE-2007-1621 (PHP remote file inclusion vulnerability in templates/head.php in Activ ...)
 	NOT-FOR-US: Active PHP Bookmark Notes
-CVE-2007-1620
+CVE-2007-1620 (Multiple PHP remote file inclusion vulnerabilities in PHP DB Designer  ...)
 	NOT-FOR-US: PHP DB Designer
-CVE-2007-1619
+CVE-2007-1619 (SQL injection vulnerability in viewcomments.php in ScriptMagix Photo R ...)
 	NOT-FOR-US: ScriptMagix
-CVE-2007-1618
+CVE-2007-1618 (SQL injection vulnerability in index.php in ScriptMagix FAQ Builder 2. ...)
 	NOT-FOR-US: ScriptMagix
-CVE-2007-1617
+CVE-2007-1617 (SQL injection vulnerability in index.php in ScriptMagix Recipes 2.0 an ...)
 	NOT-FOR-US: ScriptMagix
-CVE-2007-1616
+CVE-2007-1616 (SQL injection vulnerability in index.php in ScriptMagix Lyrics 2.0 and ...)
 	NOT-FOR-US: ScriptMagix
-CVE-2007-1615
+CVE-2007-1615 (SQL injection vulnerability in index.php in ScriptMagix Jokes 2.0 and  ...)
 	NOT-FOR-US: ScriptMagix
-CVE-2007-1614
+CVE-2007-1614 (Stack-based buffer overflow in the zzip_open_shared_io function in zzi ...)
 	{DTSA-56-1}
 	- zziplib 0.13.49-0 (bug #436701; low)
 	[etch] - zziplib <no-dsa> (Minor issue)
 	NOTE: http://www.securitylab.ru/forum/read.php?FID=21&TID=40858&MID=326187#message326187
 	NOTE: If an attacker can supply arbitrary file names, we likely suffer from
 	NOTE: an information disclosure issue anyway.
-CVE-2007-1613
+CVE-2007-1613 (Directory traversal vulnerability in view.php in MPM Chat 2.5 allows r ...)
 	NOT-FOR-US: MPM Chat
-CVE-2007-1612
+CVE-2007-1612 (SQL injection vulnerability in index.php in Katalog Plyt Audio 1.0 and ...)
 	NOT-FOR-US: Plyt Audio
-CVE-2007-1611
+CVE-2007-1611 (Cross-site scripting (XSS) vulnerability in the RSS reader in a certai ...)
 	NOT-FOR-US: IKANARI JIJYOU
-CVE-2007-1610
+CVE-2007-1610 (Cross-site scripting (XSS) vulnerability in the RSS reader in Glue Sof ...)
 	NOT-FOR-US: NewsGlue
-CVE-2007-1609
+CVE-2007-1609 (Cross-site scripting (XSS) vulnerability in servlet/Spy in Dynamic Mon ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2007-1608
+CVE-2007-1608 (CRLF injection vulnerability in IBM WebSphere Application Server (WAS) ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2007-1607
+CVE-2007-1607 (search.php in w-Agora (Web-Agora) allows remote attackers to obtain po ...)
 	NOT-FOR-US: Web-Agora
-CVE-2007-1606
+CVE-2007-1606 (Multiple cross-site scripting (XSS) vulnerabilities in w-Agora (Web-Ag ...)
 	NOT-FOR-US: Web-Agora
-CVE-2007-1605
+CVE-2007-1605 (w-Agora (Web-Agora) allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: Web-Agora
-CVE-2007-1604
+CVE-2007-1604 (Multiple unrestricted file upload vulnerabilities in w-Agora (Web-Agor ...)
 	NOT-FOR-US: Web-Agora
-CVE-2007-1603
+CVE-2007-1603 (admin/contest.php in Weekly Drawing Contest 0.0.1 allows remote attack ...)
 	NOT-FOR-US: Weekly Drawing Contest
-CVE-2007-1602
+CVE-2007-1602 (SQL injection vulnerability in check_vote.php in Weekly Drawing Contes ...)
 	NOT-FOR-US: Weekly Drawing Contest
 CVE-2007-1601
 	NOT-FOR-US: Weekly Drawing Contest
-CVE-2007-1600
+CVE-2007-1600 (PHP remote file inclusion vulnerability in module.php in Digital Eye G ...)
 	NOT-FOR-US: Digital Eye Gallery
-CVE-2007-1599
+CVE-2007-1599 (wp-login.php in WordPress allows remote attackers to redirect authenti ...)
 	{DSA-1601-1}
 	- wordpress 2.2.2-1 (bug #437085; low)
-CVE-2007-1598
+CVE-2007-1598 (Stack-based buffer overflow in InterVations FileCOPA FTP Server 1.01 a ...)
 	NOT-FOR-US: FileCOPA FTP
-CVE-2007-1597
+CVE-2007-1597 (Unclassified NewsBoard 1.6.3 stores sensitive information under the we ...)
 	NOT-FOR-US: Unclassified NewsBoard
-CVE-2007-1596
+CVE-2007-1596 (Multiple PHP remote file inclusion vulnerabilities in the NFN Address  ...)
 	NOT-FOR-US: NFN Address Book
-CVE-2007-1595
+CVE-2007-1595 (The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk doe ...)
 	- asterisk 1:1.4.0~dfsg-1 (low)
 	[etch] - asterisk <not-affected> (Only affects 1.4.x)
 	[sarge] - asterisk <not-affected> (Only affects 1.4.x)
-CVE-2007-1593
+CVE-2007-1593 (The administrative service in Symantec Veritas Volume Replicator (VVR) ...)
 	NOT-FOR-US: Symantec
-CVE-2007-1592
+CVE-2007-1592 (net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertent ...)
 	{DSA-1503-2 DSA-1503-1 DSA-1304 DSA-1286-1}
 	- linux-2.6 2.6.20-1 (medium)
-CVE-2007-1591
+CVE-2007-1591 (VsapiNT.sys in the Scan Engine 8.0 for Trend Micro AntiVirus 14.10.104 ...)
 	NOT-FOR-US: Trend Micro
-CVE-2007-1590
+CVE-2007-1590 (The Grandstream BudgeTone 200 IP phone, with program 1.1.1.14 and boot ...)
 	NOT-FOR-US: Grandstream
-CVE-2007-1589
+CVE-2007-1589 (TrueCrypt before 4.3, when set-euid mode is used on Linux, allows loca ...)
 	NOT-FOR-US: Truecrypt
-CVE-2007-1588
+CVE-2007-1588 (server.cpp in MyServer 0.8.5 calls Process::setuid before calling Proc ...)
 	NOT-FOR-US: MyServer
-CVE-2007-1587
+CVE-2007-1587 (templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remo ...)
 	NOT-FOR-US: StatsDawg
-CVE-2007-1586
+CVE-2007-1586 (ZynOS 3.40 allows remote attackers to cause a denial of service (link  ...)
 	NOT-FOR-US: Zyxel
-CVE-2007-1585
+CVE-2007-1585 (The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware 1.0 ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1584
+CVE-2007-1584 (Buffer underflow in the header function in PHP 5.2.0 allows context-de ...)
 	NOTE: Dupe of CVE-2007-0907; Fixed in DSA-1264, php5 5.2.0-9, php4 6:4.4.4-9
-CVE-2007-1583
+CVE-2007-1583 (The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through ...)
 	{DSA-1283-1 DSA-1282-1 DTSA-39-1 DTSA-40-1}
 	- php5 5.2.0-11 (medium)
 	- php4 <removed> (medium)
-CVE-2007-1582
+CVE-2007-1582 (The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 ...)
 	- php5 <removed> (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: Only triggerable by malicious script
-CVE-2007-1581
+CVE-2007-1581 (The resource system in PHP 5.0.0 through 5.2.1 allows context-dependen ...)
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable by malicious script
-CVE-2007-1580
+CVE-2007-1580 (FTPDMIN 0.96 allows remote attackers to cause a denial of service (dae ...)
 	NOT-FOR-US: FTPDMIN
-CVE-2007-1579
+CVE-2007-1579 (Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attac ...)
 	NOT-FOR-US: MERCUR IMAPD
-CVE-2007-1578
+CVE-2007-1578 (Multiple integer signedness errors in the NTLM implementation in Atriu ...)
 	NOT-FOR-US: MERCUR IMAPD
-CVE-2007-1577
+CVE-2007-1577 (Directory traversal vulnerability in index.php in GeBlog 0.1 allows re ...)
 	NOT-FOR-US: GeBlog
-CVE-2007-1576
+CVE-2007-1576 (Multiple cross-site scripting (XSS) vulnerabilities in PHProjekt 5.2.0 ...)
 	NOT-FOR-US: PHProjekt
-CVE-2007-1575
+CVE-2007-1575 (Multiple SQL injection vulnerabilities in PHProjekt 5.2.0, when magic_ ...)
 	NOT-FOR-US: PHProjekt
-CVE-2007-1574
+CVE-2007-1574 (CARE2X 2.2, and possibly earlier, allows remote attackers to obtain co ...)
 	NOT-FOR-US: CARE2X
-CVE-2007-1573
+CVE-2007-1573 (SQL injection vulnerability in admincp/attachment.php in Jelsoft vBull ...)
 	NOT-FOR-US: vBulletin
-CVE-2007-1572
+CVE-2007-1572 (SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 and earl ...)
 	NOT-FOR-US: JGBBS
-CVE-2007-1571
+CVE-2007-1571 (PHP remote file inclusion vulnerability in includes/base.php in Radica ...)
 	NOT-FOR-US: Activist Mobilization Platform
 CVE-2007-1570
 	REJECTED
-CVE-2007-1569
+CVE-2007-1569 (Stack-based buffer overflow in NewsBin Pro 4.32 allows remote attacker ...)
 	NOT-FOR-US: NewsBin Pro
-CVE-2007-1568
+CVE-2007-1568 (Stack-based buffer overflow in DaanSystems NewsReactor 20070220.21 all ...)
 	NOT-FOR-US: NewsReactor
-CVE-2007-1567
+CVE-2007-1567 (Stack-based buffer overflow in War FTP Daemon 1.65, and possibly earli ...)
 	NOT-FOR-US: WarFTPd
-CVE-2007-1566
+CVE-2007-1566 (SQL injection vulnerability in News/page.asp in NetVIOS Portal allows  ...)
 	NOT-FOR-US: NetVIOS Portal
-CVE-2007-1565
+CVE-2007-1565 (Konqueror 3.5.5 allows remote attackers to cause a denial of service ( ...)
 	- kdelibs <unfixed> (unimportant)
-CVE-2007-1564
+CVE-2007-1564 (The FTP protocol implementation in Konqueror 3.5.5 allows remote serve ...)
 	- kdelibs 4:3.5.5a.dfsg.1-7
-CVE-2007-1563
+CVE-2007-1563 (The FTP protocol implementation in Opera 9.10 allows remote attackers  ...)
 	NOT-FOR-US: Opera
-CVE-2007-1562
+CVE-2007-1562 (The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and ...)
 	- iceweasel 2.0.0.3-1 (low)
-CVE-2007-1560
+CVE-2007-1560 (The clientProcessRequest() function in src/client_side.c in Squid 2.6  ...)
 	- squid 2.6.5-6 (low)
 	[sarge] - squid <not-affected> (Vulnerable code not present)
-CVE-2007-1559
+CVE-2007-1559 (Multiple stack-based buffer overflows in SonicDVDDashVRNav.dll in Roxi ...)
 	NOT-FOR-US: Roxio
-CVE-2007-1558
+CVE-2007-1558 (The APOP protocol allows remote attackers to guess the first 3 charact ...)
 	{DSA-1305-1 DSA-1300-1 DTSA-46-1 DTSA-47-1}
 	NOTE: Affects various clients, but no practical security implications
 	NOTE: MFSA2007-15
@@ -12366,412 +12366,412 @@ CVE-2007-1558
 	NOTE: patch and etch's version does not (http://dev.mutt.org/trac/ticket/2846)
 	- balsa 2.3.17-1 (unimportant)
 	- claws-mail 2.9.1-1 (unimportant)
-CVE-2007-1557
+CVE-2007-1557 (Format string vulnerability in F-Secure Anti-Virus Client Security 6.0 ...)
 	NOT-FOR-US: F-Secure
-CVE-2007-1556
+CVE-2007-1556 (SQL injection vulnerability in kommentare.php in Creative Files 1.2 al ...)
 	NOT-FOR-US: Creative Files
-CVE-2007-1555
+CVE-2007-1555 (SQL injection vulnerability in forum.php in the Minerva mod 2.0.21 bui ...)
 	NOT-FOR-US: Minerva module of phpBB
-CVE-2007-1554
+CVE-2007-1554 (Direct static code injection vulnerability in admin/configuration.php  ...)
 	NOT-FOR-US: Guestbara
-CVE-2007-1553
+CVE-2007-1553 (admin/configuration.php in Guestbara 1.2 and earlier allows remote att ...)
 	NOT-FOR-US: Guestbara
-CVE-2007-1552
+CVE-2007-1552 (Unrestricted file upload vulnerability in usercp.php in MetaForum 0.51 ...)
 	NOT-FOR-US: MetaForum
-CVE-2007-1551
+CVE-2007-1551 (Multiple cross-site scripting (XSS) vulnerabilities in phpx 3.5.15 all ...)
 	NOT-FOR-US: phpx
-CVE-2007-1550
+CVE-2007-1550 (Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote att ...)
 	NOT-FOR-US: phpx
-CVE-2007-1549
+CVE-2007-1549 (Unrestricted file upload vulnerability in gallery.php in phpx 3.5.15 a ...)
 	NOT-FOR-US: phpx
-CVE-2007-1548
+CVE-2007-1548 (SQL injection vulnerability in functions/functions_filters.asp in Web  ...)
 	NOT-FOR-US: Web Wiz Forums
-CVE-2007-1547
+CVE-2007-1547 (The ReadRequestFromClient function in server/os/io.c in Network Audio  ...)
 	{DSA-1273-1}
 	- nas 1.8-4 (low; bug #416038)
-CVE-2007-1546
+CVE-2007-1546 (Array index error in Network Audio System (NAS) before 1.8a SVN 237 al ...)
 	{DSA-1273-1}
 	- nas 1.8-4 (low; bug #416038)
-CVE-2007-1545
+CVE-2007-1545 (The AddResource function in server/dia/resource.c in Network Audio Sys ...)
 	{DSA-1273-1}
 	- nas 1.8-4 (low; bug #416038)
-CVE-2007-1544
+CVE-2007-1544 (Integer overflow in the ProcAuWriteElement function in server/dia/audi ...)
 	{DSA-1273-1}
 	- nas 1.8-4 (low; bug #416038)
-CVE-2007-1543
+CVE-2007-1543 (Stack-based buffer overflow in the accept_att_local function in server ...)
 	{DSA-1273-1}
 	- nas 1.8-4 (medium; bug #416038)
-CVE-2007-1542
+CVE-2007-1542 (Unspecified vulnerability in the Cisco IP Phone 7940 and 7960 running  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1541
+CVE-2007-1541 (Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only c ...)
 	- sql-ledger 2.8.14-1 (unimportant; bug #409703)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
-CVE-2007-1540
+CVE-2007-1540 (Directory traversal vulnerability in am.pl in (1) SQL-Ledger 2.6.27 an ...)
 	- sql-ledger 2.8.14-1 (unimportant; bug #409703)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
-CVE-2007-1539
+CVE-2007-1539 (Directory traversal vulnerability in inc/map.func.php in pragmaMX Land ...)
 	NOT-FOR-US: pragmaMX Landkarten
 CVE-2007-1538
 	NOT-FOR-US: McAfee
-CVE-2007-1537
+CVE-2007-1537 (\Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1536
+CVE-2007-1536 (Integer underflow in the file_printf function in the "file" program be ...)
 	{DSA-1274-1}
 	- file 4.20-1 (bug #415362; high)
 	NOTE: Has got lots of reverse dependencies.
 	NOTE: Some of them process remotely supplied untrusted input.
-CVE-2007-1535
+CVE-2007-1535 (Microsoft Windows Vista establishes a Teredo address without user acti ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1534
+CVE-2007-1534 (DFSR.exe in Windows Meeting Space in Microsoft Windows Vista remains a ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1533
+CVE-2007-1533 (The Teredo implementation in Microsoft Windows Vista uses the same non ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1532
+CVE-2007-1532 (The neighbor discovery implementation in Microsoft Windows Vista allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1531
+CVE-2007-1531 (Microsoft Windows XP and Vista overwrites ARP table entries included i ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1530
+CVE-2007-1530 (The LLTD Mapper in Microsoft Windows Vista does not properly gather re ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1529
+CVE-2007-1529 (The LLTD Responder in Microsoft Windows Vista does not send the Mapper ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1528
+CVE-2007-1528 (The LLTD Mapper in Microsoft Windows Vista allows remote attackers to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1527
+CVE-2007-1527 (The LLTD Mapper in Microsoft Windows Vista does not verify that an IP  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1526
+CVE-2007-1526 (Sun Java System Web Server 6.1 before 20070314 allows remote authentic ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2007-1525
+CVE-2007-1525 (Direct static code injection vulnerability in postpost.php in Dayfox B ...)
 	NOT-FOR-US: Dayfox Blog
-CVE-2007-1524
+CVE-2007-1524 (Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6  ...)
 	NOT-FOR-US: ZomPlog
-CVE-2007-1523
+CVE-2007-1523 (Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versio ...)
 	NOT-FOR-US: NetBSD
-CVE-2007-1522
+CVE-2007-1522 (Double free vulnerability in the session extension in PHP 5.2.0 and 5. ...)
 	{DSA-1283-1}
 	- php5 5.2.2-1 (medium)
-CVE-2007-1521
+CVE-2007-1521 (Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, a ...)
 	{DSA-1283-1 DSA-1282-1 DTSA-39-1 DTSA-40-1}
 	- php5 5.2.0-11 (medium)
 	- php4 6:4.4.6-2 (medium)
-CVE-2007-1520
+CVE-2007-1520 (The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and e ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-1519
+CVE-2007-1519 (Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke 8. ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-1518
+CVE-2007-1518 (SQL injection vulnerability in usergroups.php in Woltlab Burning Board ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2007-1517
+CVE-2007-1517 (SQL injection vulnerability in comments.php in WSN Guest 1.02 and 1.21 ...)
 	NOT-FOR-US: WSN Guest
-CVE-2007-1561
+CVE-2007-1561 (The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 al ...)
 	{DSA-1358-1}
 	- asterisk 1:1.4.2~dfsg-5 (bug #415466; medium)
 	NOTE: http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html
-CVE-2007-1594
+CVE-2007-1594 (The handle_response function in chan_sip.c in Asterisk before 1.2.17 a ...)
 	NOTE: Duplicate of CVE-2007-2297
-CVE-2007-1516
+CVE-2007-1516 (PHP remote file inclusion vulnerability in functions/update.php in Cic ...)
 	NOT-FOR-US: CcMail
-CVE-2007-1515
+CVE-2007-1515 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP H3 4. ...)
 	- imp4 4.1.3-4 (medium; bug #415117)
-CVE-2007-1514
+CVE-2007-1514 (PHP remote file inclusion vulnerability in index.php in ViperWeb Porta ...)
 	NOT-FOR-US: ViperWeb Portal
-CVE-2007-1513
+CVE-2007-1513 (PHP remote file inclusion vulnerability in comanda.php in GraFX Compan ...)
 	NOT-FOR-US: WebSite Builder
-CVE-2007-1512
+CVE-2007-1512 (Stack-based buffer overflow in the AfxOleSetEditMenu function in the M ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1511
+CVE-2007-1511 (Buffer overflow in FrontBase Relational Database Server 4.2.7 and earl ...)
 	NOT-FOR-US: FrontBase Relational Database Server
-CVE-2007-1510
+CVE-2007-1510 (SQL injection vulnerability in post.php in Particle Blogger 1.0.0 thro ...)
 	NOT-FOR-US: Particle Blogger
-CVE-2007-1509
+CVE-2007-1509 (Directory traversal vulnerability in enkrypt.php in Sascha Schroeder k ...)
 	NOT-FOR-US: krypt
-CVE-2007-1508
+CVE-2007-1508 (Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAd ...)
 	NOT-FOR-US: DirectAdmin
-CVE-2007-1507
+CVE-2007-1507 (The default configuration in OpenAFS 1.4.x before 1.4.4 and 1.5.x befo ...)
 	{DSA-1271-1}
 	- openafs 1.4.2-6 (medium)
-CVE-2007-1506
+CVE-2007-1506 (Cross-site scripting (XSS) vulnerability in PORTAL.wwv_main.render_war ...)
 	NOT-FOR-US: Oracle Portal
-CVE-2007-1505
+CVE-2007-1505 (Fujitsu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption V1 ...)
 	NOT-FOR-US: Fujistu FENCE-Pro
-CVE-2007-1504
+CVE-2007-1504 (Cross-site scripting (XSS) vulnerability in the Servlet Service in Fuj ...)
 	NOT-FOR-US: Fujitsu Interstage Application Server
-CVE-2007-1503
+CVE-2007-1503 (Multiple format string vulnerabilities in comm.c in Rhapsody IRC 0.28b ...)
 	- rhapsody <removed> (medium)
-CVE-2007-1502
+CVE-2007-1502 (Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers ...)
 	- rhapsody <removed> (medium)
-CVE-2007-1501
+CVE-2007-1501 (Stack-based buffer overflow in Avant Browser 11.0 build 26 allows remo ...)
 	NOT-FOR-US: Avant Browse
-CVE-2007-1500
+CVE-2007-1500 (The Linux Security Auditing Tool (LSAT) allows local users to overwrit ...)
 	NOT-FOR-US: Linux Security Auditing Tool
-CVE-2007-1499
+CVE-2007-1499 (Microsoft Internet Explorer 7.0 on Windows XP and Vista allows remote  ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2007-1498
+CVE-2007-1498 (Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 Act ...)
 	NOT-FOR-US: SiteManager.SiteMgr.1 ActiveX control
-CVE-2007-1497
+CVE-2007-1497 (nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not ...)
 	{DSA-1289-1}
 	- linux-2.6 2.6.20-1 (medium)
-CVE-2007-1496
+CVE-2007-1496 (nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows  ...)
 	{DSA-1289-1}
 	- linux-2.6 2.6.21-1 (medium)
-CVE-2007-1495
+CVE-2007-1495 (The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006  ...)
 	NOT-FOR-US: Symantec Norton Personal Firewall
-CVE-2007-1494
+CVE-2007-1494 (Cross-site scripting (XSS) vulnerability in NukeSentinel before 2.5.06 ...)
 	NOT-FOR-US: NukeSentinel
-CVE-2007-1493
+CVE-2007-1493 (nukesentinel.php in NukeSentinel 2.5.06 and earlier uses a permissive  ...)
 	NOT-FOR-US: NukeSentinel
-CVE-2007-1492
+CVE-2007-1492 (winmm.dll in Microsoft Windows XP allows user-assisted remote attacker ...)
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2007-1491
+CVE-2007-1491 (Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Av ...)
 	NOT-FOR-US: Avaya S87XX
-CVE-2007-1490
+CVE-2007-1490 (Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 bef ...)
 	NOT-FOR-US: Avaya S87XX
-CVE-2007-1489
+CVE-2007-1489 (Unspecified vulnerability in web-app.org Web Automated Perl Portal (We ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1488
+CVE-2007-1488 (Unspecified vulnerability in Sun Java System Web Server 6.0 and 6.1 be ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2007-1487
+CVE-2007-1487 (Directory traversal vulnerability in index.php in Sascha Schroeder (ak ...)
 	NOT-FOR-US: CyberTeddy WebLog
-CVE-2007-1486
+CVE-2007-1486 (PHP remote file inclusion vulnerability in template.class.php in Carbo ...)
 	NOT-FOR-US: Carbonize Lazarus Guestbook
 CVE-2007-1485
 	NOT-FOR-US: LIBFtp
-CVE-2007-1484
+CVE-2007-1484 (The array_user_key_compare function in PHP 4.4.6 and earlier, and 5.x  ...)
 	- php4 <removed> (unimportant)
 	- php5 5.2.2-1 (unimportant)
 	NOTE: local malicious scripts only
-CVE-2007-1483
+CVE-2007-1483 (Multiple PHP remote file inclusion vulnerabilities in WebCalendar 0.9. ...)
 	- webcalendar 1.0.5-1 (high)
 	[sarge] - webcalendar 0.9.45-4sarge7
 	NOTE: This was fixed in Sarge as a side-effect of an earlier fix, marking current
 	NOTE: Sarge version as fixed version
-CVE-2007-1482
+CVE-2007-1482 (Cross-site scripting (XSS) vulnerability in index.php in WBBlog allows ...)
 	NOT-FOR-US: WBBlog
-CVE-2007-1481
+CVE-2007-1481 (SQL injection vulnerability in index.php in WBBlog allows remote attac ...)
 	NOT-FOR-US: WBBlog
-CVE-2007-1480
+CVE-2007-1480 (Creative Guestbook 1.0 allows remote attackers to add an administrativ ...)
 	NOT-FOR-US: Creative Guestbook
-CVE-2007-1479
+CVE-2007-1479 (Cross-site scripting (XSS) vulnerability in Guestbook.php in Creative  ...)
 	NOT-FOR-US: Creative Guestbook
-CVE-2007-1478
+CVE-2007-1478 (download.php in McGallery 0.5b allows remote attackers to read arbitra ...)
 	NOT-FOR-US: McGallery
 CVE-2007-1477
 	NOT-FOR-US: Point Of Sale for osCommerce
-CVE-2007-1476
+CVE-2007-1476 (The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Fire ...)
 	NOT-FOR-US: Symantec Norton Personal Firewall
-CVE-2007-1475
+CVE-2007-1475 (Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconn ...)
 	- php4 <removed> (unimportant)
 	NOTE: Can only be triggered by malicious script
-CVE-2007-1474
+CVE-2007-1474 (Argument injection vulnerability in the cleanup cron script in Horde P ...)
 	{DSA-1406-1}
 	- horde3 3.1.3-4 (medium)
-CVE-2007-1473
+CVE-2007-1473 (Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in H ...)
 	{DSA-1406-1}
 	- horde3 3.1.4-1 (low; bug #434045)
-CVE-2007-1472
+CVE-2007-1472 (Variable overwrite vulnerability in groupit/base/groupit.start.inc in  ...)
 	NOT-FOR-US: Groupit
-CVE-2007-1471
+CVE-2007-1471 (admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass  ...)
 	NOT-FOR-US: Orion-Blog
-CVE-2007-1470
+CVE-2007-1470 (Multiple buffer overflows in LIBFtp 5.0 allow user-assisted remote att ...)
 	NOT-FOR-US: LIBFtp
-CVE-2007-1469
+CVE-2007-1469 (SQL injection vulnerability in gallery.asp in Absolute Image Gallery 2 ...)
 	NOT-FOR-US: Absolute Image Gallery
-CVE-2007-1468
+CVE-2007-1468 (Cross-site scripting (XSS) vulnerability in IBM Rational ClearQuest (C ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2007-1467
+CVE-2007-1467 (Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.h ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1466
+CVE-2007-1466 (Integer overflow in the WP6GeneralTextPacket::_readContents function i ...)
 	- libwpd 0.8.9-1 (medium)
 	[etch] - libwpd 0.8.7-6
-CVE-2007-1465
+CVE-2007-1465 (Stack-based buffer overflow in dproxy.c for dproxy 0.1 through 0.5 all ...)
 	NOT-FOR-US: dproxy
-CVE-2007-1464
+CVE-2007-1464 (Format string vulnerability in the whiteboard Jabber protocol in Inksc ...)
 	- inkscape 0.45.1-1 (medium)
 	[etch] - inkscape <not-affected> (Versions prior to 0.45 used loudmouth, which isn't affected)
-CVE-2007-1463
+CVE-2007-1463 (Format string vulnerability in Inkscape before 0.45.1 allows user-assi ...)
 	- inkscape 0.45.1-1 (low)
 	[etch] - inkscape <no-dsa> (Minor issue)
 	[sarge] - inkscape <no-dsa> (Minor issue)
 	NOTE: shell code would be prominently inside the file names
-CVE-2007-1462
+CVE-2007-1462 (The luci server component in conga preserves the password between page ...)
 	NOT-FOR-US: conga
-CVE-2007-1461
+CVE-2007-1461 (The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP ...)
 	- php5 5.2.2-1 (unimportant)
 	NOTE: Safemode and open_basedir bypasses not supported
-CVE-2007-1460
+CVE-2007-1460 (The zip:// URL wrapper provided by the PECL zip extension in PHP befor ...)
 	- php5 5.2.2-1 (unimportant)
 	NOTE: Safemode and open_basedir bypasses not supported
-CVE-2007-1459
+CVE-2007-1459 (Multiple PHP remote file inclusion vulnerabilities in WebCreator 0.2.6 ...)
 	NOT-FOR-US: WebCreator
-CVE-2007-1458
+CVE-2007-1458 (Multiple PHP remote file inclusion vulnerabilities in CARE2X 1.1 allow ...)
 	NOT-FOR-US: CARE2X
-CVE-2007-1457
+CVE-2007-1457 (Buffer overflow in the urarlib_get function in Christian Scheurer Uniq ...)
 	NOT-FOR-US: UniquE RAR File Library
 CVE-2007-1456
 	NOT-FOR-US: PHP Photo Album
-CVE-2007-1455
+CVE-2007-1455 (Multiple absolute path traversal vulnerabilities in Fantastico, as use ...)
 	NOT-FOR-US: Fantastico
-CVE-2007-1454
+CVE-2007-1454 (ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the  ...)
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-11 (medium)
-CVE-2007-1453
+CVE-2007-1453 (Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering ...)
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-11 (medium)
-CVE-2007-1452
+CVE-2007-1452 (The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement  ...)
 	- php5 <not-affected> (cpdf extension not enabled in binary build)
-CVE-2007-1451
+CVE-2007-1451 (GuppY 4.0 allows remote attackers to delete arbitrary files via a dire ...)
 	NOT-FOR-US: GuppY
-CVE-2007-1450
+CVE-2007-1450 (SQL injection vulnerability in mainfile.php in PHP-Nuke 8.0 and earlie ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-1449
+CVE-2007-1449 (Directory traversal vulnerability in mainfile.php in PHP-Nuke 8.0 and  ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-1448
+CVE-2007-1448 (The Tape Engine in CA (formerly Computer Associates) BrightStor ARCser ...)
 	NOT-FOR-US: BrightStor ARCserve Backup
-CVE-2007-1447
+CVE-2007-1447 (The Tape Engine in CA (formerly Computer Associates) BrightStor ARCser ...)
 	NOT-FOR-US: BrightStor ARCserve Backup
-CVE-2007-1446
+CVE-2007-1446 (Multiple PHP remote file inclusion vulnerabilities in Open Education S ...)
 	NOT-FOR-US: Open Education System
-CVE-2007-1445
+CVE-2007-1445 (SQL injection vulnerability in the heme preview feature for default.as ...)
 	NOT-FOR-US: BP Blog
-CVE-2007-1444
+CVE-2007-1444 (netserver in netperf 2.4.3 allows local users to overwrite arbitrary f ...)
 	- netperf 2.4.3-8 (bug #413658; medium)
 	[sarge] - netperf <no-dsa> (Non-free not supported)
 	[etch] - netperf <no-dsa> (Non-free not supported)
-CVE-2007-1443
+CVE-2007-1443 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2007-1442
+CVE-2007-1442 (Oracle Database 10g uses a NULL pDacl parameter when calling the SetSe ...)
 	NOT-FOR-US: Oracle Database
-CVE-2007-1441
+CVE-2007-1441 (The 4thPass browser (BlackBerry Browser) on the RIM BlackBerry 8100 (P ...)
 	NOT-FOR-US: BlackBerry 8100
-CVE-2007-1440
+CVE-2007-1440 (SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 allows r ...)
 	NOT-FOR-US: JGBBS
-CVE-2007-1439
+CVE-2007-1439 (PHP remote file inclusion vulnerability in ressourcen/dbopen.php in bi ...)
 	NOT-FOR-US: MySQL Commander
-CVE-2007-1438
+CVE-2007-1438 (SQL injection vulnerability in devami.asp in X-Ice News System 1.0 all ...)
 	NOT-FOR-US: X-Ice News System
-CVE-2007-1437
+CVE-2007-1437 (Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger bef ...)
 	- sql-ledger 2.8.14-1 (unimportant; bug #409703)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
-CVE-2007-1436
+CVE-2007-1436 (Unspecified vulnerability in admin.pl in SQL-Ledger before 2.6.26 and  ...)
 	- sql-ledger 2.8.14-1 (unimportant; bug #409703)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
-CVE-2007-1435
+CVE-2007-1435 (Buffer overflow in D-Link TFTP Server 1.0 allows remote attackers to c ...)
 	NOT-FOR-US: D-Link TFTP Server
-CVE-2007-1434
+CVE-2007-1434 (SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly earl ...)
 	NOT-FOR-US: Grayscale Blog
-CVE-2007-1433
+CVE-2007-1433 (Cross-site scripting (XSS) vulnerability in Grayscale Blog 0.8.0, and  ...)
 	NOT-FOR-US: Grayscale Blog
-CVE-2007-1432
+CVE-2007-1432 (Grayscale Blog 0.8.0, and possibly earlier versions, allows remote att ...)
 	NOT-FOR-US: Grayscale Blog
-CVE-2007-1431
+CVE-2007-1431 (Multiple unspecified vulnerabilities in PennMUSH 1.8.3 before 1.8.3p1  ...)
 	- pennmush 1.8.2p7-1 (low; bug #436249)
 	[sarge] - pennmush <no-dsa> (Minor issue)
 	[etch] - pennmush <no-dsa> (Minor issue)
-CVE-2007-1430
+CVE-2007-1430 (PHP remote file inclusion vulnerability in include/adodb-connection.in ...)
 	NOT-FOR-US: ClipShare
-CVE-2007-1429
+CVE-2007-1429 (Multiple PHP remote file inclusion vulnerabilities in Moodle 1.7.1 all ...)
 	- moodle <not-affected>
 	NOTE: Security problem with the Windows version
 	NOTE: Debian Maintainer and Upstream state that debian is not affected
 	NOTE: and the problem is not reproducible there
-CVE-2007-1428
+CVE-2007-1428 (SQL injection vulnerability in search.php in PHP Labs JobSitePro 1.0 a ...)
 	NOT-FOR-US: JobSitePro
-CVE-2007-1427
+CVE-2007-1427 (Directory traversal vulnerability in download_pdf.php in AssetMan 2.4a ...)
 	NOT-FOR-US: AssetMan
-CVE-2007-1426
+CVE-2007-1426 (The web interface in AstroCam 2.0.0 through 2.6.5 allows remote attack ...)
 	NOT-FOR-US: AstroCam
-CVE-2007-1425
+CVE-2007-1425 (SQL injection vulnerability in index.php in Triexa SonicMailer Pro 3.2 ...)
 	NOT-FOR-US: SonicMailer Pro
-CVE-2007-1424
+CVE-2007-1424 (Multiple PHP remote file inclusion vulnerabilities in Softnews Media G ...)
 	NOT-FOR-US: DataLife Engine
-CVE-2007-1423
+CVE-2007-1423 (Multiple PHP remote file inclusion vulnerabilities in WORK system e-co ...)
 	NOT-FOR-US: WORK system e-commerce
-CVE-2007-1422
+CVE-2007-1422 (SQL injection vulnerability in goster.asp in fystyq Duyuru Scripti all ...)
 	NOT-FOR-US: Duyuru Scripti
-CVE-2007-1421
+CVE-2007-1421 (Multiple PHP remote file inclusion vulnerabilities in Premod SubDog 2  ...)
 	NOT-FOR-US: SubDog
-CVE-2007-1420
+CVE-2007-1420 (MySQL 5.x before 5.0.36 allows local users to cause a denial of servic ...)
 	- mysql-dfsg-5.0 5.0.32-8 (bug #414790)
 	[etch] - mysql-dfsg-5.0 5.0.32-7etch1
-CVE-2007-1419
+CVE-2007-1419 (The Java Management Extensions Remote API Remote Method Invocation ove ...)
 	NOT-FOR-US: JMX RMI-IIOP
-CVE-2007-1418
+CVE-2007-1418 (Cross-site scripting (XSS) vulnerability in skins/ace/popup-notopic.ph ...)
 	NOT-FOR-US: DekiWiki
-CVE-2007-1417
+CVE-2007-1417 (SQL injection vulnerability in index.php in HC NEWSSYSTEM 1.0-4 allows ...)
 	NOT-FOR-US: NEWSSYSTEM
-CVE-2007-1416
+CVE-2007-1416 (PHP remote file inclusion vulnerability in createurl.php in JCcorp (ak ...)
 	NOT-FOR-US: URLshrink
-CVE-2007-1415
+CVE-2007-1415 (Multiple PHP remote file inclusion vulnerabilities in PMB Services 3.0 ...)
 	NOT-FOR-US: PMB Services
-CVE-2007-1414
+CVE-2007-1414 (Multiple PHP remote file inclusion vulnerabilities in Coppermine Photo ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-1413
+CVE-2007-1413 (Buffer overflow in the snmpget function in the snmp extension in PHP 5 ...)
 	- php4 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable by malicious script
-CVE-2007-1412
+CVE-2007-1412 (The cpdf_open function in the ClibPDF (cpdf) extension in PHP 4.4.6 al ...)
 	- php4 <not-affected> (cpdf extension not enabled in binary build)
 	- php5 <not-affected> (cpdf extension not enabled in binary build)
-CVE-2007-1411
+CVE-2007-1411 (Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versio ...)
 	- php4 <not-affected> (no mssql extension in Debian)
 	- php5 <not-affected> (no mssql extension in Debian)
-CVE-2007-1410
+CVE-2007-1410 (SQL injection vulnerability in kategori.asp in GaziYapBoz Game Portal  ...)
 	NOT-FOR-US: GaziYapBoz Game Portal
-CVE-2007-1409
+CVE-2007-1409 (WordPress allows remote attackers to obtain sensitive information via  ...)
 	- wordpress <not-affected> (Path disclosure)
-CVE-2007-1408
+CVE-2007-1408 (Multiple vulnerabilities in (1) bank.php, (2) landfill.php, (3) outpos ...)
 	NOT-FOR-US: Vallheru
-CVE-2007-1407
+CVE-2007-1407 (Unspecified vulnerability in OpenSolution Quick.Cart before 2.1 has un ...)
 	NOT-FOR-US: Quick.Cart
-CVE-2007-1406
+CVE-2007-1406 (Trac before 0.10.3.1 does not send a Content-Disposition HTTP header s ...)
 	[etch] - trac 0.10.3-1etch1
 	- trac 0.10.4-1 (bug #414134; bug #420219)
 	NOTE: Browser bug, only exploitable on IE, still fixed in a point release
-CVE-2007-1405
+CVE-2007-1405 (Cross-site scripting (XSS) vulnerability in the "download wiki page as ...)
 	[etch] - trac 0.10.3-1etch1
 	- trac 0.10.4-1 (bug #414134; bug #420219)
 	NOTE: Browser bug, only exploitable on IE, still fixed in a point release
-CVE-2007-1404
+CVE-2007-1404 (tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 allows remote attac ...)
 	NOT-FOR-US: ProSysInfo TFTP Server
-CVE-2007-1403
+CVE-2007-1403 (Multiple stack-based buffer overflows in an ActiveX control in SwDir.d ...)
 	NOT-FOR-US: ActiveX control
-CVE-2007-1402
+CVE-2007-1402 (The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows rem ...)
 	NOT-FOR-US: Rediff Toolbar ActiveX control
-CVE-2007-1401
+CVE-2007-1401 (Buffer overflow in the crack extension (CrackLib), as bundled with PHP ...)
 	NOT-FOR-US: php doesn't ship with cracklib activated in debian.
-CVE-2007-1400
+CVE-2007-1400 (Plash permits sandboxed processes to open /dev/tty, which allows local ...)
 	NOT-FOR-US: Plash
-CVE-2007-1399
+CVE-2007-1399 (Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8. ...)
 	{DSA-1330-1}
 	- php5 5.2.2-1 (medium)
-CVE-2007-1398
+CVE-2007-1398 (The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when ...)
 	- snort <not-affected> (Vulnerable code not present)
-CVE-2007-1397
+CVE-2007-1397 (Multiple stack-based buffer overflows in the (1) ExtractRnick and (2)  ...)
 	NOT-FOR-US: FiSH IRC Encryption
-CVE-2007-1396
+CVE-2007-1396 (The import_request_variables function in PHP 4.0.7 through 4.4.6, and  ...)
 	- php5 5.2.2-1 (unimportant)
 	NOTE: Non-issue
-CVE-2007-1395
+CVE-2007-1395 (Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 th ...)
 	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.10.0.2-1 (medium)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2007-1394
+CVE-2007-1394 (Direct static code injection vulnerability in startsession.php in Flat ...)
 	NOT-FOR-US: Flat Chat
-CVE-2007-1393
+CVE-2007-1393 (PHP remote file inclusion vulnerability in mysave.php in Magic CMS 4.2 ...)
 	NOT-FOR-US: Magic CMS
-CVE-2007-1392
+CVE-2007-1392 (Directory traversal vulnerability in down.php in netForo! 0.1g allows  ...)
 	NOT-FOR-US: netForo!
-CVE-2007-1391
+CVE-2007-1391 (PHP remote file inclusion vulnerability in modules/abook/foldertree.ph ...)
 	NOT-FOR-US: WEBO
-CVE-2007-1390
+CVE-2007-1390 (Multiple cross-site scripting (XSS) vulnerabilities in dynaliens 2.0 a ...)
 	NOT-FOR-US: dynalias
-CVE-2007-1389
+CVE-2007-1389 (dynaliens 2.0 and 2.1 allows remote attackers to bypass authentication ...)
 	NOT-FOR-US: dynalias
-CVE-2007-1388
+CVE-2007-1388 (The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux k ...)
 	- linux-2.6 2.6.18.dfsg.1-12
-CVE-2007-1387
+CVE-2007-1387 (The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0r ...)
 	{DSA-1536-1}
 	- mplayer 1.0~rc1-13 (bug #414075; low)
 	- xine-lib 1.1.2+dfsg-3 (bug #414072; low)
@@ -12779,133 +12779,133 @@ CVE-2007-1387
 	[sarge] - xine-lib <no-dsa> (Only affects external, proprietary w32codecs addons)
 CVE-2007-1386
 	RESERVED
-CVE-2007-1385
+CVE-2007-1385 (chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to c ...)
 	- ktorrent 2.0.3+dfsg1-2.1 (bug #414832; medium)
-CVE-2007-1384
+CVE-2007-1384 (Directory traversal vulnerability in torrent.cpp in KTorrent before 2. ...)
 	- ktorrent 2.0.3+dfsg1-2.1 (bug #414832; medium)
-CVE-2007-1383
+CVE-2007-1383 (Integer overflow in the 16 bit variable reference counter in PHP 4 all ...)
 	- php4 <removed> (unimportant)
 	NOTE: Only triggerable by malicious PHP scripts, PHP5 not "affected"
-CVE-2007-1382
+CVE-2007-1382 (The PHP COM extensions for PHP on Windows systems allow context-depend ...)
 	NOT-FOR-US: Windows PHP COM extensions
-CVE-2007-1381
+CVE-2007-1381 (The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10 ...)
 	- php5 <not-affected> (Affected only a php5 CVS version, not a release)
-CVE-2007-1380
+CVE-2007-1380 (The php_binary serialization handler in the session extension in PHP b ...)
 	{DSA-1283-1 DSA-1282-1 DTSA-39-1 DTSA-40-1}
 	[etch] - php5 5.2.0-8+etch1
 	- php4 6:4.4.6-1 (low)
 	- php5 5.2.0-11 (low)
-CVE-2007-1379
+CVE-2007-1379 (The ovrimos_close function in the Ovrimos extension for PHP before 4.4 ...)
 	- php4 <not-affected> (Ovrimus support not included in Debian's PHP packages)
-CVE-2007-1378
+CVE-2007-1378 (The ovrimos_longreadlen function in the Ovrimos extension for PHP befo ...)
 	- php4 <not-affected> (Ovrimus support not included in Debian's PHP packages)
-CVE-2007-1377
+CVE-2007-1377 (AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, N ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2007-1376
+CVE-2007-1376 (The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x s ...)
 	{DSA-1283-1 DTSA-39-1}
 	- php4 <removed>
 	- php5 5.2.0-11
 	NOTE: Only triggerable by malicious script
-CVE-2007-1375
+CVE-2007-1375 (Integer overflow in the substr_compare function in PHP 5.2.1 and earli ...)
 	{DSA-1283-1 DTSA-39-1}
 	- php5 5.2.0-11 (low)
 	NOTE: Should be fixed, could be used as a stepstone for further attacks
-CVE-2007-1374
+CVE-2007-1374 (Cross-site scripting (XSS) vulnerability in pop_profile.asp in Snitz F ...)
 	NOT-FOR-US: Snitz Forums
-CVE-2007-1373
+CVE-2007-1373 (Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport  ...)
 	NOT-FOR-US: Mercury Mail Transport System
-CVE-2007-1372
+CVE-2007-1372 (PHP remote file inclusion vulnerability in styles/internal/header.php  ...)
 	NOT-FOR-US: PostGuestbook
-CVE-2007-1371
+CVE-2007-1371 (Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local ...)
 	- conquest 8.2b-1 (low)
 	[sarge] - conquest <no-dsa> (Minor issue)
 	[etch] - conquest <no-dsa> (Minor issue)
-CVE-2007-1370
+CVE-2007-1370 (Zend Platform 2.2.3 and earlier has incorrect ownership for scd.sh and ...)
 	NOT-FOR-US: Zend Platform
-CVE-2007-1369
+CVE-2007-1369 (ini_modifier (sgid-zendtech) in Zend Platform 2.2.3 and earlier allows ...)
 	NOT-FOR-US: Zend Platform
-CVE-2007-1368
+CVE-2007-1368 (The Project issue tracking module before 4.7.x-1.3, 4.7.x-2.* before 4 ...)
 	NOT-FOR-US: Drupal module Project
-CVE-2007-1367
+CVE-2007-1367 (Cross-site scripting (XSS) vulnerability in the login page in Avaya Co ...)
 	NOT-FOR-US: Avaya Communications Manager
-CVE-2007-1366
+CVE-2007-1366 (QEMU 0.8.2 allows local users to crash a virtual machine via the divis ...)
 	{DSA-1284-1 DTSA-38-1 DTSA-133-1}
 	- qemu 0.9.0-2 (bug #424070)
 	- kvm 66+dfsg-1.1
-CVE-2007-1365
+CVE-2007-1365 (Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows rem ...)
 	NOT-FOR-US: OpenBSD Kernel
-CVE-2007-1364
+CVE-2007-1364 (DropAFew before 0.2.1 does not require authorization for certain privi ...)
 	NOT-FOR-US: DropAFew
-CVE-2007-1363
+CVE-2007-1363 (Multiple SQL injection vulnerabilities in DropAFew before 0.2.1 allow  ...)
 	NOT-FOR-US: DropAFew
-CVE-2007-1362
+CVE-2007-1362 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaM ...)
 	{DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	NOTE: MFSA2007-14
 	- iceape 1.1.2-1 (low)
 	- iceweasel 2.0.0.4-1 (low)
 	- xulrunner 1.8.1.4-1 (low)
-CVE-2007-1361
+CVE-2007-1361 (Cross-site scripting (XSS) vulnerability in virtuemart_parser.php in V ...)
 	NOT-FOR-US: VirtueMart
-CVE-2007-1360
+CVE-2007-1360 (Unspecified vulnerability in the Nodefamily module for Drupal 5.x befo ...)
 	NOT-FOR-US: Drupal module Nodefamily
-CVE-2007-1359
+CVE-2007-1359 (Interpretation conflict in ModSecurity (mod_security) 2.1.0 and earlie ...)
 	- libapache-mod-security 2.1.2-1
-CVE-2007-1358
+CVE-2007-1358 (Cross-site scripting (XSS) vulnerability in certain applications using ...)
 	- tomcat4 <removed> (low)
 	[sarge] - tomcat4 <no-dsa> (Contrib not supported)
-CVE-2007-1357
+CVE-2007-1357 (The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before  ...)
 	{DSA-1304 DSA-1286-1}
 	- linux-2.6 2.6.20-1
 CVE-2007-1356
 	REJECTED
-CVE-2007-1355
+CVE-2007-1355 (Multiple cross-site scripting (XSS) vulnerabilities in the appdev/samp ...)
 	- tomcat4 <removed> (unimportant)
 	- tomcat5 <removed> (unimportant)
 	- tomcat5.5 5.5.25-1 (unimportant)
 	NOTE: Just an example application for documentation purposes
-CVE-2007-1354
+CVE-2007-1354 (The Access Control functionality (JMXOpsAccessControlFilter) in JMX Co ...)
 	NOT-FOR-US: JBoss Application Server
-CVE-2007-1353
+CVE-2007-1353 (The setsockopt function in the L2CAP and HCI Bluetooth support in the  ...)
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1356-1}
 	- linux-2.6 2.6.22-1 (low)
-CVE-2007-1352
+CVE-2007-1352 (Integer overflow in the FontFileInitTable function in X.Org libXfont b ...)
 	{DSA-1294-1}
 	- libxfont 1:1.2.2-2 (medium)
-CVE-2007-1351
+CVE-2007-1351 (Integer overflow in the bdfReadCharacters function in bdfread.c in (1) ...)
 	{DSA-1454-1 DSA-1294-1}
 	- libxfont 1:1.2.2-2 (medium)
 	- freetype 2.3.5-1 (medium; bug #426771)
-CVE-2007-1350
+CVE-2007-1350 (Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 al ...)
 	NOT-FOR-US: Novell NetMail
-CVE-2007-1349
+CVE-2007-1349 (PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mo ...)
 	- apache <removed> (low)
 	- libapache2-mod-perl2 2.0.2-5 (low; bug #433549)
 	[etch] - libapache2-mod-perl2 <no-dsa> (Minor issue)
 	[etch] - apache 1.3.34-4.1+etch1
 CVE-2007-1348
 	REJECTED
-CVE-2007-1347
+CVE-2007-1347 (Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and p ...)
 	NOT-FOR-US: Microsoft Windows Explorer
-CVE-2007-1346
+CVE-2007-1346 (Unspecified vulnerability in ipmitool for Sun Fire X2100M2 and X2200M2 ...)
 	NOT-FOR-US: Sun Fire Server
-CVE-2007-1345
+CVE-2007-1345 (Unspecified vulnerability in cube.exe in the GINA component for CA (Co ...)
 	NOT-FOR-US: CA eTrust Admin
-CVE-2007-1344
+CVE-2007-1344 (Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 a ...)
 	NOT-FOR-US: Ezstream
-CVE-2007-1343
+CVE-2007-1343 (includes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does  ...)
 	{DSA-1267-1}
 	- webcalendar 1.0.5-1 (high)
-CVE-2007-1342
+CVE-2007-1342 (Cross-site scripting (XSS) vulnerability in admincp/index.php in Jelso ...)
 	NOT-FOR-US: vBulletin
-CVE-2007-1341
+CVE-2007-1341 (include/auth/auth.php in Simple Invoices before 2007 03 05 does not us ...)
 	NOT-FOR-US: Simple Invoices
-CVE-2007-1340
+CVE-2007-1340 (PHP remote file inclusion vulnerability in eintrag.php in Weltennetz N ...)
 	NOT-FOR-US: News-Letterman
-CVE-2007-1339
+CVE-2007-1339 (SQL injection vulnerability in index.php in Links Management Applicati ...)
 	NOT-FOR-US: Links Management Application
-CVE-2007-1338
+CVE-2007-1338 (The default configuration of the AirPort utility in Apple AirPort Extr ...)
 	NOT-FOR-US: Apple AirPort Extreme
-CVE-2007-1337
+CVE-2007-1337 (The virtual machine process (VMX) in VMware Workstation before 5.5.4 d ...)
 	NOT-FOR-US: VMware
 CVE-2007-1336
 	RESERVED
@@ -12915,46 +12915,46 @@ CVE-2007-1334
 	RESERVED
 CVE-2007-1333
 	RESERVED
-CVE-2007-1332
+CVE-2007-1332 (Multiple cross-site request forgery (CSRF) vulnerabilities in TKS Bank ...)
 	NOT-FOR-US: TKS Banking Solutions ePortfolio
-CVE-2007-1331
+CVE-2007-1331 (Multiple cross-site scripting (XSS) vulnerabilities in TKS Banking Sol ...)
 	NOT-FOR-US: TKS Banking Solutions ePortfolio
-CVE-2007-1330
+CVE-2007-1330 (Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.1 ...)
 	NOT-FOR-US: Comodo Firewall Pro
-CVE-2007-1329
+CVE-2007-1329 (Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before  ...)
 	- sql-ledger <unfixed> (unimportant; bug #409703)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
-CVE-2007-1328
+CVE-2007-1328 (Cross-site scripting (XSS) vulnerability in formulaire.php in Bernard  ...)
 	NOT-FOR-US: JOLY BJ Webring
-CVE-2007-1327
+CVE-2007-1327 (The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-serv ...)
 	NOT-FOR-US: silc daemon
-CVE-2007-1326
+CVE-2007-1326 (SQL injection vulnerability in index.php in Serendipity 1.1.1 allows r ...)
 	- serendipity <removed> (unimportant)
 	NOTE: http://blog.s9y.org/archives/164-Serendipity-1.1.2-released.html
-CVE-2007-1325
+CVE-2007-1325 (The PMA_ArrayWalkRecursive function in libraries/common.lib.php in php ...)
 	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.10.0.2-1
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2007-1324
+CVE-2007-1324 (SnapGear 560, 585, 580, 640, 710, and 720 appliances before the 3.1.4u ...)
 	NOT-FOR-US: SnapGear
 CVE-2007-1323
 	REJECTED
-CVE-2007-1322
+CVE-2007-1322 (QEMU 0.8.2 allows local users to halt a virtual machine by executing t ...)
 	{DSA-1284-1 DTSA-38-1 DTSA-133-1}
 	- qemu 0.9.0-2 (bug #424070)
 	- kvm 66+dfsg-1.1
-CVE-2007-1321
+CVE-2007-1321 (Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used ...)
 	{DSA-1284-1 DTSA-38-1 DTSA-133-1}
 	- qemu 0.9.0-2 (bug #424070)
 	- kvm 66+dfsg-1.1
-CVE-2007-1320
+CVE-2007-1320 (Multiple heap-based buffer overflows in the cirrus_invalidate_region f ...)
 	{DSA-1384-1 DSA-1284-1 DTSA-38-1 DTSA-133-1}
 	- qemu 0.9.0-2 (bug #424070)
 	- kvm 66+dfsg-1.1
 	- xen-3 3.1.0-2 (bug #444007; medium)
 	- xen-3.0 <removed>
-CVE-2007-1319
+CVE-2007-1319 (Unspecified vulnerability in the IOPCServer::RemoveGroup function in t ...)
 	NOT-FOR-US: DeviceXPlorer OLE
 CVE-2007-1318
 	RESERVED
@@ -12966,7 +12966,7 @@ CVE-2007-1315
 	RESERVED
 CVE-2007-1314
 	RESERVED
-CVE-2007-1313
+CVE-2007-1313 (NETxAutomation NETxEIB OPC Server before 3.0.1300 does not properly va ...)
 	NOT-FOR-US: NETxAutomation NETxEIB OPC Server
 CVE-2007-1312
 	RESERVED
@@ -12974,64 +12974,64 @@ CVE-2007-1311
 	RESERVED
 CVE-2007-1310
 	RESERVED
-CVE-2007-1309
+CVE-2007-1309 (Novell Access Management 3 SSLVPN Server allows remote authenticated u ...)
 	NOT-FOR-US: Novell Access Management
-CVE-2007-1308
+CVE-2007-1308 (ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE ...)
 	- kdelibs <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security problems
-CVE-2007-1307
+CVE-2007-1307 (Unspecified vulnerability in Lenovo Intel PRO/1000 LAN adapter before  ...)
 	NOT-FOR-US: Microsoft Windows Driver for Intel PRO/1000 LAN
-CVE-2007-1306
+CVE-2007-1306 (Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote attacker ...)
 	{DSA-1358-1}
 	- asterisk 1:1.2.16~dfsg-1 (medium)
-CVE-2007-1305
+CVE-2007-1305 (Multiple cross-site scripting (XSS) vulnerabilities in add2.php in Sav ...)
 	NOT-FOR-US: Sava's Guestbook
-CVE-2007-1304
+CVE-2007-1304 (Multiple SQL injection vulnerabilities in add2.php in Sava's Guestbook ...)
 	NOT-FOR-US: Sava's Guestbook
-CVE-2007-1303
+CVE-2007-1303 (Directory traversal vulnerability in rb.cgi in RRDBrowse 1.6 and earli ...)
 	NOT-FOR-US: RRDBrowse
-CVE-2007-1302
+CVE-2007-1302 (SQL injection vulnerability in guestbook.php in LI-Guestbook 1.1, when ...)
 	NOT-FOR-US: LI-Guestbook
-CVE-2007-1301
+CVE-2007-1301 (Stack-based buffer overflow in the IMAP service in MailEnable Enterpri ...)
 	NOT-FOR-US: MailEnable Enterprise
-CVE-2007-1300
+CVE-2007-1300 (DOURAN Software Technologies ISPUtil 3.32.84.1, and possibly earlier v ...)
 	NOT-FOR-US: ISPUtil
-CVE-2007-1299
+CVE-2007-1299 (PHP remote file inclusion vulnerability in index.php in Mani Stats Rea ...)
 	NOT-FOR-US: Mani Stats Reader
-CVE-2007-1298
+CVE-2007-1298 (SQL injection vulnerability in subcat.php in AJ Auction 1.0 allows rem ...)
 	NOT-FOR-US: AJ Auction
-CVE-2007-1297
+CVE-2007-1297 (SQL injection vulnerability in view_profile.php in AJDating 1.0 allows ...)
 	NOT-FOR-US: AJ Dating
-CVE-2007-1296
+CVE-2007-1296 (SQL injection vulnerability in postingdetails.php in AJ Classifieds 1. ...)
 	NOT-FOR-US: AJ Classifieds
-CVE-2007-1295
+CVE-2007-1295 (SQL injection vulnerability in topic_title.php in AJ Forum 1.0 allows  ...)
 	NOT-FOR-US: AJ Forum
-CVE-2007-1294
+CVE-2007-1294 (A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in D ...)
 	NOT-FOR-US: DivXBrowserPlugin ActiveX control
-CVE-2007-1293
+CVE-2007-1293 (SQL injection vulnerability in Rigter Portal System (RPS) 6.2, when ma ...)
 	NOT-FOR-US: Rigter Portal System
-CVE-2007-1292
+CVE-2007-1292 (SQL injection vulnerability in inlinemod.php in Jelsoft vBulletin befo ...)
 	NOT-FOR-US: vBulletin
-CVE-2007-1291
+CVE-2007-1291 (Multiple cross-site scripting (XSS) vulnerabilities in Tyger Bug Track ...)
 	NOT-FOR-US: TygerBT
-CVE-2007-1290
+CVE-2007-1290 (SQL injection vulnerability in ViewReport.php in Tyger Bug Tracking Sy ...)
 	NOT-FOR-US: TygerBT
-CVE-2007-1289
+CVE-2007-1289 (SQL injection vulnerability in ViewBugs.php in Tyger Bug Tracking Syst ...)
 	NOT-FOR-US: TygerBT
-CVE-2007-1288
+CVE-2007-1288 (Multiple PHP remote file inclusion vulnerabilities in Webmobo WB News  ...)
 	NOT-FOR-US: WB News
 CVE-2007-XXXX [unsafe temporary file in lintian's objdump-info]
 	- lintian 1.23.28 (low)
 	[sarge] - lintian <not-affected> (Vulnerable code not present)
-CVE-2007-1287
+CVE-2007-1287 (A regression error in the phpinfo function in PHP 4.4.3 to 4.4.6, and  ...)
 	- php4 <removed> (unimportant)
 	[sarge] - php4 <not-affected> (Regression introduced in 4.4.3)
 	NOTE: Non-issue, explicit debug feature
-CVE-2007-1286
+CVE-2007-1286 (Integer overflow in PHP 4.4.4 and earlier allows remote context-depend ...)
 	{DSA-1283-1 DSA-1282-1 DTSA-39-1 DTSA-40-1}
 	- php4 6:4.4.6-1 (low)
 	- php5 5.2.0-11 (low)
-CVE-2007-1285
+CVE-2007-1285 (The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows  ...)
 	- php5 5.2.2-1 (unimportant)
 	- php4 <removed> (unimportant)
 	NOTE: Needs to be sanisited within apps, only crashes the current instance anyway
@@ -13039,20 +13039,20 @@ CVE-2007-1284
 	RESERVED
 CVE-2007-1283
 	RESERVED
-CVE-2007-1282
+CVE-2007-1282 (Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey  ...)
 	{DSA-1336-1}
 	- icedove 1.5.0.10.dfsg1-1 (medium)
-CVE-2007-1281
+CVE-2007-1281 (Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux  ...)
 	NOT-FOR-US: Kaspersky AntiVirus Engine
-CVE-2007-1280
+CVE-2007-1280 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and  ...)
 	NOT-FOR-US: Adobe
-CVE-2007-1279
+CVE-2007-1279 (Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 upda ...)
 	NOT-FOR-US: Adobe
-CVE-2007-1278
+CVE-2007-1278 (Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updat ...)
 	NOT-FOR-US: Adobe JRun and Coldfusion
-CVE-2007-1277
+CVE-2007-1277 (WordPress 2.1.1, as downloaded from some official distribution sites d ...)
 	- wordpress <not-affected> (orig.tar.gz not compromised)
-CVE-2007-1276
+CVE-2007-1276 (Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in  ...)
 	- webmin <removed>
 CVE-2007-1275
 	RESERVED
@@ -13061,427 +13061,427 @@ CVE-2007-1274
 CVE-2007-XXXX [buffer overruns in GIT's http-push.c, fixed in 1.5.0.3]
 	- git-core 1:1.5.0.3-1 (bug #413629; low)
 	[etch] - git-core 1:1.4.4.4-2 (bug #413629; low)
-CVE-2007-1273
+CVE-2007-1273 (Integer overflow in the ktruser function in NetBSD-current before 2006 ...)
 	NOT-FOR-US: NetBSD Kernel
 CVE-2007-1272
 	RESERVED
-CVE-2007-1271
+CVE-2007-1271 (Buffer overflow in VMware ESX Server 3.0.0 and 3.0.1 might allow attac ...)
 	NOT-FOR-US: VMware ESX Server
-CVE-2007-1270
+CVE-2007-1270 (Double free vulnerability in VMware ESX Server 3.0.0 and 3.0.1 allows  ...)
 	NOT-FOR-US: VMware ESX Server
-CVE-2007-1269
+CVE-2007-1269 (GNUMail 1.1.2 and earlier does not properly use the --status-fd argume ...)
 	- gnumail <unfixed> (unimportant)
 	NOTE: this is a "feature request", since gnupg is fixed from CVE-2007-1263
-CVE-2007-1268
+CVE-2007-1268 (Mutt 1.5.13 and earlier does not properly use the --status-fd argument ...)
 	- mutt <unfixed> (unimportant)
 	NOTE: this is a "feature request", since gnupg is fixed from CVE-2007-1263
-CVE-2007-1267
+CVE-2007-1267 (Sylpheed 2.2.7 and earlier does not properly use the --status-fd argum ...)
 	- sylpheed <unfixed> (unimportant)
 	NOTE: this is a "feature request", since gnupg is fixed from CVE-2007-1263
-CVE-2007-1266
+CVE-2007-1266 (Evolution 2.8.1 and earlier does not properly use the --status-fd argu ...)
 	- evolution <unfixed> (unimportant)
 	NOTE: this is a "feature request", since gnupg is fixed from CVE-2007-1263
-CVE-2007-1265
+CVE-2007-1265 (KMail 1.9.5 and earlier does not properly use the --status-fd argument ...)
 	- kdepim <unfixed> (unimportant)
 	NOTE: this is a "feature request", since gnupg is fixed from CVE-2007-1263
-CVE-2007-1264
+CVE-2007-1264 (Enigmail 0.94.2 and earlier does not properly use the --status-fd argu ...)
 	- enigmail 2:0.95.0+1-1 (unimportant; bug #415225)
 	NOTE: this is a "feature request", since gnupg is fixed from CVE-2007-1263
-CVE-2007-1263
+CVE-2007-1263 (GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the comm ...)
 	{DSA-1266-1}
 	- gnupg 1.4.6-2 (bug #413922; low)
 	- gpgme1.0 1.1.2-3 (bug #414170; low)
 	- gnupg2 2.0.3-1
 	[sarge] - gnupg2 <no-dsa> (Minor issue)
 	[etch] - gnupg2 <no-dsa> (Minor issue)
-CVE-2007-1262
+CVE-2007-1262 (Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter ...)
 	{DSA-1290-1}
 	- squirrelmail 2:1.4.10a-1
-CVE-2007-1261
+CVE-2007-1261 (Unspecified vulnerability in the reports system in OpenBiblio before 0 ...)
 	NOT-FOR-US: OpenBiblio
-CVE-2007-1260
+CVE-2007-1260 (Stack-based buffer overflow in the connectHandle function in server.cp ...)
 	NOT-FOR-US: WebMod
-CVE-2007-1259
+CVE-2007-1259 (Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have unk ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1258
+CVE-2007-1258 (Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1257
+CVE-2007-1257 (The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1256
+CVE-2007-1256 (Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address b ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: Not exploitable
-CVE-2007-1255
+CVE-2007-1255 (Unrestricted file upload vulnerability in admin.bbcode.php in Connecti ...)
 	NOT-FOR-US: Connectix Boards
-CVE-2007-1254
+CVE-2007-1254 (SQL injection vulnerability in part.userprofile.php in Connectix Board ...)
 	NOT-FOR-US: Connectix Boards
-CVE-2007-1253
+CVE-2007-1253 (Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script f ...)
 	- blender 2.42a-6 (medium)
 	[sarge] - blender <not-affected> (bug was introduced in version 2.42)
 	NOTE: http://lists.alioth.debian.org/pipermail/secure-testing-team/2007-March/001095.html
-CVE-2007-1252
+CVE-2007-1252 (Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 17 ...)
 	NOT-FOR-US: Symantec Mail Security
-CVE-2007-1251
+CVE-2007-1251 (Format string vulnerability in the new_warning function in ntserv/warn ...)
 	NOT-FOR-US: Netrek Vanilla Server
-CVE-2007-1250
+CVE-2007-1250 (SQL injection vulnerability in section/default.asp in ANGEL Learning M ...)
 	NOT-FOR-US: Learning Management Suite
-CVE-2007-1249
+CVE-2007-1249 (MoveSortedContentAction in C1 Financial Services Contelligent 9.1.4 do ...)
 	NOT-FOR-US: Contelligent
-CVE-2007-1248
+CVE-2007-1248 (Multiple cross-site scripting (XSS) vulnerabilities in built2go News M ...)
 	NOT-FOR-US: News Manager Blog
-CVE-2007-1247
+CVE-2007-1247 (Multiple PHP remote file inclusion vulnerabilities in aWeb Labs aWebNe ...)
 	NOT-FOR-US: aWebNews
-CVE-2007-1246
+CVE-2007-1246 (The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in ...)
 	{DSA-1536-1}
 	- mplayer 1.0~rc1-13 (bug #414075; medium)
 	- xine-lib 1.1.2+dfsg-3 (bug #414072; medium)
 	[etch] - mplayer 1.0~rc1-12etch
 	[sarge] - xine-lib <no-dsa> (Only affects external, proprietary w32codecs addons)
 	NOTE: vlc checked, and is not affected.
-CVE-2007-1245
+CVE-2007-1245 (IrfanView 3.99 allows remote attackers to cause a denial of service (a ...)
 	NOT-FOR-US: IrfanView
-CVE-2007-1244
+CVE-2007-1244 (Cross-site request forgery (CSRF) vulnerability in the AdminPanel in W ...)
 	- wordpress 2.1.2-1 (medium)
 	[etch] - wordpress 2.0.10
-CVE-2007-1243
+CVE-2007-1243 (Audins Audiens 3.3 allows remote attackers to bypass authentication an ...)
 	NOT-FOR-US: Audins Audiens
-CVE-2007-1242
+CVE-2007-1242 (SQL injection vulnerability in system/index.php in Audins Audiens 3.3  ...)
 	NOT-FOR-US: Audins Audiens
-CVE-2007-1241
+CVE-2007-1241 (Cross-site scripting (XSS) vulnerability in setup.php in Audins Audien ...)
 	NOT-FOR-US: Audins Audiens
-CVE-2007-1240
+CVE-2007-1240 (Multiple cross-site scripting (XSS) vulnerabilities in Docebo CMS 3.0. ...)
 	NOT-FOR-US: Docebo CMS
-CVE-2007-1239
+CVE-2007-1239 (Microsoft Excel 2003 does not properly parse .XLS files, which allows  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2007-1238
+CVE-2007-1238 (Microsoft Office 2003 allows user-assisted remote attackers to cause a ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2007-1237
+CVE-2007-1237 (sitex allows remote attackers to obtain potentially sensitive informat ...)
 	NOT-FOR-US: sitex
-CVE-2007-1236
+CVE-2007-1236 (sitex allows remote attackers to obtain sensitive information via a re ...)
 	NOT-FOR-US: sitex
-CVE-2007-1235
+CVE-2007-1235 (Unrestricted file upload vulnerability in sitex allows remote attacker ...)
 	NOT-FOR-US: sitex
-CVE-2007-1234
+CVE-2007-1234 (Multiple cross-site scripting (XSS) vulnerabilities in sitex allow rem ...)
 	NOT-FOR-US: sitex
-CVE-2007-1233
+CVE-2007-1233 (PHP remote file inclusion vulnerability in downloadcounter.php in STWC ...)
 	NOT-FOR-US: STWC-Counter
-CVE-2007-1232
+CVE-2007-1232 (Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote ...)
 	NOT-FOR-US: SQLiteManager
-CVE-2007-1231
+CVE-2007-1231 (Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1 ...)
 	NOT-FOR-US: SQLiteManager
-CVE-2007-1230
+CVE-2007-1230 (Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/fun ...)
 	- wordpress 2.1.2-1 (medium)
 	[etch] - wordpress 2.0.10
-CVE-2007-1229
+CVE-2007-1229 (Cross-site scripting (XSS) vulnerability in the Nullsoft ShoutcastServ ...)
 	NOT-FOR-US: Nullsoft ShoutcastServer
-CVE-2007-1228
+CVE-2007-1228 (IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-1227
+CVE-2007-1227 (VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 al ...)
 	NOT-FOR-US: McAfee VirusScan
-CVE-2007-1226
+CVE-2007-1226 (McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak permissio ...)
 	NOT-FOR-US: McAfee VirusScan
-CVE-2007-1225
+CVE-2007-1225 (The connection log file implementation in Grok Developments NetProxy 4 ...)
 	NOT-FOR-US: Grok Developments NetProxy
-CVE-2007-1224
+CVE-2007-1224 (Grok Developments NetProxy 4.03 allows remote attackers to bypass URL  ...)
 	NOT-FOR-US: Grok Developments NetProxy
-CVE-2007-1223
+CVE-2007-1223 (Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows  ...)
 	NOT-FOR-US: Hitachi OSAS/FT/W
-CVE-2007-1222
+CVE-2007-1222 (Parallels Desktop for Mac before 20070216 implements Drag and Drop by  ...)
 	NOT-FOR-US: Parallels Desktop
-CVE-2007-1221
+CVE-2007-1221 (The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 allows attac ...)
 	NOT-FOR-US: Microsoft Xbox 360
-CVE-2007-1220
+CVE-2007-1220 (The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 does not pro ...)
 	NOT-FOR-US: Microsoft Xbox 360
-CVE-2007-1219
+CVE-2007-1219 (PHP remote file inclusion vulnerability in actions/del.php in Admin Ph ...)
 	NOT-FOR-US: Phorum
-CVE-2007-1217
+CVE-2007-1217 (Buffer overflow in the bufprint function in capiutil.c in libcapi, as  ...)
 	- isdnutils 1:3.9.20060704-3 (bug #408530; low)
 	[sarge] - isdnutils <no-dsa> (Not exploitable over ISDN network)
 	- asterisk-chan-capi 0.7.1-1.1 (bug #411293; unimportant)
 	- linux-2.6 2.6.21-1 (bug #411294; unimportant)
 	NOTE: Not exploitable over ISDN network, only theoretically through a dedicated CAPI server
-CVE-2007-1216
+CVE-2007-1216 (Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5un ...)
 	{DSA-1276-1}
 	- krb5 1.4.4-8 (high)
-CVE-2007-1215
+CVE-2007-1215 (Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Wi ...)
 	NOT-FOR-US: Microsoft GDI
-CVE-2007-1214
+CVE-2007-1214 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 fo ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-1213
+CVE-2007-1213 (The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows loc ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1212
+CVE-2007-1212 (Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Wi ...)
 	NOT-FOR-US: Microsoft GDI
-CVE-2007-1211
+CVE-2007-1211 (Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2 ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2007-1210
 	REJECTED
-CVE-2007-1209
+CVE-2007-1209 (Use-after-free vulnerability in the Client/Server Run-time Subsystem ( ...)
 	NOT-FOR-US: Windows Vista
 CVE-2007-1208
 	REJECTED
 CVE-2007-1207
 	REJECTED
-CVE-2007-1206
+CVE-2007-1206 (The Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1205
+CVE-2007-1205 (Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1204
+CVE-2007-1204 (Stack-based buffer overflow in the Universal Plug and Play (UPnP) serv ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1203
+CVE-2007-1203 (Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003  ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-1202
+CVE-2007-1202 (Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2,  ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2007-1201
+CVE-2007-1201 (Unspecified vulnerability in certain COM objects in Microsoft Office W ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2007-1200
 	RESERVED
-CVE-2007-1199
+CVE-2007-1199 (Adobe Reader and Acrobat Trial allow remote attackers to read arbitrar ...)
 	NOT-FOR-US: Acrobat Reader
-CVE-2007-1198
+CVE-2007-1198 (Cross-site scripting (XSS) vulnerability in TaskFreak! before 0.5.7 al ...)
 	NOT-FOR-US: TaskFreak!
-CVE-2007-1197
+CVE-2007-1197 (Multiple unspecified vulnerabilities in Epiware before 4.7.5 have unkn ...)
 	NOT-FOR-US: Epiware
-CVE-2007-1196
+CVE-2007-1196 (Unspecified vulnerability in Citrix Presentation Server Client for Win ...)
 	NOT-FOR-US: Citrix
-CVE-2007-1195
+CVE-2007-1195 (Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow r ...)
 	NOT-FOR-US: XM Easy Personal FTP Server
-CVE-2007-1194
+CVE-2007-1194 (Norman SandBox Analyzer does not use the proper range for Interrupt De ...)
 	NOT-FOR-US: SandBox Analyzer
-CVE-2007-1193
+CVE-2007-1193 (Multiple unspecified vulnerabilities in the Login page in OrangeHRM be ...)
 	NOT-FOR-US: OrangeHRM
-CVE-2007-1192
+CVE-2007-1192 (Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive informati ...)
 	NOT-FOR-US: HyperBook Guestbook
-CVE-2007-1191
+CVE-2007-1191 (The Social Bookmarks (del.icio.us) plug-in 8F in Quicksilver writes us ...)
 	NOT-FOR-US: Quicksilver plugin Social Bookmarks
-CVE-2007-1190
+CVE-2007-1190 (Unspecified vulnerability in the EmbeddedWB Web Browser ActiveX contro ...)
 	NOT-FOR-US: EmbeddedWB ActiveX control
-CVE-2007-1189
+CVE-2007-1189 (Integer overflow in the envwrite function in the Alcatel-Lucent Bell L ...)
 	NOT-FOR-US: Alcatel-Lucent Bell Labs Plan 9
-CVE-2007-1188
+CVE-2007-1188 (WebAPP before 0.9.9.5 allows remote attackers to submit Search form in ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1187
+CVE-2007-1187 (WebAPP before 0.9.9.5 allows remote authenticated users, without admin ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1186
+CVE-2007-1186 (WebAPP before 0.9.9.5 does not "censor" the Latest Member real name, w ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1185
+CVE-2007-1185 (The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1184
+CVE-2007-1184 (The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA setti ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1183
+CVE-2007-1183 (WebAPP before 0.9.9.5 allows remote authenticated users to spoof anoth ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1182
+CVE-2007-1182 (WebAPP before 0.9.9.5 allows remote Guest users to edit a Guest profil ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1181
+CVE-2007-1181 (WebAPP before 0.9.9.5 passes (1) Unused Informations and (2) the usern ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1180
+CVE-2007-1180 (WebAPP before 0.9.9.5 does not check referrers in certain forms, which ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1179
+CVE-2007-1179 (WebAPP before 0.9.9.5 does not properly manage e-mail addresses in cer ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1178
+CVE-2007-1178 (WebAPP before 0.9.9.5 does not check access in certain contexts relate ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1177
+CVE-2007-1177 (WebAPP before 0.9.9.5 does not properly filter certain characters in c ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1176
+CVE-2007-1176 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP before 0 ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1175
+CVE-2007-1175 (Cross-site scripting (XSS) vulnerability in an admin feature in WebAPP ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1174
+CVE-2007-1174 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP before 2 ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1173
+CVE-2007-1173 (Multiple buffer overflows in the CentennialIPTransferServer service (X ...)
 	NOT-FOR-US: CentennialIPTransferServer
-CVE-2007-1172
+CVE-2007-1172 (SQL injection vulnerability in nukesentinel.php in NukeSentinel 2.5.05 ...)
 	NOT-FOR-US: WebAPP
-CVE-2007-1171
+CVE-2007-1171 (SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2 ...)
 	NOT-FOR-US: NukeSentinel
-CVE-2007-1170
+CVE-2007-1170 (SimBin GTR - FIA GT Racing Game 1.5.0.0 and earlier, GT Legends 1.1.0. ...)
 	NOT-FOR-US: SimBin Racing
-CVE-2007-1169
+CVE-2007-1169 (The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25,  ...)
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-1168
+CVE-2007-1168 (Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 2 ...)
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-1167
+CVE-2007-1167 (inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and ear ...)
 	NOT-FOR-US: Clanportal
-CVE-2007-1166
+CVE-2007-1166 (SQL injection vulnerability in result.php in Nabopoll 1.2 allows remot ...)
 	NOT-FOR-US: Nabopoll
-CVE-2007-1165
+CVE-2007-1165 (Multiple PHP remote file inclusion vulnerabilities in DBGuestbook 1.1  ...)
 	NOT-FOR-US: DBGuestbook
-CVE-2007-1164
+CVE-2007-1164 (Multiple PHP remote file inclusion vulnerabilities in DBImageGallery 1 ...)
 	NOT-FOR-US: DBImageGallery
-CVE-2007-1163
+CVE-2007-1163 (SQL injection vulnerability in printview.php in webSPELL 4.01.02 and e ...)
 	NOT-FOR-US: webSPELL
-CVE-2007-1162
+CVE-2007-1162 (A certain ActiveX control in the Common Controls Replacement Project ( ...)
 	NOT-FOR-US: Common Controls ActiveX control
-CVE-2007-1161
+CVE-2007-1161 (Cross-site scripting (XSS) vulnerability in call_entry.php in Call Cen ...)
 	NOT-FOR-US: Call Center Software
-CVE-2007-1218
+CVE-2007-1218 (Off-by-one buffer overflow in the parse_elements function in the 802.1 ...)
 	{DSA-1272-1}
 	- tcpdump 3.9.5-2 (bug #413430; low)
-CVE-2007-1160
+CVE-2007-1160 (webSPELL 4.0, and possibly later versions, allows remote attackers to  ...)
 	NOT-FOR-US: webSPELL
-CVE-2007-1159
+CVE-2007-1159 (Cross-site scripting (XSS) vulnerability in modules/out.php in Pyropho ...)
 	NOT-FOR-US: Pyrophobia
-CVE-2007-1158
+CVE-2007-1158 (Directory traversal vulnerability in index.php in the Pagesetter 6.2.0 ...)
 	NOT-FOR-US: Pagesetter
-CVE-2007-1157
+CVE-2007-1157 (Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAda ...)
 	NOT-FOR-US: JBoss
-CVE-2007-1156
+CVE-2007-1156 (JBrowser allows remote attackers to bypass authentication and access c ...)
 	NOT-FOR-US: JBrowser
-CVE-2007-1155
+CVE-2007-1155 (Unrestricted file upload vulnerability in webSPELL allows remote authe ...)
 	NOT-FOR-US: webSPELL
-CVE-2007-1154
+CVE-2007-1154 (SQL injection vulnerability in webSPELL allows remote attackers to exe ...)
 	NOT-FOR-US: webSPELL
-CVE-2007-1153
+CVE-2007-1153 (Multiple PHP remote file inclusion vulnerabilities in CutePHP CuteNews ...)
 	NOT-FOR-US: CuteNews
-CVE-2007-1152
+CVE-2007-1152 (Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 all ...)
 	NOT-FOR-US: Pyrophobia
-CVE-2007-1151
+CVE-2007-1151 (Cross-site scripting (XSS) vulnerability in LoveCMS 1.4 allows remote  ...)
 	NOT-FOR-US: LoveCMS
-CVE-2007-1150
+CVE-2007-1150 (Unrestricted file upload vulnerability in LoveCMS 1.4 allows remote au ...)
 	NOT-FOR-US: LoveCMS
-CVE-2007-1149
+CVE-2007-1149 (Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remo ...)
 	NOT-FOR-US: LoveCMS
-CVE-2007-1148
+CVE-2007-1148 (PHP remote file inclusion vulnerability in install/index.php in LoveCM ...)
 	NOT-FOR-US: LoveCMS
-CVE-2007-1147
+CVE-2007-1147 (PHP remote file inclusion vulnerability in view.php in hbm allows remo ...)
 	NOT-FOR-US: hbm
-CVE-2007-1146
+CVE-2007-1146 (PHP remote file inclusion vulnerability in function.php in arabhost al ...)
 	NOT-FOR-US: arabhost
-CVE-2007-1145
+CVE-2007-1145 (Multiple cross-site scripting (XSS) vulnerabilities in Kayako SupportS ...)
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2007-1144
+CVE-2007-1144 (Directory traversal vulnerability in jwpn-photos.php in J-Web Pics Nav ...)
 	NOT-FOR-US: J-Web Pics Navigator
-CVE-2007-1143
+CVE-2007-1143 (Directory traversal vulnerability in pn-menu.php in J-Web Pics Navigat ...)
 	NOT-FOR-US: J-Web Pics Navigator
-CVE-2007-1142
+CVE-2007-1142 (Cross-site scripting (XSS) vulnerability in Magic News Plus 1.0.2 allo ...)
 	NOT-FOR-US: Magic News Plus
-CVE-2007-1141
+CVE-2007-1141 (PHP remote file inclusion vulnerability in preview.php in Magic News P ...)
 	NOT-FOR-US: Magic News Plus
-CVE-2007-1140
+CVE-2007-1140 (Directory traversal vulnerability in edit.php in pheap allows remote a ...)
 	NOT-FOR-US: pheap
-CVE-2007-1139
+CVE-2007-1139 (Unrestricted file upload vulnerability in Cromosoft Simple Plantilla P ...)
 	NOT-FOR-US: Simple Plantilla PHP
-CVE-2007-1138
+CVE-2007-1138 (Absolute path traversal vulnerability in list_main_pages.php in Cromos ...)
 	NOT-FOR-US: Simple Plantilla PHP
-CVE-2007-1137
+CVE-2007-1137 (putmail.py in Putmail before 1.4 does not detect when a user attempts  ...)
 	NOT-FOR-US: Putmail
-CVE-2007-1136
+CVE-2007-1136 (index.php in WebMplayer before 0.6.1-Alpha allows remote attackers to  ...)
 	NOT-FOR-US: WebMplayer
-CVE-2007-1135
+CVE-2007-1135 (Multiple SQL injection vulnerabilities in WebMplayer before 0.6.1-Alph ...)
 	NOT-FOR-US: WebMplayer
-CVE-2007-1134
+CVE-2007-1134 (Unspecified vulnerability in Watchtower (WT) before 0.12 has unknown i ...)
 	NOT-FOR-US: Watchtower
-CVE-2007-1133
+CVE-2007-1133 (PHP remote file inclusion vulnerability in fcring.php in FCRing 1.3 al ...)
 	NOT-FOR-US: FCRing
-CVE-2007-1132
+CVE-2007-1132 (Multiple cross-site scripting (XSS) vulnerabilities in the "Contact Us ...)
 	NOT-FOR-US: MTCMS
-CVE-2007-1131
+CVE-2007-1131 (PHP remote file inclusion vulnerability in sinapis.php in Sinapis Foru ...)
 	NOT-FOR-US: Sinapis Forum
-CVE-2007-1130
+CVE-2007-1130 (PHP remote file inclusion vulnerability in sinagb.php in Sinapis Gaste ...)
 	NOT-FOR-US: Sinapis Gastebuch
-CVE-2007-1129
+CVE-2007-1129 (Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow r ...)
 	NOT-FOR-US: MTCMS
-CVE-2007-1128
+CVE-2007-1128 (shopkitplus allows remote attackers to obtain sensitive information vi ...)
 	NOT-FOR-US: shopkitplus
-CVE-2007-1127
+CVE-2007-1127 (Directory traversal vulnerability in enc/stylecss.php in shopkitplus a ...)
 	NOT-FOR-US: shopkitplus
-CVE-2007-1126
+CVE-2007-1126 (Directory traversal vulnerability in index.php in xtcommerce allows re ...)
 	NOT-FOR-US: xtcommerce
-CVE-2007-1125
+CVE-2007-1125 (Cross-site scripting (XSS) vulnerability in gallery.php in XeroXer Sim ...)
 	NOT-FOR-US: XeroXer Simple
-CVE-2007-1124
+CVE-2007-1124 (Directory traversal vulnerability in gallery.php in XeroXer Simple one ...)
 	NOT-FOR-US: XeroXer Simple
-CVE-2007-1123
+CVE-2007-1123 (Multiple PHP remote file inclusion vulnerabilities in ZPanel 2.0 allow ...)
 	NOT-FOR-US: ZPanel
-CVE-2007-1122
+CVE-2007-1122 (Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens Zephy ...)
 	NOT-FOR-US: ZephyrSoft Toolbox Address Book Continued
-CVE-2007-1121
+CVE-2007-1121 (Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens Zephy ...)
 	NOT-FOR-US: ZephyrSoft Toolbox Address Book Continued
-CVE-2007-1120
+CVE-2007-1120 (The (1) Import.LoadFromURL and (2) Export.asText.SaveToFile functions  ...)
 	NOT-FOR-US: TeeChart Pro ActiveX control
-CVE-2007-1119
+CVE-2007-1119 (Unspecified vulnerability in Novell ZENworks 7 Desktop Management Supp ...)
 	NOT-FOR-US: Novell ZENworks
-CVE-2007-1118
+CVE-2007-1118 (Multiple PHP remote file inclusion vulnerabilities in eFiction 3.1.1 a ...)
 	NOT-FOR-US: eFiction
-CVE-2007-1117
+CVE-2007-1117 (Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 a ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2007-1116
+CVE-2007-1116 (The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI  ...)
 	{DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1 DTSA-51-1}
 	- iceweasel 2.0.0.4-1 (low)
 	- iceape 1.1.2-1 (low)
 	- xulrunner 1.8.1.4-1 (bug #415919; bug #415944; bug #415945; low)
 	NOTE: according to a blog comment at http://www.gnucitizen.org/projects/hscan-redux/,
 	NOTE: older mozillas are not vulnerable
-CVE-2007-1115
+CVE-2007-1115 (The child frames in Opera 9 before 9.20 inherit the default charset fr ...)
 	NOT-FOR-US: Opera
-CVE-2007-1114
+CVE-2007-1114 (The child frames in Microsoft Internet Explorer 7 inherit the default  ...)
 	NOT-FOR-US: Microsoft IE
 CVE-2007-1113
 	RESERVED
-CVE-2007-1112
+CVE-2007-1112 (Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe meth ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2007-1111
+CVE-2007-1111 (Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar  ...)
 	NOT-FOR-US: ActiveCalendar
-CVE-2007-1110
+CVE-2007-1110 (Directory traversal vulnerability in data/showcode.php in ActiveCalend ...)
 	NOT-FOR-US: ActiveCalendar
-CVE-2007-1109
+CVE-2007-1109 (Multiple cross-site scripting (XSS) vulnerabilities in Phpwebgallery 1 ...)
 	NOT-FOR-US: Phpwebgallery
-CVE-2007-1108
+CVE-2007-1108 (PHP remote file inclusion vulnerability in index.php in Christian Schn ...)
 	NOT-FOR-US: CS-Gallery
-CVE-2007-1107
+CVE-2007-1107 (SQL injection vulnerability in thumbnails.php in Coppermine Photo Gall ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-1106
+CVE-2007-1106 (PHP remote file inclusion vulnerability in includes/functions_nomoketo ...)
 	NOT-FOR-US: NoMoKeTos Rules
-CVE-2007-1105
+CVE-2007-1105 (PHP remote file inclusion vulnerability in functions.php in Extreme ph ...)
 	NOT-FOR-US: phpBB Extreme
-CVE-2007-1104
+CVE-2007-1104 (PHP remote file inclusion vulnerability in top.php in PHP Module Imple ...)
 	NOT-FOR-US: PHP Module Implementation
-CVE-2007-1103
+CVE-2007-1103 (Tor does not verify a node's uptime and bandwidth advertisements, whic ...)
 	- tor <unfixed> (unimportant)
 	NOTE: Minor issue, just puts more noise on the node
-CVE-2007-1102
+CVE-2007-1102 (Photostand 1.2.0 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Photostand
-CVE-2007-1101
+CVE-2007-1101 (Multiple cross-site scripting (XSS) vulnerabilities in Photostand 1.2. ...)
 	NOT-FOR-US: Photostand
-CVE-2007-1100
+CVE-2007-1100 (Directory traversal vulnerability in download.php in Ahmet Sacan Pickl ...)
 	NOT-FOR-US: Pickle
-CVE-2007-1099
+CVE-2007-1099 (dbclient in Dropbear SSH client before 0.49 does not sufficiently warn ...)
 	- dropbear 0.49-1 (unimportant; bug #412899)
 	[etch] - dropbear 0.48.1-2 (unimportant)
 	NOTE: That's a lack of a security feature (strict hostkey checking in openssh
 	NOTE: termininoloy) and an awkward interface, but not a vulnerability per se
 	NOTE: Especially as dropbear is specifically labeled a stripped down SSH implementation
-CVE-2007-1098
+CVE-2007-1098 (Multiple unspecified vulnerabilities in ScryMUD before 2.1.11 have unk ...)
 	NOT-FOR-US: ScryMUD
-CVE-2007-1097
+CVE-2007-1097 (Unrestricted file upload vulnerability in the onAttachFiles function i ...)
 	NOT-FOR-US: Wiclear
-CVE-2007-1096
+CVE-2007-1096 (Cross-site scripting (XSS) vulnerability in ps_cart.php in VirtueMart  ...)
 	NOT-FOR-US: VirtueMart
-CVE-2007-1095
+CVE-2007-1095 (Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not prope ...)
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1 (low; bug #445514)
 	- xulrunner 1.8.1.9-1
 	- iceape 1.1.5
 	NOTE: MFSA2007-30
-CVE-2007-1094
+CVE-2007-1094 (Microsoft Internet Explorer 7 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Microsoft IE
-CVE-2007-1093
+CVE-2007-1093 (Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager ( ...)
 	NOT-FOR-US: Network Node Manager
-CVE-2007-1092
+CVE-2007-1092 (Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow  ...)
 	- iceweasel 2.0.0.2+dfsg-1 (low)
-CVE-2007-1091
+CVE-2007-1091 (Microsoft Internet Explorer 7 allows remote attackers to prevent users ...)
 	NOT-FOR-US: Microsoft IE
-CVE-2007-1090
+CVE-2007-1090 (Microsoft Windows Explorer on Windows XP and 2003 allows remote user-a ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1089
+CVE-2007-1089 (IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local u ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-1088
+CVE-2007-1088 (Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and 9. ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-1087
+CVE-2007-1087 (IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not pr ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-1086
+CVE-2007-1086 (Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 befor ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-1085
+CVE-2007-1085 (Cross-site scripting (XSS) vulnerability in Google Desktop allows remo ...)
 	NOT-FOR-US: Google Desktop
-CVE-2007-1084
+CVE-2007-1084 (Mozilla Firefox 2.0.0.1 and earlier does not prompt users before savin ...)
 	- iceweasel <removed> (unimportant; bug #556268)
 	- iceape <removed> (unimportant)
 	- epiphany-browser <unfixed> (unimportant; bug #556272)
@@ -13491,96 +13491,96 @@ CVE-2007-1084
 	[lenny] - kazehakase 0.5.4-2lenny1
 	- conkeror <not-affected> (doesn't support bookmarks)
 	- webkit <not-affected> (doesn't support javascript embedded in bookmarks)
-CVE-2007-1083
+CVE-2007-1083 (Buffer overflow in the Configuration Checker (ConfigChk) ActiveX contr ...)
 	NOT-FOR-US: ConfigChk ActiveX control
-CVE-2007-1082
+CVE-2007-1082 (FTP Explorer 1.0.1 Build 047, and other versions before 1.0.1.52, allo ...)
 	NOT-FOR-US: FTP Explorer
-CVE-2007-1081
+CVE-2007-1081 (The start function in class.t3lib_formmail.php in TYPO3 before 4.0.5,  ...)
 	- typo3-src 4.0.5+debian-1
 	[etch] - typo3-src 4.0.2+debian-3
-CVE-2007-1080
+CVE-2007-1080 (Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572 allow  ...)
 	NOT-FOR-US: TurboFTP
-CVE-2007-1079
+CVE-2007-1079 (Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0 ...)
 	NOT-FOR-US: FTP Voyager
-CVE-2007-1078
+CVE-2007-1078 (PHP remote file inclusion vulnerability in index.php in FlashGameScrip ...)
 	NOT-FOR-US: FlashGameScript
-CVE-2007-1077
+CVE-2007-1077 (SQL injection vulnerability in page.asp in Design4Online UserPages2 2. ...)
 	NOT-FOR-US: UserPages2
-CVE-2007-1076
+CVE-2007-1076 (Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and ...)
 	NOT-FOR-US: phpTrafficA
-CVE-2007-1075
+CVE-2007-1075 (TurboFTP 5.30 Build 572 allows remote servers to cause a denial of ser ...)
 	NOT-FOR-US: TurboFTP
-CVE-2007-1074
+CVE-2007-1074 (Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x allo ...)
 	NOT-FOR-US: NewsBin Pro
-CVE-2007-1073
+CVE-2007-1073 (Static code injection vulnerability in install.php in mcRefer allows r ...)
 	NOT-FOR-US: mcRefer
-CVE-2007-1072
+CVE-2007-1072 (The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911 ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1071
+CVE-2007-1071 (Integer overflow in the gifGetBandProc function in ImageIO in Apple Ma ...)
 	NOT-FOR-US: Apple ImageIO
-CVE-2007-1069
+CVE-2007-1069 (The memory management in VMware Workstation before 5.5.4 allows attack ...)
 	NOT-FOR-US: VMware
-CVE-2007-1068
+CVE-2007-1068 (The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, ( ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1067
+CVE-2007-1067 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1066
+CVE-2007-1066 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1065
+CVE-2007-1065 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1064
+CVE-2007-1064 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1063
+CVE-2007-1063 (The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7 ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1062
+CVE-2007-1062 (The Cisco Unified IP Conference Station 7935 3.2(15) and earlier, and  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-1061
+CVE-2007-1061 (SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8 ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-1060
+CVE-2007-1060 (Multiple PHP remote file inclusion vulnerabilities in Interspire SendS ...)
 	NOT-FOR-US: SendStudio
-CVE-2007-1059
+CVE-2007-1059 (PHP remote file inclusion vulnerability in function.php in Ultimate Fu ...)
 	NOT-FOR-US: Ultimate Fun Book
-CVE-2007-1058
+CVE-2007-1058 (SQL injection vulnerability in user_pages/page.asp in Online Web Build ...)
 	NOT-FOR-US: Online Web Building
-CVE-2007-1057
+CVE-2007-1057 (The Net Direct client for Linux before 6.0.5 in Nortel Application Swi ...)
 	NOT-FOR-US: Nortel Application Switch
-CVE-2007-1056
+CVE-2007-1056 (VMware Workstation 5.5.3 build 34685 does not provide per-user restric ...)
 	NOT-FOR-US: VMware
-CVE-2007-1055
+CVE-2007-1055 (Cross-site scripting (XSS) vulnerability in the AJAX features in index ...)
 	- mediawiki 1.7.1-9 (bug #406238; medium)
-CVE-2007-1054
+CVE-2007-1054 (Cross-site scripting (XSS) vulnerability in the AJAX features in index ...)
 	- mediawiki 1.7.1-9 (bug #406238; medium)
 CVE-2007-1053
 	NOT-FOR-US: phpXmms
 CVE-2007-1052
 	NOT-FOR-US: PBLang
-CVE-2007-1051
+CVE-2007-1051 (Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and ...)
 	NOT-FOR-US: Comodo Firewall Pro
-CVE-2007-1050
+CVE-2007-1050 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ab ...)
 	NOT-FOR-US: MyCalendar
-CVE-2007-1048
+CVE-2007-1048 (PHP remote file inclusion vulnerability in admin_rebuild_search.php in ...)
 	NOT-FOR-US: phpbb_wordsearch
-CVE-2007-1047
+CVE-2007-1047 (Unspecified vulnerability in Distributed Checksum Clearinghouse (DCC)  ...)
 	- dcc <removed> (medium; bug #439718)
-CVE-2007-1046
+CVE-2007-1046 (Dem_trac allows remote attackers to read log file contents via a direc ...)
 	NOT-FOR-US: Dem_trac
-CVE-2007-1045
+CVE-2007-1045 (mAlbum 0.3 has default accounts (1) "login"/"pass" for its administrat ...)
 	NOT-FOR-US: mAlbum
-CVE-2007-1044
+CVE-2007-1044 (Pearson Education PowerSchool 4.3.6 allows remote attackers to list th ...)
 	NOT-FOR-US: PowerSchool
-CVE-2007-1043
+CVE-2007-1043 (Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass auth ...)
 	NOT-FOR-US: Ezboo
-CVE-2007-1042
+CVE-2007-1042 (Directory traversal vulnerability in news.php in Xpression News (X-New ...)
 	NOT-FOR-US: Xpression News
-CVE-2007-1041
+CVE-2007-1041 (Multiple stack-based buffer overflows in S&amp;H Computer Systems News ...)
 	NOT-FOR-US: News Rover
-CVE-2007-1040
+CVE-2007-1040 (Directory traversal vulnerability in archives.php in Xpression News (X ...)
 	NOT-FOR-US: Xpression News
-CVE-2007-1039
+CVE-2007-1039 (Unspecified vulnerability in Peanut Knowledge Base (PeanutKB) 0.0.3 an ...)
 	NOT-FOR-US: Peanut Knowledge Base
-CVE-2007-1038
+CVE-2007-1038 (Shemes.com Grabit 1.5.3, and possibly earlier, allows remote attackers ...)
 	NOT-FOR-US: Grabit
-CVE-2007-1037
+CVE-2007-1037 (Stack-based buffer overflow in News File Grabber 4.1.0.1 and earlier a ...)
 	NOT-FOR-US: News File Grabber
 CVE-2007-XXXX [vserver patch allows renice of processes in different context]
 	- linux-2.6 2.6.18.dfsg.1-12 (bug #412143)
@@ -13595,109 +13595,109 @@ CVE-2007-XXXX [amavids-new uses contrib/non-free packers without security suppor
 	- amavisd-new 1:2.5.2-1 (unimportant; bug #410588)
 	NOTE: Doesn't affect a standard Debian installation, only users, which install
 	NOTE: proprietary apps, it should be fixed for sanity, but not a direct vulnerability
-CVE-2007-1049
+CVE-2007-1049 (Cross-site scripting (XSS) vulnerability in the wp_explain_nonce funct ...)
 	{DTSA-34-1}
 	- wordpress 2.1.1-1 (low)
-CVE-2007-1070
+CVE-2007-1070 (Multiple stack-based buffer overflows in Trend Micro ServerProtect for ...)
 	NOT-FOR-US: Trend Micro ServerProtect
-CVE-2007-1036
+CVE-2007-1036 (The default configuration of JBoss does not restrict access to the (1) ...)
 	NOT-FOR-US: JBoss
-CVE-2007-1035
+CVE-2007-1035 (Unspecified vulnerability in certain demonstration scripts in getID3 1 ...)
 	NOT-FOR-US: Mediafield and Audio modules for Drupal
 	NOTE: this is not a php-getid3 problem, but related to the way these modules embed getid3
-CVE-2007-1034
+CVE-2007-1034 (SQL injection vulnerability in the category file in modules.php in the ...)
 	NOT-FOR-US: Emporium for PHP-Nuke
-CVE-2007-1033
+CVE-2007-1033 (Unspecified vulnerability in the Secure site 4.7.x-1.x-dev and 5.x-1.x ...)
 	NOT-FOR-US: Secure site for Drupal
-CVE-2007-1032
+CVE-2007-1032 (Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2007-1031
+CVE-2007-1031 (Directory traversal vulnerability in include/db_conn.php in SpoonLabs  ...)
 	NOT-FOR-US: Vivvo Article Management CMS
-CVE-2007-1030
+CVE-2007-1030 (Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a  ...)
 	- libevent <not-affected> (vulnerable version 1.2 was never uploaded)
-CVE-2007-1029
+CVE-2007-1029 (Stack-based buffer overflow in the Connect method in the IMAP4 compone ...)
 	NOT-FOR-US: Quiksoft EasyMail Objects
-CVE-2007-1028
+CVE-2007-1028 (Cross-site scripting (XSS) vulnerability in the Barry Jaspan Image Pag ...)
 	NOT-FOR-US: Image Pager
-CVE-2007-1027
+CVE-2007-1027 (Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux a ...)
 	NOT-FOR-US: IBM DB2
-CVE-2007-1026
+CVE-2007-1026 (SQL injection vulnerability in view.php in XLAtunes 0.1 and earlier al ...)
 	NOT-FOR-US: XLAtunes
-CVE-2007-1025
+CVE-2007-1025 (PHP remote file inclusion vulnerability in inc/functions_inc.php in VS ...)
 	NOT-FOR-US: VS-Link-Partner
-CVE-2007-1024
+CVE-2007-1024 (PHP remote file inclusion vulnerability in include.php in Meganoide's  ...)
 	NOT-FOR-US: Meganoide's news
-CVE-2007-1023
+CVE-2007-1023 (SQL injection vulnerability in pop_profile.asp in Snitz Forums 2000 3. ...)
 	NOT-FOR-US: Snitz Forums 2000
-CVE-2007-1022
+CVE-2007-1022 (SQL injection vulnerability in h_goster.asp in Turuncu Portal 1.0 allo ...)
 	NOT-FOR-US: Turuncu Portal
-CVE-2007-1021
+CVE-2007-1021 (SQL injection vulnerability in inc_listnews.asp in CodeAvalanche News  ...)
 	NOT-FOR-US: CodeAvalanche News
-CVE-2007-1020
+CVE-2007-1020 (Cross-site scripting (XSS) vulnerability in index.php in CedStat 1.31  ...)
 	NOT-FOR-US: CedStat
-CVE-2007-1019
+CVE-2007-1019 (SQL injection vulnerability in news.php in webSPELL 4.01.02, when regi ...)
 	NOT-FOR-US: webSPELL
-CVE-2007-1018
+CVE-2007-1018 (PHP remote file inclusion vulnerability in tpl/header.php in VirtualSy ...)
 	NOT-FOR-US: VS-News-System
-CVE-2007-1017
+CVE-2007-1017 (PHP remote file inclusion vulnerability in show_news_inc.php in Virtua ...)
 	NOT-FOR-US: VS-News-System
-CVE-2007-1016
+CVE-2007-1016 (SQL injection vulnerability in Aktueldownload Haber script allows remo ...)
 	NOT-FOR-US: Aktueldownload Haber
-CVE-2007-1015
+CVE-2007-1015 (SQL injection vulnerability in HaberDetay.asp in Aktueldownload Haber  ...)
 	NOT-FOR-US: Aktueldownload Haber
-CVE-2007-1014
+CVE-2007-1014 (Stack-based buffer overflow in VicFTPS before 5.0 allows remote attack ...)
 	NOT-FOR-US: VicFTPS
-CVE-2007-1013
+CVE-2007-1013 (PHP remote file inclusion vulnerability in generate.php in VirtualSyst ...)
 	NOT-FOR-US: VirtualSystem Htaccess Password Generator
-CVE-2007-1012
+CVE-2007-1012 (Cross-site scripting (XSS) vulnerability in faq.php in DeskPRO 1.1.0 a ...)
 	NOT-FOR-US: DeskPRO
-CVE-2007-1011
+CVE-2007-1011 (PHP remote file inclusion vulnerability in functions_inc.php in VS-Gas ...)
 	NOT-FOR-US: VS-Gastebuch
-CVE-2007-1010
+CVE-2007-1010 (Multiple PHP remote file inclusion vulnerabilities in ZebraFeeds 1.0,  ...)
 	NOT-FOR-US: ZebraFeeds
-CVE-2007-1009
+CVE-2007-1009 (Macrovision InstallAnywhere Enterprise before 8.0.1 uses the InstallSc ...)
 	NOT-FOR-US: InstallAnywhere
-CVE-2007-1008
+CVE-2007-1008 (Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a de ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2007-1007
+CVE-2007-1007 (Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows r ...)
 	{DSA-1262-1}
 	- gnomemeeting <removed> (high)
-CVE-2007-1006
+CVE-2007-1006 (Multiple format string vulnerabilities in the gm_main_window_flash_mes ...)
 	- ekiga 2.0.3-2.1 (bug #411944; high)
-CVE-2007-1005
+CVE-2007-1005 (Heap-based buffer overflow in SW3eng.exe in the eID Engine service in  ...)
 	NOT-FOR-US: eTrust Intrusion Detection
-CVE-2007-1004
+CVE-2007-1004 (Mozilla Firefox might allow remote attackers to conduct spoofing and p ...)
 	- iceweasel 2.0.0.4-1 (low)
 	- iceape 1.0.9-1 (low)
 	- xulrunner 1.8.0.4-1 (low)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=370555
-CVE-2007-1003
+CVE-2007-1003 (Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList functio ...)
 	{DSA-1294-1}
 	- xorg-server 2:1.1.1-21 (medium)
-CVE-2007-1002
+CVE-2007-1002 (Format string vulnerability in the write_html function in calendar/gui ...)
 	{DSA-1325-1}
 	- evolution 2.10.2-1
 	[sarge] - evolution <not-affected> (Vulnerable code not present)
-CVE-2007-1001
+CVE-2007-1001 (Multiple integer overflows in the (1) createwbmp and (2) readwbmp func ...)
 	- libgd2 2.0.33-1 (medium)
 	NOTE: This has been fixed in libgd2 for a while, and php is linked against libgd2.
-CVE-2007-1000
+CVE-2007-1000 (The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the ...)
 	- linux-2.6 2.6.18.dfsg.1-12 (medium)
-CVE-2007-0999
+CVE-2007-0999 (Format string vulnerability in Ekiga 2.0.3, and probably other version ...)
 	- ekiga 2.0.3-5 (bug #414069; high)
-CVE-2007-0998
+CVE-2007-0998 (The VNC server implementation in QEMU, as used by Xen and possibly oth ...)
 	- xen-3.0 <removed> (bug #436250; medium)
 	[etch] - xen-3.0 <unfixed>
 	NOTE: Fedora disabled the VNC access to the Qemu monitor
 	NOTE: An adjusted patch has been sent to the debian bugreport
-CVE-2007-0997
+CVE-2007-0997 (Race condition in the tee (sys_tee) system call in the Linux kernel 2. ...)
 	- linux-2.6 2.6.18-1
-CVE-2007-0996
+CVE-2007-0996 (The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0 ...)
 	{DSA-1336-1}
 	NOTE: MFSA-2007-02
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- xulrunner 1.8.0.10-1 (low)
-CVE-2007-0995
+CVE-2007-0995 (Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey  ...)
 	{DSA-1336-1}
 	NOTE: MFSA-2007-02
 	- iceweasel 2.0.0.2+dfsg-1 (low)
@@ -13706,7 +13706,7 @@ CVE-2007-0995
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0994
+CVE-2007-0994 (A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x befor ...)
 	{DSA-1336-1}
 	- iceweasel 2.0.0.2+dfsg-2 (medium)
 CVE-2007-0993
@@ -13719,25 +13719,25 @@ CVE-2007-0990
 	REJECTED
 CVE-2007-0989
 	REJECTED
-CVE-2007-0988
+CVE-2007-0988 (The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4 ...)
 	{DSA-1264-1}
 	[etch] - php4 6:4.4.4-8+etch1
 	[etch] - php5 5.2.0-8+etch1
 	- php4 6:4.4.4-9
 	- php5 5.2.0-9
-CVE-2007-0987
+CVE-2007-0987 (Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 al ...)
 	NOT-FOR-US: Jupiter CMS
-CVE-2007-0986
+CVE-2007-0986 (PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1. ...)
 	NOT-FOR-US: Jupiter CMS
-CVE-2007-0985
+CVE-2007-0985 (SQL injection vulnerability in nickpage.php in phpCC 4.2 beta and earl ...)
 	NOT-FOR-US: phpCC
-CVE-2007-0984
+CVE-2007-0984 (SQL injection vulnerability in admin_poll.asp in PollMentor 2.0 allows ...)
 	NOT-FOR-US: PollMentor
-CVE-2007-0983
+CVE-2007-0983 (PHP remote file inclusion vulnerability in _admin/nav.php in AT Conten ...)
 	NOT-FOR-US: AT Contenator
-CVE-2007-0982
+CVE-2007-0982 (Cross-site scripting (XSS) vulnerability in error.php in TaskFreak! 0. ...)
 	NOT-FOR-US: TaskFreak!
-CVE-2007-0981
+CVE-2007-0981 (Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x befo ...)
 	{DSA-1336-1}
 	NOTE: MFSA-2007-07
 	- iceweasel 2.0.0.1+dfsg-3 (bug #411192; high)
@@ -13745,284 +13745,284 @@ CVE-2007-0981
 	- iceape 1.0.8-1 (high)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0980
+CVE-2007-0980 (Unspecified vulnerability in HP Serviceguard for Linux; packaged for S ...)
 	NOT-FOR-US: HP Serviceguard
-CVE-2007-0979
+CVE-2007-0979 (Unspecified vulnerability in LifeType before 1.1.6, and 1.2 before 1.2 ...)
 	NOT-FOR-US: LifeType
-CVE-2007-0978
+CVE-2007-0978 (Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain pr ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-0977
+CVE-2007-0977 (IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-0976
+CVE-2007-0976 (Buffer overflow in the ActSoft DVD-Tools ActiveX control (dvdtools.ocx ...)
 	NOT-FOR-US: ActSoft DVD-Tools ActiveX control
-CVE-2007-0975
+CVE-2007-0975 (Variable extraction vulnerability in Ian Bezanson Apache Stats before  ...)
 	NOT-FOR-US: Apache Stats
-CVE-2007-0974
+CVE-2007-0974 (Multiple unspecified vulnerabilities in Ian Bezanson DropBox before 0. ...)
 	NOT-FOR-US: DropBox
-CVE-2007-0973
+CVE-2007-0973 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ju ...)
 	NOT-FOR-US: Jupiter CMS
-CVE-2007-0972
+CVE-2007-0972 (Unrestricted file upload vulnerability in modules/emoticons.php in Jup ...)
 	NOT-FOR-US: Jupiter CMS
-CVE-2007-0971
+CVE-2007-0971 (Multiple SQL injection vulnerabilities in Jupiter CMS 1.1.5 allow remo ...)
 	NOT-FOR-US: Jupiter CMS
-CVE-2007-0970
+CVE-2007-0970 (Multiple SQL injection vulnerabilities in WebTester 5.0.20060927 and e ...)
 	NOT-FOR-US: WebTester
-CVE-2007-0969
+CVE-2007-0969 (Multiple cross-site scripting (XSS) vulnerabilities in WebTester 5.0.2 ...)
 	NOT-FOR-US: WebTester
-CVE-2007-0968
+CVE-2007-0968 (Unspecified vulnerability in Cisco Firewall Services Module (FWSM) bef ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0967
+CVE-2007-0967 (Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.1) allows remot ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0966
+CVE-2007-0966 (Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.11), when the H ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0965
+CVE-2007-0965 (Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to u ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0964
+CVE-2007-0964 (Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0963
+CVE-2007-0963 (Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.x ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0962
+CVE-2007-0962 (Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4 ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0961
+CVE-2007-0961 (Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before 6.3(5 ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0960
+CVE-2007-0960 (Unspecified vulnerability in Cisco PIX 500 and ASA 5500 Series Securit ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0959
+CVE-2007-0959 (Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when conf ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0958
+CVE-2007-0958 (Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable ...)
 	{DSA-1304 DSA-1286-1}
 	- linux-2.6 2.6.20-1
-CVE-2007-0957
+CVE-2007-0957 (Stack-based buffer overflow in the krb5_klog_syslog function in the ka ...)
 	{DSA-1276-1}
 	- krb5 1.4.4-8 (high)
-CVE-2007-0956
+CVE-2007-0956 (The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote att ...)
 	{DSA-1276-1}
 	- krb5 1.4.4-8 (high)
-CVE-2007-0955
+CVE-2007-0955 (The NTLM_UnPack_Type3 function in MENTLM.dll in MailEnable Professiona ...)
 	NOT-FOR-US: Mail Enable Professional
-CVE-2007-0954
+CVE-2007-0954 (MOHA Chat 0.1b7 and earlier does not require authentication for use of ...)
 	NOT-FOR-US: MOHA Chat
-CVE-2007-0953
+CVE-2007-0953 (Cross-site scripting (XSS) vulnerability in search.pl in @Mail 4.61 an ...)
 	NOT-FOR-US: @Mail
-CVE-2007-0952
+CVE-2007-0952 (Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net V ...)
 	NOT-FOR-US: Virtual Calendar
-CVE-2007-0951
+CVE-2007-0951 (SQL injection vulnerability in listmain.asp in Fullaspsite ASP Hosting ...)
 	NOT-FOR-US: Fullaspsite ASP Hosting Site
-CVE-2007-0950
+CVE-2007-0950 (Cross-site scripting (XSS) vulnerability in listmain.asp in Fullaspsit ...)
 	NOT-FOR-US: Fullaspsite ASP Hosting Site
-CVE-2007-0949
+CVE-2007-0949 (Stack-based buffer overflow in iTinySoft Studio Total Video Player 1.0 ...)
 	NOT-FOR-US: iTinySoft
-CVE-2007-0948
+CVE-2007-0948 (Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac ...)
 	NOT-FOR-US: Microsoft Virtual PC
-CVE-2007-0947
+CVE-2007-0947 (Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-0946
+CVE-2007-0946 (Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-0945
+CVE-2007-0945 (Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4; 6 and 7 on Wind ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-0944
+CVE-2007-0944 (Unspecified vulnerability in the CTableCol::OnPropertyChange method in ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-0943
+CVE-2007-0943 (Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-0942
+CVE-2007-0942 (Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Win ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-0941
 	REJECTED
-CVE-2007-0940
+CVE-2007-0940 (Unspecified vulnerability in the Cryptographic API Component Object Mo ...)
 	NOT-FOR-US: Microsoft CAPICOM
-CVE-2007-0939
+CVE-2007-0939 (Cross-site scripting (XSS) vulnerability in Microsoft Content Manageme ...)
 	NOT-FOR-US: Microsoft Content Management Server
-CVE-2007-0938
+CVE-2007-0938 (Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 does  ...)
 	NOT-FOR-US: Microsoft Content Management Server
 CVE-2007-0937
 	REJECTED
-CVE-2007-0936
+CVE-2007-0936 (Multiple unspecified vulnerabilities in Microsoft Visio 2002 allow rem ...)
 	NOT-FOR-US: Microsoft
 CVE-2007-0935
 	REJECTED
-CVE-2007-0934
+CVE-2007-0934 (Unspecified vulnerability in Microsoft Visio 2002 allows remote user-a ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0933
+CVE-2007-0933 (Buffer overflow in the wireless driver 6.0.0.18 for D-Link DWL-G650+ ( ...)
 	NOT-FOR-US: D-Link
-CVE-2007-0932
+CVE-2007-0932 (The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Al ...)
 	NOT-FOR-US: Aruba Mobility Controller
-CVE-2007-0931
+CVE-2007-0931 (Heap-based buffer overflow in the management interfaces in (1) Aruba M ...)
 	NOT-FOR-US: Aruba Mobility Controller
-CVE-2007-0930
+CVE-2007-0930 (Variable extract vulnerability in Apache Stats before 0.0.3beta allows ...)
 	NOT-FOR-US: Apache Stats
-CVE-2007-0929
+CVE-2007-0929 (Directory traversal vulnerability in php rrd browser before 0.2.1 allo ...)
 	NOT-FOR-US: prb (php rrd browser)
-CVE-2007-0928
+CVE-2007-0928 (Virtual Calendar stores sensitive information under the web root with  ...)
 	NOT-FOR-US: Virtual Calendar
-CVE-2007-0927
+CVE-2007-0927 (Heap-based buffer overflow in uTorrent 1.6 allows remote attackers to  ...)
 	NOT-FOR-US: uTorrent
-CVE-2007-0926
+CVE-2007-0926 (The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows r ...)
 	NOT-FOR-US: KvGuestbook
-CVE-2007-0925
+CVE-2007-0925 (Cross-site scripting (XSS) vulnerability in search/SearchResults.aspx  ...)
 	NOT-FOR-US: Community Server
-CVE-2007-0924
+CVE-2007-0924 (Till Gerken phpPolls 1.0.3 allows remote attackers to bypass authentic ...)
 	NOT-FOR-US: phpPolls
-CVE-2007-0923
+CVE-2007-0923 (buscador/buscador.htm in Portal Search allows remote attackers to obta ...)
 	NOT-FOR-US: Portal Search
-CVE-2007-0922
+CVE-2007-0922 (Cross-site scripting (XSS) vulnerability in buscador/buscador.htm in P ...)
 	NOT-FOR-US: Portal Search
-CVE-2007-0921
+CVE-2007-0921 (Portal Search allows remote attackers to redirect a URL to an arbitrar ...)
 	NOT-FOR-US: Portal Search
-CVE-2007-0920
+CVE-2007-0920 (SQL injection vulnerability in philboard_forum.asp in Philboard 1.14 a ...)
 	NOT-FOR-US: Philboard
-CVE-2007-0919
+CVE-2007-0919 (Directory traversal vulnerability in Nickolas Grigoriadis Mini Web ser ...)
 	NOT-FOR-US: MiniWebsvr
-CVE-2007-0918
+CVE-2007-0918 (The ATOMIC.TCP signature engine in the Intrusion Prevention System (IP ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0917
+CVE-2007-0917 (The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0916
+CVE-2007-0916 (Unspecified vulnerability in the Address and Routing Parameter Area (A ...)
 	NOT-FOR-US: HP-UX
-CVE-2007-0915
+CVE-2007-0915 (Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers ...)
 	NOT-FOR-US: HP-UX
-CVE-2007-0914
+CVE-2007-0914 (Race condition in the TCP subsystem for Solaris 10 allows remote attac ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-0913
+CVE-2007-0913 (Unspecified vulnerability in Microsoft Powerpoint allows remote user-a ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0912
+CVE-2007-0912 (Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php ...)
 	NOT-FOR-US: JPortal
-CVE-2007-0911
+CVE-2007-0911 (Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow ...)
 	- php5 5.2.2-1 (bug #410561; bug #410995; medium)
 	[etch] - php5 <not-affected> (A regression only affecting 5.2.1)
-CVE-2007-0910
+CVE-2007-0910 (Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clo ...)
 	{DSA-1264-1}
 	- php5 5.2.0-9 (bug #410561; bug #410995; medium)
 	[etch] - php5 5.2.0-8+etch1
 	- php4 6:4.4.4-9
 	[etch] - php4 6:4.4.4-8+etch1
-CVE-2007-0909
+CVE-2007-0909 (Multiple format string vulnerabilities in PHP before 5.2.1 might allow ...)
 	{DSA-1264-1}
 	- php5 5.2.0-9 (bug #410561; bug #410995; medium)
 	[etch] - php5 5.2.0-8+etch1
 	- php4 6:4.4.4-9
 	[etch] - php4 6:4.4.4-8+etch1
-CVE-2007-0908
+CVE-2007-0908 (The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and  ...)
 	{DSA-1264-1}
 	- php5 5.2.0-9
 	[etch] - php5 5.2.0-8+etch1
 	- php4 6:4.4.4-9
 	NOTE: this extension is not enabled by default in the php packages
-CVE-2007-0907
+CVE-2007-0907 (Buffer underflow in PHP before 5.2.1 allows attackers to cause a denia ...)
 	{DSA-1264-1}
 	- php5 5.2.0-9 (bug #410561; bug #410995; medium)
 	[etch] - php5 5.2.0-8+etch1
-CVE-2007-0906
+CVE-2007-0906 (Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause ...)
 	{DSA-1264-1}
 	NOTE: (4) is a non-issue, as we don't use the bundled sqlite
 	- php5 5.2.0-9 (bug #410561; bug #410995; medium)
 	- php4 6:4.4.4-9
 	[etch] - php4 6:4.4.4-8+etch1
 	[etch] - php5 5.2.0-8+etch1
-CVE-2007-0905
+CVE-2007-0905 (PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir ...)
 	- php5 5.2.0-9 (bug #410561; bug #410995; unimportant)
 	NOTE: we normally don't spend much time on safe_mode and open_basedir
 	NOTE: issues, but the because the attack vectors are "unspecified", it
 	NOTE: might be harder for us to try and sort out the fixes for this
 	NOTE: from the session fixes in CVE-2007-0906 (see there for more info)
-CVE-2007-0904
+CVE-2007-0904 (SQL injection vulnerability in projects.php in LightRO CMS 1.0 allows  ...)
 	NOT-FOR-US: LightRO CMS
-CVE-2007-0903
+CVE-2007-0903 (Unspecified vulnerability in the mod_roster_odbc module in ejabberd be ...)
 	- ejabberd 1.1.2-5
-CVE-2007-0902
+CVE-2007-0902 (Unspecified vulnerability in the "Show debugging information" feature  ...)
 	- moin <unfixed> (unimportant)
 	NOTE: this is a version information disclosure.
-CVE-2007-0901
+CVE-2007-0901 (Multiple cross-site scripting (XSS) vulnerabilities in Info pages in M ...)
 	- moin 1.5 (bug #411084; medium)
 	NOTE: Despite what the CVE says, this is not a problem in the 1.5.x code
-CVE-2007-0900
+CVE-2007-0900 (Multiple PHP remote file inclusion vulnerabilities in TagIt! Tagboard  ...)
 	NOT-FOR-US: TagIt! Tagboard
 CVE-2007-0899 [Possible heap overflow in libclamav/fsg.c]
 	RESERVED
 	{DSA-1263-1}
 	- clamav 0.90-1
 	[etch] - clamav	0.88.7-2
-CVE-2007-0898
+CVE-2007-0898 (Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV be ...)
 	{DSA-1263-1}
 	- clamav 0.90-1 (bug #411117)
 	[etch] - clamav	0.88.7-2
-CVE-2007-0897
+CVE-2007-0897 (Clam AntiVirus ClamAV before 0.90 does not close open file descriptors ...)
 	{DSA-1263-1}
 	- clamav 0.90-1 (bug #411118)
 	[etch] - clamav	0.88.7-2
-CVE-2007-0896
+CVE-2007-0896 (Cross-site scripting (XSS) vulnerability in the (1) Sage before 1.3.10 ...)
 	- firefox-sage 1.3.10-1
 	[etch] - firefox-sage <not-affected> (HTML mode not enabled in Etch)
 	NOTE: http://secunia.com/advisories/24086/
 	NOTE: might not affect Debian version because HTML mode is disabled. sf: pinged maintainer
-CVE-2007-0451
+CVE-2007-0451 (Apache SpamAssassin before 3.1.8 allows remote attackers to cause a de ...)
 	- spamassassin 3.1.7-2 (bug #410843)
 	NOTE: http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5318
-CVE-2007-0895
+CVE-2007-0895 (Race condition in recursive directory deletion with the (1) -r or (2)  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-0894
+CVE-2007-0894 (MediaWiki before 1.9.2 allows remote attackers to obtain sensitive inf ...)
 	- mediawiki <removed> (unimportant)
 	NOTE: Only path disclosure
-CVE-2007-0893
+CVE-2007-0893 (Directory traversal vulnerability in phpMyVisites before 2.2 allows re ...)
 	NOT-FOR-US: phpMyVisites
-CVE-2007-0892
+CVE-2007-0892 (CRLF injection vulnerability in phpMyVisites before 2.2 allows remote  ...)
 	NOT-FOR-US: phpMyVisites
-CVE-2007-0891
+CVE-2007-0891 (Cross-site scripting (XSS) vulnerability in the GetCurrentCompletePath ...)
 	NOT-FOR-US: phpMyVisites
-CVE-2007-0890
+CVE-2007-0890 (Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPa ...)
 	NOT-FOR-US: cPanel
-CVE-2007-0889
+CVE-2007-0889 (Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible enco ...)
 	NOT-FOR-US: Kiwi CatTools
-CVE-2007-0888
+CVE-2007-0888 (Directory traversal vulnerability in the TFTP server in Kiwi CatTools  ...)
 	NOT-FOR-US: Kiwi CatTools
-CVE-2007-0887
+CVE-2007-0887 (axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials ...)
 	NOT-FOR-US: Axigen
-CVE-2007-0886
+CVE-2007-0886 (Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows rem ...)
 	NOT-FOR-US: Axigen
-CVE-2007-0885
+CVE-2007-0885 (Cross-site scripting (XSS) vulnerability in jira/secure/BrowseProject. ...)
 	NOT-FOR-US: Rainbow.Zen
-CVE-2007-0884
+CVE-2007-0884 (Buffer overflow in Roaring Penguin MIMEDefang 2.59 and 2.60 allows rem ...)
 	- mimedefang <not-affected> (Only versions 2.59 and 2.60 vulnerable)
-CVE-2007-0883
+CVE-2007-0883 (Directory traversal vulnerability in portalgroups/portalgroups/getfile ...)
 	NOT-FOR-US: IP3 NetAccess
-CVE-2007-0882
+CVE-2007-0882 (Argument injection vulnerability in the telnet daemon (in.telnetd) in  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-0881
+CVE-2007-0881 (PHP remote file inclusion vulnerability in the Seitenschutz plugin for ...)
 	NOT-FOR-US: OPENi-CMS
-CVE-2007-0880
+CVE-2007-0880 (Capital Request Forms stores sensitive information under the web root  ...)
 	NOT-FOR-US: Capital Request Forms
-CVE-2007-0879
+CVE-2007-0879 (Buffer overflow in SmidgeonSoft PEBrowse Professional 8.2.1.0 allows u ...)
 	NOT-FOR-US: PEBrowse
-CVE-2007-0878
+CVE-2007-0878 (Unspecified vulnerability in Microsoft Internet Explorer on Windows Mo ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0877
+CVE-2007-0877 (Unspecified vulnerability in March Networks DVR 3000 and 4000 Digital  ...)
 	NOT-FOR-US: March Networks DVR
-CVE-2007-0876
+CVE-2007-0876 (Cross-site scripting (XSS) vulnerability in Quick Digital Image Galler ...)
 	NOT-FOR-US: Quick Digital Image Gallery
 CVE-2007-0875
 	NOT-FOR-US: mcRefer
-CVE-2007-0874
+CVE-2007-0874 (Allons_voter 1.0 allows remote attackers to bypass authentication and  ...)
 	NOT-FOR-US: Allons_voter
-CVE-2007-0873
+CVE-2007-0873 (nabopoll 1.1.2 allows remote attackers to bypass authentication and ac ...)
 	NOT-FOR-US: nabopoll
-CVE-2007-0872
+CVE-2007-0872 (Directory traversal vulnerability in the Plain Old Webserver (POW) add ...)
 	NOT-FOR-US: Plain Old Webserver
-CVE-2007-0871
+CVE-2007-0871 (Unrestricted file upload vulnerability in eXtremePow eXtreme File Host ...)
 	NOT-FOR-US: eXtreme File Hosting
 CVE-2007-XXXX [dokuwiki conf directory accessible by web users]
 	- dokuwiki 0.0.20061106-3 (bug #410557)
-CVE-2007-0870
+CVE-2007-0870 (Unspecified vulnerability in Microsoft Word 2000 allows remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0869
+CVE-2007-0869 (Cross-site scripting (XSS) vulnerability in the Attachment Manager (ad ...)
 	NOT-FOR-US: vBulletin
-CVE-2007-0868
+CVE-2007-0868 (Unspecified vulnerability in the Chat Room functionality in Yahoo! Mes ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-0867
+CVE-2007-0867 (PHP remote file inclusion vulnerability in classes/menu.php in Site-As ...)
 	NOT-FOR-US: Site-Assistant
-CVE-2007-0866
+CVE-2007-0866 (Unspecified vulnerability in HP OpenView Storage Data Protector on HP- ...)
 	NOT-FOR-US: HP OpenView
-CVE-2007-0865
+CVE-2007-0865 (SQL injection vulnerability in comments.php in LushiNews 1.01 and earl ...)
 	NOT-FOR-US: LushiWarPlaner
-CVE-2007-0864
+CVE-2007-0864 (SQL injection vulnerability in register.php in LushiWarPlaner 1.0 allo ...)
 	NOT-FOR-US: LushiWarPlaner
 CVE-2007-0863
 	NOT-FOR-US: Trevorchan
@@ -14032,18 +14032,18 @@ CVE-2007-0861
 	NOT-FOR-US: phpCOIN
 CVE-2007-0860
 	NOT-FOR-US: local Calendar System
-CVE-2007-0859
+CVE-2007-0859 (The Find feature in Palm OS Treo smart phones operates despite the sys ...)
 	NOT-FOR-US: Palm OS Treo
 CVE-2007-XXXX [ikiwiki allows web user to edit images and other non-page format files in the wiki]
 	- ikiwiki 1.42 (low)
 	[etch] - ikiwiki 1.33.1
 CVE-2007-0858
 	RESERVED
-CVE-2007-0857
+CVE-2007-0857 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before ...)
 	- moin 1.5.3-1.2 (bug #410338; medium; bug #410552)
-CVE-2007-0856
+CVE-2007-0856 (TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (R ...)
 	NOT-FOR-US: Trend Micro Anti-Rootkit Common Module
-CVE-2007-0855
+CVE-2007-0855 (Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR an ...)
 	- rar 1:3.7b1-1 (high; bug #410582)
 	[sarge]	- rar <no-dsa> (Non-free)
 	[etch] - rar <no-dsa> (Non-free)
@@ -14054,160 +14054,160 @@ CVE-2007-0855
 	NOTE: which probably turns this into remote code execution
 	NOTE: clamav can also call unrar -p-, but AFAICS not in default configuration
 	NOTE: unrar-free and clamav (which embeds unrar-free code) not affected
-CVE-2007-0854
+CVE-2007-0854 (Remote file inclusion vulnerability in scripts2/objcache in cPanel Web ...)
 	NOT-FOR-US: cPanel WebHost Manager
-CVE-2007-0853
+CVE-2007-0853 (SQL injection vulnerability in DevTrack 6.0.3 allows remote attackers  ...)
 	NOT-FOR-US: DevTrack
-CVE-2007-0852
+CVE-2007-0852 (Cross-site scripting (XSS) vulnerability in DevTrack 6.x allows remote ...)
 	NOT-FOR-US: DevTrack
-CVE-2007-0851
+CVE-2007-0851 (Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before  ...)
 	NOT-FOR-US: Trend Micro Scan Engine
-CVE-2007-0850
+CVE-2007-0850 (scripts/cronscript.php in SysCP 1.2.15 and earlier includes and execut ...)
 	NOT-FOR-US: SysCP
-CVE-2007-0849
+CVE-2007-0849 (scripts/cronscript.php in SysCP 1.2.15 and earlier does not properly q ...)
 	NOT-FOR-US: SysCP
-CVE-2007-0848
+CVE-2007-0848 (PHP remote file inclusion vulnerability in classes/class_mail.inc.php  ...)
 	NOT-FOR-US: Maian Recipe
-CVE-2007-0847
+CVE-2007-0847 (SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server C ...)
 	NOT-FOR-US: Open Tibia Server CMS
-CVE-2007-0846
+CVE-2007-0846 (Cross-site scripting (XSS) vulnerability in forum.php in Open Tibia Se ...)
 	NOT-FOR-US: Open Tibia Server CMS
-CVE-2007-0845
+CVE-2007-0845 (admin/index.php in Advanced Poll 2.0.0 through 2.0.5-dev allows remote ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2007-0843
+CVE-2007-0843 (The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP,  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-0842
+CVE-2007-0842 (The 64-bit versions of Microsoft Visual C++ 8.0 standard library (MSVC ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0841
+CVE-2007-0841 (Multiple unspecified vulnerabilities in vbDrupal before 4.7.6.0 have u ...)
 	NOT-FOR-US: vbDrupal
-CVE-2007-0840
+CVE-2007-0840 (Cross-site scripting (XSS) vulnerability in HLstats before 1.35 allows ...)
 	NOT-FOR-US: HLstats
-CVE-2007-0839
+CVE-2007-0839 (Multiple PHP remote file inclusion vulnerabilities in index/index_albu ...)
 	NOT-FOR-US: WebMatic
-CVE-2007-0838
+CVE-2007-0838 (FreeProxy before 3.92 Build 1626 allows malicious users to cause a den ...)
 	NOT-FOR-US: FreeProxy
-CVE-2007-0837
+CVE-2007-0837 (PHP remote file inclusion vulnerability in examples/inc/top.inc.php in ...)
 	NOT-FOR-US: AgerMenu
-CVE-2007-0836
+CVE-2007-0836 (admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, al ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-0835
+CVE-2007-0835 (admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, al ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-0834
+CVE-2007-0834 (Cross-site scripting (XSS) vulnerability in FlashChat 4.7.8 allows rem ...)
 	NOT-FOR-US: FlashChat
-CVE-2007-0833
+CVE-2007-0833 (VMware Workstation 5.5.3 34685, when the "Enable copy and paste to and ...)
 	NOT-FOR-US: VMware
-CVE-2007-0832
+CVE-2007-0832 (VMware Workstation 5.5.3 34685 does not immediately change the availab ...)
 	NOT-FOR-US: VMware
-CVE-2007-0831
+CVE-2007-0831 (** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in A ...)
 	NOT-FOR-US: Atsphp
 CVE-2007-0830
 	NOT-FOR-US: vBulletin
-CVE-2007-0829
+CVE-2007-0829 (avast! Server Edition before 4.7.726 does not demand a password in a c ...)
 	NOT-FOR-US: avast!
-CVE-2007-0828
+CVE-2007-0828 (PHP remote file inclusion vulnerability in affichearticles.php3 in MyS ...)
 	NOT-FOR-US: MySQLNewsEngine
-CVE-2007-0827
+CVE-2007-0827 (The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote  ...)
 	NOT-FOR-US: Alibaba Alipay PTA Module ActiveX control
-CVE-2007-0826
+CVE-2007-0826 (SQL injection vulnerability in forum.asp in Kisisel Site 2007 allows r ...)
 	NOT-FOR-US: Kisisel Site
-CVE-2007-0825
+CVE-2007-0825 (FlashFXP 3.4.0 build 1145 allows remote servers to cause a denial of s ...)
 	NOT-FOR-US: FlashFXP
-CVE-2007-0824
+CVE-2007-0824 (PHP remote file inclusion vulnerability in inhalt.php in LightRO CMS 1 ...)
 	NOT-FOR-US: LightRO CMS
-CVE-2007-0823
+CVE-2007-0823 (xterm on Slackware Linux 10.2 stores information that had been display ...)
 	- xterm <not-affected> (Not a security problem)
-CVE-2007-0822
+CVE-2007-0822 (umount, when running with the Linux 2.6.15 kernel on Slackware Linux 1 ...)
 	- util-linux <not-affected> (Not a security problem)
-CVE-2007-0821
+CVE-2007-0821 (Multiple directory traversal vulnerabilities in Cedric CLAIRE PortailP ...)
 	NOT-FOR-US: PortailPhp
-CVE-2007-0820
+CVE-2007-0820 (Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE Po ...)
 	NOT-FOR-US: PortailPhp
-CVE-2007-0819
+CVE-2007-0819 (HP Network Node Manager (NNM) Remote Console 7.50, 7.51, and 7.53 assi ...)
 	NOT-FOR-US: HP Network Node Manager
 CVE-2007-0818
 	REJECTED
-CVE-2007-0817
+CVE-2007-0817 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion web serve ...)
 	NOT-FOR-US: Adobe ColdFusion web server
-CVE-2007-0816
+CVE-2007-0816 (The RPC Server service (catirpc.exe) in CA (formerly Computer Associat ...)
 	NOT-FOR-US: (CA) BrightStor
-CVE-2007-0815
+CVE-2007-0815 (Cross-site scripting (XSS) vulnerability in images_archive.asp in Uapp ...)
 	NOT-FOR-US: Uphotogallery
-CVE-2007-0814
+CVE-2007-0814 (Multiple cross-site scripting (XSS) vulnerabilities in Adrenalin's ASP ...)
 	NOT-FOR-US: ASP Chat
-CVE-2007-0813
+CVE-2007-0813 (Cross-site scripting (XSS) vulnerability in Home production MySearchEn ...)
 	NOT-FOR-US: MySearchEngine
-CVE-2007-0812
+CVE-2007-0812 (SQL injection vulnerability in pms.php in Woltlab Burning Board (wBB)  ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2007-0811
+CVE-2007-0811 (Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0810
+CVE-2007-0810 (PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in Gee ...)
 	NOT-FOR-US: GeekLog
-CVE-2007-0809
+CVE-2007-0809 (PHP remote file inclusion vulnerability in includes/class_template.php ...)
 	NOT-FOR-US: Categories Hierarchy
-CVE-2007-0808
+CVE-2007-0808 (PHP remote file inclusion vulnerability in Mina Ajans Script allows re ...)
 	NOT-FOR-US: Mina Ajans Script
-CVE-2007-0807
+CVE-2007-0807 (Cross-site scripting (XSS) vulnerability in info.php in flashChat 4.7. ...)
 	NOT-FOR-US: flashChat
-CVE-2007-0806
+CVE-2007-0806 (Les News 2.2 allows remote attackers to bypass authentication and gain ...)
 	NOT-FOR-US: Les News
-CVE-2007-0805
+CVE-2007-0805 (The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local us ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2007-0804
+CVE-2007-0804 (Directory traversal vulnerability in admin/subpages.php in GGCMS 1.1.0 ...)
 	NOT-FOR-US: GGCMS
-CVE-2007-0803
+CVE-2007-0803 (Multiple buffer overflows in STLport before 5.0.3 allow remote attacke ...)
 	- stlport5 5.0.3-1 (bug #410864; low)
 	[etch] - stlport5 5.0.2-12
 	[sarge] - stlport5 <not-affected> (Vulnerable code not compiled in)
-CVE-2007-0802
+CVE-2007-0802 (Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing ...)
 	- iceweasel 2.0.0.16-1 (low)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=367538
-CVE-2007-0801
+CVE-2007-0801 (The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1. ...)
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- firefox 45.0-1 (low)
 	- firefox-esr 45.0esr-1 (low)
 	- iceape 1.0.8-1 (low)
 	- xulrunner 1.8.0.10-1 (low)
-CVE-2007-0800
+CVE-2007-0800 (Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked  ...)
 	NOTE: MFSA-2007-05
 	- iceweasel 2.0.0.2+dfsg-1 (medium)
 	- iceape 1.0.8-1 (medium)
 	- xulrunner 1.8.0.10-1 (medium)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0799
+CVE-2007-0799 (SQL injection vulnerability in badword.asp in Ublog Reload 1.0.5 allow ...)
 	NOT-FOR-US: Ublog Reload
-CVE-2007-0798
+CVE-2007-0798 (Multiple cross-site scripting (XSS) vulnerabilities in Ublog Reload 1. ...)
 	NOT-FOR-US: Ublog Reload
-CVE-2007-0797
+CVE-2007-0797 (PHP remote file inclusion vulnerability in theme/settings.php in bluev ...)
 	NOT-FOR-US: SMA-DB
-CVE-2007-0796
+CVE-2007-0796 (Blue Coat Systems WinProxy 6.1a and 6.0 r1c, and possibly earlier, all ...)
 	NOT-FOR-US: WinProxy
-CVE-2007-0795
+CVE-2007-0795 (Multiple PHP remote file inclusion vulnerabilities in Wap Portal Serve ...)
 	NOT-FOR-US: Wap Portal Server
 CVE-2007-0794
 	NOT-FOR-US: GlobalMegaCorp dvddb
-CVE-2007-0793
+CVE-2007-0793 (PHP remote file inclusion vulnerability in inc/common.php in GlobalMeg ...)
 	NOT-FOR-US: GlobalMegaCorp dvddb
-CVE-2007-0792
+CVE-2007-0792 (The mod_perl initialization script in Bugzilla 2.23.3 does not set the ...)
 	- bugzilla <not-affected> (Only development version 2.23.3 is affected)
-CVE-2007-0791
+CVE-2007-0791 (Cross-site scripting (XSS) vulnerability in Atom feeds in Bugzilla 2.2 ...)
 	- bugzilla 2.22.1-2.1 (bug #409824; low)
 	[etch] - bugzilla <no-dsa> (Minor issue, far-fetched attack, minor impact)
 	[sarge] - bugzilla <not-affected> (Vulnerable code not present)
-CVE-2007-0790
+CVE-2007-0790 (Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP serv ...)
 	NOT-FOR-US: SmartFTP
-CVE-2007-0789
+CVE-2007-0789 (SQL injection vulnerability in Mambo before 4.5.5 allows remote attack ...)
 	- mambo 4.6.1-1 (medium)
 	NOTE: only the 4.5.x tree was vulnerable
-CVE-2007-0788
+CVE-2007-0788 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.9.x before 1.9 ...)
 	- mediawiki <not-affected> (Only in 1.9 branch, fixed in 1.9.2)
-CVE-2007-0787
+CVE-2007-0787 (PHP remote file inclusion vulnerability in controller.php in Simple In ...)
 	NOT-FOR-US: Simple Invoices
-CVE-2007-0786
+CVE-2007-0786 (SQL injection vulnerability in view.php in Noname Media Photo Galerie  ...)
 	NOT-FOR-US: Noname Media Photo Galerie Standard
-CVE-2007-0785
+CVE-2007-0785 (PHP remote file inclusion vulnerability in previewtheme.php in Flipsou ...)
 	NOT-FOR-US: Flipsource Flip
-CVE-2007-0784
+CVE-2007-0784 (SQL injection vulnerability in login.asp for tPassword in the Raymond  ...)
 	NOT-FOR-US: RBL ASP tPassword
 CVE-2007-0783
 	RESERVED
@@ -14215,21 +14215,21 @@ CVE-2007-0782
 	RESERVED
 CVE-2007-0781
 	RESERVED
-CVE-2007-0780
+CVE-2007-0780 (browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0 ...)
 	NOTE: MFSA-2007-05
 	- iceweasel 2.0.0.2+dfsg-1 (medium)
 	- iceape 1.0.8-1 (medium)
 	- xulrunner 1.8.0.10-1 (medium)
 	[sarge] - mozilla-firefox <not-affected> (Vulnerable code not present)
 	[sarge] - mozilla <not-affected> (Vulnerable code not present)
-CVE-2007-0779
+CVE-2007-0779 (GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and ...)
 	NOTE: MFSA-2007-04
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- iceape 1.0.8-1 (low)
 	- xulrunner 1.8.0.10-1 (low)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <not-affected> (introduced in firefox 1.5)
-CVE-2007-0778
+CVE-2007-0778 (The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x befo ...)
 	{DSA-1336-1}
 	NOTE: MFSA-2007-03
 	- iceweasel 2.0.0.2+dfsg-1 (low)
@@ -14237,7 +14237,7 @@ CVE-2007-0778
 	- xulrunner 1.8.0.10-1 (low)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0777
+CVE-2007-0777 (The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x befor ...)
 	NOTE: MFSA-2007-01
 	- iceweasel 2.0.0.2+dfsg-1 (high)
 	- iceape 1.0.8-1 (high)
@@ -14246,7 +14246,7 @@ CVE-2007-0777
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0776
+CVE-2007-0776 (Heap-based buffer overflow in the _cairo_pen_init function in Mozilla  ...)
 	NOTE: MFSA-2007-01
 	- iceweasel 2.0.0.2+dfsg-1 (high)
 	- iceape 1.0.8-1 (high)
@@ -14255,7 +14255,7 @@ CVE-2007-0776
 	[sarge] - mozilla-firefox <not-affected> (Only affected Firefox 2.0 et al)
 	[sarge] - mozilla-thunderbird <not-affected> (Only affected Firefox 2.0 et al)
 	[sarge] - mozilla <not-affected> (Only affected Firefox 2.0 et al)
-CVE-2007-0775
+CVE-2007-0775 (Multiple unspecified vulnerabilities in the layout engine in Mozilla F ...)
 	{DSA-1336-1}
 	NOTE: MFSA-2007-01
 	- iceweasel 2.0.0.2+dfsg-1 (high)
@@ -14266,22 +14266,22 @@ CVE-2007-0775
 	[sarge] - mozilla-thunderbird <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
 	NOTE: Only one of the crashes can be triggered in Sarge, 326864
-CVE-2007-0774
+CVE-2007-0774 (Stack-based buffer overflow in the map_uri_to_worker function (native/ ...)
 	- libapache-mod-jk 1:1.2.21-1 (medium)
 	[sarge] - libapache-mod-jk <not-affected>
 	[etch] - libapache-mod-jk <not-affected>
 	NOTE: affects only 1.2.19 and 1.2.20
-CVE-2007-0773
+CVE-2007-0773 (The Linux kernel before 2.6.9-42.0.8 in Red Hat 4.4 allows local users ...)
 	- linux-2.6 2.6.12-1
-CVE-2007-0772
+CVE-2007-0772 (The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remo ...)
 	- linux-2.6 2.6.18.dfsg.1-11
-CVE-2007-0771
+CVE-2007-0771 (The utrace support in Linux kernel 2.6.18, and other versions, allows  ...)
 	- linux-2.6 <not-affected> (RHEL-specific backport, only present in -mm tree)
-CVE-2007-0770
+CVE-2007-0770 (Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted ...)
 	{DSA-1260}
 	- graphicsmagick 1.1.7-12
 	- imagemagick 7:6.2.4.5.dfsg1-0.14 (bug #410435)
-CVE-2007-1667
+CVE-2007-1667 (Multiple integer overflows in (1) the XGetPixel function in ImUtil.c i ...)
 	{DSA-1903-1 DSA-1858-1 DSA-1294-1}
 	- xfree86 <removed> (bug #414046; medium)
 	- libx11 2:1.0.3-7 (bug #414045; medium)
@@ -14290,651 +14290,651 @@ CVE-2007-1667
 	NOTE: Discovered through CVE-2007-0770.
 	NOTE: With certain mail user agents, this issue is likely exploitable
 	NOTE: without much user interaction.
-CVE-2007-0844
+CVE-2007-0844 (The auth_via_key function in pam_ssh.c in pam_ssh before 1.92, when th ...)
 	- libpam-ssh 1.91.0-9.2 (bug #410236; low)
 	[etch] - libpam-ssh <no-dsa> (Minor issue)
 	[sarge] - libpam-ssh <no-dsa> (Minor issue)
 CVE-2007-0769
 	NOT-FOR-US: Phorum
-CVE-2007-0768
+CVE-2007-0768 (Multiple cross-site scripting (XSS) vulnerabilities in the Contact Det ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2007-0767
+CVE-2007-0767 (Cross-site scripting (XSS) vulnerability in the core in Phorum before  ...)
 	NOT-FOR-US: Phorum
-CVE-2007-0766
+CVE-2007-0766 (Stack-based buffer overflow in Remotesoft .NET Explorer 2.0.1 allows u ...)
 	NOT-FOR-US: .NET Explorer
-CVE-2007-0765
+CVE-2007-0765 (SQL injection vulnerability in news.php in dB Masters Curium CMS 1.03  ...)
 	NOT-FOR-US: Curium CMS
-CVE-2007-0764
+CVE-2007-0764 (Unrestricted file upload vulnerability in F3Site 2.1 and earlier allow ...)
 	NOT-FOR-US: F3Site
-CVE-2007-0763
+CVE-2007-0763 (Cross-site scripting (XSS) vulnerability in the news comment functiona ...)
 	NOT-FOR-US: F3Site
-CVE-2007-0762
+CVE-2007-0762 (PHP remote file inclusion vulnerability in includes/functions.php in p ...)
 	NOT-FOR-US: phpBB++
-CVE-2007-0761
+CVE-2007-0761 (PHP remote file inclusion vulnerability in config.php in phpBB ezBoard ...)
 	NOT-FOR-US: phpBB ezBoard converter
-CVE-2007-0760
+CVE-2007-0760 (EQdkp 1.3.1 and earlier authenticates administrative requests by verif ...)
 	NOT-FOR-US: EQdkp
-CVE-2007-0759
+CVE-2007-0759 (Multiple SQL injection vulnerabilities in EasyMoblog 0.5.1 allow remot ...)
 	NOT-FOR-US: EasyMoblog
-CVE-2007-0758
+CVE-2007-0758 (PHP remote file inclusion vulnerability in lang.php in PHPProbid 5.24  ...)
 	NOT-FOR-US: PHPProbid
-CVE-2007-0757
+CVE-2007-0757 (PHP remote file inclusion vulnerability in index.php in Miguel Nunes C ...)
 	NOT-FOR-US: CoD2 DreamStats
-CVE-2007-0756
+CVE-2007-0756 (Chicken of the VNC (cotv) 2.0 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Chicken of the VNC
 CVE-2007-0755
 	RESERVED
-CVE-2007-0754
+CVE-2007-0754 (Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0753
+CVE-2007-0753 (Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X ...)
 	NOT-FOR-US: Apple
-CVE-2007-0752
+CVE-2007-0752 (The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the ...)
 	NOT-FOR-US: Apple
-CVE-2007-0751
+CVE-2007-0751 (A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might ...)
 	NOT-FOR-US: Apple
-CVE-2007-0750
+CVE-2007-0750 (Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 a ...)
 	NOT-FOR-US: Apple
-CVE-2007-0749
+CVE-2007-0749 (Multiple stack-based buffer overflows in the is_command function in pr ...)
 	NOT-FOR-US: Apple Darwin Streaming Server
-CVE-2007-0748
+CVE-2007-0748 (Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using ...)
 	NOT-FOR-US: Apple Darwin Streaming Server
-CVE-2007-0747
+CVE-2007-0747 (load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0746
+CVE-2007-0746 (Heap-based buffer overflow in the VideoConference framework in Apple M ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0745
+CVE-2007-0745 (The Apple Security Update 2007-004 uses an incorrect configuration fil ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0744
+CVE-2007-0744 (SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean th ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0743
+CVE-2007-0743 (URLMount in Apple Mac OS X 10.3.9 through 10.4.9 passes the username a ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0742
+CVE-2007-0742 (The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allow ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0741
+CVE-2007-0741 (Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 throu ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0740
+CVE-2007-0740 (Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display fil ...)
 	NOT-FOR-US: Apple
-CVE-2007-0739
+CVE-2007-0739 (The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the so ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0738
+CVE-2007-0738 (The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not displa ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0737
+CVE-2007-0737 (The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not prop ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0736
+CVE-2007-0736 (Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3. ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0735
+CVE-2007-0735 (Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 throu ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0734
+CVE-2007-0734 (fsck, as used by the AirPort Disk feature of the AirPort Extreme Base  ...)
 	NOT-FOR-US: AirPort Extreme Base Station
-CVE-2007-0733
+CVE-2007-0733 (Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 ...)
 	NOT-FOR-US: Apple Mac ImageIO
-CVE-2007-0732
+CVE-2007-0732 (Unspecified vulnerability in the CoreServices daemon in CarbonCore in  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0731
+CVE-2007-0731 (Stack-based buffer overflow in the Apple-specific Samba module (SMB Fi ...)
 	NOT-FOR-US: Apple Mac
-CVE-2007-0730
+CVE-2007-0730 (Server Manager (servermgrd) in Apple Mac OS X 10.3.9 and 10.4 through  ...)
 	NOT-FOR-US: Apple Mac Server Manager
-CVE-2007-0729
+CVE-2007-0729 (Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0728
+CVE-2007-0728 (Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10 ...)
 	NOT-FOR-US: Apple Mac
 CVE-2007-0727
 	REJECTED
-CVE-2007-0726
+CVE-2007-0726 (The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and ...)
 	NOT-FOR-US: Apple OpenSSH
-CVE-2007-0725
+CVE-2007-0725 (Buffer overflow in the AirPortDriver module for AirPort in Apple Mac O ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0724
+CVE-2007-0724 (The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4 ...)
 	NOT-FOR-US: Apple Mac
-CVE-2007-0723
+CVE-2007-0723 (Unspecified vulnerability in the authentication feature for DirectoryS ...)
 	NOT-FOR-US: Mac OS X
-CVE-2007-0722
+CVE-2007-0722 (Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allo ...)
 	NOT-FOR-US: Apple Mac
-CVE-2007-0721
+CVE-2007-0721 (Unspecified vulnerability in diskimages-helper in Apple Mac OS X 10.3. ...)
 	NOT-FOR-US: Apple Mac
-CVE-2007-0720
+CVE-2007-0720 (The CUPS service on multiple platforms allows remote attackers to caus ...)
 	- cups 1.2.7-1 (bug #434734; low)
 	- cupsys 1.2.7-1 (bug #434734; low)
 	[sarge] - cupsys <no-dsa> (Minor, conceptual design problem)
 	[etch] - cupsys <no-dsa> (Minor, conceptual design problem)
-CVE-2007-0719
+CVE-2007-0719 (Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through  ...)
 	NOT-FOR-US: Apple Mac
-CVE-2007-0718
+CVE-2007-0718 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0717
+CVE-2007-0717 (Integer overflow in Apple QuickTime before 7.1.5 allows remote user-as ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0716
+CVE-2007-0716 (Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows rem ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0715
+CVE-2007-0715 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0714
+CVE-2007-0714 (Integer overflow in Apple QuickTime before 7.1.5 allows remote user-as ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0713
+CVE-2007-0713 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0712
+CVE-2007-0712 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0711
+CVE-2007-0711 (Integer overflow in Apple QuickTime before 7.1.5, when installed on Wi ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0710
+CVE-2007-0710 (The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows rem ...)
 	NOT-FOR-US: Apple iChat
-CVE-2007-0709
+CVE-2007-0709 (cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall)  ...)
 	NOT-FOR-US: Comodo Firewall Pro
-CVE-2007-0708
+CVE-2007-0708 (cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall)  ...)
 	NOT-FOR-US: Comodo Firewall Pro
-CVE-2007-0707
+CVE-2007-0707 (Stack-based buffer overflow in GOM Player 2.0.12.3375 allows user-assi ...)
 	NOT-FOR-US: GOM Player
-CVE-2007-0706
+CVE-2007-0706 (Cross-zone scripting vulnerability in Darksky RSS bar for Internet Exp ...)
 	NOT-FOR-US: Darksky RSS
-CVE-2007-0705
+CVE-2007-0705 (Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and P ...)
 	NOT-FOR-US: Sleipnir
-CVE-2007-0704
+CVE-2007-0704 (PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 ...)
 	NOT-FOR-US: Somery
-CVE-2007-0703
+CVE-2007-0703 (PHP remote file inclusion vulnerability in library/StageLoader.php in  ...)
 	NOT-FOR-US: WebBuilder
-CVE-2007-0702
+CVE-2007-0702 (Multiple PHP remote file inclusion vulnerabilities in phpEventMan 1.0. ...)
 	NOT-FOR-US: phpEventMan
-CVE-2007-0701
+CVE-2007-0701 (PHP remote file inclusion vulnerability in inc/common.inc.php in Epist ...)
 	NOT-FOR-US: Epistemon
-CVE-2007-0700
+CVE-2007-0700 (Directory traversal vulnerability in index.php in Guernion Sylvain Por ...)
 	NOT-FOR-US: Portail Web
-CVE-2007-0699
+CVE-2007-0699 (PHP remote file inclusion vulnerability in includes/includes.php in Gu ...)
 	NOT-FOR-US: Portail Web
-CVE-2007-0698
+CVE-2007-0698 (Multiple SQL injection vulnerabilities in ACGVannu 1.3 and earlier all ...)
 	NOT-FOR-US: ACGVannu
-CVE-2007-0697
+CVE-2007-0697 (index2.php in ACGVannu 1.3 and earlier allows remote attackers to chan ...)
 	NOT-FOR-US: ACGVannu
-CVE-2007-0696
+CVE-2007-0696 (Cross-site scripting (XSS) vulnerability in error messages in Free LAN ...)
 	NOT-FOR-US: Free LAN Intranet Portal
-CVE-2007-0695
+CVE-2007-0695 (Multiple SQL injection vulnerabilities in Free LAN In(tra|ter)net Port ...)
 	NOT-FOR-US: Free LAN Intranet Portal
-CVE-2007-0694
+CVE-2007-0694 (Cross-site scripting (XSS) vulnerability in footer.php in DGNews 2.1 a ...)
 	NOT-FOR-US: DGNews
-CVE-2007-0693
+CVE-2007-0693 (SQL injection vulnerability in news.php in DGNews 2.1 allows remote at ...)
 	NOT-FOR-US: DGNews
-CVE-2007-0692
+CVE-2007-0692 (DGNews 2.1 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: DGNews
 CVE-2007-0691
 	REJECTED
-CVE-2007-0690
+CVE-2007-0690 (myEvent 1.6 allows remote attackers to obtain sensitive information vi ...)
 	NOT-FOR-US: myEvent
-CVE-2007-0689
+CVE-2007-0689 (MyBB 1.2.4 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 CVE-2007-XXXX [remctl ACL bypass vulnerability]
 	- remctl 2.2-2
 	[sarge] - remctl <not-affected> (Vulnerable code not present)
-CVE-2007-0688
+CVE-2007-0688 (SQL injection vulnerability in oku.asp in Hunkaray Duyuru Scripti allo ...)
 	NOT-FOR-US: Hunkaray Duyuru Scripti
-CVE-2007-0687
+CVE-2007-0687 (SQL injection vulnerability in i-search.php in Michelle's L2J Dropcalc ...)
 	NOT-FOR-US: L2J Dropcalc
-CVE-2007-0686
+CVE-2007-0686 (The Intel 2200BG 802.11 Wireless Mini-PCI driver 9.0.3.9 (w29n51.sys)  ...)
 	NOT-FOR-US: Intel 2200BG Cards drive.
-CVE-2007-0685
+CVE-2007-0685 (Internet Explorer on Windows Mobile 5.0 and Windows Mobile 2003 and 20 ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2007-0684
+CVE-2007-0684 (PHP remote file inclusion vulnerability in portal.php in Cerulean Port ...)
 	NOT-FOR-US: Cerulean Portal System
-CVE-2007-0683
+CVE-2007-0683 (PHP remote file inclusion vulnerability in includes/functions.php in O ...)
 	NOT-FOR-US: Omegaboard
-CVE-2007-0682
+CVE-2007-0682 (PHP remote file inclusion vulnerability in theme/include_mode/template ...)
 	NOT-FOR-US: JV2 Folder Gallery
-CVE-2007-0681
+CVE-2007-0681 (profile.php in ExtCalendar 2 and earlier allows remote attackers to ch ...)
 	NOT-FOR-US: ExtCalendar
-CVE-2007-0680
+CVE-2007-0680 (PHP remote file inclusion vulnerability in includes/functions.php in P ...)
 	NOT-FOR-US: Phpbb Tweaked it is a module to phpbb
-CVE-2007-0679
+CVE-2007-0679 (PHP remote file inclusion vulnerability in lang/leslangues.php in Nico ...)
 	NOT-FOR-US: PHPMyRing
-CVE-2007-0678
+CVE-2007-0678 (SQL injection vulnerability in windows.asp in Fullaspsite Asp Hosting  ...)
 	NOT-FOR-US: Fullaspsite Asp Hosting Sites
-CVE-2007-0677
+CVE-2007-0677 (PHP remote file inclusion vulnerability in fw/class.Quick_Config_Brows ...)
 	NOT-FOR-US: Cadre PHP Framework
-CVE-2007-0676
+CVE-2007-0676 (SQL injection vulnerability in faq.php in ExoPHPDesk 1.2.1 and earlier ...)
 	NOT-FOR-US: ExoPHPDesk
-CVE-2007-0675
+CVE-2007-0675 (A certain ActiveX control in sapi.dll (aka the Speech API) in Speech C ...)
 	NOT-FOR-US: Windows Vista
-CVE-2007-0674
+CVE-2007-0674 (Pictures and Videos on Windows Mobile 5.0 and Windows Mobile 2003 and  ...)
 	NOT-FOR-US: Windows Mobile
-CVE-2007-0673
+CVE-2007-0673 (LGSERVER.EXE in BrightStor ARCserve Backup for Laptops &amp; Desktops  ...)
 	NOT-FOR-US: (CA) BrightStor
-CVE-2007-0672
+CVE-2007-0672 (LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers t ...)
 	NOT-FOR-US: (CA) BrightStor
-CVE-2007-0671
+CVE-2007-0671 (Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004  ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0670
+CVE-2007-0670 (Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local us ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-0669
+CVE-2007-0669 (Unspecified vulnerability in Twiki 4.0.0 through 4.1.0 allows local us ...)
 	- twiki 1:4.0.5-9 (bug #410256)
-CVE-2007-0668
+CVE-2007-0668 (The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in ...)
 	NOT-FOR-US: Sun Solaris.
-CVE-2007-0667
+CVE-2007-0667 (The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2 ...)
 	- sql-ledger <unfixed> (bug #409703; unimportant)
 	NOTE: It's documented behaviour that SQL-Ledger should only be run in an
 	NOTE: authenticated HTTP zone and without untrusted users
 	[etch] - sql-ledger <no-dsa> (Should only be used with trusted users)
 	NOTE: sql-ledger 2.6.22-2 adds a note to README.Debian that sql-ledger
 	NOTE: is not secure with untrusted users.
-CVE-2007-0666
+CVE-2007-0666 (Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute  ...)
 	NOT-FOR-US: WS_FTP Server
-CVE-2007-0665
+CVE-2007-0665 (Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007  ...)
 	NOT-FOR-US: WS_FTP Server
-CVE-2007-0664
+CVE-2007-0664 (thttpd before 2.25b-r6 in Gentoo Linux is started from the system root ...)
 	- thttpd <not-affected> (Gentoo-specific packaging flaw)
 	NOTE: In accordance with Debian Policy is not possible start Webserver
 	NOTE: in root directory (/).
-CVE-2007-0663
+CVE-2007-0663 (SQL injection vulnerability in index.php in Eclectic Designs Cascadian ...)
 	NOT-FOR-US: Eclectic Designs CascadianFAQ
-CVE-2007-0662
+CVE-2007-0662 (PHP remote file inclusion vulnerability in includes/usercp_viewprofile ...)
 	NOT-FOR-US: Hailboards
-CVE-2007-0661
+CVE-2007-0661 (Intel Enterprise Southbridge 2 Baseboard Management Controller (BMC),  ...)
 	NOT-FOR-US: Intel BMC
-CVE-2007-0660
+CVE-2007-0660 (Cross-site scripting (XSS) vulnerability in the IFrame module before 0 ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2007-0659
+CVE-2007-0659 (download.php in the MuddyDogPaws FileDownload snippet before 2.5 for M ...)
 	NOT-FOR-US: MODx MuddyDogPaws FileDownload
-CVE-2007-0658
+CVE-2007-0658 (The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module f ...)
 	NOT-FOR-US: Drupal addon module "Textimage"
-CVE-2007-0657
+CVE-2007-0657 (Unspecified vulnerability in Nexuiz 2.2.2 allows remote attackers to r ...)
 	- nexuiz 2.2.3-1 (medium)
 	[etch] - nexuiz <not-affected> (Vulnerable code not present, was introduced in 2.2.2)
-CVE-2007-0656
+CVE-2007-0656 (PHP remote file inclusion vulnerability in includes/functions.php in p ...)
 	NOT-FOR-US: phpBB2-MODificat it is a module to phpbb2
-CVE-2007-0655
+CVE-2007-0655 (The MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies  ...)
 	NOT-FOR-US: MicroWorld
-CVE-2007-0654
+CVE-2007-0654 (Integer underflow in X MultiMedia System (xmms) 1.2.10 allows user-ass ...)
 	{DSA-1277-1}
 	- xmms 1:1.2.10+20070301-2 (bug #416423; low)
-CVE-2007-0653
+CVE-2007-0653 (Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly ot ...)
 	{DSA-1277-1}
 	- xmms 1:1.2.10+20070301-2 (bug #416423; low)
-CVE-2007-0652
+CVE-2007-0652 (Cross-site request forgery (CSRF) vulnerability in MailEnable Professi ...)
 	NOT-FOR-US: MailEnable Professional
-CVE-2007-0651
+CVE-2007-0651 (Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Prof ...)
 	NOT-FOR-US: MailEnable Professional
-CVE-2007-0650
+CVE-2007-0650 (Buffer overflow in the open_sty function in mkind.c for makeindex 2.14 ...)
 	- tetex-bin <not-affected> (Only vulnerable if compiled w/o kpathsea support, Debian does)
-CVE-2007-0649
+CVE-2007-0649 (Variable overwrite vulnerability in interface/globals.php in OpenEMR 2 ...)
 	NOT-FOR-US: OpenEMR
-CVE-2007-0648
+CVE-2007-0648 (Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0647
+CVE-2007-0647 (Format string vulnerability in Help Viewer 3.0.0 allows remote user-as ...)
 	NOT-FOR-US: AppleKit
-CVE-2007-0646
+CVE-2007-0646 (Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Ma ...)
 	NOT-FOR-US: iMovie
-CVE-2007-0645
+CVE-2007-0645 (Format string vulnerability in iPhoto 6.0.5 allows remote user-assiste ...)
 	NOT-FOR-US: iPhoto
-CVE-2007-0644
+CVE-2007-0644 (Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remot ...)
 	NOT-FOR-US: Apple Safari
-CVE-2007-0643
+CVE-2007-0643 (Stack-based buffer overflow in Bloodshed Dev-C++ 4.9.9.2 allows user-a ...)
 	NOT-FOR-US: Bloodshed Dev-C++
-CVE-2007-0642
+CVE-2007-0642 (SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU scri ...)
 	NOT-FOR-US: Raymond BERTHOU script collection
-CVE-2007-0641
+CVE-2007-0641 (Buffer overflow in the EnumPrintersA function in dapcnfsd.dll 0.6.4.0  ...)
 	NOT-FOR-US: Shaffer Solutions (SSC)
-CVE-2007-0640
+CVE-2007-0640 (Buffer overflow in ZABBIX before 1.1.5 has unknown impact and attack v ...)
 	- zabbix 1:1.1.4-8 (bug #409257)
-CVE-2007-0639
+CVE-2007-0639 (Multiple static code injection vulnerabilities in error.php in GuppY 4 ...)
 	NOT-FOR-US: GuppY
-CVE-2007-0638
+CVE-2007-0638 (show.php in Vlad Alexa Mancini PHPFootball 1.6 allows remote attackers ...)
 	NOT-FOR-US: PHPFootball
-CVE-2007-0637
+CVE-2007-0637 (Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 ...)
 	NOT-FOR-US: Galeria Zdjec
-CVE-2007-0636
+CVE-2007-0636 (Unspecified vulnerability in inotify before 0.3.5 has unknown impact a ...)
 	NOT-FOR-US: incron
-CVE-2007-0635
+CVE-2007-0635 (Multiple PHP remote file inclusion vulnerabilities in EncapsCMS 0.3.6  ...)
 	NOT-FOR-US: EncapsCMS
-CVE-2007-0634
+CVE-2007-0634 (Unspecified vulnerability in Sun Solaris 10 before 20070130 allows rem ...)
 	NOT-FOR-US: Sun Solaris
 CVE-2007-XXXX [kaya buffer overflow, cross-site scripting and data leak]
 	- kaya 0.2.0-6 (bug #409062)
 CVE-2007-XXXX [file descriptor leak when a Compose file uses the "include" directive]
 	- libx11 2:1.0.3-5 (low)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=9279
-CVE-2007-0633
+CVE-2007-0633 (PHP remote file inclusion vulnerability in include/themes/themefunc.ph ...)
 	NOT-FOR-US: MyNews
-CVE-2007-0632
+CVE-2007-0632 (SQL injection vulnerability in artreplydelete.asp in ASP EDGE 1.3a and ...)
 	NOT-FOR-US: ASP EDGE
-CVE-2007-0631
+CVE-2007-0631 (SQL injection vulnerability in index.php in Eclectic Designs Cascadian ...)
 	NOT-FOR-US: Eclectic Designs CascadianFAQ
-CVE-2007-0630
+CVE-2007-0630 (Multiple SQL injection vulnerabilities in the generate_csv function in ...)
 	NOT-FOR-US: xNews
-CVE-2007-0629
+CVE-2007-0629 (The www_purgeList method in Plain Black WebGUI before 7.3.8 does not p ...)
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2007-0628
+CVE-2007-0628 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2007-0627
+CVE-2007-0627 (Michael Still gtalkbot before 1.2 places username and password argumen ...)
 	NOT-FOR-US: gtalkbot
-CVE-2007-0626
+CVE-2007-0626 (The comment_form_add_preview function in comment.module in Drupal befo ...)
 	- drupal 4.7.6-1
-CVE-2007-0625
+CVE-2007-0625 (nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not validat ...)
 	NOT-FOR-US: NoMachine NX Server
-CVE-2007-0624
+CVE-2007-0624 (user.php in MAXdev MDPro 1.0.76 allows remote attackers to obtain the  ...)
 	NOT-FOR-US: MAXdev MDPro
-CVE-2007-0623
+CVE-2007-0623 (SQL injection vulnerability in index.php in MAXdev MDPro 1.0.76 allows ...)
 	NOT-FOR-US: MAXdev MDPro
-CVE-2007-0622
+CVE-2007-0622 (Cross-site request forgery (CSRF) vulnerability in MyBB (aka MyBulleti ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 CVE-2007-0621
 	REJECTED
-CVE-2007-0620
+CVE-2007-0620 (download.php in FD Script 1.3.2 and earlier allows remote attackers to ...)
 	NOT-FOR-US: FD Script
-CVE-2007-0619
+CVE-2007-0619 (chmlib before 0.39 allows user-assisted remote attackers to execute ar ...)
 	- chmlib 2:0.39-1 (bug #408603; medium)
-CVE-2007-0618
+CVE-2007-0618 (Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-0617
+CVE-2007-0617 (The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked ...)
 	NOT-FOR-US: Earthlink TotalAccess
-CVE-2007-0616
+CVE-2007-0616 (Directory traversal vulnerability in zen/template-functions.php in zen ...)
 	NOT-FOR-US: zenphoto
-CVE-2007-0615
+CVE-2007-0615 (Unspecified vulnerability in Hitachi JP1/HIBUN Advanced Edition Manage ...)
 	NOT-FOR-US: Hitachi
-CVE-2007-0614
+CVE-2007-0614 (The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMe ...)
 	NOT-FOR-US: Apple
-CVE-2007-0613
+CVE-2007-0613 (The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMe ...)
 	NOT-FOR-US: Apple
-CVE-2007-0612
+CVE-2007-0612 (Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vis ...)
 	NOT-FOR-US: Microsoft ActiveX
-CVE-2007-0611
+CVE-2007-0611 (Multiple cross-site scripting (XSS) vulnerabilities in Free LAN In(tra ...)
 	NOT-FOR-US: Free LAN Intranet Portal
-CVE-2007-0610
+CVE-2007-0610 (Cross-site scripting (XSS) vulnerability in the mailform feature in CM ...)
 	NOT-FOR-US: CMSimple
-CVE-2007-0609
+CVE-2007-0609 (Directory traversal vulnerability in Advanced Guestbook 2.4.2 allows r ...)
 	NOT-FOR-US: Advanced Guestbook
-CVE-2007-0608
+CVE-2007-0608 (Advanced Guestbook 2.4.2 allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: Advanced Guestbook
-CVE-2007-0607
+CVE-2007-0607 (W-Agora (Web-Agora) 4.2.1, when register_globals is enabled, stores gl ...)
 	NOT-FOR-US: Web-Agora
-CVE-2007-0606
+CVE-2007-0606 (w-agora 4.2.1 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web-Agora
-CVE-2007-0605
+CVE-2007-0605 (Cross-site scripting (XSS) vulnerability in picture.php in Advanced Gu ...)
 	NOT-FOR-US: Advanced Guestbook
-CVE-2007-0604
+CVE-2007-0604 (Cross-site scripting (XSS) vulnerability in Movable Type (MT) before 3 ...)
 	NOT-FOR-US: Movable Type
-CVE-2007-0603
+CVE-2007-0603 (PGP Desktop before 9.5.1 does not validate data objects received over  ...)
 	NOT-FOR-US: PGP Desktop
-CVE-2007-0602
+CVE-2007-0602 (Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro Vir ...)
 	NOT-FOR-US: Trend Micro AntiVirus
-CVE-2007-0601
+CVE-2007-0601 (common/safety.php in Aztek Forum 4.00 allows remote attackers to enter ...)
 	NOT-FOR-US: Aztek Forum
-CVE-2007-0600
+CVE-2007-0600 (SQL injection vulnerability in news_page.asp in Martyn Kilbryde Newspo ...)
 	NOT-FOR-US: makit news
-CVE-2007-0599
+CVE-2007-0599 (Variable overwrite vulnerability in common/config.php in Aztek Forum 4 ...)
 	NOT-FOR-US: Aztek Forum
-CVE-2007-0598
+CVE-2007-0598 (SQL injection vulnerability in forum/load.php in Aztek Forum 4.00 allo ...)
 	NOT-FOR-US: Aztek Forum
-CVE-2007-0597
+CVE-2007-0597 (Aztek Forum 4.00 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Aztek Forum
-CVE-2007-0596
+CVE-2007-0596 (PHP remote file inclusion vulnerability in index/main.php in Aztek For ...)
 	NOT-FOR-US: Aztek Forum
-CVE-2007-0595
+CVE-2007-0595 (Cross-site scripting (XSS) vulnerability in search in High 5 Review Si ...)
 	NOT-FOR-US: high5 Review
-CVE-2007-0594
+CVE-2007-0594 (Siteman 2.0.x2 stores sensitive information under the web root with in ...)
 	NOT-FOR-US: Siteman
-CVE-2007-0593
+CVE-2007-0593 (Siteman 1.1.11 stores sensitive information under the web root with in ...)
 	NOT-FOR-US: Siteman
-CVE-2007-0592
+CVE-2007-0592 (Cross-site scripting (XSS) vulnerability in EzDatabase 2.1.3 allows re ...)
 	NOT-FOR-US: EzDatabase
-CVE-2007-0591
+CVE-2007-0591 (PHP remote file inclusion vulnerability in configure.php in Vu Le An V ...)
 	NOT-FOR-US: VirtualPath
-CVE-2007-0590
+CVE-2007-0590 (Cross-site scripting (XSS) vulnerability in busca2.asp in Forum Livre  ...)
 	NOT-FOR-US: Forum Livre
-CVE-2007-0589
+CVE-2007-0589 (SQL injection vulnerability in Forum Livre 1.0 allows remote attackers ...)
 	NOT-FOR-US: Forum Livre
-CVE-2007-0588
+CVE-2007-0588 (The InternalUnpackBits function in Apple QuickDraw, as used by Quickti ...)
 	NOT-FOR-US: Apple
 CVE-2007-0587
 	RESERVED
 CVE-2007-0586
 	RESERVED
-CVE-2007-0585
+CVE-2007-0585 (include/debug.php in Webfwlog 0.92 and earlier, when register_globals  ...)
 	NOT-FOR-US: Webfwlog
-CVE-2007-0584
+CVE-2007-0584 (PHP remote file inclusion vulnerability in membres/membreManager.php i ...)
 	NOT-FOR-US: PhP Generic
-CVE-2007-0583
+CVE-2007-0583 (Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander  ...)
 	NOT-FOR-US: HTTP Commander
-CVE-2007-0582
+CVE-2007-0582 (SQL injection vulnerability in default.asp in ChernobiLe 1.0 allows re ...)
 	NOT-FOR-US: ChernobiLe
-CVE-2007-0581
+CVE-2007-0581 (PHP remote file inclusion vulnerability in functions.php in EclipseBB  ...)
 	NOT-FOR-US: EclipseBB
-CVE-2007-0580
+CVE-2007-0580 (PHP remote file inclusion vulnerability in menu.php in Foro Domus 2.10 ...)
 	NOT-FOR-US: Foro Domus
-CVE-2007-0579
+CVE-2007-0579 (Unspecified vulnerability in the calendar component in Horde Groupware ...)
 	NOT-FOR-US: Horde Groupware
-CVE-2007-0578
+CVE-2007-0578 (The http_open function in httpget.c in mpg123 before 0.64 allows remot ...)
 	- mpg123 0.61-5 (bug #409296; unimportant)
 	NOTE: Not much of a security problem; user will abort mpg123 and never listen to
 	NOTE: the faulty stream again
-CVE-2007-0577
+CVE-2007-0577 (PHP remote file inclusion vulnerability in function.inc.php in ACGVcli ...)
 	NOT-FOR-US: ACGVclick
-CVE-2007-0576
+CVE-2007-0576 (PHP remote file inclusion vulnerability in xt_counter.php in Xt-Stats  ...)
 	NOT-FOR-US: Xt-Stats
-CVE-2007-0575
+CVE-2007-0575 (Multiple SQL injection vulnerabilities in the administrative login pag ...)
 	NOT-FOR-US: ASPCode.net AdMentor
-CVE-2007-0574
+CVE-2007-0574 (SQL injection vulnerability in rss/show_webfeed.php in SpoonLabs Vivvo ...)
 	NOT-FOR-US: SpoonLabs Vivvo Article Management CMS
-CVE-2007-0573
+CVE-2007-0573 (PHP remote file inclusion vulnerability in includes/config.inc.php in  ...)
 	NOT-FOR-US: nsGalPHP
-CVE-2007-0572
+CVE-2007-0572 (PHP remote file inclusion vulnerability in include/irc/phpIRC.php in D ...)
 	NOT-FOR-US: Drunken:Golem Gaming Portal
-CVE-2007-0571
+CVE-2007-0571 (PHP remote file inclusion vulnerability in include/lib/lib_head.php in ...)
 	NOT-FOR-US: phpMyReports
-CVE-2007-0570
+CVE-2007-0570 (PHP remote file inclusion vulnerability in ains_main.php in Johannes G ...)
 	NOT-FOR-US: Ad Fundum Integratable News Script
-CVE-2007-0569
+CVE-2007-0569 (SQL injection vulnerability in xNews.php in xNews 1.3 allows remote at ...)
 	NOT-FOR-US: xNews
-CVE-2007-0568
+CVE-2007-0568 (PHP remote file inclusion vulnerability in system/lib/package.php in M ...)
 	NOT-FOR-US: MyPHPCommander
-CVE-2007-0567
+CVE-2007-0567 (Cross-site scripting (XSS) vulnerability in admin.php in Interactive-S ...)
 	NOT-FOR-US: Interactive-Scripts.Com
-CVE-2007-0566
+CVE-2007-0566 (SQL injection vulnerability in news_detail.asp in ASP NEWS 3 and earli ...)
 	NOT-FOR-US: ASP NEWS
-CVE-2007-0565
+CVE-2007-0565 (CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote ...)
 	NOT-FOR-US: CGI RESCUE
-CVE-2007-0564
+CVE-2007-0564 (The license registering interface in Symantec Web Security (SWS) befor ...)
 	NOT-FOR-US: Symantec
-CVE-2007-0563
+CVE-2007-0563 (Multiple cross-site scripting (XSS) vulnerabilities in Symantec Web Se ...)
 	NOT-FOR-US: Symantec
-CVE-2007-0562
+CVE-2007-0562 (Windows Explorer (explorer.exe) 6.0.2900.2180 in Microsoft Windows XP  ...)
 	NOT-FOR-US: Windows Explorer
-CVE-2007-0561
+CVE-2007-0561 (Multiple PHP remote file inclusion vulnerabilities in Xero Portal 1.2  ...)
 	NOT-FOR-US: Xero Portal
-CVE-2007-0560
+CVE-2007-0560 (SQL injection vulnerability in user.asp in ASP EDGE 1.2b and earlier a ...)
 	NOT-FOR-US: ASP EDGE
-CVE-2007-0559
+CVE-2007-0559 (PHP remote file inclusion vulnerability in config.php in RPW 1.0.2 all ...)
 	NOT-FOR-US: RPW
-CVE-2007-0558
+CVE-2007-0558 (PHP remote file inclusion vulnerability in modules/mail/main.php in In ...)
 	NOT-FOR-US: vHostAdmin
-CVE-2007-0557
+CVE-2007-0557 (rMake before 1.0.4 drops root privileges in a way that retains the ori ...)
 	NOT-FOR-US: rPath
-CVE-2007-0556
+CVE-2007-0556 (The query planner in PostgreSQL before 8.0.11, 8.1 before 8.1.7, and 8 ...)
 	- postgresql-8.2 8.2.2-1
 	- postgresql-8.1 8.1.7-1
 	- postgresql-7.4 <not-affected> (only PostgreSQL 8.x)
 	- postgresql <not-affected> (only PostgreSQL 8.x)
-CVE-2007-0555
+CVE-2007-0555 (PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8. ...)
 	{DSA-1261-1}
 	- postgresql-8.2 8.2.2-1
 	- postgresql-8.1 8.1.7-1
 	- postgresql-7.4 1:7.4.16-1
 	- postgresql <not-affected> (only transitional package)
-CVE-2007-0554
+CVE-2007-0554 (SQL injection vulnerability in print.asp in Guo Xu Guos Posting System ...)
 	NOT-FOR-US: Guos Posting System
-CVE-2007-0553
+CVE-2007-0553 (Multiple cross-site scripting (XSS) vulnerabilities in index.inc.php i ...)
 	NOT-FOR-US: PHProxy
-CVE-2007-0552
+CVE-2007-0552 (Cross-site scripting (XSS) vulnerability in install/default/error404.h ...)
 	NOT-FOR-US: Onnac
-CVE-2007-0551
+CVE-2007-0551 (Multiple PHP remote file inclusion vulnerabilities in cmsimple/cms.php ...)
 	NOT-FOR-US: CMSimple
-CVE-2007-0550
+CVE-2007-0550 (Cross-site scripting (XSS) vulnerability in search.php in 212cafeBoard ...)
 	NOT-FOR-US: 212cafe Guestbook
-CVE-2007-0549
+CVE-2007-0549 (Cross-site scripting (XSS) vulnerability in list3.php in 212cafeBoard  ...)
 	NOT-FOR-US: 212cafe Guestbook
-CVE-2007-0548
+CVE-2007-0548 (KarjaSoft Sami HTTP Server 2.0.1 allows remote attackers to cause a de ...)
 	NOT-FOR-US: KarjaSoft
-CVE-2007-0547
+CVE-2007-0547 (Cross-site scripting (XSS) vulnerability in CGI-RESCUE WebFORM 4.3 and ...)
 	NOT-FOR-US: CGI RESCUE
-CVE-2007-0546
+CVE-2007-0546 (Toxiclab Shoutbox 1 stores sensitive information under the web root wi ...)
 	NOT-FOR-US: Toxiclab Shoutbox
-CVE-2007-0545
+CVE-2007-0545 (Maxtricity Tagger 0.1 stores sensitive information under the web root  ...)
 	NOT-FOR-US: Maxtricity Tagger
-CVE-2007-0544
+CVE-2007-0544 (Cross-site scripting (XSS) vulnerability in private.php in MyBB (aka M ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2007-0543
+CVE-2007-0543 (ZixForum 1.14 and earlier stores sensitive information under the web r ...)
 	NOT-FOR-US: ZixForum
-CVE-2007-0542
+CVE-2007-0542 (Cross-site scripting (XSS) vulnerability in show.php in 212cafe Guestb ...)
 	NOT-FOR-US: 212cafe Guestbook
-CVE-2007-0541
+CVE-2007-0541 (WordPress allows remote attackers to determine the existence of arbitr ...)
 	{DTSA-33-1}
 	- wordpress 2.1.0-1 (low)
-CVE-2007-0540
+CVE-2007-0540 (WordPress allows remote attackers to cause a denial of service (bandwi ...)
 	{DSA-1564-1}
 	- wordpress 2.1.0-1 (low)
-CVE-2007-0539
+CVE-2007-0539 (The wp_remote_fopen function in WordPress before 2.1 allows remote att ...)
 	{DTSA-33-1}
 	- wordpress 2.1.0-1 (low)
-CVE-2007-0538
+CVE-2007-0538 (Telligent Community Server 2.1 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Telligent
-CVE-2007-0537
+CVE-2007-0537 (The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not p ...)
 	- kdelibs 4:3.5.5a.dfsg.1-6 (bug #409868; medium)
-CVE-2007-0536
+CVE-2007-0536 (The chroot helper in rMake for rPath Linux 1 does not drop supplementa ...)
 	NOT-FOR-US: rPath
-CVE-2007-0535
+CVE-2007-0535 (Multiple eval injection vulnerabilities in Vote! Pro 4.0, and possibly ...)
 	NOT-FOR-US: Vote! Pro
-CVE-2007-0534
+CVE-2007-0534 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Project ...)
 	NOT-FOR-US: Drupal module "Project"
-CVE-2007-0533
+CVE-2007-0533 (The AToZed IntraWeb component 8.0 and earlier for Borland Delphi and K ...)
 	NOT-FOR-US: Borland Delphi
-CVE-2007-0532
+CVE-2007-0532 (Tuan Do Uploader (aka php-uploader) 6 beta 1 stores sensitive informat ...)
 	NOT-FOR-US: Uploader
-CVE-2007-0531
+CVE-2007-0531 (PHP remote file inclusion vulnerability in includes/login.php in FreeW ...)
 	NOT-FOR-US: FreeWebShop
 CVE-2007-0530
 	NOT-FOR-US: Advanced Guestbook
-CVE-2007-0529
+CVE-2007-0529 (Cross-site scripting (XSS) vulnerability in index.html (aka the admini ...)
 	NOT-FOR-US: PHP Link Directory
-CVE-2007-0528
+CVE-2007-0528 (The admin web console implemented by the Centrality Communications (ak ...)
 	NOT-FOR-US: Centrality Communications
-CVE-2007-0527
+CVE-2007-0527 (SQL injection vulnerability in the is_remembered function in class.log ...)
 	NOT-FOR-US: Website Baker
-CVE-2007-0526
+CVE-2007-0526 (Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.3.1 ...)
 	NOT-FOR-US: Bitweaver
-CVE-2007-0525
+CVE-2007-0525 (Multiple buffer overflows in Nickolas Grigoriadis Mini Web server (Min ...)
 	NOT-FOR-US: Mini Web server
-CVE-2007-0524
+CVE-2007-0524 (The LG Chocolate KG800 phone allows remote attackers to cause a denial ...)
 	NOT-FOR-US: LG
-CVE-2007-0523
+CVE-2007-0523 (The Nokia N70 phone allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Nokia
-CVE-2007-0522
+CVE-2007-0522 (The Motorola MOTORAZR V3 phone allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Motorola
-CVE-2007-0521
+CVE-2007-0521 (The Sony Ericsson K700i and W810i phones allow remote attackers to cau ...)
 	NOT-FOR-US: Sony Ericsson
-CVE-2007-0520
+CVE-2007-0520 (SQL injection vulnerability in banner.php in Unique Ads (UDS) 1.x allo ...)
 	NOT-FOR-US: Unique Ads
-CVE-2007-0519
+CVE-2007-0519 (Cross-site scripting (XSS) vulnerability in memcp.php in XMB U2U Insta ...)
 	NOT-FOR-US: XMB Host
-CVE-2007-0518
+CVE-2007-0518 (Scriptsez Smart PHP Subscriber (aka subscribe) stores sensitive inform ...)
 	NOT-FOR-US: Scriptsez
-CVE-2007-0517
+CVE-2007-0517 (Scriptsez Random PHP Quote 1.0 stores sensitive information under the  ...)
 	NOT-FOR-US: Scriptsez
-CVE-2007-0516
+CVE-2007-0516 (Yana Framework before 2.8.5a allows remote authenticated users with pe ...)
 	NOT-FOR-US: Yana
-CVE-2007-0515
+CVE-2007-0515 (Unspecified vulnerability in Microsoft Word allows user-assisted remot ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0514
+CVE-2007-0514 (Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitach ...)
 	NOT-FOR-US: Hitachi
-CVE-2007-0513
+CVE-2007-0513 (Hitachi HiRDB Datareplicator 7HiRDB, 7(64), 6, 6(64), 5.0, and 5.0(64) ...)
 	NOT-FOR-US: Hitachi
-CVE-2007-0512
+CVE-2007-0512 (Hitachi TP1/LiNK 05-00 through 05-03-/F, 03-04 through 03-06-/K, and 0 ...)
 	NOT-FOR-US: Hitachi
-CVE-2007-0511
+CVE-2007-0511 (Multiple PHP remote file inclusion vulnerabilities in phpXMLDOM (phpXD ...)
 	NOT-FOR-US: phpXD
-CVE-2007-0510
+CVE-2007-0510 (Multiple buffer overflows in (1) graphs.c, (2) output.c, and (3) prese ...)
 	- awffull <unfixed> (unimportant)
 	NOTE: This appears to be a bug without a vulnerability vector.
-CVE-2007-0509
+CVE-2007-0509 (Multiple unspecified vulnerabilities in MaklerPlus before 1.2 have unk ...)
 	NOT-FOR-US: MaklerPlus
-CVE-2007-0507
+CVE-2007-0507 (SQL injection vulnerability in the Acidfree module for Drupal before 4 ...)
 	NOT-FOR-US: Drupal module "Acidfree"
-CVE-2007-0506
+CVE-2007-0506 (The project_issue_access function in the Project issue tracking 4.7.0  ...)
 	NOT-FOR-US: Drupal module "Project"
-CVE-2007-0505
+CVE-2007-0505 (Unrestricted file upload vulnerability in the Project issue tracking 4 ...)
 	NOT-FOR-US: Drupal module "Project"
-CVE-2007-0504
+CVE-2007-0504 (Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and p ...)
 	NOT-FOR-US: Vote! Pro
-CVE-2007-0503
+CVE-2007-0503 (Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 bef ...)
 	NOT-FOR-US: Sun
-CVE-2007-0502
+CVE-2007-0502 (SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows  ...)
 	NOT-FOR-US: webSPELL
-CVE-2007-0501
+CVE-2007-0501 (PHP remote file inclusion vulnerability in index.php in Mafia Scum Too ...)
 	NOT-FOR-US: Advanced Random Generators
-CVE-2007-0500
+CVE-2007-0500 (PHP remote file inclusion vulnerability in include/includes.php in Bra ...)
 	NOT-FOR-US: Bradabra
-CVE-2007-0499
+CVE-2007-0499 (PHP remote file inclusion vulnerability in config.php in Sangwan Kim p ...)
 	NOT-FOR-US: phpIndexPage
-CVE-2007-0498
+CVE-2007-0498 (PHP remote file inclusion vulnerability in up.php in MySpeach 2.1 beta ...)
 	NOT-FOR-US: MySpeach
-CVE-2007-0497
+CVE-2007-0497 (PHP remote file inclusion vulnerability in upload/top.php in Upload-Se ...)
 	NOT-FOR-US: Upload-Service
-CVE-2007-0496
+CVE-2007-0496 (PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs  ...)
 	NOT-FOR-US: Neon Lab
-CVE-2007-0495
+CVE-2007-0495 (PHP remote file inclusion vulnerability in include/config.inc.php in P ...)
 	NOT-FOR-US: PhpSherpa
-CVE-2007-0492
+CVE-2007-0492 (Multiple SQL injection vulnerabilities in gallery.php in webSPELL 4.01 ...)
 	NOT-FOR-US: webSPELL
-CVE-2007-0491
+CVE-2007-0491 (PHP remote file inclusion vulnerability in up.php in Sky GUNNING MySpe ...)
 	NOT-FOR-US: MySpeach
-CVE-2007-0490
+CVE-2007-0490 (index.php in Open-Realty 2.3.4 allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: Open-Realty
-CVE-2007-0489
+CVE-2007-0489 (PHP remote file inclusion vulnerability in includes/functions.visohotl ...)
 	NOT-FOR-US: VisoHotlink
-CVE-2007-0488
+CVE-2007-0488 (The Huawei Versatile Routing Platform 1.43 2500E-003 firmware on the Q ...)
 	NOT-FOR-US: Huawei
 CVE-2007-0487
 	NOT-FOR-US: FreeForum
 CVE-2007-0486
 	NOT-FOR-US: Openads
-CVE-2007-0485
+CVE-2007-0485 (PHP remote file inclusion vulnerability in defines.php in WebChat 0.77 ...)
 	NOT-FOR-US: Webdev
-CVE-2007-0484
+CVE-2007-0484 (Multiple SQL injection vulnerabilities in Enthusiast 3.1 allow remote  ...)
 	NOT-FOR-US: ReviewPost
-CVE-2007-0483
+CVE-2007-0483 (Multiple cross-site scripting (XSS) vulnerabilities in Enthusiast 3.1  ...)
 	NOT-FOR-US: ReviewPost
-CVE-2007-0482
+CVE-2007-0482 (cgi-bin/main in Sun Ray Server Software 2.0 and 3.0 before 20070123 al ...)
 	NOT-FOR-US: Sun
-CVE-2007-0481
+CVE-2007-0481 (Cisco IOS allows remote attackers to cause a denial of service (crash) ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0480
+CVE-2007-0480 (Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0479
+CVE-2007-0479 (Memory leak in the TCP listener in Cisco IOS 9.x, 10.x, 11.x, and 12.x ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0478
+CVE-2007-0478 (WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2007-0477
+CVE-2007-0477 (Cross-site scripting (XSS) vulnerability in Openads 2.0.x before 2.0.1 ...)
 	NOT-FOR-US: Openads
-CVE-2007-0476
+CVE-2007-0476 (The gencert.sh script, when installing OpenLDAP before 2.1.30-r10, 2.2 ...)
 	- openldap2 <not-affected> (Gentoo packaging bug)
-CVE-2007-0475
+CVE-2007-0475 (Multiple stack-based buffer overflows in utilities/smb4k_*.cpp in Smb4 ...)
 	- smb4k 0.8.1-1 (low)
 	[etch] - smb4k <no-dsa> (Minor issue)
 	NOTE: not all problems fixed in 0.8.0
-CVE-2007-0474
+CVE-2007-0474 (Smb4K before 0.8.0 allow local users, when present on the Smb4K sudoer ...)
 	- smb4k 0.8.1-1 (low)
 	[etch] - smb4k <no-dsa> (Minor issue)
 	NOTE: not fixed in 0.8.0, see
 	NOTE: https://web.archive.org/web/20070712072042/http://developer.berlios.de/bugs/?func=detailbug&bug_id=9631&group_id=769
-CVE-2007-0473
+CVE-2007-0473 (The writeFile function in core/smb4kfileio.cpp in Smb4K before 0.8.0 d ...)
 	- smb4k 0.8.0-1 (low)
 	[etch] - smb4k <no-dsa> (Minor issue)
-CVE-2007-0472
+CVE-2007-0472 (Multiple race conditions in Smb4K before 0.8.0 allow local users to (1 ...)
 	- smb4k 0.8.0-1 (low)
 	[etch] - smb4k <no-dsa> (Minor issue)
-CVE-2007-0508
+CVE-2007-0508 (PHP remote file inclusion vulnerability in lib/selectlang.php in BBClo ...)
 	- bbclone 0.4.6-8 (bug #408839; medium)
 CVE-2007-XXXX [hinfo code injection]
 	- hinfo 1.02-3.1 (bug #402316; low)
 	[sarge] - hinfo <no-dsa> (Package completely broken, hardly usable for an attack)
-CVE-2007-0494
+CVE-2007-0494 (ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 u ...)
 	{DSA-1254-1}
 	- bind9 1:9.3.4-2 (medium; bug #408432)
 	- bind <not-affected>
-CVE-2007-0493
+CVE-2007-0493 (Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up ...)
 	- bind9 1:9.3.4-2 (medium; bug #408432)
 	[sarge] - bind9 <not-affected> (Vulnerable code not present)
 	- bind <not-affected>
@@ -14945,81 +14945,81 @@ CVE-2007-XXXX [gstreamer ffmpeg missing checks of packet sizes, chunk sizes, and
 	- ffmpeg 0.cvs20060823-6
 	- xmovie <not-affected> (this is not an issue in the avformat ffmpeg code copy)
 	- mplayer 1.0~rc1-12
-CVE-2007-0471
+CVE-2007-0471 (sre/params.php in the Integrity Clientless Security (ICS) component in ...)
 	NOT-FOR-US: Check Point
-CVE-2007-0470
+CVE-2007-0470 (Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 1 ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-0469
+CVE-2007-0469 (The extract_files function in installer.rb in RubyGems before 0.9.1 do ...)
 	- libgems-ruby 0.9.3-1 (low; bug #408299)
 	[etch] - libgems-ruby <no-dsa> (Minor issue, needs implicit trust on installed data)
-CVE-2007-0468
+CVE-2007-0468 (Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (M ...)
 	NOT-FOR-US: Visual C++
-CVE-2007-0467
+CVE-2007-0467 (crashdump in Apple Mac OS X 10.4.8 allows local users in the admin gro ...)
 	NOT-FOR-US: Apple
-CVE-2007-0466
+CVE-2007-0466 (Telestream Flip4Mac Windows Media Components for Quicktime 2.1.0.33 al ...)
 	NOT-FOR-US: Telestream
-CVE-2007-0465
+CVE-2007-0465 (Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4. ...)
 	NOT-FOR-US: Apple
-CVE-2007-0464
+CVE-2007-0464 (The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 o ...)
 	NOT-FOR-US: CFNetwork on Apple Mac OS
-CVE-2007-0463
+CVE-2007-0463 (Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X ...)
 	NOT-FOR-US: Apple
-CVE-2007-0462
+CVE-2007-0462 (The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktim ...)
 	NOT-FOR-US: Apple
-CVE-2007-0461
+CVE-2007-0461 (Multiple memory leaks in the Dazuko anti-virus helper module before 2. ...)
 	- dazuko-source <removed> (bug #408300)
 	[sarge] - dazuko-source <not-affected> (Vulnerable code not present)
-CVE-2007-0460
+CVE-2007-0460 (Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and  ...)
 	- ulogd 1.23-6 (medium)
-CVE-2007-0459
+CVE-2007-0459 (packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.9 ...)
 	- wireshark 0.99.4-5 (low)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-0458
+CVE-2007-0458 (Unspecified vulnerability in the HTTP dissector in Wireshark (formerly ...)
 	- wireshark 0.99.4-5 (low)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-0457
+CVE-2007-0457 (Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (f ...)
 	- wireshark 0.99.4-5 (low)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-0456
+CVE-2007-0456 (Unspecified vulnerability in the LLT dissector in Wireshark (formerly  ...)
 	- wireshark 0.99.4-5 (low)
 	[sarge] - ethereal <not-affected> (Vulnerable code not present)
-CVE-2007-0455
+CVE-2007-0455 (Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Grap ...)
 	{DSA-1936-1}
 	- libgd2 2.0.35.dfsg-1 (bug #408982; low)
 	[sarge] - libgd2 <no-dsa> (Minor issue, hardly exploitable)
 	[etch] - libgd2 <no-dsa> (Minor issue, hardly exploitable)
-CVE-2007-0454
+CVE-2007-0454 (Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 ...)
 	{DSA-1257}
 	- samba 3.0.23d-5 (medium)
-CVE-2007-0453
+CVE-2007-0453 (Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 throug ...)
 	- samba <not-affected> (Solaris-specific vulnerability)
-CVE-2007-0452
+CVE-2007-0452 (smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users  ...)
 	{DSA-1257}
 	- samba 3.0.23d-5 (low)
-CVE-2007-0450
+CVE-2007-0450 (Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x ...)
 	- tomcat5 <removed> (unimportant)
 	- tomcat5.5 5.5.23-1 (unimportant)
 	NOTE: This only adds an additional control settings for path delimiters, the
 	NOTE: necessary proxies still need to be secured or fixed individually (e.g.
 	NOTE: as done for mod_jk in a DSA
-CVE-2007-0449
+CVE-2007-0449 (Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Ba ...)
 	NOT-FOR-US: CA BrightStor
-CVE-2007-0448
+CVE-2007-0448 (The fopen function in PHP 5.2.0 does not properly handle invalid URI h ...)
 	- php5 <removed> (unimportant)
 	NOTE: open_basedir bypasses not supported
-CVE-2007-0447
+CVE-2007-0447 (Heap-based buffer overflow in the Decomposer component in multiple Sym ...)
 	NOT-FOR-US: Symantec
-CVE-2007-0446
+CVE-2007-0446 (Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Merc ...)
 	NOT-FOR-US: HP Mercury
-CVE-2007-0445
+CVE-2007-0445 (Heap-based buffer overflow in the arj.ppl module in the OnDemand Scann ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2007-0444
+CVE-2007-0444 (Stack-based buffer overflow in the print provider library (cpprov.dll) ...)
 	NOT-FOR-US: Citrix
-CVE-2007-0443
+CVE-2007-0443 (Multiple buffer overflows in the CDDBControl ActiveX control in Gracen ...)
 	NOT-FOR-US: GraceNote ActiveX Control
-CVE-2007-0442
+CVE-2007-0442 (Unspecified vulnerability in IBM OS/400 R530 and R535 has unknown impa ...)
 	NOT-FOR-US: IBM OS/400
-CVE-2007-0441
+CVE-2007-0441 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: OpenView Network Node Manager
 CVE-2007-0440
 	RESERVED
@@ -15027,157 +15027,157 @@ CVE-2007-0439
 	RESERVED
 CVE-2007-0438
 	RESERVED
-CVE-2007-0437
+CVE-2007-0437 (Multiple cross-site scripting (XSS) vulnerabilities in the sample Cach ...)
 	NOT-FOR-US: InterSystems Cache
-CVE-2007-0436
+CVE-2007-0436 (Barron McCann X-Kryptor Driver BMS1446HRR (Xgntr BMS1351 Install BMS14 ...)
 	NOT-FOR-US: X-Kryptor
-CVE-2007-0435
+CVE-2007-0435 (T-Com Speedport 500V routers with firmware 1.31 allow remote attackers ...)
 	NOT-FOR-US: T-Com Speedport
-CVE-2007-0434
+CVE-2007-0434 (BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 ...)
 	NOT-FOR-US: BEA
-CVE-2007-0433
+CVE-2007-0433 (Unspecified vulnerability in BEA AquaLogic Enterprise Security 2.0 thr ...)
 	NOT-FOR-US: BEA
-CVE-2007-0432
+CVE-2007-0432 (BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 does not properly reject m ...)
 	NOT-FOR-US: BEA
-CVE-2007-0431
+CVE-2007-0431 (AVM Fritz!Box 7050, and possibly other product models, allows remote a ...)
 	NOT-FOR-US: AVM
-CVE-2007-0430
+CVE-2007-0430 (The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and ea ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2007-0429
+CVE-2007-0429 (DivXBrowserPlugin (aka DivX Web Player) npdivx32.dll, as distributed w ...)
 	NOT-FOR-US: DivX Web Player
-CVE-2007-0428
+CVE-2007-0428 (Unspecified vulnerability in the chtbl_lookup function in hash.c for W ...)
 	- wzdftpd 0.8.1-1 (medium)
-CVE-2007-0427
+CVE-2007-0427 (Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0426
+CVE-2007-0426 (BEA WebLogic Portal 9.2, when running in a WebLogic Server clustered e ...)
 	NOT-FOR-US: BEA
-CVE-2007-0425
+CVE-2007-0425 (Unspecified vulnerability in BEA WebLogic Platform and Server 8.1 thro ...)
 	NOT-FOR-US: BEA
-CVE-2007-0424
+CVE-2007-0424 (Unspecified vulnerability in the BEA WebLogic Server proxy plug-in for ...)
 	NOT-FOR-US: BEA
-CVE-2007-0423
+CVE-2007-0423 (BEA WebLogic Portal 9.2 does not properly handle when an administrator ...)
 	NOT-FOR-US: BEA
-CVE-2007-0422
+CVE-2007-0422 (BEA WebLogic Server 9.0, 9.1, and 9.2 Gold, when running on Solaris 9, ...)
 	NOT-FOR-US: BEA
-CVE-2007-0421
+CVE-2007-0421 (BEA WebLogic Server 6.1 through 6.1 SP7, and 7.0 through 7.0 SP7 allow ...)
 	NOT-FOR-US: BEA
-CVE-2007-0420
+CVE-2007-0420 (BEA WebLogic Server 9.0, 9.1, and 9.2 Gold allows remote attackers to  ...)
 	NOT-FOR-US: BEA
-CVE-2007-0419
+CVE-2007-0419 (The BEA WebLogic Server proxy plug-in before June 2006 for the Apache  ...)
 	NOT-FOR-US: BEA
-CVE-2007-0418
+CVE-2007-0418 (BEA WebLogic Server 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and ...)
 	NOT-FOR-US: BEA
-CVE-2007-0417
+CVE-2007-0417 (BEA WebLogic Server 7.0 through 7.0 SP7, 8.1 through 8.1 SP5, 9.0, and ...)
 	NOT-FOR-US: BEA
-CVE-2007-0416
+CVE-2007-0416 (The WSEE runtime (WS-Security runtime) in BEA WebLogic Server 9.0 and  ...)
 	NOT-FOR-US: BEA
-CVE-2007-0415
+CVE-2007-0415 (BEA WebLogic Server 8.1 through 8.1 SP5 does not properly enforce acce ...)
 	NOT-FOR-US: BEA
-CVE-2007-0414
+CVE-2007-0414 (BEA WebLogic Server 6.1 through 6.1 SP7, 7.0 through 7.0 SP6, 8.1 thro ...)
 	NOT-FOR-US: BEA
-CVE-2007-0413
+CVE-2007-0413 (BEA WebLogic Server 8.1 through 8.1 SP5 stores cleartext data in a bac ...)
 	NOT-FOR-US: BEA
-CVE-2007-0412
+CVE-2007-0412 (BEA WebLogic Server 6.1 through 6.1 SP7, 7.0 through 7.0 SP7, and 8.1  ...)
 	NOT-FOR-US: BEA
-CVE-2007-0411
+CVE-2007-0411 (BEA WebLogic Server 8.1 through 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when  ...)
 	NOT-FOR-US: BEA
-CVE-2007-0410
+CVE-2007-0410 (Unspecified vulnerability in the thread management in BEA WebLogic 7.0 ...)
 	NOT-FOR-US: BEA
-CVE-2007-0409
+CVE-2007-0409 (BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP4, and 9.0 initial ...)
 	NOT-FOR-US: BEA
-CVE-2007-0408
+CVE-2007-0408 (BEA Weblogic Server 8.1 through 8.1 SP4 does not properly validate cli ...)
 	NOT-FOR-US: BEA
-CVE-2007-0407
+CVE-2007-0407 (Cross-site scripting (XSS) vulnerability in Operation/User.pm in Plain ...)
 	NOT-FOR-US: Poplar Gedcom Viewer
-CVE-2007-0406
+CVE-2007-0406 (Multiple buffer overflows in the (1) main function in (a) client.c, an ...)
 	- gxine 0.5.8-2 (medium; bug #405876)
-CVE-2007-0405
+CVE-2007-0405 (The LazyUser class in the AuthenticationMiddleware for Django 0.95 doe ...)
 	- python-django 0.95.1-1 (bug #407786)
-CVE-2007-0404
+CVE-2007-0404 (bin/compile-messages.py in Django 0.95 does not quote argument strings ...)
 	- python-django 0.95.1-1 (bug #407786)
-CVE-2007-0403
+CVE-2007-0403 (SQL injection vulnerability in admin/memberlist.php in Easebay Resourc ...)
 	NOT-FOR-US: Easebay Resources
-CVE-2007-0402
+CVE-2007-0402 (Cross-site scripting (XSS) vulnerability in admin/edit_member.php in E ...)
 	NOT-FOR-US: Easebay Resources
-CVE-2007-0401
+CVE-2007-0401 (SQL injection vulnerability in admin/memberlist.php in Easebay Resourc ...)
 	NOT-FOR-US: Easebay Resources
-CVE-2007-0400
+CVE-2007-0400 (Cross-site scripting (XSS) vulnerability in admin/memberlist.php in Ea ...)
 	NOT-FOR-US: Easebay Resources
-CVE-2007-0399
+CVE-2007-0399 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Si ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2007-0398
+CVE-2007-0398 (Multiple cross-site scripting (XSS) vulnerabilities in forum.php3 in A ...)
 	NOT-FOR-US: MisterSPa-forum
 CVE-2007-XXXX [wordpress unregister_globals workaround from 2.0.7]
 	- wordpress 2.0.7 (bug #407116; unimportant)
 	NOTE: Non-issue, hash issue fixed since months in Sarge and Etch,
 	NOTE: register_globals unsupported anyway
-CVE-2007-0397
+CVE-2007-0397 (The Cisco Security Monitoring, Analysis and Response System (CS-MARS)  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0396
+CVE-2007-0396 (Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in c ...)
 	NOT-FOR-US: HP-UX
-CVE-2007-0395
+CVE-2007-0395 (PHP remote file inclusion vulnerability in libraries/grab_globals.lib. ...)
 	NOT-FOR-US: ComVironment
-CVE-2007-0394
+CVE-2007-0394 (HP HP-UX B11.11 does not properly verify the status of file descriptor ...)
 	NOT-FOR-US: HP-UX
-CVE-2007-0393
+CVE-2007-0393 (Sun Solaris 9 does not properly verify the status of file descriptors  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2007-0392
+CVE-2007-0392 (IBM AIX 5.3 does not properly verify the status of file descriptors be ...)
 	NOT-FOR-US: IBM AIX
-CVE-2007-0391
+CVE-2007-0391 (Format string vulnerability in the log creation functionality of BitDe ...)
 	NOT-FOR-US: BitDefender
-CVE-2007-0390
+CVE-2007-0390 (Cross-site scripting (XSS) vulnerability in index.php in sabros.us 1.7 ...)
 	NOT-FOR-US: sabros.us
-CVE-2007-0389
+CVE-2007-0389 (Directory traversal vulnerability in ArsDigita Community System (ACS)  ...)
 	NOT-FOR-US: ArsDigita Community System
-CVE-2007-0388
+CVE-2007-0388 (SQL injection vulnerability in search.php in Woltlab Burning Board (wB ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2007-0387
+CVE-2007-0387 (SQL injection vulnerability in models/category.php in the Weblinks com ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-0386
+CVE-2007-0386 (Unspecified vulnerability in the rating section in PostNuke 0.764 has  ...)
 	NOT-FOR-US: PostNuke
-CVE-2007-0385
+CVE-2007-0385 (The faq section in PostNuke 0.764 allows remote attackers to obtain se ...)
 	NOT-FOR-US: PostNuke
-CVE-2007-0384
+CVE-2007-0384 (Cross-site scripting (XSS) vulnerability in preview in the reviews sec ...)
 	NOT-FOR-US: PostNuke
 CVE-2007-0383
 	NOT-FOR-US: WDaemon
-CVE-2007-0382
+CVE-2007-0382 (Multiple SQL injection vulnerabilities in letterman.class.php in the L ...)
 	NOT-FOR-US: Letterman 1.2.3 (com_letterman) component for Joomla!
-CVE-2007-0381
+CVE-2007-0381 (Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote  ...)
 	NOT-FOR-US: ATutor
-CVE-2007-0380
+CVE-2007-0380 (DocMan 1.3 RC2 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: DocMan
-CVE-2007-0379
+CVE-2007-0379 (Cross-site scripting (XSS) vulnerability in DocMan 1.3 RC2 allows remo ...)
 	NOT-FOR-US: DocMan
-CVE-2007-0378
+CVE-2007-0378 (Multiple SQL injection vulnerabilities in DocMan 1.3 RC2 allow attacke ...)
 	NOT-FOR-US: DocMan
-CVE-2007-0377
+CVE-2007-0377 (Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote at ...)
 	NOT-FOR-US: Xoops
-CVE-2007-0376
+CVE-2007-0376 (Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows re ...)
 	NOT-FOR-US: Virtuemart
-CVE-2007-0375
+CVE-2007-0375 (Joomla! 1.5.0 Beta allows remote attackers to obtain sensitive informa ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-0374
+CVE-2007-0374 (SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and (2 ...)
 	- mambo 4.6.1-5 (bug #407995; low)
-CVE-2007-0373
+CVE-2007-0373 (Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow rem ...)
 	NOT-FOR-US: Joomla!
-CVE-2007-0372
+CVE-2007-0372 (Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-0371
+CVE-2007-0371 (A certain ActiveX control in the Common Controls Replacement Project ( ...)
 	NOT-FOR-US: Common Controls Replacement Project (CCRP)
-CVE-2007-0370
+CVE-2007-0370 (Unrestricted file upload vulnerability in index.php in phpBP RC3 (2.20 ...)
 	NOT-FOR-US: phpBP
-CVE-2007-0369
+CVE-2007-0369 (SQL injection vulnerability in phpBP RC3 (2.204) and earlier allows re ...)
 	NOT-FOR-US: phpBP
-CVE-2007-0368
+CVE-2007-0368 (Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local  ...)
 	NOT-FOR-US: mbse
-CVE-2007-0367
+CVE-2007-0367 (Rumpus 5.1 and earlier has weak permissions for certain files and dire ...)
 	NOT-FOR-US: Maxum Rumpus
-CVE-2007-0366
+CVE-2007-0366 (Untrusted search path vulnerability in Rumpus 5.1 and earlier allows l ...)
 	NOT-FOR-US: Maxum Rumpus
-CVE-2007-0365
+CVE-2007-0365 (Multiple cross-site scripting (XSS) vulnerabilities in All In One Cont ...)
 	NOT-FOR-US: All In One Control Panel
-CVE-2007-0364
+CVE-2007-0364 (Multiple cross-site scripting (XSS) vulnerabilities in nicecoder.com I ...)
 	NOT-FOR-US: nicecoder.com INDEXU
 CVE-2007-XXXX [libjabber DoS]
 	- centericq 4.21.0-18 (unimportant; bug #406982)
@@ -15193,362 +15193,362 @@ CVE-2007-XXXX [gstreamer-ffmpeg unspecified issue related to sps and pps ids]
 	- xmovie <not-affected> (this is not an issue in the avformat ffmpeg code copy)
 CVE-2007-XXXX [netpbm heap corruption]
 	- netpbm-free 2:10.0-11 (bug #407605)
-CVE-2007-0363
+CVE-2007-0363 (Cross-site scripting (XSS) vulnerability in admin-search.php in (1) Op ...)
 	NOT-FOR-US: Openads
-CVE-2007-0362
+CVE-2007-0362 (Cross-site scripting (XSS) vulnerability in the RSS feed component in  ...)
 	NOT-FOR-US: FreshReader
-CVE-2007-0361
+CVE-2007-0361 (PHP remote file inclusion vulnerability in mep/frame.php in PHPMyphoru ...)
 	NOT-FOR-US: PHPMyphorum
-CVE-2007-0360
+CVE-2007-0360 (PHP remote file inclusion vulnerability in lang/index.php in Oreon 1.2 ...)
 	NOT-FOR-US: Oreon
-CVE-2007-0359
+CVE-2007-0359 (PHP remote file inclusion vulnerability in frontpage.php in Uberghey C ...)
 	NOT-FOR-US: Travelsized CMS
-CVE-2007-0358
+CVE-2007-0358 (Unspecified vulnerability in the FTP server implementation in HP Jetdi ...)
 	NOT-FOR-US: HP Jetdirect
-CVE-2007-0357
+CVE-2007-0357 (Directory traversal vulnerability in the AVM IGD CTRL Service in Fritz ...)
 	NOT-FOR-US: AVM
-CVE-2007-0356
+CVE-2007-0356 (The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) Ac ...)
 	NOT-FOR-US: Common Controls Replacement Project (CCRP)
-CVE-2007-0355
+CVE-2007-0355 (Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in Ma ...)
 	NOT-FOR-US: Apple
-CVE-2007-0354
+CVE-2007-0354 (SQL injection vulnerability in email.php in MGB OpenSource Guestbook 0 ...)
 	NOT-FOR-US: MGB OpenSource Guestbook
-CVE-2007-0353
+CVE-2007-0353 (Cross-site scripting (XSS) vulnerability in (1) index.php and (2) logi ...)
 	NOT-FOR-US: myBloggie
-CVE-2007-0352
+CVE-2007-0352 (Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0351
+CVE-2007-0351 (Microsoft Windows XP and Windows Server 2003 do not properly handle us ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0350
+CVE-2007-0350 (Multiple SQL injection vulnerabilities in (a) index.php and (b) dl.php ...)
 	NOT-FOR-US: FileMailer
-CVE-2007-0349
+CVE-2007-0349 (Directory traversal vulnerability in upgrade.php in nicecoder.com INDE ...)
 	NOT-FOR-US: INDEXU
-CVE-2007-0348
+CVE-2007-0348 (Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in ...)
 	NOT-FOR-US: ActiveX control in InterActual Player
-CVE-2007-0347
+CVE-2007-0347 (The is_eow function in format.c in CVSTrac before 2.0.1 does not prope ...)
 	- cvstrac 2.0.1-1
 	[etch] - cvstrac <not-affected> (Vulnerable code not present)
 	[sarge] - cvstrac <not-affected> (Vulnerable code not present)
 	NOTE: the vulnerable code can't be found on other places in 1.1.5 and also similar things
 	NOTE: are done like using %q instead of %s for user supplied data
-CVE-2007-0346
+CVE-2007-0346 (SQL injection vulnerability in index.php in SmE FileMailer 1.21 allows ...)
 	NOT-FOR-US: FileMailer
-CVE-2007-0345
+CVE-2007-0345 (The (1) Activity Monitor.app/Contents/Resources/pmTool, (2) Keychain A ...)
 	NOT-FOR-US: Apple
-CVE-2007-0344
+CVE-2007-0344 (Multiple format string vulnerabilities in (1) _invitedToRoom: and (2)  ...)
 	- colloquy <removed>
-CVE-2007-0343
+CVE-2007-0343 (OpenBSD before 20070116 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: OpenBSD
-CVE-2007-0342
+CVE-2007-0342 (WebCore in Apple WebKit build 18794 allows remote attackers to cause a ...)
 	NOT-FOR-US: Apple WebKit
-CVE-2007-0341
+CVE-2007-0341 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earli ...)
 	- phpmyadmin 4:2.9.1.1-2 (medium)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2007-0340
+CVE-2007-0340 (SQL injection vulnerability in inc/header.inc.php in ThWboard 3.0b2.84 ...)
 	NOT-FOR-US: ThWboard
-CVE-2007-0339
+CVE-2007-0339 (SQL injection vulnerability in index.php (aka the login form) in Scrip ...)
 	NOT-FOR-US: FileMailer
-CVE-2007-0338
+CVE-2007-0338 (Heap-based buffer overflow in Dream FTP Server allows remote attackers ...)
 	NOT-FOR-US: BolinTech Dream FTP Server
-CVE-2007-0337
+CVE-2007-0337 (Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and ...)
 	NOT-FOR-US: KGB
-CVE-2007-0336
+CVE-2007-0336 (Undercover.app/Contents/Resources/uc in Rixstep Undercover allows loca ...)
 	NOT-FOR-US: Rixstep
-CVE-2007-0335
+CVE-2007-0335 (Multiple directory traversal vulnerabilities in Jax Petition Book 1.0. ...)
 	NOT-FOR-US: Jax Petition Book
-CVE-2007-0334
+CVE-2007-0334 (Unspecified vulnerability in the SIP module in InGate Firewall and SIP ...)
 	NOT-FOR-US: Outpost Firewall Pro
-CVE-2007-0333
+CVE-2007-0333 (Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access r ...)
 	NOT-FOR-US: Outpost Firewall Pro
-CVE-2007-0332
+CVE-2007-0332 ((1) admin/adminlien.php3 and (2) admin/modif.php3 in liens_dynamiques  ...)
 	NOT-FOR-US: liens_dynamiques
-CVE-2007-0331
+CVE-2007-0331 (Cross-site scripting (XSS) vulnerability in liens.php3 in liens_dynami ...)
 	NOT-FOR-US: liens_dynamiques
-CVE-2007-0330
+CVE-2007-0330 (Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch  ...)
 	NOT-FOR-US: Ipswitch WS_FTP
-CVE-2007-0329
+CVE-2007-0329 (download.php in Joonas Viljanen JV2 Folder Gallery allows remote attac ...)
 	NOT-FOR-US: Joonas Viljanen JV2 Folder Gallery
-CVE-2007-0328
+CVE-2007-0328 (The DWUpdateService ActiveX control in the agent (agent.exe) in Macrov ...)
 	NOT-FOR-US: Macrovision
 CVE-2007-0327
 	RESERVED
-CVE-2007-0326
+CVE-2007-0326 (Multiple stack-based buffer overflows in the PhotoChannel Networks PNI ...)
 	NOT-FOR-US: PNI Digital Media Photo Upload
-CVE-2007-0325
+CVE-2007-0325 (Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment ...)
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2007-0324
+CVE-2007-0324 (Multiple buffer overflows in the LizardTech DjVu Browser Plug-in befor ...)
 	NOT-FOR-US: LizardTech DjVu Browser Plug-in
-CVE-2007-0323
+CVE-2007-0323 (Buffer overflow in the SetLanguage function in Research In Motion (RIM ...)
 	NOT-FOR-US: Research In Motion (RIM) TeamOn Import Object ActiveX control
-CVE-2007-0322
+CVE-2007-0322 (Multiple stack-based buffer overflows in the Intuit QuickBooks Online  ...)
 	NOT-FOR-US: Intuit QuickBooks
-CVE-2007-0321
+CVE-2007-0321 (Buffer overflow in the Update Service Agent ActiveX Control in isusweb ...)
 	NOT-FOR-US: FLEXnet Connect
-CVE-2007-0320
+CVE-2007-0320 (Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) ...)
 	NOT-FOR-US: InstallFromTheWeb
-CVE-2007-0319
+CVE-2007-0319 (Multiple stack-based buffer overflows in the Motive ActiveEmailTest.Em ...)
 	NOT-FOR-US: Motive ActiveEmailTest
-CVE-2007-0318
+CVE-2007-0318 (The do_hfs_truncate function in Mac OS X 10.4.8 allows context-depende ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2007-0317
+CVE-2007-0317 (Format string vulnerability in the LogMessage function in FileZilla be ...)
 	- filezilla 3.0.0~beta2-3 (medium; bug #407683)
-CVE-2007-0316
+CVE-2007-0316 (Multiple SQL injection vulnerabilities in All In One Control Panel (AI ...)
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2007-0315
+CVE-2007-0315 (Multiple buffer overflows in FileZilla before 2.2.30a allow remote att ...)
 	- filezilla <not-affected> (fixed before the first Debian upload)
-CVE-2007-0314
+CVE-2007-0314 (Multiple PHP remote file inclusion vulnerabilities in Article System 1 ...)
 	NOT-FOR-US: Article System
-CVE-2007-0313
+CVE-2007-0313 (Unspecified vulnerability in GONICUS System Administration (GOsa) befo ...)
 	- gosa 2.5.8-1 (medium)
 	[etch] - gosa 2.5.6-2.1
-CVE-2007-0312
+CVE-2007-0312 (wcSimple Poll stores sensitive information under the web root with ins ...)
 	NOT-FOR-US: wcSimple
-CVE-2007-0311
+CVE-2007-0311 (Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier al ...)
 	NOT-FOR-US: Texas Imperial Software WFTPD Pro Server
-CVE-2007-0310
+CVE-2007-0310 (BMC Remedy Action Request System 5.01.02 Patch 1267 generates differen ...)
 	NOT-FOR-US: BMC Software
-CVE-2007-0309
+CVE-2007-0309 (SQL injection vulnerability in blocks/block-Old_Articles.php in Franci ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2007-0308
+CVE-2007-0308 (Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before  ...)
 	NOT-FOR-US: Poplar Gedcom Viewer
-CVE-2007-0307
+CVE-2007-0307 (PHP remote file inclusion vulnerability in include/common.php in Popla ...)
 	NOT-FOR-US: Poplar Gedcom Viewer
-CVE-2007-0306
+CVE-2007-0306 (SQL injection vulnerability in visu_user.asp in Digiappz DigiAffiliate ...)
 	NOT-FOR-US: Digiappz
-CVE-2007-0305
+CVE-2007-0305 (SQL injection vulnerability in etkinlikbak.asp in Okul Web Otomasyon S ...)
 	NOT-FOR-US: Okul Merkezi Portal
-CVE-2007-0304
+CVE-2007-0304 (SQL injection vulnerability in duyuru.asp in MiNT Haber Sistemi 2.7 al ...)
 	NOT-FOR-US: MiNT Haber Sistemi
-CVE-2007-0303
+CVE-2007-0303 (Multiple unspecified vulnerabilities in Zina 1.0rc1 and earlier have u ...)
 	NOT-FOR-US: Zina
-CVE-2007-0302
+CVE-2007-0302 (Multiple cross-site scripting (XSS) vulnerabilities in InstantASP 4.1. ...)
 	NOT-FOR-US: InstantASP
-CVE-2007-0301
+CVE-2007-0301 (PHP remote file inclusion vulnerability in _admin/admin_menu.php in Fd ...)
 	NOT-FOR-US: FdWeB
-CVE-2007-0300
+CVE-2007-0300 (PHP remote file inclusion vulnerability in i-accueil.php in TLM CMS 1. ...)
 	NOT-FOR-US: TLM CMS
-CVE-2007-0299
+CVE-2007-0299 (Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byt ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2007-0298
+CVE-2007-0298 (PHP remote file inclusion vulnerability in show.php in LunarPoll, when ...)
 	NOT-FOR-US: LunarPoll
-CVE-2007-0297
+CVE-2007-0297 (Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwar ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0296
+CVE-2007-0296 (Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwar ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0295
+CVE-2007-0295 (Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwar ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0294
+CVE-2007-0294 (Unspecified vulnerability in Oracle Enterprise Manager 10.2.0.1 has un ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0293
+CVE-2007-0293 (Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0292
+CVE-2007-0292 (Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0291
+CVE-2007-0291 (Unspecified vulnerability in Oracle E-Business Suite and Applications  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0290
+CVE-2007-0290 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and Ap ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0289
+CVE-2007-0289 (Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0288
+CVE-2007-0288 (Unspecified vulnerability in Oracle Application Server 10.1.4.0 has un ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0287
+CVE-2007-0287 (Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0286
+CVE-2007-0286 (Unspecified vulnerability in Oracle Application Server 10.1.2.0.2 and  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0285
+CVE-2007-0285 (Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0284
+CVE-2007-0284 (Multiple unspecified vulnerabilities in Oracle Application Server 9.0. ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0283
+CVE-2007-0283 (Unspecified vulnerability in Oracle Application Server 9.0.4.3 and Col ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0282
+CVE-2007-0282 (Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application S ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0281
+CVE-2007-0281 (Multiple unspecified vulnerabilities in Oracle HTTP Server 9.0.1.5, 9. ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0280
+CVE-2007-0280 (Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application S ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0279
+CVE-2007-0279 (Multiple unspecified vulnerabilities in Oracle HTTP Server 9.2.0.8 and ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0278
+CVE-2007-0278 (Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0277
+CVE-2007-0277 (Unspecified vulnerability in Oracle Database client-only 10.1.0.4 has  ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0276
+CVE-2007-0276 (Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4 and 9. ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0275
+CVE-2007-0275 (Cross-site scripting (XSS) vulnerability in Oracle Reports Web Cartrid ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0274
+CVE-2007-0274 (Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and 10 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0273
+CVE-2007-0273 (Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0. ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0272
+CVE-2007-0272 (Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, 9.0. ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0271
+CVE-2007-0271 (Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has u ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0270
+CVE-2007-0270 (Buffer overflow in SYS.DBMS_DRS in Oracle Database 9.2.0.7 and 10.1.0. ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0269
+CVE-2007-0269 (Unspecified vulnerability in Oracle Database 9.2.0.8, 10.1.0.5, and 10 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0268
+CVE-2007-0268 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0 ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0267
+CVE-2007-0267 (The ufs_lookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels ...)
 	NOT-FOR-US: UFS filesystem on MacOS/FreeBSD
-CVE-2007-0266
+CVE-2007-0266 (SQL injection vulnerability in boxx/ShowAppendix.asp in Ezboxx Portal  ...)
 	NOT-FOR-US: Ezboxx Portal
-CVE-2007-0265
+CVE-2007-0265 (Multiple cross-site scripting (XSS) vulnerabilities in Ezboxx Portal S ...)
 	NOT-FOR-US: Ezboxx Portal
-CVE-2007-0264
+CVE-2007-0264 (Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to ca ...)
 	NOT-FOR-US: Winzip
-CVE-2007-0263
+CVE-2007-0263 (Unspecified vulnerability in Total Commander before 6.5.6 allows user- ...)
 	NOT-FOR-US: Total Commander
-CVE-2007-0262
+CVE-2007-0262 (WordPress 2.0.6, and 2.1Alpha 3 (SVN:4662), does not properly verify t ...)
 	{DTSA-33-1}
 	- wordpress 2.0.8-1 (bug #407289)
-CVE-2007-0261
+CVE-2007-0261 (snews.php in sNews 1.5.30 and earlier does not properly exit when auth ...)
 	NOT-FOR-US: sNews
 CVE-2007-0260
 	NOT-FOR-US: Naig
-CVE-2007-0259
+CVE-2007-0259 (Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Ezboxx Portal
-CVE-2007-0258
+CVE-2007-0258 (Cross-site scripting (XSS) vulnerability in index.php in (1) Fastilo 2 ...)
 	NOT-FOR-US: Fastilo
 CVE-2007-0257
 	- kernel-patch-grsecurity2 2.1.10-1 (bug #407350)
 	NOTE: exploitable as per http://grsecurity.net/pipermail/grsecurity/2007-January/000830.html
-CVE-2007-0256
+CVE-2007-0256 (VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of servi ...)
 	- vlc 0.8.6.c-1 (unimportant; bug #407290)
-CVE-2007-0255
+CVE-2007-0255 (XINE 0.99.4 allows user-assisted remote attackers to cause a denial of ...)
 	NOTE: I've been looking into this, but I can't find a copy of the VLC code anywhere
 	NOTE: This appears to be a generic crash
-CVE-2007-0254
+CVE-2007-0254 (Format string vulnerability in the errors_create_window function in er ...)
 	- xine-ui 0.99.4+dfsg+cvs20061111-1 (low; bug #407369)
 	NOTE: If've verified the Etch version to contain the necessary format strings
 CVE-2007-0253
 	- kernel-patch-grsecurity2 2.1.10-1 (unimportant; bug #407350)
 	NOTE: See CVE-2007-0257
-CVE-2007-0252
+CVE-2007-0252 (Unspecified vulnerability in easy-content filemanager allows remote at ...)
 	NOT-FOR-US: easy-content
-CVE-2007-0251
+CVE-2007-0251 (Integer underflow in the DecodeGRE function in src/decode.c in Snort 2 ...)
 	- snort <not-affected> (DecodeGRE function not in unstable version)
 	NOTE: unstable contains version 2.3.3-11, and the last upstream is 2.6.1.2
 	NOTE: This is fixed in upstream CVS so it's very likely to never affect Debian.
-CVE-2007-0250
+CVE-2007-0250 (index.php in Nwom topsites 3.0 allows remote attackers to obtain poten ...)
 	NOT-FOR-US: NWOM Topsites 3.0
-CVE-2007-0249
+CVE-2007-0249 (Cross-site scripting (XSS) vulnerability in index.php in Nwom topsites ...)
 	NOT-FOR-US: NWOM Topsites 3.0
-CVE-2007-0247
+CVE-2007-0247 (squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers  ...)
 	- squid 2.6.5-4 (low)
 	[sarge] - squid <not-affected> (Vulnerable code not present)
-CVE-2007-0246
+CVE-2007-0246 (plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 befor ...)
 	{DSA-1297-1}
 	- gforge-plugin-scmcvs 4.5.14-6
-CVE-2007-0245
+CVE-2007-0245 (Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier a ...)
 	{DSA-1307-1}
 	- openoffice.org 2.2.1~rc1-1
 	[lenny] - openoffice.org 2.0.4.dfsg.2-7etch1
-CVE-2007-0244
+CVE-2007-0244 (pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3 ...)
 	{DSA-1288-2 DSA-1288-1}
 	- pptpd 1.3.4-1
-CVE-2007-0243
+CVE-2007-0243 (Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Upda ...)
 	- sun-java5 1.5.0-10-1
-CVE-2007-0242
+CVE-2007-0242 (The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does n ...)
 	{DSA-1292-1}
 	- qt4-x11 4.2.2-2
 	- qt-x11-free 3:3.3.7-4
 CVE-2007-0241
 	RESERVED
 	- linux-2.6 2.6.18.dfsg.1-12
-CVE-2007-0240
+CVE-2007-0240 (Cross-site scripting (XSS) vulnerability in Zope 2.10.2 and earlier al ...)
 	{DSA-1275-1}
 	- zope2.9 2.9.7-1
 	[etch] - zope2.9 2.9.6-4etch1
-CVE-2007-0239
+CVE-2007-0239 (OpenOffice.org (OOo) Office Suite allows user-assisted remote attacker ...)
 	{DSA-1270-1}
 	- openoffice.org 2.0.4.dfsg.2-6
 	[etch] - openoffice.org 2.0.4.dfsg.2-5etch1
-CVE-2007-0238
+CVE-2007-0238 (Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCa ...)
 	{DSA-1270-1}
 	- openoffice.org 2.0.4.dfsg.2-6
 	[etch] - openoffice.org 2.0.4.dfsg.2-5etch1
-CVE-2007-0237
+CVE-2007-0237 (The ndeb-binary feature in Lookup (lookup-el) allows local users to ov ...)
 	{DSA-1269-1}
 	- lookup-el 1.4-5 (low)
-CVE-2007-0236
+CVE-2007-0236 (Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X ...)
 	NOT-FOR-US: Mac OS X
-CVE-2007-0235
+CVE-2007-0235 (Stack-based buffer overflow in the glibtop_get_proc_map_s function in  ...)
 	{DSA-1255-1}
 	- libgtop2 2.14.4-3 (medium; bug #407020)
 	NOTE: libgtop does not contain the affected code.
 CVE-2007-0234
 	REJECTED
-CVE-2007-0233
+CVE-2007-0233 (wp-trackback.php in WordPress 2.0.6 and earlier does not properly unse ...)
 	- wordpress 2.1.0-1 (unimportant)
 	NOTE: This is argubly a php bug, CVE-2006-3017
-CVE-2007-0232
+CVE-2007-0232 (PHP remote file inclusion vulnerability in routines/fieldValidation.ph ...)
 	NOT-FOR-US: Jshop Server
-CVE-2007-0231
+CVE-2007-0231 (Cross-site scripting (XSS) vulnerability in Movable Type (MT) 3.33, wh ...)
 	NOT-FOR-US: Movable Type
-CVE-2007-0230
+CVE-2007-0230 (** DISPUTED ** PHP remote file inclusion vulnerability in install.php  ...)
 	NOT-FOR-US: CS-Cart
-CVE-2007-0229
+CVE-2007-0229 (Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and Fr ...)
 	NOT-FOR-US: MacOS X
-CVE-2007-0228
+CVE-2007-0228 (The DataCollector service in EIQ Networks Network Security Analyzer al ...)
 	NOT-FOR-US: EIQ Networks Network Security Analyzer
-CVE-2007-0227
+CVE-2007-0227 (slocate 3.1 does not properly manage database entries that specify nam ...)
 	- slocate 3.1-1.1 (bug #411937; low)
 	[sarge] - slocate <not-affected> (Performs correct access checks)
 	[etch] - slocate <no-dsa> (Minor issue)
 	NOTE: slocate will allow users to find files in directories with the
 	NOTE: executable bit set but without the readable bit set. This is
 	NOTE: an information leak.
-CVE-2007-0226
+CVE-2007-0226 (SQL injection vulnerability in wbsearch.aspx in uniForum 4 and earlier ...)
 	NOT-FOR-US: uniForum
-CVE-2007-0225
+CVE-2007-0225 (Cross-site scripting (XSS) vulnerability in shopcustadmin.asp in VP-AS ...)
 	NOT-FOR-US: Shopping Cart
-CVE-2007-0224
+CVE-2007-0224 (SQL injection vulnerability in shopgiftregsearch.asp in VP-ASP Shoppin ...)
 	NOT-FOR-US: Shopping Cart
-CVE-2007-0223
+CVE-2007-0223 (SQL injection vulnerability in shared/code/cp_functions_downloads.php  ...)
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2007-0222
+CVE-2007-0222 (Directory traversal vulnerability in the EmChartBean server side compo ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2007-0221
+CVE-2007-0221 (Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0220
+CVE-2007-0220 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) i ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0219
+CVE-2007-0219 (Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects fr ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0218
+CVE-2007-0218 (Microsoft Internet Explorer 5.01 and 6 allows remote attackers to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0217
+CVE-2007-0217 (The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 an ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0216
+CVE-2007-0216 (wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 20 ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2007-0215
+CVE-2007-0215 (Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 200 ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0214
+CVE-2007-0214 (The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0213
+CVE-2007-0213 (Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does no ...)
 	NOT-FOR-US: Microsoft
 CVE-2007-0212
 	REJECTED
-CVE-2007-0211
+CVE-2007-0211 (The hardware detection functionality in the Windows Shell in Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0210
+CVE-2007-0210 (The Window Image Acquisition (WIA) Service in Microsoft Windows XP SP2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0209
+CVE-2007-0209 (Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suit ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0208
+CVE-2007-0208 (Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suit ...)
 	NOT-FOR-US: Microsoft
 CVE-2007-0207
 	REJECTED
-CVE-2007-0206
+CVE-2007-0206 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: OpenView Network Node Manager
 CVE-2007-XXXX [udev wrong permissions on raid devices]
 	- udev 0.105-2 (bug #404927)
 	[sarge] - udev <not-affected> (Doesn't affect Sarge)
 CVE-2007-XXXX [yacas insecure rpath]
 	- yacas 1.0.57-3 (bug #399226; bug #399227; low)
-CVE-2007-0248
+CVE-2007-0248 (The aclMatchExternal function in Squid before 2.6.STABLE7 allows remot ...)
 	- squid 2.6.5-4 (low; bug #407202)
 	[sarge] - squid <not-affected> (Vulnerable code not present)
 	NOTE: reference - http://secunia.com/advisories/23767/
@@ -15557,104 +15557,104 @@ CVE-2007-XXXX [bcfg2 password disclosure]
 	[etch] - bcfg2 0.8.6.1-1.1etch1
 CVE-2007-XXXX [mysql 5.0 several DoS vulns]
 	- mysql-dfsg-5.0 5.0.32-1
-CVE-2007-0205
+CVE-2007-0205 (Directory traversal vulnerability in admin/skins.php for @lex Guestboo ...)
 	NOT-FOR-US: @alex
-CVE-2007-0204
+CVE-2007-0204 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...)
 	- phpmyadmin 4:2.9.1.1-2 (bug #406486; low)
 	[sarge] - phpmyadmin <not-affected> (vulnerable code not present)
-CVE-2007-0203
+CVE-2007-0203 (Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 ha ...)
 	- phpmyadmin 4:2.9.1.1-2 (bug #406486; low)
 	[sarge] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: duplicate of CVE-2006-6374?
-CVE-2007-0202
+CVE-2007-0202 (SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and e ...)
 	NOT-FOR-US: @lex
-CVE-2007-0201
+CVE-2007-0201 (Buffer overflow in the cmd_usr function in ftp-gw in TIS Internet Fire ...)
 	NOT-FOR-US: TIS
-CVE-2007-0200
+CVE-2007-0200 (PHP remote file inclusion vulnerability in template.php in Geoffrey Go ...)
 	NOT-FOR-US: Geoffrey Golliher Axiom Photo/News Gallery
-CVE-2007-0199
+CVE-2007-0199 (The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0198
+CVE-2007-0198 (The JTapi Gateway process in Cisco Unified Contact Center Enterprise,  ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0197
+CVE-2007-0197 (Finder 10.4.6 on Apple Mac OS X 10.4.8 allows user-assisted remote att ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2007-0196
+CVE-2007-0196 (SQL injection vulnerability in admin_check_user.asp in Motionborg Web  ...)
 	NOT-FOR-US: Motionborg Web Real Estate
-CVE-2007-0195
+CVE-2007-0195 (my.activation.php3 in F5 FirePass 5.4 through 5.5.1 and 6.0 displays d ...)
 	NOT-FOR-US: F5
-CVE-2007-0194
+CVE-2007-0194 (admin.php in MKPortal M1.1 RC1 allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: MKPortal
-CVE-2007-0193
+CVE-2007-0193 (FON La Fonera routers do not properly limit DNS service access by unau ...)
 	NOT-FOR-US: FON La Fonera
-CVE-2007-0192
+CVE-2007-0192 (Cross-site request forgery (CSRF) vulnerability in the save_main opera ...)
 	NOT-FOR-US: MKPortal
-CVE-2007-0191
+CVE-2007-0191 (Cross-site scripting (XSS) vulnerability in admin.php in MKPortal allo ...)
 	NOT-FOR-US: MKPortal
-CVE-2007-0190
+CVE-2007-0190 (PHP remote file inclusion vulnerability in edit_address.php in edit-x  ...)
 	NOT-FOR-US: edit-x ecommerce
 CVE-2007-0189
 	NOT-FOR-US: GeoBB
-CVE-2007-0188
+CVE-2007-0188 (F5 FirePass 5.4 through 5.5.1 does not properly enforce host access re ...)
 	NOT-FOR-US: F5
-CVE-2007-0187
+CVE-2007-0187 (F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to acces ...)
 	NOT-FOR-US: F5
-CVE-2007-0186
+CVE-2007-0186 (Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL ...)
 	NOT-FOR-US: F5
-CVE-2007-0185
+CVE-2007-0185 (Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to ca ...)
 	NOT-FOR-US: Getahead
-CVE-2007-0184
+CVE-2007-0184 (Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to ob ...)
 	NOT-FOR-US: Getahead
-CVE-2007-0183
+CVE-2007-0183 (Cross-site scripting (XSS) vulnerability in /search in iPlanet Web Ser ...)
 	NOT-FOR-US: iPlanet Web
-CVE-2007-0182
+CVE-2007-0182 (Multiple PHP remote file inclusion vulnerabilities in magic photo stor ...)
 	NOT-FOR-US: Magic photo storage website
-CVE-2007-0181
+CVE-2007-0181 (PHP remote file inclusion vulnerability in include/common_function.php ...)
 	NOT-FOR-US: Magic Photo Storage website
-CVE-2007-0180
+CVE-2007-0180 (Stack-based buffer overflow in EF Commander 5.75 allows user-assisted  ...)
 	NOT-FOR-US: EF Commander
-CVE-2007-0179
+CVE-2007-0179 (SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows r ...)
 	NOT-FOR-US: PHPKIT
-CVE-2007-0178
+CVE-2007-0178 (PHP remote file inclusion vulnerability in info.php in Easy Banner Pro ...)
 	NOT-FOR-US: Easy Banner Pro
-CVE-2007-0177
+CVE-2007-0177 (Cross-site scripting (XSS) vulnerability in the AJAX module in MediaWi ...)
 	- mediawiki 1.7.1-6 (bug #406238; medium)
 	NOTE: vendor advisory: http://sourceforge.net/forum/forum.php?forum_id=652721
-CVE-2007-0176
+CVE-2007-0176 (Cross-site scripting (XSS) vulnerability in search/advanced_search.php ...)
 	{DSA-1475-1}
 	- gforge 4.6.99+svn6347-1 (low; bug #406244)
 	[sarge] - gforge <not-affected> (Vulnerable code not present)
-CVE-2007-0175
+CVE-2007-0175 (Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolu ...)
 	{DSA-1568-1}
 	- b2evolution 0.9.2-4 (bug #410568; low)
-CVE-2007-0174
+CVE-2007-0174 (Multiple stack-based multiple buffer overflows in the BRWOSSRE2UC.dll  ...)
 	NOT-FOR-US: Sina UC2006
-CVE-2007-0173
+CVE-2007-0173 (Directory traversal vulnerability in index.php in L2J Statistik Script ...)
 	NOT-FOR-US: L2J Statistik Script
-CVE-2007-0172
+CVE-2007-0172 (Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.3. ...)
 	NOT-FOR-US: AllMyGuest
-CVE-2007-0171
+CVE-2007-0171 (PHP remote file inclusion vulnerability in index.php in AllMyLinks 0.5 ...)
 	NOT-FOR-US: AllMyLinks
-CVE-2007-0170
+CVE-2007-0170 (PHP remote file inclusion vulnerability in index.php in AllMyVisitors  ...)
 	NOT-FOR-US: AllmyVisitors
-CVE-2007-0169
+CVE-2007-0169 (Multiple buffer overflows in Computer Associates (CA) BrightStor ARCse ...)
 	NOT-FOR-US: Computer Associates (CA)
-CVE-2007-0168
+CVE-2007-0168 (The Tape Engine service in Computer Associates (CA) BrightStor ARCserv ...)
 	NOT-FOR-US: Computer Associates (CA)
-CVE-2007-0167
+CVE-2007-0167 (Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search ...)
 	NOT-FOR-US: PPC Search
-CVE-2007-0166
+CVE-2007-0166 (The jail rc.d script in FreeBSD 5.3 up to 6.2 does not verify pathname ...)
 	- kfreebsd-5 <not-affected>
-CVE-2007-0165
+CVE-2007-0165 (Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remo ...)
 	NOT-FOR-US: Solaris
-CVE-2007-0164
+CVE-2007-0164 (Camouflage 1.2.1 embeds password information in the carrier file, whic ...)
 	NOT-FOR-US: Camouflage
-CVE-2007-0163
+CVE-2007-0163 (SecureKit Steganography 1.7.1 and 1.8 embeds password information in t ...)
 	NOT-FOR-US: Steganography
-CVE-2007-0162
+CVE-2007-0162 (Unsanity Application Enhancer (APE) 2.0.2 installs with insecure permi ...)
 	NOT-FOR-US: Mac OS X
-CVE-2007-0161
+CVE-2007-0161 (The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as u ...)
 	NOT-FOR-US: HP all-in-one drivers
-CVE-2007-0160
+CVE-2007-0160 (Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.c ...)
 	- centericq 4.21.0-17 (low)
 	[sarge] - centericq <no-dsa> (Not exploitable with official LiveJournal server)
 	NOTE: The bug really exist but, is not exploitable because the LiveJournal server
@@ -15662,117 +15662,117 @@ CVE-2007-0160
 	NOTE: (50 characters). In my opnion is only exploitable if the user try connect in
 	NOTE: fake LiveJournal server. All version of Debian centericq packages have a
 	NOTE: compromised code.
-CVE-2007-0159
+CVE-2007-0159 (Directory traversal vulnerability in the GeoIP_update_database_general ...)
 	- geoip 1.3.17-1.1 (bug #406628; low)
 	[sarge] - geoip <no-dsa> (Minor issue)
 CVE-2007-0158
 	RESERVED
-CVE-2007-0157
+CVE-2007-0157 (Array index error in the uri_lookup function in the URI parser for neo ...)
 	- neon26 0.26.2-3.1 (medium; bug #404723)
 	NOTE: neon25 doesn't have the uri_lookup macro
-CVE-2007-0156
+CVE-2007-0156 (M-Core stores the database under the web document root, which allows r ...)
 	NOT-FOR-US: M-Core
-CVE-2007-0155
+CVE-2007-0155 (HarikaOnline 2.0 stores sensitive information under the web root with  ...)
 	NOT-FOR-US: HarikaOnline
-CVE-2007-0154
+CVE-2007-0154 (Webulas stores sensitive information under the web root with insuffici ...)
 	NOT-FOR-US: Webulas
-CVE-2007-0153
+CVE-2007-0153 (AJLogin 3.5 stores sensitive information under the web root with insuf ...)
 	NOT-FOR-US: AJLogin
-CVE-2007-0152
+CVE-2007-0152 (OhhASP stores sensitive information under the web root with insufficie ...)
 	NOT-FOR-US: OhhASP
-CVE-2007-0151
+CVE-2007-0151 (MitiSoft stores sensitive information under the web root with insuffic ...)
 	NOT-FOR-US: MitiSoft
-CVE-2007-0150
+CVE-2007-0150 (Multiple PHP remote file inclusion vulnerabilities in index.php in Day ...)
 	NOT-FOR-US: Dayfox
-CVE-2007-0149
+CVE-2007-0149 (EMembersPro 1.0 stores sensitive information under the web root with i ...)
 	NOT-FOR-US: EMembersPro
-CVE-2007-0148
+CVE-2007-0148 (Format string vulnerability in OmniGroup OmniWeb 5.5.1 allows remote a ...)
 	NOT-FOR-US: OminiGroup
-CVE-2007-0147
+CVE-2007-0147 (Cuyahoga before 1.0.1 installs the FCKEditor component with an incorre ...)
 	NOT-FOR-US: Cuyahoga
-CVE-2007-0146
+CVE-2007-0146 (Multiple cross-site scripting (XSS) vulnerabilities in Fix and Chips C ...)
 	NOT-FOR-US: Fix and Chips
-CVE-2007-0145
+CVE-2007-0145 (PHP remote file inclusion vulnerability in bn_smrep1.php in BinGoPHP N ...)
 	NOT-FOR-US: BinGoPHP
-CVE-2007-0144
+CVE-2007-0144 (Cross-site scripting (XSS) vulnerability in search.asp in Digitizing Q ...)
 	NOT-FOR-US: DIGITIZING QUOTE AND ORDERING SYSTEM
-CVE-2007-0143
+CVE-2007-0143 (Multiple PHP remote file inclusion vulnerabilities in NUNE News Script ...)
 	NOT-FOR-US: NUNE News
-CVE-2007-0142
+CVE-2007-0142 (SQL injection vulnerability in orange.asp in ShopStoreNow E-commerce S ...)
 	NOT-FOR-US: ShopStoreNow
-CVE-2007-0141
+CVE-2007-0141 (Cross-site scripting (XSS) vulnerability in yald.php in Yet Another Li ...)
 	NOT-FOR-US: YALD
-CVE-2007-0140
+CVE-2007-0140 (SQL injection vulnerability in down.asp in Kolayindir Download (Yenion ...)
 	NOT-FOR-US: Kolayindir
-CVE-2007-0139
+CVE-2007-0139 (Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/O ...)
 	NOT-FOR-US: DECnet-Plus
-CVE-2007-0138
+CVE-2007-0138 (formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO begin ...)
 	NOT-FOR-US: Formbankserver
-CVE-2007-0137
+CVE-2007-0137 (Cross-site scripting (XSS) vulnerability in SimpleBoxes/SerendipityNZ  ...)
 	NOT-FOR-US: Serene Bach
-CVE-2007-0136
+CVE-2007-0136 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal before 4 ...)
 	- drupal 4.7.5-1
 	NOTE: vendor advisory: http://drupal.org/node/104233 - DRUPAL-SA-2007-001
-CVE-2007-0135
+CVE-2007-0135 (PHP remote file inclusion vulnerability in inc/init.inc.php in Aratix  ...)
 	NOT-FOR-US: Aratix
-CVE-2007-0134
+CVE-2007-0134 (Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow  ...)
 	NOT-FOR-US: IG Shop
-CVE-2007-0133
+CVE-2007-0133 (Multiple SQL injection vulnerabilities in display_review.php in iGener ...)
 	NOT-FOR-US: IG Shop
-CVE-2007-0132
+CVE-2007-0132 (SQL injection vulnerability in compare_product.php in iGeneric iG Shop ...)
 	NOT-FOR-US: IG Shop
-CVE-2007-0131
+CVE-2007-0131 (JAMWiki before 0.5.0 does not properly check permissions during moves  ...)
 	NOT-FOR-US: JAMWiki
-CVE-2007-0130
+CVE-2007-0130 (SQL injection vulnerability in user.php in iGeneric iG Calendar 1.0 al ...)
 	NOT-FOR-US: iG Calendar
-CVE-2007-0129
+CVE-2007-0129 (SQL injection vulnerability in main.asp in LocazoList 2.01a beta5 and  ...)
 	NOT-FOR-US: LocazoList
-CVE-2007-0128
+CVE-2007-0128 (SQL injection vulnerability in info_book.asp in Digirez 3.4 and earlie ...)
 	NOT-FOR-US: Digirez
-CVE-2007-0127
+CVE-2007-0127 (The Javascript SVG support in Opera before 9.10 does not properly vali ...)
 	NOT-FOR-US: Opera
-CVE-2007-0126
+CVE-2007-0126 (Heap-based buffer overflow in Opera 9.02 allows remote attackers to ex ...)
 	NOT-FOR-US: Opera
-CVE-2007-0125
+CVE-2007-0125 (Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux b ...)
 	NOT-FOR-US: Kaspersky Labs
-CVE-2007-0124
+CVE-2007-0124 (Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7. ...)
 	- drupal 4.7.5-1 (low)
-CVE-2007-0123
+CVE-2007-0123 (Unrestricted file upload vulnerability in Uber Uploader 4.2 allows rem ...)
 	NOT-FOR-US: Uber Uploader
-CVE-2007-0122
+CVE-2007-0122 (Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4 ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-0121
+CVE-2007-0121 (Cross-site scripting (XSS) vulnerability in search.asp in RI Blog 1.3  ...)
 	NOT-FOR-US: RI Blog
-CVE-2007-0120
+CVE-2007-0120 (Acunetix Web Vulnerability Scanner (WVS) 4.0 Build 20060717 and earlie ...)
 	NOT-FOR-US: Acunetix Web Vulnerability Scanner
-CVE-2007-0119
+CVE-2007-0119 (Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 all ...)
 	NOT-FOR-US: EditTag
-CVE-2007-0118
+CVE-2007-0118 (Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow  ...)
 	NOT-FOR-US: EditTag
-CVE-2007-0117
+CVE-2007-0117 (DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 1 ...)
 	NOT-FOR-US: Mac OS
-CVE-2007-0116
+CVE-2007-0116 (Digger Solutions Intranet Open Source (IOS) stores sensitive informati ...)
 	NOT-FOR-US: Digger Solutions Intranet Open Source (IOS)
-CVE-2007-0115
+CVE-2007-0115 (Static code injection vulnerability in Coppermine Photo Gallery 1.4.10 ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2007-0114
+CVE-2007-0114 (Sun Java System Content Delivery Server 5.0 and 5.0 PU1 allows remote  ...)
 	NOT-FOR-US: Sun Java System Content Delivery Server
-CVE-2007-0113
+CVE-2007-0113 (Buffer overflow in Packeteer PacketShaper PacketWise 8.x allows remote ...)
 	NOT-FOR-US: PacketWise
-CVE-2007-0112
+CVE-2007-0112 (SQL injection vulnerability in cats.asp in createauction allows remote ...)
 	NOT-FOR-US: createauction
-CVE-2007-0111
+CVE-2007-0111 (Buffer overflow in Resco Photo Viewer for PocketPC 4.11 and 6.01, as u ...)
 	NOT-FOR-US: PocketPC
-CVE-2007-0110
+CVE-2007-0110 (Cross-site scripting (XSS) vulnerability in nidp/idff/sso in Novell Ac ...)
 	NOT-FOR-US: Novell Access Manager
-CVE-2007-0109
+CVE-2007-0109 (wp-login.php in WordPress 2.0.5 and earlier displays different error m ...)
 	- wordpress 2.0.6-1 (low)
 	NOTE: http://trac.wordpress.org/changeset/4665
-CVE-2007-0108
+CVE-2007-0108 (nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not ...)
 	NOT-FOR-US: Novell Client
-CVE-2007-0105
+CVE-2007-0105 (Stack-based buffer overflow in the CSAdmin service in Cisco Secure Acc ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0104
+CVE-2007-0104 (The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patc ...)
 	- kdegraphics 4:3.5.5-3 (unimportant)
 	- koffice <unfixed> (unimportant)
 	- poppler 0.4.5-5.1 (unimportant)
@@ -15784,215 +15784,215 @@ CVE-2007-0104
 	NOTE: of imagination. I suppose KDE Security only issued an update for it
 	NOTE: because the shared underlying code was part of the Month of Apple Bugs
 	NOTE: and they wanted to debunk claims of code injection.
-CVE-2007-0103
+CVE-2007-0103 (The Adobe PDF specification 1.3, as implemented by Adobe Acrobat befor ...)
 	NOT-FOR-US: Acrobat Reader
-CVE-2007-0102
+CVE-2007-0102 (The Adobe PDF specification 1.3, as implemented by Apple Mac OS X Prev ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0101
+CVE-2007-0101 (Cross-site request forgery (CSRF) vulnerability in SPINE allows remote ...)
 	NOT-FOR-US: SPINE
-CVE-2007-0100
+CVE-2007-0100 (The Perforce client does not restrict the set of files that it overwri ...)
 	NOT-FOR-US: Perforce
-CVE-2007-0099
+CVE-2007-0099 (Race condition in the msxml3 module in Microsoft XML Core Services 3.0 ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0098
+CVE-2007-0098 (Directory traversal vulnerability in language.php in VerliAdmin 0.3 an ...)
 	NOT-FOR-US: VerliAdmin
-CVE-2007-0097
+CVE-2007-0097 (Multiple stack-based buffer overflows in the (1) LoadTree and (2) Read ...)
 	NOT-FOR-US: ConeXware PowerArchive
-CVE-2007-0096
+CVE-2007-0096 (CarbonCommunities stores sensitive information under the web root with ...)
 	NOT-FOR-US: Carbon Communities
-CVE-2007-0095
+CVE-2007-0095 (phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive informa ...)
 	- phpmyadmin 4:2.9.1.1-1 (bug #399329; unimportant)
 	NOTE: Only path disclosure
-CVE-2007-0094
+CVE-2007-0094 (Sven Moderow GuestBook 0.3a stores sensitive information under the web ...)
 	NOT-FOR-US: Sven Moderow GuestBook
-CVE-2007-0093
+CVE-2007-0093 (SQL injection vulnerability in page.php in Simple Web Content Manageme ...)
 	NOT-FOR-US: Simple Web Content Management System
-CVE-2007-0092
+CVE-2007-0092 (SQL injection vulnerability in productdetail.asp in E-SMARTCART 1.0 al ...)
 	NOT-FOR-US: E-SMARTCART
-CVE-2007-0091
+CVE-2007-0091 (newsCMSlite stores sensitive information under the web root with insuf ...)
 	NOT-FOR-US: newsCMSlite
-CVE-2007-0090
+CVE-2007-0090 (WineGlass stores sensitive information under the web root with insuffi ...)
 	NOT-FOR-US: WineGlass
-CVE-2007-0089
+CVE-2007-0089 (jgbbs stores sensitive information under the web root with insufficien ...)
 	NOT-FOR-US: jgbbs
-CVE-2007-0088
+CVE-2007-0088 (Multiple directory traversal vulnerabilities in openmedia allow remote ...)
 	NOT-FOR-US: openmedia
 CVE-2007-0087
 	NOT-FOR-US: Microsoft IIS
 CVE-2007-0086
 	- apache <unfixed> (unimportant)
 	- apache2 <unfixed> (unimportant)
-CVE-2007-0085
+CVE-2007-0085 (Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics ...)
 	NOT-FOR-US: OpenBSD VGA wscons driver
 CVE-2007-0084
 	NOT-FOR-US: Windows NT
-CVE-2007-0083
+CVE-2007-0083 (Cross-site scripting (XSS) vulnerability in Nuked Klan 1.7 and earlier ...)
 	NOT-FOR-US: Nuked Klan
-CVE-2007-0082
+CVE-2007-0082 (users_adm/start1.php in IMGallery 2.5 and earlier does not properly ha ...)
 	NOT-FOR-US: IMGallery
-CVE-2007-0081
+CVE-2007-0081 (Sunbelt Kerio Personal Firewall (SKPF) 4.3.268 and 4.3.246, and possib ...)
 	NOT-FOR-US: Sunbelt Kerio Personal Firewall
 CVE-2007-0080
 	- freeradius <unfixed> (unimportant)
 	NOTE: Data triggering the buffer overflow can only be controlled by root
-CVE-2007-0079
+CVE-2007-0079 (rblog stores sensitive information under the web root with insufficien ...)
 	NOT-FOR-US: rblog
-CVE-2007-0078
+CVE-2007-0078 (BattleBlog stores sensitive information under the web root with insuff ...)
 	NOT-FOR-US: BattleBlog
-CVE-2007-0077
+CVE-2007-0077 (lblog stores sensitive information under the web root with insufficien ...)
 	NOT-FOR-US: lblog
-CVE-2007-0076
+CVE-2007-0076 (Openforum stores sensitive information under the web root with insuffi ...)
 	NOT-FOR-US: Openforum
-CVE-2007-0075
+CVE-2007-0075 (AspBB stores sensitive information under the web root with insufficien ...)
 	NOT-FOR-US: AspBB
-CVE-2007-0074
+CVE-2007-0074 (Heap-based buffer overflow in an unspecified procedure in Trend Micro  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2007-0073
+CVE-2007-0073 (Heap-based buffer overflow in an unspecified procedure in Trend Micro  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2007-0072
+CVE-2007-0072 (Heap-based buffer overflow in an unspecified procedure in Trend Micro  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2007-0071
+CVE-2007-0071 (Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0. ...)
 	- flashplugin-nonfree 1:1.4
 	NOTE: Fix came from Adobe via new Adobe Flash Player, debian package didn't change
 CVE-2007-0070
 	RESERVED
-CVE-2007-0069
+CVE-2007-0069 (Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-0068
+CVE-2007-0068 (IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature  ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2007-0067
+CVE-2007-0067 (Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x be ...)
 	NOT-FOR-US: Lotus Domino Server
-CVE-2007-0066
+CVE-2007-0066 (The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, whe ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-0065
+CVE-2007-0065 (Heap-based buffer overflow in Object Linking and Embedding (OLE) Autom ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-0064
+CVE-2007-0064 (Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5 ...)
 	NOT-FOR-US: Windows
-CVE-2007-0063
+CVE-2007-0063 (Integer underflow in the DHCP server in EMC VMware Workstation before  ...)
 	- vmware-package 0.16
-CVE-2007-0062
+CVE-2007-0062 (Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before  ...)
 	- vmware-package 0.16
-CVE-2007-0061
+CVE-2007-0061 (The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and ...)
 	- vmware-package 0.16
-CVE-2007-0060
+CVE-2007-0060 (Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in ...)
 	NOT-FOR-US: CA
-CVE-2007-0059
+CVE-2007-0059 (Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allow ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-0058
+CVE-2007-0058 (Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0057
+CVE-2007-0057 (Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3 ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0056
+CVE-2007-0056 (Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4. ...)
 	NOT-FOR-US: AShop Deluxe
-CVE-2007-0055
+CVE-2007-0055 (Directory traversal vulnerability in formbankcgi.exe/AbfrageForm in Fo ...)
 	NOT-FOR-US: Formbankserver
-CVE-2007-0054
+CVE-2007-0054 (Cross-site scripting (XSS) vulnerability in gbrowse.php in Belchior Fo ...)
 	NOT-FOR-US: Belchior Foundry vCard PRO
-CVE-2007-0053
+CVE-2007-0053 (SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer 2 ...)
 	NOT-FOR-US: ASP SiteWare autoDealer
-CVE-2007-0052
+CVE-2007-0052 (SQL injection vulnerability in haberdetay.asp in Vizayn Haber allows r ...)
 	NOT-FOR-US: Vizayn Haber
-CVE-2007-0051
+CVE-2007-0051 (Format string vulnerability in Apple iPhoto 6.0.5 (316), and other ver ...)
 	NOT-FOR-US: Apple iPhoto
-CVE-2007-0106
+CVE-2007-0106 (Cross-site scripting (XSS) vulnerability in the CSRF protection scheme ...)
 	- wordpress 2.0.6-1 (bug #405691; medium)
 	NOTE: http://www.hardened-php.net/advisory_022007.141.html
-CVE-2007-0107
+CVE-2007-0107 (WordPress before 2.0.6, when mbstring is enabled for PHP, decodes alte ...)
 	- wordpress 2.0.6-1 (bug #405691; medium)
 	NOTE: http://www.hardened-php.net/advisory_012007.140.html
 CVE-2007-0050
 	NOT-FOR-US: OpenPinboard
-CVE-2007-0049
+CVE-2007-0049 (Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to a ...)
 	NOT-FOR-US: TaskTracker
-CVE-2007-0048
+CVE-2007-0048 (Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin dist ...)
 	NOT-FOR-US: Adobe Acrobat Reader with Internet Explorer
-CVE-2007-0047
+CVE-2007-0047 (CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0 ...)
 	NOT-FOR-US: Adobe Acrobat Reader with Internet Explorer
-CVE-2007-0046
+CVE-2007-0046 (Double free vulnerability in the Adobe Acrobat Reader Plugin before 8. ...)
 	NOT-FOR-US: Adobe Acrobat Reader Plugin
-CVE-2007-0045
+CVE-2007-0045 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat R ...)
 	{DSA-1336-1}
 	NOT-FOR-US: Adobe Acrobat Reader Plugin
 	NOTE: a fix for this is also in iceweasle 2.0.0.2+dfsg-1 (MFSA-2007-02)
 	NOTE: and icape 1.0.8-1
-CVE-2007-0044
+CVE-2007-0044 (Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Exp ...)
 	NOT-FOR-US: Adobe Acrobat Reader Plugin
-CVE-2007-0043
+CVE-2007-0043 (The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1. ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2007-0042
+CVE-2007-0042 (Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1. ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2007-0041
+CVE-2007-0041 (The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 fo ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2007-0040
+CVE-2007-0040 (The LDAP service in Windows Active Directory in Microsoft Windows 2000 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-0039
+CVE-2007-0039 (The Exchange Collaboration Data Objects (EXCDO) functionality in Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0038
+CVE-2007-0038 (Stack-based buffer overflow in the animated cursor code in Microsoft W ...)
 	NOT-FOR-US: Microsoft
 CVE-2007-0037
 	REJECTED
 CVE-2007-0036
 	REJECTED
-CVE-2007-0035
+CVE-2007-0035 (Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2,  ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2007-0034
+CVE-2007-0034 (Buffer overflow in the Advanced Search (Finder.exe) feature of Microso ...)
 	NOT-FOR-US: Microsoft Outlook
-CVE-2007-0033
+CVE-2007-0033 (Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers  ...)
 	NOT-FOR-US: Microsoft Outlook
 CVE-2007-0032
 	REJECTED
-CVE-2007-0031
+CVE-2007-0031 (Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0030
+CVE-2007-0030 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X fo ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0029
+CVE-2007-0029 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X fo ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0028
+CVE-2007-0028 (Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, an ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0027
+CVE-2007-0027 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X fo ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2007-0026
+CVE-2007-0026 (The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0025
+CVE-2007-0025 (The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1  ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0024
+CVE-2007-0024 (Integer overflow in the Vector Markup Language (VML) implementation (v ...)
 	NOT-FOR-US: Microsoft IE
-CVE-2007-0023
+CVE-2007-0023 (The CFUserNotificationSendRequest function in UserNotificationCenter.a ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0022
+CVE-2007-0022 (Untrusted search path vulnerability in writeconfig in Apple Mac OS X 1 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0021
+CVE-2007-0021 (Format string vulnerability in Apple iChat 3.1.6 allows remote attacke ...)
 	NOT-FOR-US: Apple iChat
-CVE-2007-0020
+CVE-2007-0020 (Heap-based buffer overflow in the SFTP protocol handler for Panic Tran ...)
 	NOT-FOR-US: Panic Transmit
-CVE-2007-0019
+CVE-2007-0019 (Multiple heap-based buffer overflows in rumpusd in Rumpus 5.1 and earl ...)
 	NOT-FOR-US: Maxum Rumpus
-CVE-2007-0018
+CVE-2007-0018 (Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX con ...)
 	NOT-FOR-US: NCTAudioFile2 ActiveX control
-CVE-2007-0017
+CVE-2007-0017 (Multiple format string vulnerabilities in (1) the cdio_log_handler fun ...)
 	{DSA-1252-1}
 	- vlc 0.8.6-svn20061012.debian-1.2 (bug #405425; medium)
-CVE-2007-0016
+CVE-2007-0016 (Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers  ...)
 	NOT-FOR-US: MoviePlay
 CVE-2007-XXXX [webcam-server unspecified vulnerability]
 	- webcam-server 0.50-2
-CVE-2007-0015
+CVE-2007-0015 (Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to ex ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2007-0014
+CVE-2007-0014 (ChainKey Java Code Protection allows attackers to decompile Java class ...)
 	NOT-FOR-US: ChainKey Java Code Protection
 CVE-2007-0013
 	RESERVED
-CVE-2007-0012
+CVE-2007-0012 (Sun JRE 5.0 before update 14 allows remote attackers to cause a denial ...)
 	- sun-java5 <removed> (unimportant)
 	- sun-java6 <removed> (unimportant)
 	- openjdk-6 <removed> (unimportant)
 	NOTE: not a security issue, browser dos treated as regular bugs, also likely Windows-specific
-CVE-2007-0011
+CVE-2007-0011 (The web portal interface in Citrix Access Gateway (aka Citrix Advanced ...)
 	NOT-FOR-US: Citrix Access Gateway
-CVE-2007-0010
+CVE-2007-0010 (The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) be ...)
 	{DSA-1256-1}
 	- gtk+2.0 2.8.20-5
-CVE-2007-0009
+CVE-2007-0009 (Stack-based buffer overflow in the SSLv2 support in Mozilla Network Se ...)
 	{DSA-1336-1}
 	NOTE: MFSA-2007-06
 	- iceweasel 2.0.0.2+dfsg-1 (low)
@@ -16001,7 +16001,7 @@ CVE-2007-0009
 	- icedove 1.5.0.10.dfsg1-1
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0008
+CVE-2007-0008 (Integer underflow in the SSLv2 support in Mozilla Network Security Ser ...)
 	{DSA-1336-1}
 	NOTE: MFSA-2007-06
 	- iceweasel 2.0.0.2+dfsg-1 (low)
@@ -16010,24 +16010,24 @@ CVE-2007-0008
 	- icedove 1.5.0.10.dfsg1-1
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
 	[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)
-CVE-2007-0007
+CVE-2007-0007 (gnucash 2.0.4 and earlier allows local users to overwrite arbitrary fi ...)
 	- gnucash 2.0.5-1 (bug #411942; medium)
-CVE-2007-0006
+CVE-2007-0006 (The key serial number collision avoidance code in the key_alloc_serial ...)
 	- linux-2.6 2.6.18.dfsg.1-12
-CVE-2007-0005
+CVE-2007-0005 (Multiple buffer overflows in the (1) read and (2) write handlers in th ...)
 	{DSA-1286-1}
 	- linux-2.6 2.6.20-1
-CVE-2007-0004
+CVE-2007-0004 (The NFS client implementation in the kernel in Red Hat Enterprise Linu ...)
 	NOTE: if security relevant at all, it's 2.4.* only
 	- linux-2.6 <not-affected> (2.4 only)
-CVE-2007-0003
+CVE-2007-0003 (pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers t ...)
 	- pam <not-affected> (Only pam 0.99.7 affected)
-CVE-2007-0002
+CVE-2007-0002 (Multiple heap-based buffer overflows in WordPerfect Document importer/ ...)
 	{DSA-1270-1 DSA-1268-1}
 	- libwpd 0.8.9-1
 	NOTE: openoffice.org changelog indicates libwpd is included but not used
 	- openoffice.org 2.0.4.dfsg.2-6
 	[etch] - openoffice.org 2.0.4.dfsg.2-5etch1
 	[etch] - libwpd 0.8.7-6
-CVE-2007-0001
+CVE-2007-0001 (The file watch implementation in the audit subsystem (auditctl -w) in  ...)
 	- linux-2.6 <not-affected> (Red Hat specific vulnerability)
diff --git a/data/CVE/2008.list b/data/CVE/2008.list
index 8d44cf79bf..06824e3b56 100644
--- a/data/CVE/2008.list
+++ b/data/CVE/2008.list
@@ -1,10 +1,10 @@
-CVE-2008-7320
+CVE-2008-7320 (** DISPUTED ** GNOME Seahorse through 3.30 allows physically proximate ...)
 	- seahorse <unfixed> (unimportant)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/189774
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/189774/comments/13
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=551036
 	NOTE: Explicitly a design decision by upstream and not considered a security issue
-CVE-2008-7319
+CVE-2008-7319 (The Net::Ping::External extension through 0.15 for Perl does not prope ...)
 	- libnet-ping-external-perl <removed> (bug #881097)
 	[wheezy] - libnet-ping-external-perl <ignored> (Package may be removed from Wheezy, see #881102)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=33230
@@ -13,11 +13,11 @@ CVE-2008-7318
 	RESERVED
 CVE-2008-7317
 	RESERVED
-CVE-2008-7316
+CVE-2008-7316 (mm/filemap.c in the Linux kernel before 2.6.25 allows local users to c ...)
 	- linux <not-affected> (Issue fixed before the src:linux-2.6 rename)
 	- linux-2.6 2.6.25-1
 	NOTE: https://git.kernel.org/linus/124d3b7041f9a0ca7c43a6293e1cae4576c32fd5 (v2.6.25-rc1)
-CVE-2008-7315
+CVE-2008-7315 (UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrar ...)
 	- libui-dialog-perl 1.21-0.1 (bug #496448)
 	[jessie] - libui-dialog-perl <no-dsa> (Minor issue)
 	[wheezy] - libui-dialog-perl <no-dsa> (Minor issue)
@@ -26,18 +26,18 @@ CVE-2008-7315
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/08/2
 CVE-2008-7314
 	RESERVED
-CVE-2008-7313
+CVE-2008-7313 (The _httpsrequest function in Snoopy allows remote attackers to execut ...)
 	{DSA-3248-1 DLA-357-1}
 	- libphp-snoopy 2.0.0-1 (bug #778634)
 	NOTE: additional commit missing, so fix for CVE-2008-4796 was incomplete
 	NOTE: http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.27
-CVE-2008-7312
+CVE-2008-7312 (The Filtering Service in Websense Enterprise 5.2 through 6.3 does not  ...)
 	NOT-FOR-US: Websense
-CVE-2008-7311
+CVE-2008-7311 (The session cookie store implementation in Spree 0.2.0 uses a hardcode ...)
 	NOT-FOR-US: Spree
-CVE-2008-7310
+CVE-2008-7310 (Spree 0.2.0 does not properly restrict the use of a hash to provide va ...)
 	NOT-FOR-US: Spree
-CVE-2008-7309
+CVE-2008-7309 (Insoshi before 20080920 does not properly restrict the use of a hash t ...)
 	NOT-FOR-US: Insoshi
 CVE-2008-7308
 	RESERVED
@@ -49,92 +49,92 @@ CVE-2008-7305
 	RESERVED
 CVE-2008-7304
 	RESERVED
-CVE-2008-7303
+CVE-2008-7303 (The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-7302
+CVE-2008-7302 (SQL injection vulnerability in netinvoice.php in the nBill (com_netinv ...)
 	NOT-FOR-US: Joomla extension
-CVE-2008-7301
+CVE-2008-7301 (SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows  ...)
 	NOT-FOR-US: jSite
-CVE-2008-7300
+CVE-2008-7300 (The labeled networking implementation in Solaris Trusted Extensions in ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2008-7299
+CVE-2008-7299 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2 uses ...)
 	NOT-FOR-US: Tivoli
-CVE-2008-7298
+CVE-2008-7298 (The Android browser in Android cannot properly restrict modifications  ...)
 	NOT-FOR-US: Android browser
-CVE-2008-7297
+CVE-2008-7297 (Opera cannot properly restrict modifications to cookies established in ...)
 	NOT-FOR-US: Opera
-CVE-2008-7296
+CVE-2008-7296 (Apple Safari cannot properly restrict modifications to cookies establi ...)
 	NOT-FOR-US: Safari, see CVE-2008-7294 for potential webkit ramifications
-CVE-2008-7295
+CVE-2008-7295 (Microsoft Internet Explorer cannot properly restrict modifications to  ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2008-7294
+CVE-2008-7294 (Google Chrome before 4.0.211.0 cannot properly restrict modifications  ...)
 	- chromium-browser 4.0.211.0
 	- webkit <not-affected>
-CVE-2008-7293
+CVE-2008-7293 (Mozilla Firefox before 4 cannot properly restrict modifications to coo ...)
 	- iceweasel 4.0-1 (unimportant)
 	NOTE: This is about the lack of HTTP Strict Transport Security, which is ultimately
 	NOTE: a security feature enhancement
-CVE-2008-7292
+CVE-2008-7292 (Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before  ...)
 	- bugzilla 3.0.4-1
-CVE-2008-7290
+CVE-2008-7290 (Memory leak in the ldap_explode_rdn API function in IBM Tivoli Directo ...)
 	NOT-FOR-US: Tivoli
-CVE-2008-7289
+CVE-2008-7289 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 d ...)
 	NOT-FOR-US: Tivoli
-CVE-2008-7288
+CVE-2008-7288 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 o ...)
 	NOT-FOR-US: Tivoli
-CVE-2008-7287
+CVE-2008-7287 (Multiple memory leaks in the (1) ldap_init and (2) ldap_url_search_dir ...)
 	NOT-FOR-US: Tivoli
-CVE-2008-7286
+CVE-2008-7286 (IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-7285
+CVE-2008-7285 (Unspecified vulnerability in the docnote string handling implementatio ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-7284
+CVE-2008-7284 (IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows  ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-7283
+CVE-2008-7283 (Open Ticket Request System (OTRS) before 2.2.6, when customer group su ...)
 	- otrs2 2.2.6-1
-CVE-2008-7282
+CVE-2008-7282 (Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open T ...)
 	- otrs2 2.2.6-1
-CVE-2008-7281
+CVE-2008-7281 (Open Ticket Request System (OTRS) before 2.2.7 sends e-mail containing ...)
 	- otrs2 2.2.7-1
-CVE-2008-7280
+CVE-2008-7280 (Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket Reque ...)
 	- otrs2 2.2.7-1
-CVE-2008-7279
+CVE-2008-7279 (The CustomerInterface component in Open Ticket Request System (OTRS) b ...)
 	- otrs2 2.3.2-1
-CVE-2008-7278
+CVE-2008-7278 (The S/MIME feature in Open Ticket Request System (OTRS) before 2.2.5,  ...)
 	- otrs2 2.3.2-1 (low)
-CVE-2008-7277
+CVE-2008-7277 (Open Ticket Request System (OTRS) before 2.3.0-beta4 checks for the rw ...)
 	- otrs2 2.3.2-1 (low)
-CVE-2008-7276
+CVE-2008-7276 (Kernel/System/Web/Request.pm in Open Ticket Request System (OTRS) befo ...)
 	- otrs2 2.3.2-1 (low)
-CVE-2008-7275
+CVE-2008-7275 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Req ...)
 	- otrs2 2.3.3-1
-CVE-2008-7274
+CVE-2008-7274 (IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login fu ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-7271
+CVE-2008-7271 (Multiple cross-site scripting (XSS) vulnerabilities in the Help Conten ...)
 	- eclipse <not-affected> (Fixed before the version now in Squeeze)
-CVE-2008-7270
+CVE-2008-7270 (OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ...)
 	- openssl 0.9.8k-1
 	[lenny] - openssl 0.9.8g-15+lenny11
 	NOTE: lenny was fixed as a side effect of the fix of CVE-2010-4180
 	NOTE: which disabled the bug compatibility code
-CVE-2008-7269
+CVE-2008-7269 (Open redirect vulnerability in api.php in SiteEngine 5.x allows user-a ...)
 	NOT-FOR-US: SiteEngine
-CVE-2008-7268
+CVE-2008-7268 (The phpinfo function in SiteEngine 5.x allows remote attackers to obta ...)
 	NOT-FOR-US: SiteEngine
-CVE-2008-7267
+CVE-2008-7267 (SQL injection vulnerability in announcements.php in SiteEngine 5.x all ...)
 	NOT-FOR-US: SiteEngine
-CVE-2008-7266
+CVE-2008-7266 (Cross-site scripting (XSS) vulnerability in an unspecified Shockwave F ...)
 	NOT-FOR-US: RSA Adaptive Authentication
-CVE-2008-7265
+CVE-2008-7265 (The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote aut ...)
 	{DSA-2191-1}
 	- proftpd-dfsg 1.3.2-1 (low)
-CVE-2008-7264
+CVE-2008-7264 (The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows ...)
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2008-7263
+CVE-2008-7263 (ftpserver.py in pyftpdlib before 0.5.0 does not delay its response aft ...)
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2008-7262
+CVE-2008-7262 (Multiple directory traversal vulnerabilities in FTPServer.py in pyftpd ...)
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2008-7261
+CVE-2008-7261 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine  ...)
 	NOT-FOR-US: IBM FileNet P8 Application Engine
 CVE-2008-XXXX [greylistd bypass]
 	- greylistd 0.8.7+nmu2 (low; bug #464084)
@@ -145,93 +145,93 @@ CVE-2008-7259
 	RESERVED
 CVE-2008-7258
 	- ssmtp <unfixed> (unimportant; bug #591515)
-CVE-2008-7257
+CVE-2008-7257 (CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2008-7256
+CVE-2008-7256 (mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcomm ...)
 	- linux-2.6 2.6.28-1 (low)
 	[lenny] - linux-2.6 2.6.26-23
-CVE-2008-7255
+CVE-2008-7255 (login_screen.tcl in aMSN (aka Alvaro's Messenger) before 0.97.1 saves  ...)
 	- amsn 0.97.1~debian-1 (low)
-CVE-2008-7254
+CVE-2008-7254 (Directory traversal vulnerability in includes/template-loader.php in I ...)
 	NOT-FOR-US: Pepsi CMS
-CVE-2008-7253
+CVE-2008-7253 (The default configuration of the web server in IBM Lotus Domino Server ...)
 	NOT-FOR-US: IBM Lotus Domino Server
-CVE-2008-7252
+CVE-2008-7252 (libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses pred ...)
 	{DSA-2034-1}
 	- phpmyadmin 4:3.0.0-1
 	NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528
-CVE-2008-7251
+CVE-2008-7251 (libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a ...)
 	{DSA-2034-1}
 	- phpmyadmin 4:3.0.0-1
 	NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536
-CVE-2008-7250
+CVE-2008-7250 (Cross-site scripting (XSS) vulnerability in Squid Analysis Report Gene ...)
 	- sarg 2.2.5-1 (low)
-CVE-2008-7249
+CVE-2008-7249 (Buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1, and ...)
 	- sarg 2.2.4-1 (medium)
-CVE-2008-7247
+CVE-2008-7247 (sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41,  ...)
 	- mysql-5.1 5.1.49-3 (low; bug #569484)
 	- mysql-dfsg-5.0 <not-affected> (Vulnerable code not present)
-CVE-2008-7248
+CVE-2008-7248 (Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify  ...)
 	- rails 2.2.3-1 (medium; bug #558685)
 	[lenny] - rails <not-affected> (Vulnerable code not present)
 	NOTE: http://weblog.rubyonrails.org/2008/11/18/potential-circumvention-of-csrf-protection-in-rails-2-1
-CVE-2008-7246
+CVE-2008-7246 (Google Chrome 0.2.149.29 and earlier allows remote attackers to cause  ...)
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: browser denial of services aren't considered security-relevant
-CVE-2008-7245
+CVE-2008-7245 (Opera 9.52 and earlier allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Opera
-CVE-2008-7244
+CVE-2008-7244 (Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a d ...)
 	- xulrunner <unfixed> (unimportant)
 	NOTE: browser denial-of-services are unimportant
-CVE-2008-7243
+CVE-2008-7243 (Cross-site request forgery (CSRF) vulnerability in page 34 in MODx CMS ...)
 	NOT-FOR-US: MODx CMS
-CVE-2008-7242
+CVE-2008-7242 (Multiple cross-site scripting (XSS) vulnerabilities in MODx CMS 0.9.6. ...)
 	NOT-FOR-US: MODx CMS
-CVE-2008-7241
+CVE-2008-7241 (Cross-site request forgery (CSRF) vulnerability in PunBB before 1.2.17 ...)
 	NOT-FOR-US: PunBB
-CVE-2008-7240
+CVE-2008-7240 (Directory traversal vulnerability in include/unverified.inc.php in Lin ...)
 	NOT-FOR-US: Linux Web Shop (LWS) php User Base
-CVE-2008-7228
+CVE-2008-7228 (Multiple format string vulnerabilities in White_Dune before 0.29beta85 ...)
 	- whitedune <not-affected> (bug #546903)
 	NOTE: The debian binary versions are not compiled with the --with-aflockdebug option
-CVE-2008-7224
+CVE-2008-7224 (Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows remo ...)
 	{DSA-1902-1}
 	- elinks 0.11.3-1 (low; bug #380347)
-CVE-2008-7239
+CVE-2008-7239 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.1 ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2008-7238
+CVE-2008-7238 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2008-7237
+CVE-2008-7237 (Unspecified vulnerability in the Oracle Internet Directory component i ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-7236
+CVE-2008-7236 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-7235
+CVE-2008-7235 (Unspecified vulnerability in the Oracle Forms component in Oracle Appl ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-7234
+CVE-2008-7234 (Unspecified vulnerability in the Oracle BPEL Worklist Application comp ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-7233
+CVE-2008-7233 (Unspecified vulnerability in the E-Business Application client, as use ...)
 	NOT-FOR-US: E-Business Application client
-CVE-2008-7232
+CVE-2008-7232 (Buffer overflow in the report function in xtacacsd 4.1.2 and earlier a ...)
 	NOT-FOR-US: xtacacsd
-CVE-2008-7231
+CVE-2008-7231 (Cross-site scripting (XSS) vulnerability in Meridio Document and Recor ...)
 	NOT-FOR-US: Meridio Document and Records Management
-CVE-2008-7230
+CVE-2008-7230 (Unspecified vulnerability in Small Footprint CIM Broker (SFCB) before  ...)
 	NOT-FOR-US: Small Footprint CIM Broker
-CVE-2008-7229
+CVE-2008-7229 (GreenSQL Firewall (greensql-fw) before 0.9.2 allows remote attackers t ...)
 	NOT-FOR-US: GreenSQL Firewall
-CVE-2008-7227
+CVE-2008-7227 (PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 a ...)
 	NOT-FOR-US: GeoServer
-CVE-2008-7226
+CVE-2008-7226 (SQL injection vulnerability in index.php in the Recipes module 1.3, 1. ...)
 	NOT-FOR-US: Recipes module for PHP-Nuke
-CVE-2008-7225
+CVE-2008-7225 (Heap-based buffer overflow in Foxit Remote Access Server (aka WAC Serv ...)
 	NOT-FOR-US: Foxit Remote Access Server
-CVE-2008-7223
+CVE-2008-7223 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1 ...)
 	NOT-FOR-US: LinPHA
-CVE-2008-7222
+CVE-2008-7222 (Cross-site scripting (XSS) vulnerability in system/admin.php in RunCMS ...)
 	NOT-FOR-US: RunCMS
-CVE-2008-7221
+CVE-2008-7221 (Cross-site request forgery (CSRF) vulnerability in RunCMS 1.6.1 allows ...)
 	NOT-FOR-US: RunCMS
-CVE-2008-7220
+CVE-2008-7220 (Unspecified vulnerability in Prototype JavaScript framework (prototype ...)
 	{DSA-1952-1}
 	- prototypejs 1.6.0.2-1
 	- asterisk 1:1.6.2.0~rc3-1 (low; bug #555220)
@@ -301,2393 +301,2393 @@ CVE-2008-7220
 	- jifty <not-affected> (fixed since initial inclusion)
 	- jquery <not-affected> (fixed since initial inclusion)
 	- passenger <not-affected> (fixed since initial inclusion)
-CVE-2008-7219
+CVE-2008-7219 (Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 ...)
 	- kronolith2 2.1.7-1
 	- nag2 2.1.4-1
 	- mnemo2 2.1.2-1
-CVE-2008-7218
+CVE-2008-7218 (Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 a ...)
 	{DSA-1897-1}
 	- horde3 3.1.6-1
 	- turba2 2.1.7-1
 	- kronolith2 2.1.7-1
 	- nag2 2.1.4-1
 	- mnemo2 2.1.2-1
-CVE-2008-7217
+CVE-2008-7217 (Microsoft Office 2008 for Mac, when running on Macintosh systems that  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2008-7216
+CVE-2008-7216 (Peter's Math Anti-Spam Spinoff plugin for WordPress generates audio CA ...)
 	NOT-FOR-US: Math Anti-Spam Spinoff plugin for WordPress
-CVE-2008-7215
+CVE-2008-7215 (The Image Manager in MOStlyCE before 2.4, as used in Mambo 4.6.3 and e ...)
 	NOT-FOR-US: MOStlyCE
-CVE-2008-7214
+CVE-2008-7214 (Cross-site request forgery (CSRF) vulnerability in administrator/index ...)
 	NOT-FOR-US: MOStlyCE
-CVE-2008-7213
+CVE-2008-7213 (Cross-site scripting (XSS) vulnerability in mambots/editors/mostlyce/j ...)
 	NOT-FOR-US: MOStlyCE
-CVE-2008-7212
+CVE-2008-7212 (MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote ...)
 	NOT-FOR-US: MOStlyCE
-CVE-2008-7211
+CVE-2008-7211 (CreativeLabs es1371mp.sys 5.1.3612.0 WDM audio driver, as used in Enso ...)
 	NOT-FOR-US: CreativeLabs WDM audio driver
-CVE-2008-7210
+CVE-2008-7210 (directory.php in AJchat 0.10 allows remote attackers to bypass input v ...)
 	NOT-FOR-US: AJchat
-CVE-2008-7209
+CVE-2008-7209 (Unrestricted file upload vulnerability in the add2 action in a_upload. ...)
 	NOT-FOR-US: OneCMS
-CVE-2008-7208
+CVE-2008-7208 (Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly ear ...)
 	NOT-FOR-US: OneCMS
-CVE-2008-7207
+CVE-2008-7207 (RivetTracker before 1.0 stores passwords in cleartext in config.php, w ...)
 	NOT-FOR-US: RivetTracker
-CVE-2008-7206
+CVE-2008-7206 (Unspecified vulnerability in Electronic Logbook (ELOG) before 2.7.2 ha ...)
 	NOT-FOR-US: Electronic Logbook
-CVE-2008-7205
+CVE-2008-7205 (Unspecified vulnerability in the product view functionality in VirtueM ...)
 	NOT-FOR-US: VirtueMart
-CVE-2008-7204
+CVE-2008-7204 (Cross-site request forgery (CSRF) vulnerability in VirtueMart 1.0.13a  ...)
 	NOT-FOR-US: VirtueMart
-CVE-2008-7203
+CVE-2008-7203 (Valve Software Half-Life Counter-Strike 1.6 allows remote attackers to ...)
 	NOT-FOR-US: Valve Software Half-Life Counter-Strike
-CVE-2008-7202
+CVE-2008-7202 (Multiple cross-site scripting (XSS) vulnerabilities in OpenWebMail bef ...)
 	NOT-FOR-US: OpenWebMail
-CVE-2008-7201
+CVE-2008-7201 (Lantronix MSS485-T allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Lantronix MSS485-T
-CVE-2008-7200
+CVE-2008-7200 (Double free vulnerability in Deliantra server engine before 2.4 has un ...)
 	NOT-FOR-US: Deliantra server engine
-CVE-2008-7199
+CVE-2008-7199 (Phoenix Contact FL IL 24 BK-PAC allows remote attackers to cause a den ...)
 	NOT-FOR-US: Phoenix Contact FL IL 24 BK-PAC
-CVE-2008-7198
+CVE-2008-7198 (Multiple unspecified vulnerabilities in phpns before 2.1.1beta1 have u ...)
 	NOT-FOR-US: phpns
-CVE-2008-7197
+CVE-2008-7197 (Multiple unspecified vulnerabilities in G15Daemon before 1.9.4 have un ...)
 	NOT-FOR-US: G15Daemon
-CVE-2008-7196
+CVE-2008-7196 (Unspecified vulnerability in metashell before 0.03 has unknown impact  ...)
 	NOT-FOR-US: metashell
-CVE-2008-7195
+CVE-2008-7195 (Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used i ...)
 	NOT-FOR-US: Fujitsu Interstage HTTP Server
-CVE-2008-7194
+CVE-2008-7194 (Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used i ...)
 	NOT-FOR-US: Fujitsu Interstage HTTP Server
-CVE-2008-7193
+CVE-2008-7193 (PHPKIT 1.6.4 PL1 includes the session ID in the URL, which allows remo ...)
 	NOT-FOR-US: PHPKIT
-CVE-2008-7192
+CVE-2008-7192 (Cross-site request forgery (CSRF) vulnerability in index.php in WoltLa ...)
 	NOT-FOR-US: WoltLab Burning Board
-CVE-2008-7191
+CVE-2008-7191 (Unspecified vulnerability in Polipo before 1.0.4 allows remote attacke ...)
 	- polipo 1.0.4-1 (low)
-CVE-2008-7190
+CVE-2008-7190 (Unspecified vulnerability in Adium before 1.2 has unknown impact and a ...)
 	NOT-FOR-US: Adium
-CVE-2008-7189
+CVE-2008-7189 (Multiple unspecified vulnerabilities in Local Media Browser before 0.1 ...)
 	NOT-FOR-US: Local Media Browser
-CVE-2008-7188
+CVE-2008-7188 (ClipShare 2.6 does not properly restrict access to certain functionali ...)
 	NOT-FOR-US: ClipShare
-CVE-2008-7187
+CVE-2008-7187 (Coppermine Photo Gallery (CPG) 1.4.14 allows remote attackers to obtai ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-7186
+CVE-2008-7186 (Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to upda ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-7185
+CVE-2008-7185 (GNOME Rhythmbox 0.11.5 allows remote attackers to cause a denial of se ...)
 	- rhythmbox <unfixed> (unimportant)
 	NOTE: No practical security impact
-CVE-2008-7184
+CVE-2008-7184 (Cross-site scripting (XSS) vulnerability in Diigo Toolbar and Diigolet ...)
 	NOT-FOR-US: Diigo Toolbar and Diigolet
-CVE-2008-7183
+CVE-2008-7183 (PHP remote file inclusion vulnerability in eva/index.php in EVA CMS 2. ...)
 	NOT-FOR-US: EVA CMS
-CVE-2008-7182
+CVE-2008-7182 (Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and poss ...)
 	NOT-FOR-US: Surgemail
-CVE-2008-7181
+CVE-2008-7181 (Butterfly Organizer 2.0.0 allows remote attackers to (1) delete arbitr ...)
 	NOT-FOR-US: Butterfly Organizer
-CVE-2008-7180
+CVE-2008-7180 (del_query1.php in Telephone Directory 2008 allows remote attackers to  ...)
 	NOT-FOR-US: Telephone Directory
-CVE-2008-7179
+CVE-2008-7179 (OTManager CMS 2.4 allows remote attackers to bypass authentication and ...)
 	NOT-FOR-US: OTManager
-CVE-2008-7178
+CVE-2008-7178 (Directory traversal vulnerability in Uploader module 1.1 for XOOPS all ...)
 	NOT-FOR-US: XOOPS
-CVE-2008-7177
+CVE-2008-7177 (Buffer overflow in the listing module in Netwide Assembler (NASM) befo ...)
 	- nasm 2.03.01-1 (low)
-CVE-2008-7176
+CVE-2008-7176 (Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow  ...)
 	NOT-FOR-US: Facil CMS
-CVE-2008-7175
+CVE-2008-7175 (Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in Next ...)
 	NOT-FOR-US: NextGEN Gallery third party plugin for wordpress
-CVE-2008-7174
+CVE-2008-7174 (Multiple buffer overflows in the Jura Internet Connection Kit for the  ...)
 	NOT-FOR-US: Jura Impressa
-CVE-2008-7173
+CVE-2008-7173 (The Jura Internet Connection Kit for the Jura Impressa F90 coffee make ...)
 	NOT-FOR-US: Jura Impressa
-CVE-2008-7172
+CVE-2008-7172 (Lightweight news portal (LNP) 1.0b does not properly restrict access t ...)
 	NOT-FOR-US: Lightweight news portal
-CVE-2008-7171
+CVE-2008-7171 (Multiple cross-site scripting (XSS) vulnerabilities in Lightweight new ...)
 	NOT-FOR-US: Lightweight news portal
-CVE-2008-7170
+CVE-2008-7170 (GSC build 2067 and earlier relies on the client to enforce administrat ...)
 	NOT-FOR-US: GSC build
-CVE-2008-7169
+CVE-2008-7169 (SQL injection vulnerability in Jabode horoscope extension (com_jabode) ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-7168
+CVE-2008-7168 (Insecure method vulnerability in the UUSee UUUpgrade ActiveX control ( ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-7167
+CVE-2008-7167 (Unrestricted file upload vulnerability in upload.php in Page Manager 2 ...)
 	NOT-FOR-US: Page Manager
-CVE-2008-7166
+CVE-2008-7166 (Buffer overflow in the web interface in BitTorrent 6.0.1 (build 7859)  ...)
 	NOT-FOR-US: web interface in BitTorrent 6.0.1 (build 7859)
-CVE-2008-7165
+CVE-2008-7165 (Cross-site request forgery in cp06_wifi_m_nocifr.cgi in the administra ...)
 	NOT-FOR-US: TELECOM ITALIA Alice Gate2 Plus Wi-Fi
-CVE-2008-7164
+CVE-2008-7164 (Multiple unspecified vulnerabilities in Shareaza before 2.3.1.0 have u ...)
 	NOT-FOR-US: Shareaza
-CVE-2008-7163
+CVE-2008-7163 (Directory traversal vulnerability in mods/Integrated/index.php in Sine ...)
 	NOT-FOR-US: SineCMS
-CVE-2008-7162
+CVE-2008-7162 (Buffer overflow in Hero Super Player 3000 allows remote attackers to c ...)
 	NOT-FOR-US: Hero Super Player
-CVE-2008-7161
+CVE-2008-7161 (Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 a ...)
 	NOT-FOR-US: Fortinet FortiGuard Fortinet
-CVE-2008-7159
+CVE-2008-7159 (The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Se ...)
 	{DSA-1879-1}
 	[lenny] - silc-toolkit 1.1.7-2+lenny1
 	- silc-toolkit 1.1.10-1 (low)
 	- silc-client 1.1-2 (low)
 	- silc-server <not-affected> (Vulnerable code not present)
 	NOTE: silc-client uses libsilc from silc-toolkit since 1.1-2
-CVE-2008-7160
+CVE-2008-7160 (The silc_http_server_parse function in lib/silchttp/silchttpserver.c i ...)
 	{DSA-1879-1}
 	- silc-toolkit 1.1.10-1 (low)
 	- silc-client 1.1-2 (low)
 	- silc-server 1.1.2-1 (low)
 	NOTE: silc-client/silc-server use libsilc from silc-toolkit since 1.1-2
-CVE-2008-7158
+CVE-2008-7158 (Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a allows remot ...)
 	NOT-FOR-US: Numara FootPrints
-CVE-2008-7157
+CVE-2008-7157 (Unrestricted file upload vulnerability in EkinBoard 1.1.0 and earlier  ...)
 	NOT-FOR-US: EkinBoard
-CVE-2008-7156
+CVE-2008-7156 (EkinBoard 1.1.0 and earlier, when register_globals is enabled, allows  ...)
 	NOT-FOR-US: EkinBoard
-CVE-2008-7155
+CVE-2008-7155 (NetRisk 1.9.7 does not properly restrict access to admin/change_submit ...)
 	NOT-FOR-US: NetRisk
-CVE-2008-7154
+CVE-2008-7154 (Docebo 3.5.0.3 and earlier allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Docebo
-CVE-2008-7153
+CVE-2008-7153 (SQL injection vulnerability in the autoDetectRegion function in docebo ...)
 	NOT-FOR-US: Docebo
-CVE-2008-7152
+CVE-2008-7152 (Multiple PHP remote file inclusion vulnerabilities in Specimen Image D ...)
 	NOT-FOR-US: Specimen Image Database
-CVE-2008-7151
+CVE-2008-7151 (Cross-site request forgery (CSRF) vulnerability in Live 5.x before 5.x ...)
 	NOT-FOR-US: Live third-party Drupal module
-CVE-2008-7150
+CVE-2008-7150 (Cross-site scripting (XSS) vulnerability in Refine by Taxonomy 5.x bef ...)
 	NOT-FOR-US: Refine by Taxonomy
-CVE-2008-7149
+CVE-2008-7149 (Unspecified vulnerability in AgileWiki before 0.10.1 has unknown impac ...)
 	NOT-FOR-US: AgileWiki
-CVE-2008-7148
+CVE-2008-7148 (Unspecified vulnerability in Synfig Animation Studio before 0.61.08 al ...)
 	- synfig 0.61.08-1
-CVE-2008-7147
+CVE-2008-7147 (Multiple cross-site scripting (XSS) vulnerabilities in IntraLearn Soft ...)
 	NOT-FOR-US: IntraLearn Software IntraLearn
-CVE-2008-7146
+CVE-2008-7146 (IntraLearn Software IntraLearn 2.1, and possibly other versions before ...)
 	NOT-FOR-US: IntraLearn Software IntraLearn
-CVE-2008-7145
+CVE-2008-7145 (Multiple SQL injection vulnerabilities in index.php in CoronaMatrix ph ...)
 	NOT-FOR-US: CoronaMatrix phpAddressBook
-CVE-2008-7144
+CVE-2008-7144 (Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have ...)
 	NOT-FOR-US: RARLAB WinRAR
-CVE-2008-7143
+CVE-2008-7143 (phpBB 2.0.23 includes the session ID in a request to modcp.php when th ...)
 	- phpbb2 <removed>
-CVE-2008-7142
+CVE-2008-7142 (Absolute path traversal vulnerability in the Disk Usage module (fronte ...)
 	NOT-FOR-US: cPanel
-CVE-2008-7141
+CVE-2008-7141 (Cross-site scripting (XSS) vulnerability in setup.php in @lex Poll 2.1 ...)
 	NOT-FOR-US: @lex Poll
-CVE-2008-7140
+CVE-2008-7140 (Multiple cross-site scripting (XSS) vulnerabilities in @lex Guestbook  ...)
 	NOT-FOR-US: @lex Guestbook
-CVE-2008-7139
+CVE-2008-7139 (Multiple cross-site request forgery (CSRF) vulnerabilities in WS-Proxy ...)
 	NOT-FOR-US: Eye-Fi
-CVE-2008-7138
+CVE-2008-7138 (The Manager in Eye-Fi 1.1.2 generates predictable snonce values based  ...)
 	NOT-FOR-US: Eye-Fi
-CVE-2008-7137
+CVE-2008-7137 (WS-Proxy in Eye-Fi 1.1.2 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Eye-Fi
-CVE-2008-7136
+CVE-2008-7136 (toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers t ...)
 	NOT-FOR-US: ICQ Toolbar
-CVE-2008-7135
+CVE-2008-7135 (toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers t ...)
 	NOT-FOR-US: ICQ Toolbar
-CVE-2008-7134
+CVE-2008-7134 (Multiple cross-site scripting (XSS) vulnerabilities in the default URI ...)
 	NOT-FOR-US: Chris LaPointe RedGalaxy Download Center
-CVE-2008-7133
+CVE-2008-7133 (Multiple cross-site scripting (XSS) vulnerabilities in onlinetools.org ...)
 	NOT-FOR-US: onlinetools.org EasyImageCatalogue
-CVE-2008-7132
+CVE-2008-7132 (Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan 1. ...)
 	NOT-FOR-US: Nuked-Klan
-CVE-2008-7131
+CVE-2008-7131 (Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier  ...)
 	NOT-FOR-US: DB2 Monitoring Console
-CVE-2008-7130
+CVE-2008-7130 (Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier  ...)
 	NOT-FOR-US: DB2 Monitoring Console
-CVE-2008-7129
+CVE-2008-7129 (XySSL before 0.9 allows remote attackers to cause a denial of service  ...)
 	- xyssl 0.9-1
 	- polarssl <not-affected> (fixed in xyssl before polarssl was forked from it)
 	- pdkim <itp> (bug #543150)
 	NOTE: check pdkim if/when it enters unstable (contains polarssl code copy)
-CVE-2008-7128
+CVE-2008-7128 (The ssl_parse_client_key_exchange function in XySSL before 0.9 does no ...)
 	- xyssl 0.9-1
 	- polarssl <not-affected> (fixed in xyssl before polarssl was forked from it)
 	- pdkim <itp> (bug #543150)
 	NOTE: check pdkim if/when it enters unstable (contains polarssl code copy)
-CVE-2008-7127
+CVE-2008-7127 (osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earli ...)
 	NOT-FOR-US: Borland VisiBroker Smart Agent
-CVE-2008-7126
+CVE-2008-7126 (Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.0 ...)
 	NOT-FOR-US: Borland VisiBroker Smart Agent
-CVE-2008-7125
+CVE-2008-7125 (pphoto in Ariadne before 2.6 allows remote authenticated users with ce ...)
 	NOT-FOR-US: Ariadne
-CVE-2008-7124
+CVE-2008-7124 (zKup CMS 2.0 through 2.3 does not require administrative authenticatio ...)
 	NOT-FOR-US: zKup CMS
-CVE-2008-7123
+CVE-2008-7123 (Static code injection vulnerability in admin/configuration/modifier.ph ...)
 	NOT-FOR-US: zKup CMS
-CVE-2008-7122
+CVE-2008-7122 (Multiple insecure method vulnerabilities in an ActiveX control in (epR ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-7121
+CVE-2008-7121 (Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot Links SQL- ...)
 	NOT-FOR-US: Mr. CGI Guy Hot Links SQL-PHP
-CVE-2008-7120
+CVE-2008-7120 (SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and ear ...)
 	NOT-FOR-US: Mr. CGI Guy Hot Links SQL-PHP
-CVE-2008-7119
+CVE-2008-7119 (SQL injection vulnerability in item.php in WeBid auction script 0.5.4  ...)
 	NOT-FOR-US: WeBid auction script
-CVE-2008-7118
+CVE-2008-7118 (WeBid auction script 0.5.4 stores sensitive information under the web  ...)
 	NOT-FOR-US: WeBid auction script
-CVE-2008-7117
+CVE-2008-7117 (eledicss.php in WeBid auction script 0.5.4 allows remote attackers to  ...)
 	NOT-FOR-US: WeBid auction script
-CVE-2008-7116
+CVE-2008-7116 (SQL injection vulnerability in the admin panel (admin/) in WeBid aucti ...)
 	NOT-FOR-US: WeBid auction script
-CVE-2008-7115
+CVE-2008-7115 (The web interface to the Belkin Wireless G router and ADSL2 modem F5D7 ...)
 	NOT-FOR-US: Belkin Wireless G
-CVE-2008-7114
+CVE-2008-7114 (SQL injection vulnerability in members_search.php in iFusion Services  ...)
 	NOT-FOR-US: iFusion Services
-CVE-2008-7113
+CVE-2008-7113 (The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 u ...)
 	NOT-FOR-US: Kyocera Mita
-CVE-2008-7112
+CVE-2008-7112 (The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 a ...)
 	NOT-FOR-US: Kyocera Mita
-CVE-2008-7111
+CVE-2008-7111 (The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 d ...)
 	NOT-FOR-US: Kyocera Mita
-CVE-2008-7110
+CVE-2008-7110 (Directory traversal vulnerability in the Scanner File Utility (aka lis ...)
 	NOT-FOR-US: Kyocera Mita
-CVE-2008-7109
+CVE-2008-7109 (The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 a ...)
 	NOT-FOR-US: Kyocera Mita
-CVE-2008-7108
+CVE-2008-7108 (Multiple cross-site scripting (XSS) vulnerabilities in Carmosa phpCart ...)
 	NOT-FOR-US: Carmosa phpCart
-CVE-2008-7107
+CVE-2008-7107 (easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to caus ...)
 	NOT-FOR-US: ESET Smart Security
-CVE-2008-7106
+CVE-2008-7106 (The installation of Sophos PureMessage for Microsoft Exchange 3.0 befo ...)
 	NOT-FOR-US: Microsoft Exchange
-CVE-2008-7105
+CVE-2008-7105 (Sophos PureMessage for Microsoft Exchange 3.0 before 3.0.2 allows remo ...)
 	NOT-FOR-US: Sophos PureMessage for Microsoft Exchange
-CVE-2008-7104
+CVE-2008-7104 (Sophos PureMessage Scanner service (PMScanner.exe) in PureMessage for  ...)
 	NOT-FOR-US: Sophos PureMessage Scanner service
-CVE-2008-7103
+CVE-2008-7103 (Stack-based buffer overflow in an ActiveX control in najdisitoolbar.dl ...)
 	NOT-FOR-US: Toolbar 2.0.4.1
-CVE-2008-7102
+CVE-2008-7102 (DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx fil ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2008-7101
+CVE-2008-7101 (Unspecified vulnerability in DotNetNuke 4.0 through 4.8.4 and 5.0 allo ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2008-7100
+CVE-2008-7100 (Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 allows rem ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2008-7099
+CVE-2008-7099 (Unspecified vulnerability in the Manage Templates feature in Qsoft K-R ...)
 	NOT-FOR-US: Qsoft K-Rate Premium
-CVE-2008-7098
+CVE-2008-7098 (Multiple cross-site scripting (XSS) vulnerabilities in Qsoft K-Rate Pr ...)
 	NOT-FOR-US: Qsoft K-Rate Premium
-CVE-2008-7097
+CVE-2008-7097 (Multiple SQL injection vulnerabilities in Qsoft K-Rate Premium allow r ...)
 	NOT-FOR-US: Qsoft K-Rate Premium
-CVE-2008-7096
+CVE-2008-7096 (Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35M ...)
 	NOT-FOR-US: Intel Desktop and Intel Mobile Boards
-CVE-2008-7095
+CVE-2008-7095 (The SNMP daemon in ArubaOS 3.3.2.6 in Aruba Mobility Controller does n ...)
 	NOT-FOR-US: ArubaOS
-CVE-2008-7094
+CVE-2008-7094 (Campaign/CampaignListener in the listener server in Unica Affinium Cam ...)
 	NOT-FOR-US: Affinium Campaign
-CVE-2008-7093
+CVE-2008-7093 (Multiple directory traversal vulnerabilities in Unica Affinium Campaig ...)
 	NOT-FOR-US: Affinium Campaign
-CVE-2008-7092
+CVE-2008-7092 (Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium  ...)
 	NOT-FOR-US: Affinium Campaign
-CVE-2008-7091
+CVE-2008-7091 (Multiple SQL injection vulnerabilities in Pligg 9.9 and earlier allow  ...)
 	NOT-FOR-US: Pligg
-CVE-2008-7090
+CVE-2008-7090 (Multiple directory traversal vulnerabilities in Pligg 9.9 and earlier  ...)
 	NOT-FOR-US: Pligg
-CVE-2008-7089
+CVE-2008-7089 (Cross-site scripting (XSS) vulnerability in Pligg 9.9 and earlier allo ...)
 	NOT-FOR-US: Pligg
-CVE-2008-7088
+CVE-2008-7088 (Unrestricted file upload vulnerability in upload.php in PhotoPost vBGa ...)
 	NOT-FOR-US: PhotoPost vBGallery
-CVE-2008-7087
+CVE-2008-7087 (PHP remote file inclusion vulnerability in search_wA.php in OpenPro 1. ...)
 	NOT-FOR-US: OpenPro
-CVE-2008-7086
+CVE-2008-7086 (Maian Greetings 2.1 allows remote attackers to bypass authentication a ...)
 	NOT-FOR-US: Maian Greetings
-CVE-2008-7085
+CVE-2008-7085 (Multiple SQL injection vulnerabilities in TheHockeyStop HockeySTATS On ...)
 	NOT-FOR-US: TheHockeyStop HockeySTATS Online
-CVE-2008-7084
+CVE-2008-7084 (Directory traversal vulnerability in the web server 1.0 in Velocity Se ...)
 	NOT-FOR-US: Velocity Security Management System
-CVE-2008-7083
+CVE-2008-7083 (Multiple SQL injection vulnerabilities in ReVou Micro Blogging Twitter ...)
 	NOT-FOR-US: ReVou Micro Blogging Twitter clone
-CVE-2008-7082
+CVE-2008-7082 (MyBB (aka MyBulletinBoard) 1.4.3 includes the sensitive my_post_key pa ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2008-7081
+CVE-2008-7081 (userHandler.cgi in RaidSonic ICY BOX NAS firmware 2.3.2.IB.2.RS.1 allo ...)
 	NOT-FOR-US: RaidSonic ICY BOX NAS firmware
-CVE-2008-7080
+CVE-2008-7080 (Team PHP PHP Classifieds Script stores sensitive information under the ...)
 	NOT-FOR-US: Team PHP PHP Classifieds Script
-CVE-2008-7079
+CVE-2008-7079 (Buffer overflow in Nero ShowTime 5.0.15.0 allows remote attackers to c ...)
 	NOT-FOR-US: Nero ShowTime
-CVE-2008-7078
+CVE-2008-7078 (Multiple buffer overflows in Rumpus before 6.0.1 allow remote attacker ...)
 	NOT-FOR-US: Rumpus
-CVE-2008-7077
+CVE-2008-7077 (Multiple SQL injection vulnerabilities in SailPlanner 0.3a allow remot ...)
 	NOT-FOR-US: SailPlanner
-CVE-2008-7076
+CVE-2008-7076 (Unrestricted file upload vulnerability in user.modify.profile.php in K ...)
 	NOT-FOR-US: Kalptaru Infotech Ltd. Star Articles
-CVE-2008-7075
+CVE-2008-7075 (Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star  ...)
 	NOT-FOR-US: Kalptaru Infotech Ltd. Star Articles
-CVE-2008-7074
+CVE-2008-7074 (Format string vulnerability in MemeCode Software i.Scribe 1.88 through ...)
 	NOT-FOR-US: MemeCode Software i.Scribe
-CVE-2008-7073
+CVE-2008-7073 (PHP remote file inclusion vulnerability in lib/action/rss.php in RSS m ...)
 	NOT-FOR-US: RSS module 0.1 for Pie Web M{a,e}sher
-CVE-2008-7072
+CVE-2008-7072 (Cross-site scripting (XSS) vulnerability in index.php in Chipmunk Tops ...)
 	NOT-FOR-US: Chipmunk Topsites
-CVE-2008-7071
+CVE-2008-7071 (SQL injection vulnerability in authenticate.php in Chipmunk Topsites a ...)
 	NOT-FOR-US: Chipmunk Topsites
-CVE-2008-7070
+CVE-2008-7070 (Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shi ...)
 	- kvirc <not-affected> (Only affects Windows builds)
 	NOTE: https://svn.kvirc.de/kvirc/ticket/274#comment:8
-CVE-2008-7069
+CVE-2008-7069 (All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information un ...)
 	NOT-FOR-US: All Club CMS (ACCMS)
-CVE-2008-7067
+CVE-2008-7067 (PHP remote file inclusion vulnerability in admin/plugins/Online_Users/ ...)
 	NOT-FOR-US: PageTree CMS
-CVE-2008-7066
+CVE-2008-7066 (OpenForum 0.66 Beta allows remote attackers to bypass authentication a ...)
 	NOT-FOR-US: OpenForum
-CVE-2008-7065
+CVE-2008-7065 (Siemens C450 IP and C475 IP VoIP devices allow remote attackers to cau ...)
 	NOT-FOR-US: Siemens C450 IP and C475 IP VoIP devices
-CVE-2008-7064
+CVE-2008-7064 (Directory traversal vulnerability in the get_lang function in global.p ...)
 	NOT-FOR-US: Quicksilver Forums
-CVE-2008-7063
+CVE-2008-7063 (Ocean12 FAQ Manager Pro stores sensitive data under the web root with  ...)
 	NOT-FOR-US: Ocean12 FAQ Manager Pro
-CVE-2008-7062
+CVE-2008-7062 (Unrestricted file upload vulnerability in admin/index.php in Download  ...)
 	NOT-FOR-US: Download Manager module 1.0 for LoveCMS
-CVE-2008-7061
+CVE-2008-7061 (The tooltip manager (chrome/views/tooltip_manager.cc) in Google Chrome ...)
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2008-7060
+CVE-2008-7060 (Multiple cross-site scripting (XSS) vulnerabilities in One-News Beta 2 ...)
 	NOT-FOR-US: One-News
-CVE-2008-7059
+CVE-2008-7059 (SQL injection vulnerability in index.php in One-News Beta 2 allows rem ...)
 	NOT-FOR-US: One-News
-CVE-2008-7058
+CVE-2008-7058 (Cross-site request forgery (CSRF) vulnerability in BandSite CMS 1.1.4  ...)
 	NOT-FOR-US: BandSite CMS
-CVE-2008-7057
+CVE-2008-7057 (Cross-site scripting (XSS) vulnerability in merchandise.php in BandSit ...)
 	NOT-FOR-US: BandSite CMS
-CVE-2008-7056
+CVE-2008-7056 (BandSite CMS 1.1.4 does not perform access control for adminpanel/phpm ...)
 	NOT-FOR-US: BandSite CMS
-CVE-2008-7055
+CVE-2008-7055 (module.php in ezContents 2.0.3 allows remote attackers to bypass the d ...)
 	NOT-FOR-US: ezContents
-CVE-2008-7054
+CVE-2008-7054 (Multiple directory traversal vulnerabilities in ezContents 2.0.3 allow ...)
 	NOT-FOR-US: ezContents
-CVE-2008-7053
+CVE-2008-7053 (LogMeIn Remote Access Utility ActiveX control (RACtrl.dll) allows remo ...)
 	NOT-FOR-US: LogMeIn
-CVE-2008-7052
+CVE-2008-7052 (Unrestricted file upload vulnerability in profile.php in Pre Projects  ...)
 	NOT-FOR-US: Pre Projects Pre Real Estate Listings
-CVE-2008-7051
+CVE-2008-7051 (AJ Square AJ Article allows remote attackers to bypass authentication  ...)
 	NOT-FOR-US: AJ Square AJ Article
-CVE-2008-7050
+CVE-2008-7050 (The password_check function in auth/auth_phpbb3.php in WoW Raid Manage ...)
 	NOT-FOR-US: WoW Raid Manager
-CVE-2008-7049
+CVE-2008-7049 (Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1  ...)
 	NOT-FOR-US: NatterChat
-CVE-2008-7048
+CVE-2008-7048 (Multiple cross-site scripting (XSS) vulnerabilities in NatterChat 1.12 ...)
 	NOT-FOR-US: NatterChat
-CVE-2008-7047
+CVE-2008-7047 (NatterChat 1.1 allows remote attackers to bypass authentication and ga ...)
 	NOT-FOR-US: NatterChat
-CVE-2008-7046
+CVE-2008-7046 (AJ Square Free Polling Script (AJPoll) allows remote attackers to bypa ...)
 	NOT-FOR-US: AJ Square Free Polling Script
-CVE-2008-7045
+CVE-2008-7045 (AJ Square Free Polling Script (AJPoll) Database version allows remote  ...)
 	NOT-FOR-US: AJ Square Free Polling Script
-CVE-2008-7044
+CVE-2008-7044 (SQL injection vulnerability in admin/include/newpoll.php in AJ Square  ...)
 	NOT-FOR-US: AJ Square Free Polling Script
-CVE-2008-7043
+CVE-2008-7043 (Cross-site scripting (XSS) vulnerability in register.php in FreshScrip ...)
 	NOT-FOR-US: FreshScripts Fresh Email Script
-CVE-2008-7042
+CVE-2008-7042 (PHP remote file inclusion vulnerability in url.php in FreshScripts Fre ...)
 	NOT-FOR-US: FreshScripts Fresh Email Script
-CVE-2008-7041
+CVE-2008-7041 (AJ Classifieds allows remote attackers to bypass authentication and ga ...)
 	NOT-FOR-US: AJ Classifieds
-CVE-2008-7040
+CVE-2008-7040 (SQL injection vulnerability in ahah/sf-profile.php in the Yellow Sword ...)
 	NOT-FOR-US: Yellow Swordfish Simple Forum module for Wordpress
-CVE-2008-7039
+CVE-2008-7039 (Cross-site scripting (XSS) vulnerability in admin/comments.php in Gela ...)
 	NOT-FOR-US: Gelato CMS
-CVE-2008-7038
+CVE-2008-7038 (SQL injection vulnerability in the My_eGallery module for PHP-Nuke all ...)
 	NOT-FOR-US: My_eGallery module for PHP-Nuke
-CVE-2008-7037
+CVE-2008-7037 (The Sidebar gadget in ITN News Gadget (aka ITN Hub Gadget) 1.06 for Wi ...)
 	NOT-FOR-US: ITN News Gadget
-CVE-2008-7036
+CVE-2008-7036 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in De ...)
 	NOT-FOR-US: DevTracker module 3.0 for bcoos
-CVE-2008-7035
+CVE-2008-7035 (Cross-site scripting (XSS) vulnerability in an unspecified component i ...)
 	NOT-FOR-US: Simple Machines phpRaider
-CVE-2008-7034
+CVE-2008-7034 (PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class. ...)
 	NOT-FOR-US: PHPEcho CMS
-CVE-2008-7033
+CVE-2008-7033 (SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2008-7032
+CVE-2008-7032 (Web Management Console Cross-site request forgery (CSRF) vulnerability ...)
 	NOT-FOR-US: web management console in F5 BIG-IP
-CVE-2008-7031
+CVE-2008-7031 (Heap-based buffer overflow in Foxit Remote Access Server (aka WAC Serv ...)
 	NOT-FOR-US: Foxit Remote Access Server (aka WAC Server)
-CVE-2008-7030
+CVE-2008-7030 (Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web al ...)
 	NOT-FOR-US: Site2Nite Real Estate Web
-CVE-2008-7029
+CVE-2008-7029 (Unrestricted file upload vulnerability in usercp.php in AlilG Applicat ...)
 	NOT-FOR-US: AlilG Application AliBoard
-CVE-2008-7028
+CVE-2008-7028 (RPG.Board 0.8 Beta2 and earlier allows remote attackers to bypass auth ...)
 	NOT-FOR-US: RPG.Board
-CVE-2008-7027
+CVE-2008-7027 (Libra File Manager 1.18 and earlier allows remote attackers to bypass  ...)
 	NOT-FOR-US: Libra File Manager
-CVE-2008-7026
+CVE-2008-7026 (Unrestricted file upload vulnerability in filesystem3.class.php in eFr ...)
 	NOT-FOR-US: eFront
-CVE-2008-7025
+CVE-2008-7025 (TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe runnin ...)
 	NOT-FOR-US: Check Point ZoneAlarm
-CVE-2008-7024
+CVE-2008-7024 (admin.php in Arz Development The Gemini Portal 4.7 and earlier allows  ...)
 	NOT-FOR-US: Arz Development The Gemini Portal
-CVE-2008-7023
+CVE-2008-7023 (Aruba Mobility Controller running ArubaOS 3.3.1.16, and possibly other ...)
 	NOT-FOR-US: ArubaOS
-CVE-2008-7022
+CVE-2008-7022 (Insecure method vulnerability in ChilkatMail_v7_9.dll in the Chilkat S ...)
 	NOT-FOR-US: Chilkat Software IMAP ActiveX control
-CVE-2008-7021
+CVE-2008-7021 (Unrestricted file upload vulnerability in editlogo.php in AvailScript  ...)
 	NOT-FOR-US: AvailScript Jobs Portal Script
-CVE-2008-7020
+CVE-2008-7020 (McAfee SafeBoot Device Encryption 4 build 4750 and earlier stores pre- ...)
 	NOT-FOR-US: McAfee SafeBoot Device Encryption
-CVE-2008-7019
+CVE-2008-7019 (Esqlanelapse 2.6.1 and 2.6.2 allows remote attackers to bypass authent ...)
 	NOT-FOR-US: Esqlanelapse
-CVE-2008-7018
+CVE-2008-7018 (Cross-site scripting (XSS) vulnerability in NashTech Easy PHP Calendar ...)
 	NOT-FOR-US: NashTech Easy PHP Calendar
-CVE-2008-7017
+CVE-2008-7017 (Cross-site scripting (XSS) vulnerability in analyse.php in CAcert 2008 ...)
 	NOT-FOR-US: CAcert
-CVE-2008-7016
+CVE-2008-7016 (tnftpd before 20080929 splits large command strings into multiple comm ...)
 	NOT-FOR-US: tnftpd
-CVE-2008-7015
+CVE-2008-7015 (Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel  ...)
 	NOT-FOR-US: Unreal Tournament
-CVE-2008-7014
+CVE-2008-7014 (fhttpd 0.4.2 allows remote attackers to cause a denial of service (cra ...)
 	NOT-FOR-US: fhttpd
-CVE-2008-7013
+CVE-2008-7013 (NetService.dll in Baidu Hi IM allows remote servers to cause a denial  ...)
 	NOT-FOR-US: Baidu Hi IM
-CVE-2008-7012
+CVE-2008-7012 (courier/1000@/api_error_email.html (aka "error reporting page") in Acc ...)
 	NOT-FOR-US: Accellion File Transfer Appliance
-CVE-2008-7011
+CVE-2008-7011 (The Unreal engine, as used in Unreal Tournament 3 1.3, Unreal Tourname ...)
 	NOT-FOR-US: Unreal Tournament
-CVE-2008-7010
+CVE-2008-7010 (Skalfa Software SkaLinks Exchange Script 1.5 allows remote attackers t ...)
 	NOT-FOR-US: Skalfa Software SkaLinks Exchange Script
-CVE-2008-7009
+CVE-2008-7009 (Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Sui ...)
 	NOT-FOR-US: Check Point ZoneAlarm Security Suite
-CVE-2008-7008
+CVE-2008-7008 (HyperStop Web Host Directory 1.2 allows remote attackers to bypass aut ...)
 	NOT-FOR-US: HyperStop Web Host Directory
-CVE-2008-7007
+CVE-2008-7007 (Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentic ...)
 	NOT-FOR-US: Free PHP VX Guestbook
-CVE-2008-7006
+CVE-2008-7006 (Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentic ...)
 	NOT-FOR-US: Free PHP VX Guestbook
-CVE-2008-7005
+CVE-2008-7005 (include/modules/top/1-random_quote.php in Minb Is Not a Blog (minb) 0. ...)
 	NOT-FOR-US: Minb Is Not a Blog
-CVE-2008-7004
+CVE-2008-7004 (Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown  ...)
 	NOT-FOR-US: Electronic Logbook
-CVE-2008-7003
+CVE-2008-7003 (Multiple SQL injection vulnerabilities in login.php in The Rat CMS Alp ...)
 	NOT-FOR-US: The Rat CMS
-CVE-2008-7002
+CVE-2008-7002 (PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir ...)
 	- php5 (unimportant)
 	NOTE: safe-mode and basedir violations not treated as security issues
-CVE-2008-7001
+CVE-2008-7001 (Unrestricted file upload vulnerability in the file manager in Creative ...)
 	NOT-FOR-US: Creative Mind Creator CMS
-CVE-2008-7000
+CVE-2008-7000 (PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 ...)
 	NOT-FOR-US: phpAuction
-CVE-2008-6999
+CVE-2008-6999 (phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote at ...)
 	NOT-FOR-US: phpAuction
-CVE-2008-6998
+CVE-2008-6998 (Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in Goog ...)
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2008-6997
+CVE-2008-6997 (Google Chrome 0.2.149.27 allows user-assisted remote attackers to caus ...)
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2008-6996
+CVE-2008-6996 (Google Chrome BETA (0.2.149.27) does not prompt the user before saving ...)
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2008-6995
+CVE-2008-6995 (Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome ...)
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2008-6994
+CVE-2008-6994 (Stack-based buffer overflow in the SaveAs feature (SaveFileAsWithFilte ...)
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2008-6993
+CVE-2008-6993 (Siemens Gigaset WLAN Camera 1.27 has an insecure default password, whi ...)
 	NOT-FOR-US: Siemens Gigaset WLAN Camera
-CVE-2008-6992
+CVE-2008-6992 (GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allow ...)
 	NOT-FOR-US: GreenSQL Firewall
-CVE-2008-6991
+CVE-2008-6991 (SQL injection vulnerability in public/page.php in Websens CMSbright al ...)
 	NOT-FOR-US: CMSbright
-CVE-2008-6990
+CVE-2008-6990 (SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka  ...)
 	NOT-FOR-US: Easy Photo Gallery
-CVE-2008-6989
+CVE-2008-6989 (SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka  ...)
 	NOT-FOR-US: Easy Photo Gallery
-CVE-2008-6988
+CVE-2008-6988 (Multiple cross-site scripting (XSS) vulnerabilities in Easy Photo Gall ...)
 	NOT-FOR-US: Easy Photo Gallery
-CVE-2008-6987
+CVE-2008-6987 (Unrestricted file upload vulnerability in eZoneScripts Dating Website  ...)
 	NOT-FOR-US: eZoneScripts Dating Website script
-CVE-2008-6986
+CVE-2008-6986 (SQL injection vulnerability in the actionMultipleAddProduct function i ...)
 	NOT-FOR-US: Zen Cart
-CVE-2008-6985
+CVE-2008-6985 (Multiple SQL injection vulnerabilities in includes/classes/shopping_ca ...)
 	NOT-FOR-US: Zen Cart
-CVE-2008-6984
+CVE-2008-6984 (Plesk 8.6.0, when short mail login names (SHORTNAMES) are enabled, all ...)
 	NOT-FOR-US: Plesk
-CVE-2008-6983
+CVE-2008-6983 (modules/tool/hitcounter.php in devalcms 1.4a allows remote attackers t ...)
 	NOT-FOR-US: devalcms
-CVE-2008-6982
+CVE-2008-6982 (Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a ...)
 	NOT-FOR-US: devalcms
-CVE-2008-6981
+CVE-2008-6981 (index.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers ...)
 	NOT-FOR-US: phpAdultSite CMS
-CVE-2008-6980
+CVE-2008-6980 (SQL injection vulnerability in as_archives.php in phpAdultSite CMS, po ...)
 	NOT-FOR-US: phpAdultSite CMS
-CVE-2008-6979
+CVE-2008-6979 (Cross-site scripting (XSS) vulnerability in as_archives.php in phpAdul ...)
 	NOT-FOR-US: phpAdultSite CMS
-CVE-2008-6978
+CVE-2008-6978 (Unrestricted file upload vulnerability in Full Revolution aspWebAlbum  ...)
 	NOT-FOR-US: aspWebAlbum
-CVE-2008-6977
+CVE-2008-6977 (Cross-site scripting (XSS) vulnerability in album.asp in Full Revoluti ...)
 	NOT-FOR-US: aspWebAlbum
-CVE-2008-6976
+CVE-2008-6976 (MikroTik RouterOS 3.x through 3.13 and 2.x through 2.9.51 allows remot ...)
 	NOT-FOR-US: MicroTik RouterOS
-CVE-2008-6975
+CVE-2008-6975 (Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cg ...)
 	NOT-FOR-US: DD-WRT
-CVE-2008-6974
+CVE-2008-6974 (Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cg ...)
 	NOT-FOR-US: DD-WRT
-CVE-2008-6973
+CVE-2008-6973 (Multiple unspecified vulnerabilities in IBM WebSphere Commerce 6.0 bef ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-6961
+CVE-2008-6961 (mailnews in Mozilla Thunderbird before 2.0.0.18 and SeaMonkey before 1 ...)
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2008-6972
+CVE-2008-6972 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal Content  ...)
 	NOT-FOR-US: Drupal Content Construction Kit (third-party module)
-CVE-2008-6971
+CVE-2008-6971 (The password reset functionality in Simple Machines Forum (SMF) 1.0.x  ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-6970
+CVE-2008-6970 (SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 a ...)
 	NOT-FOR-US: UBB.threads
-CVE-2008-6969
+CVE-2008-6969 (Multiple cross-site scripting (XSS) vulnerabilities in checkout.php in ...)
 	NOT-FOR-US: Avactis Shopping Cart
-CVE-2008-6968
+CVE-2008-6968 (Multiple SQL injection vulnerabilities in submit.php in Pligg CMS 9.9. ...)
 	NOT-FOR-US: Pligg CMS
-CVE-2008-6967
+CVE-2008-6967 (Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon b ...)
 	NOT-FOR-US: Alt-N MDaemon
-CVE-2008-6966
+CVE-2008-6966 (AJ Square AJ Auction Pro Platinum Skin #1 sends a redirect but does no ...)
 	NOT-FOR-US: AJ Square AJ Auction Pro Platinum Skin #1
-CVE-2008-6965
+CVE-2008-6965 (AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, ...)
 	NOT-FOR-US: AJ Square AJ Auction OOPD
-CVE-2008-6964
+CVE-2008-6964 (SQL injection vulnerability in the login page in X7 Chat 2.0.5 allows  ...)
 	NOT-FOR-US: X7 Chat
-CVE-2008-6963
+CVE-2008-6963 (admin.php in TurnkeyForms Text Link Sales allows remote attackers to b ...)
 	NOT-FOR-US: TurnkeyForms Text Link Sales
-CVE-2008-6962
+CVE-2008-6962 (Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, a ...)
 	NOT-FOR-US: Avira AntiVir Premium
-CVE-2008-6960
+CVE-2008-6960 (download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5  ...)
 	NOT-FOR-US: X10media
-CVE-2008-6959
+CVE-2008-6959 (Insecure method vulnerability in the Chilkat Socket ActiveX control (C ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-6958
+CVE-2008-6958 (wap/index.php in Crossday Discuz! Board 6.x and 7.x allows remote auth ...)
 	NOT-FOR-US: Crossday Discuz! Board
-CVE-2008-6957
+CVE-2008-6957 (member.php in Crossday Discuz! Board allows remote attackers to reset  ...)
 	NOT-FOR-US: Crossday Discuz! Board
-CVE-2008-6956
+CVE-2008-6956 (Static code injection vulnerability in admin/admin.php in mxCamArchive ...)
 	NOT-FOR-US: mxCamArchive
-CVE-2008-6955
+CVE-2008-6955 (mxCamArchive 2.2 stores sensitive information under the web root with  ...)
 	NOT-FOR-US: mxCamArchive
-CVE-2008-6954
+CVE-2008-6954 (The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote a ...)
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2008-6953
+CVE-2008-6953 (Buffer overflow in oovoo.exe in ooVoo 1.7.1.35, and possibly other ver ...)
 	NOT-FOR-US: ooVoo
-CVE-2008-6952
+CVE-2008-6952 (SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and earlier  ...)
 	NOT-FOR-US: MauryCMS
-CVE-2008-6951
+CVE-2008-6951 (MauryCMS 0.53.2 and earlier does not require administrative authentica ...)
 	NOT-FOR-US: MauryCMS
-CVE-2008-6950
+CVE-2008-6950 (Multiple SQL injection vulnerabilities in login.asp in Bankoi WebHosti ...)
 	NOT-FOR-US: Bankoi WebHosting Control Panel
-CVE-2008-6949
+CVE-2008-6949 (Multiple cross-site request forgery (CSRF) vulnerabilities in Collabti ...)
 	NOT-FOR-US: Collabtive
-CVE-2008-6948
+CVE-2008-6948 (Unrestricted file upload vulnerability in Collabtive 0.4.8 allows remo ...)
 	NOT-FOR-US: Collabtive
-CVE-2008-6947
+CVE-2008-6947 (Collabtive 0.4.8 allows remote attackers to bypass authentication and  ...)
 	NOT-FOR-US: Collabtive
-CVE-2008-6946
+CVE-2008-6946 (Cross-site scripting (XSS) vulnerability in manageproject.php in Colla ...)
 	NOT-FOR-US: Collabtive
-CVE-2008-6945
+CVE-2008-6945 (Multiple cross-site scripting (XSS) vulnerabilities in Interchange 5.7 ...)
 	- interchange 5.6.1-1 (low; bug #505732)
-CVE-2008-6944
+CVE-2008-6944 (Unrestricted file upload vulnerability in ScriptsFeed Auto Classifieds ...)
 	NOT-FOR-US: ScriptsFeed Auto Classifieds
-CVE-2008-6943
+CVE-2008-6943 (Unrestricted file upload vulnerability in ScriptsFeed Recipes Listing  ...)
 	NOT-FOR-US: ScriptsFeed Recipes Listing Portal
-CVE-2008-6942
+CVE-2008-6942 (Unrestricted file upload vulnerability in ScriptsFeed Realtor Classifi ...)
 	NOT-FOR-US: ScriptsFeed Realtor Classifieds System
-CVE-2008-6941
+CVE-2008-6941 (SQL injection vulnerability in the login functionality in TurnkeyForms ...)
 	NOT-FOR-US: TurnkeyForms Web Hosting Directory
-CVE-2008-6940
+CVE-2008-6940 (TurnkeyForms Web Hosting Directory stores sensitive information under  ...)
 	NOT-FOR-US: TurnkeyForms Web Hosting Directory
-CVE-2008-6939
+CVE-2008-6939 (TurnkeyForms Web Hosting Directory allows remote attackers to bypass a ...)
 	NOT-FOR-US: TurnkeyForms Web Hosting Directory
-CVE-2008-6938
+CVE-2008-6938 (Pi3Web 2.0.3 before PL2, when installed on Windows as a desktop applic ...)
 	NOT-FOR-US: Pi3Web
-CVE-2008-6937
+CVE-2008-6937 (Argument injection vulnerability in Exodus 0.10 allows remote attacker ...)
 	NOT-FOR-US: Exodus
-CVE-2008-6936
+CVE-2008-6936 (Argument injection vulnerability in Exodus 0.10 allows remote attacker ...)
 	NOT-FOR-US: Exodus
-CVE-2008-6935
+CVE-2008-6935 (Argument injection vulnerability in Exodus 0.10 allows remote attacker ...)
 	NOT-FOR-US: Exodus
-CVE-2008-6934
+CVE-2008-6934 (Static code injection vulnerability in Sanus|artificium (aka Sanusart) ...)
 	NOT-FOR-US: Sanus|artificium (aka Sanusart)
-CVE-2008-6933
+CVE-2008-6933 (Directory traversal vulnerability in index.php in MiniGal b13 (aka MG2 ...)
 	NOT-FOR-US: MiniGal
-CVE-2008-6932
+CVE-2008-6932 (Unrestricted file upload vulnerability in submit_file.php in AlstraSof ...)
 	NOT-FOR-US: AlstraSoft SendIt Pro
-CVE-2008-6931
+CVE-2008-6931 (Unrestricted file upload vulnerability in PHPStore Job Search (aka PHP ...)
 	NOT-FOR-US: PHPStore Job Search (aka PHPCareers)
-CVE-2008-6930
+CVE-2008-6930 (Unrestricted file upload vulnerability in PHPStore Real Estate allows  ...)
 	NOT-FOR-US: PHPStore Real Estate
-CVE-2008-6929
+CVE-2008-6929 (Unrestricted file upload vulnerability in PHPStore Auto Classifieds al ...)
 	NOT-FOR-US: PHPStore Auto Classifieds
-CVE-2008-6928
+CVE-2008-6928 (Unrestricted file upload vulnerability in PHPStore Complete Classified ...)
 	NOT-FOR-US: PHPStore Complete Classifieds
-CVE-2008-6927
+CVE-2008-6927 (Multiple cross-site scripting (XSS) vulnerabilities in autoinstall4ima ...)
 	NOT-FOR-US: cPanel
-CVE-2008-6926
+CVE-2008-6926 (Directory traversal vulnerability in autoinstall4imagesgalleryupgrade. ...)
 	NOT-FOR-US: cPanel
-CVE-2008-6925
+CVE-2008-6925 (Cross-site scripting (XSS) vulnerability in function.php in Zenphoto 1 ...)
 	NOT-FOR-US: Zenphoto
-CVE-2008-6924
+CVE-2008-6924 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
 	NOT-FOR-US: eSyndiCat Directory
-CVE-2008-6923
+CVE-2008-6923 (SQL injection vulnerability in the content component (com_content) 1.0 ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6922
+CVE-2008-6922 (Multiple stack-based buffer overflows in CMailCOM.dll in CMailServer 5 ...)
 	NOT-FOR-US: CMailServer
-CVE-2008-6921
+CVE-2008-6921 (Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8  ...)
 	NOT-FOR-US: phpAdBoard
-CVE-2008-6920
+CVE-2008-6920 (Unrestricted file upload vulnerability in auth.php in phpEmployment 1. ...)
 	NOT-FOR-US: phpEmployment
-CVE-2008-6919
+CVE-2008-6919 (profileedit.php TaskDriver 1.3 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: TaskDriver 1.3
-CVE-2008-6918
+CVE-2008-6918 (Unrestricted file upload vulnerability in admin/galeria.php in ThePort ...)
 	NOT-FOR-US: ThePortal2
 CVE-2008-7291 [gri: insecure temp file generation]
 	RESERVED
 	- gri 2.12.18-1 (low)
 	[etch] - gri <no-dsa> (Minor issue)
 	[lenny] - gri <no-dsa> (Minor issue)
-CVE-2008-6917
+CVE-2008-6917 (SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Fin ...)
 	NOT-FOR-US: ExoPHPDesk
-CVE-2008-6916
+CVE-2008-6916 (Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attac ...)
 	NOT-FOR-US: Siemens SpeedStream 5200
-CVE-2008-6915
+CVE-2008-6915 (Cross-site scripting (XSS) vulnerability in view_prop_details.php in Z ...)
 	NOT-FOR-US: Zeeways ZEEPROPERTY
-CVE-2008-6914
+CVE-2008-6914 (Unrestricted file upload vulnerability in viewprofile.php in Zeeways Z ...)
 	NOT-FOR-US: Zeeways ZEEPROPERTY
-CVE-2008-6913
+CVE-2008-6913 (Unrestricted file upload vulnerability in editresume_next.php in Zeewa ...)
 	NOT-FOR-US: Zeeways ZEEPROPERTY
-CVE-2008-6912
+CVE-2008-6912 (Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authenticati ...)
 	NOT-FOR-US: Zeeways SHAADICLONE
-CVE-2008-6911
+CVE-2008-6911 (SQL injection vulnerability in the authenticateUser function in includ ...)
 	NOT-FOR-US: BrewBlogger
-CVE-2008-6910
+CVE-2008-6910 (Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Dru ...)
 	NOT-FOR-US: module for Drupal
-CVE-2008-6909
+CVE-2008-6909 (Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Dru ...)
 	NOT-FOR-US: module for Drupal
-CVE-2008-6908
+CVE-2008-6908 (Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Dru ...)
 	NOT-FOR-US: module for Drupal
-CVE-2008-6907
+CVE-2008-6907 (Multiple SQL injection vulnerabilities in checkuser.php in 2532designs ...)
 	NOT-FOR-US: 2532designs 2532|Gigs
-CVE-2008-6906
+CVE-2008-6906 (Cross-site scripting (XSS) vulnerability in index.php in BabbleBoard 1 ...)
 	NOT-FOR-US: BabbleBoard
-CVE-2008-6905
+CVE-2008-6905 (Cross-site request forgery (CSRF) vulnerability in index.php in Babble ...)
 	NOT-FOR-US: BabbleBoard
-CVE-2008-6904
+CVE-2008-6904 (Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linu ...)
 	NOT-FOR-US: Sophos SAVScan
-CVE-2008-6903
+CVE-2008-6903 (Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/ ...)
 	NOT-FOR-US: Sophos SAVScan
-CVE-2008-6902
+CVE-2008-6902 (Unrestricted file upload vulnerability in upload_flyer.php in 2532desi ...)
 	NOT-FOR-US: 2532designs
-CVE-2008-6901
+CVE-2008-6901 (Multiple directory traversal vulnerabilities in 2532designs 2532|Gigs  ...)
 	NOT-FOR-US: 2532designs
-CVE-2008-6900
+CVE-2008-6900 (Unrestricted file upload vulnerability in "Add Pen/Author Name" featur ...)
 	NOT-FOR-US: AvailScript Article Script
-CVE-2008-6899
+CVE-2008-6899 (Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated ...)
 	NOT-FOR-US: freeSSHd
-CVE-2008-6898
+CVE-2008-6898 (Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for ...)
 	NOT-FOR-US: ActiveX control
-CVE-2008-6897
+CVE-2008-6897 (Multiple buffer overflows in Getleft.exe in Andres Garcia Getleft 1.2  ...)
 	NOT-FOR-US: Andres Garcia Getleft
-CVE-2008-6896
+CVE-2008-6896 (login.php in 3CX Phone System 6.0.806.0, when 100% disk capacity is re ...)
 	NOT-FOR-US: 3CX Phone System
-CVE-2008-6895
+CVE-2008-6895 (3CX Phone System 6.0.806.0 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: 3CX Phone System
-CVE-2008-6894
+CVE-2008-6894 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in 3C ...)
 	NOT-FOR-US: 3CX Phone System
-CVE-2008-6893
+CVE-2008-6893 (Cross-site scripting (XSS) vulnerability in Alt-N MDaemon WorldClient  ...)
 	NOT-FOR-US: MDaemon WorldClient
-CVE-2008-6892
+CVE-2008-6892 (SQL injection vulnerability in lire/index.php in Peel 3.1 allows remot ...)
 	NOT-FOR-US: Peel
-CVE-2008-6891
+CVE-2008-6891 (Multiple cross-site scripting (XSS) vulnerabilities in ASP Forum Scrip ...)
 	NOT-FOR-US: ASP Forum Script
-CVE-2008-6890
+CVE-2008-6890 (SQL injection vulnerability in messages.asp in ASP Forum Script allows ...)
 	NOT-FOR-US: ASP Forum Script
-CVE-2008-6889
+CVE-2008-6889 (SQL injection vulnerability in Merchantsadd.asp in ASPReferral 5.3 all ...)
 	NOT-FOR-US: ASPReferral
-CVE-2008-6888
+CVE-2008-6888 (Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classifi ...)
 	NOT-FOR-US: Pre Classified Listings
-CVE-2008-6887
+CVE-2008-6887 (SQL injection vulnerability in detailad.asp in Pre Classified Listings ...)
 	NOT-FOR-US: Pre Classified Listings
-CVE-2008-6886
+CVE-2008-6886 (RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict ...)
 	NOT-FOR-US: RSA EnVision
-CVE-2008-6885
+CVE-2008-6885 (Cross-site scripting (XSS) vulnerability in pmlite.php in XOOPS 2.3.1  ...)
 	NOT-FOR-US: XOOPS
-CVE-2008-6884
+CVE-2008-6884 (Multiple directory traversal vulnerabilities in XOOPS 2.3.1, when regi ...)
 	NOT-FOR-US: XOOPS
-CVE-2008-6883
+CVE-2008-6883 (SQL injection vulnerability in the Live Chat (com_livechat) component  ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6882
+CVE-2008-6882 (Live Chat (com_livechat) component 1.0 for Joomla! allows remote attac ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6881
+CVE-2008-6881 (Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6880
+CVE-2008-6880 (SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes  ...)
 	NOT-FOR-US: EasySiteNetwork Free Jokes Website
-CVE-2008-6879
+CVE-2008-6879 (Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3. ...)
 	NOT-FOR-US: Apache Roller
-CVE-2008-6878
+CVE-2008-6878 (** DISPUTED ** Directory traversal vulnerability in admin/includes/lan ...)
 	NOT-FOR-US: Zen Cart
 CVE-2008-6877
 	NOT-FOR-US: Zen Cart
-CVE-2008-6876
+CVE-2008-6876 (Cross-site scripting (XSS) vulnerability in login.php in EsPartenaires ...)
 	NOT-FOR-US: EsPartenaires
-CVE-2008-6875
+CVE-2008-6875 (SQL injection vulnerability in default.asp in ASP Product Catalog allo ...)
 	NOT-FOR-US: ASP Product Catalog
-CVE-2008-6874
+CVE-2008-6874 (Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 an ...)
 	NOT-FOR-US: ASP SiteWare autoDealer
-CVE-2008-6873
+CVE-2008-6873 (SQL injection vulnerability in Active Web Mail 4.0 allows remote attac ...)
 	NOT-FOR-US: Active Web Mail 4.0
-CVE-2008-6872
+CVE-2008-6872 (ASPThai.NET ASPThai Forums 8.5 stores sensitive information under the  ...)
 	NOT-FOR-US: ASPThai.NET ASPThai Forums
-CVE-2008-6871
+CVE-2008-6871 (Merlix Educate Server stores db.mdb under the web root with insufficie ...)
 	NOT-FOR-US: Merlix Educate Server
-CVE-2008-6870
+CVE-2008-6870 (Merlix Educate Server allows remote attackers to bypass intended secur ...)
 	NOT-FOR-US: Merlix Educate Server
-CVE-2008-6869
+CVE-2008-6869 (Oramon Oracle Database Monitoring Tool 2.0.1 stores sensitive informat ...)
 	NOT-FOR-US: Oramon Oracle Database Monitoring Tool
-CVE-2008-6868
+CVE-2008-6868 (Cross-site scripting (XSS) vulnerability in default/login.php in Edite ...)
 	NOT-FOR-US: EsBaseAdmin
-CVE-2008-6867
+CVE-2008-6867 (SQL injection vulnerability in content.php in Scripts For Sites (SFS)  ...)
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6866
+CVE-2008-6866 (SQL injection vulnerability in modules.php in the Current_Issue module ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-6865
+CVE-2008-6865 (SQL injection vulnerability in modules.php in the Sectionsnew module f ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-6864
+CVE-2008-6864 (Xigla Software Absolute Live Support .NET 5.1 allows remote attackers  ...)
 	NOT-FOR-US: Xigla Software Absolute Live Support .NET
-CVE-2008-6863
+CVE-2008-6863 (Xigla Software Absolute Form Processor .NET 4.0 allows remote attacker ...)
 	NOT-FOR-US: Xigla Software
-CVE-2008-6862
+CVE-2008-6862 (Absolute Content Rotator 6.0 allows remote attackers to bypass authent ...)
 	NOT-FOR-US: Absolute Content Rotator
-CVE-2008-6861
+CVE-2008-6861 (Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote attackers ...)
 	NOT-FOR-US: Xigla Software Absolute Newsletter
-CVE-2008-6860
+CVE-2008-6860 (Xigla Software Absolute Poll Manager XE 4.1 allows remote attackers to ...)
 	NOT-FOR-US: Xigla Software Absolute Poll Manager
-CVE-2008-6859
+CVE-2008-6859 (Xigla Software Absolute Control Panel XE 1.5 allows remote attackers t ...)
 	NOT-FOR-US: Xigla Software Absolute Control Panel
-CVE-2008-6858
+CVE-2008-6858 (Absolute Banner Manager .NET 4.0 allows remote attackers to bypass aut ...)
 	NOT-FOR-US: Absolute Banner Manager .NET
-CVE-2008-6857
+CVE-2008-6857 (Absolute Podcast .NET 1.0 allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: Absolute Podcast .NET
-CVE-2008-6856
+CVE-2008-6856 (Xigla Software Absolute News Manager.NET 5.1 allows remote attackers t ...)
 	NOT-FOR-US: Xigla Software Absolute News Manager.NET
-CVE-2008-6855
+CVE-2008-6855 (Xigla Software Absolute News Feed 1.0 and possibly 1.5 allows remote a ...)
 	NOT-FOR-US: Xigla Software Absolute News Feed
-CVE-2008-6854
+CVE-2008-6854 (Xigla Software Absolute FAQ Manager.NET 6.0 allows remote attackers to ...)
 	NOT-FOR-US: Xigla Software Absolute FAQ Manager.NET
-CVE-2008-6853
+CVE-2008-6853 (SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3 ...)
 	NOT-FOR-US: AIST NetCat
-CVE-2008-6852
+CVE-2008-6852 (SQL injection vulnerability in the Ice Gallery (com_ice) component 0.5 ...)
 	NOT-FOR-US: Joomla! component
-CVE-2008-6851
+CVE-2008-6851 (SQL injection vulnerability in page.php in PHP Link Directory (phpLD)  ...)
 	NOT-FOR-US: PHP Link Directory
-CVE-2008-6850
+CVE-2008-6850 (Cross-site scripting (XSS) vulnerability in messages.php in PHP-Fusion ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-6849
+CVE-2008-6849 (Unrestricted file upload vulnerability in index.php in phpGreetCards 3 ...)
 	NOT-FOR-US: phpGreetCards
-CVE-2008-6848
+CVE-2008-6848 (Cross-site scripting (XSS) vulnerability in index.php in phpGreetCards ...)
 	NOT-FOR-US: phpGreetCards
-CVE-2008-6847
+CVE-2008-6847 (Cross-site scripting (XSS) vulnerability in Employee/emp_login.asp in  ...)
 	NOT-FOR-US: Pre ASP Job Board
-CVE-2008-6846
+CVE-2008-6846 (Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0 ...)
 	NOT-FOR-US: avast! Linux Home Edition
-CVE-2008-6845
+CVE-2008-6845 (The unpack feature in ClamAV 0.93.3 and earlier allows remote attacker ...)
 	- clamav 0.94.dfsg-1
 	[etch] - clamav <no-dsa> (Support was discontinued)
-CVE-2008-6844
+CVE-2008-6844 (The registration view (/user/register) in eZ Publish 3.5.6 and earlier ...)
 	NOT-FOR-US: eZ Publish
-CVE-2008-6843
+CVE-2008-6843 (Directory traversal vulnerability in index.php in Fantastico, as used  ...)
 	NOT-FOR-US: Fantastico
-CVE-2008-6842
+CVE-2008-6842 (Directory traversal vulnerability in data/modules/blog/module_pages_si ...)
 	NOT-FOR-US: Pluck
-CVE-2008-6841
+CVE-2008-6841 (PHP remote file inclusion vulnerability in the Green Mountain Informat ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2008-6840
+CVE-2008-6840 (Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4  ...)
 	NOT-FOR-US: V-webmail
-CVE-2008-6839
+CVE-2008-6839 (Multiple cross-site scripting (XSS) vulnerabilities in TGS Content Man ...)
 	NOT-FOR-US: TGS Content Management
-CVE-2008-6838
+CVE-2008-6838 (Cross-site scripting (XSS) vulnerability in search.php in Zoph 0.7.2.1 ...)
 	- zoph 0.8.0.1-1 (low; bug #535188)
 	[lenny] - zoph <no-dsa> (Minor issue, fringe package)
 	NOTE: it seems a duplicate of CVE-2008-3258
-CVE-2008-6837
+CVE-2008-6837 (SQL injection vulnerability in Zoph 0.7.2.1 allows remote attackers to ...)
 	- zoph 0.8.0.1-1 (bug #535188)
 	[lenny] - zoph <no-dsa> (Minor issue, fringe package)
 	NOTE: the details are unknown
-CVE-2008-6836
+CVE-2008-6836 (Cross-site request forgery (CSRF) vulnerability in OpenID 5.x before 5 ...)
 	NOT-FOR-US: OpenID module for Drupal
-CVE-2008-6835
+CVE-2008-6835 (Cross-site scripting (XSS) vulnerability in OpenID 5.x before 5.x-1.2, ...)
 	NOT-FOR-US: OpenID module for Drupal
-CVE-2008-6834
+CVE-2008-6834 (Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 a ...)
 	NOT-FOR-US: fuzzylime
-CVE-2008-6833
+CVE-2008-6833 (Directory traversal vulnerability in commsrss.php in fuzzylime (cms) b ...)
 	NOT-FOR-US: fuzzylime
-CVE-2008-6832
+CVE-2008-6832 (Cross-site request forgery (CSRF) vulnerability in Atlassian JIRA Ente ...)
 	NOT-FOR-US: Atlassian JIRA Enterprise Edition
-CVE-2008-6831
+CVE-2008-6831 (Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA  ...)
 	NOT-FOR-US: Atlassian JIRA Enterprise Edition
-CVE-2008-6830
+CVE-2008-6830 (The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Ja ...)
 	NOT-FOR-US: Java Application Servers
-CVE-2008-6829
+CVE-2008-6829 (VicFTPS 5.0 allows remote attackers to cause a denial of service (cras ...)
 	NOT-FOR-US: VicFTPS
-CVE-2008-6828
+CVE-2008-6828 (Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-6827
+CVE-2008-6827 (The ListView control in the Client GUI (AClient.exe) in Symantec Altir ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-6826
+CVE-2008-6826 (dhtml.pl in MHF Media Pro allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: MHF Media Pro
-CVE-2008-6825
+CVE-2008-6825 (Directory traversal vulnerability in user/index.php in Fonality trixbo ...)
 	NOT-FOR-US: trixbox
-CVE-2008-6824
+CVE-2008-6824 (The management interface on the A-LINK WL54AP3 and WL54AP2 access poin ...)
 	NOT-FOR-US: A-LINK WL54AP3 and WL54AP2 access points
-CVE-2008-6823
+CVE-2008-6823 (Multiple cross-site request forgery (CSRF) vulnerabilities in the mana ...)
 	NOT-FOR-US: A-LINK WL54AP3 and WL54AP2 access points
-CVE-2008-6822
+CVE-2008-6822 (Unrestricted file upload vulnerability in uploadp.php in New Earth Pro ...)
 	NOT-FOR-US: NEPT Image Uploader
-CVE-2008-6821
+CVE-2008-6821 (Buffer overflow in the DAS server in IBM DB2 8 before FP17, 9.1 before ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-6820
+CVE-2008-6820 (The db2fmp process in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 b ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-6819
+CVE-2008-6819 (win32k.sys in Microsoft Windows Server 2003 and Vista allows local use ...)
 	NOT-FOR-US: Microsoft Windows Server 2003 and Vista
-CVE-2008-6818
+CVE-2008-6818 (Mole Group Real Estate Script 1.1 and earlier stores passwords in clea ...)
 	NOT-FOR-US: Mole Group Real Estate Script
-CVE-2008-6817
+CVE-2008-6817 (Mole Group Lastminute Script 4.0 and earlier stores passwords in clear ...)
 	NOT-FOR-US: Mole Group Lastminute Script
-CVE-2008-6816
+CVE-2008-6816 (Eaton MGEOPS Network Shutdown Module before 3.10 Build 13 allows remot ...)
 	NOT-FOR-US: Eaton
-CVE-2008-6815
+CVE-2008-6815 (mykdownload.php in MyKtools 2.4 does not require administrative authen ...)
 	NOT-FOR-US: MyKtools
-CVE-2008-6814
+CVE-2008-6814 (Unrestricted file upload vulnerability in image_upload.php in the Simp ...)
 	NOT-FOR-US: SimpleBoard for Mambo
-CVE-2008-6813
+CVE-2008-6813 (SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Editi ...)
 	NOT-FOR-US: phpWebNews
-CVE-2008-6812
+CVE-2008-6812 (SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Ed ...)
 	NOT-FOR-US: phpWebNews
-CVE-2008-6811
+CVE-2008-6811 (Unrestricted file upload vulnerability in image_processing.php in the  ...)
 	NOT-FOR-US: e-Commerce Plugin for Wordpress
-CVE-2008-6810
+CVE-2008-6810 (Multiple SQL injection vulnerabilities in admin/checklogin.php in Vena ...)
 	NOT-FOR-US: Venalsur Booking center Booking System
-CVE-2008-6809
+CVE-2008-6809 (SQL injection vulnerability in hotel_habitaciones.php in Venalsur Book ...)
 	NOT-FOR-US: Venalsur Booking center Booking System
-CVE-2008-6808
+CVE-2008-6808 (SQL injection vulnerability in links.php in Scripts for Sites (SFS) EZ ...)
 	NOT-FOR-US: SFS Link Directory
-CVE-2008-6807
+CVE-2008-6807 (PHP remote file inclusion vulnerability in ListRecords.php in osprey 1 ...)
 	NOT-FOR-US: osprey
-CVE-2008-6806
+CVE-2008-6806 (Unrestricted file upload vulnerability in includes/imageupload.php in  ...)
 	NOT-FOR-US: 7Shop
-CVE-2008-6805
+CVE-2008-6805 (Multiple SQL injection vulnerabilities in Mic_Blog 0.0.3, when magic_q ...)
 	NOT-FOR-US: Mic_Blog
-CVE-2008-6804
+CVE-2008-6804 (** DISPUTED ** Tribiq CMS 5.0.9a beta allows remote attackers to bypas ...)
 	NOT-FOR-US: Tribiq CMS Community
-CVE-2008-6803
+CVE-2008-6803 (SQL injection vulnerability in diziler.asp in Yigit Aybuga Dizi Portal ...)
 	NOT-FOR-US: Yigit Aybuga Dizi Portali
-CVE-2008-6802
+CVE-2008-6802 (Multiple SQL injection vulnerabilities in index.php in phPhotoGallery  ...)
 	NOT-FOR-US: phPhotoGallery
-CVE-2008-6801
+CVE-2008-6801 (Cross-site request forgery (CSRF) vulnerability in Vivvo CMS before 4. ...)
 	NOT-FOR-US: Vivvo CMS
 CVE-2008-6800
 	REJECTED
-CVE-2008-6799
+CVE-2008-6799 (connection.php in FlashChat 5.0.8 allows remote attackers to bypass th ...)
 	NOT-FOR-US: FlashChat
-CVE-2008-6798
+CVE-2008-6798 (Multiple SQL injection vulnerabilities in login.php in Pre Projects Pr ...)
 	NOT-FOR-US: Pre Real Estate Listings
-CVE-2008-6797
+CVE-2008-6797 (The server in Mitel NuPoint Messenger R11 and R3 sends usernames and p ...)
 	NOT-FOR-US: Mitel NuPoint Messenger
-CVE-2008-6796
+CVE-2008-6796 (SQL injection vulnerability in manager/login.php in Pre Projects Pre R ...)
 	NOT-FOR-US: Pre Real Estate Listings
-CVE-2008-6795
+CVE-2008-6795 (SQL injection vulnerability in view_news.php in nicLOR Vibro-School-CM ...)
 	NOT-FOR-US: nicLOR Vibro-School-CMS
-CVE-2008-6794
+CVE-2008-6794 (SQL injection vulnerability in directory.php in Scripts For Sites (SFS ...)
 	NOT-FOR-US: Scripts For Sites (SFS)
-CVE-2008-6793
+CVE-2008-6793 (The get_file_type function in lib/file_content.php in DFLabs PTK 0.1,  ...)
 	NOT-FOR-US: DFLabs
-CVE-2008-6792
+CVE-2008-6792 (system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used  ...)
 	- system-tools-backends 2.6.0-6.1 (low; bug #527952)
 	[lenny] - system-tools-backends 2.6.0-2lenny3
 	[etch] - system-tools-backends <not-affected> (SHA was added to crypt(3) post-etch)
-CVE-2008-6791
+CVE-2008-6791 (PumpKIN TFTP Server 2.7.2.0 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: PumpKIN TFTP Server
-CVE-2008-6790
+CVE-2008-6790 (The admin module in MindDezign Photo Gallery 2.2 allows remote attacke ...)
 	NOT-FOR-US: MindDezign Photo Gallery
-CVE-2008-6789
+CVE-2008-6789 (SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows rem ...)
 	NOT-FOR-US: MindDezign Photo Gallery
-CVE-2008-6788
+CVE-2008-6788 (SQL injection vulnerability in MindDezign Photo Gallery 2.2, when magi ...)
 	NOT-FOR-US: MindDezign Photo Gallery
-CVE-2008-6787
+CVE-2008-6787 (SQL injection vulnerability in administrator/index.php in Lizardware C ...)
 	NOT-FOR-US: Lizardware CMS
-CVE-2008-6786
+CVE-2008-6786 (Multiple directory traversal vulnerabilities in geekigeeki.py in Geeki ...)
 	NOT-FOR-US: GeekiGeeki
-CVE-2008-6785
+CVE-2008-6785 (Unrestricted file upload vulnerability in Mini File Host 1.5 allows re ...)
 	NOT-FOR-US: Mini File Host
-CVE-2008-6784
+CVE-2008-6784 (SQL injection vulnerability in directory.php in Scripts For Sites (SFS ...)
 	NOT-FOR-US: EZ Adult Directory
-CVE-2008-6783
+CVE-2008-6783 (SQL injection vulnerability in directory.php in Sites for Scripts (SFS ...)
 	NOT-FOR-US: EZ Home Business Directory
-CVE-2008-6782
+CVE-2008-6782 (SQL injection vulnerability in directory.php in Sites for Scripts (SFS ...)
 	NOT-FOR-US: EZ Hosting Directory
-CVE-2008-6781
+CVE-2008-6781 (SQL injection vulnerability in directory.php in Sites for Scripts (SFS ...)
 	NOT-FOR-US: Gaming Directory
-CVE-2008-6780
+CVE-2008-6780 (SQL injection vulnerability in directory.php in Scripts for Sites (SFS ...)
 	NOT-FOR-US: EZ Affiliate
-CVE-2008-6779
+CVE-2008-6779 (SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-6778
+CVE-2008-6778 (SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) ...)
 	NOT-FOR-US: EZ Auction
-CVE-2008-6777
+CVE-2008-6777 (Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier  ...)
 	NOT-FOR-US: MyPHP Forum
-CVE-2008-6776
+CVE-2008-6776 (SQL injection vulnerability in viewcomments.php in Scripts For Sites ( ...)
 	NOT-FOR-US: EZ Hot or Not
-CVE-2008-6775
+CVE-2008-6775 (HTC Touch Pro and HTC Touch Cruise vCard allows remote attackers to ca ...)
 	NOT-FOR-US: HTC Touch
-CVE-2008-6774
+CVE-2008-6774 (internettoolbar/edit.php in YourPlace 1.0.2 and earlier does not end e ...)
 	NOT-FOR-US: YourPlace
-CVE-2008-6773
+CVE-2008-6773 (Static code injection vulnerability in user/internettoolbar/edit.php i ...)
 	NOT-FOR-US: YourPlace
-CVE-2008-6772
+CVE-2008-6772 (login/register_form.php in YourPlace 1.0.2 and earlier does not check  ...)
 	NOT-FOR-US: YourPlace
-CVE-2008-6771
+CVE-2008-6771 (YourPlace 1.0.2 and earlier allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: YourPlace
-CVE-2008-6770
+CVE-2008-6770 (YourPlace 1.0.2 and earlier stores sensitive information under the web ...)
 	NOT-FOR-US: YourPlace
-CVE-2008-6769
+CVE-2008-6769 (Unrestricted file upload vulnerability in upload.php in YourPlace 1.0. ...)
 	NOT-FOR-US: YourPlace
-CVE-2008-6768
+CVE-2008-6768 (Unrestricted file upload vulnerability in admin/editor/images.php in K ...)
 	NOT-FOR-US: K&S Shopsoftware
-CVE-2008-6767
+CVE-2008-6767 (wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attac ...)
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1 (low; bug #531736)
 	NOTE: low impact, probably no-dsa
-CVE-2008-6766
+CVE-2008-6766 (cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote atta ...)
 	NOT-FOR-US: ViArt Shop (aka Shopping Cart)
-CVE-2008-6765
+CVE-2008-6765 (ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to access t ...)
 	NOT-FOR-US: ViArt Shop (aka Shopping Cart)
-CVE-2008-6764
+CVE-2008-6764 (Cross-site scripting (XSS) vulnerability in login.php in Silentum Logi ...)
 	NOT-FOR-US: Silentum LoginSys
-CVE-2008-6763
+CVE-2008-6763 (login2.php in Silentum LoginSys 1.0.0 allows remote attackers to bypas ...)
 	NOT-FOR-US: Silentum LoginSys
-CVE-2008-6762
+CVE-2008-6762 (Open redirect vulnerability in wp-admin/upgrade.php in WordPress, prob ...)
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1 (low; bug #531736)
 	NOTE: low impact, probably no-dsa
-CVE-2008-6761
+CVE-2008-6761 (Static code injection vulnerability in admin/install.php in Flexcustom ...)
 	NOT-FOR-US: Flexcustomer
-CVE-2008-6760
+CVE-2008-6760 (ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain s ...)
 	NOT-FOR-US: ViArt Shop (aka Shopping Cart)
-CVE-2008-6759
+CVE-2008-6759 (ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain s ...)
 	NOT-FOR-US: ViArt Shop (aka Shopping Cart)
-CVE-2008-6758
+CVE-2008-6758 (Cross-site request forgery (CSRF) vulnerability in cart_save.php in Vi ...)
 	NOT-FOR-US: ViArt Shop (aka Shopping Cart)
-CVE-2008-6757
+CVE-2008-6757 (Cross-site scripting (XSS) vulnerability in manuals_search.php in ViAr ...)
 	NOT-FOR-US: ViArt Shop (aka Shopping Cart)
-CVE-2008-6756
+CVE-2008-6756 (ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for /etc/zm.co ...)
 	- zoneminder 1.22.3-5
-CVE-2008-6755
+CVE-2008-6755 (ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to t ...)
 	- zoneminder 1.24.1-1 (unimportant; bug #528252)
 	NOTE: we are also affected but this is not a security issue by itself even if it's ugly
-CVE-2008-6754
+CVE-2008-6754 (The Personal Sticky Threads addon 1.0.3c for vBulletin allows remote a ...)
 	NOT-FOR-US: vBullerin addon
-CVE-2008-6753
+CVE-2008-6753 (SQL injection vulnerability in SilverStripe before 2.2.2 allows remote ...)
 	NOT-FOR-US: SilverStripe
-CVE-2008-6752
+CVE-2008-6752 (adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou ...)
 	NOT-FOR-US: Twitter Clone (TClone) plugin for ReVou Micro Blogging
-CVE-2008-6751
+CVE-2008-6751 (Unrestricted file upload vulnerability in index.php in the Twitter Clo ...)
 	NOT-FOR-US: Twitter Clone (TClone) plugin for ReVou Micro Blogging
-CVE-2008-6750
+CVE-2008-6750 (Unrestricted file upload vulnerability in add.php in FlexPHPDirectory  ...)
 	NOT-FOR-US: FlexPHPDirectory
-CVE-2008-6749
+CVE-2008-6749 (Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexP ...)
 	NOT-FOR-US: FlexPHPDirectory
-CVE-2008-6748
+CVE-2008-6748 (Eval injection vulnerability in Megacubo 5.0.7 allows remote attackers ...)
 	NOT-FOR-US: Megacubo
-CVE-2008-6747
+CVE-2008-6747 (dotProject before 2.1.2 does not properly restrict access to administr ...)
 	NOT-FOR-US: dotProject
-CVE-2008-6746
+CVE-2008-6746 (Cross-site scripting (XSS) vulnerability in the contact display view i ...)
 	NOT-FOR-US: Turba Contact Manager
-CVE-2008-6745
+CVE-2008-6745 (index.php in BlogPHP 2.0 allows remote attackers to gain administrator ...)
 	NOT-FOR-US: BlogPHP
-CVE-2008-6744
+CVE-2008-6744 (Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cy ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2008-6743
+CVE-2008-6743 (RSMScript 1.21 allows remote attackers to bypass authentication and ga ...)
 	NOT-FOR-US: RSMScript
-CVE-2008-6742
+CVE-2008-6742 (Foxy P2P software allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Foxy P2P
-CVE-2008-6741
+CVE-2008-6741 (SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-6740
+CVE-2008-6740 (PHP remote file inclusion vulnerability in html/admin/modules/plugin_a ...)
 	NOT-FOR-US: HoMaP-CMS
-CVE-2008-6739
+CVE-2008-6739 (Todd Woolums ASP Download management script 1.03 does not require auth ...)
 	NOT-FOR-US: Todd Woolums ASP Download management script
-CVE-2008-6738
+CVE-2008-6738 (MyShoutPro 1.2 allows remote attackers to bypass authentication and ga ...)
 	NOT-FOR-US: MyShoutPro
-CVE-2008-6737
+CVE-2008-6737 (Crysis 1.21 and earlier allows remote attackers to obtain sensitive pl ...)
 	NOT-FOR-US: Crysis
-CVE-2008-6736
+CVE-2008-6736 (Flat Calendar 1.1 does not properly restrict access to administrative  ...)
 	NOT-FOR-US: Flat Calendar
-CVE-2008-6735
+CVE-2008-6735 (Directory traversal vulnerability in qc/index.php in ThaiQuickCart 3 a ...)
 	NOT-FOR-US: ThaiQuickCart
-CVE-2008-6734
+CVE-2008-6734 (Directory traversal vulnerability in Public/index.php in Keller Web Ad ...)
 	NOT-FOR-US: Keller Web Admin CMS
-CVE-2008-6733
+CVE-2008-6733 (Cross-site scripting (XSS) vulnerability in the error handling page in ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6732
+CVE-2008-6732 (Cross-site scripting (XSS) vulnerability in the Language skin object i ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6731
+CVE-2008-6731 (Unrestricted file upload vulnerability in submitlink.php in FlexPHPLin ...)
 	NOT-FOR-US: FlexPHPLink Pro
-CVE-2008-6730
+CVE-2008-6730 (Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexP ...)
 	NOT-FOR-US: FlexPHPLink Pro
-CVE-2008-6729
+CVE-2008-6729 (Multiple cross-site request forgery (CSRF) vulnerabilities in password ...)
 	NOT-FOR-US: PHPmotion
-CVE-2008-6728
+CVE-2008-6728 (SQL injection vulnerability in the Sections module in PHP-Nuke, probab ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-6727
+CVE-2008-6727 (Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2 ...)
 	NOT-FOR-US: Ultimate PHP Board
-CVE-2008-6726
+CVE-2008-6726 (Multiple directory traversal vulnerabilities in CMScout 2.06, when reg ...)
 	NOT-FOR-US: CMScout
-CVE-2008-6725
+CVE-2008-6725 (Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote au ...)
 	NOT-FOR-US: CMScout
-CVE-2008-6724
+CVE-2008-6724 (Cross-site scripting (XSS) vulnerability in index.pl in Perl Nopaste 1 ...)
 	NOT-FOR-US: Perl Nopaste
-CVE-2008-6723
+CVE-2008-6723 (TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypas ...)
 	NOT-FOR-US: TurnkeyForms
-CVE-2008-6722
+CVE-2008-6722 (Novell Access Manager 3 SP4 does not properly expire X.509 certificate ...)
 	NOT-FOR-US: Novell Access Manager
-CVE-2008-6721
+CVE-2008-6721 (SQL injection vulnerability in index.php in AJ Square AJ Article allow ...)
 	NOT-FOR-US: AJ Square AJ Article
-CVE-2008-6720
+CVE-2008-6720 (SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP ...)
 	NOT-FOR-US: DeltaScripts PHP Links
-CVE-2008-6719
+CVE-2008-6719 (U&amp;M Software Event Lister (aka JustListIt) 1.0 does not require ad ...)
 	NOT-FOR-US: Software Event Lister
-CVE-2008-6718
+CVE-2008-6718 (U&amp;M Software JustBookIt 1.0 does not require administrative authen ...)
 	NOT-FOR-US: JustBookIt
-CVE-2008-6717
+CVE-2008-6717 (U&amp;M Software Signup 1.0 and 1.1 does not require administrative au ...)
 	NOT-FOR-US: Software Signup
-CVE-2008-6716
+CVE-2008-6716 (homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not req ...)
 	NOT-FOR-US: Pre ADS Portal
-CVE-2008-6715
+CVE-2008-6715 (Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal  ...)
 	NOT-FOR-US: Pre ADS Portal
-CVE-2008-6714
+CVE-2008-6714 (admin.php in xeCMS 1.0.0 RC2 and earlier allows remote attackers to by ...)
 	NOT-FOR-US: xeCMS
-CVE-2008-6713
+CVE-2008-6713 (World in Conflict (WIC) 1.008 and earlier allows remote attackers to c ...)
 	NOT-FOR-US: World in Conflict
-CVE-2008-6712
+CVE-2008-6712 (The HTTP/XML-RPC service in Crysis 1.21 (game version 1.1.1.6156) and  ...)
 	NOT-FOR-US: Crysis
-CVE-2008-6711
+CVE-2008-6711 (Unspecified vulnerability in the Web administration interface in Avaya ...)
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-6710
+CVE-2008-6710 (Unspecified vulnerability in the Web administration interface in Avaya ...)
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-6709
+CVE-2008-6709 (Unspecified vulnerability in the Web management interface in Avaya SIP ...)
 	NOT-FOR-US: Avaya SIP Enablement Services
-CVE-2008-6708
+CVE-2008-6708 (Unspecified vulnerability in the Web management interface in Avaya SIP ...)
 	NOT-FOR-US: Avaya SIP Enablement Services
-CVE-2008-6707
+CVE-2008-6707 (The Web management interface in Avaya SIP Enablement Services (SES) 3. ...)
 	NOT-FOR-US: Avaya SIP Enablement Services
-CVE-2008-6706
+CVE-2008-6706 (Multiple unspecified vulnerabilities in the Web management interface i ...)
 	NOT-FOR-US: Avaya SIP Enablement Services
-CVE-2008-6705
+CVE-2008-6705 (The MultipacketReciever::RecievePacket function in S.T.A.L.K.E.R.: Sha ...)
 	NOT-FOR-US: S.T.A.L.K.E.R.: Shadow of Chernobyl
-CVE-2008-6704
+CVE-2008-6704 (Integer overflow in the NET_Compressor::Decompress function in S.T.A.L ...)
 	NOT-FOR-US: S.T.A.L.K.E.R.: Shadow of Chernobyl
-CVE-2008-6703
+CVE-2008-6703 (Stack-based buffer overflow in the IPureServer::_Recieve function in S ...)
 	NOT-FOR-US: S.T.A.L.K.E.R.: Shadow of Chernobyl
-CVE-2008-6702
+CVE-2008-6702 (S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote a ...)
 	NOT-FOR-US: S.T.A.L.K.E.R.: Shadow of Chernobyl
-CVE-2008-6701
+CVE-2008-6701 (NetScout (formerly Network General) Visualizer V2100 and InfiniStream  ...)
 	NOT-FOR-US: NetScout Visualizer
-CVE-2008-6700
+CVE-2008-6700 (Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organ ...)
 	NOT-FOR-US: Butterfly Organizer
-CVE-2008-6699
+CVE-2008-6699 (Cross-site scripting (XSS) vulnerability in Resource Library (tjs_resl ...)
 	NOT-FOR-US: Resource Library extension for TYPO3
-CVE-2008-6698
+CVE-2008-6698 (Cross-site scripting (XSS) vulnerability in TARGET-E WorldCup Bets (wo ...)
 	NOT-FOR-US: WorldCup Bets extension for TYPO3
-CVE-2008-6697
+CVE-2008-6697 (SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 ...)
 	NOT-FOR-US: WorldCup Bets extension for TYPO3
-CVE-2008-6696
+CVE-2008-6696 (SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and earl ...)
 	NOT-FOR-US: Fussballtippspiel extension for TYPO3
-CVE-2008-6695
+CVE-2008-6695 (SQL injection vulnerability in TIMTAB social bookmark icons (timtab_so ...)
 	NOT-FOR-US: TIMTAB social bookmark icons extension for TYPO3
-CVE-2008-6694
+CVE-2008-6694 (SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TY ...)
 	NOT-FOR-US: Random Prayer extension for TYPO3
-CVE-2008-6693
+CVE-2008-6693 (SQL injection vulnerability in Download system (sb_downloader) extensi ...)
 	NOT-FOR-US: Download system extension for TYPO3
-CVE-2008-6692
+CVE-2008-6692 (SQL injection vulnerability in Diocese of Portsmouth Training Courses  ...)
 	NOT-FOR-US: Training Courses extension for TYPO3
-CVE-2008-6691
+CVE-2008-6691 (SQL injection vulnerability in Diocese of Portsmouth Calendar Today (p ...)
 	NOT-FOR-US: Calendar Today extension for TYPO3
-CVE-2008-6690
+CVE-2008-6690 (Unspecified vulnerability in nepa-design.de Spam Protection (nd_antisp ...)
 	NOT-FOR-US: Spam Protection extension for TYPO3
-CVE-2008-6689
+CVE-2008-6689 (SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and e ...)
 	NOT-FOR-US: JobControl extension for TYPO3
-CVE-2008-6688
+CVE-2008-6688 (Cross-site scripting (XSS) vulnerability in JobControl (dmmjobcontrol) ...)
 	NOT-FOR-US: JobControl extension for TYPO3
-CVE-2008-6687
+CVE-2008-6687 (Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglema ...)
 	NOT-FOR-US: DCD GoogleMap extension for TYPO3
-CVE-2008-6686
+CVE-2008-6686 (SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier ex ...)
 	NOT-FOR-US: CoolURI extension for TYPO3
-CVE-2008-6685
+CVE-2008-6685 (Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0. ...)
 	NOT-FOR-US: Frontend Filemanager extension for TYPO3
-CVE-2008-6684
+CVE-2008-6684 (Unrestricted file upload vulnerability in editimage.php in Apartment S ...)
 	NOT-FOR-US: Apartment Search Script
-CVE-2008-6683
+CVE-2008-6683 (Cross-site scripting (XSS) vulnerability in listtest.php in Apartment  ...)
 	NOT-FOR-US: Apartment Search Script
-CVE-2008-6682
+CVE-2008-6682 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2 ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
-CVE-2008-6681
+CVE-2008-6681 (Cross-site scripting (XSS) vulnerability in dijit.Editor in Dojo befor ...)
 	NOT-FOR-US: Dojo
-CVE-2008-6679
+CVE-2008-6679 (Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and ...)
 	{DSA-2080-1}
 	- ghostscript 8.64~dfsg-1 (medium; bug #524803)
 	- gs-gpl <removed> (medium; bug #561717)
-CVE-2008-6678
+CVE-2008-6678 (SQL injection vulnerability in asp/includes/contact.asp in QuickerSite ...)
 	NOT-FOR-US: QuickerSite
-CVE-2008-6677
+CVE-2008-6677 (Unrestricted file upload vulnerability in fckeditor251/editor/filemana ...)
 	NOT-FOR-US: QuickerSite
-CVE-2008-6676
+CVE-2008-6676 (QuickerSite 1.8.5 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: QuickerSite
-CVE-2008-6675
+CVE-2008-6675 (Multiple cross-site scripting (XSS) vulnerabilities in QuickerSite 1.8 ...)
 	NOT-FOR-US: QuickerSite
-CVE-2008-6674
+CVE-2008-6674 (mailPage.asp in QuickerSite 1.8.5 allows remote attackers to flood e-m ...)
 	NOT-FOR-US: QuickerSite
-CVE-2008-6673
+CVE-2008-6673 (asp/bs_login.asp in QuickerSite 1.8.5 does not properly restrict acces ...)
 	NOT-FOR-US: QuickerSite
-CVE-2008-6672
+CVE-2008-6672 (Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a d ...)
 	NOT-FOR-US: Vertex4 SunAge
-CVE-2008-6671
+CVE-2008-6671 (Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a d ...)
 	NOT-FOR-US: Vertex4 SunAge
-CVE-2008-6670
+CVE-2008-6670 (Integer overflow in Vertex4 SunAge 1.08.1 and earlier allows remote at ...)
 	NOT-FOR-US: Vertex4 SunAge
-CVE-2008-6669
+CVE-2008-6669 (viewrq.php in nweb2fax 0.2.7 and earlier allows remote attackers to ex ...)
 	NOT-FOR-US: nweb2fax
-CVE-2008-6668
+CVE-2008-6668 (Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and ear ...)
 	NOT-FOR-US: nweb2fax
-CVE-2008-6667
+CVE-2008-6667 (A+ PHP Scripts News Management System (NMS) allows remote attackers to ...)
 	NOT-FOR-US: A+ PHP Scripts News Management System (NMS)
-CVE-2008-6666
+CVE-2008-6666 (Multiple cross-site scripting (XSS) vulnerabilities in Kronos webTA al ...)
 	NOT-FOR-US: Kronos webTA
-CVE-2008-6665
+CVE-2008-6665 (change.php in Ananta CMS 1.0b5, with magic_quotes_gpc disabled, allows ...)
 	NOT-FOR-US: Ananta CMS
-CVE-2008-6664
+CVE-2008-6664 (action.php in SH-News 3.0 allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: SH-News
-CVE-2008-6663
+CVE-2008-6663 (SQL injection vulnerability in profile.php in PHPAuctions.info PHPAuct ...)
 	NOT-FOR-US: PHPAuctions
-CVE-2008-6662
+CVE-2008-6662 (AVG Anti-Virus for Linux 7.5.51, and possibly earlier, allows remote a ...)
 	NOT-FOR-US: AVG Anti-Virus
-CVE-2008-6661
+CVE-2008-6661 (Multiple integer overflows in the scanning engine in Bitdefender for L ...)
 	NOT-FOR-US: Bitdefender
-CVE-2008-6660
+CVE-2008-6660 (Unrestricted file upload vulnerability in bigdump.php in Alexey Ozerov ...)
 	NOT-FOR-US: Alexey Ozerov BigDump
-CVE-2008-6659
+CVE-2008-6659 (Directory traversal vulnerability in index.php in Simple Machines Foru ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-6658
+CVE-2008-6658 (Directory traversal vulnerability in index.php in Simple Machines Foru ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-6657
+CVE-2008-6657 (Cross-site request forgery (CSRF) vulnerability in index.php in Simple ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-6680
+CVE-2008-6680 (libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause  ...)
 	{DSA-1771-1}
 	- clamav 0.95.1+dfsg-1 (medium; bug #523016)
-CVE-2008-6656
+CVE-2008-6656 (Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b ...)
 	NOT-FOR-US: Open Auto Classifieds
-CVE-2008-6655
+CVE-2008-6655 (Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL ...)
 	NOT-FOR-US: GEDCOM_TO_MYSQL
-CVE-2008-6654
+CVE-2008-6654 (Cross-site scripting (XSS) vulnerability in search_results.php in Info ...)
 	NOT-FOR-US: InfoBiz Server
-CVE-2008-6653
+CVE-2008-6653 (SQL injection vulnerability in webhosting.php in the Webhosting Compon ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6652
+CVE-2008-6652 (SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote att ...)
 	NOT-FOR-US: OneCMS
-CVE-2008-6651
+CVE-2008-6651 (Static code injection vulnerability in edithistory.php in OxYProject O ...)
 	NOT-FOR-US: OxYProject OxYBox
-CVE-2008-6650
+CVE-2008-6650 (del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary ...)
 	NOT-FOR-US: miniBloggie
-CVE-2008-6649
+CVE-2008-6649 (SQL injection vulnerability in manager/image_details_editor.php in Kto ...)
 	NOT-FOR-US: Ktools PhotoStore
-CVE-2008-6648
+CVE-2008-6648 (SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 a ...)
 	NOT-FOR-US: Ktools PhotoStore
-CVE-2008-6647
+CVE-2008-6647 (SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3  ...)
 	NOT-FOR-US: Ktools PhotoStore
-CVE-2008-6646
+CVE-2008-6646 (Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix  ...)
 	NOT-FOR-US: CoronaMatrix phpAddressBook
-CVE-2008-6645
+CVE-2008-6645 (Cross-site scripting (XSS) vulnerability in Opencosmo VisualSentinel 0 ...)
 	NOT-FOR-US: Opencosmo VisualSentinel
-CVE-2008-6644
+CVE-2008-6644 (Cross-site scripting (XSS) vulnerability in Default.aspx in DotNetNuke ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6643
+CVE-2008-6643 (LokiCMS 0.3.4 and possibly earlier versions does not properly restrict ...)
 	NOT-FOR-US: LokiCMS
-CVE-2008-6642
+CVE-2008-6642 (SQL injection vulnerability in view.php in DotContent FluentCMS 4.x al ...)
 	NOT-FOR-US: DotContent FluentCMS
-CVE-2008-6641
+CVE-2008-6641 (Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remot ...)
 	NOT-FOR-US: Shader TV
-CVE-2008-6640
+CVE-2008-6640 (Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote at ...)
 	NOT-FOR-US: BatmanPorTaL
-CVE-2008-6639
+CVE-2008-6639 (Cross-site request forgery (CSRF) vulnerability in admin.php in AjaXpl ...)
 	- ajaxplorer <itp> (bug #668381)
-CVE-2008-6638
+CVE-2008-6638 (Insecure method vulnerability in the Versalsoft HTTP Image Uploader Ac ...)
 	NOT-FOR-US: Versalsoft HTTP Image Uploader ActiveX
-CVE-2008-6637
+CVE-2008-6637 (Multiple cross-site scripting (XSS) vulnerabilities in forgotPW.php in ...)
 	NOT-FOR-US: Library Video Company SAFARI Montage
-CVE-2008-6636
+CVE-2008-6636 (PHP remote file inclusion vulnerability in skins/default.php in Geody  ...)
 	NOT-FOR-US: Geody Labs Dagger
-CVE-2008-6635
+CVE-2008-6635 (PHP remote file inclusion vulnerability in skins/default.php in Geody  ...)
 	NOT-FOR-US: Geody Labs Dagger
-CVE-2008-6634
+CVE-2008-6634 (SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attack ...)
 	NOT-FOR-US: RoomPHPlanning
-CVE-2008-6633
+CVE-2008-6633 (SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attack ...)
 	NOT-FOR-US: RoomPHPlanning
-CVE-2008-6632
+CVE-2008-6632 (SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 an ...)
 	NOT-FOR-US: MercuryBoard
-CVE-2008-6631
+CVE-2008-6631 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Bl ...)
 	NOT-FOR-US: BlogPHP
-CVE-2008-6630
+CVE-2008-6630 (Directory traversal vulnerability in the wt_gallery extension 2.5.0 an ...)
 	NOT-FOR-US: wt_gallery extension for TYPO3
-CVE-2008-6629
+CVE-2008-6629 (Cross-site scripting (XSS) vulnerability in detail.php in WEBBDOMAIN M ...)
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
 CVE-2008-6628
 	REJECTED
-CVE-2008-6627
+CVE-2008-6627 (SQL injection vulnerability in getin.php in WEBBDOMAIN WebShop 1.2, 1. ...)
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
-CVE-2008-6626
+CVE-2008-6626 (SQL injection vulnerability in getin.php in WEBBDOMAIN Quiz 1.02 and e ...)
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
-CVE-2008-6625
+CVE-2008-6625 (SQL injection vulnerability in getin.php in WEBBDOMAIN Polls (aka Poll ...)
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
-CVE-2008-6624
+CVE-2008-6624 (SQL injection vulnerability in getin.php in WEBBDOMAIN Petition 1.02,  ...)
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
-CVE-2008-6623
+CVE-2008-6623 (SQL injection vulnerability in getin.php in WEBBDOMAIN Post Card (aka  ...)
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
-CVE-2008-6622
+CVE-2008-6622 (SQL injection vulnerability in choosecard.php in WEBBDOMAIN Post Card  ...)
 	NOT-FOR-US: WEBBDOMAIN Multi Languages WebShop Online
-CVE-2008-6621
+CVE-2008-6621 (Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote ...)
 	{DSA-1903-1}
 	- graphicsmagick 1.2.3-1
-CVE-2008-6620
+CVE-2008-6620 (Multiple cross-site scripting (XSS) vulnerabilities in javascript/edit ...)
 	NOT-FOR-US: GraFX miniCWB
-CVE-2008-6619
+CVE-2008-6619 (Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSy ...)
 	NOT-FOR-US: ClassSystem
-CVE-2008-6618
+CVE-2008-6618 (Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote ...)
 	NOT-FOR-US: ClassSystem
-CVE-2008-6617
+CVE-2008-6617 (Unrestricted file upload vulnerability in adm/visual/upload.php in Sit ...)
 	NOT-FOR-US: SiteXS CMS
-CVE-2008-6616
+CVE-2008-6616 (Cross-site scripting (XSS) vulnerability in index.php in Zen Software  ...)
 	NOT-FOR-US: Zen Software Zen Cart
-CVE-2008-6615
+CVE-2008-6615 (SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 ...)
 	NOT-FOR-US: Zen Software Zen Cart
-CVE-2008-6614
+CVE-2008-6614 (Multiple SQL injection vulnerabilities in microcms-admin-login.php in  ...)
 	NOT-FOR-US: Micro CMS
-CVE-2008-6613
+CVE-2008-6613 (uploader.php in minimal-ablog 0.4 does not properly restrict access, w ...)
 	NOT-FOR-US: minimal-ablog
-CVE-2008-6612
+CVE-2008-6612 (Unrestricted file upload vulnerability in admin/uploader.php in Minima ...)
 	NOT-FOR-US: minimal-ablog
-CVE-2008-6611
+CVE-2008-6611 (SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows r ...)
 	NOT-FOR-US: minimal-ablog
-CVE-2008-6610
+CVE-2008-6610 (Absolute path traversal vulnerability in phpcksec.php in Stefan Ott ph ...)
 	NOT-FOR-US: phpcksec
-CVE-2008-6609
+CVE-2008-6609 (Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott ...)
 	NOT-FOR-US: phpcksec
-CVE-2008-6608
+CVE-2008-6608 (Multiple SQL injection vulnerabilities in DevelopItEasy Events Calenda ...)
 	NOT-FOR-US: DevelopItEasy Events Calendar
-CVE-2008-6607
+CVE-2008-6607 (Cross-site scripting (XSS) vulnerability in view.php in MatPo Link 1.2 ...)
 	NOT-FOR-US: MatPo Link
-CVE-2008-6606
+CVE-2008-6606 (SQL injection vulnerability in view.php in MatPo Link 1.2 Beta allows  ...)
 	NOT-FOR-US: MatPo Link
-CVE-2008-6605
+CVE-2008-6605 (Cross-site request forgery (CSRF) vulnerability in the xslt script in  ...)
 	NOT-FOR-US: 2wire
-CVE-2008-6604
+CVE-2008-6604 (Directory traversal vulnerability in index.php in PicoFlat CMS 0.5.9 a ...)
 	NOT-FOR-US: PicoFlat CMS
-CVE-2008-6603
+CVE-2008-6603 (MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_h ...)
 	- moin 1.7.1-1 (low)
 	[etch] - moin <not-affected> (Vulnerable code not present)
-CVE-2008-6602
+CVE-2008-6602 (Unspecified vulnerability in Download Center Lite before 2.1 has unkno ...)
 	NOT-FOR-US: Download Center Lite
-CVE-2008-6601
+CVE-2008-6601 (Unspecified vulnerability in Epona 1.5rc3 allows remote attackers to o ...)
 	NOT-FOR-US: Epona
-CVE-2008-6600
+CVE-2008-6600 (Cross-site scripting (XSS) vulnerability in the search feature in XMLP ...)
 	NOT-FOR-US: XMLPortal
-CVE-2008-6599
+CVE-2008-6599 (cookiecheck.php in CookieCheck 1.0 stores tmp/cc_sessions under the we ...)
 	NOT-FOR-US: CookieCheck
-CVE-2008-6598
+CVE-2008-6598 (Multiple race conditions in WANPIPE before 3.3.6 have unknown impact a ...)
 	NOT-FOR-US: WANPIPE
-CVE-2008-6597
+CVE-2008-6597 (Cross-site scripting (XSS) vulnerability in upload/install/index.php i ...)
 	NOT-FOR-US: PHCDownload
-CVE-2008-6596
+CVE-2008-6596 (SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allo ...)
 	NOT-FOR-US: PHCDownload
-CVE-2008-6595
+CVE-2008-6595 (SQL injection vulnerability in the pmk_rssnewsexport extension for TYP ...)
 	NOT-FOR-US: pmk_rssnewsexport extension for TYPO3
-CVE-2008-6594
+CVE-2008-6594 (SQL injection vulnerability in the cm_rdfexport extension for TYPO3 al ...)
 	NOT-FOR-US: 3dparty typo3 extension
-CVE-2008-6593
+CVE-2008-6593 (SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy ...)
 	NOT-FOR-US: LightNEasy SQLite
-CVE-2008-6592
+CVE-2008-6592 (thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (a ...)
 	NOT-FOR-US: LightNEasy SQLite
-CVE-2008-6591
+CVE-2008-6591 (LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite ...)
 	NOT-FOR-US: LightNEasy SQLite
-CVE-2008-6590
+CVE-2008-6590 (Multiple directory traversal vulnerabilities in LightNEasy "no databas ...)
 	NOT-FOR-US: LightNEasy SQLite
-CVE-2008-6589
+CVE-2008-6589 (Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy "no  ...)
 	NOT-FOR-US: LightNEasy SQLite
-CVE-2008-6588
+CVE-2008-6588 (Aztech ADSL2/2+ 4-port router has a default "isp" account with a defau ...)
 	NOT-FOR-US: Aztech port router
-CVE-2008-6587
+CVE-2008-6587 (Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze  ...)
 	NOT-FOR-US: Azureus HTML WebUI
-CVE-2008-6586
+CVE-2008-6586 (Cross-site request forgery (CSRF) vulnerability in gui/index.php in &# ...)
 	NOT-FOR-US: ?Torrent (uTorrent) WebUI
-CVE-2008-6585
+CVE-2008-6585 (Cross-site request forgery (CSRF) vulnerability in html/admin.php in T ...)
 	- torrentflux <not-affected> (Debian packaging uses a different directory layout, see bug #531614)
-CVE-2008-6584
+CVE-2008-6584 (html/index.php in TorrentFlux 2.3 allows remote authenticated users to ...)
 	- torrentflux <not-affected> (Debian packaging uses a different directory layout, see bug #531614)
-CVE-2008-6583
+CVE-2008-6583 (Buffer overflow in BS.player 2.27 build 959 allows remote attackers to ...)
 	NOT-FOR-US: BS.player
-CVE-2008-6582
+CVE-2008-6582 (SQL injection vulnerability in index.php in Miniweb 2.0 allows remote  ...)
 	NOT-FOR-US: Miniweb
-CVE-2008-6581
+CVE-2008-6581 (login.php in PhpAddEdit 1.3 allows remote attackers to bypass authenti ...)
 	NOT-FOR-US: PhpAddEdit
-CVE-2008-6580
+CVE-2008-6580 (The Red_Reservations script for ColdFusion stores sensitive informatio ...)
 	NOT-FOR-US: ColdFusion
-CVE-2008-6579
+CVE-2008-6579 (Nortel Communication Server 1000 4.50.x allows remote attackers to obt ...)
 	NOT-FOR-US: Nortel Communication Server
-CVE-2008-6578
+CVE-2008-6578 (Multiple unspecified vulnerabilities in Nortel Communication Server 10 ...)
 	NOT-FOR-US: Nortel Communication Server
-CVE-2008-6577
+CVE-2008-6577 (Nortel MG1000S, Signaling Server, and Call Server on the Communication ...)
 	NOT-FOR-US: Nortel appliances
-CVE-2008-6576
+CVE-2008-6576 (Unspecified vulnerability in the "session limitation technique" in the ...)
 	NOT-FOR-US: Nortel Communication Server
-CVE-2008-6575
+CVE-2008-6575 (Unspecified vulnerability in the SIP server in SIP Enablement Services ...)
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-6574
+CVE-2008-6574 (Unspecified vulnerability in SIP Enablement Services (SES) in Avaya Co ...)
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-6573
+CVE-2008-6573 (Multiple SQL injection vulnerabilities in Avaya SIP Enablement Service ...)
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-6572
+CVE-2008-6572 (SQL injection vulnerability in search_results.php in ABK-Soft AbleDati ...)
 	NOT-FOR-US: ABK-Soft AbleDating
-CVE-2008-6571
+CVE-2008-6571 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1 ...)
 	NOT-FOR-US: LinPHA
-CVE-2008-6570
+CVE-2008-6570 (Cross-site scripting (XSS) vulnerability in the RSS reader in Cybozu G ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2008-6569
+CVE-2008-6569 (Session fixation vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 al ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2008-6568
+CVE-2008-6568 (Unrestricted file upload vulnerability in Yehe 2.0 allows remote attac ...)
 	NOT-FOR-US: Yehe
-CVE-2008-6567
+CVE-2008-6567 (Multiple cross-site scripting (XSS) vulnerabilities in Gallarific Free ...)
 	NOT-FOR-US: Gallarific Free Edition
-CVE-2008-6566
+CVE-2008-6566 (Unspecified vulnerability in Octopussy before 0.9.5.8 has unknown impa ...)
 	NOT-FOR-US: Octopussy
-CVE-2008-6565
+CVE-2008-6565 (Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2008-6564
+CVE-2008-6564 (Nortel UNIStim protocol, as used in Communication Server 1000 and othe ...)
 	NOT-FOR-US: Nortel Communication Server
-CVE-2008-6563
+CVE-2008-6563 (Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly ea ...)
 	NOT-FOR-US: Trillian
-CVE-2008-6562
+CVE-2008-6562 (Cross-site scripting (XSS) vulnerability in jax_linklists.php in Jack  ...)
 	NOT-FOR-US: Jack (tR) Jax LinkLists
-CVE-2008-6561
+CVE-2008-6561 (Citrix Presentation Server Client for Windows before 10.200 does not c ...)
 	NOT-FOR-US: Citrix
-CVE-2008-6560
+CVE-2008-6560 (Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedo ...)
 	- redhat-cluster 2.20081102-1
 	NOTE: This seems like a non-issue, since the config file should be under control
 	NOTE: of the admin?
 	NOTE: Fixed in 2.03.09 upstream version.
-CVE-2008-6559
+CVE-2008-6559 (Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users  ...)
 	NOT-FOR-US: SCO UnixWare
-CVE-2008-6558
+CVE-2008-6558 (Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in Reli ...)
 	NOT-FOR-US: SCO UnixWare
-CVE-2008-6557
+CVE-2008-6557 (cgi-bin/webutil.pl in The Puppet Master WebUtil 2.7 allows remote atta ...)
 	NOT-FOR-US: Puppet Master WebUtit, different than puppetmaster from puppet
-CVE-2008-6556
+CVE-2008-6556 (cgi-bin/webutil.pl in The Puppet Master WebUtil 2.3 allows remote atta ...)
 	NOT-FOR-US: Puppet Master WebUtit, different than puppetmaster from puppet
-CVE-2008-6555
+CVE-2008-6555 (cgi-bin/webutil.pl in The Puppet Master WebUtil allows remote attacker ...)
 	NOT-FOR-US: Puppet Master WebUtit, different than puppetmaster from puppet
-CVE-2008-6554
+CVE-2008-6554 (cgi-bin/script in Aztech ADSL2/2+ 4-port router 3.7.0 build 070426 all ...)
 	NOT-FOR-US: Aztech router
-CVE-2008-6553
+CVE-2008-6553 (microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 ...)
 	NOT-FOR-US: Micro CMS
-CVE-2008-6552
+CVE-2008-6552 (Red Hat Cluster Project 2.x allows local users to modify or overwrite  ...)
 	- redhat-cluster 2.20081102-1
 	NOTE: Fixed in 2.03.09 upstream version.
 	NOTE: Similar to CVE-2008-4192 and CVE-2008-4579
-CVE-2008-6551
+CVE-2008-6551 (Multiple directory traversal vulnerabilities in e-Vision CMS 2.0.2 and ...)
 	NOT-FOR-US: e-vision CMS
-CVE-2008-6550
+CVE-2008-6550 (Cross-site scripting (XSS) vulnerability in glossaire.php in Glossaire ...)
 	NOT-FOR-US: Glossaire
-CVE-2008-6549
+CVE-2008-6549 (The password_checker function in config/multiconfig.py in MoinMoin 1.6 ...)
 	- moin 1.6.2-1 (low)
-CVE-2008-6548
+CVE-2008-6548 (The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check t ...)
 	- moin 1.6.2-1 (low)
-CVE-2008-6547
+CVE-2008-6547 (schema.py in FormEncode for Python (python-formencode) 1.0 does not ap ...)
 	- python-formencode 1.0.1-1
 	[etch] - python-formencode <not-affected> (Vulnerable code was introduced in 1.0)
-CVE-2008-6546
+CVE-2008-6546 (Unspecified vulnerability in phpns before 2.1.3 has unknown impact and ...)
 	NOT-FOR-US: phpns
-CVE-2008-6545
+CVE-2008-6545 (PHP remote file inclusion vulnerability in news/include/createdb.php i ...)
 	NOT-FOR-US: Web Server Creator Web Portal
 CVE-2008-6544
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-6543
+CVE-2008-6543 (Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM  ...)
 	NOT-FOR-US: ComScripts TEAM Quick Classifieds
-CVE-2008-6542
+CVE-2008-6542 (Unspecified vulnerability in the Skin Manager in DotNetNuke before 4.8 ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6541
+CVE-2008-6541 (Unrestricted file upload vulnerability in the file manager module in D ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6540
+CVE-2008-6540 (DotNetNuke before 4.8.2, during installation or upgrade, does not warn ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6539
+CVE-2008-6539 (Static code injection vulnerability in user/settings/ in DeStar 0.2.2- ...)
 	- destar <removed> (bug #522123)
-CVE-2008-6538
+CVE-2008-6538 (DeStar 0.2.2-5 allows remote attackers to add arbitrary users via a di ...)
 	- destar <not-affected> (bug #522123)
 	NOTE: we include a default configuration user which can be changed with instructions in README.Debian
-CVE-2008-6537
+CVE-2008-6537 (LightNEasy/lightneasy.php in LightNEasy No database version 1.2 allows ...)
 	NOT-FOR-US: LightNEasy No database
-CVE-2008-6536
+CVE-2008-6536 (Unspecified vulnerability in 7-zip before 4.5.7 has unknown impact and ...)
 	- p7zip 4.57~dfsg.1-1
-CVE-2008-6535
+CVE-2008-6535 (admin/settings.php in PayPal eStores allows remote attackers to bypass ...)
 	NOT-FOR-US: PayPal eStores
-CVE-2008-6534
+CVE-2008-6534 (Incomplete blacklist vulnerability in NULL FTP Server Free and Pro 1.1 ...)
 	NOT-FOR-US: NULL FTP Server
-CVE-2008-6533
+CVE-2008-6533 (Drupal 5.x before 5.13 and 6.x before 6.7 does not delete all related  ...)
 	- drupal5 5.14-1 (low)
 	- drupal6 6.9-1 (low)
 	[lenny] - drupal6 6.6-1.1
-CVE-2008-6532
+CVE-2008-6532 (Multiple cross-site request forgery (CSRF) vulnerabilities in the upda ...)
 	- drupal5 5.14-1 (low)
 	- drupal6 6.9-1 (low)
 	[lenny] - drupal6 6.6-1.1
-CVE-2008-6531
+CVE-2008-6531 (The WebWork 1 web application framework in Atlassian JIRA before 3.13. ...)
 	NOT-FOR-US: Atlassian JIRA
-CVE-2008-6530
+CVE-2008-6530 (Unrestricted file upload vulnerability in editimage.php in eZoneScript ...)
 	NOT-FOR-US: eZoneScripts Living Local
-CVE-2008-6529
+CVE-2008-6529 (Cross-site scripting (XSS) vulnerability in listtest.php in eZoneScrip ...)
 	NOT-FOR-US: eZoneScripts Living Local
-CVE-2008-6528
+CVE-2008-6528 (NTFS TmaxSoft JEUS 5 before Fix 26 allows remote attackers to read the ...)
 	NOT-FOR-US: NTFS TmaxSoft JEUS 5
-CVE-2008-6527
+CVE-2008-6527 (SQL injection vulnerability in forum.asp in GO4I.NET ASP Forum 1.0 all ...)
 	NOT-FOR-US: GO4I.NET ASP Forum
-CVE-2008-6526
+CVE-2008-6526 (SQL injection vulnerability in index.php in BosDev BosClassifieds allo ...)
 	NOT-FOR-US: BosClassifieds
-CVE-2008-6525
+CVE-2008-6525 (SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script  ...)
 	NOT-FOR-US: Nice PHP FAQ Script
-CVE-2008-6524
+CVE-2008-6524 (resetpass.php in openInvoice 0.90 beta and earlier allows remote authe ...)
 	NOT-FOR-US: openInvoice
-CVE-2008-6523
+CVE-2008-6523 (auth.php in openInvoice 0.90 beta and earlier allows remote attackers  ...)
 	NOT-FOR-US: openInvoice
-CVE-2008-6522
+CVE-2008-6522 (Multiple directory traversal vulnerabilities in the RenderFile functio ...)
 	NOT-FOR-US: OpenTerracotta
-CVE-2008-6521
+CVE-2008-6521 (index.php in Terracotta (aka OpenTerracotta) 0.6.1 allows remote attac ...)
 	NOT-FOR-US: OpenTerracotta
-CVE-2008-6520
+CVE-2008-6520 (Multiple format string vulnerabilities in the SSI filter in Xitami Web ...)
 	NOT-FOR-US: Xitami Web Server
-CVE-2008-6519
+CVE-2008-6519 (Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, a ...)
 	NOT-FOR-US: Xitami Web Server
-CVE-2008-6518
+CVE-2008-6518 (Unrestricted file upload vulnerability in the profile feature in VidiS ...)
 	NOT-FOR-US: VidiScript
-CVE-2008-6517
+CVE-2008-6517 (SQL injection vulnerability in NewsHOWLER 1.03 Beta allows remote atta ...)
 	NOT-FOR-US: NewsHOWLER
-CVE-2008-6516
+CVE-2008-6516 (Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allo ...)
 	NOT-FOR-US: phpKF-Portal
-CVE-2008-6515
+CVE-2008-6515 (Cross-site scripting (XSS) vulnerability in Fritz Berger yet another p ...)
 	NOT-FOR-US: yappa-ng
-CVE-2008-6514
+CVE-2008-6514 (The Expo plugin in Compiz Fusion 0.7.8 allows local users with physica ...)
 	- compiz-fusion-plugins-main 0.8.2-1 (low)
 	[lenny] - compiz-fusion-plugins-main <no-dsa> (Minor issue)
-CVE-2008-6513
+CVE-2008-6513 (Unrestricted file upload vulnerability in saa.php in Andy's PHP Knowle ...)
 	NOT-FOR-US: Andy's PHP Knowledgebase
-CVE-2008-6512
+CVE-2008-6512 (Cross-domain vulnerability in the WorkerPool API in Google Gears befor ...)
 	NOT-FOR-US: Google Gears
-CVE-2008-6511
+CVE-2008-6511 (Open redirect vulnerability in login.jsp in Openfire 3.6.0a and earlie ...)
 	NOT-FOR-US: Openfire
-CVE-2008-6510
+CVE-2008-6510 (Cross-site scripting (XSS) vulnerability in login.jsp in the Admin Con ...)
 	NOT-FOR-US: Openfire
-CVE-2008-6509
+CVE-2008-6509 (SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3. ...)
 	NOT-FOR-US: Openfire
-CVE-2008-6508
+CVE-2008-6508 (Directory traversal vulnerability in the AuthCheck filter in the Admin ...)
 	NOT-FOR-US: Openfire
-CVE-2008-6507
+CVE-2008-6507 (Unspecified vulnerability in phpBB before 3.0.4 allows attackers to ob ...)
 	- phpbb3 3.0.2-4
-CVE-2008-6505
+CVE-2008-6505 (Multiple directory traversal vulnerabilities in Apache Struts 2.0.x be ...)
 	- libstruts1.2-java <not-affected> (Vulnerable code not present)
 	NOTE: looks like this was introduced in 2.x, see upstream trunk r688095
-CVE-2008-6504
+CVE-2008-6504 (ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1 ...)
 	NOT-FOR-US: OpenSymphony XWork
-CVE-2008-6503
+CVE-2008-6503 (Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop 1.1. ...)
 	NOT-FOR-US: PrestaShop
-CVE-2008-6502
+CVE-2008-6502 (Directory traversal vulnerability in Pro Chat Rooms 3.0.2 allows remot ...)
 	NOT-FOR-US: Pro Chat Rooms
-CVE-2008-6501
+CVE-2008-6501 (Cross-site scripting (XSS) vulnerability in profiles/index.php in Pro  ...)
 	NOT-FOR-US: Pro Chat Rooms
-CVE-2008-6500
+CVE-2008-6500 (Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart ...)
 	NOT-FOR-US: CodeToad ASP Shopping Cart Script
-CVE-2008-6499
+CVE-2008-6499 (security/xamppsecurity.php in XAMPP 1.6.8 performs an extract operatio ...)
 	NOT-FOR-US: XAMPP
-CVE-2008-6498
+CVE-2008-6498 (Cross-site request forgery (CSRF) vulnerability in security/xamppsecur ...)
 	NOT-FOR-US: XAMPP
-CVE-2008-6497
+CVE-2008-6497 (The Neostrada Livebox ADSL Router allows remote attackers to cause a d ...)
 	NOT-FOR-US: Neostrada Livebox ADSL Router
-CVE-2008-6496
+CVE-2008-6496 (Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX co ...)
 	NOT-FOR-US: VSPDFEditorX.ocx
-CVE-2008-6495
+CVE-2008-6495 (Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger  ...)
 	NOT-FOR-US: Fritz Berger yet another php photo album - next generation
-CVE-2008-6494
+CVE-2008-6494 (ASP User Engine.NET stores sensitive information under the web root wi ...)
 	NOT-FOR-US: ASP User Engine.NET
-CVE-2008-6493
+CVE-2008-6493 (Easy Content Management Publishing stores sensitive information under  ...)
 	NOT-FOR-US: Easy Content Management Publishing
-CVE-2008-6492
+CVE-2008-6492 (Unrestricted file upload vulnerability in process.php in Tizag Countdo ...)
 	NOT-FOR-US: Tizag Countdown Creator
-CVE-2008-6491
+CVE-2008-6491 (PHP remote file inclusion vulnerability in connexion.php in PHPGKit 0. ...)
 	NOT-FOR-US: PHPGKit
-CVE-2008-6490
+CVE-2008-6490 (function/update_xml.php in FLABER 1.1 and earlier allows remote attack ...)
 	NOT-FOR-US: FLABER
-CVE-2008-6489
+CVE-2008-6489 (SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for ...)
 	NOT-FOR-US: MyAlbum component (com_myalbum) for Joomla!
-CVE-2008-6488
+CVE-2008-6488 (SQL injection vulnerability in index.php in SoftComplex PHP Image Gall ...)
 	NOT-FOR-US: SoftComplex PHP Image Gallery
-CVE-2008-6487
+CVE-2008-6487 (Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAf ...)
 	NOT-FOR-US: Digiappz DigiAffiliate
-CVE-2008-6486
+CVE-2008-6486 (PHP remote file inclusion vulnerability in slideshow_uploadvideo.conte ...)
 	NOT-FOR-US: sharedlog CMS
-CVE-2008-6485
+CVE-2008-6485 (SQL injection vulnerability in index.php in SoftComplex PHP Image Gall ...)
 	NOT-FOR-US: SoftComplex PHP Image Gallery
-CVE-2008-6484
+CVE-2008-6484 (SQL injection vulnerability in login.php in Mole Group Taxi Map Script ...)
 	NOT-FOR-US: Mole Group Taxi Map Script
-CVE-2008-6483
+CVE-2008-6483 (PHP remote file inclusion vulnerability in admin.googlebase.php in the ...)
 	NOT-FOR-US: Ecom Solutions VirtueMart Google Base (aka com_googlebase or Froogle) component for Joomla!
-CVE-2008-6482
+CVE-2008-6482 (PHP remote file inclusion vulnerability in admin.treeg.php in the Flas ...)
 	NOT-FOR-US: Flash Tree Gallery (com_treeg) component for Joomla!
-CVE-2008-6481
+CVE-2008-6481 (SQL injection vulnerability in the Versioning component (com_versionin ...)
 	NOT-FOR-US: Versioning component (com_versioning) in Joomla! and Mambo
-CVE-2008-6480
+CVE-2008-6480 (Cross-site request forgery (CSRF) vulnerability in engine/modules/imag ...)
 	NOT-FOR-US: Datalife Engine
-CVE-2008-6479
+CVE-2008-6479 (Cross-site request forgery (CSRF) vulnerability in the "change passwor ...)
 	NOT-FOR-US: swsoft
-CVE-2008-6478
+CVE-2008-6478 (Cross-site request forgery (CSRF) vulnerability in the file manager in ...)
 	NOT-FOR-US: swsoft
-CVE-2008-6477
+CVE-2008-6477 (SQL injection vulnerability in Mumbo Jumbo Media OP4 allows remote att ...)
 	NOT-FOR-US: Mumbo Jumbo Media
-CVE-2008-6476
+CVE-2008-6476 (Cross-site scripting (XSS) vulnerability in blog/search.aspx in BlogEn ...)
 	NOT-FOR-US: BlogEngine.NET
-CVE-2008-6475
+CVE-2008-6475 (SQL injection vulnerability in the guestbook component (components/gue ...)
 	NOT-FOR-US: Drake CMS
-CVE-2008-6474
+CVE-2008-6474 (The management interface in F5 BIG-IP 9.4.3 allows remote authenticate ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2008-6473
+CVE-2008-6473 (_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remot ...)
 	NOT-FOR-US: Blogator-script
-CVE-2008-6472
+CVE-2008-6472 (The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote at ...)
 	[etch] - wireshark <not-affected> (vulnerable code not present)
 	[lenny] - wireshark 1.0.2-3+lenny3
 	- wireshark 1.0.5-1 (low; bug #506741)
-CVE-2008-6471
+CVE-2008-6471 (SQL injection vulnerability in detail.php in MountainGrafix easyLink 1 ...)
 	NOT-FOR-US: MountainGrafix easyLink
-CVE-2008-6470
+CVE-2008-6470 (Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 all ...)
 	NOT-FOR-US: ClanSphere
-CVE-2008-6469
+CVE-2008-6469 (SQL injection vulnerability in index.php in PlainCart 1.1.2 allows rem ...)
 	NOT-FOR-US: PlainCart
-CVE-2008-6468
+CVE-2008-6468 (SQL injection vulnerability in index.php in Diesel Pay allows remote a ...)
 	NOT-FOR-US: Diesel Pay
-CVE-2008-6467
+CVE-2008-6467 (SQL injection vulnerability in jobs/jobseekers/job-info.php in Diesel  ...)
 	NOT-FOR-US: Diesel Pay
-CVE-2008-6466
+CVE-2008-6466 (SQL injection vulnerability in image_gallery.php in the Akira Powered  ...)
 	NOT-FOR-US: e107
-CVE-2008-6465
+CVE-2008-6465 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in we ...)
 	NOT-FOR-US: Parallels H-Sphere
-CVE-2008-6464
+CVE-2008-6464 (SQL injection vulnerability in event.php in Mevin Productions Basic PH ...)
 	NOT-FOR-US: Mevin Productions Basic PHP Events Lister
-CVE-2008-6463
+CVE-2008-6463 (SQL injection vulnerability in the Diocese of Portsmouth Church Search ...)
 	NOT-FOR-US: Diocese of Portsmouth Church Search extension for Typo3
-CVE-2008-6462
+CVE-2008-6462 (SQL injection vulnerability in the My quiz and poll (myquizpoll) exten ...)
 	NOT-FOR-US: My quiz and poll
-CVE-2008-6461
+CVE-2008-6461 (SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) exten ...)
 	NOT-FOR-US: Typo3 addon Random Prayer
-CVE-2008-6460
+CVE-2008-6460 (SQL injection vulnerability in the Simple Random Objects (mw_random_ob ...)
 	NOT-FOR-US: Typo3 addon Simple Random Objects
-CVE-2008-6459
+CVE-2008-6459 (SQL injection vulnerability in the auto BE User Registration (autobeus ...)
 	NOT-FOR-US: Typo3 addon auto BE User Registration
-CVE-2008-6458
+CVE-2008-6458 (SQL injection vulnerability in the FE address edit for tt_address &amp ...)
 	NOT-FOR-US: Typo3 addon
-CVE-2008-6457
+CVE-2008-6457 (SQL injection vulnerability in the Swigmore institute (cgswigmore) ext ...)
 	NOT-FOR-US: Typo3 addon
-CVE-2008-6456
+CVE-2008-6456 (SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and  ...)
 	NOT-FOR-US: Typo3 addon
-CVE-2008-6455
+CVE-2008-6455 (Session fixation vulnerability in Edikon phpShop 0.8.1 allows remote a ...)
 	NOT-FOR-US: Edikon phpShop
-CVE-2008-6454
+CVE-2008-6454 (SQL injection vulnerability in section.php in 6rbScript 3.3 allows rem ...)
 	NOT-FOR-US: 6rbScript
-CVE-2008-6453
+CVE-2008-6453 (Directory traversal vulnerability in section.php in 6rbScript 3.3, whe ...)
 	NOT-FOR-US: 6rbScript
-CVE-2008-6452
+CVE-2008-6452 (SQL injection vulnerability in show_vote.php in Oceandir 2.9 and earli ...)
 	NOT-FOR-US: Oceandir
-CVE-2008-6451
+CVE-2008-6451 (SQL injection vulnerability in humor.php in jPORTAL 2 allows remote at ...)
 	NOT-FOR-US: jPORTAL
-CVE-2008-6450
+CVE-2008-6450 (Cross-site scripting (XSS) vulnerability in Under Construction, Baby ( ...)
 	NOT-FOR-US: Under Construction, Baby
-CVE-2008-6449
+CVE-2008-6449 (Cross-site request forgery (CSRF) vulnerability in multiple Century Sy ...)
 	NOT-FOR-US: Century Systems routers
-CVE-2008-6448
+CVE-2008-6448 (Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC Syst ...)
 	NOT-FOR-US: SKYARC System MTCMS WYSIWYG Editor
-CVE-2008-6447
+CVE-2008-6447 (Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail Ma ...)
 	NOT-FOR-US: QuikSoft EasyMail
-CVE-2008-6446
+CVE-2008-6446 (Static code injection vulnerability in the Guestbook component in CMS  ...)
 	NOT-FOR-US: CMS MAXSITE
-CVE-2008-6445
+CVE-2008-6445 (Unspecified vulnerability in YourPlace before 1.0.1 has unknown impact ...)
 	NOT-FOR-US: YourPlace
-CVE-2008-6444
+CVE-2008-6444 (Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might all ...)
 	NOT-FOR-US: Baidu Hi IM
-CVE-2008-6443
+CVE-2008-6443 (SQL injection vulnerability in forum_duzen.php in phpKF allows remote  ...)
 	NOT-FOR-US: phpKF
-CVE-2008-6442
+CVE-2008-6442 (Insecure method vulnerability in Sina Inc. DLoader Class ActiveX Contr ...)
 	NOT-FOR-US: Sina Inc. DLoader Class ActiveX
-CVE-2008-6441
+CVE-2008-6441 (Format string vulnerability in the Epic Games Unreal engine client, as ...)
 	NOT-FOR-US: Epic Games Unreal engine client
-CVE-2008-6440
+CVE-2008-6440 (Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to ob ...)
 	NOT-FOR-US: Cerberus Helpdesk
-CVE-2008-6439
+CVE-2008-6439 (Cross-site scripting (XSS) vulnerability in search_results.php in ABK- ...)
 	NOT-FOR-US: ABK-Soft AbleDating
-CVE-2008-6438
+CVE-2008-6438 (SQL injection vulnerability in macgurublog_menu/macgurublog.php in the ...)
 	NOT-FOR-US: MacGuru BLOG Engine
-CVE-2008-6437
+CVE-2008-6437 (Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeForum 1. ...)
 	NOT-FOR-US: PHPFreeForum
-CVE-2008-6436
+CVE-2008-6436 (Cross-site scripting (XSS) vulnerability in the Web Server in Xerox Wo ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2008-6435
+CVE-2008-6435 (Multiple cross-site scripting (XSS) vulnerabilities in phpSQLiteCMS 1  ...)
 	NOT-FOR-US: phpSQLiteCMS
-CVE-2008-6434
+CVE-2008-6434 (SQL injection vulnerability in index.cfm in Blue River Interactive Gro ...)
 	NOT-FOR-US: Blue River Interactive Group Sava CMS
-CVE-2008-6433
+CVE-2008-6433 (Cross-site scripting (XSS) vulnerability in index.cfm in Blue River In ...)
 	NOT-FOR-US: Blue River Interactive Group Sava CMS
-CVE-2008-6431
+CVE-2008-6431 (Multiple cross-site scripting (XSS) vulnerabilities in BMForum 5.6 all ...)
 	NOT-FOR-US: BMForum
-CVE-2008-6430
+CVE-2008-6430 (SQL injection vulnerability in the MyContent (com_mycontent) component ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6429
+CVE-2008-6429 (SQL injection vulnerability in the PrayerCenter (com_prayercenter) com ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6428
+CVE-2008-6428 (The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbi ...)
 	- kaya 0.4.2-1 (low)
 	[etch] - kaya <no-dsa> (Minor issue)
 	NOTE: the fix checks with a regex for malicious characters in the HTTP header, see CGI.k changes
-CVE-2008-6427
+CVE-2008-6427 (SQL injection vulnerability in index.php in Hivemaker Professional 1.0 ...)
 	NOT-FOR-US: Hivemaker Professional
-CVE-2008-6425
+CVE-2008-6425 (SQL injection vulnerability in news.php in ComicShout 2.8 allows remot ...)
 	NOT-FOR-US: ComicShout
-CVE-2008-6424
+CVE-2008-6424 (Directory traversal vulnerability in FFFTP 1.96b allows remote FTP ser ...)
 	NOT-FOR-US: FFFTP
-CVE-2008-6423
+CVE-2008-6423 (Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 R ...)
 	NOT-FOR-US: PassWiki
-CVE-2008-6422
+CVE-2008-6422 (Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and  ...)
 	NOT-FOR-US: PsychoStats
-CVE-2008-6421
+CVE-2008-6421 (PHP remote file inclusion vulnerability in social_game_play.php in Soc ...)
 	NOT-FOR-US: Social Site Generator
-CVE-2008-6420
+CVE-2008-6420 (Social Site Generator (SSG) 2.0 allows remote attackers to read arbitr ...)
 	NOT-FOR-US: Social Site Generator
-CVE-2008-6419
+CVE-2008-6419 (Multiple SQL injection vulnerabilities in Social Site Generator (SSG)  ...)
 	NOT-FOR-US: Social Site Generator
-CVE-2008-6418
+CVE-2008-6418 (SQL injection vulnerability in scrape.php in TorrentTrader before 2008 ...)
 	NOT-FOR-US: TorrentTrader
-CVE-2008-6417
+CVE-2008-6417 (Unspecified vulnerability in GreenSQL-Console before 0.3.5 allows atta ...)
 	NOT-FOR-US: GreenSQL-Console
-CVE-2008-6416
+CVE-2008-6416 (Multiple cross-site scripting (XSS) vulnerabilities in GreenSQL-Consol ...)
 	NOT-FOR-US: GreenSQL-Console
-CVE-2008-6415
+CVE-2008-6415 (Buffer overflow in YoungZSoft CCProxy 6.5 might allow remote attackers ...)
 	NOT-FOR-US: CCProxy
-CVE-2008-6414
+CVE-2008-6414 (SQL injection vulnerability in detail.php in AJ Auction Pro Platinum S ...)
 	NOT-FOR-US: AJ Auction Pro Platinum
-CVE-2008-6413
+CVE-2008-6413 (Cross-site scripting (XSS) vulnerability in the Answers module 5.x-1.x ...)
 	NOT-FOR-US: Answers module for Drupal
-CVE-2008-6412
+CVE-2008-6412 (Unspecified vulnerability in Vignette Content Management 7.3.0.5, 7.3. ...)
 	NOT-FOR-US: Vignette Content Management
-CVE-2008-6411
+CVE-2008-6411 (Explay CMS 2.1 and earlier allows remote attackers to bypass authentic ...)
 	NOT-FOR-US: Explay CMS
-CVE-2008-6410
+CVE-2008-6410 (Directory traversal vulnerability in show.php in ol'bookmarks manager  ...)
 	NOT-FOR-US: ol'bookmarks manager
-CVE-2008-6409
+CVE-2008-6409 (SQL injection vulnerability in index.php in ol'bookmarks manager 0.7.5 ...)
 	NOT-FOR-US: ol'bookmarks manager
-CVE-2008-6408
+CVE-2008-6408 (PHP remote file inclusion vulnerability in frame.php in ol'bookmarks m ...)
 	NOT-FOR-US: ol'bookmarks manager
-CVE-2008-6407
+CVE-2008-6407 (Directory traversal vulnerability in frame.php in ol'bookmarks manager ...)
 	NOT-FOR-US: ol'bookmarks manager
-CVE-2008-6406
+CVE-2008-6406 (Cross-site scripting (XSS) vulnerability in admin.php in DataLife Engi ...)
 	NOT-FOR-US: DataLife Engine
-CVE-2008-6405
+CVE-2008-6405 (SQL injection vulnerability in showcategory.php in Hotscripts Clone al ...)
 	NOT-FOR-US: Hotscripts Clone
-CVE-2008-6404
+CVE-2008-6404 (Cross-site scripting (XSS) vulnerability in add_calendars.php in eXtro ...)
 	NOT-FOR-US: eXtrovert Software Thyme
-CVE-2008-6403
+CVE-2008-6403 (PHP remote file inclusion vulnerability in themes/default/include/html ...)
 	NOT-FOR-US: OpenRat
-CVE-2008-6402
+CVE-2008-6402 (PHP remote file inclusion vulnerability in hu/modules/reg-new/modstart ...)
 	NOT-FOR-US: Sofi WebGui
-CVE-2008-6401
+CVE-2008-6401 (SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote at ...)
 	NOT-FOR-US: JETIK-WEB
-CVE-2008-6400
+CVE-2008-6400 (Cross-site scripting (XSS) vulnerability in refbase before 0.9.5 allow ...)
 	NOT-FOR-US: refbase
-CVE-2008-6399
+CVE-2008-6399 (Unspecified vulnerability in DotNetNuke 4.5.2 through 4.9 allows remot ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2008-6398
+CVE-2008-6398 (sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary fil ...)
 	- sng 1.0.2-6 (bug #496407; unimportant)
-CVE-2008-6397
+CVE-2008-6397 (rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbi ...)
 	- sgml2x 1.0.0-11.2 (bug #496368; low)
 	[etch] - sgml2x <no-dsa> (Minor issue)
-CVE-2008-6396
+CVE-2008-6396 (Cross-site scripting (XSS) vulnerability in account.php in Celerondude ...)
 	NOT-FOR-US: Celerondude Uploader
-CVE-2008-6395
+CVE-2008-6395 (The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g  ...)
 	NOT-FOR-US: web management interface in 3Com Wireless
-CVE-2008-6394
+CVE-2008-6394 (SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earl ...)
 	NOT-FOR-US: CS-Cart
-CVE-2008-6393
+CVE-2008-6393 (PSI Jabber client before 0.12.1 allows remote attackers to cause a den ...)
 	{DSA-1741-1}
 	- psi 0.12.1-1 (low; bug #518468)
 	[etch] - psi <not-affected> (Vulnerable code not present)
-CVE-2008-6392
+CVE-2008-6392 (SQL injection vulnerability in showads.php in Z1Exchange allows remote ...)
 	NOT-FOR-US: Z1Exchange
-CVE-2008-6391
+CVE-2008-6391 (SQL injection vulnerability in main.asp in Jbook allows remote attacke ...)
 	NOT-FOR-US: Jbook
-CVE-2008-6390
+CVE-2008-6390 (SQL injection vulnerability in login.asp in Ocean12 Membership Manager ...)
 	NOT-FOR-US: Ocean12 Membership Manager Pro
-CVE-2008-6389
+CVE-2008-6389 (SQL injection vulnerability in asadmin/default.asp in Rae Media Contac ...)
 	NOT-FOR-US: Rae Media Contact Management Software
-CVE-2008-6388
+CVE-2008-6388 (Rapid Classified 3.1 and 3.15 stores sensitive information under the w ...)
 	NOT-FOR-US: Rapid Classified
-CVE-2008-6387
+CVE-2008-6387 (Quick Tree View .NET 3.1 stores sensitive information under the web ro ...)
 	NOT-FOR-US: Quick Tree View .NET
-CVE-2008-6386
+CVE-2008-6386 (Cross-site scripting (XSS) vulnerability in showads.php in Z1Exchange  ...)
 	NOT-FOR-US: Z1Exchange
-CVE-2008-6385
+CVE-2008-6385 (Cross-site scripting (XSS) vulnerability in index.php in W3matter RevS ...)
 	NOT-FOR-US: W3matter RevSense
-CVE-2008-6384
+CVE-2008-6384 (Multiple cross-site request forgery (CSRF) vulnerabilities in Comment  ...)
 	NOT-FOR-US: Comment Mail
-CVE-2008-6383
+CVE-2008-6383 (SQL injection vulnerability in SpeedTech Organization and Resource Man ...)
 	NOT-FOR-US: SpeedTech Organization and Resource Manager
-CVE-2008-6382
+CVE-2008-6382 (ASP Portal 3.2.5 stores sensitive information under the web root with  ...)
 	NOT-FOR-US: ASP Portal
-CVE-2008-6381
+CVE-2008-6381 (SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1 ...)
 	NOT-FOR-US: bcoos
-CVE-2008-6380
+CVE-2008-6380 (SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 ...)
 	NOT-FOR-US: Active Web Helpdesk
-CVE-2008-6379
+CVE-2008-6379 (SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows ...)
 	NOT-FOR-US: Gallery MX
-CVE-2008-6378
+CVE-2008-6378 (SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx ...)
 	NOT-FOR-US: Calendar Mx Professional
-CVE-2008-6377
+CVE-2008-6377 (PHP remote file inclusion vulnerability in include/global.php in Multi ...)
 	NOT-FOR-US: Multi SEO phpBB
-CVE-2008-6376
+CVE-2008-6376 (SQL injection vulnerability in main.asp in Jbook allows remote attacke ...)
 	NOT-FOR-US: Jbook
-CVE-2008-6375
+CVE-2008-6375 (JBook stores sensitive information under the web root with insufficien ...)
 	NOT-FOR-US: JBook
-CVE-2008-6374
+CVE-2008-6374 (CodefixerSoftware MailingListPro Free Edition stores sensitive informa ...)
 	NOT-FOR-US: MailingListPro Free Edition
-CVE-2008-6373
+CVE-2008-6373 (Unspecified vulnerability in Nagios before 3.0.6 has unspecified impac ...)
 	- nagios3 3.0.6-3
 	[etch] - nagios2 <no-dsa> (Related to CVE-2008-5028, which has minimal attack vector)
-CVE-2008-6372
+CVE-2008-6372 (SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro  ...)
 	NOT-FOR-US: Ocean12 FAQ Manager Pro
-CVE-2008-6371
+CVE-2008-6371 (SQL injection vulnerability in login.asp in Ocean12 Membership Manager ...)
 	NOT-FOR-US: Ocean12 Membership Manager Pro
-CVE-2008-6370
+CVE-2008-6370 (Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Con ...)
 	NOT-FOR-US: Ocean12 Contact Manager Pro
-CVE-2008-6369
+CVE-2008-6369 (SQL injection vulnerability in default.asp in Ocean12 Contact Manager  ...)
 	NOT-FOR-US: Ocean12 Contact Manager Pro
-CVE-2008-6368
+CVE-2008-6368 (SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m al ...)
 	NOT-FOR-US: Chipmunk Guestbook
-CVE-2008-6367
+CVE-2008-6367 (Unrestricted file upload vulnerability in Photos/create_album.php in S ...)
 	NOT-FOR-US: Social Groupie
-CVE-2008-6366
+CVE-2008-6366 (SQL injection vulnerability in logon.jsp in Ad Server Solutions Affili ...)
 	NOT-FOR-US: Ad Server Solutions Affiliate Software Java
-CVE-2008-6365
+CVE-2008-6365 (SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad Man ...)
 	NOT-FOR-US: Ad Server Solutions Ad Management Software Java
-CVE-2008-6364
+CVE-2008-6364 (SQL injection vulnerability in logon_process.jsp in Ad Server Solution ...)
 	NOT-FOR-US: Ad Server Solutions Banner Exchange Solution Java
-CVE-2008-6363
+CVE-2008-6363 (Stack-based buffer overflow in DesignWorks Professional 4.3.1 and 5.0. ...)
 	NOT-FOR-US: DesignWorks Professional
-CVE-2008-6362
+CVE-2008-6362 (SQL injection vulnerability in sitepage.php in Multiple Membership Scr ...)
 	NOT-FOR-US: Multiple Membership Script
-CVE-2008-6361
+CVE-2008-6361 (Directory traversal vulnerability in index.php in InSun Feed CMS 1.7.3 ...)
 	NOT-FOR-US: InSun Feed CMS
-CVE-2008-6360
+CVE-2008-6360 (Cross-site scripting (XSS) vulnerability in the userranks feature in m ...)
 	NOT-FOR-US: ImpressCMS
-CVE-2008-6359
+CVE-2008-6359 (Cross-site scripting (XSS) vulnerability in index.php in Max's Guestbo ...)
 	NOT-FOR-US: Max's Guestbook
-CVE-2008-6358
+CVE-2008-6358 (SQL injection vulnerability in group_index.php in Social Groupie allow ...)
 	NOT-FOR-US: Social Groupie
-CVE-2008-6357
+CVE-2008-6357 (MyCal Personal Events Calendar stores sensitive information under the  ...)
 	NOT-FOR-US: MyCal Personal Events Calendar
-CVE-2008-6356
+CVE-2008-6356 (evCal Events Calendar stores sensitive information under the web root  ...)
 	NOT-FOR-US: evCal Events Calendar
-CVE-2008-6355
+CVE-2008-6355 (The Net Guys ASPired2Protect stores sensitive information under the we ...)
 	NOT-FOR-US: ASPired2poll
-CVE-2008-6354
+CVE-2008-6354 (The Net Guys ASPired2poll stores sensitive information under the web r ...)
 	NOT-FOR-US: ASPired2poll
-CVE-2008-6353
+CVE-2008-6353 (SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote  ...)
 	NOT-FOR-US: ASP-CMS
-CVE-2008-6352
+CVE-2008-6352 (SQL injection vulnerability in home.html in Xpoze Pro 4.10 allows remo ...)
 	NOT-FOR-US: Xpoze Pro
-CVE-2008-6351
+CVE-2008-6351 (Cross-site scripting (XSS) vulnerability in listtest.php in TurnkeyFor ...)
 	NOT-FOR-US: TurnkeyForms Local Classifieds
-CVE-2008-6350
+CVE-2008-6350 (SQL injection vulnerability in listtest.php in TurnkeyForms Local Clas ...)
 	NOT-FOR-US: TurnkeyForms Local Classifieds
-CVE-2008-6349
+CVE-2008-6349 (SQL injection vulnerability in survey_results_text.php in TurnkeyForms ...)
 	NOT-FOR-US: TurnkeyForms Business Survey Pro
-CVE-2008-6348
+CVE-2008-6348 (Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery  ...)
 	NOT-FOR-US: DevelopItEasy Photo Gallery
-CVE-2008-6347
+CVE-2008-6347 (PHP remote file inclusion vulnerability in lib/onguma.class.php in the ...)
 	NOT-FOR-US: Onguma Time Sheet component for Joomla!
-CVE-2008-6346
+CVE-2008-6346 (Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) exte ...)
 	NOT-FOR-US: DR Wiki extension for TYPO3
-CVE-2008-6345
+CVE-2008-6345 (SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 al ...)
 	NOT-FOR-US: SolarCMS
-CVE-2008-6344
+CVE-2008-6344 (SQL injection vulnerability in the TU-Clausthal Staff (tuc_staff) 0.3. ...)
 	NOT-FOR-US: TU-Clausthal Staff extension for TYPO3
-CVE-2008-6343
+CVE-2008-6343 (Cross-site scripting (XSS) vulnerability in the TU-Clausthal ODIN (tuc ...)
 	NOT-FOR-US: TU-Clausthal ODIN extension for TYPO3
-CVE-2008-6342
+CVE-2008-6342 (Unspecified vulnerability in the TYPO3 Simple File Browser (simplefile ...)
 	NOT-FOR-US: Simple File Browser extension for TYPO3
-CVE-2008-6341
+CVE-2008-6341 (Cross-site scripting (XSS) vulnerability in the SB Universal Plugin (S ...)
 	NOT-FOR-US: SB Universal Plugin extension for TYPO3
-CVE-2008-6340
+CVE-2008-6340 (Cross-site scripting (XSS) vulnerability in the Vox populi (mv_vox_pop ...)
 	NOT-FOR-US: Vox populi extension for TYPO3
-CVE-2008-6338
+CVE-2008-6338 (SQL injection vulnerability in the WEBERkommunal Facilities (wes_facil ...)
 	NOT-FOR-US: WEBERkommunal Facilities extension for TYPO3
-CVE-2008-6337
+CVE-2008-6337 (SQL injection vulnerability in the Volunteer Management System (com_vo ...)
 	NOT-FOR-US: Volunteer Management System module for Joomla!
-CVE-2008-6336
+CVE-2008-6336 (Directory traversal vulnerability in download.php in Text Lines Rearra ...)
 	NOT-FOR-US: Text Lines Rearrange Script
-CVE-2008-6335
+CVE-2008-6335 (Directory traversal vulnerability in download.php in eMetrix Online Ke ...)
 	NOT-FOR-US: eMetrix Online Keyword Research Tool
-CVE-2008-6334
+CVE-2008-6334 (Directory traversal vulnerability in download.php in eMetrix Extract W ...)
 	NOT-FOR-US: eMetrix Extract Website
-CVE-2008-6333
+CVE-2008-6333 (SQL injection vulnerability in news.php in RSS Simple News (RSSSN), wh ...)
 	NOT-FOR-US: RSS Simple News
-CVE-2008-6332
+CVE-2008-6332 (SQL injection vulnerability in login.php in Simple Customer 1.2 allows ...)
 	NOT-FOR-US: Simple Customer
-CVE-2008-6331
+CVE-2008-6331 (Multiple cross-site request forgery (CSRF) vulnerabilities in Streber  ...)
 	NOT-FOR-US: Streber
-CVE-2008-6330
+CVE-2008-6330 (SQL injection vulnerability in index.php in MyTopix 1.3.0 and earlier  ...)
 	NOT-FOR-US: MyTopix
-CVE-2008-6329
+CVE-2008-6329 (SQL injection vulnerability in Employee/login.asp in Pre ASP Job Board ...)
 	NOT-FOR-US: Pre ASP Job Board
-CVE-2008-6328
+CVE-2008-6328 (SQL injection vulnerability in view.php in Butterfly Organizer 2.0.0 a ...)
 	NOT-FOR-US: Butterfly Organizer
-CVE-2008-6327
+CVE-2008-6327 (SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote  ...)
 	NOT-FOR-US: ProQuiz
-CVE-2008-6326
+CVE-2008-6326 (SQL injection vulnerability in login.php in Simple Customer as downloa ...)
 	NOT-FOR-US: Simple Customer
-CVE-2008-6325
+CVE-2008-6325 (Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Classif ...)
 	NOT-FOR-US: Softbiz Classifieds Script
-CVE-2008-6324
+CVE-2008-6324 (SQL injection vulnerability in forummessages.cfm in CF_Forum allows re ...)
 	NOT-FOR-US: CF_Forum
-CVE-2008-6323
+CVE-2008-6323 (SQL injection vulnerability in forummessages.cfm in CFMSource CF_Aucti ...)
 	NOT-FOR-US: CFMSource CF_Auction
-CVE-2008-6322
+CVE-2008-6322 (SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows r ...)
 	NOT-FOR-US: CFMSource CFMBlog
-CVE-2008-6321
+CVE-2008-6321 (CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insu ...)
 	NOT-FOR-US: CF Shopkart
-CVE-2008-6320
+CVE-2008-6320 (SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows r ...)
 	NOT-FOR-US: CF Shopkart
-CVE-2008-6319
+CVE-2008-6319 (SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows ...)
 	NOT-FOR-US: CF_Calendar
-CVE-2008-6318
+CVE-2008-6318 (PHP remote file inclusion vulnerability in _conf/_php-core/common-tpl- ...)
 	NOT-FOR-US: PHPmyGallery
-CVE-2008-6317
+CVE-2008-6317 (Directory traversal vulnerability in _conf/_php-core/common-tpl-vars.p ...)
 	NOT-FOR-US: PHPmyGallery
-CVE-2008-6316
+CVE-2008-6316 (Directory traversal vulnerability in _conf/core/common-tpl-vars.php in ...)
 	NOT-FOR-US: PHPmyGallery
-CVE-2008-6315
+CVE-2008-6315 (PHP remote file inclusion vulnerability in _conf/core/common-tpl-vars. ...)
 	NOT-FOR-US: PHPmyGallery
-CVE-2008-6314
+CVE-2008-6314 (SQL injection vulnerability in tag_board.php in the Tag Board module 4 ...)
 	NOT-FOR-US: Tag Board module
-CVE-2008-6313
+CVE-2008-6313 (Directory traversal vulnerability in addedit-render.php in phpAddEdit  ...)
 	NOT-FOR-US: phpAddEdit
-CVE-2008-6312
+CVE-2008-6312 (SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote  ...)
 	NOT-FOR-US: ProQuiz
-CVE-2008-6311
+CVE-2008-6311 (SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 a ...)
 	NOT-FOR-US: Butterfly Organizer
-CVE-2008-6310
+CVE-2008-6310 (SQL injection vulnerability in index.php in W3matter RevSense 1.0 allo ...)
 	NOT-FOR-US: W3matter RevSense
-CVE-2008-6309
+CVE-2008-6309 (SQL injection vulnerability in index.php in W3matter AskPert allows re ...)
 	NOT-FOR-US: W3matter AskPert
-CVE-2008-6308
+CVE-2008-6308 (Multiple directory traversal vulnerabilities in Private Messaging Syst ...)
 	NOT-FOR-US: Private Messaging System
-CVE-2008-6307
+CVE-2008-6307 (E-topbiz Link Back Checker 1 allows remote attackers to bypass authent ...)
 	NOT-FOR-US: E-topbiz Link Back Checker
-CVE-2008-6306
+CVE-2008-6306 (Cross-site scripting (XSS) vulnerability in signinform.php in Softbiz  ...)
 	NOT-FOR-US: Softbiz Classifieds Script
-CVE-2008-6305
+CVE-2008-6305 (PHP remote file inclusion vulnerability in init.php in Free Directory  ...)
 	NOT-FOR-US: Free Directory Script
-CVE-2008-6304
+CVE-2008-6304 (SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when ma ...)
 	NOT-FOR-US: xt:Commerce
-CVE-2008-6303
+CVE-2008-6303 (SQL injection vulnerability in tourview.php in ToursManager allows rem ...)
 	NOT-FOR-US: ToursManager
-CVE-2008-6302
+CVE-2008-6302 (TurnkeyForms Local Classifieds allows remote attackers to bypass authe ...)
 	NOT-FOR-US: TurnkeyForms Local Classifieds
-CVE-2008-6301
+CVE-2008-6301 (SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox ...)
 	NOT-FOR-US: Small ShoutBox module
-CVE-2008-6300
+CVE-2008-6300 (Galatolo WebManager 1.3a allows remote attackers to bypass authenticat ...)
 	NOT-FOR-US: Galatolo WebManager
-CVE-2008-6299
+CVE-2008-6299 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 a ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6298
+CVE-2008-6298 (Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remo ...)
 	NOT-FOR-US: sISAPILocation
-CVE-2008-6297
+CVE-2008-6297 (Cross-site scripting (XSS) vulnerability in order.php in DHCart allows ...)
 	NOT-FOR-US: DHCart
-CVE-2008-6296
+CVE-2008-6296 (admin.php in Maran PHP Shop allows remote attackers to bypass authenti ...)
 	NOT-FOR-US: Maran PHP Shop
-CVE-2008-6295
+CVE-2008-6295 (Multiple cross-site scripting (XSS) vulnerabilities in Camera Life 2.6 ...)
 	NOT-FOR-US: Camera Life
-CVE-2008-6294
+CVE-2008-6294 (admin/Index.php in Acc Statistics 1.1 allows remote attackers to bypas ...)
 	NOT-FOR-US: Acc Statistics
-CVE-2008-6293
+CVE-2008-6293 (admin/Index.php in Acc Real Estate 4.0 allows remote attackers to bypa ...)
 	NOT-FOR-US: Acc Real Estate
-CVE-2008-6292
+CVE-2008-6292 (Acc Autos 4.0 allows remote attackers to bypass authentication and gai ...)
 	NOT-FOR-US: Acc Autos
-CVE-2008-6291
+CVE-2008-6291 (Acc PHP eMail 1.1 allows remote attackers to bypass authentication and ...)
 	NOT-FOR-US: Acc PHP eMail
-CVE-2008-6290
+CVE-2008-6290 (Directory traversal vulnerability in includefile.php in nicLOR Sito, w ...)
 	NOT-FOR-US: nicLOR Sito
-CVE-2008-6289
+CVE-2008-6289 (SQL injection vulnerability in cityview.php in Tours Manager 1.0 allow ...)
 	NOT-FOR-US: Tours Manager
-CVE-2008-6288
+CVE-2008-6288 (Directory traversal vulnerability in download.php in Interface Medien  ...)
 	NOT-FOR-US: Interface Medien ibase
-CVE-2008-6287
+CVE-2008-6287 (Multiple PHP remote file inclusion vulnerabilities in Broadcast Machin ...)
 	NOT-FOR-US: Broadcast Machine
-CVE-2008-6286
+CVE-2008-6286 (Multiple SQL injection vulnerabilities in SubscriberStart.asp in Activ ...)
 	NOT-FOR-US: Active Newsletter
-CVE-2008-6285
+CVE-2008-6285 (SQL injection vulnerability in index.php in PHP TV Portal 2.0 and earl ...)
 	NOT-FOR-US: PHP TV Portal
-CVE-2008-6284
+CVE-2008-6284 (SQL injection vulnerability in edit.php in Z1Exchange 1.0 allows remot ...)
 	NOT-FOR-US: Z1Exchange
-CVE-2008-6283
+CVE-2008-6283 (Cross-site scripting (XSS) vulnerability in Subtext 2.0 allows remote  ...)
 	NOT-FOR-US: Subtext
-CVE-2008-6282
+CVE-2008-6282 (SQL injection vulnerability in engine/users/users_edit_pub.inc in CMS  ...)
 	NOT-FOR-US: CMS Ortus
-CVE-2008-6281
+CVE-2008-6281 (SQL injection vulnerability in index.php in Bluo CMS 1.2 allows remote ...)
 	NOT-FOR-US: Bluo CMS
-CVE-2008-6280
+CVE-2008-6280 (Cross-site scripting (XSS) vulnerability in apply.cgi on the Linksys W ...)
 	NOT-FOR-US: Linksys WRT160N
-CVE-2008-6279
+CVE-2008-6279 (RakhiSoftware Price Comparison Script (aka Shopping Cart) allows remot ...)
 	NOT-FOR-US: RakhiSoftware Price Comparison Script
-CVE-2008-6278
+CVE-2008-6278 (Multiple cross-site scripting (XSS) vulnerabilities in product.php in  ...)
 	NOT-FOR-US: RakhiSoftware Price Comparison Script
-CVE-2008-6277
+CVE-2008-6277 (SQL injection vulnerability in product.php in RakhiSoftware Price Comp ...)
 	NOT-FOR-US: RakhiSoftware Price Comparison Script
-CVE-2008-6276
+CVE-2008-6276 (Multiple SQL injection vulnerabilities in the User Karma module 5.x be ...)
 	NOT-FOR-US: User Karma module for Drupal
-CVE-2008-6275
+CVE-2008-6275 (Cross-site scripting (XSS) vulnerability in the User Karma module 5.x  ...)
 	NOT-FOR-US: User Karma module for Drupal
-CVE-2008-6274
+CVE-2008-6274 (Multiple SQL injection vulnerabilities in index.php in FamilyProject 2 ...)
 	NOT-FOR-US: FamilyProject
-CVE-2008-6273
+CVE-2008-6273 (Directory traversal vulnerability in configuration_script.php in MyKto ...)
 	NOT-FOR-US: MyKtools
-CVE-2008-6272
+CVE-2008-6272 (SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0 ...)
 	NOT-FOR-US: Dragan Mitic Apoll
-CVE-2008-6271
+CVE-2008-6271 (Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when  ...)
 	NOT-FOR-US: TBmnetCMS
-CVE-2008-6270
+CVE-2008-6270 (SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0 ...)
 	NOT-FOR-US: Dragan Mitic Apoll
-CVE-2008-6269
+CVE-2008-6269 (Joovili 3.1.4 allows remote attackers to bypass authentication and gai ...)
 	NOT-FOR-US: Joovili
-CVE-2008-6268
+CVE-2008-6268 (SQL injection vulnerability in detail.php in WEBBDOMAIN Multi Language ...)
 	NOT-FOR-US: Multi Languages WebShop Online
-CVE-2008-6267
+CVE-2008-6267 (Cross-site scripting (XSS) vulnerability in detail.php in Multi Langua ...)
 	NOT-FOR-US: Multi Languages WebShop Online
-CVE-2008-6266
+CVE-2008-6266 (SQL injection vulnerability in links.php in Appalachian State Universi ...)
 	NOT-FOR-US: phpWebSite
-CVE-2008-6265
+CVE-2008-6265 (Directory traversal vulnerability in portfolio/css.php in Cyberfolio 7 ...)
 	NOT-FOR-US: Cyberfolio
-CVE-2008-6264
+CVE-2008-6264 (SQL injection vulnerability in admin/admin.php in E-topbiz Slide Popup ...)
 	NOT-FOR-US: E-topbiz Slide Popups
-CVE-2008-6263
+CVE-2008-6263 (SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows ...)
 	NOT-FOR-US: SaturnCMS
-CVE-2008-6262
+CVE-2008-6262 (SQL injection vulnerability in lib/url/meta_url.php in SaturnCMS allow ...)
 	NOT-FOR-US: SaturnCMS
-CVE-2008-6261
+CVE-2008-6261 (SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows ...)
 	NOT-FOR-US: E-topbiz AdManager
-CVE-2008-6260
+CVE-2008-6260 (SQL injection vulnerability in index.php in Ultrastats 0.2.144 and 0.3 ...)
 	NOT-FOR-US: Ultrastats
-CVE-2008-6259
+CVE-2008-6259 (Cross-site scripting (XSS) vulnerability in search.asp in QuadComm Q-S ...)
 	NOT-FOR-US: QuadComm Q-Shop
-CVE-2008-6258
+CVE-2008-6258 (SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and p ...)
 	NOT-FOR-US: QuadComm Q-Shop
-CVE-2008-6257
+CVE-2008-6257 (SQL injection vulnerability in default.asp in Openasp 3.0 and earlier  ...)
 	NOT-FOR-US: Openasp
-CVE-2008-6256
+CVE-2008-6256 (SQL injection vulnerability in admincp/admincalendar.php in vBulletin  ...)
 	NOT-FOR-US: vBulletin
-CVE-2008-6255
+CVE-2008-6255 (Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote ...)
 	NOT-FOR-US: vBulletin
-CVE-2008-6254
+CVE-2008-6254 (SQL injection vulnerability in scripts/documents.php in Jadu Galaxies  ...)
 	NOT-FOR-US: Jadu Galaxies
-CVE-2008-6253
+CVE-2008-6253 (Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in Pl ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2008-6252
+CVE-2008-6252 (Stack-based buffer overflow in the smc program in smcFanControl 2.1.2  ...)
 	NOT-FOR-US: smcFanControl
-CVE-2008-6251
+CVE-2008-6251 (PHP remote file inclusion vulnerability in includes/init.php in phpFan ...)
 	NOT-FOR-US: phpFan
-CVE-2008-6250
+CVE-2008-6250 (SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier al ...)
 	NOT-FOR-US: Comdev Web Blogger
-CVE-2008-6249
+CVE-2008-6249 (SQL injection vulnerability in plugins/users/index.php in Galatolo Web ...)
 	NOT-FOR-US: Galatolo WebManager
-CVE-2008-6248
+CVE-2008-6248 (Cross-site scripting (XSS) vulnerability in all.php in Galatolo WebMan ...)
 	NOT-FOR-US: Galatolo WebManager
-CVE-2008-6247
+CVE-2008-6247 (SQL injection vulnerability in topsite.php in Scripts For Sites (SFS)  ...)
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6246
+CVE-2008-6246 (SQL injection vulnerability in category.php in Scripts For Sites (SFS) ...)
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6245
+CVE-2008-6245 (SQL injection vulnerability in track.php in Scripts For Sites (SFS) EZ ...)
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6244
+CVE-2008-6244 (SQL injection vulnerability in view_reviews.php in Scripts for Sites ( ...)
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6243
+CVE-2008-6243 (SQL injection vulnerability in showcategory.php in Scripts For Sites ( ...)
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6242
+CVE-2008-6242 (SQL injection vulnerability in SearchResults.php in Scripts For Sites  ...)
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6241
+CVE-2008-6241 (Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexP ...)
 	NOT-FOR-US: FlexPHPSite
-CVE-2008-6240
+CVE-2008-6240 (Cross-site scripting (XSS) vulnerability in data/views/index.html in O ...)
 	NOT-FOR-US: OpenEdit Digital Asset Management
-CVE-2008-6239
+CVE-2008-6239 (Cross-site request forgery (CSRF) vulnerability in OpenEdit Digital As ...)
 	NOT-FOR-US: OpenEdit Digital Asset Management
-CVE-2008-6238
+CVE-2008-6238 (Cross-site scripting (XSS) vulnerability in archive/savedqueries/saveq ...)
 	NOT-FOR-US: OpenEdit Digital Asset Management
-CVE-2008-6237
+CVE-2008-6237 (SQL injection vulnerability in software-description.php in Scripts For ...)
 	NOT-FOR-US: Scripts For Sites
-CVE-2008-6236
+CVE-2008-6236 (SQL injection vulnerability in login.php in Simple Document Management ...)
 	NOT-FOR-US: Simple Document Management System
-CVE-2008-6235
+CVE-2008-6235 (The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted a ...)
 	- vim 2:7.2.148-1 (low)
 	[lenny] - vim <not-affected> (proof-of-concept does not work)
 	[etch] - vim <no-dsa> (Minor issue)
-CVE-2008-6234
+CVE-2008-6234 (SQL injection vulnerability in the com_musica module in Joomla! and Ma ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6233
+CVE-2008-6233 (SQL injection vulnerability in index.php in Five Dollar Scripts Drinks ...)
 	NOT-FOR-US: Five Dollar Scripts Drinks script
-CVE-2008-6232
+CVE-2008-6232 (Pre Shopping Mall allows remote attackers to bypass authentication and ...)
 	NOT-FOR-US: Pre Shopping Mall
-CVE-2008-6231
+CVE-2008-6231 (Pre Classified Listing PHP allows remote attackers to bypass authentic ...)
 	NOT-FOR-US: Pre Classified Listing PHP
-CVE-2008-6230
+CVE-2008-6230 (SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Po ...)
 	NOT-FOR-US: Pre Projects Pre Podcast Portal
-CVE-2008-6229
+CVE-2008-6229 (Cross-site scripting (XSS) vulnerability in the administrative interfa ...)
 	NOT-FOR-US: CCK module for Drupal
-CVE-2008-6228
+CVE-2008-6228 (Pre Multi-Vendor Shopping Malls allows remote attackers to bypass auth ...)
 	NOT-FOR-US: Pre Multi-Vendor Shopping Malls
-CVE-2008-6227
+CVE-2008-6227 (SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Sh ...)
 	NOT-FOR-US: Pre Multi-Vendor Shopping Malls
-CVE-2008-6226
+CVE-2008-6226 (SQL injection vulnerability in moreinfo.php in Pre Projects PHP Auto L ...)
 	NOT-FOR-US: Pre Projects PHP Auto Listings Script
 CVE-2008-6225
 	NOT-FOR-US: Mole Group Airline Ticket Sale Script
-CVE-2008-6224
+CVE-2008-6224 (Directory traversal vulnerability in visualizza.php in Way Of The Warr ...)
 	NOT-FOR-US: Way Of The Warrior
-CVE-2008-6223
+CVE-2008-6223 (PHP remote file inclusion vulnerability in visualizza.php in Way Of Th ...)
 	NOT-FOR-US: Way Of The Warrior
-CVE-2008-6222
+CVE-2008-6222 (Directory traversal vulnerability in the Pro Desk Support Center (com_ ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6221
+CVE-2008-6221 (PHP remote file inclusion vulnerability in config.dadamail.php in the  ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6220
+CVE-2008-6220 (SQL injection vulnerability in login.php in Simple Document Management ...)
 	NOT-FOR-US: Simple Document Management System
-CVE-2008-6219
+CVE-2008-6219 (nsrexecd.exe in multiple EMC Networker products including EMC NetWorke ...)
 	NOT-FOR-US: EMC Networker products
-CVE-2008-6218
+CVE-2008-6218 (Memory leak in the png_handle_tEXt function in pngrutil.c in libpng be ...)
 	{DSA-1750-1}
 	- libpng 1.2.33-1
-CVE-2008-6217
+CVE-2008-6217 (Cross-site scripting (XSS) vulnerability in index.php in Extrakt Frame ...)
 	NOT-FOR-US: Extrakt Framework
-CVE-2008-6216
+CVE-2008-6216 (SQL injection vulnerability in cadena_ofertas_ext.php in Venalsur Book ...)
 	NOT-FOR-US: Venalsur Booking center Booking System
-CVE-2008-6215
+CVE-2008-6215 (Cross-site scripting (XSS) vulnerability in cadena_ofertas_ext.php in  ...)
 	NOT-FOR-US: Venalsur Booking center Booking System
-CVE-2008-6214
+CVE-2008-6214 (SQL injection vulnerability in poll_results.php in Harlandscripts Pro  ...)
 	NOT-FOR-US: Harlandscripts Pro Traffic One
-CVE-2008-6213
+CVE-2008-6213 (SQL injection vulnerability in mypage.php in Harlandscripts Pro Traffi ...)
 	NOT-FOR-US: Harlandscripts Pro Traffic One
-CVE-2008-6212
+CVE-2008-6212 (Cross-site scripting (XSS) vulnerability in admin.php in Php-Stats 0.1 ...)
 	NOT-FOR-US: Php-Stats
-CVE-2008-6211
+CVE-2008-6211 (Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net m ...)
 	NOT-FOR-US: PhpForums.net mcGallery
-CVE-2008-6210
+CVE-2008-6210 (SQL injection vulnerability in index.php in dream4 Koobi 4.4 and 5.4 a ...)
 	NOT-FOR-US: dream4 Koobi
-CVE-2008-6209
+CVE-2008-6209 (SQL injection vulnerability in view_product.php in Vastal I-Tech Softw ...)
 	NOT-FOR-US: Vastal I-Tech Software Zone
-CVE-2008-6208
+CVE-2008-6208 (Cross-site scripting (XSS) vulnerability in submitnews.php in e107 CMS ...)
 	NOT-FOR-US: e107 CMS
-CVE-2008-6207
+CVE-2008-6207 (Unrestricted file upload vulnerability in form_upload.php in PHPG Uplo ...)
 	NOT-FOR-US: PHPG Upload
-CVE-2008-6206
+CVE-2008-6206 (Multiple PHP remote file inclusion vulnerabilities in RobotStats 0.1 a ...)
 	NOT-FOR-US: RobotStats
-CVE-2008-6205
+CVE-2008-6205 (Cross-site scripting (XSS) vulnerability in seeurl.php in Xavier Flaha ...)
 	NOT-FOR-US: Xavier Flahaut URLStreet
-CVE-2008-6204
+CVE-2008-6204 (Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and earlie ...)
 	NOT-FOR-US: SuperNET Shop
-CVE-2008-6203
+CVE-2008-6203 (SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows remot ...)
 	NOT-FOR-US: CoBaLT
-CVE-2008-6202
+CVE-2008-6202 (SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to e ...)
 	NOT-FOR-US: CoBaLT
-CVE-2008-6201
+CVE-2008-6201 (Directory traversal vulnerability in help.php in the eskuel module in  ...)
 	NOT-FOR-US: KwsPHP
-CVE-2008-6200
+CVE-2008-6200 (Multiple cross-site scripting (XSS) vulnerabilities in Swiki 1.5 allow ...)
 	NOT-FOR-US: Swiki
-CVE-2008-6199
+CVE-2008-6199 (2532designs 2532|Gigs 1.2.2 and earlier allows remote attackers to tri ...)
 	NOT-FOR-US: 2532designs 2532|Gigs
-CVE-2008-6198
+CVE-2008-6198 (SQL injection vulnerability in pages.php in Custom Pages 1.0 plugin fo ...)
 	NOT-FOR-US: Custom Pages 1.0 plugin for MyBulletinBoard
-CVE-2008-6197
+CVE-2008-6197 (SQL injection vulnerability in index.php in the galerie module for Kws ...)
 	NOT-FOR-US: KwsPHP
-CVE-2008-6196
+CVE-2008-6196 (Multiple PHP remote file inclusion vulnerabilities in Philippe CROCHAT ...)
 	NOT-FOR-US: Philippe CROCHAT EasySite
-CVE-2008-6195
+CVE-2008-6195 (Directory traversal vulnerability in the PXE TFTP Service (PXEMTFTP.ex ...)
 	NOT-FOR-US: LANDesk Management Suite
-CVE-2008-6194
+CVE-2008-6194 (Memory leak in the DNS server in Microsoft Windows allows remote attac ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-6193
+CVE-2008-6193 (Sam Crew MyBlog stores passwords in cleartext in a MySQL database, whi ...)
 	NOT-FOR-US: Sam Crew MyBlog
-CVE-2008-6192
+CVE-2008-6192 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified Por ...)
 	NOT-FOR-US: Sun Java System Portal Server
-CVE-2008-6191
+CVE-2008-6191 (Conductor.exe in Intrinsic Swimage Encore before 5.0.1.21 contains a h ...)
 	NOT-FOR-US: Intrinsic Swimage Encore
-CVE-2008-6190
+CVE-2008-6190 (Cross-site scripting (XSS) vulnerability in index.php in EEBCMS 0.95 a ...)
 	NOT-FOR-US: EEBCMS
-CVE-2008-6189
+CVE-2008-6189 (SQL injection vulnerability in GForge 4.5.19 allows remote attackers t ...)
 	{DSA-1698-1}
 	- gforge 4.7~rc2-5
-CVE-2008-6188
+CVE-2008-6188 (SQL injection vulnerability in people/editprofile.php in Gforge 4.6 rc ...)
 	{DSA-1698-1}
 	- gforge 4.7~rc2-5
-CVE-2008-6187
+CVE-2008-6187 (SQL injection vulnerability in frs/shownotes.php in Gforge 4.5.19 and  ...)
 	{DSA-1698-1}
 	- gforge 4.7~rc2-5
-CVE-2008-6186
+CVE-2008-6186 (Stack-based buffer overflow in RaidenFTPD 2.4 build 3620 allows remote ...)
 	NOT-FOR-US: RaidenFTPD
-CVE-2008-6185
+CVE-2008-6185 (NoticeWare Email Server NG 5.1.2.2 allows remote attackers to cause a  ...)
 	NOT-FOR-US: NoticeWare Email Server NG
-CVE-2008-6184
+CVE-2008-6184 (SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6183
+CVE-2008-6183 (Multiple directory traversal vulnerabilities in index.php in My PHP In ...)
 	NOT-FOR-US: My PHP Indexer
-CVE-2008-6182
+CVE-2008-6182 (SQL injection vulnerability in the Ignite Gallery (com_ignitegallery)  ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6181
+CVE-2008-6181 (SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4jooml ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6180
+CVE-2008-6180 (SQL injection vulnerability in system/nlb_user.class.php in NewLife Bl ...)
 	NOT-FOR-US: NewLife Blogger
-CVE-2008-6179
+CVE-2008-6179 (SQL injection vulnerability in sug_cat.php in IndexScript 3.0 allows r ...)
 	NOT-FOR-US: IndexScript
-CVE-2008-6178
+CVE-2008-6178 (Unrestricted file upload vulnerability in editor/filemanager/browser/d ...)
 	NOTE: Alleged exploit does not work.
-CVE-2008-6177
+CVE-2008-6177 (Multiple directory traversal vulnerabilities in LightBlog 9.8, when ma ...)
 	NOT-FOR-US: LightBlog
 CVE-2008-6176
 	REJECTED
-CVE-2008-6175
+CVE-2008-6175 (SilverSHielD 1.0.2.34 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: SilverSHielD
-CVE-2008-6174
+CVE-2008-6174 (Cross-site scripting (XSS) vulnerability in admin/postlister/index.php ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2008-6173
+CVE-2008-6173 (Cross-site scripting (XSS) vulnerability in fullscreen.php in ClipShar ...)
 	NOT-FOR-US: ClipShare Pro
-CVE-2008-6172
+CVE-2008-6172 (Directory traversal vulnerability in captcha/captcha_image.php in the  ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6171
+CVE-2008-6171 (includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, w ...)
 	- drupal5 5.12-1 (low; bug #519114)
 	- drupal6 6.6-1 (low; bug #519115)
-CVE-2008-6170
+CVE-2008-6170 (Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and ...)
 	- drupal6 6.9-1 (low)
 	[lenny] - drupal6 6.6-1.1
-CVE-2008-6169
+CVE-2008-6169 (Cross-site request forgery (CSRF) vulnerability in the Localization cl ...)
 	NOT-FOR-US: Localization modules for Drupal
-CVE-2008-6168
+CVE-2008-6168 (Cross-site scripting (XSS) vulnerability in search.php in miniPortail  ...)
 	NOT-FOR-US: miniPortail
-CVE-2008-6167
+CVE-2008-6167 (Directory traversal vulnerability in search.php in miniPortail 2.2 and ...)
 	NOT-FOR-US: miniPortail
-CVE-2008-6166
+CVE-2008-6166 (SQL injection vulnerability in the KBase (com_kbase) 1.2 component for ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6165
+CVE-2008-6165 (SQL injection vulnerability in gestion.php in CSPartner 0.1, when magi ...)
 	NOT-FOR-US: CSPartner
-CVE-2008-6164
+CVE-2008-6164 (Cross-site scripting (XSS) vulnerability in index.php in DreamCost Hos ...)
 	NOT-FOR-US: DreamCost HostAdmin
-CVE-2008-6163
+CVE-2008-6163 (SQL injection vulnerability in www/delivery/ac.php in OpenX 2.6.1 allo ...)
 	- openx <itp> (bug #513771)
-CVE-2008-6162
+CVE-2008-6162 (Bux.to Clone script allows remote attackers to bypass authentication a ...)
 	NOT-FOR-US: Bux.to Clone script
-CVE-2008-6161
+CVE-2008-6161 (Cross-site scripting (XSS) vulnerability in WOW Raid Manager (WRM) bef ...)
 	NOT-FOR-US: WOW Raid Manager
-CVE-2008-6160
+CVE-2008-6160 (Semantically-Interconnected Online Communities (SIOC) 5.x before 5.x-1 ...)
 	NOT-FOR-US: Semantically-Interconnected Online Communities
-CVE-2008-6159
+CVE-2008-6159 (Content Management Made Easy (CMME) 1.19 allows remote attackers to ob ...)
 	NOT-FOR-US: Content Management Made Easy
-CVE-2008-6158
+CVE-2008-6158 (Multiple unspecified vulnerabilities in the admin backend in w3b&gt;cm ...)
 	NOT-FOR-US: w3blabor CMS
-CVE-2008-6157
+CVE-2008-6157 (SepCity Classified Ads stores the admin password in cleartext in data/ ...)
 	NOT-FOR-US: SepCity Classified Ads
-CVE-2008-6156
+CVE-2008-6156 (SQL injection vulnerability in editCampaign.php in AdMan 1.1.20070907  ...)
 	NOT-FOR-US: AdMan
-CVE-2008-6155
+CVE-2008-6155 (SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1  ...)
 	NOT-FOR-US: Hispah Text Links Ads
-CVE-2008-6154
+CVE-2008-6154 (SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1  ...)
 	NOT-FOR-US: Hispah Text Links Ads
-CVE-2008-6153
+CVE-2008-6153 (SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo ...)
 	NOT-FOR-US: Jay Patel Pixel8 Web Photo
-CVE-2008-6152
+CVE-2008-6152 (SQL injection vulnerability in deptdisplay.asp in SepCity Faculty Port ...)
 	NOT-FOR-US: SepCity Faculty Portal
-CVE-2008-6151
+CVE-2008-6151 (SQL injection vulnerability in shpdetails.asp in SepCity Shopping Mall ...)
 	NOT-FOR-US: SepCity Faculty Portal
-CVE-2008-6150
+CVE-2008-6150 (SQL injection vulnerability in classdis.asp in SepCity Classified Ads  ...)
 	NOT-FOR-US: SepCity Faculty Portal
-CVE-2008-6149
+CVE-2008-6149 (SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 f ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6148
+CVE-2008-6148 (SQL injection vulnerability in the Live Ticker (com_liveticker) module ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6147
+CVE-2008-6147 (ForumApp 3.3 stores sensitive information under the web root with insu ...)
 	NOT-FOR-US: ForumApp
-CVE-2008-6146
+CVE-2008-6146 (SQL injection vulnerability in pm.php in DeluxeBB 1.2 and earlier, whe ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2008-6145
+CVE-2008-6145 (Multiple SQL injection vulnerabilities in the WEC Discussion Forum (we ...)
 	NOT-FOR-US: WEC Discussion Forum (wec_discussion) extension TYPO3
-CVE-2008-6144
+CVE-2008-6144 (Multiple cross-site scripting (XSS) vulnerabilities in the WEC Discuss ...)
 	NOT-FOR-US: WEC Discussion Forum (wec_discussion) extension TYPO3
-CVE-2008-6143
+CVE-2008-6143 (OwenPoll 1.0 allows remote attackers to bypass authentication and obta ...)
 	NOT-FOR-US: OwenPoll
-CVE-2008-6142
+CVE-2008-6142 (Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexP ...)
 	NOT-FOR-US: FlexPHPic
-CVE-2008-6141
+CVE-2008-6141 (Unspecified vulnerability in Avaya IP Softphone 6.0 SP4 and 6.01.85 al ...)
 	NOT-FOR-US: Avaya IP Softphone
-CVE-2008-6140
+CVE-2008-6140 (Unspecified vulnerability in the Session Initiation Protocol (SIP) imp ...)
 	NOT-FOR-US: Avaya one-X Desktop Edition
-CVE-2008-6139
+CVE-2008-6139 (Directory traversal vulnerability in faqsupport/wce.download.php in We ...)
 	NOT-FOR-US: WebBiscuits Modules Controller
-CVE-2008-6138
+CVE-2008-6138 (PHP remote file inclusion vulnerability in adminhead.php in WebBiscuit ...)
 	NOT-FOR-US: WebBiscuits Modules Controller
-CVE-2008-6137
+CVE-2008-6137 (EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to ...)
 	NOT-FOR-US: EveryBlog
-CVE-2008-6136
+CVE-2008-6136 (Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupa ...)
 	NOT-FOR-US: EveryBlog
-CVE-2008-6135
+CVE-2008-6135 (Cross-site scripting (XSS) vulnerability in EveryBlog 5.x and 6.x, a m ...)
 	NOT-FOR-US: EveryBlog
-CVE-2008-6134
+CVE-2008-6134 (SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for Dru ...)
 	NOT-FOR-US: EveryBlog
-CVE-2008-6133
+CVE-2008-6133 (SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script  ...)
 	NOT-FOR-US: Full PHP Emlak Script
-CVE-2008-6132
+CVE-2008-6132 (Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 an ...)
 	NOT-FOR-US: phpScheduleIt
-CVE-2008-6131
+CVE-2008-6131 (Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows  ...)
 	NOT-FOR-US: moziloWiki
-CVE-2008-6130
+CVE-2008-6130 (Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1. ...)
 	NOT-FOR-US: moziloWiki
-CVE-2008-6129
+CVE-2008-6129 (Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and ...)
 	NOT-FOR-US: moziloWiki
-CVE-2008-6128
+CVE-2008-6128 (Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows  ...)
 	NOT-FOR-US: moziloCMS
-CVE-2008-6127
+CVE-2008-6127 (Multiple cross-site scripting (XSS) vulnerabilities in moziloCMS 1.10. ...)
 	NOT-FOR-US: moziloCMS
-CVE-2008-6126
+CVE-2008-6126 (Multiple directory traversal vulnerabilities in moziloCMS 1.10.2 and e ...)
 	NOT-FOR-US: moziloCMS
-CVE-2008-6125
+CVE-2008-6125 (Unspecified vulnerability in the user editing interface in Moodle 1.5. ...)
 	{DSA-1724-1}
 	- moodle 1.8.2.dfsg-2
-CVE-2008-6124
+CVE-2008-6124 (SQL injection vulnerability in the hotpot_delete_selected_attempts fun ...)
 	{DSA-1691-1}
 	- moodle 1.8.2.dfsg-2
-CVE-2008-6123
+CVE-2008-6123 (The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp ...)
 	- net-snmp 5.4.3~dfsg-1 (low; bug #516801)
 	[etch] - net-snmp <no-dsa> (Minor issue)
 	[lenny] - net-snmp <no-dsa> (Minor issue)
-CVE-2008-6122
+CVE-2008-6122 (The web management interface in Netgear WGR614v9 allows remote attacke ...)
 	NOT-FOR-US: Netgear WGR614v9
-CVE-2008-6121
+CVE-2008-6121 (CRLF injection vulnerability in SocialEngine (SE) 2.7 and earlier allo ...)
 	NOT-FOR-US: SocialEngine
-CVE-2008-6120
+CVE-2008-6120 (SQL injection vulnerability in profile_comments.php in SocialEngine (S ...)
 	NOT-FOR-US: SocialEngine
-CVE-2008-6119
+CVE-2008-6119 (Static code injection vulnerability in gooplecms/admin/account/action/ ...)
 	NOT-FOR-US: Goople CMS
-CVE-2008-6118
+CVE-2008-6118 (win/content/upload.php in Goople CMS 1.7 allows remote attackers to by ...)
 	NOT-FOR-US: Goople CMS
-CVE-2008-6117
+CVE-2008-6117 (SQL injection vulnerability in homepage.php in PG Job Site Pro allows  ...)
 	NOT-FOR-US: PG Job Site Pro
-CVE-2008-6116
+CVE-2008-6116 (SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6115
+CVE-2008-6115 (SQL injection vulnerability in directory.php in Prozilla Hosting Index ...)
 	NOT-FOR-US: Prozilla Hosting Index
-CVE-2008-6114
+CVE-2008-6114 (SQL injection vulnerability in product_details.php in the Mytipper Zog ...)
 	NOT-FOR-US: Mytipper Zogo-shop
-CVE-2008-6113
+CVE-2008-6113 (Cross-site scripting (XSS) vulnerability in SemanticScuttle before 0.9 ...)
 	NOT-FOR-US: SemanticScuttle
-CVE-2008-6112
+CVE-2008-6112 (Multiple directory traversal vulnerabilities in Ez Ringtone Manager al ...)
 	NOT-FOR-US: Ez Ringtone Manager
-CVE-2008-6111
+CVE-2008-6111 (SQL injection vulnerability in blog.php in NetArt Media Vlog System 1. ...)
 	NOT-FOR-US: NetArt Media Vlog System
-CVE-2008-6110
+CVE-2008-6110 (Unspecified vulnerability in SemanticScuttle before 0.90 has unknown i ...)
 	NOT-FOR-US: SemanticScuttle
-CVE-2008-6109
+CVE-2008-6109 (Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 does not ...)
 	NOT-FOR-US: Robin Rawson-Tetley Animal Shelter Manager
-CVE-2008-6108
+CVE-2008-6108 (Cross-site scripting (XSS) vulnerability in result.php in Galatolo Web ...)
 	NOT-FOR-US: Galatolo WebManager
-CVE-2008-6107
+CVE-2008-6107 (The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, th ...)
 	- linux-2.6 2.6.25-4 (low)
 	- linux-2.6.24 <removed>
-CVE-2008-6106
+CVE-2008-6106 (Cross-site request forgery (CSRF) vulnerability in IBM Workplace for B ...)
 	NOT-FOR-US: IBM Workplace for Business Controls
-CVE-2008-6105
+CVE-2008-6105 (Cross-site scripting (XSS) vulnerability in IBM Workplace for Business ...)
 	NOT-FOR-US: IBM Workplace for Business Controls
-CVE-2008-6104
+CVE-2008-6104 (SQL injection vulnerability in A4Desk PHP Event Calendar allows remote ...)
 	NOT-FOR-US: A4Desk PHP Event Calendar
-CVE-2008-6103
+CVE-2008-6103 (PHP remote file inclusion vulnerability in index.php in A4Desk Event C ...)
 	NOT-FOR-US: A4Desk PHP Event Calendar
-CVE-2008-6102
+CVE-2008-6102 (SQL injection vulnerability in ratelink.php in Link Trader Script allo ...)
 	NOT-FOR-US: Link Trader Script
-CVE-2008-6101
+CVE-2008-6101 (SQL injection vulnerability in click.php in Adult Banner Exchange Webs ...)
 	NOT-FOR-US: Adult Banner Exchange Website
-CVE-2008-6100
+CVE-2008-6100 (Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.3, wh ...)
 	NOT-FOR-US: Discussion Forums
-CVE-2008-6099
+CVE-2008-6099 (PHP remote file inclusion vulnerability in index.php in RPortal 1.1 an ...)
 	NOT-FOR-US: RPortal
-CVE-2008-6098
+CVE-2008-6098 (Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, 2.2 ...)
 	- bugzilla <unfixed> (unimportant)
-CVE-2008-6097
+CVE-2008-6097 (Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog before ...)
 	NOT-FOR-US: WikyBlog
-CVE-2008-6096
+CVE-2008-6096 (Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS ...)
 	NOT-FOR-US: Juniper NetScreen ScreenOS
-CVE-2008-6095
+CVE-2008-6095 (Cross-site scripting (XSS) vulnerability in surveillanceView.htm in Op ...)
 	NOT-FOR-US: OpenNMS
-CVE-2008-6094
+CVE-2008-6094 (Cross-site scripting (XSS) vulnerability in user.do in Celoxis Technol ...)
 	NOT-FOR-US: Celoxis Technologies Celoxis
-CVE-2008-6093
+CVE-2008-6093 (SQL injection vulnerability in index.php in Noname CMS 1.0, when magic ...)
 	NOT-FOR-US: Noname CMS
-CVE-2008-6092
+CVE-2008-6092 (phpscripts Ranking Script allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: phpscripts Ranking Script
-CVE-2008-6091
+CVE-2008-6091 (SQL injection vulnerability in plugins.php in BMForum 5.6, when magic_ ...)
 	NOT-FOR-US: BMForum
-CVE-2008-6090
+CVE-2008-6090 (Directory traversal vulnerability in members.php in ScriptsEz Mini Hos ...)
 	NOT-FOR-US: ScriptsEz Mini Hosting Panel
-CVE-2008-6089
+CVE-2008-6089 (Directory traversal vulnerability in main.php in ScriptsEz Easy Image  ...)
 	NOT-FOR-US: ScriptsEz
-CVE-2008-6088
+CVE-2008-6088 (SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01  ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6087
+CVE-2008-6087 (Cross-site scripting (XSS) vulnerability in topic.php in Camera Life 2 ...)
 	NOT-FOR-US: Camera Life
-CVE-2008-6086
+CVE-2008-6086 (SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows ...)
 	NOT-FOR-US: Camera Life
-CVE-2008-6085
+CVE-2008-6085 (Integer overflow in multiple F-Secure anti-virus products, including I ...)
 	NOT-FOR-US: F-Secure
-CVE-2008-6084
+CVE-2008-6084 (Unrestricted file upload vulnerability in pages/download.php in Iamma  ...)
 	NOT-FOR-US: Iamma Simple Gallery
-CVE-2008-6083
+CVE-2008-6083 (Directory traversal vulnerability in header.php in TXTshop beta 1.0 al ...)
 	NOT-FOR-US: TXTshop
-CVE-2008-6082
+CVE-2008-6082 (Titan FTP Server 6.26 build 630 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Titan FTP Server
-CVE-2008-6081
+CVE-2008-6081 (SQL injection vulnerability in contact.php in Simple Customer 1.2 allo ...)
 	NOT-FOR-US: Simple Customer
-CVE-2008-6080
+CVE-2008-6080 (Directory traversal vulnerability in download.php in the ionFiles (com ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6079
+CVE-2008-6079 (imlib2 before 1.4.2 allows context-dependent attackers to have an unsp ...)
 	{DSA-2029-1}
 	- imlib2 1.4.2-1 (bug #576469)
 	NOTE: poked upstream for more details
-CVE-2008-6078
+CVE-2008-6078 (SQL injection vulnerability in open.php in the Private Messaging (com_ ...)
 	NOT-FOR-US: Limbo CMS
-CVE-2008-6077
+CVE-2008-6077 (SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a an ...)
 	NOT-FOR-US: LoudBlog
-CVE-2008-6076
+CVE-2008-6076 (SQL injection vulnerability in the Daily Message (com_dailymessage) 1. ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-6075
+CVE-2008-6075 (SQL injection vulnerability in aspkat.asp in Bahar Download Script 2.0 ...)
 	NOT-FOR-US: Bahar Download Script
-CVE-2008-6074
+CVE-2008-6074 (Directory traversal vulnerability in frame.php in phpcrs 2.06 and earl ...)
 	NOT-FOR-US: phpcrs
-CVE-2008-6073
+CVE-2008-6073 (StorageCrypt 2.0.1 does not properly encrypt disks, which allows local ...)
 	NOT-FOR-US: StorageCrypt
-CVE-2008-6072
+CVE-2008-6072 (Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14,  ...)
 	{DSA-1903-1}
 	- graphicsmagick 1.2.3-1
-CVE-2008-6071
+CVE-2008-6071 (Heap-based buffer overflow in the DecodeImage function in coders/pict. ...)
 	{DSA-1903-1}
 	- graphicsmagick 1.2.3-1
-CVE-2008-6070
+CVE-2008-6070 (Multiple heap-based buffer underflows in the ReadPALMImage function in ...)
 	{DSA-1903-1}
 	- graphicsmagick 1.2.3-1
-CVE-2008-6069
+CVE-2008-6069 (SQL injection vulnerability in e107chat.php in the eChat plugin 4.2 fo ...)
 	NOT-FOR-US: eChat plugin
-CVE-2008-6068
+CVE-2008-6068 (SQL injection vulnerability in the JoomlaDate (com_joomladate) compone ...)
 	NOT-FOR-US: Joomla!
 CVE-2008-7272 [iceweasel-firegpg: Passphrase and Cleartext Recovery]
 	RESERVED
@@ -2697,180 +2697,180 @@ CVE-2008-7273 [iceweasel-firegpg: Passphrase and Cleartext Recovery]
 	- iceweasel-firegpg <removed> (bug #514386)
 CVE-2008-6067
 	REJECTED
-CVE-2008-6066
+CVE-2008-6066 (Multiple PHP remote file inclusion vulnerabilities in Meet#Web 0.8 all ...)
 	NOT-FOR-US: Meet#Web
-CVE-2008-6065
+CVE-2008-6065 (Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE perm ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2008-6064
+CVE-2008-6064 (Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote att ...)
 	NOT-FOR-US: DomPHP
-CVE-2008-6063
+CVE-2008-6063 (Microsoft Word 2007, when the "Save as PDF" add-on is enabled, places  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-6062
+CVE-2008-6062 (Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary  ...)
 	NOT-FOR-US: Adobe Dreamweaver
-CVE-2008-6061
+CVE-2008-6061 (Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary  ...)
 	NOT-FOR-US: Techsmith Camtasia Studio
-CVE-2008-6060
+CVE-2008-6060 (Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary  ...)
 	NOT-FOR-US: InfoSoft FusionCharts
-CVE-2008-6059
+CVE-2008-6059 (xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not pro ...)
 	- webkit <not-affected> (bug #516555; low)
 	NOTE: webkit in linux needs libsoup for cookie support
-CVE-2008-6058
+CVE-2008-6058 (Syslserve 1.058 and earlier, and probably 1.059, allows remote attacke ...)
 	NOT-FOR-US: Syslserve
-CVE-2008-6057
+CVE-2008-6057 (Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under t ...)
 	NOT-FOR-US: Doug Luxem Liberum Help Desk
-CVE-2008-6056
+CVE-2008-6056 (Multiple cross-site scripting (XSS) vulnerabilities in World Recipe 2. ...)
 	NOT-FOR-US: World Recipe
-CVE-2008-6055
+CVE-2008-6055 (PreProjects Pre Classified Listings stores pclasp.mdb under the web ro ...)
 	NOT-FOR-US: PreProjects Pre Classified Listings
-CVE-2008-6054
+CVE-2008-6054 (PreProjects Pre Courier and Cargo Business stores dbcourior.mdb under  ...)
 	NOT-FOR-US: PreProjects Pre Classified Listings
-CVE-2008-6053
+CVE-2008-6053 (PreProjects Pre Resume Submitter stores onlineresume.mdb under the web ...)
 	NOT-FOR-US: PreProjects Pre Classified Listings
-CVE-2008-6052
+CVE-2008-6052 (PreProjects Pre E-Learning Portal stores db_elearning.mdb under the we ...)
 	NOT-FOR-US: PreProjects Pre Classified Listings
-CVE-2008-6051
+CVE-2008-6051 (MetaCart Free stores metacart.mdb under the web root with insufficient ...)
 	NOT-FOR-US: MetaCart Free
-CVE-2008-6050
+CVE-2008-6050 (SQL injection vulnerability in the Tech Articles (com_tech_article) 1. ...)
 	NOT-FOR-US: Tech Articles
 CVE-2008-6049
 	REJECTED
-CVE-2008-6048
+CVE-2008-6048 (Multiple cross-site request forgery (CSRF) vulnerabilities in TangoCMS ...)
 	NOT-FOR-US: TangoCMS
-CVE-2008-6047
+CVE-2008-6047 (Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 ...)
 	NOT-FOR-US: ADbNewsSender
-CVE-2008-6046
+CVE-2008-6046 (SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remot ...)
 	NOT-FOR-US: ADbNewsSender
-CVE-2008-6045
+CVE-2008-6045 (Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0 ...)
 	NOT-FOR-US: xt:Commerce
-CVE-2008-6044
+CVE-2008-6044 (Cross-site scripting (XSS) vulnerability in advanced_search_result.php ...)
 	NOT-FOR-US: xt:Commerce
-CVE-2008-6043
+CVE-2008-6043 (Multiple SQL injection vulnerabilities in PHP Pro Bid (PPB) 6.04 allow ...)
 	NOT-FOR-US: PHP Pro Bid
-CVE-2008-6042
+CVE-2008-6042 (SQL injection vulnerability in the re_search module in NetArtMedia Rea ...)
 	NOT-FOR-US: NetArtMedia Real Estate Portal
-CVE-2008-6041
+CVE-2008-6041 (Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in Da ...)
 	NOT-FOR-US: Dataspade
-CVE-2008-6040
+CVE-2008-6040 (SQL injection vulnerability in index.php in Arcadem Pro 2.700 through  ...)
 	NOT-FOR-US: Arcadem Pro
-CVE-2008-6039
+CVE-2008-6039 (Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows  ...)
 	NOT-FOR-US: BLUEPAGE CMS
-CVE-2008-6038
+CVE-2008-6038 (SQL injection vulnerability in index.php in MapCal 0.1 allows remote a ...)
 	NOT-FOR-US: MapCal
-CVE-2008-6037
+CVE-2008-6037 (SQL injection vulnerability in view.php in AvailScript Article Script  ...)
 	NOT-FOR-US: AvailScript Article Script
-CVE-2008-6036
+CVE-2008-6036 (PHP remote file inclusion vulnerability in main.inc.php in BaseBuilder ...)
 	NOT-FOR-US: BaseBuilder
-CVE-2008-6035
+CVE-2008-6035 (Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1. ...)
 	NOT-FOR-US: Achievo
-CVE-2008-6034
+CVE-2008-6034 (Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1. ...)
 	NOT-FOR-US: Achievo
-CVE-2008-6033
+CVE-2008-6033 (SQL injection vulnerability in comments.php in WSN Links 2.20 allows r ...)
 	NOT-FOR-US: WSN Links
-CVE-2008-6032
+CVE-2008-6032 (SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P  ...)
 	NOT-FOR-US: WSN Links
-CVE-2008-6031
+CVE-2008-6031 (SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 all ...)
 	NOT-FOR-US: WSN Links
-CVE-2008-6030
+CVE-2008-6030 (Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3  ...)
 	NOT-FOR-US: NetArtMedia Jobs Portal
-CVE-2008-6029
+CVE-2008-6029 (SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and earli ...)
 	NOT-FOR-US: BuzzyWall
-CVE-2008-6028
+CVE-2008-6028 (SQL injection vulnerability in list.php in University of Queensland Li ...)
 	NOT-FOR-US: Library Fez
-CVE-2008-6027
+CVE-2008-6027 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in BL ...)
 	NOT-FOR-US: BLUEPAGE CMS
-CVE-2008-6026
+CVE-2008-6026 (SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remot ...)
 	NOT-FOR-US: BlueCUBE CMS
-CVE-2008-6025
+CVE-2008-6025 (Directory traversal vulnerability in scr/form.php in openElec 3.01 and ...)
 	NOT-FOR-US: openElec
-CVE-2008-6024
+CVE-2008-6024 (Unspecified vulnerability in the NFSv4 client module in the kernel on  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-6023
+CVE-2008-6023 (PHP remote file inclusion vulnerability in includes/todofleetcontrol.p ...)
 	NOT-FOR-US: Xnova
-CVE-2008-6022
+CVE-2008-6022 (PHP remote file inclusion vulnerability in includes/todofleetcontrol.p ...)
 	NOT-FOR-US: Xnova
-CVE-2008-6021
+CVE-2008-6021 (Multiple unspecified vulnerabilities in Attachmate Reflection for Secu ...)
 	NOT-FOR-US: Attachmate Reflection
-CVE-2008-6020
+CVE-2008-6020 (SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for ...)
 	NOT-FOR-US: View module (drupal module)
-CVE-2008-6019
+CVE-2008-6019 (SQL injection vulnerability in index.php in EACOMM DO-CMS 3.0 allows r ...)
 	NOT-FOR-US: EACOMM DO-CMS
-CVE-2008-6018
+CVE-2008-6018 (Directory traversal vulnerability in index.php in MyPHPSite, when magi ...)
 	NOT-FOR-US: MyPHPSite
-CVE-2008-6017
+CVE-2008-6017 (SQL injection vulnerability in messages.php in I-Rater Basic allows re ...)
 	NOT-FOR-US: I-Rater Basic
-CVE-2008-6016
+CVE-2008-6016 (SQL injection vulnerability in questions.php in EsFaq 2.0 allows remot ...)
 	NOT-FOR-US: EsFaq
-CVE-2008-6015
+CVE-2008-6015 (Multiple SQL injection vulnerabilities in search.php in EsFaq 2.0 allo ...)
 	NOT-FOR-US: EsFaq
-CVE-2008-6014
+CVE-2008-6014 (SQL injection vulnerability in scripts/links.php in Rianxosencabos CMS ...)
 	NOT-FOR-US: Rianxosencabos CMS
-CVE-2008-6013
+CVE-2008-6013 (Multiple SQL injection vulnerabilities in Freeway before 1.4.3.210 all ...)
 	NOT-FOR-US: Freeway
-CVE-2008-6012
+CVE-2008-6012 (Directory traversal vulnerability in index.php in Pritlog 0.4 and earl ...)
 	NOT-FOR-US: Pritlog
-CVE-2008-6011
+CVE-2008-6011 (SQL injection vulnerability in index.php in SG Real Estate Portal 2.0  ...)
 	NOT-FOR-US: SG Real Estate Portal
-CVE-2008-6010
+CVE-2008-6010 (Multiple directory traversal vulnerabilities in SG Real Estate Portal  ...)
 	NOT-FOR-US: SG Real Estate Portal
-CVE-2008-6009
+CVE-2008-6009 (SG Real Estate Portal 2.0 allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: SG Real Estate Portal
-CVE-2008-6008
+CVE-2008-6008 (hyBook Guestbook Script stores sensitive information under the web roo ...)
 	NOT-FOR-US: hyBook Guestbook Script
-CVE-2008-6007
+CVE-2008-6007 (SQL injection vulnerability in view_group.php in QuidaScript BookMarks ...)
 	NOT-FOR-US: QuidaScript BookMarks Favourites Script
-CVE-2008-6006
+CVE-2008-6006 (Multiple PHP remote file inclusion vulnerabilities in Micronation Bank ...)
 	NOT-FOR-US: Micronation Banking System
-CVE-2008-6004
+CVE-2008-6004 (Cross-site scripting (XSS) vulnerability in search.php in AJ Auction P ...)
 	NOT-FOR-US: AJ Auction Pro Platinum
-CVE-2008-6003
+CVE-2008-6003 (SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pr ...)
 	NOT-FOR-US: AJ Auction Pro Platinum
-CVE-2008-6002
+CVE-2008-6002 (Absolute path traversal vulnerability in sendfile.php in web-cp 0.5.7, ...)
 	NOT-FOR-US: web-cp
-CVE-2008-6001
+CVE-2008-6001 (index.php in ADN Forum 1.0b and earlier allows remote attackers to byp ...)
 	NOT-FOR-US: ADN Forum
-CVE-2008-6000
+CVE-2008-6000 (The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 20 ...)
 	NOT-FOR-US: G DATA AntiVirus
-CVE-2008-5999
+CVE-2008-5999 (Cross-site scripting (XSS) vulnerability in the Ajax Checklist module  ...)
 	NOT-FOR-US: Ajax Checklist module for Drupal
-CVE-2008-5998
+CVE-2008-5998 (Multiple SQL injection vulnerabilities in the ajax_checklist_save func ...)
 	NOT-FOR-US: Ajax Checklist module for Drupal
-CVE-2008-5997
+CVE-2008-5997 (Absolute path traversal vulnerability in admin/fileKontrola/browser.as ...)
 	NOT-FOR-US: Omnicom Content Platform
-CVE-2008-5996
+CVE-2008-5996 (Cross-site scripting (XSS) vulnerability in the Simplenews module 5.x  ...)
 	NOT-FOR-US: Simplenews module for Drupal
-CVE-2008-5995
+CVE-2008-5995 (Cross-site scripting (XSS) vulnerability in the freeCap CAPTCHA (sr_fr ...)
 	NOT-FOR-US: freeCap CAPTCHA extension for Typo3
-CVE-2008-5994
+CVE-2008-5994 (Cross-site scripting (XSS) vulnerability in index.php in Check Point C ...)
 	NOT-FOR-US: Check Point Connectra
-CVE-2008-5993
+CVE-2008-5993 (Directory traversal vulnerability in image.php in Barcode Generator 1D ...)
 	NOT-FOR-US: Barcode Generator 1D
-CVE-2008-5992
+CVE-2008-5992 (Multiple SQL injection vulnerabilities in Jetik Emlak Sistem A (ESA) 2 ...)
 	NOT-FOR-US: Jetik Emlak Sistem
-CVE-2008-5991
+CVE-2008-5991 (Directory traversal vulnerability in docs.php in MailWatch for MailSca ...)
 	NOT-FOR-US: MailWatch for MailScanner
-CVE-2008-5990
+CVE-2008-5990 (Directory traversal vulnerability in connect/init.inc in emergecolab 1 ...)
 	NOT-FOR-US: emergecolab
-CVE-2008-5989
+CVE-2008-5989 (Directory traversal vulnerability in defs.php in PHPcounter 1.3.2 and  ...)
 	NOT-FOR-US: PHPcounterJadu CMS
-CVE-2008-5988
+CVE-2008-5988 (SQL injection vulnerability in scripts/recruit_details.php in Jadu CMS ...)
 	NOT-FOR-US: Jadu CMS
 CVE-2008-XXXX [minor cyrus sasl DoS]
 	- cyrus-sasl2 2.1.22.dfsg1-18 (bug #465561)
 	[etch] - cyrus-sasl2 <no-dsa> (Minor issue)
-CVE-2008-5987
+CVE-2008-5987 (Untrusted search path vulnerability in the Python interface in Eye of  ...)
 	- eog 2.22.3-2 (bug #504352; low)
 	[etch] - eog <not-affected> (Vulnerable code not present)
-CVE-2008-5986
+CVE-2008-5986 (Untrusted search path vulnerability in the (1) "VST plugin with Python ...)
 	- csound 5.08.2~dfsg-1.1 (bug #504359; low)
 	[lenny] - csound 1:5.08.0.dfsg2-8+lenny2 (bug #504359; low)
 	[etch] - csound <not-affected> (Vulnerable code not present)
-CVE-2008-5985
+CVE-2008-5985 (Untrusted search path vulnerability in the Python interface in Epiphan ...)
 	- epiphany-browser 2.22.3-7 (bug #504363; low)
 	[etch] - epiphany-browser <no-dsa> (Minor issue, only vulnerable when called from certain dir)
-CVE-2008-5984
+CVE-2008-5984 (Untrusted search path vulnerability in the Python plugin in Dia 0.96.1 ...)
 	- dia 0.96.1-7.1 (low; bug #504251)
 	[etch] - dia <no-dsa> (Minor issue, only vulnerable when called from certain dir)
-CVE-2008-5983
+CVE-2008-5983 (Untrusted search path vulnerability in the PySys_SetArgv API function  ...)
 	- python3.1 3.1.2+20100703-1 (low; bug #575780)
 	- python2.6 2.6.5+20100529-1 (low; bug #572010)
 	- python2.5 <unfixed> (low)
@@ -2884,311 +2884,311 @@ CVE-2008-5983
 	NOTE: a backport has a significant risk of breakage for little gain. If a
 	NOTE: proper upstream patch should be available, this can be re-evaluated
 	NOTE: http://bugs.python.org/issue5753
-CVE-2008-5982
+CVE-2008-5982 (Format string vulnerability in BMC PATROL Agent before 3.7.30 allows r ...)
 	NOT-FOR-US: BMC PATROL Agent
-CVE-2008-5968
+CVE-2008-5968 (Directory traversal vulnerability in print.php in PHP iCalendar 2.24 a ...)
 	- phpicalendar <removed> (bug #513517)
-CVE-2008-5967
+CVE-2008-5967 (admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not req ...)
 	- phpicalendar <removed> (bug #513517)
-CVE-2008-5981
+CVE-2008-5981 (PacPoll 4.0 stores sensitive information under the web root with insuf ...)
 	NOT-FOR-US: PacPoll
-CVE-2008-5980
+CVE-2008-5980 (Ocean12 Mailing List Manager Gold stores sensitive data under the web  ...)
 	NOT-FOR-US: Ocean12 Mailing List Manager Gold
-CVE-2008-5979
+CVE-2008-5979 (Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Mai ...)
 	NOT-FOR-US: Ocean12 Mailing List Manager Gold
-CVE-2008-5978
+CVE-2008-5978 (Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager ...)
 	NOT-FOR-US: Ocean12 Mailing List Manager Gold
-CVE-2008-5977
+CVE-2008-5977 (SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE  ...)
 	NOT-FOR-US: PHP JOBWEBSITE PRO
-CVE-2008-5976
+CVE-2008-5976 (Multiple cross-site scripting (XSS) vulnerabilities in siteadmin/forgo ...)
 	NOT-FOR-US: PHP JOBWEBSITE PRO
-CVE-2008-5975
+CVE-2008-5975 (SQL injection vulnerability in links.asp in Active Price Comparison 4. ...)
 	NOT-FOR-US: Active Price Comparison
-CVE-2008-5974
+CVE-2008-5974 (Multiple SQL injection vulnerabilities in login.aspx in Active Price C ...)
 	NOT-FOR-US: Active Price Comparison
-CVE-2008-5973
+CVE-2008-5973 (SQL injection vulnerability in login.aspx in Active Web Mail 4.0 allow ...)
 	NOT-FOR-US: Active Web Mail
-CVE-2008-5972
+CVE-2008-5972 (SQL injection vulnerability in default.asp in Active Business Director ...)
 	NOT-FOR-US: Active Business Directory
-CVE-2008-5971
+CVE-2008-5971 (Cross-site scripting (XSS) vulnerability in profile_social.php in i-Ne ...)
 	NOT-FOR-US: i-Net Solution Orkut Clone
-CVE-2008-5970
+CVE-2008-5970 (SQL injection vulnerability in profile_social.php in i-Net Solution Or ...)
 	NOT-FOR-US: i-Net Solution Orkut Clone
-CVE-2008-5969
+CVE-2008-5969 (SQL injection vulnerability in popupproduct.php in Sunbyte e-Flower al ...)
 	NOT-FOR-US: Sunbyte e-Flower
-CVE-2008-5966
+CVE-2008-5966 (globsy_edit.php in Globsy 1.0 and earlier allows remote attackers to c ...)
 	NOT-FOR-US: Globsy
-CVE-2008-5965
+CVE-2008-5965 (Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and ea ...)
 	NOT-FOR-US: LokiCMS
-CVE-2008-5964
+CVE-2008-5964 (Session fixation vulnerability in Social ImpressCMS before 1.1.1 RC1 a ...)
 	NOT-FOR-US: Social ImpressCMS
-CVE-2008-5963
+CVE-2008-5963 (Eval injection vulnerability in library/setup/rpc.php in Gravity Getti ...)
 	NOT-FOR-US: Gravity Getting Things Done
-CVE-2008-5962
+CVE-2008-5962 (Directory traversal vulnerability in library/setup/rpc.php in Gravity  ...)
 	NOT-FOR-US: Gravity Getting Things Done
-CVE-2008-5961
+CVE-2008-5961 (Cross-site scripting (XSS) vulnerability in index.php in Tribiq CMS Co ...)
 	NOT-FOR-US: Tribiq CMS Community
-CVE-2008-5960
+CVE-2008-5960 (SQL injection vulnerability in index.php in Tribiq CMS Community 5.0.1 ...)
 	NOT-FOR-US: Tribiq CMS Community
-CVE-2008-5959
+CVE-2008-5959 (Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 ...)
 	NOT-FOR-US: Active Test
-CVE-2008-5958
+CVE-2008-5958 (Multiple SQL injection vulnerabilities in Active Test 2.1 allow remote ...)
 	NOT-FOR-US: Active Test
-CVE-2008-5957
+CVE-2008-5957 (SQL injection vulnerability in the Mydyngallery (com_mydyngallery) com ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-5956
+CVE-2008-5956 (Wbstreet (aka PHPSTREET Webboard) 1.0 stores sensitive information und ...)
 	NOT-FOR-US: Wbstreet
-CVE-2008-5955
+CVE-2008-5955 (SQL injection vulnerability in show.php in Wbstreet (aka PHPSTREET Web ...)
 	NOT-FOR-US: Wbstreet
-CVE-2008-5954
+CVE-2008-5954 (SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) ...)
 	NOT-FOR-US: KTP Computer Customer Database (KTPCCD) CMS
-CVE-2008-5953
+CVE-2008-5953 (Directory traversal vulnerability in KTP Computer Customer Database (K ...)
 	NOT-FOR-US: KTP Computer Customer Database (KTPCCD) CMS
-CVE-2008-5952
+CVE-2008-5952 (SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) ...)
 	NOT-FOR-US: KTP Computer Customer Database (KTPCCD) CMS
-CVE-2008-5951
+CVE-2008-5951 (ASP Template Creature stores sensitive information under the web root  ...)
 	NOT-FOR-US: ASP Template Creature
-CVE-2008-5950
+CVE-2008-5950 (SQL injection vulnerability in media/media_level.asp in ASP Template C ...)
 	NOT-FOR-US: ASP Template Creature
-CVE-2008-5949
+CVE-2008-5949 (Multiple PHP remote file inclusion vulnerabilities in ccTiddly 1.7.4 a ...)
 	NOT-FOR-US: ccTiddly
-CVE-2008-5948
+CVE-2008-5948 (Directory traversal vulnerability in index.php in BNCwi 1.04 and earli ...)
 	NOT-FOR-US: BNCwi
-CVE-2008-5947
+CVE-2008-5947 (PHP remote file inclusion vulnerability in include/class_yapbbcooker.p ...)
 	NOT-FOR-US: YapBB
-CVE-2008-5946
+CVE-2008-5946 (SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows  ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-5945
+CVE-2008-5945 (Nukeviet 2.0 Beta allows remote attackers to bypass authentication and ...)
 	NOT-FOR-US: Nukeviet
-CVE-2008-5944
+CVE-2008-5944 (Cross-site scripting (XSS) vulnerability in modules.php in NavBoard 16 ...)
 	NOT-FOR-US: NavBoard
-CVE-2008-5943
+CVE-2008-5943 (Multiple directory traversal vulnerabilities in NavBoard 16 (2.6.0) al ...)
 	NOT-FOR-US: NavBoard
-CVE-2008-5942
+CVE-2008-5942 (Multiple cross-site scripting (XSS) vulnerabilities in MODx before 0.9 ...)
 	NOT-FOR-US: MODx CMS
-CVE-2008-5941
+CVE-2008-5941 (Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and  ...)
 	NOT-FOR-US: MODx CMS
-CVE-2008-5940
+CVE-2008-5940 (SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier,  ...)
 	NOT-FOR-US: MODx CMS
-CVE-2008-5939
+CVE-2008-5939 (Cross-site scripting (XSS) vulnerability in index.php in MODx CMS 0.9. ...)
 	NOT-FOR-US: MODx CMS
-CVE-2008-5938
+CVE-2008-5938 (PHP remote file inclusion vulnerability in assets/snippets/reflect/sni ...)
 	NOT-FOR-US: MODx CMS
-CVE-2008-5937
+CVE-2008-5937 (AyeView 2.20 allows user-assisted attackers to cause a denial of servi ...)
 	NOT-FOR-US: AyeView
-CVE-2008-5936
+CVE-2008-5936 (front-end/edit.php in mini-pub 0.3 and earlier allows remote attackers ...)
 	NOT-FOR-US: mini-pub
-CVE-2008-5935
+CVE-2008-5935 (Facto stores sensitive information under the web root with insufficien ...)
 	NOT-FOR-US: Facto
-CVE-2008-5934
+CVE-2008-5934 (SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows remot ...)
 	NOT-FOR-US: CMS ISWEB
-CVE-2008-5933
+CVE-2008-5933 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in CM ...)
 	NOT-FOR-US: CMS ISWEB
-CVE-2008-5932
+CVE-2008-5932 (CodeAvalanche FreeForum stores sensitive information under the web roo ...)
 	NOT-FOR-US: CodeAvalanche FreeForum
-CVE-2008-5931
+CVE-2008-5931 (The Net Guys ASPired2Blog stores sensitive information under the web r ...)
 	NOT-FOR-US: ASPired2Blog
-CVE-2008-5930
+CVE-2008-5930 (SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ...)
 	NOT-FOR-US: ASPired2Blog
-CVE-2008-5929
+CVE-2008-5929 (VP-ASP Shopping Cart 6.50 stores sensitive information under the web r ...)
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2008-5928
+CVE-2008-5928 (SQL injection vulnerability in redir.php in Free Links Directory Scrip ...)
 	NOT-FOR-US: Free Links Directory Script
-CVE-2008-5927
+CVE-2008-5927 (Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexP ...)
 	NOT-FOR-US: FlexPHPNews
-CVE-2008-5926
+CVE-2008-5926 (Multiple SQL injection vulnerabilities in login.asp in ASP-DEv Interna ...)
 	NOT-FOR-US: ASP-DEv
-CVE-2008-5925
+CVE-2008-5925 (ASP-DEv XM Events Diary stores sensitive information under the web roo ...)
 	NOT-FOR-US: ASP-DEv
-CVE-2008-5924
+CVE-2008-5924 (SQL injection vulnerability in diary_viewC.asp in ASP-DEv XM Events Di ...)
 	NOT-FOR-US: ASP-DEv
-CVE-2008-5923
+CVE-2008-5923 (SQL injection vulnerability in default.asp in ASP-DEv XM Events Diary  ...)
 	NOT-FOR-US: ASP-DEv
-CVE-2008-5922
+CVE-2008-5922 (Multiple PHP remote file inclusion vulnerabilities in themes/default/i ...)
 	NOT-FOR-US: Cant Find A Gaming CMS
-CVE-2008-5921
+CVE-2008-5921 (SQL injection vulnerability in albums.php in Umer Inc Songs Portal all ...)
 	NOT-FOR-US: Umer Inc Songs Portal
-CVE-2008-5920
+CVE-2008-5920 (The create_anchors function in utils.inc in WebSVN 1.x allows remote a ...)
 	- websvn 1.61-21 (bug #503330)
-CVE-2008-5917
+CVE-2008-5917 (Cross-site scripting (XSS) vulnerability in the XSS filter (framework/ ...)
 	{DSA-1765-1}
 	- horde3 3.2.2+debian0-2 (bug #512592)
-CVE-2008-5916
+CVE-2008-5916 (gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x befo ...)
 	{DSA-1708-1}
 	- git-core 1:1.5.6.5-2 (low)
-CVE-2008-5915
+CVE-2008-5915 (An unspecified function in the JavaScript implementation in Google Chr ...)
 	NOT-FOR-US: Google
-CVE-2008-5914
+CVE-2008-5914 (An unspecified function in the JavaScript implementation in Apple Safa ...)
 	NOT-FOR-US: Apple
-CVE-2008-5913
+CVE-2008-5913 (The Math.random function in the JavaScript implementation in Mozilla F ...)
 	- xulrunner 1.9.1.10-1 (unimportant; bug #559792; bug #532516)
 	- iceape 2.0.5-1 (unimportant)
 	[lenny] - iceape <not-affected> (Just a stub package)
 	NOTE: Limited to browser life time
-CVE-2008-5912
+CVE-2008-5912 (An unspecified function in the JavaScript implementation in Microsoft  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-5911
+CVE-2008-5911 (Multiple buffer overflows in RealNetworks Helix Server and Helix Mobil ...)
 	NOT-FOR-US: RealNetworks Helix
-CVE-2008-5910
+CVE-2008-5910 (Unspecified vulnerability in txzonemgr in Sun OpenSolaris has unknown  ...)
 	NOT-FOR-US: txzonemgr in Sun OpenSolaris
-CVE-2008-5909
+CVE-2008-5909 (Unspecified vulnerability in conv_lpd in Sun OpenSolaris has unknown i ...)
 	NOT-FOR-US: conv_lpd in Sun OpenSolaris
-CVE-2008-5908
+CVE-2008-5908 (Unspecified vulnerability in the root/boot archive tool in Sun OpenSol ...)
 	NOT-FOR-US: root/boot archive tool in Sun OpenSolaris
-CVE-2008-5907
+CVE-2008-5907 (The png_check_keyword function in pngwutil.c in libpng before 1.0.42,  ...)
 	{DSA-1750-1}
 	- libpng 1.2.35-1 (bug #512665)
 	NOTE: Only an issues when using libpng to create out-of-spec images
-CVE-2008-5906
+CVE-2008-5906 (Eval injection vulnerability in the web interface plugin in KTorrent b ...)
 	- ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178)
 	- ktorrent 3.1.4+dfsg.1-1
 	[etch] - ktorrent <not-affected> (Doesn't include the web interface)
-CVE-2008-5905
+CVE-2008-5905 (The web interface plugin in KTorrent before 3.1.4 allows remote attack ...)
 	- ktorrent2.2 2.2.8.dfsg.1-1 (bug #504178)
 	- ktorrent 3.1.4+dfsg.1-1
 	[etch] - ktorrent <not-affected> (Doesn't include the web interface)
-CVE-2008-5901
+CVE-2008-5901 (iyzi Forum 1.0 beta 3 stores sensitive information under the web root  ...)
 	NOT-FOR-US: iyzi Forum
-CVE-2008-5900
+CVE-2008-5900 (CodeAvalanche Articles stores sensitive information under the web root ...)
 	NOT-FOR-US: CodeAvalanche Articles
-CVE-2008-5899
+CVE-2008-5899 (CodeAvalanche FreeForAll stores sensitive information under the web ro ...)
 	NOT-FOR-US: CodeAvalanche FreeForAll
-CVE-2008-5898
+CVE-2008-5898 (CodeAvalanche Directory stores sensitive information under the web roo ...)
 	NOT-FOR-US: CodeAvalanche Directory
-CVE-2008-5897
+CVE-2008-5897 (CodeAvalanche FreeWallpaper stores sensitive information under the web ...)
 	NOT-FOR-US: CodeAvalanche FreeWallpaper
-CVE-2008-5896
+CVE-2008-5896 (CodeAvalanche RateMySite stores sensitive information under the web ro ...)
 	NOT-FOR-US: CodeAvalanche RateMySite
-CVE-2008-5895
+CVE-2008-5895 (SQL injection vulnerability in connection.php in Mediatheka 4.2 and ea ...)
 	NOT-FOR-US: Mediatheka
-CVE-2008-5894
+CVE-2008-5894 (Directory traversal vulnerability in index.php in Mediatheka 4.2 allow ...)
 	NOT-FOR-US: Mediatheka
-CVE-2008-5893
+CVE-2008-5893 (Cross-site scripting (XSS) vulnerability in admin_dblayers.asp in Clic ...)
 	NOT-FOR-US: ClickAndEmail
-CVE-2008-5892
+CVE-2008-5892 (Multiple SQL injection vulnerabilities in ClickAndEmail allow remote a ...)
 	NOT-FOR-US: ClickAndEmail
-CVE-2008-5891
+CVE-2008-5891 (Cross-site scripting (XSS) vulnerability in the profile editing functi ...)
 	NOT-FOR-US: Injader
-CVE-2008-5890
+CVE-2008-5890 (SQL injection vulnerability in feeds.php in Injader before 2.1.2 allow ...)
 	NOT-FOR-US: Injader
-CVE-2008-5889
+CVE-2008-5889 (Cross-site scripting (XSS) vulnerability in user.asp in Click&amp;Rank ...)
 	NOT-FOR-US: Click&Rank
-CVE-2008-5888
+CVE-2008-5888 (Multiple SQL injection vulnerabilities in Click&amp;Rank allow remote  ...)
 	NOT-FOR-US: Click&Rank
-CVE-2008-5887
+CVE-2008-5887 (phplist before 2.10.8 allows remote attackers to include files via unk ...)
 	NOT-FOR-US: phplist
-CVE-2008-5886
+CVE-2008-5886 (TAKempis Discussion Web 4.0 stores sensitive information under the web ...)
 	NOT-FOR-US: TAKempis Discussion Web
-CVE-2008-5885
+CVE-2008-5885 (The Net Guys ASPired2Quote stores sensitive information under the web  ...)
 	NOT-FOR-US: Net Guys ASPired2Quote
-CVE-2008-5884
+CVE-2008-5884 (AyeView 2.20 allows user-assisted attackers to cause a denial of servi ...)
 	NOT-FOR-US: AyeView
-CVE-2008-5883
+CVE-2008-5883 (Absolute path traversal vulnerability in front-end/dir.php in mini-pub ...)
 	NOT-FOR-US: mini-pub
-CVE-2008-5904
+CVE-2008-5904 (The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrd ...)
 	- xrdp 0.4.0~dfsg-9 (bug #511641)
-CVE-2008-5903
+CVE-2008-5903 (Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c ...)
 	- xrdp 0.4.0~dfsg-9 (bug #511641)
-CVE-2008-5902
+CVE-2008-5902 (Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bi ...)
 	- xrdp 0.4.0~dfsg-9 (bug #511641)
-CVE-2008-6005
+CVE-2008-6005 (Multiple buffer overflows in the CheckUniqueName function in W3C Amaya ...)
 	- amaya <removed> (medium; bug #507587)
 	NOTE: different vector than described in CVE-2008-5282, see 507587#15
-CVE-2008-5882
+CVE-2008-5882 (SQL injection vulnerability in login.asp in Citrix Application Gateway ...)
 	NOT-FOR-US: Citrix
-CVE-2008-5881
+CVE-2008-5881 (Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow re ...)
 	NOT-FOR-US: playSMS
-CVE-2008-5880
+CVE-2008-5880 (admin/auth.php in Gobbl CMS 1.0 allows remote attackers to bypass auth ...)
 	NOT-FOR-US: Gobbl CMS
-CVE-2008-5879
+CVE-2008-5879 (Cross-site scripting (XSS) vulnerability in index.php in Phpclanwebsit ...)
 	NOT-FOR-US: Phpclanwebsite
-CVE-2008-5878
+CVE-2008-5878 (Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PC ...)
 	NOT-FOR-US: Phpclanwebsite
-CVE-2008-5877
+CVE-2008-5877 (Multiple SQL injection vulnerabilities in Phpclanwebsite (aka PCW) 1.2 ...)
 	NOT-FOR-US: Phpclanwebsite
-CVE-2008-5876
+CVE-2008-5876 (Buffer overflow in Irrlicht before 1.5 allows remote attackers to caus ...)
 	- irrlicht <not-affected> (package was first introduced in version 1.5)
-CVE-2008-5875
+CVE-2008-5875 (SQL injection vulnerability in the com_lowcosthotels component in the  ...)
 	NOT-FOR-US: Hotel Booking Reservation System for Joomla
-CVE-2008-5874
+CVE-2008-5874 (Multiple SQL injection vulnerabilities in the Hotel Booking Reservatio ...)
 	NOT-FOR-US: Hotel Booking Reservation System for Joomla
-CVE-2008-5873
+CVE-2008-5873 (Yerba SACphp 6.3 and earlier allows remote attackers to bypass authent ...)
 	NOT-FOR-US: Yerba
-CVE-2008-5872
+CVE-2008-5872 (Multiple unspecified vulnerabilities in the UNIStim File Transfer Prot ...)
 	NOT-FOR-US: Nortel Multimedia Communication Server
-CVE-2008-5871
+CVE-2008-5871 (Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not veri ...)
 	NOT-FOR-US: Nortel Multimedia Communication Server
-CVE-2008-5870
+CVE-2008-5870 (FastStone Image Viewer 3.6 allows user-assisted attackers to cause a d ...)
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2008-5869
+CVE-2008-5869 (Cross-site scripting (XSS) vulnerability in the Proxim Wireless Tsunam ...)
 	NOT-FOR-US: Proxim Wireless Tsunami
-CVE-2008-5868
+CVE-2008-5868 (Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows user ...)
 	NOT-FOR-US: IntelliTamper
-CVE-2008-5867
+CVE-2008-5867 (Directory traversal vulnerability in Yerba SACphp 6.3 allows remote at ...)
 	NOT-FOR-US: Yerba
-CVE-2008-5866
+CVE-2008-5866 (The Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 has public  ...)
 	NOT-FOR-US: Proxim Wireless Tsunami
-CVE-2008-5865
+CVE-2008-5865 (SQL injection vulnerability in the com_hbssearch component 1.0 in the  ...)
 	NOT-FOR-US: Hotel Booking Reservation System for Joomla
-CVE-2008-5864
+CVE-2008-5864 (SQL injection vulnerability in the Top Hotel (com_tophotelmodule) comp ...)
 	NOT-FOR-US: Hotel Booking Reservation System for Joomla
-CVE-2008-5863
+CVE-2008-5863 (SQL injection vulnerability in locator.php in the Userlocator module 3 ...)
 	NOT-FOR-US: Module for Woltlab Burning Board
-CVE-2008-5862
+CVE-2008-5862 (Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410  ...)
 	NOT-FOR-US: webcamXP
-CVE-2008-5861
+CVE-2008-5861 (Directory traversal vulnerability in source.php in FreeLyrics 1.0 allo ...)
 	NOT-FOR-US: FreeLyrics
-CVE-2008-5860
+CVE-2008-5860 (Directory traversal vulnerability in backend/template.php in Construct ...)
 	NOT-FOR-US: Constructr CMS
-CVE-2008-5859
+CVE-2008-5859 (SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and  ...)
 	NOT-FOR-US: Constructr CMS
-CVE-2008-5858
+CVE-2008-5858 (Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree b ...)
 	NOT-FOR-US: KnowledgeTree
-CVE-2008-5857
+CVE-2008-5857 (The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote  ...)
 	NOT-FOR-US: KnowledgeTree
-CVE-2008-5856
+CVE-2008-5856 (Directory traversal vulnerability in scripts/export.php in ClaSS befor ...)
 	NOT-FOR-US: ClaSS
-CVE-2008-5855
+CVE-2008-5855 (myPHPscripts Login Session 2.0 stores sensitive information under the  ...)
 	NOT-FOR-US: myPHPscripts Login Session
-CVE-2008-5854
+CVE-2008-5854 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in my ...)
 	NOT-FOR-US: myPHPscripts Login Session
-CVE-2008-5853
+CVE-2008-5853 (Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stor ...)
 	NOT-FOR-US: ChoCoMaS
-CVE-2008-5852
+CVE-2008-5852 (Emefa Guestbook 3.0 stores sensitive information under the web root wi ...)
 	NOT-FOR-US: Emefa Guestbook
-CVE-2008-5851
+CVE-2008-5851 (SQL injection vulnerability in index.php in My PHP Baseball Stats (MyP ...)
 	NOT-FOR-US: My PHP Baseball Stats
 CVE-2008-5850
 	REJECTED
-CVE-2008-5849
+CVE-2008-5849 (Check Point VPN-1 R55, R65, and other versions, when Port Address Tran ...)
 	NOT-FOR-US: Check Point
-CVE-2008-5848
+CVE-2008-5848 (The Advantech ADAM-6000 module has 00000000 as its default password, w ...)
 	NOT-FOR-US: Advantech ADAM-6000 module
-CVE-2008-5847
+CVE-2008-5847 (Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a M ...)
 	NOT-FOR-US: Constructr CMS
-CVE-2008-5846
+CVE-2008-5846 (Six Apart Movable Type (MT) before 4.23 allows remote authenticated us ...)
 	- movabletype-opensource 4.2.3-1 (low)
-CVE-2008-5845
+CVE-2008-5845 (Multiple cross-site scripting (XSS) vulnerabilities in Six Apart Movab ...)
 	- movabletype-opensource 4.2.3-1 (low)
-CVE-2008-5844
+CVE-2008-5844 (PHP 5.2.7 contains an incorrect change to the FILTER_UNSAFE_RAW functi ...)
 	- php5 <not-affected> (vulnerable code introduced in 5.2.7, we have 5.2.6 and 5.2.8 was released in the meantime)
 	[etch] - php4 <not-affected> (vulnerable code introduced in php5 5.2.7)
-CVE-2008-5843
+CVE-2008-5843 (Multiple untrusted search path vulnerabilities in pdfjam allow local u ...)
 	- pdfjam <not-affected> (the debian package sets pdflatex and thus dirname can't result in returning .)
 	NOTE: it is also not possible to include a crafted sed or pdflatex executable in the pdflatex call
 	NOTE: as our version uses random names, see #510584
-CVE-2008-5842
+CVE-2008-5842 (Multiple cross-site scripting (XSS) vulnerabilities in Fujitsu-Siemens ...)
 	NOT-FOR-US: Fujitsu-Siemens WebTransactions
 CVE-2008-XXXX [auctex insecure temp file]
 	- auctex 11.83-7.3 (low; bug #506961)
 	[etch] - auctex <no-dsa> (Minor issue)
-CVE-2008-5841
+CVE-2008-5841 (Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allo ...)
 	NOT-FOR-US: iGaming
-CVE-2008-5840
+CVE-2008-5840 (PHP iCalendar 2.24 and earlier allows remote attackers to bypass authe ...)
 	- phpicalendar <removed> (bug #513517)
-CVE-2008-5839
+CVE-2008-5839 (Buffer overflow in Foxmail 6.5 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Foxmail
-CVE-2008-5838
+CVE-2008-5838 (SQL injection vulnerability in search_results.php in E-Php Scripts E-S ...)
 	NOT-FOR-US: E-Php Scripts E-Shop Shopping Cart
 CVE-2008-5837
 	RESERVED
@@ -3208,460 +3208,460 @@ CVE-2008-5830
 	RESERVED
 CVE-2008-5829
 	RESERVED
-CVE-2008-5828
+CVE-2008-5828 (Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Pr ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-5827
+CVE-2008-5827 (The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmwar ...)
 	NOT-FOR-US: Nokia Firmware
-CVE-2008-5826
+CVE-2008-5826 (The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmwar ...)
 	NOT-FOR-US: Nokia Firmware
-CVE-2008-5825
+CVE-2008-5825 (The SmartPoster implementation on the Nokia 6131 Near Field Communicat ...)
 	NOT-FOR-US: Nokia Firmware
-CVE-2008-5823
+CVE-2008-5823 (An ActiveX control in prtstb06.dll in Microsoft Money 2006, when used  ...)
 	NOT-FOR-US: Microsoft Money
-CVE-2008-5822
+CVE-2008-5822 (Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and other prod ...)
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Just a crash, no security impact
-CVE-2008-5821
+CVE-2008-5821 (Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on Wi ...)
 	NOT-FOR-US: Webkit on Windows
-CVE-2008-5820
+CVE-2008-5820 (SQL injection vulnerability in eDNews_view.php in eDreamers eDNews 2 a ...)
 	NOT-FOR-US: eDreamers eDNews
-CVE-2008-5819
+CVE-2008-5819 (Directory traversal vulnerability in eDNews_archive.php in eDreamers e ...)
 	NOT-FOR-US: eDreamers eDNews
-CVE-2008-5818
+CVE-2008-5818 (Directory traversal vulnerability in index.php in eDreamers eDContaine ...)
 	NOT-FOR-US: eDreamers eDNews
-CVE-2008-5817
+CVE-2008-5817 (Multiple SQL injection vulnerabilities in index.php in Web Scribble So ...)
 	NOT-FOR-US: Web Scribble Solutions webClassifieds
-CVE-2008-5816
+CVE-2008-5816 (SQL injection vulnerability in repository.php in ILIAS 3.7.4 and earli ...)
 	NOT-FOR-US: ILIAS
-CVE-2008-5815
+CVE-2008-5815 (SQL injection vulnerability in Acomment.php in phpAlumni allows remote ...)
 	NOT-FOR-US: phpAlumni
-CVE-2008-5814
+CVE-2008-5814 (Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and ea ...)
 	{DSA-1789-1}
 	- php5 5.2.11.dfsg.1-1 (low; bug #523028)
 	NOTE: I don't know in which version this was fixed specifically, but
 	NOTE: I've checked that the patch is present in this version
 	- php4 <removed> (low; bug #523028)
-CVE-2008-5813
+CVE-2008-5813 (SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1. ...)
 	- spip 2.0.6-1
-CVE-2008-5812
+CVE-2008-5812 (Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 be ...)
 	- spip 2.0.6-1
-CVE-2008-5811
+CVE-2008-5811 (SQL injection vulnerability in the PaxGallery (com_paxgallery) compone ...)
 	NOT-FOR-US: joomla
-CVE-2008-5810
+CVE-2008-5810 (WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0,  ...)
 	NOT-FOR-US: Fujitsu-Siemens WebTransactions
-CVE-2008-5809
+CVE-2008-5809 (futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier and Acc ...)
 	NOT-FOR-US: futomi CGI Cafe Access Analyzer CGI Standard
-CVE-2008-5808
+CVE-2008-5808 (Cross-site scripting (XSS) vulnerability in Six Apart Movable Type Ent ...)
 	NOT-FOR-US: Six Apart Movable Type Enterprise
-CVE-2008-5807
+CVE-2008-5807 (Multiple cross-site scripting (XSS) vulnerabilities in TestLink before ...)
 	NOT-FOR-US: TestLink
-CVE-2008-5806
+CVE-2008-5806 (SQL injection vulnerability in login.php in DeltaScripts PHP Classifie ...)
 	NOT-FOR-US: DeltaScripts PHP Classifieds
-CVE-2008-5805
+CVE-2008-5805 (SQL injection vulnerability in detail.php in DeltaScripts PHP Classifi ...)
 	NOT-FOR-US: DeltaScripts PHP Classifieds
-CVE-2008-5804
+CVE-2008-5804 (SQL injection vulnerability in admin/admin_catalog.php in e-topbiz Num ...)
 	NOT-FOR-US: e-topbiz Number Links 1 Php Script
-CVE-2008-5803
+CVE-2008-5803 (SQL injection vulnerability in admin/login.php in E-topbiz Online Stor ...)
 	NOT-FOR-US: E-topbiz
-CVE-2008-5802
+CVE-2008-5802 (SQL injection vulnerability in index.php in E-topbiz Online Store 1.0  ...)
 	NOT-FOR-US: E-topbiz
-CVE-2008-5801
+CVE-2008-5801 (Unspecified vulnerability in the Dictionary (rtgdictionary) extension  ...)
 	NOT-FOR-US: Dictionary (rtgdictionary) extension for TYPO3
-CVE-2008-5800
+CVE-2008-5800 (SQL injection vulnerability in the Wir ber uns [sic] (fsmi_people) ext ...)
 	NOT-FOR-US: fsmi_people extension for TYPO3
-CVE-2008-5799
+CVE-2008-5799 (Cross-site scripting (XSS) vulnerability in the Wir ber uns (fsmi_peop ...)
 	NOT-FOR-US: fsmi_people extension for TYPO3
-CVE-2008-5798
+CVE-2008-5798 (SQL injection vulnerability in the CMS Poll system (cms_poll) extensio ...)
 	NOT-FOR-US: CMS Poll system for TYPO3
-CVE-2008-5797
+CVE-2008-5797 (SQL injection vulnerability in the advCalendar extension 0.3.1 and ear ...)
 	NOT-FOR-US: advCalendar extension for TYPO3
-CVE-2008-5796
+CVE-2008-5796 (SQL injection vulnerability in the eluna Page Comments (eluna_pagecomm ...)
 	NOT-FOR-US: Page Comments extension for TYPO3
-CVE-2008-5795
+CVE-2008-5795 (Cross-site scripting (XSS) vulnerability in the eluna Page Comments (e ...)
 	NOT-FOR-US: Page Comments extension for TYPO3
-CVE-2008-5794
+CVE-2008-5794 (Directory traversal vulnerability in system/admin/images.php in LoveCM ...)
 	NOT-FOR-US: LoveCMS
-CVE-2008-5793
+CVE-2008-5793 (Multiple PHP remote file inclusion vulnerabilities in the Clickheat -  ...)
 	NOT-FOR-US: Clickheat - Heatmap stats (com_clickheat) component 1.0.1 for Joomla!
-CVE-2008-5792
+CVE-2008-5792 (PHP remote file inclusion vulnerability in show_joined.php in Indiscri ...)
 	NOT-FOR-US: Indiscripts Enthusiast
-CVE-2008-5791
+CVE-2008-5791 (Multiple unspecified vulnerabilities in PrestaShop e-Commerce Solution ...)
 	NOT-FOR-US: PrestaShop e-Commerce Solution
-CVE-2008-5790
+CVE-2008-5790 (Multiple PHP remote file inclusion vulnerabilities in the Recly!Compet ...)
 	NOT-FOR-US: Recly!Competitions (com_competitions) component 1.0 for Joomla!
-CVE-2008-5789
+CVE-2008-5789 (Multiple PHP remote file inclusion vulnerabilities in the Recly Intera ...)
 	NOT-FOR-US: Recly Interactive Feederator (com_feederator) component 1.0.5 for Joomla!
-CVE-2008-5788
+CVE-2008-5788 (SQL injection vulnerability in index.php in Domain Seller Pro 1.5 allo ...)
 	NOT-FOR-US: Domain Seller
-CVE-2008-5787
+CVE-2008-5787 (Directory traversal vulnerability in mod.php in Arab Portal 2.1 on Win ...)
 	NOT-FOR-US: Arab Portal
-CVE-2008-5786
+CVE-2008-5786 (Cross-site scripting (XSS) vulnerability in the Silva Find extension 1 ...)
 	NOT-FOR-US: Silva Find
-CVE-2008-5785
+CVE-2008-5785 (SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2  ...)
 	NOT-FOR-US: V3 Chat - Profiles/Dating Script
-CVE-2008-5784
+CVE-2008-5784 (V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to bypa ...)
 	NOT-FOR-US: V3 Chat - Profiles/Dating Script
-CVE-2008-5783
+CVE-2008-5783 (admin/index.php in V3 Chat Live Support 3.0.4 allows remote attackers  ...)
 	NOT-FOR-US: V3 Chat
-CVE-2008-5782
+CVE-2008-5782 (SQL injection vulnerability in bannerclick.php in ZeeMatri 3.0 allows  ...)
 	NOT-FOR-US: ZeeMatri
-CVE-2008-5781
+CVE-2008-5781 (SQL injection vulnerability in right.php in Cant Find A Gaming CMS (CF ...)
 	NOT-FOR-US: Cant Find A Gaming CMS (CFAGCMS)
-CVE-2008-5780
+CVE-2008-5780 (Forest Blog 1.3.2 stores sensitive information under the web root with ...)
 	NOT-FOR-US: Forest Blog
-CVE-2008-5779
+CVE-2008-5779 (SQL injection vulnerability in lpro.php in Free Links Directory Script ...)
 	NOT-FOR-US: Free Links Directory Script
-CVE-2008-5778
+CVE-2008-5778 (SQL injection vulnerability in report.php in Free Links Directory Scri ...)
 	NOT-FOR-US: Free Links Directory Script
-CVE-2008-5777
+CVE-2008-5777 (SQL injection vulnerability in index.php in CadeNix allows remote atta ...)
 	NOT-FOR-US: CadeNix
-CVE-2008-5776
+CVE-2008-5776 (Multiple directory traversal vulnerabilities in Aperto Blog 0.1.1 allo ...)
 	NOT-FOR-US: Aperto Blog
-CVE-2008-5775
+CVE-2008-5775 (SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 all ...)
 	NOT-FOR-US: Aperto Blog
-CVE-2008-5774
+CVE-2008-5774 (Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0  ...)
 	NOT-FOR-US: ASPSiteWare HomeBuilder
-CVE-2008-5773
+CVE-2008-5773 (Nukedit 4.9.8 stores sensitive information under the web root with ins ...)
 	NOT-FOR-US: Nukedit
-CVE-2008-5772
+CVE-2008-5772 (Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1 ...)
 	NOT-FOR-US: ASPSiteWare RealtyListings
-CVE-2008-5771
+CVE-2008-5771 (Directory traversal vulnerability in test.php in PHP Weather 2.2.2 all ...)
 	NOT-FOR-US: PHP Weather
-CVE-2008-5770
+CVE-2008-5770 (Cross-site scripting (XSS) vulnerability in config/make_config.php in  ...)
 	NOT-FOR-US: PHP Weather
-CVE-2008-5769
+CVE-2008-5769 (Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServe ...)
 	NOT-FOR-US: Kerio MailServer
-CVE-2008-5768
+CVE-2008-5768 (SQL injection vulnerability in print.php in the AM Events (aka Amevent ...)
 	NOT-FOR-US: AM Events
-CVE-2008-5767
+CVE-2008-5767 (SQL injection vulnerability in authors.asp in gNews Publisher allows r ...)
 	NOT-FOR-US: gNews Publisher
-CVE-2008-5766
+CVE-2008-5766 (SQL injection vulnerability in download.php in Farsi Script Faupload a ...)
 	NOT-FOR-US: Farsi Script Faupload
-CVE-2008-5765
+CVE-2008-5765 (WorkSimple 1.2.1 stores sensitive information under the web root with  ...)
 	NOT-FOR-US: WorkSimple
-CVE-2008-5764
+CVE-2008-5764 (PHP remote file inclusion vulnerability in calendar.php in WorkSimple  ...)
 	NOT-FOR-US: WorkSimple
-CVE-2008-5763
+CVE-2008-5763 (PHP remote file inclusion vulnerability in slogin_lib.inc.php in Simpl ...)
 	NOT-FOR-US: Simple Text-File Login Script (SiTeFiLo)
-CVE-2008-5762
+CVE-2008-5762 (Simple Text-File Login Script (SiTeFiLo) 1.0.6 stores sensitive inform ...)
 	NOT-FOR-US: Simple Text-File Login Script (SiTeFiLo)
-CVE-2008-5761
+CVE-2008-5761 (Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS (ak ...)
 	NOT-FOR-US: FlatnuX CMS
-CVE-2008-5760
+CVE-2008-5760 (Cross-site scripting (XSS) vulnerability in error413.php in Kerio Mail ...)
 	NOT-FOR-US: Kerio MailServer
-CVE-2008-5759
+CVE-2008-5759 (Cross-site scripting (XSS) vulnerability in FlatnuX CMS (aka Flatnuke3 ...)
 	NOT-FOR-US: FlatnuX CMS
-CVE-2008-5758
+CVE-2008-5758 (Cross-site request forgery (CSRF) vulnerability in PHParanoid before 0 ...)
 	NOT-FOR-US: PHParanoid
-CVE-2008-5757
+CVE-2008-5757 (Cross-site scripting (XSS) vulnerability in textarea/index.php in Text ...)
 	- textpattern 4.0.6-1
-CVE-2008-5756
+CVE-2008-5756 (Buffer overflow in BreakPoint Software Hex Workshop 5.1.4 allows user- ...)
 	NOT-FOR-US: BreakPoint Software Hex Workshop
-CVE-2008-5755
+CVE-2008-5755 (Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows remo ...)
 	NOT-FOR-US: IntelliTamper
-CVE-2008-5754
+CVE-2008-5754 (Stack-based buffer overflow in BulletProof FTP Client allows user-assi ...)
 	NOT-FOR-US: BulletProof FTP Client
-CVE-2008-5753
+CVE-2008-5753 (Stack-based buffer overflow in BulletProof FTP Client 2.63 and 2010 al ...)
 	NOT-FOR-US: BulletProof FTP Client
-CVE-2008-5752
+CVE-2008-5752 (Directory traversal vulnerability in getConfig.php in the Page Flip Im ...)
 	NOT-FOR-US: Page Flip Image Gallery plugin for WordPress
-CVE-2008-5751
+CVE-2008-5751 (SQL injection vulnerability in index.php in AlstraSoft Web Email Scrip ...)
 	NOT-FOR-US: AlstraSoft Web Email Script Enterprise
-CVE-2008-5750
+CVE-2008-5750 (Argument injection vulnerability in Microsoft Internet Explorer 8 beta ...)
 	NOT-FOR-US: Microsoft
 CVE-2008-5749
 	NOT-FOR-US: Unclear, historic Chrome issue
-CVE-2008-5748
+CVE-2008-5748 (Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php  ...)
 	NOT-FOR-US: BloofoxCMS
-CVE-2008-5747
+CVE-2008-5747 (F-Prot 4.6.8 for GNU/Linux allows remote attackers to bypass anti-viru ...)
 	NOT-FOR-US: F-Prot
-CVE-2008-5746
+CVE-2008-5746 (Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local  ...)
 	NOT-FOR-US: Sun SNMP Management Agent
-CVE-2008-5745
+CVE-2008-5745 (Integer overflow in quartz.dll in the DirectShow framework in Microsof ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-5824
+CVE-2008-5824 (Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0 ...)
 	{DSA-1972-1}
 	- audiofile 0.2.6-7.1 (medium; bug #510205)
-CVE-2008-5744
+CVE-2008-5744 (Array index error in the dahdi/tor2.c driver in Zaptel (aka DAHDI) 1.4 ...)
 	{DSA-1699-1}
 	- zaptel 1:1.4.11~dfsg-3 (bug #510583)
-CVE-2008-5743
+CVE-2008-5743 (pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a ...)
 	- pdfjam 1.10-1 (low; bug #510584)
-CVE-2008-5742
+CVE-2008-5742 (Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier ...)
 	NOT-FOR-US: AIST NetCat
 CVE-2008-5741
 	RESERVED
 CVE-2008-5740
 	RESERVED
-CVE-2008-5739
+CVE-2008-5739 (SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 Be ...)
 	NOT-FOR-US: Pligg CMS
-CVE-2008-5738
+CVE-2008-5738 (Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass  ...)
 	NOT-FOR-US: Nodstrum MySQL Calendar
-CVE-2008-5737
+CVE-2008-5737 (SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1. ...)
 	NOT-FOR-US: Nodstrum MySQL Calendar
-CVE-2008-5736
+CVE-2008-5736 (Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6 ...)
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 7.1-1
 	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
-CVE-2008-5735
+CVE-2008-5735 (Stack-based buffer overflow in skin.c in CoolPlayer 2.17 through 2.19  ...)
 	NOT-FOR-US: CoolPlayer
-CVE-2008-5734
+CVE-2008-5734 (Cross-site scripting (XSS) vulnerability in WebMail Pro in IceWarp Sof ...)
 	NOT-FOR-US: IceWarp Software Merak Mail Server
-CVE-2008-5733
+CVE-2008-5733 (SQL injection vulnerability in blog.php in the Team Impact TI Blog Sys ...)
 	NOT-FOR-US: Team Impact TI Blog System mod for PHP-Fusion
-CVE-2008-5732
+CVE-2008-5732 (Unrestricted file upload vulnerability in lib/image_upload.php in Kafo ...)
 	NOT-FOR-US: KafooeyBlog
-CVE-2008-5731
+CVE-2008-5731 (The PGPwded device driver (aka PGPwded.sys) in PGP Corporation PGP Des ...)
 	NOT-FOR-US: PGP Desktop
-CVE-2008-5730
+CVE-2008-5730 (Multiple CRLF injection vulnerabilities in AIST NetCat 3.12 and earlie ...)
 	NOT-FOR-US: AIST NetCat
-CVE-2008-5729
+CVE-2008-5729 (Multiple cross-site scripting (XSS) vulnerabilities in AIST NetCat 3.1 ...)
 	NOT-FOR-US: AIST NetCat
-CVE-2008-5728
+CVE-2008-5728 (Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and e ...)
 	NOT-FOR-US: AIST NetCat
-CVE-2008-5727
+CVE-2008-5727 (SQL injection vulnerability in modules/auth/password_recovery.php in A ...)
 	NOT-FOR-US: AIST NetCat
-CVE-2008-5726
+CVE-2008-5726 (SQL injection vulnerability in thread.php in stormBoards 1.0.1 allows  ...)
 	NOT-FOR-US: stormBoards
-CVE-2008-5725
+CVE-2008-5725 (The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in EnTe ...)
 	NOT-FOR-US: EnTech Taiwan PowerStrip
-CVE-2008-5724
+CVE-2008-5724 (The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in E ...)
 	NOT-FOR-US: ESET Smart Security
-CVE-2008-5723
+CVE-2008-5723 (Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka Kann ...)
 	NOT-FOR-US: CGI RESCUE KanniBBS2000
-CVE-2008-5722
+CVE-2008-5722 (Buffer overflow in SAWStudio 3.9i allows user-assisted remote attacker ...)
 	NOT-FOR-US: SAWStudio
-CVE-2008-5721
+CVE-2008-5721 (SapporoWorks BlackJumboDog (BJD) before 4.2.3 allows remote attackers  ...)
 	NOT-FOR-US: BlackJumboDog
-CVE-2008-5720
+CVE-2008-5720 (Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows ...)
 	NOT-FOR-US: Mayaa
-CVE-2008-5719
+CVE-2008-5719 (Cross-site scripting (XSS) vulnerability in Hitachi Groupmax Web Workf ...)
 	NOT-FOR-US: Hitachi
-CVE-2008-5718
+CVE-2008-5718 (The papd daemon in Netatalk before 2.0.4-beta2, when using certain var ...)
 	{DSA-1705-1 DTSA-183-1}
 	- netatalk 2.0.4~beta2-1 (medium; bug #510585)
-CVE-2008-5717
+CVE-2008-5717 (Cross-site scripting (XSS) vulnerability in Hitachi JP1/Integrated Man ...)
 	NOT-FOR-US: Hitachi
-CVE-2008-5716
+CVE-2008-5716 (xend in Xen 3.3.0 does not properly restrict a guest VM's write access ...)
 	- xen-3 <not-affected> (Vulnerable code never entered Debian)
 	- xen-unstable <not-affected> (Vulnerable code never entered Debian)
 	NOTE: this issue was introduced as a fix to CVE-2008-4405, which has not
 	NOTE: yet been fixed in Debian
-CVE-2008-5715
+CVE-2008-5715 (Mozilla Firefox 3.0.5 on Windows Vista allows remote attackers to caus ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2008-5714
+CVE-2008-5714 (Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for r ...)
 	{DSA-1907-1 DTSA-203-1}
 	- qemu 0.9.1-10 (low; bug #509882)
 	[etch] - qemu <not-affected> (Vulnerable code not present)
 	- kvm 82-1 (low; bug #509997)
 	[lenny] - kvm <no-dsa> (Minor issue)
-CVE-2008-5713
+CVE-2008-5713 (The __qdisc_run function in net/sched/sch_generic.c in the Linux kerne ...)
 	{DSA-1794-1}
 	- linux-2.6 2.6.25-1
 	- linux-2.6.24 <removed>
-CVE-2008-5712
+CVE-2008-5712 (The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to caus ...)
 	- kdebase <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2008-5711
+CVE-2008-5711 (Heap-based buffer overflow in the Facebook PhotoUploader ActiveX contr ...)
 	NOT-FOR-US: Facebook PhotoUploader ActiveX
-CVE-2008-5710
+CVE-2008-5710 (Multiple unspecified vulnerabilities in the web management interface i ...)
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-5709
+CVE-2008-5709 (Multiple unspecified vulnerabilities in the web management interface i ...)
 	NOT-FOR-US: Avaya Communication Manager
-CVE-2008-5708
+CVE-2008-5708 (redirect.php in SlimCMS 1.0.0 does not require authentication, which a ...)
 	NOT-FOR-US: SlimCMS
-CVE-2008-5707
+CVE-2008-5707 (SQL injection vulnerability in urunler.asp in Iltaweb Alisveris Sistem ...)
 	NOT-FOR-US: Iltaweb Alisveris Sistemi
-CVE-2008-5704
+CVE-2008-5704 (src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might all ...)
 	- gpsdrive 2.10~pre4-6.dfsg-2 (low; bug #508597)
 	[etch] - gpsdrive <no-dsa> (Minor issue)
 	[lenny] - gpsdrive 2.10~pre4-6.dfsg-1+lenny1
-CVE-2008-5703
+CVE-2008-5703 (gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to overwr ...)
 	- gpsdrive 2.10~pre4-6.dfsg-2 (low; bug #508597)
 	[etch] - gpsdrive <no-dsa> (Minor issue)
 	[lenny] - gpsdrive 2.10~pre4-6.dfsg-1+lenny1
-CVE-2008-5702
+CVE-2008-5702 (Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700 ...)
 	{DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.26-13
 	- linux-2.6.24 <removed>
-CVE-2008-5701
+CVE-2008-5701 (Array index error in arch/mips/kernel/scall64-o32.S in the Linux kerne ...)
 	{DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.26-13
 	- linux-2.6.24 <removed>
-CVE-2008-5700
+CVE-2008-5700 (libata in the Linux kernel before 2.6.27.9 does not set minimum timeou ...)
 	{DSA-1787-1}
 	- linux-2.6 2.6.26-13
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present, was introduced later)
 	- linux-2.6.24 <removed>
-CVE-2008-5699
+CVE-2008-5699 (The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris ...)
 	NOT-FOR-US: Solaris
-CVE-2008-5698
+CVE-2008-5698 (HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allo ...)
 	- kdebase <unfixed> (unimportant)
 	NOTE: browser crashes not treated as security issues
-CVE-2008-5697
+CVE-2008-5697 (The skype_tool.copy_num method in the Skype extension BETA 2.2.0.95 fo ...)
 	NOT-FOR-US: Skype extension
-CVE-2008-5696
+CVE-2008-5696 (Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2008-5695
+CVE-2008-5695 (wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 ...)
 	- wordpress 2.3.2 (low; bug #510786; bug #513959)
 	[etch] - wordpress <no-dsa> (Minor issue)
 	NOTE: only the admin has manage_options capabilities by default and only editors
 	NOTE: have upload_files capabilities
 	NOTE: Only versions prior to 2.3.2 are affected according to the Debian maintainer
-CVE-2008-5694
+CVE-2008-5694 (PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhand ...)
 	NOT-FOR-US: Sandbox
-CVE-2008-5693
+CVE-2008-5693 (Ipswitch WS_FTP Server Manager 6.1.0.0 and earlier, and possibly other ...)
 	NOT-FOR-US: Ipswitch WS_FTP Server Manager
-CVE-2008-5692
+CVE-2008-5692 (Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswit ...)
 	NOT-FOR-US: Ipswitch WS_FTP Server Manager
-CVE-2008-5691
+CVE-2008-5691 (Heap-based buffer overflow in the Phoenician Casino FlashAX ActiveX co ...)
 	NOT-FOR-US: Phoenician Casino FlashAX ActiveX
-CVE-2008-5690
+CVE-2008-5690 (The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, a ...)
 	NOT-FOR-US: Solaris
-CVE-2008-5689
+CVE-2008-5689 (tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 a ...)
 	NOT-FOR-US: Solaris
-CVE-2008-5688
+CVE-2008-5688 (MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExce ...)
 	- mediawiki 1:1.13.3-1 (unimportant)
 	- mediawiki1.7 <removed> (unimportant)
 	NOTE: Installation path disclosure not treated as a security issue
-CVE-2008-5687
+CVE-2008-5687 (MediaWiki 1.11, and other versions before 1.13.3, does not properly pr ...)
 	{DTSA-186-1}
 	- mediawiki 1:1.13.3-1 (low)
 	- mediawiki1.7 <removed>
 	[etch] - mediawiki1.7 <not-affected> (The backup feature was introduced in 1.11)
 	[etch] - mediawiki <not-affected> (metapackage)
-CVE-2008-5686
+CVE-2008-5686 (IBM Tivoli Provisioning Manager (TPM) before 5.1.1.1 IF0006, when its  ...)
 	NOT-FOR-US: IBM Tivoli Provisioning Manager
-CVE-2008-5685
+CVE-2008-5685 (Sun ScApp firmware 5.18.x, 5.19.x, and 5.20.0 through 5.20.10 on Sun F ...)
 	NOT-FOR-US: Sun ScApp firmware
-CVE-2008-5684
+CVE-2008-5684 (Unspecified vulnerability in the X Inter Client Exchange library (aka  ...)
 	NOT-FOR-US: Solaris
-CVE-2008-5683
+CVE-2008-5683 (Unspecified vulnerability in Opera before 9.63 allows remote attackers ...)
 	NOT-FOR-US: Opera
-CVE-2008-5682
+CVE-2008-5682 (Cross-site scripting (XSS) vulnerability in Opera before 9.63 allows r ...)
 	NOT-FOR-US: Opera
-CVE-2008-5681
+CVE-2008-5681 (Opera before 9.63 does not block unspecified "scripted URLs" during th ...)
 	NOT-FOR-US: Opera
-CVE-2008-5680
+CVE-2008-5680 (Multiple buffer overflows in Opera before 9.63 might allow (1) remote  ...)
 	NOT-FOR-US: Opera
-CVE-2008-5679
+CVE-2008-5679 (The HTML parsing engine in Opera before 9.63 allows remote attackers t ...)
 	NOT-FOR-US: Opera
-CVE-2008-5678
+CVE-2008-5678 (Fretwell-Downing Informatics (FDI) OLIB7 WebView 2.5.1.1 allows remote ...)
 	NOT-FOR-US: OLIB7 WebView
-CVE-2008-5677
+CVE-2008-5677 (Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and ea ...)
 	NOT-FOR-US: Kwalbum
-CVE-2008-5676
+CVE-2008-5676 (Multiple unspecified vulnerabilities in the ModSecurity (aka mod_secur ...)
 	- libapache-mod-security 2.5.6-1
-CVE-2008-5675
+CVE-2008-5675 (Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 h ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2008-5674
+CVE-2008-5674 (Multiple array index errors in the HTTP server in Darkwet Network webc ...)
 	NOT-FOR-US: Darkwet Network webcamXP
-CVE-2008-5673
+CVE-2008-5673 (PHParanoid before 0.4 does not properly restrict access to the members ...)
 	NOT-FOR-US: PHParanoid
-CVE-2008-5672
+CVE-2008-5672 (Multiple cross-site request forgery (CSRF) vulnerabilities in PHParano ...)
 	NOT-FOR-US: PHParanoid
-CVE-2008-5671
+CVE-2008-5671 (PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-5670
+CVE-2008-5670 (Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password duri ...)
 	- textpattern 4.0.6-1 (low)
-CVE-2008-5669
+CVE-2008-5669 (index.php in the comments preview section in Textpattern (aka Txp CMS) ...)
 	- textpattern 4.0.6-1 (low)
-CVE-2008-5668
+CVE-2008-5668 (Multiple cross-site scripting (XSS) vulnerabilities in Textpattern (ak ...)
 	- textpattern 4.0.6-1 (low)
-CVE-2008-5667
+CVE-2008-5667 (The scanning engine in VirusBlokAda VBA32 Personal Antivirus 3.12.8.x  ...)
 	NOT-FOR-US: VBA32 Personal Antivirus
-CVE-2008-5666
+CVE-2008-5666 (WinFTP FTP Server 2.3.0, when passive (aka PASV) mode is used, allows  ...)
 	NOT-FOR-US: WinFTP
-CVE-2008-5665
+CVE-2008-5665 (SQL injection vulnerability in index.php in the xhresim module in XOOP ...)
 	NOT-FOR-US: XOOPS
-CVE-2008-5664
+CVE-2008-5664 (Stack-based buffer overflow in Realtek Media Player (aka Realtek Sound ...)
 	NOT-FOR-US: Realtek Media Player
-CVE-2008-5663
+CVE-2008-5663 (Multiple unrestricted file upload vulnerabilities in Kusaba 1.0.4 and  ...)
 	NOT-FOR-US: Kusaba
-CVE-2008-5662
+CVE-2008-5662 (Multiple buffer overflows in Sun Java Wireless Toolkit (WTK) for CLDC  ...)
 	NOT-FOR-US: Sun Java Wireless Toolkit
-CVE-2008-5661
+CVE-2008-5661 (The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 t ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-5659
+CVE-2008-5659 (The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earl ...)
 	- classpath 2:0.98-1 (bug #512532; low)
 	[lenny] - classpath <no-dsa> (Minor issue)
 	- libgnucrypto-java <removed> (low; bug #559789)
 	[lenny] - libgnucrypto-java <no-dsa> (Minor issue)
-CVE-2008-5657
+CVE-2008-5657 (CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows rem ...)
 	- quassel 0.2~rc1-1.1 (bug #506550)
-CVE-2008-5656
+CVE-2008-5656 (Cross-site scripting (XSS) vulnerability in the frontend plugin for th ...)
 	- typo3-src 4.2.3-1 (bug #505325)
 	[etch] - typo3-src <not-affected> (Typo3 versions below 4.2.x are not affected)
-CVE-2008-5655
+CVE-2008-5655 (Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0  ...)
 	NOT-FOR-US: MyioSoft EasyBookMarker
-CVE-2008-5654
+CVE-2008-5654 (SQL injection vulnerability in the loginADP function in ajaxp.php in M ...)
 	NOT-FOR-US: MyioSoft EasyBookMarker
-CVE-2008-5653
+CVE-2008-5653 (SQL injection vulnerability in the loginADP function in ajaxp.php in M ...)
 	NOT-FOR-US: MyioSoft EasyBookMarker
-CVE-2008-5652
+CVE-2008-5652 (SQL injection vulnerability in the loginADP function in ajaxp.php in M ...)
 	NOT-FOR-US: MyioSoft EasyBookMarker
-CVE-2008-5651
+CVE-2008-5651 (SQL injection vulnerability in plugins/bookmarker/bookmarker_backend.p ...)
 	NOT-FOR-US: MyioSoft EasyBookMarker
-CVE-2008-5650
+CVE-2008-5650 (SQL injection vulnerability in the login directory in AlstraSoft Web H ...)
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2008-5649
+CVE-2008-5649 (SQL injection vulnerability in admin/admin.php in AlstraSoft Article M ...)
 	NOT-FOR-US: AlstraSoft Web Host Directory
-CVE-2008-5648
+CVE-2008-5648 (SQL injection vulnerability in admin/login.php in DeltaScripts PHP Sho ...)
 	NOT-FOR-US: DeltaScripts PHP Shop
-CVE-2008-5647
+CVE-2008-5647 (Unspecified vulnerability in the HTML sanitizer filter in Trac before  ...)
 	- trac 0.11.1-2.1 (low; bug #509342; bug #505197)
 	[etch] - trac <no-dsa> (Minor issue)
-CVE-2008-5646
+CVE-2008-5646 (Unspecified vulnerability in Trac before 0.11.2 allows attackers to ca ...)
 	- trac 0.11.1-2.1 (low; bug #509342; bug #505197)
 	[etch] - trac <no-dsa> (Minor issue)
-CVE-2008-5645
+CVE-2008-5645 (Directory traversal vulnerability in the media server in Orb Networks  ...)
 	NOT-FOR-US: Orb Networks Orb
-CVE-2008-5644
+CVE-2008-5644 (Cross-site scripting (XSS) vulnerability in the file backend module in ...)
 	- typo3-src 4.2.3-1 (bug #505324)
 	[etch] - typo3-src <not-affected> (Only Typo3 4.2.2 is affected)
-CVE-2008-5643
+CVE-2008-5643 (SQL injection vulnerability in the Books (com_books) component for Joo ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-5642
+CVE-2008-5642 (Directory traversal vulnerability in admin/login.php in CMS Made Simpl ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2008-5641
+CVE-2008-5641 (SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 ...)
 	NOT-FOR-US: Active Photo Gallery
-CVE-2008-5640
+CVE-2008-5640 (SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 allow ...)
 	NOT-FOR-US: Active Bids
-CVE-2008-5639
+CVE-2008-5639 (Directory traversal vulnerability in index.php in TxtBlog 1.0 Alpha al ...)
 	NOT-FOR-US: TxtBlog
-CVE-2008-5638
+CVE-2008-5638 (Multiple SQL injection vulnerabilities in Active Price Comparison 4 al ...)
 	NOT-FOR-US: Active Price Comparison
-CVE-2008-5637
+CVE-2008-5637 (SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows rem ...)
 	NOT-FOR-US: ParsBlogger
-CVE-2008-5636
+CVE-2008-5636 (SQL injection vulnerability in cate.php in Lito Lite CMS, when magic_q ...)
 	NOT-FOR-US: Lito Lite CMS
-CVE-2008-5635
+CVE-2008-5635 (SQL injection vulnerability in account.asp in Active Membership 2.0 al ...)
 	NOT-FOR-US: Active Membership
-CVE-2008-5634
+CVE-2008-5634 (SQL injection vulnerability in account.asp in Active Force Matrix 2.0  ...)
 	NOT-FOR-US: Active Force Matrix
-CVE-2008-5633
+CVE-2008-5633 (SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows  ...)
 	NOT-FOR-US: ActiveVotes
-CVE-2008-5632
+CVE-2008-5632 (SQL injection vulnerability in Account.asp in Active Time Billing 3.2  ...)
 	NOT-FOR-US: Active Time Billing
-CVE-2008-5631
+CVE-2008-5631 (SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows ...)
 	NOT-FOR-US: Active eWebquiz
-CVE-2008-5630
+CVE-2008-5630 (SQL injection vulnerability in merchants/index.php in Post Affiliate P ...)
 	NOT-FOR-US: Post Affiliate
-CVE-2008-5629
+CVE-2008-5629 (SQL injection vulnerability in index.php in Turnkey Arcade Script allo ...)
 	NOT-FOR-US: Turnkey Arcade Script
-CVE-2008-5628
+CVE-2008-5628 (SQL injection vulnerability in index.php in CMS little 0.0.1 allows re ...)
 	NOT-FOR-US: CMS little
-CVE-2008-5627
+CVE-2008-5627 (SQL injection vulnerability in account.asp in Active Trade 2 allows re ...)
 	NOT-FOR-US: Active Trade
-CVE-2008-5626
+CVE-2008-5626 (XM Easy Personal FTP Server 5.6.0 allows remote authenticated users to ...)
 	NOT-FOR-US: XM Easy Personal FTP Server
 CVE-2008-5623
 	RESERVED
-CVE-2008-5620
+CVE-2008-5620 (RoundCube Webmail (roundcubemail) before 0.2-beta allows remote attack ...)
 	- roundcube 0.1.1-10 (low; bug #509596)
-CVE-2008-5618
+CVE-2008-5618 (imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 b ...)
 	- rsyslog 3.18.6-1 (low; bug #510906)
 CVE-2008-5615
 	RESERVED
@@ -3675,244 +3675,244 @@ CVE-2008-5611
 	RESERVED
 CVE-2008-5610
 	RESERVED
-CVE-2008-5609
+CVE-2008-5609 (SQL injection vulnerability in the Commerce extension 0.9.6 and earlie ...)
 	NOT-FOR-US: Commerce extension
-CVE-2008-5608
+CVE-2008-5608 (ASP AutoDealer stores sensitive information under the web root with in ...)
 	NOT-FOR-US: AutoDealer
-CVE-2008-5607
+CVE-2008-5607 (SQL injection vulnerability in the JMovies (aka JM or com_jmovies) com ...)
 	NOT-FOR-US: joomla
-CVE-2008-5606
+CVE-2008-5606 (Gazatem QMail Mailing List Manager 1.2 stores sensitive information un ...)
 	NOT-FOR-US: Gazatem QMail Mailing List Manager
-CVE-2008-5605
+CVE-2008-5605 (Multiple SQL injection vulnerabilities in ASP Portal allow remote atta ...)
 	NOT-FOR-US: ASP Portal
-CVE-2008-5604
+CVE-2008-5604 (Directory traversal vulnerability in index.php in My Simple Forum 3.0  ...)
 	NOT-FOR-US: My Simple Forum
-CVE-2008-5603
+CVE-2008-5603 (ASPTicker 1.0 stores sensitive information under the web root with ins ...)
 	NOT-FOR-US: ASPTicker
-CVE-2008-5602
+CVE-2008-5602 (Natterchat 1.12 stores sensitive information under the web root with i ...)
 	NOT-FOR-US: Natterchat
-CVE-2008-5601
+CVE-2008-5601 (User Engine Lite ASP stores sensitive information under the web root w ...)
 	NOT-FOR-US: User Engine Lite ASP
-CVE-2008-5600
+CVE-2008-5600 (Merlix Teamworx Server stores sensitive information under the web root ...)
 	NOT-FOR-US: Merlix Teamworx Server
-CVE-2008-5599
+CVE-2008-5599 (SQL injection vulnerability in default.asp in Merlix Teamworx Server a ...)
 	NOT-FOR-US: Merlix Teamworx Server
-CVE-2008-5598
+CVE-2008-5598 (Directory traversal vulnerability in index.php in PHPmyGallery 1.51 go ...)
 	NOT-FOR-US: PHPmyGallery
-CVE-2008-5597
+CVE-2008-5597 (Cold BBS stores sensitive information under the web root with insuffic ...)
 	NOT-FOR-US: Cold BBS
-CVE-2008-5596
+CVE-2008-5596 (Ikon AdManager 2.1 and earlier stores sensitive information under the  ...)
 	NOT-FOR-US: Ikon AdManager
-CVE-2008-5595
+CVE-2008-5595 (SQL injection vulnerability in detail.asp in ASP AutoDealer allows rem ...)
 	NOT-FOR-US: ASP AutoDealer
-CVE-2008-5594
+CVE-2008-5594 (Multiple directory traversal vulnerabilities in index.php in Mini Blog ...)
 	NOT-FOR-US: Mini Blog
-CVE-2008-5593
+CVE-2008-5593 (Multiple directory traversal vulnerabilities in index.php in Mini CMS  ...)
 	NOT-FOR-US: Mini CMS
-CVE-2008-5592
+CVE-2008-5592 (Nightfall Personal Diary 1.0 stores sensitive information under the we ...)
 	NOT-FOR-US: Nightfall Personal Diary
-CVE-2008-5591
+CVE-2008-5591 (Cross-site scripting (XSS) vulnerability in login.asp in Nightfall Per ...)
 	NOT-FOR-US: Nightfall Personal Diary
-CVE-2008-5590
+CVE-2008-5590 (SQL injection vulnerability in customer.forumtopic.php in Kalptaru Inf ...)
 	NOT-FOR-US: Kalptaru Infotech Product Sale Framework
-CVE-2008-5589
+CVE-2008-5589 (SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm ...)
 	NOT-FOR-US: Katy Whitton RankEm
-CVE-2008-5588
+CVE-2008-5588 (SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allow ...)
 	NOT-FOR-US: Katy Whitton RankEm
-CVE-2008-5587
+CVE-2008-5587 (Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdm ...)
 	{DSA-1693-1}
 	- phppgadmin 4.2.1-1.1 (low; bug #508026)
 	NOTE: register_globals=on is required
 	NOTE: http://www.milw0rm.com/exploits/7363
-CVE-2008-5586
+CVE-2008-5586 (SQL injection vulnerability in findoffice.php in Check Up New Generati ...)
 	NOT-FOR-US: Check Up New Generation
-CVE-2008-5585
+CVE-2008-5585 (Multiple PHP remote file inclusion vulnerabilities in lcxBBportal 0.1  ...)
 	NOT-FOR-US: lcxBBportal
 CVE-2008-5622
 	REJECTED
-CVE-2008-5621
+CVE-2008-5621 (Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x b ...)
 	{DSA-1723-1}
 	- phpmyadmin 4:2.11.8.1-5
-CVE-2008-5584
+CVE-2008-5584 (Multiple cross-site scripting (XSS) vulnerabilities in ProjectPier 0.8 ...)
 	NOT-FOR-US: ProjectPier
-CVE-2008-5583
+CVE-2008-5583 (Cross-site request forgery (CSRF) vulnerability in index.php in Projec ...)
 	NOT-FOR-US: ProjectPier
-CVE-2008-5582
+CVE-2008-5582 (SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, a ...)
 	NOT-FOR-US: Nukedit
-CVE-2008-5581
+CVE-2008-5581 (PHP remote file inclusion vulnerability in mini-pub.php/front-end/img. ...)
 	NOT-FOR-US: mini-pub
-CVE-2008-5580
+CVE-2008-5580 (mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers ...)
 	NOT-FOR-US: mini-pub
-CVE-2008-5579
+CVE-2008-5579 (Absolute path traversal vulnerability in mini-pub.php/front-end/cat.ph ...)
 	NOT-FOR-US: mini-pub
-CVE-2008-5578
+CVE-2008-5578 (Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0,  ...)
 	NOT-FOR-US: sCssBoard
-CVE-2008-5577
+CVE-2008-5577 (PHP remote file inclusion vulnerability in index.php in sCssBoard 1.0, ...)
 	NOT-FOR-US: sCssBoard
-CVE-2008-5576
+CVE-2008-5576 (admin/forums.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote a ...)
 	NOT-FOR-US: sCssBoard
-CVE-2008-5575
+CVE-2008-5575 (Session fixation vulnerability in Pro Clan Manager 0.4.2 and earlier a ...)
 	NOT-FOR-US: Pro Clan Manager
-CVE-2008-5574
+CVE-2008-5574 (SQL injection vulnerability in member.php in Webmaster Marketplace all ...)
 	NOT-FOR-US: Webmaster Marketplace
-CVE-2008-5573
+CVE-2008-5573 (SQL injection vulnerability in the login feature in Poll Pro 2.0 allow ...)
 	NOT-FOR-US: Poll Pro
-CVE-2008-5572
+CVE-2008-5572 (Professional Download Assistant 0.1 stores sensitive information under ...)
 	NOT-FOR-US: Professional Download Assistant
-CVE-2008-5571
+CVE-2008-5571 (SQL injection vulnerability in admin/login.asp in Professional Downloa ...)
 	NOT-FOR-US: Professional Download Assistant
-CVE-2008-5570
+CVE-2008-5570 (Directory traversal vulnerability in index.php in PHP Multiple Newslet ...)
 	NOT-FOR-US: Multiple Newsletters
-CVE-2008-5569
+CVE-2008-5569 (Multiple cross-site scripting (XSS) vulnerabilities in PHPepperShop 1. ...)
 	NOT-FOR-US: PHPepperShop
-CVE-2008-5568
+CVE-2008-5568 (Cross-site request forgery (CSRF) vulnerability in admin/settings.php  ...)
 	NOT-FOR-US: IPN Pro
-CVE-2008-5567
+CVE-2008-5567 (Cross-site request forgery (CSRF) vulnerability in admin/ad_settings.p ...)
 	NOT-FOR-US: Bonza Cart
-CVE-2008-5566
+CVE-2008-5566 (Cross-site scripting (XSS) vulnerability in index.php in Triangle Solu ...)
 	NOT-FOR-US: Multiple Newsletters
-CVE-2008-5565
+CVE-2008-5565 (Cross-site request forgery (CSRF) vulnerability in admin/settings.php  ...)
 	NOT-FOR-US: DL PayCart
-CVE-2008-5564
+CVE-2008-5564 (Unspecified vulnerability in the media server in Orb Networks Orb befo ...)
 	NOT-FOR-US: Orb Networks Orb
-CVE-2008-5563
+CVE-2008-5563 (Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x,  ...)
 	NOT-FOR-US: Aruba Mobility Controller
-CVE-2008-5562
+CVE-2008-5562 (ASPPortal stores sensitive information under the web root with insuffi ...)
 	NOT-FOR-US: ASPPortal
-CVE-2008-5561
+CVE-2008-5561 (SQL injection vulnerability in Netref 4.0 allows remote attackers to e ...)
 	NOT-FOR-US: Netref
-CVE-2008-5560
+CVE-2008-5560 (PostEcards stores sensitive information under the web root with insuff ...)
 	NOT-FOR-US: PostEcards
-CVE-2008-5559
+CVE-2008-5559 (SQL injection vulnerability in sendcard.cfm in PostEcards allows remot ...)
 	NOT-FOR-US: PostEcards
-CVE-2008-5558
+CVE-2008-5558 (Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2. ...)
 	- asterisk 1:1.4.0~dfsg-1 (bug #509686)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2008-5557
+CVE-2008-5557 (Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_ht ...)
 	{DSA-1789-1 DTSA-188-1}
 	- php5 5.2.6.dfsg.1-1 (bug #511493)
 	[lenny] - php5 5.2.6.dfsg.1-1+lenny1
 	NOTE: according to bug report, this was fixed in lenny prior to the release, but was not marked as such at the time
-CVE-2008-6506
+CVE-2008-6506 (Unspecified vulnerability in phpBB before 3.0.4 allows attackers to by ...)
 	- phpbb3 3.0.2-4 (low; bug #508872)
 CVE-2008-5556
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5555
+CVE-2008-5555 (Microsoft Internet Explorer 8.0 Beta 2 relies on the XDomainRequestAll ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5554
+CVE-2008-5554 (The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 does not prop ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5553
+CVE-2008-5553 (The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 disables itse ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5552
+CVE-2008-5552 (The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5551
+CVE-2008-5551 (The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5550
+CVE-2008-5550 (Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp  ...)
 	NOT-FOR-US: Sun Java Web Console
-CVE-2008-5549
+CVE-2008-5549 (Unspecified vulnerability in the Sun Java Web Console components in Su ...)
 	NOT-FOR-US: Sun Java Web Console
-CVE-2008-5548
+CVE-2008-5548 (VirusBuster 4.5.11.0, when Internet Explorer 6 or 7 is used, allows re ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-5547
+CVE-2008-5547 (HAURI ViRobot 2008.12.4.1499 and possibly 2008.9.12.1375, when Interne ...)
 	NOT-FOR-US: HAURI ViRobot
-CVE-2008-5546
+CVE-2008-5546 (VirusBlokAda VBA32 3.12.8.5, when Internet Explorer 6 or 7 is used, al ...)
 	NOT-FOR-US: VirusBlokAda VBA32
-CVE-2008-5545
+CVE-2008-5545 (Trend Micro VSAPI 8.700.0.1004 in Trend Micro AntiVirus, when Internet ...)
 	NOT-FOR-US: Trend Micro VSAPI
-CVE-2008-5544
+CVE-2008-5544 (Hacksoft The Hacker 6.3.1.2.174 and possibly 6.3.0.9.081, when Interne ...)
 	NOT-FOR-US: Hacksoft The Hacker
-CVE-2008-5543
+CVE-2008-5543 (Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, al ...)
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2008-5542
+CVE-2008-5542 (Sunbelt VIPRE 3.1.1832.2 and possibly 3.1.1633.1, when Internet Explor ...)
 	NOT-FOR-US: Sunbelt VIPRE
-CVE-2008-5541
+CVE-2008-5541 (Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allow ...)
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2008-5540
+CVE-2008-5540 (Secure Computing Secure Web Gateway (aka Webwasher), when Internet Exp ...)
 	NOT-FOR-US: Webwasher
-CVE-2008-5539
+CVE-2008-5539 (RISING Antivirus 21.06.31.00 and possibly 20.61.42.00, when Internet E ...)
 	NOT-FOR-US: RISING Antivirus
-CVE-2008-5538
+CVE-2008-5538 (Prevx Prevx1 2, when Internet Explorer 6 or 7 is used, allows remote a ...)
 	NOT-FOR-US: Prevx Prevx1 2
-CVE-2008-5537
+CVE-2008-5537 (PC Tools AntiVirus 4.4.2.0, when Internet Explorer 6 or 7 is used, all ...)
 	NOT-FOR-US: PC Tools AntiVirus
-CVE-2008-5536
+CVE-2008-5536 (Panda Antivirus 9.0.0.4, when Internet Explorer 6 or 7 is used, allows ...)
 	NOT-FOR-US: Panda Antivirus
-CVE-2008-5535
+CVE-2008-5535 (Norman Antivirus 5.80.02, when Internet Explorer 6 or 7 is used, allow ...)
 	NOT-FOR-US: Norman Antivirus
-CVE-2008-5534
+CVE-2008-5534 (ESET NOD32 Antivirus 3662 and possibly 3440, when Internet Explorer 6  ...)
 	NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2008-5533
+CVE-2008-5533 (K7AntiVirus 7.10.541 and possibly 7.10.454, when Internet Explorer 6 o ...)
 	NOT-FOR-US: K7AntiVirus
-CVE-2008-5532
+CVE-2008-5532 (Ikarus Virus Utilities T3.1.1.45.0 and possibly T3.1.1.34.0, when Inte ...)
 	NOT-FOR-US: Ikarus Virus Utilities
-CVE-2008-5531
+CVE-2008-5531 (Fortinet Antivirus 3.113.0.0, when Internet Explorer 6 or 7 is used, a ...)
 	NOT-FOR-US: Fortinet Antivirus
-CVE-2008-5530
+CVE-2008-5530 (Ewido Security Suite 4.0, when Internet Explorer 6 or 7 is used, allow ...)
 	NOT-FOR-US: Ewido Security Suite
-CVE-2008-5529
+CVE-2008-5529 (CA eTrust Antivirus 31.6.6086, when Internet Explorer 6 or 7 is used,  ...)
 	NOT-FOR-US: CA eTrust Antivirus
-CVE-2008-5528
+CVE-2008-5528 (Aladdin eSafe 7.0.17.0, when Internet Explorer 6 or 7 is used, allows  ...)
 	NOT-FOR-US: Aladdin eSafe
-CVE-2008-5527
+CVE-2008-5527 (ESET Smart Security, when Internet Explorer 6 or 7 is used, allows rem ...)
 	NOT-FOR-US: ESET Smart Security
-CVE-2008-5526
+CVE-2008-5526 (DrWeb Anti-virus 4.44.0.09170, when Internet Explorer 6 or 7 is used,  ...)
 	NOT-FOR-US: DrWeb Anti-virus
-CVE-2008-5525
+CVE-2008-5525 (ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is us ...)
 	- clamav <not-affected> (medium; bug #526041)
 	NOTE: this issue refers to a clamav antivirus bypass that occurs when the user
 	NOTE: is using IE6 or IE7 to open a malicious page with an MZ header
 	NOTE: - all other browsers are not vulnerable
 	NOTE: - see http://xforce.iss.net/xforce/xfdb/47435 and bug report for details
-CVE-2008-5524
+CVE-2008-5524 (CAT-QuickHeal 10.00 and possibly 9.50, when Internet Explorer 6 or 7 i ...)
 	NOT-FOR-US: CAT-QuickHeal
-CVE-2008-5523
+CVE-2008-5523 (avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, al ...)
 	NOT-FOR-US: avast! antivirus
-CVE-2008-5522
+CVE-2008-5522 (AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allow ...)
 	NOT-FOR-US: AVG Anti-Virus
-CVE-2008-5521
+CVE-2008-5521 (Avira AntiVir 7.9.0.36 and possibly 7.8.1.28, when Internet Explorer 6 ...)
 	NOT-FOR-US: Avira AntiVir
-CVE-2008-5520
+CVE-2008-5520 (AhnLab V3 2008.12.4.1 and possibly 2008.9.13.0, when Internet Explorer ...)
 	NOT-FOR-US: AhnLab V3
-CVE-2008-5519
+CVE-2008-5519 (The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat al ...)
 	{DSA-1810-1}
 	- libapache-mod-jk 1:1.2.26-2.1 (bug #523054)
-CVE-2008-5518
+CVE-2008-5518 (Multiple directory traversal vulnerabilities in the web administration ...)
 	- geronimo <itp> (bug #481869)
-CVE-2008-5517
+CVE-2008-5517 (The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote att ...)
 	{DSA-1708-1}
 	- git-core 1:1.5.6.5-2 (low; bug #512330)
-CVE-2008-5516
+CVE-2008-5516 (The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote att ...)
 	{DSA-1708-1}
 	- git-core 1:1.5.6-1
-CVE-2008-5515
+CVE-2008-5515 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 throug ...)
 	{DSA-2207-1}
 	- tomcat5 <removed> (bug #532363)
 	- tomcat5.5 <removed> (bug #532366)
 	- tomcat6 6.0.20-1 (bug #532362)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2008-5514
+CVE-2008-5514 (Off-by-one error in the rfc822_output_char function in the RFC822BUFFE ...)
 	{DTSA-174-2}
 	- uw-imap 2007b~dfsg-1.1 (medium; bug #510918)
 	[etch] - uw-imap <not-affected> (Vulnerable code not present)
 	- alpine 2.02-3.1 (low)
 	[lenny] - alpine <no-dsa> (Minor issue)
 	[squeeze] - alpine  2.00+dfsg-6+squeeze1
-CVE-2008-5513
+CVE-2008-5513 (Unspecified vulnerability in the session-restore feature in Mozilla Fi ...)
 	{DSA-1707-1}
 	- iceweasel 3.0.5-1
-CVE-2008-5512
+CVE-2008-5512 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0 ...)
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
-CVE-2008-5511
+CVE-2008-5511 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird  ...)
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
-CVE-2008-5510
+CVE-2008-5510 (The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0. ...)
 	{DSA-1707-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
@@ -3923,90 +3923,90 @@ CVE-2008-5510
 	NOTE: patch will be checked for icedove/iceape/xulrunner by Alexander for next round
 CVE-2008-5509
 	RESERVED
-CVE-2008-5508
+CVE-2008-5508 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird  ...)
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
-CVE-2008-5507
+CVE-2008-5507 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird  ...)
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
-CVE-2008-5506
+CVE-2008-5506 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird  ...)
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
-CVE-2008-5505
+CVE-2008-5505 (Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass int ...)
 	- iceweasel 3.0.5-1
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: patch now available and will be checked for next patch round
-CVE-2008-5504
+CVE-2008-5504 (Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arb ...)
 	{DSA-1707-1}
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
 	[etch] - xulrunner <not-affected> (The vulnerable feature is only included in 1.8.1 branch)
 	NOTE: Original fix for CVE-2008-3836 was incomplete
-CVE-2008-5503
+CVE-2008-5503 (The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.1 ...)
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceape 1.1.13-1
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.19-1 (low)
 	NOTE: JavaScript for mails is disabled by default and if users enable it ...
-CVE-2008-5502
+CVE-2008-5502 (The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x ...)
 	- iceweasel 3.0.5-1
 	[etch] - iceweasel <not-affected> (Firefox 2.x not affected)
 	- xulrunner 1.9.0.5-1
 	[etch] - xulrunner <not-affected> (Xulrunner 1.8 not affected)
 	- icedove <not-affected> (This issue was FF3 only, CVE-2008-5500 affects icedove)
-CVE-2008-5501
+CVE-2008-5501 (The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x ...)
 	- iceweasel 3.0.5-1
 	[etch] - iceweasel <not-affected> (Firefox 2.x not affected)
 	- xulrunner 1.9.0.5-1
 	[etch] - xulrunner <not-affected> (Xulrunner 1.8 not affected)
 	- icedove <not-affected> (This issue was FF3 only, CVE-2008-5500 affects icedove)
-CVE-2008-5500
+CVE-2008-5500 (The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2 ...)
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
-CVE-2008-5499
+CVE-2008-5499 (Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36,  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-5498
+CVE-2008-5498 (Array index error in the imageRotate function in PHP 5.2.8 and earlier ...)
 	- php5 <not-affected> (php5 links to the shared lib)
 	- libgd2 <not-affected> (code is specific to php's libgd)
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1360&r2=1.2027.2.547.2.1361
-CVE-2008-5497
+CVE-2008-5497 (BandSite CMS 1.1.4 allows remote attackers to bypass authentication an ...)
 	NOT-FOR-US: BandSite CMS
-CVE-2008-5496
+CVE-2008-5496 (SQL injection vulnerability in showcategory.php in PozScripts Business ...)
 	NOT-FOR-US: PozScripts Business Directory Script
-CVE-2008-5495
+CVE-2008-5495 (Unspecified vulnerability in the GungHo LoadPrgAx ActiveX control 1.0. ...)
 	NOT-FOR-US: GungHo LoadPrgAx
-CVE-2008-5494
+CVE-2008-5494 (SQL injection vulnerability in the Contact Information Module (com_con ...)
 	NOT-FOR-US: Contact Information Module (com_contactinfo) component for Joomla!
-CVE-2008-5493
+CVE-2008-5493 (SQL injection vulnerability in track.php in PHPStore Wholesales (aka W ...)
 	NOT-FOR-US: PHPStore Wholesales
-CVE-2008-5492
+CVE-2008-5492 (Heap-based buffer overflow in the PDFVIEW.PdfviewCtrl.1 ActiveX contro ...)
 	NOT-FOR-US: PDFVIEW.PdfviewCtrl.1
-CVE-2008-5491
+CVE-2008-5491 (SQL injection vulnerability in edit.php in SlimCMS 1.0.0 and earlier a ...)
 	NOT-FOR-US: SlimCMS
-CVE-2008-5490
+CVE-2008-5490 (SQL injection vulnerability in index.php in PHPStore Yahoo Answers all ...)
 	NOT-FOR-US: PHPStore Yahoo Answers
-CVE-2008-5489
+CVE-2008-5489 (SQL injection vulnerability in channel_detail.php in ClipShare Pro 4,  ...)
 	NOT-FOR-US: ClipShare
-CVE-2008-5488
+CVE-2008-5488 (SQL injection vulnerability in admin.php in E-topbiz Domain Shop 2 all ...)
 	NOT-FOR-US: E-topbiz Domain Shop
-CVE-2008-5487
+CVE-2008-5487 (Cross-site scripting (XSS) vulnerability in admin.php in TurnkeyForms  ...)
 	NOT-FOR-US: TurnkeyForms Text Link Sales
-CVE-2008-5486
+CVE-2008-5486 (SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sal ...)
 	NOT-FOR-US: TurnkeyForms Text Link Sales
-CVE-2008-5616
+CVE-2008-5616 (Stack-based buffer overflow in the demux_open_vqf function in libmpdem ...)
 	{DSA-1782-1 DTSA-181-1}
 	- mplayer 1.0~rc2-19 (low; bug #508803)
 CVE-2008-XXXX [axel URL parser buffer overflow]
@@ -4014,7 +4014,7 @@ CVE-2008-XXXX [axel URL parser buffer overflow]
 	[etch] - axel <no-dsa> (Minor issue)
 	NOTE: http://alioth.debian.org/forum/forum.php?forum_id=2846
 	NOTE: this only work for non-interactive sessions which is a quite exotic usecase
-CVE-2008-5619
+CVE-2008-5619 (html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMaile ...)
 	- roundcube 0.1.1-9 (high; bug #508628; bug #536498)
 	NOTE: According to the bug report, this is being exploited.
 	- moodle 1.8.2.dfsg-2 (bug #508909)
@@ -4067,150 +4067,150 @@ CVE-2008-5465
 	REJECTED
 CVE-2008-5464
 	REJECTED
-CVE-2008-5463
+CVE-2008-5463 (Unspecified vulnerability in the PeopleSoft Enterprise Campus Solution ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-5462
+CVE-2008-5462 (Unspecified vulnerability in the WebLogic Portal component in BEA Prod ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-5461
+CVE-2008-5461 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-5460
+CVE-2008-5460 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-5459
+CVE-2008-5459 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-5458
+CVE-2008-5458 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5457
+CVE-2008-5457 (Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins fo ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5456
+CVE-2008-5456 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5455
+CVE-2008-5455 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS - ePerform ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5454
+CVE-2008-5454 (Unspecified vulnerability in the iProcurement component in Oracle E-Bu ...)
 	NOT-FOR-US: Oracle
 CVE-2008-5453
 	REJECTED
-CVE-2008-5452
+CVE-2008-5452 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5451
+CVE-2008-5451 (Unspecified vulnerability in the JD Edwards Tools component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5450
+CVE-2008-5450 (Unspecified vulnerability in the Oracle Applications Platform Engineer ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5449
+CVE-2008-5449 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5448
+CVE-2008-5448 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5447
+CVE-2008-5447 (Unspecified vulnerability in the Oracle Enterprise Manager component i ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5446
+CVE-2008-5446 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5445
+CVE-2008-5445 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5444
+CVE-2008-5444 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5443
+CVE-2008-5443 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5442
+CVE-2008-5442 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5441
+CVE-2008-5441 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5440
+CVE-2008-5440 (Unspecified vulnerability in the TimesTen Data Server component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5439
+CVE-2008-5439 (Unspecified vulnerability in the SQL*Plus Windows GUI component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5438
+CVE-2008-5438 (Unspecified vulnerability in the Oracle Portal component in Oracle App ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5437
+CVE-2008-5437 (Unspecified vulnerability in the Job Queue component in Oracle Databas ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5436
+CVE-2008-5436 (Unspecified vulnerability in the Oracle OLAP component in Oracle Datab ...)
 	NOT-FOR-US: Oracle
-CVE-2008-5435
+CVE-2008-5435 (Cross-site scripting (XSS) vulnerability in moderate.php in PunBB befo ...)
 	NOT-FOR-US: PunBB
-CVE-2008-5434
+CVE-2008-5434 (Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow re ...)
 	NOT-FOR-US: PunBB
-CVE-2008-5433
+CVE-2008-5433 (Cross-site scripting (XSS) vulnerability in login.php in PunBB 1.3 and ...)
 	NOT-FOR-US: PunBB
-CVE-2008-5432
+CVE-2008-5432 (Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 b ...)
 	{DSA-1691-1}
 	- moodle 1.8.2.dfsg-1 (bug #508593)
-CVE-2008-5431
+CVE-2008-5431 (Teamtek Universal FTP Server 1.0.44 allows remote attackers to cause a ...)
 	NOT-FOR-US: Teamtek Universal FTP Server
-CVE-2008-5430
+CVE-2008-5430 (Mozilla Thunderbird 2.0.14 does not properly handle (1) multipart/mixe ...)
 	- icedove <unfixed> (unimportant)
 	NOTE: crashes icedove, but no security impact
-CVE-2008-5429
+CVE-2008-5429 (Incredimail build 5853710 does not properly handle (1) multipart/mixed ...)
 	NOT-FOR-US: Incredimail
-CVE-2008-5428
+CVE-2008-5428 (Opera 9.51 on Windows XP does not properly handle (1) multipart/mixed  ...)
 	NOT-FOR-US: Opera
-CVE-2008-5427
+CVE-2008-5427 (Norton Antivirus in Norton Internet Security 15.5.0.23 does not proper ...)
 	NOT-FOR-US: Norton Internet Security
-CVE-2008-5426
+CVE-2008-5426 (Kaspersky Internet Security Suite 2009 does not properly handle (1) mu ...)
 	NOT-FOR-US: Kaspersky Internet Security Suite
-CVE-2008-5425
+CVE-2008-5425 (ESet NOD32 2.70.0039.0000 does not properly handle (1) multipart/mixed ...)
 	NOT-FOR-US: NOD32
-CVE-2008-5424
+CVE-2008-5424 (The MimeOleClearDirtyTree function in InetComm.dll in Microsoft Outloo ...)
 	NOT-FOR-US: Microsoft Outlook Express
-CVE-2008-5423
+CVE-2008-5423 (Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector  ...)
 	NOT-FOR-US: Sun Ray Software
-CVE-2008-5422
+CVE-2008-5422 (Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict ...)
 	NOT-FOR-US: Sun Sun Ray Server Software
-CVE-2008-5421
+CVE-2008-5421 (The SSL web administration service in NetWin SmsGate 1.1n and earlier  ...)
 	NOT-FOR-US: NetWin SmsGate
-CVE-2008-5420
+CVE-2008-5420 (The SAN Manager Master Agent service (aka msragent.exe) in EMC Control ...)
 	NOT-FOR-US: SAN Manager Master Agent
-CVE-2008-5419
+CVE-2008-5419 (Stack-based buffer overflow in SAN Manager Master Agent service (aka m ...)
 	NOT-FOR-US: SAN Manager Master Agent
-CVE-2008-5418
+CVE-2008-5418 (Directory traversal vulnerability in login.php in the PunPortal module ...)
 	NOT-FOR-US: PunBB
-CVE-2008-5417
+CVE-2008-5417 (HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses ...)
 	NOT-FOR-US: HP DECnet-Plus
-CVE-2008-5416
+CVE-2008-5416 (Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050 ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2008-5415
+CVE-2008-5415 (The LDBserver service in the server in CA ARCserve Backup 11.1 through ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-5414
+CVE-2008-5414 (Unspecified vulnerability in the Feature Pack for Web Services in the  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-5413
+CVE-2008-5413 (PerfServlet in the PMI/Performance Tools component in IBM WebSphere Ap ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-5412
+CVE-2008-5412 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-5411
+CVE-2008-5411 (IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 sends SSL traf ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-5410
+CVE-2008-5410 (The PK11_SESSION cache in the OpenSSL PKCS#11 engine in Sun Solaris 10 ...)
 	NOT-FOR-US: Solaris
-CVE-2008-5409
+CVE-2008-5409 (Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Fre ...)
 	NOT-FOR-US: itDefender Free Edition and Antivirus Standard, BullGuard Internet Security and Software602 Groupware Server
-CVE-2008-5408
+CVE-2008-5408 (Buffer overflow in the data management protocol in Symantec Backup Exe ...)
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2008-5407
+CVE-2008-5407 (Multiple unspecified vulnerabilities in the Backup Exec remote-agent l ...)
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2008-5406
+CVE-2008-5406 (Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes ...)
 	NOT-FOR-US: Apple QuickTime Player and iTunes
-CVE-2008-5405
+CVE-2008-5405 (Stack-based buffer overflow in the RDP protocol password decoder in Ca ...)
 	NOT-FOR-US: Cain & Abel
-CVE-2008-5404
+CVE-2008-5404 (Insecure method vulnerability in the FlexCell.Grid ActiveX control in  ...)
 	NOT-FOR-US: FlexCell
-CVE-2008-5403
+CVE-2008-5403 (Heap-based buffer overflow in the XML parser in the AIM plugin in Tril ...)
 	NOT-FOR-US: Trillian
-CVE-2008-5402
+CVE-2008-5402 (Double free vulnerability in the XML parser in Trillian before 3.1.12. ...)
 	NOT-FOR-US: Trillian
-CVE-2008-5401
+CVE-2008-5401 (Stack-based buffer overflow in the image tooltip implementation in Tri ...)
 	NOT-FOR-US: Trillian
-CVE-2008-5400
+CVE-2008-5400 (Multiple cross-site request forgery (CSRF) vulnerabilities in mvnForum ...)
 	NOT-FOR-US: mvnForum
-CVE-2008-5399
+CVE-2008-5399 (Cross-site scripting (XSS) vulnerability in the listonlineusers (aka " ...)
 	NOT-FOR-US: mvnForum
-CVE-2008-5398
+CVE-2008-5398 (Tor before 0.2.0.32 does not properly process the ClientDNSRejectInter ...)
 	- tor 0.2.0.32-1
-CVE-2008-5397
+CVE-2008-5397 (Tor before 0.2.0.32 does not properly process the (1) User and (2) Gro ...)
 	- tor 0.2.0.32-1 (bug #505178)
-CVE-2008-5396
+CVE-2008-5396 (Array index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in  ...)
 	{DSA-1699-1}
 	- zaptel 1:1.4.11~dfsg-3
-CVE-2008-5395
+CVE-2008-5395 (The parisc_show_stack function in arch/parisc/kernel/traps.c in the Li ...)
 	{DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.26-13
 	- linux-2.6.24 <removed>
-CVE-2008-5393
+CVE-2008-5393 (UPR-Kernel in Ubuntu Privacy Remix (UPR) before 8.04_r1 includes kerne ...)
 	NOT-FOR-US: Ubuntu Privacy Remix
 CVE-2008-5392
 	REJECTED
@@ -4222,185 +4222,185 @@ CVE-2008-5389
 	REJECTED
 CVE-2008-5388
 	REJECTED
-CVE-2008-5387
+CVE-2008-5387 (Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when Role ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-5386
+CVE-2008-5386 (Buffer overflow in ndp in IBM AIX 6.1.0 through 6.1.2, when the netcd  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-5385
+CVE-2008-5385 (enq in bos.rte.printers in IBM AIX 6.1.0 through 6.1.2, when a print q ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-5384
+CVE-2008-5384 (crontab in bos.rte.cron in IBM AIX 6.1.0 through 6.1.2 allows local us ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-5383
+CVE-2008-5383 (Stack-based buffer overflow in National Instruments Electronics Workbe ...)
 	NOT-FOR-US: National Instruments Electronics Workbench
-CVE-2008-5382
+CVE-2008-5382 (Cross-site request forgery (CSRF) vulnerability in I-O DATA DEVICE HDL ...)
 	NOT-FOR-US: I-O firmware
-CVE-2008-5381
+CVE-2008-5381 (Buffer overflow in the URL processing in ffdshow (aka ffdshow-tryout)  ...)
 	NOT-FOR-US: ffdshow
-CVE-2008-5380
+CVE-2008-5380 (gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite a ...)
 	- gpsdrive 2.10~pre4-6.dfsg-2 (low; bug #508595)
 	[etch] - gpsdrive <no-dsa> (Minor issue)
 	[lenny] - gpsdrive 2.10~pre4-6.dfsg-1+lenny1
-CVE-2008-5379
+CVE-2008-5379 (netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary  ...)
 	- netdisco-mibs-installer 1.4 (low; bug #508940)
 	[lenny] - netdisco-mibs-installer <no-dsa> (Contrib not supported)
-CVE-2008-5378
+CVE-2008-5378 (arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitra ...)
 	- arb 0.0.20071207.1-6 (low; bug #508942)
-CVE-2008-5377
+CVE-2008-5377 (pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files  ...)
 	- cups 1.3.8-1lenny1 (low)
 	- cupsys <removed>
 	[etch] - cupsys <no-dsa> (Example script)
-CVE-2008-5376
+CVE-2008-5376 (editcomment in crip 3.7 allows local users to overwrite arbitrary file ...)
 	- crip 3.7-5 (low; bug #509275)
 	[etch] - crip 3.7-3+etch1
-CVE-2008-5375
+CVE-2008-5375 (cmus-status-display in cmus 2.2.0 allows local users to overwrite arbi ...)
 	- cmus 2.2.0-1.1 (unimportant; bug #509277)
 	NOTE: Just an example script
-CVE-2008-5374
+CVE-2008-5374 (bash-doc 3.2 allows local users to overwrite arbitrary files via a sym ...)
 	- bash 4.0-2 (unimportant; bug #509279)
 	NOTE: scripts are examples
-CVE-2008-5373
+CVE-2008-5373 (mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users t ...)
 	- bacula 2.4.0-1 (unimportant; bug #509301)
 	NOTE: script is an example
-CVE-2008-5372
+CVE-2008-5372 (sdm-login in sdm-terminal 0.4.0b allows local users to overwrite arbit ...)
 	- sdm 0.4.1-1 (unimportant; bug #509331)
 	NOTE: Not really a bug since only "touch" is used on the temp file
-CVE-2008-5371
+CVE-2008-5371 (screenie in screenie 1.30.0 allows local users to overwrite arbitrary  ...)
 	- screenie 1.30.0-5.1 (low; bug #509332)
-CVE-2008-5370
+CVE-2008-5370 (pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite ...)
 	- pvpgn 1.8.1-2 (low; bug #509336)
 	[etch] - pvpgn <no-dsa> (Contrib not supported)
-CVE-2008-5369
+CVE-2008-5369 (noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files v ...)
 	- no-ip 2.1.9-1 (unimportant; bug #509348)
 	NOTE: original issue doesn't seem to be present, however there is a tmprace in the init
 	NOTE: script if it is used to debug with strace and a missing check for mkstemp failing
 	NOTE: but these situations are really corner cases
-CVE-2008-5368
+CVE-2008-5368 (muttprint in muttprint 0.72d allows local users to overwrite arbitrary ...)
 	- muttprint 0.72d-10 (low; bug #509487)
 	[etch] - muttprint 0.72d-8etch1
-CVE-2008-5367
+CVE-2008-5367 (ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to o ...)
 	- ppp <unfixed> (unimportant)
 	NOTE: insecure temp file handling in udeb is not an issue, since it is during the installation
-CVE-2008-5366
+CVE-2008-5366 (The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local u ...)
 	- ppp <unfixed> (unimportant; bug #509488)
 	NOTE: Package postinst isn't vulnerable, only .tmp files in /etc
-CVE-2008-5365
+CVE-2008-5365 (SQL injection vulnerability in VoteHistory.asp in ActiveWebSoftwares A ...)
 	NOT-FOR-US: ActiveWebSoftwares
-CVE-2008-5364
+CVE-2008-5364 (Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx 1 ...)
 	NOT-FOR-US: getPlus
-CVE-2008-5363
+CVE-2008-5363 (The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-5362
+CVE-2008-5362 (The DefineConstantPool action in the ActionScript 2 virtual machine in ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-5361
+CVE-2008-5361 (The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-5617
+CVE-2008-5617 (The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does no ...)
 	- rsyslog 3.18.6-1 (bug #508027)
-CVE-2008-5624
+CVE-2008-5624 (PHP 5 before 5.2.7 does not properly initialize the page_uid and page_ ...)
 	{DSA-1789-1 DTSA-188-1}
 	- php5 5.2.6.dfsg.1-1 (medium; bug #508021)
 	- php4 <removed> (medium; bug #559787)
-CVE-2008-5660
+CVE-2008-5660 (Format string vulnerability in the vinagre_utils_show_error function ( ...)
 	- vinagre 0.5.1-2
-CVE-2008-5360
+CVE-2008-5360 (Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ear ...)
 	- sun-java5 1.5.0-17-0.1 (low; bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (low; bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5359
+CVE-2008-5359 (Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE  ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5358
+CVE-2008-5358 (Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ear ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5357
+CVE-2008-5357 (Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (uses system's freetype library)
-CVE-2008-5356
+CVE-2008-5356 (Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun J ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (uses system's freetype library)
-CVE-2008-5355
+CVE-2008-5355 (The "Java Update" feature for Java Runtime Environment (JRE) for Sun J ...)
 	- sun-java5 <not-affected> (Java update not used in Debian)
 	- sun-java6 <not-affected> (Java update not used in Debian)
 	- openjdk-6 <not-affected> (Java update not used in Debian)
-CVE-2008-5354
+CVE-2008-5354 (Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun  ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5353
+CVE-2008-5353 (The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5352
+CVE-2008-5352 (Integer overflow in the JAR unpacking utility (unpack200) in the unpac ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5351
+CVE-2008-5351 (Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ear ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5350
+CVE-2008-5350 (Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JD ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5349
+CVE-2008-5349 (Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JD ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5348
+CVE-2008-5348 (Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JD ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5347
+CVE-2008-5347 (Multiple unspecified vulnerabilities in Java Runtime Environment (JRE) ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5346
+CVE-2008-5346 (Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JD ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2008-5345
+CVE-2008-5345 (Unspecified vulnerability in Java Runtime Environment (JRE) with Sun J ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
@@ -4408,102 +4408,102 @@ CVE-2008-5345
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (bug in plugin code)
 	NOTE: For OpenJDK, see: http://mail.openjdk.java.net/pipermail/core-libs-dev/2009-June/001784.html
-CVE-2008-5344
+CVE-2008-5344 (Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in wit ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (browser plugin is different code base)
-CVE-2008-5343
+CVE-2008-5343 (Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (browser plugin is different code base)
-CVE-2008-5342
+CVE-2008-5342 (Unspecified vulnerability in the BasicService for Java Web Start (JWS) ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (browser plugin is different code base)
-CVE-2008-5341
+CVE-2008-5341 (Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in wit ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (browser plugin is different code base)
-CVE-2008-5340
+CVE-2008-5340 (Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in wit ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (browser plugin is different code base)
-CVE-2008-5339
+CVE-2008-5339 (Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in wit ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (browser plugin is different code base)
-CVE-2008-5338
+CVE-2008-5338 (Cross-site scripting (XSS) vulnerability in info.php in Bandwebsite (a ...)
 	NOT-FOR-US: Bandwebsite
-CVE-2008-5337
+CVE-2008-5337 (SQL injection vulnerability in lyrics.php in Bandwebsite (aka Bandsite ...)
 	NOT-FOR-US: Bandwebsite
-CVE-2008-5336
+CVE-2008-5336 (SQL injection vulnerability in index.php in WebStudio CMS allows remot ...)
 	NOT-FOR-US: WebStudio CMS
-CVE-2008-5335
+CVE-2008-5335 (SQL injection vulnerability in messages.php in PHP-Fusion 6.01.15 and  ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-5334
+CVE-2008-5334 (PHP remote file inclusion vulnerability in includes/common.php in Nitr ...)
 	NOT-FOR-US: NitroTech
-CVE-2008-5333
+CVE-2008-5333 (SQL injection vulnerability in members.php in NitroTech 0.0.3a allows  ...)
 	NOT-FOR-US: NitroTech
-CVE-2008-5332
+CVE-2008-5332 (Multiple PHP remote file inclusion vulnerabilities in Pie 0.5.3 allow  ...)
 	NOT-FOR-US: Pie Web M{a,e}sher
-CVE-2008-5331
+CVE-2008-5331 (Adobe Acrobat 9 uses more efficient encryption than previous versions, ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2008-5330
+CVE-2008-5330 (Multiple cross-site scripting (XSS) vulnerabilities in the web interfa ...)
 	NOT-FOR-US: ClearCase RWP IBM
-CVE-2008-5329
+CVE-2008-5329 (ClearQuest Web in IBM Rational ClearQuest MultiSite before 7.1 allows  ...)
 	NOT-FOR-US: IBM
-CVE-2008-5328
+CVE-2008-5328 (The ClearQuest Maintenance Tool in IBM Rational ClearQuest before 7 st ...)
 	NOT-FOR-US: IBM
-CVE-2008-5327
+CVE-2008-5327 (The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before 7. ...)
 	NOT-FOR-US: IBM
-CVE-2008-5326
+CVE-2008-5326 (The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 befor ...)
 	NOT-FOR-US: IBM
-CVE-2008-5325
+CVE-2008-5325 (Multiple cross-site scripting (XSS) vulnerabilities in CQ Web in IBM R ...)
 	NOT-FOR-US: IBM
-CVE-2008-5324
+CVE-2008-5324 (Multiple cross-site scripting (XSS) vulnerabilities in CQ Web in IBM R ...)
 	NOT-FOR-US: IBM
-CVE-2008-5658
+CVE-2008-5658 (Directory traversal vulnerability in the ZipArchive::extractTo functio ...)
 	{DSA-1789-1 DTSA-188-1}
 	- php5 5.2.6.dfsg.1-3 (bug #507857)
 	- php4 <removed>
-CVE-2008-5323
+CVE-2008-5323 (Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg ...)
 	NOT-FOR-US: Wysi Wiki Wyg
-CVE-2008-5322
+CVE-2008-5322 (Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information ...)
 	NOT-FOR-US: Wysi Wiki Wyg
-CVE-2008-5321
+CVE-2008-5321 (SQL injection vulnerability in index.php in GesGaleri, a module for XO ...)
 	NOT-FOR-US: XOOPS module
-CVE-2008-5320
+CVE-2008-5320 (SQL injection vulnerability in usersettings.php in e107 0.7.13 and ear ...)
 	NOT-FOR-US: e107
-CVE-2008-5319
+CVE-2008-5319 (Unspecified vulnerability in Tikiwiki before 2.2 has unknown impact an ...)
 	- tikiwiki <removed>
-CVE-2008-5318
+CVE-2008-5318 (Unspecified vulnerability in Tikiwiki before 2.2 has unknown impact an ...)
 	- tikiwiki <removed>
-CVE-2008-5317
+CVE-2008-5317 (Integer signedness error in the cmsAllocGamma function in src/cmsgamma ...)
 	{DSA-1684-1}
 	- lcms 1.17-1
 	- openjdk-6 6b16-1 (medium; bug #542210)
-CVE-2008-5316
+CVE-2008-5316 (Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in ...)
 	{DSA-1684-1}
 	- lcms 1.16-1
-CVE-2008-5315
+CVE-2008-5315 (Directory traversal vulnerability in the web interface in Apple iPhone ...)
 	NOT-FOR-US: Apple iPhone Configuration Web Utility
 CVE-2008-XXXX [Insecure tmpdir creation]
 	[lenny] - devscripts 2.10.35lenny1 (low)
@@ -4513,113 +4513,113 @@ CVE-2008-XXXX [Insecure tempfile creation]
 	- devscripts 2.10.42 (low; bug #508111)
 	[etch] - devscripts <not-affected> (vulnerable code not present)
 	[lenny] - devscripts 2.10.35lenny1 (low)
-CVE-2008-5314
+CVE-2008-5314 (Stack consumption vulnerability in libclamav/special.c in ClamAV befor ...)
 	{DSA-1680-1}
 	- clamav 0.94.dfsg.2-1 (medium; bug #507624)
-CVE-2008-5311
+CVE-2008-5311 (SQL injection vulnerability in image.php in NetArt Media Blog System 1 ...)
 	NOT-FOR-US: NetArt Media Blog System
-CVE-2008-5310
+CVE-2008-5310 (SQL injection vulnerability in image.php in NetArt Media Car Portal 2. ...)
 	NOT-FOR-US: NetArt Media Car Portal
-CVE-2008-5309
+CVE-2008-5309 (SQL injection vulnerability in NetArt Media Real Estate Portal 1.2 all ...)
 	NOT-FOR-US: NetArt Media Real Estate Portal
-CVE-2008-5308
+CVE-2008-5308 (The Simple Forum 3.1d module for LoveCMS 1.6.2 Final does not properly ...)
 	NOT-FOR-US: LoveCMS
-CVE-2008-5307
+CVE-2008-5307 (SQL injection vulnerability in admin/index.php in PG Roommate Finder S ...)
 	NOT-FOR-US: PG Roommate Finder Solution
-CVE-2008-5306
+CVE-2008-5306 (SQL injection vulnerability in admin/index.php in PG Real Estate Solut ...)
 	NOT-FOR-US: PG Real Estate Solution
-CVE-2008-5305
+CVE-2008-5305 (Eval injection vulnerability in TWiki before 4.2.4 allows remote attac ...)
 	- twiki <removed> (medium; bug #508257)
-CVE-2008-5304
+CVE-2008-5304 (Cross-site scripting (XSS) vulnerability in TWiki before 4.2.4 allows  ...)
 	- twiki <removed> (low; bug #508256)
-CVE-2008-5303
+CVE-2008-5303 (Race condition in the rmtree function in File::Path 1.08 (lib/File/Pat ...)
 	{DSA-1678-1}
 	- perl 5.10.0-18
-CVE-2008-5302
+CVE-2008-5302 (Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib ...)
 	{DSA-1678-1}
 	- perl 5.10.0-18
-CVE-2008-5301
+CVE-2008-5301 (Directory traversal vulnerability in the ManageSieve implementation in ...)
 	- dovecot 1:1.0.15-2.3 (bug #506031)
-CVE-2008-5300
+CVE-2008-5300 (Linux kernel 2.6.28 allows local users to cause a denial of service (" ...)
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-12
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-5296
+CVE-2008-5296 (Gallery 1.5.x before 1.5.10 and 1.6 before 1.6-RC3, when register_glob ...)
 	- gallery 1.5.9-1.2 (low; bug #506824)
 	[etch] - gallery <not-affected> (vulnerable code introduced in 1.5.8-svn-b34)
-CVE-2008-5295
+CVE-2008-5295 (SQL injection vulnerability in index.php in Jamit Job Board 3.4.10 all ...)
 	NOT-FOR-US: Jamit Job Board
-CVE-2008-5294
+CVE-2008-5294 (SQL injection vulnerability in index.php in WebStudio eCatalogue allow ...)
 	NOT-FOR-US: WebStudio eCatalogue
-CVE-2008-5293
+CVE-2008-5293 (SQL injection vulnerability in index.php in WebStudio eHotel allows re ...)
 	NOT-FOR-US: WebStudio eHotel
-CVE-2008-5292
+CVE-2008-5292 (SQL injection vulnerability in view_snaps.php in VideoGirls BiZ allows ...)
 	NOT-FOR-US: VideoGirls
-CVE-2008-5291
+CVE-2008-5291 (Directory traversal vulnerability in code/track.php in FuzzyLime 3.03  ...)
 	NOT-FOR-US: FuzzyLime
-CVE-2008-5290
+CVE-2008-5290 (Cross-site scripting (XSS) vulnerability in full_txt.php in Werner Hil ...)
 	NOT-FOR-US: Werner Hilversum Clean CMS
-CVE-2008-5289
+CVE-2008-5289 (SQL injection vulnerability in full_txt.php in Werner Hilversum Clean  ...)
 	NOT-FOR-US: Werner Hilversum Clean CMS
-CVE-2008-5288
+CVE-2008-5288 (PHP remote file inclusion vulnerability in include/header.php in Werne ...)
 	NOT-FOR-US: Werner Hilversum Clean CMS
-CVE-2008-5287
+CVE-2008-5287 (SQL injection vulnerability in catagorie.php in Werner Hilversum FAQ M ...)
 	NOT-FOR-US: Werner Hilversum Clean CMS
-CVE-2008-5284
+CVE-2008-5284 (The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other v ...)
 	NOT-FOR-US: IEA Software RadiusNT and RadiusX
-CVE-2008-5283
+CVE-2008-5283 (Google Hack Honeypot (GHH) File Upload Manager 1.3 allows remote attac ...)
 	NOT-FOR-US: File Upload Manager
-CVE-2008-5282
+CVE-2008-5282 (Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1  ...)
 	NOTE: neither in Etch nor Lenny, removal has been proposed
 	- amaya <removed> (bug #507587)
-CVE-2008-5281
+CVE-2008-5281 (Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows r ...)
 	NOT-FOR-US: Titan FTP Server
-CVE-2008-5280
+CVE-2008-5280 (The Local ZIM Server in Zilab Chat and Instant Messaging (ZIM) Server  ...)
 	NOT-FOR-US: Zilab Chat and Instant Messaging
-CVE-2008-5279
+CVE-2008-5279 (The Local ZIM Server (zcs.exe) in Zilab Chat and Instant Messaging (ZI ...)
 	NOT-FOR-US: Zilab Chat and Instant Messaging
-CVE-2008-5277
+CVE-2008-5277 (PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of  ...)
 	- pdns 2.9.21.2-1 (low)
 	[etch] - pdns <not-affected> (old version of HINFO parser)
-CVE-2008-5275
+CVE-2008-5275 (Multiple directory traversal vulnerabilities in the (a) "Unzip archive ...)
 	NOT-FOR-US: net2ftp
-CVE-2008-5274
+CVE-2008-5274 (Todd Woolums ASP News Management 2.2 allows remote attackers to obtain ...)
 	NOT-FOR-US: Todd Woolums ASP News Management
-CVE-2008-5273
+CVE-2008-5273 (SQL injection vulnerability in viewnews.asp in Todd Woolums ASP News M ...)
 	NOT-FOR-US: Todd Woolums ASP News Management
-CVE-2008-5272
+CVE-2008-5272 (Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCM ...)
 	NOT-FOR-US: SyndeoCMS
-CVE-2008-5271
+CVE-2008-5271 (Cross-site scripting (XSS) vulnerability in index.php in Fred Stuurman ...)
 	NOT-FOR-US: SyndeoCMS
-CVE-2008-5270
+CVE-2008-5270 (SQL injection vulnerability in view.topics.php in Yuhhu Superstar 2008 ...)
 	NOT-FOR-US: Yuhhu Superstar
-CVE-2008-5269
+CVE-2008-5269 (SQL injection vulnerability in index.php in pSys 0.7.0 alpha allows re ...)
 	NOT-FOR-US: pSys
-CVE-2008-5268
+CVE-2008-5268 (SQL injection vulnerability in content/forums/reply.asp in ASPPortal a ...)
 	NOT-FOR-US: ASPPortal
-CVE-2008-5267
+CVE-2008-5267 (SQL injection vulnerability in answer.php in Experts 1.0.0, when magic ...)
 	NOT-FOR-US: Experts
-CVE-2008-5266
+CVE-2008-5266 (Cross-site scripting (XSS) vulnerability in configuration/httpListener ...)
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2008-5265
+CVE-2008-5265 (Directory traversal vulnerability in index.php in TNT Forum 0.9.4, whe ...)
 	NOT-FOR-US: TNT Forum
-CVE-2008-5264
+CVE-2008-5264 (Cross-site scripting (XSS) vulnerability in searcher.exe in Tornado Kn ...)
 	NOT-FOR-US: Tornado Knowledge Retrieval System
-CVE-2008-5263
+CVE-2008-5263 (Multiple stack-based buffer overflows in the mt_codec::getHdrHead func ...)
 	NOT-FOR-US: ksquirrel
-CVE-2008-5262
+CVE-2008-5262 (Multiple stack-based buffer overflows in the iGetHdrHeader function in ...)
 	{DSA-1717-1 DTSA-184-1}
 	- devil 1.7.5-4 (low; bug #511844; bug #512122)
 	NOTE: fix for 1.7.5-3 incomplete, see #512122
 CVE-2008-5261
 	RESERVED
-CVE-2008-5260
+CVE-2008-5260 (Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control  ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-5259
+CVE-2008-5259 (Integer signedness error in DivX Web Player 1.4.2.7, and possibly earl ...)
 	NOT-FOR-US: DivX Web Player
 CVE-2008-5258
 	RESERVED
-CVE-2008-5257
+CVE-2008-5257 (webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-busine ...)
 	NOT-FOR-US: WebSEAL
 CVE-2008-5255
 	RESERVED
@@ -4627,464 +4627,464 @@ CVE-2008-5254
 	RESERVED
 CVE-2008-5253
 	RESERVED
-CVE-2008-5252
+CVE-2008-5252 (Cross-site request forgery (CSRF) vulnerability in the Special:Import  ...)
 	{DSA-1901-1 DTSA-186-1}
 	- mediawiki 1:1.13.3-1 (bug #508870)
 	- mediawiki1.7 <removed>
 	[etch] - mediawiki <not-affected> (metapackage)
 CVE-2008-5251
 	RESERVED
-CVE-2008-5250
+CVE-2008-5250 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.6.11, 1 ...)
 	{DSA-1901-1 DTSA-186-1}
 	- mediawiki 1:1.13.3-1 (bug #508869)
 	- mediawiki1.7 <removed>
 	[etch] - mediawiki <not-affected> (metapackage)
-CVE-2008-5249
+CVE-2008-5249 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.0 through 1 ...)
 	{DSA-1901-1 DTSA-186-1}
 	- mediawiki 1:1.13.3-1 (bug #508868)
 	- mediawiki1.7 <removed>
 	[etch] - mediawiki <not-affected> (metapackage)
-CVE-2008-5276
+CVE-2008-5276 (Integer overflow in the ReadRealIndex function in real.c in the Real d ...)
 	- vlc 0.9.8a-1 (low)
 	[etch] - vlc <not-affected> (vulnerable code not present)
 	[lenny] - vlc <not-affected> (vulnerable code not present)
-CVE-2008-7068
+CVE-2008-7068 (The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent ...)
 	{DTSA-188-1}
 	- php5 5.2.6.dfsg.1-3 (bug #507101)
 	[lenny] - php5 5.2.6.dfsg.1-1+lenny2
 	- php4 <removed>
 	NOTE: if a user has write access to a file he simply can use fopen()
-CVE-2008-5278
+CVE-2008-5278 (Cross-site scripting (XSS) vulnerability in the self_link function in  ...)
 	- wordpress 2.5.1-11 (low; bug #507193)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: introduced in 2.5
-CVE-2008-5286
+CVE-2008-5286 (Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 thro ...)
 	{DSA-1677-1}
 	- cups 1.3.8-1lenny4 (bug #507183; medium)
 CVE-2008-XXXX [geda-gnetlist: sch2eaglepos.sh has insecure temp file handling ]
 	- geda-gnetlist 1:1.4.0-3 (bug #506625; unimportant)
 	NOTE: sch2eaglepos.sh only used as example script
-CVE-2008-5248
+CVE-2008-5248 (xine-lib before 1.1.15 allows remote attackers to cause a denial of se ...)
 	- xine-lib 1.1.14-3
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
-CVE-2008-5247
+CVE-2008-5247 (The real_parse_audio_specific_data function in demux_real.c in xine-li ...)
 	- xine-lib <unfixed> (unimportant; bug #508715)
 	NOTE: a devide by 0 because of a crafted media file is hardly a security issue,
 	NOTE: the integer overflows covered by the ocert advisory in the same code snippet
 	NOTE: got an own identifier
-CVE-2008-5246
+CVE-2008-5246 (Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow r ...)
 	- xine-lib 1.1.14-3 (low; bug #507184; bug #498243)
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
-CVE-2008-5245
+CVE-2008-5245 (xine-lib before 1.1.15 performs V4L video frame preallocation before a ...)
 	- xine-lib 1.1.14-3 (low)
 	[etch] - xine-lib <not-affected> (The version from Etch doesn't yet perform pre-allocation)
-CVE-2008-5244
+CVE-2008-5244 (Unspecified vulnerability in xine-lib before 1.1.15 has unknown impact ...)
 	- xine-lib 1.1.14-3 (unimportant)
 	- faad2 2.6.1-1 (unimportant)
 	- mplayer 1.0~rc2-20 (unimportant; bug #407010)
 	NOTE: overlaps with CVE-2008-4610, same aac issue
 	NOTE: just a crasher, no security implications known so far
-CVE-2008-5243
+CVE-2008-5243 (The real_parse_headers function in demux_real.c in xine-lib 1.1.12, an ...)
 	- xine-lib 1.1.16-1 (bug #508716)
 	[lenny] - xine-lib 1.1.14-4
 	[squeeze] - xine-lib 1.1.14-4
 	NOTE: these are just invalid reads that result in segfaults, denial of service doesnt
 	NOTE: apply here as xine reading a file is no service -> application bug
-CVE-2008-5242
+CVE-2008-5242 (demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions,  ...)
 	- xine-lib 1.1.16-1 (medium; bug #507165; bug #498243)
 	[lenny] - xine-lib 1.1.14-4
 	[squeeze] - xine-lib 1.1.14-4
-CVE-2008-5241
+CVE-2008-5241 (Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 a ...)
 	- xine-lib 1.1.16-1 (low; bug #509008)
 	[lenny] - xine-lib 1.1.14-4
 	[squeeze] - xine-lib 1.1.14-4
-CVE-2008-5240
+CVE-2008-5240 (xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an u ...)
 	- xine-lib 1.1.16-2 (low; bug #509352)
 	[lenny] - xine-lib 1.1.14-5
 	[squeeze] - xine-lib 1.1.14-5
-CVE-2008-5239
+CVE-2008-5239 (xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not prope ...)
 	- xine-lib 1.1.16-2 (medium; bug #509353)
 	[lenny] - xine-lib 1.1.14-5
 	[squeeze] - xine-lib 1.1.14-5
-CVE-2008-5238
+CVE-2008-5238 (Integer overflow in the real_parse_mdpr function in demux_real.c in xi ...)
 	- xine-lib 1.1.14-3 (low)
 	NOTE: code execution shouldn't work here as if 0xff will be extended to 0xffffffff
 	NOTE: memcpy fails for copying from the complete addressable address space long before any code is executed
 	NOTE: the malloc check for type_specific_data is missing, minor issue filed as #508065
-CVE-2008-5237
+CVE-2008-5237 (Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and ea ...)
 	- xine-lib 1.1.16-1 (bug #509265; low)
 	[lenny] - xine-lib 1.1.14-4
 	[squeeze] - xine-lib 1.1.14-4
-CVE-2008-5236
+CVE-2008-5236 (Multiple heap-based buffer overflows in xine-lib 1.1.12, and other 1.1 ...)
 	- xine-lib 1.1.16-1 (bug #509521)
 	[lenny] - xine-lib 1.1.14-4
 	[squeeze] - xine-lib 1.1.14-4
-CVE-2008-5235
+CVE-2008-5235 (Heap-based buffer overflow in the demux_real_send_chunk function in sr ...)
 	- xine-lib 1.1.14-3
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
-CVE-2008-5234
+CVE-2008-5234 (Multiple heap-based buffer overflows in xine-lib 1.1.12, and other ver ...)
 	- xine-lib 1.1.16-1 (medium; bug #508313; bug #498243)
 	[lenny] - xine-lib 1.1.14-4
 	[squeeze] - xine-lib 1.1.14-4
-CVE-2008-5233
+CVE-2008-5233 (xine-lib 1.1.12, and other versions before 1.1.15, does not check for  ...)
 	- xine-lib 1.1.14-3 (low)
 	- vlc <not-affected> (affected part of xine-lib code copy not present)
-CVE-2008-5232
+CVE-2008-5232 (Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Me ...)
 	NOT-FOR-US: Microsoft Windows Media Services
-CVE-2008-5231
+CVE-2008-5231 (Stack-based buffer overflow in the ExecuteRequest method in the Novell ...)
 	NOT-FOR-US: Novell iPrint
-CVE-2008-5230
+CVE-2008-5230 (The Temporal Key Integrity Protocol (TKIP) implementation in unspecifi ...)
 	NOT-FOR-US: WPA weakness
-CVE-2008-5229
+CVE-2008-5229 (Stack-based buffer overflow in Microsoft Device IO Control in iphlpapi ...)
 	NOT-FOR-US: Microsoft Device IO Control
-CVE-2008-5228
+CVE-2008-5228 (Cross-site scripting (XSS) vulnerability in IBM Workplace Content Mana ...)
 	NOT-FOR-US: IBM Workplace Content Management
-CVE-2008-5227
+CVE-2008-5227 (Unspecified vulnerability in PHPCow allows remote attackers to execute ...)
 	NOT-FOR-US: PHPCow
-CVE-2008-5226
+CVE-2008-5226 (SQL injection vulnerability in the MambAds (com_mambads) component 1.0 ...)
 	NOT-FOR-US: com_mambads component for Mambo
-CVE-2008-5225
+CVE-2008-5225 (Multiple cross-site scripting (XSS) vulnerabilities in Xerox DocuShare ...)
 	NOT-FOR-US: Xerox DocuShare
-CVE-2008-5224
+CVE-2008-5224 (Cross-site scripting (XSS) vulnerability in Kent Web Mart 1.61 and ear ...)
 	NOT-FOR-US: Kent Web Mart
-CVE-2008-5223
+CVE-2008-5223 (SQL injection vulnerability in index.php in Airvae Commerce 3.0 allows ...)
 	NOT-FOR-US: Airvae Commerce
-CVE-2008-5222
+CVE-2008-5222 (SQL injection vulnerability in login.asp in Dvbbs 8.2.0 allows remote  ...)
 	NOT-FOR-US: Dvbbs
-CVE-2008-5221
+CVE-2008-5221 (The account_save action in admin/userinfo.php in wPortfolio 0.3 and ea ...)
 	NOT-FOR-US: wPortfolio
-CVE-2008-5220
+CVE-2008-5220 (Unrestricted file upload vulnerability in admin/upload_form.php in wPo ...)
 	NOT-FOR-US: wPortfolio
-CVE-2008-5219
+CVE-2008-5219 (The password change feature (admin/cp.php) in VideoScript 4.0.1.50 and ...)
 	NOT-FOR-US: VideoScript
-CVE-2008-5218
+CVE-2008-5218 (ScriptsEz FREEze Greetings 1.0 stores pwd.txt under the web root with  ...)
 	NOT-FOR-US: ScriptsEz FREEze Greetings
-CVE-2008-5217
+CVE-2008-5217 (Directory traversal vulnerability in index.php in txtCMS 0.3, when reg ...)
 	NOT-FOR-US: textCMS
-CVE-2008-5216
+CVE-2008-5216 (SQL injection vulnerability in category_list.php in AJ Square ZeusCart ...)
 	NOT-FOR-US: AJ Square ZeusCart
-CVE-2008-5215
+CVE-2008-5215 (SQL injection vulnerability in service/profil.php in ClanLite 2.2006.0 ...)
 	NOT-FOR-US: ClanLite
-CVE-2008-5214
+CVE-2008-5214 (Cross-site scripting (XSS) vulnerability in service/calendrier.php in  ...)
 	NOT-FOR-US: ClanLite
-CVE-2008-5213
+CVE-2008-5213 (SQL injection vulnerability in featured_article.php in AJ Article 1.0  ...)
 	NOT-FOR-US: AJ Article
-CVE-2008-5212
+CVE-2008-5212 (SQL injection vulnerability in classifide_ad.php in AJ Auction 6.2.1 a ...)
 	NOT-FOR-US: AJ Auction
-CVE-2008-5211
+CVE-2008-5211 (Cross-site scripting (XSS) vulnerability in search.php in Sphider 1.3. ...)
 	NOT-FOR-US: Sphider
-CVE-2008-5210
+CVE-2008-5210 (Multiple PHP remote file inclusion vulnerabilities in PhpBlock A8.5 al ...)
 	NOT-FOR-US: PhpBlock
-CVE-2008-5209
+CVE-2008-5209 (Directory traversal vulnerability in modules/download/get_file.php in  ...)
 	NOT-FOR-US: Admidio
-CVE-2008-5208
+CVE-2008-5208 (SQL injection vulnerability in sub_votepic.php in the Datsogallery (co ...)
 	NOT-FOR-US: Datsogallery joomla module
-CVE-2008-5207
+CVE-2008-5207 (Multiple directory traversal vulnerabilities in Jonascms 1.2 allow rem ...)
 	NOT-FOR-US: Jonascms
-CVE-2008-5206
+CVE-2008-5206 (PHP remote file inclusion vulnerability in modules/mod_mainmenu.php in ...)
 	NOT-FOR-US: MosXML
-CVE-2008-5205
+CVE-2008-5205 (Cross-site scripting (XSS) vulnerability in edit.php in wellyblog allo ...)
 	NOT-FOR-US: wellyblog
-CVE-2008-5204
+CVE-2008-5204 (Multiple directory traversal vulnerabilities in PowerAward 1.1.0 RC1,  ...)
 	NOT-FOR-US: PowerAward
-CVE-2008-5203
+CVE-2008-5203 (Cross-site scripting (XSS) vulnerability in external_vote.php in Power ...)
 	NOT-FOR-US: PowerAward
-CVE-2008-5202
+CVE-2008-5202 (Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS ...)
 	NOT-FOR-US: OTManager CMS
-CVE-2008-5201
+CVE-2008-5201 (Directory traversal vulnerability in index.php in OTManager CMS 24a al ...)
 	NOT-FOR-US: OTManager CMS
-CVE-2008-5200
+CVE-2008-5200 (SQL injection vulnerability in the Xe webtv (com_xewebtv) component fo ...)
 	NOT-FOR-US: Xe webtv
-CVE-2008-5199
+CVE-2008-5199 (PHP remote file inclusion vulnerability in include.php in PHPOutsourci ...)
 	NOT-FOR-US: PHPOutsourcing IdeaBox
-CVE-2008-5198
+CVE-2008-5198 (SQL injection vulnerability in memberlist.php in Acmlmboard 1.A2 allow ...)
 	NOT-FOR-US: Acmlmboard
-CVE-2008-5197
+CVE-2008-5197 (SQL injection vulnerability in classifieds.php in PHP-Fusion allows re ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-5196
+CVE-2008-5196 (SQL injection vulnerability in kroax.php in the Kroax (the_kroax) 4.42 ...)
 	NOT-FOR-US: Kroax
-CVE-2008-5195
+CVE-2008-5195 (Multiple SQL injection vulnerabilities in SebracCMS (sbcms) 0.4 allow  ...)
 	NOT-FOR-US: SebracCMS
-CVE-2008-5194
+CVE-2008-5194 (SQL injection vulnerability in checkavail.php in SoftVisions Software  ...)
 	NOT-FOR-US: SoftVisions Software Online Booking Manager
-CVE-2008-5193
+CVE-2008-5193 (Cross-site scripting (XSS) vulnerability in search.asp in W1L3D4 Philb ...)
 	NOT-FOR-US: W1L3D4 Philboard
-CVE-2008-5192
+CVE-2008-5192 (SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and  ...)
 	NOT-FOR-US: W1L3D4 Philboard
-CVE-2008-5191
+CVE-2008-5191 (Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote at ...)
 	NOT-FOR-US: SePortal
-CVE-2008-5190
+CVE-2008-5190 (SQL injection vulnerability in index.php in eSHOP100 allows remote att ...)
 	NOT-FOR-US: eSHOP100
-CVE-2008-5285
+CVE-2008-5285 (Wireshark 1.0.4 and earlier allows remote attackers to cause a denial  ...)
 	[lenny] - wireshark 1.0.2-3+lenny3
 	- wireshark 1.0.5-1 (low; bug #506741)
-CVE-2008-5394
+CVE-2008-5394 (/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other  ...)
 	{DSA-1709-1}
 	- shadow 1:4.1.1-6 (bug #505271)
-CVE-2008-5706
+CVE-2008-5706 (The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechani ...)
 	- verlihub <removed> (low; bug #506530)
-CVE-2008-5705
+CVE-2008-5705 (The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechani ...)
 	- verlihub <removed> (low; bug #506530)
-CVE-2008-5189
+CVE-2008-5189 (CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remo ...)
 	- rails 2.1.0-6 (low)
-CVE-2008-5188
+CVE-2008-5188 (The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and ( ...)
 	- ecryptfs-utils 66-1 (low)
 	[lenny] - ecryptfs-utils <no-dsa> (Minor issue)
-CVE-2008-5184
+CVE-2008-5184 (The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the gues ...)
 	- cups 1.3.8-1
 	[etch] - cupsys <not-affected> (cupsys doesn't crash, code base changed, guest username not submitted)
-CVE-2008-5182
+CVE-2008-5182 (The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might  ...)
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-12
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-5181
+CVE-2008-5181 (Microsoft Communicator allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Microsoft Communicator
-CVE-2008-5180
+CVE-2008-5180 (Microsoft Communicator, and Communicator in Microsoft Office 2010 beta ...)
 	NOT-FOR-US: Microsoft Communicator
-CVE-2008-5179
+CVE-2008-5179 (Unspecified vulnerability in Microsoft Office Communications Server (O ...)
 	NOT-FOR-US: Microsoft Office Communications Server
-CVE-2008-5178
+CVE-2008-5178 (Heap-based buffer overflow in Opera 9.62 on Windows allows remote atta ...)
 	NOT-FOR-US: Opera on Windows
-CVE-2008-5177
+CVE-2008-5177 (Stack-based buffer overflow in the DtbClsLogin function in Yosemite Ba ...)
 	NOT-FOR-US: Yosemite Backup
-CVE-2008-5176
+CVE-2008-5176 (Multiple buffer overflows in Client Software WinCom LPD Total 3.0.2.62 ...)
 	NOT-FOR-US: WinCom LPD
-CVE-2008-5187
+CVE-2008-5187 (The load function in the XPM loader for imlib2 1.4.2, and possibly oth ...)
 	{DSA-1672-1}
 	- imlib2 1.4.0-1.2 (bug #505714)
-CVE-2008-5625
+CVE-2008-5625 (PHP 5 before 5.2.7 does not enforce the error_log safe_mode restrictio ...)
 	- php5 <removed> (unimportant)
 	NOTE: http://securityreason.com/achievement_securityalert/57
-CVE-2008-5312
+CVE-2008-5312 (mailscanner 4.55.10 and other versions before 4.74.16-1 might allow lo ...)
 	- mailscanner 4.74.16-1 (bug #506353)
 	[etch] - mailscanner <no-dsa> (Minor issue)
 	NOTE: there is no difference apart from the versions to CVE-2008-5313
-CVE-2008-5313
+CVE-2008-5313 (mailscanner 4.68.8 and other versions before 4.74.16-1 might allow loc ...)
 	- mailscanner 4.74.16-1 (bug #506353)
 	[etch] - mailscanner <no-dsa> (Minor issue)
 	NOTE: there is no difference apart from the versions to CVE-2008-5312
-CVE-2008-5175
+CVE-2008-5175 (Directory traversal vulnerability in the FTP client in AceFTP Freeware ...)
 	NOT-FOR-US: AceFTP
-CVE-2008-5174
+CVE-2008-5174 (SQL injection vulnerability in joke.php in Jokes Complete Website 2.1. ...)
 	NOT-FOR-US: Jokes Complete Website
-CVE-2008-5173
+CVE-2008-5173 (Unspecified vulnerability in testMaker before 3.0p16 allows remote aut ...)
 	NOT-FOR-US: testMaker
-CVE-2008-5172
+CVE-2008-5172 (Multiple cross-site scripting (XSS) vulnerabilities in Yazd Forum Soft ...)
 	NOT-FOR-US: Yazd Forum Software
-CVE-2008-5171
+CVE-2008-5171 (Multiple directory traversal vulnerabilities in admin/minibb/index.php ...)
 	NOT-FOR-US: phpBLASTER CMS
-CVE-2008-5170
+CVE-2008-5170 (SQL injection vulnerability in item.php in Cheats Complete Website 1.1 ...)
 	NOT-FOR-US: Cheats Complete Website
-CVE-2008-5169
+CVE-2008-5169 (SQL injection vulnerability in drinks/drink.php in Drinks Complete Web ...)
 	NOT-FOR-US: Drinks Complete Website
-CVE-2008-5168
+CVE-2008-5168 (SQL injection vulnerability in tip.php in Tips Complete Website 1.2.0  ...)
 	NOT-FOR-US: Tips Complete Website
-CVE-2008-5167
+CVE-2008-5167 (PHP remote file inclusion vulnerability in layout/default/params.php i ...)
 	NOT-FOR-US: Orca Interactive Forum Script
-CVE-2008-5166
+CVE-2008-5166 (SQL injection vulnerability in riddle.php in Riddles Website 1.2.1 all ...)
 	NOT-FOR-US: Riddles Website
-CVE-2008-5165
+CVE-2008-5165 (Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote a ...)
 	NOT-FOR-US: eTicket
-CVE-2008-5164
+CVE-2008-5164 (Multiple cross-site scripting (XSS) vulnerabilities in The Rat CMS Pre ...)
 	NOT-FOR-US: The Rat CMS
-CVE-2008-5163
+CVE-2008-5163 (Multiple SQL injection vulnerabilities in The Rat CMS Pre-Alpha 2 allo ...)
 	NOT-FOR-US: The Rat CMS
-CVE-2008-5162
+CVE-2008-5162 (The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does  ...)
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 7.1-1
 	[lenny] - kfreebsd-7 7.0-7lenny1
-CVE-2008-5161
+CVE-2008-5161 (Error handling in the SSH protocol in (1) SSH Tectia Client and Server ...)
 	- openssh 1:5.1p1-5 (low; bug #506115)
 	[etch] - openssh <no-dsa> (Minor issue, see http://www.openssh.org/txt/cbc.adv)
-CVE-2008-5185
+CVE-2008-5185 (The highlighting functionality in geshi.php in GeSHi before 1.0.8 allo ...)
 	{DTSA-179-1}
 	- geshi 1.0.8.1-1 (medium)
-CVE-2008-5160
+CVE-2008-5160 (Unspecified vulnerability in MyServer 0.8.11 allows remote attackers t ...)
 	- msp-webserver <removed> (bug #506268)
-CVE-2008-5159
+CVE-2008-5159 (Integer overflow in the remote administration protocol processing in C ...)
 	NOT-FOR-US: WinCom LPD
-CVE-2008-5158
+CVE-2008-5158 (Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote a ...)
 	NOT-FOR-US: WinCom LPD
-CVE-2008-5157
+CVE-2008-5157 (tau 2.16.4 allows local users to overwrite arbitrary files via a symli ...)
 	- tau 2.16.4-1.3 (bug #506348)
 	[etch] - tau <no-dsa> (Minor issue)
-CVE-2008-5156
+CVE-2008-5156 (si_mkbootserver in systemimager-server 3.6.3 allows local users to ove ...)
 	- systemimager <removed> (bug #506269)
 	[etch] - systemimager <no-dsa> (Minor issue)
-CVE-2008-5155
+CVE-2008-5155 (mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitr ...)
 	- smsclient <unfixed> (unimportant; bug #498901)
-CVE-2008-5154
+CVE-2008-5154 (bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary f ...)
 	- p3nfs 5.19-1.2 (low; bug #506270)
 	[etch] - p3nfs <no-dsa> (Minor issue)
-CVE-2008-5153
+CVE-2008-5153 (spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite  ...)
 	{DSA-1724-1}
 	- moodle 1.8.2.2dfsg-4
 	[lenny] - moodle 1.8.2.dfsg-3+lenny1
 	NOTE: manual editing of file is required to run the unsafe code
-CVE-2008-5152
+CVE-2008-5152 (inmail-show in mh-book 200605 allows local users to overwrite arbitrar ...)
 	- mh-book <unfixed> (unimportant)
 	NOTE: unsafe code is in example script
-CVE-2008-5151
+CVE-2008-5151 (test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary ...)
 	- mayavi <unfixed> (unimportant)
 	NOTE: just a comment, not code
-CVE-2008-5150
+CVE-2008-5150 (sample.sh in maildirsync 1.1 allows local users to append data to arbi ...)
 	- maildirsync <unfixed> (unimportant)
 	NOTE: unsafe code is in example script
-CVE-2008-5149
+CVE-2008-5149 (fwd_check.sh in libncbi6 6.1.20080302 allows local users to overwrite  ...)
 	- ncbi-tools6 6.1.20080302-4 (unimportant)
 	NOTE: unsafe code is in example script
-CVE-2008-5148
+CVE-2008-5148 (sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite ...)
 	- geda-gnetlist <unfixed> (unimportant)
 	NOTE: unsafe code is an example script
-CVE-2008-5147
+CVE-2008-5147 (test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to ...)
 	- docvert 3.4-7 (unimportant)
 	NOTE: unsafe code is in test script with multiple hardcoded files
-CVE-2008-5146
+CVE-2008-5146 (add-accession-numbers in ctn 3.0.6 allows local users to overwrite arb ...)
 	- ctn <unfixed> (unimportant)
 	NOTE: unsafe code is in example script
-CVE-2008-5145
+CVE-2008-5145 (ltpmenu in ltp 20060918 allows local users to overwrite arbitrary file ...)
 	- ltp 20060918-3 (low; bug #506272)
 	[etch] - ltp <no-dsa> (Minor issue)
 	NOTE: this is not the same as CVE-2008-4969
-CVE-2008-5144
+CVE-2008-5144 (nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local ...)
 	- nvidia-cg-toolkit <unfixed> (unimportant)
 	NOTE: -installer can be run from postinst but unsafe code is only executed when a special option is used when manually running the installer
-CVE-2008-5143
+CVE-2008-5143 (mgt-helper in multi-gnome-terminal 1.6.2 allows local users to overwri ...)
 	[etch] - multi-gnome-terminal <no-dsa> (Symlink issue not run as root)
 	- multi-gnome-terminal <removed>
-CVE-2008-5142
+CVE-2008-5142 (sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local u ...)
 	- freebsd-sendpr <unfixed> (unimportant)
 	NOTE: code is only executed when the script to send bug reports fails
-CVE-2008-5141
+CVE-2008-5141 (flamethrower in flamethrower 0.1.8 allows local users to overwrite arb ...)
 	{DSA-1676-1}
 	- flamethrower 0.1.8-2 (low; bug #506350)
-CVE-2008-5140
+CVE-2008-5140 (trend-autoupdate.new in mailscanner 4.55.10 and other versions before  ...)
 	- mailscanner 4.57.6-1 (unimportant)
 	NOTE: script should only be used when the private Trend Micro antivirus is installed
-CVE-2008-5139
+CVE-2008-5139 (updatejail in jailer 0.4 allows local users to overwrite arbitrary fil ...)
 	{DSA-1674-1}
 	- jailer 0.4-10 (bug #410548; low)
-CVE-2008-5138
+CVE-2008-5138 (passwdehd in libpam-mount 0.43 allows local users to overwrite arbitra ...)
 	- libpam-mount 1.2+gitaa4791f-1 (low)
 	[lenny] - libpam-mount 0.44-1+lenny2
-CVE-2008-5137
+CVE-2008-5137 (tkman in tkman 2.2 allows local users to overwrite arbitrary files via ...)
 	- tkman 2.2-4 (low; bug #506496)
 	[etch] - tkman 2.2-2etch1
-CVE-2008-5136
+CVE-2008-5136 (tkusr in tkusr 0.82 allows local users to overwrite arbitrary files vi ...)
 	[etch] - tkusr <no-dsa> (Minor issue)
 	- tkusr <removed> (low)
 CVE-2008-5135
 	- os-prober <unfixed> (unimportant)
-CVE-2008-5134
+CVE-2008-5134 (Buffer overflow in the lbs_process_bss function in drivers/net/wireles ...)
 	{DSA-1681-1}
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-5133
+CVE-2008-5133 (ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, wh ...)
 	NOT-FOR-US: ipnat
-CVE-2008-5183
+CVE-2008-5183 (cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remot ...)
 	{DSA-2176-1}
 	- cups 1.3.9-13 (low; bug #506180)
 	[lenny] - cups <no-dsa> (Minor issue)
 	[etch] - cupsys <not-affected> (RSS subscription code not yet present)
-CVE-2008-5297
+CVE-2008-5297 (Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP serv ...)
 	{DSA-1686-1}
 	- no-ip 2.1.7-11 (bug #506179)
-CVE-2008-5132
+CVE-2008-5132 (SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT Porta ...)
 	NOT-FOR-US: MemHT Portal
-CVE-2008-5131
+CVE-2008-5131 (Multiple SQL injection vulnerabilities in Develop It Easy News And Art ...)
 	NOT-FOR-US: Develop It Easy News And Article System
-CVE-2008-5130
+CVE-2008-5130 (Ocean12 Calendar Manager Gold 2.04 stores sensitive information under  ...)
 	NOT-FOR-US: Ocean12 software
-CVE-2008-5129
+CVE-2008-5129 (Ocean12 Poll Manager Pro 1.00 stores sensitive information under the w ...)
 	NOT-FOR-US: Ocean12 software
-CVE-2008-5128
+CVE-2008-5128 (Ocean12 Membership Manager Pro stores sensitive information under the  ...)
 	NOT-FOR-US: Ocean12 software
-CVE-2008-5127
+CVE-2008-5127 (Ocean12 Contact Manager Pro 1.02 stores sensitive information under th ...)
 	NOT-FOR-US: Ocean12 software
-CVE-2008-5126
+CVE-2008-5126 (Cross-site scripting (XSS) vulnerability in search.php in BoutikOne CM ...)
 	NOT-FOR-US: BoutikOne
-CVE-2008-5125
+CVE-2008-5125 (admin.php in CCleague Pro 1.2 allows remote attackers to bypass authen ...)
 	NOT-FOR-US: CCleague Pro
-CVE-2008-5124
+CVE-2008-5124 (JSCAPE Secure FTP Applet 4.8.0 and earlier does not ask the user to ve ...)
 	NOT-FOR-US: JSCAPE Secure FTP Applet
-CVE-2008-5123
+CVE-2008-5123 (SQL injection vulnerability in admin.php in CCleague Pro 1.2 allows re ...)
 	NOT-FOR-US: CCleague Pro
-CVE-2008-5122
+CVE-2008-5122 (SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in Ekt ...)
 	NOT-FOR-US: Ektron CMS400.NET
-CVE-2008-5121
+CVE-2008-5121 (dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233  ...)
 	NOT-FOR-US: Citrix Deterministic Network Enhancer
-CVE-2008-5120
+CVE-2008-5120 (Stack-based buffer overflow in the Process Software MultiNet finger se ...)
 	NOT-FOR-US: MultiNet finger service
-CVE-2008-5119
+CVE-2008-5119 (Cross-site scripting (XSS) vulnerability in search.php in Scripts4Prof ...)
 	NOT-FOR-US: Scripts4Profit DXShopCart
-CVE-2008-5118
+CVE-2008-5118 (Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 all ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-5117
+CVE-2008-5117 (Open redirect vulnerability in Sun Java System Identity Manager 6.0 th ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-5116
+CVE-2008-5116 (Directory traversal vulnerability in idm/includes/helpServer.jsp in Su ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-5115
+CVE-2008-5115 (Cross-site request forgery (CSRF) vulnerability in Sun Java System Ide ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-5114
+CVE-2008-5114 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-5112
+CVE-2008-5112 (The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-5111
+CVE-2008-5111 (Unspecified vulnerability in the socket function in Sun Solaris 10 and ...)
 	NOT-FOR-US: Solaris
-CVE-2008-5109
+CVE-2008-5109 (The default configuration of Adobe Flash Media Server (FMS) 3.0 does n ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2008-5108
+CVE-2008-5108 (Unspecified vulnerability in Adobe AIR 1.1 and earlier allows context- ...)
 	NOT-FOR-US: Adobe AIR
-CVE-2008-5107
+CVE-2008-5107 (The installation process for Citrix Presentation Server 4.5 and Deskto ...)
 	NOT-FOR-US: Citrix PS
-CVE-2008-5106
+CVE-2008-5106 (Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attac ...)
 	NOT-FOR-US: KarjaSoft Sami FTP Server
-CVE-2008-5105
+CVE-2008-5105 (KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a den ...)
 	NOT-FOR-US: KarjaSoft Sami FTP Server
-CVE-2008-5104
+CVE-2008-5104 (Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual ...)
 	NOT-FOR-US: VMBuilder
-CVE-2008-5103
+CVE-2008-5103 (The (1) python-vm-builder and (2) ubuntu-vm-builder implementations in ...)
 	NOT-FOR-US: VMBuilder
-CVE-2008-5102
+CVE-2008-5102 (PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other ...)
 	- zope2.10 <unfixed> (unimportant)
 	NOTE: this only affects installations in which users have unrestricted access to the management
 	NOTE: interface. On Debian there one admin user is added for this at installation time and
 	NOTE: non-trustworthy users shouldn't have access to the interface.
 	- zope3 <not-affected> (Vulnerable code not present)
-CVE-2008-5100
+CVE-2008-5100 (The strong name (SN) implementation in Microsoft .NET Framework 2.0.50 ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2008-5099
+CVE-2008-5099 (Sun Logical Domain Manager (aka LDoms Manager or ldm) 1.0 through 1.0. ...)
 	NOT-FOR-US: Sun Logical Domain Manager
-CVE-2008-5098
+CVE-2008-5098 (Cross-site scripting (XSS) vulnerability in Sun Java System Messaging  ...)
 	NOT-FOR-US: Sun Java System Messaging Serve
-CVE-2008-5110
+CVE-2008-5110 (syslog-ng does not call chdir when it calls chroot, which might allow  ...)
 	- syslog-ng 2.0.9-4.1 (unimportant; bug #505791)
 	NOTE: no security flaw by itself, still it should be fixed
-CVE-2008-5097
+CVE-2008-5097 (SQL injection vulnerability in index.php in MyFWB 1.0 allows remote at ...)
 	NOT-FOR-US: MyFWB
-CVE-2008-5096
+CVE-2008-5096 (Unspecified vulnerability in the TYPO3 File List (file_list) extension ...)
 	NOT-FOR-US: Typo3 third party extension "file_list"
-CVE-2008-5095
+CVE-2008-5095 (Cross-site scripting (XSS) vulnerability in the Novell User Applicatio ...)
 	NOT-FOR-US: Novell User Application
-CVE-2008-5094
+CVE-2008-5094 (Heap-based buffer overflow in the NDS Service in Novell eDirectory bef ...)
 	NOT-FOR-US: eDirectory
-CVE-2008-5093
+CVE-2008-5093 (Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (H ...)
 	NOT-FOR-US: eDirectory
-CVE-2008-5092
+CVE-2008-5092 (Heap-based buffer overflows in Novell eDirectory HTTP protocol stack ( ...)
 	NOT-FOR-US: eDirectory
-CVE-2008-5091
+CVE-2008-5091 (Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before  ...)
 	NOT-FOR-US: eDirectory
-CVE-2008-5090
+CVE-2008-5090 (Electron Inc. Advanced Electron Forum before 1.0.7 allows remote attac ...)
 	NOT-FOR-US: Advanced Electron Forum
-CVE-2008-5089
+CVE-2008-5089 (Multiple insecure method vulnerabilities in the DDActiveReportsViewer2 ...)
 	NOT-FOR-US: Data Dynamics ActiveReports ActiveX control
-CVE-2008-5088
+CVE-2008-5088 (Multiple SQL injection vulnerabilities in PHPKB Knowledge Base Softwar ...)
 	NOT-FOR-US: PHPKB
-CVE-2008-5087
+CVE-2008-5087 (SQL injection vulnerability in TYPO3 Another Backend Login (wrg_anothe ...)
 	NOT-FOR-US: wrg_anotherbelogin extension for typo3
-CVE-2008-5086
+CVE-2008-5086 (Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a conn ...)
 	- libvirt 0.4.6-10
 CVE-2008-5085
 	RESERVED
@@ -5093,147 +5093,147 @@ CVE-2008-5084
 CVE-2008-5083
 	RESERVED
 	NOT-FOR-US: Red Hat JBoss Operations Network
-CVE-2008-5082
+CVE-2008-5082 (The verifyProof function in the Token Processing System (TPS) componen ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2008-5081
+CVE-2008-5081 (The originates_from_local_legacy_unicast_socket function (avahi-core/s ...)
 	{DSA-1690-1 DTSA-189-1}
 	- avahi 0.6.23-3 (bug #508700; low)
-CVE-2008-5080
+CVE-2008-5080 (awstats.pl in AWStats 6.8 and earlier does not properly remove quote c ...)
 	{DSA-1679-1}
 	- awstats 6.7.dfsg-5.1 (bug #495432; low)
-CVE-2008-5079
+CVE-2008-5079 (net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and ea ...)
 	{DSA-1787-1 DSA-1687-1}
 	- linux-2.6 2.6.26-12
 	- linux-2.6.24 <removed>
 	NOTE: http://marc.info/?l=linux-netdev&m=122841256115780&w=2
-CVE-2008-5078
+CVE-2008-5078 (Multiple buffer overflows in the (1) recognize_eps_file function (src/ ...)
 	{DSA-1670-1}
 	- enscript 1.6.4-13 (bug #506261)
-CVE-2008-5077
+CVE-2008-5077 (OpenSSL 0.9.8i and earlier does not properly check the return value fr ...)
 	{DSA-1701-1}
 	- openssl 0.9.8g-15
-CVE-2008-5075
+CVE-2008-5075 (Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka Uplo ...)
 	NOT-FOR-US: E-Uploader Pro
-CVE-2008-5074
+CVE-2008-5074 (SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 mod ...)
 	NOT-FOR-US: Freshlinks module for PHP-Fusion
-CVE-2008-5073
+CVE-2008-5073 (Heap-based buffer overflow in an ActiveX control in Novell ZENworks De ...)
 	NOT-FOR-US: Novell ZENworks ActiveX control
-CVE-2008-5072
+CVE-2008-5072 (vsfilter.dll in K-Lite Mega Codec Pack 3.5.7.0 allows remote attackers ...)
 	NOT-FOR-US: K-Lite Mega Codec Pack
-CVE-2008-5071
+CVE-2008-5071 (Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel  ...)
 	NOT-FOR-US: Yoxel
-CVE-2008-5070
+CVE-2008-5070 (SQL injection vulnerability in Pro Chat Rooms 3.0.3, when magic_quotes ...)
 	NOT-FOR-US: Pro Chat Rooms
-CVE-2008-5069
+CVE-2008-5069 (SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, whe ...)
 	NOT-FOR-US: Panuwat PromoteWeb MySQL
-CVE-2008-5068
+CVE-2008-5068 (Multiple cross-site scripting (XSS) vulnerabilities in Kmita Gallery a ...)
 	NOT-FOR-US: Kmita Gallery
-CVE-2008-5067
+CVE-2008-5067 (Cross-site scripting (XSS) vulnerability in search.php in Kmita Catalo ...)
 	NOT-FOR-US: Kmita Catalogue
-CVE-2008-5066
+CVE-2008-5066 (PHP remote file inclusion vulnerability in upload/admin/frontpage_righ ...)
 	NOT-FOR-US: Agares Media ThemeSiteScript
-CVE-2008-5065
+CVE-2008-5065 (TlGuestBook 1.2 allows remote attackers to bypass authentication and g ...)
 	NOT-FOR-US: TlGuestBook
-CVE-2008-5064
+CVE-2008-5064 (SQL injection vulnerability in liga.php in H&amp;H WebSoccer 2.80 allo ...)
 	NOT-FOR-US: H&H WebSoccer
-CVE-2008-5063
+CVE-2008-5063 (PHP remote file inclusion vulnerability in Admin/ADM_Pagina.php in OTM ...)
 	NOT-FOR-US: OTManager
-CVE-2008-5062
+CVE-2008-5062 (Directory traversal vulnerability in php/cal_pdf.php in Mini Web Calen ...)
 	NOT-FOR-US: Mini Web Calendar
-CVE-2008-5061
+CVE-2008-5061 (Cross-site scripting (XSS) vulnerability in php/cal_default.php in Min ...)
 	NOT-FOR-US: Mini Web Calendar
-CVE-2008-5060
+CVE-2008-5060 (Multiple PHP remote file inclusion vulnerabilities in ModernBill 4.4 a ...)
 	NOT-FOR-US: ModernBill
-CVE-2008-5059
+CVE-2008-5059 (Cross-site scripting (XSS) vulnerability in index.php in ModernBill 4. ...)
 	NOT-FOR-US: ModernBill
-CVE-2008-5058
+CVE-2008-5058 (SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple ...)
 	NOT-FOR-US: Pre Simple CMS
-CVE-2008-5057
+CVE-2008-5057 (SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali a ...)
 	NOT-FOR-US: Yigit Aybuga Dizi Portali
-CVE-2008-5056
+CVE-2008-5056 (Cross-site scripting (XSS) vulnerability in department_offline_context ...)
 	NOT-FOR-US: ActiveCampaign TrioLive
-CVE-2008-5055
+CVE-2008-5055 (SQL injection vulnerability in department_offline_context.php in Activ ...)
 	NOT-FOR-US: ActiveCampaign TrioLive
-CVE-2008-5054
+CVE-2008-5054 (Multiple SQL injection vulnerabilities in Develop It Easy Membership S ...)
 	NOT-FOR-US: Develop It Easy Membership System
-CVE-2008-5053
+CVE-2008-5053 (PHP remote file inclusion vulnerability in admin.rssreader.php in the  ...)
 	NOT-FOR-US: com_rssreader component for Joomla!
-CVE-2008-5052
+CVE-2008-5052 (The AppendAttributeValue function in the JavaScript engine in Mozilla  ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
-CVE-2008-5051
+CVE-2008-5051 (SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 f ...)
 	NOT-FOR-US: joomla
-CVE-2008-5049
+CVE-2008-5049 (Buffer overflow in AKEProtect.sys 3.3.3.0 in ISecSoft Anti-Keylogger E ...)
 	NOT-FOR-US: ISecSoft Anti-Keylogger
-CVE-2008-5048
+CVE-2008-5048 (Buffer overflow in Atepmon.sys in ISecSoft Anti-Trojan Elite 4.2.1 and ...)
 	NOT-FOR-US: ISecSoft Anti-Trojan
-CVE-2008-5047
+CVE-2008-5047 (SQL injection vulnerability in admin/index.php in Mole Group Rental Sc ...)
 	NOT-FOR-US: Mole Group Rental Script
-CVE-2008-5046
+CVE-2008-5046 (SQL injection vulnerability in index.php in Mole Group Pizza Script al ...)
 	NOT-FOR-US: Mole Group Pizza Script
-CVE-2008-5045
+CVE-2008-5045 (Heap-based buffer overflow in Network-Client FTP Now 2.6, and possibly ...)
 	NOT-FOR-US: Network-Client FTP Now
-CVE-2008-5044
+CVE-2008-5044 (Race condition in Microsoft Windows Server 2003 and Vista allows local ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-5043
+CVE-2008-5043 (Multiple cross-site scripting (XSS) vulnerabilities in the web-based i ...)
 	NOT-FOR-US: IBM Metrica Service Assurance Framework
-CVE-2008-5042
+CVE-2008-5042 (Zeeways PhotoVideoTube 1.1 and earlier allows remote attackers to bypa ...)
 	NOT-FOR-US: Zeeways PhotoVideoTube
-CVE-2008-5041
+CVE-2008-5041 (Sweex RO002 Router with firmware Ts03-072 has "rdc123" as its default  ...)
 	NOT-FOR-US: Sweex RO002 Router
-CVE-2008-5040
+CVE-2008-5040 (Graphiks MyForum 1.3 allows remote attackers to bypass authentication  ...)
 	NOT-FOR-US: Graphiks MyForum
-CVE-2008-5039
+CVE-2008-5039 (Cross-site scripting (XSS) vulnerability in the League module for PHP- ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-5038
+CVE-2008-5038 (Use-after-free vulnerability in the NetWare Core Protocol (NCP) featur ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-5037
+CVE-2008-5037 (SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 ...)
 	NOT-FOR-US: ElkaGroup Image Gallery
 CVE-2008-XXXX [typo3: passwords are not changeable bug in the backend]
 	- typo3-src 4.2.3-1 (bug #505326)
 	[etch] - typo3-src <not-affected> (Typo3 versions below 4.2.x are not affected)
-CVE-2008-5919
+CVE-2008-5919 (Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier ...)
 	- websvn 2.0-4 (bug #503330)
 	[etch] - websvn <not-affected> (vulnerable code not present)
-CVE-2008-5918
+CVE-2008-5918 (Cross-site scripting (XSS) vulnerability in the getParameterisedSelfUr ...)
 	- websvn 2.0-4 (bug #503330)
 	[etch] - websvn <not-affected> (vulnerable code not present)
-CVE-2008-5033
+CVE-2008-5033 (The chip_command function in drivers/media/video/tvaudio.c in the Linu ...)
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 <not-affected> (Vulnerable code not present; different ioctls3B)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present; different ioctls)
-CVE-2008-5031
+CVE-2008-5031 (Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, all ...)
 	- python2.5 2.5.2-11.1
 	[etch] - python2.5 <no-dsa> (Minor issue)
 	[etch] - python2.4 <no-dsa> (Minor issue)
 	- python2.4 2.4.5-6 (low; bug #507317; bug #504620)
 	NOTE: definitely fixed in 2.5.2-11.1 for lenny/unstable (svn-updates.dpatch)
 	NOTE: maybe fixed earlier, doko is not able to tell the exact version atm
-CVE-2008-5030
+CVE-2008-5030 (Heap-based buffer overflow in the cddb_read_disc_data function in cddb ...)
 	{DSA-1665-1}
 	- libcdaudio 0.99.12p2-7 (bug #505478)
-CVE-2008-5024
+CVE-2008-5024 (Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunder ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
-CVE-2008-5023
+CVE-2008-5023 (Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1 ...)
 	{DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- iceape 1.1.13-1
 	[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2008-5022
+CVE-2008-5022 (The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x befor ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- xulrunner 1.9.0.4-1
 	- iceweasel 3.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
-CVE-2008-5021
+CVE-2008-5021 (nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.1 ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
@@ -5241,25 +5241,25 @@ CVE-2008-5021
 	- iceape 1.1.13-1
 CVE-2008-5020
 	REJECTED
-CVE-2008-5019
+CVE-2008-5019 (The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2. ...)
 	{DSA-1671-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: patch for xulrunner currently not suitable, Alexander will check this further
-CVE-2008-5018
+CVE-2008-5018 (The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
-CVE-2008-5017
+CVE-2008-5017 (Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Moz ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
-CVE-2008-5016
+CVE-2008-5016 (The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x ...)
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
@@ -5268,95 +5268,95 @@ CVE-2008-5016
 	[etch] - xulrunner <not-affected> (Doesn't affect Firefox 2.x et al)
 	[etch] - iceape <not-affected> (Doesn't affect Firefox 2.x et al)
 	[etch] - icedove <not-affected> (Doesn't affect Firefox 2.x et al)
-CVE-2008-5015
+CVE-2008-5015 (Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file:  ...)
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	[etch] - iceweasel <not-affected> (Doesn't affect Firefox 2.x)
 	[etch] - xulrunner <not-affected> (Doesn't affect Firefox 2.x)
-CVE-2008-5014
+CVE-2008-5014 (jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0 ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
-CVE-2008-5013
+CVE-2008-5013 (Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do ...)
 	{DSA-1697-1 DSA-1671-1 DSA-1669-1}
 	- iceape 1.1.13-1
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
-CVE-2008-5012
+CVE-2008-5012 (Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18,  ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceape 1.1.13-1
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.19-1
-CVE-2008-5010
+CVE-2008-5010 (in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and O ...)
 	NOT-FOR-US: in.dhcpd
-CVE-2008-5101
+CVE-2008-5101 (Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows user ...)
 	- optipng 0.6.1.1-1 (bug #505399)
 	[etch] - optipng <not-affected> (Vulnerable code not present referring to upstream)
-CVE-2008-5035
+CVE-2008-5035 (The Resource Monitoring and Control (RMC) daemon in IBM Hardware Manag ...)
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2008-5026
+CVE-2008-5026 (Microsoft SharePoint uses URLs with the same hostname and port number  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-5011
+CVE-2008-5011 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quick ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-5009
+CVE-2008-5009 (Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, w ...)
 	NOT-FOR-US: Sun Solstice X.25
-CVE-2008-5025
+CVE-2008-5025 (Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hf ...)
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-5029
+CVE-2008-5029 (The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.2 ...)
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-5008
+CVE-2008-5008 (Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or li ...)
 	- libsamplerate 0.1.4-1 (low)
 	[etch] - libsamplerate <no-dsa> (Minor issue)
-CVE-2008-5006
+CVE-2008-5006 (smtp.c in the c-client library in University of Washington IMAP Toolki ...)
 	{DSA-1685-1 DTSA-174-1 DTSA-174-2}
 	- uw-imap 7:2007d~dfsg-1
-CVE-2008-5005
+CVE-2008-5005 (Multiple stack-based buffer overflows in (1) University of Washington  ...)
 	{DSA-1685-1 DTSA-174-1 DTSA-174-2}
 	[lenny] - uw-imap 2007b~dfsg-4+lenny1
 	- uw-imap 7:2007d~dfsg-1
 	- alpine <not-affected> (vulnerable code present but tmail/dmail wont be installed)
-CVE-2008-5004
+CVE-2008-5004 (SQL injection vulnerability in genscode.php in myWebland Bloggie Lite  ...)
 	NOT-FOR-US: myWebland Bloggie Lite
-CVE-2008-5003
+CVE-2008-5003 (SQL injection vulnerability in ndetail.php in Shahrood allows remote a ...)
 	NOT-FOR-US: Shahrood
-CVE-2008-5002
+CVE-2008-5002 (Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 Act ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-5001
+CVE-2008-5001 (Multiple stack-based buffer overflows in multiple functions in vncview ...)
 	NOT-FOR-US: UltraVNC
-CVE-2008-5000
+CVE-2008-5000 (SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5 ...)
 	NOT-FOR-US: PHPX
-CVE-2008-4999
+CVE-2008-4999 (Nortel Networks UNIStim IP Phone 0604DAS allows remote attackers to ca ...)
 	NOT-FOR-US: Nortel Networks UNIStim IP Phone
 CVE-2008-4997
 	- pilot-qof <unfixed> (unimportant; bug #496429)
 CVE-2008-4996
 	- initramfs-tools <unfixed> (unimportant; bug #496386)
-CVE-2008-4992
+CVE-2008-4992 (The SPARC hypervisor in Sun System Firmware 6.6.3 through 6.6.5 and 7. ...)
 	NOT-FOR-US: Sun System Firmware
-CVE-2008-5050
+CVE-2008-5050 (Off-by-one error in the get_unicode_name function (libclamav/vba_extra ...)
 	{DSA-1680-1}
 	- clamav 0.94.dfsg.1-1 (bug #505134)
-CVE-2008-4991
+CVE-2008-4991 (SQL injection vulnerability in LOCKON CO.,LTD. EC-CUBE 2.3.0 and earli ...)
 	NOT-FOR-US: LOCKON CO.,LTD. EC-CUBE
 CVE-2008-XXXX [yzis insecure temp file]
 	- yzis 1.0~alpha1-2 (bug #504680)
-CVE-2008-5113
+CVE-2008-5113 (WordPress 2.6.3 relies on the REQUEST superglobal array in certain dan ...)
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.5.1-10 (bug #504771)
-CVE-2008-4990
+CVE-2008-4990 (Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2 ...)
 	NOT-FOR-US: Enomalism
-CVE-2008-4989
+CVE-2008-4989 (The _gnutls_x509_verify_certificate function in lib/x509/verify.c in l ...)
 	{DSA-1719-1}
 	- gnutls26 2.4.2-3 (bug #505360)
 	- gnutls13 <removed>
-CVE-2008-4963
+CVE-2008-4963 (Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implemen ...)
 	NOT-FOR-US: Cisco IOS and CatOS
 CVE-2008-4962
 	RESERVED
@@ -5365,144 +5365,144 @@ CVE-2008-4961
 CVE-2008-4953
 	- firehol <unfixed> (unimportant; bug #496424)
 	NOTE: attack unfeasible because of $$-${RANDOM}-${RANDOM}
-CVE-2008-4950
+CVE-2008-4950 (** DISPUTED ** gccross in dpkg-cross 2.3.0 allows local users to overw ...)
 	- dpkg-cross <unfixed> (unimportant; bug #496413)
 	NOTE: executed under a chroot when a package failed to cross-build
-CVE-2008-4938
+CVE-2008-4938 (aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary ...)
 	- aegis 4.24-3.1 (low; bug #496400)
 	[etch] - aegis <no-dsa> (Minor issue)
-CVE-2008-4934
+CVE-2008-4934 (The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linu ...)
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-4933
+CVE-2008-4933 (Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog ...)
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-4932
+CVE-2008-4932 (webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 allo ...)
 	NOT-FOR-US: U-Mail Webmail server
 CVE-2008-XXXX [universalindentgui insecure usage of temp files]
 	- universalindentgui 0.8.1-1.2 (low; bug #504726)
-CVE-2008-5032
+CVE-2008-5032 (Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through ...)
 	{DSA-1819-1 DTSA-176-1}
 	- vlc 0.8.6.h-5 (medium; bug #504639)
-CVE-2008-5036
+CVE-2008-5036 (Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before  ...)
 	- vlc 1.0.3-1 (low)
 	[etch] - vlc <not-affected> (Vulnerable code not present in 0.8.x)
 	[lenny] - vlc <not-affected> (Vulnerable code not present in 0.8.x)
-CVE-2008-4931
+CVE-2008-4931 (Cross-site scripting (XSS) vulnerability in the account module in firm ...)
 	NOT-FOR-US: firmCHANNEL Digital Signage
-CVE-2008-4930
+CVE-2008-4930 (MyBB (aka MyBulletinBoard) 1.4.2 does not properly handle an uploaded  ...)
 	NOT-FOR-US: MyBB
-CVE-2008-4929
+CVE-2008-4929 (MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to compo ...)
 	NOT-FOR-US: MyBB
-CVE-2008-4928
+CVE-2008-4928 (Cross-site scripting (XSS) vulnerability in the redirect function in f ...)
 	NOT-FOR-US: MyBB
-CVE-2008-4927
+CVE-2008-4927 (Microsoft Windows Media Player (WMP) 9.0 through 11 allows user-assist ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2008-4926
+CVE-2008-4926 (Multiple insecure method vulnerabilities in MW6 Technologies PDF417 Ac ...)
 	NOT-FOR-US: MW6 Technologies PDF417 ActiveX
-CVE-2008-4925
+CVE-2008-4925 (Multiple insecure method vulnerabilities in MW6 Technologies DataMatri ...)
 	NOT-FOR-US: MW6 Technologies DataMatrix ActiveX
-CVE-2008-4924
+CVE-2008-4924 (Multiple insecure method vulnerabilities in MW6 Technologies 1D Barcod ...)
 	NOT-FOR-US: MW6 Technologies 1D Barcode ActiveX
-CVE-2008-4923
+CVE-2008-4923 (Multiple insecure method vulnerabilities in MW6 Technologies Aztec Act ...)
 	NOT-FOR-US: MW6 Technologies Aztec ActiveX
-CVE-2008-4922
+CVE-2008-4922 (Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office ( ...)
 	NOT-FOR-US: DjVu ActiveX
-CVE-2008-4921
+CVE-2008-4921 (board/admin/reguser.php in Chipmunk CMS 1.3 allows remote attackers to ...)
 	NOT-FOR-US: Chipmunk CMS
 CVE-2008-4920
 	REJECTED
-CVE-2008-4919
+CVE-2008-4919 (Insecure method vulnerability in VISAGESOFT eXPert PDF Viewer X Active ...)
 	NOT-FOR-US: eXPert PDF Viewer X ActiveX
-CVE-2008-4918
+CVE-2008-4918 (Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced ...)
 	NOT-FOR-US: SonicOS Enhanced
-CVE-2008-5027
+CVE-2008-5027 (The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor befo ...)
 	- nagios3 <removed> (unimportant)
 	NOTE: the nagios process shouldnt have rights to execute important commands and non-trusted
 	NOTE: users shouldn't have access to nagios anyway
-CVE-2008-5028
+CVE-2008-5028 (Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagi ...)
 	- nagios3 3.0.6-1 (low; bug #504894)
 	[etch] - nagios2 <no-dsa> (CSRF can only cause DoS and needs admin's browser)
-CVE-2008-4917
+CVE-2008-4917 (Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and ...)
 	NOT-FOR-US: VMware Workstation
-CVE-2008-4916
+CVE-2008-4916 (Unspecified vulnerability in a guest virtual device driver in VMware W ...)
 	NOT-FOR-US: VMWare
-CVE-2008-4915
+CVE-2008-4915 (The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and ...)
 	NOT-FOR-US: VMware Workstation
-CVE-2008-4914
+CVE-2008-4914 (Unspecified vulnerability in VMware ESXi 3.5 before ESXe350-200901401- ...)
 	NOT-FOR-US: VMware
-CVE-2008-4913
+CVE-2008-4913 (Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and ea ...)
 	NOT-FOR-US: LokiCMS
-CVE-2008-4912
+CVE-2008-4912 (SQL injection vulnerability in popup_img.php in the fotogalerie module ...)
 	NOT-FOR-US: RS MAXSOFT
-CVE-2008-4911
+CVE-2008-4911 (PHP remote file inclusion vulnerability in read.php in Chattaitaliano  ...)
 	NOT-FOR-US: Chattaitaliano Istant-Replay
-CVE-2008-4910
+CVE-2008-4910 (The BasicService in Sun Java Web Start allows remote attackers to exec ...)
 	NOT-FOR-US: Sun Java Web Start
-CVE-2008-4909
+CVE-2008-4909 (Cross-site request forgery (CSRF) vulnerability in CompactCMS 1.1 and  ...)
 	NOT-FOR-US: CompactCMS
-CVE-2008-4908
+CVE-2008-4908 (maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local u ...)
 	- crossfire-maps 1.11.0-2 (low; bug #496358; bug #504561)
 	[etch] - crossfire-maps <no-dsa> (Minor issue)
-CVE-2008-4906
+CVE-2008-4906 (SQL injection vulnerability in lyrics_song.php in the Lyrics (lyrics_m ...)
 	NOT-FOR-US: Lyrics (lyrics_menu) plugin for e107
-CVE-2008-4905
+CVE-2008-4905 (Typo 5.1.3 and earlier uses a hard-coded salt for calculating password ...)
 	- typo <itp> (bug #379399)
-CVE-2008-4904
+CVE-2008-4904 (SQL injection vulnerability in the "Manage pages" feature (admin/pages ...)
 	- typo <itp> (bug #379399)
-CVE-2008-4903
+CVE-2008-4903 (Cross-site scripting (XSS) vulnerability in the leave comment (feedbac ...)
 	- typo <itp> (bug #379399)
-CVE-2008-4902
+CVE-2008-4902 (SQL injection vulnerability in contact_author.php in Article Publisher ...)
 	NOT-FOR-US: Article Publisher
-CVE-2008-4901
+CVE-2008-4901 (SQL injection vulnerability in admin/admin.php in Article Publisher Pr ...)
 	NOT-FOR-US: Article Publisher
-CVE-2008-4900
+CVE-2008-4900 (SQL injection vulnerability in tr.php in YourFreeWorld Classifieds Bla ...)
 	NOT-FOR-US: YourFreeWorld Classifieds
-CVE-2008-4899
+CVE-2008-4899 (Cross-site request forgery (CSRF) vulnerability in Planetluc RateMe 1. ...)
 	NOT-FOR-US: Planetluc RateMe
-CVE-2008-4898
+CVE-2008-4898 (Cross-site scripting (XSS) vulnerability in planetluc RateMe 1.3.3 all ...)
 	NOT-FOR-US: Planetluc RateMe
-CVE-2008-4897
+CVE-2008-4897 (SQL injection vulnerability in fichiers/add_url.php in Logz podcast CM ...)
 	NOT-FOR-US: Logz podcast CMS
-CVE-2008-4896
+CVE-2008-4896 (Cross-site scripting (XSS) vulnerability in fichiers/add_url.php in Lo ...)
 	NOT-FOR-US: Logz CMS
-CVE-2008-4895
+CVE-2008-4895 (SQL injection vulnerability in tr.php in YourFreeWorld Downline Builde ...)
 	NOT-FOR-US: YourFreeWorld Downline
-CVE-2008-4894
+CVE-2008-4894 (Directory traversal vulnerability in templates/mytribiqsite/tribal-GPL ...)
 	NOT-FOR-US: Tribiq CMS
-CVE-2008-4893
+CVE-2008-4893 (Cross-site scripting (XSS) vulnerability in templates/mytribiqsite/tri ...)
 	NOT-FOR-US: Tribiq CMS
-CVE-2008-4892
+CVE-2008-4892 (Cross-site scripting (XSS) vulnerability in gallery.inc.php in Planetl ...)
 	NOT-FOR-US: Planetluc MyGallery
-CVE-2008-4891
+CVE-2008-4891 (Cross-site scripting (XSS) vulnerability in signme.inc.php in Planetlu ...)
 	NOT-FOR-US: SignMe
-CVE-2008-4890
+CVE-2008-4890 (SQL injection vulnerability in products.php in 1st News 4 Professional ...)
 	NOT-FOR-US: 1st News 4 Professional
-CVE-2008-4889
+CVE-2008-4889 (SQL injection vulnerability in index.php in deV!L'z Clanportal (DZCP)  ...)
 	NOT-FOR-US: deV!L'z Clanportal
-CVE-2008-4888
+CVE-2008-4888 (Cross-site scripting (XSS) vulnerability in error.php in NetRisk 2.0 a ...)
 	NOT-FOR-US: NetRisk 2.0
-CVE-2008-4887
+CVE-2008-4887 (SQL injection vulnerability in index.php in NetRisk 2.0 and earlier al ...)
 	NOT-FOR-US: NetRisk 2.0
-CVE-2008-4886
+CVE-2008-4886 (SQL injection vulnerability in index.php in YourFreeWorld Shopping Car ...)
 	NOT-FOR-US: YourFreeWorld Shopping
-CVE-2008-4885
+CVE-2008-4885 (SQL injection vulnerability in tr1.php in YourFreeWorld Scrolling Text ...)
 	NOT-FOR-US: YourFreeWorld Scrolling Text
-CVE-2008-4884
+CVE-2008-4884 (SQL injection vulnerability in tr.php in YourFreeWorld Classifieds Hos ...)
 	NOT-FOR-US: YourFreeWorld Classifieds
-CVE-2008-4883
+CVE-2008-4883 (SQL injection vulnerability in tr.php in YourFreeWorld Blog Blaster Sc ...)
 	NOT-FOR-US: YourFreeWorld Blog Blaster
-CVE-2008-4882
+CVE-2008-4882 (SQL injection vulnerability in tr.php in YourFreeWorld Autoresponder H ...)
 	NOT-FOR-US: YourFreeWorld Autoresponder
-CVE-2008-4881
+CVE-2008-4881 (SQL injection vulnerability in tr.php in YourFreeWorld Reminder Servic ...)
 	NOT-FOR-US: YourFreeWorld Reminder
-CVE-2008-4880
+CVE-2008-4880 (SQL injection vulnerability in prodshow.php in Maran PHP Shop allows r ...)
 	NOT-FOR-US: Maran PHP Shop
-CVE-2008-4879
+CVE-2008-4879 (SQL injection vulnerability in prod.php in Maran PHP Shop allows remot ...)
 	NOT-FOR-US: Maran PHP Shop
-CVE-2008-4907
+CVE-2008-4907 (The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the ...)
 	- dovecot 1:1.1.7-1 (low)
 	[etch] - dovecot <not-affected> (Vulnerable code not present prior to 1.1.4)
 	[lenny] - dovecot <not-affected> (Vulnerable code not present prior to 1.1.4)
@@ -5517,33 +5517,33 @@ CVE-2008-5186
 	NOTE: pgfouine too does not override default language files path
 CVE-2008-6432
 	REJECTED
-CVE-2008-4878
+CVE-2008-4878 (Unrestricted file upload vulnerability in the "Add Image Macro" featur ...)
 	NOT-FOR-US: WebCards
-CVE-2008-4877
+CVE-2008-4877 (SQL injection vulnerability in admin.php in WebCards 1.3, when magic_q ...)
 	NOT-FOR-US: WebCards
-CVE-2008-4876
+CVE-2008-4876 (Cross-site scripting (XSS) vulnerability in the web server component i ...)
 	NOT-FOR-US: Philips Electronics VOIP841 DECT Phone
-CVE-2008-4875
+CVE-2008-4875 (Directory traversal vulnerability in the web server in Philips Electro ...)
 	NOT-FOR-US: Philips Electronics VOIP841 DECT Phone
-CVE-2008-4874
+CVE-2008-4874 (The web component in Philips Electronics VOIP841 DECT Phone with firmw ...)
 	NOT-FOR-US: Philips Electronics VOIP841 DECT Phone
-CVE-2008-4873
+CVE-2008-4873 (board.cgi in Sepal SPBOARD 4.5 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Sepal SPBOARD
-CVE-2008-4872
+CVE-2008-4872 (Cross-site scripting (XSS) vulnerability in bidhistory.php in iTechBid ...)
 	NOT-FOR-US: iTechBids Gold
-CVE-2008-4871
+CVE-2008-4871 (Cross-site scripting (XSS) vulnerability in My Little Forum 1.75 and 2 ...)
 	NOT-FOR-US: My Little Forum
-CVE-2008-4870
+CVE-2008-4870 (dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedor ...)
 	- dovecot <unfixed> (unimportant)
 	NOTE: by default this file doesnt containt sensitive information and administrator
 	NOTE: changing this should ensure on its own that the mode is secure
-CVE-2008-4869
+CVE-2008-4869 (FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers t ...)
 	- ffmpeg-debian 0.svn20080206-15 (unimportant; bug #504977)
 	NOTE: A regular bug, but hardly a security issue
 	- kino 1.0.0-1
 	[etch] - kino <not-affected> (Does not ship ffmpeg)
 	- gstreamer0.10-ffmpeg 0.10.3-2
-CVE-2008-4868
+CVE-2008-4868 (Unspecified vulnerability in the avcodec_close function in libavcodec/ ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- ffmpeg-debian <not-affected> (Vulnerable code not present)
 	[etch] - ffmpeg <not-affected> (Vulnerable code not present)
@@ -5553,7 +5553,7 @@ CVE-2008-4868
 	[etch] - kino <not-affected> (Does not ship ffmpeg)
 	- gstreamer0.10-ffmpeg 0.10.3-2
 	[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2008-4867
+CVE-2008-4867 (Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as  ...)
 	- ffmpeg 0.svn20080206-14
 	- ffmpeg-debian 0.svn20080206-14 (bug #504977)
 	[etch] - ffmpeg <not-affected> (Vulnerable code not present)
@@ -5563,7 +5563,7 @@ CVE-2008-4867
 	[etch] - kino <not-affected> (Does not ship ffmpeg)
 	- gstreamer0.10-ffmpeg 0.10.3-2
 	[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2008-4866
+CVE-2008-4866 (Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 befor ...)
 	{DSA-1782-1}
 	- ffmpeg 0.svn20080206-14
 	- ffmpeg-debian 0.svn20080206-14 (bug #504977)
@@ -5573,15 +5573,15 @@ CVE-2008-4866
 	[etch] - kino <not-affected> (Does not ship ffmpeg)
 	- gstreamer0.10-ffmpeg 0.10.3-2
 	[etch] - gstreamer0.10-ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2008-4865
+CVE-2008-4865 (Untrusted search path vulnerability in valgrind before 3.4.0 allows lo ...)
 	- valgrind 1:3.3.1-3 (unimportant; bug #507312)
 	NOTE: That's hardly an issue
-CVE-2008-4864
+CVE-2008-4864 (Multiple integer overflows in imageop.c in the imageop module in Pytho ...)
 	- python2.5 2.5.2-12 (low; bug #504619)
 	[etch] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 2.4.5-6 (low; bug #504620)
 	[etch] - python2.4 <no-dsa> (Minor issue)
-CVE-2008-4863
+CVE-2008-4863 (Untrusted search path vulnerability in BPY_interface in Blender 2.46 a ...)
 	- blender 2.46+dfsg-5 (bug #503632; low)
 	[etch] - blender 2.42a-8
 	NOTE: minor issue fixed in etch r6 point update
@@ -5621,13 +5621,13 @@ CVE-2008-4846
 	REJECTED
 CVE-2008-4845
 	REJECTED
-CVE-2008-4844
+CVE-2008-4844 (Use-after-free vulnerability in the CRecordInstance::TransferToDestina ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-4843
 	REJECTED
 CVE-2008-4842
 	REJECTED
-CVE-2008-4841
+CVE-2008-4841 (The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-4840
 	REJECTED
@@ -5635,60 +5635,60 @@ CVE-2008-4839
 	REJECTED
 CVE-2008-4838
 	REJECTED
-CVE-2008-4837
+CVE-2008-4837 (Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP ...)
 	NOT-FOR-US: Microsoft Office Word
 CVE-2008-4836
 	REJECTED
-CVE-2008-4835
+CVE-2008-4835 (SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP ...)
 	NOT-FOR-US: Windows
-CVE-2008-4834
+CVE-2008-4834 (Buffer overflow in SMB in the Server service in Microsoft Windows 2000 ...)
 	NOT-FOR-US: Windows
 CVE-2008-4833
 	REJECTED
-CVE-2008-4832
+CVE-2008-4832 (rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows lo ...)
 	NOT-FOR-US: rPath
-CVE-2008-4831
+CVE-2008-4831 (Unspecified vulnerability in Adobe ColdFusion 8 and 8.0.1 and ColdFusi ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2008-4830
+CVE-2008-4830 (Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI ...)
 	NOT-FOR-US: KWEdit ActiveX control
-CVE-2008-4829
+CVE-2008-4829 (Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow r ...)
 	{DSA-1683-1}
 	- streamripper 1.63.5-2 (bug #506377)
-CVE-2008-4828
+CVE-2008-4828 (Multiple stack-based buffer overflows in dsmagent.exe in the Remote Ag ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2008-4827
+CVE-2008-4827 (Multiple heap-based buffer overflows in the AddTab method in the (1) T ...)
 	NOT-FOR-US: ComponentOne SizerOne
 CVE-2008-4826
 	REJECTED
-CVE-2008-4825
+CVE-2008-4825 (Multiple buffer overflows in UltraISO 9.3.1.2633, and possibly other v ...)
 	NOT-FOR-US: UltraISO
-CVE-2008-4824
+CVE-2008-4824 (Multiple unspecified vulnerabilities in Adobe Flash Player 10.x before ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4823
+CVE-2008-4823 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player 9.0.124 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4822
+CVE-2008-4822 (Adobe Flash Player 9.0.124.0 and earlier does not properly interpret p ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4821
+CVE-2008-4821 (Adobe Flash Player 9.0.124.0 and earlier, when a Mozilla browser is us ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4820
+CVE-2008-4820 (Unspecified vulnerability in the Flash Player ActiveX control in Adobe ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4819
+CVE-2008-4819 (Unspecified vulnerability in Adobe Flash Player 9.0.124.0 and earlier  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4818
+CVE-2008-4818 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player 9.0.124 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4817
+CVE-2008-4817 (The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 an ...)
 	NOT-FOR-US: Adobe Acrobat
-CVE-2008-4816
+CVE-2008-4816 (Unspecified vulnerability in the Download Manager in Adobe Reader 8.1. ...)
 	NOT-FOR-US: Adobe Reader on Windows
-CVE-2008-4815
+CVE-2008-4815 (Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2  ...)
 	NOT-FOR-US: Adobe Acrobat
-CVE-2008-4814
+CVE-2008-4814 (Unspecified vulnerability in a JavaScript method in Adobe Reader and A ...)
 	NOT-FOR-US: Adobe Acrobat
-CVE-2008-4813
+CVE-2008-4813 (Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allow re ...)
 	NOT-FOR-US: Adobe Acrobat
-CVE-2008-4812
+CVE-2008-4812 (Array index error in Adobe Reader and Acrobat, and the Explorer extens ...)
 	NOT-FOR-US: Adobe Reader Explorer extension
-CVE-2008-4811
+CVE-2008-4811 (The _expand_quoted_text function in libs/Smarty_Compiler.class.php in  ...)
 	{DSA-1691-1}
 	- smarty 2.6.26-0.1 (bug #504328)
 	[lenny] - smarty <no-dsa> (Minor issue, fix will change behaviour)
@@ -5696,46 +5696,46 @@ CVE-2008-4811
 	- moodle 1.8.2-2 (bug #504345)
 	- gallery2 2.2.5-2
 	NOTE: This attack vector is *not* fixed in r2797
-CVE-2008-4810
+CVE-2008-4810 (The _expand_quoted_text function in libs/Smarty_Compiler.class.php in  ...)
 	{DSA-1919-1 DSA-1691-1}
 	- smarty 2.6.26-0.1 (bug #504328)
 	- moodle 1.8.2-2 (bug #504345)
 	- gallery2 2.2.5-2
 	NOTE: This attack vector is fixed in r2797
-CVE-2008-4809
+CVE-2008-4809 (Multiple unspecified vulnerabilities in the Profiles search pages in I ...)
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2008-4808
+CVE-2008-4808 (IBM Lotus Connections 2.x before 2.0.1 allows attackers to discover pa ...)
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2008-4807
+CVE-2008-4807 (IBM Lotus Connections 2.x before 2.0.1 stores the password for the adm ...)
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2008-4806
+CVE-2008-4806 (Multiple SQL injection vulnerabilities in IBM Lotus Connections 2.x be ...)
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2008-4805
+CVE-2008-4805 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Conne ...)
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2008-4804
+CVE-2008-4804 (SQL injection vulnerability in the Gallery module 1.3 for PHP-Nuke all ...)
 	NOT-FOR-US: NFU Gallery module 1.3 for PHP-Nuke
-CVE-2008-4803
+CVE-2008-4803 (Cross-site scripting (XSS) vulnerability in index.php in Simple PHP Sc ...)
 	NOT-FOR-US: Simple PHP Scripts gallery
-CVE-2008-4802
+CVE-2008-4802 (Cross-site scripting (XSS) vulnerability in complete.php in Simple PHP ...)
 	NOT-FOR-US: Simple PHP Scripts blog
-CVE-2008-5076
+CVE-2008-5076 (htop 0.7 writes process names to a terminal without sanitizing non-pri ...)
 	- htop 0.8.1-2 (unimportant; bug #504144)
 	NOTE: That scenario is too constructed to call it a security issue, especially
 	NOTE: given that the standard top will display the maliciously hidden processes
 	NOTE: just fine.
-CVE-2008-5256
+CVE-2008-5256 (The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualB ...)
 	- virtualbox-ose 1.6.6-dfsg-3 (low; bug #504149)
-CVE-2008-4801
+CVE-2008-4801 (Heap-based buffer overflow in the Data Protection for SQL CAD service  ...)
 	NOT-FOR-US: SQL CAD service
-CVE-2008-4800
+CVE-2008-4800 (The DebugDiag ActiveX control in CrashHangExt.dll, possibly 1.0, in Mi ...)
 	NOT-FOR-US: ActiveX control
-CVE-2008-4799
+CVE-2008-4799 (pamperspective in Netpbm before 10.35.48 does not properly calculate a ...)
 	- netpbm-free <not-affected> (Vulnerable code not present)
-CVE-2008-4798
+CVE-2008-4798 (The loadModule function in lib/WebGUI/Asset.pm in WebGUI before 7.5.30 ...)
 	NOT-FOR-US: WebGUI
-CVE-2008-4797
+CVE-2008-4797 (Directory traversal vulnerability in Arihiro Kurata Kantan WEB Server  ...)
 	NOT-FOR-US: Arihiro Kurata Kantan WEB Server
-CVE-2008-4796
+CVE-2008-4796 (The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 a ...)
 	{DSA-1871-2 DSA-1871-1 DSA-1691-1}
 	- libphp-snoopy 1.2.4-1 (bug #504168; medium)
 	- ampache 3.4.1-2 (bug #504169)
@@ -5750,59 +5750,59 @@ CVE-2008-4796
 	- gforge-plugin-scmcvs <removed>
 	[etch] - gforge-plugin-scmcvs <not-affected> (Snoopy function not used on URLs that come from user input)
 	- magpierss <not-affected> (Fixed in all supported distributions)
-CVE-2008-4795
+CVE-2008-4795 (The links panel in Opera before 9.62 processes Javascript within the c ...)
 	NOT-FOR-US: Opera
-CVE-2008-4794
+CVE-2008-4794 (Opera before 9.62 allows remote attackers to execute arbitrary command ...)
 	NOT-FOR-US: Opera
-CVE-2008-4793
+CVE-2008-4793 (The node module API in Drupal 5.x before 5.11 allows remote attackers  ...)
 	- drupal5 5.10-3 (low)
 	- drupal6 <not-affected> (Vulnerable code not present)
-CVE-2008-4792
+CVE-2008-4792 (The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 d ...)
 	- drupal5 5.10-3 (low)
 	- drupal6 6.4-2 (low)
-CVE-2008-4791
+CVE-2008-4791 (The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might all ...)
 	- drupal5 5.10-3 (low)
 	- drupal6 6.4-2 (low)
-CVE-2008-4790
+CVE-2008-4790 (The core upload module in Drupal 5.x before 5.11 allows remote authent ...)
 	- drupal5 5.10-3 (low)
-CVE-2008-4789
+CVE-2008-4789 (The validation functionality in the core upload module in Drupal 6.x b ...)
 	- drupal6 6.4-2 (low)
-CVE-2008-4788
+CVE-2008-4788 (Microsoft Internet Explorer 6 omits high-bit URL-encoded characters wh ...)
 	NOT-FOR-US: Microsoft Internet Explorer 6
-CVE-2008-4787
+CVE-2008-4787 (Visual truncation vulnerability in Microsoft Internet Explorer 6 allow ...)
 	NOT-FOR-US: Microsoft Internet Explorer 6
-CVE-2008-4786
+CVE-2008-4786 (SQL injection vulnerability in easyshop.php in the EasyShop plugin for ...)
 	NOT-FOR-US: EasyShop plugin for e107
-CVE-2008-4785
+CVE-2008-4785 (SQL injection vulnerability in newuser.php in the alternate_profiles p ...)
 	NOT-FOR-US: e107
-CVE-2008-4784
+CVE-2008-4784 (aflog 1.01 allows remote attackers to bypass authentication and gain a ...)
 	NOT-FOR-US: aflog
-CVE-2008-4783
+CVE-2008-4783 (tlAds 1.0 allows remote attackers to bypass authentication and gain ad ...)
 	NOT-FOR-US: tlAds
-CVE-2008-4782
+CVE-2008-4782 (SQL injection vulnerability in public/code/cp_polls_results.php in All ...)
 	NOT-FOR-US: AIOCP
-CVE-2008-4781
+CVE-2008-4781 (Directory traversal vulnerability in update.php in MyKtools 2.4 allows ...)
 	NOT-FOR-US: MyKtools
-CVE-2008-4780
+CVE-2008-4780 (Directory traversal vulnerability in admin/centre.php in MyForum 1.3,  ...)
 	NOT-FOR-US: MyForum
-CVE-2008-4779
+CVE-2008-4779 (Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers  ...)
 	NOT-FOR-US: TUGzip
-CVE-2008-4778
+CVE-2008-4778 (SQL injection vulnerability in the gallery module in Koobi CMS 4.3.0 a ...)
 	NOT-FOR-US: Koobi CMS
-CVE-2008-4777
+CVE-2008-4777 (SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) co ...)
 	NOT-FOR-US: Showroom Joomlearn LMS
-CVE-2008-4774
+CVE-2008-4774 (Cross-site scripting (XSS) vulnerability in main/main.php in QuestCMS  ...)
 	NOT-FOR-US: QuestCMS
-CVE-2008-4773
+CVE-2008-4773 (Directory traversal vulnerability in main/main.php in QuestCMS allows  ...)
 	NOT-FOR-US: QuestCMS
-CVE-2008-4772
+CVE-2008-4772 (SQL injection vulnerability in main/main.php in QuestCMS allows remote ...)
 	NOT-FOR-US: QuestCMS
-CVE-2008-4771
+CVE-2008-4771 (Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-4770
+CVE-2008-4770 (The CMsgReader::readRect function in the VNC Viewer component in RealV ...)
 	{DSA-1716-1}
 	- vnc4 4.1.1+X4.3.0-31 (medium; bug #513531)
-CVE-2008-4776
+CVE-2008-4776 (libgadu before 1.8.2 allows remote servers to cause a denial of servic ...)
 	{DSA-1664-1}
 	- libgadu 1:1.8.0+r592-3 (low; bug #503916)
 	- kadu 0.6.0.2-3 (low; bug #504429)
@@ -5811,210 +5811,210 @@ CVE-2008-4776
 	[lenny] - centerim <no-dsa> (Minor issue)
 	NOTE: claimed to be fixed in point update but is not: [lenny] - centerim 4.22.5-1+lenny1
 	- qutecom <not-affected> (does not use libgadu embed; bug #559784)
-CVE-2008-4769
+CVE-2008-4769 (Directory traversal vulnerability in the get_category_template functio ...)
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.5.1-1
-CVE-2008-4768
+CVE-2008-4768 (SQL injection vulnerability in TLM CMS 3.1 allows remote attackers to  ...)
 	NOT-FOR-US: TLM CMS
-CVE-2008-4767
+CVE-2008-4767 (Unrestricted file upload vulnerability in the DownloadsPlus module in  ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-4766
+CVE-2008-4766 (SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1 ...)
 	NOT-FOR-US: Oxygen Bulletin Board
-CVE-2008-4765
+CVE-2008-4765 (SQL injection vulnerability in pollBooth.php in osCommerce Poll Booth  ...)
 	NOT-FOR-US: osCommerce Poll Booth Add-On
-CVE-2008-4764
+CVE-2008-4764 (Directory traversal vulnerability in the eXtplorer module (com_extplor ...)
 	NOT-FOR-US: eXtplorer module in Joomla!
-CVE-2008-4763
+CVE-2008-4763 (Multiple cross-site scripting (XSS) vulnerabilities in sample.php in W ...)
 	NOT-FOR-US: WiKID wClient-PHP
-CVE-2008-4762
+CVE-2008-4762 (Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authentica ...)
 	NOT-FOR-US: freeSSHd
-CVE-2008-4761
+CVE-2008-4761 (Cross-site scripting (XSS) vulnerability in includes/htmlArea/plugins/ ...)
 	NOT-FOR-US: Kayako eSupport
-CVE-2008-4760
+CVE-2008-4760 (SQL injection vulnerability in lecture.php in Graphiks MyForum 1.3, wh ...)
 	NOT-FOR-US: Graphiks MyForum
-CVE-2008-4759
+CVE-2008-4759 (Directory traversal vulnerability in download.php in BuzzyWall 1.3.1 a ...)
 	NOT-FOR-US: BuzzyWall
-CVE-2008-4758
+CVE-2008-4758 (Directory traversal vulnerability in download_file.php in PHP-Daily al ...)
 	NOT-FOR-US: PHPdaily
-CVE-2008-4757
+CVE-2008-4757 (Multiple SQL injection vulnerabilities in PHP-Daily allow remote attac ...)
 	NOT-FOR-US: PHPdaily
-CVE-2008-4756
+CVE-2008-4756 (Cross-site scripting (XSS) vulnerability in add_prest_date.php in PHP- ...)
 	NOT-FOR-US: PHPdaily
-CVE-2008-4755
+CVE-2008-4755 (SQL injection vulnerability in gotourl.php in PozScripts Classified Au ...)
 	NOT-FOR-US: PozScripts Classified Auctions Script
-CVE-2008-4754
+CVE-2008-4754 (SQL injection vulnerability in forum.php in Scripts for Sites (SFS) Ez ...)
 	NOT-FOR-US: Scripts for Sites Ez Forum
-CVE-2008-4753
+CVE-2008-4753 (SQL injection vulnerability in EditUrl.php in AJ Square RSS Reader all ...)
 	NOT-FOR-US: AJ Square RSS Reader
-CVE-2008-4752
+CVE-2008-4752 (TlNews 2.2 allows remote attackers to bypass authentication and gain a ...)
 	NOT-FOR-US: TlNews
-CVE-2008-4751
+CVE-2008-4751 (Cross-site scripting (XSS) vulnerability in index.php in iPei Guestboo ...)
 	NOT-FOR-US: iPei Guestbook
-CVE-2008-4750
+CVE-2008-4750 (Stack-based buffer overflow in the VImpX.VImpAX ActiveX control (VImpX ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-4749
+CVE-2008-4749 (Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX c ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-4747
+CVE-2008-4747 (Unspecified vulnerability in the search feature in Sun Java System LDA ...)
 	NOT-FOR-US: Sun Java System LDAP JDK
-CVE-2008-4746
+CVE-2008-4746 (Multiple SQL injection vulnerabilities in Uniwin eCart Professional 2. ...)
 	NOT-FOR-US: Uniwin eCart Professional
-CVE-2008-4745
+CVE-2008-4745 (Cross-site scripting (XSS) vulnerability in emailFriend.asp in Uniwin  ...)
 	NOT-FOR-US: Uniwin eCart Professional
-CVE-2008-4744
+CVE-2008-4744 (SQL injection vulnerability in product_detail.php in DXShopCart 4.30mc ...)
 	NOT-FOR-US: DXShopCart
-CVE-2008-4743
+CVE-2008-4743 (SQL injection vulnerability in index.php in QuidaScript FAQ Management ...)
 	NOT-FOR-US: QuidaScript FAQ Management Script
-CVE-2008-4742
+CVE-2008-4742 (Multiple cross-site scripting (XSS) vulnerabilities in interface/Login ...)
 	NOT-FOR-US: TimeTrex
-CVE-2008-4741
+CVE-2008-4741 (Directory traversal vulnerability in index.php in FAR-PHP 1.00, when m ...)
 	NOT-FOR-US: FAR-PHP
-CVE-2008-4740
+CVE-2008-4740 (Directory traversal vulnerability in templater.php in the ZZ_Templater ...)
 	NOT-FOR-US: ZZ_Templater module in TinyCMS
-CVE-2008-4748
+CVE-2008-4748 (Format string vulnerability in the URI handler in KVirc 3.4.0, when se ...)
 	- kvirc <not-affected> (Windows-specific vulnerability)
 CVE-2008-XXXX [balazar3: insecure temp file handling]
 	- balazar3 0.1-2 (bug #503750)
-CVE-2008-4775
+CVE-2008-4775 (Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin  ...)
 	- phpmyadmin 4:2.11.8.1-4 (low)
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.securityfocus.com/archive/1/497815
-CVE-2008-4739
+CVE-2008-4739 (Directory traversal vulnerability in index.php in PlugSpace 0.1, when  ...)
 	NOT-FOR-US: PlugSpace
-CVE-2008-4738
+CVE-2008-4738 (SQL injection vulnerability in gallery.php in MyCard 1.0.2 allows remo ...)
 	NOT-FOR-US: MyCard
-CVE-2008-4737
+CVE-2008-4737 (Cross-site scripting (XSS) vulnerability in wholite.cgi in WhoDomLite  ...)
 	NOT-FOR-US: WhoDomLite
-CVE-2008-4736
+CVE-2008-4736 (SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and ea ...)
 	NOT-FOR-US: RPG.Board
-CVE-2008-4735
+CVE-2008-4735 (PHP remote file inclusion vulnerability in header.php in Concord Asset ...)
 	NOT-FOR-US: Concord software
-CVE-2008-4734
+CVE-2008-4734 (Cross-site request forgery (CSRF) vulnerability in the wpcr_do_options ...)
 	NOT-FOR-US: WP Comment Remix plugin
-CVE-2008-4733
+CVE-2008-4733 (Cross-site scripting (XSS) vulnerability in wpcommentremix.php in WP C ...)
 	NOT-FOR-US: WP Comment Remix plugin
-CVE-2008-4732
+CVE-2008-4732 (SQL injection vulnerability in ajax_comments.php in the WP Comment Rem ...)
 	NOT-FOR-US: WP Comment Remix plugin
-CVE-2008-4731
+CVE-2008-4731 (Multiple unspecified vulnerabilities in YaCy before 0.61 have unknown  ...)
 	- yacy <itp> (bug #452422)
-CVE-2008-4730
+CVE-2008-4730 (Cross-site scripting (XSS) vulnerability in MyID.php in phpMyID 0.9 al ...)
 	- phpmyid <itp> (bug #492325)
-CVE-2008-4729
+CVE-2008-4729 (Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX cont ...)
 	NOT-FOR-US: Hummingbird Xweb
-CVE-2008-4728
+CVE-2008-4728 (Multiple insecure method vulnerabilities in the DeployRun.DeploymentSe ...)
 	NOT-FOR-US: Hummingbird Deployment Wizard
-CVE-2008-4727
+CVE-2008-4727 (Cross-site scripting (XSS) vulnerability in the contact update page (s ...)
 	NOT-FOR-US: SunGard Banner Student
-CVE-2008-4726
+CVE-2008-4726 (Stack-based buffer overflow in the SFTP subsystem in GoodTech SSH 6.4  ...)
 	NOT-FOR-US: GoodTech SSH
-CVE-2008-4725
+CVE-2008-4725 (Cross-site scripting (XSS) vulnerability in Opera.dll in Opera 9.52 al ...)
 	NOT-FOR-US: Opera
-CVE-2008-4724
+CVE-2008-4724 (Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome 0 ...)
 	- webkit 1.1.7-1 (low; bug #520052)
 	[lenny] - webkit <no-dsa> (Minor issue)
 	- kdelibs <not-affected>
 	- kde4libs <not-affected>
-CVE-2008-4723
+CVE-2008-4723 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
 	- iceweasel <not-affected>
 	NOTE: firefox not affected, see https://bugzilla.redhat.com/468397
-CVE-2008-4722
+CVE-2008-4722 (Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM)  ...)
 	NOT-FOR-US: Sun ILOM
-CVE-2008-4721
+CVE-2008-4721 (PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authent ...)
 	NOT-FOR-US: PHP Jabbers
-CVE-2008-4720
+CVE-2008-4720 (Multiple PHP remote file inclusion vulnerabilities in The Gemini Porta ...)
 	NOT-FOR-US: The Gemini Portal
-CVE-2008-4719
+CVE-2008-4719 (PHP remote file inclusion vulnerability in cms/classes/openengine/file ...)
 	NOT-FOR-US: openEngine
-CVE-2008-4718
+CVE-2008-4718 (Directory traversal vulnerability in help/mini.php in X7 Chat 2.0.1 A1 ...)
 	NOT-FOR-US: X7 Chat
-CVE-2008-4717
+CVE-2008-4717 (SQL injection vulnerability in bannerclick.php in ZEELYRICS 2.0 allows ...)
 	NOT-FOR-US: ZEELYRICS
-CVE-2008-4716
+CVE-2008-4716 (SQL injection vulnerability in show.php in BitmixSoft PHP-Lance 1.52 a ...)
 	NOT-FOR-US: PHP-Lance
-CVE-2008-4715
+CVE-2008-4715 (SQL injection vulnerability in the Jpad (com_jpad) 1.0 component for J ...)
 	NOT-FOR-US: com_jpad for Joomla!
-CVE-2008-4714
+CVE-2008-4714 (Atomic Photo Album 1.1.0 pre4 does not properly handle the apa_cookie_ ...)
 	NOT-FOR-US: Atomic Photo Album
-CVE-2008-4713
+CVE-2008-4713 (SQL injection vulnerability in view.php in 212cafe Board 0.07 allows r ...)
 	NOT-FOR-US: 212cafe Board
-CVE-2008-4712
+CVE-2008-4712 (Directory traversal vulnerability in pages/showblog.php in LnBlog 0.9. ...)
 	NOT-FOR-US: LnBlog
-CVE-2008-4711
+CVE-2008-4711 (SQL injection vulnerability in Joovili 3.0 and earlier, when magic_quo ...)
 	NOT-FOR-US: Joovili
-CVE-2008-4710
+CVE-2008-4710 (Cross-site scripting (XSS) vulnerability in the stock quotes page in S ...)
 	NOT-FOR-US: Stock module for Drupal
-CVE-2008-4709
+CVE-2008-4709 (SQL injection vulnerability in news_read.php in Pilot Group (PG) eTrai ...)
 	NOT-FOR-US: PG eTraining
-CVE-2008-4708
+CVE-2008-4708 (BbZL.PhP 0.92 allows remote attackers to bypass authentication and gai ...)
 	NOT-FOR-US: BbZL.PhP
-CVE-2008-4707
+CVE-2008-4707 (Directory traversal vulnerability in index.php in BbZL.PhP 0.92 allows ...)
 	NOT-FOR-US: BbZL.PhP
-CVE-2008-4706
+CVE-2008-4706 (SQL injection vulnerability in VBGooglemap Hotspot Edition 1.0.3, a vB ...)
 	NOT-FOR-US: VBGooglemap Hotspot Edition
-CVE-2008-4705
+CVE-2008-4705 (SQL injection vulnerability in success_story.php in php Online Dating  ...)
 	NOT-FOR-US: MyPHPDating
-CVE-2008-4704
+CVE-2008-4704 (PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in ...)
 	NOT-FOR-US: SezHoo
-CVE-2008-4703
+CVE-2008-4703 (SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows r ...)
 	NOT-FOR-US: BosDev BosNews
-CVE-2008-4702
+CVE-2008-4702 (Multiple directory traversal vulnerabilities in PhpWebGallery 1.3.4 al ...)
 	NOT-FOR-US: PhpWebGallery
-CVE-2008-4701
+CVE-2008-4701 (SQL injection vulnerability in admin.php in Libera CMS 1.12, when magi ...)
 	NOT-FOR-US: Libera CMS
-CVE-2008-4700
+CVE-2008-4700 (SQL injection vulnerability in admin.php in Libera CMS 1.12 and earlie ...)
 	NOT-FOR-US: Libera CMS
-CVE-2008-4699
+CVE-2008-4699 (Insecure method vulnerability in the ActiveX control (PAWWeb11.ocx) in ...)
 	NOT-FOR-US: Peachtree Accounting
-CVE-2008-4698
+CVE-2008-4698 (Opera before 9.61 does not properly block scripts during preview of a  ...)
 	NOT-FOR-US: Opera
-CVE-2008-4697
+CVE-2008-4697 (The Fast Forward feature in Opera before 9.61, when a page is located  ...)
 	NOT-FOR-US: Opera
-CVE-2008-4696
+CVE-2008-4696 (Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before  ...)
 	NOT-FOR-US: Opera
-CVE-2008-4695
+CVE-2008-4695 (Opera before 9.60 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Opera
-CVE-2008-4694
+CVE-2008-4694 (Unspecified vulnerability in Opera before 9.60 allows remote attackers ...)
 	NOT-FOR-US: Opera
-CVE-2008-4693
+CVE-2008-4693 (The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 bef ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-4692
+CVE-2008-4692 (The Native Managed Provider for .NET component in IBM DB2 8 before FP1 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-4691
+CVE-2008-4691 (Unspecified vulnerability in the SQLNLS_UNPADDEDCHARLEN function in th ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-4690
+CVE-2008-4690 (lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx i ...)
 	- lynx <not-affected> (advanced mode is not switched on in Debian configurations and lynxcgi handlers are really unlikely)
-CVE-2008-4689
+CVE-2008-4689 (Mantis before 1.1.3 does not unset the session cookie during logout, w ...)
 	- mantis 1.1.2+dfsg-9 (low; bug #503588)
-CVE-2008-4688
+CVE-2008-4688 (core/string_api.php in Mantis before 1.1.3 does not check the privileg ...)
 	- mantis 1.1.2+dfsg-9 (low; bug #503588)
-CVE-2008-4685
+CVE-2008-4685 (Use-after-free vulnerability in the dissect_q931_cause_ie function in  ...)
 	{DSA-1673-1}
 	- wireshark 1.0.4-1 (low; bug #503589)
 	[lenny] - wireshark 1.0.2-3+lenny2
-CVE-2008-4684
+CVE-2008-4684 (packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handl ...)
 	{DSA-1673-1}
 	- wireshark 1.0.4-1 (low; bug #503589)
 	[lenny] - wireshark 1.0.2-3+lenny2
-CVE-2008-4683
+CVE-2008-4683 (The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL  ...)
 	{DSA-1673-1}
 	- wireshark 1.0.4-1 (low; bug #503589)
 	[lenny] - wireshark 1.0.2-3+lenny2
-CVE-2008-4682
+CVE-2008-4682 (wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to ca ...)
 	- wireshark 1.0.4-1 (low; bug #503589)
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.7)
 	[lenny] - wireshark 1.0.2-3+lenny2
-CVE-2008-4681
+CVE-2008-4681 (Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wiresha ...)
 	- wireshark 1.0.4-1 (low; bug #503589)
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.7)
 	[lenny] - wireshark 1.0.2-3+lenny2
-CVE-2008-4680
+CVE-2008-4680 (packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 al ...)
 	- wireshark 1.0.4-1 (low; bug #503589)
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.7)
 	[lenny] - wireshark 1.0.2-3+lenny2
-CVE-2008-4679
+CVE-2008-4679 (The Web Services Security component in IBM WebSphere Application Serve ...)
 	NOT-FOR-US: IBM Websphere
-CVE-2008-4678
+CVE-2008-4678 (The HTTP_Request_Parser method in the HTTP Transport component in IBM  ...)
 	NOT-FOR-US: IBM Websphere
-CVE-2008-4677
+CVE-2008-4677 (autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions ...)
 	- vim <unfixed> (unimportant)
 	NOTE: documented in netrw documentation
 CVE-2008-XXXX [local file inclusion in drupal]
@@ -6023,142 +6023,142 @@ CVE-2008-XXXX [local file inclusion in drupal]
 CVE-2008-XXXX [XSS in book module in drupal]
 	- drupal6 6.6-1 (low; bug #503222)
 	- drupal5 <not-affected> (vulnerable code not present)
-CVE-2008-4676
+CVE-2008-4676 (Unspecified vulnerability in Citrix XenApp (formerly Presentation Serv ...)
 	NOT-FOR-US: Citrix XenApp
-CVE-2008-4675
+CVE-2008-4675 (SQL injection vulnerability in index.php in PHPcounter 1.3.2 and earli ...)
 	NOT-FOR-US: PHPcounter
-CVE-2008-4674
+CVE-2008-4674 (SQL injection vulnerability in realestate-index.php in Conkurent Real  ...)
 	NOT-FOR-US: Conkurent Real Estate Manager
-CVE-2008-4673
+CVE-2008-4673 (PHP remote file inclusion vulnerability in panel/common/theme/default/ ...)
 	NOT-FOR-US: WebBiscuits Software Events Calendar
-CVE-2008-4672
+CVE-2008-4672 (Cross-site scripting (XSS) vulnerability in search_results.php in buym ...)
 	NOT-FOR-US: buymyscripts Lyrics Script
-CVE-2008-4671
+CVE-2008-4671 (Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in W ...)
 	- wordpress <not-affected> (Vulnerable code only in mulitiuser wordpress)
-CVE-2008-4670
+CVE-2008-4670 (Cross-site scripting (XSS) vulnerability in search.php in Ed Pudol Cli ...)
 	NOT-FOR-US: Ed Pudol Clickbank Portal
-CVE-2008-4669
+CVE-2008-4669 (Cross-site scripting (XSS) vulnerability in search.php in Dan Fletcher ...)
 	NOT-FOR-US: Dan Fletcher Recipe Script
-CVE-2008-4668
+CVE-2008-4668 (Directory traversal vulnerability in the Image Browser (com_imagebrows ...)
 	NOT-FOR-US: com_imagebrowser for Joomla!
-CVE-2008-4667
+CVE-2008-4667 (Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 all ...)
 	NOT-FOR-US: ArabCMS
-CVE-2008-4666
+CVE-2008-4666 (SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00  ...)
 	NOT-FOR-US: Ultimate Webboard
-CVE-2008-4665
+CVE-2008-4665 (SQL injection vulnerability in PG Matchmaking allows remote attackers  ...)
 	NOT-FOR-US: PG Matchmaking
-CVE-2008-4664
+CVE-2008-4664 (Heap-based buffer overflow in QvodInsert.QvodCtrl.1 ActiveX control (Q ...)
 	NOT-FOR-US: QvodInsert
-CVE-2008-4663
+CVE-2008-4663 (Cross-site scripting (XSS) vulnerability in analysis.cgi 1.44, as used ...)
 	NOT-FOR-US: K's CGI Access Log Kaiseki
-CVE-2008-4662
+CVE-2008-4662 (Directory traversal vulnerability in admin.php in LokiCMS 0.3.4, when  ...)
 	NOT-FOR-US: LokiCMS
-CVE-2008-4661
+CVE-2008-4661 (Cross-site scripting (XSS) vulnerability in the Page Improvements (sm_ ...)
 	NOT-FOR-US: sm_pageimprovements for Typo3
-CVE-2008-4660
+CVE-2008-4660 (SQL injection vulnerability in the M1 Intern (m1_intern) 1.0.0 extensi ...)
 	NOT-FOR-US: m1_intern for Typo3
-CVE-2008-4659
+CVE-2008-4659 (SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist ...)
 	NOT-FOR-US: kiddog_playerlist for Typo3
-CVE-2008-4658
+CVE-2008-4658 (SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 a ...)
 	NOT-FOR-US: dmmjobcontrol for Typo3
-CVE-2008-4657
+CVE-2008-4657 (SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and ea ...)
 	NOT-FOR-US: econda for Typo3
-CVE-2008-4656
+CVE-2008-4656 (SQL injection vulnerability in the Frontend Users View (feusersview) 0 ...)
 	NOT-FOR-US: fersview for Typo3
-CVE-2008-4655
+CVE-2008-4655 (SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0  ...)
 	NOT-FOR-US: simplesurvey for Typo3
-CVE-2008-4653
+CVE-2008-4653 (SQL injection vulnerability in makale.php in Makale 0.26 and possibly  ...)
 	NOT-FOR-US: Makale module for XOOPS
-CVE-2008-4652
+CVE-2008-4652 (Buffer overflow in the ActiveX control (DartFtp.dll) in Dart Communica ...)
 	NOT-FOR-US: Dart Communications PowerTCP FTP
-CVE-2008-4651
+CVE-2008-4651 (Multiple SQL injection vulnerabilities in Jetbox CMS 2.1 allow remote  ...)
 	NOT-FOR-US: Jetbox CMS
-CVE-2008-4650
+CVE-2008-4650 (SQL injection vulnerability in viewevent.php in myEvent 1.6 allows rem ...)
 	NOT-FOR-US: myEvent
-CVE-2008-4649
+CVE-2008-4649 (Session fixation vulnerability in Elxis CMS 2008.1 revision 2204 allow ...)
 	NOT-FOR-US: Elxis
-CVE-2008-4648
+CVE-2008-4648 (Cross-site scripting (XSS) vulnerability in index.php in Elxis CMS 200 ...)
 	NOT-FOR-US: Elxis
-CVE-2008-4647
+CVE-2008-4647 (SQL injection vulnerability in index.php in sweetCMS 1.5.2 allows remo ...)
 	NOT-FOR-US: sweetCMS
-CVE-2008-4646
+CVE-2008-4646 (The Websense Reporter Module in Websense Enterprise 6.3.2 stores the S ...)
 	NOT-FOR-US: Websense Enterprise
-CVE-2008-4645
+CVE-2008-4645 (plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and earlier ...)
 	NOT-FOR-US: PhpWebGallery
-CVE-2008-4644
+CVE-2008-4644 (hits.php in myWebland myStats allows remote attackers to bypass IP add ...)
 	NOT-FOR-US: myWebland myStats
-CVE-2008-4643
+CVE-2008-4643 (SQL injection vulnerability in hits.php in myWebland myStats allows re ...)
 	NOT-FOR-US: myWebland myStats
-CVE-2008-4642
+CVE-2008-4642 (SQL injection vulnerability in profile.php in AstroSPACES 1.1.1 allows ...)
 	NOT-FOR-US: AstroSPACES
-CVE-2008-4641
+CVE-2008-4641 (The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and ea ...)
 	- jhead 2.84-2 (low; bug #503645)
-CVE-2008-4640
+CVE-2008-4640 (The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and ea ...)
 	- jhead 2.85-1 (unimportant; bug #504194)
 	NOTE: no issue, jhead is just unlinking the output file if it already exists, this is not following symlinks
-CVE-2008-4639
+CVE-2008-4639 (jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users t ...)
 	- jhead 2.84-1 (low)
-CVE-2008-4638
+CVE-2008-4638 (qioadmin in the Quick I/O for Database feature in Symantec Veritas Fil ...)
 	NOT-FOR-US: Symantec VxFS
-CVE-2008-4637
+CVE-2008-4637 (Cross-site scripting (XSS) vulnerability in cpCommerce before 1.2.4 al ...)
 	NOT-FOR-US: cpCommerce
-CVE-2008-4636
+CVE-2008-4636 (yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allo ...)
 	NOT-FOR-US: SUSE Linux and Novell Linux (yast2-backup)
-CVE-2008-4635
+CVE-2008-4635 (Unspecified vulnerability in Hisanaga Electric Co, Ltd. hisa_cart 1.29 ...)
 	NOT-FOR-US: XOOPS module
-CVE-2008-4634
+CVE-2008-4634 (Cross-site scripting (XSS) vulnerability in Movable Type 4 through 4.2 ...)
 	- movabletype-opensource 4.2.1-3 (low; bug #503114)
-CVE-2008-4633
+CVE-2008-4633 (SQL injection vulnerability in Node Vote 5.x before 5.x-1.1 and 6.x be ...)
 	NOT-FOR-US: Node Vote
-CVE-2008-4632
+CVE-2008-4632 (Multiple directory traversal vulnerabilities in index.php in Kure 0.6. ...)
 	NOT-FOR-US: Kure
-CVE-2008-4631
+CVE-2008-4631 (Stack-based buffer overflow in the Message::AddToString function in me ...)
 	NOT-FOR-US: MUSCLE, NOTE this is not the multiple alignment program for protein sequences in Debian
-CVE-2008-4630
+CVE-2008-4630 (Multiple unspecified vulnerabilities in Midgard Components (MidCOM) Fr ...)
 	NOT-FOR-US: Midgard Components Framework
-CVE-2008-4629
+CVE-2008-4629 (Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS 1.2.0 ...)
 	NOT-FOR-US: Usagi Project MyNETS
-CVE-2008-4628
+CVE-2008-4628 (SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 al ...)
 	NOT-FOR-US: myWebland miniBloggie
-CVE-2008-4627
+CVE-2008-4627 (SQL injection vulnerability in the rGallery plugin 1.09 for WoltLab Bu ...)
 	NOT-FOR-US: WoltLab Burning Board
-CVE-2008-4626
+CVE-2008-4626 (Directory traversal vulnerability in index.php in Fritz Berger yet ano ...)
 	NOT-FOR-US: yappa-ng
-CVE-2008-4625
+CVE-2008-4625 (SQL injection vulnerability in stnl_iframe.php in the ShiftThis Newsle ...)
 	NOT-FOR-US: st_newsletter plugin for WordPress
-CVE-2008-4624
+CVE-2008-4624 (PHP remote file inclusion vulnerability in init.php in Fast Click SQL  ...)
 	NOT-FOR-US: Fast Click SQL Lite
-CVE-2008-4623
+CVE-2008-4623 (SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) com ...)
 	NOT-FOR-US: DS-Syndicate
-CVE-2008-4622
+CVE-2008-4622 (The isLoggedIn function in fastnews-code.php in phpFastNews 1.0.0 allo ...)
 	NOT-FOR-US: phpFastNews
-CVE-2008-4621
+CVE-2008-4621 (SQL injection vulnerability in bannerclick.php in ZeeScripts Zeeproper ...)
 	NOT-FOR-US: ZeeScripts Zeeproperty
-CVE-2008-4620
+CVE-2008-4620 (SQL injection vulnerability in Meeting Room Booking System (MRBS) befo ...)
 	NOT-FOR-US: Meeting Room Booking System
-CVE-2008-4619
+CVE-2008-4619 (The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-4618
+CVE-2008-4618 (The Stream Control Transmission Protocol (sctp) implementation in the  ...)
 	{DSA-1681-1}
 	- linux-2.6 2.6.26-10
 	[etch] - linux-2.6 <not-affected>
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
 	NOTE: ba0166708ef4da7eeb61dd92bbba4d5a749d6561
-CVE-2008-4617
+CVE-2008-4617 (SQL injection vulnerability in the actualite module 1.0 for Joomla! al ...)
 	NOT-FOR-US: actualite module for Joomla!
-CVE-2008-4616
+CVE-2008-4616 (The SpamBam plugin for WordPress allows remote attackers to bypass res ...)
 	NOT-FOR-US: SpamBam plugin for WordPress
-CVE-2008-4615
+CVE-2008-4615 (Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has ...)
 	NOT-FOR-US: PortalApp
-CVE-2008-4614
+CVE-2008-4614 (PortalApp 4.0 does not require authentication for (1) forums.asp and ( ...)
 	NOT-FOR-US: PortalApp
-CVE-2008-4613
+CVE-2008-4613 (SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remo ...)
 	NOT-FOR-US: PortalApp
-CVE-2008-4612
+CVE-2008-4612 (Cross-site scripting (XSS) vulnerability in PortalApp 4.0 allows remot ...)
 	NOT-FOR-US: PortalApp
-CVE-2008-4611
+CVE-2008-4611 (SQL injection vulnerability in index.php in PHP Arsivimiz Php Ziyaretc ...)
 	NOT-FOR-US: PHP Arsivimiz Php Ziyaretci Defteri
-CVE-2008-4610
+CVE-2008-4610 (MPlayer allows remote attackers to cause a denial of service (applicat ...)
 	{DTSA-181-1}
 	- mplayer 1.0~rc2-20 (bug #407010)
 	NOTE: only the aac issue affected mplayer because it built against a copy of faad
@@ -6168,7 +6168,7 @@ CVE-2008-4610
 	- xmovie <removed> (unimportant)
 	NOTE: just a crasher, no security implications known so far
 	NOTE: http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities
-CVE-2008-4609
+CVE-2008-4609 (The TCP implementation in (1) Linux, (2) platforms based on BSD Unix,  ...)
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	- linux-2.6.24 <removed> (unimportant)
@@ -6180,104 +6180,104 @@ CVE-2008-4608
 	REJECTED
 CVE-2008-4607
 	REJECTED
-CVE-2008-4606
+CVE-2008-4606 (Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow ...)
 	NOT-FOR-US: IP Reg
-CVE-2008-4605
+CVE-2008-4605 (SQL injection vulnerability in CafeEngine allows remote attackers to e ...)
 	NOT-FOR-US: CafeEngine
-CVE-2008-4604
+CVE-2008-4604 (SQL injection vulnerability in index.php in Easy CafeEngine 1.1 allows ...)
 	NOT-FOR-US: CafeEngine
-CVE-2008-4603
+CVE-2008-4603 (SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 a ...)
 	NOT-FOR-US: iGaming CM
-CVE-2008-4602
+CVE-2008-4602 (Directory traversal vulnerability in index.php in Post Affiliate Pro 2 ...)
 	NOT-FOR-US: Post Affiliate Pro
-CVE-2008-4601
+CVE-2008-4601 (Cross-site scripting (XSS) vulnerability in the login feature in Habar ...)
 	NOT-FOR-US: Habari CMS
-CVE-2008-4600
+CVE-2008-4600 (configure.php in PokerMax Poker League Tournament Script 0.13 allows r ...)
 	NOT-FOR-US: PokerMax Poker League Tournament Script
-CVE-2008-4599
+CVE-2008-4599 (SQL injection vulnerability in category.php in Mosaic Commerce allows  ...)
 	NOT-FOR-US: Mosaic Commerce
-CVE-2008-4598
+CVE-2008-4598 (Unspecified vulnerability in Shindig-Integrator 5.x, a module for Drup ...)
 	NOT-FOR-US: Shindig-Integrator module for Drupal
-CVE-2008-4597
+CVE-2008-4597 (Shindig-Integrator 5.x, a module for Drupal, does not properly restric ...)
 	NOT-FOR-US: Shindig-Integrator module for Drupal
-CVE-2008-4596
+CVE-2008-4596 (Cross-site scripting (XSS) vulnerability in Shindig-Integrator 5.x, a  ...)
 	NOT-FOR-US: Shindig-Integrator module for Drupal
-CVE-2008-4595
+CVE-2008-4595 (Multiple unspecified vulnerabilities in Slaytanic Scripts Content Plus ...)
 	NOT-FOR-US: Slaytanic Scripts Content Plus
-CVE-2008-4594
+CVE-2008-4594 (Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N  ...)
 	NOT-FOR-US: Linksys WAP4400N firmware
-CVE-2008-4593
+CVE-2008-4593 (Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled ...)
 	NOT-FOR-US: Apple iPhone 2.1 with firmware 5F136
-CVE-2008-4654
+CVE-2008-4654 (Stack-based buffer overflow in the parse_master function in the Ty dem ...)
 	- vlc 1.0.3-1 (low; bug #502726)
 	[etch] - vlc <not-affected> (introduced in 0.9.0)
 	[lenny] - vlc <not-affected> (introduced in 0.9.0)
-CVE-2008-4686
+CVE-2008-4686 (Multiple integer overflows in ty.c in the TY demux plugin (aka the TiV ...)
 	{DSA-1819-1 DTSA-175-1}
 	- vlc 0.8.6.h-4.1 (medium; bug #503118)
-CVE-2008-4687
+CVE-2008-4687 (manage_proj_page.php in Mantis before 1.1.4 allows remote authenticate ...)
 	- mantis 1.1.2+dfsg-7 (medium; bug #502728)
 	NOTE: only registered users can perform this
-CVE-2008-4592
+CVE-2008-4592 (Directory traversal vulnerability in index.php in Sports Clubs Web Pan ...)
 	NOT-FOR-US: Sports Clubs Web Panel
-CVE-2008-4591
+CVE-2008-4591 (Multiple cross-site scripting (XSS) vulnerabilities in admin/include/i ...)
 	NOT-FOR-US: PhpWebGallery
-CVE-2008-4590
+CVE-2008-4590 (Multiple SQL injection vulnerabilities in Stash 1.0.3 allow remote att ...)
 	NOT-FOR-US: Stash
-CVE-2008-4589
+CVE-2008-4589 (Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo  ...)
 	NOT-FOR-US: Lenovo Rescue and Recovery
-CVE-2008-4588
+CVE-2008-4588 (Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, poss ...)
 	NOT-FOR-US: Etype Eserv
-CVE-2008-4587
+CVE-2008-4587 (Insecure method vulnerability in the MSVNClientDownloadManager61Lib.Do ...)
 	NOT-FOR-US: Macrovision FLEXnet Connect
-CVE-2008-4586
+CVE-2008-4586 (Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 A ...)
 	NOT-FOR-US: Macrovision FLEXnet Connect
-CVE-2008-4585
+CVE-2008-4585 (Belong Software Site Builder 0.1 beta allows remote attackers to bypas ...)
 	NOT-FOR-US: Software Site Builder
-CVE-2008-4584
+CVE-2008-4584 (Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control (Chi ...)
 	NOT-FOR-US: Chilkat Mail
-CVE-2008-4583
+CVE-2008-4583 (Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component ...)
 	NOT-FOR-US: Chilkat FTP
-CVE-2008-4582
+CVE-2008-4582 (Mozilla Firefox 3.0.1 through 3.0.3, Firefox 2.x before 2.0.0.18, and  ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- xulrunner 1.9.0.4-1
 	- iceweasel 3.0.4-1
 	- iceape 1.1.13-1
 	- icedove 2.0.0.19-1
-CVE-2008-4581
+CVE-2008-4581 (The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release ...)
 	NOT-FOR-US: IBM ENOVIA SmarTeam
-CVE-2008-4580
+CVE-2008-4580 (fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows lo ...)
 	- redhat-cluster 2.20080801-1 (low; bug #496410)
 	[etch] - redhat-cluster <no-dsa> (Minor issue)
 	NOTE: already fixed in lenny
-CVE-2008-4579
+CVE-2008-4579 (The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fenc ...)
 	- redhat-cluster 2.20081102-1 (low; bug #496410)
 	[lenny] - redhat-cluster 2.20080801-4+lenny1
 	[etch] - redhat-cluster <no-dsa> (Minor issue)
-CVE-2008-4578
+CVE-2008-4578 (The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass inte ...)
 	- dovecot 1:1.1.9-1 (low; bug #502967)
 	[etch] - dovecot <no-dsa> (Minor issue)
 	[lenny] - dovecot <no-dsa> (Minor issue)
-CVE-2008-4577
+CVE-2008-4577 (The ACL plugin in Dovecot before 1.1.4 treats negative access rights a ...)
 	- dovecot 1:1.0.15-2.2 (low; bug #502967)
 	[etch] - dovecot <no-dsa> (Minor issue)
-CVE-2008-4576
+CVE-2008-4576 (sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause ...)
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-9
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-4575
+CVE-2008-4575 (Buffer overflow in the DoCommand function in jhead before 2.84 might a ...)
 	- jhead 2.84-1 (bug #502353; low)
-CVE-2008-4571
+CVE-2008-4571 (Cross-site scripting (XSS) vulnerability in the LiveSearch module in P ...)
 	- plone3 3.0.4-1 (low)
-CVE-2008-4569
+CVE-2008-4569 (SQL injection vulnerability in xlacomments.asp in XIGLA Software Absol ...)
 	NOT-FOR-US: XIGLA Software Absolute Poll Manager
-CVE-2008-4574
+CVE-2008-4574 (SQL injection vulnerability in default.asp in Ayco Okul Portali allows ...)
 	NOT-FOR-US: Ayco Okul Portali
-CVE-2008-4573
+CVE-2008-4573 (SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal W ...)
 	NOT-FOR-US: MunzurSoft Wep Portal W3
-CVE-2008-4572
+CVE-2008-4572 (GuildFTPd 0.999.14, and possibly other versions, allows remote attacke ...)
 	NOT-FOR-US: GuildFTPd
-CVE-2008-4570
+CVE-2008-4570 (SQL injection vulnerability in index.php in Real Estate Classifieds al ...)
 	NOT-FOR-US: Real Estate Classifieds
 CVE-2008-4568
 	RESERVED
@@ -6287,668 +6287,668 @@ CVE-2008-4566
 	RESERVED
 CVE-2008-4565
 	RESERVED
-CVE-2008-4564
+CVE-2008-4564 (Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 1 ...)
 	NOT-FOR-US: Autonomy KeyView SDK
-CVE-2008-4563
+CVE-2008-4563 (Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the d ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2008-4562
+CVE-2008-4562 (Buffer overflow in the ovlaunch CGI program in HP OpenView Network Nod ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2008-4561
 	RESERVED
-CVE-2008-4560
+CVE-2008-4560 (HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows  ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-4559
+CVE-2008-4559 (HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows  ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-4557
+CVE-2008-4557 (plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 (a ...)
 	NOT-FOR-US: CuteNews.ru
-CVE-2008-4556
+CVE-2008-4556 (Stack-based buffer overflow in the adm_build_path function in sadmind  ...)
 	NOT-FOR-US: Sun Solstice AdminSuite
-CVE-2008-4555
+CVE-2008-4555 (Stack-based buffer overflow in the push_subg function in parser.y (lib ...)
 	- graphviz 2.20.2-3 (low)
 	[etch] - graphviz 2.8-3+etch1
 	NOTE: minor issue fixed in etch r6 point update
-CVE-2008-4554
+CVE-2008-4554 (The do_splice_from function in fs/splice.c in the Linux kernel before  ...)
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-9
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
-CVE-2008-4553
+CVE-2008-4553 (qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local ...)
 	{DSA-1657-1}
 	- qemu 0.9.1-6 (low; bug #496394)
-CVE-2008-4552
+CVE-2008-4552 (The good_client function in nfs-utils 1.0.9, and possibly other versio ...)
 	- nfs-utils 1:1.1.3-1
 	[lenny] - nfs-utils 1:1.1.2-6lenny1
 	[etch] - nfs-utils <no-dsa> (Minor issue)
-CVE-2008-4551
+CVE-2008-4551 (strongSwan 4.2.6 and earlier allows remote attackers to cause a denial ...)
 	- strongswan 4.2.4-5 (bug #502676)
 	[etch] - strongswan <not-affected> (Vulnerable code not present)
 CVE-2008-4550
 	RESERVED
-CVE-2008-4549
+CVE-2008-4549 (The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in Imag ...)
 	NOT-FOR-US: ImageShack Toolbar ActiveX control
-CVE-2008-4548
+CVE-2008-4548 (Stack-based buffer overflow in the PTZCamPanelCtrl ActiveX control (Ca ...)
 	NOT-FOR-US: PTZCamPanelCtrl ActiveX control
-CVE-2008-4547
+CVE-2008-4547 (Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX control (p ...)
 	NOT-FOR-US: DVRHOST Web CMS
-CVE-2008-4546
+CVE-2008-4546 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4558
+CVE-2008-4558 (Array index error in VLC media player 0.9.2 allows remote attackers to ...)
 	- vlc 0.9.3-1 (medium; bug #502314)
 	[etch] - vlc <not-affected> (introduced in 0.9.0)
 	[lenny] - vlc <not-affected> (introduced in 0.9.0)
-CVE-2008-4545
+CVE-2008-4545 (Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x bef ...)
 	NOT-FOR-US: Cisco
-CVE-2008-4544
+CVE-2008-4544 (Unspecified vulnerability in an unspecified Microsoft API, as used by  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-4543
+CVE-2008-4543 (Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x bef ...)
 	NOT-FOR-US: Cisco
-CVE-2008-4542
+CVE-2008-4542 (Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2 ...)
 	NOT-FOR-US: Cisco
-CVE-2008-4541
+CVE-2008-4541 (Heap-based buffer overflow in the FTP subsystem in Sun Java System Web ...)
 	NOT-FOR-US: Sun Java System Web Proxy Server
-CVE-2008-4540
+CVE-2008-4540 (Windows Mobile 6 on the HTC Hermes device makes WLAN passwords availab ...)
 	NOT-FOR-US: Windows Mobile
-CVE-2008-4539
+CVE-2008-4539 (Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM ...)
 	{DSA-1799-1}
 	- qemu 0.9.1+svn20081101-1 (low; bug #526040)
 	[etch] - qemu <not-affected> (Vulnerable code not present)
 CVE-2008-4538
 	RESERVED
-CVE-2008-4537
+CVE-2008-4537 (Cross-site scripting (XSS) vulnerability in EC-CUBE Ver1 1.4.6 and ear ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2008-4536
+CVE-2008-4536 (Cross-site scripting (XSS) vulnerability in EC-CUBE Ver1 1.4.6 and ear ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2008-4535
+CVE-2008-4535 (Cross-site scripting (XSS) vulnerability in EC-CUBE Ver2 2.1.2a and ea ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2008-4534
+CVE-2008-4534 (SQL injection vulnerability in EC-CUBE Ver2 2.1.2a and earlier, and Ve ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2008-5299
+CVE-2008-5299 (chm2pdf 0.9 allows user-assisted local users to delete arbitrary files ...)
 	- chm2pdf 0.9.1-1.1 (low; bug #501959)
-CVE-2008-5298
+CVE-2008-5298 (chm2pdf 0.9 uses temporary files in directories with fixed names, whic ...)
 	- chm2pdf 0.9.1-1.1 (low; bug #501959)
-CVE-2008-4533
+CVE-2008-4533 (Cross-site scripting (XSS) vulnerability in Kantan WEB Server 1.8 and  ...)
 	NOT-FOR-US: Kantan WEB Server
-CVE-2008-4532
+CVE-2008-4532 (Cross-site scripting (XSS) vulnerability in index.php in MaxiScript We ...)
 	NOT-FOR-US: MaxiScript Website Directory
-CVE-2008-4531
+CVE-2008-4531 (SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a ...)
 	NOT-FOR-US: Brilliant Gallery (drupal module)
-CVE-2008-4530
+CVE-2008-4530 (Cross-site scripting (XSS) vulnerability in Brilliant Gallery 5.x befo ...)
 	NOT-FOR-US: Brilliant Gallery (drupal module)
-CVE-2008-4529
+CVE-2008-4529 (Multiple PHP remote file inclusion vulnerabilities in asiCMS alpha 0.2 ...)
 	NOT-FOR-US: asiCMS
-CVE-2008-4528
+CVE-2008-4528 (Directory traversal vulnerability in notes.php in Phlatline's Personal ...)
 	NOT-FOR-US: Phlatline's Personal Information Manager
-CVE-2008-4527
+CVE-2008-4527 (SQL injection vulnerability in recept.php in the Recepies (Recept) mod ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-4526
+CVE-2008-4526 (Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote  ...)
 	NOT-FOR-US: CCMS
-CVE-2008-4525
+CVE-2008-4525 (SQL injection vulnerability in index.php in AmpJuke 0.7.5 allows remot ...)
 	NOT-FOR-US: AmpJuke
-CVE-2008-4524
+CVE-2008-4524 (SQL injection vulnerability in the "Check User" feature (includes/chec ...)
 	NOT-FOR-US: AdaptCMS
-CVE-2008-4523
+CVE-2008-4523 (SQL injection vulnerability in login.php in IP Reg 0.4 and earlier all ...)
 	NOT-FOR-US: IP Reg
-CVE-2008-4522
+CVE-2008-4522 (Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio  ...)
 	NOT-FOR-US: JMweb MP3 Music Audio Search and Download Script
-CVE-2008-4521
+CVE-2008-4521 (SQL injection vulnerability in thisraidprogress.php in the World of Wa ...)
 	NOT-FOR-US: World of Warcraft tracker
-CVE-2008-4520
+CVE-2008-4520 (Cross-site scripting (XSS) vulnerability in bulk_update.pl in AutoNess ...)
 	NOT-FOR-US: AutoNessus
-CVE-2008-4519
+CVE-2008-4519 (Multiple directory traversal vulnerabilities in Fastpublish CMS 1.9999 ...)
 	NOT-FOR-US: Fastpublish CMS
-CVE-2008-4518
+CVE-2008-4518 (Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d  ...)
 	NOT-FOR-US: Fastpublish CMS
-CVE-2008-4517
+CVE-2008-4517 (SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows remo ...)
 	NOT-FOR-US: geccBBlite
-CVE-2008-4516
+CVE-2008-4516 (SQL injection vulnerability in galerie.php in Galerie 3.2 allows remot ...)
 	NOT-FOR-US: Galerie
-CVE-2008-4515
+CVE-2008-4515 (Blue Coat K9 Web Protection 4.0.230 Beta relies on client-side JavaScr ...)
 	NOT-FOR-US: Blue Coat K9 Web Protection
-CVE-2008-4514
+CVE-2008-4514 (The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to caus ...)
 	- kdebase <unfixed> (unimportant)
 	NOTE: browser crash is a non-issue
-CVE-2008-4513
+CVE-2008-4513 (Cross-site scripting (XSS) vulnerability in BBcode API module in Phoru ...)
 	NOT-FOR-US: Phorum
-CVE-2008-4512
+CVE-2008-4512 (ASP/MS Access Shoutbox, probably 1.1 beta, stores db/shoutdb.mdb under ...)
 	NOT-FOR-US: ASP/MS Access Shoutbox
-CVE-2008-4511
+CVE-2008-4511 (Todd Woolums ASP News Management, possibly 2.21, stores db/news.mdb un ...)
 	NOT-FOR-US: Todd Woolums ASP News Management
-CVE-2008-4510
+CVE-2008-4510 (Microsoft Windows Vista Home and Ultimate Edition SP1 and earlier allo ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-4509
+CVE-2008-4509 (Unrestricted file upload vulnerability in processFiles.php in FOSS Gal ...)
 	NOT-FOR-US: FOSS Gallery
-CVE-2008-4508
+CVE-2008-4508 (Stack-based buffer overflow in the file parsing function in Tonec Inte ...)
 	NOT-FOR-US: Tonec Internet Download Manager
-CVE-2008-4507
+CVE-2008-4507 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8 ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-4506
+CVE-2008-4506 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8 ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-4505
+CVE-2008-4505 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8 ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-4504
+CVE-2008-4504 (Heap-based buffer overflow in Mplayer.exe in Herosoft Inc. Hero DVD Pl ...)
 	NOT-FOR-US: Herosoft Inc. Hero DVD Player
-CVE-2008-4503
+CVE-2008-4503 (The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allow ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4482
+CVE-2008-4482 (The XML parser in Xerces-C++ before 3.0.0 allows context-dependent att ...)
 	- xerces-c2 <unfixed> (unimportant; bug #502102)
 	NOTE: Hardly a security issue, anyone who's concerned about this should use Xerces 3
-CVE-2008-4480
+CVE-2008-4480 (Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x befor ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-4479
+CVE-2008-4479 (Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 befor ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-4478
+CVE-2008-4478 (Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 befor ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-4473
+CVE-2008-4473 (Multiple heap-based buffer overflows in Adobe Flash CS3 Professional o ...)
 	NOT-FOR-US: Flash CS3 Professional
-CVE-2008-4502
+CVE-2008-4502 (Multiple PHP remote file inclusion vulnerabilities in DataFeedFile (DF ...)
 	NOT-FOR-US: DataFeedFile PHP Framework API
-CVE-2008-4501
+CVE-2008-4501 (Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1  ...)
 	NOT-FOR-US: Serv-U
-CVE-2008-4500
+CVE-2008-4500 (Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authentic ...)
 	NOT-FOR-US: Serv-U
-CVE-2008-4499
+CVE-2008-4499 (Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b ...)
 	NOT-FOR-US: PHP Web Explorer
-CVE-2008-4498
+CVE-2008-4498 (SQL injection vulnerability in searchresults.php in PHP Autos 2.9.1 al ...)
 	NOT-FOR-US: PHP Autos
-CVE-2008-4497
+CVE-2008-4497 (SQL injection vulnerability in event_detail.php in Built2Go Real Estat ...)
 	NOT-FOR-US: Built2Go Real Estate Listings
-CVE-2008-4496
+CVE-2008-4496 (SQL injection vulnerability in view_cat.php in PHP Realtor 1.5 allows  ...)
 	NOT-FOR-US: PHP Realtor
-CVE-2008-4495
+CVE-2008-4495 (SQL injection vulnerability in view_cat.php in PHP Auto Dealer 2.7 all ...)
 	NOT-FOR-US: PHP Auto Dealer
-CVE-2008-4494
+CVE-2008-4494 (SQL injection vulnerability in completed-advance.php in TorrentTrader  ...)
 	NOT-FOR-US: TorrentTrader Classic
-CVE-2008-4493
+CVE-2008-4493 (Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as u ...)
 	NOT-FOR-US: PicturePusher ActiveX
-CVE-2008-4492
+CVE-2008-4492 (SQL injection vulnerability in referrals.php in YourOwnBux 4.0 allows  ...)
 	NOT-FOR-US: YourOwnBux
-CVE-2008-4491
+CVE-2008-4491 (Apple Mail.app 3.5 on Mac OS X, when "Store draft messages on the serv ...)
 	NOT-FOR-US: Mac OS
-CVE-2008-4490
+CVE-2008-4490 (Directory traversal vulnerability in config.inc.php in phpAbook 0.8.8b ...)
 	NOT-FOR-US: phpAbook
-CVE-2008-4489
+CVE-2008-4489 (Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0  ...)
 	NOT-FOR-US: Atarone CMS
-CVE-2008-4488
+CVE-2008-4488 (Cross-site scripting (XSS) vulnerability in ap-pages.php in Atarone CM ...)
 	NOT-FOR-US: Atarone CMS
-CVE-2008-4487
+CVE-2008-4487 (SQL injection vulnerability in ap-save.php in Atarone CMS 1.2.0 allows ...)
 	NOT-FOR-US: Atarone CMS
-CVE-2008-4486
+CVE-2008-4486 (Directory traversal vulnerability in index.php in SAC.php (SACphp), as ...)
 	NOT-FOR-US: SACphp
-CVE-2008-4485
+CVE-2008-4485 (Cross-site scripting (XSS) vulnerability in the ICAP patience page in  ...)
 	NOT-FOR-US: Blue Coat Security Gateway OS
-CVE-2008-4484
+CVE-2008-4484 (main.php in Crux Gallery 1.32 and earlier allows remote attackers to g ...)
 	NOT-FOR-US: Crux Gallery
-CVE-2008-4483
+CVE-2008-4483 (Directory traversal vulnerability in index.php in Crux Gallery 1.32 an ...)
 	NOT-FOR-US: Crux Gallery
-CVE-2008-4481
+CVE-2008-4481 (Cross-site scripting (XSS) vulnerability in Redmine 0.7.2 and earlier  ...)
 	NOT-FOR-US: Redmine
-CVE-2008-4472
+CVE-2008-4472 (The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16 ...)
 	NOT-FOR-US: LiveUpdate ActiveX
-CVE-2008-4471
+CVE-2008-4471 (Directory traversal vulnerability in the CExpressViewerControl class i ...)
 	NOT-FOR-US: DWF Viewer ActiveX
-CVE-2008-4470
+CVE-2008-4470 (Stack-based buffer overflow in Numark CUE 5.0 rev2 allows user-assiste ...)
 	NOT-FOR-US: Numark
-CVE-2008-4469
+CVE-2008-4469 (SQL injection vulnerability in view_cresume.php in Vastal I-Tech Freel ...)
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4468
+CVE-2008-4468 (SQL injection vulnerability in view_news.php in Vastal I-Tech Share Zo ...)
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4467
+CVE-2008-4467 (SQL injection vulnerability in show_series_ink.php in Vastal I-Tech To ...)
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4466
+CVE-2008-4466 (SQL injection vulnerability in view_products_cat.php in Vastal I-Tech  ...)
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4465
+CVE-2008-4465 (SQL injection vulnerability in view_mags.php in Vastal I-Tech DVD Zone ...)
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4464
+CVE-2008-4464 (SQL injection vulnerability in view_mags.php in Vastal I-Tech Mag Zone ...)
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4463
+CVE-2008-4463 (SQL injection vulnerability in view_news.php in Vastal I-Tech Jobs Zon ...)
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4462
+CVE-2008-4462 (SQL injection vulnerability in view_news.php in Vastal I-Tech Visa Zon ...)
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4461
+CVE-2008-4461 (SQL injection vulnerability in advanced_search_results.php in Vastal I ...)
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4460
+CVE-2008-4460 (SQL injection vulnerability in game.php in Vastal I-Tech MMORPG Zone a ...)
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2008-4459
+CVE-2008-4459 (SQL injection vulnerability in pick_users.php in the groups module in  ...)
 	NOT-FOR-US: eXtrovert Thyme
-CVE-2008-4458
+CVE-2008-4458 (SQL injection vulnerability in listings.php in E-Php B2B Trading Marke ...)
 	NOT-FOR-US: E-Php B2B Trading Marketplace Script
-CVE-2008-4457
+CVE-2008-4457 (SQL injection vulnerability in inc/inc_statistics.php in MemHT Portal  ...)
 	NOT-FOR-US: MemHT Portal
-CVE-2008-4456
+CVE-2008-4456 (Cross-site scripting (XSS) vulnerability in the command-line client in ...)
 	{DSA-1783-1}
 	- mysql-dfsg-5.0 5.0.51-1 (low; bug #526254)
-CVE-2008-4455
+CVE-2008-4455 (Directory traversal vulnerability in index.php in EKINdesigns MySQL Qu ...)
 	NOT-FOR-US: EKINdesigns MySQL Quick Admin
-CVE-2008-4454
+CVE-2008-4454 (Directory traversal vulnerability in EKINdesigns MySQL Quick Admin 1.5 ...)
 	NOT-FOR-US: EKINdesigns MySQL Quick Admin
-CVE-2008-4453
+CVE-2008-4453 (The GdPicture (1) Light Imaging Toolkit 4.7.1 GdPicture4S.Imaging Acti ...)
 	NOT-FOR-US: ActiveX control
-CVE-2008-4452
+CVE-2008-4452 (Buffer overflow in Cambridge Computer Corporation vxFtpSrv 2.0.3 allow ...)
 	NOT-FOR-US: Cambridge Computer Corporation vxFtpSrv
-CVE-2008-4451
+CVE-2008-4451 (The SysInspector AntiStealth driver (esiasdrv.sys) 3.0.65535.0 in ESET ...)
 	NOT-FOR-US: ESET System Analyzer Tool
-CVE-2008-4450
+CVE-2008-4450 (Cross-site scripting (XSS) vulnerability in adodb.php in XAMPP for Win ...)
 	NOT-FOR-US: XAMPP
-CVE-2008-4449
+CVE-2008-4449 (Stack-based buffer overflow in mIRC 6.34 allows remote attackers to ex ...)
 	NOT-FOR-US: mIRC
-CVE-2008-4448
+CVE-2008-4448 (Cross-site request forgery (CSRF) vulnerability in actions.php in Posi ...)
 	NOT-FOR-US: Positive Software H-Sphere WebShell
-CVE-2008-4447
+CVE-2008-4447 (Cross-site scripting (XSS) vulnerability in actions.php in Positive So ...)
 	NOT-FOR-US: Positive Software H-Sphere WebShell
-CVE-2008-4446
+CVE-2008-4446 (Cross-site scripting (XSS) vulnerability in Nucleus EUC-JP 3.31 SP1 an ...)
 	NOT-FOR-US: Nucleus EUC-JP
-CVE-2008-4445
+CVE-2008-4445 (The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream C ...)
 	{DSA-1655-1}
 	- linux-2.6 2.6.26-5
 	- linux-2.6.24 2.6.24-6~etchnhalf.6
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
-CVE-2008-4444
+CVE-2008-4444 (Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P ...)
 	NOT-FOR-US: Cisco Unified IP Phone
 CVE-2008-4443
 	RESERVED
 CVE-2008-4442
 	RESERVED
-CVE-2008-4441
+CVE-2008-4441 (The Marvell driver for the Linksys WAP4400N Wi-Fi access point with fi ...)
 	NOT-FOR-US: Linksys
-CVE-2008-4439
+CVE-2008-4439 (PHP remote file inclusion vulnerability in admin/bin/patch.php in Mart ...)
 	NOT-FOR-US: MartinWood Datafeed Studio
-CVE-2008-4438
+CVE-2008-4438 (Cross-site scripting (XSS) vulnerability in search.php in Datafeed Stu ...)
 	NOT-FOR-US: Datafeed Studio
-CVE-2008-4437
+CVE-2008-4437 (Directory traversal vulnerability in importxml.pl in Bugzilla before 2 ...)
 	{DTSA-170-1}
 	- bugzilla 3.0.5.0-1 (low; bug #502019)
 	[etch] - bugzilla <no-dsa> (Minor issue)
-CVE-2008-4436
+CVE-2008-4436 (SQL injection vulnerability in bblog_plugins/builtin.help.php in bBlog ...)
 	NOT-FOR-US: bBlog
-CVE-2008-4435
+CVE-2008-4435 (Multiple cross-site scripting (XSS) vulnerabilities in the RMSOFT Down ...)
 	NOT-FOR-US: RMSOFT Downloads Plus
-CVE-2008-4434
+CVE-2008-4434 (Stack-based buffer overflow in (1) uTorrent 1.7.7 build 8179 and earli ...)
 	NOT-FOR-US: uTorrent/Bittorrent
-CVE-2008-4433
+CVE-2008-4433 (SQL injection vulnerability in search.php in the RMSOFT MiniShop modul ...)
 	NOT-FOR-US: RMSOFT MiniShop (xoops)
-CVE-2008-4432
+CVE-2008-4432 (Cross-site scripting (XSS) vulnerability in search.php in the RMSOFT M ...)
 	NOT-FOR-US: RMSOFT MiniShop (xoops)
-CVE-2008-4431
+CVE-2008-4431 (SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and earlie ...)
 	NOT-FOR-US: IceBB
 CVE-2008-4430
 	REJECTED
-CVE-2008-4429
+CVE-2008-4429 (Unspecified vulnerability in SOURCENEXT Virus Security ZERO 9.5.0173 a ...)
 	NOT-FOR-US: SOURCENEXT Virus Security ZERO
-CVE-2008-4428
+CVE-2008-4428 (Unrestricted file upload vulnerability in upload.php in Phlatline's Pe ...)
 	NOT-FOR-US: Phlatline's Personal Information Manager
-CVE-2008-4427
+CVE-2008-4427 (changepassword.php in Phlatline's Personal Information Manager (pPIM)  ...)
 	NOT-FOR-US: Phlatline's Personal Information Manager
-CVE-2008-4426
+CVE-2008-4426 (Cross-site scripting (XSS) vulnerability in events.php in Phlatline's  ...)
 	NOT-FOR-US: Phlatline's Personal Information Manager
-CVE-2008-4425
+CVE-2008-4425 (Directory traversal vulnerability in upload.php in Phlatline's Persona ...)
 	NOT-FOR-US: Phlatline's Personal Information Manager
-CVE-2008-4424
+CVE-2008-4424 (Cross-site scripting (XSS) vulnerability in index.php in Domain Group  ...)
 	NOT-FOR-US: Domain Group Network GooCMS
-CVE-2008-4423
+CVE-2008-4423 (SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows rem ...)
 	NOT-FOR-US: Ovidentia
 CVE-2008-4422
 	REJECTED
-CVE-2008-4421
+CVE-2008-4421 (Directory traversal vulnerability in MetaGauge 1.0.0.17, and probably  ...)
 	NOT-FOR-US: MetaGauge
-CVE-2008-4420
+CVE-2008-4420 (Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in  ...)
 	NOT-FOR-US: DynaZip Max
-CVE-2008-4419
+CVE-2008-4419 (Directory traversal vulnerability in the HP JetDirect web administrati ...)
 	NOT-FOR-US: HP-ChaiSOE
-CVE-2008-4418
+CVE-2008-4418 (Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.1 ...)
 	NOT-FOR-US: HP-UX
 CVE-2008-4417
 	REJECTED
-CVE-2008-4416
+CVE-2008-4416 (Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows loc ...)
 	NOT-FOR-US: HP-UX
-CVE-2008-4415
+CVE-2008-4415 (Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71  ...)
 	NOT-FOR-US: HP Service Manager (HPSM)
-CVE-2008-4414
+CVE-2008-4414 (Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UN ...)
 	NOT-FOR-US: HP Tru64 UNIX
-CVE-2008-4413
+CVE-2008-4413 (Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2008-4412
+CVE-2008-4412 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5 ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2008-4411
+CVE-2008-4411 (Cross-site scripting (XSS) vulnerability in HP System Management Homep ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2008-4410
+CVE-2008-4410 (The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Vi ...)
 	- linux-2.6 2.6.26-8
 	- linux-2.6.24 <not-affected> (Vulnerable code not present)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2008-4409
+CVE-2008-4409 (libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities  ...)
 	- libxml2 <not-affected>
 	[lenny] - libxml2 <not-affected> (Vulnerable code not present)
 	[etch] - libxml2 <not-affected> (Vulnerable code not present)
 	NOTE: The bug affects only to 2.7.0 and 2.7.1
-CVE-2008-4406
+CVE-2008-4406 (A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4 ...)
 	- sabre 0.2.4b-25 (low; bug #433996)
 	[etch] - sabre <no-dsa> (Game not qualified as multi-user system, thus minor issue)
-CVE-2008-4405
+CVE-2008-4405 (xend in Xen 3.0.3 does not properly limit the contents of the /local/d ...)
 	- xen-3 3.4.0-1 (bug #503811)
 	- xen-unstable <removed>
 	NOTE: a proposed patch leads to new problems, see CVE-2008-5716
-CVE-2008-4404
+CVE-2008-4404 (The IPv6 Neighbor Discovery Protocol (NDP) implementation on IBM zSeri ...)
 	NOT-FOR-US: IPv6 NDP on IBM zSeries
-CVE-2008-4403
+CVE-2008-4403 (The CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before ...)
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2008-4402
+CVE-2008-4402 (Multiple buffer overflows in CGI modules in the server in Trend Micro  ...)
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2008-4408
+CVE-2008-4408 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.1, 1.12.0,  ...)
 	{DTSA-171-1}
 	- mediawiki 1:1.13.2-1 (low; bug #501115)
 	[etch] - mediawiki <not-affected> (Vulnerable code not present)
-CVE-2008-4475
+CVE-2008-4475 (ibackup 2.27 allows local users to overwrite arbitrary files via a sym ...)
 	- ibackup <removed> (low; bug #496432)
 	[etch] - ibackup <no-dsa> (Minor issues)
-CVE-2008-4401
+CVE-2008-4401 (ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not requ ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-4400
+CVE-2008-4400 (Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (former ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-4399
+CVE-2008-4399 (Unspecified vulnerability in the database engine service in asdbapi.dl ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-4398
+CVE-2008-4398 (Unspecified vulnerability in the tape engine service in asdbapi.dll in ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-4397
+CVE-2008-4397 (Directory traversal vulnerability in the RPC interface (asdbapi.dll) i ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-4396
+CVE-2008-4396 (Stack-based buffer overflow in Safer Networking FileAlyzer 1.6.0.0 and ...)
 	NOT-FOR-US: Safer Networking FileAlyzer
-CVE-2008-4969
+CVE-2008-4969 (ltp-network-test 20060918 allows local users to overwrite arbitrary fi ...)
 	- ltp 20060918-3 (low; bug #496411)
 	[etch] - ltp <no-dsa> (Documented to be only suitable for single user setups currently)
-CVE-2008-4954
+CVE-2008-4954 (mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files v ...)
 	- fml <removed> (low; bug #496370)
 	[etch] - fml <no-dsa> (Minor issue)
-CVE-2008-4957
+CVE-2008-4957 (find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to ove ...)
 	- gccxml 0.9.0+cvs20100501-1 (unimportant; bug #496391)
 	NOTE: Only applies to a script used for an obscure SGI compiler
-CVE-2008-4943
+CVE-2008-4943 (bulmages-servers 0.11.1 allows local users to overwrite arbitrary file ...)
 	- bulmages <removed> (unimportant; bug #496382)
 	NOTE: Only present in example scripts
 CVE-2008-5034
 	- printfilters-ppd <unfixed> (unimportant; bug #496417)
 	NOTE: Only exploitable when modifying master-filter by hand
-CVE-2008-4955
+CVE-2008-4955 (freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary  ...)
 	- freevo <unfixed> (unimportant; bug #496373)
 	NOTE: Only exploitable when modifying script by hand
-CVE-2008-4974
+CVE-2008-4974 (rrdedit in netmrg 0.20 allows local users to overwrite arbitrary files ...)
 	- netmrg 0.20-2 (low; bug #496384)
 	[etch] - netmrg <no-dsa> (Minor issue)
-CVE-2008-4960
+CVE-2008-4960 (impose in impose+ 0.2 allows local users to overwrite arbitrary files  ...)
 	- impose+ 0.2-11.1 (low; bug #496435)
 	[etch] - impose+ <no-dsa> (Minor issue)
-CVE-2008-4964
+CVE-2008-4964 (filters/any-UTF8 in konwert 1.8 allows local users to delete arbitrary ...)
 	- konwert 1.8-11.2 (low; bug #496379)
 	[etch] - konwert <no-dsa> (Minor issue)
-CVE-2008-4986
+CVE-2008-4986 (wims 3.62 allows local users to overwrite arbitrary files via a symlin ...)
 	- wims 3.62-13.1 (low; bug #496387)
 	[etch] - wims <no-dsa> (Minor issue)
-CVE-2008-4474
+CVE-2008-4474 (freeradius-dialupadmin in freeradius 2.0.4 allows local users to overw ...)
 	- freeradius 2.0.4+dfsg-6 (low; bug #496389)
 	[etch] - freeradius <no-dsa> (Minor issue)
-CVE-2008-4995
+CVE-2008-4995 (redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary ...)
 	- bk2site <removed> (unimportant; bug #496430)
 	NOTE: Only debug code, script needs to be edited to exploit this
-CVE-2008-4983
+CVE-2008-4983 (scilab-bin 4.1.2 allows local users to overwrite arbitrary files via a ...)
 	- scilab 4.1.2-6 (low; bug #496414)
 	[etch] - scilab <no-dsa> (Non-free not supported)
-CVE-2008-4395
+CVE-2008-4395 (Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux ...)
 	{DSA-1731-1}
 	- ndiswrapper 1.53-2 (medium; bug #504696)
-CVE-2008-4394
+CVE-2008-4394 (Multiple untrusted search path vulnerabilities in Portage before 2.1.4 ...)
 	NOT-FOR-US: Gentoo package manager Portage
-CVE-2008-4393
+CVE-2008-4393 (Cross-site scripting (XSS) vulnerability in VeriSign Kontiki Delivery  ...)
 	NOT-FOR-US: VeriSign Kontiki
-CVE-2008-4392
+CVE-2008-4392 (dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultane ...)
 	- djbdns <removed> (high; bug #516394)
-CVE-2008-4391
+CVE-2008-4391 (Stack-based buffer overflow in the SetSource method in the NetCamPlaye ...)
 	NOT-FOR-US: Cisco Linksys WVC54GC
-CVE-2008-4390
+CVE-2008-4390 (The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 s ...)
 	NOT-FOR-US: Cisco Linksys WVC54GC
-CVE-2008-4389
+CVE-2008-4389 (Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x  ...)
 	NOT-FOR-US: Symantec AppStream
-CVE-2008-4388
+CVE-2008-4388 (The LaunchObj ActiveX control before 5.2.2.865 in launcher.dll in Syma ...)
 	NOT-FOR-US: LaunchObj ActiveX
-CVE-2008-4387
+CVE-2008-4387 (Unspecified vulnerability in the Simba MDrmSap ActiveX control in mdrm ...)
 	NOT-FOR-US: ActiveX
 CVE-2008-4386
 	RESERVED
-CVE-2008-4385
+CVE-2008-4385 (Husdawg, LLC Systems Requirements Lab 3, as used by Instant Expert Ana ...)
 	NOT-FOR-US: LLC Systems Requirements Lab
-CVE-2008-4384
+CVE-2008-4384 (Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX ...)
 	NOT-FOR-US: LPViewer ActiveX
-CVE-2008-4383
+CVE-2008-4383 (Stack-based buffer overflow in the Agranet-Emweb embedded management w ...)
 	NOT-FOR-US: Agranet-Emweb
-CVE-2008-4382
+CVE-2008-4382 (Konqueror in KDE 3.5.9 allows remote attackers to cause a denial of se ...)
 	- kdebase <unfixed> (unimportant)
 	NOTE: browser dos not treated as security issue. This is the same like CVE-2008-4381
 	NOTE: which will work in every JS browser as the PoC just creates a large string passing
 	NOTE: it to alert and thus eating memory, no security issue.
-CVE-2008-4381
+CVE-2008-4381 (Microsoft Internet Explorer 7 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-4380
+CVE-2008-4380 (The web interface in Samsung DVR SHR2040 allows remote attackers to ca ...)
 	NOT-FOR-US: Samsung DVR SHR2040
-CVE-2008-4379
+CVE-2008-4379 (Cross-site scripting (XSS) vulnerability in report.php in Mr. CGI Guy  ...)
 	NOT-FOR-US: Mr. CGI Guy Hot Links SQL-PHP
-CVE-2008-4378
+CVE-2008-4378 (SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL ...)
 	NOT-FOR-US: Mr. CGI Guy Hot Links SQL-PHP
-CVE-2008-4377
+CVE-2008-4377 (SQL injection vulnerability in index.asp in Creative Mind Creator CMS  ...)
 	NOT-FOR-US: Creative Mind Creator CMS
-CVE-2008-4376
+CVE-2008-4376 (SQL injection vulnerability in index.php in Live TV Script allows remo ...)
 	NOT-FOR-US: Live TV Script
-CVE-2008-4375
+CVE-2008-4375 (SQL injection vulnerability in viewprofile.php in Availscript Classmat ...)
 	NOT-FOR-US: Availscript
-CVE-2008-4374
+CVE-2008-4374 (SQL injection vulnerability in index.php in CMS Buzz allows remote att ...)
 	NOT-FOR-US: CMS Buzz
-CVE-2008-4373
+CVE-2008-4373 (SQL injection vulnerability in job_seeker/applynow.php in AvailScript  ...)
 	NOT-FOR-US: Availscript
-CVE-2008-4372
+CVE-2008-4372 (Cross-site scripting (XSS) vulnerability in articles.php in AvailScrip ...)
 	NOT-FOR-US: Availscript
-CVE-2008-4371
+CVE-2008-4371 (SQL injection vulnerability in articles.php in AvailScript Article Scr ...)
 	NOT-FOR-US: Availscript
-CVE-2008-4370
+CVE-2008-4370 (Multiple cross-site scripting (XSS) vulnerabilities in Availscript Pho ...)
 	NOT-FOR-US: Availscript
-CVE-2008-4369
+CVE-2008-4369 (SQL injection vulnerability in pics.php in Availscript Photo Album all ...)
 	NOT-FOR-US: Availscript
-CVE-2008-4368
+CVE-2008-4368 (The default configuration of Java 1.5 on Apple Mac OS X 10.5.4 and 10. ...)
 	NOT-FOR-US: Java on OSX
 CVE-2008-4367
 	RESERVED
-CVE-2008-4965
+CVE-2008-4965 (liguidsoap.py in liguidsoap 0.3.8.1+2 allows local users to overwrite  ...)
 	{DTSA-177-1 DTSA-178-1}
 	- liquidsoap 0.3.8.1+2-2 (low; bug #496360)
 	[lenny] - liquidsoap 0.3.6-4+lenny1
-CVE-2008-4966
+CVE-2008-4966 (linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary  ...)
 	- openswan 1:2.6.21+dfsg-2 (unimportant; bug #496376)
 	NOTE: Only unused packaging bits
-CVE-2008-4941
+CVE-2008-4941 (arb-common 0.0.20071207.1 allows local users to overwrite arbitrary fi ...)
 	- arb 0.0.20071207.1-5 (low; bug #496396)
-CVE-2008-4940
+CVE-2008-4940 (xmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary fi ...)
 	- aptoncd 0.1-1.2 (bug #496390; low)
-CVE-2008-4947
+CVE-2008-4947 (dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwri ...)
 	- dhis-server 5.3-1.2 (bug #496388; unimportant)
-CVE-2008-4967
+CVE-2008-4967 (linuxtrade 3.65 allows local users to overwrite arbitrary files via a  ...)
 	- linuxtrade <removed> (unimportant; bug #496372)
 	NOTE: unimportant since the program is dysfunctional with the current
 	NOTE: trading website and thus not exploitable for practical purposes
-CVE-2008-4980
+CVE-2008-4980 (delqueueask in rccp 0.9 allows local users to overwrite arbitrary file ...)
 	- rccp 0.9-2.1 (low; bug #496364)
 	[etch] - rccp <no-dsa> (Minor issue)
-CVE-2008-4948
+CVE-2008-4948 (fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary f ...)
 	- digitaldj 0.7.5-6.1 (low; bug #496399)
 	[etch] - digitaldj <no-dsa> (Minor issue)
-CVE-2008-4945
+CVE-2008-4945 (amlabel-cdrw in cdrw-taper 0.4 might allow local users to overwrite ar ...)
 	- cdrw-taper 0.4-2.1 (low; bug #496380)
 	[etch] - cdrw-taper <no-dsa> (Minor issue)
-CVE-2008-4958
+CVE-2008-4958 (gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via ...)
 	- gdrae 0.1-1.1 (low; bug #496378)
 	[etch] - gdrae <no-dsa> (Minor issue)
-CVE-2008-4407
+CVE-2008-4407 (XRunSabre in sabre (aka xsabre) 0.2.4b relies on the ability to create ...)
 	- sabre 0.2.4b-25 (low; bug #433996)
 	[etch] - sabre <no-dsa> (Game not qualified as multi-user system, thus minor issue)
-CVE-2008-4366
+CVE-2008-4366 (Unrestricted file upload vulnerability in the image upload component i ...)
 	NOT-FOR-US: Camera Life
-CVE-2008-4365
+CVE-2008-4365 (Cross-site scripting (XSS) vulnerability in search.php in Siteman 1.1. ...)
 	NOT-FOR-US: Siteman
-CVE-2008-4364
+CVE-2008-4364 (SQL injection vulnerability in default.aspx in ParsaGostar ParsaWeb CM ...)
 	NOT-FOR-US: ParsaGostar ParsaWeb CMS
-CVE-2008-4363
+CVE-2008-4363 (DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a d ...)
 	NOT-FOR-US: DESlock
-CVE-2008-4362
+CVE-2008-4362 (The Virtual Token driver (vdlptokn.sys) 1.0.2.43 in DESlock+ 3.2.7 all ...)
 	NOT-FOR-US: DESlock
-CVE-2008-4361
+CVE-2008-4361 (Directory traversal vulnerability in PowerPortal 2.0.13 allows remote  ...)
 	NOT-FOR-US: PowerPortal
-CVE-2008-4360
+CVE-2008-4360 (mod_userdir in lighttpd before 1.4.20, when a case-insensitive operati ...)
 	{DSA-1645-1}
 	- lighttpd 1.4.19-5 (low)
 	NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt
-CVE-2008-4359
+CVE-2008-4359 (lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redire ...)
 	{DSA-1645-1}
 	- lighttpd 1.4.19-5 (low)
 	NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt
-CVE-2008-4358
+CVE-2008-4358 (Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP  ...)
 	NOT-FOR-US: SPAW Editor PHP
-CVE-2008-4357
+CVE-2008-4357 (SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows r ...)
 	NOT-FOR-US: Powie pLink
-CVE-2008-4356
+CVE-2008-4356 (Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 ...)
 	NOT-FOR-US: Kasseler CMS
-CVE-2008-4355
+CVE-2008-4355 (SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum ( ...)
 	NOT-FOR-US: Powie PSCRIPT Forum
-CVE-2008-4354
+CVE-2008-4354 (SQL injection vulnerability in the products module in NetArt Media iBo ...)
 	NOT-FOR-US: NetArt Media iBoutique
-CVE-2008-4353
+CVE-2008-4353 (SQL injection vulnerability in link.php in Linkarity allows remote att ...)
 	NOT-FOR-US: Linkarity
-CVE-2008-4352
+CVE-2008-4352 (SQL injection vulnerability in inc/pages/viewprofile.php in phpSmartCo ...)
 	NOT-FOR-US: phpSmartCom
-CVE-2008-4351
+CVE-2008-4351 (Directory traversal vulnerability in index.php in phpSmartCom 0.2 allo ...)
 	NOT-FOR-US: phpSmartCom
-CVE-2008-4350
+CVE-2008-4350 (SQL injection vulnerability in main.php in vbLOGIX Tutorial Script 1.0 ...)
 	NOT-FOR-US: vbLOGIX Tutorial Script
-CVE-2008-4349
+CVE-2008-4349 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in s0n ...)
 	NOT-FOR-US: s0nic Paranews
-CVE-2008-4348
+CVE-2008-4348 (SQL injection vulnerability in photo.php in PHPortfolio, possibly 1.3, ...)
 	NOT-FOR-US: PHPortfolio
-CVE-2008-4347
+CVE-2008-4347 (SQL injection vulnerability in newskom.php in Powie pNews 2.03 allows  ...)
 	NOT-FOR-US: Powie pNews
-CVE-2008-4346
+CVE-2008-4346 (Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows ...)
 	NOT-FOR-US: TalkBack
-CVE-2008-4345
+CVE-2008-4345 (SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and ...)
 	NOT-FOR-US: WebPortal CMS
-CVE-2008-4344
+CVE-2008-4344 (SQL injection vulnerability in cat.php in 6rbScript allows remote atta ...)
 	NOT-FOR-US: 6rbScript
-CVE-2008-4343
+CVE-2008-4343 (The Chilkat XML ChilkatUtil.CkData.1 ActiveX control (ChilkatUtil.dll) ...)
 	NOT-FOR-US: Chilkat XML ChilkatUtil.CkData.1 ActiveX control
-CVE-2008-4342
+CVE-2008-4342 (NuMedia Soft NMS DVD Burning SDK Activex NMSDVDX.DVDEngineX.1 ActiveX  ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-4341
+CVE-2008-4341 (add.php in MyBlog 0.9.8 and earlier allows remote attackers to bypass  ...)
 	NOT-FOR-US: MyBlog
-CVE-2008-4340
+CVE-2008-4340 (Google Chrome 0.2.149.29 and 0.2.149.30 allows remote attackers to cau ...)
 	- chromium-browser <not-affected> (only 0.x is affected)
 	- webkit <not-affected> (poc not effective)
-CVE-2008-4339
+CVE-2008-4339 (Unspecified vulnerability in the Java Administration GUI (jnbSA) in Sy ...)
 	NOT-FOR-US: Symantec Veritas NetBackup Server
-CVE-2008-4338
+CVE-2008-4338 (SQL injection vulnerability in the brilliant_gallery_checklist_save fu ...)
 	NOT-FOR-US: drupal brilliant gallery 3rd party module
-CVE-2008-4337
+CVE-2008-4337 (Cross-site scripting (XSS) vulnerability in Bitweaver 2.0.2 allows rem ...)
 	NOT-FOR-US: Bitweaver
-CVE-2008-4336
+CVE-2008-4336 (Cross-site scripting (XSS) vulnerability in album.php in Atomic Photo  ...)
 	NOT-FOR-US: Atomic Photo Album
-CVE-2008-4335
+CVE-2008-4335 (SQL injection vulnerability in album.php in Atomic Photo Album (APA) 1 ...)
 	NOT-FOR-US: Atomic Photo Album
-CVE-2008-4334
+CVE-2008-4334 (PHP infoBoard V.7 Plus allows remote attackers to bypass authenticatio ...)
 	NOT-FOR-US: PHP infoBoard
-CVE-2008-4333
+CVE-2008-4333 (Cross-site scripting (XSS) vulnerability in PHP infoBoard V.7 Plus all ...)
 	NOT-FOR-US: PHP infoBoard
-CVE-2008-4332
+CVE-2008-4332 (SQL injection vulnerability in the showjavatopic function in func.php  ...)
 	NOT-FOR-US: PHP infoBoard
-CVE-2008-4331
+CVE-2008-4331 (Directory traversal vulnerability in library/pagefunctions.inc.php in  ...)
 	NOT-FOR-US: phpOCS
-CVE-2008-4330
+CVE-2008-4330 (Directory traversal vulnerability in index.php in LanSuite 3.3.2 allow ...)
 	NOT-FOR-US: LanSuite
-CVE-2008-4329
+CVE-2008-4329 (PHP remote file inclusion vulnerability in cms/system/openengine.php i ...)
 	NOT-FOR-US: openEngine
-CVE-2008-4328
+CVE-2008-4328 (SQL injection vulnerability in site_search.php in EasyRealtorPRO 2008  ...)
 	NOT-FOR-US: EasyRealtorPRO
-CVE-2008-4327
+CVE-2008-4327 (gdiplus.dll in GDI+ in Microsoft Windows XP SP3 does not properly hand ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-4326
+CVE-2008-4326 (The PMA_escapeJsString function in libraries/js_escape.lib.php in phpM ...)
 	{DSA-1675-1}
 	- phpmyadmin 4:2.11.8.1-3
-CVE-2008-4325
+CVE-2008-4325 (lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the H ...)
 	- viewvc 1.0.9-1 (bug #500779; unimportant)
-CVE-2008-4324
+CVE-2008-4324 (The user interface event dispatcher in Mozilla Firefox 3.0.3 on Window ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: reproducible but browser DoS not treated as security issue
-CVE-2008-4323
+CVE-2008-4323 (Windows Explorer in Microsoft Windows XP SP3 allows user-assisted atta ...)
 	NOT-FOR-US: Windows Explorer
-CVE-2008-4322
+CVE-2008-4322 (Stack-based buffer overflow in RealFlex Technologies Ltd. RealWin Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-4321
+CVE-2008-4321 (Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FT ...)
 	NOT-FOR-US: FlashGet FTP
-CVE-2008-4320
+CVE-2008-4320 (Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before  ...)
 	NOT-FOR-US: OpenNMS
-CVE-2008-4319
+CVE-2008-4319 (fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18  ...)
 	NOT-FOR-US: Libra File Manager
-CVE-2008-4318
+CVE-2008-4318 (Observer 0.3.2.1 and earlier allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Observer
 CVE-2008-4317
 	REJECTED
-CVE-2008-4316
+CVE-2008-4316 (Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow ...)
 	{DSA-1747-1}
 	- glib2.0 2.20.0-1 (medium; bug #520046)
-CVE-2008-4315
+CVE-2008-4315 (tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux (RH ...)
 	NOT-FOR-US: OpenPegasus
-CVE-2008-4314
+CVE-2008-4314 (smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to rea ...)
 	- samba 2:3.2.5-1
 	[etch] - samba <not-affected> (Vulnerable code not present)
-CVE-2008-4313
+CVE-2008-4313 (A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 doe ...)
 	NOT-FOR-US: OpenPegasus
 CVE-2008-4312
 	REJECTED
-CVE-2008-4311
+CVE-2008-4311 (The default configuration of system.conf in D-Bus (aka DBus) before 1. ...)
 	- dbus 1.2.1-5 (low; bug #508032)
 	[etch] - dbus <no-dsa> (Backport for Etch too risky for regressions for too little gain)
-CVE-2008-4310
+CVE-2008-4310 (httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat En ...)
 	- ruby <not-affected> (bug #508030)
 	NOTE: Red Hat-specific
-CVE-2008-4309
+CVE-2008-4309 (Integer overflow in the netsnmp_create_subtree_cache function in agent ...)
 	{DSA-1663-1}
 	- net-snmp 5.4.1~dfsg-11 (bug #504150)
-CVE-2008-4308
+CVE-2008-4308 (The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 th ...)
 	- tomcat5.5 5.5.23-1 (low)
-CVE-2008-4307
+CVE-2008-4307 (Race condition in the do_setlk function in fs/nfs/file.c in the Linux  ...)
 	{DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.26-1
 	- linux-2.6.24 <removed>
-CVE-2008-4306
+CVE-2008-4306 (Buffer overflow in enscript before 1.6.4 has unknown impact and attack ...)
 	{DSA-1670-1}
 	- enscript 1.6.4-13 (bug #506261)
-CVE-2008-4305
+CVE-2008-4305 (Static code injection vulnerability in installation/setup.php in phpCo ...)
 	NOT-FOR-US: phpCollab
-CVE-2008-4304
+CVE-2008-4304 (general/login.php in phpCollab 2.5 rc3 and earlier allows remote attac ...)
 	NOT-FOR-US: phpCollab
-CVE-2008-4303
+CVE-2008-4303 (Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and  ...)
 	NOT-FOR-US: phpCollab
-CVE-2008-4302
+CVE-2008-4302 (fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22. ...)
 	{DSA-1653-1}
 	- linux-2.6 2.6.22-4 (low)
 	- linux-2.6.24 <not-affected> (Vulnerable code not present)
 CVE-2008-4301
 	NOT-FOR-US: Microsoft
-CVE-2008-4300
+CVE-2008-4300 (A certain ActiveX control in adsiis.dll in Microsoft Internet Informat ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-4299
+CVE-2008-4299 (A certain ActiveX control in the Microsoft Internet Authentication Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-4297
+CVE-2008-4297 (Mercurial before 1.0.2 does not enforce the allowpull permission setti ...)
 	- mercurial 1.0.1-5.1 (low; bug #500781)
 	NOTE: the package doesnt install this script by default but ships it with the examples
 	[etch] - mercurial <no-dsa> (Only shipped in examples)
-CVE-2008-4296
+CVE-2008-4296 (The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its def ...)
 	NOT-FOR-US: Cisco Linksys WRT350N
-CVE-2008-4295
+CVE-2008-4295 (Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-4294
+CVE-2008-4294 (IBM Tivoli Netcool/Webtop 2.1 before 2.1.0.5 preserves cached user pri ...)
 	NOT-FOR-US: IBM Tivoli Netcool/Webtop
-CVE-2008-4293
+CVE-2008-4293 (Unspecified vulnerability in Opera before 9.52 on Windows, when regist ...)
 	NOT-FOR-US: Opera
-CVE-2008-4292
+CVE-2008-4292 (Opera before 9.52 does not check the CRL override upon encountering a  ...)
 	NOT-FOR-US: Opera
 CVE-2008-4291
 	RESERVED
@@ -6962,21 +6962,21 @@ CVE-2008-4287
 	RESERVED
 CVE-2008-4286
 	RESERVED
-CVE-2008-4285
+CVE-2008-4285 (Unspecified vulnerability in the Performance Monitoring Infrastructure ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-4284
+CVE-2008-4284 (Open redirect vulnerability in the ibm_security_logout servlet in IBM  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-4283
+CVE-2008-4283 (CRLF injection vulnerability in the WebContainer component in IBM WebS ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2008-4282
 	RESERVED
-CVE-2008-4281
+CVE-2008-4281 (Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-20 ...)
 	NOT-FOR-US: VMWare ESXi
 CVE-2008-4280
 	RESERVED
-CVE-2008-4279
+CVE-2008-4279 (The CPU hardware emulation for 64-bit guest operating systems in VMwar ...)
 	NOT-FOR-US: VMware Workstation
-CVE-2008-4278
+CVE-2008-4278 (VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displ ...)
 	NOT-FOR-US: VMWare VirtualCenter
 CVE-2008-4277
 	REJECTED
@@ -6994,62 +6994,62 @@ CVE-2008-4271
 	REJECTED
 CVE-2008-4270
 	REJECTED
-CVE-2008-4269
+CVE-2008-4269 (The search-ms protocol handler in Windows Explorer in Microsoft Window ...)
 	NOT-FOR-US: Microsoft Windows Explorer
-CVE-2008-4268
+CVE-2008-4268 (The Windows Search component in Microsoft Windows Vista Gold and SP1 a ...)
 	NOT-FOR-US: Microsoft Office Excel
 CVE-2008-4267
 	REJECTED
-CVE-2008-4266
+CVE-2008-4266 (Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 SP3 ...)
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2008-4265
+CVE-2008-4265 (Microsoft Office Excel 2000 SP3 allows remote attackers to execute arb ...)
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2008-4264
+CVE-2008-4264 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
 	NOT-FOR-US: Microsoft Office Excel
 CVE-2008-4263
 	REJECTED
 CVE-2008-4262
 	REJECTED
-CVE-2008-4261
+CVE-2008-4261 (Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-4260
+CVE-2008-4260 (Microsoft Internet Explorer 7 sometimes attempts to access a deleted o ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-4259
+CVE-2008-4259 (Microsoft Internet Explorer 7 sometimes attempts to access uninitializ ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-4258
+CVE-2008-4258 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly valid ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-4257
 	REJECTED
-CVE-2008-4256
+CVE-2008-4256 (The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studi ...)
 	NOT-FOR-US: Microsoft Visual Basic
-CVE-2008-4255
+CVE-2008-4255 (Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX ...)
 	NOT-FOR-US: Microsoft Visual Basic
-CVE-2008-4254
+CVE-2008-4254 (Multiple integer overflows in the Hierarchical FlexGrid ActiveX contro ...)
 	NOT-FOR-US: Microsoft Visual Basic
-CVE-2008-4253
+CVE-2008-4253 (The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual Fox ...)
 	NOT-FOR-US: Microsoft Visual Basic
-CVE-2008-4252
+CVE-2008-4252 (The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual  ...)
 	NOT-FOR-US: Microsoft Visual Basic
 CVE-2008-4251
 	REJECTED
-CVE-2008-4250
+CVE-2008-4250 (The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Serv ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-4249
 	REJECTED
 CVE-2008-4248
 	REJECTED
-CVE-2008-4246
+CVE-2008-4246 (Unspecified vulnerability in Denora IRC Stats Server before 1.4.1 allo ...)
 	NOT-FOR-US: Denora IRC Stats Server
-CVE-2008-4245
+CVE-2008-4245 (The Admin Control Panel in Rianxosencabos CMS 0.9 does not require adm ...)
 	NOT-FOR-US: Rianxosencabos CMS
-CVE-2008-4244
+CVE-2008-4244 (Rianxosencabos CMS 0.9 allows remote attackers to bypass authenticatio ...)
 	NOT-FOR-US: Rianxosencabos CMS
-CVE-2008-4243
+CVE-2008-4243 (Directory traversal vulnerability in ImageServer (aka UTImageServer) i ...)
 	NOT-FOR-US: Epic Games Unreal Tournament
-CVE-2008-4242
+CVE-2008-4242 (ProFTPD 1.3.1 interprets long commands from an FTP client as multiple  ...)
 	{DSA-1689-1}
 	- proftpd-dfsg 1.3.1-15 (low; bug #502674)
-CVE-2008-4241
+CVE-2008-4241 (SQL injection vulnerability in CJ Ultra Plus 1.0.4 and earlier allows  ...)
 	NOT-FOR-US: CJ Ultra Plus
 CVE-2008-4240
 	RESERVED
@@ -7057,65 +7057,65 @@ CVE-2008-4239
 	RESERVED
 CVE-2008-4238
 	RESERVED
-CVE-2008-4237
+CVE-2008-4237 (Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies ...)
 	NOT-FOR-US: Managed Client Mac OS X
-CVE-2008-4236
+CVE-2008-4236 (Apple Type Services (ATS) in Apple Mac OS X 10.5 before 10.5.6 allows  ...)
 	NOT-FOR-US: Apple Type Services
 CVE-2008-4235
 	RESERVED
-CVE-2008-4234
+CVE-2008-4234 (Incomplete blacklist vulnerability in the Quarantine feature in CoreTy ...)
 	NOT-FOR-US: CoreTypes Apple Mac OS X
-CVE-2008-4233
+CVE-2008-4233 (Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch ...)
 	NOT-FOR-US: Apple
-CVE-2008-4232
+CVE-2008-4232 (Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch ...)
 	NOT-FOR-US: Safari
-CVE-2008-4231
+CVE-2008-4231 (Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch ...)
 	NOT-FOR-US: Apple
-CVE-2008-4230
+CVE-2008-4230 (The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhon ...)
 	NOT-FOR-US: Apple
-CVE-2008-4229
+CVE-2008-4229 (Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 thr ...)
 	NOT-FOR-US: Apple
-CVE-2008-4228
+CVE-2008-4228 (The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhon ...)
 	NOT-FOR-US: Apple
-CVE-2008-4227
+CVE-2008-4227 (Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 throu ...)
 	NOT-FOR-US: Apple
-CVE-2008-4226
+CVE-2008-4226 (Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 al ...)
 	{DSA-1666-1}
 	- libxml2 2.6.32.dfsg-5
 	- chromium-browser 5.0.375.29~r46008-1
-CVE-2008-4225
+CVE-2008-4225 (Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allo ...)
 	{DSA-1666-1}
 	- libxml2 2.6.32.dfsg-5
 	- chromium-browser 5.0.375.29~r46008-1
-CVE-2008-4224
+CVE-2008-4224 (UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to  ...)
 	NOT-FOR-US: UDF Mac OS X
-CVE-2008-4223
+CVE-2008-4223 (Podcast Producer in Apple Mac OS X 10.5 before 10.5.6 allows remote at ...)
 	NOT-FOR-US: Podcast Producer Mac OS X
-CVE-2008-4222
+CVE-2008-4222 (natd in network_cmds in Apple Mac OS X before 10.5.6, when Internet Sh ...)
 	NOT-FOR-US: natd Mac OS X
-CVE-2008-4221
+CVE-2008-4221 (The strptime API in Libsystem in Apple Mac OS X before 10.5.6 allows c ...)
 	NOT-FOR-US: Libsystem Mac OS X
-CVE-2008-4220
+CVE-2008-4220 (Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS ...)
 	NOT-FOR-US: Libsystem Mac OS X
-CVE-2008-4219
+CVE-2008-4219 (The kernel in Apple Mac OS X before 10.5.6 allows local users to cause ...)
 	NOT-FOR-US: kernel Mac OS X
-CVE-2008-4218
+CVE-2008-4218 (Multiple integer overflows in the kernel in Apple Mac OS X before 10.5 ...)
 	NOT-FOR-US: kernel Mac OS X
-CVE-2008-4217
+CVE-2008-4217 (Integer signedness error in BOM in Apple Mac OS X before 10.5.6 allows ...)
 	NOT-FOR-US: BOM Apple Mac OS X
-CVE-2008-4216
+CVE-2008-4216 (The plug-in interface in WebKit in Apple Safari before 3.2 does not pr ...)
 	NOT-FOR-US: Safari
-CVE-2008-4215
+CVE-2008-4215 (Weblog in Mac OS X Server 10.4.11 does not properly check an error con ...)
 	NOT-FOR-US: Weblog Mac OS X
-CVE-2008-4214
+CVE-2008-4214 (Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10. ...)
 	NOT-FOR-US: Script Editor in Mac OS X
 CVE-2008-4213
 	RESERVED
-CVE-2008-4212
+CVE-2008-4212 (Unspecified vulnerability in rlogind in the rlogin component in Mac OS ...)
 	NOT-FOR-US: MacOS-only issue
-CVE-2008-4211
+CVE-2008-4211 (Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and ...)
 	NOT-FOR-US: QuickLook Mac OS X
-CVE-2008-4210
+CVE-2008-4210 (fs/open.c in the Linux kernel before 2.6.22 does not properly strip se ...)
 	{DSA-1653-1}
 	- linux-2.6 2.6.22-1
 	- linux-2.6.24 <not-affected> (Vulnerable code not prsent)
@@ -7123,59 +7123,59 @@ CVE-2008-4210
 	NOTE: directory that is setgid to the group he wants to get privileges for
 CVE-2008-4209
 	RESERVED
-CVE-2008-4208
+CVE-2008-4208 (Unspecified vulnerability in OSADS Alliance Database before 2.1 has un ...)
 	NOT-FOR-US: OSADS Alliance Database
-CVE-2008-4207
+CVE-2008-4207 (Attachmax Dolphin 2.1.0 and earlier does not properly protect info.php ...)
 	NOT-FOR-US: Attachmax Dolphin
-CVE-2008-4206
+CVE-2008-4206 (PHP remote file inclusion vulnerability in config.php in Attachmax Dol ...)
 	NOT-FOR-US: Attachmax Dolphin
-CVE-2008-4205
+CVE-2008-4205 (SQL injection vulnerability in search.php Attachmax Dolphin 2.1.0 and  ...)
 	NOT-FOR-US: Attachmax Dolphin
-CVE-2008-4204
+CVE-2008-4204 (SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation  ...)
 	NOT-FOR-US: SoftAcid Hotel Reservation System
-CVE-2008-4203
+CVE-2008-4203 (SQL injection vulnerability in cn_users.php in CzarNews 1.20 and earli ...)
 	NOT-FOR-US: CzarNews
-CVE-2008-4202
+CVE-2008-4202 (SQL injection vulnerability in index.php in Gonafish LinksCaffePRO 4.5 ...)
 	NOT-FOR-US: Gonafish LinksCaffePRO
-CVE-2008-4200
+CVE-2008-4200 (Opera before 9.52 does not ensure that the address field of a news fee ...)
 	NOT-FOR-US: Opera
-CVE-2008-4199
+CVE-2008-4199 (Opera before 9.52 does not prevent use of links from web pages to feed ...)
 	NOT-FOR-US: Opera
-CVE-2008-4198
+CVE-2008-4198 (Opera before 9.52, when rendering an http page that has loaded an http ...)
 	NOT-FOR-US: Opera
-CVE-2008-4197
+CVE-2008-4197 (Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when proces ...)
 	NOT-FOR-US: Opera
-CVE-2008-4196
+CVE-2008-4196 (Cross-site scripting (XSS) vulnerability in Opera before 9.52 allows r ...)
 	NOT-FOR-US: Opera
-CVE-2008-4195
+CVE-2008-4195 (Opera before 9.52 does not properly restrict the ability of a framed w ...)
 	NOT-FOR-US: Opera
-CVE-2008-4194
+CVE-2008-4194 (The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par ...)
 	- pdnsd 1.2.6-par-10 (bug #500910)
-CVE-2008-4193
+CVE-2008-4193 (Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologi ...)
 	NOT-FOR-US: Alt-N Technologies SecurityGateway
-CVE-2008-4192
+CVE-2008-4192 (The pserver_shutdown function in fence_egenera in cman 2.20080629 and  ...)
 	- redhat-cluster 2.20081102-1 (bug #496410; low)
 	[lenny] - redhat-cluster 2.20080801-4+lenny1
-CVE-2008-4191
+CVE-2008-4191 (extract-table.pl in Emacspeak 26 and 28 allows local users to overwrit ...)
 	- emacspeak 28.0-2 (bug #496431; low)
 	[lenny] - emacspeak 26.0-3+lenny1
 	[etch] - emacspeak <no-dsa> (Minor issue)
-CVE-2008-4190
+CVE-2008-4190 (The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x thro ...)
 	{DSA-1760-1}
 	- openswan 1:2.4.12+dfsg-1.3 (bug #496374; low)
 	[etch] - openswan <no-dsa> (Vulnerable code only in example script)
 CVE-2008-XXXX [jumpnbump: insecure temp file]
 	- jumpnbump 1.50+dfsg1-1 (low; bug #500611)
 	[etch] - jumpnbump 1.50-6+etch1
-CVE-2008-4959
+CVE-2008-4959 (geo-code in gpsdrive-scripts 2.10~pre4 allows local users to overwrite ...)
 	- gpsdrive 2.10~pre4-6.dfsg-1 (low; bug #496436)
 	[etch] - gpsdrive <no-dsa> (Minor issue)
-CVE-2008-4949
+CVE-2008-4949 (dist 3.5 allows local users to overwrite arbitrary files via a symlink ...)
 	- dist 1:3.5-17-2 (low; bug #496412)
 	[etch] - dist 3.70-31etch1
-CVE-2008-4970
+CVE-2008-4970 (runiozone in lustre 1.6.5 allows local users to overwrite arbitrary fi ...)
 	- lustre 1.6.5.1-1 (low; bug #496371)
-CVE-2008-4247
+CVE-2008-4247 (ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly ot ...)
 	- linux-ftpd-ssl 0.17.27+0.3-3 (bug #500518)
 	[etch] - linux-ftpd-ssl 0.17.18+0.3-6etch1
 	- linux-ftpd 0.17-29 (bug #500278)
@@ -7183,7 +7183,7 @@ CVE-2008-4247
 CVE-2008-XXXX [possible script injection via /etc/wordpress/wp-config.php]
 	- wordpress 2.8.4-1 (bug #500295; unimportant)
 	NOTE: bigger problems, if attacker has access to /etc/wordpress/*
-CVE-2008-4298
+CVE-2008-4298 (Memory leak in the http_request_parse function in request.c in lighttp ...)
 	{DSA-1645-1}
 	- lighttpd 1.4.19-5 (medium)
 	NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt
@@ -7196,140 +7196,140 @@ CVE-2008-XXXX [unsafe usage of temp file]
 	NOTE: Only exploitable when upgrading from an ancient version, package also not in Etch
 CVE-2008-4189
 	REJECTED
-CVE-2008-4188
+CVE-2008-4188 (Unspecified vulnerability in the TYPO3 Secure Directory (kw_secdir) ex ...)
 	NOT-FOR-US: kw_secdir extension for TYPO3
-CVE-2008-4187
+CVE-2008-4187 (Directory traversal vulnerability in index.php in ProActive CMS allows ...)
 	NOT-FOR-US: ProActive CMS
-CVE-2008-4186
+CVE-2008-4186 (SQL injection vulnerability in index.php in webCMS Portal Edition allo ...)
 	NOT-FOR-US: webCMS Portal Edition
-CVE-2008-4185
+CVE-2008-4185 (SQL injection vulnerability in index.php in webCMS Portal Edition allo ...)
 	NOT-FOR-US: webCMS Portal Edition
-CVE-2008-4184
+CVE-2008-4184 (Cross-site scripting (XSS) vulnerability in index.php in webCMS Portal ...)
 	NOT-FOR-US: webCMS Portal Edition
-CVE-2008-4183
+CVE-2008-4183 (IntegraMOD 1.4.x stores sensitive information under the web root with  ...)
 	NOT-FOR-US: IntegraMOD
-CVE-2008-4182
+CVE-2008-4182 (Cross-site scripting (XSS) vulnerability in imp/test.php in Horde Turb ...)
 	{DSA-1770-1}
 	- turba2 2.2.1-2 (bug #500114; low)
 	[etch] - turba2 <no-dsa> (Minor issue)
 	- imp4 4.2-3 (bug #500553; low)
-CVE-2008-4181
+CVE-2008-4181 (Directory traversal vulnerability in includes/xml.php in the Netenberg ...)
 	NOT-FOR-US: Netenberg Fantastico De Luxe module for cPanel
-CVE-2008-4180
+CVE-2008-4180 (Unspecified vulnerability in db.php in NooMS 1.1 allows remote attacke ...)
 	NOT-FOR-US: NooMS
-CVE-2008-4179
+CVE-2008-4179 (Multiple cross-site scripting (XSS) vulnerabilities in NooMS 1.1 allow ...)
 	NOT-FOR-US: NooMS
-CVE-2008-4178
+CVE-2008-4178 (SQL injection vulnerability in tr.php in DownlineGoldmine Special Cate ...)
 	NOT-FOR-US: DownlineGoldmine, etc.
-CVE-2008-4177
+CVE-2008-4177 (SQL injection vulnerability in search.php in Pre Real Estate Listings  ...)
 	NOT-FOR-US: Pre Real Estate Listings
-CVE-2008-4176
+CVE-2008-4176 (SQL injection vulnerability in izle.asp in FoT Video scripti 1.1 beta  ...)
 	NOT-FOR-US: FoT Video scripti
-CVE-2008-4175
+CVE-2008-4175 (Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow re ...)
 	NOT-FOR-US: Link Bid Script
-CVE-2008-4174
+CVE-2008-4174 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Dy ...)
 	NOT-FOR-US: Dynamic MP3 Lister
-CVE-2008-4173
+CVE-2008-4173 (SQL injection vulnerability in ProArcadeScript 1.3 allows remote attac ...)
 	NOT-FOR-US: ProArcadeScript
-CVE-2008-4172
+CVE-2008-4172 (SQL injection vulnerability in page.php in Cars &amp; Vehicle (aka Car ...)
 	NOT-FOR-US: Cars & Vehicle
-CVE-2008-4171
+CVE-2008-4171 (SQL injection vulnerability in xmlout.php in Invision Power Board (IP. ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2008-4170
+CVE-2008-4170 (create_account.php in osCommerce 2.2 RC 2a allows remote attackers to  ...)
 	NOT-FOR-US: osCommerce
-CVE-2008-4169
+CVE-2008-4169 (SQL injection vulnerability in detaillist.php in iScripts EasyIndex, p ...)
 	NOT-FOR-US: iScripts EasyIndex
-CVE-2008-4168
+CVE-2008-4168 (Cross-site scripting (XSS) vulnerability in verify_login.jsp in Pro2co ...)
 	NOT-FOR-US: Pro2col Stingray FTS
-CVE-2008-4167
+CVE-2008-4167 (useradmin.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 does not  ...)
 	NOT-FOR-US: Easy Photo Gallery
-CVE-2008-4166
+CVE-2008-4166 (Integer overflow in the JavaScript engine in Avant Browser 11.7 Build  ...)
 	NOT-FOR-US: Avant Browser
-CVE-2008-4165
+CVE-2008-4165 (admin/user/create_user.php in Kolab Groupware Server 1.0.0 places a us ...)
 	NOT-FOR-US: Kolab Groupware Server 1.0.0
 	NOTE: Debian has kolabd and kolab-webadmin, but neither has the file create_user.php.
 	NOTE: But we have only 0.4 (in etch) and 2.1 (in lenny+sid), maybe 1.0 is different.
-CVE-2008-4164
+CVE-2008-4164 (cron.php in MemHT Portal 3.9.0 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: MemHT Portal
-CVE-2008-4163
+CVE-2008-4163 (Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9. ...)
 	- bind9 <not-affected> (windows specific issue)
-CVE-2008-4162
+CVE-2008-4162 (Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remo ...)
 	NOT-FOR-US: NooMS
-CVE-2008-4161
+CVE-2008-4161 (SQL injection vulnerability in search_inv.php in Assetman 2.5b allows  ...)
 	NOT-FOR-US: Assetman
-CVE-2008-4160
+CVE-2008-4160 (Unspecified vulnerability in the UFS module in Sun Solaris 8 through 1 ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-4159
+CVE-2008-4159 (SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS l ...)
 	NOT-FOR-US: Jaw Portal and Zanfi CMS
-CVE-2008-4158
+CVE-2008-4158 (Multiple directory traversal vulnerabilities in index.php in Zanfi CMS ...)
 	NOT-FOR-US: Zanfi CMS
-CVE-2008-4157
+CVE-2008-4157 (SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1  ...)
 	NOT-FOR-US: Vastal I-Tech phpVID
-CVE-2008-4156
+CVE-2008-4156 (SQL injection vulnerability in print.php in CustomCms (CCMS) Gaming Po ...)
 	NOT-FOR-US: CustomCms (CCMS) Gaming Portal
-CVE-2008-4155
+CVE-2008-4155 (Multiple directory traversal vulnerabilities in EasySite 2.3 allow rem ...)
 	NOT-FOR-US: EasySite
-CVE-2008-4154
+CVE-2008-4154 (SQL injection vulnerability in living-e webEdition CMS allows remote a ...)
 	NOT-FOR-US: living-e webEdition CMS
-CVE-2008-4153
+CVE-2008-4153 (The Talk module 5.x before 5.x-1.3 and 6.x before 6.x-1.5, a module fo ...)
 	NOT-FOR-US: Talk module for Drupal
-CVE-2008-4152
+CVE-2008-4152 (Cross-site scripting (XSS) vulnerability in the Talk module 5.x before ...)
 	NOT-FOR-US: Talk module for Drupal
-CVE-2008-4151
+CVE-2008-4151 (Directory traversal vulnerability in collect.php in CYASK 3.x allows r ...)
 	NOT-FOR-US: CYASK
-CVE-2008-4150
+CVE-2008-4150 (SQL injection vulnerability in picture_category.php in Diesel Joke Sit ...)
 	NOT-FOR-US: Diesel Joke Site
-CVE-2008-4149
+CVE-2008-4149 (Cross-site scripting (XSS) vulnerability in the Greg Holsclaw Link to  ...)
 	NOT-FOR-US: Greg Holsclaw Link to Us module for Drupal
-CVE-2008-4148
+CVE-2008-4148 (SQL injection vulnerability in the Mailhandler module 5.x before 5.x-1 ...)
 	NOT-FOR-US: Mailhandler module for Drupal
-CVE-2008-4147
+CVE-2008-4147 (Cross-site scripting (XSS) vulnerability in the Mailsave module 5.x be ...)
 	NOT-FOR-US: Mailsave module for Drupal
-CVE-2008-4146
+CVE-2008-4146 (Addalink 1.0 beta 4 and earlier allows remote attackers to (1) approve ...)
 	NOT-FOR-US: Addalink
-CVE-2008-4145
+CVE-2008-4145 (SQL injection vulnerability in user_read_links.php in Addalink 1.0 bet ...)
 	NOT-FOR-US: Addalink
-CVE-2008-4144
+CVE-2008-4144 (SQL injection vulnerability in index.php in ACG-ScriptShop E-Gold Scri ...)
 	NOT-FOR-US: ACG-ScriptShop E-Gold Script Shop
-CVE-2008-4143
+CVE-2008-4143 (SQL injection vulnerability in category_search.php in RazorCommerce Sh ...)
 	NOT-FOR-US: RazorCommerce Shopping Cart
-CVE-2008-4142
+CVE-2008-4142 (SQL injection vulnerability in article.php in E-Php CMS allows remote  ...)
 	NOT-FOR-US: E-Php CMS
-CVE-2008-4141
+CVE-2008-4141 (Multiple PHP remote file inclusion vulnerabilities in x10Media x10 Aut ...)
 	NOT-FOR-US: x10Media x10 Automatic MP3 Script
-CVE-2008-4140
+CVE-2008-4140 (Cross-site scripting (XSS) vulnerability in admin.php in Quick.Cart 3. ...)
 	NOT-FOR-US: Quick.Cart
-CVE-2008-4139
+CVE-2008-4139 (Cross-site scripting (XSS) vulnerability in admin.php in OpenSolution  ...)
 	NOT-FOR-US: OpenSolution Quick.Cms.Lite
-CVE-2008-4138
+CVE-2008-4138 (PHP remote file inclusion vulnerability in skin_shop/standard/3_plugin ...)
 	NOT-FOR-US: Technote
-CVE-2008-4137
+CVE-2008-4137 (PHP remote file inclusion vulnerability in footer.php in PHP-Crawler 0 ...)
 	NOT-FOR-US: PHP-Crawler
-CVE-2008-4136
+CVE-2008-4136 (Michael Roth Software Personal FTP Server (PFT) 6.0f allows remote att ...)
 	NOT-FOR-US: Michael Roth Software Personal FTP Server (PFT)
-CVE-2008-4135
+CVE-2008-4135 (Symbian OS S60 3rd edition on the Nokia E90 Communicator 07.40.1.2 Ra- ...)
 	NOT-FOR-US: Symbian
-CVE-2008-4134
+CVE-2008-4134 (PHP remote file inclusion vulnerability in manager/static/view.php in  ...)
 	NOT-FOR-US: phpRealty
-CVE-2008-4133
+CVE-2008-4133 (The web proxy service on the D-Link DIR-100 with firmware 1.12 and ear ...)
 	NOT-FOR-US: D-Link
-CVE-2008-4132
+CVE-2008-4132 (Stack-based buffer overflow in the VSFlexGrid.VSFlexGridL ActiveX cont ...)
 	NOT-FOR-US: SFlexGrid.VSFlexGridL ActiveX
-CVE-2008-4131
+CVE-2008-4131 (Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-4130
+CVE-2008-4130 (Cross-site scripting (XSS) vulnerability in Gallery 2.x before 2.2.6 a ...)
 	- gallery2 2.2.6-1
-CVE-2008-4129
+CVE-2008-4129 (Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle Z ...)
 	- gallery 1.5.9-1 (medium)
 	- gallery2 2.2.6-1 (medium)
-CVE-2008-4128
+CVE-2008-4128 (Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP ...)
 	NOT-FOR-US: Cisco
-CVE-2008-4127
+CVE-2008-4127 (Mshtml.dll in Microsoft Internet Explorer 7 Gold 7.0.5730 and 8 Beta 8 ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-4126
+CVE-2008-4126 (PyDNS (aka python-dns) before 2.3.1-5 in Debian GNU/Linux does not use ...)
 	{DSA-1619-1}
 	- python-dns 2.3.1-5 (bug #490217)
-CVE-2008-4125
+CVE-2008-4125 (The search function in phpBB 2.x provides a search_id value that leaks ...)
 	- phpbb2 2.0.23+repack-3 (low; bug #500086)
 	[etch] - phpbb2 <no-dsa> (Minor issue)
 	- phpbb3 <not-affected> (vulnerable code not present)
@@ -7339,1008 +7339,1008 @@ CVE-2008-4124
 	RESERVED
 CVE-2008-4123
 	RESERVED
-CVE-2008-4122
+CVE-2008-4122 (Joomla! 1.5.8 does not set the secure flag for the session cookie in a ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-4121
+CVE-2008-4121 (Multiple cross-site scripting (XSS) vulnerabilities in cpCommerce befo ...)
 	NOT-FOR-US: cpCommerce
-CVE-2008-4120
+CVE-2008-4120 (Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.804 ...)
 	NOT-FOR-US: FlatPress
-CVE-2008-4119
+CVE-2008-4119 (Multiple cross-site scripting (XSS) vulnerabilities in CA Service Desk ...)
 	NOT-FOR-US: CA Service Desk
-CVE-2008-4118
+CVE-2008-4118 (Cross-site scripting (XSS) vulnerability in High Norm Sound Master 2nd ...)
 	NOT-FOR-US: High Norm Sound Master
-CVE-2008-4117
+CVE-2008-4117 (Unspecified vulnerability in a web page in the PRM module in Sun Manag ...)
 	NOT-FOR-US: Sun Management Center (SunMC)
-CVE-2008-4116
+CVE-2008-4116 (Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote  ...)
 	NOT-FOR-US: Apple
-CVE-2008-4201
+CVE-2008-4201 (Heap-based buffer overflow in the decodeMP4file function (frontend/mai ...)
 	- faad2 2.6.1-3.1 (bug #499899)
 	NOTE: http://bugs.gentoo.org/show_bug.cgi?id=238445
 	NOTE: http://www.audiocoding.com/
 	NOTE: http://www.audiocoding.com/patch/main_overflow.diff
-CVE-2008-4115
+CVE-2008-4115 (TalkBack 2.3.6 allows remote attackers to obtain configuration informa ...)
 	NOT-FOR-US: TalkBack
-CVE-2008-4114
+CVE-2008-4114 (srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 an ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-4113
+CVE-2008-4113 (The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the St ...)
 	{DSA-1655-1}
 	- linux-2.6 2.6.26-5
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6.24 2.6.24-6~etchnhalf.6
 CVE-2008-4112
 	REJECTED
-CVE-2008-4111
+CVE-2008-4111 (Unspecified vulnerability in Servlet Engine/Web Container in IBM WebSp ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-4110
+CVE-2008-4110 (Buffer overflow in the SQLVDIRLib.SQLVDirControl ActiveX control in To ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-4107
+CVE-2008-4107 (The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cry ...)
 	- php5 <removed> (unimportant; bug #500087)
 	NOTE: the rand() and mt_rand() functions were never said to be cryptographically strong
 	NOTE: http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html
-CVE-2008-4106
+CVE-2008-4106 (WordPress before 2.6.2 does not properly handle MySQL warnings about i ...)
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.5.1-8 (bug #500115)
-CVE-2008-4105
+CVE-2008-4105 (JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that  ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-4104
+CVE-2008-4104 (Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 all ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-4103
+CVE-2008-4103 (The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 send ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-4102
+CVE-2008-4102 (Joomla! 1.5 before 1.5.7 initializes PHP's PRNG with a weak seed, whic ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-4101
+CVE-2008-4101 (Vim 3.0 through 7.x before 7.2.010 does not properly escape characters ...)
 	{DSA-1733-1}
 	- vim 2:7.2.010-1 (low; bug #500381)
 	[lenny] - vim 1:7.1.314-3+lenny1
 	[squeeze] - vim 1:7.1.314-3+lenny1
-CVE-2008-4098
+CVE-2008-4098 (MySQL before 5.0.67 allows local users to bypass certain privilege che ...)
 	{DSA-1662-1}
 	- mysql-dfsg-5.0 5.0.67-1
 	[lenny] - mysql-dfsg-5.0 5.0.51a-18
 	[squeeze] - mysql-dfsg-5.0 5.0.51a-18
-CVE-2008-4097
+CVE-2008-4097 (MySQL 5.0.51a allows local users to bypass certain privilege checks by ...)
 	{DSA-1608-1}
 	- mysql-dfsg-5.0 5.0.51a-10
-CVE-2008-4095
+CVE-2008-4095 (Multiple unspecified vulnerabilities in the Importer in Flip4Mac WMV b ...)
 	NOT-FOR-US: Flip4Mac WMV
-CVE-2008-4094
+CVE-2008-4094 (Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 a ...)
 	- rails 2.1.0-1 (medium; bug #500791)
 	NOTE: in mysql this only allows information disclosure as multiline statements are
 	NOTE: not allowed by default
-CVE-2008-4093
+CVE-2008-4093 (SQL injection vulnerability in memberstats.php in YourOwnBux 3.1 and 3 ...)
 	NOT-FOR-US: YourOwnBux
-CVE-2008-4092
+CVE-2008-4092 (SQL injection vulnerability in printfeature.php in myPHPNuke (MPN) bef ...)
 	NOT-FOR-US: myPHPNuke
-CVE-2008-4091
+CVE-2008-4091 (SQL injection vulnerability in index.php in Web Directory Script 1.5.3 ...)
 	NOT-FOR-US: Web Directory Script
-CVE-2008-4090
+CVE-2008-4090 (SQL injection vulnerability in index.php in PHP Coupon Script 4.0 allo ...)
 	NOT-FOR-US: PHP Coupon Script
-CVE-2008-4089
+CVE-2008-4089 (Cross-site scripting (XSS) vulnerability in print.php in myPHPNuke (MP ...)
 	NOT-FOR-US: myPHPNuke
-CVE-2008-4088
+CVE-2008-4088 (SQL injection vulnerability in print.php in myPHPNuke (MPN) before 1.8 ...)
 	NOT-FOR-US: myPHPNuke
-CVE-2008-4087
+CVE-2008-4087 (Stack-based buffer overflow in Acoustica Beatcraft 1.02 Build 19 allow ...)
 	NOT-FOR-US: Acoustica Beatcraft
-CVE-2008-4086
+CVE-2008-4086 (SQL injection vulnerability in index.php in Reciprocal Links Manager 1 ...)
 	NOT-FOR-US: Reciprocal Links Manager
-CVE-2008-4085
+CVE-2008-4085 (plaiter in Plait before 1.6 allows local users to overwrite arbitrary  ...)
 	- plait 1.5.2-2 (low; bug #496381)
-CVE-2008-4084
+CVE-2008-4084 (SQL injection vulnerability in staticpages/easyclassifields/index.php  ...)
 	NOT-FOR-US: MyioSoft EasyClassifields
-CVE-2008-4083
+CVE-2008-4083 (Cross-site scripting (XSS) vulnerability in the Bookmarks plugin in Br ...)
 	NOT-FOR-US: Brim
-CVE-2008-4082
+CVE-2008-4082 (SQL injection vulnerability in the Tasks plugin in Brim 2.0.0, when ma ...)
 	NOT-FOR-US: Brim
-CVE-2008-4081
+CVE-2008-4081 (admin/login.php in Stash 1.0.3 allows remote attackers to bypass authe ...)
 	NOT-FOR-US: Stash
-CVE-2008-4080
+CVE-2008-4080 (SQL injection vulnerability in Stash 1.0.3, when magic_quotes_gpc is d ...)
 	NOT-FOR-US: Stash
-CVE-2008-4079
+CVE-2008-4079 (Cross-site scripting (XSS) vulnerability in Movable Type (MT) 4.x thro ...)
 	- movabletype-opensource 4.2~rc5-1 (low; bug #499252)
-CVE-2008-4078
+CVE-2008-4078 (SQL injection vulnerability in the AR/AP transaction report in (1) Led ...)
 	- sql-ledger <unfixed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2008-4077
+CVE-2008-4077 (The CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledg ...)
 	- sql-ledger <unfixed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2008-4076
+CVE-2008-4076 (Cross-site scripting (XSS) vulnerability in (1) Tor World Tor Board 1. ...)
 	NOT-FOR-US: Tor World Software
-CVE-2008-4075
+CVE-2008-4075 (Directory traversal vulnerability in index.php in D-iscussion Board 3. ...)
 	NOT-FOR-US: D-iscussion Board
-CVE-2008-4074
+CVE-2008-4074 (SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutO ...)
 	NOT-FOR-US: Zanfi Autodealers CMS
-CVE-2008-4073
+CVE-2008-4073 (SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutO ...)
 	NOT-FOR-US: Zanfi Autodealers CMS
-CVE-2008-4072
+CVE-2008-4072 (Multiple SQL injection vulnerabilities in index.php in phsBlog 0.2 all ...)
 	NOT-FOR-US: phsBlog
-CVE-2008-4071
+CVE-2008-4071 (A certain ActiveX control in Adobe Acrobat 9, when used with Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-4070
+CVE-2008-4070 (Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and  ...)
 	{DSA-1697-1 DSA-1696-1}
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
-CVE-2008-4069
+CVE-2008-4069 (The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey befor ...)
 	{DSA-1697-1 DSA-1669-1 DSA-1649-1}
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
 	- iceape 1.1.12-1
-CVE-2008-4068
+CVE-2008-4068 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 a ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4067
+CVE-2008-4067 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 a ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4066
+CVE-2008-4066 (Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows r ...)
 	{DSA-1669-1 DSA-1649-1}
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
 	- iceape 1.1.12-1
 	[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
 	- icedove 2.0.0.17-1
-CVE-2008-4065
+CVE-2008-4065 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird befo ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4064
+CVE-2008-4064 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0 ...)
 	{DSA-1669-1}
 	- xulrunner 1.9.0.3-1
 	- iceweasel 3.0.3-1
 	[etch] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2008-4063
+CVE-2008-4063 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0 ...)
 	{DSA-1669-1}
 	- xulrunner 1.9.0.3-1
 	- iceweasel 3.0.3-1
 	[etch] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2008-4062
+CVE-2008-4062 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.1 ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4061
+CVE-2008-4061 (Integer overflow in the MathML component in Mozilla Firefox before 2.0 ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4060
+CVE-2008-4060 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird befo ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4059
+CVE-2008-4059 (The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remo ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4058
+CVE-2008-4058 (The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x bef ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
-CVE-2008-4057
+CVE-2008-4057 (Unspecified vulnerability in Objective Development Sharity 3 before 3. ...)
 	NOT-FOR-US: Objective Development Sharity
-CVE-2008-4056
+CVE-2008-4056 (Cross-site scripting (XSS) vulnerability in admin/login.php in Matterd ...)
 	NOT-FOR-US: Matterdaddy Market
-CVE-2008-4055
+CVE-2008-4055 (SQL injection vulnerability in tops_top.php in Million Pixel Ad Script ...)
 	NOT-FOR-US: Million Pixel Ad Script
-CVE-2008-4054
+CVE-2008-4054 (SQL injection vulnerability in indir.php in Kolifa.net Download Script ...)
 	NOT-FOR-US: Kolifa.net Download Script
-CVE-2008-4053
+CVE-2008-4053 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in th ...)
 	NOT-FOR-US: Bluemoon PopnupBLOG
-CVE-2008-4052
+CVE-2008-4052 (Stack-based buffer overflow in SMGSHR.EXE in OpenVMS for Integrity Ser ...)
 	NOT-FOR-US: OpenVMS for Integrity Servers
-CVE-2008-4051
+CVE-2008-4051 (Cross-site scripting (XSS) vulnerability in surveyresults.asp in Smart ...)
 	NOT-FOR-US: Smart Survey
-CVE-2008-4050
+CVE-2008-4050 (A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Techn ...)
 	NOT-FOR-US: Friendly Technologies FriendlyPPPoE Client
-CVE-2008-4049
+CVE-2008-4049 (A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Techn ...)
 	NOT-FOR-US: Friendly Technologies FriendlyPPPoE Client
-CVE-2008-4048
+CVE-2008-4048 (Heap-based buffer overflow in a certain ActiveX control in fwRemoteCfg ...)
 	NOT-FOR-US: Friendly Technologies FriendlyPPPoE Client
-CVE-2008-4047
+CVE-2008-4047 (Unspecified vulnerability in Novell Forum (formerly SiteScape Forum) 7 ...)
 	NOT-FOR-US: Novell Forum
-CVE-2008-4046
+CVE-2008-4046 (SQL injection vulnerability in index.php in eliteCMS 1.0 allows remote ...)
 	NOT-FOR-US: eliteCMS
-CVE-2008-4045
+CVE-2008-4045 (Multiple cross-site scripting (XSS) vulnerabilities in @Mail 5.42 allo ...)
 	NOT-FOR-US: @Mail
-CVE-2008-4044
+CVE-2008-4044 (SQL injection vulnerability in article/readarticle.php in AJ Square aj ...)
 	NOT-FOR-US: AJ Square aj-hyip
-CVE-2008-4043
+CVE-2008-4043 (Multiple SQL injection vulnerabilities in AJ Square AJ HYIP Acme allow ...)
 	NOT-FOR-US: AJ Square aj-hyip
 CVE-2008-4042
 	REJECTED
-CVE-2008-4041
+CVE-2008-4041 (The IMAP server in Softalk Mail Server (formerly WorkgroupMail) 8.5.1. ...)
 	NOT-FOR-US: Softalk Mail Server
-CVE-2008-4040
+CVE-2008-4040 (Directory traversal vulnerability in the Kyocera Command Center in Kyo ...)
 	NOT-FOR-US: Kyocera FS-118MFP
-CVE-2008-4039
+CVE-2008-4039 (SQL injection vulnerability in index.php in Spice Classifieds allows r ...)
 	NOT-FOR-US: Spice Classifieds
-CVE-2008-4038
+CVE-2008-4038 (Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-4037
+CVE-2008-4037 (Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-4036
+CVE-2008-4036 (Integer overflow in Memory Manager in Microsoft Windows XP SP2 and SP3 ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-4035
 	REJECTED
 CVE-2008-4034
 	REJECTED
-CVE-2008-4033
+CVE-2008-4033 (Cross-domain vulnerability in Microsoft XML Core Services 3.0 through  ...)
 	NOT-FOR-US: Microsoft XML Core
-CVE-2008-4032
+CVE-2008-4032 (Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Sea ...)
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4031
+CVE-2008-4031 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and  ...)
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4030
+CVE-2008-4030 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and  ...)
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4029
+CVE-2008-4029 (Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, ...)
 	NOT-FOR-US: Microsoft XML Core
-CVE-2008-4028
+CVE-2008-4028 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and  ...)
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4027
+CVE-2008-4027 (Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, ...)
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4026
+CVE-2008-4026 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and  ...)
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4025
+CVE-2008-4025 (Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3 ...)
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4024
+CVE-2008-4024 (Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac al ...)
 	NOT-FOR-US: Microsoft Office Word
-CVE-2008-4023
+CVE-2008-4023 (Active Directory in Microsoft Windows 2000 SP4 does not properly alloc ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-4022
 	REJECTED
 CVE-2008-4021
 	REJECTED
-CVE-2008-4020
+CVE-2008-4020 (Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 al ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2008-4019
+CVE-2008-4019 (Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 200 ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2008-4109
+CVE-2008-4109 (A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before ...)
 	{DSA-1638-1 CVE-2006-5051}
 	- openssh 1:4.6p1-1 (low)
 	NOTE: The patch backported for CVE-2006-5051 was incorrect and did not
 	NOTE: fully address the issue. The upstream fix in 4.4p1 was
 	NOTE: right, and it the next unstable upload after that was 4.6p1.
-CVE-2008-4100
+CVE-2008-4100 (GNU adns 1.4 and earlier uses a fixed source port and sequential trans ...)
 	- adns 1.4-2 (unimportant; bug #492698)
 	NOTE: adns is not supported in untrusted contexts, fix documents this in README.Debian
-CVE-2008-4099
+CVE-2008-4099 (PyDNS (aka python-dns) before 2.3.1-4 in Debian GNU/Linux does not use ...)
 	{DSA-1619-1}
 	- python-dns 2.3.1-5 (low; bug #490217)
-CVE-2008-4096
+CVE-2008-4096 (libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 all ...)
 	{DSA-1641-1}
 	- phpmyadmin 4:2.11.8.1-2 (medium)
 CVE-2008-XXXX [unsafe use of tempfile in ssmclient]
 	- smsclient <unfixed> (unimportant; bug #498901)
 	NOTE: script is not in use and only a suggestion for users
-CVE-2008-4108
+CVE-2008-4108 (Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) i ...)
 	- python-defaults <unfixed> (unimportant; bug #498899)
 	NOTE: script is an example, which can be used by users
-CVE-2008-4018
+CVE-2008-4018 (swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-4017
+CVE-2008-4017 (Unspecified vulnerability in the OC4J component in Oracle Application  ...)
 	NOT-FOR-US: Oracle
-CVE-2008-4016
+CVE-2008-4016 (Unspecified vulnerability in the Collaborative Workspaces component in ...)
 	NOT-FOR-US: Oracle
-CVE-2008-4015
+CVE-2008-4015 (Unspecified vulnerability in the Oracle Streams component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2008-4014
+CVE-2008-4014 (Unspecified vulnerability in the Oracle BPEL Process Manager component ...)
 	NOT-FOR-US: Oracle
-CVE-2008-4013
+CVE-2008-4013 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-4012
+CVE-2008-4012 (Unspecified vulnerability in the WebLogic Workshop component in BEA Pr ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-4011
+CVE-2008-4011 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-4010
+CVE-2008-4010 (Unspecified vulnerability in the WebLogic Workshop component in BEA Pr ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-4009
+CVE-2008-4009 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-4008
+CVE-2008-4008 (Unspecified vulnerability in the WebLogic Server Plugins for Apache co ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-4007
+CVE-2008-4007 (Unspecified vulnerability in the PeopleSoft Enterprise Components comp ...)
 	NOT-FOR-US: Oracle
-CVE-2008-4006
+CVE-2008-4006 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2008-4005
+CVE-2008-4005 (Unspecified vulnerability in the Oracle Application Express component  ...)
 	NOT-FOR-US: Oracle
-CVE-2008-4004
+CVE-2008-4004 (Unspecified vulnerability in the JDE EnterpriseOne Business Service Se ...)
 	NOT-FOR-US: Oracle
-CVE-2008-4003
+CVE-2008-4003 (Unspecified vulnerability in the PeopleTools component in Oracle Peopl ...)
 	NOT-FOR-US: Oracle
-CVE-2008-4002
+CVE-2008-4002 (Unspecified vulnerability in the PeopleTools component in Oracle Peopl ...)
 	NOT-FOR-US: Oracle
-CVE-2008-4001
+CVE-2008-4001 (Unspecified vulnerability in the PeopleSoft Enterprise Portal componen ...)
 	NOT-FOR-US: Oracle
-CVE-2008-4000
+CVE-2008-4000 (Unspecified vulnerability in the PeopleTools component in Oracle Peopl ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3999
+CVE-2008-3999 (Unspecified vulnerability in the Oracle OLAP component in Oracle Datab ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3998
+CVE-2008-3998 (Unspecified vulnerability in the Oracle iStore component in Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3997
+CVE-2008-3997 (Unspecified vulnerability in the Oracle OLAP component in Oracle Datab ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3996
+CVE-2008-3996 (Unspecified vulnerability in the Change Data Capture component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3995
+CVE-2008-3995 (Unspecified vulnerability in the Change Data Capture component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3994
+CVE-2008-3994 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3993
+CVE-2008-3993 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3992
+CVE-2008-3992 (Unspecified vulnerability in the Oracle Data Mining component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3991
+CVE-2008-3991 (Unspecified vulnerability in the Oracle OLAP component in Oracle Datab ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3990
+CVE-2008-3990 (Unspecified vulnerability in the Oracle OLAP component in Oracle Datab ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3989
+CVE-2008-3989 (Unspecified vulnerability in the Oracle Data Mining component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3988
+CVE-2008-3988 (Unspecified vulnerability in the iSupplier Portal component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3987
+CVE-2008-3987 (Unspecified vulnerability in the Oracle Discoverer Desktop component i ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3986
+CVE-2008-3986 (Unspecified vulnerability in the Oracle Discoverer Administrator compo ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3985
+CVE-2008-3985 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3984
+CVE-2008-3984 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3983
+CVE-2008-3983 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3982
+CVE-2008-3982 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3981
+CVE-2008-3981 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3980
+CVE-2008-3980 (Unspecified vulnerability in the Upgrade component in Oracle Database  ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3979
+CVE-2008-3979 (Unspecified vulnerability in the Oracle Spatial component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3978
+CVE-2008-3978 (Unspecified vulnerability in the Oracle Spatial component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3977
+CVE-2008-3977 (Unspecified vulnerability in the Oracle Portal component in Oracle App ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3976
+CVE-2008-3976 (Unspecified vulnerability in the Oracle Spatial component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3975
+CVE-2008-3975 (Unspecified vulnerability in the Oracle Portal component in Oracle App ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3974
+CVE-2008-3974 (Unspecified vulnerability in the Oracle OLAP component in Oracle Datab ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3973
+CVE-2008-3973 (Unspecified vulnerability in the SQL*Plus Windows GUI component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3972
+CVE-2008-3972 (pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to ...)
 	{DSA-1627-2}
 	- opensc 0.11.4-5
-CVE-2008-3971
+CVE-2008-3971 (Heap-based buffer overflow in the open_man_file function in callbacks. ...)
 	- gmanedit 0.4.1-1.1 (low; bug #497835)
 	[etch] - gmanedit <no-dsa> (Minor issue)
-CVE-2008-3970
+CVE-2008-3970 (pam_mount 0.10 through 0.45, when luserconf is enabled, does not verif ...)
 	{DTSA-169-1}
 	- libpam-mount 0.48-1 (low; bug #499841)
-CVE-2008-3969
+CVE-2008-3969 (Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow rem ...)
 	- bitlbee 1.2.3-1 (bug #498159)
 	[etch] - bitlbee <not-affected> (1.0.x not affected)
-CVE-2008-3968
+CVE-2008-3968 (Cross-site scripting (XSS) vulnerability in userlist.php in PunBB befo ...)
 	NOT-FOR-US: PunBB
-CVE-2008-3967
+CVE-2008-3967 (moderation.php in MyBB (aka MyBulletinBoard) before 1.4.1 does not pro ...)
 	NOT-FOR-US: MyBB
-CVE-2008-3966
+CVE-2008-3966 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBul ...)
 	NOT-FOR-US: MyBB
-CVE-2008-3965
+CVE-2008-3965 (SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard)  ...)
 	NOT-FOR-US: MyBB
-CVE-2008-3961
+CVE-2008-3961 (Multiple unspecified vulnerabilities in Adobe Illustrator CS2 on Macin ...)
 	NOT-FOR-US: Adobe Illustrator
-CVE-2008-3960
+CVE-2008-3960 (Unspecified vulnerability in the JDBC Applet Server Service (aka db2jd ...)
 	NOT-FOR-US: IBM DB2 UDB
-CVE-2008-3959
+CVE-2008-3959 (IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before  ...)
 	NOT-FOR-US: IBM DB2 UDB
-CVE-2008-3958
+CVE-2008-3958 (IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: IBM DB2 UDB
-CVE-2008-3957
+CVE-2008-3957 (The Microsoft Windows Image Acquisition Logger ActiveX control allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-3956
+CVE-2008-3956 (orgchart.exe in Microsoft Organization Chart 2.00 allows user-assisted ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-3955
+CVE-2008-3955 (SQL injection vulnerability in index.php in Masir Camp E-Shop Module 3 ...)
 	NOT-FOR-US: Masir Camp E-Shop Module
-CVE-2008-3954
+CVE-2008-3954 (SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per P ...)
 	NOT-FOR-US: AlstraSoft Forum Pay Per Post Exchange
-CVE-2008-3953
+CVE-2008-3953 (SQL injection vulnerability in keyword_search_action.php in Vastal I-T ...)
 	NOT-FOR-US: Vastal I-Tech Shaadi Zone
-CVE-2008-3952
+CVE-2008-3952 (SQL injection vulnerability in questions.php in EsFaq 2.0 allows remot ...)
 	NOT-FOR-US: EsFaq
-CVE-2008-3951
+CVE-2008-3951 (SQL injection vulnerability in view_ann.php in Vastal I-Tech Agent Zon ...)
 	NOT-FOR-US: The Real Estate Script
-CVE-2008-3950
+CVE-2008-3950 (Off-by-one error in the _web_drawInRect:withFont:ellipsis:alignment:me ...)
 	- webkit <not-affected> (Vulnerable code not present)
 	NOTE: bug #500306
-CVE-2008-3949
+CVE-2008-3949 (emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python s ...)
 	- emacs22 22.2+2-4 (low; bug #499568)
 	- emacs21 <not-affected> (doesn't provide the python functionality)
 	- xemacs21 <not-affected> (doesn't provide the python functionality)
 	NOTE: This can happen with any Python script, just because Emacs autoloads one
 	NOTE: doesn't make it much worse
-CVE-2008-3948
+CVE-2008-3948 (SQL injection vulnerability in admin/users/self-2.php in XRMS allows r ...)
 	NOT-FOR-US: XRMS CRM
-CVE-2008-3947
+CVE-2008-3947 (DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain priv ...)
 	NOT-FOR-US: OpenVMS
-CVE-2008-3946
+CVE-2008-3946 (The finger client in HP TCP/IP Services for OpenVMS 5.x allows local u ...)
 	NOT-FOR-US: OpenVMS
-CVE-2008-3945
+CVE-2008-3945 (SQL injection vulnerability in index.php in Words tag 1.2 allows remot ...)
 	NOT-FOR-US: Words tag
-CVE-2008-3944
+CVE-2008-3944 (SQL injection vulnerability in index.php in ACG-PTP 1.0.6 allows remot ...)
 	NOT-FOR-US: ACG-PTP
-CVE-2008-3943
+CVE-2008-3943 (SQL injection vulnerability in listtest.php in eZoneScripts Living Loc ...)
 	NOT-FOR-US: eZoneScripts Living Local
-CVE-2008-3942
+CVE-2008-3942 (SQL injection vulnerability in landsee.php in Full PHP Emlak Script al ...)
 	NOT-FOR-US: Full PHP Emlak Script
-CVE-2008-3941
+CVE-2008-3941 (Cross-site scripting (XSS) vulnerability in BizDirectory 2.04 and earl ...)
 	NOT-FOR-US: BizDirectory
-CVE-2008-3940
+CVE-2008-3940 (Format string vulnerability in the finger client in HP TCP/IP Services ...)
 	NOT-FOR-US: OpenVMS
-CVE-2008-3939
+CVE-2008-3939 (Directory traversal vulnerability in the web interface in AVTECH PageR ...)
 	NOT-FOR-US: AVTECH PageR Enterprise
-CVE-2008-3938
+CVE-2008-3938 (Cross-site request forgery (CSRF) vulnerability in user_admin.php in O ...)
 	NOT-FOR-US: Open Media Collectors Database
-CVE-2008-3937
+CVE-2008-3937 (Multiple cross-site scripting (XSS) vulnerabilities in Open Media Coll ...)
 	NOT-FOR-US: Open Media Collectors Database
-CVE-2008-3936
+CVE-2008-3936 (The web interface in Dreambox DM500C allows remote attackers to cause  ...)
 	NOT-FOR-US: Dreambox DM500C
-CVE-2008-3935
+CVE-2008-3935 (Cross-site scripting (XSS) vulnerability in DIC shop_v50 3.0 and earli ...)
 	NOT-FOR-US: DIC shop_v50
-CVE-2008-3931
+CVE-2008-3931 (javareconf in R 2.7.2 allows local users to overwrite arbitrary files  ...)
 	- r-base-core-ra 1.1.1-2 (low; bug #496363)
 	- r-base 2.7.2-1 (low; bug #496418)
 	[etch] - r-base <no-dsa> (Minor issue)
 	[lenny] - r-base 2.7.1-1+lenny1
-CVE-2008-3930
+CVE-2008-3930 (migrate_aliases.sh in Citadel Server 7.37 allows local users to overwr ...)
 	- citadel 7.37-3 (low; bug #496359)
-CVE-2008-3929
+CVE-2008-3929 (gather-messages.sh in Ampache 3.4.1 allows local users to overwrite ar ...)
 	- ampache 3.4.1-2 (unimportant; bug #496369)
 	NOTE: Tracking as unimportant, since the script is only used
 	NOTE: when translating ampache to a new language
-CVE-2008-3928
+CVE-2008-3928 (test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary  ...)
 	- honeyd 1.5c-5 (unimportant; bug #496365)
 	NOTE: Script not used by package, only a manual test script
-CVE-2008-3927
+CVE-2008-3927 (genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arb ...)
 	- tiger 1:3.2.2-4 (unimportant; bug #496415)
 	NOTE: Tracking as unimportant, since the script is only used
 	NOTE: during build time
-CVE-2008-3926
+CVE-2008-3926 (Multiple directory traversal vulnerabilities in Content Management Mad ...)
 	NOT-FOR-US: Content Management Made Easy
-CVE-2008-3925
+CVE-2008-3925 (Cross-site request forgery (CSRF) vulnerability in admin.php in Conten ...)
 	NOT-FOR-US: Content Management Made Easy
-CVE-2008-3924
+CVE-2008-3924 (The "Make a backup" functionality in Content Management Made Easy (CMM ...)
 	NOT-FOR-US: Content Management Made Easy
-CVE-2008-3923
+CVE-2008-3923 (Multiple cross-site scripting (XSS) vulnerabilities in statistics.php  ...)
 	NOT-FOR-US: Content Management Made Easy
-CVE-2008-3922
+CVE-2008-3922 (awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote att ...)
 	NOT-FOR-US: AWStats Totals
-CVE-2008-3921
+CVE-2008-3921 (Multiple cross-site scripting (XSS) vulnerabilities in AWStats Totals  ...)
 	NOT-FOR-US: AWStats Totals
-CVE-2008-3919
+CVE-2008-3919 (Unspecified vulnerability in multiple JustSystems Ichitaro products al ...)
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2008-3918
+CVE-2008-3918 (SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows rem ...)
 	NOT-FOR-US: Ovidentia
-CVE-2008-3917
+CVE-2008-3917 (Cross-site scripting (XSS) vulnerability in index.php in Ovidentia 6.6 ...)
 	NOT-FOR-US: Ovidentia
-CVE-2008-3916
+CVE-2008-3916 (Heap-based buffer overflow in the strip_escapes function in signal.c i ...)
 	- ed 0.7-2 (low)
 	[etch] - ed <no-dsa> (Minor issue)
-CVE-2008-3915
+CVE-2008-3915 (Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv ...)
 	{DSA-1636-1}
 	- linux-2.6 2.6.26-5
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.19)
 	NOTE: 91b80969ba466ba4b915a4a1d03add8c297add3f
-CVE-2008-3911
+CVE-2008-3911 (The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2 ...)
 	- linux-2.6 2.6.26-5
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6.24 <not-affected> (Vulnerable code not present)
-CVE-2008-3906
+CVE-2008-3906 (CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows ...)
 	- mono 1.9.1+dfsg-4 (low; bug #498894)
-CVE-2008-3905
+CVE-2008-3905 (resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 be ...)
 	{DSA-1652-1 DSA-1651-1}
 	- ruby1.8 1.8.7.72-1 (bug #498978)
 	- ruby1.9 1.9.0.2-6 (bug #498977)
-CVE-2008-3903
+CVE-2008-3903 (Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and 1 ...)
 	{DSA-1952-1}
 	- asterisk 1:1.6.1.0~dfsg-1 (low; bug #522528)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
 	[lenny] - asterisk <no-dsa> (Minor issue)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2009-003.html
-CVE-2008-3902
+CVE-2008-3902 (HP firmware 68DTT F.0D stores pre-boot authentication passwords in the ...)
 	NOT-FOR-US: HP firmware 68DTT
-CVE-2008-3962
+CVE-2008-3962 (The from_format function in ssmtp.c in ssmtp 2.61 and 2.62, in certain ...)
 	- ssmtp 2.62-1.1 (low; bug #498366)
 	[etch] - ssmtp <no-dsa> (Minor issue, only affects rare corner cases)
-CVE-2008-3963
+CVE-2008-3963 (MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does  ...)
 	{DSA-1783-1}
 	- mysql-dfsg-5.0 5.0.51a-15 (low; bug #498362)
-CVE-2008-3964
+CVE-2008-3964 (Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 befo ...)
 	- libpng 1.2.27-2 (low; bug #501109)
 	[etch] - libpng <not-affected> (Vulnerable code not present)
 	NOTE: off-by-one error in pngpread.c is not present, must have
 	NOTE: been introduced later, but pngtest.c is affected. However, there
 	NOTE: is no known exploit.
-CVE-2008-3912
+CVE-2008-3912 (libclamav in ClamAV before 0.94 allows attackers to cause a denial of  ...)
 	{DSA-1660-1}
 	- clamav 0.94.dfsg-1
-CVE-2008-3913
+CVE-2008-3913 (Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 mig ...)
 	{DSA-1660-1}
 	- clamav 0.94.dfsg-1
-CVE-2008-3914
+CVE-2008-3914 (Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknow ...)
 	{DSA-1660-1}
 	- clamav 0.94.dfsg-1
-CVE-2008-3934
+CVE-2008-3934 (Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 thro ...)
 	{DTSA-167-1}
 	- wireshark 1.0.3-1 (bug #497878)
 	[etch] - wireshark <not-affected> (Only >= 0.99.6)
-CVE-2008-3933
+CVE-2008-3933 (Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers t ...)
 	{DSA-1673-1 DTSA-167-1}
 	- wireshark 1.0.3-1 (low; bug #497878)
-CVE-2008-3932
+CVE-2008-3932 (Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to  ...)
 	{DTSA-167-1}
 	- wireshark 1.0.3-1 (low; bug #497878)
-CVE-2008-3904
+CVE-2008-3904 (src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environmen ...)
 	- gpicview 0.1.9-2 (low; bug #498022)
-CVE-2008-3909
+CVE-2008-3909 (The administration application in Django 0.91, 0.95, and 0.96 stores u ...)
 	{DSA-1640-1}
 	- python-django 1.0-1
 	NOTE: http://www.djangoproject.com/weblog/2008/sep/02/security/
-CVE-2008-3910
+CVE-2008-3910 (dns2tcp before 0.4.1 does not properly handle negative values in a cer ...)
 	- dns2tcp 0.4.dfsg-2 (medium; bug #497730)
-CVE-2008-3901
+CVE-2008-3901 (Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, st ...)
 	- linux-patch-tuxonice <not-affected> (Fixed before initial upload)
-CVE-2008-3900
+CVE-2008-3900 (Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authen ...)
 	NOT-FOR-US: Intel firmware
-CVE-2008-3899
+CVE-2008-3899 (TrueCrypt 5.0 stores pre-boot authentication passwords in the BIOS Key ...)
 	NOT-FOR-US: TrueCrypt
-CVE-2008-3898
+CVE-2008-3898 (Secu Star DriveCrypt Plus Pack 3.9 stores pre-boot authentication pass ...)
 	NOT-FOR-US: Secu Star DriveCrypt
-CVE-2008-3897
+CVE-2008-3897 (DiskCryptor 0.2.6 on Windows stores pre-boot authentication passwords  ...)
 	NOT-FOR-US: DiskCryptor
-CVE-2008-3896
+CVE-2008-3896 (Grub Legacy 0.97 and earlier stores pre-boot authentication passwords  ...)
 	- grub <unfixed> (unimportant)
 	NOTE: you need to be root on linux to do this, root can easily edit menu.lst anyway
-CVE-2008-3895
+CVE-2008-3895 (LILO 22.6.1 and earlier stores pre-boot authentication passwords in th ...)
 	- lilo <unfixed> (unimportant)
 	NOTE: you need to be root on linux to do this, root can edit the configuration anyway
-CVE-2008-3894
+CVE-2008-3894 (IBM Lenovo firmware 7CETB5WW 2.05 stores pre-boot authentication passw ...)
 	NOT-FOR-US: IBM Lenovo firmware
-CVE-2008-3893
+CVE-2008-3893 (Microsoft Bitlocker in Windows Vista before SP1 stores pre-boot authen ...)
 	NOT-FOR-US: Bitlocker
-CVE-2008-3892
+CVE-2008-3892 (Buffer overflow in a certain ActiveX control in the COM API in VMware  ...)
 	NOT-FOR-US: VMware COM API
-CVE-2008-3891
+CVE-2008-3891 (The SAML Single Sign-On (SSO) Service for Google Apps allows remote se ...)
 	NOT-FOR-US: SAML Service for Google Apps
-CVE-2008-3890
+CVE-2008-3890 (The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an e ...)
 	- kfreebsd-6 6.3-7
 	- kfreebsd-7 7.0-5
-CVE-2008-3888
+CVE-2008-3888 (SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 a ...)
 	NOT-FOR-US: Mini-NUKE Freehost
-CVE-2008-3887
+CVE-2008-3887 (Multiple SQL injection vulnerabilities in index.php in dotProject 2.1. ...)
 	NOT-FOR-US: dotProject
-CVE-2008-3886
+CVE-2008-3886 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in do ...)
 	NOT-FOR-US: dotProject
-CVE-2008-3885
+CVE-2008-3885 (Cross-site request forgery (CSRF) vulnerability in Blogn (BURO GUN) 1. ...)
 	NOT-FOR-US: Blogn
-CVE-2008-3884
+CVE-2008-3884 (Cross-site scripting (XSS) vulnerability in Blogn (BURO GUN) 1.9.7 and ...)
 	NOT-FOR-US: Blogn
-CVE-2008-3883
+CVE-2008-3883 (configvar in Caudium 1.4.12 allows local users to overwrite arbitrary  ...)
 	- caudium 1.4.12-11.1 (low; bug #496404)
-CVE-2008-3882
+CVE-2008-3882 (Unspecified "Command Injection" vulnerability in ZoneMinder 1.23.3 and ...)
 	- zoneminder 1.24.1-1 (bug #497640)
-CVE-2008-3881
+CVE-2008-3881 (Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder 1.23 ...)
 	- zoneminder 1.24.1-1 (low; bug #497640)
-CVE-2008-3880
+CVE-2008-3880 (SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1. ...)
 	- zoneminder 1.24.1-1 (bug #497640)
-CVE-2008-3879
+CVE-2008-3879 (The Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 ...)
 	NOT-FOR-US: ActiveX control in OfficeCtrl.ocx
-CVE-2008-3878
+CVE-2008-3878 (Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control ...)
 	NOT-FOR-US: ActiveX control in OfficeCtrl.ocx
-CVE-2008-3877
+CVE-2008-3877 (Stack-based buffer overflow in Acoustica Mixcraft 4.1 Build 96 and 4.2 ...)
 	NOT-FOR-US: Acoustica Mixcraft
-CVE-2008-3876
+CVE-2008-3876 (Apple iPhone 2.0.2, in some configurations, allows physically proximat ...)
 	NOT-FOR-US: Apple iPhone
-CVE-2008-3875
+CVE-2008-3875 (The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 a ...)
 	NOT-FOR-US: Sun Solaris 8
-CVE-2008-3874
+CVE-2008-3874 (Cross-site scripting (XSS) vulnerability in account.php in Lussumo Van ...)
 	NOT-FOR-US: Lussumo Vanilla
-CVE-2008-3873
+CVE-2008-3873 (The System.setClipboard method in ActionScript in Adobe Flash Player 9 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-3872
+CVE-2008-3872 (Adobe Flash Player 8.0.39.0 and earlier, and 9.x up to 9.0.115.0, allo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-3871
+CVE-2008-3871 (Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and pos ...)
 	NOT-FOR-US: UltraISO
-CVE-2008-3870
+CVE-2008-3870 (Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attac ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-3869
+CVE-2008-3869 (Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows re ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-3868
+CVE-2008-3868 (Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 allo ...)
 	NOT-FOR-US: Interact
-CVE-2008-3867
+CVE-2008-3867 (SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1  ...)
 	NOT-FOR-US: Interact
-CVE-2008-3866
+CVE-2008-3866 (The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Mic ...)
 	NOT-FOR-US: Trend Micro Personal Firewall
-CVE-2008-3865
+CVE-2008-3865 (Multiple heap-based buffer overflows in the ApiThread function in the  ...)
 	NOT-FOR-US: Trend Micro Network Security Component
-CVE-2008-3864
+CVE-2008-3864 (The ApiThread function in the firewall service (aka TmPfw.exe) in Tren ...)
 	NOT-FOR-US: Trend Micro Network Security Component
-CVE-2008-3863
+CVE-2008-3863 (Stack-based buffer overflow in the read_special_escape function in src ...)
 	{DSA-1670-1}
 	- enscript 1.6.4-13 (bug #506261)
-CVE-2008-3862
+CVE-2008-3862 (Stack-based buffer overflow in CGI programs in the server in Trend Mic ...)
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2008-3861
+CVE-2008-3861 (Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and  ...)
 	NOT-FOR-US: phpMyRealty
-CVE-2008-3860
+CVE-2008-3860 (Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG ...)
 	NOT-FOR-US: IBM, Lotus Quickr 8.1
-CVE-2008-3859
+CVE-2008-3859 (Davlin Thickbox Gallery 2 allows remote attackers to obtain the admini ...)
 	NOT-FOR-US: Davlin Thickbox Gallery
-CVE-2008-3858
+CVE-2008-3858 (The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-3857
+CVE-2008-3857 (The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 re ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-3856
+CVE-2008-3856 (The routine infrastructure component in IBM DB2 8 before FP17, 9.1 bef ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-3855
+CVE-2008-3855 (Unspecified vulnerability in the DB2 Administration Server (DAS) in th ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-3854
+CVE-2008-3854 (Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 a ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-3853
+CVE-2008-3853 (Buffer overflow in the DAS server program in the Core DAS function com ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-3852
+CVE-2008-3852 (Unspecified vulnerability in the CLR stored procedure deployment from  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-3851
+CVE-2008-3851 (Multiple directory traversal vulnerabilities in Pluck CMS 4.5.2 on Win ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2008-3850
+CVE-2008-3850 (Cross-site scripting (XSS) vulnerability in Accellion File Transfer FT ...)
 	NOT-FOR-US: Accellion File Transfer
-CVE-2008-3849
+CVE-2008-3849 (Cross-site scripting (XSS) vulnerability in the calendar controller in ...)
 	NOT-FOR-US: Civic Website Manager
-CVE-2008-3848
+CVE-2008-3848 (SQL injection vulnerability in single.php in Z-Breaknews 2.0 allows re ...)
 	NOT-FOR-US: Z-Breaknews
-CVE-2008-3847
+CVE-2008-3847 (Multiple cross-site scripting (XSS) vulnerabilities in AN Guestbook (A ...)
 	NOT-FOR-US: AN Guestbook
-CVE-2008-3846
+CVE-2008-3846 (Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlie ...)
 	NOT-FOR-US: mysql-lists
-CVE-2008-3845
+CVE-2008-3845 (Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSL ...)
 	NOT-FOR-US: Crafty Syntax Live Help
 CVE-2008-XXXX [nfdump vulnerable to symlink attacks]
 	- nfdump 1.5.7-5 (bug #497452)
-CVE-2008-3889
+CVE-2008-3889 (Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-2008090 ...)
 	- postfix 2.5.5-1 (low)
 	[etch] - postfix <not-affected> (Vulnerable code not present)
 	NOTE: http://www.postfix.org/announcements/20080902.html
-CVE-2008-3908
+CVE-2008-3908 (Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow context- ...)
 	{DSA-1634-1 DTSA-163-1}
 	- wordnet 1:3.0-12 (medium; bug #497441)
 	[lenny] - wordnet 3.0-11+lenny1
 	[etch] - wordnet 1:2.1-4+etch1
 	NOTE: 1:3.0-12 had a regression and the patch was slightly updated
 	NOTE: by 1:3.0-13 to fix this bug
-CVE-2008-3907
+CVE-2008-3907 (The open-in-browser command in newsbeuter before 1.1 allows remote att ...)
 	{DTSA-164-1 DTSA-164-2}
 	[lenny] - newsbeuter 0.9.1-1+lenny3
 	- newsbeuter 1.2-1 (medium)
 	NOTE: medium as versions < 1.0-1 didn't include a patch to wrap long article URLs so the
 	NOTE: crafted part of the URL can be hidden. This of course only affects people not reading
 	NOTE: articles in the built-in reader.
-CVE-2008-3920
+CVE-2008-3920 (Unspecified vulnerability in BitlBee before 1.2.2 allows remote attack ...)
 	- bitlbee 1.2.2-1
 	[etch] - bitlbee <not-affected> (1.0.x not affected)
-CVE-2008-4978
+CVE-2008-4978 (radiance 3R9+20080530 allows local users to overwrite arbitrary files  ...)
 	- radiance 3R9+20080530-4 (low; bug #496423)
-CVE-2008-3844
+CVE-2008-3844 (Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH,  ...)
 	NOT-FOR-US: Red Hat services issue
-CVE-2008-3843
+CVE-2008-3843 (Request Validation (aka the ValidateRequest filters) in ASP.NET in Mic ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2008-3842
+CVE-2008-3842 (Request Validation (aka the ValidateRequest filters) in ASP.NET in Mic ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2008-3841
+CVE-2008-3841 (Cross-site scripting (XSS) vulnerability in admin/search_links.php in  ...)
 	NOT-FOR-US: Freeway eCommerce
-CVE-2008-3840
+CVE-2008-3840 (Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in  ...)
 	NOT-FOR-US: Crafty Syntax Live Help (CSLH)
-CVE-2008-3839
+CVE-2008-3839 (Unspecified vulnerability in the NFS module in the kernel in Sun Solar ...)
 	NOT-FOR-US: Solaris
-CVE-2008-3838
+CVE-2008-3838 (Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zone ...)
 	NOT-FOR-US: Solaris
-CVE-2008-3837
+CVE-2008-3837 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey be ...)
 	{DSA-1697-1 DSA-1669-1 DSA-1649-1}
 	- iceweasel 3.0.3-1 (low)
 	- xulrunner 1.9.0.3-1 (low)
 	- iceape 1.1.12-1 (low)
-CVE-2008-3836
+CVE-2008-3836 (feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers  ...)
 	{DSA-1697-1 DSA-1669-1 DSA-1649-1}
 	- iceweasel 3.0.1-1
 	- xulrunner 1.9.0.1-1
 	- iceape 1.1.12-1
-CVE-2008-3835
+CVE-2008-3835 (The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox befor ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.1-1
 	- iceweasel 3.0.1-1
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
-CVE-2008-3834
+CVE-2008-3834 (The dbus_signature_validate function in the D-bus library (libdbus) be ...)
 	{DSA-1658-1}
 	- dbus 1.2.1-4 (bug #501443)
-CVE-2008-3833
+CVE-2008-3833 (The generic_file_splice_write function in fs/splice.c in the Linux ker ...)
 	{DSA-1653-1}
 	- linux-2.6 2.6.19-1
 	- linux-2.6.24 <not-affected> (Fixed in upstream before 2.6.24)
-CVE-2008-3832
+CVE-2008-3832 (A certain Fedora patch for the utrace subsystem in the Linux kernel be ...)
 	- linux-2.6 <not-affected> (Fedora-specific patch)
 	- linux-2.6.24 <not-affected> (Fedora-specific patch)
-CVE-2008-3831
+CVE-2008-3831 (The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel ...)
 	{DSA-1655-1}
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6 2.6.26-9
-CVE-2008-3830
+CVE-2008-3830 (Condor before 7.0.5 does not properly handle when the configuration sp ...)
 	- condor <not-affected> (Fixed before initial upload to archive)
-CVE-2008-3829
+CVE-2008-3829 (Unspecified vulnerability in the condor_ schedd daemon in Condor befor ...)
 	- condor <not-affected> (Fixed before initial upload to archive)
-CVE-2008-3828
+CVE-2008-3828 (Stack-based buffer overflow in the condor_ schedd daemon in Condor bef ...)
 	- condor <not-affected> (Fixed before initial upload to archive)
-CVE-2008-3827
+CVE-2008-3827 (Multiple integer underflows in the Real demuxer (demux_real.c) in MPla ...)
 	{DSA-1644-1 DTSA-168-1}
 	- mplayer 1.0~rc2-18 (medium; bug #500683)
 	NOTE: http://www.ocert.org/advisories/ocert-2008-013.html
-CVE-2008-3826
+CVE-2008-3826 (Unspecified vulnerability in Condor before 7.0.5 allows attackers to e ...)
 	- condor <not-affected> (Fixed before initial upload to archive)
-CVE-2008-3825
+CVE-2008-3825 (pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when ...)
 	NOT-FOR-US: Different code base than Debian's libpam-krb5
-CVE-2008-3824
+CVE-2008-3824 (Cross-site scripting (XSS) vulnerability in (1) Text_Filter/Filter/xss ...)
 	{DSA-1642-1 DTSA-165-1}
 	- horde3 3.2.2+debian0-1 (low; bug #499579)
-CVE-2008-3823
+CVE-2008-3823 (Cross-site scripting (XSS) vulnerability in MIME/MIME/Contents.php in  ...)
 	{DSA-1642-1 DTSA-165-1}
 	- horde3 3.2.2+debian0-1 (low; bug #499579)
 CVE-2008-3822
 	REJECTED
-CVE-2008-3821
+CVE-2008-3821 (Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3820
+CVE-2008-3820 (Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event  ...)
 	NOT-FOR-US: Cisco Security Manager
-CVE-2008-3819
+CVE-2008-3819 (dnsserver in Cisco Application Control Engine Global Site Selector (GS ...)
 	NOT-FOR-US: Cisco Application Control Engine Global Site Selector (GSS)
-CVE-2008-3818
+CVE-2008-3818 (Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with  ...)
 	NOT-FOR-US: Cisco ONS
-CVE-2008-3817
+CVE-2008-3817 (Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series an ...)
 	NOT-FOR-US: Cisco
-CVE-2008-3816
+CVE-2008-3816 (Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco
-CVE-2008-3815
+CVE-2008-3815 (Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco
-CVE-2008-3814
+CVE-2008-3814 (Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x b ...)
 	NOT-FOR-US: Cisco
-CVE-2008-3813
+CVE-2008-3813 (Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mg ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3812
+CVE-2008-3812 (Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3811
+CVE-2008-3811 (Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP)  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3810
+CVE-2008-3810 (Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP)  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3809
+CVE-2008-3809 (Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (ak ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3808
+CVE-2008-3808 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3807
+CVE-2008-3807 (Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecar ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3806
+CVE-2008-3806 (Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 serie ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3805
+CVE-2008-3805 (Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 serie ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3804
+CVE-2008-3804 (Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3803
+CVE-2008-3803 (A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol L ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3802
+CVE-2008-3802 (Unspecified vulnerability in the Session Initiation Protocol (SIP) imp ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3801
+CVE-2008-3801 (Unspecified vulnerability in the Session Initiation Protocol (SIP) imp ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3800
+CVE-2008-3800 (Unspecified vulnerability in the Session Initiation Protocol (SIP) imp ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3799
+CVE-2008-3799 (Memory leak in the Session Initiation Protocol (SIP) implementation in ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3798
+CVE-2008-3798 (Cisco IOS 12.4 allows remote attackers to cause a denial of service (d ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2008-3797
 	RESERVED
-CVE-2008-3796
+CVE-2008-3796 (Swfdec 0.6 before 0.6.8 allows remote attackers to cause a denial of s ...)
 	- swfdec0.6 0.6.8-1
-CVE-2008-3795
+CVE-2008-3795 (Buffer overflow in Ipswitch WS_FTP Home client allows remote FTP serve ...)
 	NOT-FOR-US: WS_FTP Home
 CVE-2008-3793
 	RESERVED
 	NOT-FOR-US: Adobe Flash Player
-CVE-2008-3792
+CVE-2008-3792 (net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) i ...)
 	{DSA-1636-1}
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	- linux-2.6 2.6.26-4
 	[etch] - linux-2.6 <not-affected>
-CVE-2008-3788
+CVE-2008-3788 (Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9,  ...)
 	NOT-FOR-US: PICTURESPRO Photo Cart 3.9
-CVE-2008-3787
+CVE-2008-3787 (SQL injection vulnerability in listing_view.php in Web Directory Scrip ...)
 	NOT-FOR-US: Web Directory Script
-CVE-2008-3786
+CVE-2008-3786 (Cross-site scripting (XSS) vulnerability in index.php in PICTURESPRO P ...)
 	NOT-FOR-US: PICTURESPRO Photo Cart 3.9
-CVE-2008-3785
+CVE-2008-3785 (Multiple SQL injection vulnerabilities in the com_content component in ...)
 	NOT-FOR-US: MiaCMS
-CVE-2008-3784
+CVE-2008-3784 (SQL injection vulnerability in scrape.php in BtiTracker 1.4.7 and earl ...)
 	NOT-FOR-US: BtiTracker
-CVE-2008-3783
+CVE-2008-3783 (Multiple SQL injection vulnerabilities in index.php in Matterdaddy Mar ...)
 	NOT-FOR-US: Matterdaddy Market
-CVE-2008-3782
+CVE-2008-3782 (Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php ...)
 	NOT-FOR-US: ACG-PTP
-CVE-2008-3781
+CVE-2008-3781 (Cross-site scripting (XSS) vulnerability in GMOD GBrowse before 1.69 a ...)
 	NOT-FOR-US: GMOD GBrowse
-CVE-2008-3780
+CVE-2008-3780 (SQL injection vulnerability in recommend.php in Five Star Review Scrip ...)
 	NOT-FOR-US: Five Star Review Script
-CVE-2008-3779
+CVE-2008-3779 (Cross-site scripting (XSS) vulnerability in search/index.php in Five S ...)
 	NOT-FOR-US: Five Star Review Script
-CVE-2008-3778
+CVE-2008-3778 (The remote management interface in SIP Enablement Services (SES) Serve ...)
 	NOT-FOR-US: Avaya SIP Enablement Services
-CVE-2008-3777
+CVE-2008-3777 (The SIP Enablement Services (SES) Server in Avaya SIP Enablement Servi ...)
 	NOT-FOR-US: Avaya SIP Enablement Services
-CVE-2008-3776
+CVE-2008-3776 (Directory traversal vulnerability in Fujitsu Web-Based Admin View 2.1. ...)
 	NOT-FOR-US: Fujitsu Web-Based Admin View
-CVE-2008-3775
+CVE-2008-3775 (Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the pa ...)
 	NOT-FOR-US: Folder Lock
-CVE-2008-3774
+CVE-2008-3774 (SQL injection vulnerability in index.php in Simasy CMS allows remote a ...)
 	NOT-FOR-US: Simasy CMS
-CVE-2008-3773
+CVE-2008-3773 (Cross-site scripting (XSS) vulnerability in vBulletin 3.7.2 PL1 and 3. ...)
 	NOT-FOR-US: vBulletin
-CVE-2008-3772
+CVE-2008-3772 (SQL injection vulnerability in categories_portal.php in Pars4u Videosh ...)
 	NOT-FOR-US: Pars4u Videosharing
-CVE-2008-3771
+CVE-2008-3771 (Cross-site scripting (XSS) vulnerability in members.php in Pars4u Vide ...)
 	NOT-FOR-US: Pars4u Videosharing
-CVE-2008-3770
+CVE-2008-3770 (Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, whe ...)
 	NOT-FOR-US: Freeway
-CVE-2008-3769
+CVE-2008-3769 (PHP remote file inclusion vulnerability in admin/create_order_new.php  ...)
 	NOT-FOR-US: Freeway
-CVE-2008-3768
+CVE-2008-3768 (Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey We ...)
 	NOT-FOR-US: Turnkey Web Tools SunShop Shopping Cart
-CVE-2008-3767
+CVE-2008-3767 (SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows ...)
 	NOT-FOR-US: phpBazar
-CVE-2008-3766
+CVE-2008-3766 (Realtime Internet Band Rehearsal Low-Latency (Internet) Connection too ...)
 	NOT-FOR-US: Realtime Internet Band Rehearsal Low-Latency (Internet) Connection tool (llcon)
-CVE-2008-3765
+CVE-2008-3765 (SQL injection vulnerability in code.php in Quick Poll Script allows re ...)
 	NOT-FOR-US: Quick Poll Script
-CVE-2008-3764
+CVE-2008-3764 (Eval injection vulnerability in globalsoff.php in Turnkey PHP Live Hel ...)
 	NOT-FOR-US: Turnkey PHP Live Helper
-CVE-2008-3763
+CVE-2008-3763 (Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live  ...)
 	NOT-FOR-US: Turnkey PHP Live Helper
-CVE-2008-3762
+CVE-2008-3762 (SQL injection vulnerability in onlinestatus_html.php in Turnkey PHP Li ...)
 	NOT-FOR-US: Turnkey PHP Live Helper
-CVE-2008-3761
+CVE-2008-3761 (hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 ...)
 	NOT-FOR-US: VMware Workstation
 	NOTE: we only share a package to build VMware
-CVE-2008-3760
+CVE-2008-3760 (Cross-site request forgery (CSRF) vulnerability in the sign-out page i ...)
 	NOT-FOR-US: Vanilla
-CVE-2008-3759
+CVE-2008-3759 (Cross-site request forgery (CSRF) vulnerability in ajax/UpdateCheck.ph ...)
 	NOT-FOR-US: Vanilla
-CVE-2008-3758
+CVE-2008-3758 (Multiple cross-site scripting (XSS) vulnerabilities in Lussumo Vanilla ...)
 	NOT-FOR-US: Vanilla
-CVE-2008-3757
+CVE-2008-3757 (SQL injection vulnerability in tr1.php in YourFreeWorld Forced Matrix  ...)
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3756
+CVE-2008-3756 (SQL injection vulnerability in tr.php in YourFreeWorld Viral Marketing ...)
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3755
+CVE-2008-3755 (SQL injection vulnerability in view.php in YourFreeWorld Classifieds S ...)
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3754
+CVE-2008-3754 (SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text A ...)
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3753
+CVE-2008-3753 (SQL injection vulnerability in details.php in YourFreeWorld Programs R ...)
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3752
+CVE-2008-3752 (SQL injection vulnerability in tr.php in YourFreeWorld Ad-Exchange Scr ...)
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3751
+CVE-2008-3751 (SQL injection vulnerability in tr.php in YourFreeWorld Short Url &amp; ...)
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3750
+CVE-2008-3750 (SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Scr ...)
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-3749
+CVE-2008-3749 (SQL injection vulnerability in tr.php in YourFreeWorld Banner Manageme ...)
 	NOT-FOR-US: Banner Management Script
-CVE-2008-3748
+CVE-2008-3748 (SQL injection vulnerability in view_group.php in Active PHP Bookmarks  ...)
 	NOT-FOR-US: Active PHP Bookmarks
-CVE-2008-4952
+CVE-2008-4952 (emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite ar ...)
 	- emacs-jabber 0.7.91-2 (low; bug #496428)
 	[etch] - emacs-jabber <no-dsa> (Minor issue)
-CVE-2008-4987
+CVE-2008-4987 (xastir 1.9.2 allows local users to overwrite arbitrary files via a sym ...)
 	- xastir 1.9.2-1.1 (low; bug #496383)
 	[etch] - xastir <no-dsa> (Minor issue)
-CVE-2008-4477
+CVE-2008-4477 (alert.d/test.alert in mon 0.99.2 allows local users to overwrite arbit ...)
 	{DSA-1648-1}
 	- mon 0.99.2-13 (medium; bug #496398)
-CVE-2008-3790
+CVE-2008-3790 (The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7 ...)
 	{DSA-1652-1 DSA-1651-1}
 	- ruby1.8 1.8.7.72-1 (bug #496808)
 	- ruby1.9 1.9.0.2-6 (bug #497610)
-CVE-2008-4939
+CVE-2008-4939 (apertium 3.0.7 allows local users to overwrite arbitrary files via a s ...)
 	- apertium 3.0.7+1-1.1 (low; bug #496395)
 	[etch] - apertium <no-dsa> (Minor issue)
-CVE-2008-4946
+CVE-2008-4946 (convirt 0.8.2 allows local users to overwrite arbitrary files via a sy ...)
 	- convirt 0.9.6-1 (medium; bug #496419)
-CVE-2008-4942
+CVE-2008-4942 (audiolink in audiolink 0.05 allows local users to overwrite arbitrary  ...)
 	- audiolink 0.05-1.1 (low; bug #496433)
 	[etch] - audiolink <no-dsa> (Minor issue)
-CVE-2008-4968
+CVE-2008-4968 (The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users ...)
 	- lmbench 3.0-a9-1 (low; bug #496427)
 	[etch] - lmbench <no-dsa> (Non-free not supported)
-CVE-2008-4975
+CVE-2008-4975 (mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary f ...)
 	- newsgate <removed> (low; bug #496437)
 	[etch] - newsgate <no-dsa> (Non-free not supported)
-CVE-2008-4973
+CVE-2008-4973 (i2myspell in myspell 3.1 allows local users to overwrite arbitrary fil ...)
 	- myspell 1:3.0+pre3.1-21 (low; bug #496392)
 	[etch] - myspell <no-dsa> (Minor issue)
-CVE-2008-4976
+CVE-2008-4976 (ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary ...)
 	- ogle <removed> (unimportant; bug #496420; bug #496425)
 	NOTE: This only affects debugging scripts not present in standard path
-CVE-2008-3789
+CVE-2008-3789 (Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb ...)
 	{DTSA-161-1}
 	- samba 2:3.2.3-1 (bug #496073; medium)
 	[etch] - samba <not-affected> (Only affects Samba 3.2.x)
 CVE-2008-XXXX [insecure temp file in nvi]
 	- nvi 1.81.6-4 (low; bug #496462)
 	[etch] - nvi <no-dsa> (Minor issue, only exploitable in postinst)
-CVE-2008-4982
+CVE-2008-4982 (rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary f ...)
 	- rkhunter 1.3.2-6 (low; bug #496375)
 	[etch] - rkhunter <no-dsa> (Minor issue, only in debug mode)
-CVE-2008-4984
+CVE-2008-4984 (scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files  ...)
 	- scratchbox2 1.99.0.24-2 (low; bug #496409)
-CVE-2008-4981
+CVE-2008-4981 (perl.robot in realtimebattle 1.0.8 allows local users to overwrite arb ...)
 	- realtimebattle 1.0.8-8 (low; bug #496385)
 	[etch] - realtimebattle <no-dsa> (Minor issue)
-CVE-2008-4972
+CVE-2008-4972 (mailgo in mgt 2.31 allows local users to overwrite arbitrary files via ...)
 	- mgt 2.31-6 (low; bug #496434)
 	[etch] - mgt <no-dsa> (Minor issue)
 CVE-2008-4998
 	- twiki 1:4.1.2-4 (low; bug #494648)
-CVE-2008-4971
+CVE-2008-4971 (mafft-homologs in mafft 6.240 allows local users to overwrite arbitrar ...)
 	- mafft 6.240-2 (low; bug #496366)
-CVE-2008-4993
+CVE-2008-4993 (qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary f ...)
 	- xen-3 3.4.0-1 (low; bug #496367)
 	[etch] - xen-3 <no-dsa> (Minor issue)
-CVE-2008-4936
+CVE-2008-4936 (faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary fi ...)
 	- mgetty 1.1.36-1.3 (low; bug #496403)
 	[etch] - mgetty <no-dsa> (Minor issue)
-CVE-2008-4476
+CVE-2008-4476 (sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary file ...)
 	- sympa 5.3.4-5.1 (low; bug #496405; bug #494969)
 	[etch] - sympa <no-dsa> (Minor issues)
-CVE-2008-4935
+CVE-2008-4935 (asciiview in aview 1.3.0 allows local users to overwrite arbitrary fil ...)
 	- aview 1.3.0rc1-8.1 (low; bug #496422)
 	[etch] - aview <no-dsa> (Minor issue)
-CVE-2008-4956
+CVE-2008-4956 (fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitr ...)
 	- fwbuilder 2.1.19-5 (low; bug #496406)
 	[etch] - fwbuilder <no-dsa> (Minor issue)
-CVE-2008-4440
+CVE-2008-4440 (The to-upgrade plugin in feta 1.4.16 allows local users to overwrite a ...)
 	{DSA-1643-1}
 	- feta 1.4.16+nmu1 (low; bug #496397)
 CVE-2008-4977
 	- postfix <unfixed> (unimportant; bug #496401)
 	NOTE: Not enabled by default, needs manual modification of a script
-CVE-2008-4944
+CVE-2008-4944 (writtercontrol in cdcontrol 1.90 allows local users to overwrite arbit ...)
 	- cdcontrol <removed> (low; bug #496438)
 	[etch] - cdcontrol <no-dsa> (Minor issue)
-CVE-2008-4951
+CVE-2008-4951 (dtc 0.29.6 allows local users to overwrite arbitrary files via a symli ...)
 	- dtc 0.29.10-1 (low; bug #496362)
-CVE-2008-4994
+CVE-2008-4994 (The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local user ...)
 	- xmcd 2.6-21 (low; bug #496416)
 	[etch] - xmcd <no-dsa> (Minor issue)
-CVE-2008-4988
+CVE-2008-4988 (pscal in xcal 4.1 allows local users to overwrite arbitrary files via  ...)
 	- xcal 4.1-19 (low; bug #496393)
 	[etch] - xcal <no-dsa> (Minor issue)
-CVE-2008-3791
+CVE-2008-3791 (src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environmen ...)
 	- gpicview 0.1.9-2 (low; bug #495968)
 	NOTE: http://sourceforge.net/tracker/index.php?func=detail&aid=2019481&group_id=180858&atid=894869
 CVE-2008-XXXX [Overwrite symlink without check]
@@ -8353,237 +8353,237 @@ CVE-2008-XXXX [Overwrite certain images without notice]
 	NOTE: http://sourceforge.net/tracker/index.php?func=detail&aid=2019492&group_id=180858&atid=894869
 	NOTE: non-issue, not exploitable by other users
 	NOTE: CVE id requested
-CVE-2008-4937
+CVE-2008-4937 (senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite  ...)
 	- openoffice.org 1:2.4.1-8 (low; bug #496361)
 	[etch] - openoffice.org <not-affected> (Vulnerable code not present)
 	NOTE: also not present in 3.0.0, only in 2.4.1. Fix pending upload.
-CVE-2008-4979
+CVE-2008-4979 (getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrar ...)
 	- rancid 2.3.2~a8-2 (low; bug #496426)
 	[etch] - rancid <no-dsa> (Minor issue)
-CVE-2008-4985
+CVE-2008-4985 (vdrleaktest in Video Disk Recorder (aka vdr-dbg or vdr) 1.6.0 allows l ...)
 	- vdr 1.6.0-6 (low; bug #496421)
 	[etch] - vdr <not-affected> (Vulnerable code not present)
-CVE-2008-5007
+CVE-2008-5007 (create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to o ...)
 	- lazarus 0.9.24-0-11 (unimportant; bug #496377)
 	NOTE: vulnerable script only called when updating the source
 	NOTE: thus neither actively used nor invoked automatically
-CVE-2008-3794
+CVE-2008-3794 (Integer signedness error in the mms_ReceiveCommand function in modules ...)
 	{DSA-1819-1 DTSA-166-1}
 	- vlc 0.8.6.h-4 (medium; bug #496265)
-CVE-2008-3747
+CVE-2008-3747 (The (1) get_edit_post_link and (2) get_edit_comment_link functions in  ...)
 	- wordpress 2.5.1-6 (low; bug #497216)
 	[etch] - wordpress <not-affected> (Does not have force-sll mechanism)
-CVE-2008-3746
+CVE-2008-3746 (neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of  ...)
 	- neon27 0.28.2-4
 	- neon26 <not-affected> (Issue was introduced in 0.28)
-CVE-2008-3739
+CVE-2008-3739 (Cross-site scripting (XSS) vulnerability in (1) System Consultants La! ...)
 	NOT-FOR-US: La!Cooda WIZ
-CVE-2008-3738
+CVE-2008-3738 (Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier ...)
 	NOT-FOR-US: SpaceTag LacoodaST
-CVE-2008-3737
+CVE-2008-3737 (Unspecified vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 ...)
 	NOT-FOR-US: La!Cooda WIZ
-CVE-2008-3736
+CVE-2008-3736 (Multiple cross-site request forgery (CSRF) vulnerabilities in (1) Syst ...)
 	NOT-FOR-US: La!Cooda WIZ
-CVE-2008-3735
+CVE-2008-3735 (Cross-site scripting (XSS) vulnerability in index.php in PHPizabi befo ...)
 	NOT-FOR-US: PHPizabi
-CVE-2008-3734
+CVE-2008-3734 (Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_ ...)
 	NOT-FOR-US: WS_FTP Home
-CVE-2008-3733
+CVE-2008-3733 (Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote  ...)
 	NOT-FOR-US: EO Video
-CVE-2008-3732
+CVE-2008-3732 (Integer overflow in the Open function in modules/demux/tta.c in VLC Me ...)
 	{DTSA-166-1}
 	- vlc 0.8.6.h-2
 	[etch] - vlc <not-affected> (TTA module not present)
-CVE-2008-3731
+CVE-2008-3731 (Unspecified vulnerability in Serv-U File Server 7.0.0.1, and other ver ...)
 	NOT-FOR-US: Serv-U File
-CVE-2008-3730
+CVE-2008-3730 (Cross-site scripting (XSS) vulnerability in Nordicwind Document Manage ...)
 	NOT-FOR-US: NOAH
-CVE-2008-3729
+CVE-2008-3729 (Web Based Administration in MicroWorld Technologies MailScan 5.6.a esp ...)
 	NOT-FOR-US: MicroWorld Technologies MailScan
-CVE-2008-3728
+CVE-2008-3728 (Web Based Administration in MicroWorld Technologies MailScan 5.6.a esp ...)
 	NOT-FOR-US: MicroWorld Technologies MailScan
-CVE-2008-3727
+CVE-2008-3727 (Directory traversal vulnerability in Web Based Administration in Micro ...)
 	NOT-FOR-US: MicroWorld Technologies MailScan
-CVE-2008-3726
+CVE-2008-3726 (Cross-site scripting (XSS) vulnerability in Web Based Administration i ...)
 	NOT-FOR-US: MicroWorld Technologies MailScan
-CVE-2008-3725
+CVE-2008-3725 (SQL injection vulnerability in trr.php in YourFreeWorld Ad Board Scrip ...)
 	NOT-FOR-US: YourFreeWorld Ad Board Script
-CVE-2008-3724
+CVE-2008-3724 (SQL injection vulnerability in index.php in Papoo before 3.7.2 allows  ...)
 	NOT-FOR-US: Papoo
-CVE-2008-3723
+CVE-2008-3723 (Directory traversal vulnerability in index.php in PHPizabi 0.848b C1 H ...)
 	NOT-FOR-US: PHPizabi
-CVE-2008-3722
+CVE-2008-3722 (SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows rem ...)
 	NOT-FOR-US: fipsCMS
-CVE-2008-3721
+CVE-2008-3721 (PHP remote file inclusion vulnerability in user_language.php in DeeEmm ...)
 	NOT-FOR-US: DeeEmm CMS
-CVE-2008-3720
+CVE-2008-3720 (SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 a ...)
 	NOT-FOR-US: DeeEmm CMS
-CVE-2008-3719
+CVE-2008-3719 (SQL injection vulnerability in directory.php in SFS Affiliate Director ...)
 	NOT-FOR-US: SFS Affiliate Directory
-CVE-2008-3718
+CVE-2008-3718 (Multiple SQL injection vulnerabilities in cyberBB 0.6 allow remote aut ...)
 	NOT-FOR-US: cyberBB
-CVE-2008-3717
+CVE-2008-3717 (Harmoni before 1.6.0 does not require administrative privileges to lis ...)
 	NOT-FOR-US: Harmoni
-CVE-2008-3716
+CVE-2008-3716 (Cross-site request forgery (CSRF) vulnerability in Harmoni before 1.6. ...)
 	NOT-FOR-US: Harmoni
-CVE-2008-3715
+CVE-2008-3715 (Cross-site scripting (XSS) vulnerability in inc-core-admin-editor-prev ...)
 	NOT-FOR-US: FlexCMS
-CVE-2008-3714
+CVE-2008-3714 (Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.8  ...)
 	{DSA-1679-1}
 	- awstats 6.7.dfsg-5.1 (bug #495432; low)
 	NOTE: upstream bug 2001151
-CVE-2008-3713
+CVE-2008-3713 (SQL injection vulnerability in product.php in PHPBasket allows remote  ...)
 	NOT-FOR-US: PHPBasket
-CVE-2008-3712
+CVE-2008-3712 (Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and ...)
 	NOT-FOR-US: Mambo
-CVE-2008-3711
+CVE-2008-3711 (SQL injection vulnerability in index.php in PHPArcadeScript (PHP Arcad ...)
 	NOT-FOR-US: PHPArcadeScript
-CVE-2008-3710
+CVE-2008-3710 (Multiple directory traversal vulnerabilities in CyBoards PHP Lite 1.21 ...)
 	NOT-FOR-US: CyBoards PHP Lite
-CVE-2008-3709
+CVE-2008-3709 (Multiple cross-site scripting (XSS) vulnerabilities in CyBoards PHP Li ...)
 	NOT-FOR-US: CyBoards PHP Lite
-CVE-2008-3708
+CVE-2008-3708 (Multiple directory traversal vulnerabilities in dotCMS 1.6.0.9 allow r ...)
 	NOT-FOR-US: dotCMS
-CVE-2008-3707
+CVE-2008-3707 (Multiple PHP remote file inclusion vulnerabilities in CyBoards PHP Lit ...)
 	NOT-FOR-US: CyBoards PHP Lite
-CVE-2008-3706
+CVE-2008-3706 (SQL injection vulnerability in bannerclick.php in ZEEJOBSITE 2.0 allow ...)
 	NOT-FOR-US: ZEEJOBSITE
-CVE-2008-3705
+CVE-2008-3705 (Stack-based buffer overflow in the CLogger::WriteFormated function in  ...)
 	NOT-FOR-US: EchoVNC Linux
-CVE-2008-3704
+CVE-2008-3704 (Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask ...)
 	NOT-FOR-US: Msmask32.ocx
-CVE-2008-3703
+CVE-2008-3703 (The management console in the Volume Manager Scheduler Service (aka Vx ...)
 	NOT-FOR-US: Symantec Veritas Storage Foundation
-CVE-2008-3702
+CVE-2008-3702 (Multiple stack-based buffer overflows in the Animation GIF ActiveX con ...)
 	NOT-FOR-US: SpeedBit Download Accelerator Plus
-CVE-2008-3701
+CVE-2008-3701 (SQL injection vulnerability in staff/index.php in Kayako SupportSuite  ...)
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2008-3700
+CVE-2008-3700 (Multiple cross-site scripting (XSS) vulnerabilities in Kayako SupportS ...)
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2008-3698
+CVE-2008-3698 (Unspecified vulnerability in the OpenProcess function in VMware Workst ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-3697
+CVE-2008-3697 (An unspecified ISAPI extension in VMware Server before 1.0.7 build 108 ...)
 	NOT-FOR-US: VMware Server on Windows
-CVE-2008-3696
+CVE-2008-3696 (Unspecified vulnerability in a certain ActiveX control in VMware Works ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-3695
+CVE-2008-3695 (Unspecified vulnerability in a certain ActiveX control in VMware Works ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-3694
+CVE-2008-3694 (Unspecified vulnerability in a certain ActiveX control in VMware Works ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-3693
+CVE-2008-3693 (Unspecified vulnerability in a certain ActiveX control in VMware Works ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-3692
+CVE-2008-3692 (Unspecified vulnerability in a certain ActiveX control in VMware Works ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-3691
+CVE-2008-3691 (Unspecified vulnerability in a certain ActiveX control in VMware Works ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
 CVE-2008-3690
 	RESERVED
 CVE-2008-3689
 	RESERVED
-CVE-2008-3688
+CVE-2008-3688 (sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote at ...)
 	{DTSA-159-1}
 	- havp 0.88-1.1 (bug #496034)
-CVE-2008-3687
+CVE-2008-3687 (Heap-based buffer overflow in the flask_security_label function in Xen ...)
 	- xen-3 <not-affected> (Not compiled with XSM:FLASK)
-CVE-2008-3686
+CVE-2008-3686 (The rt6_fill_node function in net/ipv6/route.c in Linux kernel 2.6.26- ...)
 	- linux-2.6.24 <not-affected> (Vulnerable code was introduced in 2.6.26)
 	- linux-2.6 2.6.26-5
 	[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.26)
-CVE-2008-3685
+CVE-2008-3685 (Directory traversal vulnerability in aws_tmxn.exe in the Admin Agent s ...)
 	NOT-FOR-US: EMC Documentum ApplicationXtender Workflow
-CVE-2008-3684
+CVE-2008-3684 (Heap-based buffer overflow in aws_tmxn.exe in the Admin Agent service  ...)
 	NOT-FOR-US: EMC Documentum ApplicationXtender Workflow
-CVE-2008-3683
+CVE-2008-3683 (Unspecified vulnerability in the FTP subsystem in Sun Java System Web  ...)
 	NOT-FOR-US: Sun Java System Web Proxy Server
-CVE-2008-3682
+CVE-2008-3682 (SQL injection vulnerability in dpage.php in YPN PHP Realty allows remo ...)
 	NOT-FOR-US: YPN PHP Realty
-CVE-2008-3681
+CVE-2008-3681 (components/com_user/models/reset.php in Joomla! 1.5 through 1.5.5 does ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-3680
+CVE-2008-3680 (The decryption function in Flagship Industries Ventrilo 3.0.2 and earl ...)
 	NOT-FOR-US: Flagship Industries Ventrilo
-CVE-2008-3679
+CVE-2008-3679 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ID ...)
 	NOT-FOR-US: IDevSpot PhpLinkExchange
-CVE-2008-3678
+CVE-2008-3678 (Cross-site scripting (XSS) vulnerability in admin/search_links.php in  ...)
 	NOT-FOR-US: Freeway
-CVE-2008-3677
+CVE-2008-3677 (Directory traversal vulnerability in includes/events_application_top.p ...)
 	NOT-FOR-US: Freeway
-CVE-2008-3676
+CVE-2008-3676 (Unspecified vulnerability in the IMAP server in hMailServer 4.4.1 allo ...)
 	NOT-FOR-US: hMailServer
-CVE-2008-3675
+CVE-2008-3675 (Directory traversal vulnerability in classes/imgsize.php in Gelato 0.9 ...)
 	NOT-FOR-US: Gelato
-CVE-2008-3674
+CVE-2008-3674 (SQL injection vulnerability in ugroups.php in PozScripts TubeGuru Vide ...)
 	NOT-FOR-US: PozScripts TubeGuru Video Sharing Script
-CVE-2008-3673
+CVE-2008-3673 (SQL injection vulnerability in browsecats.php in PozScripts Classified ...)
 	NOT-FOR-US: PozScripts Classified Ads
-CVE-2008-3672
+CVE-2008-3672 (SQL injection vulnerability in showcategory.php in PozScripts Classifi ...)
 	NOT-FOR-US: PozScripts Classified Ads
-CVE-2008-3671
+CVE-2008-3671 (Acronis True Image Echo Server 9.x build 8072 on Linux does not proper ...)
 	NOT-FOR-US: Echo Server
-CVE-2008-3670
+CVE-2008-3670 (SQL injection vulnerability in authordetail.php in Article Friendly Pr ...)
 	NOT-FOR-US: Article Friendly Pro
-CVE-2008-3669
+CVE-2008-3669 (SQL injection vulnerability in comments.php in ZeeScripts Reviews Opin ...)
 	NOT-FOR-US: ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP
-CVE-2008-3668
+CVE-2008-3668 (Multiple cross-site scripting (XSS) vulnerabilities in the Yogurt Soci ...)
 	NOT-FOR-US: XOOPS
-CVE-2008-3667
+CVE-2008-3667 (Stack-based buffer overflow in Maxthon Browser 2.0 and earlier allows  ...)
 	NOT-FOR-US: Maxthon Browser
-CVE-2008-3699
+CVE-2008-3699 (The MagnatuneBrowser::listDownloadComplete function in magnatunebrowse ...)
 	- amarok 1.4.10-1 (unimportant; bug #494765)
 	[etch] - amarok <not-affected>
 	NOTE: The code in question doesn't dereference the symlink, tested with Etch
 	NOTE: and Lenny. Given that it only takes a minute to test this, it's surprising
 	NOTE: that at least one vendor issued an advisory and upstream pushed a new release...
-CVE-2008-3740
+CVE-2008-3740 (Cross-site scripting (XSS) vulnerability in the output filter in Drupa ...)
 	{DTSA-156-1}
 	- drupal5 5.10-1 (low; bug #495122)
 	- drupal-4.7 <removed>
-CVE-2008-3741
+CVE-2008-3741 (The private filesystem in Drupal 5.x before 5.10 and 6.x before 6.4 tr ...)
 	{DTSA-156-1}
 	- drupal5 5.10-1 (low; bug #495122)
 	- drupal-4.7 <removed>
-CVE-2008-3742
+CVE-2008-3742 (Unrestricted file upload vulnerability in the BlogAPI module in Drupal ...)
 	{DTSA-156-1}
 	- drupal5 5.10-1 (medium; bug #495122)
 	- drupal-4.7 <removed>
-CVE-2008-3743
+CVE-2008-3743 (Multiple cross-site request forgery (CSRF) vulnerabilities in forms in ...)
 	{DTSA-156-1}
 	- drupal5 <not-affected> (Vulnerable code not present)
 	- drupal-4.7 <removed>
-CVE-2008-3744
+CVE-2008-3744 (Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5 ...)
 	{DTSA-156-1}
 	- drupal5 5.10-1 (low; bug #495122)
 	- drupal-4.7 <removed>
-CVE-2008-3745
+CVE-2008-3745 (The Upload module in Drupal 6.x before 6.4 allows remote authenticated ...)
 	{DTSA-156-1}
 	- drupal5 <not-affected> (Vulnerable code only present in 6.x)
 	- drupal-4.7 <removed>
-CVE-2008-3666
+CVE-2008-3666 (Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv ...)
 	NOT-FOR-US: Sun Solaris 10
 CVE-2008-3665
 	RESERVED
-CVE-2008-3664
+CVE-2008-3664 (Multiple cross-site scripting (XSS) vulnerabilities in XRMS allow remo ...)
 	NOT-FOR-US: XRMS CRM
-CVE-2008-3663
+CVE-2008-3663 (Squirrelmail 1.4.15 does not set the secure flag for the session cooki ...)
 	- squirrelmail 2:1.4.15-3 (low; bug #499942)
 	[etch] - squirrelmail <no-dsa> (less important and fix changes behaviour)
 	NOTE: only relevant for installations that are also offered over http
 	NOTE: which isn't normally a good idea anyway. Fixing in stable will
 	NOTE: change behaviour so not really suited for DSA.
-CVE-2008-3662
+CVE-2008-3662 (Gallery before 1.5.9, and 2.x before 2.2.6, does not set the secure fl ...)
 	- gallery 1.5.9-1
 	- gallery2 2.2.6-1
-CVE-2008-3661
+CVE-2008-3661 (Drupal, probably 5.10 and 6.4, does not set the secure flag for the se ...)
 	- drupal5 5.10-2 (low; bug #501063)
 	- drupal6 6.4-2 (low; bug #501058)
 	NOTE: drupal upstreams advise the users to set session.cookie_secure in the php configuration
 	NOTE: to fix this has been documented in README.Debian
-CVE-2008-3660
+CVE-2008-3660 (PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI  ...)
 	{DSA-1647-1}
 	- php5 5.2.6-4 (medium)
 	- php4 <removed>
 	NOTE: *not* duplicate after all, needs review
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.57&r2=1.267.2.15.2.58&view=patch
-CVE-2008-3659
+CVE-2008-3659 (Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9 and  ...)
 	{DSA-1647-1}
 	- php4 <removed>
 	- php5 5.2.6-4 (medium)
@@ -8591,38 +8591,38 @@ CVE-2008-3659
 	NOTE: (From upstream's ext/standard/tests/strings/explode_bug.phpt)
 	NOTE: could not reproduce locally
 	NOTE: fix in pkg-php svn for both etch and sid
-CVE-2008-3658
+CVE-2008-3658 (Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4. ...)
 	{DSA-1647-1}
 	- php4 <removed>
 	- php5 5.2.6-4 (medium)
 	NOTE: fix in pkg-php svn for both etch and sid
-CVE-2008-3657
+CVE-2008-3657 (The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8 ...)
 	{DSA-1652-1 DSA-1651-1}
 	- ruby1.8 1.8.7.72-1 (bug #494401)
 	- ruby1.9 1.9.0.2-6 (bug #494402)
 	NOTE: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
-CVE-2008-3656
+CVE-2008-3656 (Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_h ...)
 	{DSA-1652-1 DSA-1651-1}
 	- ruby1.8 1.8.7.72-1 (bug #494401)
 	- ruby1.9 1.9.0.2-6 (bug #494402)
 	NOTE: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
-CVE-2008-3655
+CVE-2008-3655 (Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7- ...)
 	{DSA-1652-1 DSA-1651-1}
 	- ruby1.8 1.8.7.72-1 (bug #494401)
 	- ruby1.9 1.9.0.2-6 (bug #494402)
 	NOTE: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
-CVE-2008-3654
+CVE-2008-3654 (Unspecified vulnerability in TikiWiki CMS/Groupware before 2.0 allows  ...)
 	- tikiwiki <removed>
-CVE-2008-3653
+CVE-2008-3653 (Multiple unspecified vulnerabilities in TikiWiki CMS/Groupware before  ...)
 	- tikiwiki <removed>
-CVE-2008-3652
+CVE-2008-3652 (src/racoon/handler.c in racoon in ipsec-tools does not remove an "orph ...)
 	- ipsec-tools 0.7.1-1.2 (low; bug #501026)
 	[etch] - ipsec-tools <no-dsa> (Minor issue)
 	NOTE: attacker needs to be authenticated, see https://bugzilla.redhat.com/show_bug.cgi?id=456660
-CVE-2008-3651
+CVE-2008-3651 (Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools b ...)
 	- ipsec-tools 1:0.7.1-1 (low; bug #495214)
 	[etch] - ipsec-tools <no-dsa> (Minor issue)
-CVE-2008-3650
+CVE-2008-3650 (Multiple unspecified vulnerabilities in Horde Groupware Webmail before ...)
 	- horde3 3.2.1+debian0-1 (low; bug #495332)
 	- turba2 2.2.1-1
 	[etch] - turba2 <not-affected> (Vulnerable code not present)
@@ -8630,271 +8630,271 @@ CVE-2008-3650
 	NOTE: this is actually two issues:
 	NOTE: - one a dup of CVE-2008-3330 in horde3
 	NOTE: - another an issue in turba2
-CVE-2008-3649
+CVE-2008-3649 (SQL injection vulnerability in categorydetail.php in Article Friendly  ...)
 	NOT-FOR-US: Article Friendly Standard
-CVE-2008-3648
+CVE-2008-3648 (nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote a ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-3647
+CVE-2008-3647 (Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows  ...)
 	NOT-FOR-US: Mac OS
-CVE-2008-3646
+CVE-2008-3646 (The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be ...)
 	NOT-FOR-US: MacOS-only problem
-CVE-2008-3645
+CVE-2008-3645 (Heap-based buffer overflow in the local IPC component in the EAPOLCont ...)
 	NOT-FOR-US: Mac OS
-CVE-2008-3644
+CVE-2008-3644 (Apple Safari before 3.2 does not properly prevent caching of form data ...)
 	NOT-FOR-US: Apple Safari
-CVE-2008-3643
+CVE-2008-3643 (Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-ass ...)
 	NOT-FOR-US: Mac OS
-CVE-2008-3642
+CVE-2008-3642 (Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows rem ...)
 	NOT-FOR-US: Mac OS
-CVE-2008-3641
+CVE-2008-3641 (The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3 ...)
 	{DSA-1656-1}
 	- cupsys <removed>
 	- cups 1.3.8-1lenny2 (medium)
-CVE-2008-3640
+CVE-2008-3640 (Integer overflow in the WriteProlog function in texttops in CUPS befor ...)
 	{DSA-1656-1}
 	- cupsys <removed>
 	- cups 1.3.8-1lenny2 (medium)
-CVE-2008-3639
+CVE-2008-3639 (Heap-based buffer overflow in the read_rle16 function in imagetops in  ...)
 	{DSA-1656-1}
 	- cupsys <removed>
 	- cups 1.3.8-1lenny2 (medium)
-CVE-2008-3638
+CVE-2008-3638 (Java on Apple Mac OS X 10.5.4 and 10.5.5 does not prevent applets from ...)
 	NOT-FOR-US: Mac OSX
-CVE-2008-3637
+CVE-2008-3637 (The Hash-based Message Authentication Code (HMAC) provider in Java on  ...)
 	NOT-FOR-US: Mac OSX
-CVE-2008-3636
+CVE-2008-3636 (Integer overflow in the IopfCompleteRequest API in the kernel in Micro ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2008-3635
+CVE-2008-3635 (Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspe ...)
 	NOT-FOR-US: Apple Quick Times
-CVE-2008-3634
+CVE-2008-3634 (Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing ...)
 	NOT-FOR-US: Apple iTunes
 CVE-2008-3633
 	RESERVED
-CVE-2008-3632
+CVE-2008-3632 (Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through ...)
 	- webkit 1.0.1-4 (bug #499771)
 	- qt4-x11 4:4.6.2-4 (bug #561760)
 	[lenny] - qt4-x11 <no-dsa> (Minor impact, no apps in Lenny which use qtwebkit )
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against, Lenny is affected
 	NOTE: http://trac.webkit.org/changeset/34815
-CVE-2008-3631
+CVE-2008-3631 (Application Sandbox in Apple iPod touch 2.0 through 2.0.2, and iPhone  ...)
 	NOT-FOR-US: Apple iPod
-CVE-2008-3630
+CVE-2008-3630 (mDNSResponder in Apple Bonjour for Windows before 1.0.5, when an appli ...)
 	NOT-FOR-US: Apple Bonjour
-CVE-2008-3629
+CVE-2008-3629 (Apple QuickTime before 7.5.5 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3628
+CVE-2008-3628 (Apple QuickTime before 7.5.5 on Windows allows remote attackers to exe ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3627
+CVE-2008-3627 (Apple QuickTime before 7.5.5 does not properly handle (1) MDAT atoms i ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3626
+CVE-2008-3626 (The CallComponentFunctionWithStorage function in Apple QuickTime befor ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3625
+CVE-2008-3625 (Stack-based buffer overflow in Apple QuickTime before 7.5.5 allows rem ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3624
+CVE-2008-3624 (Heap-based buffer overflow in Apple QuickTime before 7.5.5 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3623
+CVE-2008-3623 (Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2  ...)
 	NOT-FOR-US: Apple Safari on Windows
-CVE-2008-3622
+CVE-2008-3622 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac O ...)
 	NOT-FOR-US: Mac OS X
-CVE-2008-3621
+CVE-2008-3621 (VideoConference in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allo ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2008-3620
 	RESERVED
-CVE-2008-3619
+CVE-2008-3619 (Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissio ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3618
+CVE-2008-3618 (The File Sharing pane in the Sharing preference pane in Apple Mac OS X ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3617
+CVE-2008-3617 (Remote Management and Screen Sharing in Apple Mac OS X 10.5 through 10 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3616
+CVE-2008-3616 (Multiple integer overflows in the SearchKit API in Apple Mac OS X 10.4 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3615
+CVE-2008-3615 (ir50_32.qtx in an unspecified third-party Indeo v5 codec for QuickTime ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3614
+CVE-2008-3614 (Integer overflow in Apple QuickTime before 7.5.5 on Windows allows rem ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-3613
+CVE-2008-3613 (Finder in Apple Mac OS X 10.5.2 through 10.5.4 allows remote attackers ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3612
+CVE-2008-3612 (The Networking subsystem in Apple iPod touch 2.0 through 2.0.2, and iP ...)
 	NOT-FOR-US: Apple iPod
-CVE-2008-3611
+CVE-2008-3611 (Login Window in Apple Mac OS X 10.4.11 does not clear the current pass ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3610
+CVE-2008-3610 (Race condition in Login Window in Apple Mac OS X 10.5 through 10.5.4,  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3609
+CVE-2008-3609 (The kernel in Apple Mac OS X 10.5 through 10.5.4 does not properly flu ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3608
+CVE-2008-3608 (ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows conte ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3607
+CVE-2008-3607 (The IMAP server in NoticeWare Email Server NG 4.6.3 and earlier allows ...)
 	NOT-FOR-US: NoticeWare Email Server NG
-CVE-2008-3606
+CVE-2008-3606 (Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1 ...)
 	NOT-FOR-US: Qbik WinGate
-CVE-2008-3605
+CVE-2008-3605 (Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0, whe ...)
 	NOT-FOR-US: McAfee Encrypted USB Manager
-CVE-2008-3604
+CVE-2008-3604 (SQL injection vulnerability in bannerclick.php in ZeeBuddy 2.1 allows  ...)
 	NOT-FOR-US: ZeeBuddy
-CVE-2008-3603
+CVE-2008-3603 (SQL injection vulnerability in index.php in Vacation Rental Script 3.0 ...)
 	NOT-FOR-US: Vacation Rental Script
-CVE-2008-3602
+CVE-2008-3602 (admin/wr_admin.php in PHP-Ring Webring System (aka uPHP_ring_website)  ...)
 	NOT-FOR-US: PHP-Ring Webring System
-CVE-2008-3601
+CVE-2008-3601 (SQL injection vulnerability in index.php in Quicksilver Forums 1.4.1 a ...)
 	NOT-FOR-US: Quicksilver Forums
-CVE-2008-3600
+CVE-2008-3600 (Directory traversal vulnerability in contrib/phpBB2/modules.php in Gal ...)
 	- gallery <removed> (unimportant)
 	- gallery2 <not-affected> (Vulnerable code not present)
 	NOTE: We haven't supported installations with register_globals enabled since a long time
-CVE-2008-3599
+CVE-2008-3599 (SQL injection vulnerability in image.php in OpenImpro 1.1 allows remot ...)
 	NOT-FOR-US: OpenImpro
-CVE-2008-3598
+CVE-2008-3598 (Multiple SQL injection vulnerabilities in psipuss 1.0 allow remote att ...)
 	NOT-FOR-US: psipuss
-CVE-2008-3597
+CVE-2008-3597 (Skulltag before 0.97d2-RC6 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Skulltag
-CVE-2008-3596
+CVE-2008-3596 (Cross-site scripting (XSS) vulnerability in Harmoni before 1.4.7 allow ...)
 	NOT-FOR-US: Harmoni
-CVE-2008-3595
+CVE-2008-3595 (PHP remote file inclusion vulnerability in examples/txtSQLAdmin/startu ...)
 	NOT-FOR-US: txtSQL
-CVE-2008-3594
+CVE-2008-3594 (SQL injection vulnerability in viewdetails.php in MagicScripts E-Store ...)
 	NOT-FOR-US: MagicScripts E-Store
-CVE-2008-3593
+CVE-2008-3593 (Directory traversal vulnerability in index.php in SyzygyCMS 0.3 allows ...)
 	NOT-FOR-US: SyzygyCMS
-CVE-2008-3592
+CVE-2008-3592 (Unrestricted file upload vulnerability in the File Manager in the admi ...)
 	NOT-FOR-US: Twentyone Degrees Symphony 1.7.01
-CVE-2008-3591
+CVE-2008-3591 (SQL injection vulnerability in lib/class.admin.php in Twentyone Degree ...)
 	NOT-FOR-US: Twentyone Degrees Symphony 1.7.01
-CVE-2008-3590
+CVE-2008-3590 (Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. Pol ...)
 	NOT-FOR-US: E. Z. Poll 2
-CVE-2008-3589
+CVE-2008-3589 (Directory traversal vulnerability in download.php in moziloCMS 1.10.1, ...)
 	NOT-FOR-US: mozilo CMS 1.10.1
-CVE-2008-3588
+CVE-2008-3588 (Multiple SQL injection vulnerabilities in phsBlog 0.1.1 allow remote a ...)
 	NOT-FOR-US: phsBlog 0.1.1
-CVE-2008-3587
+CVE-2008-3587 (Cross-site scripting (XSS) vulnerability in result.php in Chris Buntin ...)
 	NOT-FOR-US: Homes 4 Sale
-CVE-2008-3586
+CVE-2008-3586 (SQL injection vulnerability in the EZ Store (com_ezstore) component fo ...)
 	NOT-FOR-US: EZ Store (com_ezstore) component for Joomla!
-CVE-2008-3585
+CVE-2008-3585 (Multiple SQL injection vulnerabilities in PozScripts GreenCart PHP Sho ...)
 	NOT-FOR-US: PozScripts GreenCart PHP Shopping Cart
-CVE-2008-3584
+CVE-2008-3584 (NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not prope ...)
 	NOT-FOR-US: NetBSD
-CVE-2008-3583
+CVE-2008-3583 (Buffer overflow in the HTML parser in IntelliTamper 2.07 allows remote ...)
 	NOT-FOR-US: IntelliTamper 2.07
-CVE-2008-3582
+CVE-2008-3582 (SQL injection vulnerability in login.php in Keld PHP-MySQL News Script ...)
 	NOT-FOR-US: Keld PHP-MySQL News Script 0.7.1
-CVE-2008-3581
+CVE-2008-3581 (Cross-site scripting (XSS) vulnerability in index.php in Qsoft K-Links ...)
 	NOT-FOR-US: Qsoft K-Links
-CVE-2008-3580
+CVE-2008-3580 (Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote a ...)
 	NOT-FOR-US: Qsoft K-Links
-CVE-2008-3579
+CVE-2008-3579 (Calacode @Mail 5.41 on Linux does not require administrative authentic ...)
 	NOT-FOR-US: Calacode Atmail
-CVE-2008-3578
+CVE-2008-3578 (HydraIRC 0.3.164 and earlier allows remote attackers to cause a denial ...)
 	NOT-FOR-US: HydraIRC
-CVE-2008-3577
+CVE-2008-3577 (Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows loca ...)
 	- openttd 0.6.2-1 (unimportant)
 	NOTE: no vulnerability at all, not exploitable remote or local, openttd
-CVE-2008-3576
+CVE-2008-3576 (Buffer overflow in the TruncateString function in src/gfx.cpp in OpenT ...)
 	- openttd 0.6.2-1
-CVE-2008-3575
+CVE-2008-3575 (PHP remote file inclusion vulnerability in modules/calendar/minicalend ...)
 	NOT-FOR-US: ezContents CMS
-CVE-2008-3574
+CVE-2008-3574 (Multiple cross-site scripting (XSS) vulnerabilities in Pluck 4.5.2, wh ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2008-3573
+CVE-2008-3573 (The CAPTCHA implementation in (1) Pligg 9.9.5 and possibly (2) Francis ...)
 	NOT-FOR-US: Pligg
-CVE-2008-3572
+CVE-2008-3572 (Cross-site scripting (XSS) vulnerability in index.php in Pligg 9.9.5 a ...)
 	NOT-FOR-US: Pligg
-CVE-2008-3571
+CVE-2008-3571 (The Xerox Phaser 8400 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Xerox Phaser 8400
-CVE-2008-3570
+CVE-2008-3570 (PHP remote file inclusion vulnerability in index.php in Africa Be Gone ...)
 	NOT-FOR-US: Africa Be Gone
-CVE-2008-3569
+CVE-2008-3569 (Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.6.7, wh ...)
 	NOT-FOR-US: XAMPP
-CVE-2008-3568
+CVE-2008-3568 (Absolute path traversal vulnerability in fckeditor/editor/filemanager/ ...)
 	- fckeditor <not-affected> (Vulnerable code not present)
 	NOTE: unak specific change, see fckeditor/unak_changes.txt in source
-CVE-2008-3567
+CVE-2008-3567 (Cross-zone scripting vulnerability in the NowPlaying functionality in  ...)
 	NOT-FOR-US: NullSoft Winamp
-CVE-2008-3566
+CVE-2008-3566 (Cross-site scripting (XSS) vulnerability in ZoneO-soft freeForum 1.7 a ...)
 	NOT-FOR-US: ZoneO-soft freeForum
-CVE-2008-3565
+CVE-2008-3565 (Multiple cross-site scripting (XSS) vulnerabilities in Meeting Room Bo ...)
 	NOT-FOR-US: Meeting Room Booking System (MRBS)
-CVE-2008-3564
+CVE-2008-3564 (Multiple directory traversal vulnerabilities in index.php in Dayfox Bl ...)
 	NOT-FOR-US: Dayfox Blog
-CVE-2008-3563
+CVE-2008-3563 (Multiple SQL injection vulnerabilities in Plogger 3.0 and earlier allo ...)
 	NOT-FOR-US: Plogger
-CVE-2008-3562
+CVE-2008-3562 (Directory traversal vulnerability in index.php in the Contact module i ...)
 	NOT-FOR-US: Chupix CMS
-CVE-2008-3561
+CVE-2008-3561 (SQL injection vulnerability in s03.php in Powergap Shopsystem, when ma ...)
 	NOT-FOR-US: Powergap Shopsystem
-CVE-2008-3560
+CVE-2008-3560 (Cross-site scripting (XSS) vulnerability in kshop_search.php in the Ks ...)
 	NOT-FOR-US: Kshop module for Xoops
-CVE-2008-3559
+CVE-2008-3559 (Multiple cross-site scripting (XSS) vulnerabilities in KAPhotoservice  ...)
 	NOT-FOR-US: KAPhotoservice
-CVE-2008-3558
+CVE-2008-3558 (Stack-based buffer overflow in the WebexUCFObject ActiveX control in a ...)
 	NOT-FOR-US: Webex Meeting Manager (Windows)
-CVE-2008-3557
+CVE-2008-3557 (Free Hosting Manager 1.2 and 2.0 allows remote attackers to bypass aut ...)
 	NOT-FOR-US: Free Hosting Manager
-CVE-2008-3556
+CVE-2008-3556 (Multiple SQL injection vulnerabilities in index.php in Battle.net Clan ...)
 	NOT-FOR-US: Battle.net Clan Script
-CVE-2008-3555
+CVE-2008-3555 (Directory traversal vulnerability in index.php in (1) WSN Forum 4.1.43 ...)
 	NOT-FOR-US: Wsn Knowledge Base
-CVE-2008-3554
+CVE-2008-3554 (SQL injection vulnerability in index.php in Discuz! 6.0.1 allows remot ...)
 	NOT-FOR-US: Discuz!
-CVE-2008-3553
+CVE-2008-3553 (Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition de ...)
 	NOT-FOR-US: Nokia Series 40 3rd edition devices
-CVE-2008-3552
+CVE-2008-3552 (Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition FP ...)
 	NOT-FOR-US: Nokia Series 40 3rd edition devices
-CVE-2008-3551
+CVE-2008-3551 (Multiple unspecified vulnerabilities in Sun Java Platform Micro Editio ...)
 	NOT-FOR-US: Sun Java Platform Micro Edition
-CVE-2008-3550
+CVE-2008-3550 (The CQWeb login page in IBM Rational ClearQuest 7.0.1 allows remote at ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2008-3549
+CVE-2008-3549 (Unspecified vulnerability in the pthread_mutex_reltimedlock_np API in  ...)
 	NOT-FOR-US: Sun Solaris 10 and OpenSolaris
-CVE-2008-3548
+CVE-2008-3548 (Unspecified vulnerability in the Sun Netra T5220 Server with firmware  ...)
 	NOT-FOR-US: Sun Netra T5220 Server
-CVE-2008-3545
+CVE-2008-3545 (Unspecified vulnerability in ovtopmd in HP OpenView Network Node Manag ...)
 	NOT-FOR-US: HP OpenView
-CVE-2008-3544
+CVE-2008-3544 (Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Net ...)
 	NOT-FOR-US: HP OpenView
-CVE-2008-3543
+CVE-2008-3543 (Unspecified vulnerability in NFS / ONCplus B.11.31_04 and earlier on H ...)
 	NOT-FOR-US: HP-UX
-CVE-2008-3542
+CVE-2008-3542 (Unspecified vulnerability in HP Insight Diagnostics before 7.9.1.2402  ...)
 	NOT-FOR-US: HP Insight Diagnostics
 CVE-2008-3541
 	REJECTED
 CVE-2008-3540
 	RESERVED
-CVE-2008-3539
+CVE-2008-3539 (Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connec ...)
 	NOT-FOR-US: HP OpenView Select Identity (HPSI)
-CVE-2008-3538
+CVE-2008-3538 (Unspecified vulnerability in HP Enterprise Discovery 2.0 through 2.52  ...)
 	NOT-FOR-US: HP Enterprise Discovery
-CVE-2008-3537
+CVE-2008-3537 (Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Ma ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-3536
+CVE-2008-3536 (Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Ma ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-3535
+CVE-2008-3535 (Off-by-one error in the iov_iter_advance function in mm/filemap.c in t ...)
 	{DSA-1636-1}
 	- linux-2.6 2.6.26-2
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	NOTE: 94ad374a0751f40d25e22e036c37f7263569d24c
 	NOTE: Fixed in 2.6.25.14 and 2.6.26.1
-CVE-2008-3534
+CVE-2008-3534 (The shmem_delete_inode function in mm/shmem.c in the tmpfs implementat ...)
 	{DSA-1636-1}
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	- linux-2.6 2.6.26-2
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: 14fcc23fdc78e9d32372553ccf21758a9bd56fa1
 	NOTE: Fixed in 2.6.25.14 and 2.6.26.1
-CVE-2008-3533
+CVE-2008-3533 (Format string vulnerability in the window_error function in yelp-windo ...)
 	{DTSA-154-1}
 	- yelp 2.22.1-4 (low)
 	[etch] - yelp <not-affected> (Vulnerable code not present)
-CVE-2008-3531
+CVE-2008-3531 (Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in F ...)
 	- kfreebsd-7 7.0-5
-CVE-2008-3530
+CVE-2008-3530 (sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD  ...)
 	- kfreebsd-6 6.3-7
 	- kfreebsd-7 7.0-5
-CVE-2008-3529
+CVE-2008-3529 (Heap-based buffer overflow in the xmlParseAttValueComplex function in  ...)
 	{DSA-1654-1}
 	- libxml2 2.6.32.dfsg-4 (bug #498768)
-CVE-2008-3528
+CVE-2008-3528 (The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/di ...)
 	{DSA-1687-1 DSA-1681-1}
 	- linux-2.6 2.6.26-11
 	- linux-2.6.24 2.6.24-6~etchnhalf.7
@@ -8912,144 +8912,144 @@ CVE-2008-3528
 	NOTE: mount an arbitrary filesystem image (at which point why not just
 	NOTE: include a setuid shell or world-writable hard disk device file or some
 	NOTE: such). Me, I think they're just being silly.
-CVE-2008-3527
+CVE-2008-3527 (arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDS ...)
 	{DSA-1687-1}
 	- linux-2.6 2.6.21-1
-CVE-2008-3526
+CVE-2008-3526 (Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/ ...)
 	{DSA-1636-1}
 	- linux-2.6 2.6.26-4
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	[etch] - linux-2.6 <not-affected>
-CVE-2008-3525
+CVE-2008-3525 (The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem ...)
 	{DSA-1655-1 DSA-1653-1}
 	- linux-2.6 2.6.26-7
 	- linux-2.6.24 2.6.24-6~etchnhalf.6
-CVE-2008-3524
+CVE-2008-3524 (rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux  ...)
 	NOT-FOR-US: rc.sysinit on Fedora
 CVE-2008-3523
 	RESERVED
-CVE-2008-3522
+CVE-2008-3522 (Buffer overflow in the jas_stream_printf function in libjasper/base/ja ...)
 	{DSA-2080-1}
 	- jasper 1.900.1-5.1 (medium; bug #501021)
 	- ghostscript 8.64~dfsg-2 (medium; bug #559778)
 	- gs-gpl <removed> (medium; bug #561717)
 	- netpbm-free <not-affected> (dynamically links to ghostscript if available)
-CVE-2008-3521
+CVE-2008-3521 (Race condition in the jas_stream_tmpfile function in libjasper/base/ja ...)
 	- jasper 1.900.1-5.1 (unimportant; bug #501021)
 	NOTE: file is opened with O_EXCL even if tmpnam is used in this case
-CVE-2008-3520
+CVE-2008-3520 (Multiple integer overflows in JasPer 1.900.1 might allow context-depen ...)
 	- jasper 1.900.1-5.1 (medium; bug #501021)
 	- ghostscript 8.64~dfsg-2 (low; bug #559778)
 	[lenny] - ghostscript <not-affected> (Too intrusive to backport)
 	- gs-gpl <removed> (low; bug #561717)
 	- netpbm-free <not-affected> (dynamically links to ghostscript if available)
-CVE-2008-3519
+CVE-2008-3519 (The default configuration of the JBossAs component in Red Hat JBoss En ...)
 	- jbossas4 <not-affected> (configuration not yet included in Debian package)
 CVE-2008-3518
 	REJECTED
 CVE-2008-3517
 	REJECTED
-CVE-2008-3516
+CVE-2008-3516 (Multiple cross-site scripting (XSS) vulnerabilities in files generated ...)
 	NOT-FOR-US: Adobe Presenter
-CVE-2008-3515
+CVE-2008-3515 (Multiple cross-site scripting (XSS) vulnerabilities in files generated ...)
 	NOT-FOR-US: Adobe Presenter
-CVE-2008-3514
+CVE-2008-3514 (VMware VirtualCenter 2.5 before Update 2 and 2.0.2 before Update 5 rel ...)
 	NOT-FOR-US: VMware VirtualCenter
-CVE-2008-3513
+CVE-2008-3513 (SQL injection vulnerability in the Book Catalog module 1.0 for PHP-Nuk ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-3512
+CVE-2008-3512 (SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke a ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-3511
+CVE-2008-3511 (Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Image G ...)
 	NOT-FOR-US: Softbiz Image Gallery
-CVE-2008-3510
+CVE-2008-3510 (Cross-site scripting (XSS) vulnerability in livehelp_js.php in Crafty  ...)
 	NOT-FOR-US: Crafty Syntax Live Help (CSLH)
-CVE-2008-3509
+CVE-2008-3509 (LoveCMS 1.6.2 does not require administrative authentication for (1) a ...)
 	NOT-FOR-US: LoveCMS
-CVE-2008-3508
+CVE-2008-3508 (LiteNews 0.1 (aka 01), and possibly 1.2 and earlier, allows remote att ...)
 	NOT-FOR-US: LiteNews
-CVE-2008-3507
+CVE-2008-3507 (SQL injection vulnerability in index.php in LiteNews 0.1 (aka 01), and ...)
 	NOT-FOR-US: LiteNews
-CVE-2008-3506
+CVE-2008-3506 (SQL injection vulnerability in PolyPager 1.0 rc2 and earlier allows re ...)
 	NOT-FOR-US: PolyPager
-CVE-2008-3505
+CVE-2008-3505 (Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and earl ...)
 	NOT-FOR-US: PolyPager
-CVE-2008-3504
+CVE-2008-3504 (Unspecified vulnerability in mask PHP File Manager (mPFM) before 2.3 h ...)
 	NOT-FOR-US: mask PHP File Manager (mPFM)
-CVE-2008-3503
+CVE-2008-3503 (RSSFromParent in Plain Black WebGUI before 7.5.13 does not restrict vi ...)
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2008-3502
+CVE-2008-3502 (Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through ...)
 	NOT-FOR-US: Best Practical Solutions RT
-CVE-2008-3501
+CVE-2008-3501 (Cross-site scripting (XSS) vulnerability in the WebAccess simple inter ...)
 	NOT-FOR-US: Novell Groupwise
-CVE-2008-3500
+CVE-2008-3500 (Cross-site scripting (XSS) vulnerability in the Suggested Terms module ...)
 	NOT-FOR-US: suggested terms, additional drupal module
-CVE-2008-3499
+CVE-2008-3499 (Unspecified vulnerability in "a page in the workarea folder" in Ektron ...)
 	NOT-FOR-US: Ektron CMS400.NET
-CVE-2008-3498
+CVE-2008-3498 (SQL injection vulnerability in the nBill (com_netinvoice) component 1. ...)
 	NOT-FOR-US: nBill, joomla component
-CVE-2008-3497
+CVE-2008-3497 (SQL injection vulnerability in pages.php in MyPHP CMS 0.3.1 allows rem ...)
 	NOT-FOR-US: MyPHP CMS
-CVE-2008-3496
+CVE-2008-3496 (Buffer overflow in format descriptor parsing in the uvc_parse_format f ...)
 	- linux-2.6 2.6.26-2
 	[etch] - linux-2.6 <not-affected> (code not present)
 	- linux-2.6.24 <not-affected> (code not present)
-CVE-2008-3495
+CVE-2008-3495 (SQL injection vulnerability in kategori.asp in Pcshey Portal allows re ...)
 	NOT-FOR-US: Pcshey Portal
-CVE-2008-3494
+CVE-2008-3494 (8e6 R3000 Internet Filter 2.0.12.10 allows remote attackers to bypass  ...)
 	NOT-FOR-US: 8e6 R3000 Internet Filter
-CVE-2008-3493
+CVE-2008-3493 (vncviewer.exe in RealVNC Windows Client 4.1.2.0 allows remote VNC serv ...)
 	NOT-FOR-US: RealVNC Windows Client
-CVE-2008-3492
+CVE-2008-3492 (America's Army (aka AA or Army Game Project) 2.8.3.1 and earlier allow ...)
 	NOT-FOR-US: America's Army (aka AA or Army Game Project)
-CVE-2008-3491
+CVE-2008-3491 (SQL injection vulnerability in go.php in Scripts24 iPost 1.0.1 and iTG ...)
 	NOT-FOR-US: Scripts24 iPost
-CVE-2008-3490
+CVE-2008-3490 (SQL injection vulnerability in members/mail.php in E-topbiz Online Dat ...)
 	NOT-FOR-US: E-topbiz Online Dating 3
-CVE-2008-3489
+CVE-2008-3489 (SQL injection vulnerability in checkCookie function in includes/functi ...)
 	NOT-FOR-US: PHPX
-CVE-2008-3488
+CVE-2008-3488 (Unspecified vulnerability in Novell iManager before 2.7 SP1 (2.7.1) al ...)
 	NOT-FOR-US: Novell iManager
-CVE-2008-3487
+CVE-2008-3487 (SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced  ...)
 	NOT-FOR-US: PHPAuction GPL Enhanced
-CVE-2008-3486
+CVE-2008-3486 (Directory traversal vulnerability in the user_get_profile function in  ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-3485
+CVE-2008-3485 (Untrusted search path vulnerability in Citrix MetaFrame Presentation S ...)
 	NOT-FOR-US: Citrix MetaFrame Presentation Server
-CVE-2008-3532
+CVE-2008-3532 (The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certif ...)
 	- pidgin 2.4.3-2 (bug #492434)
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (gaim is now a transitional package depending on pidgin with its own source package)
 	NOTE: http://developer.pidgin.im/ticket/6500
-CVE-2008-3546
+CVE-2008-3546 (Stack-based buffer overflow in the (1) diff_addremove and (2) diff_cha ...)
 	{DSA-1637-1 DTSA-153-1 DTSA-153-2}
 	- git-core 1:1.5.6.5 (medium; bug #494097)
-CVE-2008-3484
+CVE-2008-3484 (SQL injection vulnerability in eStoreAff 0.1 allows remote attackers t ...)
 	NOT-FOR-US: eStoreAff
-CVE-2008-3483
+CVE-2008-3483 (Cross-site scripting (XSS) vulnerability in ScrewTurn Wiki 2.0.29 and  ...)
 	NOT-FOR-US: ScrewTurn Wiki
-CVE-2008-3482
+CVE-2008-3482 (Cross-site scripting (XSS) vulnerability in the error page feature in  ...)
 	NOT-FOR-US: Panasonic Network Camera
-CVE-2008-3481
+CVE-2008-3481 (themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and e ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-3480
+CVE-2008-3480 (Stack-based buffer overflow in the Anzio Web Print Object (WePO) Activ ...)
 	NOT-FOR-US: Anzio Web Print Object
-CVE-2008-3479
+CVE-2008-3479 (Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) ser ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-3478
 	REJECTED
-CVE-2008-3477
+CVE-2008-3477 (Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not prop ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-3476
+CVE-2008-3476 (Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle er ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-3475
+CVE-2008-3475 (Microsoft Internet Explorer 6 does not properly handle errors related  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-3474
+CVE-2008-3474 (Microsoft Internet Explorer 6 and 7 does not properly determine the do ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-3473
+CVE-2008-3473 (Microsoft Internet Explorer 6 and 7 does not properly determine the do ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-3472
+CVE-2008-3472 (Microsoft Internet Explorer 6 and 7 does not properly determine the do ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-3471
+CVE-2008-3471 (Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 200 ...)
 	NOT-FOR-US: Microsoft
 CVE-2008-3470
 	REJECTED
@@ -9059,11 +9059,11 @@ CVE-2008-3468
 	REJECTED
 CVE-2008-3467
 	REJECTED
-CVE-2008-3466
+CVE-2008-3466 (Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-3465
+CVE-2008-3465 (Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-3464
+CVE-2008-3464 (afd.sys in the Ancillary Function Driver (AFD) component in Microsoft  ...)
 	NOT-FOR-US: Microsoft
 CVE-2008-3463
 	REJECTED
@@ -9071,603 +9071,603 @@ CVE-2008-3462
 	REJECTED
 CVE-2008-3461
 	REJECTED
-CVE-2008-3460
+CVE-2008-3460 (WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Offic ...)
 	NOT-FOR-US: Microsoft Office 2000
-CVE-2008-3459
+CVE-2008-3459 (Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when  ...)
 	- openvpn 2.1~rc9-1 (low; bug #493488)
 	NOTE: pull/push needs to be allowed, successful authentication, compromised or malicious server
 	[etch] - openvpn <not-affected> (Upstream states that the 2.0.x versions are unaffected)
-CVE-2008-3458
+CVE-2008-3458 (Vtiger CRM before 5.0.4 stores sensitive information under the web roo ...)
 	NOT-FOR-US: Vtiger CRM
-CVE-2008-3457
+CVE-2008-3457 (Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin be ...)
 	{DSA-1641-1}
 	- phpmyadmin 4:2.11.8~rc1-1
 	NOTE: if an attacker can write arbitrary content to config/config.php you have way more problems than this XSS
-CVE-2008-3455
+CVE-2008-3455 (PHP remote file inclusion vulnerability in include/admin.php in JnSHos ...)
 	NOT-FOR-US: JnSHosts PHP Hosting Directory
-CVE-2008-3454
+CVE-2008-3454 (JnSHosts PHP Hosting Directory 2.0 allows remote attackers to bypass a ...)
 	NOT-FOR-US: JnSHosts PHP Hosting Directory
-CVE-2008-3453
+CVE-2008-3453 (Multiple unspecified vulnerabilities in ImpressCMS 1.0 have unknown im ...)
 	NOT-FOR-US: ImpressCMS
-CVE-2008-3452
+CVE-2008-3452 (SQL injection vulnerability in the Calendar module in eNdonesia 8.4 al ...)
 	NOT-FOR-US: eNdonesia
-CVE-2008-3451
+CVE-2008-3451 (PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with a ...)
 	NOT-FOR-US: PhpWebGallery
-CVE-2008-3450
+CVE-2008-3450 (Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 ...)
 	NOT-FOR-US: Solaris
-CVE-2008-3449
+CVE-2008-3449 (MailEnable Professional 3.5.2 and Enterprise 3.52 allow remote attacke ...)
 	NOT-FOR-US: MailEnable
-CVE-2008-3448
+CVE-2008-3448 (Cross-site scripting (XSS) vulnerability in index.php in common soluti ...)
 	NOT-FOR-US: csphonebook
-CVE-2008-3447
+CVE-2008-3447 (The scanning engine in F-Prot Antivirus 6.2.1 4252 allows remote attac ...)
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2008-3446
+CVE-2008-3446 (Directory traversal vulnerability in inc/wysiwyg.php in LetterIt 2 all ...)
 	NOT-FOR-US: LetterIt
-CVE-2008-3445
+CVE-2008-3445 (SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 al ...)
 	NOT-FOR-US: phpMyRealty
-CVE-2008-3444
+CVE-2008-3444 (The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows r ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: browser dos not treated as security issues
-CVE-2008-3443
+CVE-2008-3443 (The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8 ...)
 	{DSA-1695-1}
 	- ruby1.8 1.8.7.72-1 (low; bug #494401)
 	- ruby1.9 1.9.0.2-9 (low)
 	NOTE: Upstream commits 18212 (for 1.8) and 18213 (for 1.9).
 	NOTE: this specific problem does not exist in ruby1.9 but a very similar problem
 	NOTE: that has been fixed in this version (308_regexp_segv.dpatch)
-CVE-2008-3442
+CVE-2008-3442 (WinZip before 11.0 does not properly verify the authenticity of update ...)
 	NOT-FOR-US: WinZip
-CVE-2008-3441
+CVE-2008-3441 (Nullsoft Winamp before 5.24 does not properly verify the authenticity  ...)
 	NOT-FOR-US: Nullsoft Winamp
-CVE-2008-3440
+CVE-2008-3440 (Sun Java 1.6.0_03 and earlier versions, and possibly later versions, d ...)
 	- sun-java5 <not-affected> (only java updater for windows affected)
 	- sun-java6 <not-affected> (only java updater for windows affected)
-CVE-2008-3439
+CVE-2008-3439 (SpeedBit Video Acceleration before 2.2.1.8 does not properly verify th ...)
 	NOT-FOR-US: SpeedBit Video Acceleration
-CVE-2008-3438
+CVE-2008-3438 (Apple Mac OS X does not properly verify the authenticity of updates, w ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-3437
+CVE-2008-3437 (OpenOffice.org (OOo) before 2.1.0 does not properly verify the authent ...)
 	- openoffice.org <not-affected> (update feature disabled)
-CVE-2008-3436
+CVE-2008-3436 (The GUP generic update process in Notepad++ before 4.8.1 does not prop ...)
 	NOT-FOR-US: Notepad++
-CVE-2008-3435
+CVE-2008-3435 (LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly veri ...)
 	NOT-FOR-US: LinkedIn
-CVE-2008-3434
+CVE-2008-3434 (Apple iTunes before 10.5.1 does not properly verify the authenticity o ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2008-3433
+CVE-2008-3433 (SpeedBit Download Accelerator Plus (DAP) before 8.6.3.9 does not prope ...)
 	NOT-FOR-US: SpeedBit Download Accelerator Plus
-CVE-2008-3432
+CVE-2008-3432 (Heap-based buffer overflow in the mch_expand_wildcards function in os_ ...)
 	- vim <not-affected> (Vulnerable code only present in 6.2 and 6.3, none of them in the archive anymore)
-CVE-2008-3430
+CVE-2008-3430 (Buffer overflow in the CoVideoWindow.ocx ActiveX control 5.0.907.1 in  ...)
 	NOT-FOR-US: Eyeball MessengerSDK
-CVE-2008-3428
+CVE-2008-3428 (Session fixation vulnerability in phpFreeChat 1.1 allows remote authen ...)
 	NOT-FOR-US: phpFreeChat
 CVE-2008-3427
 	REJECTED
-CVE-2008-3426
+CVE-2008-3426 (Unspecified vulnerability in the Solaris Platform Information and Cont ...)
 	NOT-FOR-US: Solaris
-CVE-2008-3425
+CVE-2008-3425 (Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2008-3424
+CVE-2008-3424 (Condor before 7.0.4 does not properly handle wildcards in the ALLOW_WR ...)
 	- condor <not-affected> (Fixed before initial upload to archive)
-CVE-2008-3423
+CVE-2008-3423 (IBM WebSphere Portal 5.1 through 6.1.0.0 allows remote attackers to by ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2008-3422
+CVE-2008-3422 (Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net cla ...)
 	- mono 1.9.1+dfsg-4 (low; bug #494406)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=413534
 	NOTE: http://n2.nabble.com/-PATCH--HTML-encode-attributes-that-might-need-encoding-td584193.html
-CVE-2008-3431
+CVE-2008-3431 (The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualB ...)
 	- virtualbox-ose <not-affected> (affects only windows host systems)
 	NOTE: CORE-2008-0716
-CVE-2008-3456
+CVE-2008-3456 (phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from  ...)
 	{DSA-1641-1}
 	- phpmyadmin 4:2.11.8~rc1-1 (low)
 	NOTE: exploitation circumstances are rare or require other vulnerabilities to be present already. may fix combined with another issue but doesn't warrant DSA on its own
-CVE-2008-3547
+CVE-2008-3547 (Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remo ...)
 	- openttd 0.6.2-1 (medium; bug #493714)
-CVE-2008-3421
+CVE-2008-3421 (Multiple cross-site request forgery (CSRF) vulnerabilities in Blackboa ...)
 	NOT-FOR-US: Blackboard Academic Suite
-CVE-2008-3420
+CVE-2008-3420 (Multiple SQL injection vulnerabilities in Mobius for Mimsy XG 1 1.4.4. ...)
 	NOT-FOR-US: Mobius Web Publishing Software
-CVE-2008-3419
+CVE-2008-3419 (SQL injection vulnerability in ugroups.php in Youtuber Clone allows re ...)
 	NOT-FOR-US: Youtuber Clone
-CVE-2008-3418
+CVE-2008-3418 (SQL injection vulnerability in browse.php in TriO 2.1 and earlier allo ...)
 	NOT-FOR-US: TriO
-CVE-2008-3417
+CVE-2008-3417 (SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and ...)
 	NOT-FOR-US: fipsCMS
-CVE-2008-3416
+CVE-2008-3416 (SQL injection vulnerability in modules/members.php in IceBB before 1.0 ...)
 	NOT-FOR-US: IceBB
-CVE-2008-3415
+CVE-2008-3415 (Directory traversal vulnerability in common.php in CMScout 2.05, when  ...)
 	NOT-FOR-US: CMScout
-CVE-2008-3414
+CVE-2008-3414 (SQL injection vulnerability in line2.php in SiteAdmin allows remote at ...)
 	NOT-FOR-US: SiteAdmin
-CVE-2008-3413
+CVE-2008-3413 (SQL injection vulnerability in category.php in Greatclone GC Auction P ...)
 	NOT-FOR-US: Greatclone GC Auction Platinum
-CVE-2008-3412
+CVE-2008-3412 (SQL injection vulnerability in Comsenz EPShop (aka ECShop) before 3.0  ...)
 	NOT-FOR-US: Comsenz EPShop
-CVE-2008-3411
+CVE-2008-3411 (The Axesstel AXW-D800 modem with D2_ETH_109_01_VEBR Jun-14-2006 softwa ...)
 	NOT-FOR-US: The Axesstel AXW-D800 modem
-CVE-2008-3410
+CVE-2008-3410 (Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to ca ...)
 	NOT-FOR-US: Unreal Tournament
-CVE-2008-3409
+CVE-2008-3409 (Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows rem ...)
 	NOT-FOR-US: Unreal Tournament
-CVE-2008-3408
+CVE-2008-3408 (Stack-based buffer overflow in CoolPlayer 2.18, and possibly other ver ...)
 	NOT-FOR-US: CoolPlayer
-CVE-2008-3407
+CVE-2008-3407 (phpLinkat 0.1 allows remote attackers to bypass authentication and acc ...)
 	NOT-FOR-US: phpLinkat
-CVE-2008-3406
+CVE-2008-3406 (SQL injection vulnerability in showcat.php in phpLinkat 0.1 allows rem ...)
 	NOT-FOR-US: phpLinkat
-CVE-2008-3405
+CVE-2008-3405 (Directory traversal vulnerability in index.php in Ricardo Amaral nzFot ...)
 	NOT-FOR-US: Ricardo Amaral nzFotolog
-CVE-2008-3404
+CVE-2008-3404 (Cross-site scripting (XSS) vulnerability in guestbook.js.php in MJGues ...)
 	NOT-FOR-US: MJGuest
-CVE-2008-3403
+CVE-2008-3403 (SQL injection vulnerability in mojoClassified.cgi in MojoPersonals all ...)
 	NOT-FOR-US: MojoPersonals
-CVE-2008-3402
+CVE-2008-3402 (Multiple PHP remote file inclusion vulnerabilities in HIOX Browser Sta ...)
 	NOT-FOR-US: HIOX Browser Statistics
-CVE-2008-3401
+CVE-2008-3401 (PHP remote file inclusion vulnerability in hioxRandomAd.php in HIOX Ra ...)
 	NOT-FOR-US: HIOX Random Ad
-CVE-2008-3400
+CVE-2008-3400 (XRMS CRM 1.99.2 allows remote attackers to obtain configuration inform ...)
 	NOT-FOR-US: XRMS CRM
-CVE-2008-3399
+CVE-2008-3399 (PHP remote file inclusion vulnerability in activities/workflow-activit ...)
 	NOT-FOR-US: XRMS CRM
-CVE-2008-3398
+CVE-2008-3398 (Multiple cross-site scripting (XSS) vulnerabilities in XRMS CRM 1.99.2 ...)
 	NOT-FOR-US: XRMS CRM
-CVE-2008-3397
+CVE-2008-3397 (Cross-site scripting (XSS) vulnerability in Runesoft Cerberus CMS befo ...)
 	NOT-FOR-US: Runesoft Cerberus CMS
-CVE-2008-3396
+CVE-2008-3396 (Unreal Tournament 2004 (UT2004) 3369 and earlier allows remote attacke ...)
 	NOT-FOR-US: Unreal Tournament
-CVE-2008-3395
+CVE-2008-3395 (Calacode @Mail 5.41 on Linux uses weak world-readable permissions for  ...)
 	NOT-FOR-US: Calacode
-CVE-2008-3394
+CVE-2008-3394 (Multiple cross-site scripting (XSS) vulnerabilities in search.cfm in B ...)
 	NOT-FOR-US: BookMine
-CVE-2008-3393
+CVE-2008-3393 (SQL injection vulnerability in events.cfm in BookMine allows remote at ...)
 	NOT-FOR-US: BookMine
-CVE-2008-3392
+CVE-2008-3392 (Cross-site request forgery (CSRF) vulnerability in Web Wiz Forum 9.5 a ...)
 	NOT-FOR-US: Web Wiz Forum
-CVE-2008-3391
+CVE-2008-3391 (Multiple cross-site scripting (XSS) vulnerabilities in Web Wiz Forum 9 ...)
 	NOT-FOR-US: Web Wiz Forum
-CVE-2008-3390
+CVE-2008-3390 (Directory traversal vulnerability in libraries/general.init.php in Min ...)
 	NOT-FOR-US: Minishowcase Image Gallery
-CVE-2008-3389
+CVE-2008-3389 (Stack-based buffer overflow in the libbecompat library in Ingres 2.6,  ...)
 	NOT-FOR-US: Ingres
-CVE-2008-3388
+CVE-2008-3388 (Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote  ...)
 	NOT-FOR-US: Def-Blog
-CVE-2008-3387
+CVE-2008-3387 (SQL injection vulnerability in show.php in PHPFootball 1.6 allows remo ...)
 	NOT-FOR-US: PHPFootball
-CVE-2008-3386
+CVE-2008-3386 (SQL injection vulnerability in album.php in AlstraSoft Video Share Ent ...)
 	NOT-FOR-US: AlstraSoft Video Share Enterprise
-CVE-2008-3385
+CVE-2008-3385 (Directory traversal vulnerability in include/head_chat.inc.php in php  ...)
 	NOT-FOR-US: Help Agent
-CVE-2008-3384
+CVE-2008-3384 (Multiple directory traversal vulnerabilities in help/help.php in Inter ...)
 	NOT-FOR-US: Interact Learning Community Environment Interact
-CVE-2008-3383
+CVE-2008-3383 (SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote  ...)
 	NOT-FOR-US: MojoAuto
-CVE-2008-3382
+CVE-2008-3382 (SQL injection vulnerability in mojoClassified.cgi in MojoClassifieds 2 ...)
 	NOT-FOR-US: MojoClassifieds
-CVE-2008-3381
+CVE-2008-3381 (Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedS ...)
 	- moin 1.7.1-1 (low)
 	[etch] - moin <not-affected> (Vulnerable macro not present)
-CVE-2008-3380
+CVE-2008-3380 (Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in MyioS ...)
 	NOT-FOR-US: MyioSoft EasyBookMarker
-CVE-2008-3379
+CVE-2008-3379 (Cross-site scripting (XSS) vulnerability in Snark VisualPic 0.3.1 allo ...)
 	NOT-FOR-US: Snark VisualPic
-CVE-2008-3378
+CVE-2008-3378 (SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows  ...)
 	NOT-FOR-US: Fizzmedia
-CVE-2008-3377
+CVE-2008-3377 (SQL injection vulnerability in picture.php in phpTest 0.6.3 allows rem ...)
 	NOT-FOR-US: phpTest
-CVE-2008-3376
+CVE-2008-3376 (Multiple unspecified vulnerabilities in JamRoom before 3.4.0 have unkn ...)
 	NOT-FOR-US: JamRoom
-CVE-2008-3375
+CVE-2008-3375 (The jrCookie function in includes/jamroom-misc.inc.php in JamRoom befo ...)
 	NOT-FOR-US: JamRoom
-CVE-2008-3374
+CVE-2008-3374 (SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier ...)
 	NOT-FOR-US: Gregarius
-CVE-2008-3373
+CVE-2008-3373 (The files parsing engine in Grisoft AVG Anti-Virus before 8.0.156 allo ...)
 	NOT-FOR-US: Grisoft AVG Anti-Virus
-CVE-2008-3372
+CVE-2008-3372 (SQL injection vulnerability in search_form.php in Getacoder Clone allo ...)
 	NOT-FOR-US: Getacoder Clone
-CVE-2008-3371
+CVE-2008-3371 (Directory traversal vulnerability in install/help.php in TalkBack 2.3. ...)
 	NOT-FOR-US: TalkBack
-CVE-2008-3370
+CVE-2008-3370 (SQL injection vulnerability in the CUA Login Module in EMC Centera Uni ...)
 	NOT-FOR-US: CUA Login Module in EMC Centera Universal Access
-CVE-2008-3369
+CVE-2008-3369 (SQL injection vulnerability in products_rss.php in ViArt Shop 3.5 and  ...)
 	NOT-FOR-US: ViArt Shop
-CVE-2008-3368
+CVE-2008-3368 (PHP remote file inclusion vulnerability in tools/packages/import.php i ...)
 	NOT-FOR-US: ATutor
-CVE-2008-3367
+CVE-2008-3367 (Cross-site scripting (XSS) vulnerability in RTE_popup_link.asp in Web  ...)
 	NOT-FOR-US: Web Wiz Rich Text Editor
-CVE-2008-3366
+CVE-2008-3366 (SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allow ...)
 	NOT-FOR-US: Pligg CMS
-CVE-2008-3365
+CVE-2008-3365 (Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on W ...)
 	- pixelpost <not-affected> (Exploit relies on register_globals to be on)
-CVE-2008-3364
+CVE-2008-3364 (Buffer overflow in the ObjRemoveCtrl Class ActiveX control in OfficeSc ...)
 	NOT-FOR-US: Trend Micro OfficeScan Corp Edition Web-Deployment
-CVE-2008-3363
+CVE-2008-3363 (Directory traversal vulnerability in user_portal.php in the Dokeos E-L ...)
 	NOT-FOR-US: Dokeos E-Learning System
-CVE-2008-3362
+CVE-2008-3362 (Unrestricted file upload vulnerability in upload.php in the Giulio Gan ...)
 	NOT-FOR-US: Giulio Ganci Wp Downloads Manager module
-CVE-2008-3361
+CVE-2008-3361 (Stack-based buffer overflow in IntelliTamper 2.07 allows remote web si ...)
 	NOT-FOR-US: IntelliTamper
-CVE-2008-3360
+CVE-2008-3360 (Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7  ...)
 	NOT-FOR-US: IntelliTamper
-CVE-2008-3359
+CVE-2008-3359 (SQL injection vulnerability in register.php in Steve Bourgeois and Chr ...)
 	- owl-dms 0.95-1.1 (bug #493372)
-CVE-2008-3358
+CVE-2008-3358 (Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP ...)
 	NOT-FOR-US: SAP NetWeaver portal
-CVE-2008-3357
+CVE-2008-3357 (Untrusted search path vulnerability in ingvalidpw in Ingres 2.6, Ingre ...)
 	NOT-FOR-US: Ingres
-CVE-2008-3356
+CVE-2008-3356 (verifydb in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres  ...)
 	NOT-FOR-US: Ingres
-CVE-2008-3355
+CVE-2008-3355 (SQL injection vulnerability in sitemap.xml.php in Camera Life 2.6.2 al ...)
 	NOT-FOR-US: Camera Life
-CVE-2008-3354
+CVE-2008-3354 (Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus ( ...)
 	NOT-FOR-US: Newbb Plus
-CVE-2008-3353
+CVE-2008-3353 (Multiple cross-site scripting (XSS) vulnerabilities in Pure Software L ...)
 	NOT-FOR-US: Pure Software Lore
-CVE-2008-3352
+CVE-2008-3352 (SQL injection vulnerability in index.php in Live Music Plus 1.1.0 allo ...)
 	NOT-FOR-US: Live Music Plus
-CVE-2008-3351
+CVE-2008-3351 (SQL injection vulnerability in atomPhotoBlog.php in Atom PhotoBlog 1.0 ...)
 	NOT-FOR-US: Atom PhotoBlog
-CVE-2008-3350
+CVE-2008-3350 (dnsmasq 2.43 allows remote attackers to cause a denial of service (dae ...)
 	- dnsmasq 2.44-1 (low)
 	[etch] - dnsmasq <not-affected> (Issue was introduced in 2.43)
-CVE-2008-3349
+CVE-2008-3349 (Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on  ...)
 	NOT-FOR-US: NetApp Data ONTAP
-CVE-2008-3348
+CVE-2008-3348 (Cross-site scripting (XSS) vulnerability in staticpages/easycalendar/i ...)
 	NOT-FOR-US: MyioSoft EasyDynamicPages
-CVE-2008-3347
+CVE-2008-3347 (SQL injection vulnerability in staticpages/easycalendar/index.php in M ...)
 	NOT-FOR-US: MyioSoft EasyDynamicPages
-CVE-2008-3346
+CVE-2008-3346 (SQL injection vulnerability in product_detail.php in ShopCart DX allow ...)
 	NOT-FOR-US: ShopCart DX
-CVE-2008-3345
+CVE-2008-3345 (SQL injection vulnerability in staticpages/easyecards/index.php in Myi ...)
 	NOT-FOR-US: MyioSoft EasyE-Cards
-CVE-2008-3344
+CVE-2008-3344 (Multiple cross-site scripting (XSS) vulnerabilities in staticpages/eas ...)
 	NOT-FOR-US: MyioSoft EasyE-Cards
-CVE-2008-3343
+CVE-2008-3343 (SQL injection vulnerability in staticpages/easypublish/index.php in My ...)
 	NOT-FOR-US: MyioSoft EasyPublish
-CVE-2008-3342
+CVE-2008-3342 (Cross-site scripting (XSS) vulnerability in staticpages/easypublish/in ...)
 	NOT-FOR-US: MyioSoft EasyPublish
-CVE-2008-3341
+CVE-2008-3341 (Multiple SQL injection vulnerabilities in search_result.cfm in Jobbex  ...)
 	NOT-FOR-US: Jobbex JobSite
-CVE-2008-3340
+CVE-2008-3340 (Cross-site scripting (XSS) vulnerability in search_result.cfm in Jobbe ...)
 	NOT-FOR-US: Jobbex JobSite
-CVE-2008-3339
+CVE-2008-3339 (search_result.cfm in Jobbex JobSite allows remote attackers to obtain  ...)
 	NOT-FOR-US: Jobbex JobSite
-CVE-2008-3429
+CVE-2008-3429 (Buffer overflow in URI processing in HTTrack and WinHTTrack before 3.4 ...)
 	{DSA-1626-1}
 	- httrack 3.42.3-1 (low)
-CVE-2008-3338
+CVE-2008-3338 (Multiple buffer overflows in TIBCO Hawk (1) AMI C library (libtibhawka ...)
 	NOT-FOR-US: TIBCO Hawk
-CVE-2008-3337
+CVE-2008-3337 (PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, ...)
 	{DSA-1628-1}
 	- pdns 2.9.21.1-1 (low)
-CVE-2008-3336
+CVE-2008-3336 (Multiple cross-site scripting (XSS) vulnerabilities in PunBB before 1. ...)
 	NOT-FOR-US: PunBB
-CVE-2008-3335
+CVE-2008-3335 (Unspecified vulnerability in PunBB before 1.2.19 allows remote attacke ...)
 	NOT-FOR-US: PunBB
-CVE-2008-3334
+CVE-2008-3334 (Cross-site scripting (XSS) vulnerability in MyBB 1.2.x before 1.2.14 a ...)
 	NOT-FOR-US: MyBB
-CVE-2008-3333
+CVE-2008-3333 (Directory traversal vulnerability in core/lang_api.php in Mantis befor ...)
 	- mantis 1.1.2+dfsg-2
 	NOTE: I've marked the above version as fixed, however I am not sure if it wasn't fixed
 	NOTE: earlier. However, lenny is fixed and it is not in etch and sarge is not supported anymore.
-CVE-2008-3332
+CVE-2008-3332 (Eval injection vulnerability in adm_config_set.php in Mantis before 1. ...)
 	- mantis 1.1.2+dfsg-2
-CVE-2008-3331
+CVE-2008-3331 (Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php ...)
 	- mantis 1.1.2+dfsg-2
-CVE-2008-3329
+CVE-2008-3329 (Unspecified vulnerability in Links before 2.1, when "only proxies" is  ...)
 	- links2 2.1pre37-1.1 (low; bug #492744)
 	[etch] - links2 <no-dsa> (Minor information leak)
-CVE-2008-3328
+CVE-2008-3328 (Cross-site scripting (XSS) vulnerability in the wiki engine in Trac be ...)
 	- trac 0.11-1
 	[etch] - trac 0.10.3-1etch4
-CVE-2008-3324
+CVE-2008-3324 (The PartyGaming PartyPoker client program 121/120 does not properly ve ...)
 	NOT-FOR-US: PartyGaming PartyPoker
-CVE-2008-3323
+CVE-2008-3323 (setup.exe before 2.573.2.3 in Cygwin does not properly verify the auth ...)
 	NOT-FOR-US: Cygwin
-CVE-2008-3322
+CVE-2008-3322 (admin/index.php in Maian Recipe 1.2 and earlier allows remote attacker ...)
 	NOT-FOR-US: Maian *
-CVE-2008-3321
+CVE-2008-3321 (admin/index.php in Maian Uploader 4.0 and earlier allows remote attack ...)
 	NOT-FOR-US: Maian *
-CVE-2008-3320
+CVE-2008-3320 (admin/index.php in Maian Guestbook 3.2 and earlier allows remote attac ...)
 	NOT-FOR-US: Maian *
-CVE-2008-3319
+CVE-2008-3319 (admin/index.php in Maian Links 3.1 and earlier allows remote attackers ...)
 	NOT-FOR-US: Maian *
-CVE-2008-3318
+CVE-2008-3318 (admin/index.php in Maian Weblog 4.0 and earlier allows remote attacker ...)
 	NOT-FOR-US: Maian *
-CVE-2008-3317
+CVE-2008-3317 (admin/index.php in Maian Search 1.1 and earlier allows remote attacker ...)
 	NOT-FOR-US: Maian *
-CVE-2008-3316
+CVE-2008-3316 (Cross-site scripting (XSS) vulnerability in the search feature in the  ...)
 	NOT-FOR-US: Geeklog
-CVE-2008-3315
+CVE-2008-3315 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.1 ...)
 	NOT-FOR-US: Claroline
-CVE-2008-3314
+CVE-2008-3314 (ZDaemon 1.08.07 and earlier allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: ZDaemon
-CVE-2008-3313
+CVE-2008-3313 (Multiple PHP remote file inclusion vulnerabilities in CreaCMS 1.0 allo ...)
 	NOT-FOR-US: CreaCMS
-CVE-2008-3312
+CVE-2008-3312 (Directory traversal vulnerability in lemon_includes/FCKeditor/editor/f ...)
 	- fckeditor <not-affected> (Vulnerable code not present)
 	NOTE: lemon cms patched sources, vulnerable code not present in plain fckeditor in no version.
 	NOTE: if in doubt contact the fsckeditor people.
-CVE-2008-3311
+CVE-2008-3311 (PHP remote file inclusion vulnerability in config.php in Adam Scheinbe ...)
 	NOT-FOR-US: Adam Scheinberg Flip
-CVE-2008-3310
+CVE-2008-3310 (SQL injection vulnerability in default.asp in Pre Survey Poll allows r ...)
 	NOT-FOR-US: Pre Survey Poll
-CVE-2008-3309
+CVE-2008-3309 (SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and earl ...)
 	NOT-FOR-US: DigiLeave
-CVE-2008-3308
+CVE-2008-3308 (PHP remote file inclusion vulnerability in cuenta/cuerpo.php in C. Des ...)
 	NOT-FOR-US: C. Desseno YouTube Blog
-CVE-2008-3307
+CVE-2008-3307 (SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (y ...)
 	NOT-FOR-US: C. Desseno YouTube Blog
-CVE-2008-3306
+CVE-2008-3306 (SQL injection vulnerability in info.php in C. Desseno YouTube Blog (yt ...)
 	NOT-FOR-US: C. Desseno YouTube Blog
-CVE-2008-3305
+CVE-2008-3305 (Cross-site scripting (XSS) vulnerability in mensaje.php in C. Desseno  ...)
 	NOT-FOR-US: C. Desseno YouTube Blog
-CVE-2008-3304
+CVE-2008-3304 (BilboBlog 0.2.1 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: BilboBlog
-CVE-2008-3303
+CVE-2008-3303 (admin/login.php in BilboBlog 0.2.1, when register_globals is enabled,  ...)
 	NOT-FOR-US: BilboBlog
-CVE-2008-3302
+CVE-2008-3302 (SQL injection vulnerability in admin/delete.php in BilboBlog 0.2.1, wh ...)
 	NOT-FOR-US: BilboBlog
-CVE-2008-3301
+CVE-2008-3301 (Multiple cross-site scripting (XSS) vulnerabilities in BilboBlog 0.2.1 ...)
 	NOT-FOR-US: BilboBlog
-CVE-2008-3300
+CVE-2008-3300 (AlphAdmin CMS 1.0.5/03 allows remote attackers to bypass authenticatio ...)
 	NOT-FOR-US: AlphAdmin CMS
-CVE-2008-3299
+CVE-2008-3299 (eSyndiCat 1.6 allows remote attackers to bypass authentication and gai ...)
 	NOT-FOR-US: eSyndiCat
-CVE-2008-3298
+CVE-2008-3298 (SocialEngine (SE) before 2.83 grants certain write privileges for temp ...)
 	NOT-FOR-US: SocialEngine
-CVE-2008-3297
+CVE-2008-3297 (Multiple SQL injection vulnerabilities in SocialEngine (SE) before 2.8 ...)
 	NOT-FOR-US: SocialEngine
-CVE-2008-3296
+CVE-2008-3296 (Directory traversal vulnerability in modules/system/admin.php in XOOPS ...)
 	NOT-FOR-US: XOOPS
-CVE-2008-3295
+CVE-2008-3295 (Cross-site scripting (XSS) vulnerability in modules/system/admin.php i ...)
 	NOT-FOR-US: XOOPS
-CVE-2008-3294
+CVE-2008-3294 (src/configure.in in Vim 5.0 through 7.1, when used for a build with Py ...)
 	- vim <not-affected> (Build issue)
 	NOTE: It looks like the vulnerability only occurs during build, so it shouldn't be an issue for Debian
-CVE-2008-3293
+CVE-2008-3293 (Directory traversal vulnerability in download.php in EZWebAlbum allows ...)
 	NOT-FOR-US: EZWebAlbum
-CVE-2008-3292
+CVE-2008-3292 (constants.inc in EZWebAlbum 1.0 allows remote attackers to bypass auth ...)
 	NOT-FOR-US: EZWebAlbum
-CVE-2008-3291
+CVE-2008-3291 (SQL injection vulnerability in index.php in AproxEngine (aka Aprox CMS ...)
 	NOT-FOR-US: AproxEngine
-CVE-2008-3290
+CVE-2008-3290 (retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows r ...)
 	NOT-FOR-US: EMC Dantz Retrospect Backup Client
-CVE-2008-3289
+CVE-2008-3289 (EMC Dantz Retrospect Backup Client 7.5.116 sends the password hash in  ...)
 	NOT-FOR-US: EMC Dantz Retrospect Backup Client
-CVE-2008-3288
+CVE-2008-3288 (The Server Authentication Module in EMC Dantz Retrospect Backup Server ...)
 	NOT-FOR-US: EMC Dantz Retrospect Backup Server
-CVE-2008-3287
+CVE-2008-3287 (retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows r ...)
 	NOT-FOR-US: EMC Dantz Retrospect Backup Client
-CVE-2008-3286
+CVE-2008-3286 (SWAT 4 1.1 and earlier allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: SWAT 4
-CVE-2008-3285
+CVE-2008-3285 (The Filesys::SmbClientParser module 2.7 and earlier for Perl allows re ...)
 	NOT-FOR-US: Filesys::SmbClientParser
 CVE-2008-3284
 	REJECTED
-CVE-2008-3283
+CVE-2008-3283 (Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red  ...)
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2008-3282
+CVE-2008-3282 (Integer overflow in the rtl_allocateMemory function in sal/rtl/source/ ...)
 	- openoffice.org <not-affected> (openoffice in Debian does not use the custom allocations but g/malloc)
 	NOTE: see ooo-build/distro-configs/CommonLinux.conf.in, openoffice builds on Debian using
 	NOTE: --with-alloc=system which causes the build scripts to use the system allocators instead of the
 	NOTE: custom ones
-CVE-2008-3281
+CVE-2008-3281 (libxml2 2.6.32 and earlier does not properly detect recursion during e ...)
 	{DSA-1631-1 DTSA-158-1}
 	- libxml2 2.6.32.dfsg-3 (medium)
 	- chromium-browser 5.0.375.29~r46008-1
 CVE-2008-3280
 	RESERVED
-CVE-2008-3279
+CVE-2008-3279 (Untrusted search path vulnerability in libbrlttybba.so in brltty 3.7.2 ...)
 	- brltty <not-affected> (RedHat-specific)
 CVE-2008-3278
 	RESERVED
 	- frysk <removed>
-CVE-2008-3277
+CVE-2008-3277 (Untrusted search path vulnerability in a certain Red Hat build script  ...)
 	- ibutils <not-affected> (RedHat-specific)
-CVE-2008-3276
+CVE-2008-3276 (Integer overflow in the dccp_setsockopt_change function in net/dccp/pr ...)
 	{DSA-1653-1 DSA-1636-1}
 	- linux-2.6 2.6.26-4
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
-CVE-2008-3275
+CVE-2008-3275 (The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in t ...)
 	{DSA-1636-1 DSA-1630-1}
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	- linux-2.6 2.6.26-2
 	NOTE: d70b67c8bc72ee23b55381bd6a884f4796692f77
-CVE-2008-3274
+CVE-2008-3274 (The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA  ...)
 	NOT-FOR-US: FreeIPA
-CVE-2008-3273
+CVE-2008-3273 (JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2 ...)
 	- jbossas4 <not-affected> (Only provides a few class libs)
-CVE-2008-3272
+CVE-2008-3272 (The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss ...)
 	{DSA-1636-1 DSA-1630-1}
 	- linux-2.6.24 2.6.24-6~etchnhalf.5
 	- linux-2.6 2.6.26-2
 	NOTE: 82e68f7ffec3800425f2391c8c86277606860442
-CVE-2008-3271
+CVE-2008-3271 (Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers t ...)
 	- tomcat5 <removed> (unimportant)
 	- tomcat5.5 5.5.1
 	- tomcat6 <not-affected>
 	NOTE: It is unlikely that this is exploitable in real world scenarios.
-CVE-2008-3270
+CVE-2008-3270 (yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify th ...)
 	NOT-FOR-US: Red Hat
-CVE-2008-3269
+CVE-2008-3269 (WRPCServer.exe in WinSoftMagic WinRemotePC (WRPC) Lite 2008 and Full 2 ...)
 	NOT-FOR-US: WinRemotePC
-CVE-2008-3268
+CVE-2008-3268 (Unspecified vulnerability in phpScheduleIt 1.2.0 through 1.2.9, when u ...)
 	NOT-FOR-US: phpScheduleIt
-CVE-2008-3267
+CVE-2008-3267 (SQL injection vulnerability in mojoJobs.cgi in MojoJobs allows remote  ...)
 	NOT-FOR-US: MojoJobs
-CVE-2008-3266
+CVE-2008-3266 (SQL injection vulnerability in picture_pic_bv.asp in SoftAcid Hotel Re ...)
 	NOT-FOR-US: SoftAcid Hotel Reservation System
-CVE-2008-3265
+CVE-2008-3265 (SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3  ...)
 	NOT-FOR-US: DT Register
-CVE-2008-3264
+CVE-2008-3264 (The FWDOWNL firmware-download implementation in Asterisk Open Source 1 ...)
 	- asterisk 1:1.4.21.2~dfsg-1
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: http://downloads.digium.com/pub/security/AST-2008-011.html
-CVE-2008-3263
+CVE-2008-3263 (The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x  ...)
 	- asterisk 1:1.4.21.2~dfsg-1
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: http://downloads.digium.com/pub/security/AST-2008-010.html
-CVE-2008-3262
+CVE-2008-3262 (Cross-site request forgery (CSRF) vulnerability in Claroline before 1. ...)
 	NOT-FOR-US: Claroline
-CVE-2008-3261
+CVE-2008-3261 (Open redirect vulnerability in claroline/redirector.php in Claroline b ...)
 	NOT-FOR-US: Claroline
-CVE-2008-3260
+CVE-2008-3260 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline befor ...)
 	NOT-FOR-US: Claroline
-CVE-2008-3259
+CVE-2008-3259 (OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11Use ...)
 	- openssh <not-affected> (linux check that the effective userid matches or that bind addresses dont overlap on rebind)
-CVE-2008-3258
+CVE-2008-3258 (Multiple SQL injection vulnerabilities in Zoph before 0.7.0.5 allow re ...)
 	- zoph 0.7.1-1
 	NOTE: http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=614672
-CVE-2008-3257
+CVE-2008-3257 (Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2008-3256
+CVE-2008-3256 (SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and e ...)
 	NOT-FOR-US: Siteframe CMS
-CVE-2008-3255
+CVE-2008-3255 (Cross-site scripting (XSS) vulnerability in LunarNight Laboratory WebP ...)
 	NOT-FOR-US: LunarNight Laboratory WebProxy
-CVE-2008-3254
+CVE-2008-3254 (SQL injection vulnerability in index.php in preCMS 1 allows remote att ...)
 	NOT-FOR-US: preCMS
-CVE-2008-3253
+CVE-2008-3253 (Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces ...)
 	NOT-FOR-US: Citrix XenServer Express
-CVE-2008-3252
+CVE-2008-3252 (Stack-based buffer overflow in the read_article function in getarticle ...)
 	{DSA-1622-1}
 	- newsx 1.6-3 (bug #492742)
-CVE-2008-3251
+CVE-2008-3251 (Multiple SQL injection vulnerabilities in tplSoccerSite 1.0 allow remo ...)
 	NOT-FOR-US: tplSoccerSite
-CVE-2008-3250
+CVE-2008-3250 (SQL injection vulnerability in index.php in Arctic Issue Tracker 2.0.0 ...)
 	NOT-FOR-US: Arctic Issue Tracker
-CVE-2008-3249
+CVE-2008-3249 (The client in Lenovo System Update before 3.14 does not properly valid ...)
 	NOT-FOR-US: Lenovo System Update
-CVE-2008-3248
+CVE-2008-3248 (qiomkfile in the Quick I/O for Database feature in Symantec Veritas Fi ...)
 	NOT-FOR-US: Symantec Veritas File System on HP-UX
-CVE-2008-3247
+CVE-2008-3247 (The LDT implementation in the Linux kernel 2.6.25.x before 2.6.25.11 o ...)
 	- linux-2.6 2.6.25-7
 	[etch] - linux-2.6 <not-affected> (2.6.25-only issue)
 	- linux-2.6.24 <not-affected> (2.6.25-only issue)
-CVE-2008-3246
+CVE-2008-3246 (Unspecified vulnerability in the PDF distiller component in the BlackB ...)
 	NOT-FOR-US: BlackBerry Attachment Service
-CVE-2008-3245
+CVE-2008-3245 (SQL injection vulnerability in phpHoo3.php in phpHoo3 4.3.9, 4.3.10, 4 ...)
 	NOT-FOR-US: phpHoo3
-CVE-2008-3244
+CVE-2008-3244 (The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 al ...)
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2008-3243
+CVE-2008-3243 (Multiple unspecified vulnerabilities in the scanning engine before 4.4 ...)
 	NOT-FOR-US: F-Prot Antivirus
-CVE-2008-3242
+CVE-2008-3242 (Heap-based buffer overflow in the PPMedia Class ActiveX control in PPM ...)
 	NOT-FOR-US: PPMate
-CVE-2008-3241
+CVE-2008-3241 (SQL injection vulnerability in players-detail.php in UltraStats 0.2.13 ...)
 	NOT-FOR-US: UltraStats
-CVE-2008-3240
+CVE-2008-3240 (SQL injection vulnerability in index.php in AlstraSoft Affiliate Netwo ...)
 	NOT-FOR-US: AlstraSoft Affiliate Network Pro
-CVE-2008-3239
+CVE-2008-3239 (Unrestricted file upload vulnerability in the writeLogEntry function i ...)
 	NOT-FOR-US: PHPizabi
-CVE-2008-3238
+CVE-2008-3238 (Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow rem ...)
 	NOT-FOR-US: ITechBids
-CVE-2008-3237
+CVE-2008-3237 (Cross-site scripting (XSS) vulnerability in forward_to_friend.php in I ...)
 	NOT-FOR-US: ITechBids
-CVE-2008-3236
+CVE-2008-3236 (Unspecified vulnerability in Wsadmin in the System Management/Reposito ...)
 	NOT-FOR-US: Wsadmin
-CVE-2008-3235
+CVE-2008-3235 (Unspecified vulnerability in the PropFilePasswordEncoder utility in th ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-3234
+CVE-2008-3234 (sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapsh ...)
 	- openssh <unfixed> (unimportant)
 	NOTE: this is by design
-CVE-2008-3233
+CVE-2008-3233 (Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN  ...)
 	- wordpress <not-affected> (Code was only present in svn versions)
-CVE-2008-3232
+CVE-2008-3232 (Unrestricted file upload vulnerability in ecrire/images.php in Dotclea ...)
 	NOT-FOR-US: dotclear
-CVE-2008-3231
+CVE-2008-3231 (xine-lib before 1.1.15 allows remote attackers to cause a denial of se ...)
 	- xine-lib 1.1.14-2 (bug #492870; unimportant)
 	NOTE: Only a NULL pointer deference, hardly security relevant
-CVE-2008-3230
+CVE-2008-3230 (The ffmpeg lavf demuxer allows user-assisted attackers to cause a deni ...)
 	- ffmpeg-debian 0.svn20080206-16 (unimportant; bug #498764; bug #498766)
 	- ffmpeg 0.svn20080206-16 (unimportant)
 	- xmovie <removed> (unimportant)
 	NOTE: Only a NULL pointer deference, hardly security relevant
-CVE-2008-3228
+CVE-2008-3228 (Joomla! before 1.5.4 does not configure .htaccess to apply certain sec ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-3227
+CVE-2008-3227 (Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact a ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-3226
+CVE-2008-3226 (The file caching implementation in Joomla! before 1.5.4 allows attacke ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-3225
+CVE-2008-3225 (Joomla! before 1.5.4 allows attackers to access administration functio ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-3217
+CVE-2008-3217 (PowerDNS Recursor before 3.1.6 does not always use the strongest rando ...)
 	{DSA-1544-2}
 	- pdns-recursor 3.1.7-1 (low; bug #493576)
-CVE-2008-3215
+CVE-2008-3215 (libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to  ...)
 	{DSA-1616-2}
 	- clamav 0.93.1.dfsg-1.1 (medium)
-CVE-2008-3214
+CVE-2008-3214 (dnsmasq 2.25 allows remote attackers to cause a denial of service (dae ...)
 	- dnsmasq 2.26-1 (medium)
-CVE-2008-3213
+CVE-2008-3213 (SQL injection vulnerability in secciones/tablon/tablon.php in WebCMS P ...)
 	NOT-FOR-US: WebCMS
-CVE-2008-3212
+CVE-2008-3212 (Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting ...)
 	NOT-FOR-US: Scripteen Free Image Hosting
-CVE-2008-3211
+CVE-2008-3211 (Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attack ...)
 	NOT-FOR-US: Scripteen Free Image Hosting
-CVE-2008-3210
+CVE-2008-3210 (rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows r ...)
 	NOT-FOR-US: ReSIProcate
-CVE-2008-3209
+CVE-2008-3209 (Heap-based buffer overflow in the OpenGifFile function in BiGif.dll in ...)
 	NOT-FOR-US: Black Ice Document Imaging SDK
-CVE-2008-3208
+CVE-2008-3208 (Simple DNS Plus 4.1, 5.0, and possibly other versions before 5.1.101 a ...)
 	NOT-FOR-US: Simple DNS Plus
-CVE-2008-3207
+CVE-2008-3207 (PHP remote file inclusion vulnerability in cms/modules/form.lib.php in ...)
 	NOT-FOR-US: Pragyan CMS
-CVE-2008-3206
+CVE-2008-3206 (SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black C ...)
 	NOT-FOR-US: Yuhhu Pubs Black Cat
-CVE-2008-3205
+CVE-2008-3205 (Directory traversal vulnerability in index.php in Easy-Script Wysi Wik ...)
 	NOT-FOR-US: Easy-Script Wysi Wiki Wyg
-CVE-2008-3204
+CVE-2008-3204 (SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels ...)
 	NOT-FOR-US: E-topbiz Million Pixels
-CVE-2008-3203
+CVE-2008-3203 (js/pages/pages_data.php in AuraCMS 2.2 through 2.2.2 does not perform  ...)
 	NOT-FOR-US: AuraCMS
-CVE-2008-3202
+CVE-2008-3202 (Cross-site scripting (XSS) vulnerability in index.php in Xomol CMS 1.2 ...)
 	NOT-FOR-US: Xomol
-CVE-2008-3201
+CVE-2008-3201 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Pa ...)
 	NOT-FOR-US: Pagefusion
-CVE-2008-3200
+CVE-2008-3200 (SQL injection vulnerability in vlc_forum.php in Avlc Forum as of 20080 ...)
 	NOT-FOR-US: Avlc Forum
-CVE-2008-3199
+CVE-2008-3199 (Multiple unspecified vulnerabilities in ReSIProcate before 1.3.4 allow ...)
 	NOT-FOR-US: ReSIProcate
-CVE-2008-3198
+CVE-2008-3198 (Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arb ...)
 	{DSA-1614-1}
 	- iceweasel 3.0.1-1 (low)
 	NOTE: http://www.mozilla.org/security/announce/2008/mfsa2008-35.html
-CVE-2008-3195
+CVE-2008-3195 (Directory traversal vulnerability in bin/configure in TWiki before 4.2 ...)
 	{DSA-1639-1}
 	- twiki 1:4.1.2-5 (low; bug #499534)
 	NOTE: access to configure script is restricted to localhost on Debian
-CVE-2008-3194
+CVE-2008-3194 (Multiple directory traversal vulnerabilities in data/inc/themes/predef ...)
 	NOT-FOR-US: pluck CMS
-CVE-2008-3193
+CVE-2008-3193 (SQL injection vulnerability in jSite 1.0 OE allows remote attackers to ...)
 	NOT-FOR-US: jSite
-CVE-2008-3192
+CVE-2008-3192 (Directory traversal vulnerability in index.php in jSite 1.0 OE allows  ...)
 	NOT-FOR-US: jSite
-CVE-2008-3191
+CVE-2008-3191 (Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, w ...)
 	NOT-FOR-US: mForum
-CVE-2008-3190
+CVE-2008-3190 (Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 ...)
 	NOT-FOR-US: CodeDB
-CVE-2008-3189
+CVE-2008-3189 (SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager  ...)
 	NOT-FOR-US: DreamNews Manager
-CVE-2008-3188
+CVE-2008-3188 (libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the config ...)
 	- libxcrypt <not-affected> (Suse issue)
-CVE-2008-3187
+CVE-2008-3187 (zypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 d ...)
 	NOT-FOR-US: SUSE Zypper
-CVE-2008-3330
+CVE-2008-3330 (Cross-site scripting (XSS) vulnerability in services/obrowser/index.ph ...)
 	{DSA-1765-1}
 	- horde3 3.2.1+debian0-1 (low; bug #492578)
 	- turba2 2.2.1-1 (low)
 	[etch] - turba2 <not-affected> (only version 2.2 contains vulnerable code, etch has 2.1)
-CVE-2008-3325
+CVE-2008-3325 (Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before ...)
 	{DSA-1691-1}
 	- moodle 1.8.1-1 (low)
 	NOTE: http://moodle.org/mod/forum/discuss.php?d=101405
-CVE-2008-3326
+CVE-2008-3326 (Cross-site scripting (XSS) vulnerability in blog/edit.php in Moodle 1. ...)
 	{DSA-1691-1}
 	- moodle 1.8.2-2 (low; bug #492492)
 	NOTE: http://moodle.org/mod/forum/discuss.php?d=101401
-CVE-2008-3327
+CVE-2008-3327 (Moodle 1.6.5, when display_errors is enabled, allows remote attackers  ...)
 	- moodle <removed> (unimportant)
 	NOTE: http://moodle.org/mod/forum/discuss.php?d=101403
 	NOTE: Does not allow any attack vectors, apart from gaining non-sensible information
@@ -9677,7 +9677,7 @@ CVE-2008-XXXX [mantis multiple issues]
 	NOTE: CVE id requested by redhat
 	NOTE: 0008975 (CSRF) covered by CVE-2008-2276
 	NOTE: 0008976 remote code execution only possible with valid administrator account
-CVE-2008-3196
+CVE-2008-3196 (skeleton.c in yacc does not properly handle reduction of a rule with a ...)
 	- byacc 20070509-1.1 (low; bug #491182)
 	[etch] - byacc <no-dsa> (Minor issue)
 CVE-2008-XXXX [libetpan NULL deref]
@@ -9689,270 +9689,270 @@ CVE-2008-XXXX [XSS in press-this of wordpress]
 	- wordpress <not-affected> (Vulnerable code not present)
 	NOTE: this code was never present in a released wordpress version
 	NOTE: http://www.openwall.com/lists/oss-security/2008/07/15/5
-CVE-2008-3224
+CVE-2008-3224 (Unspecified vulnerability in phpBB before 3.0.1 has unknown impact and ...)
 	- phpbb3 3.0.2-1 (low)
 	- phpbb2 <not-affected> (Vulnerable code not present)
-CVE-2008-3197
+CVE-2008-3197 (Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2 ...)
 	{DSA-1641-1}
 	- phpmyadmin 4:2.11.7.1-1 (low)
 	NOTE: this only allows via csrf to create an empty database.
 	NOTE: this would take a lot of work to get it only to the 'annoying' level, let alone a DoS
-CVE-2008-3186
+CVE-2008-3186 (Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog ( ...)
 	NOT-FOR-US: Chipmunk Blog
-CVE-2008-3185
+CVE-2008-3185 (SQL injection vulnerability in index.php in Relative Real Estate Syste ...)
 	NOT-FOR-US: Relative Real Estate Systems
-CVE-2008-3184
+CVE-2008-3184 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.6.1 ...)
 	NOT-FOR-US: vBulletin
-CVE-2008-3183
+CVE-2008-3183 (PHP remote file inclusion vulnerability in ktmlpro/includes/ktedit/too ...)
 	NOT-FOR-US: gapicms
-CVE-2008-3182
+CVE-2008-3182 (Stack-based buffer overflow in DAP.exe in Download Accelerator Plus (D ...)
 	NOT-FOR-US: Download Accelerator Plus
-CVE-2008-3181
+CVE-2008-3181 (Unrestricted file upload vulnerability in upload.php in ContentNow CMS ...)
 	NOT-FOR-US: ContentNow CMS
-CVE-2008-3180
+CVE-2008-3180 (Multiple cross-site scripting (XSS) vulnerabilities in upload/file/lan ...)
 	NOT-FOR-US: ContentNow CMS
-CVE-2008-3179
+CVE-2008-3179 (Directory traversal vulnerability in website.php in Web 2 Business (W2 ...)
 	NOT-FOR-US: phpDatingClub
-CVE-2008-3178
+CVE-2008-3178 (Unrestricted file upload vulnerability in upload_pictures.php in WebXe ...)
 	NOT-FOR-US: WebXell Editor
-CVE-2008-3177
+CVE-2008-3177 (Sophos virus detection engine 2.75 on Linux and Unix, as used in Sopho ...)
 	NOT-FOR-US: Sophos virus detection engine
 CVE-2008-3176
 	RESERVED
-CVE-2008-3175
+CVE-2008-3175 (Integer underflow in rxRPC.dll in the LGServer service in the server i ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-3174
+CVE-2008-3174 (Unspecified vulnerability in the kmxfw.sys driver in CA Host-Based Int ...)
 	NOT-FOR-US: r8 (Host-Based Intrusion Prevention System (HIPS))
-CVE-2008-3173
+CVE-2008-3173 (Microsoft Internet Explorer allows web sites to set cookies for domain ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-3172
+CVE-2008-3172 (Opera allows web sites to set cookies for country-specific top-level d ...)
 	NOT-FOR-US: Opera
-CVE-2008-3171
+CVE-2008-3171 (Apple Safari sends Referer headers containing https URLs to different  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2008-3170
+CVE-2008-3170 (Apple Safari allows web sites to set cookies for country-specific top- ...)
 	NOT-FOR-US: Apple Safari
-CVE-2008-3169
+CVE-2008-3169 (Multiple heap-based buffer overflows in Empire Server before 4.3.15 al ...)
 	NOT-FOR-US: Empire Server
-CVE-2008-3168
+CVE-2008-3168 (The files utility in Empire Server before 4.3.15 discloses the world c ...)
 	NOT-FOR-US: Empire Server
-CVE-2008-3167
+CVE-2008-3167 (Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin 6 ...)
 	NOT-FOR-US: BoonEx Dolphin
-CVE-2008-3166
+CVE-2008-3166 (PHP remote file inclusion vulnerability in modules/global/inc/content. ...)
 	NOT-FOR-US: BoonEx Ray
-CVE-2008-3165
+CVE-2008-3165 (Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a  ...)
 	NOT-FOR-US: fuzzylime
-CVE-2008-3164
+CVE-2008-3164 (Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, ...)
 	NOT-FOR-US: fuzzylime
-CVE-2008-3163
+CVE-2008-3163 (Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 al ...)
 	NOT-FOR-US: DodosMail
-CVE-2008-3162
+CVE-2008-3162 (Stack-based buffer overflow in the str_read_packet function in libavfo ...)
 	{DSA-1781-1}
 	- ffmpeg-debian 0.svn20080206-10 (bug #489965; low)
 	- ffmpeg 0.svn20080206-10
 	- xmovie <removed>
-CVE-2008-3161
+CVE-2008-3161 (Multiple cross-site scripting (XSS) vulnerabilities in jsp/common/syst ...)
 	NOT-FOR-US: IBM Maximo
-CVE-2008-3160
+CVE-2008-3160 (Multiple unspecified vulnerabilities in IBM Data ONTAP 7.1 before 7.1. ...)
 	NOT-FOR-US: IBM Data ONTAP
-CVE-2008-3159
+CVE-2008-3159 (Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory ...)
 	NOT-FOR-US: eDirectory
-CVE-2008-3158
+CVE-2008-3158 (Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.9 ...)
 	NOT-FOR-US: Novell Client for Windows
-CVE-2008-3157
+CVE-2008-3157 (Nortel SIP Multimedia PC Client 4.x MCS5100 and MCS5200 does not limit ...)
 	NOT-FOR-US: Nortel SIP Multimedia PC Client
-CVE-2008-3156
+CVE-2008-3156 (The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan befo ...)
 	NOT-FOR-US: Panda ActiveScan
-CVE-2008-3155
+CVE-2008-3155 (Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in P ...)
 	NOT-FOR-US: Panda ActiveScan
-CVE-2008-3154
+CVE-2008-3154 (SQL injection vulnerability in index.php in WebBlizzard CMS allows rem ...)
 	NOT-FOR-US: WebBlizzard CMS
-CVE-2008-3153
+CVE-2008-3153 (SQL injection vulnerability in Triton CMS Pro allows remote attackers  ...)
 	NOT-FOR-US: Triton CMS Pro
-CVE-2008-3152
+CVE-2008-3152 (SQL injection vulnerability in directory.php in SmartPPC and SmartPPC  ...)
 	NOT-FOR-US: SmartPPC
-CVE-2008-3151
+CVE-2008-3151 (SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke al ...)
 	NOT-FOR-US: PHP-NUke
-CVE-2008-3150
+CVE-2008-3150 (Directory traversal vulnerability in index.php in Neutrino Atomic Edit ...)
 	NOT-FOR-US: Neutrino Atomic Edition
-CVE-2008-3149
+CVE-2008-3149 (The SNMP daemon in the F5 FirePass 1200 6.0.2 hotfix 3 allows remote a ...)
 	NOT-FOR-US: F5 FirePass
-CVE-2008-3148
+CVE-2008-3148 (Stack-based buffer overflow in (1) OllyDBG 1.10 and (2) ImpREC 1.7f al ...)
 	NOT-FOR-US: OllyDBG/ImpREC
-CVE-2008-3147
+CVE-2008-3147 (WeFi 3.2.1.4.1, when diagnostic mode is enabled, stores (1) WEP, (2) W ...)
 	NOT-FOR-US: WeFi
-CVE-2008-3146
+CVE-2008-3146 (Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly ...)
 	{DTSA-167-1}
 	- wireshark 1.0.3-1 (medium; bug #497878)
-CVE-2008-3144
+CVE-2008-3144 (Multiple integer overflows in the PyOS_vsnprintf function in Python/my ...)
 	{DSA-1667-1 DTSA-157-1}
 	- python2.4 2.4.5-5
 	- python2.5 2.5.2-7
 	[etch] - python2.5 <no-dsa> (Minor issue, not the default Python runtime)
-CVE-2008-3143
+CVE-2008-3143 (Multiple integer overflows in Python before 2.5.2 might allow context- ...)
 	{DSA-1667-1}
 	- python2.4 2.4.5-1
 	[etch] - python2.5 <no-dsa> (Minor issue, not the default Python runtime)
 	- python2.5 2.5.2-1
-CVE-2008-3142
+CVE-2008-3142 (Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platfor ...)
 	{DSA-1667-1 DTSA-157-1}
 	- python2.5 2.5.2-10
 	[etch] - python2.5 <no-dsa> (Minor issue, not the default Python runtime)
 	- python2.4 2.4.5-5
-CVE-2008-3136
+CVE-2008-3136 (SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x allow ...)
 	NOT-FOR-US: AShop Delux
-CVE-2008-3135
+CVE-2008-3135 (Soldner Secret Wars 33724 and earlier allows remote attackers to cause ...)
 	NOT-FOR-US: Soldner Secret Wars
-CVE-2008-3134
+CVE-2008-3134 (Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 al ...)
 	{DSA-1903-1}
 	- graphicsmagick 1.2.4-1 (bug #491439)
 	- imagemagick <unfixed> (unimportant; bug #559775)
 	NOTE: several DoS fixed in 1.2.4 according to upstream
 	NOTE: http://sourceforge.net/project/shownotes.php?release_id=610253
-CVE-2008-3133
+CVE-2008-3133 (SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, ...)
 	NOT-FOR-US: BareNuked CMS
-CVE-2008-3132
+CVE-2008-3132 (SQL injection vulnerability in the beamospetition (com_beamospetition) ...)
 	NOT-FOR-US: Joomla component
-CVE-2008-3131
+CVE-2008-3131 (SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when m ...)
 	NOT-FOR-US: PSys
-CVE-2008-3130
+CVE-2008-3130 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Op ...)
 	NOT-FOR-US: OpenCart
-CVE-2008-3129
+CVE-2008-3129 (Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta ...)
 	NOT-FOR-US: Catviz
-CVE-2008-3128
+CVE-2008-3128 (Directory traversal vulnerability in search.php in Pivot 1.40.5 allows ...)
 	NOT-FOR-US: Pivot
-CVE-2008-3127
+CVE-2008-3127 (PHP remote file inclusion vulnerability in hioxBannerRotate.php in HIO ...)
 	NOT-FOR-US: HIOX Banner Rotator
-CVE-2008-3126
+CVE-2008-3126 (Multiple stack-based buffer overflows in the ServerView web interface  ...)
 	NOT-FOR-US: Fujitsu Siemens Computers ServerView
-CVE-2008-3125
+CVE-2008-3125 (SQL injection vulnerability in index.php in Mole Group Lastminute Scri ...)
 	NOT-FOR-US: Mole Group Lastminute Script
-CVE-2008-3124
+CVE-2008-3124 (SQL injection vulnerability in index.php in Mole Group Hotel Script 1. ...)
 	NOT-FOR-US: Mole Group
-CVE-2008-3123
+CVE-2008-3123 (SQL injection vulnerability in index.php in Mole Group Real Estate Scr ...)
 	NOT-FOR-US: Mole Group
-CVE-2008-3122
+CVE-2008-3122 (Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) b ...)
 	NOT-FOR-US: Xerox CentreWare Web
-CVE-2008-3121
+CVE-2008-3121 (Multiple cross-site scripting (XSS) vulnerabilities in Xerox CentreWar ...)
 	NOT-FOR-US: Xerox CentreWare Web
 CVE-2008-3120
 	REJECTED
-CVE-2008-3119
+CVE-2008-3119 (SQL injection vulnerability in index.php in DreamPics Builder allows r ...)
 	NOT-FOR-US: DreamPics Builder
-CVE-2008-3118
+CVE-2008-3118 (SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier a ...)
 	NOT-FOR-US: PHPmotion
-CVE-2008-3117
+CVE-2008-3117 (Unrestricted file upload vulnerability in update_profile.php in PHPmot ...)
 	NOT-FOR-US: PHPmotion
-CVE-2008-3116
+CVE-2008-3116 (Format string vulnerability in dx8render.dll in Snail Game (aka Suzhou ...)
 	NOT-FOR-US: Snail Game
-CVE-2008-3229
+CVE-2008-3229 (Stack-based buffer overflow in op before Changeset 563, when xauth sup ...)
 	- op <not-affected> (not configured with xauth support)
-CVE-2008-3218
+CVE-2008-3218 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x befo ...)
 	- drupal5 <not-affected> (Vulnerable code not present, feature introduced in 6.0)
 	- drupal-4.7 <not-affected> (Vulnerable code not present, feature introduced in 6.0)
-CVE-2008-3219
+CVE-2008-3219 (The Drupal filter_xss_admin function in 5.x before 5.8 and 6.x before  ...)
 	- drupal5 5.8-1 (low; bug #490559)
 	- drupal-4.7 <removed>
-CVE-2008-3220
+CVE-2008-3220 (Cross-site request forgery (CSRF) vulnerability in Drupal 5.x before 5 ...)
 	- drupal5 5.8-1 (low; bug #490559)
 	- drupal-4.7 <not-affected> (Vulnerable code not present)
 	NOTE: drupal-4.7 uses the locale_admin_string_delete callback which returns a confirmation dialog
-CVE-2008-3221
+CVE-2008-3221 (Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6 ...)
 	- drupal5 <not-affected> (Vulnerable code not present, openids introduced in 6.0)
 	- drupal-4.7 <not-affected> (Vulnerable code not present, openids introduced in 6.0)
-CVE-2008-3222
+CVE-2008-3222 (Session fixation vulnerability in Drupal 5.x before 5.9 and 6.x before ...)
 	- drupal5 5.9-1 (low; bug #490559)
 	- drupal-4.7 <removed>
-CVE-2008-3223
+CVE-2008-3223 (SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 ...)
 	- drupal5 <not-affected> (Vulnerable code not present, introduced in 6.0)
 	- drupal-4.7 <not-affected> (Vulnerable code not present, introduced in 6.0)
-CVE-2008-3145
+CVE-2008-3145 (The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.1 ...)
 	{DSA-1673-1}
 	- wireshark 1.0.2-1 (low)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-04.html
-CVE-2008-3115
+CVE-2008-3115 (Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlie ...)
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3114
+CVE-2008-3114 (Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 befor ...)
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3113
+CVE-2008-3113 (Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 bef ...)
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 <not-affected> (Only for sun-java5)
-CVE-2008-3112
+CVE-2008-3112 (Directory traversal vulnerability in Sun Java Web Start in JDK and JRE ...)
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
 	- openjdk-6 <undetermined> (bug #566770)
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2008-3111
+CVE-2008-3111 (Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 befor ...)
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-04-1 (bug #490260)
-CVE-2008-3110
+CVE-2008-3110 (Unspecified vulnerability in scripting language support in Sun Java Ru ...)
 	- sun-java5 <not-affected> (Only for sun-java6)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3109
+CVE-2008-3109 (Unspecified vulnerability in scripting language support in Sun Java Ru ...)
 	- sun-java5 <not-affected> (Only for sun-java6)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3108
+CVE-2008-3108 (Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5 ...)
 	- sun-java5 1.5.0-10-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 <not-affected> (Only for sun-java5)
-CVE-2008-3107
+CVE-2008-3107 (Unspecified vulnerability in the Virtual Machine in Sun Java Runtime E ...)
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3106
+CVE-2008-3106 (Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK ...)
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3105
+CVE-2008-3105 (Unspecified vulnerability in the JAX-WS client and service in Sun Java ...)
 	- sun-java5 <not-affected> (Only for sun-java6)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3104
+CVE-2008-3104 (Multiple unspecified vulnerabilities in Sun Java Runtime Environment ( ...)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3103
+CVE-2008-3103 (Unspecified vulnerability in the Java Management Extensions (JMX) mana ...)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java5 1.5.0-16-1 (bug #490260)
 	- sun-java6 6-07-1 (bug #490260)
-CVE-2008-3102
+CVE-2008-3102 (Mantis 1.1.x through 1.1.2 and 1.2.x through 1.2.0a2 does not set the  ...)
 	- mantis 1.1.2+dfsg-6 (low; bug #501179)
-CVE-2008-3101
+CVE-2008-3101 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 5.0. ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2008-3100
+CVE-2008-3100 (Cross-site scripting (XSS) vulnerability in lib/owl.lib.php in Steve B ...)
 	- owl-dms 0.95-1.1 (low; bug #493579)
 CVE-2008-3099
 	RESERVED
-CVE-2008-3098
+CVE-2008-3098 (Cross-site scripting (XSS) vulnerability in admin/usercheck.php in fuz ...)
 	NOT-FOR-US: fuzzylime
-CVE-2008-3097
+CVE-2008-3097 (Cross-site scripting (XSS) vulnerability in the Tinytax module (aka Ti ...)
 	NOT-FOR-US: additional drupal module Tinytax
-CVE-2008-3096
+CVE-2008-3096 (The Outline Designer module 5.x before 5.x-1.4 for Drupal changes each ...)
 	NOT-FOR-US: additional drupal module Outline Designer
-CVE-2008-3095
+CVE-2008-3095 (Cross-site scripting (XSS) vulnerability in the Organic Groups (OG) mo ...)
 	NOT-FOR-US: additional drupal module Organic Groups
-CVE-2008-3094
+CVE-2008-3094 (The Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before 6.x-1 ...)
 	NOT-FOR-US: additional drupal module Organic Groups
-CVE-2008-3093
+CVE-2008-3093 (Unrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier ...)
 	NOT-FOR-US: ImperialBB
-CVE-2008-3092
+CVE-2008-3092 (SQL injection vulnerability in the Taxonomy Autotagger module 5.x befo ...)
 	NOT-FOR-US: additional drupal module Taxonomy Autotagger
-CVE-2008-3091
+CVE-2008-3091 (Cross-site scripting (XSS) vulnerability in the Taxonomy Autotagger mo ...)
 	NOT-FOR-US: additional drupal module Taxonomy Autotagger
-CVE-2008-3090
+CVE-2008-3090 (Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO ...)
 	NOT-FOR-US: BlognPlus
-CVE-2008-3089
+CVE-2008-3089 (SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze  ...)
 	NOT-FOR-US: ImperialBB
-CVE-2008-3088
+CVE-2008-3088 (Cross-site scripting (XSS) vulnerability in the Files module in Kassel ...)
 	NOT-FOR-US: Kasseler CMS
-CVE-2008-3087
+CVE-2008-3087 (Directory traversal vulnerability in Kasseler CMS 1.3.0 allows remote  ...)
 	NOT-FOR-US: Kasseler CMS
 CVE-2008-3086
 	REJECTED
@@ -9960,670 +9960,670 @@ CVE-2008-3085
 	REJECTED
 CVE-2008-3084
 	REJECTED
-CVE-2008-3216
+CVE-2008-3216 (The save function in br/prefmanager.d in projectl 1.001 creates a proj ...)
 	- projectl 1.001.dfsg1-2 (low; bug #489988)
 	[etch] - projectl <no-dsa> (Minor issue)
-CVE-2008-3083
+CVE-2008-3083 (SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks ...)
 	NOT-FOR-US: com_brightweblinks omponent for Joomla!
-CVE-2008-3082
+CVE-2008-3082 (Cross-site scripting (XSS) vulnerability in UPM/English/login/login.as ...)
 	NOT-FOR-US: Commtouch Enterprise Anti-Spam Gateway
-CVE-2008-3081
+CVE-2008-3081 (Multiple unspecified "input validation" vulnerabilities in the Web man ...)
 	NOT-FOR-US: Avaya Message Storage Server
-CVE-2008-3080
+CVE-2008-3080 (Cross-site request forgery (CSRF) vulnerability in admin.php in myWebl ...)
 	NOT-FOR-US: myBloggie
-CVE-2008-3079
+CVE-2008-3079 (Unspecified vulnerability in Opera before 9.51 on Windows allows attac ...)
 	NOT-FOR-US: Opera
-CVE-2008-3078
+CVE-2008-3078 (Opera before 9.51 does not properly manage memory within functions sup ...)
 	NOT-FOR-US: Opera
-CVE-2008-3077
+CVE-2008-3077 (arch/x86/kernel/ptrace.c in the Linux kernel before 2.6.25.10 on the x ...)
 	- linux-2.6 2.6.25-7
 	- linux-2.6.24 <not-affected> (Vulnerable code added later)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code added later)
 	NOTE: 1e9a615bfce7996ea4d815d45d364b47ac6a74e8
-CVE-2008-3076
+CVE-2008-3076 (The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted  ...)
 	{DSA-1733-1}
 	- vim 2:7.2.010-1 (bug #506919)
 	[lenny] - vim 1:7.1.314-3+lenny1 (bug #506919)
 	[squeeze] - vim 1:7.1.314-3+lenny1 (bug #506919)
-CVE-2008-3075
+CVE-2008-3075 (The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, al ...)
 	{DSA-1733-1}
 	- vim 2:7.2.010-1 (bug #506919)
 	[lenny] - vim 1:7.1.314-3+lenny1 (bug #506919)
 	[squeeze] - vim 1:7.1.314-3+lenny1 (bug #506919)
-CVE-2008-3074
+CVE-2008-3074 (The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, al ...)
 	{DSA-1733-1}
 	- vim 2:7.2.010-1 (bug #506919)
 	[lenny] - vim 1:7.1.314-3+lenny1 (bug #506919)
 	[squeeze] - vim 1:7.1.314-3+lenny1 (bug #506919)
-CVE-2008-3073
+CVE-2008-3073 (Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.x before  ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-3072
+CVE-2008-3072 (Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13 ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-3071
+CVE-2008-3071 (Directory traversal vulnerability in inc/class_language.php in MyBB be ...)
 	NOT-FOR-US: MyBB
-CVE-2008-3070
+CVE-2008-3070 (Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1 ...)
 	NOT-FOR-US: MyBB
-CVE-2008-3069
+CVE-2008-3069 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB before 1.2 ...)
 	NOT-FOR-US: MyBB
-CVE-2008-3068
+CVE-2008-3068 (Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook,  ...)
 	NOT-FOR-US: Microsoft Crypto API
-CVE-2008-3067
+CVE-2008-3067 (sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when passwo ...)
 	- sudo 1.6.9p12-1
 	[etch] - sudo <not-affected> (Issue was introduced in 1.6.9)
-CVE-2008-3066
+CVE-2008-3066 (Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll ...)
 	NOT-FOR-US: RealNetworks RealPlayer Enterprise
 CVE-2008-3065
 	RESERVED
-CVE-2008-3064
+CVE-2008-3064 (Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealP ...)
 	NOT-FOR-US: RealNetworks RealPlayer Enterprise
-CVE-2008-3063
+CVE-2008-3063 (SQL injection vulnerability in login.php in V-webmail 1.5.0 might allo ...)
 	NOT-FOR-US: V-webmail
 CVE-2008-3062
 	RESERVED
-CVE-2008-3061
+CVE-2008-3061 (Open redirect vulnerability in redirect.php in V-webmail 1.5.0 allows  ...)
 	NOT-FOR-US: V-webmail
-CVE-2008-3060
+CVE-2008-3060 (V-webmail 1.5.0 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: V-webmail
-CVE-2008-3059
+CVE-2008-3059 (member/settings_account.php in Octeth Oempro 3.5.5.1, and possibly oth ...)
 	NOT-FOR-US: Octeth Oempro
-CVE-2008-3058
+CVE-2008-3058 (Multiple SQL injection vulnerabilities in Octeth Oempro 3.5.5.1, and p ...)
 	NOT-FOR-US: Octeth Oempro
-CVE-2008-3057
+CVE-2008-3057 (Octeth Oempro 3.5.5.1, and possibly other versions before 4, does not  ...)
 	NOT-FOR-US: Octeth Oempro
-CVE-2008-3056
+CVE-2008-3056 (SQL injection vulnerability in the Codeon Petition (cd_petition) exten ...)
 	NOT-FOR-US: cd_petition extension for TYPO3
-CVE-2008-3055
+CVE-2008-3055 (SQL injection vulnerability in the Support view (ext_tbl) extension 0. ...)
 	NOT-FOR-US: ext_tbl extension for TYPO3
-CVE-2008-3054
+CVE-2008-3054 (SQL injection vulnerability in the Branchenbuch (aka Yellow Pages o (m ...)
 	NOT-FOR-US: mh_branchenbuch extension for TYPO3
-CVE-2008-3053
+CVE-2008-3053 (SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension ...)
 	NOT-FOR-US: mh_omsqlio extension for TYPO3
-CVE-2008-3052
+CVE-2008-3052 (Unspecified vulnerability in the SQL Frontend (mh_omsqlio) extension 1 ...)
 	NOT-FOR-US: mh_omsqlio extension for TYPO3
-CVE-2008-3051
+CVE-2008-3051 (SQL injection vulnerability in the Pinboard extension 0.0.6 and earlie ...)
 	NOT-FOR-US: Pinboard extension for TYPO3
-CVE-2008-3050
+CVE-2008-3050 (Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) exte ...)
 	NOT-FOR-US: pdfcreator extension for TYPO3
-CVE-2008-3049
+CVE-2008-3049 (The PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for T ...)
 	NOT-FOR-US: pdfcreator extension for TYPO3
-CVE-2008-3048
+CVE-2008-3048 (Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) exte ...)
 	NOT-FOR-US: pdfcreator extension for TYPO3
-CVE-2008-3047
+CVE-2008-3047 (Incomplete blacklist vulnerability in the KB Unpack (kb_unpack) extens ...)
 	NOT-FOR-US: kb_unpack extension for TYPO3
-CVE-2008-3046
+CVE-2008-3046 (Incomplete blacklist vulnerability in the Packman (kb_packman) extensi ...)
 	NOT-FOR-US: kb_packman extension for TYPO3
-CVE-2008-3045
+CVE-2008-3045 (Unspecified vulnerability in the Industry Database (aka Branchendatenb ...)
 	NOT-FOR-US: pro_industrydb extension for TYPO3
-CVE-2008-3044
+CVE-2008-3044 (SQL injection vulnerability in the News Calendar (newscalendar) extens ...)
 	NOT-FOR-US: newscalendar extension for TYPO3
-CVE-2008-3043
+CVE-2008-3043 (Unspecified vulnerability in the WEC Discussion Forum (wec_discussion) ...)
 	NOT-FOR-US: wec_discussion extension for TYPO3
-CVE-2008-3042
+CVE-2008-3042 (Unspecified vulnerability in the DAM Frontend (dam_frontend) extension ...)
 	NOT-FOR-US: dam_frontend extension for TYPO3
-CVE-2008-3041
+CVE-2008-3041 (Unspecified vulnerability in the DAM Frontend (dam_frontend) extension ...)
 	NOT-FOR-US: dam_frontend extension for TYPO3
-CVE-2008-3040
+CVE-2008-3040 (Unspecified vulnerability in the DAM Frontend (dam_frontend) extension ...)
 	NOT-FOR-US: dam_frontend extension for TYPO3
-CVE-2008-3039
+CVE-2008-3039 (SQL injection vulnerability in the DAM Frontend (dam_frontend) extensi ...)
 	NOT-FOR-US: dam_frontend extension for TYPO3
-CVE-2008-3038
+CVE-2008-3038 (SQL injection vulnerability in the Address Directory (sp_directory) ex ...)
 	NOT-FOR-US: sp_directory extension for TYPO3
-CVE-2008-3037
+CVE-2008-3037 (Cross-site scripting (XSS) vulnerability in the Address Directory (sp_ ...)
 	NOT-FOR-US: sp_directory extension for TYPO3
-CVE-2008-3036
+CVE-2008-3036 (Directory traversal vulnerability in index.php in CMS little 0.0.1 all ...)
 	NOT-FOR-US: CMS little
-CVE-2008-3035
+CVE-2008-3035 (SQL injection vulnerability in newThread.php in XchangeBoard 1.70 Fina ...)
 	NOT-FOR-US: XchangeBoard
-CVE-2008-3034
+CVE-2008-3034 (Multiple SQL injection vulnerabilities in RSS-aggregator 1.0 allow rem ...)
 	NOT-FOR-US: RSS-aggregator
-CVE-2008-3033
+CVE-2008-3033 (RSS-aggregator 1.0 does not require administrative authentication for  ...)
 	NOT-FOR-US: RSS-aggregator
-CVE-2008-3032
+CVE-2008-3032 (Cross-site scripting (XSS) vulnerability in the phpMyAdmin (phpmyadmin ...)
 	NOT-FOR-US: phpmyadmin extension for TYPO3
-CVE-2008-3031
+CVE-2008-3031 (Directory traversal vulnerability in index.php in Simple PHP Agenda 2. ...)
 	NOT-FOR-US: Simple PHP Agenda
-CVE-2008-3030
+CVE-2008-3030 (SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows ...)
 	NOT-FOR-US: EfesTECH Shop
-CVE-2008-3029
+CVE-2008-3029 (Cross-site scripting (XSS) vulnerability in the WEC Discussion Forum ( ...)
 	NOT-FOR-US: WEC Discussion Forum
-CVE-2008-3028
+CVE-2008-3028 (Multiple cross-site scripting (XSS) vulnerabilities in the Send-A-Card ...)
 	NOT-FOR-US: sr_sendcard extension for TYPO3
-CVE-2008-3027
+CVE-2008-3027 (SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9  ...)
 	NOT-FOR-US: VanGogh Web CMS
-CVE-2008-3026
+CVE-2008-3026 (SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet  ...)
 	NOT-FOR-US: OneClick CMS
-CVE-2008-3025
+CVE-2008-3025 (SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remo ...)
 	NOT-FOR-US: plx Ad Trader
-CVE-2008-3024
+CVE-2008-3024 (Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3 ...)
 	NOT-FOR-US: phgrafx in QNX Momentics
-CVE-2008-3023
+CVE-2008-3023 (Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.6.2 and e ...)
 	NOT-FOR-US: FreeStyle Wiki
-CVE-2008-3022
+CVE-2008-3022 (Multiple PHP remote file inclusion vulnerabilities in sablonlar/gunays ...)
 	NOT-FOR-US: PHPortal
-CVE-2008-3021
+CVE-2008-3021 (Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack ...)
 	NOT-FOR-US: Microsoft Office 2000
-CVE-2008-3020
+CVE-2008-3020 (Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works ...)
 	NOT-FOR-US: Microsoft Office 2000
-CVE-2008-3019
+CVE-2008-3019 (Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack ...)
 	NOT-FOR-US: Microsoft Office 2000
-CVE-2008-3018
+CVE-2008-3018 (Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack ...)
 	NOT-FOR-US: Microsoft Office 2000
 CVE-2008-3017
 	REJECTED
 CVE-2008-3016
 	REJECTED
-CVE-2008-3015
+CVE-2008-3015 (Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Of ...)
 	NOT-FOR-US: Microsoft Office XP
-CVE-2008-3014
+CVE-2008-3014 (Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-3013
+CVE-2008-3013 (gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP S ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-3012
+CVE-2008-3012 (gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP S ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-3011
 	REJECTED
-CVE-2008-3010
+CVE-2008-3010 (Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 t ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2008-3009
+CVE-2008-3009 (Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 t ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2008-3008
+CVE-2008-3008 (Stack-based buffer overflow in the WMEncProfileManager ActiveX control ...)
 	NOT-FOR-US: Microsoft Windows Media Encoder
-CVE-2008-3007
+CVE-2008-3007 (Argument injection vulnerability in a URI handler in Microsoft Office  ...)
 	NOT-FOR-US: Microsoft Office XP
-CVE-2008-3006
+CVE-2008-3006 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007  ...)
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2008-3005
+CVE-2008-3005 (Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002  ...)
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2008-3004
+CVE-2008-3004 (Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; Offic ...)
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2008-3003
+CVE-2008-3003 (Microsoft Office Excel 2007 Gold and SP1 does not properly delete the  ...)
 	NOT-FOR-US: Microsoft Office Excel
 CVE-2008-3002
 	REJECTED
-CVE-2008-3001
+CVE-2008-3001 (The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote att ...)
 	NOT-FOR-US: additional drupal module Aggregation module
-CVE-2008-3000
+CVE-2008-3000 (The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access ...)
 	NOT-FOR-US: additional drupal module Aggregation module
-CVE-2008-2999
+CVE-2008-2999 (Multiple SQL injection vulnerabilities in the Aggregation module 5.x b ...)
 	NOT-FOR-US: additional drupal module Aggregation module
-CVE-2008-2998
+CVE-2008-2998 (Multiple cross-site scripting (XSS) vulnerabilities in the Aggregation ...)
 	NOT-FOR-US: additional drupal module Aggregation module
-CVE-2008-2997
+CVE-2008-2997 (Cross-site scripting (XSS) vulnerability in index.php in Gravity Board ...)
 	NOT-FOR-US: Gravity Board
-CVE-2008-2996
+CVE-2008-2996 (Multiple SQL injection vulnerabilities in index.php in Gravity Board X ...)
 	NOT-FOR-US: Gravity Board
-CVE-2008-2995
+CVE-2008-2995 (Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remo ...)
 	NOT-FOR-US: PHPEasyData
-CVE-2008-2994
+CVE-2008-2994 (Multiple cross-site scripting (XSS) vulnerabilities in PHPEasyData 1.5 ...)
 	NOT-FOR-US: PHPEasyData
-CVE-2008-2993
+CVE-2008-2993 (Multiple directory traversal vulnerabilities in index.php in FOG Forum ...)
 	NOT-FOR-US: FOG Forum
-CVE-2008-2992
+CVE-2008-2992 (Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earl ...)
 	NOT-FOR-US: Adobe Acrobat
-CVE-2008-2991
+CVE-2008-2991 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 an ...)
 	NOT-FOR-US: Adobe RoboHelp Server 7
-CVE-2008-2990
+CVE-2008-2990 (PHP remote file inclusion vulnerability in facileforms.frame.php in th ...)
 	NOT-FOR-US: FacileForms
-CVE-2008-2989
+CVE-2008-2989 (SQL injection vulnerability in index.php in HoMaP-CMS 0.1 allows remot ...)
 	NOT-FOR-US: HoMaP-CMS
-CVE-2008-2988
+CVE-2008-2988 (Unrestricted file upload vulnerability in admin/upload.php in Benja CM ...)
 	NOT-FOR-US: Benja CMS
-CVE-2008-2987
+CVE-2008-2987 (Multiple cross-site scripting (XSS) vulnerabilities in Benja CMS 0.1 a ...)
 	NOT-FOR-US: Benja CMS
-CVE-2008-2986
+CVE-2008-2986 (Multiple PHP remote file inclusion vulnerabilities in phpDMCA 1.0.0 al ...)
 	NOT-FOR-US: phpDMCA
-CVE-2008-2985
+CVE-2008-2985 (Directory traversal vulnerability in load_language.php in CMReams CMS  ...)
 	NOT-FOR-US: CMReams CMS
-CVE-2008-2984
+CVE-2008-2984 (Cross-site scripting (XSS) vulnerability in backend/umleitung.php in C ...)
 	NOT-FOR-US: CMReams CMS
-CVE-2008-2983
+CVE-2008-2983 (SQL injection vulnerability in index.php in Demo4 CMS 01 Beta allows r ...)
 	NOT-FOR-US: Demo4 CMS
-CVE-2008-2982
+CVE-2008-2982 (Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2 ...)
 	NOT-FOR-US: HomePH
-CVE-2008-2981
+CVE-2008-2981 (PHP remote file inclusion vulnerability in admin/templates/template_th ...)
 	NOT-FOR-US: HomePH
-CVE-2008-2980
+CVE-2008-2980 (Multiple cross-site scripting (XSS) vulnerabilities in HomePH Design 2 ...)
 	NOT-FOR-US: HomePH
-CVE-2008-2979
+CVE-2008-2979 (Multiple cross-site scripting (XSS) vulnerabilities in phpi/login.php  ...)
 	NOT-FOR-US: Ourvideo CMS
-CVE-2008-2978
+CVE-2008-2978 (Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, ...)
 	NOT-FOR-US: Ourvideo CMS
-CVE-2008-2977
+CVE-2008-2977 (Multiple PHP remote file inclusion vulnerabilities in Ourvideo CMS 9.5 ...)
 	NOT-FOR-US: Ourvideo CMS
-CVE-2008-2976
+CVE-2008-2976 (Multiple directory traversal vulnerabilities in TinX/cms 1.1, when reg ...)
 	NOT-FOR-US: TinX/cms
-CVE-2008-2975
+CVE-2008-2975 (Cross-site scripting (XSS) vulnerability in admin/objects/obj_image.ph ...)
 	NOT-FOR-US: TinX/cms
-CVE-2008-2974
+CVE-2008-2974 (Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, wh ...)
 	NOT-FOR-US: MM Chat
-CVE-2008-2973
+CVE-2008-2973 (Multiple cross-site scripting (XSS) vulnerabilities in chathead.php in ...)
 	NOT-FOR-US: MM Chat
-CVE-2008-2972
+CVE-2008-2972 (SQL injection vulnerability in index.php in KbLance allows remote atta ...)
 	NOT-FOR-US: KbLance
-CVE-2008-2971
+CVE-2008-2971 (SQL injection vulnerability in links-extern.php in CiBlog 3.1 allows r ...)
 	NOT-FOR-US: CiBlog
-CVE-2008-2970
+CVE-2008-2970 (Multiple session fixation vulnerabilities in Academic Web Tools (AWT Y ...)
 	NOT-FOR-US: Academic Web Tools
-CVE-2008-2969
+CVE-2008-2969 (Directory traversal vulnerability in download.php in Academic Web Tool ...)
 	NOT-FOR-US: Academic Web Tools
-CVE-2008-2968
+CVE-2008-2968 (SQL injection vulnerability in rating.php in Academic Web Tools (AWT Y ...)
 	NOT-FOR-US: Academic Web Tools
-CVE-2008-2967
+CVE-2008-2967 (Multiple cross-site scripting (XSS) vulnerabilities in Academic Web To ...)
 	NOT-FOR-US: Academic Web Tools
-CVE-2008-2966
+CVE-2008-2966 (Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 ...)
 	NOT-FOR-US: JaxUltraBB
-CVE-2008-2965
+CVE-2008-2965 (Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraB ...)
 	NOT-FOR-US: JaxUltraBB
-CVE-2008-2964
+CVE-2008-2964 (SQL injection vulnerability in guide.php in ResearchGuide 0.5 allows r ...)
 	NOT-FOR-US: ResearchGuide
-CVE-2008-2963
+CVE-2008-2963 (Multiple SQL injection vulnerabilities in MyBlog allow remote attacker ...)
 	NOT-FOR-US: MyBlog
-CVE-2008-2962
+CVE-2008-2962 (Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow re ...)
 	NOT-FOR-US: MyBlog
-CVE-2008-2961
+CVE-2008-2961 (Multiple directory traversal vulnerabilities in view/index.php in CMS  ...)
 	NOT-FOR-US: CMS Mini
-CVE-2008-2959
+CVE-2008-2959 (Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsof ...)
 	NOT-FOR-US: ActiveX control
-CVE-2008-2951
+CVE-2008-2951 (Open redirect vulnerability in the search script in Trac before 0.10.5 ...)
 	- trac 0.11-1
 	[etch] - trac 0.10.3-1etch4
-CVE-2008-2949
+CVE-2008-2949 (Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2948
+CVE-2008-2948 (Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2947
+CVE-2008-2947 (Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2946
+CVE-2008-2946 (The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterp ...)
 	NOT-FOR-US: Solstice Enterprise Agents in Sun Solaris
-CVE-2008-2945
+CVE-2008-2945 (Sun Java System Access Manager 6.3 through 7.1 and Sun Java System Ide ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2008-2944
+CVE-2008-2944 (Double free vulnerability in the utrace support in the Linux kernel, p ...)
 	- linux-2.6 <not-affected>
 	[etch] - linux-2.6 <not-affected>
 	- linux-2.6.24 <not-affected>
-CVE-2008-2943
+CVE-2008-2943 (Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2008-2941
+CVE-2008-2941 (The hpssd message parser in hpssd.py in HP Linux Imaging and Printing  ...)
 	- hplip 2.8.6-1 (low; bug #499842)
 	[etch] - hplip <no-dsa> (Minor issue)
 	NOTE: Does not affect current version in lenny, marking as fixed in current upstream release
-CVE-2008-2940
+CVE-2008-2940 (The alert-mailing implementation in HP Linux Imaging and Printing (HPL ...)
 	- hplip 2.8.6-1 (low; bug #499842)
 	[etch] - hplip <no-dsa> (Minor issue)
 	NOTE: Does not affect current version in lenny, marking as fixed in current upstream release
-CVE-2008-2939
+CVE-2008-2939 (Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_pro ...)
 	- apache2 2.2.9-7 (low)
 	[etch] - apache2 2.2.3-4+etch6
 	- apache <not-affected> (vulnerable code not present)
-CVE-2008-2938
+CVE-2008-2938 (Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.3 ...)
 	NOTE: This is an issue in the respective JVMs, Tomcat only includes a workaround
 	NOTE: Check status of free JVMs
 	- tomcat5.5 5.5.26-5 (unimportant; bug #496309)
-CVE-2008-2937
+CVE-2008-2937 (Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mai ...)
 	- postfix 2.5.4-1 (low)
 	[etch] - postfix <no-dsa> (minor issue)
-CVE-2008-2936
+CVE-2008-2936 (Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 bef ...)
 	{DSA-1629-2 DSA-1629-1 DTSA-155-1}
 	- postfix 2.5.4-1
-CVE-2008-2935
+CVE-2008-2935 (Multiple heap-based buffer overflows in the rc4 (1) encryption (aka ex ...)
 	{DSA-1624-1 DTSA-152-1}
 	- libxslt 1.1.24-2 (bug #493162)
 	NOTE: http://www.ocert.org/advisories/ocert-2008-009.html
-CVE-2008-2934
+CVE-2008-2934 (Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to  ...)
 	- iceweasel <not-affected> (MacOS-specific)
-CVE-2008-2933
+CVE-2008-2933 (Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|'  ...)
 	{DSA-1697-1 DSA-1615-1 DSA-1614-1}
 	- iceweasel 3.0.1-1 (low)
 	- xulrunner 1.9.0.1-1
 	- iceape 1.1.12-1
-CVE-2008-2932
+CVE-2008-2932 (Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote at ...)
 	NOT-FOR-US: Red Hat adminutil
-CVE-2008-2931
+CVE-2008-2931 (The do_change_type function in fs/namespace.c in the Linux kernel befo ...)
 	{DSA-1630-1}
 	- linux-2.6 2.6.22
 	NOTE: ee6f958291e2a768fd727e7a67badfff0b67711a
-CVE-2008-2930
+CVE-2008-2930 (Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, a ...)
 	NOT-FOR-US: Red Hat Directory Server / Fedora Directory Server
-CVE-2008-2929
+CVE-2008-2929 (Multiple cross-site scripting (XSS) vulnerabilities in the adminutil l ...)
 	NOT-FOR-US: Red Hat Directory Server / Fedora Directory Server
-CVE-2008-2928
+CVE-2008-2928 (Multiple buffer overflows in the adminutil library in CGI applications ...)
 	NOT-FOR-US: Red Hat Directory Server / Fedora Directory Server
-CVE-2008-2926
+CVE-2008-2926 (The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIP ...)
 	NOT-FOR-US: r8 (Host-Based Intrusion Prevention System)
-CVE-2008-2925
+CVE-2008-2925 (SQL injection vulnerability in Webmatic before 2.8 allows remote attac ...)
 	NOT-FOR-US: Webmatic
-CVE-2008-2924
+CVE-2008-2924 (Cross-site scripting (XSS) vulnerability in Webmatic before 2.8 allows ...)
 	NOT-FOR-US: Webmatic
-CVE-2008-2923
+CVE-2008-2923 (Cross-site scripting (XSS) vulnerability in read/search/results in Lyr ...)
 	NOT-FOR-US: Lyris ListManager
-CVE-2008-2922
+CVE-2008-2922 (Stack-based buffer overflow in artegic Dana IRC client 1.3 and earlier ...)
 	NOT-FOR-US: Dana IRC client
-CVE-2008-2921
+CVE-2008-2921 (SQL injection vulnerability in index.php in EZTechhelp EZCMS 1.2 and e ...)
 	NOT-FOR-US: EZTechhelp
-CVE-2008-2920
+CVE-2008-2920 (admin/filemanager/ (aka the File Manager) in EZTechhelp EZCMS 1.2 and  ...)
 	NOT-FOR-US: EZTechhelp
-CVE-2008-2919
+CVE-2008-2919 (SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 al ...)
 	NOT-FOR-US: Gryphon
-CVE-2008-2918
+CVE-2008-2918 (SQL injection vulnerability in details.php in Application Dynamics Car ...)
 	NOT-FOR-US: Application Dynamics Cartweaver
-CVE-2008-2917
+CVE-2008-2917 (SQL injection vulnerability in productsofcat.asp in E-SMART CART allow ...)
 	NOT-FOR-US: E-SMART CART
-CVE-2008-2916
+CVE-2008-2916 (Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earli ...)
 	NOT-FOR-US: Pre ADS Portal
-CVE-2008-2915
+CVE-2008-2915 (Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (ak ...)
 	NOT-FOR-US: Pre Job Board
-CVE-2008-2914
+CVE-2008-2914 (SQL injection vulnerability in jobseekers/JobSearch3.php (aka the sear ...)
 	NOT-FOR-US: Pre Job Board
-CVE-2008-2913
+CVE-2008-2913 (Directory traversal vulnerability in func.php in Devalcms 1.4a, when m ...)
 	NOT-FOR-US: Devalcms
-CVE-2008-2912
+CVE-2008-2912 (Multiple PHP remote file inclusion vulnerabilities in Contenido CMS 4. ...)
 	NOT-FOR-US: Contenido CMS
-CVE-2008-2911
+CVE-2008-2911 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Co ...)
 	NOT-FOR-US: Contenido CMS
-CVE-2008-2910
+CVE-2008-2910 (Buffer overflow in the DXTTextOutEffect ActiveX control (aka the Text- ...)
 	NOT-FOR-US: ActiveX control
-CVE-2008-2909
+CVE-2008-2909 (SQL injection vulnerability in results.php in Clever Copy 3.0 allows r ...)
 	NOT-FOR-US: Clever Copy
-CVE-2008-2908
+CVE-2008-2908 (Multiple stack-based buffer overflows in a certain ActiveX control in  ...)
 	NOT-FOR-US: ActiveX control
-CVE-2008-2907
+CVE-2008-2907 (SQL injection vulnerability in admin/index.php in WebChamado 1.1, when ...)
 	NOT-FOR-US: WebChamado
-CVE-2008-2906
+CVE-2008-2906 (SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 allo ...)
 	NOT-FOR-US: WebChamado
-CVE-2008-2905
+CVE-2008-2905 (PHP remote file inclusion vulnerability in includes/Cache/Lite/Output. ...)
 	NOT-FOR-US: Mambo
 	NOTE: Mambo is only in experimental
 	NOTE: filed removal bug for Mambo from experimental #490291
-CVE-2008-2904
+CVE-2008-2904 (SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows  ...)
 	NOT-FOR-US: Conkurent PHPMyCart
-CVE-2008-2903
+CVE-2008-2903 (SQL injection vulnerability in news.php in Advanced Webhost Billing Sy ...)
 	NOT-FOR-US: Advanced Webhost Billing System
-CVE-2008-2902
+CVE-2008-2902 (SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 ...)
 	NOT-FOR-US: AlstraSoft AskMe Pro
-CVE-2008-2901
+CVE-2008-2901 (Multiple SQL injection vulnerabilities in Haudenschilt Family Connecti ...)
 	NOT-FOR-US: Haudenschilt Family Connections CMS
-CVE-2008-2900
+CVE-2008-2900 (SQL injection vulnerability in item.php in PHPAuction 3.2 allows remot ...)
 	NOT-FOR-US: PHPAuction
-CVE-2008-2899
+CVE-2008-2899 (Unspecified vulnerability in includes/classes/page.php in j00lean-CMS  ...)
 	NOT-FOR-US: j00lean-CMS
-CVE-2008-2898
+CVE-2008-2898 (Directory traversal vulnerability in includes/header.php in Hedgehog-C ...)
 	NOT-FOR-US: Hedgehog-CMS
-CVE-2008-2897
+CVE-2008-2897 (SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta all ...)
 	NOT-FOR-US: PageSquid
-CVE-2008-2896
+CVE-2008-2896 (Directory traversal vulnerability in index.php in FireAnt 1.3 allows r ...)
 	NOT-FOR-US: FireAnt
-CVE-2008-2895
+CVE-2008-2895 (Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4  ...)
 	NOT-FOR-US: AproxEngine
-CVE-2008-2894
+CVE-2008-2894 (Directory traversal vulnerability in the FTP client in NCH Software Cl ...)
 	NOT-FOR-US: NCH Software Classic FTP Windows
-CVE-2008-2893
+CVE-2008-2893 (SQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ H ...)
 	NOT-FOR-US: AJ Square aj-hyip
-CVE-2008-2892
+CVE-2008-2892 (SQL injection vulnerability in the EXP Shop (com_expshop) component 1. ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-2891
+CVE-2008-2891 (SQL injection vulnerability in index.php in eMuSOFT emuCMS 0.3 allows  ...)
 	NOT-FOR-US: emuCMS
-CVE-2008-2890
+CVE-2008-2890 (Multiple SQL injection vulnerabilities in Online Fantasy Football Leag ...)
 	NOT-FOR-US: Online Fantasy Football League
-CVE-2008-2889
+CVE-2008-2889 (Directory traversal vulnerability in the FTP client in AceBIT WISE-FTP ...)
 	NOT-FOR-US: AceBIT WISE-FTP
-CVE-2008-2888
+CVE-2008-2888 (Multiple PHP remote file inclusion vulnerabilities in MiGCMS 2.0.5, wh ...)
 	NOT-FOR-US: MiGCMS
-CVE-2008-2887
+CVE-2008-2887 (Directory traversal vulnerability in index.php in chaozz@work FubarFor ...)
 	NOT-FOR-US: FubarForum
-CVE-2008-2886
+CVE-2008-2886 (PHP remote file inclusion vulnerability in include/plugins/jrBrowser/p ...)
 	NOT-FOR-US: Jamroom
-CVE-2008-2885
+CVE-2008-2885 (PHP remote file inclusion vulnerability in src/browser/resource/catego ...)
 	NOT-FOR-US: Open Digital Assets Repository System
-CVE-2008-2884
+CVE-2008-2884 (PHP remote file inclusion vulnerability in display.php in RSS-aggregat ...)
 	NOT-FOR-US: RSS-aggregator
-CVE-2008-2883
+CVE-2008-2883 (PHP remote file inclusion vulnerability in include/plugins/jrBrowser/p ...)
 	NOT-FOR-US: Jamroom
-CVE-2008-2882
+CVE-2008-2882 (upgrade.asp in sHibby sHop 2.2 and earlier does not require administra ...)
 	NOT-FOR-US: sHibby sHop
-CVE-2008-2881
+CVE-2008-2881 (Relative Real Estate Systems 3.0 and earlier stores passwords in clear ...)
 	NOT-FOR-US: Relative Real Estate Systems
-CVE-2008-2880
+CVE-2008-2880 (Heap-based buffer overflow in the IBM AFP Viewer Plug-in 2.0.7.1 and 3 ...)
 	NOT-FOR-US: IBM AFP Viewer Plug-in
-CVE-2008-2879
+CVE-2008-2879 (Benja CMS 0.1 does not require authentication for access to admin/, wh ...)
 	NOT-FOR-US: Benja CMS
-CVE-2008-2878
+CVE-2008-2878 (Open redirect vulnerability in rss_getfile.php in Academic Web Tools ( ...)
 	NOT-FOR-US: Academic Web Tools
-CVE-2008-2877
+CVE-2008-2877 (PHP remote file inclusion vulnerability in admin/include/lib.module.ph ...)
 	NOT-FOR-US: cmsWorks
-CVE-2008-2876
+CVE-2008-2876 (Directory traversal vulnerability in index.php in mUnky 0.0.1 allows r ...)
 	NOT-FOR-US: mUnky
-CVE-2008-2875
+CVE-2008-2875 (SQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allow ...)
 	NOT-FOR-US: Webdevindo-CMS
-CVE-2008-2874
+CVE-2008-2874 (SQL injection vulnerability in index.php in Softbiz Jokes &amp; Funny  ...)
 	NOT-FOR-US: Softbiz Jokes & Funny Pics
-CVE-2008-2873
+CVE-2008-2873 (sHibby sHop 2.2 and earlier stores sensitive information under the web ...)
 	NOT-FOR-US: sHibby sHop
-CVE-2008-2872
+CVE-2008-2872 (SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earl ...)
 	NOT-FOR-US: sHibby sHop
-CVE-2008-2871
+CVE-2008-2871 (Multiple cross-site scripting (XSS) vulnerabilities in template2.php i ...)
 	NOT-FOR-US: PEGames
-CVE-2008-2870
+CVE-2008-2870 (Multiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remo ...)
 	NOT-FOR-US: ShareCMS
-CVE-2008-2869
+CVE-2008-2869 (SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows r ...)
 	NOT-FOR-US: E-topbiz Link ADS
-CVE-2008-2868
+CVE-2008-2868 (SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and ...)
 	NOT-FOR-US: ware DUcalendar
-CVE-2008-2867
+CVE-2008-2867 (SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 ...)
 	NOT-FOR-US: E-topbiz Viral
-CVE-2008-2866
+CVE-2008-2866 (SQL injection vulnerability in csc_article_details.php in Caupo.net Ca ...)
 	NOT-FOR-US: CaupoShop Classic
-CVE-2008-2865
+CVE-2008-2865 (SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site ...)
 	NOT-FOR-US: Kalptaru Infotech PHP Site
-CVE-2008-2864
+CVE-2008-2864 (eLineStudio Site Composer (ESC) 2.6 and earlier allows remote attacker ...)
 	NOT-FOR-US: eLineStudio Site Composer
-CVE-2008-2863
+CVE-2008-2863 (Multiple absolute path traversal vulnerabilities in eLineStudio Site C ...)
 	NOT-FOR-US: eLineStudio Site Composer
-CVE-2008-2862
+CVE-2008-2862 (Multiple SQL injection vulnerabilities in eLineStudio Site Composer (E ...)
 	NOT-FOR-US: eLineStudio Site Composer
-CVE-2008-2861
+CVE-2008-2861 (Multiple cross-site scripting (XSS) vulnerabilities in eLineStudio Sit ...)
 	NOT-FOR-US: eLineStudio Site Composer
-CVE-2008-2860
+CVE-2008-2860 (SQL injection vulnerability in category.php in AJSquare AJ Auction Pro ...)
 	NOT-FOR-US: AJSquare AJ Auction Pro Web
-CVE-2008-2859
+CVE-2008-2859 (Unspecified vulnerability in the IMAP service in NetWin SurgeMail befo ...)
 	NOT-FOR-US: NetWin SurgeMail
-CVE-2008-2858
+CVE-2008-2858 (SQL injection vulnerability in index.php in WebChamado 1.1 allows remo ...)
 	NOT-FOR-US: WebChamado
-CVE-2008-2857
+CVE-2008-2857 (AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in  ...)
 	NOT-FOR-US: AlstraSoft AskMe Pro
-CVE-2008-2856
+CVE-2008-2856 (SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remot ...)
 	NOT-FOR-US: OwnRS
-CVE-2008-2855
+CVE-2008-2855 (Cross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 ...)
 	NOT-FOR-US: OwnRS
-CVE-2008-2854
+CVE-2008-2854 (Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6  ...)
 	NOT-FOR-US: Orlando CMS
-CVE-2008-2853
+CVE-2008-2853 (SQL injection vulnerability in index.php in Easy Webstore 1.2 allows r ...)
 	NOT-FOR-US: Easy Webstore
-CVE-2008-2852
+CVE-2008-2852 (Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when a ...)
 	- cgiwrap <removed> (low; bug #497761)
 	[etch] - cgiwrap <no-dsa> (Minor issue)
 	NOTE: only applies to certain character sets and only works with
 	NOTE: browsers. There isn't a good solution available, the patch uses
 	NOTE: a compile-time charset specification. All in all not a real
 	NOTE: priority to fix in etch.
-CVE-2008-2851
+CVE-2008-2851 (Multiple buffer overflows in OFF System before 0.19.14 allow remote at ...)
 	NOT-FOR-US: OFF System
-CVE-2008-2850
+CVE-2008-2850 (SQL injection vulnerability in the TrailScout module 5.x before 5.x-1. ...)
 	NOT-FOR-US: additional drupal module TrailScout
-CVE-2008-2849
+CVE-2008-2849 (Cross-site scripting (XSS) vulnerability in the TrailScout module 5.x  ...)
 	NOT-FOR-US: additional drupal module TrailScout
-CVE-2008-2848
+CVE-2008-2848 (Cross-site scripting (XSS) vulnerability in the search functionality i ...)
 	NOT-FOR-US: MindTouch DekiWiki
-CVE-2008-2847
+CVE-2008-2847 (SQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 ...)
 	NOT-FOR-US: Maxtrade
-CVE-2008-2846
+CVE-2008-2846 (SQL injection vulnerability in index.php in BoatScripts Classifieds al ...)
 	NOT-FOR-US: BoatScripts Classifieds
-CVE-2008-2845
+CVE-2008-2845 (SQL injection vulnerability in index.php in MyBizz-Classifieds allows  ...)
 	NOT-FOR-US: MyBizz-Classifieds
-CVE-2008-2844
+CVE-2008-2844 (SQL injection vulnerability in index.php in Carscripts Classifieds all ...)
 	NOT-FOR-US: Carscripts Classifieds
-CVE-2008-2843
+CVE-2008-2843 (Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlie ...)
 	NOT-FOR-US: doITLive CMS
-CVE-2008-2842
+CVE-2008-2842 (Cross-site scripting (XSS) vulnerability in edit/showmedia.asp in doIT ...)
 	NOT-FOR-US: doITLive CMS
-CVE-2008-2950
+CVE-2008-2950 (The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earl ...)
 	{DTSA-146-1}
 	- poppler 0.8.4-1.1 (medium; bug #489756)
 	[etch] - poppler <not-affected> (Vulnerable code not present)
 	- xpdf <not-affected> (Page.cc is not allocating the widget and therefore not vulnerable in the destructor, attrs initialized)
-CVE-2008-2927
+CVE-2008-2927 (Multiple integer overflows in the msn_slplink_process_msg functions in ...)
 	{DSA-1805-1 DSA-1610-1}
 	- pidgin 2.4.3-1
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (gaim is now a transitional package depending on pidgin with its own source package)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=453764
-CVE-2008-3137
+CVE-2008-3137 (The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through  ...)
 	{DSA-1673-1}
 	- wireshark 1.0.1-1 (low; bug #488834)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-3138
+CVE-2008-3138 (The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal ...)
 	{DSA-1673-1}
 	- wireshark 1.0.1-1 (low; bug #488834)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-3139
+CVE-2008-3139 (The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1. ...)
 	- wireshark 1.0.1-1 (low; bug #488834)
 	[etch] - wireshark <not-affected> (Only affects 0.99.8 to 1.0.0)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-3140
+CVE-2008-3140 (The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows rem ...)
 	- wireshark 1.0.1-1 (low; bug #488834)
 	[etch] - wireshark <not-affected> (Only affects 1.0.0)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-3141
+CVE-2008-3141 (Unspecified vulnerability in the RMI dissector in Wireshark (formerly  ...)
 	{DSA-1673-1}
 	- wireshark 1.0.1-1 (low; bug #488834)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-2952
+CVE-2008-2952 (liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to ca ...)
 	{DSA-1650-1 DTSA-151-1}
 	- openldap2.3 <removed> (low; bug #488710)
 	- openldap 2.4.10-3 (low; bug #488710)
-CVE-2008-2955
+CVE-2008-2955 (Pidgin 2.4.1 allows remote attackers to cause a denial of service (cra ...)
 	- pidgin 2.4.3-1 (low; bug #488632)
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (gaim is now a transitional package depending on pidgin with its own source package)
 CVE-2008-2956
 	- pidgin <unfixed> (unimportant; bug #488632)
 	NOTE: Non-issue per analysis of Pidgin upstream developers, should be rejected
-CVE-2008-2957
+CVE-2008-2957 (The UPnP functionality in Pidgin 2.0.0, and possibly other versions, a ...)
 	- pidgin 2.4.3-4 (low; bug #488632)
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (gaim is now a transitional package depending on pidgin with its own source package)
 	NOTE: probably only a bandwidth issue
-CVE-2008-2942
+CVE-2008-2942 (Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allow ...)
 	- mercurial 1.0.1-2 (low; bug #488628)
 	[etch] - mercurial <not-affected> (Vulnerable functionality not present)
-CVE-2008-2953
+CVE-2008-2953 (Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a ...)
 	- linuxdcpp 1.0.1-2 (low; bug #488630)
 	[etch] - linuxdcpp <no-dsa> (Minor issue)
-CVE-2008-2954
+CVE-2008-2954 (client/NmdcHub.cpp in Linux DC++ (linuxdcpp) before 0.707 allows remot ...)
 	- linuxdcpp 1.0.1-2 (low; bug #488630)
 	[etch] - linuxdcpp <no-dsa> (Minor issue)
-CVE-2008-2958
+CVE-2008-2958 (Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows l ...)
 	- checkinstall 1.6.1-7 (low; bug #488140)
 CVE-2008-XXXX [werkzeug hashes its secret instead of using hmac]
 	- python-werkzeug 0.3.1-1
 	NOTE: http://web.archive.org/web/20081229140824/http://lucumr.pocoo.org:80/cogitations/2008/06/24/werkzeug-031-released/
-CVE-2008-2841
+CVE-2008-2841 (Argument injection vulnerability in XChat 2.8.7b and earlier on Window ...)
 	- xchat <not-affected> (Windows specific problem)
-CVE-2008-2840
+CVE-2008-2840 (Multiple directory traversal vulnerabilities in Exero CMS 1.0.0 and 1. ...)
 	NOT-FOR-US: Exero CMS
-CVE-2008-2839
+CVE-2008-2839 (Cross-site scripting (XSS) vulnerability in the search module in Train ...)
 	NOT-FOR-US: Traindepot
-CVE-2008-2838
+CVE-2008-2838 (Directory traversal vulnerability in index.php in Traindepot 0.1 allow ...)
 	NOT-FOR-US: Traindepot
-CVE-2008-2837
+CVE-2008-2837 (SQL injection vulnerability in index.php in CMS-BRD allows remote atta ...)
 	NOT-FOR-US: CMS-BRD
-CVE-2008-2836
+CVE-2008-2836 (PHP remote file inclusion vulnerability in send_reminders.php in WebCa ...)
 	- webcalendar 1.0.5-1 (low)
 	- gforge <not-affected> (code in lenny internally sets its own path)
-CVE-2008-2835
+CVE-2008-2835 (SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows ...)
 	NOT-FOR-US: IGSuite
-CVE-2008-2834
+CVE-2008-2834 (SQL injection vulnerability in projects.php in Scientific Image DataBa ...)
 	NOT-FOR-US: Scientific Image DataBase
-CVE-2008-2833
+CVE-2008-2833 (admin/upload.php in le.cms 1.4 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: le.cms
-CVE-2008-2832
+CVE-2008-2832 (Unrestricted file upload vulnerability in calendar_admin.asp in Full R ...)
 	NOT-FOR-US: aspWebCalendar 2008
-CVE-2008-2831
+CVE-2008-2831 (Multiple cross-site scripting (XSS) vulnerabilities in the delegated s ...)
 	NOT-FOR-US: MailMarshal
-CVE-2008-2830
+CVE-2008-2830 (Open Scripting Architecture in Apple Mac OS X 10.4.11 and 10.5.4, and  ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2008-2829
+CVE-2008-2829 (php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete ...)
 	{DTSA-144-1}
 	- php5 5.2.6-2 (low)
 	[etch] - php5 <no-dsa> (Fix not feasible for etch, low priority issue)
 	NOTE: the fix sent to t-s and unstable does not seem possible in etch due to
 	NOTE: missing api features from the version of libc-client in etch.
-CVE-2008-2826
+CVE-2008-2826 (Integer overflow in the sctp_getsockopt_local_addrs_old function in ne ...)
 	{DSA-1630-1}
 	- linux-2.6 2.6.25-6 (low)
 	- linux-2.6.24 2.6.24-6~etchnhalf.4 (low)
 	NOTE: 735ce972fbc8a65fb17788debd7bbe7b4383cc62, present in 2.6.25.9
-CVE-2008-2825
+CVE-2008-2825 (Cross-site scripting (XSS) vulnerability in the embedded Web Server in ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2008-2824
+CVE-2008-2824 (Unspecified vulnerability in the Extensible Interface Platform in Web  ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2008-2823
+CVE-2008-2823 (SQL injection vulnerability in newsarchive.php in PHPeasyblog (formerl ...)
 	NOT-FOR-US: PHPeasyblog
-CVE-2008-2822
+CVE-2008-2822 (Multiple directory traversal vulnerabilities in the FTP client in 3D-F ...)
 	NOT-FOR-US: 3D-FTP Client
-CVE-2008-2821
+CVE-2008-2821 (Directory traversal vulnerability in the FTP client in Glub Tech Secur ...)
 	NOT-FOR-US: Glub Tech Secure FTP
-CVE-2008-2820
+CVE-2008-2820 (Directory traversal vulnerability in lang/lang-system.php in Open Azim ...)
 	NOT-FOR-US: Open Azimyt CMS
-CVE-2008-2819
+CVE-2008-2819 (SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlie ...)
 	NOT-FOR-US: BlognPlus
-CVE-2008-2818
+CVE-2008-2818 (Directory traversal vulnerability in Easy-Clanpage 3.0 b1 allows remot ...)
 	NOT-FOR-US: Easy-Clanpage
-CVE-2008-2817
+CVE-2008-2817 (SQL injection vulnerability in albums.php in NiTrO Web Gallery 1.4.3 a ...)
 	NOT-FOR-US: NiTrO Web Gallery
-CVE-2008-2816
+CVE-2008-2816 (SQL injection vulnerability in post.php in Oxygen (aka O2PHP Bulletin  ...)
 	NOT-FOR-US: Oxygen
-CVE-2008-2815
+CVE-2008-2815 (SQL injection vulnerability in shopping/index.php in MyMarket 1.72 all ...)
 	NOT-FOR-US: MyMarket
-CVE-2008-2814
+CVE-2008-2814 (Cross-site scripting (XSS) vulnerability in WallCity-Server Shoutcast  ...)
 	NOT-FOR-US: WallCity-Server
-CVE-2008-2813
+CVE-2008-2813 (Directory traversal vulnerability in index.php in WallCity-Server Shou ...)
 	NOT-FOR-US: WallCity-Server
-CVE-2008-2812
+CVE-2008-2812 (The Linux kernel before 2.6.25.10 does not properly perform tty operat ...)
 	{DSA-1630-1}
 	- linux-2.6 2.6.25-7
 	- linux-2.6.24 2.6.24-6~etchnhalf.4
-CVE-2008-2811
+CVE-2008-2811 (The block reflow implementation in Mozilla Firefox before 2.0.0.15, Th ...)
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	NOTE: Firefox 3 not affected
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
-CVE-2008-2810
+CVE-2008-2810 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not pro ...)
 	- iceweasel <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
-CVE-2008-2809
+CVE-2008-2809 (Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonk ...)
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	NOTE: Firefox 3 not affected
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
-CVE-2008-2808
+CVE-2008-2808 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not pro ...)
 	{DSA-1697-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
-CVE-2008-2807
+CVE-2008-2807 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not pro ...)
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
-CVE-2008-2806
+CVE-2008-2806 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS  ...)
 	- iceweasel <not-affected> (MacOS-specific)
 	- iceape <not-affected> (MacOS-specific)
-CVE-2008-2805
+CVE-2008-2805 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remo ...)
 	{DSA-1697-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	NOTE: Firefox 3 not affected
@@ -10631,77 +10631,77 @@ CVE-2008-2805
 	- xulrunner 1.9.0.1-1
 CVE-2008-2804
 	REJECTED
-CVE-2008-2803
+CVE-2008-2803 (The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox befor ...)
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
-CVE-2008-2802
+CVE-2008-2802 (Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and ...)
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- icedove 2.0.0.16-1
 	- xulrunner 1.9.0.1-1
-CVE-2008-2801
+CVE-2008-2801 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not pro ...)
 	{DSA-1697-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
-CVE-2008-2800
+CVE-2008-2800 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remo ...)
 	{DSA-1697-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
-CVE-2008-2799
+CVE-2008-2799 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.1 ...)
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
-CVE-2008-2798
+CVE-2008-2798 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.1 ...)
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
-CVE-2008-2797
+CVE-2008-2797 (Cross-site scripting (XSS) vulnerability in MainLayout.do in ManageEng ...)
 	NOT-FOR-US: ManageEngine OpUtils
-CVE-2008-2796
+CVE-2008-2796 (SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote  ...)
 	NOT-FOR-US: FreeCMS
-CVE-2008-2795
+CVE-2008-2795 (Directory traversal vulnerability in the FTP and SFTP clients in IDM C ...)
 	NOT-FOR-US: IDM Computer Solutions Inc UltraEdit
-CVE-2008-2794
+CVE-2008-2794 (Unspecified vulnerability in the GUI in Symantec Altiris Notification  ...)
 	NOT-FOR-US: Symantec Altiris Notification
-CVE-2008-2793
+CVE-2008-2793 (SQL injection vulnerability in group_posts.php in ClipShare before 3.0 ...)
 	NOT-FOR-US: ClipShare
-CVE-2008-2792
+CVE-2008-2792 (SQL injection vulnerability in index.php in eroCMS 1.4 and earlier all ...)
 	NOT-FOR-US: eroCMS
-CVE-2008-2791
+CVE-2008-2791 (SQL injection vulnerability in product.detail.php in Kalptaru Infotech ...)
 	NOT-FOR-US: Kalptaru Infotech
-CVE-2008-2790
+CVE-2008-2790 (SQL injection vulnerability in detail.php in MountainGrafix easyTrade  ...)
 	NOT-FOR-US: MountainGrafix easyTrade
-CVE-2008-2789
+CVE-2008-2789 (SQL injection vulnerability in pages/index.php in BASIC-CMS allows rem ...)
 	NOT-FOR-US: BASIC-CMS
-CVE-2008-2788
+CVE-2008-2788 (Cross-site scripting (XSS) vulnerability in index.php in OpenDocMan 1. ...)
 	NOT-FOR-US: OpenDocMan
-CVE-2008-2787
+CVE-2008-2787 (Cross-site scripting (XSS) vulnerability in out.php in OpenDocMan 1.2. ...)
 	NOT-FOR-US: OpenDocMan
-CVE-2008-2960
+CVE-2008-2960 (Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7,  ...)
 	- phpmyadmin 4:2.11.7~rc2-1 (unimportant)
 	NOTE: We haven't supported installations with register_globals enabled since a long time
-CVE-2008-2827
+CVE-2008-2827 (The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly ...)
 	{DTSA-142-1}
 	- perl 5.10.0-11 (bug #487319; medium)
 	[etch] - perl <not-affected> (doesn't change link target permissions)
 	NOTE: affects other packages like debsums, see bugreport
-CVE-2008-2828
+CVE-2008-2828 (Stack-based buffer overflow in tmsnc allows remote attackers to cause  ...)
 	- tmsnc 0.3.2-1.1 (low; bug #487222)
-CVE-2008-2786
+CVE-2008-2786 (Buffer overflow in Firefox 3.0 and 2.0.x has unknown impact and attack ...)
 	NOT-FOR-US: Just hashes posted to full-disclosure, no specific information
 	NOTE: Unless more specific information pops up, this can be considered covered by
 	NOTE: CVE-2008-2785
-CVE-2008-2785
+CVE-2008-2785 (Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird befo ...)
 	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1614-1}
 	- iceweasel 3.0 (medium; bug #488358)
 	- icedove 2.0.0.16-1
@@ -10709,122 +10709,122 @@ CVE-2008-2785
 	- xulrunner 1.9.0.1-1 (bug #491161)
 	NOTE: Since 3.0 iceweasel links against xulrunner, marking it as fixed, since also need to track etch
 	NOTE: http://www.mozilla.org/security/announce/2008/mfsa2008-34.html
-CVE-2008-2784
+CVE-2008-2784 (The smtp_filter function in spamdyke before 3.1.8 does not filter RCPT ...)
 	NOT-FOR-US: spamdyke
-CVE-2008-2783
+CVE-2008-2783 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware ...)
 	- kronolith2 <not-affected> (unimportant; Nonreproducable 'issue')
 	- horde3 <not-affected> (unimportant; Nonreproducable 'issue')
 	NOTE: not reproducible, redhat also seems to have problems reproducing this https://bugzilla.redhat.com/show_bug.cgi?id=452209
-CVE-2008-2782
+CVE-2008-2782 (Multiple directory traversal vulnerabilities in OtomiGenX 2.2 allow re ...)
 	NOT-FOR-US: OtomiGenX
-CVE-2008-2781
+CVE-2008-2781 (SQL injection vulnerability in index.php in DZOIC Handshakes 3.5 allow ...)
 	NOT-FOR-US: DZOIC Handshakes
-CVE-2008-2780
+CVE-2008-2780 (The Anubis (aka Anubis+Ripe160) plugin before 1.3 for encrypt stores t ...)
 	NOT-FOR-US: Anubis
-CVE-2008-2779
+CVE-2008-2779 (Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 Bu ...)
 	NOT-FOR-US: GlobalSCAPE CuteFTP Home
-CVE-2008-2778
+CVE-2008-2778 (SQL injection vulnerability in inc/class_search.php in the Search Syst ...)
 	NOT-FOR-US: RevokeBB
-CVE-2008-2777
+CVE-2008-2777 (Cross-site scripting (XSS) vulnerability in Ortro before 1.3.1 allows  ...)
 	NOT-FOR-US: Ortro
-CVE-2008-2776
+CVE-2008-2776 (Cross-site scripting (XSS) vulnerability in search.asp in DT Centrepie ...)
 	NOT-FOR-US: DT Centrepiece
-CVE-2008-2775
+CVE-2008-2775 (SQL injection vulnerability in search.asp in DT Centrepiece 4.0 allows ...)
 	NOT-FOR-US: DT Centrepiece
-CVE-2008-2774
+CVE-2008-2774 (SQL injection vulnerability in item.php in CartKeeper CKGold Shopping  ...)
 	NOT-FOR-US: CartKeeper CKGold Shopping Cart
-CVE-2008-2773
+CVE-2008-2773 (Cross-site scripting (XSS) vulnerability in the Taxonomy Image module  ...)
 	NOT-FOR-US: Taxonomy Image module for Drupal
-CVE-2008-2772
+CVE-2008-2772 (The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote atta ...)
 	NOT-FOR-US: Magic Tabs module for Drupal
-CVE-2008-2771
+CVE-2008-2771 (The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 fo ...)
 	NOT-FOR-US: Node Hierarchy module for Drupal
-CVE-2008-2770
+CVE-2008-2770 (SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_q ...)
 	NOT-FOR-US: MycroCMS
-CVE-2008-2769
+CVE-2008-2769 (PHP remote file inclusion vulnerability in authentication/smf/smf.func ...)
 	NOT-FOR-US: phpRaider
-CVE-2008-2768
+CVE-2008-2768 (Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla  ...)
 	NOT-FOR-US: Xigla Poll Manager XE
-CVE-2008-2767
+CVE-2008-2767 (SQL injection vulnerability in search.asp in Xigla Poll Manager XE all ...)
 	NOT-FOR-US: Xigla Poll Manager XE
-CVE-2008-2766
+CVE-2008-2766 (Cross-site scripting (XSS) vulnerability in Xigla Absolute Image Galle ...)
 	NOT-FOR-US: Xigla Absolute Image Gallery XE
-CVE-2008-2765
+CVE-2008-2765 (SQL injection vulnerability in gallery.asp in Xigla Absolute Image Gal ...)
 	NOT-FOR-US: Xigla Absolute Image Gallery XE
-CVE-2008-2764
+CVE-2008-2764 (Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla  ...)
 	NOT-FOR-US: Xigla Absolute Live Support XE
-CVE-2008-2763
+CVE-2008-2763 (SQL injection vulnerability in search.asp in Xigla Absolute Live Suppo ...)
 	NOT-FOR-US: Xigla Absolute Live Support XE
-CVE-2008-2762
+CVE-2008-2762 (SQL injection vulnerability in search.asp in Xigla Absolute Form Proce ...)
 	NOT-FOR-US: Xigla Absolute Form Processor XE
-CVE-2008-2761
+CVE-2008-2761 (Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute  ...)
 	NOT-FOR-US: Xigla Absolute Banner Manager XE
-CVE-2008-2760
+CVE-2008-2760 (SQL injection vulnerability in searchbanners.asp in Xigla Absolute Ban ...)
 	NOT-FOR-US: Xigla Absolute Banner Manager XE
-CVE-2008-2759
+CVE-2008-2759 (Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute  ...)
 	NOT-FOR-US: Xigla Absolute Form Processor XE
-CVE-2008-2758
+CVE-2008-2758 (Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute  ...)
 	NOT-FOR-US: Xigla Absolute News Manager XE
-CVE-2008-2757
+CVE-2008-2757 (SQL injection vulnerability in search.asp in Xigla Absolute News Manag ...)
 	NOT-FOR-US: Xigla Absolute News Manager XE
-CVE-2008-2756
+CVE-2008-2756 (Cross-site scripting (XSS) vulnerability in admin/users.asp in Xigla A ...)
 	NOT-FOR-US: Xigla Absolute Control Panel XE
-CVE-2008-2755
+CVE-2008-2755 (SQL injection vulnerability in index.php in JAMM CMS allows remote att ...)
 	NOT-FOR-US: JAMM CMS
-CVE-2008-2754
+CVE-2008-2754 (SQL injection vulnerability in toplists.php in eFiction 3.0 and 3.4.3, ...)
 	NOT-FOR-US: eFiction
-CVE-2008-2753
+CVE-2008-2753 (Multiple SQL injection vulnerabilities in Pooya Site Builder (PSB) 6.0 ...)
 	NOT-FOR-US: Pooya Site Builder
-CVE-2008-2752
+CVE-2008-2752 (Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not properly h ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2008-2751
+CVE-2008-2751 (Multiple cross-site scripting (XSS) vulnerabilities in the Glassfish w ...)
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2008-2750
+CVE-2008-2750 (The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux k ...)
 	- linux-2.6 2.6.26
 	[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.23)
 	- linux-2.6.24 2.6.24-6~etchnhalf.4
 	NOTE: 6b6707a50c7598a83820077393f8823ab791abf8
-CVE-2008-2749
+CVE-2008-2749 (Unspecified vulnerability in cshttpd in Sun Java System Calendar Serve ...)
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2008-2748
+CVE-2008-2748 (Skulltag 0.97d2-RC2 and earlier allows remote attackers to cause a den ...)
 	NOT-FOR-US: Skulltag
-CVE-2008-2747
+CVE-2008-2747 (No-IP Dynamic Update Client (DUC) 2.2.1 on Windows uses weak permissio ...)
 	NOT-FOR-US: Windows
-CVE-2008-2746
+CVE-2008-2746 (SQL injection vulnerability in login.php in Gryphon gllcTS2 4.2.4 allo ...)
 	NOT-FOR-US: Gryphon gllcTS2
-CVE-2008-2745
+CVE-2008-2745 (Stack-based buffer overflow in BiAnno ActiveX Control (BiAnno.ocx) in  ...)
 	NOT-FOR-US: BiAnno ActiveX Control
-CVE-2008-2744
+CVE-2008-2744 (Cross-site scripting (XSS) vulnerability in vBulletin 3.6.10 and 3.7.1 ...)
 	NOT-FOR-US: vBulletin
-CVE-2008-2743
+CVE-2008-2743 (Cross-site scripting (XSS) vulnerability in the embedded web server in ...)
 	NOT-FOR-US: web server Xerox
-CVE-2008-2742
+CVE-2008-2742 (Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/ ...)
 	NOT-FOR-US: Achievo
 CVE-2008-2741
 	RESERVED
 CVE-2008-2740
 	RESERVED
-CVE-2008-2739
+CVE-2008-2739 (The SERVICE.DNS signature engine in the Intrusion Prevention System (I ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2008-2738
 	RESERVED
 CVE-2008-2737
 	REJECTED
-CVE-2008-2736
+CVE-2008-2736 (Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5 ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance (ASA)
-CVE-2008-2735
+CVE-2008-2735 (The HTTP server in Cisco Adaptive Security Appliance (ASA) 5500 device ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance (ASA)
-CVE-2008-2734
+CVE-2008-2734 (Memory leak in the crypto functionality in Cisco Adaptive Security App ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance (ASA)
-CVE-2008-2733
+CVE-2008-2733 (Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 befor ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance (ASA)
-CVE-2008-2732
+CVE-2008-2732 (Multiple unspecified vulnerabilities in the SIP inspection functionali ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance (ASA)
 CVE-2008-2731
 	RESERVED
-CVE-2008-2730
+CVE-2008-2730 (The Real-Time Information Server (RIS) Data Collector service in Cisco ...)
 	NOT-FOR-US: cisco
-CVE-2008-2729
+CVE-2008-2729 (arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some  ...)
 	{DSA-1630-1}
 	- linux-2.6 2.6.19-1
 	NOTE: 3022d734a54cbd2b65eea9a024564821101b4a9a
@@ -10832,164 +10832,164 @@ CVE-2008-2728
 	REJECTED
 CVE-2008-2727
 	REJECTED
-CVE-2008-2726
+CVE-2008-2726 (Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and e ...)
 	{DSA-1618-1 DSA-1612-1}
 	- ruby1.9 1.9.0.2-1
 	- ruby1.8 1.8.7.22-1
-CVE-2008-2725
+CVE-2008-2725 (Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and e ...)
 	{DSA-1618-1 DSA-1612-1}
 	- ruby1.9 1.9.0.2-1
 	- ruby1.8 1.8.7.22-1
-CVE-2008-2718
+CVE-2008-2718 (Cross-site scripting (XSS) vulnerability in fe_adminlib.inc in TYPO3 4 ...)
 	{DSA-1596-1}
 	- typo3-src 4.1.7-1 (bug #485814)
-CVE-2008-2716
+CVE-2008-2716 (Unspecified vulnerability in Opera before 9.5 allows remote attackers  ...)
 	NOT-FOR-US: Opera
-CVE-2008-2715
+CVE-2008-2715 (Unspecified vulnerability in Opera before 9.5 allows remote attackers  ...)
 	NOT-FOR-US: Opera
-CVE-2008-2714
+CVE-2008-2714 (Opera before 9.26 allows remote attackers to misrepresent web page add ...)
 	NOT-FOR-US: Opera
-CVE-2008-2710
+CVE-2008-2710 (Integer signedness error in the ip_set_srcfilter function in the IP Mu ...)
 	NOT-FOR-US: Solaris
-CVE-2008-2709
+CVE-2008-2709 (Buffer overflow in the BrSmRcvAndCheck function in the RCHMGR module o ...)
 	NOT-FOR-US: Solaris
-CVE-2008-2708
+CVE-2008-2708 (Unspecified vulnerability in the Sun (1) UltraSPARC T2 and (2) UltraSP ...)
 	NOT-FOR-US: Solaris
-CVE-2008-2707
+CVE-2008-2707 (Unspecified vulnerability in the e1000g driver in Sun Solaris 10 and O ...)
 	NOT-FOR-US: Solaris
-CVE-2008-2706
+CVE-2008-2706 (Unspecified vulnerability in the event port implementation in Sun Sola ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-2705
+CVE-2008-2705 (Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1,  ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2008-2704
+CVE-2008-2704 (Novell GroupWise Messenger (GWIM) before 2.0.3 Hot Patch 1 allows remo ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2008-2703
+CVE-2008-2703 (Multiple stack-based buffer overflows in Novell GroupWise Messenger (G ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2008-2702
+CVE-2008-2702 (Directory traversal vulnerability in the FTP client in ALTools ESTsoft ...)
 	NOT-FOR-US: ALTools ESTsoft ALFTP
-CVE-2008-2701
+CVE-2008-2701 (SQL injection vulnerability in the GameQ (com_gameq) component 4.0 and ...)
 	NOT-FOR-US: joomla extension
-CVE-2008-2700
+CVE-2008-2700 (SQL injection vulnerability in view.php in Galatolo WebManager 1.0 and ...)
 	NOT-FOR-US: Galatolo WebManager
-CVE-2008-2699
+CVE-2008-2699 (Multiple directory traversal vulnerabilities in Galatolo WebManager (G ...)
 	NOT-FOR-US: Galatolo WebManager
-CVE-2008-2698
+CVE-2008-2698 (Multiple cross-site scripting (XSS) vulnerabilities in photo_add-c.php ...)
 	NOT-FOR-US: WEBalbum
-CVE-2008-2697
+CVE-2008-2697 (SQL injection vulnerability in the Rapid Recipe (com_rapidrecipe) comp ...)
 	NOT-FOR-US: joomla extension
-CVE-2008-2695
+CVE-2008-2695 (Directory traversal vulnerability in entry.php in phpInv 0.8.0 allows  ...)
 	NOT-FOR-US: phpInv
-CVE-2008-2694
+CVE-2008-2694 (Cross-site scripting (XSS) vulnerability in search.php in phpInv 0.8.0 ...)
 	NOT-FOR-US: phpInv
-CVE-2008-2693
+CVE-2008-2693 (Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control ...)
 	NOT-FOR-US: ActiveX control
-CVE-2008-2692
+CVE-2008-2692 (SQL injection vulnerability in the yvComment (com_yvcomment) component ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-2691
+CVE-2008-2691 (SQL injection vulnerability in read.asp in JiRo's FAQ Manager eXperien ...)
 	NOT-FOR-US: JiRo's FAQ Manager eXperience
-CVE-2008-2690
+CVE-2008-2690 (Multiple PHP remote file inclusion vulnerabilities in BrowserCRM 5.002 ...)
 	NOT-FOR-US: BrowserCRM
-CVE-2008-2689
+CVE-2008-2689 (PHP remote file inclusion vulnerability in pub/clients.php in BrowserC ...)
 	NOT-FOR-US: BrowserCRM
-CVE-2008-2688
+CVE-2008-2688 (SQL injection vulnerability in pilot.asp in ASPilot Pilot Cart 7.3 all ...)
 	NOT-FOR-US: ASPilot Pilot Cart
-CVE-2008-2687
+CVE-2008-2687 (Directory traversal vulnerability in inc/config.php in ProManager 0.73 ...)
 	NOT-FOR-US: ProManager
-CVE-2008-2686
+CVE-2008-2686 (webinc/bxe/scripts/loadsave.php in Flux CMS 1.5.0 and earlier allows r ...)
 	NOT-FOR-US: Flux CMS
 CVE-2008-XXXX [insecure tempfile in wdiff]
 	- wdiff 0.5-18 (low; bug #425254)
 	[etch] - wdiff  <no-dsa> (Minor issue)
-CVE-2008-2719
+CVE-2008-2719 (Off-by-one error in the ppscan function (preproc.c) in Netwide Assembl ...)
 	- nasm 2.03.01-1 (low; bug #486715)
 	[etch] - nasm <not-affected> (vulnerable code not present)
-CVE-2008-2712
+CVE-2008-2712 (Vim 7.1.314, 6.4, and other versions allows user-assisted remote attac ...)
 	{DSA-1733-1 DTSA-143-1}
 	- vim 1:7.1.314-3 (low; bug #486502)
-CVE-2008-2696
+CVE-2008-2696 (Exiv2 0.16 allows user-assisted remote attackers to cause a denial of  ...)
 	- exiv2 0.17-1 (low; bug #486328)
 	[etch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: http://dev.robotbattle.com/cgi-bin/viewvc.cgi/exiv2/trunk/src/nikonmn.cpp?r1=1473&r2=1499
-CVE-2008-2713
+CVE-2008-2713 (libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to  ...)
 	{DSA-1616-2 DTSA-138-1}
 	- clamav 0.93.1.dfsg-1.1 (low; bug #490925)
-CVE-2008-2711
+CVE-2008-2711 (fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, ...)
 	- fetchmail 6.3.9~rc2-1 (unimportant)
 	[etch] - fetchmail 6.3.6-1etch3
 	NOTE: http://www.openwall.com/lists/oss-security/2008/06/13/1
 	NOTE: -vv is only used for debugging purposes so this does not
 	NOTE: prevent a victim from getting mails. -vv is not used in non-interactive
 	NOTE: use.
-CVE-2008-2720
+CVE-2008-2720 (Cross-site scripting (XSS) vulnerability in Menalto Gallery before 2.2 ...)
 	- gallery2 2.2.5-1 (low; bug #485947)
 	- gallery <not-affected> (Vulnerable code not present, different codebase)
-CVE-2008-2721
+CVE-2008-2721 (Unspecified vulnerability in the album-select module in Menalto Galler ...)
 	- gallery2 2.2.5-1 (low; bug #485947)
 	- gallery <not-affected> (Vulnerable code not present, different codebase)
-CVE-2008-2722
+CVE-2008-2722 (Menalto Gallery before 2.2.5 allows remote attackers to bypass permiss ...)
 	- gallery2 2.2.5-1 (low; bug #485947)
 	- gallery <not-affected> (Vulnerable code not present, different codebase)
-CVE-2008-2723
+CVE-2008-2723 (embed.php in Menalto Gallery before 2.2.5 allows remote attackers to o ...)
 	- gallery2 2.2.5-1 (low; bug #485947)
 	- gallery <not-affected> (Vulnerable code not present, different codebase)
-CVE-2008-2724
+CVE-2008-2724 (Menalto Gallery before 2.2.5 does not enforce permissions for non-albu ...)
 	- gallery2 2.2.5-1 (low; bug #485947)
 	- gallery <not-affected> (Vulnerable code not present, different codebase)
-CVE-2008-2717
+CVE-2008-2717 (TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1,  ...)
 	{DSA-1596-1}
 	- typo3-src 4.1.7-1 (bug #485814)
-CVE-2008-2685
+CVE-2008-2685 (SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 ...)
 	NOT-FOR-US: Battle Blog
-CVE-2008-2684
+CVE-2008-2684 (The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black I ...)
 	NOT-FOR-US: Black Ice Barcode
-CVE-2008-2683
+CVE-2008-2683 (The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black I ...)
 	NOT-FOR-US: Black Ice Barcode
-CVE-2008-2682
+CVE-2008-2682 (_RealmAdmin/login.asp in Realm CMS 2.3 and earlier allows remote attac ...)
 	NOT-FOR-US: Realm CMS
-CVE-2008-2681
+CVE-2008-2681 (Realm CMS 2.3 and earlier allows remote attackers to obtain sensitive  ...)
 	NOT-FOR-US: Realm CMS
-CVE-2008-2680
+CVE-2008-2680 (Multiple cross-site scripting (XSS) vulnerabilities in _db/compact.asp ...)
 	NOT-FOR-US: Realm CMS
-CVE-2008-2679
+CVE-2008-2679 (SQL injection vulnerability in the KeyWordsList function in _includes/ ...)
 	NOT-FOR-US: Realm CMS
-CVE-2008-2678
+CVE-2008-2678 (Multiple SQL injection vulnerabilities in Telephone Directory 2008, wh ...)
 	NOT-FOR-US: Telephone Directory 2008
-CVE-2008-2677
+CVE-2008-2677 (Cross-site scripting (XSS) vulnerability in edit1.php in Telephone Dir ...)
 	NOT-FOR-US: Telephone Directory 2008
-CVE-2008-2676
+CVE-2008-2676 (SQL injection vulnerability in the iJoomla News Portal (com_news_porta ...)
 	NOT-FOR-US: com_news_portal component for Joomla!
-CVE-2008-2675
+CVE-2008-2675 (Cross-site scripting (XSS) vulnerability in index.php in PHP Image Gal ...)
 	NOT-FOR-US: PHP Image Gallery
-CVE-2008-2674
+CVE-2008-2674 (Unspecified vulnerability in the Interstage Management Console, as use ...)
 	NOT-FOR-US: Interstage Management Console
-CVE-2008-2673
+CVE-2008-2673 (SQL injection vulnerability in index.php in Powie pNews 2.08 and 2.10, ...)
 	NOT-FOR-US: pNews
-CVE-2008-2672
+CVE-2008-2672 (Multiple directory traversal vulnerabilities in ErfurtWiki R1.02b and  ...)
 	- ewiki <removed> (unimportant)
 	NOTE: register_globals is not supported
-CVE-2008-2671
+CVE-2008-2671 (SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows  ...)
 	NOT-FOR-US: DCFM Blog
-CVE-2008-2670
+CVE-2008-2670 (Multiple SQL injection vulnerabilities in index.php in Insanely Simple ...)
 	NOT-FOR-US: Insanely Simple Blog
-CVE-2008-2669
+CVE-2008-2669 (Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote a ...)
 	NOT-FOR-US: yBlog
-CVE-2008-2668
+CVE-2008-2668 (Multiple cross-site scripting (XSS) vulnerabilities in yBlog 0.2.2.2 a ...)
 	NOT-FOR-US: yBlog
-CVE-2008-2666
+CVE-2008-2666 (Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier  ...)
 	- php5 <removed> (unimportant)
 	NOTE: safe mode not supported
-CVE-2008-2665
+CVE-2008-2665 (Directory traversal vulnerability in the posix_access function in PHP  ...)
 	- php5 5.2.6.dfsg.1-3 (unimportant)
 	NOTE: safe mode not supported
-CVE-2008-2664
+CVE-2008-2664 (The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8 ...)
 	{DSA-1618-1 DSA-1612-1}
 	- ruby1.9 1.9.0.2-1
 	- ruby1.8 1.8.7.22-1
-CVE-2008-2663
+CVE-2008-2663 (Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4  ...)
 	{DSA-1618-1 DSA-1612-1}
 	- ruby1.9 1.9.0.2-1
 	- ruby1.8 1.8.7.22-1
-CVE-2008-2662
+CVE-2008-2662 (Multiple integer overflows in the rb_str_buf_append function in Ruby 1 ...)
 	{DSA-1618-1 DSA-1612-1}
 	- ruby1.9 1.9.0.2-1
 	- ruby1.8 1.8.7.22-1
@@ -11009,374 +11009,374 @@ CVE-2008-2655
 	RESERVED
 CVE-2008-2653
 	RESERVED
-CVE-2008-2652
+CVE-2008-2652 (Multiple SQL injection vulnerabilities in catalog.php in SMEWeb 1.4b a ...)
 	NOT-FOR-US: SMEWeb
-CVE-2008-2651
+CVE-2008-2651 (SQL injection vulnerability in the Joomla! Bulletin Board (aka Joo!BB  ...)
 	NOT-FOR-US: com_joobb component for Joomla!
-CVE-2008-2650
+CVE-2008-2650 (Directory traversal vulnerability in cmsimple/cms.php in CMSimple 3.1, ...)
 	NOT-FOR-US: CMSimple
-CVE-2008-2649
+CVE-2008-2649 (Multiple PHP remote file inclusion vulnerabilities in DesktopOnNet 3 B ...)
 	NOT-FOR-US: DesktopOnNet
-CVE-2008-2648
+CVE-2008-2648 (Unrestricted file upload vulnerability in upload/uploader.html in meBi ...)
 	NOT-FOR-US: meBiblio
-CVE-2008-2647
+CVE-2008-2647 (SQL injection vulnerability in admin/journal_change_mask.inc.php in me ...)
 	NOT-FOR-US: meBiblio
-CVE-2008-2646
+CVE-2008-2646 (Multiple cross-site scripting (XSS) vulnerabilities in meBiblio 0.4.7  ...)
 	NOT-FOR-US: meBiblio
-CVE-2008-2645
+CVE-2008-2645 (Multiple PHP remote file inclusion vulnerabilities in Brim (formerly B ...)
 	NOT-FOR-US: Brim
-CVE-2008-2644
+CVE-2008-2644 (Multiple cross-site scripting (XSS) vulnerabilities in SMEWeb 1.4b and ...)
 	NOT-FOR-US: SMEWeb
-CVE-2008-2643
+CVE-2008-2643 (SQL injection vulnerability in the Bible Study (com_biblestudy) compon ...)
 	NOT-FOR-US: com_biblestudy component for Joomla!
-CVE-2008-2642
+CVE-2008-2642 (SQL injection vulnerability in login.php in OtomiGenX 2.2 allows remot ...)
 	NOT-FOR-US: OtomiGenX
-CVE-2008-2641
+CVE-2008-2641 (Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlie ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2008-2640
+CVE-2008-2640 (Multiple cross-site scripting (XSS) vulnerabilities in the Flex 3 Hist ...)
 	NOT-FOR-US: Adobe Flex
-CVE-2008-2639
+CVE-2008-2639 (Stack-based buffer overflow in the ODBC server service in Citect Citec ...)
 	NOT-FOR-US: Citect CitectSCADA
-CVE-2008-2638
+CVE-2008-2638 (Static code injection vulnerability in guestbook.php in 1Book 1.0.1 an ...)
 	NOT-FOR-US: 1Book
-CVE-2008-2637
+CVE-2008-2637 (Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL ...)
 	NOT-FOR-US: F5 FirePass SSL VPN
-CVE-2008-2636
+CVE-2008-2636 (The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 all ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2008-2635
+CVE-2008-2635 (Multiple directory traversal vulnerabilities in BitKinex 2.9.3 allow r ...)
 	NOT-FOR-US: BitKinex
-CVE-2008-2634
+CVE-2008-2634 (SQL injection vulnerability in index.asp in I-Pos Internet Pay Online  ...)
 	NOT-FOR-US: I-Pos Internet Pay Online Store
-CVE-2008-2633
+CVE-2008-2633 (Multiple SQL injection vulnerabilities in the EXP JoomRadio (com_joomr ...)
 	NOT-FOR-US: com_joomradio component for Joomla!
-CVE-2008-2632
+CVE-2008-2632 (SQL injection vulnerability in the acctexp (com_acctexp) component 0.1 ...)
 	NOT-FOR-US: com_acctexp component for Joomla!
-CVE-2008-2631
+CVE-2008-2631 (The WordClient interface in Alt-N Technologies MDaemon 9.6.5 allows re ...)
 	NOT-FOR-US: MDaemon
-CVE-2008-2630
+CVE-2008-2630 (SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 f ...)
 	NOT-FOR-US: com_jb2 component for Joomla!
-CVE-2008-2629
+CVE-2008-2629 (SQL injection vulnerability in the LifeType (formerly pLog) module for ...)
 	NOT-FOR-US: LifeType module for Drupal
-CVE-2008-2628
+CVE-2008-2628 (SQL injection vulnerability in the eQuotes (com_equotes) component 0.9 ...)
 	NOT-FOR-US: com_equotes component for Joomla!
-CVE-2008-2627
+CVE-2008-2627 (SQL injection vulnerability in the IDoBlog (com_idoblog) component b24 ...)
 	NOT-FOR-US: com_idoblog for Joomla!
-CVE-2008-2626
+CVE-2008-2626 (SQL injection vulnerability in comment.asp in Battle Blog 1.25 and ear ...)
 	NOT-FOR-US: Battle Blog
-CVE-2008-2625
+CVE-2008-2625 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2008-2624
+CVE-2008-2624 (Unspecified vulnerability in the Oracle OLAP component in Oracle Datab ...)
 	NOT-FOR-US: Oracle
-CVE-2008-2623
+CVE-2008-2623 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-2622
+CVE-2008-2622 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2621
+CVE-2008-2621 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2620
+CVE-2008-2620 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2619
+CVE-2008-2619 (Unspecified vulnerability in the Oracle Reports Developer component in ...)
 	NOT-FOR-US: Oracle
-CVE-2008-2618
+CVE-2008-2618 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2617
+CVE-2008-2617 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2616
+CVE-2008-2616 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2615
+CVE-2008-2615 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2614
+CVE-2008-2614 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2008-2613
+CVE-2008-2613 (Unspecified vulnerability in the Database Scheduler component in Oracl ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2612
+CVE-2008-2612 (Unspecified vulnerability in the Hyperion BI Plus component in Oracle  ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2611
+CVE-2008-2611 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2610
+CVE-2008-2610 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2609
+CVE-2008-2609 (Unspecified vulnerability in the Oracle Portal component in Oracle App ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2608
+CVE-2008-2608 (Unspecified vulnerability in the Data Pump component in Oracle Databas ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2607
+CVE-2008-2607 (Unspecified vulnerability in the Advanced Queuing component in Oracle  ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2606
+CVE-2008-2606 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2605
+CVE-2008-2605 (Unspecified vulnerability in the Authentication component in Oracle Da ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2604
+CVE-2008-2604 (Unspecified vulnerability in the Authentication component in Oracle Da ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2603
+CVE-2008-2603 (Unspecified vulnerability in the Resource Manager component in Oracle  ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2602
+CVE-2008-2602 (Unspecified vulnerability in the Data Pump component in Oracle Databas ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2601
+CVE-2008-2601 (Unspecified vulnerability in the Oracle iStore component in Oracle E-B ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2600
+CVE-2008-2600 (Unspecified vulnerability in the Oracle Spatial component in Oracle Da ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2599
+CVE-2008-2599 (Unspecified vulnerability in the TimesTen Client/Server component in O ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2598
+CVE-2008-2598 (Unspecified vulnerability in the TimesTen Client/Server component in O ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2597
+CVE-2008-2597 (Unspecified vulnerability in the TimesTen Client/Server component in O ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2596
+CVE-2008-2596 (Unspecified vulnerability in the Mobile Application Server component i ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2595
+CVE-2008-2595 (Unspecified vulnerability in the Oracle Internet Directory component i ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2594
+CVE-2008-2594 (Unspecified vulnerability in the Oracle Portal component in Oracle App ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2593
+CVE-2008-2593 (Unspecified vulnerability in the Oracle Portal component in Oracle App ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2592
+CVE-2008-2592 (Unspecified vulnerability in the Advanced Replication component in Ora ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2591
+CVE-2008-2591 (Unspecified vulnerability in the Oracle Database Vault component in Or ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2590
+CVE-2008-2590 (Unspecified vulnerability in the Instance Management component in Orac ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2589
+CVE-2008-2589 (Unspecified vulnerability in the Oracle Portal component in Oracle App ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2588
+CVE-2008-2588 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2008-2587
+CVE-2008-2587 (Unspecified vulnerability in the Advanced Replication component in Ora ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2586
+CVE-2008-2586 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2585
+CVE-2008-2585 (Unspecified vulnerability in the Oracle Report Manager component in Or ...)
 	NOT-FOR-US: Oracle database
 CVE-2008-2584
 	REJECTED
-CVE-2008-2583
+CVE-2008-2583 (Unspecified vulnerability in the sample Discussion Forum Portlet for t ...)
 	NOT-FOR-US: Oracle database
-CVE-2008-2582
+CVE-2008-2582 (Unspecified vulnerability in the WebLogic Server component in Oracle B ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2581
+CVE-2008-2581 (Unspecified vulnerability in the WebLogic Server component in Oracle B ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2580
+CVE-2008-2580 (Unspecified vulnerability in the WebLogic Server component in Oracle B ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2579
+CVE-2008-2579 (Unspecified vulnerability in the WebLogic Server Plugins for Apache, S ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2578
+CVE-2008-2578 (Unspecified vulnerability in the WebLogic Server component in Oracle B ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2577
+CVE-2008-2577 (Unspecified vulnerability in the WebLogic Server component in Oracle B ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2576
+CVE-2008-2576 (Unspecified vulnerability in the WebLogic Server component in Oracle B ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2008-2574
+CVE-2008-2574 (Unrestricted file upload vulnerability in admin/Editor/imgupload.php i ...)
 	NOT-FOR-US: FlashBlog
-CVE-2008-2573
+CVE-2008-2573 (Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote au ...)
 	NOT-FOR-US: freeSSHd
-CVE-2008-2572
+CVE-2008-2572 (SQL injection vulnerability in php/leer_comentarios.php in FlashBlog a ...)
 	NOT-FOR-US: FlashBlog
-CVE-2008-2571
+CVE-2008-2571 (Cross-site request forgery (CSRF) vulnerability in LimeSurvey (formerl ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2008-2570
+CVE-2008-2570 (Multiple unspecified vulnerabilities in LimeSurvey (formerly PHPSurvey ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2008-2569
+CVE-2008-2569 (SQL injection vulnerability in the EasyBook (com_easybook) component 1 ...)
 	NOT-FOR-US: com_easybook component for Joomla!
-CVE-2008-2568
+CVE-2008-2568 (SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) ...)
 	NOT-FOR-US: com_simpleshop component for Joomla!
-CVE-2008-2567
+CVE-2008-2567 (Cross-site scripting (XSS) vulnerability in Fenriru Sleipnir 2.7.1 Rel ...)
 	NOT-FOR-US: Fenriru Sleipnir
-CVE-2008-2566
+CVE-2008-2566 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Boo ...)
 	NOT-FOR-US: PHP Address Book
-CVE-2008-2565
+CVE-2008-2565 (Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and e ...)
 	NOT-FOR-US: PHP Address Book
-CVE-2008-2564
+CVE-2008-2564 (SQL injection vulnerability in the JotLoader (com_jotloader) component ...)
 	NOT-FOR-US: com_jotloader component for Joomla!
-CVE-2008-2563
+CVE-2008-2563 (Multiple cross-site scripting (XSS) vulnerabilities in (1) dsp_main.ph ...)
 	NOT-FOR-US: SamTodo
-CVE-2008-2562
+CVE-2008-2562 (SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and ea ...)
 	NOT-FOR-US: PowerPhlogger
-CVE-2008-2561
+CVE-2008-2561 (Multiple cross-site scripting (XSS) vulnerabilities in 427BB 2.3.1 all ...)
 	NOT-FOR-US: 427BB
-CVE-2008-2560
+CVE-2008-2560 (SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remo ...)
 	NOT-FOR-US: 427BB
-CVE-2008-2654
+CVE-2008-2654 (Off-by-one error in the read_client function in webhttpd.c in Motion 3 ...)
 	- motion 3.2.9-3 (low; bug #484572)
 	[etch] - motion <no-dsa> (minor issue)
-CVE-2008-2667
+CVE-2008-2667 (SQL injection vulnerability in the Courier Authentication Library (aka ...)
 	{DSA-1688-1}
 	- courier-authlib 0.60.1-2.1 (bug #485424)
 CVE-2008-XXXX [missing sanity checks allow DoS via mis-formated timestamp]
 	- evolution 2.22.2-1.1 (low; bug #484639)
 	[etch] - evolution <no-dsa> (Minor issue)
-CVE-2008-2559
+CVE-2008-2559 (Integer overflow in Borland Interbase 2007 SP2 (8.1.0.256) allows remo ...)
 	NOT-FOR-US: Borland Interbase
-CVE-2008-2558
+CVE-2008-2558 (CRE Loaded 6.2.13.1 and earlier does not set the "Secure" attribute fo ...)
 	NOT-FOR-US: CRE Loaded
-CVE-2008-2557
+CVE-2008-2557 (Cross-site scripting (XSS) vulnerability in CRE Loaded 6.2.13.1 and ea ...)
 	NOT-FOR-US: CRE Loaded
-CVE-2008-2556
+CVE-2008-2556 (SQL injection vulnerability in read.php in PHP Visit Counter 0.4 and e ...)
 	NOT-FOR-US: PHP Visit Counter
-CVE-2008-2555
+CVE-2008-2555 (SQL injection vulnerability in index.php in EasyWay CMS allows remote  ...)
 	NOT-FOR-US: EasyWay CMS
-CVE-2008-2554
+CVE-2008-2554 (Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote att ...)
 	NOT-FOR-US: BP Blog
-CVE-2008-2553
+CVE-2008-2553 (Cross-site scripting (XSS) vulnerability in Slashdot Like Automated St ...)
 	{DSA-1633-1}
 	- slash 2.2.6-8etch1 (low; bug #484499)
 	NOTE: See CVE-2008-2231
 	NOTE: maintainer wants to remove package from unstable and move to experimental
-CVE-2008-2552
+CVE-2008-2552 (Unspecified vulnerability in the Service Tag Registry on Sun Solaris 1 ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-2551
+CVE-2008-2551 (The DownloaderActiveX Control (DownloaderActiveX.ocx) in Icona SpA C6  ...)
 	NOT-FOR-US: DownloaderActiveX Control
-CVE-2008-2550
+CVE-2008-2550 (Unspecified vulnerability in the Web Services Security component in IB ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-2549
+CVE-2008-2549 (Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remot ...)
 	NOT-FOR-US: Acrobat Reader
-CVE-2008-2548
+CVE-2008-2548 (Stack-based buffer overflow in the JPEG thumbprint component in the EX ...)
 	NOT-FOR-US: JPEG thumbprint component in the EXIF parser on Motorola cell phones
-CVE-2008-2547
+CVE-2008-2547 (Stack-based buffer overflow in msiexec.exe 3.1.4000.1823 and 4.5.6001. ...)
 	NOT-FOR-US: Microsoft Windows Installer
 CVE-2008-2546
 	REJECTED
-CVE-2008-2545
+CVE-2008-2545 (Skype 3.6.0.248, and other versions before 3.8.0.139, uses a case-sens ...)
 	NOT-FOR-US: Skype
 CVE-2008-2544
 	RESERVED
 	- linux <unfixed> (unimportant)
 	NOTE: non-issue, cf. https://bugzilla.redhat.com/show_bug.cgi?id=449089#c22
-CVE-2008-2543
+CVE-2008-2543 (The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and As ...)
 	- asterisk-addons 1.4.7-1 (bug #484796)
-CVE-2008-2542
+CVE-2008-2542 (Stack-based buffer overflow in the getline function in Ppm/ppm.C in NA ...)
 	NOT-FOR-US: NASA Ames Research Center BigView
-CVE-2008-2541
+CVE-2008-2541 (Multiple stack-based buffer overflows in the HTTP Gateway Service (ici ...)
 	NOT-FOR-US: CA eTrust
-CVE-2008-2540
+CVE-2008-2540 (Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt ...)
 	NOT-FOR-US: Apple Safari
-CVE-2008-2539
+CVE-2008-2539 (The Sun Cluster Global File System in Sun Cluster 3.1 on Sun Solaris 8 ...)
 	NOT-FOR-US: Sun Solaris 8
-CVE-2008-2538
+CVE-2008-2538 (Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and  ...)
 	NOT-FOR-US: Sun Solaris 8
-CVE-2008-2537
+CVE-2008-2537 (SQL injection vulnerability in cat.php in HispaH Model Search allows r ...)
 	NOT-FOR-US: HispaH Model Search
-CVE-2008-2536
+CVE-2008-2536 (SQL injection vulnerability in out.php in YABSoft Advanced Image Hosti ...)
 	NOT-FOR-US: YABSoft Advanced Image
-CVE-2008-2535
+CVE-2008-2535 (Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2  ...)
 	NOT-FOR-US: Phoenix View CMS Pre Alpha2
-CVE-2008-2534
+CVE-2008-2534 (Directory traversal vulnerability in admin/admin_frame.php in Phoenix  ...)
 	NOT-FOR-US: Phoenix View CMS Pre Alpha2
-CVE-2008-2533
+CVE-2008-2533 (Multiple cross-site scripting (XSS) vulnerabilities in Phoenix View CM ...)
 	NOT-FOR-US: Phoenix View CMS Pre Alpha2
-CVE-2008-2532
+CVE-2008-2532 (SQL injection vulnerability in forum/topic_detail.php in AJ Square aj- ...)
 	NOT-FOR-US: AJ Square aj-hyip
-CVE-2008-2531
+CVE-2008-2531 (Cross-site scripting (XSS) vulnerability in the search script in Build ...)
 	NOT-FOR-US: Build A Niche Store
-CVE-2008-2530
+CVE-2008-2530 (Multiple SQL injection vulnerabilities in Concepts &amp; Solutions Qui ...)
 	NOT-FOR-US: Concepts & Solutions QuickUpCMS
-CVE-2008-2529
+CVE-2008-2529 (SQL injection vulnerability in read.php in Advanced Links Management ( ...)
 	NOT-FOR-US: Advanced Links Management
-CVE-2008-2528
+CVE-2008-2528 (Unspecified vulnerability in Citrix Access Gateway Standard Edition 4. ...)
 	NOT-FOR-US: Citrix Access Gateway Standard Edition
-CVE-2008-2527
+CVE-2008-2527 (Cross-site scripting (XSS) vulnerability in view.php in ActualScripts  ...)
 	NOT-FOR-US: ActualScripts ActualAnalyzer Server
-CVE-2008-2526
+CVE-2008-2526 (Cross-site scripting (XSS) vulnerability in the WT Gallery (aka wt_gal ...)
 	NOT-FOR-US: WT Gallery
-CVE-2008-2525
+CVE-2008-2525 (Cross-site scripting (XSS) vulnerability in the Event Database (aka rl ...)
 	NOT-FOR-US: typo3 extension Event Database
-CVE-2008-2524
+CVE-2008-2524 (BlogPHP 2.0 allows remote attackers to bypass authentication, and post ...)
 	NOT-FOR-US: BlogPHP
-CVE-2008-2523
+CVE-2008-2523 (SQL injection vulnerability in the Autopatcher server plugin in RakNet ...)
 	NOT-FOR-US: RakNet
-CVE-2008-2522
+CVE-2008-2522 (SQL injection vulnerability in members.php in Battle.net Clan Script f ...)
 	NOT-FOR-US: Battle.net Clan Script
-CVE-2008-2521
+CVE-2008-2521 (SQL injection vulnerability in members.php in YABSoft Mega File Hostin ...)
 	NOT-FOR-US: YABSoft Mega File
-CVE-2008-2520
+CVE-2008-2520 (Multiple PHP remote file inclusion vulnerabilities in BigACE 2.4, when ...)
 	NOT-FOR-US: BigACE
-CVE-2008-2519
+CVE-2008-2519 (Directory traversal vulnerability in Core FTP client 2.1 Build 1565 al ...)
 	NOT-FOR-US: Core FTP client
-CVE-2008-2518
+CVE-2008-2518 (Cross-site scripting (XSS) vulnerability in the advanced search mechan ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2008-2517
+CVE-2008-2517 (The sarab.sh script in SaraB before 0.2.4 places the dar program's enc ...)
 	NOT-FOR-US: SaraB
-CVE-2008-2515
+CVE-2008-2515 (Unspecified vulnerability in iostat in IBM AIX 5.2, 5.3, and 6.1 allow ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-2514
+CVE-2008-2514 (Buffer overflow in errpt in IBM AIX 5.2, 5.3, and 6.1 allows local use ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-2513
+CVE-2008-2513 (Buffer overflow in the kernel in IBM AIX 5.2, 5.3, and 6.1 allows loca ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-2512
+CVE-2008-2512 (Directory traversal vulnerability in Symantec Backup Exec System Recov ...)
 	NOT-FOR-US: Symantec Backup Exec System Recovery Manager
-CVE-2008-2511
+CVE-2008-2511 (Directory traversal vulnerability in the UmxEventCli.CachedAuditDataLi ...)
 	NOT-FOR-US: CA Internet Security Suite
-CVE-2008-2510
+CVE-2008-2510 (SQL injection vulnerability in wp-uploadfile.php in the Upload File pl ...)
 	NOT-FOR-US: Upload File plugin for WordPress
-CVE-2008-2509
+CVE-2008-2509 (SQL injection vulnerability in pwd.asp in Excuse Online allows remote  ...)
 	NOT-FOR-US: Excuse Online
-CVE-2008-2508
+CVE-2008-2508 (Cross-site scripting (XSS) vulnerability in news.php in Tr Script News ...)
 	NOT-FOR-US: Tr Script News
-CVE-2008-2507
+CVE-2008-2507 (Cross-site scripting (XSS) vulnerability in Calcium40.pl in Brown Bear ...)
 	NOT-FOR-US: Brown Bear Software Calcium
-CVE-2008-2506
+CVE-2008-2506 (Multiple SQL injection vulnerabilities in Simpel Side Weblosning 1 thr ...)
 	NOT-FOR-US: Simpel Side Weblosning
-CVE-2008-2505
+CVE-2008-2505 (Cross-site scripting (XSS) vulnerability in result.php in Simpel Side  ...)
 	NOT-FOR-US: Simpel Side Weblosning
-CVE-2008-2504
+CVE-2008-2504 (Multiple SQL injection vulnerabilities in Simpel Side Netbutik 1 throu ...)
 	NOT-FOR-US: Simpel Side Netbutik
-CVE-2008-2503
+CVE-2008-2503 (Buffer overflow in Uploadlist in eMule X-Ray before 1.4 has unknown im ...)
 	NOT-FOR-US: eMule X-Ray
-CVE-2008-2502
+CVE-2008-2502 (Unspecified vulnerability in the web server in eMule X-Ray before 1.4  ...)
 	NOT-FOR-US: eMule X-Ray
-CVE-2008-2501
+CVE-2008-2501 (Multiple SQL injection vulnerabilities in PHPhotoalbum 0.5 allow remot ...)
 	NOT-FOR-US: PHPhotoalbum
-CVE-2008-2500
+CVE-2008-2500 (Cross-site scripting (XSS) vulnerability in the MOStlyContent Editor ( ...)
 	NOT-FOR-US: MOStlyContent Editor
-CVE-2008-2499
+CVE-2008-2499 (Stack-based buffer overflow in the Community Services Multiplexer (aka ...)
 	NOT-FOR-US: Community Services Multiplexer
-CVE-2008-2498
+CVE-2008-2498 (Multiple SQL injection vulnerabilities in index.php in Mambo before 4. ...)
 	NOT-FOR-US: Mambo
-CVE-2008-2497
+CVE-2008-2497 (CRLF injection vulnerability in Mambo before 4.6.4 allows remote attac ...)
 	NOT-FOR-US: Mambo
-CVE-2008-2496
+CVE-2008-2496 (Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 ...)
 	NOT-FOR-US: Quate CMS
-CVE-2008-2495
+CVE-2008-2495 (Directory traversal vulnerability in index.php in Zina 1.0 RC3 allows  ...)
 	NOT-FOR-US: Zina
-CVE-2008-2494
+CVE-2008-2494 (Cross-site scripting (XSS) vulnerability in index.php in Zina 1.0 RC3  ...)
 	NOT-FOR-US: Zina
-CVE-2008-2493
+CVE-2008-2493 (Cross-site scripting (XSS) vulnerability in post3/Book.asp in Campus B ...)
 	NOT-FOR-US: Campus Bulletin Board
-CVE-2008-2492
+CVE-2008-2492 (Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 al ...)
 	NOT-FOR-US: Campus Bulletin Board
-CVE-2008-2491
+CVE-2008-2491 (SQL injection vulnerability in adv_cat.php in AbleSpace 1.0 allows rem ...)
 	NOT-FOR-US: AbleSpace
-CVE-2008-2490
+CVE-2008-2490 (Cross-site scripting (XSS) vulnerability in the KJ Image Lightbox 2 (a ...)
 	NOT-FOR-US: KJ Image Lightbox 2
-CVE-2008-2489
+CVE-2008-2489 (SQL injection vulnerability in the Library for Frontend Plugins (aka s ...)
 	NOT-FOR-US: Library for Frontend Plugins sg_zfelib
-CVE-2008-2488
+CVE-2008-2488 (admin/userform.php in RoomPHPlanning 1.5 does not require administrati ...)
 	NOT-FOR-US: RoomPHPlanning
-CVE-2008-2487
+CVE-2008-2487 (SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier a ...)
 	NOT-FOR-US: MAXSITE
-CVE-2008-2486
+CVE-2008-2486 (Unspecified vulnerability in eMule Plus before 1.2d has unknown impact ...)
 	- amule <not-affected> (Different code)
-CVE-2008-2485
+CVE-2008-2485 (Cross-site scripting (XSS) vulnerability in the URL redirection script ...)
 	NOT-FOR-US: PCPIN chat
-CVE-2008-2484
+CVE-2008-2484 (SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when ...)
 	NOT-FOR-US: Xomol CMS
-CVE-2008-2483
+CVE-2008-2483 (Directory traversal vulnerability in index.php in Xomol CMS 1.20071213 ...)
 	NOT-FOR-US: Xomol CMS
-CVE-2008-2482
+CVE-2008-2482 (Directory traversal vulnerability in install_mod.php in insanevisions  ...)
 	NOT-FOR-US: OneCMS
-CVE-2008-2481
+CVE-2008-2481 (PHP remote file inclusion vulnerability in authentication/phpbb3/phpbb ...)
 	NOT-FOR-US: phpRaider
-CVE-2008-2480
+CVE-2008-2480 (PHP remote file inclusion vulnerability in plus.php in plusPHP Short U ...)
 	NOT-FOR-US: plusPHP
-CVE-2008-2479
+CVE-2008-2479 (Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote atta ...)
 	NOT-FOR-US: phpFix
 CVE-2008-2478
 	NOT-FOR-US: cPanel
-CVE-2008-2477
+CVE-2008-2477 (SQL injection vulnerability in index.php in MxBB (aka MX-System) Porta ...)
 	NOT-FOR-US: MxBB (MX-System)
-CVE-2008-2476
+CVE-2008-2476 (The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeB ...)
 	- kfreebsd-7 7.0-6
 	NOTE: IPv6 NDP flaw not affecting Linux
-CVE-2008-2475
+CVE-2008-2475 (eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) bef ...)
 	NOT-FOR-US: eBay Enhanced Picture Uploader ActiveX control
-CVE-2008-2474
+CVE-2008-2474 (Buffer overflow in x87 before 3.5.5 in ABB Process Communication Unit  ...)
 	NOT-FOR-US: ABB Process Communication Unit
 CVE-2008-2473
 	RESERVED
@@ -11384,12 +11384,12 @@ CVE-2008-2472
 	RESERVED
 CVE-2008-2471
 	RESERVED
-CVE-2008-2470
+CVE-2008-2470 (The InstallShield Update Service Agent ActiveX control in isusweb.dll  ...)
 	NOT-FOR-US: InstallShield
-CVE-2008-2469
+CVE-2008-2469 (Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Sp ...)
 	{DSA-1659-1 DTSA-172-1}
 	- libspf2 1.2.9-1 (high)
-CVE-2008-2468
+CVE-2008-2468 (Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe)  ...)
 	NOT-FOR-US: LANDesk Management Suite
 CVE-2008-2467
 	RESERVED
@@ -11397,174 +11397,174 @@ CVE-2008-2466
 	RESERVED
 CVE-2008-2465
 	RESERVED
-CVE-2008-2464
+CVE-2008-2464 (The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD  ...)
 	NOT-FOR-US: NetBSD
-CVE-2008-2463
+CVE-2008-2463 (The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx 1 ...)
 	NOT-FOR-US: Microsoft Office Snapshot Viewer ActiveX
-CVE-2008-2462
+CVE-2008-2462 (Cross-site scripting (XSS) vulnerability in the viewfile documentation ...)
 	NOT-FOR-US: Caucho Resin
-CVE-2008-2461
+CVE-2008-2461 (SQL injection vulnerability in index.php in Netious CMS 0.4 allows rem ...)
 	NOT-FOR-US: Netious
-CVE-2008-2460
+CVE-2008-2460 (SQL injection vulnerability in faq.php in vBulletin 3.7.0 Gold allows  ...)
 	NOT-FOR-US: vBulletin
-CVE-2008-2459
+CVE-2008-2459 (Directory traversal vulnerability in page.php in EntertainmentScript 1 ...)
 	NOT-FOR-US: EntertainmentScript
-CVE-2008-2458
+CVE-2008-2458 (Cross-site scripting (XSS) vulnerability in index.php in Starsgames Co ...)
 	NOT-FOR-US: Starsgames
-CVE-2008-2457
+CVE-2008-2457 (SQL injection vulnerability in jokes_category.php in PHP-Jokesite 2.0  ...)
 	NOT-FOR-US: PHP-Jokesite
-CVE-2008-2456
+CVE-2008-2456 (SQL injection vulnerability in index.php in ComicShout 2.5 and earlier ...)
 	NOT-FOR-US: ComicShout
-CVE-2008-2455
+CVE-2008-2455 (SQL injection vulnerability in comment.php in the MacGuru BLOG Engine  ...)
 	NOT-FOR-US: MacGuru BLOG Engine
-CVE-2008-2454
+CVE-2008-2454 (SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) compo ...)
 	NOT-FOR-US: xsstream-dm
-CVE-2008-2453
+CVE-2008-2453 (Multiple SQL injection vulnerabilities in PHP Classifieds Script allow ...)
 	NOT-FOR-US: PHP Classifieds Script
-CVE-2008-2452
+CVE-2008-2452 (Cross-site scripting (XSS) vulnerability in the Questionaire (aka pbsu ...)
 	NOT-FOR-US: Questionaire pbsurvey
-CVE-2008-2451
+CVE-2008-2451 (Multiple SQL injection vulnerabilities in the Statistics (aka ke_stats ...)
 	NOT-FOR-US: Statistics ke_stats
-CVE-2008-2450
+CVE-2008-2450 (Multiple cross-site scripting (XSS) vulnerabilities in the Statistics  ...)
 	NOT-FOR-US: Statistics ke_stats
-CVE-2008-2449
+CVE-2008-2449 (Multiple cross-site scripting (XSS) vulnerabilities in Isaac McGowan p ...)
 	NOT-FOR-US: phpInstantGallery
-CVE-2008-2448
+CVE-2008-2448 (Multiple SQL injection vulnerabilities in Meto Forum 1.1 allow remote  ...)
 	NOT-FOR-US: Meto Forum
-CVE-2008-2447
+CVE-2008-2447 (SQL injection vulnerability in products.php in the Mytipper ZoGo-shop  ...)
 	NOT-FOR-US: Mytipper ZoGo-shop
-CVE-2008-2446
+CVE-2008-2446 (Multiple SQL injection vulnerabilities in Web Group Communication Cent ...)
 	NOT-FOR-US: Web Group Communication Center
-CVE-2008-2445
+CVE-2008-2445 (Cross-site scripting (XSS) vulnerability in profile.php in Web Group C ...)
 	NOT-FOR-US: Web Group Communication Center
-CVE-2008-2444
+CVE-2008-2444 (SQL injection vulnerability in userreg.php in CaLogic Calendars 1.2.2  ...)
 	NOT-FOR-US: CaLogic Calendars
-CVE-2008-2443
+CVE-2008-2443 (SQL injection vulnerability in dpage.php in The Real Estate Script all ...)
 	NOT-FOR-US: Real Estate Script
 CVE-2008-2442
 	RESERVED
-CVE-2008-2441
+CVE-2008-2441 (Cisco Secure ACS 3.x before 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x befo ...)
 	NOT-FOR-US: Cisco Secure ACS
 CVE-2008-2440
 	RESERVED
-CVE-2008-2439
+CVE-2008-2439 (Directory traversal vulnerability in the UpdateAgent function in TmLis ...)
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2008-2438
+CVE-2008-2438 (Integer overflow in ovalarmsrv.exe in HP OpenView Network Node Manager ...)
 	NOT-FOR-US: HP OpenView
-CVE-2008-2437
+CVE-2008-2437 (Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeSc ...)
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2008-2436
+CVE-2008-2436 (Multiple heap-based buffer overflows in the IppCreateServerRef functio ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2008-2435
+CVE-2008-2435 (Use-after-free vulnerability in the Trend Micro HouseCall ActiveX cont ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-2434
+CVE-2008-2434 (The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 i ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-2433
+CVE-2008-2433 (The web management console in Trend Micro OfficeScan 7.0 through 8.0,  ...)
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2008-2432
+CVE-2008-2432 (Insecure method vulnerability in the GetFileList method in an unspecif ...)
 	NOT-FOR-US: Novell iPrint
-CVE-2008-2431
+CVE-2008-2431 (Multiple buffer overflows in Novell iPrint Client before 5.06 allow re ...)
 	NOT-FOR-US: Novell iPrint
-CVE-2008-2430
+CVE-2008-2430 (Integer overflow in the Open function in modules/demux/wav.c in VLC Me ...)
 	{DSA-1819-1 DTSA-148-1}
 	- vlc 0.8.6.h-1 (medium; bug #489004)
-CVE-2008-2429
+CVE-2008-2429 (Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.2007111 ...)
 	NOT-FOR-US: Calendarix
-CVE-2008-2428
+CVE-2008-2428 (Multiple SQL injection vulnerabilities in TorrentTrader 1.08 Classic a ...)
 	NOT-FOR-US: TorrentTrader
-CVE-2008-2427
+CVE-2008-2427 (Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView ...)
 	NOT-FOR-US: NConvert, GFL SDK, XnView
-CVE-2008-2426
+CVE-2008-2426 (Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 al ...)
 	{DSA-1594-1}
 	- imlib2 1.4.0-1.1 (medium; bug #483816)
 	- imlib <not-affected> (Partly not present / partly fixed)
-CVE-2008-2425
+CVE-2008-2425 (SQL injection vulnerability in index.php in FicHive 1.0 allows remote  ...)
 	NOT-FOR-US: FicHive
-CVE-2008-2422
+CVE-2008-2422 (SQL injection vulnerability in index.php in Web Slider 0.6 allows remo ...)
 	NOT-FOR-US: Web Slider
-CVE-2008-2421
+CVE-2008-2421 (Cross-site scripting (XSS) vulnerability in the Web GUI in SAP Web App ...)
 	NOT-FOR-US: Web GUI in SAP Web Application Server (WAS)
-CVE-2008-2419
+CVE-2008-2419 (Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of  ...)
 	NOTE: Mozilla bug 435130, not reproducible by upstream, Debian bug #484484
-CVE-2008-2418
+CVE-2008-2418 (Race condition in the STREAMS Administrative Driver (sad) in Sun Solar ...)
 	NOT-FOR-US: STREAMS Administrative Driver SUN
-CVE-2008-2417
+CVE-2008-2417 (SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard ...)
 	NOT-FOR-US: Webboard
-CVE-2008-2416
+CVE-2008-2416 (SQL injection vulnerability in index.php in FicHive 1.0 allows remote  ...)
 	NOT-FOR-US: FicHive
-CVE-2008-2415
+CVE-2008-2415 (Directory traversal vulnerability in template/purpletech/base_include. ...)
 	NOT-FOR-US: DigitalHive
-CVE-2008-2414
+CVE-2008-2414 (Cross-site scripting (XSS) vulnerability in send_email.php in AN Guest ...)
 	NOT-FOR-US: AN Guestbook
-CVE-2008-2413
+CVE-2008-2413 (Cross-site scripting (XSS) vulnerability in glossaire.php in ACGV News ...)
 	NOT-FOR-US: ACGV News
-CVE-2008-2412
+CVE-2008-2412 (SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows ...)
 	NOT-FOR-US: ACGV News
-CVE-2008-2411
+CVE-2008-2411 (SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, ...)
 	NOT-FOR-US: SazCart
-CVE-2008-2410
+CVE-2008-2410 (Cross-site scripting (XSS) vulnerability in the servlet engine and Web ...)
 	NOT-FOR-US: Web Server service in IBM Lotus Domino
-CVE-2008-2409
+CVE-2008-2409 (Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10 ...)
 	NOT-FOR-US: Cerulean Studios Trillian
-CVE-2008-2408
+CVE-2008-2408 (Heap-based buffer overflow in the XML parsing functionality in talk.dl ...)
 	NOT-FOR-US: Cerulean Studios Trillian
-CVE-2008-2407
+CVE-2008-2407 (Stack-based buffer overflow in AIM.DLL in Cerulean Studios Trillian be ...)
 	NOT-FOR-US: Cerulean Studios Trillian
-CVE-2008-2406
+CVE-2008-2406 (The administration application server in Sun Java Active Server Pages  ...)
 	NOT-FOR-US: Sun Java System Active Server Pages
-CVE-2008-2405
+CVE-2008-2405 (Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote a ...)
 	NOT-FOR-US: Sun Java System Active Server Pages
-CVE-2008-2404
+CVE-2008-2404 (Stack-based buffer overflow in the request handling implementation in  ...)
 	NOT-FOR-US: Sun Java System Active Server Pages
-CVE-2008-2403
+CVE-2008-2403 (Multiple directory traversal vulnerabilities in unspecified ASP applic ...)
 	NOT-FOR-US: Sun Java System Active Server Pages
-CVE-2008-2402
+CVE-2008-2402 (The Admin Server in Sun Java Active Server Pages (ASP) Server before 4 ...)
 	NOT-FOR-US: Sun Java System Active Server Pages
-CVE-2008-2401
+CVE-2008-2401 (The Admin Server in Sun Java Active Server Pages (ASP) Server before 4 ...)
 	NOT-FOR-US: Sun Java System Active Server Pages
-CVE-2008-2400
+CVE-2008-2400 (Unspecified vulnerability in stunnel before 4.23, when running as a se ...)
 	- stunnel4 <not-affected> (Windows specific issue)
-CVE-2008-2399
+CVE-2008-2399 (Directory traversal vulnerability in the FireFTP add-on before 0.98.20 ...)
 	NOT-FOR-US: FireFTP
-CVE-2008-2575
+CVE-2008-2575 (cbrPager before 0.9.17 allows user-assisted remote attackers to execut ...)
 	- cbrpager 0.9.17-1 (low; bug #482853)
 	[etch] - cbrpager 0.9.14-3+etch1
 	NOTE: Minor issue fixed in 4.0r4 point release
 CVE-2008-XXXX [resizing the monitor with xrandr can crash xscreensaver]
 	- xscreensaver 5.05-3 (unimportant; bug #482385)
-CVE-2008-2516
+CVE-2008-2516 (pam_sm_authenticate in pam_pgsql.c in libpam-pgsql 0.6.3 does not prop ...)
 	- pam-pgsql 0.6.3-2 (medium; bug #481970)
 	[etch] - pam-pgsql <not-affected> (Vulnerable code not present)
 	NOTE: pam_pgsql is not configured as "sufficient" in Debian default configuration
-CVE-2008-2424
+CVE-2008-2424 (Unspecified vulnerability in the 404 error page for the "Standard demo ...)
 	- interchange 5.5.1 (low; bug #482636)
-CVE-2008-2423
+CVE-2008-2423 (Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 ...)
 	- interchange 5.5.1 (low; bug #482636)
-CVE-2008-2420
+CVE-2008-2420 (The OCSP functionality in stunnel before 4.24 does not properly search ...)
 	- stunnel4 3:4.22-1.1 (low; bug #482644)
-CVE-2008-2398
+CVE-2008-2398 (Cross-site scripting (XSS) vulnerability in index.php in AppServ Open  ...)
 	NOT-FOR-US: AppServ Open Project
-CVE-2008-2397
+CVE-2008-2397 (Cross-site scripting (XSS) vulnerability in search-results.dot in dotC ...)
 	NOT-FOR-US: dotCMS
-CVE-2008-2396
+CVE-2008-2396 (PHP remote file inclusion vulnerability in index.php in Wajox Software ...)
 	NOT-FOR-US: microSSys
-CVE-2008-2395
+CVE-2008-2395 (SQL injection vulnerability in thread.php in AlkalinePHP 0.80.00 beta  ...)
 	NOT-FOR-US: AlkalinePHP
-CVE-2008-2394
+CVE-2008-2394 (Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow re ...)
 	NOT-FOR-US: TAGWORX.CMS
-CVE-2008-2393
+CVE-2008-2393 (SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 a ...)
 	NOT-FOR-US: EntertainmentScript
-CVE-2008-2392
+CVE-2008-2392 (Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier  ...)
 	- wordpress 2.5.1-4 (low; bug #485807)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: Unrestricted file upload vulnerability was introduced in 2.3.0
-CVE-2008-2391
+CVE-2008-2391 (SubSonic allows remote attackers to bypass pagesize limits and cause a ...)
 	NOT-FOR-US: SubSonic
-CVE-2008-2390
+CVE-2008-2390 (Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) E ...)
 	NOT-FOR-US: HP Software Update
-CVE-2008-2389
+CVE-2008-2389 (opensuse-updater in openSUSE 10.2 allows local users to access arbitra ...)
 	NOT-FOR-US: opensuse-updater
-CVE-2008-2388
+CVE-2008-2388 (Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have u ...)
 	NOT-FOR-US: opensuse-updater
 CVE-2008-2387
 	RESERVED
@@ -11572,40 +11572,40 @@ CVE-2008-2386
 	RESERVED
 CVE-2008-2385
 	RESERVED
-CVE-2008-2384
+CVE-2008-2384 (SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql  ...)
 	- mod-auth-mysql 4.3.9-11 (medium)
-CVE-2008-2383
+CVE-2008-2383 (CRLF injection vulnerability in xterm allows user-assisted attackers t ...)
 	{DSA-1694-1 DTSA-182-1}
 	- xterm 238-2 (medium; bug #510030)
-CVE-2008-2382
+CVE-2008-2382 (The protocol_client_msg function in vnc.c in the VNC server in (1) Qem ...)
 	- qemu 0.9.1-9
 	[etch] - qemu <not-affected> (Tested by maintainer)
 	- kvm 72+dfsg-4
 	- xen-unstable <not-affected> (Vulnerable code not present)
 	- xen-3 <not-affected> (Vulnerable code not present)
-CVE-2008-2381
+CVE-2008-2381 (SQL injection vulnerability in the create function in common/include/G ...)
 	{DSA-1698-1}
 	- gforge 4.7~rc2-7
-CVE-2008-2380
+CVE-2008-2380 (SQL injection vulnerability in authpgsqllib.c in Courier-Authlib befor ...)
 	{DSA-1688-1 DTSA-180-1}
 	- courier-authlib 0.61.0-1+lenny1
-CVE-2008-2379
+CVE-2008-2379 (Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 ...)
 	{DSA-1682-1}
 	- squirrelmail 2:1.4.15-4
-CVE-2008-2378
+CVE-2008-2378 (Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 al ...)
 	{DSA-1668-1}
 	- hf 0.8-8.1 (medium; bug #504182)
-CVE-2008-2377
+CVE-2008-2377 (Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_cle ...)
 	- gnutls26 2.4.1-1 (medium)
 	- gnutls13 <not-affected> (Problem was introduced in 2.3.5)
-CVE-2008-2376
+CVE-2008-2376 (Integer overflow in the rb_ary_fill function in array.c in Ruby before ...)
 	{DSA-1618-1 DSA-1612-1}
 	- ruby1.9 1.9.0.2-2
 	- ruby1.8 1.8.7.22-2
 	NOTE: http://www.openwall.com/lists/oss-security/2008/07/02/3
-CVE-2008-2375
+CVE-2008-2375 (Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on  ...)
 	- vsftpd <not-affected> (debian versions all include the fix)
-CVE-2008-2374
+CVE-2008-2374 (src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.3 ...)
 	- bluez-libs 3.34 (low)
 	[etch] - bluez-libs <no-dsa> (Minor issue)
 	- bluez-utils 3.34 (low)
@@ -11613,253 +11613,253 @@ CVE-2008-2374
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2374
 CVE-2008-2373
 	REJECTED
-CVE-2008-2372
+CVE-2008-2372 (The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users  ...)
 	- linux-2.6 2.6.26-1
 	[etch] - linux-2.6 <not-affected> (Introduced between 2.6.23 and 2.6.24)
 	- linux-2.6.24 2.6.24-6~etchnhalf.4
 	NOTE: IMO this is a lack of optimisation, not a security issue? - jmm
 	NOTE: 89f5b7da2a6bad2e84670422ab8192382a5aeb9f
-CVE-2008-2371
+CVE-2008-2371 (Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Re ...)
 	{DSA-1602-1 DTSA-145-1}
 	- pcre3 7.6-2.1 (medium; bug #488919)
-CVE-2008-2370
+CVE-2008-2370 (Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 th ...)
 	- tomcat5.5 5.5.26-4 (bug #494504)
-CVE-2008-2369
+CVE-2008-2369 (manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a har ...)
 	NOT-FOR-US: Red Hat Network Satellite Server
-CVE-2008-2368
+CVE-2008-2368 (Red Hat Certificate System 7.2 stores passwords in cleartext in the Us ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2008-2367
+CVE-2008-2367 (Red Hat Certificate System 7.2 uses world-readable permissions for pas ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2008-2366
+CVE-2008-2366 (Untrusted search path vulnerability in a certain Red Hat build script  ...)
 	- openoffice.org <not-affected> (RedHat-specific packaging flaw)
-CVE-2008-2365
+CVE-2008-2365 (Race condition in the ptrace and utrace support in the Linux kernel 2. ...)
 	- linux-2.6 2.6.17
 	NOTE: 5ecfbae093f0c37311e89b29bfc0c9d586eace87 f5b40e363ad6041a96e3da32281d8faa191597b9
 	NOTE: f358166a9405e4f1d8e50d8f415c26d95505b6de
-CVE-2008-2364
+CVE-2008-2364 (The ap_proxy_http_process_response function in mod_proxy_http.c in the ...)
 	- apache2 2.2.9-1 (low)
 	[etch] - apache2 2.2.3-4+etch6
 	- apache <not-affected> (vulnerable code not present)
-CVE-2008-2363
+CVE-2008-2363 (The PartsBatch class in Pan 0.132 and earlier does not properly manage ...)
 	- pan 0.132-3.1 (bug #483562)
 	[etch] - pan <not-affected> (Vulnerable code not added until 0.130)
 	NOTE: see http://svn.gnome.org/viewvc/pan2/trunk/pan/data/parts.cc?view=log&pathrev=286
-CVE-2008-2362
+CVE-2008-2362 (Multiple integer overflows in the Render extension in the X server 1.4 ...)
 	{DSA-1595-1 DTSA-141-1}
 	- xorg-server 2:1.4.1~git20080517-2
-CVE-2008-2361
+CVE-2008-2361 (Integer overflow in the ProcRenderCreateCursor function in the Render  ...)
 	{DSA-1595-1 DTSA-141-1}
 	- xorg-server 2:1.4.1~git20080517-2
-CVE-2008-2360
+CVE-2008-2360 (Integer overflow in the AllocateGlyph function in the Render extension ...)
 	{DSA-1595-1 DTSA-141-1}
 	- xorg-server 2:1.4.1~git20080517-2
-CVE-2008-2359
+CVE-2008-2359 (The default configuration of consolehelper in system-config-network be ...)
 	NOT-FOR-US: system-config-network Fedora
-CVE-2008-2358
+CVE-2008-2358 (Integer overflow in the dccp_feat_change function in net/dccp/feat.c i ...)
 	{DSA-1592-1}
 	- linux-2.6 2.6.20-1
 	NOTE: DCCP feature sanitising was introduced in 2.6.20
 	NOTE: this version casts sizeof to int. This is a module, not a compiled in feature in Debian
-CVE-2008-2357
+CVE-2008-2357 (Stack-based buffer overflow in the split_redraw function in split.c in ...)
 	{DSA-1587-1}
 	- mtr 0.73-1
-CVE-2008-2356
+CVE-2008-2356 (SQL injection vulnerability in index.php in Archangel Weblog 0.90.02 a ...)
 	NOT-FOR-US: Archangel Weblog
-CVE-2008-2355
+CVE-2008-2355 (Directory traversal vulnerability in index.php in WR-Meeting 1.0, when ...)
 	NOT-FOR-US: WR-Meeting
-CVE-2008-2354
+CVE-2008-2354 (Unspecified vulnerability in the data export function in testMaker bef ...)
 	NOT-FOR-US: testMaker
-CVE-2008-2353
+CVE-2008-2353 (Directory traversal vulnerability in admin.php in GNU/Gallery 1.1.1.0  ...)
 	NOT-FOR-US: GNU/Gallery
-CVE-2008-2352
+CVE-2008-2352 (Directory traversal vulnerability in index.php in Smeego 1.0, when mag ...)
 	NOT-FOR-US: Smeego
-CVE-2008-2351
+CVE-2008-2351 (Multiple SQL injection vulnerabilities in index.php in CMS WebManager- ...)
 	NOT-FOR-US: WebManager-Pro
-CVE-2008-2350
+CVE-2008-2350 (Directory traversal vulnerability in highlight.php in bcoos 1.0.9 thro ...)
 	NOT-FOR-US: bcoos
-CVE-2008-2349
+CVE-2008-2349 (Zomplog 3.8.2 and earlier allows remote attackers to gain administrati ...)
 	NOT-FOR-US: Zomplog
-CVE-2008-2348
+CVE-2008-2348 (MeltingIce File System 1.0 allows remote attackers to bypass applicati ...)
 	NOT-FOR-US: MeltingIce File System
-CVE-2008-2347
+CVE-2008-2347 (MyPicGallery 1.0 allows remote attackers to bypass application authent ...)
 	NOT-FOR-US: MyPicGallery
-CVE-2008-2346
+CVE-2008-2346 (AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass auth ...)
 	NOT-FOR-US: AlkalinePHP
-CVE-2008-2345
+CVE-2008-2345 (Unspecified vulnerability in the air_filemanager 0.6.0 and earlier ext ...)
 	NOT-FOR-US: air_filemanager extension for typo3
-CVE-2008-2344
+CVE-2008-2344 (Cross-site scripting (XSS) vulnerability in the air_filemanager 0.6.0  ...)
 	NOT-FOR-US: air_filemanager extension for typo3
-CVE-2008-2343
+CVE-2008-2343 (News Manager 2.0 allows remote attackers to bypass restrictions and ob ...)
 	NOT-FOR-US: News Manager
-CVE-2008-2342
+CVE-2008-2342 (Directory traversal vulnerability in attachments.php in News Manager 2 ...)
 	NOT-FOR-US: News Manager
-CVE-2008-2341
+CVE-2008-2341 (PHP remote file inclusion vulnerability in ch_readalso.php in News Man ...)
 	NOT-FOR-US: News Manager
-CVE-2008-2340
+CVE-2008-2340 (Multiple SQL injection vulnerabilities in News Manager 2.0 allow remot ...)
 	NOT-FOR-US: News Manager
-CVE-2008-2339
+CVE-2008-2339 (SQL injection vulnerability in index.php in Turnkey Web Tools SunShop  ...)
 	NOT-FOR-US: Turnkey Web Tools SunShop Shopping Cart
-CVE-2008-2338
+CVE-2008-2338 (Interspire ActiveKB 1.5 and earlier allows remote attackers to gain pr ...)
 	NOT-FOR-US: Interspire ActiveKB
-CVE-2008-2337
+CVE-2008-2337 (Multiple SQL injection vulnerabilities in IMGallery 2.5, when magic_qu ...)
 	NOT-FOR-US: IMGallery
-CVE-2008-2336
+CVE-2008-2336 (SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 al ...)
 	NOT-FOR-US: 68 Classifieds
-CVE-2008-2335
+CVE-2008-2335 (Cross-site scripting (XSS) vulnerability in search_results.php in Vast ...)
 	NOT-FOR-US: Vastal I-Tech phpVID
-CVE-2008-2334
+CVE-2008-2334 (Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow r ...)
 	NOT-FOR-US: W1L3D4 Philboard
-CVE-2008-2333
+CVE-2008-2333 (Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda ...)
 	NOT-FOR-US: Barracuda
-CVE-2008-2332
+CVE-2008-2332 (ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows conte ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2331
+CVE-2008-2331 (Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2330
+CVE-2008-2330 (slapconfig in Directory Services in Apple Mac OS X 10.5 through 10.5.4 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2329
+CVE-2008-2329 (Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active  ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2008-2328
 	RESERVED
-CVE-2008-2327
+CVE-2008-2327 (Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat,  ...)
 	{DSA-1632-1 DTSA-160-1}
 	- tiff 3.8.2-11 (medium)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2008-2326
+CVE-2008-2326 (mDNSResponder in the Bonjour Namespace Provider in Apple Bonjour for W ...)
 	NOT-FOR-US: Apple Bonjour for Windows
-CVE-2008-2325
+CVE-2008-2325 (QuickLook in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2324
+CVE-2008-2324 (The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2323
+CVE-2008-2323 (Unspecified vulnerability in Data Detectors Engine in Apple Mac OS X 1 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2322
+CVE-2008-2322 (Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, an ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2321
+CVE-2008-2321 (Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 an ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2320
+CVE-2008-2320 (Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 an ...)
 	NOT-FOR-US: Apple Mac OS X
 	NOTE: the original apple advisory (HT3613) is completely different from the current CVE
 	NOTE: description. it claims that this is a webkit issue, which is completely wrong
 CVE-2008-2319
 	RESERVED
-CVE-2008-2318
+CVE-2008-2318 (The WOHyperlink implementation in WebObjects in Apple Xcode tools befo ...)
 	NOT-FOR-US: Apple Xcode
-CVE-2008-2317
+CVE-2008-2317 (WebCore in Apple Safari does not properly perform garbage collection o ...)
 	NOT-FOR-US: Safari
-CVE-2008-2316
+CVE-2008-2316 (Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5 ...)
 	{DSA-1977-1 DTSA-157-1}
 	- python2.5 2.5.2-11 (low; bug #493797)
 	- python2.4 <not-affected> (hashlib module introduced in python2.5)
-CVE-2008-2315
+CVE-2008-2315 (Multiple integer overflows in Python 2.5.2 and earlier allow context-d ...)
 	{DSA-1667-1 DTSA-157-1}
 	- python2.5 2.5.2-10
 	[etch] - python2.5 <no-dsa> (Minor issue, not the default Python runtime)
 	- python2.4 2.4.5-5
-CVE-2008-2314
+CVE-2008-2314 (Dock in Apple Mac OS X 10.5 before 10.5.4, when Expos&#233; hot corner ...)
 	NOT-FOR-US: Mac OS X
-CVE-2008-2313
+CVE-2008-2313 (Apple Mac OS X before 10.5 uses weak permissions for the User Template ...)
 	NOT-FOR-US: Mac OS X
-CVE-2008-2312
+CVE-2008-2312 (Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-2311
+CVE-2008-2311 (Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is ...)
 	NOT-FOR-US: Mac OS X
-CVE-2008-2310
+CVE-2008-2310 (Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 1 ...)
 	- binutils 2.18.1~cvs20080103-1 (low)
 	[etch] - binutils <no-dsa> (Minor issue)
-CVE-2008-2309
+CVE-2008-2309 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X befo ...)
 	NOT-FOR-US: CoreTypes in Apple Mac OS X
-CVE-2008-2308
+CVE-2008-2308 (Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 an ...)
 	NOT-FOR-US: Alias Manager in Apple Mac OS X
-CVE-2008-2307
+CVE-2008-2307 (Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as d ...)
 	- webkit 1.0.1-1
 	- qt4-x11 4:4.6.2-4
 	[lenny] - qt4-x11 <no-dsa> (Minor impact, no apps in Lenny which use qtwebkit )
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/34204
-CVE-2008-2306
+CVE-2008-2306 (Apple Safari before 3.1.2 on Windows does not properly interpret the U ...)
 	NOT-FOR-US: Windows issue
-CVE-2008-2305
+CVE-2008-2305 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac O ...)
 	NOT-FOR-US: Apple Type Services (ATS)
-CVE-2008-2304
+CVE-2008-2304 (Buffer overflow in Apple Core Image Fun House 2.0 and earlier in CoreI ...)
 	NOT-FOR-US: Apple Core Image Fun House
-CVE-2008-2303
+CVE-2008-2303 (Integer signedness error in Safari on Apple iPhone before 2.0 and iPod ...)
 	NOT-FOR-US: Safari
-CVE-2008-2301
+CVE-2008-2301 (SQL injection vulnerability in Kostenloses Linkmanagementscript allows ...)
 	NOT-FOR-US: Kostenloses Linkmanagementscript
-CVE-2008-2300
+CVE-2008-2300 (Unspecified vulnerability in Citrix Presentation Server 4.5 and earlie ...)
 	NOT-FOR-US: Citrix Software
-CVE-2008-2299
+CVE-2008-2299 (Unspecified vulnerability in SecureICA and ICA Basic encryption of Cit ...)
 	NOT-FOR-US: Citrix Software
-CVE-2008-2298
+CVE-2008-2298 (Admin.php in Web Slider 0.6 allows remote attackers to bypass authenti ...)
 	NOT-FOR-US: Web Slider
-CVE-2008-2297
+CVE-2008-2297 (The admin.php file in Rantx allows remote attackers to bypass authenti ...)
 	NOT-FOR-US: Rantx
-CVE-2008-2296
+CVE-2008-2296 (PHP remote file inclusion vulnerability in include/bbs.lib.inc.php in  ...)
 	NOT-FOR-US: Rgboard
-CVE-2008-2295
+CVE-2008-2295 (Cross-site scripting (XSS) vulnerability in rg_search.php in Rgboard 3 ...)
 	NOT-FOR-US: Rgboard
-CVE-2008-2294
+CVE-2008-2294 (Pet Grooming Management System 2.0 allows remote attackers to gain pri ...)
 	NOT-FOR-US: Pet Grooming Management System
-CVE-2008-2293
+CVE-2008-2293 (admin.php in Multi-Page Comment System (MPCS) 1.0 and 1.1 allows remot ...)
 	NOT-FOR-US: Multi-Page Comment System
-CVE-2008-2292
+CVE-2008-2292 (Buffer overflow in the __snprint_value function in snmp_get in Net-SNM ...)
 	{DSA-1663-1 DTSA-134-1}
 	- net-snmp 5.4.1~dfsg-8 (medium; bug #482333)
-CVE-2008-2291
+CVE-2008-2291 (axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x b ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-2290
+CVE-2008-2290 (Unspecified vulnerability in the Agent user interface in Symantec Alti ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-2289
+CVE-2008-2289 (Unspecified vulnerability in a tooltip element in Symantec Altiris Dep ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-2288
+CVE-2008-2288 (Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 ha ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-2287
+CVE-2008-2287 (Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 do ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-2286
+CVE-2008-2286 (SQL injection vulnerability in axengine.exe in Symantec Altiris Deploy ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2008-2285
+CVE-2008-2285 (The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not ...)
 	{DSA-1576-1}
 	- openssh 1:4.7p1-10
-CVE-2008-2284
+CVE-2008-2284 (PHP remote file inclusion vulnerability in fusebox5.php in Fusebox 5.5 ...)
 	NOT-FOR-US: Fusebox
-CVE-2008-2283
+CVE-2008-2283 (IDAutomation allows remote attackers to overwrite arbitrary files via  ...)
 	NOT-FOR-US: IDAutomation
-CVE-2008-2282
+CVE-2008-2282 (admin.php in Internet Photoshow and Internet Photoshow Special Edition ...)
 	NOT-FOR-US: Internet Photoshow
-CVE-2008-2281
+CVE-2008-2281 (Cross-zone scripting vulnerability in the Print Table of Links feature ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2008-2280
+CVE-2008-2280 (Cross-site scripting (XSS) vulnerability in admin/index.php in Script  ...)
 	NOT-FOR-US: PHP PicEngine
-CVE-2008-2279
+CVE-2008-2279 (Freelance Auction Script 1.0 stores user passwords in plaintext in the ...)
 	NOT-FOR-US: Freelance Auction Script
-CVE-2008-2278
+CVE-2008-2278 (SQL injection vulnerability in browseproject.php in Freelance Auction  ...)
 	NOT-FOR-US: Freelance Auction Script
-CVE-2008-2277
+CVE-2008-2277 (SQL injection vulnerability in detail.php in Feedback and Rating Scrip ...)
 	NOT-FOR-US: Feedback and Rating Script
-CVE-2008-2275
+CVE-2008-2275 (Unspecified vulnerability in sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to ...)
 	NOT-FOR-US: sr_feuser_register extension for TYPO3
-CVE-2008-2274
+CVE-2008-2274 (Cross-site scripting (XSS) vulnerability in the sr_feuser_register 1.4 ...)
 	NOT-FOR-US: sr_feuser_register extension for TYPO3
-CVE-2008-2273
+CVE-2008-2273 (Unspecified vulnerability in the TACACS authentication component in Ar ...)
 	NOT-FOR-US: TACACS authentication component in Aruba Mobility Controller
-CVE-2008-2272
+CVE-2008-2272 (Multiple cross-site scripting (XSS) vulnerabilities in the web interfa ...)
 	NOT-FOR-US: Aruba Mobility Controller
-CVE-2008-2271
+CVE-2008-2271 (The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before ...)
 	NOT-FOR-US: Site Documentation Drupal module
-CVE-2008-2270
+CVE-2008-2270 (Multiple PHP remote file inclusion vulnerabilities in PHPWAY Kostenlos ...)
 	NOT-FOR-US: PHPWAY Linkmanagementscript
-CVE-2008-2269
+CVE-2008-2269 (AustinSmoke GasTracker (AS-GasTracker) 1.0.0 allows remote attackers t ...)
 	NOT-FOR-US: GasTracker
-CVE-2008-2268
+CVE-2008-2268 (Open redirect vulnerability in interface/redirect.htm.php in Mjguest 6 ...)
 	NOT-FOR-US: Mjguest
-CVE-2008-2267
+CVE-2008-2267 (Incomplete blacklist vulnerability in javaUpload.php in Postlet in the ...)
 	NOT-FOR-US: Postlet
-CVE-2008-2265
+CVE-2008-2265 (SQL injection vulnerability in news.php in EMO Realty Manager allows r ...)
 	NOT-FOR-US: EMO Realty Manager
-CVE-2008-2264
+CVE-2008-2264 (Cross-site scripting (XSS) vulnerability in index.php in CyrixMED 1.4  ...)
 	NOT-FOR-US: CyrixMED
-CVE-2008-2263
+CVE-2008-2263 (SQL injection vulnerability in linking.page.php in Automated Link Exch ...)
 	NOT-FOR-US: Automated Link Exchange Portal
 CVE-2008-2262
 	REJECTED
@@ -11867,246 +11867,246 @@ CVE-2008-2261
 	REJECTED
 CVE-2008-2260
 	REJECTED
-CVE-2008-2259
+CVE-2008-2259 (Microsoft Internet Explorer 6 and 7 does not perform proper "argument  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2258
+CVE-2008-2258 (Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2257
+CVE-2008-2257 (Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2256
+CVE-2008-2256 (Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle ob ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2255
+CVE-2008-2255 (Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2254
+CVE-2008-2254 (Microsoft Internet Explorer 6 and 7 accesses uninitialized memory, whi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2253
+CVE-2008-2253 (Unspecified vulnerability in Microsoft Windows Media Player 11 allows  ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2008-2252
+CVE-2008-2252 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-2251
+CVE-2008-2251 (Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-2250
+CVE-2008-2250 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-2249
+CVE-2008-2249 (Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-2248
+CVE-2008-2248 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) f ...)
 	NOT-FOR-US: Exchange Server
-CVE-2008-2247
+CVE-2008-2247 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) f ...)
 	NOT-FOR-US: Exchange Server
-CVE-2008-2246
+CVE-2008-2246 (Microsoft Windows Vista through SP1 and Server 2008 do not properly im ...)
 	NOT-FOR-US: Microsoft Windows Vista
-CVE-2008-2245
+CVE-2008-2245 (Heap-based buffer overflow in the InternalOpenColorProfile function in ...)
 	NOT-FOR-US: Microsoft Windows Image Color Management System (MSCMS)
-CVE-2008-2244
+CVE-2008-2244 (Microsoft Office Word 2002 SP3 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Office Word
 CVE-2008-2243
 	REJECTED
-CVE-2008-2242
+CVE-2008-2242 (Multiple buffer overflows in xdr functions in the server in CA BrightS ...)
 	NOT-FOR-US: CA BrightStor ARCServe Backup
-CVE-2008-2241
+CVE-2008-2241 (Directory traversal vulnerability in caloggerd in CA BrightStor ARCSer ...)
 	NOT-FOR-US: CA BrightStor ARCServe Backup
-CVE-2008-2240
+CVE-2008-2240 (Stack-based buffer overflow in the Web Server service in IBM Lotus Dom ...)
 	NOT-FOR-US: IBM Lotus Domino
 CVE-2008-2239
 	RESERVED
-CVE-2008-2238
+CVE-2008-2238 (Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 al ...)
 	{DSA-1661-1}
 	- openoffice.org 1:2.4.1-12
-CVE-2008-2237
+CVE-2008-2237 (Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 al ...)
 	{DSA-1661-1}
 	- openoffice.org 1:2.4.1-12
-CVE-2008-2236
+CVE-2008-2236 (Cross-site scripting (XSS) vulnerability in blosxom.cgi in Blosxom bef ...)
 	- blosxom 2.1.2-1 (low; bug #500873)
 	[etch] - blosxom 2.0-14+etch1 (low; bug #500873)
-CVE-2008-2235
+CVE-2008-2235 (OpenSC before 0.11.5 uses weak permissions (ADMIN file control informa ...)
 	{DSA-1627-2}
 	- opensc 0.11.4-4
 	NOTE: https://web.archive.org/web/20081222095654/http://www.opensc-project.org/security.html
-CVE-2008-2234
+CVE-2008-2234 (Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote at ...)
 	- openwsman <itp> (bug #754501)
-CVE-2008-2233
+CVE-2008-2233 (The client in Openwsman 1.2.0 and 2.0.0, in unknown configurations, al ...)
 	- openwsman <itp> (bug #754501)
-CVE-2008-2232
+CVE-2008-2232 (The expand_template function in afuse.c in afuse 0.2 allows local user ...)
 	{DSA-1611-1 DTSA-149-1}
 	- afuse 0.2-3 (bug #490921; medium)
-CVE-2008-2231
+CVE-2008-2231 (SQL injection vulnerability in Slashdot Like Automated Storytelling Ho ...)
 	{DSA-1633-1}
 	- slash <removed> (medium; bug #484499)
 	NOTE: See CVE-2008-2553
 	NOTE: maintainer wants to remove package from unstable and move to experimental
-CVE-2008-2230
+CVE-2008-2230 (Untrusted search path vulnerability in (1) reportbug 3.8 and 3.31, and ...)
 	- reportbug 3.41 (low; bug #484311)
 	- reportbug-ng 0.2008.03.28 (low; bug #484474)
 	[etch] - reportbug <no-dsa> (Unlikely attack scenario)
 CVE-2008-2229
 	RESERVED
-CVE-2008-2228
+CVE-2008-2228 (PHP remote file inclusion vulnerability in portfolio/commentaires/dern ...)
 	NOT-FOR-US: Cyberfolio
-CVE-2008-2227
+CVE-2008-2227 (Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank  ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-2226
+CVE-2008-2226 (Unspecified vulnerability in the export feature in OpenKM before 2.0 a ...)
 	NOT-FOR-US: OpenKM
-CVE-2008-2225
+CVE-2008-2225 (SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows re ...)
 	NOT-FOR-US: gameCMS
-CVE-2008-2224
+CVE-2008-2224 (Multiple PHP remote file inclusion vulnerabilities in SazCart 1.5.1, w ...)
 	NOT-FOR-US: SazCart
-CVE-2008-2223
+CVE-2008-2223 (SQL injection vulnerability in group_posts.php in vShare YouTube Clone ...)
 	NOT-FOR-US: vShare YouTube Clone
-CVE-2008-2222
+CVE-2008-2222 (SQL injection vulnerability in login.php in EQdkp 1.3.2f allows remote ...)
 	NOT-FOR-US: EQdkp
-CVE-2008-2221
+CVE-2008-2221 (Unspecified vulnerability in the Java plugin in IBM WebSphere Applicat ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-2220
+CVE-2008-2220 (Multiple PHP remote file inclusion vulnerabilities in Interact Learnin ...)
 	NOT-FOR-US: Interact Learning Community Environment
-CVE-2008-2219
+CVE-2008-2219 (Cross-site scripting (XSS) vulnerability in install.php in C-News.fr C ...)
 	NOT-FOR-US: C-News.fr
-CVE-2008-2218
+CVE-2008-2218 (Buffer overflow in the Multimedia PC Client in Nortel Multimedia Commu ...)
 	NOT-FOR-US: Nortel Multimedia
-CVE-2008-2217
+CVE-2008-2217 (Directory traversal vulnerability in cm/graphie.php in Content Managem ...)
 	NOT-FOR-US: CMS Phprojekt
-CVE-2008-2216
+CVE-2008-2216 (Unrestricted file upload vulnerability in src/yopy_upload.php in Proje ...)
 	NOT-FOR-US: PBCS
-CVE-2008-2215
+CVE-2008-2215 (Multiple directory traversal vulnerabilities in Project-Based Calendar ...)
 	NOT-FOR-US: PBCS
-CVE-2008-2214
+CVE-2008-2214 (Stack-based buffer overflow in the Network Manager in Castle Rock Comp ...)
 	NOT-FOR-US: Castle Rock Computing SNMPc
-CVE-2008-2213
+CVE-2008-2213 (Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/foote ...)
 	NOT-FOR-US: Maian Links
-CVE-2008-2212
+CVE-2008-2212 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Cart 1.1  ...)
 	NOT-FOR-US: Maian Cart
-CVE-2008-2211
+CVE-2008-2211 (Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/foote ...)
 	NOT-FOR-US: Maian Guestbook
-CVE-2008-2210
+CVE-2008-2210 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Support 1 ...)
 	NOT-FOR-US: Maian Support
-CVE-2008-2209
+CVE-2008-2209 (Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/heade ...)
 	NOT-FOR-US: Maian Greeting
-CVE-2008-2208
+CVE-2008-2208 (SQL injection vulnerability in index.php in Maian Greeting 2.1 allows  ...)
 	NOT-FOR-US: Maian Greeting
-CVE-2008-2207
+CVE-2008-2207 (Cross-site scripting (XSS) vulnerability in admin/index.php in Maian G ...)
 	NOT-FOR-US: Maian Gallery
-CVE-2008-2206
+CVE-2008-2206 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Music 1.1 ...)
 	NOT-FOR-US: Maian Music
-CVE-2008-2205
+CVE-2008-2205 (SQL injection vulnerability in index.php in Maian Music 1.1 allows rem ...)
 	NOT-FOR-US: Maian Music
-CVE-2008-2204
+CVE-2008-2204 (Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/heade ...)
 	NOT-FOR-US: Maian Search
-CVE-2008-2203
+CVE-2008-2203 (SQL injection vulnerability in search.php in Maian Search 1.1 allows r ...)
 	NOT-FOR-US: Maian Search
-CVE-2008-2202
+CVE-2008-2202 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader  ...)
 	NOT-FOR-US: Maian Uploader
-CVE-2008-2201
+CVE-2008-2201 (Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/heade ...)
 	NOT-FOR-US: Maian Recipe
-CVE-2008-2200
+CVE-2008-2200 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Weblog 4. ...)
 	NOT-FOR-US: Maian Weblog
-CVE-2008-2199
+CVE-2008-2199 (PHP remote file inclusion vulnerability in kmitaadmin/kmitam/htmlcode. ...)
 	NOT-FOR-US: Kmita Mail
-CVE-2008-2198
+CVE-2008-2198 (PHP remote file inclusion vulnerability in kmitaadmin/kmitat/htmlcode. ...)
 	NOT-FOR-US: Kmita Tellfriend
-CVE-2008-2197
+CVE-2008-2197 (SQL injection vulnerability in the blogwriter module 2.0 for Miniweb a ...)
 	NOT-FOR-US: Miniweb
-CVE-2008-2196
+CVE-2008-2196 (Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2. ...)
 	NOT-FOR-US: LifeType
-CVE-2008-2195
+CVE-2008-2195 (Static code injection vulnerability in admincp.php in DeluxeBB 1.2 and ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2008-2194
+CVE-2008-2194 (SQL injection vulnerability in forums.php in DeluxeBB 1.2 and earlier  ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2008-2193
+CVE-2008-2193 (PHP remote file inclusion vulnerability in example.php in Thomas Gossm ...)
 	NOT-FOR-US: ScorpNews
-CVE-2008-2192
+CVE-2008-2192 (Static code injection vulnerability in box/minichat/boxpop.php in IT!C ...)
 	NOT-FOR-US: itcms
-CVE-2008-2191
+CVE-2008-2191 (SQL injection vulnerability in the pnEncyclopedia module 0.2.0 and ear ...)
 	NOT-FOR-US: pnEncyclopedia
-CVE-2008-2190
+CVE-2008-2190 (SQL injection vulnerability in index.php in Online Rent (aka Online Re ...)
 	NOT-FOR-US: Online Rental Property Script
-CVE-2008-2189
+CVE-2008-2189 (SQL injection vulnerability in viewfaqs.php in AnServ Auction XL allow ...)
 	NOT-FOR-US: Online AnServ Auction XL
-CVE-2008-2188
+CVE-2008-2188 (Multiple cross-site scripting (XSS) vulnerabilities in EJ3 BlackBook 1 ...)
 	NOT-FOR-US: EJ3 BlackBook
-CVE-2008-2187
+CVE-2008-2187 (Cross-site scripting (XSS) vulnerability in mjguest.php in Mjguest 6.7 ...)
 	NOT-FOR-US: Mjguest
-CVE-2008-2186
+CVE-2008-2186 (Cross-site scripting (XSS) vulnerability in index.php in Chilek Conten ...)
 	NOT-FOR-US: Chilek CMS
-CVE-2008-2185
+CVE-2008-2185 (Directory traversal vulnerability in index.php in SMartBlog (aka SMBlo ...)
 	NOT-FOR-US: SMartBlog (SMBlog)
-CVE-2008-2184
+CVE-2008-2184 (Multiple SQL injection vulnerabilities in SMartBlog (aka SMBlog) 1.3 a ...)
 	NOT-FOR-US: SMartBlog (SMBlog)
-CVE-2008-2183
+CVE-2008-2183 (SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 ...)
 	NOT-FOR-US: SMartBlog (SMBlog)
-CVE-2008-2182
+CVE-2008-2182 (Cross-site scripting (XSS) vulnerability in the powermail extension be ...)
 	NOT-FOR-US: powermail extension for TYPO3
-CVE-2008-2181
+CVE-2008-2181 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in c ...)
 	NOT-FOR-US: cpLinks
-CVE-2008-2180
+CVE-2008-2180 (Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quo ...)
 	NOT-FOR-US: cpLinks
-CVE-2008-2179
+CVE-2008-2179 (Cross-site scripting (XSS) vulnerability in SystemList.jsp in SysAid 5 ...)
 	NOT-FOR-US: SysAid
-CVE-2008-2178
+CVE-2008-2178 (Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2. ...)
 	NOT-FOR-US: LifeType
-CVE-2008-2177
+CVE-2008-2177 (Multiple SQL injection vulnerabilities in phpDirectorySource 1.1.06, w ...)
 	NOT-FOR-US: phpDirectorySource
-CVE-2008-2176
+CVE-2008-2176 (Cross-site scripting (XSS) vulnerability in admin/category.php in Zomp ...)
 	NOT-FOR-US: Zomplog
-CVE-2008-2175
+CVE-2008-2175 (SQL injection vulnerability in comments.php in Gamma Scripts BlogMe PH ...)
 	NOT-FOR-US: Gamma Scripts BlogMe PHP
-CVE-2008-2174
+CVE-2008-2174 (Multiple unspecified vulnerabilities in Robin Rawson-Tetley Animal She ...)
 	NOT-FOR-US: Animal Shelter Manager
-CVE-2008-2173
+CVE-2008-2173 (Unspecified vulnerability in Yamaha routers allows remote attackers to ...)
 	NOT-FOR-US: Yamaha routers
-CVE-2008-2172
+CVE-2008-2172 (Unspecified vulnerability in Hitachi GR routers allows remote attacker ...)
 	NOT-FOR-US: Hitachi GR routers
-CVE-2008-2171
+CVE-2008-2171 (Unspecified vulnerability in AlaxalA AX routers allows remote attacker ...)
 	NOT-FOR-US: AlaxalA AX routers
-CVE-2008-2170
+CVE-2008-2170 (Unspecified vulnerability in Century routers allows remote attackers t ...)
 	NOT-FOR-US: Century routers
-CVE-2008-2169
+CVE-2008-2169 (Unspecified vulnerability in Avici routers allows remote attackers to  ...)
 	NOT-FOR-US: Avici routers
-CVE-2008-2168
+CVE-2008-2168 (Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier a ...)
 	- apache2 2.2.8-1 (low)
 	[etch] - apache2 2.2.3-4+etch4 (low)
 	NOTE: This is really a browser issue. Recent apache versions add a workaround.
-CVE-2008-2167
+CVE-2008-2167 (Cross-site scripting (XSS) vulnerability in ZyXEL ZyWALL 100 allows re ...)
 	NOT-FOR-US: ZyXEL ZyWALL
-CVE-2008-2166
+CVE-2008-2166 (Cross-site scripting (XSS) vulnerability in the search module in Sun J ...)
 	NOT-FOR-US: Sun Java System
-CVE-2008-2165
+CVE-2008-2165 (Cross-site scripting (XSS) vulnerability in AccessCodeStart.asp in Cis ...)
 	NOT-FOR-US: Cisco Building Broadband Service Manager (BBSM) Captive Portal
 CVE-2008-2164
 	RESERVED
-CVE-2008-2163
+CVE-2008-2163 (Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 befor ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2008-2276
+CVE-2008-2276 (Cross-site request forgery (CSRF) vulnerability in manage_user_create. ...)
 	- mantis 1.0.8-4.1 (bug #481504)
-CVE-2008-2266
+CVE-2008-2266 (uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and ...)
 	- uudeview 0.5.20-3.1 (low; bug #480972)
 	[etch] - uudeview <no-dsa> (Minor issue)
 	- libconvert-uulib-perl <not-affected> (Code patched by libconver-uulib upstream to use mkstemp)
 	- pan <not-affected> (Code patched to use g_mkstemp)
 	NOTE: See CVE-2004-2265, where the problem occured as well
-CVE-2008-2302
+CVE-2008-2302 (Cross-site scripting (XSS) vulnerability in the login form in the admi ...)
 	- python-django 0.96.2-1 (bug #481164; low)
 	[etch] - python-django 0.95.1-1etch1
 	NOTE: Minor issue fixed in 4.0r4 point release
-CVE-2008-2162
+CVE-2008-2162 (Cross-site scripting (XSS) vulnerability in SonicWall Email Security 6 ...)
 	NOT-FOR-US: SonicWall Email Security
-CVE-2008-2161
+CVE-2008-2161 (Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly ...)
 	NOT-FOR-US: TFTP Server SP 1.4 and 1.5 on Windows
-CVE-2008-2160
+CVE-2008-2160 (Multiple unspecified vulnerabilities in the JPEG (GDI+) and GIF image  ...)
 	NOT-FOR-US: Microsoft Windows CE 5.0
-CVE-2008-2159
+CVE-2008-2159 (Microsoft Internet Explorer 7 can save encrypted pages in the cache ev ...)
 	NOT-FOR-US: Microsoft Internet Explorer 7
-CVE-2008-2158
+CVE-2008-2158 (Multiple stack-based buffer overflows in the Command Line Interface pr ...)
 	NOT-FOR-US: AlphaStor
-CVE-2008-2157
+CVE-2008-2157 (robotd in the Library Manager in EMC AlphaStor 3.1 SP1 for Windows all ...)
 	NOT-FOR-US: AlphaStor
 CVE-2008-2156
 	RESERVED
 CVE-2008-2155
 	RESERVED
-CVE-2008-2154
+CVE-2008-2154 (IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 provides an  ...)
 	NOT-FOR-US: IBM DB2
 CVE-2008-2153
 	RESERVED
-CVE-2008-2152
+CVE-2008-2152 (Integer overflow in the rtl_allocateMemory function in sal/rtl/source/ ...)
 	- openoffice.org <not-affected> (openoffice in Debian does not use the custom allocations but g/malloc)
 	NOTE: see ooo-build/distro-configs/CommonLinux.conf.in, openoffice builds on Debian using
 	NOTE: --with-alloc=system which causes the build scripts to use the system allocators instead of the
@@ -12115,87 +12115,87 @@ CVE-2008-2151
 	RESERVED
 CVE-2008-2150
 	RESERVED
-CVE-2008-2149
+CVE-2008-2149 (Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2 ...)
 	{DSA-1634-1}
 	- wordnet 1:3.0-10 (bug #481186)
 	NOTE: wordnet can be used as a backend to web applications
-CVE-2008-2148
+CVE-2008-2148 (The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and o ...)
 	- linux-2.6 2.6.25-3 (bug #481195)
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
 	- linux-2.6.24 2.6.24-6~etchnhalf.3
 	NOTE: utimensat() was introduced in 2.6.22 and sched_slice() in 2.6.24
-CVE-2008-2145
+CVE-2008-2145 (Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allo ...)
 	NOT-FOR-US: Novell Client 4.91 SP4
-CVE-2008-2144
+CVE-2008-2144 (Multiple unspecified vulnerabilities in Solaris print service for Sun  ...)
 	NOT-FOR-US: Solaris print service
-CVE-2008-2143
+CVE-2008-2143 (Unspecified versions of Microsoft Outlook Web Access (OWA) use the Cac ...)
 	NOT-FOR-US: Microsoft Outlook Web Access (OWA)
 CVE-2008-2141
 	RESERVED
-CVE-2008-2140
+CVE-2008-2140 (Cross-site request forgery (CSRF) vulnerability in the rootpw plugin i ...)
 	NOT-FOR-US: rpath Appliance Platform Agent
-CVE-2008-2139
+CVE-2008-2139 (The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not r ...)
 	NOT-FOR-US: rpath Appliance Platform Agent
-CVE-2008-2138
+CVE-2008-2138 (Oracle Application Server (OracleAS) Portal 10g allows remote attacker ...)
 	NOT-FOR-US: Oracle Application Server (OracleAS) Portal 10g
-CVE-2008-2137
+CVE-2008-2137 (The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and ...)
 	{DSA-1588-1}
 	- linux-2.6 2.6.25-3
 	- linux-2.6.24 2.6.24-6~etchnhalf.3
 	NOTE: Upstream commit: 5816339310b2d9623cf413d33e538b45e815da5d, part of 2.6.25.3
-CVE-2008-2136
+CVE-2008-2136 (Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux k ...)
 	{DSA-1588-1}
 	- linux-2.6 2.6.25-3
 	- linux-2.6.24 2.6.24-6~etchnhalf.3
 	NOTE: Upstream commit: 36ca34cc3b8335eb1fe8bd9a1d0a2592980c3f02, part of 2.6.25.3
-CVE-2008-2135
+CVE-2008-2135 (Multiple SQL injection vulnerabilities in VisualShapers ezContents 2.0 ...)
 	NOT-FOR-US: VisualShapers ezContents
-CVE-2008-2134
+CVE-2008-2134 (The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to  ...)
 	NOT-FOR-US: Tru-Zone Nuke ET
-CVE-2008-2133
+CVE-2008-2133 (Cross-site scripting (XSS) vulnerability in the Journal module in Tru- ...)
 	NOT-FOR-US: Tru-Zone Nuke ET
-CVE-2008-2132
+CVE-2008-2132 (SQL injection vulnerability in step1.asp in Systementor PostcardMentor ...)
 	NOT-FOR-US: Systementor PostcardMentor
-CVE-2008-2131
+CVE-2008-2131 (Cross-site scripting (XSS) vulnerability in mvnForum 1.1 GA allows rem ...)
 	NOT-FOR-US: mvnForum
-CVE-2008-2130
+CVE-2008-2130 (SQL injection vulnerability in poll_vote.php in iGaming CMS 1.5 allows ...)
 	NOT-FOR-US: iGaming
-CVE-2008-2129
+CVE-2008-2129 (SQL injection vulnerability in index.php in Galleristic 1.0, when magi ...)
 	NOT-FOR-US: Galleristic
-CVE-2008-2128
+CVE-2008-2128 (PHP remote file inclusion vulnerability in templates/header.php in CMS ...)
 	NOT-FOR-US: Faethon
-CVE-2008-2127
+CVE-2008-2127 (Cross-site scripting (XSS) vulnerability in search.php in CMS Faethon  ...)
 	NOT-FOR-US: Faethon
-CVE-2008-2126
+CVE-2008-2126 (Multiple cross-site scripting (XSS) vulnerabilities in Tux CMS 0.1 all ...)
 	NOT-FOR-US: Tux CMS
-CVE-2008-2125
+CVE-2008-2125 (SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2. ...)
 	NOT-FOR-US: Musicbox
-CVE-2008-2124
+CVE-2008-2124 (SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS al ...)
 	NOT-FOR-US: fipsASP
-CVE-2008-2123
+CVE-2008-2123 (Cross-site scripting (XSS) vulnerability in WGate in SAP Internet Tran ...)
 	NOT-FOR-US: WGate
-CVE-2008-2122
+CVE-2008-2122 (IBM Rational Build Forge 7.0.2 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: IBM Rational Build Forge
-CVE-2008-2121
+CVE-2008-2121 (The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attac ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-2120
+CVE-2008-2120 (Unspecified vulnerability in Sun Java System Application Server 7 2004 ...)
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2008-2119
+CVE-2008-2119 (Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Editio ...)
 	- asterisk 1.4
 	NOTE: http://downloads.digium.com/pub/security/AST-2008-008.html
-CVE-2008-2118
+CVE-2008-2118 (SQL injection vulnerability in info.php in Project Alumni 1.0.9 allows ...)
 	NOT-FOR-US: Project Alumni
-CVE-2008-2117
+CVE-2008-2117 (Cross-site scripting (XSS) vulnerability in pages/news.page.inc in Pro ...)
 	NOT-FOR-US: Project Alumni
-CVE-2008-2116
+CVE-2008-2116 (Multiple directory traversal vulnerabilities in editor.php in ScriptsE ...)
 	NOT-FOR-US: ScriptsEZ.net Power Editor
-CVE-2008-2115
+CVE-2008-2115 (Multiple cross-site scripting (XSS) vulnerabilities in editor.php in S ...)
 	NOT-FOR-US: ScriptsEZ.net Power Editor
-CVE-2008-2114
+CVE-2008-2114 (SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1 ...)
 	NOT-FOR-US: Pre Shopping Mall
-CVE-2008-2113
+CVE-2008-2113 (SQL injection vulnerability in annuaire.php in PHPEasyData 1.5.4 allow ...)
 	NOT-FOR-US: PHPEasyData
-CVE-2008-2142
+CVE-2008-2142 (Emacs 21 and XEmacs automatically load and execute .flc (fast lock) fi ...)
 	- emacs22 22.2+2-3 (low; bug #480885)
 	- xemacs21-packages 2009.02.17-1 (low; bug #480886)
 	[etch] - xemacs21-packages <no-dsa> (Minor issue)
@@ -12204,248 +12204,248 @@ CVE-2008-2142
 	[lenny] - xemacs21 <no-dsa> (Minor issue)
 	- emacs21 21.4a+1-5.5 (low; bug #480877)
 	[etch] - emacs21 <no-dsa> (Minor issue)
-CVE-2008-2147
+CVE-2008-2147 (Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allow ...)
 	{DSA-1819-1 DTSA-132-1}
 	- vlc 0.8.6.e-2.2 (low; bug #480724)
 	NOTE: https://trac.videolan.org/vlc/ticket/1578
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=c7cef4fdd8dd72ce0a45be3cda8ba98df5e83181
 CVE-2008-6339
 	REJECTED
-CVE-2008-2112
+CVE-2008-2112 (Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and r ...)
 	NOT-FOR-US: Sun Ray Kiosk Mode
-CVE-2008-2111
+CVE-2008-2111 (The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlie ...)
 	NOT-FOR-US: Yahoo Assistant
-CVE-2008-2110
+CVE-2008-2110 (Unrestricted file upload vulnerability in qtofm.php in QTOFileManager  ...)
 	NOT-FOR-US: QTOFileManager
-CVE-2008-2109
+CVE-2008-2109 (field.c in the libid3tag 0.15.0b library allows context-dependent atta ...)
 	- libid3tag 0.15.1b-8 (low; bug #480187)
 	[etch] - libid3tag <no-dsa> (Minor issue)
 	NOTE: totally different approach to fix the bug, see Kurts comments in the bug report
-CVE-2008-2108
+CVE-2008-2108 (The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5,  ...)
 	{DSA-1789-1}
 	- php5 5.2.2-1 (low)
 	NOTE: http://web.archive.org/web/20120118120046/http://www.sektioneins.de/advisories/SE-2008-02.txt
-CVE-2008-2107
+CVE-2008-2107 (The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5,  ...)
 	{DSA-1789-1}
 	- php5 5.2.2-1 (low)
 	NOTE: closely related to CVE-2008-2108
-CVE-2008-2106
+CVE-2008-2106 (Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated user ...)
 	NOT-FOR-US: Call of Duty
-CVE-2008-2105
+CVE-2008-2105 (email_in.pl in Bugzilla 2.23.4, 3.0.x before 3.0.4, and 3.1.x before 3 ...)
 	- bugzilla 3.0.4-1 (low)
 	[etch] - bugzilla <not-affected> (vulnerable code introduced in 2.23.4)
-CVE-2008-2104
+CVE-2008-2104 (The WebService in Bugzilla 3.1.3 allows remote authenticated users wit ...)
 	- bugzilla <not-affected> (regression introduced in 3.1.3 referring to upstream)
-CVE-2008-2103
+CVE-2008-2103 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.17.2 and later  ...)
 	- bugzilla 3.0.4-1 (low; bug #480190)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 CVE-2008-2102
 	RESERVED
-CVE-2008-2101
+CVE-2008-2101 (The VMware Consolidated Backup (VCB) command-line utilities in VMware  ...)
 	NOT-FOR-US: VMware ESX
-CVE-2008-2100
+CVE-2008-2100 (Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on ...)
 	- vmware-package <removed> (low; bug #485919)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
-CVE-2008-2099
+CVE-2008-2099 (Unspecified vulnerability in VMCI in VMware Workstation 6 before 6.0.4 ...)
 	- vmware-package <not-affected> (Windows issue according to CVE)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
-CVE-2008-2098
+CVE-2008-2098 (Heap-based buffer overflow in the VMware Host Guest File System (HGFS) ...)
 	- vmware-package <removed> (low; bug #484491)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
-CVE-2008-2097
+CVE-2008-2097 (Buffer overflow in the openwsman management service in VMware ESXi 3.5 ...)
 	NOT-FOR-US: Vmware ESX/i
-CVE-2008-2096
+CVE-2008-2096 (SQL injection vulnerability in BackLinkSpider allows remote attackers  ...)
 	NOT-FOR-US: BackLinkSpider
-CVE-2008-2095
+CVE-2008-2095 (SQL injection vulnerability in index.php in the FlippingBook (com_flip ...)
 	NOT-FOR-US: FlippingBook
-CVE-2008-2094
+CVE-2008-2094 (SQL injection vulnerability in article.php in the Article module for X ...)
 	NOT-FOR-US: XOOPS
-CVE-2008-2093
+CVE-2008-2093 (SQL injection vulnerability in the Profiler (com_comprofiler) componen ...)
 	NOT-FOR-US: JOOMLA extra component
-CVE-2008-2092
+CVE-2008-2092 (Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause  ...)
 	NOT-FOR-US: Linksys SPA-2102 Phone Adapter
-CVE-2008-2091
+CVE-2008-2091 (Directory traversal vulnerability in ipn.php in KubeLabs Kubelance 1.6 ...)
 	NOT-FOR-US: Kubelance
-CVE-2008-2090
+CVE-2008-2090 (Unspecified vulnerability in the SCTP protocol implementation in Sun S ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-2089
+CVE-2008-2089 (Unspecified vulnerability in the SCTP protocol implementation in Sun S ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-2088
+CVE-2008-2088 (SQL injection vulnerability in admin/news.php in PHP Forge 3.0 beta 2  ...)
 	NOT-FOR-US: PHP Forge
-CVE-2008-2087
+CVE-2008-2087 (SQL injection vulnerability in search_result.php in Softbiz Web Host D ...)
 	NOT-FOR-US: Softbiz Web Host Directory Script
-CVE-2008-2086
+CVE-2008-2086 (Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and ea ...)
 	- openjdk-6 <not-affected> (browser plugin is different code base)
 	- sun-java5 <removed>
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-10-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2008-2084
+CVE-2008-2084 (SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 ...)
 	NOT-FOR-US: MyArticles
-CVE-2008-2083
+CVE-2008-2083 (SQL injection vulnerability in directory.php in Prozilla Hosting Index ...)
 	NOT-FOR-US: Prozilla Hosting
-CVE-2008-2082
+CVE-2008-2082 (Cross-site scripting (XSS) vulnerability in index.php in Siteman 2.0.x ...)
 	NOT-FOR-US: Siteman
-CVE-2008-2081
+CVE-2008-2081 (Directory traversal vulnerability in index.php in Siteman 2.0.x2 allow ...)
 	NOT-FOR-US: Siteman
-CVE-2008-2080
+CVE-2008-2080 (Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfr ...)
 	NOT-FOR-US: NASA Goddard Space Flight Center Common Data Format (CDF) library
-CVE-2008-2079
+CVE-2008-2079 (MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, a ...)
 	{DSA-1608-1 DTSA-150-1}
 	- mysql-dfsg-5.0 5.0.51a-10 (low; bug #480292)
-CVE-2008-2078
+CVE-2008-2078 (Robocode before 1.6.0 allows user-assisted remote attackers to "access ...)
 	- robocode 1.6.0~beta2-1 (low)
-CVE-2008-2077
+CVE-2008-2077 (Unspecified vulnerability in Plain Black WebGUI 7.4.34 has unknown imp ...)
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2008-2076
+CVE-2008-2076 (Directory traversal vulnerability in admin.php in ActualScripts Actual ...)
 	NOT-FOR-US: ActualScripts
-CVE-2008-2075
+CVE-2008-2075 (Cross-site scripting (XSS) vulnerability in pic.php in AstroCam 2.5.0  ...)
 	NOT-FOR-US: AstroCam
-CVE-2008-2074
+CVE-2008-2074 (Multiple PHP remote file inclusion vulnerabilities Harris Yusuf Arifin ...)
 	NOT-FOR-US: Harris Yusuf Arifin Harris Wap Chat 1.0
-CVE-2008-2073
+CVE-2008-2073 (Directory traversal vulnerability in include/global.inc.php in Virtual ...)
 	NOT-FOR-US: vlbook
-CVE-2008-2072
+CVE-2008-2072 (Cross-site scripting (XSS) vulnerability in index.php in Virtual Desig ...)
 	NOT-FOR-US: vlbook
-CVE-2008-2071
+CVE-2008-2071 (Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM  ...)
 	NOT-FOR-US: cPanel
-CVE-2008-2070
+CVE-2008-2070 (The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 be ...)
 	NOT-FOR-US: cPanel
-CVE-2008-2069
+CVE-2008-2069 (Buffer overflow in Novell GroupWise 7 allows remote attackers to cause ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2008-2068
+CVE-2008-2068 (Cross-site scripting (XSS) vulnerability in WordPress 2.5 allows remot ...)
 	- wordpress 2.5.1-1
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
-CVE-2008-2067
+CVE-2008-2067 (SQL injection vulnerability in bb_admin.php in miniBB 2.2a allows remo ...)
 	NOT-FOR-US: miniBB
-CVE-2008-2066
+CVE-2008-2066 (Cross-site scripting (XSS) vulnerability in bb_admin.php in miniBB 2.2 ...)
 	NOT-FOR-US: miniBB
-CVE-2008-2065
+CVE-2008-2065 (SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site S ...)
 	NOT-FOR-US: YourFreeWorld
-CVE-2008-2064
+CVE-2008-2064 (Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have u ...)
 	{DSA-1580-1}
 	- phpgedview 4.1.e+4.1.5-1
-CVE-2008-2063
+CVE-2008-2063 (SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows ...)
 	NOT-FOR-US: Joovili
-CVE-2008-2062
+CVE-2008-2062 (The Real-Time Information Server (RIS) Data Collector service in Cisco ...)
 	NOT-FOR-US: Cisco Real-Time Information Server (RIS) Data Collector service
-CVE-2008-2061
+CVE-2008-2061 (The Computer Telephony Integration (CTI) Manager service in Cisco Unif ...)
 	NOT-FOR-US: Cisco Computer Telephony Integration (CTI) Manager service
-CVE-2008-2060
+CVE-2008-2060 (Unspecified vulnerability in Cisco Intrusion Prevention System (IPS) 5 ...)
 	NOT-FOR-US: Cisco
-CVE-2008-2059
+CVE-2008-2059 (Cisco Adaptive Security Appliance (ASA) and Cisco PIX security applian ...)
 	NOT-FOR-US: Cisco
-CVE-2008-2058
+CVE-2008-2058 (Cisco Adaptive Security Appliance (ASA) and Cisco PIX security applian ...)
 	NOT-FOR-US: Cisco
-CVE-2008-2057
+CVE-2008-2057 (The Instant Messenger (IM) inspection engine in Cisco Adaptive Securit ...)
 	NOT-FOR-US: Cisco
-CVE-2008-2056
+CVE-2008-2056 (Cisco Adaptive Security Appliance (ASA) and Cisco PIX security applian ...)
 	NOT-FOR-US: Cisco
-CVE-2008-2055
+CVE-2008-2055 (Cisco Adaptive Security Appliance (ASA) and Cisco PIX security applian ...)
 	NOT-FOR-US: Cisco
-CVE-2008-2054
+CVE-2008-2054 (Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 th ...)
 	NOT-FOR-US: Cisco CiscoWorks Common Services
-CVE-2008-2053
+CVE-2008-2053 (Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) ...)
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2008-2052
+CVE-2008-2052 (Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 ...)
 	NOT-FOR-US: Bitrix Site Manager
-CVE-2008-2049
+CVE-2008-2049 (The POP3 server (EPSTPOP3S.EXE) 4.22 in E-Post Mail Server 4.10 allows ...)
 	NOT-FOR-US: E-Post Mail Server
-CVE-2008-2048
+CVE-2008-2048 (Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in A ...)
 	NOT-FOR-US: Angelo-Emlak
-CVE-2008-2047
+CVE-2008-2047 (Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remot ...)
 	NOT-FOR-US: Angelo-Emlak
-CVE-2008-2046
+CVE-2008-2046 (Cross-site scripting (XSS) vulnerability in index.php in Softpedia Sit ...)
 	NOT-FOR-US: Softpedia
-CVE-2008-2045
+CVE-2008-2045 (Absolute path traversal vulnerability in SugarCRM Sugar Community Edit ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2008-2044
+CVE-2008-2044 (includes/library.php in netOffice Dwins 1.3 p2 compares the demoSessio ...)
 	NOT-FOR-US: netOffice Dwins
-CVE-2008-2043
+CVE-2008-2043 (Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel,  ...)
 	NOT-FOR-US: cPanel
-CVE-2008-2085
+CVE-2008-2085 (Multiple stack-based buffer overflows in the (1) get_remote_ip_media a ...)
 	- sip-tester 2.0.1-1.2 (low; bug #479039)
 	[etch] - sip-tester <no-dsa> (Minor issue)
-CVE-2008-2051
+CVE-2008-2051 (The escapeshellcmd API function in PHP before 5.2.6 has unknown impact ...)
 	{DSA-1578-1 DSA-1572-1 DTSA-135-1}
 	- php5 5.2.6-1
 	NOTE: http://www.php.net/ChangeLog-5.php
 	NOTE: http://web.archive.org/web/20120524033327/http://www.sektioneins.de/advisories/SE-2008-03.txt
-CVE-2008-2050
+CVE-2008-2050 (Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP bef ...)
 	{DSA-1572-1 DTSA-135-1}
 	- php5 5.2.6-1
 	NOTE: php4 not affected, the vulnerable code isn't present
 	NOTE: http://www.php.net/ChangeLog-5.php
-CVE-2008-2042
+CVE-2008-2042 (The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8. ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2008-2039
 	REJECTED
-CVE-2008-2038
+CVE-2008-2038 (Multiple SQL injection vulnerabilities in admin/adminindex.php in Turn ...)
 	NOT-FOR-US: Tunkey WebTools
-CVE-2008-2037
+CVE-2008-2037 (Multiple cross-site scripting (XSS) vulnerabilities in EditeurScripts  ...)
 	NOT-FOR-US: EidteurScripts
-CVE-2008-2036
+CVE-2008-2036 (SQL injection vulnerability in index.php in dream4 Koobi Pro 6.25 allo ...)
 	NOT-FOR-US: Koobi Pro
-CVE-2008-2035
+CVE-2008-2035 (Cross-site scripting (XSS) vulnerability in the Bluemoon, Inc. (1) Bac ...)
 	NOT-FOR-US: Bluemoon
-CVE-2008-2034
+CVE-2008-2034 (SQL injection vulnerability in wp-download_monitor/download.php in the ...)
 	NOT-FOR-US: wordpress Download Monitor 2.0.6 plugin
 CVE-2008-2033
 	REJECTED
-CVE-2008-2032
+CVE-2008-2032 (The FTP service in Acritum Femitter Server 1.03 allows remote attacker ...)
 	NOT-FOR-US: Acritum Femitter Server
-CVE-2008-2031
+CVE-2008-2031 (VicFTPS 5.0 allows remote attackers to cause a denial of service (cras ...)
 	NOT-FOR-US: VicFTPS
-CVE-2008-2030
+CVE-2008-2030 (Cross-site scripting (XSS) vulnerability in installControl.php3 in F5  ...)
 	NOT-FOR-US: FirePass
-CVE-2008-2029
+CVE-2008-2029 (Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2)  ...)
 	NOT-FOR-US: miniBB
-CVE-2008-2028
+CVE-2008-2028 (miniBB 2.2, and possibly earlier, when register_globals is enabled, al ...)
 	NOT-FOR-US: miniBB
-CVE-2008-2027
+CVE-2008-2027 (Open redirect vulnerability in WebID/IISWebAgentIF.dll in RSA Authenti ...)
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2008-2026
+CVE-2008-2026 (Cross-site scripting (XSS) vulnerability in WebID/IISWebAgentIF.dll in ...)
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2008-2025
+CVE-2008-2025 (Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9 ...)
 	- libstruts1.2-java 1.2.9-3.1 (low; bug #528352)
 	[lenny] - libstruts1.2-java <no-dsa> (Minor issue)
-CVE-2008-2024
+CVE-2008-2024 (Cross-site scripting (XSS) vulnerability in index.php in miniBB 2.2, a ...)
 	NOT-FOR-US: miniBB
-CVE-2008-2023
+CVE-2008-2023 (Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 all ...)
 	NOT-FOR-US: MegaBBS
-CVE-2008-2022
+CVE-2008-2022 (Mulatiple cross-site scripting (XSS) vulnerabilities in PD9 Software M ...)
 	NOT-FOR-US: MegaBBS
-CVE-2008-2021
+CVE-2008-2021 (Heap-based buffer overflow in Lhaplus before 1.57 allows remote attack ...)
 	NOT-FOR-US: Lhaplus
-CVE-2008-2020
+CVE-2008-2020 (The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-2019
+CVE-2008-2019 (Simple Machines Forum (SMF), probably 1.1.4, relies on "randomly gener ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-2018
+CVE-2008-2018 (The AssignUser function in template.class.php in PHPizabi 0.848b C1 HF ...)
 	NOT-FOR-US: PHPizabi
-CVE-2008-2017
+CVE-2008-2017 (Directory traversal vulnerability in Chilek Content Management System  ...)
 	NOT-FOR-US: Chilek Content Management System
-CVE-2008-2016
+CVE-2008-2016 (PHP remote file inclusion vulnerability in Chilek Content Management S ...)
 	NOT-FOR-US: Chilek Content Management System
-CVE-2008-2015
+CVE-2008-2015 (Multiple absolute path traversal vulnerabilities in certain ActiveX co ...)
 	NOT-FOR-US: WatchFire
-CVE-2008-2014
+CVE-2008-2014 (Mozilla Firefox 3.0 beta 5 allows remote attackers to cause a denial o ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes / hangs not treated as security issues
-CVE-2008-2013
+CVE-2008-2013 (SQL injection vulnerability in index.php in the pnFlashGames 1.5 throu ...)
 	NOT-FOR-US: pnFlashGames
-CVE-2008-2012
+CVE-2008-2012 (SQL injection vulnerability in index.php in the PostSchedule 1.0 modul ...)
 	NOT-FOR-US: PostSchedule
-CVE-2008-2011
+CVE-2008-2011 (Cross-site scripting (XSS) vulnerability in the National Rail Enquirie ...)
 	NOT-FOR-US: National Rail Enquiries Live Departure Boards gadget
-CVE-2008-2010
+CVE-2008-2010 (Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2  ...)
 	NOT-FOR-US: Windows
-CVE-2008-2009
+CVE-2008-2009 (Xiph.org libvorbis before 1.0 does not properly check for underpopulat ...)
 	- libvorbisidec 1.0.2+svn18153-0.1 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
 	- libvorbis 1.2.0.dfsg-4 (bug #482039)
@@ -12453,312 +12453,312 @@ CVE-2008-2009
 	[lenny] - libvorbis <not-affected> (actual vulnerability fixed pre-1.0)
 	NOTE: additional hardening features have already been added to the unstable
 	NOTE: packages that would be useful to have in stable, so proposing as spu/ospu
-CVE-2008-2008
+CVE-2008-2008 (Buffer overflow in the Display Names message feature in Cerulean Studi ...)
 	NOT-FOR-US: Cerulean Studios Trillian Basic
 CVE-2008-2007
 	REJECTED
-CVE-2008-2006
+CVE-2008-2006 (Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-as ...)
 	NOT-FOR-US: Apple iCal
-CVE-2008-2005
+CVE-2008-2005 (The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before  ...)
 	NOT-FOR-US: SuiteLink
-CVE-2008-2004
+CVE-2008-2004 (The drive_init function in QEMU 0.9.1 determines the format of a raw d ...)
 	{DTSA-133-1}
 	- qemu 0.9.1-5
 	- kvm 66+dfsg-1.1 (bug #481204)
 	- xen-3 3.4.0-1 (bug #490409)
 	- xen-unstable <removed> (bug #490411)
 	- xen-3.0 <removed>
-CVE-2008-2003
+CVE-2008-2003 (BadBlue 2.72 Personal Edition stores multiple programs in the web docu ...)
 	NOT-FOR-US: BadBlue
-CVE-2008-2002
+CVE-2008-2002 (Multiple cross-site request forgery (CSRF) vulnerabilities on Motorola ...)
 	NOT-FOR-US: Motorola software
-CVE-2008-2001
+CVE-2008-2001 (Apple Safari 3.1.1 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Apple Safari
-CVE-2008-2000
+CVE-2008-2000 (Unspecified vulnerability in Apple Safari 3.1.1 allows remote attacker ...)
 	NOT-FOR-US: Apple Safari
-CVE-2008-1999
+CVE-2008-1999 (Apple Safari 3.1.1 allows remote attackers to spoof the address bar by ...)
 	NOT-FOR-US: Apple Safari
-CVE-2008-1998
+CVE-2008-1998 (The NNSTAT (aka SYSPROC.NNSTAT) procedure in IBM DB2 8 before FP16, 9. ...)
 	NOT-FOR-US: Windows specific
-CVE-2008-1997
+CVE-2008-1997 (Unspecified vulnerability in the ADMIN_SP_C2 procedure in IBM DB2 8 be ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-1996
+CVE-2008-1996 (licq before 1.3.6 allows remote attackers to cause a denial of service ...)
 	- licq 1.3.5-6 (low; bug #479036)
 	[etch] - licq <no-dsa> (Minor issue)
-CVE-2008-1995
+CVE-2008-1995 (Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a  ...)
 	NOT-FOR-US: Sun Java System Directory Proxy Server
-CVE-2008-1994
+CVE-2008-1994 (Multiple stack-based buffer overflows in (a) acon.c, (b) menu.c, and ( ...)
 	- acon 1.0.5-6.1 (low; bug #475733)
-CVE-2008-1993
+CVE-2008-1993 (Acidcat CMS 3.4.1 does not restrict access to the FCKEditor component, ...)
 	NOT-FOR-US: Acidcat
-CVE-2008-1992
+CVE-2008-1992 (Acidcat CMS 3.4.1 does not properly restrict access to (1) default_mai ...)
 	NOT-FOR-US: Acidcat
-CVE-2008-1991
+CVE-2008-1991 (Cross-site scripting (XSS) vulnerability in admin_colors_swatch.asp in ...)
 	NOT-FOR-US: Acidcat
-CVE-2008-1990
+CVE-2008-1990 (Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remo ...)
 	NOT-FOR-US: Acidcat
-CVE-2008-1989
+CVE-2008-1989 (PHP remote file inclusion vulnerability in 123flashchat.php in the 123 ...)
 	NOT-FOR-US: Flash Chat
-CVE-2008-1988
+CVE-2008-1988 (Unrestricted file upload vulnerability in the file_upload function in  ...)
 	NOT-FOR-US: EncapsGallery
-CVE-2008-1987
+CVE-2008-1987 (Cross-site scripting (XSS) vulnerability in search.php in EncapsGaller ...)
 	NOT-FOR-US: EncapsGallery
-CVE-2008-1986
+CVE-2008-1986 (Cross-site scripting (XSS) vulnerability in liste_article.php in Blog  ...)
 	NOT-FOR-US: PixelMotion
-CVE-2008-1985
+CVE-2008-1985 (Cross-site scripting (XSS) vulnerability in base.php in DigitalHive 2. ...)
 	NOT-FOR-US: DigitalHive
-CVE-2008-1984
+CVE-2008-1984 (The eTrust Common Services (Transport) Daemon (eCSqdmn) in CA Secure C ...)
 	NOT-FOR-US: eTrust
-CVE-2008-1983
+CVE-2008-1983 (Cross-site scripting (XSS) vulnerability in Advanced Electron Forum (A ...)
 	NOT-FOR-US: Advanced Electron Forum (AEF)
-CVE-2008-1982
+CVE-2008-1982 (SQL injection vulnerability in ss_load.php in the Spreadsheet (wpSS) 0 ...)
 	NOT-FOR-US: Wordpress Spreadsheet plugin
-CVE-2008-1981
+CVE-2008-1981 (Cross-site request forgery (CSRF) vulnerability in E-Publish 5.x befor ...)
 	NOT-FOR-US: e-publish
-CVE-2008-1980
+CVE-2008-1980 (Cross-site scripting (XSS) vulnerability in E-Publish 5.x before 5.x-1 ...)
 	NOT-FOR-US: e-publish
-CVE-2008-1979
+CVE-2008-1979 (The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2008-1978
+CVE-2008-1978 (Cross-site scripting (XSS) vulnerability in the Ubercart 5.x before 5. ...)
 	NOT-FOR-US: Ubercart
-CVE-2008-1977
+CVE-2008-1977 (Cross-site request forgery (CSRF) vulnerability in the Internationaliz ...)
 	NOT-FOR-US: Drupal internationalization and localizer module
-CVE-2008-1976
+CVE-2008-1976 (Multiple cross-site scripting (XSS) vulnerabilities in the Drupal modu ...)
 	NOT-FOR-US: Drupal internationalization and localizer module
-CVE-2008-1975
+CVE-2008-1975 (SQL injection vulnerability in index.php in E-RESERV 2.1 allows remote ...)
 	NOT-FOR-US: E-RESERV
-CVE-2008-1973
+CVE-2008-1973 (Heap-based buffer overflow in SubEdit Player build 4056 and 4066 allow ...)
 	NOT-FOR-US: SubEdit Player
-CVE-2008-1972
+CVE-2008-1972 (Multiple cross-site scripting (XSS) vulnerabilities in the user accoun ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2008-1971
+CVE-2008-1971 (phShoutBox Final 1.5 and earlier only checks passwords when specified  ...)
 	NOT-FOR-US: phShoutBox
-CVE-2008-1970
+CVE-2008-1970 (muCommander before 0.8.2 stores credentials.xml with insecure permissi ...)
 	NOT-FOR-US: muCommander
-CVE-2008-1969
+CVE-2008-1969 (Multiple cross-site scripting (XSS) vulnerabilities in Cezanne 6.5.1 a ...)
 	NOT-FOR-US: Cezanne
-CVE-2008-1968
+CVE-2008-1968 (Multiple SQL injection vulnerabilities in Cezanne 7 allow remote authe ...)
 	NOT-FOR-US: Cezanne
-CVE-2008-1967
+CVE-2008-1967 (Cross-site scripting (XSS) vulnerability in CFLogon/CFLogon.asp in Cez ...)
 	NOT-FOR-US: Cezanne
-CVE-2008-1966
+CVE-2008-1966 (Multiple buffer overflows in the JAR file administration routines in t ...)
 	NOT-FOR-US: Windows specific
-CVE-2008-1965
+CVE-2008-1965 (Argument injection vulnerability in the cai: URI handler in rcplaunche ...)
 	NOT-FOR-US: Lotus Expeditor
 CVE-2008-1964
 	- xine-lib <not-affected> (nsf support disabled by maintainer)
 	NOTE: xine-lib (1.1.12) uses strndup to allocate the needed memory and limits it to 32 bytes
 	NOTE: while copyright is 100 bytes long (+ padding for chunks)
-CVE-2008-1963
+CVE-2008-1963 (PHP remote file inclusion vulnerability in includes/functions.php in Q ...)
 	NOT-FOR-US: Quate Grape Web Statistics
-CVE-2008-1962
+CVE-2008-1962 (Multiple directory traversal vulnerabilities in Aterr 0.9.1 allow remo ...)
 	NOT-FOR-US: Aterr
-CVE-2008-1961
+CVE-2008-1961 (SQL injection vulnerability in index.php in Voice Of Web AllMyGuests 0 ...)
 	NOT-FOR-US: Voice Of Web AllMyGuests
-CVE-2008-1960
+CVE-2008-1960 (Cross-site scripting (XSS) vulnerability in cgi-bin/contray/search.cgi ...)
 	NOT-FOR-US: ContRay
-CVE-2008-1959
+CVE-2008-1959 (Stack-based buffer overflow in the get_remote_video_port_media functio ...)
 	- sip-tester 2.0.1-1.2 (low; bug #479039)
 	[etch] - sip-tester <no-dsa> (Minor issue)
-CVE-2008-1958
+CVE-2008-1958 (Unrestricted file upload vulnerability in the ajout_cat mode in admin/ ...)
 	NOT-FOR-US: Tr Script News
-CVE-2008-1957
+CVE-2008-1957 (SQL injection vulnerability in news.php in Tr Script News 2.1 allows r ...)
 	NOT-FOR-US: Tr Script News
-CVE-2008-2146
+CVE-2008-2146 (wp-includes/vars.php in Wordpress before 2.2.3 does not properly extra ...)
 	{DSA-1564-1}
 	- wordpress 2.2.3-1
 	NOTE: http://trac.wordpress.org/ticket/4748
 	NOTE: fixed in DSA-1564-1
-CVE-2008-2040
+CVE-2008-2040 (Stack-based buffer overflow in the HTTP::getAuthUserPass function (cor ...)
 	{DSA-1583-1 DSA-1582-1}
 	- peercast 0.1218+svn20080104-1.1 (medium; bug #478573)
 	- gnome-peercast <removed>
 	NOTE: etch version tested with PoC, affected
-CVE-2008-1974
+CVE-2008-1974 (Cross-site scripting (XSS) vulnerability in addevent.php in Horde Kron ...)
 	{DSA-1560-1}
 	- kronolith2 2.1.8-1
-CVE-2008-1956
+CVE-2008-1956 (Cross-site scripting (XSS) vulnerability in index.php in Wikepage Opus ...)
 	NOT-FOR-US: Wikepage Opus
-CVE-2008-1955
+CVE-2008-1955 (Cross-site scripting (XSS) vulnerability in rep.php in Martin BOUCHER  ...)
 	NOT-FOR-US: Martin BOUCHER MyBoard
-CVE-2008-1954
+CVE-2008-1954 (SQL injection vulnerability in one_day.php in Web Calendar Pro 4.1 and ...)
 	NOT-FOR-US: Web Calendar Pro
-CVE-2008-1953
+CVE-2008-1953 (Cross-site scripting (XSS) vulnerability in the Sitedesigner before 1. ...)
 	NOT-FOR-US: Sitedesigner
-CVE-2008-1952
+CVE-2008-1952 (The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in  ...)
 	- xen-3 3.2.1-2 (medium; bug #487095)
 	- xen-unstable <not-affected> (Vulnerable code not present, introduced in changeset 17630)
 	NOTE: vulnerable code no longer present as of xen 3.4 (xenfb.c has been removed)
-CVE-2008-1951
+CVE-2008-1951 (Untrusted search path vulnerability in a certain Red Hat build script  ...)
 	NOT-FOR-US: Red Hat issue
-CVE-2008-1950
+CVE-2008-1950 (Integer signedness error in the _gnutls_ciphertext2compressed function ...)
 	{DSA-1581-1}
 	- gnutls13 2.0.4-4 (low)
 	- gnutls26 2.2.5-1 (low)
-CVE-2008-1949
+CVE-2008-1949 (The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libg ...)
 	{DSA-1581-1}
 	- gnutls13 2.0.4-4 (low)
 	- gnutls26 2.2.5-1 (low)
-CVE-2008-1948
+CVE-2008-1948 (The _gnutls_server_name_recv_params function in lib/ext_server_name.c  ...)
 	{DSA-1581-1}
 	- gnutls13 2.0.4-4 (medium)
 	- gnutls26 2.2.5-1 (medium)
-CVE-2008-1947
+CVE-2008-1947 (Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 throug ...)
 	{DSA-1593-1}
 	- tomcat5.5 5.5.26-3 (low; bug #484643)
 	- tomcat5 <removed>
-CVE-2008-1946
+CVE-2008-1946 (The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2. ...)
 	- coreutils 5.93-1
-CVE-2008-1945
+CVE-2008-1945 (QEMU 0.9.0 does not properly handle changes to removable media, which  ...)
 	{DSA-1799-1}
 	- qemu 0.9.1-5 (low; bug #526013)
-CVE-2008-1944
+CVE-2008-1944 (Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtu ...)
 	- xen-3 3.2.1-2 (medium; bug #487095)
 	- xen-unstable 3.3-unstable+hg17602-1 (medium; bug #487097)
-CVE-2008-1943
+CVE-2008-1943 (Buffer overflow in the backend of XenSource Xen Para Virtualized Frame ...)
 	- xen-3 3.2.1-2 (medium; bug #487095)
 	- xen-unstable 3.3-unstable+hg17602-1 (medium; bug #487097)
-CVE-2008-1942
+CVE-2008-1942 (Foxit Reader 2.2 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2008-1941
+CVE-2008-1941 (Cross-site scripting (XSS) vulnerability in the profile update feature ...)
 	NOT-FOR-US: Akiva WebBoard
-CVE-2008-1940
+CVE-2008-1940 (The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11 ...)
 	- linux-patch-grsecurity2 2.1.11+2.6.24.5+200804211829-1 (bug #478133)
-CVE-2008-1939
+CVE-2008-1939 (Multiple SQL injection vulnerabilities in W1L3D4 Philboard 1.0 allow r ...)
 	NOT-FOR-US: W1L3D4 Philboard
-CVE-2008-1938
+CVE-2008-1938 (Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly ...)
 	NOT-FOR-US: Sony firmware
-CVE-2008-1937
+CVE-2008-1937 (The user form processing (userform.py) in MoinMoin before 1.6.3, when  ...)
 	- moin 1.6.3-1
 	[etch] - moin <not-affected> (1.5.x is not affected)
 	NOTE: acl_hierarchic was introduced in 1.6.0
 	NOTE: userform processing issue was introduced in 1.6.1
-CVE-2008-1936
+CVE-2008-1936 (SQL injection vulnerability in index.php in Classifieds Caffe allows r ...)
 	NOT-FOR-US: Classifieds Caffe
-CVE-2008-1935
+CVE-2008-1935 (SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! ...)
 	NOT-FOR-US: Filiale
-CVE-2008-1934
+CVE-2008-1934 (SQL injection vulnerability in commentaires.php in Crazy Goomba 1.2.1  ...)
 	NOT-FOR-US: Crazy Goomba
-CVE-2008-1933
+CVE-2008-1933 (Absolute path traversal vulnerability in a certain ActiveX control in  ...)
 	NOT-FOR-US: Zune
-CVE-2008-1932
+CVE-2008-1932 (Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTK ...)
 	NOT-FOR-US: Realtek HD Audio Codec
-CVE-2008-1931
+CVE-2008-1931 (Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6. ...)
 	NOT-FOR-US: Realtek HD Audio Codec
 CVE-2008-1929
 	RESERVED
-CVE-2008-1928
+CVE-2008-1928 (Buffer overflow in Imager 0.42 through 0.63 allows attackers to cause  ...)
 	- libimager-perl 0.64-1
-CVE-2008-1926
+CVE-2008-1926 (Argument injection vulnerability in login (login-utils/login.c) in uti ...)
 	{DTSA-126-1}
 	- util-linux 2.13.1.1-1 (low; bug #478135)
 	[etch] - util-linux <not-affected> (Audit support not available in Etch's version)
-CVE-2008-1923
+CVE-2008-1923 (The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72 ...)
 	- asterisk 1:1.4.19.1~dfsg-1 (medium)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2008-1922
+CVE-2008-1922 (Multiple stack-based buffer overflows in Sarg might allow attackers to ...)
 	- sarg 2.2.4-1
-CVE-2008-1921
+CVE-2008-1921 (SQL injection vulnerability in store_pages/category_list.php in 5th Av ...)
 	NOT-FOR-US: 5th Avenue Shopping Cart
-CVE-2008-1920
+CVE-2008-1920 (Heap-based buffer overflow in the boxelyRenderer module in the Persona ...)
 	NOT-FOR-US: ICQ
-CVE-2008-1919
+CVE-2008-1919 (SQL injection vulnerability in listtest.php in YourFreeWorld Apartment ...)
 	NOT-FOR-US: YourFreeWorld Apartment Search Script
-CVE-2008-1918
+CVE-2008-1918 (SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6. ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2008-1917
+CVE-2008-1917 (Multiple cross-site scripting (XSS) vulnerabilities in AMFPHP 1.2 allo ...)
 	NOT-FOR-US: AMFPHP
-CVE-2008-1916
+CVE-2008-1916 (Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart 5. ...)
 	NOT-FOR-US: Ubercart (drupal module)
-CVE-2008-1915
+CVE-2008-1915 (SQL injection vulnerability in view.asp in DevWorx BlogWorx 1.0 allows ...)
 	NOT-FOR-US: BlogWorx
-CVE-2008-1930
+CVE-2008-1930 (The cookie authentication method in WordPress 2.5 relies on a hash of  ...)
 	- wordpress 2.5.1-1 (medium; bug #477910)
 	NOTE: only exploitable in blogs that allow user registering
 	[etch] - wordpress <not-affected> (Vulnerable code was introduced in 2.5)
-CVE-2008-1927
+CVE-2008-1927 (Double free vulnerability in Perl 5.8.8 allows context-dependent attac ...)
 	{DSA-1556-2}
 	- perl 5.10.0-1 (bug #454792)
-CVE-2008-1925
+CVE-2008-1925 (Buffer overflow in InspIRCd before 1.1.18, when using the namesx and u ...)
 	- inspircd 1.1.18+dfsg-1 (low)
-CVE-2008-1924
+CVE-2008-1924 (Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running  ...)
 	{DSA-1557-1}
 	- phpmyadmin 4:2.11.5.2-1
 	NOTE: PMASA-2008-3
 	NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_9/phpMyAdmin/libraries/tbl_replace_fields.inc.php?r1=11211&r2=11210&pathrev=11211
-CVE-2008-1914
+CVE-2008-1914 (Stack-based buffer overflow in the AntServer module (AntServer.exe) in ...)
 	NOT-FOR-US: BigAnt Messenger
-CVE-2008-1913
+CVE-2008-1913 (SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, ...)
 	NOT-FOR-US: Lasernet CMS
-CVE-2008-1912
+CVE-2008-1912 (Stack-based buffer overflow in DivX Player 6.7 build 6.7.0.22 and earl ...)
 	NOT-FOR-US: DivX Player
-CVE-2008-1911
+CVE-2008-1911 (SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 b ...)
 	NOT-FOR-US: 1024 CMS
-CVE-2008-1910
+CVE-2008-1910 (Stack-based buffer overflow in the database service (ibserver.exe) in  ...)
 	NOT-FOR-US: Borland InterBase
-CVE-2008-1909
+CVE-2008-1909 (SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPK ...)
 	NOT-FOR-US: PHPKB
-CVE-2008-1908
+CVE-2008-1908 (Multiple directory traversal vulnerabilities in cpCommerce 1.1.0 allow ...)
 	NOT-FOR-US: cpCommerce
-CVE-2008-1907
+CVE-2008-1907 (Multiple SQL injection vulnerabilities in functions/display_page.func. ...)
 	NOT-FOR-US: cpCommerce
-CVE-2008-1906
+CVE-2008-1906 (Cross-site scripting (XSS) vulnerability in calendar.php in cpCommerce ...)
 	NOT-FOR-US: cpCommerce
-CVE-2008-1905
+CVE-2008-1905 (NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Ne ...)
 	NOT-FOR-US: Nero MediaHome
-CVE-2008-1904
+CVE-2008-1904 (Cicoandcico CcMail 1.0.1 and earlier does not verify that the this_coo ...)
 	NOT-FOR-US: CcMail
-CVE-2008-1903
+CVE-2008-1903 (PHP remote file inclusion vulnerability in news_show.php in Newanz New ...)
 	NOT-FOR-US: Newanz NewsOffice
-CVE-2008-1902
+CVE-2008-1902 (The GUI for aptlinex before 0.91 does not sufficiently warn the user o ...)
 	- aptlinex 0.91-1 (low; bug #476572)
 	NOTE: the user gets a confirmation dialog
-CVE-2008-1901
+CVE-2008-1901 (aptlinex before 0.91 allows local users to overwrite arbitrary files v ...)
 	- aptlinex 0.91-1 (medium; bug #476588)
 	NOTE: code execution via /tmp/gambas-apt-exec is also possible, maintainer confirmed this
-CVE-2008-1900
+CVE-2008-1900 (option_Update.asp in Carbon Communities 2.4 and earlier allows remote  ...)
 	NOT-FOR-US: Carbon Communities
 CVE-2008-1899
 	RESERVED
-CVE-2008-1898
+CVE-2008-1898 (A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed  ...)
 	NOT-FOR-US: Microsoft Works
-CVE-2008-1897
+CVE-2008-1897 (The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2 ...)
 	{DSA-1563-1}
 	- asterisk 1:1.4.19.1~dfsg-1 (medium)
-CVE-2008-1896
+CVE-2008-1896 (Multiple cross-site scripting (XSS) vulnerabilities in Carbon Communit ...)
 	NOT-FOR-US: Carbon Communities
-CVE-2008-1895
+CVE-2008-1895 (Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and e ...)
 	NOT-FOR-US: Carbon Communities
-CVE-2008-1894
+CVE-2008-1894 (Cross-site scripting (XSS) vulnerability in desktoplaunch/InfoView/log ...)
 	NOT-FOR-US: BusinessObjects InfoView
-CVE-2008-1893
+CVE-2008-1893 (PHP remote file inclusion vulnerability in index.php in W2B Online Ban ...)
 	NOT-FOR-US: W2B Online Banking
-CVE-2008-1892
+CVE-2008-1892 (Cross-site scripting (XSS) vulnerability in bs_auth.php in Blogator-sc ...)
 	NOT-FOR-US: Blogator-script
-CVE-2008-1891
+CVE-2008-1891 (Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier ...)
 	- ruby1.8 1.8.7.22-1 (unimportant)
 	- ruby1.9 1.9.0.2-1 (unimportant)
 	NOTE: corner-case only exploitable if web application is run on windows fs
-CVE-2008-1890
+CVE-2008-1890 (SQL injection vulnerability in the Jom Comment 2.0 build 345 component ...)
 	NOT-FOR-US: Jom Comment for Joomla!
-CVE-2008-1889
+CVE-2008-1889 (SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials 2 ...)
 	NOT-FOR-US: XplodPHP AutoTutorials
-CVE-2008-1888
+CVE-2008-1888 (Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoi ...)
 	NOT-FOR-US: Windows
-CVE-2008-1886
+CVE-2008-1886 (The NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetwo ...)
 	NOT-FOR-US: CDNetworks Nefficient Download
-CVE-2008-1885
+CVE-2008-1885 (Directory traversal vulnerability in the NeffyLauncher 1.0.5 ActiveX c ...)
 	NOT-FOR-US: NeffyLauncher
-CVE-2008-1884
+CVE-2008-1884 (Directory traversal vulnerability in index.php in Wikepage Opus 13 200 ...)
 	NOT-FOR-US: Wikepage
-CVE-2008-1883
+CVE-2008-1883 (The server in Blackboard Academic Suite 7.x stores MD5 password hashes ...)
 	NOT-FOR-US: Blackboard Academic Suite
 CVE-2008-1882
 	RESERVED
-CVE-2008-1881
+CVE-2008-1881 (Stack-based buffer overflow in the ParseSSA function (modules/demux/su ...)
 	{DSA-1819-1 DTSA-125-1}
 	- vlc 0.8.6.e-2.1 (medium; bug #477805)
-CVE-2008-1880
+CVE-2008-1880 (The default configuration of Firebird before 2.0.3.12981.0-r6 on Gento ...)
 	- firebird2 <removed>
 	[etch] - firebird2 <no-dsa> (Firebird 1.5 no longer supported, see last DSA)
 	- firebird2.0 2.0.3.12981.ds1-14 (bug #481389)
@@ -12766,415 +12766,415 @@ CVE-2008-1880
 	NOTE: you need to call dpkg-reconfigure
 CVE-2008-1879
 	RESERVED
-CVE-2008-2041
+CVE-2008-2041 (Multiple unspecified vulnerabilities in eGroupWare before 1.4.004 have ...)
 	- egroupware 1.4.004-2.dfsg-1 (bug #476977)
-CVE-2008-1876
+CVE-2008-1876 (PHP remote file inclusion vulnerability in index.php in VisualPic 0.3. ...)
 	NOT-FOR-US: VisualPic
-CVE-2008-1875
+CVE-2008-1875 (SQL injection vulnerability in index.php in Terong PHP Photo Gallery ( ...)
 	NOT-FOR-US: Terong PHP Photo Gallery
-CVE-2008-1874
+CVE-2008-1874 (SQL injection vulnerability in account/user/mail.html in Xpoze Pro 3.0 ...)
 	NOT-FOR-US: Xpoze Pro
-CVE-2008-1873
+CVE-2008-1873 (Cross-site scripting (XSS) vulnerability in the private message featur ...)
 	NOT-FOR-US: Nuke ET
-CVE-2008-1872
+CVE-2008-1872 (SQL injection vulnerability in home.news.php in Comdev News Publisher  ...)
 	NOT-FOR-US: Comdev News Publisher
-CVE-2008-1871
+CVE-2008-1871 (SQL injection vulnerability in links.php in Scriptsagent.com Links Dir ...)
 	NOT-FOR-US: Scriptsagent.com
-CVE-2008-1870
+CVE-2008-1870 (SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and earl ...)
 	NOT-FOR-US: PIGMy-SQL
-CVE-2008-1869
+CVE-2008-1869 (SQL injection vulnerability in Site Sift Listings allows remote attack ...)
 	NOT-FOR-US: Site Sift Listings
-CVE-2008-1868
+CVE-2008-1868 (admin/sauvBase.php in Blog Pixel Motion (aka Blog PixelMotion) does no ...)
 	NOT-FOR-US: Blog Pixel Motion
-CVE-2008-1867
+CVE-2008-1867 (SQL injection vulnerability in Blog Pixel Motion (aka Blog PixelMotion ...)
 	NOT-FOR-US: Blog Pixel Motion
-CVE-2008-1866
+CVE-2008-1866 (admin/modif_config.php in Blog Pixel Motion (aka PixelMotion) does not ...)
 	NOT-FOR-US: Blog Pixel Motion
-CVE-2008-1865
+CVE-2008-1865 (Stack-based buffer overflow in the msx_readnode function in libmosix.c ...)
 	NOT-FOR-US: openmosix-tools
-CVE-2008-1864
+CVE-2008-1864 (SQL injection vulnerability in project.php in Prozilla Freelancers all ...)
 	NOT-FOR-US: Prozilla Freelancers
-CVE-2008-1863
+CVE-2008-1863 (SQL injection vulnerability in view_reviews.php in Prozilla Cheat Scri ...)
 	NOT-FOR-US: Prozilla Cheat Script
-CVE-2008-1862
+CVE-2008-1862 (ExBB Italia 0.22 and earlier only checks GET requests that use the QUE ...)
 	NOT-FOR-US: ExBB Italia
-CVE-2008-1861
+CVE-2008-1861 (Directory traversal vulnerability in modules/threadstop/threadstop.php ...)
 	NOT-FOR-US: ExBB Italia
-CVE-2008-1860
+CVE-2008-1860 (Static code injection vulnerability in admin.php in LokiCMS 0.3.3 and  ...)
 	NOT-FOR-US: LokiCMS
-CVE-2008-1859
+CVE-2008-1859 (SQL injection vulnerability in events.php in iScripts SocialWare allow ...)
 	NOT-FOR-US: iScripts SocialWare
-CVE-2008-1858
+CVE-2008-1858 (SQL injection vulnerability in index.php in 724Networks 724CMS 4.01 an ...)
 	NOT-FOR-US: 724Networks 724CMS
-CVE-2008-1857
+CVE-2008-1857 (Multiple directory traversal vulnerabilities in viewsource.php in Make ...)
 	NOT-FOR-US: Mole
-CVE-2008-1856
+CVE-2008-1856 (plugins/maps/db_handler.php in LinPHA 1.3.3 and earlier does not requi ...)
 	NOT-FOR-US: LinPHA
-CVE-2008-1855
+CVE-2008-1855 (FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 ...)
 	NOT-FOR-US: McAfee
-CVE-2008-1854
+CVE-2008-1854 (Unspecified vulnerability in SmarterMail Web Server (SMWebSvr.exe) in  ...)
 	NOT-FOR-US: SmarterMail Web Server
-CVE-2008-1853
+CVE-2008-1853 (The ovtopmd service in HP OpenView Network Node Manager (OV NNM) 7.51, ...)
 	NOT-FOR-US: HP OpenView
-CVE-2008-1852
+CVE-2008-1852 (ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, an ...)
 	NOT-FOR-US: HP OpenView
-CVE-2008-1851
+CVE-2008-1851 (ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, an ...)
 	NOT-FOR-US: HP OpenView
-CVE-2008-1850
+CVE-2008-1850 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in Om ...)
 	NOT-FOR-US: Omnistar Interactive OSI Affiliate
-CVE-2008-1849
+CVE-2008-1849 (Directory traversal vulnerability in index.php in the joomlaXplorer (c ...)
 	NOT-FOR-US: com_joomlaxplorer Mambo/Joomla! component
-CVE-2008-1848
+CVE-2008-1848 (Cross-site scripting (XSS) vulnerability in the joomlaXplorer (com_joo ...)
 	NOT-FOR-US: com_joomlaxplorer Mambo/Joomla!
-CVE-2008-1847
+CVE-2008-1847 (SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook ...)
 	NOT-FOR-US: phpAddressBook
-CVE-2008-1846
+CVE-2008-1846 (The default configuration of SAP NetWeaver before 7.0 SP15 does not en ...)
 	NOT-FOR-US: SAP
-CVE-2008-1845
+CVE-2008-1845 (The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not f ...)
 	- mksh 33.4-1 (low)
 	[etch] - mksh 28.0-3
-CVE-2008-1844
+CVE-2008-1844 (SQL injection vulnerability in cat.php in W2B phpHotResources allows r ...)
 	NOT-FOR-US: W2B phpHotResources
-CVE-2008-1843
+CVE-2008-1843 (SQL injection vulnerability in browse.php in W2B DatingClub (aka Datin ...)
 	NOT-FOR-US: W2B DatingClub
-CVE-2008-1842
+CVE-2008-1842 (Integer signedness error in ovspmd.exe in HP OpenView Network Node Man ...)
 	NOT-FOR-US: HP OpenView
-CVE-2008-1841
+CVE-2008-1841 (SQL injection vulnerability in the session handling functionality in b ...)
 	NOT-FOR-US: Coppermine
-CVE-2008-1840
+CVE-2008-1840 (SQL injection vulnerability in upload.php in Coppermine Photo Gallery  ...)
 	NOT-FOR-US: Coppermine
-CVE-2008-1839
+CVE-2008-1839 (Multgiple cross-site scripting (XSS) vulnerabilities in module/main.ph ...)
 	NOT-FOR-US: WORK system e-commerce
-CVE-2008-1838
+CVE-2008-1838 (SQL injection vulnerability in BosClassifieds Classified Ads System 3. ...)
 	NOT-FOR-US: BosClassifieds Classified Ads System
-CVE-2008-1836
+CVE-2008-1836 (The rfc2231 function in message.c in libclamav in ClamAV before 0.93 a ...)
 	- clamav <not-affected> (Vulnerable code introduced later, checked back with upstream)
-CVE-2008-1834
+CVE-2008-1834 (swfdec_load_object.c in Swfdec before 0.6.4 does not properly restrict ...)
 	- swfdec0.6 0.6.4-1 (low)
 	- swfdec0.5 <removed> (low; bug #477037)
-CVE-2008-1833
+CVE-2008-1833 (Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allow ...)
 	{DSA-1549-1}
 	- clamav 0.92.1~dfsg2-1.1 (medium; bug #476694)
-CVE-2008-1878
+CVE-2008-1878 (Stack-based buffer overflow in the demux_nsf_send_chunk function in sr ...)
 	{DSA-1586-1 DTSA-128-1}
 	- xine-lib 1.1.12-2 (medium; bug #476990)
 	NOTE: not patched but disabled in testing/unstable
-CVE-2008-1831
+CVE-2008-1831 (Multiple unspecified vulnerabilities in the Siebel SimBuilder componen ...)
 	NOT-FOR-US: Oracle Siebel Enterprise
-CVE-2008-1830
+CVE-2008-1830 (Unspecified vulnerability in the PeopleSoft HCM ePerformance component ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne
-CVE-2008-1829
+CVE-2008-1829 (Unspecified vulnerability in the PeopleSoft HCM Recruiting component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne
-CVE-2008-1828
+CVE-2008-1828 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne
-CVE-2008-1827
+CVE-2008-1827 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.1 ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2008-1826
+CVE-2008-1826 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.1 ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2008-1825
+CVE-2008-1825 (Unspecified vulnerability in the Oracle Portal component in Oracle App ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1824
+CVE-2008-1824 (Unspecified vulnerability in the Oracle Dynamic Monitoring Service com ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1823
+CVE-2008-1823 (Unspecified vulnerability in the Oracle Jinitiator component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1822
+CVE-2008-1822 (Unspecified vulnerability in the Oracle Application Express component  ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1821
+CVE-2008-1821 (Unspecified vulnerability in the Advanced Queuing component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1820
+CVE-2008-1820 (Unspecified vulnerability in the Data Pump component in Oracle Databas ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1819
+CVE-2008-1819 (Unspecified vulnerability in the Oracle Net Services component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1818
+CVE-2008-1818 (Unspecified vulnerability in the Authentication component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1817
+CVE-2008-1817 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1816
+CVE-2008-1816 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 1 ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1815
+CVE-2008-1815 (Unspecified vulnerability in the Change Data Capture component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1814
+CVE-2008-1814 (Unspecified vulnerability in the Oracle Secure Enterprise Search or Ul ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1813
+CVE-2008-1813 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1812
+CVE-2008-1812 (Unspecified vulnerability in the Oracle Enterprise Manager component i ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1811
+CVE-2008-1811 (Unspecified vulnerability in Oracle Application Express 3.0.1 has unsp ...)
 	NOT-FOR-US: Oracle
-CVE-2008-1810
+CVE-2008-1810 (Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 o ...)
 	NOT-FOR-US: SAP MaxDB
-CVE-2008-1809
+CVE-2008-1809 (Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-1808
+CVE-2008-1808 (Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dep ...)
 	{DSA-1635-1 DTSA-139-1}
 	- freetype 2.3.6-1 (low; bug #485841)
-CVE-2008-1807
+CVE-2008-1807 (FreeType2 before 2.3.6 allow context-dependent attackers to execute ar ...)
 	{DSA-1635-1 DTSA-139-1}
 	- freetype 2.3.6-1 (medium; bug #485841)
-CVE-2008-1806
+CVE-2008-1806 (Integer overflow in FreeType2 before 2.3.6 allows context-dependent at ...)
 	{DSA-1635-1 DTSA-139-1}
 	- freetype 2.3.6-1 (medium; bug #485841)
-CVE-2008-1805
+CVE-2008-1805 (Incomplete blacklist vulnerability in Skype 3.6.0.248, and other versi ...)
 	NOT-FOR-US: Skype
-CVE-2008-1804
+CVE-2008-1804 (preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not pr ...)
 	{DTSA-173-1}
 	- snort 2.7.0-20 (low; bug #483160)
 	[lenny] - snort 2.7.0-20.2 (low; bug #483160)
 	[etch] - snort <not-affected> (Only 2.6 and 2.8 are affected)
-CVE-2008-1803
+CVE-2008-1803 (Integer signedness error in the xrealloc function (rdesktop.c) in RDes ...)
 	{DSA-1573-1}
 	- rdesktop 1.5.0-4+cvs20071006 (bug #480135)
-CVE-2008-1802
+CVE-2008-1802 (Buffer overflow in the process_redirect_pdu (rdp.c) function in rdeskt ...)
 	{DSA-1573-1}
 	- rdesktop 1.5.0-4+cvs20071006 (bug #480134)
-CVE-2008-1801
+CVE-2008-1801 (Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5 ...)
 	{DSA-1573-1}
 	- rdesktop 1.5.0-4+cvs20071006 (bug #480133)
-CVE-2008-1800
+CVE-2008-1800 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Di ...)
 	NOT-FOR-US: DivXDB
-CVE-2008-1799
+CVE-2008-1799 (Directory traversal vulnerability in thumbnails.php in sabros.us 1.75  ...)
 	NOT-FOR-US: sabros.us
-CVE-2008-1798
+CVE-2008-1798 (Directory traversal vulnerability in forum/kietu/libs/calendrier.php i ...)
 	NOT-FOR-US: Dragoon
-CVE-2008-1797
+CVE-2008-1797 (Unspecified vulnerability in Secure Computing Webwasher 5.30 before bu ...)
 	NOT-FOR-US: Secure Computing Webwasher
-CVE-2008-1796
+CVE-2008-1796 (Comix 3.6.4 creates temporary directories with predictable names, whic ...)
 	- comix 3.6.4-1.1 (unimportant)
 	NOTE: only exploitable with insecure umask settings
-CVE-2008-1795
+CVE-2008-1795 (Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Acad ...)
 	NOT-FOR-US: Blackboard Academic Suite
-CVE-2008-1794
+CVE-2008-1794 (Multiple cross-site scripting (XSS) vulnerabilities in the Webform Dru ...)
 	NOT-FOR-US: Webform Drupal module
-CVE-2008-1793
+CVE-2008-1793 (Multiple cross-site scripting (XSS) vulnerabilities in view.cgi in Sma ...)
 	NOT-FOR-US: Smart
-CVE-2008-1792
+CVE-2008-1792 (Cross-site scripting (XSS) vulnerability in the insertion filter in th ...)
 	NOT-FOR-US: Flickr Drupal module
-CVE-2008-1791
+CVE-2008-1791 (SQL injection vulnerability in ladder.php in My Gaming Ladder 7.5 and  ...)
 	NOT-FOR-US: My Gaming Ladder
-CVE-2008-1790
+CVE-2008-1790 (Unrestricted file upload vulnerability in iScripts SocialWare allows r ...)
 	NOT-FOR-US: iScripts
-CVE-2008-1789
+CVE-2008-1789 (SQL injection vulnerability in forum.php in Prozilla Forum allows remo ...)
 	NOT-FOR-US: Prozilla Forum
-CVE-2008-1788
+CVE-2008-1788 (SQL injection vulnerability in directory.php in Prozilla Entertainers  ...)
 	NOT-FOR-US: Prozilla Entertainers
-CVE-2008-1787
+CVE-2008-1787 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Po ...)
 	NOT-FOR-US: Poplar Gedcom Viewer
-CVE-2008-1786
+CVE-2008-1786 (The DSM gui_cm_ctrls ActiveX control (gui_cm_ctrls.ocx), as used in mu ...)
 	NOT-FOR-US: CA products
-CVE-2008-1785
+CVE-2008-1785 (delete.php in Prozilla Top 100 1.2 allows remote authenticated users t ...)
 	NOT-FOR-US: Prozilla Top 100
-CVE-2008-1784
+CVE-2008-1784 (Prozilla Topsites 1.0 allows remote attackers to perform administrativ ...)
 	NOT-FOR-US: Prozilla Topsites
-CVE-2008-1783
+CVE-2008-1783 (Prozilla Reviews 1.0 allows remote attackers to delete arbitrary users ...)
 	NOT-FOR-US: Prozilla Reviews
-CVE-2008-1782
+CVE-2008-1782 (phpdemo/viewsource.php in Advanced Software Engineering ChartDirector  ...)
 	NOT-FOR-US: Advanced Software Engineering ChartDirector
-CVE-2008-1837
+CVE-2008-1837 (libclamunrar in ClamAV before 0.93 allows remote attackers to cause a  ...)
 	- clamav <not-affected> (Debian doesn't include libunrar since it's non-free)
-CVE-2008-1835
+CVE-2008-1835 (ClamAV before 0.93 allows remote attackers to bypass the scanning engi ...)
 	- clamav <not-affected> (Debian doesn't include libunrar since it's non-free)
-CVE-2008-1832
+CVE-2008-1832 (lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitra ...)
 	- cecilia 2.0.5-2.1 (low; bug #476321)
 	[etch] - cecilia <no-dsa> (Minor issue)
 CVE-2008-1781
 	REJECTED
-CVE-2008-1780
+CVE-2008-1780 (Unspecified vulnerability in the labeled networking functionality in S ...)
 	NOT-FOR-US: Solaris
-CVE-2008-1779
+CVE-2008-1779 (Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a d ...)
 	NOT-FOR-US: Solaris
-CVE-2008-1778
+CVE-2008-1778 (Unspecified vulnerability in the floating point context switch impleme ...)
 	NOT-FOR-US: Solaris
-CVE-2008-1777
+CVE-2008-1777 (The eDirectory Host Environment service (dhost.exe) in Novell eDirecto ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-1776
+CVE-2008-1776 (PHP remote file inclusion vulnerability in modules/basicfog/basicfogfa ...)
 	NOT-FOR-US: PhpBlock
-CVE-2008-1775
+CVE-2008-1775 (Cross-site scripting (XSS) vulnerability in mindex.do in ManageEngine  ...)
 	NOT-FOR-US: ManageEngine Firewall Analyzer
-CVE-2008-1774
+CVE-2008-1774 (SQL injection vulnerability in editlink.php in Pligg 9.9.0 allows remo ...)
 	NOT-FOR-US: Pligg
-CVE-2008-1773
+CVE-2008-1773 (PHP remote file inclusion vulnerability in includes/header.inc.php in  ...)
 	NOT-FOR-US: Dragoon
-CVE-2008-1772
+CVE-2008-1772 (iScripts SocialWare stores passwords in cleartext in a database, which ...)
 	NOT-FOR-US: iScripts SocialWare
-CVE-2008-1771
+CVE-2008-1771 (Integer overflow in the ws_getpostvars function in Firefly Media Serve ...)
 	{DSA-1597-1}
 	- mt-daapd 0.9~r1696-1.3 (medium; bug #476241)
-CVE-2008-1770
+CVE-2008-1770 (CRLF injection vulnerability in Akamai Download Manager ActiveX contro ...)
 	NOT-FOR-US: Akamai Download Manager
-CVE-2008-1769
+CVE-2008-1769 (VLC before 0.8.6f allow remote attackers to cause a denial of service  ...)
 	{DSA-1819-1 DTSA-125-1}
 	- vlc 0.8.6.e-2.1 (low; bug #478140)
-CVE-2008-1768
+CVE-2008-1768 (Multiple integer overflows in VLC before 0.8.6f allow remote attackers ...)
 	{DSA-1819-1 DTSA-125-1}
 	- vlc 0.8.6.e-2.1 (medium; bug #478140)
-CVE-2008-1767
+CVE-2008-1767 (Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-d ...)
 	{DSA-1589-1}
 	- libxslt 1.1.24-1 (bug #482664)
-CVE-2008-1766
+CVE-2008-1766 (Multiple unspecified vulnerabilities in phpBB before 3.0.1 have unknow ...)
 	- phpbb3 3.0.1-1 (low)
 	- phpbb2 <not-affected> (Vulnerable code not present)
-CVE-2008-1765
+CVE-2008-1765 (Buffer overflow in Adobe Photoshop Album Starter Edition 3.2, and poss ...)
 	NOT-FOR-US: Adobe
-CVE-2008-1764
+CVE-2008-1764 (Unspecified vulnerability in Opera before 9.27 has unknown impact and  ...)
 	NOT-FOR-US: Opera
-CVE-2008-1763
+CVE-2008-1763 (SQL injection vulnerability in _blogadata/include/sond_result.php in B ...)
 	NOT-FOR-US: Blogator-script
-CVE-2008-1762
+CVE-2008-1762 (Opera before 9.27 allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Opera
-CVE-2008-1761
+CVE-2008-1761 (Opera before 9.27 allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Opera
-CVE-2008-1760
+CVE-2008-1760 (Multiple PHP remote file inclusion vulnerabilities in Blogator-script  ...)
 	NOT-FOR-US: Blogator-script
-CVE-2008-1759
+CVE-2008-1759 (SQL injection vulnerability in the jeuxflash module for KwsPHP allows  ...)
 	NOT-FOR-US: KwsPHP
-CVE-2008-1758
+CVE-2008-1758 (SQL injection vulnerability in the ConcoursPhoto module for KwsPHP all ...)
 	NOT-FOR-US: KwsPHP
-CVE-2008-1757
+CVE-2008-1757 (Cross-site scripting (XSS) vulnerability in index.php in the ConcoursP ...)
 	NOT-FOR-US: KwsPHP
-CVE-2008-1756
+CVE-2008-1756 (Unspecified vulnerability in the Qmaster daemon in Sun N1 Grid Engine  ...)
 	NOT-FOR-US: Sun
-CVE-2008-1755
+CVE-2008-1755 (Directory traversal vulnerability in the showSource function in showSo ...)
 	NOT-FOR-US: World of Phaos
-CVE-2008-1754
+CVE-2008-1754 (Symantec Altiris Deployment Solution before 6.9.164 stores the Deploym ...)
 	NOT-FOR-US: Symantec
-CVE-2008-1753
+CVE-2008-1753 (Cross-site scripting (XSS) vulnerability in system/workplace/admin/wor ...)
 	NOT-FOR-US: Alkacon OpenCMS
-CVE-2008-1752
+CVE-2008-1752 (ezRADIUS 0.1 stores sensitive information under the web root with insu ...)
 	NOT-FOR-US: ezRADIUS
-CVE-2008-1751
+CVE-2008-1751 (Multiple directory traversal vulnerabilities in index.php in Ksemail a ...)
 	NOT-FOR-US: Ksemail
-CVE-2008-1750
+CVE-2008-1750 (SQL injection vulnerability in Integry Systems LiveCart 1.1.1 and earl ...)
 	NOT-FOR-US: LiveCart
-CVE-2008-1749
+CVE-2008-1749 (Memory leak in Cisco Content Switching Module (CSM) 4.2(3) up to 4.2(8 ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1748
+CVE-2008-1748 (Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before  ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1747
+CVE-2008-1747 (Unspecified vulnerability in Cisco Unified Communications Manager 4.1  ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1746
+CVE-2008-1746 (The SNMP Trap Agent service in Cisco Unified Communications Manager (C ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1745
+CVE-2008-1745 (Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x  ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1744
+CVE-2008-1744 (The Certificate Authority Proxy Function (CAPF) service in Cisco Unifi ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1743
+CVE-2008-1743 (Memory leak in the Certificate Trust List (CTL) Provider service in Ci ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1742
+CVE-2008-1742 (Memory leak in the Certificate Trust List (CTL) Provider service in Ci ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1741
+CVE-2008-1741 (The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) a ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1740
+CVE-2008-1740 (The Presence Engine (PE) service in Cisco Unified Presence before 6.0( ...)
 	NOT-FOR-US: Cisco firmware
-CVE-2008-1739
+CVE-2008-1739 (Apple QuickTime before 7.4.5 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1738
+CVE-2008-1738 (Rising Antivirus 2008 before 20.38.20 allows local users to cause a de ...)
 	NOT-FOR-US: Rising Antivirus
-CVE-2008-1737
+CVE-2008-1737 (Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behaviou ...)
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2008-1736
+CVE-2008-1736 (Comodo Firewall Pro before 3.0 does not properly validate certain para ...)
 	NOT-FOR-US: Comodo Firewall
-CVE-2008-1735
+CVE-2008-1735 (BitDefender Antivirus 2008 20080118 and earlier allows local users to  ...)
 	NOT-FOR-US: BitDefender Antivirus
-CVE-2008-1734
+CVE-2008-1734 (Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux mi ...)
 	NOT-FOR-US: PHP Toolkit (Gentoo specific)
-CVE-2008-1733
+CVE-2008-1733 (SQL injection vulnerability in puarcade.class.php 2.2 and earlier in t ...)
 	NOT-FOR-US: Joomla component Pragmatic Utopia PU Arcade
-CVE-2008-1732
+CVE-2008-1732 (SQL injection vulnerability in showpredictionsformatch.php in Predicti ...)
 	NOT-FOR-US: Prediction Football
-CVE-2008-1731
+CVE-2008-1731 (The Simple Access module for Drupal 5.x through 5.x-1.2-2 does not pro ...)
 	NOT-FOR-US: Drupal module Simple Access
-CVE-2008-1730
+CVE-2008-1730 (Directory traversal vulnerability in download.html in ARWScripts Galle ...)
 	NOT-FOR-US: ARWScripts Gallery Script Lite
-CVE-2008-1729
+CVE-2008-1729 (The menu system in Drupal 6 before 6.2 has incorrect menu settings, wh ...)
 	NOT-FOR-US: Drupal 6 (not packaged yet)
-CVE-2008-1728
+CVE-2008-1728 (ConnectionManagerImpl.java in Ignite Realtime Openfire 3.4.5 allows re ...)
 	NOT-FOR-US: Ignite Realtime Openfire
-CVE-2008-1727
+CVE-2008-1727 (KnowledgeQuest 2.5 and 2.6 does not require authentication for access  ...)
 	NOT-FOR-US: KnowledgeQuest
-CVE-2008-1726
+CVE-2008-1726 (Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when mag ...)
 	NOT-FOR-US: KnowledgeQuest
-CVE-2008-1725
+CVE-2008-1725 (The IBizEBank.FIProfile.1 ActiveX control in fiprofile20.ocx in IBiz E ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-1724
+CVE-2008-1724 (Stack-based buffer overflow in the IActiveXTransfer.FileTransfer metho ...)
 	NOT-FOR-US: ActiveX
 CVE-2008-1723
 	RESERVED
-CVE-2008-1722
+CVE-2008-1722 (Multiple integer overflows in (1) filter/image-png.c and (2) filter/im ...)
 	{DSA-1625-1}
 	- cups 1.3.7-2 (medium; bug #476305)
 	- cupsys 1.3.7-2 (medium; bug #476305)
-CVE-2008-1721
+CVE-2008-1721 (Integer signedness error in the zlib extension module in Python 2.5.2  ...)
 	{DSA-1620-1 DSA-1551-1}
 	- python2.4 2.4.5-2
 	- python2.5 2.5.2-3
-CVE-2008-1719
+CVE-2008-1719 (Multiple cross-site request forgery (CSRF) vulnerabilities in Nuke ET  ...)
 	NOT-FOR-US: Nuke ET
-CVE-2008-1718
+CVE-2008-1718 (Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, a ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2008-1717
+CVE-2008-1717 (WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 ...)
 	NOT-FOR-US: WoltLab Community Framework
-CVE-2008-1716
+CVE-2008-1716 (Cross-site scripting (XSS) vulnerability in WoltLab Community Framewor ...)
 	NOT-FOR-US: WoltLab Community Framework
-CVE-2008-1715
+CVE-2008-1715 (SQL injection vulnerability in content/user.php in AuraCMS 2.2.1 and e ...)
 	NOT-FOR-US: AuraCMS
-CVE-2008-1714
+CVE-2008-1714 (SQL injection vulnerability in show.php in FaScript FaPhoto 1.0, when  ...)
 	NOT-FOR-US: FaScript FaPhoto
-CVE-2008-1713
+CVE-2008-1713 (MailServer.exe in NoticeWare Email Server 4.6.1.0 allows remote attack ...)
 	NOT-FOR-US: NoticeWare Email Server
-CVE-2008-1712
+CVE-2008-1712 (PHP remote file inclusion vulnerability in includes/functions_weblog.p ...)
 	NOT-FOR-US: mx_blogs
-CVE-2008-1711
+CVE-2008-1711 (Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores p ...)
 	NOT-FOR-US: Terong PHP Photo Gallery
-CVE-2008-1710
+CVE-2008-1710 (Untrusted search path vulnerability in chnfsmnt in IBM AIX 6.1 allows  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-1709
+CVE-2008-1709 (Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-ass ...)
 	NOT-FOR-US: Microsoft Visual InterDev
-CVE-2008-1708
+CVE-2008-1708 (IBM solidDB 06.00.1018 and earlier does not validate a certain field t ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2008-1707
+CVE-2008-1707 (IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2008-1706
+CVE-2008-1706 (Uncontrolled array index in IBM solidDB 06.00.1018 and earlier allows  ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2008-1705
+CVE-2008-1705 (Format string vulnerability in the logging function in IBM solidDB 06. ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2008-1887
+CVE-2008-1887 (Python 2.5.2 and earlier allows context-dependent attackers to execute ...)
 	{DSA-1620-1 DSA-1551-1}
 	- python2.4 2.4.5-2
 	- python2.5 2.5.2-3
-CVE-2008-1877
+CVE-2008-1877 (tss 0.8.1 allows local users to read arbitrary files via the -a parame ...)
 	- tss <removed> (medium; bug #475747; bug #475736)
-CVE-2008-1720
+CVE-2008-1720 (Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xatt ...)
 	{DSA-1545-1}
 	- rsync 3.0.2-1
 	NOTE: Etch is affected (it enables the acl upstream patch)
 	NOTE: http://samba.anu.edu.au/rsync/security.html#s3_0_2
-CVE-2008-1704
+CVE-2008-1704 (Multiple buffer overflows in TIBCO Software Enterprise Message Service ...)
 	NOT-FOR-US: TIBCO
-CVE-2008-1703
+CVE-2008-1703 (Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, a ...)
 	NOT-FOR-US: TIBCO
-CVE-2008-1702
+CVE-2008-1702 (Absolute path traversal vulnerability in dload.php in the my_gallery 2 ...)
 	NOT-FOR-US: my_gallery plugin for e107
-CVE-2008-1701
+CVE-2008-1701 (Novell NetWare 6.5 allows attackers to cause a denial of service (ABEN ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2008-1700
+CVE-2008-1700 (The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite ...)
 	NOT-FOR-US: WorkSite Web
-CVE-2008-1699
+CVE-2008-1699 (SQL injection vulnerability in permalink.php in Desi Quintans Writer's ...)
 	NOT-FOR-US: Desi Quintans Writer's Block CMS
-CVE-2008-1698
+CVE-2008-1698 (Cross-site scripting (XSS) vulnerability in gallery.php in Simple Gall ...)
 	NOT-FOR-US: Simple Gallery
-CVE-2008-1697
+CVE-2008-1697 (Stack-based buffer overflow in ovwparser.dll in HP OpenView Network No ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-1696
+CVE-2008-1696 (Directory traversal vulnerability in makepost.php in DaZPHPNews 0.1-1, ...)
 	NOT-FOR-US: DaZPHPNews
 CVE-2008-1695
 	RESERVED
-CVE-2008-1694
+CVE-2008-1694 (vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local use ...)
 	- emacs21 21.4a+1-5.6 (low; bug #476612)
 	[etch] - emacs21 <no-dsa> (Minor issue)
 	- emacs22 22.2+2-2 (low; bug #476611)
 	- xemacs21 21.4.21-4 (low; bug #476613)
 	[etch] - xemacs21 <no-dsa> (Minor issue)
-CVE-2008-1693
+CVE-2008-1693 (The CairoFont::create function in CairoFontEngine.cc in Poppler, possi ...)
 	{DSA-1606-1 DSA-1548-1}
 	- xpdf 3.02
 	- poppler 0.6.4-1 (bug #476842)
@@ -13184,23 +13184,23 @@ CVE-2008-1693
 	NOTE: a stream or not. Anyone knows a fixed version?
 	- texlive-base <not-affected> (Vulnerable code not present)
 	- swftools <not-affected> (Vulnerable file/code not present)
-CVE-2008-1692
+CVE-2008-1692 (Eterm 0.9.4 opens a terminal window on :0 if -display is not specified ...)
 	- eterm 0.9.4.0debian1-2.1 (unimportant; bug #473127)
-CVE-2008-1691
+CVE-2008-1691 (Unspecified vulnerability in SLMail.exe in SLMail Pro 6.3.1.0 and earl ...)
 	NOT-FOR-US: SLMail Pro
-CVE-2008-1690
+CVE-2008-1690 (WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earli ...)
 	NOT-FOR-US: SLMail Pro
-CVE-2008-1689
+CVE-2008-1689 (Stack consumption vulnerability in WebContainer.exe 1.0.0.336 and earl ...)
 	NOT-FOR-US: SLMail Pro
-CVE-2008-1688
+CVE-2008-1688 (Unspecified vulnerability in GNU m4 before 1.4.11 might allow context- ...)
 	- m4 <unfixed> (unimportant)
 	NOTE: The file name is passed through a cmdline argument and m4 doesn't run with
 	NOTE: elevated privileges.
-CVE-2008-1687
+CVE-2008-1687 (The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1. ...)
 	- m4 <unfixed> (unimportant)
 	NOTE: This is more a generic bug and not a security issue: the random output would
 	NOTE: need to match the name of an existing macro
-CVE-2008-1686
+CVE-2008-1686 (Array index vulnerability in Speex 1.1.12 and earlier, as used in libf ...)
 	{DSA-1586-1 DSA-1585-1 DSA-1584-1 DTSA-127-1 DTSA-128-1 DTSA-129-1}
 	- speex 1.2~beta2-1 (medium)
 	- libfishsound 0.7.0-2.2 (medium; bug #475152)
@@ -13208,360 +13208,360 @@ CVE-2008-1686
 CVE-2008-1685
 	- gcc-4.3 4.3.1-1 (bug #482698; unimportant)
 	NOTE: dup of CVE-2006-1902 which is fixed in Debian?
-CVE-2008-1684
+CVE-2008-1684 (inetd on Sun Solaris 10, when debug logging is enabled, allows local u ...)
 	NOT-FOR-US: Sun Solaris
 CVE-2008-1683
 	REJECTED
-CVE-2008-1682
+CVE-2008-1682 (PHP remote file inclusion vulnerability in quiz/common/db_config.inc.p ...)
 	NOT-FOR-US: com_onlineflashquiz component for Joomla!
-CVE-2008-1681
+CVE-2008-1681 (Unspecified vulnerability in IBM DB2 Content Manager before 8.3 FP8 ha ...)
 	NOT-FOR-US: IBM DB2IBM DB2
-CVE-2008-1680
+CVE-2008-1680 (PHP-Nuke Platinum 7.6.b.5 allows remote attackers to obtain configurat ...)
 	NOT-FOR-US: PHP-Nuke Platinum
-CVE-2008-1679
+CVE-2008-1679 (Multiple integer overflows in imageop.c in Python before 2.5.3 allow c ...)
 	{DSA-1620-1 DSA-1551-1}
 	- python2.4 2.4.5-2
 	- python2.5 2.5.2-3
-CVE-2008-1678
+CVE-2008-1678 (Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c ...)
 	{DTSA-131-1}
 	- apache2 2.2.8-4
 	[etch] - apache2 <not-affected> (only a problem with openssl 0.9.8f or later)
 	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=44975
-CVE-2008-1677
+CVE-2008-1677 (Buffer overflow in the regular expression handler in Red Hat Directory ...)
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2008-1676
+CVE-2008-1676 (Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate Sys ...)
 	NOT-FOR-US: Red Hat Issue
-CVE-2008-1675
+CVE-2008-1675 (The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux k ...)
 	- linux-2.6 2.6.25-2 (low)
 	[etch] - linux-2.6 <not-affected> (Tehuti driver not in 2.6.18)
 	- linux-2.6.24 2.6.24-6~etchnhalf.2
 	NOTE: Fixed in 2.6.24.6 and 2.6.25.1
 CVE-2008-1674
 	REJECTED
-CVE-2008-1673
+CVE-2008-1673 (The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 an ...)
 	{DSA-1592-1}
 	- linux-2.6 2.6.25-5 (bug #485944)
 	- linux-2.6.24 2.6.24-6~etchnhalf.3
-CVE-2008-1672
+CVE-2008-1672 (OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of ...)
 	{DTSA-136-1}
 	- openssl 0.9.8g-10.1 (bug #483379)
 	[etch] - openssl <not-affected> (Vulnerable code (TLS extensions) not present)
-CVE-2008-1671
+CVE-2008-1671 (start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root,  ...)
 	{DSA-1867-1}
 	- kdelibs 4:3.5.9.dfsg.1-4 (low; bug #478024)
 	[etch] - kdelibs <no-dsa> (Minor issue)
-CVE-2008-1670
+CVE-2008-1670 (Heap-based buffer overflow in the progressive PNG Image loader (decode ...)
 	- kdelibs <not-affected> (Vulnerable code introduce in kde 4.0)
 	- kde4libs 4:4.0.72-1 (bug #478283)
-CVE-2008-1669
+CVE-2008-1669 (Linux kernel before 2.6.25.2 does not apply a certain protection mecha ...)
 	{DSA-1575-1}
 	- linux-2.6 2.6.25-2 (low)
 	- linux-2.6.24 2.6.24-6~etchnhalf.2
 	NOTE: 0b2bac2f1ea0d33a3621b27ca68b9ae760fca2e9, fixed in 2.6.24.7 and 2.6.25.2
-CVE-2008-1668
+CVE-2008-1668 (ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns u ...)
 	NOT-FOR-US: wu-ftpd in HP-UX
-CVE-2008-1667
+CVE-2008-1667 (The Probe Builder Service (aka PBOVISServer.exe) in European Performan ...)
 	NOT-FOR-US: Probe Builder 2.2
-CVE-2008-1666
+CVE-2008-1666 (Unspecified vulnerability in HP Oracle for OpenView (OfO) 8.1.7, 9.1.0 ...)
 	NOT-FOR-US: HP Oracle for OpenView
-CVE-2008-1665
+CVE-2008-1665 (Multiple unspecified vulnerabilities in HP Select Identity (HPSI) Acti ...)
 	NOT-FOR-US: HP Select Identity
-CVE-2008-1664
+CVE-2008-1664 (Unspecified vulnerability in libc on HP HP-UX B.11.23 and B.11.31 allo ...)
 	NOT-FOR-US: HP HP-UX
-CVE-2008-1663
+CVE-2008-1663 (Cross-site scripting (XSS) vulnerability in HP System Management Homep ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2008-1662
+CVE-2008-1662 (Unspecified vulnerability in the HP System Administration Manager (SAM ...)
 	NOT-FOR-US: HP System Administration Manager
-CVE-2008-1661
+CVE-2008-1661 (Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Stora ...)
 	NOT-FOR-US: HP StorageWorks
-CVE-2008-1660
+CVE-2008-1660 (Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B. ...)
 	NOT-FOR-US: HP-UX
-CVE-2008-1659
+CVE-2008-1659 (Unspecified vulnerability in HP LDAP-UX vB.04.10 through vB.04.15 allo ...)
 	NOT-FOR-US: HP LDAP-UX
-CVE-2008-1658
+CVE-2008-1658 (Format string vulnerability in the grant helper (polkit-grant-helper.c ...)
 	- policykit-1 0.8-1 (medium; bug #476615; bug #476616)
-CVE-2008-1657
+CVE-2008-1657 (OpenSSH 4.4 up to versions before 4.9 allows remote authenticated user ...)
 	- openssh 1:4.7p1-8 (low; bug #475156)
 	[etch] - openssh <not-affected> (Vulnerable functionality was introduced in 4.4)
-CVE-2008-1656
+CVE-2008-1656 (Adobe ColdFusion 8 and 8.0.1 does not properly implement the public ac ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2008-1655
+CVE-2008-1655 (Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, ...)
 	- flashplugin-nonfree 1:1.4
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 	NOTE: Fix came from Adobe via new Adobe Flash Player, debian package didn't change
-CVE-2008-1654
+CVE-2008-1654 (Interaction error between Adobe Flash and multiple Universal Plug and  ...)
 	- flashplugin-nonfree 1:1.4
 	[etch] - flashplugin-nonfree <no-dsa> (Contrib not supported)
-CVE-2008-1653
+CVE-2008-1653 (Directory traversal vulnerability in index.php in Sava's Link Manager  ...)
 	NOT-FOR-US: Sava's Link Manager
-CVE-2008-1652
+CVE-2008-1652 (Directory traversal vulnerability in the _serve_request_multiple funct ...)
 	- perlbal <not-affected> (Fixed before initial upload to archive)
-CVE-2008-1651
+CVE-2008-1651 (Directory traversal vulnerability in admin/login.php in EasyNews 4.0 a ...)
 	NOT-FOR-US: EasyNews
-CVE-2008-1650
+CVE-2008-1650 (SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0  ...)
 	NOT-FOR-US: EasyNews
-CVE-2008-1649
+CVE-2008-1649 (Cross-site scripting (XSS) vulnerability in staticpages/easypublish/in ...)
 	NOT-FOR-US: EasyNews
-CVE-2008-1648
+CVE-2008-1648 (Sympa before 5.4 allows remote attackers to cause a denial of service  ...)
 	{DSA-1600-1}
 	- sympa 5.3.4-4 (medium; bug #475163)
-CVE-2008-1647
+CVE-2008-1647 (The ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 Act ...)
 	NOT-FOR-US: ChilkatHttp
-CVE-2008-1646
+CVE-2008-1646 (SQL injection vulnerability in wp-download.php in the WP-Download 1.2  ...)
 	NOT-FOR-US: WP-Download plugin for WordPress
-CVE-2008-1645
+CVE-2008-1645 (Directory traversal vulnerability in body.php in phpSpamManager (phpSM ...)
 	NOT-FOR-US: phpSpamManager
-CVE-2008-1644
+CVE-2008-1644 (SQL injection vulnerability in viewlinks.php in Sava's Link Manager 2. ...)
 	NOT-FOR-US: Sava's Link Manager
-CVE-2008-1643
+CVE-2008-1643 (Directory traversal vulnerability in the PXE TFTP Service (PXEMTFTP.ex ...)
 	NOT-FOR-US: LANDesk Management Suite
-CVE-2008-1642
+CVE-2008-1642 (Directory traversal vulnerability in index.php in Sava's GuestBook 2.0 ...)
 	NOT-FOR-US: Sava's GuestBook
-CVE-2008-1641
+CVE-2008-1641 (SQL injection vulnerability in default.asp in EfesTECH Video 5.0 allow ...)
 	NOT-FOR-US: EfesTECH Video
-CVE-2008-1640
+CVE-2008-1640 (SQL injection vulnerability in jgs_treffen.php in the JGS-XA JGS-Treff ...)
 	NOT-FOR-US: JGS-Treffen
-CVE-2008-1639
+CVE-2008-1639 (SQL injection vulnerability in index.php in Neat weblog 0.2 allows rem ...)
 	NOT-FOR-US: Neat weblog
-CVE-2008-1638
+CVE-2008-1638 (Nik Sharpener Pro, possibly 2.0, uses world-writable permissions for p ...)
 	NOT-FOR-US: Nik Sharpener Pro
-CVE-2008-1637
+CVE-2008-1637 (PowerDNS Recursor before 3.1.5 uses insufficient randomness to calcula ...)
 	{DSA-1544-2 DSA-1544-1}
 	- pdns-recursor 3.1.7-1
 	NOTE: Fix in 3.1.5 was incomplete, see CVE-2008-3217
-CVE-2008-1636
+CVE-2008-1636 (Cross-site scripting (XSS) vulnerability in index.php in JV2 Quick Gal ...)
 	NOT-FOR-US: JV2 Quick Gallery
-CVE-2008-1635
+CVE-2008-1635 (Directory traversal vulnerability in view_private.php in Keep It Simpl ...)
 	NOT-FOR-US: Keep It Simple Guest Book
-CVE-2008-1634
+CVE-2008-1634 (Cross-site scripting (XSS) vulnerability in index.php in JV2 Folder Ga ...)
 	NOT-FOR-US: JV2 Folder Gallery
-CVE-2008-1633
+CVE-2008-1633 (Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown imp ...)
 	- mondo 1:2.2.7-1 (bug #475221)
-CVE-2008-1632
+CVE-2008-1632 (Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow remote ...)
 	- cuteflow <itp> (bug #465372)
-CVE-2008-1631
+CVE-2008-1631 (SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0  ...)
 	- cuteflow <itp> (bug #465372)
-CVE-2008-1630
+CVE-2008-1630 (Multiple cross-site scripting (XSS) vulnerabilities in CuteFlow 1.5.0  ...)
 	- cuteflow <itp> (bug #465372)
-CVE-2008-1629
+CVE-2008-1629 (Cross-site scripting (XSS) vulnerability in PHPkrm before 1.5.0 allows ...)
 	NOT-FOR-US: PHPkrm
-CVE-2008-1628
+CVE-2008-1628 (Stack-based buffer overflow in the audit_log_user_command function in  ...)
 	{DTSA-123-1}
 	- audit 1.5.3-2.1 (medium; bug #475227)
 	NOTE: auditd runs as root
-CVE-2008-1627
+CVE-2008-1627 (CDS Invenio 0.92.1 and earlier allows remote authenticated users to de ...)
 	NOT-FOR-US: CDS Invenio
-CVE-2008-1626
+CVE-2008-1626 (SQL injection vulnerability in eggBlog before 4.0.1 allows remote atta ...)
 	NOT-FOR-US: eggBlog
-CVE-2008-1625
+CVE-2008-1625 (aavmker4.sys in avast! Home and Professional 4.7 for Windows does not  ...)
 	NOT-FOR-US: avast! Home and Professional
-CVE-2008-1624
+CVE-2008-1624 (Directory traversal vulnerability in v2demo/page.php in Jshop Server 1 ...)
 	NOT-FOR-US: Jshop Server
-CVE-2008-1623
+CVE-2008-1623 (SQL injection vulnerability in admin_view_image.php in Smoothflash all ...)
 	NOT-FOR-US: Smoothflash
-CVE-2008-1622
+CVE-2008-1622 (Multiple PHP remote file inclusion vulnerabilities in GeeCarts allow r ...)
 	NOT-FOR-US: GeeCarts
-CVE-2008-1621
+CVE-2008-1621 (Multiple cross-site scripting (XSS) vulnerabilities in GeeCarts allow  ...)
 	NOT-FOR-US: GeeCarts
-CVE-2008-1620
+CVE-2008-1620 (Directory traversal vulnerability in 2X TFTP service (TFTPd.exe) 3.2.0 ...)
 	NOT-FOR-US: ThinClientServer
-CVE-2008-1619
+CVE-2008-1619 (The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers  ...)
 	- xen-3 <not-affected> (Debian Xen does not support ia64)
 	- xen-unstable <not-affected> (Debian Xen does not support ia64)
 	- xen-3.0 <not-affected> (Debian Xen does not support ia64)
-CVE-2008-1618
+CVE-2008-1618 (The PPTP VPN service in Watchguard Firebox before 10, when performing  ...)
 	NOT-FOR-US: Watchguard Firebox
-CVE-2008-1617
+CVE-2008-1617 (Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile. ...)
 	NOT-FOR-US: WorkSite Web
 CVE-2008-1616
 	RESERVED
-CVE-2008-1615
+CVE-2008-1615 (Linux kernel 2.6.18, and possibly other versions, when running on AMD6 ...)
 	{DSA-1588-1}
 	- linux-2.6 2.6.25-1 (medium; bug #480390)
 	- linux-2.6.24 2.6.24-6~etchnhalf.3
-CVE-2008-1614
+CVE-2008-1614 (suPHP before 0.6.3 allows local users to gain privileges via (1) a rac ...)
 	{DSA-1550-1 DTSA-124-1}
 	- suphp 0.6.2-2.1 (low; bug #475431)
-CVE-2008-1613
+CVE-2008-1613 (SQL injection vulnerability in ioRD.asp in RedDot CMS 7.5 Build 7.5.0. ...)
 	NOT-FOR-US: RedDot CMS
-CVE-2008-1612
+CVE-2008-1612 (The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows at ...)
 	{DSA-1646-2}
 	- squid 2.6.18-1 (medium)
-CVE-2008-1611
+CVE-2008-1611 (Stack-based buffer overflow in TFTP Server SP 1.4 for Windows allows r ...)
 	NOT-FOR-US: TFTP Server for Windows
-CVE-2008-1610
+CVE-2008-1610 (Stack-based buffer overflow in TallSoft Quick TFTP Server Pro 2.1 allo ...)
 	NOT-FOR-US: TFTP Server Pro
-CVE-2008-1609
+CVE-2008-1609 (Multiple PHP remote file inclusion vulnerabilities in just another fla ...)
 	NOT-FOR-US: JAF CMS
-CVE-2008-1608
+CVE-2008-1608 (SQL injection vulnerability in postview.php in Clever Copy 3.0 allows  ...)
 	NOT-FOR-US: Clever Copy
-CVE-2008-1607
+CVE-2008-1607 (SQL injection vulnerability in haberoku.php in Serbay Arslanhan Bomba  ...)
 	NOT-FOR-US: Serbay Arslanhan Bomba Haber
-CVE-2008-1606
+CVE-2008-1606 (Multiple directory traversal vulnerabilities in Elastic Path (EP) 4.1  ...)
 	NOT-FOR-US: Elastic Path
-CVE-2008-1605
+CVE-2008-1605 (The (1) ltmmCaptureCtrl Class, (2) ltmmConvertCtrl Class, and (3) ltmm ...)
 	NOT-FOR-US: LEADTOOLS
-CVE-2008-1604
+CVE-2008-1604 (Cross-site scripting (XSS) vulnerability in PerlMailer before 3.02 all ...)
 	NOT-FOR-US: PerlMailer
-CVE-2008-1603
+CVE-2008-1603 (Cross-site scripting (XSS) vulnerability in GNB DesignForm before 3.9  ...)
 	NOT-FOR-US: GNB DesignForm
-CVE-2008-1602
+CVE-2008-1602 (Stack-based buffer overflow in Orbit downloader 2.6.3 and 2.6.4 allows ...)
 	NOT-FOR-US: Orbit downloader
-CVE-2008-1601
+CVE-2008-1601 (Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and 5 ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-1600
+CVE-2008-1600 (The lsmcode program on IBM AIX 5.2, 5.3, and 6.1 does not properly han ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-1599
+CVE-2008-1599 (The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly hand ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-1598
+CVE-2008-1598 (The kernel in IBM AIX 6.1 allows local users with ProbeVue privileges  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-1597
+CVE-2008-1597 (The WPAR system call implementation in the kernel in IBM AIX 6.1 allow ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-1596
+CVE-2008-1596 (Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument i ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-1595
+CVE-2008-1595 (The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not prop ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-1594
+CVE-2008-1594 (The kernel in IBM AIX 5.2 and 5.3 does not properly handle resizing JF ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-1593
+CVE-2008-1593 (The checkpoint and restart feature in the kernel in IBM AIX 5.2, 5.3,  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-1592
+CVE-2008-1592 (MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop a ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2008-1591
+CVE-2008-1591 (The pnVarPrepForStore function in PostNuke 0.764 and earlier skips inp ...)
 	NOT-FOR-US: PostNuke
-CVE-2008-1590
+CVE-2008-1590 (JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch bef ...)
 	NOT-FOR-US: iPhone
-CVE-2008-1589
+CVE-2008-1589 (Safari on Apple iPhone before 2.0 and iPod touch before 2.0 misinterpr ...)
 	NOT-FOR-US: iPhone
-CVE-2008-1588
+CVE-2008-1588 (Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows rem ...)
 	- webkit <not-affected> (mac-specific issue)
 	NOTE: http://trac.webkit.org/changeset/23963
 	NOTE: as of 1.1.21, all mac-specific code is no longer even present
 CVE-2008-1587
 	RESERVED
-CVE-2008-1586
+CVE-2008-1586 (ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touc ...)
 	NOT-FOR-US: Apple ImageIO
-CVE-2008-1585
+CVE-2008-1585 (Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler handle ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1584
+CVE-2008-1584 (Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1583
+CVE-2008-1583 (Heap-based buffer overflow in Apple QuickTime before 7.5 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1582
+CVE-2008-1582 (Unspecified vulnerability in Apple QuickTime before 7.5 allows remote  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1581
+CVE-2008-1581 (Heap-based buffer overflow in Apple QuickTime before 7.5 on Windows al ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1580
+CVE-2008-1580 (CFNetwork in Safari in Apple Mac OS X before 10.5.3 automatically send ...)
 	NOT-FOR-US: CFNetwork Safari Apple Mac OS
-CVE-2008-1579
+CVE-2008-1579 (Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attacke ...)
 	NOT-FOR-US: Wiki Server Apple Mac OS
-CVE-2008-1578
+CVE-2008-1578 (The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1577
+CVE-2008-1577 (Unspecified vulnerability in the Pixlet codec in Apple Pixlet Video in ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1576
+CVE-2008-1576 (Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used,  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1575
+CVE-2008-1575 (Unspecified vulnerability in the Apple Type Services (ATS) server in A ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1574
+CVE-2008-1574 (Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows rem ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1573
+CVE-2008-1573 (The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X bef ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1572
+CVE-2008-1572 (Image Capture in Apple Mac OS X before 10.5 does not properly use temp ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1571
+CVE-2008-1571 (Directory traversal vulnerability in the embedded web server in Image  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-1566
+CVE-2008-1566 (Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine  ...)
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2008-1565
+CVE-2008-1565 (Directory traversal vulnerability in forum/irc/irc.php in the PJIRC 0. ...)
 	NOT-FOR-US: PJIRC module for phpBB
-CVE-2008-1564
+CVE-2008-1564 (Directory traversal vulnerability in Dan Costin File Transfer before 1 ...)
 	NOT-FOR-US: Dan Costin File Transfer
-CVE-2008-1563
+CVE-2008-1563 (The "decode as" feature in packet-bssap.c in the SCCP dissector in Wir ...)
 	- wireshark 1.0.0-1 (low)
 	[etch] - wireshark <not-affected> (Only 0.99.6 to 0.99.8 are affected)
-CVE-2008-1562
+CVE-2008-1562 (The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.9 ...)
 	- wireshark <not-affected> (Only Windows builds are affected according to #1613)
-CVE-2008-1561
+CVE-2008-1561 (Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal)  ...)
 	- wireshark 1.0.0-1 (low)
 	[etch] - wireshark <not-affected> (Only 0.99.5 to 0.99.8 are affected)
-CVE-2008-1560
+CVE-2008-1560 (Multiple cross-site scripting (XSS) vulnerabilities in Digiappz DigiDo ...)
 	NOT-FOR-US: Digiappz DigiDomain
-CVE-2008-1559
+CVE-2008-1559 (SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alp ...)
 	NOT-FOR-US: com_alphacontent component for Joomla!
-CVE-2008-1558
+CVE-2008-1558 (Uncontrolled array index in the sdpplin_parse function in stream/realr ...)
 	{DSA-1552-1 DTSA-121-1}
 	- mplayer 1.0~rc2-10 (medium; bug #473056)
-CVE-2008-1557
+CVE-2008-1557 (BolinOS 4.6.1 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: BolinOS
-CVE-2008-1556
+CVE-2008-1556 (Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 a ...)
 	NOT-FOR-US: BolinOS
-CVE-2008-1555
+CVE-2008-1555 (Directory traversal vulnerability in system/_b/contentFiles/gbincluder ...)
 	NOT-FOR-US: BolinOS
-CVE-2008-1554
+CVE-2008-1554 (SQL injection vulnerability in account/index.php in TopperMod 2.0, whe ...)
 	NOT-FOR-US: TopperMod
-CVE-2008-1553
+CVE-2008-1553 (Directory traversal vulnerability in mod.php in TopperMod 1.0 allows r ...)
 	NOT-FOR-US: TopperMod
-CVE-2008-1552
+CVE-2008-1552 (The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c)  ...)
 	- silc-toolkit 1.1.7-1 (low)
 	- silc-client <not-affected> (links against libsilc)
 	NOTE: this can't result code execution but only in a crash as data_len - i always results
 	NOTE: in -1 and malloc will never succeed and thus not reaching any free
-CVE-2008-1551
+CVE-2008-1551 (SQL injection vulnerability in viewcat.php in the Photo 3.02 module fo ...)
 	NOT-FOR-US: RunCMS
-CVE-2008-1550
+CVE-2008-1550 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Cu ...)
 	NOT-FOR-US: CubeCart
-CVE-2008-1549
+CVE-2008-1549 (Multiple SQL injection vulnerabilities in Aeries Browser Interface (AB ...)
 	NOT-FOR-US: Eagle Software Aries Student Information System
-CVE-2008-1548
+CVE-2008-1548 (Multiple cross-site scripting (XSS) vulnerabilities in Aeries Browser  ...)
 	NOT-FOR-US: Eagle Software Aries Student Information System
-CVE-2008-1547
+CVE-2008-1547 (Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outl ...)
 	NOT-FOR-US: Outlook
-CVE-2008-1546
+CVE-2008-1546 (servlet/MIMEReceiveServlet in the web controller for Mitsubishi Electr ...)
 	NOT-FOR-US: Mitsubishi Electric GB-50 and GB-50A air-conditioning control systems
-CVE-2008-1545
+CVE-2008-1545 (The setRequestHeader method of the XMLHttpRequest object in Microsoft  ...)
 	NOT-FOR-US: Microsoft IE7
-CVE-2008-1544
+CVE-2008-1544 (The setRequestHeader method of the XMLHttpRequest object in Microsoft  ...)
 	NOT-FOR-US: Microsoft IE7
-CVE-2008-1543
+CVE-2008-1543 (The Advanced User Interface Pages in the ProST Web Management componen ...)
 	NOT-FOR-US: Airspan WiMAX ProST
-CVE-2008-1542
+CVE-2008-1542 (Airspan Base Station Distribution Unit (BSDU) has "topsecret" as its p ...)
 	NOT-FOR-US: BSDU
-CVE-2008-1541
+CVE-2008-1541 (Directory traversal vulnerability in cgi-bin/his-webshop.pl in HIS Web ...)
 	NOT-FOR-US: HIS Webshop
-CVE-2008-1540
+CVE-2008-1540 (SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3 ...)
 	NOT-FOR-US: com_datsogallery module for Joomla!
-CVE-2008-1539
+CVE-2008-1539 (SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke ...)
 	NOT-FOR-US: PHP-Nuke Platinum
-CVE-2008-1538
+CVE-2008-1538 (Cross-site scripting (XSS) vulnerability in searchAction.do in ManageE ...)
 	NOT-FOR-US: ManageEngine EventLog Analyzer
-CVE-2008-1537
+CVE-2008-1537 (Directory traversal vulnerability in pb_inc/admincenter/index.php in P ...)
 	NOT-FOR-US: PowerScripts PowerBook
-CVE-2008-1536
+CVE-2008-1536 (Cross-site scripting (XSS) vulnerability in index.php in Pictures Pro  ...)
 	NOT-FOR-US: Photo Cart
-CVE-2008-1535
+CVE-2008-1535 (SQL injection vulnerability in the Matti Kiviharju rekry (aka com_rekr ...)
 	NOT-FOR-US: com_rekry component for Joomla!
-CVE-2008-1534
+CVE-2008-1534 (Multiple directory traversal vulnerabilities in PowerPHPBoard 1.00b al ...)
 	NOT-FOR-US: PowerPHPBoard
-CVE-2008-1533
+CVE-2008-1533 (Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! ...)
 	NOT-FOR-US: Joomla!
-CVE-2008-1532
+CVE-2008-1532 (Perlbal before 1.70, when buffered upload is enabled, allows remote at ...)
 	- perlbal <not-affected> (Fixed before initial upload to archive)
-CVE-2008-1531
+CVE-2008-1531 (The connection_state_machine function (connections.c) in lighttpd 1.4. ...)
 	{DSA-1540-1}
 	- lighttpd 1.4.19-2 (low; bug #475438)
-CVE-2008-1570
+CVE-2008-1570 (Race condition in the create_lockpath function in policyd-weight 0.1.1 ...)
 	{DSA-1531-2}
 	- policyd-weight 0.1.14.17-1 (low)
 	NOTE: http://www.mail-archive.com/policyd-weight-list%40ek-muc.de/msg00798.html
-CVE-2008-1569
+CVE-2008-1569 (policyd-weight 0.1.14 beta-16 and earlier allows local users to modify ...)
 	{DSA-1531-2}
 	- policyd-weight 0.1.14.17-1 (low)
-CVE-2008-1568
+CVE-2008-1568 (comix 3.6.4 allows attackers to execute arbitrary commands via a filen ...)
 	- comix 3.6.4-1.1 (low; bug #462840)
 	[etch] - comix <no-dsa> (Minor issue)
 	NOTE: comix can't be used in a non-interactive setup thus the impact level
-CVE-2008-1567
+CVE-2008-1567 (phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) passw ...)
 	{DSA-1557-1}
 	- phpmyadmin 2.11.5.1
 	NOTE: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-2
@@ -13569,7 +13569,7 @@ CVE-2008-1567
 	NOTE: session files on a shared host. This limitation is documented with
 	NOTE: PHP, warned against and not a specific vulnerability in phpMyAdmin.
 	NOTE: I hence consider it a security enhancement/feature, not a vulnerability.
-CVE-2008-1530
+CVE-2008-1530 (GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial  ...)
 	- gnupg <not-affected> (Only 1.4.8 is affected)
 	NOTE: The next upload was 1.4.9-1, so no vulnerable version was ever in the
 	NOTE: archive
@@ -13578,182 +13578,182 @@ CVE-2008-1530
 	- gnupg2 2.0.9-1 (bug #472928)
 	[etch] - gnupg2 <not-affected> (Only 2.0.8 is affected)
 	[sarge] - gnupg2 <not-affected> (Only 2.0.8 is affected)
-CVE-2008-1529
+CVE-2008-1529 (ZyXEL Prestige routers have a minimum password length for the admin ac ...)
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1528
+CVE-2008-1528 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with  ...)
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1527
+CVE-2008-1527 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with  ...)
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1526
+CVE-2008-1526 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with  ...)
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1525
+CVE-2008-1525 (The default SNMP configuration on ZyXEL Prestige routers, including P- ...)
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1524
+CVE-2008-1524 (The SNMP service on ZyXEL Prestige routers, including P-660 and P-661  ...)
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1523
+CVE-2008-1523 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with  ...)
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1522
+CVE-2008-1522 (ZyXEL Prestige routers, including P-660 and P-661 models with firmware ...)
 	NOT-FOR-US: ZyXEL Prestige router firmware
-CVE-2008-1521
+CVE-2008-1521 (ZyXEL Prestige routers, including P-660 and P-661 models with firmware ...)
 	NOT-FOR-US: ZyXEL Prestige router firmware
 CVE-2008-1520
 	RESERVED
 CVE-2008-1519
 	RESERVED
-CVE-2008-1518
+CVE-2008-1518 (Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2008-1517
+CVE-2008-1517 (Array index error in the xnu (Mach) kernel in Apple Mac OS X 10.5 befo ...)
 	NOT-FOR-US: Apple Mac OS X xnu Kernel
 CVE-2008-1516
 	RESERVED
-CVE-2008-1515
+CVE-2008-1515 (The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 a ...)
 	- otrs2 2.2.5-2
 	[etch] - otrs2 <not-affected> (Vulnerable code not present)
 	[etch] - otrs <not-affected> (Vulnerable code not present)
 	[sarge] - otrs <not-affected> (Vulnerable code not present)
 	NOTE: http://packages.qa.debian.org/o/otrs2/news/20080320T211729Z.html
-CVE-2008-1514
+CVE-2008-1514 (arch/s390/kernel/ptrace.c in Linux kernel 2.6.9, and other versions be ...)
 	{DSA-1655-1 DSA-1653-1}
 	- linux-2.6 2.6.26-8
 	NOTE: s390 specific issue, counterpart for x86 not reproducible with 2.6.24 here
-CVE-2008-1513
+CVE-2008-1513 (SQL injection vulnerability in index.php in Danneo CMS 0.5.1 and earli ...)
 	NOT-FOR-US: Danneo CMS
-CVE-2008-1512
+CVE-2008-1512 (Directory traversal vulnerability in admin/admin_xs.php in eXtreme Sty ...)
 	NOT-FOR-US: XS module for phpBB
-CVE-2008-1511
+CVE-2008-1511 (Multiple PHP remote file inclusion vulnerabilities in ooComments 1.0 a ...)
 	NOT-FOR-US: ooComments
-CVE-2008-1510
+CVE-2008-1510 (Cross-site scripting (XSS) vulnerability in system/workplace/admin/acc ...)
 	NOT-FOR-US: Alkacon OpenCMS
-CVE-2008-1509
+CVE-2008-1509 (SQL injection vulnerability in index.php in XLPortal 2.2.4 and earlier ...)
 	NOT-FOR-US: XLPortal
-CVE-2008-1508
+CVE-2008-1508 (SQL injection vulnerability in EfesTech E-Kont&#246;r and earlier allo ...)
 	NOT-FOR-US: EfesTech E-Kontoer
-CVE-2008-1507
+CVE-2008-1507 (PEEL, possibly 3.x and earlier, has (1) a default info@peel.fr account ...)
 	NOT-FOR-US: Peel
-CVE-2008-1506
+CVE-2008-1506 (PEEL, possibly 3.x and earlier, allows remote attackers to obtain conf ...)
 	NOT-FOR-US: Peel
-CVE-2008-1505
+CVE-2008-1505 (PHP remote file inclusion vulnerability in the SSTREAMTV custompages ( ...)
 	NOT-FOR-US: com_custompages component for Joomla!
-CVE-2008-1504
+CVE-2008-1504 (Cross-site scripting (XSS) vulnerability in setup.php3 in phpHeaven ph ...)
 	NOT-FOR-US: phpMyChat
-CVE-2008-1503
+CVE-2008-1503 (Cross-site scripting (XSS) vulnerability in the web management interfa ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2008-1501
+CVE-2008-1501 (The send_user_mode function in s_user.c in (1) Undernet ircu 2.10.12.1 ...)
 	- ircd-ircu <not-affected> (Vulnerable code not present)
 	NOTE: vulnerable code introduced later than 2.0.12.10, see: http://hg.quakenet.org/snircd/rev/1ee48bee2f20
 	NOTE: no other possible NULL ptr dereferences of p found and PoC not reproducible
-CVE-2008-1500
+CVE-2008-1500 (Cross-site scripting (XSS) vulnerability in index.php in TinyPortal 0. ...)
 	NOT-FOR-US: TinyPortal
-CVE-2008-1499
+CVE-2008-1499 (Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in ...)
 	NOT-FOR-US: cPanel
-CVE-2008-1498
+CVE-2008-1498 (Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3. ...)
 	NOT-FOR-US: Surgemail
-CVE-2008-1497
+CVE-2008-1497 (Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38 ...)
 	NOT-FOR-US: Surgemail
-CVE-2008-1496
+CVE-2008-1496 (Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and earli ...)
 	NOT-FOR-US: PEEL
-CVE-2008-1495
+CVE-2008-1495 (Unrestricted file upload vulnerability in administrer/produits.php in  ...)
 	NOT-FOR-US: PEEL
-CVE-2008-1494
+CVE-2008-1494 (SQL injection vulnerability in inc/module/online.php in Easy-Clanpage  ...)
 	NOT-FOR-US: Easy-Clanpage
-CVE-2008-1493
+CVE-2008-1493 (Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 a ...)
 	- cuteflow <itp> (bug #465372)
-CVE-2008-1492
+CVE-2008-1492 (Multiple directory traversal vulnerabilities in CoronaMatrix phpAddres ...)
 	NOT-FOR-US: CoronaMatrix
-CVE-2008-1491
+CVE-2008-1491 (Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in  ...)
 	NOT-FOR-US: ASUS Remote Console
-CVE-2008-1490
+CVE-2008-1490 (Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4 ...)
 	NOT-FOR-US: ImageUploader4
-CVE-2008-1489
+CVE-2008-1489 (Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC  ...)
 	{DSA-1543-1 DTSA-119-1}
 	- vlc 0.8.6.e-1.1 (medium; bug #472635)
-CVE-2008-1488
+CVE-2008-1488 (Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3. ...)
 	- php-apc <not-affected> (Fixed before initial upload)
-CVE-2008-1487
+CVE-2008-1487 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1 ...)
 	NOT-FOR-US: LinPHA
-CVE-2008-1486
+CVE-2008-1486 (SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft  ...)
 	NOT-FOR-US: Phorum
-CVE-2008-1485
+CVE-2008-1485 (Cross-site scripting (XSS) vulnerability in PunBB 1.2.16 and earlier a ...)
 	NOT-FOR-US: PunBB
-CVE-2008-1484
+CVE-2008-1484 (The password reset feature in PunBB 1.2.16 and earlier uses predictabl ...)
 	NOT-FOR-US: PunBB
-CVE-2008-1483
+CVE-2008-1483 (OpenSSH 4.3p2, and probably other versions, allows local users to hija ...)
 	{DSA-1576-1}
 	- openssh 1:4.7p1-5 (bug #463011)
-CVE-2008-1482
+CVE-2008-1482 (Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote ...)
 	{DSA-1586-1 DTSA-120-1}
 	- xine-lib 1.1.11.1-1 (medium; bug #472639)
-CVE-2008-1481
+CVE-2008-1481 (Cross-site scripting (XSS) vulnerability in index.php in webSPELL 4.1. ...)
 	NOT-FOR-US: webSPELL
-CVE-2008-1480
+CVE-2008-1480 (rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1479
+CVE-2008-1479 (Cross-site scripting (XSS) vulnerability in index.php in cyberfrogs.ne ...)
 	NOT-FOR-US: cfnetgs
-CVE-2008-1478
+CVE-2008-1478 (Home FTP Server 1.4.5.89 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Home FTP Server
-CVE-2008-1477
+CVE-2008-1477 (Multiple cross-site scripting (XSS) vulnerabilities in busca.php in eF ...)
 	NOT-FOR-US: eForum
-CVE-2008-1475
+CVE-2008-1475 (The xml-rpc server in Roundup 1.4.4 does not check property permission ...)
 	- roundup 1.4.4-1.1 (medium; bug #484728)
 	[etch] - roundup <not-affected> (xml-rpc code introduced in 1.4.0)
-CVE-2008-1474
+CVE-2008-1474 (Multiple unspecified vulnerabilities in Roundup before 1.4.4 have unkn ...)
 	{DSA-1554-1}
 	- roundup 1.3.3-3.1 (low; bug #472643)
-CVE-2008-1473
+CVE-2008-1473 (The Altiris Client Service (AClient.exe) in Symantec Altiris Deploymen ...)
 	NOT-FOR-US: Symantec Altiris
-CVE-2008-1472
+CVE-2008-1472 (Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl. ...)
 	NOT-FOR-US: ARCserve Backup
-CVE-2008-1471
+CVE-2008-1471 (The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ F ...)
 	NOT-FOR-US: Panda Internet Security/Antivirus+ Firewall
-CVE-2008-1470
+CVE-2008-1470 (Incomplete blacklist vulnerability in IISWebAgentIF.dll in the WebID R ...)
 	NOT-FOR-US: WebID RSA Authentication Agent
-CVE-2008-1469
+CVE-2008-1469 (Gallarific Free Edition 1.1 does not require authentication for (1) ph ...)
 	NOT-FOR-US: Gallarific
-CVE-2008-1468
+CVE-2008-1468 (Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu befor ...)
 	- namazu2 2.0.18-0.1 (low; bug #472644)
 CVE-2008-1467
 	- centerim 4.22.3-1 (unimportant; bug #472649)
 	NOTE: the victim needs to list the URLs in the message with F2 and press enter on it
 	NOTE: the victim can see the complete URL including the commands however so the impact is really low
-CVE-2008-1466
+CVE-2008-1466 (Multiple PHP remote file inclusion vulnerabilities in W-Agora 4.0 allo ...)
 	NOT-FOR-US: W-Agora
-CVE-2008-1465
+CVE-2008-1465 (SQL injection vulnerability in the Detodas Restaurante (com_restaurant ...)
 	NOT-FOR-US: com_restaurante component for Mambo and Joomla!
-CVE-2008-1464
+CVE-2008-1464 (Multiple SQL injection vulnerabilities in Gallarific Free Edition 1.1  ...)
 	NOT-FOR-US: Gallarific
-CVE-2008-1463
+CVE-2008-1463 (Cross-site scripting (XSS) vulnerability in the management GUI in Impe ...)
 	NOT-FOR-US: Imperva SecureSphere MX Management Server
-CVE-2008-1462
+CVE-2008-1462 (SQL injection vulnerability in the sections (Section) module in RunCMS ...)
 	NOT-FOR-US: RunCMS
-CVE-2008-1461
+CVE-2008-1461 (Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers ...)
 	NOT-FOR-US: XnView
-CVE-2008-1460
+CVE-2008-1460 (SQL injection vulnerability in the Joovideo (com_joovideo) 1.0 and 1.2 ...)
 	NOT-FOR-US: com_joovideo component for Mambo and Joomla!
-CVE-2008-1459
+CVE-2008-1459 (SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and e ...)
 	NOT-FOR-US: com_alberghi component for Mambo and Joomla!
-CVE-2008-1458
+CVE-2008-1458 (Cross-site scripting (XSS) vulnerability in index.php in CS-Cart 1.3.2 ...)
 	NOT-FOR-US: CS-Cart
-CVE-2008-1457
+CVE-2008-1457 (The Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server ...)
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2008-1456
+CVE-2008-1456 (Array index vulnerability in the Event System in Microsoft Windows 200 ...)
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2008-1455
+CVE-2008-1455 (A "memory calculation error" in Microsoft Office PowerPoint 2000 SP3,  ...)
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2008-1454
+CVE-2008-1454 (Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server ...)
 	NOT-FOR-US: Windows issue
-CVE-2008-1453
+CVE-2008-1453 (The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gol ...)
 	NOT-FOR-US: Windows Xp
 CVE-2008-1452
 	REJECTED
-CVE-2008-1451
+CVE-2008-1451 (The WINS service on Microsoft Windows 2000 SP4, and Server 2003 SP1 an ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-1450
 	REJECTED
 CVE-2008-1449
 	REJECTED
-CVE-2008-1448
+CVE-2008-1448 (The MHTML protocol handler in a component of Microsoft Outlook Express ...)
 	NOT-FOR-US: Microsoft Outlook Express
-CVE-2008-1447
+CVE-2008-1447 (The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1,  ...)
 	{DSA-1605-1 DSA-1604-1 DSA-1623-1 DSA-1619-1 DSA-1617-1 DSA-1603-1 DTSA-147-1}
 	- bind9 1:9.5.0.dfsg-5 (high)
 	NOTE: glibc stub resolver relies on source port randomisation in kernel
@@ -13777,53 +13777,53 @@ CVE-2008-1447
 	NOTE: already use source port randomization.
 	NOTE: Marking non-caching stub resolvers as low since these really should be fixed,
 	NOTE: but are much less vulnerable than a caching server.
-CVE-2008-1446
+CVE-2008-1446 (Integer overflow in the Internet Printing Protocol (IPP) ISAPI extensi ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-1445
+CVE-2008-1445 (Active Directory on Microsoft Windows 2000 Server SP4, XP Professional ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-1444
+CVE-2008-1444 (Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Window ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-1443
 	REJECTED
-CVE-2008-1442
+CVE-2008-1442 (Heap-based buffer overflow in the substringData method in Microsoft In ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-1441
+CVE-2008-1441 (Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-1440
+CVE-2008-1440 (Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does no ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-1439
 	REJECTED
-CVE-2008-1438
+CVE-2008-1438 (Unspecified vulnerability in Microsoft Malware Protection Engine (mpen ...)
 	NOT-FOR-US: Microsoft Malware Protection Engine
-CVE-2008-1437
+CVE-2008-1437 (Unspecified vulnerability in Microsoft Malware Protection Engine (mpen ...)
 	NOT-FOR-US: Microsoft Malware Protection Engine
-CVE-2008-1436
+CVE-2008-1436 (Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 ...)
 	NOT-FOR-US: Windows
-CVE-2008-1435
+CVE-2008-1435 (Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008 ...)
 	NOT-FOR-US: Windows issue
-CVE-2008-1434
+CVE-2008-1434 (Use-after-free vulnerability in Microsoft Word in Office 2000 and XP S ...)
 	NOT-FOR-US: Microsoft Word
 CVE-2008-1433
 	REJECTED
-CVE-2008-1432
+CVE-2008-1432 (Cross-site scripting (XSS) vulnerability in SolutionSearch.do in Manag ...)
 	NOT-FOR-US: ManageEngine SupportCenter Plus
-CVE-2008-1431
+CVE-2008-1431 (RaidSonic NAS-4220-B with 2.6.0-n(2007-10-11) firmware stores a partit ...)
 	NOT-FOR-US: RaidSonic NAS-4220-B firmware
-CVE-2008-1430
+CVE-2008-1430 (SQL injection vulnerability in links.asp in ASPapp allows remote attac ...)
 	NOT-FOR-US: ASPapp
-CVE-2008-1429
+CVE-2008-1429 (Secure Internet Live Conferencing (SILC) Server before 1.1.1 allows re ...)
 	- silc-server 1.1.1-1 (medium)
-CVE-2008-1428
+CVE-2008-1428 (Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart 5. ...)
 	NOT-FOR-US: Ubercart
-CVE-2008-1427
+CVE-2008-1427 (SQL injection vulnerability in the Joobi Acajoom (com_acajoom) 1.1.5 a ...)
 	NOT-FOR-US: com_acajoom component for Joomla!
-CVE-2008-1426
+CVE-2008-1426 (SQL injection vulnerability in album.asp in KAPhotoservice allows remo ...)
 	NOT-FOR-US: KAPhotoservice
-CVE-2008-1425
+CVE-2008-1425 (SQL injection vulnerability in index.php in the gallery module in Easy ...)
 	NOT-FOR-US: Easy-Clanpage
 CVE-2008-1424
 	RESERVED
-CVE-2008-1423
+CVE-2008-1423 (Integer overflow in a certain quantvals and quantlist calculation in X ...)
 	{DSA-1591-1}
 	- libvorbisidec 1.0.2+svn18153-0.1 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
@@ -13832,86 +13832,86 @@ CVE-2008-1422
 	REJECTED
 CVE-2008-1421
 	REJECTED
-CVE-2008-1420
+CVE-2008-1420 (Integer overflow in residue partition value (aka partvals) evaluation  ...)
 	{DSA-1591-1}
 	- libvorbisidec <not-affected> (Vulnerable code not present)
 	- libvorbis 1.2.0.dfsg-3.1 (bug #482518)
-CVE-2008-1419
+CVE-2008-1419 (Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero v ...)
 	{DSA-1591-1}
 	- libvorbisidec 1.0.2+svn18153-0.1 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
 	- libvorbis 1.2.0.dfsg-3.1 (bug #482518)
 CVE-2008-1418
 	RESERVED
-CVE-2008-1416
+CVE-2008-1416 (Multiple PHP remote file inclusion vulnerabilities in PHPauction GPL 2 ...)
 	NOT-FOR-US: PHPauction GPL
-CVE-2008-1415
+CVE-2008-1415 (Directory traversal vulnerability in index.php in Multiple Time Sheets ...)
 	NOT-FOR-US: Multiple Time Sheets
-CVE-2008-1414
+CVE-2008-1414 (Cross-site scripting (XSS) vulnerability in Multiple Time Sheets (MTS) ...)
 	NOT-FOR-US: Multiple Time Sheets
-CVE-2008-1413
+CVE-2008-1413 (Cross-site scripting (XSS) vulnerability in search.php in SNewsCMS Rus ...)
 	NOT-FOR-US: SNewsCMS Rus
-CVE-2008-1412
+CVE-2008-1412 (Unspecified vulnerability in multiple F-Secure anti-virus products, in ...)
 	NOT-FOR-US: F-Secure anti-virus
-CVE-2008-1411
+CVE-2008-1411 (The PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earl ...)
 	NOT-FOR-US: Acronis Snap Deploy
-CVE-2008-1410
+CVE-2008-1410 (Directory traversal vulnerability in the PXE Server (pxesrv.exe) in Ac ...)
 	NOT-FOR-US: Acronis Snap Deploy
-CVE-2008-1409
+CVE-2008-1409 (Multiple directory traversal vulnerabilities in the Default theme in E ...)
 	NOT-FOR-US: Exero CMS
-CVE-2008-1408
+CVE-2008-1408 (SQL injection vulnerability in includes/functions/banners-external.php ...)
 	NOT-FOR-US: phpBP
-CVE-2008-1407
+CVE-2008-1407 (SQL injection vulnerability in index.php in the WebChat 1.60 module fo ...)
 	NOT-FOR-US: WebChat module for eXV2
-CVE-2008-1406
+CVE-2008-1406 (SQL injection vulnerability in annonces-p-f.php in the MyAnnonces 1.8  ...)
 	NOT-FOR-US: MyAnnonces
-CVE-2008-1405
+CVE-2008-1405 (PHP remote file inclusion vulnerability in code/display.php in fuzzyli ...)
 	NOT-FOR-US: fuzzylime
-CVE-2008-1404
+CVE-2008-1404 (SQL injection vulnerability in index.php in the Viso (Industry Book) 2 ...)
 	NOT-FOR-US: Viso module for eXV2
-CVE-2008-1403
+CVE-2008-1403 (Stack-based buffer overflow in the TFTP server in BootManage TFTPD 1.9 ...)
 	NOT-FOR-US: BootManage TFTPD
-CVE-2008-1402
+CVE-2008-1402 (MG-SOFT Net Inspector 6.5.0.828 and earlier for Windows allows remote  ...)
 	NOT-FOR-US: MG-SOFT Net Inspector
-CVE-2008-1401
+CVE-2008-1401 (Format string vulnerability in the Net Inspector HTTP server (mghttpd) ...)
 	NOT-FOR-US: MG-SOFT Net Inspector
-CVE-2008-1400
+CVE-2008-1400 (Directory traversal vulnerability in the Net Inspector HTTP Server (mg ...)
 	NOT-FOR-US: MG-SOFT Net Inspector
-CVE-2008-1399
+CVE-2008-1399 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Cl ...)
 	NOT-FOR-US: Clansphere
-CVE-2008-1398
+CVE-2008-1398 (SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 ...)
 	NOT-FOR-US: AuraCMS
-CVE-2008-1397
+CVE-2008-1397 (Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 so ...)
 	NOT-FOR-US: Check Point VPN
-CVE-2008-1396
+CVE-2008-1396 (Plone CMS 3.x uses invariant data (a client username and a server secr ...)
 	- plone3 <removed> (low; bug #473571)
 	[lenny] - plone3 <no-dsa> (Only an issue if not following best practices, see bug #473571)
-CVE-2008-1395
+CVE-2008-1395 (Plone CMS does not record users' authentication states, and implements ...)
 	- plone3 <removed> (low; bug #473571)
 	[lenny] - plone3 <no-dsa> (Only an issue if not following best practices, see bug #473571)
-CVE-2008-1394
+CVE-2008-1394 (Plone CMS before 3 places a base64 encoded form of the username and pa ...)
 	- zope-cmfplone <removed>
 	[etch] - zope-cmfplone <no-dsa> (low)
 	NOTE: doesn't apply to v3
 	NOTE: more a security enhancement
-CVE-2008-1393
+CVE-2008-1393 (Plone CMS 3.0.5, and probably other 3.x versions, places a base64 enco ...)
 	- plone3 <removed> (low; bug #473571; bug #486333)
 	[lenny] - plone3 <no-dsa> (Only an issue if not following best practices, see bug #473571)
-CVE-2008-1392
+CVE-2008-1392 (The default configuration of VMware Workstation 6.0.2, VMware Player 2 ...)
 	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
-CVE-2008-1476
+CVE-2008-1476 (Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1 ...)
 	{DSA-1528-1}
 	- serendipity 1.3-1
 	NOTE: http://blog.s9y.org/archives/192-Serendipity-1.3-released-addresses-security.html
-CVE-2008-1502
+CVE-2008-1502 (The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in  ...)
 	{DSA-1871-2 DSA-1871-1 DSA-1691-1}
 	- egroupware 1.4.002.dfsg-2.1 (bug #471839)
 	- wordpress 2.5.0-1 (bug #504243)
 	- moodle 1.8.2-1.3 (bug #489533)
-CVE-2008-1391
+CVE-2008-1391 (Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, ...)
 	{DSA-2058-1}
 	- kfreebsd-6 <not-affected> (see bug #483152)
 	- kfreebsd-7 <not-affected> (see bug #483152)
@@ -13922,80 +13922,80 @@ CVE-2008-1391
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=199eb0de8d
 	NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=10600
 	NOTE: PoC php -r 'money_format("%.1073741821i",1);' I can reproduce on 32bit, not 64bit
-CVE-2008-1390
+CVE-2008-1390 (The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.1 ...)
 	- asterisk 1:1.4.19.1~dfsg-1 (low)
 	[etch] - asterisk <not-affected> (Only 1.4.x affected)
 	[sarge] - asterisk <not-affected> (Only 1.4.x affected)
-CVE-2008-1389
+CVE-2008-1389 (libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows r ...)
 	- clamav 0.94.dfsg-1
 	[etch] - clamav <not-affected> (parsing does not continue on error)
 	NOTE: see <20081203184852.GB30968@l03.local>
 CVE-2008-1388
 	RESERVED
-CVE-2008-1387
+CVE-2008-1387 (ClamAV before 0.93 allows remote attackers to cause a denial of servic ...)
 	- clamav 0.92.1~dfsg2-1
 	[etch] - clamav <not-affected> (Vulnerable code not present)
-CVE-2008-1386
+CVE-2008-1386 (Multiple cross-site scripting (XSS) vulnerabilities in the installer i ...)
 	- serendipity <not-affected> (Vulnerable code not present)
 	NOTE: we do not ship the serendipity installer
-CVE-2008-1385
+CVE-2008-1385 (Cross-site scripting (XSS) vulnerability in the Top Referrers (aka ref ...)
 	- serendipity 1.3.1-1 (low)
 	NOTE: etch affected, but only in specific plugin.
-CVE-2008-1384
+CVE-2008-1384 (Integer overflow in PHP 5.2.5 and earlier allows context-dependent att ...)
 	{DSA-1572-1 DTSA-135-1}
 	- php5 5.2.6-1
 	NOTE: http://securityreason.com/achievement_securityalert/52
 	NOTE: Only exploitable through malicious script
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/formatted_print.c?r1=1.104&r2=1.105&diff_format=u
-CVE-2008-1383
+CVE-2008-1383 (The docert function in ssl-cert.eclass, when used by src_compile or sr ...)
 	NOT-FOR-US: Gentoo Linux Ebuilds
-CVE-2008-1382
+CVE-2008-1382 (libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 thr ...)
 	- libpng 1.2.26-1 (low; bug #476669)
 	NOTE: 1.2.26-1 contains a patch to fix that
 	[etch] - libpng 1.2.15~beta5-1+etch2
-CVE-2008-1381
+CVE-2008-1381 (ZoneMinder before 1.23.3 allows remote authenticated users, and possib ...)
 	{DTSA-130-1}
 	- zoneminder 1.23.3-1 (medium; bug #479034)
 	NOTE: http://www.awe.com/mark/blog/200804272230.html
-CVE-2008-1380
+CVE-2008-1380 (The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird  ...)
 	{DSA-1696-1 DSA-1562-1 DSA-1558-1 DSA-1555-1}
 	- iceweasel 2.0.0.14-1
 	- icedove 2.0.0.14-1
 	- iceape 1.1.9-2
 	- xulrunner 1.8.1.14-1
-CVE-2008-1379
+CVE-2008-1379 (Integer overflow in the fbShmPutImage function in the MIT-SHM extensio ...)
 	{DSA-1595-1 DTSA-141-1}
 	- xorg-server 2:1.4.1~git20080517-2
 CVE-2008-1378
 	REJECTED
-CVE-2008-1377
+CVE-2008-1377 (The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients fu ...)
 	{DSA-1595-1 DTSA-141-1}
 	- xorg-server 2:1.4.1~git20080517-2
-CVE-2008-1376
+CVE-2008-1376 (A certain Red Hat build script for nfs-utils before 1.0.9-35z.el5_2 on ...)
 	NOT-FOR-US: Red Hat build script
-CVE-2008-1375
+CVE-2008-1375 (Race condition in the directory notification subsystem (dnotify) in Li ...)
 	{DSA-1565-1}
 	- linux-2.6 2.6.25-2 (low)
 	- linux-2.6.24 2.6.24-6~etchnhalf.2
-CVE-2008-1374
+CVE-2008-1374 (Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux ...)
 	- cupsys <not-affected> (Redhat-specific incomplete patch, upstream patch is complete)
 	- cups <not-affected> (Redhat-specific incomplete patch, upstream patch is complete)
-CVE-2008-1373
+CVE-2008-1373 (Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remo ...)
 	{DSA-1625-1 DTSA-122-1}
 	- cupsys 1.3.7-1 (medium)
 	- cups 1.3.7-1 (medium)
-CVE-2008-1372
+CVE-2008-1372 (bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to ...)
 	- bzip2 1.0.5-0.1 (low; bug #471670)
 	[etch] - bzip2 <no-dsa> (Pure crasher, no code injection, mostly a regular bug)
-CVE-2008-1371
+CVE-2008-1371 (Absolute path traversal vulnerability in install/index.php in Drake CM ...)
 	NOT-FOR-US: Drake CMS
-CVE-2008-1370
+CVE-2008-1370 (PHP remote file inclusion vulnerability in index.php in wildmary Yap B ...)
 	NOT-FOR-US: wildmary Yap Blog
-CVE-2008-1369
+CVE-2008-1369 (A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1368
+CVE-2008-1368 (CRLF injection vulnerability in Microsoft Internet Explorer 5 and 6 al ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-1367
+CVE-2008-1367 (gcc 4.3.x does not generate a cld instruction while compiling function ...)
 	- linux-2.6 2.6.24-5 (bug #469058)
 	[etch] - linux-2.6 <not-affected> (Only exposed with GCC 4.3)
 	- kfreebsd-6 6.3-4 (bug #469564)
@@ -14003,513 +14003,513 @@ CVE-2008-1367
 	- gcc-4.3 4.3.0-2 (bug #469567)
 	- glibc 2.7-8 (bug #465583)
 	[etch] - glibc <not-affected> (Problem only exposed with GCC 4.3)
-CVE-2008-1366
+CVE-2008-1366 (Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and ea ...)
 	NOT-FOR-US: Trend Micro OfficeScan Corporate Edition
-CVE-2008-1365
+CVE-2008-1365 (Stack-based buffer overflow in Trend Micro OfficeScan Corporate Editio ...)
 	NOT-FOR-US: Trend Micro OfficeScan Corporate Edition
-CVE-2008-1364
+CVE-2008-1364 (Unspecified vulnerability in the DHCP service in VMware Workstation 5. ...)
 	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
-CVE-2008-1363
+CVE-2008-1363 (VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware P ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-1362
+CVE-2008-1362 (VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware P ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-1361
+CVE-2008-1361 (VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware P ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-1359
+CVE-2008-1359 (Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2008-1358
+CVE-2008-1358 (Stack-based buffer overflow in the IMAP server in Alt-N Technologies M ...)
 	NOT-FOR-US: MDaemon
-CVE-2008-1357
+CVE-2008-1357 (Format string vulnerability in the logDetail function of applib.dll in ...)
 	NOT-FOR-US: McAfee Common Management Agent
-CVE-2008-1356
+CVE-2008-1356 (Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Deskt ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1355
+CVE-2008-1355 (Cross-site scripting (XSS) vulnerability in index.php in Jeebles Techn ...)
 	NOT-FOR-US: Jeebles Directory
-CVE-2008-1354
+CVE-2008-1354 (SQL injection vulnerability in MyIssuesView.asp in Advanced Data Solut ...)
 	NOT-FOR-US: VSO-XP
-CVE-2008-1353
+CVE-2008-1353 (zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denia ...)
 	- zabbix 1:1.4.5-1 (low; bug #471678)
 	[etch] - zabbix <no-dsa> (Minor issue)
-CVE-2008-1352
+CVE-2008-1352 (Directory traversal vulnerability in search.php in EdiorCMS (ecms) 3.0 ...)
 	NOT-FOR-US: EdiorCMS
-CVE-2008-1351
+CVE-2008-1351 (SQL injection vulnerability in the Tutorials 2.1b module for XOOPS all ...)
 	NOT-FOR-US: Tutorials module for XOOPS
-CVE-2008-1350
+CVE-2008-1350 (SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm)  ...)
 	NOT-FOR-US: Fully Modded phpBB
-CVE-2008-1349
+CVE-2008-1349 (SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Ga ...)
 	NOT-FOR-US: bamaGalerie
-CVE-2008-1348
+CVE-2008-1348 (Cross-site scripting (XSS) vulnerability in index.php in the eWebsite  ...)
 	NOT-FOR-US: eWeather module for PHP-Nuke
-CVE-2008-1347
+CVE-2008-1347 (Multiple cross-site scripting (XSS) vulnerabilities in staticpages/eas ...)
 	NOT-FOR-US: MyioSoft EasyGallery
-CVE-2008-1346
+CVE-2008-1346 (SQL injection vulnerability in staticpages/easygallery/index.php in My ...)
 	NOT-FOR-US: MyioSoft EasyGallery
-CVE-2008-1345
+CVE-2008-1345 (Cross-site scripting (XSS) vulnerability in plugins/calendar/calendar_ ...)
 	NOT-FOR-US: MyioSoft EasyCalendar
-CVE-2008-1344
+CVE-2008-1344 (Multiple SQL injection vulnerabilities in MyioSoft EasyCalendar 4.0tr  ...)
 	NOT-FOR-US: MyioSoft EasyCalendar
-CVE-2008-1343
+CVE-2008-1343 (Directory traversal vulnerability in (1) pkgadd and (2) pkgrm in SCO U ...)
 	NOT-FOR-US: SCO Unixware
-CVE-2008-1342
+CVE-2008-1342 (Multiple cross-site scripting (XSS) vulnerabilities in the search feat ...)
 	NOT-FOR-US: Polymita BPM-Suite and CollagePortal
-CVE-2008-1341
+CVE-2008-1341 (SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFron ...)
 	NOT-FOR-US: LaGarde StoreFront
-CVE-2008-1340
+CVE-2008-1340 (Virtual Machine Communication Interface (VMCI) in VMware Workstation 6 ...)
 	- vmware-package <removed> (low; bug #486177)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
 CVE-2008-1339
 	RESERVED
-CVE-2008-1338
+CVE-2008-1338 (The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and ea ...)
 	NOT-FOR-US: Perforce Server
-CVE-2008-1337
+CVE-2008-1337 (The instant message service in Timbuktu Pro 8.6.5 RC 229 and earlier f ...)
 	NOT-FOR-US: Timbuktu Pro for Windows
-CVE-2008-1336
+CVE-2008-1336 (SQL injection vulnerability in Koobi CMS 4.2.3 through 4.3.0 allows re ...)
 	NOT-FOR-US: Koobi CMS
-CVE-2008-1335
+CVE-2008-1335 (The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 an ...)
 	NOT-FOR-US: NetBSD
-CVE-2008-1334
+CVE-2008-1334 (cgi/b on the BT Home Hub router allows remote attackers to bypass auth ...)
 	NOT-FOR-US: BT Home Hub router
-CVE-2008-1333
+CVE-2008-1333 (Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0 ...)
 	{DSA-1525-1}
 	- asterisk 1:1.4.18.1~dfsg-1 (medium)
 	NOTE: Etch's release is unimportant, since not exploitable, but was fixed anyway
 	[sarge] - asterisk <not-affected> (Only 1.6.x affected)
-CVE-2008-1332
+CVE-2008-1332 (Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, ...)
 	{DSA-1525-1}
 	- asterisk 1:1.4.18.1~dfsg-1 (medium)
-CVE-2008-1331
+CVE-2008-1331 (cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access service ...)
 	NOT-FOR-US: OmniPCX Office
-CVE-2008-1330
+CVE-2008-1330 (Unspecified vulnerability in the Windows client API in Novell GroupWis ...)
 	NOT-FOR-US: Novell Groupwise
-CVE-2008-1329
+CVE-2008-1329 (Unspecified vulnerability in the NetBackup service in CA ARCserve Back ...)
 	NOT-FOR-US: CA ARCserve
-CVE-2008-1328
+CVE-2008-1328 (Buffer overflow in the LGServer service in CA ARCserve Backup for Lapt ...)
 	NOT-FOR-US: CA ARCserve
-CVE-2008-1327
+CVE-2008-1327 (Gallarific does not require authentication for (1) users.php and (2) i ...)
 	NOT-FOR-US: Gallarific
-CVE-2008-1326
+CVE-2008-1326 (Cross-site scripting (XSS) vulnerability in search.php in Gallarific a ...)
 	NOT-FOR-US: Gallarific
-CVE-2008-1325
+CVE-2008-1325 (Multiple directory traversal vulnerabilities in index.php in Uberghey  ...)
 	NOT-FOR-US: Uberghey CMS
-CVE-2008-1324
+CVE-2008-1324 (Multiple directory traversal vulnerabilities in index.php in Travelsiz ...)
 	NOT-FOR-US: Travelsized CMS
-CVE-2008-1323
+CVE-2008-1323 (Cross-site request forgery (CSRF) vulnerability in index.php in WoltLa ...)
 	NOT-FOR-US: WoltLab Burning Board
-CVE-2008-1322
+CVE-2008-1322 (The File Check Utility (fcheck.exe) in ASG-Sentry Network Manager 7.0. ...)
 	NOT-FOR-US: ASG-Sentry Network Manager
-CVE-2008-1321
+CVE-2008-1321 (The FxIAList service in ASG-Sentry Network Manager 7.0.0 and earlier d ...)
 	NOT-FOR-US: ASG-Sentry Network Manager
-CVE-2008-1320
+CVE-2008-1320 (Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earl ...)
 	NOT-FOR-US: ASG-Sentry Network Manager
-CVE-2008-1319
+CVE-2008-1319 (Untrusted search path and argument injection vulnerability in the Vers ...)
 	NOT-FOR-US: Versant Object Database
-CVE-2008-1317
+CVE-2008-1317 (Unspecified vulnerability in the Inter-Process Communication (IPC) mes ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1316
+CVE-2008-1316 (SQL injection vulnerability in qtf_ind_search_ov.php in QT-cute QuickT ...)
 	NOT-FOR-US: QuickTalk Forum
-CVE-2008-1315
+CVE-2008-1315 (SQL injection vulnerability in the ZClassifieds module for PHP-Nuke al ...)
 	NOT-FOR-US: ZClassifieds module for PHP-Nuke
-CVE-2008-1314
+CVE-2008-1314 (SQL injection vulnerability in the Johannes Hass gaestebuch 2.2 module ...)
 	NOT-FOR-US: Johannes Hass gaestebuch
-CVE-2008-1313
+CVE-2008-1313 (Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and e ...)
 	NOT-FOR-US: Bloo
-CVE-2008-1312
+CVE-2008-1312 (Unspecified vulnerability in the TFTP server in PacketTrap Networks pt ...)
 	NOT-FOR-US: PacketTrap Networks Tool Suite
-CVE-2008-1311
+CVE-2008-1311 (The TFTP server in PacketTrap pt360 Tool Suite PRO 2.0.3901.0 and earl ...)
 	NOT-FOR-US: PacketTrap Networks Tool Suite
-CVE-2008-1310
+CVE-2008-1310 (Directory traversal vulnerability in the TFTP server in PacketTrap Net ...)
 	NOT-FOR-US: PacketTrap Networks Tool Suite
-CVE-2008-1309
+CVE-2008-1309 (The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in Real ...)
 	NOT-FOR-US: RealPlayer
-CVE-2008-1308
+CVE-2008-1308 (SQL injection vulnerability in the Sudirman Angriawan NukeC30 3.0 modu ...)
 	NOT-FOR-US: NukeC30 module for PHP-Nuke
-CVE-2008-1307
+CVE-2008-1307 (Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in ...)
 	NOT-FOR-US: KingSoft Antivirus
-CVE-2008-1306
+CVE-2008-1306 (Multiple cross-site scripting (XSS) vulnerabilities in Savvy Content M ...)
 	NOT-FOR-US: Savvy Content Manager
-CVE-2008-1305
+CVE-2008-1305 (SQL injection vulnerability in filebase.php in the Filebase mod for ph ...)
 	NOT-FOR-US: Filebase mod for phpBb
-CVE-2008-1304
+CVE-2008-1304 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.3.2 ...)
 	- wordpress <not-affected> (Vulnerable code not present)
 	NOTE: referring to upstream this only affected wordpress.com and not the regular wordpress code
-CVE-2008-1303
+CVE-2008-1303 (The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and ea ...)
 	NOT-FOR-US: Perforce Server
-CVE-2008-1302
+CVE-2008-1302 (The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and ea ...)
 	NOT-FOR-US: Perforce Server
-CVE-2008-1301
+CVE-2008-1301 (Absolute path traversal vulnerability in system/workplace/admin/workpl ...)
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2008-1300
+CVE-2008-1300 (Cross-site scripting (XSS) vulnerability in the Logfile Viewer Setting ...)
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2008-1299
+CVE-2008-1299 (Cross-site scripting (XSS) vulnerability in SolutionSearch.do in Manag ...)
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2008-1298
+CVE-2008-1298 (SQL injection vulnerability in Hadith module for PHP-Nuke allows remot ...)
 	NOT-FOR-US: Hadith module for PHP-Nuke
-CVE-2008-1297
+CVE-2008-1297 (SQL injection vulnerability in index.php in the eWriting (com_ewriting ...)
 	NOT-FOR-US: com_ewriting module for Mambo and Joomla!
-CVE-2008-1296
+CVE-2008-1296 (Multiple cross-site scripting (XSS) vulnerabilities in EncapsGallery 1 ...)
 	NOT-FOR-US: EncapsGallery
-CVE-2008-1295
+CVE-2008-1295 (SQL injection vulnerability in archives.php in Gregory Kokanosky (aka  ...)
 	NOT-FOR-US: phpMyNewsletter
-CVE-2008-1292
+CVE-2008-1292 (ViewVC before 1.0.5 provides revision metadata without properly checki ...)
 	- viewvc 1.0.5-0.1 (bug #471380)
-CVE-2008-1291
+CVE-2008-1291 (ViewVC before 1.0.5 stores sensitive information under the web root wi ...)
 	- viewvc 1.0.5-0.1 (bug #471380)
-CVE-2008-1290
+CVE-2008-1290 (ViewVC before 1.0.5 includes "all-forbidden" files within search resul ...)
 	- viewvc 1.0.5-0.1 (bug #471380)
-CVE-2008-1289
+CVE-2008-1289 (Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18. ...)
 	- asterisk 1:1.4.18.1~dfsg-1 (medium)
 	[etch] - asterisk <not-affected> (Only 1.4.x and above affected)
 	[sarge] - asterisk <not-affected> (Only 1.4.x and above affected)
-CVE-2008-1360
+CVE-2008-1360 (Cross-site scripting (XSS) vulnerability in Nagios before 2.11 allows  ...)
 	{DSA-1883-2 DSA-1883-1}
 	- nagios2 2.11-1 (low)
-CVE-2008-1417
+CVE-2008-1417 (The prerm script in axyl 2.1.7 allows local users to overwrite arbitra ...)
 	- axyl 2.2.0 (low; bug #471227)
 	[sarge] - axyl <not-affected> (Vulnerable code not present)
 	[etch] - axyl <not-affected> (Vulnerable code not present)
-CVE-2008-1294
+CVE-2008-1294 (Linux kernel 2.6.17, and other versions before 2.6.22, does not check  ...)
 	{DSA-1565-1}
 	- linux-2.6 2.6.22-1 (low)
-CVE-2008-1318
+CVE-2008-1318 (Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remot ...)
 	- mediawiki 1:1.11.2-1
 	[etch] - mediawiki <not-affected> (Versions prior to 1.11 do not include callback feature)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2008-March/000070.html
-CVE-2008-1288
+CVE-2008-1288 (IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 might allow local or remot ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2008-1287
+CVE-2008-1287 (IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error  ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2008-1286
+CVE-2008-1286 (Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3. ...)
 	NOT-FOR-US: Sun Javav Web Console
-CVE-2008-1285
+CVE-2008-1285 (Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF ...)
 	NOT-FOR-US: Sun Java Server Faces
-CVE-2008-1284
+CVE-2008-1284 (Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0 ...)
 	{DSA-1519-1}
 	- horde3 3.1.7-1 (medium; bug #470640)
-CVE-2008-1283
+CVE-2008-1283 (Cross-site scripting (XSS) vulnerability in Neptune Web Server 3.0 all ...)
 	NOT-FOR-US: Neptune Web Server
-CVE-2008-1282
+CVE-2008-1282 (Buffer overflow in the BFup ActiveX control (BFup.dll) in B21Soft BFup ...)
 	NOT-FOR-US: B21Soft BFup
-CVE-2008-1281
+CVE-2008-1281 (Directory traversal vulnerability in TFTPsrvs.exe 2.5.3.1 and earlier, ...)
 	NOT-FOR-US: Argon Technology Client Management Services
-CVE-2008-1280
+CVE-2008-1280 (Acronis True Image Windows Agent 1.0.0.54 and earlier, included in Acr ...)
 	NOT-FOR-US: Acronis True Image
-CVE-2008-1279
+CVE-2008-1279 (Acronis True Image Group Server 1.5.19.191 and earlier, included in Ac ...)
 	NOT-FOR-US: Acronis True Image
-CVE-2008-1278
+CVE-2008-1278 (The RemotelyAnywhere.exe service in the Remotely Anywhere Server and W ...)
 	NOT-FOR-US: Remotely Anywhere
-CVE-2008-1277
+CVE-2008-1277 (The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and  ...)
 	NOT-FOR-US: MailEnable
-CVE-2008-1276
+CVE-2008-1276 (Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEna ...)
 	NOT-FOR-US: MailEnable
-CVE-2008-1275
+CVE-2008-1275 (Multiple unspecified vulnerabilities in the SMTP service in MailEnable ...)
 	NOT-FOR-US: MailEnable
-CVE-2008-1274
+CVE-2008-1274 (Untrusted search path vulnerability in man in IBM AIX 6.1.0 allows loc ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-1273
+CVE-2008-1273 (Multiple cross-site scripting (XSS) vulnerabilities in imageVue 1.7 al ...)
 	NOT-FOR-US: imageVue
-CVE-2008-1272
+CVE-2008-1272 (Multiple SQL injection vulnerabilities in BM Classifieds 20080309 and  ...)
 	NOT-FOR-US: BM Classifieds
 CVE-2008-1271
 	REJECTED
-CVE-2008-1270
+CVE-2008-1270 (mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not s ...)
 	{DSA-1521-1}
 	- lighttpd 1.4.19-1
 	NOTE: user configuration error, default documented in moduserdir documentation
-CVE-2008-1269
+CVE-2008-1269 (cp06_wifi_m_nocifr.cgi in the admin panel on the Alice Gate 2 Plus Wi- ...)
 	NOT-FOR-US: Alice Gate 2 Plus router firmware
-CVE-2008-1268
+CVE-2008-1268 (The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware doe ...)
 	NOT-FOR-US: Linksys WRT54G
-CVE-2008-1267
+CVE-2008-1267 (The Siemens SpeedStream 6520 router allows remote attackers to cause a ...)
 	NOT-FOR-US: Siemens SpeedStream
-CVE-2008-1266
+CVE-2008-1266 (Multiple buffer overflows in the web interface on the D-Link DI-524 ro ...)
 	NOT-FOR-US: D-Link router
-CVE-2008-1265
+CVE-2008-1265 (The Linksys WRT54G router allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Linksys WRT54G
-CVE-2008-1264
+CVE-2008-1264 (The Linksys WRT54G router has "admin" as its default FTP password, whi ...)
 	NOT-FOR-US: Linksys WRT54G
-CVE-2008-1263
+CVE-2008-1263 (The Linksys WRT54G router stores passwords and keys in cleartext in th ...)
 	NOT-FOR-US: Linksys WRT54G
-CVE-2008-1262
+CVE-2008-1262 (The administration panel on the Airspan WiMax ProST 4.1 antenna with 6 ...)
 	NOT-FOR-US: Airspan WiMax ProST antenna
-CVE-2008-1261
+CVE-2008-1261 (The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware provides diffe ...)
 	NOT-FOR-US: Zyxel router
-CVE-2008-1260
+CVE-2008-1260 (Multiple cross-site request forgery (CSRF) vulnerabilities on the Zyxe ...)
 	NOT-FOR-US: Zyxel router
-CVE-2008-1259
+CVE-2008-1259 (The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware maintains auth ...)
 	NOT-FOR-US: Zyxel router
-CVE-2008-1258
+CVE-2008-1258 (Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link DI- ...)
 	NOT-FOR-US: D-Link router
-CVE-2008-1257
+CVE-2008-1257 (Cross-site scripting (XSS) vulnerability in Forms/DiagGeneral_2 on the ...)
 	NOT-FOR-US: Zyxel router
-CVE-2008-1256
+CVE-2008-1256 (The ZyXEL P-660HW series router has "admin" as its default password, w ...)
 	NOT-FOR-US: Zyxel router
-CVE-2008-1255
+CVE-2008-1255 (The ZyXEL P-660HW series router maintains authentication state by IP a ...)
 	NOT-FOR-US: Zyxel router
-CVE-2008-1254
+CVE-2008-1254 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ZyXE ...)
 	NOT-FOR-US: Zyxel router
-CVE-2008-1253
+CVE-2008-1253 (Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Lin ...)
 	NOT-FOR-US: D-Link router
-CVE-2008-1252
+CVE-2008-1252 (b_banner.stm (aka the login page) on the Deutsche Telekom Speedport W5 ...)
 	NOT-FOR-US: Telekom Speedport W500 DSL router
-CVE-2008-1251
+CVE-2008-1251 (Cross-site scripting (XSS) vulnerability in the web interface on the c ...)
 	NOT-FOR-US: Snom 320 SIP Phone
-CVE-2008-1250
+CVE-2008-1250 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web  ...)
 	NOT-FOR-US: Snom 320 SIP Phone
-CVE-2008-1249
+CVE-2008-1249 (snomControl.swf in the central phone server for the Snom 320 SIP Phone ...)
 	NOT-FOR-US: Snom 320 SIP Phone
-CVE-2008-1248
+CVE-2008-1248 (The web interface on the central phone server for the Snom 320 SIP Pho ...)
 	NOT-FOR-US: Snom 320 SIP Phone
-CVE-2008-1247
+CVE-2008-1247 (The web interface on the Linksys WRT54g router with firmware 1.00.9 do ...)
 	NOT-FOR-US: Linksys WRT54g router
 CVE-2008-1246
 	NOT-FOR-US: Cisco PIX/ASA Finesse Operation System
-CVE-2008-1245
+CVE-2008-1245 (cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with fi ...)
 	NOT-FOR-US: Belkin router
-CVE-2008-1244
+CVE-2008-1244 (cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.0 ...)
 	NOT-FOR-US: Belkin router
-CVE-2008-1243
+CVE-2008-1243 (Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router ...)
 	NOT-FOR-US: Linksys WRT300N router
-CVE-2008-1242
+CVE-2008-1242 (The control panel on the Belkin F5D7230-4 router with firmware 9.01.10 ...)
 	NOT-FOR-US: Belkin router
-CVE-2008-1241
+CVE-2008-1241 (GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMo ...)
 	{DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
-CVE-2008-1240
+CVE-2008-1240 (LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1. ...)
 	{DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 CVE-2008-1239
 	RESERVED
-CVE-2008-1238
+CVE-2008-1238 (Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when gener ...)
 	{DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
-CVE-2008-1237
+CVE-2008-1237 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.1 ...)
 	{DSA-1574-1 DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.14-1
-CVE-2008-1236
+CVE-2008-1236 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.1 ...)
 	{DSA-1574-1 DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.14-1
-CVE-2008-1235
+CVE-2008-1235 (Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderb ...)
 	{DSA-1574-1 DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.14-1
-CVE-2008-1234
+CVE-2008-1234 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0 ...)
 	{DSA-1574-1 DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.14-1
-CVE-2008-1233
+CVE-2008-1233 (Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderb ...)
 	{DSA-1574-1 DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.14-1
-CVE-2008-1232
+CVE-2008-1232 (Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 throug ...)
 	- tomcat5.5 5.5.26-4 (low; bug #494504)
-CVE-2008-1231
+CVE-2008-1231 (Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2 ...)
 	- jspwiki 2.8.0-1 (bug #470477)
-CVE-2008-1230
+CVE-2008-1230 (Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139  ...)
 	- jspwiki 2.8.0-1 (bug #470477)
-CVE-2008-1229
+CVE-2008-1229 (Cross-site scripting (XSS) vulnerability in Edit.jsp in JSPWiki 2.4.10 ...)
 	- jspwiki 2.8.0-1 (bug #470477)
-CVE-2008-1228
+CVE-2008-1228 (Cross-site scripting (XSS) vulnerability in admin.php in MG2 (formerly ...)
 	NOT-FOR-US: MG2
-CVE-2008-1227
+CVE-2008-1227 (Stack-based buffer overflow in the silc_fingerprint function in lib/si ...)
 	- silc-toolkit 1.1.6-1
-CVE-2008-1226
+CVE-2008-1226 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collabor ...)
 	NOT-FOR-US: Zimbra Collaboration Suite
-CVE-2008-1225
+CVE-2008-1225 (Multiple cross-site scripting (XSS) vulnerabilities in WebCT Campus Ed ...)
 	NOT-FOR-US: WebCT Campus Edition
-CVE-2008-1224
+CVE-2008-1224 (Cross-site scripting (XSS) vulnerability in account.php in BosClassifi ...)
 	NOT-FOR-US: BosClassifieds Classified Ads System
-CVE-2008-1223
+CVE-2008-1223 (Unspecified vulnerability in Dokeos 1.8.4 before SP3 allows attackers  ...)
 	NOT-FOR-US: Dokeos
-CVE-2008-1222
+CVE-2008-1222 (Cross-site scripting (XSS) vulnerability in Dokeos 1.8.4 before SP3 al ...)
 	NOT-FOR-US: Dokeos
-CVE-2008-1221
+CVE-2008-1221 (Absolute path traversal vulnerability in the FTP server in MicroWorld  ...)
 	NOT-FOR-US: MicroWorld eScan
-CVE-2008-1220
+CVE-2008-1220 (SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke all ...)
 	NOT-FOR-US: 4nChat for PHP-Nuke
-CVE-2008-1219
+CVE-2008-1219 (SQL injection vulnerability in the Kutub-i Sitte (KutubiSitte) 1.1 mod ...)
 	NOT-FOR-US: Kutub-i Sitte for PHP-Nuke
-CVE-2008-1217
+CVE-2008-1217 (Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus No ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2008-1216
+CVE-2008-1216 (IBM Lotus Quickr 8.0 server, and possibly QuickPlace 7.x, does not pro ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2008-1215
+CVE-2008-1215 (Stack-based buffer overflow in the command_Expand_Interpret function i ...)
 	NOT-FOR-US: BSD net/userppp
-CVE-2008-1214
+CVE-2008-1214 (MRcgi/MRProcessIncomingForms.pl in Numara FootPrints 8.1 on Linux allo ...)
 	NOT-FOR-US: Numara FootPrints
-CVE-2008-1213
+CVE-2008-1213 (Cross-site scripting (XSS) vulnerability in Numara FootPrints for Linu ...)
 	NOT-FOR-US: Numara FootPrints
-CVE-2008-1212
+CVE-2008-1212 (Cross-site scripting (XSS) vulnerability in set_permissions.php in Pod ...)
 	NOT-FOR-US: Podcast Generator
-CVE-2008-1211
+CVE-2008-1211 (Cross-site scripting (XSS) vulnerability in BosDates 3.x and 4.x allow ...)
 	NOT-FOR-US: BosDates
-CVE-2008-1210
+CVE-2008-1210 (Stack-based buffer overflow in the ctags parsing code in Programmer's  ...)
 	NOT-FOR-US: Programmer's Notepad
-CVE-2008-1209
+CVE-2008-1209 (Cross-site scripting (XSS) vulnerability in redirect.do in Xitex WebCo ...)
 	NOT-FOR-US: Xitex WebContent M1
-CVE-2008-1208
+CVE-2008-1208 (Cross-site scripting (XSS) vulnerability in the login page in Check Po ...)
 	NOT-FOR-US: CheckPoint VPN-1
-CVE-2008-1207
+CVE-2008-1207 (Multiple unspecified vulnerabilities in Fujitsu Interstage Smart Repos ...)
 	NOT-FOR-US: Fujitsu Interstage
-CVE-2008-1206
+CVE-2008-1206 (Format string vulnerability in the log_message function in lks.c in Li ...)
 	NOT-FOR-US: Linux Kiss Server
-CVE-2008-1205
+CVE-2008-1205 (Unspecified vulnerability in the ipsecah kernel module in Sun Solaris  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1204
+CVE-2008-1204 (Multiple cross-site scripting (XSS) vulnerabilities in the Administrat ...)
 	NOT-FOR-US: Sun Java System
-CVE-2008-1203
+CVE-2008-1203 (The administrator interface for Adobe ColdFusion 8 and ColdFusion MX7  ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2008-1202
+CVE-2008-1202 (Cross-site scripting (XSS) vulnerability in the web management interfa ...)
 	NOT-FOR-US: Adobe LiveCycle Workflow
-CVE-2008-1201
+CVE-2008-1201 (Multiple unspecified vulnerabilities in FLA file parsing in Adobe Flas ...)
 	NOT-FOR-US: Adobe Flash CS3 Professional
-CVE-2008-1200
+CVE-2008-1200 (Unspecified vulnerability in Microsoft Access allows remote user-assis ...)
 	NOT-FOR-US: Microsoft Access
-CVE-2008-1198
+CVE-2008-1198 (The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5  ...)
 	NOT-FOR-US: Red Hat specific
-CVE-2008-1197
+CVE-2008-1197 (The Marvell driver for the Netgear WN802T Wi-Fi access point with firm ...)
 	NOT-FOR-US: Marvell driver for the Netgear WN802T Wi-Fi access point
-CVE-2008-1196
+CVE-2008-1196 (Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK  ...)
 	- sun-java6 6-05-1 (medium)
 	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1195
+CVE-2008-1195 (Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE ...)
 	- sun-java6 6-05-1 (low)
 	- sun-java5 1.5.0-15-1 (low)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1194
+CVE-2008-1194 (Multiple unspecified vulnerabilities in the color management library i ...)
 	- sun-java6 6-05-1 (unimportant)
 	- sun-java5 1.5.0-15-1 (unimportant)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1193
+CVE-2008-1193 (Unspecified vulnerability in Java Runtime Environment Image Parsing Li ...)
 	- sun-java6 6-05-1 (low)
 	- sun-java5 1.5.0-15-1 (low)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1192
+CVE-2008-1192 (Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Up ...)
 	- sun-java6 6-05-1 (medium)
 	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1191
+CVE-2008-1191 (Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Updat ...)
 	- sun-java6 6-05-1 (medium)
 	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1190
+CVE-2008-1190 (Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Updat ...)
 	- sun-java6 6-05-1 (medium)
 	- sun-java5 <not-affected> (No more information by sun)
-CVE-2008-1189
+CVE-2008-1189 (Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and ea ...)
 	- sun-java6 6-05-1 (medium)
 	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1188
+CVE-2008-1188 (Multiple buffer overflows in the useEncodingDecl function in Java Web  ...)
 	- sun-java6 6-05-1 (medium)
 	- sun-java5 1.5.0-15-1 (medium)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1187
+CVE-2008-1187 (Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JD ...)
 	- sun-java6 6-05-1 (low)
 	- sun-java5 1.5.0-15-1 (low)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1186
+CVE-2008-1186 (Unspecified vulnerability in the Virtual Machine for Sun Java Runtime  ...)
 	- sun-java6 6-05-1
 	- sun-java5 1.5.0-15-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1185
+CVE-2008-1185 (Unspecified vulnerability in the Virtual Machine for Sun Java Runtime  ...)
 	- sun-java6 6-05-1
 	- sun-java5 1.5.0-15-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
-CVE-2008-1184
+CVE-2008-1184 (The DNSSEC validation library (libval) library in dnssec-tools before  ...)
 	- dnssec-tools <not-affected> (first version in Debian was 1.4.1)
-CVE-2008-1183
+CVE-2008-1183 (Multiple cross-site scripting (XSS) vulnerabilities in Crafty Syntax L ...)
 	NOT-FOR-US: Crafty Syntax Live Help
-CVE-2008-1182
+CVE-2008-1182 (Cross-site scripting (XSS) vulnerability in BSD Perimeter pfSense befo ...)
 	NOT-FOR-US: BSD Perimeter pfSense
-CVE-2008-1181
+CVE-2008-1181 (Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows remote ...)
 	NOT-FOR-US: Juniper
-CVE-2008-1180
+CVE-2008-1180 (Cross-site scripting (XSS) vulnerability in dana-na/auth/rdremediate.c ...)
 	NOT-FOR-US: Juniper
-CVE-2008-1179
+CVE-2008-1179 (Multiple cross-site scripting (XSS) vulnerabilities in include/common/ ...)
 	NOT-FOR-US: Centreon
-CVE-2008-1178
+CVE-2008-1178 (Directory traversal vulnerability in include/doc/index.php in Centreon ...)
 	NOT-FOR-US: Centreon
-CVE-2008-1177
+CVE-2008-1177 (SQL injection vulnerability in shop/detail.php in Affiliate Market (af ...)
 	NOT-FOR-US: Affiliate Market
-CVE-2008-1176
+CVE-2008-1176 (Cross-site scripting (XSS) vulnerability in function/sideblock.php in  ...)
 	NOT-FOR-US: Affiliate Market
-CVE-2008-1175
+CVE-2008-1175 (Cross-site scripting (XSS) vulnerability in AuthentiX 6.3b1 Trial allo ...)
 	NOT-FOR-US: AuthentiX
-CVE-2008-1174
+CVE-2008-1174 (Cross-site scripting (XSS) vulnerability in editUser.asp in AuthentiX  ...)
 	NOT-FOR-US: AuthentiX
-CVE-2008-1173
+CVE-2008-1173 (Cross-site scripting (XSS) vulnerability in account-inbox.php in Torre ...)
 	NOT-FOR-US: TorrentTrader
-CVE-2008-1172
+CVE-2008-1172 (Cross-site request forgery (CSRF) vulnerabilities in account-inbox.php ...)
 	NOT-FOR-US: TorrentTrader
 CVE-2008-1171
 	NOT-FOR-US: 123 Flash Chat Module for phpBB
-CVE-2008-1170
+CVE-2008-1170 (Multiple PHP remote file inclusion vulnerabilities in KCWiki 1.0 allow ...)
 	NOT-FOR-US: KCWiki
-CVE-2008-1169
+CVE-2008-1169 (Directory traversal vulnerability in the embedded HTTP server in SCI P ...)
 	NOT-FOR-US: SCI Photo Chat Server
-CVE-2008-1168
+CVE-2008-1168 (Cross-site scripting (XSS) vulnerability in Squid Analysis Report Gene ...)
 	- sarg 2.2.5-1
-CVE-2008-1167
+CVE-2008-1167 (Stack-based buffer overflow in the useragent function in useragent.c i ...)
 	- sarg 2.2.4-1
-CVE-2008-1166
+CVE-2008-1166 (Flyspray 0.9.9.4 generates different error messages depending on wheth ...)
 	- flyspray <removed>
-CVE-2008-1165
+CVE-2008-1165 (Multiple cross-site scripting (XSS) vulnerabilities in Flyspray 0.9.9  ...)
 	- flyspray <removed>
-CVE-2008-1164
+CVE-2008-1164 (SQL injection vulnerability in index.php in phpComasy 0.8 allows remot ...)
 	NOT-FOR-US: phpComasy CMS
-CVE-2008-1163
+CVE-2008-1163 (SQL injection vulnerability in index.php in phpArcadeScript 1.0 throug ...)
 	NOT-FOR-US: phpArcadeScript
-CVE-2008-1162
+CVE-2008-1162 (SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Pho ...)
 	NOT-FOR-US: phpwebscript
-CVE-2008-1161
+CVE-2008-1161 (Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in ...)
 	{DSA-1536-1}
 	- xine-lib 1.1.10.1-1 (medium)
-CVE-2008-1160
+CVE-2008-1160 (ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra p ...)
 	NOT-FOR-US: ZyXEL ZyWALL 1050
-CVE-2008-1159
+CVE-2008-1159 (Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12 ...)
 	NOT-FOR-US: Cisco ssh server
-CVE-2008-1158
+CVE-2008-1158 (The Presence Engine (PE) service in Cisco Unified Presence before 6.0( ...)
 	NOT-FOR-US: Presence Engine (PE) Cisco Unified Presence
-CVE-2008-1157
+CVE-2008-1157 (Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 creates a  ...)
 	NOT-FOR-US: Cisco IPM
-CVE-2008-1156
+CVE-2008-1156 (Unspecified vulnerability in the Multicast Virtual Private Network (MV ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-1155
+CVE-2008-1155 (Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3. ...)
 	NOT-FOR-US: Cisco
-CVE-2008-1154
+CVE-2008-1154 (The Disaster Recovery Framework (DRF) master server in Cisco Unified C ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-1153
+CVE-2008-1153 (Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the I ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-1152
+CVE-2008-1152 (The data-link switching (DLSw) component in Cisco IOS 12.0 through 12. ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-1151
+CVE-2008-1151 (Memory leak in the virtual private dial-up network (VPDN) component in ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-1150
+CVE-2008-1150 (The virtual private dial-up network (VPDN) component in Cisco IOS befo ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-1149
+CVE-2008-1149 (phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters  ...)
 	{DSA-1557-1}
 	- phpmyadmin 4:2.11.5-1 (low)
 	[etch] - phpmyadmin <no-dsa> (Minor issue)
@@ -14517,426 +14517,426 @@ CVE-2008-1149
 	NOTE: PMASA-2008-1. SQL injection if you can set local cookies, which means
 	NOTE: you must be able to create pages in the same cookie domain, which seems
 	NOTE: rare and unwise. low priority.
-CVE-2008-1148
+CVE-2008-1148 (A certain pseudo-random number generator (PRNG) algorithm that uses AD ...)
 	NOT-FOR-US: OpenBSD / NetBSD
-CVE-2008-1147
+CVE-2008-1147 (A certain pseudo-random number generator (PRNG) algorithm that uses XO ...)
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 <removed> (bug #559107)
 	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
-CVE-2008-1146
+CVE-2008-1146 (A certain pseudo-random number generator (PRNG) algorithm that uses XO ...)
 	NOT-FOR-US: OpenBSD
-CVE-2008-1144
+CVE-2008-1144 (The Marvell driver for the Netgear WN802T Wi-Fi access point with firm ...)
 	NOT-FOR-US: Marvell driver for the Netgear WN802T Wi-Fi access point
 CVE-2008-1143
 	RESERVED
-CVE-2008-1141
+CVE-2008-1141 (Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allo ...)
 	NOT-FOR-US: DESlock+
-CVE-2008-1140
+CVE-2008-1140 (DLMFDISK.sys 1.2.0.27 in DESlock+ 3.2.6 and earlier allows local users ...)
 	NOT-FOR-US: DESlock+
-CVE-2008-1139
+CVE-2008-1139 (DESlock+ 3.2.6 and earlier, when DLMFENC.sys 1.0.0.26 and DLMFDISK.sys ...)
 	NOT-FOR-US: DESlock+
-CVE-2008-1138
+CVE-2008-1138 (DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users  ...)
 	NOT-FOR-US: DESlock+
-CVE-2008-1137
+CVE-2008-1137 (SQL injection vulnerability in the Garys Cookbook (com_garyscookbook)  ...)
 	NOT-FOR-US: com_garyscookbook component for Mambo and Joomla!
-CVE-2008-1136
+CVE-2008-1136 (The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through  ...)
 	- vdccm <removed>
-CVE-2008-1135
+CVE-2008-1135 (OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 generates diff ...)
 	NOT-FOR-US: OMEGA
-CVE-2008-1134
+CVE-2008-1134 (OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 supports authe ...)
 	NOT-FOR-US: OMEGA
-CVE-2008-1133
+CVE-2008-1133 (The Drupal.checkPlain function in Drupal 6.0 only escapes the first in ...)
 	- drupal5 <not-affected> (Vulnerable code introduced in 6.x)
-CVE-2008-1218
+CVE-2008-1218 (Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1 ...)
 	{DSA-1516-1}
 	- dovecot 1:1.0.13-1
 	[etch] - dovecot <not-affected> (Vulnerable code not present)
 	[sarge] - dovecot <not-affected> (Vulnerable code not present)
 	NOTE: exploitable through code introduced in 1.0.11
 	NOTE: http://www.dovecot.org/list/dovecot-news/2008-March/000064.html
-CVE-2008-1293
+CVE-2008-1293 (ldm in Linux Terminal Server Project (LTSP) 0.99 and 2 passes the -ac  ...)
 	{DSA-1561-1 DTSA-118-1}
 	- ldm 2:0.1~bzr20080308-1 (bug #469462)
 	- ltsp 5.0.40~bzr20071229-1
 	NOTE: In revision 5.0.40~bzr20071229-1 ldm has been split into a separate source package
-CVE-2008-1145
+CVE-2008-1145 (Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5- ...)
 	- ruby1.8 1.8.6.114-1 (unimportant; bug #469475)
 	- ruby1.9 1.9.0.1-1 (unimportant; bug #469482)
 	[sarge] - ruby1.8 <no-dsa> (case insensitive FS, corner case)
 	[etch] - ruby1.8 <no-dsa> (case insensitive FS, corner case)
 	[etch] - ruby1.9 <no-dsa> (case insensitive FS, corner case)
 	NOTE: http://www.ruby-lang.org/en/news/2008/03/03/webrick-file-access-vulnerability/
-CVE-2008-1199
+CVE-2008-1199 (Dovecot before 1.0.11, when configured to use mail_extra_groups to all ...)
 	{DSA-1516-1}
 	- dovecot 1:1.0.12-1 (medium; bug #469457)
-CVE-2008-1132
+CVE-2008-1132 (Untrusted search path vulnerability in src/mainwindow.c in Net Activit ...)
 	NOT-FOR-US: Net Activity Viewer
-CVE-2008-1131
+CVE-2008-1131 (Cross-site scripting (XSS) vulnerability in Drupal 6.0 allows remote a ...)
 	- drupal <not-affected> (Vulnerable code not present, affects only 6.x branch)
 	- drupal5 <not-affected> (Vulnerable code not present, affects only 6.x branch)
-CVE-2008-1130
+CVE-2008-1130 (Unspecified vulnerability in IBM WebSphere MQ 6.0.x before 6.0.2.2 and ...)
 	NOT-FOR-US: WebSphere
-CVE-2008-1129
+CVE-2008-1129 (Cross-site scripting (XSS) vulnerability in admin/users/self.php in XR ...)
 	NOT-FOR-US: XRMS
-CVE-2008-1128
+CVE-2008-1128 (PHP remote file inclusion vulnerability in tourney/index.php in phpMyT ...)
 	NOT-FOR-US: phpMyTourney
-CVE-2008-1127
+CVE-2008-1127 (Format string vulnerability in the cryactio function in Crysis 1.1.1.5 ...)
 	NOT-FOR-US: Crysis
-CVE-2008-1126
+CVE-2008-1126 (PHP remote file inclusion vulnerability in main.php in Barryvan Compo  ...)
 	NOT-FOR-US: Barryvan Compo Manager
-CVE-2008-1125
+CVE-2008-1125 (Multiple directory traversal vulnerabilities in Podcast Generator 1.0  ...)
 	NOT-FOR-US: Podcast Generator
-CVE-2008-1124
+CVE-2008-1124 (Multiple PHP remote file inclusion vulnerabilities in Podcast Generato ...)
 	NOT-FOR-US: Podcast Generator
-CVE-2008-1123
+CVE-2008-1123 (Multiple PHP remote file inclusion vulnerabilities in SiteBuilder Elit ...)
 	NOT-FOR-US: SiteBuilder
-CVE-2008-1122
+CVE-2008-1122 (SQL injection vulnerability in the downloads module in Koobi Pro 5.7 a ...)
 	NOT-FOR-US: Koobi
-CVE-2008-1121
+CVE-2008-1121 (SQL injection vulnerability in index.php in eazyPortal 1.0 and earlier ...)
 	NOT-FOR-US: eazyPortal
-CVE-2008-1120
+CVE-2008-1120 (Format string vulnerability in the embedded Internet Explorer componen ...)
 	NOT-FOR-US: ICQ
-CVE-2008-1119
+CVE-2008-1119 (Directory traversal vulnerability in include/doc/get_image.php in Cent ...)
 	NOT-FOR-US: Centreon
-CVE-2008-1118
+CVE-2008-1118 (Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does no ...)
 	NOT-FOR-US: Timbuktu Pro
-CVE-2008-1117
+CVE-2008-1117 (Directory traversal vulnerability in the Notes (aka Flash Notes or ins ...)
 	NOT-FOR-US: Timbuktu Pro
-CVE-2008-1116
+CVE-2008-1116 (Insecure method vulnerability in the Web Scan Object ActiveX control ( ...)
 	NOT-FOR-US: Rising Antivirus
-CVE-2008-1115
+CVE-2008-1115 (Unspecified vulnerability in Sun Solaris 8 directory functions allows  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1114
+CVE-2008-1114 (Vocera Communications wireless handsets, when using Protected Extensib ...)
 	NOT-FOR-US: Vocera
-CVE-2008-1113
+CVE-2008-1113 (Cisco Unified Wireless IP Phone 7921, when using Protected Extensible  ...)
 	NOT-FOR-US: Cisco
 CVE-2008-1112
 	REJECTED
-CVE-2008-1110
+CVE-2008-1110 (Buffer overflow in demuxers/demux_asf.c (aka the ASF demuxer) in the x ...)
 	- xine-lib 1.1.10-1
 	[etch] - xine-lib <not-affected> (Not affected per assessment of maintainer)
 	[sarge] - xine-lib <not-affected> (Not affected per assessment of maintainer)
-CVE-2008-1109
+CVE-2008-1109 (Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted re ...)
 	- evolution 2.22.2-1.1 (low; bug #484639)
 	[etch] - evolution <no-dsa> (Minor issue)
 	NOTE: Requires that the user accepts the iCalendar request and replies
 	NOTE: to it from the "Calendars" window.
-CVE-2008-1108
+CVE-2008-1108 (Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is ...)
 	- evolution 2.22.2-1.1 (low; bug #484639)
 	[etch] - evolution <no-dsa> (Minor issue)
 	NOTE: Requires that the ITip Formatter plugin is disabled, which is enabled by default.
-CVE-2008-1107
+CVE-2008-1107 (Multiple stack-based buffer overflows in the Danske Bank e-Sec Control ...)
 	NOT-FOR-US: Danske Bank e-Sec Control Module
-CVE-2008-1106
+CVE-2008-1106 (The management interface in Akamai Client (formerly Red Swoosh) 3322 a ...)
 	NOT-FOR-US: Akamai Client
-CVE-2008-1105
+CVE-2008-1105 (Heap-based buffer overflow in the receive_smb_raw function in util/soc ...)
 	{DSA-1590-1}
 	- samba 1:3.0.30-1 (medium; bug #483410)
-CVE-2008-1104
+CVE-2008-1104 (Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allo ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2008-1103
+CVE-2008-1103 (Multiple unspecified vulnerabilities in Blender have unknown impact an ...)
 	- blender 2.40-1 (low)
-CVE-2008-1102
+CVE-2008-1102 (Stack-based buffer overflow in the imb_loadhdr function in Blender 2.4 ...)
 	{DSA-1567-1}
 	- blender 2.45-5 (medium; bug #477808)
-CVE-2008-1101
+CVE-2008-1101 (Buffer overflow in kvdocve.dll in the KeyView document viewing engine  ...)
 	NOT-FOR-US: KeyView
-CVE-2008-1100
+CVE-2008-1100 (Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe. ...)
 	{DSA-1549-1}
 	- clamav 0.92.1~dfsg2-1
-CVE-2008-1099
+CVE-2008-1099 (_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not p ...)
 	{DSA-1514-1}
 	- moin 1.5.8-5.1
-CVE-2008-1098
+CVE-2008-1098 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8  ...)
 	{DSA-1514-1}
 	- moin 1.5.8-5.1
-CVE-2008-1097
+CVE-2008-1097 (Heap-based buffer overflow in the ReadPCXImage function in the PCX cod ...)
 	{DSA-1858-1}
 	- graphicsmagick 1.1.7-13
 	- imagemagick 7:6.2.4.5.dfsg1-1
-CVE-2008-1096
+CVE-2008-1096 (The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMa ...)
 	{DSA-1903-1 DSA-1858-1}
 	- imagemagick 7:6.3.7.9.dfsg1-2.1 (medium; bug #414370)
 	[lenny] - imagemagick 7:6.3.7.9.dfsg1-2.1+lenny1
 	- graphicsmagick 1.1.11-3.2 (medium; bug #414370)
-CVE-2008-1095
+CVE-2008-1095 (Unspecified vulnerability in the Internet Protocol (IP) implementation ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-1094
+CVE-2008-1094 (SQL injection vulnerability in index.cgi in the Account View page in B ...)
 	NOT-FOR-US: Barracuda Spam Firewall
-CVE-2008-1093
+CVE-2008-1093 (Acresso InstallShield Update Agent does not properly verify the authen ...)
 	NOT-FOR-US: FLEXnet Connect
-CVE-2008-1092
+CVE-2008-1092 (Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Data ...)
 	NOT-FOR-US: Microsoft Jet Database Engine
-CVE-2008-1091
+CVE-2008-1091 (Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2008-1090
+CVE-2008-1090 (Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-1089
+CVE-2008-1089 (Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-1088
+CVE-2008-1088 (Microsoft Project 2000 Service Release 1, 2002 SP1, and 2003 SP2 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-1087
+CVE-2008-1087 (Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP S ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-1086
+CVE-2008-1086 (The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Interne ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-1085
+CVE-2008-1085 (Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-1084
+CVE-2008-1084 (Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-1083
+CVE-2008-1083 (Heap-based buffer overflow in the CreateDIBPatternBrushPt function in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-1082
+CVE-2008-1082 (Opera before 9.26 allows remote attackers to "bypass sanitization filt ...)
 	NOT-FOR-US: Opera
-CVE-2008-1081
+CVE-2008-1081 (Opera before 9.26 allows user-assisted remote attackers to execute arb ...)
 	NOT-FOR-US: Opera
-CVE-2008-1080
+CVE-2008-1080 (Opera before 9.26 allows user-assisted remote attackers to read arbitr ...)
 	NOT-FOR-US: Opera
-CVE-2008-1079
+CVE-2008-1079 (The outboxWriteUnsent function in FTPThread.class in SendFile.jar for  ...)
 	NOT-FOR-US: Beehive Software SendFile.NET
-CVE-2008-1078
+CVE-2008-1078 (expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and  ...)
 	- am-utils <not-affected> (Affected code not present in the binary package)
 	NOTE: sendmail includes a copy of the script, which has been fixed since
 	NOTE: several years
-CVE-2008-1077
+CVE-2008-1077 (SQL injection vulnerability in index.php in the Simpleboard (com_simpl ...)
 	NOT-FOR-US: com_simpleboard component for Mambo and Joomla!
-CVE-2008-1076
+CVE-2008-1076 (Cross-site scripting (XSS) vulnerability in search.php in Interspire S ...)
 	NOT-FOR-US: Interspire Shopping Cart
-CVE-2008-1075
+CVE-2008-1075 (Cross-site scripting (XSS) vulnerability in index.php in Maian Cart 1. ...)
 	NOT-FOR-US: Maian Cart
-CVE-2008-1074
+CVE-2008-1074 (PHP remote file inclusion vulnerability in lib/head_auth.php in GROUP- ...)
 	NOT-FOR-US: GROUP-E
-CVE-2008-1073
+CVE-2008-1073 (Cross-site scripting (XSS) vulnerability in the report interface in In ...)
 	NOT-FOR-US: Internet Security Systems
-CVE-2008-1072
+CVE-2008-1072 (The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through 0.99 ...)
 	- wireshark 0.99.8-1 (low; bug #469488)
 	[etch] - wireshark <not-affected> (Only affected in conjunction with later libcairo)
 	[sarge] - ethereal <not-affected> (Only affected in conjunction with later libcairo)
-CVE-2008-1071
+CVE-2008-1071 (The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.9 ...)
 	- wireshark 0.99.8-1 (low; bug #469488)
 	[etch] - wireshark <not-affected> (Only affects 0.99.6 onwards)
 	[sarge] - ethereal <not-affected> (Only affects 0.99.6 onwards)
-CVE-2008-1070
+CVE-2008-1070 (The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through 0.9 ...)
 	- wireshark 0.99.8-1 (low; bug #469488)
 	[etch] - wireshark <not-affected> (Only affects 0.99.5 onwards)
 	[sarge] - ethereal <not-affected> (Only affects 0.99.5 onwards)
-CVE-2008-1069
+CVE-2008-1069 (Multiple PHP remote file inclusion vulnerabilities in Quantum Game Lib ...)
 	NOT-FOR-US: Quantum Game Library
-CVE-2008-1068
+CVE-2008-1068 (Multiple PHP remote file inclusion vulnerabilities in Portail Web Php  ...)
 	NOT-FOR-US: Portail Web Php
-CVE-2008-1067
+CVE-2008-1067 (Multiple PHP remote file inclusion vulnerabilities in phpQLAdmin 2.2.7 ...)
 	- phpqladmin <removed>
-CVE-2008-1066
+CVE-2008-1066 (The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used ...)
 	{DSA-1520-1}
 	- smarty 2.6.18-1.1 (low; bug #469492)
 	- moodle <not-affected> (low; bug #471158)
 	- gallery2 2.2.5-2 (low; bug #471160)
 	- mahara 0.9.2-2 (low; bug #471201)
 	NOTE: Moodle ships Smarty but uses it in only one file, which doesn't use regex_replace
-CVE-2008-1065
+CVE-2008-1065 (Multiple SQL injection vulnerabilities in index.php in the XM-Memberst ...)
 	NOT-FOR-US: xmmemberstats module for XOOPS
-CVE-2008-1064
+CVE-2008-1064 (Cross-site scripting (XSS) vulnerability in images.php in the Red Mexi ...)
 	NOT-FOR-US: rmgs module for XOOPs
-CVE-2008-1063
+CVE-2008-1063 (Cross-site scripting (XSS) vulnerability index.php in the XM-Membersta ...)
 	NOT-FOR-US: xmmemberstats module for XOOPS
-CVE-2008-1062
+CVE-2008-1062 (InterVideo IMC Server (aka IMCSvr.exe) and InterVideo Home Theater (ak ...)
 	NOT-FOR-US: InterVideo IMC Server/InterVideo Home Theater
-CVE-2008-1061
+CVE-2008-1061 (Multiple cross-site scripting (XSS) vulnerabilities in the Sniplets 1. ...)
 	NOT-FOR-US: Sniplets plugin for WordPress
-CVE-2008-1060
+CVE-2008-1060 (Eval injection vulnerability in modules/execute.php in the Sniplets 1. ...)
 	NOT-FOR-US: Sniplets plugin for WordPress
-CVE-2008-1059
+CVE-2008-1059 (PHP remote file inclusion vulnerability in modules/syntax_highlight.ph ...)
 	NOT-FOR-US: Sniplets plugin for WordPress
-CVE-2008-1058
+CVE-2008-1058 (The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2  ...)
 	NOT-FOR-US: OpenBSD
-CVE-2008-1057
+CVE-2008-1057 (The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 a ...)
 	NOT-FOR-US: OpenBSD
-CVE-2008-1056
+CVE-2008-1056 (Multiple stack-based buffer overflows in Symark PowerBroker 2.8 throug ...)
 	NOT-FOR-US: Symark PowerBroker
-CVE-2008-1111
+CVE-2008-1111 (mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instea ...)
 	{DSA-1513-1}
 	- lighttpd 1.4.18-4 (low; bug #469307)
-CVE-2008-1142
+CVE-2008-1142 (rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment va ...)
 	- rxvt 1:2.6.4-13 (unimportant; bug #469296)
-CVE-2008-1055
+CVE-2008-1055 (Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 an ...)
 	NOT-FOR-US: SurgeMail
-CVE-2008-1054
+CVE-2008-1054 (Stack-based buffer overflow in the _lib_spawn_user_getpid function in  ...)
 	NOT-FOR-US: SurgeMail
-CVE-2008-1053
+CVE-2008-1053 (Multiple SQL injection vulnerabilities in the Kose_Yazilari module for ...)
 	NOT-FOR-US: Kose_Yazilari module for PHP-Nuke
-CVE-2008-1052
+CVE-2008-1052 (The administration web interface in NetWin SurgeFTP 2.3a2 and earlier  ...)
 	NOT-FOR-US: SurgeFTP
-CVE-2008-1051
+CVE-2008-1051 (PHP remote file inclusion vulnerability in include/body_comm.inc.php i ...)
 	NOT-FOR-US: phpProfiles
-CVE-2008-1050
+CVE-2008-1050 (SQL injection vulnerability in index.php in Softbiz Jokes &amp; Funny  ...)
 	NOT-FOR-US: Softbiz Jokes & Funny Pics Script
-CVE-2008-1049
+CVE-2008-1049 (Unspecified vulnerability in Parallels SiteStudio before 1.7.2, and 1. ...)
 	NOT-FOR-US: Parallels SiteStudio
-CVE-2008-1048
+CVE-2008-1048 (Cross-site scripting (XSS) vulnerability in manager/xmedia.php in Plum ...)
 	NOT-FOR-US: Plume CMS
-CVE-2008-1047
+CVE-2008-1047 (Cross-site scripting (XSS) vulnerability in tiki-edit_article.php in T ...)
 	- tikiwiki <removed>
-CVE-2008-1046
+CVE-2008-1046 (PHP remote file inclusion vulnerability in footer.php in Quinsonnas Ma ...)
 	NOT-FOR-US: Quinsonnas Mail Checker
-CVE-2008-1045
+CVE-2008-1045 (Cross-site scripting (XSS) vulnerability in the file tree navigation f ...)
 	NOT-FOR-US: OpenCMS
-CVE-2008-1044
+CVE-2008-1044 (Stack-based buffer overflow in the Quantum Streaming Player (Quantum S ...)
 	NOT-FOR-US: Quantum Streaming Player
-CVE-2008-1043
+CVE-2008-1043 (PHP remote file inclusion vulnerability in templates/default/header.in ...)
 	NOT-FOR-US: Linux Web Shop
-CVE-2008-1042
+CVE-2008-1042 (Directory traversal vulnerability in include/body.inc.php in Linux Web ...)
 	NOT-FOR-US: Linux Web Shop
-CVE-2008-1041
+CVE-2008-1041 (Cross-site scripting (XSS) vulnerability in mwhois.php in Matt Wilson  ...)
 	NOT-FOR-US: MWhois
-CVE-2008-1040
+CVE-2008-1040 (Buffer overflow in the Single Sign-On function in Fujitsu Interstage A ...)
 	NOT-FOR-US: Fujitsu Interstage Application Server
-CVE-2008-1039
+CVE-2008-1039 (SQL injection vulnerability in question.asp in PORAR WEBBOARD allows r ...)
 	NOT-FOR-US: PORAR WEBBOARD
-CVE-2008-1038
+CVE-2008-1038 (PHP remote file inclusion vulnerability in mod/mod.extmanager.php in D ...)
 	NOT-FOR-US: DBHcms
-CVE-2008-1037
+CVE-2008-1037 (Cross-site scripting (XSS) vulnerability in the file listing function  ...)
 	NOT-FOR-US: Packeteer PacketShaper
-CVE-2008-1036
+CVE-2008-1036 (The International Components for Unicode (ICU) library in Apple Mac OS ...)
 	{DSA-1762-1}
 	- icu 4.0.1-1
-CVE-2008-1035
+CVE-2008-1035 (Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows re ...)
 	NOT-FOR-US: Apple iCal
-CVE-2008-1034
+CVE-2008-1034 (Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows  ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2008-1033
+CVE-2008-1033 (The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug ...)
 	- cups 1.3.7-1
-CVE-2008-1032
+CVE-2008-1032 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X befo ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2008-1031
+CVE-2008-1031 (CoreGraphics in Apple Mac OS X before 10.5.3 allows remote attackers t ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2008-1030
+CVE-2008-1030 (Integer overflow in the CFDataReplaceBytes function in the CFData API  ...)
 	NOT-FOR-US: Apple Mac OS
 CVE-2008-1029
 	RESERVED
-CVE-2008-1028
+CVE-2008-1028 (Unspecified vulnerability in AppKit in Apple Mac OS X before 10.5 allo ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2008-1027
+CVE-2008-1027 (Apple Filing Protocol (AFP) Server in Apple Mac OS X before 10.5.3 doe ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2008-1026
+CVE-2008-1026 (Integer overflow in the PCRE regular expression compiler (JavaScriptCo ...)
 	- webkit 0~svn31841-1
 	- qt4-x11 <not-affected> (vulnerable code not present referring to upstream)
 	NOTE: for qt, referring to upstream this only applies to optimized code in safari 3.1
 	NOTE: branch and qt 4.4 is based on safari 3.0
-CVE-2008-1025
+CVE-2008-1025 (Cross-site scripting (XSS) vulnerability in Apple WebKit, as used in S ...)
 	- qt4-x11 <not-affected> (QUrl handles URLs and is not vulnerable to this CVE, see bug #479644)
 	- webkit 0~svn31841-1 (medium)
-CVE-2008-1024
+CVE-2008-1024 (Apple Safari before 3.1.1, when running on Windows XP or Vista, allows ...)
 	NOT-FOR-US: Apple Safari
-CVE-2008-1023
+CVE-2008-1023 (Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime b ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1022
+CVE-2008-1022 (Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows rem ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1021
+CVE-2008-1021 (Heap-based buffer overflow in Animation codec content handling in Appl ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1020
+CVE-2008-1020 (Heap-based buffer overflow in quickTime.qts in Apple QuickTime before  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1019
+CVE-2008-1019 (Heap-based buffer overflow in quickTime.qts in Apple QuickTime before  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1018
+CVE-2008-1018 (Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1017
+CVE-2008-1017 (Heap-based buffer overflow in clipping region (aka crgn) atom handling ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1016
+CVE-2008-1016 (Apple QuickTime before 7.4.5 does not properly handle movie media trac ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1015
+CVE-2008-1015 (Buffer overflow in the data reference atom handling in Apple QuickTime ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1014
+CVE-2008-1014 (Apple QuickTime before 7.4.5 does not properly handle external URLs in ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1013
+CVE-2008-1013 (Apple QuickTime before 7.4.5 enables deserialization of QTJava objects ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-1012
+CVE-2008-1012 (Unspecified vulnerability in Apple AirPort Extreme Base Station Firmwa ...)
 	NOT-FOR-US: Apple AirPort
-CVE-2008-1011
+CVE-2008-1011 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple S ...)
 	NOTE: As far as I can see this has been addressed in revision 30871.
 	NOTE: Please doublecheck.
-CVE-2008-1010
+CVE-2008-1010 (Buffer overflow in WebKit, as used in Apple Safari before 3.1, allows  ...)
 	NOTE: As far as I can see this has been addressed in revision 31388.
 	NOTE: Please doublecheck.
-CVE-2008-1009
+CVE-2008-1009 (Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple  ...)
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1008
+CVE-2008-1008 (Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple  ...)
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1007
+CVE-2008-1007 (WebCore, as used in Apple Safari before 3.1, does not enforce the fram ...)
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1006
+CVE-2008-1006 (Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple  ...)
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1005
+CVE-2008-1005 (WebCore, as used in Apple Safari before 3.1, does not properly mask th ...)
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1004
+CVE-2008-1004 (Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple  ...)
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1003
+CVE-2008-1003 (Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple  ...)
 	NOT-FOR-US: WebCore (Apple Safari)
-CVE-2008-1002
+CVE-2008-1002 (Cross-site scripting (XSS) vulnerability in Apple Safari before 3.1 al ...)
 	NOT-FOR-US: Apple Safari
-CVE-2008-1001
+CVE-2008-1001 (Cross-site scripting (XSS) vulnerability in Apple Safari before 3.1, w ...)
 	NOT-FOR-US: Apple Safari
-CVE-2008-1000
+CVE-2008-1000 (Directory traversal vulnerability in ContentServer.py in the Wiki Serv ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0999
+CVE-2008-0999 (Apple Mac OS X 10.5.2 allows user-assisted attackers to cause a denial ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0998
+CVE-2008-0998 (Unspecified vulnerability in NetCfgTool in the System Configuration co ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0997
+CVE-2008-0997 (Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0996
+CVE-2008-0996 (The Printing component in Apple Mac OS X 10.5.2 might save authenticat ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0995
+CVE-2008-0995 (The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when p ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0994
+CVE-2008-0994 (Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF fil ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0993
+CVE-2008-0993 (Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0992
+CVE-2008-0992 (Array index error in pax in Apple Mac OS X 10.5.2 allows context-depen ...)
 	- pax <not-affected> (issue specific to Apple's version of pax)
 CVE-2008-0991
 	RESERVED
-CVE-2008-0990
+CVE-2008-0990 (notifyd in Apple Mac OS X 10.4.11 does not verify that Mach port death ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0989
+CVE-2008-0989 (Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 1 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0988
+CVE-2008-0988 (Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0987
+CVE-2008-0987 (Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0986
+CVE-2008-0986 (Integer overflow in the BMP::readFromStream method in the libsgl.so li ...)
 	NOT-FOR-US: Google Android
-CVE-2008-0985
+CVE-2008-0985 (Heap-based buffer overflow in the GIF library in the WebKit framework  ...)
 	NOT-FOR-US: Google Android
-CVE-2008-0984
+CVE-2008-0984 (The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as us ...)
 	{DSA-1543-1 DTSA-116-1}
 	- vlc 0.8.6.e-1 (medium; bug #467652)
 CVE-2008-6426
 	REJECTED
-CVE-2008-0982
+CVE-2008-0982 (Spyce - Python Server Pages (PSP) 2.1.3 allows remote attackers to obt ...)
 	NOT-FOR-US: Spyce
-CVE-2008-0981
+CVE-2008-0981 (Open redirect vulnerability in spyce/examples/redirect.spy in Spyce -  ...)
 	NOT-FOR-US: Spyce
-CVE-2008-0980
+CVE-2008-0980 (Multiple cross-site scripting (XSS) vulnerabilities in Spyce - Python  ...)
 	NOT-FOR-US: Spyce
-CVE-2008-0979
+CVE-2008-0979 (Stack consumption vulnerability in Double-Take 5.0.0.2865 and earlier, ...)
 	NOT-FOR-US: Double-Take
-CVE-2008-0978
+CVE-2008-0978 (Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWo ...)
 	NOT-FOR-US: Double-Take
-CVE-2008-0977
+CVE-2008-0977 (Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWo ...)
 	NOT-FOR-US: Double-Take
-CVE-2008-0976
+CVE-2008-0976 (Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWo ...)
 	NOT-FOR-US: Double-Take
-CVE-2008-0975
+CVE-2008-0975 (Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWo ...)
 	NOT-FOR-US: Double-Take
-CVE-2008-0974
+CVE-2008-0974 (Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWo ...)
 	NOT-FOR-US: Double-Take
-CVE-2008-0973
+CVE-2008-0973 (Buffer overflow in Double-Take (aka HP StorageWorks Storage Mirroring) ...)
 	NOT-FOR-US: Double-Take
 CVE-2008-0972
 	RESERVED
-CVE-2008-0971
+CVE-2008-0971 (Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Ba ...)
 	NOT-FOR-US: Barracuda Networks products
 CVE-2008-0970
 	RESERVED
@@ -14944,914 +14944,914 @@ CVE-2008-0969
 	RESERVED
 CVE-2008-0968
 	RESERVED
-CVE-2008-0967
+CVE-2008-0967 (Untrusted search path vulnerability in vmware-authd in VMware Workstat ...)
 	- vmware-package <removed> (low; bug #486110)
 	[etch] - vmware-package <no-dsa> (Contrib not supported)
 	NOTE: vmware-package just builds vmware from downloaded tarballs, the package itself
 	NOTE: does not download them, however it needs to update its hashes for upstream tarballs
 CVE-2008-0966
 	RESERVED
-CVE-2008-0965
+CVE-2008-0965 (Multiple format string vulnerabilities in snoop on Sun Solaris 8 throu ...)
 	NOT-FOR-US: Sun Solaris and OpenSolaris
-CVE-2008-0964
+CVE-2008-0964 (Multiple stack-based buffer overflows in snoop on Sun Solaris 8 throug ...)
 	NOT-FOR-US: Sun Solaris and OpenSolaris
-CVE-2008-0963
+CVE-2008-0963 (Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allo ...)
 	NOT-FOR-US: EMC DiskXtender
-CVE-2008-0962
+CVE-2008-0962 (Stack-based buffer overflow in the File System Manager for EMC DiskXte ...)
 	NOT-FOR-US: EMC DiskXtender
-CVE-2008-0961
+CVE-2008-0961 (EMV DiskXtender 6.20.060 has a hard-coded login and password, which al ...)
 	NOT-FOR-US: EMC DiskXtender
-CVE-2008-0960
+CVE-2008-0960 (SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x b ...)
 	{DSA-1663-1 DTSA-137-1}
 	- net-snmp 5.4.1~dfsg-8.1 (medium; bug #485945)
-CVE-2008-0959
+CVE-2008-0959 (Multiple stack-based buffer overflows in the Online Media Technologies ...)
 	NOT-FOR-US: Online Media Technologies NCTSoft NCTAudioInformation2
-CVE-2008-0958
+CVE-2008-0958 (Multiple stack-based buffer overflows in the Online Media Technologies ...)
 	NOT-FOR-US: Online Media Technologies NCTSoft NCTAudioInformation2
-CVE-2008-0957
+CVE-2008-0957 (Multiple stack-based buffer overflows in the PhotoStockPlus Uploader T ...)
 	NOT-FOR-US: PhotoStockPlus Uploader Tool ActiveX control
-CVE-2008-0956
+CVE-2008-0956 (Multiple stack-based buffer overflows in the BackWeb Lite Install Runn ...)
 	NOT-FOR-US: BackWeb Lite Install
-CVE-2008-0955
+CVE-2008-0955 (Stack-based buffer overflow in the Creative Software AutoUpdate Engine ...)
 	NOT-FOR-US: CTSUEng.ocx
 CVE-2008-0954
 	RESERVED
-CVE-2008-0953
+CVE-2008-0953 (The StartApp function in the HPISDataManagerLib.Datamgr ActiveX contro ...)
 	NOT-FOR-US: ActiveX control
-CVE-2008-0952
+CVE-2008-0952 (The AppendStringToFile function in the HPISDataManagerLib.Datamgr Acti ...)
 	NOT-FOR-US: ActiveX control
-CVE-2008-0951
+CVE-2008-0951 (Microsoft Windows Vista does not properly enforce the NoDriveTypeAutoR ...)
 	NOT-FOR-US: Windows Vista
 CVE-2008-0950
 	RESERVED
-CVE-2008-0949
+CVE-2008-0949 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 7.x thr ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2008-0948
+CVE-2008-0948 (Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by  ...)
 	- krb5 1.3-1 (unimportant)
 	NOTE: glibc properly defines FD_SETSIZE
-CVE-2008-0947
+CVE-2008-0947 (Buffer overflow in the RPC library used by libgssrpc and kadmind in MI ...)
 	{DSA-1524-1}
 	- krb5 1.6.dfsg.3~beta1-4 (medium)
-CVE-2008-0946
+CVE-2008-0946 (Directory traversal vulnerability in the IM Server (aka IMserve or IMs ...)
 	NOT-FOR-US: Ipswitch Instant Messaging
-CVE-2008-0945
+CVE-2008-0945 (Format string vulnerability in the logging function in the IM Server ( ...)
 	NOT-FOR-US: Ipswitch Instant Messaging
-CVE-2008-0944
+CVE-2008-0944 (Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote atta ...)
 	NOT-FOR-US: Ipswitch Instant Messaging
-CVE-2008-0943
+CVE-2008-0943 (Multiple SQL injection vulnerabilities in Eagle Software Aeries Browse ...)
 	NOT-FOR-US: Eagle Software Aeries
-CVE-2008-0942
+CVE-2008-0942 (SQL injection vulnerability in GradebookStuScores.asp in Eagle Softwar ...)
 	NOT-FOR-US: Eagle Software Aeries Browser Interface
-CVE-2008-0941
+CVE-2008-0941 (Cross-site scripting (XSS) vulnerability in Eagle Software Aeries Brow ...)
 	NOT-FOR-US: Eagle Software Aeries Browser Interface
-CVE-2008-0940
+CVE-2008-0940 (Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before  ...)
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2008-0939
+CVE-2008-0939 (Multiple SQL injection vulnerabilities in wppa.php in the WP Photo Alb ...)
 	NOT-FOR-US: WP Photo Album plugin for WordPress
-CVE-2008-0938
+CVE-2008-0938 (Unspecified vulnerability in the dynamic tracing framework (DTrace) in ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-0937
+CVE-2008-0937 (SQL injection vulnerability in index.php in the Tiny Event (tinyevent) ...)
 	NOT-FOR-US: XOOPS module
-CVE-2008-0936
+CVE-2008-0936 (SQL injection vulnerability in index.php in the Prayer List (prayerlis ...)
 	NOT-FOR-US: XOOPS module
-CVE-2008-0935
+CVE-2008-0935 (Stack-based buffer overflow in the Novell iPrint Control ActiveX contr ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2008-0934
+CVE-2008-0934 (SQL injection vulnerability in modules.php in the NukeC 2.1 module for ...)
 	NOT-FOR-US: NukeC phpnuke module
-CVE-2008-0933
+CVE-2008-0933 (Multiple race conditions in the CPU Performance Counters (cpc) subsyst ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-0931
+CVE-2008-0931 (w_export.c in XWine 1.0.1 on Debian GNU/Linux sets insecure permission ...)
 	{DSA-1526-1}
 	- xwine <removed> (low; bug #468050)
-CVE-2008-0930
+CVE-2008-0930 (w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to  ...)
 	{DSA-1526-1}
 	- xwine <removed> (low; bug #468050)
 CVE-2008-0929
 	REJECTED
-CVE-2008-0928
+CVE-2008-0928 (Qemu 0.9.1 and earlier does not perform range checks for block device  ...)
 	{DSA-1799-1 DTSA-133-1}
 	- qemu 0.9.1+svn20081207-1 (low; bug #469649)
 	- xen-unstable 3.2.0-4 (bug #469654)
 	- xen-3 3.2.0-4 (bug #469662)
 	- xen-3.0 <removed>
 	- kvm 63+dfsg-1 (bug #469666)
-CVE-2008-0927
+CVE-2008-0927 (dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remo ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-0926
+CVE-2008-0926 (The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 an ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-0925
+CVE-2008-0925 (Cross-site scripting (XSS) vulnerability in the iMonitor interface in  ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-0924
+CVE-2008-0924 (Stack-based buffer overflow in the DoLBURPRequest function in libnldap ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2008-0923
+CVE-2008-0923 (Directory traversal vulnerability in the Shared Folders feature for VM ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
-CVE-2008-0922
+CVE-2008-0922 (SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke al ...)
 	NOT-FOR-US: Manuales module for PHP-Nuke
-CVE-2008-0921
+CVE-2008-0921 (SQL injection vulnerability in news.php in beContent 0.3.1 allows remo ...)
 	NOT-FOR-US: beContent
-CVE-2008-0920
+CVE-2008-0920 (SQL injection vulnerability in port/modifyportform.php in Open Source  ...)
 	NOT-FOR-US: OSSIM
-CVE-2008-0919
+CVE-2008-0919 (Cross-site scripting (XSS) vulnerability in session/login.php in Open  ...)
 	NOT-FOR-US: OSSIM
-CVE-2008-0918
+CVE-2008-0918 (SQL injection vulnerability in includes/count_dl_or_link.inc.php in th ...)
 	NOT-FOR-US: astatsPRO component for Joomla!
-CVE-2008-0917
+CVE-2008-0917 (Cross-site scripting (XSS) vulnerability in Tor World Tor Search 1.1 a ...)
 	NOT-FOR-US: TorWorld software
-CVE-2008-0916
+CVE-2008-0916 (SQL injection vulnerability in the Highwood Design hwdVideoShare (com_ ...)
 	NOT-FOR-US: com_hwdvideoshare component for Joomla!
-CVE-2008-0915
+CVE-2008-0915 (The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and  ...)
 	NOT-FOR-US: IPdiva SSL VPN Server
-CVE-2008-0914
+CVE-2008-0914 (Multiple cross-site scripting (XSS) vulnerabilities in the Mediation s ...)
 	NOT-FOR-US: IPdiva SSL VPN Server
-CVE-2008-0913
+CVE-2008-0913 (Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB  ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2008-0912
+CVE-2008-0912 (Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink ...)
 	NOT-FOR-US: Sybase MobiLink
-CVE-2008-0911
+CVE-2008-0911 (SQL injection vulnerability in productdetails.php in iScripts MultiCar ...)
 	NOT-FOR-US: iScripts MultiCart
-CVE-2008-0910
+CVE-2008-0910 (Multiple F-Secure anti-virus products, including Internet Security 200 ...)
 	NOT-FOR-US: Internet Security, Anti-Virus, F-Secure Protection Service
-CVE-2008-0909
+CVE-2008-0909 (Cross-site scripting (XSS) vulnerability in browse.asp in Schoolwires  ...)
 	NOT-FOR-US: Schoolwires Academic Portal
-CVE-2008-0908
+CVE-2008-0908 (SQL injection vulnerability in browse.asp in Schoolwires Academic Port ...)
 	NOT-FOR-US: Schoolwires Academic Portal
-CVE-2008-0907
+CVE-2008-0907 (SQL injection vulnerability in the Inhalt module for PHP-Nuke allows r ...)
 	NOT-FOR-US: Inhalt module for PHP-Nuke
-CVE-2008-0906
+CVE-2008-0906 (SQL injection vulnerability in the Docum module in PHP-Nuke allows rem ...)
 	NOT-FOR-US: Docum module for PHP-Nuke
-CVE-2008-0905
+CVE-2008-0905 (Directory traversal vulnerability in globsy_edit.php in Globsy 1.0 all ...)
 	NOT-FOR-US: Globsy
-CVE-2008-0904
+CVE-2008-0904 (Unspecified vulnerability in the download servlet in BEA Plumtree Coll ...)
 	NOT-FOR-US: BEA Plumtree Collaboration and AquaLogic Interaction
-CVE-2008-0903
+CVE-2008-0903 (Unspecified vulnerability in the BEA WebLogic Server and Express proxy ...)
 	NOT-FOR-US: BEA WebLogic Server and Express proxy plugin
-CVE-2008-0902
+CVE-2008-0902 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Se ...)
 	NOT-FOR-US: BEA WebLogic Server and Express
-CVE-2008-0901
+CVE-2008-0901 (BEA WebLogic Server and Express 7.0 through 10.0 allows remote attacke ...)
 	NOT-FOR-US: BEA WebLogic Server and Express
-CVE-2008-0900
+CVE-2008-0900 (Session fixation vulnerability in BEA WebLogic Server and Express 8.1  ...)
 	NOT-FOR-US: BEA WebLogic Server and Express
-CVE-2008-0899
+CVE-2008-0899 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
 	NOT-FOR-US: BEA WebLogic Server and Express
-CVE-2008-0898
+CVE-2008-0898 (The distributed queue feature in JMS in BEA WebLogic Server 9.0 throug ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2008-0897
+CVE-2008-0897 (Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allo ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2008-0896
+CVE-2008-0896 (BEA WebLogic Portal 10.0 and 9.2 through MP1, when an administrator de ...)
 	NOT-FOR-US: BEA WebLogic Portal
-CVE-2008-0895
+CVE-2008-0895 (BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remot ...)
 	NOT-FOR-US: BEA WebLogic Server and Express
-CVE-2008-0894
+CVE-2008-0894 (Apple Safari might allow remote attackers to obtain potentially sensit ...)
 	NOT-FOR-US: Apple Safari
-CVE-2008-0893
+CVE-2008-0893 (Red Hat Administration Server, as used by Red Hat Directory Server 8.0 ...)
 	NOT-FOR-US: Red Hat Administration Server
-CVE-2008-0892
+CVE-2008-0892 (The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Ad ...)
 	NOT-FOR-US: Red Hat Administration Server
-CVE-2008-0891
+CVE-2008-0891 (Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS s ...)
 	{DTSA-136-1}
 	- openssl 0.9.8g-10.1 (bug #483379)
 	[etch] - openssl <not-affected> (Vulnerable code (TLS extensions) not present)
-CVE-2008-0890
+CVE-2008-0890 (Red Hat Directory Server 7.1 before SP4 uses insecure permissions for  ...)
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2008-0889
+CVE-2008-0889 (Red Hat Directory Server 8.0, when running on Red Hat Enterprise Linux ...)
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2008-0888
+CVE-2008-0888 (The NEEDBITS macro in the inflate_dynamic function in inflate.c for un ...)
 	{DSA-1522-1}
 	- unzip 5.52-11
-CVE-2008-0887
+CVE-2008-0887 (gnome-screensaver before 2.22.1, when a remote authentication server i ...)
 	- gnome-screensaver 2.22.2-1 (low; bug #475154)
 	[etch] - gnome-screensaver <no-dsa> (Minor issue, requires attacker with high level of control, see #433964)
 CVE-2008-0886
 	REJECTED
 CVE-2008-0885
 	RESERVED
-CVE-2008-0884
+CVE-2008-0884 (The Replace function in the capp-lspp-config script in the (1) lspp-ea ...)
 	NOT-FOR-US: Red Hat Enterprise Linux
 	NOTE: Seems Redhat specific
-CVE-2008-0882
+CVE-2008-0882 (Double free vulnerability in the process_browse_data function in CUPS  ...)
 	{DSA-1530-1 DTSA-117-1}
 	- cupsys 1.3.6-1 (medium; bug #467653)
 	- cups 1.3.6-1 (medium; bug #467653)
 	[sarge] - cupsys <no-dsa> (Remote DoS is minor issue)
-CVE-2008-0881
+CVE-2008-0881 (SQL injection vulnerability in modules.php in the Okul 1.0 module for  ...)
 	NOT-FOR-US: Okul module for PHP-Nuke
-CVE-2008-0880
+CVE-2008-0880 (SQL injection vulnerability in modules.php in the EasyContent module f ...)
 	NOT-FOR-US: EasyContent module for PHP-Nuke
-CVE-2008-0879
+CVE-2008-0879 (SQL injection vulnerability in modules.php in the Web_Links module for ...)
 	NOT-FOR-US: Web_Links module for PHP-Nuke
-CVE-2008-0878
+CVE-2008-0878 (SQL injection vulnerability in index.php in the MyAnnonces 1.7 and ear ...)
 	NOT-FOR-US: MyAnnonces module for RunCMS
-CVE-2008-0877
+CVE-2008-0877 (Multiple cross-site scripting (XSS) vulnerabilities in Jinzora Media J ...)
 	NOT-FOR-US: Jinzora Media Jukebox
-CVE-2008-0876
+CVE-2008-0876 (Unspecified vulnerability in the SEWB3 messaging service in Hitachi SE ...)
 	NOT-FOR-US: Hitachi SEWB3
-CVE-2008-0875
+CVE-2008-0875 (Unspecified vulnerability in Hitachi EUR Print Manager, and related Cl ...)
 	NOT-FOR-US: Hitachi EUR Print Manager
-CVE-2008-0874
+CVE-2008-0874 (SQL injection vulnerability in index.php in the eEmpregos module for X ...)
 	NOT-FOR-US: eEmpregos module for XOOPS
-CVE-2008-0873
+CVE-2008-0873 (SQL injection vulnerability in index.php in the jlmZone Classifieds mo ...)
 	NOT-FOR-US: jlmZone Classifieds module for XOOPS
-CVE-2008-0872
+CVE-2008-0872 (Cross-site scripting (XSS) vulnerability in SmarterTools SmarterMail E ...)
 	NOT-FOR-US: SmarterTools SmarterMail Enterprise
-CVE-2008-0871
+CVE-2008-0871 (Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.2 ...)
 	NOT-FOR-US: Now SMS/MMS Gateway
-CVE-2008-0870
+CVE-2008-0870 (BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under cer ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0869
+CVE-2008-0869 (Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1  ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0868
+CVE-2008-0868 (Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0867
+CVE-2008-0867 (Cross-site scripting (XSS) vulnerability in portal/server.pt in BEA Aq ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0866
+CVE-2008-0866 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Wo ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0865
+CVE-2008-0865 (Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allow ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0864
+CVE-2008-0864 (Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertent ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0863
+CVE-2008-0863 (BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web s ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2008-0862
+CVE-2008-0862 (IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2008-0861
+CVE-2008-0861 (Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus  ...)
 	NOT-FOR-US: IBM Lotus Quickplace
-CVE-2008-0860
+CVE-2008-0860 (Unspecified vulnerability in the AVG plugin in Kerio MailServer before ...)
 	NOT-FOR-US: Kerio MailServer
-CVE-2008-0859
+CVE-2008-0859 (Unspecified vulnerability in Kerio MailServer before 6.5.0 allows remo ...)
 	NOT-FOR-US: Kerio MailServer
-CVE-2008-0858
+CVE-2008-0858 (Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer  ...)
 	NOT-FOR-US: Kerio MailServer
-CVE-2008-0857
+CVE-2008-0857 (SQL injection vulnerability in index.php in WoltLab Burning Board 3.0. ...)
 	NOT-FOR-US: WoltLab Burning Board
-CVE-2008-0856
+CVE-2008-0856 (Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow remo ...)
 	NOT-FOR-US: e-Vision CMS
-CVE-2008-0855
+CVE-2008-0855 (SQL injection vulnerability in the Facile Forms (com_facileforms) comp ...)
 	NOT-FOR-US: com_facileforms component for Joomla! and Mambo
-CVE-2008-0854
+CVE-2008-0854 (SQL injection vulnerability in the com_salesrep component for Joomla!  ...)
 	NOT-FOR-US: com_salesrep component for Joomla! and Mambo
-CVE-2008-0853
+CVE-2008-0853 (SQL injection vulnerability in the com_detail component for Joomla! an ...)
 	NOT-FOR-US: com_detail component for Joomla! and Mambo
-CVE-2008-0852
+CVE-2008-0852 (freeSSHd 1.2 and earlier allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: freeSSHd
-CVE-2008-0851
+CVE-2008-0851 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 al ...)
 	- dokeos <itp> (bug #433352)
-CVE-2008-0850
+CVE-2008-0850 (Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote at ...)
 	- dokeos <itp> (bug #433352)
-CVE-2008-0849
+CVE-2008-0849 (SQL injection vulnerability in index.php in the Downloads (com_downloa ...)
 	NOT-FOR-US: com_downloads component for Mambo and Joomla!
-CVE-2008-0848
+CVE-2008-0848 (Cross-site scripting (XSS) vulnerability in lostsheep.php in Crafty Sy ...)
 	NOT-FOR-US: Crafty Syntax Live Help
-CVE-2008-0847
+CVE-2008-0847 (SQL injection vulnerability in print.php in the myTopics module for XO ...)
 	NOT-FOR-US: myTopics module for XOOPS
-CVE-2008-0846
+CVE-2008-0846 (SQL injection vulnerability in index.php in the com_profile component  ...)
 	NOT-FOR-US: com_profile component for Mambo and Joomla!
-CVE-2008-0845
+CVE-2008-0845 (SQL injection vulnerability in wp-people-popup.php in Dean Logan WP-Pe ...)
 	NOT-FOR-US: WP-People plugin for WordPress
-CVE-2008-0844
+CVE-2008-0844 (SQL injection vulnerability in index.php in the PccookBook (com_pccook ...)
 	NOT-FOR-US: com_pccookbook component for Joomla!
-CVE-2008-0843
+CVE-2008-0843 (StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive in ...)
 	NOT-FOR-US: StatCounteX
-CVE-2008-0842
+CVE-2008-0842 (SQL injection vulnerability in index.php in the Classifier (com_clasif ...)
 	NOT-FOR-US: com_clasifier component for Joomla!
-CVE-2008-0841
+CVE-2008-0841 (SQL injection vulnerability in index.php in the Giorgio Nordo Ricette  ...)
 	NOT-FOR-US: com_ricette component for Joomla!
-CVE-2008-0840
+CVE-2008-0840 (Directory traversal vulnerability in view_member.php in Public Warehou ...)
 	NOT-FOR-US: LightBlog
-CVE-2008-0839
+CVE-2008-0839 (SQL injection vulnerability in refer.php in the astatsPRO (com_astatsp ...)
 	NOT-FOR-US: com_astatspro component for Joomla!
-CVE-2008-0838
+CVE-2008-0838 (Multiple cross-site scripting (XSS) vulnerabilities in the web adminis ...)
 	NOT-FOR-US: Sophos, Email Security Appliance
-CVE-2008-0837
+CVE-2008-0837 (Cross-site scripting (XSS) vulnerability in the log feature in the Joh ...)
 	NOT-FOR-US: John Godley Search Unleashed plugin for WordPress
-CVE-2008-0836
+CVE-2008-0836 (Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solar ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-0835
+CVE-2008-0835 (SQL injection vulnerability in indexen.php in Simple CMS 1.0.3 and ear ...)
 	NOT-FOR-US: Simple CMS
-CVE-2008-0834
+CVE-2008-0834 (Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS bef ...)
 	NOT-FOR-US: Lotus Quickr
-CVE-2008-0833
+CVE-2008-0833 (SQL injection vulnerability in index.php in the com_galeria component  ...)
 	NOT-FOR-US: com_galeria component for Joomla!
-CVE-2008-0832
+CVE-2008-0832 (SQL injection vulnerability in index.php in the Kemas Antonius com_qur ...)
 	NOT-FOR-US: com_quran component for Mambo and Joomla!
-CVE-2008-0831
+CVE-2008-0831 (Multiple SQL injection vulnerabilities in the Rapid Recipe (com_rapidr ...)
 	NOT-FOR-US: com_rapidrecipe component for Joomla!
-CVE-2008-0830
+CVE-2008-0830 (The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allow ...)
 	NOT-FOR-US: DPAP server for iPhoto
-CVE-2008-0829
+CVE-2008-0829 (SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! ( ...)
 	NOT-FOR-US: com_jooget component for Joomla! and Mambo
-CVE-2008-0828
+CVE-2008-0828 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.5 an ...)
 	NOT-FOR-US: ATutor
-CVE-2008-0827
+CVE-2008-0827 (SQL injection vulnerability in the Books module of PHP-Nuke allows rem ...)
 	NOT-FOR-US: Books module of PHP-Nuke
-CVE-2008-0826
+CVE-2008-0826 (Cross-site scripting (XSS) vulnerability in Claroline before 1.8.9 all ...)
 	NOT-FOR-US: Claroline
-CVE-2008-0825
+CVE-2008-0825 (SQL injection vulnerability in Claroline before 1.8.9 allows remote at ...)
 	NOT-FOR-US: Claroline
-CVE-2008-0824
+CVE-2008-0824 (Unspecified vulnerability in the php2phps function in Claroline before ...)
 	NOT-FOR-US: Claroline
-CVE-2008-0823
+CVE-2008-0823 (Unspecified vulnerability in the Header Image Module before 5.x-1.1 fo ...)
 	NOT-FOR-US: Header Image Module for Drupal
-CVE-2008-0822
+CVE-2008-0822 (Directory traversal vulnerability in index.php in Scribe 0.2 allows re ...)
 	NOT-FOR-US: Scribe
-CVE-2008-0821
+CVE-2008-0821 (SQL injection vulnerability in admin/traffic/knowledge_searchm.php in  ...)
 	NOT-FOR-US: PHP Live!
 CVE-2008-0820
 	NOT-FOR-US: Etomite CMS
-CVE-2008-0819
+CVE-2008-0819 (Directory traversal vulnerability in index.php in PlutoStatus Locator  ...)
 	NOT-FOR-US: PlutoStatus Locator
-CVE-2008-0818
+CVE-2008-0818 (Multiple directory traversal vulnerabilities in freePHPgallery 0.6 all ...)
 	NOT-FOR-US: freePHPgallery
-CVE-2008-0817
+CVE-2008-0817 (SQL injection vulnerability in the com_filebase component for Joomla!  ...)
 	NOT-FOR-US: com_filebase component for Joomla! and Mambo
-CVE-2008-0816
+CVE-2008-0816 (SQL injection vulnerability in the com_sg component for Joomla! and Ma ...)
 	NOT-FOR-US: com_sg component for Joomla! and Mambo
-CVE-2008-0815
+CVE-2008-0815 (SQL injection vulnerability in the com_mezun component for Joomla! all ...)
 	NOT-FOR-US: com_mezun component for Joomla!
-CVE-2008-0814
+CVE-2008-0814 (Directory traversal vulnerability in download.php in Tracking Requirem ...)
 	NOT-FOR-US: TRUC
-CVE-2008-0813
+CVE-2008-0813 (Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3. ...)
 	NOT-FOR-US: XPWeb
-CVE-2008-0812
+CVE-2008-0812 (Directory traversal vulnerability in DMS/index.php in BanPro DMS 1.0 a ...)
 	NOT-FOR-US: BanPro DMS
-CVE-2008-0811
+CVE-2008-0811 (Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote at ...)
 	NOT-FOR-US: AuraCMS
-CVE-2008-0810
+CVE-2008-0810 (SQL injection vulnerability in the com_scheduling module for Joomla! a ...)
 	NOT-FOR-US: com_scheduling module for Joomla! and Mambo
-CVE-2008-0805
+CVE-2008-0805 (Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b ...)
 	NOT-FOR-US: PHPizabi
-CVE-2008-0804
+CVE-2008-0804 (PHP remote file inclusion vulnerability in usrgetform.html in Thecus N ...)
 	NOT-FOR-US: Thecus N5200Pro NAS Server
-CVE-2008-0983
+CVE-2008-0983 (lighttpd 1.4.18, and possibly other versions before 1.5.0, does not pr ...)
 	{DSA-1609-1}
 	- lighttpd 1.4.18-2 (medium; bug #466663)
-CVE-2008-0883
+CVE-2008-0883 (acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 	NOTE: http://www.openwall.com/lists/oss-security/2008/02/21/5
-CVE-2008-0803
+CVE-2008-0803 (Multiple PHP remote file inclusion vulnerabilities in LookStrike Lan M ...)
 	NOT-FOR-US: LookStrike Lan Manager
-CVE-2008-0802
+CVE-2008-0802 (SQL injection vulnerability in index.php in the MediaSlide (com_medias ...)
 	NOT-FOR-US: Joomla component
-CVE-2008-0801
+CVE-2008-0801 (SQL injection vulnerability in index.php in the PAXXGallery (com_paxxg ...)
 	NOT-FOR-US: Joomla component
-CVE-2008-0800
+CVE-2008-0800 (SQL injection vulnerability in index.php in the McQuiz (com_mcquiz) 0. ...)
 	NOT-FOR-US: Joomla component
-CVE-2008-0799
+CVE-2008-0799 (SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 a ...)
 	NOT-FOR-US: Joomla component
-CVE-2008-0798
+CVE-2008-0798 (Multiple directory traversal vulnerabilities in artmedic webdesign web ...)
 	NOT-FOR-US: artmedic webdesign
-CVE-2008-0797
+CVE-2008-0797 (Directory traversal vulnerability in lib/download.php in iTheora 1.0 r ...)
 	NOT-FOR-US: iTheora
-CVE-2008-0796
+CVE-2008-0796 (SQL injection vulnerability in threads.php in Nuboard 0.5 allows remot ...)
 	NOT-FOR-US: Nuboard
-CVE-2008-0795
+CVE-2008-0795 (SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1 ...)
 	NOT-FOR-US: Joomla component
-CVE-2008-0794
+CVE-2008-0794 (Directory traversal vulnerability in user/header.php in Affiliate Mark ...)
 	NOT-FOR-US: Affiliate Market
-CVE-2008-0793
+CVE-2008-0793 (Multiple cross-site scripting (XSS) vulnerabilities in search.asp in T ...)
 	NOT-FOR-US: Tendenci CMS
-CVE-2008-0792
+CVE-2008-0792 (Multiple F-Secure anti-virus products, including Internet Security 200 ...)
 	NOT-FOR-US: F-Secure
-CVE-2008-0791
+CVE-2008-0791 (ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remote attac ...)
 	NOT-FOR-US: Intermate WinIPDS
-CVE-2008-0790
+CVE-2008-0790 (Directory traversal vulnerability in ipdsserver.exe in Intermate WinIP ...)
 	NOT-FOR-US: Intermate WinIPDS
-CVE-2008-0789
+CVE-2008-0789 (SQL injection vulnerability in countdown.php in LI-Scripts LI-Countdow ...)
 	NOT-FOR-US: LI Countdown
-CVE-2008-0788
+CVE-2008-0788 (Multiple cross-site request forgery (CSRF) vulnerabilities in MyBB 1.2 ...)
 	NOT-FOR-US: MyBB
-CVE-2008-0787
+CVE-2008-0787 (SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before  ...)
 	NOT-FOR-US: MyBB
-CVE-2008-0786
+CVE-2008-0786 (CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 be ...)
 	- cacti 0.8.7b-1
 	[etch] - cacti <not-affected> (Not exploitable with Etch PHP version)
 	NOTE: this is prevented by PHP since 4.4.2/5.1.2.
-CVE-2008-0785
+CVE-2008-0785 (Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b an ...)
 	{DSA-1569-1}
 	- cacti 0.8.7b-1 (low; bug #530919)
-CVE-2008-0784
+CVE-2008-0784 (graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows  ...)
 	- cacti 0.8.7b-1 (unimportant)
 	NOTE: paths on Debian already known
-CVE-2008-0783
+CVE-2008-0783 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 bef ...)
 	{DSA-1569-1}
 	- cacti 0.8.7b-1 (low; bug #530919)
 	[etch] - cacti 0.8.6i-3.3
-CVE-2008-0782
+CVE-2008-0782 (Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows ...)
 	{DSA-1514-1}
 	- moin 1.5.8-5.1
-CVE-2008-0781
+CVE-2008-0781 (Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFi ...)
 	{DSA-1514-1}
 	- moin 1.5.8-5.1
-CVE-2008-0780
+CVE-2008-0780 (Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through 1.5 ...)
 	{DSA-1514-1}
 	- moin 1.5.8-5.1
-CVE-2008-0932
+CVE-2008-0932 (diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows rem ...)
 	{DSA-1508-1}
 	- sword 1.5.9-8 (high; bug #466449)
 	NOTE: source package named sword, binary package named diatheke
-CVE-2008-0806
+CVE-2008-0806 (wyrd 1.4.3b allows local users to overwrite arbitrary files via a syml ...)
 	- wyrd 1.4.3b-4 (low; bug #466382)
 	[etch] - wyrd <no-dsa> (Minor issue)
-CVE-2008-0807
+CVE-2008-0807 (lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before ...)
 	{DSA-1507-1}
 	- turba2 2.1.7-1 (bug #464058)
-CVE-2008-0779
+CVE-2008-0779 (The fortimon.sys device driver in Fortinet FortiClient Host Security 3 ...)
 	NOT-FOR-US: Fortinet FortiClient 3.0
-CVE-2008-0778
+CVE-2008-0778 (Multiple stack-based buffer overflows in an ActiveX control in QTPlugi ...)
 	NOT-FOR-US: QuickTime
-CVE-2008-0777
+CVE-2008-0777 (The sendfile system call in FreeBSD 5.5 through 7.0 does not check the ...)
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (FreeBSD not supported)
 	- kfreebsd-6 6.3-3 (bug #483152)
 	- kfreebsd-7 7.0-1 (bug #483152)
-CVE-2008-0776
+CVE-2008-0776 (SQL injection vulnerability in detail.php in iTechBids Gold 6.0 allows ...)
 	NOT-FOR-US: iTechBids
-CVE-2008-0775
+CVE-2008-0775 (Cross-site scripting (XSS) vulnerability in sboxDB.php in Simple Machi ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-0774
+CVE-2008-0774 (Cross-site scripting (XSS) vulnerability in search.cgi in Loris Hotel  ...)
 	NOT-FOR-US: Loris Hotel Reservations
-CVE-2008-0773
+CVE-2008-0773 (SQL injection vulnerability in Phil Taylor Comments (com_comments, aka ...)
 	NOT-FOR-US: Mambo plugin
-CVE-2008-0772
+CVE-2008-0772 (SQL injection vulnerability in index.php in the com_doc component for  ...)
 	NOT-FOR-US: Mambo plugin
-CVE-2008-0771
+CVE-2008-0771 (Multiple SQL injection vulnerabilities in default.asp in Site2Nite all ...)
 	NOT-FOR-US: Site2Nite
-CVE-2008-0770
+CVE-2008-0770 (SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and ear ...)
 	NOT-FOR-US: ibProArcade
-CVE-2008-0769
+CVE-2008-0769 (Cross-site scripting (XSS) vulnerability in Livelink ECM 9.0.0 through ...)
 	NOT-FOR-US: Livelink
-CVE-2008-0768
+CVE-2008-0768 (Multiple stack-based and heap-based buffer overflows in the Windows RP ...)
 	NOT-FOR-US: IBM Informix
-CVE-2008-0767
+CVE-2008-0767 (ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earl ...)
 	NOT-FOR-US: ExtremeZ-IP
-CVE-2008-0766
+CVE-2008-0766 (Stack-based buffer overflow in RpmSrvc.exe in Brooks Remote Print Mana ...)
 	NOT-FOR-US: Brooks Remote Print Manager
-CVE-2008-0765
+CVE-2008-0765 (Multiple cross-site scripting (XSS) vulnerabilities in artmedic webdes ...)
 	NOT-FOR-US: artmedic
-CVE-2008-0764
+CVE-2008-0764 (Format string vulnerability in the logging function in Larson Network  ...)
 	NOT-FOR-US: Larson Network Print Server
-CVE-2008-0763
+CVE-2008-0763 (Stack-based buffer overflow in NPSpcSVR.exe in Larson Network Print Se ...)
 	NOT-FOR-US: Larson Network Print Server
-CVE-2008-0762
+CVE-2008-0762 (SQL injection vulnerability in index.php in the com_iomezun component  ...)
 	NOT-FOR-US: com_iomezun component for Joomla!
-CVE-2008-0761
+CVE-2008-0761 (SQL injection vulnerability in index.php in the Prince Clan Chess Club ...)
 	NOT-FOR-US: Prince Clan Chess Club component for Joomla!
-CVE-2008-0760
+CVE-2008-0760 (Directory traversal vulnerability in SafeNet Sentinel Protection Serve ...)
 	NOT-FOR-US: SafeNet Sentinel Protection Server
-CVE-2008-0759
+CVE-2008-0759 (ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earl ...)
 	NOT-FOR-US: ExtremeZ-IP
-CVE-2008-0758
+CVE-2008-0758 (Multiple directory traversal vulnerabilities in the Zidget/HTTP embedd ...)
 	NOT-FOR-US: ExtremeZ-IP
-CVE-2008-0757
+CVE-2008-0757 (Cross-site scripting (XSS) vulnerability in index.php in MercuryBoard  ...)
 	NOT-FOR-US: MercuryBoard
-CVE-2008-0756
+CVE-2008-0756 (The LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cy ...)
 	NOT-FOR-US: cyan soft Opium OPI software
-CVE-2008-0755
+CVE-2008-0755 (Format string vulnerability in the ReportSysLogEvent function in the L ...)
 	NOT-FOR-US: cyan soft Opium OPI software
-CVE-2008-0754
+CVE-2008-0754 (Multiple SQL injection vulnerabilities in index.php in the Rapid Recip ...)
 	NOT-FOR-US: Rapid Recipe component for Joomla!
-CVE-2008-0753
+CVE-2008-0753 (SQL injection vulnerability in calendar.php in Virtual War (VWar) 1.5  ...)
 	NOT-FOR-US: Virtual War
-CVE-2008-0752
+CVE-2008-0752 (SQL injection vulnerability in index.php in the Neogallery (com_neogal ...)
 	NOT-FOR-US: Neogallery component for Joomla!
-CVE-2008-0751
+CVE-2008-0751 (Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 pl ...)
 	NOT-FOR-US: Spartacus plugin (freetag) for serendipity
-CVE-2008-0750
+CVE-2008-0750 (SQL injection vulnerability in philboard_forum.asp in Husrev BlackBoar ...)
 	NOT-FOR-US: Husrev BlackBoard
-CVE-2008-0749
+CVE-2008-0749 (Cross-site scripting (XSS) vulnerability in index.php in Calimero.CMS  ...)
 	NOT-FOR-US: Calimero.CMS
-CVE-2008-0748
+CVE-2008-0748 (Buffer overflow in the Sony AxRUploadServer.AxRUploadControl.1 ActiveX ...)
 	NOT-FOR-US: Sony ImageStation
-CVE-2008-0747
+CVE-2008-0747 (Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlie ...)
 	NOT-FOR-US: COWON America jetAudio
-CVE-2008-0746
+CVE-2008-0746 (SQL injection vulnerability in index.php in the Gallery (com_gallery)  ...)
 	NOT-FOR-US: Gallery component for Mambo and Joomla!
-CVE-2008-0745
+CVE-2008-0745 (Directory traversal vulnerability in aides/index.php in DomPHP 0.82 al ...)
 	NOT-FOR-US: DomPHP
-CVE-2008-0744
+CVE-2008-0744 (SQL injection vulnerability in user_login.asp in PreProjects.com Pre H ...)
 	NOT-FOR-US: Pre Hotels & Resorts Management System
-CVE-2008-0743
+CVE-2008-0743 (PHP remote file inclusion vulnerability in members_help.php in Joovili ...)
 	NOT-FOR-US: Joovili
-CVE-2008-0742
+CVE-2008-0742 (Multiple directory traversal vulnerabilities in PowerScripts PowerNews ...)
 	NOT-FOR-US: PowerNews
-CVE-2008-0741
+CVE-2008-0741 (Unspecified vulnerability in the PropFilePasswordEncoder utility in IB ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-0740
+CVE-2008-0740 (IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2 ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-0739
+CVE-2008-0739 (SQL injection vulnerability in admin/SA_shipFedExMeter.asp in CandyPre ...)
 	NOT-FOR-US: CandyPress
-CVE-2008-0738
+CVE-2008-0738 (Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, an ...)
 	NOT-FOR-US: CandyPress
-CVE-2008-0737
+CVE-2008-0737 (SQL injection vulnerability in admin/utilities_ConfigHelp.asp in Candy ...)
 	NOT-FOR-US: CandyPress
-CVE-2008-0736
+CVE-2008-0736 (admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and possibly  ...)
 	NOT-FOR-US: CandyPress
-CVE-2008-0735
+CVE-2008-0735 (SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in Au ...)
 	NOT-FOR-US: AuraCMS
-CVE-2008-0734
+CVE-2008-0734 (SQL injection vulnerability in class_auth.php in Limbo CMS 1.0.4.2, an ...)
 	NOT-FOR-US: Limbo CMS
-CVE-2008-0733
+CVE-2008-0733 (SQL injection vulnerability in index.php in CS Team Counter Strike Por ...)
 	NOT-FOR-US: CS Team Counter Strike Portals
-CVE-2008-0732
+CVE-2008-0732 (The init script for Apache Geronimo on SUSE Linux follows symlinks whe ...)
 	NOT-FOR-US: Apache Geronimo
-CVE-2008-0731
+CVE-2008-0731 (The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not pr ...)
 	NOT-FOR-US: SuSE kernel/apparmor
-CVE-2008-0730
+CVE-2008-0730 (The (1) Simplified Chinese, (2) Traditional Chinese, (3) Korean, and ( ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-0729
+CVE-2008-0729 (Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers  ...)
 	NOT-FOR-US: Apple iPhone
-CVE-2008-0728
+CVE-2008-0728 (The unmew11 function in libclamav/mew.c in libclamav in ClamAV before  ...)
 	- clamav 0.92.1~dfsg-1
 	[etch] - clamav <not-affected> (Vulnerable code not present)
-CVE-2008-0727
+CVE-2008-0727 (Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2008-0726
+CVE-2008-0726 (Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows  ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2008-0725
+CVE-2008-0725 (Multiple heap-based buffer overflows in the (1) FTP service and (2) ad ...)
 	NOT-FOR-US: Titan FTP Server
-CVE-2008-0724
+CVE-2008-0724 (The Everything Development Engine in The Everything Development System ...)
 	NOT-FOR-US: The Everything Development System
-CVE-2008-0723
+CVE-2008-0723 (Cross-site scripting (XSS) vulnerability in mynews.inc.php in MyNews 1 ...)
 	NOT-FOR-US: MyNews
-CVE-2008-0722
+CVE-2008-0722 (Cross-site scripting (XSS) vulnerability in index.php in Pagetool 1.0. ...)
 	NOT-FOR-US: Pagetool
-CVE-2008-0721
+CVE-2008-0721 (SQL injection vulnerability in index.php in the Sermon (com_sermon) 0. ...)
 	NOT-FOR-US: Sermon component for Mambo
-CVE-2008-0720
+CVE-2008-0720 (Cross-site scripting (XSS) vulnerability in Webmin 1.370 and 1.390 and ...)
 	- webmin <removed>
-CVE-2008-0719
+CVE-2008-0719 (SQL injection vulnerability in customer_testimonials.php in the Custom ...)
 	NOT-FOR-US: osCommerce Online Merchant
-CVE-2008-0718
+CVE-2008-0718 (Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in S ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-0717
+CVE-2008-0717 (Cross-site scripting (XSS) vulnerability in Caching Proxy (CP) 5.1 thr ...)
 	NOT-FOR-US: IBM WebSphere Edge Server
-CVE-2008-0716
+CVE-2008-0716 (The agent in Symantec Altiris Notification Server before 6.0 SP3 R7 al ...)
 	NOT-FOR-US: Symantec Altiris Notification Server
-CVE-2008-0715
+CVE-2008-0715 (Buffer overflow in ACDSee Photo Manager 8.1, 9.0, and 10.0 allows user ...)
 	NOT-FOR-US: ACDSee
-CVE-2008-0714
+CVE-2008-0714 (SQL injection vulnerability in users.php in Mihalism Multi Host allows ...)
 	NOT-FOR-US: Mihalism Multi Host
-CVE-2008-0713
+CVE-2008-0713 (Unspecified vulnerability in the FTP server for HP-UX B.11.11, B.11.23 ...)
 	NOT-FOR-US: HP-UX B
-CVE-2008-0712
+CVE-2008-0712 (Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics)  ...)
 	NOT-FOR-US: HP HPeDiag
-CVE-2008-0711
+CVE-2008-0711 (Unspecified vulnerability in the embedded management console in HP iLO ...)
 	NOT-FOR-US: HP iLO-2 management processors
 CVE-2008-0710
 	REJECTED
-CVE-2008-0709
+CVE-2008-0709 (Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, ...)
 	NOT-FOR-US: HP Select Identity
-CVE-2008-0708
+CVE-2008-0708 (HP USB 2.0 Floppy Drive Key product options (1) 442084-B21 and (2) 442 ...)
 	NOT-FOR-US: HP USB 2.0 Floppy Drive Key
-CVE-2008-0707
+CVE-2008-0707 (HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX B ...)
 	NOT-FOR-US: HP-UX
-CVE-2008-0706
+CVE-2008-0706 (Unspecified vulnerability in the BIOS F.26 and earlier for the HP Comp ...)
 	NOT-FOR-US: BIOS F.26
 CVE-2008-0705
 	REJECTED
-CVE-2008-0704
+CVE-2008-0704 (Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Servi ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2008-0703
+CVE-2008-0703 (Multiple directory traversal vulnerabilities in sflog! 0.96 allow remo ...)
 	NOT-FOR-US: sflog!
-CVE-2008-0702
+CVE-2008-0702 (Multiple heap-based buffer overflows in Titan FTP Server 6.03 and 6.0. ...)
 	NOT-FOR-US: Titan FTP Server
-CVE-2008-0701
+CVE-2008-0701 (ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check per ...)
 	NOT-FOR-US: Magnolia CE
-CVE-2008-0700
+CVE-2008-0700 (Cross-site scripting (XSS) vulnerability in search.php in Crux Softwar ...)
 	NOT-FOR-US: CruxCMS
-CVE-2008-0699
+CVE-2008-0699 (Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_S ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-0698
+CVE-2008-0698 (Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-0697
+CVE-2008-0697 (Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-0696
+CVE-2008-0696 (IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-0695
+CVE-2008-0695 (SQL injection vulnerability in index.php in BookmarkX script 2007 allo ...)
 	NOT-FOR-US: BookmarkX
-CVE-2008-0694
+CVE-2008-0694 (Cross-site scripting (XSS) vulnerability in the HTTP Server in IBM OS/ ...)
 	NOT-FOR-US: IBM OS/400 V5R3M0 and V5R4M0
-CVE-2008-0693
+CVE-2008-0693 (Stack-based buffer overflow in PQCore.exe in Print Manager Plus 2008 C ...)
 	NOT-FOR-US: Print Manager Plus
-CVE-2008-0692
+CVE-2008-0692 (SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and  ...)
 	NOT-FOR-US: iTechBids
-CVE-2008-0691
+CVE-2008-0691 (Multiple cross-site scripting (XSS) vulnerabilities in admin_panel.php ...)
 	NOT-FOR-US: WP-Footnotes plugin for WordPress
-CVE-2008-0690
+CVE-2008-0690 (SQL injection vulnerability in index.php in the mosDirectory (com_dire ...)
 	NOT-FOR-US: mosDirectory component for Joomla!
-CVE-2008-0689
+CVE-2008-0689 (SQL injection vulnerability in index.php in the Marketplace (com_marke ...)
 	NOT-FOR-US: Marketplace component for Joomla!
-CVE-2008-0688
+CVE-2008-0688 (Cross-site scripting (XSS) vulnerability in catalog.php in Smartscript ...)
 	NOT-FOR-US: Smartscript Domain Trader
-CVE-2008-0687
+CVE-2008-0687 (Cross-site scripting (XSS) vulnerability in siteadmin/editor_files/inc ...)
 	NOT-FOR-US: Youtube Clone Script
-CVE-2008-0686
+CVE-2008-0686 (SQL injection vulnerability in index.php in the NeoReferences (com_neo ...)
 	NOT-FOR-US: NeoReferences component for Joomla!
-CVE-2008-0685
+CVE-2008-0685 (SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 all ...)
 	NOT-FOR-US: iTechClassifieds
-CVE-2008-0684
+CVE-2008-0684 (Cross-site scripting (XSS) vulnerability in ViewCat.php in iTechClassi ...)
 	NOT-FOR-US: iTechClassifieds
-CVE-2008-0683
+CVE-2008-0683 (SQL injection vulnerability in shiftthis-preview.php in the ShiftThis  ...)
 	NOT-FOR-US: st_newsletter plugin for WordPress
-CVE-2008-0682
+CVE-2008-0682 (SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin ...)
 	NOT-FOR-US: Wordspew plugin for Wordpress
-CVE-2008-0681
+CVE-2008-0681 (SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remot ...)
 	NOT-FOR-US: PHPShop
-CVE-2008-0680
+CVE-2008-0680 (SNMPd in MikroTik RouterOS 3.2 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: MicroTik RouterOS
-CVE-2008-0679
+CVE-2008-0679 (Cross-site scripting (XSS) vulnerability in index.php in BlogPHP 2.0 a ...)
 	NOT-FOR-US: BlogPHP
-CVE-2008-0678
+CVE-2008-0678 (SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote  ...)
 	NOT-FOR-US: BlogPHP
-CVE-2008-0677
+CVE-2008-0677 (SQL injection vulnerability in blog.php in A-Blog 2 allows remote atta ...)
 	NOT-FOR-US: A-Blog
-CVE-2008-0676
+CVE-2008-0676 (Cross-site scripting (XSS) vulnerability in search.php in A-Blog 2 all ...)
 	NOT-FOR-US: A-Blog
-CVE-2008-0675
+CVE-2008-0675 (SQL injection vulnerability in cms/index.pl in The Everything Developm ...)
 	NOT-FOR-US: Everything Development System
-CVE-2008-0674
+CVE-2008-0674 (Buffer overflow in PCRE before 7.6 allows remote attackers to execute  ...)
 	{DSA-1499-1 DTSA-115-1}
 	- pcre3 7.6-1 (medium)
 	- php5 <not-affected> (Uses sytem copy)
-CVE-2008-0673
+CVE-2008-0673 (TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an inbo ...)
 	- tintin++ 1.97.9-2 (low; bug #465643)
 	[etch] - tintin++ <no-dsa> (Minor issue)
-CVE-2008-0672
+CVE-2008-0672 (The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 ...)
 	- tintin++ 1.97.9-2 (low; bug #465643)
 	[etch] - tintin++ <no-dsa> (Minor issue)
-CVE-2008-0671
+CVE-2008-0671 (Stack-based buffer overflow in the add_line_buffer function in TinTin+ ...)
 	- tintin++ 1.97.9-2 (medium; bug #465643)
 	[etch] - tintin++ <no-dsa> (Minor issue)
-CVE-2008-0670
+CVE-2008-0670 (SQL injection vulnerability in index.php in the Noticias (com_noticias ...)
 	NOT-FOR-US: Noticias component for Joomla!
-CVE-2008-0669
+CVE-2008-0669 (Cross-site scripting (XSS) vulnerability in search.cgi in Sift Unity a ...)
 	NOT-FOR-US: Sift Unity
-CVE-2008-0668
+CVE-2008-0668 (The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnom ...)
 	{DSA-1546-1}
 	- gnumeric 1.8.1-1 (medium)
-CVE-2008-0667
+CVE-2008-0667 (The DOC.print function in the Adobe JavaScript API, as used by Adobe A ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2008-0663
+CVE-2008-0663 (Novell Challenge Response Client (LCM) 2.7.5 and earlier, as used with ...)
 	NOT-FOR-US: Novell Challenge Response Client
-CVE-2008-0662
+CVE-2008-0662 (The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureCli ...)
 	NOT-FOR-US: SecuRemote/SecureClient NGX R60 and R56
-CVE-2008-0661
+CVE-2008-0661 (Buffer overflow in dBpowerAMP Audio Player Release 2 allows remote att ...)
 	NOT-FOR-US: dBpowerAMP Audio Player
-CVE-2008-0660
+CVE-2008-0660 (Multiple stack-based buffer overflows in Aurigma Image Uploader Active ...)
 	NOT-FOR-US: Aurigma Image Uploader
-CVE-2008-0659
+CVE-2008-0659 (Stack-based buffer overflow in Aurigma Image Uploader ActiveX control  ...)
 	NOT-FOR-US: Aurigma Image Uploader
-CVE-2008-0658
+CVE-2008-0658 (slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.3 ...)
 	{DSA-1541-1}
 	- openldap2.3 2.4.7-6.1 (low; bug #465875)
 	- openldap2.2 <removed>
 	- openldap2 <not-affected> (slapd not built from this version)
 	NOTE: only authenticated users can exploit this
-CVE-2008-0657
+CVE-2008-0657 (Multiple unspecified vulnerabilities in the Java Runtime Environment i ...)
 	- sun-java6 6-02-1
 	- sun-java5 1.5.0-14-1
 	[etch] - sun-java5 1.5.0-14-1etch1
-CVE-2008-0656
+CVE-2008-0656 (Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documen ...)
 	NOT-FOR-US: Documentum Administrator and Webtop
-CVE-2008-0655
+CVE-2008-0655 (Multiple unspecified vulnerabilities in Adobe Reader and Acrobat befor ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2008-0654
+CVE-2008-0654 (Multiple directory traversal vulnerabilities in Azucar CMS 1.3 allow r ...)
 	NOT-FOR-US: Azucar CMS
-CVE-2008-0653
+CVE-2008-0653 (SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0. ...)
 	NOT-FOR-US: Ynews component for Joomla!
-CVE-2008-0652
+CVE-2008-0652 (SQL injection vulnerability in index.php in the Downloads (com_downloa ...)
 	NOT-FOR-US: Downloads for Mambo and Joomla!
-CVE-2008-0651
+CVE-2008-0651 (SQL injection vulnerability in login.php in Pedro Santana Codice CMS a ...)
 	NOT-FOR-US: Pedro Santana Codice CMS
-CVE-2008-0650
+CVE-2008-0650 (SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta al ...)
 	NOT-FOR-US: Simple OS CMS
-CVE-2008-0649
+CVE-2008-0649 (SQL injection vulnerability in detail.php in Astanda Directory Project ...)
 	NOT-FOR-US: Astanda Directory Project
-CVE-2008-0648
+CVE-2008-0648 (Multiple PHP remote file inclusion vulnerabilities in OpenSiteAdmin 0. ...)
 	NOT-FOR-US: OpenSiteAdmin
-CVE-2008-0647
+CVE-2008-0647 (Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGame ...)
 	NOT-FOR-US: Ourgame GLWorld
-CVE-2008-0646
+CVE-2008-0646 (The bdecode_recursive function in include/libtorrent/bencode.hpp in Ra ...)
 	- deluge-torrent 0.5.8.3-1 (bug #463357)
-CVE-2008-0645
+CVE-2008-0645 (Multiple PHP remote file inclusion vulnerabilities in Portail Web Php  ...)
 	NOT-FOR-US: Portail Web Php
-CVE-2008-0644
+CVE-2008-0644 (Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to bypa ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2008-0643
+CVE-2008-0643 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 and  ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2008-0642
+CVE-2008-0642 (Cross-site scripting (XSS) vulnerability in files created by Adobe Rob ...)
 	NOT-FOR-US: Adobe
-CVE-2008-0808
+CVE-2008-0808 (Cross-site scripting (XSS) vulnerability in the meta plugin in Ikiwiki ...)
 	{DSA-1523-1}
 	- ikiwiki 2.31.1 (low; bug #465110)
-CVE-2008-0809
+CVE-2008-0809 (Cross-site scripting (XSS) vulnerability in the htmlscrubber in Ikiwik ...)
 	{DSA-1523-1}
 	- ikiwiki 2.31.1 (low; bug #465110)
 CVE-2008-0641
 	RESERVED
-CVE-2008-0640
+CVE-2008-0640 (Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 ...)
 	NOT-FOR-US: Symantec Ghost Solution Suite
-CVE-2008-0639
+CVE-2008-0639 (Stack-based buffer overflow in the EnumPrinters function in the Spoole ...)
 	NOT-FOR-US: Novell Client
-CVE-2008-0638
+CVE-2008-0638 (Heap-based buffer overflow in the Veritas Enterprise Administrator (VE ...)
 	NOT-FOR-US: Veritas Enterprise Administrator service
 CVE-2008-0637
 	RESERVED
-CVE-2008-0636
+CVE-2008-0636 (Level Platforms, Inc. (LPI) Managed Workplace Service Center 4.x, 5.x  ...)
 	NOT-FOR-US: Managed Workplace Service Center
-CVE-2008-0635
+CVE-2008-0635 (Unspecified vulnerability in the delivery engine in Openads 2.4.0 thro ...)
 	NOT-FOR-US: Openads
-CVE-2008-0634
+CVE-2008-0634 (Buffer overflow in the NamoInstaller.NamoInstall.1 ActiveX control in  ...)
 	NOT-FOR-US: NamoInstaller
-CVE-2008-0633
+CVE-2008-0633 (Buffer overflow in Anon Proxy Server 0.102 and earlier, when user auth ...)
 	NOT-FOR-US: Anon Proxy Server
 	NOTE: this is not anon-proxy
-CVE-2008-0632
+CVE-2008-0632 (Unrestricted file upload vulnerability in cp_upload_image.php in Light ...)
 	NOT-FOR-US: LightBlog
-CVE-2008-0631
+CVE-2008-0631 (Multiple ActiveX controls in MailBee.dll in MailBee Objects 5.5 allow  ...)
 	NOT-FOR-US: MailBee Objects
-CVE-2008-0630
+CVE-2008-0630 (Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allow ...)
 	{DSA-1496-1 DTSA-114-1}
 	- mplayer 1.0~rc2-8 (medium; bug #464532)
-CVE-2008-0629
+CVE-2008-0629 (Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r258 ...)
 	{DSA-1496-1 DTSA-114-1}
 	- mplayer 1.0~rc2-8 (medium; bug #464533)
-CVE-2008-0628
+CVE-2008-0628 (The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Upd ...)
 	- sun-java6 6-04-1
 	- sun-java5 <not-affected> (referring to sun this vulnerability is not present in java5)
 CVE-2008-0627
 	REJECTED
 CVE-2008-0626
 	REJECTED
-CVE-2008-0625
+CVE-2008-0625 (Buffer overflow in the MediaGrid ActiveX control (mediagrid.dll) in Ya ...)
 	NOT-FOR-US: Yahoo! Music Jukebox
-CVE-2008-0624
+CVE-2008-0624 (Buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in  ...)
 	NOT-FOR-US: Yahoo! JukeBox
-CVE-2008-0623
+CVE-2008-0623 (Stack-based buffer overflow in the YMP Datagrid ActiveX control (datag ...)
 	NOT-FOR-US: Yahoo! JukeBox
-CVE-2008-0622
+CVE-2008-0622 (Cross-site scripting (XSS) vulnerability in RaidenHTTPD 2.0.19 and ear ...)
 	NOT-FOR-US: RaidenHTTPD
-CVE-2008-0621
+CVE-2008-0621 (Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 an ...)
 	NOT-FOR-US: SAP GUI
-CVE-2008-0620
+CVE-2008-0620 (SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before  ...)
 	NOT-FOR-US: SAPSprint
-CVE-2008-0619
+CVE-2008-0619 (Buffer overflow in NeroMediaPlayer.exe in Nero Media Player 1.4.0.35 a ...)
 	NOT-FOR-US: Nero Media Player
-CVE-2008-0618
+CVE-2008-0618 (Multiple cross-site scripting (XSS) vulnerabilities in the DMSGuestboo ...)
 	NOT-FOR-US: DMSGuestbook for wordpress
-CVE-2008-0617
+CVE-2008-0617 (Multiple cross-site scripting (XSS) vulnerabilities in the DMSGuestboo ...)
 	NOT-FOR-US: DMSGuestbook for wordpress
-CVE-2008-0616
+CVE-2008-0616 (SQL injection vulnerability in the administration panel in the DMSGues ...)
 	NOT-FOR-US: DMSGuestbook for wordpress
-CVE-2008-0615
+CVE-2008-0615 (Directory traversal vulnerability in wp-admin/admin.php in the DMSGues ...)
 	NOT-FOR-US: DMSGuestbook for wordpress
-CVE-2008-0614
+CVE-2008-0614 (SQL injection vulnerability in index.php in Photokorn Gallery 1.543 al ...)
 	NOT-FOR-US: Photokorn Gallery
-CVE-2008-0613
+CVE-2008-0613 (Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows  ...)
 	NOT-FOR-US: XOOPS
-CVE-2008-0612
+CVE-2008-0612 (Directory traversal vulnerability in htdocs/install/index.php in XOOPS ...)
 	NOT-FOR-US: XOOPS
-CVE-2008-0611
+CVE-2008-0611 (SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery S ...)
 	NOT-FOR-US: RMSOFT Gallery module for XOOPS
-CVE-2008-0610
+CVE-2008-0610 (Stack-based buffer overflow in the ClientConnection::NegotiateProtocol ...)
 	NOT-FOR-US: UltraVNC
-CVE-2008-0609
+CVE-2008-0609 (Directory traversal vulnerability in index.php in DivideConcept VHD We ...)
 	NOT-FOR-US: Web Pack 2.0
-CVE-2008-0608
+CVE-2008-0608 (The Logging Server (ftplogsrv.exe) 7.9.14.0 and earlier in IPSwitch WS ...)
 	NOT-FOR-US: IPSwitch WS_FTP
-CVE-2008-0607
+CVE-2008-0607 (SQL injection vulnerability in index.php in the Sigsiu Online Business ...)
 	NOT-FOR-US: Sigsiu Online Business Index 2 component for Joomla! and Mambo
-CVE-2008-0606
+CVE-2008-0606 (SQL injection vulnerability in index.php in the Shambo2 (com_shambo2)  ...)
 	NOT-FOR-US: Shambo2 component for Mambo and Joomla!
-CVE-2008-0605
+CVE-2008-0605 (Multiple cross-site scripting (XSS) vulnerabilities in AstroSoft HelpD ...)
 	NOT-FOR-US: AstroSoft HelpDesk
-CVE-2008-0604
+CVE-2008-0604 (The LDAP authentication feature in XLight FTP Server before 2.83, when ...)
 	NOT-FOR-US: XLight FTP Server
-CVE-2008-0603
+CVE-2008-0603 (SQL injection vulnerability in index.php in the amazOOP Awesom! (com_a ...)
 	NOT-FOR-US: amazOOP Awesom! component for Mambo and Joomla!
-CVE-2008-0602
+CVE-2008-0602 (Directory traversal vulnerability in index.php in All Club CMS (ACCMS) ...)
 	NOT-FOR-US: All Club CMS (ACCMS)
-CVE-2008-0601
+CVE-2008-0601 (SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1 ...)
 	NOT-FOR-US: All Club CMS (ACCMS)
-CVE-2008-0600
+CVE-2008-0600 (The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1  ...)
 	{DSA-1494-1 DTSA-113-1}
 	- linux-2.6 2.6.24-4 (high)
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, in 2.6.24-4 of linux-2.6)
-CVE-2008-0599
+CVE-2008-0599 (The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5. ...)
 	{DTSA-135-1}
 	- php5 5.2.6-1
 	[etch] - php5 <not-affected> (Vulnerable code not yet present, introduced in 5.2.3)
 	[etch] - php4 <not-affected> (Vulnerable code not yet present, introduced in 5.2.3)
-CVE-2008-0598
+CVE-2008-0598 (Unspecified vulnerability in the 32-bit and 64-bit emulation in the Li ...)
 	{DSA-1630-1}
 	- linux-2.6 2.6.26-4 (bug #490910)
 	- linux-2.6.24 2.6.24-6~etchnhalf.4
-CVE-2008-0597
+CVE-2008-0597 (Use-after-free vulnerability in CUPS before 1.1.22, and possibly other ...)
 	- cupsys 1.2.1-1
 	- cups <not-affected> (Vulnerable code not present)
 	NOTE: (mimeDeleteType included since 1.2.x
 	NOTE: according to maintainer, applies to 1.1.x series only. exact fixed
 	NOTE: version in 1.1 unknown but irrelevant. cups package never had 1.1
 	NOTE: versions in Debian.
-CVE-2008-0596
+CVE-2008-0596 (Memory leak in CUPS before 1.1.22, and possibly other versions, allows ...)
 	- cupsys 1.2.1-1
 	- cups <not-affected> (Vulnerable code not present)
 	NOTE: see CVE-2008-0597
-CVE-2008-0595
+CVE-2008-0595 (dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes ...)
 	{DSA-1599-1}
 	- dbus 1.1.20-1
-CVE-2008-0594
+CVE-2008-0594 (Mozilla Firefox before 2.0.0.12 does not always display a web forgery  ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.12-1
-CVE-2008-0593
+CVE-2008-0593 (Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and Se ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0592
+CVE-2008-0592 (Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0591
+CVE-2008-0591 (Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does n ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.9-1
 	- icedove 2.0.0.12-1
-CVE-2008-0590
+CVE-2008-0590 (Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remo ...)
 	NOT-FOR-US: WS_FTP Server with SSH
-CVE-2008-0589
+CVE-2008-0589 (The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-0588
+CVE-2008-0588 (Buffer overflow in the utape program in devices.scsi.tape.diag in IBM  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-0587
+CVE-2008-0587 (Buffer overflow in the uspchrp program in devices.chrp.base.diag in IB ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-0586
+CVE-2008-0586 (Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-0585
+CVE-2008-0585 (sysmgt.websm.webaccess in IBM AIX 5.2 and 5.3 has world writable permi ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-0584
+CVE-2008-0584 (Multiple buffer overflows in bos.rte.control in IBM AIX 5.2 and 5.3 al ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-0583
+CVE-2008-0583 (Cross-zone scripting vulnerability in the Internet Explorer web contro ...)
 	NOT-FOR-US: Skype
-CVE-2008-0582
+CVE-2008-0582 (Cross-zone scripting vulnerability in the Internet Explorer web contro ...)
 	NOT-FOR-US: Skype
-CVE-2008-0581
+CVE-2008-0581 (Geert Moernaut LSrunasE allows local users to gain privileges by obtai ...)
 	NOT-FOR-US: LSrunasE
-CVE-2008-0580
+CVE-2008-0580 (Geert Moernaut LSrunasE and Supercrypt use an encryption key composed  ...)
 	NOT-FOR-US: LSrunasE and Supercrypt
-CVE-2008-0579
+CVE-2008-0579 (SQL injection vulnerability in index.php in the buslicense (com_buslic ...)
 	NOT-FOR-US: buslicense component for Joomla!
-CVE-2008-0578
+CVE-2008-0578 (Cross-site scripting (XSS) vulnerability in the web management login p ...)
 	NOT-FOR-US: Tripwire Enterprise/Server Management Web Interface
-CVE-2008-0577
+CVE-2008-0577 (The Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5 ...)
 	NOT-FOR-US: Project Issue Tracking module for Drupal
-CVE-2008-0576
+CVE-2008-0576 (Cross-site scripting (XSS) vulnerability in the Project Issue Tracking ...)
 	NOT-FOR-US: Project Issue Tracking module for Drupal
-CVE-2008-0575
+CVE-2008-0575 (Cross-site request forgery (CSRF) vulnerability in admin/admincenter.p ...)
 	NOT-FOR-US: webSPELL
-CVE-2008-0574
+CVE-2008-0574 (Cross-site scripting (XSS) vulnerability in index.php in webSPELL 4.01 ...)
 	NOT-FOR-US: webSPELL
-CVE-2008-0573
+CVE-2008-0573 (IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote  ...)
 	NOT-FOR-US: SafeNET HighAssurance Remote and SoftRemote
-CVE-2008-0572
+CVE-2008-0572 (Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.1 ...)
 	NOT-FOR-US: Mindmeld
-CVE-2008-0571
+CVE-2008-0571 (The point moderation form in the Userpoints 4.7.x before 4.7.x-2.3, 5. ...)
 	NOT-FOR-US: Userpoints module for Drupal
-CVE-2008-0570
+CVE-2008-0570 (The OpenID 5.x-1.0 and earlier module for Drupal does not properly ver ...)
 	NOT-FOR-US: OpenID module for Drupal
-CVE-2008-0569
+CVE-2008-0569 (The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 modul ...)
 	NOT-FOR-US: Comment upload module for Drupal
-CVE-2008-0568
+CVE-2008-0568 (Unspecified vulnerability in the IP-authentication feature in the Secu ...)
 	NOT-FOR-US: Secure Site module for Drupal
-CVE-2008-0567
+CVE-2008-0567 (Multiple PHP remote file inclusion vulnerabilities in ChronoEngine Chr ...)
 	NOT-FOR-US: ChronoEngine ChronoForms component for Joomla!
-CVE-2008-0566
+CVE-2008-0566 (PHP remote file inclusion vulnerability in includes/smarty.php in Delt ...)
 	NOT-FOR-US: DeltaScripts PHP Links
-CVE-2008-0565
+CVE-2008-0565 (SQL injection vulnerability in vote.php in DeltaScripts PHP Links 1.3  ...)
 	NOT-FOR-US: DeltaScripts PHP Links
-CVE-2008-0563
+CVE-2008-0563 (Cross-site request forgery (CSRF) vulnerability in service/impl/UserLo ...)
 	- liferay-portal <itp> (bug #569819)
-CVE-2008-0562
+CVE-2008-0562 (SQL injection vulnerability in index.php in the Restaurant (com_restau ...)
 	NOT-FOR-US: Restaurant component for Mambo and Joomla!
-CVE-2008-0561
+CVE-2008-0561 (SQL injection vulnerability in index.php in the Arthur Konze AkoGaller ...)
 	NOT-FOR-US: AkoGallery component for Mambo and Joomla!
 CVE-2008-0560
 	NOT-FOR-US: cforms wordpress plugin
-CVE-2008-0559
+CVE-2008-0559 (Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11  ...)
 	NOT-FOR-US: cforms wordpress plugin
-CVE-2008-0558
+CVE-2008-0558 (Cross-site scripting (XSS) vulnerability in Uniwin eCart Professional  ...)
 	NOT-FOR-US: Uniwin eCart Professiona
-CVE-2008-0557
+CVE-2008-0557 (SQL injection vulnerability in index.php in the CatalogShop (com_catal ...)
 	NOT-FOR-US: CatalogShop componenent for Mambo and Joomla!
-CVE-2008-0556
+CVE-2008-0556 (Cross-site request forgery (CSRF) vulnerability in OpenCA PKI 0.9.2.5, ...)
 	NOT-FOR-US: OpenCA PKI Project
-CVE-2008-0555
+CVE-2008-0555 (The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 do ...)
 	- apache <removed>
 	[etch] - apache <no-dsa> (only exploitable in very specific setups)
 	NOTE: Only affects the apache-ssl package, not apache or apache-perl.
@@ -15865,107 +15865,107 @@ CVE-2008-0555
 	NOTE: While these cases are not really supported by Debian, all in all the low
 	NOTE: severity of the issue is not in proportion to the risk of breaking something
 	NOTE: with the fix.
-CVE-2008-0552
+CVE-2008-0552 (Cross-site scripting (XSS) vulnerability in index.php in eTicket 1.5.6 ...)
 	NOT-FOR-US: eTicket
-CVE-2008-0551
+CVE-2008-0551 (The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3 ...)
 	NOT-FOR-US: Namo Web Editor
-CVE-2008-0550
+CVE-2008-0550 (Off-by-one error in Steamcast 0.9.75 and earlier allows remote attacke ...)
 	NOT-FOR-US: Steamcast
-CVE-2008-0549
+CVE-2008-0549 (Integer overflow in the OggHeaderParse function in Steamcast 0.9.75 an ...)
 	NOT-FOR-US: Steamcast
-CVE-2008-0548
+CVE-2008-0548 (Steamcast 0.9.75 and earlier allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Steamcast
-CVE-2008-0547
+CVE-2008-0547 (Cross-site scripting (XSS) vulnerability in admin/utilities_ConfigHelp ...)
 	NOT-FOR-US: CandyPress
-CVE-2008-0546
+CVE-2008-0546 (Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, an ...)
 	NOT-FOR-US: CandyPress
-CVE-2008-0545
+CVE-2008-0545 (Multiple directory traversal vulnerabilities in Bubbling Library 1.32  ...)
 	NOT-FOR-US: Bubbling Library
-CVE-2008-0543
+CVE-2008-0543 (Multiple SQL injection vulnerabilities in Pre Dynamic Institution allo ...)
 	NOT-FOR-US: Pre Dynamic Institution
-CVE-2008-0542
+CVE-2008-0542 (Directory traversal vulnerability in thumbnail.php in Gerd Tentler Sim ...)
 	NOT-FOR-US: Simple Forum
-CVE-2008-0541
+CVE-2008-0541 (Multiple cross-site scripting (XSS) vulnerabilities in forum.php in Ge ...)
 	NOT-FOR-US: Simple Forum
-CVE-2008-0540
+CVE-2008-0540 (Multiple cross-site scripting (XSS) vulnerabilities in trixbox 2.4.2.0 ...)
 	NOT-FOR-US: trixbox
-CVE-2008-0539
+CVE-2008-0539 (Cross-site scripting (XSS) vulnerability in dms/policy/rep_request.php ...)
 	NOT-FOR-US: F5 BIG-IP Application Security Manager
-CVE-2008-0538
+CVE-2008-0538 (Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow ...)
 	NOT-FOR-US: phpIP Management
-CVE-2008-0537
+CVE-2008-0537 (Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervi ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0536
+CVE-2008-0536 (Unspecified vulnerability in the SSH server in (1) Cisco Service Contr ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0535
+CVE-2008-0535 (Unspecified vulnerability in the SSH server in (1) Cisco Service Contr ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0534
+CVE-2008-0534 (The SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0533
+CVE-2008-0533 (Multiple cross-site scripting (XSS) vulnerabilities in securecgi-bin/C ...)
 	NOT-FOR-US: Cisco ACS
-CVE-2008-0532
+CVE-2008-0532 (Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Chang ...)
 	NOT-FOR-US: Cisco ACS
-CVE-2008-0531
+CVE-2008-0531 (Heap-based buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960 ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0530
+CVE-2008-0530 (Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0529
+CVE-2008-0529 (Buffer overflow in the telnet server in Cisco Unified IP Phone 7906G,  ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0528
+CVE-2008-0528 (Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0527
+CVE-2008-0527 (The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP f ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0526
+CVE-2008-0526 (Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP firmw ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0525
+CVE-2008-0525 (PatchLink Update client for Unix, as used by Novell ZENworks Patch Man ...)
 	NOT-FOR-US: PatchLink Update client for Unix
-CVE-2008-0524
+CVE-2008-0524 (Cross-site request forgery (CSRF) vulnerability in the management inte ...)
 	NOT-FOR-US: Yamaha router firmware
-CVE-2008-0523
+CVE-2008-0523 (Multiple cross-site scripting (XSS) vulnerabilities in SoftCart.exe in ...)
 	NOT-FOR-US: SoftCart
-CVE-2008-0522
+CVE-2008-0522 (Cross-site scripting (XSS) vulnerability in multiple Hal Networks shop ...)
 	NOT-FOR-US: Hal Networks shopping-cart products
-CVE-2008-0521
+CVE-2008-0521 (Multiple directory traversal vulnerabilities in Bubbling Library 1.32  ...)
 	NOT-FOR-US: Bubbling Library
-CVE-2008-0520
+CVE-2008-0520 (Multiple SQL injection vulnerabilities in main.php in the WassUp plugi ...)
 	NOT-FOR-US: WassUp plugin for WordPress
-CVE-2008-0519
+CVE-2008-0519 (SQL injection vulnerability in index.php in the Atapin Jokes (com_joke ...)
 	NOT-FOR-US: Atapin Jokes component for Mambo and Joomla!
-CVE-2008-0518
+CVE-2008-0518 (SQL injection vulnerability in index.php in the Recipes (com_recipes)  ...)
 	NOT-FOR-US: Recipes component for Mambo and Joomla!
-CVE-2008-0517
+CVE-2008-0517 (SQL injection vulnerability in index.php in the Darko Selesi EstateAge ...)
 	NOT-FOR-US: EstateAgent component for Mambo and Joomla!
-CVE-2008-0516
+CVE-2008-0516 (PHP remote file inclusion vulnerability in spaw/dialogs/confirm.php in ...)
 	NOT-FOR-US: SQLiteManager
-CVE-2008-0515
+CVE-2008-0515 (SQL injection vulnerability in index.php in the musepoes (com_musepoes ...)
 	NOT-FOR-US: musepoes component for Mambo and Joomla!
-CVE-2008-0514
+CVE-2008-0514 (SQL injection vulnerability in index.php in the Glossary (com_glossary ...)
 	NOT-FOR-US: Glossary component for Mambo and Joomla!
-CVE-2008-0513
+CVE-2008-0513 (Directory traversal vulnerability in parser/include/class.cache_phpcms ...)
 	NOT-FOR-US: phpCMS
-CVE-2008-0512
+CVE-2008-0512 (SQL injection vulnerability in index.php in the fq (com_fq) component  ...)
 	NOT-FOR-US: fq component for Mambo and Joomla!
-CVE-2008-0511
+CVE-2008-0511 (SQL injection vulnerability in index.php in the MaMML (com_mamml) comp ...)
 	NOT-FOR-US: MaMML component for Mambo and Joomla!
-CVE-2008-0510
+CVE-2008-0510 (SQL injection vulnerability in index.php in the Newsletter (com_newsle ...)
 	NOT-FOR-US: Newsletter component for Mambo and Joomla!
-CVE-2008-0509
+CVE-2008-0509 (Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cau ...)
 	NOT-FOR-US: IBM AIX
-CVE-2008-0508
+CVE-2008-0508 (Cross-site request forgery (CSRF) vulnerability in deans_permalinks_mi ...)
 	NOT-FOR-US: Dean's Permalinks Migration plugin for WordPress
-CVE-2008-0507
+CVE-2008-0507 (SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin f ...)
 	NOT-FOR-US: AdServe plugin for WordPress
-CVE-2008-0506
+CVE-2008-0506 (include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) befo ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-0505
+CVE-2008-0505 (Multiple cross-site scripting (XSS) vulnerabilities in docs/showdoc.ph ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-0504
+CVE-2008-0504 (Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CP ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2008-0503
+CVE-2008-0503 (Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Pub ...)
 	NOT-FOR-US: Netwerk Smart Publisher
-CVE-2008-0502
+CVE-2008-0502 (PHP remote file inclusion vulnerability in templates/Official/part_use ...)
 	NOT-FOR-US: Connectix Boards
-CVE-2008-0664
+CVE-2008-0664 (The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, whe ...)
 	{DSA-1601-1}
 	- wordpress 2.3.3-1 (medium; bug #464170)
 	[etch] - wordpress <not-affected> (vulnerable code not present)
@@ -15974,16 +15974,16 @@ CVE-2008-0664
 	NOTE: This is specific to wordpress' implementation of xmlrpc.php, which is
 	NOTE: not included in any other packages.
 	- libwordpress-xmlrpc-perl <removed>
-CVE-2008-0553
+CVE-2008-0553 (Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in ...)
 	{DSA-1598-1 DSA-1491-1 DSA-1490-1 DTSA-140-1}
 	- tk8.5 8.5.0-3
 	- tk8.4 8.4.17-2
 	- tk8.3 8.3.5-12
 	- libtk-img 1:1.3-release-7 (bug #485785)
-CVE-2008-0554
+CVE-2008-0554 (Buffer overflow in the readImageData function in giftopnm.c in netpbm  ...)
 	{DSA-1579-1}
 	- netpbm-free 10.0-11.1 (medium; bug #464056)
-CVE-2008-0564
+CVE-2008-0564 (Multiple cross-site scripting (XSS) vulnerabilities in Mailman before  ...)
 	- mailman 1:2.1.10~b3-1 (low)
 	[etch] - mailman <no-dsa> (Minor issue)
 	[sarge] - mailman <no-dsa> (Minor issue)
@@ -15992,50 +15992,50 @@ CVE-2008-0564
 	NOTE: control over the mailinglist, so not a very important issue.
 	NOTE: This enhances the fix for CVE-2006-3636.
 	NOTE: http://mail.python.org/pipermail/mailman-announce/2008-February/000095.html
-CVE-2008-0665
+CVE-2008-0665 (wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allow ...)
 	{DSA-1492-1}
 	- wml 2.0.11-3.1 (low; bug #463907)
 	[sarge] - wml <not-affected> (Vulnerable code is patched to use mkdtemp)
-CVE-2008-0666
+CVE-2008-0666 (Website META Language (WML) 2.0.11 allows local users to overwrite arb ...)
 	{DSA-1492-1}
 	- wml 2.0.11-3.1 (low; bug #463907)
 	[sarge] - wml <not-affected> (Vulnerable code is patched to use mkdtemp)
-CVE-2008-0501
+CVE-2008-0501 (Directory traversal vulnerability in phpMyClub 0.0.1 allows remote att ...)
 	NOT-FOR-US: phpMyClub
-CVE-2008-0500
+CVE-2008-0500 (Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unkno ...)
 	NOT-FOR-US: MamboXChange LaiThai
-CVE-2008-0499
+CVE-2008-0499 (SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attac ...)
 	NOT-FOR-US: MamboXChange LaiThai
-CVE-2008-0498
+CVE-2008-0498 (SQL injection vulnerability in main_bigware_53.tpl.php in Bigware Shop ...)
 	NOT-FOR-US: Bigware Shop
-CVE-2008-0497
+CVE-2008-0497 (Cross-site scripting (XSS) vulnerability in action.php in Nucleus CMS  ...)
 	NOT-FOR-US: Nucleus CMS
-CVE-2008-0496
+CVE-2008-0496 (Cross-site scripting (XSS) vulnerability in index.php in AmpJuke 0.7.0 ...)
 	NOT-FOR-US: AmpJuke
-CVE-2008-0495
+CVE-2008-0495 (Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware Ma ...)
 	NOT-FOR-US: Pegasus CIM Server
-CVE-2008-0494
+CVE-2008-0494 (Cross-site scripting (XSS) vulnerability in vpnum/userslist.php in End ...)
 	NOT-FOR-US: Endian Firewall
-CVE-2008-0493
+CVE-2008-0493 (fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remot ...)
 	NOT-FOR-US: FlashPix plugin for IrfanView
-CVE-2008-0492
+CVE-2008-0492 (Stack-based buffer overflow in the Persits.XUpload.2 ActiveX control i ...)
 	NOT-FOR-US: Persits XUpload
-CVE-2008-0491
+CVE-2008-0491 (SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugi ...)
 	NOT-FOR-US: fGallery for WordPress
-CVE-2008-0490
+CVE-2008-0490 (SQL injection vulnerability in functions/editevent.php in the WP-Cal 0 ...)
 	NOT-FOR-US: WP-Cal plugin for WordPress
-CVE-2008-0489
+CVE-2008-0489 (Directory traversal vulnerability in install.php in Clansphere 2007.4. ...)
 	NOT-FOR-US: Clansphere
-CVE-2008-0488
+CVE-2008-0488 (Directory traversal vulnerability in tseekdir.cgi in VB Marketing allo ...)
 	NOT-FOR-US: VB Marketing
-CVE-2008-0487
+CVE-2008-0487 (Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect ...)
 	NOT-FOR-US: ASPired2Protect
-CVE-2008-0486
+CVE-2008-0486 (Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc ...)
 	{DSA-1536-1 DSA-1496-1 DTSA-114-1}
 	- mplayer 1.0~rc2-8 (bug #464060)
 	- xine-lib 1.1.10.1-1 (bug #464696)
 	[sarge] - xine-lib <not-affected> (Vulnerable code not present)
-CVE-2008-0485
+CVE-2008-0485 (Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and ear ...)
 	{DSA-1496-1 DTSA-114-1}
 	- mplayer 1.0~rc2-8 (bug #464060)
 CVE-2008-0484
@@ -16044,402 +16044,402 @@ CVE-2008-0483
 	RESERVED
 CVE-2008-0482
 	RESERVED
-CVE-2008-0481
+CVE-2008-0481 (Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz R ...)
 	NOT-FOR-US: Web Wiz Rich Text Editor
-CVE-2008-0480
+CVE-2008-0480 (Multiple directory traversal vulnerabilities in Web Wiz Forums 9.07 an ...)
 	NOT-FOR-US: Web Wiz Forums
-CVE-2008-0479
+CVE-2008-0479 (Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz N ...)
 	NOT-FOR-US: Web Wiz NewsPad
-CVE-2008-0478
+CVE-2008-0478 (Directory traversal vulnerability in index.php in SetCMS 3.6.5 allows  ...)
 	NOT-FOR-US: SetCMS
-CVE-2008-0477
+CVE-2008-0477 (Stack-based buffer overflow in the QMPUpgrade.Upgrade.1 ActiveX contro ...)
 	NOT-FOR-US: Move Networks Upgrade Manager
-CVE-2008-0476
+CVE-2008-0476 (ManageEngine Applications Manager 8.1 build 8100 does not check authen ...)
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2008-0475
+CVE-2008-0475 (ManageEngine Applications Manager 8.1 build 8100 allows remote attacke ...)
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2008-0474
+CVE-2008-0474 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Ap ...)
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2008-0473
+CVE-2008-0473 (RTE_popup_save_file.asp in Web Wiz Rich Text Editor 4.0 allows remote  ...)
 	NOT-FOR-US: Web Wiz Rich Text Editor
-CVE-2008-0472
+CVE-2008-0472 (Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltla ...)
 	NOT-FOR-US: Woltlab Burning Board
-CVE-2008-0471
+CVE-2008-0471 (Cross-site request forgery (CSRF) vulnerability in privmsg.php in phpB ...)
 	{DSA-1488-1}
 	- phpbb2 2.0.22-3 (low; bug #463589)
-CVE-2008-0470
+CVE-2008-0470 (A certain ActiveX control in Comodo AntiVirus 2.0 allows remote attack ...)
 	NOT-FOR-US: Comodo AntiVirus
-CVE-2008-0469
+CVE-2008-0469 (SQL injection vulnerability in index.php in Tiger Php News System (TPN ...)
 	NOT-FOR-US: Tiger Php News System
-CVE-2008-0468
+CVE-2008-0468 (SQL injection vulnerability in category.php in Flinx 1.3 and earlier a ...)
 	NOT-FOR-US: Flinx
-CVE-2008-0467
+CVE-2008-0467 (Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before ...)
 	{DSA-1529-1}
 	- firebird2 <removed>
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
 	- firebird2.0 2.0.3.12981.ds1-5 (medium; bug #463596)
-CVE-2008-0466
+CVE-2008-0466 (Web Wiz RTE_file_browser.asp in, as used in Web Wiz Rich Text Editor 4 ...)
 	NOT-FOR-US: Web Wiz Rich Text Editor
-CVE-2008-0465
+CVE-2008-0465 (Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 al ...)
 	NOT-FOR-US: Seagull
-CVE-2008-0464
+CVE-2008-0464 (Directory traversal vulnerability in archiv.cgi in absofort aconon Mai ...)
 	NOT-FOR-US: aconon Mail Enterprise SQL
-CVE-2008-0463
+CVE-2008-0463 (Cross-site scripting (XSS) vulnerability in the Workflow 4.7.x before  ...)
 	NOT-FOR-US: Workflow module for Drupal
-CVE-2008-0462
+CVE-2008-0462 (Cross-site scripting (XSS) vulnerability in the Archive 5.x before 5.x ...)
 	NOT-FOR-US: Archive module for Drupal
-CVE-2008-0461
+CVE-2008-0461 (SQL injection vulnerability in index.php in the Search module in PHP-N ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2008-0460
+CVE-2008-0460 (Cross-site scripting (XSS) vulnerability in api.php in (1) MediaWiki 1 ...)
 	- mediawiki 1:1.11.1-1 (low)
 	[etch] - mediawiki <not-affected> (Doesn't include API functionality)
-CVE-2008-0459
+CVE-2008-0459 (Directory traversal vulnerability in update/index.php in Liquid-Silver ...)
 	NOT-FOR-US: Liquit-Silver CMS
-CVE-2008-0458
+CVE-2008-0458 (Directory traversal vulnerability in function/sources.php in SLAED CMS ...)
 	NOT-FOR-US: SLAED CMS
-CVE-2008-0457
+CVE-2008-0457 (Unrestricted file upload vulnerability in the FileUpload class running ...)
 	NOT-FOR-US: Symantec LiveState Apache Tomcat server
-CVE-2008-0456
+CVE-2008-0456 (CRLF injection vulnerability in the mod_negotiation module in the Apac ...)
 	- apache <unfixed> (unimportant)
 	- apache2 <unfixed> (unimportant)
 	NOTE: This is only relevant if an attacker can upload files with arbitrary names
 	NOTE: but not with arbitrary contents.
-CVE-2008-0455
+CVE-2008-0455 (Cross-site scripting (XSS) vulnerability in the mod_negotiation module ...)
 	- apache <removed> (unimportant)
 	- apache2 <unfixed> (unimportant)
 	NOTE: This is only relevant if an attacker can upload files with arbitrary names
 	NOTE: but not with arbitrary contents.
-CVE-2008-0454
+CVE-2008-0454 (Cross-zone scripting vulnerability in the Internet Explorer web contro ...)
 	NOT-FOR-US: Skype
-CVE-2008-0453
+CVE-2008-0453 (SQL injection vulnerability in list.php in Easysitenetwork Recipe allo ...)
 	NOT-FOR-US: Easysitenetwork Recipe
-CVE-2008-0452
+CVE-2008-0452 (Directory traversal vulnerability in articles.php in Siteman 1.1.9 all ...)
 	NOT-FOR-US: Siteman
-CVE-2008-0451
+CVE-2008-0451 (Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote au ...)
 	NOT-FOR-US: PacerCMS
-CVE-2008-0450
+CVE-2008-0450 (Multiple PHP remote file inclusion vulnerabilities in BLOG:CMS 4.2.1.c ...)
 	NOT-FOR-US: BLOG:CMS
-CVE-2008-0449
+CVE-2008-0449 (SQL injection vulnerability in paypalresult.asp in VP-ASP Shopping Car ...)
 	NOT-FOR-US: VP-ASP Shopping Cart
-CVE-2008-0448
+CVE-2008-0448 (PHP remote file inclusion vulnerability in utils/class_HTTPRetriever.p ...)
 	NOT-FOR-US: phpSearch
-CVE-2008-0447
+CVE-2008-0447 (SQL injection vulnerability in index.php in Foojan WMS PHP Weblog 1.0  ...)
 	NOT-FOR-US: Foojan WMS PHP Weblog
-CVE-2008-0446
+CVE-2008-0446 (SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows re ...)
 	NOT-FOR-US: Foojan WMS PHP Weblog
-CVE-2008-0445
+CVE-2008-0445 (The replace_inline_img function in elogd in Electronic Logbook (ELOG)  ...)
 	- elog 2.9.2+2014.05.11git44800a7-1 (low; bug #463600)
-CVE-2008-0444
+CVE-2008-0444 (Cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG)  ...)
 	- elog 2.9.2+2014.05.11git44800a7-1 (low; bug #463600)
-CVE-2008-0443
+CVE-2008-0443 (Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX co ...)
 	NOT-FOR-US: Lycos FileUploader Module
-CVE-2008-0442
+CVE-2008-0442 (PHP remote file inclusion vulnerability in inc/linkbar.php in Small Ax ...)
 	NOT-FOR-US: Small Axe Weblog
-CVE-2008-0441
+CVE-2008-0441 (IBM Tivoli Business Service Manager (TBSM) 4.1.1 stores passwords in c ...)
 	NOT-FOR-US: IBM Tivoli Business Service Manager
-CVE-2008-0440
+CVE-2008-0440 (AlstraSoft Forum Pay Per Post Exchange 2.0 stores passwords in clearte ...)
 	NOT-FOR-US: AlstraSoft Forum Pay Per Post Exchange
-CVE-2008-0439
+CVE-2008-0439 (Cross-site scripting (XSS) vulnerability in templates/default/admincp/ ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2008-0438
+CVE-2008-0438 (Cross-site scripting (XSS) vulnerability in the font rendering functio ...)
 	NOT-FOR-US: Novemberborn sIFR
-CVE-2008-0437
+CVE-2008-0437 (Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 Activ ...)
 	NOT-FOR-US: HP Virtual Rooms
-CVE-2008-0436
+CVE-2008-0436 (Cross-site scripting (XSS) vulnerability in profile-upload/upload.asp  ...)
 	NOT-FOR-US: PD9 Software MegaBBS
-CVE-2008-0435
+CVE-2008-0435 (Directory traversal vulnerability in index.php in OZJournals 2.1.1 all ...)
 	NOT-FOR-US: OZJournals
-CVE-2008-0434
+CVE-2008-0434 (Format string vulnerability in the AXIMilter module in AXIGEN Mail Ser ...)
 	NOT-FOR-US: AXIGEN Mail Server
-CVE-2008-0433
+CVE-2008-0433 (PHP remote file inclusion vulnerability in theme/phpAutoVideo/LightTwo ...)
 	NOT-FOR-US: Agares Media phpAutoVideo
-CVE-2008-0432
+CVE-2008-0432 (Cross-site scripting (XSS) vulnerability in index.php in phpAutoVideo  ...)
 	NOT-FOR-US: Agares Media phpAutoVideo
-CVE-2008-0431
+CVE-2008-0431 (Directory traversal vulnerability in administrator/download.php in IDM ...)
 	NOT-FOR-US: IDMOS
-CVE-2008-0430
+CVE-2008-0430 (SQL injection vulnerability in form.php in 360 Web Manager 3.0 allows  ...)
 	NOT-FOR-US: 360 Web Manager
-CVE-2008-0429
+CVE-2008-0429 (SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per P ...)
 	NOT-FOR-US: AlstraSoft Forum Pay Per Post Exchange
-CVE-2008-0428
+CVE-2008-0428 (Multiple SQL injection vulnerabilities in the login function in system ...)
 	NOT-FOR-US: bloofoxCMS
-CVE-2008-0427
+CVE-2008-0427 (Directory traversal vulnerability in file.php in bloofoxCMS 0.3 allows ...)
 	NOT-FOR-US: bloofoxCMS
-CVE-2008-0426
+CVE-2008-0426 (Multiple cross-site scripting (XSS) vulnerabilities in submit.php in P ...)
 	NOT-FOR-US: PacerCMS
-CVE-2008-0425
+CVE-2008-0425 (Absolute path traversal vulnerability in explorerdir.php in Frimousse  ...)
 	NOT-FOR-US: Frimousse
-CVE-2008-0424
+CVE-2008-0424 (SQL injection vulnerability in blog.php in Mooseguy Blog System (MGBS) ...)
 	NOT-FOR-US: Mooseguy Blog System
-CVE-2008-0423
+CVE-2008-0423 (Multiple PHP remote file inclusion vulnerabilities in Lama Software al ...)
 	NOT-FOR-US: Lama Software
-CVE-2008-0422
+CVE-2008-0422 (SQL injection vulnerability in mail.php in boastMachine (aka bMachine) ...)
 	NOT-FOR-US: bMachine
-CVE-2008-0421
+CVE-2008-0421 (SQL injection vulnerability in Invision Gallery 2.0.7 and earlier allo ...)
 	NOT-FOR-US: Invision Gallery
-CVE-2008-0420
+CVE-2008-0420 (modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox befor ...)
 	{DSA-1534-1 DSA-1484-1}
 	- iceape 1.1.8-1
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	NOTE: The initial advisory claimed Thunderbird/Icedove were vulnerable, but clarified
 	NOTE: later, see http://www.mozilla.org/security/announce/2008/mfsa2008-07.html
-CVE-2008-0419
+CVE-2008-0419 (Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remo ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0418
+CVE-2008-0418 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12,  ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0417
+CVE-2008-0417 (CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0416
+CVE-2008-0416 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- icedove 2.0.0.12-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
-CVE-2008-0415
+CVE-2008-0415 (Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaM ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
-CVE-2008-0414
+CVE-2008-0414 (Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0413
+CVE-2008-0413 (The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird  ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0412
+CVE-2008-0412 (The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird bef ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
 	- iceape 1.1.8-1
 	- icedove 2.0.0.12-1
-CVE-2008-0411
+CVE-2008-0411 (Stack-based buffer overflow in the zseticcspace function in zicc.c in  ...)
 	{DSA-1510-1}
 	- ghostscript 8.61.dfsg.1-1.1 (medium; bug #468190)
 	- gs-gpl <removed> (medium)
 CVE-2008-XXXX [exempi buffer overflow in GIF ReadHeader() function]
 	- exempi 1.99.7-1 (bug #454297)
-CVE-2008-0544
+CVE-2008-0544 (Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c ...)
 	{DSA-1493-2 DSA-1493-1}
 	- sdl-image1.2 1.2.6-3 (medium)
-CVE-2008-0410
+CVE-2008-0410 (HTTP File Server (HFS) before 2.2c allows remote attackers to obtain c ...)
 	NOT-FOR-US: HTTP File Server
-CVE-2008-0409
+CVE-2008-0409 (Cross-site scripting (XSS) vulnerability in HTTP File Server (HFS) bef ...)
 	NOT-FOR-US: HTTP File Server
-CVE-2008-0408
+CVE-2008-0408 (HTTP File Server (HFS) before 2.2c allows remote attackers to append a ...)
 	NOT-FOR-US: HTTP File Server
-CVE-2008-0407
+CVE-2008-0407 (HTTP File Server (HFS) before 2.2c tags HTTP request log entries with  ...)
 	NOT-FOR-US: HTTP File Server
-CVE-2008-0406
+CVE-2008-0406 (HTTP File Server (HFS) before 2.2c, when account names are used as log ...)
 	NOT-FOR-US: HTTP File Server
-CVE-2008-0405
+CVE-2008-0405 (Multiple directory traversal vulnerabilities in HTTP File Server (HFS) ...)
 	NOT-FOR-US: HTTP File Server
-CVE-2008-0404
+CVE-2008-0404 (Cross-site scripting (XSS) vulnerability in Mantis before 1.1.1 allows ...)
 	- mantis <not-affected> (Vulnerable code not present)
 	NOTE: code was introduced in the 1.1.x series, which are not shipped by us yet
-CVE-2008-0403
+CVE-2008-0403 (The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does no ...)
 	NOT-FOR-US: Belkin Wireless firmware
-CVE-2008-0402
+CVE-2008-0402 (Unspecified vulnerability in IBM WebSphere Business Modeler Basic and  ...)
 	NOT-FOR-US: IBM WebSphere Business Modeler
-CVE-2008-0401
+CVE-2008-0401 (Buffer overflow in the logging functionality of the HTTP server in IBM ...)
 	NOT-FOR-US: IBM Tivoli Provisioning Manager for OS Deployment before
-CVE-2008-0400
+CVE-2008-0400 (Cross-site scripting (XSS) vulnerability in header.tpl.php in the mode ...)
 	NOT-FOR-US: Singapore
-CVE-2008-0399
+CVE-2008-0399 (Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordS ...)
 	NOT-FOR-US: Toshiba Surveillance
-CVE-2008-0398
+CVE-2008-0398 (Cross-site scripting (XSS) vulnerability in aflog 1.01, and possibly e ...)
 	NOT-FOR-US: aflog
-CVE-2008-0397
+CVE-2008-0397 (Multiple SQL injection vulnerabilities in aflog 1.01, and possibly ear ...)
 	NOT-FOR-US: aflog
-CVE-2008-0396
+CVE-2008-0396 (Directory traversal vulnerability in BitDefender Update Server (http.e ...)
 	NOT-FOR-US: BitDefender Update Server
-CVE-2008-0395
+CVE-2008-0395 (Kayako SupportSuite 3.11.01 allows remote attackers to obtain server c ...)
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2008-0394
+CVE-2008-0394 (Buffer overflow in Citadel SMTP server 7.10 and earlier allows remote  ...)
 	NOT-FOR-US: Citadel SMTP server
-CVE-2008-0393
+CVE-2008-0393 (Directory traversal vulnerability in info.php in GradMan 0.1.3 and ear ...)
 	NOT-FOR-US: GradMan
-CVE-2008-0392
+CVE-2008-0392 (Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition ...)
 	NOT-FOR-US: Microsoft Visual Basic
-CVE-2008-0391
+CVE-2008-0391 (inc/elementz.php in aliTalk 1.9.1.1 does not properly verify authentic ...)
 	NOT-FOR-US: aliTalk
-CVE-2008-0390
+CVE-2008-0390 (stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows  ...)
 	NOT-FOR-US: AuraCMS
-CVE-2008-0389
+CVE-2008-0389 (Unspecified vulnerability in the serveServletsByClassnameEnabled featu ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-0388
+CVE-2008-0388 (SQL injection vulnerability in the WP-Forum 1.7.4 plugin for WordPress ...)
 	NOT-FOR-US: WP-Forum plugin for WordPress
-CVE-2008-0387
+CVE-2008-0387 (Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6 ...)
 	{DSA-1529-1}
 	- firebird2.0 2.0.3.12981.ds1-4 (bug #460048)
 	[lenny] - firebird2.0 2.0.3.12981.ds1-1+lenny1
 	- firebird2 <removed>
 	[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)
-CVE-2008-0386
+CVE-2008-0386 (Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to e ...)
 	- xdg-utils <not-affected> (Ships a patch that modifies the vulnerable code and uses sed secure)
 	NOTE: xdg-open-generic replaces the vulnerable code and runs view-mailcap or sensible-browser
-CVE-2008-0385
+CVE-2008-0385 (SQL injection vulnerability in server/widgetallocator.php in Urulu 2.1 ...)
 	NOT-FOR-US: Urulu
-CVE-2008-0384
+CVE-2008-0384 (OpenBSD 4.2 allows local users to cause a denial of service (kernel pa ...)
 	NOT-FOR-US: OpenBSD
-CVE-2008-0383
+CVE-2008-0383 (Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allo ...)
 	NOT-FOR-US: MyBB
-CVE-2008-0382
+CVE-2008-0382 (Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier all ...)
 	NOT-FOR-US: MyBB
-CVE-2008-0381
+CVE-2008-0381 (Unspecified vulnerability in Mahara before 0.9.1 has unknown impact an ...)
 	- mahara 0.9.1-1 (low)
-CVE-2008-0380
+CVE-2008-0380 (Buffer overflow in the Digital Data Communications RtspVaPgCtrl Active ...)
 	NOT-FOR-US: Digital Data Communications
-CVE-2008-0379
+CVE-2008-0379 (Race condition in the Enterprise Tree ActiveX control (EnterpriseContr ...)
 	NOT-FOR-US: Crystal Reports
-CVE-2008-0378
+CVE-2008-0378 (Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when  ...)
 	NOT-FOR-US: SocksCap
-CVE-2008-0377
+CVE-2008-0377 (MicroNews allows remote attackers to bypass authentication and gain ad ...)
 	NOT-FOR-US: MicroNews
-CVE-2008-0376
+CVE-2008-0376 (PHP remote file inclusion vulnerability in inc/linkbar.php in Small Ax ...)
 	NOT-FOR-US: Small Axe Weblog
-CVE-2008-0375
+CVE-2008-0375 (Unspecified vulnerability in OKI C5510MFP Printer CU H2.15, PU 01.03.0 ...)
 	NOT-FOR-US: OKI C5510MFP Printer firmware
-CVE-2008-0374
+CVE-2008-0374 (OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web P ...)
 	NOT-FOR-US: OKI C5510MFP Printer firmware
-CVE-2008-0373
+CVE-2008-0373 (Unrestricted file upload vulnerability in PHP F1 Max's File Uploader a ...)
 	NOT-FOR-US: PHP F1 Max's File Uploader
-CVE-2008-0372
+CVE-2008-0372 (8e6 R3000 Internet Filter 2.0.05.33, and other versions before 2.0.11, ...)
 	NOT-FOR-US: 8e6 R3000 Internet Filter
-CVE-2008-0371
+CVE-2008-0371 (Multiple SQL injection vulnerabilities in aliTalk 1.9.1.1, when magic_ ...)
 	NOT-FOR-US: aliTalk
-CVE-2008-0370
+CVE-2008-0370 (Cross-site scripting (XSS) vulnerability in dohtaccess.html in cPanel  ...)
 	NOT-FOR-US: cPanel
-CVE-2008-0369
+CVE-2008-0369 (Multiple unspecified programs in IBM Informix Dynamic Server (IDS) 10. ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2008-0368
+CVE-2008-0368 (onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allo ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2008-0367
+CVE-2008-0367 (Mozilla Firefox 2.0.0.11, 3.0b2, and possibly earlier versions, when p ...)
 	- iceweasel 3.0 (low)
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: Mozilla #244273
-CVE-2008-0366
+CVE-2008-0366 (CORE FORCE before 0.95.172 does not properly validate arguments to SSD ...)
 	NOT-FOR-US: CORE FORCE
-CVE-2008-0365
+CVE-2008-0365 (Multiple buffer overflows in CORE FORCE before 0.95.172 allow local us ...)
 	NOT-FOR-US: CORE FORCE
-CVE-2008-0364
+CVE-2008-0364 (Buffer overflow in (1) BitTorrent 6.0 and earlier; and (2) uTorrent 1. ...)
 	NOT-FOR-US: BitTorrent/uTorrent
-CVE-2008-0363
+CVE-2008-0363 (Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier  ...)
 	NOT-FOR-US: Clever Copy
-CVE-2008-0362
+CVE-2008-0362 (Cross-site scripting (XSS) vulnerability in gallery.php in Clever Copy ...)
 	NOT-FOR-US: Clever Copy
-CVE-2008-0361
+CVE-2008-0361 (Directory traversal vulnerability in agregar_info.php in GradMan 0.1.3 ...)
 	NOT-FOR-US: GradMan
-CVE-2008-0360
+CVE-2008-0360 (Multiple SQL injection vulnerabilities in BLOG:CMS 4.2.1b allow remote ...)
 	NOT-FOR-US: BLOG:CMS
-CVE-2008-0359
+CVE-2008-0359 (Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1b ...)
 	NOT-FOR-US: BLOG:CMS
-CVE-2008-0358
+CVE-2008-0358 (SQL injection vulnerability in index.php in Pixelpost 1.7 allows remot ...)
 	NOT-FOR-US: Pixelpost
-CVE-2008-0357
+CVE-2008-0357 (Directory traversal vulnerability in pages/upload.php in Galaxyscripts ...)
 	NOT-FOR-US: Galaxyscripts
-CVE-2008-0356
+CVE-2008-0356 (Buffer overflow in the Independent Management Architecture (IMA) servi ...)
 	NOT-FOR-US: Citrix Presentation Server
-CVE-2008-0355
+CVE-2008-0355 (SQL injection vulnerability in index.php in the forum module in PHPEch ...)
 	NOT-FOR-US: PHPEcho CMS
-CVE-2008-0354
+CVE-2008-0354 (Cross-site scripting (XSS) vulnerability in the chat client in IBM Lot ...)
 	NOT-FOR-US: IBM Lotus Sametime
-CVE-2008-0353
+CVE-2008-0353 (SQL injection vulnerability in visualizza_tabelle.php in php-residence ...)
 	NOT-FOR-US: php-residence
 CVE-2008-XXXX [apt-cacher arbitrary command execution]
 	- apt-cacher 1.6.1
 	[etch] - apt-cacher <not-affected> (vulnerable code introduced in 1.6.0)
 	[sarge] - apt-cacher <not-affected> (vulnerable code introduced in 1.6.0)
-CVE-2008-0352
+CVE-2008-0352 (The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to ca ...)
 	- linux-2.6 2.6.22-1
 	[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced after 2.6.19 release)
-CVE-2008-0351
+CVE-2008-0351 (admin/config.php in Evilsentinel 1.0.9 and earlier allows remote attac ...)
 	NOT-FOR-US: EvilSentinel
-CVE-2008-0350
+CVE-2008-0350 (admin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to  ...)
 	NOT-FOR-US: EvilSentinel
-CVE-2008-0349
+CVE-2008-0349 (Unspecified vulnerability in the PeopleTools component in Oracle Peopl ...)
 	NOT-FOR-US: Oracle
-CVE-2008-0348
+CVE-2008-0348 (Multiple unspecified vulnerabilities in the PeopleTools component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2008-0347
+CVE-2008-0347 (Unspecified vulnerability in the Oracle Ultra Search component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2008-0346
+CVE-2008-0346 (Unspecified vulnerability in the Oracle Jinitiator component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2008-0345
+CVE-2008-0345 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2008-0344
+CVE-2008-0344 (Unspecified vulnerability in the Oracle Spatial component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2008-0343
+CVE-2008-0343 (Unspecified vulnerability in the Oracle Spatial component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2008-0342
+CVE-2008-0342 (Unspecified vulnerability in the Upgrade/Downgrade component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2008-0341
+CVE-2008-0341 (Unspecified vulnerability in the Advanced Queuing component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2008-0340
+CVE-2008-0340 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, ...)
 	NOT-FOR-US: Oracle
-CVE-2008-0339
+CVE-2008-0339 (Unspecified vulnerability in the XML DB component in Oracle Database 9 ...)
 	NOT-FOR-US: Oracle
-CVE-2008-0338
+CVE-2008-0338 (Directory traversal vulnerability in the mwGetLocalFileName function i ...)
 	NOT-FOR-US: miniweb
-CVE-2008-0337
+CVE-2008-0337 (Heap-based buffer overflow in the _mwProcessReadSocket function in htt ...)
 	NOT-FOR-US: miniweb
-CVE-2008-0336
+CVE-2008-0336 (Multiple cross-site request forgery (CSRF) vulnerabilities in BugTrack ...)
 	NOT-FOR-US: BugTracker.NET
-CVE-2008-0335
+CVE-2008-0335 (Cross-site scripting (XSS) vulnerability in BugTracker.NET before 2.7. ...)
 	NOT-FOR-US: BugTracker.NET
-CVE-2008-0334
+CVE-2008-0334 (Cross-site scripting (XSS) vulnerability in pm/language/spanish/prefer ...)
 	NOT-FOR-US: pMachine
-CVE-2008-0333
+CVE-2008-0333 (Directory traversal vulnerability in download_view_attachment.aspx in  ...)
 	NOT-FOR-US: AfterLogic MailBee WebMail Pro 4.1 for ASP.NET
-CVE-2008-0332
+CVE-2008-0332 (Directory traversal vulnerability in arias/help/effect.php in aria 0.9 ...)
 	NOT-FOR-US: Aria ERP (not the aria we ship)
-CVE-2008-0331
+CVE-2008-0331 (Unspecified vulnerability in Funkwerk System Software before 7.4.1 PAT ...)
 	NOT-FOR-US: Funkwerk
-CVE-2008-0330
+CVE-2008-0330 (Open System Consultants (OSC) Radiator before 4.0 allows remote attack ...)
 	NOT-FOR-US: Radiator
-CVE-2008-0329
+CVE-2008-0329 (LulieBlog 1.0.1 and 1.0.2 does not restrict access to (1) article_supp ...)
 	NOT-FOR-US: LulieBlog
-CVE-2008-0328
+CVE-2008-0328 (SQL injection vulnerability in page.php in FaScript FaName 1.0 allows  ...)
 	NOT-FOR-US: FaScript
-CVE-2008-0327
+CVE-2008-0327 (SQL injection vulnerability in show.php in FaScript FaMp3 1.0 allows r ...)
 	NOT-FOR-US: FaScript
-CVE-2008-0326
+CVE-2008-0326 (SQL injection vulnerability in class/show.php in FaScript FaPersianHac ...)
 	NOT-FOR-US: FaScript
-CVE-2008-0325
+CVE-2008-0325 (SQL injection vulnerability in show.php in FaScript FaPersian Petition ...)
 	NOT-FOR-US: FaScript
-CVE-2008-0324
+CVE-2008-0324 (Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allow ...)
 	NOT-FOR-US: Cisco
 CVE-2008-0323
 	RESERVED
-CVE-2008-0322
+CVE-2008-0322 (The I2O Utility Filter driver (i2omgmt.sys) 5.1.2600.2180 for Microsof ...)
 	NOT-FOR-US: Microsoft Windows XP driver
 CVE-2008-0321
 	RESERVED
-CVE-2008-0320
+CVE-2008-0320 (Heap-based buffer overflow in the OLE importer in OpenOffice.org befor ...)
 	{DSA-1547-1}
 	- openoffice.org 2.4.0~ooh680m5-1
 CVE-2008-0319
 	RESERVED
-CVE-2008-0318
+CVE-2008-0318 (Integer overflow in the cli_scanpe function in libclamav in ClamAV bef ...)
 	{DSA-1497-1}
 	- clamav 0.92.1~dfsg-1 (medium)
 CVE-2008-0317
@@ -16448,447 +16448,447 @@ CVE-2008-0316
 	RESERVED
 CVE-2008-0315
 	RESERVED
-CVE-2008-0314
+CVE-2008-0314 (Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 all ...)
 	{DSA-1549-1}
 	- clamav 0.92.1~dfsg2-1 (medium)
-CVE-2008-0313
+CVE-2008-0313 (The ActiveDataInfo.LaunchProcess method in the SymAData.ActiveDataInfo ...)
 	NOT-FOR-US: Symantec Norton products
-CVE-2008-0312
+CVE-2008-0312 (Stack-based buffer overflow in the AutoFix Support Tool ActiveX contro ...)
 	NOT-FOR-US: Symantec Norton products
-CVE-2008-0311
+CVE-2008-0311 (Stack-based buffer overflow in the PGMWebHandler::parse_request functi ...)
 	NOT-FOR-US: Borland CaliberRM
-CVE-2008-0310
+CVE-2008-0310 (Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 befo ...)
 	NOT-FOR-US: SCO UnixWare
-CVE-2008-0309
+CVE-2008-0309 (Stack-based buffer overflow in Symantec Decomposer, as used in certain ...)
 	NOT-FOR-US: Symantec Decomposer
-CVE-2008-0308
+CVE-2008-0308 (Symantec Decomposer, as used in certain Symantec antivirus products in ...)
 	NOT-FOR-US: Symantec Decomposer
-CVE-2008-0307
+CVE-2008-0307 (Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibl ...)
 	- maxdb-7.5.00 <removed>
-CVE-2008-0306
+CVE-2008-0306 (sdbstarter in SAP MaxDB 7.6.0.37, and possibly other versions, allows  ...)
 	- maxdb-7.5.00 <removed>
 CVE-2008-0305
 	RESERVED
-CVE-2008-0304
+CVE-2008-0304 (Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and  ...)
 	{DSA-1697-1 DSA-1621-1}
 	- icedove 2.0.0.12-1 (medium)
 	- iceape 1.1.8-1 (medium)
-CVE-2008-0303
+CVE-2008-0303 (The FTP print feature in multiple Canon printers, including imageRUNNE ...)
 	NOT-FOR-US: Canon printer firmware
-CVE-2008-0301
+CVE-2008-0301 (Multiple SQL injection vulnerabilities in Mapbender 2.4.4 allow remote ...)
 	NOT-FOR-US: Mapbender
-CVE-2008-0300
+CVE-2008-0300 (mapFiler.php in Mapbender 2.4 to 2.4.4 allows remote attackers to exec ...)
 	NOT-FOR-US: Mapbender
-CVE-2008-0298
+CVE-2008-0298 (KHTML WebKit as used in Apple Safari 2.x allows remote attackers to ca ...)
 	- webkit <not-affected> (Not reproducible, browser crashes not treated as security issues)
 	- qt4-x11 <not-affected> (Not reproducible, browser crashes not treated as security issues)
 	- kdelibs <not-affected> (Not reproducible, browser crashes not treated as security issues)
 	- kde4libs <not-affected> (Not reproducible, browser crashes not treated as security issues)
 	NOTE: Not reproducible, might be fixed before all the forks went off
-CVE-2008-0297
+CVE-2008-0297 (PhotoKorn allows remote attackers to obtain database credentials via a ...)
 	NOT-FOR-US: PhotoKorn
-CVE-2008-0296
+CVE-2008-0296 (Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLA ...)
 	{DSA-1543-1 DTSA-111-1}
 	- vlc 0.8.6.c-6 (bug #461544; medium)
-CVE-2008-0295
+CVE-2008-0295 (Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in th ...)
 	{DSA-1543-1 DTSA-111-1}
 	- vlc 0.8.6.c-6 (bug #461544; medium)
 	NOTE: this does not affect xine-lib itself, its just vlc that ships a really old version of it
-CVE-2008-0294
+CVE-2008-0294 (Unspecified vulnerability in the seat-locking implementation in FreeSe ...)
 	NOT-FOR-US: FreeSeat
-CVE-2008-0293
+CVE-2008-0293 (Unspecified vulnerability in cron.php in FreeSeat before 1.1.5d, when  ...)
 	NOT-FOR-US: FreeSeat
-CVE-2008-0292
+CVE-2008-0292 (Cross-site scripting (XSS) vulnerability in photo_album.pl in Dansie P ...)
 	NOT-FOR-US: Dansie Photo Album
-CVE-2008-0291
+CVE-2008-0291 (SQL injection vulnerability in showproduct.asp in RichStrong CMS allow ...)
 	NOT-FOR-US: RichStrong CMS
 CVE-2008-0161
 	RESERVED
-CVE-2008-0290
+CVE-2008-0290 (Multiple SQL injection vulnerabilities in Digital Hive 2.0 RC2 and ear ...)
 	NOT-FOR-US: Digital Hive
-CVE-2008-0289
+CVE-2008-0289 (PHP remote file inclusion vulnerability in view_func.php in Member Are ...)
 	NOT-FOR-US: Member Area System
-CVE-2008-0288
+CVE-2008-0288 (Multiple SQL injection vulnerabilities in ImageAlbum 2.0.0b2 allow rem ...)
 	NOT-FOR-US: ImageAlbum
-CVE-2008-0287
+CVE-2008-0287 (PHP remote file inclusion vulnerability in VisionBurst vcart 3.3.2 all ...)
 	NOT-FOR-US: VisionBurst vcart
-CVE-2008-0286
+CVE-2008-0286 (SQL injection vulnerability in admin/login.php in Article Dashboard al ...)
 	NOT-FOR-US: Article Dashboard
-CVE-2008-0285
+CVE-2008-0285 (ngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remot ...)
 	- ngircd 0.10.3-2 (bug #461067; low)
 	[etch] - ngircd <no-dsa> (Minor issue)
-CVE-2008-0284
+CVE-2008-0284 (Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2008-0283
+CVE-2008-0283 (PHP remote file inclusion vulnerability in /aides/index.php in DomPHP  ...)
 	NOT-FOR-US: DomPHP
-CVE-2008-0282
+CVE-2008-0282 (SQL injection vulnerability in welcome/inscription.php in DomPHP 0.81  ...)
 	NOT-FOR-US: DomPHP
-CVE-2008-0281
+CVE-2008-0281 (SQL injection vulnerability in liste.php in ID-Commerce 2.0 and earlie ...)
 	NOT-FOR-US: ID-Commerce
-CVE-2008-0280
+CVE-2008-0280 (SQL injection vulnerability in index.php in MTCMS 2.0 and possibly ear ...)
 	NOT-FOR-US: MTCMS
-CVE-2008-0279
+CVE-2008-0279 (SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibl ...)
 	NOT-FOR-US: Xforum
-CVE-2008-0278
+CVE-2008-0278 (SQL injection vulnerability in index.php in X7 Chat 2.0.5 and possibly ...)
 	NOT-FOR-US: X7 Chat
-CVE-2008-0277
+CVE-2008-0277 (Unspecified vulnerability in the Fileshare module for Drupal allows re ...)
 	NOT-FOR-US: Fileshare module for Drupal
-CVE-2008-0276
+CVE-2008-0276 (Cross-site scripting (XSS) vulnerability in the Devel module before 5. ...)
 	NOT-FOR-US: Devel module for Drupal
-CVE-2008-0275
+CVE-2008-0275 (The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal ...)
 	NOT-FOR-US: Atom module for Drupal
-CVE-2008-0274
+CVE-2008-0274 (Cross-site scripting (XSS) vulnerability in Drupal 4.7.x and 5.x, when ...)
 	- drupal5 5.6-1 (unimportant)
 	NOTE: needs register_globals on
-CVE-2008-0273
+CVE-2008-0273 (Interpretation conflict in Drupal 4.7.x before 4.7.11 and 5.x before 5 ...)
 	- drupal5 5.6-1 (low)
-CVE-2008-0272
+CVE-2008-0272 (Cross-site request forgery (CSRF) vulnerability in the aggregator modu ...)
 	- drupal5 5.6-1 (low)
-CVE-2008-0271
+CVE-2008-0271 (The editor deletion form in BUEditor 4.7.x before 4.7.x-1.0 and 5.x be ...)
 	NOT-FOR-US: BUEditor
-CVE-2008-0270
+CVE-2008-0270 (SQL injection vulnerability in index.php in TaskFreak! 0.6.1 and earli ...)
 	NOT-FOR-US: TaskFreak!
-CVE-2008-0269
+CVE-2008-0269 (Unspecified vulnerability in the dotoprocs function in Sun Solaris 10  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-0268
+CVE-2008-0268 (Cross-site scripting (XSS) vulnerability in view.php in eTicket 1.5.5. ...)
 	NOT-FOR-US: eTicket
-CVE-2008-0267
+CVE-2008-0267 (Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote ...)
 	NOT-FOR-US: eTicket
-CVE-2008-0266
+CVE-2008-0266 (Cross-site request forgery (CSRF) vulnerability in admin.php in eTicke ...)
 	NOT-FOR-US: eTicket
-CVE-2008-0265
+CVE-2008-0265 (Multiple cross-site scripting (XSS) vulnerabilities in the Search func ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2008-0264
+CVE-2008-0264 (Unspecified vulnerability in the Meta Tags (aka Nodewords) 5.x-1.6 mod ...)
 	NOT-FOR-US: Meta Tags module for Drupal
-CVE-2008-0263
+CVE-2008-0263 (The SIP module in Ingate Firewall before 4.6.1 and SIParator before 4. ...)
 	NOT-FOR-US: Ingate Firewall
-CVE-2008-0262
+CVE-2008-0262 (SQL injection vulnerability in includes/articleblock.php in Agares Php ...)
 	NOT-FOR-US: Agares PhpAutoVideo
-CVE-2008-0261
+CVE-2008-0261 (Unspecified vulnerability in the search component and module in Mambo  ...)
 	NOT-FOR-US: Mambo
 	NOTE: Mambo is in experimental
-CVE-2008-0260
+CVE-2008-0260 (minimal Gallery 0.8 allows remote attackers to obtain configuration in ...)
 	NOT-FOR-US: minimal Gallery
-CVE-2008-0259
+CVE-2008-0259 (Multiple directory traversal vulnerabilities in _mg/php/mg_thumbs.php  ...)
 	NOT-FOR-US: minimal Gallery
-CVE-2008-0258
+CVE-2008-0258 (Cross-site scripting (XSS) vulnerability in index.php in PHP Running M ...)
 	NOT-FOR-US: PHP Running Management
-CVE-2008-0257
+CVE-2008-0257 (Cross-site scripting (XSS) vulnerability in search.pl in Dansie Search ...)
 	NOT-FOR-US: Dansie Search
-CVE-2008-0256
+CVE-2008-0256 (Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Galle ...)
 	NOT-FOR-US: Matteo Binda ASP Photo Gallery
-CVE-2008-0255
+CVE-2008-0255 (SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 a ...)
 	NOT-FOR-US: iGaming
-CVE-2008-0254
+CVE-2008-0254 (SQL injection vulnerability in activate.php in TutorialCMS (aka Photos ...)
 	NOT-FOR-US: TutorialCMS
-CVE-2008-0253
+CVE-2008-0253 (SQL injection vulnerability in full_text.php in Binn SBuilder allows r ...)
 	NOT-FOR-US: Binn SBuilder
-CVE-2008-0252
+CVE-2008-0252 (Directory traversal vulnerability in the _get_file_path function in (1 ...)
 	{DSA-1481-1}
 	- python-cherrypy 2.2.1-3.1 (low; bug #461069)
 	- cherrypy3 3.0.2-2
-CVE-2008-0251
+CVE-2008-0251 (Unrestricted file upload vulnerability in PhotoPost vBGallery before 2 ...)
 	NOT-FOR-US: PhotoPost vBGallery
-CVE-2008-0250
+CVE-2008-0250 (Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-ass ...)
 	NOT-FOR-US: Microsoft Visual InterDev
-CVE-2008-0249
+CVE-2008-0249 (PHP Webquest 2.6 allows remote attackers to retrieve database credenti ...)
 	NOT-FOR-US: PHP Webquest
-CVE-2008-0248
+CVE-2008-0248 (Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ...)
 	NOT-FOR-US: StreamAudio ChainCast ProxyManager
-CVE-2008-0247
+CVE-2008-0247 (Heap-based buffer overflow in the Express Backup Server service (dsmsv ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2008-0246
+CVE-2008-0246 (admin.php in UploadScript 1.0 does not check for the original password ...)
 	NOT-FOR-US: UploadScript
-CVE-2008-0245
+CVE-2008-0245 (admin.php in UploadImage 1.0 does not check for the original password  ...)
 	NOT-FOR-US: UploadImage
-CVE-2008-0244
+CVE-2008-0244 (SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to exec ...)
 	- maxdb-7.5.00 <removed> (medium; bug #461444)
 	NOTE: see #461456 for removal explanation
-CVE-2008-0243
+CVE-2008-0243 (Unspecified vulnerability in Lotus Domino 7.0.2 before Fix Pack 3 allo ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2008-0242
+CVE-2008-0242 (Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local ...)
 	NOT-FOR-US: Sun Solari
-CVE-2008-0241
+CVE-2008-0241 (Open redirect vulnerability in /idm/user/login.jsp in Sun Java System  ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-0240
+CVE-2008-0240 (/idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 throug ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-0239
+CVE-2008-0239 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2008-0238
+CVE-2008-0238 (Multiple heap-based buffer overflows in the rmff_dump_cont function in ...)
 	NOTE: Dupe of CVE-2008-0225
-CVE-2008-0299
+CVE-2008-0299 (common.py in Paramiko 1.7.1 and earlier, when using threads or forked  ...)
 	- paramiko 1.6.4-1.1 (low; bug #460706)
 	[etch] - paramiko <no-dsa> (Minor issue)
 	NOTE: http://web.archive.org/web/20100715101310/http://www.lag.net/pipermail/paramiko/2008-January/000599.html
-CVE-2008-0237
+CVE-2008-0237 (The Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 al ...)
 	NOT-FOR-US: Microsoft Rich Textbox ActiveX Control
-CVE-2008-0236
+CVE-2008-0236 (An ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0)  ...)
 	NOT-FOR-US: Microsoft Visual FoxPro
-CVE-2008-0235
+CVE-2008-0235 (The Microsoft VFP_OLE_Server ActiveX control allows remote attackers t ...)
 	NOT-FOR-US: Microsoft VFP_OLE_Server ActiveX control
-CVE-2008-0234
+CVE-2008-0234 (Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions  ...)
 	NOT-FOR-US: Apple Quicktime Player
-CVE-2008-0233
+CVE-2008-0233 (Unrestricted file upload vulnerability in Zero CMS 1.0 Alpha and earli ...)
 	NOT-FOR-US: Zero CMS
-CVE-2008-0232
+CVE-2008-0232 (Multiple SQL injection vulnerabilities in Zero CMS 1.0 Alpha allow rem ...)
 	NOT-FOR-US: Zero CMS
-CVE-2008-0231
+CVE-2008-0231 (Multiple directory traversal vulnerabilities in index.php in Tuned Stu ...)
 	NOT-FOR-US: Tune Studio
-CVE-2008-0230
+CVE-2008-0230 (PHP remote file inclusion vulnerability in php121db.php in osDate 2.0. ...)
 	NOT-FOR-US: osDate
-CVE-2008-0229
+CVE-2008-0229 (The telnet service in LevelOne WBR-3460 4-Port ADSL 2/2+ Wireless Mode ...)
 	NOT-FOR-US: LevelOne router firmware
-CVE-2008-0228
+CVE-2008-0228 (Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Li ...)
 	NOT-FOR-US: Linksys WRT54GL firmware
-CVE-2008-0227
+CVE-2008-0227 (yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, ...)
 	{DSA-1478-1}
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg-5.0 5.0.51-3 (low; bug #460873)
 	- cyassl <not-affected> (Fixed before initial upload to archive)
-CVE-2008-0226
+CVE-2008-0226 (Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL ...)
 	{DSA-1478-1}
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg-5.0 5.0.51-3 (medium; bug #460873)
 	- cyassl <not-affected> (Fixed before initial upload to archive)
-CVE-2008-0225
+CVE-2008-0225 (Heap-based buffer overflow in the rmff_dump_cont function in input/lib ...)
 	{DSA-1472-1 DTSA-109-1}
 	- xine-lib 1.1.10-1 (medium; bug #460551)
-CVE-2008-0224
+CVE-2008-0224 (SQL injection vulnerability in index.php in the Newbb_plus 0.92 and ea ...)
 	NOT-FOR-US: RunCMS
-CVE-2008-0223
+CVE-2008-0223 (Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSyste ...)
 	NOT-FOR-US: JustSystem
-CVE-2008-0222
+CVE-2008-0222 (Unrestricted file upload vulnerability in ajaxfilemanager.php in the W ...)
 	NOT-FOR-US: Wp-FileManager plugin for WordPress
-CVE-2008-0221
+CVE-2008-0221 (Directory traversal vulnerability in the WebLaunch.WeblaunchCtl.1 (aka ...)
 	NOT-FOR-US: Gateway Weblaunch
-CVE-2008-0220
+CVE-2008-0220 (Multiple stack-based buffer overflows in the WebLaunch.WeblaunchCtl.1  ...)
 	NOT-FOR-US: Gateway Weblaunch
-CVE-2008-0219
+CVE-2008-0219 (SQL injection vulnerability in soporte_horizontal_w.php in PHP Webques ...)
 	NOT-FOR-US: Webquest
-CVE-2008-0218
+CVE-2008-0218 (Cross-site scripting (XSS) vulnerability in admin/index.html in Merak  ...)
 	NOT-FOR-US: Merak IceWarp Mail Server
-CVE-2008-0217
+CVE-2008-0217 (The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openp ...)
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (FreeBSD not supported)
 	- kfreebsd-6 <not-affected> (see bug #483152)
 	- kfreebsd-7 <not-affected> (see bug #483152)
-CVE-2008-0216
+CVE-2008-0216 (The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not pr ...)
 	- kfreebsd-5 <not-affected> (see bug #483152)
 	- kfreebsd-6 <not-affected> (see bug #483152)
 	- kfreebsd-7 <not-affected> (see bug #483152)
-CVE-2008-0215
+CVE-2008-0215 (Multiple unspecified vulnerabilities in HP Storage Essentials Storage  ...)
 	NOT-FOR-US: HP SRM
-CVE-2008-0214
+CVE-2008-0214 (Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, ...)
 	NOT-FOR-US: HP Select Identity
-CVE-2008-0213
+CVE-2008-0213 (Unspecified vulnerability in a certain ActiveX control for HP Virtual  ...)
 	NOT-FOR-US: HP Virtual Rooms
-CVE-2008-0212
+CVE-2008-0212 (ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7 ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-0211
+CVE-2008-0211 (Unspecified vulnerability in the BIOS F.04 through F.11 for the HP Com ...)
 	NOT-FOR-US: BIOS F.04
-CVE-2008-0210
+CVE-2008-0210 (Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication stat ...)
 	NOT-FOR-US: Uebimiau Webmail
-CVE-2008-0209
+CVE-2008-0209 (Open redirect vulnerability in Forums/login.asp in Snitz Forums 2000 3 ...)
 	NOT-FOR-US: Snitz Forums 2000
-CVE-2008-0208
+CVE-2008-0208 (Cross-site scripting (XSS) vulnerability in login.asp in Snitz Forums  ...)
 	NOT-FOR-US: Snitz Forums 2000
-CVE-2008-0207
+CVE-2008-0207 (Multiple cross-site scripting (XSS) vulnerabilities in PRO-Search 0.17 ...)
 	NOT-FOR-US: PRO-Search
-CVE-2008-0206
+CVE-2008-0206 (Multiple cross-site scripting (XSS) vulnerabilities in captcha\captcha ...)
 	NOT-FOR-US: Captcha!
-CVE-2008-0205
+CVE-2008-0205 (Multiple cross-site request forgery (CSRF) vulnerabilities in math-com ...)
 	NOT-FOR-US: Math Comment Spam Protection plugin for WordPress
-CVE-2008-0204
+CVE-2008-0204 (Multiple cross-site scripting (XSS) vulnerabilities in math-comment-sp ...)
 	NOT-FOR-US: Math Comment Spam Protection plugin for WordPress
-CVE-2008-0203
+CVE-2008-0203 (Multiple cross-site scripting (XSS) vulnerabilities in cryptographp/ad ...)
 	NOT-FOR-US: Cryptographp plugin for WordPress
-CVE-2008-0202
+CVE-2008-0202 (CRLF injection vulnerability in index.php in ExpressionEngine 1.2.1 an ...)
 	NOT-FOR-US: ExpressionEngine
-CVE-2008-0201
+CVE-2008-0201 (Cross-site scripting (XSS) vulnerability in index.php in ExpressionEng ...)
 	NOT-FOR-US: ExpressionEngine
-CVE-2008-0200
+CVE-2008-0200 (Multiple cross-site scripting (XSS) vulnerabilities in account/index.h ...)
 	NOT-FOR-US: RotaBanner
-CVE-2008-0199
+CVE-2008-0199 (PRO-Search 0.17 and earlier allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: PRO-Search
-CVE-2008-0198
+CVE-2008-0198 (Multiple cross-site request forgery (CSRF) vulnerabilities in wp-conta ...)
 	NOT-FOR-US: WP-ContactForm plugin for WordPress
-CVE-2008-0197
+CVE-2008-0197 (Multiple cross-site scripting (XSS) vulnerabilities in wp-contact-form ...)
 	NOT-FOR-US: WP-ContactForm plugin for WordPress
-CVE-2008-0196
+CVE-2008-0196 (Multiple directory traversal vulnerabilities in WordPress 2.0.11 and e ...)
 	- wordpress 2.3.3-1
 	[etch] - wordpress <no-dsa> (Auth is needed and attacker should have permissions to edit files)
-CVE-2008-0195
+CVE-2008-0195 (WordPress 2.0.11 and earlier allows remote attackers to obtain sensiti ...)
 	- wordpress 2.1.0-1 (unimportant)
 	NOTE: full path and DB structure already known on Debian
 	NOTE: poked hendry
-CVE-2008-0194
+CVE-2008-0194 (Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0 ...)
 	{DSA-1502-1}
 	- wordpress 2.1.0-1
 	NOTE: Vulnerable code removed since 2.1 release
-CVE-2008-0193
+CVE-2008-0193 (Cross-site scripting (XSS) vulnerability in wp-db-backup.php in WordPr ...)
 	{DSA-1502-1}
 	- wordpress 2.1.0-1
 	NOTE: Vulnerable code removed since 2.1 release
-CVE-2008-0192
+CVE-2008-0192 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.0.9 ...)
 	- wordpress 2.0.10-1
 	NOTE: poked hendry
-CVE-2008-0191
+CVE-2008-0191 (WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive  ...)
 	- wordpress <unfixed> (unimportant)
 	NOTE: full path and DB structure already known on Debian
 	NOTE: poked hendry
-CVE-2008-0190
+CVE-2008-0190 (Multiple cross-site scripting (XSS) vulnerabilities in templates/examp ...)
 	NOT-FOR-US: AwesomeTemplateEngine
 CVE-2008-0189
 	REJECTED
 CVE-2008-0188
 	REJECTED
-CVE-2008-0187
+CVE-2008-0187 (SQL injection vulnerability in songinfo.php in SAM Broadcaster samPHPw ...)
 	NOT-FOR-US: SAM Broadcaster samPHPweb
-CVE-2008-0186
+CVE-2008-0186 (Cross-site scripting (XSS) vulnerability in index.php in NetRisk 1.9.7 ...)
 	NOT-FOR-US: NetRisk
-CVE-2008-0185
+CVE-2008-0185 (SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly ...)
 	NOT-FOR-US: NetRisk
-CVE-2008-0184
+CVE-2008-0184 (Absolute path traversal vulnerability in index.php in Sys-Hotel on Lin ...)
 	NOT-FOR-US: Sys-Hotel
 CVE-2008-0183
 	RESERVED
-CVE-2008-0182
+CVE-2008-0182 (Cross-site request forgery (CSRF) vulnerability in the Admin portlet i ...)
 	- liferay-portal <itp> (bug #569819)
-CVE-2008-0181
+CVE-2008-0181 (Cross-site scripting (XSS) vulnerability in the Admin portlet in Lifer ...)
 	- liferay-portal <itp> (bug #569819)
-CVE-2008-0180
+CVE-2008-0180 (Cross-site scripting (XSS) vulnerability in themes/_unstyled/templates ...)
 	- liferay-portal <itp> (bug #569819)
-CVE-2008-0179
+CVE-2008-0179 (Cross-site scripting (XSS) vulnerability in service/impl/UserLocalServ ...)
 	- liferay-portal <itp> (bug #569819)
-CVE-2008-0178
+CVE-2008-0178 (Cross-site scripting (XSS) vulnerability in the Enterprise Admin Sessi ...)
 	- liferay-portal <itp> (bug #569819)
-CVE-2008-0177
+CVE-2008-0177 (The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME  ...)
 	- kfreebsd-7 <not-affected> (see bug #483152)
 	- kfreebsd-6 <not-affected> (see bug #483152)
 	- kfreebsd-5 <removed>
 	[etch] - kfreebsd-5 <no-dsa> (FreeBSD not supported)
 	NOTE: Linux kernel code is not affected, the proper check is there
 	NOTE: (somewhat difficult to spot, it happens in the caller).
-CVE-2008-0176
+CVE-2008-0176 (Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SC ...)
 	NOT-FOR-US: GE Fanuc CIMPLICITY
-CVE-2008-0175
+CVE-2008-0175 (Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time I ...)
 	NOT-FOR-US: GE Fanuc Proficy Real-Time Information Portal
-CVE-2008-0174
+CVE-2008-0174 (GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTT ...)
 	NOT-FOR-US: GE Fanuc Proficy Real-Time Information Portal
-CVE-2008-0172
+CVE-2008-0172 (The get_repeat_type function in basic_regex_creator.hpp in the Boost r ...)
 	- boost 1.34.1-5 (low; bug #461236)
 	[etch] - boost <no-dsa> (Minor issue)
-CVE-2008-0171
+CVE-2008-0171 (regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (ak ...)
 	- boost 1.34.1-5 (low; bug #461236)
 	[etch] - boost <no-dsa> (Minor issue)
 CVE-2008-0170
 	RESERVED
-CVE-2008-0169
+CVE-2008-0169 (Plugin/passwordauth.pm (aka the passwordauth plugin) in ikiwiki 1.34 t ...)
 	- ikiwiki 2.48 (medium; bug #483770)
 	[etch] - ikiwiki <not-affected> (Vulnerable code introduced in 1.34)
 CVE-2008-0168
 	RESERVED
-CVE-2008-0167
+CVE-2008-0167 (The write_array_file function in utils/include.pl in GForge 4.5.14 upd ...)
 	{DSA-1577-1}
 	- gforge 4.6.99+svn6496-1 (low)
 	NOTE: https://rt.debian.org/Ticket/Display.html?id=672
-CVE-2008-0166
+CVE-2008-0166 (OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operat ...)
 	{DSA-1576-1 DSA-1571-1}
 	- openssl 0.9.8g-9 (high)
 	[sarge] - openssl <not-affected> (Vulnerable code not present)
 	- openssh 4.7p1-9 (high)
 	NOTE: http://www.debian.org/security/key-rollover/
-CVE-2008-0165
+CVE-2008-0165 (Cross-site request forgery (CSRF) vulnerability in Ikiwiki before 2.42 ...)
 	{DSA-1553-1}
 	- ikiwiki 2.42
-CVE-2008-0164
+CVE-2008-0164 (Multiple cross-site request forgery (CSRF) vulnerabilities in Plone CM ...)
 	- plone3 3.1.1-1 (bug #473571)
-CVE-2008-0163
+CVE-2008-0163 (Linux kernel 2.6, when using vservers, allows local users to access re ...)
 	{DSA-1494-1}
 	- linux-2.6 2.6.25-1 (high)
-CVE-2008-0162
+CVE-2008-0162 (misc.c in splitvt 1.6.6 and earlier does not drop group privileges bef ...)
 	{DSA-1500-1}
 	- splitvt 1.6.6-4
-CVE-2008-0302
+CVE-2008-0302 (Untrusted search path vulnerability in apt-listchanges.py in apt-listc ...)
 	{DSA-1465-2}
 	- apt-listchanges 2.82 (medium)
 	[sarge] - apt-listchanges <not-affected> (Vulnerable code not present)
 	NOTE: see http://web.archive.org/web/20080206193307/http://git.madism.org:80/?p=apt-listchanges.git;a=commitdiff;h=1bcfbf3dc55413bb83a1782dc9a54515a963fb32
 CVE-2008-0160
 	RESERVED
-CVE-2008-0173
+CVE-2008-0173 (SQL injection vulnerability in Gforge 4.6.99 and earlier allows remote ...)
 	{DSA-1459-1}
 	- gforge 4.6.99+svn6330-1 (medium)
 	NOTE: this is exploitable by unauthenticated users
 	NOTE: Requires register_globals to be On, unsupported in lenny+sid.
 	NOTE: In lenny+sid these scripts just don't work, so no security issue.
 	NOTE: In etch+sarge we support gforge with rg On, unfortunately.
-CVE-2008-0159
+CVE-2008-0159 (SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier  ...)
 	NOT-FOR-US: eggBlog
-CVE-2008-0158
+CVE-2008-0158 (Directory traversal vulnerability in index.php in Shop-Script 2.0 and  ...)
 	NOT-FOR-US: Shop-Script
-CVE-2008-0157
+CVE-2008-0157 (SQL injection vulnerability in FlexBB 0.6.3 and earlier allows remote  ...)
 	NOT-FOR-US: FlexBB
-CVE-2008-0156
+CVE-2008-0156 (Absolute path traversal vulnerability in index.php in Million Dollar S ...)
 	NOT-FOR-US: Million Dollar Script
-CVE-2008-0155
+CVE-2008-0155 (Cross-site scripting (XSS) vulnerability in index.php in EvilBoard 0.1 ...)
 	NOT-FOR-US: EvilBoard
-CVE-2008-0154
+CVE-2008-0154 (SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) all ...)
 	NOT-FOR-US: EvilBoard
-CVE-2008-0153
+CVE-2008-0153 (telnetd.exe in Pragma TelnetServer 7.0.4.589 allows remote attackers t ...)
 	NOT-FOR-US: Pragma TelnetServer
-CVE-2008-0152
+CVE-2008-0152 (SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier  ...)
 	NOT-FOR-US: SeattleLab SLNet RF Telnet Server
-CVE-2008-0151
+CVE-2008-0151 (Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 35 ...)
 	NOT-FOR-US: Foxit WAC Server
-CVE-2008-0150
+CVE-2008-0150 (Unspecified vulnerability in the LDAP authentication feature in Aruba  ...)
 	NOT-FOR-US: Aruba Mobility Controller
-CVE-2008-0149
+CVE-2008-0149 (TUTOS 1.3 allows remote attackers to read system information via a dir ...)
 	- tutos <removed>
 	- tutos2 <not-affected> (vulnerable code not present)
-CVE-2008-0148
+CVE-2008-0148 (TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows  ...)
 	- tutos <removed>
 	- tutos2 <not-affected> (vulnerable code not present)
-CVE-2008-0147
+CVE-2008-0147 (SQL injection vulnerability in index.php in SmallNuke 2.0.4 and earlie ...)
 	NOT-FOR-US: SmallNuke
-CVE-2008-0146
+CVE-2008-0146 (Cross-site scripting (XSS) vulnerability in the error page in W3-mSQL  ...)
 	NOT-FOR-US: W3-mSQL
-CVE-2008-0145
+CVE-2008-0145 (Unspecified vulnerability in glob in PHP before 4.4.8, when open_based ...)
 	- php4 <removed> (unimportant)
 	NOTE: open_basedir bypasses not supported
-CVE-2008-0144
+CVE-2008-0144 (PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7  ...)
 	NOT-FOR-US: NetRisk
-CVE-2008-0143
+CVE-2008-0143 (PHP remote file inclusion vulnerability in common/db.php in samPHPweb, ...)
 	NOT-FOR-US: samPHPweb
-CVE-2008-0142
+CVE-2008-0142 (Multiple SQL injection vulnerabilities in WebPortal CMS 0.6-beta allow ...)
 	NOT-FOR-US: WebPortal CMS
-CVE-2008-0141
+CVE-2008-0141 (actions.php in WebPortal CMS 0.6-beta generates predictable passwords  ...)
 	NOT-FOR-US: WebPortal CMS
-CVE-2008-0140
+CVE-2008-0140 (Directory traversal vulnerability in error.php in Uebimiau Webmail 2.7 ...)
 	NOT-FOR-US: Uebimiau Webmail
-CVE-2008-0139
+CVE-2008-0139 (Eval injection vulnerability in loudblog/inc/parse_old.php in Loudblog ...)
 	NOT-FOR-US: Loudblog
-CVE-2008-0138
+CVE-2008-0138 (PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php ...)
 	NOT-FOR-US: XOOPS
-CVE-2008-0137
+CVE-2008-0137 (PHP remote file inclusion vulnerability in config.inc.php in SNETWORKS ...)
 	NOT-FOR-US: SNETWORKS
-CVE-2008-0136
+CVE-2008-0136 (Snitz Forums 2000 3.4.05 allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: Snitz Forums 2000
-CVE-2008-0135
+CVE-2008-0135 (Snitz Forums 2000 3.4.06 and earlier stores sensitive information unde ...)
 	NOT-FOR-US: Snitz Forums 2000
-CVE-2008-0134
+CVE-2008-0134 (Cross-site scripting (XSS) vulnerability in Forums/setup.asp in Snitz  ...)
 	NOT-FOR-US: Snitz Forums 2000
-CVE-2008-0133
+CVE-2008-0133 (Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier all ...)
 	NOT-FOR-US: Tribisur
-CVE-2008-0132
+CVE-2008-0132 (Pragma FortressSSH 5.0 Build 4 Revision 293 and earlier handles long i ...)
 	NOT-FOR-US: Pragma FortressSSH
-CVE-2008-0131
+CVE-2008-0131 (Cross-site scripting (XSS) vulnerability in login_form.asp in Instant  ...)
 	NOT-FOR-US: Instant Softwares Dating Site
-CVE-2008-0130
+CVE-2008-0130 (SQL injection vulnerability in login_form.asp in Instant Softwares Dat ...)
 	NOT-FOR-US: Instant Softwares Dating Site
-CVE-2008-0129
+CVE-2008-0129 (SQL injection vulnerability in starnet/addons/slideshow_full.php in Si ...)
 	NOT-FOR-US: Site@School
-CVE-2008-0128
+CVE-2008-0128 (The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn ...)
 	{DSA-1468-1}
 	- tomcat5 <removed> (unimportant)
 	NOTE: SSO cookies not working in 5.0, have only been fixed in 5.5.13, see #34724
@@ -16896,21 +16896,21 @@ CVE-2008-0128
 	NOTE: SSO cookies sent over secure connections do not require
 	NOTE: secure connections, possibly defeating HTTPS encryption.
 	NOTE: See: http://issues.apache.org/bugzilla/show_bug.cgi?id=41217
-CVE-2008-0127
+CVE-2008-0127 (The administration interface in McAfee E-Business Server 8.5.2 and ear ...)
 	NOT-FOR-US: McAfee E-Business Server
 CVE-2008-0126
 	RESERVED
-CVE-2008-0125
+CVE-2008-0125 (Cross-site scripting (XSS) vulnerability in phpstats.php in Michael Wa ...)
 	NOT-FOR-US: Michael Wagner phpstats
-CVE-2008-0124
+CVE-2008-0124 (Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1 ...)
 	{DSA-1528-1}
 	- serendipity 1.3~b1-1 (low; bug #469667)
-CVE-2008-0123
+CVE-2008-0123 (Cross-site scripting (XSS) vulnerability in install.php for Moodle 1.8 ...)
 	- moodle 1.9.8-1 (unimportant)
 	NOTE: the issue itself has a quite small attack vector
 	NOTE: and considering that the apache configuration that comes
 	NOTE: with moodle limits connections to localhost this is no issue
-CVE-2008-0122
+CVE-2008-0122 (Off-by-one error in the inet_network function in libbind in ISC BIND 9 ...)
 	- bind <removed>
 	[sarge] - bind <no-dsa> (applications will use inet_network in libc)
 	[etch] - bind <no-dsa> (applications will use inet_network in libc)
@@ -16918,211 +16918,211 @@ CVE-2008-0122
 	- glibc 2.2-1
 	NOTE: The fix for the BIND-based resolver in GNU libc was made in 2000.
 	NOTE: libbind9 is distinct code, not related to the old libbind.
-CVE-2008-0121
+CVE-2008-0121 (A "memory calculation error" in Microsoft PowerPoint Viewer 2003 allow ...)
 	NOT-FOR-US: Microsoft PowerPoint Viewer
-CVE-2008-0120
+CVE-2008-0120 (Integer overflow in Microsoft PowerPoint Viewer 2003 allows remote att ...)
 	NOT-FOR-US: Microsoft PowerPoint Viewer
-CVE-2008-0119
+CVE-2008-0119 (Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2008-0118
+CVE-2008-0118 (Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 S ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0117
+CVE-2008-0117 (Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, an ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0116
+CVE-2008-0116 (Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility  ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0115
+CVE-2008-0115 (Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Vi ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0114
+CVE-2008-0114 (Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2 ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0113
+CVE-2008-0113 (Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to  ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0112
+CVE-2008-0112 (Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for  ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0111
+CVE-2008-0111 (Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Vi ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2008-0110
+CVE-2008-0110 (Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP  ...)
 	NOT-FOR-US: Microsoft Outlook
-CVE-2008-0109
+CVE-2008-0109 (Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0108
+CVE-2008-0108 (Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0107
+CVE-2008-0107 (Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2 ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2008-0106
+CVE-2008-0106 (Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Exp ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2008-0105
+CVE-2008-0105 (Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3,  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0104
+CVE-2008-0104 (Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, an ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0103
+CVE-2008-0103 (Unspecified vulnerability in Microsoft Office 2000 SP3, Office XP SP3, ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0102
+CVE-2008-0102 (Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, an ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0101
+CVE-2008-0101 (Format string vulnerability in the swDebugf function in DuneApp.cpp in ...)
 	- whitedune 0.28.13-1 (medium)
-CVE-2008-0100
+CVE-2008-0100 (Stack-based buffer overflow in the Scene::errorf function in Scene.cpp ...)
 	- whitedune 0.28.13-1 (medium)
-CVE-2008-0099
+CVE-2008-0099 (Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier  ...)
 	NOT-FOR-US: MyPHP Forum
-CVE-2008-0098
+CVE-2008-0098 (Buffer overflow in RealPlayer 11 build 6.0.14.748 allows remote attack ...)
 	NOT-FOR-US: RealPlayer
-CVE-2008-0097
+CVE-2008-0097 (Format string vulnerability in the log function in Georgia SoftWorks S ...)
 	NOT-FOR-US: Georgia SoftWorks SSH2 Server
-CVE-2008-0096
+CVE-2008-0096 (Multiple buffer overflows in Georgia SoftWorks SSH2 Server (GSW_SSHD)  ...)
 	NOT-FOR-US: Georgia SoftWorks SSH2 Server
-CVE-2008-0095
+CVE-2008-0095 (The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Bu ...)
 	- asterisk 1:1.4.17~dfsg-1 (medium; bug #458952)
 	[etch] - asterisk <not-affected> (Only Asterisk 1.4.x affected)
 	[sarge] - asterisk <not-affected> (Only Asterisk 1.4.x affected)
-CVE-2008-0094
+CVE-2008-0094 (Multiple directory traversal vulnerabilities in MODx Content Managemen ...)
 	NOT-FOR-US: MODx Content Management System
-CVE-2008-0093
+CVE-2008-0093 (Multiple cross-site scripting (XSS) vulnerabilities in newticket.php i ...)
 	NOT-FOR-US: eTicket
-CVE-2008-0092
+CVE-2008-0092 (Cross-site scripting (XSS) vulnerability in index.php in the search mo ...)
 	NOT-FOR-US: Appalachian State University phpWebSite
-CVE-2008-0091
+CVE-2008-0091 (Directory traversal vulnerability in download2.php in AGENCY4NET WEBFT ...)
 	NOT-FOR-US: AGENCY4NET WEBFTP
-CVE-2008-0090
+CVE-2008-0090 (A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows  ...)
 	NOT-FOR-US: DivX Player
-CVE-2008-0089
+CVE-2008-0089 (SQL injection vulnerability in uprofile.php in ClipShare allows remote ...)
 	NOT-FOR-US: ClipShare
-CVE-2008-0088
+CVE-2008-0088 (Unspecified vulnerability in Active Directory on Microsoft Windows 200 ...)
 	NOT-FOR-US: Windows
-CVE-2008-0087
+CVE-2008-0087 (The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-0086
+CVE-2008-0086 (Buffer overflow in the convert function in Microsoft SQL Server 2000 S ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2008-0085
+CVE-2008-0085 (SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (M ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2008-0084
+CVE-2008-0084 (Unspecified vulnerability in the TCP/IP support in Microsoft Windows V ...)
 	NOT-FOR-US: Windows
-CVE-2008-0083
+CVE-2008-0083 (The (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scriptin ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-0082
+CVE-2008-0082 (An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 ...)
 	NOT-FOR-US: Windows Messenger
-CVE-2008-0081
+CVE-2008-0081 (Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-0080
+CVE-2008-0080 (Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft  ...)
 	NOT-FOR-US: Windows
 CVE-2008-0079
 	REJECTED
-CVE-2008-0078
+CVE-2008-0078 (Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Micro ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-0077
+CVE-2008-0077 (Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 S ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-0076
+CVE-2008-0076 (Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 a ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-0075
+CVE-2008-0075 (Unspecified vulnerability in Microsoft Internet Information Services ( ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-0074
+CVE-2008-0074 (Unspecified vulnerability in Microsoft Internet Information Services ( ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-0073
+CVE-2008-0073 (Array index error in the sdpplin_parse function in input/libreal/sdppl ...)
 	{DSA-1543-1 DSA-1536-1 DTSA-119-1 DTSA-128-1}
 	- xine-lib 1.1.11-1 (medium)
 	- vlc 0.8.6.e-2 (medium; bug #473057)
 	NOTE: http://bugs.xine-project.org/show_bug.cgi?id=58
-CVE-2008-0072
+CVE-2008-0072 (Format string vulnerability in the emf_multipart_encrypted function in ...)
 	{DSA-1512-1}
 	- evolution 2.12.3-1.1
 	NOTE: SA29057
-CVE-2008-0071
+CVE-2008-0071 (The Web UI interface in (1) BitTorrent before 6.0.3 build 8642 and (2) ...)
 	NOT-FOR-US: uTorrent 1.7.7 (build 8179) / BitTorrent 6.0.1 (build 7859)
-CVE-2008-0070
+CVE-2008-0070 (Integer overflow in Orb Networks Orb 2.00.1014 and Winamp Remote BETA  ...)
 	NOT-FOR-US: Orb Networks Orb and Winamp Remote BETA
-CVE-2008-0069
+CVE-2008-0069 (Stack-based buffer overflow in XnView 1.92 and 1.92.1 allows user-assi ...)
 	NOT-FOR-US: XnView
-CVE-2008-0068
+CVE-2008-0068 (Directory traversal vulnerability in OpenView5.exe in HP OpenView Netw ...)
 	NOT-FOR-US: HP OpenView
-CVE-2008-0067
+CVE-2008-0067 (Multiple stack-based buffer overflows in HP OpenView Network Node Mana ...)
 	NOT-FOR-US: HP OpenView Network Node Manager (OV NNM)
-CVE-2008-0066
+CVE-2008-0066 (Multiple buffer overflows in htmsr.dll in the HTML speed reader in Aut ...)
 	NOT-FOR-US: KeyView
-CVE-2008-0065
+CVE-2008-0065 (Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5. ...)
 	NOT-FOR-US: Winamp
-CVE-2008-0064
+CVE-2008-0064 (Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.9 ...)
 	NOT-FOR-US: XnView, nconvert GFL SDK for Windows
-CVE-2008-0063
+CVE-2008-0063 (The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not pro ...)
 	{DSA-1524-1}
 	- krb5 1.6.dfsg.3~beta1-4 (medium)
-CVE-2008-0062
+CVE-2008-0062 (KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for som ...)
 	{DSA-1524-1}
 	- krb5 1.6.dfsg.3~beta1-4 (high)
-CVE-2008-0060
+CVE-2008-0060 (Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attacke ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0059
+CVE-2008-0059 (Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allow ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0058
+CVE-2008-0058 (Race condition in the NSURLConnection cache management functionality i ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0057
+CVE-2008-0057 (Multiple integer overflows in a "legacy serialization format" parser i ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0056
+CVE-2008-0056 (Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 al ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0055
+CVE-2008-0055 (Foundation in Apple Mac OS X 10.4.11 creates world-writable directorie ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0054
+CVE-2008-0054 (Foundation in Apple Mac OS X 10.4.11 might allow context-dependent att ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0053
+CVE-2008-0053 (Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS  ...)
 	{DSA-1625-1}
 	- cupsys 1.3.6-1
 	- cups 1.3.6-1
 	NOTE: https://bugzilla.redhat.com/attachment.cgi?id=298651
-CVE-2008-0052
+CVE-2008-0052 (CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file type ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0051
+CVE-2008-0051 (Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might all ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0050
+CVE-2008-0050 (CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0049
+CVE-2008-0049 (AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0048
+CVE-2008-0048 (Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0047
+CVE-2008-0047 (Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1. ...)
 	{DSA-1530-1}
 	- cupsys 1.3.6-3 (medium; bug #472105)
 	- cups 1.3.6-3 (medium; bug #472105)
 	[sarge] - cupsys <not-affected> (Vulnerable code not present)
-CVE-2008-0046
+CVE-2008-0046 (The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect Ger ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0045
+CVE-2008-0045 (Unspecified vulnerability in AFP Server in Apple Mac OS X 10.4.11 allo ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0044
+CVE-2008-0044 (Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0043
+CVE-2008-0043 (Format string vulnerability in Apple iPhoto before 7.1.2 allows remote ...)
 	NOT-FOR-US: Apple iPhoto
-CVE-2008-0042
+CVE-2008-0042 (Argument injection vulnerability in Terminal.app in Terminal in Apple  ...)
 	NOT-FOR-US: Apple Mac OSX
-CVE-2008-0041
+CVE-2008-0041 (Parental Controls in Apple Mac OS X 10.5 through 10.5.1 contacts www.a ...)
 	NOT-FOR-US: Apple Mac OSX
-CVE-2008-0040
+CVE-2008-0040 (Unspecified vulnerability in NFS in Apple Mac OS X 10.5 through 10.5.1 ...)
 	NOT-FOR-US: Apple Mac OSX
-CVE-2008-0039
+CVE-2008-0039 (Unspecified vulnerability in Mail in Apple Mac OS X 10.4.11 allows rem ...)
 	NOT-FOR-US: Apple Mac OSX
-CVE-2008-0038
+CVE-2008-0038 (Launch Services in Apple Mac OS X 10.5 through 10.5.1 allows an uninst ...)
 	NOT-FOR-US: Apple Mac OSX
-CVE-2008-0037
+CVE-2008-0037 (X11 in Apple Mac OS X 10.5 through 10.5.1 does not properly handle whe ...)
 	NOT-FOR-US: Apple Mac OSX
-CVE-2008-0036
+CVE-2008-0036 (Buffer overflow in Apple QuickTime before 7.4 allows remote attackers  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-0035
+CVE-2008-0035 (Unspecified vulnerability in Foundation, as used in Apple iPhone 1.0 t ...)
 	NOT-FOR-US: Apple cocoa Foundation
 	NOTE: AFAICS this is not the same as libfoundation in Debian
-CVE-2008-0034
+CVE-2008-0034 (Unspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through ...)
 	NOT-FOR-US: Apple iPhone
-CVE-2008-0033
+CVE-2008-0033 (Unspecified vulnerability in Apple QuickTime before 7.4 allows remote  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-0032
+CVE-2008-0032 (Apple QuickTime before 7.4 allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2008-0031
+CVE-2008-0031 (Unspecified vulnerability in Apple QuickTime before 7.4 allows remote  ...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2008-0030
 	REJECTED
-CVE-2008-0029
+CVE-2008-0029 (Cisco Application Velocity System (AVS) before 5.1.0 is installed with ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0028
+CVE-2008-0028 (Unspecified vulnerability in Cisco PIX 500 Series Security Appliance a ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0027
+CVE-2008-0027 (Heap-based buffer overflow in the Certificate Trust List (CTL) Provide ...)
 	NOT-FOR-US: Cisco
-CVE-2008-0026
+CVE-2008-0026 (SQL injection vulnerability in Cisco Unified CallManager/Communication ...)
 	NOT-FOR-US: Cisco
 CVE-2008-0025
 	RESERVED
@@ -17134,54 +17134,54 @@ CVE-2008-0022
 	RESERVED
 CVE-2008-0021
 	RESERVED
-CVE-2008-0020
+CVE-2008-0020 (Unspecified vulnerability in the Load method in the IPersistStreamInit ...)
 	NOT-FOR-US: Microsoft
 CVE-2008-0019
 	RESERVED
 CVE-2008-0018
 	RESERVED
-CVE-2008-0017
+CVE-2008-0017 (The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3 ...)
 	{DSA-1697-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- iceape 1.1.13-1
-CVE-2008-0016
+CVE-2008-0016 (Stack-based buffer overflow in the URL parsing implementation in Mozil ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.1-1
 	- iceweasel 3.0.1-1
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
-CVE-2008-0015
+CVE-2008-0015 (Stack-based buffer overflow in the CComVariant::ReadFromStream functio ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-0014
+CVE-2008-0014 (Heap-based buffer overflow in an unspecified procedure in Trend Micro  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2008-0013
+CVE-2008-0013 (Heap-based buffer overflow in an unspecified procedure in Trend Micro  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2008-0012
+CVE-2008-0012 (Heap-based buffer overflow in an unspecified procedure in Trend Micro  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2008-0011
+CVE-2008-0011 (Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 an ...)
 	NOT-FOR-US: Microsoft DirectX
-CVE-2008-0010
+CVE-2008-0010 (The copy_from_user_mmap_sem function in fs/splice.c in the Linux kerne ...)
 	- linux-2.6 2.6.24-4
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, in 2.6.24-4 of linux-2.6)
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
-CVE-2008-0009
+CVE-2008-0009 (The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.2 ...)
 	- linux-2.6 2.6.24-4
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, in 2.6.24-4 of linux-2.6)
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
-CVE-2008-0008
+CVE-2008-0008 (The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 bui ...)
 	{DSA-1476-1}
 	- pulseaudio 0.9.9-1
-CVE-2008-0007
+CVE-2008-0007 (Linux kernel before 2.6.22.17, when using certain drivers that registe ...)
 	{DSA-1565-1 DSA-1503-2 DSA-1504-1 DSA-1503-1}
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, in 2.6.24-4 of linux-2.6)
 	- linux-2.6 2.6.24-4
-CVE-2008-0006
+CVE-2008-0006 (Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont ...)
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
 	- libxfont 1:1.3.1-2
 	[etch] - libxfont 1:1.2.2-2.etch1
-CVE-2008-0005
+CVE-2008-0005 (mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-de ...)
 	- apache2 2.2.8-1 (low)
 	- apache <removed> (low)
 	[etch] - apache <no-dsa> (browser issue; low impact)
@@ -17190,15 +17190,15 @@ CVE-2008-0005
 	[etch] - apache2 2.2.3-4+etch4 (low)
 CVE-2008-0004
 	REJECTED
-CVE-2008-0003
+CVE-2008-0003 (Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback  ...)
 	NOT-FOR-US: OpenPegasus CIM management server
-CVE-2008-0002
+CVE-2008-0002 (Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context ...)
 	- tomcat5.5 <not-affected> (Only Tomcat 6 is affected, according to upstream)
-CVE-2008-0001
+CVE-2008-0001 (VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.1 ...)
 	{DSA-1479-1}
 	- linux-2.6 2.6.24-1
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, upstream in 2.6.24)
-CVE-2008-0061
+CVE-2008-0061 (MaraDNS 1.0 before 1.0.41, 1.2 before 1.2.12.08, and 1.3 before 1.3.07 ...)
 	{DSA-1445-1}
 	- maradns 1.2.12.08-1
 	NOTE: http://marc.info/?l=maradns-list&m=118842373527534&w=2
diff --git a/data/CVE/2009.list b/data/CVE/2009.list
index c4052abaf5..f4813ad620 100644
--- a/data/CVE/2009.list
+++ b/data/CVE/2009.list
@@ -1,4 +1,4 @@
-CVE-2009-5155
+CVE-2009-5155 (In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp i ...)
 	[experimental] - gnulib 20180621~6979c25-1
 	- gnulib 20140202+stable-3.2 (bug #924613)
 	- glibc 2.28-1
@@ -12,21 +12,21 @@ CVE-2009-5155
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=11053
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18986
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eb04c21373e2a2885f3d52ff192b0499afe3c672
-CVE-2009-5154
+CVE-2009-5154 (An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is  ...)
 	NOT-FOR-US: MOBOTIX
-CVE-2009-5153
+CVE-2009-5153 (In Novell NetWare before 6.5 SP8, a stack buffer overflow in processin ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2009-5152
+CVE-2009-5152 (Absolute Computrace Agent, as distributed on certain Dell Inspiron sys ...)
 	NOT-FOR-US: Absolute Computrace Agent
-CVE-2009-5151
+CVE-2009-5151 (The stub component of Absolute Computrace Agent V70.785 executes code  ...)
 	NOT-FOR-US: Absolute Computrace Agent
-CVE-2009-5150
+CVE-2009-5150 (Absolute Computrace Agent V80.845 and V80.866 does not have a digital  ...)
 	NOT-FOR-US: Absolute Computrace Agent
-CVE-2009-5149
+CVE-2009-5149 (Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_10061 ...)
 	NOT-FOR-US: Arris hardware
 CVE-2009-5148
 	RESERVED
-CVE-2009-5147
+CVE-2009-5147 (DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 6 ...)
 	{DLA-300-1 DLA-299-1}
 	- ruby1.8 <removed>
 	[wheezy] - ruby1.8 <no-dsa> (Minor issue)
@@ -50,86 +50,86 @@ CVE-2009-5146 [memory leak in hostname TLS extension]
 	NOTE: Fixed by: https://github.com/openssl/openssl/commit/7587347bc48e7e8a1e800e48bb0a658f1557c424 (OpenSSL_0_9_8k)
 	NOTE: Introduced by: https://github.com/openssl/openssl/commit/865a90eb4f0b0e3abbdd9dc2d3a4d57595575315 (OpenSSL_0_9_8f)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/16/4
-CVE-2009-5145
+CVE-2009-5145 (Cross-site scripting (XSS) vulnerability in ZMI pages that use the man ...)
 	- zope2.12 2.12.10-1
-CVE-2009-5144
+CVE-2009-5144 (mod-gnutls does not validate client certificates when "GnuTLSClientVer ...)
 	- mod-gnutls 0.5.6-1 (bug #578663)
 	NOTE: http://issues.outoforder.cc/view.php?id=93
-CVE-2009-5143
+CVE-2009-5143 (GE Healthcare Discovery 530C has a password of #bigguy1 for the (1) ac ...)
 	NOT-FOR-US: GE Healthcare Discovery 530C
-CVE-2009-5142
+CVE-2009-5142 (Cross-site scripting (XSS) vulnerability in timthumb.php in TimThumb 1 ...)
 	NOT-FOR-US: TimThumb
-CVE-2009-5141
+CVE-2009-5141 (Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 all ...)
 	NOT-FOR-US: War FTP Daemon
 CVE-2009-5140
 	RESERVED
 CVE-2009-5139
 	RESERVED
-CVE-2009-5138
+CVE-2009-5138 (GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag  ...)
 	- gnutls26 2.7.12-1
 	- gnutls28 <not-affected> (Only affects versions before 2.7.6)
 	NOTE: Only affects version prior of 2.7.6, fix: https://gitlab.com/gnutls/gnutls/commit/c8dcbedd1fdc312f5b1a70fcfbc1afe235d800cd
 	NOTE: and the issue has different root than CVE-2014-1959
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1069301
-CVE-2009-5137
+CVE-2009-5137 (Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows r ...)
 	NOT-FOR-US: CastRipper
-CVE-2009-5136
+CVE-2009-5136 (The policy definition evaluator in Condor before 7.4.2 does not proper ...)
 	- condor <not-affected> (Fixed before initial upload)
-CVE-2009-5135
+CVE-2009-5135 (The Java XML parser in Echo before 2.1.1 and 3.x before 3.0.b6 allows  ...)
 	NOT-FOR-US: Echo
-CVE-2009-5134
+CVE-2009-5134 (Buffer overflow in the "create torrent dialog" functionality in uTorre ...)
 	NOT-FOR-US: uTorrent
 CVE-2009-5133
 	RESERVED
-CVE-2009-5132
+CVE-2009-5132 (The Filtering Service in Websense Web Security and Web Filter before 6 ...)
 	NOT-FOR-US: Websense
-CVE-2009-5131
+CVE-2009-5131 (The Receive Service in Websense Email Security before 7.1 does not rec ...)
 	NOT-FOR-US: Websense
-CVE-2009-5130
+CVE-2009-5130 (The Rules Service in Websense Email Security before 7.1 allows remote  ...)
 	NOT-FOR-US: Websense
-CVE-2009-5129
+CVE-2009-5129 (The Websense V10000 appliance before 1.0.1 allows remote attackers to  ...)
 	NOT-FOR-US: Websense
-CVE-2009-5128
+CVE-2009-5128 (The Websense V10000 appliance before 1.0.1 allows remote attackers to  ...)
 	NOT-FOR-US: Websense
-CVE-2009-5127
+CVE-2009-5127 (The Antivirus component in Comodo Internet Security before 3.8.64739.4 ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2009-5126
+CVE-2009-5126 (The Antivirus component in Comodo Internet Security before 3.8.65951.4 ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2009-5125
+CVE-2009-5125 (Comodo Internet Security before 3.9.95478.509 allows remote attackers  ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2009-5124
+CVE-2009-5124 (The Antivirus component in Comodo Internet Security before 3.11.108364 ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2009-5123
+CVE-2009-5123 (The Antivirus component in Comodo Internet Security before 3.11.108364 ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2009-5122
+CVE-2009-5122 (The Personal Email Manager component in Websense Email Security before ...)
 	NOT-FOR-US: Websense
-CVE-2009-5121
+CVE-2009-5121 (Websense Email Security 7.1 before Hotfix 4 allows remote attackers to ...)
 	NOT-FOR-US: Websense
-CVE-2009-5120
+CVE-2009-5120 (The default configuration of Apache Tomcat in Websense Manager in Webs ...)
 	NOT-FOR-US: Websense
-CVE-2009-5119
+CVE-2009-5119 (The default configuration of Apache Tomcat in Websense Manager in Webs ...)
 	NOT-FOR-US: Websense
-CVE-2009-5118
+CVE-2009-5118 (Untrusted search path vulnerability in McAfee VirusScan Enterprise bef ...)
 	NOT-FOR-US: McAfee
-CVE-2009-5117
+CVE-2009-5117 (The Web Post Protection feature in McAfee Host Data Loss Prevention (D ...)
 	NOT-FOR-US: McAfee
-CVE-2009-5116
+CVE-2009-5116 (McAfee LinuxShield 1.5.1 and earlier does not properly implement clien ...)
 	NOT-FOR-US: McAfee
-CVE-2009-5115
+CVE-2009-5115 (McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 ...)
 	NOT-FOR-US: McAfee
-CVE-2009-5114
+CVE-2009-5114 (Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 ...)
 	NOT-FOR-US: WebGlimpse
-CVE-2009-5113
+CVE-2009-5113 (Cross-site scripting (XSS) vulnerability in wgarcmin.cgi in WebGlimpse ...)
 	NOT-FOR-US: WebGlimpse
-CVE-2009-5112
+CVE-2009-5112 (wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers  ...)
 	NOT-FOR-US: WebGlimpse
-CVE-2009-5111
+CVE-2009-5111 (GoAhead WebServer allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: GoAhead WebServer
-CVE-2009-5110
+CVE-2009-5110 (dhttpd allows remote attackers to cause a denial of service (daemon ou ...)
 	- dhttpd <removed> (low; bug #533665)
 	[squeeze] - dhttpd <no-dsa> (Minor issue)
 	[lenny] - dhttpd <no-dsa> (Minor issue)
-CVE-2009-5109
+CVE-2009-5109 (Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows remot ...)
 	NOT-FOR-US: Mini-Stream Ripper
 CVE-2009-5108
 	REJECTED
@@ -141,77 +141,77 @@ CVE-2009-5105
 	RESERVED
 CVE-2009-5104
 	RESERVED
-CVE-2009-5103
+CVE-2009-5103 (Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP  ...)
 	NOT-FOR-US: ATCOM Netvolution
-CVE-2009-5102
+CVE-2009-5102 (SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 AS ...)
 	NOT-FOR-US: ATCOM Netvolution
-CVE-2009-5101
+CVE-2009-5101 (Pentaho BI Server 1.7.0.1062 and earlier includes the session ID (JSES ...)
 	NOT-FOR-US: Pentaho BI Server
-CVE-2009-5100
+CVE-2009-5100 (Pentaho BI Server 1.7.0.1062 and earlier does not set the autocomplete ...)
 	NOT-FOR-US: Pentaho BI Server
-CVE-2009-5099
+CVE-2009-5099 (Cross-site scripting (XSS) vulnerability in ViewAction in Pentaho BI S ...)
 	NOT-FOR-US: Pentaho BI Server
-CVE-2009-5098
+CVE-2009-5098 (The LunaSysMgr process in Palm Pre WebOS 1.1 and earlier, when not vie ...)
 	NOT-FOR-US: Palm WebOS
-CVE-2009-5097
+CVE-2009-5097 (Palm Pre WebOS 1.1 and earlier processes JavaScript in email messages, ...)
 	NOT-FOR-US: Palm WebOS
-CVE-2009-5096
+CVE-2009-5096 (Cross-site scripting (XSS) vulnerability in the Flag Content module 5. ...)
 	NOT-FOR-US: Drupal module Flag Content
 	NOTE: might get packaged
-CVE-2009-5095
+CVE-2009-5095 (PHP remote file inclusion vulnerability in index_inc.php in ea gBook 0 ...)
 	NOT-FOR-US: ea gBook
-CVE-2009-5094
+CVE-2009-5094 (SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate  ...)
 	NOT-FOR-US: CMS Faethon
-CVE-2009-5093
+CVE-2009-5093 (Directory traversal vulnerability in gastbuch.php in G&#228;stebuch (G ...)
 	NOT-FOR-US: Gastebuch
-CVE-2009-5092
+CVE-2009-5092 (Cross-site scripting (XSS) vulnerability in the management interface i ...)
 	NOT-FOR-US: Microsoft FAST ESP
-CVE-2009-5091
+CVE-2009-5091 (SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 allo ...)
 	NOT-FOR-US: Vlinks
-CVE-2009-5090
+CVE-2009-5090 (SQL injection vulnerability in editcomments.php in Bloggeruniverse Bet ...)
 	NOT-FOR-US: Bloggeruniverse Beta 2
-CVE-2009-5089
+CVE-2009-5089 (Directory traversal vulnerability in index.php in IdeaCart 0.02 and 0. ...)
 	NOT-FOR-US: IdeaCart
-CVE-2009-5088
+CVE-2009-5088 (SQL injection vulnerability in secure/index.php in IdeaCart 0.02 allow ...)
 	NOT-FOR-US: IdeaCart
-CVE-2009-5087
+CVE-2009-5087 (Directory traversal vulnerability in geohttpserver in Geovision Digita ...)
 	NOT-FOR-US: Geovision Digital Video Surveillance System
-CVE-2009-5086
+CVE-2009-5086 (Cross-site scripting (XSS) vulnerability in Appliance Configuration Ma ...)
 	NOT-FOR-US: Juniper IDP
-CVE-2009-5085
+CVE-2009-5085 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, whe ...)
 	NOT-FOR-US: Tivoli
-CVE-2009-5084
+CVE-2009-5084 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, whe ...)
 	NOT-FOR-US: Tivoli
-CVE-2009-5083
+CVE-2009-5083 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, whe ...)
 	NOT-FOR-US: Tivoli
-CVE-2009-5082
+CVE-2009-5082 (The (1) configure and (2) config.guess scripts in GNU troff (aka groff ...)
 	- groff 1.20.1-5 (unimportant; bug #538338)
 	NOTE: Only exploitable during build
-CVE-2009-5081
+CVE-2009-5081 (The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) con ...)
 	- groff 1.20.1-5 (unimportant)
 	NOTE: Only exploitable during build
-CVE-2009-5080
+CVE-2009-5080 (The (1) contrib/eqn2graph/eqn2graph.sh, (2) contrib/grap2graph/grap2gr ...)
 	- groff 1.20.1-5 (low; bug #538330)
 	[lenny] - groff <no-dsa> (Minor issue)
-CVE-2009-5079
+CVE-2009-5079 (The (1) gendef.sh, (2) doc/fixinfo.sh, and (3) contrib/gdiffmk/tests/r ...)
 	- groff 1.20.1-5 (unimportant)
-CVE-2009-5078
+CVE-2009-5078 (contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 launch ...)
 	- groff 1.20.1-5 (low; bug #538338)
 	[etch] - groff <not-affected> (pdfroff not yet present)
 	[lenny] - groff <not-affected> (pdfroff not yet present)
-CVE-2009-5077
+CVE-2009-5077 (CRE Loaded before 6.2.14 allows remote attackers to bypass authenticat ...)
 	NOT-FOR-US: CRE Loaded
-CVE-2009-5076
+CVE-2009-5076 (CRE Loaded before 6.2.14, and possibly other versions before 6.3.x, al ...)
 	NOT-FOR-US: CRE Loaded
-CVE-2009-5075
+CVE-2009-5075 (Monkey's Audio before 4.02 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Monkey's Audio
-CVE-2009-5074
+CVE-2009-5074 (Unspecified vulnerability in the MojoX::Dispatcher::Static implementat ...)
 	- libmojolicious-perl <not-affected> (Fixed before initial upload)
-CVE-2009-5073
+CVE-2009-5073 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.59 (aka 6.0.0.8-TIV ...)
 	NOT-FOR-US: Tivoli
-CVE-2009-5072
+CVE-2009-5072 (Memory leak in the ldap_explode_dn function in IBM Tivoli Directory Se ...)
 	NOT-FOR-US: Tivoli
-CVE-2009-5071
+CVE-2009-5071 (Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown i ...)
 	NOT-FOR-US: Palm WebOS
 CVE-2009-5070
 	RESERVED
@@ -220,358 +220,358 @@ CVE-2009-5069
 CVE-2009-5068
 	RESERVED
 	NOT-FOR-US: Simple Machines Forum
-CVE-2009-5067
+CVE-2009-5067 (Directory traversal vulnerability in html2ps before 1.0b6 allows remot ...)
 	- html2ps 1.0b7-1 (low; bug #548633)
 	[squeeze] - html2ps <no-dsa> (Minor issue)
-CVE-2009-5066
+CVE-2009-5066 (twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials ...)
 	- jbossas4 <not-affected> (twiddle.sh is included in the source package, but not in any of the binary packages)
-CVE-2009-5065
+CVE-2009-5065 (Cross-site scripting (XSS) vulnerability in feedparser.py in Universal ...)
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
 	[lenny] - feedparser <no-dsa> (Minor issue)
-CVE-2009-5064
+CVE-2009-5064 (** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and  ...)
 	- eglibc 2.10.1-7
 	- glibc 2.10.1-7
 	NOTE: Obscure attack
-CVE-2009-5063
+CVE-2009-5063 (Memory leak in the embedded_profile_len function in pngwutil.c in libp ...)
 	- libpng 1.2.39-1 (unimportant)
-CVE-2009-5062
+CVE-2009-5062 (IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX  ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2009-5061
+CVE-2009-5061 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 serv ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2009-5060
+CVE-2009-5060 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 serv ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2009-5059
+CVE-2009-5059 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 serv ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2009-5058
+CVE-2009-5058 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 servi ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2009-5057
+CVE-2009-5057 (The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 d ...)
 	- otrs2 2.4.5-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2009-5056
+CVE-2009-5056 (Open Ticket Request System (OTRS) before 2.4.0-beta2 does not properly ...)
 	- otrs2 2.4.5-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2009-5055
+CVE-2009-5055 (Open Ticket Request System (OTRS) before 2.4.4 grants ticket access on ...)
 	- otrs2 2.4.5-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2009-5054
+CVE-2009-5054 (Smarty before 3.0.0 beta 4 does not consider the umask value when sett ...)
 	- smarty3 3.0~rc1-1
 	- smarty <removed>
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2009-5053
+CVE-2009-5053 (Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote  ...)
 	- smarty3 3.0~rc1-1
 	- smarty <removed>
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2009-5052
+CVE-2009-5052 (Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 hav ...)
 	- smarty3 3.0~rc1-1
 	- smarty <removed>
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2009-5051
+CVE-2009-5051 (Hastymail2 before RC 8 does not set the secure flag for the session co ...)
 	- hastymail <removed>
-CVE-2009-5040
+CVE-2009-5040 (CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-5039
+CVE-2009-5039 (Memory leak in the gk_circuit_info_do_in_acf function in the H.323 imp ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-5038
+CVE-2009-5038 (Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-5037
+CVE-2009-5037 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-5036
+CVE-2009-5036 (traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1 allows rem ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2009-5035
+CVE-2009-5035 (The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not p ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2009-5034
+CVE-2009-5034 (IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated us ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2009-5033
+CVE-2009-5033 (IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a "*  ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2009-5032
+CVE-2009-5032 (The encrypted e-mail feature in IBM Lotus Notes Traveler before 8.5.0. ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2009-5031
+CVE-2009-5031 (ModSecurity before 2.5.11 treats request parameter values containing s ...)
 	- modsecurity-apache <not-affected> (Fixed before initial upload)
 	- libapache-mod-security 2.5.12-1
 	NOTE: https://www.modsecurity.org/fisheye/browse/modsecurity/m2/branches/2.5.x/apache2/msc_multipart.c?r2=1419&r1=1366
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/22/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/22/2
-CVE-2009-5030
+CVE-2009-5030 (The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allo ...)
 	{DSA-2629-1}
 	- openjpeg 1.3+dfsg-4.1 (medium; bug #672455)
 	NOTE: Upstream ticket http://code.google.com/p/openjpeg/issues/detail?id=5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=812317
-CVE-2009-5029
+CVE-2009-5029 (Integer overflow in the __tzfile_read function in glibc before 2.15 al ...)
 	- eglibc 2.13-24 (low; bug #656108)
 	[squeeze] - eglibc 2.11.3-3
 	- glibc 2.13-24
 	NOTE: http://support.novell.com/security/cve/CVE-2009-5029.html
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=735850
-CVE-2009-5028
+CVE-2009-5028 (Stack-based buffer overflow in Namazu before 2.0.20 allows remote atta ...)
 	- namazu2 2.0.20-1.0 (low)
 CVE-2009-5027
 	REJECTED
-CVE-2009-5026
+CVE-2009-5026 (The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x  ...)
 	- mysql-5.1 5.1.53-1
 CVE-2009-5025 [PyForum XSS+CSRF]
 	RESERVED
 	NOT-FOR-US: PyForum
-CVE-2009-5024
+CVE-2009-5024 (ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb row_l ...)
 	{DSA-2563-1}
 	- viewvc 1.1.5-1.3 (bug #671482)
-CVE-2009-5023
+CVE-2009-5023 (The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf,  ...)
 	- fail2ban 0.8.4+svn20110323-1 (low; bug #544232)
 	[lenny] - fail2ban <no-dsa> (Minor issue)
 	[squeeze] - fail2ban 0.8.4-3+squeeze1
-CVE-2009-5022
+CVE-2009-5022 (Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibT ...)
 	{DSA-2256-1}
 	- tiff 3.9.5-1 (bug #624287)
 	- tiff3 <not-affected> (fixed before initial upload)
 	[lenny] - tiff <not-affected> (3.9+ only)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=1999
-CVE-2009-5021
+CVE-2009-5021 (Cobbler before 1.6.1 does not properly determine whether an installati ...)
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2009-5020
+CVE-2009-5020 (Open redirect vulnerability in awredir.pl in AWStats before 6.95 allow ...)
 	- awstats 6.9.5~dfsg-1 (unimportant)
-CVE-2009-5019
+CVE-2009-5019 (Web Wiz NewsPad stores sensitive information under the web root with i ...)
 	NOT-FOR-US: Web Wiz NewsPad
-CVE-2009-5017
+CVE-2009-5017 (Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong UT ...)
 	- xulrunner <undetermined>
 	[wheezy] - xulrunner <end-of-life> (no detailed information available)
-CVE-2009-5016
+CVE-2009-5016 (Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in P ...)
 	- php5 5.3.3-4
 	[lenny] - php5 5.2.6.dfsg.1-1+lenny10
 	[squeeze] - php5 5.3.3-7+squeeze1
 	NOTE: Also fixed by debian/patches/CVE-2010-3870.patch
-CVE-2009-5015
+CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 expos ...)
 	- turbogears2 2.0.3-1
-CVE-2009-5014
+CVE-2009-5014 (The default quickstart configuration of TurboGears2 (aka tg2) before 2 ...)
 	- turbogears2 2.0.3-1
-CVE-2009-5013
+CVE-2009-5013 (Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib  ...)
 	- python-pyftpdlib 0.5.2-1
-CVE-2009-5012
+CVE-2009-5012 (ftpserver.py in pyftpdlib before 0.5.2 does not require the l permissi ...)
 	- python-pyftpdlib 0.5.2-1
-CVE-2009-5011
+CVE-2009-5011 (Race condition in the FTPHandler class in ftpserver.py in pyftpdlib be ...)
 	- python-pyftpdlib 0.5.2-1
-CVE-2009-5010
+CVE-2009-5010 (Race condition in the FTPHandler class in ftpserver.py in pyftpdlib be ...)
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the archive)
-CVE-2009-5009
+CVE-2009-5009 (Double free vulnerability in OpenConnect before 1.40 might allow remot ...)
 	- openconnect 1.40-1
-CVE-2009-5008
+CVE-2009-5008 (Cisco Secure Desktop (CSD), when used in conjunction with an AnyConnec ...)
 	NOT-FOR-US: isco Secure Desktop
-CVE-2009-5007
+CVE-2009-5007 (The Cisco trial client on Linux for Cisco AnyConnect SSL VPN allows lo ...)
 	NOT-FOR-US: Cisco AnyConnect SSL VPN trial client
-CVE-2009-5006
+CVE-2009-5006 (The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in br ...)
 	- qpid-cpp <not-affected> (Fixed before initial upload to archive)
-CVE-2009-5005
+CVE-2009-5005 (The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache  ...)
 	- qpid-cpp <not-affected> (Fixed before initial upload to archive)
 CVE-2009-5004
 	RESERVED
 	- qpid-cpp <not-affected> (Fixed before initial upload to archive)
-CVE-2009-5003
+CVE-2009-5003 (SQL injection vulnerability in click.php in e-soft24 Banner Exchange S ...)
 	NOT-FOR-US: e-soft24 Banner Exchange Script
-CVE-2009-5002
+CVE-2009-5002 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine  ...)
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2009-5001
+CVE-2009-5001 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine  ...)
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2009-5000
+CVE-2009-5000 (Multiple cross-site scripting (XSS) vulnerabilities in the Workplace ( ...)
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2009-4999
+CVE-2009-4999 (Cross-site scripting (XSS) vulnerability in the Workplace (aka WP) com ...)
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2009-4998
+CVE-2009-4998 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine  ...)
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2009-4997
+CVE-2009-4997 (gnome-power-manager 2.27.92 does not properly implement the lock_on_su ...)
 	- gnome-power-manager 2.28.0-1 (unimportant)
 CVE-2009-4996
 	NOTE: Disputed non-issue
-CVE-2009-4995
+CVE-2009-4995 (Cross-site scripting (XSS) vulnerability in frmTickets.aspx in Smarter ...)
 	NOT-FOR-US: SmarterTools SmarterTrack
-CVE-2009-4994
+CVE-2009-4994 (Cross-site scripting (XSS) vulnerability in frmKBSearch.aspx in Smarte ...)
 	NOT-FOR-US: SmarterTools SmarterTrack
-CVE-2009-4993
+CVE-2009-4993 (PHP remote file inclusion vulnerability in home.php in LM Starmail Pai ...)
 	NOT-FOR-US: LM Starmail Paidmail
-CVE-2009-4992
+CVE-2009-4992 (SQL injection vulnerability in paidbanner.php in LM Starmail Paidmail  ...)
 	NOT-FOR-US: LM Starmail Paidmail
-CVE-2009-4991
+CVE-2009-4991 (Cross-site scripting (XSS) vulnerability in users/resume_register.php  ...)
 	NOT-FOR-US: Omnistar Recruiting
-CVE-2009-4990
+CVE-2009-4990 (Cross-site scripting (XSS) vulnerability in the Webform report module  ...)
 	NOT-FOR-US: Webform report module for Drupal
-CVE-2009-4989
+CVE-2009-4989 (Cross-site scripting (XSS) vulnerability in index.php in AJ Auction Pr ...)
 	NOT-FOR-US: AJ Auction Pro OOPD
-CVE-2009-4988
+CVE-2009-4988 (Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business O ...)
 	NOT-FOR-US: SAP Business One
-CVE-2009-4987
+CVE-2009-4987 (admin/header.php in Scripteen Free Image Hosting Script 2.3 allows rem ...)
 	NOT-FOR-US: Scripteen Free Image Hosting Script
-CVE-2009-4986
+CVE-2009-4986 (Directory traversal vulnerability in index.php in In-Portal 4.3.1, whe ...)
 	NOT-FOR-US: In-Portal
-CVE-2009-4985
+CVE-2009-4985 (SQL injection vulnerability in browse.php in Accessories Me PHP Affili ...)
 	NOT-FOR-US: Accessories Me PHP Affiliate Script
-CVE-2009-4984
+CVE-2009-4984 (Multiple cross-site scripting (XSS) vulnerabilities in Accessories Me  ...)
 	NOT-FOR-US: Accessories Me PHP Affiliate Script
-CVE-2009-4983
+CVE-2009-4983 (Multiple cross-site scripting (XSS) vulnerabilities in Silurus Classif ...)
 	NOT-FOR-US: Silurus Classifieds
-CVE-2009-4982
+CVE-2009-4982 (SQL injection vulnerability in the select function in Irokez CMS 0.7.1 ...)
 	NOT-FOR-US: Irokez CMS
-CVE-2009-4981
+CVE-2009-4981 (Multiple cross-site request forgery (CSRF) vulnerabilities in Photokor ...)
 	NOT-FOR-US: Photokorn Gallery
-CVE-2009-4980
+CVE-2009-4980 (Multiple cross-site scripting (XSS) vulnerabilities in Photokorn Galle ...)
 	NOT-FOR-US: Photokorn Gallery
-CVE-2009-4979
+CVE-2009-4979 (Multiple SQL injection vulnerabilities in search.php in Photokorn Gall ...)
 	NOT-FOR-US: Photokorn Gallery
-CVE-2009-4978
+CVE-2009-4978 (Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows ...)
 	NOT-FOR-US: MyBackup
-CVE-2009-4977
+CVE-2009-4977 (PHP remote file inclusion vulnerability in index.php in MyBackup 1.4.0 ...)
 	NOT-FOR-US: MyBackup
-CVE-2009-4976
+CVE-2009-4976 (Cross-site scripting (XSS) vulnerability in webkitpart.cpp in kwebkitp ...)
 	- webkitkde 0.4svn1059630-1
-CVE-2009-4975
+CVE-2009-4975 (Cross-site scripting (XSS) vulnerability in webview.cpp in QtDemoBrows ...)
 	- rekonq 0.5.0-1
-CVE-2009-4974
+CVE-2009-4974 (Directory traversal vulnerability in box_display.php in TotalCalendar  ...)
 	NOT-FOR-US: TotalCalendar
-CVE-2009-4973
+CVE-2009-4973 (SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows rem ...)
 	NOT-FOR-US: TotalCalendar
-CVE-2009-4972
+CVE-2009-4972 (Cross-site scripting (XSS) vulnerability in index.php (aka the log in  ...)
 	NOT-FOR-US: SimpleID
-CVE-2009-4971
+CVE-2009-4971 (SQL injection vulnerability in the AJAX Chat (vjchat) extension before ...)
 	NOT-FOR-US: AJAX Chat
-CVE-2009-4970
+CVE-2009-4970 (SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for T ...)
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4969
+CVE-2009-4969 (SQL injection vulnerability in the Solidbase Bannermanagement (SBbanne ...)
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4968
+CVE-2009-4968 (SQL injection vulnerability in the Event Registration (event_registr)  ...)
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4967
+CVE-2009-4967 (SQL injection vulnerability in the Car (car) extension before 0.1.1 fo ...)
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4966
+CVE-2009-4966 (SQL injection vulnerability in the AST ZipCodeSearch (ast_addresszipse ...)
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4965
+CVE-2009-4965 (SQL injection vulnerability in the AIRware Lexicon (air_lexicon) exten ...)
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4964
+CVE-2009-4964 (Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers  ...)
 	NOT-FOR-US: KSP
-CVE-2009-4963
+CVE-2009-4963 (Cross-site scripting (XSS) vulnerability in the Commerce extension bef ...)
 	NOT-FOR-US: Typo3 addon
-CVE-2009-4962
+CVE-2009-4962 (Stack-based buffer overflow in Fat Player 0.6b allows remote attackers ...)
 	NOT-FOR-US: Fat Player
-CVE-2009-4961
+CVE-2009-4961 (Lanai Core 0.6 allows remote attackers to obtain configuration informa ...)
 	NOT-FOR-US: Lanai Core
-CVE-2009-4960
+CVE-2009-4960 (Directory traversal vulnerability in modules/backup/download.php in La ...)
 	NOT-FOR-US: Lanai Core
-CVE-2009-4959
+CVE-2009-4959 (SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) ext ...)
 	NOT-FOR-US: T3M E-Mail Marketing Tool
-CVE-2009-4958
+CVE-2009-4958 (SQL injection vulnerability in video.php in EMO Breeder Manager (aka E ...)
 	NOT-FOR-US: EMO Breader Manager
-CVE-2009-4957
+CVE-2009-4957 (Directory traversal vulnerability in loadpanel.php in Interspire Activ ...)
 	NOT-FOR-US: Interspire ActiveKB
-CVE-2009-4956
+CVE-2009-4956 (Cross-site scripting (XSS) vulnerability in the Visitor Tracking (ws_s ...)
 	NOT-FOR-US: typo3 third party component (ws_stats)
-CVE-2009-4955
+CVE-2009-4955 (SQL injection vulnerability in the ultraCards (th_ultracards) extensio ...)
 	NOT-FOR-US: typo3 third party component (th_ultracards)
-CVE-2009-4954
+CVE-2009-4954 (SQL injection vulnerability in the Versatile Calendar Extension [VCE]  ...)
 	NOT-FOR-US: typo3 third party component (sk_calendar)
-CVE-2009-4953
+CVE-2009-4953 (Cross-site scripting (XSS) vulnerability in the Userdata Create/Edit ( ...)
 	NOT-FOR-US: typo3 third party component (sg_userdata)
-CVE-2009-4952
+CVE-2009-4952 (Directory traversal vulnerability in the Directory Listing (dir_listin ...)
 	NOT-FOR-US: typo3 third party component (dir_listing)
-CVE-2009-4951
+CVE-2009-4951 (Unspecified vulnerability in the ClickStream Analyzer [output] (altern ...)
 	NOT-FOR-US: typo3 third party component (alternet_csa_out)
-CVE-2009-4950
+CVE-2009-4950 (SQL injection vulnerability in the A21glossary Advanced Output (a21glo ...)
 	NOT-FOR-US: typo3 third party component (a21glossary_advanced_output)
-CVE-2009-4949
+CVE-2009-4949 (SQL injection vulnerability in the Store Locator extension before 1.2. ...)
 	NOT-FOR-US: typo3 third party component (locator)
-CVE-2009-4948
+CVE-2009-4948 (Cross-site scripting (XSS) vulnerability in the Store Locator extensio ...)
 	NOT-FOR-US: typo3 third party component (locator)
-CVE-2009-4947
+CVE-2009-4947 (SQL injection vulnerability in frmLoginPwdReminderPopup.aspx in Q2 Sol ...)
 	NOT-FOR-US: Q2 Solutions ConnX
-CVE-2009-4946
+CVE-2009-4946 (Directory traversal vulnerability in the Messaging (com_messaging) com ...)
 	NOT-FOR-US: Joomla! Messaging
-CVE-2009-4945
+CVE-2009-4945 (AdPeeps 8.5d1 has a default password of admin for the admin account, w ...)
 	NOT-FOR-US: AdPeeps
-CVE-2009-4944
+CVE-2009-4944 (Multiple cross-site scripting (XSS) vulnerabilities in ATRC ACollab 1. ...)
 	NOT-FOR-US: ATRC ACollab
-CVE-2009-4943
+CVE-2009-4943 (index.php in AdPeeps 8.5d1 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: AdPeeps
-CVE-2009-4942
+CVE-2009-4942 (Cross-site request forgery (CSRF) vulnerability in ACollab 1.2 allows  ...)
 	NOT-FOR-US: ATRC ACollab
-CVE-2009-4941
+CVE-2009-4941 (Cross-site scripting (XSS) vulnerability in sign_in.php in ATRC AColla ...)
 	NOT-FOR-US: ATRC ACollab
-CVE-2009-4940
+CVE-2009-4940 (SQL injection vulnerability in index.php in Zeus Cart 2.3 and earlier  ...)
 	NOT-FOR-US: Zeus Cart
-CVE-2009-4939
+CVE-2009-4939 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ad ...)
 	NOT-FOR-US: AdPeeps
-CVE-2009-4938
+CVE-2009-4938 (SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3. ...)
 	NOT-FOR-US: JVideo
-CVE-2009-4937
+CVE-2009-4937 (Cross-site scripting (XSS) vulnerability in Small Pirate (SPirate) 2.1 ...)
 	NOT-FOR-US: SPirate
-CVE-2009-4936
+CVE-2009-4936 (Multiple SQL injection vulnerabilities in Small Pirate (SPirate) 2.1 a ...)
 	NOT-FOR-US: SPirate
-CVE-2009-4935
+CVE-2009-4935 (SQL injection vulnerability in ogp_show.php in Online Guestbook Pro al ...)
 	NOT-FOR-US: Online Guestbook Pro
-CVE-2009-4934
+CVE-2009-4934 (Cross-site scripting (XSS) vulnerability in index.php in Online Photo  ...)
 	NOT-FOR-US: Online Photo Pro
-CVE-2009-4933
+CVE-2009-4933 (Multiple SQL injection vulnerabilities in login.php in EZ Webitor allo ...)
 	NOT-FOR-US: EZ Webitor
-CVE-2009-4932
+CVE-2009-4932 (Stack-based buffer overflow in 1by1 1.67 (aka 1.6.7.0) allows remote a ...)
 	NOT-FOR-US: 1by1
-CVE-2009-4931
+CVE-2009-4931 (Stack-based buffer overflow in Groovy Media Player 1.1.0 allows remote ...)
 	NOT-FOR-US: Groovy Media Player
-CVE-2009-4930
+CVE-2009-4930 (Cross-site scripting (XSS) vulnerability in the twbkwbis.P_SecurityQue ...)
 	NOT-FOR-US: SunGard Banner Student System
-CVE-2009-4929
+CVE-2009-4929 (admin/manage_users.php in TotalCalendar 2.4 does not require administr ...)
 	NOT-FOR-US: TotalCalendar
-CVE-2009-4928
+CVE-2009-4928 (PHP remote file inclusion vulnerability in config.php in TotalCalendar ...)
 	NOT-FOR-US: TotalCalendar
-CVE-2009-4927
+CVE-2009-4927 (WB News 2.1.2 allows remote attackers to bypass authentication and gai ...)
 	NOT-FOR-US: WB News
-CVE-2009-4926
+CVE-2009-4926 (Multiple cross-site scripting (XSS) vulnerabilities in Online Contact  ...)
 	NOT-FOR-US: Online Contact Manager
-CVE-2009-4925
+CVE-2009-4925 (Multiple SQL injection vulnerabilities in Portale e-commerce Creasito  ...)
 	NOT-FOR-US: Portale e-commerce Creasito
-CVE-2009-4924
+CVE-2009-4924 (Dan Pascu python-cjson 1.0.5 does not properly handle a ['/'] argument ...)
 	- python-cjson 1.0.5-4 (low; bug #593302)
 	[lenny] - python-cjson <no-dsa> (Minor issue)
-CVE-2009-4923
+CVE-2009-4923 (Unspecified vulnerability in the DTLS implementation on Cisco Adaptive ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4922
+CVE-2009-4922 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4921
+CVE-2009-4921 (Cisco Adaptive Security Appliances (ASA) 5580 series devices with soft ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4920
+CVE-2009-4920 (Unspecified vulnerability in CTM on Cisco Adaptive Security Appliances ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4919
+CVE-2009-4919 (Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 serie ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4918
+CVE-2009-4918 (Cisco Adaptive Security Appliances (ASA) 5580 series devices with soft ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4917
+CVE-2009-4917 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4916
+CVE-2009-4916 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4915
+CVE-2009-4915 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4914
+CVE-2009-4914 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series de ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4913
+CVE-2009-4913 (The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 55 ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4912
+CVE-2009-4912 (Cisco Adaptive Security Appliances (ASA) 5580 series devices with soft ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4911
+CVE-2009-4911 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4910
+CVE-2009-4910 (Cross-site scripting (XSS) vulnerability in the WebVPN portal on Cisco ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-4909
+CVE-2009-4909 (admin/index.php in oBlog allows remote attackers to conduct brute-forc ...)
 	NOT-FOR-US: oBlog
-CVE-2009-4908
+CVE-2009-4908 (Multiple cross-site scripting (XSS) vulnerabilities in oBlog allow rem ...)
 	NOT-FOR-US: oBlog
-CVE-2009-4907
+CVE-2009-4907 (Multiple cross-site request forgery (CSRF) vulnerabilities in oBlog al ...)
 	NOT-FOR-US: oBlog
-CVE-2009-4906
+CVE-2009-4906 (Cross-site request forgery (CSRF) vulnerability in index.php in Acc PH ...)
 	NOT-FOR-US: Acc PHP eMail
-CVE-2009-4905
+CVE-2009-4905 (Multiple cross-site request forgery (CSRF) vulnerabilities in index.ph ...)
 	NOT-FOR-US: Acc Statistics
-CVE-2009-4904
+CVE-2009-4904 (article.php in oBlog does not properly restrict comments, which allows ...)
 	NOT-FOR-US: oBlog
-CVE-2009-4903
+CVE-2009-4903 (Cross-site scripting (XSS) vulnerability in index.php in oBlog allows  ...)
 	NOT-FOR-US: oBlog
-CVE-2009-4902
+CVE-2009-4902 (Buffer overflow in the MSGFunctionDemarshall function in winscard_svc. ...)
 	- pcsc-lite <not-affected> (Covered by initial CVE-2010-0407 fix)
 	NOTE: See https://bugzilla.redhat.com/show_bug.cgi?id=596426#c20 for an explanation
 	NOTE: of the weird CVE assignments on this one
-CVE-2009-4901
+CVE-2009-4901 (The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smar ...)
 	- pcsc-lite <not-affected> (Covered by initial CVE-2010-0407 fix)
 	NOTE: See https://bugzilla.redhat.com/show_bug.cgi?id=596426#c20 for an explanation
 	NOTE: of the weird CVE assignments on this one
@@ -583,605 +583,605 @@ CVE-2009-4899 [pixelpost SQL injection]
 	RESERVED
 	- pixelpost <removed> (bug #597224)
 	NOTE: http://www.pixelpost.org/blog/2009/09/02/pixelpost-173-security-update/
-CVE-2009-4898
+CVE-2009-4898 (Cross-site request forgery (CSRF) vulnerability in TWiki before 4.3.2  ...)
 	NOT-FOR-US: TWiki
-CVE-2009-4897
+CVE-2009-4897 (Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allo ...)
 	{DSA-2093-1}
 	- ghostscript 8.70~dfsg-1
-CVE-2009-4896
+CVE-2009-4896 (Multiple directory traversal vulnerabilities in the mlmmj-php-admin we ...)
 	{DSA-2073-1}
 	- mlmmj 1.2.17-1.1 (bug #588038)
-CVE-2009-4895
+CVE-2009-4895 (Race condition in the tty_fasync function in drivers/char/tty_io.c in  ...)
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-9
-CVE-2009-4894
+CVE-2009-4894 (Multiple cross-site scripting (XSS) vulnerabilities in profile.php in  ...)
 	NOT-FOR-US: PunBB
-CVE-2009-4893
+CVE-2009-4893 (Buffer overflow in UnrealIRCd 3.2beta11 through 3.2.8, when allow::opt ...)
 	- unrealircd <itp> (bug #515130)
-CVE-2009-4892
+CVE-2009-4892 (SQL injection vulnerability in Content Management System WEBjump! allo ...)
 	NOT-FOR-US: Content Management System WEBjump!
-CVE-2009-4891
+CVE-2009-4891 (SQL injection vulnerability in index.php in CS-Cart 2.0.0 Beta 3 allow ...)
 	NOT-FOR-US: CS-Cart
-CVE-2009-4890
+CVE-2009-4890 (Multiple cross-site scripting (XSS) vulnerabilities in the login appli ...)
 	NOT-FOR-US: vBook
-CVE-2009-4889
+CVE-2009-4889 (SQL injection vulnerability in books.php in the Book Panel (book_panel ...)
 	NOT-FOR-US: book_panel module for php-fusion
-CVE-2009-4888
+CVE-2009-4888 (Cross-site scripting (XSS) vulnerability in poster.php in PHortail 1.2 ...)
 	NOT-FOR-US: PHortail
-CVE-2009-4887
+CVE-2009-4887 (PHP remote file inclusion vulnerability in index.php in CMS S.Builder  ...)
 	NOT-FOR-US: CMS S.Builder
-CVE-2009-4886
+CVE-2009-4886 (Multiple directory traversal vulnerabilities in phpCommunity 2 2.1.8 a ...)
 	NOT-FOR-US: phpCommunity
-CVE-2009-4885
+CVE-2009-4885 (Cross-site scripting (XSS) vulnerability in templates/1/login.php in p ...)
 	NOT-FOR-US: phpCommunity
-CVE-2009-4884
+CVE-2009-4884 (Multiple SQL injection vulnerabilities in phpCommunity 2 2.1.8, when m ...)
 	NOT-FOR-US: phpCommunity
-CVE-2009-4883
+CVE-2009-4883 (SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and 2.3 ...)
 	NOT-FOR-US: PHPRecipeBook
-CVE-2009-4882
+CVE-2009-4882 (Cross-site scripting (XSS) vulnerability in zc/publisher/html.rb in Zo ...)
 	{DSA-2056-1}
 	- zonecheck 2.1.1-1 (bug #583290)
-CVE-2009-4881
+CVE-2009-4881 (Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in ...)
 	{DSA-2058-1}
 	- eglibc 2.10.1-1 (unimportant)
 	- glibc 2.11.1-1 (unimportant)
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commit;h=153aa31b93be22e01b236375fb02a9f9b9a0195f
-CVE-2009-4880
+CVE-2009-4880 (Multiple integer overflows in the strfmon implementation in the GNU C  ...)
 	{DSA-2058-1}
 	- eglibc 2.11.1-1 (unimportant)
 	- glibc 2.11.1-1 (unimportant)
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commit;h=199eb0de8d673fb23aa127721054b4f1803d61f3
-CVE-2009-4879
+CVE-2009-4879 (The Identity Server in Novell Access Manager before 3.1 SP1 allows att ...)
 	NOT-FOR-US: Novell Access Manager
-CVE-2009-4878
+CVE-2009-4878 (Unspecified vulnerability in the Administration Console in Novell Acce ...)
 	NOT-FOR-US: Novell Access Manager
-CVE-2009-4877
+CVE-2009-4877 (Multiple cross-site request forgery (CSRF) vulnerabilities in WebGUI b ...)
 	- webgui 7.7.22-1
-CVE-2009-4876
+CVE-2009-4876 (admin/cikkform.php in Netrix CMS 1.0 allows remote attackers to modify ...)
 	NOT-FOR-US: Netrix CMS
-CVE-2009-4875
+CVE-2009-4875 (FCKeditor.Java 2.4 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: FCKeditor.Java, different than fckeditor in the archive
-CVE-2009-4874
+CVE-2009-4874 (TalkBack 2.3.14 does not properly restrict access to the edit comment  ...)
 	NOT-FOR-US: TalkBack
-CVE-2009-4873
+CVE-2009-4873 (Stack-based buffer overflow in the HTTP server in Rhino Software Serv- ...)
 	NOT-FOR-US: Rhino Software Serv-U Web Client
-CVE-2009-4872
+CVE-2009-4872 (Multiple SQL injection vulnerabilities in globepersonnel_login.asp in  ...)
 	NOT-FOR-US: Logoshows BBS
-CVE-2009-4871
+CVE-2009-4871 (SQL injection vulnerability in globepersonnel_forum.asp in Logoshows B ...)
 	NOT-FOR-US: Logoshows BBS
-CVE-2009-4870
+CVE-2009-4870 (Multiple SQL injection vulnerabilities in login.php in PHPCityPortal a ...)
 	NOT-FOR-US: PHPCityPortal
-CVE-2009-4869
+CVE-2009-4869 (Cross-site scripting (XSS) vulnerability in index.php in Nasim Guest B ...)
 	NOT-FOR-US: Nasim Guest Book
-CVE-2009-4868
+CVE-2009-4868 (Cross-site scripting (XSS) vulnerability in Hitron Soft Answer Me 1.0  ...)
 	NOT-FOR-US: Hitron Soft Answer Me
-CVE-2009-4867
+CVE-2009-4867 (Buffer overflow in Tuniac 090517c allows remote attackers to cause a d ...)
 	NOT-FOR-US: Tuniac
-CVE-2009-4866
+CVE-2009-4866 (Cross-site scripting (XSS) vulnerability in search.cgi in Matt's Scrip ...)
 	NOT-FOR-US: Matt's Script Archive (MSA) Simple Search
-CVE-2009-4865
+CVE-2009-4865 (Multiple SQL injection vulnerabilities in escorts_search.php in I-Esco ...)
 	NOT-FOR-US: I-Escorts Directory Script and Agency Script
-CVE-2009-4864
+CVE-2009-4864 (Multiple cross-site scripting (XSS) vulnerabilities in escorts_search. ...)
 	NOT-FOR-US: I-Escorts Directory Script and Agency Script
-CVE-2009-4863
+CVE-2009-4863 (Stack-based buffer overflow in UltraPlayer Media Player 2.112 allows r ...)
 	NOT-FOR-US: UltraPlayer Media Player
-CVE-2009-4862
+CVE-2009-4862 (Multiple SQL injection vulnerabilities in Alwasel 1.5 allow remote att ...)
 	NOT-FOR-US: Alwasel
-CVE-2009-4861
+CVE-2009-4861 (Cross-site scripting (XSS) vulnerability in shownews.php in SupportPRO ...)
 	NOT-FOR-US: SupportPRO SupportDesk
-CVE-2009-4860
+CVE-2009-4860 (SQL injection vulnerability in demo.php in Typing Pal 1.0 and earlier  ...)
 	NOT-FOR-US: Typing Pal
-CVE-2009-4859
+CVE-2009-4859 (Multiple cross-site scripting (XSS) vulnerabilities in Online Work Ord ...)
 	NOT-FOR-US: Online Work Order Suite (OWOS)
-CVE-2009-4858
+CVE-2009-4858 (Cross-site scripting (XSS) vulnerability in questiondetail.php in Yaho ...)
 	NOT-FOR-US: Yahoo Answers Clone
-CVE-2009-4857
+CVE-2009-4857 (Cross-site scripting (XSS) vulnerability in login.php in PHP Photo Vot ...)
 	NOT-FOR-US: PHP Photo Vote
-CVE-2009-4856
+CVE-2009-4856 (Cross-site scripting (XSS) vulnerability in subitems.php in PHP Easy S ...)
 	NOT-FOR-US: PHP Easy Shopping Cart
 CVE-2009-4855
 	NOT-FOR-US: Bogus issue claimed for typo3
 	NOTE: See http://secure.t3sec.info/blog/post/2009/08/06/typo3-cms-40-showuid-exploit-not-a-vulnerability/4.2.5-1+lenny3
-CVE-2009-4854
+CVE-2009-4854 (addons/import.php in TalkBack 2.3.14 allows remote attackers to execut ...)
 	NOT-FOR-US: TalkBack
-CVE-2009-4853
+CVE-2009-4853 (Multiple cross-site scripting (XSS) vulnerabilities in JumpBox before  ...)
 	NOT-FOR-US: JumpBox
-CVE-2009-4852
+CVE-2009-4852 (Multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle ...)
 	NOT-FOR-US: SemanticScuttle
-CVE-2009-4851
+CVE-2009-4851 (The activation resend function in the Profiles module in XOOPS before  ...)
 	NOT-FOR-US: XOOPS
-CVE-2009-4850
+CVE-2009-4850 (The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote at ...)
 	NOT-FOR-US: Awingsoft Awakening Winds3D Viewer
-CVE-2009-4849
+CVE-2009-4849 (Multiple cross-site request forgery (CSRF) vulnerabilities in ToutVirt ...)
 	NOT-FOR-US: ToutVirtual VirtualIQ Pro
-CVE-2009-4848
+CVE-2009-4848 (Multiple cross-site scripting (XSS) vulnerabilities in ToutVirtual Vir ...)
 	NOT-FOR-US: ToutVirtual VirtualIQ Pro
-CVE-2009-4847
+CVE-2009-4847 (Deliantra Server before 2.82 allows remote authenticated users to caus ...)
 	NOT-FOR-US: Deliantra Server
-CVE-2009-4846
+CVE-2009-4846 (Multiple buffer overflows in Deliantra Server before 2.82 allow remote ...)
 	NOT-FOR-US: Deliantra Server
-CVE-2009-4845
+CVE-2009-4845 (The configuration page in ToutVirtual VirtualIQ Pro 3.2 build 7882 con ...)
 	NOT-FOR-US: ToutVirtual VirtualIQ Pro
-CVE-2009-4844
+CVE-2009-4844 (ToutVirtual VirtualIQ Pro 3.2 build 7882 does not restrict access to t ...)
 	NOT-FOR-US: ToutVirtual VirtualIQ Pro
-CVE-2009-4843
+CVE-2009-4843 (ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require admin ...)
 	NOT-FOR-US: ToutVirtual VirtualIQ Pro
-CVE-2009-4842
+CVE-2009-4842 (Multiple cross-site scripting (XSS) vulnerabilities in ToutVirtual Vir ...)
 	NOT-FOR-US: ToutVirtual VirtualIQ Pro
-CVE-2009-4841
+CVE-2009-4841 (Heap-based buffer overflow in the SonicMediaPlayer ActiveX control in  ...)
 	NOT-FOR-US: Roxio CinePlayer
-CVE-2009-4840
+CVE-2009-4840 (Heap-based buffer overflow in the IAManager ActiveX control in IAManag ...)
 	NOT-FOR-US: Roxio CinePlayer
-CVE-2009-4839
+CVE-2009-4839 (Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis  ...)
 	- acidbase 1.4.5-1 (bug #587819)
 	[lenny] - acidbase <no-dsa> (Minor issue)
-CVE-2009-4838
+CVE-2009-4838 (SQL injection vulnerability in base_ag_common.php in Basic Analysis an ...)
 	- acidbase 1.4.4-1 (low)
 	[lenny] - acidbase <no-dsa> (Minor issue)
-CVE-2009-4837
+CVE-2009-4837 (Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis  ...)
 	- acidbase 1.4.4-1 (low)
 	[lenny] - acidbase <no-dsa> (Minor issue)
-CVE-2009-4836
+CVE-2009-4836 (Eval injection vulnerability in system/services/init.php in Movie PHP  ...)
 	NOT-FOR-US: Movie PHP Script
-CVE-2009-4835
+CVE-2009-4835 (The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, ( ...)
 	- libsndfile 1.0.21-3 (unimportant; bug #530831)
 	NOTE: application crash only, so not security-relevant
-CVE-2009-4834
+CVE-2009-4834 (lib.php in Zeroboard 4.1 pl7 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Zeroboard
-CVE-2009-4833
+CVE-2009-4833 (MySQL Connector/NET before 6.0.4, when using encryption, does not veri ...)
 	NOT-FOR-US: MySQL Connector/NET
-CVE-2009-4832
+CVE-2009-4832 (The dlpcrypt.sys kernel driver 0.1.1.27 in DESlock+ 4.0.2 allows local ...)
 	NOT-FOR-US: DLPCryptCore
-CVE-2009-4831
+CVE-2009-4831 (Cerulean Studios Trillian 3.1 Basic does not check SSL certificates du ...)
 	NOT-FOR-US: Cerulean Studios Trillian
-CVE-2009-4830
+CVE-2009-4830 (Unspecified vulnerability in OpenX 2.8.1 and 2.8.2 allows remote attac ...)
 	- openx <itp> (bug #513771)
-CVE-2009-4829
+CVE-2009-4829 (Cross-site scripting (XSS) vulnerability in the Automated Logout modul ...)
 	NOT-FOR-US: Automated Logout module for drupal
-CVE-2009-4828
+CVE-2009-4828 (Cross-site request forgery (CSRF) vulnerability in administration/admi ...)
 	NOT-FOR-US: Ad Manager Pro
-CVE-2009-4827
+CVE-2009-4827 (Cross-site request forgery (CSRF) vulnerability in admin.php in Mail M ...)
 	NOT-FOR-US: Mail Manager Pro
-CVE-2009-4826
+CVE-2009-4826 (Cross-site request forgery (CSRF) vulnerability in hosting/admin_ac.ph ...)
 	NOT-FOR-US: ScriptsEz Mini Hosting Panel
-CVE-2009-4825
+CVE-2009-4825 (8pixel.net Blog 4 stores sensitive information under the web root with ...)
 	NOT-FOR-US: 8pixel.net Blog
-CVE-2009-4824
+CVE-2009-4824 (Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Ser ...)
 	{DSA-1897-1}
 	- kolab-webclient <undetermined>
 	- horde3 3.3.5+debian0-1
 	NOTE: package only in experimental; claimed fixed in version 20091202, but not enough info to check
 	NOTE: http://kolab.org/cgi-bin/viewcvs-kolab.cgi/*checkout*/server/patches/horde-webmail/1.2.0/tg/Attic/t_framework_H_JS_Form_FixFormSecurityForImageUploads.diff?rev=1.1.2.1&only_with_tag=kolab_2_2_branch
-CVE-2009-4823
+CVE-2009-4823 (Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.h ...)
 	NOT-FOR-US: cPanel
-CVE-2009-4822
+CVE-2009-4822 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ka ...)
 	NOT-FOR-US: Kasseler CMS
-CVE-2009-4821
+CVE-2009-4821 (The D-Link DIR-615 with firmware 3.10NA does not require administrativ ...)
 	NOT-FOR-US: D-Link DIR-615
-CVE-2009-4820
+CVE-2009-4820 (Angelo-Emlak 1.0 stores sensitive information under the web root with  ...)
 	NOT-FOR-US: Angelo-Emlak
-CVE-2009-4819
+CVE-2009-4819 (Multiple unrestricted file upload vulnerabilities in upload.php in PHP ...)
 	NOT-FOR-US: PHPhotoalbum
-CVE-2009-4818
+CVE-2009-4818 (Unrestricted file upload vulnerability in upload.php in PHPSimplicity  ...)
 	NOT-FOR-US: PHPSimplicity of Upload
-CVE-2009-4817
+CVE-2009-4817 (Unrestricted file upload vulnerability in Element-IT Ultimate Uploader ...)
 	NOT-FOR-US: Element-IT Ultimate Uploader
-CVE-2009-4816
+CVE-2009-4816 (Directory traversal vulnerability in api/download_checker.php in MegaL ...)
 	NOT-FOR-US: MegaLab The Uploader
-CVE-2009-4815
+CVE-2009-4815 (Directory traversal vulnerability in Serv-U before 9.2.0.1 allows remo ...)
 	NOT-FOR-US: Serv-U
-CVE-2009-4814
+CVE-2009-4814 (Cross-site scripting (XSS) vulnerability in Wolfram Research webMathem ...)
 	NOT-FOR-US: Wolfram Research webMathematica
-CVE-2009-4813
+CVE-2009-4813 (Cross-site scripting (XSS) vulnerability in myps.php in MyBB (aka MyBu ...)
 	NOT-FOR-US: MyBB
-CVE-2009-4812
+CVE-2009-4812 (Wolfram Research webMathematica allows remote attackers to obtain sens ...)
 	NOT-FOR-US: Wolfram Research webMathematica
-CVE-2009-4811
+CVE-2009-4811 (VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Aut ...)
 	NOT-FOR-US: VMware
-CVE-2009-4810
+CVE-2009-4810 (The Secure Remote Password (SRP) implementation in Samhain before 2.5. ...)
 	- samhain 2.5.4-1 (unimportant)
 	NOTE: Support for client/server operation is not enabled in the Debian packages
-CVE-2009-4809
+CVE-2009-4809 (Directory traversal vulnerability in thumbnail.ghp in Easy File Sharin ...)
 	NOT-FOR-US: Easy File Sharing Web Server
-CVE-2009-4808
+CVE-2009-4808 (admin.php in Graugon PHP Article Publisher 1.0 allows remote attackers ...)
 	NOT-FOR-US: Graugon PHP Article Publisher
-CVE-2009-4807
+CVE-2009-4807 (Multiple SQL injection vulnerabilities in Graugon PHP Article Publishe ...)
 	NOT-FOR-US: Graugon PHP Article Publisher
-CVE-2009-4806
+CVE-2009-4806 (admin/save_user.asp in Digital Interchange Document Library 1.0.1 does ...)
 	NOT-FOR-US: Digital Interchange Document Library
-CVE-2009-4805
+CVE-2009-4805 (Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_q ...)
 	NOT-FOR-US: EZ-Blog
-CVE-2009-4804
+CVE-2009-4804 (Cross-site scripting (XSS) vulnerability in the Calendar Base (cal) ex ...)
 	NOT-FOR-US: cal extension for typo3
-CVE-2009-4803
+CVE-2009-4803 (SQL injection vulnerability in the Accessibility Glossary (a21glossary ...)
 	NOT-FOR-US: a21glossary extension for typo3
-CVE-2009-4802
+CVE-2009-4802 (SQL injection vulnerability in the Flat Manager (flatmgr) extension be ...)
 	NOT-FOR-US: fsatmgr extension for typo3
-CVE-2009-4801
+CVE-2009-4801 (EZ-Blog Beta 1 does not require authentication, which allows remote at ...)
 	NOT-FOR-US: EZ-Blog
-CVE-2009-4800
+CVE-2009-4800 (Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 al ...)
 	NOT-FOR-US: Sysax Multi Server
-CVE-2009-4799
+CVE-2009-4799 (Diskos CMS 6.x stores sensitive information under the web root with in ...)
 	NOT-FOR-US: Diskos CMS
-CVE-2009-4798
+CVE-2009-4798 (Multiple SQL injection vulnerabilities in Diskos CMS 6.x allow remote  ...)
 	NOT-FOR-US: Diskos CMS
-CVE-2009-4797
+CVE-2009-4797 (SQL injection vulnerability in browse.php in JobHut 1.2 and earlier al ...)
 	NOT-FOR-US: JobHut
-CVE-2009-4796
+CVE-2009-4796 (Multiple SQL injection vulnerabilities in the ExecuteQueries function  ...)
 	NOT-FOR-US: glFusion
-CVE-2009-4795
+CVE-2009-4795 (Multiple SQL injection vulnerabilities in Xlight FTP Server before 3.2 ...)
 	NOT-FOR-US: Xlight FTP Server
-CVE-2009-4794
+CVE-2009-4794 (Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remo ...)
 	NOT-FOR-US: Community CMS
-CVE-2009-4793
+CVE-2009-4793 (Unrestricted file upload vulnerability in adminpanel/scripts/addphotos ...)
 	NOT-FOR-US: BandSite CMS
-CVE-2009-4792
+CVE-2009-4792 (SQL injection vulnerability in includes/content/member_content.php in  ...)
 	NOT-FOR-US: BandSite CMS
-CVE-2009-4791
+CVE-2009-4791 (Multiple SQL injection vulnerabilities in Family Connections (aka FCMS ...)
 	NOT-FOR-US: Family Connections
-CVE-2009-4790
+CVE-2009-4790 (Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 ...)
 	NOT-FOR-US: Sysax Multi Server
-CVE-2009-4789
+CVE-2009-4789 (Multiple PHP remote file inclusion vulnerabilities in the MojoBlog com ...)
 	NOT-FOR-US: mojoblog component for joomla!
-CVE-2009-4788
+CVE-2009-4788 (Multiple open redirect vulnerabilities in Pligg 1.0.2 and earlier allo ...)
 	NOT-FOR-US: Pligg
-CVE-2009-4787
+CVE-2009-4787 (Multiple cross-site request forgery (CSRF) vulnerabilities in Pligg be ...)
 	NOT-FOR-US: Pligg
-CVE-2009-4786
+CVE-2009-4786 (Multiple cross-site scripting (XSS) vulnerabilities in Pligg before 1. ...)
 	NOT-FOR-US: Pligg
-CVE-2009-4785
+CVE-2009-4785 (SQL injection vulnerability in the Quick News (com_quicknews) componen ...)
 	NOT-FOR-US: com_quicknews component for joomla!
-CVE-2009-4784
+CVE-2009-4784 (SQL injection vulnerability in the Joaktree (com_joaktree) component 1 ...)
 	NOT-FOR-US: com_joaktree component for joomla!
-CVE-2009-4783
+CVE-2009-4783 (Multiple SQL injection vulnerabilities in Theeta CMS, possibly 0.01, a ...)
 	NOT-FOR-US: Theeta CMS
-CVE-2009-4782
+CVE-2009-4782 (Multiple cross-site scripting (XSS) vulnerabilities in Theeta CMS, pos ...)
 	NOT-FOR-US: Theeta CMS
-CVE-2009-4781
+CVE-2009-4781 (TUKEVA Password Reminder before 1.0.0.4 uses a hard-coded password for ...)
 	NOT-FOR-US: TUKEVA Password Reminder
-CVE-2009-4780
+CVE-2009-4780 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ph ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2009-4779
+CVE-2009-4779 (Multiple PHP remote file inclusion vulnerabilities in NukeHall 0.3 and ...)
 	NOT-FOR-US: NukeHall
-CVE-2009-4778
+CVE-2009-4778 (Multiple unspecified vulnerabilities in the PDF distiller in the Attac ...)
 	NOT-FOR-US: BlackBerry PDF distiller
-CVE-2009-4777
+CVE-2009-4777 (Unspecified vulnerability in multiple versions of Hitachi JP1/Automati ...)
 	NOT-FOR-US: Hitachi Job Management / System Observer
-CVE-2009-4776
+CVE-2009-4776 (Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit fo ...)
 	NOT-FOR-US: Hitachi Cosminexus
-CVE-2009-4775
+CVE-2009-4775 (Format string vulnerability in Ipswitch WS_FTP Professional 12 before  ...)
 	NOT-FOR-US: Ipswitch WS_FTP Professional
-CVE-2009-4774
+CVE-2009-4774 (Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 thr ...)
 	NOT-FOR-US: OpenSolaris
-CVE-2009-4773
+CVE-2009-4773 (Cross-site request forgery (CSRF) vulnerability in the order-managemen ...)
 	NOT-FOR-US: Ubercart module for Drupal
-CVE-2009-4772
+CVE-2009-4772 (Unspecified vulnerability in the PayPal Website Payments Standard func ...)
 	NOT-FOR-US: Ubercart module for Drupal
-CVE-2009-4771
+CVE-2009-4771 (The PayPal Website Payments Standard functionality in the Ubercart mod ...)
 	NOT-FOR-US: Ubercart module for Drupal
-CVE-2009-4770
+CVE-2009-4770 (The FTP server component in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5  ...)
 	NOT-FOR-US: httpdx
-CVE-2009-4769
+CVE-2009-4769 (Multiple format string vulnerabilities in the tolog function in httpdx ...)
 	NOT-FOR-US: httpdx
-CVE-2009-4768
+CVE-2009-4768 (Unspecified vulnerability in the JASS script interpreter in Warcraft I ...)
 	NOT-FOR-US: World of Warcraft
-CVE-2009-4767
+CVE-2009-4767 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Pl ...)
 	NOT-FOR-US: Plohni Shoutbox
-CVE-2009-4766
+CVE-2009-4766 (YP Portal MS-Pro Surumu (aka MS-Pro Portal Scripti) 1.0 and 1.2 stores ...)
 	NOT-FOR-US: MS-Pro Portal Scripti
-CVE-2009-4765
+CVE-2009-4765 (CNR Hikaye Portal 2.0 stores sensitive information under the web root  ...)
 	NOT-FOR-US: CNR Hikaye Portal
-CVE-2009-4764
+CVE-2009-4764 (Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-4763
+CVE-2009-4763 (Unspecified vulnerability in the ClickHeat plugin, as used in phpMyVis ...)
 	NOT-FOR-US: ClickHeat plugin
-CVE-2009-4762
+CVE-2009-4762 (MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs  ...)
 	- moin 1.9.2-1 (bug #569975; medium)
 	[lenny] - moin 1.7.1-3+lenny3 (bug #569975; medium)
 	NOTE: see http://www.debian.org/security/2010/dsa-2014
-CVE-2009-4761
+CVE-2009-4761 (Stack-based buffer overflow in Mini-stream RM Downloader allows remote ...)
 	NOT-FOR-US: Mini-stream RM Downloader
-CVE-2009-4760
+CVE-2009-4760 (Winn ASP Guestbook 1.01 Beta stores sensitive information under the we ...)
 	NOT-FOR-US: Winn ASP Guestbook
-CVE-2009-4759
+CVE-2009-4759 (Buffer overflow in BrotherSoft BMXPlay 0.4.4b allows remote attackers  ...)
 	NOT-FOR-US: BrotherSoft BMXPlay
-CVE-2009-4758
+CVE-2009-4758 (Stack-based buffer overflow in dicas Mpegable Player 2.12 allows remot ...)
 	NOT-FOR-US: Mpegable Player
-CVE-2009-4757
+CVE-2009-4757 (Stack-based buffer overflow in BrotherSoft EW-MusicPlayer 0.8 allows r ...)
 	NOT-FOR-US: BrotherSoft EW-MusicPlayer
-CVE-2009-4756
+CVE-2009-4756 (Stack-based buffer overflow in TraktorBeatport.exe 1.0.0.283 in Beatpo ...)
 	NOT-FOR-US: Beatport Player
-CVE-2009-4755
+CVE-2009-4755 (Multiple stack-based buffer overflows in Mercury Audio Player 1.21 all ...)
 	NOT-FOR-US: Mercury Audio Player
-CVE-2009-4754
+CVE-2009-4754 (Stack-based buffer overflow in Mercury Audio Player 1.21 allows remote ...)
 	NOT-FOR-US: Mercury Audio Player
-CVE-2009-4753
+CVE-2009-4753 (Multiple buffer overflows in the FTP server on the Addonics NAS Adapte ...)
 	NOT-FOR-US: Addonics NAS Adapter NASU2FW41
-CVE-2009-4752
+CVE-2009-4752 (PHP remote file inclusion vulnerability in anzeiger/start.php in Swing ...)
 	NOT-FOR-US: Swinger Club Portal
-CVE-2009-4751
+CVE-2009-4751 (SQL injection vulnerability in anzeiger/start.php in Swinger Club Port ...)
 	NOT-FOR-US: Swinger Club Portal
-CVE-2009-4750
+CVE-2009-4750 (PHP remote file inclusion vulnerability in home.php in Top Paidmailer  ...)
 	NOT-FOR-US: Top Paidmailer
-CVE-2009-4749
+CVE-2009-4749 (Multiple SQL injection vulnerabilities in PHP Live! 3.2.1 and 3.2.2 al ...)
 	NOT-FOR-US: PHP Live!
-CVE-2009-4748
+CVE-2009-4748 (SQL injection vulnerability in mycategoryorder.php in the My Category  ...)
 	NOT-FOR-US: My Category Order plugin for wordpress
-CVE-2009-4747
+CVE-2009-4747 (PHP remote file inclusion vulnerability in public/code/cp_html2xhtmlba ...)
 	NOT-FOR-US: All In One Control Panel (AIOCP)
-CVE-2009-4746
+CVE-2009-4746 (Cross-site scripting (XSS) vulnerability in index.php in Dreamlevels D ...)
 	NOT-FOR-US: Dreamlevels DreamPoll
-CVE-2009-4745
+CVE-2009-4745 (Multiple SQL injection vulnerabilities in index.php in Dreamlevels Dre ...)
 	NOT-FOR-US: Dreamlevels DreamPoll
-CVE-2009-4744
+CVE-2009-4744 (Cross-site scripting (XSS) vulnerability in the Contact module in Expo ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2009-4743
+CVE-2009-4743 (Multiple cross-site scripting (XSS) vulnerabilities in history-storage ...)
 	NOT-FOR-US: AfterLogic WebMail
-CVE-2009-4742
+CVE-2009-4742 (Multiple SQL injection vulnerabilities in Docebo 3.6.0.3 allow remote  ...)
 	NOT-FOR-US: Docebo
-CVE-2009-4741
+CVE-2009-4741 (Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Sky ...)
 	NOT-FOR-US: Skype
-CVE-2009-4740
+CVE-2009-4740 (Directory traversal vulnerability in the Webesse E-Card (ws_ecard) ext ...)
 	NOT-FOR-US: ws_ecard extension for typo3
-CVE-2009-4739
+CVE-2009-4739 (PHP remote file inclusion vulnerability in index.php in SkaDate Dating ...)
 	NOT-FOR-US: SkaDate Dating
-CVE-2009-4738
+CVE-2009-4738 (Unspecified vulnerability in JustSystems Corporation ATOK 2006 through ...)
 	NOT-FOR-US: JustSystems Corporation
-CVE-2009-4737
+CVE-2009-4737 (Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 20 ...)
 	NOT-FOR-US: JustSystems Corporation Ichitaro
-CVE-2009-4736
+CVE-2009-4736 (Cross-site scripting (XSS) vulnerability in search.php in CommonSense  ...)
 	NOT-FOR-US: CommonSense CMS
-CVE-2009-4735
+CVE-2009-4735 (SQL injection vulnerability in login.php in Allomani Audio &amp; Video ...)
 	NOT-FOR-US: Allomani Audio & Video Library
-CVE-2009-4734
+CVE-2009-4734 (SQL injection vulnerability in login.php in Allomani Movies Library (M ...)
 	NOT-FOR-US: Allomani Movies Library
-CVE-2009-4733
+CVE-2009-4733 (SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, wh ...)
 	NOT-FOR-US: SimpleLoginSys
-CVE-2009-4732
+CVE-2009-4732 (SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5 ...)
 	NOT-FOR-US: TT Web Site Manager
-CVE-2009-4731
+CVE-2009-4731 (SQL injection vulnerability in photos.php in Model Agency Manager PRO  ...)
 	NOT-FOR-US: Model Agency Manager PRO
-CVE-2009-4730
+CVE-2009-4730 (SQL injection vulnerability in report.php in x10 Adult Media Script 1. ...)
 	NOT-FOR-US: Adult Media Script
-CVE-2009-4729
+CVE-2009-4729 (Multiple cross-site scripting (XSS) vulnerabilities in x10 Adult Media ...)
 	NOT-FOR-US: Adult Media Script
-CVE-2009-4728
+CVE-2009-4728 (SQL injection vulnerability in the administrative interface in Questio ...)
 	NOT-FOR-US: Questions Answered
-CVE-2009-4727
+CVE-2009-4727 (SQL injection vulnerability in x/login in JungleScripts Ajax Short Url ...)
 	NOT-FOR-US: JungleScripts Ajax Short Url
-CVE-2009-4726
+CVE-2009-4726 (Directory traversal vulnerability in download.php in Quickdev 4 PHP al ...)
 	NOT-FOR-US: Quickdev 4 PHP
-CVE-2009-4725
+CVE-2009-4725 (Directory traversal vulnerability in modules/aljazeera/admin/setup.php ...)
 	NOT-FOR-US: Arab Portal
-CVE-2009-4724
+CVE-2009-4724 (SQL injection vulnerability in shop.htm in PaymentProcessorScript.net  ...)
 	NOT-FOR-US: PaymentProcessorScript.net PPScript
-CVE-2009-4723
+CVE-2009-4723 (Directory traversal vulnerability in confirm.php in Netpet CMS 1.9 all ...)
 	NOT-FOR-US: Netpet CMS
-CVE-2009-4722
+CVE-2009-4722 (SQL injection vulnerability in the CheckLogin function in includes/fun ...)
 	NOT-FOR-US: Limny
-CVE-2009-4721
+CVE-2009-4721 (Multiple SQL injection vulnerabilities in Admin/index.asp in Andrews-W ...)
 	NOT-FOR-US: Andrews-Web BannerAd
-CVE-2009-4720
+CVE-2009-4720 (SQL injection vulnerability in cgi-bin/gnudip.cgi in GnuDIP 2.1.1 allo ...)
 	- gnudip <removed> (medium; bug #539452)
-CVE-2009-4719
+CVE-2009-4719 (SQL injection vulnerability in index.php in Discloser 0.0.4 rc2 allows ...)
 	NOT-FOR-US: Discloser
-CVE-2009-4718
+CVE-2009-4718 (SQL injection vulnerability in visitorduration.php in Gonafish WebStat ...)
 	NOT-FOR-US: Gonafish WebStatCaffe
-CVE-2009-4717
+CVE-2009-4717 (Multiple cross-site scripting (XSS) vulnerabilities in Gonafish WebSta ...)
 	NOT-FOR-US: Gonafish WebStatCaffe
-CVE-2009-4716
+CVE-2009-4716 (Cross-site scripting (XSS) vulnerability in results.php in EDGEPHP EZW ...)
 	NOT-FOR-US: EDGEPHP EZWebSearch
-CVE-2009-4715
+CVE-2009-4715 (Cross-site scripting (XSS) vulnerability in rates.php in Real Time Cur ...)
 	NOT-FOR-US: Real Time Currency Exchange
-CVE-2009-4714
+CVE-2009-4714 (Cross-site scripting (XSS) vulnerability in the quiz module for XOOPS  ...)
 	NOT-FOR-US: XOOPS Celepar
-CVE-2009-4713
+CVE-2009-4713 (Multiple cross-site scripting (XSS) vulnerabilities in the Qas (aka Qu ...)
 	NOT-FOR-US: XOOPS Celepar
-CVE-2009-4712
+CVE-2009-4712 (SQL injection vulnerability in index.php in Tukanas Classifieds (aka E ...)
 	NOT-FOR-US: EasyClassifieds
-CVE-2009-4711
+CVE-2009-4711 (SQL injection vulnerability in the CoolURI (cooluri) extension before  ...)
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4710
+CVE-2009-4710 (SQL injection vulnerability in the Reset backend password (cwt_resetbe ...)
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4709
+CVE-2009-4709 (SQL injection vulnerability in the datamints Newsticker (datamints_new ...)
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4708
+CVE-2009-4708 (SQL injection vulnerability in the [Gobernalia] Front End News Submitt ...)
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4707
+CVE-2009-4707 (Cross-site scripting (XSS) vulnerability in the [Gobernalia] Front End ...)
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4706
+CVE-2009-4706 (Cross-site scripting (XSS) vulnerability in the Mailform (mailform) ex ...)
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4705
+CVE-2009-4705 (Cross-site scripting (XSS) vulnerability in the Twitter Search (twitte ...)
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4704
+CVE-2009-4704 (Unspecified vulnerability in the Webesse E-Card (ws_ecard) extension 1 ...)
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4703
+CVE-2009-4703 (SQL injection vulnerability in the Webesse Image Gallery (ws_gallery)  ...)
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4702
+CVE-2009-4702 (SQL injection vulnerability in the Tour Extension (pm_tour) extension  ...)
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4701
+CVE-2009-4701 (SQL injection vulnerability in the Myth download (myth_download) exten ...)
 	NOT-FOR-US: typo3 third-party extension
-CVE-2009-4700
+CVE-2009-4700 (Directory traversal vulnerability in index.php in SkaDate Dating allow ...)
 	NOT-FOR-US: SkaDate Dating
-CVE-2009-4699
+CVE-2009-4699 (Multiple cross-site scripting (XSS) vulnerabilities in SkaDate Dating  ...)
 	NOT-FOR-US: SkaDate Dating
-CVE-2009-4698
+CVE-2009-4698 (Multiple SQL injection vulnerabilities in the Qas (aka Quas) module fo ...)
 	NOT-FOR-US: XOOPS Celepar
-CVE-2009-4697
+CVE-2009-4697 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ra ...)
 	NOT-FOR-US: RadNICS Gold 5
-CVE-2009-4696
+CVE-2009-4696 (SQL injection vulnerability in index.php in RadNICS Gold 5 allows remo ...)
 	NOT-FOR-US: RadNICS Gold 5
-CVE-2009-4695
+CVE-2009-4695 (SQL injection vulnerability in index.php in RadScripts RadLance Gold 7 ...)
 	NOT-FOR-US: RadScripts RadLance Gold
-CVE-2009-4694
+CVE-2009-4694 (Cross-site scripting (XSS) vulnerability in index.php in RadScripts Ra ...)
 	NOT-FOR-US: RadScripts RadLance Gold
-CVE-2009-4693
+CVE-2009-4693 (Multiple PHP remote file inclusion vulnerabilities in GraFX MiniCWB 2. ...)
 	NOT-FOR-US: GraFX MiniCWB
-CVE-2009-4692
+CVE-2009-4692 (Cross-site scripting (XSS) vulnerability in index.php in RadScripts Ra ...)
 	NOT-FOR-US: RadScripts RadLance Gold
-CVE-2009-4691
+CVE-2009-4691 (SQL injection vulnerability in addlink.php in Classified Linktrader Sc ...)
 	NOT-FOR-US: Classified Linktrader Script
-CVE-2009-4690
+CVE-2009-4690 (Multiple cross-site scripting (XSS) vulnerabilities in YourFreeWorld P ...)
 	NOT-FOR-US: YourFreeWorld Programs Rating Script
-CVE-2009-4689
+CVE-2009-4689 (SQL injection vulnerability in index.php in PHP Shopping Cart Selling  ...)
 	NOT-FOR-US: PHP Shopping Cart Selling Website Script
-CVE-2009-4688
+CVE-2009-4688 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in PH ...)
 	NOT-FOR-US: PHP Shopping Cart Selling Website Script
-CVE-2009-4687
+CVE-2009-4687 (SQL injection vulnerability in silentum_guestbook.php in Silentum Gues ...)
 	NOT-FOR-US: Silentum Guestbook
-CVE-2009-4686
+CVE-2009-4686 (Cross-site scripting (XSS) vulnerability in account.php in phplemon Ad ...)
 	NOT-FOR-US: phplemon AdQuick
-CVE-2009-4685
+CVE-2009-4685 (Cross-site scripting (XSS) vulnerability in celebrities.php in PHP Scr ...)
 	NOT-FOR-US: PHP Scripts Now Astrology
-CVE-2009-4684
+CVE-2009-4684 (Cross-site scripting (XSS) vulnerability in index.php in EZodiak allow ...)
 	NOT-FOR-US: EZodiak
-CVE-2009-4683
+CVE-2009-4683 (Directory traversal vulnerability in vote.php in Good/Bad Vote allows  ...)
 	NOT-FOR-US: Good/Bad Vote
-CVE-2009-4682
+CVE-2009-4682 (Cross-site scripting (XSS) vulnerability in vote.php in Good/Bad Vote  ...)
 	NOT-FOR-US: Good/Bad Vote
-CVE-2009-4681
+CVE-2009-4681 (Cross-site scripting (XSS) vulnerability in search.php in phpDirectory ...)
 	NOT-FOR-US: phpDirectorySource
-CVE-2009-4680
+CVE-2009-4680 (SQL injection vulnerability in search.php in phpDirectorySource 1.x al ...)
 	NOT-FOR-US: phpDirectorySource
-CVE-2009-4679
+CVE-2009-4679 (Directory traversal vulnerability in the inertialFATE iF Portfolio Nex ...)
 	NOT-FOR-US: com_if_nexus component for Joomla!
-CVE-2009-4678
+CVE-2009-4678 (Cross-site scripting (XSS) vulnerability in index.php in Winn Guestboo ...)
 	NOT-FOR-US: Winn Guestbook
-CVE-2009-4677
+CVE-2009-4677 (Cross-site scripting (XSS) vulnerability in search.php in phpFK PHP Fo ...)
 	NOT-FOR-US: phpFK PHP Forum
-CVE-2009-4676
+CVE-2009-4676 (Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5. ...)
 	NOT-FOR-US: JetCast.exe
-CVE-2009-4675
+CVE-2009-4675 (admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant ...)
 	NOT-FOR-US: Mole Group Gastro Portal
-CVE-2009-4674
+CVE-2009-4674 (admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script an ...)
 	NOT-FOR-US: Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket
-CVE-2009-4673
+CVE-2009-4673 (SQL injection vulnerability in profile.php in Mole Group Adult Portal  ...)
 	NOT-FOR-US: Mole Group Adult Portal Script
-CVE-2009-4672
+CVE-2009-4672 (Directory traversal vulnerability in main.php in the WP-Lytebox plugin ...)
 	NOT-FOR-US: WP-Lytebox plugin for WordPress
-CVE-2009-4671
+CVE-2009-4671 (Login.php in RoomPHPlanning 1.6 allows remote attackers to bypass auth ...)
 	NOT-FOR-US: RoomPHPlanning
-CVE-2009-4670
+CVE-2009-4670 (admin/delitem.php in RoomPHPlanning 1.6 does not require authenticatio ...)
 	NOT-FOR-US: RoomPHPlanning
-CVE-2009-4669
+CVE-2009-4669 (Multiple SQL injection vulnerabilities in RoomPHPlanning 1.6 allow rem ...)
 	NOT-FOR-US: RoomPHPlanning
-CVE-2009-4668
+CVE-2009-4668 (Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5. ...)
 	NOT-FOR-US: JetCast.exe
-CVE-2009-4667
+CVE-2009-4667 (SQL injection vulnerability in form.php in WebMember 1.0 allows remote ...)
 	NOT-FOR-US: WebMember
-CVE-2009-4666
+CVE-2009-4666 (Multiple PHP remote file inclusion vulnerabilities in Webradev Downloa ...)
 	NOT-FOR-US: Webradev Download Protect
-CVE-2009-4665
+CVE-2009-4665 (Directory traversal vulnerability in CuteSoft_Client/CuteEditor/Load.a ...)
 	NOT-FOR-US: Cute Editor
-CVE-2009-4664
+CVE-2009-4664 (Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allow ...)
 	- fwbuilder 3.0.7-1 (bug #547390; medium)
 	[lenny] - fwbuilder <not-affected> (only versions 3.0.4, 3.0.5 and 3.0.6 are affected)
 	- libfwbuilder 3.0.7-1 (bug #547390; medium)
 	[lenny] - libfwbuilder <not-affected> (only versions 3.0.4, 3.0.5 and 3.0.6 are affected)
 	NOTE: m68k package in debports in still affected at version 3.0.5
 	NOTE: see http://www.fwbuilder.org/docs/firewall_builder_release_notes.html#3.0.7
-CVE-2009-4663
+CVE-2009-4663 (Heap-based buffer overflow in the Quiksoft EasyMail Objects 6 ActiveX  ...)
 	NOT-FOR-US: Quiksoft EasyMail Objects
-CVE-2009-4662
+CVE-2009-4662 (Cross-site scripting (XSS) vulnerability in the WebAccess component in ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-4661
+CVE-2009-4661 (Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow  ...)
 	NOT-FOR-US: BigAnt Server
-CVE-2009-4660
+CVE-2009-4660 (Stack-based buffer overflow in the AntServer Module (AntServer.exe) in ...)
 	NOT-FOR-US: BigAnt IM Server
-CVE-2009-4659
+CVE-2009-4659 (Unspecified vulnerability in MP3-Cutter Ease Audio Cutter 1.20 allows  ...)
 	NOT-FOR-US: MP3-Cutter Ease Audio Cutter
-CVE-2009-4658
+CVE-2009-4658 (Xerver 4.32 allows remote authenticated users to cause a denial of ser ...)
 	NOT-FOR-US: Xerver
-CVE-2009-4657
+CVE-2009-4657 (The administrator package for Xerver 4.32 does not require authenticat ...)
 	NOT-FOR-US: Xerver
-CVE-2009-4656
+CVE-2009-4656 (Stack-based buffer overflow in E-Soft DJ Studio Pro 4.2 including 4.2. ...)
 	NOT-FOR-US: E-Soft DJ Studio Pro
-CVE-2009-4652
+CVE-2009-4652 (The (1) Conn_GetCipherInfo and (2) Conn_UsesSSL functions in src/ngirc ...)
 	- ngircd 15-0.1
 	[lenny] - ngircd <not-affected> (SSL/TLS support not yet present)
-CVE-2009-4655
+CVE-2009-4655 (The dhost web service in Novell eDirectory 8.8.5 uses a predictable se ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-4654
+CVE-2009-4654 (Stack-based buffer overflow in the dhost module in Novell eDirectory 8 ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-4653
+CVE-2009-4653 (Stack-based buffer overflow in the dhost module in Novell eDirectory 8 ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-4651
+CVE-2009-4651 (Multiple cross-site scripting (XSS) vulnerabilities in the Webee Comme ...)
 	NOT-FOR-US: Webee Comments component for Joomla!
-CVE-2009-4650
+CVE-2009-4650 (SQL injection vulnerability in the Webee Comments (com_webeecomment) c ...)
 	NOT-FOR-US: Webee Comments component for Joomla!
-CVE-2009-4649
+CVE-2009-4649 (Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1  ...)
 	NOT-FOR-US: geccBBlite
-CVE-2009-4648
+CVE-2009-4648 (Accellion Secure File Transfer Appliance before 8_0_105 does not prope ...)
 	NOT-FOR-US: Accellion Secure File Transfer Appliance
-CVE-2009-4647
+CVE-2009-4647 (Cross-site scripting (XSS) vulnerability in Accellion Secure File Tran ...)
 	NOT-FOR-US: Accellion Secure File Transfer Appliance
-CVE-2009-4646
+CVE-2009-4646 (Static code injection vulnerability in the administrative web interfac ...)
 	NOT-FOR-US: Accellion Secure File Transfer Appliance
-CVE-2009-4645
+CVE-2009-4645 (Directory traversal vulnerability in web_client_user_guide.html in Acc ...)
 	NOT-FOR-US: Accellion Secure File Transfer Appliance
-CVE-2009-4644
+CVE-2009-4644 (Accellion Secure File Transfer Appliance before 8_0_105 allows remote  ...)
 	NOT-FOR-US: Accellion Secure File Transfer Appliance
 CVE-2009-5050 [konversation DoS]
 	RESERVED
 	- konversation 1.2.3-1 (low)
 	[lenny] - konversation <not-affected> (Doesn't affect the combination of kdelibs/QT in Lenny)
 	NOTE: http://bugs.kde.org/show_bug.cgi?id=219985
-CVE-2009-4643
+CVE-2009-4643 (Stack-based buffer overflow in dsInstallerService.dll in the Juniper I ...)
 	NOT-FOR-US: Juniper Installer Service
 CVE-2009-XXXX [ffmpeg potentially remaining vulnerabilities after DSA 2000]
 	- ffmpeg 4:0.5.1-1 (medium; bug #570713)
 	- ffmpeg-debian <end-of-life>
-CVE-2009-4642
+CVE-2009-4642 (gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface t ...)
 	- gnome-screensaver 2.26.1-2
 	[lenny] - gnome-screensaver <not-affected> (vulnerability introduced in 2.26)
 	NOTE: only an issue under certain desktop environments such as xfce
-CVE-2009-4641
+CVE-2009-4641 (gnome-screensaver 2.28.0 does not resume adherence to its activation s ...)
 	- gnome-screensaver 2.28.0-2 (low; bug #569667)
 	[etch] - gnome-screensaver <not-affected> (Vulnerable code not present)
 	[lenny] - gnome-screensaver <not-affected> (Vulnerable code not present)
-CVE-2009-4640
+CVE-2009-4640 (Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attacker ...)
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4639
+CVE-2009-4639 (The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows re ...)
 	- ffmpeg 7:2.4.1-1 (unimportant; bug #550442)
 	- ffmpeg-debian <removed> (unimportant)
 	NOTE: denial-of-service only, so not worth worrying about
 	NOTE: http://thread.gmane.org/gmane.comp.video.ffmpeg.devel/97154/focus=97156
 	NOTE: http://thread.gmane.org/gmane.comp.video.ffmpeg.issues/6111/focus=6116
-CVE-2009-4638
+CVE-2009-4638 (Integer overflow in FFmpeg 0.5 allows remote attackers to cause a deni ...)
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4637
+CVE-2009-4637 (FFmpeg 0.5 allows remote attackers to cause a denial of service (crash ...)
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4636
+CVE-2009-4636 (FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) ...)
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4635
+CVE-2009-4635 (FFmpeg 0.5 allows remote attackers to cause a denial of service and po ...)
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4634
+CVE-2009-4634 (Multiple integer underflows in FFmpeg 0.5 allow remote attackers to ca ...)
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4633
+CVE-2009-4633 (vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparis ...)
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4632
+CVE-2009-4632 (oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain point ...)
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4631
+CVE-2009-4631 (Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remot ...)
 	{DSA-2000-1}
 	- ffmpeg 4:0.5+svn20090706-3 (bug #550442)
 	- ffmpeg-debian <removed>
-CVE-2009-4630
+CVE-2009-4630 (Mozilla Necko, as used in Firefox, SeaMonkey, and other applications,  ...)
 	- xulrunner 1.9.1-1 (low)
 	[etch] - xulrunner <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
 	[lenny] - xulrunner <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
@@ -1191,7 +1191,7 @@ CVE-2009-4630
 	[etch] - iceape <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
 	[lenny] - iceape <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
 	NOTE: mozilla's dns prefetching leads to disclosure of the user's network location
-CVE-2009-4629
+CVE-2009-4629 (Mozilla Necko, as used in Thunderbird 3.0.1, SeaMonkey, and other appl ...)
 	- icedove 3.0.2-1 (unimportant)
 	[etch] - icedove <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
 	[lenny] - icedove <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
@@ -1200,265 +1200,265 @@ CVE-2009-4629
 	- iceape <removed> (unimportant)
 	[etch] - iceape <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
 	[lenny] - iceape <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
-CVE-2009-4628
+CVE-2009-4628 (SQL injection vulnerability in the TemplatePlaza.com TPDugg (com_tpdug ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-4627
+CVE-2009-4627 (Directory traversal vulnerability in sources/_template_parser.php in M ...)
 	NOT-FOR-US: Moa Gallery
-CVE-2009-4626
+CVE-2009-4626 (Directory traversal vulnerability in menu.php in phpNagios 1.2.0 allow ...)
 	NOT-FOR-US: phpNagios
-CVE-2009-4625
+CVE-2009-4625 (SQL injection vulnerability in the updateOnePage function in component ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-4624
+CVE-2009-4624 (SQL injection vulnerability in download.php in Nicecoder iDesk allows  ...)
 	NOT-FOR-US: Nicecoder iDesk
-CVE-2009-4623
+CVE-2009-4623 (Multiple PHP remote file inclusion vulnerabilities in Advanced Comment ...)
 	NOT-FOR-US: Advanced Comment System
-CVE-2009-4622
+CVE-2009-4622 (PHP remote file inclusion vulnerability in admin/admin_news_bot.php in ...)
 	NOT-FOR-US: Drunken:Golem Gaming Portal
-CVE-2009-4621
+CVE-2009-4621 (SQL injection vulnerability in the JiangHu Inn plugin 1.1 and earlier  ...)
 	NOT-FOR-US: Discuz
-CVE-2009-4620
+CVE-2009-4620 (SQL injection vulnerability in the Joomloc (com_joomloc) component 1.0 ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-4619
+CVE-2009-4619 (SQL injection vulnerability in the Lucy Games (com_lucygames) componen ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-4618
+CVE-2009-4618 (Multiple SQL injection vulnerabilities in Tourism Script Bus Script al ...)
 	NOT-FOR-US: Tourism Script Bus Script
-CVE-2009-4617
+CVE-2009-4617 (Multiple SQL injection vulnerabilities in Tourism Script Accommodation ...)
 	NOT-FOR-US: Tourism Script Accommodation Hotel Booking Portal Script
-CVE-2009-4616
+CVE-2009-4616 (Cross-site scripting (XSS) vulnerability in search.php in MYRE Holiday ...)
 	NOT-FOR-US: MYRE Holiday Rental Manager
-CVE-2009-4615
+CVE-2009-4615 (SQL injection vulnerability in review.php in MYRE Holiday Rental Manag ...)
 	NOT-FOR-US: MYRE Holiday Rental Manager
-CVE-2009-4614
+CVE-2009-4614 (Multiple PHP remote file inclusion vulnerabilities in Moa Gallery 1.2. ...)
 	NOT-FOR-US: Moa Gallery
-CVE-2009-4613
+CVE-2009-4613 (SQL injection vulnerability in realestate20/loginaction.php in NetArt  ...)
 	NOT-FOR-US: NetArt Media Real Estate Portal
-CVE-2009-4612
+CVE-2009-4612 (Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP  ...)
 	- jetty 6.1.22-1 (bug #575789)
-CVE-2009-4611
+CVE-2009-4611 (Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing  ...)
 	- jetty 6.1.22-1
-CVE-2009-4610
+CVE-2009-4610 (Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty  ...)
 	- jetty <not-affected> (low; bug #575790)
 	NOTE: the exploitable servlet is not shipped in Debian packages
-CVE-2009-4609
+CVE-2009-4609 (The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote attacke ...)
 	- jetty <not-affected> (low; bug #575791)
 	NOTE: the exploitable servlet is not shipped in Debian packages
-CVE-2009-4608
+CVE-2009-4608 (Cross-site scripting (XSS) vulnerability in Canon IT Solutions Inc. AC ...)
 	NOT-FOR-US: ACCESSGUARDIAN
-CVE-2009-4607
+CVE-2009-4607 (The command line interface in Overland Storage Snap Server 410 with Gu ...)
 	NOT-FOR-US: Overland Storage Snap Server
-CVE-2009-4606
+CVE-2009-4606 (South River Technologies WebDrive 9.02 build 2232 installs the WebDriv ...)
 	NOT-FOR-US: South River Technologies WebDrive
-CVE-2009-4604
+CVE-2009-4604 (PHP remote file inclusion vulnerability in mamboleto.php in the Fernan ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-4603
+CVE-2009-4603 (Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, 7 ...)
 	NOT-FOR-US: SAP Kernel
-CVE-2009-4602
+CVE-2009-4602 (Cross-site scripting (XSS) vulnerability in the Randomizer module 5.x  ...)
 	NOT-FOR-US: Randomizer module for Drupal
-CVE-2009-4601
+CVE-2009-4601 (Cross-site scripting (XSS) vulnerability in basic_search_result.php in ...)
 	NOT-FOR-US: ZeeJobsite
-CVE-2009-4600
+CVE-2009-4600 (SQL injection vulnerability in realestate20/loginaction.php in NetArt  ...)
 	NOT-FOR-US: NetArt Media Real Estate Portal
-CVE-2009-4599
+CVE-2009-4599 (Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) com ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-4598
+CVE-2009-4598 (SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 f ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-4597
+CVE-2009-4597 (Multiple SQL injection vulnerabilities in index.php in PHP Inventory 1 ...)
 	NOT-FOR-US: PHP Inventory
-CVE-2009-4596
+CVE-2009-4596 (Cross-site scripting (XSS) vulnerability in index.php in PHP Inventory ...)
 	NOT-FOR-US: PHP Inventory
-CVE-2009-4595
+CVE-2009-4595 (SQL injection vulnerability in index.php in PHP Inventory 1.2 allows r ...)
 	NOT-FOR-US: PHP Inventory
-CVE-2009-4605
+CVE-2009-4605 (scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2 ...)
 	{DSA-2034-1}
 	- phpmyadmin 4:3.2.4-1
 	NOTE: vulnerable code does not in the 3.x series (sid and squeeze checked)
 	NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13149
 	NOTE: there is still at least one unserialize() call on _POST data
-CVE-2009-4594
+CVE-2009-4594 (Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access o ...)
 	NOT-FOR-US: IBM Lotus iNotes
-CVE-2009-4593
+CVE-2009-4593 (The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not ...)
 	NOT-FOR-US: Bftpd
-CVE-2009-4592
+CVE-2009-4592 (Unspecified vulnerability in base_local_rules.php in Basic Analysis an ...)
 	- acidbase 1.4.4-1
 	[lenny] - acidbase <no-dsa> (Minor issue)
 	[etch] - acidbase <no-dsa> (Minor issue)
-CVE-2009-4591
+CVE-2009-4591 (SQL injection vulnerability in Basic Analysis and Security Engine (BAS ...)
 	- acidbase 1.4.4-1
 	[lenny] - acidbase <no-dsa> (Minor issue)
 	[etch] - acidbase <no-dsa> (Minor issue)
-CVE-2009-4590
+CVE-2009-4590 (Cross-site scripting (XSS) vulnerability in base_local_rules.php in Ba ...)
 	- acidbase 1.4.4-1
 	[lenny] - acidbase <no-dsa> (Minor issue)
 	[etch] - acidbase <no-dsa> (Minor issue)
 	NOTE: 1.4.5 fixed more XSS issues in this file
-CVE-2009-4588
+CVE-2009-4588 (Heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX control ...)
 	NOT-FOR-US: AwingSoft Awakening
-CVE-2009-4587
+CVE-2009-4587 (Cherokee Web Server 0.5.4 allows remote attackers to cause a denial of ...)
 	- cherokee <not-affected> (Only affects Windows and DOS)
 	NOTE: this only works on windows and dos as you are not allowed
 	NOTE: to use a file name with AUX and any or no extension as this is a
 	NOTE: reserved device name. cherokee was lacking error handling...
-CVE-2009-4586
+CVE-2009-4586 (Multiple cross-site scripting (XSS) vulnerabilities in index.html in W ...)
 	NOT-FOR-US: Wowd client
-CVE-2009-4585
+CVE-2009-4585 (UranyumSoft Listing Service stores sensitive information under the web ...)
 	NOT-FOR-US: UranyumSoft Listing Service
-CVE-2009-4584
+CVE-2009-4584 (admin.php in dB Masters Multimedia Links Directory 3.1.3 allows remote ...)
 	NOT-FOR-US: dB Masters Multimedia Links Directory
-CVE-2009-4583
+CVE-2009-4583 (SQL injection vulnerability in the DhForum (com_dhforum) component for ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4582
+CVE-2009-4582 (SQL injection vulnerability in detail.php in the Dictionary module for ...)
 	NOT-FOR-US: XOOPS module
-CVE-2009-4581
+CVE-2009-4581 (Directory traversal vulnerability in modules/admincp.php in RoseOnline ...)
 	NOT-FOR-US: RoseOnlineCMS
-CVE-2009-4580
+CVE-2009-4580 (Multiple cross-site scripting (XSS) vulnerabilities in Hasta Blog 2.3  ...)
 	NOT-FOR-US: Hasta Blog
-CVE-2009-4579
+CVE-2009-4579 (Cross-site scripting (XSS) vulnerability in the Artist avenue (com_art ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4578
+CVE-2009-4578 (Cross-site scripting (XSS) vulnerability in the Facileforms (com_facil ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4577
+CVE-2009-4577 (SQL injection vulnerability in the MDForum module 2.x through 2.07 for ...)
 	NOT-FOR-US: MDForum module for MAXdev MDPro
-CVE-2009-4576
+CVE-2009-4576 (SQL injection vulnerability in the BeeHeard (com_beeheard) component 1 ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4575
+CVE-2009-4575 (Cross-site scripting (XSS) vulnerability in the Q-Personel (com_qperso ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4574
+CVE-2009-4574 (SQL injection vulnerability in country_escorts.php in I-Escorts Direct ...)
 	NOT-FOR-US: I-Escorts Directory Script
-CVE-2009-4573
+CVE-2009-4573 (Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus (m ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4572
+CVE-2009-4572 (Cross-site request forgery (CSRF) vulnerability in PhpShop 0.8.1 allow ...)
 	NOT-FOR-US: PhpShop
-CVE-2009-4571
+CVE-2009-4571 (Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 a ...)
 	NOT-FOR-US: PhpShop
-CVE-2009-4570
+CVE-2009-4570 (Cross-site scripting (XSS) vulnerability in PhpShop 0.8.1 allows remot ...)
 	NOT-FOR-US: PhpShop
-CVE-2009-4569
+CVE-2009-4569 (SQL injection vulnerability in elkagroup Image Gallery allows remote a ...)
 	NOT-FOR-US: elkagroup Image Gallery
-CVE-2009-4568
+CVE-2009-4568 (Cross-site scripting (XSS) vulnerability in Webmin before 1.500 and Us ...)
 	NOT-FOR-US: Webmin
-CVE-2009-4567
+CVE-2009-4567 (Multiple cross-site scripting (XSS) vulnerabilities in editprofile.php ...)
 	NOT-FOR-US: Viscacha
-CVE-2009-4566
+CVE-2009-4566 (SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remo ...)
 	NOT-FOR-US: Zenphoto
-CVE-2009-4564
+CVE-2009-4564 (SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the Z ...)
 	NOT-FOR-US: Zenphoto
-CVE-2009-4563
+CVE-2009-4563 (Cross-site request forgery (CSRF) vulnerability in zp-core/admin-optio ...)
 	NOT-FOR-US: Zenphoto
-CVE-2009-4562
+CVE-2009-4562 (Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenph ...)
 	NOT-FOR-US: Zenphoto
-CVE-2009-4561
+CVE-2009-4561 (Multiple SQL injection vulnerabilities in Admin/index.php in WebLeague ...)
 	NOT-FOR-US: WebLeague
-CVE-2009-4560
+CVE-2009-4560 (SQL injection vulnerability in profile.php in WebLeague 2.2.0 allows r ...)
 	NOT-FOR-US: WebLeague
-CVE-2009-4559
+CVE-2009-4559 (Cross-site scripting (XSS) vulnerability in the Submitted By module 6. ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4558
+CVE-2009-4558 (The Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before 2.0-alp ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4557
+CVE-2009-4557 (Cross-site scripting (XSS) vulnerability in the Image Assist module 5. ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4556
+CVE-2009-4556 (Quick Heal AntiVirus Plus 2009 10.00 SP1 and Quick Heal Total Security ...)
 	NOT-FOR-US: Quick Heal products
-CVE-2009-4555
+CVE-2009-4555 (Multiple cross-site request forgery (CSRF) vulnerabilities in AgoraCar ...)
 	NOT-FOR-US: AgoraCart
-CVE-2009-4554
+CVE-2009-4554 (Multiple cross-site scripting (XSS) vulnerabilities in Snitz Forums 20 ...)
 	NOT-FOR-US: Snitz Forums
-CVE-2009-4553
+CVE-2009-4553 (Stack-based buffer overflow in iRehearse allows remote attackers to ca ...)
 	NOT-FOR-US: iRehearse
-CVE-2009-4552
+CVE-2009-4552 (Cross-site scripting (XSS) vulnerability in the Survey Pro module for  ...)
 	NOT-FOR-US: module for Miniweb
-CVE-2009-4551
+CVE-2009-4551 (SQL injection vulnerability in the Survey Pro module for Miniweb 2.0 a ...)
 	NOT-FOR-US: module for Miniweb
-CVE-2009-4550
+CVE-2009-4550 (SQL injection vulnerability in the Kunena Forum (com_kunena) component ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4549
+CVE-2009-4549 (Stack-based buffer overflow in A2 Media Player Pro 2.51 allows remote  ...)
 	NOT-FOR-US: A2 Media Player Pro
-CVE-2009-4548
+CVE-2009-4548 (Multiple cross-site scripting (XSS) vulnerabilities in ViArt Helpdesk  ...)
 	NOT-FOR-US: ViArt Helpdesk
-CVE-2009-4547
+CVE-2009-4547 (Multiple cross-site scripting (XSS) vulnerabilities in ViArt CMS 3.x a ...)
 	NOT-FOR-US: ViArt CMS
-CVE-2009-4546
+CVE-2009-4546 (globepersonnel_login.asp in Logoshows BBS 2.0 allows remote attackers  ...)
 	NOT-FOR-US: Logoshows BBS
-CVE-2009-4545
+CVE-2009-4545 (Logoshows BBS 2.0 stores sensitive information under the web root with ...)
 	NOT-FOR-US: Logoshows BBS
-CVE-2009-4544
+CVE-2009-4544 (Cross-site scripting (XSS) vulnerability in kbase/kbase.php in Cromoso ...)
 	NOT-FOR-US: Cromosoft Technologies Facil Helpdesk
-CVE-2009-4543
+CVE-2009-4543 (PHP remote file inclusion vulnerability in index.php in Cromosoft Tech ...)
 	NOT-FOR-US: Cromosoft Technologies Facil Helpdesk
-CVE-2009-4542
+CVE-2009-4542 (Cross-site scripting (XSS) vulnerability in newticket.php in IsolSoft  ...)
 	NOT-FOR-US: IsolSoft Support Center
-CVE-2009-4541
+CVE-2009-4541 (Multiple PHP remote file inclusion vulnerabilities in IsolSoft Support ...)
 	NOT-FOR-US: IsolSoft Support Center
-CVE-2009-4540
+CVE-2009-4540 (SQL injection vulnerability in page.php in Mini CMS 1.0.1 allows remot ...)
 	NOT-FOR-US: Mini CMS
-CVE-2009-4539
+CVE-2009-4539 (Cross-site scripting (XSS) vulnerability in main.php in SQLiteManager  ...)
 	NOT-FOR-US: SQLiteManager
-CVE-2009-4538
+CVE-2009-4538 (drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2 ...)
 	{DSA-2005-1 DSA-1996-1}
 	- linux-2.6 2.6.32-6 (low; bug #564114)
 	[etch] - linux-2.6 <not-affected> (does not have e1000e driver)
 	- linux-2.6.24 <removed> (low)
 	NOTE: just like CVE-2009-4536 but was reported later
-CVE-2009-4537
+CVE-2009-4537 (drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 a ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-11 (medium; bug #564110; bug #591581)
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-4536
+CVE-2009-4536 (drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel ...)
 	{DSA-2005-1 DSA-2003-1 DSA-1996-1}
 	- linux-2.6 2.6.32-6 (low; bug #564114)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-4535
+CVE-2009-4535 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the sourc ...)
 	NOT-FOR-US: Mongoose
-CVE-2009-4534
+CVE-2009-4534 (Open redirect vulnerability in the FAQ Ask module 5.x and 6.x before 6 ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4533
+CVE-2009-4533 (The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4532
+CVE-2009-4532 (Cross-site scripting (XSS) vulnerability in the Webform module 5.x bef ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4531
+CVE-2009-4531 (httpdx 1.4.4 and earlier allows remote attackers to obtain the source  ...)
 	NOT-FOR-US: httpdx
-CVE-2009-4530
+CVE-2009-4530 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the sourc ...)
 	NOT-FOR-US: Mongoose
-CVE-2009-4529
+CVE-2009-4529 (InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote att ...)
 	NOT-FOR-US: InterVations NaviCOPA Web Server
-CVE-2009-4528
+CVE-2009-4528 (The Organic Groups (OG) Vocabulary module 6.x before 6.x-1.0 for Drupa ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4527
+CVE-2009-4527 (The Shibboleth authentication module 5.x before 5.x-3.4 and 6.x before ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4526
+CVE-2009-4526 (The Send by e-mail sub-module in the Print (aka Printer, e-mail and PD ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4525
+CVE-2009-4525 (Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e- ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4524
+CVE-2009-4524 (Cross-site scripting (XSS) vulnerability in the RealName module 6.x-1. ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4523
+CVE-2009-4523 (Cross-site scripting (XSS) vulnerability in index.php in Zainu 1.0 all ...)
 	NOT-FOR-US: Zainu
-CVE-2009-4522
+CVE-2009-4522 (Cross-site scripting (XSS) vulnerability in search.5.html in BloofoxCM ...)
 	NOT-FOR-US: BloofoxCMS
-CVE-2009-4521
+CVE-2009-4521 (Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse ...)
 	NOT-FOR-US: Eclipse Business Intelligence and Reporting Tools
-CVE-2009-4520
+CVE-2009-4520 (The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before 6.x ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4519
+CVE-2009-4519 (Multiple unspecified vulnerabilities in Ortro before 1.3.4 have unknow ...)
 	NOT-FOR-US: Ortro
-CVE-2009-4518
+CVE-2009-4518 (Cross-site scripting (XSS) vulnerability in the Insert Node module 5.x ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4517
+CVE-2009-4517 (Cross-site request forgery (CSRF) vulnerability in the FAQ Ask module  ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4516
+CVE-2009-4516 (Cross-site scripting (XSS) vulnerability in the FAQ Ask module 5.x and ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4515
+CVE-2009-4515 (The Storm module 6.x before 6.x-1.25 for Drupal does not enforce privi ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4514
+CVE-2009-4514 (Cross-site scripting (XSS) vulnerability in the OpenSocial Shindig-Int ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4513
+CVE-2009-4513 (Multiple cross-site scripting (XSS) vulnerabilities in the Workflow mo ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4512
+CVE-2009-4512 (Directory traversal vulnerability in index.php in Oscailt 3.3, when Us ...)
 	NOT-FOR-US: Oscailt
-CVE-2009-4511
+CVE-2009-4511 (Multiple directory traversal vulnerabilities in the web administration ...)
 	NOT-FOR-US: TANDBERG Video Communication Server
-CVE-2009-4510
+CVE-2009-4510 (The SSH service on the TANDBERG Video Communication Server (VCS) befor ...)
 	NOT-FOR-US: TANDBERG Video Communication Server
-CVE-2009-4509
+CVE-2009-4509 (The administrative web console on the TANDBERG Video Communication Ser ...)
 	NOT-FOR-US: TANDBERG Video Communication Server
 CVE-2009-4508
 	RESERVED
@@ -1466,476 +1466,476 @@ CVE-2009-4507
 	RESERVED
 CVE-2009-4506
 	RESERVED
-CVE-2009-4505
+CVE-2009-4505 (Multiple cross-site scripting (XSS) vulnerabilities in OpenCMS OAMP Co ...)
 	NOT-FOR-US: OpenCMS
 CVE-2009-4504
 	RESERVED
 CVE-2009-4503
 	RESERVED
-CVE-2009-4502
+CVE-2009-4502 (The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, whe ...)
 	- zabbix 1:1.8-1 (bug #562613)
-CVE-2009-4501
+CVE-2009-4501 (The zbx_get_next_field function in libs/zbxcommon/str.c in Zabbix Serv ...)
 	- zabbix 1:1.8-1 (bug #562613)
-CVE-2009-4500
+CVE-2009-4500 (The process_trap function in trapper/trapper.c in Zabbix Server before ...)
 	- zabbix 1:1.8-1 (bug #562613)
-CVE-2009-4499
+CVE-2009-4499 (SQL injection vulnerability in the get_history_lastid function in the  ...)
 	- zabbix 1:1.8-1 (bug #562613)
-CVE-2009-4498
+CVE-2009-4498 (The node_process_command function in Zabbix Server before 1.8 allows r ...)
 	- zabbix 1:1.8-1 (bug #562613)
-CVE-2009-4497
+CVE-2009-4497 (Cross-site scripting (XSS) vulnerability in LXR Cross Referencer 0.9.5 ...)
 	{DSA-2092-1}
 	- lxr-cvs 0.9.5+cvs20071020-1.1 (low; bug #575745)
 	NOTE: http://sourceforge.net/mailarchive/forum.php?thread_name=E1NS2s4-0001PE-F2@3bkjzd1.ch3.sourceforge.com&forum_name=lxr-developer
-CVE-2009-4496
+CVE-2009-4496 (Boa 0.94.14rc21 writes data to a log file without sanitizing non-print ...)
 	- boa 0.94.14rc21-4 (unimportant; bug #578035)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4495
+CVE-2009-4495 (Yaws 1.85 writes data to a log file without sanitizing non-printable c ...)
 	- yaws <unfixed> (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4494
+CVE-2009-4494 (AOLserver 4.5.1 writes data to a log file without sanitizing non-print ...)
 	- aolserver4 <unfixed> (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4493
+CVE-2009-4493 (Orion Application Server 2.0.7 writes data to a log file without sanit ...)
 	NOT-FOR-US: Orion httpd
-CVE-2009-4492
+CVE-2009-4492 (WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patc ...)
 	- ruby1.8 1.8.7.249-1 (unimportant; bug #564598)
 	- ruby1.9 <removed> (unimportant; bug #564647)
 	- ruby1.9.1 1.9.1.378-1 (unimportant; bug #564646)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
 	NOTE: same as CVE-2009-4487
-CVE-2009-4491
+CVE-2009-4491 (thttpd 2.25b0 writes data to a log file without sanitizing non-printab ...)
 	- thttpd <removed> (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4490
+CVE-2009-4490 (mini_httpd 1.19 writes data to a log file without sanitizing non-print ...)
 	- mini-httpd <unfixed> (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4489
+CVE-2009-4489 (header.c in Cherokee before 0.99.32 writes data to a log file without  ...)
 	- cherokee 0.99.37-1 (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4488
+CVE-2009-4488 (** DISPUTED ** Varnish 2.0.6 writes data to a log file without sanitiz ...)
 	- varnish <unfixed> (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4487
+CVE-2009-4487 (nginx 0.7.64 writes data to a log file without sanitizing non-printabl ...)
 	- nginx <unfixed> (unimportant)
 	NOTE: The actual issue is within the broken terminal emulators and needs to be fixed there, see CVE-2009-4487
-CVE-2009-4486
+CVE-2009-4486 (Stack-based buffer overflow in the eDirectory plugin in Novell iManage ...)
 	NOT-FOR-US: iManager
 CVE-2009-4485
 	REJECTED
-CVE-2009-4484
+CVE-2009-4484 (Multiple stack-based buffer overflows in the CertDecoder::GetName func ...)
 	{DSA-1997-1}
 	- mysql-dfsg-5.0 <removed> (medium)
 	- mysql-5.1 5.1.41-4 (medium)
 	- cyassl <not-affected> (Fixed before initial upload to archive)
 	NOTE: http://web.archive.org/web/20100129040903/http://intevydis.blogspot.com:80/2010/01/mysq-yassl-stack-overflow.html
 	NOTE: http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1
-CVE-2009-4483
+CVE-2009-4483 (Unspecified vulnerability in LDAP3A.exe in MailSite 8.0.4 allows remot ...)
 	NOT-FOR-US: MailSite
-CVE-2009-4482
+CVE-2009-4482 (Buffer overflow in MediaServer.exe in TVersity 1.6 allows remote attac ...)
 	NOT-FOR-US: TVersity
 CVE-2009-4481
 	REJECTED
-CVE-2009-4480
+CVE-2009-4480 (Buffer overflow in the web service in AzeoTech DAQFactory 5.77 might a ...)
 	NOT-FOR-US: AzeoTech DAQFactory
-CVE-2009-4479
+CVE-2009-4479 (LDAP3A.exe in MailSite 8.0.4 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: MailSite
-CVE-2009-4478
+CVE-2009-4478 (Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Est ...)
 	NOT-FOR-US: Xstate Real Estate
-CVE-2009-4477
+CVE-2009-4477 (SQL injection vulnerability in page.html in Xstate Real Estate 1.0 all ...)
 	NOT-FOR-US: Xstate Real Estate
-CVE-2009-4476
+CVE-2009-4476 (Stack-based buffer overflow in HAURI ViRobot Desktop 5.5 before 2009-0 ...)
 	NOT-FOR-US: HAURI ViRobot Desktop
-CVE-2009-4475
+CVE-2009-4475 (SQL injection vulnerability in the Joomlub (com_joomlub) component for ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4474
+CVE-2009-4474 (SQL injection vulnerability in the Mike de Boer zoom (com_zoom) compon ...)
 	NOT-FOR-US: Mambo component
-CVE-2009-4473
+CVE-2009-4473 (Multiple cross-site scripting (XSS) vulnerabilities in WorkArea/Conten ...)
 	NOT-FOR-US: Ektron CMS400.NET
-CVE-2009-4472
+CVE-2009-4472 (Multiple PHP remote file inclusion vulnerabilities in PHPope 1.0.0 and ...)
 	NOT-FOR-US: PHPope
-CVE-2009-4471
+CVE-2009-4471 (Multiple PHP remote file inclusion vulnerabilities in FreeSchool 1.1.0 ...)
 	NOT-FOR-US: FreeSchool
-CVE-2009-4470
+CVE-2009-4470 (SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remot ...)
 	NOT-FOR-US: DVBBS
-CVE-2009-4469
+CVE-2009-4469 (Multiple cross-site scripting (XSS) vulnerabilities in pagenumber.inc. ...)
 	NOT-FOR-US: phpPowerCards
-CVE-2009-4468
+CVE-2009-4468 (Cross-site scripting (XSS) vulnerability in misc.php in DeluxeBB 1.3 a ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2009-4467
+CVE-2009-4467 (misc.php in DeluxeBB 1.3 allows remote attackers to register accounts  ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2009-4466
+CVE-2009-4466 (DeluxeBB 1.3 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2009-4465
+CVE-2009-4465 (DeluxeBB 1.3 stores sensitive information under the web root with insu ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2009-4464
+CVE-2009-4464 (Cross-site scripting (XSS) vulnerability in searchadvance.asp in Activ ...)
 	NOT-FOR-US: Active Business Directory
-CVE-2009-4463
+CVE-2009-4463 (Intellicom NetBiter WebSCADA devices use default passwords for the HIC ...)
 	NOT-FOR-US: Intellicom NetBiter WebSCADA
-CVE-2009-4462
+CVE-2009-4462 (Stack-based buffer overflow in the NetBiterConfig utility (NetBiterCon ...)
 	NOT-FOR-US: Intellicom NetBiter WebSCADA
-CVE-2009-4461
+CVE-2009-4461 (Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.909 ...)
 	- flatpress <itp> (bug #466297)
-CVE-2009-4460
+CVE-2009-4460 (Multiple cross-site scripting (XSS) vulnerabilities in Auto-Surf Traff ...)
 	NOT-FOR-US: Auto-Surf Traffic Exchange Script
-CVE-2009-4459
+CVE-2009-4459 (Redmine 0.8.7 and earlier uses the title tag before defining the chara ...)
 	- redmine 0.9.1-1 (bug #563940)
-CVE-2009-4565
+CVE-2009-4565 (sendmail before 8.14.4 does not properly handle a '\0' character in a  ...)
 	{DSA-1985-1}
 	- sendmail 8.14.3-9.1 (medium; bug #564581)
 	NOTE: http://www.sendmail.org/releases/8.14.4
-CVE-2009-4458
+CVE-2009-4458 (Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 a ...)
 	NOT-FOR-US: FreePBX
-CVE-2009-4457
+CVE-2009-4457 (Multiple unspecified vulnerabilities in the Vsftpd Webmin module befor ...)
 	NOT-FOR-US: Webmin
-CVE-2009-4456
+CVE-2009-4456 (SQL injection vulnerability in news_detail.php in Green Desktiny 2.3.1 ...)
 	NOT-FOR-US: Green Desktiny
-CVE-2009-4455
+CVE-2009-4455 (The default configuration of Cisco ASA 5500 Series Adaptive Security A ...)
 	NOT-FOR-US: Cisco
-CVE-2009-4454
+CVE-2009-4454 (vccleaner in VideoCache 1.9.2 allows local users with Squid proxy user ...)
 	- videocache <itp> (bug #505329)
-CVE-2009-4453
+CVE-2009-4453 (Insecure method vulnerability in SoftCab Sound Converter ActiveX contr ...)
 	NOT-FOR-US: SoftCab Sound Converter ActiveX
-CVE-2009-4452
+CVE-2009-4452 (Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Vir ...)
 	NOT-FOR-US: Kaspersky Anti-Viru
-CVE-2009-4451
+CVE-2009-4451 (Unrestricted file upload vulnerability in upper.php in kandalf upper 0 ...)
 	NOT-FOR-US: kandalf upper
-CVE-2009-4450
+CVE-2009-4450 (Multiple cross-site scripting (XSS) vulnerabilities in map.php in Live ...)
 	NOT-FOR-US: LiveZilla
-CVE-2009-4449
+CVE-2009-4449 (Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.4.10 ...)
 	NOT-FOR-US: MyBB
-CVE-2009-4448
+CVE-2009-4448 (inc/functions_time.php in MyBB (aka MyBulletinBoard) 1.4.10, and possi ...)
 	NOT-FOR-US: MyBB
-CVE-2009-4447
+CVE-2009-4447 (Jax Guestbook 3.5.0 allows remote attackers to bypass authentication a ...)
 	NOT-FOR-US: Jax Guestbook
-CVE-2009-4446
+CVE-2009-4446 (Cross-site scripting (XSS) vulnerability in admin.php in phpInstantGal ...)
 	NOT-FOR-US: phpInstantGallery
-CVE-2009-4445
+CVE-2009-4445 (Microsoft Internet Information Services (IIS), when used in conjunctio ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-4444
+CVE-2009-4444 (Microsoft Internet Information Services (IIS) 5.x and 6.x uses only th ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-4443
+CVE-2009-4443 (Unspecified vulnerability in the psearch (aka persistent search) funct ...)
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
-CVE-2009-4442
+CVE-2009-4442 (Directory Proxy Server (DPS) in Sun Java System Directory Server Enter ...)
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
-CVE-2009-4441
+CVE-2009-4441 (Directory Proxy Server (DPS) in Sun Java System Directory Server Enter ...)
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
-CVE-2009-4440
+CVE-2009-4440 (Directory Proxy Server (DPS) in Sun Java System Directory Server Enter ...)
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
-CVE-2009-4439
+CVE-2009-4439 (Unspecified vulnerability in the Query Compiler, Rewrite, and Optimize ...)
 	NOT-FOR-US: DB2
-CVE-2009-4438
+CVE-2009-4438 (The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 be ...)
 	NOT-FOR-US: DB2
-CVE-2009-4437
+CVE-2009-4437 (Multiple SQL injection vulnerabilities in Active Auction House 3.6 all ...)
 	NOT-FOR-US: Active Auction House 3.6
-CVE-2009-4436
+CVE-2009-4436 (Multiple SQL injection vulnerabilities in Active Web Softwares eWebqui ...)
 	NOT-FOR-US: Active Web Softwares eWebquiz
-CVE-2009-4435
+CVE-2009-4435 (Multiple directory traversal vulnerabilities in F3Site 2009 allow remo ...)
 	NOT-FOR-US: F3Site 2009
-CVE-2009-4434
+CVE-2009-4434 (Directory traversal vulnerability in index.php in IDevSpot iSupport 1. ...)
 	NOT-FOR-US: IDevSpot
-CVE-2009-4433
+CVE-2009-4433 (Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot iSuppo ...)
 	NOT-FOR-US: IDevSpot
-CVE-2009-4432
+CVE-2009-4432 (SQL injection vulnerability in index.php in CodeMight VideoCMS 3.1 all ...)
 	NOT-FOR-US: CodeMight VideoCMS
-CVE-2009-4431
+CVE-2009-4431 (PHP remote file inclusion vulnerability in cal_popup.php in the Anythi ...)
 	NOT-FOR-US: Joomla addon
-CVE-2009-4430
+CVE-2009-4430 (SQL injection vulnerability in index.php in VirtueMart 1.0 allows remo ...)
 	NOT-FOR-US: VirtueMart
-CVE-2009-4429
+CVE-2009-4429 (Cross-site scripting (XSS) vulnerability in the Sections module 5.x be ...)
 	NOT-FOR-US: Drupal addon
-CVE-2009-4428
+CVE-2009-4428 (SQL injection vulnerability in the JoomPortfolio (com_joomportfolio) c ...)
 	NOT-FOR-US: Joomla addon
-CVE-2009-4427
+CVE-2009-4427 (Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 a ...)
 	{DSA-1965-1}
 	- phpldapadmin 1.1.0.7-1.1 (medium; bug #561975)
 	[etch] - phpldapadmin <not-affected> (Vulnerable code not present)
-CVE-2009-4426
+CVE-2009-4426 (Multiple directory traversal vulnerabilities in Ignition 1.2, when mag ...)
 	NOT-FOR-US: Ignition
-CVE-2009-4425
+CVE-2009-4425 (Cross-site scripting (XSS) vulnerability in index.php in iDevCart 1.09 ...)
 	NOT-FOR-US: iDevCart
-CVE-2009-4424
+CVE-2009-4424 (SQL injection vulnerability in results.php in the Pyrmont plugin 2 for ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2009-XXXX [ampache DoS and CSRF]
 	- ampache 3.5.3-1 (low)
 	[lenny] - ampache <no-dsa> (minor issue)
-CVE-2009-4423
+CVE-2009-4423 (SQL injection vulnerability in index.php in weenCompany 4.0.0 allows r ...)
 	NOT-FOR-US: weenCompany
-CVE-2009-4422
+CVE-2009-4422 (Multiple cross-site scripting (XSS) vulnerabilities in the GetURLArgum ...)
 	- libphp-jpgraph <not-affected> (Vulnerable code not present)
-CVE-2009-4421
+CVE-2009-4421 (Directory traversal vulnerability in languages_cgi.php in Simple PHP B ...)
 	NOT-FOR-US: Simple PHP Blog
-CVE-2009-4420
+CVE-2009-4420 (Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Sec ...)
 	NOT-FOR-US: F5 Networks BIG-IP Application Security Manager (ASM) and Protocol Security Manager (PSM)
-CVE-2009-4419
+CVE-2009-4419 (Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SI ...)
 	NOT-FOR-US: Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets
-CVE-2009-4418
+CVE-2009-4418 (The unserialize function in PHP 5.3.0 and earlier allows context-depen ...)
 	- php5 <removed> (unimportant)
 	NOTE: Only exploitable by malicious script, not treated as a security issue
 	NOTE: per Debian PHP security policy
-CVE-2009-4417
+CVE-2009-4417 (The shutdown function in the Zend_Log_Writer_Mail class in Zend Framew ...)
 	NOTE: the CVE talks about the Zend Framework, but the culprit
 	NOTE: is actually piwik
-CVE-2009-4416
+CVE-2009-4416 (Cross-site scripting (XSS) vulnerability in login.php in phpGroupWare  ...)
 	{DSA-1978-1}
 	- phpgroupware 1:0.9.16.012+dfsg-9
-CVE-2009-4415
+CVE-2009-4415 (Multiple directory traversal vulnerabilities in phpGroupWare 0.9.16.12 ...)
 	{DSA-1978-1}
 	- phpgroupware 1:0.9.16.012+dfsg-9
-CVE-2009-4414
+CVE-2009-4414 (SQL injection vulnerability in phpgwapi /inc/class.auth_sql.inc.php in ...)
 	{DSA-1978-1}
 	- phpgroupware 1:0.9.16.012+dfsg-9
-CVE-2009-4412
+CVE-2009-4412 (Unrestricted file upload vulnerability in Serendipity before 1.5 allow ...)
 	- serendipity 1.5.3-1 (low; bug #562634)
-CVE-2009-4411
+CVE-2009-4411 (The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when runni ...)
 	- acl 2.2.49-2 (low; bug #499076)
 	[etch] - acl <not-affected> (Vulnerable code not present)
 	[lenny] - acl <no-dsa> (Minor issue, symlink attack not always as root)
 	NOTE: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499076#51
-CVE-2009-4409
+CVE-2009-4409 (The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP ...)
 	NOT-FOR-US: Internet Initiative Japan SEIL/B1 firmware
-CVE-2009-4408
+CVE-2009-4408 (Multiple cross-site scripting (XSS) vulnerabilities in models.parser i ...)
 	NOT-FOR-US: PyForum
-CVE-2009-4407
+CVE-2009-4407 (Multiple cross-site request forgery (CSRF) vulnerabilities in PyForum  ...)
 	NOT-FOR-US: PyForum
-CVE-2009-4406
+CVE-2009-4406 (Cross-site scripting (XSS) vulnerability in Forms/login1 in American P ...)
 	NOT-FOR-US: APC Switched Rack PDU AP7932 B2
-CVE-2009-4405
+CVE-2009-4405 (Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknow ...)
 	- trac 0.11.6-1 (low)
 	[lenny] - trac <no-dsa> (Minor information disclosure)
-CVE-2009-4404
+CVE-2009-4404 (Unspecified vulnerability in t-prot (TOFU Protection) before 2.8 allow ...)
 	- t-prot 2.8-1 (low)
 	[etch] - t-prot <no-dsa> (Minor issue)
 	[lenny] - t-prot <no-dsa> (Minor issue)
-CVE-2009-4403
+CVE-2009-4403 (Cross-site scripting (XSS) vulnerability in index.php in Rumba XML 1.8 ...)
 	NOT-FOR-US: Rumba XML
-CVE-2009-4402
+CVE-2009-4402 (The default configuration of SQL-Ledger 2.8.24 allows remote attackers ...)
 	- sql-ledger <unfixed> (unimportant; bug #562639)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2009-4410
+CVE-2009-4410 (The fuse_ioctl_copy_user function in the ioctl handler in fs/fuse/file ...)
 	- linux-2.6 2.6.32-1 (low)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.29)
-CVE-2009-4401
+CVE-2009-4401 (SQL injection vulnerability in the Parish Administration Database (ste ...)
 	NOT-FOR-US: ste_parish_admin typo3 extension
-CVE-2009-4400
+CVE-2009-4400 (Cross-site scripting (XSS) vulnerability in the Parish Administration  ...)
 	NOT-FOR-US: ste_parish_admin typo3 extension
-CVE-2009-4399
+CVE-2009-4399 (SQL injection vulnerability in the Parish of the Holy Spirit Religious ...)
 	NOT-FOR-US: hs_religiousartgallery typo3 extension
-CVE-2009-4398
+CVE-2009-4398 (Cross-site scripting (XSS) vulnerability in the Parish of the Holy Spi ...)
 	NOT-FOR-US: hs_religiousartgallery typo3 extension
-CVE-2009-4397
+CVE-2009-4397 (Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth  ...)
 	NOT-FOR-US: pd_resources typo3 extension
-CVE-2009-4396
+CVE-2009-4396 (SQL injection vulnerability in the Diocese of Portsmouth Resources Dat ...)
 	NOT-FOR-US: pd_resources typo3 extension
-CVE-2009-4395
+CVE-2009-4395 (Cross-site scripting (XSS) vulnerability in the Random Prayer 2 (ste_p ...)
 	NOT-FOR-US: ste_prayer2 typo3 extension
-CVE-2009-4394
+CVE-2009-4394 (SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) exten ...)
 	NOT-FOR-US: ste_prayer2 typo3 extension
-CVE-2009-4393
+CVE-2009-4393 (SQL injection vulnerability in the Document Directorys (danp_documentd ...)
 	NOT-FOR-US: danp_documentdirs
-CVE-2009-4392
+CVE-2009-4392 (SQL injection vulnerability in the XDS Staff List (xds_staff) extensio ...)
 	NOT-FOR-US: xds_staff typo3 extension
-CVE-2009-4391
+CVE-2009-4391 (Cross-site scripting (XSS) vulnerability in the File list (dr_blob) ex ...)
 	NOT-FOR-US: dr_blob typo3 extension
-CVE-2009-4390
+CVE-2009-4390 (SQL injection vulnerability in the Car (car) extension 0.1.1 for TYPO3 ...)
 	NOT-FOR-US: car typo3 extension
-CVE-2009-4389
+CVE-2009-4389 (Unspecified vulnerability in the Watchdog (aba_watchdog) extension 2.0 ...)
 	NOT-FOR-US: aba_watchdog typo3 extension
-CVE-2009-4388
+CVE-2009-4388 (Cross-site scripting (XSS) vulnerability in the ListMan (nl_listman) e ...)
 	NOT-FOR-US: nl_listman typo3 extension
-CVE-2009-4387
+CVE-2009-4387 (The cross-site scripting (XSS) protection mechanism in ShowInContentAr ...)
 	NOT-FOR-US: ManageEngine Password Manager Pro (PMP)
-CVE-2009-4386
+CVE-2009-4386 (SQL injection vulnerability in hotel_tiempolibre_ext.php in Venalsur B ...)
 	NOT-FOR-US: Venalsur Booking Centre Booking System
-CVE-2009-4385
+CVE-2009-4385 (Multiple cross-site request forgery (CSRF) vulnerabilities in Scriptse ...)
 	NOT-FOR-US: Scriptsez.net Ez Poll Hoster
-CVE-2009-4384
+CVE-2009-4384 (Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net E ...)
 	NOT-FOR-US: Scriptsez.net Ez Poll Hoster
-CVE-2009-4383
+CVE-2009-4383 (Directory traversal vulnerability in Pforum.php in Rocomotion P forum  ...)
 	NOT-FOR-US: Rocomotion P forum
-CVE-2009-4382
+CVE-2009-4382 (Cross-site scripting (XSS) vulnerability in module.php in PHPFABER CMS ...)
 	NOT-FOR-US: PHPFABER CMS
-CVE-2009-4381
+CVE-2009-4381 (Cross-site scripting (XSS) vulnerability in index.php in texmedia Mill ...)
 	NOT-FOR-US: texmedia Million Pixel Script
-CVE-2009-4380
+CVE-2009-4380 (Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3. ...)
 	NOT-FOR-US: Valarsoft Webmatic
-CVE-2009-4379
+CVE-2009-4379 (Multiple cross-site scripting (XSS) vulnerabilities in Valarsoft Webma ...)
 	NOT-FOR-US: Valarsoft Webmatic
-CVE-2009-4378
+CVE-2009-4378 (The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows  ...)
 	- wireshark <not-affected> (Windows-specific)
-CVE-2009-4377
+CVE-2009-4377 (The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 a ...)
 	{DSA-1983-1}
 	- wireshark 1.2.5-1
 	[etch] - wireshark <no-dsa> (Minor issue)
-CVE-2009-4376
+CVE-2009-4376 (Buffer overflow in the daintree_sna_read function in the Daintree SNA  ...)
 	- wireshark 1.2.5-1
 	[lenny] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
 	[etch] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
-CVE-2009-4375
+CVE-2009-4375 (SQL injection vulnerability in repository/repository_attachment.php in ...)
 	NOT-FOR-US: AlienVault Open Source Security Information Management
-CVE-2009-4374
+CVE-2009-4374 (Directory traversal vulnerability in repository/repository_attachment. ...)
 	NOT-FOR-US: AlienVault Open Source Security Information Management
-CVE-2009-4373
+CVE-2009-4373 (Unrestricted file upload vulnerability in repository/repository_attach ...)
 	NOT-FOR-US: AlienVault Open Source Security Information Management
-CVE-2009-4372
+CVE-2009-4372 (AlienVault Open Source Security Information Management (OSSIM) 2.1.5,  ...)
 	NOT-FOR-US: AlienVault Open Source Security Information Management
-CVE-2009-4371
+CVE-2009-4371 (Cross-site scripting (XSS) vulnerability in the Locale module (modules ...)
 	- drupal6 6.15-1 (low; bug #562165)
 	[lenny] - drupal6 6.6-3lenny4
 	- drupal5 5.21-1
 	[lenny] - drupal5 <no-dsa> (Minor issue, requires auth)
-CVE-2009-4370
+CVE-2009-4370 (Cross-site scripting (XSS) vulnerability in the Menu module (modules/m ...)
 	- drupal6 6.15-1 (low; bug #562165)
 	[lenny] - drupal6 6.6-3lenny4
 	- drupal5 5.21-1
 	[lenny] - drupal5 <no-dsa> (Minor issue, requires auth)
-CVE-2009-4369
+CVE-2009-4369 (Cross-site scripting (XSS) vulnerability in the Contact module (module ...)
 	- drupal6 6.15-1 (low; bug #562165)
 	[lenny] - drupal6 6.6-3lenny4
 	- drupal5 5.21-1 (low)
 	[lenny] - drupal5 <no-dsa> (Minor issue, requires auth)
-CVE-2009-4368
+CVE-2009-4368 (Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unk ...)
 	NOT-FOR-US: Centreon
-CVE-2009-4367
+CVE-2009-4367 (The Staging Webservice ("sitecore modules/staging/service/api.asmx") i ...)
 	NOT-FOR-US: Sitecore Staging Module
-CVE-2009-4366
+CVE-2009-4366 (Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez  ...)
 	NOT-FOR-US: ScriptsEz Ez Blog
-CVE-2009-4365
+CVE-2009-4365 (Multiple cross-site request forgery (CSRF) vulnerabilities in admin.ph ...)
 	NOT-FOR-US: ScriptsEz Ez Blog
-CVE-2009-4364
+CVE-2009-4364 (Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez  ...)
 	NOT-FOR-US: ScriptsEz Ez Blog
-CVE-2009-4363
+CVE-2009-4363 (Text_Filter/lib/Horde/Text/Filter/Xss.php in Horde Application Framewo ...)
 	{DSA-1966-1}
 	- horde3 3.3.6+debian0-1 (low)
-CVE-2009-4362
+CVE-2009-4362 (Multiple buffer overflows in qosmod in IBM AIX 6.1 allow local users t ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-4361
+CVE-2009-4361 (Multiple buffer overflows in qoslist in IBM AIX 6.1 allow local users  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-4360
+CVE-2009-4360 (SQL injection vulnerability in modules/content/index.php in the Conten ...)
 	NOT-FOR-US: XOOPS
-CVE-2009-4359
+CVE-2009-4359 (Cross-site scripting (XSS) vulnerability in folder.php in the SmartMed ...)
 	NOT-FOR-US: XOOPS
-CVE-2009-4358
+CVE-2009-4358 (freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure pe ...)
 	NOT-FOR-US: freebsd-update
-CVE-2009-4357
+CVE-2009-4357 (CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1  ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2009-4356
+CVE-2009-4356 (Multiple integer overflows in the jpeg.w5s and png.w5s filters in Wina ...)
 	NOT-FOR-US: Winamp
-CVE-2009-4355
+CVE-2009-4355 (Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib ...)
 	{DSA-1970-1}
 	- openssl 0.9.8k-8 (low)
 	[etch] - openssl <not-affected> (affects only 0.9.8f and later)
 	NOTE: apache2 packages in squeeze/sid do not seem to allow exploit
-CVE-2009-4354
+CVE-2009-4354 (TransWARE Active! mail 2003 build 2003.0139.0871 and earlier does not  ...)
 	NOT-FOR-US: TransWARE Active
-CVE-2009-4353
+CVE-2009-4353 (The Mobile Edition of TransWARE Active! mail 2003 build 2003.0139.0871 ...)
 	NOT-FOR-US: TransWARE Active
-CVE-2009-4352
+CVE-2009-4352 (Multiple cross-site scripting (XSS) vulnerabilities in TransWARE Activ ...)
 	NOT-FOR-US: TransWARE Active
-CVE-2009-4351
+CVE-2009-4351 (SQL injection vulnerability in ADMIN/loginaction.php in WSCreator 1.1, ...)
 	NOT-FOR-US: WSCreator
-CVE-2009-4350
+CVE-2009-4350 (SQL injection vulnerability in index.php in Arctic Issue Tracker 2.1.1 ...)
 	NOT-FOR-US: Arctic Issue Tracker
-CVE-2009-4349
+CVE-2009-4349 (Cross-site request forgery (CSRF) vulnerability in administration/admi ...)
 	NOT-FOR-US: Link Up Gold
-CVE-2009-4348
+CVE-2009-4348 (Cross-site scripting (XSS) vulnerability in index.php in Harold Bakker ...)
 	NOT-FOR-US: Harold Bakker's NewsScript
-CVE-2009-4347
+CVE-2009-4347 (Cross-site scripting (XSS) vulnerability in daloradius-users/login.php ...)
 	NOT-FOR-US: daloRADIUS
-CVE-2009-4346
+CVE-2009-4346 (Cross-site scripting (XSS) vulnerability in the Frontend news submitte ...)
 	NOT-FOR-US: fe_rtenews typo3 extension
-CVE-2009-4345
+CVE-2009-4345 (Cross-site scripting (XSS) vulnerability in the vShoutbox (vshoutbox)  ...)
 	NOT-FOR-US: vShoutbox typo3 extension
-CVE-2009-4344
+CVE-2009-4344 (Cross-site scripting (XSS) vulnerability in the ZID Linkliste (zid_lin ...)
 	NOT-FOR-US: zid_linklist typo3 extension
-CVE-2009-4343
+CVE-2009-4343 (Cross-site scripting (XSS) vulnerability in the Training Company Datab ...)
 	NOT-FOR-US: trainincdb typo3 extension
-CVE-2009-4342
+CVE-2009-4342 (SQL injection vulnerability in the Job Exchange (jobexchange) extensio ...)
 	NOT-FOR-US: jobexchange typo3 extension
-CVE-2009-4341
+CVE-2009-4341 (SQL injection vulnerability in the No indexed Search (no_indexed_searc ...)
 	NOT-FOR-US: no_indexed_search typo3 extension
-CVE-2009-4340
+CVE-2009-4340 (Cross-site scripting (XSS) vulnerability in the No indexed Search (no_ ...)
 	NOT-FOR-US: no_indexed_search typo3 extension
-CVE-2009-4339
+CVE-2009-4339 (SQL injection vulnerability in the Subscription (mf_subscription) exte ...)
 	NOT-FOR-US: mf_subscription typo3 extension
-CVE-2009-4338
+CVE-2009-4338 (SQL injection vulnerability in the Flash SlideShow (slideshow) extensi ...)
 	NOT-FOR-US: slideshow typo3 extension
-CVE-2009-4337
+CVE-2009-4337 (SQL injection vulnerability in the Diocese of Portsmouth Calendar (pd_ ...)
 	NOT-FOR-US: pd_calendar typo3 extension
-CVE-2009-4336
+CVE-2009-4336 (Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth  ...)
 	NOT-FOR-US: pd_calendar typo3 extension
-CVE-2009-4335
+CVE-2009-4335 (Multiple unspecified vulnerabilities in bundled stored procedures in t ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-4334
+CVE-2009-4334 (The Self Tuning Memory Manager (STMM) component in IBM DB2 9.1 before  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-4333
+CVE-2009-4333 (The Relational Data Services component in IBM DB2 9.5 before FP5 allow ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-4332
+CVE-2009-4332 (db2pd in the Problem Determination component in IBM DB2 9.1 before FP7 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-4331
+CVE-2009-4331 (The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 con ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-4330
+CVE-2009-4330 (Unspecified vulnerability in db2licm in the Engine Utilities component ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-4329
+CVE-2009-4329 (Unspecified vulnerability in the Engine Utilities component in IBM DB2 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-4328
+CVE-2009-4328 (Unspecified vulnerability in the DRDA Services component in IBM DB2 9. ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-4327
+CVE-2009-4327 (The Common Code Infrastructure component in IBM DB2 9.5 before FP5 and ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-4326
+CVE-2009-4326 (The RAND scalar function in the Common Code Infrastructure component i ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-4325
+CVE-2009-4325 (The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before ...)
 	NOT-FOR-US: IBM DB2
 CVE-2009-XXXX [libhaml-ruby XSS issue]
 	- libhaml-ruby 2.2.8-1
 CVE-2009-XXXX [roundup: unspecified issue]
 	- roundup 1.4.11-1
-CVE-2009-4324
+CVE-2009-4324 (Use-after-free vulnerability in the Doc.media.newPlayer method in Mult ...)
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-4323
+CVE-2009-4323 (The installation for Zen Cart stores sensitive information and insecur ...)
 	NOT-FOR-US: Zen Cart
-CVE-2009-4322
+CVE-2009-4322 (extras/ipn_test_return.php in Zen Cart allows remote attackers to obta ...)
 	NOT-FOR-US: Zen Cart
-CVE-2009-4321
+CVE-2009-4321 (extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other v ...)
 	NOT-FOR-US: Zen Cart
-CVE-2009-4320
+CVE-2009-4320 (Cross-site scripting (XSS) vulnerability in searchform.php in The Next ...)
 	NOT-FOR-US: The Next Generation of Genealogy Sitebuilding
-CVE-2009-4319
+CVE-2009-4319 (PHP remote file inclusion vulnerability in js/bbcodepress/bbcode-form. ...)
 	NOT-FOR-US: eoCMS
-CVE-2009-4318
+CVE-2009-4318 (Cross-site scripting (XSS) vulnerability in index.php in Real Estate M ...)
 	NOT-FOR-US: Real Estate Manager
-CVE-2009-4317
+CVE-2009-4317 (Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez  ...)
 	NOT-FOR-US: ScriptsEz
-CVE-2009-4316
+CVE-2009-4316 (Cross-site scripting (XSS) vulnerability in searchresults_main.php in  ...)
 	NOT-FOR-US: ZeeLyrics
-CVE-2009-4315
+CVE-2009-4315 (Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS ...)
 	NOT-FOR-US: Nuggetz CMS
-CVE-2009-4314
+CVE-2009-4314 (Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group  ...)
 	NOT-FOR-US: Sun Ray Server Software
-CVE-2009-4313
+CVE-2009-4313 (ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-4312
+CVE-2009-4312 (Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-4311
+CVE-2009-4311 (Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-4310
+CVE-2009-4310 (Stack-based buffer overflow in the Intel Indeo41 codec for Windows Med ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-4309
+CVE-2009-4309 (Heap-based buffer overflow in the Intel Indeo41 codec for Windows Medi ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-4308
+CVE-2009-4308 (The ext4_decode_error function in fs/ext4/super.c in the ext4 filesyst ...)
 	{DSA-2005-1}
 	- linux-2.6 2.6.32-1 (medium)
 	[etch] - linux-2.6 <not-affected> (ext4 introduced in 2.6.19)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-4307
+CVE-2009-4307 (The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kerne ...)
 	{DSA-2443-1}
 	- linux-2.6 2.6.32-2 (low)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.27)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.27)
 	- linux-2.6.24 <not-affected> (vulnerabile code introduced in 2.6.27)
-CVE-2009-4306
+CVE-2009-4306 (Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move extents)  ...)
 	- linux-2.6 2.6.32-2 (medium)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
@@ -1974,30 +1974,30 @@ CVE-2009-4276
 	REJECTED
 CVE-2009-4275
 	REJECTED
-CVE-2009-4274
+CVE-2009-4274 (Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm befo ...)
 	{DSA-2026-1 DTSA-206-1}
 	- netpbm-free 2:10.0-12.2 (medium; bug #569060)
-CVE-2009-4273
+CVE-2009-4273 (stap-server in SystemTap before 1.1 allows remote attackers to execute ...)
 	- systemtap 1.1-1 (bug #568865)
 	[lenny] - systemtap <not-affected> (Server component not yet present)
 	[etch] - systemtap <not-affected> (Server component not yet present)
-CVE-2009-4272
+CVE-2009-4272 (A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.1 ...)
 	- linux-2.6 2.6.31-1 (medium)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.27)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.27)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.27)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=545411
-CVE-2009-4271
+CVE-2009-4271 (The Linux kernel 2.6.9 through 2.6.17 on the x86_64 and amd64 platform ...)
 	- linux-2.6 2.6.18-1
-CVE-2009-4270
+CVE-2009-4270 (Stack-based buffer overflow in the errprintf function in base/gsmisc.c ...)
 	{DSA-2080-1}
 	- ghostscript 8.70~dfsg-2.1 (medium; bug #562643)
-CVE-2009-4269
+CVE-2009-4269 (The password hash generation algorithm in the BUILTIN authentication f ...)
 	- derby <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://issues.apache.org/jira/browse/DERBY-4483
 CVE-2009-4268
 	REJECTED
-CVE-2009-4267
+CVE-2009-4267 (The console in Apache jUDDI 3.0.0 does not properly escape line feeds, ...)
 	NOT-FOR-US: Apache jUDDI
 CVE-2009-XXXX [gnome-screensaver inhibitor not removed when connection is closed]
 	- gnome-screensaver 2.28.0-2 (low; bug #560895)
@@ -2005,7 +2005,7 @@ CVE-2009-XXXX [gnome-screensaver inhibitor not removed when connection is closed
 	[lenny] - gnome-screensaver <not-affected> (vulnerable code introduced in 2.28)
 	NOTE: the code in etch's version is more different but it seems to be affected
 	NOTE: http://git.gnome.org/browse/gnome-screensaver/commit/?id=284c9924969a49dbf2d5fae1d680d3310c4df4a3
-CVE-2009-5018
+CVE-2009-5018 (Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier  ...)
 	- gif2png 2.5.2-1 (low; bug #550978)
 	[etch] - gif2png <no-dsa> (minor issue)
 	[lenny] - gif2png <no-dsa> (minor issue)
@@ -2022,7 +2022,7 @@ CVE-2009-XXXX [browser-based css info disclosure]
 	NOTE: Minor design issue
 CVE-2009-XXXX [xpat2: save game permissions issue]
 	- xpat2 1.07-17 (unimportant; bug #560087)
-CVE-2009-4144
+CVE-2009-4144 (NetworkManager (NM) 0.7.2 does not ensure that the configured Certific ...)
 	- network-manager-applet 0.7.2-2 (low; bug #560067)
 	[lenny] - network-manager-applet <not-affected> (WPA/enterprise was added in 0.7.2)
 	- network-manager <not-affected> (vulnerable code is in -applet, which is a source package on its own as of 0.6.5)
@@ -2033,67 +2033,67 @@ CVE-2009-XXXX [unsafe xfs]
 CVE-2009-XXXX [xserver-xorg: inherits user's mask]
 	- xorg-server 2:1.7.2-1 (low; bug #555308)
 	[lenny] - xorg-server 2:1.4.2-10.lenny3
-CVE-2009-4296
+CVE-2009-4296 (SQL injection vulnerability in the Taxonomy Timer module 5.x-1.8 and e ...)
 	NOT-FOR-US: Taxonomy Timer module for Drupal
-CVE-2009-4295
+CVE-2009-4295 (Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA pri ...)
 	NOT-FOR-US: Sun Ray Server Software
-CVE-2009-4294
+CVE-2009-4294 (Unspecified vulnerability in the Authentication Manager (aka utauthd)  ...)
 	NOT-FOR-US: Sun Ray Server Software
-CVE-2009-4293
+CVE-2009-4293 (Internet Initiative Japan SEIL/X1, SEIL/X2, and SEIL/B1 firmware 2.30  ...)
 	NOT-FOR-US: Internet Initiative Japan
-CVE-2009-4292
+CVE-2009-4292 (Buffer overflow in the URL filtering function in Internet Initiative J ...)
 	NOT-FOR-US: Internet Initiative Japan
-CVE-2009-4266
+CVE-2009-4266 (Cross-site scripting (XSS) vulnerability in search.php in YABSoft Adva ...)
 	NOT-FOR-US: YABSoft Advanced Image Hosting (AIH) Script
-CVE-2009-4265
+CVE-2009-4265 (Stack-based buffer overflow in Ideal Administration 2009 9.7.1, and po ...)
 	NOT-FOR-US: Ideal Administration
-CVE-2009-4264
+CVE-2009-4264 (PHP remote file inclusion vulnerability in components/core/connect.php ...)
 	NOT-FOR-US: AROUNDMe
-CVE-2009-4263
+CVE-2009-4263 (SQL injection vulnerability in main_forum.php in PTCPay GeN3 forum 1.3 ...)
 	NOT-FOR-US: PTCPay
-CVE-2009-4262
+CVE-2009-4262 (Harold Bakker's NewsScript (HB-NS) 1.3 allows remote attackers to obta ...)
 	NOT-FOR-US: Harold Bakker's Newscript HB-NS
 CVE-2009-XXXX [php-net-ping argument injection]
 	- php-net-ping 2.4.2-1.1 (medium)
 	[etch] - php-net-ping 2.4.2-1+etch1
 	[lenny] - php-net-ping 2.4.2-1+lenny1
-CVE-2009-4305
+CVE-2009-4305 (SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1 ...)
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (medium; bug #559531)
 	NOTE: MSA-09-0031
-CVE-2009-4304
+CVE-2009-4304 (Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random pa ...)
 	{DSA-2115-1}
 	- moodle 1.9.8-1 (bug #559531)
 	[lenny] - moodle <no-dsa> (Minor issue)
 	[etch] - moodle <no-dsa> (Minor issue)
 	NOTE: MSA-09-0029
-CVE-2009-4303
+CVE-2009-4303 (Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores (1) password hash ...)
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (bug #559531)
 	NOTE: MSA-09-0028
-CVE-2009-4302
+CVE-2009-4302 (login/index_form.html in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 ...)
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (bug #559531)
 	NOTE: MSA-09-0027
-CVE-2009-4301
+CVE-2009-4301 (mnet/lib.php in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7, when MN ...)
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (bug #559531)
 	NOTE: MSA-09-0026
-CVE-2009-4300
+CVE-2009-4300 (Multiple unspecified authentication plugins in Moodle 1.8 before 1.8.1 ...)
 	{DSA-2115-1}
 	- moodle 1.9.8-1 (bug #559531)
 	[lenny] - moodle <no-dsa> (Minor issue)
 	[etch] - moodle <no-dsa> (Minor issue)
 	NOTE: MSA-09-0025
-CVE-2009-4299
+CVE-2009-4299 (mod/glossary/showentry.php in the Glossary module for Moodle 1.8 befor ...)
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (bug #559531)
 	NOTE: MSA-09-0024
-CVE-2009-4298
+CVE-2009-4298 (The LAMS module (mod/lams) for Moodle 1.8 before 1.8.11 and 1.9 before ...)
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (bug #559531)
 	NOTE: MSA-09-0023
-CVE-2009-4297
+CVE-2009-4297 (Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 1 ...)
 	{DSA-1986-1}
 	- moodle 1.8.2.dfsg-6 (bug #559531)
 	NOTE: MSA-09-0022
@@ -2103,7 +2103,7 @@ CVE-2009-5042 [docutils insecure usage of temporary files]
 	[etch] - python-docutils <not-affected> (vulnerable code introduced in 0.5)
 	[lenny] - python-docutils 0.5-2+lenny1
 	NOTE: cve requested
-CVE-2009-4261
+CVE-2009-4261 (Multiple directory traversal vulnerabilities in the iallocator framewo ...)
 	{DSA-1959-1}
 	- ganeti 2.0.5-1 (low)
 	NOTE: http://www.ocert.org/advisories/ocert-2009-019.html
@@ -2113,278 +2113,278 @@ CVE-2009-4259
 	RESERVED
 CVE-2009-4258
 	RESERVED
-CVE-2009-4257
+CVE-2009-4257 (Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlre ...)
 	NOT-FOR-US: RealPlayer
-CVE-2009-4256
+CVE-2009-4256 (Multiple SQL injection vulnerabilities in cource.php in AlefMentor 2.0 ...)
 	NOT-FOR-US: AlefMentor
-CVE-2009-4255
+CVE-2009-4255 (Cross-site scripting (XSS) vulnerability in the You!Hostit! template 1 ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-4254
+CVE-2009-4254 (PowerPhlogger 2.2.5 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: PowerPhlogger
-CVE-2009-4253
+CVE-2009-4253 (Cross-site scripting (XSS) vulnerability in dspStats.php in PowerPhlog ...)
 	NOT-FOR-US: PowerPhlogger
-CVE-2009-4252
+CVE-2009-4252 (Cross-site scripting (XSS) vulnerability in images.php in Image Hostin ...)
 	NOT-FOR-US: Image Hosting Script DPI
-CVE-2009-4251
+CVE-2009-4251 (Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Pai ...)
 	NOT-FOR-US: Jasc Paint Shop Pro
-CVE-2009-4250
+CVE-2009-4250 (Multiple cross-site scripting (XSS) vulnerabilities in CutePHP CuteNew ...)
 	NOT-FOR-US: CuteNews
-CVE-2009-4249
+CVE-2009-4249 (Multiple cross-site scripting (XSS) vulnerabilities in CutePHP CuteNew ...)
 	NOT-FOR-US: CuteNews
-CVE-2009-4248
+CVE-2009-4248 (Buffer overflow in the RTSPProtocol::HandleSetParameterRequest functio ...)
 	NOT-FOR-US: RealPlayer
-CVE-2009-4247
+CVE-2009-4247 (Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetwo ...)
 	NOT-FOR-US: RealPlayer
-CVE-2009-4246
+CVE-2009-4246 (Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer  ...)
 	NOT-FOR-US: RealPlayer
-CVE-2009-4245
+CVE-2009-4245 (Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 1 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2009-4244
+CVE-2009-4244 (Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 1 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2009-4243
+CVE-2009-4243 (RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2009-4242
+CVE-2009-4242 (Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function  ...)
 	NOT-FOR-US: RealPlayer
-CVE-2009-4241
+CVE-2009-4241 (Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 1 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2009-4240
+CVE-2009-4240 (Multiple buffer overflows in unspecified setuid executables in the Dat ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2009-4239
+CVE-2009-4239 (Cross-site scripting (XSS) vulnerability in the Web console in IBM Inf ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2009-4238
+CVE-2009-4238 (Multiple SQL injection vulnerabilities in TestLink before 1.8.5 allow  ...)
 	NOT-FOR-US: TestLink
-CVE-2009-4237
+CVE-2009-4237 (Multiple cross-site scripting (XSS) vulnerabilities in TestLink before ...)
 	NOT-FOR-US: TestLink
-CVE-2009-4236
+CVE-2009-4236 (The process function in data/class/pages/admin/customer/LC_Page_Admin_ ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2009-4235
+CVE-2009-4235 (acpid 1.0.4 sets an unrestrictive umask, which might allow local users ...)
 	{DSA-1960-1}
 	- acpid 1.0.6 (low; bug #560771)
 	NOTE: all versions set umask(0), might be worth double-checking what it opens
-CVE-2009-4234
+CVE-2009-4234 (Cross-site scripting (XSS) vulnerability in loginpages/error_user.shtm ...)
 	NOT-FOR-US: Micronet Network Access Controller
-CVE-2009-4233
+CVE-2009-4233 (Cross-site scripting (XSS) vulnerability in modules/mod_yj_whois.php i ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-4232
+CVE-2009-4232 (The Kide Shoutbox (com_kide) component 0.4.6 for Joomla! does not prop ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-4231
+CVE-2009-4231 (Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0 ...)
 	NOT-FOR-US: SweetRice
-CVE-2009-4230
+CVE-2009-4230 (Multiple stack-based buffer overflows in src/Task.cc in the FastCGI pr ...)
 	NOT-FOR-US: IIPImage Server
-CVE-2009-4229
+CVE-2009-4229 (Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bi ...)
 	NOT-FOR-US: ActiveWebSoftwares Active Bids
-CVE-2009-4226
+CVE-2009-4226 (Race condition in the IP module in the kernel in Sun OpenSolaris snv_1 ...)
 	NOT-FOR-US: OpenSolaris kernel
-CVE-2009-4225
+CVE-2009-4225 (Stack-based buffer overflow in the PestPatrol ActiveX control (ppctl.d ...)
 	NOT-FOR-US: PestPatrol
-CVE-2009-4228
+CVE-2009-4228 (Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlie ...)
 	- xfig <unfixed> (unimportant)
-CVE-2009-4227
+CVE-2009-4227 (Stack-based buffer overflow in the read_1_3_textobject function in f_r ...)
 	- xfig 1:3.2.5.b-1 (low; bug #559274)
 	[lenny] - xfig <no-dsa> (Minor issue)
 	[etch] - xfig <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=543905
-CVE-2009-4413
+CVE-2009-4413 (The httpClientDiscardBody function in client.c in Polipo 0.9.8, 0.9.12 ...)
 	{DSA-2002-1}
 	- polipo 1.0.4-2 (low; bug #560779)
 	[etch] - polipo <no-dsa> (Minor issue)
 	[lenny] - polipo <no-dsa> (Minor issue)
-CVE-2009-4224
+CVE-2009-4224 (Multiple PHP remote file inclusion vulnerabilities in SweetRice 0.5.4, ...)
 	NOT-FOR-US: SweetRice
-CVE-2009-4223
+CVE-2009-4223 (PHP remote file inclusion vulnerability in adm/krgourl.php in KR-Web 1 ...)
 	NOT-FOR-US: KR-Web
-CVE-2009-4222
+CVE-2009-4222 (phpBazar 2.1.1fix and earlier does not require administrative authenti ...)
 	NOT-FOR-US: phpBazar
-CVE-2009-4221
+CVE-2009-4221 (SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and ...)
 	NOT-FOR-US: phpBazar
-CVE-2009-4220
+CVE-2009-4220 (PHP remote file inclusion vulnerability in includes/classes/pctemplate ...)
 	NOT-FOR-US: PointComma
-CVE-2009-4219
+CVE-2009-4219 (Stack-based buffer overflow in the MYACTIVEX.MyActiveXCtrl.1 ActiveX c ...)
 	NOT-FOR-US: Haihaisoft Universal Player
-CVE-2009-4218
+CVE-2009-4218 (Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Ba ...)
 	NOT-FOR-US: JiRo's Banner System eXperience (JBSX)
-CVE-2009-4217
+CVE-2009-4217 (SQL injection vulnerability in the Itamar Elharar MusicGallery (com_mu ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-4216
+CVE-2009-4216 (Directory traversal vulnerability in funzioni/lib/menulast.php in klin ...)
 	NOT-FOR-US: klinza
-CVE-2009-4215
+CVE-2009-4215 (Panda Global Protection 2010, Internet Security 2010, and Antivirus Pr ...)
 	NOT-FOR-US: Panda
 CVE-2009-4213
 	RESERVED
-CVE-2009-4212
+CVE-2009-4212 (Multiple integer underflows in the (1) AES and (2) RC4 decryption func ...)
 	{DSA-1969-1}
 	- krb5 1.8+dfsg~alpha1-1
-CVE-2009-4211
+CVE-2009-4211 (The U.S. Defense Information Systems Agency (DISA) Security Readiness  ...)
 	NOT-FOR-US: U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script
-CVE-2009-4210
+CVE-2009-4210 (The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-4209
+CVE-2009-4209 (Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php ...)
 	NOT-FOR-US: moziloCMS
-CVE-2009-4208
+CVE-2009-4208 (SQL injection vulnerability in the os_news module in Open-school (OS)  ...)
 	NOT-FOR-US: Open-school
-CVE-2009-4207
+CVE-2009-4207 (Cross-site scripting (XSS) vulnerability in the Webform module 5.x bef ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4206
+CVE-2009-4206 (SQL injection vulnerability in admin.link.modify.php in Million Dollar ...)
 	NOT-FOR-US: Million Dollar Text Links
-CVE-2009-4205
+CVE-2009-4205 (Directory traversal vulnerability in admin.php in Flashlight Free Edit ...)
 	NOT-FOR-US: Flashlight Free Edition
-CVE-2009-4204
+CVE-2009-4204 (SQL injection vulnerability in read.php in Flashlight Free Edition all ...)
 	NOT-FOR-US: Flashlight Free Edition
-CVE-2009-4203
+CVE-2009-4203 (Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php  ...)
 	NOT-FOR-US: Arab Portal
-CVE-2009-4202
+CVE-2009-4202 (Directory traversal vulnerability in the Omilen Photo Gallery (com_omp ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-4201
+CVE-2009-4201 (Multiple stack-based buffer overflows in Mp3 Tag Assistant Professiona ...)
 	NOT-FOR-US: Mp3 Tag Assistant Professional
-CVE-2009-4200
+CVE-2009-4200 (SQL injection vulnerability in the Seminar (com_seminar) component 1.2 ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-4199
+CVE-2009-4199 (Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos  ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-4198
+CVE-2009-4198 (SQL injection vulnerability in my_orders.php in MyMiniBill allows remo ...)
 	NOT-FOR-US: MyMiniBill
-CVE-2009-4197
+CVE-2009-4197 (rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7 ...)
 	NOT-FOR-US: Huawei MT882 V100R002B020
-CVE-2009-4196
+CVE-2009-4196 (Multiple cross-site scripting (XSS) vulnerabilities in multiple script ...)
 	NOT-FOR-US: Huawei MT882 V100R002B020
-CVE-2009-4195
+CVE-2009-4195 (Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlie ...)
 	NOT-FOR-US: Adobe Illustrator
-CVE-2009-4194
+CVE-2009-4194 (Directory traversal vulnerability in Golden FTP Server 4.30 Free and P ...)
 	NOT-FOR-US: Golden FTP
-CVE-2009-4192
+CVE-2009-4192 (Directory traversal vulnerability in dialog/file_manager.php in Inters ...)
 	NOT-FOR-US: Interspire Knowledge Manager
-CVE-2009-4191
+CVE-2009-4191 (Unspecified vulnerability in the kernel in Sun Solaris 10 and OpenSola ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-4190
+CVE-2009-4190 (Unspecified vulnerability in the kernel in Sun OpenSolaris 2009.06 all ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-4189
+CVE-2009-4189 (HP Operations Manager has a default password of OvW*busr1 for the ovwe ...)
 	NOT-FOR-US: HP Operations Manager
-CVE-2009-4188
+CVE-2009-4188 (HP Operations Dashboard has a default password of j2deployer for the j ...)
 	NOT-FOR-US: HP Operations Dashboard
-CVE-2009-4187
+CVE-2009-4187 (Multiple cross-site scripting (XSS) vulnerabilities in the Gateway com ...)
 	NOT-FOR-US: Sun Java System Portal Server
-CVE-2009-4186
+CVE-2009-4186 (Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allow ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-4185
+CVE-2009-4185 (Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in H ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2009-4184
+CVE-2009-4184 (Unspecified vulnerability in HP Enterprise Cluster Master Toolkit (ECM ...)
 	NOT-FOR-US: HP Enterprise Cluster Master Toolkit
-CVE-2009-4183
+CVE-2009-4183 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.00 a ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2009-4182
+CVE-2009-4182 (Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a r ...)
 	NOT-FOR-US: HP Web Jetadmin
-CVE-2009-4181
+CVE-2009-4181 (Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-4180
+CVE-2009-4180 (Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network N ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-4179
+CVE-2009-4179 (Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-4178
+CVE-2009-4178 (Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Nod ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-4177
+CVE-2009-4177 (Buffer overflow in webappmon.exe in HP OpenView Network Node Manager ( ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-4176
+CVE-2009-4176 (Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenVie ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-4175
+CVE-2009-4175 (CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote atta ...)
 	NOT-FOR-US: CuteNews
-CVE-2009-4174
+CVE-2009-4174 (The editnews module in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews befor ...)
 	NOT-FOR-US: CuteNews
-CVE-2009-4173
+CVE-2009-4173 (Cross-site request forgery (CSRF) vulnerability in CutePHP CuteNews 1. ...)
 	NOT-FOR-US: CuteNews
-CVE-2009-4172
+CVE-2009-4172 (Cross-site scripting (XSS) vulnerability in index.php in CutePHP CuteN ...)
 	NOT-FOR-US: CuteNews
-CVE-2009-4171
+CVE-2009-4171 (An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.21 ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-4170
+CVE-2009-4170 (WP-Cumulus Plug-in 1.20 for WordPress, and possibly other versions, al ...)
 	NOT-FOR-US: WP-Cumulus Plug-in 1.20 for WordPress
-CVE-2009-4169
+CVE-2009-4169 (Cross-site scripting (XSS) vulnerability in wp-cumulus.php in the WP-C ...)
 	NOT-FOR-US: WP-Cumulus Plug-in 1.20 for WordPress
-CVE-2009-4168
+CVE-2009-4168 (Cross-site scripting (XSS) vulnerability in Roy Tanck tagcloud.swf, as ...)
 	NOT-FOR-US: WP-Cumulus Plug-in 1.20 for WordPress
-CVE-2009-4167
+CVE-2009-4167 (Unspecified vulnerability in the Automatic Base Tags for RealUrl (lt_b ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4166
+CVE-2009-4166 (SQL injection vulnerability in the Trips (mchtrips) extension 2.0.0 fo ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4165
+CVE-2009-4165 (SQL injection vulnerability in the simple Glossar (simple_glossar) ext ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4164
+CVE-2009-4164 (Cross-site scripting (XSS) vulnerability in the simple Glossar (simple ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4163
+CVE-2009-4163 (SQL injection vulnerability in the TW Productfinder (tw_productfinder) ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4162
+CVE-2009-4162 (Unspecified vulnerability in the DB Integration (wfqbe) extension 1.3. ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4161
+CVE-2009-4161 (Cross-site scripting (XSS) vulnerability in the [AN] Search it! (an_se ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4160
+CVE-2009-4160 (Unspecified vulnerability in the Simple download-system with counter a ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4159
+CVE-2009-4159 (Cross-site scripting (XSS) vulnerability in the newsletter configurati ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4158
+CVE-2009-4158 (SQL injection vulnerability in the Calendar Base (cal) extension befor ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2009-4157
+CVE-2009-4157 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in th ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-4156
+CVE-2009-4156 (PHP remote file inclusion vulnerability in modules/pms/index.php in Ci ...)
 	NOT-FOR-US: Ciamos CMS
-CVE-2009-4155
+CVE-2009-4155 (Multiple SQL injection vulnerabilities in Eshopbuilde CMS allow remote ...)
 	NOT-FOR-US: Eshopbuilde
-CVE-2009-4154
+CVE-2009-4154 (Directory traversal vulnerability in includes/feedcreator.class.php in ...)
 	NOT-FOR-US: Elxis CMS
-CVE-2009-4153
+CVE-2009-4153 (Unspecified vulnerability in the XMLAccess component in IBM WebSphere  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-4152
+CVE-2009-4152 (Cross-site scripting (XSS) vulnerability in the Collaboration componen ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-4151
+CVE-2009-4151 (Session fixation vulnerability in html/Elements/SetupSessionCookie in  ...)
 	{DSA-1944-1}
 	- request-tracker3.6 3.6.9-2 (low)
 	- request-tracker3.4 <removed>
-CVE-2009-4150
+CVE-2009-4150 (dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-4149
+CVE-2009-4149 (Cross-site scripting (XSS) vulnerability in the web interface in CA Se ...)
 	NOT-FOR-US: CA Service Desk
-CVE-2009-4148
+CVE-2009-4148 (DAZ Studio 2.3.3.161, 2.3.3.163, and 3.0.1.135 allows remote attackers ...)
 	NOT-FOR-US: DAZ Studio
-CVE-2009-4147
+CVE-2009-4147 (The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld- ...)
 	- kfreebsd-6 <not-affected> (the affected file -rtld.c-  is not in the archive, not even kFreeBSD)
-CVE-2009-4146
+CVE-2009-4146 (The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld- ...)
 	- kfreebsd-6 <not-affected> (the affected file -rtld.c-  is not in the archive, not even kFreeBSD)
-CVE-2009-4145
+CVE-2009-4145 (nm-connection-editor in NetworkManager (NM) 0.7.x exports connection o ...)
 	- network-manager-applet 0.7.2-2 (low; bug #563371)
 	- network-manager <not-affected> (-editor introduced in 0.7 on the -applet package)
 	[lenny] - network-manager-applet <not-affected> (-editor was introduced in 0.7)
-CVE-2009-4143
+CVE-2009-4143 (PHP before 5.2.12 does not properly handle session data, which has uns ...)
 	{DSA-2001-1}
 	- php5 5.2.12.dfsg.1-1 (low)
-CVE-2009-4142
+CVE-2009-4142 (The htmlspecialchars function in PHP before 5.2.12 does not properly h ...)
 	{DSA-2001-1}
 	- php5 5.2.12.dfsg.1-1 (medium)
-CVE-2009-4141
+CVE-2009-4141 (Use-after-free vulnerability in the fasync_helper function in fs/fcntl ...)
 	- linux-2.6 2.6.32-6
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.28)
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=53281b6d3
-CVE-2009-4140
+CVE-2009-4140 (Unrestricted file upload vulnerability in ofc_upload_image.php in Open ...)
 	- piwik <itp> (bug #506933)
-CVE-2009-4139
+CVE-2009-4139 (Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java  ...)
 	NOT-FOR-US: spacewalk-java
-CVE-2009-4138
+CVE-2009-4138 (drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when p ...)
 	{DSA-2005-1}
 	- linux-2.6 2.6.32-3 (medium)
 	[etch] - linux-2.6 <not-affected> (ohci introduced in 2.6.22)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-4137
+CVE-2009-4137 (The loadContentFromCookie function in core/Cookie.php in Piwik before  ...)
 	- piwik <itp> (bug #506933)
-CVE-2009-4136
+CVE-2009-4136 (PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1. ...)
 	{DSA-1964-1}
 	- postgresql-7.4 <removed>
 	- postgresql-8.1 <removed>
 	- postgresql-8.2 <removed>
 	- postgresql-8.3 8.3.9-1 (low)
 	- postgresql-8.4 8.4.2-1 (low)
-CVE-2009-4135
+CVE-2009-4135 (The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 ...)
 	- coreutils <not-affected> (this issue only affects the coreutils build process; bug #560898)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=545439
-CVE-2009-4134
+CVE-2009-4134 (Buffer underflow in the rgbimg module in Python 2.5 allows remote atta ...)
 	- python3.1 <not-affected> (rgbimgmodule no longer included in source)
 	- python2.7 <not-affected> (rgbimgmodule no longer included in source)
 	- python2.6 <not-affected> (rgbimgmodule no longer included in source)
@@ -2392,11 +2392,11 @@ CVE-2009-4134
 	[lenny] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 <removed> (low)
 	[lenny] - python2.4 <no-dsa> (Minor issue)
-CVE-2009-4133
+CVE-2009-4133 (Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for ...)
 	- condor <not-affected> (Fixed before initial upload to archive)
 CVE-2009-4132
 	REJECTED
-CVE-2009-4131
+CVE-2009-4131 (The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the e ...)
 	- linux-2.6 2.6.32-2 (medium)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.31)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.31)
@@ -2404,23 +2404,23 @@ CVE-2009-4131
 CVE-2009-XXXX [monkey DoS]
 	- monkey 0.9.3-1 (low)
 	[lenny] - monkey <no-dsa> (Minor issue, fringe package)
-CVE-2009-4130
+CVE-2009-4130 (Visual truncation vulnerability in the MakeScriptDialogTitle function  ...)
 	- xulrunner <undetermined> (bug #565521)
 	[wheezy] - xulrunner <end-of-life> (no detailed information available)
-CVE-2009-4129
+CVE-2009-4129 (Race condition in Mozilla Firefox allows remote attackers to produce a ...)
 	- xulrunner <undetermined> (bug #565521)
 	[wheezy] - xulrunner <end-of-life> (no detailed information available)
-CVE-2009-4128
+CVE-2009-4128 (GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted ...)
 	- grub2 1.97+20091115-1 (bug #555195)
 	[lenny] - grub2 <not-affected> (Password authentication not yet present)
 	- grub <not-affected> (only affects grub2)
-CVE-2009-4127
+CVE-2009-4127 (Unspecified vulnerability in Wikipedia Toolbar extension before 0.5.9. ...)
 	NOT-FOR-US: Wikipedia Toolbar extension for Firefox
 CVE-2009-4126
 	RESERVED
 CVE-2009-4125
 	RESERVED
-CVE-2009-4124
+CVE-2009-4124 (Heap-based buffer overflow in the rb_str_justify function in string.c  ...)
 	- ruby1.9.1 1.9.1.376-1
 	- ruby1.9 <removed> (bug #572817)
 	- ruby1.8 <not-affected>
@@ -2429,116 +2429,116 @@ CVE-2009-4123
 	RESERVED
 CVE-2009-4122
 	RESERVED
-CVE-2009-4121
+CVE-2009-4121 (Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.CM ...)
 	NOT-FOR-US: Quick CMS
-CVE-2009-4120
+CVE-2009-4120 (Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.Ca ...)
 	NOT-FOR-US: Quick.Cart
-CVE-2009-4119
+CVE-2009-4119 (Cross-site scripting (XSS) vulnerability in Feed Element Mapper module ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4118
+CVE-2009-4118 (The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.ex ...)
 	NOT-FOR-US: Cisco VPN client for Windows
-CVE-2009-4117
+CVE-2009-4117 (Multiple stack-based buffer overflows in pdf_shade4.c in MuPDF before  ...)
 	NOT-FOR-US: MuPDF
-CVE-2009-4116
+CVE-2009-4116 (Multiple directory traversal vulnerabilities in CutePHP CuteNews 1.4.6 ...)
 	NOT-FOR-US: CutePHP
-CVE-2009-4115
+CVE-2009-4115 (Multiple static code injection vulnerabilities in the Categories modul ...)
 	NOT-FOR-US: CutePHP CuteNews
-CVE-2009-4114
+CVE-2009-4114 (kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other ver ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2009-4113
+CVE-2009-4113 (Static code injection vulnerability in the Categories module in CutePH ...)
 	NOT-FOR-US: CutePHP CuteNews
-CVE-2009-4110
+CVE-2009-4110 (Cross-site scripting (XSS) vulnerability in the search functionality i ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2009-4109
+CVE-2009-4109 (The install wizard in DotNetNuke 4.0 through 5.1.4 does not prevent an ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2009-4108
+CVE-2009-4108 (XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to ...)
 	NOT-FOR-US: XM Easy Personal FTP Server
-CVE-2009-4107
+CVE-2009-4107 (Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted remo ...)
 	NOT-FOR-US: Invisible Browsing
-CVE-2009-4106
+CVE-2009-4106 (Unrestricted file upload vulnerability in admintools/editpage-2.php in ...)
 	NOT-FOR-US: Agoko CMS
-CVE-2009-4105
+CVE-2009-4105 (TYPSoft FTP Server 1.10 allows remote authenticated users to cause a d ...)
 	NOT-FOR-US: TYPSoft FTP Server
-CVE-2009-4104
+CVE-2009-4104 (SQL injection vulnerability in Lyften Designs LyftenBloggie (com_lyfte ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-4103
+CVE-2009-4103 (Buffer overflow in Robo-FTP 3.6.17, and possibly other versions, allow ...)
 	NOT-FOR-US: Robo-FTP
-CVE-2009-4102
+CVE-2009-4102 (Sage 1.4.3 and earlier extension for Firefox performs certain operatio ...)
 	{DSA-1951-1}
 	- firefox-sage 1.4.3-4 (medium; bug #559267)
-CVE-2009-4101
+CVE-2009-4101 (infoRSS 1.1.4.2 and earlier extension for Firefox performs certain ope ...)
 	NOT-FOR-US: infoRSS extension for Firefox
-CVE-2009-4100
+CVE-2009-4100 (Yoono extension before 6.1.1 for Firefox performs certain operations w ...)
 	NOT-FOR-US: Yoono extension for Firefox
-CVE-2009-4099
+CVE-2009-4099 (SQL injection vulnerability in the Google Calendar GCalendar (com_gcal ...)
 	NOT-FOR-US: Joomla! Component
-CVE-2009-4098
+CVE-2009-4098 (Unrestricted file upload vulnerability in banner-edit.php in OpenX ads ...)
 	- openx <itp> (bug #513771)
-CVE-2009-4097
+CVE-2009-4097 (Stack-based buffer overflow in the MplayInputFile function in Serenity ...)
 	NOT-FOR-US: Serenity Audio Player
-CVE-2009-4096
+CVE-2009-4096 (RADIO istek scripti 2.5 stores sensitive information under the web roo ...)
 	NOT-FOR-US: RADIO istek scripti
-CVE-2009-4095
+CVE-2009-4095 (myPhile 1.2.1 allows remote attackers to bypass authentication via an  ...)
 	NOT-FOR-US: myPhile
-CVE-2009-4094
+CVE-2009-4094 (PHP remote file inclusion vulnerability in class/php/d4m_ajax_pagenav. ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-4093
+CVE-2009-4093 (Multiple cross-site scripting (XSS) vulnerabilities in comments.php in ...)
 	NOT-FOR-US: Simplog
-CVE-2009-4092
+CVE-2009-4092 (Cross-site request forgery (CSRF) vulnerability in user.php in Simplog ...)
 	NOT-FOR-US: Simplog
-CVE-2009-4091
+CVE-2009-4091 (comments.php in Simplog 0.9.3.2, and possibly earlier, does not proper ...)
 	NOT-FOR-US: Simplog
-CVE-2009-4090
+CVE-2009-4090 (Unrestricted file upload vulnerability in ajax/addComment.php in telep ...)
 	NOT-FOR-US: telepark.wiki
-CVE-2009-4089
+CVE-2009-4089 (telepark.wiki 2.4.23 and earlier allows remote attackers to bypass aut ...)
 	NOT-FOR-US: telepark.wiki
-CVE-2009-4088
+CVE-2009-4088 (Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 a ...)
 	NOT-FOR-US: telepark.wiki
-CVE-2009-4087
+CVE-2009-4087 (Cross-site scripting (XSS) vulnerability in index.php in telepark.wiki ...)
 	NOT-FOR-US: telepark.wiki
-CVE-2009-4086
+CVE-2009-4086 (CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 allow ...)
 	NOT-FOR-US: Xerver HTTP Server
-CVE-2009-4085
+CVE-2009-4085 (PHP remote file inclusion vulnerability in assets/plugins/mp3_id/mp3_i ...)
 	NOT-FOR-US: PHP Traverser
-CVE-2009-4084
+CVE-2009-4084 (SQL injection vulnerability in the search feature in e107 0.7.16 and e ...)
 	NOT-FOR-US: e107
-CVE-2009-4083
+CVE-2009-4083 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.16 and ...)
 	NOT-FOR-US: e107
-CVE-2009-4082
+CVE-2009-4082 (PHP remote file inclusion vulnerability in forums/Forum_Include/index. ...)
 	NOT-FOR-US: Outreach Project Tool
-CVE-2009-4081
+CVE-2009-4081 (Untrusted search path vulnerability in dstat before r3199 allows local ...)
 	- dstat <not-affected> (Fixed/tracked as CVE-2009-3894)
 	NOTE: This second ID is about the same issue, but for an older version, see
 	NOTE: http://bugs.gentoo.org/show_bug.cgi?id=293497
 	NOTE: For Debian we'll just use CVE-2009-3894 and mark this one as not-affected
-CVE-2009-4080
+CVE-2009-4080 (Multiple unspecified vulnerabilities in ldap_cachemgr (aka the LDAP cl ...)
 	NOT-FOR-US: ldap_cachemgr in Sun Solaris
-CVE-2009-4079
+CVE-2009-4079 (Cross-site request forgery (CSRF) vulnerability in Redmine 0.8.5 and e ...)
 	- redmine 0.9.0~svn2902-1
-CVE-2009-4078
+CVE-2009-4078 (Multiple cross-site scripting (XSS) vulnerabilities in Redmine 0.8.5 a ...)
 	- redmine 0.9.0~svn2902-1
-CVE-2009-4077
+CVE-2009-4077 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail 0 ...)
 	- roundcube 0.3-1
-CVE-2009-4076
+CVE-2009-4076 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail 0 ...)
 	- roundcube 0.3-1
-CVE-2009-4075
+CVE-2009-4075 (Unspecified vulnerability in the timeout mechanism in sshd in Sun Sola ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-4074
+CVE-2009-4074 (The XSS Filter in Microsoft Internet Explorer 8 allows remote attacker ...)
 	NOT-FOR-US: Microsoft Internet Explorer 8
-CVE-2009-4214
+CVE-2009-4214 (Cross-site scripting (XSS) vulnerability in the strip_tags function in ...)
 	{DSA-2301-1 DSA-2260-1}
 	- rails 2.2.3-2 (low; bug #558685)
 	NOTE: http://groups.google.com/group/rubyonrails-security/browse_thread/thread/4d4f71f2aef4c0ab?pli=1
-CVE-2009-4073
+CVE-2009-4073 (The printing functionality in Microsoft Internet Explorer 8 allows rem ...)
 	NOT-FOR-US: Microsoft Internet Explorer 8
-CVE-2009-4072
+CVE-2009-4072 (Unspecified vulnerability in Opera before 10.10 has unknown impact and ...)
 	NOT-FOR-US: Opera
-CVE-2009-4071
+CVE-2009-4071 (Opera before 10.10, when exception stacktraces are enabled, places scr ...)
 	NOT-FOR-US: Opera
-CVE-2009-4070
+CVE-2009-4070 (SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly othe ...)
 	{DSA-1818-1}
 	- gforge 4.7.3-2
-CVE-2009-4069
+CVE-2009-4069 (Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5.14,  ...)
 	{DSA-1818-1}
 	- gforge 4.7.3-2
 CVE-2009-4068
@@ -2548,83 +2548,83 @@ CVE-2009-4067
 	{DSA-2310-1}
 	- linux-2.6 2.6.28-1 (low)
 	NOTE: Driver was removed in 2.6.27
-CVE-2009-4066
+CVE-2009-4066 (Multiple cross-site request forgery (CSRF) vulnerabilities in the "My  ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4065
+CVE-2009-4065 (Cross-site scripting (XSS) vulnerability in the settings page in the S ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4064
+CVE-2009-4064 (Cross-site scripting (XSS) vulnerability in the Gallery Assist module  ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4063
+CVE-2009-4063 (Cross-site scripting (XSS) vulnerability in the Subgroups for Organic  ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4062
+CVE-2009-4062 (Multiple cross-site scripting (XSS) vulnerabilities in the Printfriend ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4061
+CVE-2009-4061 (Multiple cross-site scripting (XSS) vulnerabilities in the Agreement m ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4060
+CVE-2009-4060 (SQL injection vulnerability in includes/content/viewProd.inc.php in Cu ...)
 	NOT-FOR-US: CubeCart
-CVE-2009-4059
+CVE-2009-4059 (SQL injection vulnerability in the JoomClip (com_joomclip) component f ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4058
+CVE-2009-4058 (SQL injection vulnerability in allauctions.php in Telebid Auction Scri ...)
 	NOT-FOR-US: Telebid Auction Script
-CVE-2009-4057
+CVE-2009-4057 (SQL injection vulnerability in the inertialFATE iF Portfolio Nexus (co ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-4056
+CVE-2009-4056 (Directory traversal vulnerability in admin/popup.php in Betsy CMS 3.5  ...)
 	NOT-FOR-US: Betsy CMS
-CVE-2009-4055
+CVE-2009-4055 (rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before 1.4.27 ...)
 	{DSA-1952-1}
 	- asterisk 1:1.6.2.0~rc7-1 (bug #559103)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
 CVE-2009-4054
 	REJECTED
-CVE-2009-4053
+CVE-2009-4053 (Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1 ...)
 	NOT-FOR-US: Home FTP Server
-CVE-2009-4052
+CVE-2009-4052 (Multiple cross-site scripting (XSS) vulnerabilities in the JSF Widget  ...)
 	NOT-FOR-US: IBM Rational Application Developer for WebSphere
-CVE-2009-4051
+CVE-2009-4051 (Home FTP Server 1.10.1.139 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Home FTP Server
-CVE-2009-4050
+CVE-2009-4050 (Directory traversal vulnerability in get_file.php in phpMyBackupPro 2. ...)
 	NOT-FOR-US: phpMyBackupPro
-CVE-2009-4049
+CVE-2009-4049 (Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in a ...)
 	NOT-FOR-US: avast
-CVE-2009-4048
+CVE-2009-4048 (Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote authenticated  ...)
 	NOT-FOR-US: Dxmsoft XM Easy Personal FTP Server
-CVE-2009-4047
+CVE-2009-4047 (Multiple cross-site scripting (XSS) vulnerabilities in PHD Help Desk 1 ...)
 	NOT-FOR-US: PHD Help Desk
-CVE-2009-4112
+CVE-2009-4112 (Cacti 0.8.7e and earlier allows remote authenticated administrators to ...)
 	[experimental] - cacti 1.2.0~beta2+ds1-1
 	- cacti 1.2.1+ds1-1 (unimportant; bug #561339)
 	NOTE: 4B0E1566.1070509@moritz-naumann.com in bugtraq
 	NOTE: as one requires admin access to cacti, upstream will implement a whitelist
 	NOTE: https://github.com/Cacti/cacti/issues/1072
-CVE-2009-4032
+CVE-2009-4032 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7e al ...)
 	{DSA-1954-1}
 	- cacti 0.8.7e-1.1 (low; bug #561338)
 	NOTE: http://docs.cacti.net/#cross-site_scripting_fixes
 	NOTE: http://www.cacti.net/download_patches.php
 	NOTE: incomplete, probably another CVE id will be allocated: https://bugzilla.redhat.com/show_bug.cgi?id=541279#c17
-CVE-2009-4046
+CVE-2009-4046 (Multiple SQL injection vulnerabilities in FrontAccounting (FA) 2.2.x b ...)
 	NOT-FOR-US: FrontAccounting
-CVE-2009-4045
+CVE-2009-4045 (Multiple SQL injection vulnerabilities in FrontAccounting (FA) before  ...)
 	NOT-FOR-US: FrontAccounting
-CVE-2009-4044
+CVE-2009-4044 (The Web Services module 6.x for Drupal does not perform the expected a ...)
 	NOT-FOR-US: Web Services module for Drupal
-CVE-2009-4043
+CVE-2009-4043 (Cross-site scripting (XSS) vulnerability in the AddToAny module 5.x be ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-4042
+CVE-2009-4042 (Cross-site scripting (XSS) vulnerability in the RootCandy theme 6.x be ...)
 	NOT-FOR-US: theme for Drupal
-CVE-2009-4041
+CVE-2009-4041 (UseBB 1.0.9 before 1.0.10 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: UseBB
-CVE-2009-4040
+CVE-2009-4040 (Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.0.17 and ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2009-4039
+CVE-2009-4039 (Cross-site scripting (XSS) vulnerability in Piwigo before 2.0.6 allows ...)
 	- piwigo <not-affected> (Fixed before initial upload to the archive)
-CVE-2009-4038
+CVE-2009-4038 (Multiple cross-site scripting (XSS) vulnerabilities in NCH Software Ax ...)
 	NOT-FOR-US: NCH Software Axon Virtual PBX
-CVE-2009-4037
+CVE-2009-4037 (Multiple SQL injection vulnerabilities in FrontAccounting (FA) before  ...)
 	NOT-FOR-US: FrontAccounting
 CVE-2009-4036
 	REJECTED
-CVE-2009-4035
+CVE-2009-4035 (The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf ...)
 	- kdegraphics 4:4.0.0-1
 	- xpdf 3.01-1
 	- poppler 0.5.1-1
@@ -2632,28 +2632,28 @@ CVE-2009-4035
 	NOTE: was silently fixed by upstream xpdf, fix propagated to poppler in 4b4fc5c017b/2005-09-14
 	NOTE: but at least version 0.4.5 does *not* contain the ship.
 	NOTE: Was fixed somewhere between 0.4.5 and 0.5.1
-CVE-2009-4034
+CVE-2009-4034 (PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1. ...)
 	{DSA-1964-1}
 	- postgresql-7.4 <removed>
 	- postgresql-8.1 <removed>
 	- postgresql-8.2 <removed>
 	- postgresql-8.3 8.3.9-1 (low)
 	- postgresql-8.4 8.4.2-1 (low)
-CVE-2009-4033
+CVE-2009-4033 (A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to ...)
 	- acpid <not-affected> (problem in redhat-specific patch; debian uses sensible permissions 0664)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=515062
-CVE-2009-4031
+CVE-2009-4031 (The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulat ...)
 	{DSA-1962-1}
 	- linux-2.6 2.6.32-3 (low)
 	[lenny] - linux-2.6 2.6.26-21
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
 	- kvm <removed> (low; bug #562075)
-CVE-2009-4030
+CVE-2009-4030 (MySQL 5.1.x before 5.1.41 allows local users to bypass certain privile ...)
 	{DSA-1997-1}
 	- mysql-5.1 5.1.43-1
 	- mysql-dfsg-5.0 <removed>
-CVE-2009-4029
+CVE-2009-4029 (The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, an ...)
 	- automake 1:1.4-p6-13.1
 	[lenny] - automake <no-dsa> (Minor issue)
 	- automake1.9 1.9.6+nogfdl-3.1
@@ -2664,49 +2664,49 @@ CVE-2009-4029
 	[lenny] - automake1.10 <no-dsa> (Minor issue)
 	NOTE: spu will be released to avoid spreading the bug even further
 	NOTE: http://lists.gnu.org/archive/html/automake/2009-12/msg00012.html
-CVE-2009-4028
+CVE-2009-4028 (The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x b ...)
 	- mysql-5.1 <not-affected> (Vulnerable code not present)
 	- mysql-dfsg-5.0 <not-affected> (Vulnerable code not present)
 	NOTE: built with --without-openssl
-CVE-2009-4027
+CVE-2009-4027 (Race condition in the mac80211 subsystem in the Linux kernel before 2. ...)
 	{DSA-1996-1 DTSA-204-1}
 	- linux-2.6 2.6.32-1 (medium)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.26)
 	- linux-2.6.24 <not-affected> (introduced in 2.6.26)
-CVE-2009-4026
+CVE-2009-4026 (The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-2009 ...)
 	{DTSA-204-1}
 	- linux-2.6 2.6.32-1 (medium)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.30)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.30)
 	- linux-2.6.24 <not-affected> (introduced in 2.6.30)
-CVE-2009-4025
+CVE-2009-4025 (Argument injection vulnerability in the traceroute function in Tracero ...)
 	NOT-FOR-US: Net_Traceroute PEAR module
-CVE-2009-4024
+CVE-2009-4024 (Argument injection vulnerability in the ping function in Ping.php in t ...)
 	{DSA-1949-1}
 	- php-net-ping 2.4.2-1.1 (medium)
 	NOTE: fix applied by upstream is incomplete, reported to oss-sec
-CVE-2009-4111
+CVE-2009-4111 (Argument injection vulnerability in Mail/sendmail.php in the Mail pack ...)
 	{DSA-1938-1}
 	- php-mail 1.1.14-2 (medium; bug #557121)
 	[lenny] - php-mail  1.1.14-1+lenny1
 	[etch] - php-mail 1.1.6-2+etch1
-CVE-2009-4023
+CVE-2009-4023 (Argument injection vulnerability in the sendmail implementation of the ...)
 	{DSA-1938-1}
 	- php-mail 1.1.14-2 (medium; bug #557121)
 	[lenny] - php-mail  1.1.14-1+lenny1
 	[etch] - php-mail 1.1.6-2+etch1
-CVE-2009-4022
+CVE-2009-4022 (Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before  ...)
 	{DSA-1961-1}
 	- bind9 1:9.6.1.dfsg.P2-1 (medium)
 	NOTE: https://www.isc.org/node/504
 	NOTE: Only affects installations with trust anchors, but then the
 	NOTE: consequences are quite severe.
-CVE-2009-4020
+CVE-2009-4020 (Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2 ...)
 	{DSA-2005-1 DSA-2003-1}
 	- linux-2.6 2.6.32-3 (medium)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-4019
+CVE-2009-4019 (mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not ( ...)
 	{DSA-1997-1}
 	- mysql-5.1 5.1.41-1
 	- mysql-dfsg-5.0 <removed>
@@ -2714,75 +2714,75 @@ CVE-2009-4019
 	NOTE: http://web.archive.org/web/20140723045533/http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
 	NOTE: http://bugs.mysql.com/47780
 	NOTE: http://bugs.mysql.com/48291
-CVE-2009-4018
+CVE-2009-4018 (The proc_open function in ext/standard/proc_open.c in PHP before 5.2.1 ...)
 	- php5 5.2.11.dfsg.1-1 (unimportant)
 	NOTE: safe_mode bypass
-CVE-2009-4016
+CVE-2009-4016 (Integer underflow in the clean_string function in irc_string.c in (1)  ...)
 	{DSA-1980-1}
 	- ircd-ratbox 3.0.6.dfsg-1 (medium; bug #567191)
 	- ircd-hybrid 1:7.2.2.dfsg.2-6.1 (medium; bug #567192)
 	- oftc-hybrid 1.6.3.dfsg-1.1 (medium; bug #567193)
-CVE-2009-4015
+CVE-2009-4015 (Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x befor ...)
 	{DSA-1979-1}
 	- lintian 2.3.2 (medium)
-CVE-2009-4014
+CVE-2009-4014 (Multiple format string vulnerabilities in Lintian 1.23.x through 1.23. ...)
 	{DSA-1979-1}
 	- lintian 2.3.2 (medium)
-CVE-2009-4013
+CVE-2009-4013 (Multiple directory traversal vulnerabilities in Lintian 1.23.x through ...)
 	{DSA-1979-1}
 	- lintian 2.3.2 (medium)
-CVE-2009-4012
+CVE-2009-4012 (Multiple integer overflows in LibThai before 0.1.13 might allow contex ...)
 	{DSA-1971-1}
 	- libthai 0.1.13-1
 CVE-2009-4011 [dtc-xen race condition]
 	RESERVED
 	- dtc-xen 0.5.4-1
 	[lenny] - dtc-xen <not-affected> (Only affects 0.5.x)
-CVE-2009-4010
+CVE-2009-4010 (Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows r ...)
 	{DSA-1968-2 DSA-1968-1}
 	- pdns-recursor 3.1.7.2-1 (high)
-CVE-2009-4009
+CVE-2009-4009 (Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote atta ...)
 	{DSA-1968-1}
 	- pdns-recursor 3.1.7.2-1 (high)
 	[etch] - pdns-recursor <not-affected> (vulnerable code not present)
-CVE-2009-4008
+CVE-2009-4008 (Unbound before 1.4.4 does not send responses for signed zones after mi ...)
 	{DSA-2243-1}
 	- unbound 1.4.4-1 (low)
-CVE-2009-4007
+CVE-2009-4007 (Unspecified vulnerability in the NormaliseTrainConsist function in src ...)
 	- openttd 0.7.5-1
 	[lenny] - openttd 0.6.2-1+lenny1
-CVE-2009-4006
+CVE-2009-4006 (Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft ...)
 	NOT-FOR-US: Serv-U FTP server
-CVE-2009-4005
+CVE-2009-4005 (The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the L ...)
 	{DSA-2005-1 DSA-2003-1}
 	- linux-2.6 2.6.32-1 (low)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (low)
-CVE-2009-4003
+CVE-2009-4003 (Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-4002
+CVE-2009-4002 (Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-4001
+CVE-2009-4001 (Integer overflow in XnView before 1.97.2 might allow remote attackers  ...)
 	NOT-FOR-US: XnView
-CVE-2009-4000
+CVE-2009-4000 (Directory traversal vulnerability in goform/formExportDataLogs in HP P ...)
 	NOT-FOR-US: HP Power Manager
-CVE-2009-3999
+CVE-2009-3999 (Stack-based buffer overflow in goform/formExportDataLogs in HP Power M ...)
 	NOT-FOR-US: HP Power Manager
 CVE-2009-3998
 	RESERVED
-CVE-2009-3997
+CVE-2009-3997 (Integer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Win ...)
 	NOT-FOR-US: winamp
-CVE-2009-3996
+CVE-2009-3996 (Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug- ...)
 	{DSA-2071-1}
 	- libmikmod 3.1.11-6.2 (bug #575742)
 	- pysol-sound-server <removed> (unimportant)
 	NOTE: pysol-sound-server embeds a mikmod copy, but only reads to local files
-CVE-2009-3995
+CVE-2009-3995 (Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Dec ...)
 	{DSA-2081-1 DSA-2071-1}
 	- libmikmod 3.1.11-6.2 (bug #575742)
 	- pysol-sound-server <removed> (unimportant)
 	NOTE: pysol-sound-server embeds a mikmod copy, but only reads to local files
-CVE-2009-3994
+CVE-2009-3994 (Stack-based buffer overflow in the GetUID function in src-IL/src/il_di ...)
 	- devil 1.7.8-6 (low; bug #560080)
 	[lenny] - devil <no-dsa> (Minor issue)
 	[etch] - devil <no-dsa> (Minor issue)
@@ -2794,10 +2794,10 @@ CVE-2009-3991
 	REJECTED
 CVE-2009-3990
 	REJECTED
-CVE-2009-3989
+CVE-2009-3989 (Bugzilla before 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and 3. ...)
 	- bugzilla 3.4.7.0-1 (unimportant)
 	NOTE: http://www.bugzilla.org/security/3.0.10/
-CVE-2009-3988
+CVE-2009-3988 (Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMon ...)
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <end-of-life>
@@ -2805,165 +2805,165 @@ CVE-2009-3988
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.3-1
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
-CVE-2009-3987
+CVE-2009-3987 (The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3 ...)
 	- xulrunner <not-affected> (Windows-specific vulnerability)
-CVE-2009-3986
+CVE-2009-3986 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey be ...)
 	{DSA-1956-1}
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3985
+CVE-2009-3985 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey be ...)
 	{DSA-1956-1}
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3984
+CVE-2009-3984 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey be ...)
 	{DSA-1956-1}
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3983
+CVE-2009-3983 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey be ...)
 	{DSA-1956-1}
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3982
+CVE-2009-3982 (Multiple unspecified vulnerabilities in the JavaScript engine in Mozil ...)
 	- xulrunner 1.9.1.6-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5)
-CVE-2009-3981
+CVE-2009-3981 (Unspecified vulnerability in the browser engine in Mozilla Firefox bef ...)
 	{DSA-1956-1}
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1
 	NOTE: Only affects Firefox 3
-CVE-2009-3980
+CVE-2009-3980 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- xulrunner 1.9.1.6-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
-CVE-2009-3979
+CVE-2009-3979 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-1956-1}
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3978
+CVE-2009-3978 (The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp ...)
 	- xulrunner 1.9.1.5-1 (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2009-3977
+CVE-2009-3977 (Multiple buffer overflows in a certain ActiveX control in ActiveDom.oc ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-3976
+CVE-2009-3976 (Buffer overflow in Labtam ProFTP 2.9 allows remote FTP servers to caus ...)
 	NOT-FOR-US: Labtam ProFTP
-CVE-2009-3975
+CVE-2009-3975 (SQL injection vulnerability in index.php in Moa Gallery 1.1.0 and 1.2. ...)
 	NOT-FOR-US: Moa Gallery
-CVE-2009-3974
+CVE-2009-3974 (Multiple SQL injection vulnerabilities in Invision Power Board (IPB or ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2009-3973
+CVE-2009-3973 (SQL injection vulnerability in index.php in Turnkey Arcade Script allo ...)
 	NOT-FOR-US: Turnkey Arcade Script
-CVE-2009-3972
+CVE-2009-3972 (SQL injection vulnerability in the Q-Proje Siirler Bileseni (com_siirl ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3971
+CVE-2009-3971 (SQL injection vulnerability in the jTips (com_jtips) component 1.0.7 a ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3970
+CVE-2009-3970 (SQL injection vulnerability in index.php in PHP Dir Submit (aka Websit ...)
 	NOT-FOR-US: PHP Dir Submit
-CVE-2009-3969
+CVE-2009-3969 (Stack-based buffer overflow in Faslo Player 7.0 allows remote attacker ...)
 	NOT-FOR-US: Faslo Player
-CVE-2009-3968
+CVE-2009-3968 (Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote a ...)
 	NOT-FOR-US: ITechBids
-CVE-2009-3967
+CVE-2009-3967 (SQL injection vulnerability in browse.php in Ed Charkow SuperCharged L ...)
 	NOT-FOR-US: Ed Charkow SuperCharged Linking
-CVE-2009-3966
+CVE-2009-3966 (Arcade Trade Script 1.0 allows remote attackers to bypass authenticati ...)
 	NOT-FOR-US: Arcade Trade Script
-CVE-2009-3965
+CVE-2009-3965 (SQL injection vulnerability in rating.php in New 5 star Rating 1.0 all ...)
 	NOT-FOR-US: New 5 star Rating
-CVE-2009-3964
+CVE-2009-3964 (SQL injection vulnerability in the NinjaMonials (com_ninjacentral) com ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3898
+CVE-2009-3898 (Directory traversal vulnerability in src/http/modules/ngx_http_dav_mod ...)
 	- nginx 0.7.63-1 (low; bug #557389)
 	[etch] - nginx <no-dsa> (upload rights required)
 	[lenny] - nginx <no-dsa> (upload rights required)
-CVE-2009-3897
+CVE-2009-3897 (Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of ce ...)
 	- dovecot 1:1.2.8-1 (medium; bug #557601)
 	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
 	[etch] - dovecot <not-affected> (Only affects 1.2.x)
-CVE-2009-4017
+CVE-2009-4017 (PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number  ...)
 	{DSA-1940-1}
 	- php5 5.2.11.dfsg.1-2 (medium)
 	- php4 <removed> (medium)
 	NOTE: workarounds include using 5.3.1 or php5-suhosin
 	NOTE: 4B068517.802@acunetix.com on bugtraq explains it
-CVE-2009-3080
+CVE-2009-3080 (Array index error in the gdth_read_event function in drivers/scsi/gdth ...)
 	{DSA-2005-1 DSA-2003-1}
 	- linux-2.6 2.6.32-1 (medium)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (medium)
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=690e744869f3262855b83b4fb59199cf142765b0
-CVE-2009-4021
+CVE-2009-4021 (The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in ...)
 	{DSA-2005-1 DSA-2003-1}
 	- linux-2.6 2.6.32-1 (low)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (low)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=538734
-CVE-2009-3963
+CVE-2009-3963 (Multiple unspecified vulnerabilities in XOOPS before 2.4.0 Final have  ...)
 	NOT-FOR-US: XOOPS
-CVE-2009-3962
+CVE-2009-3962 (The management interface on the 2wire Gateway 1700HG, 1701HG, 1800HW,  ...)
 	NOT-FOR-US: 2wire Gateway
-CVE-2009-3961
+CVE-2009-3961 (SQL injection vulnerability in user.php in Super Serious Stats (aka su ...)
 	NOT-FOR-US: Super Serious Stats
-CVE-2009-3960
+CVE-2009-3960 (Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveC ...)
 	NOT-FOR-US: LiveCycle
-CVE-2009-3959
+CVE-2009-3959 (Integer overflow in the U3D implementation in Adobe Reader and Acrobat ...)
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3958
+CVE-2009-3958 (Multiple stack-based buffer overflows in the NOS Microsystems getPlus  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3957
+CVE-2009-3957 (Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows ...)
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3956
+CVE-2009-3956 (The default configuration of Adobe Reader and Acrobat 9.x before 9.3,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3955
+CVE-2009-3955 (Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows ...)
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3954
+CVE-2009-3954 (The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3953
+CVE-2009-3953 (The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat 8.0
-CVE-2009-3952
+CVE-2009-3952 (Buffer overflow in Adobe Illustrator CS3 13.0.3 and earlier and Illust ...)
 	NOT-FOR-US: Adobe Illustrator
-CVE-2009-3951
+CVE-2009-3951 (Unspecified vulnerability in the Flash Player ActiveX control in Adobe ...)
 	NOT-FOR-US: Flash Player
-CVE-2009-3950
+CVE-2009-3950 (Multiple cross-site scripting (XSS) vulnerabilities in Bractus SunTrac ...)
 	NOT-FOR-US: Bractus SunTrack
-CVE-2009-3949
+CVE-2009-3949 (cp/profile.php in VivaPrograms Infinity 2.0.5 and earlier does not req ...)
 	NOT-FOR-US: VivaPrograms Infinity
-CVE-2009-3948
+CVE-2009-3948 (JetAudio 7.5.3 COWON Media Center allows remote attackers to cause a d ...)
 	NOT-FOR-US: JetAudio
-CVE-2009-3947
+CVE-2009-3947 (Buffer overflow in the FTP service on the Tandberg MXP F7.0 allows rem ...)
 	NOT-FOR-US: Tandberg MXP F7.0
-CVE-2009-3946
+CVE-2009-3946 (Joomla! before 1.5.15 allows remote attackers to read an extension's X ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-3945
+CVE-2009-3945 (Unspecified vulnerability in the Front-End Editor in the com_content c ...)
 	NOT-FOR-US: component in Joomla!
-CVE-2009-3944
+CVE-2009-3944 (Research In Motion (RIM) BlackBerry Browser on the BlackBerry 8800 all ...)
 	NOT-FOR-US: BlackBerry Browser on the BlackBerry 8800
-CVE-2009-3943
+CVE-2009-3943 (Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through 7.0. ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3942
+CVE-2009-3942 (Martin Lambers msmtp before 1.4.19, when OpenSSL is used, does not pro ...)
 	- msmtp <not-affected> (uses GnuTLS and not OpenSSL; bug #557324)
-CVE-2009-3941
+CVE-2009-3941 (Martin Lambers mpop before 1.0.19, when OpenSSL is used, does not prop ...)
 	- mpop <not-affected> (uses GnuTLS and not OpenSSL; bug #557326)
-CVE-2009-3940
+CVE-2009-3940 (Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6 ...)
 	- virtualbox-guest-additions 3.0.10-1
-CVE-2009-3939
+CVE-2009-3939 (The poll_mode_io file for the megaraid_sas driver in the Linux kernel  ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-6 (low)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-4004
+CVE-2009-4004 (Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in arch/x ...)
 	- linux-2.6 2.6.32-1 (medium)
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code not present)
@@ -2971,28 +2971,28 @@ CVE-2009-4004
 	- kvm 88+dfsg-2 (medium; bug #557736)
 	[lenny] - kvm <not-affected> (vulnerable code not present)
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a9e38c3e01ad242fe2a625354cf065c34b01e3aa
-CVE-2009-3937
+CVE-2009-3937 (Memory leak in Solaris TCP sockets in Sun OpenSolaris snv_106 through  ...)
 	NOT-FOR-US: Sun OpenSolaris
-CVE-2009-3936
+CVE-2009-3936 (Unspecified vulnerability in Citrix Online Plug-in for Windows 11.0.x  ...)
 	NOT-FOR-US: Citrix Online Plug-in
-CVE-2009-3935
+CVE-2009-3935 (Multiple unspecified vulnerabilities in the Advanced Management Module ...)
 	NOT-FOR-US: IBM BladeCenter
-CVE-2009-3934
+CVE-2009-3934 (The WebFrameLoaderClient::dispatchDidChangeLocationWithinPage function ...)
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-3933
+CVE-2009-3933 (WebKit before r50173, as used in Google Chrome before 3.0.195.32, allo ...)
 	- webkit <not-affected> (chromium-specific issue in their timer)
 	- qt4-x11 <not-affected> (chromium-specific issue in their timer)
 	- kdelibs <not-affected> (chromium-specific issue in their timer)
 	- kde4libs <not-affected> (chromium-specific issue in their timer)
 	- chromium-browser <not-affected> (Only 0.x is affected)
-CVE-2009-3932
+CVE-2009-3932 (The Gears plugin in Google Chrome before 3.0.195.32 allows user-assist ...)
 	- chromium-browser <not-affected> (Only 0.x is affected)
 	- webkit <not-affected> (gears is only implemented in chromium)
-CVE-2009-3931
+CVE-2009-3931 (Incomplete blacklist vulnerability in browser/download/download_exe.cc ...)
 	- chromium-browser <not-affected> (Only 3.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-3930
+CVE-2009-3930 (Multiple integer overflows in Christos Zoulas file before 5.02 allow u ...)
 	- file 5.03-1
 	[lenny] - file <not-affected>
 	[etch] - file <not-affected>
@@ -3009,37 +3009,37 @@ CVE-2009-3925
 CVE-2009-XXXX [eglibc: ldd arbitrary code execution]
 	- eglibc 2.10.1-7 (unimportant; bug #552518)
 	- glibc 2.10.1-7 (unimportant; bug #552518)
-CVE-2009-3924
+CVE-2009-3924 (Buffer overflow in pbsv.dll, as used in Soldier of Fortune II and poss ...)
 	NOT-FOR-US: Soldier of Fortune
-CVE-2009-3923
+CVE-2009-3923 (The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Inf ...)
 	NOT-FOR-US: Sun Virtual Desktop Infrastructure
-CVE-2009-3922
+CVE-2009-3922 (Multiple cross-site request forgery (CSRF) vulnerabilities in the User ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3921
+CVE-2009-3921 (The Smartqueue_og module 5.x before 5.x-1.3 and 6.x before 6.x-1.0-rc3 ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3920
+CVE-2009-3920 (An administration page in the NGP COO/CWP Integration (crmngp) module  ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3919
+CVE-2009-3919 (Cross-site scripting (XSS) vulnerability in the NGP COO/CWP Integratio ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3918
+CVE-2009-3918 (Cross-site scripting (XSS) vulnerability in the Zoomify module 5.x bef ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3917
+CVE-2009-3917 (Cross-site scripting (XSS) vulnerability in the S5 Presentation Player ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3916
+CVE-2009-3916 (Cross-site scripting (XSS) vulnerability in the Node Hierarchy module  ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3915
+CVE-2009-3915 (Cross-site scripting (XSS) vulnerability in the "Separate title and UR ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3914
+CVE-2009-3914 (Cross-site scripting (XSS) vulnerability in the Temporary Invitation m ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3913
+CVE-2009-3913 (SQL injection vulnerability in summary.php in Xerox Fiery Webtools all ...)
 	NOT-FOR-US: Xerox Fiery Webtools
-CVE-2009-3912
+CVE-2009-3912 (Directory traversal vulnerability in index.php in TFTgallery 0.13 allo ...)
 	NOT-FOR-US: TFTgallery
-CVE-2009-3911
+CVE-2009-3911 (Cross-site scripting (XSS) vulnerability in settings.php in TFTgallery ...)
 	NOT-FOR-US: TFTgallery
 CVE-2009-3910
 	RESERVED
-CVE-2009-3909
+CVE-2009-3909 (Integer overflow in the read_channel_data function in plug-ins/file-ps ...)
 	- gimp 2.6.7-1.1 (medium; bug #556750)
 	NOTE: http://secunia.com/secunia_research/2009-43/
 CVE-2009-3908
@@ -3048,49 +3048,49 @@ CVE-2009-3907
 	REJECTED
 CVE-2009-3906
 	REJECTED
-CVE-2009-3905
+CVE-2009-3905 (Multiple cross-site scripting (XSS) vulnerabilities in e-Courier CMS a ...)
 	NOT-FOR-US: e-Courier CMS
-CVE-2009-3904
+CVE-2009-3904 (classes/session/cc_admin_session.php in CubeCart 4.3.4 does not proper ...)
 	NOT-FOR-US: CubeCart
-CVE-2009-3903
+CVE-2009-3903 (Multiple cross-site scripting (XSS) vulnerabilities in jspui/index.jsp ...)
 	NOT-FOR-US: ManageEngine Netflow Analyzer 7.5 build 7500
-CVE-2009-3902
+CVE-2009-3902 (Directory traversal vulnerability in Cherokee Web Server 0.5.4 and ear ...)
 	- cherokee <not-affected> (Only windows version is affected)
-CVE-2009-3901
+CVE-2009-3901 (Multiple cross-site scripting (XSS) vulnerabilities in e-Courier CMS a ...)
 	NOT-FOR-US: e-Courier CMS
-CVE-2009-3900
+CVE-2009-3900 (Unspecified vulnerability in the Cluster Management component in IBM P ...)
 	NOT-FOR-US: IBM PowerHA
-CVE-2009-3899
+CVE-2009-3899 (Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-3896
+CVE-2009-3896 (src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14 ...)
 	{DSA-1920-1}
 	- nginx 0.7.62-1
-CVE-2009-3895
+CVE-2009-3895 (Heap-based buffer overflow in the exif_entry_fix function (aka the tag ...)
 	- libexif 0.6.19-1 (medium; bug #557137)
 	[lenny] - libexif <not-affected> (Only 0.6.18 is affected)
 	[etch] - libexif <not-affected> (Only 0.6.18 is affected)
-CVE-2009-3894
+CVE-2009-3894 (Multiple untrusted search path vulnerabilities in dstat before 0.7.0 a ...)
 	- dstat 0.7.0-1 (low; bug #557989)
 	[lenny] - dstat <no-dsa> (Minor issue)
 	[etch] - dstat <no-dsa> (Minor issue)
 	NOTE: http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
 CVE-2009-3893
 	RESERVED
-CVE-2009-3891
+CVE-2009-3891 (Cross-site scripting (XSS) vulnerability in wp-admin/press-this.php in ...)
 	- wordpress 2.8.6-1 (low)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	[lenny] - wordpress <not-affected> (Vulnerable code not present)
-CVE-2009-3890
+CVE-2009-3890 (Unrestricted file upload vulnerability in the wp_check_filetype functi ...)
 	- wordpress 2.8.6-1 (low)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	[lenny] - wordpress <not-affected> (Vulnerable code not present)
-CVE-2009-3889
+CVE-2009-3889 (The dbg_lvl file for the megaraid_sas driver in the Linux kernel befor ...)
 	{DSA-2005-1}
 	- linux-2.6 2.6.27-1 (low)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (low)
-CVE-2009-3888
+CVE-2009-3888 (The do_mmap_pgoff function in mm/nommu.c in the Linux kernel before 2. ...)
 	- linux-2.6 <not-affected> (Vulnerable code not built)
 	- linux-2.6.24 <not-affected> (Vulnerable code not built)
 CVE-2009-3887 [ytnef path traversal]
@@ -3099,225 +3099,225 @@ CVE-2009-3887 [ytnef path traversal]
 	[lenny] - ytnef <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
 	NOTE: This doesn't affect Evolution, the TNEF plugin is external
-CVE-2009-3886
+CVE-2009-3886 (The Java Web Start implementation in Sun Java SE 6 before Update 17 do ...)
 	- openjdk-6 6b17-1.7-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3885
+CVE-2009-3885 (Sun Java SE 5.0 before Update 22 and 6 before Update 17 on Windows all ...)
 	- openjdk-6 <not-affected> (a problem in code that is unused on non-windows platforms)
 	- sun-java6 <not-affected> (a problem in code that is unused on non-windows platforms)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=530114
-CVE-2009-3884
+CVE-2009-3884 (The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 an ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3883
+CVE-2009-3883 (Multiple unspecified vulnerabilities in the Windows Pluggable Look and ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3882
+CVE-2009-3882 (Multiple unspecified vulnerabilities in the Swing implementation in Su ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3881
+CVE-2009-3881 (Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK,  ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3880
+CVE-2009-3880 (The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3879
+CVE-2009-3879 (Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32Graph ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3878
+CVE-2009-3878 (Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspeci ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2009-3877
+CVE-2009-3877 (Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Upd ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3876
+CVE-2009-3876 (Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Upd ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3875
+CVE-2009-3875 (The MessageDigest.isEqual function in Java Runtime Environment (JRE) i ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3874
+CVE-2009-3874 (Integer overflow in the JPEGImageReader implementation in the ImageI/O ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3873
+CVE-2009-3873 (The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update  ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3872
+CVE-2009-3872 (Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in J ...)
 	- openjdk-6 6b17-1.7-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3871
+CVE-2009-3871 (Heap-based buffer overflow in the setBytePixels function in the Abstra ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3869
+CVE-2009-3869 (Stack-based buffer overflow in the setDiffICM function in the Abstract ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3868
+CVE-2009-3868 (Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before  ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3867
+CVE-2009-3867 (Stack-based buffer overflow in the HsbParser.getSoundBank function in  ...)
 	- openjdk-6 6b17-1.7-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3866
+CVE-2009-3866 (The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Up ...)
 	- openjdk-6 6b17-1.7-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3865
+CVE-2009-3865 (The launch method in the Deployment Toolkit plugin in Java Runtime Env ...)
 	- openjdk-6 6b17-1.7-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3864
+CVE-2009-3864 (The Java Update functionality in Java Runtime Environment (JRE) in Sun ...)
 	- openjdk-6 6b17 (unimportant)
 	- sun-java6 6-17-1 (unimportant)
 	NOTE: a problem in their updater, which is irrelevant since debian
 	NOTE: updates are provided by the security team
-CVE-2009-3863
+CVE-2009-3863 (Buffer overflow in the gxmim1.dll ActiveX control in Novell Groupwise  ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-3862
+CVE-2009-3862 (The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and e ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-3861
+CVE-2009-3861 (Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and ...)
 	NOT-FOR-US: SafeNet SoftRemote
-CVE-2009-3860
+CVE-2009-3860 (Multiple insecure method vulnerabilities in Idefense Labs COMRaider al ...)
 	NOT-FOR-US: Idefense Labs COMRaider
-CVE-2009-3859
+CVE-2009-3859 (Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retin ...)
 	NOT-FOR-US: Retina Network Security Scanner
-CVE-2009-3858
+CVE-2009-3858 (Cross-site scripting (XSS) vulnerability in GejoSoft allows remote att ...)
 	NOT-FOR-US: GejoSoft
-CVE-2009-3857
+CVE-2009-3857 (Buffer overflow in Softonic International SciTE 1.72 allows user-assis ...)
 	NOT-FOR-US: Softonic International SciTE
-CVE-2009-3856
+CVE-2009-3856 (Cross-site scripting (XSS) vulnerability in the default URI in news/ i ...)
 	NOT-FOR-US: Twilight CMS
-CVE-2009-3855
+CVE-2009-3855 (Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux bac ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2009-3854
+CVE-2009-3854 (Buffer overflow in the traditional client scheduler in the client in I ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2009-3853
+CVE-2009-3853 (Stack-based buffer overflow in the client acceptor daemon (CAD) schedu ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2009-3852
+CVE-2009-3852 (Unspecified vulnerability in the XML component in IBM Runtimes for Jav ...)
 	NOT-FOR-US: IBM Runtimes for Java Technology 5.0.0
-CVE-2009-3851
+CVE-2009-3851 (Trusted Extensions in Sun Solaris 10 interferes with the operation of  ...)
 	NOT-FOR-US: Sun Solaris 10
-CVE-2009-3850
+CVE-2009-3850 (Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execut ...)
 	- blender <unfixed> (unimportant)
 	NOTE: attack vector is social engineering to get the user to open
 	NOTE: a malicious .blend file. by design, blend files support
 	NOTE: all python operations, so ultimately any code can be executed
-CVE-2009-3849
+CVE-2009-3849 (Multiple stack-based buffer overflows in HP OpenView Network Node Mana ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-3848
+CVE-2009-3848 (Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-3847
+CVE-2009-3847 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-3846
+CVE-2009-3846 (Multiple heap-based buffer overflows in ovlogin.exe in HP OpenView Net ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-3845
+CVE-2009-3845 (The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-3844
+CVE-2009-3844 (Stack-based buffer overflow in the OmniInet process in HP OpenView Dat ...)
 	NOT-FOR-US: HP OpenView Data Protector Application
-CVE-2009-3843
+CVE-2009-3843 (HP Operations Manager 8.10 on Windows contains a "hidden account" in t ...)
 	NOT-FOR-US: HP Operations Manager
-CVE-2009-3842
+CVE-2009-3842 (Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction ...)
 	NOT-FOR-US: HP Color LaserJet
-CVE-2009-3841
+CVE-2009-3841 (Unspecified vulnerability in HP Discovery &amp; Dependency Mapping Inv ...)
 	NOT-FOR-US: HP Discovery & Dependency Mapping
-CVE-2009-3840
+CVE-2009-3840 (The embedded database engine service (aka ovdbrun.exe) in HP OpenView  ...)
 	NOT-FOR-US: HP OpenView
-CVE-2009-3839
+CVE-2009-3839 (Unspecified vulnerability in the Solaris Trusted Extensions Policy con ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-3838
+CVE-2009-3838 (Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly  ...)
 	NOT-FOR-US: Pegasus Mail
-CVE-2009-3837
+CVE-2009-3837 (Stack-based buffer overflow in Eureka Email 2.2q allows remote POP3 se ...)
 	NOT-FOR-US: Eureka Email
-CVE-2009-3836
+CVE-2009-3836 (ArubaOS 3.3.1.x, 3.3.2.x, RN 3.1.x, 3.4.x, and 3.3.2.x-FIPS on the Aru ...)
 	NOT-FOR-US: ArubaOS
-CVE-2009-3835
+CVE-2009-3835 (SQL injection vulnerability in the JShop (com_jshop) component for Joo ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-3834
+CVE-2009-3834 (SQL injection vulnerability in the Photoblog (com_photoblog) component ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-3833
+CVE-2009-3833 (Cross-site scripting (XSS) vulnerability in index.php in TFTgallery 0. ...)
 	NOT-FOR-US: TFTgallery
-CVE-2009-3832
+CVE-2009-3832 (Opera before 10.01 on Windows does not prevent use of Web fonts in ren ...)
 	NOT-FOR-US: Opera
-CVE-2009-3831
+CVE-2009-3831 (Opera before 10.01 allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Opera
-CVE-2009-3830
+CVE-2009-3830 (The download functionality in Team Services in Microsoft Office ShareP ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-3829
+CVE-2009-3829 (Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows rem ...)
 	{DSA-1942-1}
 	- wireshark 1.2.2-1 (bug #553583)
-CVE-2009-3828
+CVE-2009-3828 (The web interface for Everfocus EDR1600 DVR allows remote attackers to ...)
 	NOT-FOR-US: Everfocus EDR1600 DVR
 CVE-2009-3827
 	RESERVED
-CVE-2009-3826
+CVE-2009-3826 (Multiple buffer overflows in squidGuard 1.4 allow remote attackers to  ...)
 	{DSA-2040-1}
 	- squidguard 1.2.0-9 (low; bug #553319)
-CVE-2009-3825
+CVE-2009-3825 (Multiple directory traversal vulnerabilities in GenCMS 2006 allow remo ...)
 	NOT-FOR-US: GenCMS
-CVE-2009-3824
+CVE-2009-3824 (Directory traversal vulnerability in include/processor.php in Greenwoo ...)
 	NOT-FOR-US: Greenwood PHP Content Manager
-CVE-2009-3823
+CVE-2009-3823 (Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, ...)
 	NOT-FOR-US: Mobilelib GOLD
-CVE-2009-3822
+CVE-2009-3822 (PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat ( ...)
 	NOT-FOR-US: com_ajaxchat component for Joomla
-CVE-2009-3821
+CVE-2009-3821 (Cross-site scripting (XSS) vulnerability in the Apache Solr Search (so ...)
 	NOT-FOR-US: Apache Solr Search extension for TYPO3
-CVE-2009-3820
+CVE-2009-3820 (SQL injection vulnerability in the Flagbit Filebase (fb_filebase) exte ...)
 	NOT-FOR-US: Flagbit Filebase extension for TYPO3
-CVE-2009-3819
+CVE-2009-3819 (Unspecified vulnerability in the Random Images (maag_randomimage) exte ...)
 	NOT-FOR-US: Random Images extension for TYPO3
-CVE-2009-3818
+CVE-2009-3818 (Unspecified vulnerability in the session handling feature in freeCap C ...)
 	NOT-FOR-US: freeCap CAPTCHA for TYPO3
-CVE-2009-3817
+CVE-2009-3817 (PHP remote file inclusion vulnerability in doc/releasenote.php in the  ...)
 	NOT-FOR-US: com_booklibrary component for Joomla!
-CVE-2009-3816
+CVE-2009-3816 (Multiple cross-site scripting (XSS) vulnerabilities in Activities page ...)
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2009-3815
+CVE-2009-3815 (RunCMS 2M1, when running with certain error_reporting levels, allows r ...)
 	NOT-FOR-US: RunCMS 2M1
-CVE-2009-3814
+CVE-2009-3814 (Static code injection vulnerability in RunCMS 2M1 allows remote authen ...)
 	NOT-FOR-US: RunCMS 2M1
-CVE-2009-3813
+CVE-2009-3813 (Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote auth ...)
 	NOT-FOR-US: RunCMS 2M1
-CVE-2009-3812
+CVE-2009-3812 (Heap-based buffer overflow in OtsAV DJ trial version 1.85.64.0, Radio  ...)
 	NOT-FOR-US: OtsAV products
-CVE-2009-3811
+CVE-2009-3811 (Stack-based buffer overflow in Music Tag Editor 1.61 build 212 allows  ...)
 	NOT-FOR-US: Music Tag Editor
-CVE-2009-3810
+CVE-2009-3810 (Heap-based buffer overflow in Acoustica MP3 Audio Mixer 2.471 allows r ...)
 	NOT-FOR-US: Acoustica MP3 Audio Mixer
-CVE-2009-3809
+CVE-2009-3809 (Acoustica MP3 Audio Mixer 1.0 and possibly 2.471 allows remote attacke ...)
 	NOT-FOR-US: Acoustica MP3 Audio Mixer
-CVE-2009-3808
+CVE-2009-3808 (MixSense DJ Studio 1.0.0.1 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: MixSense DJ Studio
-CVE-2009-3807
+CVE-2009-3807 (Stack-based buffer overflow in MixVibes 7.043 Pro allows remote attack ...)
 	NOT-FOR-US: MixVibes
-CVE-2009-3806
+CVE-2009-3806 (SQL injection vulnerability in feedback_js.php in DedeCMS 5.1 allows r ...)
 	NOT-FOR-US: DedeCMS
-CVE-2009-3805
+CVE-2009-3805 (gpg2.exe in Gpg4win 2.0.1, as used in KDE Kleopatra 2.0.11, allows rem ...)
 	NOT-FOR-US: Gpg4win
 	NOTE: looks like an issue in gpg2 for windows (gpg4win.org), not specific
 	NOTE: to kleopatra
-CVE-2009-3804
+CVE-2009-3804 (Multiple SQL injection vulnerabilities in modules/forum/post.php in Ru ...)
 	NOT-FOR-US: RunCMS 2M1
-CVE-2009-3803
+CVE-2009-3803 (Multiple cross-site scripting (XSS) vulnerabilities in Amiro.CMS 5.4.0 ...)
 	NOT-FOR-US: Amiro.CMS
-CVE-2009-3802
+CVE-2009-3802 (Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain sensit ...)
 	NOT-FOR-US: Amiro.CMS
-CVE-2009-3801
+CVE-2009-3801 (SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows re ...)
 	NOT-FOR-US: OpenDocMan
 CVE-2009-XXXX [multiple missing input sanity checks in KDE]
 	- kdelibs 4:3.5.10.dfsg.1-3 (low)
@@ -3330,51 +3330,51 @@ CVE-2009-XXXX [multiple missing input sanity checks in KDE]
 	NOTE: advisory mentions kmail and ark (from kdepim and kdeutils, respectively)
 	NOTE: but the "fixes" linked from the advisory only change code in kdelibs
 	NOTE: more info at oss-sec threads
-CVE-2009-3800
+CVE-2009-3800 (Multiple unspecified vulnerabilities in Adobe Flash Player before 10.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-3799
+CVE-2009-3799 (Integer overflow in the Verifier::parseExceptionHandlers function in A ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-3798
+CVE-2009-3798 (Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-3797
+CVE-2009-3797 (Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 m ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-3796
+CVE-2009-3796 (Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might  ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2009-3795
 	REJECTED
-CVE-2009-3794
+CVE-2009-3794 (Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-3793
+CVE-2009-3793 (Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-3792
+CVE-2009-3792 (Directory traversal vulnerability in Adobe Flash Media Server (FMS) be ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2009-3791
+CVE-2009-3791 (Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.5 ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2009-3790
+CVE-2009-3790 (Heap-based buffer overflow in FormMax (formerly AcroForm) evaluation 3 ...)
 	NOT-FOR-US: FormMax
-CVE-2009-3789
+CVE-2009-3789 (Multiple cross-site scripting (XSS) vulnerabilities in OpenDocMan 1.2. ...)
 	NOT-FOR-US: OpenDocMan
-CVE-2009-3788
+CVE-2009-3788 (SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows re ...)
 	NOT-FOR-US: OpenDocMan
-CVE-2009-3787
+CVE-2009-3787 (files.php in Vivvo CMS 4.1.5.1 allows remote attackers to conduct dire ...)
 	NOT-FOR-US: Vivvo CMS
-CVE-2009-3786
+CVE-2009-3786 (Cross-site scripting (XSS) vulnerability in Organic Groups (OG) Vocabu ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3785
+CVE-2009-3785 (Multiple cross-site request forgery (CSRF) vulnerabilities in Simplene ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3784
+CVE-2009-3784 (Open redirect vulnerability in Simplenews Statistics 6.x before 6.x-2. ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3783
+CVE-2009-3783 (Cross-site scripting (XSS) vulnerability in Simplenews Statistics 6.x  ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3782
+CVE-2009-3782 (Unspecified vulnerability in Userpoints 6.x before 6.x-1.1, a module f ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3781
+CVE-2009-3781 (The filefield_file_download function in FileField 6.x-3.1, a module fo ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3780
+CVE-2009-3780 (Cross-site scripting (XSS) vulnerability in Abuse 5.x before 5.x-2.1 a ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3779
+CVE-2009-3779 (Cross-site scripting (XSS) vulnerability in vCard 5.x before 5.x-1.4 a ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3778
+CVE-2009-3778 (SQL injection vulnerability in Moodle Course List 6.x before 6.x-1.2,  ...)
 	NOT-FOR-US: module for Drupal
 CVE-2009-5045 [multiple vulnerabilities in jetty]
 	RESERVED
@@ -3425,73 +3425,73 @@ CVE-2009-3769
 	RESERVED
 CVE-2009-3768
 	RESERVED
-CVE-2009-3767
+CVE-2009-3767 (libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other  ...)
 	{DSA-1943-1}
 	- openldap 2.4.17-2.1 (low; bug #553432)
 	- openldap2.3 <removed>
-CVE-2009-3766
+CVE-2009-3766 (mutt_ssl.c in mutt 1.5.16 and other versions before 1.5.19, when OpenS ...)
 	- mutt <not-affected> (uses GnuTLS and not OpenSSL)
 	NOTE: our mutt is linked against gnutls, bug #553433
-CVE-2009-3765
+CVE-2009-3765 (mutt_ssl.c in mutt 1.5.19 and 1.5.20, when OpenSSL is used, does not p ...)
 	- mutt <not-affected> (uses GnuTLS and not OpenSSL)
 	NOTE: our mutt is linked against gnutls
-CVE-2009-3764
+CVE-2009-3764 (Unspecified vulnerability in the OpenSSO component in Oracle OpenSSO E ...)
 	NOT-FOR-US: Oracle OpenSSO
-CVE-2009-3763
+CVE-2009-3763 (Unspecified vulnerability in the Access Manager / OpenSSO component in ...)
 	NOT-FOR-US: Oracle OpenSSO
-CVE-2009-3762
+CVE-2009-3762 (Unspecified vulnerability in Oracle OpenSSO Enterprise 8.0 allows remo ...)
 	NOT-FOR-US: Oracle OpenSSO
 CVE-2009-3761
 	RESERVED
-CVE-2009-3760
+CVE-2009-3760 (Static code injection vulnerability in config/writeconfig.php in the s ...)
 	NOT-FOR-US: Citrix XenCenterWeb
-CVE-2009-3759
+CVE-2009-3759 (Multiple cross-site request forgery (CSRF) vulnerabilities in sample c ...)
 	NOT-FOR-US: Citrix XenCenterWeb
-CVE-2009-3758
+CVE-2009-3758 (SQL injection vulnerability in login.php in sample code in the XenServ ...)
 	NOT-FOR-US: Citrix XenCenterWeb
-CVE-2009-3757
+CVE-2009-3757 (Multiple cross-site scripting (XSS) vulnerabilities in sample code in  ...)
 	NOT-FOR-US: Citrix XenCenterWeb
-CVE-2009-3756
+CVE-2009-3756 (phpBMS 0.96 allows remote attackers to obtain sensitive information vi ...)
 	NOT-FOR-US: phpBMS
-CVE-2009-3755
+CVE-2009-3755 (Multiple cross-site scripting (XSS) vulnerabilities in phpBMS 0.96 all ...)
 	NOT-FOR-US: phpBMS
-CVE-2009-3754
+CVE-2009-3754 (Multiple SQL injection vulnerabilities in phpBMS 0.96 allow remote att ...)
 	NOT-FOR-US: phpBMS
-CVE-2009-3753
+CVE-2009-3753 (Unrestricted file upload vulnerability in Opial 1.0 allows remote atta ...)
 	NOT-FOR-US: Opial
-CVE-2009-3752
+CVE-2009-3752 (SQL injection vulnerability in home.php in Opial 1.0 allows remote att ...)
 	NOT-FOR-US: Opial
-CVE-2009-3751
+CVE-2009-3751 (Cross-site scripting (XSS) vulnerability in home.php in Opial 1.0 allo ...)
 	NOT-FOR-US: Opial
-CVE-2009-3750
+CVE-2009-3750 (SQL injection vulnerability in read.php in ToyLog 0.1 allows remote at ...)
 	NOT-FOR-US: ToyLog
-CVE-2009-3749
+CVE-2009-3749 (The Web Administrator service (STEMWADM.EXE) in Websense Personal Emai ...)
 	NOT-FOR-US: Websense Personal Email Manager
-CVE-2009-3748
+CVE-2009-3748 (Multiple cross-site scripting (XSS) vulnerabilities in the Web Adminis ...)
 	NOT-FOR-US: Websense Personal Email Manager
-CVE-2009-3747
+CVE-2009-3747 (Cross-site scripting (XSS) vulnerability in index.php in TBmnetCMS 1.0 ...)
 	NOT-FOR-US: TBmnetCMS
-CVE-2009-3746
+CVE-2009-3746 (XScreenSaver in Sun Solaris 10, when the accessibility feature is enab ...)
 	NOT-FOR-US: XScreenSaver in Sun Solaris 10
-CVE-2009-3745
+CVE-2009-3745 (Cross-site scripting (XSS) vulnerability in the help pages in IBM Rati ...)
 	NOT-FOR-US: IBM Rational AppScan Enterprise Edition
-CVE-2009-3744
+CVE-2009-3744 (rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote atta ...)
 	NOT-FOR-US: EMC RepliStor
-CVE-2009-3743
+CVE-2009-3743 (Off-by-one error in the Ins_MINDEX function in the TrueType bytecode i ...)
 	- ghostscript 8.71~dfsg-1
-CVE-2009-3742
+CVE-2009-3742 (Cross-site scripting (XSS) vulnerability in Liferay Portal before 5.3. ...)
 	- liferay-portal <itp> (bug #569819)
 CVE-2009-3741
 	REJECTED
 CVE-2009-3740
 	RESERVED
-CVE-2009-3739
+CVE-2009-3739 (Multiple unspecified vulnerabilities on the Rockwell Automation AB Mic ...)
 	NOT-FOR-US: Micrologix
 CVE-2009-3738
 	RESERVED
-CVE-2009-3737
+CVE-2009-3737 (The Oracle Siebel Option Pack for IE ActiveX control does not properly ...)
 	NOT-FOR-US: Oracle Siebel Option Pack
-CVE-2009-3736
+CVE-2009-3736 (ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as us ...)
 	{DSA-1958-1}
 	- libtool 2.2.6b-1 (low; bug #559797)
 	- arts <not-affected> (Uses absolute path to the sound backend)
@@ -3591,39 +3591,39 @@ CVE-2009-3736
 	NOTE: might've been fixed earlier
 	- graphviz 2.26.3-14 (low; bug #702436)
 	[squeeze] - graphviz 2.26.3-5+squeeze1
-CVE-2009-3735
+CVE-2009-3735 (The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3 ...)
 	NOT-FOR-US: ActiveScan Installer ActiveX control
-CVE-2009-3734
+CVE-2009-3734 (Unspecified vulnerability in the management console in the S2 Security ...)
 	NOT-FOR-US: S2 Security Linear eMerge Access Control System
 CVE-2009-XXXX [mandos 0600 file being included in initrd]
 	- mandos 1.0.13-1 (bug #551907)
-CVE-2009-3733
+CVE-2009-3733 (Directory traversal vulnerability in VMware Server 1.x before 1.0.10 b ...)
 	- vmware-package <removed>
-CVE-2009-3732
+CVE-2009-3732 (Format string vulnerability in vmware-vmrc.exe build 158248 in VMware  ...)
 	NOT-FOR-US: VMware
-CVE-2009-3731
+CVE-2009-3731 (Multiple cross-site scripting (XSS) vulnerabilities in WebWorks Help 2 ...)
 	NOT-FOR-US: WebWorks Help
-CVE-2009-3730
+CVE-2009-3730 (Multiple cross-site scripting (XSS) vulnerabilities in the ReqWeb Help ...)
 	NOT-FOR-US: ReqWeb
-CVE-2009-3729
+CVE-2009-3729 (Unspecified vulnerability in the TrueType font parsing functionality i ...)
 	- openjdk-6 6b17-1.7-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3728
+CVE-2009-3728 (Directory traversal vulnerability in the ICC_Profile.getInstance metho ...)
 	- openjdk-6 6b17~pre3-1 (medium; bug #560908)
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-3727
+CVE-2009-3727 (Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0 ...)
 	{DSA-1952-1}
 	- asterisk 1:1.6.2.0~rc6-1
 	[lenny] - asterisk <no-dsa> (Minor issue)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3726
+CVE-2009-3726 (The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client i ...)
 	{DSA-2005-1 DSA-2003-1}
 	- linux-2.6 2.6.31-1 (medium)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-3725
+CVE-2009-3725 (The connector layer in the Linux kernel before 2.6.31.5 does not requi ...)
 	{DSA-2012-1}
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
@@ -3637,7 +3637,7 @@ CVE-2009-3723 [Unauthorized calls allowed on prohibited networks in asterisk]
 	[lenny] - asterisk <not-affected>
 	- asterisk 1:1.6.2.0~rc3-2 (medium; bug #552756)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2009-007.html
-CVE-2009-3722
+CVE-2009-3722 (The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in t ...)
 	{DSA-1962-1}
 	[etch] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1)
 	[lenny] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1)
@@ -3651,7 +3651,7 @@ CVE-2009-3721 [ytnef buffer overflow]
 	[lenny] - ytnef <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
 	NOTE: This doesn't affect Evolution, the TNEF plugin is external
-CVE-2009-3720
+CVE-2009-3720 (The updatePosition function in lib/xmltok_impl.c in libexpat in Expat  ...)
 	{DSA-1977-1 DSA-1921-1}
 	- expat 2.0.1-5 (low; bug #551936)
 	- mcabber 0.10.0-1 (low; bug #601053)
@@ -3708,72 +3708,72 @@ CVE-2009-3720
 	- vnc4 <not-affected> (Not affected, see bug #560949)
 	- xotcl 1.6.5-1.2 (low; bug #560950)
 	[lenny] - xotcl <no-dsa> (minor issue)
-CVE-2009-3719
+CVE-2009-3719 (Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog ...)
 	NOT-FOR-US: Battle Blog
-CVE-2009-3718
+CVE-2009-3718 (SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1 ...)
 	NOT-FOR-US: Battle Blog
-CVE-2009-3717
+CVE-2009-3717 (Heap-based buffer overflow in LucVil PatPlayer 3.9 allows remote attac ...)
 	NOT-FOR-US: LucVil PatPlayer
-CVE-2009-3716
+CVE-2009-3716 (Unrestricted file upload vulnerability in admin.php in MCshoutbox 1.1  ...)
 	NOT-FOR-US: MCshoutbox
-CVE-2009-3715
+CVE-2009-3715 (Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox  ...)
 	NOT-FOR-US: MCshoutbox
-CVE-2009-3714
+CVE-2009-3714 (Cross-site scripting (XSS) vulnerability in admin_login.php in MCshout ...)
 	NOT-FOR-US: MCshoutbox
-CVE-2009-3713
+CVE-2009-3713 (SQL injection vulnerability in fichero.php in MorcegoCMS 1.7.6 and ear ...)
 	NOT-FOR-US: MorcegoCMS
-CVE-2009-3712
+CVE-2009-3712 (Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote ...)
 	NOT-FOR-US: Ebay Clone 2009
-CVE-2009-3711
+CVE-2009-3711 (Stack-based buffer overflow in the h_handlepeer function in http.cpp i ...)
 	NOT-FOR-US: httpdx
-CVE-2009-3710
+CVE-2009-3710 (RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username  ...)
 	NOT-FOR-US: RioRey RIOS
-CVE-2009-3709
+CVE-2009-3709 (Stack-based buffer overflow in the Meta Content Optimizer in Konae Tec ...)
 	NOT-FOR-US: Konae Technologies Alleycode HTML Editor
-CVE-2009-3708
+CVE-2009-3708 (Stack-based buffer overflow in the Meta Content Optimizer in Konae Tec ...)
 	NOT-FOR-US: Konae Technologies Alleycode HTML Editor
-CVE-2009-3707
+CVE-2009-3707 (VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Aut ...)
 	NOT-FOR-US: VMware
-CVE-2009-3706
+CVE-2009-3706 (Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and ...)
 	NOT-FOR-US: ZFS filesystem in Sun Solaris
-CVE-2009-3705
+CVE-2009-3705 (PHP remote file inclusion vulnerability in debugger.php in Achievo bef ...)
 	NOT-FOR-US: Achievo
-CVE-2009-3704
+CVE-2009-3704 (ZoIPer 2.22, and possibly other versions before 2.24 Library 5324, all ...)
 	NOT-FOR-US: ZoIPer
-CVE-2009-3703
+CVE-2009-3703 (Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2 ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2009-3702
+CVE-2009-3702 (Multiple absolute path traversal vulnerabilities in PHP-Calendar 1.1 a ...)
 	NOT-FOR-US: PHP-Calendar
-CVE-2009-3701
+CVE-2009-3701 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	{DSA-1966-1}
 	- horde3 3.3.6+debian0-1 (low)
 	NOTE: In order to successfully exploit this vulnerability the targeted user has to be logged as an administrator.
-CVE-2009-3700
+CVE-2009-3700 (Buffer overflow in sgLog.c in squidGuard 1.3 and 1.4 allows remote att ...)
 	{DSA-2040-1}
 	- squidguard 1.2.0-9 (low; bug #553319)
-CVE-2009-3699
+CVE-2009-3699 (Stack-based buffer overflow in libcsa.a (aka the calendar daemon libra ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-3698
+CVE-2009-3698 (An unspecified function in the Dalvik API in Android 1.5 and earlier a ...)
 	NOT-FOR-US: Dalvik API in Android
-CVE-2009-3697
+CVE-2009-3697 (SQL injection vulnerability in the PDF schema generator functionality  ...)
 	{DSA-1918-1}
 	- phpmyadmin 4:3.2.2.1-1
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2009-3696
+CVE-2009-3696 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2 ...)
 	{DSA-1918-1}
 	- phpmyadmin 4:3.2.2.1-1
 CVE-2009-3610
 	REJECTED
-CVE-2009-3695
+CVE-2009-3695 (Algorithmic complexity vulnerability in the forms library in Django 1. ...)
 	{DSA-1905-1}
 	- python-django 1.1.1-1 (medium; bug #550457)
 	[etch] - python-django <not-affected> (introduced in 1.0)
 	[lenny] - python-django 1.0.2-1+lenny2
-CVE-2009-3694
+CVE-2009-3694 (Directory traversal vulnerability in config/config.php in ezRecipe-Zee ...)
 	NOT-FOR-US: ezRecipe-Zee 91
-CVE-2009-3693
+CVE-2009-3693 (Directory traversal vulnerability in the Persits.XUpload.2 ActiveX con ...)
 	NOT-FOR-US: Persits.XUpload.2 ActiveX
-CVE-2009-3691
+CVE-2009-3691 (Multiple integer overflows in setnet32.exe 3.50.0.13752 in IBM Informi ...)
 	NOT-FOR-US: IBM Informix Client SDK
 CVE-2009-3690
 	RESERVED
@@ -3799,181 +3799,181 @@ CVE-2009-3680
 	REJECTED
 CVE-2009-3679
 	REJECTED
-CVE-2009-3678
+CVE-2009-3678 (Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in M ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-3677
+CVE-2009-3677 (The Internet Authentication Service (IAS) in Microsoft Windows 2000 SP ...)
 	NOT-FOR-US: Microsoft Internet Authentication Service
-CVE-2009-3676
+CVE-2009-3676 (The SMB client in the kernel in Microsoft Windows Server 2008 R2 and W ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2009-3675
+CVE-2009-3675 (LSASS.exe in the Local Security Authority Subsystem Service (LSASS) in ...)
 	NOT-FOR-US: Microsoft Local Security Authority Subsystem Service
-CVE-2009-3674
+CVE-2009-3674 (Microsoft Internet Explorer 8 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3673
+CVE-2009-3673 (Microsoft Internet Explorer 7 and 8 does not properly handle objects i ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3672
+CVE-2009-3672 (Microsoft Internet Explorer 6 and 7 does not properly handle objects i ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3671
+CVE-2009-3671 (Microsoft Internet Explorer 8 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3670
+CVE-2009-3670 (Stack-based buffer overflow in KSP Sound Player 2009 R2 and R2.1 allow ...)
 	NOT-FOR-US: KSP Sound Player
-CVE-2009-3669
+CVE-2009-3669 (SQL injection vulnerability in the foobla Suggestions (com_foobla_sugg ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-3668
+CVE-2009-3668 (Cross-site scripting (XSS) vulnerability in ardguest.php in Ardguest 1 ...)
 	NOT-FOR-US: Ardguest 1.8
-CVE-2009-3667
+CVE-2009-3667 (SQL injection vulnerability in admin/index.php in AdsDX 3.05 allows re ...)
 	NOT-FOR-US: AdsDX
-CVE-2009-3666
+CVE-2009-3666 (Cross-site scripting (XSS) vulnerability in index.php in Nullam Blog 0 ...)
 	NOT-FOR-US: Nullam Blog
-CVE-2009-3665
+CVE-2009-3665 (Multiple SQL injection vulnerabilities in index.php in Nullam Blog 0.1 ...)
 	NOT-FOR-US: Nullam Blog
-CVE-2009-3664
+CVE-2009-3664 (Multiple directory traversal vulnerabilities in index.php in Nullam Bl ...)
 	NOT-FOR-US: Nullam Blog
-CVE-2009-3663
+CVE-2009-3663 (Format string vulnerability in the h_readrequest function in http.c in ...)
 	NOT-FOR-US: httpdx
-CVE-2009-3662
+CVE-2009-3662 (FileCopa FTP Server 5.01 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: FileCopa FTP Server
-CVE-2009-3661
+CVE-2009-3661 (Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalo ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3660
+CVE-2009-3660 (PHP remote file inclusion vulnerability in libraries/database.php in E ...)
 	NOT-FOR-US: Efront
-CVE-2009-3659
+CVE-2009-3659 (SQL injection vulnerability in file/stats.php in BS Counter 2.5.3 allo ...)
 	NOT-FOR-US: BS Counter
-CVE-2009-3658
+CVE-2009-3658 (Use-after-free vulnerability in the Sb.SuperBuddy.1 ActiveX control (s ...)
 	NOT-FOR-US: Sb.SuperBuddy.1 ActiveX
-CVE-2009-3657
+CVE-2009-3657 (Session fixation vulnerability in Shared Sign-On 5.x and 6.x, a module ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3656
+CVE-2009-3656 (Cross-site request forgery (CSRF) vulnerability in Shared Sign-On 5.x  ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3655
+CVE-2009-3655 (Rhino Software Serv-U 7.0.0.1 through 8.2.0.3 allows remote attackers  ...)
 	NOT-FOR-US: Rhino Software Serv-U
-CVE-2009-3654
+CVE-2009-3654 (Unspecified vulnerability in Boost before 6.x-1.03, a module for Drupa ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3653
+CVE-2009-3653 (Cross-site scripting (XSS) vulnerability in the additional links inter ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3652
+CVE-2009-3652 (Cross-site scripting (XSS) vulnerability in Organic Groups (OG) 5.x-7. ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3651
+CVE-2009-3651 (Cross-site scripting (XSS) vulnerability in the "Monitor browsers' fea ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3650
+CVE-2009-3650 (Cross-site scripting (XSS) vulnerability in Dex 5.x-1.0 and earlier an ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3649
+CVE-2009-3649 (Cross-site scripting (XSS) vulnerability in forums/index.php in Power  ...)
 	NOT-FOR-US: PBBoard
-CVE-2009-3648
+CVE-2009-3648 (Cross-site scripting (XSS) vulnerability in Service Links 6.x-1.0, a m ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3647
+CVE-2009-3647 (Cross-site scripting (XSS) vulnerability in emaullinks.php in YABSoft  ...)
 	NOT-FOR-US: YABSoft Mega File Hosting Script (aka MFH or MFHS)
-CVE-2009-3646
+CVE-2009-3646 (InterVations NaviCOPA Web Server 3.01 allows remote attackers to obtai ...)
 	NOT-FOR-US: NaviCOPA Web Server
-CVE-2009-3645
+CVE-2009-3645 (SQL injection vulnerability in the JoomlaCache CB Resume Builder (com_ ...)
 	NOT-FOR-US: JoomlaCache
-CVE-2009-3644
+CVE-2009-3644 (SQL injection vulnerability in the Soundset (com_soundset) component 1 ...)
 	NOT-FOR-US: Joomla component
-CVE-2009-3643
+CVE-2009-3643 (Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote attackers to c ...)
 	NOT-FOR-US: Dxmsoft XM Easy Personal FTP Server
-CVE-2009-3642
+CVE-2009-3642 (Multiple SQL injection vulnerabilities in the Call Logging feature in  ...)
 	NOT-FOR-US: FrontRange HEAT
-CVE-2009-3641
+CVE-2009-3641 (Snort before 2.8.5.1, when the -v option is enabled, allows remote att ...)
 	- snort 2.8.5.2-1 (unimportant; bug #553584)
 	NOTE: current debian packages are not compiled with support for ipv6
-CVE-2009-3640
+CVE-2009-3640 (The update_cr8_intercept function in arch/x86/kvm/x86.c in the KVM sub ...)
 	- linux-2.6 2.6.31-1 (medium)
 	[lenny] - linux-2.6 <not-affected> (introduced post 2.6.27)
 	[etch] - linux-2.6 <not-affected> (introduced post 2.6.27)
 	- linux-2.6.24 <not-affected> (introduced post 2.6.27)
 	- kvm 88+dfsg-2 (medium; bug #557737)
 	[lenny] - kvm <not-affected> (Vulnerable code not present)
-CVE-2009-3639
+CVE-2009-3639 (The mod_tls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2 ...)
 	{DSA-1925-1}
 	- proftpd-dfsg 1.3.2a-2 (low)
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=3275
-CVE-2009-3638
+CVE-2009-3638 (Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in  ...)
 	{DSA-1962-1 DSA-1927-1}
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.25)
 	NOTE: fixed in upstream 2.6.32-rc4
 	- linux-2.6.24 <not-affected> (introduced in 2.6.25)
 	- kvm <removed> (medium; bug #562076)
-CVE-2009-3637
+CVE-2009-3637 (Stack-based buffer overflow in the M_AddToServerList function in clien ...)
 	- alien-arena 7.33-1 (medium; bug #552038)
 	[lenny] - alien-arena 7.0-1+lenny1
-CVE-2009-3636
+CVE-2009-3636 (Cross-site scripting (XSS) vulnerability in the Install Tool subcompon ...)
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3635
+CVE-2009-3635 (The Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x befor ...)
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3634
+CVE-2009-3634 (Cross-site scripting (XSS) vulnerability in the Frontend Login Box (ak ...)
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3633
+CVE-2009-3633 (Cross-site scripting (XSS) vulnerability in the t3lib_div::quoteJSvalu ...)
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3632
+CVE-2009-3632 (SQL injection vulnerability in the traditional frontend editing featur ...)
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3631
+CVE-2009-3631 (The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1 ...)
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3630
+CVE-2009-3630 (The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1 ...)
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3629
+CVE-2009-3629 (Multiple cross-site scripting (XSS) vulnerabilities in the Backend sub ...)
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3628
+CVE-2009-3628 (The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1 ...)
 	{DSA-1926-1}
 	- typo3-src 4.2.10-1 (medium; bug #552020)
-CVE-2009-3627
+CVE-2009-3627 (The decode_entities function in util.c in HTML-Parser before 3.63 allo ...)
 	{DSA-1923-1}
 	- libhtml-parser-perl 3.64-1 (bug #552531)
 	NOTE: http://secunia.com/advisories/37155/
-CVE-2009-3626
+CVE-2009-3626 (Perl 5.10.1 allows context-dependent attackers to cause a denial of se ...)
 	- perl 5.10.1-6 (bug #552291)
 	[lenny] - perl <not-affected> (Vulnerable code not present)
 	[etch] - perl <not-affected> (Vulnerable code not present)
-CVE-2009-3625
+CVE-2009-3625 (Directory traversal vulnerability in www/index.php in Sahana 0.6.2.2 a ...)
 	- sahana <itp> (bug #497414)
-CVE-2009-3624
+CVE-2009-3624 (The get_instantiation_keyring function in security/keys/keyctl.c in th ...)
 	- linux-2.6 2.6.31-2 (low)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.29)
 	NOTE: fixed upstream in 2.6.32-rc5
-CVE-2009-3623
+CVE-2009-3623 (The lookup_cb_cred function in fs/nfsd/nfs4callback.c in the nfsd4 sub ...)
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.31)
-CVE-2009-3622
+CVE-2009-3622 (Algorithmic complexity vulnerability in wp-trackback.php in WordPress  ...)
 	- wordpress 2.8.5-1
 	[lenny] - wordpress 2.5.1-11+lenny3
 	[etch] - wordpress 2.0.10-1etch6
 	NOTE: http://seclists.org/fulldisclosure/2009/Oct/263
-CVE-2009-3621
+CVE-2009-3621 (net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows loc ...)
 	{DSA-1929-1 DSA-1928-1 DSA-1927-1}
 	- linux-2.6 2.6.31-2 (low)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-3620
+CVE-2009-3620 (The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-g ...)
 	{DSA-1928-1 DSA-1927-1}
 	- linux-2.6 2.6.32-1 (medium)
 	- linux-2.6.24 <removed> (medium)
 	NOTE: https://git.kernel.org/linus/7dc482dfeeeefcfd000d4271c4626937406756d7
-CVE-2009-3619
+CVE-2009-3619 (Unspecified vulnerability in ViewVC 1.0 before 1.0.9 and 1.1 before 1. ...)
 	- viewvc 1.0.9-1 (low; bug #545779; bug #560903)
-CVE-2009-3618
+CVE-2009-3618 (Cross-site scripting (XSS) vulnerability in viewvc.py in ViewVC 1.0 be ...)
 	- viewvc 1.0.9-1 (low; bug #545779; bug #560903)
-CVE-2009-3617
+CVE-2009-3617 (Format string vulnerability in the AbstractCommand::onAbort function i ...)
 	- aria2 1.6.2-1 (low)
 	[lenny] - aria2 <not-affected> (Vulnerable code not present)
 	[etch] - aria2 <not-affected> (Vulnerable code not present)
-CVE-2009-3616
+CVE-2009-3616 (Multiple use-after-free vulnerabilities in vnc.c in the VNC server in  ...)
 	- qemu 0.11.0-1 (medium; bug #553589)
 	[lenny] - qemu <not-affected> (Vulnerable code not present)
 	[etch] - qemu <not-affected> (Vulnerable code not present)
 	- kvm <removed> (medium; bug #553590)
 	[lenny] - kvm <not-affected> (Vulnerable code not present)
-CVE-2009-3615
+CVE-2009-3615 (The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adiu ...)
 	{DSA-1932-1}
 	- pidgin 2.6.3-1
 	NOTE: http://pidgin.im/news/security/?id=41
@@ -3982,159 +3982,159 @@ CVE-2009-3614 [oping suid 0 arbitrary file disclosure]
 	- liboping 1.3.3-1 (low; bug #548684)
 	[lenny] - liboping <not-affected> (doesn't have -f option yet)
 	[etch] - liboping <not-affected> (doesn't have -f option yet)
-CVE-2009-3613
+CVE-2009-3613 (The swiotlb functionality in the r8169 driver in drivers/net/r8169.c i ...)
 	{DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.29-1 (medium)
 	- linux-2.6.24 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2009/10/15/4
-CVE-2009-3612
+CVE-2009-3612 (The tcf_fill_node function in net/sched/cls_api.c in the netlink subsy ...)
 	{DSA-1929-1 DSA-1928-1 DSA-1927-1}
 	- linux-2.6 2.6.31-2 (low)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-3611
+CVE-2009-3611 (common/snapshots.py in Back In Time (aka backintime) 0.9.26 changes ce ...)
 	- backintime 0.9.26-3 (bug #543785)
-CVE-2009-3609
+CVE-2009-3609 (Integer overflow in the ImageStream::ImageStream function in Stream.cc ...)
 	{DSA-2050-1 DSA-2028-1 DSA-1941-1}
 	- xpdf 3.02-2 (medium; bug #551287)
 	- poppler 0.12.2-1 (medium; bug #551289)
 	- kdegraphics 4:4.0 (medium; bug #551290)
 	- swftools 0.9.2+ds1-2
-CVE-2009-3608
+CVE-2009-3608 (Integer overflow in the ObjectStream::ObjectStream function in XRef.cc ...)
 	{DSA-2050-1 DSA-2028-1 DSA-1941-1}
 	- xpdf 3.02-2 (medium; bug #551287)
 	- poppler 0.12.2-1 (medium; bug #551289)
 	- kdegraphics 4:4.0 (medium; bug #551290)
 	- swftools 0.9.2+ds1-2
-CVE-2009-3607
+CVE-2009-3607 (Integer overflow in the create_surface_from_thumbnail_data function in ...)
 	{DSA-1941-1}
 	- poppler 0.12.2-1 (medium; bug #551289)
-CVE-2009-3606
+CVE-2009-3606 (Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf bef ...)
 	{DSA-2050-1 DSA-2028-1 DSA-1941-1}
 	- xpdf 3.02-2 (medium; bug #551287)
 	- poppler 0.12.2-1 (medium; bug #551289)
 	- kdegraphics 4:4.0 (medium; bug #551290)
 	- swftools 0.9.2+ds1-2
-CVE-2009-3605
+CVE-2009-3605 (Multiple integer overflows in Poppler 0.10.5 and earlier allow remote  ...)
 	{DSA-1941-1}
 	- poppler 0.12.2-1 (medium; bug #551289)
-CVE-2009-3604
+CVE-2009-3604 (The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before ...)
 	{DSA-2050-1 DSA-2028-1 DSA-1941-1}
 	- xpdf 3.02-2 (medium; bug #551287)
 	- poppler 0.12.2-1 (medium; bug #551289)
 	- kdegraphics 4:4.0 (medium; bug #551290)
 	- swftools 0.9.2+ds1-2
-CVE-2009-3603
+CVE-2009-3603 (Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3. ...)
 	{DSA-2050-1 DSA-2028-1 DSA-1941-1}
 	- xpdf 3.02-2 (medium; bug #551287)
 	- poppler 0.12.2-1 (medium; bug #551289)
 	- kdegraphics 4:4.0 (medium; bug #551290)
 	- swftools 0.9.2+ds1-2
-CVE-2009-3591
+CVE-2009-3591 (Dopewars 1.5.12 allows remote attackers to cause a denial of service ( ...)
 	- dopewars 1.5.12-9 (low; bug #550913)
 	[etch] - dopewars <no-dsa> (negligible issue)
 	[lenny] - dopewars <no-dsa> (neglibigble issue)
-CVE-2009-3589
+CVE-2009-3589 (incron 0.5.5 does not initialize supplementary groups when running a p ...)
 	- incron 0.5.7-1
-CVE-2009-3588
+CVE-2009-3588 (Unspecified vulnerability in the arclib component in the Anti-Virus en ...)
 	NOT-FOR-US: eTrust Antivirus
-CVE-2009-3587
+CVE-2009-3587 (Unspecified vulnerability in the arclib component in the Anti-Virus en ...)
 	NOT-FOR-US: eTrust Antivirus
-CVE-2009-3586
+CVE-2009-3586 (Off-by-one error in src/http.c in CoreHTTP 0.5.3.1 and earlier allows  ...)
 	NOT-FOR-US: CoreHTTP
-CVE-2009-3585
+CVE-2009-3585 (Session fixation vulnerability in html/Elements/SetupSessionCookie in  ...)
 	{DSA-1944-1}
 	- request-tracker3.4 <removed>
 	- request-tracker3.6 3.6.9-2 (low)
-CVE-2009-3584
+CVE-2009-3584 (SQL-Ledger 2.8.24 does not set the secure flag for the session cookie  ...)
 	- sql-ledger <unfixed> (unimportant; bug #562639)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2009-3583
+CVE-2009-3583 (Directory traversal vulnerability in the Preferences menu item in SQL- ...)
 	- sql-ledger <unfixed> (unimportant; bug #562639)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2009-3582
+CVE-2009-3582 (Multiple SQL injection vulnerabilities in the delete subroutine in SQL ...)
 	- sql-ledger <unfixed> (unimportant; bug #562639)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2009-3581
+CVE-2009-3581 (Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8. ...)
 	- sql-ledger <unfixed> (unimportant; bug #562639)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2009-3580
+CVE-2009-3580 (Cross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger ...)
 	- sql-ledger <unfixed> (unimportant; bug #562639)
 	NOTE: Only supported behind an authenticated HTTP zone, see README.Debian
-CVE-2009-3578
+CVE-2009-3578 (Autodesk Maya 8.0, 8.5, 2008, 2009, and 2010 and Alias Wavefront Maya  ...)
 	NOT-FOR-US: Autodesk Maya
-CVE-2009-3577
+CVE-2009-3577 (Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through 2010 allo ...)
 	NOT-FOR-US: Autodesk
-CVE-2009-3576
+CVE-2009-3576 (Autodesk Softimage 7.x and Softimage XSI 6.x allow remote attackers to ...)
 	NOT-FOR-US: Autodesk Softimage
-CVE-2009-3575
+CVE-2009-3575 (Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, 1.2 ...)
 	{DSA-1957-1}
 	- aria2 1.2.0-1 (low; bug #551070)
 	[etch] - aria2 <not-affected> (Vulnerable code not present)
-CVE-2009-3571
+CVE-2009-3571 (Unspecified vulnerability in OpenOffice.org (OOo) has unknown impact a ...)
 	NOT-FOR-US: Unidentified exploit for OpenOffice, hasn't materialised in any form
-CVE-2009-3570
+CVE-2009-3570 (Unspecified vulnerability in OpenOffice.org (OOo) has unspecified impa ...)
 	NOT-FOR-US: Unidentified exploit for OpenOffice, hasn't materialised in any form
-CVE-2009-3569
+CVE-2009-3569 (Stack-based buffer overflow in OpenOffice.org (OOo) allows remote atta ...)
 	NOT-FOR-US: Unidentified exploit for OpenOffice, hasn't materialised in any form
-CVE-2009-3568
+CVE-2009-3568 (Comment RSS 5.x before 5.x-2.2 and 6.x before 6.x-2.2, a module for Dr ...)
 	NOT-FOR-US: module for Drupal
-CVE-2009-3692
+CVE-2009-3692 (Unspecified vulnerability in the VBoxNetAdpCtl configuration tool in S ...)
 	- virtualbox-ose 3.0.8-dfsg-1
 	[lenny] - virtualbox-ose <not-affected> (vulnerable code not present)
-CVE-2009-3602
+CVE-2009-3602 (Unbound before 1.3.4 does not properly verify signatures for NSEC3 rec ...)
 	{DSA-1963-1}
 	- unbound 1.3.4-1 (low)
 	NOTE: http://unbound.net/pipermail/unbound-users/2009-October/000852.html
-CVE-2009-3601
+CVE-2009-3601 (Cross-site scripting (XSS) vulnerability in demo_page.php in Scriptsez ...)
 	NOT-FOR-US: Scriptsez Ultimate Poll
-CVE-2009-3600
+CVE-2009-3600 (HUBScript 1.0 allows remote attackers to obtain configuration informat ...)
 	NOT-FOR-US: HUBScript
-CVE-2009-3599
+CVE-2009-3599 (Cross-site scripting (XSS) vulnerability in single_winner1.php in HUBS ...)
 	NOT-FOR-US: HUBScript
-CVE-2009-3598
+CVE-2009-3598 (Cross-site scripting (XSS) vulnerability in survey_result.php in eCard ...)
 	NOT-FOR-US: eCardMAX FormXP
-CVE-2009-3597
+CVE-2009-3597 (Digitaldesign CMS 0.1 stores sensitive information under the web root  ...)
 	NOT-FOR-US: Digitaldesign CMS
-CVE-2009-3596
+CVE-2009-3596 (JoxTechnology Ajox Poll does not properly restrict access to admin/man ...)
 	NOT-FOR-US: JoxTechnology Ajox Poll
-CVE-2009-3595
+CVE-2009-3595 (SQL injection vulnerability in results.php in VS PANEL 7.5.5 allows re ...)
 	NOT-FOR-US: VS PANEL
-CVE-2009-3594
+CVE-2009-3594 (Cross-site scripting (XSS) vulnerability in bpost.php in BLOB Blog Sys ...)
 	NOT-FOR-US: BLOB Blog System
-CVE-2009-3593
+CVE-2009-3593 (Multiple cross-site scripting (XSS) vulnerabilities in Freelancers 1.0 ...)
 	NOT-FOR-US: Freelancers
-CVE-2009-3592
+CVE-2009-3592 (Cross-site scripting (XSS) vulnerability in customer/home.php in Quali ...)
 	NOT-FOR-US: Qualiteam X-Cart
-CVE-2009-3590
+CVE-2009-3590 (SQL injection vulnerability in showcat.php in VS PANEL 7.3.6 allows re ...)
 	NOT-FOR-US: VS PANEL
-CVE-2009-3574
+CVE-2009-3574 (Tuniac 090517c allows remote attackers to cause a denial of service (c ...)
 	NOT-FOR-US: Tuniac
-CVE-2009-3573
+CVE-2009-3573 (Multiple insecure method vulnerabilities in the PDIControl.PDI.1 Activ ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-3572
+CVE-2009-3572 (OpenBSD 4.4, 4.5, and 4.6, when running on an i386 kernel, does not pr ...)
 	NOT-FOR-US: OpenBSD
-CVE-2009-3567
+CVE-2009-3567 (Cross-site scripting (XSS) vulnerability in modules/tickets/functions_ ...)
 	NOT-FOR-US: Kayako SupportSuite and eSupport
-CVE-2009-3579
+CVE-2009-3579 (Cross-site scripting (XSS) vulnerability in the CookieDump.java sample ...)
 	- jetty <unfixed> (unimportant)
 	NOTE: http://www.coresecurity.com/content/jetty-persistent-xss
 	NOTE: only an example application
-CVE-2009-3566
+CVE-2009-3566 (McAfee IntruShield Network Security Manager (NSM) before 5.1.11.8.1 do ...)
 	NOT-FOR-US: McAfee IntruShield Network Security Manager
-CVE-2009-3565
+CVE-2009-3565 (Multiple cross-site scripting (XSS) vulnerabilities in intruvert/jsp/m ...)
 	NOT-FOR-US: McAfee IntruShield Network Security Manager
-CVE-2009-3564
+CVE-2009-3564 (puppetmasterd in puppet 0.24.6 does not reset supplementary groups whe ...)
 	- puppet 0.25.1-3 (low; bug #551073)
 	[etch] - puppet <no-dsa> (minor issue)
 	[lenny] - puppet <no-dsa> (minor issue)
-CVE-2009-3563
+CVE-2009-3563 (ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote  ...)
 	{DSA-1948-1}
 	- ntp 1:4.2.4p8+dfsg-1 (medium; bug #560074)
-CVE-2009-3562
+CVE-2009-3562 (Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 al ...)
 	NOT-FOR-US: Xerver HTTP Server
-CVE-2009-3561
+CVE-2009-3561 (Directory traversal vulnerability in Xerver HTTP Server 4.32 allows re ...)
 	NOT-FOR-US: Xerver HTTP Server
-CVE-2009-3560
+CVE-2009-3560 (The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ...)
 	{DSA-1977-1 DSA-1953-2 DSA-1953-1}
 	- expat 2.0.1-6 (low; bug #560901)
 	- mcabber 0.10.0-1 (low; bug #601053)
@@ -4192,16 +4192,16 @@ CVE-2009-3560
 CVE-2009-3559
 	- php5 <removed> (unimportant)
 	NOTE: safe_mode regression
-CVE-2009-3558
+CVE-2009-3558 (The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 an ...)
 	- php5 5.2.12.dfsg.1-1 (unimportant)
 	NOTE: open_basedir bypass
-CVE-2009-3557
+CVE-2009-3557 (The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5 ...)
 	- php5 5.2.12.dfsg.1-1 (unimportant)
 	NOTE: safe_mode bypass
-CVE-2009-3556
+CVE-2009-3556 (A certain Red Hat configuration step for the qla2xxx driver in the Lin ...)
 	- linux-2.6 <not-affected> (redhat-specific configuration issue)
 	- linux-2.6.24 <not-affected> (redhat-specific configuration issue)
-CVE-2009-3555
+CVE-2009-3555 (The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as us ...)
 	{DSA-3253-1 DSA-2626-1 DSA-2141-2 DSA-2141-1 DSA-1934-1 DLA-400-1}
 	- apache2 2.2.14-2
 	- openssl 0.9.8k-6
@@ -4233,10 +4233,10 @@ CVE-2009-3555
 	NOTE: - apache 2.2.15-1
 	NOTE: - nss 3.12.6-1
 	NOTE: - sun-java6 6.19-1
-CVE-2009-3554
+CVE-2009-3554 (Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EA ...)
 	- jbossas4 4.2.2.GA-1 (bug #562000)
 	[lenny] - jbossas4 <no-dsa> (Contrib not supported)
-CVE-2009-3553
+CVE-2009-3553 (Use-after-free vulnerability in the abstract file-descriptor handling  ...)
 	{DSA-2176-1}
 	- cups 1.4.2-4 (low; bug #557740)
 	[lenny] - cups <no-dsa> (Minor issue)
@@ -4245,24 +4245,24 @@ CVE-2009-3553
 CVE-2009-3552
 	RESERVED
 	NOT-FOR-US: Red Hat Enterprise Virtualization Manager
-CVE-2009-3551
+CVE-2009-3551 (Off-by-one error in the dissect_negprot_response function in packet-sm ...)
 	- wireshark 1.2.3-1 (low; bug #553583)
 	[lenny] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
 	[etch] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
-CVE-2009-3550
+CVE-2009-3550 (The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 t ...)
 	{DSA-1942-1}
 	- wireshark 1.2.3-1 (low; bug #553583)
-CVE-2009-3549
+CVE-2009-3549 (packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1 ...)
 	- wireshark 1.2.3-1 (low; bug #553583)
 	[lenny] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
 	[etch] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
-CVE-2009-3548
+CVE-2009-3548 (The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 th ...)
 	- tomcat6 <not-affected> (Windows only)
-CVE-2009-3547
+CVE-2009-3547 (Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.3 ...)
 	{DSA-1929-1 DSA-1928-1 DSA-1927-1}
 	- linux-2.6 2.6.31-2 (high)
 	- linux-2.6.24 <removed> (high)
-CVE-2009-3546
+CVE-2009-3546 (The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5. ...)
 	{DSA-1936-1}
 	- libwmf <unfixed>  (unimportant)
 	- racket 5.0.2-1 (unimportant; bug #601525)
@@ -4271,11 +4271,11 @@ CVE-2009-3546
 	- php5 <not-affected> (the php packages use the system libgd2)
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=289557
 	NOTE: <20091015173822.084de220@redhat.com> in OSS-sec
-CVE-2009-3545
+CVE-2009-3545 (DataWizard Technologies FtpXQ FTP Server 3.0 allows remote authenticat ...)
 	NOT-FOR-US: DataWizard Technologies FtpXQ FTP Server
-CVE-2009-3544
+CVE-2009-3544 (Xerver HTTP Server 4.32 allows remote attackers to obtain the source c ...)
 	NOT-FOR-US: Xerver HTTP Server
-CVE-2009-3527
+CVE-2009-3527 (Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 ...)
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 CVE-2009-3526
@@ -4285,39 +4285,39 @@ CVE-2009-XXXX [kfreebsd: Devfs / VFS NULL pointer race condition]
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 7.2-9 (bug #549871)
 	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
-CVE-2009-3543
+CVE-2009-3543 (SQL injection vulnerability in _phenotype/admin/login.php in Phenotype ...)
 	NOT-FOR-US: Phenotype CMS
-CVE-2009-3542
+CVE-2009-3542 (Directory traversal vulnerability in ls.php in LittleSite (aka LS or L ...)
 	NOT-FOR-US: LittleSite
-CVE-2009-3541
+CVE-2009-3541 (PHP remote file inclusion vulnerability in CoupleDB.php in PHPGenealog ...)
 	NOT-FOR-US: PHPGenealogy
-CVE-2009-3540
+CVE-2009-3540 (Cross-site scripting (XSS) vulnerability in listads.php in YourFreeWor ...)
 	NOT-FOR-US: YourFreeWorld Ultra Classifieds Pro
-CVE-2009-3539
+CVE-2009-3539 (Multiple cross-site scripting (XSS) vulnerabilities in YourFreeWorld U ...)
 	NOT-FOR-US: YourFreeWorld Ultra Classifieds Pro
-CVE-2009-3538
+CVE-2009-3538 (Directory traversal vulnerability in thumb.php in Clear Content 1.1 al ...)
 	NOT-FOR-US: Clear Content
-CVE-2009-3537
+CVE-2009-3537 (Multiple stack-based buffer overflows in EpicDJSoftware EpicDJ 1.3.9.1 ...)
 	NOT-FOR-US: EpicDJSoftware EpicDJ
-CVE-2009-3536
+CVE-2009-3536 (Multiple stack-based buffer overflows in EpicDJSoftware EpicVJ 1.2.8.0 ...)
 	NOT-FOR-US: EpicDJSoftware EpicVJ
-CVE-2009-3535
+CVE-2009-3535 (Directory traversal vulnerability in image.php in Clear Content 1.1 al ...)
 	NOT-FOR-US: Clear Content
-CVE-2009-3534
+CVE-2009-3534 (Directory traversal vulnerability in index.php in LionWiki 3.0.3, when ...)
 	NOT-FOR-US: LionWiki
-CVE-2009-3533
+CVE-2009-3533 (SQL injection vulnerability in report.php in Meeting Room Booking Syst ...)
 	NOT-FOR-US: Meeting Room Booking System
-CVE-2009-3532
+CVE-2009-3532 (Multiple SQL injection vulnerabilities in login.asp (aka the login scr ...)
 	NOT-FOR-US: LogRover
-CVE-2009-3531
+CVE-2009-3531 (SQL injection vulnerability in vnews.php in Universe CMS 1.0.6 allows  ...)
 	NOT-FOR-US: Universe CMS
-CVE-2009-3530
+CVE-2009-3530 (Cross-site scripting (XSS) vulnerability in storefront.php in RadScrip ...)
 	NOT-FOR-US: RadScripts RadBids Gold
-CVE-2009-3529
+CVE-2009-3529 (SQL injection vulnerability in index.php in RadScripts RadBids Gold 4  ...)
 	NOT-FOR-US: RadScripts RadBids Gold
-CVE-2009-3528
+CVE-2009-3528 (SQL injection vulnerability in Profile.php in MyMsg 1.0.3 allows remot ...)
 	NOT-FOR-US: MyMsg
-CVE-2009-3525
+CVE-2009-3525 (The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not sup ...)
 	- xen-3 <unfixed> (unimportant)
 	- xen-unstable <removed> (unimportant)
 	NOTE: This is an enhancement, not a security issue.
@@ -4328,118 +4328,118 @@ CVE-2009-5041 [buffer overflow in overkill]
 	- overkill 0.16-14.1 (bug #549310; low)
 	[lenny] - overkill <no-dsa> (Minor issue)
 	[etch] - overkill <no-dsa> (Minor issue)
-CVE-2009-3524
+CVE-2009-3524 (Unspecified vulnerability in ashWsFtr.dll in avast! Home and Professio ...)
 	NOT-FOR-US: avast! Home and Professional
-CVE-2009-3523
+CVE-2009-3523 (aavmKer4.sys in avast! Home and Professional for Windows before 4.8.13 ...)
 	NOT-FOR-US: avast! Home and Professional
-CVE-2009-3522
+CVE-2009-3522 (Stack-based buffer overflow in aswMon2.sys in avast! Home and Professi ...)
 	NOT-FOR-US: avast! Home and Professional
-CVE-2009-3521
+CVE-2009-3521 (Multiple cross-site scripting (XSS) vulnerabilities in the Visualizati ...)
 	NOT-FOR-US: WebSphere
-CVE-2009-3520
+CVE-2009-3520 (Cross-site request forgery (CSRF) vulnerability in the Your_account mo ...)
 	NOT-FOR-US: CMSphp
-CVE-2009-3519
+CVE-2009-3519 (Multiple memory leaks in the IP module in the kernel in Sun Solaris 8  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-3518
+CVE-2009-3518 (Argument injection vulnerability in the iim: URI handler in IBMIM.exe  ...)
 	NOT-FOR-US: IBM Installation Manager
-CVE-2009-3517
+CVE-2009-3517 (nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does no ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-3516
+CVE-2009-3516 (gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not p ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-3515
+CVE-2009-3515 (Directory traversal vulnerability in dnet_admin/index.php in d.net CMS ...)
 	NOT-FOR-US: d.net CMS
-CVE-2009-3514
+CVE-2009-3514 (Multiple SQL injection vulnerabilities in d.net CMS allow remote attac ...)
 	NOT-FOR-US: d.net CMS
-CVE-2009-3513
+CVE-2009-3513 (Multiple cross-site scripting (XSS) vulnerabilities in Pilot Group (PG ...)
 	NOT-FOR-US: Pilot Group (PG) eTraining
-CVE-2009-3512
+CVE-2009-3512 (Multiple cross-site scripting (XSS) vulnerabilities in MyWeight 1.0 al ...)
 	NOT-FOR-US: MyWeight
-CVE-2009-3511
+CVE-2009-3511 (Multiple PHP remote file inclusion vulnerabilities in justVisual 1.2 a ...)
 	NOT-FOR-US: justVisual
-CVE-2009-3510
+CVE-2009-3510 (SQL injection vulnerability in viewListing.php in linkSpheric 0.74 Bet ...)
 	NOT-FOR-US: linkSpheric
-CVE-2009-3509
+CVE-2009-3509 (Cross-site scripting (XSS) vulnerability in admin/admin_index.php in C ...)
 	NOT-FOR-US: CJ Dynamic Poll PRO
-CVE-2009-3508
+CVE-2009-3508 (Multiple directory traversal vulnerabilities in MUJE CMS 1.0.4.34 allo ...)
 	NOT-FOR-US: MUJE CMS
-CVE-2009-3507
+CVE-2009-3507 (Directory traversal vulnerability in modules.php in CMSphp 0.21 allows ...)
 	NOT-FOR-US: CMSphp
-CVE-2009-3506
+CVE-2009-3506 (Multiple cross-site scripting (XSS) vulnerabilities in CMSphp 0.21 all ...)
 	NOT-FOR-US: CMSphp
-CVE-2009-3505
+CVE-2009-3505 (SQL injection vulnerability in view_news.php in Vastal I-Tech MMORPG Z ...)
 	NOT-FOR-US: Vastal I-Tech MMORPG Zone
-CVE-2009-3504
+CVE-2009-3504 (SQL injection vulnerability in offers_buy.php in Alibaba Clone 3.0 all ...)
 	NOT-FOR-US: Alibaba Clone
-CVE-2009-3503
+CVE-2009-3503 (Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse B ...)
 	NOT-FOR-US: BPowerHouse BPHolidayLettings
-CVE-2009-3502
+CVE-2009-3502 (SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 al ...)
 	NOT-FOR-US: BPowerHouse BPMusic
-CVE-2009-3501
+CVE-2009-3501 (SQL injection vulnerability in students.php in BPowerHouse BPStudents  ...)
 	NOT-FOR-US: BPowerHouse BPStudents
-CVE-2009-3500
+CVE-2009-3500 (Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allo ...)
 	NOT-FOR-US: BPowerHouse BPGames
-CVE-2009-3499
+CVE-2009-3499 (SQL injection vulnerability in employee.aspx in BPowerHouse BPLawyerCa ...)
 	NOT-FOR-US: BPowerHouse BPLawyerCaseDocuments
-CVE-2009-3498
+CVE-2009-3498 (SQL injection vulnerability in php/update_article_hits.php in HBcms 1. ...)
 	NOT-FOR-US: HBcms
-CVE-2009-3497
+CVE-2009-3497 (SQL injection vulnerability in view_listing.php in Vastal I-Tech Agent ...)
 	NOT-FOR-US: Vastal I-Tech Agent
-CVE-2009-3496
+CVE-2009-3496 (Cross-site scripting (XSS) vulnerability in view_mag.php in Vastal I-T ...)
 	NOT-FOR-US: Vastal I-Tech DVD Zone
-CVE-2009-3495
+CVE-2009-3495 (SQL injection vulnerability in view_mag.php in Vastal I-Tech DVD Zone  ...)
 	NOT-FOR-US: Vastal I-Tech DVD Zone
-CVE-2009-3494
+CVE-2009-3494 (Multiple SQL injection vulnerabilities in index.php in T-HTB Manager 0 ...)
 	NOT-FOR-US: T-HTB Manager
-CVE-2009-3493
+CVE-2009-3493 (Multiple cross-site scripting (XSS) vulnerabilities in Zenas PaoBachec ...)
 	NOT-FOR-US: Zenas PaoBacheca Guestbook
-CVE-2009-3492
+CVE-2009-3492 (Multiple PHP remote file inclusion vulnerabilities in Loggix Project 9 ...)
 	NOT-FOR-US: Loggix Project
-CVE-2009-3491
+CVE-2009-3491 (SQL injection vulnerability in the Kinfusion SportFusion (com_sportfus ...)
 	NOT-FOR-US: Kinfusion SportFusion
-CVE-2009-3490
+CVE-2009-3490 (GNU Wget before 1.12 does not properly handle a '\0' character in a do ...)
 	{DSA-1904-1}
 	- wget 1.12-1 (medium; bug #549293)
-CVE-2009-3489
+CVE-2009-3489 (Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 ...)
 	NOT-FOR-US: Adobe Photoshop Elements
-CVE-2009-3488
+CVE-2009-3488 (Cross-site scripting (XSS) vulnerability in the Bibliography (aka Bibl ...)
 	NOT-FOR-US: Drupal Bibliography Module
-CVE-2009-3487
+CVE-2009-3487 (Multiple cross-site scripting (XSS) vulnerabilities in the J-Web inter ...)
 	NOT-FOR-US: J-Web interface in Juniper JUNOS
-CVE-2009-3486
+CVE-2009-3486 (Multiple cross-site scripting (XSS) vulnerabilities in the J-Web inter ...)
 	NOT-FOR-US: J-Web interface in Juniper JUNOS
-CVE-2009-3485
+CVE-2009-3485 (Cross-site scripting (XSS) vulnerability in the J-Web interface in Jun ...)
 	NOT-FOR-US: J-Web interface in Juniper JUNOS
-CVE-2009-3484
+CVE-2009-3484 (Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-ass ...)
 	NOT-FOR-US: Core FTP
-CVE-2009-3483
+CVE-2009-3483 (Heap-based buffer overflow in the Create New Site feature in GlobalSCA ...)
 	NOT-FOR-US: CuteFTP
-CVE-2009-3482
+CVE-2009-3482 (TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.129 ...)
 	NOT-FOR-US: TrustPort Antivirus and PC Security
-CVE-2009-3481
+CVE-2009-3481 (A certain interface in the iCRM Basic (com_icrmbasic) component 1.4.2. ...)
 	NOT-FOR-US: Joomla component
-CVE-2009-3480
+CVE-2009-3480 (SQL injection vulnerability in the iCRM Basic (com_icrmbasic) componen ...)
 	NOT-FOR-US: Joomla component
-CVE-2009-3479
+CVE-2009-3479 (Cross-site scripting (XSS) vulnerability in Bibliography (Biblio) 5.x  ...)
 	NOT-FOR-US: Bibliography
-CVE-2009-3478
+CVE-2009-3478 (Argument injection vulnerability in (1) src/content/js/connection/sftp ...)
 	NOT-FOR-US: Bibliography
-CVE-2009-3477
+CVE-2009-3477 (The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before  ...)
 	NOT-FOR-US: Blackberry Browser in RIM BlackBerry Device Software
-CVE-2009-3476
+CVE-2009-3476 (Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibbole ...)
 	{DSA-1895-2 DSA-1896-1 DSA-1895-1}
 	- xmltooling 1.2.2-1
 	- opensaml 3.0.0-2
 	- opensaml2 2.2.1-1
 	- shibboleth-sp 3.0.2+dfsg1-2
 	- shibboleth-sp2 2.2.1+dfsg-1
-CVE-2009-3475
+CVE-2009-3475 (Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and  ...)
 	{DSA-1895-2 DSA-1896-1 DSA-1895-1}
 	- xmltooling 1.2.2-1
 	- opensaml 3.0.0-2
 	- opensaml2 2.2.1-1
 	- shibboleth-sp 3.0.2+dfsg1-2
 	- shibboleth-sp2 2.2.1+dfsg-1
-CVE-2009-3474
+CVE-2009-3474 (OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as used by  ...)
 	{DSA-1895-2 DSA-1896-1 DSA-1895-1}
 	- xmltooling 1.2.2-1
 	- opensaml 3.0.0-2
@@ -4448,182 +4448,182 @@ CVE-2009-3474
 	- shibboleth-sp2 2.2.1+dfsg-1
 	[lenny] - opensaml 1.1.1-2+lenny1
 	[lenny] - opensaml2 2.0-2+lenny1
-CVE-2009-3473
+CVE-2009-3473 (IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege f ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-3472
+CVE-2009-3472 (IBM DB2 8 before FP18, 9.1 before FP8, and 9.5 before FP4 allows remot ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-3471
+CVE-2009-3471 (IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-3470
+CVE-2009-3470 (IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10 befor ...)
 	NOT-FOR-US: IBM Informix Dynamic Server (IDS)
-CVE-2009-3469
+CVE-2009-3469 (Cross-site scripting (XSS) vulnerability in profiles/html/simpleSearch ...)
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2009-3468
+CVE-2009-3468 (Multiple unspecified vulnerabilities in Common Desktop Environment (CD ...)
 	NOT-FOR-US: Common Desktop Environment (CDE) in Sun Solaris
-CVE-2009-3467
+CVE-2009-3467 (Cross-site scripting (XSS) vulnerability in an unspecified method in A ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2009-3466
+CVE-2009-3466 (Adobe Shockwave Player before 11.5.2.602 allows remote attackers to ex ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-3465
+CVE-2009-3465 (Adobe Shockwave Player before 11.5.2.602 allows remote attackers to ex ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-3464
+CVE-2009-3464 (Adobe Shockwave Player before 11.5.2.602 allows remote attackers to ex ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-3463
+CVE-2009-3463 (Array index error in Adobe Shockwave Player before 11.5.2.602 allows r ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-3462
+CVE-2009-3462 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x b ...)
 	NOT-FOR-US: Adobe
-CVE-2009-3461
+CVE-2009-3461 (Unspecified vulnerability in Adobe Acrobat 9.x before 9.2 allows attac ...)
 	NOT-FOR-US: Adobe
-CVE-2009-3460
+CVE-2009-3460 (Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x throu ...)
 	NOT-FOR-US: Adobe
-CVE-2009-3459
+CVE-2009-3459 (Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1. ...)
 	NOT-FOR-US: Adobe Acrobat
-CVE-2009-3458
+CVE-2009-3458 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x b ...)
 	NOT-FOR-US: Adobe
-CVE-2009-3457
+CVE-2009-3457 (Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) bef ...)
 	NOT-FOR-US: Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF)
-CVE-2009-3456
+CVE-2009-3456 (Google Chrome, possibly 3.0.195.21 and earlier, does not properly hand ...)
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
 	NOTE: This was caused by a bug in NSS (CVE-2009-2408). chromium-browser uses libnss3
-CVE-2009-3455
+CVE-2009-3455 (Apple Safari, possibly before 4.0.3, on Mac OS X does not properly han ...)
 	NOT-FOR-US: Apple Safari
 CVE-2009-3454
 	REJECTED
-CVE-2009-3453
+CVE-2009-3453 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quick ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2009-3452
+CVE-2009-3452 (WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allows remote ...)
 	NOT-FOR-US: RADactive I-Load
-CVE-2009-3451
+CVE-2009-3451 (Directory traversal vulnerability in WebCoreModule.ashx in RADactive I ...)
 	NOT-FOR-US: RADactive
-CVE-2009-3450
+CVE-2009-3450 (Multiple cross-site scripting (XSS) vulnerabilities in WebCoreModule.a ...)
 	NOT-FOR-US: RADactive I-Load
-CVE-2009-3449
+CVE-2009-3449 (MP3 Collector 2.3 allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: MP3 Collector
-CVE-2009-3448
+CVE-2009-3448 (npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote atta ...)
 	NOT-FOR-US: BakBone NetVault Backup
-CVE-2009-3447
+CVE-2009-3447 (Unrestricted file upload vulnerability in RADactive I-Load before 2008 ...)
 	NOT-FOR-US: RADactive I-Load
 CVE-2009-XXXX [xen-tools: world readable disk image files]
 	- xen-tools 4.2~beta1-1 (low; bug #548909)
 	[lenny] - xen-tools 3.9-4+lenny1
-CVE-2009-3446
+CVE-2009-3446 (SQL injection vulnerability in the MyRemote Video Gallery (com_mytube) ...)
 	NOT-FOR-US: com_mytube component for Joomla!
-CVE-2009-3445
+CVE-2009-3445 (Unspecified vulnerability in Code-Crafters Ability Mail Server before  ...)
 	NOT-FOR-US: Ability Mail Server
-CVE-2009-3444
+CVE-2009-3444 (Cross-site scripting (XSS) vulnerability in email.php in e107 0.7.16 a ...)
 	NOT-FOR-US: e107
-CVE-2009-3443
+CVE-2009-3443 (SQL injection vulnerability in the Fastball (com_fastball) component 1 ...)
 	NOT-FOR-US: com_fastball component for Joomla!
-CVE-2009-3442
+CVE-2009-3442 (The Meta tags (aka Nodewords) module before 6.x-1.1 for Drupal does no ...)
 	NOT-FOR-US: Nodewords module for Drupal
-CVE-2009-3441
+CVE-2009-3441 (Open Source Security Information Management (OSSIM) before 2.1.2 allow ...)
 	NOT-FOR-US: Open Source Security Information Management
-CVE-2009-3440
+CVE-2009-3440 (Cross-site scripting (XSS) vulnerability in Open Source Security Infor ...)
 	NOT-FOR-US: Open Source Security Information Management
-CVE-2009-3439
+CVE-2009-3439 (Multiple SQL injection vulnerabilities in Open Source Security Informa ...)
 	NOT-FOR-US: Open Source Security Information Management
-CVE-2009-3438
+CVE-2009-3438 (SQL injection vulnerability in the JoomlaFacebook (com_facebook) compo ...)
 	NOT-FOR-US: com_facebook component for Joomla!
-CVE-2009-3437
+CVE-2009-3437 (Cross-site scripting (XSS) vulnerability in the live preview feature i ...)
 	NOT-FOR-US: Markdown Preview module for Drupal
-CVE-2009-3436
+CVE-2009-3436 (Multiple SQL injection vulnerabilities in forum.asp in MaxWebPortal al ...)
 	NOT-FOR-US: MaxWebPortal
-CVE-2009-3435
+CVE-2009-3435 (Cross-site scripting (XSS) vulnerability in the variable editor in the ...)
 	NOT-FOR-US: Devel module for Drupal
-CVE-2009-3434
+CVE-2009-3434 (SQL injection vulnerability in the Tupinambis (com_tupinambis) compone ...)
 	NOT-FOR-US: com_tupinambis for Mambo and Joomla!
-CVE-2009-3433
+CVE-2009-3433 (Unspecified vulnerability in clsetup in the configuration utility in S ...)
 	NOT-FOR-US: Sun Solaris Cluster
-CVE-2009-3432
+CVE-2009-3432 (Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenS ...)
 	NOT-FOR-US: Sun OpenSolaris xscreensaver
-CVE-2009-3431
+CVE-2009-3431 (Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1 ...)
 	NOT-FOR-US: Adobe Acrobat
-CVE-2009-3892
+CVE-2009-3892 (Cross-site scripting (XSS) vulnerability in Best Practical Solutions R ...)
 	- request-tracker3.8 3.8.5-1 (bug #546829)
 	- request-tracker3.6 3.6.9-1 (bug #546778)
 	[etch] - request-tracker3.6 <not-affected> (vulnerable code not present)
 	[lenny] - request-tracker3.6 3.6.7-5+lenny2
 	NOTE: CVE id requested
-CVE-2009-3430
+CVE-2009-3430 (SQL injection vulnerability in login.php in Allomani Mobile 2.5 allows ...)
 	NOT-FOR-US: Allomani Mobile
-CVE-2009-3429
+CVE-2009-3429 (Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61  ...)
 	NOT-FOR-US: Pirate Radio Destiny Media Player
-CVE-2009-3428
+CVE-2009-3428 (Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote ...)
 	NOT-FOR-US: Easy Music Player
-CVE-2009-3427
+CVE-2009-3427 (Cross-site scripting (XSS) vulnerability in Kayako SupportSuite 3.50.0 ...)
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2009-3426
+CVE-2009-3426 (PHP remote file inclusion vulnerability in includes/file_manager/speci ...)
 	NOT-FOR-US: MaxCMS
-CVE-2009-3425
+CVE-2009-3425 (Directory traversal vulnerability in includes/inc.thcms_admin_dirtree. ...)
 	NOT-FOR-US: MaxCMS
-CVE-2009-3424
+CVE-2009-3424 (Multiple PHP remote file inclusion vulnerabilities in MaxCMS 3.11.20b, ...)
 	NOT-FOR-US: MaxCMS
-CVE-2009-3423
+CVE-2009-3423 (login.php in Zenas PaoLink 1.0, when register_globals is enabled, allo ...)
 	NOT-FOR-US: Zenas PaoLink
-CVE-2009-3422
+CVE-2009-3422 (login.php in Zenas PaoLiber 1.1, when register_globals is enabled, all ...)
 	NOT-FOR-US: Zenas PaoLiber
-CVE-2009-3421
+CVE-2009-3421 (login.php in Zenas PaoBacheca Guestbook 2.1, when register_globals is  ...)
 	NOT-FOR-US: Zenas PaoBacheca Guestbook
-CVE-2009-3420
+CVE-2009-3420 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in th ...)
 	NOT-FOR-US: Miniweb Publisher module
-CVE-2009-3419
+CVE-2009-3419 (SQL injection vulnerability in index.php in the Publisher module 2.0 f ...)
 	NOT-FOR-US: Miniweb Publisher module
-CVE-2009-3418
+CVE-2009-3418 (Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow (1) re ...)
 	NOT-FOR-US: Plume CMS
-CVE-2009-3417
+CVE-2009-3417 (SQL injection vulnerability in the IDoBlog (com_idoblog) component 1.1 ...)
 	NOT-FOR-US: IDoBlog component Joomla
-CVE-2009-3416
+CVE-2009-3416 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3415
+CVE-2009-3415 (Unspecified vulnerability in the Oracle OLAP component in Oracle Datab ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-3414
+CVE-2009-3414 (Unspecified vulnerability in the Oracle Spatial component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-3413
+CVE-2009-3413 (Unspecified vulnerability in the Oracle Spatial component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-3412
+CVE-2009-3412 (Unspecified vulnerability in the Unzip component in Oracle Database 9. ...)
 	NOT-FOR-US: Oracle Database and Oracle Application Server
-CVE-2009-3411
+CVE-2009-3411 (Unspecified vulnerability in the Oracle Data Pump component in Oracle  ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-3410
+CVE-2009-3410 (Unspecified vulnerability in the RDBMS component in Oracle Database 11 ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-3409
+CVE-2009-3409 (Unspecified vulnerability in the PeopleSoft Enterprise HCM (TAM) compo ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-3408
+CVE-2009-3408 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3407
+CVE-2009-3407 (Unspecified vulnerability in the Portal component in Oracle Applicatio ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-3406
+CVE-2009-3406 (Unspecified vulnerability in the JD Edwards Tools component in Oracle  ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-3405
+CVE-2009-3405 (Unspecified vulnerability in the JD Edwards Tools component in Oracle  ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-3404
+CVE-2009-3404 (Unspecified vulnerability in the PeopleSoft PeopleTools &amp; Enterpri ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-3403
+CVE-2009-3403 (Unspecified vulnerability in the JRockit component in BEA Product Suit ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-3402
+CVE-2009-3402 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3401
+CVE-2009-3401 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3400
+CVE-2009-3400 (Unspecified vulnerability in the Oracle Advanced Benefits component in ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3399
+CVE-2009-3399 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA Product Suite
 CVE-2009-3398
 	REJECTED
-CVE-2009-3397
+CVE-2009-3397 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3396
+CVE-2009-3396 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-3395
+CVE-2009-3395 (Unspecified vulnerability in the AutoVue component in Oracle E-Busines ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2009-3394
 	REJECTED
-CVE-2009-3393
+CVE-2009-3393 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-3392
+CVE-2009-3392 (Unspecified vulnerability in the Agile Engineering Data Management (ED ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-4193
+CVE-2009-4193 (Merkaartor 0.14 allows local users to append data to arbitrary files v ...)
 	- merkaartor 0.14+svnfixes~20090912-2 (low; bug #548546)
 	[lenny] - merkaartor <not-affected> (vulnerable code not present)
 	NOTE: does not run as root so minor issue.
@@ -4632,9 +4632,9 @@ CVE-2009-XXXX [SA-CORE-2009-008]
 	[lenny] - drupal6 6.6-3lenny3
 CVE-2009-3391
 	RESERVED
-CVE-2009-3390
+CVE-2009-3390 (Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) iscsi ...)
 	NOT-FOR-US: iscsiadm and iscsitadm programs in Sun Solaris 10
-CVE-2009-3389
+CVE-2009-3389 (Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used i ...)
 	{DSA-2045-1}
 	- libtheora 1.1 (bug #572950)
 	[etch] - libtheora <not-affected> (vulnerable code not present)
@@ -4643,27 +4643,27 @@ CVE-2009-3389
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
 	[lenny] - xulrunner <not-affected> (Video playback capabilities were added in 3.5)
-CVE-2009-3388
+CVE-2009-3388 (liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before  ...)
 	- liboggplay 0.2.1~git20091227-1.1 (bug #575743)
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- xulrunner 1.9.1.6-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
 	[lenny] - xulrunner <not-affected> (Video playback capabilities were added in 3.5)
-CVE-2009-3387
+CVE-2009-3387 (Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group re ...)
 	- bugzilla 3.4.7.0-1
 	[lenny] - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
-CVE-2009-3386
+CVE-2009-3386 (Template.pm in Bugzilla 3.3.2 through 3.4.3 and 3.5 through 3.5.1 allo ...)
 	- bugzilla 3.4.7.0-1
 	[lenny] - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
-CVE-2009-3385
+CVE-2009-3385 (The mail component in Mozilla SeaMonkey before 1.1.19 does not properl ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.0.15-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0-1
 	[lenny] - iceape <not-affected> (stub package)
-CVE-2009-3384
+CVE-2009-3384 (Multiple unspecified vulnerabilities in WebKit in Apple Safari before  ...)
 	- webkit 1.1.17-2 (medium; bug #559759)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- qt4-x11 4:4.6.2-4 (bug #561760)
@@ -4673,23 +4673,23 @@ CVE-2009-3384
 	- kdelibs <not-affected> (vulnerable code not present)
 	- kde4libs <not-affected> (vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/48725
-CVE-2009-3383
+CVE-2009-3383 (Multiple unspecified vulnerabilities in the JavaScript engine in Mozil ...)
 	- xulrunner 1.9.1.4-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5)
-CVE-2009-3382
+CVE-2009-3382 (layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3381
+CVE-2009-3381 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- xulrunner 1.9.1.4-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5)
-CVE-2009-3380
+CVE-2009-3380 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3379
+CVE-2009-3379 (Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla  ...)
 	{DSA-1939-1}
 	- libvorbisidec 1.0.2+svn18153-0.1 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
@@ -4697,221 +4697,221 @@ CVE-2009-3379
 	- xulrunner 1.9.1.4-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5)
-CVE-2009-3378
+CVE-2009-3378 (The oggplay_data_handle_theora_frame function in media/liboggplay/src/ ...)
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <not-affected> (ogg support added in firefox 3.5)
 	[lenny] - xulrunner <not-affected> (ogg support added in firefox 3.5)
 	- liboggplay 0.2.1~git20091120-1 (medium; bug #552743)
-CVE-2009-3377
+CVE-2009-3377 (Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e ...)
 	- xulrunner 1.9.1.4-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5)
 	- liboggz 0.9.9-1 (low)
 	[lenny] - liboggz <no-dsa> (Too intrusive to backport, needs to be updated to 0.9.9. Requires additional rebuild of rev dep)
-CVE-2009-3376
+CVE-2009-3376 (Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey be ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3375
+CVE-2009-3375 (content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x  ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.x)
-CVE-2009-3374
+CVE-2009-3374 (The XPCVariant::VariantDataToJS function in the XPCOM implementation i ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3373
+CVE-2009-3373 (Heap-based buffer overflow in the GIF image parser in Mozilla Firefox  ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.x)
-CVE-2009-3372
+CVE-2009-3372 (Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey be ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3371
+CVE-2009-3371 (Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 all ...)
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <not-affected> (web workers introduced in firefox 3.5)
 	[lenny] - xulrunner <not-affected> (web workers introduced in firefox 3.5)
 	- kompozer <unfixed> (unimportant; bug #555326)
 	NOTE: kompozer shares the browser engine with Firefox, but JavaScript is not enabled
-CVE-2009-3370
+CVE-2009-3370 (Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote a ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3368
+CVE-2009-3368 (Cross-site scripting (XSS) vulnerability in the Hotel Booking Reservat ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3367
+CVE-2009-3367 (Multiple cross-site scripting (XSS) vulnerabilities in An image galler ...)
 	NOT-FOR-US: An image gallery 1.0
-CVE-2009-3366
+CVE-2009-3366 (Directory traversal vulnerability in navigation.php in An image galler ...)
 	NOT-FOR-US: An image gallery 1.0
-CVE-2009-3365
+CVE-2009-3365 (PHP remote file inclusion vulnerability in add-ons/modules/sysmanager/ ...)
 	NOT-FOR-US: Aurora CMS
-CVE-2009-3364
+CVE-2009-3364 (Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote F ...)
 	NOT-FOR-US: FTPShell Client
-CVE-2009-3363
+CVE-2009-3363 (Cross-site scripting (XSS) vulnerability in the BUEditor module 5.x be ...)
 	NOT-FOR-US: a module for Drupal
-CVE-2009-3362
+CVE-2009-3362 (PHP remote file inclusion vulnerability in printnews.php3 in SZNews 2. ...)
 	NOT-FOR-US: SZNews
-CVE-2009-3361
+CVE-2009-3361 (SQL injection vulnerability in index.php in PHP-IPNMonitor allows remo ...)
 	NOT-FOR-US: PHP-IPNMonitor
-CVE-2009-3360
+CVE-2009-3360 (Multiple cross-site scripting (XSS) vulnerabilities in Datemill 1.0 al ...)
 	NOT-FOR-US: Datemill
-CVE-2009-3359
+CVE-2009-3359 (Multiple cross-site scripting (XSS) vulnerabilities in Match Agency Bi ...)
 	NOT-FOR-US: Match Agency BiZ
-CVE-2009-3358
+CVE-2009-3358 (SQL injection vulnerability in profile.php in Tourism Scripts Adult Po ...)
 	NOT-FOR-US: Tourism Scripts Adult
-CVE-2009-3357
+CVE-2009-3357 (Multiple SQL injection vulnerabilities in the Hotel Booking Reservatio ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3356
+CVE-2009-3356 (SQL injection vulnerability in index.php in Image voting 1.0 allows re ...)
 	NOT-FOR-US: Image voting
-CVE-2009-3355
+CVE-2009-3355 (Cross-site scripting (XSS) vulnerability in profile.php in Datetopia B ...)
 	NOT-FOR-US: Datetopia Buy Dating Site
-CVE-2009-3354
+CVE-2009-3354 (Multiple unspecified vulnerabilities in the Rest API module for Drupal ...)
 	NOT-FOR-US: Rest API module for Drupal
-CVE-2009-3353
+CVE-2009-3353 (Multiple unspecified vulnerabilities in the Node2Node module for Drupa ...)
 	NOT-FOR-US: Node2Node module for Drupal
-CVE-2009-3352
+CVE-2009-3352 (Multiple unspecified vulnerabilities in the quota_by_role (Quota by ro ...)
 	NOT-FOR-US: quota_by_role (Quota by role) module for Drupal
-CVE-2009-3351
+CVE-2009-3351 (Multiple unspecified vulnerabilities in the Node Browser module for Dr ...)
 	NOT-FOR-US: Node Browser module for Drupal
-CVE-2009-3350
+CVE-2009-3350 (Multiple unspecified vulnerabilities in the Subdomain Manager module f ...)
 	NOT-FOR-US: Subdomain Manager module for Drupal
-CVE-2009-3349
+CVE-2009-3349 (SQL injection vulnerability in Datavore Gyro 5.0 allows remote attacke ...)
 	NOT-FOR-US: Datavore Gyro
-CVE-2009-3348
+CVE-2009-3348 (Cross-site scripting (XSS) vulnerability in Datavore Gyro 5.0 allows r ...)
 	NOT-FOR-US: Datavore Gyro
-CVE-2009-3347
+CVE-2009-3347 (Buffer overflow on the D-Link DIR-400 wireless router allows remote at ...)
 	NOT-FOR-US: D-Link DIR-400 wireless router
-CVE-2009-3346
+CVE-2009-3346 (Unspecified vulnerability in SAP Crystal Reports Server 2008 allows re ...)
 	NOT-FOR-US: SAP Crystal Reports Server
-CVE-2009-3345
+CVE-2009-3345 (Heap-based buffer overflow in SAP Crystal Reports Server 2008 has unkn ...)
 	NOT-FOR-US: SAP Crystal Reports Server
-CVE-2009-3344
+CVE-2009-3344 (Unspecified vulnerability in SAP Crystal Reports Server 2008 on Window ...)
 	NOT-FOR-US: SAP Crystal Reports Server
-CVE-2009-3343
+CVE-2009-3343 (SQL injection vulnerability in details.asp in HotWeb Rentals allows re ...)
 	NOT-FOR-US: HotWeb Rentals
-CVE-2009-3342
+CVE-2009-3342 (SQL injection vulnerability in frontend/assets/ajax/checkusername.php  ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3341
+CVE-2009-3341 (Buffer overflow on the Linksys WRT54GL wireless router allows remote a ...)
 	NOT-FOR-US: Linksys WRT54GL wireless router
-CVE-2009-3340
+CVE-2009-3340 (Unspecified vulnerability in FreeSSHD 1.2.4 allows remote attackers to ...)
 	NOT-FOR-US: FreeSSHD
-CVE-2009-3339
+CVE-2009-3339 (Unspecified vulnerability in McAfee Email and Web Security Appliance 5 ...)
 	NOT-FOR-US: McAfee Email and Web Security Appliance
-CVE-2009-3338
+CVE-2009-3338 (Stack-based buffer overflow in EffectMatrix (E.M.) Magic Morph 1.95b a ...)
 	NOT-FOR-US: Magic Morph
-CVE-2009-3337
+CVE-2009-3337 (SQL injection vulnerability in the Freetag (serendipity_event_freetag) ...)
 	NOT-FOR-US: plugin for Serendipity
-CVE-2009-3336
+CVE-2009-3336 (SQL injection vulnerability in auction_details.php in PHP Pro Bid allo ...)
 	NOT-FOR-US: PHP Pro Bid
-CVE-2009-3335
+CVE-2009-3335 (SQL injection vulnerability in the TurtuShout component 0.11 for Jooml ...)
 	NOT-FOR-US: TurtuShout component 0.11 for Joomla!
-CVE-2009-3334
+CVE-2009-3334 (SQL injection vulnerability in the Lhacky! Extensions Cave Joomla! Int ...)
 	NOT-FOR-US: Lhacky! Extensions Cave Joomla!
-CVE-2009-3333
+CVE-2009-3333 (PHP remote file inclusion vulnerability in koesubmit.php in the koeSub ...)
 	NOT-FOR-US: koeSubmit (com_koesubmit) component 1.0 for Mambo
-CVE-2009-3332
+CVE-2009-3332 (SQL injection vulnerability in the JBudgetsMagic (com_jbudgetsmagic) c ...)
 	NOT-FOR-US: BudgetsMagic (com_jbudgetsmagic) component for Joomla!
-CVE-2009-3331
+CVE-2009-3331 (Multiple PHP remote file inclusion vulnerabilities in DDL CMS 1.0 allo ...)
 	NOT-FOR-US: DDL CMS
-CVE-2009-3330
+CVE-2009-3330 (SQL injection vulnerability in index.php in cP Creator 2.7.1, when mag ...)
 	NOT-FOR-US: cP Creator
-CVE-2009-3329
+CVE-2009-3329 (Stack-based buffer overflow in Winplot 1.25.0.1 allows user-assisted r ...)
 	NOT-FOR-US: Winplot
-CVE-2009-3328
+CVE-2009-3328 (Cross-site scripting (XSS) vulnerability in sign.php in WX-Guestbook 1 ...)
 	NOT-FOR-US: WX-Guestbook
-CVE-2009-3327
+CVE-2009-3327 (Multiple SQL injection vulnerabilities in WX-Guestbook 1.1.208 allow r ...)
 	NOT-FOR-US: WX-Guestbook
-CVE-2009-3326
+CVE-2009-3326 (SQL injection vulnerability in index.php in CMScontrol Content Managem ...)
 	NOT-FOR-US: CMScontrol
-CVE-2009-3325
+CVE-2009-3325 (SQL injection vulnerability in the Focusplus Developments Survey Manag ...)
 	NOT-FOR-US: Survey Manager (com_surveymanager) component 1.5.0 for Joomla!
-CVE-2009-3324
+CVE-2009-3324 (PHP remote file inclusion vulnerability in include/prodler.class.php i ...)
 	NOT-FOR-US: ProdLer
-CVE-2009-3323
+CVE-2009-3323 (Multiple PHP remote file inclusion vulnerabilities in BAnner ROtation  ...)
 	NOT-FOR-US: BAnner ROtation System mini (BAROSmini)
-CVE-2009-3322
+CVE-2009-3322 (The Siemens Gigaset SE361 WLAN router allows remote attackers to cause ...)
 	NOT-FOR-US: Siemens Gigaset SE361 WLAN router
-CVE-2009-3321
+CVE-2009-3321 (SQL injection vulnerability in SaphpLesson 4.3, when magic_quotes_gpc  ...)
 	NOT-FOR-US: SaphpLesson
-CVE-2009-3320
+CVE-2009-3320 (Cross-site scripting (XSS) vulnerability in scrivi.php in Zenas PaoLin ...)
 	NOT-FOR-US: Zenas PaoLink (aka Pao-Link)
-CVE-2009-3319
+CVE-2009-3319 (SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03  ...)
 	NOT-FOR-US: DCI-Designs Dawaween
-CVE-2009-3318
+CVE-2009-3318 (Directory traversal vulnerability in the Roland Breedveld Album (com_a ...)
 	NOT-FOR-US: Roland Breedveld Album (com_album) component 1.14 for Joomla!
-CVE-2009-3317
+CVE-2009-3317 (PHP remote file inclusion vulnerability in pages/pageHeader.php in Ope ...)
 	NOT-FOR-US: OpenSiteAdmin
-CVE-2009-3316
+CVE-2009-3316 (SQL injection vulnerability in the JReservation (com_jreservation) com ...)
 	NOT-FOR-US: JReservation (com_jreservation) component 1.0 and 1.5 for Joomla!
-CVE-2009-3315
+CVE-2009-3315 (SQL injection vulnerability in admin/index.php in NeLogic Nephp Publis ...)
 	NOT-FOR-US: NeLogic Nephp Publisher Enterprise
-CVE-2009-3314
+CVE-2009-3314 (SQL injection vulnerability in ladders.php in Elite Gaming Ladders 3.2 ...)
 	NOT-FOR-US: Elite Gaming Ladders
-CVE-2009-3313
+CVE-2009-3313 (Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote at ...)
 	NOT-FOR-US: FMyClone
-CVE-2009-3312
+CVE-2009-3312 (PHP remote file inclusion vulnerability in php/init.poll.php in phpPol ...)
 	NOT-FOR-US: phpPollScript
-CVE-2009-3311
+CVE-2009-3311 (Cross-site scripting (XSS) vulnerability in index.php in RSSMediaScrip ...)
 	NOT-FOR-US: RSSMediaScript
-CVE-2009-3310
+CVE-2009-3310 (SQL injection vulnerability in index.php in Zainu 1.0 allows remote at ...)
 	NOT-FOR-US: Zainu
-CVE-2009-3309
+CVE-2009-3309 (SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allow ...)
 	NOT-FOR-US: CF ShopKart
-CVE-2009-3308
+CVE-2009-3308 (SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows  ...)
 	NOT-FOR-US: FanUpdate
-CVE-2009-3307
+CVE-2009-3307 (Multiple PHP remote file inclusion vulnerabilities in FSphp 0.2.1 allo ...)
 	NOT-FOR-US: FSphp
-CVE-2009-3306
+CVE-2009-3306 (PHP remote file inclusion vulnerability in include/header.php in Clear ...)
 	NOT-FOR-US: ClearSite
-CVE-2009-3305
+CVE-2009-3305 (Polipo 1.0.4, and possibly other versions, allows remote attackers to  ...)
 	{DSA-2002-1}
 	- polipo 1.0.4-1.1 (low; bug #547047)
 	[etch] - polipo <no-dsa> (Minor issue)
 	[lenny] - polipo <no-dsa> (Minor issue)
-CVE-2009-3304
+CVE-2009-3304 (GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbi ...)
 	{DSA-1945-1}
 	- gforge  4.8.2-1
-CVE-2009-3303
+CVE-2009-3303 (Cross-site scripting (XSS) vulnerability in www/help/tracker.php in GF ...)
 	{DSA-1937-1}
 	- gforge 4.8.1-3 (low)
-CVE-2009-3302
+CVE-2009-3302 (filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remot ...)
 	{DSA-1995-1 DTSA-205-1}
 	- openoffice.org 1:3.1.1-16
-CVE-2009-3301
+CVE-2009-3301 (Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) be ...)
 	{DSA-1995-1 DTSA-205-1}
 	- openoffice.org 1:3.1.1-16
-CVE-2009-3300
+CVE-2009-3300 (Multiple cross-site scripting (XSS) vulnerabilities in the Identity Pr ...)
 	{DSA-1947-1}
 	- shibboleth-sp2 2.3+dfsg-1 (medium; bug #555608)
 	- shibboleth-sp 3.0.2+dfsg1-2 (medium)
 	- opensaml2 2.3-1 (medium)
 	NOTE: xmltooling also needs to be updated, changed in sid in 1.3.1-1
-CVE-2009-3299
+CVE-2009-3299 (Cross-site scripting (XSS) vulnerability in the resume blocktype in Ma ...)
 	{DSA-1924-1}
 	- mahara 1.1.7-1 (low)
 	NOTE: http://mahara.org/interaction/forum/topic.php?id=1170
-CVE-2009-3298
+CVE-2009-3298 (Mahara before 1.0.13, and 1.1.x before 1.1.7, allows remote authentica ...)
 	{DSA-1924-1}
 	- mahara 1.1.7-1 (low)
 	NOTE: http://mahara.org/interaction/forum/topic.php?id=1169
 CVE-2009-3297 [mount race conditions]
 	REJECTED
-CVE-2009-3296
+CVE-2009-3296 (Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow ...)
 	{DSA-1912-2 DSA-1912-1}
 	- camlimages 1:3.0.1-5 (low)
 	- advi 1.6.0-15 (low; bug #551282)
-CVE-2009-3295
+CVE-2009-3295 (The prep_reprocess_req function in kdc/do_tgs_req.c in the cross-realm ...)
 	- krb5 1.7+dfsg-4 (medium)
 	[lenny] - krb5 <not-affected> (code introduced in 1.7)
 	[etch] - krb5 <not-affected> (code introduced in 1.7)
-CVE-2009-3294
+CVE-2009-3294 (The popen API function in TSRM/tsrm_win32.c in PHP before 5.2.11 and 5 ...)
 	- php5 <not-affected> (win32-specific)
-CVE-2009-3293
+CVE-2009-3293 (Unspecified vulnerability in the imagecolortransparent function in PHP ...)
 	- php5 <not-affected> (the php packages use the system libgd2)
 	- php4 <not-affected> (the php packages use the system libgd2)
 	NOTE: the transparent colours functionality is only on php5's bundled libgd2
-CVE-2009-3292
+CVE-2009-3292 (Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1 ...)
 	{DSA-1940-1}
 	- php5 5.2.11.dfsg.1-1 (low)
 	NOTE: unknown impact, it is related to missing sanity checks
@@ -4919,7 +4919,7 @@ CVE-2009-3292
 	NOTE: a missing limit on the nesting level of TIFF files, and
 	NOTE: missing EOF checks, possibly leading to NULL dereferences
 	NOTE: experimental is likely to be affected (as of 5.3.0)
-CVE-2009-3291
+CVE-2009-3291 (The php_openssl_apply_verification_policy function in PHP before 5.2.1 ...)
 	{DSA-1940-1}
 	- php5 5.2.11.dfsg.1-1 (low)
 	[lenny] - php5 <no-dsa> (rather unimportant)
@@ -4927,325 +4927,325 @@ CVE-2009-3291
 	NOTE: seems to be related to handling of \0 on CN
 	NOTE: not worth a dsa on its own, php doesn't verify certificates by default
 	NOTE: experimental is likely to be affected (as of 5.3.0)
-CVE-2009-3289
+CVE-2009-3289 (The g_file_copy function in glib 2.0 sets the permissions of a target  ...)
 	- glib2.0 2.22.0-1 (low)
 	[lenny] - glib2.0 2.16.6-3
 	[etch] - glib2.0 <no-dsa> (Minor issue)
-CVE-2009-3287
+CVE-2009-3287 (lib/thin/connection.rb in Thin web server before 1.2.4 relies on the X ...)
 	- thin 1.2.4-1 (low)
 CVE-2009-3285
 	RESERVED
-CVE-2009-3284
+CVE-2009-3284 (Directory traversal vulnerability in phpspot PHP BBS, PHP Image Captur ...)
 	NOT-FOR-US: phpspot Products
-CVE-2009-3283
+CVE-2009-3283 (Cross-site scripting (XSS) vulnerability in phpspot PHP BBS, PHP Image ...)
 	NOT-FOR-US: phpspot Products
-CVE-2009-3282
+CVE-2009-3282 (Integer overflow in the vmx86 kernel extension in VMware Fusion before ...)
 	NOT-FOR-US: VMware Fusion
-CVE-2009-3281
+CVE-2009-3281 (The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839  ...)
 	NOT-FOR-US: VMware Fusion
-CVE-2009-3280
+CVE-2009-3280 (Integer signedness error in the find_ie function in net/wireless/scan. ...)
 	- linux-2.6 2.6.31-1 (medium)
 	- linux-2.6.24 <not-affected> (vulnerable code not present)
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code not present)
-CVE-2009-3279
+CVE-2009-3279 (The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 062 ...)
 	NOT-FOR-US: QNAP TS-239 Pro and TS-639
-CVE-2009-3278
+CVE-2009-3278 (The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 062 ...)
 	NOT-FOR-US: QNAP TS-239 Pro and TS-639
-CVE-2009-3277
+CVE-2009-3277 (DataVault.Tesla/Impl/TypeSystem/AssociationHelper.cs in datavault allo ...)
 	NOT-FOR-US: datavault
-CVE-2009-3276
+CVE-2009-3276 (Zoran/WinFormsAdvansed/RegeularDataToXML/Form1.cs in WinFormsAdvansed  ...)
 	NOT-FOR-US: NASD CORE.NET Terelik (aka corenet1)
-CVE-2009-3275
+CVE-2009-3275 (Blocks/Common/Src/Configuration/Manageability/Adm/AdmContentBuilder.cs ...)
 	NOT-FOR-US: Microsoft patterns & practices Enterprise Library
-CVE-2009-3274
+CVE-2009-3274 (Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3 ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3273
+CVE-2009-3273 (iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not ...)
 	NOT-FOR-US: Apple iPhone
-CVE-2009-3272
+CVE-2009-3272 (Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safar ...)
 	- qt4-x11 <unfixed> (unimportant)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- kdelibs <unfixed> (unimportant)
 	- kde4libs <unfixed> (unimportant)
 	NOTE: browser crashers are not considered security-relevant
-CVE-2009-3271
+CVE-2009-3271 (Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Apple Safari on iPhone OS 3.0.1
-CVE-2009-3290
+CVE-2009-3290 (The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the ...)
 	{DSA-1915-1 DSA-1907-1 DTSA-203-1}
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (introduced in 2.6.25)
 	- kvm 85+dfsg-4.1 (high; bug #548975)
-CVE-2009-3288
+CVE-2009-3288 (The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel 2. ...)
 	- linux-2.6 2.6.31-1 (low)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.28)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.28)
 	- linux-2.6.24 <not-affected> (introduced in 2.6.28)
-CVE-2009-3286
+CVE-2009-3286 (NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does no ...)
 	{DSA-1929-1 DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.30-1 (low)
 	- linux-2.6.24 <removed>
-CVE-2009-3270
+CVE-2009-3270 (Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote att ...)
 	NOT-FOR-US: Microsoft Internet Explorer 7
-CVE-2009-3269
+CVE-2009-3269 (Opera 9.52 and earlier allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Opera
-CVE-2009-3268
+CVE-2009-3268 (Google Chrome 1.0.154.48 and earlier allows remote attackers to cause  ...)
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	NOTE: browser denial of services not considered security-relevant
-CVE-2009-3267
+CVE-2009-3267 (Microsoft Internet Explorer 6 through 6.0.2900.2180, and 7.0.6000.1671 ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3266
+CVE-2009-3266 (Opera before 10.01 does not properly restrict HTML in a (1) RSS or (2) ...)
 	NOT-FOR-US: Opera
-CVE-2009-3265
+CVE-2009-3265 (Cross-site scripting (XSS) vulnerability in Opera 9 and 10 allows remo ...)
 	NOT-FOR-US: Opera
-CVE-2009-3264
+CVE-2009-3264 (The getSVGDocument method in Google Chrome before 3.0.195.21 omits an  ...)
 	- chromium-browser <not-affected> (Only 3.x is affected)
 	- libv8 1.3.11+dfsg-1
 	- webkit <not-affected> (libv8 issue)
-CVE-2009-3263
+CVE-2009-3263 (Cross-site scripting (XSS) vulnerability in Google Chrome 2.x and 3.x  ...)
 	- chromium-browser <not-affected> (Only 3.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
 	NOTE: http://seclists.org/fulldisclosure/2009/Sep/201
 	NOTE: other browsers are not affected (only chrome and opera)
-CVE-2009-3262
+CVE-2009-3262 (Cross-site scripting (XSS) vulnerability in the Self Service UI (SSUI) ...)
 	NOT-FOR-US: IBM Tivoli Identity Manager
-CVE-2009-3261
+CVE-2009-3261 (update/update_0.1.2_to_0.2.php in LiveStreet 0.2 does not require admi ...)
 	NOT-FOR-US: LiveStreet
-CVE-2009-3260
+CVE-2009-3260 (Cross-site scripting (XSS) vulnerability in LiveStreet 0.2 allows remo ...)
 	NOT-FOR-US: LiveStreet
-CVE-2009-3259
+CVE-2009-3259 (Multiple SQL injection vulnerabilities in RASH Quote Management System ...)
 	NOT-FOR-US: RASH Quote Management System (RQMS)
-CVE-2009-3258
+CVE-2009-3258 (vtiger CRM before 5.1.0 allows remote authenticated users, with certai ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3257
+CVE-2009-3257 (vtiger CRM before 5.1.0 allows remote authenticated users to bypass th ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3256
+CVE-2009-3256 (Cross-site scripting (XSS) vulnerability in include/ajax/blogInfo.php  ...)
 	NOT-FOR-US: LiveStreet
-CVE-2009-3255
+CVE-2009-3255 (SQL injection vulnerability in RASH Quote Management System (RQMS) 1.2 ...)
 	NOT-FOR-US: RASH Quote Management System (RQMS)
-CVE-2009-3254
+CVE-2009-3254 (Multiple stack-based buffer overflows in Ultimate Player 1.56 beta all ...)
 	NOT-FOR-US: Ultimate Player
-CVE-2009-3253
+CVE-2009-3253 (Stack-based buffer overflow in TriceraSoft Swift Ultralite 1.032 allow ...)
 	NOT-FOR-US: TriceraSoft Swift Ultralite
-CVE-2009-3252
+CVE-2009-3252 (Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0. ...)
 	NOT-FOR-US: Rock Band CMS
-CVE-2009-3251
+CVE-2009-3251 (include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows remo ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3250
+CVE-2009-3250 (The saveForwardAttachments procedure in the Compose Mail functionality ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3249
+CVE-2009-3249 (Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3248
+CVE-2009-3248 (Cross-site request forgery (CSRF) vulnerability in the RSS module in v ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3247
+CVE-2009-3247 (Cross-site scripting (XSS) vulnerability in the Activities module in v ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2009-3246
+CVE-2009-3246 (SQL injection vulnerability in spnews.php in MyBuxScript PTC-BUX allow ...)
 	NOT-FOR-US: MyBuxScript PTC-BUX
-CVE-2009-3245
+CVE-2009-3245 (OpenSSL before 0.9.8m does not check for a NULL return value from bn_w ...)
 	- openssl 0.9.8m-1 (low; bug #575433)
 	[lenny] - openssl 0.9.8g-15+lenny7
-CVE-2009-3244
+CVE-2009-3244 (Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe S ...)
 	NOT-FOR-US: Adobe ShockWave Player
-CVE-2009-3243
+CVE-2009-3243 (Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and  ...)
 	- wireshark <not-affected> (Windows-only issue)
-CVE-2009-3242
+CVE-2009-3242 (Unspecified vulnerability in packet.c in the GSM A RR dissector in Wir ...)
 	- wireshark 1.2.2-1 (low; bug #547704)
 	[etch] - wireshark <not-affected> (Only affects 1.2.x)
 	[lenny] - wireshark <not-affected> (Only affects 1.2.x)
-CVE-2009-3241
+CVE-2009-3241 (Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark ...)
 	{DSA-1942-1}
 	- wireshark 1.2.2-1 (low; bug #547704)
 	[etch] - wireshark <not-affected> (Only affects >= 0.99.6)
 	[lenny] - wireshark 1.0.2-3+lenny6
-CVE-2009-3240
+CVE-2009-3240 (Cross-site scripting (XSS) vulnerability in the Happy Linux XF-Section ...)
 	NOT-FOR-US: module for XOOPS
 CVE-2009-3239
 	REJECTED
-CVE-2009-3238
+CVE-2009-3238 (The get_random_int function in drivers/char/random.c in the Linux kern ...)
 	{DSA-1929-1 DSA-1928-1 DSA-1927-1}
 	- linux-2.6 2.6.30-1 (low)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-3237
+CVE-2009-3237 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Applicati ...)
 	{DSA-1966-1}
 	- horde3 3.3.5+debian0-1 (low)
 	[lenny] - horde3 3.2.2+debian0-2+lenny1
 	NOTE: horde3 issue fixed in backport of latest DSA, DSA however did not fix etch
-CVE-2009-3235
+CVE-2009-3235 (Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1 ...)
 	{DSA-1893-1 DSA-1892-1}
 	- cyrus-imapd-2.2 2.2.13-17 (medium; bug #547947)
 	- kolab-cyrus-imapd 2.2.13-5.1 (medium; bug #547712)
 	- dovecot 1:1.2.1-1 (medium; bug #546656)
 	NOTE: This is a different vulnerability than CVE-2009-2632, it covers a few additional buffer overflows
-CVE-2009-3228
+CVE-2009-3228 (The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem ...)
 	{DSA-1929-1 DSA-1928-1 DSA-1927-1}
 	- linux-2.6 2.6.31-1 (low)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-3236
+CVE-2009-3236 (The form library in Horde Application Framework 3.2 before 3.2.5 and 3 ...)
 	{DSA-1897-1}
 	- horde3 3.3.5+debian0-1 (medium; bug #547318)
-CVE-2009-3234
+CVE-2009-3234 (Buffer overflow in the perf_copy_attr function in kernel/perf_counter. ...)
 	- linux-2.6 <not-affected> (Introduced in 2.6.31, fixed in Debian package before initial 2.6.31 upload)
 	- linux-2.6.24 <not-affected> (Introduced in 2.6.31)
-CVE-2009-3227
+CVE-2009-3227 (Cross-site scripting (XSS) vulnerability in index.php in AlmondSoft Al ...)
 	NOT-FOR-US: AlmondSoft Almond Classifieds Ads Enterprise
-CVE-2009-3226
+CVE-2009-3226 (SQL injection vulnerability in index.php in AlmondSoft Almond Classifi ...)
 	NOT-FOR-US: AlmondSoft Almond Classifieds Ads Enterprise
-CVE-2009-3225
+CVE-2009-3225 (Multiple cross-site scripting (XSS) vulnerabilities in AlmondSoft Almo ...)
 	NOT-FOR-US: AlmondSoft Almond Classifieds Wap and Pro
-CVE-2009-3224
+CVE-2009-3224 (SQL injection vulnerability in index.php in Super Mod System, when usi ...)
 	NOT-FOR-US: Super Mod System
-CVE-2009-3223
+CVE-2009-3223 (SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver  ...)
 	NOT-FOR-US: Inout Adserver
-CVE-2009-3222
+CVE-2009-3222 (Cross-site scripting (XSS) vulnerability in index.php in FreeWebScript ...)
 	NOT-FOR-US: FreeWebScriptz Honest Traffic
-CVE-2009-3221
+CVE-2009-3221 (Stack-based buffer overflow in Audio Lib Player (ALP) allows remote at ...)
 	NOT-FOR-US: Audio Lib Player (ALP)
-CVE-2009-3220
+CVE-2009-3220 (PHP remote file inclusion vulnerability in cp_html2txt.php in All In O ...)
 	NOT-FOR-US: All In One Control Panel
-CVE-2009-3219
+CVE-2009-3219 (Directory traversal vulnerability in a.php in AR Web Content Manager ( ...)
 	NOT-FOR-US: AR Web Content Manager
-CVE-2009-3218
+CVE-2009-3218 (SQL injection vulnerability in control/login.php in AR Web Content Man ...)
 	NOT-FOR-US: AR Web Content Manager
-CVE-2009-3217
+CVE-2009-3217 (SQL injection vulnerability in the admin module in iWiccle 1.01 allows ...)
 	NOT-FOR-US: iWiccle
-CVE-2009-3216
+CVE-2009-3216 (Multiple directory traversal vulnerabilities in iWiccle 1.01, when mag ...)
 	NOT-FOR-US: iWiccle
-CVE-2009-3215
+CVE-2009-3215 (SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, an ...)
 	NOT-FOR-US: IXXO Cart Standalone
-CVE-2009-3214
+CVE-2009-3214 (Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.254 ...)
 	NOT-FOR-US: Photodex ProShow Gold
-CVE-2009-3213
+CVE-2009-3213 (Stack-based buffer overflow in broid 1.0 Beta 3a allows remote attacke ...)
 	NOT-FOR-US: broid
-CVE-2009-3212
+CVE-2009-3212 (SQL injection vulnerability in VivaPrograms Infinity Script 2.x.x, whe ...)
 	NOT-FOR-US: VivaPrograms Infinity Script
-CVE-2009-3211
+CVE-2009-3211 (Directory traversal vulnerability in VivaPrograms Infinity Script 2.x. ...)
 	NOT-FOR-US: VivaPrograms Infinity Script
-CVE-2009-3210
+CVE-2009-3210 (Multiple cross-site scripting (XSS) vulnerabilities in the Print (aka  ...)
 	NOT-FOR-US: Print (aka Printer, e-mail and PDF versions) Drupal module (3rd party module)
-CVE-2009-3209
+CVE-2009-3209 (SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 a ...)
 	NOT-FOR-US: PHP eMail Manager
-CVE-2009-3208
+CVE-2009-3208 (Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote a ...)
 	NOT-FOR-US: phpfreeBB
-CVE-2009-3207
+CVE-2009-3207 (The ImageCache module 5.x before 5.x-2.5 and 6.x before 6.x-2.0-beta10 ...)
 	NOT-FOR-US: ImageCache module for Drupal (3rd party module)
-CVE-2009-3206
+CVE-2009-3206 (Multiple cross-site scripting (XSS) vulnerabilities in the ImageCache  ...)
 	NOT-FOR-US: ImageCache module for Drupal (3rd party module)
-CVE-2009-3205
+CVE-2009-3205 (SQL injection vulnerability in main.php in CBAuthority allows remote a ...)
 	NOT-FOR-US: CBAuthority
-CVE-2009-3204
+CVE-2009-3204 (Multiple cross-site scripting (XSS) vulnerabilities in Stiva Forum 1.0 ...)
 	NOT-FOR-US: Stiva Forum
-CVE-2009-3203
+CVE-2009-3203 (SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x al ...)
 	NOT-FOR-US: AJ Auction Pro OOPD
-CVE-2009-3202
+CVE-2009-3202 (Cross-site scripting (XSS) vulnerability in search.php in ULoKI PHP Fo ...)
 	NOT-FOR-US: ULoKI PHP Forum
-CVE-2009-3201
+CVE-2009-3201 (Integer overflow in Media Player Classic 6.4.9 allows user-assisted re ...)
 	NOT-FOR-US: Media Player Classic
-CVE-2009-3200
+CVE-2009-3200 (The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 062 ...)
 	NOT-FOR-US: QNAP TS-239 Pro and TS-639 Pro
-CVE-2009-3199
+CVE-2009-3199 (Uebimiau Webmail 3.2.0-2.0 stores sensitive information under the web  ...)
 	NOT-FOR-US: Uebimiau Webmail
-CVE-2009-3198
+CVE-2009-3198 (Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech Aff ...)
 	NOT-FOR-US: Affiliate Master
-CVE-2009-3197
+CVE-2009-3197 (Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech PHP ...)
 	NOT-FOR-US: JCE-Tech PHP Calendars
-CVE-2009-3196
+CVE-2009-3196 (Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech PHP  ...)
 	NOT-FOR-US: JCE-Tech PHP Video Script
-CVE-2009-3195
+CVE-2009-3195 (Multiple cross-site scripting (XSS) vulnerabilities in JCE-Tech Auctio ...)
 	NOT-FOR-US: JCE-Tech Auction RSS Content Script
-CVE-2009-3194
+CVE-2009-3194 (Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech Sear ...)
 	NOT-FOR-US: JCE-Tech SearchFeed Script
-CVE-2009-3193
+CVE-2009-3193 (SQL injection vulnerability in the DigiFolio (com_digifolio) component ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2009-3192
+CVE-2009-3192 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Li ...)
 	NOT-FOR-US: LinkorCMS
-CVE-2009-3191
+CVE-2009-3191 (Multiple cross-site scripting (XSS) vulnerabilities in PAD Site Script ...)
 	NOT-FOR-US: PAD Site Scripts
-CVE-2009-3190
+CVE-2009-3190 (Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow r ...)
 	NOT-FOR-US: PAD Site Scripts
-CVE-2009-3189
+CVE-2009-3189 (Cross-site scripting (XSS) vulnerability in search.php in DigiOz Guest ...)
 	NOT-FOR-US: DigiOz Guestbook
-CVE-2009-3188
+CVE-2009-3188 (PHP remote file inclusion vulnerability in save.php in phpSANE 0.5.0 a ...)
 	NOT-FOR-US: phpSANE
-CVE-2009-3187
+CVE-2009-3187 (Cross-site scripting (XSS) vulnerability in gamelist.php in Stand Alon ...)
 	NOT-FOR-US: Stand Alone Arcade
-CVE-2009-3186
+CVE-2009-3186 (Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ  ...)
 	NOT-FOR-US: VideoGirls BiZ
-CVE-2009-3185
+CVE-2009-3185 (SQL injection vulnerability in plugin.php in the Crazy Star plugin 2.0 ...)
 	NOT-FOR-US: Crazy Star plugin 2.0 for Discuz!
-CVE-2009-3184
+CVE-2009-3184 (Multiple SQL injection vulnerabilities in index.php in Pirates of The  ...)
 	NOT-FOR-US: Pirates of The Caribbean
-CVE-2009-3233
+CVE-2009-3233 (changetrack 4.3 allows local users to execute arbitrary commands via C ...)
 	{DSA-1891-1}
 	- changetrack 4.5-2 (medium; bug #546791)
-CVE-2009-3183
+CVE-2009-3183 (Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenS ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-3166
+CVE-2009-3166 (token.cgi in Bugzilla 3.4rc1 through 3.4.1 places a password in a URL  ...)
 	- bugzilla 3.4.7.0-1
 	[lenny] - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
-CVE-2009-3165
+CVE-2009-3165 (SQL injection vulnerability in the Bug.create WebService function in B ...)
 	{DSA-1913-1}
 	- bugzilla 3.2.5.0-1 (low; bug #547132)
 	[etch] - bugzilla <not-affected> (Vulnerable code not present)
 	NOTE: Introduced in 2.23.4
-CVE-2009-3182
+CVE-2009-3182 (Unrestricted file upload vulnerability in admin/editor/filemanager/bro ...)
 	NOT-FOR-US: Anantasoft Gazelle CMS
-CVE-2009-3181
+CVE-2009-3181 (Directory traversal vulnerability in Anantasoft Gazelle CMS 1.0 allows ...)
 	NOT-FOR-US: Anantasoft Gazelle CMS
-CVE-2009-3180
+CVE-2009-3180 (Anantasoft Gazelle CMS 1.0 allows remote attackers to conduct a passwo ...)
 	NOT-FOR-US: Anantasoft Gazelle CMS
-CVE-2009-3179
+CVE-2009-3179 (Multiple unspecified vulnerabilities in Symantec Altiris Deployment So ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2009-3178
+CVE-2009-3178 (Unspecified vulnerability in mm.exe in Symantec Altiris Deployment Sol ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2009-3177
+CVE-2009-3177 (Unspecified vulnerability in Kaspersky Online Scanner 7.0 has unknown  ...)
 	NOT-FOR-US: Kaspersky Online Scanner
-CVE-2009-3176
+CVE-2009-3176 (Buffer overflow in the ActiveX control in Novell iPrint Client 4.38 al ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2009-3175
+CVE-2009-3175 (Multiple SQL injection vulnerabilities in Model Agency Manager PRO (fo ...)
 	NOT-FOR-US: Model Agency Manager PRO
-CVE-2009-3174
+CVE-2009-3174 (PHP remote file inclusion vulnerability in fonctions_racine.php in OBO ...)
 	NOT-FOR-US: OBOphiX
-CVE-2009-3173
+CVE-2009-3173 (Unrestricted file upload vulnerability in admin/add_album.php in The R ...)
 	NOT-FOR-US: Rat CMS Alpha
-CVE-2009-3172
+CVE-2009-3172 (Unspecified vulnerability in Hitachi Groupmax Groupware Server 07-00 t ...)
 	NOT-FOR-US: Hitachi Groupmax Groupware Server
-CVE-2009-3171
+CVE-2009-3171 (Multiple cross-site scripting (XSS) vulnerabilities in Anantasoft Gaze ...)
 	NOT-FOR-US: Anantasoft Gazelle CMS
-CVE-2009-3170
+CVE-2009-3170 (Stack-based buffer overflow in AIMP2 Audio Converter 2.53 (build 330)  ...)
 	NOT-FOR-US: AIMP2 Audio Converter
-CVE-2009-3169
+CVE-2009-3169 (Multiple unspecified vulnerabilities in Hitachi JP1/File Transmission  ...)
 	NOT-FOR-US: Hitachi
-CVE-2009-3168
+CVE-2009-3168 (Mevin Productions Basic PHP Events Lister 2.0 does not properly restri ...)
 	NOT-FOR-US: Mevin Productions Basic PHP Events Lister
-CVE-2009-3167
+CVE-2009-3167 (Directory traversal vulnerability in index.php in Anantasoft Gazelle C ...)
 	NOT-FOR-US: Anantasoft Gazelle CMS
-CVE-2009-3232
+CVE-2009-3232 (pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GN ...)
 	- pam 1.0.1-10 (bug #519927)
 	[lenny] - pam <not-affected> (pam-auth-update not yet present)
 	[etch] - pam <not-affected> (pam-auth-update not yet present)
-CVE-2009-3229
+CVE-2009-3229 (The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8 ...)
 	{DSA-1900-1}
 	- postgresql-8.4 8.4.1-1
 	- postgresql-8.3 8.3.8-1
 	- postgresql-8.1 <not-affected>
 	- postgresql-7.4 <not-affected>
-CVE-2009-3230
+CVE-2009-3230 (The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8 ...)
 	{DSA-1900-1}
 	- postgresql-8.4 8.4.1-1
 	- postgresql-8.3 8.3.8-1
 	- postgresql-8.1 <removed>
 	- postgresql-7.4 <removed>
-CVE-2009-3231
+CVE-2009-3231 (The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 befor ...)
 	{DSA-1900-1}
 	- postgresql-8.4 8.4.1-1
 	- postgresql-8.3 8.3.8-1
 	- postgresql-8.1 <not-affected>
 	- postgresql-7.4 <not-affected>
-CVE-2009-3164
+CVE-2009-3164 (Unspecified vulnerability in the IPv6 networking stack in Sun Solaris  ...)
 	NOT-FOR-US: Solaris
-CVE-2009-3163
+CVE-2009-3163 (Multiple format string vulnerabilities in lib/silcclient/command.c in  ...)
 	{DSA-1879-1}
 	- silc-toolkit 1.1.10-1 (medium)
 	- silc-client 1.1-2 (medium)
@@ -5271,345 +5271,345 @@ CVE-2009-3137
 	REJECTED
 CVE-2009-3136
 	REJECTED
-CVE-2009-3135
+CVE-2009-3135 (Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3134
+CVE-2009-3134 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Offic ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3133
+CVE-2009-3133 (Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Ope ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3132
+CVE-2009-3132 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Offic ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3131
+CVE-2009-3131 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Offic ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3130
+CVE-2009-3130 (Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3129
+CVE-2009-3129 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Offic ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3128
+CVE-2009-3128 (Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3127
+CVE-2009-3127 (Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-3126
+CVE-2009-3126 (Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3162
+CVE-2009-3162 (Cross-site scripting (XSS) vulnerability in Multi Website 1.5 allows r ...)
 	NOT-FOR-US: Multi Website
-CVE-2009-3161
+CVE-2009-3161 (The server in IBM WebSphere MQ 7.0.0.1, 7.0.0.2, and 7.0.1.0 allows at ...)
 	NOT-FOR-US: IBM WebSpHere MQ
-CVE-2009-3160
+CVE-2009-3160 (IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7 ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2009-3159
+CVE-2009-3159 (Unspecified vulnerability in the rriDecompress function in IBM WebSphe ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2009-3158
+CVE-2009-3158 (admin/files.php in simplePHPWeb 0.2 does not require authentication, w ...)
 	NOT-FOR-US: simplePHPWeb
-CVE-2009-3157
+CVE-2009-3157 (Cross-site scripting (XSS) vulnerability in the Calendar module 6.x be ...)
 	NOT-FOR-US: Calendar module for Drupal
-CVE-2009-3156
+CVE-2009-3156 (Cross-site scripting (XSS) vulnerability in the Date Tools sub-module  ...)
 	NOT-FOR-US: Date module for Drupal
-CVE-2009-3155
+CVE-2009-3155 (Cross-site scripting (XSS) vulnerability in gmap.php in the Almond Cla ...)
 	NOT-FOR-US: Almond Classifieds component for Joomla!
-CVE-2009-3154
+CVE-2009-3154 (SQL injection vulnerability in the Almond Classifieds (com_aclassf) co ...)
 	NOT-FOR-US: Almond Classifieds component for Joomla!
-CVE-2009-3153
+CVE-2009-3153 (Multiple cross-site scripting (XSS) vulnerabilities in x10 MP3 Search  ...)
 	NOT-FOR-US: x10 MP3 Search engine
-CVE-2009-3152
+CVE-2009-3152 (Multiple cross-site scripting (XSS) vulnerabilities in becommunity/com ...)
 	NOT-FOR-US: NTSOFT BBS E-Market Professional
-CVE-2009-3151
+CVE-2009-3151 (Directory traversal vulnerability in actions/downloadFile.php in Ultri ...)
 	NOT-FOR-US: Ultrize TimeSheet
-CVE-2009-3150
+CVE-2009-3150 (SQL injection vulnerability in index.php in Multi Website 1.5 allows r ...)
 	NOT-FOR-US: Multi Website
-CVE-2009-3149
+CVE-2009-3149 (Directory traversal vulnerability in _css/js.php in Elgg 1.5, when mag ...)
 	- elgg <itp> (bug #526197)
-CVE-2009-3148
+CVE-2009-3148 (Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 ...)
 	NOT-FOR-US: PortalXP Teacher Edition
-CVE-2009-3147
+CVE-2009-3147 (Cross-site scripting (XSS) vulnerability in showproduct.php in ReviewP ...)
 	NOT-FOR-US: ReviewPost Pro
-CVE-2009-3146
+CVE-2009-3146 (Cross-site scripting (XSS) vulnerability in search_advance.php in Arti ...)
 	NOT-FOR-US: ArticleFriend Script
-CVE-2009-3125
+CVE-2009-3125 (SQL injection vulnerability in the Bug.search WebService function in B ...)
 	- bugzilla 3.4.7.0-1
 	[lenny] - bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
-CVE-2009-3124
+CVE-2009-3124 (Directory traversal vulnerability in get_message.cgi in QuarkMail allo ...)
 	NOT-FOR-US: QuarkMail
-CVE-2009-3123
+CVE-2009-3123 (Directory traversal vulnerability in gallery/gallery.php in Wap-Motor  ...)
 	NOT-FOR-US: Wap-Motor
-CVE-2009-3122
+CVE-2009-3122 (The Ajax Table module 5.x for Drupal does not perform access control,  ...)
 	NOT-FOR-US: Ajax Table module module for Drupal
-CVE-2009-3121
+CVE-2009-3121 (Cross-site scripting (XSS) vulnerability in the Ajax Table module 5.x  ...)
 	NOT-FOR-US: Ajax Table module module for Drupal
-CVE-2009-3120
+CVE-2009-3120 (Cross-site scripting (XSS) vulnerability in public/index.php in BIGACE ...)
 	NOT-FOR-US: BIGACE Web CMS
-CVE-2009-3119
+CVE-2009-3119 (SQL injection vulnerability in screen.php in the Download System mSF ( ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2009-3118
+CVE-2009-3118 (SQL injection vulnerability in mod/poll/comment.php in the vote module ...)
 	NOT-FOR-US: Danneo CMS
-CVE-2009-3117
+CVE-2009-3117 (SQL injection vulnerability in category.php in Snow Hall Silurus Syste ...)
 	NOT-FOR-US: Snow Hall Silurus System
-CVE-2009-3116
+CVE-2009-3116 (SQL injection vulnerability in index.php in Uiga Church Portal allows  ...)
 	NOT-FOR-US: Uiga Church Portal
-CVE-2009-3115
+CVE-2009-3115 (SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers t ...)
 	NOT-FOR-US: SolarWinds TFTP Server
-CVE-2009-3114
+CVE-2009-3114 (The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from  ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2009-3113
+CVE-2009-3113 (Unspecified vulnerability in OXID eShop Professional, Enterprise, and  ...)
 	NOT-FOR-US: OXID eShop Professional
-CVE-2009-3112
+CVE-2009-3112 (Unspecified vulnerability in OXID eShop Professional, Enterprise, and  ...)
 	NOT-FOR-US: OXID eShop Professional
-CVE-2009-3111
+CVE-2009-3111 (The rad_decode function in FreeRADIUS before 1.1.8 allows remote attac ...)
 	- freeradius 2.0.0-1 (low)
-CVE-2009-3110
+CVE-2009-3110 (Race condition in the file transfer functionality in Symantec Altiris  ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2009-3109
+CVE-2009-3109 (Unspecified vulnerability in the AClient agent in Symantec Altiris Dep ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2009-3108
+CVE-2009-3108 (The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before 6 ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2009-3107
+CVE-2009-3107 (Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 do ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
-CVE-2009-3106
+CVE-2009-3106 (The Servlet Engine/Web Container component in IBM WebSphere Applicatio ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-3105
+CVE-2009-3105 (Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domi ...)
 	NOT-FOR-US: IBM Lotus iNotes
-CVE-2009-3104
+CVE-2009-3104 (Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 20 ...)
 	NOT-FOR-US: Symantec Norton AntiVirus
-CVE-2009-3103
+CVE-2009-3103 (Array index error in the SMBv2 protocol implementation in srv2.sys in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-3102
+CVE-2009-3102 (The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manage ...)
 	NOT-FOR-US: Zmanda Recovery Manager
-CVE-2009-3101
+CVE-2009-3101 (xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 10, and OpenSolar ...)
 	- xscreensaver <not-affected> (OpenSolaris-specific, patch 120094-22 causes this)
-CVE-2009-3100
+CVE-2009-3100 (xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSol ...)
 	- xscreensaver <not-affected> (OpenSolaris-specific, patch 120094-22 causes this)
-CVE-2009-3099
+CVE-2009-3099 (Unspecified vulnerability in HP OpenView Operations Manager 8.1 on Win ...)
 	NOT-FOR-US: HP OpenView Operations Manager
-CVE-2009-3098
+CVE-2009-3098 (Unspecified vulnerability in the Portal in HP Operations Dashboard 2.1 ...)
 	NOT-FOR-US: HP Operations Dashboard
-CVE-2009-3097
+CVE-2009-3097 (Multiple unspecified vulnerabilities in HP Performance Insight 5.3 on  ...)
 	NOT-FOR-US: HP Performance Insight
-CVE-2009-3096
+CVE-2009-3096 (Multiple unspecified vulnerabilities in HP Performance Insight 5.3 all ...)
 	NOT-FOR-US: HP Performance Insight
-CVE-2009-3095
+CVE-2009-3095 (The mod_proxy_ftp module in the Apache HTTP Server allows remote attac ...)
 	{DSA-1934-1}
 	- apache2 2.2.13-2 (low; bug #545951)
 	[etch] - apache2 <no-dsa> (minor issue)
 	[lenny] - apache2 2.2.9-10+lenny5 (low; bug #545951)
 	NOTE: The attacker needs to have valid credentials for the FTP server, which
 	NOTE: makes this irrelevant in most cases. Based on a VulnDisco commercial 0day.
-CVE-2009-3094
+CVE-2009-3094 (The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the  ...)
 	{DSA-1934-1}
 	- apache2 2.2.13-2 (low; bug #545951)
 	[etch] - apache2 <no-dsa> (minor issue)
 	[lenny] - apache2 2.2.9-10+lenny5 (low; bug #545951)
-CVE-2009-3093
+CVE-2009-3093 (Unspecified vulnerability on the ASUS WL-500W wireless router has unkn ...)
 	NOT-FOR-US: ASUS WL-500W
-CVE-2009-3092
+CVE-2009-3092 (Buffer overflow on the ASUS WL-500W wireless router has unknown impact ...)
 	NOT-FOR-US: ASUS WL-500W
-CVE-2009-3091
+CVE-2009-3091 (Unspecified vulnerability on the ASUS WL-330gE has unknown impact and  ...)
 	NOT-FOR-US: ASUS WL-330gE
-CVE-2009-3090
+CVE-2009-3090 (Unspecified vulnerability in IBM Tivoli Directory Server (TDS) 6.0 on  ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2009-3089
+CVE-2009-3089 (IBM Tivoli Directory Server (TDS) 6.0 allows remote attackers to cause ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2009-3088
+CVE-2009-3088 (Heap-based buffer overflow in ibmdiradm in IBM Tivoli Directory Server ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2009-3087
+CVE-2009-3087 (Unspecified vulnerability in nserver.exe in the server in IBM Lotus Do ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2009-3086
+CVE-2009-3086 (A certain algorithm in Ruby on Rails 2.1.0 through 2.2.2, and 2.3.x be ...)
 	{DSA-2260-1}
 	- rails 2.2.3-1 (low; bug #545063)
 	[etch] - rails <no-dsa> (Minor issue)
-CVE-2009-3085
+CVE-2009-3085 (The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not  ...)
 	- pidgin 2.6.2-1 (low)
 	[lenny] - pidgin <no-dsa> (Minor issue)
-CVE-2009-3084
+CVE-2009-3084 (The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c  ...)
 	{DSA-2038-1}
 	- pidgin 2.6.2-1 (low)
-CVE-2009-3083
+CVE-2009-3083 (The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the  ...)
 	{DSA-2038-1}
 	- pidgin 2.6.2-1 (low)
-CVE-2009-3082
+CVE-2009-3082 (SQL injection vulnerability in wcategory.php in Snow Hall Silurus Syst ...)
 	NOT-FOR-US: Snow Hall Silurus System
-CVE-2009-3081
+CVE-2009-3081 (SQL injection vulnerability in index.php in Uiga Church Portal allows  ...)
 	NOT-FOR-US: Uiga Church Portal
-CVE-2009-3079
+CVE-2009-3079 (Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x  ...)
 	{DSA-1886-1}
 	- iceweasel 3.0.14-1
 	[etch] - iceweasel <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-3078
+CVE-2009-3078 (Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and  ...)
 	{DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3077
+CVE-2009-3077 (Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not proper ...)
 	{DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3076
+CVE-2009-3076 (Mozilla Firefox before 3.0.14 does not properly implement certain dial ...)
 	{DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3075
+CVE-2009-3075 (Multiple unspecified vulnerabilities in the JavaScript engine in Mozil ...)
 	{DSA-2025-1 DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	- icedove 3.0~rc2-2
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3074
+CVE-2009-3074 (Unspecified vulnerability in the JavaScript engine in Mozilla Firefox  ...)
 	{DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3073
+CVE-2009-3073 (Unspecified vulnerability in the JavaScript engine in Mozilla Firefox  ...)
 	- xulrunner <not-affected> (Only affects Firefox 3.5.x)
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5.x)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5.x)
-CVE-2009-3072
+CVE-2009-3072 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2025-1 DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	- icedove 3.0~rc2-2
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3071
+CVE-2009-3071 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3070
+CVE-2009-3070 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-1885-1}
 	- xulrunner 1.9.0.14-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-3069
+CVE-2009-3069 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5 ...)
 	- xulrunner <not-affected> (Only affects Firefox 3.5.x)
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5.x)
 	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5.x)
-CVE-2009-3068
+CVE-2009-3068 (Unrestricted file upload vulnerability in the RoboHelpServer Servlet ( ...)
 	NOT-FOR-US: Adobe RoboHelp Server
-CVE-2009-3067
+CVE-2009-3067 (Cross-site scripting (XSS) vulnerability in index.php in Reservation M ...)
 	NOT-FOR-US: Reservation Manager
-CVE-2009-3066
+CVE-2009-3066 (Multiple cross-site scripting (XSS) vulnerabilities in PropertyWatchSc ...)
 	NOT-FOR-US: PropertyWatchScript.com Property Watch
-CVE-2009-3065
+CVE-2009-3065 (PHP remote file inclusion vulnerability in editor/edit_htmlarea.php in ...)
 	NOT-FOR-US: Ve-EDIT
-CVE-2009-3064
+CVE-2009-3064 (Directory traversal vulnerability in debugger/debug_php.php in Ve-EDIT ...)
 	NOT-FOR-US: Ve-EDIT
-CVE-2009-3063
+CVE-2009-3063 (SQL injection vulnerability in the Game Server (com_gameserver) compon ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-3062
+CVE-2009-3062 (SQL injection vulnerability in message_box.php in OSI Codes PHP Live!  ...)
 	NOT-FOR-US: OSI Codes PHP Live!
-CVE-2009-3061
+CVE-2009-3061 (SQL injection vulnerability in lesson.php in Alqatari Q R Script 1.0 a ...)
 	NOT-FOR-US: Alqatari Q R Script
-CVE-2009-3060
+CVE-2009-3060 (Multiple cross-site scripting (XSS) vulnerabilities in Joker Board (ak ...)
 	NOT-FOR-US: Joker Board
-CVE-2009-3059
+CVE-2009-3059 (Multiple SQL injection vulnerabilities in Joker Board (aka JBoard) 2.0 ...)
 	NOT-FOR-US: Joker Board
-CVE-2009-3058
+CVE-2009-3058 (Stack-based buffer overflow in akPlayer 1.9.0 allows remote attackers  ...)
 	NOT-FOR-US: akPlayer
-CVE-2009-3057
+CVE-2009-3057 (Multiple cross-site scripting (XSS) vulnerabilities in AOM Software Be ...)
 	NOT-FOR-US: AOM Software Beex
-CVE-2009-3056
+CVE-2009-3056 (PHP remote file inclusion vulnerability in include/engine/content/elem ...)
 	NOT-FOR-US: KingCMS
-CVE-2009-3055
+CVE-2009-3055 (PHP remote file inclusion vulnerability in engine/api/api.class.php in ...)
 	NOT-FOR-US: DataLife Engine
-CVE-2009-3054
+CVE-2009-3054 (SQL injection vulnerability in the Artetics.com Art Portal (com_artpor ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-3053
+CVE-2009-3053 (Directory traversal vulnerability in the Agora (com_agora) component 3 ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-3052
+CVE-2009-3052 (SQL injection vulnerability in root/includes/prime_quick_style.php in  ...)
 	NOT-FOR-US: Prime Quick Style addon
-CVE-2009-3051
+CVE-2009-3051 (Multiple format string vulnerabilities in lib/silcclient/client_entry. ...)
 	{DSA-1879-1}
 	- silc-toolkit 1.1.10-1 (medium)
 	- silc-client 1.1-2 (medium)
 	- silc-server 1.1.2-1 (medium)
 	NOTE: silc-client/silc-server use libsilc from silc-toolkit since 1.1-2
-CVE-2009-3050
+CVE-2009-3050 (Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1 ...)
 	- htmldoc 1.8.27-4.1 (low; bug #537637)
 	[etch] - htmldoc <no-dsa> (Minor issue)
 	[lenny] - htmldoc <no-dsa> (Minor issue)
-CVE-2009-3049
+CVE-2009-3049 (Opera before 10.00 does not properly display all characters in Interna ...)
 	NOT-FOR-US: Opera
-CVE-2009-3048
+CVE-2009-3048 (Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly im ...)
 	NOT-FOR-US: Opera
-CVE-2009-3047
+CVE-2009-3047 (Opera before 10.00, when a collapsed address bar is used, does not pro ...)
 	NOT-FOR-US: Opera
-CVE-2009-3046
+CVE-2009-3046 (Opera before 10.00 does not check all intermediate X.509 certificates  ...)
 	NOT-FOR-US: Opera
-CVE-2009-3045
+CVE-2009-3045 (Opera before 10.00 trusts root X.509 certificates signed with the MD2  ...)
 	NOT-FOR-US: Opera
-CVE-2009-3044
+CVE-2009-3044 (Opera before 10.00 does not properly handle a (1) '\0' character or (2 ...)
 	NOT-FOR-US: Opera
-CVE-2009-3043
+CVE-2009-3043 (The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux ...)
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.31)
 CVE-2009-3039
 	RESERVED
-CVE-2009-3038
+CVE-2009-3038 (A certain ActiveX control in lnresobject.dll 7.1.1.119 in the Research ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-3037
+CVE-2009-3037 (Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka F ...)
 	NOT-FOR-US: Autonomy KeyView XLS viewer
-CVE-2009-3036
+CVE-2009-3036 (Cross-site scripting (XSS) vulnerability in the console in Symantec IM ...)
 	NOT-FOR-US: Symantec IM Manager
-CVE-2009-3035
+CVE-2009-3035 (The web console in Symantec Altiris Notification Server 6.0.x before 6 ...)
 	NOT-FOR-US: Symantec Altiris Notification Server
 CVE-2009-3034
 	REJECTED
-CVE-2009-3033
+CVE-2009-3033 (Buffer overflow in the RunCmd method in the Altiris eXpress NS Console ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-3032
+CVE-2009-3032 (Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autono ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2009-3031
+CVE-2009-3031 (Stack-based buffer overflow in the BrowseAndSaveFile method in the Alt ...)
 	NOT-FOR-US: Symantec Altiris Notification Server
-CVE-2009-3030
+CVE-2009-3030 (Cross-site scripting (XSS) vulnerability in Symantec SecurityExpressio ...)
 	NOT-FOR-US: Symantec SecurityExpressions Audit and Compliance Server
-CVE-2009-3029
+CVE-2009-3029 (Cross-site scripting (XSS) vulnerability in the console in Symantec Se ...)
 	NOT-FOR-US: Symantec SecurityExpressions Audit and Compliance Server
-CVE-2009-3028
+CVE-2009-3028 (The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dl ...)
 	NOT-FOR-US: Symantec
-CVE-2009-3027
+CVE-2009-3027 (VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection S ...)
 	NOT-FOR-US: Symantec Backup Exec Continuous Protection Server
-CVE-2009-3025
+CVE-2009-3025 (Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to c ...)
 	- pidgin 2.6.1-1 (low)
 	[lenny] - pidgin <not-affected> (Vulnerable code introduced in 2.6.0)
 	[etch] - pidgin <not-affected> (Vulnerable code introduced in 2.6.0)
-CVE-2009-3024
+CVE-2009-3024 (The verify_hostname_of_cert function in the certificate checking featu ...)
 	- libio-socket-ssl-perl 1.30-1
 	[lenny] - libio-socket-ssl-perl 1.16-1+lenny1
 	[etch] - libio-socket-ssl-perl <not-affected> (Affected functionality introduced in 1.14)
-CVE-2009-3023
+CVE-2009-3023 (Buffer overflow in the FTP Service in Microsoft Internet Information S ...)
 	NOT-FOR-US: Microsoft IIS
-CVE-2009-3022
+CVE-2009-3022 (Cross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2 and e ...)
 	NOT-FOR-US: bingo!CMS
-CVE-2009-3021
+CVE-2009-3021 (Cross-site scripting (XSS) vulnerability in Site Calendar 'mycaljp' pl ...)
 	NOT-FOR-US: Site Calendar 'mycaljp' plugin
-CVE-2009-3020
+CVE-2009-3020 (win32k.sys in Microsoft Windows Server 2003 SP2 allows remote attacker ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2009-3019
+CVE-2009-3019 (Microsoft Internet Explorer 6 on Windows XP SP2 and SP3, and Internet  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3018
+CVE-2009-3018 (Maxthon Browser 3.0.0.145 Alpha with Ultramode does not properly block ...)
 	NOT-FOR-US: Maxthon Browser
-CVE-2009-3017
+CVE-2009-3017 (Orca Browser 1.2 build 5 does not properly block data: URIs in Refresh ...)
 	NOT-FOR-US: Orca Browser
-CVE-2009-3016
+CVE-2009-3016 (Apple Safari 4.0.3 does not properly block javascript: and data: URIs  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-3015
+CVE-2009-3015 (QtWeb 3.0 Builds 001 and 003 does not properly block javascript: and d ...)
 	- qt4-x11 <unfixed> (unimportant)
 	- kdelibs <unfixed> (unimportant)
 	- kde4libs <unfixed> (unimportant)
 	NOTE: This is a web site issue (open redirector), not a browser problem.
-CVE-2009-3014
+CVE-2009-3014 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; S ...)
 	NOTE: This is a web site issue (open redirector), not a browser problem.
 	- iceweasel <removed> (unimportant)
-CVE-2009-3013
+CVE-2009-3013 (Opera 9.52 and earlier, and 10.00 Beta 3 Build 1699, does not properly ...)
 	NOT-FOR-US: Opera
-CVE-2009-3012
+CVE-2009-3012 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre do ...)
 	NOTE: This is a web site issue (open redirector), not a browser problem.
-CVE-2009-3011
+CVE-2009-3011 (Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and 3.0. ...)
 	NOT-FOR-US: Unclear, historic Chrome issue
-CVE-2009-3010
+CVE-2009-3010 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; S ...)
 	NOTE: This is a web site issue (open redirector), not a browser problem.
 	- iceweasel <removed> (unimportant)
-CVE-2009-3009
+CVE-2009-3009 (Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before 2 ...)
 	{DSA-1887-1}
 	- rails 2.2.3-1 (low; bug #545063)
 	[etch] - rails <no-dsa> (Unsupported)
-CVE-2009-3008
+CVE-2009-3008 (K-Meleon 1.5.3 allows context-dependent attackers to spoof the address ...)
 	NOT-FOR-US: K-Meleon
-CVE-2009-3007
+CVE-2009-3007 (Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allow con ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.3-3 (low)
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
@@ -5617,213 +5617,213 @@ CVE-2009-3007
 	[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
 	[lenny] - iceape <not-affected> (Iceape from Lenny only provides NSS libs)
 	- webkit <not-affected> (proof-of-concept did not work)
-CVE-2009-3006
+CVE-2009-3006 (Maxthon Browser 2.5.3.80 UNICODE allows remote attackers to spoof the  ...)
 	NOT-FOR-US: Maxthon Browser
-CVE-2009-3005
+CVE-2009-3005 (Lunascape 5.1.3 and 5.1.4 allows remote attackers to spoof the address ...)
 	NOT-FOR-US: Lunascape
-CVE-2009-3004
+CVE-2009-3004 (Avant Browser 11.7 Builds 35 and 36 allows remote attackers to spoof t ...)
 	NOT-FOR-US: Avant Browser
-CVE-2009-3003
+CVE-2009-3003 (Microsoft Internet Explorer 6 through 8 allows remote attackers to spo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-3002
+CVE-2009-3002 (The Linux kernel before 2.6.31-rc7 does not initialize certain data st ...)
 	{DSA-1929-1 DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.30-7 (low)
 	- linux-2.6.24 <removed>
 	NOTE: minor info leaks
-CVE-2009-3001
+CVE-2009-3001 (The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2. ...)
 	{DSA-1929-1 DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.30-7 (low)
 	- linux-2.6.24 <removed>
 	NOTE: minor info leak
-CVE-2009-3000
+CVE-2009-3000 (The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_ ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2999
+CVE-2009-2999 (The com.android.phone process in Android 1.5 CRBxx allows remote attac ...)
 	NOT-FOR-US: Android
 CVE-2009-XXXX [serveez: buffer overflow in header parser]
 	- serveez <removed> (low)
 	[lenny] - serveez 0.1.5-2.1+lenny1
 	[etch] - serveez 0.1.5-2+etch1
-CVE-2009-2998
+CVE-2009-2998 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x b ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2997
+CVE-2009-2997 (Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1. ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2996
+CVE-2009-2996 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x b ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2995
+CVE-2009-2995 (Integer overflow in Adobe Acrobat 7.x before 7.1.4, 8.x before 8.1.7,  ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2994
+CVE-2009-2994 (Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x befo ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2993
+CVE-2009-2993 (The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before  ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2992
+CVE-2009-2992 (An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before  ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2991
+CVE-2009-2991 (Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and A ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2990
+CVE-2009-2990 (Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x befo ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2989
+CVE-2009-2989 (Integer overflow in Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, an ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2988
+CVE-2009-2988 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x b ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2987
+CVE-2009-2987 (Unspecified vulnerability in an ActiveX control in Adobe Reader and Ac ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2986
+CVE-2009-2986 (Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x b ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2985
+CVE-2009-2985 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x b ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2984
+CVE-2009-2984 (Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x be ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2983
+CVE-2009-2983 (Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibl ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2982
+CVE-2009-2982 (An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2981
+CVE-2009-2981 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x b ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2980
+CVE-2009-2980 (Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x bef ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2979
+CVE-2009-2979 (Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibl ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2978
+CVE-2009-2978 (SQL injection vulnerability in SugarCRM 4.5.1o and earlier, 5.0.0k and ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2009-2977
+CVE-2009-2977 (The Cisco Security Monitoring, Analysis and Response System (CS-MARS)  ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2976
+CVE-2009-2976 (Cisco Aironet Lightweight Access Point (AP) devices send the contents  ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2975
+CVE-2009-2975 (Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly invol ...)
 	- xulrunner <not-affected> (unimportant)
 	NOTE: browser crashes not treated as security issues
 	NOTE: not reproducible, probably only Firefox in Windows XP is affected
-CVE-2009-2974
+CVE-2009-2974 (Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote attack ...)
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (doesn't support 'chromehtml' protocol)
-CVE-2009-2973
+CVE-2009-2973 (Google Chrome before 2.0.172.43 does not prevent SSL connections to a  ...)
 	- chromium-browser <not-affected> (Only 2.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-2972
+CVE-2009-2972 (in.lpd in the print service in Sun Solaris 8 and 9 allows remote attac ...)
 	NOT-FOR-US: Sun Solaris
 CVE-2009-2971
 	RESERVED
-CVE-2009-2970
+CVE-2009-2970 (Stack-based buffer overflow in the GetUiDllVersion function in an Acti ...)
 	NOT-FOR-US: UiTV UiPlayer
 CVE-2009-2969
 	RESERVED
-CVE-2009-2968
+CVE-2009-2968 (Directory traversal vulnerability in a support component in the web in ...)
 	NOT-FOR-US: VMware Studio
-CVE-2009-2967
+CVE-2009-2967 (Multiple cross-site scripting (XSS) vulnerabilities in Buildbot 0.7.6  ...)
 	- buildbot 0.7.11p3-1
 	[lenny] - buildbot <no-dsa> (Minor issue)
 	[etch] - buildbot <not-affected> (According to the vendor 0.7.5 and earlier are not affected)
-CVE-2009-2966
+CVE-2009-2966 (avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0. ...)
 	NOT-FOR-US: Kaspersky Internet Security
-CVE-2009-2965
+CVE-2009-2965 (Cross-site scripting (XSS) vulnerability in entry/index.jsp in Radvisi ...)
 	NOT-FOR-US: Radvision Scopia
-CVE-2009-2964
+CVE-2009-2964 (Multiple cross-site request forgery (CSRF) vulnerabilities in Squirrel ...)
 	{DSA-2091-1}
 	- squirrelmail 2:1.4.20~rc2-1 (low; bug #543818)
-CVE-2009-2963
+CVE-2009-2963 (Unspecified vulnerability in the update feature in Toolbar Uninstaller ...)
 	NOT-FOR-US: Toolbar Uninstaller
-CVE-2009-2961
+CVE-2009-2961 (Stack-based buffer overflow in Thaddy de Konng KOL Player 1.0 allows r ...)
 	NOT-FOR-US: Thaddy de Konng KOL Player
-CVE-2009-2960
+CVE-2009-2960 (CuteFlow 2.10.3 and 2.11.0_c does not properly restrict access to page ...)
 	NOT-FOR-US: CuteFlow
-CVE-2009-2959
+CVE-2009-2959 (Cross-site scripting (XSS) vulnerability in the waterfall web status v ...)
 	- buildbot 0.7.11p3-1 (low; bug #543822)
 	[lenny] - buildbot <no-dsa> (Minor issue)
 	[etch] - buildbot <not-affected> (According to the vendor 0.7.5 and earlier are not affected)
-CVE-2009-2958
+CVE-2009-2958 (The tftp_request function in tftp.c in dnsmasq before 2.50, when --ena ...)
 	{DSA-1876-1}
 	- dnsmasq 2.50-1
 	[etch] - dnsmasq <not-affected>
-CVE-2009-2957
+CVE-2009-2957 (Heap-based buffer overflow in the tftp_request function in tftp.c in d ...)
 	{DSA-1876-1}
 	- dnsmasq 2.50-1
 	[etch] - dnsmasq <not-affected>
-CVE-2009-2956
+CVE-2009-2956 (The (1) Net.Commerce and (2) Net.Data components in IBM WebSphere Comm ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2955
+CVE-2009-2955 (Google Chrome 1.0.154.48 and earlier allows remote attackers to cause  ...)
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	NOTE: browser denial of services are not considered security-relevant
-CVE-2009-2954
+CVE-2009-2954 (Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote at ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-2953
+CVE-2009-2953 (Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote attacke ...)
 	- xulrunner <unfixed> (unimportant; bug #557753)
 	NOTE: browser denial-of-services are considered unimportant
-CVE-2009-2952
+CVE-2009-2952 (Unspecified vulnerability in the pollwakeup function in Sun Solaris 10 ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2951
+CVE-2009-2951 (Phenotype CMS before 2.9 does not use a random salt value for password ...)
 	NOT-FOR-US: Phenotype CMS
-CVE-2009-2950
+CVE-2009-2950 (Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompress ...)
 	{DSA-1995-1 DTSA-205-1}
 	- openoffice.org 1:3.1.1-16
-CVE-2009-2949
+CVE-2009-2949 (Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm ...)
 	{DSA-1995-1 DTSA-205-1}
 	- openoffice.org 1:3.1.1-16
-CVE-2009-2948
+CVE-2009-2948 (mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3 ...)
 	{DSA-1908-1}
 	- samba 2:3.4.2-1 (medium; bug #550423)
-CVE-2009-2947
+CVE-2009-2947 (Cross-site scripting (XSS) vulnerability in Xapian Omega before 1.0.16 ...)
 	{DSA-1882-1}
 	- xapian-omega 1.0.15-2
-CVE-2009-2946
+CVE-2009-2946 (Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in de ...)
 	{DSA-1878-2 DSA-1878-1}
 	- devscripts 2.10.54
-CVE-2009-2945
+CVE-2009-2945 (weblogin/login.fcgi (aka the WebLogin login script) in Stanford Univer ...)
 	- webauth 3.6.2-1 (low)
 	[lenny] - webauth 3.6.0-1+lenny1
 	[etch] - webauth <not-affected> (Vulnerable code not present)
-CVE-2009-2944
+CVE-2009-2944 (Incomplete blacklist vulnerability in the teximg plugin in ikiwiki bef ...)
 	{DSA-1875-1}
 	- ikiwiki 3.1415926
-CVE-2009-2943
+CVE-2009-2943 (The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL  ...)
 	{DSA-1909-1}
 	- postgresql-ocaml 1.12.1-1 (low)
-CVE-2009-2942
+CVE-2009-2942 (The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the m ...)
 	{DSA-1910-1}
 	- mysql-ocaml 1.0.4-7 (low)
 CVE-2009-2941
 	RESERVED
-CVE-2009-2940
+CVE-2009-2940 (The pygresql module 3.8.1 and 4.0 for Python does not properly support ...)
 	{DSA-1911-1}
 	- pygresql 1:4.0-1 (low)
-CVE-2009-2939
+CVE-2009-2939 (The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix ...)
 	- postfix 2.6.5-3 (low)
 	[lenny] - postfix 2.5.5-1.1+lenny1
 	[etch] - postfix <no-dsa> (Minor issue)
 CVE-2009-2938
 	RESERVED
-CVE-2009-2937
+CVE-2009-2937 (Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet Venu ...)
 	- planet <removed> (low; bug #546178)
 	[lenny] - planet <no-dsa> (Minor issue)
 	[etch] - planet <no-dsa> (Minor issue)
 	- planet-venus 0~bzr116-1 (low; bug #546179)
 	[lenny] - planet-venus 0~bzr95-2+lenny1
 	[etch] - planet-venus <no-dsa> (Minor issue)
-CVE-2009-2936
+CVE-2009-2936 (** DISPUTED ** The Command Line Interface (aka Server CLI or administr ...)
 	- varnish 2.1.0-2 (unimportant)
 	NOTE: Only a security issue if used against best practices
-CVE-2009-2935
+CVE-2009-2935 (Google V8, as used in Google Chrome before 2.0.172.43, allows remote a ...)
 	- chromium-browser <not-affected> (Only 2.x is affected)
 	- libv8 1.3.11+dfsg-1
 	- webkit <not-affected> (libv8 issue)
-CVE-2009-2934
+CVE-2009-2934 (Multiple stack-based buffer overflows in xaudio.dll in Programmed Inte ...)
 	NOT-FOR-US: Programmed Integration PIPL
-CVE-2009-2933
+CVE-2009-2933 (SQL injection vulnerability in comments.php in Piwigo before 2.0.3 all ...)
 	- piwigo <not-affected> (Fixed before initial upload to the archive)
-CVE-2009-2932
+CVE-2009-2932 (Cross-site scripting (XSS) vulnerability in uddiclient/process in the  ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2009-2931
+CVE-2009-2931 (Directory traversal vulnerability in p.php in SlideShowPro Director 1. ...)
 	NOT-FOR-US: SlideShowPro Director
-CVE-2009-2930
+CVE-2009-2930 (Cross-site scripting (XSS) vulnerability in the Search feature in elka ...)
 	NOT-FOR-US: elka CMS (aka Elkapax)
-CVE-2009-2929
+CVE-2009-2929 (Multiple SQL injection vulnerabilities in TGS Content Management 0.x a ...)
 	NOT-FOR-US: TGS Content Management
-CVE-2009-2928
+CVE-2009-2928 (Cross-site scripting (XSS) vulnerability in login.php in TGS Content M ...)
 	NOT-FOR-US: TGS Content Management
-CVE-2009-2927
+CVE-2009-2927 (SQL injection vulnerability in DetailFile.php in DigitalSpinners DS CM ...)
 	NOT-FOR-US: DigitalSpinners DS CMS
-CVE-2009-2926
+CVE-2009-2926 (Multiple SQL injection vulnerabilities in PHP Competition System BETA  ...)
 	NOT-FOR-US: PHP Competition System BETA
-CVE-2009-3026
+CVE-2009-3026 (protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly oth ...)
 	- pidgin 2.6.1-1 (low; bug #542891)
 	[lenny] - pidgin 2.4.3-4lenny4
 	NOTE: gaim nof affected, it never claimed to support TLS/SSL
@@ -5831,113 +5831,113 @@ CVE-2009-3026
 	NOTE: http://developer.pidgin.im/viewmtn/revision/diff/312e056d702d29379ea61aea9d27765f127bc888/with/55897c4ce0787edc1e7721b7f4a9b5cbc8357279
 CVE-2009-2962
 	REJECTED
-CVE-2009-2925
+CVE-2009-2925 (Directory traversal vulnerability in DJcalendar.cgi in DJCalendar allo ...)
 	NOT-FOR-US: DJCalendar
-CVE-2009-2924
+CVE-2009-2924 (Multiple SQL injection vulnerabilities in Videos Broadcast Yourself 2  ...)
 	NOT-FOR-US: Videos Broadcast Yourself 2
-CVE-2009-2923
+CVE-2009-2923 (Multiple directory traversal vulnerabilities in BitmixSoft PHP-Lance 1 ...)
 	NOT-FOR-US: BitmixSoft PHP-Lance
-CVE-2009-2922
+CVE-2009-2922 (Absolute path traversal vulnerability in pixaria.image.php in Pixaria  ...)
 	NOT-FOR-US: Pixaria Gallery
-CVE-2009-2921
+CVE-2009-2921 (Multiple SQL injection vulnerabilities in login.php in MOC Designs PHP ...)
 	NOT-FOR-US: MOC Designs PHP News
-CVE-2009-2920
+CVE-2009-2920 (Multiple cross-site scripting (XSS) vulnerabilities in Elvin 1.2.2 all ...)
 	NOT-FOR-US: Elvin
-CVE-2009-2919
+CVE-2009-2919 (Cross-site scripting (XSS) vulnerability in Boonex Orca 2.0 and 2.0.2  ...)
 	NOT-FOR-US: Boonex Orca
-CVE-2009-2918
+CVE-2009-2918 (The tgbvpn.sys driver in TheGreenBow IPSec VPN Client 4.61.003 allows  ...)
 	NOT-FOR-US: TheGreenBow IPSec VPN Client
-CVE-2009-2917
+CVE-2009-2917 (Stack-based buffer overflow in ImTOO MPEG Encoder 3.1.53 allows remote ...)
 	NOT-FOR-US: ImTOO MPEG Encoder
-CVE-2009-2916
+CVE-2009-2916 (Format string vulnerability in the CNS_AddTxt function in logs.dll in  ...)
 	NOT-FOR-US: 2K Games Vietcong
-CVE-2009-2915
+CVE-2009-2915 (SQL injection vulnerability in 2fly_gift.php in 2FLY Gift Delivery Sys ...)
 	NOT-FOR-US: 2FLY Gift Delivery System
-CVE-2009-2914
+CVE-2009-2914 (Cross-site scripting (XSS) vulnerability in index.php in XZero Communi ...)
 	NOT-FOR-US: XZero Community Classified
-CVE-2009-2913
+CVE-2009-2913 (Cross-site scripting (XSS) vulnerability in index.php in XZero Communi ...)
 	NOT-FOR-US: XZero Community Classified
-CVE-2009-2912
+CVE-2009-2912 (The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2911
+CVE-2009-2911 (SystemTap 1.0, when the --unprivileged option is used, does not proper ...)
 	- systemtap 1.0-2 (bug #551918)
 	[lenny] - systemtap <not-affected> (Affected functionality only added in 1.0)
-CVE-2009-2910
+CVE-2009-2910 (arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x ...)
 	{DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.31-1 (medium)
 	- linux-2.6.24 <unfixed> (medium)
-CVE-2009-2909
+CVE-2009-2909 (Integer signedness error in the ax25_setsockopt function in net/ax25/a ...)
 	{DSA-1929-1 DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.31-1 (medium)
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-2908
+CVE-2009-2908 (The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux  ...)
 	{DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.19)
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-2907
+CVE-2009-2907 (Multiple cross-site scripting (XSS) vulnerabilities in SpringSource tc ...)
 	NOT-FOR-US: SpringSource tc Server, Application Management Suite, Hyperic HQ Open Source, and Hyperic Enterprise
-CVE-2009-2906
+CVE-2009-2906 (smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8,  ...)
 	{DSA-1908-1}
 	- samba 2:3.4.2-1 (low; bug #550423)
-CVE-2009-2905
+CVE-2009-2905 (Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0. ...)
 	{DSA-1894-1}
 	- newt 0.52.10-4.1 (medium; bug #548198)
-CVE-2009-2904
+CVE-2009-2904 (A certain Red Hat modification to the ChrootDirectory feature in OpenS ...)
 	- openssh <not-affected> (issue with homechroot patch specific to Red Hat)
-CVE-2009-2903
+CVE-2009-2903 (Memory leak in the appletalk subsystem in the Linux kernel 2.4.x throu ...)
 	{DSA-1928-1 DSA-1915-1}
 	- linux-2.6 2.6.31-1 (low)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-2902
+CVE-2009-2902 (Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.2 ...)
 	{DSA-2207-1}
 	- tomcat6 6.0.24-1 (low)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
 	- tomcat5.5 <removed>
-CVE-2009-2901
+CVE-2009-2901 (The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6 ...)
 	- tomcat6 <not-affected> (Windows-only)
 	- tomcat5.5 <not-affected> (Windows-only)
 CVE-2009-2900
 	RESERVED
-CVE-2009-2899
+CVE-2009-2899 (The monitor perl script in the Sybase database plug-in in SpringSource ...)
 	NOT-FOR-US: SpringSource Hyperic HQ
-CVE-2009-2898
+CVE-2009-2898 (Cross-site scripting (XSS) vulnerability in the Alerts list feature in ...)
 	NOT-FOR-US: SpringSource Hyperic HQ
-CVE-2009-2897
+CVE-2009-2897 (Multiple cross-site scripting (XSS) vulnerabilities in hq/web/common/G ...)
 	NOT-FOR-US: SpringSource Hyperic HQ
-CVE-2009-2896
+CVE-2009-2896 (Buffer overflow in KMplayer 2.9.4.1433 and earlier allows remote attac ...)
 	NOT-FOR-US: KMPlayer: http://www.kmplayer.com
-CVE-2009-2895
+CVE-2009-2895 (SQL injection vulnerability in rss.php in Ultimate Regnow Affiliate (U ...)
 	NOT-FOR-US: Ultimate Regnow Affiliate
-CVE-2009-2894
+CVE-2009-2894 (Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote ...)
 	NOT-FOR-US: Ebay Clone 2009
-CVE-2009-2893
+CVE-2009-2893 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in XZ ...)
 	NOT-FOR-US: XZero Community Classifieds
-CVE-2009-2892
+CVE-2009-2892 (Multiple SQL injection vulnerabilities in header.php in Scripteen Free ...)
 	NOT-FOR-US: Scripteen Free Image Hosting Script
-CVE-2009-2891
+CVE-2009-2891 (SQL injection vulnerability in list.php in PHP Scripts Now Riddles all ...)
 	NOT-FOR-US: PHP Scripts Now Riddles
-CVE-2009-2890
+CVE-2009-2890 (Cross-site scripting (XSS) vulnerability in results.php in PHP Scripts ...)
 	NOT-FOR-US: PHP Scripts Now Riddles
-CVE-2009-2889
+CVE-2009-2889 (Cross-site scripting (XSS) vulnerability in index.php in PHP Scripts N ...)
 	NOT-FOR-US: PHP Scripts Now Riddles
-CVE-2009-2888
+CVE-2009-2888 (SQL injection vulnerability in index.php in PHP Scripts Now Hangman al ...)
 	NOT-FOR-US: PHP Scripts Now Hangman
-CVE-2009-2887
+CVE-2009-2887 (Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts No ...)
 	NOT-FOR-US: PHP Scripts Now President Bios
-CVE-2009-2886
+CVE-2009-2886 (SQL injection vulnerability in bios.php in PHP Scripts Now President B ...)
 	NOT-FOR-US: PHP Scripts Now President
-CVE-2009-2885
+CVE-2009-2885 (SQL injection vulnerability in bios.php in PHP Scripts Now World's Tal ...)
 	NOT-FOR-US: PHP Scripts Now World's
-CVE-2009-2884
+CVE-2009-2884 (Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts No ...)
 	NOT-FOR-US: PHP Scripts Now World's Tallest Buildings
-CVE-2009-2883
+CVE-2009-2883 (SQL injection vulnerability in admin/login.php in SaphpLesson 4.0, whe ...)
 	NOT-FOR-US: SaphpLesson
-CVE-2009-2882
+CVE-2009-2882 (Multiple cross-site scripting (XSS) vulnerabilities in PG MatchMaking  ...)
 	NOT-FOR-US: PG MatchMaking
-CVE-2009-2881
+CVE-2009-2881 (Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote  ...)
 	NOT-FOR-US: Basilic
-CVE-2009-3369
+CVE-2009-3369 (CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in us ...)
 	- backuppc 3.1.0-8 (low; bug #542218)
 	[etch] - backuppc <not-affected> (No configuration GUI)
 	[lenny] - backuppc 3.1.0-4lenny2
@@ -5946,105 +5946,105 @@ CVE-2009-5043 [burn: Insecure escaping of file names]
 	- burn 0.4.5-1 (low; bug #542329)
 	[lenny] - burn 0.4.3-2.1+lenny1
 	[etch] - burn <no-dsa> (Minor issue)
-CVE-2009-2880
+CVE-2009-2880 (Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x befor ...)
 	NOT-FOR-US: Cisco WebEx WRF Player
-CVE-2009-2879
+CVE-2009-2879 (Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player ...)
 	NOT-FOR-US: Cisco WebEx WRF Player
-CVE-2009-2878
+CVE-2009-2878 (Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player ...)
 	NOT-FOR-US: Cisco WebEx WRF Player
-CVE-2009-2877
+CVE-2009-2877 (Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Play ...)
 	NOT-FOR-US: Cisco WebEx WRF Player
-CVE-2009-2876
+CVE-2009-2876 (Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player ...)
 	NOT-FOR-US: Cisco WebEx WRF Player
-CVE-2009-2875
+CVE-2009-2875 (Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x befor ...)
 	NOT-FOR-US: Cisco WebEx WRF Player
-CVE-2009-2874
+CVE-2009-2874 (The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6) ...)
 	NOT-FOR-US: Cisco Unified Presence
-CVE-2009-2873
+CVE-2009-2873 (Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Expre ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2872
+CVE-2009-2872 (Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Expre ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2871
+CVE-2009-2871 (Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sess ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2870
+CVE-2009-2870 (Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cis ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2869
+CVE-2009-2869 (Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2 ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2868
+CVE-2009-2868 (Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certifi ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2867
+CVE-2009-2867 (Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2 ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2866
+CVE-2009-2866 (Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2865
+CVE-2009-2865 (Buffer overflow in the login implementation in the Extension Mobility  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2864
+CVE-2009-2864 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager)  ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2863
+CVE-2009-2863 (Race condition in the Firewall Authentication Proxy feature in Cisco I ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2862
+CVE-2009-2862 (The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2861
+CVE-2009-2861 (The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Li ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2860
+CVE-2009-2860 (Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows  ...)
 	NOT-FOR-US: db2jds in IBM DB2
-CVE-2009-2859
+CVE-2009-2859 (IBM DB2 8.1 before FP18 allows attackers to obtain unspecified access  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-2858
+CVE-2009-2858 (Memory leak in the Security component in IBM DB2 8.1 before FP18 on Un ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-2857
+CVE-2009-2857 (The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103 ...)
 	NOT-FOR-US: kernel in Sun Solaris
-CVE-2009-2856
+CVE-2009-2856 (Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding i ...)
 	NOT-FOR-US: Sun Virtual Desktop Infrastructure
-CVE-2009-2855
+CVE-2009-2855 (The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allo ...)
 	{DSA-1991-1}
 	- squid 2.7.STABLE7-1 (low; bug #534982)
 	- squid3 3.0.STABLE19-1
-CVE-2009-2854
+CVE-2009-2854 (Wordpress before 2.8.3 does not check capabilities for certain actions ...)
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1
-CVE-2009-2853
+CVE-2009-2853 (Wordpress before 2.8.3 allows remote attackers to gain privileges via  ...)
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1
-CVE-2009-2852
+CVE-2009-2852 (WP-Syntax plugin 0.9.1 and earlier for Wordpress, with register_global ...)
 	NOT-FOR-US: WP-Syntax plugin
-CVE-2009-2851
+CVE-2009-2851 (Cross-site scripting (XSS) vulnerability in the administrator interfac ...)
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1 (low)
-CVE-2009-2850
+CVE-2009-2850 (Multiple buffer overflows in NASA Common Data Format (CDF) allow conte ...)
 	NOT-FOR-US: NASA Common Data Format
 CVE-2009-2845
 	REJECTED
-CVE-2009-2849
+CVE-2009-2849 (The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 mi ...)
 	{DSA-1928-1 DSA-1872-1}
 	- linux-2.6 2.6.30-4 (medium)
 	- linux-2.6.24 <removed>
 	[lenny] - linux-2.6 2.6.26-19 (medium)
-CVE-2009-2848
+CVE-2009-2848 (The execve function in the Linux kernel, possibly 2.6.30-rc6 and earli ...)
 	{DSA-1928-1 DSA-1872-1}
 	- linux-2.6 2.6.30-7 (low)
 	- linux-2.6.24 <removed>
 	[lenny] - linux-2.6 2.6.26-19 (low)
-CVE-2009-2847
+CVE-2009-2847 (The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 thr ...)
 	{DSA-1928-1 DSA-1872-1}
 	- linux-2.6 2.6.30-6 (low)
 	- linux-2.6.24 <removed>
 	[lenny] - linux-2.6 2.6.26-19 (low)
-CVE-2009-2846
+CVE-2009-2846 (The eisa_eeprom_read function in the parisc isa-eeprom component (driv ...)
 	{DSA-1928-1 DSA-1872-1}
 	- linux-2.6 2.6.30-6 (low)
 	- linux-2.6.24 <removed>
 	[lenny] - linux-2.6 2.6.26-19 (low)
-CVE-2009-2844
+CVE-2009-2844 (cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and oth ...)
 	- linux-2.6 2.6.30-7 (medium)
 	[etch] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.30)
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.30)
 	- linux-2.6.24 <not-affected> (vulnerability introduced in 2.6.30)
-CVE-2009-2843
+CVE-2009-2843 (Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accept ...)
 	NOT-FOR-US: Mac OS X
-CVE-2009-2842
+CVE-2009-2842 (Apple Safari before 4.0.4 does not properly implement certain (1) Open ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-2841
+CVE-2009-2841 (The HTMLMediaElement::loadResource function in html/HTMLMediaElement.c ...)
 	- webkit 1.1.21-1 (medium; bug #559759)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/49480
@@ -6053,59 +6053,59 @@ CVE-2009-2841
 	[lenny] - qt4-x11 <not-affected> (HTML video support introduced in version 4.5)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- kdelibs <not-affected> (No support for HTML5 video tags)
-CVE-2009-2840
+CVE-2009-2840 (Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2839
+CVE-2009-2839 (Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to e ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2838
+CVE-2009-2838 (Integer overflow in QuickLook in Apple Mac OS X 10.5.8 allows remote a ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2837
+CVE-2009-2837 (Heap-based buffer overflow in QuickDraw Manager in Apple Mac OS X befo ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2836
+CVE-2009-2836 (Race condition in Login Window in Apple Mac OS X 10.6.x before 10.6.2, ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2835
+CVE-2009-2835 (The kernel in Apple Mac OS X before 10.6.2 does not properly handle ta ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2834
+CVE-2009-2834 (IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2833
+CVE-2009-2833 (Buffer overflow in the UCCompareTextDefault API in International Compo ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2832
+CVE-2009-2832 (Buffer overflow in FTP Server in Apple Mac OS X before 10.6.2 allows r ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2831
+CVE-2009-2831 (Dictionary in Apple Mac OS X 10.5.8 allows remote attackers to create  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2830
+CVE-2009-2830 (Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple ...)
 	- file 5.03-1
 	[lenny] - file <not-affected>
 	[etch] - file <not-affected>
-CVE-2009-2829
+CVE-2009-2829 (Event Monitor in Apple Mac OS X 10.5.8 does not properly handle crafte ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2828
+CVE-2009-2828 (The server in DirectoryService in Apple Mac OS X 10.5.8 allows remote  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2827
+CVE-2009-2827 (Heap-based buffer overflow in Disk Images in Apple Mac OS X 10.5.8 all ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2826
+CVE-2009-2826 (Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 al ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2825
+CVE-2009-2825 (Certificate Assistant in Apple Mac OS X before 10.6.2 does not properl ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2824
+CVE-2009-2824 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2823
+CVE-2009-2823 (The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTT ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2822
+CVE-2009-2822 (AirPort Utility before 5.5.1 for Apple AirPort Base Station does not p ...)
 	NOT-FOR-US: AirPort Utility
 CVE-2009-2821
 	RESERVED
-CVE-2009-2820
+CVE-2009-2820 (The web interface in CUPS before 1.4.2, as used on Apple Mac OS X befo ...)
 	{DSA-1933-1}
 	- cups 1.4.2-1 (low; bug #555666)
 	- cupsys <removed>
-CVE-2009-2819
+CVE-2009-2819 (AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to execu ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2818
+CVE-2009-2818 (Adaptive Firewall in Apple Mac OS X before 10.6.2 does not properly ha ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2817
+CVE-2009-2817 (Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2009-2816
+CVE-2009-2816 (The implementation of Cross-Origin Resource Sharing (CORS) in WebKit,  ...)
 	- webkit 1.1.21-1 (low; bug #559759)
 	[lenny] - webkit <not-affected> (vulnerable code not present)
 	- kdelibs <not-affected>
@@ -6114,50 +6114,50 @@ CVE-2009-2816
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	[lenny] - qt4-x11 <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/47494
-CVE-2009-2815
+CVE-2009-2815 (The Telephony component in Apple iPhone OS before 3.1 does not properl ...)
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2814
+CVE-2009-2814 (Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple M ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2813
+CVE-2009-2813 (Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.1 ...)
 	{DSA-1908-1}
 	- samba 2:3.4.2-1 (bug #550422)
 	NOTE: requires an administrator to manually configure a user account without
 	NOTE: a home dir, otherwise, this is ineffective
-CVE-2009-2812
+CVE-2009-2812 (Launch Services in Apple Mac OS X 10.5.8 does not properly recognize a ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2811
+CVE-2009-2811 (Incomplete blacklist vulnerability in Launch Services in Apple Mac OS  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2810
+CVE-2009-2810 (Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively cle ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2809
+CVE-2009-2809 (ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers t ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2808
+CVE-2009-2808 (Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS conn ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2807
+CVE-2009-2807 (Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS  ...)
 	- cupsys <not-affected> (issue in darwin-specific code; bug #550150)
 	- cups <not-affected> (issue in darwin-specific code; bug #550150)
 CVE-2009-2806
 	RESERVED
-CVE-2009-2805
+CVE-2009-2805 (Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8  ...)
 	NOT-FOR-US: CoreGraphics in Apple Mac OS X
-CVE-2009-2804
+CVE-2009-2804 (Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, an ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2803
+CVE-2009-2803 (CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to ex ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2009-2802
 	RESERVED
 	- mantis <not-affected> (Only affects 1.2.x)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=11952
 	NOTE: http://www.mantisbt.org/blog/?p=113
-CVE-2009-2801
+CVE-2009-2801 (The Application Firewall in Apple Mac OS X 10.5.8 drops unspecified fi ...)
 	NOT-FOR-US: Apple Application Firewall
-CVE-2009-2800
+CVE-2009-2800 (Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2799
+CVE-2009-2799 (Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-2798
+CVE-2009-2798 (Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-2797
+CVE-2009-2797 (The WebKit component in Safari in Apple iPhone OS before 3.1, and iPho ...)
 	- webkit 1.1.21-1 (low; bug #559759)
 	[lenny] - webkit <no-dsa> (Too intrusive to backport, disk of regression higher than impact at hand)
 	- kdelibs <not-affected>
@@ -6166,82 +6166,82 @@ CVE-2009-2797
 	- qt4-x11 4:4.6.2-4 (low)
 	[lenny] - qt4-x11 <no-dsa> (Too intrusive to backport, disk of regression higher than impact at hand)
 	NOTE: http://trac.webkit.org/changeset/42483
-CVE-2009-2796
+CVE-2009-2796 (The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iP ...)
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2795
+CVE-2009-2795 (Heap-based buffer overflow in the Recovery Mode component in Apple iPh ...)
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2794
+CVE-2009-2794 (The Exchange Support component in Apple iPhone OS before 3.1, and iPho ...)
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2793
+CVE-2009-2793 (The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms doe ...)
 	NOT-FOR-US: NetBSD kernel
-CVE-2009-2792
+CVE-2009-2792 (Directory traversal vulnerability in plugings/pagecontent.php in Reall ...)
 	NOT-FOR-US: Really Simple CMS
-CVE-2009-2791
+CVE-2009-2791 (PHP remote file inclusion vulnerability in pda_projects.php in WebDyna ...)
 	NOT-FOR-US: WebDynamite ProjectButler
-CVE-2009-2790
+CVE-2009-2790 (SQL injection vulnerability in cat_products.php in SoftBiz Dating Scri ...)
 	NOT-FOR-US: SoftBiz Dating
-CVE-2009-2789
+CVE-2009-2789 (SQL injection vulnerability in the Permis (com_groups) component 1.0 f ...)
 	NOT-FOR-US: com_groups component for Joomla!
-CVE-2009-2788
+CVE-2009-2788 (Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow remot ...)
 	NOT-FOR-US: Mobilelib GOLD
-CVE-2009-2787
+CVE-2009-2787 (Directory traversal vulnerability in include/reputation/rep_profile.ph ...)
 	NOT-FOR-US: Reputation plugin for PunBB
-CVE-2009-2786
+CVE-2009-2786 (SQL injection vulnerability in reputation.php in the Reputation plugin ...)
 	NOT-FOR-US: Reputation plugin for PunBB
-CVE-2009-2785
+CVE-2009-2785 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Open Classi ...)
 	NOT-FOR-US: PHP Open Classifieds Script
-CVE-2009-2784
+CVE-2009-2784 (Multiple directory traversal vulnerabilities in dit.cms 1.3, when regi ...)
 	NOT-FOR-US: dit.cms
-CVE-2009-2783
+CVE-2009-2783 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.3.3 all ...)
 	NOT-FOR-US: XOOPS
-CVE-2009-2782
+CVE-2009-2782 (SQL injection vulnerability in the JFusion (com_jfusion) component for ...)
 	NOT-FOR-US: com_jfusion component for Joomla!
-CVE-2009-2781
+CVE-2009-2781 (SQL injection vulnerability in forum.php in Arab Portal 2.x, when magi ...)
 	NOT-FOR-US: Arab Portal
-CVE-2009-2780
+CVE-2009-2780 (Multiple cross-site scripting (XSS) vulnerabilities in 68 Classifieds  ...)
 	NOT-FOR-US: 68 Classifieds
-CVE-2009-2779
+CVE-2009-2779 (SQL injection vulnerability in index.php in AJ Matrix DNA allows remot ...)
 	NOT-FOR-US: AJ Matrix DNA
-CVE-2009-2778
+CVE-2009-2778 (Cross-site scripting (XSS) vulnerability in visitor/view.php in Garage ...)
 	NOT-FOR-US: GarageSales script
-CVE-2009-2777
+CVE-2009-2777 (SQL injection vulnerability in visitor/view.php in GarageSales Script  ...)
 	NOT-FOR-US: GarageSales Script
-CVE-2009-2776
+CVE-2009-2776 (SQL injection vulnerability in showresult.asp in Smart ASP Survey allo ...)
 	NOT-FOR-US: Smart ASP Survey
-CVE-2009-2775
+CVE-2009-2775 (SQL injection vulnerability in linkout.php in PHPArcadeScript (PHP Arc ...)
 	NOT-FOR-US: PHPArcadeScript
-CVE-2009-2774
+CVE-2009-2774 (SQL injection vulnerability in paidbanner.php in PHP Paid 4 Mail Scrip ...)
 	NOT-FOR-US: PHP Paid 4 Mail
-CVE-2009-2773
+CVE-2009-2773 (PHP remote file inclusion vulnerability in home.php in PHP Paid 4 Mail ...)
 	NOT-FOR-US: PHP Paid 4 Mail
-CVE-2009-2772
+CVE-2009-2772 (Multiple cross-site scripting (XSS) vulnerabilities in PG Roommate Fin ...)
 	NOT-FOR-US: PG Roommate Finder Solution
-CVE-2009-2771
+CVE-2009-2771 (Cross-site scripting (XSS) vulnerability in Free Arcade Script 1.3 all ...)
 	NOT-FOR-US: Free Arcade Script
-CVE-2009-2770
+CVE-2009-2770 (PowerUpload 2.4 allows remote attackers to bypass authentication and g ...)
 	NOT-FOR-US: PowerUpload
-CVE-2009-2769
+CVE-2009-2769 (PHP remote file inclusion vulnerability in include/timesheet.php in Ul ...)
 	NOT-FOR-US: Ultrize TimeSheet
-CVE-2009-2768
+CVE-2009-2768 (The load_flat_shared_library function in fs/binfmt_flat.c in the flat  ...)
 	- linux-2.6 2.6.30-6 (medium)
 	[etch] - linux-2.6 <not-affected> (kernel/cred.c introduced in 2.6.29)
 	[lenny] - linux-2.6 <not-affected> (kernel/cred.c introduced in 2.6.29)
 	- linux-2.6.24 <not-affected> (kernel/cred.c introduced in 2.6.29)
-CVE-2009-2767
+CVE-2009-2767 (The init_posix_timers function in kernel/posix-timers.c in the Linux k ...)
 	- linux-2.6 2.6.30-6 (medium)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.28)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.28)
 	- linux-2.6.24 <not-affected> (introduced in 2.6.28)
-CVE-2009-2766
+CVE-2009-2766 (httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not requi ...)
 	NOT-FOR-US: DD-WRT
-CVE-2009-2765
+CVE-2009-2765 (httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other ver ...)
 	NOT-FOR-US: DD-WRT
-CVE-2009-2764
+CVE-2009-2764 (Microsoft Internet Explorer 8.0.7100.0 on Windows 7 RC on the x64 plat ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-3040
+CVE-2009-3040 (Multiple SQL injection vulnerabilities in Open Computer and Software ( ...)
 	- ocsinventory-server 1.02.1-2 (unimportant; bug #541995)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2009-3042
+CVE-2009-3042 (SQL injection vulnerability in machine.php in Open Computer and Softwa ...)
 	- ocsinventory-server 1.02.1-2 (unimportant; bug #541995)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
 CVE-2009-2763
@@ -6253,7 +6253,7 @@ CVE-2009-XXXX [XSS in drupal printing module]
 	- drupal6 <removed> (unimportant)
 	NOTE: you need admin privs in orde to exploit this
 	NOTE: http://lampsecurity.org/drupal-print-module-vulnerabilities
-CVE-2009-2761
+CVE-2009-2761 (Unquoted Windows search path vulnerability in the scheduler (sched.exe ...)
 	NOT-FOR-US: Avira AntiVir
 CVE-2009-2760
 	RESERVED
@@ -6267,58 +6267,58 @@ CVE-2009-2756
 	RESERVED
 CVE-2009-2755
 	RESERVED
-CVE-2009-2754
+CVE-2009-2754 (Integer signedness error in the authentication functionality in librpc ...)
 	NOT-FOR-US: Informix Storage Manager
-CVE-2009-2753
+CVE-2009-2753 (Multiple buffer overflows in the authentication functionality in librp ...)
 	NOT-FOR-US: Informix Storage Manager
-CVE-2009-2752
+CVE-2009-2752 (IBM WebSphere Commerce 7.0 does not properly encrypt data in a databas ...)
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2009-2751
+CVE-2009-2751 (IBM WebSphere Commerce 7.0 uses the same cryptographic key for session ...)
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2009-2750
+CVE-2009-2750 (IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 before FP2  ...)
 	NOT-FOR-US: IBM WebSphere Service Registry and Repository
-CVE-2009-2749
+CVE-2009-2749 (Feature Pack for Communications Enabled Applications (CEA) before 1.0. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-2748
+CVE-2009-2748 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2747
+CVE-2009-2747 (The Java Naming and Directory Interface (JNDI) implementation in IBM W ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2746
+CVE-2009-2746 (Cross-site request forgery (CSRF) vulnerability in the administrative  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2009-2745
 	RESERVED
-CVE-2009-2744
+CVE-2009-2744 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-2743
+CVE-2009-2743 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27, and 7.0 be ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-2742
+CVE-2009-2742 (Cross-site scripting (XSS) vulnerability in Eclipse Help in IBM WebSph ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-2741
+CVE-2009-2741 (Unspecified vulnerability in the wberuntimeear application in the test ...)
 	NOT-FOR-US: IBM WebSphere Business Events
-CVE-2009-2740
+CVE-2009-2740 (kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention Syste ...)
 	NOT-FOR-US: CA Host-Based Intrusion Prevention System (HIPS)
-CVE-2009-2739
+CVE-2009-2739 (Cross-site scripting (XSS) vulnerability in FreeNAS before 0.69.2 allo ...)
 	NOT-FOR-US: FreeNAS
-CVE-2009-2738
+CVE-2009-2738 (Cross-site request forgery (CSRF) vulnerability in the WebGUI in FreeN ...)
 	NOT-FOR-US: FreeNAS
-CVE-2009-2737
+CVE-2009-2737 (The EditCSVAction function in cgi/actions.py in Roundup 1.2 before 1.2 ...)
 	{DSA-1754-1}
 	- roundup 1.4.4-4+lenny1 (bug #518768)
-CVE-2009-2736
+CVE-2009-2736 (Static code injection vulnerability in admin.php in sun-jester OpenNew ...)
 	NOT-FOR-US: OpenNews
-CVE-2009-2735
+CVE-2009-2735 (SQL injection vulnerability in admin.php in sun-jester OpenNews 1.0, w ...)
 	NOT-FOR-US: OpenNews
-CVE-2009-2734
+CVE-2009-2734 (SQL injection vulnerability in the get_employee function in classweekr ...)
 	NOT-FOR-US: Achievo
-CVE-2009-2733
+CVE-2009-2733 (Multiple cross-site scripting (XSS) vulnerabilities in Achievo before  ...)
 	NOT-FOR-US: Achievo
-CVE-2009-2732
+CVE-2009-2732 (The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier al ...)
 	- ntop 3:3.3-12 (low; bug #543312)
 	[lenny] - ntop <no-dsa> (Minor issue)
 	[etch] - ntop <no-dsa> (Minor issue)
 CVE-2009-2731
 	RESERVED
-CVE-2009-2730
+CVE-2009-2730 (libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' chara ...)
 	{DSA-1935-1}
 	- gnutls26 2.8.3-1 (low; bug #541439)
 	- gnutls13 <removed>
@@ -6326,82 +6326,82 @@ CVE-2009-2729
 	RESERVED
 CVE-2009-2728
 	RESERVED
-CVE-2009-2727
+CVE-2009-2727 (Stack-based buffer overflow in the _tt_internal_realpath function in t ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-2726
+CVE-2009-2726 (The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1. ...)
 	- asterisk 1:1.6.2.0~dfsg~rc1-1 (bug #541441)
 	[squeeze] - asterisk <not-affected> (Doesn't permit SIP packets to exceed 1500 bytes total)
 	[lenny] - asterisk <not-affected> (Doesn't permit SIP packets to exceed 1500 bytes total)
 	[etch] - asterisk <not-affected> (Doesn't permit SIP packets to exceed 1500 bytes total)
 CVE-2009-2725
 	RESERVED
-CVE-2009-2724
+CVE-2009-2724 (Race condition in the java.lang package in Sun Java SE 5.0 before Upda ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	NOTE: unknown impact and attack vectors
-CVE-2009-2723
+CVE-2009-2723 (Unspecified vulnerability in deserialization in the Provider class in  ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	NOTE: unknown impact and attack vectors
-CVE-2009-2722
+CVE-2009-2722 (Multiple unspecified vulnerabilities in the Provider class in Sun Java ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	NOTE: unknown impact and attack vectors
-CVE-2009-2721
+CVE-2009-2721 (Multiple unspecified vulnerabilities in the Provider class in Sun Java ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	NOTE: unknown impact and attack vectors
-CVE-2009-2720
+CVE-2009-2720 (Unspecified vulnerability in the javax.swing.plaf.synth.SynthContext.i ...)
 	- sun-java6 6-15-1
 	[etch] - sun-java6 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1 (medium; bug #560908)
-CVE-2009-2719
+CVE-2009-2719 (The Java Web Start implementation in Sun Java SE 6 before Update 15 al ...)
 	- sun-java6 6-15-1
 	[etch] - sun-java6 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1 (medium; bug #560908)
-CVE-2009-2718
+CVE-2009-2718 (The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 befo ...)
 	- sun-java6 6-15-1
 	[etch] - sun-java6 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1 (medium; bug #560908)
-CVE-2009-2717
+CVE-2009-2717 (The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 befo ...)
 	- sun-java6 6-15-1
 	[etch] - sun-java6 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1 (medium; bug #560908)
-CVE-2009-2716
+CVE-2009-2716 (The plugin functionality in Sun Java SE 6 before Update 15 does not pr ...)
 	- sun-java6 6-15-1
 	[etch] - sun-java6 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1 (medium; bug #560908)
-CVE-2009-2762
+CVE-2009-2762 (wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to ...)
 	- wordpress 2.8.3-2 (unimportant; bug #541102)
 	[lenny] - wordpress <not-affected> (Vulnerable code not present)
 	[etch] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: not really a security issue in my opinion, just an annoying bug
-CVE-2009-2715
+CVE-2009-2715 (Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause ...)
 	- virtualbox-ose 3.0.4-dfsg-1 (medium)
 	[lenny] - virtualbox-ose <not-affected> (Doesn't affect 1.6.x)
-CVE-2009-2714
+CVE-2009-2714 (Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 allows gue ...)
 	- virtualbox-ose 3.0.4-dfsg-1
 	[lenny] - virtualbox-ose <not-affected> (Only 3.0.x affected per Sun advisory)
-CVE-2009-2713
+CVE-2009-2713 (The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4  ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2009-2712
+CVE-2009-2712 (Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and Op ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2009-2711
+CVE-2009-2711 (XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and  ...)
 	NOT-FOR-US: XScreenSaver in Sun Solaris
 CVE-2009-XXXX [mantis: information leak]
 	- mantis 1.1.8+dfsg-2 (medium; bug #425010)
 	[lenny] - mantis 1.1.6+dfsg-2lenny1
 	NOTE: cve id requested on oss-sec
-CVE-2009-3041
+CVE-2009-3041 (SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper acc ...)
 	- spip 2.0.9-1 (medium)
 CVE-2009-XXXX [rubygems: integrity violation]
 	- libgems-ruby <not-affected> (Debian's version installs gems packages to /var/lib/gems, bug #540610)
@@ -6412,7 +6412,7 @@ CVE-2009-XXXX [bugzilla: unauthorized bug modification]
 	[etch] - bugzilla <no-dsa> (minor issue)
 	[lenny] - bugzilla <no-dsa> (minor issue)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=495257
-CVE-2009-5044
+CVE-2009-5044 (contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows ...)
 	- groff 1.20.1-5 (low; bug #538330)
 	[etch] - groff <not-affected> (pdfroff not yet present)
 	[lenny] - groff <not-affected> (pdfroff not yet present)
@@ -6421,7 +6421,7 @@ CVE-2009-XXXX [xscreensaver: local screen lock bypassable via low resolution vid
 	- xscreensaver 5.05-3+nmu1 (low; bug #539699)
 	[etch] - xscreensaver <not-affected> (vulnerable code not present)
 	[lenny] - xscreensaver 5.05-3+lenny1
-CVE-2009-2626
+CVE-2009-2626 (The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2 ...)
 	{DSA-1940-1}
 	- php5 5.2.11.dfsg.1-1 (low; bug #540605)
 	[etch] - php5 <no-dsa> (too risky to fix it there)
@@ -6435,104 +6435,104 @@ CVE-2009-2709
 	REJECTED
 CVE-2009-2708
 	REJECTED
-CVE-2009-2707
+CVE-2009-2707 (Unspecified vulnerability in ia32el (aka the IA 32 emulation functiona ...)
 	NOT-FOR-US: SUSE Linux
 CVE-2009-2706
 	REJECTED
-CVE-2009-2705
+CVE-2009-2705 (CA SiteMinder allows remote attackers to bypass cross-site scripting ( ...)
 	NOT-FOR-US: SiteMinder
-CVE-2009-2704
+CVE-2009-2704 (CA SiteMinder allows remote attackers to bypass cross-site scripting ( ...)
 	NOT-FOR-US: SiteMinder
-CVE-2009-2703
+CVE-2009-2703 (libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple ...)
 	- pidgin 2.6.2 (low)
 	[lenny] - pidgin <no-dsa> (Minor issue)
 	[etch] - pidgin <no-dsa> (Minor issue)
 	[lenny] - gaim <not-affected> (Only a transitional package)
 	- gaim <removed>
 	NOTE: this is only a null ptr dereference and can only be triggered by a rogue irc server
-CVE-2009-2702
+CVE-2009-2702 (KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a ' ...)
 	{DSA-1916-1}
 	- kdelibs 4:3.5.10.dfsg.1-2.1 (low; bug #546212)
 	- kde4libs 4:4.3.2-1 (low; bug #546218)
 	[lenny] - kde4libs <no-dsa> (Minor issue)
-CVE-2009-2701
+CVE-2009-2701 (Unspecified vulnerability in the Zope Enterprise Objects (ZEO) storage ...)
 	- zodb 1:3.9.0-1
 	[etch] - zodb <not-affected> (The vulnerability was introduced in ZODB 3.8)
 	[lenny] - zodb <not-affected> (The vulnerability was introduced in ZODB 3.8)
-CVE-2009-2700
+CVE-2009-2700 (src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not ...)
 	{DSA-1988-1}
 	- qt4-x11 4:4.5.3-1 (medium; bug #545793)
 	[etch] - qt4-x11 <not-affected> (QSsl* classes were introduced in Qt 4.3)
-CVE-2009-2699
+CVE-2009-2699 (The Solaris pollset feature in the Event Port backend in poll/unix/por ...)
 	- apr <not-affected> (does not affect Linux or kFreeBSD)
-CVE-2009-2698
+CVE-2009-2698 (The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp ...)
 	{DSA-1872-1}
 	- linux-2.6 2.6.19-1 (high)
 	- linux-2.6.24 <not-affected> (Fixed before initial upload, 2.6.19)
-CVE-2009-2697
+CVE-2009-2697 (The Red Hat build script for the GNOME Display Manager (GDM) before 2. ...)
 	- gdm <not-affected> (TCP Wrappers support enabled correctly)
-CVE-2009-2696
+CVE-2009-2696 (Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the ca ...)
 	NOT-FOR-US: Red-Hat-specific patching problem in Tomcat
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=616717
-CVE-2009-2695
+CVE-2009-2695 (The Linux kernel before 2.6.31-rc7 does not properly prevent mmap oper ...)
 	{DSA-2005-1 DSA-1915-1}
 	- linux-2.6 2.6.31-1 (medium)
 	[etch] - linux-2.6 <not-affected> (2.6.18 does not have mmap_min_addr)
 	- linux-2.6.24 <removed> (medium)
-CVE-2009-2694
+CVE-2009-2694 (The msn_slplink_process_msg function in libpurple/protocols/msn/slplin ...)
 	{DSA-1870-1}
 	- pidgin 2.5.9-1 (medium; bug #542486)
 	[lenny] - gaim <not-affected> (Only a transitional package)
 	- gaim <removed>
-CVE-2009-2693
+CVE-2009-2693 (Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.2 ...)
 	{DSA-2207-1}
 	- tomcat6 6.0.24-1 (low)
 	[lenny] - tomcat6 <not-affected> (The package only ships the servlet packages)
 	- tomcat5.5 <removed>
-CVE-2009-2692
+CVE-2009-2692 (The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, d ...)
 	{DSA-1864-1 DSA-1865-1 DSA-1862-1}
 	- linux-2.6 2.6.30-6 (high; bug #541403)
 	- linux-2.6.24 <removed>
-CVE-2009-2691
+CVE-2009-2691 (The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30. ...)
 	{DSA-2005-1}
 	- linux-2.6 2.6.30-7 (low)
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed>
-CVE-2009-2690
+CVE-2009-2690 (The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants rea ...)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2689
+CVE-2009-2689 (JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 b ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2688
+CVE-2009-2688 (Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when  ...)
 	- xemacs21 21.4.22-3 (low; bug #540470)
 	[etch] - xemacs21 <no-dsa> (Minor issue, obscure attack vector)
 	[lenny] - xemacs21 <no-dsa> (Minor issue, obscure attack vector)
-CVE-2009-2686
+CVE-2009-2686 (Unspecified vulnerability in HP NonStop G06.12.00 through G06.32.00, H ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-2685
+CVE-2009-2685 (Stack-based buffer overflow in the login form in the management web se ...)
 	NOT-FOR-US: HP Power Manager
-CVE-2009-2684
+CVE-2009-2684 (Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and t ...)
 	NOT-FOR-US: Embedded Web Server in HP printers
-CVE-2009-2683
+CVE-2009-2683 (Unspecified vulnerability in the Sender module in HP Remote Graphics S ...)
 	NOT-FOR-US: HP Remote Graphics
-CVE-2009-2682
+CVE-2009-2682 (Unspecified vulnerability in Role-Based Access Control (RBAC) in HP HP ...)
 	NOT-FOR-US: HP-UX
-CVE-2009-2681
+CVE-2009-2681 (Unspecified vulnerability in HP ProCurve Identity Driven Manager (IDM) ...)
 	NOT-FOR-US: HP ProCurve Identity Driven Manager
-CVE-2009-2680
+CVE-2009-2680 (Unspecified vulnerability in the Remote Management Interface (RMI) for ...)
 	NOT-FOR-US: HP StorageWorks
-CVE-2009-2679
+CVE-2009-2679 (Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and  ...)
 	NOT-FOR-US: HP HP-UX
-CVE-2009-2678
+CVE-2009-2678 (Unspecified vulnerability in Open System Services (OSS) Name Server on ...)
 	NOT-FOR-US: Open System Services (OSS) Name Server on HP NonStop
-CVE-2009-2677
+CVE-2009-2677 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control  ...)
 	NOT-FOR-US: HP Insight Control Suite For Linux (aka ICE-LX)
-CVE-2009-2676
+CVE-2009-2676 (Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
@@ -6540,7 +6540,7 @@ CVE-2009-2676
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <undetermined> (bug #566769)
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2009-2675
+CVE-2009-2675 (Integer overflow in the unpack200 utility in Sun Java Runtime Environm ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
@@ -6548,59 +6548,59 @@ CVE-2009-2675
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <undetermined> (bug #566769)
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2009-2674
+CVE-2009-2674 (Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runti ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2673
+CVE-2009-2673 (The proxy mechanism implementation in Sun Java Runtime Environment (JR ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2672
+CVE-2009-2672 (The proxy mechanism implementation in Sun Java Runtime Environment (JR ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2671
+CVE-2009-2671 (The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) i ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2670
+CVE-2009-2670 (The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE  ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2669
+CVE-2009-2669 (A certain debugging component in IBM AIX 5.3 and 6.1 does not properly ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-2668
+CVE-2009-2668 (Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through 7.0. ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-2667
+CVE-2009-2667 (Unspecified vulnerability in IBM Tivoli Key Lifecycle Manager (TKLM) 1 ...)
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2009-2666
+CVE-2009-2666 (socket.c in fetchmail before 6.3.11 does not properly handle a '\0' ch ...)
 	{DSA-1852-1}
 	- fetchmail 6.3.9~rc2-6
-CVE-2009-2665
+CVE-2009-2665 (The nsDocument::SetScriptGlobalObject function in content/base/src/nsD ...)
 	- xulrunner 1.9.1.8-1
 	[lenny] - xulrunner <not-affected> (vulnerability introduced in firefox 3.5)
 	[etch] - xulrunner <not-affected> (vulnerability introduced in firefox 3.5)
-CVE-2009-2664
+CVE-2009-2664 (The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript eng ...)
 	{DSA-1873-1}
 	- xulrunner 1.9.0.13-1
 	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-2663
+CVE-2009-2663 (libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 ...)
 	{DSA-1939-1}
 	- libvorbisidec 1.0.2+svn16259-2 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
@@ -6608,110 +6608,110 @@ CVE-2009-2663
 	- xulrunner 1.9.1.2-1 (medium; bug #540961)
 	[etch] - xulrunner <not-affected> (vulnerability introduced in 1.9.1.0)
 	[lenny] - xulrunner <not-affected> (vulnerability introduced in 1.9.1.0)
-CVE-2009-2662
+CVE-2009-2662 (The browser engine in Mozilla Firefox 3.5.x before 3.5.2 allows remote ...)
 	{DSA-1873-1}
 	- xulrunner 1.9.0.13-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2661
+CVE-2009-2661 (The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4 ...)
 	{DSA-1899-1}
 	- strongswan 4.3.2-1.1 (bug #540144)
-CVE-2009-2660
+CVE-2009-2660 (Multiple integer overflows in CamlImages 2.2 might allow context-depen ...)
 	{DSA-1912-2 DSA-1912-1 DSA-1857-1}
 	- camlimages 1:3.0.1-3 (low; bug #540146)
 	- advi 1.6.0-15 (low; bug #551282)
-CVE-2009-2657
+CVE-2009-2657 (nilfs-utils before 2.0.14 installs multiple programs with unnecessary  ...)
 	- nilfs2-tools <not-affected> (dh_fixperms removes the setuid and setgid bits from all files)
-CVE-2009-2656
+CVE-2009-2656 (Unspecified vulnerability in the com.android.phone process in Android  ...)
 	NOT-FOR-US: Android
-CVE-2009-2655
+CVE-2009-2655 (mshtml.dll in Microsoft Internet Explorer 7 and 8 on Windows XP SP3 al ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2654
+CVE-2009-2654 (Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote a ...)
 	{DSA-1873-1}
 	- xulrunner 1.9.0.13-1 (low; bug #539891)
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 CVE-2009-2653
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2652
+CVE-2009-2652 (Unspecified vulnerability in Solaris Trusted Extensions in Sun Solaris ...)
 	NOT-FOR-US: Solaris Trusted Extensions
-CVE-2009-3938
+CVE-2009-3938 (Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOu ...)
 	{DSA-1941-1}
 	- poppler 0.12.2-2.1 (low; bug #534680)
 	[etch] - poppler <not-affected> (Vulnerable code not present)
-CVE-2009-2408
+CVE-2009-2408 (Mozilla Network Security Services (NSS) before 3.12.3, Firefox before  ...)
 	{DSA-2025-1 DSA-1874-1}
 	- nss 3.12.3-1 (medium; bug #539934)
 	- icedove 2.0.0.24-1 (medium)
-CVE-2009-2651
+CVE-2009-2651 (main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote  ...)
 	- asterisk 1:1.6.2.0~dfsg~rc1-1 (low; bug #539473)
 	[etch] - asterisk <not-affected> (Vulnerable code not present)
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
 	NOTE: AST-2009-004
-CVE-2009-2650
+CVE-2009-2650 (Heap-based buffer overflow in Sorcerer Software MultiMedia Jukebox 4.0 ...)
 	NOT-FOR-US: Sorcerer Software MultiMedia Jukebox
-CVE-2009-2649
+CVE-2009-2649 (The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access to /dev ...)
 	- kfreebsd-8 8.0-1 (bug #572811)
 	- kfreebsd-7 7.3-1 (bug #572811)
 	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-6 <removed> (bug #572811)
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
-CVE-2009-2648
+CVE-2009-2648 (FlashDen Guestbook allows remote attackers to obtain configuration inf ...)
 	NOT-FOR-US: FlashDen Guestbook
-CVE-2009-2647
+CVE-2009-2647 (Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky I ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2009-2646
+CVE-2009-2646 (Multiple unspecified vulnerabilities in the PDF distiller in the Attac ...)
 	NOT-FOR-US: Research In Motion (RIM) BlackBerry Enterprise Server (BES)
 CVE-2009-2645
 	REJECTED
-CVE-2009-2644
+CVE-2009-2644 (Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2659
+CVE-2009-2659 (The Admin media handler in core/servers/basehttp.py in Django 1.0 and  ...)
 	- python-django 1.1-1 (low; bug #539134)
 	[etch] - python-django <no-dsa> (Minor issue)
 	[lenny] - python-django 1.0.2-1+lenny1
-CVE-2009-2643
+CVE-2009-2643 (Multiple unspecified vulnerabilities in the PDF distiller in the Attac ...)
 	NOT-FOR-US: BlackBerry Products
 CVE-2009-XXXX [ser2net DoS]
 	- ser2net 2.6-1 (low; bug #535159)
 	[etch] - ser2net <no-dsa> (Minor issue)
 	[lenny] - ser2net <no-dsa> (Minor issue)
-CVE-2009-2642
+CVE-2009-2642 (index.php in Desi Short URL Script 1.0 allows remote attackers to bypa ...)
 	NOT-FOR-US: Desi Short URL
-CVE-2009-2641
+CVE-2009-2641 (PHP remote file inclusion vulnerability in app_and_readme/navigator/in ...)
 	NOT-FOR-US: School Data Navigator
-CVE-2009-2640
+CVE-2009-2640 (Multiple SQL injection vulnerabilities in cgi/admin.cgi in Interlogy P ...)
 	NOT-FOR-US: Interlogy Profile Manager Basic
-CVE-2009-2639
+CVE-2009-2639 (SQL injection vulnerability in admin.php in MRCGIGUY The Ticket System ...)
 	NOT-FOR-US: MRCGIGUY
-CVE-2009-2638
+CVE-2009-2638 (SQL injection vulnerability in the AkoBook (com_akobook) component 2.3 ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-2637
+CVE-2009-2637 (PHP remote file inclusion vulnerability in toolbar_ext.php in the Book ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-2636
+CVE-2009-2636 (Cross-site scripting (XSS) vulnerability in the Integration page in th ...)
 	NOT-FOR-US: WebMail component in Kerio MailServer
-CVE-2009-2635
+CVE-2009-2635 (PHP remote file inclusion vulnerability in toolbar_ext.php in the Real ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-2634
+CVE-2009-2634 (PHP remote file inclusion vulnerability in toolbar_ext.php in the Medi ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-2633
+CVE-2009-2633 (PHP remote file inclusion vulnerability in toolbar_ext.php in the Vehi ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-2632
+CVE-2009-2632 (Buffer overflow in the SIEVE script component (sieve/script.c), as use ...)
 	{DSA-1893-1 DSA-1892-1 DSA-1881-1}
 	- cyrus-imapd-2.2 2.2.13-15 (medium)
 	- kolab-cyrus-imapd 2.2.13-5.1 (medium; bug #547712)
 	- dovecot 1:1.2.1-1 (medium; bug #546656)
-CVE-2009-2631
+CVE-2009-2631 (Multiple clientless SSL VPN products that run in web browsers, includi ...)
 	NOT-FOR-US: Commercial SSL VPN products
 CVE-2009-2630
 	RESERVED
-CVE-2009-2629
+CVE-2009-2629 (Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0 ...)
 	{DSA-1884-1}
 	- nginx 0.7.61-3 (medium)
-CVE-2009-2628
+CVE-2009-2628 (The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3  ...)
 	NOT-FOR-US: VMware Movie Decoder
-CVE-2009-2627
+CVE-2009-2627 (Insecure method vulnerability in the Acer LunchApp (aka AcerCtrls.APlu ...)
 	NOT-FOR-US: Acer LunchApp
-CVE-2009-2625
+CVE-2009-2625 (XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime En ...)
 	{DSA-1984-1}
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
@@ -6720,96 +6720,96 @@ CVE-2009-2625
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 	- libxerces2-java 2.9.1-4.1 (bug #548358)
-CVE-2009-2624
+CVE-2009-2624 (The huft_build function in inflate.c in gzip before 1.3.13 creates a h ...)
 	{DSA-1974-1}
 	- gzip 1.3.12-8 (medium; bug #507263)
 CVE-2009-2623
 	RESERVED
-CVE-2009-2620
+CVE-2009-2620 (src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6 ...)
 	- firebird2.0 2.0.5.13206-0.ds2-4 (low; bug #539477)
 	[lenny] - firebird2.0 2.0.4.13130-1.ds1-4+lenny1
 	- firebird2.1 2.1.2.18118-0.ds1-4 (low; bug #539478)
-CVE-2009-2619
+CVE-2009-2619 (SQL injection vulnerability in login.asp in DataCheck Solutions V-Spac ...)
 	NOT-FOR-US: DataCheck Solutions V-SpacePal
-CVE-2009-2618
+CVE-2009-2618 (SQL injection vulnerability in the Surveys (aka NS-Polls) module in MD ...)
 	NOT-FOR-US: MDPro module
-CVE-2009-2617
+CVE-2009-2617 (Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 al ...)
 	NOT-FOR-US: BaoFeng Storm
-CVE-2009-2616
+CVE-2009-2616 (SQL injection vulnerability in z_admin_login.asp in DataCheck Solution ...)
 	NOT-FOR-US: DataCheck Solutions
-CVE-2009-2615
+CVE-2009-2615 (Multiple cross-site scripting (XSS) vulnerabilities in DataCheck Solut ...)
 	NOT-FOR-US: DataCheck Solutions
-CVE-2009-2614
+CVE-2009-2614 (SQL injection vulnerability in z_admin_login.asp in DataCheck Solution ...)
 	NOT-FOR-US: DataCheck Solutions
-CVE-2009-2613
+CVE-2009-2613 (Multiple cross-site scripting (XSS) vulnerabilities in DataCheck Solut ...)
 	NOT-FOR-US: DataCheck Solutions
-CVE-2009-2612
+CVE-2009-2612 (SQL injection vulnerability in login.aspx in ProSMDR allows remote att ...)
 	NOT-FOR-US: ProSMDR
-CVE-2009-2611
+CVE-2009-2611 (Directory traversal vulnerability in infusions/last_seen_users_panel/l ...)
 	NOT-FOR-US: MyFusion
-CVE-2009-2610
+CVE-2009-2610 (Cross-site scripting (XSS) vulnerability in the Links Related module i ...)
 	NOT-FOR-US: Drupal module
-CVE-2009-2609
+CVE-2009-2609 (SQL injection vulnerability in the amoCourse (com_amocourse) component ...)
 	NOT-FOR-US: Joomla! module
-CVE-2009-2608
+CVE-2009-2608 (Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow ...)
 	NOT-FOR-US: PHP Address Book
-CVE-2009-2607
+CVE-2009-2607 (SQL injection vulnerability in the com_pinboard component for Joomla!  ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-2606
+CVE-2009-2606 (ASP Football Pool 2.3 stores sensitive information under the web root  ...)
 	NOT-FOR-US: ASP Football Pool
-CVE-2009-2605
+CVE-2009-2605 (Multiple SQL injection vulnerabilities in adminquery.php in Traidnt Up ...)
 	NOT-FOR-US: Traidnt up
-CVE-2009-2604
+CVE-2009-2604 (Multiple SQL injection vulnerabilities in adminlogin.asp in Zen Help D ...)
 	NOT-FOR-US: Zen Help Desk
-CVE-2009-2603
+CVE-2009-2603 (Multiple SQL injection vulnerabilities in index.php in Escon SupportPo ...)
 	NOT-FOR-US: Escon SupportPortal Pro
-CVE-2009-2602
+CVE-2009-2602 (R2 Newsletter Lite, Pro, and Stats stores sensitive information under  ...)
 	NOT-FOR-US: R2 Newsletter Store
-CVE-2009-2601
+CVE-2009-2601 (SQL injection vulnerability in the Joomlaequipment (aka JUser or com_j ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-2600
+CVE-2009-2600 (Multiple directory traversal vulnerabilities in view.php in Webboard 2 ...)
 	NOT-FOR-US: Webboard
-CVE-2009-2599
+CVE-2009-2599 (SQL injection vulnerability in index.php in RadCLASSIFIEDS Gold 2.0 al ...)
 	NOT-FOR-US: RadCLASSIFIEDS
-CVE-2009-2598
+CVE-2009-2598 (Multiple SQL injection vulnerabilities in Online Grades &amp; Attendan ...)
 	NOT-FOR-US: Online Grades & Attendance
-CVE-2009-2597
+CVE-2009-2597 (The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for S ...)
 	NOT-FOR-US: Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server
-CVE-2009-2596
+CVE-2009-2596 (Unspecified vulnerability in the Solaris Auditing subsystem in Sun Sol ...)
 	NOT-FOR-US: Solaris Auditing subsystem
-CVE-2009-2622
+CVE-2009-2622 (Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote  ...)
 	{DSA-1843-2 DSA-1843-1}
 	- squid3 3.0.STABLE18-1 (medium; bug #538989)
 	- squid <not-affected> (see NOTE)
 	NOTE: squid 2.x not affected, according to
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
-CVE-2009-2621
+CVE-2009-2621 (Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not prope ...)
 	{DSA-1843-2 DSA-1843-1}
 	- squid3 3.0.STABLE18-1 (medium; bug #538989)
 	- squid <not-affected> (see NOTE)
 	NOTE: squid 2.x not affected, according to
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
-CVE-2009-2595
+CVE-2009-2595 (Cross-site scripting (XSS) vulnerability in productSearch.html in Cens ...)
 	NOT-FOR-US: Censura
-CVE-2009-2594
+CVE-2009-2594 (Cross-site scripting (XSS) vulnerability in censura.php in Censura 1.1 ...)
 	NOT-FOR-US: Censura
-CVE-2009-2593
+CVE-2009-2593 (SQL injection vulnerability in censura.php in Censura 1.16.04 allows r ...)
 	NOT-FOR-US: Censura
-CVE-2009-2592
+CVE-2009-2592 (SQL injection vulnerability in guestbook.php in PHPJunkYard GBook 1.6  ...)
 	NOT-FOR-US: PHPJunkYard
-CVE-2009-2591
+CVE-2009-2591 (SQL injection vulnerability in the MyAnnonces module for E-Xoopport 3. ...)
 	NOT-FOR-US: MyAnnonces module for E-Xoopport
-CVE-2009-2590
+CVE-2009-2590 (SQL injection vulnerability in showcategory.php in Hutscripts PHP Webs ...)
 	NOT-FOR-US: Hutscripts PHP
-CVE-2009-2589
+CVE-2009-2589 (Multiple cross-site scripting (XSS) vulnerabilities in Hutscripts PHP  ...)
 	NOT-FOR-US: Hutscripts PHP
-CVE-2009-2588
+CVE-2009-2588 (Multiple cross-site scripting (XSS) vulnerabilities in Hotscripts Type ...)
 	NOT-FOR-US: Hotscripts Type PHP Clone Script
-CVE-2009-2587
+CVE-2009-2587 (Multiple cross-site scripting (XSS) vulnerabilities in DragDropCart al ...)
 	NOT-FOR-US: DragDropCart
-CVE-2009-2586
+CVE-2009-2586 (Cross-site scripting (XSS) vulnerability in articles.php in EDGEPHP EZ ...)
 	NOT-FOR-US: EZArticles
-CVE-2009-2585
+CVE-2009-2585 (SQL injection vulnerability in index.php in Mlffat 2.2 allows remote a ...)
 	NOT-FOR-US: Mlffat
 CVE-2009-XXXX [nilfs-tools privilege escalation]
 	- nilfs2-tools <not-affected> (We don't install this with setuid)
@@ -6819,218 +6819,218 @@ CVE-2009-XXXX [XSS in drupal 6 calendar field]
 	NOTE: you need to be able to create new calendar items, e.g. admistrative
 	NOTE: access in order to exploit that
 	NOTE: http://lists.grok.org.uk/pipermail/full-disclosure/2009-July/069849.html
-CVE-2009-2584
+CVE-2009-2584 (Off-by-one error in the options_write function in drivers/misc/sgi-gru ...)
 	- linux-2.6 2.6.31-2 (high)
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code not present)
 	- linux-2.6.24 <not-affected> (vulnerable code not present)
 	NOTE: exploit code exists
-CVE-2009-2583
+CVE-2009-2583 (Multiple session fixation vulnerabilities in IBM Tivoli Identity Manag ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2009-2582
+CVE-2009-2582 (Stack-based buffer overflow in manager.exe in Akamai Download Manager  ...)
 	NOT-FOR-US: Akamai Download Manager
-CVE-2009-2581
+CVE-2009-2581 (Cross-site scripting (XSS) vulnerability in modifier.php in EditeurScr ...)
 	NOT-FOR-US: EditeurScripts EsNews
 CVE-2009-2580
 	REJECTED
-CVE-2009-2579
+CVE-2009-2579 (SQL injection vulnerability in reward_points.post.php in the Reward po ...)
 	NOT-FOR-US: CS-Cart
-CVE-2009-2578
+CVE-2009-2578 (Google Chrome 2.x through 2.0.172 allows remote attackers to cause a d ...)
 	- chromium-browser <not-affected> (Only 2.x is affected)
 	NOTE: browser denial of services not considered security-relevant
-CVE-2009-2577
+CVE-2009-2577 (Opera 9.52 and earlier allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Opera
-CVE-2009-2576
+CVE-2009-2576 (Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote at ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2575
+CVE-2009-2575 (The Research In Motion (RIM) BlackBerry 8800 allows remote attackers t ...)
 	NOT-FOR-US: BlackBerry
-CVE-2009-2574
+CVE-2009-2574 (index.php in MiniTwitter 0.2 beta allows remote authenticated users to ...)
 	NOT-FOR-US: MiniTwitter
-CVE-2009-2573
+CVE-2009-2573 (Multiple SQL injection vulnerabilities in MiniTwitter 0.2 beta, when m ...)
 	NOT-FOR-US: MiniTwitter
-CVE-2009-2572
+CVE-2009-2572 (Cross-site request forgery (CSRF) vulnerability in the Fivestar module ...)
 	NOT-FOR-US: Drupal Module
-CVE-2009-2571
+CVE-2009-2571 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ve ...)
 	NOT-FOR-US: VerliAdmin
-CVE-2009-2570
+CVE-2009-2570 (Stack-based buffer overflow in the Symantec.FaxViewerControl.1 ActiveX ...)
 	NOT-FOR-US: Symantec WinFax Pro
-CVE-2009-2569
+CVE-2009-2569 (Multiple cross-site scripting (XSS) vulnerabilities in Verlihub Contro ...)
 	NOT-FOR-US: vhcp
-CVE-2009-2568
+CVE-2009-2568 (Stack-based buffer overflow in Sorinara Streaming Audio Player (SAP) 0 ...)
 	NOT-FOR-US: Sorinara Streaming Audio Player
-CVE-2009-2567
+CVE-2009-2567 (SQL injection vulnerability in the Almond Classifieds (com_aclassf) co ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-2566
+CVE-2009-2566 (Stack-based buffer overflow in TFM MMPlayer 2.0, and possibly 2.0.0.30 ...)
 	NOT-FOR-US: TFM MMPlayer
-CVE-2009-2565
+CVE-2009-2565 (Cross-site scripting (XSS) vulnerability in Perl CGI's By Mrs. Shiromu ...)
 	NOT-FOR-US: Perl CGI's By Mrs. Shiromuku shiromuku
-CVE-2009-2564
+CVE-2009-2564 (NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6 ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2563
+CVE-2009-2563 (Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0 ...)
 	- wireshark 1.2.1-1 (bug #538237)
 	[etch] - wireshark <not-affected> (Only affects 1.0.6 to 1.2.0)
 	[lenny] - wireshark <not-affected> (Only affects 1.0.6 to 1.2.0)
-CVE-2009-2562
+CVE-2009-2562 (Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 thro ...)
 	{DSA-1942-1}
 	- wireshark 1.2.1-1 (low; bug #538237)
 	[lenny] - wireshark 1.0.2-3+lenny6
 	[etch] - wireshark <no-dsa> (Minor issue)
-CVE-2009-2561
+CVE-2009-2561 (Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 al ...)
 	- wireshark 1.2.1-1 (bug #538237)
 	[etch] - wireshark <not-affected> (Only affects 1.2.0)
 	[lenny] - wireshark <not-affected> (Only affects 1.2.0)
-CVE-2009-2560
+CVE-2009-2560 (Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote a ...)
 	{DSA-1942-1}
 	- wireshark 1.2.1-1 (bug #538237)
-CVE-2009-2559
+CVE-2009-2559 (Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote ...)
 	- wireshark 1.2.1-1 (bug #538237)
 	[etch] - wireshark <not-affected> (Only affects 1.2.0)
 	[lenny] - wireshark <not-affected> (Only affects 1.2.0)
-CVE-2009-2558
+CVE-2009-2558 (system/message.php in Admin News Tools 2.5 does not properly restrict  ...)
 	NOT-FOR-US: Admin News Tools
-CVE-2009-2557
+CVE-2009-2557 (Directory traversal vulnerability in system/download.php in Admin News ...)
 	NOT-FOR-US: Admin News Tools
-CVE-2009-2556
+CVE-2009-2556 (Google Chrome before 2.0.172.37 allows attackers to leverage renderer  ...)
 	- chromium-browser <not-affected> (Only 2.x is affected)
 	- webkit <not-affected> (chrome-specfic renderer issue)
-CVE-2009-2555
+CVE-2009-2555 (Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1. ...)
 	- chromium-browser <not-affected> (Only 1.x and 2.x are affected)
 	- libv8 1.3.11+dfsg-1
 	- webkit <not-affected> (libv8 issue)
-CVE-2009-2658
+CVE-2009-2658 (Directory traversal vulnerability in ZNC before 0.072 allows remote at ...)
 	{DSA-1848-1}
 	- znc 0.074-1 (medium; bug #537977)
 	NOTE: http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1570
 	NOTE: CVE id requested
-CVE-2009-2554
+CVE-2009-2554 (SQL injection vulnerability in the search method in jobline.class.php  ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-2553
+CVE-2009-2553 (Multiple SQL injection vulnerabilities in comments.php in Super Simple ...)
 	NOT-FOR-US: Super Simple Blog Script
-CVE-2009-2552
+CVE-2009-2552 (Multiple directory traversal vulnerabilities in comments.php in Super  ...)
 	NOT-FOR-US: Super Simple Blog Script
-CVE-2009-2551
+CVE-2009-2551 (Multiple cross-site scripting (XSS) vulnerabilities in ScriptsEz Easy  ...)
 	NOT-FOR-US: ScriptsEz Easy Image Downloader
-CVE-2009-2550
+CVE-2009-2550 (Stack-based buffer overflow in Hamster Audio Player 0.3a allows remote ...)
 	NOT-FOR-US: Hamster Audio Player
-CVE-2009-2549
+CVE-2009-2549 (Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed As ...)
 	NOT-FOR-US: Armed Assault
-CVE-2009-2548
+CVE-2009-2548 (Format string vulnerability in Armed Assault (aka ArmA) 1.14 and earli ...)
 	NOT-FOR-US: Armed Assault
-CVE-2009-2547
+CVE-2009-2547 (Integer underflow in Armed Assault (aka ArmA) 1.14 and earlier, and 1. ...)
 	NOT-FOR-US: Armed Assault
-CVE-2009-2546
+CVE-2009-2546 (Directory traversal vulnerability in Advanced Electron Forum (AEF) 1.x ...)
 	NOT-FOR-US: Advanced Electron Forum
-CVE-2009-2545
+CVE-2009-2545 (SQL injection vulnerability in Advanced Electron Forum (AEF) 1.x, when ...)
 	NOT-FOR-US: Advanced Electron Forum
-CVE-2009-2544
+CVE-2009-2544 (Directory traversal vulnerability in the Marcelo Costa FileServer comp ...)
 	NOT-FOR-US: Marcelo Costa FileServer
-CVE-2009-2543
+CVE-2009-2543 (Multiple unspecified vulnerabilities in the IBM Proventia engine 4.9.0 ...)
 	NOT-FOR-US: IBM Proventia engine
-CVE-2009-2542
+CVE-2009-2542 (Netscape 6 and 8 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Netscape 6 and 8
-CVE-2009-2541
+CVE-2009-2541 (The web browser on the Sony PLAYSTATION 3 (PS3) allows remote attacker ...)
 	NOT-FOR-US: Sony PLAYSTATION 3
-CVE-2009-2540
+CVE-2009-2540 (Opera, possibly 9.64 and earlier, allows remote attackers to cause a d ...)
 	NOT-FOR-US: Opera
-CVE-2009-2539
+CVE-2009-2539 (The Aigo P8860 allows remote attackers to cause a denial of service (m ...)
 	NOT-FOR-US: Aigo P8860
-CVE-2009-2538
+CVE-2009-2538 (The Nokia N95 running Symbian OS 9.2, N82, and N810 Internet Tablet al ...)
 	NOT-FOR-US: Nokia N95
-CVE-2009-2537
+CVE-2009-2537 (KDE Konqueror allows remote attackers to cause a denial of service (me ...)
 	- kdebase <unfixed> (unimportant; bug #537931)
-CVE-2009-2536
+CVE-2009-2536 (Microsoft Internet Explorer 5 through 8 allows remote attackers to cau ...)
 	NOT-FOR-US: Microsoft Internet Explorer 5
-CVE-2009-2535
+CVE-2009-2535 (Mozilla Firefox before 2.0.0.19 and 3.x before 3.0.5, SeaMonkey, and T ...)
 	- iceweasel 3.0.5-1 (unimportant)
 	[etch] - iceweasel 2.0.0.19-0etch1 (unimportant)
-CVE-2009-2534
+CVE-2009-2534 (RealNetworks Helix Server and Helix Mobile Server before 13.0.0 allow  ...)
 	NOT-FOR-US: RealNetworks Helix Server and Helix Mobile Server
-CVE-2009-2533
+CVE-2009-2533 (rmserver in RealNetworks Helix Server and Helix Mobile Server before 1 ...)
 	NOT-FOR-US: RealNetworks Helix Server and Helix Mobile Server
-CVE-2009-2532
+CVE-2009-2532 (Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold a ...)
 	NOT-FOR-US: Microsoft Windows Vista
-CVE-2009-2531
+CVE-2009-2531 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handl ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2530
+CVE-2009-2530 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handl ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2529
+CVE-2009-2529 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prop ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2528
+CVE-2009-2528 (GDI+ in Microsoft Office XP SP3 does not properly handle malformed obj ...)
 	NOT-FOR-US: Microsoft Office XP
-CVE-2009-2527
+CVE-2009-2527 (Heap-based buffer overflow in Microsoft Windows Media Player 6.4 allow ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2009-2526
+CVE-2009-2526 (Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP ...)
 	NOT-FOR-US: Microsoft Windows Vista
-CVE-2009-2525
+CVE-2009-2525 (Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec ...)
 	NOT-FOR-US: Microsoft Windows Media Runtime
-CVE-2009-2524
+CVE-2009-2524 (Integer underflow in the NTLM authentication feature in the Local Secu ...)
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2009-2523
+CVE-2009-2523 (The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4  ...)
 	NOT-FOR-US: Microsoft Windows 2000
 CVE-2009-2522
 	REJECTED
-CVE-2009-2521
+CVE-2009-2521 (Stack consumption vulnerability in the FTP Service in Microsoft Intern ...)
 	NOT-FOR-US: Microsoft Internet Information Server
 CVE-2009-2520
 	REJECTED
-CVE-2009-2519
+CVE-2009-2519 (The DHTML Editing Component ActiveX control in Microsoft Windows 2000  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2518
+CVE-2009-2518 (Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote atta ...)
 	NOT-FOR-US: Microsoft Office XP
-CVE-2009-2517
+CVE-2009-2517 (The kernel in Microsoft Windows Server 2003 SP2 does not properly hand ...)
 	NOT-FOR-US: Microsoft Windows Server 2003
-CVE-2009-2516
+CVE-2009-2516 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003  ...)
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2009-2515
+CVE-2009-2515 (Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2  ...)
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2009-2514
+CVE-2009-2514 (win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2513
+CVE-2009-2513 (The Graphics Device Interface (GDI) in win32k.sys in the kernel in Mic ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2512
+CVE-2009-2512 (The Web Services on Devices API (WSDAPI) in Windows Vista Gold, SP1, a ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2511
+CVE-2009-2511 (Integer overflow in the CryptoAPI component in Microsoft Windows 2000  ...)
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2009-2510
+CVE-2009-2510 (The CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2  ...)
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2009-2509
+CVE-2009-2509 (Active Directory Federation Services (ADFS) in Microsoft Windows Serve ...)
 	NOT-FOR-US: Microsoft Active Directory Federation Services
-CVE-2009-2508
+CVE-2009-2508 (The single sign-on implementation in Active Directory Federation Servi ...)
 	NOT-FOR-US: Microsoft Active Directory Federation Services
-CVE-2009-2507
+CVE-2009-2507 (A certain ActiveX control in the Indexing Service in Microsoft Windows ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2506
+CVE-2009-2506 (Integer overflow in the text converters in Microsoft Office Word 2002  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-2505
+CVE-2009-2505 (The Internet Authentication Service (IAS) in Microsoft Windows Vista S ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-2504
+CVE-2009-2504 (Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .N ...)
 	NOT-FOR-US: Microsoft products
-CVE-2009-2503
+CVE-2009-2503 (GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Win ...)
 	NOT-FOR-US: Microsoft products
-CVE-2009-2502
+CVE-2009-2502 (Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows  ...)
 	NOT-FOR-US: Microsoft products
-CVE-2009-2501
+CVE-2009-2501 (Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP ...)
 	NOT-FOR-US: Microsoft products
-CVE-2009-2500
+CVE-2009-2500 (Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows ...)
 	NOT-FOR-US: Microsoft products
-CVE-2009-2499
+CVE-2009-2499 (Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft ...)
 	NOT-FOR-US: Microsoft Windows Media Format Runtime
-CVE-2009-2498
+CVE-2009-2498 (Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Me ...)
 	NOT-FOR-US: Microsoft Windows Media Format Runtime
-CVE-2009-2497
+CVE-2009-2497 (The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 ...)
 	NOT-FOR-US: Microsoft products
-CVE-2009-2496
+CVE-2009-2496 (Heap-based buffer overflow in the Office Web Components ActiveX Contro ...)
 	NOT-FOR-US: Microsoft Office XP
-CVE-2009-2495
+CVE-2009-2495 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...)
 	NOT-FOR-US: Microsoft Visual Studio .NET
-CVE-2009-2494
+CVE-2009-2494 (The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-2493
+CVE-2009-2493 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...)
 	NOT-FOR-US: Microsoft Visual Studio .NET
-CVE-2009-2492
+CVE-2009-2492 (Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart ...)
 	- movabletype-opensource 4.2.6.1-1 (low; bug #537935)
 	[lenny] - movabletype-opensource 4.2.3-1+lenny1
-CVE-2009-4589
+CVE-2009-4589 (Cross-site scripting (XSS) vulnerability in the Special:Block implemen ...)
 	- mediawiki 1:1.15.0-1.1 (low; bug #537634)
 	- mediawiki1.7 <removed>
 	[etch] - mediawiki <not-affected> (metapackage)
@@ -7041,27 +7041,27 @@ CVE-2009-XXXX [insecure tmp file vulnerability in slim]
 	- slim <removed> (unimportant; bug #537604)
 	NOTE: exploit scenario too constructed
 	[lenny] - slim 1.3.0-1+lenny2
-CVE-2009-2484
+CVE-2009-2484 (Stack-based buffer overflow in the Win32AddConnection function in modu ...)
 	- vlc <not-affected> (The vulnerability affects Windows builds only)
-CVE-2009-2479
+CVE-2009-2479 (Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attacke ...)
 	- xulrunner 1.9.1.1-1
 	[etch] - xulrunner <not-affected> (only affects firefox 3.5)
 	[lenny] - xulrunner <not-affected> (only affects firefox 3.5)
-CVE-2009-2478
+CVE-2009-2478 (Mozilla Firefox 3.5 allows remote attackers to cause a denial of servi ...)
 	- xulrunner <not-affected> (unimportant)
 	NOTE: browser crashes not treated as security issues
-CVE-2009-2476
+CVE-2009-2476 (The Java Management Extensions (JMX) implementation in Sun Java SE 6 b ...)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2475
+CVE-2009-2475 (Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK,  ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
-CVE-2009-2474
+CVE-2009-2474 (neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly  ...)
 	- neon27 0.28.6-1 (low; bug #542926)
 	[lenny] - neon27 <no-dsa> (Minor issue)
 	- neon26 0.26.4-3 (low; bug #542926)
@@ -7073,168 +7073,168 @@ CVE-2009-2474
 	- litmus 0.13-1
 	NOTE: affected neon code copy present in litmus [./libneon/*]
 	NOTE: The new reintroduced litmus package removes the embedded copy
-CVE-2009-2473
+CVE-2009-2473 (neon before 0.28.6, when expat is used, does not properly detect recur ...)
 	- neon27 <not-affected> (neon27 is compiled to use libxml2 instead of expat)
 	- neon26 <not-affected> (neon26 is compiled to use libxml2 instead of expat)
 	- neon <removed>
 	[etch] - neon <not-affected> (neon is compiled to use libxml2 instead of expat)
-CVE-2009-2472
+CVE-2009-2472 (Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrappe ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2471
+CVE-2009-2471 (The setTimeout function in Mozilla Firefox before 3.0.12 does not prop ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2470
+CVE-2009-2470 (Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote S ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2469
+CVE-2009-2469 (Mozilla Firefox before 3.0.12 does not properly handle an SVG element  ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2468
+CVE-2009-2468 (Integer overflow in Apple CoreGraphics, as used in Safari before 4.0.3 ...)
 	NOT-FOR-US: CoreGraphics in Apple Mac OS X
 	NOTE: related issue to CVE-2009-1194
-CVE-2009-2467
+CVE-2009-2467 (Mozilla Firefox before 3.0.12 and 3.5 before 3.5.1 allows remote attac ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2466
+CVE-2009-2466 (The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2465
+CVE-2009-2465 (Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers t ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2464
+CVE-2009-2464 (The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozil ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2463
+CVE-2009-2463 (Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base6 ...)
 	{DSA-2025-1 DSA-1931-1}
 	- nspr 4.8.2-1
 	- icedove 3.0~rc2-2
 	[etch] - nspr <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
-CVE-2009-2462
+CVE-2009-2462 (The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird al ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-2491
+CVE-2009-2491 (The utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solari ...)
 	NOT-FOR-US: Sun Ray Server Software
-CVE-2009-2490
+CVE-2009-2490 (Unspecified vulnerability in the utaudiod daemon in Sun Ray Server Sof ...)
 	NOT-FOR-US: Sun Ray Server Software
-CVE-2009-2489
+CVE-2009-2489 (Unspecified vulnerability in the utdmsession program in Sun Ray Server ...)
 	NOT-FOR-US: Sun Ray Server Software
-CVE-2009-2488
+CVE-2009-2488 (Unspecified vulnerability in the NFSv4 module in the kernel in Sun Sol ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2487
+CVE-2009-2487 (Use-after-free vulnerability in the frpr_icmp function in the ipfilter ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2486
+CVE-2009-2486 (Unspecified vulnerability in the SCTP implementation in Sun Solaris 10 ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2485
+CVE-2009-2485 (Stack-based buffer overflow in HT-MP3Player 1.0 allows remote attacker ...)
 	NOT-FOR-US: HT-MP3Player
-CVE-2009-2483
+CVE-2009-2483 (libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local  ...)
 	NOT-FOR-US: NetBSD
-CVE-2009-2482
+CVE-2009-2482 (The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 befo ...)
 	NOT-FOR-US: NetBSD OpenPAM
-CVE-2009-2481
+CVE-2009-2481 (mt-wizard.cgi in Six Apart Movable Type before 4.261, when global temp ...)
 	NOT-FOR-US: Six Apart Movable Type
-CVE-2009-2480
+CVE-2009-2480 (Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart ...)
 	NOT-FOR-US: Six Apart Movable Type
-CVE-2009-2461
+CVE-2009-2461 (mathtex.cgi in mathTeX, when downloaded before 20090713, does not secu ...)
 	- mathtex 1.03-1 (low; bug #537253)
-CVE-2009-2460
+CVE-2009-2460 (Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when  ...)
 	- mathtex 1.03-1 (medium; bug #537253)
 	NOTE: severity set to medium as this is used in several web applications for conversions
-CVE-2009-2459
+CVE-2009-2459 (Multiple unspecified vulnerabilities in mimeTeX, when downloaded befor ...)
 	{DSA-1917-1}
 	- mimetex 1.50-1.1 (medium; bug #537254)
 	NOTE: set impact to medium as this is used in several web applications for conversions
-CVE-2009-2458
+CVE-2009-2458 (Unspecified vulnerability in Sun Fire V215 Server, when using XVR-100  ...)
 	NOT-FOR-US: Sun Fire V215 Server
-CVE-2009-2457
+CVE-2009-2457 (The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remot ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-2456
+CVE-2009-2456 (The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remot ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-2455
+CVE-2009-2455 (Multiple cross-site scripting (XSS) vulnerabilities in webadmin/admin. ...)
 	NOT-FOR-US: @mail
-CVE-2009-2454
+CVE-2009-2454 (Cross-site scripting (XSS) vulnerability in Citrix Web Interface 4.6,  ...)
 	NOT-FOR-US: Citrix Web Interface
-CVE-2009-2453
+CVE-2009-2453 (Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3  ...)
 	NOT-FOR-US: Citrix XenApp
-CVE-2009-2452
+CVE-2009-2452 (Multiple unspecified vulnerabilities in Citrix Licensing 11.5 have unk ...)
 	NOT-FOR-US: Citrix Licensing
-CVE-2009-2451
+CVE-2009-2451 (Multiple SQL injection vulnerabilities in index.php in MIM:InfiniX 1.2 ...)
 	NOT-FOR-US: MIM:InfiniX
-CVE-2009-2477
+CVE-2009-2477 (js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka ...)
 	- xulrunner 1.9.1.2-1 (bug #537104)
 	[lenny] - xulrunner <not-affected> (vulnerable code introduced in firefox 3.5)
 	[etch] - xulrunner <not-affected> (vulnerable code introduced in firefox 3.5)
-CVE-2009-2450
+CVE-2009-2450 (The OAmon.sys kernel driver 3.1.0.0 and earlier in Tall Emu Online Arm ...)
 	NOT-FOR-US: Tall Emu Online Armor Personal Firewall
-CVE-2009-2449
+CVE-2009-2449 (Directory traversal vulnerability in maillinglist/admin/change_config. ...)
 	NOT-FOR-US: ADbNewsSender
-CVE-2009-2448
+CVE-2009-2448 (Cross-site scripting (XSS) vulnerability in ogp_show.php in Online Gue ...)
 	NOT-FOR-US: Online Guestbook Pro
-CVE-2009-2447
+CVE-2009-2447 (Multiple cross-site scripting (XSS) vulnerabilities in ogp_show.php in ...)
 	NOT-FOR-US: Online Guestbook Pro
-CVE-2009-2445
+CVE-2009-2445 (Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun  ...)
 	NOT-FOR-US: Sun ONE Web Server
-CVE-2009-2444
+CVE-2009-2444 (Directory traversal vulnerability in maillinglist/setup/step1.php.inc  ...)
 	NOT-FOR-US: ADbNewsSender
-CVE-2009-2443
+CVE-2009-2443 (Siteframe 3.2.3, and other 3.2.x versions, allows remote attackers to  ...)
 	NOT-FOR-US: Siteframe
-CVE-2009-2442
+CVE-2009-2442 (Cross-site scripting (XSS) vulnerability in public/index.php in Linea2 ...)
 	NOT-FOR-US: Linea21
-CVE-2009-2441
+CVE-2009-2441 (Cross-site scripting (XSS) vulnerability in ogp_show.php in Online Gue ...)
 	NOT-FOR-US: Online Guestbook Pro
-CVE-2009-2440
+CVE-2009-2440 (Cross-site scripting (XSS) vulnerability in index.php in JNM Guestbook ...)
 	NOT-FOR-US: JNM Guestbook
-CVE-2009-2439
+CVE-2009-2439 (Multiple SQL injection vulnerabilities in Web Development House Alibab ...)
 	NOT-FOR-US: Web Development House Alibaba
-CVE-2009-2438
+CVE-2009-2438 (Cross-site scripting (XSS) vulnerability in index.php in the search mo ...)
 	NOT-FOR-US: ClanSphere
-CVE-2009-2437
+CVE-2009-2437 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Re ...)
 	NOT-FOR-US: MyPHPDating
-CVE-2009-2436
+CVE-2009-2436 (SQL injection vulnerability in page.php in Online Dating Software MyPH ...)
 	NOT-FOR-US: MyPHPDating
-CVE-2009-2435
+CVE-2009-2435 (The Sametime server in IBM Lotus Instant Messaging and Web Conferencin ...)
 	NOT-FOR-US: IBM Lotus
-CVE-2009-2434
+CVE-2009-2434 (Buffer overflow in the syscall implementation in IBM AIX 5.3 allows lo ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-2433
+CVE-2009-2433 (Stack-based buffer overflow in the AddFavorite method in Microsoft Int ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2432
+CVE-2009-2432 (WordPress and WordPress MU before 2.8.1 allow remote attackers to obta ...)
 	- wordpress 2.8.3-1 (unimportant; bug #537146)
 	NOTE: Installation path is a known fact on a Debian package installation
-CVE-2009-2431
+CVE-2009-2431 (WordPress 2.7.1 places the username of a post's author in an HTML comm ...)
 	- wordpress 2.8.3-1 (unimportant; bug #537146)
 	NOTE: Minor information leak
-CVE-2009-2430
+CVE-2009-2430 (Unspecified vulnerability in auditconfig in Sun Solaris 8, 9, 10, and  ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2429
+CVE-2009-2429 (SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in c ...)
 	NOT-FOR-US: SmartFilter Web Gateway Security
-CVE-2009-2428
+CVE-2009-2428 (Multiple SQL injection vulnerabilities in Tausch Ticket Script 3 allow ...)
 	NOT-FOR-US: Tausch Ticket Script
-CVE-2009-2427
+CVE-2009-2427 (SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows re ...)
 	NOT-FOR-US: Jobbr
-CVE-2009-2426
+CVE-2009-2426 (The connection_edge_process_relay_cell_not_open function in src/or/rel ...)
 	- tor 0.2.0.35-1 (low; bug #537148)
 	[lenny] - tor 0.2.0.35-1~lenny1
-CVE-2009-2425
+CVE-2009-2425 (Tor before 0.2.0.35 allows remote attackers to cause a denial of servi ...)
 	- tor 0.2.0.35-1 (low; bug #537148)
 	[lenny] - tor 0.2.0.35-1~lenny1
-CVE-2009-2424
+CVE-2009-2424 (Cross-site scripting (XSS) vulnerability in search.php in Ebay Clone 2 ...)
 	NOT-FOR-US: Ebay Clone 2009
-CVE-2009-2423
+CVE-2009-2423 (SQL injection vulnerability in category.php in Ebay Clone 2009 allows  ...)
 	NOT-FOR-US: Ebay Clone 2009
-CVE-2009-2422
+CVE-2009-2422 (The example code for the digest authentication functionality (http_aut ...)
 	- rails 2.3.5-1 (bug #535896)
 	[lenny] - rails <not-affected> (vulnerable code not present, introduced in 2.3.x)
-CVE-2009-2446
+CVE-2009-2446 (Multiple format string vulnerabilities in the dispatch_command functio ...)
 	{DSA-1877-1}
 	- mysql-dfsg-5.0 <removed> (low; bug #536726)
 	[squeeze] - mysql-dfsg-5.0 5.0.51a-24+lenny2
@@ -7244,45 +7244,45 @@ CVE-2009-XXXX [libio-socket-ssl-perl: partial hostname matching vulnerability]
 	NOTE: hostname validition is not implemented until 1.14, so etch
 	NOTE: is in a way is not affected, but in another sense, it is
 	NOTE: completely affected since no validation done at all
-CVE-2009-2421
+CVE-2009-2421 (The CFCharacterSetInitInlineBuffer method in CoreFoundation.dll in App ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-2420
+CVE-2009-2420 (Apple Safari 3.2.3 does not properly implement the file: protocol hand ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-2419
+CVE-2009-2419 (Use-after-free vulnerability in the servePendingRequests function in W ...)
 	- webkit 1.1.10-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 CVE-2009-2418
 	REJECTED
-CVE-2009-2417
+CVE-2009-2417 (lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is u ...)
 	{DSA-1869-1}
 	- curl 7.19.5-1.1 (medium; bug #541991)
-CVE-2009-2416
+CVE-2009-2416 (Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6 ...)
 	{DSA-1861-1 DSA-1859-1}
 	- libxml2 2.7.3.dfsg-2.1 (low; bug #540865)
 	- libxml <removed>
-CVE-2009-2415
+CVE-2009-2415 (Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote  ...)
 	{DSA-1853-1}
 	- memcached 1.4.1-1 (medium; bug #540379)
 	- memcachedb 1.2.0-5 (medium; bug #540381)
 	NOTE: the impact varies, on etch this runs as root and is not bound
 	NOTE: to the loopback interface by default, memcached is even distributed
 	NOTE: but fortunately not in a stable release.
-CVE-2009-2414
+CVE-2009-2414 (Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6 ...)
 	{DSA-1861-1 DSA-1859-1}
 	- libxml2 2.7.3.dfsg-2.1 (medium; bug #540865)
 	- libxml <removed>
 CVE-2009-2413
 	REJECTED
-CVE-2009-2412
+CVE-2009-2412 (Multiple integer overflows in the Apache Portable Runtime (APR) librar ...)
 	{DSA-1854-1}
 	- apr 1.3.8-1
 	- apr-util 1.3.9+dfsg-1
-CVE-2009-2411
+CVE-2009-2411 (Multiple integer overflows in the libsvn_delta library in Subversion b ...)
 	{DSA-1855-1}
 	- subversion 1.6.4dfsg-1
-CVE-2009-2410
+CVE-2009-2410 (The local_handler_callback function in server/responder/pam/pam_LOCAL_ ...)
 	- sssd <not-affected> (Fixed before initial upload to the archive)
-CVE-2009-2409
+CVE-2009-2409 (The Network Security Services (NSS) library before 3.12.3, as used in  ...)
 	{DSA-1935-1 DSA-1888-1 DSA-1874-1}
 	- nss 3.12.3-1 (low; bug #539895)
 	- openssl 0.9.8k-4 (low; bug #539899)
@@ -7292,189 +7292,189 @@ CVE-2009-2409
 	- gnutls13 <removed>
 	- sun-java6 6-17-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-2407
+CVE-2009-2407 (Heap-based buffer overflow in the parse_tag_3_packet function in fs/ec ...)
 	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-5 (medium)
 	[etch] - linux-2.6 <not-affected> (ecryptfs not yet present)
 	- linux-2.6.24 <removed>
-CVE-2009-2406
+CVE-2009-2406 (Stack-based buffer overflow in the parse_tag_11_packet function in fs/ ...)
 	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-5 (medium)
 	[etch] - linux-2.6 <not-affected> (ecryptfs not yet present)
 	- linux-2.6.24 <removed>
-CVE-2009-2405
+CVE-2009-2405 (Multiple cross-site scripting (XSS) vulnerabilities in the Web Console ...)
 	- jbossas4 4.2.2.GA-1 (bug #562000)
 	[lenny] - jbossas4 <no-dsa> (Contrib not supported)
-CVE-2009-2404
+CVE-2009-2404 (Heap-based buffer overflow in a regular-expression parser in Mozilla N ...)
 	{DSA-2025-1 DSA-1874-1}
 	- nss 3.12.3-1 (low; bug #539934)
 	- icedove 2.0.0.24-1 (low)
-CVE-2009-2403
+CVE-2009-2403 (Heap-based buffer overflow in SCMPX 1.5.1 allows remote attackers to c ...)
 	NOT-FOR-US: SCMPX
-CVE-2009-2402
+CVE-2009-2402 (SQL injection vulnerability in index.php in the forum module in PHPEch ...)
 	NOT-FOR-US: PHPEcho
-CVE-2009-2401
+CVE-2009-2401 (Cross-site scripting (XSS) vulnerability in PHPEcho CMS 2.0-rc3 allows ...)
 	NOT-FOR-US: PHPEcho
-CVE-2009-2400
+CVE-2009-2400 (SQL injection vulnerability in the PHP (com_php) component for Joomla! ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-2399
+CVE-2009-2399 (PHP remote file inclusion vulnerability in dm-albums/template/album.ph ...)
 	NOT-FOR-US: DM FileManager
-CVE-2009-2398
+CVE-2009-2398 (Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80  ...)
 	NOT-FOR-US: PHP-Sugar
-CVE-2009-2397
+CVE-2009-2397 (Directory traversal vulnerability in download.php in Audio Article Dir ...)
 	NOT-FOR-US: Audio Article Directory
-CVE-2009-2396
+CVE-2009-2396 (PHP remote file inclusion vulnerability in template/album.php in DM Al ...)
 	NOT-FOR-US: DM Albums
-CVE-2009-2395
+CVE-2009-2395 (SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta an ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-2394
+CVE-2009-2394 (SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp Ara ...)
 	NOT-FOR-US: SMSPages
-CVE-2009-2393
+CVE-2009-2393 (admin/index.php in Virtuenetz Virtue Online Test Generator does not re ...)
 	NOT-FOR-US: Virtuenetz Virtue Online Test Generator
-CVE-2009-2392
+CVE-2009-2392 (SQL injection vulnerability in text.php in Virtuenetz Virtue Online Te ...)
 	NOT-FOR-US: Virtuenetz Virtue Online Test Generator
-CVE-2009-2391
+CVE-2009-2391 (Cross-site scripting (XSS) vulnerability in text.php in Virtuenetz Vir ...)
 	NOT-FOR-US: Virtuenetz Virtue Online Test Generator
-CVE-2009-2390
+CVE-2009-2390 (SQL injection vulnerability in the BookFlip (com_bookflip) component 2 ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-2389
+CVE-2009-2389 (Multiple SQL injection vulnerabilities in newsscript.php in USOLVED NE ...)
 	NOT-FOR-US: USOLVED NEWSolved
-CVE-2009-2388
+CVE-2009-2388 (SQL injection vulnerability in admin/index.php in Opial 1.0 allows rem ...)
 	NOT-FOR-US: Opial
-CVE-2009-2387
+CVE-2009-2387 (Unspecified vulnerability in the proc filesystem in Sun OpenSolaris sn ...)
 	NOT-FOR-US: Sun OpenSolaris
-CVE-2009-2386
+CVE-2009-2386 (Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer pl ...)
 	NOT-FOR-US: Awingsoft Awakening Winds3D Viewer plugin
-CVE-2009-2369
+CVE-2009-2369 (Integer overflow in the wxImage::Create function in src/common/image.c ...)
 	{DSA-1890-1}
 	- wxwidgets2.8 2.8.7.1-2 (medium; bug #537174)
 	- wxwidgets2.6 2.6.3.2.2-3.1 (medium; bug #537175)
 	- wxwindows2.4 <removed> (medium)
-CVE-2009-2360
+CVE-2009-2360 (Cross-site scripting (XSS) vulnerability in passwd/main.php in the Pas ...)
 	{DSA-1829-1}
 	- sork-passwd-h3 3.1-1.1 (low; bug #536554)
-CVE-2009-2385
+CVE-2009-2385 (SQL injection vulnerability in the awardsMembers function in Sources/P ...)
 	NOT-FOR-US: Member Awards component for Simple Machines Forum
-CVE-2009-2384
+CVE-2009-2384 (Buffer overflow in amp.exe in Brothersoft PEamp 1.02b allows user-assi ...)
 	NOT-FOR-US: Brothersoft PEamp
-CVE-2009-2383
+CVE-2009-2383 (SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites ...)
 	NOT-FOR-US: Related Sites plugin for WordPress
-CVE-2009-2382
+CVE-2009-2382 (admin.php in phpMyBlockchecker 1.0.0055 allows remote attackers to byp ...)
 	NOT-FOR-US: phpMyBlockchecker
-CVE-2009-2381
+CVE-2009-2381 (Gizmo 3.1.0.79 on Linux does not verify a server's SSL certificate, wh ...)
 	NOT-FOR-US: Gizmo
-CVE-2009-2380
+CVE-2009-2380 (Cross-site scripting (XSS) vulnerability in includes/functions.php in  ...)
 	NOT-FOR-US: 4images
-CVE-2009-2379
+CVE-2009-2379 (Directory traversal vulnerability in public/index.php in BIGACE Web CM ...)
 	NOT-FOR-US: BIGACE Web CMS
-CVE-2009-2378
+CVE-2009-2378 (PHP remote file inclusion vulnerability in formmailer.admin.inc.php in ...)
 	NOT-FOR-US: Jax FormMailer
-CVE-2009-2377
+CVE-2009-2377 (Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in ...)
 	NOT-FOR-US: AVAX-software Avax Vector ActiveX
-CVE-2009-2376
+CVE-2009-2376 (Cross-site scripting (XSS) vulnerability in the Html::textarea functio ...)
 	NOT-FOR-US: TangoCMS
-CVE-2009-2375
+CVE-2009-2375 (Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly earl ...)
 	NOT-FOR-US: Photo DVD Maker
-CVE-2009-2371
+CVE-2009-2371 (Advanced Forum 6.x before 6.x-1.1, a module for Drupal, does not preve ...)
 	NOT-FOR-US: Advanced Forum module for Drupal
-CVE-2009-2370
+CVE-2009-2370 (Cross-site scripting (XSS) vulnerability in Advanced Forum 5.x before  ...)
 	NOT-FOR-US: Advanced Forum module for Drupal
-CVE-2009-2368
+CVE-2009-2368 (Unspecified vulnerability in Socks Server 5 before 3.7.8-8 has unknown ...)
 	NOT-FOR-US: Socks Server
-CVE-2009-2367
+CVE-2009-2367 (cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable ses ...)
 	NOT-FOR-US: Iomega StorCenter Pro
-CVE-2009-2366
+CVE-2009-2366 (SQL injection vulnerability in login.asp in DataCheck Solutions ForumP ...)
 	NOT-FOR-US: DataCheck Solutions ForumPal FE
-CVE-2009-2365
+CVE-2009-2365 (SQL injection vulnerability in login.asp in DataCheck Solutions Galler ...)
 	NOT-FOR-US: DataCheck Solutions GalleryPal FE
-CVE-2009-2364
+CVE-2009-2364 (Stack-based buffer overflow in Mp3-Nator 2.0 allows remote attackers t ...)
 	NOT-FOR-US: Mp3-Nator
-CVE-2009-2363
+CVE-2009-2363 (Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remo ...)
 	NOT-FOR-US: KUDRSOFT AudioPLUS
-CVE-2009-2362
+CVE-2009-2362 (Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.0.0.215 allows rem ...)
 	NOT-FOR-US: KUDRSOFT AudioPLUS
-CVE-2009-2361
+CVE-2009-2361 (SQL injection vulnerability in include/class.staff.php in osTicket bef ...)
 	NOT-FOR-US: osTicket
-CVE-2009-2359
+CVE-2009-2359 (Multiple SQL injection vulnerabilities in TekRADIUS 3.0 allow context- ...)
 	NOT-FOR-US: TekRADIUS
-CVE-2009-2358
+CVE-2009-2358 (TekRADIUS 3.0 uses BUILTIN\Users:R permissions for the TekRADIUS.ini f ...)
 	NOT-FOR-US: TekRADIUS
-CVE-2009-2357
+CVE-2009-2357 (The default configuration of TekRADIUS 3.0 uses the sa account to comm ...)
 	NOT-FOR-US: TekRADIUS
-CVE-2009-2356
+CVE-2009-2356 (Multiple stack-based buffer overflows in the pgsqlQuery function in Nu ...)
 	NOT-FOR-US: NullLogic Groupware
-CVE-2009-2355
+CVE-2009-2355 (The forum module in NullLogic Groupware 1.2.7 allows remote authentica ...)
 	NOT-FOR-US: NullLogic Groupware
-CVE-2009-2354
+CVE-2009-2354 (SQL injection vulnerability in the auth_checkpass function in the logi ...)
 	NOT-FOR-US: NullLogic Groupware
-CVE-2009-2353
+CVE-2009-2353 (encoder.php in eAccelerator allows remote attackers to execute arbitra ...)
 	- eaccelerator-src <itp> (bug #460341)
-CVE-2009-2352
+CVE-2009-2352 (Google Chrome 1.0.154.48 and earlier does not block javascript: URIs i ...)
 	- chromium-browser 5.0.375.70~r48679-2
 	- webkit <not-affected> (doesn't have a 'view-source' handler)
 	NOTE: poc didn't seem to work against 5.0.375.70~r48679-2
 	NOTE: chromium security team doesn't consider this a valid security issue
 	NOTE: http://crbug.com/40086
-CVE-2009-2351
+CVE-2009-2351 (Opera 9.52 and earlier does not block javascript: URIs in Refresh head ...)
 	NOT-FOR-US: Opera
-CVE-2009-2350
+CVE-2009-2350 (Microsoft Internet Explorer 6.0.2900.2180 and earlier does not block j ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2009-2349
 	RESERVED
-CVE-2009-2348
+CVE-2009-2348 (Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permis ...)
 	NOT-FOR-US: Android
-CVE-2009-2347
+CVE-2009-2347 (Multiple integer overflows in inter-color spaces conversion tools in l ...)
 	{DSA-1835-1}
 	- tiff 3.8.2-13
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2009-2346
+CVE-2009-2346 (The IAX2 protocol implementation in Asterisk Open Source 1.2.x before  ...)
 	- asterisk 1:1.6.2.0~dfsg~beta3-1 (bug #539473)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
 	[lenny] - asterisk <no-dsa> (Intrusive protocol-level vulnerabilitity, see http://downloads.asterisk.org/pub/security/IAX2-security.pdf)
-CVE-2009-2345
+CVE-2009-2345 (Multiple SQL injection vulnerabilities in ClanSphere before 2009.0.1 a ...)
 	NOT-FOR-US: ClanSphere
-CVE-2009-2344
+CVE-2009-2344 (The web-based management interfaces in Sourcefire Defense Center (DC)  ...)
 	NOT-FOR-US: Sourcefire
-CVE-2009-2342
+CVE-2009-2342 (Cross-site scripting (XSS) vulnerability in admin.php (aka the login p ...)
 	NOT-FOR-US: CMME
-CVE-2009-2341
+CVE-2009-2341 (SQL injection vulnerability in albumdetail.php in Opial 1.0 allows rem ...)
 	NOT-FOR-US: Opial
-CVE-2009-2340
+CVE-2009-2340 (SQL injection vulnerability in admin/index.php in Opial 1.0 allows rem ...)
 	NOT-FOR-US: Opial
-CVE-2009-2339
+CVE-2009-2339 (SQL injection vulnerability in index.php in Rentventory allows remote  ...)
 	NOT-FOR-US: Rentventory
-CVE-2009-2338
+CVE-2009-2338 (Directory traversal vulnerability in includes/startmodules.inc.php in  ...)
 	NOT-FOR-US: FreeWebshop.org
-CVE-2009-2337
+CVE-2009-2337 (SQL injection vulnerability in includes/module/book/index.inc.php in w ...)
 	NOT-FOR-US: w3b|cms
-CVE-2009-2336
+CVE-2009-2336 (The forgotten mail interface in WordPress and WordPress MU before 2.8. ...)
 	- wordpress 2.8.3-1 (unimportant; bug #536724)
 	NOTE: Minor information leak
-CVE-2009-2335
+CVE-2009-2335 (WordPress and WordPress MU before 2.8.1 exhibit different behavior for ...)
 	- wordpress 2.8.3-1 (unimportant; bug #536724)
 	NOTE: Minor information leak
-CVE-2009-2334
+CVE-2009-2334 (wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not ...)
 	{DSA-1871-2 DSA-1871-1}
 	- wordpress 2.8.3-1 (low; bug #536724)
-CVE-2009-2333
+CVE-2009-2333 (Multiple directory traversal vulnerabilities in CMS Chainuk 1.2 and ea ...)
 	NOT-FOR-US: CMS Chainuk
-CVE-2009-2332
+CVE-2009-2332 (CMS Chainuk 1.2 and earlier allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: CMS Chainuk
-CVE-2009-2331
+CVE-2009-2331 (Multiple static code injection vulnerabilities in CMS Chainuk 1.2 and  ...)
 	NOT-FOR-US: CMS Chainuk
-CVE-2009-2330
+CVE-2009-2330 (Cross-site scripting (XSS) vulnerability in admin/admin_menu.php in CM ...)
 	NOT-FOR-US: CMS Chainuk
-CVE-2009-2329
+CVE-2009-2329 (KerviNet Forum 1.1 and earlier allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: KerviNet Forum
-CVE-2009-2328
+CVE-2009-2328 (admin/edit_user.php in KerviNet Forum 1.1 and earlier does not require ...)
 	NOT-FOR-US: KerviNet Forum
-CVE-2009-2327
+CVE-2009-2327 (Cross-site scripting (XSS) vulnerability in add_voting.php in KerviNet ...)
 	NOT-FOR-US: KerviNet Forum
-CVE-2009-2326
+CVE-2009-2326 (Multiple SQL injection vulnerabilities in KerviNet Forum 1.1 and earli ...)
 	NOT-FOR-US: KerviNet Forum
-CVE-2009-2325
+CVE-2009-2325 (Directory traversal vulnerability in index.php in Clicknet CMS 2.1 all ...)
 	NOT-FOR-US: Clicknet CMS
-CVE-2009-2324
+CVE-2009-2324 (Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor befor ...)
 	{DSA-1836-1}
 	- fckeditor 1:2.6.4.1-1 (low; bug #536051)
 	- moin 1.8.2-2
@@ -7490,27 +7490,27 @@ CVE-2009-2324
 	[etch] - gforge <not-affected> (doesn't contain FCKeditor)
 	- egroupware <not-affected> (doesn't provide FCKeditor sample files)
 	- request-tracker3.8 <not-affected> (doesn't provide FCKeditor sample files)
-CVE-2009-2323
+CVE-2009-2323 (The web interface on the Axesstel MV 410R redirects users back to the  ...)
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2322
+CVE-2009-2322 (Cross-site scripting (XSS) vulnerability in cgi-bin/sysconf.cgi on the ...)
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2321
+CVE-2009-2321 (cgi-bin/sysconf.cgi on the Axesstel MV 410R allows remote attackers to ...)
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2320
+CVE-2009-2320 (The web interface on the Axesstel MV 410R relies on client-side JavaSc ...)
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2319
+CVE-2009-2319 (The default configuration of the Wi-Fi component on the Axesstel MV 41 ...)
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2318
+CVE-2009-2318 (The Axesstel MV 410R allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2317
+CVE-2009-2317 (The Axesstel MV 410R has a certain default administrator password, and ...)
 	NOT-FOR-US: Axesstel MV 410R
-CVE-2009-2316
+CVE-2009-2316 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Iden ...)
 	NOT-FOR-US: IBM Tivoli
 CVE-2009-2315
 	REJECTED
-CVE-2009-2314
+CVE-2009-2314 (Race condition in the Sun Lightweight Availability Collection Tool 3.0 ...)
 	NOT-FOR-US: Lightweight Availability Collection Tool
-CVE-2009-2687
+CVE-2009-2687 (The exif_read_data function in the Exif module in PHP before 5.2.10 al ...)
 	{DSA-1940-1}
 	- php5 5.2.10.dfsg.1-2 (low; bug #535888)
 	- php4 <removed> (low; bug #535897)
@@ -7530,92 +7530,92 @@ CVE-2009-XXXX [mimedecode: potential dos/crash due to invalid input]
 	- mimedecode <removed> (low; bug #530430)
 	[etch] - mimedecode <no-dsa> (minor issue)
 	[lenny] - mimedecode <no-dsa> (minor issue)
-CVE-2009-2313
+CVE-2009-2313 (Directory traversal vulnerability in index.php in Jinzora Media Jukebo ...)
 	NOT-FOR-US: Jinzora Media Jukebox
-CVE-2009-2312
+CVE-2009-2312 (SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in c ...)
 	NOT-FOR-US: Secure Computing SmartFilter
-CVE-2009-2311
+CVE-2009-2311 (SQL injection vulnerability in the rGallery plugin 1.2.3 for WoltLab B ...)
 	NOT-FOR-US: rGallery plugin for WoltLab
-CVE-2009-2310
+CVE-2009-2310 (SQL injection vulnerability in include/get_read.php in Extensible-BioL ...)
 	NOT-FOR-US: Extensible-BioLawCom CMS
-CVE-2009-2309
+CVE-2009-2309 (SQL injection vulnerability in index.php in Codice CMS 2 allows remote ...)
 	NOT-FOR-US: Codice CMS 2
-CVE-2009-2308
+CVE-2009-2308 (Multiple SQL injection vulnerabilities in affiliates.php in the Affili ...)
 	NOT-FOR-US: PunBB
-CVE-2009-2307
+CVE-2009-2307 (SQL injection vulnerability in the CWGuestBook module 2.1 and earlier  ...)
 	NOT-FOR-US: MDPro
-CVE-2009-2306
+CVE-2009-2306 (The ARD-9808 DVR card security camera stores sensitive information und ...)
 	NOT-FOR-US: ARD-9808 DVR card security camera
-CVE-2009-2305
+CVE-2009-2305 (The ARD-9808 DVR card security camera allows remote attackers to cause ...)
 	NOT-FOR-US: ARD-9808 DVR card security camera
-CVE-2009-2304
+CVE-2009-2304 (index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote att ...)
 	NOT-FOR-US: Aardvark Topsites
-CVE-2009-2303
+CVE-2009-2303 (index.php in Aardvark Topsites PHP 5.2.1 and earlier allows remote att ...)
 	NOT-FOR-US: Aardvark Topsites
-CVE-2009-2302
+CVE-2009-2302 (Cross-site scripting (XSS) vulnerability in index.php in Aardvark Tops ...)
 	NOT-FOR-US: Aardvark Topsites
-CVE-2009-2301
+CVE-2009-2301 (The radware AppWall Web Application Firewall (WAF) 1.0.2.6, with Gatew ...)
 	NOT-FOR-US: AppWall Web Application Firewall
-CVE-2009-2300
+CVE-2009-2300 (The management interface in the phion airlock Web Application Firewall ...)
 	NOT-FOR-US: phion airlock Web Application Firewall
-CVE-2009-2299
+CVE-2009-2299 (The Artofdefence Hyperguard Web Application Firewall (WAF) module befo ...)
 	NOT-FOR-US: Artofdefence Hyperguard Web Application Firewall
-CVE-2009-2298
+CVE-2009-2298 (Stack-based buffer overflow in rping in HP OpenView Network Node Manag ...)
 	NOT-FOR-US: HP Network Node Manager rping
-CVE-2009-2297
+CVE-2009-2297 (Unspecified vulnerability in the udp subsystem in the kernel in Sun So ...)
 	NOT-FOR-US: kernel in Sun Solaris
-CVE-2009-2296
+CVE-2009-2296 (The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris befo ...)
 	NOT-FOR-US: kernel module in Sun Solaris
-CVE-2009-2295
+CVE-2009-2295 (Multiple integer overflows in CamlImages 2.2 and earlier might allow c ...)
 	{DSA-1912-2 DSA-1832-1}
 	- camlimages 1:3.0.1-2 (low; bug #535909)
 	- advi 1.6.0-15 (low; bug #550440)
-CVE-2009-2294
+CVE-2009-2294 (Integer overflow in the Png_datainfo_callback function in Dillo 2.1 an ...)
 	- dillo 3.0-1 (medium; bug #535788)
-CVE-2009-2293
+CVE-2009-2293 (Optimum Web Design Tutorial Share 3.5.0 and earlier allows remote atta ...)
 	NOT-FOR-US: Optimum Web Design Tutorial Share
-CVE-2009-2292
+CVE-2009-2292 (Cross-site scripting (XSS) vulnerability in Appleple a-News 2.32 allow ...)
 	NOT-FOR-US: Appleple a-News
-CVE-2009-2291
+CVE-2009-2291 (Unspecified vulnerability in LoginToboggan 6.x-1.x before 6.x-1.5, a m ...)
 	NOT-FOR-US: LoginToboggan module for Drupal
-CVE-2009-2290
+CVE-2009-2290 (SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) c ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-2289
+CVE-2009-2289 (Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade  ...)
 	NOT-FOR-US: Arcade Trade Script
-CVE-2009-2287
+CVE-2009-2287 (The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel  ...)
 	{DSA-1846-1 DSA-1845-1}
 	- linux-2.6 2.6.30-2 (low)
 	- linux-2.6.24 <removed>
 	- kvm 88+dfsg-2 (low; bug #557737)
-CVE-2009-2285
+CVE-2009-2285 (Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allo ...)
 	{DSA-1835-1}
 	- tiff 3.8.2-12 (low; bug #534137)
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	NOTE: this doesn't allow code execution, only a crash.
-CVE-2009-2283
+CVE-2009-2283 (Multiple cross-site scripting (XSS) vulnerabilities in the help jsp sc ...)
 	NOT-FOR-US: Sun Java Web Console in Solaris
-CVE-2009-2282
+CVE-2009-2282 (The Virtual Network Terminal Server daemon (vntsd) for Logical Domains ...)
 	NOT-FOR-US: LDoms in Sun Solaris
-CVE-2009-2373
+CVE-2009-2373 (Cross-site scripting (XSS) vulnerability in the Forum module in Drupal ...)
 	{DSA-1930-1}
 	- drupal6 6.12-1.1 (low; bug #535435)
 	- drupal5 <not-affected> (Vulnerable code not present)
 	NOTE: http://drupal.org/node/507572
 	NOTE: requested CVE id
-CVE-2009-2372
+CVE-2009-2372 (Drupal 6.x before 6.13 does not prevent users from modifying user sign ...)
 	{DSA-1930-1}
 	- drupal6 6.12-1.1 (medium; bug #535435)
 	- drupal5 <not-affected> (Vulnerable code not present)
 	NOTE: http://drupal.org/node/507572
 	NOTE: marked as medium as this might lead to code execution if the php filter is enabled
 	NOTE: requested CVE id
-CVE-2009-2374
+CVE-2009-2374 (Drupal 5.x before 5.19 and 6.x before 6.13 does not properly sanitize  ...)
 	{DSA-1930-1}
 	- drupal6 6.12-1.1 (low; bug #535435)
 	- drupal5 5.18-1.1 (low; bug #535476)
 	NOTE: http://drupal.org/node/507572
 	NOTE: requested CVE id
-CVE-2009-2284
+CVE-2009-2284 (Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1  ...)
 	- phpmyadmin 4:3.2.0.1-1 (medium; bug #535890)
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
@@ -7626,35 +7626,35 @@ CVE-2009-2279
 	RESERVED
 CVE-2009-2278
 	RESERVED
-CVE-2009-2277
+CVE-2009-2277 (Cross-site scripting (XSS) vulnerability in WebAccess in VMware Virtua ...)
 	NOT-FOR-US: VMware
-CVE-2009-2276
+CVE-2009-2276 (SQL injection vulnerability in voteforus.php in the Vote For Us extens ...)
 	NOT-FOR-US: voteforus.php extension for PunBB
-CVE-2009-2275
+CVE-2009-2275 (Directory traversal vulnerability in frontend/x3/stats/lastvisit.html  ...)
 	NOT-FOR-US: cPanel
-CVE-2009-2274
+CVE-2009-2274 (The Huawei D100 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Huawei D100
-CVE-2009-2273
+CVE-2009-2273 (The default configuration of the Wi-Fi component on the Huawei D100 do ...)
 	NOT-FOR-US: Huawei D100
-CVE-2009-2272
+CVE-2009-2272 (The Huawei D100 stores the administrator's account name and password i ...)
 	NOT-FOR-US: Huawei D100
-CVE-2009-2271
+CVE-2009-2271 (The Huawei D100 has (1) a certain default administrator password for t ...)
 	NOT-FOR-US: Huawei D100
-CVE-2009-2270
+CVE-2009-2270 (Unrestricted file upload vulnerability in member/uploads_edit.php in d ...)
 	NOT-FOR-US: dedecms
-CVE-2009-2269
+CVE-2009-2269 (SQL injection vulnerability in Empire CMS 5.1 allows remote attackers  ...)
 	NOT-FOR-US: Empire CMS
-CVE-2009-2268
+CVE-2009-2268 (Cross-site scripting (XSS) vulnerability in the Cross-Domain Controlle ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2009-2267
+CVE-2009-2267 (VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5. ...)
 	- vmware-package <removed>
-CVE-2009-2266
+CVE-2009-2266 (OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote attacker ...)
 	NOT-FOR-US: OXID eShop
-CVE-2009-2281
+CVE-2009-2281 (Multiple heap-based buffer underflows in the readPostBody function in  ...)
 	{DSA-1914-1}
 	- mapserver 5.4.2-1 (medium; bug #535340)
 	NOTE: http://www.openwall.com/lists/oss-security/2009/06/22/2
-CVE-2009-2265
+CVE-2009-2265 (Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4 ...)
 	{DSA-1836-1}
 	- fckeditor 1:2.6.4.1-1 (medium; bug #536051)
 	NOTE: http://dev.fckeditor.net/changeset/3815/FCKeditor/trunk/editor/filemanager
@@ -7674,27 +7674,27 @@ CVE-2009-2265
 	NOTE: knowledgeroot from 0.9.8.5-3 uses systemwide copy of fckeditor
 CVE-2009-2264
 	RESERVED
-CVE-2009-2263
+CVE-2009-2263 (Directory traversal vulnerability in index.php in Awesome PHP Mega Fil ...)
 	NOT-FOR-US: Mega File Manager
-CVE-2009-2262
+CVE-2009-2262 (PHP remote file inclusion vulnerability in install/di.php in AjaxPorta ...)
 	NOT-FOR-US: AjaxPortal
-CVE-2009-2261
+CVE-2009-2261 (PeaZIP 2.6.1, 2.5.1, and earlier on Windows allows user-assisted remot ...)
 	NOT-FOR-US: PeaZIP
-CVE-2009-2260
+CVE-2009-2260 (stardict 3.0.1, when Enable Net Dict is configured, sends the contents ...)
 	- stardict 3.0.1-5 (low; bug #534731)
 	[etch] - stardict <not-affected> (netdict plugin not yet present)
 	[lenny] - stardict 3.0.1-4+lenny1
 CVE-2009-2259
 	REJECTED
-CVE-2009-2258
+CVE-2009-2258 (Directory traversal vulnerability in cgi-bin/webcm in the administrati ...)
 	NOT-FOR-US: Netgear DG632
-CVE-2009-2257
+CVE-2009-2257 (The administrative web interface on the Netgear DG632 with firmware 3. ...)
 	NOT-FOR-US: Netgear DG632
-CVE-2009-2256
+CVE-2009-2256 (The administrative web interface on the Netgear DG632 with firmware 3. ...)
 	NOT-FOR-US: Netgear DG632
-CVE-2009-2255
+CVE-2009-2255 (Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative au ...)
 	NOT-FOR-US: Zen Cart
-CVE-2009-2254
+CVE-2009-2254 (Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative au ...)
 	NOT-FOR-US: Zen Cart
 CVE-2009-2253
 	RESERVED
@@ -7716,27 +7716,27 @@ CVE-2009-2245
 	RESERVED
 CVE-2009-2244
 	RESERVED
-CVE-2009-2243
+CVE-2009-2243 (SQL injection vulnerability in active_appointments.asp in ASP Inline C ...)
 	NOT-FOR-US: ASP Inline Corporate Calendar
-CVE-2009-2242
+CVE-2009-2242 (SQL injection vulnerability in active_appointments.asp in ASP Inline C ...)
 	NOT-FOR-US: ASP Inline Corporate Calendar
-CVE-2009-2241
+CVE-2009-2241 (Cross-site scripting (XSS) vulnerability in search.asp in ASP Inline C ...)
 	NOT-FOR-US: ASP Inline Corporate Calendar
-CVE-2009-2240
+CVE-2009-2240 (Cross-site scripting (XSS) vulnerability in AD2000 free-sw leger (aka  ...)
 	NOT-FOR-US: Web Conference Room Free
-CVE-2009-2239
+CVE-2009-2239 (SQL injection vulnerability in the (1) casinobase (com_casinobase), (2 ...)
 	NOT-FOR-US: Joomla! components
-CVE-2009-2238
+CVE-2009-2238 (Unrestricted file upload vulnerability in includes/shared_scripts/wysi ...)
 	NOT-FOR-US: DMXReady Registration Manager
-CVE-2009-2237
+CVE-2009-2237 (Unspecified vulnerability in Views Bulk Operations 5.x-1.x before 5.x- ...)
 	NOT-FOR-US: contributed Views Bulk Operations module for Drupal
-CVE-2009-2236
+CVE-2009-2236 (SQL injection vulnerability in yad-admin/login.php in Your Article Dir ...)
 	NOT-FOR-US: Your Articles Directory
-CVE-2009-2235
+CVE-2009-2235 (SQL injection vulnerability in page.php in Your Articles Directory all ...)
 	NOT-FOR-US: Your Articles Directory
-CVE-2009-2234
+CVE-2009-2234 (Multiple SQL injection vulnerabilities in admin.php in VICIDIAL Call C ...)
 	NOT-FOR-US: VICIDIAL Call Center Suite
-CVE-2009-2210
+CVE-2009-2210 (Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow  ...)
 	{DSA-1830-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
@@ -7747,7 +7747,7 @@ CVE-2009-2210
 	- kompozer <not-affected> (mail suite not compiled)
 	NOTE: http://www.mozilla.org/security/announce/2009/mfsa2009-33.html
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=495057
-CVE-2009-2343
+CVE-2009-2343 (Cross-site scripting (XSS) vulnerability in people.php in Zoph before  ...)
 	- zoph 0.7.5-1 (low; bug #535188)
 	[lenny] - zoph <no-dsa> (Minor issue, fringe package)
 	NOTE: http://sourceforge.net/tracker/?func=detail&aid=2815898&group_id=69353&atid=524249
@@ -7756,99 +7756,99 @@ CVE-2009-XXXX [udev: creates aacraid devices that are rw by group floppy]
 	- udev 0.141-1 (low; bug #530245; bug #462655; bug #404927)
 	[lenny] - udev <no-dsa> (Minor issue)
 	[etch] - udev <no-dsa> (minor issue)
-CVE-2009-2288
+CVE-2009-2288 (statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execut ...)
 	{DSA-1825-1}
 	- nagios3 3.0.6-5
 	- nagios2 <removed>
 	NOTE: http://secunia.com/advisories/35543
-CVE-2009-2286
+CVE-2009-2286 (Buffer overflow in compface 1.5.2 and earlier allows user-assisted att ...)
 	- libcompface 1:1.5.2-5 (unimportant; bug #534973)
-CVE-2009-2233
+CVE-2009-2233 (The admin interface in AWScripts.com Gallery Search Engine 1.5 allows  ...)
 	NOT-FOR-US: AWScripts.com Gallery Search Engine
-CVE-2009-2232
+CVE-2009-2232 (SQL injection vulnerability in image.php in Softbiz Banner Ad Manageme ...)
 	NOT-FOR-US: Softbiz Banner Ad Management Script
-CVE-2009-2231
+CVE-2009-2231 (MIDAS 1.43 allows remote attackers to bypass authentication and obtain ...)
 	NOT-FOR-US: MIDAS
-CVE-2009-2230
+CVE-2009-2230 (SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka  ...)
 	NOT-FOR-US: MyBB
-CVE-2009-2229
+CVE-2009-2229 (Directory traversal vulnerability in engine.php in Kasseler CMS 1.3.5  ...)
 	NOT-FOR-US: Kasseler CMS
-CVE-2009-2228
+CVE-2009-2228 (Cross-site scripting (XSS) vulnerability in engine.php in Kasseler CMS ...)
 	NOT-FOR-US: Kasseler CMS
-CVE-2009-2227
+CVE-2009-2227 (Stack-based buffer overflow in B Labs Bopup Communication Server 3.2.2 ...)
 	NOT-FOR-US: Bopup Communication Server
-CVE-2009-2226
+CVE-2009-2226 (Cross-site scripting (XSS) vulnerability in Let's PHP! Tree BBS 2004/1 ...)
 	NOT-FOR-US: Let's PHP! Tree BBS
-CVE-2009-2225
+CVE-2009-2225 (Stack-based buffer overflow in SureThing CD/DVD Labeler 5.1.616 trial  ...)
 	NOT-FOR-US: SureThing CD/DVD Labeler
-CVE-2009-2224
+CVE-2009-2224 (Directory traversal vulnerability in ang/shared/flags.php in AN Guestb ...)
 	NOT-FOR-US: AN Guestbook
-CVE-2009-2223
+CVE-2009-2223 (Directory traversal vulnerability in locms/smarty.php in LightOpenCMS  ...)
 	NOT-FOR-US: LightOpenCMS
-CVE-2009-2222
+CVE-2009-2222 (Directory traversal vulnerability in PHP-I-BOARD 1.2 and earlier allow ...)
 	NOT-FOR-US: PHP-I-BOARD
-CVE-2009-2221
+CVE-2009-2221 (Cross-site scripting (XSS) vulnerability in PHP-I-BOARD 1.2 and earlie ...)
 	NOT-FOR-US: PHP-I-BOARD
-CVE-2009-2220
+CVE-2009-2220 (Multiple directory traversal vulnerabilities in Tribiq CMS 5.0.12c, wh ...)
 	NOT-FOR-US: Tribiq CMS
-CVE-2009-2219
+CVE-2009-2219 (Multiple cross-site scripting (XSS) vulnerabilities in phpCollegeExcha ...)
 	NOT-FOR-US: phpCollegeExchange
-CVE-2009-2218
+CVE-2009-2218 (Multiple PHP remote file inclusion vulnerabilities in phpCollegeExchan ...)
 	NOT-FOR-US: phpCollegeExchange
-CVE-2009-2217
+CVE-2009-2217 (Cross-site scripting (XSS) vulnerability in NBBC before 1.4.2 allows r ...)
 	NOT-FOR-US: NBBC
-CVE-2009-2216
+CVE-2009-2216 (Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in DirectAdmi ...)
 	NOT-FOR-US: DirectAdmin
-CVE-2009-2215
+CVE-2009-2215 (Multiple cross-site scripting (XSS) vulnerabilities in URD before 0.6. ...)
 	NOT-FOR-US: URD
-CVE-2009-2214
+CVE-2009-2214 (The Secure Gateway service in Citrix Secure Gateway 3.1 and earlier al ...)
 	NOT-FOR-US: Citrix Secure Gateway
-CVE-2009-2213
+CVE-2009-2213 (The default configuration of the Security global settings on the Citri ...)
 	NOT-FOR-US: Citrix NetScaler Access Gateway
-CVE-2009-2212
+CVE-2009-2212 (The CQWeb server in IBM Rational ClearQuest 7.0.0 before 7.0.0.6 and 7 ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2009-2211
+CVE-2009-2211 (Cross-site scripting (XSS) vulnerability in the CQWeb server in IBM Ra ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2009-2209
+CVE-2009-2209 (SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 al ...)
 	NOT-FOR-US: RS-CMS
-CVE-2009-2208
+CVE-2009-2208 (FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIO ...)
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 7.2-2
 	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
 	NOTE: http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
-CVE-2009-2207
+CVE-2009-2207 (The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone  ...)
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2206
+CVE-2009-2206 (Multiple heap-based buffer overflows in the AudioCodecs library in the ...)
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2205
+CVE-2009-2205 (Stack-based buffer overflow in the Java Web Start command launcher in  ...)
 	NOT-FOR-US: Mac OS X
-CVE-2009-2204
+CVE-2009-2204 (Unspecified vulnerability in the CoreTelephony component in Apple iPho ...)
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2203
+CVE-2009-2203 (Buffer overflow in Apple QuickTime before 7.6.4 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-2202
+CVE-2009-2202 (Apple QuickTime before 7.6.4 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-2201
+CVE-2009-2201 (The screensharing feature in the Admin application in Apple Xsan befor ...)
 	NOT-FOR-US: Admin application in Apple Xsan
-CVE-2009-2200
+CVE-2009-2200 (WebKit in Apple Safari before 4.0.3 does not properly restrict the URL ...)
 	- kdelibs <not-affected>
 	- webkit <not-affected> (gtk-based frame loader not affected)
 	- qt4-x11 <not-affected>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=517273
 	NOTE: http://trac.webkit.org/changeset/44905
 	NOTE: http://trac.webkit.org/changeset/44909
-CVE-2009-2199
+CVE-2009-2199 (Incomplete blacklist vulnerability in WebKit in Apple Safari before 4. ...)
 	- kdelibs <not-affected>
 	- webkit <not-affected> (problem with look-alike character rendering with mac-specific fonts)
 	- qt4-x11 <not-affected>
-CVE-2009-2198
+CVE-2009-2198 (Apple GarageBand before 5.1 reconfigures Safari to accept all cookies  ...)
 	NOT-FOR-US: Apple GarageBand
-CVE-2009-2197
+CVE-2009-2197 (Apple Safari before 9.1 allows remote attackers to spoof the user inte ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-2196
+CVE-2009-2196 (Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-2195
+CVE-2009-2195 (Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote a ...)
 	- webkit 1.1.12-1 (medium)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	- kdelibs <not-affected>
@@ -7856,192 +7856,192 @@ CVE-2009-2195
 	- qt4-x11 <not-affected>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=517273
 	NOTE: http://trac.webkit.org/changeset/45696
-CVE-2009-2194
+CVE-2009-2194 (Apple Mac OS X 10.5 before 10.5.8 does not properly share file descrip ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2193
+CVE-2009-2193 (Buffer overflow in the kernel in Apple Mac OS X 10.5 before 10.5.8 all ...)
 	NOT-FOR-US: kernel in Apple Mac OS X
-CVE-2009-2192
+CVE-2009-2192 (MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly delete ...)
 	NOT-FOR-US: MobileMe in Apple Mac OS X
-CVE-2009-2191
+CVE-2009-2191 (Format string vulnerability in Login Window in Apple Mac OS X 10.4.11  ...)
 	NOT-FOR-US: Login Window in Apple Mac OS X
-CVE-2009-2190
+CVE-2009-2190 (launchd in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers t ...)
 	NOT-FOR-US: launchd in Apple Mac OS X
-CVE-2009-2189
+CVE-2009-2189 (The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme B ...)
 	NOT-FOR-US: Apple
-CVE-2009-2188
+CVE-2009-2188 (Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and S ...)
 	NOT-FOR-US: ImageIO in Apple Mac OS X
-CVE-2009-2187
+CVE-2009-2187 (Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementat ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2186
+CVE-2009-2186 (Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465  ...)
 	NOT-FOR-US: Adobe Shockwave Playe
-CVE-2009-2185
+CVE-2009-2185 (The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongsw ...)
 	{DSA-1899-1 DSA-1898-1}
 	- strongswan 4.2.14-1.2 (bug #533837)
 	- openswan 1:2.6.22+dfsg-1
-CVE-2009-2184
+CVE-2009-2184 (Absolute path traversal vulnerability in forcedownload.php in Gravy Me ...)
 	NOT-FOR-US: Gravy Media Photo
-CVE-2009-2183
+CVE-2009-2183 (Directory traversal vulnerability in admin-files/ad.php in Campsite 3. ...)
 	NOT-FOR-US: Campsite
-CVE-2009-2182
+CVE-2009-2182 (Multiple PHP remote file inclusion vulnerabilities in Campsite 3.3.0 R ...)
 	NOT-FOR-US: Campsite
-CVE-2009-2181
+CVE-2009-2181 (Cross-site scripting (XSS) vulnerability in admin-files/templates/list ...)
 	NOT-FOR-US: Campsite
-CVE-2009-2180
+CVE-2009-2180 (Multiple directory traversal vulnerabilities in upfiles/index.php in P ...)
 	NOT-FOR-US: Pc4 Uploader
-CVE-2009-2179
+CVE-2009-2179 (SQL injection vulnerability in search.php in phpDatingClub 3.7 allows  ...)
 	NOT-FOR-US: phpDatingClub
-CVE-2009-2178
+CVE-2009-2178 (Cross-site scripting (XSS) vulnerability in website.php in phpDatingCl ...)
 	NOT-FOR-US: phpDatingClub
-CVE-2009-2177
+CVE-2009-2177 (code/display.php in fuzzylime (cms) 3.03a and earlier, when magic_quot ...)
 	NOT-FOR-US: fuzzylime
-CVE-2009-2176
+CVE-2009-2176 (Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.03a  ...)
 	NOT-FOR-US: fuzzylime
-CVE-2009-2175
+CVE-2009-2175 (Stack-based buffer overflow in the flattenIncrementally function in fl ...)
 	- gnome-xcf-thumbnailer 1.0-1.1 (low; bug #601735)
 	[lenny] - gnome-xcf-thumbnailer <no-dsa> (Minor issue)
 	- xcftools 1.0.7-1 (low; bug #533361)
 	[etch] - xcftools 1.0.4-1+etch1
 	[lenny] - xcftools 1.0.4-1+lenny1
-CVE-2009-2174
+CVE-2009-2174 (GUPnP 0.12.7 allows remote attackers to cause a denial of service (cra ...)
 	- gupnp 0.12.6-3.1 (low; bug #534594)
 	[etch] - gupnp <no-dsa> (Minor issue)
 	[lenny] - gupnp <no-dsa> (Minor issue)
-CVE-2009-2173
+CVE-2009-2173 (The LAN game feature in Carom3D 5.06 allows remote authenticated users ...)
 	NOT-FOR-US: Carom3D
-CVE-2009-2172
+CVE-2009-2172 (Cross-site scripting (XSS) vulnerability in forum/radioandtv.php in th ...)
 	NOT-FOR-US: Radio and TV Player addon for vBulletin
-CVE-2009-2169
+CVE-2009-2169 (Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX ...)
 	NOT-FOR-US: Edraw PDF Viewer
-CVE-2009-2168
+CVE-2009-2168 (cpanel/login.php in EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier sends a ...)
 	NOT-FOR-US: EgyPlus 7ammel (aka 7ml)
-CVE-2009-2167
+CVE-2009-2167 (Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus  ...)
 	NOT-FOR-US: EgyPlus 7ammel (aka 7ml)
-CVE-2009-2166
+CVE-2009-2166 (Absolute path traversal vulnerability in cvs.php in OCS Inventory NG b ...)
 	- ocsinventory-server 1.02.1-1 (unimportant; bug #531735)
 	NOTE: README.Debian states Important: access to the reports server should be restricted
-CVE-2009-2165
+CVE-2009-2165 (SerendipityNZ (aka SimpleBoxes) Serene Bach 2.20R and earlier, and 3.0 ...)
 	NOT-FOR-US: SerendipityNZ (aka SimpleBoxes) Serene Bach
-CVE-2009-2164
+CVE-2009-2164 (Multiple SQL injection vulnerabilities in Kjtechforce mailman beta1, w ...)
 	NOT-FOR-US: kjtechforce
-CVE-2009-2163
+CVE-2009-2163 (Cross-site scripting (XSS) vulnerability in login/default.aspx in Site ...)
 	NOT-FOR-US: Sitecore CMS
-CVE-2009-2162
+CVE-2009-2162 (Cross-site scripting (XSS) vulnerability in the XOOPS MANIAC PukiWikiM ...)
 	NOT-FOR-US: XOOPS MANIAC PukiWikiMod module
-CVE-2009-2161
+CVE-2009-2161 (Directory traversal vulnerability in backend/admin-functions.php in To ...)
 	NOT-FOR-US: TorrentTrader
-CVE-2009-2160
+CVE-2009-2160 (TorrentTrader Classic 1.09 allows remote attackers to (1) obtain confi ...)
 	NOT-FOR-US: TorrentTrader
-CVE-2009-2159
+CVE-2009-2159 (backup-database.php in TorrentTrader Classic 1.09 does not require adm ...)
 	NOT-FOR-US: TorrentTrader
-CVE-2009-2158
+CVE-2009-2158 (account-recover.php in TorrentTrader Classic 1.09 chooses random passw ...)
 	NOT-FOR-US: TorrentTrader
-CVE-2009-2157
+CVE-2009-2157 (Multiple SQL injection vulnerabilities in TorrentTrader Classic 1.09 a ...)
 	NOT-FOR-US: TorrentTrader
-CVE-2009-2156
+CVE-2009-2156 (Multiple cross-site scripting (XSS) vulnerabilities in TorrentTrader C ...)
 	NOT-FOR-US: TorrentTrader
-CVE-2009-2155
+CVE-2009-2155 (Cross-site scripting (XSS) vulnerability in report/ReportViewAction.do ...)
 	NOT-FOR-US: WebNMS
-CVE-2009-2154
+CVE-2009-2154 (SQL injection vulnerability in admin/login.php in Impleo Music Collect ...)
 	NOT-FOR-US: Impleo Music Collection
-CVE-2009-2153
+CVE-2009-2153 (Cross-site scripting (XSS) vulnerability in index.php in Impleo Music  ...)
 	NOT-FOR-US: Impleo Music Collection
-CVE-2009-2152
+CVE-2009-2152 (SQL injection vulnerability in a_index.php in AdaptWeb 0.9.2 allows re ...)
 	NOT-FOR-US: AdaptWeb
-CVE-2009-2151
+CVE-2009-2151 (Directory traversal vulnerability in index.php in AdaptWeb 0.9.2 allow ...)
 	NOT-FOR-US: AdaptWeb
-CVE-2009-2150
+CVE-2009-2150 (Multiple cross-site request forgery (CSRF) vulnerabilities in Campus V ...)
 	NOT-FOR-US: Campus Virtual-LMS
-CVE-2009-2149
+CVE-2009-2149 (Multiple cross-site scripting (XSS) vulnerabilities in Campus Virtual- ...)
 	NOT-FOR-US: Campus Virtual-LMS
-CVE-2009-2148
+CVE-2009-2148 (SQL injection vulnerability in news/index.php in Campus Virtual-LMS al ...)
 	NOT-FOR-US: Campus Virtual-LMS
-CVE-2009-2147
+CVE-2009-2147 (SQL injection vulnerability in fdown.php in phpWebThings 1.5.2 and ear ...)
 	NOT-FOR-US: phpWebThings
-CVE-2009-2146
+CVE-2009-2146 (Unrestricted file upload vulnerability in the Compose Email feature in ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2009-2145
+CVE-2009-2145 (Multiple cross-site scripting (XSS) vulnerabilities in transLucid 1.75 ...)
 	NOT-FOR-US: transLucid
-CVE-2009-2144
+CVE-2009-2144 (SQL injection vulnerability in the FireStats plugin before 1.6.2-stabl ...)
 	NOT-FOR-US: FireStats plugin for WordPress
-CVE-2009-2143
+CVE-2009-2143 (PHP remote file inclusion vulnerability in firestats-wordpress.php in  ...)
 	NOT-FOR-US: FireStats plugin for WordPress
-CVE-2009-2142
+CVE-2009-2142 (Multiple SQL injection vulnerabilities in admin/index.asp in Zip Store ...)
 	NOT-FOR-US: Zip Store Chat
-CVE-2009-2141
+CVE-2009-2141 (Multiple cross-site scripting (XSS) vulnerabilities in TBDev.NET 01-01 ...)
 	NOT-FOR-US: TBDev.NET
-CVE-2009-2140
+CVE-2009-2140 (Multiple heap-based buffer overflows in cppcanvas/source/mtfrenderer/e ...)
 	- openoffice.org <not-affected> (bug introduced by a patch not applied to the deb)
-CVE-2009-2139
+CVE-2009-2139 (Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx ...)
 	{DSA-1880-1}
 	- openoffice.org 1:3.1.1~ooo310m15-1
-CVE-2009-2138
+CVE-2009-2138 (Multiple open redirect vulnerabilities in TBDev.NET 01-01-08 allow rem ...)
 	NOT-FOR-US: TBDev.NET
-CVE-2009-2137
+CVE-2009-2137 (Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka n ...)
 	NOT-FOR-US: Ultra-SPARC T2 crypto provider device driver in Sun Solaris 10
-CVE-2009-2136
+CVE-2009-2136 (Unspecified vulnerability in the TCP/IP networking stack in Sun Solari ...)
 	NOT-FOR-US: Sun Solaris 10
-CVE-2009-2135
+CVE-2009-2135 (Multiple race conditions in the Solaris Event Port API in Sun Solaris  ...)
 	NOT-FOR-US: Sun Solaris 10
-CVE-2009-2134
+CVE-2009-2134 (pivot/tb.php in Pivot 1.40.4 and 1.40.7 allows remote attackers to obt ...)
 	NOT-FOR-US: Pivot
-CVE-2009-2133
+CVE-2009-2133 (Multiple cross-site scripting (XSS) vulnerabilities in Pivot 1.40.4 an ...)
 	NOT-FOR-US: Pivot
-CVE-2009-2132
+CVE-2009-2132 (Directory traversal vulnerability in global.php in 4images before 1.7. ...)
 	NOT-FOR-US: 4images
-CVE-2009-2131
+CVE-2009-2131 (Cross-site scripting (XSS) vulnerability in 4images 1.7.7 and earlier  ...)
 	NOT-FOR-US: 4images
-CVE-2009-2130
+CVE-2009-2130 (Elvin 1.2.0 allows remote attackers to read the PHP source code of (1) ...)
 	NOT-FOR-US: Elvin
-CVE-2009-2129
+CVE-2009-2129 (Cross-site request forgery (CSRF) vulnerability in login.php in Elvin  ...)
 	NOT-FOR-US: Elvin
-CVE-2009-2128
+CVE-2009-2128 (SQL injection vulnerability in close_bug.php in Elvin before 1.2.1 all ...)
 	NOT-FOR-US: Elvin
-CVE-2009-2127
+CVE-2009-2127 (Cross-site scripting (XSS) vulnerability in show_activity.php in Elvin ...)
 	NOT-FOR-US: Elvin
-CVE-2009-2126
+CVE-2009-2126 (Cross-site scripting (XSS) vulnerability in close_bug.php in Elvin bef ...)
 	NOT-FOR-US: Elvin
-CVE-2009-2125
+CVE-2009-2125 (delete_bug.php in Elvin before 1.2.1 does not require administrative p ...)
 	NOT-FOR-US: Elvin
-CVE-2009-2124
+CVE-2009-2124 (Directory traversal vulnerability in page.php in Elvin 1.2.0 allows re ...)
 	NOT-FOR-US: Elvin
-CVE-2009-2123
+CVE-2009-2123 (Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow remote att ...)
 	NOT-FOR-US: Elvin
-CVE-2009-2122
+CVE-2009-2122 (SQL injection vulnerability in viewimg.php in the Paolo Palmonari Phot ...)
 	NOT-FOR-US: Photoracer plugin for WordPress
-CVE-2009-2121
+CVE-2009-2121 (Buffer overflow in the browser kernel in Google Chrome before 2.0.172. ...)
 	- chromium-browser <not-affected> (Only 2.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-2170
+CVE-2009-2170 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 befo ...)
 	{DSA-1822-1}
 	- mahara 1.1.5-1 (low)
-CVE-2009-2171
+CVE-2009-2171 (Mahara 1.1 before 1.1.5 does not apply permission checks when saving a ...)
 	- mahara 1.1.5-1 (low)
 	[lenny] - mahara <not-affected> (vulnerable code introduced in 1.1)
-CVE-2009-2120
+CVE-2009-2120 (Multiple SQL injection vulnerabilities in TekBase All-in-One 3.1 allow ...)
 	NOT-FOR-US: TekBase
-CVE-2009-2119
+CVE-2009-2119 (Cross-site scripting (XSS) vulnerability in the login interface (my.lo ...)
 	NOT-FOR-US: FirePass
-CVE-2009-2118
+CVE-2009-2118 (Integer overflow in IrfanView 4.23, when the resampling or screen fitt ...)
 	NOT-FOR-US: IrfanView
-CVE-2009-2117
+CVE-2009-2117 (uye_paneli.php in phPortal 1.0 allows remote attackers to bypass authe ...)
 	NOT-FOR-US: phPortal
-CVE-2009-2116
+CVE-2009-2116 (Directory traversal vulnerability in admin.php in SkyBlueCanvas 1.1 r2 ...)
 	NOT-FOR-US: SkyBlueCanvas
-CVE-2009-2115
+CVE-2009-2115 (admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated admini ...)
 	NOT-FOR-US: SkyBlueCanvas
-CVE-2009-2114
+CVE-2009-2114 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Sk ...)
 	NOT-FOR-US: SkyBlueCanvas
-CVE-2009-2113
+CVE-2009-2113 (Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote at ...)
 	NOT-FOR-US: FretsWeb
-CVE-2009-2112
+CVE-2009-2112 (Directory traversal vulnerability in include/page_bottom.php in phpFK  ...)
 	NOT-FOR-US: phpFK
-CVE-2009-2111
+CVE-2009-2111 (Static code injection vulnerability in add_reg.php in DB Top Sites 1.0 ...)
 	NOT-FOR-US: DB Top Site
-CVE-2009-2110
+CVE-2009-2110 (Multiple directory traversal vulnerabilities in DB Top Sites 1.0, when ...)
 	NOT-FOR-US: DB Top Sites 1.0
-CVE-2009-2109
+CVE-2009-2109 (Multiple directory traversal vulnerabilities in FretsWeb 1.2 allow rem ...)
 	NOT-FOR-US: FretsWeb
-CVE-2009-2108
+CVE-2009-2108 (git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cau ...)
 	{DSA-1841-2 DSA-1841-1}
 	- git-core 1:1.6.3.3-1 (medium; bug #532935)
 	NOTE: http://git.kernel.org/?p=git/git.git;a=commitdiff;h=73bb33a9
@@ -8058,7 +8058,7 @@ CVE-2009-XXXX ["slowloris" denial-of-service vulnerabilty in webservers]
 	- squid3 <not-affected>
 	NOTE: http://www.squid-cache.org/bugs/show_bug.cgi?id=2694
 	- lighttpd <not-affected>
-CVE-2009-2107
+CVE-2009-2107 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in We ...)
 	NOT-FOR-US: Webmedia Explorer
 CVE-2009-XXXX [ShowConfigTab unintentionally grants rights intended for SuperUsers]
 	- request-tracker3.6 3.6.8-1 (low; bug #532990)
@@ -8066,73 +8066,73 @@ CVE-2009-XXXX [ShowConfigTab unintentionally grants rights intended for SuperUse
 	[etch] - request-tracker3.6 <not-affected> (flaw introduced in 3.6.2)
 	- request-tracker3.4 <not-affected> (flaw introduced in 3.6.2; bug #534498)
 	- request-tracker3.8 3.8.4-1
-CVE-2009-2106
+CVE-2009-2106 (SQL injection vulnerability in the Virtual Civil Services (civserv) ex ...)
 	NOT-FOR-US: Virtual Civil Services extension for TYPO3
-CVE-2009-2105
+CVE-2009-2105 (SQL injection vulnerability in the References database (t3references)  ...)
 	NOT-FOR-US: References database extension for TYPO3
-CVE-2009-2104
+CVE-2009-2104 (Cross-site scripting (XSS) vulnerability in the Modern Guestbook / Com ...)
 	NOT-FOR-US: Modern Guestbook extension for TYPO3
-CVE-2009-2103
+CVE-2009-2103 (SQL injection vulnerability in the Frontend MP3 Player (fe_mp3player)  ...)
 	NOT-FOR-US: Frontend MP3 Player extension for TYPO3
-CVE-2009-2102
+CVE-2009-2102 (SQL injection vulnerability in the Jumi (com_jumi) component 2.0.3 and ...)
 	NOT-FOR-US: Jumi component for Joomla
-CVE-2009-2101
+CVE-2009-2101 (Directory traversal vulnerability in archive.php in TorrentVolve 1.4,  ...)
 	NOT-FOR-US: TorrentVolve
-CVE-2009-2100
+CVE-2009-2100 (Directory traversal vulnerability in the JoomlaPraise Projectfork (com ...)
 	NOT-FOR-US: JoomlaPraise component for Joomla
-CVE-2009-2099
+CVE-2009-2099 (SQL injection vulnerability in the iJoomla RSS Feeder (com_ijoomla_rss ...)
 	NOT-FOR-US: iJoomla RSS Feeder component for Joomla
-CVE-2009-2098
+CVE-2009-2098 (SQL injection vulnerability in topicler.php in phPortal 1.0 allows rem ...)
 	NOT-FOR-US: phPortal
-CVE-2009-2097
+CVE-2009-2097 (SQL injection vulnerability in system/application/controllers/catalog. ...)
 	NOT-FOR-US: Zoki Catalog
-CVE-2009-2096
+CVE-2009-2096 (SQL injection vulnerability in house/listing_view.php in phpCollegeExc ...)
 	NOT-FOR-US: phpCollegeExchange
-CVE-2009-2095
+CVE-2009-2095 (PHP remote file inclusion vulnerability in template/simpledefault/admi ...)
 	NOT-FOR-US: Mundi Mail
-CVE-2009-2094
+CVE-2009-2094 (Unspecified vulnerability in IBM WebSphere Commerce 6.0 Enterprise bef ...)
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2009-2093
+CVE-2009-2093 (SQL injection vulnerability in the console in IBM WebSphere Partner Ga ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2092
+CVE-2009-2092 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 does not pro ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2091
+CVE-2009-2091 (The System Management/Repository component in IBM WebSphere Applicatio ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2090
+CVE-2009-2090 (Unspecified vulnerability in wsadmin in the System Management/Reposito ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2089
+CVE-2009-2089 (The Migration component in IBM WebSphere Application Server (WAS) 6.1  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2088
+CVE-2009-2088 (The Servlet Engine/Web Container component in IBM WebSphere Applicatio ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2087
+CVE-2009-2087 (The Web Services functionality in IBM WebSphere Application Server (WA ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2009-2086
 	REJECTED
-CVE-2009-2085
+CVE-2009-2085 (The Security component in IBM WebSphere Application Server (WAS) 6.1 b ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-2084
+CVE-2009-2084 (Simple Linux Utility for Resource Management (SLURM) 1.2 and 1.3 befor ...)
 	{DSA-1776-1}
 	- slurm-llnl 1.3.15-1 (bug #524980)
 	[lenny] - slurm-llnl 1.3.6-1lenny3
-CVE-2009-2083
+CVE-2009-2083 (Cross-site scripting (XSS) vulnerability in the term data detail page  ...)
 	NOT-FOR-US: Taxonomy
-CVE-2009-2082
+CVE-2009-2082 (SQL injection vulnerability in insidepage.php in Creative Web Solution ...)
 	NOT-FOR-US: Creative Web Solutions Multi-Level CMS
-CVE-2009-2081
+CVE-2009-2081 (Directory traversal vulnerability in help.php in phpWebThings 1.5.2 an ...)
 	NOT-FOR-US: phpWebThings
-CVE-2009-2080
+CVE-2009-2080 (admin.php in MRCGIGUY The Ticket System 2.0 does not properly restrict ...)
 	NOT-FOR-US: MRCGIGUY
-CVE-2009-2079
+CVE-2009-2079 (Cross-site scripting (XSS) vulnerability in the administrative page in ...)
 	NOT-FOR-US: Taxonomy
-CVE-2009-2078
+CVE-2009-2078 (Multiple cross-site scripting (XSS) vulnerabilities in Booktree 5.x be ...)
 	NOT-FOR-US: Booktree module for drupal
-CVE-2009-2077
+CVE-2009-2077 (Drupal 6.x before 6.x-2.6, a module for Drupal, allows remote authenti ...)
 	- drupal6-mod-views <not-affected> (Fixed before initial upload)
-CVE-2009-2076
+CVE-2009-2076 (Cross-site scripting (XSS) vulnerability in Views 6.x before 6.x-2.6,  ...)
 	- drupal6-mod-views <not-affected> (Fixed before initial upload)
-CVE-2009-2075
+CVE-2009-2075 (Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for Drup ...)
 	NOT-FOR-US: Nodequeue module for Drupal
-CVE-2009-2074
+CVE-2009-2074 (Cross-site scripting (XSS) vulnerability in Nodequeue 5.x before 5.x-2 ...)
 	NOT-FOR-US: Nodequeue module for Drupal
 CVE-2009-XXXX [backuppc: web frontend installed insecurely by default]
 	- backuppc 3.1.0-6
@@ -8142,240 +8142,240 @@ CVE-2009-XXXX [clamav scanner bypass with archives]
 	[lenny] - clamav <no-dsa> (Inherent to the concept of malware concept)
 	[etch] - clamav <no-dsa> (Support was discontinued)
 	NOTE: http://blog.zoller.lu/2009/05/advisory-clamav-generic-bypass.html
-CVE-2009-2073
+CVE-2009-2073 (Cross-site request forgery (CSRF) vulnerability in Linksys WRT160N wir ...)
 	NOT-FOR-US: Linksys
-CVE-2009-2072
+CVE-2009-2072 (Apple Safari does not require a cached certificate before displaying a ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-2071
+CVE-2009-2071 (Google Chrome before 1.0.154.53 displays a cached certificate for a (1 ...)
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-2070
+CVE-2009-2070 (Opera displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT r ...)
 	NOT-FOR-US: Opera
-CVE-2009-2069
+CVE-2009-2069 (Microsoft Internet Explorer before 8 displays a cached certificate for ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2068
+CVE-2009-2068 (Google Chrome detects http content in https web pages only when the to ...)
 	- chromium-browser 5.0.342.9~r43360-1
-CVE-2009-2067
+CVE-2009-2067 (Opera detects http content in https web pages only when the top-level  ...)
 	NOT-FOR-US: Opera
-CVE-2009-2066
+CVE-2009-2066 (Apple Safari detects http content in https web pages only when the top ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-2065
+CVE-2009-2065 (Mozilla Firefox 3.0.10, and possibly other versions, detects http cont ...)
 	- xulrunner <undetermined> (bug #565521)
 	[wheezy] - xulrunner <end-of-life> (no detailed information available)
-CVE-2009-2064
+CVE-2009-2064 (Microsoft Internet Explorer 8, and possibly other versions, detects ht ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2063
+CVE-2009-2063 (Opera, possibly before 9.25, processes a 3xx HTTP CONNECT response bef ...)
 	NOT-FOR-US: Opera
-CVE-2009-2062
+CVE-2009-2062 (Apple Safari before 3.2.2 processes a 3xx HTTP CONNECT response before ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-2061
+CVE-2009-2061 (Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response be ...)
 	{DSA-1830-1 DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-2060
+CVE-2009-2060 (src/net/http/http_transaction_winhttp.cc in Google Chrome before 1.0.1 ...)
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-2059
+CVE-2009-2059 (Opera, possibly before 9.25, uses the HTTP Host header to determine th ...)
 	NOT-FOR-US: Opera
-CVE-2009-2058
+CVE-2009-2058 (Apple Safari before 3.2.2 uses the HTTP Host header to determine the c ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-2057
+CVE-2009-2057 (Microsoft Internet Explorer before 8 uses the HTTP Host header to dete ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-2056
+CVE-2009-2056 (Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to ca ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2055
+CVE-2009-2055 (Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2054
+CVE-2009-2054 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager)  ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2053
+CVE-2009-2053 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager)  ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2052
+CVE-2009-2052 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager)  ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2051
+CVE-2009-2051 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x  ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2050
+CVE-2009-2050 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager)  ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2049
+CVE-2009-2049 (Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0( ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-2048
+CVE-2009-2048 (Cross-site scripting (XSS) vulnerability in the Administration interfa ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2047
+CVE-2009-2047 (Directory traversal vulnerability in the Administration interface in C ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2046
+CVE-2009-2046 (The embedded web server on the Cisco Video Surveillance 2500 Series IP ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2045
+CVE-2009-2045 (The Cisco Video Surveillance Stream Manager firmware before 5.3, as us ...)
 	NOT-FOR-US: Cisco
-CVE-2009-2044
+CVE-2009-2044 (Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to ...)
 	- xulrunner <not-affected> (uses external cairo library)
 	- cairo 1.8.8-2 (unimportant)
 	NOTE: http://cgit.freedesktop.org/cairo/commit/?id=2cf82eaf0d08e68b787bb0792da97e73d8d4ce38
 	NOTE: Just a crasher
-CVE-2009-2043
+CVE-2009-2043 (nsViewManager.cpp in Mozilla Firefox 3.0.2 through 3.0.10 allows remot ...)
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2009-2042
+CVE-2009-2042 (libpng before 1.2.37 does not properly parse 1-bit interlaced images w ...)
 	{DSA-2032-1}
 	- libpng 1.2.37-1 (low; bug #533676)
 	[etch] - libpng <no-dsa> (Minor issue, only exploitable in rare setups)
 	- xulrunner <not-affected> (xulrunner dynamically linked against libpng; embeded code copy not used)
-CVE-2009-2041
+CVE-2009-2041 (Cross-site scripting (XSS) vulnerability in A51 D.O.O. activeCollab 0. ...)
 	NOT-FOR-US: activeCollab
-CVE-2009-2040
+CVE-2009-2040 (admin/options.php in Grestul 1.2 does not properly restrict access, wh ...)
 	NOT-FOR-US: Grestul
-CVE-2009-2039
+CVE-2009-2039 (Unspecified vulnerability in the Luottokunta module before 1.3 for osC ...)
 	NOT-FOR-US: Luottokunta module for osCommerce
-CVE-2009-2038
+CVE-2009-2038 (Unspecified vulnerability in the Finnish Bank Payment module 2.2 for o ...)
 	NOT-FOR-US: Finnish Bank Payment module 2.2 for osCommerce
-CVE-2009-2037
+CVE-2009-2037 (Multiple directory traversal vulnerabilities in Online Grades &amp; At ...)
 	NOT-FOR-US: Online Grades
-CVE-2009-2036
+CVE-2009-2036 (SQL injection vulnerability in index.php in Open Biller 0.1 allows rem ...)
 	NOT-FOR-US: Open Biller
-CVE-2009-2035
+CVE-2009-2035 (Unspecified vulnerability in Services 6.x before 6.x-0.14, a module fo ...)
 	NOT-FOR-US: Service module for Drupal
-CVE-2009-2034
+CVE-2009-2034 (SQL injection vulnerability in writemessage.php in Yogurt 0.3, when re ...)
 	NOT-FOR-US: Yogurt
-CVE-2009-2033
+CVE-2009-2033 (Cross-site scripting (XSS) vulnerability in index.php in Yogurt 0.3 al ...)
 	NOT-FOR-US: Yogurt
-CVE-2009-2032
+CVE-2009-2032 (Cross-site scripting (XSS) vulnerability in search.asp in PDshopPro, w ...)
 	NOT-FOR-US: PDshopPro
-CVE-2009-2031
+CVE-2009-2031 (smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount pe ...)
 	NOT-FOR-US: OpenSolaris
-CVE-2009-2030
+CVE-2009-2030 (Unspecified vulnerability in the XML Digital Signature verification fu ...)
 	NOT-FOR-US: IBM OS/400
-CVE-2009-2029
+CVE-2009-2029 (Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-2028
+CVE-2009-2028 (Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 b ...)
 	NOT-FOR-US: Adobe
-CVE-2009-2027
+CVE-2009-2027 (The Installer in Apple Safari before 4.0 on Windows allows local users ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-2026
+CVE-2009-2026 (Stack-based buffer overflow in a token searching function in the dtsco ...)
 	NOT-FOR-US: CA Software Delivery
-CVE-2009-2025
+CVE-2009-2025 (admin/login.php in DM FileManager 3.9.2 allows remote attackers to byp ...)
 	NOT-FOR-US: DM FileManager
-CVE-2009-2024
+CVE-2009-2024 (Vlad Titarenko ASP VT Auth 1.0 stores sensitive information under the  ...)
 	NOT-FOR-US: Vlad Titarenko ASP VT Auth
-CVE-2009-2023
+CVE-2009-2023 (SQL injection vulnerability in index.php in Shop-Script Pro 2.12, when ...)
 	NOT-FOR-US: Shop-Script
-CVE-2009-2022
+CVE-2009-2022 (fipsCMS Light 2.1 stores sensitive information under the web root with ...)
 	NOT-FOR-US: fipsCMS
-CVE-2009-2021
+CVE-2009-2021 (SQL injection vulnerability in search.php in Virtue Classifieds allows ...)
 	NOT-FOR-US: Virtue Classifieds allows
-CVE-2009-2020
+CVE-2009-2020 (Cross-site scripting (XSS) vulnerability in news_detail.php in Virtue  ...)
 	NOT-FOR-US: News Manager
-CVE-2009-2019
+CVE-2009-2019 (SQL injection vulnerability in news_detail.php in Virtue News Manager  ...)
 	NOT-FOR-US: Virtue News Manager
-CVE-2009-2018
+CVE-2009-2018 (SQL injection vulnerability in admin/index.php in Jared Eckersley MyCa ...)
 	NOT-FOR-US: Jared Eckersley MyCars
-CVE-2009-2017
+CVE-2009-2017 (SQL injection vulnerability in products.php in Virtue Book Store allow ...)
 	NOT-FOR-US: Virtue Book Store
-CVE-2009-2016
+CVE-2009-2016 (SQL injection vulnerability in products.php in Virtue Shopping Mall al ...)
 	NOT-FOR-US: Virtue Shopping Mall
-CVE-2009-2015
+CVE-2009-2015 (Directory traversal vulnerability in includes/file_includer.php in the ...)
 	NOT-FOR-US: com_moofaq for Joomla!
-CVE-2009-2014
+CVE-2009-2014 (SQL injection vulnerability in the ComSchool (com_school) component 1. ...)
 	NOT-FOR-US: com_school for Joomla!
-CVE-2009-2013
+CVE-2009-2013 (SQL injection vulnerability in bin/aps_browse_sources.php in Frontis 3 ...)
 	NOT-FOR-US: Frontis
-CVE-2009-2012
+CVE-2009-2012 (Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through s ...)
 	NOT-FOR-US: OpenSolaris
-CVE-2009-2011
+CVE-2009-2011 (Worldweaver DX Studio Player 3.0.29.0, 3.0.22.0, 3.0.12.0, and probabl ...)
 	NOT-FOR-US: Worldweaver DX Studio Player
-CVE-2009-2010
+CVE-2009-2010 (Multiple SQL injection vulnerabilities in Haudenschilt Family Connecti ...)
 	NOT-FOR-US: Haudenschilt Family Connections CMS
-CVE-2009-2009
+CVE-2009-2009 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, a ...)
 	NOT-FOR-US: Dokeos
-CVE-2009-2008
+CVE-2009-2008 (Multiple SQL injection vulnerabilities in Dokeos 1.8.5, and possibly e ...)
 	NOT-FOR-US: Dokeos
-CVE-2009-2007
+CVE-2009-2007 (Multiple directory traversal vulnerabilities in Dokeos 1.8.5, and poss ...)
 	NOT-FOR-US: Dokeos
-CVE-2009-2006
+CVE-2009-2006 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, a ...)
 	NOT-FOR-US: Dokeos
-CVE-2009-2005
+CVE-2009-2005 (Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and p ...)
 	NOT-FOR-US: Dokeos
-CVE-2009-2004
+CVE-2009-2004 (Multiple SQL injection vulnerabilities in main/mySpace/myStudents.php  ...)
 	NOT-FOR-US: Dokeos
-CVE-2009-2003
+CVE-2009-2003 (Ascad Networks Password Protector SD 1.3.1 allows remote attackers to  ...)
 	NOT-FOR-US: Ascad Networks Password Protector
-CVE-2009-2002
+CVE-2009-2002 (Unspecified vulnerability in the WebLogic Portal component in BEA Prod ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-2001
+CVE-2009-2001 (Unspecified vulnerability in the PL/SQL component in Oracle Database 1 ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-2000
+CVE-2009-2000 (Unspecified vulnerability in the Authentication component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1999
+CVE-2009-1999 (Unspecified vulnerability in the Business Intelligence Enterprise Edit ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1998
+CVE-2009-1998 (Unspecified vulnerability in the Oracle Communications Order and Servi ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2009-1997
+CVE-2009-1997 (Unspecified vulnerability in the Authentication component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1996
+CVE-2009-1996 (Unspecified vulnerability in the Logical Standby component in Oracle D ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1995
+CVE-2009-1995 (Unspecified vulnerability in the Advanced Queuing component in Oracle  ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1994
+CVE-2009-1994 (Unspecified vulnerability in the Oracle Spatial component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1993
+CVE-2009-1993 (Unspecified vulnerability in the Application Express component in Orac ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1992
+CVE-2009-1992 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1991
+CVE-2009-1991 (Unspecified vulnerability in the Oracle Text component in Oracle Datab ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1990
+CVE-2009-1990 (Unspecified vulnerability in the Business Intelligence Enterprise Edit ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1989
+CVE-2009-1989 (Unspecified vulnerability in the PeopleSoft Enterprise FMS component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-1988
+CVE-2009-1988 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS eProfile M ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-1987
+CVE-2009-1987 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools - E ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-1986
+CVE-2009-1986 (Unspecified vulnerability in the Oracle Applications Manager component ...)
 	NOT-FOR-US: Oracle Applications Manager
-CVE-2009-1985
+CVE-2009-1985 (Unspecified vulnerability in the Network Authentication component in O ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1984
+CVE-2009-1984 (Unspecified vulnerability in the Application Install component in Orac ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-1983
+CVE-2009-1983 (Unspecified vulnerability in the Oracle iStore component in Oracle E-B ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-1982
+CVE-2009-1982 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-1981
+CVE-2009-1981 (Unspecified vulnerability in the Highly Interactive Client component i ...)
 	NOT-FOR-US: Siebel Product Suite
-CVE-2009-1980
+CVE-2009-1980 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-1979
+CVE-2009-1979 (Unspecified vulnerability in the Network Authentication component in O ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1978
+CVE-2009-1978 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle Secure Backup
-CVE-2009-1977
+CVE-2009-1977 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle Secure Backup
-CVE-2009-1976
+CVE-2009-1976 (Unspecified vulnerability in the HTTP Server component in Oracle Appli ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1975
+CVE-2009-1975 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA WebLogic Server
-CVE-2009-1974
+CVE-2009-1974 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA WebLogic
-CVE-2009-1973
+CVE-2009-1973 (Unspecified vulnerability in the Virtual Private Database component in ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1972
+CVE-2009-1972 (Unspecified vulnerability in the Auditing component in Oracle Database ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1971
+CVE-2009-1971 (Unspecified vulnerability in the Data Pump component in Oracle Databas ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1970
+CVE-2009-1970 (Unspecified vulnerability in the Listener component in Oracle Database ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1969
+CVE-2009-1969 (Unspecified vulnerability in the Auditing component in Oracle Database ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1968
+CVE-2009-1968 (Unspecified vulnerability in the Secure Enterprise Search component in ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1967
+CVE-2009-1967 (Unspecified vulnerability in the Config Management component in (1) Or ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1966
+CVE-2009-1966 (Unspecified vulnerability in the Config Management component in (1) Or ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1965
+CVE-2009-1965 (Unspecified vulnerability in the Net Foundation Layer component in Ora ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1964
+CVE-2009-1964 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1963
+CVE-2009-1963 (Unspecified vulnerability in the Network Foundation component in Oracl ...)
 	NOT-FOR-US: Oracle Database
 CVE-2009-XXXX [predictable random number generator used in web browsers]
 	- webkit 1.2 (low; bug #532514)
@@ -8393,70 +8393,70 @@ CVE-2009-XXXX [predictable random number generator used in web browsers]
 	- dillo <not-affected> (bug #532522)
 	NOTE: These issues can be fixed in more recent upstream versions, but the risk
 	NOTE: of regression doesn't outweigh the issue at hand
-CVE-2009-1961
+CVE-2009-1961 (The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2 ...)
 	{DSA-1844-1}
 	- linux-2.6 2.6.30-1 (low)
 	[etch] - linux-2.6 <not-affected> (Affected code was introduced in 2.6.19)
 	[lenny] - linux-2.6 2.6.26-16
 	- linux-2.6.24 <removed>
 	NOTE: fixed in lenny 5.0.2 release
-CVE-2009-1959
+CVE-2009-1959 (Off-by-one error in the event_wallops function in fe-common/irc/fe-eve ...)
 	- irssi 0.8.13-2 (low; bug #532607; bug #531357)
 	[lenny] - irssi 0.8.12-7
 	[etch] - irssi 0.8.10-3
 	NOTE: exploitability limited, DoS rather obscure attack scenario
-CVE-2009-1956
+CVE-2009-1956 (Off-by-one error in the apr_brigade_vprintf function in Apache APR-uti ...)
 	- apr-util 1.3.7+dfsg-1 (low)
 	[lenny] - apr-util 1.2.12+dfsg-8+lenny3
-CVE-2009-1955
+CVE-2009-1955 (The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Ap ...)
 	{DSA-1812-1}
 	- apr-util 1.3.7+dfsg-1 (medium)
-CVE-2009-1954
+CVE-2009-1954 (Unspecified vulnerability in portmapper (aka portmap) in IBM AIX 5.3 a ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-1953
+CVE-2009-1953 (IBM FileNet Content Manager 4.0, 4.0.1, and 4.5, as used in IBM WebSph ...)
 	NOT-FOR-US: IBM FileNet Content Manager
-CVE-2009-1952
+CVE-2009-1952 (Multiple SQL injection vulnerabilities in the administrative login fea ...)
 	NOT-FOR-US: PropertyMax
-CVE-2009-1951
+CVE-2009-1951 (Cross-site scripting (XSS) vulnerability in index.php in PropertyMax P ...)
 	NOT-FOR-US: PropertyMax
-CVE-2009-1950
+CVE-2009-1950 (SQL injection vulnerability in yorum.asp in WebEyes Guest Book 3 allow ...)
 	NOT-FOR-US: WebEyes Guest Book
-CVE-2009-1949
+CVE-2009-1949 (import_wbb1.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote at ...)
 	NOT-FOR-US: Unclassified NewsBoard
-CVE-2009-1948
+CVE-2009-1948 (Multiple directory traversal vulnerabilities in forum.php in Unclassif ...)
 	NOT-FOR-US: Unclassified NewsBoard
-CVE-2009-1947
+CVE-2009-1947 (SQL injection vulnerability in the UnbDbEncode function in unb_lib/dat ...)
 	NOT-FOR-US: Unclassified NewsBoard
-CVE-2009-1946
+CVE-2009-1946 (PHP remote file inclusion vulnerability in latestposts.php in AdaptBB  ...)
 	NOT-FOR-US: AdaptBB
-CVE-2009-1945
+CVE-2009-1945 (SQL injection vulnerability in webCal3_detail.asp in WebCal 3.04 allow ...)
 	NOT-FOR-US: cWebCal
-CVE-2009-1944
+CVE-2009-1944 (Stack-based buffer overflow in AIMP 2.51 build 330 allows remote attac ...)
 	NOT-FOR-US: AIMP
-CVE-2009-1943
+CVE-2009-1943 (Stack-based buffer overflow in the IKE service (ireIke.exe) in SafeNet ...)
 	NOT-FOR-US: SafeNet SoftRemote
-CVE-2009-1942
+CVE-2009-1942 (Cross-site scripting (XSS) vulnerability in the Quiz module 5.x, 6.x-2 ...)
 	NOT-FOR-US: Quiz module for Drupal
-CVE-2009-1941
+CVE-2009-1941 (PAD Site Scripts 3.6 stores sensitive information under the web docume ...)
 	NOT-FOR-US: PAD Site Scripts
-CVE-2009-1940
+CVE-2009-1940 (Cross-site scripting (XSS) vulnerability in the administrator panel in ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-1939
+CVE-2009-1939 (Cross-site scripting (XSS) vulnerability in the JA_Purity template for ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-1938
+CVE-2009-1938 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through 1.5. ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-1937
+CVE-2009-1937 (Cross-site scripting (XSS) vulnerability in the comment posting featur ...)
 	NOT-FOR-US: LightNEasy
-CVE-2009-1936
+CVE-2009-1936 (_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a  ...)
 	NOT-FOR-US: cpCommerce
-CVE-2009-1935
+CVE-2009-1935 (Integer overflow in the pipe_build_write_buffer function (sys/kern/sys ...)
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
 	- kfreebsd-7 7.2-2
 	[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
-CVE-2009-1934
+CVE-2009-1934 (Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in  ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2009-1933
+CVE-2009-1933 (Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117,  ...)
 	NOT-FOR-US: Solaris
 CVE-2009-XXXX [pgp4pine off-by-one]
 	- pgp4pine <removed> (bug #457947; medium)
@@ -8464,139 +8464,139 @@ CVE-2009-XXXX [pgp4pine off-by-one]
 	[lenny] - pgp4pine <no-dsa> (Contrib not supported)
 	NOTE: http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0122.html
 	NOTE: unlike the note states this is not just an off-by-one, classic stack-based buffer overflow
-CVE-2009-1932
+CVE-2009-1932 (Multiple integer overflows in the (1) user_info_callback, (2) user_end ...)
 	{DSA-1839-1}
 	- gst-plugins-good0.10 0.10.15-2 (medium; bug #531631; bug #532352)
 CVE-2009-1931
 	RESERVED
-CVE-2009-1930
+CVE-2009-1930 (The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Serv ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1929
+CVE-2009-1929 (Heap-based buffer overflow in the Microsoft Terminal Services Client A ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-1928
+CVE-2009-1928 (Stack consumption vulnerability in the LDAP service in Active Director ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2009-1927
 	REJECTED
-CVE-2009-1926
+CVE-2009-1926 (Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gol ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1925
+CVE-2009-1925 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP ...)
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2009-1924
+CVE-2009-1924 (Integer overflow in the Windows Internet Name Service (WINS) component ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1923
+CVE-2009-1923 (Heap-based buffer overflow in the Windows Internet Name Service (WINS) ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1922
+CVE-2009-1922 (The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2009-1921
 	REJECTED
-CVE-2009-1920
+CVE-2009-1920 (The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1919
+CVE-2009-1919 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 fo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-1918
+CVE-2009-1918 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 fo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-1917
+CVE-2009-1917 (Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-1916
+CVE-2009-1916 (dig.php in GScripts.net DNS Tools allows remote attackers to execute a ...)
 	NOT-FOR-US: GScripts.net DNS Tools
-CVE-2009-1915
+CVE-2009-1915 (Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ...)
 	NOT-FOR-US: ICQ
-CVE-2009-1914
+CVE-2009-1914 (The pci_register_iommu_region function in arch/sparc/kernel/pci_common ...)
 	{DSA-1844-1}
 	- linux-2.6 2.6.29-1 (low; bug #532722)
 	[lenny] - linux-2.6 2.6.26-16
 	- linux-2.6.24 <removed>
 	NOTE: updated in lenny 5.0.2 release
-CVE-2009-1913
+CVE-2009-1913 (SQL injection vulnerability in manager.php in LuxBum 0.5.5, when magic ...)
 	NOT-FOR-US: LuxBum
-CVE-2009-1912
+CVE-2009-1912 (Directory traversal vulnerability in src/func/language.php in webSPELL ...)
 	NOT-FOR-US: webSPELL
-CVE-2009-1911
+CVE-2009-1911 (Directory traversal vulnerability in .include/init.php (aka admin/_inc ...)
 	NOT-FOR-US: QuiXplorer
-CVE-2009-1910
+CVE-2009-1910 (SQL injection vulnerability in index.php in RTWebalbum 1.0.462 allows  ...)
 	NOT-FOR-US: RTWebalbum
-CVE-2009-1909
+CVE-2009-1909 (SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and  ...)
 	NOT-FOR-US: Skip
-CVE-2009-1908
+CVE-2009-1908 (Cross-site scripting (XSS) vulnerability in Skip 1.0.2 and earlier, an ...)
 	NOT-FOR-US: Skip
-CVE-2009-1907
+CVE-2009-1907 (Cross-site scripting (XSS) vulnerability in claroline/linker/notfound. ...)
 	NOT-FOR-US: Claroline
-CVE-2009-1906
+CVE-2009-1906 (The DRDA Services component in IBM DB2 9.1 before FP7 and 9.5 before F ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-1905
+CVE-2009-1905 (The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-1904
+CVE-2009-1904 (The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 ...)
 	{DSA-1860-1}
 	- ruby1.8 1.8.7.173-1 (low; bug #532689)
 	- ruby1.9 <removed> (bug #575778)
 	NOTE: http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal/
-CVE-2009-1903
+CVE-2009-1903 (The PDF XSS protection feature in ModSecurity before 2.5.8 allows remo ...)
 	- libapache-mod-security 2.5.9-1
-CVE-2009-1902
+CVE-2009-1902 (The multipart processor in ModSecurity before 2.5.9 allows remote atta ...)
 	- libapache-mod-security 2.5.9-1
-CVE-2009-1901
+CVE-2009-1901 (The Security component in IBM WebSphere Application Server (WAS) 6.0.2 ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-1900
+CVE-2009-1900 (The Configservice APIs in the Administrative Console component in IBM  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-1899
+CVE-2009-1899 (Unspecified vulnerability in the Administrative Configservice API in t ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-1898
+CVE-2009-1898 (The secure login page in the Administrative Console component in IBM W ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-1960
+CVE-2009-1960 (inc/init.php in DokuWiki 2009-02-14, rc2009-02-06, and rc2009-01-30, w ...)
 	- dokuwiki 0.0.20090214b-1 (unimportant)
 	NOTE: we don't support setups with register_globals enabled
-CVE-2009-1897
+CVE-2009-1897 (The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in ...)
 	- linux-2.6 2.6.30-3 (high; bug #537409)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.29)
 	NOTE: http://seclists.org/fulldisclosure/2009/Jul/0241.html
-CVE-2009-1896
+CVE-2009-1896 (The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b ...)
 	- openjdk-6 6b16-1.6-1 (bug #542210)
-CVE-2009-1895
+CVE-2009-1895 (The personality subsystem in the Linux kernel before 2.6.31-rc3 has a  ...)
 	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-3 (low)
 	[etch] - linux-2.6 <not-affected> (mmap_min_addr first indroduced in 2.6.23)
 	- linux-2.6.24 <removed>
-CVE-2009-1894
+CVE-2009-1894 (Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local us ...)
 	{DSA-1838-1}
 	- pulseaudio 0.9.15-4.1 (high; bug #537351)
 	[etch] - pulseaudio <not-affected> (vulnerable code not present)
-CVE-2009-1893
+CVE-2009-1893 (The configtest function in the Red Hat dhcpd init script for DHCP 3.0. ...)
 	NOT-FOR-US: Red Hat dhcpd init script for DHCP
-CVE-2009-1892
+CVE-2009-1892 (dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and ...)
 	{DSA-1833-2}
 	- isc-dhcp 3.1.2p1-2 (low; bug #539492)
 	- dhcp3 3.1.2p1-2 (low; bug #549584)
 	[etch] - dhcp3 <not-affected> (problematic assert is not present)
 	[lenny] - dhcp3 3.1.1-6+lenny2
-CVE-2009-1891
+CVE-2009-1891 (The mod_deflate module in Apache httpd 2.2.11 and earlier compresses l ...)
 	{DSA-1834-1}
 	- apache2 2.2.11-7 (medium; bug #534712)
-CVE-2009-1890
+CVE-2009-1890 (The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy mo ...)
 	{DSA-1834-1}
 	- apache2 2.2.11-7 (medium; bug #536718)
 	[etch] - apache2 <not-affected> (bug introduced in 2.2.5)
 	[lenny] - apache2 2.2.9-10+lenny4
-CVE-2009-1889
+CVE-2009-1889 (The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets ...)
 	- pidgin 2.5.8-1 (low; bug #535790)
 	[lenny] - pidgin <no-dsa> (Minor issue)
 	NOTE: http://developer.pidgin.im/ticket/9483
 	NOTE: http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
-CVE-2009-1888
+CVE-2009-1888 (The acl_group_override function in smbd/posix_acls.c in smbd in Samba  ...)
 	{DSA-1823-1}
 	- samba 2:3.3.6-1 (low)
 	[etch] - samba <not-affected> (Vulnerable code not present)
 	NOTE: Successful exploitation requires that "dos filemode" is set to "yes" in smb.conf.
-CVE-2009-1887
+CVE-2009-1887 (agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Li ...)
 	- net-snmp <not-affected> (Vulnerable code not present)
 	NOTE: Red Hat incorrect fix for CVE-2008-4309. Checked code in oldstable and stable.
-CVE-2009-1886
+CVE-2009-1886 (Multiple format string vulnerabilities in client/client.c in smbclient ...)
 	{DSA-1823-1}
 	- samba 2:3.3.6-1
 	[etch] - samba <not-affected> (Vulnerable code not present)
 	NOTE: Only the 3.2.x branch was affected, so marking 3.3 as affected
-CVE-2009-1885
+CVE-2009-1885 (Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Ap ...)
 	- xerces-c 3.0.1-2 (low; bug #540297)
 	[etch] - xerces-c <no-dsa> (Minor issue)
 	[lenny] - xerces-c <no-dsa> (Minor issue)
@@ -8604,21 +8604,21 @@ CVE-2009-1885
 	[lenny] - xerces-c2 2.8.0-3+lenny1
 	- xerces27 <removed>
 	[etch] - xerces27 <no-dsa> (Minor issue)
-CVE-2009-1884
+CVE-2009-1884 (Off-by-one error in the bzinflate function in Bzip2.xs in the Compress ...)
 	- libcompress-raw-bzip2-perl 2.018-1 (medium; bug #542777)
 	[lenny] - libcompress-raw-bzip2-perl 2.011-2lenny1
-CVE-2009-1883
+CVE-2009-1883 (The z90crypt_unlocked_ioctl function in the z90crypt driver in the Lin ...)
 	{DSA-1929-1}
 	- linux-2.6 2.6.19-1
 	- linux-2.6.24 <not-affected> (problem was fixed before first upload, 2.6.19)
 	NOTE: See Solar Designer's posting to oss-security
-CVE-2009-1882
+CVE-2009-1882 (Integer overflow in the XMakeImage function in magick/xwindow.c in Ima ...)
 	{DSA-1903-1 DSA-1858-1}
 	- imagemagick 7:6.5.1.0-1.1 (medium; bug #530838)
 	- graphicsmagick 1.3.5-5.1 (medium; bug #530946)
-CVE-2009-1881
+CVE-2009-1881 (Cross-site scripting (XSS) vulnerability in MT312 IMG-BBS allows remot ...)
 	NOT-FOR-US: MT312
-CVE-2009-1880
+CVE-2009-1880 (Cross-site scripting (XSS) vulnerability in MT312 REP-BBS allows remot ...)
 	NOT-FOR-US: MT312
 CVE-2009-XXXX [OCS Inventory NG SQL Injection Vulnerability]
 	- ocsinventory-server 1.02.1-1 (unimportant; bug #531735)
@@ -8626,216 +8626,216 @@ CVE-2009-XXXX [OCS Inventory NG SQL Injection Vulnerability]
 	NOTE: can be exploited only if magic_quotes is off
 CVE-2009-3870
 	REJECTED
-CVE-2009-1879
+CVE-2009-1879 (Cross-site scripting (XSS) vulnerability in index.template.html in the ...)
 	NOT-FOR-US: Adobe Flex
-CVE-2009-1878
+CVE-2009-1878 (Session fixation vulnerability in Adobe ColdFusion 8.0.1 and earlier a ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2009-1877
+CVE-2009-1877 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2009-1876
+CVE-2009-1876 (Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sen ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2009-1875
+CVE-2009-1875 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusio ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2009-1874
+CVE-2009-1874 (Multiple cross-site scripting (XSS) vulnerabilities in the Management  ...)
 	NOT-FOR-US: Adobe JRun
-CVE-2009-1873
+CVE-2009-1873 (Directory traversal vulnerability in logging/logviewer.jsp in the Mana ...)
 	NOT-FOR-US: Adobe JRun
-CVE-2009-1872
+CVE-2009-1872 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusio ...)
 	NOT-FOR-US: Adobe ColdFusion Server
 CVE-2009-1871
 	REJECTED
-CVE-2009-1870
+CVE-2009-1870 (Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1869
+CVE-2009-1869 (Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1868
+CVE-2009-1868 (Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1867
+CVE-2009-1867 (Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1866
+CVE-2009-1866 (Stack-based buffer overflow in Adobe Flash Player before 9.0.246.0 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1865
+CVE-2009-1865 (Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1864
+CVE-2009-1864 (Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1863
+CVE-2009-1863 (Unspecified vulnerability in Adobe Flash Player before 9.0.246.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1862
+CVE-2009-1862 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1. ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-1861
+CVE-2009-1861 (Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 b ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1860
+CVE-2009-1860 (Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600  ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-1859
+CVE-2009-1859 (Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1858
+CVE-2009-1858 (The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1857
+CVE-2009-1857 (Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1856
+CVE-2009-1856 (Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1855
+CVE-2009-1855 (Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before 7.1 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1854
+CVE-2009-1854 (Million Dollar Text Links 1.0 allows remote attackers to bypass authen ...)
 	NOT-FOR-US: Million Dollar Text Links
-CVE-2009-1853
+CVE-2009-1853 (Multiple SQL injection vulnerabilities in index.php in Kensei Board 2. ...)
 	NOT-FOR-US: Kensei Board
-CVE-2009-1852
+CVE-2009-1852 (Multiple SQL injection vulnerabilities in Graphiks MyForum 1.3 allow r ...)
 	NOT-FOR-US: Graphiks MyForum
-CVE-2009-1851
+CVE-2009-1851 (SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and  ...)
 	NOT-FOR-US: phpBugTracker
-CVE-2009-1850
+CVE-2009-1850 (SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows ...)
 	NOT-FOR-US: phpBugTracker
-CVE-2009-1849
+CVE-2009-1849 (Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth func ...)
 	NOT-FOR-US: PRTG Traffic Grapher
-CVE-2009-1848
+CVE-2009-1848 (SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com ...)
 	NOT-FOR-US: JoomlaMe
-CVE-2009-1847
+CVE-2009-1847 (Directory traversal vulnerability in index.php in Easy PX 41 CMS 9.0 B ...)
 	NOT-FOR-US: Easy PX 41 CMS
-CVE-2009-1846
+CVE-2009-1846 (Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418  ...)
 	NOT-FOR-US: SiteX
-CVE-2009-1845
+CVE-2009-1845 (Cross-site scripting (XSS) vulnerability in ajax/updatecheck.php in Lu ...)
 	NOT-FOR-US: Lussumo Vanilla
-CVE-2009-1844
+CVE-2009-1844 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x befo ...)
 	{DSA-1808-1}
 	- drupal5 5.17-1.1 (low; bug #529191)
 	- drupal6 6.11-1.1 (low; bug #529190; bug #531386)
-CVE-2009-1843
+CVE-2009-1843 (Multiple SQL injection vulnerabilities in Flash Quiz Beta 2 allow remo ...)
 	NOT-FOR-US: Flash Quiz
-CVE-2009-1842
+CVE-2009-1842 (SQL injection vulnerability in main/tracking/userLog.php in Francisco  ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2009-1957
+CVE-2009-1957 (charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 all ...)
 	{DSA-1899-1}
 	- strongswan 4.2.14-1.1 (medium; bug #531612)
 	[etch] - strongswan <not-affected> (Vulnerable code not present, IKEv2 was introduced in 4.3)
-CVE-2009-1958
+CVE-2009-1958 (charon/sa/tasks/child_create.c in the charon daemon in strongSWAN befo ...)
 	{DSA-1899-1}
 	- strongswan 4.2.14-1.1 (medium; bug #531612)
 	[etch] - strongswan <not-affected> (Vulnerable code not present, IKEv2 was introduced in 4.3)
-CVE-2009-1841
+CVE-2009-1841 (js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3 ...)
 	{DSA-1830-1 DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-1840
+CVE-2009-1840 (Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1839
+CVE-2009-1839 (Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1838
+CVE-2009-1838 (The garbage-collection implementation in Mozilla Firefox before 3.0.11 ...)
 	{DSA-1830-1 DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-1837
+CVE-2009-1837 (Race condition in the NPObjWrapper_NewResolve function in modules/plug ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <not-affected> (Doesn't affect Gecko 1.8)
-CVE-2009-1836
+CVE-2009-1836 (Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMon ...)
 	{DSA-1830-1 DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-1835
+CVE-2009-1835 (Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate lo ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1834
+CVE-2009-1834 (Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1833
+CVE-2009-1833 (The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird be ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1832
+CVE-2009-1832 (Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMon ...)
 	{DSA-1830-1 DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-1828
+CVE-2009-1828 (Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of se ...)
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2009-1827
+CVE-2009-1827 (The SVG component in Mozilla Firefox 3.0.4 allows remote attackers to  ...)
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2009-1831
+CVE-2009-1831 (The Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft Wina ...)
 	NOT-FOR-US: Nullsoft Winamp
-CVE-2009-1830
+CVE-2009-1830 (Stack-based buffer overflow in Soulseek 156 and 157 NS allows remote a ...)
 	NOT-FOR-US: Soulseek
-CVE-2009-1826
+CVE-2009-1826 (modules/admuser.php in myGesuad 0.9.14 (aka 0.9) does not require admi ...)
 	NOT-FOR-US: myGesuad
-CVE-2009-1825
+CVE-2009-1825 (modules/admuser.php in myColex 1.4.2 does not require administrative a ...)
 	NOT-FOR-US: myColex
-CVE-2009-1824
+CVE-2009-1824 (The ps_drv.sys kernel driver in ArcaBit ArcaVir 2009 Antivirus Protect ...)
 	NOT-FOR-US: ArcaBit ArcaVir
-CVE-2009-1823
+CVE-2009-1823 (Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e- ...)
 	NOT-FOR-US: 3rd party Printer, e-mail and PDF module for Drupal
-CVE-2009-1822
+CVE-2009-1822 (Multiple PHP remote file inclusion vulnerabilities in the InterJoomla  ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-1821
+CVE-2009-1821 (DMXReady Registration Manager 1.1 stores sensitive information under t ...)
 	NOT-FOR-US: DMXReady Registration Manager
-CVE-2009-1820
+CVE-2009-1820 (Cross-site scripting (XSS) vulnerability in product.php in 2daybiz Cus ...)
 	NOT-FOR-US: 2daybiz Custom T-shirt Design Script
-CVE-2009-1819
+CVE-2009-1819 (SQL injection vulnerability in product.php in 2daybiz Custom T-shirt D ...)
 	NOT-FOR-US: 2daybiz Custom T-shirt Design Script
-CVE-2009-1818
+CVE-2009-1818 (SQL injection vulnerability in admin/admin_manager.asp in MaxCMS 2.0 a ...)
 	NOT-FOR-US: MaxCMS
-CVE-2009-1817
+CVE-2009-1817 (Multiple buffer overflows in DigiMode Maya 1.0.2 allow remote attacker ...)
 	NOT-FOR-US: DigiMode Maya
-CVE-2009-1816
+CVE-2009-1816 (SQL injection vulnerability in admin.php in My Game Script 2.0 allows  ...)
 	NOT-FOR-US: My Game Script
-CVE-2009-1815
+CVE-2009-1815 (Stack-based buffer overflow in Sonic Spot Audioactive Player 1.93b all ...)
 	NOT-FOR-US: Sonic Spot Audioactive Player
-CVE-2009-1814
+CVE-2009-1814 (SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier a ...)
 	NOT-FOR-US: PHPenpals
-CVE-2009-1813
+CVE-2009-1813 (Multiple SQL injection vulnerabilities in admin/index.php in Submitter ...)
 	NOT-FOR-US: Submitter Script
-CVE-2009-1812
+CVE-2009-1812 (Multiple SQL injection vulnerabilities in myGesuad 0.9.14 (aka 0.9) al ...)
 	NOT-FOR-US: myGesuad
-CVE-2009-1811
+CVE-2009-1811 (Multiple cross-site scripting (XSS) vulnerabilities in myGesuad 0.9.14 ...)
 	NOT-FOR-US: myGesuad
-CVE-2009-1810
+CVE-2009-1810 (Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote a ...)
 	NOT-FOR-US: myColex
-CVE-2009-1809
+CVE-2009-1809 (Multiple cross-site scripting (XSS) vulnerabilities in myColex 1.4.2 a ...)
 	NOT-FOR-US: myColex
-CVE-2009-1829
+CVE-2009-1829 (Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20  ...)
 	{DSA-1942-1}
 	- wireshark 1.0.8-1 (low; bug #533347)
 	[lenny] - wireshark 1.0.2-3+lenny6
 	[etch] - wireshark <no-dsa> (Minor issue)
-CVE-2009-1808
+CVE-2009-1808 (Microsoft Windows XP SP3 allows local users to cause a denial of servi ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1807
+CVE-2009-1807 (Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 ...)
 	NOT-FOR-US: Baofeng
-CVE-2009-1806
+CVE-2009-1806 (Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 r ...)
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2009-1805
+CVE-2009-1805 (Unspecified vulnerability in the VMware Descheduled Time Accounting dr ...)
 	NOT-FOR-US: VMware (experimental feature anyway)
-CVE-2009-1804
+CVE-2009-1804 (Multiple SQL injection vulnerabilities in admin/index.php in VideoScri ...)
 	NOT-FOR-US: videoscript
-CVE-2009-1803
+CVE-2009-1803 (FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, ...)
 	NOT-FOR-US: FreePBX
-CVE-2009-1802
+CVE-2009-1802 (Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX  ...)
 	NOT-FOR-US: FreePBX
-CVE-2009-1801
+CVE-2009-1801 (Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.1,  ...)
 	NOT-FOR-US: FreePBX
-CVE-2009-1800
+CVE-2009-1800 (Stack-based buffer overflow in the Chinagames CGAgent ActiveX control  ...)
 	NOT-FOR-US: Chinagames
-CVE-2009-1799
+CVE-2009-1799 (Multiple SQL injection vulnerabilities in the getGalleryImage function ...)
 	NOT-FOR-US: ST-Gallery
-CVE-2009-1798
+CVE-2009-1798 (Multiple cross-site scripting (XSS) vulnerabilities on the Network Man ...)
 	NOT-FOR-US: APC
-CVE-2009-1797
+CVE-2009-1797 (Multiple cross-site request forgery (CSRF) vulnerabilities on the Netw ...)
 	NOT-FOR-US: APC
-CVE-2009-1796
+CVE-2009-1796 (Cross-site scripting (XSS) vulnerability in Sun Java System Portal Ser ...)
 	NOT-FOR-US: Sun Java System Portal Server
 CVE-2009-1795
 	RESERVED
@@ -8843,140 +8843,140 @@ CVE-2009-1794
 	RESERVED
 CVE-2009-1793
 	RESERVED
-CVE-2009-1792
+CVE-2009-1792 (The system.openURL function in StoneTrip Ston3D StandalonePlayer (aka  ...)
 	NOT-FOR-US: StoneTrip Ston3D StandalonePlayer
-CVE-2009-1790
+CVE-2009-1790 (Cross-site scripting (XSS) vulnerability in CGI RESCUE Trees before 2. ...)
 	NOT-FOR-US: CGI Rescue Trees
-CVE-2009-1787
+CVE-2009-1787 (Multiple SQL injection vulnerabilities in PHP Dir Submit (aka WebsiteS ...)
 	NOT-FOR-US: PHP Dir Submit
-CVE-2009-1786
+CVE-2009-1786 (The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users ...)
 	NOT-FOR-US: IBM AIX libc
-CVE-2009-1785
+CVE-2009-1785 (Cross-site scripting (XSS) vulnerability in Ulteo Open Virtual Desktop ...)
 	NOT-FOR-US: Ulteo Open Virtual Desktop
-CVE-2009-1784
+CVE-2009-1784 (The AVG parsing engine 8.5 323, as used in multiple AVG anti-virus pro ...)
 	NOT-FOR-US: AVG anti-virus
-CVE-2009-1783
+CVE-2009-1783 (Multiple FRISK Software F-Prot anti-virus products, including Antiviru ...)
 	NOT-FOR-US: FRISK Software F-Prot anti-virus
-CVE-2009-1782
+CVE-2009-1782 (Multiple F-Secure anti-virus products, including Anti-Virus for Micros ...)
 	NOT-FOR-US: F-Secure anti-virus
-CVE-2009-1781
+CVE-2009-1781 (Static code injection vulnerability in admin.php in Frax.dk Php Recomm ...)
 	NOT-FOR-US: Frax.dk Php Recommend
-CVE-2009-1780
+CVE-2009-1780 (admin.php in Frax.dk Php Recommend 1.3 and earlier does not require au ...)
 	NOT-FOR-US: Frax.dk Php Recommend
-CVE-2009-1779
+CVE-2009-1779 (PHP remote file inclusion vulnerability in admin.php in Frax.dk Php Re ...)
 	NOT-FOR-US: Frax.dk Php Recommend
-CVE-2009-1778
+CVE-2009-1778 (SQL injection vulnerability in the new user registration feature in Bi ...)
 	NOT-FOR-US: BigACE CMS
-CVE-2009-1777
+CVE-2009-1777 (CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail 1. ...)
 	NOT-FOR-US: Matt Wright FormMail
-CVE-2009-1776
+CVE-2009-1776 (Multiple cross-site scripting (XSS) vulnerabilities in FormMail.pl in  ...)
 	NOT-FOR-US: Matt Wright FormMail
-CVE-2009-1775
+CVE-2009-1775 (Multiple cross-site scripting (XSS) vulnerabilities in Ulteo Open Virt ...)
 	NOT-FOR-US: Ulteo Open Virtual Desktop
-CVE-2009-1774
+CVE-2009-1774 (Directory traversal vulnerability in plugins/ddb/foot.php in Strawberr ...)
 	NOT-FOR-US: Strawberry
-CVE-2009-1773
+CVE-2009-1773 (activeCollab 2.1 Corporate allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: activeCollab
-CVE-2009-1772
+CVE-2009-1772 (Cross-site scripting (XSS) vulnerability in activeCollab 2.1 Corporate ...)
 	NOT-FOR-US: activeCollab
-CVE-2009-1771
+CVE-2009-1771 (index.php in Flyspeck CMS 6.8 does not require administrative authenti ...)
 	NOT-FOR-US: Flyspeck CMS
-CVE-2009-1770
+CVE-2009-1770 (Directory traversal vulnerability in includes/database/examples/addres ...)
 	NOT-FOR-US: Flyspeck CMS
-CVE-2009-1769
+CVE-2009-1769 (The web interface in Open Computer and Software Inventory Next Generat ...)
 	- ocsinventory-server 1.02.1-1 (unimportant; bug #529344)
 	NOTE: README.Debian states Important: access to the reports server should be restricted
-CVE-2009-1768
+CVE-2009-1768 (Directory traversal vulnerability in download.php in Rama Zaiten CMS 0 ...)
 	NOT-FOR-US: Rama Zaiten CMS
-CVE-2009-1767
+CVE-2009-1767 (admin/edituser.php in 2daybiz Template Monster Clone does not require  ...)
 	NOT-FOR-US: 2daybiz Template Monster Clone
-CVE-2009-1766
+CVE-2009-1766 (SQL injection vulnerability in index.php in LightOpenCMS 0.1 allows re ...)
 	NOT-FOR-US: LightOpenCMS
-CVE-2009-1765
+CVE-2009-1765 (Multiple directory traversal vulnerabilities in pluck 4.6.2, when regi ...)
 	NOT-FOR-US: pluck CMS
-CVE-2009-1764
+CVE-2009-1764 (SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 allows remot ...)
 	NOT-FOR-US: MaxCMS
-CVE-2009-1763
+CVE-2009-1763 (Unspecified vulnerability in the Solaris Secure Digital slot driver (a ...)
 	NOT-FOR-US: Solaris
-CVE-2009-1762
+CVE-2009-1762 (Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess l ...)
 	NOT-FOR-US: Novell GroupWise
 CVE-2009-XXXX [radare-common insecure temp files handling]
 	- radare 1.4-1 (low)
-CVE-2009-1761
+CVE-2009-1761 (The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windo ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2009-1760
+CVE-2009-1760 (Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar ...)
 	{DSA-1815-1}
 	- libtorrent-rasterbar 0.14.4-1 (medium)
-CVE-2009-1759
+CVE-2009-1759 (Stack-based buffer overflow in the btFiles::BuildFromMI function (trun ...)
 	{DSA-1817-1}
 	- ctorrent 1.3.4-dnh3.2-1.1 (medium; bug #530255)
-CVE-2009-1758
+CVE-2009-1758 (The hypervisor_callback function in Xen, possibly before 3.4.0, as app ...)
 	{DSA-1809-1}
 	- linux-2.6 2.6.28-1 (low; bug #536148)
 	- linux-2.6.24 <removed>
-CVE-2009-1757
+CVE-2009-1757 (Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 be ...)
 	- transmission 1.61-1 (low)
 	[lenny] - transmission <not-affected> (Vulnerable code not present, the web interface was introduced in 1.30)
 	[etch] - transmission <not-affected> (Vulnerable code not present, the web interface was introduced in 1.30)
-CVE-2009-1754
+CVE-2009-1754 (The PackageManagerService class in services/java/com/android/server/Pa ...)
 	NOT-FOR-US: Android
-CVE-2009-1752
+CVE-2009-1752 (exJune Office Message System 1 does not properly restrict access to (1 ...)
 	NOT-FOR-US: exJune Office Message System
-CVE-2009-1751
+CVE-2009-1751 (SQL injection vulnerability in list_list.php in Realty Webware Technol ...)
 	NOT-FOR-US: Realty Web-Base
-CVE-2009-1750
+CVE-2009-1750 (Unrestricted file upload vulnerability in VidSharePro allows remote au ...)
 	NOT-FOR-US: VidSharePro
-CVE-2009-1749
+CVE-2009-1749 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ca ...)
 	NOT-FOR-US: Catviz
-CVE-2009-1748
+CVE-2009-1748 (Multiple directory traversal vulnerabilities in index.php in Catviz 0. ...)
 	NOT-FOR-US: Catviz
-CVE-2009-1747
+CVE-2009-1747 (SQL injection vulnerability in index.php in 26th Avenue bSpeak 1.10 al ...)
 	NOT-FOR-US: bSpeak
-CVE-2009-1746
+CVE-2009-1746 (SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0  ...)
 	NOT-FOR-US: Dian Gemilang DGNews
-CVE-2009-1745
+CVE-2009-1745 (Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x  ...)
 	NOT-FOR-US: Armorlogic Profense Web Application Firewall
-CVE-2009-1744
+CVE-2009-1744 (InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in  ...)
 	NOT-FOR-US: Pinnacle
-CVE-2009-1743
+CVE-2009-1743 (Directory traversal vulnerability in InstallHFZ.exe 6.5.201.0 in Pinna ...)
 	NOT-FOR-US: Pinnacle
-CVE-2009-1742
+CVE-2009-1742 (code.php in PC4Arb Pc4 Uploader 9.0 and earlier makes it easier for re ...)
 	NOT-FOR-US: PC4Arb Pc4 Uploader
-CVE-2009-1741
+CVE-2009-1741 (Multiple SQL injection vulnerabilities in login.php in DM FileManager  ...)
 	NOT-FOR-US: DM FileManager
-CVE-2009-1740
+CVE-2009-1740 (Multiple heap-based buffer overflows in the D-Link MPEG4 Viewer Active ...)
 	NOT-FOR-US: D-Link MPEG4 Viewer
-CVE-2009-1739
+CVE-2009-1739 (PAD Site Scripts 3.6 allows remote attackers to bypass authentication  ...)
 	NOT-FOR-US: PAD Site Scripts
-CVE-2009-1738
+CVE-2009-1738 (Cross-site scripting (XSS) vulnerability in Feed Block 6.x-1.x before  ...)
 	NOT-FOR-US: Feed Block
-CVE-2009-1737
+CVE-2009-1737 (Directory traversal vulnerability in bom.php in MyPic 2.1 allows remot ...)
 	NOT-FOR-US: MyPic
-CVE-2009-1736
+CVE-2009-1736 (SQL injection vulnerability in the GridSupport (GS) Ticket System (com ...)
 	NOT-FOR-US: GridSupport component for Joomla
-CVE-2009-1735
+CVE-2009-1735 (Cross-site scripting (XSS) vulnerability in search.php in VidSharePro  ...)
 	NOT-FOR-US: VidSharePro
-CVE-2009-1734
+CVE-2009-1734 (SQL injection vulnerability in listing_video.php in VidSharePro allows ...)
 	NOT-FOR-US: VidSharePro
-CVE-2009-1733
+CVE-2009-1733 (Cross-site request forgery (CSRF) vulnerability in IPplan 4.91a allows ...)
 	- ipplan 4.91a-1.1 (unimportant; bug #530271)
 	NOTE: Only exploitable with admin rights
-CVE-2009-1732
+CVE-2009-1732 (Cross-site scripting (XSS) vulnerability in admin/usermanager in IPpla ...)
 	{DSA-1827-1}
 	- ipplan 4.91a-1.1 (low; bug #530271)
-CVE-2009-1731
+CVE-2009-1731 (SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows re ...)
 	NOT-FOR-US: MLFFAT
-CVE-2009-1730
+CVE-2009-1730 (Multiple directory traversal vulnerabilities in NetMechanica NetDecisi ...)
 	NOT-FOR-US: NetDecision TFTP Server
-CVE-2009-1729
+CVE-2009-1729 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
 	NOT-FOR-US: Sun Java System Communications Express
-CVE-2009-1728
+CVE-2009-1728 (Stack-based buffer overflow in Image RAW in Apple Mac OS X 10.5 before ...)
 	NOT-FOR-US: Image RAW in Apple Mac OS X
-CVE-2009-1727
+CVE-2009-1727 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X 10.5 ...)
 	NOT-FOR-US: CoreTypes in Apple Mac OS X
-CVE-2009-1726
+CVE-2009-1726 (Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and  ...)
 	NOT-FOR-US: ColorSync in Apple Mac OS X
-CVE-2009-1725
+CVE-2009-1725 (WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1,  ...)
 	{DSA-1988-1 DSA-1950-1}
 	- webkit 1.1.13-1 (medium; bug #538346)
 	- qt4-x11 4:4.5.2-2 (medium; bug #538347)
@@ -8986,7 +8986,7 @@ CVE-2009-1725
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=513813#c18
 	NOTE: patch http://trac.webkit.org/changeset/44799/
 	NOTE: PoC http://web.archive.org/web/20110813092643/https://cevans-app.appspot.com/static/webkitentityoffbyone.html
-CVE-2009-1724
+CVE-2009-1724 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- qt4-x11 <not-affected> (bug #538403)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- webkit 1.1.13-1 (low; bug #538402)
@@ -8994,20 +8994,20 @@ CVE-2009-1724
 	- kdelibs <unfixed> (unimportant)
 	- kde4libs <unfixed> (unimportant)
 	NOTE: http://www.thespanner.co.uk/2009/06/19/minor-safari-cross-domain-bug/
-CVE-2009-1723
+CVE-2009-1723 (CFNetwork in Apple Mac OS X 10.5 before 10.5.8 places an incorrect URL ...)
 	NOT-FOR-US: CFNetwork in Apple Mac OS X
-CVE-2009-1722
+CVE-2009-1722 (Heap-based buffer overflow in the compression implementation in OpenEX ...)
 	{DSA-1842-1}
 	- openexr 1.6.1-1 (medium; bug #540424)
-CVE-2009-1721
+CVE-2009-1721 (The decompression implementation in the Imf::hufUncompress function in ...)
 	{DSA-1842-1}
 	- openexr 1.6.1-4.1 (medium; bug #540424)
-CVE-2009-1720
+CVE-2009-1720 (Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-de ...)
 	{DSA-1842-1}
 	- openexr 1.6.1-4.1 (medium; bug #540424)
-CVE-2009-1719
+CVE-2009-1719 (The Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X ...)
 	NOT-FOR-US: Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X
-CVE-2009-1718
+CVE-2009-1718 (WebKit in Apple Safari before 4.0 allows user-assisted remote attacker ...)
 	- webkit 1.1.12-1 (medium; bug #535793)
 	[lenny] - webkit <no-dsa> (Minor issue)
 	- kdelibs <unfixed> (unimportant)
@@ -9016,11 +9016,11 @@ CVE-2009-1718
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/44010
-CVE-2009-1717
+CVE-2009-1717 (Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 allo ...)
 	NOT-FOR-US: Mac OS X
-CVE-2009-1716
+CVE-2009-1716 (CFNetwork in Apple Safari before 4.0 on Windows does not properly prot ...)
 	NOT-FOR-US: CFNetwork in Apple
-CVE-2009-1715
+CVE-2009-1715 (Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in ...)
 	- webkit 1.0.1-4 (medium; bug #535793)
 	- kdelibs <not-affected>
 	- kde4libs <not-affected>
@@ -9028,7 +9028,7 @@ CVE-2009-1715
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/31890
-CVE-2009-1714
+CVE-2009-1714 (Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in ...)
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <not-affected>
@@ -9036,7 +9036,7 @@ CVE-2009-1714
 	- qt4-x11 4:4.6.3-1 (low)
 	[lenny] - qt4-x11 <no-dsa> (Minor impact, no apps in Lenny which use qtwebkit )
 	NOTE: http://trac.webkit.org/changeset/36359
-CVE-2009-1713
+CVE-2009-1713 (The XSLT functionality in WebKit in Apple Safari before 4.0 does not p ...)
 	{DSA-1988-1}
 	- webkit 1.0.1-4 (medium; bug #535793)
 	- kdelibs <not-affected>
@@ -9044,7 +9044,7 @@ CVE-2009-1713
 	- qt4-x11 4:4.5.2-2
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	NOTE: http://trac.webkit.org/changeset/34533
-CVE-2009-1712
+CVE-2009-1712 (WebKit in Apple Safari before 4.0 does not prevent remote loading of l ...)
 	{DSA-1988-1 DSA-1950-1}
 	- webkit 1.1.12-1 (medium; bug #535793)
 	- kdelibs <not-affected>
@@ -9052,7 +9052,7 @@ CVE-2009-1712
 	- qt4-x11 4:4.5.2-2
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	NOTE: http://trac.webkit.org/changeset/41568
-CVE-2009-1711
+CVE-2009-1711 (WebKit in Apple Safari before 4.0 does not properly initialize memory  ...)
 	{DSA-1988-1 DSA-1950-1}
 	- webkit 1.1.12-1 (medium; bug #535793)
 	NOTE: http://trac.webkit.org/changeset/36918
@@ -9060,7 +9060,7 @@ CVE-2009-1711
 	- kde4libs <not-affected>
 	- qt4-x11 4:4.5.2-1
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
-CVE-2009-1710
+CVE-2009-1710 (WebKit in Apple Safari before 4.0 allows remote attackers to spoof the ...)
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <not-affected>
@@ -9069,7 +9069,7 @@ CVE-2009-1710
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/35157
-CVE-2009-1709
+CVE-2009-1709 (Use-after-free vulnerability in the garbage-collection implementation  ...)
 	{DSA-1866-1}
 	- webkit 0~svn32442-1
 	NOTE: fixed in upstream commit http://trac.webkit.org/changeset/32230
@@ -9077,17 +9077,17 @@ CVE-2009-1709
 	- kde4libs <not-affected> (Vulnerable code not present)
 	- kdegraphics 4:4.0 (medium; bug #534951)
 	NOTE: kdegraphics >4.0 not affected since ksvg is only in 3.5.x series)
-CVE-2009-1708
+CVE-2009-1708 (Apple Safari before 4.0 does not prevent calls to the open-help-anchor ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-1707
+CVE-2009-1707 (Race condition in the Reset Safari implementation in Apple Safari befo ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-1706
+CVE-2009-1706 (The Private Browsing feature in Apple Safari before 4.0 on Windows doe ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-1705
+CVE-2009-1705 (CoreGraphics in Apple Safari before 4.0 on Windows does not properly u ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-1704
+CVE-2009-1704 (CFNetwork in Apple Safari before 4.0 misinterprets downloaded image fi ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-1703
+CVE-2009-1703 (WebKit in Apple Safari before 4.0 does not prevent references to file: ...)
 	- webkit 1.1.12-1 (low; bug #535793)
 	[lenny] - webkit <no-dsa> (Minor issue)
 	- kdelibs <not-affected>
@@ -9096,7 +9096,7 @@ CVE-2009-1703
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	[lenny] - qt4-x11 <not-affected> (HTML video support introduced in version 4.5)
 	NOTE: http://trac.webkit.org/changeset/42533
-CVE-2009-1702
+CVE-2009-1702 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- webkit 1.1.12-1 (low; bug #535793)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- kdelibs <not-affected>
@@ -9105,7 +9105,7 @@ CVE-2009-1702
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/42216
-CVE-2009-1701
+CVE-2009-1701 (Use-after-free vulnerability in the JavaScript DOM implementation in W ...)
 	- webkit 1.1.12-1 (medium; bug #535793)
 	[lenny] - webkit <no-dsa> (Unmaintained, only affects fringe apps)
 	- kdelibs <not-affected>
@@ -9114,7 +9114,7 @@ CVE-2009-1701
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: invasive patch to backport.
 	NOTE: http://trac.webkit.org/changeset/40881
-CVE-2009-1700
+CVE-2009-1700 (The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone O ...)
 	- webkit 1.1.12-1 (low; bug #535793)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- kdelibs <not-affected>
@@ -9123,14 +9123,14 @@ CVE-2009-1700
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/38065
-CVE-2009-1699
+CVE-2009-1699 (The XSL stylesheet implementation in WebKit in Apple Safari before 4.0 ...)
 	{DSA-1988-1}
 	- webkit 1.0.1-4 (medium; bug #535793)
 	- kdelibs <not-affected>
 	- kde4libs <not-affected>
 	- qt4-x11 4:4.5.2-2
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
-CVE-2009-1698
+CVE-2009-1698 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...)
 	{DSA-1988-1 DSA-1950-1 DSA-1868-1 DSA-1867-1}
 	- webkit 1.1.5-1 (medium; bug #534946)
 	NOTE: http://trac.webkit.org/changeset/42081
@@ -9138,7 +9138,7 @@ CVE-2009-1698
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	- kdelibs 4:3.5.10.dfsg.1-2.1 (medium; bug #534949)
 	- kde4libs 4:4.3.0-1 (medium)
-CVE-2009-1697
+CVE-2009-1697 (CRLF injection vulnerability in WebKit in Apple Safari before 4.0, iPh ...)
 	{DSA-1950-1}
 	- webkit 1.1.15.2-1 (medium; bug #535793)
 	- kdelibs <not-affected>
@@ -9147,7 +9147,7 @@ CVE-2009-1697
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/41262
-CVE-2009-1696
+CVE-2009-1696 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...)
 	- webkit 1.1.12-1 (medium; bug #535793)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	- kdelibs <not-affected>
@@ -9157,7 +9157,7 @@ CVE-2009-1696
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/39510
 	NOTE: http://trac.webkit.org/changeset/39553
-CVE-2009-1695
+CVE-2009-1695 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <not-affected>
@@ -9166,7 +9166,7 @@ CVE-2009-1695
 	[lenny] - qt4-x11 <not-affected> (Vulnerable code not present)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/42223
-CVE-2009-1694
+CVE-2009-1694 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...)
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <not-affected>
@@ -9175,7 +9175,7 @@ CVE-2009-1694
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/35935
-CVE-2009-1693
+CVE-2009-1693 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...)
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (medium; bug #535793)
 	- kdelibs <not-affected>
@@ -9184,7 +9184,7 @@ CVE-2009-1693
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	[lenny] - qt4-x11 <no-dsa> (Minor impact, no apps in Lenny which use qtwebkit )
 	NOTE: http://trac.webkit.org/changeset/35928
-CVE-2009-1692
+CVE-2009-1692 (WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iP ...)
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <unfixed> (unimportant)
@@ -9193,7 +9193,7 @@ CVE-2009-1692
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: upstream (undisclosed) bug report is https://bugs.webkit.org/show_bug.cgi?id=23319
 	NOTE: http://trac.webkit.org/changeset/41741
-CVE-2009-1691
+CVE-2009-1691 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- webkit 1.1.12-1 (medium; bug #535793)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/32791
@@ -9201,7 +9201,7 @@ CVE-2009-1691
 	- kde4libs <not-affected>
 	- qt4-x11 4.4.3-1
 	NOTE: QT4 might be fixed earlier, but only Lenny version was checked
-CVE-2009-1690
+CVE-2009-1690 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...)
 	{DSA-1988-1 DSA-1950-1 DSA-1868-1 DSA-1867-1}
 	- webkit 1.1.5-1 (medium; bug #534946)
 	NOTE: http://trac.webkit.org/changeset/42532
@@ -9210,7 +9210,7 @@ CVE-2009-1690
 	NOTE: http://websvn.kde.org/?view=rev&revision=983316
 	- qt4-x11 4:4.5.2-1 (medium; bug #534947)
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
-CVE-2009-1689
+CVE-2009-1689 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- webkit 1.1.12-1 (low; bug #535793)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	- kdelibs <not-affected>
@@ -9218,7 +9218,7 @@ CVE-2009-1689
 	- qt4-x11 4.4.3-1
 	NOTE: QT4 might be fixed earlier, but only Lenny version was checked
 	NOTE: http://trac.webkit.org/changeset/32791
-CVE-2009-1688
+CVE-2009-1688 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- webkit 1.1.12-1 (low; bug #535793)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	- kdelibs <not-affected>
@@ -9226,7 +9226,7 @@ CVE-2009-1688
 	- qt4-x11 4.4.3-1
 	NOTE: QT4 might be fixed earlier, but only Lenny version was checked
 	NOTE: http://trac.webkit.org/changeset/32791
-CVE-2009-1687
+CVE-2009-1687 (The JavaScript garbage collector in WebKit in Apple Safari before 4.0, ...)
 	{DSA-1988-1 DSA-1950-1 DSA-1868-1 DSA-1867-1}
 	- webkit 1.1.5-1 (medium; bug #534946)
 	- kdelibs 4:3.5.10.dfsg.1-2.1 (bug #534952)
@@ -9234,7 +9234,7 @@ CVE-2009-1687
 	NOTE: http://trac.webkit.org/changeset/41854
 	- qt4-x11 4:4.5.2-1 (medium; bug #534946)
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
-CVE-2009-1686
+CVE-2009-1686 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...)
 	- webkit 1.1.12-1 (medium; bug #535793)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	- kdelibs <not-affected>
@@ -9243,14 +9243,14 @@ CVE-2009-1686
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/31431
-CVE-2009-1685
+CVE-2009-1685 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- webkit 1.0.1-4 (bug #535793)
 	- kdelibs <not-affected>
 	- qt4-x11 4:4.6.2-4 (low)
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/34574
-CVE-2009-1684
+CVE-2009-1684 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <not-affected>
@@ -9259,11 +9259,11 @@ CVE-2009-1684
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
 	NOTE: http://trac.webkit.org/changeset/42365
-CVE-2009-1683
+CVE-2009-1683 (The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhon ...)
 	NOT-FOR-US: iPhone
-CVE-2009-1682
+CVE-2009-1682 (Apple Safari before 4.0 does not properly check for revoked Extended V ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-1681
+CVE-2009-1681 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...)
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (low; bug #535793)
 	- kdelibs <not-affected>
@@ -9272,333 +9272,333 @@ CVE-2009-1681
 	[lenny] - qt4-x11 <no-dsa> (qtwebkit not supported security-wise)
 	NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against, Lenny is affected
 	NOTE: http://trac.webkit.org/changeset/42333
-CVE-2009-1680
+CVE-2009-1680 (Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod tou ...)
 	NOT-FOR-US: Safari in Apple iPhone OS
-CVE-2009-1679
+CVE-2009-1679 (The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone ...)
 	NOT-FOR-US: iPhone
-CVE-2009-1756
+CVE-2009-1756 (SLiM Simple Login Manager 1.3.0 places the X authority magic cookie (m ...)
 	- slim 1.3.1-2 (low; bug #529306)
 	[lenny] - slim 1.3.0-1+lenny2
-CVE-2009-1755
+CVE-2009-1755 (Off-by-one error in the packet_read_query_section function in packet.c ...)
 	{DSA-1803-1}
 	- nsd3 3.2.2-1 (medium; bug #529418)
 	- nsd 2.3.7-3 (medium; bug #529420)
 	NOTE: VU#710316
-CVE-2009-1753
+CVE-2009-1753 (Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a ...)
 	- coccinelle 0.1.7.deb-3 (low)
-CVE-2009-1678
+CVE-2009-1678 (Directory traversal vulnerability in the saveFeed function in rss/feed ...)
 	NOT-FOR-US: Bitweaver
-CVE-2009-1677
+CVE-2009-1677 (Multiple static code injection vulnerabilities in the saveFeed functio ...)
 	NOT-FOR-US: Bitweaver
 CVE-2009-1676
 	REJECTED
-CVE-2009-1675
+CVE-2009-1675 (Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows r ...)
 	NOT-FOR-US: ElectraSoft 32bit FTP
-CVE-2009-1674
+CVE-2009-1674 (Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-as ...)
 	NOT-FOR-US: Microchip MPLAB IDE
-CVE-2009-1673
+CVE-2009-1673 (The kernel in Sun Solaris 9 allows local users to cause a denial of se ...)
 	NOT-FOR-US: SunOS
-CVE-2009-1672
+CVE-2009-1672 (The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Su ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-1671
+CVE-2009-1671 (Multiple buffer overflows in the Deployment Toolkit ActiveX control in ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-1670
+CVE-2009-1670 (user/index.php in TCPDB 3.8 does not require administrative authentica ...)
 	NOT-FOR-US: TCPDB
-CVE-2009-1669
+CVE-2009-1669 (The smarty_function_math function in libs/plugins/function.math.php in ...)
 	{DSA-1919-1}
 	- smarty 2.6.26-0.1 (low; bug #529810)
 	[etch] - smarty <not-affected> (Vulnerable code not present)
 	[lenny] - smarty <no-dsa> (Minor issue)
-CVE-2009-1668
+CVE-2009-1668 (TYPSoft FTP Server 1.11 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: TYPSoft
-CVE-2009-1667
+CVE-2009-1667 (Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows r ...)
 	NOT-FOR-US: CastRipper
-CVE-2009-1666
+CVE-2009-1666 (Multiple unspecified vulnerabilities in CycloMedia CycloScopeLite 2.50 ...)
 	NOT-FOR-US: CycloMedia CycloScopeLite
-CVE-2009-1665
+CVE-2009-1665 (myaccount.php in Easy Scripts Answer and Question Script allows remote ...)
 	NOT-FOR-US: Easy Scripts Answer and Question Script
-CVE-2009-1664
+CVE-2009-1664 (myaccount.php in Easy Scripts Answer and Question Script does not veri ...)
 	NOT-FOR-US: Easy Scripts Answer and Question Script
-CVE-2009-1663
+CVE-2009-1663 (Unrestricted file upload vulnerability in myaccount.php in Easy Script ...)
 	NOT-FOR-US: Easy Scripts Answer and Question Script
-CVE-2009-1662
+CVE-2009-1662 (Multiple SQL injection vulnerabilities in admin/login.php in Wright Wa ...)
 	NOT-FOR-US: Wright Way Services Recipe Script
-CVE-2009-1661
+CVE-2009-1661 (SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when ma ...)
 	NOT-FOR-US: uTopic
-CVE-2009-1660
+CVE-2009-1660 (Stack-based buffer overflow in URUWorks ViPlay3 3.0 and earlier allows ...)
 	NOT-FOR-US: ViPlay3
-CVE-2009-1659
+CVE-2009-1659 (Unrestricted file upload vulnerability in admin/uploadimage.php in eLi ...)
 	NOT-FOR-US: eLitius
-CVE-2009-1658
+CVE-2009-1658 (Multiple SQL injection vulnerabilities in admin/admin.php in Realty We ...)
 	NOT-FOR-US: Web-Base
-CVE-2009-1657
+CVE-2009-1657 (Multiple SQL injection vulnerabilities in the Starrating plugin before ...)
 	NOT-FOR-US: Starrating plugin for b2evolution
-CVE-2009-1656
+CVE-2009-1656 (Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265, 275; and  ...)
 	NOT-FOR-US: Xerox
-CVE-2009-1655
+CVE-2009-1655 (Multiple SQL injection vulnerabilities in myaccount.php in Easy Script ...)
 	NOT-FOR-US: Easy Scripts Answer and Question Script
-CVE-2009-1654
+CVE-2009-1654 (Cross-site scripting (XSS) vulnerability in questiondetail.php in Easy ...)
 	NOT-FOR-US: Easy Scripts Answer and Question Script
-CVE-2009-1653
+CVE-2009-1653 (Directory traversal vulnerability in examples/tbs_us_examples_0view.ph ...)
 	NOT-FOR-US: TinyButStrong
-CVE-2009-1652
+CVE-2009-1652 (admin/adminaddeditdetails.php in Business Community Script does not pr ...)
 	NOT-FOR-US: Business Community Script
-CVE-2009-1651
+CVE-2009-1651 (SQL injection vulnerability in admin/member_details.php in 2daybiz Bus ...)
 	NOT-FOR-US: 2daybiz
-CVE-2009-1650
+CVE-2009-1650 (Multiple SQL injection vulnerabilities in photos.php in Shutter 0.1.1  ...)
 	NOT-FOR-US: Shutter
-CVE-2009-1649
+CVE-2009-1649 (Directory traversal vulnerability in arch.php in beLive 0.2.3 allows r ...)
 	NOT-FOR-US: beLive
-CVE-2009-1648
+CVE-2009-1648 (The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Se ...)
 	NOT-FOR-US: yast2-ldap-server on SUSE
-CVE-2009-1647
+CVE-2009-1647 (Heap-based buffer overflow in popcorn.exe in Ultrafunk Popcorn 1.87 al ...)
 	NOT-FOR-US: Ultrafunk Popcorn
-CVE-2009-1646
+CVE-2009-1646 (Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allow ...)
 	NOT-FOR-US: Mini-stream RM Downloader
-CVE-2009-1645
+CVE-2009-1645 (Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Conve ...)
 	NOT-FOR-US: Mini-stream Easy RM-MP Converter
-CVE-2009-1644
+CVE-2009-1644 (Stack-based buffer overflow in Sorinara Streaming Audio Player 0.9 all ...)
 	NOT-FOR-US: Streaming Audio Player
-CVE-2009-1643
+CVE-2009-1643 (Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows ...)
 	NOT-FOR-US: Sorinara Soritong MP3 Player
-CVE-2009-1642
+CVE-2009-1642 (Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Conver ...)
 	NOT-FOR-US: Mini-stream ASX to MP3 Converter
-CVE-2009-1641
+CVE-2009-1641 (Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 al ...)
 	NOT-FOR-US: Mini-stream Ripper
-CVE-2009-1640
+CVE-2009-1640 (Stack-based buffer overflow in Nucleus Data Recovery Kernel Recovery f ...)
 	NOT-FOR-US: Nucleus Data Recovery Kernel Recovery
-CVE-2009-1639
+CVE-2009-1639 (Stack-based buffer overflow in Nucleus Data Recovery Kernel Recovery f ...)
 	NOT-FOR-US: Nucleus Data Recovery Kernel Recovery
-CVE-2009-1638
+CVE-2009-1638 (Techno Dreams Job Career Package 3.0 allows remote attackers to bypass ...)
 	NOT-FOR-US: Techno Dreams Job Career Package
-CVE-2009-1637
+CVE-2009-1637 (profile.php in Simple Customer 1.3 does not require administrative aut ...)
 	NOT-FOR-US: Simple Customer
-CVE-2009-1788
+CVE-2009-1788 (Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 thr ...)
 	{DSA-1814-1 DTSA-202-1}
 	- libsndfile 1.0.20-1 (low; bug #528650)
-CVE-2009-1791
+CVE-2009-1791 (Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 th ...)
 	{DSA-1814-1 DTSA-202-1}
 	- libsndfile 1.0.20-1 (low; bug #528650)
-CVE-2009-1636
+CVE-2009-1636 (Multiple buffer overflows in the Internet Agent (aka GWIA) component i ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-1635
+CVE-2009-1635 (Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess c ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-1634
+CVE-2009-1634 (The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8. ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-1633
+CVE-2009-1633 (Multiple buffer overflows in the cifs subsystem in the Linux kernel be ...)
 	{DSA-1865-1 DSA-1844-1 DSA-1809-1}
 	- linux-2.6 2.6.30-1
 	- linux-2.6.24 <removed>
-CVE-2009-1632
+CVE-2009-1632 (Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attacke ...)
 	{DSA-1804-1}
 	- ipsec-tools 1:0.7.1-1.5 (medium; bug #528933)
-CVE-2009-1631
+CVE-2009-1631 (The Mailer component in Evolution 2.26.1 and earlier uses world-readab ...)
 	- evolution 2.29.90-1 (unimportant; bug #526409)
 	NOTE: Mostly a security enhancement, only for local users/mail and open homedirs
-CVE-2009-1630
+CVE-2009-1630 (The nfs_permission function in fs/nfs/dir.c in the NFS client implemen ...)
 	{DSA-1865-1 DSA-1844-1 DSA-1809-1}
 	- linux-2.6 2.6.30-1
 	- linux-2.6.24 <removed>
-CVE-2009-1629
+CVE-2009-1629 (ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with pr ...)
 	{DSA-1994-1}
 	- ajaxterm 0.10-5 (medium; bug #528938)
-CVE-2009-1789
+CVE-2009-1789 (mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and ea ...)
 	{DSA-1826-1}
 	- eggdrop 1.6.19-1.2 (medium; bug #528778)
 CVE-2009-XXXX [cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked]
 	- cron 3.0pl1-106 (low; bug #528434)
 	[lenny] - cron <no-dsa> (Minor issue)
 	[etch] - cron <no-dsa> (Minor issue)
-CVE-2009-1628
+CVE-2009-1628 (Stack-based buffer overflow in mnet.exe in Unisys Business Information ...)
 	NOT-FOR-US: Unisys Business Information Server
-CVE-2009-1627
+CVE-2009-1627 (Stack-based buffer overflow in Streaming Download Project (SDP) Downlo ...)
 	NOT-FOR-US: Streaming Download Project (SDP)
-CVE-2009-1626
+CVE-2009-1626 (SQL injection vulnerability in public/specific.php in EZ-Blog before B ...)
 	NOT-FOR-US: EZ-Blog
-CVE-2009-1625
+CVE-2009-1625 (Directory traversal vulnerability in index.php in Thickbox Gallery 2 a ...)
 	NOT-FOR-US: Thickbox Gallery 2
-CVE-2009-1624
+CVE-2009-1624 (Directory traversal vulnerability in index.php in Dew-NewPHPLinks 2.0  ...)
 	NOT-FOR-US: Dew-NewPHPLinks 2.0
-CVE-2009-1623
+CVE-2009-1623 (Cross-site scripting (XSS) vulnerability in index.php in Dew-NewPHPLin ...)
 	NOT-FOR-US: Dew-NewPHPLinks 2.0
-CVE-2009-1622
+CVE-2009-1622 (SQL injection vulnerability in user.php in EcShop 2.5.0 allows remote  ...)
 	NOT-FOR-US: EcShop 2.5.0
-CVE-2009-1621
+CVE-2009-1621 (Directory traversal vulnerability in index.php in OpenCart 1.1.8 allow ...)
 	NOT-FOR-US: OpenCart
-CVE-2009-1620
+CVE-2009-1620 (Multiple cross-site scripting (XSS) vulnerabilities in input.php in Ma ...)
 	NOT-FOR-US: MataChat
-CVE-2009-1619
+CVE-2009-1619 (Teraway FileStream 1.0 allows remote attackers to bypass authenticatio ...)
 	NOT-FOR-US: Teraway FileStream
-CVE-2009-1618
+CVE-2009-1618 (Teraway LiveHelp 2.0 allows remote attackers to bypass authentication  ...)
 	NOT-FOR-US: Teraway LiveHelp
-CVE-2009-1617
+CVE-2009-1617 (Teraway LinkTracker 1.0 allows remote attackers to bypass authenticati ...)
 	NOT-FOR-US: Teraway LinkTracker
-CVE-2009-1616
+CVE-2009-1616 (Cross-site scripting (XSS) vulnerability in docs/showdoc.php in Copper ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2009-1615
+CVE-2009-1615 (Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote ...)
 	NOT-FOR-US: Leap CMS
-CVE-2009-1614
+CVE-2009-1614 (Multiple cross-site scripting (XSS) vulnerabilities in Leap CMS 0.1.4  ...)
 	NOT-FOR-US: Leap CMS
-CVE-2009-1613
+CVE-2009-1613 (Multiple SQL injection vulnerabilities in leap.php in Leap CMS 0.1.4,  ...)
 	NOT-FOR-US: Leap CMS
-CVE-2009-1612
+CVE-2009-1612 (Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control i ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-1611
+CVE-2009-1611 (Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows r ...)
 	NOT-FOR-US: ElectraSoft 32bit FTP
-CVE-2009-1610
+CVE-2009-1610 (admin/changepassword.php in Job Script Job Board Software 2.0 allows r ...)
 	NOT-FOR-US: Job Script Job Board Software
-CVE-2009-1609
+CVE-2009-1609 (Unrestricted file upload vulnerability in admin/uploadform.asp in Batt ...)
 	NOT-FOR-US: Battle Blog
-CVE-2009-1608
+CVE-2009-1608 (Multiple buffer overflows in Microchip MPLAB IDE 8.30 and possibly ear ...)
 	NOT-FOR-US: Microchip MPLAB IDE
-CVE-2009-1607
+CVE-2009-1607 (Cross-site scripting (XSS) vulnerability in the administrator panel in ...)
 	NOT-FOR-US: LinkBase
-CVE-2009-1606
+CVE-2009-1606 (Multiple stack-based and heap-based buffer overflows in Dafolo DafoloC ...)
 	NOT-FOR-US: Dafolo DafoloControl ActiveX
-CVE-2009-1605
+CVE-2009-1605 (Heap-based buffer overflow in the loadexponentialfunc function in mupd ...)
 	NOT-FOR-US: MuPDF
-CVE-2009-1604
+CVE-2009-1604 (Unspecified vulnerability in LimeSurvey before 1.82 allows remote atta ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2009-1603
+CVE-2009-1603 (src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used wit ...)
 	- opensc 0.11.8 (high; bug #527640)
 	[etch] - opensc <not-affected> (vulnerable code introduced in 0.11.7)
 	[lenny] - opensc <not-affected> (vulnerable code introduced in 0.11.7)
 	NOTE: checked code, public exponent set correctly in etch/lenny versions (CK_BYTE publicExponent[] = { 3 };)
-CVE-2009-1602
+CVE-2009-1602 (Pablo Software Solutions Quick 'n Easy Mail Server 3.3 allows remote a ...)
 	NOT-FOR-US: Pablo Software
-CVE-2009-1601
+CVE-2009-1601 (The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+df ...)
 	- clamav <not-affected> (Vulnerable code not present)
 	NOTE: from what I see this code was never uploaded to the debian archive
-CVE-2009-1600
+CVE-2009-1600 (Apple Safari executes DOM calls in response to a javascript: URI in th ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-1599
+CVE-2009-1599 (Opera executes DOM calls in response to a javascript: URI in the targe ...)
 	NOT-FOR-US: Opera
-CVE-2009-1598
+CVE-2009-1598 (Google Chrome executes DOM calls in response to a javascript: URI in t ...)
 	- chromium-browser <unfixed> (unimportant)
 	- webkit <not-affected> (chrome-specific issue)
 	NOTE: it sounds like a "researcher misconception bug" (as seeming explained by Abobe) rather than a security issue
-CVE-2009-1597
+CVE-2009-1597 (Mozilla Firefox executes DOM calls in response to a javascript: URI in ...)
 	- xulrunner <undetermined> (bug #565521)
 	[wheezy] - xulrunner <end-of-life> (no detailed information available)
-CVE-2009-1596
+CVE-2009-1596 (Ignite Realtime Openfire before 3.6.5 does not properly implement the  ...)
 	NOT-FOR-US: Openfire
-CVE-2009-1595
+CVE-2009-1595 (The jabber:iq:auth implementation in IQAuthHandler.java in Ignite Real ...)
 	NOT-FOR-US: Openfire
 CVE-2009-XXXX [More file buffer overflows]
 	- file 5.03-1 (bug #525820)
 	[etch] - file <not-affected> (CDF code not yet present in 4.x)
 	[lenny] - file <not-affected> (CDF code not yet present in 4.x)
-CVE-2009-1594
+CVE-2009-1594 (Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x  ...)
 	NOT-FOR-US: Armorlogic Profense Web Application Firewall
-CVE-2009-1593
+CVE-2009-1593 (Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x  ...)
 	NOT-FOR-US: Armorlogic Profense Web Application Firewall
-CVE-2009-1592
+CVE-2009-1592 (Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows r ...)
 	NOT-FOR-US: ElectraSoft 32bit FTP
-CVE-2009-1591
+CVE-2009-1591 (CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allo ...)
 	NOT-FOR-US: CGI RESCUE Web Mailer
-CVE-2009-1590
+CVE-2009-1590 (Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows r ...)
 	NOT-FOR-US: CGI RESCUE FORM2MAIL
-CVE-2009-1589
+CVE-2009-1589 (Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows r ...)
 	NOT-FOR-US: CGI RESCUE MiniBBS
-CVE-2009-1588
+CVE-2009-1588 (Cross-site scripting (XSS) vulnerability in CGI RESCUE MiniBBS 8t befo ...)
 	NOT-FOR-US: CGI RESCUE MiniBBS
 CVE-2009-XXXX [hex-a-hop: buffer overflow in loading save games]
 	- hex-a-hop <unfixed> (unimportant; bug #528250)
 	NOTE: That's a simple bug, it's silly to treat this as a security issue
-CVE-2009-1587
+CVE-2009-1587 (index.php in PHP Site Lock 2.0 allows remote attackers to bypass authe ...)
 	NOT-FOR-US: PHP Site Lock
-CVE-2009-1586
+CVE-2009-1586 (Stack-based buffer overflow in the NZB importer feature in GrabIt 1.7. ...)
 	NOT-FOR-US: GrabIt
-CVE-2009-1585
+CVE-2009-1585 (Multiple SQL injection vulnerabilities in TemaTres 1.031, when magic_q ...)
 	NOT-FOR-US: TemaTres
-CVE-2009-1584
+CVE-2009-1584 (Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, wh ...)
 	NOT-FOR-US: TemaTres
-CVE-2009-1583
+CVE-2009-1583 (Multiple cross-site scripting (XSS) vulnerabilities in TemaTres 1.0.3  ...)
 	NOT-FOR-US: TemaTres
-CVE-2009-1582
+CVE-2009-1582 (Million Dollar Text Links 1.0 does not properly restrict administrator ...)
 	NOT-FOR-US: Million Dollar Text Links
-CVE-2009-1581
+CVE-2009-1581 (functions/mime.php in SquirrelMail before 1.4.18 does not protect the  ...)
 	{DSA-1802-1}
 	- squirrelmail 2:1.4.18-1 (low; bug #528528)
 	NOTE: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13667
-CVE-2009-1580
+CVE-2009-1580 (Session fixation vulnerability in SquirrelMail before 1.4.18 allows re ...)
 	{DSA-1802-1}
 	- squirrelmail 2:1.4.18-1 (low; bug #528528)
 	NOTE: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13676
-CVE-2009-1579
+CVE-2009-1579 (The map_yp_alias function in functions/imap_general.php in SquirrelMai ...)
 	{DSA-1802-1}
 	- squirrelmail 2:1.4.18-1 (medium; bug #528528)
 	NOTE: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13674
 	NOTE: doesn't affect every setup
-CVE-2009-1578
+CVE-2009-1578 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail be ...)
 	{DSA-1802-1}
 	- squirrelmail 2:1.4.18-1 (low; bug #528528)
 	NOTE: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13670
-CVE-2009-1577
+CVE-2009-1577 (Multiple stack-based buffer overflows in the putstring function in fin ...)
 	- cscope 15.6-1
-CVE-2009-1576
+CVE-2009-1576 (Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before 6.1 ...)
 	{DSA-1792-1}
 	- drupal6 6.11-1 (bug #526378)
 	- drupal5 5.17-1
-CVE-2009-1575
+CVE-2009-1575 (Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.17 and ...)
 	{DSA-1792-1}
 	- drupal6 6.11-1 (bug #526378)
 	- drupal5 5.17-1
-CVE-2009-1574
+CVE-2009-1574 (racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attacke ...)
 	{DSA-1804-1}
 	- ipsec-tools 1:0.7.1-1.4 (medium; bug #527634)
-CVE-2009-1571
+CVE-2009-1571 (Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0 ...)
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <end-of-life>
 	- iceape 2.0.3-1
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
 	- icedove 3.0.2-1
-CVE-2009-1570
+CVE-2009-1570 (Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-re ...)
 	- gimp 2.6.7-1.1 (medium; bug #555929)
-CVE-2009-1569
+CVE-2009-1569 (Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5. ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2009-1568
+CVE-2009-1568 (Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client 5.30 ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2009-1567
+CVE-2009-1567 (Multiple stack-based buffer overflows in the Lateral Arts Photobox upl ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-1566
+CVE-2009-1566 (Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creato ...)
 	NOT-FOR-US: Roxio Easy Media Creator
-CVE-2009-1565
+CVE-2009-1565 (vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4  ...)
 	NOT-FOR-US: VMware Movie Decoder
-CVE-2009-1564
+CVE-2009-1564 (Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMwa ...)
 	NOT-FOR-US: VMwar
 CVE-2009-1563
 	REJECTED
 CVE-2009-1562
 	RESERVED
-CVE-2009-1561
+CVE-2009-1561 (Cross-site request forgery (CSRF) vulnerability in administration.cgi  ...)
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1560
+CVE-2009-1560 (The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 ...)
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1559
+CVE-2009-1559 (Absolute path traversal vulnerability in adm/file.cgi on the Cisco Lin ...)
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1558
+CVE-2009-1558 (Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys ...)
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1557
+CVE-2009-1557 (Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Links ...)
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1556
+CVE-2009-1556 (img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with  ...)
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1555
+CVE-2009-1555 (The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 ...)
 	NOT-FOR-US: Cisco Linksys
-CVE-2009-1554
+CVE-2009-1554 (Cross-site scripting (XSS) vulnerability in ThemeServlet.java in Sun W ...)
 	NOT-FOR-US: Sun Woodstock
-CVE-2009-1553
+CVE-2009-1553 (Multiple cross-site scripting (XSS) vulnerabilities in the Admin Conso ...)
 	NOT-FOR-US: Sun GlassFish Enterprise Server
-CVE-2009-1552
+CVE-2009-1552 (Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7 ...)
 	NOT-FOR-US: SCO UnixWare
-CVE-2009-1551
+CVE-2009-1551 (Multiple PHP remote file inclusion vulnerabilities in Qt quickteam 2 a ...)
 	NOT-FOR-US: Qt quickteam
-CVE-2009-1550
+CVE-2009-1550 (Zakkis Technology ABC Advertise 1.0 does not properly restrict access  ...)
 	NOT-FOR-US: Zakkis Technology ABC Advertise
-CVE-2009-1549
+CVE-2009-1549 (AGTC MyShop 3.2b allows remote attackers to bypass authentication and  ...)
 	NOT-FOR-US: AGTC MyShop
-CVE-2009-1548
+CVE-2009-1548 (SQL injection vulnerability in index.php in BluSky CMS allows remote a ...)
 	NOT-FOR-US: BluSky CMS
 CVE-2009-XXXX [prelude-manager: password world-readable]
 	- prelude-manager <not-affected> (The postinst sets correct permissions, see bug #527344)
@@ -9608,63 +9608,63 @@ CVE-2009-XXXX [bash-completion: does not properly quote characters]
 	NOTE: adding this reference to track the fact that this has already been addressed by debian security
 	NOTE: fixed over a year ago in debian; but fedora finally got around to addressing the issue recently
 	NOTE: FEDORA-2009-3639 http://lwn.net/Articles/331605
-CVE-2009-1547
+CVE-2009-1547 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6,  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-1546
+CVE-2009-1546 (Integer overflow in Avifil32.dll in the Windows Media file handling fu ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1545
+CVE-2009-1545 (Unspecified vulnerability in Avifil32.dll in the Windows Media file ha ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1544
+CVE-2009-1544 (Double free vulnerability in the Workstation service in Microsoft Wind ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2009-1543
 	REJECTED
-CVE-2009-1542
+CVE-2009-1542 (The Virtual Machine Monitor (VMM) in Microsoft Virtual PC 2004 SP1, 20 ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-1541
 	REJECTED
 CVE-2009-1540
 	REJECTED
-CVE-2009-1539
+CVE-2009-1539 (The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Micro ...)
 	NOT-FOR-US: Microsoft DirectX
-CVE-2009-1538
+CVE-2009-1538 (The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Micro ...)
 	NOT-FOR-US: Microsoft DirectX
-CVE-2009-1537
+CVE-2009-1537 (Unspecified vulnerability in the QuickTime Movie Parser Filter in quar ...)
 	NOT-FOR-US: Microsoft DirectX
-CVE-2009-1536
+CVE-2009-1536 (ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and S ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2009-1535
+CVE-2009-1535 (The WebDAV extension in Microsoft Internet Information Services (IIS)  ...)
 	NOT-FOR-US: IIS
-CVE-2009-1534
+CVE-2009-1534 (Buffer overflow in the Office Web Components ActiveX Control in Micros ...)
 	NOT-FOR-US: Microsoft Office XP
-CVE-2009-1533
+CVE-2009-1533 (Buffer overflow in the Works for Windows document converters in Micros ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1532
+CVE-2009-1532 (Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1531
+CVE-2009-1531 (Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1530
+CVE-2009-1530 (Use-after-free vulnerability in Microsoft Internet Explorer 7 for Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1529
+CVE-2009-1529 (Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1528
+CVE-2009-1528 (Microsoft Internet Explorer 6 and 7 for Windows XP SP2 and SP3; 6 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1527
+CVE-2009-1527 (Race condition in the ptrace_attach function in kernel/ptrace.c in the ...)
 	- linux-2.6 2.6.29-5 (high)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
-CVE-2009-1526
+CVE-2009-1526 (JBMC Software DirectAdmin before 1.334 allows local users to create or ...)
 	NOT-FOR-US: Directadmin
-CVE-2009-1525
+CVE-2009-1525 (CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authent ...)
 	NOT-FOR-US: Directadmin
-CVE-2009-1524
+CVE-2009-1524 (Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before 6.1. ...)
 	- jetty 6.1.19-1 (low; bug #527571)
-CVE-2009-1523
+CVE-2009-1523 (Directory traversal vulnerability in the HTTP server in Mort Bay Jetty ...)
 	- jetty 6.1.19-1 (low; bug #528389)
-CVE-2009-1522
+CVE-2009-1522 (The IBM Tivoli Storage Manager (TSM) client 5.5.0.0 through 5.5.1.17 o ...)
 	NOT-FOR-US: Tivoli
-CVE-2009-1521
+CVE-2009-1521 (Unspecified vulnerability in the Java GUI in the IBM Tivoli Storage Ma ...)
 	NOT-FOR-US: Tivoli
-CVE-2009-1520
+CVE-2009-1520 (Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) ...)
 	NOT-FOR-US: Tivoli
 CVE-2009-XXXX [moin: XSS in AttachFile.py via attachements]
 	- moin 1.8.3-1 (low; bug #526594)
@@ -9672,264 +9672,264 @@ CVE-2009-XXXX [moin: XSS in AttachFile.py via attachements]
 	[etch] - moin <not-affected> (Vulnerable code not present)
 	NOTE: http://hg.moinmo.in/moin/1.8/rev/269a1fbc3ed7
 	NOTE: CVE id requested
-CVE-2009-1513
+CVE-2009-1513 (Buffer overflow in the PATinst function in src/load_pat.cpp in libmodp ...)
 	{DSA-1850-1}
 	- libmodplug 1:0.8.7-1 (medium; bug #526084)
 	- gst-plugins-bad0.10 <not-affected> (Vulnerable code not present; bug #527077)
 	[etch] - libmodplug <not-affected> (Vulnerable code not present)
 	NOTE: gst-plugins-bad0.10 in testing and unstable builds against an external libmodplug.
-CVE-2009-1519
+CVE-2009-1519 (Directory traversal vulnerability in index.php in Pecio CMS 1.1.5 allo ...)
 	NOT-FOR-US: Pecio CMS
-CVE-2009-1518
+CVE-2009-1518 (Cross-site request forgery (CSRF) vulnerability in Beltane before 2.3. ...)
 	NOT-FOR-US: Beltane
-CVE-2009-1517
+CVE-2009-1517 (Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 A ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-1516
+CVE-2009-1516 (Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX con ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-1514
+CVE-2009-1514 (Google Chrome 1.0.154.53 allows remote attackers to cause a denial of  ...)
 	- chromium-browser 5.0.375.38~r46659-1 (low)
 	NOTE: proof of concept maximum impact against webkit is dos-only
-CVE-2009-1573
+CVE-2009-1573 (xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly ot ...)
 	- xorg-server 2:1.6.1.901-3 (low; bug #526678)
 	[etch] - xorg-server <no-dsa> (minor issue)
 	[lenny] - xorg-server <no-dsa> (minor issue)
-CVE-2009-1515
+CVE-2009-1515 (Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c i ...)
 	- file 5.02-1
 	[lenny] - file <not-affected> (Vulnerable code not present)
 	[etch] - file <not-affected> (Vulnerable code not present)
 	NOTE: code introduced in 5.xx series
-CVE-2009-1512
+CVE-2009-1512 (Static code injection vulnerability in X-Forum 0.6.2 allows remote aut ...)
 	NOT-FOR-US: X-Forum
-CVE-2009-1511
+CVE-2009-1511 (GDI+ in Microsoft Windows XP SP3 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1510
+CVE-2009-1510 (Multiple directory traversal vulnerabilities in KoschtIT Image Gallery ...)
 	NOT-FOR-US: KoschtIT Image Gallery
-CVE-2009-1509
+CVE-2009-1509 (SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPorta ...)
 	NOT-FOR-US: MyioSoft AjaxPortal
-CVE-2009-1508
+CVE-2009-1508 (SQL injection vulnerability in the xforum_validateUser function in Com ...)
 	NOT-FOR-US: X-Forum
-CVE-2009-1507
+CVE-2009-1507 (The Node Access User Reference module 5.x before 5.x-2.0-beta4 and 6.x ...)
 	NOT-FOR-US: Node Access User Reference module for Drupal
-CVE-2009-1506
+CVE-2009-1506 (SQL injection vulnerability in classes/Xp.php in eLitius 1.0 allows re ...)
 	NOT-FOR-US: eLitius
-CVE-2009-1505
+CVE-2009-1505 (SQL injection vulnerability in the News Page module 5.x before 5.x-1.2 ...)
 	NOT-FOR-US: News Page module for Drupal
-CVE-2009-1504
+CVE-2009-1504 (Absolute Form Processor XE 1.5 allows remote attackers to bypass authe ...)
 	NOT-FOR-US: Absolute Form Processor XE
-CVE-2009-1503
+CVE-2009-1503 (Multiple SQL injection vulnerabilities in login.php in Tiger Document  ...)
 	NOT-FOR-US: Tiger Document Management System
-CVE-2009-1502
+CVE-2009-1502 (Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable an ...)
 	NOT-FOR-US: S-Cms
-CVE-2009-1501
+CVE-2009-1501 (Cross-site scripting (XSS) vulnerability in the Exif module 5.x-1.x be ...)
 	NOT-FOR-US: EXIF module for Drupal
-CVE-2009-1500
+CVE-2009-1500 (SQL injection vulnerability in index.php in ProjectCMS 1.0 Beta allows ...)
 	NOT-FOR-US: ProjectCMS
-CVE-2009-1499
+CVE-2009-1499 (SQL injection vulnerability in the MailTo (aka com_mailto) component i ...)
 	NOT-FOR-US: com_mailto component for Joomla!
-CVE-2009-1498
+CVE-2009-1498 (Directory traversal vulnerability in inc/profilemain.php in Game Maker ...)
 	NOT-FOR-US: Game Maker 2k Internet Discussion Boards
-CVE-2009-1497
+CVE-2009-1497 (Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Pla ...)
 	NOT-FOR-US: GOM Player
-CVE-2009-1496
+CVE-2009-1496 (Directory traversal vulnerability in the Cmi Marketplace (com_cmimarke ...)
 	NOT-FOR-US: com_cmimarketplace component for Joomla!
-CVE-2009-1495
+CVE-2009-1495 (Web File Explorer 3.1 stores sensitive information under the web root  ...)
 	NOT-FOR-US: Web File Explorer
-CVE-2009-1494
+CVE-2009-1494 (The process_stat function in Memcached 1.2.8 discloses memory-allocati ...)
 	- memcached 1.2.8-1 (low; bug #526554)
 	[lenny] - memcached <not-affected> (Affected compile-time options not set)
 	[etch] - memcached <not-affected> (Affected compile-time options not set)
-CVE-2009-1493
+CVE-2009-1493 (The customDictionaryOpen spell method in the JavaScript API in Adobe R ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1492
+CVE-2009-1492 (The getAnnots Doc method in the JavaScript API in Adobe Reader and Acr ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1491
+CVE-2009-1491 (McAfee GroupShield for Microsoft Exchange on Exchange Server 2000, and ...)
 	NOT-FOR-US: McAfee GroupShield for Microsoft Exchange
-CVE-2009-1490
+CVE-2009-1490 (Heap-based buffer overflow in Sendmail before 8.13.2 allows remote att ...)
 	- sendmail 8.13.2-0
 CVE-2009-XXXX [samba: Account locking out doesnt work with an LDAP backend]
 	- samba 2:3.2.6 (bug #514151)
 	[lenny] - samba 2:3.2.5-4lenny1
 	[etch] - samba <not-affected> (Bug not yet present in Etch's version)
-CVE-2009-1572
+CVE-2009-1572 (The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote atta ...)
 	{DSA-1788-1}
 	- quagga 0.99.11-2 (high; bug #526270)
 	[lenny] - quagga 0.99.10-1lenny2
 	[etch] - quagga <not-affected> (no AS4 code)
-CVE-2009-1489
+CVE-2009-1489 (includes/user.php in Fungamez RC1 allows remote attackers to bypass au ...)
 	NOT-FOR-US: Fungamez
-CVE-2009-1488
+CVE-2009-1488 (Directory traversal vulnerability in admin/load.php in FunGamez RC1 al ...)
 	NOT-FOR-US: Fungamez
-CVE-2009-1487
+CVE-2009-1487 (SQL injection vulnerability in pages/login.php in FunGamez RC1 allows  ...)
 	NOT-FOR-US: Fungamez
-CVE-2009-1486
+CVE-2009-1486 (Directory traversal vulnerability in pmscript.php in Flatchat 3.0 allo ...)
 	NOT-FOR-US: Flatchat
-CVE-2009-1485
+CVE-2009-1485 (The logging feature in eMule Plus before 1.2e allows remote attackers  ...)
 	NOT-FOR-US: eMule Plus
-CVE-2009-1484
+CVE-2009-1484 (Cross-site scripting (XSS) vulnerability in the web mail interface fea ...)
 	NOT-FOR-US: AXIGEN Mail Server
-CVE-2009-1483
+CVE-2009-1483 (Unrestricted file upload vulnerability in upload-file.php in Adam Patt ...)
 	NOT-FOR-US: Adam Patterson Studio Lounge Address Book
-CVE-2009-1482
+CVE-2009-1482 (Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFi ...)
 	{DSA-1791-1}
 	- moin 1.8.3-1 (low; bug #526594)
 	[etch] - moin <not-affected> (Not exploitable)
 	NOTE: http://hg.moinmo.in/moin/1.8/rev/5f51246a4df1
-CVE-2009-1481
+CVE-2009-1481 (SQL injection vulnerability in action.asp in PuterJam's Blog (PJBlog3) ...)
 	NOT-FOR-US: PuterJam's Blog
-CVE-2009-1480
+CVE-2009-1480 (SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remo ...)
 	NOT-FOR-US: Pragyan CMS
-CVE-2009-1479
+CVE-2009-1479 (Directory traversal vulnerability in client/desktop/default.htm in Box ...)
 	NOT-FOR-US: Boxalino
-CVE-2009-1478
+CVE-2009-1478 (Multiple unspecified vulnerabilities in the DTrace ioctl handlers in S ...)
 	NOT-FOR-US: Solaris
-CVE-2009-1477
+CVE-2009-1477 (The https web interfaces on the ATEN KH1516i IP KVM switch with firmwa ...)
 	NOT-FOR-US: ATEN IP KVM Switch
-CVE-2009-1476
+CVE-2009-1476 (Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter ( ...)
 	NOT-FOR-US: IPFilter
 CVE-2009-1475
 	RESERVED
-CVE-2009-1474
+CVE-2009-1474 (The ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP ...)
 	NOT-FOR-US: ATEN IP KVM Switch
-CVE-2009-1473
+CVE-2009-1473 (The (1) Windows and (2) Java client programs for the ATEN KH1516i IP K ...)
 	NOT-FOR-US: ATEN IP KVM Switch
-CVE-2009-1472
+CVE-2009-1472 (The Java client program for the ATEN KH1516i IP KVM switch with firmwa ...)
 	NOT-FOR-US: ATEN IP KVM Switch
 CVE-2009-1471
 	RESERVED
 CVE-2009-1470
 	RESERVED
-CVE-2009-1469
+CVE-2009-1469 (CRLF injection vulnerability in the Forgot Password implementation in  ...)
 	NOT-FOR-US: IceWarp
-CVE-2009-1468
+CVE-2009-1468 (Multiple SQL injection vulnerabilities in the search form in server/we ...)
 	NOT-FOR-US: IceWarp
-CVE-2009-1467
+CVE-2009-1467 (Multiple cross-site scripting (XSS) vulnerabilities in IceWarp eMail S ...)
 	NOT-FOR-US: IceWarp
-CVE-2009-1466
+CVE-2009-1466 (Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2)  ...)
 	NOT-FOR-US: Application Access Server (A-A-S)
-CVE-2009-1465
+CVE-2009-1465 (Application Access Server (A-A-S) 2.0.48 has "wildbat" as its default  ...)
 	NOT-FOR-US: Application Access Server (A-A-S)
-CVE-2009-1464
+CVE-2009-1464 (Multiple cross-site request forgery (CSRF) vulnerabilities in index.aa ...)
 	NOT-FOR-US: Application Access Server (A-A-S)
-CVE-2009-1463
+CVE-2009-1463 (Static code injection vulnerability in razorCMS before 0.4 allows remo ...)
 	NOT-FOR-US: razorCMS
-CVE-2009-1462
+CVE-2009-1462 (The Security Manager in razorCMS before 0.4 does not verify the permis ...)
 	NOT-FOR-US: razorCMS
-CVE-2009-1461
+CVE-2009-1461 (Cross-site scripting (XSS) vulnerability in the Create New Page form i ...)
 	NOT-FOR-US: razorCMS
-CVE-2009-1460
+CVE-2009-1460 (razorCMS before 0.4 uses weak permissions for (1) admin/core/admin_con ...)
 	NOT-FOR-US: razorCMS
-CVE-2009-1459
+CVE-2009-1459 (Cross-site request forgery (CSRF) vulnerability in razorCMS before 0.4 ...)
 	NOT-FOR-US: razorCMS
-CVE-2009-1458
+CVE-2009-1458 (Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php ...)
 	NOT-FOR-US: razorCMS
-CVE-2009-1457
+CVE-2009-1457 (Cross-site scripting (XSS) vulnerability in player.php in Nuke Evoluti ...)
 	NOT-FOR-US: Nuke Evolution Xtreme
-CVE-2009-1456
+CVE-2009-1456 (Directory traversal vulnerability in admin.php in Malleo 1.2.3 allows  ...)
 	NOT-FOR-US: Malleo
-CVE-2009-1455
+CVE-2009-1455 (Multiple cross-site request forgery (CSRF) vulnerabilities in WebColla ...)
 	NOT-FOR-US: WebCollab
-CVE-2009-1454
+CVE-2009-1454 (Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab bef ...)
 	NOT-FOR-US: WebCollab
-CVE-2009-1453
+CVE-2009-1453 (SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4 ...)
 	NOT-FOR-US: Tiny Blogr
-CVE-2009-1452
+CVE-2009-1452 (Multiple PHP remote file inclusion vulnerabilities in theme/format.php ...)
 	NOT-FOR-US: SMA-DB
-CVE-2009-1451
+CVE-2009-1451 (Cross-site scripting (XSS) vulnerability in startpage.php in SMA-DB 0. ...)
 	NOT-FOR-US: SMA-DB
-CVE-2009-1450
+CVE-2009-1450 (PHP remote file inclusion vulnerability in format.php in SMA-DB 0.3.12 ...)
 	NOT-FOR-US: SMA-DB
-CVE-2009-1449
+CVE-2009-1449 (Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka C ...)
 	NOT-FOR-US: CoolPlayer
-CVE-2009-1448
+CVE-2009-1448 (Cross-site scripting (XSS) vulnerability in apricot.php in LovPop.net  ...)
 	NOT-FOR-US: LovPop.net
-CVE-2009-1447
+CVE-2009-1447 (Unrestricted file upload vulnerability in admin/editor/image.php in e- ...)
 	NOT-FOR-US: e-cart.biz Free Shopping Car
-CVE-2009-1446
+CVE-2009-1446 (Unrestricted file upload vulnerability in upload.php in Elkagroup Imag ...)
 	NOT-FOR-US: Elkagroup Image Gallery
-CVE-2009-1445
+CVE-2009-1445 (Multiple directory traversal vulnerabilities in WebPortal CMS 0.8-beta ...)
 	NOT-FOR-US: WebPortal CMS
-CVE-2009-1444
+CVE-2009-1444 (PHP remote file inclusion vulnerability in indexk.php in WebPortal CMS ...)
 	NOT-FOR-US: WebPortal CMS
-CVE-2009-1443
+CVE-2009-1443 (Multiple unspecified vulnerabilities in the Server component in OCS In ...)
 	- ocsinventory-server 1.02-1 (unimportant)
 	NOTE: Only supported in trusted environments, see debtags
-CVE-2009-1442
+CVE-2009-1442 (Multiple integer overflows in Skia, as used in Google Chrome 1.x befor ...)
 	NOT-FOR-US: skia
-CVE-2009-1441
+CVE-2009-1441 (Heap-based buffer overflow in the ParamTraits&lt;SkBitmap&gt;::Read fu ...)
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-1439
+CVE-2009-1439 (Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.2 ...)
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-2 (bug #523365)
 	- linux-2.6.24 <removed>
-CVE-2009-1438
+CVE-2009-1438 (Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp ...)
 	{DSA-1851-1 DSA-1850-1}
 	- libmodplug 1:0.8.7-1 (low; bug #526657; bug #527076)
 	- gst-plugins-bad0.10 0.10.10.2-1 (bug #527075)
 	NOTE: gstreamer in unstable dynamically linked to external libmodplug
-CVE-2009-1437
+CVE-2009-1437 (Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka C ...)
 	NOT-FOR-US: CoolPlayer
-CVE-2009-1436
+CVE-2009-1436 (The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PREREL ...)
 	- kfreebsd-7 <not-affected> (Debian/kfreebsd uses glibc)
-CVE-2009-1435
+CVE-2009-1435 (NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 Patc ...)
 	NOT-FOR-US: Trend Micro OfficeScan
-CVE-2009-1434
+CVE-2009-1434 (Cross-site request forgery (CSRF) vulnerability in Foswiki before 1.0. ...)
 	- foswiki <itp> (bug #509864)
-CVE-2009-1433
+CVE-2009-1433 (SQL injection vulnerability in File::find (filesystem/File.php) in Sil ...)
 	NOT-FOR-US: SilverStripe
-CVE-2009-1432
+CVE-2009-1432 (Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corpora ...)
 	NOT-FOR-US: Symantec
-CVE-2009-1431
+CVE-2009-1431 (XFR.EXE in the Intel File Transfer service in the console in Symantec  ...)
 	NOT-FOR-US: Symantec
-CVE-2009-1430
+CVE-2009-1430 (Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Or ...)
 	NOT-FOR-US: Symantec
-CVE-2009-1429
+CVE-2009-1429 (The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management ...)
 	NOT-FOR-US: Symantec
-CVE-2009-1428
+CVE-2009-1428 (Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in ...)
 	NOT-FOR-US: Symantec
-CVE-2009-1427
+CVE-2009-1427 (Unspecified vulnerability in HP-UX B.11.31 allows local users to cause ...)
 	NOT-FOR-US: HP-UX
-CVE-2009-1426
+CVE-2009-1426 (Unspecified vulnerability on HP ProLiant DL and ML 100 Series G5, G5p, ...)
 	NOT-FOR-US: HP ProLiant
-CVE-2009-1425
+CVE-2009-1425 (Unspecified vulnerability in HP ProCurve Threat Management Services zl ...)
 	NOT-FOR-US: HP ProCurve
-CVE-2009-1424
+CVE-2009-1424 (Unspecified vulnerability in HP ProCurve Threat Management Services zl ...)
 	NOT-FOR-US: HP ProCurve
-CVE-2009-1423
+CVE-2009-1423 (Unspecified vulnerability in HP ProCurve Threat Management Services zl ...)
 	NOT-FOR-US: HP ProCurve
-CVE-2009-1422
+CVE-2009-1422 (Unspecified vulnerability in HP ProCurve Threat Management Services zl ...)
 	NOT-FOR-US: HP ProCurve
-CVE-2009-1421
+CVE-2009-1421 (Unspecified vulnerability in NFS / ONCplus B.11.31_06 and B.11.31_07 o ...)
 	NOT-FOR-US: ONCplus on HP HP-UX
-CVE-2009-1420
+CVE-2009-1420 (Stack-based buffer overflow in rping in HP OpenView Network Node Manag ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-1419
+CVE-2009-1419 (Unspecified vulnerability in HP Discovery &amp; Dependency Mapping Inv ...)
 	NOT-FOR-US: HP Discovery & Dependency Mapping Inventory
-CVE-2009-1418
+CVE-2009-1418 (Cross-site scripting (XSS) vulnerability in HP System Management Homep ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2009-1417
+CVE-2009-1417 (gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and e ...)
 	- gnutls26 2.6.6-1 (low; bug #528281)
 	[lenny] - gnutls26 <no-dsa> (Minor issue, explicitly labeled as a test program)
 	- gnutls13 <removed>
 	[etch] - gnutls13 <no-dsa> (Minor issue, explicitly labeled as a test program)
-CVE-2009-1416
+CVE-2009-1416 (lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates R ...)
 	- gnutls26 2.6.6-1 (medium)
 	- gnutls13 <removed>
 	[lenny] - gnutls26 <not-affected> (Vulnerable code not present, only affects 2.6.x)
 	[etch] - gnutls13 <not-affected> (Vulnerable code not present, only affects 2.6.x)
-CVE-2009-1415
+CVE-2009-1415 (lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not proper ...)
 	- gnutls26 2.6.6-1 (medium)
 	- gnutls13 <removed>
 	[lenny] - gnutls26 <not-affected> (Vulnerable code not present)
 	[etch] - gnutls26 <not-affected> (Vulnerable code not present)
 	[etch] - gnutls13 <not-affected> (Vulnerable code not present, only affects 2.6.x)
-CVE-2009-1414
+CVE-2009-1414 (Google Chrome 2.0.x lets modifications to the global object persist ac ...)
 	- chromium-browser <not-affected> (Only 2.x is affected)
 	- webkit <not-affected> (doesn't have a 'chromehtml' handler)
-CVE-2009-1413
+CVE-2009-1413 (Google Chrome 1.0.x does not cancel timeouts upon a page transition, w ...)
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (doesn't have a 'chromehtml' handler)
-CVE-2009-1412
+CVE-2009-1412 (Argument injection vulnerability in the chromehtml: protocol handler i ...)
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (doesn't have a 'chromehtml' handler)
 CVE-2009-XXXX [iodine: DoS against iodined triggerable by authenticated users]
@@ -9954,447 +9954,447 @@ CVE-2009-1396
 	RESERVED
 CVE-2009-1395
 	RESERVED
-CVE-2009-1394
+CVE-2009-1394 (Stack-based buffer overflow in Motorola Timbuktu Pro 8.6.5 on Windows  ...)
 	NOT-FOR-US: Motorola Timbuktu Pro
 CVE-2009-1393
 	RESERVED
-CVE-2009-1392
+CVE-2009-1392 (The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird bef ...)
 	{DSA-1830-1 DSA-1820-1}
 	- xulrunner 1.9.0.11-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-1391
+CVE-2009-1391 (Off-by-one error in the inflate function in Zlib.xs in Compress::Raw:: ...)
 	- perl 5.10.0-23 (low; bug #532736)
 	[etch] - perl <not-affected> (Doesn't yet include Compress-Raw-Zlib)
 	- libcompress-raw-zlib-perl 2.015-2 (low; bug #532738)
 	[lenny] - libcompress-raw-zlib-perl 2.012-1lenny1
 	[lenny] - perl 5.10.0-19lenny1
-CVE-2009-1390
+CVE-2009-1390 (Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) GnuTL ...)
 	- mutt 1.5.20-1
 	[lenny] - mutt <not-affected> (Affected code was introduced in 1.5.19)
 	[etch] - mutt <not-affected> (Affected code was introduced in 1.5.19)
 	[squeeze] - mutt <not-affected> (Affected code was introduced in 1.5.19)
-CVE-2009-1389
+CVE-2009-1389 (Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the ...)
 	{DSA-1865-1 DSA-1844-1}
 	- linux-2.6 2.6.26-16 (high; bug #532376)
 	- linux-2.6.24 <removed>
 	NOTE: potential for kernel memory corruption by remote attacker
-CVE-2009-1388
+CVE-2009-1388 (The ptrace_start function in kernel/ptrace.c in the Linux kernel 2.6.1 ...)
 	- linux-2.6 <not-affected> (problem in redhat-specific kernel patches)
 	- linux-2.6.24 <not-affected> (problem in redhat-specific kernel patches)
-CVE-2009-1387
+CVE-2009-1387 (The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in Open ...)
 	- openssl 0.9.8k-2 (low; bug #532037)
 	[lenny] - openssl 0.9.8g-15+lenny3
 	[etch] - openssl 0.9.8c-4etch9
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
-CVE-2009-1386
+CVE-2009-1386 (ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause ...)
 	- openssl 0.9.8k-1 (low; bug #532037)
 	[lenny] - openssl 0.9.8g-15+lenny3
 	[etch] - openssl 0.9.8c-4etch9
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
-CVE-2009-1385
+CVE-2009-1385 (Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1 ...)
 	{DSA-1865-1 DSA-1844-1}
 	- linux-2.6 2.6.26-16 (low; bug #532721)
 	- linux-2.6.24 <removed>
-CVE-2009-1384
+CVE-2009-1384 (pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux (RH ...)
 	- libpam-krb5 <not-affected> (different code base than Debian's libpam-krb5)
-CVE-2009-1383
+CVE-2009-1383 (The getdirective function in mathtex.cgi in mathTeX, when downloaded b ...)
 	- mathtex 1.03-1 (medium; bug #537258)
-CVE-2009-1382
+CVE-2009-1382 (Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when  ...)
 	{DSA-1917-1}
 	- mimetex 1.50-1.1 (medium; bug #537254)
-CVE-2009-1381
+CVE-2009-1381 (The map_yp_alias function in functions/imap_general.php in SquirrelMai ...)
 	{DSA-1802-2}
 	- squirrelmail 2:1.4.19-1
-CVE-2009-1380
+CVE-2009-1380 (Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in  ...)
 	- jbossas4 4.2.2.GA-1 (bug #562000)
 	[lenny] - jbossas4 <no-dsa> (Contrib not supported)
-CVE-2009-1379
+CVE-2009-1379 (Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment f ...)
 	- openssl 0.9.8k-1 (low; bug #530400)
 	[lenny] - openssl 0.9.8g-15+lenny3
 	[etch] - openssl 0.9.8c-4etch9
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
-CVE-2009-1378
+CVE-2009-1378 (Multiple memory leaks in the dtls1_process_out_of_seq_message function ...)
 	- openssl 0.9.8k-1 (low; bug #530400)
 	[lenny] - openssl 0.9.8g-15+lenny3
 	[etch] - openssl 0.9.8c-4etch9
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
-CVE-2009-1377
+CVE-2009-1377 (The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and ...)
 	- openssl 0.9.8k-1 (low; bug #530400)
 	[lenny] - openssl 0.9.8g-15+lenny3
 	[etch] - openssl 0.9.8c-4etch9
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
-CVE-2009-1376
+CVE-2009-1376 (Multiple integer overflows in the msn_slplink_process_msg functions in ...)
 	{DSA-1805-1}
 	- pidgin 2.5.6-1
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (Only a transitional package)
-CVE-2009-1375
+CVE-2009-1375 (The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2 ...)
 	{DSA-1805-1}
 	- pidgin 2.5.6-1
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (Only a transitional package)
-CVE-2009-1374
+CVE-2009-1374 (Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim)  ...)
 	- pidgin 2.5.6-1
 	[lenny] - pidgin <not-affected> (QQ support not yet present)
 	- gaim <not-affected> (QQ support not yet present)
-CVE-2009-1373
+CVE-2009-1373 (Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (former ...)
 	{DSA-1805-1}
 	- pidgin 2.5.6-1
 	- gaim <removed>
 	[lenny] - gaim <not-affected> (Only a transitional package)
-CVE-2009-1365
+CVE-2009-1365 (Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0 ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2009-1364
+CVE-2009-1364 (Use-after-free vulnerability in the embedded GD library in libwmf 0.2. ...)
 	{DSA-1796-1}
 	- libwmf 0.2.8.4-6.1 (low; bug #526434)
 CVE-2009-1363
 	RESERVED
-CVE-2009-1360
+CVE-2009-1360 (The __inet6_check_established function in net/ipv6/inet6_hashtables.c  ...)
 	- linux-2.6 2.6.29-1 (low; bug #529342)
 	[etch] - linux-2.6 <not-affected> (Introduced in 2.6.27)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.27)
 	- linux-2.6.24 <not-affected> (Introduced in 2.6.27)
-CVE-2009-1411
+CVE-2009-1411 (SQL injection vulnerability in events/inc/events.inc.php in the Events ...)
 	NOT-FOR-US: Seditio CMS
-CVE-2009-1410
+CVE-2009-1410 (SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows  ...)
 	NOT-FOR-US: Quick.Cms.Lite
-CVE-2009-1409
+CVE-2009-1409 (SQL injection vulnerability in usersettings.php in e107 0.7.15 and ear ...)
 	NOT-FOR-US: e107
-CVE-2009-1408
+CVE-2009-1408 (Cross-site scripting (XSS) vulnerability in webSPELL 4.2.0c allows rem ...)
 	NOT-FOR-US: webSPELL
-CVE-2009-1407
+CVE-2009-1407 (Directory traversal vulnerability in config.php in NotFTP 1.3.1 allows ...)
 	NOT-FOR-US: NotFTP
-CVE-2009-1406
+CVE-2009-1406 (Directory traversal vulnerability in cms_detect.php in TotalCalendar 2 ...)
 	NOT-FOR-US: TotalCalendar
-CVE-2009-1405
+CVE-2009-1405 (Directory traversal vulnerability in index.php in PastelCMS 0.8.0, whe ...)
 	NOT-FOR-US: PastelCMS
-CVE-2009-1404
+CVE-2009-1404 (SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magi ...)
 	NOT-FOR-US: PastelCMS
-CVE-2009-1403
+CVE-2009-1403 (SQL injection vulnerability in product_info.php in CRE Loaded 6.2 allo ...)
 	NOT-FOR-US: CRE Loaded
-CVE-2009-1370
+CVE-2009-1370 (Stack-based buffer overflow in ape_plugin.plg in Xilisoft Video Conver ...)
 	NOT-FOR-US: Xilisoft Video Converter
-CVE-2009-1369
+CVE-2009-1369 (moziloCMS 1.11 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: moziloCMS
-CVE-2009-1368
+CVE-2009-1368 (Directory traversal vulnerability in index.php in moziloCMS 1.11 allow ...)
 	NOT-FOR-US: moziloCMS
-CVE-2009-1367
+CVE-2009-1367 (Cross-site scripting (XSS) vulnerability in index.php in moziloCMS 1.1 ...)
 	NOT-FOR-US: moziloCMS
-CVE-2009-1366
+CVE-2009-1366 (Cross-site scripting (XSS) vulnerability in Website\admin\Sales\paypal ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2009-1362
+CVE-2009-1362 (SQL injection vulnerability in administration/index.php in chCounter 3 ...)
 	NOT-FOR-US: chCounter
-CVE-2009-1361
+CVE-2009-1361 (dig.php in GScripts.net DNS Tools allows remote attackers to execute a ...)
 	NOT-FOR-US: GScripts.net DNS Tools
-CVE-2009-1359
+CVE-2009-1359 (Unspecified vulnerability in the SCTP sockets implementation in Sun Op ...)
 	NOT-FOR-US: Sun OpenSolaris
-CVE-2009-1357
+CVE-2009-1357 (CRLF injection vulnerability in da/DA/Login in Sun Java System Delegat ...)
 	NOT-FOR-US: Sun Java System Delegated Administrator
-CVE-2009-1356
+CVE-2009-1356 (Stack-based buffer overflow in Elecard AVC HD Player allows remote att ...)
 	NOT-FOR-US: Elecard AVC HD Player
-CVE-2009-1355
+CVE-2009-1355 (Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 al ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-1354
+CVE-2009-1354 (Directory traversal vulnerability in Mongoose 2.4 allows remote attack ...)
 	NOT-FOR-US: Mongoose
-CVE-2009-1353
+CVE-2009-1353 (Buffer overflow in the http_parse_hex function in libz/misc.c in Zervi ...)
 	NOT-FOR-US: Zervit Webserver
-CVE-2009-1352
+CVE-2009-1352 (Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote  ...)
 	NOT-FOR-US: PowerCHM
-CVE-2009-1351
+CVE-2009-1351 (Heap-based buffer overflow in Apollo 37zz allows remote attackers to c ...)
 	NOT-FOR-US: Apollo 37zz
-CVE-2009-1350
+CVE-2009-1350 (Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client  ...)
 	NOT-FOR-US: Novell NetIdentity Client
-CVE-2009-1349
+CVE-2009-1349 (Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 allow ...)
 	NOT-FOR-US: C2Net Stronghold
-CVE-2009-1358
+CVE-2009-1358 (apt-get in apt before 0.7.21 does not check for the correct error code ...)
 	{DSA-1779-1 DTSA-199-1}
 	- apt 0.7.21 (bug #433091)
-CVE-2009-1440
+CVE-2009-1440 (Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2. ...)
 	{DSA-1821-1}
 	- amule 2.2.5-1.1 (low; bug #525078)
 	[etch] - amule <not-affected> (Doesn't support preview of complete files, which is the vulnerable part)
-CVE-2009-1348
+CVE-2009-1348 (The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, I ...)
 	NOT-FOR-US: Various AV junk
-CVE-2009-1347
+CVE-2009-1347 (Multiple SQL injection vulnerabilities in stats/index.php in chCounter ...)
 	NOT-FOR-US: chCounter
-CVE-2009-1346
+CVE-2009-1346 (SQL injection vulnerability in publico/ficha.php in NetHoteles 3.0 all ...)
 	NOT-FOR-US: NetHoteles
-CVE-2009-1345
+CVE-2009-1345 (SQL injection vulnerability in document.php in cpCommerce 1.2.8 allows ...)
 	NOT-FOR-US: cpCommerce
-CVE-2009-1344
+CVE-2009-1344 (Cross-site scripting (XSS) vulnerability in the Localization client mo ...)
 	NOT-FOR-US: Localization client for drupal
-CVE-2009-1343
+CVE-2009-1343 (Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e- ...)
 	NOT-FOR-US: Print module for Drupal
-CVE-2009-1342
+CVE-2009-1342 (Cross-site scripting (XSS) vulnerability in the CCK comment reference  ...)
 	NOT-FOR-US: CCK comment module for Drupal
 CVE-2009-XXXX [git-core in Debian has non-root-owned files under /usr]
 	- git-core 1:1.6.2.1-1 (bug #516669)
 	[lenny] - git-core 1:1.5.6.5-3+lenny3.2
 	NOTE: fixed accidently through spu
-CVE-2009-1341
+CVE-2009-1341 (Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (a ...)
 	{DSA-1780-1}
 	- libdbd-pg-perl 2.1.3-1
 CVE-2009-1340
 	RESERVED
-CVE-2009-1339
+CVE-2009-1339 (Cross-site request forgery (CSRF) vulnerability in TWiki before 4.3.1  ...)
 	- twiki <removed> (bug #526258)
 	NOTE: We should probably request removal from unstable, replaced by foswiki
-CVE-2009-1338
+CVE-2009-1338 (The kill_something_info function in kernel/signal.c in the Linux kerne ...)
 	{DSA-1800-1 DSA-1787-1}
 	- linux-2.6 2.6.29-1
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2009-1337
+CVE-2009-1337 (The exit_notify function in kernel/exit.c in the Linux kernel before 2 ...)
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-5
 	- linux-2.6.24 <removed>
-CVE-2009-1336
+CVE-2009-1336 (fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly in ...)
 	{DSA-1794-1}
 	- linux-2.6 2.6.23-1
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2009-1335
+CVE-2009-1335 (Microsoft Internet Explorer 7 and 8 on Windows XP and Vista allows rem ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-1334
+CVE-2009-1334 (Cross-site scripting (XSS) vulnerability in login/FilepathLogin.html i ...)
 	NOT-FOR-US: IBM Tivoli Continuous Data Protection
-CVE-2009-1333
+CVE-2009-1333 (Cross-site scripting (XSS) vulnerability in refresh_rate.htm in the we ...)
 	NOT-FOR-US: HP Deskjet
-CVE-2009-1332
+CVE-2009-1332 (The Online Help feature in Sun Java System Directory Server 5.2 and En ...)
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2009-1331
+CVE-2009-1331 (Integer overflow in Microsoft Windows Media Player (WMP) 11.0.5721.526 ...)
 	NOT-FOR-US: Windows Media Player
 CVE-2009-XXXX [pptp-linux: unrestrictive pptpsetup permissions]
 	- pptp-linux 1.7.2-3 (low; bug #523476)
 	[lenny] - pptp-linux <no-dsa> (Minor issue)
 	[etch] - pptp-linux <no-dsa> (Minor issue)
-CVE-2009-1330
+CVE-2009-1330 (Stack-based buffer overflow in Easy RM to MP3 Converter allows remote  ...)
 	NOT-FOR-US: Easy RM to MP3 Converter
-CVE-2009-1329
+CVE-2009-1329 (Stack-based buffer overflow in Mini-stream Shadow Stream Recorder 3.0. ...)
 	NOT-FOR-US: Mini-stream
-CVE-2009-1328
+CVE-2009-1328 (Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 al ...)
 	NOT-FOR-US: Mini-stream
-CVE-2009-1327
+CVE-2009-1327 (Stack-based buffer overflow in Mini-stream WM Downloader 3.0.0.9 allow ...)
 	NOT-FOR-US: Mini-stream
-CVE-2009-1326
+CVE-2009-1326 (Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allow ...)
 	NOT-FOR-US: Mini-stream
-CVE-2009-1325
+CVE-2009-1325 (Stack-based buffer overflow in Mini-stream Ripper 3.0.1.1 allows remot ...)
 	NOT-FOR-US: Mini-stream
-CVE-2009-1324
+CVE-2009-1324 (Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0. ...)
 	NOT-FOR-US: Mini-stream
-CVE-2009-1323
+CVE-2009-1323 (SQL injection vulnerability in body.asp in Web File Explorer 3.1 allow ...)
 	NOT-FOR-US: Web File Explorer
-CVE-2009-1322
+CVE-2009-1322 (ASP Product Catalog 1.0 stores sensitive information under the web roo ...)
 	NOT-FOR-US: ASP Product Catalog
-CVE-2009-1321
+CVE-2009-1321 (Cross-site scripting (XSS) vulnerability in search.asp in ASP Product  ...)
 	NOT-FOR-US: ASP Product Catalog
-CVE-2009-1320
+CVE-2009-1320 (Multiple cross-site scripting (XSS) vulnerabilities in include/zstore. ...)
 	NOT-FOR-US: Zazzle Store Builder
-CVE-2009-1319
+CVE-2009-1319 (Directory traversal vulnerability in includes/ini.inc.php in GuestCal  ...)
 	NOT-FOR-US: GuestCal
-CVE-2009-1318
+CVE-2009-1318 (Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 ...)
 	NOT-FOR-US: Jamroom
-CVE-2009-1317
+CVE-2009-1317 (Multiple SQL injection vulnerabilities in Aqua CMS 1.1, when magic_quo ...)
 	NOT-FOR-US: Aqua CMS
-CVE-2009-1316
+CVE-2009-1316 (Multiple SQL injection vulnerabilities in AbleSpace 1.0 allow remote a ...)
 	NOT-FOR-US: AbleSpace
-CVE-2009-1315
+CVE-2009-1315 (Multiple cross-site scripting (XSS) vulnerabilities in AbleSpace 1.0 a ...)
 	NOT-FOR-US: Ablespace
-CVE-2009-1314
+CVE-2009-1314 (body.asp in Web File Explorer 3.1 allows remote attackers to create ar ...)
 	NOT-FOR-US: Web File Explorer
-CVE-2009-1313
+CVE-2009-1313 (The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameTh ...)
 	- xulrunner 1.9.0.10-1 (low)
 	[etch] - xulrunner <not-affected> (introduced in 1.9.0.9)
 	[lenny] - xulrunner <not-affected> (introduced in 1.9.0.9)
-CVE-2009-1312
+CVE-2009-1312 (Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascr ...)
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer <unfixed> (unimportant)
 	NOTE: kompozer shares the browser engine with Firefox, but JavaScript is not enabled
-CVE-2009-1311
+CVE-2009-1311 (Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-as ...)
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer 1:0.8~alpha2+dfsg+svn129-3
-CVE-2009-1310
+CVE-2009-1310 (Cross-site scripting (XSS) vulnerability in the MozSearch plugin imple ...)
 	{DSA-1886-1}
 	- iceweasel 3.0.9-1
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1309
+CVE-2009-1309 (Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not proper ...)
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer <unfixed> (unimportant)
 	NOTE: kompozer shares the browser engine with Firefox, but JavaScript is not enabled
-CVE-2009-1308
+CVE-2009-1308 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0 ...)
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1307
+CVE-2009-1307 (The view-source: URI implementation in Mozilla Firefox before 3.0.9, T ...)
 	{DSA-1830-1 DSA-1797-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1306
+CVE-2009-1306 (The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbi ...)
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1305
+CVE-2009-1305 (The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird bef ...)
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer <unfixed> (unimportant)
 	NOTE: kompozer shares the browser engine with Firefox, but JavaScript is not enabled
-CVE-2009-1304
+CVE-2009-1304 (The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird ...)
 	{DSA-1797-1}
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1303
+CVE-2009-1303 (The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before ...)
 	{DSA-1830-1 DSA-1797-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1302
+CVE-2009-1302 (The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird be ...)
 	{DSA-1830-1 DSA-1797-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-1301
+CVE-2009-1301 (Integer signedness error in the store_id3_text function in the ID3v2 c ...)
 	- mpg123 1.7.2-1 (low)
 	[etch] - mpg123 <no-dsa> (Minor issue)
 	[lenny] - mpg123 <no-dsa> (Minor issue)
 	NOTE: http://secunia.com/advisories/34587/3/
 	NOTE: unlike secunia states I can't see that this allows code execution but is just an invalid read
 	NOTE: crashing the application
-CVE-2009-1300
+CVE-2009-1300 (apt 0.7.20 does not check when the date command returns an "invalid da ...)
 	{DSA-1779-1 DTSA-199-1}
 	- apt 0.7.21 (bug #523213)
-CVE-2009-1299
+CVE-2009-1299 (The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 an ...)
 	{DSA-2017-1}
 	- pulseaudio 0.9.21-1.1 (bug #573615)
-CVE-2009-1298
+CVE-2009-1298 (The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux kern ...)
 	{DTSA-204-1}
 	- linux-2.6 2.6.32-1 (low)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.29)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.29)
 	- linux-2.6.24 <not-affected> (introduced in 2.6.29)
-CVE-2009-1297
+CVE-2009-1297 (iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and S ...)
 	- open-iscsi 2.0.871-1 (low; bug #547011)
 	[lenny] - open-iscsi 2.0.870~rc3-0.4.1
 	[etch] - open-iscsi <not-affected> (Vulnerable script not yet present)
-CVE-2009-1296
+CVE-2009-1296 (The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubunt ...)
 	- ecryptfs-utils 75-2 (unimportant; bug #532372)
 	NOTE: this is a non-issue as the debian installer doesn't support per user
 	NOTE: encrypted home directories with ecryptfs, so no passphrase is stored in the
 	NOTE: installer logs on disk
-CVE-2009-1295
+CVE-2009-1295 (Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.1 ...)
 	[experimental] - apport <not-affected> (Fixed before initial upload into Debian)
-CVE-2009-1294
+CVE-2009-1294 (Multiple cross-site scripting (XSS) vulnerabilities in web/guest/home  ...)
 	NOT-FOR-US: Novell Teaming
-CVE-2009-1293
+CVE-2009-1293 (The web login functionality (c/portal/login) in Novell Teaming 1.0 thr ...)
 	NOT-FOR-US: Novell Teaming
-CVE-2009-1292
+CVE-2009-1292 (UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x befor ...)
 	NOT-FOR-US: ClearCase
-CVE-2009-1371
+CVE-2009-1371 (The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95. ...)
 	{DSA-1771-1}
 	- clamav 0.95.1+dfsg-1
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=1552
-CVE-2009-1372
+CVE-2009-1372 (Stack-based buffer overflow in the cli_url_canon function in libclamav ...)
 	- clamav 0.95.1+dfsg-1
 	[etch] - clamav <not-affected> (vulnerable code not present)
 	[lenny] - clamav <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=1552
-CVE-2009-1291
+CVE-2009-1291 (Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartS ...)
 	NOT-FOR-US: SmartSockets
-CVE-2009-1290
+CVE-2009-1290 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web  ...)
 	NOT-FOR-US: IBM BladeCenter
-CVE-2009-1289
+CVE-2009-1289 (private/login.ssi in the Advanced Management Module (AMM) on the IBM B ...)
 	NOT-FOR-US: IBM BladeCenter
-CVE-2009-1288
+CVE-2009-1288 (Multiple cross-site scripting (XSS) vulnerabilities in the Advanced Ma ...)
 	NOT-FOR-US: IBM BladeCenter
-CVE-2009-1287
+CVE-2009-1287 (Cross-site scripting (XSS) vulnerability in Cisco Subscriber Edge Serv ...)
 	NOT-FOR-US: Cisco Subscriber Edge Services Manager
-CVE-2009-1286
+CVE-2009-1286 (The IMAP task in the server in IBM Lotus Domino 8.0.2 before FP1 IF1 a ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2009-1285
+CVE-2009-1285 (Static code injection vulnerability in the getConfigFile function in s ...)
 	- phpmyadmin 4:3.1.3.2-1 (unimportant; bug #524804)
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2009-1284
+CVE-2009-1284 (Buffer overflow in BibTeX 0.99 allows context-dependent attackers to c ...)
 	- texlive-bin 2009-1 (low; bug #520920)
 	[etch] - texlive-bin <no-dsa> (Minor issue)
 	[lenny] - texlive-bin 2007.dfsg.2-4+lenny2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=492136
-CVE-2009-1283
+CVE-2009-1283 (glFusion before 1.1.3 performs authentication with a user-provided pas ...)
 	NOT-FOR-US: glFusion
-CVE-2009-1282
+CVE-2009-1282 (SQL injection vulnerability in private/system/lib-session.php in glFus ...)
 	NOT-FOR-US: glFusion
-CVE-2009-1281
+CVE-2009-1281 (Cross-site scripting (XSS) vulnerability in glFusion before 1.1.3 allo ...)
 	NOT-FOR-US: glFusion
-CVE-2009-1280
+CVE-2009-1280 (Multiple cross-site request forgery (CSRF) vulnerabilities in the com_ ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-1279
+CVE-2009-1279 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 thr ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-1278
+CVE-2009-1278 (Static code injection vulnerability in forms/ajax/configure.php in Gra ...)
 	NOT-FOR-US: Gravity Board
-CVE-2009-1277
+CVE-2009-1277 (SQL injection vulnerability in index.php in Gravity Board X (GBX) 2.0  ...)
 	NOT-FOR-US: Gravity Board
-CVE-2009-1276
+CVE-2009-1276 (XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Sol ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-1275
+CVE-2009-1275 (Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other prod ...)
 	- tiles 2.2.0-1
-CVE-2009-1273
+CVE-2009-1273 (pam_ssh 1.92 and possibly other versions, as used when PAM is compiled ...)
 	- libpam-ssh 1.92-7 (low; bug #535877)
 	[etch] - libpam-ssh <no-dsa> (Minor issue)
 	[lenny] - libpam-ssh 1.91.0-9.3+lenny1
-CVE-2009-1272
+CVE-2009-1272 (The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x befo ...)
 	{DTSA-188-1}
 	- php5 5.2.6.dfsg.1-3
 	[etch] - php5 <not-affected> (this is caused by the fix for CVE-2008-5658, which was not applied to php4)
 	- php4 <not-affected> (this is caused by the fix for CVE-2008-5658, which was not applied to php4)
-CVE-2009-1271
+CVE-2009-1271 (The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before  ...)
 	{DSA-1789-1 DSA-1775-1}
 	- php5 5.2.9.dfsg.1-1
 	- php4 <not-affected> (the JSON extension was introduced in php5.2)
 	- php-json-ext <unfixed>
-CVE-2009-1269
+CVE-2009-1269 (Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows rem ...)
 	{DSA-1785-1}
 	- wireshark 1.0.7-1 (low)
 	[etch] - wireshark <not-affected> (Vulnerable code not present; introduced in 0.99.6)
-CVE-2009-1268
+CVE-2009-1268 (The Check Point High-Availability Protocol (CPHAP) dissector in Wiresh ...)
 	{DSA-1785-1}
 	- wireshark 1.0.7-1 (low)
 	[etch] - wireshark 0.99.4-5.etch.4
-CVE-2009-1267
+CVE-2009-1267 (Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 th ...)
 	- wireshark <not-affected> (Only affects Wireshark on Windows)
-CVE-2009-1266
+CVE-2009-1266 (Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact ...)
 	NOTE: Dupe of CVE-2009-1210
-CVE-2009-1265
+CVE-2009-1265 (Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kern ...)
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-4
 	- linux-2.6.24 <removed>
-CVE-2009-1264
+CVE-2009-1264 (Frontend User Registration (sr_feuser_register) extension 2.5.20 and e ...)
 	NOT-FOR-US: Frontend User Registration (sr_feuser_register) extension
-CVE-2009-1263
+CVE-2009-1263 (SQL injection vulnerability in sub_commententry.php in the BookJoomlas ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-1262
+CVE-2009-1262 (Format string vulnerability in Fortinet FortiClient 3.0.614, and possi ...)
 	NOT-FOR-US: Fortinet FortiClient
-CVE-2009-1261
+CVE-2009-1261 (Multiple cross-site scripting (XSS) vulnerabilities in Web Help Desk 9 ...)
 	NOT-FOR-US: Web Help Desk
-CVE-2009-1260
+CVE-2009-1260 (Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earli ...)
 	NOT-FOR-US: UltraISO
-CVE-2009-1259
+CVE-2009-1259 (SQL injection vulnerability in inc/bb/topic.php in Insane Visions Adap ...)
 	NOT-FOR-US: Insane Visions AdaptBB
-CVE-2009-1258
+CVE-2009-1258 (SQL injection vulnerability in the RD-Autos (com_rdautos) component 1. ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-1257
+CVE-2009-1257 (Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows re ...)
 	NOT-FOR-US: Magic ISO Maker
-CVE-2009-1256
+CVE-2009-1256 (SQL injection vulnerability in FlexCMS 2.5 allows remote attackers to  ...)
 	NOT-FOR-US: FlexCMS
-CVE-2009-1255
+CVE-2009-1255 (The process_stat function in (1) Memcached before 1.2.8 and (2) Memcac ...)
 	- memcached 1.2.8-1 (low)
 	[etch] - memcached <no-dsa> (Minor issue)
 	[lenny] - memcached <no-dsa> (Minor issue)
@@ -10403,183 +10403,183 @@ CVE-2009-1255
 	[squeeze] - memcachedb <no-dsa> (Minor issue)
 	NOTE: why are weaknesses in security hardening features like ASLR considered minor?
 	NOTE: even though this is not directly a vulnerability itself, part of this application's armor is now missing; making it easier for unknown vulnerabilities to be effective.
-CVE-2009-1270
+CVE-2009-1270 (libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cau ...)
 	{DSA-1771-1}
 	- clamav 0.95.1+dfsg-1 (medium; bug #523016)
-CVE-2009-1254
+CVE-2009-1254 (James Stone Tunapie 2.1 allows remote attackers to execute arbitrary c ...)
 	{DSA-1764-1}
 	- tunapie 2.1.17-1
-CVE-2009-1253
+CVE-2009-1253 (James Stone Tunapie 2.1 allows local users to overwrite arbitrary file ...)
 	{DSA-1764-1}
 	- tunapie 2.1.17-1
-CVE-2009-1252
+CVE-2009-1252 (Stack-based buffer overflow in the crypto_recv function in ntp_crypto. ...)
 	{DSA-1801-1}
 	- ntp 1:4.2.4p6+dfsg-2 (high; bug #525373)
 	NOTE: VU#853097
-CVE-2009-1251
+CVE-2009-1251 (Heap-based buffer overflow in the cache manager in the client in OpenA ...)
 	{DSA-1768-1}
 	- openafs 1.4.10+dfsg1-1
-CVE-2009-1250
+CVE-2009-1250 (The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 ...)
 	{DSA-1768-1}
 	- openafs 1.4.10+dfsg1-1
 	[etch] - openafs 1.4.2-6etch3
-CVE-2009-1249
+CVE-2009-1249 (Cross-site scripting (XSS) vulnerability in Feed element mapper 5.x be ...)
 	NOT-FOR-US: Feed element mapper for Drupal
-CVE-2009-1248
+CVE-2009-1248 (Multiple PHP remote file inclusion vulnerabilities in Acute Control Pa ...)
 	NOT-FOR-US: Acute Control Panel
-CVE-2009-1247
+CVE-2009-1247 (SQL injection vulnerability in login.php in Acute Control Panel 1.0.0  ...)
 	NOT-FOR-US: Acute Control Panel
-CVE-2009-1246
+CVE-2009-1246 (Multiple directory traversal vulnerabilities in Blogplus 1.0 allow rem ...)
 	NOT-FOR-US: Blogplus
-CVE-2009-1245
+CVE-2009-1245 (Multiple SQL injection vulnerabilities in the insert_to_pastebin funct ...)
 	NOT-FOR-US: CCCP Community Clan Portal Pastebin
-CVE-2009-1244
+CVE-2009-1244 (Unspecified vulnerability in the virtual machine display function in V ...)
 	NOT-FOR-US: VMware
-CVE-2009-1243
+CVE-2009-1243 (net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an unlocki ...)
 	- linux-2.6 <not-affected> (Issue was introduced after 2.6.27 release)
 	- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.27 release)
-CVE-2009-1242
+CVE-2009-1242 (The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementati ...)
 	{DSA-1800-1 DSA-1787-1}
 	- linux-2.6 2.6.30-1
 	[etch] - linux-2.6 <not-affected> (Doesn't include KVM yet)
 	- linux-2.6.24 <removed>
-CVE-2009-1241
+CVE-2009-1241 (Unspecified vulnerability in ClamAV before 0.95 allows remote attacker ...)
 	- clamav 0.95+dfsg-1 (medium; bug #526042)
 	[etch] - clamav <not-affected> (debian package does not use the rar code in clamav at the current time)
 	[lenny] - clamav <not-affected> (debian package does not use the rar code in clamav at the current time)
-CVE-2009-1240
+CVE-2009-1240 (Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081 ...)
 	NOT-FOR-US: IBM Proventia
-CVE-2009-1239
+CVE-2009-1239 (IBM DB2 9.1 before FP7 returns incorrect query results in certain situ ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-1274
+CVE-2009-1274 (Integer overflow in the qt_error parse_trak_atom function in demuxers/ ...)
 	- xine-lib 1.1.16.3-1 (medium; bug #522811)
 	- vlc <not-affected> (affected part of xine-lib code not present)
-CVE-2009-1238
+CVE-2009-1238 (Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and ea ...)
 	NOT-FOR-US: Mac OS X
-CVE-2009-1237
+CVE-2009-1237 (Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 1 ...)
 	NOT-FOR-US: Mac OS X
-CVE-2009-1236
+CVE-2009-1236 (Heap-based buffer overflow in the AppleTalk networking stack in XNU 12 ...)
 	NOT-FOR-US: Mac OS X
-CVE-2009-1235
+CVE-2009-1235 (XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does no ...)
 	NOT-FOR-US: Mac OS X
-CVE-2009-1234
+CVE-2009-1234 (Opera 9.64 allows remote attackers to cause a denial of service (appli ...)
 	NOT-FOR-US: Opera
-CVE-2009-1233
+CVE-2009-1233 (Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to ca ...)
 	NOT-FOR-US: Safari on Windows
-CVE-2009-1232
+CVE-2009-1232 (Mozilla Firefox 3.0.8 and earlier 3.0.x versions allows remote attacke ...)
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2009-1231
+CVE-2009-1231 (Unspecified vulnerability in the eClient in IBM DB2 Content Manager 8. ...)
 	NOT-FOR-US: DB2
-CVE-2009-1230
+CVE-2009-1230 (Static code injection vulnerability in index.php in Podcast Generator  ...)
 	NOT-FOR-US: Podcast Generator
-CVE-2009-1229
+CVE-2009-1229 (SQL injection vulnerability in Arcadwy Arcade Script allows remote att ...)
 	NOT-FOR-US: Arcadwy Arcade Script
-CVE-2009-1228
+CVE-2009-1228 (Cross-site scripting (XSS) vulnerability in register.php in Arcadwy Ar ...)
 	NOT-FOR-US: Arcadwy Arcade Script
 CVE-2009-1227
 	NOT-FOR-US: Check Point
-CVE-2009-1226
+CVE-2009-1226 (core/admin/delete.php in Podcast Generator 1.1 and earlier does not pr ...)
 	NOT-FOR-US: Podcast Generator
-CVE-2009-1225
+CVE-2009-1225 (Cross-site scripting (XSS) vulnerability in index.php in Turnkey Ebook ...)
 	NOT-FOR-US: Turnkey Ebook Store
-CVE-2009-1224
+CVE-2009-1224 (SQL injection vulnerability in vsp-core/pub/themes/bismarck/gamestat.p ...)
 	NOT-FOR-US: vsp stats processor
-CVE-2009-1223
+CVE-2009-1223 (aspWebCalendar Free Edition stores sensitive information under the web ...)
 	NOT-FOR-US: aspWebCalendar Free Edition
-CVE-2009-1222
+CVE-2009-1222 (Directory traversal vulnerability in index.php in webEdition 6.0.0.4 a ...)
 	NOT-FOR-US: webEdition
 CVE-2009-1221
 	RESERVED
-CVE-2009-1220
+CVE-2009-1220 (Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in Web ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1219
+CVE-2009-1219 (Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun ...)
 	NOT-FOR-US: Sun Calendar Express Web Server
-CVE-2009-1218
+CVE-2009-1218 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Ex ...)
 	NOT-FOR-US: Sun Calendar Express Web Server
-CVE-2009-1217
+CVE-2009-1217 (Off-by-one error in the GpFont::SetData function in gdiplus.dll in Mic ...)
 	NOT-FOR-US: Windows GDI+
-CVE-2009-1216
+CVE-2009-1216 (Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c i ...)
 	NOTE: Duplicate of CVE-2006-4335, confirmed by Microsoft. They're working on
 	NOTE: getting it rejected
-CVE-2009-1215
+CVE-2009-1215 (Race condition in GNU screen 4.0.3 allows local users to create or ove ...)
 	- screen 4.0.3-13 (low; bug #521123)
 	[etch] - screen <not-affected> (etch version predates #433338)
 	[lenny] - screen 4.0.3-11+lenny1
-CVE-2009-1214
+CVE-2009-1214 (GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with  ...)
 	- screen 4.0.3-13 (bug #521123)
 	[lenny] - screen 4.0.3-11+lenny1
 	NOTE: documented behaviour "or the public accessible screen-exchange", see man screen
-CVE-2009-1213
+CVE-2009-1213 (Cross-site request forgery (CSRF) vulnerability in attachment.cgi in B ...)
 	- bugzilla 3.2.4.0-1 (low; bug #514143)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
 	NOTE: should this really be considered minor?  see fedora bug and FSA:
 	NOTE: - https://bugzilla.redhat.com/show_bug.cgi?id=494398
 	NOTE: - https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00191.html
-CVE-2009-1212
+CVE-2009-1212 (Multiple insecure method vulnerabilities in PRECIS~2.DLL in the Precis ...)
 	NOT-FOR-US: PrecisionID Datamatrix ActiveX control
-CVE-2009-1211
+CVE-2009-1211 (Blue Coat ProxySG, when transparent interception mode is enabled, uses ...)
 	NOT-FOR-US: Blue Coat ProxySG
-CVE-2009-1210
+CVE-2009-1210 (Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in  ...)
 	{DSA-1785-1}
 	- wireshark 1.0.7-1 (low)
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.6)
-CVE-2009-1209
+CVE-2009-1209 (Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remot ...)
 	- amaya <removed>
-CVE-2009-1208
+CVE-2009-1208 (SQL injection vulnerability in auth2db 0.2.5, and possibly other versi ...)
 	{DSA-1757-1}
 	- auth2db 0.2.5-2+dfsg-1.1 (bug #521823; low)
-CVE-2009-1207
+CVE-2009-1207 (Race condition in the dircmp script in Sun Solaris 8 through 10, and O ...)
 	NOT-FOR-US: Solaris
-CVE-2009-1206
+CVE-2009-1206 (Unspecified vulnerability in futomi's CGI Cafe Access Analyzer CGI Pro ...)
 	NOT-FOR-US: Cafe Access Analyzer CGI Professional
 CVE-2009-1205
 	REJECTED
-CVE-2009-1204
+CVE-2009-1204 (Cross-site scripting (XSS) vulnerability in TikiWiki (Tiki) CMS/Groupw ...)
 	- tikiwiki <removed>
-CVE-2009-1203
+CVE-2009-1203 (WebVPN on the Cisco Adaptive Security Appliances (ASA) device with sof ...)
 	NOT-FOR-US: Cisco
-CVE-2009-1202
+CVE-2009-1202 (WebVPN on the Cisco Adaptive Security Appliances (ASA) device with sof ...)
 	NOT-FOR-US: Cisco
-CVE-2009-1201
+CVE-2009-1201 (Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/ ...)
 	NOT-FOR-US: Cisco
 CVE-2009-1200
 	RESERVED
 CVE-2009-1199
 	RESERVED
-CVE-2009-1198
+CVE-2009-1198 (Cross-site scripting (XSS) vulnerability in Apache jUDDI before 2.0 al ...)
 	NOT-FOR-US: Apache jUDDI
-CVE-2009-1197
+CVE-2009-1197 (Apache jUDDI before 2.0 allows attackers to spoof entries in log files ...)
 	NOT-FOR-US: Apache jUDDI
-CVE-2009-1196
+CVE-2009-1196 (The directory-services functionality in the scheduler in CUPS 1.1.17 a ...)
 	- cups 1.1.99.b1.r4748-1
 	- cupsys <removed>
 	[etch] - cupsys 1.1.99.b1.r4748-1
-CVE-2009-1195
+CVE-2009-1195 (The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not proper ...)
 	{DSA-1816-1}
 	- apache2 2.2.11-6 (low; bug #530834)
-CVE-2009-1194
+CVE-2009-1194 (Integer overflow in the pango_glyph_string_set_size function in pango/ ...)
 	{DSA-1798-1}
 	- pango1.0 1.24.0-2 (medium; bug #527474)
 CVE-2009-1193
 	REJECTED
-CVE-2009-1192
+CVE-2009-1192 (The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functio ...)
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-4
 	- linux-2.6.24 <removed>
-CVE-2009-1191
+CVE-2009-1191 (mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server  ...)
 	- apache2 2.2.11-4 (low)
 	[etch] - apache2 <not-affected> (introduced in 2.2.11)
 	[lenny] - apache2 <not-affected> (introduced in 2.2.11)
-CVE-2009-1190
+CVE-2009-1190 (Algorithmic complexity vulnerability in the java.util.regex.Pattern.co ...)
 	- libspring-2.5-java 2.5.6.SEC01-1
-CVE-2009-1189
+CVE-2009-1189 (The _dbus_validate_signature_with_reason function (dbus-marshal-valida ...)
 	{DSA-1837-1}
 	- dbus 1.2.14-1 (high; bug #532720)
 	NOTE: remote signature spoofing possible, and this was supposed to be
 	NOTE: originally fixed with the updates for CVE-2008-3834
-CVE-2009-1188
+CVE-2009-1188 (Integer overflow in the JBIG2 decoding feature in the SplashBitmap::Sp ...)
 	{DSA-2050-1 DSA-2028-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[etch] - poppler <not-affected> (SplashBitmap code not present)
@@ -10587,21 +10587,21 @@ CVE-2009-1188
 	- xpdf 3.02-2 (bug #575779)
 	- kdegraphics 4:4.0
 	- swftools 0.9.2+ds1-2
-CVE-2009-1187
+CVE-2009-1187 (Integer overflow in the JBIG2 decoding feature in Poppler before 0.10. ...)
 	{DSA-1941-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
-CVE-2009-1186
+CVE-2009-1186 (Buffer overflow in the util_path_encode function in udev/lib/libudev-u ...)
 	{DSA-1772-1}
 	- udev 0.141-1 (medium)
-CVE-2009-1185
+CVE-2009-1185 (udev before 1.4.1 does not verify whether a NETLINK message originates ...)
 	{DSA-1772-1}
 	- udev 0.141-1 (medium)
-CVE-2009-1184
+CVE-2009-1184 (The selinux_ip_postroute_iptables_compat function in security/selinux/ ...)
 	{DSA-1809-1 DSA-1800-1}
 	- linux-2.6 2.6.29-5
 	[etch] - linux-2.6 <not-affected> (Issue was introduced after 2.6.24 release)
 	- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.24 release)
-CVE-2009-1183
+CVE-2009-1183 (The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earl ...)
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -10609,7 +10609,7 @@ CVE-2009-1183
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-1182
+CVE-2009-1182 (Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and ...)
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -10617,7 +10617,7 @@ CVE-2009-1182
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0-1 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-1181
+CVE-2009-1181 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...)
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -10625,7 +10625,7 @@ CVE-2009-1181
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0-1 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-1180
+CVE-2009-1180 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...)
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -10633,7 +10633,7 @@ CVE-2009-1180
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0-1 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-1179
+CVE-2009-1179 (Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUP ...)
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -10641,143 +10641,143 @@ CVE-2009-1179
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0-1 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-1178
+CVE-2009-1178 (Unspecified vulnerability in the server in IBM Tivoli Storage Manager  ...)
 	NOT-FOR-US: Tivoli
-CVE-2009-1177
+CVE-2009-1177 (Multiple stack-based buffer overflows in maptemplate.c in mapserv in M ...)
 	- mapserver 5.2.2-1 (medium; bug #523027)
 	[lenny] - mapserver <not-affected> (Vulnerable code not present or covered by 02_CVE-2009-840-CVE-2009-2281.dpatch)
 	[etch] - mapserver <not-affected> (Vulnerable code not present or covered by 02_CVE-2009-840-CVE-2009-2281.dpatch)
-CVE-2009-1176
+CVE-2009-1176 (mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2 ...)
 	{DSA-1914-1}
 	- mapserver 5.2.2-1 (low; bug #523027)
 	NOTE: covered by 02_CVE-2009-840-CVE-2009-2281.dpatch as well
-CVE-2009-1175
+CVE-2009-1175 (Cross-site scripting (XSS) vulnerability in apps/web/vs_diag.cgi in th ...)
 	- banshee <unfixed> (unimportant)
 	NOTE: banshee is intented as a desktop music player with no serious
 	NOTE: login credentials that an attacker could use remote
-CVE-2009-1174
+CVE-2009-1174 (The Web Services Security component in IBM WebSphere Application Serve ...)
 	NOT-FOR-US: WebSphere
-CVE-2009-1173
+CVE-2009-1173 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak pe ...)
 	NOT-FOR-US: WebSphere
-CVE-2009-1172
+CVE-2009-1172 (The JAX-RPC WS-Security runtime in the Web Services Security component ...)
 	NOT-FOR-US: WebSphere
-CVE-2009-1171
+CVE-2009-1171 (The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 bef ...)
 	{DSA-1761-1}
 	- moodle 1.8.2.dfsg-5 (medium; bug #522116)
 	NOTE: this applies only to people who have a complete tex environment and
 	NOTE: aren't just using mimetex to render the tex
-CVE-2009-1170
+CVE-2009-1170 (Unspecified vulnerability in Sun OpenSolaris snv_100 through snv_101 a ...)
 	NOT-FOR-US: OpenSolaris
-CVE-2009-1169
+CVE-2009-1169 (The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox ...)
 	{DSA-1756-1}
 	- xulrunner 1.9.0.8-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer 1:0.8~alpha2+dfsg+svn129-1
-CVE-2009-1168
+CVE-2009-1168 (Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0( ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-1167
+CVE-2009-1167 (Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) p ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2009-1166
+CVE-2009-1166 (The administrative web interface on the Cisco Wireless LAN Controller  ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2009-1165
+CVE-2009-1165 (Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x be ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2009-1164
+CVE-2009-1164 (The administrative web interface on the Cisco Wireless LAN Controller  ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2009-1163
+CVE-2009-1163 (Memory leak on the Cisco Physical Access Gateway with software before  ...)
 	NOT-FOR-US: Cisco
-CVE-2009-1162
+CVE-2009-1162 (Cross-site scripting (XSS) vulnerability in the Spam Quarantine login  ...)
 	NOT-FOR-US: Cisco IronPort AsyncOS
-CVE-2009-1161
+CVE-2009-1161 (Directory traversal vulnerability in the TFTP service in Cisco CiscoWo ...)
 	NOT-FOR-US: CiscoWorks
-CVE-2009-1160
+CVE-2009-1160 (Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1159
+CVE-2009-1159 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1158
+CVE-2009-1158 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1157
+CVE-2009-1157 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series an ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1156
+CVE-2009-1156 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1155
+CVE-2009-1155 (Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2009-1154
+CVE-2009-1154 (Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Cisco
 CVE-2009-1153
 	REJECTED
-CVE-2009-1152
+CVE-2009-1152 (Siemens Gigaset SE461 WiMAX router 1.5-BL024.9.6401, and possibly othe ...)
 	NOT-FOR-US: Siemens router
-CVE-2009-1151
+CVE-2009-1151 (Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x  ...)
 	{DSA-1824-1}
 	- phpmyadmin 4:3.1.3.1-1
-CVE-2009-1150
+CVE-2009-1150 (Multiple cross-site scripting (XSS) vulnerabilities in the export page ...)
 	{DSA-1824-1}
 	- phpmyadmin 4:3.1.3.1-1
-CVE-2009-1149
+CVE-2009-1149 (CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB s ...)
 	- phpmyadmin 4:3.1.3.1-1
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2009-1148
+CVE-2009-1148 (Directory traversal vulnerability in bs_disp_as_mime_type.php in the B ...)
 	- phpmyadmin 4:3.1.3.1-1
 	[etch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2009-1147
+CVE-2009-1147 (Unspecified vulnerability in vmci.sys in the Virtual Machine Communica ...)
 	NOT-FOR-US: VmWare
-CVE-2009-1146
+CVE-2009-1146 (Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstati ...)
 	NOT-FOR-US: VmWare
 CVE-2009-1145
 	RESERVED
-CVE-2009-1144
+CVE-2009-1144 (Untrusted search path vulnerability in the Gentoo package of Xpdf befo ...)
 	- xpdf <not-affected> (Gentoo specific vulnerability in building xpdf)
 CVE-2009-1143
 	RESERVED
 CVE-2009-1142
 	RESERVED
-CVE-2009-1141
+CVE-2009-1141 (Microsoft Internet Explorer 6 for Windows XP SP2 and SP3 and Server 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1140
+CVE-2009-1140 (Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1139
+CVE-2009-1139 (Memory leak in the LDAP service in Active Directory on Microsoft Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1138
+CVE-2009-1138 (The LDAP service in Active Directory on Microsoft Windows 2000 SP4 doe ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1137
+CVE-2009-1137 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows re ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1136
+CVE-2009-1136 (The Microsoft Office Web Components Spreadsheet ActiveX control (aka O ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-1135
+CVE-2009-1135 (Microsoft Internet Security and Acceleration (ISA) Server 2006 Gold an ...)
 	NOT-FOR-US: Microsoft Internet Security and Acceleration (ISA) Server
-CVE-2009-1134
+CVE-2009-1134 (Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1133
+CVE-2009-1133 (Heap-based buffer overflow in Microsoft Remote Desktop Connection (for ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1132
+CVE-2009-1132 (Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka ...)
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2009-1131
+CVE-2009-1131 (Multiple stack-based buffer overflows in Microsoft Office PowerPoint 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1130
+CVE-2009-1130 (Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1129
+CVE-2009-1129 (Multiple stack-based buffer overflows in the PowerPoint 95 importer (P ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1128
+CVE-2009-1128 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows re ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1127
+CVE-2009-1127 (win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-1126
+CVE-2009-1126 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1125
+CVE-2009-1125 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003  ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1124
+CVE-2009-1124 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003  ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1123
+CVE-2009-1123 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003  ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1122
+CVE-2009-1122 (The WebDAV extension in Microsoft Internet Information Services (IIS)  ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-1121
 	RESERVED
 CVE-2009-1120
 	RESERVED
-CVE-2009-1119
+CVE-2009-1119 (Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 a ...)
 	NOT-FOR-US: EMC RepliStor
 CVE-2009-1118
 	RESERVED
@@ -10801,396 +10801,396 @@ CVE-2009-1109
 	RESERVED
 CVE-2009-1108
 	RESERVED
-CVE-2009-1086
+CVE-2009-1086 (Heap-based buffer overflow in the ldns_rr_new_frm_str_internal functio ...)
 	{DSA-1795-1}
 	- ldns 1.5.1-1
-CVE-2009-1107
+CVE-2009-1107 (The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Env ...)
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1106
+CVE-2009-1106 (The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Env ...)
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1105
+CVE-2009-1105 (The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Env ...)
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1104
+CVE-2009-1104 (The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Env ...)
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1103
+CVE-2009-1103 (Unspecified vulnerability in the Java Plug-in in Java SE Development K ...)
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1102
+CVE-2009-1102 (Unspecified vulnerability in the Virtual Machine in Java SE Developmen ...)
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1101
+CVE-2009-1101 (Unspecified vulnerability in the lightweight HTTP server implementatio ...)
 	{DSA-1769-1}
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1100
+CVE-2009-1100 (Multiple unspecified vulnerabilities in Java SE Development Kit (JDK)  ...)
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-1099
+CVE-2009-1099 (Integer signedness error in Java SE Development Kit (JDK) and Java Run ...)
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-1098
+CVE-2009-1098 (Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Envi ...)
 	{DSA-1769-1}
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-1097
+CVE-2009-1097 (Multiple buffer overflows in Java SE Development Kit (JDK) and Java Ru ...)
 	{DSA-1769-1}
 	- sun-java6 6-13-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-1096
+CVE-2009-1096 (Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java ...)
 	{DSA-1769-1}
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1095
+CVE-2009-1095 (Integer overflow in unpack200 in Java SE Development Kit (JDK) and Jav ...)
 	{DSA-1769-1}
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1094
+CVE-2009-1094 (Unspecified vulnerability in the LDAP implementation in Java SE Develo ...)
 	{DSA-1769-1}
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
 	- sun-java5 1.5.0-18-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 1.5.0-22-0lenny1
-CVE-2009-1093
+CVE-2009-1093 (LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java  ...)
 	{DSA-1769-1}
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2009-1962
+CVE-2009-1962 (Xfig, possibly 3.2.5, allows local users to read and write arbitrary f ...)
 	- xfig 1:3.2.5.a-1
 	[etch] - xfig <no-dsa> (Minor issue)
 	[lenny] - xfig <no-dsa> (Minor issue)
-CVE-2009-1092
+CVE-2009-1092 (Use-after-free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX  ...)
 	NOT-FOR-US: LIVEAUDIO.LiveAudioCtrl.1 ActiveX
-CVE-2009-1091
+CVE-2009-1091 (Cross-site scripting (XSS) vulnerability in upload.php in Rapidleech r ...)
 	NOT-FOR-US: Rapidleech
-CVE-2009-1090
+CVE-2009-1090 (Directory traversal vulnerability in upload.php in Rapidleech rev.36 a ...)
 	NOT-FOR-US: Rapidleech
-CVE-2009-1089
+CVE-2009-1089 (Absolute path traversal vulnerability in upload.php in Rapidleech rev. ...)
 	NOT-FOR-US: Rapidleech
-CVE-2009-1088
+CVE-2009-1088 (Hannon Hill Cascade Server 5.7 and other versions allows remote authen ...)
 	NOT-FOR-US: Hannon Hill Cascade Server
-CVE-2009-1087
+CVE-2009-1087 (Multiple argument injection vulnerabilities in PPLive.exe in PPLive 1. ...)
 	NOT-FOR-US: PPLive
-CVE-2009-1085
+CVE-2009-1085 (Piwik 0.2.32 and earlier stores sensitive information under the web ro ...)
 	- piwik <itp> (bug #506933)
-CVE-2009-1084
+CVE-2009-1084 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not proper ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1083
+CVE-2009-1083 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 on Linux, AIX,  ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1082
+CVE-2009-1082 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 allows remote a ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1081
+CVE-2009-1081 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1080
+CVE-2009-1080 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1079
+CVE-2009-1079 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1078
+CVE-2009-1078 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not enforc ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1077
+CVE-2009-1077 (The Change My Password implementation in the admin interface in Sun Ja ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1076
+CVE-2009-1076 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differ ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1075
+CVE-2009-1075 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differ ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1074
+CVE-2009-1074 (Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not use SS ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2009-1073
+CVE-2009-1073 (nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/ns ...)
 	{DSA-1758-1}
 	- nss-ldapd 0.6.8
-CVE-2009-1072
+CVE-2009-1072 (nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD c ...)
 	{DSA-1800-1}
 	- linux-2.6 2.6.29-1
 	[etch] - linux-2.6 <not-affected> (Issue was introduced after 2.6.24 release)
 	- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.24 release)
-CVE-2009-0934
+CVE-2009-0934 (Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 allo ...)
 	{DSA-1774-1}
 	- ejabberd 2.0.5-1 (bug #520852)
 	[etch] - ejabberd <not-affected> (Vulnerable expression not present)
-CVE-2009-1071
+CVE-2009-1071 (Stack-based buffer overflow in Icarus 2.0 allows remote attackers to c ...)
 	NOT-FOR-US: Icarus
-CVE-2009-1070
+CVE-2009-1070 (Cross-site scripting (XSS) vulnerability in system/index.php in Expres ...)
 	NOT-FOR-US: ExpressionEngine
-CVE-2009-1069
+CVE-2009-1069 (Multiple cross-site scripting (XSS) vulnerabilities in the node edit f ...)
 	NOT-FOR-US: Drupal module
-CVE-2009-1068
+CVE-2009-1068 (Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Fre ...)
 	NOT-FOR-US: BS.Player
-CVE-2009-1067
+CVE-2009-1067 (Cross-site scripting (XSS) vulnerability in index.php in Pixie CMS 1.0 ...)
 	NOT-FOR-US: Pixie CMS
-CVE-2009-1066
+CVE-2009-1066 (SQL injection vulnerability in the referral function in admin/lib/lib_ ...)
 	NOT-FOR-US: Pixie CMS
-CVE-2009-1065
+CVE-2009-1065 (SQL injection vulnerability in index.php in Pixie CMS 1.01a allows rem ...)
 	NOT-FOR-US: Pixie CMS
-CVE-2009-1064
+CVE-2009-1064 (Argument injection vulnerability in orbitmxt.dll 2.1.0.2 in the Orbit  ...)
 	NOT-FOR-US: Orbit Downloader
-CVE-2009-1063
+CVE-2009-1063 (Buffer overflow in eXeScope 6.50 allows user-assisted remote attackers ...)
 	NOT-FOR-US: eXeScope
-CVE-2009-1062
+CVE-2009-1062 (Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1  ...)
 	NOT-FOR-US: Acrobat Reader
-CVE-2009-1061
+CVE-2009-1061 (Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 befo ...)
 	NOT-FOR-US: Acrobat Reader
-CVE-2009-1060
+CVE-2009-1060 (Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows re ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-1059
+CVE-2009-1059 (Stack-based buffer overflow in Trident PowerZip 7.2 might allow remote ...)
 	NOT-FOR-US: Trident PowerZip
-CVE-2009-1058
+CVE-2009-1058 (Stack-based buffer overflow in ZipGenius might allow remote attackers  ...)
 	NOT-FOR-US: ZipGenius
-CVE-2009-1057
+CVE-2009-1057 (MicroSmarts Enterprise ZipItFast! 3.0 allows remote attackers to execu ...)
 	NOT-FOR-US: MicroSmarts Enterprise ZipItFast!
-CVE-2009-1056
+CVE-2009-1056 (IBM Rational AppScan Enterprise before 5.5 FP1 allows remote attackers ...)
 	NOT-FOR-US: IBM Rational AppScan Enterprise
-CVE-2009-1055
+CVE-2009-1055 (Unspecified vulnerability in the web service in Sitecore CMS 5.3.1 rev ...)
 	NOT-FOR-US: Sitecore CMS
-CVE-2009-1054
+CVE-2009-1054 (Unspecified vulnerability in JustSystems Ichitaro 13, 2004 through 200 ...)
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2009-1053
+CVE-2009-1053 (chaozzDB 1.2 and earlier stores sensitive information under the web ro ...)
 	NOT-FOR-US: chaozzDB
-CVE-2009-1052
+CVE-2009-1052 (FireAnt 1.3 and earlier stores sensitive information under the web roo ...)
 	NOT-FOR-US: FireAnt
-CVE-2009-1051
+CVE-2009-1051 (FubarForum 1.6 and earlier stores sensitive information under the web  ...)
 	NOT-FOR-US: FubarForum
-CVE-2009-1050
+CVE-2009-1050 (Bloginator 1A allows remote attackers to bypass authentication and gai ...)
 	NOT-FOR-US: Bloginator
-CVE-2009-1049
+CVE-2009-1049 (SQL injection vulnerability in articleCall.php in Bloginator 1A allows ...)
 	NOT-FOR-US: Bloginator
-CVE-2009-1048
+CVE-2009-1048 (The web interface on the snom VoIP phones snom 300, snom 320, snom 360 ...)
 	NOT-FOR-US: snom VoIP phones
-CVE-2009-1047
+CVE-2009-1047 (Cross-site scripting (XSS) vulnerability in the Send by e-mail module  ...)
 	NOT-FOR-US: Send by e-mail module for Drupal
-CVE-2009-1046
+CVE-2009-1046 (The console selection feature in the Linux kernel 2.6.28 before 2.6.28 ...)
 	{DSA-1800-1 DSA-1787-1}
 	- linux-2.6 2.6.29-1
 	- linux-2.6.24 <removed>
 	[etch] - linux-2.6 <not-affected> (Introduced in 2.6.23-rc1)
-CVE-2009-1045
+CVE-2009-1045 (requests/status.xml in VLC 0.9.8a allows remote attackers to cause a d ...)
 	- vlc 0.9.9a-1 (unimportant; bug #522170)
 	NOTE: access is limited to localhost
-CVE-2009-1044
+CVE-2009-1044 (Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute  ...)
 	{DSA-1756-1}
 	- xulrunner 1.9.0.8-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer 1:0.8~alpha2+dfsg+svn129-3
-CVE-2009-1043
+CVE-2009-1043 (Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1042
+CVE-2009-1042 (Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows re ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-1041
+CVE-2009-1041 (The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 ...)
 	- kfreebsd-7 7.1-3
 	[lenny] - kfreebsd-7 7.0-7lenny1
-CVE-2009-1040
+CVE-2009-1040 (Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote a ...)
 	NOT-FOR-US: WinAsm
-CVE-2009-1039
+CVE-2009-1039 (Buffer overflow in CDex 1.70b2 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: CDex
-CVE-2009-1038
+CVE-2009-1038 (Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote  ...)
 	NOT-FOR-US: YAP Blog
-CVE-2009-1037
+CVE-2009-1037 (Unspecified vulnerability in the Send by e-mail module in the "Printer ...)
 	NOT-FOR-US: Send by e-mail module for Drupal
-CVE-2009-1036
+CVE-2009-1036 (Cross-site request forgery (CSRF) vulnerability in the Plus 1 module b ...)
 	NOT-FOR-US: Plus 1 module for Drupal
-CVE-2009-1035
+CVE-2009-1035 (Cross-site scripting (XSS) vulnerability in the Tasklist module 5.x-1. ...)
 	NOT-FOR-US: Tasklist module for Drupal
-CVE-2009-1034
+CVE-2009-1034 (SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x- ...)
 	NOT-FOR-US: Tasklist module for Drupal
-CVE-2009-1033
+CVE-2009-1033 (SQL injection vulnerability in misc.php in DeluxeBB 1.3 and earlier al ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2009-1032
+CVE-2009-1032 (SQL injection vulnerability in gallery_list.php in YABSoft Advanced Im ...)
 	NOT-FOR-US: YABSoft Advanced Image Gallery
-CVE-2009-1031
+CVE-2009-1031 (Directory traversal vulnerability in the FTP server in Rhino Software  ...)
 	NOT-FOR-US: FTP Rhino Software Serv-U
-CVE-2009-1030
+CVE-2009-1030 (Cross-site scripting (XSS) vulnerability in the choose_primary_blog fu ...)
 	- wordpress-mu 2.9.1-1 (bug #399756)
-CVE-2009-1029
+CVE-2009-1029 (Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows r ...)
 	NOT-FOR-US: POP Peeper
-CVE-2009-1028
+CVE-2009-1028 (Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote at ...)
 	NOT-FOR-US: ediSys eZip Wizard
-CVE-2009-1027
+CVE-2009-1027 (SQL injection vulnerability in OpenCart 1.1.8 allows remote attackers  ...)
 	NOT-FOR-US: OpenCart
-CVE-2009-1026
+CVE-2009-1026 (Multiple SQL injection vulnerabilities in login.php in Kim Websites 1. ...)
 	NOT-FOR-US: Kim Websites
-CVE-2009-1025
+CVE-2009-1025 (PHP remote file inclusion vulnerability in linkadmin.php in Beerwin PH ...)
 	NOT-FOR-US: Beerwin PHPLinkAdmin
-CVE-2009-1024
+CVE-2009-1024 (Multiple SQL injection vulnerabilities in Beerwin PHPLinkAdmin 1.0 all ...)
 	NOT-FOR-US: Beerwin PHPLinkAdmin
-CVE-2009-1023
+CVE-2009-1023 (SQL injection vulnerability in index.php in phpComasy 0.9.1 allows rem ...)
 	NOT-FOR-US: phpComasy
-CVE-2009-1022
+CVE-2009-1022 (Heap-based buffer overflow in the Preview/ Set Segment function in Gre ...)
 	NOT-FOR-US: Gretech GOMlab GOM Encoder
-CVE-2009-1021
+CVE-2009-1021 (Unspecified vulnerability in the Advanced Replication component in Ora ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1020
+CVE-2009-1020 (Unspecified vulnerability in the Network Foundation component in Oracl ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1019
+CVE-2009-1019 (Unspecified vulnerability in the Network Authentication component in O ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1018
+CVE-2009-1018 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1017
+CVE-2009-1017 (Unspecified vulnerability in the BI Publisher component in Oracle Appl ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1016
+CVE-2009-1016 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1015
+CVE-2009-1015 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1014
+CVE-2009-1014 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-1013
+CVE-2009-1013 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-1012
+CVE-2009-1012 (Unspecified vulnerability in the plug-ins for Apache and IIS web serve ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1011
+CVE-2009-1011 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1010
+CVE-2009-1010 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1009
+CVE-2009-1009 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1008
+CVE-2009-1008 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-1007
+CVE-2009-1007 (Unspecified vulnerability in the Data Mining component in Oracle Datab ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-1006
+CVE-2009-1006 (Unspecified vulnerability in the JRockit component in BEA Product Suit ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1005
+CVE-2009-1005 (Unspecified vulnerability in the Oracle Data Service Integrator (AquaL ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1004
+CVE-2009-1004 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1003
+CVE-2009-1003 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1002
+CVE-2009-1002 (Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gol ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1001
+CVE-2009-1001 (Unspecified vulnerability in Oracle BEA WebLogic Portal 8.1 Gold throu ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2009-1000
+CVE-2009-1000 (The Oracle Applications Framework component in Oracle E-Business Suite ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-0999
+CVE-2009-0999 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-0998
+CVE-2009-0998 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS - eBenefit ...)
 	NOT-FOR-US: PeopleSoft Enterprise HRMS
-CVE-2009-0997
+CVE-2009-0997 (Unspecified vulnerability in the Database Vault component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0996
+CVE-2009-0996 (Unspecified vulnerability in the BI Publisher component in Oracle Appl ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0995
+CVE-2009-0995 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2009-0994
+CVE-2009-0994 (Unspecified vulnerability in the BI Publisher component in Oracle Appl ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0993
+CVE-2009-0993 (Unspecified vulnerability in the OPMN component in Oracle Application  ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0992
+CVE-2009-0992 (Unspecified vulnerability in the Advanced Queuing component in Oracle  ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0991
+CVE-2009-0991 (Unspecified vulnerability in the Listener component in Oracle Database ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0990
+CVE-2009-0990 (Unspecified vulnerability in the BI Publisher component in Oracle Appl ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0989
+CVE-2009-0989 (Unspecified vulnerability in the BI Publisher component in Oracle Appl ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0988
+CVE-2009-0988 (Unspecified vulnerability in the Password Policy component in Oracle D ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0987
+CVE-2009-0987 (Unspecified vulnerability in the Upgrade component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0986
+CVE-2009-0986 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0985
+CVE-2009-0985 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0984
+CVE-2009-0984 (Unspecified vulnerability in the Database Vault component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0983
+CVE-2009-0983 (Unspecified vulnerability in the Portal component in Oracle Applicatio ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0982
+CVE-2009-0982 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2009-0981
+CVE-2009-0981 (Unspecified vulnerability in the Application Express component in Orac ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0980
+CVE-2009-0980 (Unspecified vulnerability in the SQLX Functions component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0979
+CVE-2009-0979 (Unspecified vulnerability in the Resource Manager component in Oracle  ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0978
+CVE-2009-0978 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0977
+CVE-2009-0977 (Unspecified vulnerability in the Advanced Queuing component in Oracle  ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0976
+CVE-2009-0976 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0975
+CVE-2009-0975 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0974
+CVE-2009-0974 (Unspecified vulnerability in the Portal component in Oracle Applicatio ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2009-0973
+CVE-2009-0973 (Unspecified vulnerability in the Cluster Ready Services component in O ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0972
+CVE-2009-0972 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle Database
-CVE-2009-0971
+CVE-2009-0971 (Cross-site scripting (XSS) vulnerability in futomi's CGI Cafe Access A ...)
 	NOT-FOR-US: futomi's CGI Cafe Access Analyzer CGI Standard Version
-CVE-2009-0970
+CVE-2009-0970 (PHP remote file inclusion vulnerability in includes/class_image.php in ...)
 	NOT-FOR-US: PHP Pro Bid
-CVE-2009-0969
+CVE-2009-0969 (Cross-site request forgery (CSRF) vulnerability in account/settings/ac ...)
 	NOT-FOR-US: phpFoX
-CVE-2009-0968
+CVE-2009-0968 (SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 f ...)
 	NOT-FOR-US: fMoblog plugin for WordPress
-CVE-2009-0967
+CVE-2009-0967 (The FTP server in Serv-U 7.0.0.1 through 7.4.0.1 allows remote authent ...)
 	NOT-FOR-US: Serv-U
-CVE-2009-0966
+CVE-2009-0966 (PHP remote file inclusion vulnerability in cross.php in YABSoft Mega F ...)
 	NOT-FOR-US: YABSoft Mega File Hosting
-CVE-2009-0965
+CVE-2009-0965 (SQL injection vulnerability in functions/browse.php in Ganesha Digital ...)
 	NOT-FOR-US: Ganesha Digital Library
-CVE-2009-0964
+CVE-2009-0964 (UserView_list.php in PHPRunner 4.2, and possibly earlier, stores passw ...)
 	NOT-FOR-US: PHPRunner
-CVE-2009-0963
+CVE-2009-0963 (Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly  ...)
 	NOT-FOR-US: PHPRunner
-CVE-2009-0962
+CVE-2009-0962 (Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI eComme ...)
 	NOT-FOR-US: Futomi's CGI Cafe MP Form Mail CGI eCommerce
-CVE-2009-0961
+CVE-2009-0961 (The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS  ...)
 	NOT-FOR-US: Apple iPhone
-CVE-2009-0960
+CVE-2009-0960 (The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS  ...)
 	NOT-FOR-US: Apple iPhone
-CVE-2009-0959
+CVE-2009-0959 (The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone ...)
 	NOT-FOR-US: Apple iPhone
-CVE-2009-0958
+CVE-2009-0958 (Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 thr ...)
 	NOT-FOR-US: Apple iPhone
-CVE-2009-0957
+CVE-2009-0957 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0956
+CVE-2009-0956 (Apple QuickTime before 7.6.2 does not properly initialize memory befor ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0955
+CVE-2009-0955 (Apple QuickTime before 7.6.2 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0954
+CVE-2009-0954 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0953
+CVE-2009-0953 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0952
+CVE-2009-0952 (Buffer overflow in Apple QuickTime before 7.6.2 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0951
+CVE-2009-0951 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0950
+CVE-2009-0950 (Stack-based buffer overflow in Apple iTunes before 8.2 allows remote a ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2009-0949
+CVE-2009-0949 (The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 do ...)
 	{DSA-1811-1}
 	- cups 1.3.10-1
 CVE-2009-0948
@@ -11199,10 +11199,10 @@ CVE-2009-0948
 CVE-2009-0947
 	RESERVED
 	- file 5.02-1
-CVE-2009-0946
+CVE-2009-0946 (Multiple integer overflows in FreeType 2.3.9 and earlier allow remote  ...)
 	{DSA-1784-1}
 	- freetype 2.3.9-4.1 (medium; bug #524925)
-CVE-2009-0945
+CVE-2009-0945 (Array index error in the insertItemBefore method in WebKit, as used in ...)
 	{DSA-1988-1 DSA-1950-1 DSA-1866-1}
 	- qt4-x11 4:4.5.2-1 (medium; bug #532718)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
@@ -11214,347 +11214,347 @@ CVE-2009-0945
 	- kdegraphics 4:4.0 (medium; bug #534918)
 	NOTE: kdegraphics >4.0 not affected since ksvg is only in 3.5.x series
 	NOTE: http://websvn.kde.org/?view=rev&revision=983306
-CVE-2009-0944
+CVE-2009-0944 (The Microsoft Office Spotlight Importer in Spotlight in Apple Mac OS X ...)
 	NOT-FOR-US: Microsoft Office Spotlight
-CVE-2009-0943
+CVE-2009-0943 (Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not  ...)
 	NOT-FOR-US: Help Viewer in Apple Mac OS X
-CVE-2009-0942
+CVE-2009-0942 (Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not  ...)
 	NOT-FOR-US: Help Viewer in Apple Mac OS X
-CVE-2009-0941
+CVE-2009-0941 (The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Pri ...)
 	NOT-FOR-US: HP Embedded Web Server
-CVE-2009-0940
+CVE-2009-0940 (Multiple cross-site request forgery (CSRF) vulnerabilities in the HP E ...)
 	NOT-FOR-US: HP Embedded Web Server
-CVE-2009-0939
+CVE-2009-0939 (Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which h ...)
 	- tor 0.2.0.34-1
-CVE-2009-0938
+CVE-2009-0938 (Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirr ...)
 	- tor 0.2.0.34-1 (bug #512728)
-CVE-2009-0937
+CVE-2009-0937 (Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirr ...)
 	- tor 0.2.0.34-1 (bug #514580)
-CVE-2009-0936
+CVE-2009-0936 (Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to c ...)
 	- tor 0.2.0.34-1
-CVE-2009-0935
+CVE-2009-0935 (The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6 ...)
 	- linux-2.6 2.6.30-1 (low)
 	[etch] - linux-2.6 <not-affected> (Vulnerability was introduced in 2.6.27-rc9)
 	[lenny] - linux-2.6 <not-affected> (Vulnerability was introduced in 2.6.27-rc9)
 	- linux-2.6.24 <not-affected> (Vulnerability was introduced in 2.6.27-rc9)
-CVE-2009-0933
+CVE-2009-0933 (Cross-site scripting (XSS) vulnerability in the administrative interfa ...)
 	- dotclear <not-affected> (Fixed before initial upload to archive)
-CVE-2009-0932
+CVE-2009-0932 (Directory traversal vulnerability in framework/Image/Image.php in Hord ...)
 	{DSA-1765-1}
 	- horde3 3.2.2+debian0-2 (bug #513265; medium)
-CVE-2009-0931
+CVE-2009-0931 (Cross-site scripting (XSS) vulnerability in the tag cloud search scrip ...)
 	- horde3 3.2.2+debian0-2 (bug #513265)
 	[etch] - horde3 <not-affected> (Vulnerable code not present)
-CVE-2009-0930
+CVE-2009-0930 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP befor ...)
 	{DSA-1770-1}
 	- imp4 4.2-4 (medium; bug #513266)
-CVE-2009-0929
+CVE-2009-0929 (Directory traversal vulnerability in the media manager in Nucleus CMS  ...)
 	NOT-FOR-US: Nucleus CMS
-CVE-2009-0928
+CVE-2009-0928 (Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Profess ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2009-0927
+CVE-2009-0927 (Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before ...)
 	NOT-FOR-US: Adobe Reader and Adobe Acrobat
-CVE-2009-0926
+CVE-2009-0926 (Unspecified vulnerability in the UFS filesystem functionality in Sun O ...)
 	NOT-FOR-US: Sun OpenSolaris
-CVE-2009-0925
+CVE-2009-0925 (Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, an ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0924
+CVE-2009-0924 (Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, wh ...)
 	NOT-FOR-US: Sun OpenSolaris
-CVE-2009-0923
+CVE-2009-0923 (Unspecified vulnerability in Kerberos Incremental Propagation in Solar ...)
 	NOT-FOR-US: Solaris
-CVE-2009-0922
+CVE-2009-0922 (PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows rem ...)
 	- postgresql-8.3 8.3.7-1 (bug #517405)
 	[lenny] - postgresql-8.3 8.3.7-0lenny1
 	- postgresql-8.1 <removed>
 	- postgresql-7.4 <removed>
 	[etch] - postgresql-8.1 8.1.17-0etch1
 	[etch] - postgresql-7.4 <no-dsa> (Minor issue)
-CVE-2009-0921
+CVE-2009-0921 (Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenVi ...)
 	NOT-FOR-US: HP Openview
-CVE-2009-0920
+CVE-2009-0920 (Stack-based buffer overflow in OvCgi/Toolbar.exe in HP OpenView Networ ...)
 	NOT-FOR-US: HP Openview
-CVE-2009-0919
+CVE-2009-0919 (XAMPP installs multiple packages with insecure default passwords, whic ...)
 	NOT-FOR-US: DFLabs PTK
-CVE-2009-0918
+CVE-2009-0918 (Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 ...)
 	NOT-FOR-US: DFLabs PTK
-CVE-2009-0917
+CVE-2009-0917 (Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1 ...)
 	NOT-FOR-US: DFLabs PTK
-CVE-2009-0916
+CVE-2009-0916 (Unspecified vulnerability in Opera before 9.64 has unknown impact and  ...)
 	NOT-FOR-US: Opera
-CVE-2009-0915
+CVE-2009-0915 (Opera before 9.64 allows remote attackers to conduct cross-domain scri ...)
 	NOT-FOR-US: Opera
-CVE-2009-0914
+CVE-2009-0914 (Opera before 9.64 allows remote attackers to execute arbitrary code vi ...)
 	NOT-FOR-US: Opera
-CVE-2009-0913
+CVE-2009-0913 (Unspecified vulnerability in the keysock kernel module in Solaris 10 a ...)
 	NOT-FOR-US: Solaris
-CVE-2009-0912
+CVE-2009-0912 (perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly  ...)
 	NOT-FOR-US: perl-MDK-Common
 CVE-2009-0911
 	RESERVED
-CVE-2009-0910
+CVE-2009-0910 (Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5 ...)
 	NOT-FOR-US: VmWare
-CVE-2009-0909
+CVE-2009-0909 (Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5 ...)
 	NOT-FOR-US: VmWare
-CVE-2009-0908
+CVE-2009-0908 (Unspecified vulnerability in the ACE shared folders implementation in  ...)
 	NOT-FOR-US: VmWare
 CVE-2009-0907
 	REJECTED
-CVE-2009-0906
+CVE-2009-0906 (The Service Component Architecture (SCA) feature pack for IBM WebSpher ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0905
+CVE-2009-0905 (IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not pr ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0904
+CVE-2009-0904 (The IBM Stax XMLStreamWriter in the Web Services component in IBM WebS ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-0903
+CVE-2009-0903 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3, and the Fea ...)
 	NOT-FOR-US: WebSphere
 CVE-2009-0902
 	RESERVED
-CVE-2009-0901
+CVE-2009-0901 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...)
 	NOT-FOR-US: Microsoft Visual Studio .NET
-CVE-2009-0900
+CVE-2009-0900 (Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0 befor ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0899
+CVE-2009-0899 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 th ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0898
+CVE-2009-0898 (Stack-based buffer overflow in HP OpenView Network Node Manager (OV NN ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-0897
+CVE-2009-0897 (IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 bef ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0896
+CVE-2009-0896 (Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before 6. ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0895
+CVE-2009-0895 (Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-0894
+CVE-2009-0894 (Heap-based buffer overflow in the decoder_create function in the initi ...)
 	- xvidcore <not-affected> (Fixed before initial release)
-CVE-2009-0893
+CVE-2009-0893 (Multiple heap-based buffer overflows in xvidcore/src/decoder.c in the  ...)
 	- xvidcore <not-affected> (Fixed before initial release)
-CVE-2009-0892
+CVE-2009-0892 (The administrative console in IBM WebSphere Application Server (WAS) 6 ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0891
+CVE-2009-0891 (The Web Services Security component in IBM WebSphere Application Serve ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2009-0890
 	RESERVED
-CVE-2009-0889
+CVE-2009-0889 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and A ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0888
+CVE-2009-0888 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and A ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0887
+CVE-2009-0887 (Integer signedness error in the _pam_StrTok function in libpam/pam_mis ...)
 	- pam 1.0.1-10 (low; bug #520115)
 	[lenny] - pam 1.0.1-5+lenny1
 	[etch] - pam 0.79-5+etch1
-CVE-2009-0886
+CVE-2009-0886 (Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1 ...)
 	NOT-FOR-US: OneOrZero Helpdesk
-CVE-2009-0885
+CVE-2009-0885 (Multiple heap-based buffer overflows in Media Commands 1.0 allow remot ...)
 	NOT-FOR-US: Media Commands
-CVE-2009-0884
+CVE-2009-0884 (Buffer overflow in FileZilla Server before 0.9.31 allows remote attack ...)
 	NOT-FOR-US: FileZilla Server (only client packaged in debian)
-CVE-2009-0883
+CVE-2009-0883 (SQL injection vulnerability in Blue Eye CMS 1.0.0 and earlier, when ma ...)
 	NOT-FOR-US: Blue Eye CMS
-CVE-2009-0882
+CVE-2009-0882 (Multiple SQL injection vulnerabilities in nForum 1.5 allow remote atta ...)
 	NOT-FOR-US: nForum
-CVE-2009-0881
+CVE-2009-0881 (SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows  ...)
 	NOT-FOR-US: isiAJAX
-CVE-2009-0880
+CVE-2009-0880 (Directory traversal vulnerability in the CIM server in IBM Director be ...)
 	NOT-FOR-US: Windows
-CVE-2009-0879
+CVE-2009-0879 (The CIM server in IBM Director before 5.20.3 Service Update 2 on Windo ...)
 	NOT-FOR-US: Windows
-CVE-2009-0878
+CVE-2009-0878 (The read_game_map function in src/terrain_translation.cpp in Wesnoth b ...)
 	{DSA-1737-1}
 	- wesnoth 1:1.4.7-4
-CVE-2009-0877
+CVE-2009-0877 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
 	NOT-FOR-US: Sun Java System Communications Express
-CVE-2009-0876
+CVE-2009-0876 (Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and ...)
 	- virtualbox-ose <not-affected> (Vulnerable code not present, Debian version patches localconf)
 	[lenny] - virtualbox-ose <not-affected> (lenny version doesn't install binaries with suid 0)
-CVE-2009-0875
+CVE-2009-0875 (Race condition in the Doors subsystem in the kernel in Sun Solaris 8 t ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0874
+CVE-2009-0874 (Multiple unspecified vulnerabilities in the Doors subsystem in the ker ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0873
+CVE-2009-0873 (The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv ...)
 	NOT-FOR-US: Solaris
-CVE-2009-0872
+CVE-2009-0872 (The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does ...)
 	NOT-FOR-US: Solaris
-CVE-2009-0871
+CVE-2009-0871 (The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4 ...)
 	- asterisk <not-affected> (Vulnerable code introduced in 1.4.22)
-CVE-2009-0870
+CVE-2009-0870 (The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolar ...)
 	NOT-FOR-US: Solaris
-CVE-2009-0869
+CVE-2009-0869 (Buffer overflow in the client in IBM Tivoli Storage Manager (TSM) HSM  ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2009-0868
+CVE-2009-0868 (CRLF injection vulnerability in the WebLink template in Fujitsu Jasmin ...)
 	NOT-FOR-US: Fujitsu Jasmine2000 Enterprise Edition
-CVE-2009-0867
+CVE-2009-0867 (The HRM-S service in Fujitsu Enhanced Support Facility 3.0 and 3.0.1 a ...)
 	NOT-FOR-US: Fujitsu Enhanced Support Facility
-CVE-2009-0866
+CVE-2009-0866 (pHNews Alpha 1 stores sensitive information under the web root with in ...)
 	NOT-FOR-US: pHNews
-CVE-2009-0865
+CVE-2009-0865 (Directory traversal vulnerability in the SnapShotToFile method in the  ...)
 	NOT-FOR-US: GeoVision
-CVE-2009-0864
+CVE-2009-0864 (S-Cms 1.1 Stable allows remote attackers to bypass authentication and  ...)
 	NOT-FOR-US: S-Cms
-CVE-2009-0863
+CVE-2009-0863 (SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stab ...)
 	NOT-FOR-US: S-Cms
-CVE-2009-0862
+CVE-2009-0862 (Cross-site scripting (XSS) vulnerability in the hook_cntrlr_error_outp ...)
 	NOT-FOR-US: TangoCMS
-CVE-2009-0861
+CVE-2009-0861 (Cross-site scripting (XSS) vulnerability in phpDenora before 1.2.3 all ...)
 	NOT-FOR-US: phpDenora
-CVE-2009-0860
+CVE-2009-0860 (Cross-site scripting (XSS) vulnerability in the web user interface in  ...)
 	NOT-FOR-US: NetMRI
-CVE-2009-0859
+CVE-2009-0859 (The shm_get_stat function in ipc/shm.c in the shm subsystem in the Lin ...)
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-1
 	NOTE: All Debian kernels set CONFIG_SHMEM, so this is moot except
 	NOTE: for locally modified configs and even for that I fail to
 	NOTE: see why anyone would run a kernel w/o CONFIG_SHMEM?
-CVE-2009-0858
+CVE-2009-0858 (The response_addname function in response.c in Daniel J. Bernstein djb ...)
 	{DSA-1831-1}
 	- djbdns 1:1.05-5 (low; bug #518169; bug #517631)
-CVE-2009-0857
+CVE-2009-0857 (Cross-site scripting (XSS) vulnerability in /prm/reports in the Perfor ...)
 	NOT-FOR-US: SunMC
-CVE-2009-0856
+CVE-2009-0856 (Multiple cross-site scripting (XSS) vulnerabilities in sample applicat ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0855
+CVE-2009-0855 (Cross-site scripting (XSS) vulnerability in the administrative console ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0853
+CVE-2009-0853 (login.php in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allows  ...)
 	NOT-FOR-US: CelerBB
-CVE-2009-0852
+CVE-2009-0852 (showme.php in CelerBB 0.0.2 allows remote attackers to obtain "reserve ...)
 	NOT-FOR-US: CelerBB
-CVE-2009-0851
+CVE-2009-0851 (Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_qu ...)
 	NOT-FOR-US: CelerBB
-CVE-2009-0850
+CVE-2009-0850 (Cross-site scripting (XSS) vulnerability in BitDefender Internet Secur ...)
 	NOT-FOR-US: BitDefender
-CVE-2009-0849
+CVE-2009-0849 (Stack-based buffer overflow in the DtbClsLogin function in NovaStor No ...)
 	NOT-FOR-US: NovaNET
-CVE-2009-0848
+CVE-2009-0848 (Untrusted search path vulnerability in GTK2 in OpenSUSE 11.0 and 11.1  ...)
 	- gtk+2.0 <not-affected> (suse specific patch)
-CVE-2009-0847
+CVE-2009-0847 (The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka ...)
 	{DSA-1766-1}
 	- krb5 1.6.dfsg.4~beta1-13
 	[etch] - krb5 <not-affected> (Affected code present, but not exploitable before 1.6.3)
-CVE-2009-0846
+CVE-2009-0846 (The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c i ...)
 	{DSA-1766-1}
 	- krb5 1.6.dfsg.4~beta1-13
-CVE-2009-0845
+CVE-2009-0845 (The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego ...)
 	{DSA-1766-1}
 	- krb5 1.6.dfsg.4~beta1-13
 	[etch] - krb5 <not-affected> (Vulnerable code was introduced in 1.5)
-CVE-2009-0844
+CVE-2009-0844 (The get_input_token function in the SPNEGO implementation in MIT Kerbe ...)
 	{DSA-1766-1}
 	- krb5 1.6.dfsg.4~beta1-13
 	[etch] - krb5 <not-affected> (Vulnerable code was introduced in 1.5)
-CVE-2009-0843
+CVE-2009-0843 (The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and ...)
 	{DSA-1914-1}
 	- mapserver 5.2.2-1 (bug #523027)
 	NOTE: this can only probe for files that are not present, useless when not
 	NOTE: in combination with another attack
-CVE-2009-0842
+CVE-2009-0842 (mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows rem ...)
 	{DSA-1914-1}
 	- mapserver 5.2.2-1 (low; bug #523027)
-CVE-2009-0841
+CVE-2009-0841 (Directory traversal vulnerability in mapserv.c in mapserv in MapServer ...)
 	{DSA-1914-1}
 	- mapserver 5.2.2-1 (bug #523027)
 	NOTE: this doesn't work under linux as the root from the directory traversal needs to exist
-CVE-2009-0840
+CVE-2009-0840 (Heap-based buffer underflow in the readPostBody function in cgiutil.c  ...)
 	{DSA-1914-1}
 	- mapserver 5.4.2-1 (medium; bug #523027)
 	NOTE: Initial fix was incomplete
-CVE-2009-0839
+CVE-2009-0839 (Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x b ...)
 	{DSA-1914-1}
 	- mapserver 5.2.2-1 (medium; bug #523027)
-CVE-2009-0838
+CVE-2009-0838 (The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv ...)
 	NOT-FOR-US: Solaris
-CVE-2009-0837
+CVE-2009-0837 (Stack-based buffer overflow in Foxit Reader 3.0 before Build 1506, inc ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2009-0836
+CVE-2009-0836 (Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, includin ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2009-0854
+CVE-2009-0854 (Untrusted search path vulnerability in dash 0.5.4, when used as a logi ...)
 	- dash <not-affected> (Debian uses upstream's patch to implement -l)
-CVE-2009-0835
+CVE-2009-0835 (The __secure_computing function in kernel/seccomp.c in the seccomp sub ...)
 	{DSA-1800-1}
 	- linux-2.6 2.6.30-1 (low)
 	[etch] - linux-2.6 <not-affected> (Not enabled in 2.6.18)
 	- linux-2.6.24 <removed>
 	[etch] - linux-2.6.24 <no-dsa> (unimportant)
 	NOTE: CONFIG_SECCOMP has only been enabled in 2.6.26
-CVE-2009-0834
+CVE-2009-0834 (The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earl ...)
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-1 (low)
 	- linux-2.6.24 <removed>
-CVE-2009-0833
+CVE-2009-0833 (Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 f ...)
 	NOT-FOR-US: Winamp
-CVE-2009-0832
+CVE-2009-0832 (SQL injection vulnerability in items.php in the E-Cart module 1.3 for  ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2009-0831
+CVE-2009-0831 (SQL injection vulnerability in members.php in the Members CV (job) mod ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2009-0830
+CVE-2009-0830 (Cross-site scripting (XSS) vulnerability in QuoteBook allows remote at ...)
 	NOT-FOR-US: QuoteBook
-CVE-2009-0829
+CVE-2009-0829 (Multiple SQL injection vulnerabilities in QuoteBook allow remote attac ...)
 	NOT-FOR-US: QuoteBook
-CVE-2009-0828
+CVE-2009-0828 (QuoteBook stores quotes.inc under the web root with insufficient acces ...)
 	NOT-FOR-US: QuoteBook
-CVE-2009-0827
+CVE-2009-0827 (PollHelper stores poll.inc under the web root with insufficient access ...)
 	NOT-FOR-US: PollHelper
-CVE-2009-0826
+CVE-2009-0826 (BlogHelper stores common_db.inc under the web root with insufficient a ...)
 	NOT-FOR-US: BlogHelper
-CVE-2009-0825
+CVE-2009-0825 (SQL injection vulnerability in system/rss.php in TinX/cms 3.x before 3 ...)
 	NOT-FOR-US: TinX/cms
-CVE-2009-0824
+CVE-2009-0824 (Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in Sl ...)
 	NOT-FOR-US: Elaborate Bytes ElbyCDIO.sys
 CVE-2009-0823
 	RESERVED
 CVE-2009-0822
 	RESERVED
-CVE-2009-0821
+CVE-2009-0821 (Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause  ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser DoS not treated as security issues
-CVE-2009-0820
+CVE-2009-0820 (Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 ...)
 	NOT-FOR-US: phpScheduleIt
-CVE-2009-0819
+CVE-2009-0819 (sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 a ...)
 	- mysql-dfsg-5.0 <not-affected> (Vulnerable code introduced in 5.1.5)
 	- mysql-5.1 5.1.32-1
-CVE-2009-0818
+CVE-2009-0818 (Cross-site scripting (XSS) vulnerability in the taxonomy_theme_admin_t ...)
 	NOT-FOR-US: Taxonomy Theme module for Drupal
-CVE-2009-0817
+CVE-2009-0817 (Cross-site scripting (XSS) vulnerability in the Protected Node module  ...)
 	NOT-FOR-US: Protected Node module for Drupal
-CVE-2009-0816
+CVE-2009-0816 (Multiple cross-site scripting (XSS) vulnerabilities in the backend use ...)
 	{DTSA-193-1}
 	- typo3-src 4.2.6-1 (low; bug #514713)
 	[etch] - typo3-src 4.0.2+debian-8
-CVE-2009-0815
+CVE-2009-0815 (The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8 ...)
 	{DTSA-193-1}
 	- typo3-src 4.2.6-1 (medium; bug #514713)
 	[etch] - typo3-src 4.0.2+debian-8
-CVE-2009-0814
+CVE-2009-0814 (Cross-site scripting (XSS) vulnerability in Widgets.aspx in Blogsa 1.0 ...)
 	NOT-FOR-US: Blogsa
-CVE-2009-0813
+CVE-2009-0813 (Insecure method vulnerability in the ImeraIEPlugin ActiveX control (Im ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-0812
+CVE-2009-0812 (Stack-based buffer overflow in BreakPoint Software Hex Workshop 4.23,  ...)
 	NOT-FOR-US: BreakPoint Software Hex Workshop
-CVE-2009-0811
+CVE-2009-0811 (Insecure method vulnerability in the SopCast SopCore ActiveX control i ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-0810
+CVE-2009-0810 (SQL injection vulnerability in login.php in xGuestbook 2.0 allows remo ...)
 	NOT-FOR-US: xGuestbook
-CVE-2009-0809
+CVE-2009-0809 (The Web Editor in Dassault Systemes ENOVIA SmarTeam V5 before Release  ...)
 	NOT-FOR-US: Dassault Systemes ENOVIA SmarTeam
-CVE-2009-0808
+CVE-2009-0808 (Multiple SQL injection vulnerabilities in SimpleCMMS before 0.1.0 allo ...)
 	NOT-FOR-US: SimpleCMMS
-CVE-2009-0807
+CVE-2009-0807 (zFeeder 1.6 allows remote attackers to gain administrative access via  ...)
 	NOT-FOR-US: zFeeder
-CVE-2009-0806
+CVE-2009-0806 (Unspecified vulnerability in OpenGoo before 1.2.1 allows remote authen ...)
 	NOT-FOR-US: OpenGoo
-CVE-2009-0805
+CVE-2009-0805 (Cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier, a ...)
 	NOT-FOR-US: piCal
-CVE-2009-0804
+CVE-2009-0804 (Ziproxy 2.6.0, when transparent interception mode is enabled, uses the ...)
 	- ziproxy 2.7.2-1 (low; bug #521051)
 	[lenny] - ziproxy <no-dsa> (Minor issue)
-CVE-2009-0803
+CVE-2009-0803 (SmoothWall SmoothGuardian, as used in SmoothWall Firewall, NetworkGuar ...)
 	NOT-FOR-US: SmoothWall
-CVE-2009-0802
+CVE-2009-0802 (Qbik WinGate, when transparent interception mode is enabled, uses the  ...)
 	NOT-FOR-US: Qbik WinGate
-CVE-2009-0801
+CVE-2009-0801 (Squid, when transparent interception mode is enabled, uses the HTTP Ho ...)
 	- squid <unfixed> (unimportant; bug #521053)
 	- squid3 3.3.3-1 (unimportant; bug #521052)
 	NOTE: This only affects HTTP connections and only in transparent mode
 	NOTE: Also, same origin validations in the browsers still apply and keep this mostly harmless
 	NOTE: http://marc.info/?l=squid-dev&m=123542836103750&w=4
-CVE-2009-0800
+CVE-2009-0800 (Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 ...)
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -11562,7 +11562,7 @@ CVE-2009-0800
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0  (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-0799
+CVE-2009-0799 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...)
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -11570,46 +11570,46 @@ CVE-2009-0799
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-0798
+CVE-2009-0798 (ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cau ...)
 	{DSA-1786-1}
 	- acpid 1.0.10-1 (medium)
 CVE-2009-0797
 	REJECTED
-CVE-2009-0796
+CVE-2009-0796 (Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Statu ...)
 	- libapache2-mod-perl2 2.0.4-6 (low; bug #567635)
 	[lenny] - libapache2-mod-perl2 2.0.4-5+lenny1
 	- apache <removed>
 	[etch] - apache <no-dsa> (minor issue)
 CVE-2009-0795
 	REJECTED
-CVE-2009-0794
+CVE-2009-0794 (Integer overflow in the PulseAudioTargetDataL class in src/java/org/cl ...)
 	- openjdk-6 6b16-1
 	[lenny] - openjdk-6 <not-affected> (no PulseAudio support included)
-CVE-2009-0793
+CVE-2009-0793 (cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK ...)
 	{DSA-1769-1}
 	- openjdk-6 6b16-1
 	- lcms 1.18.dfsg-1.1 (low; bug #530785)
 	[lenny] - lcms <no-dsa> (Minor issue)
 	[etch] - lcms <no-dsa> (Minor issue)
-CVE-2009-0792
+CVE-2009-0792 (Multiple integer overflows in icc.c in the International Color Consort ...)
 	{DSA-2080-1 DTSA-198-1}
 	- argyll 1.0.3-3 (medium; bug #523472; bug #524802)
 	- ghostscript 8.64~dfsg-1.1 (medium; bug #524915)
 	- gs-gpl <removed> (medium; bug #561717)
-CVE-2009-0791
+CVE-2009-0791 (Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as use ...)
 	- cupsys <removed> (medium; bug #535488)
 	- cups 1.3.10-1 (medium; bug #535489)
 	[etch] - cupsys <not-affected> (pdftops source included, but not built)
 	[lenny] - cups <not-affected> (pdftops source included, but not built)
-CVE-2009-0790
+CVE-2009-0790 (The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.2 ...)
 	{DSA-1760-1 DSA-1759-1}
 	- openswan 1:2.6.21+dfsg-1 (medium; bug #521949)
 	- strongswan 4.2.14-1 (medium; bug #521950)
-CVE-2009-0789
+CVE-2009-0789 (OpenSSL before 0.9.8k on WIN64 and certain other platforms does not pr ...)
 	- openssl <not-affected> (only non-Debian architectures affected)
-CVE-2009-0788
+CVE-2009-0788 (Red Hat Network (RHN) Satellite Server 5.3 and 5.4 does not properly r ...)
 	NOT-FOR-US: Red Hat Network Satellite Server
-CVE-2009-0787
+CVE-2009-0787 (The ecryptfs_write_metadata_to_contents function in the eCryptfs funct ...)
 	- linux-2.6 2.6.29-1 (medium; bug #529326)
 	[etch] - linux-2.6 <not-affected> (ecryptfs was merged in 2.6.19)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
@@ -11618,11 +11618,11 @@ CVE-2009-0786
 	REJECTED
 CVE-2009-0785
 	RESERVED
-CVE-2009-0784
+CVE-2009-0784 (Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.2009031 ...)
 	{DSA-1755-1}
 	- systemtap 0.0.20090314-2
 	[etch] - systemtap <not-affected> (vulnerable code not present)
-CVE-2009-0783
+CVE-2009-0783 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 th ...)
 	{DSA-2207-1}
 	- tomcat5.5 <removed> (low; bug #532366)
 	- tomcat6 6.0.20-1 (low; bug #532362)
@@ -11630,24 +11630,24 @@ CVE-2009-0783
 	- tomcat5 <removed> (low; bug #532363)
 CVE-2009-0782
 	REJECTED
-CVE-2009-0781
+CVE-2009-0781 (Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the ca ...)
 	{DSA-2207-1}
 	- tomcat5.5 <removed> (unimportant; bug #532366)
 	- tomcat6 6.0.20-1 (unimportant; bug #532362)
 	- tomcat5 <removed> (unimportant; bug #532363)
 	NOTE: Just examples on how to use Tomcat, not for production
-CVE-2009-0780
+CVE-2009-0780 (The aspath_prepend function in rde_attr.c in bgpd in OpenBSD 4.3 and 4 ...)
 	NOT-FOR-US: openbsd
-CVE-2009-0779
+CVE-2009-0779 (Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users t ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-0778
+CVE-2009-0778 (The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2 ...)
 	- linux-2.6 <not-affected> (Issue was introduced after 2.6.24 release and fixed before release of 2.6.25)
 	- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.24 release and fixed before release of 2.6.25)
-CVE-2009-0777
+CVE-2009-0777 (Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonk ...)
 	- iceweasel 3.0.7-1 (low; bug #576466)
 	[lenny] - iceweasel <no-dsa> (minor issue)
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-0776
+CVE-2009-0776 (nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0. ...)
 	{DSA-1830-1 DSA-1751-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
@@ -11657,11 +11657,11 @@ CVE-2009-0776
 	- xulrunner 1.9.0.7-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
 	- kompozer 1:0.8~alpha2+dfsg+svn129-3
-CVE-2009-0775
+CVE-2009-0775 (Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird ...)
 	{DSA-1751-1}
 	- xulrunner 1.9.0.7-1
 	[etch] - xulrunner <not-affected> (Vulnerable code not present)
-CVE-2009-0774
+CVE-2009-0774 (The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird ...)
 	{DSA-1830-1 DSA-1751-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
@@ -11670,13 +11670,13 @@ CVE-2009-0774
 	NOTE: Iceweasel in Lenny links against Xulrunner
 	- xulrunner 1.9.0.7-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-0773
+CVE-2009-0773 (The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird bef ...)
 	{DSA-1830-1 DSA-1751-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- xulrunner 1.9.0.7-1
 	[etch] - xulrunner <not-affected> (Vulnerable code not present)
-CVE-2009-0772
+CVE-2009-0772 (The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird ...)
 	{DSA-1830-1 DSA-1751-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
@@ -11685,220 +11685,220 @@ CVE-2009-0772
 	NOTE: Iceweasel in Lenny links against Xulrunner
 	- xulrunner 1.9.0.7-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-0771
+CVE-2009-0771 (The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before  ...)
 	{DSA-1830-1 DSA-1751-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- xulrunner 1.9.0.7-1
 	[etch] - xulrunner <not-affected> (Vulnerable code not present)
 	- kompozer 1:0.8~alpha2+dfsg+svn129-1
-CVE-2009-0769
+CVE-2009-0769 (QIP 2005 build 8082 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: QIP
-CVE-2009-0768
+CVE-2009-0768 (SQL injection vulnerability in forumhop.php in YapBB 1.2 and earlier a ...)
 	NOT-FOR-US: YapBB
-CVE-2009-0767
+CVE-2009-0767 (Kipper 2.01 stores sensitive information under the web root with insuf ...)
 	NOT-FOR-US: Kipper
-CVE-2009-0766
+CVE-2009-0766 (Directory traversal vulnerability in default.php in Kipper 2.01 allows ...)
 	NOT-FOR-US: Kipper
-CVE-2009-0765
+CVE-2009-0765 (Directory traversal vulnerability in index.php in Kipper 2.01 allows r ...)
 	NOT-FOR-US: Kipper
-CVE-2009-0764
+CVE-2009-0764 (Multiple cross-site scripting (XSS) vulnerabilities in Kipper 2.01 all ...)
 	NOT-FOR-US: Kipper
-CVE-2009-0763
+CVE-2009-0763 (Cross-site scripting (XSS) vulnerability in default.php in Kipper 2.01 ...)
 	NOT-FOR-US: Kipper
-CVE-2009-0762
+CVE-2009-0762 (Cross-site scripting (XSS) vulnerability in ScriptsEz Ez PHP Comment a ...)
 	NOT-FOR-US: ScriptsEz Ez PHP Comment
-CVE-2009-0761
+CVE-2009-0761 (Cross-site scripting (XSS) vulnerability in online.asp in Team Board 1 ...)
 	NOT-FOR-US: Team Board
-CVE-2009-0760
+CVE-2009-0760 (Team Board 1.x and 2.x stores sensitive information under the web root ...)
 	NOT-FOR-US: Team Board
-CVE-2009-0759
+CVE-2009-0759 (Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.06 ...)
 	{DSA-1735-1}
 	- znc 0.066-1 (bug #516950)
-CVE-2009-0758
+CVE-2009-0758 (The originates_from_local_legacy_unicast_socket function in avahi-core ...)
 	{DSA-2086-1}
 	- avahi 0.6.24-3 (low; bug #517683)
 	[etch] - avahi <no-dsa> (Minor issue)
 	NOTE: reflector is off by default
-CVE-2009-0757
+CVE-2009-0757 (Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent at ...)
 	- mpfr 2.4.0-5 (low; bug #527475)
 	[lenny] - mpfr <not-affected> (Vulnerable code not yet present)
 	[etch] - mpfr <not-affected> (Vulnerable code not yet present)
-CVE-2009-0756
+CVE-2009-0756 (The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 a ...)
 	- poppler 0.10.6-1 (low; bug #518478)
 	[lenny] - poppler 0.8.7-2
 	[etch] - poppler <no-dsa> (Application crash only, could be fixed with further issues)
 	NOTE: poppler in lenny fixed in batch of CVEs pushed out in 5.0.2 release
-CVE-2009-0755
+CVE-2009-0755 (The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 a ...)
 	{DSA-1941-1}
 	- poppler 0.10.6-1 (low; bug #518478)
 	[lenny] - poppler <no-dsa> (Application crash only, could be fixed with further issues)
 	[etch] - poppler <not-affected> (vulnerable code not present; forms introduced after 0.4.5)
-CVE-2009-0754
+CVE-2009-0754 (PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows l ...)
 	{DSA-1789-1}
 	- php4 <removed> (low)
 	- php5 5.2.9.dfsg.1-2 (low; bug #523049)
-CVE-2009-0752
+CVE-2009-0752 (Unspecified vulnerability in Movable Type Pro and Community Solution 4 ...)
 	- movabletype-opensource <not-affected> (bug #518469)
 	NOTE: http://www.sixapart.com/pipermail/mtos-dev/2009-March/002677.html
-CVE-2009-0751
+CVE-2009-0751 (Yaws before 1.80 allows remote attackers to cause a denial of service  ...)
 	{DSA-1740-1}
 	- yaws 1.80-1
-CVE-2009-0750
+CVE-2009-0750 (SQL injection vulnerability in login.php in the smNews example script  ...)
 	NOT-FOR-US: txtSQL
-CVE-2009-0748
+CVE-2009-0748 (The ext4_fill_super function in fs/ext4/super.c in the Linux kernel 2. ...)
 	{DSA-1749-1}
 	- linux-2.6 2.6.29-1 (low)
 	[etch] - linux-2.6 <not-affected> (ext4 not yet present)
 	- linux-2.6.24 <unfixed> (low)
 	NOTE: Since the feature is experimental until 2.6.27, I don't think we need to fix this
-CVE-2009-0747
+CVE-2009-0747 (The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 b ...)
 	{DSA-1749-1}
 	- linux-2.6 2.6.28-2 (low)
 	[etch] - linux-2.6 <not-affected> (ext4 not yet present)
 	- linux-2.6.24 <unfixed> (low)
 	NOTE: Since the feature is experimental until 2.6.27, I don't think we need to fix this
-CVE-2009-0746
+CVE-2009-0746 (The make_indexed_dir function in fs/ext4/namei.c in the Linux kernel 2 ...)
 	{DSA-1749-1}
 	- linux-2.6 2.6.28-1 (low)
 	[etch] - linux-2.6 <not-affected> (ext4 not yet present)
 	- linux-2.6.24 <unfixed> (low)
 	NOTE: Since the feature is experimental until 2.6.27, I don't think we need to fix this
-CVE-2009-0745
+CVE-2009-0745 (The ext4_group_add function in fs/ext4/resize.c in the Linux kernel 2. ...)
 	{DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1 (low)
 	[etch] - linux-2.6 <not-affected> (ext4 not yet present)
 	- linux-2.6.24 <unfixed> (low)
 	NOTE: Since the feature is experimental until 2.6.27, I don't think we need to fix this
-CVE-2009-0744
+CVE-2009-0744 (Apple Safari 4 Beta build 528.16 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-0743
+CVE-2009-0743 (Cross-site scripting (XSS) vulnerability in the edit account page in t ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace Web Conferencing
-CVE-2009-0742
+CVE-2009-0742 (The username command in Cisco ACE Application Control Engine Module fo ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0770
+CVE-2009-0770 (dkim-milter 2.6.0 through 2.8.0 allows remote attackers to cause a den ...)
 	{DSA-1728-1}
 	- dkim-milter 2.6.0.dfsg-2 (low)
 	[lenny] - dkim-milter 2.6.0.dfsg-1+lenny1
 	NOTE: http://sourceforge.net/tracker/index.php?func=detail&aid=2508602&group_id=139420&atid=744358
-CVE-2009-0749
+CVE-2009-0749 (Use-after-free vulnerability in the GIFReadNextExtension function in l ...)
 	- optipng 0.6.2.1-1 (low)
 	[etch] - optipng 0.5.5-2
 	[lenny] - optipng 0.6.1.1-2
-CVE-2009-0741
+CVE-2009-0741 (SQL injection vulnerability in Login.asp in Craft Silicon Banking@Home ...)
 	NOT-FOR-US: Craft Silicon Banking@Home
-CVE-2009-0740
+CVE-2009-0740 (SQL injection vulnerability in login.php in BlueBird Prelease allows r ...)
 	NOT-FOR-US: BlueBird Prelease
-CVE-2009-0739
+CVE-2009-0739 (SQL injection vulnerability in login.php in MyNews 0.10 allows remote  ...)
 	NOT-FOR-US: MyNews
-CVE-2009-0738
+CVE-2009-0738 (SQL injection vulnerability in login.php in Auth Php 1.0 allows remote ...)
 	NOT-FOR-US: Auth Php
-CVE-2009-0736
+CVE-2009-0736 (Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows ...)
 	NOT-FOR-US: Pebble
-CVE-2009-0735
+CVE-2009-0735 (Directory traversal vulnerability in lib/classes/message_class.php in  ...)
 	NOT-FOR-US: Papoo CMS
-CVE-2009-0734
+CVE-2009-0734 (Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7 in Nokia ...)
 	NOT-FOR-US: MultimediaPlayer.exe
-CVE-2009-0733
+CVE-2009-0733 (Multiple stack-based buffer overflows in the ReadSetOfCurves function  ...)
 	{DSA-1769-1 DSA-1745-1}
 	- lcms 1.18.dfsg-1 (bug #522446)
 	- openjdk-6 6b18-1.8.13-0+squeeze2
 	NOTE: Marking the current oldstable version as fixed, but likely fixed way earlier
-CVE-2009-0732
+CVE-2009-0732 (Downloadcenter 2.1 stores common.h under the web root with insufficien ...)
 	NOT-FOR-US: Downloadcenter
-CVE-2009-0731
+CVE-2009-0731 (Directory traversal vulnerability in pages/play.php in Free Arcade Scr ...)
 	NOT-FOR-US: Free Arcade Script
-CVE-2009-0730
+CVE-2009-0730 (Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) ...)
 	NOT-FOR-US: GigCalendar
-CVE-2009-0729
+CVE-2009-0729 (Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 Ba ...)
 	NOT-FOR-US: Page Engine CMS
-CVE-2009-0728
+CVE-2009-0728 (SQL injection vulnerability in the My_eGallery module for MAXdev MDPro ...)
 	NOT-FOR-US: MAXdev MDPro/Postnuke
-CVE-2009-0727
+CVE-2009-0727 (SQL injection vulnerability in jobdetails.php in taifajobs 1.0 and ear ...)
 	NOT-FOR-US: taifajobs
-CVE-2009-0726
+CVE-2009-0726 (SQL injection vulnerability in the GigCalendar (com_gigcal) component  ...)
 	NOT-FOR-US: Joomla!
 CVE-2009-0725
 	RESERVED
 CVE-2009-0724
 	RESERVED
-CVE-2009-0723
+CVE-2009-0723 (Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1 ...)
 	{DSA-1769-1 DSA-1745-1}
 	- lcms 1.18.dfsg-1 (bug #522446)
 	- openjdk-6 6b18-1.8.13-0+squeeze2
 	NOTE: Marking the current oldstable version as fixed, but likely fixed way earlier
-CVE-2009-0722
+CVE-2009-0722 (Directory traversal vulnerability in admin.php in Potato News 1.0.0 al ...)
 	NOT-FOR-US: Potato News
-CVE-2009-0721
+CVE-2009-0721 (Unspecified vulnerability in Easy Login in the Sender module in HP Rem ...)
 	NOT-FOR-US: HP Remote Graphics
-CVE-2009-0720
+CVE-2009-0720 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2009-0719
+CVE-2009-0719 (Unspecified vulnerability in useradd in HP HP-UX B.11.11, B.11.23, and ...)
 	NOT-FOR-US: HP-UX
-CVE-2009-0718
+CVE-2009-0718 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 befor ...)
 	NOT-FOR-US: HP StorageWorks Storage Mirroring
-CVE-2009-0717
+CVE-2009-0717 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 befor ...)
 	NOT-FOR-US: HP StorageWorks Storage Mirroring
-CVE-2009-0716
+CVE-2009-0716 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 befor ...)
 	NOT-FOR-US: HP StorageWorks Storage Mirroring
-CVE-2009-0715
+CVE-2009-0715 (Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials 6 ...)
 	NOT-FOR-US: HP Storage Essentials
-CVE-2009-0714
+CVE-2009-0714 (Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dp ...)
 	NOT-FOR-US: HP Data Protector Express
-CVE-2009-0713
+CVE-2009-0713 (Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager ...)
 	NOT-FOR-US: WMI Mapper
-CVE-2009-0712
+CVE-2009-0712 (Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager ...)
 	NOT-FOR-US: WMI Mapper
-CVE-2009-0711
+CVE-2009-0711 (filter.php in PHPFootball 1.6 and earlier allows remote attackers to r ...)
 	NOT-FOR-US: PHPFootball
-CVE-2009-0710
+CVE-2009-0710 (Multiple cross-site scripting (XSS) vulnerabilities in PHPFootball 1.6 ...)
 	NOT-FOR-US: PHPFootball
-CVE-2009-0709
+CVE-2009-0709 (SQL injection vulnerability in login.php in PHPFootball 1.6 allows rem ...)
 	NOT-FOR-US: PHPFootball
-CVE-2009-0708
+CVE-2009-0708 (Multiple cross-site request forgery (CSRF) vulnerabilities in Semantic ...)
 	NOT-FOR-US: SemanticScuttle
-CVE-2009-0707
+CVE-2009-0707 (SQL injection vulnerability in admin/index.php in PowerClan 1.14a allo ...)
 	NOT-FOR-US: PowerClan
-CVE-2009-0706
+CVE-2009-0706 (SQL injection vulnerability in the Simple Review (com_simple_review) c ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-0705
+CVE-2009-0705 (SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5. ...)
 	NOT-FOR-US: PowerScripts PowerNews
-CVE-2009-0704
+CVE-2009-0704 (SQL injection vulnerability in search.php in WSN Guest 1.23 allows rem ...)
 	NOT-FOR-US: WSN Guest
-CVE-2009-0703
+CVE-2009-0703 (SQL injection vulnerability in bview.asp in ASPThai.Net Webboard 6.0 a ...)
 	NOT-FOR-US: ASPThai.Net Webboard
-CVE-2009-0702
+CVE-2009-0702 (SQL injection vulnerability in the Phoca Documentation (com_phocadocum ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-0701
+CVE-2009-0701 (Multiple PHP remote file inclusion vulnerabilities in index.php in Cyb ...)
 	NOT-FOR-US: Cybershade
-CVE-2009-0700
+CVE-2009-0700 (Plunet BusinessManager 4.1 and earlier allows remote authenticated use ...)
 	NOT-FOR-US: Plunet BusinessManager
-CVE-2009-0699
+CVE-2009-0699 (Cross-site scripting (XSS) vulnerability in pagesUTF8/auftrag_allgemei ...)
 	NOT-FOR-US: Plunet BusinessManager
-CVE-2009-0698
+CVE-2009-0698 (Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib ...)
 	- xine-lib 1.1.16.2-1 (bug #517792; bug #523475; medium)
 	- vlc <not-affected> (affected part of xine-lib code not present)
 CVE-2009-0697
 	RESERVED
-CVE-2009-0696
+CVE-2009-0696 (The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 befo ...)
 	{DSA-1847-1}
 	- bind9 1:9.6.1.dfsg.P1-1 (bug #538975; high)
 	NOTE: See also http://www.kb.cert.org/vuls/id/725188
-CVE-2009-0695
+CVE-2009-0695 (hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authent ...)
 	NOT-FOR-US: Wyse Device Manager not in Debian
 CVE-2009-0694
 	RESERVED
-CVE-2009-0693
+CVE-2009-0693 (Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow rem ...)
 	NOT-FOR-US: Wyse Device Manager not in Debian
-CVE-2009-0692
+CVE-2009-0692 (Stack-based buffer overflow in the script_write_params method in clien ...)
 	{DSA-1833-2 DSA-1833-1}
 	- dhcp3 3.1.2p1-1 (medium)
 	NOTE: dhcp in etch is not affected.
-CVE-2009-0691
+CVE-2009-0691 (The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit  ...)
 	NOT-FOR-US: Foxit JPEG2000/JBIG2 Decoder add-on
-CVE-2009-0690
+CVE-2009-0690 (The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit  ...)
 	NOT-FOR-US: Foxit JPEG2000/JBIG2 Decoder add-on
-CVE-2009-0689
+CVE-2009-0689 (Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa. ...)
 	{DSA-1998-1 DSA-1931-1 DLA-1564-1 DLA-376-1}
 	- nspr 4.8-2
 	[etch] - nspr <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
@@ -11909,14 +11909,14 @@ CVE-2009-0689
 	[wheezy] - mono <no-dsa> (Minor issue)
 	NOTE: http://www.mono-project.com/docs/about-mono/vulnerabilities/
 	NOTE: https://gist.github.com/directhex/01e853567fd2cc74ed39
-CVE-2009-0688
+CVE-2009-0688 (Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23  ...)
 	{DSA-1807-1 DTSA-200-1 DTSA-201-1}
 	- cyrus-sasl2 2.1.23.dfsg1-1 (bug #528749)
 	- cyrus-sasl2-heimdal 2.1.23.dfsg1-1
 	NOTE: VU#238019
-CVE-2009-0687
+CVE-2009-0687 (The pf_test_rule function in OpenBSD Packet Filter (PF), as used in Op ...)
 	NOT-FOR-US: OpenBSD Packet Filter
-CVE-2009-0686
+CVE-2009-0686 (The TrendMicro Activity Monitor Module (tmactmon.sys) 2.52.0.1002 in T ...)
 	NOT-FOR-US: Trend Micro Internet Pro
 CVE-2009-0685
 	RESERVED
@@ -11924,19 +11924,19 @@ CVE-2009-0684
 	RESERVED
 CVE-2009-0683
 	RESERVED
-CVE-2009-0682
+CVE-2009-0682 (vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0 ...)
 	NOT-FOR-US: CA Internet Security Suite
-CVE-2009-0681
+CVE-2009-0681 (PGP Desktop before 9.10 allows local users to (1) cause a denial of se ...)
 	NOT-FOR-US: PGP Desktop
-CVE-2009-0680
+CVE-2009-0680 (cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows ...)
 	NOT-FOR-US: Netgear
-CVE-2009-0679
+CVE-2009-0679 (Cross-site scripting (XSS) vulnerability in the Your Account module in ...)
 	NOT-FOR-US: RavenNuke
-CVE-2009-0678
+CVE-2009-0678 (images/captcha.php in RavenNuke 2.30 allows remote attackers to obtain ...)
 	NOT-FOR-US: RavenNuke
-CVE-2009-0677
+CVE-2009-0677 (avatarlist.php in the Your Account module, reached through modules.php ...)
 	NOT-FOR-US: RavenNuke
-CVE-2009-0676
+CVE-2009-0676 (The sock_getsockopt function in net/core/sock.c in the Linux kernel be ...)
 	{DSA-1794-1 DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1 (low)
 	- linux-2.6.24 <unfixed> (low)
@@ -11944,82 +11944,82 @@ CVE-2009-0676
 	NOTE: <http://marc.info/?l=linux-kernel&m=123540732700371&w=2>
 	NOTE: Reproducer in <https://bugzilla.redhat.com/show_bug.cgi?id=486305>
 	NOTE: lacks initialzer for len. Leak confirmed with fixed reproducer.
-CVE-2009-0675
+CVE-2009-0675 (The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kern ...)
 	{DSA-1794-1 DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1 (low)
 	- linux-2.6.24 <removed> (low)
-CVE-2009-0674
+CVE-2009-0674 (images/captcha.php in Raven Web Services RavenNuke 2.30, when register ...)
 	NOT-FOR-US: RavenNuke
-CVE-2009-0673
+CVE-2009-0673 (Eval injection vulnerability in the Custom Fields feature in the Your  ...)
 	NOT-FOR-US: RavenNuke
-CVE-2009-0672
+CVE-2009-0672 (SQL injection vulnerability in the Resend_Email module in Raven Web Se ...)
 	NOT-FOR-US: RavenNuke
 CVE-2009-0671
 	REJECTED
 CVE-2009-0670
 	RESERVED
-CVE-2009-0669
+CVE-2009-0669 (Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise ...)
 	{DSA-2234-1 DSA-1863-1}
 	- zope3 <removed> (bug #540462)
 	- zope2.11 2.11.4-1 (bug #540463)
 	- zope2.10 2.10.9-1 (bug #540464)
 	- zope2.9 <removed>
 	- zodb 1:3.8.2-1 (bug #540465)
-CVE-2009-0668
+CVE-2009-0668 (Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, ...)
 	{DSA-2234-1 DSA-1863-1}
 	- zope3 <removed> (medium; bug #540462)
 	- zope2.11 2.11.4-1 (medium; bug #540463)
 	- zope2.10 2.10.9-1 (medium; bug #540464)
 	- zope2.9 <removed>
 	- zodb 1:3.8.2-1 (medium; bug #540465)
-CVE-2009-0667
+CVE-2009-0667 (Untrusted search path vulnerability in Agent/Backend.pm in Ocsinventor ...)
 	{DSA-1828-1}
 	- ocsinventory-agent 1:0.0.9.2repack1-5 (medium; bug #506416)
 CVE-2009-0666
 	RESERVED
 CVE-2009-0665
 	RESERVED
-CVE-2009-0664
+CVE-2009-0664 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0.x be ...)
 	{DSA-1778-1}
 	- mahara 1.1.3-1 (low)
-CVE-2009-0663
+CVE-2009-0663 (Heap-based buffer overflow in the DBD::Pg (aka DBD-Pg or libdbd-pg-per ...)
 	{DSA-1780-1}
 	- libdbd-pg-perl 2.1.3-1
-CVE-2009-0662
+CVE-2009-0662 (The PlonePAS product 3.x before 3.9 and 3.2.x before 3.2.2, a product  ...)
 	- plone3 <removed> (medium; bug #525943)
-CVE-2009-0661
+CVE-2009-0661 (Wee Enhanced Environment for Chat (WeeChat) 0.2.6 allows remote attack ...)
 	{DSA-1744-1}
 	- weechat 0.2.6.1-1 (medium; bug #519940)
 	[etch] - weechat <not-affected> (vulnerable code not present)
-CVE-2009-0660
+CVE-2009-0660 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 befo ...)
 	{DSA-1736-1}
 	- mahara 1.1.2-1 (low)
-CVE-2009-0659
+CVE-2009-0659 (Stack-based buffer overflow in the GetStatsFromLine function in TPTEST ...)
 	NOT-FOR-US: TPTEST
-CVE-2009-0658
+CVE-2009-0658 (Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and e ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0657
+CVE-2009-0657 (Toshiba Face Recognition 2.0.2.32 allows physically proximate attacker ...)
 	NOT-FOR-US: Toshiba Face Recognition
-CVE-2009-0656
+CVE-2009-0656 (Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypa ...)
 	NOT-FOR-US: Asus SmartLogon
-CVE-2009-0655
+CVE-2009-0655 (Lenovo Veriface III allows physically proximate attackers to login to  ...)
 	NOT-FOR-US: Lenovo Veriface
-CVE-2009-0654
+CVE-2009-0654 (Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attacke ...)
 	- tor <unfixed> (unimportant)
 	NOTE: attacker already controls entry and exit node at this stage
-CVE-2009-0653
+CVE-2009-0653 (OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an  ...)
 	- openssl 0.9.8-1 (bug #517791)
-CVE-2009-0652
+CVE-2009-0652 (The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox  ...)
 	{DSA-1830-1 DSA-1797-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- xulrunner 1.9.0.9-1
 	[etch] - xulrunner <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-0651
+CVE-2009-0651 (Unspecified vulnerability in the Veritas network daemon (aka vnetd) in ...)
 	NOT-FOR-US: Veritas network daemon
-CVE-2009-0650
+CVE-2009-0650 (Stack-based buffer overflow in the GetStatsFromLine function in TPTEST ...)
 	NOT-FOR-US: TPTEST
-CVE-2009-0649
+CVE-2009-0649 (The web browser in Symbian OS on the Nokia N95 cell phone allows remot ...)
 	NOT-FOR-US: Symbian OS
 CVE-2009-XXXX [thunar: potential exploits via  application launchers]
 	- thunar <unfixed> (bug #517020; unimportant)
@@ -12033,302 +12033,302 @@ CVE-2009-XXXX [sysvinit: no-root option in expert installer exposes locally expl
 	NOTE:   possible without impacting authorized users. otherwise, why spend so much effort
 	NOTE:   to make sure xscreensaver, gdm, and login are rock solid?
 	NOTE: - i would like to track as low, rather than unimportant
-CVE-2009-0753
+CVE-2009-0753 (Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7  ...)
 	{DSA-1739-1}
 	- mldonkey 3.0.0-1 (bug #516829; medium)
 	[etch] - mldonkey <not-affected> (vulnerable code not present)
 	NOTE: daemon is run as non-root and can only be exploited via localhost
-CVE-2009-0648
+CVE-2009-0648 (Multiple cross-site request forgery (CSRF) vulnerabilities in the mana ...)
 	NOT-FOR-US: Falt4 CMS
-CVE-2009-0647
+CVE-2009-0647 (msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206,  ...)
 	NOT-FOR-US: Windows Live Messenger
-CVE-2009-0646
+CVE-2009-0646 (Multiple SQL injection vulnerabilities in 4Site CMS 2.6 and earlier al ...)
 	NOT-FOR-US: 4Site CMS
-CVE-2009-0645
+CVE-2009-0645 (Directory traversal vulnerability in index.php in Jaws 0.8.8 allows re ...)
 	NOT-FOR-US: Jaws
-CVE-2009-0644
+CVE-2009-0644 (The HTTP interface in Swann DVR4-SecuraNet has a certain default admin ...)
 	NOT-FOR-US: Swann DVR4-SecuraNet
-CVE-2009-0643
+CVE-2009-0643 (Static code injection vulnerability in post.php in Simple PHP News 1.0 ...)
 	NOT-FOR-US: Simple PHP News
-CVE-2009-0642
+CVE-2009-0642 (ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check th ...)
 	{DSA-1860-1}
 	- ruby1.9 1.9.0.5-1 (bug #513528)
 	- ruby1.8 1.8.7.72-3.1 (medium; bug #517639; bug #522939)
-CVE-2009-0641
+CVE-2009-0641 (sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions de ...)
 	NOT-FOR-US: FreeBSD telnetd (apparently there's some common code base in netkit-telnet, but it's not affected
-CVE-2009-0640
+CVE-2009-0640 (Directory traversal vulnerability in the administrative web server in  ...)
 	NOT-FOR-US: Swann DVR4-SecuraNet
-CVE-2009-0639
+CVE-2009-0639 (PHP remote file inclusion vulnerability in moduli/libri/index.php in p ...)
 	NOT-FOR-US: phpyabs
-CVE-2009-0638
+CVE-2009-0638 (The Cisco Firewall Services Module (FWSM) 2.x, 3.1 before 3.1(16), 3.2 ...)
 	NOT-FOR-US: Cisco Firewall Services Module
-CVE-2009-0637
+CVE-2009-0637 (The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Acc ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0636
+CVE-2009-0636 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voi ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0635
+CVE-2009-0635 (Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulati ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0634
+CVE-2009-0634 (Multiple unspecified vulnerabilities in the home agent (HA) implementa ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0633
+CVE-2009-0633 (Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversa ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0632
+CVE-2009-0632 (The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2009-0631
+CVE-2009-0631 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configu ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0630
+CVE-2009-0630 (The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0629
+CVE-2009-0629 (The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka ST ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0628
+CVE-2009-0628 (Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allow ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0627
+CVE-2009-0627 (Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when run ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2009-0626
+CVE-2009-0626 (The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attack ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0625
+CVE-2009-0625 (Unspecified vulnerability in Cisco ACE Application Control Engine Modu ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0624
+CVE-2009-0624 (Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE A ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0623
+CVE-2009-0623 (Unspecified vulnerability in Cisco ACE Application Control Engine Modu ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0622
+CVE-2009-0622 (Unspecified vulnerability in Cisco ACE Application Control Engine Modu ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0621
+CVE-2009-0621 (Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0620
+CVE-2009-0620 (Cisco ACE Application Control Engine Module for Catalyst 6500 Switches ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0619
+CVE-2009-0619 (Unspecified vulnerability in the Session Border Controller (SBC) befor ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0618
+CVE-2009-0618 (Unspecified vulnerability in the Java agent in Cisco Application Netwo ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0617
+CVE-2009-0617 (Cisco Application Networking Manager (ANM) before 2.0 uses a default M ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0616
+CVE-2009-0616 (Cisco Application Networking Manager (ANM) before 2.0 uses default use ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0615
+CVE-2009-0615 (Directory traversal vulnerability in Cisco Application Networking Mana ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0614
+CVE-2009-0614 (Unspecified vulnerability in the Web Server in Cisco Unified MeetingPl ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0613
+CVE-2009-0613 (Trend Micro InterScan Web Security Suite (IWSS) 3.1 before build 1237  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2009-0612
+CVE-2009-0612 (Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 3.x and I ...)
 	NOT-FOR-US: Trend Micro
-CVE-2009-0611
+CVE-2009-0611 (Multiple cross-site scripting (XSS) vulnerabilities in qfsearch/AdminS ...)
 	NOT-FOR-US: Novell Open Enterprise Server
-CVE-2009-0610
+CVE-2009-0610 (Multiple static code injection vulnerabilities in post.php in Simple P ...)
 	NOT-FOR-US: Simple PHP News
-CVE-2009-0609
+CVE-2009-0609 (Sun Java System Directory Proxy Server in Sun Java System Directory Se ...)
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
-CVE-2009-0608
+CVE-2009-0608 (Integer overflow in the showLog function in fake_log_device.c in liblo ...)
 	NOT-FOR-US: Android
-CVE-2009-0607
+CVE-2009-0607 (Multiple integer overflows in malloc_leak.c in Bionic in Open Handset  ...)
 	NOT-FOR-US: Android
-CVE-2009-0606
+CVE-2009-0606 (The link_image function in linker/linker.c in the dynamic linker in Bi ...)
 	NOT-FOR-US: Android
-CVE-2009-0605
+CVE-2009-0605 (Stack consumption vulnerability in the do_page_fault function in arch/ ...)
 	- linux-2.6 <not-affected> (CONFIG_KPROBES is not enabled)
 	- linux-2.6.24 <not-affected> (CONFIG_KPROBES is not enabled)
-CVE-2009-0604
+CVE-2009-0604 (SQL injection vulnerability in index.php in PHP Director 0.21 and earl ...)
 	NOT-FOR-US: PHP Director
-CVE-2009-0603
+CVE-2009-0603 (Cross-site scripting (XSS) vulnerability in index.php in the Link modu ...)
 	NOT-FOR-US: Link drupal module
-CVE-2009-0602
+CVE-2009-0602 (Unrestricted file upload vulnerability in upload.php in WikkiTikkiTavi ...)
 	NOT-FOR-US: WikkiTikkiTavi
-CVE-2009-0601
+CVE-2009-0601 (Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-W ...)
 	- wireshark 1.0.6-1
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.8)
 	[lenny] - wireshark 1.0.2-3+lenny4
-CVE-2009-0600
+CVE-2009-0600 (Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers t ...)
 	- wireshark 1.0.6-1
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.6)
 	[lenny] - wireshark 1.0.2-3+lenny4
-CVE-2009-0599
+CVE-2009-0599 (Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0 ...)
 	- wireshark 1.0.6-1
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.7)
 	[lenny] - wireshark 1.0.2-3+lenny4
-CVE-2009-0598
+CVE-2009-0598 (SQL injection vulnerability in index.php in PhpMesFilms 1.0 and 1.8 al ...)
 	NOT-FOR-US: PhpMesFilms
-CVE-2009-0597
+CVE-2009-0597 (SQL injection vulnerability in admin/index.php in w3b&gt;cms (aka w3bl ...)
 	NOT-FOR-US: w3b>cms
-CVE-2009-0596
+CVE-2009-0596 (Directory traversal vulnerability in skysilver/login.tpl.php in phpSke ...)
 	NOT-FOR-US: phpSkelSite
-CVE-2009-0595
+CVE-2009-0595 (PHP remote file inclusion vulnerability in skysilver/login.tpl.php in  ...)
 	NOT-FOR-US: phpSkelSite
-CVE-2009-0594
+CVE-2009-0594 (Cross-site scripting (XSS) vulnerability in index.php in phpSkelSite 1 ...)
 	NOT-FOR-US: phpSkelSite
-CVE-2009-0593
+CVE-2009-0593 (SQL injection vulnerability in members.php in plx Auto Reminder 3.7 al ...)
 	NOT-FOR-US: plx Auto Reminder
-CVE-2009-0592
+CVE-2009-0592 (Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and earl ...)
 	NOT-FOR-US: PNphpBB2
-CVE-2009-0591
+CVE-2009-0591 (The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is  ...)
 	- openssl <not-affected> (vulnerable versions not uploaded to Debian)
-CVE-2009-0590
+CVE-2009-0590 (The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remo ...)
 	{DSA-1763-1}
 	- openssl 0.9.8g-16 (low; bug #522002)
 CVE-2009-0589
 	REJECTED
-CVE-2009-0588
+CVE-2009-0588 (agent/request/op.cgi in the Registration Authority (RA) component in R ...)
 	NOT-FOR-US: Registration Authority (RA) component in Red Hat Certificate System (RHCS)
-CVE-2009-0587
+CVE-2009-0587 (Multiple integer overflows in Evolution Data Server (aka evolution-dat ...)
 	{DSA-1813-1}
 	- evolution-data-server 2.22.3-1 (medium)
 	NOTE: this version doesnt fix the overflows but uses the glib functions for decoding instead
-CVE-2009-0586
+CVE-2009-0586 (Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs ...)
 	- gst-plugins-base0.10 0.10.22-4
 	[lenny] - gst-plugins-base0.10 <not-affected> (Vulnerable lib calls not present)
 	[etch] - gst-plugins-base0.10 <not-affected> (Vulnerable lib calls not present)
-CVE-2009-0585
+CVE-2009-0585 (Integer overflow in the soup_base64_encode function in soup-misc.c in  ...)
 	{DSA-1748-1}
 	- libsoup 2.2.105-4 (medium; bug #520039)
-CVE-2009-0584
+CVE-2009-0584 (icc.c in the International Color Consortium (ICC) Format library (aka  ...)
 	{DSA-1746-1 DTSA-198-1}
 	- ghostscript 8.64~dfsg-1.1 (medium; bug #522416)
 	- argyll 1.0.3-2 (bug #522448)
 	- gs-gpl <removed> (medium)
 	- gs-esp <removed>
-CVE-2009-0583
+CVE-2009-0583 (Multiple integer overflows in icc.c in the International Color Consort ...)
 	{DSA-1746-1 DTSA-198-1}
 	- ghostscript 8.64~dfsg-1.1 (medium; bug #522416)
 	- argyll 1.0.3-2 (bug #522448)
 	- gs-gpl <removed> (medium)
 	- gs-esp <removed>
-CVE-2009-0582
+CVE-2009-0582 (The ntlm_challenge function in the NTLM SASL authentication mechanism  ...)
 	{DSA-1813-1}
 	- evolution-data-server 2.26.1.1-1
-CVE-2009-0581
+CVE-2009-0581 (Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as us ...)
 	{DSA-1769-1 DSA-1745-1}
 	- lcms 1.18.dfsg-1 (bug #522446)
-CVE-2009-0580
+CVE-2009-0580 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 th ...)
 	{DSA-2207-1}
 	- tomcat6 6.0.20-1 (low; bug #532362)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
 	- tomcat5 <removed> (low; bug #532363)
 	- tomcat5.5 <removed> (low; bug #532366)
-CVE-2009-0579
+CVE-2009-0579 (Linux-PAM before 1.0.4 does not enforce the minimum password age (MIND ...)
 	- pam 1.0.1-10 (unimportant; bug #514437)
 	NOTE: the ability to change a password earlier than scheduled is not a security
 	NOTE: vulnerability in itself (unless the user changes their password back to
 	NOTE: their previous password; thus violating the security policy as defined by
 	NOTE: the administrator)
-CVE-2009-0578
+CVE-2009-0578 (GNOME NetworkManager before 0.7.0.99 does not properly verify privileg ...)
 	- network-manager-applet 0.7.0.99-1 (medium; bug #519801)
 	[lenny] - network-manager-applet <not-affected> (Bug affected the 0.7.x series)
-CVE-2009-0577
+CVE-2009-0577 (Integer overflow in the WriteProlog function in texttops in CUPS 1.1.1 ...)
 	NOT-FOR-US: RedHat specific, because they had a problem applying the fix for CVE-2008-3640
-CVE-2009-0576
+CVE-2009-0576 (Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 a ...)
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2009-0575
+CVE-2009-0575 (Cross-site scripting (XSS) vulnerability in the theme_views_bulk_opera ...)
 	NOT-FOR-US: Views Bulk Operations
-CVE-2009-0574
+CVE-2009-0574 (SQL injection vulnerability in index.php in Easy CafeEngine allows rem ...)
 	NOT-FOR-US: Easy CafeEngine
-CVE-2009-0573
+CVE-2009-0573 (Multiple cross-site scripting (XSS) vulnerabilities in FotoWeb 6.0 (Bu ...)
 	NOT-FOR-US: FotoWeb
-CVE-2009-0572
+CVE-2009-0572 (PHP remote file inclusion vulnerability in include/flatnux.php in Flat ...)
 	NOT-FOR-US: FlatnuX CMS
-CVE-2009-0571
+CVE-2009-0571 (admin.php in Ninja Designs Mailist 3.0 stores backup copies of maillis ...)
 	NOT-FOR-US: Ninja Designs Mailist
-CVE-2009-0570
+CVE-2009-0570 (Directory traversal vulnerability in send.php in Ninja Designs Mailist ...)
 	NOT-FOR-US: Ninja Designs Mailist
-CVE-2009-0569
+CVE-2009-0569 (Buffer overflow in Becky! Internet Mail 2.48.02 and earlier allows rem ...)
 	NOT-FOR-US: Becky! Internet Mail
-CVE-2009-0568
+CVE-2009-0568 (The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-0567
 	REJECTED
-CVE-2009-0566
+CVE-2009-0566 (Microsoft Office Publisher 2007 SP1 does not properly calculate object ...)
 	NOT-FOR-US: Microsoft Office Publisher
-CVE-2009-0565
+CVE-2009-0565 (Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007  ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-0564
 	RESERVED
-CVE-2009-0563
+CVE-2009-0563 (Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0562
+CVE-2009-0562 (The Office Web Components ActiveX Control in Microsoft Office XP SP3,  ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-0561
+CVE-2009-0561 (Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0560
+CVE-2009-0560 (Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, an ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0559
+CVE-2009-0559 (Stack-based buffer overflow in Excel in Microsoft Office 2000 SP3 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0558
+CVE-2009-0558 (Array index error in Excel in Microsoft Office 2000 SP3 and Office 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0557
+CVE-2009-0557 (Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, an ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0556
+CVE-2009-0556 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and Powe ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-0555
+CVE-2009-0555 (Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0554
+CVE-2009-0554 (Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-0553
+CVE-2009-0553 (Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3,  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-0552
+CVE-2009-0552 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 S ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-0551
+CVE-2009-0551 (Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3,  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-0550
+CVE-2009-0550 (Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0549
+CVE-2009-0549 (Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, an ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0548
+CVE-2009-0548 (Cross-site scripting (XSS) vulnerability in the Additional Report Sett ...)
 	NOT-FOR-US: Additional Report Settings interface in ESET Remote Administrator
-CVE-2009-0547
+CVE-2009-0547 (Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-ma ...)
 	{DSA-1813-1}
 	- evolution-data-server 2.24.5-2 (low; bug #508479)
-CVE-2009-0546
+CVE-2009-0546 (Stack-based buffer overflow in NewsGator FeedDemon 2.7 and earlier all ...)
 	NOT-FOR-US: NewsGator FeedDemon
-CVE-2009-0545
+CVE-2009-0545 (cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote atta ...)
 	NOT-FOR-US: ZeroShell
-CVE-2009-0544
+CVE-2009-0544 (Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attack ...)
 	{DSA-1726-1}
 	- python-crypto 2.0.1+dfsg1-3 (bug #516660)
-CVE-2009-0543
+CVE-2009-0543 (ProFTPD Server 1.3.1, with NLS support enabled, allows remote attacker ...)
 	{DSA-1730-1 DSA-1727-1}
 	- proftpd-dfsg 1.3.2-1 (medium; bug #516388)
 	[etch] - proftpd-dfsg <not-affected> (etch version not affected)
 	[lenny] - proftpd-dfsg 1.3.1-17lenny2
-CVE-2009-0542
+CVE-2009-0542 (SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 a ...)
 	{DSA-1730-1 DSA-1727-1}
 	- proftpd-dfsg 1.3.2-1 (medium; bug #516388)
 	[etch] - proftpd-dfsg <not-affected> (etch version not affected)
 	[lenny] - proftpd-dfsg 1.3.1-17lenny2
-CVE-2009-0541
+CVE-2009-0541 (Multiple cross-site scripting (XSS) vulnerabilities in Magento 1.2.0 a ...)
 	NOT-FOR-US: Magento
-CVE-2009-0540
+CVE-2009-0540 (Cross-site scripting (XSS) vulnerability in Libero 5.3 SP5, and possib ...)
 	NOT-FOR-US: Libero
 CVE-2009-0539
 	RESERVED
-CVE-2009-0538
+CVE-2009-0538 (Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 all ...)
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2009-0537
+CVE-2009-0537 (Integer overflow in the fts_build function in fts.c in libc in (1) Ope ...)
 	- glibc <not-affected> (Vulnerable code not present)
 	NOTE: glibc checks the comlete path length being not longer than USHRT_MAX
 	NOTE: and closes the directory path + free of structures in case , io/fts.c line 727
-CVE-2009-0536
+CVE-2009-0536 (at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 th ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-0535
+CVE-2009-0535 (Directory traversal vulnerability in export.php in Thyme 1.3 and earli ...)
 	NOT-FOR-US: Thyme
-CVE-2009-0534
+CVE-2009-0534 (SQL injection vulnerability in FlexCMS allows remote attackers to exec ...)
 	NOT-FOR-US: FlexCMS
-CVE-2009-0533
+CVE-2009-0533 (Cross-site scripting (XSS) vulnerability in password.php in Scripts fo ...)
 	NOT-FOR-US: Sites EZ Reminder
-CVE-2009-0532
+CVE-2009-0532 (Cross-site scripting (XSS) vulnerability in password.php in Scripts Fo ...)
 	NOT-FOR-US: Scripts For Sites (SFS) EZ Baby
-CVE-2009-0531
+CVE-2009-0531 (SQL injection vulnerability in gallery/view.asp in A Better Member-Bas ...)
 	NOT-FOR-US: A Better Member-Based ASP Photo Gallery
-CVE-2009-0530
+CVE-2009-0530 (Multiple PHP remote file inclusion vulnerabilities in SnippetMaster 2. ...)
 	NOT-FOR-US: SnippetMaster
-CVE-2009-0529
+CVE-2009-0529 (Cross-site scripting (XSS) vulnerability in index.php in SnippetMaster ...)
 	NOT-FOR-US: SnippetMaster
-CVE-2009-0528
+CVE-2009-0528 (SQL injection vulnerability in frame.php in Rhadrix If-CMS 2.07 and ea ...)
 	NOT-FOR-US: Rhadrix If-CMS
-CVE-2009-0527
+CVE-2009-0527 (PHP remote file inclusion vulnerability in plugins/rss_importer_functi ...)
 	NOT-FOR-US: AdaptCMS
-CVE-2009-0526
+CVE-2009-0526 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Ad ...)
 	NOT-FOR-US: AdaptCMS
-CVE-2009-0525
+CVE-2009-0525 (Cross-site scripting (XSS) vulnerability in the sajax_get_common_js fu ...)
 	NOT-FOR-US: Sajax
 CVE-2009-XXXX [nautilus: potential exploits via application launchers]
 	- nautilus 2.26.2-1 (low; bug #515104)
@@ -12338,355 +12338,355 @@ CVE-2009-XXXX [nautilus: potential exploits via application launchers]
 CVE-2009-XXXX [konqueror: potential exploits via application launchers]
 	- kdebase <unfixed> (unimportant; bug #515106)
 	NOTE: Minor impact, any attack would still require a significant amount of social engineering
-CVE-2009-0737
+CVE-2009-0737 (Multiple cross-site scripting (XSS) vulnerabilities in the web-based i ...)
 	{DSA-1901-1}
 	- mediawiki 1:1.14.0-1 (low; bug #514547)
 	- mediawiki1.7 <removed>
 	[lenny] - mediawiki 1:1.12.0-2lenny3
 	[etch] - mediawiki <not-affected> (metapackage)
-CVE-2009-0524
+CVE-2009-0524 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 6 and 7, an ...)
 	NOT-FOR-US: Adobe RoboHelp
-CVE-2009-0523
+CVE-2009-0523 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 an ...)
 	NOT-FOR-US: Adobe RoboHelp
-CVE-2009-0522
+CVE-2009-0522 (Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-0521
+CVE-2009-0521 (Untrusted search path vulnerability in Adobe Flash Player 9.x before 9 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-0520
+CVE-2009-0520 (Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 doe ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-0519
+CVE-2009-0519 (Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2009-0518
+CVE-2009-0518 (VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 ...)
 	NOT-FOR-US: VMware
-CVE-2009-0517
+CVE-2009-0517 (Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and earl ...)
 	NOT-FOR-US: phpSlash
-CVE-2009-0516
+CVE-2009-0516 (SQL injection vulnerability in the classified page (classified.php) in ...)
 	NOT-FOR-US: BusinessSpace
-CVE-2009-0515
+CVE-2009-0515 (Directory traversal vulnerability in check_lang.php in Yet Another NOC ...)
 	NOT-FOR-US: YANOCC
-CVE-2009-0514
+CVE-2009-0514 (Multiple directory traversal vulnerabilities in WebFrame 0.76 allow re ...)
 	NOT-FOR-US: WebFrame
-CVE-2009-0513
+CVE-2009-0513 (Multiple PHP remote file inclusion vulnerabilities in WebFrame 0.76 al ...)
 	NOT-FOR-US: WebFrame
-CVE-2009-0512
+CVE-2009-0512 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and A ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0511
+CVE-2009-0511 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and A ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0510
+CVE-2009-0510 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and A ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0509
+CVE-2009-0509 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and A ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0508
+CVE-2009-0508 (The Servlet Engine/Web Container and JSP components in IBM WebSphere A ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0507
+CVE-2009-0507 (IBM WebSphere Process Server (WPS) 6.1.2 before 6.1.2.3 and 6.2 before ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0506
+CVE-2009-0506 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) 5. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-0505
+CVE-2009-0505 (The CICS listener in IBM TXSeries for Multiplatforms 6.2 GA waits for  ...)
 	NOT-FOR-US: IBM TXSeries
-CVE-2009-0504
+CVE-2009-0504 (WSPolicy in the Web Services component in IBM WebSphere Application Se ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-0503
+CVE-2009-0503 (IBM WebSphere Message Broker 6.1.x before 6.1.0.2 writes a database co ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0502
+CVE-2009-0502 (Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php ...)
 	{DSA-1724-1}
 	- moodle 1.8.2.dfsg-3 (low)
 	NOTE: MSA-09-0004
-CVE-2009-0501
+CVE-2009-0501 (Unspecified vulnerability in the Calendar export feature in Moodle 1.8 ...)
 	{DTSA-195-1}
 	- moodle 1.8.2.dfsg-4 (low)
 	[etch] - moodle <not-affected> (Vulnerable code not present)
-CVE-2009-0500
+CVE-2009-0500 (Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle 1 ...)
 	{DSA-1724-1 DTSA-195-1}
 	- moodle 1.8.2.dfsg-3 (low)
-CVE-2009-0499
+CVE-2009-0499 (Cross-site request forgery (CSRF) vulnerability in the forum code in M ...)
 	- moodle 1.8.2.dfsg-3 (low)
 	[etch] - moodle <not-affected> (Vulnerable code not present)
-CVE-2009-0498
+CVE-2009-0498 (Virtual GuestBook (vgbook) 2.1 stores sensitive information under the  ...)
 	NOT-FOR-US: Virtual GuestBook
-CVE-2009-0497
+CVE-2009-0497 (Directory traversal vulnerability in log.jsp in Ignite Realtime Openfi ...)
 	NOT-FOR-US: Openfire
-CVE-2009-0496
+CVE-2009-0496 (Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime ...)
 	NOT-FOR-US: Openfire
-CVE-2009-0495
+CVE-2009-0495 (PHP remote file inclusion vulnerability in include/define.php in REALT ...)
 	NOT-FOR-US: REALTOR
-CVE-2009-0494
+CVE-2009-0494 (SQL injection vulnerability in the Portfol (com_portfol) 1.2 component ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-0493
+CVE-2009-0493 (SQL injection vulnerability in login.php in IT!CMS 2.1a and earlier al ...)
 	NOT-FOR-US: IT CMS
-CVE-2009-0492
+CVE-2009-0492 (Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has unknow ...)
 	NOT-FOR-US: SimpleIrcBot
-CVE-2009-0491
+CVE-2009-0491 (Stack-based buffer overflow in Elecard MPEG Player 5.5 build 15884.081 ...)
 	NOT-FOR-US: Elecard MPEG Player
-CVE-2009-0488
+CVE-2009-0488 (Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10 allow ...)
 	NOT-FOR-US: Phorum
-CVE-2009-0486
+CVE-2009-0486 (Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls t ...)
 	- bugzilla 3.2.4.0-1 (bug #514143)
 	[etch] - bugzilla <not-affected> (Versions before 3.2.1, 3.0.7, and 3.3.2 were not affected)
 	[lenny] - bugzilla <not-affected> (Versions before 3.2.1, 3.0.7, and 3.3.2 were not affected)
-CVE-2009-0485
+CVE-2009-0485 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to 2. ...)
 	- bugzilla 3.2.4.0-1 (low; bug #514143)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2009-0484
+CVE-2009-0484 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before ...)
 	- bugzilla 3.2.4.0-1 (low; bug #514143)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2009-0483
+CVE-2009-0483 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 befor ...)
 	- bugzilla 3.2.4.0-1 (low; bug #514143)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2009-0482
+CVE-2009-0482 (Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 ...)
 	- bugzilla 3.2.4.0-1 (low; bug #514143)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2009-0481
+CVE-2009-0481 (Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3. ...)
 	- bugzilla 3.2.4.0-1 (low; bug #514143)
 	[etch] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2009-0480
+CVE-2009-0480 (The IP implementation in Sun Solaris 8 through 10, and OpenSolaris bef ...)
 	NOT-FOR-US: Solaris
-CVE-2009-0489
+CVE-2009-0489 (The DBus configuration file for Wicd before 1.5.9 allows arbitrary use ...)
 	- wicd 1.5.9-1
-CVE-2009-0479
+CVE-2009-0479 (Multiple SQL injection vulnerabilities in admin/admin_login.php in Onl ...)
 	NOT-FOR-US: Online Grades
-CVE-2009-0477
+CVE-2009-0477 (Unspecified vulnerability in the process (aka proc) filesystem in Sun  ...)
 	NOT-FOR-US: OpenSolaris
-CVE-2009-0476
+CVE-2009-0476 (Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0  ...)
 	NOT-FOR-US: MultiMedia Soft audio components
-CVE-2009-0475
+CVE-2009-0475 (Integer underflow in the Huffman decoding functionality (pvmp3_huffman ...)
 	NOT-FOR-US: OpenCORE
-CVE-2009-0474
+CVE-2009-0474 (The web interface in the Rockwell Automation ControlLogix 1756-ENBT/A  ...)
 	NOT-FOR-US: Rockwell EtherNet/IP Bridge Module
-CVE-2009-0473
+CVE-2009-0473 (Open redirect vulnerability in the web interface in the Rockwell Autom ...)
 	NOT-FOR-US: Rockwell EtherNet/IP Bridge Module
-CVE-2009-0472
+CVE-2009-0472 (Multiple cross-site scripting (XSS) vulnerabilities in the web interfa ...)
 	NOT-FOR-US: Rockwell EtherNet/IP Bridge Module
-CVE-2009-0471
+CVE-2009-0471 (Cross-site request forgery (CSRF) vulnerability in the HTTP server in  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0470
+CVE-2009-0470 (Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2009-0469
+CVE-2009-0469 (Unspecified vulnerability in futomi's CGI Cafe Fulltext search CGI 1.1 ...)
 	NOT-FOR-US: futomi's CGI Cafe
-CVE-2009-0468
+CVE-2009-0468 (Multiple cross-site request forgery (CSRF) vulnerabilities in ajax.htm ...)
 	NOT-FOR-US: Profense Web Application Firewall
-CVE-2009-0467
+CVE-2009-0467 (Cross-site scripting (XSS) vulnerability in proxy.html in Profense Web ...)
 	NOT-FOR-US: Profense Web Application Firewall
-CVE-2009-0466
+CVE-2009-0466 (Cross-site scripting (XSS) vulnerability in Vivvo CMS before 4.1.1 all ...)
 	NOT-FOR-US: Vivvo CMS
-CVE-2009-0465
+CVE-2009-0465 (The SaveDoc method in the All_In_The_Box.AllBox ActiveX control in ALL ...)
 	NOT-FOR-US: Synactis ALL In-The-Box ActiveX 3
-CVE-2009-0464
+CVE-2009-0464 (PHP remote file inclusion vulnerability in includes/header.php in Groo ...)
 	NOT-FOR-US: Groone GBook
-CVE-2009-0463
+CVE-2009-0463 (PHP remote file inclusion vulnerability in includes/header.php in Groo ...)
 	NOT-FOR-US: Groone GLinks
-CVE-2009-0462
+CVE-2009-0462 (Multiple SQL injection vulnerabilities in customer_login_check.asp in  ...)
 	NOT-FOR-US: ClickTech ClickCart
-CVE-2009-0461
+CVE-2009-0461 (Whole Hog Password Protect: Enhanced 1.x allows remote attackers to by ...)
 	NOT-FOR-US: Whole Hog Password Protect
-CVE-2009-0460
+CVE-2009-0460 (Whole Hog Ware Support 1.x allows remote attackers to bypass authentic ...)
 	NOT-FOR-US: Whole Hog Ware Support
-CVE-2009-0459
+CVE-2009-0459 (Multiple SQL injection vulnerabilities in admin/login_submit.php in Wh ...)
 	NOT-FOR-US: Whole Hog Password Protect
-CVE-2009-0458
+CVE-2009-0458 (Multiple SQL injection vulnerabilities in admin/login_submit.php in Wh ...)
 	NOT-FOR-US: Whole Hog Ware Support
-CVE-2009-0457
+CVE-2009-0457 (Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow r ...)
 	NOT-FOR-US: AJA Portal
-CVE-2009-0456
+CVE-2009-0456 (PHP remote file inclusion vulnerability in examples/example_clientside ...)
 	NOT-FOR-US: patForms
-CVE-2009-0455
+CVE-2009-0455 (Cross-site scripting (XSS) vulnerability in the anonymous comments fea ...)
 	NOT-FOR-US: glFusion
-CVE-2009-0454
+CVE-2009-0454 (Multiple SQL injection vulnerabilities in DMXReady Online Notebook Man ...)
 	NOT-FOR-US: DMXReady Online Notebook Manager
-CVE-2009-0453
+CVE-2009-0453 (Online Grades 3.2.4 allows remote attackers to obtain configuration in ...)
 	NOT-FOR-US: Online Grades
-CVE-2009-0452
+CVE-2009-0452 (Multiple SQL injection vulnerabilities in parents/login.php in Online  ...)
 	NOT-FOR-US: Online Grades
-CVE-2009-0451
+CVE-2009-0451 (SQL injection vulnerability in Skalfa SkaLinks 1.5 allows remote attac ...)
 	NOT-FOR-US: Skalfa SkaLinks
-CVE-2009-0450
+CVE-2009-0450 (Stack-based buffer overflow in BlazeVideo HDTV Player 3.5 and earlier  ...)
 	NOT-FOR-US: BlazeVideo
-CVE-2009-0449
+CVE-2009-0449 (Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations  ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2009-0448
+CVE-2009-0448 (Directory traversal vulnerability in admin/modules/aa/preview.php in S ...)
 	NOT-FOR-US: Syntax Desktop
-CVE-2009-0447
+CVE-2009-0447 (Multiple SQL injection vulnerabilities in default.asp in MyDesign Saya ...)
 	NOT-FOR-US: MyDesign Sayac
-CVE-2009-0446
+CVE-2009-0446 (SQL injection vulnerability in photo.php in WEBalbum 2.4b allows remot ...)
 	NOT-FOR-US: WEBalbum
-CVE-2009-0445
+CVE-2009-0445 (SQL injection vulnerability in index.php in Dreampics Gallery Builder  ...)
 	NOT-FOR-US: Dreampics Gallery Builder
-CVE-2009-0444
+CVE-2009-0444 (Multiple PHP remote file inclusion vulnerabilities in GRBoard 1.8, whe ...)
 	NOT-FOR-US: GRBoard
-CVE-2009-0443
+CVE-2009-0443 (Stack-based buffer overflow in Elecard AVC HD PLAYER 5.5.90116 allows  ...)
 	NOT-FOR-US: Elecard AVC HD PLAYER
-CVE-2009-0442
+CVE-2009-0442 (Directory traversal vulnerability in bbcode.php in PHPbbBook 1.3 and 1 ...)
 	NOT-FOR-US: PHPbbBook
-CVE-2009-0441
+CVE-2009-0441 (PHP remote file inclusion vulnerability in skin_shop/standard/2_view_b ...)
 	NOT-FOR-US: Technote
-CVE-2009-0440
+CVE-2009-0440 (IBM WebSphere Partner Gateway (WPG) 6.0.0 through 6.0.0.7 does not pro ...)
 	NOT-FOR-US: IBM WebSphere Partner Gateway
-CVE-2009-0439
+CVE-2009-0439 (Unspecified vulnerability in the queue manager in IBM WebSphere MQ (WM ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0438
+CVE-2009-0438 (IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows all ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0437
+CVE-2009-0437 (The Installation Factory installation process for IBM WebSphere Applic ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0436
+CVE-2009-0436 (The (1) mod_ibm_ssl and (2) mod_cgid modules in IBM HTTP Server 6.0.x  ...)
 	NOT-FOR-US: IBM HTTP Server
-CVE-2009-0435
+CVE-2009-0435 (Unspecified vulnerability in the IBM Asynchronous I/O (aka AIO or libi ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0434
+CVE-2009-0434 (PerfServlet in the PMI/Performance Tools component in IBM WebSphere Ap ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0433
+CVE-2009-0433 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) 5. ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0432
+CVE-2009-0432 (The installation process for the File Transfer servlet in the System M ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0431
+CVE-2009-0431 (SQL injection vulnerability in Default.asp in LinksPro Standard Editio ...)
 	NOT-FOR-US: LinksPro
-CVE-2009-0430
+CVE-2009-0430 (Multiple cross-site scripting (XSS) vulnerabilities in Active Bids all ...)
 	NOT-FOR-US: Active Bids
-CVE-2009-0429
+CVE-2009-0429 (Multiple SQL injection vulnerabilities in Active Bids allow remote att ...)
 	NOT-FOR-US: Active Bids
-CVE-2009-0428
+CVE-2009-0428 (SQL injection vulnerability in CategoryManager/upload_image_category.a ...)
 	NOT-FOR-US: DMXReady Secure Document
-CVE-2009-0427
+CVE-2009-0427 (SQL injection vulnerability in CategoryManager/upload_image_category.a ...)
 	NOT-FOR-US: DMXReady Secure Document
-CVE-2009-0426
+CVE-2009-0426 (SQL injection vulnerability in CategoryManager/upload_image_category.a ...)
 	NOT-FOR-US: DMXReady Secure Document
-CVE-2009-0425
+CVE-2009-0425 (SQL injection vulnerability in index.php in Blue Eye CMS 1.0.0 and ear ...)
 	NOT-FOR-US: Blue Eye CMS
-CVE-2009-0424
+CVE-2009-0424 (Cross-site scripting (XSS) vulnerability in sign1.php in AN Guestbook  ...)
 	NOT-FOR-US: AN Guestbook
-CVE-2009-0423
+CVE-2009-0423 (Directory traversal vulnerability in index.php in Php Photo Album (PHP ...)
 	NOT-FOR-US: Php Photo Album
-CVE-2009-0422
+CVE-2009-0422 (Dynamic variable evaluation vulnerability in lists/admin.php in phpLis ...)
 	NOT-FOR-US: phpList
-CVE-2009-0421
+CVE-2009-0421 (SQL injection vulnerability in the Eventing (com_eventing) 1.6.x compo ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-0420
+CVE-2009-0420 (SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-0419
+CVE-2009-0419 (Microsoft XML Core Services, as used in Microsoft Expression Web, Offi ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0418
+CVE-2009-0418 (The IPv6 Neighbor Discovery Protocol (NDP) implementation in HP HP-UX  ...)
 	NOT-FOR-US: HP HP-UX
-CVE-2009-0417
+CVE-2009-0417 (Cross-site scripting (XSS) vulnerability in the AgaviWebRouting::gen(n ...)
 	NOT-FOR-US: Agavi
-CVE-2009-0416
+CVE-2009-0416 (The SSL certificate setup program (genSslCert.sh) in Standards Based L ...)
 	NOT-FOR-US: sblim-sfcb
-CVE-2009-0415
+CVE-2009-0415 (Untrusted search path vulnerability in trickle 1.07 allows local users ...)
 	- trickle 1.07-6 (bug #513456; low)
 	[etch] - trickle <no-dsa> (Minor issue)
-CVE-2009-0413
+CVE-2009-0413 (Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcu ...)
 	- roundcube 0.2~stable-1 (low; bug #514179)
 	[lenny] - roundcube <not-affected> (Vulnerable code not present)
-CVE-2009-0412
+CVE-2009-0412 (The ProcessLogin function in class.auth.php in Interspire Shopping Car ...)
 	NOT-FOR-US: Interspire Shopping Cart
-CVE-2009-0411
+CVE-2009-0411 (Google Chrome before 1.0.154.46 does not properly restrict access from ...)
 	- chromium-browser <not-affected> (Only 1.x is affected)
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2009-0410
+CVE-2009-0410 (Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-0409
+CVE-2009-0409 (SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and  ...)
 	NOT-FOR-US: Max.Blog
-CVE-2009-0408
+CVE-2009-0408 (Cross-site request forgery (CSRF) vulnerability in osCommerce 2.2 RC 2 ...)
 	NOT-FOR-US: osCommerce
-CVE-2009-0407
+CVE-2009-0407 (SQL injection vulnerability in admin/login.php in PHP-CMS Project 1 al ...)
 	NOT-FOR-US: PHP-CMS
-CVE-2009-0406
+CVE-2009-0406 (SQL injection vulnerability in index.php in Community CMS 0.4 and earl ...)
 	NOT-FOR-US: Community CMS
-CVE-2009-0405
+CVE-2009-0405 (SQL injection vulnerability in articles.php in smartSite CMS 1.0 allow ...)
 	NOT-FOR-US: smartSite CMS
-CVE-2009-0404
+CVE-2009-0404 (Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics  ...)
 	NOT-FOR-US: Bioinformatics htmLawed
-CVE-2009-0403
+CVE-2009-0403 (SQL injection vulnerability in admin/authenticate.php in Chipmunk Blog ...)
 	NOT-FOR-US: Chipmunk Blogger Script
-CVE-2009-0402
+CVE-2009-0402 (SQL injection vulnerability in client/new_account.php in Domain Techno ...)
 	NOT-FOR-US: Domain Technologie Control
-CVE-2009-0401
+CVE-2009-0401 (SQL injection vulnerability in browsecats.php in E-Php CMS allows remo ...)
 	NOT-FOR-US: E-Php CMS
-CVE-2009-0400
+CVE-2009-0400 (SQL injection vulnerability in blog.php in SocialEngine 3.06 trial all ...)
 	NOT-FOR-US: SocialEngine
-CVE-2009-0399
+CVE-2009-0399 (Chipmunk Blogger Script allows remote attackers to gain administrator  ...)
 	NOT-FOR-US: Chipmunk Blogger Script
-CVE-2009-0398
+CVE-2009-0398 (Array index error in the gst_qtp_trak_handler function in gst/qtdemux/ ...)
 	- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
 	- gst-plugins-bad0.10 <not-affected> (Vulnerable code not present)
-CVE-2009-0397
+CVE-2009-0397 (Heap-based buffer overflow in the qtdemux_parse_samples function in gs ...)
 	{DSA-1729-1}
 	- gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
 	[lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1
 	[etch] - gst-plugins-good0.10 <not-affected> (plugin in other package)
 	- gst-plugins-bad0.10 0.10.4-1
-CVE-2009-0396
+CVE-2009-0396 (The Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, K660i, W88 ...)
 	NOT-FOR-US: Sony Ericsson
-CVE-2009-0395
+CVE-2009-0395 (SQL injection vulnerability in the login feature in NetArt Media Car P ...)
 	NOT-FOR-US: NetArt Media Car Portal
-CVE-2009-0394
+CVE-2009-0394 (SQL injection vulnerability in login.php in Pre Lecture Exercises (PLE ...)
 	NOT-FOR-US: Pre Lecture Exercises
-CVE-2009-0393
+CVE-2009-0393 (Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola Wi ...)
 	NOT-FOR-US: Motorola Wimax
-CVE-2009-0392
+CVE-2009-0392 (Directory traversal vulnerability in sysconf.cgi in Motorola Wimax mod ...)
 	NOT-FOR-US: Motorola Wimax
-CVE-2009-0391
+CVE-2009-0391 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-0390
+CVE-2009-0390 (Argument injection vulnerability in Enomaly Elastic Computing Platform ...)
 	NOT-FOR-US: Enomaly Elastic Computing Platform
-CVE-2009-0389
+CVE-2009-0389 (Multiple insecure method vulnerabilities in the Web On Windows (WOW) A ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-0388
+CVE-2009-0388 (Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and ...)
 	- tightvnc <not-affected> (bug in the windows-specific client connection code)
 	NOTE: http://bugs.debian.org/528204
-CVE-2009-0387
+CVE-2009-0387 (Array index error in the qtdemux_parse_samples function in gst/qtdemux ...)
 	{DSA-1729-1}
 	- gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
 	[lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1
 	[etch] - gst-plugins-good0.10 <not-affected> (plugin in other package)
 	- gst-plugins-bad0.10 0.10.4-1
-CVE-2009-0386
+CVE-2009-0386 (Heap-based buffer overflow in the qtdemux_parse_samples function in gs ...)
 	{DSA-1729-1}
 	- gst-plugins-good0.10 0.10.8-4.1 (bug #514177)
 	[lenny] - gst-plugins-good0.10 0.10.8-4.1~lenny1
 	[etch] - gst-plugins-good0.10 <not-affected> (plugin in other package)
 	- gst-plugins-bad0.10 0.10.4-1
-CVE-2009-0384
+CVE-2009-0384 (SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows remot ...)
 	NOT-FOR-US: OwnRS CMS
-CVE-2009-0383
+CVE-2009-0383 (delete.php in Max.Blog 1.0.6 does not properly restrict access, which  ...)
 	NOT-FOR-US: Max.Blog
-CVE-2009-0382
+CVE-2009-0382 (Unspecified vulnerability in Internationalization (i18n) Translation 5 ...)
 	- drupal5 <not-affected> (Translation module not packaged)
 	- drupal6 <not-affected> (Issue only affects the 5.x branch)
-CVE-2009-0381
+CVE-2009-0381 (SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping Ca ...)
 	NOT-FOR-US: BazaarBuilder Ecommerce Shopping Cart
 CVE-2009-0380
 	NOT-FOR-US: Sigsiu Online Business Index
-CVE-2009-0379
+CVE-2009-0379 (SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess ...)
 	NOT-FOR-US: Prince Clan Chess Club
-CVE-2009-0378
+CVE-2009-0378 (Cross-site scripting (XSS) vulnerability in index.php in the beamospet ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-0377
+CVE-2009-0377 (SQL injection vulnerability in the beamospetition (com_beamospetition) ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-0376
+CVE-2009-0376 (Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer 10 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2009-0375
+CVE-2009-0375 (Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlaye ...)
 	NOT-FOR-US: RealPlayer
 CVE-2009-0374
 	- chromium-browser <unfixed> (unimportant)
 	- webkit <not-affected> (poc doesn't work)
-CVE-2009-0373
+CVE-2009-0373 (SQL injection vulnerability in the ElearningForce Flash Magazine Delux ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-0372
+CVE-2009-0372 (Unrestricted file upload vulnerability in index.php in Miltenovik Mano ...)
 	NOT-FOR-US: Miltenovik Manojlo MemHT Portal
-CVE-2009-0371
+CVE-2009-0371 (Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and  ...)
 	NOT-FOR-US: SiteXS CMS
-CVE-2009-0370
+CVE-2009-0370 (Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 al ...)
 	NOT-FOR-US: IBM AIX
-CVE-2009-0369
+CVE-2009-0369 (Microsoft Internet Explorer 7 allows remote attackers to trick a user  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2009-0487
+CVE-2009-0487 (Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 allows ...)
 	- mahara 1.0.9-1 (low)
 	[lenny] - mahara 1.0.4-4
-CVE-2009-0478
+CVE-2009-0478 (Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allo ...)
 	{DSA-1732-1}
 	- squid 2.7.STABLE3-4.1 (medium; bug #514142)
 	- squid3 3.0.STABLE8-3 (medium)
@@ -12694,56 +12694,56 @@ CVE-2009-0478
 CVE-2009-XXXX [glpi sql injection]
 	- glpi 0.71.5-1 (bug #513611; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2009-0490
+CVE-2009-0490 (Stack-based buffer overflow in the String_parse::get_nonspace_quoted f ...)
 	{DTSA-192-1}
 	- audacity 1.3.6-1 (bug #514138)
 	[lenny] - audacity 1.3.5-2+lenny1
-CVE-2009-0368
+CVE-2009-0368 (OpenSC before 0.11.7 allows physically proximate attackers to bypass i ...)
 	{DSA-1734-1}
 	- opensc 0.11.7-1
 	[etch] - opensc <not-affected> (vulnerable code not present)
-CVE-2009-0367
+CVE-2009-0367 (The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows rem ...)
 	{DSA-1737-1}
 	- wesnoth 1:1.4.7-4
-CVE-2009-0366
+CVE-2009-0366 (The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth ...)
 	{DSA-1737-1}
 	- wesnoth 1:1.4.7-4
-CVE-2009-0365
+CVE-2009-0365 (nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an inc ...)
 	{DSA-1955-1}
 	- network-manager-applet 0.7.0.99-1 (medium; bug #519801)
 	- network-manager 0.6.5-1 (medium)
 	NOTE: network-manager in lenny not affected, because it is in network-manager-applet
-CVE-2009-0364
+CVE-2009-0364 (Format string vulnerability in the mini_calendar component in Citadel. ...)
 	{DSA-1752-1}
 	- webcit 7.38b-dfsg-2 (low)
-CVE-2009-0363
+CVE-2009-0363 (Multiple buffer overflows in (a) BarnOwl before 1.0.5 and (b) owl 2.1. ...)
 	{DTSA-197-1}
 	- barnowl 1.0.5-1
 	[lenny] - barnowl 1.0.1-4
 	- owl 2.2.2-1 (bug #515118)
 	[lenny] - owl <no-dsa> (Minor issue)
 	[etch] - owl <no-dsa> (Minor issue)
-CVE-2009-0362
+CVE-2009-0362 (filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expre ...)
 	- fail2ban 0.8.3-2sid1 (low; bug #514163)
-CVE-2009-0361
+CVE-2009-0361 (Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in So ...)
 	{DSA-1722-1 DSA-1721-1}
 	- libpam-heimdal 3.10-2.1 (bug #516695)
 	- libpam-krb5 3.13-2
 	[lenny] - libpam-krb5 3.11-4
-CVE-2009-0360
+CVE-2009-0360 (Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, d ...)
 	{DSA-1721-1}
 	- libpam-krb5 3.13-2
 	[lenny] - libpam-krb5 3.11-4
-CVE-2009-0359
+CVE-2009-0359 (Multiple cross-site scripting (XSS) vulnerabilities in Samizdat before ...)
 	{DTSA-194-1}
 	- samizdat 0.6.2-2
-CVE-2009-0358
+CVE-2009-0358 (Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) n ...)
 	- iceweasel 3.0
 	[etch] - iceweasel <not-affected> (Only affects Firefox 3.x)
 	NOTE: Iceweasel in Lenny links against Xulrunner
 	- xulrunner 1.9.0.5-1
 	[etch] - xulrunner <not-affected> (Only affects Xulrunner 1.9)
-CVE-2009-0357
+CVE-2009-0357 (Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not proper ...)
 	- iceweasel 3.0
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: Iceweasel in Lenny links against Xulrunner
@@ -12753,7 +12753,7 @@ CVE-2009-0357
 	[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: Iceape in Lenny only provides XPCOM libs
 	- kompozer 1:0.8~alpha2+dfsg+svn129-1
-CVE-2009-0356
+CVE-2009-0356 (Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the ( ...)
 	- iceweasel 3.0
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: Iceweasel in Lenny links against Xulrunner
@@ -12763,16 +12763,16 @@ CVE-2009-0356
 	[etch] - iceape <end-of-life> (Etch Packages no longer covered by security support)
 	NOTE: Iceape in Lenny only provides XPCOM libs
 	- kompozer <not-affected> (.desktop file support is not available)
-CVE-2009-0355
+CVE-2009-0355 (components/sessionstore/src/nsSessionStore.js in Mozilla Firefox befor ...)
 	- iceweasel 3.0.6-1
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-0354
+CVE-2009-0354 (Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x  ...)
 	- iceweasel 3.0
 	[etch] - iceweasel <not-affected> (Only affects Firefox 3.x)
 	NOTE: Iceweasel in Lenny links against Xulrunner
 	- xulrunner 1.9.0.5-1
 	[etch] - xulrunner <not-affected> (Only affects Xulrunner 1.9)
-CVE-2009-0353
+CVE-2009-0353 (Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunder ...)
 	{DSA-1830-1}
 	- iceweasel 3.0
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
@@ -12784,7 +12784,7 @@ CVE-2009-0353
 	NOTE: Iceape in Lenny only provides XPCOM libs
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
-CVE-2009-0352
+CVE-2009-0352 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0 ...)
 	{DSA-1830-1}
 	- iceweasel 3.0
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
@@ -12797,73 +12797,73 @@ CVE-2009-0352
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- kompozer 1:0.8~alpha2+dfsg+svn129-1
-CVE-2009-0343
+CVE-2009-0343 (Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform al ...)
 	NOT-FOR-US: Systrace
-CVE-2009-0342
+CVE-2009-0342 (Niels Provos Systrace before 1.6f on the x86_64 Linux platform allows  ...)
 	NOT-FOR-US: Systrace
-CVE-2009-0351
+CVE-2009-0351 (Stack-based buffer overflow in WFTPSRV.exe in WinFTP 2.3.0 allows remo ...)
 	NOT-FOR-US: WinFTP
-CVE-2009-0350
+CVE-2009-0350 (Stack-based buffer overflow in Merak Media Player 3.2 allows remote at ...)
 	NOT-FOR-US: Merak Media Player
-CVE-2009-0349
+CVE-2009-0349 (Stack-based buffer overflow in FTPShell Server 4.3 allows user-assiste ...)
 	NOT-FOR-US: FTPShell Server
-CVE-2009-0348
+CVE-2009-0348 (The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2009-0347
+CVE-2009-0347 (Open redirect vulnerability in cs.html in the Autonomy (formerly Verit ...)
 	NOT-FOR-US: Autonomy (formerly Verity) Ultraseek search engine
-CVE-2009-0346
+CVE-2009-0346 (The IP-in-IP packet processing implementation in the IPsec and IP stac ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0345
+CVE-2009-0345 (Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on ...)
 	NOT-FOR-US: Embedded Lights Out Manager (ELOM)
-CVE-2009-0344
+CVE-2009-0344 (Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on ...)
 	NOT-FOR-US: Embedded Lights Out Manager (ELOM)
-CVE-2009-0341
+CVE-2009-0341 (The shell32 module in Microsoft Internet Explorer 7.0 on Windows XP SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0340
+CVE-2009-0340 (Multiple directory traversal vulnerabilities in Simple PHP Newsletter  ...)
 	NOT-FOR-US: Simple PHP Newsletter
-CVE-2009-0339
+CVE-2009-0339 (SQL injection vulnerability in inc_webblogmanager.asp in DMXReady Blog ...)
 	NOT-FOR-US: DMXReady Blog Manager
-CVE-2009-0338
+CVE-2009-0338 (Cross-site scripting (XSS) vulnerability in inc_webblogmanager.asp in  ...)
 	NOT-FOR-US: DMXReady Blog Manager
-CVE-2009-0337
+CVE-2009-0337 (SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allow ...)
 	NOT-FOR-US: Katy Whitton BlogIt!
-CVE-2009-0336
+CVE-2009-0336 (Katy Whitton BlogIt! stores sensitive information under the web root w ...)
 	NOT-FOR-US: Katy Whitton BlogIt!
-CVE-2009-0335
+CVE-2009-0335 (Cross-site scripting (XSS) vulnerability in index.asp in Katy Whitton  ...)
 	NOT-FOR-US: Katy Whitton BlogIt!
-CVE-2009-0334
+CVE-2009-0334 (SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allow ...)
 	NOT-FOR-US: Katy Whitton BlogIt!
-CVE-2009-0333
+CVE-2009-0333 (SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_w ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-0332
+CVE-2009-0332 (Multiple SQL injection vulnerabilities in AV Book Library before 1.1 a ...)
 	NOT-FOR-US: AV Book Library
-CVE-2009-0331
+CVE-2009-0331 (Directory traversal vulnerability in gallery/comment.php in Enhanced S ...)
 	NOT-FOR-US: Enhanced Simple PHP Gallery (ESPG)
-CVE-2009-0330
+CVE-2009-0330 (Directory traversal vulnerability in index.php in Simple Content Manag ...)
 	NOT-FOR-US: Simple Content Management System (SCMS)
-CVE-2009-0329
+CVE-2009-0329 (SQL injection vulnerability in the PcCookBook (com_pccookbook) compone ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-0328
+CVE-2009-0328 (ROBS-PROJECTS Digital Sales IPN (aka DS-IPN.NET or DS-IPN Paypal Shop) ...)
 	NOT-FOR-US: ROBS-PROJECTS Digital Sales IPN
-CVE-2009-0327
+CVE-2009-0327 (SQL injection vulnerability in readbible.php in Free Bible Search PHP  ...)
 	NOT-FOR-US: Free Bible Search PHP Script
-CVE-2009-0326
+CVE-2009-0326 (SQL injection vulnerability in login.php in Dark Age CMS 0.2c beta all ...)
 	NOT-FOR-US: Dark Age CMS
-CVE-2009-0325
+CVE-2009-0325 (Directory traversal vulnerability in entries/index.php in Ninja Blog 4 ...)
 	NOT-FOR-US: Ninja Blog
-CVE-2009-0324
+CVE-2009-0324 (Multiple SQL injection vulnerabilities in BibCiter 1.4 allow remote at ...)
 	NOT-FOR-US: BibCiter
-CVE-2009-0322
+CVE-2009-0322 (drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and  ...)
 	{DSA-1794-1 DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1 (low)
 	- linux-2.6.24 <removed>
-CVE-2009-0321
+CVE-2009-0321 (Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote at ...)
 	NOT-FOR-US: Apple Safari on Windows
-CVE-2009-0320
+CVE-2009-0320 (Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O acti ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0319
+CVE-2009-0319 (Unspecified vulnerability in the autofs module in the kernel in Sun So ...)
 	NOT-FOR-US: Solaris
-CVE-2009-0385
+CVE-2009-0385 (Integer signedness error in the fourxm_read_header function in libavfo ...)
 	{DSA-1782-1 DSA-1781-1}
 	- ffmpeg-debian 0.svn20080206-16 (medium; bug #524799)
 	- ffmpeg 0.svn20080206-16
@@ -12871,243 +12871,243 @@ CVE-2009-0385
 	- mplayer 1.0~rc2-14 (medium; bug #524805)
 	NOTE: MPlayer links against libavformat since 1.0~rc2-14, etch Mplayer still needs a fix
 	NOTE: http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=72e715fb798f2cb79fd24a6d2eaeafb7c6eeda17
-CVE-2009-0318
+CVE-2009-0318 (Untrusted search path vulnerability in the GObject Python interpreter  ...)
 	{DTSA-190-1}
 	- gnumeric 1.8.4-3 (low; bug #513418)
 	[etch] - gnumeric 1.6.3-5.1+etch2
-CVE-2009-0317
+CVE-2009-0317 (Untrusted search path vulnerability in the Python language bindings fo ...)
 	- nautilus-python 0.4.3-3.2 (low; bug #513419)
-CVE-2009-0316
+CVE-2009-0316 (Untrusted search path vulnerability in src/if_python.c in the Python i ...)
 	- vim 2:7.2.025-2 (low; bug #493937)
 	[lenny] - vim 1:7.1.314-3+lenny2
 	[squeeze] - vim 1:7.1.314-3+lenny2
 	[etch] - vim <no-dsa> (Minor issue)
 	NOTE: Not included in this round, could be fixed via next DSA with other issues
-CVE-2009-0315
+CVE-2009-0315 (Untrusted search path vulnerability in the Python module in xchat allo ...)
 	- xchat 2.8.6-2.1 (low; bug #513509)
 	[etch] - xchat <no-dsa> (Minor issue)
-CVE-2009-0314
+CVE-2009-0314 (Untrusted search path vulnerability in the Python module in gedit allo ...)
 	{DTSA-191-1}
 	- gedit 2.22.3-2 (low; bug #513513)
 	[etch] - gedit <no-dsa> (Minor issue)
-CVE-2009-0313
+CVE-2009-0313 (winetricks before 20081223 allows local users to overwrite arbitrary f ...)
 	NOT-FOR-US: winetricks
-CVE-2009-0311
+CVE-2009-0311 (The Backbone service (ftbackbone.exe) in EMC AutoStart before 5.3 SP2  ...)
 	NOT-FOR-US: EMC AutoStart
-CVE-2009-0310
+CVE-2009-0310 (Buffer overflow in SUSE blinux (aka sbl) in SUSE openSUSE 10.3 through ...)
 	NOT-FOR-US: SuSE blinux
 CVE-2009-0309
 	RESERVED
 CVE-2009-0308
 	RESERVED
-CVE-2009-0307
+CVE-2009-0307 (Cross-site scripting (XSS) vulnerability in the "Customize Statistics  ...)
 	NOT-FOR-US: Motion (RIM) BlackBerry Enterprise Server
-CVE-2009-0306
+CVE-2009-0306 (Buffer overflow in the IBM Lotus Notes Intellisync ActiveX control in  ...)
 	NOT-FOR-US: IBM Lotus Notes Intellisync ActiveX
-CVE-2009-0305
+CVE-2009-0305 (Multiple stack-based buffer overflows in the Research in Motion RIM Ax ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-0304
+CVE-2009-0304 (The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before s ...)
 	NOT-FOR-US: Solaris
-CVE-2009-0303
+CVE-2009-0303 (Cross-site scripting (XSS) vulnerability in Web Help Desk before 9.1.1 ...)
 	NOT-FOR-US: Web Help Desk
-CVE-2009-0302
+CVE-2009-0302 (SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8 ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2009-0301
+CVE-2009-0301 (Multiple insecure method vulnerabilities in the FlexCell.Grid ActiveX  ...)
 	NOT-FOR-US: FlexCell Grid Control
 CVE-2009-0300
 	REJECTED
-CVE-2009-0299
+CVE-2009-0299 (SQL injection vulnerability in index.php in Groone GLinks 2.1 allows r ...)
 	NOT-FOR-US: Groone GLinks
-CVE-2009-0298
+CVE-2009-0298 (Heap-based buffer overflow in MW6 Technologies Barcode ActiveX control ...)
 	NOT-FOR-US: MW6 Technologies Barcode
-CVE-2009-0297
+CVE-2009-0297 (SQL injection vulnerability in login_check.asp in ClickAuction allows  ...)
 	NOT-FOR-US: ClickAuction
-CVE-2009-0296
+CVE-2009-0296 (SQL injection vulnerability in shop_display_products.php in Script Tok ...)
 	NOT-FOR-US: Script Toko Online
-CVE-2009-0295
+CVE-2009-0295 (SQL injection vulnerability in index.php in Information Technology Lig ...)
 	NOT-FOR-US: ITLPoll
-CVE-2009-0294
+CVE-2009-0294 (Multiple PHP remote file inclusion vulnerabilities in WB News 2.0.1, w ...)
 	NOT-FOR-US: WB News
-CVE-2009-0293
+CVE-2009-0293 (SQL injection vulnerability in profile_view.php in Wazzum Dating Softw ...)
 	NOT-FOR-US: Wazzum Dating Software
-CVE-2009-0292
+CVE-2009-0292 (SQL injection vulnerability in show_cat2.php in SHOP-INET 4 allows rem ...)
 	NOT-FOR-US: SHOP-INET
-CVE-2009-0291
+CVE-2009-0291 (Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remo ...)
 	- openx <itp> (bug #513771)
-CVE-2009-0290
+CVE-2009-0290 (Directory traversal vulnerability in common.php in SIR GNUBoard 4.31.0 ...)
 	NOT-FOR-US: GNUBoard
-CVE-2009-0289
+CVE-2009-0289 (k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attackers to ...)
 	NOT-FOR-US: k23productions TFTPUtil GUI
-CVE-2009-0288
+CVE-2009-0288 (Directory traversal vulnerability in k23productions TFTPUtil GUI 1.2.0 ...)
 	NOT-FOR-US: k23productions TFTPUtil GUI
-CVE-2009-0287
+CVE-2009-0287 (SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before  ...)
 	NOT-FOR-US: KEEP Toolkit
-CVE-2009-0286
+CVE-2009-0286 (Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, ...)
 	NOT-FOR-US: OpenGoo
-CVE-2009-0285
+CVE-2009-0285 (Cross-site scripting (XSS) vulnerability in error.asp in BBSXP 5.13 an ...)
 	NOT-FOR-US: BBSXP
-CVE-2009-0284
+CVE-2009-0284 (SQL injection vulnerability in category.php in Flax Article Manager 1. ...)
 	NOT-FOR-US: Flax Article Manager
-CVE-2009-0283
+CVE-2009-0283 (Cross-site scripting (XSS) vulnerability in err.asp in Oblog allows re ...)
 	NOT-FOR-US: Oblog
-CVE-2009-0281
+CVE-2009-0281 (SQL injection vulnerability in login.aspx in WarHound Walking Club all ...)
 	NOT-FOR-US: WarHound Walking Club
-CVE-2009-0280
+CVE-2009-0280 (Asp Project Management 1.0 allows remote attackers to bypass authentic ...)
 	NOT-FOR-US: Asp Project Management
-CVE-2009-0279
+CVE-2009-0279 (SQL injection vulnerability in comentar.php in Pardal CMS 0.2.0 and ea ...)
 	NOT-FOR-US: Pardal CMS
-CVE-2009-0323
+CVE-2009-0323 (Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 an ...)
 	- amaya <removed> (medium; bug #507587)
 	NOTE: http://www.coresecurity.com/content/amaya-buffer-overflows
-CVE-2009-0282
+CVE-2009-0282 (Integer overflow in Ralink Technology USB wireless adapter (RT73) 3.08 ...)
 	{DSA-1714-1 DSA-1713-1 DSA-1712-1}
 	- rt2400 1.2.2+cvs20080623-3 (bug #512999)
 	- rt2500 1:1.1.0-b4+cvs20080623-3 (bug #513000)
 	- rt2570 1.1.0+cvs20080623-2 (bug #513001)
 	- rt73 1:1.0.3.6-cvs20080623-dfsg1-3 (bug #512995)
-CVE-2009-0312
+CVE-2009-0312 (Cross-site scripting (XSS) vulnerability in the antispam feature (secu ...)
 	{DSA-1715-1 DTSA-187-1}
 	- moin 1.8.1-1.1 (low)
 	NOTE: http://hg.moinmo.in/moin/1.7/rev/89b91bf87dad
-CVE-2009-0276
+CVE-2009-0276 (Cross-domain vulnerability in the V8 JavaScript engine in Google Chrom ...)
 	- chromium-browser <not-affected> (only 1.x is affected)
 	- libv8 1.3.11+dfsg-1
 	- webkit <not-affected> (libv8 issue)
-CVE-2009-0274
+CVE-2009-0274 (Unspecified vulnerability in WebAccess in Novell GroupWise 6.5, 7.0, 7 ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-0273
+CVE-2009-0273 (Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWis ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-0272
+CVE-2009-0272 (Cross-site request forgery (CSRF) vulnerability in Novell GroupWise We ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-0269
+CVE-2009-0269 (fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel befo ...)
 	{DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1
 	[etch] - linux-2.6 <not-affected> (ecryptfs was merged in 2.6.19)
 	- linux-2.6.24 <removed>
-CVE-2009-0265
+CVE-2009-0265 (Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not prop ...)
 	- bind9 <not-affected> (vulnerable code not present, introduced in 9.6.x)
-CVE-2009-0278
+CVE-2009-0278 (Sun Java System Application Server (AS) 8.1 and 8.2 allows remote atta ...)
 	NOT-FOR-US: Sun Java System Application Server (AS)
-CVE-2009-0277
+CVE-2009-0277 (Unspecified vulnerability in the kernel in OpenSolaris snv_100 through ...)
 	NOT-FOR-US: OpenSolaris
-CVE-2009-0275
+CVE-2009-0275 (Static code injection vulnerability in admin.php in Ryneezy phoSheezy  ...)
 	NOT-FOR-US: Ryneezy phoSheezy
-CVE-2009-0271
+CVE-2009-0271 (Directory traversal vulnerability in the TFTP service in Fujitsu Syste ...)
 	NOT-FOR-US: Fujitsu SystemcastWizard Lite
-CVE-2009-0270
+CVE-2009-0270 (Stack-based buffer overflow in PXEService.exe in Fujitsu SystemcastWiz ...)
 	NOT-FOR-US: Fujitsu SystemcastWizard Lite
-CVE-2009-0268
+CVE-2009-0268 (Race condition in the pseudo-terminal (aka pty) driver module in Sun S ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0267
+CVE-2009-0267 (libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does n ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0266
+CVE-2009-0266 (Stack-based buffer overflow in Triologic Media Player 8.0.0.0 allows u ...)
 	NOT-FOR-US: Triologic Media Player
-CVE-2009-0264
+CVE-2009-0264 (Buffer overflow in the Registry Setting Tool in Fujitsu SystemcastWiza ...)
 	NOT-FOR-US: Fujitsu SystemcastWizard Lite
-CVE-2009-0263
+CVE-2009-0263 (Multiple buffer overflows in Winamp 5.541 and earlier allow remote att ...)
 	NOT-FOR-US: Winamp
-CVE-2009-0262
+CVE-2009-0262 (Stack-based buffer overflow in Triologic Media Player 7 and 8.0.0.0 al ...)
 	NOT-FOR-US: Triologic Media Player
-CVE-2009-0261
+CVE-2009-0261 (Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 al ...)
 	NOT-FOR-US: EffectMatrix Total Video Player
-CVE-2009-0260
+CVE-2009-0260 (Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFi ...)
 	{DSA-1715-1 DTSA-187-1}
 	- moin 1.8.1-1.1 (bug #513158; low)
-CVE-2009-0259
+CVE-2009-0259 (The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote ...)
 	- openoffice.org 2.0.4.dfsg.2-7
 	NOTE: Checked with maintainer and issue was fixed long ago, marking etch version as fixed for now
-CVE-2009-0254
+CVE-2009-0254 (Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted ...)
 	NOT-FOR-US: easyHDR PRO
-CVE-2009-0253
+CVE-2009-0253 (Mozilla Firefox 3.0.5 allows remote attackers to trick a user into vis ...)
 	NOTE: Mozilla #474967, upstream disputes this being a bug
-CVE-2009-0252
+CVE-2009-0252 (Multiple SQL injection vulnerabilities in default.asp in Enthrallweb e ...)
 	NOT-FOR-US: Enthrallweb eReservations
-CVE-2009-0251
+CVE-2009-0251 (Static code injection vulnerability in admin.php in Ryneezy phoSheezy  ...)
 	NOT-FOR-US: Ryneezy phoSheezy
-CVE-2009-0250
+CVE-2009-0250 (Ryneezy phoSheezy 0.2 stores sensitive information under the web root  ...)
 	NOT-FOR-US: Ryneezy phoSheezy
-CVE-2009-0249
+CVE-2009-0249 (Katy Whitton RankEm stores sensitive information under the web root wi ...)
 	NOT-FOR-US: Katy Whitton RankEm
-CVE-2009-0248
+CVE-2009-0248 (Cross-site scripting (XSS) vulnerability in rankup.asp in Katy Whitton ...)
 	NOT-FOR-US: Katy Whitton RankEm
-CVE-2009-0247
+CVE-2009-0247 (The server for 53KF Web IM 2009 Home, Professional, and Enterprise edi ...)
 	NOT-FOR-US: 53KF Web IM
-CVE-2009-0246
+CVE-2009-0246 (Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted ...)
 	NOT-FOR-US: easyHDR PRO
-CVE-2009-0414
+CVE-2009-0414 (Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impac ...)
 	- tor 0.2.0.33-1
-CVE-2009-0245
+CVE-2009-0245 (Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS 1.2.0 ...)
 	NOT-FOR-US: Usagi Project MyNETS
-CVE-2009-0244
+CVE-2009-0244 (Directory traversal vulnerability in the OBEX FTP Service in the Micro ...)
 	NOT-FOR-US: Microsoft product
-CVE-2009-0243
+CVE-2009-0243 (Microsoft Windows does not properly enforce the Autorun and NoDriveTyp ...)
 	NOT-FOR-US: Microsoft product
-CVE-2009-0255
+CVE-2009-0255 (The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0  ...)
 	{DSA-1711-1}
 	- typo3-src 4.2.4-1
-CVE-2009-0256
+CVE-2009-0256 (Session fixation vulnerability in the authentication library in TYPO3  ...)
 	{DSA-1711-1}
 	- typo3-src 4.2.4-1
-CVE-2009-0257
+CVE-2009-0257 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 thr ...)
 	{DSA-1711-1}
 	- typo3-src 4.2.4-1
-CVE-2009-0258
+CVE-2009-0258 (The Indexed Search Engine (indexed_search) system extension in TYPO3 4 ...)
 	{DSA-1711-1}
 	- typo3-src 4.2.4-1
 CVE-2009-0242
 	REJECTED
-CVE-2009-0241
+CVE-2009-0241 (Stack-based buffer overflow in the process_path function in gmetad/ser ...)
 	{DSA-1710-1}
 	- ganglia-monitor-core 2.5.7-5 (medium; bug #512637)
-CVE-2009-0240
+CVE-2009-0240 (listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN aut ...)
 	{DSA-1725-1}
 	- websvn 2.0-4+lenny1 (bug #512191)
 	[etch] - websvn <not-affected> (authenthication doesn't exist in that version)
-CVE-2009-0239
+CVE-2009-0239 (Cross-site scripting (XSS) vulnerability in Windows Search 4.0 for Mic ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0238
+CVE-2009-0238 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Exc ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0237
+CVE-2009-0237 (Cross-site scripting (XSS) vulnerability in cookieauth.dll in the HTML ...)
 	NOT-FOR-US: Microsoft Forefront Threat Management Gateway
 CVE-2009-0236
 	REJECTED
-CVE-2009-0235
+CVE-2009-0235 (Stack-based buffer overflow in the Word 97 text converter in WordPad i ...)
 	NOT-FOR-US: Microsoft WordPad
-CVE-2009-0234
+CVE-2009-0234 (The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0233
+CVE-2009-0233 (The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0232
+CVE-2009-0232 (Integer overflow in the Embedded OpenType (EOT) Font Engine in Microso ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0231
+CVE-2009-0231 (The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Win ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0230
+CVE-2009-0230 (The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0229
+CVE-2009-0229 (The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0228
+CVE-2009-0228 (Stack-based buffer overflow in the EnumeratePrintShares function in Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0227
+CVE-2009-0227 (Stack-based buffer overflow in the PowerPoint 4.2 conversion filter (P ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0226
+CVE-2009-0226 (Stack-based buffer overflow in the PowerPoint 4.2 conversion filter in ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0225
+CVE-2009-0225 (Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0224
+CVE-2009-0224 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0223
+CVE-2009-0223 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows re ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0222
+CVE-2009-0222 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows re ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0221
+CVE-2009-0221 (Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3  ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0220
+CVE-2009-0220 (Multiple stack-based buffer overflows in the PowerPoint 4.0 importer ( ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0219
+CVE-2009-0219 (The PDF distiller in the Attachment Service in Research in Motion (RIM ...)
 	NOT-FOR-US: BlackBerry
-CVE-2009-0218
+CVE-2009-0218 (Insecure method vulnerability in Particle Software IntraLaunch Applica ...)
 	NOT-FOR-US: IntraLaunch Application Launcher ActiveX control
-CVE-2009-0217
+CVE-2009-0217 (The design of the W3C XML Signature Syntax and Processing (XMLDsig) re ...)
 	{DSA-1995-1 DSA-1849-1 DTSA-205-1}
 	- xml-security-c 1.4.0-4
 	- xmlsec1 1.2.12-1
@@ -13120,117 +13120,117 @@ CVE-2009-0217
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 	- openoffice.org 1:3.1.1-16
-CVE-2009-0216
+CVE-2009-0216 (GE Fanuc iFIX 5.0 and earlier relies on client-side authentication inv ...)
 	NOT-FOR-US: GE Fanuc iFIX
-CVE-2009-0215
+CVE-2009-0215 (Stack-based buffer overflow in the GetXMLValue method in the IBM Acces ...)
 	NOT-FOR-US: IBM Access Support ActiveX
-CVE-2009-0214
+CVE-2009-0214 (Unspecified vulnerability in the WebFGServer application in AREVA e-te ...)
 	NOT-FOR-US: WebFGServer
-CVE-2009-0213
+CVE-2009-0213 (Unspecified vulnerability in the NETIO application in AREVA e-terrahab ...)
 	NOT-FOR-US: AREVA e-terrahabitat
-CVE-2009-0212
+CVE-2009-0212 (Unspecified vulnerability in the WebFGServer application in AREVA e-te ...)
 	NOT-FOR-US: AREVA e-terrahabitat
-CVE-2009-0211
+CVE-2009-0211 (Unspecified vulnerability in the WebFGServer application in AREVA e-te ...)
 	NOT-FOR-US: AREVA e-terrahabitat
-CVE-2009-0210
+CVE-2009-0210 (Buffer overflow in the MLF application in AREVA e-terrahabitat 5.7 and ...)
 	NOT-FOR-US: AREVA e-terrahabitat
-CVE-2009-0209
+CVE-2009-0209 (PI Server in OSIsoft PI System before 3.4.380.x does not properly use  ...)
 	NOT-FOR-US: OSIsoft PI System
-CVE-2009-0208
+CVE-2009-0208 (Unspecified vulnerability in HP Virtual Rooms Client before 7.0.1, whe ...)
 	NOT-FOR-US: HP Virtual Rooms Client
-CVE-2009-0207
+CVE-2009-0207 (Unspecified vulnerability in HP-UX B.11.11 running VERITAS Oracle Disk ...)
 	NOT-FOR-US: VERITAS Oracle Disk Manager
-CVE-2009-0206
+CVE-2009-0206 (Unspecified vulnerability in NFS in HP ONCplus B.11.31.05 and earlier  ...)
 	NOT-FOR-US: HP ONCplus
 CVE-2009-0205
 	RESERVED
-CVE-2009-0204
+CVE-2009-0204 (Cross-site scripting (XSS) vulnerability in HP Select Access 6.1 and 6 ...)
 	NOT-FOR-US: HP Select Access
 CVE-2009-0203
 	RESERVED
-CVE-2009-0202
+CVE-2009-0202 (Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0201
+CVE-2009-0201 (Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and St ...)
 	{DSA-1880-1}
 	- openoffice.org 1:3.1.1~ooo310m15-1
-CVE-2009-0200
+CVE-2009-0200 (Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/ ...)
 	{DSA-1880-1}
 	- openoffice.org 1:3.1.1~ooo310m15-1
-CVE-2009-0199
+CVE-2009-0199 (Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMwa ...)
 	NOT-FOR-US: VMware Movie Decoder
-CVE-2009-0198
+CVE-2009-0198 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and A ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0197
+CVE-2009-0197 (Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allow ...)
 	NOT-FOR-US: IrfanView
-CVE-2009-0196
+CVE-2009-0196 (Heap-based buffer overflow in the big2_decode_symbol_dict function (jb ...)
 	{DSA-2080-1 DTSA-198-1}
 	- ghostscript 8.64~dfsg-1.1 (medium; bug #524803)
 	- gs-gpl <removed> (medium; bug #561717)
 	- jbig2dec <not-affected> (already fixed in initial upload)
-CVE-2009-0195
+CVE-2009-0195 (Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, an ...)
 	{DSA-1790-1}
 	- xpdf 3.02-1.4+lenny1 (medium; bug #524809)
 	[squeeze] - xpdf 3.02-1.4+lenny1
-CVE-2009-0194
+CVE-2009-0194 (The domain-locking implementation in the GARMINAXCONTROL.GarminAxContr ...)
 	NOT-FOR-US: Garmin Communicator Plug-In
-CVE-2009-0193
+CVE-2009-0193 (Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 bef ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2009-0192
+CVE-2009-0192 (Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2009-0191
+CVE-2009-0191 (Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, includin ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2009-0190
 	REJECTED
 CVE-2009-0189
 	REJECTED
-CVE-2009-0188
+CVE-2009-0188 (Apple QuickTime before 7.6.2 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0187
+CVE-2009-0187 (Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and p ...)
 	NOT-FOR-US: Orbit Downloader
-CVE-2009-0186
+CVE-2009-0186 (Integer overflow in libsndfile 1.0.18, as used in Winamp and other pro ...)
 	{DSA-1742-1 DTSA-202-1}
 	- libsndfile 1.0.19-1 (medium)
-CVE-2009-0185
+CVE-2009-0185 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0184
+CVE-2009-0184 (Multiple buffer overflows in the torrent parsing implementation in Fre ...)
 	NOT-FOR-US: Free Download Manager
-CVE-2009-0183
+CVE-2009-0183 (Stack-based buffer overflow in Remote Control Server in Free Download  ...)
 	NOT-FOR-US: Free Download Manager
-CVE-2009-0182
+CVE-2009-0182 (Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted atta ...)
 	NOT-FOR-US: VUPlayer
-CVE-2009-0181
+CVE-2009-0181 (Buffer overflow in VUPlayer allows user-assisted attackers to have an  ...)
 	NOT-FOR-US: VUPlayer
-CVE-2009-0180
+CVE-2009-0180 (Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedor ...)
 	NOT-FOR-US: Fedora specific issue
-CVE-2009-0179
+CVE-2009-0179 (libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other p ...)
 	- libmikmod 3.1.11-6.1 (low; bug #476339)
 	[etch] - libmikmod <no-dsa> (Minor issue)
 	[lenny] - libmikmod <no-dsa> (Minor issue)
-CVE-2009-0178
+CVE-2009-0178 (Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 r ...)
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2009-0177
+CVE-2009-0177 (vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd. ...)
 	NOT-FOR-US: vmware-authd
-CVE-2009-0176
+CVE-2009-0176 (Multiple heap-based buffer overflows in the PDF distiller in the Attac ...)
 	NOT-FOR-US: Attachment Service in Research in Motion
-CVE-2009-0175
+CVE-2009-0175 (Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 allo ...)
 	NOT-FOR-US: Heathco Software MP3 TrackMaker
-CVE-2009-0174
+CVE-2009-0174 (Stack-based buffer overflow in VUPlayer 2.49 allows remote attackers t ...)
 	NOT-FOR-US: VUPlayer
-CVE-2009-0173
+CVE-2009-0173 (Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-0172
+CVE-2009-0172 (Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a,  ...)
 	NOT-FOR-US: IBM DB2 9.1
-CVE-2009-0171
+CVE-2009-0171 (The Sun SPARC Enterprise M4000 and M5000 Server, within a certain rang ...)
 	NOT-FOR-US: Sun SPARC Enterprise M4000 and M5000 Server
-CVE-2009-0170
+CVE-2009-0170 (Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows re ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2009-0169
+CVE-2009-0169 (Sun Java System Access Manager 7.1 allows remote authenticated sub-rea ...)
 	NOT-FOR-US: Sun Java System Access Manager
-CVE-2009-0168
+CVE-2009-0168 (Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris  ...)
 	NOT-FOR-US: ppdmgr in Sun Solaris 10 and OpenSolaris
-CVE-2009-0167
+CVE-2009-0167 (Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris ...)
 	NOT-FOR-US: lpadmin in Sun Solaris 10 and OpenSolaris
-CVE-2009-0166
+CVE-2009-0166 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...)
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -13239,55 +13239,55 @@ CVE-2009-0166
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-0165
+CVE-2009-0165 (Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as  ...)
 	{DSA-1793-1 DSA-1790-1}
 	- xpdf 3.02-1.4+lenny1 (low; bug #524809)
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0 (low; bug #528369)
-CVE-2009-0164
+CVE-2009-0164 (The web interface for CUPS before 1.3.10 does not validate the HTTP Ho ...)
 	- cups 1.3.10-1 (low)
 	[lenny] - cups <no-dsa> (Minor issue, needs several prerequirements for attack)
 	- cupsys <removed>
 	[etch] - cupsys <no-dsa> (Minor issue, needs several prerequirements for attack)
-CVE-2009-0163
+CVE-2009-0163 (Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and ...)
 	{DSA-1773-1}
 	- cups 1.3.10-1
 	- cupsys <removed>
-CVE-2009-0162
+CVE-2009-0162 (Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 ...)
 	NOT-FOR-US: Safari
-CVE-2009-0161
+CVE-2009-0161 (The OpenSSL::OCSP module for Ruby in Apple Mac OS X 10.5 before 10.5.7 ...)
 	NOT-FOR-US: Mac OS X
 	NOTE: dupe of CVE-2009-0642
-CVE-2009-0160
+CVE-2009-0160 (QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 all ...)
 	NOT-FOR-US: QuickDraw Manager
-CVE-2009-0159
+CVE-2009-0159 (Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c ...)
 	{DSA-1801-1}
 	- ntp 1:4.2.4p6+dfsg-2 (low; bug #525373)
-CVE-2009-0158
+CVE-2009-0158 (Stack-based buffer overflow in telnet in Apple Mac OS X 10.4.11 and 10 ...)
 	NOT-FOR-US: telnet in Apple Mac OS X
-CVE-2009-0157
+CVE-2009-0157 (Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before  ...)
 	NOT-FOR-US: CFNetwork in Apple
-CVE-2009-0156
+CVE-2009-0156 (Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allow ...)
 	NOT-FOR-US: Launch Services in Apple Mac OS
-CVE-2009-0155
+CVE-2009-0155 (Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7 ...)
 	NOT-FOR-US: CoreGraphics in Apple Mac OS
-CVE-2009-0154
+CVE-2009-0154 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac O ...)
 	NOT-FOR-US: Apple Type Services
-CVE-2009-0153
+CVE-2009-0153 (International Components for Unicode (ICU) 4.0, 3.6, and other 3.x ver ...)
 	{DSA-1889-1}
 	- icu 4.0.1-1 (low; bug #534590)
-CVE-2009-0152
+CVE-2009-0152 (iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL Instan ...)
 	NOT-FOR-US: iChat in Apple Mac OS X
-CVE-2009-0151
+CVE-2009-0151 (The screen saver in Dock in Apple Mac OS X 10.5 before 10.5.8 does not ...)
 	NOT-FOR-US: screen saver in Dock in Apple Mac OS X
-CVE-2009-0150
+CVE-2009-0150 (Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allow ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0149
+CVE-2009-0149 (Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users to ga ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0148
+CVE-2009-0148 (Multiple buffer overflows in Cscope before 15.7a allow remote attacker ...)
 	{DSA-1806-1}
 	- cscope 15.7a-1 (low; bug #528510)
-CVE-2009-0147
+CVE-2009-0147 (Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and ea ...)
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (low; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -13296,7 +13296,7 @@ CVE-2009-0147
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-0146
+CVE-2009-0146 (Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and ear ...)
 	{DSA-1793-1 DSA-1790-1}
 	- poppler 0.10.6-1 (medium; bug #524806)
 	[lenny] - poppler 0.8.7-2
@@ -13305,74 +13305,74 @@ CVE-2009-0146
 	[squeeze] - xpdf 3.02-1.4+lenny1
 	- kdegraphics 4:4.0 (medium; bug #524810)
 	- swftools 0.9.2+ds1-2
-CVE-2009-0145
+CVE-2009-0145 (CoreGraphics in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, iPhone  ...)
 	NOT-FOR-US: CoreGraphics in Apple Mac OS X
-CVE-2009-0144
+CVE-2009-0144 (CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly parse ...)
 	NOT-FOR-US: CFNetwork in Apple Mac OS X
-CVE-2009-0143
+CVE-2009-0143 (Apple iTunes before 8.1 does not properly inform the user about the or ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2009-0142
+CVE-2009-0142 (Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local use ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0141
+CVE-2009-0141 (XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creat ...)
 	NOT-FOR-US: XTerm in Apple Mac OS X
-CVE-2009-0140
+CVE-2009-0140 (Unspecified vulnerability in the SMB component in Apple Mac OS X 10.4. ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0139
+CVE-2009-0139 (Integer overflow in the SMB component in Apple Mac OS X 10.5.6 allows  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0138
+CVE-2009-0138 (servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not properly ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0137
+CVE-2009-0137 (Multiple unspecified vulnerabilities in Safari RSS in Apple Mac OS X 1 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0134
+CVE-2009-0134 (Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX contro ...)
 	NOT-FOR-US: EasyGrid.SGCtrl.32 ActiveX control
-CVE-2009-0135
+CVE-2009-0135 (Multiple integer overflows in the Audible::Tag::readTag function in me ...)
 	{DSA-1706-1}
 	- amarok 1.4.10-2 (medium)
-CVE-2009-0136
+CVE-2009-0136 (Multiple array index errors in the Audible::Tag::readTag function in m ...)
 	{DSA-1706-1}
 	- amarok 1.4.10-2 (medium)
-CVE-2009-0133
+CVE-2009-0133 (Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allow ...)
 	NOT-FOR-US: Microsoft HTML Help Workshop
-CVE-2009-0132
+CVE-2009-0132 (Integer overflow in the aio_suspend function in Sun Solaris 8 through  ...)
 	NOT-FOR-US: Solaris
-CVE-2009-0131
+CVE-2009-0131 (The UFS implementation in the kernel in Sun OpenSolaris snv_29 through ...)
 	NOT-FOR-US: UFS in OpenSolaris
-CVE-2009-0130
+CVE-2009-0130 (** DISPUTED ** lib/crypto/c_src/crypto_drv.c in erlang does not proper ...)
 	- erlang <unfixed> (unimportant; bug #511520)
 	NOTE: the return value is passed to the caller (lib/crypto/src/crypto.erl) which
 	NOTE: only return success in case of DSA_do_verify returning 1 and failure otherwise
 	NOTE: this is likely to be rejected
-CVE-2009-0129
+CVE-2009-0129 (libcrypt-openssl-dsa-perl does not properly check the return value fro ...)
 	- libcrypt-openssl-dsa-perl 0.13-4 (bug #511519)
-CVE-2009-0128
+CVE-2009-0128 (plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Re ...)
 	{DTSA-185-1}
 	- slurm-llnl 1.3.13-1 (bug #511511)
-CVE-2009-0127
+CVE-2009-0127 (** DISPUTED ** M2Crypto does not properly check the return value from  ...)
 	- m2crypto <unfixed> (bug #511515; unimportant)
 	NOTE: m2crypto provides a direct mapping of the OpenSSL functions, no incorrect
 	NOTE: call sites are known, if such are found they should be fixed in the respective
 	NOTE: applications
-CVE-2009-0126
+CVE-2009-0126 (The decrypt_public function in lib/crypt.cpp in the client in Berkeley ...)
 	{DSA-1718-1}
 	- boinc 6.2.14-3 (bug #511521)
 CVE-2009-0125
 	- libnasl <removed> (unimportant; bug #511517)
-CVE-2009-0124
+CVE-2009-0124 (The tqsl_verifyDataBlock function in openssl_cert.cpp in American Radi ...)
 	- tqsllib 2.0-8 (low; bug #511509)
 	[etch] - tqsllib <no-dsa> (Minor issue)
-CVE-2009-0123
+CVE-2009-0123 (Unspecified vulnerability in Apple Safari on Mac OS X 10.5 and Windows ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-0122
+CVE-2009-0122 (hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8. ...)
 	- hplip <not-affected> (only a bug in ubuntus postinst script, we use our own postinst which is not vulnerable)
 CVE-2009-XXXX [unspecified multiple Drupal vulnerabilies, likely some overlap with the next temp entry]
 	- drupal6 6.6-3
 CVE-2009-XXXX [unspecified Drupal SQL injection]
 	- drupal5 5.15-1
-CVE-2009-0121
+CVE-2009-0121 (SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allow ...)
 	NOT-FOR-US: Goople CMS
-CVE-2009-0120
+CVE-2009-0120 (The IBM WebSphere DataPower XML Security Gateway XS40 with firmware 3. ...)
 	NOT-FOR-US: Web Sphere
-CVE-2009-0119
+CVE-2009-0119 (Buffer overflow in Microsoft Windows XP SP3 allows remote attackers to ...)
 	NOT-FOR-US: Windows
 CVE-2009-0118
 	RESERVED
@@ -13380,272 +13380,272 @@ CVE-2009-0117
 	RESERVED
 CVE-2009-0116
 	RESERVED
-CVE-2009-0115
+CVE-2009-0115 (The Device Mapper multipathing driver (aka multipath-tools or device-m ...)
 	{DSA-1767-1}
 	- multipath-tools 0.4.8-15 (low; bug #522813)
 CVE-2009-XXXX [openslp: insecure cert validation through openssl api misuse]
 	- openslp-dfsg <not-affected> (Debian's openslp doesn't build with SSL support)
-CVE-2009-0114
+CVE-2009-0114 (Unspecified vulnerability in the Settings Manager in Adobe Flash Playe ...)
 	NOT-FOR-US: Flash
-CVE-2009-0113
+CVE-2009-0113 (Directory traversal vulnerability in attachmentlibrary.php in the XSta ...)
 	NOT-FOR-US: Joomla! component
-CVE-2009-0112
+CVE-2009-0112 (Cross-site request forgery (CSRF) vulnerability in admin/agent_edit.as ...)
 	NOT-FOR-US: PollPro
-CVE-2009-0111
+CVE-2009-0111 (SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and e ...)
 	NOT-FOR-US: Goople CMS
-CVE-2009-0110
+CVE-2009-0110 (SQL injection vulnerability in read.php in RiotPix 0.61 and earlier al ...)
 	NOT-FOR-US: RiotPix
-CVE-2009-0109
+CVE-2009-0109 (SQL injection vulnerability in index.php in RiotPix 0.61 and earlier a ...)
 	NOT-FOR-US: RiotPix
-CVE-2009-0108
+CVE-2009-0108 (PHPAuctions (aka PHPAuctionSystem) allows remote attackers to bypass a ...)
 	NOT-FOR-US: PHPAuctions
-CVE-2009-0107
+CVE-2009-0107 (Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions ...)
 	NOT-FOR-US: PHPAuctions
-CVE-2009-0106
+CVE-2009-0106 (SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuct ...)
 	NOT-FOR-US: PHPAuctions
-CVE-2009-0105
+CVE-2009-0105 (Cross-site scripting (XSS) vulnerability in index.php in EZpack 4.2b2  ...)
 	NOT-FOR-US: EZpack
-CVE-2009-0104
+CVE-2009-0104 (SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote ...)
 	NOT-FOR-US: EZpack
-CVE-2009-0103
+CVE-2009-0103 (Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 al ...)
 	NOT-FOR-US: playSMS
-CVE-2009-0102
+CVE-2009-0102 (Microsoft Project 2000 SR1 and 2002 SP1, and Office Project 2003 SP3,  ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-0101
 	REJECTED
-CVE-2009-0100
+CVE-2009-0100 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Exc ...)
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2009-0099
+CVE-2009-0099 (The Electronic Messaging System Microsoft Data Base (EMSMDB32) provide ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0098
+CVE-2009-0098 (Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exch ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0097
+CVE-2009-0097 (Microsoft Office Visio 2002 SP2 and 2003 SP3 does not properly validat ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0096
+CVE-2009-0096 (Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not prope ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0095
+CVE-2009-0095 (Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not prope ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0094
+CVE-2009-0094 (The WINS server in Microsoft Windows 2000 SP4 and Server 2003 SP1 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0093
+CVE-2009-0093 (Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2009-0092
 	REJECTED
-CVE-2009-0091
+CVE-2009-0091 (Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enfor ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2009-0090
+CVE-2009-0090 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not proper ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2009-0089
+CVE-2009-0089 (Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0088
+CVE-2009-0088 (The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2009-0087
+CVE-2009-0087 (Unspecified vulnerability in the Word 6 text converter in WordPad in M ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2009-0086
+CVE-2009-0086 (Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0085
+CVE-2009-0085 (The Secure Channel (aka SChannel) authentication component in Microsof ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0084
+CVE-2009-0084 (Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 an ...)
 	NOT-FOR-US: DirectX
-CVE-2009-0083
+CVE-2009-0083 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0082
+CVE-2009-0082 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0081
+CVE-2009-0081 (The graphics device interface (GDI) implementation in the kernel in Mi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0080
+CVE-2009-0080 (The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, d ...)
 	NOT-FOR-US: Windows Vista
-CVE-2009-0079
+CVE-2009-0079 (The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003  ...)
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2009-0078
+CVE-2009-0078 (The Windows Management Instrumentation (WMI) provider in Microsoft Win ...)
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2009-0077
+CVE-2009-0077 (The firewall engine in Microsoft Forefront Threat Management Gateway,  ...)
 	NOT-FOR-US: Microsoft Forefront Threat Management Gateway
-CVE-2009-0076
+CVE-2009-0076 (Microsoft Internet Explorer 7, when XHTML strict mode is used, allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0075
+CVE-2009-0075 (Microsoft Internet Explorer 7 does not properly handle errors during a ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-0074
 	REJECTED
 CVE-2009-0073
 	REJECTED
-CVE-2009-0072
+CVE-2009-0072 (Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote attack ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2009-0071
+CVE-2009-0071 (Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is e ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
-CVE-2009-0070
+CVE-2009-0070 (Integer signedness error in Apple Safari allows remote attackers to re ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-0069
+CVE-2009-0069 (Unspecified vulnerability in the nfs4rename_persistent_fh function in  ...)
 	NOT-FOR-US: Solaris
-CVE-2009-0068
+CVE-2009-0068 (Interaction error in xdg-open allows remote attackers to execute arbit ...)
 	- xdg-utils <not-affected> (xdg-open is not added to mailcap)
 CVE-2009-0067
 	RESERVED
-CVE-2009-0066
+CVE-2009-0066 (Multiple unspecified vulnerabilities in Intel system software for Trus ...)
 	NOT-FOR-US: Intel system software for TXT
-CVE-2009-0065
+CVE-2009-0065 (Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Trans ...)
 	{DSA-1794-1 DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1
 	- linux-2.6.24 <removed>
-CVE-2009-0064
+CVE-2009-0064 (Multiple unspecified vulnerabilities in the Control Center in Symantec ...)
 	NOT-FOR-US: Symantec Brightmail Gateway Appliance
-CVE-2009-0063
+CVE-2009-0063 (Cross-site scripting (XSS) vulnerability in the Control Center in Syma ...)
 	NOT-FOR-US: Symantec Brightmail Gateway Appliance
-CVE-2009-0062
+CVE-2009-0062 (Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC),  ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0061
+CVE-2009-0061 (Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC dr ...)
 	NOT-FOR-US: Cisco
 CVE-2009-0060
 	RESERVED
-CVE-2009-0059
+CVE-2009-0059 (The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless  ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0058
+CVE-2009-0058 (The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless  ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0057
+CVE-2009-0057 (The Certificate Authority Proxy Function (CAPF) service in Cisco Unifi ...)
 	NOT-FOR-US: Cisco
-CVE-2009-0056
+CVE-2009-0056 (Cross-site request forgery (CSRF) vulnerability in the administration  ...)
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2009-0055
+CVE-2009-0055 (Cross-site request forgery (CSRF) vulnerability in the administration  ...)
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2009-0054
+CVE-2009-0054 (PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2 ...)
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2009-0053
+CVE-2009-0053 (PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2 ...)
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2009-0052
+CVE-2009-0052 (The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access  ...)
 	NOT-FOR-US: Netgear WNDAP330 Access Point
-CVE-2009-0051
+CVE-2009-0051 (ZXID 0.29 and earlier does not properly check the return value from th ...)
 	NOT-FOR-US: ZXID
-CVE-2009-0050
+CVE-2009-0050 (Lasso 2.2.1 and earlier does not properly check the return value from  ...)
 	{DSA-1700-1}
 	- lasso 2.2.1-2 (bug #511262)
-CVE-2009-0049
+CVE-2009-0049 (Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly ch ...)
 	{DSA-1946-1}
 	- belpic 2.6.0-6 (bug #511261)
-CVE-2009-0048
+CVE-2009-0048 (OpenEvidence 1.0.6 and earlier does not properly check the return valu ...)
 	NOT-FOR-US: OpenEvidence
-CVE-2009-0047
+CVE-2009-0047 (Gale 0.99 and earlier does not properly check the return value from th ...)
 	NOT-FOR-US: Gale
-CVE-2009-0046
+CVE-2009-0046 (Sun GridEngine 5.3 and earlier does not properly check the return valu ...)
 	NOT-FOR-US: Sun GridEngine
 CVE-2009-0045
 	RESERVED
 CVE-2009-0044
 	RESERVED
-CVE-2009-0043
+CVE-2009-0043 (The smmsnmpd service in CA Service Metric Analysis r11.0 through r11.1 ...)
 	NOT-FOR-US: CA Service Metric Analysis r11.0 through r11.1 SP1 and Service
-CVE-2009-0042
+CVE-2009-0042 (Multiple unspecified vulnerabilities in the Arclib library (arclib.dll ...)
 	NOT-FOR-US: CA Anti-Virus
-CVE-2009-0041
+CVE-2009-0041 (IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23- ...)
 	{DSA-1952-1}
 	- asterisk 1:1.6.1.0~dfsg~rc3-1 (low; bug #513413)
 	[lenny] - asterisk <no-dsa> (Minor issue)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
-CVE-2009-0040
+CVE-2009-0040 (The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before ...)
 	{DSA-1830-1 DSA-1750-1}
 	- icedove 2.0.0.22-1 (bug #535124)
 	[squeeze] - icedove 2.0.0.22-0lenny1
 	- libpng 1.2.35-1 (bug #516256)
-CVE-2009-0039
+CVE-2009-0039 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web  ...)
 	- geronimo <itp> (bug #481869)
-CVE-2009-0038
+CVE-2009-0038 (Multiple cross-site scripting (XSS) vulnerabilities in the web adminis ...)
 	- geronimo <itp> (bug #481869)
-CVE-2009-0037
+CVE-2009-0037 (The redirect implementation in curl and libcurl 5.11 through 7.19.3, w ...)
 	{DSA-1738-1}
 	- curl 7.18.2-8.1 (bug #518423)
-CVE-2009-0036
+CVE-2009-0036 (Buffer overflow in the proxyReadClientSocket function in proxy/libvirt ...)
 	- libvirt 0.5.1-7 (unimportant)
 	NOTE: not building libvirt proxy from libvirt source package
 CVE-2009-0035 [alsainfo insecure temp file usage]
 	RESERVED
 	- alsa-driver 1.0.20-1 (unimportant)
 	NOTE: alsainfo not built into source package
-CVE-2009-0034
+CVE-2009-0034 (parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret  ...)
 	- sudo 1.6.9p17-2 (medium)
 	[etch] - sudo <not-affected> (Vulnerable code not present)
-CVE-2009-0033
+CVE-2009-0033 (Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 th ...)
 	{DSA-2207-1}
 	- tomcat6 6.0.28-1
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
 	- tomcat5 <removed> (medium; bug #532363)
 	- tomcat5.5 <removed> (medium; bug #532366)
-CVE-2009-0032
+CVE-2009-0032 (CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3 ...)
 	NOT-FOR-US: issue affects pdfdistiller
-CVE-2009-0031
+CVE-2009-0031 (Memory leak in the keyctl_join_session_keyring function (security/keys ...)
 	{DSA-1794-1 DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1 (low)
 	- linux-2.6.24 <removed>
-CVE-2009-0030
+CVE-2009-0030 (A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID ...)
 	- squirrelmail <not-affected> (RedHat-specific regression)
-CVE-2009-0029
+CVE-2009-0029 (The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc ...)
 	{DSA-1794-1 DSA-1787-1 DSA-1749-1}
 	- linux-2.6 2.6.29-1 (medium; bug #536147)
 	- linux-2.6.24 <removed>
-CVE-2009-0028
+CVE-2009-0028 (The clone system call in the Linux kernel 2.6.28 and earlier allows lo ...)
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-1
 	- linux-2.6.24 <removed>
-CVE-2009-0027
+CVE-2009-0027 (The request handler in JBossWS in JBoss Enterprise Application Platfor ...)
 	- jbossas4 4.2.2.GA-1 (bug #562000)
 	[lenny] - jbossas4 <no-dsa> (Contrib not supported)
-CVE-2009-0026
+CVE-2009-0026 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabb ...)
 	NOT-FOR-US: Apache Jackrabbit
-CVE-2009-0025
+CVE-2009-0025 (BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check t ...)
 	{DSA-1703-1}
 	- bind9 1:9.5.1.dfsg.P1-1 (low; bug #511936)
 	NOTE: unlike the advisory states it is DSA_do_verify not DSA_verify
 	NOTE: low severity because it is believed hard to trigger and only
 	NOTE: affects DNSSEC with DSA, which is supposedly rarely used.
-CVE-2009-0024
+CVE-2009-0024 (The sys_remap_file_pages function in mm/fremap.c in the Linux kernel b ...)
 	- linux-2.6 2.6.24-4
 	[etch] - linux-2.6 <not-affected> (Introduced in 2.6.23)
 	NOTE: Fixed in 2.6.24 before initial upload
-CVE-2009-0023
+CVE-2009-0023 (The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apa ...)
 	{DSA-1812-1}
 	- apr-util 1.3.7+dfsg-1
-CVE-2009-0022
+CVE-2009-0022 (Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows re ...)
 	- samba 2:3.2.5-3
 	[etch] - samba <not-affected> (Only 3.2.x affected)
-CVE-2009-0021
+CVE-2009-0021 (NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly  ...)
 	{DSA-1702-1}
 	- ntp 1:4.2.4p4+dfsg-8
-CVE-2009-0020
+CVE-2009-0020 (Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0019
+CVE-2009-0019 (Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0018
+CVE-2009-0018 (The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 do ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0017
+CVE-2009-0017 (csregprinter in the Printing component in Apple Mac OS X 10.4.11 and 1 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0016
+CVE-2009-0016 (Apple iTunes before 8.1 on Windows allows remote attackers to cause a  ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2009-0015
+CVE-2009-0015 (Unspecified vulnerability in fseventsd in the FSEvents framework in Ap ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0014
+CVE-2009-0014 (Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissi ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0013
+CVE-2009-0013 (dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that pa ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0012
+CVE-2009-0012 (Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0011
+CVE-2009-0011 (Certificate Assistant in Apple Mac OS X 10.5.6 allows local users to o ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0010
+CVE-2009-0010 (Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and 1 ...)
 	NOT-FOR-US: QuickDraw Manager in Apple Mac OS X
-CVE-2009-0009
+CVE-2009-0009 (Unspecified vulnerability in the Pixlet codec in Apple Mac OS X 10.4.1 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-0008
+CVE-2009-0008 (Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0007
+CVE-2009-0007 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0006
+CVE-2009-0006 (Integer signedness error in Apple QuickTime before 7.6 allows remote a ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0005
+CVE-2009-0005 (Unspecified vulnerability in Apple QuickTime before 7.6 allows remote  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0004
+CVE-2009-0004 (Buffer overflow in Apple QuickTime before 7.6 allows remote attackers  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0003
+CVE-2009-0003 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0002
+CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2009-0001
+CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index d9690a92e2..ef428f0ae3 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -1,14 +1,14 @@
-CVE-2010-5329
+CVE-2010-5329 (The video_usercopy function in drivers/media/video/v4l2-ioctl.c in the ...)
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: Fixed by: https://git.kernel.org/linus/fc0a80798576f80ca10b3f6c9c7097f12fd1d64e (v2.6.39-rc2)
-CVE-2010-5328
+CVE-2010-5328 (include/linux/init_task.h in the Linux kernel before 2.6.35 does not p ...)
 	- linux <not-affected> (Fixed before the src:linux-2.6 -> src:linux rename)
 	- linux-2.6 2.6.37-1
-CVE-2010-5327
+CVE-2010-5327 (Liferay Portal through 6.2.10 allows remote authenticated users to exe ...)
 	NOT-FOR-US: Liferay Portal
-CVE-2010-5326
+CVE-2010-5326 (The Invoker Servlet on SAP NetWeaver Application Server Java platforms ...)
 	NOT-FOR-US: SAP
-CVE-2010-5325
+CVE-2010-5325 (Heap-based buffer overflow in the unhtmlify function in foomatic-rip i ...)
 	- foomatic-filters 4.0.5-6
 	- cups-filters <not-affected> (Vulnerable code not present)
 	NOTE: cups-filters 1.0.42 introduced foomatic-rip filter which already was fixed.
@@ -16,41 +16,41 @@ CVE-2010-5325
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1218297
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic/foomatic-filters/revision/239 (HEAD)
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/revision/225 (4.0.x branch)
-CVE-2010-5324
+CVE-2010-5324 (Directory traversal vulnerability in UploadServlet in the Remote Manag ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2010-5323
+CVE-2010-5323 (Directory traversal vulnerability in UploadServlet in the Remote Manag ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2010-5322
+CVE-2010-5322 (Cross-site scripting (XSS) vulnerability in ZeusCart 4.0 and earlier a ...)
 	NOT-FOR-US: ZeusCart
 CVE-2010-XXXX [crash when parsing overly long links]
 	- lynx-cur 2.8.8dev.4-1
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/07/2
-CVE-2010-5321
+CVE-2010-5321 (Memory leak in drivers/media/video/videobuf-core.c in the videobuf sub ...)
 	- linux <unfixed> (unimportant; bug #827340)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Unclear, old report for Linux
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=620629#c0
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=120571
-CVE-2010-5320
+CVE-2010-5320 (Multiple cross-site request forgery (CSRF) vulnerabilities in MemHT Po ...)
 	NOT-FOR-US: MemHT Portal
-CVE-2010-5319
+CVE-2010-5319 (Multiple cross-site request forgery (CSRF) vulnerabilities in Kandidat ...)
 	NOT-FOR-US: Kandidat CMS
-CVE-2010-5318
+CVE-2010-5318 (The password-reset feature in as/index.php in SweetRice CMS before 0.6 ...)
 	NOT-FOR-US: SweetRice CMS
-CVE-2010-5317
+CVE-2010-5317 (Multiple SQL injection vulnerabilities in index.php in SweetRice CMS b ...)
 	NOT-FOR-US: SweetRice CMS
-CVE-2010-5316
+CVE-2010-5316 (Cross-site scripting (XSS) vulnerability in as/index.php in SweetRice  ...)
 	NOT-FOR-US: SweetRice CMS
-CVE-2010-5315
+CVE-2010-5315 (Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita b ...)
 	NOT-FOR-US: BEdita
-CVE-2010-5314
+CVE-2010-5314 (Cross-site scripting (XSS) vulnerability in controllers/home_controlle ...)
 	NOT-FOR-US: BEdita
-CVE-2010-5313
+CVE-2010-5313 (Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 ...)
 	- linux 2.6.38-1
 	- linux-2.6 2.6.38-1
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fc3a9157d314 (v2.6.38-rc1)
-CVE-2010-5312
+CVE-2010-5312 (Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the ...)
 	{DSA-3249-1 DLA-258-1}
 	- jqueryui 1.10.1+dfsg-1
 	- owncloud <not-affected> (embedded copy, bug #722500, of version 1.10.1, already fixed)
@@ -62,359 +62,359 @@ CVE-2010-XXXX [insecure handling of /tmp files in debian/preinst]
 	- riece 8.0.0-1.3 (unimportant; bug #601325)
 	[squeeze] - riece <no-dsa> (Minor issue)
 	NOTE: Not exploitable with kernel hardening since wheezy
-CVE-2010-5310
+CVE-2010-5310 (The Acquisition Workstation for the GE Healthcare Revolution XQ/i has  ...)
 	NOT-FOR-US: GE Healthcare Revolution XQ/i
-CVE-2010-5309
+CVE-2010-5309 (GE Healthcare CADStream Server has a default password of confirma for  ...)
 	NOT-FOR-US: GE Healthcare CADStream Server
-CVE-2010-5308
+CVE-2010-5308 (GE Healthcare Optima MR360 does not require authentication for the HIP ...)
 	NOT-FOR-US: GE Healthcare Optima MR360
-CVE-2010-5307
+CVE-2010-5307 (The HIPAA configuration interface in GE Healthcare Optima MR360 has a  ...)
 	NOT-FOR-US: GE Healthcare Optima MR360
-CVE-2010-5306
+CVE-2010-5306 (GE Healthcare Optima CT680, CT540, CT640, and CT520 has a default pass ...)
 	NOT-FOR-US: GE Healthcare Optima
 CVE-2010-5305
 	RESERVED
 CVE-2010-5304
 	RESERVED
 	NOT-FOR-US: RealVNC
-CVE-2010-5303
+CVE-2010-5303 (Cross-site scripting (XSS) vulnerability in the displayError function  ...)
 	NOT-FOR-US: TimThumb
-CVE-2010-5302
+CVE-2010-5302 (Cross-site scripting (XSS) vulnerability in timthumb.php in TimThumb b ...)
 	NOT-FOR-US: TimThumb
-CVE-2010-5301
+CVE-2010-5301 (Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to  ...)
 	NOT-FOR-US: Kolibri
-CVE-2010-5300
+CVE-2010-5300 (Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows re ...)
 	NOT-FOR-US: www.jzip.com
 	NOTE: This is the jzip Z-code interpreter in Debian.
-CVE-2010-5299
+CVE-2010-5299 (Stack-based buffer overflow in MicroP 0.1.1.1600 allows remote attacke ...)
 	NOT-FOR-US: MicroP
-CVE-2010-5298
+CVE-2010-5298 (Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL  ...)
 	{DSA-2908-1}
 	- openssl 1.0.1g-3 (unimportant)
 	[squeeze] - openssl <not-affected> (Introduced in 1.0.0)
 	NOTE: Only exploitable with OPENSSL_NO_BUF_FREELIST enabled
-CVE-2010-5297
+CVE-2010-5297 (WordPress before 3.0.1, when a Multisite installation is used, permane ...)
 	- wordpress 3.0.1-1
-CVE-2010-5296
+CVE-2010-5296 (wp-includes/capabilities.php in WordPress before 3.0.2, when a Multisi ...)
 	- wordpress 3.0.2-1
-CVE-2010-5295
+CVE-2010-5295 (Cross-site scripting (XSS) vulnerability in wp-admin/plugins.php in Wo ...)
 	- wordpress 3.0.2-1
-CVE-2010-5294
+CVE-2010-5294 (Multiple cross-site scripting (XSS) vulnerabilities in the request_fil ...)
 	- wordpress 3.0.2-1
-CVE-2010-5293
+CVE-2010-5293 (wp-includes/comment.php in WordPress before 3.0.2 does not properly wh ...)
 	- wordpress 3.0.2-1
-CVE-2010-5292
+CVE-2010-5292 (Amberdms Billing System (ABS) before 1.4.1, when a multi-instance inst ...)
 	NOT-FOR-US: Amberdms Billing System
-CVE-2010-5291
+CVE-2010-5291 (Amberdms Billing System (ABS) before 1.4.1 does not properly implement ...)
 	NOT-FOR-US: Amberdms Billing System
-CVE-2010-5289
+CVE-2010-5289 (Buffer overflow in the Authenticate method in the INCREDISPOOLERLib.Po ...)
 	NOT-FOR-US: IncrediMail
-CVE-2010-5288
+CVE-2010-5288 (Buffer overflow in the lsConnectionCached function in editcp in EDItra ...)
 	NOT-FOR-US: EDItran Communications Platform
-CVE-2010-5290
+CVE-2010-5290 (The authentication process in Adobe ColdFusion before 10 does not requ ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2010-5287
+CVE-2010-5287 (SQL injection vulnerability in default.php in Cornerstone Technologies ...)
 	NOT-FOR-US: Cornerstone Technologies webConductor
-CVE-2010-5286
+CVE-2010-5286 (Directory traversal vulnerability in Jstore (com_jstore) component for ...)
 	NOT-FOR-US: Joomla jstore
-CVE-2010-5285
+CVE-2010-5285 (Cross-site request forgery (CSRF) vulnerability in admin.php in Collab ...)
 	NOTE: Old report against collabtive, Poc has vanished and likely fixed in current release, see #695348
-CVE-2010-5284
+CVE-2010-5284 (Multiple cross-site scripting (XSS) vulnerabilities in Collabtive 0.6. ...)
 	- collabtive 0.7.6-1 (bug #695348)
 	NOTE: Might be fixed earlier, but 0.7.6 was tested
-CVE-2010-5283
+CVE-2010-5283 (Cross-site request forgery (CSRF) vulnerability in OpenText ECM (forme ...)
 	NOT-FOR-US: OpenText ECM
-CVE-2010-5282
+CVE-2010-5282 (Multiple cross-site scripting (XSS) vulnerabilities in OpenText ECM (f ...)
 	NOT-FOR-US: OpenText ECM
-CVE-2010-5281
+CVE-2010-5281 (Directory traversal vulnerability in ibrowser.php in the CMScout 2.09  ...)
 	NOT-FOR-US: CMScout IBrowser TinyMCE Plugin
-CVE-2010-5280
+CVE-2010-5280 (Directory traversal vulnerability in the Community Builder Enhanced (C ...)
 	NOT-FOR-US: CBE for Joomla
-CVE-2010-5279
+CVE-2010-5279 (article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers ...)
 	NOT-FOR-US: VWar
-CVE-2010-5278
+CVE-2010-5278 (Directory traversal vulnerability in manager/controllers/default/resou ...)
 	NOT-FOR-US: MODx Revolution
-CVE-2010-5277
+CVE-2010-5277 (Unspecified vulnerability in the Views Bulk Operations module 6 before ...)
 	NOT-FOR-US: Drupal Views Bulk Operations
-CVE-2010-5276
+CVE-2010-5276 (The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Dru ...)
 	NOT-FOR-US: Drupal Memcache
-CVE-2010-5275
+CVE-2010-5275 (Cross-site scripting (XSS) vulnerability in memcache_admin in the Memc ...)
 	NOT-FOR-US: Drupal Memcache
-CVE-2010-5274
+CVE-2010-5274 (Untrusted search path vulnerability in PKZIP before 12.50.0014 allows  ...)
 	NOT-FOR-US: PKZIP
-CVE-2010-5273
+CVE-2010-5273 (Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise  ...)
 	NOT-FOR-US: Altova DiffDog 2011 Enterprise
-CVE-2010-5272
+CVE-2010-5272 (Untrusted search path vulnerability in Altova DatabaseSpy 2011 Enterpr ...)
 	NOT-FOR-US: Altova DatabaseSpy 2011
-CVE-2010-5271
+CVE-2010-5271 (Untrusted search path vulnerability in Altova MapForce 2011 Enterprise ...)
 	NOT-FOR-US: Altova MapForce 2011
-CVE-2010-5270
+CVE-2010-5270 (Multiple untrusted search path vulnerabilities in Adobe Device Central ...)
 	NOT-FOR-US: Adobe Device Central
-CVE-2010-5269
+CVE-2010-5269 (Untrusted search path vulnerability in tbb.dll in Intel Threading Buil ...)
 	NOT-FOR-US: Intel Threading Building Blocks
-CVE-2010-5268
+CVE-2010-5268 (Untrusted search path vulnerability in Amazon Kindle for PC 1.3.0 3088 ...)
 	NOT-FOR-US: Amazon Kindle for PC
-CVE-2010-5267
+CVE-2010-5267 (Untrusted search path vulnerability in MunSoft Easy Office Recovery 1. ...)
 	NOT-FOR-US: MunSoft Easy Office Recovery
-CVE-2010-5266
+CVE-2010-5266 (Untrusted search path vulnerability in VideoCharge Studio 2.9.0.632 al ...)
 	NOT-FOR-US: VideoCharge Studio
-CVE-2010-5265
+CVE-2010-5265 (Untrusted search path vulnerability in SmartSniff 1.71 allows local us ...)
 	NOT-FOR-US: SmartSniff
-CVE-2010-5264
+CVE-2010-5264 (Untrusted search path vulnerability in the CExtDWM::CExtDWM method in  ...)
 	NOT-FOR-US: Prof-UIS
-CVE-2010-5263
+CVE-2010-5263 (Untrusted search path vulnerability in Sothink SWF Decompiler 6.0 Buil ...)
 	NOT-FOR-US: Sothink SWF Decompiler
-CVE-2010-5262
+CVE-2010-5262 (Multiple untrusted search path vulnerabilities in libmcl-5.4.0.dll in  ...)
 	NOT-FOR-US: Gromada Multimedia Conversion Library
-CVE-2010-5261
+CVE-2010-5261 (Untrusted search path vulnerability in SnowFox Total Video Converter 2 ...)
 	NOT-FOR-US: SnowFox Total Video Converter
-CVE-2010-5260
+CVE-2010-5260 (Untrusted search path vulnerability in Agrin All DVD Ripper 4.0 allows ...)
 	NOT-FOR-US: Agrin All DVD Ripper
-CVE-2010-5259
+CVE-2010-5259 (Multiple untrusted search path vulnerabilities in IsoBuster 2.8 allow  ...)
 	NOT-FOR-US: IsoBuster
-CVE-2010-5258
+CVE-2010-5258 (Untrusted search path vulnerability in Adobe Audition 3.0 build 7283.0 ...)
 	NOT-FOR-US: Adobe Audition
-CVE-2010-5257
+CVE-2010-5257 (Multiple untrusted search path vulnerabilities in ArchiCAD 13 and 14 a ...)
 	NOT-FOR-US: ArchiCAD
-CVE-2010-5256
+CVE-2010-5256 (Untrusted search path vulnerability in CDisplay 1.8.1 allows local use ...)
 	NOT-FOR-US: CDisplay
-CVE-2010-5255
+CVE-2010-5255 (Untrusted search path vulnerability in UltraISO 9.3.6.2750 allows loca ...)
 	NOT-FOR-US: UltraISO
-CVE-2010-5254
+CVE-2010-5254 (Untrusted search path vulnerability in GFI Backup 3.1 Build 20100730 2 ...)
 	NOT-FOR-US: GFI Backup
-CVE-2010-5253
+CVE-2010-5253 (Untrusted search path vulnerability in WinImage 8.50 allows local user ...)
 	NOT-FOR-US: WinImage
-CVE-2010-5252
+CVE-2010-5252 (Untrusted search path vulnerability in HTTrack 3.43-9 allows local use ...)
 	- httrack <not-affected> (Only affects Windows)
-CVE-2010-5251
+CVE-2010-5251 (Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5  ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2010-5250
+CVE-2010-5250 (Untrusted search path vulnerability in the pthread_win32_process_attac ...)
 	NOT-FOR-US: Pthreads-win32
-CVE-2010-5249
+CVE-2010-5249 (Untrusted search path vulnerability in Sophos Free Encryption 2.40.1.1 ...)
 	NOT-FOR-US: Sophos Free Encryption
-CVE-2010-5248
+CVE-2010-5248 (Untrusted search path vulnerability in UltraVNC 1.0.8.2 allows local u ...)
 	NOT-FOR-US: UltraVNC
-CVE-2010-5247
+CVE-2010-5247 (Untrusted search path vulnerability in QtWeb Browser 3.3 build 043 all ...)
 	NOT-FOR-US: QtWeb Browser
-CVE-2010-5246
+CVE-2010-5246 (Multiple untrusted search path vulnerabilities in Maxthon Browser 1.6. ...)
 	NOT-FOR-US: Maxthon Browser
-CVE-2010-5245
+CVE-2010-5245 (Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54 ...)
 	NOT-FOR-US: PDF-XChange Viewer
-CVE-2010-5244
+CVE-2010-5244 (Untrusted search path vulnerability in SiSoftware Sandra 2010 Lite 201 ...)
 	NOT-FOR-US: SiSoftware Sandra
-CVE-2010-5243
+CVE-2010-5243 (Multiple untrusted search path vulnerabilities in Cyberlink Power2Go 7 ...)
 	NOT-FOR-US: Cyberlink Power2Go
-CVE-2010-5242
+CVE-2010-5242 (Untrusted search path vulnerability in Sound Forge Pro 10.0b Build 474 ...)
 	NOT-FOR-US: Sound Forge Pro
-CVE-2010-5241
+CVE-2010-5241 (Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 201 ...)
 	NOT-FOR-US: Autodesk AutoCAD
-CVE-2010-5240
+CVE-2010-5240 (Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT an ...)
 	NOT-FOR-US: Corel PHOTO-PAINT and CorelDRAW
-CVE-2010-5239
+CVE-2010-5239 (Untrusted search path vulnerability in DAEMON Tools Lite 4.35.6.0091 a ...)
 	NOT-FOR-US: DAEMON Tools Lite and Pro Standard
-CVE-2010-5238
+CVE-2010-5238 (Untrusted search path vulnerability in CyberLink PowerDirector 8.00.30 ...)
 	NOT-FOR-US: CyberLink PowerDirector
-CVE-2010-5237
+CVE-2010-5237 (Untrusted search path vulnerability in CyberLink PowerDirector 7 allow ...)
 	NOT-FOR-US: CyberLink PowerDirector
-CVE-2010-5236
+CVE-2010-5236 (Untrusted search path vulnerability in Roxio Easy Media Creator Home 9 ...)
 	NOT-FOR-US: Roxio Easy Media Creator Home
-CVE-2010-5235
+CVE-2010-5235 (Untrusted search path vulnerability in IZArc Archiver 4.1.2 allows loc ...)
 	NOT-FOR-US: IZArc Archiver
-CVE-2010-5234
+CVE-2010-5234 (Multiple untrusted search path vulnerabilities in Camtasia Studio 7.0. ...)
 	NOT-FOR-US: Camtasia Studio
-CVE-2010-5233
+CVE-2010-5233 (Untrusted search path vulnerability in Virtual DJ 6.1.2 Trial b301 all ...)
 	NOT-FOR-US: Virtual DJ
-CVE-2010-5232
+CVE-2010-5232 (Untrusted search path vulnerability in DivX Plus Player 8.1.0 allows l ...)
 	NOT-FOR-US: DivX Plus Player
-CVE-2010-5231
+CVE-2010-5231 (Untrusted search path vulnerability in DivX Player 7.2.019 allows loca ...)
 	NOT-FOR-US: DivX Player
-CVE-2010-5230
+CVE-2010-5230 (Multiple untrusted search path vulnerabilities in MicroStation 7.1 all ...)
 	NOT-FOR-US: MicroStation
-CVE-2010-5229
+CVE-2010-5229 (Untrusted search path vulnerability in 010 Editor before 3.1.3 allows  ...)
 	NOT-FOR-US: 010 Editor
-CVE-2010-5228
+CVE-2010-5228 (Untrusted search path vulnerability in RealPlayer SP 1.1.5 12.0.0.879  ...)
 	NOT-FOR-US: RealPlayer SP
-CVE-2010-5227
+CVE-2010-5227 (Untrusted search path vulnerability in Opera before 10.62 allows local ...)
 	NOT-FOR-US: Opera
-CVE-2010-5226
+CVE-2010-5226 (Multiple untrusted search path vulnerabilities in Autodesk Design Revi ...)
 	NOT-FOR-US: Autodesk Design Review
-CVE-2010-5225
+CVE-2010-5225 (Untrusted search path vulnerability in Babylon 8.1.0 r16 allows local  ...)
 	NOT-FOR-US: Babylon 8.1.0
-CVE-2010-5224
+CVE-2010-5224 (Untrusted search path vulnerability in Cool iPhone Ringtone Maker 2.2. ...)
 	NOT-FOR-US: Cool iPhone Ringtone Maker
-CVE-2010-5223
+CVE-2010-5223 (Multiple untrusted search path vulnerabilities in Phoenix Project Mana ...)
 	NOT-FOR-US: Phoenix Project Manager
-CVE-2010-5222
+CVE-2010-5222 (Untrusted search path vulnerability in Ease Jukebox 1.40 allows local  ...)
 	NOT-FOR-US: Ease Jukebox
-CVE-2010-5221
+CVE-2010-5221 (Untrusted search path vulnerability in STDU Explorer 1.0.201 allows lo ...)
 	NOT-FOR-US: STDU Explorer
-CVE-2010-5220
+CVE-2010-5220 (Untrusted search path vulnerability in MEO Encryption Software 2.02 al ...)
 	NOT-FOR-US: MEO Encryption Software
-CVE-2010-5219
+CVE-2010-5219 (Untrusted search path vulnerability in SmartFTP 4.0.1140.0 allows loca ...)
 	NOT-FOR-US: SmartFTP
-CVE-2010-5218
+CVE-2010-5218 (Untrusted search path vulnerability in Dupehunter 9.0.0.3911 allows lo ...)
 	NOT-FOR-US: Dupehunter
-CVE-2010-5217
+CVE-2010-5217 (Multiple untrusted search path vulnerabilities in TuneUp Utilities 200 ...)
 	NOT-FOR-US: TuneUp Utilities
-CVE-2010-5216
+CVE-2010-5216 (Untrusted search path vulnerability in LINGO 11.0.1.6 and 12.0.2.20 al ...)
 	NOT-FOR-US: LINGO
-CVE-2010-5215
+CVE-2010-5215 (Multiple untrusted search path vulnerabilities in SWiSH Max3 3.0 2009. ...)
 	NOT-FOR-US: SWiSH Max3
-CVE-2010-5214
+CVE-2010-5214 (Untrusted search path vulnerability in Fotobook Editor 5.0 2.8.0.1 all ...)
 	NOT-FOR-US: Fotobook Editor
-CVE-2010-5213
+CVE-2010-5213 (Untrusted search path vulnerability in Adobe LiveCycle Designer 8.2.1. ...)
 	NOT-FOR-US: Adobe LiveCycle Designer
-CVE-2010-5212
+CVE-2010-5212 (Untrusted search path vulnerability in Adobe LiveCycle Designer ES2 9. ...)
 	NOT-FOR-US: Adobe LiveCycle Designer ES2
-CVE-2010-5211
+CVE-2010-5211 (Untrusted search path vulnerability in ALSee 6.20.0.1 allows local use ...)
 	NOT-FOR-US: ALSee
-CVE-2010-5210
+CVE-2010-5210 (Untrusted search path vulnerability in Sorax Reader 2.0.3129.70 allows ...)
 	NOT-FOR-US: Sorax Reader
-CVE-2010-5209
+CVE-2010-5209 (Multiple untrusted search path vulnerabilities in Nuance PDF Reader 6. ...)
 	NOT-FOR-US: Nuance PDF Reader
-CVE-2010-5208
+CVE-2010-5208 (Multiple untrusted search path vulnerabilities in the (1) Presentation ...)
 	NOT-FOR-US: Kingsoft Office
-CVE-2010-5207
+CVE-2010-5207 (Multiple untrusted search path vulnerabilities in CelFrame Office 2008 ...)
 	NOT-FOR-US: CelFrame Office
-CVE-2010-5206
+CVE-2010-5206 (Multiple untrusted search path vulnerabilities in e-press ONE Office E ...)
 	NOT-FOR-US: ONE Office
-CVE-2010-5205
+CVE-2010-5205 (Multiple untrusted search path vulnerabilities in e-press ONE Office A ...)
 	NOT-FOR-US: ONE Office
-CVE-2010-5204
+CVE-2010-5204 (Multiple untrusted search path vulnerabilities in IBM Lotus Symphony 1 ...)
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2010-5203
+CVE-2010-5203 (Multiple untrusted search path vulnerabilities in NCP Secure Enterpris ...)
 	NOT-FOR-US: NCP Secure Enterprise
-CVE-2010-5202
+CVE-2010-5202 (Untrusted search path vulnerability in JetAudio 8.0.7.1000 Basic allow ...)
 	NOT-FOR-US: JetAudio
-CVE-2010-5201
+CVE-2010-5201 (Untrusted search path vulnerability in MAGIX Samplitude Producer 11 al ...)
 	NOT-FOR-US: MAGIX Samplitude Producer
-CVE-2010-5200
+CVE-2010-5200 (Untrusted search path vulnerability in KeePass Password Safe before 1. ...)
 	NOT-FOR-US: KeePass 1 (a Windows only program) is not in Debian, only KeePass 2 (multi-OS version of KeePass) and KeePassX (port/rewrite of KeePass)
-CVE-2010-5199
+CVE-2010-5199 (Untrusted search path vulnerability in PhotoImpact X3 13.00.0000.0 all ...)
 	NOT-FOR-US: PhotoImpact
-CVE-2010-5198
+CVE-2010-5198 (Multiple untrusted search path vulnerabilities in Intuit QuickBooks 20 ...)
 	NOT-FOR-US: Intuit QuickBooks
-CVE-2010-5197
+CVE-2010-5197 (Untrusted search path vulnerability in Pixia 4.70j allows local users  ...)
 	NOT-FOR-US: Pixia 4.70j
-CVE-2010-5196
+CVE-2010-5196 (Untrusted search path vulnerability in KeePass Password Safe before 2. ...)
 	- keepass2 <not-affected> (only affects Windows)
-CVE-2010-5195
+CVE-2010-5195 (Untrusted search path vulnerability in Roxio MyDVD 9 allows local user ...)
 	NOT-FOR-US: Roxio MyDVD 9
-CVE-2010-5194
+CVE-2010-5194 (Stack-based buffer overflow in the Image2PDF function in the SCRIBBLE. ...)
 	NOT-FOR-US: Viscom Image Viewer CP Pro
-CVE-2010-5193
+CVE-2010-5193 (Stack-based buffer overflow in the TIFMergeMultiFiles function in the  ...)
 	NOT-FOR-US: Viscom Image Viewer CP Pro
-CVE-2010-5192
+CVE-2010-5192 (Cross-site scripting (XSS) vulnerability in the Java Management Consol ...)
 	NOT-FOR-US: Blue Coat
-CVE-2010-5191
+CVE-2010-5191 (Multiple cross-site request forgery (CSRF) vulnerabilities on the Blue ...)
 	NOT-FOR-US: Blue Coat
-CVE-2010-5190
+CVE-2010-5190 (The Active Content Transformation functionality in Blue Coat ProxySG b ...)
 	NOT-FOR-US: Blue Coat
-CVE-2010-5189
+CVE-2010-5189 (Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 be ...)
 	NOT-FOR-US: Blue Coat
-CVE-2010-5188
+CVE-2010-5188 (SilverStripe 2.3.x before 2.3.6 allows remote attackers to obtain sens ...)
 	- silverstripe <itp> (bug #528461)
-CVE-2010-5187
+CVE-2010-5187 (SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1, when running o ...)
 	- silverstripe <itp> (bug #528461)
-CVE-2010-5186
+CVE-2010-5186 (The Antivirus component in Comodo Internet Security before 4.1.150349. ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2010-5185
+CVE-2010-5185 (The Antivirus component in Comodo Internet Security before 5.3.174622. ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2010-5184
+CVE-2010-5184 (** DISPUTED ** Race condition in ZoneAlarm Extreme Security 9.1.507.00 ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5183
+CVE-2010-5183 (** DISPUTED ** Race condition in Webroot Internet Security Essentials  ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5182
+CVE-2010-5182 (** DISPUTED ** Race condition in VirusBuster Internet Security Suite 3 ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5181
+CVE-2010-5181 (** DISPUTED ** Race condition in VIPRE Antivirus Premium 4.0.3272 on W ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5180
+CVE-2010-5180 (** DISPUTED ** Race condition in VBA32 Personal 3.12.12.4 on Windows X ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5179
+CVE-2010-5179 (** DISPUTED ** Race condition in Trend Micro Internet Security Pro 201 ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5178
+CVE-2010-5178 (** DISPUTED ** Race condition in ThreatFire 4.7.0.17 on Windows XP all ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5177
+CVE-2010-5177 (** DISPUTED ** Race condition in Sophos Endpoint Security and Control  ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5176
+CVE-2010-5176 (** DISPUTED ** Race condition in Security Shield 2010 13.0.16.313 on W ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5175
+CVE-2010-5175 (** DISPUTED ** Race condition in PrivateFirewall 7.0.20.37 on Windows  ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5174
+CVE-2010-5174 (** DISPUTED ** Race condition in Prevx 3.0.5.143 on Windows XP allows  ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5173
+CVE-2010-5173 (** DISPUTED ** Race condition in PC Tools Firewall Plus 6.0.0.88 on Wi ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5172
+CVE-2010-5172 (** DISPUTED ** Race condition in Panda Internet Security 2010 15.01.00 ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5171
+CVE-2010-5171 (** DISPUTED ** Race condition in Outpost Security Suite Pro 6.7.3.3063 ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5170
+CVE-2010-5170 (** DISPUTED ** Race condition in Online Solutions Security Suite 1.5.1 ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5169
+CVE-2010-5169 (** DISPUTED ** Race condition in Online Armor Premium 4.0.0.35 on Wind ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5168
+CVE-2010-5168 (** DISPUTED ** Race condition in Symantec Norton Internet Security 201 ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5167
+CVE-2010-5167 (** DISPUTED ** Race condition in Norman Security Suite PRO 8.0 on Wind ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5166
+CVE-2010-5166 (** DISPUTED ** Race condition in McAfee Total Protection 2010 10.0.580 ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5165
+CVE-2010-5165 (** DISPUTED ** Race condition in Malware Defender 2.6.0 on Windows XP  ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5164
+CVE-2010-5164 (** DISPUTED ** Race condition in KingSoft Personal Firewall 9 Plus 200 ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5163
+CVE-2010-5163 (** DISPUTED ** Race condition in Kaspersky Internet Security 2010 9.0. ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5162
+CVE-2010-5162 (** DISPUTED ** Race condition in G DATA TotalCare 2010 on Windows XP a ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5161
+CVE-2010-5161 (** DISPUTED ** Race condition in F-Secure Internet Security 2010 10.00 ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5160
+CVE-2010-5160 (** DISPUTED ** Race condition in ESET Smart Security 4.2.35.3 on Windo ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5159
+CVE-2010-5159 (** DISPUTED ** Race condition in Dr.Web Security Space Pro 6.0.0.03100 ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5158
+CVE-2010-5158 (** DISPUTED ** Race condition in DefenseWall Personal Firewall 3.00 on ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5157
+CVE-2010-5157 (Race condition in Comodo Internet Security before 4.1.149672.916 on Wi ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2010-5156
+CVE-2010-5156 (** DISPUTED ** Race condition in CA Internet Security Suite Plus 2010  ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5155
+CVE-2010-5155 (** DISPUTED ** Race condition in Blink Professional 4.6.1 on Windows X ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5154
+CVE-2010-5154 (** DISPUTED ** Race condition in BitDefender Total Security 2010 13.0. ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5153
+CVE-2010-5153 (** DISPUTED ** Race condition in Avira Premium Security Suite 10.0.0.5 ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5152
+CVE-2010-5152 (** DISPUTED ** Race condition in AVG Internet Security 9.0.791 on Wind ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5151
+CVE-2010-5151 (** DISPUTED ** Race condition in avast! Internet Security 5.0.462 on W ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5150
+CVE-2010-5150 (** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2  ...)
 	NOT-FOR-US: Anti virus snake oil
-CVE-2010-5149
+CVE-2010-5149 (Websense Web Security and Web Filter before 6.3.3 Hotfix 27 and 7.x be ...)
 	NOT-FOR-US: Websense
-CVE-2010-5148
+CVE-2010-5148 (Websense Web Security and Web Filter before 7.1 Hotfix 21 do not set t ...)
 	NOT-FOR-US: Websense
-CVE-2010-5147
+CVE-2010-5147 (The Remote Filtering component in Websense Web Security and Web Filter ...)
 	NOT-FOR-US: Websense
-CVE-2010-5146
+CVE-2010-5146 (The Remote Filtering component in Websense Web Security and Web Filter ...)
 	NOT-FOR-US: Websense
-CVE-2010-5145
+CVE-2010-5145 (The Filtering Service in Websense Web Security and Web Filter before 6 ...)
 	NOT-FOR-US: Websense
-CVE-2010-5144
+CVE-2010-5144 (The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security ...)
 	NOT-FOR-US: Websense
-CVE-2010-5143
+CVE-2010-5143 (McAfee VirusScan Enterprise before 8.8 allows local users to disable t ...)
 	NOT-FOR-US: McAfee
-CVE-2010-5142
+CVE-2010-5142 (chef-server-api/app/controllers/users.rb in the API in Chef before 0.9 ...)
 	- chef 0.10.10-1
-CVE-2010-5141
+CVE-2010-5141 (wxBitcoin and bitcoind before 0.3.5 do not properly handle script opco ...)
 	- bitcoin <not-affected> (Fixed before initial release)
-CVE-2010-5140
+CVE-2010-5140 (wxBitcoin and bitcoind before 0.3.13 do not properly handle bitcoins a ...)
 	- bitcoin <not-affected> (Fixed before initial release)
-CVE-2010-5139
+CVE-2010-5139 (Integer overflow in wxBitcoin and bitcoind before 0.3.11 allows remote ...)
 	- bitcoin <not-affected> (Fixed before initial release)
-CVE-2010-5138
+CVE-2010-5138 (wxBitcoin and bitcoind 0.3.x allow remote attackers to cause a denial  ...)
 	- bitcoin 0.4.0-1
-CVE-2010-5137
+CVE-2010-5137 (wxBitcoin and bitcoind before 0.3.5 allow remote attackers to cause a  ...)
 	- bitcoin <not-affected> (Fixed before initial release)
 CVE-2010-5136
 	REJECTED
@@ -466,18 +466,18 @@ CVE-2010-5113
 	RESERVED
 CVE-2010-5112
 	RESERVED
-CVE-2010-5111
+CVE-2010-5111 (Multiple buffer overflows in readline.c in Echoping 6.0.2 allow remote ...)
 	- echoping 6.0.2-4 (low; bug #606808)
 	[squeeze] - echoping <no-dsa> (Minor issue)
 	NOTE: Upstream fix http://sourceforge.net/p/echoping/bugs/55/
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=349569
 	NOTE: http://xforce.iss.net/xforce/xfdb/64141
 	NOTE: http://secunia.com/advisories/42619/
-CVE-2010-5110
+CVE-2010-5110 (DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause ...)
 	{DLA-24-1}
 	- poppler 0.16.3-1 (bug #722705)
 	[squeeze] - poppler 0.12.4-1.2+squeeze4
-CVE-2010-5109
+CVE-2010-5109 (Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's  ...)
 	- libytnef 1.5-5 (low; bug #705468)
 	[squeeze] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
@@ -490,614 +490,614 @@ CVE-2010-5109
 CVE-2010-5108 [Trac Ticket Modification Workflow Permission Restriction Bypass]
 	RESERVED
 	- trac 0.11.7-1 (bug #573260)
-CVE-2010-5107
+CVE-2010-5107 (The default configuration of OpenSSH through 6.1 enforces a fixed time ...)
 	- openssh 1:6.0p1-4 (low; bug #700102)
 	[squeeze] - openssh 1:5.5p1-6+squeeze3
-CVE-2010-5106
+CVE-2010-5106 (The XML-RPC remote publishing interface in xmlrpc.php in WordPress bef ...)
 	- wordpress 3.0.3-1
-CVE-2010-5105
+CVE-2010-5105 (The undo save quit routine in the kernel in Blender 2.5, 2.63a, and ea ...)
 	- blender <unfixed> (unimportant; bug #584621)
 	[squeeze] - blender <no-dsa> (Minor issue)
 	[wheezy] - blender <no-dsa> (Minor issue)
 	NOTE: Neutralised by kernel temp hardening
-CVE-2010-5104
+CVE-2010-5104 (The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before ...)
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5103
+CVE-2010-5103 (SQL injection vulnerability in the list module in TYPO3 4.2.x before 4 ...)
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5102
+CVE-2010-5102 (Directory traversal vulnerability in mod/tools/em/class.em_unzip.php i ...)
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5101
+CVE-2010-5101 (Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2 ...)
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5100
+CVE-2010-5100 (Multiple cross-site scripting (XSS) vulnerabilities in the Install Too ...)
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5099
+CVE-2010-5099 (The fileDenyPattern functionality in the PHP file inclusion protection ...)
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5098
+CVE-2010-5098 (Cross-site scripting (XSS) vulnerability in the FORM content object in ...)
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
-CVE-2010-5097
+CVE-2010-5097 (Cross-site scripting (XSS) vulnerability in the click enlarge function ...)
 	- typo3-src 4.3.9+dfsg1-1 (bug #607286)
 CVE-2010-5096
 	NOT-FOR-US: MyBB
-CVE-2010-5095
+CVE-2010-5095 (Cross-site scripting (XSS) vulnerability in SilverStripe 2.3.x before  ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5094
+CVE-2010-5094 (The deleteinstallfiles function in control/ContentController.php in Si ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5093
+CVE-2010-5093 (Member_ProfileForm in security/Member.php in SilverStripe 2.3.x before ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5092
+CVE-2010-5092 (The Add Member dialog in the Security admin page in SilverStripe 2.4.0 ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5091
+CVE-2010-5091 (The setName function in filesystem/File.php in SilverStripe 2.3.x befo ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5090
+CVE-2010-5090 (SilverStripe before 2.4.2 allows remote authenticated users to change  ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5089
+CVE-2010-5089 (SilverStripe before 2.4.2 does not properly restrict access to pages i ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5088
+CVE-2010-5088 (Multiple cross-site request forgery (CSRF) vulnerabilities in SilverSt ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5087
+CVE-2010-5087 (SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 allows remote  ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5086
+CVE-2010-5086 (Directory traversal vulnerability in wiki/rankings.php in Bitweaver 2. ...)
 	NOT-FOR-US: Bitweaver
-CVE-2010-5085
+CVE-2010-5085 (Multiple cross-site request forgery (CSRF) vulnerabilities in admin/up ...)
 	NOT-FOR-US: Hulihan Amethyst
-CVE-2010-5084
+CVE-2010-5084 (The cross-site request forgery (CSRF) protection mechanism in e107 bef ...)
 	NOT-FOR-US: e107
-CVE-2010-5083
+CVE-2010-5083 (SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 a ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2010-5082
+CVE-2010-5082 (Untrusted search path vulnerability in colorcpl.exe 6.0.6000.16386 in  ...)
 	NOT-FOR-US: Windows Server
-CVE-2010-5081
+CVE-2010-5081 (Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 al ...)
 	NOT-FOR-US: Mini-Stream RM-MP3 Converter
-CVE-2010-5080
+CVE-2010-5080 (The Security/changepassword URL action in SilverStripe 2.3.x before 2. ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5079
+CVE-2010-5079 (SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entr ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5078
+CVE-2010-5078 (SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 stores sensiti ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-5077
+CVE-2010-5077 (server/sv_main.c in Quake3 Arena, as used in ioquake3 before r1762, Op ...)
 	{DSA-2442-1}
 	- openarena 0.8.5-6 (medium; bug #665656)
 	- ioquake3 <not-affected> (fixed before upload)
 	- tremulous 1.1.0-8 (bug #665842)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2010-5076
+CVE-2010-5076 (QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in  ...)
 	- qt4-x11 4:4.6.3-1
 	NOTE: Might be fixed earlier, but Squeeze version has been validated to be fixed
-CVE-2010-5075
+CVE-2010-5075 (Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5. ...)
 	NOT-FOR-US: Avast! Internet Security
-CVE-2010-5074
+CVE-2010-5074 (The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3. ...)
 	- iceweasel 4.0-1 (unimportant)
-CVE-2010-5073
+CVE-2010-5073 (The JavaScript implementation in Google Chrome 4 does not properly res ...)
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
-CVE-2010-5072
+CVE-2010-5072 (The JavaScript implementation in Opera 10.5 does not properly restrict ...)
 	NOT-FOR-US: Opera
-CVE-2010-5071
+CVE-2010-5071 (The JavaScript implementation in Microsoft Internet Explorer 8.0 and e ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-5070
+CVE-2010-5070 (The JavaScript implementation in Apple Safari 4 does not properly rest ...)
 	NOT-FOR-US: Safari
-CVE-2010-5069
+CVE-2010-5069 (The Cascading Style Sheets (CSS) implementation in Google Chrome 4 doe ...)
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
-CVE-2010-5068
+CVE-2010-5068 (The Cascading Style Sheets (CSS) implementation in Opera 10.5 does not ...)
 	NOT-FOR-US: Opera
-CVE-2010-5067
+CVE-2010-5067 (Virtual War (aka VWar) 1.6.1 R2 uses static session cookies that depen ...)
 	NOT-FOR-US: Virtual War
-CVE-2010-5066
+CVE-2010-5066 (The createRandomPassword function in includes/functions_common.php in  ...)
 	NOT-FOR-US: Virtual War
-CVE-2010-5065
+CVE-2010-5065 (popup.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers t ...)
 	NOT-FOR-US: Virtual War
-CVE-2010-5064
+CVE-2010-5064 (Multiple cross-site scripting (XSS) vulnerabilities in Virtual War (ak ...)
 	NOT-FOR-US: Virtual War
-CVE-2010-5063
+CVE-2010-5063 (SQL injection vulnerability in article.php in Virtual War (aka VWar) 1 ...)
 	NOT-FOR-US: Virtual War
-CVE-2010-5062
+CVE-2010-5062 (SQL injection vulnerability in search.php in MH Products kleinanzeigen ...)
 	NOT-FOR-US: MH Products kleinanzeigenmarkt
-CVE-2010-5061
+CVE-2010-5061 (SQL injection vulnerability in index.php in RSStatic allows remote att ...)
 	NOT-FOR-US: RSStatic
-CVE-2010-5060
+CVE-2010-5060 (SQL injection vulnerability in Nus.php in NUs Newssystem 1.02 allows r ...)
 	NOT-FOR-US: NUs Newssystem
-CVE-2010-5059
+CVE-2010-5059 (SQL injection vulnerability in index.php in CMScout 2.0.8 allows remot ...)
 	NOT-FOR-US: CMScout
-CVE-2010-5058
+CVE-2010-5058 (SQL injection vulnerability in detResolucion.php in CMS Ariadna 1.1 al ...)
 	NOT-FOR-US: CMS Ariadna
-CVE-2010-5057
+CVE-2010-5057 (SQL injection vulnerability in detResolucion.php in CMS Ariadna 1.1 al ...)
 	NOT-FOR-US: CMS Ariadna
-CVE-2010-5056
+CVE-2010-5056 (SQL injection vulnerability in the GBU Facebook (com_gbufacebook) comp ...)
 	NOT-FOR-US: GBU Facebook
-CVE-2010-5055
+CVE-2010-5055 (SQL injection vulnerability in index.php in Almnzm 2.1 allows remote a ...)
 	NOT-FOR-US: Almnzm
-CVE-2010-5054
+CVE-2010-5054 (Cross-site scripting (XSS) vulnerability in Special:Login in JAMWiki b ...)
 	NOT-FOR-US: JAMWiki
-CVE-2010-5053
+CVE-2010-5053 (SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-5052
+CVE-2010-5052 (Cross-site scripting (XSS) vulnerability in admin/components.php in Ge ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2010-5051
+CVE-2010-5051 (Cross-site scripting (XSS) vulnerability in admin/core/admin_func.php  ...)
 	NOT-FOR-US: razorCMS
-CVE-2010-5050
+CVE-2010-5050 (Cross-site scripting (XSS) vulnerability in jsp/admin/tools/remote_sha ...)
 	NOT-FOR-US: ManageEngine ADManager Plus
-CVE-2010-5049
+CVE-2010-5049 (SQL injection vulnerability in events.php in Zabbix 1.8.1 and earlier  ...)
 	- zabbix  1:1.8.2-1
-CVE-2010-5048
+CVE-2010-5048 (Cross-site scripting (XSS) vulnerability in admin.jcomments.php in the ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-5047
+CVE-2010-5047 (SQL injection vulnerability in page.php in V-EVA Press Release Script  ...)
 	NOT-FOR-US: V-EVA Press Release Script
-CVE-2010-5046
+CVE-2010-5046 (Cross-site scripting (XSS) vulnerability in admin.php in ecoCMS allows ...)
 	NOT-FOR-US: ecoCMS
-CVE-2010-5045
+CVE-2010-5045 (Cross-site scripting (XSS) vulnerability in poll/default.asp in Smart  ...)
 	NOT-FOR-US: Smart ASP Survey
-CVE-2010-5044
+CVE-2010-5044 (SQL injection vulnerability in models/log.php in the Search Log (com_s ...)
 	NOT-FOR-US: Search log Joomla addon
-CVE-2010-5043
+CVE-2010-5043 (SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) co ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-5042
+CVE-2010-5042 (Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_dja ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-5041
+CVE-2010-5041 (SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 ...)
 	NOT-FOR-US: Nucleus CMS extension
-CVE-2010-5040
+CVE-2010-5040 (PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery. ...)
 	NOT-FOR-US: Nucleus CMS extension
-CVE-2010-5039
+CVE-2010-5039 (SQL injection vulnerability in control/admin_login.php in ScriptsFeed  ...)
 	NOT-FOR-US: ScriptsFeed Recipes Listing Portal
-CVE-2010-5038
+CVE-2010-5038 (PHP remote file inclusion vulnerability in contact/contact.php in Groo ...)
 	NOT-FOR-US: Groone's Simple Contact Form
-CVE-2010-5037
+CVE-2010-5037 (SQL injection vulnerability in article.php in SenseSites CommonSense C ...)
 	NOT-FOR-US: SenseSites CommonSense CMS
-CVE-2010-5036
+CVE-2010-5036 (SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allow ...)
 	NOT-FOR-US: iScripts eSwap
-CVE-2010-5035
+CVE-2010-5035 (Cross-site scripting (XSS) vulnerability in search.php in iScripts eSw ...)
 	NOT-FOR-US: iScripts eSwap
-CVE-2010-5034
+CVE-2010-5034 (SQL injection vulnerability in viewhistorydetail.php in iScripts EasyB ...)
 	NOT-FOR-US: iScripts EasyBiller
-CVE-2010-5033
+CVE-2010-5033 (SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows ...)
 	NOT-FOR-US: Fusebox
-CVE-2010-5032
+CVE-2010-5032 (SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-5031
+CVE-2010-5031 (Cross-site scripting (XSS) vulnerability in index.php in fileNice 1.1  ...)
 	NOT-FOR-US: fileNice
-CVE-2010-5030
+CVE-2010-5030 (Cross-site scripting (XSS) vulnerability in index.php in Ecomat CMS 5. ...)
 	NOT-FOR-US: Ecomat CMS
-CVE-2010-5029
+CVE-2010-5029 (SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remo ...)
 	NOT-FOR-US: Ecomat CMS
-CVE-2010-5028
+CVE-2010-5028 (SQL injection vulnerability in the JExtensions JE Job (com_jejob) comp ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-5027
+CVE-2010-5027 (Cross-site scripting (XSS) vulnerability in winners.php in Science Fai ...)
 	NOT-FOR-US: Science Fair In A Box (SFIAB)
-CVE-2010-5026
+CVE-2010-5026 (SQL injection vulnerability in winners.php in Science Fair In A Box (S ...)
 	NOT-FOR-US: Science Fair In A Box (SFIAB)
-CVE-2010-5025
+CVE-2010-5025 (Cross-site scripting (XSS) vulnerability in manage/main.php in CuteSIT ...)
 	NOT-FOR-US: CuteSITE CMS
-CVE-2010-5024
+CVE-2010-5024 (SQL injection vulnerability in manage/add_user.php in CuteSITE CMS 1.2 ...)
 	NOT-FOR-US: CuteSITE CMS
-CVE-2010-5023
+CVE-2010-5023 (SQL injection vulnerability in index.asp in Digital Interchange Calend ...)
 	NOT-FOR-US: Digital Interchange Calendar
-CVE-2010-5022
+CVE-2010-5022 (SQL injection vulnerability in the JExtensions JE Story Submit (com_je ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-5021
+CVE-2010-5021 (SQL injection vulnerability in view_group.asp in Digital Interchange D ...)
 	NOT-FOR-US: Digital Interchange Calendar
-CVE-2010-5020
+CVE-2010-5020 (SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 ...)
 	NOT-FOR-US: NetArt Media iBoutique
-CVE-2010-5019
+CVE-2010-5019 (SQL injection vulnerability in view_photo.php in 2daybiz Online Classi ...)
 	NOT-FOR-US: 2daybiz Online Classified Script
-CVE-2010-5018
+CVE-2010-5018 (Cross-site scripting (XSS) vulnerability in products/classified/header ...)
 	NOT-FOR-US: 2daybiz Online Classified Script
-CVE-2010-5017
+CVE-2010-5017 (SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 a ...)
 	NOT-FOR-US: Elite Gaming Ladders
-CVE-2010-5016
+CVE-2010-5016 (SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 ...)
 	NOT-FOR-US: Elite Gaming Ladders
-CVE-2010-5015
+CVE-2010-5015 (SQL injection vulnerability in view_photo.php in 2daybiz Network Commu ...)
 	NOT-FOR-US: 2daybiz Network Community Script
-CVE-2010-5014
+CVE-2010-5014 (SQL injection vulnerability in standings.php in Elite Gaming Ladders 3 ...)
 	NOT-FOR-US: Elite Gaming Ladders
-CVE-2010-5013
+CVE-2010-5013 (SQL injection vulnerability in listing_detail.asp in Mckenzie Creation ...)
 	NOT-FOR-US: Mckenzie Creations Virtual Real Estate Manager
-CVE-2010-5012
+CVE-2010-5012 (SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5 allows ...)
 	NOT-FOR-US: DaLogin
-CVE-2010-5011
+CVE-2010-5011 (SQL injection vulnerability in schoolmv2/html/studentmain.php in Schoo ...)
 	NOT-FOR-US: SchoolMation
-CVE-2010-5010
+CVE-2010-5010 (Cross-site scripting (XSS) vulnerability in schoolmv2/html/studentmain ...)
 	NOT-FOR-US: SchoolMation
-CVE-2010-5009
+CVE-2010-5009 (SQL injection vulnerability in index.php in UTStats Beta 4 and earlier ...)
 	NOT-FOR-US: UTStats
-CVE-2010-5008
+CVE-2010-5008 (SQL injection vulnerability in pages/contact_list_mail_form.asp in Bri ...)
 	NOT-FOR-US: BrightSuite Groupware
-CVE-2010-5007
+CVE-2010-5007 (Cross-site scripting (XSS) vulnerability in pages/match_report.php in  ...)
 	NOT-FOR-US: UTStats
-CVE-2010-5006
+CVE-2010-5006 (SQL injection vulnerability in googlemap/index.php in EMO Realty Manag ...)
 	NOT-FOR-US: EMO Realty Manager
-CVE-2010-5005
+CVE-2010-5005 (Cross-site scripting (XSS) vulnerability in members/profileCommentsRes ...)
 	NOT-FOR-US: Rayzz Photoz
-CVE-2010-5004
+CVE-2010-5004 (SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Ad ...)
 	NOT-FOR-US: 2daybiz Polls
-CVE-2010-5000
+CVE-2010-5000 (SQL injection vulnerability in login/login_index.php in MCLogin System ...)
 	NOT-FOR-US: MCLogin System
-CVE-2010-4998
+CVE-2010-4998 (PHP remote file inclusion vulnerability in ardeaCore/lib/core/ardeaIni ...)
 	NOT-FOR-US: ardeaCore PHP Framework
-CVE-2010-4997
+CVE-2010-4997 (SQL injection vulnerability in index.php in OlyKit Swoopo Clone 2010 a ...)
 	NOT-FOR-US: OlyKit Swoopo Clone 2010
-CVE-2010-4971
+CVE-2010-4971 (Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Vid ...)
 	NOT-FOR-US: VideoWhisper PHP 2 Way Video Chat
-CVE-2010-5003
+CVE-2010-5003 (SQL injection vulnerability in the AutarTimonial (com_autartimonial) c ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-5002
+CVE-2010-5002 (Cross-site scripting (XSS) vulnerability in modules/slideshowmodule/sl ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2010-5001
+CVE-2010-5001 (SQL injection vulnerability in view.php in esoftpro Online Contact Man ...)
 	NOT-FOR-US: esoftpro Online Contact Manager
-CVE-2010-4999
+CVE-2010-4999 (SQL injection vulnerability in index.php in esoftpro Online Photo Pro  ...)
 	NOT-FOR-US: esoftpro Online Photo Pro
-CVE-2010-4996
+CVE-2010-4996 (SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbo ...)
 	NOT-FOR-US: esoftpro Online Guestbook Pro
-CVE-2010-4995
+CVE-2010-4995 (SQL injection vulnerability in the NeoRecruit (com_neorecruit) compone ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4994
+CVE-2010-4994 (SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4993
+CVE-2010-4993 (SQL injection vulnerability in the eventcal (com_eventcal) component 1 ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4992
+CVE-2010-4992 (SQL injection vulnerability in the Payments Plus component 2.1.5 for J ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4991
+CVE-2010-4991 (SQL injection vulnerability in the NinjaMonials (com_ninjamonials) com ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4990
+CVE-2010-4990 (SQL injection vulnerability in the Front-edit Address Book (com_addres ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4989
+CVE-2010-4989 (SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows r ...)
 	NOT-FOR-US: Ziggurat Farsi CMS
-CVE-2010-4988
+CVE-2010-4988 (PHP remote file inclusion vulnerability in mod_chatting/themes/default ...)
 	NOT-FOR-US: Family Connections Who is Chatting
-CVE-2010-4987
+CVE-2010-4987 (SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GB ...)
 	NOT-FOR-US: KMSoft Guestbook (aka GBook)
-CVE-2010-4986
+CVE-2010-4986 (SQL injection vulnerability in detail.php in Simple Document Managemen ...)
 	NOT-FOR-US: Simple Document Management System (SDMS)
-CVE-2010-4985
+CVE-2010-4985 (Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam Not ...)
 	NOT-FOR-US: My Kazaam Notes Management System
-CVE-2010-4984
+CVE-2010-4984 (SQL injection vulnerability in notes.php in My Kazaam Notes Management ...)
 	NOT-FOR-US: My Kazaam Notes Management System
-CVE-2010-4983
+CVE-2010-4983 (SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0  ...)
 	NOT-FOR-US: iScripts CyberMatch
-CVE-2010-4982
+CVE-2010-4982 (SQL injection vulnerability in address_book/contacts.php in My Kazaam  ...)
 	NOT-FOR-US: My Kazaam Address & Contact Organizer
-CVE-2010-4981
+CVE-2010-4981 (SQL injection vulnerability in trackads.php in YourFreeWorld Banner Ma ...)
 	NOT-FOR-US: YourFreeWorld Banner Management
-CVE-2010-4980
+CVE-2010-4980 (SQL injection vulnerability in packagedetails.php in iScripts ReserveL ...)
 	NOT-FOR-US: iScripts ReserveLogic
-CVE-2010-4979
+CVE-2010-4979 (SQL injection vulnerability in image/view.php in CANDID allows remote  ...)
 	NOT-FOR-US: CANDID
-CVE-2010-4978
+CVE-2010-4978 (Cross-site scripting (XSS) vulnerability in image/view.php in CANDID a ...)
 	NOT-FOR-US: CANDID
-CVE-2010-4977
+CVE-2010-4977 (SQL injection vulnerability in menu.php in the Canteen (com_canteen) c ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4976
+CVE-2010-4976 (Cross-site scripting (XSS) vulnerability in search/search.php in MetIn ...)
 	NOT-FOR-US: MetInfo
-CVE-2010-4975
+CVE-2010-4975 (SQL injection vulnerability in the Techjoomla SocialAds For JomSocial  ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4974
+CVE-2010-4974 (SQL injection vulnerability in info.php in BrotherScripts (BS) and Scr ...)
 	NOT-FOR-US: BrotherScripts (BS) and ScriptsFeed Auto Dealer
-CVE-2010-4973
+CVE-2010-4973 (Cross-site scripting (XSS) vulnerability in the search feature in Camp ...)
 	NOT-FOR-US: Campsite
-CVE-2010-4972
+CVE-2010-4972 (SQL injection vulnerability in index.php in YPNinc JokeScript allows r ...)
 	NOT-FOR-US: YPNinc JokeScript
-CVE-2010-4970
+CVE-2010-4970 (SQL injection vulnerability in handlers/getpage.php in Wiki Web Help 0 ...)
 	NOT-FOR-US: Wiki Web Help
-CVE-2010-4969
+CVE-2010-4969 (SQL injection vulnerability in articlesdetails.php in BrotherScripts ( ...)
 	NOT-FOR-US: BrotherScripts (BS) Business Directory
-CVE-2010-4968
+CVE-2010-4968 (SQL injection vulnerability in the webmaster-tips.net Flash Gallery (c ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4967
+CVE-2010-4967 (SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6  ...)
 	NOT-FOR-US: ATCOM Netvolution
-CVE-2010-4966
+CVE-2010-4966 (Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvo ...)
 	NOT-FOR-US: ATCOM Netvolution
-CVE-2010-4965
+CVE-2010-4965 (/etc/rc.d/rc.local on the D-Link DCS-2121 camera with firmware 1.04 co ...)
 	NOT-FOR-US: D-Link DCS-2121
-CVE-2010-4964
+CVE-2010-4964 (recorder_test.cgi on the D-Link DCS-2121 camera with firmware 1.04 all ...)
 	NOT-FOR-US: D-Link DCS-2121
-CVE-2010-4963
+CVE-2010-4963 (SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows ...)
 	NOT-FOR-US: Hulihan BXR
-CVE-2010-4962
+CVE-2010-4962 (Unspecified vulnerability in the Webkit PDFs (webkitpdf) extension bef ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4961
+CVE-2010-4961 (SQL injection vulnerability in the Webkit PDFs (webkitpdf) extension b ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4960
+CVE-2010-4960 (Cross-site scripting (XSS) vulnerability in the Branchenbuch (aka Yell ...)
 	NOT-FOR-US: Branchenbuch
-CVE-2010-4959
+CVE-2010-4959 (SQL injection vulnerability in the login feature in Pre Projects Pre P ...)
 	NOT-FOR-US: Pre Projects Pre Podcast Portal
-CVE-2010-4958
+CVE-2010-4958 (SQL injection vulnerability in index.php in Prado Portal 1.2.0 allows  ...)
 	NOT-FOR-US: Prado Portal
-CVE-2010-4957
+CVE-2010-4957 (SQL injection vulnerability in the Questionnaire (ke_questionnaire) ex ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4956
+CVE-2010-4956 (Cross-site scripting (XSS) vulnerability in the Questionnaire (ke_ques ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4955
+CVE-2010-4955 (SQL injection vulnerability in board/board.php in APBoard Developers A ...)
 	NOT-FOR-US: APBoard Developers APBoard
-CVE-2010-4954
+CVE-2010-4954 (SQL injection vulnerability in product_reviews_info.php in xt:Commerce ...)
 	NOT-FOR-US: xt:Commerce Gambio
-CVE-2010-4953
+CVE-2010-4953 (Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1 ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4952
+CVE-2010-4952 (SQL injection vulnerability in the FE user statistic (festat) extensio ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4951
+CVE-2010-4951 (Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xaj ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4950
+CVE-2010-4950 (SQL injection vulnerability in the Event (event) extension before 0.3. ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2010-4949
+CVE-2010-4949 (Cross-site scripting (XSS) vulnerability in the (1) FreiChat component ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4948
+CVE-2010-4948 (PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in ...)
 	NOT-FOR-US: PHP Free Photo Gallery
-CVE-2010-4947
+CVE-2010-4947 (Cross-site scripting (XSS) vulnerability in advanced_search_result.php ...)
 	NOT-FOR-US: ALLPC
-CVE-2010-4946
+CVE-2010-4946 (SQL injection vulnerability in product_info.php in ALLPC 2.5 allows re ...)
 	NOT-FOR-US: ALLPC
-CVE-2010-4945
+CVE-2010-4945 (SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) comp ...)
 	NOT-FOR-US: CamelcityDB
-CVE-2010-4944
+CVE-2010-4944 (SQL injection vulnerability in the Elite Experts (com_elite_experts) c ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4943
+CVE-2010-4943 (Multiple PHP remote file inclusion vulnerabilities in Saurus CMS 4.7.0 ...)
 	NOT-FOR-US: Saurus CMS
-CVE-2010-4942
+CVE-2010-4942 (SQL injection vulnerability in location.php in the eCal module in E-Xo ...)
 	NOT-FOR-US: E-Xoopport Samsara
-CVE-2010-4941
+CVE-2010-4941 (SQL injection vulnerability in the Teams (com_teams) component 1_1028_ ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4940
+CVE-2010-4940 (SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows  ...)
 	NOT-FOR-US: WAnewsletter
-CVE-2010-4939
+CVE-2010-4939 (PHP remote file inclusion vulnerability in index.php in MailForm 1.2 a ...)
 	NOT-FOR-US: MailForm
-CVE-2010-4938
+CVE-2010-4938 (SQL injection vulnerability in the Weblinks (com_weblinks) component i ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4937
+CVE-2010-4937 (Multiple SQL injection vulnerabilities in the Amblog (com_amblog) comp ...)
 	NOT-FOR-US: Amblog
-CVE-2010-4936
+CVE-2010-4936 (SQL injection vulnerability in the Slide Show (com_slideshow) componen ...)
 	NOT-FOR-US: Slide Show extension for Joomla
-CVE-2010-4935
+CVE-2010-4935 (SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier a ...)
 	NOT-FOR-US: Entrans
-CVE-2010-4934
+CVE-2010-4934 (SQL injection vulnerability in video.php in Get Tube 4.51 and earlier  ...)
 	NOT-FOR-US: Get Tube
-CVE-2010-4933
+CVE-2010-4933 (SQL injection vulnerability in filemgmt/singlefile.php in Geeklog 1.3. ...)
 	NOT-FOR-US: Geeklog
-CVE-2010-4932
+CVE-2010-4932 (Cross-site scripting (XSS) vulnerability in search.php in Entrans befo ...)
 	NOT-FOR-US: Entrans
-CVE-2010-4931
+CVE-2010-4931 (** DISPUTED ** Directory traversal vulnerability in maincore.php in PH ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2010-4930
+CVE-2010-4930 (Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail ...)
 	NOT-FOR-US: @mail Webmail
-CVE-2010-4929
+CVE-2010-4929 (SQL injection vulnerability in the Joostina (com_ezautos) component fo ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4928
+CVE-2010-4928 (Cross-site scripting (XSS) vulnerability in the Restaurant Guide (com_ ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4927
+CVE-2010-4927 (SQL injection vulnerability in the Restaurant Guide (com_restaurantgui ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4926
+CVE-2010-4926 (SQL injection vulnerability in the TimeTrack (com_timetrack) component ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4925
+CVE-2010-4925 (SQL injection vulnerability in clic.php in the Partenaires module 1.5  ...)
 	NOT-FOR-US: Nuked Klan
-CVE-2010-4924
+CVE-2010-4924 (** DISPUTED ** PHP remote file inclusion vulnerability in logic/contro ...)
 	NOT-FOR-US: clearBudget
-CVE-2010-4923
+CVE-2010-4923 (SQL injection vulnerability in book/detail.php in Virtue Netz Virtue B ...)
 	NOT-FOR-US: Virtue Netz Virtue
-CVE-2010-4922
+CVE-2010-4922 (Multiple SQL injection vulnerabilities in Allinta CMS 22.07.2010 allow ...)
 	NOT-FOR-US: Allinta CMS
-CVE-2010-4921
+CVE-2010-4921 (SQL injection vulnerability in inc_pollingboothmanager.asp in DMXReady ...)
 	NOT-FOR-US: DMXReady Polling Booth Manager
-CVE-2010-4920
+CVE-2010-4920 (SQL injection vulnerability in detail.asp in Micronetsoft Rental Prope ...)
 	NOT-FOR-US: Micronetsoft
-CVE-2010-4919
+CVE-2010-4919 (SQL injection vulnerability in detail.asp in Micronetsoft RV Dealer We ...)
 	NOT-FOR-US: Micronetsoft
-CVE-2010-4918
+CVE-2010-4918 (PHP remote file inclusion vulnerability in iJoomla Magazine (com_magaz ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4917
+CVE-2010-4917 (SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows ...)
 	NOT-FOR-US: A-Blog
-CVE-2010-4916
+CVE-2010-4916 (Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUse ...)
 	NOT-FOR-US: ColdGen ColdUserGroup
-CVE-2010-4915
+CVE-2010-4915 (SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 ...)
 	NOT-FOR-US: ColdGen ColdBookmarks
-CVE-2010-4914
+CVE-2010-4914 (PHP remote file inclusion vulnerability in tools/phpmailer/class.phpma ...)
 	NOT-FOR-US: PHP Classifieds
-CVE-2010-4913
+CVE-2010-4913 (Cross-site scripting (XSS) vulnerability in the search feature in Cold ...)
 	NOT-FOR-US: ColdGen ColdUserGroup
-CVE-2010-4912
+CVE-2010-4912 (SQL injection vulnerability in shop.php in UCenter Home 2.0 allows rem ...)
 	NOT-FOR-US: UCenter
-CVE-2010-4911
+CVE-2010-4911 (SQL injection vulnerability in classi/detail.php in PHP Classifieds Ad ...)
 	NOT-FOR-US: PHP Classifieds
-CVE-2010-4910
+CVE-2010-4910 (SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06  ...)
 	NOT-FOR-US: ColdGen ColdCalendar
-CVE-2010-4909
+CVE-2010-4909 (Multiple cross-site scripting (XSS) vulnerabilities in PaysiteReviewCM ...)
 	NOT-FOR-US: PaysiteReviewCMS
-CVE-2010-4908
+CVE-2010-4908 (SQL injection vulnerability in detail.php in Virtue Shopping Mall allo ...)
 	NOT-FOR-US: Virtue Shopping Mall
-CVE-2010-4907
+CVE-2010-4907 (Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenph ...)
 	NOT-FOR-US: Zenphoto
-CVE-2010-4906
+CVE-2010-4906 (SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3  ...)
 	NOT-FOR-US: Zenphoto
-CVE-2010-4905
+CVE-2010-4905 (SQL injection vulnerability in article_details.php in Softbiz Article  ...)
 	NOT-FOR-US: Softbiz
-CVE-2010-4904
+CVE-2010-4904 (SQL injection vulnerability in the Aardvertiser (com_aardvertiser) com ...)
 	NOT-FOR-US: Aardvertiser
-CVE-2010-4903
+CVE-2010-4903 (SQL injection vulnerability in index.php in CubeCart 4.3.3 allows remo ...)
 	NOT-FOR-US: CubeCart
-CVE-2010-4902
+CVE-2010-4902 (Multiple SQL injection vulnerabilities in the Clantools (com_clantools ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4901
+CVE-2010-4901 (Multiple cross-site scripting (XSS) vulnerabilities in char_map.php in ...)
 	NOT-FOR-US: MySource Matrix
-CVE-2010-4900
+CVE-2010-4900 (Open redirect vulnerability in c.php in CMS WebManager-Pro 8.1 and ear ...)
 	NOT-FOR-US: CMS WebManager-Pro
-CVE-2010-4899
+CVE-2010-4899 (SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1  ...)
 	NOT-FOR-US: CMS WebManager-Pro
-CVE-2010-4898
+CVE-2010-4898 (SQL injection vulnerability in the Gantry (com_gantry) component 3.0.1 ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4897
+CVE-2010-4897 (SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remot ...)
 	NOT-FOR-US: BlueCMS
-CVE-2010-4896
+CVE-2010-4896 (Cross-site scripting (XSS) vulnerability in admin/index.asp in Member  ...)
 	NOT-FOR-US: Member Management System
-CVE-2010-4895
+CVE-2010-4895 (Cross-site scripting (XSS) vulnerability in core/showsite.php in chill ...)
 	NOT-FOR-US: chillyCMS
-CVE-2010-4894
+CVE-2010-4894 (SQL injection vulnerability in core/showsite.php in chillyCMS 1.1.3 al ...)
 	NOT-FOR-US: chillyCMS
-CVE-2010-4893
+CVE-2010-4893 (Cross-site scripting (XSS) vulnerability in foodvendors.php in FestOS  ...)
 	NOT-FOR-US: FestOS
-CVE-2010-4892
+CVE-2010-4892 (Cross-site scripting (XSS) vulnerability in the powermail extension be ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4891
+CVE-2010-4891 (SQL injection vulnerability in the Yet Another Calendar (ke_yac) exten ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4890
+CVE-2010-4890 (Cross-site scripting (XSS) vulnerability in the Yet Another Calendar ( ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4889
+CVE-2010-4889 (Unspecified vulnerability in the Tiny Market (hm_tinymarket) extension ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4888
+CVE-2010-4888 (SQL injection vulnerability in the Tiny Market (hm_tinymarket) extensi ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4887
+CVE-2010-4887 (SQL injection vulnerability in the Commenting system Backend Module (c ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4886
+CVE-2010-4886 (Cross-site scripting (XSS) vulnerability in the "official twitter twee ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4885
+CVE-2010-4885 (Cross-site scripting (XSS) vulnerability in the XING Button (xing) ext ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2010-4884
+CVE-2010-4884 (PHP remote file inclusion vulnerability in guestbook/gbook.php in Gaes ...)
 	NOT-FOR-US: Gaestebuch
-CVE-2010-4883
+CVE-2010-4883 (Cross-site scripting (XSS) vulnerability in manager/index.php in MODx  ...)
 	NOT-FOR-US: MODx Revolution
-CVE-2010-4882
+CVE-2010-4882 (Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS 1. ...)
 	NOT-FOR-US: Auto CMS
-CVE-2010-4881
+CVE-2010-4881 (Multiple cross-site request forgery (CSRF) vulnerabilities in calendar ...)
 	NOT-FOR-US: ApPHP Calendar
-CVE-2010-4880
+CVE-2010-4880 (Multiple cross-site scripting (XSS) vulnerabilities in calendar.class. ...)
 	NOT-FOR-US: ApPHP Calendar
-CVE-2010-4879
+CVE-2010-4879 (PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0  ...)
 	- php-dompdf 0.6.1+dfsg-1
-CVE-2010-4878
+CVE-2010-4878 (PHP remote file inclusion vulnerability in formmailer.php in Kontakt F ...)
 	NOT-FOR-US: Kontakt Formular
-CVE-2010-4877
+CVE-2010-4877 (Cross-site scripting (XSS) vulnerability in index.php in OneCMS 2.6.1  ...)
 	NOT-FOR-US: OneCMS
-CVE-2010-4876
+CVE-2010-4876 (SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows  ...)
 	NOT-FOR-US: mBlogger
-CVE-2010-4875
+CVE-2010-4875 (Cross-site scripting (XSS) vulnerability in vodpod-video-gallery/vodpo ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2010-4874
+CVE-2010-4874 (Multiple cross-site scripting (XSS) vulnerabilities in users.php in Ni ...)
 	NOT-FOR-US: NinkoBB
-CVE-2010-4873
+CVE-2010-4873 (Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 ...)
 	NOT-FOR-US: WeBid
-CVE-2010-4872
+CVE-2010-4872 (SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3  ...)
 	NOT-FOR-US: ASPilot Pilot Cart
-CVE-2010-4871
+CVE-2010-4871 (Unspecified vulnerability in SmartFTP before 4.0 Build 1142 allows att ...)
 	NOT-FOR-US: SmartFTP
-CVE-2010-4870
+CVE-2010-4870 (SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows re ...)
 	NOT-FOR-US: BloofoxCMS
-CVE-2010-4869
+CVE-2010-4869 (SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote ...)
 	NOT-FOR-US: DBHcms
-CVE-2010-4868
+CVE-2010-4868 (Cross-site scripting (XSS) vulnerability in search.php3 (aka search.ph ...)
 	NOT-FOR-US: W-Agora
-CVE-2010-4867
+CVE-2010-4867 (Directory traversal vulnerability in search.php3 (aka search.php) in W ...)
 	NOT-FOR-US: W-Agora
-CVE-2010-4866
+CVE-2010-4866 (SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows  ...)
 	NOT-FOR-US: Chipmunk Board
-CVE-2010-4865
+CVE-2010-4865 (SQL injection vulnerability in the JE Guestbook (com_jeguestbook) comp ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4864
+CVE-2010-4864 (SQL injection vulnerability in the Club Manager (com_clubmanager) comp ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4863
+CVE-2010-4863 (Cross-site scripting (XSS) vulnerability in admin/changedata.php in Ge ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2010-4862
+CVE-2010-4862 (SQL injection vulnerability in the JExtensions JE Directory (com_jedir ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4861
+CVE-2010-4861 (SQL injection vulnerability in asearch.php in webSPELL 4.2.1 allows re ...)
 	NOT-FOR-US: webSPELL
-CVE-2010-4860
+CVE-2010-4860 (SQL injection vulnerability in product_desc.php in MyPhpAuction 2010 a ...)
 	NOT-FOR-US: MyPhpAuction
-CVE-2010-4859
+CVE-2010-4859 (SQL injection vulnerability in index.php in WebAsyst Shop-Script allow ...)
 	NOT-FOR-US: WebAsyst Shop-Script
-CVE-2010-4858
+CVE-2010-4858 (Directory traversal vulnerability in team.rc5-72.php in DNET Live-Stat ...)
 	NOT-FOR-US: DNET Live-Stats
-CVE-2010-4857
+CVE-2010-4857 (SQL injection vulnerability in click.php in CAG CMS 0.2 Beta allows re ...)
 	NOT-FOR-US: CAG CMS
-CVE-2010-4856
+CVE-2010-4856 (SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote  ...)
 	NOT-FOR-US: xWeblog
-CVE-2010-4855
+CVE-2010-4855 (SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote at ...)
 	NOT-FOR-US: xWebLog
-CVE-2010-4854
+CVE-2010-4854 (SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magi ...)
 	NOT-FOR-US: Zuitu
-CVE-2010-4853
+CVE-2010-4853 (SQL injection vulnerability in the ccInvoices (com_ccinvoices) compone ...)
 	NOT-FOR-US: Joomla extension
-CVE-2010-4852
+CVE-2010-4852 (Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b ...)
 	NOT-FOR-US: Eclime
-CVE-2010-4851
+CVE-2010-4851 (Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote a ...)
 	NOT-FOR-US: Eclime
-CVE-2010-4850
+CVE-2010-4850 (Multiple cross-site scripting (XSS) vulnerabilities in Diferior 8.03 a ...)
 	NOT-FOR-US: Diferior
-CVE-2010-4849
+CVE-2010-4849 (SQL injection vulnerability in countrydetails.php in Alibaba Clone B2B ...)
 	NOT-FOR-US: Alibaba Clone B2B
-CVE-2010-4848
+CVE-2010-4848 (Multiple cross-site scripting (XSS) vulnerabilities in addlink.php in  ...)
 	NOT-FOR-US: AXScripts AxsLinks
-CVE-2010-4847
+CVE-2010-4847 (SQL injection vulnerability in view_item.php in MH Products MHP Downlo ...)
 	NOT-FOR-US: MH Products MHP Downloadshop
-CVE-2010-4846
+CVE-2010-4846 (SQL injection vulnerability in view_item.php in MH Products Pay Pal Sh ...)
 	NOT-FOR-US: MH Products Pay Pal Shop Digital
-CVE-2010-4845
+CVE-2010-4845 (Multiple SQL injection vulnerabilities in MH Products Projekt Shop all ...)
 	NOT-FOR-US: MH Products Projekt Shop
-CVE-2010-4844
+CVE-2010-4844 (SQL injection vulnerability in content.php in MH Products Easy Online  ...)
 	NOT-FOR-US: MH Products Easy Online Shop
-CVE-2010-4843
+CVE-2010-4843 (SQL injection vulnerability in website-page.php in PHP Web Scripts Ad  ...)
 	NOT-FOR-US: PHP Web Scripts Ad Manager Pro
-CVE-2010-4842
+CVE-2010-4842 (SQL injection vulnerability in admin/login.php in MHP DownloadScript ( ...)
 	NOT-FOR-US: MH Products Download Center
-CVE-2010-4841
+CVE-2010-4841 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Ev ...)
 	NOT-FOR-US: ManageEngine EventLog Analyzer
-CVE-2010-4840
+CVE-2010-4840 (Multiple buffer overflows in the Syslog server in ManageEngine EventLo ...)
 	NOT-FOR-US: ManageEngine EventLog Analyzer
-CVE-2010-4839
+CVE-2010-4839 (SQL injection vulnerability in the Event Registration plugin 5.32 and  ...)
 	NOT-FOR-US: Wordpress plugin Event Registration
-CVE-2010-4838
+CVE-2010-4838 (SQL injection vulnerability in the JSupport (com_jsupport) component 1 ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-4837
+CVE-2010-4837 (Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-4836
+CVE-2010-4836 (Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2 ...)
 	NOT-FOR-US: PHPShop
-CVE-2010-4835
+CVE-2010-4835 (Directory traversal vulnerability in index.php in OneOrZero AIMS 2.6.0 ...)
 	NOT-FOR-US: OneOrZero AIMS
-CVE-2010-4834
+CVE-2010-4834 (Multiple SQL injection vulnerabilities in index.php in OneOrZero AIMS  ...)
 	NOT-FOR-US: OneOrZero AIMS
-CVE-2010-4833
+CVE-2010-4833 (Untrusted search path vulnerability in modules/engines/ms-windows/xp_t ...)
 	- gtk+2.0 <not-affected> (win32 specific)
-CVE-2010-4832
+CVE-2010-4832 (Android OS before 2.2 does not display the correct SSL certificate in  ...)
 	NOT-FOR-US: Android
-CVE-2010-4831
+CVE-2010-4831 (Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in G ...)
 	- gtk+2.0 <not-affected> (Win32-specific)
-CVE-2010-4830
+CVE-2010-4830 (SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno ...)
 	NOT-FOR-US: Techno Dreams (T-Dreams) Job Career Package
-CVE-2010-4829
+CVE-2010-4829 (SQL injection vulnerability in processview.asp in Techno Dreams (T-Dre ...)
 	NOT-FOR-US: Techno Dreams
-CVE-2010-4828
+CVE-2010-4828 (Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orio ...)
 	NOT-FOR-US: SolarWinds Orion Network Performance Monitor
-CVE-2010-4827
+CVE-2010-4827 (Cross-site scripting (XSS) vulnerability in members.asp in Snitz Forum ...)
 	NOT-FOR-US: Snitz Forums
-CVE-2010-4826
+CVE-2010-4826 (SQL injection vulnerability in members.asp in Snitz Forums 2000 3.4.07 ...)
 	NOT-FOR-US: Snitz Forums
-CVE-2010-4825
+CVE-2010-4825 (Cross-site scripting (XSS) vulnerability in magpie_debug.php in the Tw ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2010-4824
+CVE-2010-4824 (SQL injection vulnerability in the augmentSQL method in core/model/Tra ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-4823
+CVE-2010-4823 (Cross-site scripting (XSS) vulnerability in the httpError method in sa ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-4822
+CVE-2010-4822 (core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when  ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2010-4821
+CVE-2010-4821 (Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.6.9 allo ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2010-4820
+CVE-2010-4820 (Untrusted search path vulnerability in Ghostscript 8.62 allows local u ...)
 	- ghostscript 8.71~dfsg2-6.1
 	[lenny] - ghostscript <no-dsa> (too risky for regressions)
-CVE-2010-4819
+CVE-2010-4819 (The ProcRenderAddGlyphs function in the Render extension (render/rende ...)
 	- xorg-server 2:1.9.0.901-1
 	[squeeze] - xorg-server 2:1.7.7-14
 	[lenny] - xorg-server <no-dsa> (Minor issue)
-CVE-2010-4818
+CVE-2010-4818 (The GLX extension in X.Org xserver 1.7.7 allows remote authenticated u ...)
 	- xorg-server 2:1.9.99.902-1
 	[squeeze] - xorg-server 2:1.7.7-4
 	[lenny] - xorg-server <no-dsa> (Minor issue)
@@ -1113,363 +1113,363 @@ CVE-2010-4816
 CVE-2010-4815
 	RESERVED
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2010-4814
+CVE-2010-4814 (SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) Adva ...)
 	NOT-FOR-US: Best Soft Inc.
-CVE-2010-4813
+CVE-2010-4813 (Cross-site scripting (XSS) vulnerability in the Category Tokens module ...)
 	NOT-FOR-US: Drupal 6.x Category Tokens module
-CVE-2010-4812
+CVE-2010-4812 (Multiple SQL injection vulnerabilities in 6kbbs 8.0 build 20100901 all ...)
 	NOT-FOR-US: 6kbbs
-CVE-2010-4811
+CVE-2010-4811 (Multiple cross-site scripting (XSS) vulnerabilities in ajaxmember.php  ...)
 	NOT-FOR-US: 6kbbs
-CVE-2010-4810
+CVE-2010-4810 (Multiple PHP remote file inclusion vulnerabilities in AR Web Content M ...)
 	NOT-FOR-US: AR Web Content Manager
-CVE-2010-4809
+CVE-2010-4809 (SQL injection vulnerability in index.php in DBSite 1.0 allows remote a ...)
 	NOT-FOR-US: DBSite
-CVE-2010-4808
+CVE-2010-4808 (SQL injection vulnerability in index.php in Webmatic allows remote att ...)
 	NOT-FOR-US: Webmatic
-CVE-2010-4805
+CVE-2010-4805 (The socket implementation in net/core/sock.c in the Linux kernel befor ...)
 	- linux-2.6 2.6.34-1
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2010-4807
+CVE-2010-4807 (Race condition in IBM Web Content Manager (WCM) 7.0.0.1 before CF003 a ...)
 	NOT-FOR-US: IBM Web Content Manager
-CVE-2010-4806
+CVE-2010-4806 (The authoring tool in IBM Web Content Manager (WCM) 6.1.5, and 7.0.0.1 ...)
 	NOT-FOR-US: IBM Web Content Manager
-CVE-2010-4804
+CVE-2010-4804 (The Android browser in Android before 2.3.4 allows remote attackers to ...)
 	NOT-FOR-US: Android Browser
-CVE-2010-4803
+CVE-2010-4803 (Mojolicious before 0.999927 does not properly implement HMAC-MD5 check ...)
 	{DSA-2239-1}
 	- libmojolicious-perl 0.999929-1
-CVE-2010-4802
+CVE-2010-4802 (Commands.pm in Mojolicious before 0.999928 does not properly perform C ...)
 	{DSA-2239-1}
 	- libmojolicious-perl 0.999929-1
-CVE-2010-4801
+CVE-2010-4801 (Directory traversal vulnerability in admin/updatelist.php in BaconMap  ...)
 	NOT-FOR-US: BaconMap
-CVE-2010-4800
+CVE-2010-4800 (SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote ...)
 	NOT-FOR-US: BaconMap
-CVE-2010-4799
+CVE-2010-4799 (Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when m ...)
 	NOT-FOR-US: Chipmunk Pwngame
-CVE-2010-4798
+CVE-2010-4798 (Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 al ...)
 	NOT-FOR-US: OrangeHRM
-CVE-2010-4797
+CVE-2010-4797 (Multiple SQL injection vulnerabilities in the log-in form in Truworth  ...)
 	NOT-FOR-US: Truworth Flex Timesheet
-CVE-2010-4796
+CVE-2010-4796 (Multiple SQL injection vulnerabilities in PHPYun 1.1.6 allow remote at ...)
 	NOT-FOR-US: PHPYun
-CVE-2010-4795
+CVE-2010-4795 (SQL injection vulnerability in the JS Calendar (com_jscalendar) compon ...)
 	NOT-FOR-US: JS Calendar component for Joomla!
-CVE-2010-4794
+CVE-2010-4794 (Multiple cross-site scripting (XSS) vulnerabilities in the JoomlaSelle ...)
 	NOT-FOR-US: JoomlaSeller JS Calendar component for Joomla!
-CVE-2010-4793
+CVE-2010-4793 (SQL injection vulnerability in detail.asp in Site2Nite Auto e-Manager  ...)
 	NOT-FOR-US: Site2Nite Auto e-Manager
-CVE-2010-4792
+CVE-2010-4792 (Cross-site scripting (XSS) vulnerability in title.php in OPEN IT OverL ...)
 	NOT-FOR-US: OPEN IT OverLook
-CVE-2010-4791
+CVE-2010-4791 (SQL injection vulnerability in infusions/mg_user_fotoalbum_panel/mg_us ...)
 	NOT-FOR-US: MG User-Fotoalbum module for PHP-Fusion
-CVE-2010-4790
+CVE-2010-4790 (Directory traversal vulnerability in FilterFTP 2.0.3, 2.0.5, and proba ...)
 	NOT-FOR-US: FilterFTP
-CVE-2010-4789
+CVE-2010-4789 (Use-after-free vulnerability in the proxy-server implementation in IBM ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2010-4788
+CVE-2010-4788 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV ...)
 	NOT-FOR-US: Tivoli
-CVE-2010-4787
+CVE-2010-4787 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV ...)
 	NOT-FOR-US: Tivoli
-CVE-2010-4786
+CVE-2010-4786 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV ...)
 	NOT-FOR-US: Tivoli
-CVE-2010-4785
+CVE-2010-4785 (The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server  ...)
 	NOT-FOR-US: Tivoli
-CVE-2010-4784
+CVE-2010-4784 (Multiple SQL injection vulnerabilities in member.php in PHP Web Script ...)
 	NOT-FOR-US: PHP Web Scripts Easy Banner Free
-CVE-2010-4783
+CVE-2010-4783 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in PH ...)
 	NOT-FOR-US: PHP Web Scripts Easy Banner Free
-CVE-2010-4782
+CVE-2010-4782 (Multiple SQL injection vulnerabilities in list.asp in Softwebs Nepal ( ...)
 	NOT-FOR-US: Softwebs Nepal Ananda Real Estate
-CVE-2010-4781
+CVE-2010-4781 (index.php in Enano CMS 1.1.7pl1, and possibly other versions before 1. ...)
 	NOT-FOR-US: Enano CMS
-CVE-2010-4780
+CVE-2010-4780 (SQL injection vulnerability in the check_banlist function in includes/ ...)
 	NOT-FOR-US: Enano CMS
-CVE-2010-4779
+CVE-2010-4779 (Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php  ...)
 	NOT-FOR-US: WPtouch plugin for WordPress
-CVE-2010-4778
+CVE-2010-4778 (Multiple cross-site scripting (XSS) vulnerabilities in fetchmailprefs. ...)
 	- imp4 4.3.10+debian0-1
 	[squeeze] - imp4 <no-dsa> (Minor issue)
-CVE-2010-4777
+CVE-2010-4777 (The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14 ...)
 	- perl 5.20.1-1 (unimportant; bug #628836)
 	NOTE: Only affects Perl builds with enabled assertions, i.e. the debugperl binary from perl-debug
 	NOTE: likely fixed sometime around 5.18, but 5.20 was the version checked
-CVE-2010-4776
+CVE-2010-4776 (SQL injection vulnerability in takefreestart.php in PreProjects Pre On ...)
 	NOT-FOR-US: PreProjects Pre Online Tests Generator Pro
-CVE-2010-4775
+CVE-2010-4775 (The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5  ...)
 	NOT-FOR-US: Relevant Content addon for Drupal
-CVE-2010-4774
+CVE-2010-4774 (SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote a ...)
 	NOT-FOR-US: AuraCMS
-CVE-2010-4773
+CVE-2010-4773 (Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D  ...)
 	NOT-FOR-US: Hitachi EUR Form, uCosminexus EUR Form Service
-CVE-2010-4772
+CVE-2010-4772 (Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS 2 ...)
 	NOT-FOR-US: S-CMS
-CVE-2010-4771
+CVE-2010-4771 (SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remot ...)
 	NOT-FOR-US: S-CMS
-CVE-2010-4770
+CVE-2010-4770 (SQL injection vulnerability in index.php in CommodityRentals DVD Renta ...)
 	NOT-FOR-US: CommodityRentals DVD Rentals Script
-CVE-2010-4769
+CVE-2010-4769 (Directory traversal vulnerability in the Jimtawl (com_jimtawl) compone ...)
 	NOT-FOR-US: Jimtawl
-CVE-2010-4768
+CVE-2010-4768 (Open Ticket Request System (OTRS) before 2.3.5 does not properly disab ...)
 	- otrs2 2.4.5-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2010-4767
+CVE-2010-4767 (Open Ticket Request System (OTRS) before 2.3.6 does not properly handl ...)
 	- otrs2 2.4.5-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2010-4766
+CVE-2010-4766 (The AgentTicketForward feature in Open Ticket Request System (OTRS) be ...)
 	- otrs2 2.4.7+dfsg1-1 (unimportant)
 	NOTE: Marginal security impact, standard bug
-CVE-2010-4765
+CVE-2010-4765 (Race condition in the Kernel::System::Main::FileWrite method in Open T ...)
 	- otrs2 2.4.8+dfsg1-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2010-4764
+CVE-2010-4764 (Open Ticket Request System (OTRS) before 2.4.10, and 3.x before 3.0.3, ...)
 	- otrs2 2.4.10+dfsg1-1 (unimportant)
 	NOTE: Marginal security impact, standard bug
-CVE-2010-4763
+CVE-2010-4763 (The ACL-customer-status Ticket Type setting in Open Ticket Request Sys ...)
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: Negligible security impact
-CVE-2010-4762
+CVE-2010-4762 (Cross-site scripting (XSS) vulnerability in the rich-text-editor compo ...)
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: Negligible security impact
-CVE-2010-4761
+CVE-2010-4761 (The customer-interface ticket-print dialog in Open Ticket Request Syst ...)
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: Marginal security impact, standard bug
-CVE-2010-4760
+CVE-2010-4760 (Open Ticket Request System (OTRS) before 3.0.0-beta6 adds email-notifi ...)
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: No security impact, feature enhancement
-CVE-2010-4759
+CVE-2010-4759 (Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly ...)
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: No security impact, feature enhancement
-CVE-2010-4758
+CVE-2010-4758 (installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an  ...)
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: Negligible security enhancement
-CVE-2010-4757
+CVE-2010-4757 (Cross-site scripting (XSS) vulnerability in submitnews.php in e107 bef ...)
 	NOT-FOR-US: e107
-CVE-2010-4756
+CVE-2010-4756 (The glob implementation in the GNU C Library (aka glibc or libc6) allo ...)
 	- glibc <removed> (unimportant)
 	- eglibc <unfixed> (unimportant)
 	NOTE: That's standard POSIX behaviour implemented by (e)glibc. Applications using
 	NOTE: glob need to impose limits for themselves
-CVE-2010-4755
+CVE-2010-4755 (The (1) remote_glob function in sftp-glob.c and the (2) process_put fu ...)
 	NOTE: That's essentially shooting yourself in your own foot:
 	NOTE: http://lists.mindrot.org/pipermail/openssh-unix-dev/2011-March/029433.html
-CVE-2010-4754
+CVE-2010-4754 (The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2,  ...)
 	NOT-FOR-US: FreeBSD/NetBSD libc
-CVE-2010-4753
+CVE-2010-4753 (Cross-site scripting (XSS) vulnerability in LightNEasy.php in LightNEa ...)
 	NOT-FOR-US: LightNEasy
-CVE-2010-4752
+CVE-2010-4752 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, whe ...)
 	NOT-FOR-US: LightNEasy
-CVE-2010-4751
+CVE-2010-4751 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, whe ...)
 	NOT-FOR-US: LightNEasy
-CVE-2010-4750
+CVE-2010-4750 (Cross-site request forgery (CSRF) vulnerability in admin/libs/ADMIN.ph ...)
 	NOT-FOR-US: BLOG:CMS
-CVE-2010-4749
+CVE-2010-4749 (Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1. ...)
 	NOT-FOR-US: BLOG:CMS
-CVE-2010-4748
+CVE-2010-4748 (Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki 2.2.2 ...)
 	NOT-FOR-US: pmwiki
-CVE-2010-4747
+CVE-2010-4747 (Cross-site scripting (XSS) vulnerability in wordpress-processing-embed ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2010-4746
+CVE-2010-4746 (Multiple memory leaks in the normalization functionality in 389 Direct ...)
 	NOT-FOR-US: 389 LDAP server
-CVE-2010-4745
+CVE-2010-4745 (Cross-site scripting (XSS) vulnerability in nav.html in PHPXref before ...)
 	NOT-FOR-US: PHPXref
-CVE-2010-4744
+CVE-2010-4744 (Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unk ...)
 	- abcm2ps 5.9.22-1 (low)
 	[squeeze] - abcm2ps <no-dsa> (Minor issue)
 	[lenny] - abcm2ps <no-dsa> (Minor issue)
-CVE-2010-4743
+CVE-2010-4743 (Heap-based buffer overflow in the getarena function in abc2ps.c in abc ...)
 	- abcm2ps 5.9.22-1 (low)
 	[squeeze] - abcm2ps <no-dsa> (Minor issue)
 	[lenny] - abcm2ps <no-dsa> (Minor issue)
-CVE-2010-4742
+CVE-2010-4742 (Stack-based buffer overflow in a certain ActiveX control in MediaDBPla ...)
 	NOT-FOR-US: MediaDBPlayback.DLL
-CVE-2010-4741
+CVE-2010-4741 (Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool  ...)
 	NOT-FOR-US: Moxa Device Manager
-CVE-2010-4740
+CVE-2010-4740 (Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC ...)
 	NOT-FOR-US: SCADA Engine BACnet
-CVE-2010-4739
+CVE-2010-4739 (SQL injection vulnerability in the Maian Media Silver (com_maianmedia) ...)
 	NOT-FOR-US: Maian Media Silver
-CVE-2010-4738
+CVE-2010-4738 (Multiple SQL injection vulnerabilities in Rae Media INC Real Estate Si ...)
 	NOT-FOR-US: Rae Media INC Real Estate Single and Multi Agent System
-CVE-2010-4737
+CVE-2010-4737 (SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb Ren ...)
 	NOT-FOR-US: HotWebScripts HotWeb Rentals
-CVE-2010-4736
+CVE-2010-4736 (SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and  ...)
 	NOT-FOR-US: GateSoft DocuSafe
-CVE-2010-4735
+CVE-2010-4735 (SQL injection vulnerability in shoppingcart.asp in Ecommercemax Soluti ...)
 	NOT-FOR-US: Ecommercemax Solutions Digital-goods seller
-CVE-2010-4734
+CVE-2010-4734 (Multiple cross-site scripting (XSS) vulnerabilities in the comment fea ...)
 	NOT-FOR-US: Skeletonz CMS
-CVE-2010-4733
+CVE-2010-4733 (WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway ...)
 	NOT-FOR-US: WebSCADA
-CVE-2010-4732
+CVE-2010-4732 (cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modb ...)
 	NOT-FOR-US: WebSCADA
-CVE-2010-4731
+CVE-2010-4731 (Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA  ...)
 	NOT-FOR-US: WebSCADA
-CVE-2010-4730
+CVE-2010-4730 (Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS10 ...)
 	NOT-FOR-US: WebSCADA
-CVE-2010-4729
+CVE-2010-4729 (Zikula before 1.2.3 does not use the authid protection mechanism for ( ...)
 	NOT-FOR-US: zikula
-CVE-2010-4728
+CVE-2010-4728 (Zikula before 1.3.1 uses the rand and srand PHP functions for random n ...)
 	NOT-FOR-US: zikula
-CVE-2010-4727
+CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the &lt;?php and ? ...)
 	- smarty3 3.0~rc1-1
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-4726
+CVE-2010-4726 (Unspecified vulnerability in the math plugin in Smarty before 3.0.0 RC ...)
 	- smarty3 3.0.8-1
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-4725
+CVE-2010-4725 (Smarty before 3.0.0 RC3 does not properly handle an on value of the as ...)
 	- smarty3 3.0.8-1
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-4724
+CVE-2010-4724 (Multiple unspecified vulnerabilities in the parser implementation in S ...)
 	- smarty3 3.0.8-1
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-4723
+CVE-2010-4723 (Smarty before 3.0.0, when security is enabled, does not prevent access ...)
 	- smarty3 3.0.8-1
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-4722
+CVE-2010-4722 (Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 h ...)
 	- smarty3 3.0.8-1
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-4721
+CVE-2010-4721 (SQL injection vulnerability in news.php in Immo Makler allows remote a ...)
 	NOT-FOR-US: Immo Makler
-CVE-2010-4720
+CVE-2010-4720 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) co ...)
 	NOT-FOR-US: Joomla JEAuto addon
-CVE-2010-4719
+CVE-2010-4719 (Directory traversal vulnerability in JRadio (com_jradio) component bef ...)
 	NOT-FOR-US: Joomla JRadio addon
-CVE-2010-4718
+CVE-2010-4718 (Multiple cross-site scripting (XSS) vulnerabilities in the Lyftenblogg ...)
 	NOT-FOR-US: Joomla Lyftenbloggie addon
-CVE-2010-4717
+CVE-2010-4717 (Multiple stack-based buffer overflows in the IMAP server component in  ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4716
+CVE-2010-4716 (Cross-site scripting (XSS) vulnerability in the WebPublisher component ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4715
+CVE-2010-4715 (Multiple directory traversal vulnerabilities in the (1) WebAccess Agen ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4714
+CVE-2010-4714 (Multiple stack-based buffer overflows in Novell GroupWise before 8.02H ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4713
+CVE-2010-4713 (Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4712
+CVE-2010-4712 (Multiple stack-based buffer overflows in gwia.exe in GroupWise Interne ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4711
+CVE-2010-4711 (Double free vulnerability in the IMAP server component in GroupWise In ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2010-4710
+CVE-2010-4710 (Cross-site scripting (XSS) vulnerability in the addItem method in the  ...)
 	- yui <removed> (unimportant)
 	NOTE: Mostly a case of mis-documentation
-CVE-2010-4709
+CVE-2010-4709 (Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OP ...)
 	NOT-FOR-US: Automated Solutions Modbus/TCP Master
-CVE-2010-4708
+CVE-2010-4708 (The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the  ...)
 	- pam 1.1.3-7.1 (low; bug #611136)
 	[lenny] - pam <no-dsa> (Minor issue, too invasive for a stable release)
 	[squeeze] - pam <no-dsa> (Minor issue, too invasive for a stable release)
-CVE-2010-4707
+CVE-2010-4707 (The check_acl function in pam_xauth.c in the pam_xauth module in Linux ...)
 	- pam 1.1.3-1 (low)
 	[lenny] - pam <no-dsa> (Minor issue)
 	[squeeze] - pam <no-dsa> (Minor issue)
-CVE-2010-4706
+CVE-2010-4706 (The pam_sm_close_session function in pam_xauth.c in the pam_xauth modu ...)
 	- pam 1.1.3-1 (low)
 	[lenny] - pam <no-dsa> (Minor issue)
 	[squeeze] - pam <no-dsa> (Minor issue)
-CVE-2010-4705
+CVE-2010-4705 (Integer overflow in the vorbis_residue_decode_internal function in lib ...)
 	{DSA-2165-1}
 	- ffmpeg <not-affected> (issue introduced in 0.6.x series; bug #611495)
 	- ffmpeg-debian <removed>
 	NOTE: recheck when 0.6.x gets uploaded
-CVE-2010-4704
+CVE-2010-4704 (libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earl ...)
 	{DSA-2306-1 DSA-2165-1}
 	- libav 4:0.6.2-1 (low; bug #611495)
 	- ffmpeg 7:2.4.1-1 (low; bug #611495)
 	- ffmpeg-debian <removed>
 	NOTE: this is a crash found by fuzzing and not clearly exploitable (can be combined with other fixes so low urgency)
-CVE-2010-4703
+CVE-2010-4703 (SQL injection vulnerability in default.asp in HotWebScripts HotWeb Ren ...)
 	NOT-FOR-US: HotWebScripts HotWeb Rentals
-CVE-2010-4702
+CVE-2010-4702 (SQL injection vulnerability in JRadio (com_jradio) component before 1. ...)
 	NOT-FOR-US: Joomla component
-CVE-2010-4701
+CVE-2010-4701 (Heap-based buffer overflow in the CDrawPoly::Serialize function in fxs ...)
 	NOT-FOR-US: Microsoft Windows Fax Services Cover Page Editor
-CVE-2010-4700
+CVE-2010-4700 (The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the ...)
 	- php5 <not-affected> (vuln code in mysqlnd, we use libmysqlclient)
-CVE-2010-4699
+CVE-2010-4699 (The iconv_mime_decode_headers function in the Iconv extension in PHP b ...)
 	- php5 5.3.5-1 (unimportant)
-CVE-2010-4698
+CVE-2010-4698 (Stack-based buffer overflow in the GD extension in PHP before 5.2.15 a ...)
 	- php5 5.3.3-7 (unimportant)
 	NOTE: Only exloitable with malicious script
-CVE-2010-4697
+CVE-2010-4697 (Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 a ...)
 	{DSA-2408-1}
 	- php5 5.3.5-1 (unimportant)
 	NOTE: requires attacker to be able to execute code already
-CVE-2010-4696
+CVE-2010-4696 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22  ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-4695
+CVE-2010-4695 (A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as di ...)
 	- gif2png 2.5.4-2 (low; bug #610479)
 	[lenny] - gif2png <no-dsa> (Minor issue)
 	[squeeze] - gif2png <no-dsa> (Minor issue)
-CVE-2010-4694
+CVE-2010-4694 (Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow  ...)
 	- gif2png 2.5.4-2 (low; bug #610479)
 	[lenny] - gif2png <no-dsa> (Minor issue)
 	[squeeze] - gif2png <no-dsa> (Minor issue)
-CVE-2010-4693
+CVE-2010-4693 (Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Phot ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2010-4692
+CVE-2010-4692 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4691
+CVE-2010-4691 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4690
+CVE-2010-4690 (The Mobile User Security (MUS) service on Cisco Adaptive Security Appl ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4689
+CVE-2010-4689 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4688
+CVE-2010-4688 (Unspecified vulnerability in the SIP inspection feature on Cisco Adapt ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4687
+CVE-2010-4687 (STCAPP (aka the SCCP telephony control application) on Cisco IOS befor ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-4686
+CVE-2010-4686 (CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not prop ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-4685
+CVE-2010-4685 (Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-4684
+CVE-2010-4684 (Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, a ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-4683
+CVE-2010-4683 (Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attacker ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-4682
+CVE-2010-4682 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series de ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4681
+CVE-2010-4681 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4680
+CVE-2010-4680 (The WebVPN implementation on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4679
+CVE-2010-4679 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4678
+CVE-2010-4678 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4677
+CVE-2010-4677 (emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series devices  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4676
+CVE-2010-4676 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4675
+CVE-2010-4675 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4674
+CVE-2010-4674 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4673
+CVE-2010-4673 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4672
+CVE-2010-4672 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4671
+CVE-2010-4671 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-4670
+CVE-2010-4670 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2010-4669
+CVE-2010-4669 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-4645
+CVE-2010-4645 (strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 ...)
 	- php5 5.3.3-7 (high)
 	[lenny] - php5 <not-affected>
 	NOTE: lenny10 includes a test for the bug. With lenny's toolchain
@@ -1479,17 +1479,17 @@ CVE-2010-XXXX [XSS in ftpls]
 	[squeeze] - ftpcopy <no-dsa> (Minor issue)
 	[lenny] - ftpcopy <no-dsa> (Minor issue)
 	NOTE: CVE ID requested
-CVE-2010-4668
+CVE-2010-4668 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux kerne ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
-CVE-2010-4667
+CVE-2010-4667 (Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery ( ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2010-4666
+CVE-2010-4666 (Buffer overflow in libarchive 3.0 pre-release code allows remote attac ...)
 	- libarchive 3.0.4-2 (bug #669197)
 	[squeeze] - libarchive <not-affected> (no cab support prior to 3.0)
 	NOTE: http://code.google.com/p/libarchive/source/detail?r=488ef3fb28c416285ebe4c00266268db7330466b
 	NOTE: Might be fixed earlier than 3.0.4-2, but was tested against the Wheezy version
-CVE-2010-4665
+CVE-2010-4665 (Integer overflow in the ReadDirectory function in tiffdump.c in tiffdu ...)
 	{DSA-2552-1}
 	- tiff <not-affected> (vulnerable code not present)
 	- tiff3 3.9.5
@@ -1497,7 +1497,7 @@ CVE-2010-4664
 	RESERVED
 	- consolekit 0.4.2-1 (low)
 	[squeeze] - consolekit <no-dsa> (Minor issue)
-CVE-2010-4663
+CVE-2010-4663 (Unspecified vulnerability in the News module in CMS Made Simple (CMSMS ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2010-4662
 	RESERVED
@@ -1524,12 +1524,12 @@ CVE-2010-4657 [xmlTextWriterWriteAttribute heap disclosure]
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=631551
 	NOTE: Not sure when this was initially fixed, tested with the initial Wheezy version 5.4.4
 	NOTE: and the reproducer from https://bugs.launchpad.net/php/%2Bbug/655442
-CVE-2010-4656
+CVE-2010-4656 (The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Li ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.37-1
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2010-4655
+CVE-2010-4655 (net/core/ethtool.c in the Linux kernel before 2.6.36 does not initiali ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.32-27
 CVE-2010-4654 [Malformed commands may cause corruption of the internal stack]
@@ -1548,182 +1548,182 @@ CVE-2010-4653 [integer overflow when parsing CharCodes for fonts]
 	[lenny] - poppler <no-dsa> (minor issue)
 	[squeeze] - poppler 0.12.4-1.2+squeeze1
 	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=cad66a7d25abdb6aa15f3aa94a35737b119b2659
-CVE-2010-4652
+CVE-2010-4652 (Heap-based buffer overflow in the sql_prepare_where function (contrib/ ...)
 	{DSA-2191-1}
 	- proftpd-dfsg 1.3.3a-6
-CVE-2010-4651
+CVE-2010-4651 (Directory traversal vulnerability in util.c in GNU patch 2.6.1 and ear ...)
 	- patch <unfixed> (unimportant)
 	NOTE: Applying a patch blindly opens more severe security issues than only directory traversal...
 	NOTE: openwall ships a fix
 	NOTE: See https://bugzilla.redhat.com/show_bug.cgi?id=667529 for details
-CVE-2010-4650
+CVE-2010-4650 (Buffer overflow in the fuse_do_ioctl function in fs/fuse/file.c in the ...)
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.29)
-CVE-2010-4649
+CVE-2010-4649 (Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniba ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4648
+CVE-2010-4648 (The orinoco_ioctl_set_auth function in drivers/net/wireless/orinoco/we ...)
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.28)
-CVE-2010-4647
+CVE-2010-4647 (Multiple cross-site scripting (XSS) vulnerabilities in the Help Conten ...)
 	- eclipse 3.5.2-9 (low; bug #611849)
 	[squeeze] - eclipse 3.5.2-6squeeze2
-CVE-2010-4646
+CVE-2010-4646 (Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 all ...)
 	- hastymail <removed>
-CVE-2010-4644
+CVE-2010-4644 (Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 ...)
 	- subversion 1.6.12dfsg-3 (low; bug #608989)
 	[lenny] - subversion <no-dsa> (Minor issue)
-CVE-2010-4643
+CVE-2010-4643 (Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and  ...)
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-4642
+CVE-2010-4642 (Cross-site scripting (XSS) vulnerability in XWiki Enterprise before 2. ...)
 	NOT-FOR-US: XWiki
-CVE-2010-4641
+CVE-2010-4641 (SQL injection vulnerability in XWiki Enterprise before 2.5 allows remo ...)
 	NOT-FOR-US: XWiki
-CVE-2010-4640
+CVE-2010-4640 (Multiple cross-site scripting (XSS) vulnerabilities in XWiki Watch 1.0 ...)
 	NOT-FOR-US: XWiki
-CVE-2010-4639
+CVE-2010-4639 (SQL injection vulnerability in index.php in MySource Matrix allows rem ...)
 	NOT-FOR-US: MySource Matrix
-CVE-2010-4638
+CVE-2010-4638 (SQL injection vulnerability in the submitSurvey function in controller ...)
 	NOT-FOR-US: Joomla! JQuarks4s component
-CVE-2010-4637
+CVE-2010-4637 (Cross-site scripting (XSS) vulnerability in feedlist/handler_image.php ...)
 	NOT-FOR-US: FeedList
-CVE-2010-4636
+CVE-2010-4636 (SQL injection vulnerability in detail.asp in Site2Nite Business e-List ...)
 	NOT-FOR-US: Site2Nite
-CVE-2010-4635
+CVE-2010-4635 (SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental ...)
 	NOT-FOR-US: Site2Nite
 CVE-2010-4634
 	NOT-FOR-US: osTicket
-CVE-2010-4633
+CVE-2010-4633 (SQL injection vulnerability in cart.php in digiSHOP 2.0.2 allows remot ...)
 	NOT-FOR-US: digiSHOP
-CVE-2010-4632
+CVE-2010-4632 (Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow ...)
 	NOT-FOR-US: ASPilot Pilot Cart
-CVE-2010-4631
+CVE-2010-4631 (Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot C ...)
 	NOT-FOR-US: ASPilot Pilot Cart
-CVE-2010-4630
+CVE-2010-4630 (Cross-site scripting (XSS) vulnerability in pages/admin/surveys/create ...)
 	NOT-FOR-US: WordPress Survey and Quiz Tool plugin
-CVE-2010-4629
+CVE-2010-4629 (MyBB (aka MyBulletinBoard) before 1.4.12 does not properly restrict ui ...)
 	NOT-FOR-US: MyBB
-CVE-2010-4628
+CVE-2010-4628 (member.php in MyBB (aka MyBulletinBoard) before 1.4.12 makes a certain ...)
 	NOT-FOR-US: MyBB
-CVE-2010-4627
+CVE-2010-4627 (Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB ...)
 	NOT-FOR-US: MyBB
-CVE-2010-4626
+CVE-2010-4626 (The my_rand function in functions.php in MyBB (aka MyBulletinBoard) be ...)
 	NOT-FOR-US: MyBB
-CVE-2010-4625
+CVE-2010-4625 (MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a co ...)
 	NOT-FOR-US: MyBB
-CVE-2010-4624
+CVE-2010-4624 (MyBB (aka MyBulletinBoard) before 1.4.12 allows remote authenticated u ...)
 	NOT-FOR-US: MyBB
-CVE-2010-4623
+CVE-2010-4623 (WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1 ...)
 	NOT-FOR-US: IBM Tivoli Access Manager
-CVE-2010-4622
+CVE-2010-4622 (Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Mana ...)
 	NOT-FOR-US: IBM Tivoli Access Manager
 CVE-2010-4621
 	RESERVED
 CVE-2010-4620
 	RESERVED
-CVE-2010-4543
+CVE-2010-4543 (Heap-based buffer overflow in the read_channel_data function in file-p ...)
 	{DSA-2426-1}
 	- gimp 2.6.11-2 (low; bug #608497)
-CVE-2010-4542
+CVE-2010-4542 (Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb functi ...)
 	{DSA-2426-1}
 	- gimp 2.6.11-2 (low; bug #608497)
-CVE-2010-4541
+CVE-2010-4541 (Stack-based buffer overflow in the loadit function in plug-ins/common/ ...)
 	{DSA-2426-1}
 	- gimp 2.6.11-2 (low; bug #608497)
-CVE-2010-4540
+CVE-2010-4540 (Stack-based buffer overflow in the load_preset_response function in pl ...)
 	{DSA-2426-1}
 	- gimp 2.6.11-2 (low; bug #608497)
-CVE-2010-4619
+CVE-2010-4619 (SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka Ma ...)
 	NOT-FOR-US: Mafya Oyun Scrpti
-CVE-2010-4618
+CVE-2010-4618 (Cross-site scripting (XSS) vulnerability in the Algis Info aiContactSa ...)
 	NOT-FOR-US: Algis Info for Joomla!
-CVE-2010-4617
+CVE-2010-4617 (Directory traversal vulnerability in the JotLoader (com_jotloader) com ...)
 	NOT-FOR-US: JotLoader for Joomla!
-CVE-2010-4616
+CVE-2010-4616 (Cross-site scripting (XSS) vulnerability in modules/content/admin/cont ...)
 	NOT-FOR-US: ImpressCMS
-CVE-2010-4615
+CVE-2010-4615 (Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow ...)
 	NOT-FOR-US: Oto Galeri Sistemi
-CVE-2010-4614
+CVE-2010-4614 (SQL injection vulnerability in item.php in Ero Auktion 2010 allows rem ...)
 	NOT-FOR-US: Ero Auktion
-CVE-2010-4613
+CVE-2010-4613 (Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow  ...)
 	NOT-FOR-US: Hycus CMS
-CVE-2010-4612
+CVE-2010-4612 (Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3 ...)
 	NOT-FOR-US: Hycus CMS
-CVE-2010-4611
+CVE-2010-4611 (Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: Html-edit CMS
-CVE-2010-4610
+CVE-2010-4610 (Cross-site scripting (XSS) vulnerability in index.php in Html-edit CMS ...)
 	NOT-FOR-US: Html-edit CMS
-CVE-2010-4609
+CVE-2010-4609 (SQL injection vulnerability in index.php in Html-edit CMS 3.1.8 allows ...)
 	NOT-FOR-US: Html-edit CMS
-CVE-2010-4608
+CVE-2010-4608 (Habari 0.6.5 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: Habari
-CVE-2010-4607
+CVE-2010-4607 (Multiple cross-site scripting (XSS) vulnerabilities in Habari 0.6.5, w ...)
 	NOT-FOR-US: Habari
-CVE-2010-4606
+CVE-2010-4606 (Unspecified vulnerability in the Space Management client in the Hierar ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-4605
+CVE-2010-4605 (Unspecified vulnerability in the backup-archive client in IBM Tivoli S ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-4604
+CVE-2010-4604 (Stack-based buffer overflow in the GeneratePassword function in dsmtca ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-4603
+CVE-2010-4603 (IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2010-4602
+CVE-2010-4602 (The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7 ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2010-4601
+CVE-2010-4601 (Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x  ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2010-4600
+CVE-2010-4600 (Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1 ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2010-4599
+CVE-2010-4599 (Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 all ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2010-4598
+CVE-2010-4598 (Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and e ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2010-4597
+CVE-2010-4597 (Stack-based buffer overflow in the save method in the IntegraXor.Proje ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2010-4596
+CVE-2010-4596 (Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, a ...)
 	NOT-FOR-US: RealNetworks Helix
-CVE-2010-4595
+CVE-2010-4595 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 disabl ...)
 	NOT-FOR-US: IBM Lotus Mobile Connect
-CVE-2010-4594
+CVE-2010-4594 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when  ...)
 	NOT-FOR-US: IBM Lotus Mobile Connect
-CVE-2010-4593
+CVE-2010-4593 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does n ...)
 	NOT-FOR-US: IBM Lotus Mobile Connect
-CVE-2010-4592
+CVE-2010-4592 (The Mobile Network Connections functionality in the Connection Manager ...)
 	NOT-FOR-US: IBM Lotus Mobile Connect
-CVE-2010-4591
+CVE-2010-4591 (The Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4, ...)
 	NOT-FOR-US: IBM Lotus Mobile Connect
-CVE-2010-4590
+CVE-2010-4590 (Cross-site scripting (XSS) vulnerability in HTTP Access Services (HTTP ...)
 	NOT-FOR-US: IBM Lotus Mobile Connect
-CVE-2010-4589
+CVE-2010-4589 (Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote ...)
 	NOT-FOR-US: IBM ENOVIA 6
-CVE-2010-4588
+CVE-2010-4588 (The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI Ad ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-4578
+CVE-2010-4578 (Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do n ...)
 	{DSA-2188-1}
 	- chromium-browser 6.0.472.63~r59945-4
 	- webkit 1.2.7-1
 	NOTE: http://trac.webkit.org/changeset/73432
-CVE-2010-4577
+CVE-2010-4577 (The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp  ...)
 	{DSA-2188-1}
 	- chromium-browser 6.0.472.63~r59945-4
 	- webkit 1.2.7-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=49883
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=63866
 	NOTE: http://trac.webkit.org/changeset/72685
-CVE-2010-4576
+CVE-2010-4576 (browser/worker_host/message_port_dispatcher.cc in Google Chrome before ...)
 	- chromium-browser 6.0.472.63~r59945-4 (bug #607843; low)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=63529
-CVE-2010-4575
+CVE-2010-4575 (The ThemeInstalledInfoBarDelegate::Observe function in browser/extensi ...)
 	- chromium-browser 6.0.472.63~r59945-4 (bug #607846; low)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=60761
 	NOTE: http://codereview.chromium.org/5326011/
-CVE-2010-4574
+CVE-2010-4574 (The Pickle::Pickle function in base/pickle.cc in Google Chrome before  ...)
 	- chromium-browser 6.0.472.63~r59945-4 (bug #607848; low)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=56449
 	NOTE: http://codereview.chromium.org/4716006
-CVE-2010-4573
+CVE-2010-4573 (The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is p ...)
 	NOT-FOR-US: VMware ESXi
-CVE-2010-4572
+CVE-2010-4572 (CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, 3 ...)
 	{DSA-2322-1}
 	- bugzilla <removed>
 	[squeeze] - bugzilla 3.6.2.0-4.4
@@ -1731,34 +1731,34 @@ CVE-2010-4572
 	NOTE: perl and associate packages are CVE-2010-2761 and CVE-2010-4411 (see above reference)
 CVE-2010-4571
 	RESERVED
-CVE-2010-4570
+CVE-2010-4570 (Cross-site scripting (XSS) vulnerability in the duplicate-detection fu ...)
 	- bugzilla <not-affected> (vulnerable code introduced in 3.7)
-CVE-2010-4569
+CVE-2010-4569 (Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7 ...)
 	- bugzilla <not-affected> (vulnerable code introduced in 3.7)
-CVE-2010-4568
+CVE-2010-4568 (Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; 3 ...)
 	{DSA-2322-1}
 	- bugzilla <removed> (bug #611176)
 	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
-CVE-2010-4567
+CVE-2010-4567 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4 ...)
 	{DSA-2322-1}
 	- bugzilla <removed> (high; bug #611176)
 	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
-CVE-2010-4566
+CVE-2010-4566 (The web authentication form in the NT4 authentication component in Cit ...)
 	NOT-FOR-US: Citrix Acces Gateway
-CVE-2010-4565
+CVE-2010-4565 (The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager)  ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.37-1
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
 CVE-2010-4564
 	RESERVED
-CVE-2010-4563
+CVE-2010-4563 (The Linux kernel, when using IPv6, allows remote attackers to determin ...)
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2011/Apr/254
-CVE-2010-4562
+CVE-2010-4562 (Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-4561
 	RESERVED
@@ -1766,23 +1766,23 @@ CVE-2010-4560
 	REJECTED
 CVE-2010-4559
 	REJECTED
-CVE-2010-4587
+CVE-2010-4587 (Opera before 11.00 on Windows does not properly implement the Insecure ...)
 	NOT-FOR-US: Opera
-CVE-2010-4586
+CVE-2010-4586 (The default configuration of Opera before 11.00 enables WebSockets fun ...)
 	NOT-FOR-US: Opera
-CVE-2010-4585
+CVE-2010-4585 (Unspecified vulnerability in the auto-update functionality in Opera be ...)
 	NOT-FOR-US: Opera
-CVE-2010-4584
+CVE-2010-4584 (Opera before 11.00, when Opera Turbo is used, does not properly presen ...)
 	NOT-FOR-US: Opera
-CVE-2010-4583
+CVE-2010-4583 (Opera before 11.00, when Opera Turbo is enabled, does not display a pa ...)
 	NOT-FOR-US: Opera
-CVE-2010-4582
+CVE-2010-4582 (Opera before 11.00 does not properly handle security policies during u ...)
 	NOT-FOR-US: Opera
-CVE-2010-4581
+CVE-2010-4581 (Unspecified vulnerability in Opera before 11.00 has unknown impact and ...)
 	NOT-FOR-US: Opera
-CVE-2010-4580
+CVE-2010-4580 (Opera before 11.00 does not clear WAP WML form fields after manual nav ...)
 	NOT-FOR-US: Opera
-CVE-2010-4579
+CVE-2010-4579 (Opera before 11.00 does not properly constrain dialogs to appear on to ...)
 	NOT-FOR-US: Opera
 CVE-2010-XXXX [calibre XSS]
 	- calibre 0.7.38+dfsg-1 (bug #608822)
@@ -1799,63 +1799,63 @@ CVE-2010-XXXX [webkit info leak]
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: this was fixed much earlier (webkit 1.2), but this was the version checked
 	NOTE: http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html
-CVE-2010-4558
+CVE-2010-4558 (phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and De ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2010-4557
+CVE-2010-4557 (Buffer overflow in the lm_tcp service in Invensys Wonderware InBatch 8 ...)
 	NOT-FOR-US: Invensys Wonderware InBatch
-CVE-2010-4556
+CVE-2010-4556 (Stack-based buffer overflow in the SapThemeRepository ActiveX control  ...)
 	NOT-FOR-US: SAP NetWeaver Business Client
-CVE-2010-4523
+CVE-2010-4523 (Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 a ...)
 	- opensc 0.11.13-1.1 (low; bug #607427)
 	[lenny] - opensc 0.11.4-5+lenny1.1
-CVE-2010-4555
+CVE-2010-4555 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1. ...)
 	{DSA-2291-1}
 	- squirrelmail 2:1.4.22-1 (low)
 	NOTE: difficult to exploit
-CVE-2010-4554
+CVE-2010-4554 (functions/page_header.php in SquirrelMail 1.4.21 and earlier does not  ...)
 	{DSA-2291-1}
 	- squirrelmail 2:1.4.22-1
-CVE-2010-4553
+CVE-2010-4553 (An unspecified Domino API in IBM Lotus Notes Traveler before 8.5.1.1 d ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4552
+CVE-2010-4552 (Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows remote a ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4551
+CVE-2010-4551 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated us ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4550
+CVE-2010-4550 (IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to cau ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4549
+CVE-2010-4549 (IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device succes ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4548
+CVE-2010-4548 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated us ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4547
+CVE-2010-4547 (IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain environmen ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4546
+CVE-2010-4546 (IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment  ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4545
+CVE-2010-4545 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated us ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-4544
+CVE-2010-4544 (Cross-site scripting (XSS) vulnerability in the servlet in IBM Lotus N ...)
 	NOT-FOR-US: IBM Lotus Notes Traveler
 CVE-2010-XXXX [ircd-ratbox password disclosure during TLS handshake]
 	- ircd-ratbox 3.0.6.dfsg-2
 	[lenny] - ircd-ratbox <not-affected> (TLS support not yet activated)
-CVE-2010-4539
+CVE-2010-4539 (The walk function in repos.c in the mod_dav_svn module for the Apache  ...)
 	- subversion 1.6.12dfsg-4 (low; bug #608989)
 	[lenny] - subversion <no-dsa> (Minor issue)
-CVE-2010-4538
+CVE-2010-4538 (Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/ ...)
 	{DSA-2144-1}
 	- wireshark 1.2.11-6 (bug #608990)
-CVE-2010-4537
+CVE-2010-4537 (Unspecified vulnerability in CrawlTrack before 3.2.7, when a public st ...)
 	NOT-FOR-US: CrawlTrack
-CVE-2010-4536
+CVE-2010-4536 (Multiple cross-site scripting (XSS) vulnerabilities in KSES, as used i ...)
 	- wordpress 3.0.4+dfsg-1
 	[lenny] - wordpress <not-affected> (2.x version is not affected)
 	- moodle <not-affected> (Moodle's version of KSES is not affected)
 	- egroupware <not-affected> (Only uses a minor subset of KSES)
-CVE-2010-4535
+CVE-2010-4535 (The password reset functionality in django.contrib.auth in Django befo ...)
 	- python-django 1.2.4-1
 	[squeeze] - python-django 1.2.3-3
 	NOTE: http://www.djangoproject.com/weblog/2010/dec/22/security/
-CVE-2010-4534
+CVE-2010-4534 (The administrative interface in django.contrib.admin in Django before  ...)
 	- python-django 1.2.4-1
 	[squeeze] - python-django 1.2.3-3
 	NOTE: http://www.djangoproject.com/weblog/2010/dec/22/security/
@@ -1870,166 +1870,166 @@ CVE-2010-4532 [no SSL cert validation]
 	- offlineimap 6.3.2~rc3-2 (low; bug #603450)
 	[squeeze] - offlineimap <no-dsa> (Long-standing, documented behaviour, can be updated in spu if needed)
 	[lenny] - offlineimap <no-dsa> (Long-standing, documented behaviour, can be updated in spu if needed)
-CVE-2010-4531
+CVE-2010-4531 (Stack-based buffer overflow in the ATRDecodeAtr function in the Answer ...)
 	{DSA-2156-1}
 	- pcsc-lite 1.5.5-4 (low; bug #607781)
-CVE-2010-4530
+CVE-2010-4530 (Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Car ...)
 	- ccid 1.3.11-2 (unimportant; bug #607780)
 	NOTE: Theoretical attack
-CVE-2010-4529
+CVE-2010-4529 (Integer underflow in the irda_getsockopt function in net/irda/af_irda. ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4528
+CVE-2010-4528 (directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7 ...)
 	- pidgin 2.7.9-1 (bug #608331; medium)
 	[squeeze] - pidgin <not-affected> (Vulnerable code not present)
 	[lenny] - pidgin <not-affected> (Vulnerable code not present)
-CVE-2010-4527
+CVE-2010-4527 (The load_mixer_volumes function in sound/oss/soundcard.c in the OSS so ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4526
+CVE-2010-4526 (Race condition in the sctp_icmp_proto_unreachable function in net/sctp ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4525
+CVE-2010-4525 (Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_even ...)
 	- linux-2.6 2.6.35-1
 	[squeeze] - linux-2.6 <not-affected> (Only affects 2.6.33/2.6.34)
 	[lenny] - linux-2.6 <not-affected> (Only affects 2.6.33/2.6.34)
 	[wheezy] - linux-2.6 <not-affected> (Only affects 2.6.33/2.6.34)
-CVE-2010-4524
+CVE-2010-4524 (Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl in MHonAr ...)
 	- mhonarc 2.6.18-1 (low; bug #607693)
 	[squeeze] - mhonarc <no-dsa> (Minor issue)
-CVE-2010-4522
+CVE-2010-4522 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBul ...)
 	NOT-FOR-US: MyBB
-CVE-2010-4521
+CVE-2010-4521 (Cross-site scripting (XSS) vulnerability in the Views module 6.x befor ...)
 	- drupal6-mod-views 2.12-1
-CVE-2010-4520
+CVE-2010-4520 (Multiple cross-site scripting (XSS) vulnerabilities in the Views modul ...)
 	- drupal6-mod-views 2.11-1
-CVE-2010-4519
+CVE-2010-4519 (Multiple cross-site request forgery (CSRF) vulnerabilities in the View ...)
 	- drupal6-mod-views 2.11-1
-CVE-2010-4518
+CVE-2010-4518 (Cross-site scripting (XSS) vulnerability in wp-safe-search/wp-safe-sea ...)
 	NOT-FOR-US: Safe Search plugin for WordPress
-CVE-2010-4517
+CVE-2010-4517 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) co ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2010-4516
+CVE-2010-4516 (Multiple cross-site scripting (XSS) vulnerabilities in the JXtended Co ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-4515
+CVE-2010-4515 (Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0,  ...)
 	NOT-FOR-US: Citrix Web Interface
-CVE-2010-4514
+CVE-2010-4514 (Cross-site scripting (XSS) vulnerability in Install/InstallWizard.aspx ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2010-4513
+CVE-2010-4513 (Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS 3.0 ...)
 	NOT-FOR-US: Zimplit CMS
-CVE-2010-4512
+CVE-2010-4512 (Cobbler before 2.0.4 uses an incorrect umask value, which allows local ...)
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2010-4511
+CVE-2010-4511 (Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x befo ...)
 	- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
 	[lenny] - movabletype-opensource 4.2.3-1+lenny2
-CVE-2010-4509
+CVE-2010-4509 (Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 a ...)
 	- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
 	[lenny] - movabletype-opensource 4.2.3-1+lenny2
-CVE-2010-4508
+CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7  ...)
 	- xulrunner <not-affected> (Only affects Firefox 4.x)
-CVE-2010-4507
+CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on the iSpo ...)
 	NOT-FOR-US: iSpot/ClearSpot hardware devices
-CVE-2010-4506
+CVE-2010-4506 (Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A  ...)
 	NOT-FOR-US: Passlogix
-CVE-2010-4505
+CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4,  ...)
 	NOT-FOR-US: Injader
-CVE-2010-4504
+CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat Direc ...)
 	NOT-FOR-US: eSyndiCat
-CVE-2010-4503
+CVE-2010-4503 (SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows  ...)
 	NOT-FOR-US: Aigaion
-CVE-2010-4502
+CVE-2010-4502 (Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite  ...)
 	NOT-FOR-US: CA Internet Security Suite
 CVE-2010-4501
 	REJECTED
-CVE-2010-4500
+CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY (MCG ...)
 	NOT-FOR-US: MRCGIGUY FreeTicket
-CVE-2010-4499
+CVE-2010-4499 (Session fixation vulnerability in Collaborative Information Manager se ...)
 	NOT-FOR-US: TIBCO Collaborative Information Manager
-CVE-2010-4498
+CVE-2010-4498 (Unspecified vulnerability in Collaborative Information Manager server, ...)
 	NOT-FOR-US: TIBCO Collaborative Information Manager
-CVE-2010-4497
+CVE-2010-4497 (Cross-site scripting (XSS) vulnerability in Collaborative Information  ...)
 	NOT-FOR-US: TIBCO Collaborative Information Manager
-CVE-2010-4496
+CVE-2010-4496 (Multiple SQL injection vulnerabilities in Collaborative Information Ma ...)
 	NOT-FOR-US: TIBCO Collaborative Information Manager
-CVE-2010-4495
+CVE-2010-4495 (Unspecified vulnerability in the ActiveMatrix Runtime component in TIB ...)
 	NOT-FOR-US: TIBCO ActiveMatrix
-CVE-2010-4494
+CVE-2010-4494 (Double free vulnerability in libxml2 2.7.8 and other versions, as used ...)
 	{DSA-2137-1}
 	- libxml2 2.7.8.dfsg-2 (bug #607922)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (never embedded libxml2's xpath.c)
-CVE-2010-4493
+CVE-2010-4493 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 allow ...)
 	{DSA-2188-1}
 	- chromium-browser 6.0.472.63~r59945-3
 	- webkit 1.2.7-1
 	NOTE: http://trac.webkit.org/changeset/72013
-CVE-2010-4492
+CVE-2010-4492 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 allow ...)
 	{DSA-2188-1}
 	- chromium-browser 6.0.472.63~r59945-3
 	- webkit 1.2.7-1
 	NOTE: http://trac.webkit.org/changeset/71686
-CVE-2010-4491
+CVE-2010-4491 (Google Chrome before 8.0.552.215 does not properly restrict privileged ...)
 	- chromium-browser 9.0.597.45~r70550-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (issue in chromium-specific webkit code)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=62168
 	NOTE: http://trac.webkit.org/changeset/71533
-CVE-2010-4490
+CVE-2010-4490 (Google Chrome before 8.0.552.215 allows remote attackers to cause a de ...)
 	- chromium-browser 6.0.472.63~r59945-3
 	- webkit <not-affected> (chromium specific issue)
-CVE-2010-4489
+CVE-2010-4489 (libvpx, as used in Google Chrome before 8.0.552.215 and possibly other ...)
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
 	- libvpx 0.9.5-1 (bug #610510)
 	[squeeze] - libvpx <not-affected> (regression in later version)
-CVE-2010-4488
+CVE-2010-4488 (Google Chrome before 8.0.552.215 does not properly handle HTTP proxy a ...)
 	- chromium-browser 9.0.597.83~r72435-1 (unimportant)
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium issue)
 	NOTE: only a browser crash
-CVE-2010-4487
+CVE-2010-4487 (Incomplete blacklist vulnerability in Google Chrome before 8.0.552.215 ...)
 	- chromium-browser 6.0.472.63~r59945-3
 	- webkit <not-affected> (chromium issue)
-CVE-2010-4486
+CVE-2010-4486 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 allow ...)
 	- chromium-browser 6.0.472.63~r59945-3
 	- webkit <not-affected> (vulnerable code not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/71170
-CVE-2010-4485
+CVE-2010-4485 (Google Chrome before 8.0.552.215 does not properly restrict the genera ...)
 	- chromium-browser 9.0.597.83~r72435-1 (unimportant)
 	NOTE: http://trac.webkit.org/changeset/69914
 	NOTE: only a browser crash due to opening too many dialogs (i.e. a dos)
-CVE-2010-4484
+CVE-2010-4484 (Google Chrome before 8.0.552.215 does not properly handle HTML5 databa ...)
 	- chromium-browser 9.0.597.83~r72435-1 (unimportant)
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 	NOTE: only a browser crash
-CVE-2010-4483
+CVE-2010-4483 (Google Chrome before 8.0.552.215 does not properly restrict read acces ...)
 	- chromium-browser 6.0.472.63~r59945-3
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=46678
-CVE-2010-4482
+CVE-2010-4482 (Unspecified vulnerability in Google Chrome before 8.0.552.215 allows r ...)
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: unimportant, bypass the pop-up blocker
 	NOTE: http://trac.webkit.org/changeset/69990
-CVE-2010-4481
+CVE-2010-4481 (phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authen ...)
 	{DSA-2139-1}
 	- phpmyadmin 4:3.3.7-3 (bug #608290)
 	NOTE: enables phpinfo output; this is disabled by default and phpinfo on Debian
 	NOTE: systems is by and large full of otherwise predictable information.
-CVE-2010-4480
+CVE-2010-4480 (error.php in PhpMyAdmin 3.3.8.1, and other versions before 3.4.0-beta1 ...)
 	{DSA-2139-1}
 	- phpmyadmin 4:3.3.7-3 (bug #608290)
 CVE-2010-4510
 	REJECTED
-CVE-2010-4479
+CVE-2010-4479 (Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96. ...)
 	- clamav 0.96.5+dfsg-1
 	[lenny] - clamav <not-affected> (Introduced in 3643f3d2b0a38fdc7bc6777d093c857b9760804e)
 	NOTE: Fixed in 019f1955194360600ecf0644959ceca6734c2d7b
-CVE-2010-4478
+CVE-2010-4478 (OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly val ...)
 	- openssh <not-affected> (J-PAKE not activated, see bug #606922)
 CVE-2010-4477
 	REJECTED
-CVE-2010-4476
+CVE-2010-4476 (The Double.parseDouble method in Java Runtime Environment (JRE) in Ora ...)
 	{DSA-2161-2 DSA-2161-1}
 	- openjdk-6 6b18-1.8.7-1 (bug #612660)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
@@ -2038,188 +2038,188 @@ CVE-2010-4476
 	NOTE: Patch http://mail.openjdk.java.net/pipermail/core-libs-dev/2011-February/005795.html
 	NOTE: Oracle http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html
 	NOTE: Original report http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/
-CVE-2010-4475
+CVE-2010-4475 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4474
+CVE-2010-4474 (Unspecified vulnerability in the Java DB component in Oracle Java SE a ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4473
+CVE-2010-4473 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4472
+CVE-2010-4472 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	- openjdk-6 6b18-1.8.7-1 (bug #614033)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4471
+CVE-2010-4471 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4470
+CVE-2010-4470 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	- openjdk-6 6b18-1.8.7-1 (bug #614033)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4469
+CVE-2010-4469 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	- openjdk-6 6b18-1.8.7-1 (bug #614033)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4468
+CVE-2010-4468 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4467
+CVE-2010-4467 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4466
+CVE-2010-4466 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4465
+CVE-2010-4465 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	- openjdk-6 6b18-1.8.7-1 (bug #614033)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4464
+CVE-2010-4464 (Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote  ...)
 	NOT-FOR-US: Oracle Convergence
-CVE-2010-4463
+CVE-2010-4463 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4462
+CVE-2010-4462 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4461
+CVE-2010-4461 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4460
+CVE-2010-4460 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Solaris
-CVE-2010-4459
+CVE-2010-4459 (Unspecified vulnerability in Oracle Solaris 11 Express allows local us ...)
 	NOT-FOR-US: Solaris
-CVE-2010-4458
+CVE-2010-4458 (Unspecified vulnerability in Oracle Solaris 11 Express allows local us ...)
 	NOT-FOR-US: Solaris
-CVE-2010-4457
+CVE-2010-4457 (Unspecified vulnerability in Oracle Solaris 11 Express allows remote a ...)
 	NOT-FOR-US: Solaris
-CVE-2010-4456
+CVE-2010-4456 (Unspecified vulnerability in Oracle Sun Java System Communications Exp ...)
 	NOT-FOR-US: Oracle Sun Java System Communications Express
-CVE-2010-4455
+CVE-2010-4455 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2010-4454
+CVE-2010-4454 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4453
+CVE-2010-4453 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle WebLogic
-CVE-2010-4452
+CVE-2010-4452 (Unspecified vulnerability in the Deployment component in Java Runtime  ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4451
+CVE-2010-4451 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4450
+CVE-2010-4450 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	- openjdk-6 6b18-1.8.7-1 (bug #614033)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4449
+CVE-2010-4449 (Unspecified vulnerability in the Audit Vault component in Oracle Audit ...)
 	NOT-FOR-US: Oracle Audit
-CVE-2010-4448
+CVE-2010-4448 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	{DSA-2224-1}
 	- sun-java6 6.24-1
 	- openjdk-6 6b18-1.8.7-1 (bug #614033)
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4447
+CVE-2010-4447 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4446
+CVE-2010-4446 (Unspecified vulnerability in Oracle Solaris 11 Express allows local us ...)
 	NOT-FOR-US: Solaris
-CVE-2010-4445
+CVE-2010-4445 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4444
+CVE-2010-4444 (Unspecified vulnerability in Oracle Sun Java System Access Manager and ...)
 	NOT-FOR-US: OpenSSO
-CVE-2010-4443
+CVE-2010-4443 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows l ...)
 	NOT-FOR-US: Solaris
-CVE-2010-4442
+CVE-2010-4442 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows l ...)
 	NOT-FOR-US: Solaris
-CVE-2010-4441
+CVE-2010-4441 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4440
+CVE-2010-4440 (Unspecified vulnerability in Oracle 10 and 11 Express allows local use ...)
 	NOT-FOR-US: Oracle Express
-CVE-2010-4439
+CVE-2010-4439 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4438
+CVE-2010-4438 (Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, a ...)
 	- glassfish <not-affected> (Only builds a few class libs)
-CVE-2010-4437
+CVE-2010-4437 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: WebLogic
-CVE-2010-4436
+CVE-2010-4436 (Unspecified vulnerability in Oracle Sun Management Center (SunMC) 4.0  ...)
 	NOT-FOR-US: SunMC
-CVE-2010-4435
+CVE-2010-4435 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
 	NOT-FOR-US: Solaris
-CVE-2010-4434
+CVE-2010-4434 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4433
+CVE-2010-4433 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
 	NOT-FOR-US: Solaris
-CVE-2010-4432
+CVE-2010-4432 (Unspecified vulnerability in the Oracle Transportation Manager compone ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2010-4431
+CVE-2010-4431 (Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1  ...)
 	NOT-FOR-US: Oracle Sun Java System Portal Server
-CVE-2010-4430
+CVE-2010-4430 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4429
+CVE-2010-4429 (Unspecified vulnerability in the Agile Core component in Oracle Supply ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2010-4428
+CVE-2010-4428 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4427
+CVE-2010-4427 (Unspecified vulnerability in the Oracle BI Publisher component in Orac ...)
 	NOT-FOR-US: Oracle BI Publisher
-CVE-2010-4426
+CVE-2010-4426 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4425
+CVE-2010-4425 (Unspecified vulnerability in the Oracle BI Publisher component in Orac ...)
 	NOT-FOR-US: Oracle BI Publisher
-CVE-2010-4424
+CVE-2010-4424 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4423
+CVE-2010-4423 (Unspecified vulnerability in the Cluster Verify Utility component in O ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-4422
+CVE-2010-4422 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	- sun-java6 6.24-1
 	[lenny] - sun-java6 <no-dsa> (non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (non-free not supported)
-CVE-2010-4421
+CVE-2010-4421 (Unspecified vulnerability in the Database Vault component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-4420
+CVE-2010-4420 (Unspecified vulnerability in the Database Vault component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-4419
+CVE-2010-4419 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component i ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4418
+CVE-2010-4418 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-4417
+CVE-2010-4417 (Unspecified vulnerability in the Services for Beehive component in Ora ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-4416
+CVE-2010-4416 (Unspecified vulnerability in the Oracle GoldenGate Veridata component  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-4415
+CVE-2010-4415 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local  ...)
 	NOT-FOR-US: Solaris
-CVE-2010-4414
+CVE-2010-4414 (Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local use ...)
 	- virtualbox-ose <not-affected> (Support for extensions was added in 4.x, see #611925)
-CVE-2010-4413
+CVE-2010-4413 (Unspecified vulnerability in the Scheduler Agent component in Oracle D ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-4412
+CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta  ...)
 	NOT-FOR-US: pfSense
-CVE-2010-4411
+CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote att ...)
 	- perl 5.10.1-17 (bug #606995)
 	[lenny] - perl 5.10.0-19lenny3
 	- libcgi-simple-perl 1.111-2 (bug #606379)
@@ -2227,7 +2227,7 @@ CVE-2010-4411
 	- libcgi-pm-perl 3.51-1 (bug #606370)
 	[lenny] - libcgi-pm-perl 3.38-2lenny2
 	[squeeze] - libcgi-pm-perl 3.49-1squeeze1
-CVE-2010-4410
+CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm befo ...)
 	- perl 5.10.1-17 (bug #606995)
 	[lenny] - perl 5.10.0-19lenny3
 	- libcgi-pm-perl 3.50-1 (bug #606370)
@@ -2235,209 +2235,209 @@ CVE-2010-4410
 	[squeeze] - libcgi-pm-perl 3.49-1squeeze1
 	- libcgi-simple-perl 1.111-2 (bug #606379)
 	[lenny] - libcgi-simple-perl 1.105-1lenny1
-CVE-2010-4408
+CVE-2010-4408 (Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2 ...)
 	NOT-FOR-US: Apache archiva
-CVE-2010-4334
+CVE-2010-4334 (The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERI ...)
 	- libio-socket-ssl-perl 1.35-1 (bug #606058)
 	[squeeze] - libio-socket-ssl-perl 1.33-1+squeeze1
 	[lenny] - libio-socket-ssl-perl <not-affected> (Vulnerable code not present)
-CVE-2010-4335
+CVE-2010-4335 (The _validatePost function in libs/controller/components/security.php  ...)
 	- cakephp 1.3.2-1.1 (bug #606386)
 	[lenny] - cakephp <not-affected>
 	NOTE: https://github.com/cakephp/cakephp/commit/e431e86aa4301ced4273dc7919b59362cbb353cb
-CVE-2010-4336
+CVE-2010-4336 (The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4. ...)
 	{DSA-2133-1}
 	- collectd 4.10.1-2.1 (bug #605092; low)
 	[squeeze] - collectd 4.10.1-1+squeeze2
-CVE-2010-4337
+CVE-2010-4337 (The configure script in gnash 0.8.8 allows local users to overwrite ar ...)
 	{DSA-2435-1}
 	- gnash 0.8.8-8 (unimportant; bug #605419)
-CVE-2010-4409
+CVE-2010-4409 (Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_sym ...)
 	- php5 5.3.3-6
 	[lenny] - php5 <not-affected> (intl extension included since 5.3)
 	NOTE: http://www.kb.cert.org/vuls/id/479900
-CVE-2010-4407
+CVE-2010-4407 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Al ...)
 	NOT-FOR-US: AlGuest
-CVE-2010-4406
+CVE-2010-4406 (Directory traversal vulnerability in gallery.php in Brunetton LittlePh ...)
 	NOT-FOR-US: LittlePhpGallery
-CVE-2010-4405
+CVE-2010-4405 (Cross-site scripting (XSS) vulnerability in the Yannick Gaultier sh404 ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2010-4404
+CVE-2010-4404 (SQL injection vulnerability in the Yannick Gaultier sh404SEF component ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2010-4403
+CVE-2010-4403 (The Register Plus plugin 3.5.1 and earlier for WordPress allows remote ...)
 	NOT-FOR-US: The Register Plus plugin for WordPress
-CVE-2010-4402
+CVE-2010-4402 (Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in ...)
 	NOT-FOR-US: The Register Plus plugin for WordPress
-CVE-2010-4401
+CVE-2010-4401 (languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain ...)
 	NOT-FOR-US: DynPG
-CVE-2010-4400
+CVE-2010-4400 (SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows r ...)
 	NOT-FOR-US: DynPG
-CVE-2010-4399
+CVE-2010-4399 (Directory traversal vulnerability in languages.inc.php in DynPG CMS 4. ...)
 	NOT-FOR-US: DynPG
-CVE-2010-4398
+CVE-2010-4398 (Stack-based buffer overflow in the RtlQueryRegistryValues function in  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-4397
+CVE-2010-4397 (Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4396
+CVE-2010-4396 (Cross-zone scripting vulnerability in the HandleAction method in a cer ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4395
+CVE-2010-4395 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4394
+CVE-2010-4394 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4393
+CVE-2010-4393 (Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 1 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4392
+CVE-2010-4392 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4391
+CVE-2010-4391 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4390
+CVE-2010-4390 (Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 t ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4389
+CVE-2010-4389 (Heap-based buffer overflow in the cook codec in RealNetworks RealPlaye ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4388
+CVE-2010-4388 (The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html components ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4387
+CVE-2010-4387 (The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, Real ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4386
+CVE-2010-4386 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4385
+CVE-2010-4385 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPla ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4384
+CVE-2010-4384 (Array index error in RealNetworks RealPlayer 11.0 through 11.1, RealPl ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4383
+CVE-2010-4383 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4382
+CVE-2010-4382 (Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 t ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4381
+CVE-2010-4381 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4380
+CVE-2010-4380 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4379
+CVE-2010-4379 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4378
+CVE-2010-4378 (The drv2.dll (aka RV20 decompression) module in RealNetworks RealPlaye ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4377
+CVE-2010-4377 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4376
+CVE-2010-4376 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4375
+CVE-2010-4375 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-4374
+CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers to caus ...)
 	NOT-FOR-US: Winamp
-CVE-2010-4373
+CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers to caus ...)
 	NOT-FOR-US: Winamp
-CVE-2010-4372
+CVE-2010-4372 (Integer overflow in the in_nsv plugin in Winamp before 5.6 allows remo ...)
 	NOT-FOR-US: Winamp
-CVE-2010-4371
+CVE-2010-4371 (Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remot ...)
 	NOT-FOR-US: Winamp
-CVE-2010-4370
+CVE-2010-4370 (Multiple integer overflows in the in_midi plugin in Winamp before 5.6  ...)
 	NOT-FOR-US: Winamp
-CVE-2010-4369
+CVE-2010-4369 (Directory traversal vulnerability in AWStats before 7.0 allows remote  ...)
 	- awstats 6.9.5~dfsg-5 (low; bug #606263)
 	[lenny] - awstats 6.7.dfsg-5.1+lenny1
-CVE-2010-4368
+CVE-2010-4368 (awstats.cgi in AWStats before 7.0 on Windows accepts a configdir param ...)
 	- awstats <not-affected> (Windows-specific issue)
 	NOTE: looks like it's the same as CVE-2010-4367
-CVE-2010-4367
+CVE-2010-4367 (awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the ...)
 	- awstats 6.9.5~dfsg-5 (low; bug #606263)
 	[lenny] - awstats 6.7.dfsg-5.1+lenny1
-CVE-2010-4338
+CVE-2010-4338 (ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbi ...)
 	- ocrodjvu 0.4.6-2 (low; bug #598134)
-CVE-2010-4339
+CVE-2010-4339 (Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0 allows rem ...)
 	- hypermail <removed> (low; bug #598743)
 	[lenny] - hypermail <no-dsa> (Minor issue)
-CVE-2010-4366
+CVE-2010-4366 (Multiple cross-site scripting (XSS) vulnerabilities in forum_new_topic ...)
 	NOT-FOR-US: Chameleon Social Networking
-CVE-2010-4365
+CVE-2010-4365 (SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxevent ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2010-4364
+CVE-2010-4364 (DaDaBIK 4.3 beta3, when running in a case-sensitive environment, does  ...)
 	NOT-FOR-US: DaDaBIK
-CVE-2010-4363
+CVE-2010-4363 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY (MCG ...)
 	NOT-FOR-US: FreeTicket
-CVE-2010-4362
+CVE-2010-4362 (Multiple SQL injection vulnerabilities in MicroNetsoft RV Dealer Websi ...)
 	NOT-FOR-US: MicroNetsoft RV Dealer
-CVE-2010-4361
+CVE-2010-4361 (Cross-site scripting (XSS) vulnerability in url-gateway.php in Jurpopa ...)
 	NOT-FOR-US: Jurpopage
-CVE-2010-4360
+CVE-2010-4360 (Multiple SQL injection vulnerabilities in index.php in Jurpopage 0.2.0 ...)
 	NOT-FOR-US: Jurpopage
-CVE-2010-4359
+CVE-2010-4359 (SQL injection vulnerability in index.php in Jurpopage 0.2.0 allows rem ...)
 	NOT-FOR-US: Jurpopage
-CVE-2010-4358
+CVE-2010-4358 (Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in MRCGI ...)
 	NOT-FOR-US: MRCGIGUY (MCG) Guestbook
-CVE-2010-4357
+CVE-2010-4357 (SQL injection vulnerability in comments.php in SiteEngine 7.1 allows r ...)
 	NOT-FOR-US: SiteEngine
-CVE-2010-4356
+CVE-2010-4356 (SQL injection vulnerability in news_default.asp in Site2Nite Big Truck ...)
 	NOT-FOR-US: Site2Nite Big Truck
-CVE-2010-4355
+CVE-2010-4355 (Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3 beta2,  ...)
 	NOT-FOR-US: DaDaBIK
 CVE-2010-XXXX [elfsign uses cryptographically weak md5 hashes]
 	- elfsign <removed> (low; bug #555668)
 	[lenny] - elfsign <no-dsa> (a stronger hashing algorithm would completely change functionality of the package)
-CVE-2010-4354
+CVE-2010-4354 (The remote-access IPSec VPN implementation on Cisco Adaptive Security  ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2010-4353
+CVE-2010-4353 (Unrestricted file upload vulnerability in modules/gallery/models/item. ...)
 	- gallery3 <itp> (bug #511715)
-CVE-2010-4352
+CVE-2010-4352 (Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allow ...)
 	{DSA-2149-1}
 	- dbus 1.2.24-4
-CVE-2010-4351
+CVE-2010-4351 (The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 ...)
 	{DSA-2224-1}
 	- openjdk-6 6b18-1.8.4-1
 	[squeeze] - openjdk-6 <no-dsa> (bug #614151)
 	[lenny] - openjdk-6 <no-dsa> (bug #614151)
-CVE-2010-4350
+CVE-2010-4350 (Directory traversal vulnerability in admin/upgrade_unattended.php in M ...)
 	- mantis <not-affected> (admin dir procected in Apache config, see #607159)
-CVE-2010-4349
+CVE-2010-4349 (admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote at ...)
 	- mantis <not-affected> (admin dir procected in Apache config, see #607159)
-CVE-2010-4348
+CVE-2010-4348 (Cross-site scripting (XSS) vulnerability in admin/upgrade_unattended.p ...)
 	- mantis <not-affected> (admin dir procected in Apache config, see #607159)
-CVE-2010-4347
+CVE-2010-4347 (The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permi ...)
 	- linux-2.6 <not-affected> (Introduced in 2.6.33 and fixed in 2.6.36.2, we never released an affected kernel)
-CVE-2010-4346
+CVE-2010-4346 (The install_special_mapping function in mm/mmap.c in the Linux kernel  ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4345
+CVE-2010-4345 (Exim 4.72 and earlier allows local users to gain privileges by leverag ...)
 	{DSA-2154-1}
 	- exim4 4.72-3 (bug #606527)
-CVE-2010-4344
+CVE-2010-4344 (Heap-based buffer overflow in the string_vformat function in string.c  ...)
 	{DSA-2131-1}
 	- exim4 4.70-1 (bug #606612)
-CVE-2010-4343
+CVE-2010-4343 (drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not ...)
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Driver introduced in 2.6.32)
-CVE-2010-4342
+CVE-2010-4342 (The aun_incoming function in net/econet/af_econet.c in the Linux kerne ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4341
+CVE-2010-4341 (The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in ...)
 	- sssd 1.2.1-4.1 (bug #610032)
 	[squeeze] - sssd 1.2.1-4+squeeze1
 	[wheezy] - sssd 1.2.1-4+squeeze1
-CVE-2010-4333
+CVE-2010-4333 (Pointter PHP Micro-Blogging Social Network 1.8 allows remote attackers ...)
 	NOT-FOR-US: Pointter PHP Micro-Blogging Social Network
-CVE-2010-4332
+CVE-2010-4332 (Pointter PHP Content Management System 1.0 allows remote attackers to  ...)
 	NOT-FOR-US: Pointter PHP Content Management System
-CVE-2010-4331
+CVE-2010-4331 (Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 ...)
 	NOT-FOR-US: Seo Panel
-CVE-2010-4330
+CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in Pulse  ...)
 	NOT-FOR-US: Pulse CMS Basic
-CVE-2010-4329
+CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton funct ...)
 	{DSA-2139-1}
 	- phpmyadmin 4:3.3.7-2
-CVE-2010-4328
+CVE-2010-4328 (Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd i ...)
 	NOT-FOR-US: Novell iPrint LPD
-CVE-2010-4327
+CVE-2010-4327 (Unspecified vulnerability in the NCP service in Novell eDirectory 8.8. ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2010-4326
+CVE-2010-4326 (Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (G ...)
 	NOT-FOR-US: Groupwise
-CVE-2010-4325
+CVE-2010-4325 (Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in No ...)
 	NOT-FOR-US: Groupwise
-CVE-2010-4324
+CVE-2010-4324 (Cross-site scripting (XSS) vulnerability in the Approval Form in the U ...)
 	NOT-FOR-US: Novell Identity Manager
-CVE-2010-4323
+CVE-2010-4323 (Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Confi ...)
 	NOT-FOR-US: Novell ZENworks
-CVE-2010-4322
+CVE-2010-4322 (Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell V ...)
 	NOT-FOR-US: Novell Vibe
-CVE-2010-4321
+CVE-2010-4321 (Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Nov ...)
 	NOT-FOR-US: Novell iPrint client
 CVE-2010-4320
 	RESERVED
@@ -2451,44 +2451,44 @@ CVE-2010-4316
 	RESERVED
 CVE-2010-4315
 	RESERVED
-CVE-2010-4314
+CVE-2010-4314 (Remote attackers can use the iPrint web-browser ActiveX plugin in Nove ...)
 	NOT-FOR-US: iPrint web-browser ActiveX plugin in Novell iPrint Client
-CVE-2010-4313
+CVE-2010-4313 (Unrestricted file upload vulnerability in fileman_file_upload.php in O ...)
 	NOT-FOR-US: Orbis CMS
-CVE-2010-4312
+CVE-2010-4312 (The default configuration of Apache Tomcat 6.x does not include the HT ...)
 	- tomcat6 6.0.35-5 (unimportant; bug #608286)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2010-4311
+CVE-2010-4311 (Free Simple Software 1.0 stores passwords in cleartext, which allows c ...)
 	NOT-FOR-US: Free Simple Software
 CVE-2010-4310
 	RESERVED
-CVE-2010-4309
+CVE-2010-4309 (Adobe Shockwave Player before 11.6.1.629 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4308
+CVE-2010-4308 (Adobe Shockwave Player before 11.6.1.629 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4307
+CVE-2010-4307 (Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows att ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4306
+CVE-2010-4306 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4305
+CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and 523 ...)
 	NOT-FOR-US: Cisco Unified Videoconferencing
-CVE-2010-4304
+CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC) System 3545 ...)
 	NOT-FOR-US: Cisco Unified Videoconferencing
-CVE-2010-4303
+CVE-2010-4303 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the L ...)
 	NOT-FOR-US: Cisco Unified Videoconferencing
-CVE-2010-4302
+CVE-2010-4302 (/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Vi ...)
 	NOT-FOR-US: Cisco Unified Videoconferencing
-CVE-2010-4299
+CVE-2010-4299 (Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 Handhe ...)
 	NOT-FOR-US: Novell Zenworks
-CVE-2010-4298
+CVE-2010-4298 (SQL injection vulnerability in the download module in Free Simple Soft ...)
 	NOT-FOR-US: Free Simple Software
-CVE-2010-4297
+CVE-2010-4297 (The VMware Tools update functionality in VMware Workstation 6.5.x befo ...)
 	NOT-FOR-US: VMware
-CVE-2010-4296
+CVE-2010-4296 (vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Li ...)
 	NOT-FOR-US: VMware
-CVE-2010-4295
+CVE-2010-4295 (Race condition in the mounting process in vmware-mount in VMware Works ...)
 	NOT-FOR-US: VMware
-CVE-2010-4294
+CVE-2010-4294 (The frame decompression functionality in the VMnc media codec in VMwar ...)
 	NOT-FOR-US: VMware
 CVE-2010-XXXX [directory traversal]
 	- openacs 5.5.1+dfsg-2
@@ -2516,9 +2516,9 @@ CVE-2010-XXXX [insecure python path handling]
 	- mmass 3.8.0-2 (low; bug #605150)
 	[squeeze] - mmass <not-affected> (Doesn't set PYTHONPATH)
 	- guake 0.4.2-3 (low; bug #605163)
-CVE-2010-4301
+CVE-2010-4301 (epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wires ...)
 	- wireshark <not-affected> (Only affects >= 1.4)
-CVE-2010-4300
+CVE-2010-4300 (Heap-based buffer overflow in the dissect_ldss_transfer function (epan ...)
 	- wireshark 1.2.11-4
 	[lenny] - wireshark <not-affected> (Only affects >= 1.2)
 CVE-2010-4293
@@ -2539,101 +2539,101 @@ CVE-2010-4286
 	REJECTED
 CVE-2010-4285
 	REJECTED
-CVE-2010-4284
+CVE-2010-4284 (SQL injection vulnerability in the authentication form in the integrat ...)
 	NOT-FOR-US: Samsung Integrated Management System
-CVE-2010-4283
+CVE-2010-4283 (PHP remote file inclusion vulnerability in extras/pandora_diag.php in  ...)
 	NOT-FOR-US: Pandora FMS
-CVE-2010-4282
+CVE-2010-4282 (Multiple directory traversal vulnerabilities in Pandora FMS before 3.1 ...)
 	NOT-FOR-US: Pandora FMS
-CVE-2010-4281
+CVE-2010-4281 (Incomplete blacklist vulnerability in the safe_url_extraclean function ...)
 	NOT-FOR-US: Pandora FMS
-CVE-2010-4280
+CVE-2010-4280 (Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 all ...)
 	NOT-FOR-US: Pandora FMS
-CVE-2010-4279
+CVE-2010-4279 (The default configuration of Pandora FMS 3.1 and earlier specifies an  ...)
 	NOT-FOR-US: Pandora FMS
-CVE-2010-4278
+CVE-2010-4278 (operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows re ...)
 	NOT-FOR-US: Pandora FMS
-CVE-2010-4277
+CVE-2010-4277 (Cross-site scripting (XSS) vulnerability in lembedded-video.php in the ...)
 	NOT-FOR-US: Embedded Video plugin 4.1 for WordPress
-CVE-2010-4276
+CVE-2010-4276 (Cross-site scripting (XSS) vulnerability in the lz_tracking_set_sessid ...)
 	NOT-FOR-US: LiveZilla
-CVE-2010-4275
+CVE-2010-4275 (Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager  ...)
 	NOT-FOR-US: Radius Manager
-CVE-2010-4274
+CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0  ...)
 	NOT-FOR-US: IBM Systems Director
-CVE-2010-4273
+CVE-2010-4273 (SQL injection vulnerability in imoveis.php in DescargarVista ACC IMove ...)
 	NOT-FOR-US: DescargarVista ACC
-CVE-2010-4272
+CVE-2010-4272 (SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sp ...)
 	NOT-FOR-US: Pulse Infotech Sponsor Wall
-CVE-2010-4271
+CVE-2010-4271 (SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows remo ...)
 	NOT-FOR-US: ImpressCMS
-CVE-2010-4270
+CVE-2010-4270 (Directory traversal vulnerability in the nBill (com_netinvoice) compon ...)
 	NOT-FOR-US: Joomla addon
-CVE-2010-4269
+CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive 0.65 allow ...)
 	NOT-FOR-US: Collabtive
-CVE-2010-4268
+CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall (com_flipw ...)
 	NOT-FOR-US: Pulse Infotech
-CVE-2010-4267
+CVE-2010-4267 (Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/ ...)
 	{DSA-2152-1}
 	- hplip 3.10.6-2 (bug #610960)
 CVE-2010-4266
 	RESERVED
-CVE-2010-4265
+CVE-2010-4265 (The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$Second ...)
 	- jbossas4 <not-affected> (Red Hat issue, they didn't include the fix for CVE-2010-3862 in the update)
 CVE-2010-4264
 	RESERVED
-CVE-2010-4263
+CVE-2010-4263 (The igb_receive_skb function in drivers/net/igb/igb_main.c in the Inte ...)
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-4262
+CVE-2010-4262 (Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote atta ...)
 	- xfig 1:3.2.5.b-1.1 (bug #606257)
 	NOTE: details and patch at https://bugzilla.redhat.com/659676
-CVE-2010-4261
+CVE-2010-4261 (Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ...)
 	- clamav 0.96.5+dfsg-1
 	[lenny] - clamav <not-affected> (icon extractor not yet present)
 	NOTE: Fixed in 1f3db7f074995bd4e1d0183b2db8b1c472d2f41b
-CVE-2010-4260
+CVE-2010-4260 (Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV b ...)
 	- clamav 0.96.5+dfsg-1
 	[lenny] - clamav <not-affected> (Introduced in 3643f3d2b0a38fdc7bc6777d093c857b9760804e)
 	NOTE: Fixed in 019f1955194360600ecf0644959ceca6734c2d7b
-CVE-2010-4259
+CVE-2010-4259 (Stack-based buffer overflow in FontForge 20100501 allows remote attack ...)
 	{DSA-2253-1}
 	- fontforge 0.0.20100501-4 (bug #605537)
-CVE-2010-4258
+CVE-2010-4258 (The do_exit function in kernel/exit.c in the Linux kernel before 2.6.3 ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
-CVE-2010-4257
+CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in wp-includ ...)
 	{DSA-2138-1}
 	NOTE: http://core.trac.wordpress.org/changeset/16625
 	- wordpress 3.0.2-1 (bug #605603)
-CVE-2010-4256
+CVE-2010-4256 (The pipe_fcntl function in fs/pipe.c in the Linux kernel before 2.6.37 ...)
 	- linux-2.6 <not-affected> (introduced in 2.6.35; fixed in 2.6.37)
-CVE-2010-4255
+CVE-2010-4255 (The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and ear ...)
 	- xen 4.0.1-2 (bug #609531)
-CVE-2010-4254
+CVE-2010-4254 (Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used ...)
 	- moon <not-affected> (Debian's version of Moonlight is not affected, see #608288)
-CVE-2010-4253
+CVE-2010-4253 (Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and  ...)
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-4252
+CVE-2010-4252 (OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly valid ...)
 	- openssl <not-affected> (configured with -DOPENSSL_NO_JPAKE; bug #606902)
 	NOTE: http://www.openssl.org/news/secadv/20101202.txt
-CVE-2010-4251
+CVE-2010-4251 (The socket implementation in net/core/sock.c in the Linux kernel befor ...)
 	- linux-2.6 2.6.32-22
-CVE-2010-4250
+CVE-2010-4250 (Memory leak in the inotify_init1 function in fs/notify/inotify/inotify ...)
 	- linux-2.6 2.6.37-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced after 2.6.32)
 	[lenny] - linux-2.6 <not-affected> (Introduced after 2.6.32)
 	[wheezy] - linux-2.6 <not-affected> (Introduced after 2.6.32)
-CVE-2010-4249
+CVE-2010-4249 (The wait_for_unix_gc function in net/unix/garbage.c in the Linux kerne ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4248
+CVE-2010-4248 (Race condition in the __exit_signal function in kernel/exit.c in the L ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
-CVE-2010-4247
+CVE-2010-4247 (The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and ( ...)
 	- linux-2.6 <not-affected> (changes included since introduction of dom0 support)
-CVE-2010-4246
+CVE-2010-4246 (Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pf ...)
 	NOT-FOR-US: pfSense
 CVE-2010-4245
 	RESERVED
@@ -2641,10 +2641,10 @@ CVE-2010-4245
 	[lenny] - pootle <not-affected> (Vulnerable code not present)
 CVE-2010-4244
 	REJECTED
-CVE-2010-4243
+CVE-2010-4243 (fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Ki ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-30
-CVE-2010-4242
+CVE-2010-4242 (The hci_uart_tty_open function in the HCI UART driver (drivers/bluetoo ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-28
 CVE-2010-4241
@@ -2656,32 +2656,32 @@ CVE-2010-4240
 CVE-2010-4239
 	RESERVED
 	- tikiwiki <removed>
-CVE-2010-4238
+CVE-2010-4238 (The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on  ...)
 	- linux-2.6 <not-affected> (RedHat-specific issue, does not affect Xen-upstream/Debian)
-CVE-2010-4236
+CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM OmniFind E ...)
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-4235
+CVE-2010-4235 (Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, a ...)
 	NOT-FOR-US: RealNetworks Helix
-CVE-2010-4234
+CVE-2010-4234 (The web server on the Camtron CMNC-200 Full HD IP Camera and TecVoz CM ...)
 	NOT-FOR-US: Camtron, TecVoz
-CVE-2010-4233
+CVE-2010-4233 (The Linux installation on the Camtron CMNC-200 Full HD IP Camera and T ...)
 	NOT-FOR-US: Camtron, TecVoz
-CVE-2010-4232
+CVE-2010-4232 (The web-based administration interface on the Camtron CMNC-200 Full HD ...)
 	NOT-FOR-US: Camtron, TecVoz
-CVE-2010-4231
+CVE-2010-4231 (Directory traversal vulnerability in the web-based administration inte ...)
 	NOT-FOR-US: Camtron, TecVoz
-CVE-2010-4230
+CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the Camtr ...)
 	NOT-FOR-US: Camtron, TecVoz
-CVE-2010-4229
+CVE-2010-4229 (Directory traversal vulnerability in an unspecified servlet in the Inv ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2010-4228
+CVE-2010-4228 (Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP se ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2010-4227
+CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before  ...)
 	NOT-FOR-US: Novell Netware
-CVE-2010-4226
+CVE-2010-4226 (cpio, as used in build 2007.05.10, 2010.07.28, and possibly other vers ...)
 	NOT-FOR-US: OpenSuSE build services
 	NOTE: This might qualify as a cpio hardening issue, but this CVE-ID is not about cpio itself.
-CVE-2010-4225
+CVE-2010-4225 (Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x ...)
 	- mono 2.6.7-5 (bug #608288)
 CVE-2010-4224
 	RESERVED
@@ -2689,119 +2689,119 @@ CVE-2010-4223
 	RESERVED
 CVE-2010-4222
 	RESERVED
-CVE-2010-4221
+CVE-2010-4221 (Multiple stack-based buffer overflows in the pr_netio_telnet_gets func ...)
 	- proftpd-dfsg 1.3.3a-5 (bug #603511; bug #602279)
 	[lenny] - proftpd-dfsg <not-affected> (Introduced in 1.3.2rc3)
-CVE-2010-4220
+CVE-2010-4220 (Cross-site scripting (XSS) vulnerability in the Integrated Solution Co ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-4219
+CVE-2010-4219 (Cross-site scripting (XSS) vulnerability in SemanticTagService.js in I ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-4218
+CVE-2010-4218 (Unspecified vulnerability in Web Services in IBM ENOVIA 6 has unknown  ...)
 	NOT-FOR-US: IBM ENOVIA 6
-CVE-2010-4217
+CVE-2010-4217 (Use-after-free vulnerability in the proxy server in IBM Tivoli Directo ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2010-4216
+CVE-2010-4216 (IBM Tivoli Directory Server (TDS) 6.0.0.x before 6.0.0.8-TIV-ITDS-IF00 ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2010-4215
+CVE-2010-4215 (UI/Manage.pm in Foswiki 1.1.0 and 1.1.1 allows remote authenticated us ...)
 	- foswiki <itp> (bug #509864)
-CVE-2010-4214
+CVE-2010-4214 (The Wells Fargo Mobile application 1.1 for Android stores a username a ...)
 	NOT-FOR-US: Wells Fargo Mobile for Android
-CVE-2010-4213
+CVE-2010-4213 (The Bank of America application 2.12 for Android stores a security que ...)
 	NOT-FOR-US: Bank of America application for Android
-CVE-2010-4212
+CVE-2010-4212 (The USAA application 3.0 for Android stores a mirror image of each vis ...)
 	NOT-FOR-US: USAA application for Android
-CVE-2010-4211
+CVE-2010-4211 (The PayPal app before 3.0.1 for iOS does not verify that the server ho ...)
 	NOT-FOR-US: PayPal app for iOS
-CVE-2010-4210
+CVE-2010-4210 (The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x  ...)
 	- kfreebsd-7 <unfixed>
 	[lenny] - kfreebsd-7 <no-dsa> (Not covered by security support in Lenny)
 	- kfreebsd-8 8.1-1
 	- kfreebsd-9 <not-affected> (fixed prior to first upload)
 	- kfreebsd-10 <not-affected> (fixed prior to first upload)
-CVE-2010-4209
+CVE-2010-4209 (Cross-site scripting (XSS) vulnerability in the Flash component infras ...)
 	- yui 2.8.2r1~squeeze-1 (bug #603513)
-CVE-2010-4208
+CVE-2010-4208 (Cross-site scripting (XSS) vulnerability in the Flash component infras ...)
 	- yui 2.8.2r1~squeeze-1 (bug #603513)
-CVE-2010-4207
+CVE-2010-4207 (Cross-site scripting (XSS) vulnerability in the Flash component infras ...)
 	- yui 2.8.2r1~squeeze-1 (bug #603513)
-CVE-2010-4206
+CVE-2010-4206 (Array index error in the FEBlend::apply function in WebCore/platform/g ...)
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: http://trac.webkit.org/changeset/70652
-CVE-2010-4205
+CVE-2010-4205 (Google Chrome before 7.0.517.44 does not properly handle the data type ...)
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=48159
 	NOTE: http://trac.webkit.org/changeset/70550
-CVE-2010-4204
+CVE-2010-4204 (WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1 ...)
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=48281
 	NOTE: http://trac.webkit.org/changeset/70517
-CVE-2010-4202
+CVE-2010-4202 (Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux ...)
 	- webkit <not-affected> (skia issue)
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: http://code.google.com/p/skia/source/detail?r=606
 	NOTE: http://code.google.com/p/skia/source/detail?r=607
-CVE-2010-4201
+CVE-2010-4201 (Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows ...)
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=47522
 CVE-2010-4200
 	REJECTED
-CVE-2010-4199
+CVE-2010-4199 (Google Chrome before 7.0.517.44 does not properly perform a cast of an ...)
 	{DSA-2188-1}
 	- webkit 1.2.7-1
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: http://trac.webkit.org/changeset/69936
-CVE-2010-4198
+CVE-2010-4198 (WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1 ...)
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: http://trac.webkit.org/changeset/69735
 	NOTE: style fix change set: http://trac.webkit.org/changeset/69801
-CVE-2010-4197
+CVE-2010-4197 (Use-after-free vulnerability in WebKit, as used in Google Chrome befor ...)
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.63~r59945-2
 	NOTE: http://trac.webkit.org/changeset/70594
-CVE-2010-4196
+CVE-2010-4196 (The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9. ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4195
+CVE-2010-4195 (The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does n ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4194
+CVE-2010-4194 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4193
+CVE-2010-4193 (Adobe Shockwave Player before 11.5.9.620 does not properly validate un ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4192
+CVE-2010-4192 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4191
+CVE-2010-4191 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4190
+CVE-2010-4190 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4189
+CVE-2010-4189 (The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows at ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4188
+CVE-2010-4188 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allo ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4187
+CVE-2010-4187 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4186
+CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools Online W ...)
 	NOT-FOR-US: OnlineTechTools
-CVE-2010-4185
+CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.3.8 a ...)
 	NOT-FOR-US: Energine
-CVE-2010-4184
+CVE-2010-4184 (NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cle ...)
 	NOT-FOR-US: NetSupport Manager
-CVE-2010-4183
+CVE-2010-4183 (Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier b ...)
 	- php-htmlpurifier 4.1.1+dfsg1-1
-CVE-2010-4182
+CVE-2010-4182 (Untrusted search path vulnerability in the Data Access Objects (DAO) l ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-4181
+CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote attackers ...)
 	- yaws <not-affected> (Only affects Windows)
-CVE-2010-4180
+CVE-2010-4180 (OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_R ...)
 	{DSA-2141-1}
 	- openssl 0.9.8o-4
 	NOTE: http://www.openssl.org/news/secadv/20101202.txt
-CVE-2010-4179
+CVE-2010-4179 (The installation documentation for Red Hat Enterprise Messaging, Realt ...)
 	NOT-FOR-US: RedHat documentation of MRG
 CVE-2010-4178
 	RESERVED
@@ -2813,96 +2813,96 @@ CVE-2010-4177
 	- mysql-gui-tools <unfixed> (low; bug #605542)
 	[squeeze] - mysql-gui-tools <no-dsa> (Minor issue)
 	[lenny] - mysql-gui-tools <no-dsa> (Minor issue)
-CVE-2010-4176
+CVE-2010-4176 (plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 a ...)
 	- dracut <not-affected> (vulnerable script not shipped)
 	- udev <not-affected> (vulnerable script not shipped; fedora-specific issue)
-CVE-2010-4175
+CVE-2010-4175 (Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) i ...)
 	- linux-2.6 2.6.32-28
 	[lenny] - linux-2.6 <not-affected> (RDS introduced in 2.6.30)
 CVE-2010-4174
 	REJECTED
-CVE-2010-4173
+CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and earlier ...)
 	- libsdp 1.1.99-2.1 (bug #603841)
-CVE-2010-4172
+CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the Manager app ...)
 	- tomcat6 6.0.28-9 (bug #606388)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2010-4171
+CVE-2010-4171 (The staprun runtime tool in SystemTap 1.3 does not verify that a modul ...)
 	{DSA-2348-1}
 	- systemtap 1.2-3 (bug #603946)
-CVE-2010-4170
+CVE-2010-4170 (The staprun runtime tool in SystemTap 1.3 does not properly clear the  ...)
 	{DSA-2348-1}
 	- systemtap 1.2-3 (bug #603946)
-CVE-2010-4169
+CVE-2010-4169 (Use-after-free vulnerability in mm/mprotect.c in the Linux kernel befo ...)
 	- linux-2.6 2.6.32-29
 	[lenny] - linux-2.6 <not-affected> (perf counters not yet present)
-CVE-2010-4168
+CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5  ...)
 	- openttd 1.0.4-3 (bug #603752)
 	[lenny] - openttd <not-affected> (Introduced in 1.0)
-CVE-2010-4167
+CVE-2010-4167 (Untrusted search path vulnerability in configure.c in ImageMagick befo ...)
 	- imagemagick 8:6.6.0.4-3 (low; bug #601824)
 	[lenny] - imagemagick 7:6.3.7.9.dfsg2-1~lenny4
-CVE-2010-4166
+CVE-2010-4166 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22  ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-4165
+CVE-2010-4165 (The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel b ...)
 	- linux-2.6 2.6.32-28
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.28)
-CVE-2010-4164
+CVE-2010-4164 (Multiple integer underflows in the x25_parse_facilities function in ne ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28
-CVE-2010-4163
+CVE-2010-4163 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux kerne ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
-CVE-2010-4162
+CVE-2010-4162 (Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6. ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
-CVE-2010-4161
+CVE-2010-4161 (The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat  ...)
 	- linux-2.6 2.6.28-1
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-4159
+CVE-2010-4159 (Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 a ...)
 	- mono 2.6.7-4 (bug #605097)
 	[lenny] - mono <no-dsa> (Minor issue)
-CVE-2010-4156
+CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through  ...)
 	- php5 5.3.3-4 (bug #603751)
 	[lenny] - php5 <not-affected> (Only affects 5.3.x)
-CVE-2010-4155
+CVE-2010-4155 (Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 a ...)
 	NOT-FOR-US: eXV2 CMS
-CVE-2010-4154
+CVE-2010-4154 (Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager  ...)
 	NOT-FOR-US: Rhino Software, Inc. FTP Voyager
-CVE-2010-4153
+CVE-2010-4153 (Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably  ...)
 	NOT-FOR-US: CrossFTP
-CVE-2010-4152
+CVE-2010-4152 (SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, a ...)
 	NOT-FOR-US: 4site CMS
-CVE-2010-4151
+CVE-2010-4151 (SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly  ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2010-4150
+CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the IMAP ext ...)
 	{DSA-2195-1}
 	- php5 5.3.3-7
-CVE-2010-4203
+CVE-2010-4203 (WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Ch ...)
 	- libvpx 0.9.1-2 (bug #602693)
-CVE-2010-4160
+CVE-2010-4160 (Multiple integer overflows in the (1) pppol2tp_sendmsg function in net ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-27 (low)
-CVE-2010-4158
+CVE-2010-4158 (The sk_run_filter function in net/core/filter.c in the Linux kernel be ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-4157
+CVE-2010-4157 (Integer overflow in the ioc_general function in drivers/scsi/gdth.c in ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28 (low)
-CVE-2010-4149
+CVE-2010-4149 (Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, 5. ...)
 	NOT-FOR-US: FreshWebMaster Fresh FTP
-CVE-2010-4148
+CVE-2010-4148 (Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly  ...)
 	NOT-FOR-US: AnyConnect
-CVE-2010-4147
+CVE-2010-4147 (Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping C ...)
 	NOT-FOR-US: Pentasoft Avactis Shopping Cart
-CVE-2010-4146
+CVE-2010-4146 (Cross-site scripting (XSS) vulnerability in Attachmate Reflection for  ...)
 	NOT-FOR-US: Attachmate Reflection
-CVE-2010-4145
+CVE-2010-4145 (Kisisel Radyo Script stores sensitive information under the web root w ...)
 	NOT-FOR-US: Kisisel Radyo Script
-CVE-2010-4144
+CVE-2010-4144 (SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allow ...)
 	NOT-FOR-US: Kisisel Radyo Script
-CVE-2010-4143
+CVE-2010-4143 (SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when magi ...)
 	NOT-FOR-US: phpCheckZ
-CVE-2010-4142
+CVE-2010-4142 (Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8 ...)
 	NOT-FOR-US: DATAC RealWin
 CVE-2010-4141
 	REJECTED
@@ -2944,11 +2944,11 @@ CVE-2010-4123
 	REJECTED
 CVE-2010-4122
 	REJECTED
-CVE-2010-4121
+CVE-2010-4121 (** DISPUTED ** The TCP-to-ODBC gateway in IBM Tivoli Provisioning Mana ...)
 	NOT-FOR-US: IBM Tivoli
 CVE-2010-XXXX
 	- weborf 0.12.4-1 (bug #601585)
-CVE-2010-4120
+CVE-2010-4120 (Multiple cross-site scripting (XSS) vulnerabilities in the TAM console ...)
 	NOT-FOR-US: IBM Tivoli
 CVE-2010-4119
 	REJECTED
@@ -2956,122 +2956,122 @@ CVE-2010-4118
 	REJECTED
 CVE-2010-4117
 	REJECTED
-CVE-2010-4116
+CVE-2010-4116 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5.x bef ...)
 	NOT-FOR-US: HP StorageWorks Storage Mirroring
-CVE-2010-4115
+CVE-2010-4115 (HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, TS100 ...)
 	NOT-FOR-US: HP StorageWorks
-CVE-2010-4114
+CVE-2010-4114 (Cross-site scripting (XSS) vulnerability in HP Discovery &amp; Depende ...)
 	NOT-FOR-US: HP DDMI
-CVE-2010-4113
+CVE-2010-4113 (Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 al ...)
 	NOT-FOR-US: HP HPPM
-CVE-2010-4112
+CVE-2010-4112 (HP Insight Management Agents before 8.6 allows remote attackers to obt ...)
 	NOT-FOR-US: HP Insight Management Agents
-CVE-2010-4111
+CVE-2010-4111 (Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Onl ...)
 	NOT-FOR-US: HP Insight Diagnostics
-CVE-2010-4110
+CVE-2010-4110 (Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the I ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2010-4109
+CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts Application i ...)
 	NOT-FOR-US: HP Palm webOS
-CVE-2010-4108
+CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threa ...)
 	NOT-FOR-US: HP-UX
-CVE-2010-4107
+CVE-2010-4107 (The default configuration of the PJL Access value in the File System E ...)
 	NOT-FOR-US: HP LaserJet
-CVE-2010-4106
+CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control  ...)
 	NOT-FOR-US: HP Insight Orchestration
-CVE-2010-4105
+CVE-2010-4105 (Unspecified vulnerability in HP Insight Orchestration before 6.2 allow ...)
 	NOT-FOR-US: HP Insight Orchestration
-CVE-2010-4104
+CVE-2010-4104 (Unspecified vulnerability in HP Insight Orchestration before 6.2 allow ...)
 	NOT-FOR-US: HP Insight Orchestration
-CVE-2010-4103
+CVE-2010-4103 (Unspecified vulnerability in HP Insight Managed System Setup Wizard be ...)
 	NOT-FOR-US: HP Insight Managed System Setup Wizard
-CVE-2010-4102
+CVE-2010-4102 (Unspecified vulnerability in HP Insight Recovery before 6.2 allows rem ...)
 	NOT-FOR-US: HP Insight Recovery
-CVE-2010-4101
+CVE-2010-4101 (Cross-site scripting (XSS) vulnerability in HP Insight Recovery before ...)
 	NOT-FOR-US: HP Insight Recovery
-CVE-2010-4100
+CVE-2010-4100 (Unspecified vulnerability in HP Insight Control Performance Management ...)
 	NOT-FOR-US: HP Insight Control Performance Management
-CVE-2010-4099
+CVE-2010-4099 (ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabl ...)
 	NOT-FOR-US: NitroSecurity NitroView
-CVE-2010-4098
+CVE-2010-4098 (monotone before 0.48.1, when configured to allow remote commands, allo ...)
 	- monotone 0.48-3
 	[lenny] - monotone <not-affected> (Vulnerable feature introduced in 0.46)
-CVE-2010-4097
+CVE-2010-4097 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Aa ...)
 	NOT-FOR-US: Aardvark Topsites PHP
-CVE-2010-4095
+CVE-2010-4095 (Directory traversal vulnerability in the FTP client in Serengeti Syste ...)
 	NOT-FOR-US: Serengeti Systems Incorporated Robo-FTP 3.7.3
-CVE-2010-4094
+CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test La ...)
 	NOT-FOR-US: IBM Rational Quality Manager
-CVE-2010-4093
+CVE-2010-4093 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4092
+CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility component ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4091
+CVE-2010-4091 (The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2010-4090
+CVE-2010-4090 (Adobe Shockwave Player before 11.5.9.615 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4089
+CVE-2010-4089 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4088
+CVE-2010-4088 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attacker ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4087
+CVE-2010-4087 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4086
+CVE-2010-4086 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attacker ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4085
+CVE-2010-4085 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attacker ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4084
+CVE-2010-4084 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attacker ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4083
+CVE-2010-4083 (The copy_semid_to_user function in ipc/sem.c in the Linux kernel befor ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-4082
+CVE-2010-4082 (The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c i ...)
 	- linux-2.6 2.6.32-24 (low)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-4081
+CVE-2010-4081 (The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-27 (low)
-CVE-2010-4080
+CVE-2010-4080 (The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the L ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-27 (low)
-CVE-2010-4079
+CVE-2010-4079 (The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the  ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-4078
+CVE-2010-4078 (The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux  ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24 (low)
-CVE-2010-4077
+CVE-2010-4077 (The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Li ...)
 	- linux-2.6 2.6.37-1 (low)
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2010-4076
+CVE-2010-4076 (The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel  ...)
 	- linux-2.6 2.6.37-1 (low)
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2010-4075
+CVE-2010-4075 (The uart_get_count function in drivers/serial/serial_core.c in the Lin ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.37-1 (low)
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2010-4074
+CVE-2010-4074 (The USB subsystem in the Linux kernel before 2.6.36-rc5 does not prope ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24 (low)
-CVE-2010-4073
+CVE-2010-4073 (The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initi ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-4072
+CVE-2010-4072 (The copy_shmid_to_user function in ipc/shm.c in the Linux kernel befor ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-4071
+CVE-2010-4071 (Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS 2. ...)
 	- otrs2 2.4.9+dfsg1-1
 	[lenny] - otrs2 <not-affected> (Only affects OTRS 2.4)
-CVE-2010-4070
+CVE-2010-4070 (Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper  ...)
 	NOT-FOR-US: portmap.exe
-CVE-2010-4069
+CVE-2010-4069 (Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x t ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2010-4068
+CVE-2010-4068 (Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x befo ...)
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-4096
+CVE-2010-4096 (share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows local user ...)
 	- monkeysphere 0.31-3 (bug #600304)
 	NOTE: micah requested this CVE from mitre, issue has been fixed in debian already
 CVE-2010-4067
@@ -3094,24 +3094,24 @@ CVE-2010-4059
 	RESERVED
 CVE-2010-4058
 	RESERVED
-CVE-2010-4057
+CVE-2010-4057 (solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2010-4056
+CVE-2010-4056 (solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2010-4055
+CVE-2010-4055 (Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 an ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2010-4054
+CVE-2010-4054 (The gs_type2_interpret function in Ghostscript allows remote attackers ...)
 	- ghostscript 8.71~dfsg-1 (unimportant)
 	NOTE: Crash-only
-CVE-2010-4053
+CVE-2010-4053 (Stack-based buffer overflow in an unspecified logging function in onin ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2010-4052
+CVE-2010-4052 (Stack consumption vulnerability in the regcomp implementation in the G ...)
 	- glibc <removed> (unimportant)
 	- eglibc <unfixed> (unimportant)
 	NOTE: Deficiency in the regexp engine of glibc, while there implementations which
 	NOTE: process such expressions more efficiently, imposing a limit lies within
 	NOTE: the application accepting it from user input
-CVE-2010-4051
+CVE-2010-4051 (The regcomp implementation in the GNU C Library (aka glibc or libc6) t ...)
 	- glibc <removed> (unimportant)
 	- eglibc <unfixed> (unimportant)
 	NOTE: Deficiency in the regexp engine of glibc, while there implementations which
@@ -3122,91 +3122,91 @@ CVE-2010-XXXX [XSS vulnerability discovered -plugin-globalsearch]
 CVE-2010-XXXX [insecure usage of temporary files in flash-kernel]
 	- flash-kernel 2.33 (low)
 	[lenny] - flash-kernel <no-dsa> (Minor issue)
-CVE-2010-4050
+CVE-2010-4050 (Opera before 10.63 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Opera
-CVE-2010-4049
+CVE-2010-4049 (Opera before 10.63 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Opera
-CVE-2010-4048
+CVE-2010-4048 (Opera before 10.63 allows user-assisted remote web servers to cause a  ...)
 	NOT-FOR-US: Opera
-CVE-2010-4047
+CVE-2010-4047 (Opera before 10.63 does not properly select the security context of Ja ...)
 	NOT-FOR-US: Opera
-CVE-2010-4046
+CVE-2010-4046 (Opera before 10.63 does not properly verify the origin of video conten ...)
 	NOT-FOR-US: Opera
-CVE-2010-4045
+CVE-2010-4045 (Opera before 10.63 does not properly restrict web script in unspecifie ...)
 	NOT-FOR-US: Opera
-CVE-2010-4044
+CVE-2010-4044 (Opera before 10.63 does not ensure that the portion of a URL shown in  ...)
 	NOT-FOR-US: Opera
-CVE-2010-4043
+CVE-2010-4043 (Opera before 10.63 does not prevent interpretation of a cross-origin d ...)
 	NOT-FOR-US: Opera
-CVE-2010-4042
+CVE-2010-4042 (Google Chrome before 7.0.517.41 does not properly handle element maps, ...)
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.63~r59945-1
 	NOTE: http://trac.webkit.org/changeset/68096
-CVE-2010-4041
+CVE-2010-4041 (The sandbox implementation in Google Chrome before 7.0.517.41 on Linux ...)
 	- webkit <not-affected> (issue with chromium sandbox)
 	- chromium-browser 6.0.472.63~r59945-1
-CVE-2010-4040
+CVE-2010-4040 (Google Chrome before 7.0.517.41 does not properly handle animated GIF  ...)
 	{DSA-2188-1}
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.63~r59945-1
 	NOTE: http://trac.webkit.org/changeset/68446
-CVE-2010-4039
+CVE-2010-4039 (Google Chrome before 7.0.517.41 on Linux does not properly set the PAT ...)
 	- webkit <not-affected> (chromium-specifc LD_LIBRARY_PATH issue)
 	- chromium-browser <not-affected> (package uses its own startup script)
-CVE-2010-4038
+CVE-2010-4038 (The Web Sockets implementation in Google Chrome before 7.0.517.41 does ...)
 	- webkit <not-affected> (issue in chromium code base)
 	- chromium-browser 9.0.570
 	[squeeze] - chromium-browser <not-affected> (websocket_experiment not enabled in v6)
 	[wheezy] - chromium-browser <not-affected>
-CVE-2010-4037
+CVE-2010-4037 (Unspecified vulnerability in Google Chrome before 7.0.517.41 allows re ...)
 	- webkit <not-affected> (affected gesture code not present in 1.2.x)
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: http://trac.webkit.org/changeset/67716
-CVE-2010-4036
+CVE-2010-4036 (Google Chrome before 7.0.517.41 does not properly handle the unloading ...)
 	- webkit <not-affected> (chromium-specifc issue)
 	- chromium-browser 6.0.472.63~r59945-1
-CVE-2010-4035
+CVE-2010-4035 (Google Chrome before 7.0.517.41 does not properly perform autofill ope ...)
 	- webkit <not-affected> (issue in chromium code base)
 	- chromium-browser 6.0.472.63~r59945-1
-CVE-2010-4034
+CVE-2010-4034 (Google Chrome before 7.0.517.41 does not properly handle forms, which  ...)
 	- webkit <not-affected> (issue in chromium code base)
 	- chromium-browser 6.0.472.63~r59945-1
-CVE-2010-4033
+CVE-2010-4033 (Google Chrome before 7.0.517.41 does not properly implement the autofi ...)
 	- webkit <not-affected> (issue in gestures, which resides in the webkit codebase, but is only used by chromium right now)
 	- chromium-browser 6.0.472.63~r59945-1
 	NOTE: http://trac.webkit.org/changeset/63786
 	NOTE: http://trac.webkit.org/changeset/67240
-CVE-2010-4032
+CVE-2010-4032 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control  ...)
 	NOT-FOR-US: HP Insight Control Performance Management
-CVE-2010-4031
+CVE-2010-4031 (Unspecified vulnerability in HP Insight Control Performance Management ...)
 	NOT-FOR-US: HP Insight Control Performance Management
-CVE-2010-4030
+CVE-2010-4030 (Cross-site scripting (XSS) vulnerability in HP Insight Control Perform ...)
 	NOT-FOR-US: HP Insight Control Performance Management
-CVE-2010-4029
+CVE-2010-4029 (Unspecified vulnerability in HP Storage Essentials before 6.3.0, when  ...)
 	NOT-FOR-US: HP Storage Essentials
-CVE-2010-4028
+CVE-2010-4028 (Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunne ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2010-4027
+CVE-2010-4027 (Unspecified vulnerability in the camera application in HP Palm webOS 1 ...)
 	NOT-FOR-US: HP Palm webOS
-CVE-2010-4026
+CVE-2010-4026 (Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 al ...)
 	NOT-FOR-US: HP Palm webOS
-CVE-2010-4025
+CVE-2010-4025 (Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows  ...)
 	NOT-FOR-US: HP Palm webOS
-CVE-2010-4024
+CVE-2010-4024 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control  ...)
 	NOT-FOR-US: HP Insight Control Power Management
-CVE-2010-4023
+CVE-2010-4023 (Cross-site scripting (XSS) vulnerability in HP Insight Control Power M ...)
 	NOT-FOR-US: HP Insight Control Power Management
-CVE-2010-4022
+CVE-2010-4022 (The do_standalone function in the MIT krb5 KDC database propagation da ...)
 	- krb5 1.8.3+dfsg-5 (low)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze1
 	[lenny] - krb5 <not-affected> (Only affects 1.7.x onwards)
 	[etch] - krb5 <not-affected> (Only affects 1.7.x onwards)
-CVE-2010-4021
+CVE-2010-4021 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 doe ...)
 	- krb5 1.8+dfsg~alpha1-1
 	[lenny] - krb5 <not-affected> (Only affects 1.7.x)
-CVE-2010-4020
+CVE-2010-4020 (MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key- ...)
 	- krb5 1.8.3+dfsg-3 (bug #605553)
 	[lenny] - krb5 <not-affected> (Only affects krb5 >= 1.8)
 CVE-2010-4019
@@ -3217,31 +3217,31 @@ CVE-2010-4017
 	RESERVED
 CVE-2010-4016
 	RESERVED
-CVE-2010-4015
+CVE-2010-4015 (Buffer overflow in the gettoken function in contrib/intarray/_int_bool ...)
 	{DSA-2157-1}
 	- postgresql-9.0 9.0.3-1
 	- postgresql-8.4 8.4.7-1
 	- postgresql-8.3 <removed>
 CVE-2010-4014
 	RESERVED
-CVE-2010-4013
+CVE-2010-4013 (Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x bef ...)
 	NOT-FOR-US: This is not the PackageKit distributed by Debian, but a different code base
-CVE-2010-4012
+CVE-2010-4012 (Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later al ...)
 	NOT-FOR-US: Apple iOS
-CVE-2010-4011
+CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memor ...)
 	- dovecot <not-affected> (HT4452 claims it is Apple-specific and doesn't affect the OSS version)
-CVE-2010-4010
+CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS  ...)
 	NOT-FOR-US: Apple Type Services
-CVE-2010-4009
+CVE-2010-4009 (Integer overflow in Apple QuickTime before 7.6.9 allows remote attacke ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-4008
+CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Appl ...)
 	{DSA-2128-1}
 	- libxml2 2.7.8.dfsg-1 (bug #602609)
-CVE-2010-4007
+CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message Authenti ...)
 	- mojarra <not-affected> (Fixed before initial upload, in 2.0.1)
-CVE-2010-4006
+CVE-2010-4006 (Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0. ...)
 	NOT-FOR-US: WSN Links
-CVE-2010-4005
+CVE-2010-4005 (The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and  ...)
 	- tomboy 1.2.2-2 (low; bug #605096)
 	[lenny] - tomboy <no-dsa> (Minor issue)
 CVE-2010-4004
@@ -3250,364 +3250,364 @@ CVE-2010-4003
 	RESERVED
 CVE-2010-4002
 	RESERVED
-CVE-2010-4001
+CVE-2010-4001 (** DISPUTED ** GMXRC.bash in Gromacs 4.5.1 and earlier places a zero-l ...)
 	NOTE: Not a security issue
-CVE-2010-4000
+CVE-2010-4000 (gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name  ...)
 	- gnome-shell 2.91.3-1 (bug #605098)
 	[lenny] - gnome-shell <no-dsa> (Minor issue)
-CVE-2010-3999
+CVE-2010-3999 (gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length direct ...)
 	- gnucash 2.2.9-10 (low; bug #603329)
 	[lenny] - gnucash <no-dsa> (Minor issue)
-CVE-2010-3998
+CVE-2010-3998 (The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlie ...)
 	- banshee 1.6.1-1.1 (bug #605095)
 	[lenny] - banshee <no-dsa> (Minor issue)
 CVE-2010-3997
 	RESERVED
-CVE-2010-3996
+CVE-2010-3996 (festival_server in Centre for Speech Technology Research (CSTR) Festiv ...)
 	- festival <not-affected> (From Lenny onwards we don't include the server component)
 CVE-2010-3995
 	RESERVED
-CVE-2010-3994
+CVE-2010-3994 (Cross-site scripting (XSS) vulnerability in HP Version Control Reposit ...)
 	NOT-FOR-US: HP VCRM
-CVE-2010-3993
+CVE-2010-3993 (Unspecified vulnerability in HP Insight Control Server Migration befor ...)
 	NOT-FOR-US: HP Insight
-CVE-2010-3992
+CVE-2010-3992 (Unspecified vulnerability in HP Insight Control Server Migration befor ...)
 	NOT-FOR-US: HP Insight
-CVE-2010-3991
+CVE-2010-3991 (Cross-site scripting (XSS) vulnerability in HP Insight Control Server  ...)
 	NOT-FOR-US: HP Insight
-CVE-2010-3990
+CVE-2010-3990 (Unspecified vulnerability in HP Virtual Server Environment before 6.2  ...)
 	NOT-FOR-US: HP Virtual Server Environment
-CVE-2010-3989
+CVE-2010-3989 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control  ...)
 	NOT-FOR-US: HP Insight
-CVE-2010-3988
+CVE-2010-3988 (Unspecified vulnerability in HP Insight Control Virtual Machine Manage ...)
 	NOT-FOR-US: HP Insight
-CVE-2010-3987
+CVE-2010-3987 (Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual ...)
 	NOT-FOR-US: HP Insight
-CVE-2010-3986
+CVE-2010-3986 (Unspecified vulnerability in HP Virtual Connect Enterprise Manager (VC ...)
 	NOT-FOR-US: HP VCEM
-CVE-2010-3985
+CVE-2010-3985 (Cross-site scripting (XSS) vulnerability in HP Operations Orchestratio ...)
 	NOT-FOR-US: HP Operations Orchestration
-CVE-2010-3984
+CVE-2010-3984 (Buffer overflow in mng_core_com.dll in CA XOsoft Replication r12.0 SP1 ...)
 	NOT-FOR-US: CA XOsoft
-CVE-2010-3983
+CVE-2010-3983 (CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenti ...)
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-3982
+CVE-2010-3982 (SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigg ...)
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-3981
+CVE-2010-3981 (Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterp ...)
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-3980
+CVE-2010-3980 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the  ...)
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-3979
+CVE-2010-3979 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different ...)
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-3978
+CVE-2010-3978 (Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data usi ...)
 	NOT-FOR-US: Spree
-CVE-2010-3977
+CVE-2010-3977 (Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plug ...)
 	NOT-FOR-US: cForm wordpress plugin
-CVE-2010-3976
+CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player before 9.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3975
+CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9 allows loc ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3974
+CVE-2010-3974 (fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3973
+CVE-2010-3973 (The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Micr ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-3972
+CVE-2010-3972 (Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData fu ...)
 	NOT-FOR-US: Microsoft Internet Information Services
-CVE-2010-3971
+CVE-2010-3971 (Use-after-free vulnerability in the CSharedStyleSheet::Notify function ...)
 	NOT-FOR-US: Microsoft Internet Explorer 7 and 8
-CVE-2010-3970
+CVE-2010-3970 (Stack-based buffer overflow in the CreateSizedDIBSECTION function in s ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-3969
 	REJECTED
 CVE-2010-3968
 	REJECTED
-CVE-2010-3967
+CVE-2010-3967 (Untrusted search path vulnerability in Microsoft Windows Movie Maker ( ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3966
+CVE-2010-3966 (Untrusted search path vulnerability in Microsoft Windows Server 2008 R ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3965
+CVE-2010-3965 (Untrusted search path vulnerability in Windows Media Encoder 9 on Micr ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3964
+CVE-2010-3964 (Unrestricted file upload vulnerability in the Document Conversions Lau ...)
 	NOT-FOR-US: Microsoft Office SharePoint Server
-CVE-2010-3963
+CVE-2010-3963 (Buffer overflow in the Routing and Remote Access NDProxy component in  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3962
+CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3961
+CVE-2010-3961 (The Consent User Interface (UI) in Microsoft Windows Vista SP1 and SP2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3960
+CVE-2010-3960 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows gues ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3959
+CVE-2010-3959 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Wi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3958
+CVE-2010-3958 (The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5 ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2010-3957
+CVE-2010-3957 (Double free vulnerability in the OpenType Font (OTF) driver in Microso ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3956
+CVE-2010-3956 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Wi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3955
+CVE-2010-3955 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2 ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2010-3954
+CVE-2010-3954 (Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote attacke ...)
 	NOT-FOR-US: Microsoft Publisher
 CVE-2010-3953
 	REJECTED
-CVE-2010-3952
+CVE-2010-3952 (The FlashPix image converter in the graphics filters in Microsoft Offi ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3951
+CVE-2010-3951 (Buffer overflow in the FlashPix image converter in the graphics filter ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3950
+CVE-2010-3950 (The TIFF image converter in the graphics filters in Microsoft Office X ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3949
+CVE-2010-3949 (Buffer overflow in the TIFF image converter in the graphics filters in ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2010-3948
 	REJECTED
-CVE-2010-3947
+CVE-2010-3947 (Heap-based buffer overflow in the TIFF image converter in the graphics ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3946
+CVE-2010-3946 (Integer overflow in the PICT image converter in the graphics filters i ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3945
+CVE-2010-3945 (Buffer overflow in the CGM image converter in the graphics filters in  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3944
+CVE-2010-3944 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3943
+CVE-2010-3943 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3942
+CVE-2010-3942 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3941
+CVE-2010-3941 (Double free vulnerability in win32k.sys in the kernel-mode drivers in  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3940
+CVE-2010-3940 (Double free vulnerability in win32k.sys in the kernel-mode drivers in  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3939
+CVE-2010-3939 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-3938
 	REJECTED
-CVE-2010-3937
+CVE-2010-3937 (Microsoft Exchange Server 2007 SP2 on the x64 platform allows remote a ...)
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2010-3936
+CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft F ...)
 	NOT-FOR-US: Forefront Unified Access Gateway
 CVE-2010-3935
 	REJECTED
-CVE-2010-3934
+CVE-2010-3934 (The browser in Research In Motion (RIM) BlackBerry Device Software 5.0 ...)
 	NOT-FOR-US: BlackBerry Device Software
-CVE-2010-3933
+CVE-2010-3933 (Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attribut ...)
 	- rails <not-affected> (Only affects >= 2.3.9, which is not yet in the archive)
 CVE-2010-3932
 	REJECTED
-CVE-2010-3931
+CVE-2010-3931 (Cross-site scripting (XSS) vulnerability in multiple Rocomotion produc ...)
 	NOT-FOR-US: Rocomotion
-CVE-2010-3930
+CVE-2010-3930 (Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier  ...)
 	NOT-FOR-US: MODx
-CVE-2010-3929
+CVE-2010-3929 (SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows ...)
 	NOT-FOR-US: MODx
-CVE-2010-3928
+CVE-2010-3928 (Ruby Version Manager (RVM) before 1.2.1 writes file contents to a term ...)
 	NOT-FOR-US: Ruby Version Manager
-CVE-2010-3927
+CVE-2010-3927 (Untrusted search path vulnerability in Lunascape before 6.4.0 allows l ...)
 	NOT-FOR-US: Lunascape
-CVE-2010-3926
+CVE-2010-3926 (Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in SGX ...)
 	NOT-FOR-US: SGX-SP Final
-CVE-2010-3925
+CVE-2010-3925 (Contents-Mall before 15 does not properly handle passwords, which allo ...)
 	NOT-FOR-US: Contents-Mall
-CVE-2010-3924
+CVE-2010-3924 (SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows remo ...)
 	NOT-FOR-US: Aimluck Aipo
-CVE-2010-3923
+CVE-2010-3923 (Untrusted search path vulnerability in AttacheCase before 2.70 allows  ...)
 	NOT-FOR-US: AttacheCase
-CVE-2010-3922
+CVE-2010-3922 (SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x be ...)
 	- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
 	[lenny] - movabletype-opensource 4.2.3-1+lenny2 (bug #606311)
-CVE-2010-3921
+CVE-2010-3921 (Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4. ...)
 	- movabletype-opensource 4.3.5+dfsg-1 (bug #606311)
 	[lenny] - movabletype-opensource 4.2.3-1+lenny2 (bug #606311)
-CVE-2010-3920
+CVE-2010-3920 (The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 a ...)
 	NOT-FOR-US: Seiko Epson printer driver
-CVE-2010-3919
+CVE-2010-3919 (Fenrir Grani 4.5 and earlier does not prevent interaction between web  ...)
 	NOT-FOR-US: Fenrir Grani
-CVE-2010-3918
+CVE-2010-3918 (Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction between ...)
 	NOT-FOR-US: Fenrir Sleipnir
 CVE-2010-3917
 	RESERVED
-CVE-2010-3916
+CVE-2010-3916 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Governm ...)
 	NOT-FOR-US: JustSystems Ichitaro and Ichitaro Government
-CVE-2010-3915
+CVE-2010-3915 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Governm ...)
 	NOT-FOR-US: JustSystems Ichitaro and Ichitaro Government
-CVE-2010-3914
+CVE-2010-3914 (Untrusted search path vulnerability in VIM Development Group GVim befo ...)
 	- vim <not-affected> (Windows-specific)
-CVE-2010-3913
+CVE-2010-3913 (CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.01 ...)
 	NOT-FOR-US: TransWARE Active! mail
-CVE-2010-3912
+CVE-2010-3912 (The supportconfig script in supportutils in SUSE Linux Enterprise 11 S ...)
 	NOT-FOR-US: SLES support scripts
-CVE-2010-3911
+CVE-2010-3911 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM befo ...)
 	NOT-FOR-US: vTiger CRM
-CVE-2010-3910
+CVE-2010-3910 (Multiple directory traversal vulnerabilities in the return_application ...)
 	NOT-FOR-US: vTiger CRM
-CVE-2010-3909
+CVE-2010-3909 (Incomplete blacklist vulnerability in config.template.php in vtiger CR ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2010-3908
+CVE-2010-3908 (FFmpeg before 0.5.4, as used in MPlayer and other products, allows rem ...)
 	{DSA-2306-1}
 	- libav 4:0.6-1
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
-CVE-2010-3907
+CVE-2010-3907 (Multiple integer overflows in real.c in the Real demuxer plugin in Vid ...)
 	- vlc 1.1.3-1squeeze1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
-CVE-2010-3906
+CVE-2010-3906 (Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier ...)
 	- git-core <removed>
 	[lenny] - git-core 1.5.6.5-3+lenny3.3
 	- git 1:1.7.2.3-2.2
-CVE-2010-3905
+CVE-2010-3905 (The password reset feature in the administrator interface for Eucalypt ...)
 	- eucalyptus <not-affected> (bug #608289) (It was once removed from archive, then re-added as 3.1.0)
-CVE-2010-3904
+CVE-2010-3904 (The rds_page_copy_user function in net/rds/page.c in the Reliable Data ...)
 	- linux-2.6 2.6.32-26
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code introduced in 2.6.30)
-CVE-2010-3903
+CVE-2010-3903 (Unspecified vulnerability in OpenConnect before 2.23 allows remote Any ...)
 	- openconnect 2.25-0.1
-CVE-2010-3902
+CVE-2010-3902 (OpenConnect before 2.26 places the webvpn cookie value in the debuggin ...)
 	- openconnect 3.02-1 (unimportant)
 	NOTE: This is an additional safety net for careless users, not a vulnerability
-CVE-2010-3901
+CVE-2010-3901 (OpenConnect before 2.25 does not properly validate X.509 certificates, ...)
 	- openconnect 2.25-0.1 (bug #590873)
-CVE-2010-3900
+CVE-2010-3900 (Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2 ...)
 	- midori 0.2.7-1.1 (unimportant; bug #607497)
 	NOTE: Current Midori SSL support is very limited
 	NOTE: Midori should not be used if SSL support is important to you
-CVE-2010-3899
+CVE-2010-3899 (IBM OmniFind Enterprise Edition 8.x and 9.x performs web crawls with a ...)
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3898
+CVE-2010-3898 (IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict ...)
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3897
+CVE-2010-3897 (ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x  ...)
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3896
+CVE-2010-3896 (The ESSearchApplication directory tree in IBM OmniFind Enterprise Edit ...)
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3895
+CVE-2010-3895 (esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows loca ...)
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3894
+CVE-2010-3894 (Stack-based buffer overflow in the Java_com_ibm_es_oss_CryptionNative_ ...)
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3893
+CVE-2010-3893 (The administrator interface in IBM OmniFind Enterprise Edition 8.x and ...)
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3892
+CVE-2010-3892 (Session fixation vulnerability in the login form in the administrator  ...)
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3891
+CVE-2010-3891 (Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do ...)
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3890
+CVE-2010-3890 (Cross-site scripting (XSS) vulnerability in IBM OmniFind Enterprise Ed ...)
 	NOT-FOR-US: IBM OmniFind Enterprise Edition
-CVE-2010-3889
+CVE-2010-3889 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms all ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3888
+CVE-2010-3888 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms all ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3887
+CVE-2010-3887 (The Limit Mail feature in the Parental Controls functionality in Mail  ...)
 	NOT-FOR-US: Apple Mail
-CVE-2010-3886
+CVE-2010-3886 (The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft msh ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-3885
 	REJECTED
-CVE-2010-3884
+CVE-2010-3884 (Cross-site request forgery (CSRF) vulnerability in CMS Made Simple 1.8 ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2010-3883
+CVE-2010-3883 (Cross-site request forgery (CSRF) vulnerability in the Change Group Pe ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2010-3882
+CVE-2010-3882 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2010-3881
+CVE-2010-3881 (arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initia ...)
 	- linux-2.6 2.6.32-29 (low)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-3880
+CVE-2010-3880 (net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not pr ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-30 (low)
-CVE-2010-3879
+CVE-2010-3879 (FUSE, possibly 2.8.5 and earlier, allows local users to create mtab en ...)
 	- fuse 2.8.5-1 (bug #602333)
 	[squeeze] - fuse <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3879
-CVE-2010-3878
+CVE-2010-3878 (Cross-site request forgery (CSRF) vulnerability in the JMX Console in  ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-3877
+CVE-2010-3877 (The get_name function in net/tipc/socket.c in the Linux kernel before  ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-30 (low)
-CVE-2010-3876
+CVE-2010-3876 (net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not  ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-30 (low)
-CVE-2010-3875
+CVE-2010-3875 (The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel be ...)
 	{DSA-2264-1 DSA-2240-1 DSA-2126-1}
 	- linux-2.6 2.6.32-30 (low)
-CVE-2010-3874
+CVE-2010-3874 (Heap-based buffer overflow in the bcm_connect function in net/can/bcm. ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-29 (low)
-CVE-2010-3873
+CVE-2010-3873 (The X.25 implementation in the Linux kernel before 2.6.36.2 does not p ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28 (low)
-CVE-2010-3872
+CVE-2010-3872 (The fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcg ...)
 	{DSA-2140-1}
 	- libapache2-mod-fcgid 1:2.3.6-1 (bug #605484)
-CVE-2010-3871
+CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in blocktype/groupviews/theme ...)
 	- mahara <not-affected> (Vulnerable feature introduced in 1.3)
-CVE-2010-3870
+CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle  ...)
 	{DSA-2195-1}
 	- php5 5.3.3-4 (bug #603751)
-CVE-2010-3869
+CVE-2010-3869 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate Sys ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2010-3868
+CVE-2010-3868 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate Sys ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2010-3867
+CVE-2010-3867 (Multiple directory traversal vulnerabilities in the mod_site_misc modu ...)
 	{DSA-2191-1}
 	- proftpd-dfsg 1.3.3a-4
 CVE-2010-3866
 	REJECTED
-CVE-2010-3865
+CVE-2010-3865 (Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in t ...)
 	- linux-2.6 2.6.37-1
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.30)
-CVE-2010-3864
+CVE-2010-3864 (Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9 ...)
 	{DSA-2125-1}
 	- openssl 0.9.8o-3
-CVE-2010-3863
+CVE-2010-3863 (Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize  ...)
 	- shiro <not-affected> (Fixed before the initial release in Debian)
-CVE-2010-3862
+CVE-2010-3862 (The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$Second ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-3861
+CVE-2010-3861 (The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kern ...)
 	- linux-2.6 2.6.32-29
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.27)
-CVE-2010-3860
+CVE-2010-3860 (IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2 ...)
 	- openjdk-6 6b18-1.8.3-1
-CVE-2010-3859
+CVE-2010-3859 (Multiple integer signedness errors in the TIPC implementation in the L ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-27
-CVE-2010-3858
+CVE-2010-3858 (The setup_arg_pages function in fs/exec.c in the Linux kernel before 2 ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-27
 CVE-2010-3857 [JBoss BRMS XSS via UUID parameter]
 	RESERVED
 	- jbossas4 <not-affected> (Vulnerable code not present)
 	NOTE: JBoss 5 only; fixed in 5.1.0
-CVE-2010-3856
+CVE-2010-3856 (ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.1 ...)
 	{DSA-2122-2 DSA-2122-1}
 	- glibc 2.11.2-8
 	- eglibc 2.11.2-8 (bug #600667)
-CVE-2010-3855
+CVE-2010-3855 (Buffer overflow in the ft_var_readpackedpoints function in truetype/tt ...)
 	{DSA-2155-1}
 	- freetype 2.4.2-2.1 (bug #602221)
-CVE-2010-3854
+CVE-2010-3854 (Multiple cross-site scripting (XSS) vulnerabilities in the web adminis ...)
 	- couchdb 1.1.0-1
 	[squeeze] - couchdb <end-of-life> (Unsupported in squeeze-lts)
-CVE-2010-3853
+CVE-2010-3853 (pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) bef ...)
 	- pam 1.1.3-1 (low; bug #608273)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	[lenny] - pam <no-dsa> (Minor issue)
-CVE-2010-3852
+CVE-2010-3852 (The default configuration of Luci 0.22.4 and earlier in Red Hat Conga  ...)
 	NOT-FOR-US: Red Hat Conga
-CVE-2010-3851
+CVE-2010-3851 (libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 an ...)
 	NOT-FOR-US: libguestfs
-CVE-2010-3850
+CVE-2010-3850 (The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kerne ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28
-CVE-2010-3849
+CVE-2010-3849 (The econet_sendmsg function in net/econet/af_econet.c in the Linux ker ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28
-CVE-2010-3848
+CVE-2010-3848 (Stack-based buffer overflow in the econet_sendmsg function in net/econ ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28
-CVE-2010-3847
+CVE-2010-3847 (elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) throu ...)
 	{DSA-2122-2 DSA-2122-1}
 	- eglibc 2.11.2-8 (bug #600667)
 	- glibc 2.11.2-8
-CVE-2010-3846
+CVE-2010-3846 (Array index error in the apply_rcs_change function in rcs.c in CVS 1.1 ...)
 	- cvs <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3852
 CVE-2010-3844
@@ -3618,171 +3618,171 @@ CVE-2010-3843
 	RESERVED
 	- ettercap 1:0.7.4-1 (unimportant; bug #600130)
 	NOTE: Very far-fetched attack vector
-CVE-2010-3842
+CVE-2010-3842 (Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, w ...)
 	- curl <not-affected> (Doesn't affect POSIX systems)
-CVE-2010-3841
+CVE-2010-3841 (Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.pm in ...)
 	NOT-FOR-US: TWiki
-CVE-2010-3845
+CVE-2010-3845 (libapache-authenhook-perl 2.00-04 stores usernames and passwords in pl ...)
 	- libapache-authenhook-perl 2.00-04+pristine-2 (low; bug #599712)
 	[lenny] - libapache-authenhook-perl 2.00-04+pristine-1+lenny1
 CVE-2010-4237
 	RESERVED
 	- mercurial 1.6.4-1 (low; bug #598841)
 	[lenny] - mercurial <no-dsa> (Minor issue)
-CVE-2010-3840
+CVE-2010-3840 (The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL ...)
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3839
+CVE-2010-3839 (MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticat ...)
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
 	[lenny] - mysql-dfsg-5.0 <not-affected> (vulnerable code not present)
-CVE-2010-3838
+CVE-2010-3838 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allow ...)
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3837
+CVE-2010-3837 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allow ...)
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3836
+CVE-2010-3836 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allow ...)
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3835
+CVE-2010-3835 (MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticat ...)
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3834
+CVE-2010-3834 (Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.5 ...)
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3833
+CVE-2010-3833 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does  ...)
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-3 (bug #599937)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3832
+CVE-2010-3832 (Heap-based buffer overflow in the GSM mobility management implementati ...)
 	NOT-FOR-US: Apple iOS Telophony
-CVE-2010-3831
+CVE-2010-3831 (Photos in Apple iOS before 4.2 enables support for HTTP Basic Authenti ...)
 	NOT-FOR-US: Apple iOS Photos
-CVE-2010-3830
+CVE-2010-3830 (Networking in Apple iOS before 4.2 accesses an invalid pointer during  ...)
 	NOT-FOR-US: Apple iOS Networking
-CVE-2010-3829
+CVE-2010-3829 (WebKit in Apple iOS before 4.2 allows remote attackers to bypass the r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3828
+CVE-2010-3828 (iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle a ...)
 	NOT-FOR-US: Apple iOS iAd
-CVE-2010-3827
+CVE-2010-3827 (Apple iOS before 4.2 does not properly validate signatures before disp ...)
 	NOT-FOR-US: Apple iOS configuration installation utility
-CVE-2010-3826
+CVE-2010-3826 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2010-3825
 	RESERVED
-CVE-2010-3824
+CVE-2010-3824 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3823
+CVE-2010-3823 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3822
+CVE-2010-3822 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3821
+CVE-2010-3821 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3820
+CVE-2010-3820 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3819
+CVE-2010-3819 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3818
+CVE-2010-3818 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3817
+CVE-2010-3817 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3816
+CVE-2010-3816 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2010-3815
 	RESERVED
-CVE-2010-3814
+CVE-2010-3814 (Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in Fr ...)
 	{DSA-2155-1}
 	- freetype 2.4.2-2.1 (bug #602221)
-CVE-2010-3813
+CVE-2010-3813 (The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLin ...)
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: fixed much earlier in chromium, but this was the version checked
-CVE-2010-3812
+CVE-2010-3812 (Integer overflow in the Text::wholeText method in dom/Text.cpp in WebK ...)
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: fixed much earlier in chromium, but this was the version checked
 	NOTE: http://www.zerodayinitiative.com/advisories/ZDI-10-257
-CVE-2010-3811
+CVE-2010-3811 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3810
+CVE-2010-3810 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3809
+CVE-2010-3809 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3808
+CVE-2010-3808 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2010-3807
 	RESERVED
 CVE-2010-3806
 	RESERVED
-CVE-2010-3805
+CVE-2010-3805 (Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 1 ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3804
+CVE-2010-3804 (The JavaScript implementation in WebKit in Apple Safari before 5.0.3 o ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3803
+CVE-2010-3803 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10 ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-3802
+CVE-2010-3802 (Integer signedness error in Apple QuickTime before 7.6.9 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3801
+CVE-2010-3801 (Apple QuickTime before 7.6.9 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3800
+CVE-2010-3800 (Apple QuickTime before 7.6.9 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2010-3799
 	RESERVED
-CVE-2010-3798
+CVE-2010-3798 (Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before 10.6 ...)
 	- xar <removed>
 	[lenny] - xar <no-dsa> (Minor issue)
-CVE-2010-3797
+CVE-2010-3797 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac O ...)
 	NOT-FOR-US: Apple Wiki Server
-CVE-2010-3796
+CVE-2010-3796 (Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not  ...)
 	NOT-FOR-US: Apple Safari RSS
-CVE-2010-3795
+CVE-2010-3795 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialize ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3794
+CVE-2010-3794 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialize ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3793
+CVE-2010-3793 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attacke ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3792
+CVE-2010-3792 (Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3791
+CVE-2010-3791 (Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 al ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3790
+CVE-2010-3790 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attacke ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3789
+CVE-2010-3789 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attacke ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3788
+CVE-2010-3788 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialize ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3787
+CVE-2010-3787 (Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x befor ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-3786
+CVE-2010-3786 (QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attacke ...)
 	NOT-FOR-US: Apple QuickLook
-CVE-2010-3785
+CVE-2010-3785 (Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x befor ...)
 	NOT-FOR-US: Apple QuickLook
-CVE-2010-3784
+CVE-2010-3784 (The PMPageFormatCreateWithDataRepresentation API in Printing in Apple  ...)
 	NOT-FOR-US: Apple Printing
-CVE-2010-3783
+CVE-2010-3783 (Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does ...)
 	NOT-FOR-US: Apple Password Server
 CVE-2010-3782
 	RESERVED
-CVE-2010-3781
+CVE-2010-3781 (The PL/php add-on 1.4 and earlier for PostgreSQL does not properly pro ...)
 	- postgresql-9.0 9.0.1-1
-CVE-2010-3780
+CVE-2010-3780 (Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause ...)
 	- dovecot 1:1.2.15-1 (bug #599521)
 	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
-CVE-2010-3779
+CVE-2010-3779 (Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admi ...)
 	- dovecot 1:1.2.15-1 (bug #599521)
 	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
-CVE-2010-3778
+CVE-2010-3778 (Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thun ...)
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- icedove 3.0.11-1
@@ -3792,9 +3792,9 @@ CVE-2010-3778
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3777
+CVE-2010-3777 (Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and T ...)
 	- iceweasel <not-affected> (Only affects Firefox 3.6, which is only in experimental)
-CVE-2010-3776
+CVE-2010-3776 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3804,7 +3804,7 @@ CVE-2010-3776
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3775
+CVE-2010-3775 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey b ...)
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3812,7 +3812,7 @@ CVE-2010-3775
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3774
+CVE-2010-3774 (The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h ...)
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
@@ -3820,7 +3820,7 @@ CVE-2010-3774
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (Doesn't affect 1.9.0)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3773
+CVE-2010-3773 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey b ...)
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3828,7 +3828,7 @@ CVE-2010-3773
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3772
+CVE-2010-3772 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey b ...)
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3836,7 +3836,7 @@ CVE-2010-3772
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3771
+CVE-2010-3771 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey b ...)
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3844,7 +3844,7 @@ CVE-2010-3771
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3770
+CVE-2010-3770 (Multiple cross-site scripting (XSS) vulnerabilities in the rendering e ...)
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3852,7 +3852,7 @@ CVE-2010-3770
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3769
+CVE-2010-3769 (The line-breaking implementation in Mozilla Firefox before 3.5.16 and  ...)
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- icedove 3.0.11-1
@@ -3862,7 +3862,7 @@ CVE-2010-3769
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (font-face support introduced in 1.9.1)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3768
+CVE-2010-3768 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird bef ...)
 	- xulrunner <removed> (unimportant)
 	[lenny] - xulrunner <not-affected> (Vulnerable code not present)
 	- icedove 3.0.11-1
@@ -3871,7 +3871,7 @@ CVE-2010-3768
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3767
+CVE-2010-3767 (Integer overflow in the NewIdArray function in Mozilla Firefox before  ...)
 	{DSA-2132-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.16-1
@@ -3879,7 +3879,7 @@ CVE-2010-3767
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3766
+CVE-2010-3766 (Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6. ...)
 	- xulrunner <removed> (unimportant)
 	[lenny] - xulrunner <not-affected> (Vulnerable code not present)
 	- iceweasel 3.5.16-1
@@ -3887,7 +3887,7 @@ CVE-2010-3766
 	- iceape 2.0.11-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3765
+CVE-2010-3765 (Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunder ...)
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.15-1
@@ -3898,49 +3898,49 @@ CVE-2010-3765
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (bug in optimization added later)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3764
+CVE-2010-3764 (The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3 ...)
 	- bugzilla 3.6.3.0-1 (bug #602420; low)
 	[squeeze] - bugzilla 3.6.2.0-4.2
-CVE-2010-3763
+CVE-2010-3763 (Cross-site scripting (XSS) vulnerability in core/summary_api.php in Ma ...)
 	- mantis 1.1.8+dfsg-9 (bug #601618)
 	[lenny] - mantis 1.1.6+dfsg-2lenny4
-CVE-2010-3762
+CVE-2010-3762 (ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not  ...)
 	{DSA-2130-1}
 	- bind9 1:9.7.2.dfsg.P2-1 (bug #599515)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
 	NOTE: ACL bypass claimed to only affect >=9.7.2: https://kb.isc.org/article/AA-00935/0/CVE-2010-3762%3A-failure-to-handle-bad-signatures-if-multiple-trust-anchors-configured.html
 	NOTE: The crash with multiple trust anchors affects 9.6 and is fixed in 9.6-ESV-R2.
-CVE-2010-3761
+CVE-2010-3761 (Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3760
+CVE-2010-3760 (FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager ( ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3759
+CVE-2010-3759 (FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager ( ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3758
+CVE-2010-3758 (Multiple stack-based buffer overflows in FastBackServer.exe in the Ser ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3757
+CVE-2010-3757 (Format string vulnerability in the _Eventlog function in FastBackServe ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3756
+CVE-2010-3756 (The _CalcHashValueWithLength function in FastBackServer.exe in the Ser ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3755
+CVE-2010-3755 (The _DAS_ReadBlockReply function in FastBackServer.exe in the Server i ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3754
+CVE-2010-3754 (The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in the Ser ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2010-3753
+CVE-2010-3753 (programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 ...)
 	- openswan 1:2.6.28+dfsg-2
 	[lenny] - openswan <not-affected> (Introduced in version 2.6.26)
-CVE-2010-3752
+CVE-2010-3752 (programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 ...)
 	- openswan 1:2.6.28+dfsg-2
 	[lenny] - openswan <not-affected> (Introduced in version 2.6.25)
-CVE-2010-3751
+CVE-2010-3751 (Multiple heap-based buffer overflows in an ActiveX control in RealNetw ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-3750
+CVE-2010-3750 (rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer  ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-3749
+CVE-2010-3749 (The browser-plugin implementation in RealNetworks RealPlayer 11.0 thro ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-3748
+CVE-2010-3748 (Stack-based buffer overflow in the RichFX component in RealNetworks Re ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-3747
+CVE-2010-3747 (An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealP ...)
 	NOT-FOR-US: RealNetworks RealPlayer
 CVE-2010-3746
 	RESERVED
@@ -3948,39 +3948,39 @@ CVE-2010-3745
 	RESERVED
 CVE-2010-3744
 	RESERVED
-CVE-2010-3743
+CVE-2010-3743 (Directory traversal vulnerability in Visual Synapse HTTP Server 1.0 RC ...)
 	NOT-FOR-US: Visual Synapse HTTP Server
-CVE-2010-3742
+CVE-2010-3742 (Multiple PHP remote file inclusion vulnerabilities in themes/default/i ...)
 	NOT-FOR-US: Free Simple CMS 1.0
-CVE-2010-3741
+CVE-2010-3741 (The offline backup mechanism in Research In Motion (RIM) BlackBerry De ...)
 	NOT-FOR-US: BlackBerry Desktop Software
-CVE-2010-3740
+CVE-2010-3740 (The Net Search Extender (NSE) implementation in the Text Search compon ...)
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3739
+CVE-2010-3739 (The audit facility in the Security component in IBM DB2 UDB 9.5 before ...)
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3738
+CVE-2010-3738 (The Security component in IBM DB2 UDB 9.5 before FP6a logs AUDIT event ...)
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3737
+CVE-2010-3737 (Memory leak in the Relational Data Services component in IBM DB2 UDB 9 ...)
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3736
+CVE-2010-3736 (Memory leak in the Relational Data Services component in IBM DB2 UDB 9 ...)
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3735
+CVE-2010-3735 (The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5  ...)
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3734
+CVE-2010-3734 (The Install component in IBM DB2 UDB 9.5 before FP6a on Linux, UNIX, a ...)
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3733
+CVE-2010-3733 (The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses wor ...)
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3732
+CVE-2010-3732 (The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remo ...)
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3731
+CVE-2010-3731 (Stack-based buffer overflow in the validateUser implementation in the  ...)
 	NOT-FOR-US: IBM DB2 UDB 9.5
-CVE-2010-3730
+CVE-2010-3730 (Google Chrome before 6.0.472.62 does not properly use information abou ...)
 	- webkit <not-affected> (issue in libv8)
 	- chromium-browser 6.0.472.62~r59676-1
 	- libv8 <not-affected>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=45700
 	NOTE: http://trac.webkit.org/changeset/67509
-CVE-2010-3729
+CVE-2010-3729 (The SPDY protocol implementation in Google Chrome before 6.0.472.62 do ...)
 	- webkit <not-affected> (chromium specific)
 	- chromium-browser 6.0.472.62~r59676-1
 CVE-2010-3728
@@ -4001,57 +4001,57 @@ CVE-2010-3721
 	REJECTED
 CVE-2010-3720
 	REJECTED
-CVE-2010-3719
+CVE-2010-3719 (Eval injection vulnerability in IMAdminSchedTask.asp in the administra ...)
 	NOT-FOR-US: Symantec IM Manager
-CVE-2010-3718
+CVE-2010-3718 (Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running with ...)
 	{DSA-2160-1}
 	- tomcat5.5 <removed> (low)
 	[lenny] - tomcat5.5 <no-dsa> (Minor issue)
 	- tomcat6 6.0.28-10 (bug #612257)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2010-3717
+CVE-2010-3717 (The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x ...)
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-3716
+CVE-2010-3716 (The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x befor ...)
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-3715
+CVE-2010-3715 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x bef ...)
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-3714
+CVE-2010-3714 (The jumpUrl (aka access tracking) implementation in tslib/class.tslib_ ...)
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-3713
+CVE-2010-3713 (rss.php in UseBB before 1.0.11 does not properly handle forum configur ...)
 	NOT-FOR-US: UseBB
-CVE-2010-3712
+CVE-2010-3712 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before 1.5.2 ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-3711
+CVE-2010-3711 (libpurple in Pidgin before 2.7.4 does not properly validate the return ...)
 	- pidgin 2.7.4-1
 	[squeeze] - pidgin 2.7.3-1+squeeze1
-CVE-2010-3710
+CVE-2010-3710 (Stack consumption vulnerability in the filter_var function in PHP 5.2. ...)
 	{DSA-2195-1}
 	- php5 5.3.3-3 (bug #601619)
-CVE-2010-3709
+CVE-2010-3709 (The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 ...)
 	{DSA-2195-1}
 	- php5 5.3.3-4 (bug #603751)
-CVE-2010-3708
+CVE-2010-3708 (The serialization implementation in JBoss Drools in Red Hat JBoss Ente ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-3707
+CVE-2010-3707 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0 ...)
 	- dovecot 1:1.2.15-1
 	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
-CVE-2010-3706
+CVE-2010-3706 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0 ...)
 	- dovecot 1:1.2.15-1
 	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
-CVE-2010-3705
+CVE-2010-3705 (The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux k ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-25
-CVE-2010-3704
+CVE-2010-3704 (The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser i ...)
 	{DSA-2135-1 DSA-2119-1}
 	- kdegraphics 4:4.0.0-1
 	- xpdf 3.02-9
 	- poppler 0.12.4-1.2 (bug #599165)
 	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473
-CVE-2010-3703
+CVE-2010-3703 (The PostScriptFunction::PostScriptFunction function in poppler/Functio ...)
 	- kdegraphics 4:4.0.0-1
 	[lenny] - kdegraphics <not-affected> (Vulnerable code not present)
 	- xpdf 3.02-9
@@ -4059,222 +4059,222 @@ CVE-2010-3703
 	- poppler 0.12.4-1.2 (bug #599165)
 	[lenny] - poppler <not-affected> (Vulnerable code not present)
 	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f
-CVE-2010-3702
+CVE-2010-3702 (The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, pop ...)
 	{DSA-2135-1 DSA-2119-1}
 	- kdegraphics 4:4.0.0-1
 	- xpdf 3.02-9
 	- poppler 0.12.4-1.2 (bug #599165)
 	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf
-CVE-2010-3701
+CVE-2010-3701 (lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows ...)
 	NOT-FOR-US: Red Hat Enterprise MRG
-CVE-2010-3700
+CVE-2010-3700 (VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before 3. ...)
 	NOT-FOR-US: VMware SpringSource Spring Security
-CVE-2010-3699
+CVE-2010-3699 (The backend driver in Xen 3.x allows guest OS users to cause a denial  ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-31
-CVE-2010-3698
+CVE-2010-3698 (The KVM implementation in the Linux kernel before 2.6.36 does not prop ...)
 	- linux-2.6 2.6.32-28
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-3697
+CVE-2010-3697 (The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x ...)
 	- freeradius 2.1.10+dfsg-1 (bug #600176; unimportant)
 	NOTE: requires server to be down already
-CVE-2010-3696
+CVE-2010-3696 (The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in cert ...)
 	- freeradius 2.1.10+dfsg-1 (bug #600176)
 	[lenny] - freeradius <not-affected> (Vulnerable code not present)
-CVE-2010-3695
+CVE-2010-3695 (Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Hord ...)
 	{DSA-2204-1}
 	- imp4 4.3.7+debian0-2.1 (bug #598584; low)
 	NOTE: http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0379.html
-CVE-2010-3694
+CVE-2010-3694 (Cross-site request forgery (CSRF) vulnerability in the Horde Applicati ...)
 	{DSA-2278-1}
 	- horde3 3.3.8+debian0-2 (bug #598582)
 	NOTE: http://lists.horde.org/archives/announce/2010/000568.html
-CVE-2010-3693
+CVE-2010-3693 (Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) b ...)
 	- dimp1 1.1.4+debian2-1.1 (bug #598583)
 	NOTE: http://lists.horde.org/archives/announce/2010/000561.html
-CVE-2010-3692
+CVE-2010-3692 (Directory traversal vulnerability in the callback function in client.p ...)
 	{DSA-2172-1}
 	- libphp-cas <itp> (bug #495542)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	- moodle 1.9.9.dfsg2-2 (bug #601384)
-CVE-2010-3691
+CVE-2010-3691 (PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is ena ...)
 	{DSA-2172-1}
 	- libphp-cas <itp> (bug #495542)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	- moodle 1.9.9.dfsg2-2 (bug #601384)
-CVE-2010-3690
+CVE-2010-3690 (Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before 1 ...)
 	{DSA-2172-1}
 	- libphp-cas <itp> (bug #495542)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	- moodle 1.9.9.dfsg2-2 (bug #601384)
-CVE-2010-3689
+CVE-2010-3689 (soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length di ...)
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-3687
+CVE-2010-3687 (Unspecified vulnerability in the powermail extension 1.5.3 and earlier ...)
 	NOT-FOR-US: powermail extension 1.5.3 for typo3
-CVE-2010-3686
+CVE-2010-3686 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...)
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
-CVE-2010-3685
+CVE-2010-3685 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...)
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
-CVE-2010-4340
+CVE-2010-4340 (libcloud before 0.4.1 does not verify SSL certificates for HTTPS conne ...)
 	- libcloud 0.5.0-1 (low; bug #598463)
-CVE-2010-3688
+CVE-2010-3688 (Directory traversal vulnerability in ADMIN/login.php in NetArtMEDIA We ...)
 	NOT-FOR-US: NetArtMEDIA WebSiteAdmin
-CVE-2010-3684
+CVE-2010-3684 (The FTP authentication module in Synology Disk Station 2.x logs passwo ...)
 	NOT-FOR-US: Synology Disk Station
-CVE-2010-3683
+CVE-2010-3683 (Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet ...)
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
 	[lenny] - mysql-dfsg-5.0 <not-affected> (vulnerable code not present)
-CVE-2010-3682
+CVE-2010-3682 (Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote aut ...)
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3681
+CVE-2010-3681 (Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote auth ...)
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3680
+CVE-2010-3680 (Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to ca ...)
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3679
+CVE-2010-3679 (Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to ca ...)
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
 	[lenny] - mysql-dfsg-5.0 <not-affected> (vulnerable code not present)
-CVE-2010-3678
+CVE-2010-3678 (Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to ca ...)
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
 	[lenny] - mysql-dfsg-5.0 <not-affected> (vulnerable code not present)
-CVE-2010-3677
+CVE-2010-3677 (Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote aut ...)
 	{DSA-2143-1}
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-3676
+CVE-2010-3676 (storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before ...)
 	- mysql-5.1 5.1.49-1 (bug #598580)
 	- mysql-dfsg-5.0 <removed>
 	[lenny] - mysql-dfsg-5.0 <not-affected> (vulnerable code not present)
 CVE-2010-3675
 	RESERVED
-CVE-2010-3658
+CVE-2010-3658 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windo ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3657
+CVE-2010-3657 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3656
+CVE-2010-3656 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3655
+CVE-2010-3655 (Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player be ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-3654
+CVE-2010-3654 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3653
+CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5 ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2010-3652
+CVE-2010-3652 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2010-3651
 	REJECTED
-CVE-2010-3650
+CVE-2010-3650 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3649
+CVE-2010-3649 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3648
+CVE-2010-3648 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3647
+CVE-2010-3647 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3646
+CVE-2010-3646 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3645
+CVE-2010-3645 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3644
+CVE-2010-3644 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3643
+CVE-2010-3643 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3642
+CVE-2010-3642 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3641
+CVE-2010-3641 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3640
+CVE-2010-3640 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3639
+CVE-2010-3639 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3638
+CVE-2010-3638 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3637
+CVE-2010-3637 (An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3636
+CVE-2010-3636 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-3635
+CVE-2010-3635 (Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-3634
+CVE-2010-3634 (Unspecified vulnerability in the edge process in Adobe Flash Media Ser ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-3633
+CVE-2010-3633 (Memory leak in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5. ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-3632
+CVE-2010-3632 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windo ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3631
+CVE-2010-3631 (Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3630
+CVE-2010-3630 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3629
+CVE-2010-3629 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3628
+CVE-2010-3628 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windo ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3627
+CVE-2010-3627 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3626
+CVE-2010-3626 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3625
+CVE-2010-3625 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windo ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3624
+CVE-2010-3624 (Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.5 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3623
+CVE-2010-3623 (Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3622
+CVE-2010-3622 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windo ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3621
+CVE-2010-3621 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windo ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3620
+CVE-2010-3620 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3619
+CVE-2010-3619 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windo ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-3618
+CVE-2010-3618 (PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1 does ...)
 	NOT-FOR-US: PGP Desktop
 CVE-2010-3617
 	RESERVED
-CVE-2010-3616
+CVE-2010-3616 (ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover p ...)
 	- isc-dhcp <not-affected> (Only affects 4.2.x)
 	- dhcp3 <not-affected> (Only affects 4.2.x)
 	- dhcp <not-affected> (Only affects 4.2.x)
-CVE-2010-3615
+CVE-2010-3615 (named in ISC BIND 9.7.2-P2 does not check all intended locations for a ...)
 	- bind9 1:9.7.2.dfsg.P3-1 (bug #605876)
 	[lenny] - bind9 <not-affected> (Doesn't affect 9.6 ESV)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P3/RELEASE-NOTES-BIND-9.7.2-P3.html
-CVE-2010-3614
+CVE-2010-3614 (named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV  ...)
 	{DSA-2130-1}
 	- bind9 1:9.7.2.dfsg.P3-1 (bug #605876)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P3/RELEASE-NOTES-BIND-9.7.2-P3.html
-CVE-2010-3613
+CVE-2010-3613 (named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, an ...)
 	{DSA-2130-1}
 	- bind9 1:9.7.2.dfsg.P3-1 (bug #605876)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P3/RELEASE-NOTES-BIND-9.7.2-P3.html
 CVE-2010-3612
 	RESERVED
-CVE-2010-3611
+CVE-2010-3611 (ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2 ...)
 	- isc-dhcp 4.1.1-P1-14
 	- dhcp3 <not-affected> (Only affects DHCP 4.x)
 	- dhcp <not-affected> (Only affects DHCP 4.x)
 CVE-2010-3610
 	RESERVED
-CVE-2010-3609
+CVE-2010-3609 (The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other ve ...)
 	{DLA-304-1}
 	- openslp-dfsg 1.2.1-8 (low; bug #623551)
 	[squeeze] - openslp-dfsg <no-dsa> (Minor issue)
 	[lenny] - openslp-dfsg <no-dsa> (Minor issue)
-CVE-2010-3659
+CVE-2010-3659 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x ...)
 	{DSA-2098-1}
 	- typo3-src 4.3.5-1 (bug #590719)
 CVE-2010-3660 [Multiple security issues]
@@ -4342,406 +4342,406 @@ CVE-2010-XXXX [piwigo]
 	NOTE: http://www.exploit-db.com/exploits/14973/
 	NOTE: First unfilled CVE-request http://www.openwall.com/lists/oss-security/2010/12/07/1
 	NOTE: Second CVE-request http://www.openwall.com/lists/oss-security/2012/10/06/3
-CVE-2010-3608
+CVE-2010-3608 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote atta ...)
 	NOT-FOR-US: wpQuiz
-CVE-2010-3607
+CVE-2010-3607 (Cross-site scripting (XSS) vulnerability in AGENTS/index.php in NetArt ...)
 	NOT-FOR-US: NetArt MEDIA Real Estate Portal
-CVE-2010-3606
+CVE-2010-3606 (Multiple directory traversal vulnerabilities in AGENTS/index.php in Ne ...)
 	NOT-FOR-US: NetArt MEDIA Real Estate Portal
-CVE-2010-3605
+CVE-2010-3605 (Cross-site scripting (XSS) vulnerability in the powermail extension 1. ...)
 	NOT-FOR-US: powermail extension 1.5.3 for typo3
-CVE-2010-3604
+CVE-2010-3604 (SQL injection vulnerability in the powermail extension 1.5.3 and earli ...)
 	NOT-FOR-US: powermail extension 1.5.3 for typo3
-CVE-2010-3603
+CVE-2010-3603 (Cross-site request forgery (CSRF) vulnerability in the file manager se ...)
 	NOT-FOR-US: mojoPortal
-CVE-2010-3602
+CVE-2010-3602 (Cross-site scripting (XSS) vulnerability in ProfileView.aspx in mojoPo ...)
 	NOT-FOR-US: mojoPortal
-CVE-2010-3601
+CVE-2010-3601 (SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows r ...)
 	NOT-FOR-US: ibPhotohost
-CVE-2010-3499
+CVE-2010-3499 (F-Secure Anti-Virus does not properly interact with the processing of  ...)
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2010-3498
+CVE-2010-3498 (AVG Anti-Virus does not properly interact with the processing of hcp:/ ...)
 	NOT-FOR-US: AVG Anti-Virus
-CVE-2010-3497
+CVE-2010-3497 (Symantec Norton AntiVirus 2011 does not properly interact with the pro ...)
 	NOT-FOR-US: Symantec Norton AntiVirus
-CVE-2010-3496
+CVE-2010-3496 (McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact w ...)
 	NOT-FOR-US: McAfee VirusScan Enterprise
-CVE-2010-3495
+CVE-2010-3495 (Race condition in ZEO/StorageServer.py in Zope Object Database (ZODB)  ...)
 	- zodb 1:3.9.4-1.1 (bug #599711)
-CVE-2010-3494
+CVE-2010-3494 (Race condition in the FTPHandler class in ftpserver.py in pyftpdlib be ...)
 	- python-pyftpdlib 0.5.2-1 (low)
 	NOTE: http://code.google.com/p/pyftpdlib/issues/detail?id=104
-CVE-2010-3493
+CVE-2010-3493 (Multiple race conditions in smtpd.py in the smtpd module in Python 2.6 ...)
 	- python3.1 3.1.2+20100829-1
 	- python2.6 2.6.6-1 (low; bug #601690)
 	- python2.5 <unfixed> (low)
 	[squeeze] - python2.5 <no-dsa> (Minor issue)
 	[lenny] - python2.5 <no-dsa> (Minor issue)
-CVE-2010-3492
+CVE-2010-3492 (The asyncore module in Python before 3.2 does not properly handle unsu ...)
 	- python2.7 2.7.8-11 (unimportant)
 	- python3.1 <removed> (unimportant)
 	- python3.2 3.4.2-1 (unimportant)
 	NOTE: likely fixed much earlier, but these were the versions checked
-CVE-2010-3491
+CVE-2010-3491 (The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator compon ...)
 	NOT-FOR-US: TIBCO ActiveMatrix Service Grid
-CVE-2010-3490
+CVE-2010-3490 (Directory traversal vulnerability in page.recordings.php in the System ...)
 	NOT-FOR-US: FreePBX
-CVE-2010-3489
+CVE-2010-3489 (Cross-site scripting (XSS) vulnerability in netautor/napro4/home/login ...)
 	NOT-FOR-US: CMS Digital Workroom
-CVE-2010-3488
+CVE-2010-3488 (Directory traversal vulnerability in QuickShare 1.0 allows remote atta ...)
 	NOT-FOR-US: QuickShare
-CVE-2010-3487
+CVE-2010-3487 (Directory traversal vulnerability in YelloSoft Pinky 1.0 for Windows a ...)
 	NOT-FOR-US: YelloSoft Pinky
-CVE-2010-3486
+CVE-2010-3486 (Directory traversal vulnerability in FileStorageUpload.ashx in Smarter ...)
 	NOT-FOR-US: SmarterMail
-CVE-2010-3483
+CVE-2010-3483 (cms_write.php in Primitive CMS 1.0.9 does not properly restrict access ...)
 	NOT-FOR-US: Primitive CMS
-CVE-2010-3482
+CVE-2010-3482 (Multiple SQL injection vulnerabilities in cms_write.php in Primitive C ...)
 	NOT-FOR-US: Primitive CMS
-CVE-2010-3481
+CVE-2010-3481 (Multiple SQL injection vulnerabilities in login.php in ApPHP PHP Micro ...)
 	NOT-FOR-US: MicroCMS
-CVE-2010-3480
+CVE-2010-3480 (Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1 ...)
 	NOT-FOR-US: MicroCMS
-CVE-2010-3479
+CVE-2010-3479 (SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote ...)
 	NOT-FOR-US: BoutikOne
 CVE-2010-3478
 	RESERVED
-CVE-2010-3477
+CVE-2010-3477 (The tcf_act_police_dump function in net/sched/act_police.c in the acti ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-25
-CVE-2010-3600
+CVE-2010-3600 (Unspecified vulnerability in the Client System Analyzer component in O ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-3599
+CVE-2010-3599 (Unspecified vulnerability in the Oracle Document Capture component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3598
+CVE-2010-3598 (Unspecified vulnerability in the Oracle Document Capture component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3597
+CVE-2010-3597 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3596
+CVE-2010-3596 (Unspecified vulnerability in the mod_ssl component in Oracle Secure Ba ...)
 	NOT-FOR-US: Dupe of CVE-2009-3555, will be rejected
-CVE-2010-3595
+CVE-2010-3595 (Unspecified vulnerability in the Oracle Document Capture component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3594
+CVE-2010-3594 (Unspecified vulnerability in the Real User Experience Insight componen ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2010-3593
+CVE-2010-3593 (Unspecified vulnerability in the Health Sciences - Oracle Argus Safety ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2010-3592
+CVE-2010-3592 (Unspecified vulnerability in the Oracle Document Capture component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3591
+CVE-2010-3591 (Unspecified vulnerability in the Oracle Document Capture component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3590
+CVE-2010-3590 (Unspecified vulnerability in the Oracle Spatial component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-3589
+CVE-2010-3589 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle Application Object Library component
-CVE-2010-3588
+CVE-2010-3588 (Unspecified vulnerability in the Oracle Discoverer component in Oracle ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3587
+CVE-2010-3587 (Unspecified vulnerability in the Oracle Common Applications component  ...)
 	NOT-FOR-US: Oracle Applications
-CVE-2010-3586
+CVE-2010-3586 (Unspecified vulnerability in Oracle Solaris 9 allows local users to af ...)
 	- xscreensaver <not-affected> (Solaris-specific patch)
-CVE-2010-3585
+CVE-2010-3585 (Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 ...)
 	NOT-FOR-US: OracleVM
-CVE-2010-3584
+CVE-2010-3584 (Unspecified vulnerability in the Oracle VM component in Oracle VM 2.2. ...)
 	NOT-FOR-US: OracleVM
-CVE-2010-3583
+CVE-2010-3583 (Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 ...)
 	NOT-FOR-US: OracleVM
-CVE-2010-3582
+CVE-2010-3582 (Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 ...)
 	NOT-FOR-US: OracleVM
-CVE-2010-3581
+CVE-2010-3581 (Unspecified vulnerability in the BPEL Console component in Oracle Fusi ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-3580
+CVE-2010-3580 (Unspecified vulnerability in Oracle OpenSolaris allows local users to  ...)
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-3579
+CVE-2010-3579 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Jav ...)
 	NOT-FOR-US: Java Communications Suite
-CVE-2010-3578
+CVE-2010-3578 (Unspecified vulnerability in Oracle OpenSolaris allows remote attacker ...)
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-3577
+CVE-2010-3577 (Unspecified vulnerability in Oracle OpenSolaris allows remote attacker ...)
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-3576
+CVE-2010-3576 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSola ...)
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-3575
+CVE-2010-3575 (Unspecified vulnerability in the Oracle Communications Messaging Serve ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2010-3574
+CVE-2010-3574 (Unspecified vulnerability in the Networking component in Oracle Java S ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3573
+CVE-2010-3573 (Unspecified vulnerability in the Networking component in Oracle Java S ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3572
+CVE-2010-3572 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...)
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3571
+CVE-2010-3571 (Unspecified vulnerability in the 2D component in Oracle Java SE and Ja ...)
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3570
+CVE-2010-3570 (Unspecified vulnerability in the Deployment Toolkit component in Oracl ...)
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3569
+CVE-2010-3569 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3568
+CVE-2010-3568 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3567
+CVE-2010-3567 (Unspecified vulnerability in the 2D component in Oracle Java SE and Ja ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3566
+CVE-2010-3566 (Unspecified vulnerability in the 2D component in Oracle Java SE and Ja ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3565
+CVE-2010-3565 (Unspecified vulnerability in the 2D component in Oracle Java SE and Ja ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3564
+CVE-2010-3564 (Unspecified vulnerability in the Oracle Communications Messaging Serve ...)
 	- openjdk-6 6b18-1.8.2-1
-CVE-2010-3563
+CVE-2010-3563 (Unspecified vulnerability in the Deployment component in Oracle Java S ...)
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3562
+CVE-2010-3562 (Unspecified vulnerability in the 2D component in Oracle Java SE and Ja ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3561
+CVE-2010-3561 (Unspecified vulnerability in the CORBA component in Oracle Java SE and ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3560
+CVE-2010-3560 (Unspecified vulnerability in the Networking component in Oracle Java S ...)
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3559
+CVE-2010-3559 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...)
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3558
+CVE-2010-3558 (Unspecified vulnerability in the Java Web Start component in Oracle Ja ...)
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3557
+CVE-2010-3557 (Unspecified vulnerability in the Swing component in Oracle Java SE and ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3556
+CVE-2010-3556 (Unspecified vulnerability in the 2D component in Oracle Java SE and Ja ...)
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3555
+CVE-2010-3555 (Unspecified vulnerability in the Deployment component in Oracle Java S ...)
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3554
+CVE-2010-3554 (Unspecified vulnerability in the CORBA component in Oracle Java SE and ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3553
+CVE-2010-3553 (Unspecified vulnerability in the Swing component in Oracle Java SE and ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3552
+CVE-2010-3552 (Unspecified vulnerability in the New Java Plug-in component in Oracle  ...)
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3551
+CVE-2010-3551 (Unspecified vulnerability in the Networking component in Oracle Java S ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3550
+CVE-2010-3550 (Unspecified vulnerability in the Java Web Start component in Oracle Ja ...)
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3549
+CVE-2010-3549 (Unspecified vulnerability in the Networking component in Oracle Java S ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3548
+CVE-2010-3548 (Unspecified vulnerability in the Java Naming and Directory Interface ( ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3547
+CVE-2010-3547 (Unspecified vulnerability in the PeopleSoft FMS ESA - EX component in  ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2010-3546
+CVE-2010-3546 (Unspecified vulnerability in the Sun Java System Identity Manager comp ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2010-3545
+CVE-2010-3545 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java S ...)
 	NOT-FOR-US: Oracle iPlanet Web Server
-CVE-2010-3544
+CVE-2010-3544 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java S ...)
 	NOT-FOR-US: Oracle iPlanet Web Server
 CVE-2010-3543
 	REJECTED
-CVE-2010-3542
+CVE-2010-3542 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSola ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2010-3541
+CVE-2010-3541 (Unspecified vulnerability in the Networking component in Oracle Java S ...)
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-3540
+CVE-2010-3540 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows  ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2010-3539
+CVE-2010-3539 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - GL compon ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3538
+CVE-2010-3538 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - GL compon ...)
 	NOT-FOR-US: PeopleSoft Enterprise FMS
-CVE-2010-3537
+CVE-2010-3537 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - AM compon ...)
 	NOT-FOR-US: PeopleSoft Enterprise FMS
-CVE-2010-3536
+CVE-2010-3536 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component i ...)
 	NOT-FOR-US: PeopleSoft Enterprise SCM
-CVE-2010-3535
+CVE-2010-3535 (Unspecified vulnerability in the Directory Server Enterprise Edition c ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2010-3534
+CVE-2010-3534 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle Primavera Products Suite
-CVE-2010-3533
+CVE-2010-3533 (Unspecified vulnerability in the PeopleSoft Enterprise SCM OM and CRM  ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3532
+CVE-2010-3532 (Unspecified vulnerability in the PeopleSoft Enterprise CRM - Order Cap ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3531
+CVE-2010-3531 (Unspecified vulnerability in the PeopleSoft Enterprise FMS ESA - RM co ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3530
+CVE-2010-3530 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - HR compon ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3529
+CVE-2010-3529 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - Cash Mana ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3528
+CVE-2010-3528 (Unspecified vulnerability in the PeopleSoft Enterprise CRM - Common Co ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3527
+CVE-2010-3527 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - AM compon ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3526
+CVE-2010-3526 (Unspecified vulnerability in the PeopleSoft Enterprise SCM - PO compon ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3525
+CVE-2010-3525 (Unspecified vulnerability in the (1) PeopleSoft Enterprise FMS, (2) SC ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3524
+CVE-2010-3524 (Unspecified vulnerability in the PeopleSoft Enterprise SCM - Strategic ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3523
+CVE-2010-3523 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3522
+CVE-2010-3522 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3521
+CVE-2010-3521 (Unspecified vulnerability in the PeopleSoft Enterprise HCM ePay compon ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3520
+CVE-2010-3520 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - GP France ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3519
+CVE-2010-3519 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3518
+CVE-2010-3518 (Unspecified vulnerability in the PeopleSoft Enterprise HCM GP - Japan  ...)
 	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
-CVE-2010-3517
+CVE-2010-3517 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows  ...)
 	NOT-FOR-US: Oracle Solaris 10 and OpenSolaris
-CVE-2010-3516
+CVE-2010-3516 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows  ...)
 	NOT-FOR-US: Oracle Solaris 10 and OpenSolaris
-CVE-2010-3515
+CVE-2010-3515 (Unspecified vulnerability in the Solaris component in Oracle Solaris 9 ...)
 	NOT-FOR-US: Oracle Solaris 10 and OpenSolaris
-CVE-2010-3514
+CVE-2010-3514 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java S ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2010-3513
+CVE-2010-3513 (Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, ...)
 	NOT-FOR-US: Oracle Solaris and OpenSolaris
-CVE-2010-3512
+CVE-2010-3512 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java S ...)
 	NOT-FOR-US: Oracle iPlanet Web Server
-CVE-2010-3511
+CVE-2010-3511 (Unspecified vulnerability in Oracle OpenSolaris allows local users to  ...)
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-3510
+CVE-2010-3510 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle WebLogic
-CVE-2010-3509
+CVE-2010-3509 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2010-3508
+CVE-2010-3508 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2010-3507
+CVE-2010-3507 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local  ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2010-3506
+CVE-2010-3506 (Unspecified vulnerability in the Oracle Explorer (Sun Explorer) compon ...)
 	NOT-FOR-US: Oracle Explorer
-CVE-2010-3505
+CVE-2010-3505 (Unspecified vulnerability in the Agile Core component in Oracle Supply ...)
 	NOT-FOR-US: Oracle Supply Chain Products
-CVE-2010-3504
+CVE-2010-3504 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-3503
+CVE-2010-3503 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows  ...)
 	NOT-FOR-US: Oracle Solaris 10 and OpenSolaris
-CVE-2010-3502
+CVE-2010-3502 (Unspecified vulnerability in the Siebel Core component in Oracle Siebe ...)
 	NOT-FOR-US: Oracle Siebel Suite
-CVE-2010-3501
+CVE-2010-3501 (Unspecified vulnerability in the OID component in Oracle Fusion Middle ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2010-3500
+CVE-2010-3500 (Unspecified vulnerability in the Siebel Core - Highly Interactive Clie ...)
 	NOT-FOR-US: Oracle Siebel Suite
-CVE-2010-3476
+CVE-2010-3476 (Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before  ...)
 	- otrs2 2.4.8+dfsg1-1
 	[lenny] - otrs2 <not-affected> (Only affects OTRS 2.3 and 2.4)
-CVE-2010-3475
+CVE-2010-3475 (IBM DB2 9.7 before FP3 does not properly enforce privilege requirement ...)
 	NOT-FOR-US: IBM DB2
-CVE-2010-3474
+CVE-2010-3474 (IBM DB2 9.7 before FP3 does not perform the expected drops or invalida ...)
 	NOT-FOR-US: IBM DB2
-CVE-2010-3473
+CVE-2010-3473 (Open redirect vulnerability in the Workplace (aka WP) component in IBM ...)
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2010-3472
+CVE-2010-3472 (Multiple cross-site scripting (XSS) vulnerabilities in the Workplace ( ...)
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2010-3471
+CVE-2010-3471 (Session fixation vulnerability in the Workplace (aka WP) component in  ...)
 	NOT-FOR-US: IBM FileNet P8 Application Engine
-CVE-2010-3470
+CVE-2010-3470 (Multiple cross-site scripting (XSS) vulnerabilities in the Workplace ( ...)
 	NOT-FOR-US: IBM FileNet P8 Application Engine
 CVE-2010-3469
 	RESERVED
-CVE-2010-3468
+CVE-2010-3468 (Directory traversal vulnerability in fileManager.cfc in Mura CMS 5.1 b ...)
 	NOT-FOR-US: Mura CMS
-CVE-2010-3467
+CVE-2010-3467 (SQL injection vulnerability in modules/sections/index.php in E-Xooppor ...)
 	NOT-FOR-US: E-Xoopport Samsara
-CVE-2010-3466
+CVE-2010-3466 (Cross-site scripting (XSS) vulnerability in index.php in the hosted_si ...)
 	NOT-FOR-US: NetArt Media iBoutique.MALL
-CVE-2010-3465
+CVE-2010-3465 (Multiple cross-site scripting (XSS) vulnerabilities in XSE Shopping Ca ...)
 	NOT-FOR-US: XSE Shopping Cart
-CVE-2010-3464
+CVE-2010-3464 (Cross-site request forgery (CSRF) vulnerability in admin/manager_users ...)
 	NOT-FOR-US: SantaFox
-CVE-2010-3463
+CVE-2010-3463 (Cross-site scripting (XSS) vulnerability in modules/search/search.clas ...)
 	NOT-FOR-US: SantaFox
-CVE-2010-3462
+CVE-2010-3462 (Cross-site scripting (XSS) vulnerability in backend/plugin/Registratio ...)
 	NOT-FOR-US: Mollify
-CVE-2010-3461
+CVE-2010-3461 (SQL injection vulnerability in the Publisher module in eNdonesia 8.4 a ...)
 	NOT-FOR-US: eNdonesia
-CVE-2010-3460
+CVE-2010-3460 (Directory traversal vulnerability in the HTTP interface in AXIGEN Mail ...)
 	NOT-FOR-US: AXIGEN Mail Server
-CVE-2010-3459
+CVE-2010-3459 (Cross-site scripting (XSS) vulnerability in the Ajax WebMail interface ...)
 	NOT-FOR-US: AXIGEN Mail Server
-CVE-2010-3458
+CVE-2010-3458 (SQL injection vulnerability in lib/toolkit/events/event.section.php in ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2010-3457
+CVE-2010-3457 (Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2. ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2010-3456
+CVE-2010-3456 (Directory traversal vulnerability in download.php in EnergyScripts (ES ...)
 	NOT-FOR-US: EnergyScripts Simple Download
-CVE-2010-3455
+CVE-2010-3455 (Cross-site scripting (XSS) vulnerability in index.php in AChecker 1.0  ...)
 	NOT-FOR-US: AChecker
-CVE-2010-3454
+CVE-2010-3454 (Multiple off-by-one errors in the WW8DopTypography::ReadFromMem functi ...)
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-3453
+CVE-2010-3453 (The WW8ListManager::WW8ListManager function in oowriter in OpenOffice. ...)
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-3452
+CVE-2010-3452 (Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x a ...)
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-3451
+CVE-2010-3451 (Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x a ...)
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-3450
+CVE-2010-3450 (Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2 ...)
 	{DSA-2151-1}
 	- openoffice.org 1:3.2.1-11+squeeze2
-CVE-2010-3449
+CVE-2010-3449 (Cross-site request forgery (CSRF) vulnerability in Redback before 1.2. ...)
 	NOT-FOR-US: Redback
-CVE-2010-3448
+CVE-2010-3448 (drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-12 (bug #565790; unimportant)
 	NOTE: this is more of a hardware bug rather than a security issue
-CVE-2010-3447
+CVE-2010-3447 (Cross-site scripting (XSS) vulnerability in view.php in the file viewe ...)
 	- gollem 1.1.1+debian0-1.1 (bug #598585)
 	[lenny] - gollem <not-affected> ($filename not printed directly and passed through htmlspecialchars())
 	NOTE: http://bugs.horde.org/ticket/9191
 CVE-2010-3446
 	RESERVED
-CVE-2010-3445
+CVE-2010-3445 (Stack consumption vulnerability in the dissect_ber_unknown function in ...)
 	{DSA-2127-1}
 	- wireshark 1.2.11-3 (low)
 	NOTE: http://archives.neohapsis.com/archives/bugtraq/2010-09/0088.html
-CVE-2010-3444
+CVE-2010-3444 (Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU Fri ...)
 	- pyfribidi 0.10.0-2 (bug #570068)
 	[lenny] - pyfribidi <not-affected> (fribidi 0.19.1 or higher needs to be installed to trigger this)
-CVE-2010-3443
+CVE-2010-3443 (ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows  ...)
 	- quassel 0.7.1-1 (bug #597853)
 	[squeeze] - quassel 0.6.3-1
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/quassel/+bug/629774
-CVE-2010-3442
+CVE-2010-3442 (Multiple integer overflows in the snd_ctl_new function in sound/core/c ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-25
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=5591bf07225523600450edd9e6ad258bb877b779
-CVE-2010-3441
+CVE-2010-3441 (Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote  ...)
 	- abcm2ps 5.9.13-0.1 (low; bug #577014)
 	[lenny] - abcm2ps <no-dsa> (Minor issue)
 CVE-2010-3440 [babiloo insecure downloading and unpacking of dictionary files]
@@ -4755,40 +4755,40 @@ CVE-2010-3438 [Insufficient stripping of CR/LF allows arbitrary IRC command exec
 	RESERVED
 	- libpoe-component-irc-perl 6.32+dfsg-1
 	[lenny] - libpoe-component-irc-perl 5.84+dfsg-1+lenny1 (bug #581194)
-CVE-2010-3437
+CVE-2010-3437 (Integer signedness error in the pkt_find_dev_from_minor function in dr ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-25
-CVE-2010-3436
+CVE-2010-3436 (fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attacke ...)
 	- php5 5.3.3-4 (unimportant)
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=303824
-CVE-2010-3435
+CVE-2010-3435 (The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before ...)
 	- pam 1.1.3-1 (low; bug #599832)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	[lenny] - pam <no-dsa> (Minor issue)
 	NOTE: Fix from 1.1.2 is not fully complete
-CVE-2010-3434
+CVE-2010-3434 (Buffer overflow in the find_stream_bounds function in pdf.c in libclam ...)
 	- clamav 0.96.3+dfsg-1
 	[lenny] - clamav <end-of-life>
 	NOTE: libclamav/pdf.c: Add missing boundscheck to pdf code (bb #2226)
-CVE-2010-3433
+CVE-2010-3433 (The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30 ...)
 	{DSA-2120-1}
 	- postgresql-9.0 9.0.1-1
 	- postgresql-8.4 8.4.5-1
 	[squeeze] - postgresql-8.4 8.4.5-0squeeze1
 	- postgresql-8.3 <removed>
-CVE-2010-3432
+CVE-2010-3432 (The sctp_packet_config function in net/sctp/output.c in the Linux kern ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24
-CVE-2010-3431
+CVE-2010-3431 (The privilege-dropping implementation in the (1) pam_env and (2) pam_m ...)
 	- pam 1.1.3-1 (low; bug #599832)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	NOTE: 20100924164823.GA21584@openwall.com
-CVE-2010-3430
+CVE-2010-3430 (The privilege-dropping implementation in the (1) pam_env and (2) pam_m ...)
 	- pam 1.1.3-1 (bug #599832)
 	[squeeze] - pam <not-affected> (Affected functionality introduced in 1.1.2, see #599832)
 	[lenny] - pam <not-affected> (Affected functionality introduced in 1.1.2, see #599832)
 	NOTE: 20100924164823.GA21584@openwall.com
-CVE-2010-3429
+CVE-2010-3429 (flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlaye ...)
 	{DSA-2165-1}
 	- ffmpeg 4:0.5.2-6 (bug #598590)
 	- ffmpeg-debian <removed>
@@ -4809,52 +4809,52 @@ CVE-2010-XXXX [mediatomb directory traversal]
 	[wheezy] - mediatomb 0.12.1-4+deb7u1
 	[squeeze] - mediatomb 0.12.0~svn2018-6.1
 	NOTE: was previously fixed in 580120 but patch was not applied to later maintainer uploads
-CVE-2010-3428
+CVE-2010-3428 (SQL injection vulnerability in modules/notes/json.php in Intermesh Gro ...)
 	NOT-FOR-US: Intermesh Group-Office
-CVE-2010-3427
+CVE-2010-3427 (Multiple cross-site scripting (XSS) vulnerabilities in Open Classified ...)
 	NOT-FOR-US: Open Classifieds
-CVE-2010-3426
+CVE-2010-3426 (Directory traversal vulnerability in jphone.php in the JPhone (com_jph ...)
 	NOT-FOR-US: JPhone for Joomla
-CVE-2010-3425
+CVE-2010-3425 (Cross-site scripting (XSS) vulnerability in UserControls/Popups/frmHel ...)
 	NOT-FOR-US: SmarterStats
-CVE-2010-3424
+CVE-2010-3424 (Cross-site scripting (XSS) vulnerability in admin/sources/classes/bbco ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2010-3423
+CVE-2010-3423 (SQL injection vulnerability in the Yr Weatherdata module for Drupal 6. ...)
 	NOT-FOR-US: Yr Weatherdata module for Drupal
-CVE-2010-3422
+CVE-2010-3422 (SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 fo ...)
 	NOT-FOR-US: JGen for Joomla
-CVE-2010-3421
+CVE-2010-3421 (Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in Prod ...)
 	NOT-FOR-US: ProductCart
-CVE-2010-3420
+CVE-2010-3420 (Cross-site scripting (XSS) vulnerability in Products_Results.php in Po ...)
 	NOT-FOR-US: PowerStore
-CVE-2010-3419
+CVE-2010-3419 (Multiple PHP remote file inclusion vulnerabilities in Haudenschilt Fam ...)
 	NOT-FOR-US: Haudenschilt Family Connections CMS
-CVE-2010-3418
+CVE-2010-3418 (Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Ca ...)
 	NOT-FOR-US: NetArt Media Car Portal
-CVE-2010-3417
+CVE-2010-3417 (Google Chrome before 6.0.472.59 does not prompt the user before granti ...)
 	- webkit <not-affected> (chromium specific)
 	- chromium-browser 6.0.472.59~r59126-1
-CVE-2010-3416
+CVE-2010-3416 (Google Chrome before 6.0.472.59 on Linux does not properly implement t ...)
 	- webkit <not-affected> (issue in chromium-specific code)
 	- chromium-browser 6.0.472.59~r59126-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=44960
 	NOTE: http://trac.webkit.org/changeset/66689
-CVE-2010-3415
+CVE-2010-3415 (Google Chrome before 6.0.472.59 does not properly implement Geolocatio ...)
 	- webkit <not-affected> (issue in chromium-specific code)
 	- chromium-browser 6.0.472.59~r59126-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=45112
 	NOTE: http://trac.webkit.org/changeset/66837
 	NOTE: depends on http://trac.webkit.org/changeset/66837
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=45257
-CVE-2010-3414
+CVE-2010-3414 (Google Chrome before 6.0.472.59 on Mac OS X does not properly implemen ...)
 	- webkit <not-affected> (Does not affect linux)
 	- chromium-browser <not-affected> (Does not affect linux)
-CVE-2010-3413
+CVE-2010-3413 (Unspecified vulnerability in the pop-up blocking functionality in Goog ...)
 	- webkit <not-affected> (chromium specific)
 	- chromium-browser 6.0.472.59~r59126-1
-CVE-2010-3412
+CVE-2010-3412 (Race condition in the console implementation in Google Chrome before 6 ...)
 	- libv8 2.2.24-6 (bug #597856)
-CVE-2010-3411
+CVE-2010-3411 (Google Chrome before 6.0.472.59 on Linux does not properly handle curs ...)
 	- webkit <not-affected> (chromium specific)
 	- chromium-browser 6.0.472.59~r59126-1
 CVE-2010-3410
@@ -4863,37 +4863,37 @@ CVE-2010-3409
 	REJECTED
 CVE-2010-3408
 	REJECTED
-CVE-2010-3407
+CVE-2010-3407 (Stack-based buffer overflow in the MailCheck821Address function in nno ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2010-3406
+CVE-2010-3406 (Unspecified vulnerability in sa_snap in the bos.esagent fileset in IBM ...)
 	NOT-FOR-US: AIX 5.3
-CVE-2010-3405
+CVE-2010-3405 (Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1,  ...)
 	NOT-FOR-US: AIX 6.1, VIOS
-CVE-2010-3404
+CVE-2010-3404 (Multiple SQL injection vulnerabilities in eshtery CMS (aka eshtery.com ...)
 	NOT-FOR-US: eshtery CMS
-CVE-2010-3403
+CVE-2010-3403 (Untrusted search path vulnerability in Qualcomm eXtensible Diagnostic  ...)
 	NOT-FOR-US: Qualcomm eXtensible Diagnostic Monitor
-CVE-2010-3402
+CVE-2010-3402 (Untrusted search path vulnerability in IDM Computer Solutions UltraEdi ...)
 	NOT-FOR-US: UltraEdit
 CVE-2010-3401
 	RESERVED
-CVE-2010-3400
+CVE-2010-3400 (The js_InitRandom function in the JavaScript implementation in Mozilla ...)
 	NOTE: These will likely be rejected, Mozilla people will clarify with MITRE
-CVE-2010-3399
+CVE-2010-3399 (The js_InitRandom function in the JavaScript implementation in Mozilla ...)
 	NOTE: These will likely be rejected, Mozilla people will clarify with MITRE
-CVE-2010-3398
+CVE-2010-3398 (Unspecified vulnerability in the webcontainer implementation in IBM Lo ...)
 	NOT-FOR-US: IBM Lotus Sametime Connect
-CVE-2010-3397
+CVE-2010-3397 (Untrusted search path vulnerability in PGP Desktop 9.9.0 Build 397, 9. ...)
 	NOT-FOR-US: PGP Desktop
-CVE-2010-3396
+CVE-2010-3396 (Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and  ...)
 	NOT-FOR-US: Kingsoft Antivirus
 CVE-2010-3395
 	RESERVED
-CVE-2010-3394
+CVE-2010-3394 (The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place ...)
 	- texmacs 1:1.0.7.7-1.1 (bug #598424)
 	[squeeze] - texmacs 1:1.0.7.4-3.1
 	[lenny] - texmacs <no-dsa> (minor issue)
-CVE-2010-3393
+CVE-2010-3393 (magics-config in Magics++ 2.10.0 places a zero-length directory name i ...)
 	- magics++ 2.10.0.dfsg-5.1 (bug #598418)
 CVE-2010-3392
 	RESERVED
@@ -4901,34 +4901,34 @@ CVE-2010-3391
 	RESERVED
 CVE-2010-3390
 	RESERVED
-CVE-2010-3389
+CVE-2010-3389 (The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents ...)
 	- cluster-agents 1:1.0.3-3.1 (bug #598549)
 CVE-2010-3388
 	RESERVED
 CVE-2010-3387
 	- vdr 1.6.0-19.1 (unimportant; bug #598308)
 	NOTE: Only affects a debugging tool, see bug #598308
-CVE-2010-3386
+CVE-2010-3386 (usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length  ...)
 	- ust 0.7-2.1 (bug #598309)
 	[squeeze] - ust 0.5-1+squeeze1
 	[wheezy] - ust 0.5-1+squeeze1
-CVE-2010-3385
+CVE-2010-3385 (TuxGuitar 1.2 places a zero-length directory name in the LD_LIBRARY_PA ...)
 	- tuxguitar 1.2-7 (bug #598307)
 	[lenny] - tuxguitar <no-dsa> (Minor issue)
-CVE-2010-3384
+CVE-2010-3384 (The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and ...)
 	- torcs 1.3.1-5 (bug #598306)
 	[lenny] - torcs <no-dsa> (Minor issue)
-CVE-2010-3383
+CVE-2010-3383 (The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 ...)
 	- teamspeak-client 2.0.32-3.1 (low; bug #598304)
 	[lenny] - teamspeak-client <no-dsa> (Non-free not supported)
 	- teamspeak-server 2.0.24.1+debian-1.1 (low; bug #598305)
 	[lenny] - teamspeak-server <no-dsa> (Non-free not supported)
-CVE-2010-3382
+CVE-2010-3382 (tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a zero-leng ...)
 	- tau 2.16.4-1.4 (bug #598303)
-CVE-2010-3381
+CVE-2010-3381 (The (1) tangerine and (2) tangerine-properties scripts in Tangerine 0. ...)
 	- tangerine 0.3.2.2-6 (bug #598302)
 	[lenny] - tangerine <no-dsa> (minor issue)
-CVE-2010-3380
+CVE-2010-3380 (The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2 ...)
 	- slurm-llnl 2.1.15-2 (bug #602340)
 	[wheezy] - slurm-llnl 2.1.11-1squeeze1 (bug #602340)
 	[squeeze] - slurm-llnl 2.1.11-1squeeze1 (bug #602340)
@@ -4936,191 +4936,191 @@ CVE-2010-3380
 	NOTE: Debian package ships its own, also vulnerable, init script. NOT fixed in 2.1.14-1
 CVE-2010-3379
 	RESERVED
-CVE-2010-3378
+CVE-2010-3378 (The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in Scil ...)
 	- scilab 5.2.2-8 (bug #598423; bug #598422)
 	[lenny] - scilab <no-dsa> (Non-free not supported)
-CVE-2010-3377
+CVE-2010-3377 (The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) hx ...)
 	- salome 5.1.3-11 (bug #598421)
-CVE-2010-3376
+CVE-2010-3376 (The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in  ...)
 	- root-system 5.34.00-1 (bug #598420; bug #598419)
 	[lenny] - root-system <no-dsa> (minor issue)
 CVE-2010-3375
 	RESERVED
 	- qtparted 0.4.5-8 (low; bug #598301)
 	[lenny] - qtparted <no-dsa> (Minor issue)
-CVE-2010-3374
+CVE-2010-3374 (Qt Creator before 2.0.1 places a zero-length directory name in the LD_ ...)
 	- qtcreator 1.3.1-3 (bug #598300)
 CVE-2010-3373
 	RESERVED
 	- paxtest 1:0.9.9-1 (unimportant; bug #598413)
-CVE-2010-3372
+CVE-2010-3372 (Untrusted search path vulnerability in NorduGrid Advanced Resource Con ...)
 	- nordugrid-arc-nox 1.1.0~rc6-2.1 (bug #606151)
 CVE-2010-3371
 	RESERVED
 CVE-2010-3370
 	RESERVED
-CVE-2010-3369
+CVE-2010-3369 (The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, a ...)
 	- mono-debugger 2.6.3-2.1 (low; bug #598299)
 	[lenny] - mono-debugger <no-dsa> (Minor issue)
 CVE-2010-3368
 	RESERVED
 CVE-2010-3367
 	RESERVED
-CVE-2010-3366
+CVE-2010-3366 (Mn_Fit 5.13 places a zero-length directory name in the LD_LIBRARY_PATH ...)
 	- mn-fit <removed> (bug #598298)
 	[lenny] - mn-fit <no-dsa> (Minor issue)
-CVE-2010-3365
+CVE-2010-3365 (Mistelix 0.31 places a zero-length directory name in the LD_LIBRARY_PA ...)
 	- mistelix 0.31-2 (low; bug #598297)
-CVE-2010-3364
+CVE-2010-3364 (The vips-7.22 script in VIPS 7.22.2 places a zero-length directory nam ...)
 	- vips 7.14.5-2 (unimportant; bug #598296)
 	NOTE: Scripts are not used for any real world scenarios
-CVE-2010-3363
+CVE-2010-3363 (roarify in roaraudio 0.3 places a zero-length directory name in the LD ...)
 	- roaraudio 0.3-2 (low; bug #598295)
 	[lenny] - roaraudio <no-dsa> (Minor issue)
-CVE-2010-3362
+CVE-2010-3362 (lastfm 1.5.4 places a zero-length directory name in the LD_LIBRARY_PAT ...)
 	- lastfm 1:1.5.4.26862+dfsg-5 (low; bug #598294)
 	[lenny] - lastfm 1:1.5.1.31879.dfsg-1+lenny1
-CVE-2010-3361
+CVE-2010-3361 (The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 p ...)
 	- ike 2.1.5+dfsg-2 (low; bug #598292)
 	[lenny] - ike <no-dsa> (Minor issue)
-CVE-2010-3360
+CVE-2010-3360 (Hipo 0.6.1 places a zero-length directory name in the LD_LIBRARY_PATH, ...)
 	- hipo <removed> (bug #598291)
 	[lenny] - hipo <no-dsa> (Minor issue)
 CVE-2010-3359 [gargoyle: insecure library loading]
 	RESERVED
 	- gargoyle-free 2009-08-25-2
 	NOTE: http://groups.google.com/group/garglk-dev/browse_thread/thread/1c92ab6f24d5ebe6
-CVE-2010-3358
+CVE-2010-3358 (HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name in th ...)
 	- henplus <removed> (bug #598290)
-CVE-2010-3357
+CVE-2010-3357 (gnome-subtitles 1.0 places a zero-length directory name in the LD_LIBR ...)
 	- gnome-subtitles 1.0-2 (low; bug #598289)
 	[lenny] - gnome-subtitles <no-dsa> (Minor issue)
 CVE-2010-3356
 	RESERVED
-CVE-2010-3355
+CVE-2010-3355 (Ember 0.5.7 places a zero-length directory name in the LD_LIBRARY_PATH ...)
 	- ember 0.5.7-1.1 (low; bug #598288)
-CVE-2010-3354
+CVE-2010-3354 (dropboxd in Dropbox 0.7.110 places a zero-length directory name in the ...)
 	- dropbox 0.8.107-1 (low; bug #598287)
 	[lenny] - dropbox <no-dsa> (Non-free not supported)
-CVE-2010-3353
+CVE-2010-3353 (Cowbell 0.2.7.1 places a zero-length directory name in the LD_LIBRARY_ ...)
 	- cowbell <not-affected> (See bug #598286)
 CVE-2010-3352
 	RESERVED
-CVE-2010-3351
+CVE-2010-3351 (startBristol in Bristol 0.60.5 places a zero-length directory name in  ...)
 	- bristol 0.60.5-2 (bug #598285)
-CVE-2010-3350
+CVE-2010-3350 (bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PA ...)
 	- bareftp 0.3.4-1.1 (bug #598284)
-CVE-2010-3349
+CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the LD_LIBRARY_PA ...)
 	- ardour 1:2.8.11-2 (low; bug #598282)
-CVE-2010-3348
+CVE-2010-3348 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-3347
 	REJECTED
-CVE-2010-3346
+CVE-2010-3346 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3345
+CVE-2010-3345 (Microsoft Internet Explorer 8 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-3344
 	REJECTED
-CVE-2010-3343
+CVE-2010-3343 (Microsoft Internet Explorer 6 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3342
+CVE-2010-3342 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-3341
 	REJECTED
-CVE-2010-3340
+CVE-2010-3340 (Microsoft Internet Explorer 6 and 7 does not properly handle objects i ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-3339
 	REJECTED
-CVE-2010-3338
+CVE-2010-3338 (The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Win ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3337
+CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007 SP2 and 2 ...)
 	NOT-FOR-US: Microsoft Office 2007 SP2
-CVE-2010-3336
+CVE-2010-3336 (Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac  ...)
 	NOT-FOR-US: Microsoft Office XP SP3
-CVE-2010-3335
+CVE-2010-3335 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010 ...)
 	NOT-FOR-US: Microsoft Office XP SP3
-CVE-2010-3334
+CVE-2010-3334 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010 ...)
 	NOT-FOR-US: Microsoft Office XP SP3
-CVE-2010-3333
+CVE-2010-3333 (Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-3332
+CVE-2010-3332 (Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1 ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2010-3331
+CVE-2010-3331 (Microsoft Internet Explorer 6 through 8 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3330
+CVE-2010-3330 (Microsoft Internet Explorer 6 through 8 does not properly restrict scr ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3329
+CVE-2010-3329 (mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote atta ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3328
+CVE-2010-3328 (Use-after-free vulnerability in the CAttrArray::PrivateFind function i ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3327
+CVE-2010-3327 (The implementation of HTML content creation in Microsoft Internet Expl ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3326
+CVE-2010-3326 (Microsoft Internet Explorer 6 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3325
+CVE-2010-3325 (Microsoft Internet Explorer 6 through 8 does not properly handle unspe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3324
+CVE-2010-3324 (The toStaticHTML function in Microsoft Internet Explorer 8, and the Sa ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3323
+CVE-2010-3323 (Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session  ...)
 	NOT-FOR-US: Splunk
-CVE-2010-3322
+CVE-2010-3322 (The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticat ...)
 	NOT-FOR-US: Splunk
-CVE-2010-3321
+CVE-2010-3321 (RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not  ...)
 	NOT-FOR-US: RSA Authentication Client
-CVE-2010-3320
+CVE-2010-3320 (Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4 ...)
 	NOT-FOR-US: IBM Records Manager
-CVE-2010-3319
+CVE-2010-3319 (IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a sessi ...)
 	NOT-FOR-US: IBM Records Manager
-CVE-2010-3318
+CVE-2010-3318 (IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits pass ...)
 	NOT-FOR-US: IBM Records Manager
-CVE-2010-3317
+CVE-2010-3317 (Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) 4 ...)
 	NOT-FOR-US: IBM Records Manager
-CVE-2010-3316
+CVE-2010-3316 (The run_coprocess function in pam_xauth.c in the pam_xauth module in L ...)
 	- pam 1.1.2-1 (unimportant; bug #599832)
 	NOTE: partial fix http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commitdiff;h=06f882f30092a39a1db867c9744b2ca8d60e4ad6
 	NOTE: Not exploitable with current kernels
-CVE-2010-3315
+CVE-2010-3315 (authz.c in the mod_dav_svn module for the Apache HTTP Server, as distr ...)
 	{DSA-2118-1}
 	- subversion 1.6.12dfsg-2 (low)
-CVE-2010-3314
+CVE-2010-3314 (Cross-site scripting (XSS) vulnerability in login.php in EGroupware 1. ...)
 	{DSA-2013-1}
 	- egroupware <removed> (high; bug #573279)
 	[lenny] - egroupware 1.4.004-2.dfsg-4.2
-CVE-2010-3313
+CVE-2010-3313 (phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serv ...)
 	{DSA-2013-1}
 	- egroupware <removed> (high; bug #573279)
 	[lenny] - egroupware 1.4.004-2.dfsg-4.2
-CVE-2010-3312
+CVE-2010-3312 (Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditiona ...)
 	- epiphany-browser 2.29.91-1 (bug #564690)
 	[lenny] - epiphany-browser <not-affected> (Introduced with the switch to webkit after Lenny release)
-CVE-2010-3311
+CVE-2010-3311 (Integer overflow in base/ftstream.c in libXft (aka the X FreeType libr ...)
 	{DSA-2116-1}
 	- freetype 2.4.0-1
 	NOTE: Only the 2.3.x series is affected
-CVE-2010-3310
+CVE-2010-3310 (Multiple integer signedness errors in net/rose/af_rose.c in the Linux  ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-25
 CVE-2010-3309
 	REJECTED
-CVE-2010-3308
+CVE-2010-3308 (Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2. ...)
 	- openswan 1:2.6.28+dfsg-2
 	[lenny] - openswan <not-affected> (Introduced in version 2.6.25)
-CVE-2010-3307
+CVE-2010-3307 (Multiple PHP remote file inclusion vulnerabilities in themes/default/i ...)
 	NOT-FOR-US: Free Simple CMS 1.0
 CVE-2010-3305 [pixel CSRF]
 	RESERVED
 	- pixelpost <removed> (bug #597224)
-CVE-2010-3304
+CVE-2010-3304 (The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to ...)
 	- dovecot 1.2.13-1
 	[lenny] - dovecot <not-affected> (only affects 1.2.x)
-CVE-2010-3303
+CVE-2010-3303 (Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before ...)
 	- mantis 1.1.8+dfsg-8 (bug #599710)
 	[lenny] - mantis 1.1.6+dfsg-2lenny3
-CVE-2010-3302
+CVE-2010-3302 (Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2. ...)
 	- openswan 1:2.6.28+dfsg-2
 	[lenny] - openswan <not-affected> (Introduced in version 2.6.25)
-CVE-2010-3301
+CVE-2010-3301 (The IA32 system call emulation functionality in arch/x86/ia32/ia32entr ...)
 	- linux-2.6 2.6.32-23
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.27)
 CVE-2010-3300
@@ -5131,47 +5131,47 @@ CVE-2010-3299 [ruby on rails: padding oracle attack]
 	NOTE: http://seclists.org/oss-sec/2010/q3/415
 	NOTE: http://seclists.org/oss-sec/2010/q3/413
 	NOTE: http://usenix.org/events/woot10/tech/full_papers/Rizzo.pdf
-CVE-2010-3298
+CVE-2010-3298 (The hso_get_count function in drivers/net/usb/hso.c in the Linux kerne ...)
 	- linux-2.6 2.6.32-24
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.27)
-CVE-2010-3297
+CVE-2010-3297 (The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24
-CVE-2010-3296
+CVE-2010-3296 (The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24
 CVE-2010-3295 [drivers/net/tulip/de4x5.c: reading uninitialized stack memory]
 	RESERVED
 	NOTE: assigned to linux-2.6, but claimed not a problem: http://www.openwall.com/lists/oss-security/2010/09/15/2
 	NOTE: will probably get rejected
-CVE-2010-3291
+CVE-2010-3291 (Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x throug ...)
 	NOT-FOR-US: HP AssetCenter
-CVE-2010-3290
+CVE-2010-3290 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before 6 ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2010-3289
+CVE-2010-3289 (Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2010-3288
+CVE-2010-3288 (Cross-site request forgery (CSRF) vulnerability in HP Systems Insight  ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2010-3287
+CVE-2010-3287 (Unspecified vulnerability on HP ProCurve Access Points, Access Control ...)
 	NOT-FOR-US: HP ProCurve
-CVE-2010-3286
+CVE-2010-3286 (Unspecified vulnerability in HP Systems Insight Manager (SIM) 6.0 and  ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2010-3285
+CVE-2010-3285 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-3284
+CVE-2010-3284 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2010-3283
+CVE-2010-3283 (Open redirect vulnerability in HP System Management Homepage (SMH) bef ...)
 	NOT-FOR-US: HP System Management Homepage
 CVE-2010-3282
 	RESERVED
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2010-3281
+CVE-2010-3281 (Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucen ...)
 	NOT-FOR-US: Alcatel-Lucent OmniVista
-CVE-2010-3280
+CVE-2010-3280 (The CCAgent option 9.0.8.4 and earlier in the management server (aka T ...)
 	NOT-FOR-US: Alcatel-Lucent OmniTouch Contact Center
-CVE-2010-3279
+CVE-2010-3279 (The default configuration of the CCAgent option before 9.0.8.4 in the  ...)
 	NOT-FOR-US: Alcatel-Lucent OmniTouch Contact Center
-CVE-2010-3294
+CVE-2010-3294 (Cross-site scripting (XSS) vulnerability in apc.php in the Alternative ...)
 	- php-apc <unfixed> (unimportant)
 	NOTE: vulnerable script is, mainly, for debugging purposes
 	NOTE: and is distributed gzip-compressed
@@ -5185,244 +5185,244 @@ CVE-2010-3292 [mailscanner may use spoofed data]
 	[squeeze] - mailscanner <no-dsa> (Minor issue)
 CVE-2010-3278
 	REJECTED
-CVE-2010-3277
+CVE-2010-3277 (The installer in VMware Workstation 7.x before 7.1.2 build 301548 and  ...)
 	NOT-FOR-US: VMware Workstation
-CVE-2010-3276
+CVE-2010-3276 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...)
 	{DSA-2211-1}
 	- vlc 1.1.8-1
 	NOTE: fe44129dc6509b3347113ab0e1a0524af1e0dd11 in 1.1 branch
-CVE-2010-3275
+CVE-2010-3275 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...)
 	{DSA-2211-1}
 	- vlc 1.1.8-1
 	NOTE: fe44129dc6509b3347113ab0e1a0524af1e0dd11 in 1.1 branch
-CVE-2010-3274
+CVE-2010-3274 (Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch. ...)
 	NOT-FOR-US: ZOHO ManageEngine
-CVE-2010-3273
+CVE-2010-3273 (ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows remo ...)
 	NOT-FOR-US: ZOHO ManageEngine
-CVE-2010-3272
+CVE-2010-3272 (accounts/ValidateAnswers in the security-questions implementation in Z ...)
 	NOT-FOR-US: ZOHO ManageEngine
-CVE-2010-3271
+CVE-2010-3271 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Inte ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-3270
+CVE-2010-3270 (Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before ...)
 	NOT-FOR-US: Cisco WebEx Meeting Center
-CVE-2010-3269
+CVE-2010-3269 (Multiple stack-based buffer overflows in the Cisco WebEx Recording For ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2010-3268
+CVE-2010-3268 (The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in th ...)
 	NOT-FOR-US: Symantec Antivirus
-CVE-2010-3267
+CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5  ...)
 	NOT-FOR-US: BugTracker.NET
-CVE-2010-3266
+CVE-2010-3266 (Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET  ...)
 	NOT-FOR-US: BugTracker.NET
 CVE-2010-3265
 	RESERVED
-CVE-2010-3264
+CVE-2010-3264 (The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores ...)
 	NOT-FOR-US: Novell Identity Manager
-CVE-2010-3263
+CVE-2010-3263 (Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php ...)
 	- phpmyadmin 4:3.3.7-1 (low)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2010-3262
+CVE-2010-3262 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before 3 ...)
 	NOT-FOR-US: flock
-CVE-2010-3261
+CVE-2010-3261 (Directory traversal vulnerability in RSA Authentication Agent 7.0 befo ...)
 	NOT-FOR-US: RSA Authentication Agent 7.0 for Web
-CVE-2010-3260
+CVE-2010-3260 (oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server co ...)
 	NOT-FOR-US: Orbeon Forms
-CVE-2010-3259
+CVE-2010-3259 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, G ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=44399
 	NOTE: http://trac.webkit.org/changeset/65826
-CVE-2010-3258
+CVE-2010-3258 (The sandbox implementation in Google Chrome before 6.0.472.53 does not ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected>
 	NOTE: chromium specific
-CVE-2010-3257
+CVE-2010-3257 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/65748
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=44226
-CVE-2010-3256
+CVE-2010-3256 (Google Chrome before 6.0.472.53 does not properly limit the number of  ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected>
 	NOTE: chromium specific
-CVE-2010-3255
+CVE-2010-3255 (Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not prop ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=43812
 	NOTE: http://trac.webkit.org/changeset/66052
-CVE-2010-3254
+CVE-2010-3254 (The WebSockets implementation in Google Chrome before 6.0.472.53 does  ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/65135
-CVE-2010-3253
+CVE-2010-3253 (The implementation of notification permissions in Google Chrome before ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected> (notifications not yet used in webkit)
 	NOTE: http://trac.webkit.org/changeset/64647
 	NOTE: http://trac.webkit.org/changeset/64651
-CVE-2010-3252
+CVE-2010-3252 (Use-after-free vulnerability in the Notifications presenter in Google  ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected> (notifications not yet used in webkit)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=43645
 	NOTE: http://trac.webkit.org/changeset/65742
-CVE-2010-3251
+CVE-2010-3251 (The WebSockets implementation in Google Chrome before 6.0.472.53 allow ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected>
 	NOTE: chromium specific
-CVE-2010-3250
+CVE-2010-3250 (Unspecified vulnerability in Google Chrome before 6.0.472.53 allows re ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected>
 	NOTE: chromium specific
-CVE-2010-3249
+CVE-2010-3249 (Google Chrome before 6.0.472.53 does not properly implement SVG filter ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	NOTE: http://trac.webkit.org/changeset/60541
-CVE-2010-3248
+CVE-2010-3248 (Google Chrome before 6.0.472.53 does not properly restrict copying to  ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/58703
-CVE-2010-3247
+CVE-2010-3247 (Google Chrome before 6.0.472.53 does not properly restrict the charact ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected>
 	NOTE: chromium specific
-CVE-2010-3246
+CVE-2010-3246 (Google Chrome before 6.0.472.53 does not properly handle the _blank va ...)
 	- chromium-browser 6.0.472.53~r57914-1
 	- webkit <not-affected> (vulnerable code not present in 1.2.x series)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=34541
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=44969
 	NOTE: http://trac.webkit.org/changeset/66742
-CVE-2010-3245
+CVE-2010-3245 (The automated-backup functionality in Blackboard Transact Suite (forme ...)
 	NOT-FOR-US: Blackboard Transact Suite
-CVE-2010-3244
+CVE-2010-3244 (BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackbo ...)
 	NOT-FOR-US: Blackboard Transact Suite
-CVE-2010-3306
+CVE-2010-3306 (Directory traversal vulnerability in the modURL function in instance.c ...)
 	- weborf 0.12.3-1 (bug #596112)
-CVE-2010-3243
+CVE-2010-3243 (Cross-site scripting (XSS) vulnerability in the toStaticHTML function  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3242
+CVE-2010-3242 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML F ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3241
+CVE-2010-3241 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML F ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3240
+CVE-2010-3240 (Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Co ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3239
+CVE-2010-3239 (Microsoft Excel 2002 SP3 does not properly validate record information ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3238
+CVE-2010-3238 (Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does n ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3237
+CVE-2010-3237 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly valid ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3236
+CVE-2010-3236 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, a ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3235
+CVE-2010-3235 (Microsoft Excel 2002 SP3 does not properly validate formula informatio ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3234
+CVE-2010-3234 (Microsoft Excel 2002 SP3 does not properly validate formula informatio ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3233
+CVE-2010-3233 (Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate recor ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3232
+CVE-2010-3232 (Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; O ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3231
+CVE-2010-3231 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML F ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3230
+CVE-2010-3230 (Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers t ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2010-3229
+CVE-2010-3229 (The Secure Channel (aka SChannel) security package in Microsoft Window ...)
 	NOT-FOR-US: Microsoft OSes
-CVE-2010-3228
+CVE-2010-3228 (The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms d ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2010-3227
+CVE-2010-3227 (Stack-based buffer overflow in the UpdateFrameTitleForDocument method  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-3226
 	REJECTED
-CVE-2010-3225
+CVE-2010-3225 (Use-after-free vulnerability in the Media Player Network Sharing Servi ...)
 	NOT-FOR-US: Microsoft Windows Vista
 CVE-2010-3224
 	REJECTED
-CVE-2010-3223
+CVE-2010-3223 (The user interface in Microsoft Cluster Service (MSCS) in Microsoft Wi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3222
+CVE-2010-3222 (Stack-based buffer overflow in the Remote Procedure Call Subsystem (RP ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-3221
+CVE-2010-3221 (Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Vi ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3220
+CVE-2010-3220 (Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 f ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3219
+CVE-2010-3219 (Array index vulnerability in Microsoft Word 2002 SP3 allows remote att ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3218
+CVE-2010-3218 (Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote at ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3217
+CVE-2010-3217 (Double free vulnerability in Microsoft Word 2002 SP3 allows remote att ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3216
+CVE-2010-3216 (Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3215
+CVE-2010-3215 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3214
+CVE-2010-3214 (Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3213
+CVE-2010-3213 (Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook W ...)
 	NOT-FOR-US: Microsoft Outlook Web Access
-CVE-2010-3212
+CVE-2010-3212 (SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier  ...)
 	NOT-FOR-US: Seagull
-CVE-2010-3211
+CVE-2010-3211 (Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro ...)
 	NOT-FOR-US: Joomla addon
-CVE-2010-3210
+CVE-2010-3210 (Multiple PHP remote file inclusion vulnerabilities in Multi-lingual E- ...)
 	NOT-FOR-US: Multi-lingual E-Commerce System
-CVE-2010-3209
+CVE-2010-3209 (Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 al ...)
 	NOT-FOR-US: Seagull
-CVE-2010-3208
+CVE-2010-3208 (Cross-site scripting (XSS) vulnerability in ajax.php in Wiccle Web Bui ...)
 	NOT-FOR-US: Wiccle Web Builder
-CVE-2010-3207
+CVE-2010-3207 (SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when mag ...)
 	NOT-FOR-US: GaleriaSHQIP
-CVE-2010-3206
+CVE-2010-3206 (Multiple PHP remote file inclusion vulnerabilities in DiY-CMS 1.0 allo ...)
 	NOT-FOR-US: DiY-CMS
-CVE-2010-3205
+CVE-2010-3205 (PHP remote file inclusion vulnerability in index.php in Textpattern CM ...)
 	- textpattern <removed>
 	[squeeze] - textpattern <no-dsa> (Minor issue)
-CVE-2010-3204
+CVE-2010-3204 (Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5  ...)
 	NOT-FOR-US: Pecio CMS
-CVE-2010-3203
+CVE-2010-3203 (Directory traversal vulnerability in the PicSell (com_picsell) compone ...)
 	NOT-FOR-US: PicSell
-CVE-2010-3202
+CVE-2010-3202 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.0.0.3989 a ...)
 	NOT-FOR-US: flock
-CVE-2010-3201
+CVE-2010-3201 (Cross-site scripting (XSS) vulnerability in NetWin Surgemail before 4. ...)
 	NOT-FOR-US: NetWin Surgemail
-CVE-2010-3200
+CVE-2010-3200 (MSO.dll in Microsoft Word 2003 SP3 11.8326.11.8324 allows remote attac ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-3199
+CVE-2010-3199 (Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build 19898 ...)
 	NOT-FOR-US: TortoiseSVN
-CVE-2010-3198
+CVE-2010-3198 (ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows  ...)
 	- zope2.10 <removed>
 	- zope2.11 <removed>
-CVE-2010-3197
+CVE-2010-3197 (IBM DB2 9.7 before FP2 does not perform the expected access control on ...)
 	NOT-FOR-US: IBM DB2
-CVE-2010-3196
+CVE-2010-3196 (IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote au ...)
 	NOT-FOR-US: IBM DB2
-CVE-2010-3195
+CVE-2010-3195 (Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, a ...)
 	NOT-FOR-US: IBM DB2
-CVE-2010-3194
+CVE-2010-3194 (The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2010-3193
+CVE-2010-3193 (Unspecified vulnerability in the DB2STST program in IBM DB2 9.1 before ...)
 	NOT-FOR-US: IBM DB2
-CVE-2010-3192
+CVE-2010-3192 (Certain run-time memory protection mechanisms in the GNU C Library (ak ...)
 	- eglibc <unfixed> (unimportant)
 	NOTE: Minor information leak
-CVE-2010-3191
+CVE-2010-3191 (Untrusted search path vulnerability in Adobe Captivate 5.0.0.596, and  ...)
 	NOT-FOR-US: Adobe Captivate
-CVE-2010-3190
+CVE-2010-3190 (Untrusted search path vulnerability in the Microsoft Foundation Class  ...)
 	NOT-FOR-US: ATL MFC Trace Tool
-CVE-2010-3189
+CVE-2010-3189 (The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (Uf ...)
 	NOT-FOR-US: Trend Micro Internet Security Pro
-CVE-2010-3188
+CVE-2010-3188 (SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and ...)
 	NOT-FOR-US: BugTracker.NET
-CVE-2010-3187
+CVE-2010-3187 (Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attac ...)
 	NOT-FOR-US: IBM AIX
-CVE-2010-3186
+CVE-2010-3186 (IBM WebSphere Application Server (WAS) 7.x before 7.0.0.13, and WebSph ...)
 	NOT-FOR-US: WebSphere
 CVE-2010-3185
 	RESERVED
 CVE-2010-3184
 	RESERVED
-CVE-2010-3183
+CVE-2010-3183 (The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox bef ...)
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.14-1
@@ -5433,13 +5433,13 @@ CVE-2010-3183
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (bug in optimization added later)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3182
+CVE-2010-3182 (A certain application-launch script in Mozilla Firefox before 3.5.14 a ...)
 	- icedove 3.0.9-1
 	[lenny] - icedove <end-of-life>
 	- iceweasel <not-affected> (run-mozilla.sh not used)
-CVE-2010-3181
+CVE-2010-3181 (Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 a ...)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2010-3180
+CVE-2010-3180 (Use-after-free vulnerability in the nsBarProp function in Mozilla Fire ...)
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- icedove 3.0.9-1
@@ -5449,7 +5449,7 @@ CVE-2010-3180
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3179
+CVE-2010-3179 (Stack-based buffer overflow in the text-rendering functionality in Moz ...)
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- icedove 3.0.9-1
@@ -5459,7 +5459,7 @@ CVE-2010-3179
 	- iceape 2.0.9-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3178
+CVE-2010-3178 (Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird bef ...)
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- icedove 3.0.9-1
@@ -5469,7 +5469,7 @@ CVE-2010-3178
 	- iceape 2.0.9-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3177
+CVE-2010-3177 (Multiple cross-site scripting (XSS) vulnerabilities in the Gopher pars ...)
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.14-1
@@ -5477,7 +5477,7 @@ CVE-2010-3177
 	- iceape 2.0.9-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3176
+CVE-2010-3176 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.14-1
@@ -5485,9 +5485,9 @@ CVE-2010-3176
 	- iceape 2.0.9-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3175
+CVE-2010-3175 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox 3.6, which is only in experimental)
-CVE-2010-3174
+CVE-2010-3174 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5 ...)
 	{DSA-2124-1}
 	- xulrunner <removed> (unimportant)
 	- icedove 3.0.9-1
@@ -5497,15 +5497,15 @@ CVE-2010-3174
 	- iceape 2.0.9-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3173
+CVE-2010-3173 (The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x befo ...)
 	{DSA-2123-1}
 	- nss 3.12.8-1
-CVE-2010-3172
+CVE-2010-3172 (CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3. ...)
 	- bugzilla 3.6.3.0-1 (bug #602420; low)
 	[squeeze] - bugzilla 3.6.2.0-4.2
-CVE-2010-3171
+CVE-2010-3171 (The Math.random function in the JavaScript implementation in Mozilla F ...)
 	NOTE: Will likely be rejected by MITRE
-CVE-2010-3170
+CVE-2010-3170 (Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird bef ...)
 	{DSA-2123-1}
 	- nss 3.12.8-1
 	- kde4libs 4:4.4.5-4 (low)
@@ -5514,7 +5514,7 @@ CVE-2010-3170
 	[lenny] - qt4-x11 <not-affected> (Vulnerable code not present)
 	[squeeze] - kde4libs 4:4.4.5-2+squeeze2
 	[lenny] - kde4libs <no-dsa> (Minor issue)
-CVE-2010-3169
+CVE-2010-3169 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -5524,7 +5524,7 @@ CVE-2010-3169
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3168
+CVE-2010-3168 (Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird befo ...)
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -5534,7 +5534,7 @@ CVE-2010-3168
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3167
+CVE-2010-3167 (The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3. ...)
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -5544,7 +5544,7 @@ CVE-2010-3167
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3166
+CVE-2010-3166 (Heap-based buffer overflow in the nsTextFrameUtils::TransformText func ...)
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
@@ -5554,98 +5554,98 @@ CVE-2010-3166
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-3165
+CVE-2010-3165 (Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and ear ...)
 	NOT-FOR-US: Yokka NoEditor and others
-CVE-2010-3164
+CVE-2010-3164 (Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and earli ...)
 	NOT-FOR-US: Fenrir Sleipnir, Grani
-CVE-2010-3163
+CVE-2010-3163 (Untrusted search path vulnerability in Fenrir Sleipnir before 2.9.5 an ...)
 	NOT-FOR-US: Fenrir Sleipnir, Grani
-CVE-2010-3162
+CVE-2010-3162 (Untrusted search path vulnerability in Apsaly before 3.74 allows local ...)
 	NOT-FOR-US: Apsaly
-CVE-2010-3161
+CVE-2010-3161 (Untrusted search path vulnerability in TeraPad before 1.00 allows loca ...)
 	NOT-FOR-US: TeraPad
-CVE-2010-3160
+CVE-2010-3160 (Untrusted search path vulnerability in Archive Decoder 1.23 and earlie ...)
 	NOT-FOR-US: Archive Decoder
-CVE-2010-3159
+CVE-2010-3159 (Untrusted search path vulnerability in Explzh 5.67 and earlier allows  ...)
 	NOT-FOR-US: Explzh
-CVE-2010-3158
+CVE-2010-3158 (Untrusted search path vulnerability in Lhaplus before 1.58 allows loca ...)
 	NOT-FOR-US: Lhaplus
-CVE-2010-3157
+CVE-2010-3157 (Untrusted search path vulnerability in XacRett before 50 allows attack ...)
 	NOT-FOR-US: XacRett
-CVE-2010-3156
+CVE-2010-3156 (Untrusted search path vulnerability in K2 K2Editor before 1.5.9 allows ...)
 	NOT-FOR-US: K2Editor
-CVE-2010-3133
+CVE-2010-3133 (Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15  ...)
 	- wireshark <not-affected> (Only affects Windows port)
-CVE-2010-3131
+CVE-2010-3131 (Untrusted search path vulnerability in Mozilla Firefox before 3.5.12 a ...)
 	- xulrunner <not-affected> (Only affects Windows port)
 	- iceweasel <not-affected> (Only affects Windows port)
 CVE-2010-3123
 	RESERVED
-CVE-2010-3155
+CVE-2010-3155 (Untrusted search path vulnerability in Adobe ExtendScript Toolkit (EST ...)
 	NOT-FOR-US: Adobe ExtendedScript Toolkit
-CVE-2010-3154
+CVE-2010-3154 (Untrusted search path vulnerability in Adobe Extension Manager CS5 5.0 ...)
 	NOT-FOR-US: Adobe Extension Manager
-CVE-2010-3153
+CVE-2010-3153 (Untrusted search path vulnerability in Adobe InDesign CS4 6.0, InDesig ...)
 	NOT-FOR-US: Adobe InDesign
-CVE-2010-3152
+CVE-2010-3152 (Untrusted search path vulnerability in Adobe Illustrator CS4 14.0.0, C ...)
 	NOT-FOR-US: Adobe Illustrator
-CVE-2010-3151
+CVE-2010-3151 (Untrusted search path vulnerability in Adobe On Location CS4 Build 315 ...)
 	NOT-FOR-US: Adobe On Location
-CVE-2010-3150
+CVE-2010-3150 (Untrusted search path vulnerability in Adobe Premier Pro CS4 4.0.0 (31 ...)
 	NOT-FOR-US: Adobe Premier Pro
-CVE-2010-3149
+CVE-2010-3149 (Untrusted search path vulnerability in Adobe Device Central CS5 3.0.0( ...)
 	NOT-FOR-US: Adobe Device Central
-CVE-2010-3148
+CVE-2010-3148 (Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows ...)
 	NOT-FOR-US: Microsoft Visio
-CVE-2010-3147
+CVE-2010-3147 (Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windo ...)
 	NOT-FOR-US: Microsoft Address Book
-CVE-2010-3146
+CVE-2010-3146 (Multiple untrusted search path vulnerabilities in Microsoft Groove 200 ...)
 	NOT-FOR-US: Microsoft Office Groove
-CVE-2010-3145
+CVE-2010-3145 (Untrusted search path vulnerability in the BitLocker Drive Encryption  ...)
 	NOT-FOR-US: Microsoft Vista BitLocker
-CVE-2010-3144
+CVE-2010-3144 (Untrusted search path vulnerability in the Internet Connection Signup  ...)
 	NOT-FOR-US: Microsoft Internet Connection Signup Wizard
-CVE-2010-3143
+CVE-2010-3143 (Untrusted search path vulnerability in Microsoft Windows Contacts allo ...)
 	NOT-FOR-US: Microsoft Windows Contacts
-CVE-2010-3142
+CVE-2010-3142 (Untrusted search path vulnerability in Microsoft Office PowerPoint 200 ...)
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-3141
+CVE-2010-3141 (Untrusted search path vulnerability in Microsoft PowerPoint 2010 allow ...)
 	NOT-FOR-US: Microsoft Power Point
-CVE-2010-3140
+CVE-2010-3140 (Untrusted search path vulnerability in Microsoft Windows Internet Comm ...)
 	NOT-FOR-US: Microsoft Windows Internet Communication Settings
-CVE-2010-3139
+CVE-2010-3139 (Untrusted search path vulnerability in Microsoft Windows Progman Group ...)
 	NOT-FOR-US: Microsoft Windows Progman Group Converter
-CVE-2010-3138
+CVE-2010-3138 (Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax  ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2010-3137
+CVE-2010-3137 (Untrusted search path vulnerability in Nullsoft Winamp 5.581, and prob ...)
 	NOT-FOR-US: Nullsoft Winamp
-CVE-2010-3136
+CVE-2010-3136 (Untrusted search path vulnerability in Skype 4.2.0.169 and earlier all ...)
 	NOT-FOR-US: Skype
-CVE-2010-3135
+CVE-2010-3135 (Untrusted search path vulnerability in Cisco Packet Tracer 5.2 allows  ...)
 	NOT-FOR-US: Cisco Packet Tracer
-CVE-2010-3134
+CVE-2010-3134 (Untrusted search path vulnerability in Google Earth 5.1.3535.3218 allo ...)
 	NOT-FOR-US: Google Earth
-CVE-2010-3132
+CVE-2010-3132 (Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 buil ...)
 	NOT-FOR-US: Adobe Dreamweaver
-CVE-2010-3130
+CVE-2010-3130 (Untrusted search path vulnerability in TechSmith Snagit 10 (Build 788) ...)
 	NOT-FOR-US: TechSmith Snagit
-CVE-2010-3129
+CVE-2010-3129 (Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allo ...)
 	NOT-FOR-US: uTorrent
-CVE-2010-3128
+CVE-2010-3128 (Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier ...)
 	NOT-FOR-US: TeamViewer
-CVE-2010-3127
+CVE-2010-3127 (Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 ...)
 	NOT-FOR-US: Adobe PhotoShop
-CVE-2010-3126
+CVE-2010-3126 (Untrusted search path vulnerability in avast! Free Antivirus version 5 ...)
 	NOT-FOR-US: avast! Free Antivirus version
-CVE-2010-3125
+CVE-2010-3125 (Untrusted search path vulnerability in TeamMate Audit Management Softw ...)
 	NOT-FOR-US: TeamMate Audit Management Software Suite
-CVE-2010-3122
+CVE-2010-3122 (The DevonIT thin-client management tool relies on a shared secret for  ...)
 	NOT-FOR-US: DevonIT thin-client management tool
-CVE-2010-3121
+CVE-2010-3121 (Buffer overflow in tm-console-bin in the DevonIT thin-client managemen ...)
 	NOT-FOR-US: DevonIT thin-client management tool
-CVE-2010-3124
+CVE-2010-3124 (Untrusted search path vulnerability in bin/winvlc.c in VLC Media Playe ...)
 	- vlc <not-affected> (Windows specific vulnerability)
-CVE-2010-3120
+CVE-2010-3120 (Google Chrome before 5.0.375.127 does not properly implement the Geolo ...)
 	- chromium-browser 5.0.375.127~r55887-1
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
@@ -5654,19 +5654,19 @@ CVE-2010-3120
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=44096
 	NOTE: http://trac.webkit.org/changeset/65329
 	NOTE: http://trac.webkit.org/changeset/65325
-CVE-2010-3119
+CVE-2010-3119 (Google Chrome before 5.0.375.127 and webkitgtk before 1.2.6 do not pro ...)
 	- chromium-browser 5.0.375.127~r55887-1
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=43795
 	NOTE: http://trac.webkit.org/changeset/65090
-CVE-2010-3118
+CVE-2010-3118 (The autosuggest feature in the Omnibox implementation in Google Chrome ...)
 	- chromium-browser 5.0.375.127~r55887-1
 	- webkit <not-affected> (chromium specific)
-CVE-2010-3117
+CVE-2010-3117 (Google Chrome before 5.0.375.127 does not properly implement the notif ...)
 	- chromium-browser 5.0.375.127~r55887-1
 	- webkit <not-affected> (chromium specific)
-CVE-2010-3116
+CVE-2010-3116 (Multiple use-after-free vulnerabilities in WebKit, as used in Apple Sa ...)
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
@@ -5674,188 +5674,188 @@ CVE-2010-3116
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=43147
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=43888
 	NOTE: http://trac.webkit.org/changeset/65280 vulnerable code not present in 1.2 series
-CVE-2010-3115
+CVE-2010-3115 (Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not ...)
 	- webkit 1.2.5-1 (bug #599830)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: http://trac.webkit.org/changeset/63925
 	NOTE: http://trac.webkit.org/changeset/64077
 	NOTE: only partially fixed: only 64077 applied in 1.2.4-1
-CVE-2010-3114
+CVE-2010-3114 (The text-editing implementation in Google Chrome before 5.0.375.127, a ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=42655
 	NOTE: http://trac.webkit.org/changeset/63773
-CVE-2010-3113
+CVE-2010-3113 (Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not ...)
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=42659
 	NOTE: http://trac.webkit.org/changeset/63865
-CVE-2010-3112
+CVE-2010-3112 (Google Chrome before 5.0.375.127 does not properly implement file dial ...)
 	- webkit <not-affected> (chromium specific)
 	- chromium-browser 5.0.375.127~r55887-1
-CVE-2010-3111
+CVE-2010-3111 (Google Chrome before 6.0.472.53 does not properly mitigate an unspecif ...)
 	- chromium-browser 5.0.375.127~r55887-1
 	- webkit <not-affected> (chromium specific)
-CVE-2010-3110
+CVE-2010-3110 (Multiple buffer overflows in the Novell Client novfs module for the Li ...)
 	NOT-FOR-US: novfs kernel module (only included in SUSE it seems)
-CVE-2010-2948
+CVE-2010-2948 (Stack-based buffer overflow in the bgp_route_refresh_receive function  ...)
 	{DSA-2104-1}
 	- quagga 0.99.17-1 (bug #594262)
-CVE-2010-2949
+CVE-2010-2949 (bgpd in Quagga before 0.99.17 does not properly parse AS paths, which  ...)
 	{DSA-2104-1}
 	- quagga 0.99.17-1 (bug #594262)
-CVE-2010-3109
+CVE-2010-3109 (Stack-based buffer overflow in the browser plugin in Novell iPrint Cli ...)
 	NOT-FOR-US: browser plugin in Novell iPrint Client
-CVE-2010-3108
+CVE-2010-3108 (Buffer overflow in the browser plugin in Novell iPrint Client before 5 ...)
 	NOT-FOR-US: browser plugin in Novell iPrint Client
-CVE-2010-3107
+CVE-2010-3107 (A certain ActiveX control in ienipp.ocx in the browser plugin in Novel ...)
 	NOT-FOR-US: browser plugin in Novell iPrint Client
-CVE-2010-3106
+CVE-2010-3106 (The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint  ...)
 	NOT-FOR-US: browser plugin in Novell iPrint Client
-CVE-2010-3105
+CVE-2010-3105 (The PluginGetDriverFile function in Novell iPrint Client before 5.44 i ...)
 	NOT-FOR-US: browser plugin in Novell iPrint Client
-CVE-2010-3104
+CVE-2010-3104 (Directory traversal vulnerability in DeskShare AutoFTP Manager 4.31, a ...)
 	NOT-FOR-US: DeskShare AutoFTP Manager
-CVE-2010-3103
+CVE-2010-3103 (Directory traversal vulnerability in FTPGetter Team FTPGetter 3.51.0.0 ...)
 	NOT-FOR-US: FTPGetter
-CVE-2010-3102
+CVE-2010-3102 (Directory traversal vulnerability in SiteDesigner Technologies, Inc. 3 ...)
 	NOT-FOR-US: SiteDesigner Technologies
-CVE-2010-3101
+CVE-2010-3101 (Directory traversal vulnerability in FTPx Corp FTP Explorer 10.5.19.1  ...)
 	NOT-FOR-US: FTPx Corp FTP Explorer
-CVE-2010-3100
+CVE-2010-3100 (Directory traversal vulnerability in Porta+ FTP Client 4.1, and possib ...)
 	NOT-FOR-US: Porta+ FTP Client
-CVE-2010-3099
+CVE-2010-3099 (Directory traversal vulnerability in SmartSoft Ltd SmartFTP Client 4.0 ...)
 	NOT-FOR-US: SmartSoft Ltd SmartFTP
-CVE-2010-3098
+CVE-2010-3098 (Directory traversal vulnerability in IoRush Software FTP Rush 1.1.3 an ...)
 	NOT-FOR-US: IoRush Software FTP Rush
-CVE-2010-3097
+CVE-2010-3097 (Directory traversal vulnerability in WinFrigate Frigate 3 FTP client 3 ...)
 	NOT-FOR-US: WinFrigate Frigate 3 FTP
-CVE-2010-3096
+CVE-2010-3096 (Directory traversal vulnerability in SoftX FTP Client 3.3 and possibly ...)
 	NOT-FOR-US: SoftX FTP Client 3.3
 CVE-2010-3095 [mailscanner incomplete fix for CVE-2008-5313]
 	RESERVED
 	- mailscanner 4.79.11-2.1 (bug #596403)
-CVE-2010-3094
+CVE-2010-3094 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x befo ...)
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
-CVE-2010-3093
+CVE-2010-3093 (The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allow ...)
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
-CVE-2010-3092
+CVE-2010-3092 (The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does n ...)
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
-CVE-2010-3091
+CVE-2010-3091 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...)
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
 CVE-2010-3090
 	REJECTED
-CVE-2010-3089
+CVE-2010-3089 (Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman bef ...)
 	{DSA-2170-1}
 	- mailman 1:2.1.13-4.1 (bug #599833)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id={631881,631859}
-CVE-2010-3088
+CVE-2010-3088 (The notify function in pidgin-knotify.c in the pidgin-knotify plugin 0 ...)
 	NOT-FOR-US: Knotify plugin for Pidgin
-CVE-2010-3087
+CVE-2010-3087 (LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attacke ...)
 	- tiff 3.9.4-5 (bug #600188)
 	- tiff3 <not-affected> (fixed before initial upload)
 	[lenny] - tiff <not-affected> (Vulnerable code not present)
-CVE-2010-3086
+CVE-2010-3086 (include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not pro ...)
 	- linux-2.6 2.6.25-1
-CVE-2010-3085
+CVE-2010-3085 (The network-play implementation in Mednafen before 0.8.D might allow r ...)
 	- mednafen 0.8.D-1 (unimportant)
 	NOTE: Extremely obscure attack vector, marking as unimportant
-CVE-2010-3084
+CVE-2010-3084 (Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/ne ...)
 	- linux-2.6 2.6.32-25
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.30)
-CVE-2010-3083
+CVE-2010-3083 (sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat Ente ...)
 	- qpid-cpp <not-affected> (Fixed before initial upload to archive)
-CVE-2010-3082
+CVE-2010-3082 (Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2  ...)
 	- python-django 1.2.3-1 (low; bug #596205)
 	NOTE: http://www.djangoproject.com/weblog/2010/sep/08/security-release/
-CVE-2010-3081
+CVE-2010-3081 (The compat_alloc_user_space functions in include/asm/compat.h files in ...)
 	{DSA-2110-1}
 	- linux-2.6 2.6.32-23 (high)
-CVE-2010-3080
+CVE-2010-3080 (Double free vulnerability in the snd_seq_oss_open function in sound/co ...)
 	{DSA-2110-1}
 	- linux-2.6 2.6.32-24
-CVE-2010-3079
+CVE-2010-3079 (kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugf ...)
 	- linux-2.6 2.6.32-24
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.30)
-CVE-2010-3078
+CVE-2010-3078 (The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the ...)
 	{DSA-2110-1}
 	- linux-2.6 2.6.32-24
-CVE-2010-3077
+CVE-2010-3077 (Cross-site scripting (XSS) vulnerability in util/icon_browser.php in t ...)
 	{DSA-2278-1}
 	- horde3 3.3.8+debian0-2 (bug #598582)
 	NOTE: http://seclists.org/fulldisclosure/2010/Sep/82
-CVE-2010-3076
+CVE-2010-3076 (The filter function in php/src/include.php in Simple Management for BI ...)
 	{DSA-2103-1}
 	- smbind 0.4.7-5 (high)
 	NOTE: http://packetstormsecurity.org/1009-exploits/smbind-sql.txt
-CVE-2010-3075
+CVE-2010-3075 (EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher ...)
 	- encfs 1.7.2-1 (bug #595998)
 	[lenny] - encfs <no-dsa> (Not backportable, breaks backwards-compatibility)
-CVE-2010-3074
+CVE-2010-3074 (SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of a ...)
 	- encfs 1.7.2-1 (bug #595998)
 	[lenny] - encfs <no-dsa> (Minor issue)
-CVE-2010-3073
+CVE-2010-3073 (SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer  ...)
 	- encfs 1.7.2-1 (bug #595998)
 	[lenny] - encfs <no-dsa> (Minor issue)
-CVE-2010-3072
+CVE-2010-3072 (The string-comparison functions in String.cci in Squid 3.x before 3.1. ...)
 	{DSA-2111-1}
 	- squid3 3.1.6-1.1 (bug #596086; low)
 	- squid <not-affected> (Only affects 3.x)
-CVE-2010-3071
+CVE-2010-3071 (bip before 0.8.6 allows remote attackers to cause a denial of service  ...)
 	- bip 0.8.6-1 (low; bug #595409)
 	[lenny] - bip <not-affected> (vulnerable code ('LINK(lc)->name') not in 0.7.4-2)
 	[squeeze] - bip 0.8.2-1squeeze2
-CVE-2010-3070
+CVE-2010-3070 (Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in M ...)
 	- nusoap 0.7.3-4 (low; bug #595248)
-CVE-2010-3069
+CVE-2010-3069 (Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse ...)
 	{DSA-2109-1}
 	- samba 2:3.5.5~dfsg-1 (bug #596891)
 CVE-2010-3068
 	REJECTED
-CVE-2010-3067
+CVE-2010-3067 (Integer overflow in the do_io_submit function in fs/aio.c in the Linux ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24
-CVE-2010-3066
+CVE-2010-3066 (The io_submit_one function in fs/aio.c in the Linux kernel before 2.6. ...)
 	- linux-2.6 2.6.23-1
-CVE-2010-3064
+CVE-2010-3064 (Stack-based buffer overflow in the php_mysqlnd_auth_write function in  ...)
 	- php5 <removed> (unimportant)
 	NOTE: mysqlnd not used in squeeze/sid
-CVE-2010-3063
+CVE-2010-3063 (The php_mysqlnd_read_error_from_line function in the Mysqlnd extension ...)
 	- php5 <removed> (unimportant)
 	NOTE: mysqlnd not used in squeeze/sid
-CVE-2010-3062
+CVE-2010-3062 (mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3 ...)
 	- php5 <removed> (unimportant)
 	NOTE: mysqlnd not used in squeeze/sid
-CVE-2010-3061
+CVE-2010-3061 (Unspecified vulnerability in the message-protocol implementation in th ...)
 	NOT-FOR-US: Tivoli
-CVE-2010-3060
+CVE-2010-3060 (Unspecified vulnerability in the message-protocol implementation in th ...)
 	NOT-FOR-US: Tivoli
-CVE-2010-3059
+CVE-2010-3059 (Buffer overflow in the message-protocol implementation in the Server i ...)
 	NOT-FOR-US: Tivoli
-CVE-2010-3058
+CVE-2010-3058 (The Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x b ...)
 	NOT-FOR-US: Tivoli
-CVE-2010-3065
+CVE-2010-3065 (The default session serializer in PHP 5.2 through 5.2.13 and 5.3 throu ...)
 	{DSA-2089-1}
 	- php5 5.3.3-1
 CVE-2010-3057
 	RESERVED
-CVE-2010-3054
+CVE-2010-3054 (Unspecified vulnerability in FreeType 2.3.9, and other versions before ...)
 	- freetype 2.4.2-1 (unimportant)
-CVE-2010-3053
+CVE-2010-3053 (bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause ...)
 	{DSA-2105-1}
 	- freetype 2.4.2-1
-CVE-2010-3056
+CVE-2010-3056 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11 ...)
 	{DSA-2097-2 DSA-2097-1}
 	- phpmyadmin 4:3.3.5.1-1
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php
-CVE-2010-3055
+CVE-2010-3055 (The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2 ...)
 	{DSA-2097-2 DSA-2097-1}
 	- phpmyadmin 4:3.0.0
 	NOTE: Affects only 2.x branch
@@ -5863,9 +5863,9 @@ CVE-2010-3052
 	RESERVED
 CVE-2010-3051
 	RESERVED
-CVE-2010-3050
+CVE-2010-3050 (Cisco IOS before 12.2(33)SXI allows remote authenticated users to caus ...)
 	NOT-FOR-US: Cisco
-CVE-2010-3049
+CVE-2010-3049 (Cisco IOS before 12.2(33)SXI allows local users to cause a denial of s ...)
 	NOT-FOR-US: Cisco
 CVE-2010-3048
 	RESERVED
@@ -5875,357 +5875,357 @@ CVE-2010-3046
 	RESERVED
 CVE-2010-3045
 	RESERVED
-CVE-2010-3044
+CVE-2010-3044 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) an ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2010-3043
+CVE-2010-3043 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) an ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2010-3042
+CVE-2010-3042 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) an ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2010-3041
+CVE-2010-3041 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) an ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2010-3040
+CVE-2010-3040 (Multiple stack-based buffer overflows in agent.exe in Setup Manager in ...)
 	NOT-FOR-US: Cisco Intelligent Contact Manager
-CVE-2010-3039
+CVE-2010-3039 (/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2010-3038
+CVE-2010-3038 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the L ...)
 	NOT-FOR-US: Cisco Unified Videoconferencing
-CVE-2010-3037
+CVE-2010-3037 (goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing ( ...)
 	NOT-FOR-US: Cisco Unified Videoconferencing
-CVE-2010-3036
+CVE-2010-3036 (Multiple buffer overflows in the authentication functionality in the w ...)
 	NOT-FOR-US: Cisco
-CVE-2010-3035
+CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not proper ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2010-3034
+CVE-2010-3034 (Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possib ...)
 	NOT-FOR-US: Cisco
-CVE-2010-3033
+CVE-2010-3033 (Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0 ...)
 	NOT-FOR-US: Cisco
-CVE-2010-3032
+CVE-2010-3032 (Integer overflow in the OBGIOPServerWorker::extractHeader function in  ...)
 	NOT-FOR-US: SAP Crystal Reports 2008
-CVE-2010-3031
+CVE-2010-3031 (Buffer overflow in Wyse ThinOS HF 4.4.079i, and possibly other version ...)
 	NOT-FOR-US: Wyse ThinOS
-CVE-2010-3030
+CVE-2010-3030 (Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus Open B ...)
 	NOT-FOR-US: Tomaz Muraus Open Blog
-CVE-2010-3029
+CVE-2010-3029 (SQL injection vulnerability in statistics.php in PHPKick 0.8 allows re ...)
 	NOT-FOR-US: PHPKick
-CVE-2010-3028
+CVE-2010-3028 (The Aardvertiser component before 2.2.1 for Joomla! uses insecure perm ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-3027
+CVE-2010-3027 (SQL injection vulnerability in index.php in Tycoon Baseball Script 1.0 ...)
 	NOT-FOR-US: Tycoon Baseball Script
-CVE-2010-3026
+CVE-2010-3026 (Cross-site request forgery (CSRF) vulnerability in application/modules ...)
 	NOT-FOR-US: Tomaz Muraus Open Blog
-CVE-2010-3025
+CVE-2010-3025 (Multiple cross-site scripting (XSS) vulnerabilities in Tomaz Muraus Op ...)
 	NOT-FOR-US: Tomaz Muraus Open Blog
-CVE-2010-3024
+CVE-2010-3024 (Multiple cross-site request forgery (CSRF) vulnerabilities in user/mai ...)
 	NOT-FOR-US: DiamondList
-CVE-2010-3023
+CVE-2010-3023 (Multiple cross-site scripting (XSS) vulnerabilities in DiamondList 0.1 ...)
 	NOT-FOR-US: DiamondList
-CVE-2010-3022
+CVE-2010-3022 (Cross-site scripting (XSS) vulnerability in the Performance logging mo ...)
 	NOT-FOR-US: Drupal Addon
-CVE-2010-3021
+CVE-2010-3021 (Unspecified vulnerability in Opera before 10.61 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2010-3020
+CVE-2010-3020 (The news-feed preview feature in Opera before 10.61 does not properly  ...)
 	NOT-FOR-US: Opera
-CVE-2010-3019
+CVE-2010-3019 (Heap-based buffer overflow in Opera before 10.61 allows remote attacke ...)
 	NOT-FOR-US: Opera
-CVE-2010-3018
+CVE-2010-3018 (RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.5 ...)
 	NOT-FOR-US: RSA Access Manager
-CVE-2010-3017
+CVE-2010-3017 (Unspecified vulnerability in RSA Access Manager Agent 4.7.1 before 4.7 ...)
 	NOT-FOR-US: RSA Access Manager
 CVE-2010-3016
 	REJECTED
-CVE-2010-3013
+CVE-2010-3013 (SQL injection vulnerability in groupadmin.php in Pligg before 1.1.1 al ...)
 	NOT-FOR-US: Pligg
-CVE-2010-3012
+CVE-2010-3012 (Cross-site scripting (XSS) vulnerability in HP System Management Homep ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2010-3011
+CVE-2010-3011 (CRLF injection vulnerability in HP System Management Homepage (SMH) be ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2010-3010
+CVE-2010-3010 (Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect  ...)
 	NOT-FOR-US: HP 3Com OfficeConnect
-CVE-2010-3009
+CVE-2010-3009 (Unspecified vulnerability in HP System Management Homepage (SMH) for L ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2010-3008
+CVE-2010-3008 (Unspecified vulnerability in HP Data Protector Express, and Data Prote ...)
 	NOT-FOR-US: HP Data Protector Express
-CVE-2010-3007
+CVE-2010-3007 (Unspecified vulnerability in HP Data Protector Express, and Data Prote ...)
 	NOT-FOR-US: HP Data Protector Express
-CVE-2010-3006
+CVE-2010-3006 (Unspecified vulnerability on the HP ProLiant G6 Lights-Out 100 Remote  ...)
 	NOT-FOR-US: HP ProLiant G6 Lights-Out
-CVE-2010-3005
+CVE-2010-3005 (Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windo ...)
 	NOT-FOR-US: HP Operations Agents
-CVE-2010-3004
+CVE-2010-3004 (Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windo ...)
 	NOT-FOR-US: HP Operations Agents
-CVE-2010-3003
+CVE-2010-3003 (Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Onl ...)
 	NOT-FOR-US: HP Insight Diagnostics Online Edition
-CVE-2010-3002
+CVE-2010-3002 (Unspecified vulnerability in RealNetworks RealPlayer 11.0 through 11.1 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-3001
+CVE-2010-3001 (Unspecified vulnerability in an ActiveX control in the Internet Explor ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2010-3000
+CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in RealNetwo ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-2999
+CVE-2010-2999 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPla ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-2998
+CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 and Rea ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-2997
+CVE-2010-2997 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 1 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-2996
+CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on Wind ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-2991
+CVE-2010-2991 (The IICAClient interface in the ICAClient library in the ICA Client Ac ...)
 	NOT-FOR-US: Citrix ICA Client
-CVE-2010-2990
+CVE-2010-2990 (Citrix Online Plug-in for Windows for XenApp &amp; XenDesktop before 1 ...)
 	NOT-FOR-US: Citrix ICA Client
-CVE-2010-2989
+CVE-2010-2989 (nessusd_www_server.nbin in the Nessus Web Server plugin 1.2.4 for Ness ...)
 	NOT-FOR-US: Nessus
-CVE-2010-2988
+CVE-2010-2988 (Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless Net ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2987
+CVE-2010-2987 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Wireless  ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2986
+CVE-2010-2986 (Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.d ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2985
+CVE-2010-2985 (Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere S ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-2984
+CVE-2010-2984 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4 ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2983
+CVE-2010-2983 (The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2982
+CVE-2010-2982 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allo ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2981
+CVE-2010-2981 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allo ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2980
+CVE-2010-2980 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5 ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2979
+CVE-2010-2979 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5 ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2978
+CVE-2010-2978 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2977
+CVE-2010-2977 (Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2976
+CVE-2010-2976 (The controller in Cisco Unified Wireless Network (UWN) Solution 7.x th ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2975
+CVE-2010-2975 (Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 doe ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2974
+CVE-2010-2974 (Stack-based buffer overflow in the IConfigurationAccess interface in t ...)
 	NOT-FOR-US: Wonderware Application Server
-CVE-2010-2973
+CVE-2010-2973 (Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone  ...)
 	NOT-FOR-US: Apple
 CVE-2010-2972
 	REJECTED
-CVE-2010-3014
+CVE-2010-3014 (The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when ...)
 	- kfreebsd-7 <unfixed>
 	- kfreebsd-8 8.1-5
 	- kfreebsd-9 <not-affected> (fixed prior to first upload)
 	- kfreebsd-10 <not-affected> (fixed prior to first upload)
-CVE-2010-3015
+CVE-2010-3015 (Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extent ...)
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-22
-CVE-2010-2995
+CVE-2010-2995 (The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark ...)
 	{DSA-2101-1}
 	- wireshark 1.2.10-1
-CVE-2010-2992
+CVE-2010-2992 (packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through ...)
 	- wireshark 1.2.10-1
 	[lenny] - wireshark <not-affected> (Only affects 1.2.x)
-CVE-2010-2994
+CVE-2010-2994 (Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0. ...)
 	{DSA-2101-1}
 	- wireshark 1.2.10-1
-CVE-2010-2993
+CVE-2010-2993 (The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote atta ...)
 	- wireshark 1.2.10-1
 	[lenny] - wireshark <not-affected> (Only affects 1.2.x)
-CVE-2010-2971
+CVE-2010-2971 (loaders/load_it.c in libmikmod, possibly 3.1.12, does not properly acc ...)
 	{DSA-2081-1}
 	- libmikmod 3.1.11-6.3
-CVE-2010-2970
+CVE-2010-2970 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x  ...)
 	- moin 1.9.3-1 (low)
-CVE-2010-2969
+CVE-2010-2969 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3  ...)
 	- moin 1.9.3-1
-CVE-2010-2968
+CVE-2010-2968 (The FTP daemon in Wind River VxWorks does not close the TCP connection ...)
 	NOT-FOR-US: vxworks
-CVE-2010-2967
+CVE-2010-2967 (The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks be ...)
 	NOT-FOR-US: vxworks
-CVE-2010-2966
+CVE-2010-2966 (The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and ...)
 	NOT-FOR-US: vxworks
-CVE-2010-2965
+CVE-2010-2965 (The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and ...)
 	NOT-FOR-US: vxworks
 CVE-2010-2964
 	RESERVED
-CVE-2010-2963
+CVE-2010-2963 (drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) imp ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-26
-CVE-2010-2962
+CVE-2010-2962 (drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM ...)
 	- linux-2.6 2.6.32-25
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-2961
+CVE-2010-2961 (mountall.c in mountall before 2.15.2 uses 0666 permissions for the roo ...)
 	NOT-FOR-US: mountall
-CVE-2010-2960
+CVE-2010-2960 (The keyctl_session_to_parent function in security/keys/keyctl.c in the ...)
 	- linux-2.6 2.6.32-23
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.32)
-CVE-2010-2959
+CVE-2010-2959 (Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) ...)
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-20
-CVE-2010-2958
+CVE-2010-2958 (Cross-site scripting (XSS) vulnerability in libraries/Error.class.php  ...)
 	- phpmyadmin 4:3.3.6-1
 	[lenny] - phpmyadmin <not-affected> (only affects 3.x)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php
-CVE-2010-2957
+CVE-2010-2957 (Cross-site scripting (XSS) vulnerability in Serendipity before 1.5.4,  ...)
 	- serendipity 1.5.3-2 (bug #594905)
-CVE-2010-2956
+CVE-2010-2956 (Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not ...)
 	- sudo 1.7.4p4-1 (bug #595935)
 	[lenny] - sudo <not-affected> (Only affects 1.7.x)
 	NOTE: http://www.sudo.ws/sudo/alerts/runas_group.html
-CVE-2010-2955
+CVE-2010-2955 (The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in t ...)
 	- linux-2.6 2.6.32-23
-CVE-2010-2954
+CVE-2010-2954 (The irda_bind function in net/irda/af_irda.c in the Linux kernel befor ...)
 	{DSA-2110-1}
 	- linux-2.6 2.6.32-22
-CVE-2010-2953
+CVE-2010-2953 (Untrusted search path vulnerability in a certain Debian GNU/Linux patc ...)
 	{DSA-2107-1}
 	- couchdb 0.11.0-1 (low; bug #594412)
-CVE-2010-2952
+CVE-2010-2952 (Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, d ...)
 	- trafficserver <not-affected> (Fixed before initial release)
-CVE-2010-2951
+CVE-2010-2951 (dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enable ...)
 	- squid3 3.1.6-1.2 (bug #599709)
 	[lenny] - squid3 <not-affected> (vulnerable code introduced in 3.1.6)
 	NOTE: http://marc.info/?l=squid-users&m=128263555724981&w=2
-CVE-2010-2950
+CVE-2010-2950 (Format string vulnerability in stream.c in the phar extension in PHP 5 ...)
 	- php5 5.3.3-2 (low)
 	[lenny] - php5 <not-affected> (phar extension introduced in 5.3)
-CVE-2010-2947
+CVE-2010-2947 (Heap-based buffer overflow in the HX_split function in string.c in lib ...)
 	- libhx 3.5-2 (low; bug #594393)
 	[lenny] - libhx <no-dsa> (Minor issue, asked maintainer to fix through spu)
-CVE-2010-2946
+CVE-2010-2946 (fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly h ...)
 	- linux-2.6 2.6.32-21
 	[lenny] - linux-2.6 2.6.26-25
-CVE-2010-2945
+CVE-2010-2945 (The default configuration of SLiM before 1.3.2 places ./ (dot slash) a ...)
 	- slim 1.3.1-7 (low; bug #594414)
 	[lenny] - slim 1.3.0-1+lenny3
-CVE-2010-2944
+CVE-2010-2944 (The authenticate function in LDAPUserFolder/LDAPUserFolder.py in zope- ...)
 	{DSA-2096-1}
 	- zope-ldapuserfolder <removed> (high; bug #593466)
-CVE-2010-2943
+CVE-2010-2943 (The xfs implementation in the Linux kernel before 2.6.35 does not look ...)
 	- linux-2.6 2.6.37-1
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
 	[lenny] - linux-2.6 <not-affected> (test case fails on 2.6.26)
-CVE-2010-2942
+CVE-2010-2942 (The actions implementation in the network queueing functionality in th ...)
 	- linux-2.6 2.6.32-25
 	[lenny] - linux-2.6 2.6.26-25
-CVE-2010-2941
+CVE-2010-2941 (ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate me ...)
 	{DSA-2176-1}
 	- cups 1.4.4-7 (bug #603344)
-CVE-2010-2940
+CVE-2010-2940 (The auth_send function in providers/ldap/ldap_auth.c in System Securit ...)
 	- sssd 1.2.1-4 (bug #594413)
-CVE-2010-2939
+CVE-2010-2939 (Double free vulnerability in the ssl3_get_key_exchange function in the ...)
 	{DSA-2100-1}
 	- openssl 0.9.8o-2 (low; bug #594415)
-CVE-2010-2938
+CVE-2010-2938 (arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure (VMCS ...)
 	- linux-2.6 <not-affected> (affected code not present in any of the released kernels; only affects xen package itself)
 	- xen 4.0.1-1
 	NOTE: probably fixed well before this version, but this is the one i checked and its fixed
-CVE-2010-2937
+CVE-2010-2937 (The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in V ...)
 	- vlc 1.1.3-1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
-CVE-2010-2936
+CVE-2010-2936 (Integer overflow in simpress.bin in the Impress module in OpenOffice.o ...)
 	{DSA-2099-1}
 	- openoffice.org 1:3.2.1-6
-CVE-2010-2935
+CVE-2010-2935 (simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x ...)
 	{DSA-2099-1}
 	- openoffice.org 1:3.2.1-6
-CVE-2010-2934
+CVE-2010-2934 (Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attacke ...)
 	- znc 0.092-2 (unimportant; bug #599708)
-CVE-2010-2933
+CVE-2010-2933 (SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote at ...)
 	NOT-FOR-US: AV Arcade
-CVE-2010-2932
+CVE-2010-2932 (Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control (BarcodeWiz ...)
 	NOT-FOR-US: BarCodeWiz BarCode
-CVE-2010-2931
+CVE-2010-2931 (Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control allows ...)
 	NOT-FOR-US: SigPlus Pro activex control
-CVE-2010-2930
+CVE-2010-2930 (Multiple stack-based buffer overflows in hsolinkcontrol in hsolink 1.0 ...)
 	- hsolink <removed>
-CVE-2010-2929
+CVE-2010-2929 (Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.1 ...)
 	- hsolink <removed>
-CVE-2010-2928
+CVE-2010-2928 (The vCenter Tomcat Management Application in VMware vCenter Server 4.1 ...)
 	NOT-FOR-US: VMware vCenter Server
-CVE-2010-2927
+CVE-2010-2927 (The slapi_printmessage function in IBM Tivoli Directory Server (ITDS)  ...)
 	NOT-FOR-US: Tivoli
-CVE-2010-2926
+CVE-2010-2926 (SQL injection vulnerability in index.php in sNews 1.7 allows remote at ...)
 	NOT-FOR-US: sNews CMS
-CVE-2010-2925
+CVE-2010-2925 (SQL injection vulnerability in index.php in Freeway CMS 1.4.3.210 allo ...)
 	NOT-FOR-US: OpenFreeway
-CVE-2010-2924
+CVE-2010-2924 (SQL injection vulnerability in myLDlinker.php in the myLinksDump Plugi ...)
 	NOT-FOR-US: myLinksDump WordPress plugin
-CVE-2010-2923
+CVE-2010-2923 (SQL injection vulnerability in the YouTube (com_youtube) component 1.5 ...)
 	NOT-FOR-US: com_youtube Joomla extension
-CVE-2010-2922
+CVE-2010-2922 (SQL injection vulnerability in default.asp in AKY Blog allows remote a ...)
 	NOT-FOR-US: Aspindir AKY Blog
-CVE-2010-2921
+CVE-2010-2921 (SQL injection vulnerability in the Golf Course Guide (com_golfcoursegu ...)
 	NOT-FOR-US: Joomla Component com_golfcourseguide
-CVE-2010-2920
+CVE-2010-2920 (Directory traversal vulnerability in the Foobla Suggestions (com_foobl ...)
 	NOT-FOR-US: Joomla Component Foobla Suggestions
-CVE-2010-2919
+CVE-2010-2919 (SQL injection vulnerability in the StaticXT (com_staticxt) component f ...)
 	NOT-FOR-US: Joomla Component StaticXT
-CVE-2010-2918
+CVE-2010-2918 (PHP remote file inclusion vulnerability in core/include/myMailer.class ...)
 	NOT-FOR-US: Joomla Component Visites
-CVE-2010-2917
+CVE-2010-2917 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in AJ ...)
 	NOT-FOR-US: AJ square
-CVE-2010-2916
+CVE-2010-2916 (SQL injection vulnerability in news.php in AJ Square AJ HYIP MERIDIAN  ...)
 	NOT-FOR-US: AJ square
-CVE-2010-2915
+CVE-2010-2915 (SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME  ...)
 	NOT-FOR-US: AJ square
-CVE-2010-2914
+CVE-2010-2914 (Cross-site scripting (XSS) vulnerability in nessusd_www_server.nbin in ...)
 	NOT-FOR-US: Nessus plugin
-CVE-2010-2913
+CVE-2010-2913 (The Citibank Citi Mobile app before 2.0.3 for iOS stores account data  ...)
 	NOT-FOR-US: Citibank Citi Mobile app
-CVE-2010-2912
+CVE-2010-2912 (SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 al ...)
 	NOT-FOR-US: Kayako eSupport
-CVE-2010-2911
+CVE-2010-2911 (SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 al ...)
 	NOT-FOR-US: Kayako eSupport
-CVE-2010-2910
+CVE-2010-2910 (SQL injection vulnerability in the Ozio Gallery (com_oziogallery) comp ...)
 	NOT-FOR-US: Ozio Gallery
-CVE-2010-2909
+CVE-2010-2909 (SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo ...)
 	NOT-FOR-US: Joomla addon
-CVE-2010-2908
+CVE-2010-2908 (SQL injection vulnerability in the Joomdle (com_joomdle) component 0.2 ...)
 	NOT-FOR-US: Joomla addon
-CVE-2010-2907
+CVE-2010-2907 (SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) co ...)
 	NOT-FOR-US: Joomla addon
-CVE-2010-2906
+CVE-2010-2906 (SQL injection vulnerability in articlesdetails.php in ScriptsFeed and  ...)
 	NOT-FOR-US: ScriptsFeed / BrotherScripts
-CVE-2010-2905
+CVE-2010-2905 (SQL injection vulnerability in info.php in ScriptsFeed and BrotherScri ...)
 	NOT-FOR-US: ScriptsFeed / BrotherScripts
-CVE-2010-2904
+CVE-2010-2904 (Multiple cross-site scripting (XSS) vulnerabilities in the System Land ...)
 	NOT-FOR-US: System Landscape Directory
-CVE-2010-2903
+CVE-2010-2903 (Google Chrome before 5.0.375.125 performs unexpected truncation and im ...)
 	- webkit <not-affected> (Chromium specific issue)
 	- chromium-browser 5.0.375.125~r53311-1
-CVE-2010-2902
+CVE-2010-2902 (The SVG implementation in Google Chrome before 5.0.375.125 allows remo ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=41621
 	NOTE: http://trac.webkit.org/changeset/62662
 	NOTE: duplicate of cve-2010-1793
-CVE-2010-2901
+CVE-2010-2901 (The rendering implementation in Google Chrome before 5.0.375.125 allow ...)
 	{DSA-2188-1}
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=41373
 	NOTE: http://trac.webkit.org/changeset/63048
-CVE-2010-2900
+CVE-2010-2900 (Google Chrome before 5.0.375.125 does not properly handle a large canv ...)
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=41962
 	NOTE: http://trac.webkit.org/changeset/63219
-CVE-2010-2899
+CVE-2010-2899 (Unspecified vulnerability in the layout implementation in Google Chrom ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38977
 	NOTE: http://trac.webkit.org/changeset/62134
-CVE-2010-2898
+CVE-2010-2898 (Google Chrome before 5.0.375.125 does not properly mitigate an unspeci ...)
 	- webkit <not-affected> (chromium specific issue)
 	- chromium-browser 5.0.375.125~r53311-1
-CVE-2010-2897
+CVE-2010-2897 (Google Chrome before 5.0.375.125 does not properly mitigate an unspeci ...)
 	- webkit <not-affected> (chromium specific issue)
 	- chromium-browser 5.0.375.125~r53311-1
-CVE-2010-2896
+CVE-2010-2896 (IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before ...)
 	NOT-FOR-US: IBM FileNet Content Manager
 CVE-2010-XXXX [flaw that allows unsigned code to access any file on the machine (accessible to the user) and write to it.]
 	- openjdk-6  6b18-1.8.1-1
@@ -6237,254 +6237,254 @@ CVE-2010-2894
 	RESERVED
 CVE-2010-2893
 	RESERVED
-CVE-2010-2892
+CVE-2010-2892 (gsb/drivers.php in LANDesk Management Gateway 4.0 through 4.0-1.48 and ...)
 	NOT-FOR-US: LANDesk Management Gateway
-CVE-2010-2891
+CVE-2010-2891 (Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4. ...)
 	{DSA-2145-1}
 	- libsmi 0.4.8+dfsg2-3
-CVE-2010-2890
+CVE-2010-2890 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windo ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-2889
+CVE-2010-2889 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-2888
+CVE-2010-2888 (Multiple unspecified vulnerabilities in an ActiveX control in Adobe Re ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-2887
+CVE-2010-2887 (Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x b ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2010-2886
+CVE-2010-2886 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp  ...)
 	NOT-FOR-US: Adobe RoboHelp
-CVE-2010-2885
+CVE-2010-2885 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7 and 8, an ...)
 	NOT-FOR-US: Adobe RoboHelp
-CVE-2010-2884
+CVE-2010-2884 (Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2883
+CVE-2010-2883 (Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acroba ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2882
+CVE-2010-2882 (DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not proper ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2881
+CVE-2010-2881 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properl ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2880
+CVE-2010-2880 (DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not proper ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2879
+CVE-2010-2879 (Multiple integer overflows in the allocator in the TextXtra.x32 module ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2878
+CVE-2010-2878 (DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not prope ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2877
+CVE-2010-2877 (Adobe Shockwave Player before 11.5.8.612 does not properly validate a  ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2876
+CVE-2010-2876 (Adobe Shockwave Player before 11.5.8.612 does not properly validate va ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2875
+CVE-2010-2875 (Integer signedness error in Adobe Shockwave Player before 11.5.8.612 a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2874
+CVE-2010-2874 (Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612  ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2873
+CVE-2010-2873 (Adobe Shockwave Player before 11.5.8.612 does not properly validate of ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2872
+CVE-2010-2872 (Adobe Shockwave Player before 11.5.8.612 does not properly validate an ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2871
+CVE-2010-2871 (Integer overflow in the 3D object functionality in Adobe Shockwave Pla ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2870
+CVE-2010-2870 (DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not prope ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2869
+CVE-2010-2869 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properl ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2868
+CVE-2010-2868 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properl ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2867
+CVE-2010-2867 (DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not prope ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2866
+CVE-2010-2866 (Integer signedness error in the DIRAPI module in Adobe Shockwave Playe ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2865
+CVE-2010-2865 (Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612  ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2864
+CVE-2010-2864 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properl ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2863
+CVE-2010-2863 (Adobe Shockwave Player before 11.5.8.612 allows attackers to cause a d ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2862
+CVE-2010-2862 (Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2861
+CVE-2010-2861 (Multiple directory traversal vulnerabilities in the administrator cons ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2010-2860
+CVE-2010-2860 (The EMC Celerra Network Attached Storage (NAS) appliance accepts exter ...)
 	NOT-FOR-US: EMC
-CVE-2010-2859
+CVE-2010-2859 (news.php in SimpNews 2.47.3 and earlier allows remote attackers to obt ...)
 	NOT-FOR-US: SimpNews
-CVE-2010-2858
+CVE-2010-2858 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in Sim ...)
 	NOT-FOR-US: SimpNews
-CVE-2010-2857
+CVE-2010-2857 (Directory traversal vulnerability in the Music Manager component for J ...)
 	NOT-FOR-US: Joomla! Music Manager
-CVE-2010-2856
+CVE-2010-2856 (Cross-site scripting (XSS) vulnerability in admin/currencies.php in os ...)
 	NOT-FOR-US: osCSS
-CVE-2010-2855
+CVE-2010-2855 (Multiple SQL injection vulnerabilities in modfile.php in Event Horizon ...)
 	NOT-FOR-US: Event Horizon
-CVE-2010-2854
+CVE-2010-2854 (Multiple cross-site scripting (XSS) vulnerabilities in modfile.php in  ...)
 	NOT-FOR-US: Event Horizon
-CVE-2010-2853
+CVE-2010-2853 (SQL injection vulnerability in flashPlayer/playVideo.php in iScripts V ...)
 	NOT-FOR-US: iScripts VisualCaster
-CVE-2010-2852
+CVE-2010-2852 (Cross-site scripting (XSS) vulnerability in modules/headlines/magpiers ...)
 	NOT-FOR-US: RunCMS
-CVE-2010-2851
+CVE-2010-2851 (SQL injection vulnerability in the BookLibrary From Same Author (com_b ...)
 	NOT-FOR-US: Joomla! BookLibrary From Same Author
-CVE-2010-2850
+CVE-2010-2850 (Directory traversal vulnerability in productionnu2/fileuploader.php in ...)
 	NOT-FOR-US: nuBuilder
-CVE-2010-2849
+CVE-2010-2849 (Cross-site scripting (XSS) vulnerability in productionnu2/nuedit.php i ...)
 	NOT-FOR-US: nuBuilder
-CVE-2010-2848
+CVE-2010-2848 (Directory traversal vulnerability in assets/captcha/includes/alikon/pl ...)
 	NOT-FOR-US: Joomla! ArtForms
-CVE-2010-2847
+CVE-2010-2847 (Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (co ...)
 	NOT-FOR-US: Joomla! ArtForms
-CVE-2010-2846
+CVE-2010-2846 (Cross-site scripting (XSS) vulnerability in the InterJoomla ArtForms ( ...)
 	NOT-FOR-US: Joomla! ArtForms
-CVE-2010-2845
+CVE-2010-2845 (SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1 ...)
 	NOT-FOR-US: Joomla! QuickFAQ
-CVE-2010-2844
+CVE-2010-2844 (Cross-site scripting (XSS) vulnerability in news_show.php in Newanz Ne ...)
 	NOT-FOR-US: Newanz NewsOffice
-CVE-2010-2843
+CVE-2010-2843 (Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0 ...)
 	NOT-FOR-US: Cisco WLC
-CVE-2010-2842
+CVE-2010-2842 (Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0 ...)
 	NOT-FOR-US: Cisco WLC
-CVE-2010-2841
+CVE-2010-2841 (Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) softw ...)
 	NOT-FOR-US: Cisco WLC
-CVE-2010-2840
+CVE-2010-2840 (The Presence Engine (PE) service in Cisco Unified Presence 6.x before  ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2839
+CVE-2010-2839 (SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2838
+CVE-2010-2838 (The SendCombinedStatusInfo implementation in Cisco Unified Communicati ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2837
+CVE-2010-2837 (The SIPStationInit implementation in Cisco Unified Communications Mana ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2836
+CVE-2010-2836 (Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1,  ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2835
+CVE-2010-2835 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x  ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2834
+CVE-2010-2834 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x  ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2833
+CVE-2010-2833 (Unspecified vulnerability in the NAT for H.225.0 implementation in Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2832
+CVE-2010-2832 (Unspecified vulnerability in the NAT for H.323 implementation in Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2831
+CVE-2010-2831 (Unspecified vulnerability in the NAT for SIP implementation in Cisco I ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2830
+CVE-2010-2830 (The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and  ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2829
+CVE-2010-2829 (Unspecified vulnerability in the H.323 implementation in Cisco IOS 12. ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2828
+CVE-2010-2828 (Unspecified vulnerability in the H.323 implementation in Cisco IOS 12. ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2827
+CVE-2010-2827 (Cisco IOS 15.1(2)T allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2826
+CVE-2010-2826 (SQL injection vulnerability in Cisco Wireless Control System (WCS) 6.0 ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2825
+CVE-2010-2825 (Unspecified vulnerability in the SIP inspection feature on the Cisco A ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2824
+CVE-2010-2824 (Unspecified vulnerability on the Cisco Application Control Engine (ACE ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2823
+CVE-2010-2823 (Unspecified vulnerability in the deep packet inspection feature on the ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2822
+CVE-2010-2822 (Unspecified vulnerability in the RTSP inspection feature on the Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2821
+CVE-2010-2821 (Unspecified vulnerability on the Cisco Firewall Services Module (FWSM) ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2820
+CVE-2010-2820 (Unspecified vulnerability in the SunRPC inspection feature on the Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2819
+CVE-2010-2819 (Unspecified vulnerability in the SunRPC inspection feature on the Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2818
+CVE-2010-2818 (Unspecified vulnerability in the SunRPC inspection feature on the Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2817
+CVE-2010-2817 (Unspecified vulnerability in the IKE implementation on Cisco Adaptive  ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2816
+CVE-2010-2816 (Unspecified vulnerability in the SIP inspection feature on Cisco Adapt ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2815
+CVE-2010-2815 (Unspecified vulnerability in the Transport Layer Security (TLS) implem ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2814
+CVE-2010-2814 (Unspecified vulnerability in the Transport Layer Security (TLS) implem ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2813
+CVE-2010-2813 (functions/imap_general.php in SquirrelMail before 1.4.21 does not prop ...)
 	{DSA-2091-1}
 	- squirrelmail 2:1.4.21-1 (low)
 	[lenny] - squirrelmail <no-dsa> (low-risk issue)
-CVE-2010-2812
+CVE-2010-2812 (Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of s ...)
 	- znc 0.092-2 (unimportant; bug #599708)
-CVE-2010-2811
+CVE-2010-2811 (Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualiza ...)
 	- vdsm <itp> (bug #668538)
-CVE-2010-2810
+CVE-2010-2810 (Heap-based buffer overflow in the convert_to_idna function in WWW/Libr ...)
 	- lynx-cur 2.8.8dev.5-1 (bug #594300)
 	[lenny] - lynx-cur <no-dsa> (Minor issue, exploit scenario really obscure)
-CVE-2010-2809
+CVE-2010-2809 (The default configuration of the &lt;Button2&gt; binding in Uzbl befor ...)
 	- uzbl 0.0.0~git.20100403-3 (bug #594301)
-CVE-2010-2808
+CVE-2010-2808 (Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs. ...)
 	{DSA-2105-1}
 	- freetype 2.4.2-1
-CVE-2010-2807
+CVE-2010-2807 (FreeType before 2.4.2 uses incorrect integer data types during bounds  ...)
 	{DSA-2105-1}
 	- freetype 2.4.2-1
-CVE-2010-2806
+CVE-2010-2806 (Array index error in the t42_parse_sfnts function in type42/t42parse.c ...)
 	{DSA-2105-1}
 	- freetype 2.4.2-1
-CVE-2010-2805
+CVE-2010-2805 (The FT_Stream_EnterFrame function in base/ftstream.c in FreeType befor ...)
 	{DSA-2105-1}
 	- freetype 2.4.2-1
 CVE-2010-2804
 	RESERVED
-CVE-2010-2803
+CVE-2010-2803 (The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rend ...)
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-22
-CVE-2010-2802
+CVE-2010-2802 (Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.2 allo ...)
 	- mantis <not-affected> (vulnerable code introduced in 1.2.x)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=11952
-CVE-2010-2801
+CVE-2010-2801 (Integer signedness error in the Quantum decompressor in cabextract bef ...)
 	{DSA-2087-1}
 	- cabextract 1.3-1 (bug #591552)
-CVE-2010-2800
+CVE-2010-2800 (The MS-ZIP decompressor in cabextract before 1.3 allows remote attacke ...)
 	- cabextract 1.3-1 (bug #591552; unimportant)
-CVE-2010-2799
+CVE-2010-2799 (Stack-based buffer overflow in the nestlex function in nestlex.c in So ...)
 	{DSA-2090-1}
 	- socat 1.7.1.3-1 (bug #591443; medium)
-CVE-2010-2798
+CVE-2010-2798 (The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kern ...)
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-20
-CVE-2010-2797
+CVE-2010-2797 (Directory traversal vulnerability in lib/translation.functions.php in  ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2010-2796
+CVE-2010-2796 (Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when  ...)
 	{DSA-2172-1}
 	- libphp-cas <itp> (bug #495542)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	- moodle 1.9.9.dfsg2-2 (bug #601384)
-CVE-2010-2795
+CVE-2010-2795 (phpCAS before 1.1.2 allows remote authenticated users to hijack sessio ...)
 	{DSA-2172-1}
 	- libphp-cas <itp> (bug #495542)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	- moodle 1.9.9.dfsg2-2 (bug #601384)
-CVE-2010-2794
+CVE-2010-2794 (The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users t ...)
 	- spice-xpi <removed>
 	[jessie] - spice-xpi <end-of-life> (Broken with newer Firefox versions)
-CVE-2010-2793
+CVE-2010-2793 (Race condition in the SPICE (aka spice-activex) plug-in for Internet E ...)
 	NOT-FOR-US: SPICE plugin for Internet Explorer
-CVE-2010-2792
+CVE-2010-2792 (Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox al ...)
 	- spice-xpi <removed>
 	[jessie] - spice-xpi <end-of-life> (Broken with newer Firefox versions)
-CVE-2010-2791
+CVE-2010-2791 (mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix,  ...)
 	- apache2 2.2.9-10 (low)
-CVE-2010-2790
+CVE-2010-2790 (Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery ...)
 	- zabbix 1:1.8.3-1 (bug #594304)
 	[squeeze] - zabbix 1:1.8.2-1squeeze1
 	[lenny] - zabbix <no-dsa> (Minor issue)
-CVE-2010-2789
+CVE-2010-2789 (PHP remote file inclusion vulnerability in MediaWikiParserTest.php in  ...)
 	- mediawiki <not-affected> (Affects mediawiki 1:1.16.0beta* - was not and will not be in Debian)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html
-CVE-2010-2788
+CVE-2010-2788 (Cross-site scripting (XSS) vulnerability in profileinfo.php in MediaWi ...)
 	- mediawiki 1:1.15.5-1 (bug #590669; low)
 	[lenny] - mediawiki 1:1.12.0-2lenny6
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html
-CVE-2010-2787
+CVE-2010-2787 (api.php in MediaWiki before 1.15.5 does not prevent use of public cach ...)
 	- mediawiki 1:1.15.5-1 (bug #590660; low)
 	[lenny] - mediawiki <no-dsa> (Minor issue)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html
-CVE-2010-2786
+CVE-2010-2786 (Directory traversal vulnerability in Piwik 0.6 through 0.6.3 allows re ...)
 	- piwik <itp> (bug #506933)
-CVE-2010-2785
+CVE-2010-2785 (The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not  ...)
 	{DSA-2078-1}
 	- kvirc 4:4.0.0-3
-CVE-2010-2784
+CVE-2010-2784 (The subpage MMIO initialization functionality in the subpage_register  ...)
 	- qemu-kvm 0.12.5+dfsg-3 (bug #594478)
 	- kvm <removed>
 	[lenny] - kvm 72+dfsg-5~lenny6
@@ -6497,11 +6497,11 @@ CVE-2010-2781
 	RESERVED
 CVE-2010-2780
 	RESERVED
-CVE-2010-2779
+CVE-2010-2779 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupW ...)
 	NOT-FOR-US: GroupWise
-CVE-2010-2778
+CVE-2010-2778 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupW ...)
 	NOT-FOR-US: GroupWise
-CVE-2010-2777
+CVE-2010-2777 (Stack-based buffer overflow in the IMAP server component in GroupWise  ...)
 	NOT-FOR-US: GroupWise
 CVE-2010-2776
 	RESERVED
@@ -6511,21 +6511,21 @@ CVE-2010-2774
 	RESERVED
 CVE-2010-2773
 	RESERVED
-CVE-2010-2772
+CVE-2010-2772 (Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded passwor ...)
 	NOT-FOR-US: SCADA
-CVE-2010-2771
+CVE-2010-2771 (solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to exe ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2010-3484
+CVE-2010-3484 (SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows r ...)
 	- mapserver 5.6.4-1 (low)
 	[lenny] - mapserver <no-dsa> (Minor issue)
-CVE-2010-3485
+CVE-2010-3485 (SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows r ...)
 	- mapserver 5.6.4-1 (low)
 	[lenny] - mapserver <no-dsa> (Minor issue)
-CVE-2010-2770
+CVE-2010-2770 (Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird befo ...)
 	- xulrunner <not-affected> (The vulnerability is MacOS-specific)
 	- iceweasel <not-affected> (The vulnerability is MacOS-specific)
 	- iceape <not-affected> (The vulnerability is MacOS-specific)
-CVE-2010-2769
+CVE-2010-2769 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5 ...)
 	{DSA-2124-1 DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6535,7 +6535,7 @@ CVE-2010-2769
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2768
+CVE-2010-2768 (Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird befo ...)
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6545,7 +6545,7 @@ CVE-2010-2768
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2767
+CVE-2010-2767 (The navigator.plugins implementation in Mozilla Firefox before 3.5.12  ...)
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6555,7 +6555,7 @@ CVE-2010-2767
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2766
+CVE-2010-2766 (The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3. ...)
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6565,7 +6565,7 @@ CVE-2010-2766
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2765
+CVE-2010-2765 (Integer overflow in the FRAMESET element implementation in Mozilla Fir ...)
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6575,7 +6575,7 @@ CVE-2010-2765
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2764
+CVE-2010-2764 (Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird befo ...)
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
@@ -6585,7 +6585,7 @@ CVE-2010-2764
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2763
+CVE-2010-2763 (The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) ...)
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6595,10 +6595,10 @@ CVE-2010-2763
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2762
+CVE-2010-2762 (The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) ...)
 	- xulrunner <not-affected> (Only affects 3.6, only in experimental)
 	- iceweasel <not-affected> (Only affects 3.6, only in experimental)
-CVE-2010-2761
+CVE-2010-2761 (The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.p ...)
 	- perl 5.10.1-17 (bug #606995)
 	- libcgi-pm-perl 3.50-1 (bug #606370)
 	[lenny] - libcgi-pm-perl 3.38-2lenny2
@@ -6606,7 +6606,7 @@ CVE-2010-2761
 	- libcgi-simple-perl 1.111-2 (bug #606379)
 	[lenny] - libcgi-simple-perl 1.105-1lenny1
 	[lenny] - perl 5.10.0-19lenny3 (bug #606995)
-CVE-2010-2760
+CVE-2010-2760 (Use-after-free vulnerability in the nsTreeSelection function in Mozill ...)
 	{DSA-2106-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.12-1
@@ -6616,18 +6616,18 @@ CVE-2010-2760
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-2759
+CVE-2010-2759 (Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6. ...)
 	- bugzilla 3.6.2.0-1 (bug #595015; medium)
-CVE-2010-2758
+CVE-2010-2758 (Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6. ...)
 	- bugzilla 3.6.2.0-1 (bug #595015; low)
-CVE-2010-2757
+CVE-2010-2757 (The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4. ...)
 	- bugzilla 3.6.2.0-1 (bug #595015; low)
-CVE-2010-2756
+CVE-2010-2756 (Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 ...)
 	- bugzilla 3.6.2.0-1 (bug #595015; low)
-CVE-2010-2755
+CVE-2010-2755 (layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not pro ...)
 	- xulrunner <not-affected> (Only exploitable in Firefox 3.6.x and above)
 	- iceweasel <not-affected> (Only exploitable in Firefox 3.6.x and above)
-CVE-2010-2754
+CVE-2010-2754 (dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 an ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceweasel 3.5.11-2
@@ -6636,7 +6636,7 @@ CVE-2010-2754
 	[lenny] - icedove <end-of-life>
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-2753
+CVE-2010-2753 (Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x befo ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceweasel 3.5.11-2
@@ -6645,7 +6645,7 @@ CVE-2010-2753
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.0.6-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-2752
+CVE-2010-2752 (Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5 ...)
 	- xulrunner 1.9.1.11-1
 	[lenny] - xulrunner <not-affected> (Only affects 1.9.1 and above)
 	- iceweasel 3.5.11-2
@@ -6654,38 +6654,38 @@ CVE-2010-2752
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.0.6-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-2751
+CVE-2010-2751 (The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocS ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-2750
+CVE-2010-2750 (Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac a ...)
 	NOT-FOR-US: Microsoft Word
 CVE-2010-2749
 	REJECTED
-CVE-2010-2748
+CVE-2010-2748 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check  ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-2747
+CVE-2010-2747 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-2746
+CVE-2010-2746 (Heap-based buffer overflow in Comctl32.dll (aka the common control lib ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2745
+CVE-2010-2745 (Microsoft Windows Media Player (WMP) 9 through 12 does not properly de ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2010-2744
+CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2743
+CVE-2010-2743 (The kernel-mode drivers in Microsoft Windows XP SP3 do not properly pe ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2742
+CVE-2010-2742 (The Netlogon RPC Service in Microsoft Windows Server 2003 SP2 and Serv ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2741
+CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2740
+CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2739
+CVE-2010-2739 (Buffer overflow in the CreateDIBPalette function in win32k.sys in Micr ...)
 	NOT-FOR-US: Windows
-CVE-2010-2738
+CVE-2010-2738 (The Uniscribe (aka new Unicode Script Processor) implementation in USP ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-2737
 	REJECTED
@@ -6693,202 +6693,202 @@ CVE-2010-2736
 	REJECTED
 CVE-2010-2735
 	REJECTED
-CVE-2010-2734
+CVE-2010-2734 (Cross-site scripting (XSS) vulnerability in the mobile portal in Micro ...)
 	NOT-FOR-US: Microsoft Forefront Unified Access Gateway
-CVE-2010-2733
+CVE-2010-2733 (Cross-site scripting (XSS) vulnerability in the Web Monitor in Microso ...)
 	NOT-FOR-US: Microsoft Forefront Unified Access Gateway
-CVE-2010-2732
+CVE-2010-2732 (Open redirect vulnerability in the web interface in Microsoft Forefron ...)
 	NOT-FOR-US: Microsoft Forefront Unified Access Gateway
-CVE-2010-2731
+CVE-2010-2731 (Unspecified vulnerability in Microsoft Internet Information Services ( ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2730
+CVE-2010-2730 (Buffer overflow in Microsoft Internet Information Services (IIS) 7.5,  ...)
 	NOT-FOR-US: Microsoft IIS
-CVE-2010-2729
+CVE-2010-2729 (The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2728
+CVE-2010-2728 (Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, an ...)
 	NOT-FOR-US: Microsoft Outlook
 CVE-2010-2727
 	REJECTED
 CVE-2010-2726
 	REJECTED
-CVE-2010-2725
+CVE-2010-2725 (BarnOwl before 1.6.2 does not check the return code of calls to the (1 ...)
 	{DSA-2102-1}
 	- barnowl 1.6.2-1 (bug #593299)
-CVE-2010-2724
+CVE-2010-2724 (Cross-site scripting (XSS) vulnerability in the Hierarchical Select mo ...)
 	NOT-FOR-US: Drupal addon module
-CVE-2010-2723
+CVE-2010-2723 (Cross-site scripting (XSS) vulnerability in LISTSERV 15 and 16 allows  ...)
 	NOT-FOR-US: LISTSERV
-CVE-2010-2722
+CVE-2010-2722 (Cross-site scripting (XSS) vulnerability in index.php in RightInPoint  ...)
 	NOT-FOR-US: RightInPoint Lyrics Script
-CVE-2010-2721
+CVE-2010-2721 (SQL injection vulnerability in index.php in RightInPoint Lyrics Script ...)
 	NOT-FOR-US: RightInPoint Lyrics Script
-CVE-2010-2720
+CVE-2010-2720 (SQL injection vulnerability in list.php in phpaaCms 0.3.1 UTF-8, and p ...)
 	NOT-FOR-US: phpaaCms
-CVE-2010-2719
+CVE-2010-2719 (SQL injection vulnerability in show.php in phpaaCms 0.3.1 UTF-8, and p ...)
 	NOT-FOR-US: phpaaCms
-CVE-2010-2718
+CVE-2010-2718 (Multiple cross-site scripting (XSS) vulnerabilities in CruxSoftware Cr ...)
 	NOT-FOR-US: CruxSoftware
-CVE-2010-2717
+CVE-2010-2717 (Cross-site scripting (XSS) vulnerability in manager/login.php in CruxS ...)
 	NOT-FOR-US: CruxSoftware
-CVE-2010-2716
+CVE-2010-2716 (Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote atta ...)
 	NOT-FOR-US: PsNews
-CVE-2010-2715
+CVE-2010-2715 (Cross-site scripting (XSS) vulnerability in photos/index.php in TCW PH ...)
 	NOT-FOR-US: TCW PHP Album
-CVE-2010-2714
+CVE-2010-2714 (SQL injection vulnerability in photos/index.php in TCW PHP Album 1.0 a ...)
 	NOT-FOR-US: TCW PHP Album
-CVE-2010-2713
+CVE-2010-2713 (The vte_sequence_handler_window_manipulation function in vteseq.c in l ...)
 	[lenny] - vte <not-affected> (Uses a hardcoded string in the terminal icon/window title)
 	- vte 1:0.24.3-1
 	NOTE: http://git.gnome.org/browse/vte/commit/?id=58bc3a942f198a1a8788553ca72c19d7c1702b74
 	NOTE: http://git.gnome.org/browse/vte/commit/?id=8b971a7b2c59902914ecbbc3915c45dd21530a91
-CVE-2010-2712
+CVE-2010-2712 (Unspecified vulnerability in Software Distributor (sd) in HP HP-UX B.1 ...)
 	NOT-FOR-US: Software Distributor in HP HP-UX
-CVE-2010-2711
+CVE-2010-2711 (Unspecified vulnerability in the HP MagCloud app before 1.0.5 for the  ...)
 	NOT-FOR-US: HP MagCloud app
-CVE-2010-2710
+CVE-2010-2710 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: HP OpenView
-CVE-2010-2709
+CVE-2010-2709 (Stack-based buffer overflow in webappmon.exe in HP OpenView Network No ...)
 	NOT-FOR-US: HP OpenView
-CVE-2010-2708
+CVE-2010-2708 (Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.2 ...)
 	NOT-FOR-US: HP ProCurve
-CVE-2010-2707
+CVE-2010-2707 (Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches be ...)
 	NOT-FOR-US: HP ProCurve
-CVE-2010-2706
+CVE-2010-2706 (Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 ...)
 	NOT-FOR-US: HP ProCurve
-CVE-2010-2705
+CVE-2010-2705 (Unspecified vulnerability on the HP ProCurve 1800-24G switch with soft ...)
 	NOT-FOR-US: HP ProCurve
-CVE-2010-2704
+CVE-2010-2704 (Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and  ...)
 	NOT-FOR-US: HP OpenView
-CVE-2010-2703
+CVE-2010-2703 (Stack-based buffer overflow in the execvp_nc function in the ov.dll mo ...)
 	NOT-FOR-US: HP OpenView
-CVE-2010-2702
+CVE-2010-2702 (Buffer overflow in the UGameEngine::UpdateConnectingMessage function i ...)
 	NOT-FOR-US: Unreal engine
-CVE-2010-2701
+CVE-2010-2701 (Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow rem ...)
 	NOT-FOR-US: FathFTP ActiveX control
-CVE-2010-2700
+CVE-2010-2700 (Cross-site scripting (XSS) vulnerability in index.php in Edge PHP Clic ...)
 	NOT-FOR-US: Edge PHP Clickbank Affiliate Marketplace Script
-CVE-2010-2699
+CVE-2010-2699 (SQL injection vulnerability in index.php in Edge PHP Clickbank Affilia ...)
 	NOT-FOR-US: Edge PHP Clickbank Affiliate Marketplace Script
-CVE-2010-2698
+CVE-2010-2698 (Multiple cross-site scripting (XSS) vulnerabilities in Sijio Community ...)
 	NOT-FOR-US: Sijio Community Software
-CVE-2010-2697
+CVE-2010-2697 (Cross-site scripting (XSS) vulnerability in Sijio Community Software a ...)
 	NOT-FOR-US: Sijio Community Software
-CVE-2010-2696
+CVE-2010-2696 (SQL injection vulnerability in gallery/index.php in Sijio Community So ...)
 	NOT-FOR-US: Sijio Community Software
-CVE-2010-2695
+CVE-2010-2695 (Directory traversal vulnerability in the SFTP/SSH2 virtual server in X ...)
 	NOT-FOR-US: Xlight FTP Server
-CVE-2010-2694
+CVE-2010-2694 (SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 ...)
 	NOT-FOR-US: Joomla addon
-CVE-2010-2693
+CVE-2010-2693 (FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag wh ...)
 	- kfreebsd-7 7.3-5
 	[lenny] - kfreebsd-7 <no-dsa> (Not covered by security support in Lenny)
 	- kfreebsd-8 8.0-10
-CVE-2010-2692
+CVE-2010-2692 (Cross-site scripting (XSS) vulnerability in 2daybiz Custom T-Shirt Des ...)
 	NOT-FOR-US: 2daybiz Custom T-Shirt Design Script
-CVE-2010-2691
+CVE-2010-2691 (Multiple SQL injection vulnerabilities in 2daybiz Custom T-Shirt Desig ...)
 	NOT-FOR-US: 2daybiz Custom T-Shirt Design Script
-CVE-2010-2690
+CVE-2010-2690 (SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) co ...)
 	NOT-FOR-US: Joomla addon
-CVE-2010-2689
+CVE-2010-2689 (SQL injection vulnerability in cont_form.php in Internet DM WebDM CMS  ...)
 	NOT-FOR-US: Internet DM WebDM CMS
-CVE-2010-2688
+CVE-2010-2688 (SQL injection vulnerability in detail.asp in Site2Nite Boat Classified ...)
 	NOT-FOR-US: Site2Nite Boat Classifieds
-CVE-2010-2687
+CVE-2010-2687 (SQL injection vulnerability in printdetail.asp in Site2Nite Boat Class ...)
 	NOT-FOR-US: Site2Nite Boat Classifieds
-CVE-2010-2686
+CVE-2010-2686 (Multiple SQL injection vulnerabilities in clientes.asp in the TopManag ...)
 	NOT-FOR-US: SAP module
-CVE-2010-2685
+CVE-2010-2685 (siteadmin/adduser.php in Customer Paradigm PageDirector CMS does not p ...)
 	NOT-FOR-US: Customer Paradigm PageDirector CMS
-CVE-2010-2684
+CVE-2010-2684 (SQL injection vulnerability in index.php in Customer Paradigm PageDire ...)
 	NOT-FOR-US: Customer Paradigm PageDirector CMS
-CVE-2010-2683
+CVE-2010-2683 (SQL injection vulnerability in result.php in Customer Paradigm PageDir ...)
 	NOT-FOR-US: Customer Paradigm PageDirector CMS
-CVE-2010-2682
+CVE-2010-2682 (Directory traversal vulnerability in the Realtyna Translator (com_real ...)
 	NOT-FOR-US: Joomla addon
-CVE-2010-2681
+CVE-2010-2681 (PHP remote file inclusion vulnerability in the SEF404x (com_sef) compo ...)
 	NOT-FOR-US: Joomla addon
-CVE-2010-2680
+CVE-2010-2680 (Directory traversal vulnerability in the JExtensions JE Section/Proper ...)
 	NOT-FOR-US: Joomla addon
-CVE-2010-2679
+CVE-2010-2679 (SQL injection vulnerability in the Weblinks (com_weblinks) component i ...)
 	NOT-FOR-US: Joomla addon
-CVE-2010-2678
+CVE-2010-2678 (SQL injection vulnerability in xmap (com_xmap) component for Joomla! a ...)
 	NOT-FOR-US: Joomla addon
-CVE-2010-2677
+CVE-2010-2677 (PHP remote file inclusion vulnerability in mw_plugin.php in Open Web A ...)
 	NOT-FOR-US: Open Web Analytics
-CVE-2010-2676
+CVE-2010-2676 (Multiple directory traversal vulnerabilities in index.php in Open Web  ...)
 	NOT-FOR-US: Open Web Analytics
-CVE-2010-2675
+CVE-2010-2675 (Cross-site scripting (XSS) vulnerability in index.php in TSOKA:CMS 1.1 ...)
 	NOT-FOR-US: TSOKA:CMS
-CVE-2010-2674
+CVE-2010-2674 (SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2. ...)
 	NOT-FOR-US: TSOKA:CMS
-CVE-2010-2673
+CVE-2010-2673 (SQL injection vulnerability in profile_view.php in Devana 1.6.6 and ea ...)
 	NOT-FOR-US: Devana
-CVE-2010-2672
+CVE-2010-2672 (Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2 ...)
 	- ezpublish <removed>
-CVE-2010-2671
+CVE-2010-2671 (Cross-site scripting (XSS) vulnerability in advancedsearch.php in eZ P ...)
 	- ezpublish <removed>
-CVE-2010-2670
+CVE-2010-2670 (SQL injection vulnerability in recipedetail.php in BrotherScripts Reci ...)
 	NOT-FOR-US: BrotherScripts Recipe Website
-CVE-2010-2669
+CVE-2010-2669 (Cross-site scripting (XSS) vulnerability in admin/editors/text/editor- ...)
 	NOT-FOR-US: Orbis CMS
-CVE-2010-2668
+CVE-2010-2668 (Unspecified vulnerability in Adaptive Micro Systems ALPHA Ethernet Ada ...)
 	NOT-FOR-US: Adaptive Micro Systems ALPHA Ethernet Adapter
-CVE-2010-2667
+CVE-2010-2667 (Multiple unspecified vulnerabilities in the Virtual Appliance Manageme ...)
 	NOT-FOR-US: VMware Studio
-CVE-2010-2666
+CVE-2010-2666 (Opera before 10.54 on Windows and Mac OS X does not properly enforce p ...)
 	NOT-FOR-US: Opera
-CVE-2010-2665
+CVE-2010-2665 (Cross-site scripting (XSS) vulnerability in Opera before 10.54 on Wind ...)
 	NOT-FOR-US: Opera
-CVE-2010-2664
+CVE-2010-2664 (Opera before 10.60 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Opera
-CVE-2010-2663
+CVE-2010-2663 (Opera before 10.60 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Opera
-CVE-2010-2662
+CVE-2010-2662 (Opera before 10.60 allows remote attackers to bypass the popup blocker ...)
 	NOT-FOR-US: Opera
-CVE-2010-2661
+CVE-2010-2661 (Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX p ...)
 	NOT-FOR-US: Opera
-CVE-2010-2660
+CVE-2010-2660 (Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX p ...)
 	NOT-FOR-US: Opera
-CVE-2010-2659
+CVE-2010-2659 (Opera before 10.50 on Windows, before 10.52 on Mac OS X, and before 10 ...)
 	NOT-FOR-US: Opera
-CVE-2010-2658
+CVE-2010-2658 (Opera before 10.60 does not properly restrict certain interaction betw ...)
 	NOT-FOR-US: Opera
-CVE-2010-2657
+CVE-2010-2657 (Opera before 10.60 on Windows and Mac OS X does not properly prevent c ...)
 	NOT-FOR-US: Opera
-CVE-2010-2656
+CVE-2010-2656 (The IBM BladeCenter with Advanced Management Module (AMM) firmware bui ...)
 	NOT-FOR-US: BladeCenter software
-CVE-2010-2655
+CVE-2010-2655 (Directory traversal vulnerability in private/file_management.php on th ...)
 	NOT-FOR-US: BladeCenter software
-CVE-2010-2654
+CVE-2010-2654 (Multiple cross-site scripting (XSS) vulnerabilities on the IBM BladeCe ...)
 	NOT-FOR-US: BladeCenter software
-CVE-2010-2653
+CVE-2010-2653 (Race condition in the hvc_close function in drivers/char/hvc_console.c ...)
 	- linux-2.6 2.6.32-25
-CVE-2010-2652
+CVE-2010-2652 (Google Chrome before 5.0.375.99 does not properly implement modal dial ...)
 	- webkit <not-affected> (chromium specific issue)
 	- chromium-browser 5.0.375.99~r51029-1
-CVE-2010-2651
+CVE-2010-2651 (The Cascading Style Sheets (CSS) implementation in Google Chrome befor ...)
 	- webkit 1.2.5-1 (bug #599830)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38891
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=51014
 	NOTE: http://trac.webkit.org/changeset/59247
-CVE-2010-2650
+CVE-2010-2650 (Unspecified vulnerability in Google Chrome before 5.0.375.99 has unkno ...)
 	- webkit <not-affected> (chromium specific)
 	- chromium-browser 5.0.375.99~r51029-1
-CVE-2010-2649
+CVE-2010-2649 (Unspecified vulnerability in Google Chrome before 5.0.375.99 allows re ...)
 	- webkit <not-affected> (issue in chromium-specific code)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39797
 	NOTE: http://trac.webkit.org/changeset/60973
 	NOTE: http://trac.webkit.org/changeset/60977
-CVE-2010-2648
+CVE-2010-2648 (The implementation of the Unicode Bidirectional Algorithm (aka Bidi al ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39305
 	NOTE: http://trac.webkit.org/projects/webkit/changeset/61921
-CVE-2010-2647
+CVE-2010-2647 (Google Chrome before 5.0.375.99 allows remote attackers to cause a den ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-1
@@ -6898,112 +6898,112 @@ CVE-2010-2647
 	NOTE: http://trac.webkit.org/changeset/61676 chromium fixes
 	NOTE: http://trac.webkit.org/changeset/61679 additional layout test
 	NOTE: duplicate of cve-2010-1786
-CVE-2010-2646
+CVE-2010-2646 (Google Chrome before 5.0.375.99 does not properly isolate sandboxed IF ...)
 	- webkit 1.2.5-1 (bug #599830)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38151
 	NOTE: http://trac.webkit.org/changeset/58873
 	NOTE: http://trac.webkit.org/changeset/59870 chromium updates
-CVE-2010-2645
+CVE-2010-2645 (Unspecified vulnerability in Google Chrome before 5.0.375.99, when Web ...)
 	- webkit <not-affected> (doesn't include webgl code yet)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38039
 	NOTE: http://trac.webkit.org/changeset/58957
-CVE-2010-2644
+CVE-2010-2644 (IBM WebSphere Service Registry and Repository (WSRR) 7.0.0 before FP1  ...)
 	NOT-FOR-US: IBM WebSphere Service Registry and Repository
-CVE-2010-2643
+CVE-2010-2643 (Integer overflow in the TFM font parser in the dvi-backend component i ...)
 	{DSA-2357-1}
 	- evince 2.30.3-2 (bug #609534)
-CVE-2010-2642
+CVE-2010-2642 (Heap-based buffer overflow in the AFM font parser in the dvi-backend c ...)
 	{DSA-2388-1 DSA-2357-1}
 	- evince 3.0.2-1 (bug #609534)
 	[squeeze] - evince 2.30.3-2+squeeze1
 	- t1lib 5.1.2-3.5
 	[lenny] - t1lib 5.1.2-3+lenny1
 	[squeeze] - t1lib 5.1.2-3+squeeze1
-CVE-2010-2641
+CVE-2010-2641 (Array index error in the VF font parser in the dvi-backend component i ...)
 	{DSA-2357-1}
 	- evince 2.30.3-2 (bug #609534)
-CVE-2010-2640
+CVE-2010-2640 (Array index error in the PK font parser in the dvi-backend component i ...)
 	{DSA-2357-1}
 	- evince 2.30.3-2 (bug #609534)
-CVE-2010-2639
+CVE-2010-2639 (IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote att ...)
 	NOT-FOR-US: IBM WebSphere Commerce Enterprise 7.0
-CVE-2010-2638
+CVE-2010-2638 (Unspecified vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5 allow ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2010-2637
+CVE-2010-2637 (IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not en ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-2636
+CVE-2010-2636 (Multiple cross-site scripting (XSS) vulnerabilities in sample store pa ...)
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2010-2635
+CVE-2010-2635 (SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0 ...)
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2010-2634
+CVE-2010-2634 (RSA enVision before 3.7 SP1 allows remote authenticated users to cause ...)
 	NOT-FOR-US: RSA enVision
-CVE-2010-2633
+CVE-2010-2633 (Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, 3.3. ...)
 	NOT-FOR-US: EMC
-CVE-2010-2632
+CVE-2010-2632 (Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10 ...)
 	NOT-FOR-US: Solaris FTP server
-CVE-2010-2631
+CVE-2010-2631 (LibTIFF 3.9.0 ignores tags in certain situations during the first stag ...)
 	- tiff 3.9.4-1
 	- tiff3 <not-affected> (fixed before initial upload)
-CVE-2010-2630
+CVE-2010-2630 (The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly vali ...)
 	{DSA-2552-1}
 	- tiff 3.9.6-1
 	- tiff3 3.9.6-1
 	NOTE: may have been fixed earlier
-CVE-2010-2629
+CVE-2010-2629 (The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02  ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2628
+CVE-2010-2628 (The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 ...)
 	- strongswan 4.4.1-1
 	[lenny] - strongswan <not-affected> (Vulnerability introduced in 4.3.3)
 	[squeeze] - strongswan <not-affected> (Vulnerability introduced in 4.3.3)
-CVE-2010-2627
+CVE-2010-2627 (Multiple directory traversal vulnerabilities in the Refractor 2 engine ...)
 	NOT-FOR-US: Refractor 2
-CVE-2010-2626
+CVE-2010-2626 (index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to ...)
 	NOT-FOR-US: Miyabi CGI Tools SEO Links
-CVE-2010-2625
+CVE-2010-2625 (Unspecified vulnerability in the Client Service for DPM in Hitachi Ser ...)
 	NOT-FOR-US: Hitachi ServerConductor
-CVE-2010-2624
+CVE-2010-2624 (Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow ...)
 	NOT-FOR-US: iScripts EasySnaps
-CVE-2010-2623
+CVE-2010-2623 (SQL injection vulnerability in pages.php in Internet DM Specialist Bed ...)
 	NOT-FOR-US: Internet DM Specialist Bed and Breakfast
-CVE-2010-2622
+CVE-2010-2622 (SQL injection vulnerability in the Joomanager component, possibly 1.1. ...)
 	NOT-FOR-US: Joomanager
-CVE-2010-2621
+CVE-2010-2621 (The QSslSocketBackendPrivate::transmit function in src_network_ssl_qss ...)
 	- qt4-x11 4:4.6.3-2 (low; bug #587711)
 	[lenny] - qt4-x11 <no-dsa> (Harmless impact)
 	NOTE: Fixed by commit c25c7c9bdfade6b906f37ac8bad44f6f0de57597
-CVE-2010-2620
+CVE-2010-2620 (Open&amp;Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote  ...)
 	NOT-FOR-US: Open&Compact FTP Server
-CVE-2010-2619
+CVE-2010-2619 (Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlie ...)
 	NOT-FOR-US: Citrix XenServer (it's based on Xen, likely a duplicate of an existing Xen issue)
-CVE-2010-2494
+CVE-2010-2494 (Multiple buffer underflows in the base64 decoder in base64.c in (1) bo ...)
 	- bogofilter 1.2.1-3 (low; bug #588090)
 	[lenny] - bogofilter 1.1.7-1+lenny1
 	NOTE: this is "only" null write to an invalid pointer, no arbitrary location
-CVE-2010-2495
+CVE-2010-2495 (The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP imple ...)
 	- linux-2.6 2.6.32-16
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.29)
-CVE-2010-2618
+CVE-2010-2618 (PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in ...)
 	NOT-FOR-US: AdaptCMS
-CVE-2010-2617
+CVE-2010-2617 (Cross-site scripting (XSS) vulnerability in bible.php in PHP Bible Sea ...)
 	NOT-FOR-US: PHP Bible Search
-CVE-2010-2616
+CVE-2010-2616 (SQL injection vulnerability in bible.php in PHP Bible Search, probably ...)
 	NOT-FOR-US: PHP Bible Search
-CVE-2010-2615
+CVE-2010-2615 (Multiple cross-site scripting (XSS) vulnerabilities in admin/admin.php ...)
 	NOT-FOR-US: Grafik CMS
-CVE-2010-2614
+CVE-2010-2614 (SQL injection vulnerability in admin/admin.php in Grafik CMS 1.1.2, an ...)
 	NOT-FOR-US: Grafik CMS
-CVE-2010-2613
+CVE-2010-2613 (Cross-site scripting (XSS) vulnerability in the JExtensions JE Awd Son ...)
 	NOT-FOR-US: com_awd_song component for joomla!
-CVE-2010-2612
+CVE-2010-2612 (Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVM ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2010-2611
+CVE-2010-2611 (SQL injection vulnerability in show_search_result.php in i-netsolution ...)
 	NOT-FOR-US: i-netsolution Job Search Engine
-CVE-2010-2610
+CVE-2010-2610 (Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allo ...)
 	NOT-FOR-US: 2daybiz Job Site Script
-CVE-2010-2609
+CVE-2010-2609 (SQL injection vulnerability in show_search_result.php in 2daybiz Job S ...)
 	NOT-FOR-US: 2daybiz Job Search Engine Script
 CVE-2010-2608
 	RESERVED
@@ -7013,19 +7013,19 @@ CVE-2010-2606
 	RESERVED
 CVE-2010-2605
 	RESERVED
-CVE-2010-2604
+CVE-2010-2604 (Multiple buffer overflows in the PDF Distiller in the BlackBerry Attac ...)
 	NOT-FOR-US: BlackBerry Enterprise Server
-CVE-2010-2603
+CVE-2010-2603 (RIM BlackBerry Desktop Software 4.7 through 6.0 for PC, and 1.0 for Ma ...)
 	NOT-FOR-US: RIM BlackBerry Desktop Software
-CVE-2010-2602
+CVE-2010-2602 (Multiple buffer overflows in the PDF distiller component in the BlackB ...)
 	NOT-FOR-US: BlackBerry Enterprise Serve
-CVE-2010-2601
+CVE-2010-2601 (Multiple buffer overflows in the PDF distiller in the Attachment Servi ...)
 	NOT-FOR-US: BlackBerry Enterprise Server
-CVE-2010-2600
+CVE-2010-2600 (Untrusted search path vulnerability in BlackBerry Desktop Software bef ...)
 	NOT-FOR-US: BlackBerry Desktop Software
-CVE-2010-2599
+CVE-2010-2599 (Unspecified vulnerability in Research In Motion (RIM) BlackBerry Devic ...)
 	NOT-FOR-US: BlackBerry Device Software
-CVE-2010-2594
+CVE-2010-2594 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web  ...)
 	NOT-FOR-US: InterSect Allience Snare Agent
 CVE-2010-2593
 	RESERVED
@@ -7033,37 +7033,37 @@ CVE-2010-2592
 	RESERVED
 CVE-2010-2591
 	RESERVED
-CVE-2010-2590
+CVE-2010-2590 (Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl ...)
 	NOT-FOR-US: ActiveX
-CVE-2010-2589
+CVE-2010-2589 (Integer overflow in the dirapi.dll module in Adobe Shockwave Player be ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2588
+CVE-2010-2588 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allo ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2587
+CVE-2010-2587 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allo ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2586
+CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winam ...)
 	NOT-FOR-US: Winamp
-CVE-2010-2585
+CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX contro ...)
 	NOT-FOR-US: RealPage Module ActiveX Controls
-CVE-2010-2584
+CVE-2010-2584 (The Upload method in the RealPage Module Upload ActiveX control in Rea ...)
 	NOT-FOR-US: RealPage Module ActiveX Controls
-CVE-2010-2583
+CVE-2010-2583 (Stack-based buffer overflow in SonicWALL SSL-VPN End-Point Interrogato ...)
 	NOT-FOR-US: SonicWALL
-CVE-2010-2582
+CVE-2010-2582 (An unspecified function in TextXtra.x32 in Adobe Shockwave Player befo ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2581
+CVE-2010-2581 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2580
+CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not pro ...)
 	NOT-FOR-US: MailEnable
-CVE-2010-2579
+CVE-2010-2579 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlaye ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-2578
+CVE-2010-2578 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-2577
+CVE-2010-2577 (Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow rem ...)
 	NOT-FOR-US: Pligg
-CVE-2010-2576
+CVE-2010-2576 (Opera before 10.61 does not properly suppress clicks on download dialo ...)
 	NOT-FOR-US: Opera
-CVE-2010-2575
+CVE-2010-2575 (Heap-based buffer overflow in the RLE decompression functionality in t ...)
 	- okular 4:4.4.5-2
 	[lenny] - okular 0.7-2+lenny1
 	- kdegraphics 4:4.4.5-2
@@ -7071,18 +7071,18 @@ CVE-2010-2575
 	NOTE: http://www.kde.org/info/security/advisory-20100825-1.txt
 	NOTE: Okular was initially a single source package (lenny days), then it was merged into
 	NOTE: kdegraphics (squeeze days) and later split off again (wheezy)
-CVE-2010-2574
+CVE-2010-2574 (Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in ...)
 	- mantis 1.1.8+dfsg-6 (low; bug #595510)
 	[lenny] - mantis 1.1.6+dfsg-2lenny2
-CVE-2010-2598
+CVE-2010-2598 (LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as u ...)
 	- tiff 3.9.4-1
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2010-2597
+CVE-2010-2597 (The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2  ...)
 	{DSA-2552-1}
 	- tiff 3.9.6-1
 	- tiff3 3.9.6-1
 	NOTE: may have been fixed earlier
-CVE-2010-2596
+CVE-2010-2596 (The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2 ...)
 	{DLA-610-1}
 	- tiff 4.0.6-1 (unimportant)
 	- tiff3 <removed> (unimportant)
@@ -7092,101 +7092,101 @@ CVE-2010-2596
 	NOTE: that the reproducer does not trigger the crash anymore.
 	NOTE: Tom Lane's patch should be applied for tiff in Wheezy too.
 	NOTE: Not confirmed which exact version should fix the issue.
-CVE-2010-2595
+CVE-2010-2595 (The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in Ima ...)
 	{DSA-2552-1}
 	- tiff 3.9.6-1
 	- tiff3 3.9.6-1
 	NOTE: may have been fixed earlier
-CVE-2010-2573
+CVE-2010-2573 (Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, Power ...)
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2010-2572
+CVE-2010-2572 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows r ...)
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2010-2571
+CVE-2010-2571 (Array index error in pubconv.dll (aka the Publisher Converter DLL) in  ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2010-2570
+CVE-2010-2570 (Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2010-2569
+CVE-2010-2569 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2 ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2010-2568
+CVE-2010-2568 (Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1  ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2567
+CVE-2010-2567 (The RPC client implementation in Microsoft Windows XP SP2 and SP3 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2566
+CVE-2010-2566 (The Secure Channel (aka SChannel) security package in Microsoft Window ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-2565
 	REJECTED
-CVE-2010-2564
+CVE-2010-2564 (Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2563
+CVE-2010-2563 (The Word 97 text converter in the WordPad Text Converters in Microsoft ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2562
+CVE-2010-2562 (Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2561
+CVE-2010-2561 (Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle H ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2560
+CVE-2010-2560 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2559
+CVE-2010-2559 (Microsoft Internet Explorer 8 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2558
+CVE-2010-2558 (Race condition in Microsoft Internet Explorer 6, 7, and 8 allows remot ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2557
+CVE-2010-2557 (Microsoft Internet Explorer 6 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2556
+CVE-2010-2556 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2555
+CVE-2010-2555 (The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2554
+CVE-2010-2554 (The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2553
+CVE-2010-2553 (The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista S ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2552
+CVE-2010-2552 (Stack consumption vulnerability in the SMB Server in Microsoft Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2551
+CVE-2010-2551 (The SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2550
+CVE-2010-2550 (The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2549
+CVE-2010-2549 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-2548
 	RESERVED
 	- openjdk-6 6b18-1.8.1-1
-CVE-2010-2547
+CVE-2010-2547 (Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2. ...)
 	{DSA-2076-1}
 	- gnupg2 2.0.14-2
-CVE-2010-2546
+CVE-2010-2546 (Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod ...)
 	{DSA-2081-1}
 	- libmikmod 3.1.11-6.3
-CVE-2010-2545
+CVE-2010-2545 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0. ...)
 	{DSA-2384-1}
 	- cacti 0.8.7g-1
-CVE-2010-2544
+CVE-2010-2544 (Cross-site scripting (XSS) vulnerability in utilities.php in Cacti bef ...)
 	- cacti 0.8.7g-1
-CVE-2010-2543
+CVE-2010-2543 (Cross-site scripting (XSS) vulnerability in include/top_graph_header.p ...)
 	{DSA-2384-1}
 	- cacti 0.8.7g-1
-CVE-2010-2542
+CVE-2010-2542 (Stack-based buffer overflow in the is_git_directory function in setup. ...)
 	{DSA-2114-1}
 	- git-core 1:1.7.1-1.1 (low; bug #590026)
-CVE-2010-2541
+CVE-2010-2541 (Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType b ...)
 	{DSA-2105-1}
 	- freetype 2.4.2-1 (low)
-CVE-2010-2540
+CVE-2010-2540 (mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 d ...)
 	{DSA-2079-1}
 	- mapserver 5.6.4-1
-CVE-2010-2539
+CVE-2010-2539 (Buffer overflow in the msTmpFile function in maputil.c in mapserv in M ...)
 	{DSA-2079-1}
 	- mapserver 5.6.4-1
-CVE-2010-2538
+CVE-2010-2538 (Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c ...)
 	- linux-2.6 2.6.32-19
 	[lenny] - linux-2.6 <not-affected> (brtfs introduced in 2.6.29)
-CVE-2010-2537
+CVE-2010-2537 (The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel ...)
 	- linux-2.6 2.6.32-19
 	[lenny] - linux-2.6 <not-affected> (brtfs introduced in 2.6.29)
-CVE-2010-2536
+CVE-2010-2536 (Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and  ...)
 	- rekonq 0.5.0-2 (bug #593300)
-CVE-2010-2535
+CVE-2010-2535 (Multiple cross-site scripting (XSS) vulnerabilities in the Back End in ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-2534
+CVE-2010-2534 (The NetworkSyncCommandQueue function in network/network_command.cpp in ...)
 	- openttd 1.0.3-1
 	[lenny] - openttd <not-affected> (Introduced in 1.0.1)
 	NOTE: http://bugs.openttd.org/task/3909
@@ -7194,99 +7194,99 @@ CVE-2010-2533
 	REJECTED
 CVE-2010-2532
 	- lxsession 0.4.4-3 (bug #591409)
-CVE-2010-2531
+CVE-2010-2531 (The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3  ...)
 	{DSA-2266-1}
 	- php5 5.3.3-2 (low)
-CVE-2010-2530
+CVE-2010-2530 (Multiple integer signedness errors in smb_subr.c in the netsmb module  ...)
 	NOT-FOR-US: NetBSD
-CVE-2010-2529
+CVE-2010-2529 (Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 200 ...)
 	{DSA-2645-1}
 	- iputils 3:20100418-2
 	- inetutils 2:1.9-2
 	[lenny] - iputils 3:20071127-1+lenny1
-CVE-2010-2528
+CVE-2010-2528 (The clientautoresp function in family_icbm.c in the oscar protocol plu ...)
 	- pidgin 2.7.2-1
 	[lenny] - pidgin <not-affected> (Vulnerable code not present, support for X-Status was added later)
-CVE-2010-2527
+CVE-2010-2527 (Multiple buffer overflows in demo programs in FreeType before 2.4.0 al ...)
 	{DSA-2070-1}
 	- freetype 2.4.0-1
-CVE-2010-2526
+CVE-2010-2526 (The cluster logical volume manager daemon (clvmd) in lvm2-cluster in L ...)
 	{DSA-2095-1}
 	- lvm2 2.02.66-3 (bug #591204)
 CVE-2010-2525
 	RESERVED
-CVE-2010-2524
+CVE-2010-2524 (The DNS resolution functionality in the CIFS implementation in the Lin ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.32-19
-CVE-2010-2523
+CVE-2010-2523 (Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 allo ...)
 	NOT-FOR-US: UMIP
-CVE-2010-2522
+CVE-2010-2522 (The mipv6 daemon in UMIP 0.4 does not verify that netlink messages ori ...)
 	NOT-FOR-US: UMIP
-CVE-2010-2521
+CVE-2010-2521 (Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementati ...)
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-13
-CVE-2010-2520
+CVE-2010-2520 (Heap-based buffer overflow in the Ins_IUP function in truetype/ttinter ...)
 	{DSA-2070-1}
 	- freetype 2.4.0-1
-CVE-2010-2519
+CVE-2010-2519 (Heap-based buffer overflow in the Mac_Read_POST_Resource function in b ...)
 	{DSA-2070-1}
 	- freetype 2.4.0-1
-CVE-2010-2518
+CVE-2010-2518 (Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before ...)
 	NOT-FOR-US: P8 Content Search Engine
-CVE-2010-2517
+CVE-2010-2517 (Multiple unspecified vulnerabilities in IBM Rational ClearQuest before ...)
 	NOT-FOR-US: ClearQuest
-CVE-2010-2516
+CVE-2010-2516 (Multiple SQL injection vulnerabilities in 2daybiz Multi Level Marketin ...)
 	NOT-FOR-US: 2daybiz Multi Level Marketing
-CVE-2010-2515
+CVE-2010-2515 (Multiple SQL injection vulnerabilities in index.php in the JFaq (com_j ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-2514
+CVE-2010-2514 (Cross-site scripting (XSS) vulnerability in the JFaq (com_jfaq) compon ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-2513
+CVE-2010-2513 (SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxe ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-2512
+CVE-2010-2512 (SQL injection vulnerability in customprofile.php in 2daybiz Matrimonia ...)
 	NOT-FOR-US: 2daybiz Matrimonial Script
-CVE-2010-2511
+CVE-2010-2511 (SQL injection vulnerability in viewnews.php in 2daybiz Multi Level Mar ...)
 	NOT-FOR-US: 2daybiz Multi Level Marketing
-CVE-2010-2510
+CVE-2010-2510 (SQL injection vulnerability in customize.php in 2daybiz Web Template S ...)
 	NOT-FOR-US: 2daybiz Web Template
-CVE-2010-2509
+CVE-2010-2509 (Multiple cross-site scripting (XSS) vulnerabilities in 2daybiz Web Tem ...)
 	NOT-FOR-US: 2daybiz Web Template
-CVE-2010-2508
+CVE-2010-2508 (SQL injection vulnerability in user-profile.php in 2daybiz Video Commu ...)
 	NOT-FOR-US: 2daybiz Video
-CVE-2010-2507
+CVE-2010-2507 (Directory traversal vulnerability in the Picasa2Gallery (com_picasa2ga ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-2506
+CVE-2010-2506 (Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54 ...)
 	NOT-FOR-US: Linksys
-CVE-2010-2505
+CVE-2010-2505 (Soft SaschArt SasCAM Webcam Server 2.6.5, 2.7, and earlier allows remo ...)
 	NOT-FOR-US: Soft SaschArt SasCAM Webcam Server
-CVE-2010-2504
+CVE-2010-2504 (Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenti ...)
 	NOT-FOR-US: Splunk
-CVE-2010-2503
+CVE-2010-2503 (Multiple cross-site scripting (XSS) vulnerabilities in Splunk 4.0 thro ...)
 	NOT-FOR-US: Splunk
-CVE-2010-2502
+CVE-2010-2502 (Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0 ...)
 	NOT-FOR-US: Splunk
 CVE-2010-2501
 	RESERVED
-CVE-2010-2500
+CVE-2010-2500 (Integer overflow in the gray_render_span function in smooth/ftgrays.c  ...)
 	{DSA-2070-1}
 	- freetype 2.4.0-1
-CVE-2010-2499
+CVE-2010-2499 (Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs. ...)
 	{DSA-2070-1}
 	- freetype 2.4.0-1
-CVE-2010-2498
+CVE-2010-2498 (The psh_glyph_find_strong_points function in pshinter/pshalgo.c in Fre ...)
 	{DSA-2070-1}
 	- freetype 2.4.0-1
-CVE-2010-2497
+CVE-2010-2497 (Integer underflow in glyph handling in FreeType before 2.4.0 allows re ...)
 	{DSA-2070-1}
 	- freetype 2.4.0-1
 CVE-2010-2496
 	RESERVED
-CVE-2010-2493
+CVE-2010-2493 (The default configuration of the deployment descriptor (aka web.xml) i ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-2492
+CVE-2010-2492 (Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messagin ...)
 	{DSA-2110-1}
 	- linux-2.6 2.6.32-19
-CVE-2010-2491
+CVE-2010-2491 (Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup b ...)
 	- roundup 1.4.13-3.1 (bug #590769)
 	NOTE: http://bugs.gentoo.org/show_bug.cgi?id=326395
 	NOTE: http://roundup.svn.sourceforge.net/viewvc/roundup?view=revision&revision=4486
@@ -7295,153 +7295,153 @@ CVE-2010-2490 [murmur DoS via malformed client query]
 	- mumble 1.2.2-4 (bug #587713)
 	[lenny] - mumble <no-dsa> (Minor issue)
 	- qt4-x11 <not-affected> (low; bug #587713)
-CVE-2010-2489
+CVE-2010-2489 (Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow ...)
 	- ruby1.8 <not-affected> (Windows-specific)
 	- ruby1.9.1 <not-affected> (Windows-specific)
 CVE-2010-2488 [znc null pointer deref]
 	RESERVED
 	{DSA-2069-1}
 	- znc 0.090-2 (bug #584929)
-CVE-2010-2487
+CVE-2010-2487 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3  ...)
 	{DSA-2083-1}
 	- moin 1.9.3-1 (bug #584809)
 CVE-2010-2486
 	RESERVED
 CVE-2010-2485
 	RESERVED
-CVE-2010-2484
+CVE-2010-2484 (The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent ...)
 	- php5 5.3.3-1 (unimportant)
-CVE-2010-2483
+CVE-2010-2483 (The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers ...)
 	- tiff 3.9.4-4 (unimportant)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2010-2482
+CVE-2010-2482 (LibTIFF 3.9.4 and earlier does not properly handle an invalid td_strip ...)
 	{DSA-2552-1}
 	- tiff 3.9.4-1 (unimportant)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2010-2481
+CVE-2010-2481 (The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly ha ...)
 	- tiff 3.9.4-1 (unimportant)
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2010-2480
+CVE-2010-2480 (Mako before 0.3.4 relies on the cgi.escape function in the Python stan ...)
 	- mako 0.3.4-1 (low)
 	[lenny] - mako <no-dsa> (Minor issue)
-CVE-2010-2478
+CVE-2010-2478 (Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool ...)
 	- linux-2.6 2.6.32-19
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.27)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=608950
 	NOTE: http://thread.gmane.org/gmane.linux.network/164869
-CVE-2010-2477
+CVE-2010-2477 (Multiple cross-site scripting (XSS) vulnerabilities in the paste.httpe ...)
 	- paste 1.7.4-1 (low)
 	[lenny] - paste 1.7.1-1+lenny1
 	NOTE: http://bitbucket.org/ianb/paste/changeset/fcae59df8b56
 CVE-2010-2475
 	RESERVED
-CVE-2010-2474
+CVE-2010-2474 (JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-2470
+CVE-2010-2470 (Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through  ...)
 	- bugzilla <not-affected> (Only affects 3.5 to 3.7)
 CVE-2010-2476 [syscp open_basedir bypassing]
 	RESERVED
 	- syscp <removed> (bug #587481)
-CVE-2010-2469
+CVE-2010-2469 (The Linear eMerge 50 and 5000 uses a default password of eMerge for th ...)
 	NOT-FOR-US: Linear eMerge
-CVE-2010-2468
+CVE-2010-2468 (The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 an ...)
 	NOT-FOR-US: S2 Security NetBox
-CVE-2010-2467
+CVE-2010-2467 (The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eM ...)
 	NOT-FOR-US: S2 Security NetBox
-CVE-2010-2466
+CVE-2010-2466 (The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eM ...)
 	NOT-FOR-US: S2 Security NetBox
-CVE-2010-2465
+CVE-2010-2465 (The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge ...)
 	NOT-FOR-US: S2 Security NetBox
-CVE-2010-2464
+CVE-2010-2464 (Multiple cross-site scripting (XSS) vulnerabilities in the RSComments  ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-2463
+CVE-2010-2463 (Cross-site scripting (XSS) vulnerability in forum.php in Jamroom befor ...)
 	NOT-FOR-US: Jamroom
-CVE-2010-2462
+CVE-2010-2462 (SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP ...)
 	NOT-FOR-US: Toma Cero OroHYIP
-CVE-2010-2461
+CVE-2010-2461 (SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 al ...)
 	NOT-FOR-US: JCE-Tech Overstock
-CVE-2010-2460
+CVE-2010-2460 (SQL injection vulnerability in merchant_product_list.php in JCE-Tech S ...)
 	NOT-FOR-US: JCE-Tech Shareasale Script
-CVE-2010-2459
+CVE-2010-2459 (SQL injection vulnerability in video.php in 2daybiz Video Community Po ...)
 	NOT-FOR-US: 2daybiz Video Community Portal Script
-CVE-2010-2458
+CVE-2010-2458 (Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video ...)
 	NOT-FOR-US: 2daybiz Video Community Portal Script
-CVE-2010-2457
+CVE-2010-2457 (Cross-site scripting (XSS) vulnerability in index.php in K-Search allo ...)
 	NOT-FOR-US: K-Search
-CVE-2010-2456
+CVE-2010-2456 (Multiple directory traversal vulnerabilities in index.php in Linker IM ...)
 	NOT-FOR-US: Linker IMG
-CVE-2010-2455
+CVE-2010-2455 (Opera does not properly manage the address bar between the request to  ...)
 	NOT-FOR-US: Opera
-CVE-2010-2454
+CVE-2010-2454 (Apple Safari does not properly manage the address bar between the requ ...)
 	- webkit <not-affected> (iceweasel/safari-specific issues)
 	- chromium-browser <not-affected> (iceweasel/safari-specific issues)
 	NOTE: i tested both firefox and safari poc's, and neither of them caused the
 	NOTE: address bar to be spoofed in either webkit or chrome
 	NOTE: this will be address in iceweasel in cve-2010-1206
-CVE-2010-2453
+CVE-2010-2453 (Multiple cross-site scripting (XSS) vulnerabilities in Synology Disk S ...)
 	NOT-FOR-US: Synology Disk Station
-CVE-2010-2452
+CVE-2010-2452 (Directory traversal vulnerability in the DCC functionality in KVIrc 3. ...)
 	{DSA-2065-1}
 	- kvirc 4:4.0.0~svn4340+rc3-1
-CVE-2010-2451
+CVE-2010-2451 (Multiple format string vulnerabilities in the DCC functionality in KVI ...)
 	{DSA-2065-1}
 	- kvirc 4:4.0.0~svn4340+rc3-1
-CVE-2010-2443
+CVE-2010-2443 (The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9. ...)
 	- tiff 3.9.4-1 (unimportant)
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	NOTE: Triggers a NULL pointer deref, crasher only
-CVE-2010-2442
+CVE-2010-2442 (Microsoft Internet Explorer, possibly 8, does not properly restrict fo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-2441
+CVE-2010-2441 (WebKit does not properly restrict focus changes, which allows remote a ...)
 	- webkit 1.2.1-3 (low)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: http://trac.webkit.org/changeset/58829
-CVE-2010-2440
+CVE-2010-2440 (Stack-based buffer overflow in st-wizard.exe in Subtitle Translation W ...)
 	NOT-FOR-US: Subtitle Translation Wizard
-CVE-2010-2439
+CVE-2010-2439 (Stack-based buffer overflow in MoreAmp allows remote attackers to exec ...)
 	NOT-FOR-US: MoreAmp
-CVE-2010-2438
+CVE-2010-2438 (SQL injection vulnerability in G.CMS generator allows remote attackers ...)
 	NOT-FOR-US: G.CMS
-CVE-2010-2437
+CVE-2010-2437 (Cross-site scripting (XSS) vulnerability in class/tools.class.php in A ...)
 	NOT-FOR-US: AneCMS BLog
-CVE-2010-2436
+CVE-2010-2436 (SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1 ...)
 	NOT-FOR-US: AneCMS Blog
-CVE-2010-2435
+CVE-2010-2435 (Weborf HTTP Server 0.12.1 and earlier allows remote attackers to cause ...)
 	- weborf 0.12.2-1
-CVE-2010-2434
+CVE-2010-2434 (Buffer overflow in Arcext.dll 2.16.1 and earlier in pon software Explz ...)
 	NOT-FOR-US: Explzh
-CVE-2010-2433
+CVE-2010-2433 (Multiple cross-site scripting (XSS) vulnerabilities in content/interna ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-2432
+CVE-2010-2432 (The cupsDoAuthentication function in auth.c in the client in CUPS befo ...)
 	{DSA-2176-1}
 	- cups 1.4.4-1
-CVE-2010-2431
+CVE-2010-2431 (The cupsFileOpen function in CUPS before 1.4.4 allows local users, wit ...)
 	{DSA-2176-1}
 	- cups 1.4.4-1
 CVE-2010-2430
 	RESERVED
-CVE-2010-2429
+CVE-2010-2429 (Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2,  ...)
 	NOT-FOR-US: Splunk
-CVE-2010-2428
+CVE-2010-2428 (Cross-site scripting (XSS) vulnerability in admin_loginok.html in the  ...)
 	NOT-FOR-US: Wing FTP Server
-CVE-2010-2427
+CVE-2010-2427 (VMware Studio 2.0 does not properly write to temporary files, which al ...)
 	NOT-FOR-US: VMware Studio
-CVE-2010-2426
+CVE-2010-2426 (Directory traversal vulnerability in TitanFTPd in South River Technolo ...)
 	NOT-FOR-US: Titan FTP Server
-CVE-2010-2425
+CVE-2010-2425 (Directory traversal vulnerability in TitanFTPd in South River Technolo ...)
 	NOT-FOR-US: Titan FTP Server
 CVE-2010-2424
 	RESERVED
 CVE-2010-2423
 	RESERVED
-CVE-2010-2422
+CVE-2010-2422 (Cross-site scripting (XSS) vulnerability in PortalTransforms in Plone  ...)
 	- plone3 <removed>
-CVE-2010-2421
+CVE-2010-2421 (Multiple unspecified vulnerabilities in Opera before 10.54 have unknow ...)
 	NOT-FOR-US: Opera
-CVE-2010-2420
+CVE-2010-2420 (Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser ...)
 	NOT-FOR-US: Sleipnir
-CVE-2010-2479
+CVE-2010-2479 (Cross-site scripting (XSS) vulnerability in HTML Purifier before 4.1.1 ...)
 	{DSA-2067-1}
 	- php-htmlpurifier 4.1.1+dfsg1-1
 	- mahara 1.2.5-1
@@ -7449,274 +7449,274 @@ CVE-2010-2479
 	[lenny] - moodle <not-affected> (doesn't ship/use htmlpurifier)
 	- knowledgeroot 0.9.9.5-5
 	[lenny] - knowledgeroot <no-dsa> (low)
-CVE-2010-2419
+CVE-2010-2419 (Unspecified vulnerability in the Java Virtual Machine component in Ora ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2418
+CVE-2010-2418 (Unspecified vulnerability in the Oracle Territory Management component ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-2417
+CVE-2010-2417 (Unspecified vulnerability in the Agile PLM component in Oracle Supply  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2010-2416
+CVE-2010-2416 (Unspecified vulnerability in the Oracle E-Business Intelligence compon ...)
 	NOT-FOR-US: Oracle E-Business Intelligence
-CVE-2010-2415
+CVE-2010-2415 (Unspecified vulnerability in the Change Data Capture component in Orac ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2414
+CVE-2010-2414 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Jav ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2010-2413
+CVE-2010-2413 (Unspecified vulnerability in the BI Publisher component in Oracle Fusi ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2412
+CVE-2010-2412 (Unspecified vulnerability in the OLAP component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2411
+CVE-2010-2411 (Unspecified vulnerability in the Job Queue component in Oracle Databas ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2410
+CVE-2010-2410 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion M ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2409
+CVE-2010-2409 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion M ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2408
+CVE-2010-2408 (Unspecified vulnerability in the Oracle iRecruitment component in Orac ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-2407
+CVE-2010-2407 (Unspecified vulnerability in the XDK component in Oracle Database Serv ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2406
+CVE-2010-2406 (Unspecified vulnerability in the Siebel Core - Highly Interactive Clie ...)
 	NOT-FOR-US: Oracle Siebel Suite
-CVE-2010-2405
+CVE-2010-2405 (Unspecified vulnerability in the Siebel Core - Highly Interactive Clie ...)
 	NOT-FOR-US: Oracle Siebel Suite
-CVE-2010-2404
+CVE-2010-2404 (Unspecified vulnerability in the Oracle iRecruitment component in Orac ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-2403
+CVE-2010-2403 (Unspecified vulnerability in the PeopleSoft Enterprise Campus Solution ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2402
+CVE-2010-2402 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2401
+CVE-2010-2401 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile  ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2400
+CVE-2010-2400 (Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2399
+CVE-2010-2399 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows  ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2398
+CVE-2010-2398 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2397
+CVE-2010-2397 (Unspecified vulnerability in Oracle Sun Java System Application Server ...)
 	NOT-FOR-US: Oracle Sun Java System Application Serve
-CVE-2010-2396
+CVE-2010-2396 (Unspecified vulnerability in the Forms component in Oracle Fusion Midd ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2395
+CVE-2010-2395 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion M ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2394
+CVE-2010-2394 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2393
+CVE-2010-2393 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows  ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2392
+CVE-2010-2392 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows  ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2391
+CVE-2010-2391 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2390
+CVE-2010-2390 (Unspecified vulnerability in the Database Control component in EM Cons ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2389
+CVE-2010-2389 (Unspecified vulnerability in the Perl component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2010-2388
+CVE-2010-2388 (Unspecified vulnerability in the Oracle Applications Manager component ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-2387
+CVE-2010-2387 (vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x bef ...)
 	- gdm 2.20.11-1
-CVE-2010-2386
+CVE-2010-2386 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSola ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2385
+CVE-2010-2385 (Unspecified vulnerability in Oracle Sun Java System Web Proxy Server 4 ...)
 	NOT-FOR-US: Oracle Sun Java System Web Proxy Server
-CVE-2010-2384
+CVE-2010-2384 (Unspecified vulnerability in Oracle Solaris 9 and 10 allows local user ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2383
+CVE-2010-2383 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSola ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2382
+CVE-2010-2382 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local  ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2381
+CVE-2010-2381 (Unspecified vulnerability in the Application Server Control component  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2380
+CVE-2010-2380 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component  ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2379
+CVE-2010-2379 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - Time &amp ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2378
+CVE-2010-2378 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component i ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2377
+CVE-2010-2377 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2010-2376
+CVE-2010-2376 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local  ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2375
+CVE-2010-2375 (Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspeci ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2374
+CVE-2010-2374 (Unspecified vulnerability in Solaris Studio 12 update 1 allows local u ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2373
+CVE-2010-2373 (Unspecified vulnerability in the Console component in Oracle Enterpris ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2010-2372
+CVE-2010-2372 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2010-2371
+CVE-2010-2371 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2010-2370
+CVE-2010-2370 (Unspecified vulnerability in the Oracle Business Process Management co ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2369
+CVE-2010-2369 (Untrusted search path vulnerability in Lhasa 0.19 and earlier allows l ...)
 	NOT-FOR-US: Lhasa
-CVE-2010-2368
+CVE-2010-2368 (Untrusted search path vulnerability in Lhaplus before 1.58 allows loca ...)
 	NOT-FOR-US: Lhaplus
-CVE-2010-2367
+CVE-2010-2367 (Cross-site scripting (XSS) vulnerability in search.cgi in AD-EDIT2 bef ...)
 	NOT-FOR-US: AD-EDIT2
-CVE-2010-2366
+CVE-2010-2366 (Cross-site scripting (XSS) vulnerability in futomi CGI Cafe Access Ana ...)
 	NOT-FOR-US: CGI Cafe Access Analyzer
-CVE-2010-2365
+CVE-2010-2365 (Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2 befor ...)
 	NOT-FOR-US: Free CGI Moo moobbs2
-CVE-2010-2364
+CVE-2010-2364 (Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs before ...)
 	NOT-FOR-US: Free CGI Moo moobbs2
-CVE-2010-2363
+CVE-2010-2363 (The IPv6 Unicast Reverse Path Forwarding (RPF) implementation on the S ...)
 	NOT-FOR-US: SEIL/X1, SEIL/X2, and SEIL/B1 routers
-CVE-2010-2362
+CVE-2010-2362 (Winny 2.0b7.1 and earlier does not properly process node information,  ...)
 	NOT-FOR-US: Winny
-CVE-2010-2361
+CVE-2010-2361 (Winny 2.0b7.1 and earlier does not properly process BBS information, w ...)
 	NOT-FOR-US: Winny
-CVE-2010-2360
+CVE-2010-2360 (Multiple buffer overflows in Winny 2.0b7.1 and earlier might allow rem ...)
 	NOT-FOR-US: Winny
-CVE-2010-2359
+CVE-2010-2359 (SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com  ...)
 	NOT-FOR-US: eWebquiz
-CVE-2010-2358
+CVE-2010-2358 (PHP remote file inclusion vulnerability in modules/catalog/upload_phot ...)
 	NOT-FOR-US: Nakid CMS
-CVE-2010-2357
+CVE-2010-2357 (SQL injection vulnerability in index.php in Eicra Realestate Script 1. ...)
 	NOT-FOR-US: Eicra Realestate Script
-CVE-2010-2356
+CVE-2010-2356 (Cross-site scripting (XSS) vulnerability in subscribe.php in Pilot Gro ...)
 	NOT-FOR-US: Pilot Group eLMS Pro
-CVE-2010-2355
+CVE-2010-2355 (Cross-site scripting (XSS) vulnerability in error.php in Pilot Group ( ...)
 	NOT-FOR-US: Pilot Group eLMS Pro
-CVE-2010-2354
+CVE-2010-2354 (SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS  ...)
 	NOT-FOR-US: Pilot Group eLMS Pro
-CVE-2010-2353
+CVE-2010-2353 (The Node Reference module in Content Construction Kit (CCK) module 6.x ...)
 	- drupal6-mod-cck <not-affected> (Fixed before initial upload)
-CVE-2010-2352
+CVE-2010-2352 (The Node Reference module in Content Construction Kit (CCK) module 5.x ...)
 	- drupal6-mod-cck <not-affected> (Fixed before initial upload)
-CVE-2010-2351
+CVE-2010-2351 (Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0  ...)
 	NOT-FOR-US: Novell Netware
-CVE-2010-2350
+CVE-2010-2350 (Heap-based buffer overflow in the PNG decoder in Ziproxy 3.1.0 allows  ...)
 	- ziproxy 3.1.1-1 (bug #587039)
 	[lenny] - ziproxy <not-affected> (Introduced in 3.1.0)
-CVE-2010-2349
+CVE-2010-2349 (H264WebCam 3.7 allows remote attackers to cause a denial of service (c ...)
 	NOT-FOR-US: H264WebCam
-CVE-2010-2348
+CVE-2010-2348 (Stack-based buffer overflow in Batch Audio Converter Lite Edition 1.0. ...)
 	NOT-FOR-US: Batch Audio Converter
-CVE-2010-2347
+CVE-2010-2347 (The Telnet interface in the SAP J2EE Engine Core (SAP-JEECOR) 6.40 thr ...)
 	NOT-FOR-US: SAP J2EE Telnet Interface
 CVE-2010-2346
 	RESERVED
-CVE-2010-2345
+CVE-2010-2345 (Cross-site request forgery (CSRF) vulnerability in odCMS 1.06, and pos ...)
 	NOT-FOR-US: odCMS
-CVE-2010-2344
+CVE-2010-2344 (Multiple cross-site scripting (XSS) vulnerabilities in odCMS 1.06, and ...)
 	NOT-FOR-US: odCMS
-CVE-2010-2343
+CVE-2010-2343 (Stack-based buffer overflow in D.R. Software Audio Converter 8.1, 2007 ...)
 	NOT-FOR-US: D.R. Software Audio Converter
-CVE-2010-2342
+CVE-2010-2342 (SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady O ...)
 	NOT-FOR-US: DMXReady Online Notebook Manager
-CVE-2010-2341
+CVE-2010-2341 (PHP remote file inclusion vulnerability in system/application/views/pu ...)
 	NOT-FOR-US: EZPX Photoblog
-CVE-2010-2340
+CVE-2010-2340 (SQL injection vulnerability in members.php in Arab Portal 2.2, when ma ...)
 	NOT-FOR-US: Arab Portal
-CVE-2010-2339
+CVE-2010-2339 (SQL injection vulnerability in admin/pages.php in Subdreamer CMS 3.x.x ...)
 	NOT-FOR-US: Subdreamer CMS
-CVE-2010-2338
+CVE-2010-2338 (Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor  ...)
 	NOT-FOR-US: VU Web Visitor Analyst
-CVE-2010-2337
+CVE-2010-2337 (Open redirect vulnerability in RSA Federated Identity Manager 4.0 befo ...)
 	NOT-FOR-US: RSA Federated Identity Manager
-CVE-2010-2336
+CVE-2010-2336 (index.php in Yamamah Photo Gallery 1.00 allows remote attackers to obt ...)
 	NOT-FOR-US: Yamamah Photo Gallery
-CVE-2010-2335
+CVE-2010-2335 (SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00 ...)
 	NOT-FOR-US: Yamamah Photo Gallery
-CVE-2010-2334
+CVE-2010-2334 (Directory traversal vulnerability in themes/default/download.php in Ya ...)
 	NOT-FOR-US: Yamamah Phote Gallery
-CVE-2010-2333
+CVE-2010-2333 (LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows ...)
 	NOT-FOR-US: LiteSpeed Web Server
-CVE-2010-2332
+CVE-2010-2332 (Impact Financials, Inc. Impact PDF Reader 2.0, 1.2, and other versions ...)
 	NOT-FOR-US: Impact PDF Reader
-CVE-2010-2331
+CVE-2010-2331 (Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allow ...)
 	NOT-FOR-US: iSharer File Sharing Wizard
-CVE-2010-2330
+CVE-2010-2330 (Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allow ...)
 	NOT-FOR-US: iSharer File Sharing Wizard
-CVE-2010-2329
+CVE-2010-2329 (Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote attacker ...)
 	NOT-FOR-US: Rosoft Audio Converter
-CVE-2010-2328
+CVE-2010-2328 (The HTTP Channel in IBM WebSphere Application Server (WAS) 7.0 before  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-2327
+CVE-2010-2327 (mod_ibm_ssl in IBM HTTP Server 6.0 before 6.0.2.43, 6.1 before 6.1.0.3 ...)
 	NOT-FOR-US: IBM HTTP Server
-CVE-2010-2326
+CVE-2010-2326 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11, when addNo ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-2325
+CVE-2010-2325 (Cross-site scripting (XSS) vulnerability in the administrative console ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-2324
+CVE-2010-2324 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS all ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-2323
+CVE-2010-2323 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS mig ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-2322
+CVE-2010-2322 (Absolute path traversal vulnerability in the extract_jar function in j ...)
 	- fastjar 2:0.98-3 (low)
 	[lenny] - fastjar <no-dsa> (Minor issue)
-CVE-2010-2321
+CVE-2010-2321 (Buffer overflow in Adobe InDesign CS3 10.0 allows user-assisted remote ...)
 	NOT-FOR-US: Adobe InDesign
-CVE-2010-2320
+CVE-2010-2320 (bozotic HTTP server (aka bozohttpd) before 20100621 allows remote atta ...)
 	- bozohttpd 20100621-1 (low; bug #590298)
 	[lenny] - bozohttpd <no-dsa> (Minor information leak)
-CVE-2010-2319
+CVE-2010-2319 (SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 allo ...)
 	NOT-FOR-US: IDevSpot TextAds
-CVE-2010-2318
+CVE-2010-2318 (Cross-site scripting (XSS) vulnerability in cms_data.php in PHPCityPor ...)
 	NOT-FOR-US: PHPCityPortal
-CVE-2010-2317
+CVE-2010-2317 (Multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier allow ...)
 	NOT-FOR-US: WmsCms
-CVE-2010-2316
+CVE-2010-2316 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in  ...)
 	NOT-FOR-US: WmsCms
-CVE-2010-2315
+CVE-2010-2315 (PHP remote file inclusion vulnerability in picturelib.php in SmartISof ...)
 	NOT-FOR-US: SmartISoft phpBazar
-CVE-2010-2314
+CVE-2010-2314 (PHP remote file inclusion vulnerability in nucleus/plugins/NP_Twitter. ...)
 	NOT-FOR-US: NP_Twitter Plugin
-CVE-2010-2313
+CVE-2010-2313 (Directory traversal vulnerability in index.php in Anodyne Productions  ...)
 	NOT-FOR-US: SIMM Management System
-CVE-2010-2312
+CVE-2010-2312 (SQL injection vulnerability in index.php in HauntmAx Haunted House Dir ...)
 	NOT-FOR-US: HauntmAx Haunted House Directory Listing CMS
-CVE-2010-2311
+CVE-2010-2311 (Stack-based buffer overflow in Power Tab Editor 1.7 build 80 allows us ...)
 	NOT-FOR-US: Power Tab Editor
-CVE-2010-2310
+CVE-2010-2310 (SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a de ...)
 	NOT-FOR-US: SolarWinds TFTP Server
-CVE-2010-2309
+CVE-2010-2309 (Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and 3.6. ...)
 	NOT-FOR-US: EvoLogical EvoCam
-CVE-2010-2308
+CVE-2010-2308 (Unspecified vulnerability in the filter driver (savonaccessfilter.sys) ...)
 	NOT-FOR-US: Sophos Anti-Virus
-CVE-2010-2307
+CVE-2010-2307 (Multiple directory traversal vulnerabilities in the web server for Mot ...)
 	NOT-FOR-US: Motorola firmware
-CVE-2010-2306
+CVE-2010-2306 (The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; ...)
 	NOT-FOR-US: Sourcefire 3D Sensor
-CVE-2010-2305
+CVE-2010-2305 (Buffer overflow in an ActiveX control in SSHelper.dll for Symantec Syg ...)
 	NOT-FOR-US: Symantec Sygate Personal Firewall
 CVE-2010-2304
 	REJECTED
 CVE-2010-2303
 	REJECTED
-CVE-2010-2302
+CVE-2010-2302 (Use-after-free vulnerability in WebCore in WebKit in Google Chrome bef ...)
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: http://trac.webkit.org/changeset/59876
 	NOTE: duplicate of cve-2010-1771
-CVE-2010-2301
+CVE-2010-2301 (Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebC ...)
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: http://trac.webkit.org/changeset/59241
 	NOTE: http://trac.webkit.org/changeset/59242
 	NOTE: duplicate of cve-2010-1762
-CVE-2010-2300
+CVE-2010-2300 (Use-after-free vulnerability in the Element::normalizeAttributes funct ...)
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: http://trac.webkit.org/changeset/59109
 	NOTE: duplicate of cve-2010-1759
-CVE-2010-2299
+CVE-2010-2299 (The Clipboard::DispatchObject function in app/clipboard/clipboard.cc i ...)
 	- webkit <not-affected> (chromium-specific)
 	- chromium-browser 5.0.375.70~r48679-1
-CVE-2010-2298
+CVE-2010-2298 (browser/renderer_host/database_dispatcher_host.cc in Google Chrome bef ...)
 	- webkit <not-affected> (chromium-specific)
 	- chromium-browser 5.0.375.70~r48679-1
-CVE-2010-2297
+CVE-2010-2297 (rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome b ...)
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: http://trac.webkit.org/changeset/59495
-CVE-2010-2296
+CVE-2010-2296 (The implementation of unspecified DOM methods in Google Chrome before  ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
@@ -7726,487 +7726,487 @@ CVE-2010-2296
 	NOTE: http://trac.webkit.org/changeset/57658
 	NOTE: http://trac.webkit.org/changeset/59769
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=48159
-CVE-2010-2295
+CVE-2010-2295 (page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0 ...)
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: http://trac.webkit.org/changeset/58829
-CVE-2010-2294
+CVE-2010-2294 (Cross-site request forgery (CSRF) vulnerability in Plume CMS 1.2.4 and ...)
 	NOT-FOR-US: Plume CMS
-CVE-2010-2293
+CVE-2010-2293 (The Ping tools web interface in Dlink Di-604 router allows remote auth ...)
 	NOT-FOR-US: Dlink Di-604
-CVE-2010-2292
+CVE-2010-2292 (Cross-site scripting (XSS) vulnerability in the Ping tools web interfa ...)
 	NOT-FOR-US: Dlink Di-604 Router
-CVE-2010-2291
+CVE-2010-2291 (Unspecified vulnerability in the web interface in snom VoIP Phone firm ...)
 	NOT-FOR-US: snom VoIP Phone
-CVE-2010-2290
+CVE-2010-2290 (Cross-site scripting (XSS) vulnerability in cgi-bin/cgix/help in McAfe ...)
 	NOT-FOR-US: McAfee
-CVE-2010-2289
+CVE-2010-2289 (Open redirect vulnerability in dana/home/homepage.cgi in Juniper Netwo ...)
 	NOT-FOR-US: Juniper Networks
-CVE-2010-2288
+CVE-2010-2288 (Cross-site scripting (XSS) vulnerability in dana/nc/ncrun.cgi in Junip ...)
 	NOT-FOR-US: Juniper Networks
-CVE-2010-2282
+CVE-2010-2282 (Cross-site request forgery (CSRF) vulnerability in TomatoCMS 2.0.6 all ...)
 	NOT-FOR-US: TomatoCMS
-CVE-2010-2281
+CVE-2010-2281 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in To ...)
 	NOT-FOR-US: TomatoCMS
-CVE-2010-2280
+CVE-2010-2280 (Open redirect vulnerability in the Mobile component in IBM Lotus Conne ...)
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2010-2279
+CVE-2010-2279 (The Top Updates implementation in the Homepage component in IBM Lotus  ...)
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2010-2278
+CVE-2010-2278 (The bookmarklet pop-up in the Bookmarks component in IBM Lotus Connect ...)
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2010-2277
+CVE-2010-2277 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Conne ...)
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2010-2276
+CVE-2010-2276 (The default configuration of the build process in Dojo 0.4.x before 0. ...)
 	- dojo <not-affected> (Doesn't affect the Debian packaging)
-CVE-2010-2275
+CVE-2010-2275 (Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js ...)
 	- dojo 1.4.2+dfsg-1
-CVE-2010-2274
+CVE-2010-2274 (Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1 ...)
 	- dojo 1.4.2+dfsg-1
-CVE-2010-2273
+CVE-2010-2273 (Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x befo ...)
 	- dojo 1.4.2+dfsg-1
-CVE-2010-2272
+CVE-2010-2272 (Unspecified vulnerability in iframe_history.html in Dojo 0.4.x before  ...)
 	- dojo <not-affected> (only affects 0.4 branch)
-CVE-2010-2271
+CVE-2010-2271 (Format string vulnerability in authcfg.cgi in Accoria Web Server (aka  ...)
 	NOT-FOR-US: Accoria Web Server
-CVE-2010-2270
+CVE-2010-2270 (Accoria Web Server (aka Rock Web Server) 1.4.7 uses a predictable http ...)
 	NOT-FOR-US: Accoria Web Server
-CVE-2010-2269
+CVE-2010-2269 (Directory traversal vulnerability in loadstatic.cgi in Accoria Web Ser ...)
 	NOT-FOR-US: Accoria Web Server
-CVE-2010-2268
+CVE-2010-2268 (Cross-site request forgery (CSRF) vulnerability in authcfg.cgi in Acco ...)
 	NOT-FOR-US: Accoria Web Server
-CVE-2010-2267
+CVE-2010-2267 (Multiple cross-site scripting (XSS) vulnerabilities in Accoria Web Ser ...)
 	NOT-FOR-US: Accoria Web Server
-CVE-2010-2266
+CVE-2010-2266 (nginx 0.8.36 allows remote attackers to cause a denial of service (cra ...)
 	- nginx <not-affected> (Confirmed Windows only, see bug #590768)
-CVE-2010-2265
+CVE-2010-2265 (Cross-site scripting (XSS) vulnerability in the GetServerName function ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-2264
+CVE-2010-2264 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple Saf ...)
 	- chromium-browser 6.0.466.0~r52279-1
 	NOTE: This is a large series of risky behaviour-changing changesets.
 	NOTE: upstream changelog says this is fixed in 1.2.3, but i'm doubtful of that
-CVE-2010-2263
+CVE-2010-2263 (nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows ...)
 	- nginx <not-affected> (Windows-specific vulnerability when running on NTFS)
-CVE-2010-2283
+CVE-2010-2283 (The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 throug ...)
 	{DSA-2066-1}
 	- wireshark 1.2.9-1
-CVE-2010-2285
+CVE-2010-2285 (The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 th ...)
 	{DSA-2066-1}
 	- wireshark 1.2.9-1
-CVE-2010-2284
+CVE-2010-2284 (Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 throug ...)
 	{DSA-2066-1}
 	- wireshark 1.2.9-1
-CVE-2010-2287
+CVE-2010-2287 (Buffer overflow in the SigComp Universal Decompressor Virtual Machine  ...)
 	{DSA-2066-1}
 	- wireshark 1.2.9-1
-CVE-2010-2286
+CVE-2010-2286 (The SigComp Universal Decompressor Virtual Machine dissector in Wiresh ...)
 	{DSA-2066-1}
 	- wireshark 1.2.9-1
-CVE-2010-2262
+CVE-2010-2262 (Galileo Students Team Weborf before 0.12.1 allows remote attackers to  ...)
 	- weborf 0.12.1-1
-CVE-2010-2261
+CVE-2010-2261 (Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers  ...)
 	NOT-FOR-US: Linksys WAP54Gv3
-CVE-2010-2260
+CVE-2010-2260 (Multiple cross-site scripting (XSS) vulnerabilities in Gambit Design B ...)
 	NOT-FOR-US: Gabmbit Design Bandwidth Meter
-CVE-2010-2259
+CVE-2010-2259 (Directory traversal vulnerability in the BF Survey (com_bfsurvey) comp ...)
 	NOT-FOR-US: com_bfsurvey component for joomla!
-CVE-2010-2258
+CVE-2010-2258 (Cross-site scripting (XSS) vulnerability in signupconfirm.php in phpBa ...)
 	NOT-FOR-US: phpBannerExchange
-CVE-2010-2257
+CVE-2010-2257 (SQL injection vulnerability in index_ie.php in Pay Per Minute Video Ch ...)
 	NOT-FOR-US: Pay Per Minute Video Chat Script
-CVE-2010-2256
+CVE-2010-2256 (Multiple cross-site scripting (XSS) vulnerabilities in Pay Per Minute  ...)
 	NOT-FOR-US: Pay Per Minute Video Chat Script
-CVE-2010-2255
+CVE-2010-2255 (SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) co ...)
 	NOT-FOR-US: com_bfsurvey component for joomla!
-CVE-2010-2254
+CVE-2010-2254 (SQL injection vulnerability in the Shape5 Bridge of Hope template for  ...)
 	NOT-FOR-US: joomla!
-CVE-2010-2253
+CVE-2010-2253 (lwp-download in libwww-perl before 5.835 does not reject downloads to  ...)
 	- libwww-perl 5.835-1 (low)
 	[lenny] - libwww-perl 5.813-1+lenny2
-CVE-2010-2252
+CVE-2010-2252 (GNU Wget 1.12 and earlier uses a server-provided filename instead of t ...)
 	{DSA-2088-1}
 	- wget 1.12-2.1 (low; bug #590296)
-CVE-2010-2251
+CVE-2010-2251 (The get1 command, as used by lftpget, in LFTP before 4.0.6 does not pr ...)
 	{DSA-2085-1}
 	- lftp 4.0.6-1 (low)
 	[lenny] - lftp <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2010-001.html
-CVE-2010-2249
+CVE-2010-2249 (Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1. ...)
 	{DSA-2072-1}
 	- libpng 1.2.44-1 (low; bug #587670)
 	- tuxonice-userui 1.0-1 (unimportant)
 	NOTE: tuxonice-userui 1.0-1 was binNMUed
-CVE-2010-2248
+CVE-2010-2248 (fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel befor ...)
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-12 (low)
 CVE-2010-2247 [makepasswd: insecure passwords generated with default settings]
 	RESERVED
 	- makepasswd 1.10-5 (low; bug #564559)
 	[lenny] - makepasswd 1.10-3+lenny1
-CVE-2010-2246
+CVE-2010-2246 (feh before 1.8, when the --wget-timestamp option is enabled, might all ...)
 	- feh 1.8-1 (low; bug #587205)
 	[lenny] - feh <no-dsa> (Minor issue)
-CVE-2010-2245
+CVE-2010-2245 (XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and earli ...)
 	NOT-FOR-US: Apache Wink
-CVE-2010-2244
+CVE-2010-2244 (The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in  ...)
 	{DSA-2086-1}
 	- avahi 0.6.26-1
 CVE-2010-2243 [timekeeping oops]
 	RESERVED
 	- linux-2.6 2.6.32-11
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2010-2242
+CVE-2010-2242 (Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improp ...)
 	- libvirt 0.8.3-1 (low)
 	[lenny] - libvirt 0.4.6-10+lenny1
-CVE-2010-2241
+CVE-2010-2241 (The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for Red Ha ...)
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2010-2240
+CVE-2010-2240 (The do_anonymous_page function in mm/memory.c in the Linux kernel befo ...)
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-21
-CVE-2010-2239
+CVE-2010-2239 (Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images with ...)
 	- libvirt 0.8.3-1 (low)
 	[lenny] - libvirt <not-affected> (only affects >= 0.6.0)
-CVE-2010-2238
+CVE-2010-2238 (Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-imag ...)
 	- libvirt 0.8.3-1
 	[lenny] - libvirt <not-affected> (only affects >= 0.7.2)
-CVE-2010-2237
+CVE-2010-2237 (Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing s ...)
 	- libvirt 0.8.3-1
 	[lenny] - libvirt <not-affected> (only affects >= 0.6.1)
-CVE-2010-2236
+CVE-2010-2236 (The monitoring probe display in spacewalk-java before 2.1.148-1 and Re ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2010-2235
+CVE-2010-2235 (template_api.py in Cobbler before 2.0.7, as used in Red Hat Network Sa ...)
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2010-2233
+CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used ...)
 	- tiff 3.9.4-2
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	[lenny] - tiff <not-affected> (Only affects 3.9.x)
-CVE-2010-2232
+CVE-2010-2232 (In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export pro ...)
 	- derby <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://issues.apache.org/jira/browse/DERBY-2925
-CVE-2010-2231
+CVE-2010-2231 (Cross-site request forgery (CSRF) vulnerability in report/overview/rep ...)
 	{DSA-2115-1}
 	- moodle 1.9.9-1 (bug #586280)
-CVE-2010-2230
+CVE-2010-2230 (The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.1 ...)
 	{DSA-2115-1}
 	- moodle 1.9.9-1 (bug #586280)
 	- wordpress 3.0.4+dfsg-1
 	[lenny] - wordpress <not-affected> (2.x version is not affected)
 	- egroupware <not-affected> (Only forks a minor subset of KSES)
-CVE-2010-2229
+CVE-2010-2229 (Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php  ...)
 	{DSA-2115-1}
 	- moodle 1.9.9-1 (bug #586280)
-CVE-2010-2228
+CVE-2010-2228 (Cross-site scripting (XSS) vulnerability in the MNET access-control in ...)
 	{DSA-2115-1}
 	- moodle 1.9.9-1 (bug #586280)
-CVE-2010-2227
+CVE-2010-2227 (Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 be ...)
 	{DSA-2207-1}
 	- tomcat5.5 <removed>
 	- tomcat6 6.0.28-1 (bug #588813)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2010-2226
+CVE-2010-2226 (The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel bef ...)
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-19
-CVE-2010-2225
+CVE-2010-2225 (Use-after-free vulnerability in the SplObjectStorage unserializer in P ...)
 	{DSA-2089-1}
 	- php5 5.3.3-1
-CVE-2010-2224
+CVE-2010-2224 (The snapshot merging functionality in Red Hat Enterprise Virtualizatio ...)
 	NOT-FOR-US: Red Hat Enterprise Virtualization Manager (RHEV-M)
-CVE-2010-2223
+CVE-2010-2223 (Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualiza ...)
 	- vdsm <itp> (bug #668538)
 CVE-2010-2222
 	RESERVED
 	NOT-FOR-US: Red Hat Directory Server
-CVE-2010-2221
+CVE-2010-2221 (Multiple buffer overflows in the iSNS implementation in isns.c in (1)  ...)
 	- iscsitarget 1.4.20.1-1
-CVE-2010-2220
+CVE-2010-2220 (Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, a ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-2219
+CVE-2010-2219 (Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0 ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-2218
+CVE-2010-2218 (Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, a ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-2217
+CVE-2010-2217 (Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, a ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2010-2216
+CVE-2010-2216 (Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adob ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2010-2215
+CVE-2010-2215 (Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adob ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2010-2214
+CVE-2010-2214 (Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adob ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2010-2213
+CVE-2010-2213 (Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adob ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2010-2212
+CVE-2010-2212 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2211
+CVE-2010-2211 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2210
+CVE-2010-2210 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2209
+CVE-2010-2209 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2208
+CVE-2010-2208 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2207
+CVE-2010-2207 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2206
+CVE-2010-2206 (Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x befo ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2205
+CVE-2010-2205 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2204
+CVE-2010-2204 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.3 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2203
+CVE-2010-2203 (Adobe Reader and Acrobat 9.x before 9.3.3 on UNIX allow attackers to e ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2202
+CVE-2010-2202 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2201
+CVE-2010-2201 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Win ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2010-2200
 	RESERVED
-CVE-2010-2199
+CVE-2010-2199 (lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadat ...)
 	- rpm <unfixed> (bug #584257; unimportant)
 	NOTE: Marking as unimportant since rpm isn't used as a package manager
-CVE-2010-2198
+CVE-2010-2198 (lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadat ...)
 	- rpm <unfixed> (bug #584257; unimportant)
 	NOTE: Marking as unimportant since rpm isn't used as a package manager
-CVE-2010-2197
+CVE-2010-2197 (rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax o ...)
 	- rpm 4.8.1-1 (low; bug #584257)
 	[lenny] - rpm <no-dsa> (Minor issue)
 CVE-2010-2196
 	RESERVED
-CVE-2010-2195
+CVE-2010-2195 (bozotic HTTP server (aka bozohttpd) 20090522 through 20100512 allows a ...)
 	- bozohttpd 20100621-1 (low; bug #590298)
 	[lenny] - bozohttpd <not-affected> (Only affects 20090522 to 20100512)
 CVE-2010-2194
 	RESERVED
-CVE-2010-2193
+CVE-2010-2193 (Multiple unspecified vulnerabilities in the CA (1) PSFormX and (2) Web ...)
 	NOT-FOR-US: CA Global Advisor
-CVE-2010-2192
+CVE-2010-2192 (The make_lockdir_name function in policy.c in pmount 0.9.18 allow loca ...)
 	{DSA-2063-1}
 	- pmount 0.9.23-1
-CVE-2010-2191
+CVE-2010-2191 (The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; ...)
 	- php5 5.3.3-1 (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2190
+CVE-2010-2190 (The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace functions i ...)
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2189
+CVE-2010-2189 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2188
+CVE-2010-2188 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2187
+CVE-2010-2187 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2186
+CVE-2010-2186 (Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2185
+CVE-2010-2185 (Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2184
+CVE-2010-2184 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2183
+CVE-2010-2183 (Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x befor ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2182
+CVE-2010-2182 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2181
+CVE-2010-2181 (Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x befor ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2180
+CVE-2010-2180 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2179
+CVE-2010-2179 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2178
+CVE-2010-2178 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2177
+CVE-2010-2177 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2176
+CVE-2010-2176 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2175
+CVE-2010-2175 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2174
+CVE-2010-2174 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2173
+CVE-2010-2173 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2172
+CVE-2010-2172 (Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX platforms al ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2171
+CVE-2010-2171 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2170
+CVE-2010-2170 (Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x befor ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2169
+CVE-2010-2169 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2168
+CVE-2010-2168 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2167
+CVE-2010-2167 (Multiple heap-based buffer overflows in Adobe Flash Player before 9.0. ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2166
+CVE-2010-2166 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2165
+CVE-2010-2165 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2164
+CVE-2010-2164 (Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 an ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2163
+CVE-2010-2163 (Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0. ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2162
+CVE-2010-2162 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2161
+CVE-2010-2161 (Array index error in Adobe Flash Player before 9.0.277.0 and 10.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2160
+CVE-2010-2160 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ad ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-2159
+CVE-2010-2159 (Dameng DM Database Server allows remote authenticated users to cause a ...)
 	NOT-FOR-US: Dameng DM Database
-CVE-2010-2158
+CVE-2010-2158 (Multiple cross-site scripting (XSS) vulnerabilities in the Storm modul ...)
 	NOT-FOR-US: Storm module for Drupal
-CVE-2010-2157
+CVE-2010-2157 (Unspecified vulnerability in CA ARCserve Backup r11.5 SP4, r12.0 SP2,  ...)
 	NOT-FOR-US: CA ARCserve
-CVE-2010-2156
+CVE-2010-2156 (ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote att ...)
 	- isc-dhcp 4.1.1-P1-1
 	- dhcp3 <not-affected> (Only affects DHCP 4.x)
 	- dhcp <not-affected> (Only affects DHCP 4.x)
 	NOTE: http://www.isc.org/software/dhcp/advisories/cve-2010-2156
-CVE-2010-2155
+CVE-2010-2155 (Multiple cross-site scripting (XSS) vulnerabilities in zc/publisher/ht ...)
 	{DSA-2056-1}
 	- zonecheck 2.1.1-1 (bug #583290)
-CVE-2010-2154
+CVE-2010-2154 (Cross-site scripting (XSS) vulnerability in the Search Site in CMScout ...)
 	NOT-FOR-US: CMScout
-CVE-2010-2153
+CVE-2010-2153 (Unrestricted file upload vulnerability in admin/code/tce_functions_tce ...)
 	NOT-FOR-US: TCExam
-CVE-2010-2152
+CVE-2010-2152 (Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, I ...)
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2010-2151
+CVE-2010-2151 (Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 ...)
 	NOT-FOR-US: Fujitsu e-Pares
-CVE-2010-2150
+CVE-2010-2150 (Cross-site scripting (XSS) vulnerability Fujitsu e-Pares V01 L01 allow ...)
 	NOT-FOR-US: Fujitsu e-Pares
-CVE-2010-2149
+CVE-2010-2149 (Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L ...)
 	NOT-FOR-US: Fujitsu e-Pares
-CVE-2010-2148
+CVE-2010-2148 (SQL injection vulnerability in the My Car (com_mycar) component 1.0 fo ...)
 	NOT-FOR-US: My Car for Joomla
-CVE-2010-2147
+CVE-2010-2147 (Cross-site scripting (XSS) vulnerability in the My Car (com_mycar) com ...)
 	NOT-FOR-US: My Car for Joomla
-CVE-2010-2146
+CVE-2010-2146 (PHP remote file inclusion vulnerability in banned.php in Visitor Logge ...)
 	NOT-FOR-US: Visitor Logger
-CVE-2010-2145
+CVE-2010-2145 (Multiple PHP remote file inclusion vulnerabilities in ClearSite Beta 4 ...)
 	NOT-FOR-US: ClearSite
-CVE-2010-2144
+CVE-2010-2144 (Cross-site scripting (XSS) vulnerability in signinform.php in Zeeways  ...)
 	NOT-FOR-US: Zeeways eBay Clone auction script
-CVE-2010-2143
+CVE-2010-2143 (Directory traversal vulnerability in index.php in Symphony CMS 2.0.7 a ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2010-2142
+CVE-2010-2142 (SQL injection vulnerability in default.asp in Cyberhost allows remote  ...)
 	NOT-FOR-US: Cyberhost
-CVE-2010-2141
+CVE-2010-2141 (SQL injection vulnerability in index.php in NITRO Web Gallery allows r ...)
 	NOT-FOR-US: NITRO Web Gallery
-CVE-2010-2140
+CVE-2010-2140 (SQL injection vulnerability in itemdetail.php in Multishop CMS allows  ...)
 	NOT-FOR-US: Multishop CMS
-CVE-2010-2139
+CVE-2010-2139 (SQL injection vulnerability in pages.php in Multishop CMS allows remot ...)
 	NOT-FOR-US: Multishop CMS
-CVE-2010-2138
+CVE-2010-2138 (Multiple directory traversal vulnerabilities in ProMan 0.1.1 and earli ...)
 	NOT-FOR-US: ProMan
-CVE-2010-2137
+CVE-2010-2137 (PHP remote file inclusion vulnerability in _center.php in ProMan 0.1.1 ...)
 	NOT-FOR-US: ProMan
-CVE-2010-2136
+CVE-2010-2136 (Directory traversal vulnerability in admin/index.php in Article Friend ...)
 	NOT-FOR-US: Article Friendly
-CVE-2010-2135
+CVE-2010-2135 (Multiple SQL injection vulnerabilities in login.php in HazelPress Lite ...)
 	NOT-FOR-US: HazelPress Lite
-CVE-2010-2134
+CVE-2010-2134 (Multiple SQL injection vulnerabilities in login.php in Project Man 1.0 ...)
 	NOT-FOR-US: Project Man
-CVE-2010-2133
+CVE-2010-2133 (SQL injection vulnerability in contact.php in My Little Forum allows r ...)
 	NOT-FOR-US: My Little Forum
-CVE-2010-2132
+CVE-2010-2132 (Multiple PHP remote file inclusion vulnerabilities in Open Education S ...)
 	NOT-FOR-US: Open Education System
-CVE-2010-2131
+CVE-2010-2131 (SQL injection vulnerability in the Calendar Base (cal) extension befor ...)
 	NOT-FOR-US: Typo3 extenson Calendar Base
-CVE-2010-2130
+CVE-2010-2130 (Cross-site scripting (XSS) vulnerability in wflogin.jsp in Aris Global ...)
 	NOT-FOR-US: Aris Global ARISg
-CVE-2010-2129
+CVE-2010-2129 (Directory traversal vulnerability in the JE Ajax Event Calendar (com_j ...)
 	NOT-FOR-US: JE Ajax Event Calenda
-CVE-2010-2128
+CVE-2010-2128 (Directory traversal vulnerability in the JE Quotation Form (com_jequot ...)
 	NOT-FOR-US: JE Quotation Form for Joomla
-CVE-2010-2127
+CVE-2010-2127 (PHP remote file inclusion vulnerability in gallery.php in JV2 Folder G ...)
 	NOT-FOR-US: JV2 Folder Gallery
-CVE-2010-2126
+CVE-2010-2126 (Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3. ...)
 	NOT-FOR-US: Snipe Gallery
-CVE-2010-2125
+CVE-2010-2125 (Multiple cross-site scripting (XSS) vulnerabilities in the Rotor Banne ...)
 	NOT-FOR-US: Rotor Banner module for Drupal
-CVE-2010-2124
+CVE-2010-2124 (SQL injection vulnerability in firma.php in Bartels Schone ConPresso 4 ...)
 	NOT-FOR-US: Bartels Schone ConPresso
-CVE-2010-2123
+CVE-2010-2123 (Multiple cross-site scripting (XSS) vulnerabilities in the Storm modul ...)
 	NOT-FOR-US: Storm module for Drupal
-CVE-2010-2122
+CVE-2010-2122 (Directory traversal vulnerability in the SimpleDownload (com_simpledow ...)
 	NOT-FOR-US: SimpleDownload for Joomla
-CVE-2010-2121
+CVE-2010-2121 (Opera 9.52 allows remote attackers to cause a denial of service (resou ...)
 	NOT-FOR-US: Opera
-CVE-2010-2120
+CVE-2010-2120 (Google Chrome 1.0.154.48 allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Unclear, historic Chrome issue
-CVE-2010-2119
+CVE-2010-2119 (Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to c ...)
 	NOT-FOR-US: MS IE
-CVE-2010-2118
+CVE-2010-2118 (Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows re ...)
 	NOT-FOR-US: MS IE
-CVE-2010-2117
+CVE-2010-2117 (Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to ca ...)
 	- xulrunner <unfixed> (unimportant)
-CVE-2010-2116
+CVE-2010-2116 (The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 al ...)
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2010-2115
+CVE-2010-2115 (SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a de ...)
 	NOT-FOR-US: SolarWinds TFTP Server
-CVE-2010-2114
+CVE-2010-2114 (Cross-site request forgery (CSRF) vulnerability in pbx/gate in Brekeke ...)
 	NOT-FOR-US: Brekeke PBX
-CVE-2010-2113
+CVE-2010-2113 (Multiple cross-site request forgery (CSRF) vulnerabilities in The Unif ...)
 	NOT-FOR-US: The Uniform Server
-CVE-2010-2112
+CVE-2010-2112 (Directory traversal vulnerability in the FTP service in FileCOPA befor ...)
 	NOT-FOR-US: FileCOPA
-CVE-2010-2111
+CVE-2010-2111 (Cross-site request forgery (CSRF) vulnerability in user/user-set.do in ...)
 	NOT-FOR-US: Pacific Timesheet
-CVE-2010-2110
+CVE-2010-2110 (Google Chrome before 5.0.375.55 does not properly execute JavaScript c ...)
 	- chromium-browser 5.0.375.55~r47796-1
 	- webkit <not-affected> (issue in chrome's libv8 bindings)
 	NOTE: http://trac.webkit.org/changeset/58229
-CVE-2010-2109
+CVE-2010-2109 (Unspecified vulnerability in Google Chrome before 5.0.375.55 allows us ...)
 	- chromium-browser 5.0.375.55~r47796-1
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/58441
-CVE-2010-2108
+CVE-2010-2108 (Unspecified vulnerability in Google Chrome before 5.0.375.55 allows re ...)
 	- chromium-browser 5.0.375.55~r47796-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-2107
+CVE-2010-2107 (Unspecified vulnerability in Google Chrome before 5.0.375.55 allows at ...)
 	- chromium-browser 5.0.375.55~r47796-1
 	- webkit <not-affected> (doesn't have safebrowsing feature)
-CVE-2010-2106
+CVE-2010-2106 (Unspecified vulnerability in Google Chrome before 5.0.375.55 might all ...)
 	- chromium-browser 5.0.375.55~r47796-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-2105
+CVE-2010-2105 (Google Chrome before 5.0.375.55 does not properly follow the Safe Brow ...)
 	- chromium-browser 5.0.375.55~r47796-1
 	- webkit <not-affected> (doesn't have safebrowsing feature)
-CVE-2010-2104
+CVE-2010-2104 (Directory traversal vulnerability in Orbit Downloader 3.0.0.4 and 3.0. ...)
 	NOT-FOR-US: Orbit Downloader
-CVE-2010-2103
+CVE-2010-2103 (Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/en ...)
 	- axis <not-affected> (axis != axis2, vulnerable code not present)
-CVE-2010-2102
+CVE-2010-2102 (Buffer overflow in Webby Webserver 1.01 allows remote attackers to exe ...)
 	NOT-FOR-US: Webby Webserver
-CVE-2010-2101
+CVE-2010-2101 (The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5) str_w ...)
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2100
+CVE-2010-2100 (The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) http_b ...)
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2099
+CVE-2010-2099 (bbcode/php.bb in e107 0.7.20 and earlier does not perform access contr ...)
 	NOT-FOR-US: e107
-CVE-2010-2098
+CVE-2010-2098 (Incomplete blacklist vulnerability in usersettings.php in e107 0.7.20  ...)
 	NOT-FOR-US: e107
-CVE-2010-2097
+CVE-2010-2097 (The (1) iconv_mime_decode, (2) iconv_substr, and (3) iconv_mime_encode ...)
 	- php5 <removed> (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2096
+CVE-2010-2096 (Directory traversal vulnerability in index.php in CMSQlite 1.2 and ear ...)
 	NOT-FOR-US: CMSQlite
-CVE-2010-2095
+CVE-2010-2095 (SQL injection vulnerability in index.php in CMSQlite 1.2 and earlier a ...)
 	NOT-FOR-US: CMSQlite
-CVE-2010-2094
+CVE-2010-2094 (Multiple format string vulnerabilities in the phar extension in PHP 5. ...)
 	- php5 5.3.3-1 (low)
 	[lenny] - php5 <not-affected> (Vulnerable code not present)
-CVE-2010-2093
+CVE-2010-2093 (Use-after-free vulnerability in the request shutdown functionality in  ...)
 	- php5 5.3.3-1 (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2092
+CVE-2010-2092 (SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier a ...)
 	{DSA-2060-1}
 	- cacti 0.8.7e-4 (bug #582691)
-CVE-2010-2091
+CVE-2010-2091 (Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 ...)
 	NOT-FOR-US: Microsoft OWA
-CVE-2010-2090
+CVE-2010-2090 (The npb_protocol_error function in sna V5router64 in IBM Communication ...)
 	NOT-FOR-US: IBM Communications Server
-CVE-2010-2089
+CVE-2010-2089 (The audioop module in Python 2.7 and 3.2 does not verify the relations ...)
 	- python3.1 3.1.2+20100706-1 (low)
 	- python2.7 2.7-1 (low)
 	- python2.6 2.6.5+20100706-1 (low)
@@ -8214,63 +8214,63 @@ CVE-2010-2089
 	[lenny] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 <removed> (low)
 	[lenny] - python2.4 <no-dsa> (Minor issue)
-CVE-2010-2088
+CVE-2010-2088 (ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted  ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2010-2087
+CVE-2010-2087 (Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application  ...)
 	- mojarra <unfixed> (unimportant; bug #611130)
 	NOTE: Affected feature is fundamentally insecure
-CVE-2010-2086
+CVE-2010-2086 (Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application S ...)
 	NOT-FOR-US: Apache MyFaces
-CVE-2010-2085
+CVE-2010-2085 (The default configuration of ASP.NET in Microsoft .NET before 1.1 has  ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2010-2084
+CVE-2010-2084 (Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml property  ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2010-2083
+CVE-2010-2083 (Microsoft Dynamics GP has a default value of ACCESS for the system pas ...)
 	NOT-FOR-US: Microsoft Dynamics GP
-CVE-2010-2082
+CVE-2010-2082 (The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 ca ...)
 	NOT-FOR-US: Cisco
 CVE-2010-2081
 	RESERVED
-CVE-2010-2080
+CVE-2010-2080 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Req ...)
 	- otrs2 2.4.8+dfsg1-1
 	[lenny] - otrs2 <not-affected> (Only affects OTRS 2.3 and 2.4)
-CVE-2010-2079
+CVE-2010-2079 (DataTrack System 3.5 allows remote attackers to bypass intended restri ...)
 	NOT-FOR-US: DataTrack System
-CVE-2010-2078
+CVE-2010-2078 (DataTrack System 3.5 allows remote attackers to list the root director ...)
 	NOT-FOR-US: DataTrack System
 CVE-2010-2077
 	REJECTED
-CVE-2010-2076
+CVE-2010-2076 (Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before  ...)
 	NOT-FOR-US: Apache CXF
-CVE-2010-2075
+CVE-2010-2075 (UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from Novemb ...)
 	- unrealircd <itp> (bug #515130)
-CVE-2010-2074
+CVE-2010-2074 (istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_se ...)
 	- w3m 0.5.2-5 (low; bug #587445)
 	[lenny] - w3m 0.5.2-2+lenny1
-CVE-2010-2073
+CVE-2010-2073 (auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames and pa ...)
 	- pyftpd 0.8.5 (low; bug #585776)
 	[lenny] - pyftpd 0.8.4.6+lenny1
-CVE-2010-2072
+CVE-2010-2072 (Pyftpd 0.8.4 creates log files with predictable names in a temporary d ...)
 	- pyftpd 0.8.5 (low; bug #585773)
 	[lenny] - pyftpd 0.8.4.6+lenny1
-CVE-2010-2071
+CVE-2010-2071 (The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Lin ...)
 	- linux-2.6 2.6.32-16
 	[lenny] - linux-2.6 <not-affected> (btrfs introduced in 2.6.29)
-CVE-2010-2070
+CVE-2010-2070 (arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and  ...)
 	- xen-3 3.2.1-2
 	NOTE: The respective patch is present in Lenny's version of xen-3, might be fixed even earlier
 CVE-2010-2069
 	REJECTED
-CVE-2010-2068
+CVE-2010-2068 (mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 thr ...)
 	- apache2 <not-affected> (does not affect UNIX, only Windows, etc.)
-CVE-2010-2067
+CVE-2010-2067 (Stack-based buffer overflow in the TIFFFetchSubjectDistance function i ...)
 	- tiff 3.9.4-1
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	[lenny] - tiff <not-affected> (Only affects 3.9.x)
-CVE-2010-2066
+CVE-2010-2066 (The mext_check_arguments function in fs/ext4/move_extent.c in the Linu ...)
 	- linux-2.6 2.6.32-21
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code introduced in 2.6.31)
-CVE-2010-2065
+CVE-2010-2065 (Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allo ...)
 	- tiff 3.9.4-1
 	- tiff3 <not-affected> (fixed prior to initial upload)
 	[lenny] - tiff <not-affected> (Only affects 3.9.x)
@@ -8280,11 +8280,11 @@ CVE-2010-2064
 	RESERVED
 	- rpcbind 0.2.0-4.1
 	NOTE: This version changed the state directory to /var/run/rpcbind, which is only writable by root
-CVE-2010-2063
+CVE-2010-2063 (Buffer overflow in the SMB1 packet chaining implementation in the chai ...)
 	{DSA-2061-1}
 	- samba 2:3.4.0~pre1-1 (high)
 	NOTE: the affected code has been completely rewritten since 3.4.x
-CVE-2010-2062
+CVE-2010-2062 (Integer underflow in the real_get_rdt_chunk function in real.c, as use ...)
 	{DSA-2044-1 DSA-2043-1}
 	- vlc 1.0.1-1
 	[lenny] - vlc 0.8.6.h-4+lenny2.3
@@ -8297,583 +8297,583 @@ CVE-2010-2062
 CVE-2010-2061
 	RESERVED
 	- rpcbind 0.2.0-4.1
-CVE-2010-2060
+CVE-2010-2060 (The put command functionality in beanstalkd 1.4.5 and earlier allows r ...)
 	- beanstalkd 1.4.6-1 (unimportant; bug #585162)
 	NOTE: Package description reads: "Beanstalkd is meant to be ran in a trusted network,
 	NOTE: "as it has no authorisation/authentication mechanisms". So this is likely a non-issue
-CVE-2010-2059
+CVE-2010-2059 (lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and R ...)
 	- rpm 4.8.1-1 (bug #584257; unimportant)
 	NOTE: Marking as unimportant since rpm isn't used as a package manager
-CVE-2010-2058
+CVE-2010-2058 (setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable ...)
 	- prewikka 1.0.0-1.1 (low; bug #584469)
 	[lenny] - prewikka <no-dsa> (The insecure permissions only apply for a very short timeframe during pkg update)
 	NOTE: FEDORA-2009-3761 http://lwn.net/Articles/330642
-CVE-2010-2057
+CVE-2010-2057 (shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2. ...)
 	NOT-FOR-US: Apache MyFaces
-CVE-2010-2056
+CVE-2010-2056 (GNU gv before 3.7.0 allows local users to overwrite arbitrary files vi ...)
 	- gv 1:3.7.1-1 (low)
 	[lenny] - gv <no-dsa> (Minor issue)
-CVE-2010-2055
+CVE-2010-2055 (Ghostscript 8.71 and earlier reads initialization files from the curre ...)
 	- ghostscript 8.71~dfsg2-6.1 (bug #584653; bug #592569; bug #584663)
 	[lenny] - ghostscript <no-dsa> (too risky for regressions)
-CVE-2010-2054
+CVE-2010-2054 (Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB 1.3.4 t ...)
 	NOT-FOR-US: SBLIM SFCB
-CVE-2010-2053
+CVE-2010-2053 (emesenelib/ProfileManager.py in emesene before 1.6.2 allows local user ...)
 	- emesene 1.6.2-1 (low)
 	[lenny] - emesene <not-affected> (Introduced in 1.6.1)
 CVE-2010-2052
 	REJECTED
-CVE-2010-2051
+CVE-2010-2051 (SQL injection vulnerability in article.php in Debliteck DBCart allows  ...)
 	NOT-FOR-US: Debliteck DBCart
-CVE-2010-2050
+CVE-2010-2050 (Directory traversal vulnerability in the Moron Solutions MS Comment (c ...)
 	NOT-FOR-US: Moron Solutions MS Comment
-CVE-2010-2049
+CVE-2010-2049 (Cross-site scripting (XSS) vulnerability in jsp/audit/reports/ExportRe ...)
 	NOT-FOR-US: ManageEngine ADAudit Plus
-CVE-2010-2048
+CVE-2010-2048 (Multiple cross-site scripting (XSS) vulnerabilities in the Heartbeat m ...)
 	NOT-FOR-US: Heartbeat module for Drupal
-CVE-2010-2047
+CVE-2010-2047 (SQL injection vulnerability in index.php in JE CMS 1.0.0 and 1.1 allow ...)
 	NOT-FOR-US: JE CMS
-CVE-2010-2046
+CVE-2010-2046 (Multiple cross-site scripting (XSS) vulnerabilities in the ActiveHelpe ...)
 	NOT-FOR-US: ActiveHelper LiveHelp for Joomla
-CVE-2010-2045
+CVE-2010-2045 (Directory traversal vulnerability in the Dione Form Wizard (aka FDione ...)
 	NOT-FOR-US: Dione Form Wizard
-CVE-2010-2044
+CVE-2010-2044 (SQL injection vulnerability in the Konsultasi (com_konsultasi) compone ...)
 	NOT-FOR-US: Konsultasi for Joomla
-CVE-2010-2043
+CVE-2010-2043 (Cross-site scripting (XSS) vulnerability in Home.aspx in DataTrack Sys ...)
 	NOT-FOR-US: DataTrack System
-CVE-2010-2042
+CVE-2010-2042 (SQL injection vulnerability in search.php in ECShop 2.7.2 allows remot ...)
 	NOT-FOR-US: ECShop
-CVE-2010-2041
+CVE-2010-2041 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in PH ...)
 	NOT-FOR-US: PHP-Calendar
-CVE-2010-2040
+CVE-2010-2040 (Cross-site scripting (XSS) vulnerability in search.php in V-EVA Shopzi ...)
 	NOT-FOR-US: V-EVA Shopzilla script
-CVE-2010-2039
+CVE-2010-2039 (Cross-site request forgery (CSRF) vulnerability in gpEasy CMS 1.6.2, 1 ...)
 	NOT-FOR-US: gpEasy CMS
-CVE-2010-2038
+CVE-2010-2038 (Cross-site scripting (XSS) vulnerability in include/tool/editing_files ...)
 	NOT-FOR-US: gpEasy CMS
-CVE-2010-2037
+CVE-2010-2037 (Directory traversal vulnerability in the Percha Downloads Attach (com_ ...)
 	NOT-FOR-US: Percha
-CVE-2010-2036
+CVE-2010-2036 (Directory traversal vulnerability in the Percha Fields Attach (com_per ...)
 	NOT-FOR-US: Percha
-CVE-2010-2035
+CVE-2010-2035 (Directory traversal vulnerability in the Percha Gallery (com_perchagal ...)
 	NOT-FOR-US: Percha
-CVE-2010-2034
+CVE-2010-2034 (Directory traversal vulnerability in the Percha Image Attach (com_perc ...)
 	NOT-FOR-US: Percha
-CVE-2010-2033
+CVE-2010-2033 (Directory traversal vulnerability in the Percha Multicategory Article  ...)
 	NOT-FOR-US: Percha
-CVE-2010-2032
+CVE-2010-2032 (Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/dig ...)
 	NOT-FOR-US: Caucho Technology Resin Professional
-CVE-2010-2031
+CVE-2010-2031 (KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3 ...)
 	NOT-FOR-US: Kingsoft Webshield
-CVE-2010-2030
+CVE-2010-2030 (Cross-site scripting (XSS) vulnerability in the External Link Page mod ...)
 	NOT-FOR-US: External Link Page module for Drupal
-CVE-2010-2029
+CVE-2010-2029 (Cybozu Office 7 Ktai and Dotsales do not properly restrict access to t ...)
 	NOT-FOR-US: Cybozu Office and Dotsales
-CVE-2010-2028
+CVE-2010-2028 (Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 all ...)
 	NOT-FOR-US: k23productions TFTPGUI
-CVE-2010-2027
+CVE-2010-2027 (Mathematica 7, when running on Linux, allows local users to overwrite  ...)
 	NOT-FOR-US: Mathematica
-CVE-2010-2026
+CVE-2010-2026 (The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 ca ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2025
+CVE-2010-2025 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web  ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2024
+CVE-2010-2024 (transports/appendfile.c in Exim before 4.72, when MBX locking is enabl ...)
 	- exim4 4.72-1 (low)
 	[lenny] - exim4 <no-dsa> (Minor issue)
-CVE-2010-2023
+CVE-2010-2023 (transports/appendfile.c in Exim before 4.72, when a world-writable sti ...)
 	- exim4 4.72-1 (low)
 	[lenny] - exim4 <no-dsa> (Minor issue)
-CVE-2010-2022
+CVE-2010-2022 (jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root ...)
 	- kfreebsd-6 <not-affected> (jail binary not yet provided, see bug #584930)
 	- kfreebsd-7 <not-affected> (jail binary not yet provided, see bug #584930)
 	- kfreebsd-8 <not-affected> (jail binary not yet provided, see bug #584930)
-CVE-2010-2021
+CVE-2010-2021 (Open redirect vulnerability in the Global Redirect module 6.x-1.x befo ...)
 	NOT-FOR-US: Global Redirect module for Drupal is not in Debian
-CVE-2010-2020
+CVE-2010-2020 (sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD  ...)
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (Minor issue, not enabled by default)
 	- kfreebsd-7 7.3-2
 	[lenny] - kfreebsd-7 <no-dsa> (Minor issue, not enabled by default)
 	- kfreebsd-8 8.0-6 (bug #584930)
-CVE-2010-2019
+CVE-2010-2019 (SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, whe ...)
 	NOT-FOR-US: Lokomedia CMS
-CVE-2010-2018
+CVE-2010-2018 (Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4. ...)
 	NOT-FOR-US: Lokomedia CMS
-CVE-2010-2017
+CVE-2010-2017 (Cross-site scripting (XSS) vulnerability in hasil-pencarian.html in Lo ...)
 	NOT-FOR-US: Lokomedia CMS
-CVE-2010-2016
+CVE-2010-2016 (SQL injection vulnerability in details.php in Iceberg CMS allows remot ...)
 	NOT-FOR-US: Iceberg CMS
-CVE-2010-2015
+CVE-2010-2015 (Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote at ...)
 	NOT-FOR-US: LiSK CMS
-CVE-2010-2014
+CVE-2010-2014 (Cross-site scripting (XSS) vulnerability in cp/list_content.php in LiS ...)
 	NOT-FOR-US: LiSK CMS
-CVE-2010-2013
+CVE-2010-2013 (Cross-site scripting (XSS) vulnerability in cp/edit_email.php in LiSK  ...)
 	NOT-FOR-US: LiSK CMS
-CVE-2010-2012
+CVE-2010-2012 (SQL injection vulnerability in function.php in MigasCMS 1.1, when magi ...)
 	NOT-FOR-US: MigasCMS
-CVE-2010-2011
+CVE-2010-2011 (Microsoft Dynamics GP uses a substitution cipher to encrypt the system ...)
 	NOT-FOR-US: Microsoft Dynamics GP
-CVE-2010-2010
+CVE-2010-2010 (Multiple cross-site scripting (XSS) vulnerabilities in the Chaos Tool  ...)
 	NOT-FOR-US: CTools module for Drupal
-CVE-2010-2009
+CVE-2010-2009 (Stack-based buffer overflow in the media library in BS.Global BS.Playe ...)
 	NOT-FOR-US: BS.Global BS.Player
-CVE-2010-2008
+CVE-2010-2008 (MySQL before 5.1.48 allows remote authenticated users with alter datab ...)
 	- mysql-5.1 5.1.48-1
 	- mysql-dfsg-5.0 <not-affected> (Only affects MySQL 5.1 onwards)
-CVE-2010-2007
+CVE-2010-2007 (Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS  ...)
 	- mydms <removed> (bug #590904; low)
 	[lenny] - mydms <no-dsa> (Minor issue)
 	NOTE: seems to have changed name to letoDMS
-CVE-2010-2006
+CVE-2010-2006 (Directory traversal vulnerability in op/op.Login.php in LetoDMS (forme ...)
 	{DSA-2146-1}
 	- mydms 1.7.2+1.7.3-1.1 (bug #582587; medium)
 	NOTE: seems to have changed name to letoDMS
-CVE-2010-2005
+CVE-2010-2005 (Multiple PHP remote file inclusion vulnerabilities in DataLife Engine  ...)
 	NOT-FOR-US: Datalife Engine
-CVE-2010-2004
+CVE-2010-2004 (Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 Fre ...)
 	NOT-FOR-US: BS.Player
-CVE-2010-2003
+CVE-2010-2003 (Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Adva ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2010-2002
+CVE-2010-2002 (Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x  ...)
 	NOT-FOR-US: Wordfilter module for Drupal
-CVE-2010-2001
+CVE-2010-2001 (Cross-site scripting (XSS) vulnerability in the CiviRegister module be ...)
 	NOT-FOR-US: CiviRegister module for Drupal
-CVE-2010-2000
+CVE-2010-2000 (Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio)  ...)
 	NOT-FOR-US: Biblio module for Drupal
-CVE-2010-1999
+CVE-2010-1999 (Directory traversal vulnerability in scr/soustab.php in OpenMairie Ope ...)
 	NOT-FOR-US: OpenMairie
-CVE-2010-1998
+CVE-2010-1998 (Cross-site scripting (XSS) vulnerability in the CCK TableField module  ...)
 	NOT-FOR-US: CCK TableField module for Drupal
-CVE-2010-1997
+CVE-2010-1997 (Cross-site scripting (XSS) vulnerability in admin/edit.php in Saurus C ...)
 	NOT-FOR-US: Saurus CMS
-CVE-2010-1996
+CVE-2010-1996 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in To ...)
 	NOT-FOR-US: Tomato CMS
-CVE-2010-1995
+CVE-2010-1995 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in To ...)
 	NOT-FOR-US: Tomato CMS
-CVE-2010-1994
+CVE-2010-1994 (SQL injection vulnerability in index.php in TomatoCMS before 2.0.5 all ...)
 	NOT-FOR-US: Tomato CMS
-CVE-2010-1993
+CVE-2010-1993 (Opera 9.52 does not properly handle an IFRAME element with a mailto: U ...)
 	NOT-FOR-US: Opera
-CVE-2010-1992
+CVE-2010-1992 (Google Chrome 1.0.154.48 executes a mail application in situations whe ...)
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: http://translate.google.com/translate?hl=en&u=http://websecurity.com.ua/4206/&sl=uk&tl=en
 	NOTE: poc is just one window, but can be changed to open many
 	NOTE: this is a dos-only attack, so its considered unimportant
-CVE-2010-1991
+CVE-2010-1991 (Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-1990
+CVE-2010-1990 (Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, exec ...)
 	- xulrunner <unfixed> (unimportant; bug #582590)
 	- iceape <removed> (unimportant)
 	NOTE: browser dos attacks are not considered security-relevant
-CVE-2010-1989
+CVE-2010-1989 (Opera 9.52 executes a mail application in situations where an IMG elem ...)
 	NOT-FOR-US: Opera
-CVE-2010-1988
+CVE-2010-1988 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cau ...)
 	- xulrunner <unfixed> (unimportant)
 	- iceape <removed> (unimportant)
 	NOTE: these poc's do lead to heavy resource consumption on xulrunner 1.9.1.9, but it does not crash (that may be a windows-specific symptom)
-CVE-2010-1987
+CVE-2010-1987 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cau ...)
 	- xulrunner <unfixed> (unimportant)
 	- iceape <removed> (unimportant)
 	NOTE: these poc's do lead to heavy resource consumption on xulrunner 1.9.1.9, but it does not crash (that may be a windows-specific symptom)
-CVE-2010-1986
+CVE-2010-1986 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cau ...)
 	- xulrunner <unfixed> (unimportant)
 	- iceape <removed> (unimportant)
 	NOTE: these poc's do lead to heavy resource consumption on xulrunner 1.9.1.9, but it does not crash (that may be a windows-specific symptom)
-CVE-2010-1985
+CVE-2010-1985 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: Six Apart Movable type
-CVE-2010-1984
+CVE-2010-1984 (Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb mo ...)
 	NOT-FOR-US: Taxonomy Breadcrumb module for Drupal
-CVE-2010-1983
+CVE-2010-1983 (Directory traversal vulnerability in the redTWITTER (com_redtwitter) c ...)
 	NOT-FOR-US: com_redtwitter component for joomla!
-CVE-2010-1982
+CVE-2010-1982 (Directory traversal vulnerability in the JA Voice (com_javoice) compon ...)
 	NOT-FOR-US: com_javoice component for joomla!
-CVE-2010-1981
+CVE-2010-1981 (Directory traversal vulnerability in the Fabrik (com_fabrik) component ...)
 	NOT-FOR-US: com_fabrik component for joomla!
-CVE-2010-1980
+CVE-2010-1980 (Directory traversal vulnerability in joomlaflickr.php in the Joomla Fl ...)
 	NOT-FOR-US: com_joomlaflickr component for joomla!
-CVE-2010-1979
+CVE-2010-1979 (Directory traversal vulnerability in the Affiliate Datafeeds (com_data ...)
 	NOT-FOR-US: com_datafeeds component for joomla!
-CVE-2010-1978
+CVE-2010-1978 (PHP remote file inclusion vulnerability in default_theme.php in FreePH ...)
 	NOT-FOR-US: FreePHPBlogSoftware
-CVE-2010-1977
+CVE-2010-1977 (Directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmc ...)
 	NOT-FOR-US: com_jwhmcs component for joomla!
-CVE-2010-1976
+CVE-2010-1976 (Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb mo ...)
 	NOT-FOR-US: Taxonomy Breadcrumb module for Drupal
-CVE-2010-1975
+CVE-2010-1975 (PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8. ...)
 	{DSA-2051-1}
 	- postgresql-8.4 8.4.4-1 (low)
 	- postgresql-8.3 <removed> (low)
 CVE-2010-1974
 	REJECTED
-CVE-2010-1973
+CVE-2010-1973 (Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, ...)
 	NOT-FOR-US: OpenVMS
-CVE-2010-1972
+CVE-2010-1972 (The default configuration of HP Client Automation (HPCA) Enterprise In ...)
 	NOT-FOR-US: HP Client Automation
-CVE-2010-1971
+CVE-2010-1971 (Cross-site request forgery (CSRF) vulnerability in HP Insight Software ...)
 	NOT-FOR-US: HP Insight
-CVE-2010-1970
+CVE-2010-1970 (Unspecified vulnerability in HP Insight Software Installer for Windows ...)
 	NOT-FOR-US: HP Insight
-CVE-2010-1969
+CVE-2010-1969 (Cross-site scripting (XSS) vulnerability in HP Virtual Connect Enterpr ...)
 	NOT-FOR-US: HP Virtual Connect Enterprise Manager
-CVE-2010-1968
+CVE-2010-1968 (Cross-site request forgery (CSRF) vulnerability in HP Insight Software ...)
 	NOT-FOR-US: HP Insight
-CVE-2010-1967
+CVE-2010-1967 (Unspecified vulnerability in HP Insight Software Installer for Windows ...)
 	NOT-FOR-US: HP Insight
-CVE-2010-1966
+CVE-2010-1966 (Unspecified vulnerability in HP Insight Control power management for W ...)
 	NOT-FOR-US: HP Insight
-CVE-2010-1965
+CVE-2010-1965 (Unspecified vulnerability in HP Insight Orchestration for Windows befo ...)
 	NOT-FOR-US: HP Insight
-CVE-2010-1964
+CVE-2010-1964 (Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manage ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1963
+CVE-2010-1963 (Cross-site scripting (XSS) vulnerability in HP ServiceCenter allows re ...)
 	NOT-FOR-US: HP ServiceCenter
-CVE-2010-1962
+CVE-2010-1962 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 befor ...)
 	NOT-FOR-US: HP StorageWorks
-CVE-2010-1961
+CVE-2010-1961 (Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Netwo ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1960
+CVE-2010-1960 (Buffer overflow in the error handling functionality in ovwebsnmpsrv.ex ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1959
+CVE-2010-1959 (Unspecified vulnerability in HP TestDirector for Quality Center 9.2 be ...)
 	NOT-FOR-US: HP TestDirector for Quality Center
-CVE-2010-1958
+CVE-2010-1958 (Cross-site scripting (XSS) vulnerability in the FileField module 5.x b ...)
 	NOT-FOR-US: Drupal addon
-CVE-2010-1957
+CVE-2010-1957 (Directory traversal vulnerability in the Love Factory (com_lovefactory ...)
 	NOT-FOR-US: com_lovefactory component for joomla!
-CVE-2010-1956
+CVE-2010-1956 (Directory traversal vulnerability in the Gadget Factory (com_gadgetfac ...)
 	NOT-FOR-US: com_gadgetfactory component for joomla!
-CVE-2010-1955
+CVE-2010-1955 (Directory traversal vulnerability in the Deluxe Blog Factory (com_blog ...)
 	NOT-FOR-US: com_blogfactory component for joomla!
-CVE-2010-1954
+CVE-2010-1954 (Directory traversal vulnerability in the iNetLanka Multiple root (com_ ...)
 	NOT-FOR-US: com_multiroot component for joomla!
-CVE-2010-1953
+CVE-2010-1953 (Directory traversal vulnerability in the iNetLanka Multiple Map (com_m ...)
 	NOT-FOR-US: com_multimap component for joomla!
-CVE-2010-1952
+CVE-2010-1952 (Directory traversal vulnerability in the BeeHeard (com_beeheard) and B ...)
 	NOT-FOR-US: com_beeheard component for joomla!
-CVE-2010-1951
+CVE-2010-1951 (Multiple directory traversal vulnerabilities in 60cycleCMS allow remot ...)
 	NOT-FOR-US: 60cycleCMS
-CVE-2010-1950
+CVE-2010-1950 (SQL injection vulnerability in the Online News Paper Manager (com_jnew ...)
 	NOT-FOR-US: Online News Paper Manager
-CVE-2010-1949
+CVE-2010-1949 (SQL injection vulnerability in the Online News Paper Manager (com_jnew ...)
 	NOT-FOR-US: Online News Paper Manager
-CVE-2010-1948
+CVE-2010-1948 (Directory traversal vulnerability in scr/soustab.php in openMairie Ope ...)
 	NOT-FOR-US: openMairie
-CVE-2010-1947
+CVE-2010-1947 (Directory traversal vulnerability in scr/soustab.php in openMairie Ope ...)
 	NOT-FOR-US: openMairie
-CVE-2010-1946
+CVE-2010-1946 (Multiple PHP remote file inclusion vulnerabilities in openMairie Openr ...)
 	NOT-FOR-US: openMairie
-CVE-2010-1945
+CVE-2010-1945 (Multiple PHP remote file inclusion vulnerabilities in openMairie Openf ...)
 	NOT-FOR-US: openMairie
-CVE-2010-1944
+CVE-2010-1944 (Multiple PHP remote file inclusion vulnerabilities in openMairie openC ...)
 	NOT-FOR-US: openMairie
-CVE-2010-1943
+CVE-2010-1943 (Unspecified vulnerability in NEC CapsSuite Small Edition PatchMeister  ...)
 	NOT-FOR-US: NEC CapsSuite Small Edition
-CVE-2010-1942
+CVE-2010-1942 (Unspecified vulnerability in the Servlet service in Fujitsu Limited In ...)
 	NOT-FOR-US: Fujitsu Limited Interstage Application Server
-CVE-2010-1941
+CVE-2010-1941 (Unspecified vulnerability in NEC WebSAM DeploymentManager 5.13 and ear ...)
 	NOT-FOR-US: NEC WebSAM DeploymentManager
-CVE-2010-1940
+CVE-2010-1940 (Apple Safari 4.0.5 on Windows sends the "Authorization: Basic" header  ...)
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
 	NOTE: Safari-specific. Chromium and Safari have totally separate HTTP stacks.
-CVE-2010-1939
+CVE-2010-1939 (Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows r ...)
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
 	NOTE: poc seems to cause a dos in both chromium and webkit; not sure if code execution is possible
 	NOTE: This is Safari only
-CVE-2010-1938
+CVE-2010-1938 (Off-by-one error in the __opiereadrec function in readrec.c in libopie ...)
 	- opie 2.32.dfsg.1-0.2 (low; bug #584932)
 	[lenny] - opie 2.32-10.2+lenny2
-CVE-2010-1937
+CVE-2010-1937 (Heap-based buffer overflow in httpAdapter.c in httpAdapter in SBLIM SF ...)
 	NOT-FOR-US: SBLIM SFCB
-CVE-2010-1936
+CVE-2010-1936 (Directory traversal vulnerability in scr/soustab.php in openMairie ope ...)
 	NOT-FOR-US: openMairie openComInterne
-CVE-2010-1935
+CVE-2010-1935 (Directory traversal vulnerability in scr/soustab.php in openMairie Ope ...)
 	NOT-FOR-US: openMairie Openpresse
-CVE-2010-1934
+CVE-2010-1934 (Multiple PHP remote file inclusion vulnerabilities in openMairie openP ...)
 	NOT-FOR-US: openMairie openPlanning
-CVE-2010-1928
+CVE-2010-1928 (Directory traversal vulnerability in scr/soustab.php in openMairie ope ...)
 	NOT-FOR-US: openMairie openPlanning
-CVE-2010-1927
+CVE-2010-1927 (Multiple PHP remote file inclusion vulnerabilities in openMairie openC ...)
 	NOT-FOR-US: openMairie openCourrier
-CVE-2010-1926
+CVE-2010-1926 (Directory traversal vulnerability in scr/soustab.php in openMairie ope ...)
 	NOT-FOR-US: openMairie openCourrier
-CVE-2010-1925
+CVE-2010-1925 (SQL injection vulnerability in makale.php in tekno.Portal 0.1b allows  ...)
 	NOT-FOR-US: tekno.Portal
-CVE-2010-1924
+CVE-2010-1924 (SQL injection vulnerability in index.php in Hi Web Wiesbaden Live Shop ...)
 	NOT-FOR-US: Hi Web Wiesbaden Live Shopping multi Portal System
-CVE-2010-1923
+CVE-2010-1923 (SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 So ...)
 	NOT-FOR-US: Hi Web Wiesbaden Web Social Network Community System
-CVE-2010-1922
+CVE-2010-1922 (Multiple PHP remote file inclusion vulnerabilities in 29o3 CMS 0.1 all ...)
 	NOT-FOR-US: 29o3 CMS
-CVE-2010-1921
+CVE-2010-1921 (Multiple PHP remote file inclusion vulnerabilities in OpenMairie openA ...)
 	NOT-FOR-US: OpenMairie openAnnuaire
-CVE-2010-1920
+CVE-2010-1920 (Directory traversal vulnerability in scr/soustab.php in OpenMairie ope ...)
 	NOT-FOR-US: OpenMairie openAnnuaire
 CVE-2010-1933
 	RESERVED
-CVE-2010-1932
+CVE-2010-1932 (Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allow ...)
 	NOT-FOR-US: XnView
-CVE-2010-1931
+CVE-2010-1931 (SQL injection vulnerability in includes/content/cart.inc.php in CubeCa ...)
 	NOT-FOR-US: CubeCart PHP Shopping Cart
-CVE-2010-1930
+CVE-2010-1930 (Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows  ...)
 	NOT-FOR-US: Novell iManager
-CVE-2010-1929
+CVE-2010-1929 (Multiple stack-based buffer overflows in the jclient._Java_novell_jcli ...)
 	NOT-FOR-US: Novell iImanager
-CVE-2010-1919
+CVE-2010-1919 (Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allow ...)
 	NOT-FOR-US: EMC
-CVE-2010-1913
+CVE-2010-1913 (The default configuration of pluginlicense.ini for the SdcWebSecureBas ...)
 	NOT-FOR-US: Consona
-CVE-2010-1912
+CVE-2010-1912 (The SdcWebSecureBase interface in tgctlcm.dll in Consona Live Assistan ...)
 	NOT-FOR-US: Consona
-CVE-2010-1911
+CVE-2010-1911 (The site-locking implementation in the SdcWebSecureBase interface in t ...)
 	NOT-FOR-US: Consona
-CVE-2010-1910
+CVE-2010-1910 (The Forgot Password implementation in Consona Live Assistance, Dynamic ...)
 	NOT-FOR-US: Consona
-CVE-2010-1909
+CVE-2010-1909 (Buffer overflow in the RunCmd method in the SdcUser.TgConCtl ActiveX c ...)
 	NOT-FOR-US: Consona
-CVE-2010-1908
+CVE-2010-1908 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live As ...)
 	NOT-FOR-US: Consona
-CVE-2010-1907
+CVE-2010-1907 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live As ...)
 	NOT-FOR-US: ConsonA
-CVE-2010-1906
+CVE-2010-1906 (tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair Manag ...)
 	NOT-FOR-US: Consona
-CVE-2010-1905
+CVE-2010-1905 (Multiple cross-site scripting (XSS) vulnerabilities in Consona Live As ...)
 	NOT-FOR-US: Consona
-CVE-2010-1904
+CVE-2010-1904 (SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5. ...)
 	NOT-FOR-US: EMC RSA key manager
-CVE-2010-1903
+CVE-2010-1903 (Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, a ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-1902
+CVE-2010-1902 (Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007  ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-1901
+CVE-2010-1901 (Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Offi ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2010-1900
+CVE-2010-1900 (Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Offi ...)
 	NOT-FOR-US: Microsoft Office Word
-CVE-2010-1899
+CVE-2010-1899 (Stack consumption vulnerability in the ASP implementation in Microsoft ...)
 	NOT-FOR-US: Microsoft IIS
-CVE-2010-1898
+CVE-2010-1898 (The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2010-1897
+CVE-2010-1897 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1896
+CVE-2010-1896 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1895
+CVE-2010-1895 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1894
+CVE-2010-1894 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1893
+CVE-2010-1893 (Integer overflow in the TCP/IP stack in Microsoft Windows Vista SP1, W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1892
+CVE-2010-1892 (The TCP/IP stack in Microsoft Windows Vista SP1 and SP2, Windows Serve ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1891
+CVE-2010-1891 (The Client/Server Runtime Subsystem (aka CSRSS) in the Win32 subsystem ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1890
+CVE-2010-1890 (The kernel in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1889
+CVE-2010-1889 (Double free vulnerability in the kernel in Microsoft Windows Vista SP1 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1888
+CVE-2010-1888 (Race condition in the kernel in Microsoft Windows XP SP3 allows local  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1887
+CVE-2010-1887 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1886
+CVE-2010-1886 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vis ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1885
+CVE-2010-1885 (The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help an ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-1884
 	REJECTED
-CVE-2010-1883
+CVE-2010-1883 (Integer overflow in the Embedded OpenType (EOT) Font Engine in Microso ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1882
+CVE-2010-1882 (Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsof ...)
 	NOT-FOR-US: MPEG Layer-3 Audio Codec for
-CVE-2010-1881
+CVE-2010-1881 (The FieldList ActiveX control in the Microsoft Access Wizard Controls  ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1880
+CVE-2010-1880 (Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1879
+CVE-2010-1879 (Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media  ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1878
+CVE-2010-1878 (Directory traversal vulnerability in the OrgChart (com_orgchart) compo ...)
 	NOT-FOR-US: com_orgchart component for joomla!
-CVE-2010-1877
+CVE-2010-1877 (SQL injection vulnerability in the JTM Reseller (com_jtm) component 1. ...)
 	NOT-FOR-US: com_jtm component for joomla!
-CVE-2010-1876
+CVE-2010-1876 (SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 allow ...)
 	NOT-FOR-US: AJ Shopping Cart
-CVE-2010-1875
+CVE-2010-1875 (Directory traversal vulnerability in the Real Estate Property (com_pro ...)
 	NOT-FOR-US: com_properties component for joomla!
-CVE-2010-1874
+CVE-2010-1874 (SQL injection vulnerability in the Real Estate Property (com_propertie ...)
 	NOT-FOR-US: com_properties component for joomla!
-CVE-2010-1873
+CVE-2010-1873 (SQL injection vulnerability in the Jvehicles (com_jvehicles) component ...)
 	NOT-FOR-US: com_jvehicles component for joomla!
-CVE-2010-1872
+CVE-2010-1872 (Cross-site scripting (XSS) vulnerability in cPlayer.php in FlashCard 2 ...)
 	NOT-FOR-US: FlashCard
-CVE-2010-1918
+CVE-2010-1918 (SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and earlie ...)
 	NOT-FOR-US: EFront ask_chat
-CVE-2010-1917
+CVE-2010-1917 (Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 thro ...)
 	{DSA-2089-1}
 	- php5 5.3.3-1 (low)
 	[lenny] - php5 <no-dsa> (Minor issue)
-CVE-2010-1916
+CVE-2010-1916 (The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2  ...)
 	- serendipity 1.5.3-1
 	[lenny] - serendipity <not-affected> (Only affects >= 1.4)
 	- horde3 <not-affected> (Vulnerable code not included, see bug #585165)
 	- openacs <not-affected> (Doesn't use the PHP interface, see bug #585163)
 	- dotlrn <not-affected> (Doesn't use the PHP interface, see bug #585164)
-CVE-2010-1915
+CVE-2010-1915 (The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through 5.3. ...)
 	- php5 <removed> (unimportant)
-CVE-2010-1914
+CVE-2010-1914 (The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows ...)
 	- php5 <removed> (unimportant)
-CVE-2010-1871
+CVE-2010-1871 (JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Pl ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-1870
+CVE-2010-1870 (The OGNL extensive expression evaluation capability in XWork in Struts ...)
 	- libstruts1.2-java <not-affected> (issue involves a problem in xwork, which was introduced in struts2)
 	- libspring-2.5-java <not-affected> (Vulnerable code not present)
-CVE-2010-1869
+CVE-2010-1869 (Stack-based buffer overflow in the parser function in GhostScript 8.70 ...)
 	{DSA-2080-1}
 	- ghostscript 8.71~dfsg-4
 	NOTE: http://www.openwall.com/lists/oss-security/2010/05/11/3
-CVE-2010-1868
+CVE-2010-1868 (The (1) sqlite_single_query and (2) sqlite_array_query functions in ex ...)
 	- php5 <removed> (unimportant)
-CVE-2010-1867
+CVE-2010-1867 (SQL injection vulnerability in the ArticleAttachment::GetAttachmentsBy ...)
 	NOT-FOR-US: Campsite
-CVE-2010-1866
+CVE-2010-1866 (The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chu ...)
 	- php5 5.3.3-1 (low)
 	[lenny] - php5 <not-affected> (dechunk filter introduced in 5.3)
-CVE-2010-1865
+CVE-2010-1865 (Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earl ...)
 	NOT-FOR-US: ClanSphere
-CVE-2010-1864
+CVE-2010-1864 (The addcslashes function in PHP 5.2 through 5.2.13 and 5.3 through 5.3 ...)
 	- php5 5.3.3-1 (unimportant)
-CVE-2010-1863
+CVE-2010-1863 (SQL injection vulnerability in the shoutbox module (modules/shoutbox.p ...)
 	NOT-FOR-US: ClanTiger
-CVE-2010-1862
+CVE-2010-1862 (The chunk_split function in PHP 5.2 through 5.2.13 and 5.3 through 5.3 ...)
 	- php5 <removed> (unimportant)
-CVE-2010-1861
+CVE-2010-1861 (The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 ...)
 	- php5 <removed> (unimportant)
-CVE-2010-1860
+CVE-2010-1860 (The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 thro ...)
 	- php5 5.3.3-1 (unimportant)
-CVE-2010-1859
+CVE-2010-1859 (SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier ...)
 	NOT-FOR-US: DeluxeBB
-CVE-2010-1858
+CVE-2010-1858 (Directory traversal vulnerability in the SMEStorage (com_smestorage) c ...)
 	NOT-FOR-US: com_smestorage component for joomla!
-CVE-2010-1857
+CVE-2010-1857 (SQL injection vulnerability in index.php in RepairShop2 1.9.023 Trial, ...)
 	NOT-FOR-US: RepairShop2
-CVE-2010-1856
+CVE-2010-1856 (Cross-site scripting (XSS) vulnerability in index.php in RepairShop2 1 ...)
 	NOT-FOR-US: RepairShop2
-CVE-2010-1855
+CVE-2010-1855 (SQL injection vulnerability in auktion.php in Pay Per Watch &amp; Bid  ...)
 	NOT-FOR-US: Pay Per Watch & Bid Auktions System
-CVE-2010-1854
+CVE-2010-1854 (Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Wat ...)
 	NOT-FOR-US: Pay Per Watch & Bid Auktions System
-CVE-2010-1853
+CVE-2010-1853 (Multiple stack-based buffer overflows in the tr_magnetParse function i ...)
 	- transmission 1.92-1
 	[lenny] - transmission <not-affected> (Support for Magnet links not yet available)
-CVE-2010-1852
+CVE-2010-1852 (Microsoft Internet Explorer, when the Invisible Hand extension is enab ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-1851
+CVE-2010-1851 (Google Chrome, when the Invisible Hand extension is enabled, uses cook ...)
 	NOT-FOR-US: Invisible Hand extension for chromium
-CVE-2010-1850
+CVE-2010-1850 (Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allo ...)
 	{DSA-2057-1}
 	- mysql-5.1 5.1.47-1 (bug #582526)
 	- mysql-dfsg-5.0 <removed>
 CVE-2010-XXXX [wicd changes permissions of resolv.conf]
 	- wicd 1.7.0+ds1-3 (low; bug #582798)
-CVE-2010-1849
+CVE-2010-1849 (The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through  ...)
 	{DSA-2057-1}
 	- mysql-5.1 5.1.47-1 (bug #582526)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-1848
+CVE-2010-1848 (Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1  ...)
 	{DSA-2057-1}
 	- mysql-5.1 5.1.47-1 (bug #582526)
 	- mysql-dfsg-5.0 <removed>
-CVE-2010-1847
+CVE-2010-1847 (The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly pe ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1846
+CVE-2010-1846 (Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 1 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1845
+CVE-2010-1845 (ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remot ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1844
+CVE-2010-1844 (Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x be ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1843
+CVE-2010-1843 (Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote attac ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1842
+CVE-2010-1842 (Buffer overflow in AppKit in Apple Mac OS X 10.6.x before 10.6.5 allow ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1841
+CVE-2010-1841 (Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows r ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1840
+CVE-2010-1840 (Stack-based buffer overflow in the password-validation functionality i ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2010-1839
 	RESERVED
-CVE-2010-1838
+CVE-2010-1838 (Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 d ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1837
+CVE-2010-1837 (CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remo ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1836
+CVE-2010-1836 (Stack-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 a ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2010-1835
 	RESERVED
-CVE-2010-1834
+CVE-2010-1834 (CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly val ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1833
+CVE-2010-1833 (Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 allow ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1832
+CVE-2010-1832 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1831
+CVE-2010-1831 (Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1830
+CVE-2010-1830 (AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1829
+CVE-2010-1829 (Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1828
+CVE-2010-1828 (AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows re ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2010-1827
 	RESERVED
 CVE-2010-1826
 	RESERVED
-CVE-2010-1825
+CVE-2010-1825 (Use-after-free vulnerability in WebKit, as used in Google Chrome befor ...)
 	- chromium-browser 6.0.472.59~r59126-1
 	NOTE: http://trac.webkit.org/changeset/66847
-CVE-2010-1824
+CVE-2010-1824 (Use-after-free vulnerability in WebKit, as used in Apple iTunes before ...)
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 6.0.472.59~r59126-1
 	NOTE: http://trac.webkit.org/changeset/66795
-CVE-2010-1823
+CVE-2010-1823 (Use-after-free vulnerability in WebKit before r65958, as used in Googl ...)
 	- webkit <not-affected> (vulnerable code not present in 1.2.x series)
 	- chromium-browser 6.0.472.59~r59126-1
 	NOTE: http://trac.webkit.org/changeset/65958
-CVE-2010-1822
+CVE-2010-1822 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 an ...)
 	- webkit <not-affected> (rendererIsNeeded function not present in 1.2.x series)
 	- chromium-browser 6.0.472.62~r59676-1
-CVE-2010-1821
+CVE-2010-1821 (Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1820
+CVE-2010-1820 (Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through 10 ...)
 	NOT-FOR-US: Apple Filing Protocol Server
-CVE-2010-1819
+CVE-2010-1819 (Untrusted search path vulnerability in the Picture Viewer in Apple Qui ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-1818
+CVE-2010-1818 (The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple Quick ...)
 	NOT-FOR-US: QuickTime
-CVE-2010-1817
+CVE-2010-1817 (Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and i ...)
 	NOT-FOR-US: Apple iOS
-CVE-2010-1816
+CVE-2010-1816 (Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and M ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1815
+CVE-2010-1815 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the  ...)
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
-CVE-2010-1814
+CVE-2010-1814 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webki ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-1813
+CVE-2010-1813 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows rem ...)
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/63048
-CVE-2010-1812
+CVE-2010-1812 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-1811
+CVE-2010-1811 (ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows re ...)
 	NOT-FOR-US: Apple iOS
-CVE-2010-1810
+CVE-2010-1810 (FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not ...)
 	NOT-FOR-US: Apple iOS
-CVE-2010-1809
+CVE-2010-1809 (The Accessibility component in Apple iOS before 4.1 on the iPhone and  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2010-1808
+CVE-2010-1808 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1807
+CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android  ...)
 	- webkit 1.2.5-1 (bug #599830)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected>
@@ -8884,109 +8884,109 @@ CVE-2010-1807
 	NOTE: scheme used by webkit (and mozilla). The fix is not to accept "NAN(payload)".
 	NOTE: test-case: -parseFloat("NAN(ffffeeeeeff0f)")
 	NOTE: reproduced with epiphany
-CVE-2010-1806
+CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x  ...)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: http://trac.webkit.org/changeset/63772
-CVE-2010-1805
+CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 a ...)
 	- webkit <not-affected> (windows-specific issue)
 	- chromium-browser <not-affected> (windows-specific issue)
 	NOTE: This is the windows DLL planting attack
-CVE-2010-1804
+CVE-2010-1804 (Unspecified vulnerability in the network bridge functionality on the A ...)
 	NOT-FOR-US: Apple
-CVE-2010-1803
+CVE-2010-1803 (Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify th ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1802
+CVE-2010-1802 (libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perf ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1801
+CVE-2010-1801 (Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 an ...)
 	NOT-FOR-US: CoreGraphics
-CVE-2010-1800
+CVE-2010-1800 (CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL a ...)
 	NOT-FOR-US: CFNetwork
-CVE-2010-1799
+CVE-2010-1799 (Stack-based buffer overflow in the error-logging functionality in Appl ...)
 	NOT-FOR-US: Apple QuickTime on Windows
 CVE-2010-1798
 	RESERVED
-CVE-2010-1797
+CVE-2010-1797 (Multiple stack-based buffer overflows in the cff_decoder_parse_charstr ...)
 	{DSA-2105-1}
 	- freetype 2.4.2-1
-CVE-2010-1796
+CVE-2010-1796 (The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 thr ...)
 	- webkit <not-affected>
 	- chromium-browser <not-affected>
 	NOTE: Very Safari specific
-CVE-2010-1795
+CVE-2010-1795 (Untrusted search path vulnerability in Apple iTunes before 9.1, when r ...)
 	NOT-FOR-US: Apple iTunes on Windows
-CVE-2010-1794
+CVE-2010-1794 (The webdav_mount function in webdav_vfsops.c in the WebDAV kernel exte ...)
 	NOT-FOR-US: Apple
-CVE-2010-1793
+CVE-2010-1793 (Multiple use-after-free vulnerabilities in WebKit in Apple Safari befo ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
 	NOTE: http://trac.webkit.org/changeset/62482
 	NOTE: http://trac.webkit.org/changeset/62662
 	NOTE: duplicated as cve-2010-2902
-CVE-2010-1792
+CVE-2010-1792 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and  ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/62386
 	NOTE: Chromium uses a totally different regexp implementation.
-CVE-2010-1791
+CVE-2010-1791 (Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac ...)
 	- webkit 1.2.6-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected>
 	NOTE: this is specific to Safari's JavaScript engine
-CVE-2010-1790
+CVE-2010-1790 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and  ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/62301
 	NOTE: this is specific to Safari's JavaScript engine
-CVE-2010-1789
+CVE-2010-1789 (Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on M ...)
 	- webkit <not-affected>
 	- chromium-browser <not-affected>
 	NOTE: this is specific to Safari's JavaScript engine
-CVE-2010-1788
+CVE-2010-1788 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and  ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=40994
 	NOTE: http://trac.webkit.org/changeset/62482
-CVE-2010-1787
+CVE-2010-1787 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and  ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: http://trac.webkit.org/changeset/61044
-CVE-2010-1786
+CVE-2010-1786 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: http://trac.webkit.org/changeset/61667
 	NOTE: duplicated as cve-2010-2647
-CVE-2010-1785
+CVE-2010-1785 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and  ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-1
 	NOTE: http://trac.webkit.org/changeset/61050
 	NOTE: http://trac.webkit.org/changeset/61051
-CVE-2010-1784
+CVE-2010-1784 (The counters functionality in the Cascading Style Sheets (CSS) impleme ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
 	NOTE: http://trac.webkit.org/changeset/62271
-CVE-2010-1783
+CVE-2010-1783 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and  ...)
 	{DSA-2188-1}
 	- webkit 1.2.7-1
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: (Chromium Sec) This seems a duplicate of CVE-2010-2899
 	NOTE: http://trac.webkit.org/changeset/62134
-CVE-2010-1782
+CVE-2010-1782 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and  ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=41375
 	NOTE: http://trac.webkit.org/changeset/61921
-CVE-2010-1781
+CVE-2010-1781 (Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPh ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-1780
+CVE-2010-1780 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on ...)
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.125~r53311-1
@@ -8994,60 +8994,60 @@ CVE-2010-1780
 	NOTE: http://trac.webkit.org/changeset/60984
 CVE-2010-1779
 	RESERVED
-CVE-2010-1778
+CVE-2010-1778 (Cross-site scripting (XSS) vulnerability in Apple Safari before 5.0.1  ...)
 	- webkit <not-affected>
 	- chromium-browser <not-affected>
 	NOTE: Safari only (chromium security team)
-CVE-2010-1777
+CVE-2010-1777 (Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2010-1776
+CVE-2010-1776 (Find My iPhone on iOS 2.0 through 3.1.3 for iPhone 3G and later and iO ...)
 	NOT-FOR-US: Apple iOS
-CVE-2010-1775
+CVE-2010-1775 (Race condition in Passcode Lock in Apple iOS before 4 on the iPhone an ...)
 	NOT-FOR-US: Apple iPhone Passcode Lock
-CVE-2010-1774
+CVE-2010-1774 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38261
 	NOTE: http://trac.webkit.org/changeset/59495
-CVE-2010-1773
+CVE-2010-1773 (Off-by-one error in the toAlphabetic function in rendering/RenderListM ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39508
 	NOTE: http://trac.webkit.org/changeset/59950
-CVE-2010-1772
+CVE-2010-1772 (Use-after-free vulnerability in page/Geolocation.cpp in WebCore in Web ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39388
 	NOTE: http://trac.webkit.org/changeset/59859
-CVE-2010-1771
+CVE-2010-1771 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39453
 	NOTE: http://trac.webkit.org/changeset/59876
-CVE-2010-1770
+CVE-2010-1770 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38626
 	NOTE: http://trac.webkit.org/changeset/59795
-CVE-2010-1769
+CVE-2010-1769 (WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 o ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: dupe of CVE-2010-1774
-CVE-2010-1768
+CVE-2010-1768 (Unspecified vulnerability in Apple iTunes before 9.1 allows local user ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2010-1767
+CVE-2010-1767 (Cross-site request forgery (CSRF) vulnerability in loader/DocumentThre ...)
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36843
 	NOTE: http://trac.webkit.org/changeset/57041
-CVE-2010-1766
+CVE-2010-1766 (Off-by-one error in the WebSocketHandshake::readServerHandshake functi ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
@@ -9059,174 +9059,174 @@ CVE-2010-1765
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37933
 	NOTE: http://trac.webkit.org/changeset/57995
-CVE-2010-1764
+CVE-2010-1764 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=31410
 	NOTE: http://trac.webkit.org/changeset/55157
-CVE-2010-1763
+CVE-2010-1763 (Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Wind ...)
 	- webkit <not-affected> (vulnerable code introduced in svn58950, which isn't included in 1.2.1 yet)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39008
 	NOTE: http://trac.webkit.org/changeset/59486
-CVE-2010-1762
+CVE-2010-1762 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38922
 	NOTE: http://trac.webkit.org/changeset/59241
 	NOTE: http://trac.webkit.org/changeset/59242
-CVE-2010-1761
+CVE-2010-1761 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37760
 	NOTE: http://trac.webkit.org/changeset/59263
-CVE-2010-1760
+CVE-2010-1760 (loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementati ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.99~r51029-2
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37781
 	NOTE: http://trac.webkit.org/changeset/58409
-CVE-2010-1759
+CVE-2010-1759 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38583
 	NOTE: http://trac.webkit.org/changeset/59109
-CVE-2010-1758
+CVE-2010-1758 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=28697
 	NOTE: http://trac.webkit.org/changeset/59098
-CVE-2010-1757
+CVE-2010-1757 (WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enf ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2010-1756
+CVE-2010-1756 (The Settings application in Apple iOS before 4 on the iPhone and iPod  ...)
 	NOT-FOR-US: Apple iPhone
-CVE-2010-1755
+CVE-2010-1755 (Safari in Apple iOS before 4 on the iPhone and iPod touch does not pro ...)
 	NOT-FOR-US: Apple Safari
-CVE-2010-1754
+CVE-2010-1754 (Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does  ...)
 	NOT-FOR-US: Apple Passcode Lock
-CVE-2010-1753
+CVE-2010-1753 (ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remo ...)
 	NOT-FOR-US: iOS
-CVE-2010-1752
+CVE-2010-1752 (Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the  ...)
 	NOT-FOR-US: Apple CFNetwork
-CVE-2010-1751
+CVE-2010-1751 (Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch ...)
 	NOT-FOR-US: Apple Application Sandbox
-CVE-2010-1750
+CVE-2010-1750 (Use-after-free vulnerability in Apple Safari before 5.0 on Windows all ...)
 	NOT-FOR-US: Apple Safari
-CVE-2010-1749
+CVE-2010-1749 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=27193
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38625
 	NOTE: http://trac.webkit.org/changeset/45941
-CVE-2010-1748
+CVE-2010-1748 (The cgi_initialize_string function in cgi-bin/var.c in the web interfa ...)
 	{DSA-2176-1}
 	- cups 1.4.4-1
 CVE-2010-1747
 	RESERVED
-CVE-2010-1746
+CVE-2010-1746 (Multiple cross-site scripting (XSS) vulnerabilities in the Table JX (c ...)
 	NOT-FOR-US: com_grid component for joomla!
 CVE-2010-1745
 	REJECTED
-CVE-2010-1744
+CVE-2010-1744 (SQL injection vulnerability in product.html in B2B Gold Script allows  ...)
 	NOT-FOR-US: B2B Gold Script
-CVE-2010-1743
+CVE-2010-1743 (SQL injection vulnerability in projects.php in Scratcher allows remote ...)
 	NOT-FOR-US: Scratcher
-CVE-2010-1742
+CVE-2010-1742 (Cross-site scripting (XSS) vulnerability in projects.php in Scratcher  ...)
 	NOT-FOR-US: Scratcher
-CVE-2010-1741
+CVE-2010-1741 (SQL injection vulnerability in request_account.php in Billwerx RC 5.2. ...)
 	NOT-FOR-US: Billwerx
-CVE-2010-1740
+CVE-2010-1740 (SQL injection vulnerability in newsletter.php in GuppY 4.5.18 allows r ...)
 	NOT-FOR-US: GuppY
-CVE-2010-1739
+CVE-2010-1739 (SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component ...)
 	NOT-FOR-US: com_newsfeeds component for joomla!
 CVE-2010-1738
 	REJECTED
-CVE-2010-1737
+CVE-2010-1737 (PHP remote file inclusion vulnerability in core/includes/gfw_smarty.ph ...)
 	NOT-FOR-US: Gallo
-CVE-2010-1736
+CVE-2010-1736 (KrM Haber 1.0 stores sensitive information under the web root with ins ...)
 	NOT-FOR-US: KrM Haber
-CVE-2010-1735
+CVE-2010-1735 (The SfnLOGONNOTIFY function in win32k.sys in the kernel in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1734
+CVE-2010-1734 (The SfnINSTRING function in win32k.sys in the kernel in Microsoft Wind ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1733
+CVE-2010-1733 (Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02 ...)
 	- ocsinventory-server <unfixed> (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2010-1732
+CVE-2010-1732 (Cross-site request forgery (CSRF) vulnerability in the users module in ...)
 	NOT-FOR-US: Zikula Application Framework
-CVE-2010-1731
+CVE-2010-1731 (Google Chrome on the HTC Hero allows remote attackers to cause a denia ...)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: various crashes on window close after opening the file on chromium (including sometimes segfaults)
 	NOTE: CVE-2010-1729/1730/1731 are the same issue but with different effects
 	NOTE: not reproducible with chromium-browser 5.0.375.55~r47796-1
-CVE-2010-1730
+CVE-2010-1730 (Dolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause ...)
 	NOT-FOR-US: Dolphin browser, Konqueror not covered by security support
 	NOTE: CVE-2010-1729/1730/1731 are the same issue but with different effects
-CVE-2010-1729
+CVE-2010-1729 (WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, ...)
 	- webkit <unfixed> (unimportant)
 	NOTE: CVE-2010-1729/1730/1731 are the same issue but with different effects
 	NOTE: dos-only on webkit
-CVE-2010-1728
+CVE-2010-1728 (Opera before 10.53 on Windows and Mac OS X does not properly handle a  ...)
 	NOT-FOR-US: Opera
-CVE-2010-1727
+CVE-2010-1727 (SQL injection vulnerability in type.asp in JobPost 1.0 allows remote a ...)
 	NOT-FOR-US: JobPost
-CVE-2010-1726
+CVE-2010-1726 (SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows ...)
 	NOT-FOR-US: EC21
-CVE-2010-1725
+CVE-2010-1725 (SQL injection vulnerability in offers_buy.php in Alibaba Clone Platinu ...)
 	NOT-FOR-US: Alibaba Clone Platinum
-CVE-2010-1724
+CVE-2010-1724 (Multiple cross-site scripting (XSS) vulnerabilities in Zikula Applicat ...)
 	NOT-FOR-US: Zikula Application Framework
-CVE-2010-1723
+CVE-2010-1723 (Directory traversal vulnerability in the iNetLanka Contact Us Draw Roo ...)
 	NOT-FOR-US: com_drawroot component for joomla!
-CVE-2010-1722
+CVE-2010-1722 (Directory traversal vulnerability in the Online Market (com_market) co ...)
 	NOT-FOR-US: com_market component for joomla!
-CVE-2010-1721
+CVE-2010-1721 (SQL injection vulnerability in the Intellectual Property (aka IPropert ...)
 	NOT-FOR-US: com_iproperty component for joomla!
-CVE-2010-1720
+CVE-2010-1720 (SQL injection vulnerability in the Q-Personel (com_qpersonel) componen ...)
 	NOT-FOR-US: com_qpersonel component for joomla!
-CVE-2010-1719
+CVE-2010-1719 (Directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagl ...)
 	NOT-FOR-US: com_mtfireeagle component for joomla!
-CVE-2010-1718
+CVE-2010-1718 (Directory traversal vulnerability in archeryscores.php in the Archery  ...)
 	NOT-FOR-US: com_archeryscores component for joomla!
-CVE-2010-1717
+CVE-2010-1717 (Directory traversal vulnerability in the iF surfALERT (com_if_surfaler ...)
 	NOT-FOR-US: com_if_surfalert component for joomla!
-CVE-2010-1716
+CVE-2010-1716 (SQL injection vulnerability in the Agenda Address Book (com_agenda) co ...)
 	NOT-FOR-US: com_agenda component for joomla!
-CVE-2010-1715
+CVE-2010-1715 (Directory traversal vulnerability in the Online Examination (aka Onlin ...)
 	NOT-FOR-US: com_onlineexam component for joomla!
-CVE-2010-1714
+CVE-2010-1714 (Directory traversal vulnerability in the Arcade Games (com_arcadegames ...)
 	NOT-FOR-US: com_arcadegames component for joomla!
-CVE-2010-1713
+CVE-2010-1713 (SQL injection vulnerability in modules.php in PostNuke 0.764 allows re ...)
 	NOT-FOR-US: PostNuke
-CVE-2010-1712
+CVE-2010-1712 (Multiple cross-site scripting (XSS) vulnerabilities in base/Comments.p ...)
 	NOT-FOR-US: Webmobo WB News
-CVE-2010-1711
+CVE-2010-1711 (Cross-site scripting (XSS) vulnerability in carga_foto_al.php in Siest ...)
 	NOT-FOR-US: Siestta
-CVE-2010-1710
+CVE-2010-1710 (Directory traversal vulnerability in login.php in Siestta 2.0, when re ...)
 	NOT-FOR-US: Siestta
-CVE-2010-1709
+CVE-2010-1709 (Multiple cross-site scripting (XSS) vulnerabilities in upload.cgi in G ...)
 	NOT-FOR-US: G5-Scripts
-CVE-2010-1708
+CVE-2010-1708 (Multiple SQL injection vulnerabilities in agentadmin.php in Free Realt ...)
 	NOT-FOR-US: Free Realty
-CVE-2010-1707
+CVE-2010-1707 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
 	- piwigo 2.0.10-1
-CVE-2010-1706
+CVE-2010-1706 (Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction ...)
 	NOT-FOR-US: 2daybiz Auction Script
-CVE-2010-1705
+CVE-2010-1705 (SQL injection vulnerability in casting_view.php in Modelbook allows re ...)
 	NOT-FOR-US: Modelbook
-CVE-2010-1704
+CVE-2010-1704 (Multiple SQL injection vulnerabilities in 2daybiz Polls (aka Advanced  ...)
 	NOT-FOR-US: 2daybiz Polls Script
-CVE-2010-1703
+CVE-2010-1703 (Multiple cross-site scripting (XSS) vulnerabilities in index_search.ph ...)
 	NOT-FOR-US: 2daybiz Polls Script
-CVE-2010-1702
+CVE-2010-1702 (SQL injection vulnerability in submitticket.php in WHMCompleteSolution ...)
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2010-1701
+CVE-2010-1701 (SQL injection vulnerability in browse.html in PHP Video Battle Script  ...)
 	NOT-FOR-US: PHP Video Battle Script
 CVE-2010-1700
 	REJECTED
@@ -9242,7 +9242,7 @@ CVE-2010-1695
 	REJECTED
 CVE-2010-1694
 	REJECTED
-CVE-2010-1693
+CVE-2010-1693 (openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows loc ...)
 	NOT-FOR-US: OpenFabrics Enterprise Distribution (OFED)
 	NOTE: openibd is part of ofa-kernel (ofa_1_5_kernel-20101028-0200/ofed_scripts/openibd), fixed in 2010-10-28 build
 	NOTE: http://www.openfabrics.org/downloads/ofa_1_5_kernel/
@@ -9251,17 +9251,17 @@ CVE-2010-1692
 	REJECTED
 CVE-2010-1691
 	REJECTED
-CVE-2010-1690
+CVE-2010-1690 (The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsof ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1689
+CVE-2010-1689 (The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsof ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1688
+CVE-2010-1688 (Stack-based buffer overflow in 2BrightSparks SyncBack Freeware 3.2.20. ...)
 	NOT-FOR-US: 2BrightSparks SyncBack Freeware
-CVE-2010-1687
+CVE-2010-1687 (Stack-based buffer overflow in lpd.exe in Mocha W32 LPD 1.9 allows rem ...)
 	NOT-FOR-US: Mocha W32 LPD
-CVE-2010-1686
+CVE-2010-1686 (Stack-based buffer overflow in (1) Urgent Backup 3.20, and (2) ABC Bac ...)
 	NOT-FOR-US: Urgent Backup
-CVE-2010-1685
+CVE-2010-1685 (Stack-based buffer overflow in CursorArts ZipWrangler 1.20 allows user ...)
 	NOT-FOR-US: CursorArts ZipWrangler
 CVE-2010-1684
 	RESERVED
@@ -9269,27 +9269,27 @@ CVE-2010-1683
 	RESERVED
 CVE-2010-1682
 	RESERVED
-CVE-2010-1681
+CVE-2010-1681 (Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office ...)
 	NOT-FOR-US: Microsoft Office Visio
 CVE-2010-1680
 	REJECTED
-CVE-2010-1679
+CVE-2010-1679 (Directory traversal vulnerability in dpkg-source in dpkg before 1.14.3 ...)
 	{DSA-2142-1}
 	- dpkg 1.15.8.8
 CVE-2010-1678
 	RESERVED
 	- mapserver 5.6.5-2
 	NOTE: http://trac.osgeo.org/mapserver/ticket/3641
-CVE-2010-1677
+CVE-2010-1677 (MHonArc 2.6.16 allows remote attackers to cause a denial of service (C ...)
 	- mhonarc 2.6.18-1 (low)
 	[squeeze] - mhonarc <no-dsa> (Minor issue)
-CVE-2010-1676
+CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0 ...)
 	{DSA-2136-1}
 	- tor 0.2.1.26-6
-CVE-2010-1675
+CVE-2010-1675 (bgpd in Quagga before 0.99.18 allows remote attackers to cause a denia ...)
 	{DSA-2197-1}
 	- quagga 0.99.18-1
-CVE-2010-1674
+CVE-2010-1674 (The extended-community parser in bgpd in Quagga before 0.99.18 allows  ...)
 	{DSA-2197-1}
 	- quagga 0.99.18-1
 CVE-2010-1673 [ikiwiki xss due to insufficient html scrubbing]
@@ -9299,109 +9299,109 @@ CVE-2010-1673 [ikiwiki xss due to insufficient html scrubbing]
 	[lenny] - ikiwiki <not-affected>
 CVE-2010-1672
 	RESERVED
-CVE-2010-1671
+CVE-2010-1671 (hsolinkcontrol in hsolink 1.0.118 allows local users to gain privilege ...)
 	- hsolink <removed> (bug #590670)
-CVE-2010-1670
+CVE-2010-1670 (Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 has i ...)
 	{DSA-2067-1}
 	- mahara 1.2.5-1
-CVE-2010-1669
+CVE-2010-1669 (SQL injection vulnerability in Mahara 1.1.x before 1.1.9 and 1.2.x bef ...)
 	- mahara 1.2.5-1
 	[lenny] - mahara <not-affected>
-CVE-2010-1668
+CVE-2010-1668 (Multiple cross-site request forgery (CSRF) vulnerabilities in Mahara b ...)
 	{DSA-2067-1}
 	- mahara 1.2.5-1
-CVE-2010-1667
+CVE-2010-1667 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1 ...)
 	{DSA-2067-1}
 	- mahara 1.2.5-1
-CVE-2010-1666
+CVE-2010-1666 (Buffer overflow in Dan Pascu python-cjson 1.0.5, when UCS-4 encoding i ...)
 	{DSA-2068-1}
 	- python-cjson 1.0.5-3 (bug #587700)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/python-cjson/+bug/585274
-CVE-2010-1665
+CVE-2010-1665 (Google Chrome before 4.1.249.1064 does not properly handle fonts, whic ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.2.1-3
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/58201
-CVE-2010-1664
+CVE-2010-1664 (Google Chrome before 4.1.249.1064 does not properly handle HTML5 media ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/57922
-CVE-2010-1663
+CVE-2010-1663 (The Google URL Parsing Library (aka google-url or GURL) in Google Chro ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (issue is in google url; i.e. chromium-specific)
-CVE-2010-1662
+CVE-2010-1662 (Cross-site scripting (XSS) vulnerability in acpmoderate.php in PHP-Qui ...)
 	NOT-FOR-US: PHP-Quick-Arcade
-CVE-2010-1661
+CVE-2010-1661 (Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) 3.0 ...)
 	NOT-FOR-US: PHP-Quick-Arcade
-CVE-2010-1660
+CVE-2010-1660 (SQL injection vulnerability in help-details.php in CLScript Classified ...)
 	NOT-FOR-US: CLScript Classifieds Script
-CVE-2010-1659
+CVE-2010-1659 (Directory traversal vulnerability in the Ultimate Portfolio (com_ultim ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1658
+CVE-2010-1658 (Directory traversal vulnerability in the Code-Garage NoticeBoard (com_ ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1657
+CVE-2010-1657 (Directory traversal vulnerability in the SmartSite (com_smartsite) com ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1656
+CVE-2010-1656 (SQL injection vulnerability in the Airiny ABC (com_abc) component 1.1. ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1655
+CVE-2010-1655 (Cross-site scripting (XSS) vulnerability in User/User_ChkLogin.asp in  ...)
 	NOT-FOR-US: PowerEasy
-CVE-2010-1654
+CVE-2010-1654 (Multiple SQL injection vulnerabilities in system_member_login.php in I ...)
 	NOT-FOR-US: Infocus Real Estate Enterprise Edition
-CVE-2010-1653
+CVE-2010-1653 (Directory traversal vulnerability in graphics.php in the Graphics (com ...)
 	NOT-FOR-US: Graphics component for Joomla!
-CVE-2010-1652
+CVE-2010-1652 (Directory traversal vulnerability in the HelpCenter module in Help Cen ...)
 	NOT-FOR-US: Help Center Live
-CVE-2010-1651
+CVE-2010-1651 (IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-1650
+CVE-2010-1650 (IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x be ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-1649
+CVE-2010-1649 (Multiple cross-site scripting (XSS) vulnerabilities in the back end in ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1648
+CVE-2010-1648 (Cross-site request forgery (CSRF) vulnerability in the login interface ...)
 	- mediawiki 1:1.15.4-1 (bug #585918; low)
 	[lenny] - mediawiki 1:1.12.0-2lenny6
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
-CVE-2010-1647
+CVE-2010-1647 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.15 before 1.15 ...)
 	- mediawiki 1:1.15.4-1 (bug #585918; low)
 	[lenny] - mediawiki 1:1.12.0-2lenny6
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
-CVE-2010-1646
+CVE-2010-1646 (The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1. ...)
 	{DSA-2062-1}
 	- sudo 1.7.2p7-1 (bug #585394)
-CVE-2010-1645
+CVE-2010-1645 (Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HP ...)
 	{DSA-2384-1}
 	- cacti 0.8.7g-1
-CVE-2010-1644
+CVE-2010-1644 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0. ...)
 	{DSA-2384-1}
 	- cacti 0.8.7g-1
-CVE-2010-1643
+CVE-2010-1643 (mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcomm ...)
 	- linux-2.6 2.6.28-1
 	[lenny] - linux-2.6 2.6.26-23
-CVE-2010-1642
+CVE-2010-1642 (The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Sa ...)
 	- samba 2:3.5.4~dfsg-2 (unimportant)
 	NOTE: Only crashes a single connection, not the entire smbd
-CVE-2010-1641
+CVE-2010-1641 (The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel b ...)
 	- linux-2.6 2.6.32-16
 	[lenny] - linux-2.6 2.6.26-23
-CVE-2010-1640
+CVE-2010-1640 (Off-by-one error in the parseicon function in libclamav/pe_icons.c in  ...)
 	- clamav 0.96.1+dfsg-1 (bug #584183)
 	[lenny] - clamav <end-of-life>
-CVE-2010-1639
+CVE-2010-1639 (The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows ...)
 	- clamav 0.96.1+dfsg-1 (bug #584183)
 	[lenny] - clamav <end-of-life>
-CVE-2010-1638
+CVE-2010-1638 (The IMP plugin in Horde allows remote attackers to bypass firewall res ...)
 	- horde3 <unfixed> (unimportant)
-CVE-2010-1637
+CVE-2010-1637 (The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote ...)
 	- squirrelmail 2:1.4.21-1 (unimportant)
-CVE-2010-1636
+CVE-2010-1636 (The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functi ...)
 	- linux-2.6 2.6.32-14
 	[lenny] - linux-2.6 <not-affected> (brtfs introduced in 2.6.32)
-CVE-2010-1635
+CVE-2010-1635 (The chain_reply function in process.c in smbd in Samba before 3.4.8 an ...)
 	- samba 2:3.6.1-2 (unimportant)
 	NOTE: http://git.samba.org/?p=samba.git;a=commitdiff;h=25452a2268ac7013da28125f3df22085139af12d
 	NOTE: Only crashes a single connection, not the entire smbd
-CVE-2010-1634
+CVE-2010-1634 (Multiple integer overflows in audioop.c in the audioop module in Pytho ...)
 	- python3.1 3.1.2+20100822-1 (low)
 	- python2.7 2.7-1 (low)
 	- python2.6 2.6.6-1 (low)
@@ -9409,140 +9409,140 @@ CVE-2010-1634
 	[lenny] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 <removed> (low)
 	[lenny] - python2.4 <no-dsa> (Minor issue)
-CVE-2010-1633
+CVE-2010-1633 (RSA verification recovery in the EVP_PKEY_verify_recover function in O ...)
 	- openssl <not-affected> (This bug is only present in OpenSSL 1.0.0, first version of 1.0.0 ever uploaded was 1.0.0c)
-CVE-2010-1632
+CVE-2010-1632 (Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server ...)
 	- axis2c 1.6.0-1
 CVE-2010-1631
 	REJECTED
-CVE-2010-1630
+CVE-2010-1630 (Unspecified vulnerability in posting.php in phpBB before 3.0.5 has unk ...)
 	- phpbb3 3.0.7-PL1-1 (low)
 	[lenny] - phpbb3 <no-dsa> (Minor issue)
-CVE-2010-1629
+CVE-2010-1629 (Cross-site scripting (XSS) vulnerability in Phorum before 5.2.15 allow ...)
 	NOT-FOR-US: Phorum
-CVE-2010-1628
+CVE-2010-1628 (Ghostscript 8.64, 8.70, and possibly other versions allows context-dep ...)
 	{DSA-2093-1}
 	- ghostscript 8.71~dfsg2-4 (medium; bug #584516)
 	NOTE: no upstream fix available, see issue #1 in ubuntu bug report:
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/ghostscript/+bug/546009
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=691295
-CVE-2010-1627
+CVE-2010-1627 (feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permi ...)
 	- phpbb3 3.0.7-PL1-1 (low)
 	[lenny] - phpbb3 <no-dsa> (Minor issue)
-CVE-2010-1626
+CVE-2010-1626 (MySQL before 5.1.46 allows local users to delete the data and index fi ...)
 	{DSA-2057-1}
 	- mysql-5.1 5.1.46-1 (bug #582526)
 	- mysql-dfsg-5.0 <removed> (low; bug #584400)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=553648
-CVE-2010-1625
+CVE-2010-1625 (Cross-site scripting (XSS) vulnerability in LXR Cross Referencer befor ...)
 	{DSA-2092-1}
 	- lxr <removed> (low; bug #588138)
 	[lenny] - lxr <no-dsa> (Minor issue)
 	- lxr-cvs 0.9.5+cvs20071020-1.1 (low; bug #588137)
-CVE-2010-1624
+CVE-2010-1624 (The msn_emoticon_msg function in slp.c in the MSN protocol plugin in l ...)
 	- pidgin 2.7.0-1 (low)
 	[lenny] - pidgin 2.4.3-4lenny6
 	NOTE: MSN support was disabled in 2.4.3-4lenny6
-CVE-2010-1623
+CVE-2010-1623 (Memory leak in the apr_brigade_split_line function in buckets/apr_brig ...)
 	{DSA-2117-1}
 	- apr-util 1.3.9+dfsg-4 (medium)
 	- apache2 2.2.16-3
 	[lenny] - apache2 <not-affected> (vulnerable code introduced in 2.2.15-2 or -3)
-CVE-2010-1622
+CVE-2010-1622 (SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2 ...)
 	- libspring-2.5-java 2.5.6.SEC02-1 (medium)
-CVE-2010-1621
+CVE-2010-1621 (The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1  ...)
 	- mysql-5.1 5.1.46-1
 	- mysql-dfsg-5.0 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=590190
-CVE-2010-1620
+CVE-2010-1620 (Integer overflow in the load_iface function in Tools/gdomap.c in gdoma ...)
 	- gnustep-base 1.19.3-2 (bug #584401)
 	[lenny] - gnustep-base <no-dsa> (Minor issue)
-CVE-2010-1612
+CVE-2010-1612 (The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Applianc ...)
 	NOT-FOR-US: IBM WebSphere DataPower XML Accelerator
-CVE-2010-1611
+CVE-2010-1611 (Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 allo ...)
 	NOT-FOR-US: AlegroCart
-CVE-2010-1610
+CVE-2010-1610 (Cross-site request forgery (CSRF) vulnerability in index.php in OpenCa ...)
 	NOT-FOR-US: OpenCart
-CVE-2010-1609
+CVE-2010-1609 (Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before  ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2010-1608
+CVE-2010-1608 (Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and pos ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2010-1607
+CVE-2010-1607 (Directory traversal vulnerability in wmi.php in the Webmoney Web Merch ...)
 	NOT-FOR-US: Webmoney Web Merchant Interface component for Joomla!
-CVE-2010-1606
+CVE-2010-1606 (Multiple cross-site scripting (XSS) vulnerabilities in NCT Jobs Portal ...)
 	NOT-FOR-US: NCT Jobs Portal Script
-CVE-2010-1605
+CVE-2010-1605 (Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs Port ...)
 	NOT-FOR-US: NCT Jobs Portal Script
-CVE-2010-1604
+CVE-2010-1604 (Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs  ...)
 	NOT-FOR-US: NCT Jobs Portal Script
-CVE-2010-1603
+CVE-2010-1603 (Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or co ...)
 	NOT-FOR-US: ZiMB Core component for Joomla!
-CVE-2010-1602
+CVE-2010-1602 (Directory traversal vulnerability in the ZiMB Comment (com_zimbcomment ...)
 	NOT-FOR-US: ZiMB Comment component for Joomla!
-CVE-2010-1601
+CVE-2010-1601 (Directory traversal vulnerability in the JA Comment (com_jacomment) co ...)
 	NOT-FOR-US: JA Comment component for Joomla!
-CVE-2010-1600
+CVE-2010-1600 (SQL injection vulnerability in the Media Mall Factory (com_mediamall)  ...)
 	NOT-FOR-US: Media Mall Factory component for Joomla!
-CVE-2010-1599
+CVE-2010-1599 (SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2. ...)
 	NOT-FOR-US: NKInFoWeb
-CVE-2010-1598
+CVE-2010-1598 (phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when Ima ...)
 	NOT-FOR-US: phpThumb()
-CVE-2010-1597
+CVE-2010-1597 (Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 allo ...)
 	NOT-FOR-US: ZipGenius
-CVE-2010-1619
+CVE-2010-1619 (Cross-site scripting (XSS) vulnerability in the fix_non_standard_entit ...)
 	{DSA-2115-1}
 	- moodle 1.9.8-1 (low; bug #585425)
 	- wordpress <not-affected> (Vulnerable code not present)
 	- egroupware <not-affected> (Vulneable code not present)
-CVE-2010-1618
+CVE-2010-1618 (Cross-site scripting (XSS) vulnerability in the phpCAS client library  ...)
 	{DSA-2115-1}
 	- libphp-cas <itp> (bug #495542)
 	- moodle 1.9.8-1 (low; bug #574757)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2010-1617
+CVE-2010-1617 (user/view.php in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 doe ...)
 	{DSA-2115-1}
 	- moodle 1.9.8-1 (unimportant; bug #585427)
 	NOTE: i have a hard time seeing the security impact, moodle is a course management
 	NOTE: system and the real names of your colleagues are probably not a secret, since
 	NOTE: a patch exists I filed a bug anyway
-CVE-2010-1616
+CVE-2010-1616 (Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when restorin ...)
 	{DSA-2115-1}
 	- moodle 1.9.8-1
-CVE-2010-1615
+CVE-2010-1615 (Multiple SQL injection vulnerabilities in Moodle 1.8.x before 1.8.12 a ...)
 	{DSA-2115-1}
 	- moodle 1.9.8-1
-CVE-2010-1614
+CVE-2010-1614 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.8.x be ...)
 	{DSA-2115-1}
 	- moodle 1.9.8-1
-CVE-2010-1613
+CVE-2010-1613 (Moodle 1.8.x and 1.9.x before 1.9.8 does not enable the "Regenerate se ...)
 	{DSA-2115-1}
 	- moodle 1.9.8-1
-CVE-2010-1596
+CVE-2010-1596 (Support Incident Tracker before 3.51, when using LDAP authentication w ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2010-1595
+CVE-2010-1595 (Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS  ...)
 	- ocsinventory-server 1.02.1-1 (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2010-1594
+CVE-2010-1594 (Multiple cross-site scripting (XSS) vulnerabilities in ocsreports/inde ...)
 	- ocsinventory-server 1.02.1-1 (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2010-1593
+CVE-2010-1593 (Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe be ...)
 	- silverstripe <itp> (bug #528461)
-CVE-2010-1592
+CVE-2010-1592 (sandra.sys 15.18.1.1 and earlier in the Sandra Device Driver in SiSoft ...)
 	NOT-FOR-US: SiSoftware Sandra
-CVE-2010-1591
+CVE-2010-1591 (Beijing Rising International Rising Antivirus 2008 through 2010 does n ...)
 	NOT-FOR-US: Beijing Rising International Rising Antivirus
-CVE-2010-1590
+CVE-2010-1590 (Cross-site scripting (XSS) vulnerability in shopsessionsubs.asp in Roc ...)
 	NOT-FOR-US: Rocksalt International VP-ASP Shopping Cart
-CVE-2010-1589
+CVE-2010-1589 (Directory traversal vulnerability in shopsessionsubs.asp in Rocksalt I ...)
 	NOT-FOR-US: Rocksalt International VP-ASP Shopping Cart
-CVE-2010-1588
+CVE-2010-1588 (SQL injection vulnerability in the Getwebsess function in shopsessions ...)
 	NOT-FOR-US: Rocksalt International VP-ASP Shopping Cart
-CVE-2010-1587
+CVE-2010-1587 (The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4. ...)
 	NOT-FOR-US: Apache ActiveMQ
-CVE-2010-1586
+CVE-2010-1586 (Open redirect vulnerability in red2301.html in HP System Management Ho ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2010-1585
+CVE-2010-1585 (The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFrag ...)
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -9553,235 +9553,235 @@ CVE-2010-1585
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2010-1584
+CVE-2010-1584 (Cross-site scripting (XSS) vulnerability in the Context module before  ...)
 	NOT-FOR-US: Context module for drupal
-CVE-2010-1583
+CVE-2010-1583 (SQL injection vulnerability in the loadByKey function in the TznDbConn ...)
 	NOT-FOR-US: Tirzen Framework
 CVE-2010-1582
 	RESERVED
-CVE-2010-1581
+CVE-2010-1581 (Unspecified vulnerability in the Transport Layer Security (TLS) implem ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2010-1580
+CVE-2010-1580 (Unspecified vulnerability in the SunRPC inspection feature on Cisco Ad ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2010-1579
+CVE-2010-1579 (Unspecified vulnerability in the SunRPC inspection feature on Cisco Ad ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2010-1578
+CVE-2010-1578 (Unspecified vulnerability in the SunRPC inspection feature on Cisco Ad ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2010-1577
+CVE-2010-1577 (Directory traversal vulnerability in Cisco Internet Streamer, as used  ...)
 	NOT-FOR-US: Cisco
-CVE-2010-1576
+CVE-2010-1576 (The Cisco Content Services Switch (CSS) 11500 with software before 8.2 ...)
 	NOT-FOR-US: Cisco
-CVE-2010-1575
+CVE-2010-1575 (The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 ...)
 	NOT-FOR-US: Cisco
-CVE-2010-1574
+CVE-2010-1574 (IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000  ...)
 	NOT-FOR-US: Cisco
-CVE-2010-1573
+CVE-2010-1573 (Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded userna ...)
 	NOT-FOR-US: Linksys firmware
-CVE-2010-1572
+CVE-2010-1572 (Unspecified vulnerability in the tech support diagnostic shell in Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2010-1571
+CVE-2010-1571 (Directory traversal vulnerability in the bootstrap service in Cisco Un ...)
 	NOT-FOR-US: Cisco
-CVE-2010-1570
+CVE-2010-1570 (The computer telephony integration (CTI) server component in Cisco Uni ...)
 	NOT-FOR-US: Cisco
 CVE-2010-1569
 	RESERVED
-CVE-2010-1568
+CVE-2010-1568 (The Send Secure functionality in the Cisco IronPort Desktop Flag Plug- ...)
 	NOT-FOR-US: Cisco IronPort Desktop Flag Plug-in for Microsoft Outlook
-CVE-2010-1567
+CVE-2010-1567 (The SIP implementation on the Cisco PGW 2200 Softswitch with software  ...)
 	NOT-FOR-US: Cisco PGW
 CVE-2010-1566
 	RESERVED
-CVE-2010-1565
+CVE-2010-1565 (Unspecified vulnerability in the SIP implementation on the Cisco PGW 2 ...)
 	NOT-FOR-US: Cisco PGW
-CVE-2010-1563
+CVE-2010-1563 (The SIP implementation on the Cisco PGW 2200 Softswitch with software  ...)
 	NOT-FOR-US: Cisco PGW
-CVE-2010-1562
+CVE-2010-1562 (The SIP implementation on the Cisco PGW 2200 Softswitch with software  ...)
 	NOT-FOR-US: Cisco PGW
-CVE-2010-1561
+CVE-2010-1561 (The SIP implementation on the Cisco PGW 2200 Softswitch with software  ...)
 	NOT-FOR-US: Cisco PGW
-CVE-2010-1560
+CVE-2010-1560 (Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 allow ...)
 	NOT-FOR-US: IBM DB2
-CVE-2010-1559
+CVE-2010-1559 (SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) c ...)
 	NOT-FOR-US: com_sermonspeaker component for joomla!
 CVE-2010-2447 [gitolite "not filtering src/ or hooks/ from pathnames"]
 	RESERVED
 	- gitolite 1.4.2-1 (low)
 	NOTE: http://secunia.com/advisories/39587/
-CVE-2010-2448
+CVE-2010-2448 (znc.cpp in ZNC before 0.092 allows remote authenticated users to cause ...)
 	- gitolite 1.4.2-1 (medium)
 	NOTE: http://secunia.com/advisories/39587/
-CVE-2010-1558
+CVE-2010-1558 (Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital ...)
 	NOT-FOR-US: HP MFP Digital Sending Software
-CVE-2010-1557
+CVE-2010-1557 (Multiple cross-site scripting (XSS) vulnerabilities in HP Insight Cont ...)
 	NOT-FOR-US: HP Insight Control Server Migration
-CVE-2010-1556
+CVE-2010-1556 (Unspecified vulnerability in HP Systems Insight Manager (SIM) 5.3, 5.3 ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2010-1555
+CVE-2010-1555 (Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network N ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1554
+CVE-2010-1554 (Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network N ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1553
+CVE-2010-1553 (Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network N ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1552
+CVE-2010-1552 (Stack-based buffer overflow in the doLoad function in snmpviewer.exe i ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1551
+CVE-2010-1551 (Stack-based buffer overflow in the _OVParseLLA function in ov.dll in n ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1550
+CVE-2010-1550 (Format string vulnerability in ovet_demandpoll.exe in HP OpenView Netw ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2010-1549
+CVE-2010-1549 (Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 an ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2010-1548
+CVE-2010-1548 (The auto-complete functionality in the Chaos Tool Suite (aka CTools) m ...)
 	NOT-FOR-US: CTools module for Drupal
-CVE-2010-1547
+CVE-2010-1547 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Chao ...)
 	NOT-FOR-US: CTools module for Drupal
-CVE-2010-1546
+CVE-2010-1546 (Multiple eval injection vulnerabilities in the import functionality in ...)
 	NOT-FOR-US: CTools module for Drupal
 CVE-2010-1545
 	RESERVED
-CVE-2010-1544
+CVE-2010-1544 (micro_httpd on the RCA DCM425 cable modem allows remote attackers to c ...)
 	NOT-FOR-US: RCA DCM425 Cable Modem
-CVE-2010-1543
+CVE-2010-1543 (Cross-site scripting (XSS) vulnerability in the eTracker module before ...)
 	NOT-FOR-US: eTracker module for drupal
-CVE-2010-1542
+CVE-2010-1542 (Multiple cross-site request forgery (CSRF) vulnerabilities in admin/co ...)
 	NOT-FOR-US: DFD Cart
-CVE-2010-1541
+CVE-2010-1541 (Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, ...)
 	NOT-FOR-US: DFD Cart
-CVE-2010-1540
+CVE-2010-1540 (Directory traversal vulnerability in index.php in the MyBlog (com_mybl ...)
 	NOT-FOR-US: com_myblog component for joomla!
-CVE-2010-1539
+CVE-2010-1539 (Cross-site scripting (XSS) vulnerability in the Workflow module 5.x-2. ...)
 	NOT-FOR-US: workflow module for drupal
-CVE-2010-1538
+CVE-2010-1538 (SQL injection vulnerability in print_raincheck.php in phpRAINCHECK 1.0 ...)
 	NOT-FOR-US: phpRAINCHECK
-CVE-2010-1537
+CVE-2010-1537 (Multiple directory traversal vulnerabilities in phpCDB 1.0 and earlier ...)
 	NOT-FOR-US: phpCDB
-CVE-2010-1536
+CVE-2010-1536 (Cross-site scripting (XSS) vulnerability in the AddThis Button module  ...)
 	NOT-FOR-US: AddThis Button module for drupal
-CVE-2010-1535
+CVE-2010-1535 (Directory traversal vulnerability in the TRAVELbook (com_travelbook) c ...)
 	NOT-FOR-US: com_travelbook component for joomla!
-CVE-2010-1534
+CVE-2010-1534 (Directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) c ...)
 	NOT-FOR-US: com_shoutbox component for joomla!
-CVE-2010-1533
+CVE-2010-1533 (Directory traversal vulnerability in the TweetLA (com_tweetla) compone ...)
 	NOT-FOR-US: com_tweetla component for joomla!
-CVE-2010-1532
+CVE-2010-1532 (Directory traversal vulnerability in the givesight PowerMail Pro (com_ ...)
 	NOT-FOR-US: com_powermail component for joomla!
-CVE-2010-1531
+CVE-2010-1531 (Directory traversal vulnerability in the redSHOP (com_redshop) compone ...)
 	NOT-FOR-US: com_redshop component for joomla!
-CVE-2010-1530
+CVE-2010-1530 (Multiple cross-site scripting (XSS) vulnerabilities in the Internation ...)
 	NOT-FOR-US: Internationalization module for drupal
-CVE-2010-1529
+CVE-2010-1529 (SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) compo ...)
 	NOT-FOR-US: com_fsf component for joomla!
-CVE-2010-1528
+CVE-2010-1528 (PHP remote file inclusion vulnerability in include/template.php in Uig ...)
 	NOT-FOR-US: Uiga Proxy
-CVE-2010-1527
+CVE-2010-1527 (Stack-based buffer overflow in Novell iPrint Client before 5.44 allows ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2010-1526
+CVE-2010-1526 (Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow ...)
 	- libgdiplus 2.6.7-2 (low; bug #594155)
 	[lenny] - libgdiplus 1.9-1+lenny1
-CVE-2010-1525
+CVE-2010-1525 (Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in A ...)
 	NOT-FOR-US: SpreadSheet Lotus 123 reader
-CVE-2010-1524
+CVE-2010-1524 (The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4  ...)
 	NOT-FOR-US: SpreadSheet Lotus 123 reader
-CVE-2010-1523
+CVE-2010-1523 (Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in ...)
 	NOT-FOR-US: Winamp
-CVE-2010-1522
+CVE-2010-1522 (Multiple SQL injection vulnerabilities in the BookLibrary Basic (com_b ...)
 	NOT-FOR-US: com_booklibrary component for joomla!
-CVE-2010-1521
+CVE-2010-1521 (SQL injection vulnerability in include/classes/tzn_user.php in TaskFre ...)
 	NOT-FOR-US: TaskFreak! Original multi user
-CVE-2010-1520
+CVE-2010-1520 (Cross-site scripting (XSS) vulnerability in logout.php in TaskFreak! O ...)
 	NOT-FOR-US: TaskFreak! Original multi user
-CVE-2010-1519
+CVE-2010-1519 (Multiple integer overflows in glpng.c in glpng 1.45 allow context-depe ...)
 	- libglpng <removed> (low; bug #595171)
 	[lenny] - libglpng <no-dsa> (Minor issue)
-CVE-2010-1518
+CVE-2010-1518 (Array index error in the SetDLInfo method in the GIGABYTE Dldrv2 Activ ...)
 	NOT-FOR-US: GIGABYTE Dldrv2 ActiveX control
-CVE-2010-1517
+CVE-2010-1517 (The GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers ...)
 	NOT-FOR-US: GIGABYTE Dldrv2 ActiveX control
-CVE-2010-1516
+CVE-2010-1516 (Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to ...)
 	NOT-FOR-US: SWFtools (were once packaged)
-CVE-2010-1515
+CVE-2010-1515 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in To ...)
 	NOT-FOR-US: TomatoCMS
-CVE-2010-1514
+CVE-2010-1514 (Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and earlier  ...)
 	NOT-FOR-US: TomatoCMS
-CVE-2010-1513
+CVE-2010-1513 (Multiple integer overflows in src/image.c in Ziproxy before 3.0.1 allo ...)
 	- ziproxy 3.1.0-1 (bug #584933)
 	[lenny] - ziproxy <no-dsa> (Minor issue, obscure attack vector)
-CVE-2010-1512
+CVE-2010-1512 (Directory traversal vulnerability in aria2 before 1.9.3 allows remote  ...)
 	{DSA-2047-1}
 	- aria2 1.9.3-1
 	NOTE: http://seclists.org/fulldisclosure/2010/May/168
-CVE-2010-1511
+CVE-2010-1511 (KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request dow ...)
 	- kdenetwork 4:4.4.4-1 (low)
 	[lenny] - kdenetwork <not-affected> (Metalink plugin not yet present)
 	NOTE: http://seclists.org/fulldisclosure/2010/May/164
-CVE-2010-1510
+CVE-2010-1510 (Heap-based buffer overflow in IrfanView before 4.27 allows remote atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2010-1509
+CVE-2010-1509 (IrfanView before 4.27 does not properly handle an unspecified integer  ...)
 	NOT-FOR-US: IrfanView
-CVE-2010-1508
+CVE-2010-1508 (Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-1507
+CVE-2010-1507 (WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the We ...)
 	NOT-FOR-US: YAST
-CVE-2010-1506
+CVE-2010-1506 (The Google V8 bindings in Google Chrome before 4.1.249.1059 allow atta ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (doesn't use v8 bindings yet)
 	NOTE: http://trac.webkit.org/changeset/45826
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37210
 	NOTE: http://trac.webkit.org/changeset/57224
-CVE-2010-1505
+CVE-2010-1505 (Google Chrome before 4.1.249.1059 does not prevent pages from loading  ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chromium-specific issue)
-CVE-2010-1504
+CVE-2010-1504 (Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.2 ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chromium-specific issue)
-CVE-2010-1503
+CVE-2010-1503 (Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.2 ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chromium-specific issue)
-CVE-2010-1502
+CVE-2010-1502 (Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows  ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chromium-specific directory traversal)
 CVE-2010-1501
 	REJECTED
-CVE-2010-1500
+CVE-2010-1500 (Google Chrome before 4.1.249.1059 does not properly support forms, whi ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (proof-of-concept not effective; chromium-specific issue)
-CVE-2010-1499
+CVE-2010-1499 (SQL injection vulnerability in genre_artists.php in MusicBox 3.3 allow ...)
 	NOT-FOR-US: MusicBox
-CVE-2010-1498
+CVE-2010-1498 (Multiple SQL injection vulnerabilities in dl_stats before 2.0 allow re ...)
 	NOT-FOR-US: dl_stats
-CVE-2010-1497
+CVE-2010-1497 (Cross-site scripting (XSS) vulnerability in download_proc.php in dl_st ...)
 	NOT-FOR-US: dl_stats
-CVE-2010-1496
+CVE-2010-1496 (SQL injection vulnerability in the JoltCard (com_joltcard) component 1 ...)
 	NOT-FOR-US: com_joltcard component for joomla!
-CVE-2010-1495
+CVE-2010-1495 (Directory traversal vulnerability in the Matamko (com_matamko) compone ...)
 	NOT-FOR-US: com_matamko component for joomla!
-CVE-2010-1494
+CVE-2010-1494 (Directory traversal vulnerability in the AWDwall (com_awdwall) compone ...)
 	NOT-FOR-US: com_awdwall component for joomla!
-CVE-2010-1493
+CVE-2010-1493 (SQL injection vulnerability in the AWDwall (com_awdwall) component bef ...)
 	NOT-FOR-US: com_awdwall component for joomla!
-CVE-2010-1492
+CVE-2010-1492 (Directory traversal vulnerability in help/frameRight.php in Elastix 1. ...)
 	NOT-FOR-US: Elastix
-CVE-2010-1491
+CVE-2010-1491 (Directory traversal vulnerability in the MMS Blog (com_mmsblog) compon ...)
 	NOT-FOR-US: com_mmsblog component for joomla!
-CVE-2010-1490
+CVE-2010-1490 (Unspecified vulnerability in IBM Cognos 8 Business Intelligence before ...)
 	NOT-FOR-US: IBM Cognos
 CVE-2010-XXXX [prosody password world-readable]
 	- prosody 0.7.0-1 (low; bug #579087)
 CVE-2010-XXXX [gnome-orca: shell access without logon]
 	- gnome-orca 2.30.0-2 (bug #578928)
 	[lenny] - gnome-orca <not-affected> (Doesn't affect Lenny's version)
-CVE-2010-1431
+CVE-2010-1431 (SQL injection vulnerability in templates_export.php in Cacti 0.8.7e an ...)
 	{DSA-2039-1}
 	- cacti 0.8.7e-3 (bug #578909)
 	NOTE: http://seclists.org/fulldisclosure/2010/Apr/272
 	NOTE: http://www.cacti.net/downloads/patches/0.8.7e/sql_injection_template_export.patch
-CVE-2010-1489
+CVE-2010-1489 (The XSS Filter in Microsoft Internet Explorer 8 does not properly perf ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-1488
+CVE-2010-1488 (The proc_oom_score function in fs/proc/base.c in the Linux kernel befo ...)
 	- linux-2.6 2.6.32-12
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.32)
-CVE-2010-1487
+CVE-2010-1487 (IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2010-1486
+CVE-2010-1486 (Multiple cross-site scripting (XSS) vulnerabilities in _invoice.asp in ...)
 	NOT-FOR-US: CactuShop
 CVE-2010-1485
 	RESERVED
@@ -9789,81 +9789,81 @@ CVE-2010-1484
 	RESERVED
 CVE-2010-1483
 	RESERVED
-CVE-2010-1482
+CVE-2010-1482 (Cross-site scripting (XSS) vulnerability in admin/editprefs.php in the ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2010-1481
+CVE-2010-1481 (Cross-site scripting (XSS) vulnerability in the table feature in PmWik ...)
 	NOT-FOR-US: PmWiki
-CVE-2010-1480
+CVE-2010-1480 (SQL injection vulnerability in the RokModule (com_rokmodule) component ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1479
+CVE-2010-1479 (SQL injection vulnerability in the RokModule (com_rokmodule) component ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1478
+CVE-2010-1478 (Directory traversal vulnerability in the Ternaria Informatica Jfeedbac ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1477
+CVE-2010-1477 (SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) c ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1476
+CVE-2010-1476 (Directory traversal vulnerability in the AlphaUserPoints (com_alphause ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1475
+CVE-2010-1475 (Directory traversal vulnerability in the Preventive &amp; Reservation  ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1474
+CVE-2010-1474 (Directory traversal vulnerability in the Sweety Keeper (com_sweetykeep ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1473
+CVE-2010-1473 (Directory traversal vulnerability in the Advertising (com_advertising) ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1472
+CVE-2010-1472 (Directory traversal vulnerability in the Daily Horoscope (com_horoscop ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1471
+CVE-2010-1471 (Directory traversal vulnerability in the AddressBook (com_addressbook) ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1470
+CVE-2010-1470 (Directory traversal vulnerability in the Web TV (com_webtv) component  ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1469
+CVE-2010-1469 (Directory traversal vulnerability in the Ternaria Informatica JProject ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1468
+CVE-2010-1468 (SQL injection vulnerability in the Multi-Venue Restaurant Menu Manager ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-1467
+CVE-2010-1467 (Multiple PHP remote file inclusion vulnerabilities in openUrgence Vacc ...)
 	NOT-FOR-US: openUrgence
-CVE-2010-1466
+CVE-2010-1466 (Directory traversal vulnerability in scr/soustab.php in openUrgence Va ...)
 	NOT-FOR-US: openUrgence
-CVE-2010-1465
+CVE-2010-1465 (Stack-based buffer overflow in Trellian FTP client 3.01, including 3.1 ...)
 	NOT-FOR-US: Trellian FTP
-CVE-2010-1464
+CVE-2010-1464 (Multiple cross-site scripting (XSS) vulnerabilities in WebAsyst Shop-S ...)
 	NOT-FOR-US: WebAsyst Shop-Script FREE
-CVE-2010-1463
+CVE-2010-1463 (Multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE al ...)
 	NOT-FOR-US: WebAsyst Shop-Script FREE
-CVE-2010-1462
+CVE-2010-1462 (Directory traversal vulnerability in WebAsyst Shop-Script FREE has unk ...)
 	NOT-FOR-US: WebAsyst Shop-Script FREE
-CVE-2010-1461
+CVE-2010-1461 (Directory traversal vulnerability in the Photo Battle (com_photobattle ...)
 	NOT-FOR-US: Photo Battle Component for Joomla!
-CVE-2010-1460
+CVE-2010-1460 (The IBM BladeCenter with Advanced Management Module (AMM) firmware bef ...)
 	NOT-FOR-US: IBM BladeCenter Management Module
-CVE-2010-1459
+CVE-2010-1459 (The default configuration of ASP.NET in Mono before 2.6.4 has a value  ...)
 	- mono 2.4.4~svn151842-3 (bug #585440)
-CVE-2010-1458
+CVE-2010-1458 (Stack-based buffer overflow in Create and Extract Zips TweakFS Zip Uti ...)
 	NOT-FOR-US: TweakFS
-CVE-2010-1167
+CVE-2010-1167 (fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not p ...)
 	- fetchmail 6.3.16-2 (low)
 	[lenny] - fetchmail <no-dsa> (only vulnerable when run under debug verbosity level)
 	NOTE: http://www.fetchmail.info/fetchmail-SA-2010-02.txt
 	NOTE: http://gitorious.org/fetchmail/fetchmail/commit/ec06293
-CVE-2010-1457
+CVE-2010-1457 (Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local us ...)
 	- gnustep-base 1.19.3-2 (bug #584402)
 	[lenny] - gnustep-base <not-affected> (Not installed setuid root)
 	NOTE: http://thread.gmane.org/gmane.comp.lib.gnustep.bugs/12336
 CVE-2010-1456
 	REJECTED
-CVE-2010-1455
+CVE-2010-1455 (The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 throu ...)
 	- wireshark 1.2.8-1 (unimportant)
 	NOTE: Not triggerable remotely
-CVE-2010-1454
+CVE-2010-1454 (com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMwa ...)
 	NOT-FOR-US: VMware
-CVE-2010-1453
+CVE-2010-1453 (Cross-site scripting (XSS) vulnerability in the Login form in Piwik 0. ...)
 	- piwik <itp> (bug #506933)
-CVE-2010-1452
+CVE-2010-1452 (The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2. ...)
 	- apache2 2.2.16-1 (low)
 	[lenny] - apache2 2.2.9-10+lenny10
-CVE-2010-1451
+CVE-2010-1451 (The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Li ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-10
-CVE-2010-1450
+CVE-2010-1450 (Multiple buffer overflows in the RLE decoder in the rgbimg module in P ...)
 	- python3.1 <not-affected> (rgbimgmodule no longer included in source)
 	- python2.7 <not-affected> (rgbimgmodule no longer included in source)
 	- python2.6 <not-affected> (rgbimgmodule no longer included in source)
@@ -9871,7 +9871,7 @@ CVE-2010-1450
 	[lenny] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 <removed> (low)
 	[lenny] - python2.4 <no-dsa> (Minor issue)
-CVE-2010-1449
+CVE-2010-1449 (Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5  ...)
 	- python3.1 <not-affected> (rgbimgmodule no longer included in source)
 	- python2.7 <not-affected> (rgbimgmodule no longer included in source)
 	- python2.6 <not-affected> (rgbimgmodule no longer included in source)
@@ -9879,52 +9879,52 @@ CVE-2010-1449
 	[lenny] - python2.5 <no-dsa> (Minor issue)
 	- python2.4 <removed> (low)
 	[lenny] - python2.4 <no-dsa> (Minor issue)
-CVE-2010-1448
+CVE-2010-1448 (Cross-site scripting (XSS) vulnerability in lib/LXR/Common.pm in LXR C ...)
 	{DSA-2092-1}
 	- lxr <removed> (low; bug #585411)
 	[lenny] - lxr <no-dsa> (Minor issue)
 	- lxr-cvs 0.9.5+cvs20071020-1.1 (low; bug #588036)
 	NOTE: seems to be a dupe of CVE-2010-1738
-CVE-2010-1447
+CVE-2010-1447 (The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for  ...)
 	{DSA-2267-1 DSA-2051-1}
 	- postgresql-8.4 8.4.4-1
 	- postgresql-8.3 <removed>
 	- perl 5.12.3-1
 	NOTE: Originally attributed to Postgres, but also affects standard Perl
-CVE-2010-1446
+CVE-2010-1446 (arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-12 (unimportant)
 	NOTE: KGDB is not currently enabled in debian builds
-CVE-2010-1445
+CVE-2010-1445 (Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 a ...)
 	- vlc 1.0.6-1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1444
+CVE-2010-1444 (The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 ...)
 	- vlc 1.0.6-1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1443
+CVE-2010-1443 (The parse_track_node function in modules/demux/playlist/xspf.c in the  ...)
 	- vlc 1.0.6-1 (unimportant)
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1442
+CVE-2010-1442 (VideoLAN VLC media player before 1.0.6 allows remote attackers to caus ...)
 	- vlc 1.0.6-1
 	[lenny] - vlc 0.8.6.h-4+lenny3
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1441
+CVE-2010-1441 (Multiple heap-based buffer overflows in VideoLAN VLC media player befo ...)
 	- vlc 1.0.6-1
 	[lenny] - vlc 0.8.6.h-4+lenny3
 	NOTE: http://www.videolan.org/security/sa1003.html
-CVE-2010-1440
+CVE-2010-1440 (Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live  ...)
 	- texlive-bin 2009-6 (low; bug #580668)
 	[lenny] - texlive-bin 2007.dfsg.2-4+lenny3
-CVE-2010-1439
+CVE-2010-1439 (yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools)  ...)
 	NOT-FOR-US: Red Hat Network Client Tools
-CVE-2010-1438
+CVE-2010-1438 (Web Application Finger Printer (WAFP) 0.01-26c3 uses fixed pathnames u ...)
 	- wafp <itp> (bug #562949)
-CVE-2010-1437
+CVE-2010-1437 (Race condition in the find_keyring_by_name function in security/keys/k ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-13
-CVE-2010-1436
+CVE-2010-1436 (gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not ...)
 	- linux-2.6 2.6.32-25
 	[lenny] - linux-2.6 2.6.26-23
 CVE-2010-1435
@@ -9937,39 +9937,39 @@ CVE-2010-1432
 	RESERVED
 CVE-2010-1430
 	REJECTED
-CVE-2010-1429
+CVE-2010-1429 (Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-1428
+CVE-2010-1428 (The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterpri ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-1427
+CVE-2010-1427 (Cross-site scripting (XSS) vulnerability in the SearchHighlight plugin ...)
 	NOT-FOR-US: MODx Evolution
-CVE-2010-1426
+CVE-2010-1426 (SQL injection vulnerability in MODx Evolution before 1.0.3 allows remo ...)
 	NOT-FOR-US: MODx Evolution
-CVE-2010-1425
+CVE-2010-1425 (F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft  ...)
 	NOT-FOR-US: F-Secure Internet Security
-CVE-2010-1424
+CVE-2010-1424 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Governm ...)
 	NOT-FOR-US: JustSystems Ichitaro and Ichitaro Government
-CVE-2010-1422
+CVE-2010-1422 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=26824
 	NOTE: http://trac.webkit.org/changeset/58829
-CVE-2010-1421
+CVE-2010-1421 (The execCommand JavaScript function in WebKit in Apple Safari before 5 ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=27751
 	NOTE: http://trac.webkit.org/changeset/58703
-CVE-2010-1420
+CVE-2010-1420 (Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2010-1419
+CVE-2010-1419 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37618
 	NOTE: http://trac.webkit.org/changeset/58616
-CVE-2010-1418
+CVE-2010-1418 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
@@ -9979,60 +9979,60 @@ CVE-2010-1418
 	NOTE: http://trac.webkit.org/changeset/58844
 	NOTE: http://trac.webkit.org/changeset/56651
 	NOTE: http://trac.webkit.org/changeset/57627
-CVE-2010-1417
+CVE-2010-1417 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple Saf ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38001
 	NOTE: http://trac.webkit.org/changeset/58201
 	NOTE: if this commit is correct, this is a dup of cve-2010-1665
-CVE-2010-1416
+CVE-2010-1416 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36838
 	NOTE: http://trac.webkit.org/changeset/56810
-CVE-2010-1415
+CVE-2010-1415 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36000
 	NOTE: http://trac.webkit.org/changeset/56420
-CVE-2010-1414
+CVE-2010-1414 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35818
 	NOTE: http://trac.webkit.org/changeset/55783
-CVE-2010-1413
+CVE-2010-1413 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- webkit <not-affected> (affected cf/iss code is not present)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37230
 	NOTE: http://trac.webkit.org/changeset/57232
-CVE-2010-1412
+CVE-2010-1412 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.70~r48679-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=29635
 	NOTE: http://trac.webkit.org/changeset/57759
 	NOTE: http://trac.webkit.org/changeset/57817
-CVE-2010-1411
+CVE-2010-1411 (Multiple integer overflows in the Fax3SetupState function in tif_fax3. ...)
 	{DSA-2084-1}
 	- tiff 3.9.4-1
 	- tiff3 <not-affected> (fixed prior to initial upload)
-CVE-2010-1410
+CVE-2010-1410 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35603
 	NOTE: http://trac.webkit.org/changeset/55511
-CVE-2010-1409
+CVE-2010-1409 (Incomplete blacklist vulnerability in WebKit in Apple Safari before 5. ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=34451
 	NOTE: http://trac.webkit.org/changeset/54193
-CVE-2010-1408
+CVE-2010-1408 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
@@ -10040,116 +10040,116 @@ CVE-2010-1408
 	NOTE: http://trac.webkit.org/changeset/56489
 	NOTE: http://trac.webkit.org/changeset/56492
 	NOTE: http://trac.webkit.org/changeset/56879
-CVE-2010-1407
+CVE-2010-1407 (WebKit in Apple iOS before 4 on the iPhone and iPod touch does not pro ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36435
 	NOTE: http://trac.webkit.org/changeset/56365
-CVE-2010-1406
+CVE-2010-1406 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=30841
 	NOTE: http://trac.webkit.org/changeset/50226
 	NOTE: http://trac.webkit.org/changeset/50240
-CVE-2010-1405
+CVE-2010-1405 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36198
 	NOTE: http://trac.webkit.org/changeset/56186
-CVE-2010-1404
+CVE-2010-1404 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35709
 	NOTE: http://trac.webkit.org/changeset/53446
-CVE-2010-1403
+CVE-2010-1403 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35708
 	NOTE: http://trac.webkit.org/changeset/53446
-CVE-2010-1402
+CVE-2010-1402 (Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac  ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35598
 	NOTE: http://trac.webkit.org/changeset/55182
-CVE-2010-1401
+CVE-2010-1401 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) imple ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35353
 	NOTE: http://trac.webkit.org/changeset/55196
-CVE-2010-1400
+CVE-2010-1400 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=34734
 	NOTE: http://trac.webkit.org/changeset/54521
-CVE-2010-1399
+CVE-2010-1399 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35599
 	NOTE: http://trac.webkit.org/changeset/46437
-CVE-2010-1398
+CVE-2010-1398 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Wi ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35305
 	NOTE: http://trac.webkit.org/changeset/55167
-CVE-2010-1397
+CVE-2010-1397 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=32842
 	NOTE: http://trac.webkit.org/changeset/52034
 	NOTE: http://trac.webkit.org/changeset/55114
-CVE-2010-1396
+CVE-2010-1396 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=35621
 	NOTE: http://trac.webkit.org/changeset/55462
 	NOTE: http://trac.webkit.org/changeset/55465
-CVE-2010-1395
+CVE-2010-1395 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=26868
 	NOTE: http://trac.webkit.org/changeset/46068
-CVE-2010-1394
+CVE-2010-1394 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: http://trac.webkit.org/changeset/55203
 	NOTE: http://trac.webkit.org/changeset/55212
-CVE-2010-1393
+CVE-2010-1393 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple Saf ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=33683
 	NOTE: http://trac.webkit.org/changeset/53607
-CVE-2010-1392
+CVE-2010-1392 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=34641
 	NOTE: http://trac.webkit.org/changeset/56297
-CVE-2010-1391
+CVE-2010-1391 (Multiple directory traversal vulnerabilities in the (a) Local Storage  ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36243
 	NOTE: http://trac.webkit.org/changeset/56139
-CVE-2010-1390
+CVE-2010-1390 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=29078
 	NOTE: http://trac.webkit.org/changeset/49487
-CVE-2010-1389
+CVE-2010-1389 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
@@ -10159,12 +10159,12 @@ CVE-2010-1389
 	NOTE: http://trac.webkit.org/changeset/53442
 	NOTE: http://trac.webkit.org/changeset/53835
 	NOTE: http://trac.webkit.org/changeset/53659
-CVE-2010-1388
+CVE-2010-1388 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6, and b ...)
 	- webkit <not-affected> (issue in mac-specific code)
 	- chromium-browser <not-affected> (issue in mac-specific code)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=28755
 	NOTE: http://trac.webkit.org/changeset/47829
-CVE-2010-1387
+CVE-2010-1387 (Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTun ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
@@ -10172,43 +10172,43 @@ CVE-2010-1387
 	NOTE: http://trac.webkit.org/changeset/54129
 	NOTE: http://trac.webkit.org/changeset/54141
 	NOTE: http://trac.webkit.org/changeset/54265
-CVE-2010-1386
+CVE-2010-1386 (page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2 ...)
 	- webkit 1.2.2-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.342.9~r43360-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36255
 	NOTE: http://trac.webkit.org/changeset/56188
-CVE-2010-1385
+CVE-2010-1385 (Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X 10 ...)
 	- webkit <not-affected> (this is a bug in Apple's PDFKit)
 	- chromium-browser <not-affected> (this is a bug in Apple's PDFKit)
-CVE-2010-1384
+CVE-2010-1384 (Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and ...)
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: This is based on various misconceptions surrounding "phishing" The only supported browser security model
 	NOTE: surrounding URLs is the accurate post-link-click indication of the final target URL in the URL bar.
-CVE-2010-1383
+CVE-2010-1383 (CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web se ...)
 	NOT-FOR-US: Apple Safari
-CVE-2010-1382
+CVE-2010-1382 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac O ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1381
+CVE-2010-1381 (The default configuration of SMB File Server in Apple Mac OS X 10.5.8, ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1380
+CVE-2010-1380 (Integer overflow in the cgtexttops CUPS filter in Printing in Apple Ma ...)
 	NOT-FOR-US: Apple-specific CUPS filter "cgtexttops"
-CVE-2010-1379
+CVE-2010-1379 (Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly i ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1378
+CVE-2010-1378 (OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perfo ...)
 	- openssl <not-affected> (fix for an apple-specific flaw)
 	NOTE: sounds like a duplicate of CVE-2009-2409
-CVE-2010-1377
+CVE-2010-1377 (Open Directory in Apple Mac OS X 10.6 before 10.6.4 creates an unencry ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1376
+CVE-2010-1376 (Multiple format string vulnerabilities in Network Authorization in App ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1375
+CVE-2010-1375 (NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1374
+CVE-2010-1374 (Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, a ...)
 	NOT-FOR-US: iChat
-CVE-2010-1373
+CVE-2010-1373 (Cross-site scripting (XSS) vulnerability in Help Viewer in Apple Mac O ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1423
+CVE-2010-1423 (Argument injection vulnerability in the URI handler in (a) Java NPAPI  ...)
 	- sun-java6 6.20-1 (high)
 	[lenny] - sun-java6 6-20-0lenny1
 CVE-2010-2449 [gource: predictable log file located in /tmp]
@@ -10216,280 +10216,280 @@ CVE-2010-2449 [gource: predictable log file located in /tmp]
 	- gource 0.26-2 (low; bug #577958)
 CVE-2010-1564
 	REJECTED
-CVE-2010-1372
+CVE-2010-1372 (SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) com ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1371
+CVE-2010-1371 (Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classifi ...)
 	NOT-FOR-US: Pre Classified Listings ASP
-CVE-2010-1370
+CVE-2010-1370 (SQL injection vulnerability in detailad.asp in Pre Classified Listings ...)
 	NOT-FOR-US: Pre Classified Listings ASP
-CVE-2010-1369
+CVE-2010-1369 (SQL injection vulnerability in signup.asp in Pre Classified Listings A ...)
 	NOT-FOR-US: Pre Classified Listings ASP
-CVE-2010-1368
+CVE-2010-1368 (SQL injection vulnerability in index.php in GameScript (GS) 3.0 allows ...)
 	NOT-FOR-US: GameScript
-CVE-2010-1367
+CVE-2010-1367 (Multiple cross-site scripting (XSS) vulnerabilities in admin/admin_log ...)
 	NOT-FOR-US: Uiga Fan Club
-CVE-2010-1366
+CVE-2010-1366 (Multiple SQL injection vulnerabilities in admin/admin_login.php in Uig ...)
 	NOT-FOR-US: Uiga Fan Club
-CVE-2010-1365
+CVE-2010-1365 (SQL injection vulnerability in index.php in Uiga Fan Club, as download ...)
 	NOT-FOR-US: Uiga Fan Club
-CVE-2010-1364
+CVE-2010-1364 (SQL injection vulnerability in index.php in Uiga Personal Portal, as d ...)
 	NOT-FOR-US: Uiga Fan Club
-CVE-2010-1363
+CVE-2010-1363 (SQL injection vulnerability in the JProjects (com_j-projects) componen ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1362
+CVE-2010-1362 (Cross-site scripting (XSS) vulnerability in the Own Term module 6.x-1. ...)
 	NOT-FOR-US: Own Term module for Drupal
-CVE-2010-1361
+CVE-2010-1361 (Cross-site scripting (XSS) vulnerability in shop/USER_ARTIKEL_HANDLING ...)
 	NOT-FOR-US: PHPepperShop
-CVE-2010-1360
+CVE-2010-1360 (Multiple PHP remote file inclusion vulnerabilities in FAQEngine 4.24.0 ...)
 	NOT-FOR-US: FAQEngine
-CVE-2010-1359
+CVE-2010-1359 (SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL  ...)
 	NOT-FOR-US: xt:Commerce
-CVE-2010-1358
+CVE-2010-1358 (Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio)  ...)
 	NOT-FOR-US: Biblio module for Drupal
-CVE-2010-1357
+CVE-2010-1357 (Cross-site scripting (XSS) vulnerability in editors/logindialogue.php  ...)
 	NOT-FOR-US: SBD Directory Software
-CVE-2010-1356
+CVE-2010-1356 (Unspecified vulnerability on the TANDBERG Video Communication Server ( ...)
 	NOT-FOR-US: TANDBERG Video Communication Server
-CVE-2010-1355
+CVE-2010-1355 (Cross-site scripting (XSS) vulnerability on the TANDBERG Video Communi ...)
 	NOT-FOR-US: TANDBERG Video Communication Server
-CVE-2010-1354
+CVE-2010-1354 (Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1 ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1353
+CVE-2010-1353 (Directory traversal vulnerability in the LoginBox Pro (com_loginbox) c ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1352
+CVE-2010-1352 (Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1351
+CVE-2010-1351 (Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 ...)
 	NOT-FOR-US: Nodesforum
-CVE-2010-1350
+CVE-2010-1350 (SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4 ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1349
+CVE-2010-1349 (Integer overflow in Opera 10.10 through 10.50 allows remote attackers  ...)
 	NOT-FOR-US: Opera
-CVE-2010-1348
+CVE-2010-1348 (Unspecified vulnerability in the login process in IBM WebSphere Portal ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-1347
+CVE-2010-1347 (Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and L ...)
 	NOT-FOR-US: IBM AIX
-CVE-2010-1346
+CVE-2010-1346 (SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, ...)
 	NOT-FOR-US: Mini CMS RibaFS
-CVE-2010-1345
+CVE-2010-1345 (Directory traversal vulnerability in the Cookex Agency CKForms (com_ck ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1344
+CVE-2010-1344 (SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1343
+CVE-2010-1343 (SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows re ...)
 	NOT-FOR-US: SiteX
-CVE-2010-1342
+CVE-2010-1342 (Multiple PHP remote file inclusion vulnerabilities in Direct News 4.10 ...)
 	NOT-FOR-US: Direct News
-CVE-2010-1341
+CVE-2010-1341 (SQL injection vulnerability in index.php in Systemsoftware Community B ...)
 	NOT-FOR-US: Systemsoftware Community Black Forum
-CVE-2010-1340
+CVE-2010-1340 (Directory traversal vulnerability in jresearch.php in the J!Research ( ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1339
+CVE-2010-1339 (Cross-site scripting (XSS) vulnerability in ts_other.php in the Teamsi ...)
 	NOT-FOR-US: Teamsite Hack plugin
-CVE-2010-1338
+CVE-2010-1338 (SQL injection vulnerability in ts_other.php in the Teamsite Hack plugi ...)
 	NOT-FOR-US: Teamsite Hack plugin
-CVE-2010-1337
+CVE-2010-1337 (Multiple PHP remote file inclusion vulnerabilities in definitions.php  ...)
 	NOT-FOR-US: Lussumo Vanilla
-CVE-2010-1336
+CVE-2010-1336 (Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote at ...)
 	NOT-FOR-US: INVOhost
-CVE-2010-1335
+CVE-2010-1335 (Multiple PHP remote file inclusion vulnerabilities in Insky CMS 006-01 ...)
 	NOT-FOR-US: Insky CMS
-CVE-2010-1334
+CVE-2010-1334 (Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.4 allows ...)
 	NOT-FOR-US: Pulse CMS Basic
-CVE-2010-1333
+CVE-2010-1333 (Multiple cross-site scripting (XSS) vulnerabilities in Almas Inc. Comp ...)
 	NOT-FOR-US: Almas Inc. Compiere J300_A02
-CVE-2010-1332
+CVE-2010-1332 (Cross-site scripting (XSS) vulnerability in PrettyBook PrettyFormMail  ...)
 	NOT-FOR-US: PrettyBook PrettyFormMail
-CVE-2010-1331
+CVE-2010-1331 (SQL injection vulnerability in Heartlogic HL-SiteManager allows remote ...)
 	NOT-FOR-US: Heartlogic HL-SiteManager
-CVE-2010-1330
+CVE-2010-1330 (The regular expression engine in JRuby before 1.4.1, when $KCODE is se ...)
 	- jruby 1.5.0~rc1-1
-CVE-2010-1329
+CVE-2010-1329 (Imperva SecureSphere Web Application Firewall and Database Firewall 5. ...)
 	NOT-FOR-US: Imperva SecureSphere Web Application Firewall and Database Firewall
-CVE-2010-1328
+CVE-2010-1328 (Multiple cross-site scripting (XSS) vulnerabilities in TornadoStore 1. ...)
 	NOT-FOR-US: TornadoStore
-CVE-2010-1327
+CVE-2010-1327 (Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and earli ...)
 	NOT-FOR-US: TornadoStore
-CVE-2010-1326
+CVE-2010-1326 (perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03  ...)
 	{DSA-2108-1}
 	- cvsnt 2.5.04.3236-1.2 (medium; bug #593884)
 	NOTE: http://march-hare.com/cvspro/vuln.htm
-CVE-2010-1325
+CVE-2010-1325 (Cross-site request forgery (CSRF) vulnerability in the apache2-slms pa ...)
 	NOT-FOR-US: SUSE Lifecycle Management Server
-CVE-2010-1324
+CVE-2010-1324 (MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not prope ...)
 	- krb5 1.8.3+dfsg-3 (bug #605553)
 	[lenny] - krb5 <not-affected> (Only affects krb5 >= 1.7)
-CVE-2010-1323
+CVE-2010-1323 (MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x ...)
 	{DSA-2129-1}
 	- krb5 1.8.3+dfsg-3 (bug #605553)
-CVE-2010-1322
+CVE-2010-1322 (The merge_authdata function in kdc_authdata.c in the Key Distribution  ...)
 	- krb5 1.8.3+dfsg-2 (bug #599237)
 	[lenny] - krb5 <not-affected> (Only affects 1.8)
 	[etch] - krb5 <not-affected> (Only affects 1.8)
 	NOTE: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-006.txt
-CVE-2010-1321
+CVE-2010-1321 (The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-AP ...)
 	{DSA-2052-1}
 	- krb5 1.8.1+dfsg-3 (low; bug #582261)
 	- heimdal 1.4.0~git20100605.dfsg.1-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 6-22-0lenny
-CVE-2010-1320
+CVE-2010-1320 (Double free vulnerability in do_tgs_req.c in the Key Distribution Cent ...)
 	- krb5 1.8.1+dfsg-2 (bug #577490)
 	[lenny] - krb5 <not-affected> (Only affects 1.7/1.8)
 	NOTE: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txt
-CVE-2010-1319
+CVE-2010-1319 (Integer overflow in the AgentX::receive_agentx function in AgentX++ 1. ...)
 	NOT-FOR-US: Real Helix Server
-CVE-2010-1318
+CVE-2010-1318 (Stack-based buffer overflow in the AgentX::receive_agentx function in  ...)
 	NOT-FOR-US: Real Helix Server
-CVE-2010-1317
+CVE-2010-1317 (Heap-based buffer overflow in the NTLM authentication functionality in ...)
 	NOT-FOR-US: Real Helix Server
-CVE-2010-1316
+CVE-2010-1316 (Multiple stack-based buffer overflows in Tembria Server Monitor before ...)
 	NOT-FOR-US: Tembria Server Monitor
-CVE-2010-1315
+CVE-2010-1315 (Directory traversal vulnerability in weberpcustomer.php in the webERPc ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1314
+CVE-2010-1314 (Directory traversal vulnerability in the Highslide JS (com_hsconfig) c ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1313
+CVE-2010-1313 (Directory traversal vulnerability in the Seber Cart (com_sebercart) co ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1312
+CVE-2010-1312 (Directory traversal vulnerability in the iJoomla News Portal (com_news ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1311
+CVE-2010-1311 (The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.9 ...)
 	- clamav 0.96+dfsg-2 (bug #577462; low)
 	[lenny] - clamav <end-of-life> (bug #577462; low)
 	NOTE: Lenny version achieved end of life! see
 	NOTE: http://www.clamav.net/lang/en/2009/10/05/eol-clamav-094/
-CVE-2010-1310
+CVE-2010-1310 (Opera 10.50 allows remote attackers to obtain sensitive information vi ...)
 	NOT-FOR-US: Opera
-CVE-2010-1309
+CVE-2010-1309 (Directory traversal vulnerability in Irmin CMS (formerly Pepsi CMS) 0. ...)
 	NOT-FOR-US: Pepsi CMS
-CVE-2010-1308
+CVE-2010-1308 (Directory traversal vulnerability in the SVMap (com_svmap) component 1 ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1307
+CVE-2010-1307 (Directory traversal vulnerability in the Magic Updater (com_joomlaupda ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1306
+CVE-2010-1306 (Directory traversal vulnerability in the Picasa (com_joomlapicasa2) co ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1305
+CVE-2010-1305 (Directory traversal vulnerability in jinventory.php in the JInventory  ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1304
+CVE-2010-1304 (Directory traversal vulnerability in userstatus.php in the User Status ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1303
+CVE-2010-1303 (Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Fi ...)
 	NOT-FOR-US: Drupal module
-CVE-2010-1302
+CVE-2010-1302 (Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-1301
+CVE-2010-1301 (SQL injection vulnerability in main.php in Centreon 2.1.5 allows remot ...)
 	NOT-FOR-US: Centreon
-CVE-2010-1300
+CVE-2010-1300 (SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Al ...)
 	NOT-FOR-US: Yamamah
-CVE-2010-1299
+CVE-2010-1299 (Multiple PHP remote file inclusion vulnerabilities in DynPG CMS 4.1.0, ...)
 	NOT-FOR-US: DynPG CMS
-CVE-2010-1298
+CVE-2010-1298 (Directory traversal vulnerability in view.php in Pulse CMS 1.2.2 allow ...)
 	NOT-FOR-US: Pulse CMS
-CVE-2010-1297
+CVE-2010-1297 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-1296
+CVE-2010-1296 (Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 allow u ...)
 	NOT-FOR-US: Adobe Photoshop CS4
-CVE-2010-1295
+CVE-2010-1295 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-1294
+CVE-2010-1294 (Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allo ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2010-1293
+CVE-2010-1293 (Cross-site scripting (XSS) vulnerability in the Administrator page in  ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2010-1292
+CVE-2010-1292 (The implementation of pami RIFF chunk parsing in Adobe Shockwave Playe ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1291
+CVE-2010-1291 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a d ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1290
+CVE-2010-1290 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a d ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1289
+CVE-2010-1289 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a d ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1288
+CVE-2010-1288 (Buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allo ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1287
+CVE-2010-1287 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a d ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1286
+CVE-2010-1286 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a d ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1285
+CVE-2010-1285 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-1284
+CVE-2010-1284 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a d ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1283
+CVE-2010-1283 (Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D ob ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1282
+CVE-2010-1282 (Adobe Shockwave Player before 11.5.7.609 allows remote attackers to ca ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1281
+CVE-2010-1281 (iml32.dll in Adobe Shockwave Player before 11.5.7.609 does not validat ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1280
+CVE-2010-1280 (Adobe Shockwave Player before 11.5.7.609 allows remote attackers to ex ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1279
+CVE-2010-1279 (Multiple unspecified vulnerabilities in Adobe Photoshop CS4 11.x befor ...)
 	NOT-FOR-US: Adobe Photoshop
-CVE-2010-1278
+CVE-2010-1278 (Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in  ...)
 	NOT-FOR-US: Adobe Download Manager
-CVE-2010-1277
+CVE-2010-1277 (SQL injection vulnerability in the user.authenticate method in the API ...)
 	- zabbix 1:1.8.2-1 (bug #577058)
 	[lenny] - zabbix <not-affected> (vulnerable code not present)
 	[etch] - zabbix <not-affected> (vulnerable code not present)
 	NOTE: This is a bug that was introduced with the Zabbix 1.8 API
-CVE-2010-1276
+CVE-2010-1276 (Multiple cross-site scripting (XSS) vulnerabilities in BBSXP 2008 SP2  ...)
 	NOT-FOR-US: BBSXP
-CVE-2010-1275
+CVE-2010-1275 (Cross-site scripting (XSS) vulnerability in ShowPost.asp in BBSXP 2008 ...)
 	NOT-FOR-US: BBSXP
-CVE-2010-1274
+CVE-2010-1274 (Cross-site scripting (XSS) vulnerability in Emweb Wt before 3.1.1 allo ...)
 	NOT-FOR-US: Emweb Wt
-CVE-2010-1273
+CVE-2010-1273 (Emweb Wt before 3.1.1 does not validate the UTF-8 encoding of (1) form ...)
 	NOT-FOR-US: Emweb Wt
-CVE-2010-1272
+CVE-2010-1272 (PHP remote file inclusion vulnerability in includes/tgpinc.php in Gnat ...)
 	NOT-FOR-US: Gnat-TGP
-CVE-2010-1271
+CVE-2010-1271 (SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows  ...)
 	NOT-FOR-US: smartplugs
-CVE-2010-1270
+CVE-2010-1270 (SQL injection vulnerability in auktion.php in Multi Auktions Komplett  ...)
 	NOT-FOR-US: Multi Auktions Komplett System
-CVE-2010-1269
+CVE-2010-1269 (SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Geb ...)
 	NOT-FOR-US: Gebote Pro Auktions System
-CVE-2010-1268
+CVE-2010-1268 (Directory traversal vulnerability in index.php in justVisual CMS 2.0,  ...)
 	NOT-FOR-US: justVisual CMS
-CVE-2010-1267
+CVE-2010-1267 (Multiple directory traversal vulnerabilities in WebMaid CMS 0.2-6 Beta ...)
 	NOT-FOR-US: WebMaid CMS
-CVE-2010-1266
+CVE-2010-1266 (Multiple PHP remote file inclusion vulnerabilities in WebMaid CMS 0.2- ...)
 	NOT-FOR-US: WebMaid CMS
-CVE-2010-1265
+CVE-2010-1265 (SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flas ...)
 	NOT-FOR-US: dcsFlashGames
-CVE-2010-1264
+CVE-2010-1264 (Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1263
+CVE-2010-1263 (Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1262
+CVE-2010-1262 (Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote atta ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1261
+CVE-2010-1261 (The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1260
+CVE-2010-1260 (The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1259
+CVE-2010-1259 (Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote atta ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1258
+CVE-2010-1258 (Microsoft Internet Explorer 6, 7, and 8 does not properly determine th ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-1257
+CVE-2010-1257 (Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as u ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1256
+CVE-2010-1256 (Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Ext ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1255
+CVE-2010-1255 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1254
+CVE-2010-1254 (The installation for Microsoft Open XML File Format Converter for Mac  ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1253
+CVE-2010-1253 (Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for ma ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1252
+CVE-2010-1252 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Offic ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1251
+CVE-2010-1251 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Offic ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1250
+CVE-2010-1250 (Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office  ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1249
+CVE-2010-1249 (Buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Ma ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1248
+CVE-2010-1248 (Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1247
+CVE-2010-1247 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows re ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1246
+CVE-2010-1246 (Stack-based buffer overflow in Microsoft Office Excel 2002 SP3 allows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1245
+CVE-2010-1245 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2 ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-XXXX [tcpdf code execution via tcpdf tag]
 	- moodle <not-affected> (Vulnerable code not present)
@@ -10502,102 +10502,102 @@ CVE-2010-XXXX [xmail insecure temp files handling]
 	- xmail 1.27-1 (low)
 	[lenny] - xmail <no-dsa> (Minor issue)
 	NOTE: http://www.xmailserver.org/ChangeLog.html#feb_25__2010_v_1_27
-CVE-2010-1159
+CVE-2010-1159 (Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow r ...)
 	- aircrack-ng 1:1.1-1 (low; bug #577758)
 	[lenny] - aircrack-ng <no-dsa> (low)
 	[etch] - aircrack-ng <no-dsa> (low)
 	NOTE: http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py
-CVE-2010-1244
+CVE-2010-1244 (Cross-site request forgery (CSRF) vulnerability in createDestination.a ...)
 	NOT-FOR-US: Apache ActiveMQ
-CVE-2010-1243
+CVE-2010-1243 (The IBM Web Interface for Content Management (aka WEBi) before 1.0.4 c ...)
 	NOT-FOR-US: IBM Web Interface for Content Management
-CVE-2010-1242
+CVE-2010-1242 (Multiple cross-site scripting (XSS) vulnerabilities in the IBM Web Int ...)
 	NOT-FOR-US: IBM Web Interface for Content Management
-CVE-2010-1241
+CVE-2010-1241 (Heap-based buffer overflow in the custom heap management system in Ado ...)
 	NOT-FOR-US: Acrobat Reader
-CVE-2010-1240
+CVE-2010-1240 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-1239
+CVE-2010-1239 (Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute  ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2010-1238
+CVE-2010-1238 (MoinMoin 1.7.1 allows remote attackers to bypass the textcha protectio ...)
 	- moin 1.9.2-3 (bug #575995; medium)
 	[lenny] - moin 1.7.1-3+lenny4 (bug #575995; medium)
 	NOTE: see http://www.debian.org/security/2010/dsa-2024
-CVE-2010-1237
+CVE-2010-1237 (Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to  ...)
 	- webkit 1.1.90-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: http://trac.webkit.org/changeset/55511
 	NOTE: evidence of memory corruption http://code.google.com/p/chromium/issues/detail?id=37061
-CVE-2010-1236
+CVE-2010-1236 (The protocolIs function in platform/KURLGoogle.cpp in WebCore in WebKi ...)
 	- webkit <not-affected> (bug #577457; proof-of-concepts are not effective against webkit)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: http://trac.webkit.org/changeset/55822
-CVE-2010-1235
+CVE-2010-1235 (Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows  ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: issue in chrome-specific download dialog
-CVE-2010-1234
+CVE-2010-1234 (Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows  ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-1233
+CVE-2010-1233 (Multiple integer overflows in Google Chrome before 4.1.249.1036 allow  ...)
 	- webkit <not-affected> (v8 and webgl not yet included)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: http://trac.webkit.org/changeset/55376
-CVE-2010-1232
+CVE-2010-1232 (Google Chrome before 4.1.249.1036 allows remote attackers to cause a d ...)
 	- webkit 1.1.90-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=34978
-CVE-2010-1231
+CVE-2010-1231 (Google Chrome before 4.1.249.1036 processes HTTP headers before invoki ...)
 	- webkit <not-affected> (does not yet have a "safe browsing" feature; i.e. chromium-specific issue)
 	- chromium-browser 5.0.375.29~r46008-1
-CVE-2010-1230
+CVE-2010-1230 (Google Chrome before 4.1.249.1036 does not have the expected behavior  ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-1229
+CVE-2010-1229 (The sandbox infrastructure in Google Chrome before 4.1.249.1036 does n ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-1228
+CVE-2010-1228 (Multiple race conditions in the sandbox infrastructure in Google Chrom ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-1227
+CVE-2010-1227 (Cross-site scripting (XSS) vulnerability in Sun Java System Communicat ...)
 	NOT-FOR-US: Sun Java System Communication Express
-CVE-2010-1226
+CVE-2010-1226 (The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G  ...)
 	NOT-FOR-US: Apple iPhone
-CVE-2010-1225
+CVE-2010-1225 (The memory-management implementation in the Virtual Machine Monitor (a ...)
 	NOT-FOR-US: Microsoft Virtual PC
-CVE-2010-1224
+CVE-2010-1224 (main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x be ...)
 	- asterisk 1:1.6.2.6-1 (low; bug #576560)
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2010-1223
+CVE-2010-1223 (Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote at ...)
 	NOT-FOR-US: CA XOsoft
-CVE-2010-1222
+CVE-2010-1222 (CA XOsoft r12.5 does not properly perform authentication, which allows ...)
 	NOT-FOR-US: CA XOsoft
-CVE-2010-1221
+CVE-2010-1221 (CA XOsoft r12.0 and r12.5 does not properly perform authentication, wh ...)
 	NOT-FOR-US: CA XOsoft
 CVE-2010-1220
 	RESERVED
 CVE-2010-XXXX [interchange potential HTTP response splitting vulnerability]
 	- interchange 5.7.6-1
-CVE-2010-1219
+CVE-2010-1219 (Directory traversal vulnerability in the JA News (com_janews) componen ...)
 	NOT-FOR-US: com_janews component for Joomla!
-CVE-2010-1218
+CVE-2010-1218 (Cross-site scripting (XSS) vulnerability in the mm_forum extension 1.8 ...)
 	NOT-FOR-US: mm_forum extension for TYPO3
-CVE-2010-1217
+CVE-2010-1217 (Directory traversal vulnerability in the JE Form Creator (com_jeformcr ...)
 	NOT-FOR-US: com_jeformcr component for Joomla!
-CVE-2010-1216
+CVE-2010-1216 (PHP remote file inclusion vulnerability in templates/template.php in n ...)
 	NOT-FOR-US: notsoPureEdit
-CVE-2010-1215
+CVE-2010-1215 (Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1  ...)
 	- xulrunner <not-affected> (Only affects Firefox 3.6.x and above)
 	- iceweasel <not-affected> (Only affects Firefox 3.6.x and above)
-CVE-2010-1214
+CVE-2010-1214 (Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x befo ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1213
+CVE-2010-1213 (The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3. ...)
 	- xulrunner 1.9.1.11-1
 	[lenny] - xulrunner <not-affected> (Only affects 1.9.1 and above)
 	- iceweasel 3.5.11-2
@@ -10606,12 +10606,12 @@ CVE-2010-1213
 	[lenny] - icedove <end-of-life>
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.0.6-1
-CVE-2010-1212
+CVE-2010-1212 (js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x bef ...)
 	- xulrunner <not-affected> (Only affects Firefox 3.6.x and above)
 	- iceweasel <not-affected> (Only affects Firefox 3.6.x and above)
 	- icedove 3.0.6-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-1211
+CVE-2010-1211 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceweasel 3.5.11-2
@@ -10620,63 +10620,63 @@ CVE-2010-1211
 	[lenny] - icedove <end-of-life>
 	- icedove 3.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1210
+CVE-2010-1210 (intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3. ...)
 	- xulrunner <not-affected> (Only affects 1.9.2 and above)
 	- iceweasel <not-affected> (Only affects 1.9.2 and above)
-CVE-2010-1209
+CVE-2010-1209 (Use-after-free vulnerability in the NodeIterator implementation in Moz ...)
 	- xulrunner 1.9.1.11-1
 	[lenny] - xulrunner <not-affected> (Only affects 1.9.1 and above)
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1208
+CVE-2010-1208 (Use-after-free vulnerability in the attribute-cloning functionality in ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1207
+CVE-2010-1207 (Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not prope ...)
 	- xulrunner <not-affected> (Only affects 1.9.2 and above)
 	- iceweasel <not-affected> (Only affects 1.9.2 and above)
-CVE-2010-1206
+CVE-2010-1206 (The startDocumentLoad function in browser/base/content/browser.js in M ...)
 	- iceweasel 3.5.11-1
 	[lenny] - iceweasel <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by https://bugzilla.mozilla.org/show_bug.cgi?id=254714
-CVE-2010-1205
+CVE-2010-1205 (Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before ...)
 	{DSA-2075-1 DSA-2072-1}
 	- libpng 1.2.44-1 (bug #587670)
 	- icedove 3.0.6-1
 	[lenny] - icedove <end-of-life>
 	- tuxonice-userui 1.0-1 (unimportant)
 	NOTE: tuxonice-userui 1.0-1 was binNMUed
-CVE-2010-1204
+CVE-2010-1204 (Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6, 3.5.1 ...)
 	- bugzilla 3.4.7.0-1 (low; bug #587663)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2010-1203
+CVE-2010-1203 (The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remo ...)
 	- xulrunner <not-affected> (Only affects Firefox 3.6, i.e xulrunner 1.9.2)
 	- iceweasel <not-affected> (Only affects Firefox 3.6, i.e xulrunner 1.9.2)
-CVE-2010-1202
+CVE-2010-1202 (Multiple unspecified vulnerabilities in the JavaScript engine in Mozil ...)
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1201
+CVE-2010-1201 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5 ...)
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1200
+CVE-2010-1200 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1199
+CVE-2010-1199 (Integer overflow in the XSLT node sorting implementation in Mozilla Fi ...)
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
@@ -10685,21 +10685,21 @@ CVE-2010-1199
 	[lenny] - icedove <end-of-life>
 	- icedove 3.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1198
+CVE-2010-1198 (Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 an ...)
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1197
+CVE-2010-1197 (Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMon ...)
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1196
+CVE-2010-1196 (Integer overflow in the nsGenericDOMDataNode::SetTextInternal function ...)
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
@@ -10708,168 +10708,168 @@ CVE-2010-1196
 	- iceape 2.0.5-1
 	- icedove 3.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1194
+CVE-2010-1194 (The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and p ...)
 	- libesmtp 1.0.4-2 (bug #311191)
-CVE-2010-1191
+CVE-2010-1191 (Sahana disaster management system 0.6.2.2, and possibly other versions ...)
 	- sahana <itp> (bug #497414)
-CVE-2010-1186
+CVE-2010-1186 (Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the N ...)
 	NOT-FOR-US: NextGEN Gallery plugin for WordPress
-CVE-2010-1188
+CVE-2010-1188 (Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux kern ...)
 	- linux-2.6 2.6.20-1
-CVE-2010-1187
+CVE-2010-1187 (The Transparent Inter-Process Communication (TIPC) functionality in Li ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-12
-CVE-2010-1185
+CVE-2010-1185 (Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6 ...)
 	NOT-FOR-US: SAP MaxDB
-CVE-2010-1184
+CVE-2010-1184 (The Microsoft wireless keyboard uses XOR encryption with a key derived ...)
 	NOT-FOR-US: Microsoft Wireless Keyboard
-CVE-2010-1183
+CVE-2010-1183 (Certain patch-installation scripts in Oracle Solaris allow local users ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2010-1182
+CVE-2010-1182 (Multiple unspecified vulnerabilities in the administrative console in  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-1181
+CVE-2010-1181 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
 	NOTE: proof of concept maximum impact against webkit is dos-only
-CVE-2010-1180
+CVE-2010-1180 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
 	NOTE: proof of concept maximum impact against webkit is dos-only
-CVE-2010-1179
+CVE-2010-1179 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
 	- webkit <not-affected>
-CVE-2010-1178
+CVE-2010-1178 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
 	- webkit <not-affected>
-CVE-2010-1177
+CVE-2010-1177 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
 	- webkit <not-affected>
-CVE-2010-1176
+CVE-2010-1176 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
 	- webkit <not-affected>
-CVE-2010-1175
+CVE-2010-1175 (Microsoft Internet Explorer 7.0 on Windows XP and Windows Server 2003  ...)
 	NOT-FOR-US: Microsoft Internet Explorer 7.0
-CVE-2010-1174
+CVE-2010-1174 (Cisco TFTP Server 1.1 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Cisco TFTP Server
-CVE-2010-1173
+CVE-2010-1173 (The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-12
-CVE-2010-1172
+CVE-2010-1172 (DBus-GLib 0.73 disregards the access flag of exported GObject properti ...)
 	- dbus-glib 0.88-1 (low; bug #592753)
 	[lenny] - dbus-glib <no-dsa> (Minor issue)
-CVE-2010-1171
+CVE-2010-1171 (Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsol ...)
 	NOT-FOR-US: Red Hat Network Satellite Server
-CVE-2010-1170
+CVE-2010-1170 (The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before  ...)
 	{DSA-2051-1}
 	- postgresql-8.4 8.4.4-1 (low)
 	- postgresql-8.3 <removed>
-CVE-2010-1169
+CVE-2010-1169 (PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8. ...)
 	{DSA-2051-1}
 	- postgresql-8.4 8.4.4-1 (low)
 	- postgresql-8.3 <removed>
-CVE-2010-1168
+CVE-2010-1168 (The Safe (aka Safe.pm) module before 2.25 for Perl allows context-depe ...)
 	- perl 5.10.1-13 (bug #582978)
 	[lenny] - perl 5.10.0-19lenny3
-CVE-2010-1166
+CVE-2010-1166 (The fbComposite function in fbpict.c in the Render extension in the X  ...)
 	- xorg-server <not-affected> (Xorg in Lenny onwards uses Pixman, which isn't affected)
 	NOTE: https://rhn.redhat.com/errata/RHSA-2010-0382.html
-CVE-2010-1165
+CVE-2010-1165 (Atlassian JIRA 3.12 through 4.1 allows remote authenticated administra ...)
 	NOT-FOR-US: Atlassian JIRA
-CVE-2010-1164
+CVE-2010-1164 (Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA  ...)
 	NOT-FOR-US: Atlassian JIRA
-CVE-2010-1163
+CVE-2010-1163 (The command matching functionality in sudo 1.6.8 through 1.7.2p5 does  ...)
 	- sudo 1.7.2p6-1 (bug #578275)
 	[lenny] - sudo <not-affected> (ignore_dot default value is off and can't be changed in runtime)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=580441#c3
-CVE-2010-1162
+CVE-2010-1162 (The release_one_tty function in drivers/char/tty_io.c in the Linux ker ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-12
-CVE-2010-1161
+CVE-2010-1161 (Race condition in GNU nano before 2.2.4, when run by root to edit a fi ...)
 	- nano 2.2.4-1 (low; bug #577817)
 	[lenny] - nano 2.0.7-5
-CVE-2010-1160
+CVE-2010-1160 (GNU nano before 2.2.4 does not verify whether a file has been changed  ...)
 	- nano 2.2.4-1 (low; bug #577817)
 	[lenny] - nano 2.0.7-5
-CVE-2010-1158
+CVE-2010-1158 (Integer overflow in the regular expression engine in Perl 5.8.x allows ...)
 	- perl <not-affected> (re engine rewritten for 5.10 to address issues such as this; and proof-of-concept not effective)
-CVE-2010-1157
+CVE-2010-1157 (Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allo ...)
 	{DSA-2207-1}
 	- tomcat6 6.0.26-5 (bug #587447; unimportant)
 	- tomcat5.5 <removed> (unimportant)
 	NOTE: Negligible information disclosure
-CVE-2010-1156
+CVE-2010-1156 (core/nicklist.c in Irssi before 0.8.15 allows remote attackers to caus ...)
 	- irssi 0.8.15-1 (low)
 	[lenny] - irssi <no-dsa> (Minor issue)
-CVE-2010-1155
+CVE-2010-1155 (Irssi before 0.8.15, when SSL is used, does not verify that the server ...)
 	- irssi 0.8.15-1 (low)
 	[lenny] - irssi <no-dsa> (Minor issue)
 CVE-2010-1154
 	REJECTED
-CVE-2010-1153
+CVE-2010-1153 (PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3 ...)
 	- typo3-src 4.3.3-1 (bug #577993)
 	[lenny] - typo3-src <not-affected> (Only affects 4.3.x)
-CVE-2010-1152
+CVE-2010-1152 (memcached.c in memcached before 1.4.3 allows remote attackers to cause ...)
 	- memcached 1.4.5-1 (low; bug #579913)
 	[lenny] - memcached <no-dsa> (Minor issue)
-CVE-2010-1151
+CVE-2010-1151 (Race condition in the mod_auth_shadow module for the Apache HTTP Serve ...)
 	- libapache2-mod-auth-shadow <itp> (bug #503184)
-CVE-2010-1150
+CVE-2010-1150 (MediaWiki before 1.15.3, and 1.6.x before 1.16.0beta2, does not proper ...)
 	{DSA-2041-1}
 	- mediawiki 1:1.15.3-1 (low)
-CVE-2010-1149
+CVE-2010-1149 (probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TA ...)
 	- udisks 1.0.1-1 (medium; bug #576687)
-CVE-2010-1148
+CVE-2010-1148 (The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 ...)
 	- linux-2.6 2.6.32-12
 	[lenny] - linux-2.6 <not-affected> (vulnerable code not yet present)
-CVE-2010-1147
+CVE-2010-1147 (Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hu ...)
 	- opendchub 0.8.2-1 (bug #576308)
 	[lenny] - opendchub <not-affected> (Vulnerable code not present)
-CVE-2010-1146
+CVE-2010-1146 (The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exis ...)
 	- linux-2.6 2.6.32-12
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.30)
 CVE-2010-1145
 	REJECTED
-CVE-2010-0751
+CVE-2010-0751 (The ip_evictor function in ip_fragment.c in libnids 1.24, as used in d ...)
 	- libnids 1.23-1.2 (low; bug #576281)
 	[lenny] - libnids <no-dsa> (Minor issue)
 	NOTE: dsniff is the only software in Debian using this lib so the impact is pretty minor
-CVE-2010-1143
+CVE-2010-1143 (Cross-site scripting (XSS) vulnerability in VMware View (formerly Virt ...)
 	NOT-FOR-US: VMware
-CVE-2010-1142
+CVE-2010-1142 (VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VM ...)
 	NOT-FOR-US: VMware products
-CVE-2010-1141
+CVE-2010-1141 (VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VM ...)
 	NOT-FOR-US: VMware products
-CVE-2010-1140
+CVE-2010-1140 (The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 an ...)
 	NOT-FOR-US: VMware products
-CVE-2010-1139
+CVE-2010-1139 (Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware W ...)
 	NOT-FOR-US: VMware products
-CVE-2010-1138
+CVE-2010-1138 (The virtual networking stack in VMware Workstation 7.0 before 7.0.1 bu ...)
 	NOT-FOR-US: VMware products
-CVE-2010-1137
+CVE-2010-1137 (Cross-site scripting (XSS) vulnerability in WebAccess in VMware Virtua ...)
 	NOT-FOR-US: VMware Server
-CVE-2010-1136
+CVE-2010-1136 (The Standard Remember method in TikiWiki CMS/Groupware 3.x before 3.5  ...)
 	- tikiwiki <removed>
-CVE-2010-1135
+CVE-2010-1135 (The user_logout function in TikiWiki CMS/Groupware 4.x before 4.2 does ...)
 	- tikiwiki <removed>
-CVE-2010-1134
+CVE-2010-1134 (SQL injection vulnerability in the _find function in searchlib.php in  ...)
 	- tikiwiki <removed>
-CVE-2010-1133
+CVE-2010-1133 (Multiple SQL injection vulnerabilities in TikiWiki CMS/Groupware 4.x b ...)
 	- tikiwiki <removed>
-CVE-2010-1131
+CVE-2010-1131 (JavaScriptCore.dll, as used in Apple Safari 4.0.5 on Windows XP SP3, a ...)
 	NOTE: browser crashes are not considered security-relevant
-CVE-2010-1130
+CVE-2010-1130 (session.c in the session extension in PHP before 5.2.13, and 5.3.1, do ...)
 	- php5 5.3.2-1 (unimportant)
 	NOTE: open_basedir not supported
-CVE-2010-1129
+CVE-2010-1129 (The safe_mode implementation in PHP before 5.2.13 does not properly ha ...)
 	- php5 5.3.2-1 (unimportant)
 	NOTE: safe_mode not supported
-CVE-2010-1128
+CVE-2010-1128 (The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not  ...)
 	{DSA-2195-1}
 	- php5 5.3.2-1 (low)
-CVE-2010-1127
+CVE-2010-1127 (Microsoft Internet Explorer 6 and 7 does not initialize certain data s ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-1126
+CVE-2010-1126 (The JavaScript implementation in WebKit allows remote attackers to sen ...)
 	- webkit <not-affected> (proof-of-concept not effective; windows-only?)
-CVE-2010-1125
+CVE-2010-1125 (The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and ...)
 	- xulrunner <not-affected> (Only affects Firefox 3.6, i.e xulrunner 1.9.2)
 	NOTE: Description is wrong, only affects Firefox 3.6 per https://bugzilla.mozilla.org/show_bug.cgi?id=552255
-CVE-2010-1124
+CVE-2010-1124 (bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2010-1123
+CVE-2010-1123 (Chip Salzenberg Deliver does not properly associate a lockfile with th ...)
 	- deliver <removed>
-CVE-2010-2445
+CVE-2010-2445 (freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read ...)
 	- freeciv 2.2.1-1 (low; bug #584589)
 	[lenny] - freeciv <no-dsa> (Minor issue)
 	NOTE: http://gna.org/bugs/?15624
@@ -10878,259 +10878,259 @@ CVE-2010-2446 [Rbot Owner Reaction Command Execution]
 	- rbot 0.9.14-2 (bug #575286)
 	[lenny] - rbot <not-affected> ("reaction" plugin not present in 0.9.10)
 	[etch] - rbot <not-affected> ("reaction" plugin not present in 0.9.10)
-CVE-2010-1122
+CVE-2010-1122 (Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allow ...)
 	- xulrunner <not-affected> (Only affects the Firefox 3.6 branch)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=552216
-CVE-2010-1121
+CVE-2010-1121 (Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes ...)
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-1120
+CVE-2010-1120 (Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows re ...)
 	NOT-FOR-US: Apple Type Services
-CVE-2010-1119
+CVE-2010-1119 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on M ...)
 	- webkit 1.2.1-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=33850
 	NOTE: http://trac.webkit.org/changeset/53501
 	NOTE: http://trac.webkit.org/changeset/53504
-CVE-2010-1118
+CVE-2010-1118 (Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows  ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2010-1117
+CVE-2010-1117 (Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2010-1116
+CVE-2010-1116 (LookMer Music Portal stores sensitive information under the web root w ...)
 	NOT-FOR-US: LookMer Music Portal
-CVE-2010-1115
+CVE-2010-1115 (Directory traversal vulnerability in news/include/customize.php in Web ...)
 	NOT-FOR-US: Web Server Creator - Web Portal
-CVE-2010-1114
+CVE-2010-1114 (Multiple PHP remote file inclusion vulnerabilities in Web Server Creat ...)
 	NOT-FOR-US: Web Server Creator - Web Portal
-CVE-2010-1113
+CVE-2010-1113 (Cross-site scripting (XSS) vulnerability in the forum page in Web Serv ...)
 	NOT-FOR-US: Web Server Creator - Web Portal
-CVE-2010-1112
+CVE-2010-1112 (Cross-site scripting (XSS) vulnerability in cat.php in KloNews 2.0 all ...)
 	NOT-FOR-US: KloNews
-CVE-2010-1111
+CVE-2010-1111 (Multiple cross-site scripting (XSS) vulnerabilities in Jokes Complete  ...)
 	NOT-FOR-US: Jokes Complete Website
-CVE-2010-1110
+CVE-2010-1110 (Directory traversal vulnerability in index.php in phpMySport 1.4 allow ...)
 	NOT-FOR-US: phpMySport
-CVE-2010-1109
+CVE-2010-1109 (Multiple SQL injection vulnerabilities in index.php in phpMySport 1.4, ...)
 	NOT-FOR-US: phpMySport
-CVE-2010-1108
+CVE-2010-1108 (Cross-site scripting (XSS) vulnerability in the Control Panel module 5 ...)
 	NOT-FOR-US: third-party Drupal module
-CVE-2010-1107
+CVE-2010-1107 (Cross-site scripting (XSS) vulnerability in the Recent Comments module ...)
 	NOT-FOR-US: third-party Drupal module
-CVE-2010-1106
+CVE-2010-1106 (PHP remote file inclusion vulnerability in cgi/index.php in Advertisem ...)
 	NOT-FOR-US: AdvertisementManager
-CVE-2010-1105
+CVE-2010-1105 (Cross-site scripting (XSS) vulnerability in cgi/index.php in Advertise ...)
 	NOT-FOR-US: AdvertisementManager
-CVE-2010-1103
+CVE-2010-1103 (Integer overflow in Stainless allows remote attackers to bypass intend ...)
 	NOT-FOR-US: Stainless
-CVE-2010-1102
+CVE-2010-1102 (Integer overflow in OmniWeb allows remote attackers to bypass intended ...)
 	NOT-FOR-US: OmniWeb
-CVE-2010-1101
+CVE-2010-1101 (Integer overflow in Alexander Clauss iCab allows remote attackers to b ...)
 	NOT-FOR-US: Alexander Clauss iCab
-CVE-2010-1100
+CVE-2010-1100 (Integer overflow in Arora allows remote attackers to bypass intended p ...)
 	- arora <not-affected> (Advisory is wrong, URL range is protected by QUrl)
-CVE-2010-1099
+CVE-2010-1099 (Integer overflow in Apple Safari allows remote attackers to bypass int ...)
 	NOT-FOR-US: Apple Safari
-CVE-2010-1098
+CVE-2010-1098 (The ANI parser in Microsoft Windows before 7 on the x86 platform, as u ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1097
+CVE-2010-1097 (include/userlogin.class.php in DeDeCMS 5.5 GBK, when session.auto_star ...)
 	NOT-FOR-US: DeDeCMS
-CVE-2010-1096
+CVE-2010-1096 (Multiple SQL injection vulnerabilities in searchmatch.php in ScriptsFe ...)
 	NOT-FOR-US: ScriptsFeed Dating Software
-CVE-2010-1095
+CVE-2010-1095 (Cross-site scripting (XSS) vulnerability in login_reset_password_page. ...)
 	NOT-FOR-US: Tracking Requirements & Use Cases
-CVE-2010-1094
+CVE-2010-1094 (SQL injection vulnerability in news.php in DZ EROTIK Auktionshaus V4rg ...)
 	NOT-FOR-US: Auktionshaus V4rgo
-CVE-2010-1093
+CVE-2010-1093 (SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magic_q ...)
 	NOT-FOR-US: 1024 CMS
-CVE-2010-1092
+CVE-2010-1092 (Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Bus ...)
 	NOT-FOR-US: ScriptsFeed Business Directory
-CVE-2010-1091
+CVE-2010-1091 (Multiple cross-site scripting (XSS) vulnerabilities in contact.php in  ...)
 	NOT-FOR-US: phpMySite
-CVE-2010-1090
+CVE-2010-1090 (SQL injection vulnerability in index.php in phpMySite allows remote at ...)
 	NOT-FOR-US: phpMySite
-CVE-2010-1089
+CVE-2010-1089 (SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2  ...)
 	NOT-FOR-US: PHP Trouble Ticket
-CVE-2010-1088
+CVE-2010-1088 (fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follo ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-10
-CVE-2010-1087
+CVE-2010-1087 (The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel  ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-9 (low)
-CVE-2010-1086
+CVE-2010-1086 (The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_ ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-10 (low)
-CVE-2010-1085
+CVE-2010-1085 (The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 ...)
 	- linux-2.6 2.6.32-9
 	[lenny] - linux-2.6 <not-affected> (affected call not present)
-CVE-2010-1084
+CVE-2010-1084 (Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allow ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-11
-CVE-2010-1083
+CVE-2010-1083 (The processcompl_compat function in drivers/usb/core/devio.c in Linux  ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-9
-CVE-2010-1082
+CVE-2010-1082 (Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when m ...)
 	NOT-FOR-US: OI.Blogs
-CVE-2010-1081
+CVE-2010-1081 (Directory traversal vulnerability in the Community Polls (com_communit ...)
 	NOT-FOR-US: com_communitypolls component for Joomla!
-CVE-2010-1080
+CVE-2010-1080 (Cross-site scripting (XSS) vulnerability in view.php in Pulse CMS 1.2. ...)
 	NOT-FOR-US: Pulse CMS
-CVE-2010-1079
+CVE-2010-1079 (Cross-site scripting (XSS) vulnerability in Sawmill before 7.2.18 allo ...)
 	NOT-FOR-US: Sawmill
-CVE-2010-1078
+CVE-2010-1078 (SQL injection vulnerability in archive.php in XlentProjects SphereCMS  ...)
 	NOT-FOR-US: Xlent Projects SphereCMS
-CVE-2010-1077
+CVE-2010-1077 (Directory traversal vulnerability in vbseo.php in Crawlability vBSEO p ...)
 	NOT-FOR-US: Crawlability vBSEO plugin for vBulletin
-CVE-2010-1076
+CVE-2010-1076 (Cross-site scripting (XSS) vulnerability in index.php in Entry Level C ...)
 	NOT-FOR-US: Entry Level CMS
-CVE-2010-1075
+CVE-2010-1075 (SQL injection vulnerability in index.php in Entry Level CMS (EL CMS) a ...)
 	NOT-FOR-US: Entry Level CMS
-CVE-2010-1074
+CVE-2010-1074 (Cross-site scripting (XSS) vulnerability in the Currency Exchange modu ...)
 	NOT-FOR-US: Currency Exchange module for Drupal
-CVE-2010-1073
+CVE-2010-1073 (SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed)  ...)
 	NOT-FOR-US: com_jembed component for Joomla!
-CVE-2010-1072
+CVE-2010-1072 (Cross-site scripting (XSS) vulnerability in search.php in Sniggabo CMS ...)
 	NOT-FOR-US: Sniggabo CMS
-CVE-2010-1071
+CVE-2010-1071 (SQL injection vulnerability in profil.php in phpMDJ 1.0.3 allows remot ...)
 	NOT-FOR-US: phpMDJ
-CVE-2010-1070
+CVE-2010-1070 (SQL injection vulnerability in index.php in ImagoScripts Deviant Art C ...)
 	NOT-FOR-US: ImagoScripts
-CVE-2010-1069
+CVE-2010-1069 (SQL injection vulnerability in games/game.php in ProArcadeScript allow ...)
 	NOT-FOR-US: ProArcadeScript
-CVE-2010-1068
+CVE-2010-1068 (Multiple cross-site scripting (XSS) vulnerabilities in surgeftpmgr.cgi ...)
 	NOT-FOR-US: NetWin SurgeFTP
-CVE-2010-1067
+CVE-2010-1067 (E-membres 1.0 stores sensitive information under the web root with ins ...)
 	NOT-FOR-US: E-membres
-CVE-2010-1066
+CVE-2010-1066 (AR Web Content Manager (AWCM) 2.1 stores sensitive information under t ...)
 	NOT-FOR-US: AR Web Content Manager
-CVE-2010-1065
+CVE-2010-1065 (Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information un ...)
 	NOT-FOR-US: Lebisoft Ziparetci Defteri
-CVE-2010-1064
+CVE-2010-1064 (Erolife AjxGaleri VT stores sensitive information under the web root w ...)
 	NOT-FOR-US: Erolife AjxGaleri VT
-CVE-2010-1063
+CVE-2010-1063 (Multiple directory traversal vulnerabilities in Phpkobo Free Real Esta ...)
 	NOT-FOR-US: Phpkobo Free Real Estate Contact Form
-CVE-2010-1062
+CVE-2010-1062 (Directory traversal vulnerability in codelib/sys/common.inc.php in Php ...)
 	NOT-FOR-US: Phpkobo Free Real Estate Contact Form
-CVE-2010-1061
+CVE-2010-1061 (Multiple directory traversal vulnerabilities in Phpkobo Short URL 1.01 ...)
 	NOT-FOR-US: Phpkbo Short URL
-CVE-2010-1060
+CVE-2010-1060 (Directory traversal vulnerability in staff/app/common.inc.php in Phpko ...)
 	NOT-FOR-US: Phpkobo Short URL
-CVE-2010-1059
+CVE-2010-1059 (Directory traversal vulnerability in staff/app/common.inc.php in Phpko ...)
 	NOT-FOR-US: Phpkobo Address Book Script
-CVE-2010-1058
+CVE-2010-1058 (Directory traversal vulnerability in codelib/cfg/common.inc.php in Php ...)
 	NOT-FOR-US: Phpkobo Adress Book Script
-CVE-2010-1057
+CVE-2010-1057 (Multiple directory traversal vulnerabilities in Phpkobo AdFreely (aka  ...)
 	NOT-FOR-US: Phpkobo AdFreely
-CVE-2010-1056
+CVE-2010-1056 (Directory traversal vulnerability in the RokDownloads (com_rokdownload ...)
 	NOT-FOR-US: com_rokdownloads component for Joomla!
-CVE-2010-1055
+CVE-2010-1055 (Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and ...)
 	NOT-FOR-US: osDate
-CVE-2010-1054
+CVE-2010-1054 (Multiple SQL injection vulnerabilities in ParsCMS allow remote attacke ...)
 	NOT-FOR-US: ParsCMS
-CVE-2010-1053
+CVE-2010-1053 (Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and ea ...)
 	NOT-FOR-US: Zen Time Tracking
-CVE-2010-1052
+CVE-2010-1052 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Au ...)
 	NOT-FOR-US: AudiStat
-CVE-2010-1051
+CVE-2010-1051 (Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 al ...)
 	NOT-FOR-US: AudiStat
-CVE-2010-1050
+CVE-2010-1050 (SQL injection vulnerability in index.php in AudiStat 1.3 allows remote ...)
 	NOT-FOR-US: AudiStat
-CVE-2010-1049
+CVE-2010-1049 (Multiple SQL injection vulnerabilities in Uiga Business Portal allow r ...)
 	NOT-FOR-US: Uiga Business Portal
-CVE-2010-1048
+CVE-2010-1048 (Cross-site scripting (XSS) vulnerability in blog/index.php in Uiga Bus ...)
 	NOT-FOR-US: Uiga Business Portal
-CVE-2010-1047
+CVE-2010-1047 (SQL injection vulnerability in index.php in MASA2EL Music City 1.0 and ...)
 	NOT-FOR-US: MASA2EL Music City
-CVE-2010-1046
+CVE-2010-1046 (Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1  ...)
 	NOT-FOR-US: Rostermain
-CVE-2010-1045
+CVE-2010-1045 (SQL injection vulnerability in the Productbook (com_productbook) compo ...)
 	NOT-FOR-US: com_productbook component for Joomla!
-CVE-2010-1044
+CVE-2010-1044 (SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 al ...)
 	NOT-FOR-US: ManageEngine OpUtils
-CVE-2010-1043
+CVE-2010-1043 (Directory traversal vulnerability in index.php in jaxCMS 1.0 allows re ...)
 	NOT-FOR-US: jaxCMS
-CVE-2010-1042
+CVE-2010-1042 (Microsoft Windows Media Player 11 does not properly perform colorspace ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2010-1041
+CVE-2010-1041 (Unspecified vulnerability in the single sign-on functionality in the W ...)
 	NOT-FOR-US: IBM DB2 Content Manager Toolkit
-CVE-2010-1040
+CVE-2010-1040 (The "IP address range limitation" function in OpenPNE 1.6 through 1.8, ...)
 	NOT-FOR-US: OpenPNE
-CVE-2010-1039
+CVE-2010-1039 (Format string vulnerability in the _msgout function in rpc.pcnfsd in I ...)
 	NOT-FOR-US: HP-UX
-CVE-2010-1038
+CVE-2010-1038 (Unspecified vulnerability in HP System Insight Manager before 6.0 allo ...)
 	NOT-FOR-US: HP System Insight Manager
-CVE-2010-1037
+CVE-2010-1037 (Cross-site request forgery (CSRF) vulnerability in HP System Insight M ...)
 	NOT-FOR-US: HP System Insight Manager
-CVE-2010-1036
+CVE-2010-1036 (Cross-site scripting (XSS) vulnerability in HP System Insight Manager  ...)
 	NOT-FOR-US: hP System Insight Manager
-CVE-2010-1035
+CVE-2010-1035 (Multiple unspecified vulnerabilities in HP Virtual Machine Manager (VM ...)
 	NOT-FOR-US: HP Virtual Machine Manager
-CVE-2010-1034
+CVE-2010-1034 (Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 b ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2010-1033
+CVE-2010-1033 (Multiple stack-based buffer overflows in a certain Tetradyne ActiveX c ...)
 	NOT-FOR-US: HP Operations Manager
-CVE-2010-1032
+CVE-2010-1032 (Unspecified vulnerability in HP HP-UX B.11.11 allows local users to ca ...)
 	NOT-FOR-US: HP-UX
-CVE-2010-1031
+CVE-2010-1031 (Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linu ...)
 	NOT-FOR-US: HP Insight Control
-CVE-2010-1030
+CVE-2010-1030 (Unspecified vulnerability in HP-UX B.11.31, with AudFilter rules enabl ...)
 	NOT-FOR-US: HP-UX
-CVE-2010-1029
+CVE-2010-1029 (Stack consumption vulnerability in the WebCore::CSSSelector function i ...)
 	- webkit <not-affected> (proof-of-concept not effective)
 	- chromium-browser 5.0.375.29~r46008-1
-CVE-2010-1027
+CVE-2010-1027 (SQL injection vulnerability in the Meet Travelmates (travelmate) exten ...)
 	NOT-FOR-US: travelmate extension for typo3
-CVE-2010-1026
+CVE-2010-1026 (SQL injection vulnerability in the CleanDB - DBAL (tmsw_cleandb) exten ...)
 	NOT-FOR-US: tmsw_cleandb extension for typo3
-CVE-2010-1025
+CVE-2010-1025 (Cross-site scripting (XSS) vulnerability in the TGM-Newsletter (tgm_ne ...)
 	NOT-FOR-US: tgm_newsletter extension for typo3
-CVE-2010-1024
+CVE-2010-1024 (SQL injection vulnerability in the TGM-Newsletter (tgm_newsletter) ext ...)
 	NOT-FOR-US: tgm_newsletter extension for typo3
-CVE-2010-1023
+CVE-2010-1023 (Cross-site scripting (XSS) vulnerability in the UserTask Center, Recen ...)
 	NOT-FOR-US: taskcenter_recent extension for typo3
-CVE-2010-1022
+CVE-2010-1022 (The TYPO3 Security - Salted user password hashes (t3sec_saltedpw) exte ...)
 	NOT-FOR-US: t3sec_saltedpw extension for typo3
-CVE-2010-1021
+CVE-2010-1021 (Cross-site scripting (XSS) vulnerability in the Typo3 Quixplorer (t3qu ...)
 	NOT-FOR-US: t3quixplorer extension for typo3
-CVE-2010-1020
+CVE-2010-1020 (Cross-site scripting (XSS) vulnerability in the Simple Gallery (sk_sim ...)
 	NOT-FOR-US: sk_simplegallery extension for typo3
-CVE-2010-1019
+CVE-2010-1019 (SQL injection vulnerability in the Simple Gallery (sk_simplegallery) e ...)
 	NOT-FOR-US: sk_simplegallery extension for typo3
-CVE-2010-1018
+CVE-2010-1018 (SQL injection vulnerability in the Book Reviews (sk_bookreview) extens ...)
 	NOT-FOR-US: sk_bookreview extension for typo3
-CVE-2010-1017
+CVE-2010-1017 (SQL injection vulnerability in the SAV Filter Months (sav_filter_month ...)
 	NOT-FOR-US: sav_filter_months extension for typo3
-CVE-2010-1016
+CVE-2010-1016 (SQL injection vulnerability in the SAV Filter Selectors (sav_filter_se ...)
 	NOT-FOR-US: sav_filter_selectors extension for typo3
-CVE-2010-1015
+CVE-2010-1015 (SQL injection vulnerability in the SAV Filter Alphabetic (sav_filter_a ...)
 	NOT-FOR-US: sav_filter_abc extension for typo3
-CVE-2010-1014
+CVE-2010-1014 (Cross-site scripting (XSS) vulnerability in the Reports Logfile View ( ...)
 	NOT-FOR-US: reports_logview extension for typo3
-CVE-2010-1013
+CVE-2010-1013 (SQL injection vulnerability in the Diocese of Portsmouth Database (pd_ ...)
 	NOT-FOR-US: pd_diocesedatabase extension for typo3
-CVE-2010-1012
+CVE-2010-1012 (SQL injection vulnerability in the CleanDB (nf_cleandb) extension 1.0. ...)
 	NOT-FOR-US: nf_cleandb extension for typo3
-CVE-2010-1011
+CVE-2010-1011 (Cross-site scripting (XSS) vulnerability in the myDashboard (mydashboa ...)
 	NOT-FOR-US: mydashboard extension for typo3
-CVE-2010-1010
+CVE-2010-1010 (SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) ext ...)
 	NOT-FOR-US: mk_wastebasket extension for typo3
-CVE-2010-1009
+CVE-2010-1009 (SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3  ...)
 	NOT-FOR-US: educator extension for typo3
-CVE-2010-1008
+CVE-2010-1008 (Cross-site scripting (XSS) vulnerability in the Sellector.com Widget I ...)
 	NOT-FOR-US: chsellector extension for typo3
-CVE-2010-1007
+CVE-2010-1007 (Unspecified vulnerability in the Power Extension Manager (ch_lightem)  ...)
 	NOT-FOR-US: ch_lightem extension for typo3
-CVE-2010-1006
+CVE-2010-1006 (SQL injection vulnerability in the Brainstorming extension 0.1.8 and e ...)
 	NOT-FOR-US: brainstorming extension for typo3
-CVE-2010-1005
+CVE-2010-1005 (Cross-site scripting (XSS) vulnerability in the Yet another TYPO3 sear ...)
 	NOT-FOR-US: yatse extension for typo3
-CVE-2010-1004
+CVE-2010-1004 (SQL injection vulnerability in the Yet another TYPO3 search engine (YA ...)
 	NOT-FOR-US: yatse extension for typo3
 CVE-2010-XXXX [phpCAS XSS in final_uri; PHPCAS-52]
 	- libphp-cas <itp> (bug #495542)
 	- glpi 0.72.4-2 (bug #574760; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	NOTE: http://www.ja-sig.org/issues/browse/PHPCAS-52
-CVE-2010-1028
+CVE-2010-1028 (Integer overflow in the decompression functionality in the Web Open Fo ...)
 	- xulrunner <not-affected> (vulnerability introduced in firefox 3.6)
 	- iceape <not-affected> (Vulnerable code not present)
 	- calibre 2.38.0+dfsg-1 (bug #787085)
@@ -11141,93 +11141,93 @@ CVE-2010-XXXX [Escape href attribute in auto links]
 	- redmine 0.9.3-3
 CVE-2010-XXXX [Fixes permission check in QueriesController]
 	- redmine 0.9.3-3
-CVE-2010-1003
+CVE-2010-1003 (Directory traversal vulnerability in www/editor/tiny_mce/langs/languag ...)
 	NOT-FOR-US: eFront-learning
 CVE-2010-1002
 	RESERVED
 CVE-2010-1001
 	RESERVED
-CVE-2010-1000
+CVE-2010-1000 (Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4. ...)
 	- kdenetwork 4:4.4.3-2
 	[lenny] - kdenetwork <not-affected> (Metalink plugin not yet present)
 	NOTE: http://seclists.org/fulldisclosure/2010/May/165
-CVE-2010-0999
+CVE-2010-0999 (Directory traversal vulnerability in Free Download Manager (FDM) befor ...)
 	NOT-FOR-US: Free Download Manager
-CVE-2010-0998
+CVE-2010-0998 (Multiple stack-based buffer overflows in Free Download Manager (FDM) b ...)
 	NOT-FOR-US: Free Download Manager
-CVE-2010-0997
+CVE-2010-0997 (Cross-site scripting (XSS) vulnerability in 107_plugins/content/conten ...)
 	NOT-FOR-US: e107
-CVE-2010-0996
+CVE-2010-0996 (Unrestricted file upload vulnerability in e107 before 0.7.20 allows re ...)
 	NOT-FOR-US: e107
-CVE-2010-0995
+CVE-2010-0995 (Stack-based buffer overflow in Internet Download Manager (IDM) before  ...)
 	NOT-FOR-US: Internet Download Manager
-CVE-2010-0994
+CVE-2010-0994 (Multiple buffer overflows in src/vl/vlDAT.cpp in Visualization Library ...)
 	NOT-FOR-US: Visualization Library
-CVE-2010-0993
+CVE-2010-0993 (Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.2 and 1. ...)
 	NOT-FOR-US: Pulse CMS Basic
-CVE-2010-0992
+CVE-2010-0992 (Multiple cross-site request forgery (CSRF) vulnerabilities in Pulse CM ...)
 	NOT-FOR-US: Pulse CMS Basic
-CVE-2010-0991
+CVE-2010-0991 (Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dep ...)
 	- imlib2 <not-affected> (vulnerable code introduced in 1.4.3)
-CVE-2010-0990
+CVE-2010-0990 (Stack-based buffer overflow in Creative Software AutoUpdate Engine Act ...)
 	NOT-FOR-US: Creative Software AutoUpdate
-CVE-2010-0989
+CVE-2010-0989 (Directory traversal vulnerability in delete.php in Pulse CMS before 1. ...)
 	NOT-FOR-US: Pulse CMS
-CVE-2010-0988
+CVE-2010-0988 (Multiple unspecified vulnerabilities in Pulse CMS before 1.2.3 allow ( ...)
 	NOT-FOR-US: Pulse CMS
-CVE-2010-0987
+CVE-2010-0987 (Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-0986
+CVE-2010-0986 (Adobe Shockwave Player before 11.5.7.609 does not properly process ass ...)
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-XXXX [dojo can be used as a redirector]
 	- dojo 1.4.2+dfsg-1 (low)
 	NOTE: http://web.archive.org/web/20101029020014/http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory/
 	NOTE: http://bugs.dojotoolkit.org/ticket/10773
-CVE-2010-0985
+CVE-2010-0985 (Directory traversal vulnerability in the Abbreviations Manager (com_ab ...)
 	NOT-FOR-US: com_abbrev component for Joomla!
-CVE-2010-0984
+CVE-2010-0984 (Acidcat CMS 3.5.3 and earlier stores sensitive information under the w ...)
 	NOT-FOR-US: Acidcat CMS
-CVE-2010-0983
+CVE-2010-0983 (PHP remote file inclusion vulnerability in include/mail.inc.php in Rez ...)
 	NOT-FOR-US: Rezervi
-CVE-2010-0982
+CVE-2010-0982 (Directory traversal vulnerability in the CARTwebERP (com_cartweberp) c ...)
 	NOT-FOR-US: com_cartweberp component for Joomla!
-CVE-2010-0981
+CVE-2010-0981 (SQL injection vulnerability in the TPJobs (com_tpjobs) component for J ...)
 	NOT-FOR-US: com_tpjobs component for Joomla!
-CVE-2010-0980
+CVE-2010-0980 (SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats 1 ...)
 	NOT-FOR-US: Left 4 Dead Stats
-CVE-2010-0979
+CVE-2010-0979 (Cross-site scripting (XSS) vulnerability in display.php in Obsession-D ...)
 	NOT-FOR-US: Obsession-Design Image-Gallery
-CVE-2010-0978
+CVE-2010-0978 (KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under th ...)
 	NOT-FOR-US: KMSoft Guestbook
-CVE-2010-0977
+CVE-2010-0977 (PD PORTAL 4.0 stores sensitive information under the web root with ins ...)
 	NOT-FOR-US: PD PORTAL
-CVE-2010-0976
+CVE-2010-0976 (Acidcat CMS 3.5.x does not prevent access to install.asp after install ...)
 	NOT-FOR-US: Acidcat CMS
-CVE-2010-0975
+CVE-2010-0975 (PHP remote file inclusion vulnerability in external.php in PHPCityPort ...)
 	NOT-FOR-US: PHPCityPortal
-CVE-2010-0974
+CVE-2010-0974 (Multiple SQL injection vulnerabilities in PHPCityPortal allow remote a ...)
 	NOT-FOR-US: PHPCityPortal
-CVE-2010-0973
+CVE-2010-0973 (SQL injection vulnerability in index.php in phppool media Domain Verka ...)
 	NOT-FOR-US: phppool Media Domain Verkaus and Auktions Portal
-CVE-2010-0972
+CVE-2010-0972 (Directory traversal vulnerability in the GCalendar (com_gcalendar) com ...)
 	NOT-FOR-US: com_gcalendar component for Joomla!
-CVE-2010-0971
+CVE-2010-0971 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 al ...)
 	NOT-FOR-US: ATutor CMS
-CVE-2010-0970
+CVE-2010-0970 (SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows r ...)
 	NOT-FOR-US: PhpMyLogon
-CVE-2010-0968
+CVE-2010-0968 (SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 a ...)
 	NOT-FOR-US: Geekhelps ADMP
-CVE-2010-0967
+CVE-2010-0967 (Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, w ...)
 	NOT-FOR-US: Geekhelps ADMP
-CVE-2010-0966
+CVE-2010-0966 (PHP remote file inclusion vulnerability in inc/config.php in deV!L`z C ...)
 	NOT-FOR-US: deV!L`z Clanportal
-CVE-2010-0965
+CVE-2010-0965 (Jevci Siparis Formu Scripti stores sensitive information under the web ...)
 	NOT-FOR-US: Jevci Siparis Formu Scripti
-CVE-2010-0964
+CVE-2010-0964 (SQL injection vulnerability in start.php in Eros Webkatalog allows rem ...)
 	NOT-FOR-US: Eros Webkatalog
-CVE-2010-0963
+CVE-2010-0963 (Cross-site scripting (XSS) vulnerability in index.php in dl Download T ...)
 	NOT-FOR-US: dl Download Ticket Service
-CVE-2010-1195
+CVE-2010-1195 (Cross-site scripting (XSS) vulnerability in the htmlscrubber component ...)
 	{DSA-2020-1}
 	- ikiwiki 3.20100312 (low)
 CVE-2010-0747 [linux-2.6 drbd connector issue]
@@ -11236,353 +11236,353 @@ CVE-2010-0747 [linux-2.6 drbd connector issue]
 	- linux-2.6 <not-affected> (drbd introduced for the first time in 2.6.32-12, which included the fix for this issue, so no supported debian kernel was ever affected)
 	- drbd8 2:8.3.7-1
 	[lenny] - drbd8 2:8.0.14-2+lenny1
-CVE-2010-0969
+CVE-2010-0969 (Unbound before 1.4.3 does not properly align structures on 64-bit plat ...)
 	- unbound 1.4.3-1
 	[lenny] - unbound <not-affected> (Vulnerable code not present)
 CVE-2010-XXXX [moin: hierarchical ACLs security issue]
 	- moin 1.8.4-1 (low)
 	[lenny] - moin 1.7.1-3+lenny3
 	NOTE: http://hg.moinmo.in/moin/1.8/rev/897cdbe9e8f2
-CVE-2010-0962
+CVE-2010-0962 (The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Ti ...)
 	NOT-FOR-US: Apple
-CVE-2010-0961
+CVE-2010-0961 (Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VI ...)
 	NOT-FOR-US: IBM AIX and VIOS
-CVE-2010-0960
+CVE-2010-0960 (Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and VIO ...)
 	NOT-FOR-US: IBM AIX and VIOS
-CVE-2010-0959
+CVE-2010-0959 (Cross-site scripting (XSS) vulnerability in WebEditor/Authentication/L ...)
 	NOT-FOR-US: IBM ENOVIA SmarTeam
-CVE-2010-0958
+CVE-2010-0958 (Directory traversal vulnerability in modules/hayoo/index.php in Tribis ...)
 	NOT-FOR-US: Tribisur
-CVE-2010-0957
+CVE-2010-0957 (Directory traversal vulnerability in content.php in Saskia's Shopsyste ...)
 	NOT-FOR-US: Saskia's Shopsystem
-CVE-2010-0956
+CVE-2010-0956 (SQL injection vulnerability in index.php in OpenCart 1.3.2 allows remo ...)
 	NOT-FOR-US: OpenCart
-CVE-2010-0955
+CVE-2010-0955 (SQL injection vulnerability in index.php in Bild Flirt Community 2.0 a ...)
 	NOT-FOR-US: Bild Flirt Community
-CVE-2010-0954
+CVE-2010-0954 (SQL injection vulnerability in search_result.asp in Pre Projects Pre E ...)
 	NOT-FOR-US: Pre Projects Pre E-Learning Portal
-CVE-2010-0953
+CVE-2010-0953 (Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows r ...)
 	NOT-FOR-US: phpCOIN
-CVE-2010-0952
+CVE-2010-0952 (SQL injection vulnerability in index.php in OneCMS 2.5, when magic_quo ...)
 	NOT-FOR-US: OneCMS
-CVE-2010-0951
+CVE-2010-0951 (SQL injection vulnerability in go_target.php in dev4u CMS allows remot ...)
 	NOT-FOR-US: dev4u CMS
-CVE-2010-0950
+CVE-2010-0950 (Multiple SQL injection vulnerabilities in Natychmiast CMS allow remote ...)
 	NOT-FOR-US: Natychmiast CMS
-CVE-2010-0949
+CVE-2010-0949 (Multiple cross-site scripting (XSS) vulnerabilities in Natychmiast CMS ...)
 	NOT-FOR-US: Natychmiast CMS
-CVE-2010-0948
+CVE-2010-0948 (SQL injection vulnerability in profil.php in Bigforum 4.5, when magic_ ...)
 	NOT-FOR-US: Bigforum
-CVE-2010-0947
+CVE-2010-0947 (Cross-site scripting (XSS) vulnerability in post.aspx in Max Network T ...)
 	NOT-FOR-US: BBSMAX
-CVE-2010-1132
+CVE-2010-1132 (The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter ...)
 	{DSA-2021-2 DSA-2021-1}
 	- spamass-milter 0.3.1-9 (bug #573228)
 	[lenny] - spamass-milter 0.3.1-8+lenny1
-CVE-2010-1189
+CVE-2010-1189 (MediaWiki before 1.15.2 does not prevent wiki editors from linking to  ...)
 	{DSA-2022-1}
 	- mediawiki 1:1.15.2-1 (low)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
 	[lenny] - mediawiki 1:1.12.0-2lenny4
-CVE-2010-1190
+CVE-2010-1190 (thumb.php in MediaWiki before 1.15.2, when used with access-restrictio ...)
 	{DSA-2022-1}
 	- mediawiki 1:1.15.2-1 (low)
 	[lenny] - mediawiki 1:1.12.0-2lenny4
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
-CVE-2010-0946
+CVE-2010-0946 (SQL injection vulnerability in the Keep It Simple Stupid (KISS) Softwa ...)
 	NOT-FOR-US: com_ksadvertiser component for Joomla!
-CVE-2010-0945
+CVE-2010-0945 (SQL injection vulnerability in the HotBrackets Tournament Brackets (co ...)
 	NOT-FOR-US: com_hotbrackets component for Joomla!
-CVE-2010-0944
+CVE-2010-0944 (Directory traversal vulnerability in the JCollection (com_jcollection) ...)
 	NOT-FOR-US: com_jcollection component for Joomla!
-CVE-2010-0943
+CVE-2010-0943 (Directory traversal vulnerability in the JA Showcase (com_jashowcase)  ...)
 	NOT-FOR-US: com_jashowcase component for Joomla!
-CVE-2010-0942
+CVE-2010-0942 (Directory traversal vulnerability in the jVideoDirect (com_jvideodirec ...)
 	NOT-FOR-US: com_jvideodirect component for Joomla!
-CVE-2010-0941
+CVE-2010-0941 (Multiple cross-site scripting (XSS) vulnerabilities in eTek Systems Hi ...)
 	NOT-FOR-US: eTek Systems Hit Counter
-CVE-2010-0940
+CVE-2010-0940 (Cross-site scripting (XSS) vulnerability in guestbook.php in Simple PH ...)
 	NOT-FOR-US: Simple PHP Guestbook
-CVE-2010-0939
+CVE-2010-0939 (Visialis ABB Forum 1.1 stores sensitive information under the web root ...)
 	NOT-FOR-US: Visialis ABB Forum
-CVE-2010-0938
+CVE-2010-0938 (Cross-site scripting (XSS) vulnerability in todooforum.php in Todoo Fo ...)
 	NOT-FOR-US: Todoo Forum
-CVE-2010-0937
+CVE-2010-0937 (Multiple unspecified vulnerabilities in Visualization Library before 2 ...)
 	NOT-FOR-US: Visualization Library
-CVE-2010-0936
+CVE-2010-0936 (Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKV ...)
 	NOT-FOR-US: D-LINK firmware
 CVE-2010-XXXX [phpbb 3.0.7 permissions bypass]
 	- phpbb3 3.0.7-PL1
 	[lenny] - phpbb3 <not-affected> (older version is in the archive)
 	[squeeze] - phpbb3 <not-affected> (older version is in the archive)
 	NOTE: http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195
-CVE-2010-0928
+CVE-2010-0928 (OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex- ...)
 	- openssl <unfixed> (unimportant)
 	NOTE: http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf
 	NOTE: somewhat impractical right now, but the openssl developers are working
 	NOTE: on a fix just in case
-CVE-2010-0926
+CVE-2010-0926 (The default configuration of smbd in Samba before 3.3.11, 3.4.x before ...)
 	- samba 2:3.4.6~dfsg-1 (low; bug #568493; bug #572953)
 	[lenny] - samba <no-dsa> (Minor issue, patch breaks existing behaviour, can be fixed through configuration modifications)
-CVE-2010-0935
+CVE-2010-0935 (Perforce Server 2009.2 and earlier, when the protection table is empty ...)
 	NOT-FOR-US: Perforce Server
-CVE-2010-0934
+CVE-2010-0934 (The triggers functionality in Perforce Server 2008.1 allows remote aut ...)
 	NOT-FOR-US: Perforce Server
-CVE-2010-0933
+CVE-2010-0933 (Directory traversal vulnerability in Perforce Server 2008.1 allows rem ...)
 	NOT-FOR-US: Perforce Server
-CVE-2010-0932
+CVE-2010-0932 (The FTP server in Perforce Server 2008.1 allows remote attackers to ca ...)
 	NOT-FOR-US: Perforce Server
-CVE-2010-0931
+CVE-2010-0931 (The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote ...)
 	NOT-FOR-US: Perforce Server
-CVE-2010-0930
+CVE-2010-0930 (The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote ...)
 	NOT-FOR-US: Perforce Server
-CVE-2010-0929
+CVE-2010-0929 (The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote ...)
 	NOT-FOR-US: Perforce Server
-CVE-2010-0927
+CVE-2010-0927 (Cross-site scripting (XSS) vulnerability in help/readme.nsf/Header in  ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2010-0925
+CVE-2010-0925 (cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2010-0924
+CVE-2010-0924 (cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2010-0923
+CVE-2010-0923 (Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner loc ...)
 	- kdebase 4:4.4.2-1
 	[lenny] - kdebase <not-affected> (Only affected version 4.4.0)
 	- kdebase-workspace 4:4.4.2-1
-CVE-2010-0922
+CVE-2010-0922 (Unspecified vulnerability in secldapclntd in IBM AIX 5.3 with SP 5300- ...)
 	NOT-FOR-US: IBM AIX
-CVE-2010-0921
+CVE-2010-0921 (Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (a ...)
 	NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
-CVE-2010-0920
+CVE-2010-0920 (Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domi ...)
 	NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
-CVE-2010-0919
+CVE-2010-0919 (Stack-based buffer overflow in the Lotus Domino Web Access ActiveX con ...)
 	NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
-CVE-2010-0918
+CVE-2010-0918 (Multiple unspecified vulnerabilities in the UltraLite functionality in ...)
 	NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
-CVE-2010-0917
+CVE-2010-0917 (Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0916
+CVE-2010-0916 (Unspecified vulnerability in Oracle OpenSolaris 10 allows local users  ...)
 	NOT-FOR-US: Solaris
-CVE-2010-0915
+CVE-2010-0915 (Unspecified vulnerability in the Oracle Advanced Product Catalog compo ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0914
+CVE-2010-0914 (Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote  ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0913
+CVE-2010-0913 (Unspecified vulnerability in the Oracle Applications Manager component ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0912
+CVE-2010-0912 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0911
+CVE-2010-0911 (Unspecified vulnerability in the Listener component in Oracle Database ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0910
+CVE-2010-0910 (Unspecified vulnerability in the Data Server component in Oracle Times ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0909
+CVE-2010-0909 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0908
+CVE-2010-0908 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0907
+CVE-2010-0907 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remo ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0906
+CVE-2010-0906 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remo ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0905
+CVE-2010-0905 (Unspecified vulnerability in the Oracle Applications Manager component ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0904
+CVE-2010-0904 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remo ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0903
+CVE-2010-0903 (Unspecified vulnerability in the Net Foundation Layer component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0902
+CVE-2010-0902 (Unspecified vulnerability in the Oracle OLAP component in Oracle Datab ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0901
+CVE-2010-0901 (Unspecified vulnerability in the Export component in Oracle Database S ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0900
+CVE-2010-0900 (Unspecified vulnerability in the Network Layer component in Oracle Dat ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0899
+CVE-2010-0899 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remo ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0898
+CVE-2010-0898 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remo ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0897
+CVE-2010-0897 (Unspecified vulnerability in the Sun Java System Directory Server comp ...)
 	NOT-FOR-US: Sun Java System Directory Server
-CVE-2010-0896
+CVE-2010-0896 (Unspecified vulnerability in the Sun Convergence component in Oracle S ...)
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0895
+CVE-2010-0895 (Unspecified vulnerability in the Solaris component in Oracle Sun Produ ...)
 	NOT-FOR-US: OpenSolaris
-CVE-2010-0894
+CVE-2010-0894 (Unspecified vulnerability in the Sun Java System Access Manager compon ...)
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0893
+CVE-2010-0893 (Unspecified vulnerability in the Sun Convergence component in Oracle S ...)
 	NOT-FOR-US: Oracle sun Product Suite
-CVE-2010-0892
+CVE-2010-0892 (Unspecified vulnerability in the Application Express component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0891
+CVE-2010-0891 (Unspecified vulnerability in the Sun Management Center component in Or ...)
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0890
+CVE-2010-0890 (Unspecified vulnerability in the Solaris component in Oracle Sun Produ ...)
 	NOT-FOR-US: OpenSolaris
-CVE-2010-0889
+CVE-2010-0889 (Unspecified vulnerability in the Solaris component in Oracle Sun Produ ...)
 	NOT-FOR-US: OpenSolaris
-CVE-2010-0888
+CVE-2010-0888 (Unspecified vulnerability in the Sun Ray Server Software component in  ...)
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0887
+CVE-2010-0887 (Unspecified vulnerability in the New Java Plug-in component in Oracle  ...)
 	- sun-java6 6.20-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0886
+CVE-2010-0886 (Unspecified vulnerability in the Java Deployment Toolkit component in  ...)
 	- sun-java6 6.20-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0885
+CVE-2010-0885 (Unspecified vulnerability in the Sun Java System Communications Expres ...)
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0884
+CVE-2010-0884 (Unspecified vulnerability in the Sun Cluster component in Oracle Sun P ...)
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0883
+CVE-2010-0883 (Unspecified vulnerability in the Sun Cluster component in Oracle Sun P ...)
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0882
+CVE-2010-0882 (Unspecified vulnerability in the Solaris component in Oracle Sun Produ ...)
 	NOT-FOR-US: Oracle Sun Product Suite
-CVE-2010-0881
+CVE-2010-0881 (Unspecified vulnerability in the User Interface Components in Oracle C ...)
 	NOT-FOR-US: Oracle Collaboration Suite
-CVE-2010-0880
+CVE-2010-0880 (Unspecified vulnerability in the PeopleTools component in Oracle Peopl ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2010-0879
+CVE-2010-0879 (Unspecified vulnerability in the PeopleTools component in Oracle Peopl ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2010-0878
+CVE-2010-0878 (Unspecified vulnerability in the PeopleTools component in Oracle Peopl ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2010-0877
+CVE-2010-0877 (Unspecified vulnerability in the PeopleTools component in Oracle Peopl ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2010-0876
+CVE-2010-0876 (Unspecified vulnerability in the Life Sciences - Oracle Clinical Remot ...)
 	NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0875
+CVE-2010-0875 (Unspecified vulnerability in the Life Sciences - Oracle Thesaurus Mana ...)
 	NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0874
+CVE-2010-0874 (Unspecified vulnerability in the Communications - Oracle Communication ...)
 	NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0873
+CVE-2010-0873 (Unspecified vulnerability in the Data Server component in Oracle Times ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0872
+CVE-2010-0872 (Unspecified vulnerability in the Oracle Internet Directory component i ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-0871
+CVE-2010-0871 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0870
+CVE-2010-0870 (Unspecified vulnerability in the Change Data Capture component in Orac ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-0869
+CVE-2010-0869 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0868
+CVE-2010-0868 (Unspecified vulnerability in the Oracle iStore component in Oracle E-B ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0867
+CVE-2010-0867 (Unspecified vulnerability in the JavaVM component in Oracle Database 1 ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-0866
+CVE-2010-0866 (Unspecified vulnerability in the JavaVM component in Oracle Database 1 ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-0865
+CVE-2010-0865 (Unspecified vulnerability in the Oracle Agile Engineering Data Managem ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0864
+CVE-2010-0864 (Unspecified vulnerability in the Retail - Oracle Retail Place In-Seaso ...)
 	NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0863
+CVE-2010-0863 (Unspecified vulnerability in the Retail - Oracle Retail Plan In-Season ...)
 	NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0862
+CVE-2010-0862 (Unspecified vulnerability in the Retail - Oracle Retail Markdown Optim ...)
 	NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0861
+CVE-2010-0861 (Unspecified vulnerability in the Oracle HRMS (Self Service) component  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0860
+CVE-2010-0860 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-0859
+CVE-2010-0859 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0858
+CVE-2010-0858 (Unspecified vulnerability in the E-Business Intelligence component in  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0857
+CVE-2010-0857 (Unspecified vulnerability in the Oracle Workflow Cartridge component i ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0856
+CVE-2010-0856 (Unspecified vulnerability in the Portal component in Oracle Fusion Mid ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-0855
+CVE-2010-0855 (Unspecified vulnerability in the Portal component in Oracle Fusion Mid ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-0854
+CVE-2010-0854 (Unspecified vulnerability in the Audit component in Oracle Database 9. ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-0853
+CVE-2010-0853 (Unspecified vulnerability in the Oracle Internet Directory component i ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-0852
+CVE-2010-0852 (Unspecified vulnerability in the XML DB component in Oracle Database 9 ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-0851
+CVE-2010-0851 (Unspecified vulnerability in the XML DB component in Oracle Database 9 ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-0850
+CVE-2010-0850 (Unspecified vulnerability in the Java 2D component in Oracle Java SE a ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0849
+CVE-2010-0849 (Unspecified vulnerability in the Java 2D component in Oracle Java SE a ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0848
+CVE-2010-0848 (Unspecified vulnerability in the Java 2D component in Oracle Java SE a ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0847
+CVE-2010-0847 (Unspecified vulnerability in the Java 2D component in Oracle Java SE a ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0846
+CVE-2010-0846 (Unspecified vulnerability in the ImageIO component in Oracle Java SE a ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0845
+CVE-2010-0845 (Unspecified vulnerability in the HotSpot Server component in Oracle Ja ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0844
+CVE-2010-0844 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0843
+CVE-2010-0843 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0842
+CVE-2010-0842 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0841
+CVE-2010-0841 (Unspecified vulnerability in the ImageIO component in Oracle Java SE a ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0840
+CVE-2010-0840 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0839
+CVE-2010-0839 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0838
+CVE-2010-0838 (Unspecified vulnerability in the Java 2D component in Oracle Java SE a ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0837
+CVE-2010-0837 (Unspecified vulnerability in the Pack200 component in Oracle Java SE a ...)
 	- openjdk-6 6b20~pre1-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0836
+CVE-2010-0836 (Unspecified vulnerability in the Oracle Knowledge Management component ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0835
+CVE-2010-0835 (Unspecified vulnerability in the Wireless component in Oracle Fusion M ...)
 	NOT-FOR-US: Oracle
-CVE-2010-0834
+CVE-2010-0834 (The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before ...)
 	- base-files <not-affected> (ubuntu-specific fix for their default OEM configuration on the Dell Latitude 2110, which permitted installation of unsigned packages)
-CVE-2010-0833
+CVE-2010-0833 (The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8 ...)
 	NOT-FOR-US: Likewise
-CVE-2010-0832
+CVE-2010-0832 (pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1 ...)
 	- pam <not-affected> (flaw in ubuntu-specific changes to the package)
-CVE-2010-0831
+CVE-2010-0831 (Directory traversal vulnerability in the extract_jar function in jarto ...)
 	- fastjar 2:0.98-3 (low)
 	[lenny] - fastjar <no-dsa> (Minor issue)
-CVE-2010-0830
+CVE-2010-0830 (Integer signedness error in the elf_get_dynamic_info function in elf/d ...)
 	{DSA-2058-1}
 	- glibc 2.11-1
 	- eglibc 2.11-1
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commit;h=db07e962b6ea963dbb345439f6ab9b0cf74d87c5
-CVE-2010-0829
+CVE-2010-0829 (Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTe ...)
 	{DSA-2048-1}
 	- dvipng 1.13-1 (low; bug #580628)
 	- texlive-bin <not-affected> (dvipng is not shipped in texlive-bin Debian packages)
-CVE-2010-0828
+CVE-2010-0828 (Cross-site scripting (XSS) vulnerability in action/Despam.py in the De ...)
 	{DSA-2024-1}
 	- moin 1.9.2-3 (low; bug #575995)
-CVE-2010-0827
+CVE-2010-0827 (Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, all ...)
 	- texlive-bin 2009-6 (low; bug #580669)
 	[lenny] - texlive-bin 2007.dfsg.2-4+lenny3
-CVE-2010-0826
+CVE-2010-0826 (The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss- ...)
 	- libnss-db 2.2.3pre1-3.2 (low; bug #577057)
 	[squeeze] - libnss-db <no-dsa> (Minor issue)
 	[lenny] - libnss-db <no-dsa> (Minor issue)
-CVE-2010-0825
+CVE-2010-0825 (lib-src/movemail.c in movemail in emacs 22 and 23 allows local users t ...)
 	- emacs21 <removed> (low)
 	[lenny] - emacs21 <no-dsa> (Minor issue)
 	NOTE: Only exploitable when configured as setgid mail, which isn't set by default
@@ -11602,11 +11602,11 @@ CVE-2010-2450 [shibboleth-sp2: world-readable key]
 	- shibboleth-sp2 2.3.1+dfsg-2 (low; bug #571631)
 	[lenny] - shibboleth-sp2 <no-dsa> (Minor issue)
 	- shibboleth-sp <not-affected> (Vulnerable code not present)
-CVE-2010-1192
+CVE-2010-1192 (libESMTP, probably 1.0.4 and earlier, does not properly handle a '\0'  ...)
 	- libesmtp 1.0.4-5 (bug #572960)
 	[lenny] - libesmtp <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2010/03/03/6
-CVE-2010-1193
+CVE-2010-1193 (Cross-site scripting (XSS) vulnerability in WebAccess in VMware Server ...)
 	NOT-FOR-US: VMware Server
 CVE-2010-XXXX [argyll unsafe udev rules]
 	- argyll <not-affected> (issue with redhat-specific changes to the package)
@@ -11629,166 +11629,166 @@ CVE-2010-2250 [Installation cross site scripting]
 	- drupal6 6.18-1 (bug #592716)
 CVE-2010-XXXX [linux-ftpd: null ptr dereference]
 	- linux-ftpd <not-affected> (Performs proper length checks, see #572813)
-CVE-2010-0824
+CVE-2010-0824 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Offic ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0823
+CVE-2010-0823 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0822
+CVE-2010-0822 (Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0821
+CVE-2010-0821 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0820
+CVE-2010-0820 (Heap-based buffer overflow in the Local Security Authority Subsystem S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0819
+CVE-2010-0819 (Unspecified vulnerability in the Windows OpenType Compact Font Format  ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0818
+CVE-2010-0818 (The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0817
+CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Micr ...)
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2010-0816
+CVE-2010-0816 (Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, ...)
 	NOT-FOR-US: Microsoft Outlook Express, Windows Live Mail, and Windows Mail
-CVE-2010-0815
+CVE-2010-0815 (VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft O ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0814
+CVE-2010-0814 (The Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-0813
 	REJECTED
-CVE-2010-0812
+CVE-2010-0812 (Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, an ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0811
+CVE-2010-0811 (Multiple unspecified vulnerabilities in the Microsoft Internet Explore ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0810
+CVE-2010-0810 (The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-0809
 	REJECTED
-CVE-2010-0808
+CVE-2010-0808 (Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does not p ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0807
+CVE-2010-0807 (Microsoft Internet Explorer 7 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0806
+CVE-2010-0806 (Use-after-free vulnerability in the Peer Objects component (aka iepeer ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0805
+CVE-2010-0805 (The Tabular Data Control (TDC) ActiveX control in Microsoft Internet E ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0804
+CVE-2010-0804 (Cross-site scripting (XSS) vulnerability in index.php in iBoutique 4.0 ...)
 	NOT-FOR-US: iBoutique
-CVE-2010-0803
+CVE-2010-0803 (SQL injection vulnerability in the jVideoDirect (com_jvideodirect) com ...)
 	NOT-FOR-US: jVideoDirect
-CVE-2010-0802
+CVE-2010-0802 (SQL injection vulnerability in index.php in (nv2) Awards 1.1.0, a modi ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2010-0801
+CVE-2010-0801 (Directory traversal vulnerability in the AutartiTarot (com_autartitaro ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-0800
+CVE-2010-0800 (SQL injection vulnerability in the Ossolution Team Documents Seller (a ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-0799
+CVE-2010-0799 (Directory traversal vulnerability in misc/tell_a_friend/tell.php in ph ...)
 	NOT-FOR-US: phpunity.newsmanager
-CVE-2010-0798
+CVE-2010-0798 (SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier  ...)
 	NOT-FOR-US: T3BLOG extension for TYPO3
-CVE-2010-0797
+CVE-2010-0797 (Cross-site scripting (XSS) vulnerability in the T3BLOG extension 0.6.2 ...)
 	NOT-FOR-US: T3BLOG extension for TYPO3
-CVE-2010-0796
+CVE-2010-0796 (SQL injection vulnerability in the JE Quiz (com_jequizmanagement) comp ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-0795
+CVE-2010-0795 (SQL injection vulnerability in the JE Event Calendars (com_jeeventcale ...)
 	NOT-FOR-US: Joomla!
 CVE-2010-0794
 	RESERVED
-CVE-2010-0793
+CVE-2010-0793 (Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cau ...)
 	{DSA-2049-1}
 	- barnowl 1.5.1-1 (bug #574418)
-CVE-2010-0792
+CVE-2010-0792 (fcrontab in fcron before 3.0.5 allows local users to read arbitrary fi ...)
 	- fcron <removed> (unimportant; bug #572587)
 	NOTE: On Debian runs suid/sgid fcron and the issue is limited to the exposure
 	NOTE: of the content of crontabs
-CVE-2010-0791
+CVE-2010-0791 (The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2. ...)
 	- ncpfs 2.2.6-7 (bug #572937)
 	[lenny] - ncpfs <no-dsa> (Minor issue)
-CVE-2010-0790
+CVE-2010-0790 (sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detaile ...)
 	- ncpfs 2.2.6-7 (bug #572937)
 	[lenny] - ncpfs <no-dsa> (Minor issue)
-CVE-2010-0789
+CVE-2010-0789 (fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local  ...)
 	{DSA-1989-1}
 	- fuse 2.8.1-1.2 (bug #567633)
 	NOTE: Initial DSA released as CVE-2009-3297
-CVE-2010-0788
+CVE-2010-0788 (ncpfs 2.2.6 allows local users to cause a denial of service, obtain se ...)
 	- ncpfs 2.2.6-7 (bug #572937)
 	[lenny] - ncpfs <no-dsa> (Minor issue)
-CVE-2010-0787
+CVE-2010-0787 (client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3 ...)
 	{DSA-2004-1}
 	- samba 2:3.4.5~dfsg-2 (bug #567554)
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=6853
 	NOTE: Initial DSA released as CVE-2009-3297
-CVE-2010-0786
+CVE-2010-0786 (The Web Services Security component in IBM WebSphere Application Serve ...)
 	NOT-FOR-US: IBM WebSphere Application
-CVE-2010-0785
+CVE-2010-0785 (Cross-site request forgery (CSRF) vulnerability in the Administrative  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0784
+CVE-2010-0784 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0783
+CVE-2010-0783 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0782
+CVE-2010-0782 (IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows rem ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-0781
+CVE-2010-0781 (Unspecified vulnerability in the administrative console in IBM WebSphe ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0780
+CVE-2010-0780 (IBM WebSphere MQ 7.x before 7.0.1.4 allows remote attackers to cause a ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-0779
+CVE-2010-0779 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-0778
+CVE-2010-0778 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2010-0777
+CVE-2010-0777 (The Web Container in IBM WebSphere Application Server (WAS) 6.0 before ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0776
+CVE-2010-0776 (The Web Container in IBM WebSphere Application Server (WAS) 6.0 before ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0775
+CVE-2010-0775 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0774
+CVE-2010-0774 (The (1) JAX-RPC WS-Security 1.0 and (2) JAX-WS runtime implementations ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2010-0773
 	RESERVED
-CVE-2010-0772
+CVE-2010-0772 (Unspecified vulnerability in the channel process in IBM WebSphere MQ 7 ...)
 	NOT-FOR-US: IMB WebSphere MQ
 CVE-2010-0771
 	REJECTED
-CVE-2010-0770
+CVE-2010-0770 (IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0769
+CVE-2010-0769 (IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0768
+CVE-2010-0768 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2010-0767
 	RESERVED
-CVE-2010-0766
+CVE-2010-0766 (Integer overflow in the Swap4 function in valet4.dll in Luxology Modo  ...)
 	NOT-FOR-US: Luxology Modo
-CVE-2010-0765
+CVE-2010-0765 (fipsForum 2.6 stores sensitive information under the web root with ins ...)
 	NOT-FOR-US: fipsForum
-CVE-2010-0764
+CVE-2010-0764 (SQL injection vulnerability in index.php in KuwaitPHP eSmile allows re ...)
 	NOT-FOR-US: KuwaitPHP eSmile
-CVE-2010-0763
+CVE-2010-0763 (SQL injection vulnerability in index.php in CommodityRentals Vacation  ...)
 	NOT-FOR-US: ComodityRentals Vacation Rental Software
-CVE-2010-0762
+CVE-2010-0762 (SQL injection vulnerability in index.php in CommodityRentals CD Rental ...)
 	NOT-FOR-US: CommodityRentals CD Rental Software
-CVE-2010-0761
+CVE-2010-0761 (SQL injection vulnerability in index.php in CommodityRentals Books/eBo ...)
 	NOT-FOR-US: CommodityRentals Books/eBooks Rentals Script
-CVE-2010-0760
+CVE-2010-0760 (Multiple directory traversal vulnerabilities in the Core Design Script ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-0759
+CVE-2010-0759 (Directory traversal vulnerability in plugins/system/cdscriptegrator/li ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-0758
+CVE-2010-0758 (SQL injection vulnerability in news_desc.php in Softbiz Jobs allows re ...)
 	NOT-FOR-US: Softbiz Jobs
-CVE-2010-0757
+CVE-2010-0757 (Unrestricted file upload vulnerability in index.php/Attach in WikyBlog ...)
 	NOT-FOR-US: WikyBlog
-CVE-2010-0756
+CVE-2010-0756 (Session fixation vulnerability in WikyBlog 1.7.3 rc2 allows remote att ...)
 	NOT-FOR-US: WikyBlog
-CVE-2010-0755
+CVE-2010-0755 (PHP remote file inclusion vulnerability in include/WBmap.php in WikyBl ...)
 	NOT-FOR-US: WikyBlog
-CVE-2010-0754
+CVE-2010-0754 (Cross-site scripting (XSS) vulnerability in index.php/Special/Main/Tem ...)
 	NOT-FOR-US: WikyBlog
-CVE-2010-0753
+CVE-2010-0753 (SQL injection vulnerability in the SQL Reports (com_sqlreport) compone ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-0752
+CVE-2010-0752 (The week_post_page function in the Weekly Archive by Node Type module  ...)
 	NOT-FOR-US: Weekly Archive by Node Type (Drupal module)
 CVE-2010-1144
 	REJECTED
-CVE-2010-0750
+CVE-2010-0750 (pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users t ...)
 	- policykit-1 <not-affected> (pkexec introduced in 0.92)
 	[lenny] - policykit-1 <not-affected> (pkexec introduced in 0.92)
 CVE-2010-0749
@@ -11798,248 +11798,248 @@ CVE-2010-0748 [transmission magnet links parser buffer overflow]
 	RESERVED
 	- transmission 1.92-1 (medium; bug #574507)
 	[lenny] - transmission <not-affected> (Support for Magnet links not yet available)
-CVE-2010-0746
+CVE-2010-0746 (Directory traversal vulnerability in DeviceKit-disks in DeviceKit, as  ...)
 	- udisks 1.0.0~git20100212.aae17d9-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=523178
 	NOTE: http://cgit.freedesktop.org/DeviceKit/DeviceKit-disks/commit/?id=62f883c7d38e75d0669c162529062a1e81d00da2
 	NOTE: http://bugs.freedesktop.org/show_bug.cgi?id=23235
-CVE-2010-0745
+CVE-2010-0745 (Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote ...)
 	- dovecot 1:1.2.11-1 (low)
 	[lenny] - dovecot <not-affected> (this problem exists only with v1.2.x, not with v1.0 or v1.1)
 	NOTE: http://www.dovecot.org/list/dovecot-news/2010-March/000152.html
 	[etch] - dovecot <not-affected> (Vulnerable code not present)
-CVE-2010-0744
+CVE-2010-0744 (aMSN (aka Alvaro's Messenger) 0.98.3 and earlier, when SSL is used, do ...)
 	- amsn 0.98.3-1 (low; bug #572818)
 	[lenny] - amsn <no-dsa> (Minor issue)
-CVE-2010-0743
+CVE-2010-0743 (Multiple format string vulnerabilities in isns.c in (1) Linux SCSI tar ...)
 	{DSA-2042-1}
 	- iscsitarget 0.4.17+svn229-1.4 (medium; bug #574935)
 	- tgt 1:1.0.3-2 (medium; bug #576086)
-CVE-2010-0742
+CVE-2010-0742 (The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cm ...)
 	- openssl 1.0.0e-1 (unimportant; bug #584592)
 	[lenny] - openssl <not-affected> (CMS is only present in OpenSSL 0.9.8h and later)
 	NOTE: unimportant since cms is disabled by default
-CVE-2010-0741
+CVE-2010-0741 (The virtio_net_bad_features function in hw/virtio-net.c in the virtio- ...)
 	- linux-2.6 2.6.26-1
-CVE-2010-0740
+CVE-2010-0740 (The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through ...)
 	- openssl 0.9.8n-1 (medium; bug #575607)
 	[lenny] - openssl <not-affected> (only 0.9.8m is affected with 16 bit shorts)
 	NOTE: http://www.openssl.org/news/secadv/20100324.txt
-CVE-2010-0739
+CVE-2010-0739 (Integer overflow in the predospecial function in dospecial.c in dvips  ...)
 	- texlive-bin 2009-6 (low; bug #560668)
 	[lenny] - texlive-bin 2007.dfsg.2-4+lenny3
-CVE-2010-0738
+CVE-2010-0738 (The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2010-0737
 	RESERVED
 	NOT-FOR-US: JBoss Operations Network
-CVE-2010-0736
+CVE-2010-0736 (Cross-site scripting (XSS) vulnerability in the view_queryform functio ...)
 	- viewvc 1.1.5-1 (bug #575787)
 CVE-2010-0735
 	REJECTED
-CVE-2010-0734
+CVE-2010-0734 (content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enab ...)
 	{DSA-2023-1}
 	- curl 7.20.0-1 (low)
 	NOTE: http://www.openwall.com/lists/oss-security/2010/03/16/11
 	NOTE: depends on the application that uses libcurl
-CVE-2010-0733
+CVE-2010-0733 (Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4. ...)
 	- postgresql-8.4 8.4.2-1
-CVE-2010-0732
+CVE-2010-0732 (gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver be ...)
 	- gtk+2.0 2.18.5-1
 	[lenny] - gtk+2.0 <not-affected> (issue only exposed by gnome-screensaver 2.28)
 	[etch] - gtk+2.0 <not-affected> (issue only exposed by gnome-screensaver 2.28)
 	NOTE: http://www.openwall.com/lists/oss-security/2010/02/12/1
-CVE-2010-0731
+CVE-2010-0731 (The gnutls_x509_crt_get_serial function in the GnuTLS library before 1 ...)
 	- gnutls26 <not-affected> (Fixed before initial release)
 	- gnutls13 1.2.1-1
-CVE-2010-0730
+CVE-2010-0730 (The MMIO instruction decoder in the Xen hypervisor in the Linux kernel ...)
 	- linux-2.6 <not-affected> (redhat-specific issue in the 2.6.18 xen kernel)
-CVE-2010-0729
+CVE-2010-0729 (A certain Red Hat patch for the Linux kernel in Red Hat Enterprise Lin ...)
 	- linux-2.6 <not-affected> (vulnerability in redhat-specific patch)
-CVE-2010-0728
+CVE-2010-0728 (smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled ...)
 	- samba 2:3.4.7~dfsg-1 (high; bug #573223)
 	[lenny] - samba <not-affected> (Only affects 3.3.11, 3.4.6 and 3.5.0)
-CVE-2010-0727
+CVE-2010-0727 (The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-2010 ...)
 	{DSA-2053-1}
 	- linux-2.6 2.6.32-11
-CVE-2010-0726
+CVE-2010-0726 (Cross-site scripting (XSS) vulnerability in the tb-send.rb (TrackBack  ...)
 	{DSA-2009-1}
 	- tdiary 2.2.1-1.1 (low; bug #572417)
-CVE-2010-0717
+CVE-2010-0717 (The default configuration of cfg.packagepages_actions_excluded in Moin ...)
 	{DSA-2014-1}
 	- moin 1.9.0~rc2-1
-CVE-2010-0725
+CVE-2010-0725 (Cross-site scripting (XSS) vulnerability in showimg.php in Arab Cart 1 ...)
 	NOT-FOR-US: Arab Cart
-CVE-2010-0724
+CVE-2010-0724 (SQL injection vulnerability in showimg.php in Arab Cart 1.0.2.0 allows ...)
 	NOT-FOR-US: Arab Cart
-CVE-2010-0723
+CVE-2010-0723 (SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 al ...)
 	NOT-FOR-US: Ero Auktion
-CVE-2010-0722
+CVE-2010-0722 (SQL injection vulnerability in news.php in Php Auktion Pro allows remo ...)
 	NOT-FOR-US: Php Auktion Pro
-CVE-2010-0721
+CVE-2010-0721 (SQL injection vulnerability in news.php in Auktionshaus Gelb 3.0 allow ...)
 	NOT-FOR-US: Auktionshaus Gelb
-CVE-2010-0720
+CVE-2010-0720 (SQL injection vulnerability in news.php in Erotik Auktionshaus allows  ...)
 	NOT-FOR-US: Erotik Auktionshaus
-CVE-2010-0719
+CVE-2010-0719 (An unspecified API in Microsoft Windows 2000, Windows XP, Windows Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0718
+CVE-2010-0718 (Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0716
+CVE-2010-0716 (_layouts/Upload.aspx in the Documents module in Microsoft SharePoint b ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0715
+CVE-2010-0715 (Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM  ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2010-0714
+CVE-2010-0714 (Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2010-0713
+CVE-2010-0713 (Multiple cross-site request forgery (CSRF) vulnerabilities in Zenoss 2 ...)
 	- zenoss <itp> (bug #361253)
 	NOTE: http://seclists.org/fulldisclosure/2010/Jan/296
-CVE-2010-0712
+CVE-2010-0712 (Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEven ...)
 	- zenoss <itp> (bug #361253)
 	NOTE: http://seclists.org/fulldisclosure/2010/Jan/241
-CVE-2010-0711
+CVE-2010-0711 (Cross-site request forgery (CSRF) vulnerability in default.asp in ASPC ...)
 	NOT-FOR-US: ASPCode CMS
-CVE-2010-0710
+CVE-2010-0710 (SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 ...)
 	NOT-FOR-US: ASPCode CMS
-CVE-2010-0709
+CVE-2010-0709 (Multiple cross-site request forgery (CSRF) vulnerabilities in Limny 2. ...)
 	NOT-FOR-US: Limny
-CVE-2010-0708
+CVE-2010-0708 (Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe ...)
 	NOT-FOR-US: Sun Directory Server Enterprise Edition
-CVE-2010-0707
+CVE-2010-0707 (Cross-site request forgery (CSRF) vulnerability in add_user.php in Emp ...)
 	NOT-FOR-US: Employee Timeclock Software
-CVE-2010-0706
+CVE-2010-0706 (Cross-site scripting (XSS) vulnerability in the login/prompt component ...)
 	NOT-FOR-US: Subex Nikira Fraud Management System
-CVE-2010-0705
+CVE-2010-0705 (Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 ...)
 	NOT-FOR-US: Windows 2000
-CVE-2010-0704
+CVE-2010-0704 (Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2010-0703
+CVE-2010-0703 (Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VP ...)
 	NOT-FOR-US: PortWise SSL VPN
-CVE-2010-0702
+CVE-2010-0702 (SQL injection vulnerability in cisco/services/PhonecDirectory.php in F ...)
 	NOT-FOR-US: Fonality Trixbox
-CVE-2010-0701
+CVE-2010-0701 (SQL injection vulnerability in ForceChangePassword.jsp in Newgen Softw ...)
 	NOT-FOR-US: Newgen Software OmniDocs
-CVE-2010-0700
+CVE-2010-0700 (Cross-site scripting (XSS) vulnerability in index.php in WampServer 2. ...)
 	NOT-FOR-US: WampServer
-CVE-2010-0699
+CVE-2010-0699 (Cross-site scripting (XSS) vulnerability in index.php in VideoSearchSc ...)
 	NOT-FOR-US: VideoSearchScript Pro
-CVE-2010-0698
+CVE-2010-0698 (SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC ...)
 	NOT-FOR-US: Dynamicsoft WSC CMS
-CVE-2010-0697
+CVE-2010-0697 (Cross-site scripting (XSS) vulnerability in the iTweak Upload module 6 ...)
 	NOT-FOR-US: iTweak Upload module for Drupal
-CVE-2010-0696
+CVE-2010-0696 (Directory traversal vulnerability in includes/download.php in the Joom ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-0695
+CVE-2010-0695 (Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-C ...)
 	NOT-FOR-US: BASIC-CMS
-CVE-2010-0694
+CVE-2010-0694 (SQL injection vulnerability in the PerchaGallery (com_perchagallery) c ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-0693
+CVE-2010-0693 (SQL injection vulnerability in products.php in CommodityRentals Trade  ...)
 	NOT-FOR-US: CommodityRentals Trade Manager Script
-CVE-2010-0692
+CVE-2010-0692 (SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Compo ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-0691
+CVE-2010-0691 (SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows r ...)
 	NOT-FOR-US: JTL-Shop
-CVE-2010-0690
+CVE-2010-0690 (SQL injection vulnerability in index.php in CommodityRentals Video Gam ...)
 	NOT-FOR-US: CommodityRentals Video Games Rentals
-CVE-2010-0689
+CVE-2010-0689 (The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0 ...)
 	NOT-FOR-US: ActiveX
-CVE-2010-0688
+CVE-2010-0688 (Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assiste ...)
 	NOT-FOR-US: Orbital Viewer
 CVE-2010-0687
 	RESERVED
-CVE-2010-0686
+CVE-2010-0686 (WebAccess in VMware VirtualCenter 2.0.2 and 2.5, VMware Server 2.0, an ...)
 	NOT-FOR-US: VMware Server
-CVE-2010-0685
+CVE-2010-0685 (The design of the dialplan functionality in Asterisk Open Source 1.2.x ...)
 	- asterisk 1:1.6.2.6-1
 	NOTE: Design limitation documented in that version
 	[lenny] - asterisk <no-dsa> (Unfixable design issue, best practice docs need to be followed)
 	[squeeze] - asterisk <no-dsa> (Unfixable design issue, best practice docs need to be followed)
-CVE-2010-0684
+CVE-2010-0684 (Cross-site scripting (XSS) vulnerability in createDestination.action i ...)
 	NOT-FOR-US: Apache ActiveMQ
-CVE-2010-0683
+CVE-2010-0683 (Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator ...)
 	NOT-FOR-US: TIBCO Administrator
-CVE-2010-0682
+CVE-2010-0682 (WordPress 2.9 before 2.9.2 allows remote authenticated users to read t ...)
 	- wordpress 2.9.2-1 (low)
 	[lenny] - wordpress <not-affected> (Only affects Wordpress >= 2.9)
 CVE-2010-XXXX [multiple typo issues]
 	- typo3-src 4.3.2-1 (bug #571151)
 	[lenny] - typo3-src 4.2.5-1+lenny3
 	NOTE: DSA-2008
-CVE-2010-0681
+CVE-2010-0681 (ZeusCMS 0.2 stores sensitive information under the web root with insuf ...)
 	NOT-FOR-US: ZeusCMS
-CVE-2010-0680
+CVE-2010-0680 (Directory traversal vulnerability in index.php in ZeusCMS 0.2 allows r ...)
 	NOT-FOR-US: ZeusCMS
-CVE-2010-0679
+CVE-2010-0679 (Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ...)
 	NOT-FOR-US: ActiveX
-CVE-2010-0678
+CVE-2010-0678 (PHP remote file inclusion vulnerability in includes/moderation.php in  ...)
 	NOT-FOR-US: Katalog Stron Hurricane
-CVE-2010-0677
+CVE-2010-0677 (SQL injection vulnerability in index.php in Katalog Stron Hurricane 1. ...)
 	NOT-FOR-US: Katalog Stron Hurricane
-CVE-2010-0676
+CVE-2010-0676 (Directory traversal vulnerability in index.php in the RWCards (com_rwc ...)
 	NOT-FOR-US: RWCards component for Joomla!
-CVE-2010-0675
+CVE-2010-0675 (Cross-site scripting (XSS) vulnerability in index.php in BGSvetionik B ...)
 	NOT-FOR-US: BGSvetionik BGS CMS
-CVE-2010-0674
+CVE-2010-0674 (StatCounteX 3.1 stores sensitive information under the web root with i ...)
 	NOT-FOR-US: StatCounteX
-CVE-2010-0673
+CVE-2010-0673 (SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog ...)
 	NOT-FOR-US: Copperleaf Photolog plugin for WordPress
-CVE-2010-0672
+CVE-2010-0672 (SQL injection vulnerability in index.php in WSN Guest 1.02 allows remo ...)
 	NOT-FOR-US: WSN Guest
-CVE-2010-0671
+CVE-2010-0671 (SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS allow ...)
 	NOT-FOR-US: KR MEDIA Pogodny CMS
-CVE-2010-0670
+CVE-2010-0670 (Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) Compone ...)
 	NOT-FOR-US: IP-Tech JQuarks (com_jquarks) Component
-CVE-2010-0669
+CVE-2010-0669 (MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitiz ...)
 	{DSA-2014-1}
 	- moin 1.9.2-1 (bug #569975)
-CVE-2010-0668
+CVE-2010-0668 (Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x befor ...)
 	{DSA-2014-1}
 	- moin 1.9.2-1 (bug #569975)
-CVE-2010-0667
+CVE-2010-0667 (MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of th ...)
 	- moin 1.9.1-1
 	[lenny] - moin <not-affected> (versions before 1.9 are not affected)
 	[etch] - moin <not-affected> (versions before 1.9 are not affected)
 	NOTE: http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2
 	NOTE: http://hg.moinmo.in/moin/1.9/rev/04afdde50094
 	NOTE: http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18
-CVE-2010-0666
+CVE-2010-0666 (Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch  ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2010-0665
+CVE-2010-0665 (JAG (Just Another Guestbook) 1.14 stores sensitive information under t ...)
 	NOT-FOR-US: JAG
-CVE-2010-0664
+CVE-2010-0664 (Stack consumption vulnerability in the ChildProcessSecurityPolicy::Can ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0663
+CVE-2010-0663 (The ParamTraits&lt;SkBitmap&gt;::Read function in common/common_param_ ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0662
+CVE-2010-0662 (The ParamTraits&lt;SkBitmap&gt;::Read function in common/common_param_ ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0661
+CVE-2010-0661 (WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r524 ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (libv8 issue)
 	NOTE: http://trac.webkit.org/changeset/52401
-CVE-2010-0660
+CVE-2010-0660 (Google Chrome before 4.0.249.78 sends an https URL in the Referer head ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0659
+CVE-2010-0659 (The image decoder in WebKit before r52833, as used in Google Chrome be ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.1.21-1 (low)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
-CVE-2010-0658
+CVE-2010-0658 (Multiple integer overflows in Skia, as used in Google Chrome before 4. ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0657
+CVE-2010-0657 (Google Chrome before 4.0.249.78 on Windows does not perform the expect ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
 	NOTE: claimed to be a windows-only issue
-CVE-2010-0656
+CVE-2010-0656 (WebKit before r51295, as used in Google Chrome before 4.0.249.78, pres ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.1.21-1 (low)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
-CVE-2010-0655
+CVE-2010-0655 (Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0654
+CVE-2010-0654 (Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbir ...)
 	{DSA-2124-1 DSA-2075-1}
 	- xulrunner 1.9.1.11-1 (bug #570743)
 	- iceweasel 3.5.11-2
@@ -12048,417 +12048,417 @@ CVE-2010-0654
 	[lenny] - icedove <end-of-life>
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0653
+CVE-2010-0653 (Opera before 10.10 permits cross-origin loading of CSS stylesheets eve ...)
 	NOT-FOR-US: Opera
-CVE-2010-0652
+CVE-2010-0652 (Microsoft Internet Explorer permits cross-origin loading of CSS styles ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0651
+CVE-2010-0651 (WebKit before r52784, as used in Google Chrome before 4.0.249.78 and A ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.1.21-1 (low)
 	[lenny] - webkit <no-dsa> (Too intrusive to backport, disk of regression higher than impact at hand)
 	NOTE: http://trac.webkit.org/changeset/52784
-CVE-2010-0650
+CVE-2010-0650 (WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, a ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.1.21-1 (unimportant)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=3275
 	NOTE: unimportant because this is just a popup blocker bypass
-CVE-2010-0649
+CVE-2010-0649 (Integer overflow in the CrossCallParamsEx::CreateFromBuffer function i ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0648
+CVE-2010-0648 (Mozilla Firefox, possibly before 3.6, allows remote attackers to disco ...)
 	- xulrunner <undetermined> (bug #570743)
 	[wheezy] - xulrunner <end-of-life> (no detailed information available)
-CVE-2010-0647
+CVE-2010-0647 (WebKit before r53525, as used in Google Chrome before 4.0.249.89, allo ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.1.21-1 (medium)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
-CVE-2010-0646
+CVE-2010-0646 (Multiple integer signedness errors in factory.cc in Google V8 before r ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- libv8 2.1.6-1
 	- webkit <not-affected> (libv8 issue)
-CVE-2010-0645
+CVE-2010-0645 (Multiple integer overflows in factory.cc in Google V8 before r3560, as ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- libv8 2.1.6-1
 	- webkit <not-affected> (libv8 issue)
-CVE-2010-0644
+CVE-2010-0644 (Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is config ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0643
+CVE-2010-0643 (Google Chrome before 4.0.249.89 attempts to make direct connections to ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0642
+CVE-2010-0642 (Cisco Collaboration Server (CCS) 5 allows remote attackers to read the ...)
 	NOT-FOR-US: Cisco Collaboration Server
-CVE-2010-0641
+CVE-2010-0641 (Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/Log ...)
 	NOT-FOR-US: Cisco Collaboration Server
-CVE-2010-0640
+CVE-2010-0640 (Cross-site scripting (XSS) vulnerability in CA eHealth Performance Man ...)
 	NOT-FOR-US: CA eHealth Performance Manager
-CVE-2010-0639
+CVE-2010-0639 (The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.ST ...)
 	- squid 2.7.STABLE8-1 (bug #572553)
 	[lenny] - squid <no-dsa> (Minor issue, only affects non-default setup)
 	- squid3 3.1.0.17-1 (bug #572554)
 	[lenny] - squid3 <no-dsa> (Minor issue, only affects non-default setup)
-CVE-2010-0638
+CVE-2010-0638 (Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 a ...)
 	- webcalendar <removed> (bug #572557)
 CVE-2010-XXXX [phpbb3 weak captcha]
 	- phpbb3 3.0.7-PL1-1 (unimportant; bug #570011)
-CVE-2010-0634
+CVE-2010-0634 (Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) be ...)
 	- flex 2.5.35-1
-CVE-2010-0629
+CVE-2010-0629 (Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmin ...)
 	{DSA-2031-1}
 	- krb5 1.7+dfsg-1 (low)
 	NOTE: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-003.txt
-CVE-2010-0628
+CVE-2010-0628 (The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego ...)
 	- krb5 1.8+dfsg-1.1 (bug #575740)
 	[lenny] - krb5 <not-affected> (Only affects 1.7/1.8)
-CVE-2010-2234
+CVE-2010-2234 (Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8. ...)
 	- couchdb 0.11.0-2.1 (bug #570013)
 	[lenny] - couchdb <no-dsa> (does not support authentication at all)
-CVE-2010-0637
+CVE-2010-0637 (Multiple cross-site request forgery (CSRF) vulnerabilities in WebCalen ...)
 	- webcalendar <removed> (bug #572557)
-CVE-2010-0636
+CVE-2010-0636 (Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.2 ...)
 	- webcalendar <removed> (bug #572557)
-CVE-2010-0635
+CVE-2010-0635 (SQL injection vulnerability in the plgSearchEventsearch::onSearch meth ...)
 	NOT-FOR-US: JEvents Search plugin for Joomla!
-CVE-2010-0633
+CVE-2010-0633 (Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier ...)
 	NOT-FOR-US: Citrix XenServer
-CVE-2010-0632
+CVE-2010-0632 (SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com ...)
 	NOT-FOR-US: Parkview Consultants SimpleFAQ component for Joomla!
-CVE-2010-0631
+CVE-2010-0631 (Multiple SQL injection vulnerabilities in index.php in Eicra Car Renta ...)
 	NOT-FOR-US: Eicra Car Rental-Script
-CVE-2010-0630
+CVE-2010-0630 (SQL injection vulnerability in viewjokes.php in Evernew Free Joke Scri ...)
 	NOT-FOR-US: Evernew Free Joke Script
 CVE-2010-0627
 	RESERVED
 CVE-2010-0626
 	RESERVED
-CVE-2010-0625
+CVE-2010-0625 (Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP se ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2010-0624
+CVE-2010-0624 (Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib. ...)
 	- cpio 2.11-1 (low)
 	- tar 1.23-1 (low)
 	[lenny] - tar 1.20-1+lenny1
 	[lenny] - cpio 2.9-13lenny1
 CVE-2010-0621
 	RESERVED
-CVE-2010-0620
+CVE-2010-0620 (Directory traversal vulnerability in the SSL Service in EMC HomeBase S ...)
 	NOT-FOR-US: EMC HomeBase Server
-CVE-2010-0619
+CVE-2010-0619 (Stack-based buffer overflow in the base, IPDS DLE, Forms DLE, Barcode  ...)
 	NOT-FOR-US: Lexmark laser printers
-CVE-2010-0618
+CVE-2010-0618 (The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode ...)
 	NOT-FOR-US: Lexmark laser and injet printers and MarkNet devices
-CVE-2010-0617
+CVE-2010-0617 (Cross-site scripting (XSS) vulnerability in ajax.php in evalSMSI 2.1.0 ...)
 	NOT-FOR-US: evalSMSI
-CVE-2010-0616
+CVE-2010-0616 (evalSMSI 2.1.03 stores passwords in cleartext in the database, which a ...)
 	NOT-FOR-US: evalSMSI
-CVE-2010-0615
+CVE-2010-0615 (Cross-site scripting (XSS) vulnerability in assess.php in evalSMSI 2.1 ...)
 	NOT-FOR-US: evalSMSI
-CVE-2010-0614
+CVE-2010-0614 (SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remo ...)
 	NOT-FOR-US: evalSMSI
-CVE-2010-0613
+CVE-2010-0613 (Directory traversal vulnerability in viewfile.php in ARWScripts Fonts  ...)
 	NOT-FOR-US: ARWScripts Fonts Script
-CVE-2010-0612
+CVE-2010-0612 (Unspecified vulnerability in DocumentManager before 4.0 has unknown im ...)
 	NOT-FOR-US: DocumentManager
-CVE-2010-0611
+CVE-2010-0611 (Multiple SQL injection vulnerabilities in adminlogin.php in Baal Syste ...)
 	NOT-FOR-US: Baal Systems
-CVE-2010-0610
+CVE-2010-0610 (Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog ...)
 	NOT-FOR-US: Photoblog component for Joomla!
-CVE-2010-0609
+CVE-2010-0609 (SQL injection vulnerability in header.php in NovaBoard 1.1.2 allows re ...)
 	NOT-FOR-US: NovaBoard
-CVE-2010-0608
+CVE-2010-0608 (SQL injection vulnerability in index.php in NovaBoard 1.1.2 allows rem ...)
 	NOT-FOR-US: NovaBoard
-CVE-2010-0607
+CVE-2010-0607 (Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1  ...)
 	NOT-FOR-US: Sterlite SAM300 AX Router
-CVE-2010-0606
+CVE-2010-0606 (Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket b ...)
 	NOT-FOR-US: osTicket
-CVE-2010-0605
+CVE-2010-0605 (SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 S ...)
 	NOT-FOR-US: osTicket
-CVE-2010-0604
+CVE-2010-0604 (Unspecified vulnerability in the SIP implementation on the Cisco PGW 2 ...)
 	NOT-FOR-US: Cisco PGW
-CVE-2010-0603
+CVE-2010-0603 (The SIP implementation on the Cisco PGW 2200 Softswitch with software  ...)
 	NOT-FOR-US: Cisco PWG
-CVE-2010-0602
+CVE-2010-0602 (The SIP implementation on the Cisco PGW 2200 Softswitch with software  ...)
 	NOT-FOR-US: Cisco PGW
-CVE-2010-0601
+CVE-2010-0601 (The MGCP implementation on the Cisco PGW 2200 Softswitch with software ...)
 	NOT-FOR-US: Cisco PGW
-CVE-2010-0600
+CVE-2010-0600 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2 ...)
 	NOT-FOR-US: Cisco Mediator Framework
-CVE-2010-0599
+CVE-2010-0599 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2 ...)
 	NOT-FOR-US: Cisco Mediator Framework
-CVE-2010-0598
+CVE-2010-0598 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2 ...)
 	NOT-FOR-US: Cisco Mediator Framework
-CVE-2010-0597
+CVE-2010-0597 (Unspecified vulnerability in Cisco Mediator Framework 1.5.1 before 1.5 ...)
 	NOT-FOR-US: Cisco Mediator Framework
-CVE-2010-0596
+CVE-2010-0596 (Unspecified vulnerability in Cisco Mediator Framework 2.2 before 2.2.1 ...)
 	NOT-FOR-US: Cisco Mediator Framework
-CVE-2010-0595
+CVE-2010-0595 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2 ...)
 	NOT-FOR-US: Cisco Mediator Framework
-CVE-2010-0594
+CVE-2010-0594 (Cross-site scripting (XSS) vulnerability in Cisco Router and Security  ...)
 	NOT-FOR-US: Cisco Router and Security Device Manager
-CVE-2010-0593
+CVE-2010-0593 (The Cisco RVS4000 4-port Gigabit Security Router before 1.3.2.0, PVC23 ...)
 	NOT-FOR-US: Cisco RVS4000 Router
-CVE-2010-0592
+CVE-2010-0592 (The CTI Manager service in Cisco Unified Communications Manager (aka C ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2010-0591
+CVE-2010-0591 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager)  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2010-0590
+CVE-2010-0590 (The CMSIPUtility component in Cisco Unified Communications Manager (ak ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2010-0589
+CVE-2010-0589 (The Web Install ActiveX control (CSDWebInstaller) in Cisco Secure Desk ...)
 	NOT-FOR-US: Cisco Secure Desktop
-CVE-2010-0588
+CVE-2010-0588 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager)  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2010-0587
+CVE-2010-0587 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager)  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2010-0586
+CVE-2010-0586 (Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0585
+CVE-2010-0585 (Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0584
+CVE-2010-0584 (Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentati ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0583
+CVE-2010-0583 (Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4 ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0582
+CVE-2010-0582 (Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0581
+CVE-2010-0581 (Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0580
+CVE-2010-0580 (Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3  ...)
 	NOT-FOR-US: CiscoIOS
-CVE-2010-0579
+CVE-2010-0579 (The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attack ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0578
+CVE-2010-0578 (The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 an ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0577
+CVE-2010-0577 (Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0576
+CVE-2010-0576 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2010-0575
+CVE-2010-0575 (Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possib ...)
 	NOT-FOR-US: Cisco WLC
-CVE-2010-0574
+CVE-2010-0574 (Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) softw ...)
 	NOT-FOR-US: Cisco WLC
-CVE-2010-0573
+CVE-2010-0573 (Unspecified vulnerability on the Cisco Digital Media Player before 5.2 ...)
 	NOT-FOR-US: Cisco Digital Media Player
-CVE-2010-0572
+CVE-2010-0572 (Cisco Digital Media Manager (DMM) before 5.2 allows remote authenticat ...)
 	NOT-FOR-US: Cisco Digital Media Manager
-CVE-2010-0571
+CVE-2010-0571 (Unspecified vulnerability in Cisco Digital Media Manager (DMM) 5.0.x a ...)
 	NOT-FOR-US: Cisco Digital Media Manager
-CVE-2010-0570
+CVE-2010-0570 (Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default passwo ...)
 	NOT-FOR-US: Cisco Digital Media Manager
-CVE-2010-0569
+CVE-2010-0569 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security A ...)
 	NOT-FOR-US: Cisco
-CVE-2010-0568
+CVE-2010-0568 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security A ...)
 	NOT-FOR-US: Cisco
-CVE-2010-0567
+CVE-2010-0567 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security A ...)
 	NOT-FOR-US: Cisco
-CVE-2010-0566
+CVE-2010-0566 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security A ...)
 	NOT-FOR-US: Cisco
-CVE-2010-0565
+CVE-2010-0565 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security A ...)
 	NOT-FOR-US: Cisco
 CVE-2010-XXXX [multiple mod_security issues]
 	- libapache-mod-security 2.5.12-1 (bug #569658)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=563455
-CVE-2010-0623
+CVE-2010-0623 (The futex_lock_pi function in kernel/futex.c in the Linux kernel befor ...)
 	- linux-2.6 2.6.32-9
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.28)
-CVE-2010-0622
+CVE-2010-0622 (The wake_futex_pi function in kernel/futex.c in the Linux kernel befor ...)
 	{DSA-2012-1 DSA-2005-1 DSA-2003-1}
 	- linux-2.6 2.6.32-9
 	- linux-2.6.24 <removed>
-CVE-2010-0564
+CVE-2010-0564 (Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeS ...)
 	NOT-FOR-US: Trend Micro URL Filtering Engine
-CVE-2010-0563
+CVE-2010-0563 (The Single Sign-on (SSO) functionality in IBM WebSphere Application Se ...)
 	NOT-FOR-US: IBM WebSphere Application
-CVE-2010-0562
+CVE-2010-0562 (The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, ...)
 	- fetchmail 6.3.13-2 (low)
 	[lenny] - fetchmail <not-affected> (This issue was introduced in 6.3.11)
 	[etch] - fetchmail <not-affected> (This issue was introduced in 6.3.11)
 	NOTE: the conditions so that this is exploitable are rather obscure
-CVE-2010-0561
+CVE-2010-0561 (Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before ...)
 	NOT-FOR-US: NetBSD
-CVE-2010-0560
+CVE-2010-0560 (Unspecified vulnerability in the BIOS in Intel Desktop Board DB, DG, D ...)
 	NOT-FOR-US: Intel Desktop BIOS
-CVE-2010-0559
+CVE-2010-0559 (The default configuration of Oracle OpenSolaris snv_91 through snv_131 ...)
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-0558
+CVE-2010-0558 (The default configuration of Oracle OpenSolaris snv_77 through snv_131 ...)
 	NOT-FOR-US: Oracle OpenSolaris
-CVE-2010-0557
+CVE-2010-0557 (IBM Cognos Express 9.0 allows attackers to obtain unspecified access t ...)
 	NOT-FOR-US: IBM Cognos Express
-CVE-2010-0556
+CVE-2010-0556 (browser/login/login_prompt.cc in Google Chrome before 4.0.249.89 popul ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit <not-affected> (chrome-specific issue)
-CVE-2010-0555
+CVE-2010-0555 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prev ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0554
+CVE-2010-0554 (The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and e ...)
 	NOT-FOR-US: Geo++ GNCASTER
-CVE-2010-0553
+CVE-2010-0553 (Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users t ...)
 	NOT-FOR-US: Geo++ GNCASTER
-CVE-2010-0552
+CVE-2010-0552 (Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: Geo++ GNCASTER
-CVE-2010-0551
+CVE-2010-0551 (HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and earli ...)
 	NOT-FOR-US: Geo++ GNCASTER
-CVE-2010-0550
+CVE-2010-0550 (admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enfo ...)
 	NOT-FOR-US: Geo++ GNCASTER
-CVE-2010-0549
+CVE-2010-0549 (Unspecified vulnerability in the Network Controller in Xerox WorkCentr ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2010-0548
+CVE-2010-0548 (Multiple unspecified vulnerabilities in the Network Controller and Web ...)
 	NOT-FOR-US: Xerox WorkCentre
-CVE-2010-0547
+CVE-2010-0547 (client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier  ...)
 	{DSA-2004-1}
 	- samba 2:3.4.5~dfsg-2 (bug #568942; medium)
-CVE-2010-0546
+CVE-2010-0546 (Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allow ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-0545
+CVE-2010-0545 (The Finder in DesktopServices in Apple Mac OS X 10.5.8, and 10.6 befor ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-0544
+CVE-2010-0544 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	- webkit 1.2.1-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected> (only Safari is affected, they have a different URL parsing implementation)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=37662
 	NOTE: http://trac.webkit.org/changeset/58792
 	NOTE: http://trac.webkit.org/changeset/58796
-CVE-2010-0543
+CVE-2010-0543 (ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows remot ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-0542
+CVE-2010-0542 (The _WriteProlog function in texttops.c in texttops in the Text Filter ...)
 	{DSA-2176-1}
 	- cups 1.4.4-1
-CVE-2010-0541
+CVE-2010-0541 (Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in ...)
 	- ruby1.8 1.8.7.302-1
 	[lenny] - ruby1.8 <no-dsa> (Minor issue)
 	- ruby1.9 <removed>
 	[lenny] - ruby1.9 <no-dsa> (Minor issue)
 	- ruby1.9.1 1.9.2.0-1 (bug #593298)
-CVE-2010-0540
+CVE-2010-0540 (Cross-site request forgery (CSRF) vulnerability in the web interface i ...)
 	{DSA-2176-1}
 	- cups 1.4.4-1
-CVE-2010-0539
+CVE-2010-0539 (Integer signedness error in the window drawing implementation in Apple ...)
 	NOT-FOR-US: Apple Java
-CVE-2010-0538
+CVE-2010-0538 (Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X 10. ...)
 	NOT-FOR-US: Apple Java
-CVE-2010-0537
+CVE-2010-0537 (DesktopServices in Apple Mac OS X 10.6 before 10.6.3 does not properly ...)
 	NOT-FOR-US: Apple DesktopServices
-CVE-2010-0536
+CVE-2010-0536 (Apple QuickTime before 7.6.6 on Windows allows remote attackers to exe ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0535
+CVE-2010-0535 (Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled ...)
 	- dovecot <not-affected> (Apple specific, http://marc.info/?l=oss-security&m=136546217008001&w=2)
-CVE-2010-0534
+CVE-2010-0534 (Wiki Server in Apple Mac OS X 10.6 before 10.6.3 does not enforce the  ...)
 	NOT-FOR-US: Apple Wiki Server
-CVE-2010-0533
+CVE-2010-0533 (Directory traversal vulnerability in AFP Server in Apple Mac OS X befo ...)
 	NOT-FOR-US: Apple AFP Server
-CVE-2010-0532
+CVE-2010-0532 (Race condition in the installation package in Apple iTunes before 9.1  ...)
 	NOT-FOR-US: Apple itunes
-CVE-2010-0531
+CVE-2010-0531 (Apple iTunes before 9.1 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2010-0530
+CVE-2010-0530 (Apple QuickTime before 7.6.9 on Windows sets weak permissions for the  ...)
 	NOT-FOR-US: QuickTime
-CVE-2010-0529
+CVE-2010-0529 (Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0528
+CVE-2010-0528 (Apple QuickTime before 7.6.6 on Windows allows remote attackers to exe ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2010-0527
+CVE-2010-0527 (Integer overflow in Apple QuickTime before 7.6.6 on Windows allows rem ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0526
+CVE-2010-0526 (Heap-based buffer overflow in QuickTimeMPEG.qtx in QuickTime in Apple  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0525
+CVE-2010-0525 (Mail in Apple Mac OS X before 10.6.3 does not properly enforce the key ...)
 	NOT-FOR-US: Apple Mail
-CVE-2010-0524
+CVE-2010-0524 (The default configuration of the FreeRADIUS server in Apple Mac OS X S ...)
 	- freeradius <not-affected> (Apple specific configuration issue)
-CVE-2010-0523
+CVE-2010-0523 (Wiki Server in Apple Mac OS X 10.5.8 does not restrict the file types  ...)
 	NOT-FOR-US: Apple Wiki Server
-CVE-2010-0522
+CVE-2010-0522 (Server Admin in Apple Mac OS X Server 10.5.8 does not properly determi ...)
 	NOT-FOR-US: Apple Server Admin
-CVE-2010-0521
+CVE-2010-0521 (Server Admin in Apple Mac OS X Server before 10.6.3 does not properly  ...)
 	NOT-FOR-US: Apple Server Admin
-CVE-2010-0520
+CVE-2010-0520 (Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in A ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0519
+CVE-2010-0519 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows r ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0518
+CVE-2010-0518 (QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to e ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0517
+CVE-2010-0517 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6. ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0516
+CVE-2010-0516 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6. ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0515
+CVE-2010-0515 (QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to e ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0514
+CVE-2010-0514 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6. ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2010-0513
+CVE-2010-0513 (Stack-based buffer overflow in PS Normalizer in Apple Mac OS X before  ...)
 	NOT-FOR-US: Apple PS Normalizer
-CVE-2010-0512
+CVE-2010-0512 (The Accounts Preferences implementation in Apple Mac OS X 10.6 before  ...)
 	NOT-FOR-US: Apple Accounts Preferences
-CVE-2010-0511
+CVE-2010-0511 (Podcast Producer in Apple Mac OS X 10.6 before 10.6.3 deletes the acce ...)
 	NOT-FOR-US: Apple Podcast Producer
-CVE-2010-0510
+CVE-2010-0510 (Password Server in Apple Mac OS X Server before 10.6.3 does not proper ...)
 	NOT-FOR-US: Apple Password Server
-CVE-2010-0509
+CVE-2010-0509 (SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows local  ...)
 	NOT-FOR-US: Apple SFLServer
-CVE-2010-0508
+CVE-2010-0508 (Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules ...)
 	NOT-FOR-US: Apple Mail
-CVE-2010-0507
+CVE-2010-0507 (Buffer overflow in Image RAW in Apple Mac OS X before 10.6.3 allows re ...)
 	NOT-FOR-US: Apple Image RAW
-CVE-2010-0506
+CVE-2010-0506 (Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 allows remote at ...)
 	NOT-FOR-US: Apple Image RAW
-CVE-2010-0505
+CVE-2010-0505 (Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.3  ...)
 	NOT-FOR-US: Apple ImageIO
-CVE-2010-0504
+CVE-2010-0504 (Multiple stack-based buffer overflows in iChat Server in Apple Mac OS  ...)
 	NOT-FOR-US: Apple iChat
-CVE-2010-0503
+CVE-2010-0503 (Use-after-free vulnerability in iChat Server in Apple Mac OS X Server  ...)
 	NOT-FOR-US: Apple iChat
-CVE-2010-0502
+CVE-2010-0502 (iChat Server in Apple Mac OS X Server before 10.6.3, when group chat i ...)
 	NOT-FOR-US: Apple iChat
-CVE-2010-0501
+CVE-2010-0501 (Directory traversal vulnerability in FTP Server in Apple Mac OS X Serv ...)
 	NOT-FOR-US: Apple FTP Server
-CVE-2010-0500
+CVE-2010-0500 (Event Monitor in Apple Mac OS X before 10.6.3 does not properly valida ...)
 	NOT-FOR-US: Apple Event Monitor
 CVE-2010-0499
 	RESERVED
-CVE-2010-0498
+CVE-2010-0498 (Directory Services in Apple Mac OS X before 10.6.3 does not properly p ...)
 	NOT-FOR-US: Apple Directory Services
-CVE-2010-0497
+CVE-2010-0497 (Disk Images in Apple Mac OS X before 10.6.3 does not provide the expec ...)
 	NOT-FOR-US: Apple Disk Images
-CVE-2010-0496
+CVE-2010-0496 (FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for i ...)
 	NOT-FOR-US: Apple iPhone OS
 CVE-2010-0495
 	REJECTED
-CVE-2010-0494
+CVE-2010-0494 (Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-0493
 	REJECTED
-CVE-2010-0492
+CVE-2010-0492 (Use-after-free vulnerability in mstime.dll in Microsoft Internet Explo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0491
+CVE-2010-0491 (Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4,  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0490
+CVE-2010-0490 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handl ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0489
+CVE-2010-0489 (Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0488
+CVE-2010-0488 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properl ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0487
+CVE-2010-0487 (The Authenticode Signature verification functionality in cabview.dll i ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0486
+CVE-2010-0486 (The WinVerifyTrust function in Authenticode Signature Verification 5.1 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0485
+CVE-2010-0485 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0484
+CVE-2010-0484 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0483
+CVE-2010-0483 (vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0482
+CVE-2010-0482 (The kernel in Microsoft Windows Server 2008 R2 and Windows 7 does not  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0481
+CVE-2010-0481 (The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Serv ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0480
+CVE-2010-0480 (Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0479
+CVE-2010-0479 (Buffer overflow in Microsoft Office Publisher 2002 SP3, 2003 SP3, and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0478
+CVE-2010-0478 (Stack-based buffer overflow in nsum.exe in the Windows Media Unicast S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0477
+CVE-2010-0477 (The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0476
+CVE-2010-0476 (The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1,  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0475
+CVE-2010-0475 (Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Pa ...)
 	NOT-FOR-US: Palo Alto Networks Firewall
 CVE-2010-0474
 	RESERVED
@@ -12466,17 +12466,17 @@ CVE-2010-0474
 	- webkit 1.4.0-1
 CVE-2010-0473
 	RESERVED
-CVE-2010-0472
+CVE-2010-0472 (kuddb2 in Tivoli Monitoring for DB2, as distributed in IBM DB2 9.7 FP1 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2010-0471
+CVE-2010-0471 (SQL injection vulnerability in the comment submission interface (inclu ...)
 	NOT-FOR-US: Enano CMS
-CVE-2010-0470
+CVE-2010-0470 (Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend C ...)
 	NOT-FOR-US: Comtrend
-CVE-2010-0469
+CVE-2010-0469 (SQL injection vulnerability in Files2Links F2L 3000 appliance 4.0.0, a ...)
 	NOT-FOR-US: Files2Links
-CVE-2010-0468
+CVE-2010-0468 (Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in  ...)
 	NOT-FOR-US: PaperThin CommonSpot Content Server
-CVE-2010-0467
+CVE-2010-0467 (Directory traversal vulnerability in the ccNewsletter (com_ccnewslette ...)
 	NOT-FOR-US: ccNewsletter component for Joomla!
 CVE-2010-XXXX [nautilus: file preview html script execution]
 	- nautilus <not-affected> (proof-of-concept script is previewed as text, not executed)
@@ -12489,191 +12489,191 @@ CVE-2010-XXXX [browser javascript document.write denial-of-service]
 	- kde4libs <unfixed> (unimportant)
 CVE-2010-0466
 	RESERVED
-CVE-2010-0465
+CVE-2010-0465 (Cross-site scripting (XSS) vulnerability in the online Documents funct ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2010-0464
+CVE-2010-0464 (Roundcube 0.3.1 and earlier does not request that the web browser avoi ...)
 	- roundcube 0.3.1-3 (bug #569660)
-CVE-2010-0463
+CVE-2010-0463 (Horde IMP 4.3.6 and earlier does not request that the web browser avoi ...)
 	- imp4 4.3.7+debian0-2 (low; bug #569661)
 	[lenny] - imp4 4.2-4lenny2
-CVE-2010-0462
+CVE-2010-0462 (Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6,  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2010-0461
+CVE-2010-0461 (SQL injection vulnerability in the casino (com_casino) component 1.0 f ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-0460
+CVE-2010-0460 (Multiple cross-site scripting (XSS) vulnerabilities in staff/index.php ...)
 	NOT-FOR-US: Kayako SupportSuite
-CVE-2010-0459
+CVE-2010-0459 (SQL injection vulnerability in the Mochigames (com_mochigames) compone ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-0458
+CVE-2010-0458 (Multiple SQL injection vulnerabilities in NetArt Media Blog System 1.5 ...)
 	NOT-FOR-US: NetArt Media Blog System
-CVE-2010-0457
+CVE-2010-0457 (SQL injection vulnerability in home.php in magic-portal 2.1 allows rem ...)
 	NOT-FOR-US: magic-portal
-CVE-2010-0456
+CVE-2010-0456 (SQL injection vulnerability in the indianpulse Game Server (com_gamese ...)
 	NOT-FOR-US: Joomla!
-CVE-2010-0455
+CVE-2010-0455 (Cross-site scripting (XSS) vulnerability in forum/viewtopic.php in Pun ...)
 	NOT-FOR-US: PunBB
-CVE-2010-0454
+CVE-2010-0454 (SQL injection vulnerability in cgi/cgilua.exe/sys/start.htm in Publiqu ...)
 	NOT-FOR-US: Publique! CMS
-CVE-2010-0453
+CVE-2010-0453 (The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2010-0452
+CVE-2010-0452 (Multiple cross-site scripting (XSS) vulnerabilities in HP Project and  ...)
 	NOT-FOR-US: HP Project and Portfolio Management Center
-CVE-2010-0451
+CVE-2010-0451 (The installation process for NFS/ONCplus B.11.31_08 and earlier on HP  ...)
 	NOT-FOR-US: HP-UX
-CVE-2010-0450
+CVE-2010-0450 (Unspecified vulnerability in HP SOA Registry Foundation 6.63 and 6.64  ...)
 	NOT-FOR-US: HP SOA Registry Foundation
-CVE-2010-0449
+CVE-2010-0449 (Cross-site scripting (XSS) vulnerability in HP SOA Registry Foundation ...)
 	NOT-FOR-US: HP SOA Registry Foundation
-CVE-2010-0448
+CVE-2010-0448 (Unspecified vulnerability in HP SOA Registry Foundation 6.63 and 6.64  ...)
 	NOT-FOR-US: HP SOA Registry Foundation
-CVE-2010-0447
+CVE-2010-0447 (The helpmanager servlet in the web server in HP OpenView Performance I ...)
 	NOT-FOR-US: HP OpenView Performance Insight
-CVE-2010-0446
+CVE-2010-0446 (Unspecified vulnerability on the HP DreamScreen 100 and 130 with firmw ...)
 	NOT-FOR-US: HP DreamScreen
-CVE-2010-0445
+CVE-2010-0445 (Unspecified vulnerability in HP Network Node Manager (NNM) 8.10, 8.11, ...)
 	NOT-FOR-US: HP Network Node Manager
-CVE-2010-0444
+CVE-2010-0444 (HP Operations Agent 8.51, 8.52, 8.53, and 8.60 on Solaris 10 uses a bl ...)
 	NOT-FOR-US: HP Operations Agent
-CVE-2010-0443
+CVE-2010-0443 (Unspecified vulnerability in Record Management Services (RMS) before V ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2010-0441
+CVE-2010-0441 (Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, ...)
 	- asterisk 1:1.6.2.2-1
 	[lenny] - asterisk <not-affected> (Only affects 1.6.x)
 	[etch] - asterisk <not-affected> (Only affects 1.6.x)
-CVE-2010-0440
+CVE-2010-0440 (Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cis ...)
 	NOT-FOR-US: Cisco Secure Desktop
-CVE-2010-0439
+CVE-2010-0439 (Chip Salzenberg Deliver allows local users to cause a denial of servic ...)
 	- deliver <removed>
-CVE-2010-0438
+CVE-2010-0438 (Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in O ...)
 	{DSA-1993-1}
 	- otrs <not-affected> (vulnerable code not present)
 	[etch] - otrs2 <not-affected> (vulnerable code not present)
 	- otrs2 2.4.7-1 (medium)
 	NOTE: http://web.archive.org/web/20111224162621/http://otrs.org/advisory/OSA-2010-01-en/
-CVE-2010-0437
+CVE-2010-0437 (The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux ...)
 	- linux-2.6 2.6.26-9
-CVE-2010-0436
+CVE-2010-0436 (Race condition in backend/ctrl.c in KDM in KDE Software Compilation (S ...)
 	{DSA-2037-1}
 	- kdebase 4:4.0
 	- kdebase-workspace 4:4.4.3-1
 	NOTE: The binary package kdm was built from kdebase in Lenny and from kdebase-workspace
 	NOTE: in KDE 4.x, i.e. Squeeze onwards
-CVE-2010-0435
+CVE-2010-0435 (The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualizat ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-29
-CVE-2010-0434
+CVE-2010-0434 (The ap_read_request function in server/protocol.c in the Apache HTTP S ...)
 	{DSA-2035-1}
 	- apache2 2.2.15-1
-CVE-2010-0433
+CVE-2010-0433 (The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before  ...)
 	- openssl <not-affected> (Kerberos support not enabled)
 	NOTE: http://www.openwall.com/lists/oss-security/2010/03/03/5
-CVE-2010-0432
+CVE-2010-0432 (Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open ...)
 	NOT-FOR-US: Apache Open For Business Project (OFBiz)
-CVE-2010-0431
+CVE-2010-0431 (QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat E ...)
 	- qemu-kvm <not-affected> (QXL support not yet present in Debian packages)
 	- kvm <not-affected> (QXL support not yet present in Debian packages)
-CVE-2010-0430
+CVE-2010-0430 (libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hyp ...)
 	- spice <not-affected> (Fixed before initial upload to archive)
-CVE-2010-0429
+CVE-2010-0429 (libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor)  ...)
 	- spice <not-affected> (Fixed before initial upload to archive)
-CVE-2010-0428
+CVE-2010-0428 (libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor)  ...)
 	- spice <not-affected> (Fixed before initial upload to archive)
-CVE-2010-0427
+CVE-2010-0427 (sudo 1.6.x before 1.6.9p21, when the runas_default option is used, doe ...)
 	{DSA-2006-1}
 	- sudo 1.7.0-1
 	NOTE: http://www.openwall.com/lists/oss-security/2010/02/23/4
-CVE-2010-0426
+CVE-2010-0426 (sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-com ...)
 	{DSA-2006-1}
 	- sudo 1.7.2p1-1.2 (bug #570737)
 	NOTE: http://www.openwall.com/lists/oss-security/2010/02/23/4
-CVE-2010-0425
+CVE-2010-0425 (modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server  ...)
 	- apache2 <not-affected> (Windows only)
-CVE-2010-0424
+CVE-2010-0424 (The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2)  ...)
 	- cron <not-affected> (vulnerability in redhat-specific changes to their cron forks; cronie and vixie-cron)
-CVE-2010-0423
+CVE-2010-0423 (gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a  ...)
 	{DSA-2038-1}
 	- pidgin 2.6.6-1 (low)
 	- gaim <removed> (low)
 	[lenny] - gaim <not-affected> (gaim is a transitional dummy package only)
 	- qutecom 2.2~rc3.hg396~dfsg1-6 (low; bug #572946)
-CVE-2010-0422
+CVE-2010-0422 (gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize t ...)
 	- gnome-screensaver 2.28.3-1
 	[lenny] - gnome-screensaver <not-affected> (Vulnerable code not present)
-CVE-2010-0421
+CVE-2010-0421 (Array index error in the hb_ot_layout_build_glyph_classes function in  ...)
 	{DSA-2019-1}
 	- pango1.0 1.26.2-1 (bug #574021)
-CVE-2010-0420
+CVE-2010-0420 (libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user cha ...)
 	{DSA-2038-1}
 	- pidgin 2.6.6-1 (low)
 	- gaim <removed> (low)
 	[lenny] - gaim <not-affected> (gaim is a transitional dummy package only)
 	- qutecom 2.2~rc3.hg396~dfsg1-6 (low; bug #572946)
-CVE-2010-0419
+CVE-2010-0419 (The x86 emulator in KVM 83, when a guest is configured for Symmetric M ...)
 	{DSA-2010-1}
 	- kvm <removed>
-CVE-2010-0418
+CVE-2010-0418 (The web interface in chumby one before 1.0.4 and chumby classic before ...)
 	NOT-FOR-US: Chumby device's web interface
-CVE-2010-0417
+CVE-2010-0417 (Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and R ...)
 	NOT-FOR-US: RealPlayer/Helix Player
-CVE-2010-0416
+CVE-2010-0416 (Buffer overflow in the Unescape function in common/util/hxurl.cpp and  ...)
 	NOT-FOR-US: RealPlayer/Helix Player
-CVE-2010-0415
+CVE-2010-0415 (The do_pages_move function in mm/migrate.c in the Linux kernel before  ...)
 	{DSA-2005-1 DSA-2003-1 DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	- linux-2.6.24 <removed>
-CVE-2010-0414
+CVE-2010-0414 (gnome-screensaver before 2.28.2 allows physically proximate attackers  ...)
 	- gnome-screensaver 2.28.2-1 (bug #569084)
 	[etch] - gnome-screensaver <not-affected> (Vulnerable code not present)
 	[lenny] - gnome-screensaver <not-affected> (Vulnerable code not present)
 CVE-2010-0413
 	RESERVED
-CVE-2010-0412
+CVE-2010-0412 (stap-server in SystemTap 1.1 does not properly restrict the value of t ...)
 	- systemtap 1.2-1 (bug #572560)
 	[lenny] - systemtap <not-affected> (Server component not yet present)
 	[etch] - systemtap <not-affected> (Server component not yet present)
-CVE-2010-0411
+CVE-2010-0411 (Multiple integer signedness errors in the (1) __get_argv and (2) __get ...)
 	- systemtap 1.2-1 (low; bug #568809)
 	[lenny] - systemtap <not-affected> (Vulnerable code not present)
 	[etch] - systemtap <no-dsa> (Minor issue)
 	NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=11234 and RH
-CVE-2010-0410
+CVE-2010-0410 (drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allo ...)
 	{DSA-2005-1 DSA-2003-1 DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	- linux-2.6.24 <removed>
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=f98bfbd78c37c5946cc53089da32a5f741efdeb7
-CVE-2010-0409
+CVE-2010-0409 (Buffer overflow in the GMIME_UUENCODE_LEN macro in gmime/gmime-encodin ...)
 	{DSA-2082-1}
 	- gmime2.2 2.2.25-1.1 (bug #568291)
 	- gmime2.4 2.4.14-1+nmu1 (bug #573877)
-CVE-2010-0408
+CVE-2010-0408 (The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp  ...)
 	{DSA-2035-1}
 	- apache2 2.2.15-1 (low)
 	[lenny] - apache2 <no-dsa> (minor issue)
 	NOTE: Will be fixed in s-p-u
-CVE-2010-0407
+CVE-2010-0407 (Multiple buffer overflows in the MSGFunctionDemarshall function in win ...)
 	{DSA-2059-1}
 	- pcsc-lite 1.5.4-1
-CVE-2010-0406
+CVE-2010-0406 (OpenTTD before 1.0.1 allows remote attackers to cause a denial of serv ...)
 	- openttd 1.0.1-1
 	[lenny] - openttd 0.6.2-1+lenny2
-CVE-2010-0405
+CVE-2010-0405 (Integer overflow in the BZ2_decompress function in decompress.c in bzi ...)
 	{DSA-2112-1}
 	- bzip2 1.0.5-6
 	- clamav 0.96.3+dfsg-1
 	[lenny] - clamav <end-of-life> (No longer supported in Lenny)
-CVE-2010-0404
+CVE-2010-0404 (Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before  ...)
 	{DSA-2046-1}
 	- phpgroupware 1:0.9.16.016+dfsg-1 (bug #584517)
-CVE-2010-0403
+CVE-2010-0403 (Directory traversal vulnerability in about.php in phpGroupWare (phpgw) ...)
 	{DSA-2046-1}
 	- phpgroupware 1:0.9.16.016+dfsg-1 (bug #584518)
-CVE-2010-0402
+CVE-2010-0402 (OpenTTD before 1.0.1 does not properly validate index values of certai ...)
 	- openttd 1.0.1-1
 	[lenny] - openttd 0.6.2-1+lenny2
-CVE-2010-0401
+CVE-2010-0401 (OpenTTD before 1.0.1 accepts a company password for authentication in  ...)
 	- openttd 1.0.1-1
 	[lenny] - openttd 0.6.2-1+lenny2
-CVE-2010-0400
+CVE-2010-0400 (SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows rem ...)
 	{DSA-2030-1}
 	- mahara 1.2.4-1 (medium)
 CVE-2010-0399
@@ -12681,65 +12681,65 @@ CVE-2010-0399
 CVE-2010-0398 [autokey arbitrary file overwriting via symlinks]
 	RESERVED
 	- autokey 0.61.3-2
-CVE-2010-0397
+CVE-2010-0397 (The xmlrpc extension in PHP 5.3.1 does not properly handle a missing m ...)
 	{DSA-2018-1}
 	- php5 5.3.2-1 (medium; bug #573573)
-CVE-2010-0396
+CVE-2010-0396 (Directory traversal vulnerability in the dpkg-source component in dpkg ...)
 	{DSA-2011-1}
 	- dpkg 1.15.6
-CVE-2010-0395
+CVE-2010-0395 (OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote at ...)
 	{DSA-2055-1}
 	- openoffice.org 1:3.2.1-1 (low)
-CVE-2010-0394
+CVE-2010-0394 (PyGIT.py in the Trac Git plugin (trac-git) before 0.0.20080710-3+lenny ...)
 	{DSA-1990-2 DSA-1990-1}
 	- trac-git 0.0.20090320-1 (high; bug #567039)
-CVE-2010-0393
+CVE-2010-0393 (The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1 ...)
 	{DSA-2007-1}
 	- cupsys <removed>
 	- cups 1.4.2-9.1
-CVE-2010-0392
+CVE-2010-0392 (Stack-based buffer overflow in vpnconf.exe in TheGreenBow IPSec VPN Cl ...)
 	NOT-FOR-US: TheGreenBow IPSec VPN Client
-CVE-2010-0391
+CVE-2010-0391 (Multiple stack-based buffer overflows in Embarcadero Technologies Inte ...)
 	NOT-FOR-US: InterBase SMP 2009 9.0.3.437
-CVE-2010-0390
+CVE-2010-0390 (Unrestricted file upload vulnerability in maxImageUpload/index.php in  ...)
 	NOT-FOR-US: PHP F1 Max's Image Uploader
-CVE-2010-0389
+CVE-2010-0389 (The admin server in Sun Java System Web Server 7.0 Update 6 allows rem ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0388
+CVE-2010-0388 (Format string vulnerability in the WebDAV implementation in webservd i ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0387
+CVE-2010-0387 (Multiple heap-based buffer overflows in (1) webservd and (2) the admin ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0386
+CVE-2010-0386 (The default configuration of Sun Java System Application Server 7 and  ...)
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2010-0385
+CVE-2010-0385 (Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functionin ...)
 	- tor 0.2.1.22-1 (low)
 	[lenny] - tor <not-affected> (only affects versions > 0.2.1.6-alpha)
 	NOTE: the CVE entry is wrong, only 0.2.1.6-alpha and up are affected
 	NOTE: confirmed with Tor developers, Lenny is not affected
-CVE-2010-0384
+CVE-2010-0384 (Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirr ...)
 	- tor <not-affected> (only affects versions 0.2.2.x)
 	[lenny] - tor <not-affected> (only affects versions 0.2.2.x)
 	NOTE: does not appear to be a real vulnerability?
-CVE-2010-0383
+CVE-2010-0383 (Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated ...)
 	- tor 0.2.1.22-1 (medium)
 	[lenny] - tor 0.2.0.35-1~lenny2 (medium)
-CVE-2010-0382
+CVE-2010-0382 (ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2 ...)
 	{DSA-2054-1}
 	- bind9 1:9.7.0.dfsg-1
-CVE-2010-0381
+CVE-2010-0381 (SQL injection vulnerability in modules/arcade/index.php in PHP MySpace ...)
 	NOT-FOR-US: PHP MySpace Gold Edition
-CVE-2010-0380
+CVE-2010-0380 (install.php in JCE-Tech PHP Calendars, downloaded 20100121, allows rem ...)
 	NOT-FOR-US: JCE-Tech PHP Calendars
 CVE-2010-XXXX [gmetad incorrect file permissions]
 	- ganglia 3.1.2-3 (low; bug #567175)
-CVE-2010-0442
+CVE-2010-0442 (The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0 ...)
 	{DSA-2051-1}
 	- postgresql-7.4 <removed>
 	- postgresql-8.1 <removed>
 	- postgresql-8.2 <removed>
 	- postgresql-8.3 <removed> (low; bug #567058)
 	- postgresql-8.4 8.4.3-1
-CVE-2010-2444
+CVE-2010-2444 (parse/Csv2_parse.c in MaraDNS 1.3.03, and other versions before 1.4.03 ...)
 	- maradns 1.4.03-1 (low; bug #584587)
 	[lenny] - maradns <no-dsa> (minor issue)
 	[etch] - maradns <not-affected> (vulnerable code introduced in 1.3.03)
@@ -12753,54 +12753,54 @@ CVE-2010-XXXX [backup-manager: make sure password is not written to world-readab
 	NOTE: checked in 0.7.9-1, but may have been fixed sooner
 CVE-2010-XXXX [sudosh3: many security weaknesses]
 	- sudosh3 <removed> (high; bug #566142)
-CVE-2010-0379
+CVE-2010-0379 (Multiple unspecified vulnerabilities in the Macromedia Flash ActiveX c ...)
 	NOT-FOR-US: Macromedia Flash ActiveX
-CVE-2010-0378
+CVE-2010-0378 (Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distribu ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2010-0377
+CVE-2010-0377 (SQL injection vulnerability in modules/arcade/index.php in PHP MySpace ...)
 	NOT-FOR-US: PHP MySpace Gold Edition
-CVE-2010-0376
+CVE-2010-0376 (Cross-site scripting (XSS) vulnerability in product_list.php in JCE-Te ...)
 	NOT-FOR-US: JCE-Tech PHP Calendars
-CVE-2010-0375
+CVE-2010-0375 (SQL injection vulnerability in product_list.php in JCE-Tech PHP Calend ...)
 	NOT-FOR-US: JCE-Tech PHP Calendars
-CVE-2010-0374
+CVE-2010-0374 (Cross-site scripting (XSS) vulnerability in the Marketplace (com_marke ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-0373
+CVE-2010-0373 (SQL injection vulnerability in the libros (com_libros) component for J ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-0372
+CVE-2010-0372 (SQL injection vulnerability in the Articlemanager (com_articlemanager) ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-0371
+CVE-2010-0371 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Hi ...)
 	NOT-FOR-US: Hitmaaan Gallery
-CVE-2010-0370
+CVE-2010-0370 (Cross-site scripting (XSS) vulnerability in the Node Blocks module 5.x ...)
 	NOT-FOR-US: Node Blocks module for Drupal
 CVE-2010-0369
 	RESERVED
 CVE-2010-0368
 	RESERVED
-CVE-2010-0367
+CVE-2010-0367 (Multiple PHP remote file inclusion vulnerabilities in BitScripts Bits  ...)
 	NOT-FOR-US: BitScripts Bits Video Script
-CVE-2010-0366
+CVE-2010-0366 (Multiple unrestricted file upload vulnerabilities in (1) register.php  ...)
 	NOT-FOR-US: BitScripts Bits Video Script
-CVE-2010-0365
+CVE-2010-0365 (Cross-site scripting (XSS) vulnerability in search.php in BitScripts B ...)
 	NOT-FOR-US: BitScripts Bits Video Script
-CVE-2010-0364
+CVE-2010-0364 (Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows  ...)
 	- vlc 0.8.6.c-4.1 (low; bug #458318)
 	NOTE: subset of CVE-2007-6681
-CVE-2010-0363
+CVE-2010-0363 (Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3 ...)
 	NOT-FOR-US: Zeus Web Server
-CVE-2010-0362
+CVE-2010-0362 (Zeus Web Server before 4.3r5 does not use random transaction IDs for D ...)
 	NOT-FOR-US: Zeus Web Server
-CVE-2010-0361
+CVE-2010-0361 (Stack-based buffer overflow in the WebDAV implementation in webservd i ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0360
+CVE-2010-0360 (Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attac ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0359
+CVE-2010-0359 (Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 a ...)
 	NOT-FOR-US: Zeus Web Server
-CVE-2010-0358
+CVE-2010-0358 (Heap-based buffer overflow in the server in IBM Lotus Domino 7 and 8.5 ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2010-0357
+CVE-2010-0357 (Cross-site scripting (XSS) vulnerability in the Login page in IBM Lotu ...)
 	NOT-FOR-US: IBM Lotus Web Content Management
-CVE-2010-0356
+CVE-2010-0356 (Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 Activ ...)
 	NOT-FOR-US: ActiveX
 CVE-2010-0355
 	RESERVED
@@ -12812,7 +12812,7 @@ CVE-2010-0352
 	RESERVED
 CVE-2010-0351
 	RESERVED
-CVE-2010-1104
+CVE-2010-1104 (Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12,  ...)
 	- zope3 <removed> (low)
 	[lenny] - zope3 <no-dsa> (Minor issue)
 	- zope2.11 <removed>
@@ -12820,94 +12820,94 @@ CVE-2010-1104
 	[lenny] - zope2.10 <no-dsa> (Minor issue)
 	- zope2.9 <removed>
 	NOTE: https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
-CVE-2010-0350
+CVE-2010-0350 (Directory traversal vulnerability in the Photo Book (goof_fotoboek) ex ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0349
+CVE-2010-0349 (Cross-site scripting (XSS) vulnerability in C3 Corp. WebCalenderC3 0.3 ...)
 	NOT-FOR-US: WebCalenderC3
-CVE-2010-0348
+CVE-2010-0348 (Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and e ...)
 	NOT-FOR-US: WebCalenderC3
-CVE-2010-0347
+CVE-2010-0347 (Cross-site scripting (XSS) vulnerability in the VD / Geomap (vd_geomap ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0346
+CVE-2010-0346 (Cross-site scripting (XSS) vulnerability in the Tip many friends (mimi ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0345
+CVE-2010-0345 (Cross-site scripting (XSS) vulnerability in the Majordomo extension 1. ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0344
+CVE-2010-0344 (SQL injection vulnerability in the zak_store_management extension 1.0. ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0343
+CVE-2010-0343 (SQL injection vulnerability in the Clan Users List (pb_clanlist) exten ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0342
+CVE-2010-0342 (SQL injection vulnerability in the Reports for Job (job_reports) exten ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0341
+CVE-2010-0341 (SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) exte ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0340
+CVE-2010-0340 (SQL injection vulnerability in the MJS Event Pro (mjseventpro) extensi ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0339
+CVE-2010-0339 (SQL injection vulnerability in the User Links (vm19_userlinks) extensi ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0338
+CVE-2010-0338 (SQL injection vulnerability in the TT_Products editor (ttpedit) extens ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0337
+CVE-2010-0337 (SQL injection vulnerability in the tt_news Mail alert (dl3_tt_news_ale ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0336
+CVE-2010-0336 (Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumpe ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0335
+CVE-2010-0335 (Cross-site scripting (XSS) vulnerability in the Vote rank for news (vo ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0334
+CVE-2010-0334 (SQL injection vulnerability in the Vote rank for news (vote_for_tt_new ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0333
+CVE-2010-0333 (SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6  ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0332
+CVE-2010-0332 (SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) exten ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0331
+CVE-2010-0331 (Cross-site scripting (XSS) vulnerability in the TV21 Talkshow (tv21_ta ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0330
+CVE-2010-0330 (SQL injection vulnerability in the Googlemaps for tt_news (jf_easymaps ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0329
+CVE-2010-0329 (SQL injection vulnerability in the powermail extension 1.5.1 and earli ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0328
+CVE-2010-0328 (Cross-site scripting (XSS) vulnerability in the Unit Converter (cs2_un ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0327
+CVE-2010-0327 (Cross-site scripting (XSS) vulnerability in the KJ: Imagelightbox (kj_ ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0326
+CVE-2010-0326 (Cross-site scripting (XSS) vulnerability in the Developer log (devlog) ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0325
+CVE-2010-0325 (Unspecified vulnerability in the SB Folderdownload (sb_folderdownload) ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0324
+CVE-2010-0324 (SQL injection vulnerability in the Customer Reference List (ref_list)  ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0323
+CVE-2010-0323 (Unspecified vulnerability in the Photo Book (goof_fotoboek) extension  ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0322
+CVE-2010-0322 (SQL injection vulnerability in the init function in MK-AnydropdownMenu ...)
 	NOT-FOR-US: TYPO3 third party extensions
-CVE-2010-0321
+CVE-2010-0321 (Cross-site scripting (XSS) vulnerability in jobs/index.php in Jamit Jo ...)
 	NOT-FOR-US: Jamit Job Board 3.0
-CVE-2010-0320
+CVE-2010-0320 (Cross-site scripting (XSS) vulnerability in submitlink.php in Glitter  ...)
 	NOT-FOR-US: Glitter Central Script
-CVE-2010-0319
+CVE-2010-0319 (Cross-site scripting (XSS) vulnerability in index.php in Docmint 1.0 a ...)
 	NOT-FOR-US: Docmint
-CVE-2010-0318
+CVE-2010-0318 (The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, ...)
 	- kfreebsd-6 <not-affected> (vulnerable code introduced in freebsd 7)
 	- kfreebsd-7 7.2-10 (medium; bug #566684)
 	[lenny] - kfreebsd-7 <no-dsa> (kfreebsd not support in Lenny)
 	- kfreebsd-8 8.0-2 (medium)
-CVE-2010-0317
+CVE-2010-0317 (Novell Netware 6.5 SP8 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Novell Netware
-CVE-2010-0316
+CVE-2010-0316 (Integer overflow in Google SketchUp before 7.1 M2 allows remote attack ...)
 	NOT-FOR-US: Google SketchUp
-CVE-2010-0315
+CVE-2010-0315 (WebKit before r53607, as used in Google Chrome before 4.0.249.89, allo ...)
 	- chromium-browser 5.0.375.29~r46008-1
 	- webkit 1.1.21-1 (low)
 	[lenny] - webkit <no-dsa> (Too intrusive to backport, disk of regression higher than impact at hand)
-CVE-2010-0314
+CVE-2010-0314 (Apple Safari allows remote attackers to discover a redirect's target U ...)
 	- webkit 1.1.90-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.29~r46008-1
-CVE-2010-0313
+CVE-2010-0313 (The core_get_proxyauth_dn function in ns-slapd in Sun Java System Dire ...)
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
-CVE-2010-0312
+CVE-2010-0312 (The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server  ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2010-0311
+CVE-2010-0311 (Unspecified vulnerability in Sun Java System Identity Manager (aka IdM ...)
 	NOT-FOR-US: Sun Java System Identity Manager
-CVE-2010-0310
+CVE-2010-0310 (Trusted Extensions in Sun Solaris 10 allows local users to gain privil ...)
 	NOT-FOR-US: Trusted Extensions in Sun Solaris 10
 CVE-2010-XXXX [zend framework multiple issues]
 	- zendframework 1.9.7-1
@@ -12915,123 +12915,123 @@ CVE-2010-XXXX [zend framework multiple issues]
 CVE-2010-XXXX [ZF2010-07]
 	- zendframework 1.10.3-1
 	NOTE: http://framework.zend.com/security/advisory/ZF2010-07
-CVE-2010-0309
+CVE-2010-0309 (The pit_ioport_read function in the Programmable Interval Timer (PIT)  ...)
 	{DSA-2010-1 DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
 	- kvm <removed>
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git;a=commitdiff;h=336f40a728b9a4a5db5e1df5c89852c79ff95604
-CVE-2010-0308
+CVE-2010-0308 (lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through  ...)
 	{DSA-1991-1}
 	- squid 2.7.STABLE8-1
 	- squid3 3.1.0.16-1 (bug #575747)
-CVE-2010-0307
+CVE-2010-0307 (The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel be ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	- linux-2.6.24 <removed>
-CVE-2010-0306
+CVE-2010-0306 (The x86 emulator in KVM 83, when a guest is configured for Symmetric M ...)
 	{DSA-2010-1 DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
 	- kvm <removed>
-CVE-2010-0305
+CVE-2010-0305 (ejabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to c ...)
 	{DSA-2033-1}
 	- ejabberd 2.1.2-2 (medium; bug #568383)
 	NOTE: https://support.process-one.net/browse/EJAB-1173
-CVE-2010-0304
+CVE-2010-0304 (Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 t ...)
 	{DSA-1983-1}
 	- wireshark 1.2.6-1
-CVE-2010-0303
+CVE-2010-0303 (mystring.c in hybserv in IRCD-Hybrid (aka Hybrid2 IRC Services) 1.9.2  ...)
 	{DSA-1982-1}
 	- hybserv 1.9.2-4.1 (low; bug #550389)
-CVE-2010-0302
+CVE-2010-0302 (Use-after-free vulnerability in the abstract file-descriptor handling  ...)
 	- cups 1.4.2-10 (bug #572940)
 	[lenny] - cups 1.3.8-1+lenny9
 	- cupsys <not-affected> (vulnerable code introduced in 1.3.x)
 	NOTE: This is for an incomplete fix for CVE-2009-3553
-CVE-2010-0301
+CVE-2010-0301 (main.C in maildrop 2.3.0 and earlier, when run by root with the -d opt ...)
 	{DSA-1981-1}
 	- maildrop 2.2.0-3.1 (low; bug #564601)
-CVE-2010-0300
+CVE-2010-0300 (cache.c in ircd-ratbox before 2.2.9 allows remote attackers to cause a ...)
 	{DSA-1980-1}
 	- ircd-ratbox 3.0.6.dfsg-1 (low; bug #567191)
 	- ircd-hybrid 1:7.2.2.dfsg.2-6.1 (low)
-CVE-2010-0299
+CVE-2010-0299 (openSUSE 11.2 installs the devtmpfs root directory with insecure permi ...)
 	- linux-2.6 2.6.32-6
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.31)
-CVE-2010-0298
+CVE-2010-0298 (The x86 emulator in KVM 83 does not use the Current Privilege Level (C ...)
 	{DSA-2010-1 DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
 	- kvm <removed>
-CVE-2010-0297
+CVE-2010-0297 (Buffer overflow in the usb_host_handle_control function in the USB pas ...)
 	- qemu-kvm 0.11.1+dfsg-1
 	- kvm <removed> (low)
 	[lenny] - kvm <no-dsa> (minor issue)
-CVE-2010-0296
+CVE-2010-0296 (The encode_name macro in misc/mntent_r.c in the GNU C Library (aka gli ...)
 	{DSA-2058-1}
 	- glibc 2.11-1 (bug #583908)
 	- eglibc 2.11-1
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ab00f4eac8f4932211259ff87be83144f5211540
-CVE-2010-0295
+CVE-2010-0295 (lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read op ...)
 	{DSA-1987-1}
 	- lighttpd 1.4.26-1 (medium)
-CVE-2010-0294
+CVE-2010-0294 (chronyd in Chrony before 1.23.1, and possibly 1.24-pre1, generates a s ...)
 	{DSA-1992-1}
 	- chrony 1.23-7 (low)
-CVE-2010-0293
+CVE-2010-0293 (The client logging functionality in chronyd in Chrony before 1.23.1 do ...)
 	{DSA-1992-1}
 	- chrony 1.23-7 (low)
-CVE-2010-0292
+CVE-2010-0292 (The read_from_cmd_socket function in cmdmon.c in chronyd in Chrony bef ...)
 	{DSA-1992-1}
 	- chrony 1.23-7 (medium)
-CVE-2010-0291
+CVE-2010-0291 (The Linux kernel before 2.6.32.4 allows local users to gain privileges ...)
 	{DSA-2005-1 DSA-1996-1}
 	- linux-2.6 2.6.32-6
-CVE-2010-0290
+CVE-2010-0290 (Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before  ...)
 	{DSA-2054-1}
 	- bind9 1:9.7.0.dfsg-1 (medium)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=554851#c7
-CVE-2010-0289
+CVE-2010-0289 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL  ...)
 	{DSA-1976-1}
 	- dokuwiki 0.0.20090214b-3.1 (low)
 	[etch] - dokuwiki <not-affected> (Vulnerable code not present)
 	NOTE: http://secunia.com/advisories/38205/
-CVE-2010-0288
+CVE-2010-0288 (A typo in the administrator permission check in the ACL Manager plugin ...)
 	{DSA-1976-1}
 	- dokuwiki 0.0.20090214b-3.1 (medium; bug #565406)
 	[etch] - dokuwiki <not-affected> (Vulnerable code not present)
 	NOTE: http://bugs.splitbrain.org/index.php?do=details&task_id=1847
 	NOTE: issue being exploited
-CVE-2010-0287
+CVE-2010-0287 (Directory traversal vulnerability in the ACL Manager plugin (plugins/a ...)
 	{DSA-1976-1}
 	- dokuwiki 0.0.20090214b-3.1 (low)
 	[etch] - dokuwiki <not-affected> (Vulnerable code not present)
 	NOTE: http://secunia.com/advisories/38205/
-CVE-2010-0286
+CVE-2010-0286 (Unspecified vulnerability in the OpenID Identity Authentication extens ...)
 	- typo3-src 4.3.1-1 (bug #567163)
 	[lenny] - typo3-src <not-affected> (Only affects 4.3.x)
 	NOTE: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/
-CVE-2010-0285
+CVE-2010-0285 (gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the ...)
 	- gnome-screensaver 2.28.3-1 (low)
 	[lenny] - gnome-screensaver <no-dsa> (Minor issue)
 	NOTE: http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=593616
-CVE-2010-0284
+CVE-2010-0284 (Directory traversal vulnerability in the getEntry method in the Portal ...)
 	NOT-FOR-US: Novell Access Manager
-CVE-2010-0283
+CVE-2010-0283 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 bef ...)
 	- krb5 1.8+dfsg~alpha1-7
 	[lenny] - krb5 <not-affected> (Only affects krb5 >= 1.7)
 CVE-2010-0282
 	RESERVED
 CVE-2010-0281
 	RESERVED
-CVE-2010-0280
+CVE-2010-0280 (Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Googl ...)
 	- lib3ds 1.3.0-5 (low; bug #575741)
 	[lenny] - lib3ds <no-dsa> (Minor issue)
 	[etch] - lib3ds <no-dsa> (Minor issue)
@@ -13042,157 +13042,157 @@ CVE-2010-0280
 	NOTE: issue was published saying it affects google sketchup,
 	NOTE: but the vulnerable code is in lib3ds
 	NOTE: http://code.google.com/p/lib3ds/issues/detail?id=9
-CVE-2010-0279
+CVE-2010-0279 (Unrestricted file upload vulnerability in upload.php in BTS-GI Read ex ...)
 	NOT-FOR-US: BTS-GI Read excel
-CVE-2010-0278
+CVE-2010-0278 (A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft Wind ...)
 	NOT-FOR-US: ActiveX
-CVE-2010-0277
+CVE-2010-0277 (slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6,  ...)
 	{DSA-2038-1}
 	- pidgin 2.6.6-1 (low; bug #566775)
 	- gaim <removed> (low)
 	[lenny] - gaim <not-affected> (gaim is a transitional dummy package only)
 	- qutecom 2.2~rc3.hg396~dfsg1-6 (low; bug #572946)
-CVE-2010-0276
+CVE-2010-0276 (IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Dom ...)
 	NOT-FOR-US: IBM Lotus iNotes
-CVE-2010-0275
+CVE-2010-0275 (Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) be ...)
 	NOT-FOR-US: IBM Lotus iNotes
-CVE-2010-0274
+CVE-2010-0274 (Unspecified vulnerability in the Edit Contact scene in Ultra-light Mod ...)
 	NOT-FOR-US: IBM Lotus iNotes
-CVE-2010-0273
+CVE-2010-0273 (Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 o ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0272
+CVE-2010-0272 (Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6  ...)
 	NOT-FOR-US: Sun Java System Web Server
-CVE-2010-0271
+CVE-2010-0271 (hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_ ...)
 	NOT-FOR-US: hald in Sun OpenSolaris
-CVE-2010-0270
+CVE-2010-0270 (The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0269
+CVE-2010-0269 (The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3,  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0268
+CVE-2010-0268 (Unspecified vulnerability in the Windows Media Player ActiveX control  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0267
+CVE-2010-0267 (Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle o ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0266
+CVE-2010-0266 (Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0265
+CVE-2010-0265 (Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, an ...)
 	NOT-FOR-US: Microsoft Windows Movie Maker
-CVE-2010-0264
+CVE-2010-0264 (Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Ope ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0263
+CVE-2010-0263 (Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0262
+CVE-2010-0262 (Microsoft Office Excel 2007 SP1 and SP2 and Office 2004 for Mac do not ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0261
+CVE-2010-0261 (Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0260
+CVE-2010-0260 (Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2; ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2010-0259
 	REJECTED
-CVE-2010-0258
+CVE-2010-0258 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Offic ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0257
+CVE-2010-0257 (Microsoft Office Excel 2002 SP3 does not properly parse the Excel file ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0256
+CVE-2010-0256 (Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does n ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2010-0255
+CVE-2010-0255 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prev ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0254
+CVE-2010-0254 (Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does n ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2010-0253
 	REJECTED
-CVE-2010-0252
+CVE-2010-0252 (The Microsoft Data Analyzer ActiveX control (aka the Office Excel Acti ...)
 	NOT-FOR-US: Microsoft Data Analyzer ActiveX control
 CVE-2010-0251
 	REJECTED
-CVE-2010-0250
+CVE-2010-0250 (Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used ...)
 	NOT-FOR-US: Microsoft DirectX
-CVE-2010-0249
+CVE-2010-0249 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0248
+CVE-2010-0248 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handl ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0247
+CVE-2010-0247 (Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly h ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0246
+CVE-2010-0246 (Microsoft Internet Explorer 8 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0245
+CVE-2010-0245 (Microsoft Internet Explorer 8 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0244
+CVE-2010-0244 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handl ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0243
+CVE-2010-0243 (Buffer overflow in MSO.DLL in Microsoft Office XP SP3 and Office 2004  ...)
 	NOT-FOR-US: Microsoft Office XP
-CVE-2010-0242
+CVE-2010-0242 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP ...)
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2010-0241
+CVE-2010-0241 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP ...)
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2010-0240
+CVE-2010-0240 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP ...)
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2010-0239
+CVE-2010-0239 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP ...)
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2010-0238
+CVE-2010-0238 (Unspecified vulnerability in registry-key validation in the kernel in  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0237
+CVE-2010-0237 (The kernel in Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows loc ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0236
+CVE-2010-0236 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0235
+CVE-2010-0235 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0234
+CVE-2010-0234 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0233
+CVE-2010-0233 (Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0232
+CVE-2010-0232 (The kernel in Microsoft Windows NT 3.1 through Windows 7, including Wi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0231
+CVE-2010-0231 (The SMB implementation in the Server service in Microsoft Windows 2000 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0230
+CVE-2010-0230 (SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures  ...)
 	- postfix <not-affected> (SUSE-specific packaging issue)
-CVE-2010-0229
+CVE-2010-0229 (Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash  ...)
 	NOT-FOR-US: Verbatim Corporate Secure
-CVE-2010-0228
+CVE-2010-0228 (Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash  ...)
 	NOT-FOR-US: Verbatim Corporate Secure
-CVE-2010-0227
+CVE-2010-0227 (Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash  ...)
 	NOT-FOR-US: Verbatim Corporate Secure
-CVE-2010-0226
+CVE-2010-0226 (SanDisk Cruzer Enterprise USB flash drives do not prevent password rep ...)
 	NOT-FOR-US: SanDisk Cruzer Enterprise USB flash drives
-CVE-2010-0225
+CVE-2010-0225 (SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for ...)
 	NOT-FOR-US: SanDisk Cruzer Enterprise USB flash drives
-CVE-2010-0224
+CVE-2010-0224 (SanDisk Cruzer Enterprise USB flash drives validate passwords with a p ...)
 	NOT-FOR-US: SanDisk Cruzer Enterprise USB flash drives
-CVE-2010-0223
+CVE-2010-0223 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edi ...)
 	NOT-FOR-US: Kingston USB flash drives
-CVE-2010-0222
+CVE-2010-0222 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edi ...)
 	NOT-FOR-US: Kingston USB flash drives
-CVE-2010-0221
+CVE-2010-0221 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edi ...)
 	NOT-FOR-US: Kingston USB flash drives
-CVE-2010-0220
+CVE-2010-0220 (The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverL ...)
 	- xulrunner <unfixed> (unimportant)
 	NOTE: browser DoS not treated as security issue
-CVE-2010-0219
+CVE-2010-0219 (Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterpri ...)
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-0218
+CVE-2010-0218 (ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the  ...)
 	- bind9 <not-affected> (Only affects 9.7.2, which is not yet in the archive)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
 	NOTE: ACL bypass claimed to only affect >=9.7.2: https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html
-CVE-2010-0217
+CVE-2010-0217 (Zeacom Chat Server before 5.1 uses too short a random string for the J ...)
 	NOT-FOR-US: Zeacom Chat Server
-CVE-2010-0216
+CVE-2010-0216 (authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows r ...)
 	NOT-FOR-US: MediaCAST
-CVE-2010-0215
+CVE-2010-0215 (ActiveCollab before 2.3.2 allows remote authenticated users to bypass  ...)
 	NOT-FOR-US: ActiveCollab
-CVE-2010-0214
+CVE-2010-0214 (The administrative interface on the PolyVision RoomWizard with firmwar ...)
 	NOT-FOR-US: PolyVision RoomWizard
-CVE-2010-0213
+CVE-2010-0213 (BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trus ...)
 	- bind9 9.7.1.dfsg.P2
 	[lenny] - bind9 <not-affected> (vulnerability introduced in 9.7.1)
-CVE-2010-0212
+CVE-2010-0212 (OpenLDAP 2.4.22 allows remote attackers to cause a denial of service ( ...)
 	{DSA-2077-1}
 	- openldap 2.4.23-1
-CVE-2010-0211
+CVE-2010-0211 (The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not  ...)
 	{DSA-2077-1}
 	- openldap 2.4.23-1
 CVE-2010-0210
 	RESERVED
-CVE-2010-0209
+CVE-2010-0209 (Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adob ...)
 	NOT-FOR-US: Adobe Flash Plugin
 CVE-2010-0208
 	RESERVED
@@ -13211,60 +13211,60 @@ CVE-2010-0206 [xpdf: Invalid pointer dereference by processing JBIG2 PDF stream
 	- poppler 0.16.3-1 (unimportant)
 	[squeeze] - poppler 0.12.4-1.2+squeeze1
 	NOTE: Just a crasher, not treated as a security issue
-CVE-2010-0205
+CVE-2010-0205 (The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before ...)
 	{DSA-2032-1}
 	- libpng 1.2.43-1 (low; bug #572308)
 	NOTE: http://www.kb.cert.org/vuls/id/576029
-CVE-2010-0204
+CVE-2010-0204 (Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0203
+CVE-2010-0203 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0202
+CVE-2010-0202 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0201
+CVE-2010-0201 (Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Win ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2010-0200
 	REJECTED
-CVE-2010-0199
+CVE-2010-0199 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0198
+CVE-2010-0198 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0197
+CVE-2010-0197 (Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0196
+CVE-2010-0196 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0195
+CVE-2010-0195 (Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0194
+CVE-2010-0194 (Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0193
+CVE-2010-0193 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0192
+CVE-2010-0192 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0191
+CVE-2010-0191 (Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Win ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0190
+CVE-2010-0190 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 9 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0189
+CVE-2010-0189 (A certain ActiveX control in NOS Microsystems getPlus Download Manager ...)
 	NOT-FOR-US: Adobe Download Manager
-CVE-2010-0188
+CVE-2010-0188 (Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-0187
+CVE-2010-0187 (Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 al ...)
 	NOT-FOR-US: Adobe Flash plugin
-CVE-2010-0186
+CVE-2010-0186 (Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Ado ...)
 	NOT-FOR-US: Adobe Flash plugin
-CVE-2010-0185
+CVE-2010-0185 (The default configuration of Adobe ColdFusion 9.0 does not restrict ac ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2010-0184
+CVE-2010-0184 (The (1) domainutility and (2) domainutilitycmd components in TIBCO Dom ...)
 	NOT-FOR-US: TIBCO Domain Utility in TIBCO Runtime Agent
-CVE-2010-0183
+CVE-2010-0183 (Use-after-free vulnerability in the nsCycleCollector::MarkRoots functi ...)
 	{DSA-2064-1}
 	- xulrunner 1.9.1.10-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.5-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0182
+CVE-2010-0182 (The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6 ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.9-1 (low)
 	[lenny] - xulrunner <no-dsa> (Minor issue, no upstream fix for 3.0 series)
@@ -13274,36 +13274,36 @@ CVE-2010-0182
 	- icedove 3.0.4-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - icedove <end-of-life>
-CVE-2010-0181
+CVE-2010-0181 (Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey bef ...)
 	- xulrunner 1.9.1.9-1 (unimportant)
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.4-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0180
+CVE-2010-0180 (Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_ ...)
 	- bugzilla <not-affected> (Only affects 3.5 to 3.7)
-CVE-2010-0179
+CVE-2010-0179 (Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey be ...)
 	{DSA-2027-1}
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.4-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0178
+CVE-2010-0178 (Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3. ...)
 	{DSA-2027-1}
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.4-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0177
+CVE-2010-0177 (Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3. ...)
 	{DSA-2027-1}
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.4-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0176
+CVE-2010-0176 (Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3. ...)
 	{DSA-2027-1}
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
@@ -13312,7 +13312,7 @@ CVE-2010-0176
 	- icedove 3.0.4-1
 	[lenny] - icedove <end-of-life>
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0175
+CVE-2010-0175 (Use-after-free vulnerability in the nsTreeSelection implementation in  ...)
 	{DSA-2027-1}
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
@@ -13321,7 +13321,7 @@ CVE-2010-0175
 	- icedove 3.0.4-1
 	[lenny] - icedove <end-of-life>
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0174
+CVE-2010-0174 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2027-1}
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
@@ -13330,7 +13330,7 @@ CVE-2010-0174
 	- icedove 3.0.4-1
 	[lenny] - icedove <end-of-life>
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-0173
+CVE-2010-0173 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- xulrunner 1.9.1.9-1
 	- iceweasel 3.5.11-2
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
@@ -13339,11 +13339,11 @@ CVE-2010-0173
 	[lenny] - icedove <end-of-life>
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (Only affects Firefox >= 3.5)
-CVE-2010-0172
+CVE-2010-0172 (toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the as ...)
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceweasel <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-0171
+CVE-2010-0171 (Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x bef ...)
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	- iceweasel 3.5.11-2
@@ -13352,11 +13352,11 @@ CVE-2010-0171
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
 	- icedove 3.0.2-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-0170
+CVE-2010-0170 (Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected w ...)
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceweasel <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-0169
+CVE-2010-0169 (The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoade ...)
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	- iceape 2.0.3-1
@@ -13365,11 +13365,11 @@ CVE-2010-0169
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
 	- icedove 3.0.2-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-0168
+CVE-2010-0168 (The nsDocument::MaybePreLoadImage function in content/base/src/nsDocum ...)
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceweasel <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-0167
+CVE-2010-0167 (The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x befor ...)
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	- iceweasel 3.5.11-2
@@ -13378,22 +13378,22 @@ CVE-2010-0167
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
 	- icedove 3.0.2-1
 	[lenny] - icedove <end-of-life>
-CVE-2010-0166
+CVE-2010-0166 (The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.c ...)
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceweasel <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-0165
+CVE-2010-0165 (The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp  ...)
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceweasel <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-0164
+CVE-2010-0164 (Use-after-free vulnerability in the imgContainer::InternalAddFrameHelp ...)
 	- xulrunner <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceape <not-affected> (vulnerable code introduced in firefox 3.6)
 	- iceweasel <not-affected> (vulnerable code introduced in firefox 3.6)
-CVE-2010-0163
+CVE-2010-0163 (Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 proces ...)
 	{DSA-2025-1}
 	- icedove 3.0.4-1 (medium)
-CVE-2010-0162
+CVE-2010-0162 (Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMon ...)
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	- iceweasel 3.5.11-2
@@ -13401,11 +13401,11 @@ CVE-2010-0162
 	[etch] - xulrunner <end-of-life>
 	- iceape 2.0.3-1
 	[lenny] - iceape <not-affected> (Lenny package only provide xpcom stubs)
-CVE-2010-0161
+CVE-2010-0161 (The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in M ...)
 	- xulrunner <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2010-0160
+CVE-2010-0160 (The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 an ...)
 	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <not-affected> (web workers introduced in gecko 1.9.1)
 	[lenny] - xulrunner <not-affected> (web workers introduced in gecko 1.9.1)
@@ -13414,7 +13414,7 @@ CVE-2010-0160
 	- iceape 2.0.3-1
 	[etch] - iceape <not-affected> (web workers introduced in gecko 1.9.1)
 	[lenny] - iceape <not-affected> (web workers introduced in gecko 1.9.1)
-CVE-2010-0159
+CVE-2010-0159 (The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x be ...)
 	{DSA-1999-1}
 	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <end-of-life>
@@ -13426,400 +13426,400 @@ CVE-2010-0159
 	[lenny] - icedove <end-of-life>
 CVE-2010-0158
 	NOT-FOR-US: JoomlaBamboo (JB) Simpla Admin template
-CVE-2010-0157
+CVE-2010-0157 (Directory traversal vulnerability in the Bible Study (com_biblestudy)  ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-0156
+CVE-2010-0156 (Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local user ...)
 	- puppet 0.25.4-2
 	[lenny] - puppet <no-dsa> (Minor issue)
-CVE-2010-0155
+CVE-2010-0155 (CRLF injection vulnerability in load.php in the Local Management Inter ...)
 	NOT-FOR-US: IBM Proventia Network Mail Security System
-CVE-2010-0154
+CVE-2010-0154 (Directory traversal vulnerability in sla/index.php in the Local Manage ...)
 	NOT-FOR-US: IBM Proventia Network Mail Security System
-CVE-2010-0153
+CVE-2010-0153 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Loca ...)
 	NOT-FOR-US: IBM Proventia Network Mail Security System
-CVE-2010-0152
+CVE-2010-0152 (Multiple cross-site scripting (XSS) vulnerabilities in the Local Manag ...)
 	NOT-FOR-US: IBM Proventia Network Mail Security System
-CVE-2010-0151
+CVE-2010-0151 (The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used i ...)
 	NOT-FOR-US: Cisco
-CVE-2010-0150
+CVE-2010-0150 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security A ...)
 	NOT-FOR-US: Cisco
-CVE-2010-0149
+CVE-2010-0149 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security A ...)
 	NOT-FOR-US: Cisco
-CVE-2010-0148
+CVE-2010-0148 (Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285 ...)
 	NOT-FOR-US: Cisco Security Agent
-CVE-2010-0147
+CVE-2010-0147 (SQL injection vulnerability in the Management Center for Cisco Securit ...)
 	NOT-FOR-US: Cisco
-CVE-2010-0146
+CVE-2010-0146 (Directory traversal vulnerability in the Management Center for Cisco S ...)
 	NOT-FOR-US: Cisco
-CVE-2010-0145
+CVE-2010-0145 (Unspecified vulnerability in the embedded HTTPS server on the Cisco Ir ...)
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2010-0144
+CVE-2010-0144 (Unspecified vulnerability in the WebSafe DistributorServlet in the emb ...)
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2010-0143
+CVE-2010-0143 (Unspecified vulnerability in the administrative interface in the embed ...)
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2010-0142
+CVE-2010-0142 (MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5 ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2010-0141
+CVE-2010-0141 (MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5 ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2010-0140
+CVE-2010-0140 (Multiple unspecified vulnerabilities in the web server in Cisco Unifie ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2010-0139
+CVE-2010-0139 (Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.6 ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2010-0138
+CVE-2010-0138 (Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor ( ...)
 	NOT-FOR-US: Cisco CiscoWorks Internetwork Performance Monitor
-CVE-2010-0137
+CVE-2010-0137 (Unspecified vulnerability in the sshd_child_handler process in the SSH ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2010-0136
+CVE-2010-0136 (OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce ...)
 	{DSA-1995-1}
 	- openoffice.org 1:3.1.1-11
-CVE-2010-0135
+CVE-2010-0135 (Heap-based buffer overflow in the WordPerfect 5.x reader (wosr.dll), a ...)
 	NOT-FOR-US: WordPerfect reader on Windows
-CVE-2010-0134
+CVE-2010-0134 (Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and 10. ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2010-0133
+CVE-2010-0133 (Multiple stack-based buffer overflows in the SpreadSheet Lotus 123 rea ...)
 	NOT-FOR-US: SpreadSheet Lotus 123 reader
-CVE-2010-0132
+CVE-2010-0132 (Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 an ...)
 	- viewvc 1.1.5-1 (bug #576307)
-CVE-2010-0131
+CVE-2010-0131 (Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr ...)
 	NOT-FOR-US: SpreadSheet Lotus 123 reader
-CVE-2010-0130
+CVE-2010-0130 (Integer overflow in Adobe Shockwave Player before 11.5.7.609 might all ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-0129
+CVE-2010-0129 (Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-0128
+CVE-2010-0128 (Integer signedness error in dirapi.dll in Adobe Shockwave Player befor ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-0127
+CVE-2010-0127 (Adobe Shockwave Player before 11.5.7.609 allows remote attackers to ex ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-0126
+CVE-2010-0126 (Heap-based buffer overflow in an unspecified library in Autonomy KeyVi ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2010-0125
+CVE-2010-0125 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-0124
+CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password on the m ...)
 	NOT-FOR-US: Employee Timeclock Software
-CVE-2010-0123
+CVE-2010-0123 (The database backup implementation in Employee Timeclock Software 0.99 ...)
 	NOT-FOR-US: Employee Timeclock Software
-CVE-2010-0122
+CVE-2010-0122 (Multiple SQL injection vulnerabilities in Employee Timeclock Software  ...)
 	NOT-FOR-US: Employee Timeclock Software
-CVE-2010-0121
+CVE-2010-0121 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlaye ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-0120
+CVE-2010-0120 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-0119
+CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, place ...)
 	NOT-FOR-US: Bournal
-CVE-2010-0118
+CVE-2010-0118 (Bournal before 1.4.1 allows local users to overwrite arbitrary files v ...)
 	NOT-FOR-US: Bournal
-CVE-2010-0117
+CVE-2010-0117 (RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 throug ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-0116
+CVE-2010-0116 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and Real ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-0115
+CVE-2010-0115 (SQL injection vulnerability in login.php in the GUI management console ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2010-0114
+CVE-2010-0114 (fw_charts.php in the reporting module in the Manager (aka SEPM) compon ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2010-0113
+CVE-2010-0113 (The Symantec Norton Mobile Security application 1.0 Beta for Android r ...)
 	NOT-FOR-US: Symantec Norton Mobile Security application 1.0
-CVE-2010-0112
+CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative Interface ...)
 	NOT-FOR-US: Symantec IM Manager
-CVE-2010-0111
+CVE-2010-0111 (HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Ha ...)
 	NOT-FOR-US: Symantec Intel Alert Handler
-CVE-2010-0110
+CVE-2010-0110 (Multiple stack-based buffer overflows in Intel Alert Management System ...)
 	NOT-FOR-US: Symantec Intel Alert Handler
-CVE-2010-0109
+CVE-2010-0109 (DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9  ...)
 	NOT-FOR-US: Symantec
-CVE-2010-0108
+CVE-2010-0108 (Buffer overflow in the cliproxy.objects.1 ActiveX control in the Syman ...)
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2010-0107
+CVE-2010-0107 (Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360  ...)
 	NOT-FOR-US: Symantec
-CVE-2010-0106
+CVE-2010-0106 (The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before  ...)
 	NOT-FOR-US: Symantec AntiVirus
-CVE-2010-0105
+CVE-2010-0105 (The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before 10.6 ...)
 	NOT-FOR-US: Apple hfs implementation
-CVE-2010-0104
+CVE-2010-0104 (Unspecified vulnerability in the Broadcom Integrated NIC Management Fi ...)
 	NOT-FOR-US: Broadcom Integrated NIC Management Firmware
-CVE-2010-0103
+CVE-2010-0103 (UsbCharger.dll in the Energizer DUO USB battery charger software conta ...)
 	NOT-FOR-US: Energizer DUO USB Battery Charger Software
 CVE-2010-0102
 	RESERVED
-CVE-2010-0101
+CVE-2010-0101 (The embedded HTTP server in multiple Lexmark laser and inkjet printers ...)
 	NOT-FOR-US: Lexmark printers and MarkNet devices
 CVE-2010-0100
 	RESERVED
 CVE-2010-0099
 	REJECTED
-CVE-2010-0098
+CVE-2010-0098 (ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z fil ...)
 	- clamav 0.96+dfsg-1
 	[lenny] - clamav <end-of-life> (No longer supported in Lenny)
-CVE-2010-0097
+CVE-2010-0097 (ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2 ...)
 	{DSA-2054-1}
 	- bind9 1:9.7.0.dfsg-1
 CVE-2010-0096
 	RESERVED
-CVE-2010-0095
+CVE-2010-0095 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0094
+CVE-2010-0094 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0093
+CVE-2010-0093 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0092
+CVE-2010-0092 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0091
+CVE-2010-0091 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0090
+CVE-2010-0090 (Unspecified vulnerability in the Java Web Start, Java Plug-in componen ...)
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0089
+CVE-2010-0089 (Unspecified vulnerability in the Java Web Start, Java Plug-in componen ...)
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0088
+CVE-2010-0088 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 6b18-1.8-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0087
+CVE-2010-0087 (Unspecified vulnerability in the Java Web Start, Java Plug-in componen ...)
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0086
+CVE-2010-0086 (Unspecified vulnerability in the Portal component in Oracle Fusion Mid ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-0085
+CVE-2010-0085 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0084
+CVE-2010-0084 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0083
+CVE-2010-0083 (Unspecified vulnerability in Oracle OpenSolaris 8, 9, and 10 allows re ...)
 	NOT-FOR-US: Solaris
-CVE-2010-0082
+CVE-2010-0082 (Unspecified vulnerability in the HotSpot Server component in Oracle Ja ...)
 	- openjdk-6 6b17-1
 	- sun-java6 6.19-1
 	[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0081
+CVE-2010-0081 (Unspecified vulnerability in the Application Server Control component  ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2010-0080
+CVE-2010-0080 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile  ...)
 	NOT-FOR-US: PeopleSoft Enterprise HCM
-CVE-2010-0079
+CVE-2010-0079 (Multiple vulnerabilities in the JRockit component in BEA Product Suite ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2010-0078
+CVE-2010-0078 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2010-0077
+CVE-2010-0077 (Unspecified vulnerability in the CRM Technical Foundation (mobile) com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0076
+CVE-2010-0076 (Unspecified vulnerability in the Application Express Application Build ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-0075
+CVE-2010-0075 (Unspecified vulnerability in the Oracle HRMS (Self Service) component  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2010-0074
+CVE-2010-0074 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2010-0073
+CVE-2010-0073 (Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Se ...)
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2010-0072
+CVE-2010-0072 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle Secure Backup
-CVE-2010-0071
+CVE-2010-0071 (Unspecified vulnerability in the Listener component in Oracle Database ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-0070
+CVE-2010-0070 (Unspecified vulnerability in the Oracle Containers for J2EE component  ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2010-0069
+CVE-2010-0069 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2010-0068
+CVE-2010-0068 (Unspecified vulnerability in the WebLogic Server component in BEA Prod ...)
 	NOT-FOR-US: BEA Product Suite
-CVE-2010-0067
+CVE-2010-0067 (Unspecified vulnerability in the Oracle Containers for J2EE component  ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2010-0066
+CVE-2010-0066 (Unspecified vulnerability in the Access Manager Identity Server compon ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2010-0065
+CVE-2010-0065 (Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted remot ...)
 	NOT-FOR-US: Apple Disk Images
-CVE-2010-0064
+CVE-2010-0064 (DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves file ow ...)
 	NOT-FOR-US: Apple DesktopServices
-CVE-2010-0063
+CVE-2010-0063 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X befo ...)
 	NOT-FOR-US: Apple CoreTypes
-CVE-2010-0062
+CVE-2010-0062 (Heap-based buffer overflow in quicktime.qts in CoreMedia and QuickTime ...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2010-0061
 	RESERVED
-CVE-2010-0060
+CVE-2010-0060 (CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to e ...)
 	NOT-FOR-US: Apple CoreAudio
-CVE-2010-0059
+CVE-2010-0059 (CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to e ...)
 	NOT-FOR-US: Apple CoreAudio
-CVE-2010-0058
+CVE-2010-0058 (freshclam in ClamAV in Apple Mac OS X 10.5.8 with Security Update 2009 ...)
 	- clamav <not-affected> (apple-specific configuration issue)
-CVE-2010-0057
+CVE-2010-0057 (AFP Server in Apple Mac OS X before 10.6.3 does not prevent guest use  ...)
 	NOT-FOR-US: Apple AFP Server
-CVE-2010-0056
+CVE-2010-0056 (Buffer overflow in Cocoa spell checking in AppKit in Apple Mac OS X 10 ...)
 	NOT-FOR-US: Apple AppKit
-CVE-2010-0055
+CVE-2010-0055 (xar in Apple Mac OS X 10.5.8 does not properly validate package signat ...)
 	- xar <removed> (bug #572556)
 	[lenny] - xar <no-dsa> (Minor issue)
-CVE-2010-0054
+CVE-2010-0054 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 al ...)
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/53812
 	NOTE: http://trac.webkit.org/changeset/53813
 	NOTE: http://trac.webkit.org/changeset/54242
-CVE-2010-0053
+CVE-2010-0053 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 al ...)
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/50466
-CVE-2010-0052
+CVE-2010-0052 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 al ...)
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/51877
-CVE-2010-0051
+CVE-2010-0051 (WebKit in Apple Safari before 4.0.5 does not properly validate the cro ...)
 	NOTE: http://trac.webkit.org/changeset/52784
 	NOTE: duplicate of CVE-2010-0651
-CVE-2010-0050
+CVE-2010-0050 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 al ...)
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/52073
-CVE-2010-0049
+CVE-2010-0049 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 al ...)
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/52527
-CVE-2010-0048
+CVE-2010-0048 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 al ...)
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/51962
-CVE-2010-0047
+CVE-2010-0047 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 al ...)
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/50698
-CVE-2010-0046
+CVE-2010-0046 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple Saf ...)
 	- chromium-browser 6.0.466.0~r52279-1
 	- webkit 1.1.90-1 (bug #574064)
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	NOTE: http://trac.webkit.org/changeset/51727
-CVE-2010-0045
+CVE-2010-0045 (Apple Safari before 4.0.5 on Windows does not properly validate extern ...)
 	NOT-FOR-US: Apple Safari
-CVE-2010-0044
+CVE-2010-0044 (PubSub in Apple Safari before 4.0.5 does not properly implement use of ...)
 	NOT-FOR-US: Apple PubSub
 	NOTE: apple's pubsub is rss-oriented and all debian packages with pubsub
 	NOTE: components are not; hence this is very likely an issue specifically with
 	NOTE: their own code, or their wrapper code around another PubSub library
-CVE-2010-0043
+CVE-2010-0043 (ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2010-0042
+CVE-2010-0042 (ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2010-0041
+CVE-2010-0041 (ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2010-0040
+CVE-2010-0040 (Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, ...)
 	NOT-FOR-US: Apple Safari
-CVE-2010-0039
+CVE-2010-0039 (The Application-Level Gateway (ALG) on the Apple Time Capsule, AirPort ...)
 	NOT-FOR-US: Apple
-CVE-2010-0038
+CVE-2010-0038 (Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for  ...)
 	NOT-FOR-US: Apple iPhone OS
-CVE-2010-0037
+CVE-2010-0037 (Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allow ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-0036
+CVE-2010-0036 (Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allow ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-0035
+CVE-2010-0035 (The Key Distribution Center (KDC) in Kerberos in Microsoft Windows 200 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0034
+CVE-2010-0034 (Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 al ...)
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-0033
+CVE-2010-0033 (Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 al ...)
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-0032
+CVE-2010-0032 (Use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 a ...)
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-0031
+CVE-2010-0031 (Array index error in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 ...)
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-0030
+CVE-2010-0030 (Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and ...)
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-0029
+CVE-2010-0029 (Buffer overflow in Microsoft Office PowerPoint 2002 SP3 allows remote  ...)
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-0028
+CVE-2010-0028 (Integer overflow in Microsoft Paint in Windows 2000 SP4, XP SP2 and SP ...)
 	NOT-FOR-US: Microsoft Paint
-CVE-2010-0027
+CVE-2010-0027 (The URL validation functionality in Microsoft Internet Explorer 5.01,  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-0026
+CVE-2010-0026 (The Hyper-V server implementation in Microsoft Windows Server 2008 Gol ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2010-0025
+CVE-2010-0025 (The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Serv ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0024
+CVE-2010-0024 (The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Serv ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0023
+CVE-2010-0023 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows 2000 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0022
+CVE-2010-0022 (The SMB implementation in the Server service in Microsoft Windows 2000 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0021
+CVE-2010-0021 (Multiple race conditions in the SMB implementation in the Server servi ...)
 	NOT-FOR-US: Microsoft Windows Vista Gold
-CVE-2010-0020
+CVE-2010-0020 (The SMB implementation in the Server service in Microsoft Windows 2000 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0019
+CVE-2010-0019 (Microsoft Silverlight 3 before 3.0.50611.0 on Windows, and before 3.0. ...)
 	NOT-FOR-US: Microsoft Silverlight on Windows
-CVE-2010-0018
+CVE-2010-0018 (Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.d ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0017
+CVE-2010-0017 (Race condition in the SMB client implementation in Microsoft Windows S ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2010-0016
+CVE-2010-0016 (The SMB client implementation in Microsoft Windows 2000 SP4, XP SP2 an ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-0015
+CVE-2010-0015 (nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 an ...)
 	{DSA-1973-1}
 	- eglibc 2.10.2-4 (medium; bug #560333)
 	- glibc 2.10.2-4 (medium)
-CVE-2010-0014
+CVE-2010-0014 (System Security Services Daemon (SSSD) before 1.0.1, when the krb5 aut ...)
 	- sssd 1.0.5-1
-CVE-2010-0013
+CVE-2010-0013 (Directory traversal vulnerability in slp.c in the MSN protocol plugin  ...)
 	- pidgin 2.6.5-1 (medium; bug #563206)
 	[lenny] - pidgin <not-affected> (vulnerable code not present)
 	- gaim <not-affected> (vulnerable code not present)
 	NOTE: http://events.ccc.de/congress/2009/Fahrplan/attachments/1483_26c3_ipv4_fuckups.pdf
-CVE-2010-0012
+CVE-2010-0012 (Directory traversal vulnerability in libtransmission/metainfo.c in Tra ...)
 	{DSA-1967-1}
 	- transmission 1.77-1 (low)
 	NOTE: http://trac.transmissionbt.com/changeset/9829/
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/transmission/+bug/500625
-CVE-2010-0011
+CVE-2010-0011 (The eval_js function in uzbl-core.c in Uzbl before 2010.01.05 exposes  ...)
 	- uzbl 0.0.0~git.20100105-1 (medium)
 	NOTE: http://www.uzbl.org/news.php?id=22
 	NOTE: maintainer is aware of it
-CVE-2010-0010
+CVE-2010-0010 (Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util. ...)
 	- apache <removed> (low)
 	NOTE: Exploitability is fairly limited: Can only be exploited by a malicious server,
 	NOTE: not by a client. No sane person uses apache 1.3 as forward proxy and in reverse
 	NOTE: proxy situations, the backend server is usually trusted, anyway.
-CVE-2010-0009
+CVE-2010-0009 (Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain  ...)
 	- couchdb 0.11.0-1 (bug #576304)
 	[lenny] - couchdb <no-dsa> (Minor information leak)
-CVE-2010-0008
+CVE-2010-0008 (The sctp_rcv_ootb function in the SCTP implementation in the Linux ker ...)
 	- linux-2.6 2.6.23-1
-CVE-2010-0007
+CVE-2010-0007 (net/bridge/netfilter/ebtables.c in the ebtables module in the netfilte ...)
 	{DSA-2005-1 DSA-2003-1 DSA-1996-1}
 	- linux-2.6 2.6.32-6
 	- linux-2.6.24 <removed>
-CVE-2010-0006
+CVE-2010-0006 (The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel  ...)
 	- linux-2.6 2.6.32-6
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
 	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.28)
-CVE-2010-0005
+CVE-2010-0005 (query.py in the query interface in ViewVC before 1.1.3 does not reject ...)
 	- viewvc 1.1.5-1 (bug #575777)
-CVE-2010-0004
+CVE-2010-0004 (ViewVC before 1.1.3 composes the root listing view without using the a ...)
 	- viewvc 1.1.5-1 (bug #575777)
-CVE-2010-0003
+CVE-2010-0003 (The print_fatal_signal function in kernel/signal.c in the Linux kernel ...)
 	{DSA-2005-1 DSA-1996-1}
 	- linux-2.6 2.6.32-6
 	[etch] - linux-2.6 <not-affected> (does not have print-fatal-signals)
 	- linux-2.6.24 <removed>
-CVE-2010-0002
+CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for  ...)
 	- bash <not-affected> (mandriva-specific packaging issue)
-CVE-2010-0001
+CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4  ...)
 	{DSA-2074-1 DSA-1974-1}
 	- gzip 1.3.12-9 (medium; bug #566002)
 	- linux-2.6 <not-affected> (does not include unlzw.c in its gzip code copy)
diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 98d0e10dbe..4e75a78a17 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -1,32 +1,32 @@
-CVE-2011-5326
+CVE-2011-5326 (imlib2 before 1.4.9 allows remote attackers to cause a denial of servi ...)
 	{DSA-3555-1}
 	- imlib2 1.4.8-1 (bug #639414)
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c94d83ccab15d5ef02f88d42dce38ed3f0892882
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/10/5
-CVE-2011-5325
+CVE-2011-5325 (Directory traversal vulnerability in the BusyBox implementation of tar ...)
 	{DLA-1445-1}
 	- busybox 1:1.27.2-1 (bug #802702)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	[squeeze] - busybox <no-dsa> (Minor issue)
-CVE-2011-5324
+CVE-2011-5324 (The TeraRecon server, as used in GE Healthcare Centricity PACS-IW 3.7. ...)
 	NOT-FOR-US: GE Healthcare Centricity PACS-IW
-CVE-2011-5323
+CVE-2011-5323 (GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other  ...)
 	NOT-FOR-US: GE Healthcare Centricity PACS-IW
-CVE-2011-5322
+CVE-2011-5322 (GE Healthcare Centricity Analytics Server 1.1 has a default password o ...)
 	NOT-FOR-US: GE Healthcare Centricity Analytics Server
-CVE-2011-5321
+CVE-2011-5321 (The tty_open function in drivers/tty/tty_io.c in the Linux kernel befo ...)
 	{DLA-246-1}
 	- linux 3.2.20-1
 	- linux-2.6 3.2.1-1
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c290f8358acaeffd8e0c551ddcc24d1206143376 (v3.2-rc1)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4a2b5fddd53b80efcb3266ee36e23b8de28e761a (v2.6.28-rc1)
 	NOTE: 3.2.20-1 is the first version after the src:linux-2.6 -> src:linux rename.
-CVE-2011-5319
+CVE-2011-5319 (content/renderer/device_sensors/device_motion_event_pump.cc in Google  ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-5320
+CVE-2011-5320 (scanf and related functions in glibc before 2.15 allow local users to  ...)
 	{DLA-165-1}
 	- glibc 2.15
 	- eglibc 2.13-25 (bug #553206)
@@ -36,77 +36,77 @@ CVE-2011-5320
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/26/2
 	NOTE: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=3f8cc204fdd0
 	NOTE: CVE assigned specific to the https://sourceware.org/bugzilla/show_bug.cgi?id=13138#c4 issue
-CVE-2011-5318
+CVE-2011-5318 (Multiple cross-site request forgery (CSRF) vulnerabilities in diafan.C ...)
 	NOT-FOR-US: diafan.CMS
-CVE-2011-5317
+CVE-2011-5317 (Cross-site scripting (XSS) vulnerability in editText.php in WonderCMS  ...)
 	NOT-FOR-US: WonderCMS
-CVE-2011-5316
+CVE-2011-5316 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in  ...)
 	NOT-FOR-US: Cambio
-CVE-2011-5315
+CVE-2011-5315 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in  ...)
 	NOT-FOR-US: whCMS
-CVE-2011-5314
+CVE-2011-5314 (templates/default/index.php in Redaxscript 0.3.2 allows remote attacke ...)
 	NOT-FOR-US: Redaxscript
-CVE-2011-5313
+CVE-2011-5313 (Multiple SQL injection vulnerabilities in includes/password.php in Red ...)
 	NOT-FOR-US: Redaxscript
-CVE-2011-5312
+CVE-2011-5312 (Multiple cross-site scripting (XSS) vulnerabilities in Gollos 2.8 allo ...)
 	NOT-FOR-US: Gollos
-CVE-2011-5311
+CVE-2011-5311 (Cross-site request forgery (CSRF) vulnerability in pages.php in Wikipa ...)
 	NOT-FOR-US: Wikipad
-CVE-2011-5310
+CVE-2011-5310 (Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows ...)
 	NOT-FOR-US: Wikipad
-CVE-2011-5309
+CVE-2011-5309 (Cross-site scripting (XSS) vulnerability in pages.php in Wikipad 1.6.0 ...)
 	NOT-FOR-US: Wikipad
-CVE-2011-5308
+CVE-2011-5308 (Multiple SQL injection vulnerabilities in cdnvote-post.php in the cdnv ...)
 	NOT-FOR-US: cdnvote plugin for WordPress
-CVE-2011-5307
+CVE-2011-5307 (Cross-site scripting (XSS) vulnerability in index.php in the PhotoSmas ...)
 	NOT-FOR-US: PhotoSmash plugin for WordPress
-CVE-2011-5306
+CVE-2011-5306 (Cross-site request forgery (CSRF) vulnerability in cgi-bin/admin/setup ...)
 	NOT-FOR-US: CosmoShop ePRO
-CVE-2011-5305
+CVE-2011-5305 (Multiple cross-site scripting (XSS) vulnerabilities in CosmoShop ePRO  ...)
 	NOT-FOR-US: CosmoShop ePRO
-CVE-2011-5304
+CVE-2011-5304 (Multiple cross-site scripting (XSS) vulnerabilities in the Sodahead Po ...)
 	NOT-FOR-US: Sodahead Polls plugin for WordPress
-CVE-2011-5303
+CVE-2011-5303 (Cross-site scripting (XSS) vulnerability in Spitfire CMS 1.0.436 allow ...)
 	NOT-FOR-US: Spitfire CMS
-CVE-2011-5302
+CVE-2011-5302 (Cross-site request forgery (CSRF) vulnerability in adm/admin_edit.php  ...)
 	NOT-FOR-US: PHPDug
-CVE-2011-5301
+CVE-2011-5301 (Multiple cross-site scripting (XSS) vulnerabilities in PHPDug 2.0.0 al ...)
 	NOT-FOR-US: PHPDug
-CVE-2011-5300
+CVE-2011-5300 (Cross-site request forgery (CSRF) vulnerability in admin/setup/config/ ...)
 	NOT-FOR-US: poMMo Aardvark
-CVE-2011-5299
+CVE-2011-5299 (Multiple cross-site scripting (XSS) vulnerabilities in poMMo Aardvark  ...)
 	NOT-FOR-US: poMMo Aardvark
-CVE-2011-5298
+CVE-2011-5298 (Multiple cross-site request forgery (CSRF) vulnerabilities in Argyle S ...)
 	NOT-FOR-US: Argyle Social
-CVE-2011-5297
+CVE-2011-5297 (Multiple cross-site scripting (XSS) vulnerabilities in TTChat 1.0.4 al ...)
 	NOT-FOR-US: TTChat
-CVE-2011-5296
+CVE-2011-5296 (Cross-site scripting (XSS) vulnerability in profilo.php in Happy Chat  ...)
 	NOT-FOR-US: Happy Chat
-CVE-2011-5295
+CVE-2011-5295 (Buffer overflow in the Download method in a certain ActiveX control in ...)
 	NOT-FOR-US: Gogago YouTube Video Converter
-CVE-2011-5294
+CVE-2011-5294 (The SaveMessage method in the LEADeMail.LEADSmtp.20 ActiveX control in ...)
 	NOT-FOR-US: Kofax e-Transactions Sender Sendbox
-CVE-2011-5293
+CVE-2011-5293 (The cmdSave method in the ThreeDify.ThreeDifyDesigner.1 ActiveX contro ...)
 	NOT-FOR-US: ThreeDify Designer
-CVE-2011-5292
+CVE-2011-5292 (The EaseWeFtp.FtpLibrary ActiveX control in EaseWeFtp.ocx in Easewe FT ...)
 	NOT-FOR-US: Easewe FTP OCX
-CVE-2011-5291
+CVE-2011-5291 (The SaveData method in the Cygnicon.ViewControl.1 ActiveX control in C ...)
 	NOT-FOR-US: Ashampoo 3D CAD Professional
-CVE-2011-5290
+CVE-2011-5290 (The SaveToFile method in the UniBasicPack.UniTextBox ActiveX control i ...)
 	NOT-FOR-US: IDrive Online Backup
-CVE-2011-5289
+CVE-2011-5289 (The SaveDecrypted method in the ChilkatCrypt2.ChilkatOmaDrm.1 ActiveX  ...)
 	NOT-FOR-US: aTube Catcher
-CVE-2011-5288
+CVE-2011-5288 (Multiple buffer overflows in the ThreeDify.ThreeDifyDesigner.1 ActiveX ...)
 	NOT-FOR-US: ThreeDify Designer
-CVE-2011-5287
+CVE-2011-5287 (Multiple cross-site scripting (XSS) vulnerabilities in HESK before 2.4 ...)
 	NOT-FOR-US: HESK
-CVE-2011-5286
+CVE-2011-5286 (SQL injection vulnerability in social-slider-2/ajax.php in the Social  ...)
 	NOT-FOR-US: Social Slider plugin for WordPress
-CVE-2011-5285
+CVE-2011-5285 (Multiple cross-site scripting (XSS) vulnerabilities in BugFree 2.1.3 a ...)
 	NOT-FOR-US: BugFree
-CVE-2011-5284
+CVE-2011-5284 (Cross-site request forgery (CSRF) vulnerability in the web management  ...)
 	NOT-FOR-US: Smoothwall
-CVE-2011-5283
+CVE-2011-5283 (Cross-site scripting (XSS) vulnerability in the web management interfa ...)
 	NOT-FOR-US: Smoothwall
 CVE-2011-5282
 	RESERVED
@@ -114,76 +114,76 @@ CVE-2011-5374
 	RESERVED
 CVE-2011-5281
 	RESERVED
-CVE-2011-5280
+CVE-2011-5280 (Multiple stack-based buffer overflows in BOINC 6.13.x allow remote att ...)
 	- boinc 7.0.2+dfsg-1 (low)
 	[squeeze] - boinc <no-dsa> (Minor issue)
-CVE-2011-5279
+CVE-2011-5279 (CRLF injection vulnerability in the CGI implementation in Microsoft In ...)
 	NOT-FOR-US: Microsoft IIS
-CVE-2011-5278
+CVE-2011-5278 (SQL injection vulnerability in signature.php in Advanced Forum Signatu ...)
 	NOT-FOR-US: MyBB plugin Advanced Forum Signatures
-CVE-2011-5277
+CVE-2011-5277 (Multiple SQL injection vulnerabilities in signature.php in the Advance ...)
 	NOT-FOR-US: MyBB plugin Advanced Forum Signatures
-CVE-2011-5276
+CVE-2011-5276 (SQL injection vulnerability in the drawAdminTools_PackageInstaller fun ...)
 	- dtc 0.34.1-1
-CVE-2011-5275
+CVE-2011-5275 (The install script in Domain Technologie Control (DTC) before 0.34.1 g ...)
 	- dtc 0.34.1-1
-CVE-2011-5274
+CVE-2011-5274 (The drawAdminTools_PackageInstaller function in shared/inc/forms/packa ...)
 	- dtc 0.34.1-1
-CVE-2011-5273
+CVE-2011-5273 (Directory traversal vulnerability in shared/package-installer in Domai ...)
 	- dtc 0.34.1-1
-CVE-2011-5272
+CVE-2011-5272 (SQL injection vulnerability in Domain Technologie Control (DTC) before ...)
 	- dtc 0.34.1-1
 CVE-2011-5271 [configure creates temp files insecurely]
 	RESERVED
 	- pacemaker 1.1.6-1 (unimportant; bug #633964)
 	NOTE: https://github.com/ClusterLabs/pacemaker/commit/23ad834
 	NOTE: Only exploitable at build time
-CVE-2011-5270
+CVE-2011-5270 (wp-admin/press-this.php in WordPress before 3.0.6 does not enforce the ...)
 	- wordpress 3.2.1+dfsg-1
-CVE-2011-5269
+CVE-2011-5269 (Cross-site scripting (XSS) vulnerability in ProjectForge before 3.5.3  ...)
 	NOT-FOR-US: ProjectForge
-CVE-2011-5268
+CVE-2011-5268 (connection.c in Bip before 0.8.9 does not properly close sockets, whic ...)
 	- bip 0.8.9-1
 	[squeeze] - bip <no-dsa> (Minor issue)
 	[wheezy] - bip <no-dsa> (Minor issue)
 	NOTE: Difference between CVE-2011-5268 and CVE-2013-4550: http://www.openwall.com/lists/oss-security/2014/01/02/9
-CVE-2011-5267
+CVE-2011-5267 (Multiple cross-site scripting (XSS) vulnerabilities in spell-check-sav ...)
 	NOT-FOR-US: SpellChecker module in Xinha
 CVE-2011-5266
 	RESERVED
-CVE-2011-5265
+CVE-2011-5265 (Cross-site scripting (XSS) vulnerability in cached_image.php in the Fe ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-5264
+CVE-2011-5264 (Cross-site scripting (XSS) vulnerability in lazyest-backup.php in the  ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-5263
+CVE-2011-5263 (Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SA ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2011-5262
+CVE-2011-5262 (SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail allo ...)
 	NOT-FOR-US: SonicWALL Aventail
-CVE-2011-5261
+CVE-2011-5261 (Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis M ...)
 	NOT-FOR-US: Axis M10 Series Network Cameras
-CVE-2011-5260
+CVE-2011-5260 (Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP ...)
 	NOT-FOR-US: NetWeaver
-CVE-2011-5259
+CVE-2011-5259 (SQL injection vulnerability in lib/controllers/CentralController.php i ...)
 	NOT-FOR-US: OrangehRM
-CVE-2011-5258
+CVE-2011-5258 (Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM befor ...)
 	NOT-FOR-US: OrangehRM
-CVE-2011-5257
+CVE-2011-5257 (Multiple cross-site scripting (XSS) vulnerabilities in the Classipress ...)
 	NOT-FOR-US: WordPress theme
-CVE-2011-5256
+CVE-2011-5256 (Cross-site scripting (XSS) vulnerability in the tooltips in LimeSurvey ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2011-5255
+CVE-2011-5255 (Multiple cross-site scripting (XSS) vulnerabilities in admin/login in  ...)
 	NOT-FOR-US: X3 CMS
-CVE-2011-5254
+CVE-2011-5254 (Unspecified vulnerability in the Connections plugin before 0.7.1.6 for ...)
 	NOT-FOR-US: Connections plugin for WordPress
-CVE-2011-5253
+CVE-2011-5253 (Dl Download Ticket Service 0.3 through 0.9 allows remote attackers to  ...)
 	NOT-FOR-US: Dl Download Ticket Service
-CVE-2011-5252
+CVE-2011-5252 (Open redirect vulnerability in Users/Account/LogOff in Orchard 1.0.x b ...)
 	NOT-FOR-US: Orchard
-CVE-2011-5251
+CVE-2011-5251 (Open redirect vulnerability in forum/login.php in vBulletin 4.1.3 and  ...)
 	NOT-FOR-US: vBulletin
 CVE-2011-5250
 	RESERVED
-CVE-2011-5249
+CVE-2011-5249 (Cross-site scripting (XSS) vulnerability in the events page in the Sys ...)
 	NOT-FOR-US: SNARE
 CVE-2011-5248
 	RESERVED
@@ -199,495 +199,495 @@ CVE-2011-5371
 	REJECTED
 CVE-2011-5370
 	REJECTED
-CVE-2011-5245
+CVE-2011-5245 (The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEas ...)
 	NOT-FOR-US: RESTEasy framework for JBoss
-CVE-2011-5244
+CVE-2011-5244 (Multiple off-by-one errors in the (1) token and (2) linetoken function ...)
 	{DSA-2357-1}
 	- evince 2.32.0-1
 	[squeeze] - evince 2.30.3-2+squeeze1
 	NOTE: This issue was already fixed in DSA-2357-1 by shipping the correct fix from the start
-CVE-2011-5243
+CVE-2011-5243 (TwitterOAuth does not verify that the server hostname matches a domain ...)
 	NOT-FOR-US: TwitterOAuth
-CVE-2011-5242
+CVE-2011-5242 (tmhOAuth before 0.61 does not verify that the server hostname matches  ...)
 	NOT-FOR-US: tmhOAuth
-CVE-2011-5241
+CVE-2011-5241 (Services_Twitter 0.6.3 does not verify that the server hostname matche ...)
 	NOT-FOR-US: PEAR module for Twitter
-CVE-2011-5240
+CVE-2011-5240 (Magento 1.5 and 1.6.2 does not verify that the server hostname matches ...)
 	NOT-FOR-US: Magento
-CVE-2011-5239
+CVE-2011-5239 (CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname match ...)
 	- civicrm <not-affected> (Fixed before initial upload to the archive)
-CVE-2011-5238
+CVE-2011-5238 (google-checkout-php-sample-code before 1.3.2 does not verify that the  ...)
 	NOT-FOR-US: google-checkout-php-sample-code
-CVE-2011-5237
+CVE-2011-5237 (PayPal WPS ToolKit does not verify that the server hostname matches a  ...)
 	NOT-FOR-US: PayPal WPS ToolKit
-CVE-2011-5236
+CVE-2011-5236 (Moneris eSelectPlus 2.03 PHP API does not verify that the server hostn ...)
 	NOT-FOR-US: Moneris eSelectPlus 2.03 PHP API
-CVE-2011-5235
+CVE-2011-5235 (SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote ...)
 	NOT-FOR-US: mnoGoSearch
-CVE-2011-5234
+CVE-2011-5234 (SQL injection vulnerability in user.php in Social Network Community 2  ...)
 	NOT-FOR-US: Social Network Community
-CVE-2011-5233
+CVE-2011-5233 (Heap-based buffer overflow in IrfanView before 4.32 allows remote atta ...)
 	NOT-FOR-US: IrfanView
 CVE-2011-5232
 	REJECTED
 CVE-2011-5231
 	REJECTED
-CVE-2011-5230
+CVE-2011-5230 (Multiple SQL injection vulnerabilities in the selectUserIdByLoginPass  ...)
 	NOT-FOR-US: Seotoaster
-CVE-2011-5229
+CVE-2011-5229 (SQL injection vulnerability in quickstart/profile/index.php in the For ...)
 	NOT-FOR-US: appRain CMF
-CVE-2011-5228
+CVE-2011-5228 (Cross-site scripting (XSS) vulnerability in the Search module (quickst ...)
 	NOT-FOR-US: appRain CMF
-CVE-2011-5227
+CVE-2011-5227 (Stack-based buffer overflow in the Syslog service (nssyslogd.exe) in E ...)
 	NOT-FOR-US: Enterasys Network Management Suite
-CVE-2011-5226
+CVE-2011-5226 (Cross-site request forgery (CSRF) vulnerability in wordpress_sentinel. ...)
 	NOT-FOR-US: WordPress plugin Sentinel
-CVE-2011-5225
+CVE-2011-5225 (Cross-site scripting (XSS) vulnerability in wordpress_sentinel.php in  ...)
 	NOT-FOR-US: WordPress plugin Sentinel
-CVE-2011-5224
+CVE-2011-5224 (SQL injection vulnerability in the Sentinel plugin 1.0.0 for WordPress ...)
 	NOT-FOR-US: WordPress plugin Sentinel
-CVE-2011-5223
+CVE-2011-5223 (Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti ...)
 	- cacti 0.8.7i-1 (low)
 	[squeeze] - cacti 0.8.7g-1+squeeze4
-CVE-2011-5222
+CVE-2011-5222 (SQL injection vulnerability in rub2_w.php in PHP Flirt-Projekt 4.8 and ...)
 	NOT-FOR-US: PHP Flirt-Projekt
-CVE-2011-5221
+CVE-2011-5221 (Cross-site scripting (XSS) vulnerability in the getLog function in svn ...)
 	- websvn 2.3.1-1
-CVE-2011-5220
+CVE-2011-5220 (Cross-site scripting (XSS) vulnerability in templates/default/Admin/Lo ...)
 	NOT-FOR-US: PHP-SCMS
-CVE-2011-5219
+CVE-2011-5219 (Directory traversal vulnerability in examples/show_code.php in mPDF 5. ...)
 	NOT-FOR-US: mPDF
-CVE-2011-5218
+CVE-2011-5218 (SQL injection vulnerability in DotA OpenStats 1.3.9 and earlier allows ...)
 	NOT-FOR-US: DotA OpenStats
-CVE-2011-5217
+CVE-2011-5217 (Directory traversal vulnerability in the PXE Mtftp service in Hitachi  ...)
 	NOT-FOR-US: Hitachi JP1/ServerConductor/DeploymentManager
-CVE-2011-5216
+CVE-2011-5216 (SQL injection vulnerability in ajax.php in SCORM Cloud For WordPress p ...)
 	NOT-FOR-US: WordPress plugin SCORM Cloud
-CVE-2011-5215
+CVE-2011-5215 (SQL injection vulnerability in index.php in Video Community Portal all ...)
 	NOT-FOR-US: Video Community Portal
-CVE-2011-5214
+CVE-2011-5214 (Multiple cross-site scripting (XSS) vulnerabilities in BrowserCRM 5.10 ...)
 	NOT-FOR-US: BrowserCRM
-CVE-2011-5213
+CVE-2011-5213 (Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and earl ...)
 	NOT-FOR-US: BrowserCRM
-CVE-2011-5212
+CVE-2011-5212 (SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 al ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2011-5211
+CVE-2011-5211 (Cross-site scripting (XSS) vulnerability in the poll module in Subrion ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2011-5210
+CVE-2011-5210 (Directory traversal vulnerability in admin/preview.php in Limny 3.0.0  ...)
 	NOT-FOR-US: Limny
-CVE-2011-5209
+CVE-2011-5209 (Cross-site scripting (XSS) vulnerability in search/ in GraphicsClone S ...)
 	NOT-FOR-US: GraphicsClone
-CVE-2011-5208
+CVE-2011-5208 (Multiple directory traversal vulnerabilities in the BackWPup plugin be ...)
 	NOT-FOR-US: BackWPup
-CVE-2011-5207
+CVE-2011-5207 (Cross-site scripting (XSS) vulnerability in admin/OptionsPostsList.php ...)
 	NOT-FOR-US: WP TheCartPress
-CVE-2011-5206
+CVE-2011-5206 (Cross-site scripting (XSS) vulnerability in notes.php in Rapidleech be ...)
 	NOT-FOR-US: Rapidleech
-CVE-2011-5205
+CVE-2011-5205 (Cross-site scripting (XSS) vulnerability in audl.php in Rapidleech 2.3 ...)
 	NOT-FOR-US: Rapidleech
-CVE-2011-5204
+CVE-2011-5204 (Akiva WebBoard 8.x stores passwords in plaintext, which allows local u ...)
 	NOT-FOR-US: Akiva WebBoard
-CVE-2011-5203
+CVE-2011-5203 (SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before ...)
 	NOT-FOR-US: Akiva WebBoard
-CVE-2011-5202
+CVE-2011-5202 (BazisVirtualCDBus.sys in WinCDEmu 3.6 allows local users to cause a de ...)
 	NOT-FOR-US: WinCDEmu
-CVE-2011-5201
+CVE-2011-5201 (Multiple SQL injection vulnerabilities in sign.php in tinyguestbook al ...)
 	NOT-FOR-US: tinyguestbook
-CVE-2011-5200
+CVE-2011-5200 (Multiple SQL injection vulnerabilities in DeDeCMS, possibly 5.6, allow ...)
 	NOT-FOR-US: DeDeCMS
-CVE-2011-5199
+CVE-2011-5199 (Cross-site scripting (XSS) vulnerability in sign.php in tinyguestbook  ...)
 	NOT-FOR-US: tinyguestbook
-CVE-2011-5198
+CVE-2011-5198 (SQL injection vulnerability in search.php in Neturf eCommerce Shopping ...)
 	NOT-FOR-US: Neturf eCommerce Shopping Cart
-CVE-2011-5197
+CVE-2011-5197 (Cross-site request forgery (CSRF) vulnerability in index/manager/fileU ...)
 	NOT-FOR-US: Public Knowledge Project Open Harvester Systems
-CVE-2011-5196
+CVE-2011-5196 (Cross-site request forgery (CSRF) vulnerability in index/manager/fileU ...)
 	- ojs <removed> (low)
 	[squeeze] - ojs <no-dsa> (Minor issue)
-CVE-2011-5195
+CVE-2011-5195 (Cross-site request forgery (CSRF) vulnerability in index/manager/fileU ...)
 	NOT-FOR-US: Public Knowledge Project Open Conference Systems
-CVE-2011-5194
+CVE-2011-5194 (Cross-site scripting (XSS) vulnerability in vendors/samswhois/samswhoi ...)
 	NOT-FOR-US: Wordpress Whois search plugin
-CVE-2011-5193
+CVE-2011-5193 (Cross-site scripting (XSS) vulnerability in vendors/samswhois/samswhoi ...)
 	NOT-FOR-US: Wordpress Whois search plugin
-CVE-2011-5192
+CVE-2011-5192 (Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty L ...)
 	NOT-FOR-US: Wordpress Pretty Link Lite plugin
-CVE-2011-5191
+CVE-2011-5191 (Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty L ...)
 	NOT-FOR-US: Wordpress Pretty Link Lite plugin
-CVE-2011-5190
+CVE-2011-5190 (Multiple cross-site scripting (XSS) vulnerabilities in Social Book Fac ...)
 	NOT-FOR-US: Social Book Facebook Clone 2010
-CVE-2011-5189
+CVE-2011-5189 (Cross-site scripting (XSS) vulnerability in the Webform Validation mod ...)
 	NOT-FOR-US: Drupal addon
-CVE-2011-5187
+CVE-2011-5187 (Cross-site scripting (XSS) vulnerability in the Support Ticketing Syst ...)
 	NOT-FOR-US: Drupal addon
-CVE-2011-5186
+CVE-2011-5186 (Cross-site scripting (XSS) vulnerability in jbshop.php in the jbShop p ...)
 	NOT-FOR-US: jbShop plugin for e107
-CVE-2011-5185
+CVE-2011-5185 (Cross-site scripting (XSS) vulnerability in video_comments.php in Onli ...)
 	NOT-FOR-US: Online Subtitles Workshop
-CVE-2011-5184
+CVE-2011-5184 (Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node ...)
 	NOT-FOR-US: HP Network Node Manager
 CVE-2011-5182
 	NOT-FOR-US: Wordpress Lanoba Social plugin
-CVE-2011-5181
+CVE-2011-5181 (Cross-site scripting (XSS) vulnerability in clickdesk.php in ClickDesk ...)
 	NOT-FOR-US: Wordpress ClickDesk Live Support - Live Chat plugin
-CVE-2011-5180
+CVE-2011-5180 (Cross-site scripting (XSS) vulnerability in wp-1pluginjquery.php in th ...)
 	NOT-FOR-US: Wordpress ZooEffect plugin
-CVE-2011-5179
+CVE-2011-5179 (Cross-site scripting (XSS) vulnerability in skysa-official/skysa.php i ...)
 	NOT-FOR-US: Skysa App Bar
-CVE-2011-5177
+CVE-2011-5177 (Multiple cross-site scripting (XSS) vulnerabilities in admin/controlle ...)
 	NOT-FOR-US: eSyndiCat Pro
-CVE-2011-5188
+CVE-2011-5188 (Cross-site scripting (XSS) vulnerability in the Support Timer module 6 ...)
 	NOT-FOR-US: Drupal module
-CVE-2011-5183
+CVE-2011-5183 (Multiple SQL injection vulnerabilities in OrderSys 1.6.4 and earlier a ...)
 	NOT-FOR-US: OrderSys
-CVE-2011-5178
+CVE-2011-5178 (Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/u ...)
 	NOT-FOR-US: Infoblox NetMRI
-CVE-2011-5176
+CVE-2011-5176 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in B ...)
 	NOT-FOR-US: Banana Dance
-CVE-2011-5175
+CVE-2011-5175 (SQL injection vulnerability in search.php in Banana Dance, possibly B. ...)
 	NOT-FOR-US: Banana Dance
-CVE-2011-5174
+CVE-2011-5174 (Buffer overflow in Intel Trusted Execution Technology (TXT) SINIT Auth ...)
 	NOT-FOR-US: Intel Trusted Execution Technology
-CVE-2011-5173
+CVE-2011-5173 (Buffer overflow in Bugbear Entertainment FlatOut 2005 allows user-assi ...)
 	NOT-FOR-US: Bugbear Entertainment FlatOut 2005
-CVE-2011-5172
+CVE-2011-5172 (Stack-based buffer overflow in StoryBoard Quick 6 Build 3786, and poss ...)
 	NOT-FOR-US: StoryBoard Quick 6 Build, StoryBoard Artist and StoryBoard Studio
-CVE-2011-5171
+CVE-2011-5171 (Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build 1 ...)
 	NOT-FOR-US: CyberLink Power2Go
-CVE-2011-5170
+CVE-2011-5170 (Stack-based buffer overflow in Castillo Bueno Systems CCMPlayer 1.5 al ...)
 	NOT-FOR-US: Castillo Bueno Systems CCMPlayer
-CVE-2011-5169
+CVE-2011-5169 (SQL injection vulnerability in sgms/reports/scheduledreports/configure ...)
 	NOT-FOR-US: SonicWall ViewPoint
-CVE-2011-5168
+CVE-2011-5168 (SQL injection vulnerability in user.php in Banana Dance before B.1.5 a ...)
 	NOT-FOR-US: Banana Dance
-CVE-2011-5167
+CVE-2011-5167 (Heap-based buffer overflow in the SetDevNames method of the Tidestone  ...)
 	NOT-FOR-US: Oracle Hyperion Strategic Finance
-CVE-2011-5166
+CVE-2011-5166 (Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote atta ...)
 	NOT-FOR-US: KnFTP
-CVE-2011-5165
+CVE-2011-5165 (Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier ...)
 	NOT-FOR-US: Free MP3 CD Ripper
-CVE-2011-5164
+CVE-2011-5164 (Stack-based buffer overflow in VanDyke Software AbsoluteFTP 1.9.6 thro ...)
 	NOT-FOR-US: VanDyke Software AbsoluteFTP
-CVE-2011-5163
+CVE-2011-5163 (Buffer overflow in an unspecified third-party component in the Batch m ...)
 	NOT-FOR-US: Schneider Electric CitectSCADA
-CVE-2011-5162
+CVE-2011-5162 (Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assi ...)
 	NOT-FOR-US: GOM Player
-CVE-2011-5161
+CVE-2011-5161 (Unrestricted file upload vulnerability in the patient photograph funct ...)
 	NOT-FOR-US: OpenEMR
-CVE-2011-5160
+CVE-2011-5160 (Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 all ...)
 	NOT-FOR-US: OpenEMR
-CVE-2011-5159
+CVE-2011-5159 (Cross-site scripting (XSS) vulnerability in admin/configuration.php in ...)
 	NOT-FOR-US: Geeklog
-CVE-2011-5158
+CVE-2011-5158 (Multiple untrusted search path vulnerabilities in the DMTGUI2.EXE and  ...)
 	NOT-FOR-US: DATEV Grundpaket Basis
-CVE-2011-5157
+CVE-2011-5157 (Untrusted search path vulnerability in Attachmate Reflection before 14 ...)
 	NOT-FOR-US: Attachmate Reflection
-CVE-2011-5156
+CVE-2011-5156 (Untrusted search path vulnerability in Effective File Search 6.7 allow ...)
 	NOT-FOR-US: Effective File Search
-CVE-2011-5155
+CVE-2011-5155 (Untrusted search path vulnerability in Help &amp; Manual 5.5.1 Build 1 ...)
 	NOT-FOR-US: Help & Manual 5.5.1 Build
-CVE-2011-5154
+CVE-2011-5154 (Multiple untrusted search path vulnerabilities in (1) SAPGui.exe and ( ...)
 	NOT-FOR-US: SAP GUI
-CVE-2011-5153
+CVE-2011-5153 (Untrusted search path vulnerability in FotoSlate 4.0 Build 146 allows  ...)
 	NOT-FOR-US: FotoSlate
-CVE-2011-5152
+CVE-2011-5152 (Multiple untrusted search path vulnerabilities in ACDSee Photo Editor  ...)
 	NOT-FOR-US: ACDSee Photo Editor
-CVE-2011-5151
+CVE-2011-5151 (Untrusted search path vulnerability in ACDSee Picture Frame Manager 1. ...)
 	NOT-FOR-US: ACDSee Picture Frame Manager
-CVE-2011-3090
+CVE-2011-3090 (Race condition in Google Chrome before 19.0.1084.46 allows remote atta ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-5150
+CVE-2011-5150 (Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07  ...)
 	NOT-FOR-US: SpamTitan 5.07
-CVE-2011-5149
+CVE-2011-5149 (Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.08  ...)
 	NOT-FOR-US: SpamTitan 5.08
-CVE-2011-5148
+CVE-2011-5148 (Multiple incomplete blacklist vulnerabilities in the Simple File Uploa ...)
 	NOT-FOR-US: Simple File Upload
-CVE-2011-5147
+CVE-2011-5147 (Static code injection vulnerability in ajax_save_name.php in the Ajax  ...)
 	NOT-FOR-US: tinymce plugin
-CVE-2011-5145
+CVE-2011-5145 (Multiple SQL injection vulnerabilities in Open Business Management (OB ...)
 	NOT-FOR-US: Open Business Management
-CVE-2011-5144
+CVE-2011-5144 (Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote at ...)
 	NOT-FOR-US: Open Business Management
-CVE-2011-5143
+CVE-2011-5143 (Multiple cross-site scripting (XSS) vulnerabilities in Open Business M ...)
 	NOT-FOR-US: Open Business Management
-CVE-2011-5142
+CVE-2011-5142 (Multiple cross-site scripting (XSS) vulnerabilities in Open Business M ...)
 	NOT-FOR-US: Open Business Management
-CVE-2011-5141
+CVE-2011-5141 (Directory traversal vulnerability in exportcsv/exportcsv_index.php in  ...)
 	NOT-FOR-US: Open Business Management
-CVE-2011-5140
+CVE-2011-5140 (Multiple SQL injection vulnerabilities in the blog module 1.0 for DiY- ...)
 	NOT-FOR-US: DIY CMS
-CVE-2011-5139
+CVE-2011-5139 (SQL injection vulnerability in page.php in Pre Studio Business Cards D ...)
 	NOT-FOR-US: Pre Studio Business Cards Designer
-CVE-2011-5138
+CVE-2011-5138 (Cross-site scripting (XSS) vulnerability in member.php in tForum b0.91 ...)
 	NOT-FOR-US: tForum
-CVE-2011-5137
+CVE-2011-5137 (Multiple SQL injection vulnerabilities in tForum b0.915 allow remote a ...)
 	NOT-FOR-US: tForum
-CVE-2011-5136
+CVE-2011-5136 (showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allo ...)
 	NOT-FOR-US: EPractize Labs Subscription Manager
-CVE-2011-5135
+CVE-2011-5135 (Multiple SQL injection vulnerabilities in the save_connection function ...)
 	NOT-FOR-US: DoceboLMS
-CVE-2011-5134
+CVE-2011-5134 (Unrestricted file upload vulnerability in editor/extensions/browser/fi ...)
 	NOT-FOR-US: JCE component for Joomla!
-CVE-2011-5133
+CVE-2011-5133 (Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and  ...)
 	NOT-FOR-US: MyBB
-CVE-2011-5132
+CVE-2011-5132 (Cross-site scripting (XSS) vulnerability in MyBB before 1.6.5 allows r ...)
 	NOT-FOR-US: MyBB
-CVE-2011-5131
+CVE-2011-5131 (Cross-site request forgery (CSRF) vulnerability in global.php in MyBB  ...)
 	NOT-FOR-US: MyBB
-CVE-2011-5130
+CVE-2011-5130 (dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when regi ...)
 	NOT-FOR-US: Family Connections CMS
-CVE-2011-5129
+CVE-2011-5129 (Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote at ...)
 	- xchat <unfixed> (unimportant; bug #686454)
-CVE-2011-5128
+CVE-2011-5128 (Multiple cross-site scripting (XSS) vulnerabilities in the Adminimize  ...)
 	NOT-FOR-US: Adminimize plugin for Wordpress
-CVE-2011-5127
+CVE-2011-5127 (Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2 ...)
 	NOT-FOR-US: Blue Coat
-CVE-2011-5126
+CVE-2011-5126 (Blue Coat ProxySG 6.1 before SGOS 6.1.5.1 and 6.2 before SGOS 6.2.2.1  ...)
 	NOT-FOR-US: Blue Coat
-CVE-2011-5125
+CVE-2011-5125 (Cross-site scripting (XSS) vulnerability in Blue Coat Director before  ...)
 	NOT-FOR-US: Blue Coat
-CVE-2011-5124
+CVE-2011-5124 (Stack-based buffer overflow in the BCAAA component before build 60258, ...)
 	NOT-FOR-US: Blue Coat
-CVE-2011-5123
+CVE-2011-5123 (The Antivirus component in Comodo Internet Security before 5.3.175888. ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2011-5122
+CVE-2011-5122 (The Antivirus component in Comodo Internet Security before 5.3.175888. ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2011-5121
+CVE-2011-5121 (The Antivirus component in Comodo Internet Security before 5.3.175888. ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2011-5120
+CVE-2011-5120 (The Antivirus component in Comodo Internet Security before 5.4.189822. ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2011-5119
+CVE-2011-5119 (Multiple race conditions in Comodo Internet Security before 5.8.211697 ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2011-5118
+CVE-2011-5118 (Multiple race conditions in Comodo Internet Security before 5.8.213334 ...)
 	NOT-FOR-US: Comodo Internet Security
-CVE-2011-5117
+CVE-2011-5117 (Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, S ...)
 	NOT-FOR-US: Sophos SafeGuard
-CVE-2011-5116
+CVE-2011-5116 (SQL injection vulnerability in setseed-hub in SetSeed CMS 5.8.20, 5.11 ...)
 	NOT-FOR-US: SetSeed CMS
-CVE-2011-5115
+CVE-2011-5115 (Cross-site scripting (XSS) vulnerability in DLGuard, possibly 4.6 and  ...)
 	NOT-FOR-US: DLguard
-CVE-2011-5114
+CVE-2011-5114 (Multiple cross-site scripting (XSS) vulnerabilities in the Authoritati ...)
 	NOT-FOR-US: DLguard
-CVE-2011-5113
+CVE-2011-5113 (SQL injection vulnerability in frontend/models/techfoliodetail.php in  ...)
 	NOT-FOR-US: Joomla addon
-CVE-2011-5112
+CVE-2011-5112 (SQL injection vulnerability in Alameda (com_alameda) component before  ...)
 	NOT-FOR-US: Joomla addon
-CVE-2011-5111
+CVE-2011-5111 (Multiple SQL injection vulnerabilities in Kajian Website CMS Balitbang ...)
 	NOT-FOR-US: Kajian Website CMS
-CVE-2011-5110
+CVE-2011-5110 (Multiple SQL injection vulnerabilities in Blogs Manager 1.101 and earl ...)
 	NOT-FOR-US: Blogs Manager
-CVE-2011-5109
+CVE-2011-5109 (Multiple SQL injection vulnerabilities in Freelancer calendar 1.01 and ...)
 	NOT-FOR-US: Freelancer calendar
-CVE-2011-5108
+CVE-2011-5108 (Cross-site scripting (XSS) vulnerability in config.php in AdaptCMS 2.0 ...)
 	NOT-FOR-US: AdaptCMS
-CVE-2011-5107
+CVE-2011-5107 (Cross-site scripting (XSS) vulnerability in post_alert.php in Alert Be ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-5106
+CVE-2011-5106 (Cross-site scripting (XSS) vulnerability in edit-post.php in the Flexi ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-5105
+CVE-2011-5105 (Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch. ...)
 	NOT-FOR-US: ZOHO ManageEngine ADSelfService Plus
-CVE-2011-5104
+CVE-2011-5104 (Cross-site scripting (XSS) vulnerability in wpsc-admin/display-sales-l ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-5103
+CVE-2011-5103 (SQL injection vulnerability in Alurian Prismotube PHP Video Script all ...)
 	NOT-FOR-US: Alurian Prismotube PHP Video Script
-CVE-2011-5102
+CVE-2011-5102 (The Investigative Reports web interface in the TRITON management conso ...)
 	NOT-FOR-US: Websense
-CVE-2011-5101
+CVE-2011-5101 (The Rumor technology in McAfee SaaS Endpoint Protection before 5.2.4 a ...)
 	NOT-FOR-US: McAfee
-CVE-2011-5100
+CVE-2011-5100 (The web interface in McAfee Firewall Reporter before 5.1.0.13 does not ...)
 	NOT-FOR-US: McAfee
-CVE-2011-5099
+CVE-2011-5099 (SQL injection vulnerability in helper/popup.php in the ccNewsletter (m ...)
 	NOT-FOR-US: Joomla addon
-CVE-2011-5098
+CVE-2011-5098 (chef-server-api/app/controllers/clients.rb in Chef Server in Chef befo ...)
 	- chef 0.10.10-1
-CVE-2011-5097
+CVE-2011-5097 (chef-server-api/app/controllers/cookbooks.rb in Chef Server in Chef be ...)
 	- chef 0.10.10-1
-CVE-2011-5096
+CVE-2011-5096 (Stack-based buffer overflow in cstore.exe in the Media Application Ser ...)
 	NOT-FOR-US: Avaya Aura Application Server
-CVE-2011-5095
+CVE-2011-5095 (The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when  ...)
 	- openssl 0.9.8a-1 (bug #684527)
 	NOTE: fips version not used in Debian
-CVE-2011-5094
+CVE-2011-5094 (** DISPUTED ** Mozilla Network Security Services (NSS) 3.x, with certa ...)
 	NOTE: Disputed NSS issue
-CVE-2011-5093
+CVE-2011-5093 (Best Practical Solutions RT 4.x before 4.0.6 does not properly impleme ...)
 	NOTE: Dupe of CVE-2011-4458
-CVE-2011-5092
+CVE-2011-5092 (Best Practical Solutions RT 3.8.x before 3.8.12 and 4.x before 4.0.6 a ...)
 	NOTE: Dupe of CVE-2011-4458
-CVE-2011-5091
+CVE-2011-5091 (Multiple SQL injection vulnerabilities in GR Board (aka grboard) 1.8.6 ...)
 	NOT-FOR-US: GR Board
-CVE-2011-5090
+CVE-2011-5090 (GR Board (aka grboard) 1.8.6.5 Community Edition does not require auth ...)
 	NOT-FOR-US: GR Board
-CVE-2011-5089
+CVE-2011-5089 (Buffer overflow in the Security Login ActiveX controls in ICONICS GENE ...)
 	NOT-FOR-US: ICONICS, BizViz
-CVE-2011-5088
+CVE-2011-5088 (The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 a ...)
 	NOT-FOR-US: ICONICS GENESIS32, BizViz
-CVE-2011-5087
+CVE-2011-5087 (Unspecified vulnerability in AdAstrA TRACE MODE Data Center allows rem ...)
 	NOT-FOR-US: AdAstrA TRACE MODE Data Center
-CVE-2011-5086
+CVE-2011-5086 (https50.ocx in IP*Works! SSL in the server in Unitronics UniOPC before ...)
 	NOT-FOR-US: Unitronics UniOPC
-CVE-2011-5085
+CVE-2011-5085 (Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x befo ...)
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.2+dfsg-1
-CVE-2011-5084
+CVE-2011-5084 (Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4. ...)
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.2+dfsg-1
-CVE-2011-5083
+CVE-2011-5083 (Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dot ...)
 	- dotclear 2.5+dfsg-1 (low; bug #670227)
 	NOTE: Post-authentication; vulnerability is actually in admin/media.php.
-CVE-2011-5082
+CVE-2011-5082 (Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin be ...)
 	NOT-FOR-US: s2Member Pro plugin for WordPress
-CVE-2011-5081
+CVE-2011-5081 (Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC ...)
 	- backuppc 3.1.0-9.1 (low; bug #661011)
 	[squeeze] - backuppc 3.1.0-9.1
 	[lenny] - backuppc <no-dsa> (Minor issue)
-CVE-2011-5080
+CVE-2011-5080 (Cross-site scripting (XSS) vulnerability in lib/class.tx_jftcaforms_tc ...)
 	NOT-FOR-US: jftcaforms extension for TYPO3
-CVE-2011-5079
+CVE-2011-5079 (Open redirect vulnerability in the Modern FAQ (irfaq) extension 1.1.2  ...)
 	NOT-FOR-US: irfaq extension for TYPO3
-CVE-2011-5078
+CVE-2011-5078 (The web administration interface in the server in Sybase M-Business An ...)
 	NOT-FOR-US: Sybase
-CVE-2011-5077
+CVE-2011-5077 (Unrestricted file upload vulnerability in attachement.php in HDWiki 5. ...)
 	NOT-FOR-US: HDWiki
-CVE-2011-5076
+CVE-2011-5076 (SQL injection vulnerability in model/comment.class.php in HDWiki 5.0,  ...)
 	NOT-FOR-US: HDWiki
-CVE-2011-5075
+CVE-2011-5075 (translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5074
+CVE-2011-5074 (Multiple cross-site request forgery (CSRF) vulnerabilities in Support  ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5073
+CVE-2011-5073 (Multiple cross-site scripting (XSS) vulnerabilities in Support Inciden ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5072
+CVE-2011-5072 (Multiple SQL injection vulnerabilities in Support Incident Tracker (ak ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5071
+CVE-2011-5071 (Multiple SQL injection vulnerabilities in Support Incident Tracker (ak ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5070
+CVE-2011-5070 (Multiple cross-site scripting (XSS) vulnerabilities in Support Inciden ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5069
+CVE-2011-5069 (Unrestricted file upload vulnerability in incident_attachments.php in  ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5068
+CVE-2011-5068 (Multiple cross-site request forgery (CSRF) vulnerabilities in Support  ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5067
+CVE-2011-5067 (move_uploaded_file.php in Support Incident Tracker (aka SiT!) 3.65 all ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-5066
+CVE-2011-5066 (The SibRaRecoverableSiXaResource class in the Default Messaging Compon ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-5065
+CVE-2011-5065 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application  ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-5064
+CVE-2011-5064 (DigestAuthenticator.java in the HTTP Digest Access Authentication impl ...)
 	{DSA-2401-1}
 	- tomcat6 6.0.32-7
 	- tomcat7 7.0.12
 	- tomcat5.5 <removed>
-CVE-2011-5063
+CVE-2011-5063 (The HTTP Digest Access Authentication implementation in Apache Tomcat  ...)
 	{DSA-2401-1}
 	- tomcat6 6.0.32-7
 	- tomcat7 7.0.12
 	- tomcat5.5 <removed>
-CVE-2011-5062
+CVE-2011-5062 (The HTTP Digest Access Authentication implementation in Apache Tomcat  ...)
 	{DSA-2401-1}
 	- tomcat6 6.0.32-7
 	- tomcat7 7.0.12
 	- tomcat5.5 <removed>
-CVE-2011-5061
+CVE-2011-5061 (functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allow ...)
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2011-5060
+CVE-2011-5060 (The par_mktmpdir function in the PAR module before 1.003 for Perl crea ...)
 	- libpar-perl 1.005-1 (bug #650707)
 	[squeeze] - libpar-perl 1.000-1+squeeze1
-CVE-2011-5059
+CVE-2011-5059 (Stack-based buffer overflow in Final Draft 8 before 8.02 allows remote ...)
 	NOT-FOR-US: Final Draft
-CVE-2011-5058
+CVE-2011-5058 (The CmbWebserver.dll module of the Control service in 3S CoDeSys 3.4 S ...)
 	NOT-FOR-US: 3S CoDeSys
-CVE-2011-5057
+CVE-2011-5057 (Apache Struts 2.3.1.1 and earlier provides interfaces that do not prop ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2, #657870)
-CVE-2011-5056
+CVE-2011-5056 (The authoritative server in MaraDNS through 2.0.04 computes hash value ...)
 	- maradns <not-affected> (Only affects 2.x, see #653838)
-CVE-2011-5055
+CVE-2011-5055 (MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without ...)
 	- maradns 1.4.09-1 (low)
 	[squeeze] - maradns <no-dsa> (Minor issue)
-CVE-2011-5054
+CVE-2011-5054 (kcheckpass passes a user-supplied argument to the pam_start function,  ...)
 	- kdebase-workspace <unfixed> (unimportant)
 	NOTE: the kcheckpass utility is not present in sid (still present in src package, will check with KDE maints)
 	NOTE: Not exploitable without OpenPAM
-CVE-2011-5053
+CVE-2011-5053 (The Wi-Fi Protected Setup (WPS) protocol, when the "external registrar ...)
 	NOT-FOR-US: This vulnerability affects a protocol, not a product. More information can be found at http://www.kb.cert.org/vuls/id/723755 . All products listed there are not part of Debian.
-CVE-2011-5052
+CVE-2011-5052 (Stack-based buffer overflow in CoCSoft Stream Down 6.8.0 allows remote ...)
 	NOT-FOR-US: CoCSoft Stream Down
-CVE-2011-5051
+CVE-2011-5051 (Multiple unrestricted file upload vulnerabilities in the WP Symposium  ...)
 	NOT-FOR-US: Symposium plugin for Wordpress
-CVE-2011-5050
+CVE-2011-5050 (SQL injection vulnerability in corporate/Controller in Elitecore Techn ...)
 	NOT-FOR-US: Elitecore Technologies Cyberoam UTM
-CVE-2011-5049
+CVE-2011-5049 (MySQL 5.5.8, when running on Windows, allows remote attackers to cause ...)
 	NOT-FOR-US: MySQL on Windows
-CVE-2011-5048
+CVE-2011-5048 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Web Experie ...)
 	NOT-FOR-US: IBM Web Experience Factory
-CVE-2011-5047
+CVE-2011-5047 (Cross-site scripting (XSS) vulnerability in status_rrd_graph.php in pf ...)
 	NOT-FOR-US: pfSense
-CVE-2011-5046
+CVE-2011-5046 (The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode d ...)
 	NOT-FOR-US: Microsoft Windows 7
-CVE-2011-5045
+CVE-2011-5045 (Cross-site scripting (XSS) vulnerability in details_view.php in PHP Bo ...)
 	NOT-FOR-US: PHP Booking Calendar 10e (not in Debian)
-CVE-2011-5044
+CVE-2011-5044 (SopCast 3.4.7.45585 uses weak permissions (Everyone:Full Control) for  ...)
 	NOT-FOR-US: SopCast (not in Debian)
-CVE-2011-5043
+CVE-2011-5043 (TomatoSoft Free Mp3 Player 1.0 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: TomatoSoft Free Mp3 Player (not in Debian)
-CVE-2011-5042
+CVE-2011-5042 (Cross-site scripting (XSS) vulnerability in inc/lib/lib.base.php in SA ...)
 	NOT-FOR-US: SASHA (not in Debian)
-CVE-2011-5041
+CVE-2011-5041 (Multiple cross-site scripting (XSS) vulnerabilities in Pulse Pro CMS 1 ...)
 	NOT-FOR-US: Pulse Pro CMS (not in Debian)
-CVE-2011-5040
+CVE-2011-5040 (Multiple cross-site scripting (XSS) vulnerabilities in Infoproject Biz ...)
 	NOT-FOR-US: Infoproject Biznis Heroj (not in Debian)
-CVE-2011-5039
+CVE-2011-5039 (Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj all ...)
 	NOT-FOR-US: Infoproject Biznis Heroj (not in Debian)
-CVE-2011-5038
+CVE-2011-5038 (SQL injection vulnerability in hitCode hitAppoint 4.5.17 and possibly  ...)
 	NOT-FOR-US: hitAppoint (not in Debian)
-CVE-2011-5037
+CVE-2011-5037 (Google V8 computes hash values for form parameters without restricting ...)
 	- libv8 3.6.6.14-2 (bug #653962)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-5036
+CVE-2011-5036 (Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes ...)
 	{DSA-2783-1}
 	- ruby-rack 1.4.0-1 (bug #653963)
 	- librack-ruby <removed>
 	NOTE: https://github.com/rack/rack/commit/5b9d09a81a9fdc9475f0ab0095cb2a33bf2a8f91
-CVE-2011-5035
+CVE-2011-5035 (Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Se ...)
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- glassfish <not-affected> (Debian only builds some core libs, not the full application stack)
-CVE-2011-5034
+CVE-2011-5034 (Apache Geronimo 2.2.1 and earlier computes hash values for form parame ...)
 	NOT-FOR-US: Apache Geronimo
-CVE-2011-5033
+CVE-2011-5033 (Stack-based buffer overflow in CFS.c in ConfigServer Security &amp; Fi ...)
 	NOT-FOR-US: ConfigServer Security & Firewall
-CVE-2011-5032
+CVE-2011-5032 (WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to cau ...)
 	NOT-FOR-US: WinMount
-CVE-2011-5031
+CVE-2011-5031 (Multiple SQL injection vulnerabilities in servlet/capexweb.parentvalid ...)
 	NOT-FOR-US: cApexWEB
-CVE-2011-5030
+CVE-2011-5030 (Cross-site scripting (XSS) vulnerability in the Meta tags quick module ...)
 	NOT-FOR-US: Meta tags quick module for Drupal
-CVE-2011-5029
+CVE-2011-5029 (Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog ...)
 	NOT-FOR-US: Sumple PHP Blog
-CVE-2011-5028
+CVE-2011-5028 (Directory traversal vulnerability in novelllogmanager/FileDownload in  ...)
 	NOT-FOR-US: Novell Sentinel Log Manager
-CVE-2011-5027
+CVE-2011-5027 (Cross-site scripting (XSS) vulnerability in ZABBIX before 1.8.10 allow ...)
 	- zabbix 1:1.8.10-1 (bug #652664)
 	[squeeze] - zabbix <no-dsa> (Will be handled through point update)
-CVE-2011-5026
+CVE-2011-5026 (Cross-site scripting (XSS) vulnerability in the addPost function in da ...)
 	NOT-FOR-US: Winn Guestbook
-CVE-2011-5025
+CVE-2011-5025 (Multiple cross-site scripting (XSS) vulnerabilities in the wiki applic ...)
 	- yaws 1.92-1 (low; bug #653966)
 	[squeeze] - yaws <no-dsa> (Minor issue)
-CVE-2011-5024
+CVE-2011-5024 (Cross-site scripting (XSS) vulnerability in mmsearch/design in the Mai ...)
 	NOT-FOR-US: ht://Dig integration for Mailman
-CVE-2011-5023
+CVE-2011-5023 (Cross-site scripting (XSS) vulnerability in Pligg CMS 1.1.4 allows rem ...)
 	NOT-FOR-US: Pligg CMS
-CVE-2011-5022
+CVE-2011-5022 (SQL injection vulnerability in search.php in Pligg CMS 1.1.2 allows re ...)
 	NOT-FOR-US: Pligg CMS
-CVE-2011-5021
+CVE-2011-5021 (PHPIDS before 0.7 does not properly implement Regular Expression Denia ...)
 	- php-ids <itp> (bug #488848)
 CVE-2011-5020
 	RESERVED
-CVE-2011-5019
+CVE-2011-5019 (Cross-site scripting (XSS) vulnerability in setup/index.php in Textpat ...)
 	- textpattern <unfixed> (low)
 	[squeeze] - textpattern <no-dsa> (Vulnerability is in setup.php, which becomes inaccessible after installation)
 CVE-2011-5018
@@ -702,31 +702,31 @@ CVE-2011-5014
 	RESERVED
 CVE-2011-5013
 	RESERVED
-CVE-2011-5012
+CVE-2011-5012 (Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7 ...)
 	NOT-FOR-US: Attachmate Reflection
-CVE-2011-5011
+CVE-2011-5011 (Multiple cross-site request forgery (CSRF) vulnerabilities in xt:Comme ...)
 	NOT-FOR-US: xt:Commerce
-CVE-2011-5010
+CVE-2011-5010 (apps/a3/cfg_ethping.cgi in the Ctek SkyRouter 4200 and 4300 allows rem ...)
 	NOT-FOR-US: Ctek SkyRouter
-CVE-2011-5009
+CVE-2011-5009 (The CmpWebServer.dll module in the Control service in 3S CoDeSys 3.4 S ...)
 	NOT-FOR-US: 3S CoDeSys
-CVE-2011-5008
+CVE-2011-5008 (Integer overflow in the GatewayService component in 3S CoDeSys 3.4 SP4 ...)
 	NOT-FOR-US: 3S CoDeSys
-CVE-2011-5007
+CVE-2011-5007 (Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSy ...)
 	NOT-FOR-US: 3S CoDeSys
-CVE-2011-5006
+CVE-2011-5006 (Stack-based buffer overflow in QQPlayer 3.2.845 allows remote attacker ...)
 	NOT-FOR-US: QQPlayer
-CVE-2011-5005
+CVE-2011-5005 (Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier a ...)
 	NOT-FOR-US: QuiXplorer
-CVE-2011-5004
+CVE-2011-5004 (Unrestricted file upload vulnerability in models/importcsv.php in the  ...)
 	NOT-FOR-US: Joomla extension
-CVE-2011-5003
+CVE-2011-5003 (Stack-based buffer overflow in the Phonetic Indexer (AvidPhoneticIndex ...)
 	NOT-FOR-US: Avid Media Composer
-CVE-2011-5002
+CVE-2011-5002 (Multiple stack-based buffer overflows in Final Draft 8 before 8.02 all ...)
 	NOT-FOR-US: Final Draft
-CVE-2011-5001
+CVE-2011-5001 (Stack-based buffer overflow in the CGenericScheduler::AddTask function ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2011-5000
+CVE-2011-5000 (The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and e ...)
 	- openssh 1:5.9p1-1
 	[squeeze] - openssh 1:5.5p1-6+squeeze4
 	NOTE: looking at the code an additional integer overflow check was added in at least 5.9
@@ -782,7 +782,7 @@ CVE-2011-4975
 	RESERVED
 CVE-2011-4974
 	RESERVED
-CVE-2011-4973
+CVE-2011-4973 (Authentication bypass vulnerability in mod_nss 1.0.8 allows remote att ...)
 	- libapache2-mod-nss 1.0.8-4 (low; bug #729626)
 	[wheezy] - libapache2-mod-nss <no-dsa> (Minor issue)
 	NOTE: https://www.redhat.com/archives/mod_nss-list/2011-May/msg00001.html
@@ -791,16 +791,16 @@ CVE-2011-4973
 CVE-2011-4972 [CKEditor module for Drupal access bypass]
 	RESERVED
 	NOT-FOR-US: Drupal module
-CVE-2011-4971
+CVE-2011-4971 (Multiple integer signedness errors in the (1) process_bin_sasl_auth, ( ...)
 	{DSA-2832-1}
 	- memcached 1.4.13-0.3 (bug #706426)
 	NOTE: https://github.com/memcached/memcached/commit/6695ccbc525c36d693aaa3e8337b36aa0c784424
-CVE-2011-4970
+CVE-2011-4970 (Multiple SQL injection vulnerabilities in LCG Disk Pool Manager (DPM)  ...)
 	- lcgdm 1.8.6-1 (low; bug #702895)
 	[wheezy] - lcgdm <no-dsa> (Minor issue)
 	- dpm <removed>
 	[squeeze] - dpm <no-dsa> (Minor issue)
-CVE-2011-4969
+CVE-2011-4969 (Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when  ...)
 	- jquery 1.6.4-1 (low; bug #699482)
 	[squeeze] - jquery <no-dsa> (Minor issue)
 	NOTE: http://blog.jquery.com/2011/09/01/jquery-1-6-3-released/
@@ -816,80 +816,80 @@ CVE-2011-4968 [nginx http proxy module does not verify peer identity of https or
 CVE-2011-4967
 	RESERVED
 	NOT-FOR-US: OpenPegasus
-CVE-2011-4966
+CVE-2011-4966 (modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode ...)
 	- freeradius 2.1.12+dfsg-1.2 (low; bug #694407)
 	[squeeze] - freeradius <no-dsa> (Minor issue)
 CVE-2011-4965
 	REJECTED
 CVE-2011-4964
 	REJECTED
-CVE-2011-4963
+CVE-2011-4963 (nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote  ...)
 	- nginx <not-affected> (Only affects Nginx on Windows)
-CVE-2011-4962
+CVE-2011-4962 (code/sitefeatures/PageCommentInterface.php in SilverStripe 2.4.x befor ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2011-4961
+CVE-2011-4961 (SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6 allows remote  ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2011-4960
+CVE-2011-4960 (SQL injection vulnerability in the Folder::findOrMake method in Silver ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2011-4959
+CVE-2011-4959 (SQL injection vulnerability in the addslashes method in SilverStripe 2 ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2011-4958
+CVE-2011-4958 (Cross-site scripting (XSS) vulnerability in the process function in SS ...)
 	- silverstripe <itp> (bug #528461)
 	NOTE: http://seclists.org/oss-sec/2012/q2/209
-CVE-2011-4957
+CVE-2011-4957 (The make_clickable function in wp-includes/formatting.php in WordPress ...)
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
-CVE-2011-4956
+CVE-2011-4956 (Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 all ...)
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
-CVE-2011-4955
+CVE-2011-4955 (Multiple cross-site scripting (XSS) vulnerabilities in ui_stats.php in ...)
 	NOT-FOR-US: wordpress bsuite plugin
 CVE-2011-4954
 	RESERVED
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2011-4953
+CVE-2011-4953 (The set_mgmt_parameters function in item.py in cobbler before 2.2.2 al ...)
 	- cobbler <not-affected> (Fixed before initial upload)
 CVE-2011-4952
 	RESERVED
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2011-4951
+CVE-2011-4951 (Open redirect vulnerability in phpgwapi/ntlm/index.php in EGroupware E ...)
 	NOT-FOR-US: EGroupware
-CVE-2011-4950
+CVE-2011-4950 (Cross-site scripting (XSS) vulnerability in phpgwapi/js/jscalendar/tes ...)
 	NOT-FOR-US: EGroupware
-CVE-2011-4949
+CVE-2011-4949 (SQL injection vulnerability in phpgwapi/js/dhtmlxtree/samples/with_db/ ...)
 	NOT-FOR-US: EGroupware
-CVE-2011-4948
+CVE-2011-4948 (Directory traversal vulnerability in admin/remote.php in EGroupware En ...)
 	NOT-FOR-US: EGroupware
-CVE-2011-4947
+CVE-2011-4947 (Cross-site request forgery (CSRF) vulnerability in e107_admin/users_ex ...)
 	NOT-FOR-US: e107
-CVE-2011-4946
+CVE-2011-4946 (SQL injection vulnerability in e107_admin/users_extended.php in e107 b ...)
 	NOT-FOR-US: e107
-CVE-2011-4945
+CVE-2011-4945 (PolicyKit 0.103 sets the AdminIdentities to "wheel" by default, which  ...)
 	- policykit-1 0.103-1
 	[squeeze] - policykit-1 <not-affected> (vulnerable code introduced in 0.103)
-CVE-2011-4944
+CVE-2011-4944 (Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissio ...)
 	{DLA-25-1}
 	- python2.7 2.7.3~rc2-2 (low; bug #650555)
 	- python2.6 2.6.8-1 (unimportant; bug #615118)
 	NOTE: Negligible impact
 CVE-2011-4943
 	RESERVED
-CVE-2011-4942
+CVE-2011-4942 (Multiple cross-site scripting (XSS) vulnerabilities in admin/configura ...)
 	NOT-FOR-US: Geeklog
-CVE-2011-4941
+CVE-2011-4941 (Unspecified vulnerability in Piwik 1.2 through 1.4 allows remote attac ...)
 	- piwik <itp> (bug #506933)
-CVE-2011-4940
+CVE-2011-4940 (The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPSe ...)
 	{DLA-25-1}
 	- python2.7 2.7.2-8 (unimportant)
 	- python2.6 <unfixed> (unimportant; bug #664135)
 	- python2.5 <removed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/14/11
 	NOTE: This only affects IE7, which is inherently insecure anyway
-CVE-2011-4939
+CVE-2011-4939 (The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin befor ...)
 	- pidgin 2.10.2-1 (bug #664028)
 	[squeeze] - pidgin <not-affected> (vulnerable code not present)
 	NOTE: http://pidgin.im/news/security/?id=60
@@ -907,29 +907,29 @@ CVE-2011-4934
 	REJECTED
 CVE-2011-4933
 	REJECTED
-CVE-2011-4932
+CVE-2011-4932 (Eval injection vulnerability in ip_cms/modules/standard/content_manage ...)
 	NOT-FOR-US: ImpressPages CMS not in Debian
 CVE-2011-4931
 	RESERVED
 	- gpw <unfixed> (unimportant; bug #651510)
 	NOTE: This has only marginal security impact
-CVE-2011-4930
+CVE-2011-4930 (Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4,  ...)
 	- condor <not-affected> (Fixed before initial release)
-CVE-2011-4929
+CVE-2011-4929 (Unspecified vulnerability in the bazaar repository adapter in Redmine  ...)
 	{DSA-2261-1}
 	- redmine 1.0.5-1 (bug #608397)
 	NOTE: http://www.redmine.org/news/49
-CVE-2011-4928
+CVE-2011-4928 (Cross-site scripting (XSS) vulnerability in the textile formatter in R ...)
 	{DSA-2261-1}
 	- redmine 1.0.5-1 (bug #608397)
 	NOTE: http://www.redmine.org/news/49
-CVE-2011-4927
+CVE-2011-4927 (Unspecified vulnerability in the bazaar repository adapter in Redmine  ...)
 	{DSA-2261-1}
 	- redmine 1.0.5-1 (bug #608397)
 	NOTE: http://www.redmine.org/news/49
-CVE-2011-4926
+CVE-2011-4926 (Cross-site scripting (XSS) vulnerability in adminimize/adminimize_page ...)
 	NOT-FOR-US: WordPress plugin Adminimize
-CVE-2011-4925
+CVE-2011-4925 (Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource  ...)
 	- torque <not-affected> (The version in Debian doesn't yet have MUNGE support)
 CVE-2011-4924
 	RESERVED
@@ -941,24 +941,24 @@ CVE-2011-4924
 	- zope2.11 <removed>
 	- zope2.9 <removed>
 	NOTE: http://openwall.com/lists/oss-security/2012/01/19/16
-CVE-2011-4923
+CVE-2011-4923 (Cross-site scripting (XSS) vulnerability in View.pm in BackupPC 3.0.0, ...)
 	- backuppc 3.2.1-2 (bug #646865)
 	[squeeze] - backuppc 3.1.0-9.1
-CVE-2011-4922
+CVE-2011-4922 (cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retain ...)
 	- pidgin 2.7.11-1 (low)
 	[lenny] - pidgin <no-dsa> (Minor issue)
 	[squeeze] - pidgin <no-dsa> (Minor issue)
 	NOTE: http://www.pidgin.im/news/security/?id=50
-CVE-2011-4921
+CVE-2011-4921 (SQL injection vulnerability in usersettings.php in e107 0.7.26, and po ...)
 	NOT-FOR-US: e107
-CVE-2011-4920
+CVE-2011-4920 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.26, an ...)
 	NOT-FOR-US: e107
 CVE-2011-4919 [mpack info disclosure]
 	RESERVED
 	- mpack 1.6-8 (low; bug #655971)
 	[squeeze] - mpack <no-dsa> (Minor issue)
 	NOTE: http://openwall.com/lists/oss-security/2011/12/31/1
-CVE-2011-4918
+CVE-2011-4918 (Multiple cross-site scripting (XSS) vulnerabilities in Elxis CMS 2009. ...)
 	NOT-FOR-US: Elxis CMS, Aphrodite
 CVE-2011-4917
 	RESERVED
@@ -972,20 +972,20 @@ CVE-2011-4915
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Minor info leak, unlikely to be fixed upstream
-CVE-2011-4914
+CVE-2011-4914 (The ROSE protocol implementation in the Linux kernel before 2.6.39 doe ...)
 	{DSA-2389-1}
 	- linux-2.6 2.6.38-4
-CVE-2011-4913
+CVE-2011-4913 (The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux ker ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
 CVE-2011-4912
 	RESERVED
 	NOT-FOR-US: Joomla!
-CVE-2011-4911
+CVE-2011-4911 (Joomla! before 1.5.12 does not perform a JEXEC check in unspecified fi ...)
 	NOT-FOR-US: Joomla!
-CVE-2011-4910
+CVE-2011-4910 (Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 allo ...)
 	NOT-FOR-US: Joomla!
-CVE-2011-4909
+CVE-2011-4909 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before  ...)
 	NOT-FOR-US: Joomla!
 CVE-2011-4908
 	RESERVED
@@ -996,12 +996,12 @@ CVE-2011-4907
 CVE-2011-4906
 	RESERVED
 	NOT-FOR-US: Joomla!
-CVE-2011-4905
+CVE-2011-4905 (Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial ...)
 	- activemq 5.5.0+dfsg-5 (bug #655495)
-CVE-2011-4899
+CVE-2011-4899 (** DISPUTED ** wp-admin/setup-config.php in the installation component ...)
 	- wordpress <unfixed> (unimportant)
 	NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
-CVE-2011-4898
+CVE-2011-4898 (** DISPUTED ** wp-admin/setup-config.php in the installation component ...)
 	- wordpress <unfixed> (unimportant)
 	NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
 CVE-2011-4904
@@ -1024,13 +1024,13 @@ CVE-2011-4900
 	RESERVED
 	{DSA-2289-1}
 	- typo3-src 4.5.4+dfsg1-1 (bug #635937)
-CVE-2011-4897
+CVE-2011-4897 (Tor before 0.2.2.25-alpha, when configured as a relay without the Nick ...)
 	- tor 0.2.2.27-beta-1 (unimportant)
-CVE-2011-4896
+CVE-2011-4896 (Tor before 0.2.2.24-alpha continues to use a reachable bridge that was ...)
 	- tor 0.2.2.27-beta-1 (unimportant)
-CVE-2011-4895
+CVE-2011-4895 (Tor before 0.2.2.34, when configured as a bridge, sets up circuits thr ...)
 	- tor 0.2.2.34-1 (unimportant)
-CVE-2011-4894
+CVE-2011-4894 (Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort  ...)
 	- tor 0.2.2.34-1 (unimportant)
 CVE-2011-4893
 	REJECTED
@@ -1038,104 +1038,104 @@ CVE-2011-4892
 	REJECTED
 CVE-2011-4891
 	REJECTED
-CVE-2011-4890
+CVE-2011-4890 (The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows rem ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2011-4889
+CVE-2011-4889 (The javax.naming.directory.AttributeInUseException class in the Virtua ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2011-4888
 	RESERVED
-CVE-2011-4887
+CVE-2011-4887 (Cross-site scripting (XSS) vulnerability in the Violations Table in th ...)
 	NOT-FOR-US: Imperva SecureSphere Web Application Firewall
 CVE-2011-4886
 	RESERVED
-CVE-2011-4885
+CVE-2011-4885 (PHP before 5.3.9 computes hash values for form parameters without rest ...)
 	{DSA-2399-1}
 	- php5 5.3.9-1 (low)
 CVE-2011-4884
 	RESERVED
-CVE-2011-4883
+CVE-2011-4883 (The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 doe ...)
 	NOT-FOR-US: atvise.com webMI
-CVE-2011-4882
+CVE-2011-4882 (The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 all ...)
 	NOT-FOR-US: atvise.com webMI
-CVE-2011-4881
+CVE-2011-4881 (The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 doe ...)
 	NOT-FOR-US: atvise.com webMI
-CVE-2011-4880
+CVE-2011-4880 (Directory traversal vulnerability in the web server in Certec atvise w ...)
 	NOT-FOR-US: atvise.com webMI
-CVE-2011-4879
+CVE-2011-4879 (miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005 ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4878
+CVE-2011-4878 (Directory traversal vulnerability in miniweb.exe in the HMI web server ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4877
+CVE-2011-4877 (HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 20 ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4876
+CVE-2011-4876 (Directory traversal vulnerability in HmiLoad in the runtime loader in  ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4875
+CVE-2011-4875 (Stack-based buffer overflow in HmiLoad in the runtime loader in Siemen ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4874
+CVE-2011-4874 (Use-after-free vulnerability in MICROSYS PROMOTIC before 8.1.7 allows  ...)
 	NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2011-4873
+CVE-2011-4873 (Unspecified vulnerability in the server in Certec EDV atvise before 2. ...)
 	NOT-FOR-US: Certec EDV atvise
-CVE-2011-4872
+CVE-2011-4872 (Multiple HTC Android devices including Desire HD FRG83D and GRI40, Gla ...)
 	NOT-FOR-US: Android devices
-CVE-2011-4871
+CVE-2011-4871 (Open Automation Software OPC Systems.NET before 5.0 allows remote atta ...)
 	NOT-FOR-US: opcsystems.com
-CVE-2011-4870
+CVE-2011-4870 (Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and ...)
 	NOT-FOR-US: Invensys Wonderware
-CVE-2011-4869
+CVE-2011-4869 (validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly per ...)
 	{DSA-2370-1}
 	- unbound 1.4.14-1 (medium)
-CVE-2011-4868
+CVE-2011-4868 (The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when u ...)
 	- isc-dhcp 4.2.2.dfsg.1-5 (low; bug #655746)
 	[squeeze] - isc-dhcp <not-affected> (vulnerable code not present)
-CVE-2011-4867
+CVE-2011-4867 (The Tencent QQPhoto (com.tencent.qqphoto) application 0.97 for Android ...)
 	NOT-FOR-US: Tencent QQPhoto (com.tencent.qqphoto) application
-CVE-2011-4866
+CVE-2011-4866 (The Kaixin001 (com.kaixin001.activity) application 1.3.1 and 1.3.3 for ...)
 	NOT-FOR-US: Kaixin001 (com.kaixin001.activity) application
-CVE-2011-4865
+CVE-2011-4865 (The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 app ...)
 	NOT-FOR-US: Tencent WBlog
-CVE-2011-4864
+CVE-2011-4864 (The Tencent MobileQQ (com.tencent.mobileqq) application 2.2 for Androi ...)
 	NOT-FOR-US: Tencent MobileQQ (com.tencent.mobileqq) application
-CVE-2011-4863
+CVE-2011-4863 (The Tencent QQPimSecure (com.tencent.qqpimsecure) application 3.0.2 fo ...)
 	NOT-FOR-US: Tencent QQPimSecure (com.tencent.qqpimsecure) application
-CVE-2011-4862
+CVE-2011-4862 (Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 throu ...)
 	{DSA-2375-1 DSA-2373-1 DSA-2372-1}
 	- heimdal 1.5.dfsg.1-1 (high)
 	- inetutils 2:1.8-6 (high)
 	- krb5 1.8+dfsg~aa+r23527-1 (high)
 	- krb5-appl 1:1.0.1-1.2 (high; bug #654231)
 	NOTE: krb5 fixed through move of code to krb5-appl.
-CVE-2011-4861
+CVE-2011-4861 (The modbus_125_handler function in the Schneider Electric Quantum Ethe ...)
 	NOT-FOR-US: Schneider Electric Quantum Ethernet Module
-CVE-2011-4860
+CVE-2011-4860 (The ComputePassword function in the Schneider Electric Quantum Etherne ...)
 	NOT-FOR-US: Schneider Electric Quantum Ethernet Module
-CVE-2011-4859
+CVE-2011-4859 (The Schneider Electric Quantum Ethernet Module, as used in the Quantum ...)
 	NOT-FOR-US: Schneider Electric Quantum Ethernet Module
-CVE-2011-4858
+CVE-2011-4858 (Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23  ...)
 	{DSA-2401-1}
 	- tomcat5 <removed>
 	- tomcat6 6.0.35-1
 	- tomcat7 7.0.26-1
-CVE-2011-4857
+CVE-2011-4857 (Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5 ...)
 	NOT-FOR-US: Winamp
-CVE-2011-4856
+CVE-2011-4856 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 sen ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4855
+CVE-2011-4855 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 omi ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4854
+CVE-2011-4854 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 doe ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4853
+CVE-2011-4853 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 inc ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4852
+CVE-2011-4852 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 gen ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4851
+CVE-2011-4851 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 gen ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4850
+CVE-2011-4850 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 doe ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4849
+CVE-2011-4849 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 doe ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4848
+CVE-2011-4848 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 inc ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4847
+CVE-2011-4847 (SQL injection vulnerability in the Control Panel in Parallels Plesk Pa ...)
 	NOT-FOR-US: Plesk
 CVE-2011-4846
 	RESERVED
@@ -1153,88 +1153,88 @@ CVE-2011-4840
 	RESERVED
 CVE-2011-4839
 	RESERVED
-CVE-2011-4838
+CVE-2011-4838 (JRuby before 1.6.5.1 computes hash values without restricting the abil ...)
 	{DLA-209-1}
 	- jruby 1.5.6-4 (low; bug #686867)
-CVE-2011-4837
+CVE-2011-4837 (Cross-site request forgery (CSRF) vulnerability in /ctrl in the web in ...)
 	NOT-FOR-US: HomeSeer
-CVE-2011-4836
+CVE-2011-4836 (Cross-site scripting (XSS) vulnerability in the web interface in HomeS ...)
 	NOT-FOR-US: HomeSeer
-CVE-2011-4835
+CVE-2011-4835 (Directory traversal vulnerability in the web interface in HomeSeer HS2 ...)
 	NOT-FOR-US: HomeSeer
-CVE-2011-4834
+CVE-2011-4834 (The GetInstalledPackages function in the configuration tool in HP Appl ...)
 	NOT-FOR-US: HP Application Lifestyle Management
-CVE-2011-4833
+CVE-2011-4833 (Multiple SQL injection vulnerabilities in the Leads module in SugarCRM ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
-CVE-2011-4832
+CVE-2011-4832 (Directory traversal vulnerability in CaupoShop Pro 2.x, CaupoShop Clas ...)
 	NOT-FOR-US: CaupoShop
-CVE-2011-4831
+CVE-2011-4831 (Directory traversal vulnerability in webFileBrowser.php in Web File Br ...)
 	NOT-FOR-US: Web File Browser
-CVE-2011-4830
+CVE-2011-4830 (Multiple cross-site scripting (XSS) vulnerabilities in the com_listing ...)
 	NOT-FOR-US: Joomla extension
-CVE-2011-4829
+CVE-2011-4829 (SQL injection vulnerability in the com_listing component in Barter Sit ...)
 	NOT-FOR-US: Joomla extension
-CVE-2011-4828
+CVE-2011-4828 (Unrestricted file upload vulnerability in includes/inline_image_upload ...)
 	NOT-FOR-US: AutoSec Tools V-CMS
-CVE-2011-4827
+CVE-2011-4827 (Multiple cross-site scripting (XSS) vulnerabilities in AutoSec Tools V ...)
 	NOT-FOR-US: AutoSec Tools V-CMS
-CVE-2011-4826
+CVE-2011-4826 (SQL injection vulnerability in session.php in AutoSec Tools V-CMS 1.0  ...)
 	NOT-FOR-US: AutoSec Tools V-CMS
-CVE-2011-4825
+CVE-2011-4825 (Static code injection vulnerability in inc/function.base.php in Ajax F ...)
 	NOT-FOR-US: Ajax File and Image Manager
-CVE-2011-4824
+CVE-2011-4824 (SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h a ...)
 	{DSA-2384-1}
 	- cacti 0.8.7i-1 (high; bug #652371)
-CVE-2011-4823
+CVE-2011-4823 (Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikreal ...)
 	NOT-FOR-US: Joomla extension
-CVE-2011-4822
+CVE-2011-4822 (Multiple cross-site scripting (XSS) vulnerabilities in the user profil ...)
 	NOT-FOR-US: Atlassian FishEye
-CVE-2011-4821
+CVE-2011-4821 (Directory traversal vulnerability in the TFTP server in D-Link DIR-601 ...)
 	NOT-FOR-US: D-Link router
 CVE-2011-4820
 	RESERVED
-CVE-2011-4819
+CVE-2011-4819 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asse ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-4818
+CVE-2011-4818 (Open redirect vulnerability in IBM Maximo Asset Management and Asset M ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-4817
+CVE-2011-4817 (The About option on the Help menu in IBM Maximo Asset Management and A ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-4816
+CVE-2011-4816 (SQL injection vulnerability in the KPI component in IBM Maximo Asset M ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-4815
+CVE-2011-4815 (Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restri ...)
 	{DLA-88-1}
 	- ruby1.8 1.8.7.358-1
 	- ruby1.9 <not-affected> (Includes randomisation of the hash function)
 	- ruby1.9.1 <not-affected> (Includes randomisation of the hash function)
-CVE-2011-4814
+CVE-2011-4814 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0  ...)
 	- dolibarr 3.3.4-1 (low)
-CVE-2011-4813
+CVE-2011-4813 (Directory traversal vulnerability in clientarea.php in WHMCompleteSolu ...)
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2011-4812
+CVE-2011-4812 (Cross-site scripting (XSS) vulnerability in nowosci.php in BestShopPro ...)
 	NOT-FOR-US: BestShopPro
-CVE-2011-4811
+CVE-2011-4811 (SQL injection vulnerability in pokaz_podkat.php in BestShopPro allows  ...)
 	NOT-FOR-US: BestShopPro
-CVE-2011-4810
+CVE-2011-4810 (Multiple directory traversal vulnerabilities in WHMCompleteSolution (W ...)
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2011-4809
+CVE-2011-4809 (Multiple cross-site scripting (XSS) vulnerabilities in the HM Communit ...)
 	NOT-FOR-US: Joomla extension
-CVE-2011-4808
+CVE-2011-4808 (SQL injection vulnerability in the HM Community (com_hmcommunity) comp ...)
 	NOT-FOR-US: Joomla extension
-CVE-2011-4807
+CVE-2011-4807 (Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and ...)
 	NOT-FOR-US: phpAlbum
-CVE-2011-4806
+CVE-2011-4806 (Multiple cross-site scripting (XSS) vulnerabilities in main.php in php ...)
 	NOT-FOR-US: phpAlbum
-CVE-2011-4805
+CVE-2011-4805 (Cross-site scripting (XSS) vulnerability in pubDBLogon.jsp in SAP Crys ...)
 	NOT-FOR-US: SAP Crystal Report Server
-CVE-2011-4804
+CVE-2011-4804 (Directory traversal vulnerability in the obSuggest (com_obsuggest) com ...)
 	NOT-FOR-US: Joomla extension
-CVE-2011-4803
+CVE-2011-4803 (SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin  ...)
 	NOT-FOR-US: WPTouch WordPress plugin
-CVE-2011-4802
+CVE-2011-4802 (Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probab ...)
 	- dolibarr 3.3.4-1
-CVE-2011-4801
+CVE-2011-4801 (SQL injection vulnerability in akeyActivationLogin.do in Authenex Web  ...)
 	NOT-FOR-US: Authenex Strong Authentication System
-CVE-2011-4800
+CVE-2011-4800 (Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 ...)
 	NOT-FOR-US: Serv-U FTP Server
 CVE-2011-4799
 	REJECTED
@@ -1252,271 +1252,271 @@ CVE-2011-4793
 	REJECTED
 CVE-2011-4792
 	REJECTED
-CVE-2011-4791
+CVE-2011-4791 (DBServer.exe in HP Data Protector Media Operations 6.11 and earlier al ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-4790
+CVE-2011-4790 (Unspecified vulnerability in HP Network Automation 7.5x, 7.6x, 9.0, an ...)
 	NOT-FOR-US: HP Network Automation
-CVE-2011-4789
+CVE-2011-4789 (Stack-based buffer overflow in magentservice.exe in the server in HP L ...)
 	NOT-FOR-US: HP Diagnostics
-CVE-2011-4788
+CVE-2011-4788 (Absolute path traversal vulnerability in the web interface on HP Stora ...)
 	NOT-FOR-US: HP StorageWorks
-CVE-2011-4787
+CVE-2011-4787 (A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care S ...)
 	NOT-FOR-US: HP Easy Printer Care
-CVE-2011-4786
+CVE-2011-4786 (A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care S ...)
 	NOT-FOR-US: HP Easy Printer Care
-CVE-2011-4785
+CVE-2011-4785 (Directory traversal vulnerability in the HP-ChaiSOE/1.0 web server on  ...)
 	NOT-FOR-US: HP-ChaiSOE/1.0 web server
-CVE-2011-4784
+CVE-2011-4784 (The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not properl ...)
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2011-4783
+CVE-2011-4783 (The IDAPython plugin before 1.5.2.3 in IDA Pro allows user-assisted re ...)
 	NOT-FOR-US: IDA Pro
-CVE-2011-4782
+CVE-2011-4782 (Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFil ...)
 	- phpmyadmin 4:3.4.9-1 (unimportant)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: unlikely exploitation scenario
 CVE-2011-4781
 	RESERVED
-CVE-2011-4780
+CVE-2011-4780 (Multiple cross-site scripting (XSS) vulnerabilities in libraries/displ ...)
 	- phpmyadmin 4:3.4.9-1 (unimportant)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: unlikely exploitation scenario
 CVE-2011-4779
 	REJECTED
-CVE-2011-4778
+CVE-2011-4778 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.2.x ...)
 	NOT-FOR-US: Splunk Web
-CVE-2011-4777
+CVE-2011-4777 (Cross-site scripting (XSS) vulnerability in the Site Editor (aka SiteB ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4776
+CVE-2011-4776 (Multiple cross-site scripting (XSS) vulnerabilities in the Control Pan ...)
 	NOT-FOR-US: Plesk
 CVE-2011-4775
 	RESERVED
 CVE-2011-4774
 	RESERVED
-CVE-2011-5146
+CVE-2011-5146 (Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users ...)
 	- bokken 1.5-3 (bug #651931)
-CVE-2011-4773
+CVE-2011-4773 (The AnGuanJia (com.anguanjia.safe) application 2.10.343 for Android do ...)
 	NOT-FOR-US: AnGuanJia (com.anguanjia.safe) application
-CVE-2011-4772
+CVE-2011-4772 (The 360 KouXin (com.qihoo360.kouxin) application 1.5.3 for Android doe ...)
 	NOT-FOR-US: 360 KouXin (com.qihoo360.kouxin) application
-CVE-2011-4771
+CVE-2011-4771 (The Scan to PDF Free (com.scan.to.pdf.trial) application 2.0.4 for And ...)
 	NOT-FOR-US: Scan to PDF Free (com.scan.to.pdf.trial) application
-CVE-2011-4770
+CVE-2011-4770 (The QIWI Wallet (ru.mw) application before 1.14.2 for Android does not ...)
 	NOT-FOR-US: QIWI Wallet (ru.mw) application
-CVE-2011-4769
+CVE-2011-4769 (The 360 MobileSafe (com.qihoo360.mobilesafe) application 2.x before 2. ...)
 	NOT-FOR-US: 360 MobileSafe (com.qihoo360.mobilesafe) application
-CVE-2011-4768
+CVE-2011-4768 (The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Bus ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4767
+CVE-2011-4767 (The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Bus ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4766
+CVE-2011-4766 (** DISPUTED ** The Site Editor (aka SiteBuilder) feature in Parallels  ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4765
+CVE-2011-4765 (The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Bus ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4764
+CVE-2011-4764 (Multiple cross-site scripting (XSS) vulnerabilities in the Site Editor ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4763
+CVE-2011-4763 (Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBui ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4762
+CVE-2011-4762 (Parallels Plesk Small Business Panel 10.2.0 sends incorrect Content-Ty ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4761
+CVE-2011-4761 (Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type hea ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4760
+CVE-2011-4760 (Parallels Plesk Small Business Panel 10.2.0 has web pages containing e ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4759
+CVE-2011-4759 (Parallels Plesk Small Business Panel 10.2.0 generates web pages contai ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4758
+CVE-2011-4758 (Parallels Plesk Small Business Panel 10.2.0 receives cleartext passwor ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4757
+CVE-2011-4757 (Parallels Plesk Small Business Panel 10.2.0 generates a password form  ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4756
+CVE-2011-4756 (Parallels Plesk Small Business Panel 10.2.0 does not include the HTTPO ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4755
+CVE-2011-4755 (Parallels Plesk Small Business Panel 10.2.0 does not properly validate ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4754
+CVE-2011-4754 (Multiple cross-site scripting (XSS) vulnerabilities in Parallels Plesk ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4753
+CVE-2011-4753 (Multiple SQL injection vulnerabilities in Parallels Plesk Small Busine ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4752
+CVE-2011-4752 (SmarterTools SmarterStats 6.2.4100 sends incorrect Content-Type header ...)
 	NOT-FOR-US: SmarterTools SmaterStats
-CVE-2011-4751
+CVE-2011-4751 (SmarterTools SmarterStats 6.2.4100 generates web pages containing exte ...)
 	NOT-FOR-US: SmarterTools SmaterStats
-CVE-2011-4750
+CVE-2011-4750 (Multiple cross-site scripting (XSS) vulnerabilities in SmarterTools Sm ...)
 	NOT-FOR-US: SmarterTools SmaterStats
-CVE-2011-4749
+CVE-2011-4749 (The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4748
+CVE-2011-4748 (The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4747
+CVE-2011-4747 (The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4746
+CVE-2011-4746 (The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4745
+CVE-2011-4745 (Multiple cross-site scripting (XSS) vulnerabilities in the billing sys ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4744
+CVE-2011-4744 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 se ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4743
+CVE-2011-4743 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 om ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4742
+CVE-2011-4742 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 ha ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4741
+CVE-2011-4741 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 in ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4740
+CVE-2011-4740 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 ge ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4739
+CVE-2011-4739 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 ge ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4738
+CVE-2011-4738 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 do ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4737
+CVE-2011-4737 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 in ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4736
+CVE-2011-4736 (The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 re ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4735
+CVE-2011-4735 (Multiple cross-site scripting (XSS) vulnerabilities in the Control Pan ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4734
+CVE-2011-4734 (Multiple SQL injection vulnerabilities in the Control Panel in Paralle ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4733
+CVE-2011-4733 (The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1 ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4732
+CVE-2011-4732 (The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1 ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4731
+CVE-2011-4731 (The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1 ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4730
+CVE-2011-4730 (The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1 ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4729
+CVE-2011-4729 (The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1 ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4728
+CVE-2011-4728 (The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1 ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4727
+CVE-2011-4727 (The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1 ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4726
+CVE-2011-4726 (Multiple cross-site scripting (XSS) vulnerabilities in the Server Admi ...)
 	NOT-FOR-US: Plesk
-CVE-2011-4725
+CVE-2011-4725 (Multiple SQL injection vulnerabilities in the Server Administration Pa ...)
 	NOT-FOR-US: Plesk
 CVE-2011-4724
 	RESERVED
-CVE-2011-4723
+CVE-2011-4723 (The D-Link DIR-300 router stores cleartext passwords, which allows con ...)
 	NOT-FOR-US: D-Link DIR-300 router
-CVE-2011-4722
+CVE-2011-4722 (Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswi ...)
 	NOT-FOR-US: Ipswitch WhatsUp Gold
 CVE-2011-4721
 	RESERVED
-CVE-2011-4720
+CVE-2011-4720 (Hillstone HS TFTP Server 1.3.2 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Hillstone HS TFTP Server
-CVE-2011-4719
+CVE-2011-4719 (Multiple unspecified vulnerabilities in Google Chrome before 16.0.912. ...)
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
 	NOTE: Duplicate for chromebooks
-CVE-2011-4718
+CVE-2011-4718 (Session fixation vulnerability in the Sessions subsystem in PHP before ...)
 	- php5 5.5.2+dfsg-1 (low)
 	[wheezy] - php5 <no-dsa> (Too intrusive to backport, mitigations exists)
 	[squeeze] - php5 <no-dsa> (Too intrusive to backport, mitigations exists)
 	NOTE: 5.5.2 implements strict sessions RFC (https://wiki.php.net/rfc/strict_sessions)
-CVE-2011-4717
+CVE-2011-4717 (Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows  ...)
 	NOT-FOR-US: zFTPServer Suite
-CVE-2011-4716
+CVE-2011-4716 (Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1. ...)
 	NOT-FOR-US: DreamBox
-CVE-2011-4715
+CVE-2011-4715 (Directory traversal vulnerability in cgi-bin/koha/mainpage.pl in Koha  ...)
 	- koha <itp> (bug #389876)
-CVE-2011-4714
+CVE-2011-4714 (Directory traversal vulnerability in Virtual Vertex Muster before 6.20 ...)
 	NOT-FOR-US: Virtual Vertex Muster
-CVE-2011-4713
+CVE-2011-4713 (Directory traversal vulnerability in catalog/content.php in osCSS2 2.1 ...)
 	NOT-FOR-US: osCSS2
-CVE-2011-4712
+CVE-2011-4712 (Directory traversal vulnerability in Oxide WebServer allows remote att ...)
 	NOT-FOR-US: Oxide
-CVE-2011-4711
+CVE-2011-4711 (Multiple directory traversal vulnerabilities in namazu.cgi in Namazu b ...)
 	- namazu2 <not-affected> (Windows-specific issue)
-CVE-2011-4710
+CVE-2011-4710 (Multiple SQL injection vulnerabilities in Pixie CMS 1.01 through 1.04  ...)
 	NOT-FOR-US: Pixie CMS
-CVE-2011-4709
+CVE-2011-4709 (Multiple cross-site scripting (XSS) vulnerabilities in Hotaru.php in t ...)
 	NOT-FOR-US: Hotaru
-CVE-2011-4708
+CVE-2011-4708 (Cross-site scripting (XSS) vulnerability in IBM Rational Asset Manager ...)
 	NOT-FOR-US: IBM Rational Asset Manager
-CVE-2011-4707
+CVE-2011-4707 (Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan  ...)
 	NOT-FOR-US: SAP Netweaver
 CVE-2011-4706
 	RESERVED
-CVE-2011-4705
+CVE-2011-4705 (The Ming Blacklist Free (vc.software.blacklist) application 1.8.1 and  ...)
 	NOT-FOR-US: Ming Blacklist Free (vc.software.blacklist) application
-CVE-2011-4704
+CVE-2011-4704 (The Voxofon (com.voxofon) application before 2.5.2 for Android does no ...)
 	NOT-FOR-US: Voxofon (com.voxofon) application
-CVE-2011-4703
+CVE-2011-4703 (The Limit My Call (com.limited.call.view) application 2.11 for Android ...)
 	NOT-FOR-US: Limit My Call (com.limited.call.view) application
-CVE-2011-4702
+CVE-2011-4702 (The Nimbuzz (com.nimbuzz) application 2.0.8 and 2.0.10 for Android doe ...)
 	NOT-FOR-US: Nimbuzz (com.nimbuzz) application
-CVE-2011-4701
+CVE-2011-4701 (The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 ...)
 	NOT-FOR-US: CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application
-CVE-2011-4700
+CVE-2011-4700 (The UberMedia UberSocial (com.twidroid) application 7.x before 7.2.4 f ...)
 	NOT-FOR-US: UberMedia UberSocial (com.twidroid) application
-CVE-2011-4699
+CVE-2011-4699 (The Ubermedia Twidroyd Legacy (com.twidroydlegacy) application 4.3.11  ...)
 	NOT-FOR-US: Ubermedia Twidroyd Legacy (com.twidroydlegacy) application
-CVE-2011-4698
+CVE-2011-4698 (The AndroidAppTools Easy Filter (com.phoneblocker.android) application ...)
 	NOT-FOR-US: AndroidAppTools Easy Filter (com.phoneblocker.android)
-CVE-2011-4697
+CVE-2011-4697 (The Xiaomi MiTalk Messenger (com.xiaomi.channel) application before 2. ...)
 	NOT-FOR-US: Xiaomi MiTalk Messenger (com.xiaomi.channel) application
-CVE-2011-4696
+CVE-2011-4696 (Directory traversal vulnerability in Eye-Fi Helper before 3.4.23 allow ...)
 	NOT-FOR-US: Eye-Fi Helper
-CVE-2011-4695
+CVE-2011-4695 (Unspecified vulnerability in Microsoft Windows 7 SP1, when Java is ins ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-4694
+CVE-2011-4694 (Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-4693
+CVE-2011-4693 (Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-4692
+CVE-2011-4692 (WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-4691
+CVE-2011-4691 (Google Chrome 15.0.874.121 and earlier does not prevent capture of dat ...)
 	- chromium-browser 17.0.963.56~r121963-1 (unimportant)
-CVE-2011-4690
+CVE-2011-4690 (Opera 11.60 and earlier does not prevent capture of data about the tim ...)
 	NOT-FOR-US: Opera
-CVE-2011-4689
+CVE-2011-4689 (Microsoft Internet Explorer 6 through 9 does not prevent capture of da ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-4688
+CVE-2011-4688 (Mozilla Firefox 8.0.1 and earlier does not prevent capture of data abo ...)
 	- iceweasel <removed> (unimportant)
-CVE-2011-4687
+CVE-2011-4687 (Opera before 11.60 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Opera
-CVE-2011-4686
+CVE-2011-4686 (Unspecified vulnerability in the Web Workers implementation in Opera b ...)
 	NOT-FOR-US: Opera
-CVE-2011-4685
+CVE-2011-4685 (Dragonfly in Opera before 11.60 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Opera
-CVE-2011-4684
+CVE-2011-4684 (Opera before 11.60 does not properly handle certificate revocation, wh ...)
 	NOT-FOR-US: Opera
-CVE-2011-4683
+CVE-2011-4683 (Unspecified vulnerability in Opera before 11.60 has unknown impact and ...)
 	NOT-FOR-US: Opera
-CVE-2011-4682
+CVE-2011-4682 (The JavaScript engine in Opera before 11.60 does not properly implemen ...)
 	NOT-FOR-US: Opera
-CVE-2011-4681
+CVE-2011-4681 (Opera before 11.60 does not properly consider the number of . (dot) ch ...)
 	NOT-FOR-US: Opera
-CVE-2011-4680
+CVE-2011-4680 (Multiple cross-site scripting (XSS) vulnerabilities in the customer po ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2011-4679
+CVE-2011-4679 (vtiger CRM before 5.3.0 does not properly recognize the disabled statu ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2011-4678
+CVE-2011-4678 (The password reset feature in One Click Orgs before 1.2.3 generates di ...)
 	NOT-FOR-US: One Click Orgs
-CVE-2011-4677
+CVE-2011-4677 (One Click Orgs before 1.2.3 does not have an off autocomplete attribut ...)
 	NOT-FOR-US: One Click Orgs
 CVE-2011-4676
 	RESERVED
-CVE-2011-4675
+CVE-2011-4675 (The pathname canonicalization functionality in io/filesystem/filesyste ...)
 	- widelands 1:15-3 (low)
 	NOTE: Nearly a duplicate of CVE-2011-1932.
 	NOTE: CVE's SPLIT decision is unclear.
-CVE-2011-4674
+CVE-2011-4674 (SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, an ...)
 	- zabbix 1:1.8.9-1 (bug #651225)
 	[squeeze] - zabbix <no-dsa> (Will be handled through point update)
-CVE-2011-4673
+CVE-2011-4673 (SQL injection vulnerability in modules/sharedaddy.php in the Jetpack p ...)
 	NOT-FOR-US: Jetpack plugin for Wordpress
-CVE-2011-4672
+CVE-2011-4672 (Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earli ...)
 	NOT-FOR-US: Valid tiny-erp, different from TinyERP, the former name of OpenERP
-CVE-2011-4671
+CVE-2011-4671 (SQL injection vulnerability in adrotate/adrotate-out.php in the AdRota ...)
 	NOT-FOR-US: Adrorate plugin for Wordpress
-CVE-2011-4670
+CVE-2011-4670 (Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM 5.2. ...)
 	NOT-FOR-US: vTiger CRM
-CVE-2011-4669
+CVE-2011-4669 (SQL injection vulnerability in wp-users.php in WordPress Users plugin  ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-4668
+CVE-2011-4668 (IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers ...)
 	NOT-FOR-US: Tivoli
-CVE-2011-4667
+CVE-2011-4667 (The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and  ...)
 	NOT-FOR-US: Cisco
 CVE-2011-4666
 	RESERVED
@@ -1532,7 +1532,7 @@ CVE-2011-4661
 	RESERVED
 CVE-2011-4660
 	RESERVED
-CVE-2011-4659
+CVE-2011-4659 (Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phon ...)
 	NOT-FOR-US: Cisco TelePresence Software
 CVE-2011-4658
 	RESERVED
@@ -1550,31 +1550,31 @@ CVE-2011-4652
 	RESERVED
 CVE-2011-4651
 	RESERVED
-CVE-2011-4650
+CVE-2011-4650 (Cisco Data Center Network Manager is affected by Excessive Logging Dur ...)
 	NOT-FOR-US: Cisco
 CVE-2011-4649
 	RESERVED
 CVE-2011-4648
 	RESERVED
-CVE-2011-4647
+CVE-2011-4647 (Multiple cross-site scripting (XSS) vulnerabilities in the story creat ...)
 	NOT-FOR-US: Geeklog
-CVE-2011-4646
+CVE-2011-4646 (SQL injection vulnerability in wp-postratings.php in the WP-PostRating ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2011-4645
 	RESERVED
-CVE-2011-4644
+CVE-2011-4644 (Splunk 4.2.5 and earlier, when a Free license is selected, enables pot ...)
 	NOT-FOR-US: Splunk Web
-CVE-2011-4643
+CVE-2011-4643 (Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2. ...)
 	NOT-FOR-US: Splunk Web
-CVE-2011-4642
+CVE-2011-4642 (mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly  ...)
 	NOT-FOR-US: Splunk Web
 CVE-2011-4641
 	RESERVED
-CVE-2011-4640
+CVE-2011-4640 (Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan  ...)
 	NOT-FOR-US: SpamTitan
-CVE-2011-4639
+CVE-2011-4639 (The (1) Traceroute and (2) Ping implementations in tools.php in SpamTi ...)
 	NOT-FOR-US: SpamTitan
-CVE-2011-4638
+CVE-2011-4638 (Multiple SQL injection vulnerabilities in SpamTitan WebTitan before 3. ...)
 	NOT-FOR-US: SpamTitan
 CVE-2011-4637
 	RESERVED
@@ -1582,7 +1582,7 @@ CVE-2011-4636
 	RESERVED
 CVE-2011-4635
 	RESERVED
-CVE-2011-4634
+CVE-2011-4634 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4. ...)
 	- phpmyadmin 4:3.4.8-1 (low)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
@@ -1620,40 +1620,40 @@ CVE-2011-4625 [simplesamlphp xml encryption issues]
 	RESERVED
 	{DSA-2330-1}
 	- simplesamlphp 1.8.1-1
-CVE-2011-4624
+CVE-2011-4624 (Cross-site scripting (XSS) vulnerability in facebook.php in the GRAND  ...)
 	NOT-FOR-US: WordPress flash-album-gallery
-CVE-2011-4623
+CVE-2011-4623 (Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf. ...)
 	- rsyslog 5.7.4-1
 	[squeeze] - rsyslog <no-dsa> (Minor issue)
-CVE-2011-4622
+CVE-2011-4622 (The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and p ...)
 	{DSA-2389-1}
 	- linux-2.6 3.1.8-1
-CVE-2011-4621
+CVE-2011-4621 (The Linux kernel before 2.6.37 does not properly implement a certain c ...)
 	- linux-2.6 2.6.37-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code introduced in 2.6.35)
-CVE-2011-4620
+CVE-2011-4620 (Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB ...)
 	{DSA-2425-1}
 	- plib 1.8.5-5.1 (bug #654785)
-CVE-2011-4619
+CVE-2011-4619 (The Server Gated Cryptography (SGC) implementation in OpenSSL before 0 ...)
 	{DSA-2390-1}
 	- openssl 1.0.0h-1
-CVE-2011-4618
+CVE-2011-4618 (Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanc ...)
 	NOT-FOR-US: WordPress advanced-text-widget
-CVE-2011-4617
+CVE-2011-4617 (virtualenv.py in virtualenv before 1.5 allows local users to overwrite ...)
 	- python-virtualenv 1.6-1 (low; bug #652653)
 	[lenny] - python-virtualenv <no-dsa> (Minor issue)
 	[squeeze] - python-virtualenv 1.4.9-3squeeze1
-CVE-2011-4616
+CVE-2011-4616 (Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro modu ...)
 	- libhtml-template-pro-perl 0.9507-1 (low; bug #652587)
 	[squeeze] - libhtml-template-pro-perl 0.9502-1+squeeze1
-CVE-2011-4615
+CVE-2011-4615 (Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before 1 ...)
 	- zabbix 1:1.8.10-1 (bug #652664)
 	[squeeze] - zabbix <no-dsa> (Will be handled through point update)
-CVE-2011-4614
+CVE-2011-4614 (PHP remote file inclusion vulnerability in Classes/Controller/Abstract ...)
 	- typo3-src 4.5.9+dfsg1-1 (bug #652365)
 	[squeeze] - typo3-src <not-affected> (Only affects 4.5 onwards)
 	[lenny] - typo3-src <not-affected> (Only affects 4.5 onwards)
-CVE-2011-4613
+CVE-2011-4613 (The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu ...)
 	{DSA-2364-1}
 	- xorg 1:7.6+10 (low; bug #652249)
 	[lenny] - xorg <not-affected> (Introduced in 1:7.4~4)
@@ -1662,152 +1662,152 @@ CVE-2011-XXXX [X launcher doesn't drop group privileges]
 	[squeeze] - xorg 1:7.5+8+squeeze1
 	[lenny] - xorg <no-dsa> (potential privilege handling weakness, no known attack vector)
 	NOTE: http://anonscm.debian.org/gitweb/?p=pkg-xorg/debian/xorg.git;a=commitdiff;h=e81b3943be75ca6674867fc7756905490e979522
-CVE-2011-4612
+CVE-2011-4612 (icecast before 2.3.3 allows remote attackers to inject control charact ...)
 	- icecast2 2.3.3-1 (bug #652663)
 	[lenny] - icecast2 <no-dsa> (Minor issue)
 	[squeeze] - icecast2 <no-dsa> (Minor issue)
 	[wheezy] - icecast2 2.3.2-9+deb7u2
-CVE-2011-4611
+CVE-2011-4611 (Integer overflow in the perf_event_interrupt function in arch/powerpc/ ...)
 	{DSA-2389-1}
 	- linux-2.6 3.0.0-1
-CVE-2011-4610
+CVE-2011-4610 (JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1 ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2011-4609
+CVE-2011-4609 (The svc_run function in the RPC implementation in glibc before 2.15 al ...)
 	- eglibc 2.13-33 (low; bug #671478)
 	[squeeze] - eglibc 2.11.3-4
-CVE-2011-4608
+CVE-2011-4608 (mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2011-4607
+CVE-2011-4607 (PuTTY 0.59 through 0.61 does not clear sensitive process memory when m ...)
 	- putty 0.62-1 (unimportant)
 	[squeeze] - putty 0.60+2010-02-20-1+squeeze2
 	NOTE: DSA-2736-1
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html
 	NOTE: Hardening measure, not a vulnerability
-CVE-2011-4606
+CVE-2011-4606 (Artsoft Entertainment Rocks'n'Diamonds (aka rocksndiamonds) 3.3.0.1 al ...)
 	- rocksndiamonds 3.3.0.1+dfsg1-2.2 (bug #651620)
 	[squeeze] - rocksndiamonds <no-dsa> (Contrib not supported)
 	[lenny] - rocksndiamonds <no-dsa> (Contrib not supported)
-CVE-2011-4605
+CVE-2011-4605 (The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invok ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2011-4604
+CVE-2011-4604 (The bat_socket_read function in net/batman-adv/icmp_socket.c in the Li ...)
 	- batmand-adv-kernelland <removed>
 	[squeeze] - batmand-adv-kernelland <not-affected> (Vulnerable code not present)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-4603
+CVE-2011-4603 (The silc_channel_message function in ops.c in the SILC protocol plugin ...)
 	- pidgin 2.10.1-1 (low)
 	[squeeze] - pidgin 2.7.3-1+squeeze2
-CVE-2011-4602
+CVE-2011-4602 (The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not ...)
 	- pidgin 2.10.1-1 (low)
 	[squeeze] - pidgin 2.7.3-1+squeeze2
-CVE-2011-4601
+CVE-2011-4601 (family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin b ...)
 	- pidgin 2.10.1-1 (low)
 	[squeeze] - pidgin 2.7.3-1+squeeze2
-CVE-2011-4600
+CVE-2011-4600 (The networkReloadIptablesRules function in network/bridge_driver.c in  ...)
 	- libvirt 0.9.9-1 (low)
 	[squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-4599
+CVE-2011-4599 (Stack-based buffer overflow in the _canonicalize function in common/ul ...)
 	{DSA-2397-1}
 	- icu 4.8.1.1-3 (bug #654883)
-CVE-2011-4598
+CVE-2011-4598 (The handle_request_info function in channels/chan_sip.c in Asterisk Op ...)
 	{DSA-2367-1}
 	- asterisk 1:1.8.8.0~dfsg-1 (bug #651552)
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2011-4597
+CVE-2011-4597 (The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1 ...)
 	{DSA-2367-1}
 	- asterisk 1:1.8.8.0~dfsg-1 (bug #651552)
-CVE-2011-4596
+CVE-2011-4596 (Multiple directory traversal vulnerabilities in OpenStack Nova before  ...)
 	- nova 2012.1~e1-4
 CVE-2011-4595
 	RESERVED
 	NOT-FOR-US: WordPress pretty-link plugin
-CVE-2011-4594
+CVE-2011-4594 (The __sys_sendmsg function in net/socket.c in the Linux kernel before  ...)
 	- linux-2.6 3.1-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced and fixed during 3.1 dev cycle)
 	[lenny] - linux-2.6 <not-affected> (Introduced and fixed during 3.1 dev cycle)
-CVE-2011-4593
+CVE-2011-4593 (Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4592
+CVE-2011-4592 (The command-line cron implementation in Moodle 2.0.x before 2.0.6 and  ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4591
+CVE-2011-4591 (Cross-site scripting (XSS) vulnerability in the print_object function  ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4590
+CVE-2011-4590 (The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4589
+CVE-2011-4589 (backup/moodle2/restore_stepslib.php in Moodle 2.0.x before 2.0.6 and 2 ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4588
+CVE-2011-4588 (The ip_in_range function in mnet/lib.php in MNET in Moodle 1.9.x befor ...)
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5 (bug #652235)
-CVE-2011-4587
+CVE-2011-4587 (lib/moodlelib.php in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, a ...)
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5 (bug #652235)
-CVE-2011-4586
+CVE-2011-4586 (CRLF injection vulnerability in calendar/set.php in the Calendar subsy ...)
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5 (bug #652235)
-CVE-2011-4585
+CVE-2011-4585 (login/change_password.php in Moodle 1.9.x before 1.9.15 does not use h ...)
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5 (bug #652235)
-CVE-2011-4584
+CVE-2011-4584 (The MNET authentication functionality in Moodle 1.9.x before 1.9.15, 2 ...)
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5 (bug #652235)
-CVE-2011-4583
+CVE-2011-4583 (Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service  ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4582
+CVE-2011-4582 (Open redirect vulnerability in the Calendar set page in Moodle 2.1.x b ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4581
+CVE-2011-4581 (mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1 ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4580
+CVE-2011-4580 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss E ...)
 	NOT-FOR-US: JBoss Enterprise Portal Platform
-CVE-2011-4579
+CVE-2011-4579 (The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in liba ...)
 	{DSA-2378-1}
 	- libav 4:0.7.3-1
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4931c8f0f10bf8dedcf626104a6b85bfefadc6f2
-CVE-2011-4578
+CVE-2011-4578 (event.c in acpid (aka acpid2) before 2.0.11 does not have an appropria ...)
 	{DSA-2362-1}
 	- acpid 1:2.0.11-1
-CVE-2011-4577
+CVE-2011-4577 (OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is  ...)
 	- openssl 1.0.0f-1 (unimportant)
 	NOTE: RFC 3779 support has not been enabled at compile time.
-CVE-2011-4576
+CVE-2011-4576 (The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0 ...)
 	{DSA-2390-1}
 	- openssl 1.0.0f-1
-CVE-2011-4575
+CVE-2011-4575 (Cross-site scripting (XSS) vulnerability in the JMX console in JBoss E ...)
 	NOT-FOR-US: JMX Console
 CVE-2011-4574
 	RESERVED
-CVE-2011-4573
+CVE-2011-4573 (Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly  ...)
 	NOT-FOR-US: JBoss Operations Network
-CVE-2011-4572
+CVE-2011-4572 (Cross-site scripting (XSS) vulnerability in inc/tesmodrewite.php in CF ...)
 	NOT-FOR-US: CF Image Hosting Script
-CVE-2011-4571
+CVE-2011-4571 (SQL injection vulnerability in the Estate Agent (com_estateagent) comp ...)
 	NOT-FOR-US: Joomla extension
-CVE-2011-4570
+CVE-2011-4570 (SQL injection vulnerability in the Time Returns (com_timereturns) comp ...)
 	NOT-FOR-US: Joomla extension
-CVE-2011-4569
+CVE-2011-4569 (SQL injection vulnerability in userbarsettings.php in the Userbar plug ...)
 	NOT-FOR-US: MyBB extension
-CVE-2011-4568
+CVE-2011-4568 (Cross-site scripting (XSS) vulnerability in view/frontend-head.php in  ...)
 	NOT-FOR-US: Wordpress extension
-CVE-2011-4567
+CVE-2011-4567 (Cross-site scripting (XSS) vulnerability in includes/templates/templat ...)
 	NOT-FOR-US: Zen Cart
-CVE-2011-4566
+CVE-2011-4566 (Integer overflow in the exif_process_IFD_TAG function in exif.c in the ...)
 	{DSA-2399-1}
 	- php5 5.3.9-1
-CVE-2011-4565
+CVE-2011-4565 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.5.1.a,  ...)
 	NOT-FOR-US: XOOPS
-CVE-2011-4564
+CVE-2011-4564 (Cross-site scripting (XSS) vulnerability in the admin script in Active ...)
 	NOT-FOR-US: Active CMS
-CVE-2011-4563
+CVE-2011-4563 (Cross-site scripting (XSS) vulnerability in index.php in JAKCMS 2.0.4. ...)
 	NOT-FOR-US: JAKCMS
-CVE-2011-4562
+CVE-2011-4562 (Multiple cross-site scripting (XSS) vulnerabilities in (1) view/admin/ ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-4561
+CVE-2011-4561 (Cross-site scripting (XSS) vulnerability in admin.php in Phorum 5.2.18 ...)
 	NOT-FOR-US: Phorum
-CVE-2011-4560
+CVE-2011-4560 (Cross-site scripting (XSS) vulnerability in the Petition Node module 6 ...)
 	NOT-FOR-US: Petition node module for Drupal
-CVE-2011-4559
+CVE-2011-4559 (SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 ...)
 	NOT-FOR-US: vTiger
 CVE-2011-4558
 	RESERVED
@@ -1818,136 +1818,136 @@ CVE-2011-4557
 	RESERVED
 CVE-2011-4556
 	RESERVED
-CVE-2011-4555
+CVE-2011-4555 (One Click Orgs before 1.2.3 does not require unique e-mail addresses f ...)
 	NOT-FOR-US: One Click Orgs
-CVE-2011-4554
+CVE-2011-4554 (One Click Orgs before 1.2.3 allows remote authenticated users to trigg ...)
 	NOT-FOR-US: One Click Orgs
-CVE-2011-4553
+CVE-2011-4553 (Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3  ...)
 	NOT-FOR-US: One Click Orgs
-CVE-2011-4552
+CVE-2011-4552 (Multiple cross-site scripting (XSS) vulnerabilities in One Click Orgs  ...)
 	NOT-FOR-US: One Click Orgs
-CVE-2011-4551
+CVE-2011-4551 (Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in Tik ...)
 	- tikiwiki <removed>
 CVE-2011-4550
 	RESERVED
 CVE-2011-4549
 	RESERVED
-CVE-2011-4548
+CVE-2011-4548 (Multiple unspecified vulnerabilities in Google Chrome before 16.0.912. ...)
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
 	NOTE: duplicate for chromebooks
-CVE-2011-4547
+CVE-2011-4547 (Multiple cross-site scripting (XSS) vulnerabilities in includes/templa ...)
 	NOT-FOR-US: Zen Cart
 CVE-2011-4546
 	RESERVED
-CVE-2011-4545
+CVE-2011-4545 (CRLF injection vulnerability in admin/displayImage.php in Prestashop 1 ...)
 	NOT-FOR-US: Prestashop
-CVE-2011-4544
+CVE-2011-4544 (Multiple cross-site scripting (XSS) vulnerabilities in Prestashop befo ...)
 	NOT-FOR-US: Prestashop
-CVE-2011-4543
+CVE-2011-4543 (Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow ...)
 	NOT-FOR-US: osCommerce
-CVE-2011-4542
+CVE-2011-4542 (Hastymail2 2.1.1 before RC2 allows remote attackers to execute arbitra ...)
 	- hastymail <removed>
-CVE-2011-4541
+CVE-2011-4541 (Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 2. ...)
 	- hastymail <removed>
-CVE-2011-4540
+CVE-2011-4540 (Multiple cross-site scripting (XSS) vulnerabilities in AtMail Open (ak ...)
 	- atmailopen <removed>
-CVE-2011-4539
+CVE-2011-4539 (dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 do ...)
 	{DSA-2519-2 DSA-2519-1}
 	- dhcp3 <not-affected> (Only affects DHCP 4.x)
 	- isc-dhcp 4.2.2.dfsg.1-5 (bug #652259; low)
 CVE-2011-4538
 	RESERVED
-CVE-2011-4537
+CVE-2011-4537 (Multiple buffer overflows in 7-Technologies (7T) Interactive Graphical ...)
 	NOT-FOR-US: 7-Technologies IGSS
-CVE-2011-4536
+CVE-2011-4536 (Heap-based buffer overflow in nettransdll.dll in HistorySvr.exe (aka H ...)
 	NOT-FOR-US: WellinTech KingView
-CVE-2011-4535
+CVE-2011-4535 (Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ...)
 	NOT-FOR-US: TurboPower Abbrevia
-CVE-2011-4534
+CVE-2011-4534 (ZenSysSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows rem ...)
 	NOT-FOR-US: COPA-DATA
-CVE-2011-4533
+CVE-2011-4533 (zenAdminSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows r ...)
 	NOT-FOR-US: COPA-DATA
-CVE-2011-4532
+CVE-2011-4532 (Absolute path traversal vulnerability in the ALMListView.ALMListCtrl A ...)
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2011-4531
+CVE-2011-4531 (Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allo ...)
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2011-4530
+CVE-2011-4530 (Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does ...)
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2011-4529
+CVE-2011-4529 (Multiple buffer overflows in Siemens Automation License Manager (ALM)  ...)
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2011-4528
+CVE-2011-4528 (Unbound before 1.4.13p2 attempts to free unallocated memory during pro ...)
 	{DSA-2370-1}
 	- unbound 1.4.14-1 (medium)
 CVE-2011-4527
 	RESERVED
-CVE-2011-4526
+CVE-2011-4526 (Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess  ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2011-4525
+CVE-2011-4525 (Advantech/BroadWin WebAccess before 7.0 allows remote attackers to tri ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2011-4524
+CVE-2011-4524 (Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows remo ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2011-4523
+CVE-2011-4523 (Cross-site scripting (XSS) vulnerability in bwview.asp in Advantech/Br ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2011-4522
+CVE-2011-4522 (Cross-site scripting (XSS) vulnerability in bwerrdn.asp in Advantech/B ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2011-4521
+CVE-2011-4521 (SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2011-4520
+CVE-2011-4520 (Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTI ...)
 	NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2011-4519
+CVE-2011-4519 (Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOT ...)
 	NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2011-4518
+CVE-2011-4518 (Directory traversal vulnerability in the PmWebDir object in the web se ...)
 	NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2011-4517
+CVE-2011-4517 (The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.90 ...)
 	{DSA-2371-1}
 	- jasper 1.900.1-13 (bug #652649)
 	- ghostscript 8.64~dfsg-2
 	NOTE: ghostscript using system jasper since this version
-CVE-2011-4516
+CVE-2011-4516 (Heap-based buffer overflow in the jpc_cox_getcompparms function in lib ...)
 	{DSA-2371-1}
 	- jasper 1.900.1-13 (bug #652649)
 	- ghostscript 8.64~dfsg-2
 	NOTE: ghostscript using system jasper since this version
-CVE-2011-4515
+CVE-2011-4515 (Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing  ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4514
+CVE-2011-4514 (The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008 ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4513
+CVE-2011-4513 (Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA  ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4512
+CVE-2011-4512 (CRLF injection vulnerability in the HMI web server in Siemens WinCC fl ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4511
+CVE-2011-4511 (Cross-site scripting (XSS) vulnerability in the HMI web server in Siem ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4510
+CVE-2011-4510 (Cross-site scripting (XSS) vulnerability in the HMI web server in Siem ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4509
+CVE-2011-4509 (The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 200 ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4508
+CVE-2011-4508 (The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 200 ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2011-4507
+CVE-2011-4507 (The D-Link DIR-685 router, when certain WPA and WPA2 configurations ar ...)
 	NOT-FOR-US: D-Link DIR-685 router
-CVE-2011-4506
+CVE-2011-4506 (The UPnP IGD implementation on the Thomson (aka Technicolor) TG585 wit ...)
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4505
+CVE-2011-4505 (The UPnP IGD implementation on SpeedTouch 5x6 devices with firmware be ...)
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4504
+CVE-2011-4504 (The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyX ...)
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4503
+CVE-2011-4503 (The UPnP IGD implementation in Broadcom Linux on the Sitecom WL-111 al ...)
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4502
+CVE-2011-4502 (The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K  ...)
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4501
+CVE-2011-4501 (The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K  ...)
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4500
+CVE-2011-4500 (The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware ...)
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4499
+CVE-2011-4499 (The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Li ...)
 	NOT-FOR-US: hardware device with broken UPnP UGD implementation
-CVE-2011-4498
+CVE-2011-4498 (Cross-site request forgery (CSRF) vulnerability in the web console in  ...)
 	NOT-FOR-US: Zenprise Device Manager
-CVE-2011-4497
+CVE-2011-4497 (QIS_wizard.htm on the ASUS RT-N56U router with firmware before 1.0.1.4 ...)
 	NOT-FOR-US: Asus device
-CVE-2011-4496
+CVE-2011-4496 (Buffer overflow in Aviosoft DTV Player 1.0.1.2 allows remote attackers ...)
 	NOT-FOR-US: Aviosoft DTV Player
 CVE-2011-4495
 	RESERVED
@@ -1965,9 +1965,9 @@ CVE-2011-4489
 	RESERVED
 CVE-2011-4488
 	RESERVED
-CVE-2011-4487
+CVE-2011-4487 (SQL injection vulnerability in Cisco Unified Communications Manager (C ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-4486
+CVE-2011-4486 (Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-4485
 	RESERVED
@@ -2009,27 +2009,27 @@ CVE-2011-4467
 	RESERVED
 CVE-2011-4466
 	RESERVED
-CVE-2011-4465
+CVE-2011-4465 (Cross-site scripting (XSS) vulnerability in IBM Lotus Mobile Connect ( ...)
 	NOT-FOR-US: IBM Lotus Mobile Connect
 CVE-2011-4464
 	RESERVED
 CVE-2011-4463
 	RESERVED
-CVE-2011-4462
+CVE-2011-4462 (Plone 4.1.3 and earlier computes hash values for form parameters witho ...)
 	- plone3 <removed>
-CVE-2011-4461
+CVE-2011-4461 (Jetty 8.1.0.RC2 and earlier computes hash values for form parameters w ...)
 	- jetty 6.1.26-1
 	[squeeze] - jetty <no-dsa> (Minor issue)
-CVE-2011-4460
+CVE-2011-4460 (SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x ...)
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-4459
+CVE-2011-4459 (Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 doe ...)
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-4458
+CVE-2011-4458 (Best Practical Solutions RT 3.6.x, 3.7.x, and 3.8.x before 3.8.12 and  ...)
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-4457
+CVE-2011-4457 (OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88, when J ...)
 	NOT-FOR-US: OWASP HTML Sanitizer
 CVE-2011-4456
 	REJECTED
@@ -2041,19 +2041,19 @@ CVE-2011-4454
 	RESERVED
 	- tikiwiki <removed>
 	NOTE: http://secunia.com/advisories/46740/
-CVE-2011-4453
+CVE-2011-4453 (The PageListSort function in scripts/pagelist.php in PmWiki 2.x before ...)
 	- pmwiki <itp> (bug #330117)
-CVE-2011-4452
+CVE-2011-4452 (Cross-site request forgery (CSRF) vulnerability in the AdminUsers comp ...)
 	NOT-FOR-US: WikkaWiki
-CVE-2011-4451
+CVE-2011-4451 (** DISPUTED ** libs/Wakka.class.php in WikkaWiki 1.3.1 and 1.3.2, when ...)
 	NOT-FOR-US: WikkaWiki
-CVE-2011-4450
+CVE-2011-4450 (Directory traversal vulnerability in handlers/files.xml/files.xml.php  ...)
 	NOT-FOR-US: WikkaWiki
-CVE-2011-4449
+CVE-2011-4449 (actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MO ...)
 	NOT-FOR-US: WikkaWiki
-CVE-2011-4448
+CVE-2011-4448 (SQL injection vulnerability in actions/usersettings/usersettings.php i ...)
 	NOT-FOR-US: WikkaWiki
-CVE-2011-4447
+CVE-2011-4447 (The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0. ...)
 	- bitcoin 0.5.1-1
 CVE-2011-4446
 	RESERVED
@@ -2075,17 +2075,17 @@ CVE-2011-4438
 	RESERVED
 CVE-2011-4437
 	RESERVED
-CVE-2011-4436
+CVE-2011-4436 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: Dell appliance
-CVE-2011-4435
+CVE-2011-4435 (The web-server component in the Consolidation and Analysis Engine (CAE ...)
 	NOT-FOR-US: IBM DB2
-CVE-2011-4434
+CVE-2011-4434 (Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-4433
 	REJECTED
-CVE-2011-4432
+CVE-2011-4432 (www/include/configuration/nconfigObject/contact/DB-Func.php in Merethi ...)
 	NOT-FOR-US: Merethis Centreon
-CVE-2011-4431
+CVE-2011-4431 (Directory traversal vulnerability in main.php in Merethis Centreon bef ...)
 	NOT-FOR-US: Merethis Centreon
 CVE-2011-4430
 	REJECTED
@@ -2117,7 +2117,7 @@ CVE-2011-4417
 	REJECTED
 CVE-2011-4416
 	REJECTED
-CVE-2011-4415
+CVE-2011-4415 (The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0 ...)
 	- apache2 2.4.1-1 (unimportant)
 	NOTE: apache2 does not protect or claim to protect against DoS through .htaccess
 CVE-2011-4414
@@ -2130,24 +2130,24 @@ CVE-2011-4411
 	REJECTED
 CVE-2011-4410
 	REJECTED
-CVE-2011-4409
+CVE-2011-4409 (The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LT ...)
 	NOT-FOR-US: Ubuntu One
-CVE-2011-4408
+CVE-2011-4408 (The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11. ...)
 	- ubuntu-sso-client <removed> (bug #680492)
-CVE-2011-4407
+CVE-2011-4407 (ppa.py in Software Properties before 0.81.13.3 does not validate the s ...)
 	- software-properties 0.76.7debian2+nmu2
 	[squeeze] - software-properties <not-affected> (Vulnerable code not present)
 	[lenny] - software-properties <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/915210/
-CVE-2011-4406
+CVE-2011-4406 (The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does n ...)
 	- accountsservice 0.6.15-3
-CVE-2011-4405
+CVE-2011-4405 (The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 1 ...)
 	- system-config-printer 1.3.7-1 (low; bug #651204)
 	[squeeze] - system-config-printer <no-dsa> (Minor issue)
-CVE-2011-4404
+CVE-2011-4404 (The default configuration of the HTTP server in Jetty in vSphere Updat ...)
 	- jetty 6.1.19-1 (low; bug #528389)
 	NOTE: duplicate of CVE-2009-1523
-CVE-2011-4403
+CVE-2011-4403 (Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart ...)
 	NOT-FOR-US: Zen Cart
 CVE-2011-4402
 	REJECTED
@@ -2205,70 +2205,70 @@ CVE-2011-4376
 	REJECTED
 CVE-2011-4375
 	REJECTED
-CVE-2011-4374
+CVE-2011-4374 (Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows atta ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-4373
+CVE-2011-4373 (Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Window ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2011-4372
+CVE-2011-4372 (Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Window ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2011-4371
+CVE-2011-4371 (Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Window ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2011-4370
+CVE-2011-4370 (Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Window ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2011-4369
+CVE-2011-4369 (Unspecified vulnerability in the PRC component in Adobe Reader and Acr ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2011-4368
+CVE-2011-4368 (Cross-site scripting (XSS) vulnerability in Remote Development Service ...)
 	NOT-FOR-US: Adobe Cold Fusion
-CVE-2011-4367
+CVE-2011-4367 (Multiple directory traversal vulnerabilities in MyFaces JavaServer Fac ...)
 	- mojarra <not-affected> (The Debian package only ships some API classes)
 CVE-2011-4366
 	REJECTED
 CVE-2011-4365
 	REJECTED
-CVE-2011-4364
+CVE-2011-4364 (Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5. ...)
 	{DSA-2378-1}
 	- libav 4:0.7.3-1
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 	NOTE: http://www.usenix.org/events/woot11/tech/final_files/Yamaguchi.pdf
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=494cfacdb9ba3f0549e37f76b3a2f86a7aeeac3c
-CVE-2011-4363
+CVE-2011-4363 (ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when T ...)
 	- libproc-processtable-perl 0.45-6 (low; bug #650500)
 	[squeeze] - libproc-processtable-perl 0.45-1+squeeze1
-CVE-2011-4362
+CVE-2011-4362 (Integer signedness error in the base64_decode function in the HTTP aut ...)
 	{DSA-2368-1}
 	- lighttpd 1.4.30-1 (low; bug #652726)
 	NOTE: http://openwall.com/lists/oss-security/2011/11/29/8
 	NOTE: http://redmine.lighttpd.net/issues/2370
 	NOTE: the announcement says that the debian package is not affected, but there are no additional patches that would cause different behavior (i.e. the base64_reverse_table is the same in debian and upstream), so if upstream is affected, so too is the debian package
-CVE-2011-4361
+CVE-2011-4361 (MediaWiki before 1.17.1 does not check for read permission before hand ...)
 	{DSA-2366-1}
 	- mediawiki 1:1.15.5-4 (bug #650434)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html
-CVE-2011-4360
+CVE-2011-4360 (MediaWiki before 1.17.1 allows remote attackers to obtain the page tit ...)
 	{DSA-2366-1}
 	- mediawiki 1:1.15.5-4 (bug #650434)
 	[squeeze] - mediawiki <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html
 CVE-2011-4359 [MyFaces - includeViewParameters re-evaluates param/model values as EL expressions]
 	REJECTED
-CVE-2011-4358
+CVE-2011-4358 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1  ...)
 	{DSA-2359-1}
 	- mojarra 2.0.3-2 (bug #650430)
-CVE-2011-4357
+CVE-2011-4357 (Format string vulnerability in the p_cgi_error function in python/neo_ ...)
 	{DSA-2355-1}
 	- clearsilver 0.10.5-1.3 (bug #649322)
-CVE-2011-4356
+CVE-2011-4356 (Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4. ...)
 	- celery 2.4.6-1
 	- django-celery <not-affected> (Vulnerable code not present)
-CVE-2011-4355
+CVE-2011-4355 (GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defi ...)
 	- gdb 7.6-1 (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=703238
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=gdb/NEWS;hb=HEAD (lists "auto-load safe-path" under "Changes in GDB 7.5")
-CVE-2011-4354
+CVE-2011-4354 (crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as u ...)
 	{DSA-2390-1}
 	- openssl 0.9.8o-4squeeze3 (bug #650621)
-CVE-2011-4353
+CVE-2011-4353 (The (1) av_image_fill_pointers, (2) vp5_parse_coeff, and (3) vp6_parse ...)
 	{DSA-2378-1}
 	- libav 4:0.7.3-1
 	- ffmpeg 7:2.4.1-1
@@ -2278,12 +2278,12 @@ CVE-2011-4353
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=30c08e2
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=7367cbe
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=28acce2
-CVE-2011-4352
+CVE-2011-4352 (Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c ...)
 	- libav 4:0.7.3-1
 	- ffmpeg <not-affected> (Was introduced in 0.6)
 	- ffmpeg-debian <not-affected> (Was introduced in 0.6)
 	NOTE: http://article.gmane.org/gmane.comp.video.libav.devel/15182
-CVE-2011-4351
+CVE-2011-4351 (Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x befo ...)
 	{DSA-2378-1}
 	- libav 4:0.7.3-1
 	- ffmpeg 7:2.4.1-1
@@ -2296,195 +2296,195 @@ CVE-2011-4350
 	- yaws 1.91-2 (bug #650009)
 	[lenny] - yaws <not-affected> (Vulnerable code not present)
 	[squeeze] - yaws <not-affected> (Vulnerable code not present)
-CVE-2011-4349
+CVE-2011-4349 (Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2)  ...)
 	- colord 0.1.15-1 (medium; bug #650021)
-CVE-2011-4348
+CVE-2011-4348 (Race condition in the sctp_rcv function in net/sctp/input.c in the Lin ...)
 	- linux-2.6 <not-affected> (Incomplete fix for RHEL5-specific backport regression)
 	NOTE: incomplete fix for CVE-2011-2482
-CVE-2011-4347
+CVE-2011-4347 (The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in  ...)
 	{DSA-2443-1}
 	- linux-2.6 <removed>
-CVE-2011-4346
+CVE-2011-4346 (Cross-site scripting (XSS) vulnerability in the web interface in Red H ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2011-4345
+CVE-2011-4345 (Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when ...)
 	- namazu2 2.0.21-1 (low)
 	[squeeze] - namazu2 <no-dsa> (Minor issue)
-CVE-2011-4344
+CVE-2011-4344 (Cross-site scripting (XSS) vulnerability in Jenkins Core in Jenkins be ...)
 	- jenkins-winstone 0.9.10-jenkins-29+dfsg-1  (bug #649900)
-CVE-2011-4343
+CVE-2011-4343 (Information disclosure vulnerability in Apache MyFaces Core 2.0.1 thro ...)
 	NOT-FOR-US: Apache MyFaces
-CVE-2011-4342
+CVE-2011-4342 (PHP remote file inclusion vulnerability in wp_xml_export.php in the Ba ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-4341
+CVE-2011-4341 (Multiple SQL injection vulnerabilities in symphony/content/content.pub ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2011-4340
+CVE-2011-4340 (Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2. ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2011-4339
+CVE-2011-4339 (ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmito ...)
 	{DSA-2376-2 DSA-2376-1}
 	- ipmitool 1.8.11-5 (bug #651917)
 CVE-2011-4338
 	RESERVED
 	NOT-FOR-US: Arch-Linux specific tool
-CVE-2011-4337
+CVE-2011-4337 (Static code injection vulnerability in translate.php in Support Incide ...)
 	NOT-FOR-US: Support Incident Tracker
 CVE-2011-4336
 	RESERVED
 	NOT-FOR-US: Tiki Wiki
-CVE-2011-4335
+CVE-2011-4335 (Multiple cross-site scripting (XSS) vulnerabilities in Contao before 2 ...)
 	NOT-FOR-US: Contao
-CVE-2011-4334
+CVE-2011-4334 (edit.php in LabWiki 1.1 and earlier does not properly verify uploaded  ...)
 	NOT-FOR-US: LabWiki
-CVE-2011-4333
+CVE-2011-4333 (Multiple cross-site scripting (XSS) vulnerabilities in LabWiki 1.1 and ...)
 	NOT-FOR-US: LabWiki
-CVE-2011-4332
+CVE-2011-4332 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 a ...)
 	NOT-FOR-US: Joomla!
 CVE-2011-4331
 	REJECTED
-CVE-2011-4330
+CVE-2011-4330 (Stack-based buffer overflow in the hfs_mac2asc function in fs/hfs/tran ...)
 	- linux-2.6 3.1.4-1
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2011-4329
+CVE-2011-4329 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0  ...)
 	- dolibarr 3.3.4-1 (low)
-CVE-2011-4328
+CVE-2011-4328 (plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions ( ...)
 	{DSA-2435-1}
 	- gnash 0.8.10-1 (low; bug #649384)
-CVE-2011-4327
+CVE-2011-4327 (ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platfo ...)
 	- openssh <not-affected> (Only affects platforms w/o /dev/random)
 	NOTE: http://www.openssh.com/txt/portable-keysign-rand-helper.adv
-CVE-2011-4326
+CVE-2011-4326 (The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel b ...)
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 2.6.32-40
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-4325
+CVE-2011-4325 (The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain ...)
 	- linux-2.6 2.6.32-1
-CVE-2011-4324
+CVE-2011-4324 (The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kern ...)
 	- linux-2.6 <not-affected> (RHEL5-specific backport error)
 CVE-2011-4323
 	REJECTED
 CVE-2011-4322
 	RESERVED
 	NOT-FOR-US: websitebaker
-CVE-2011-4321
+CVE-2011-4321 (The password reset functionality in Joomla! 1.5.x through 1.5.24 uses  ...)
 	NOT-FOR-US: Joomla!
-CVE-2011-4320
+CVE-2011-4320 (The mod_pubsub module (mod_pubsub.erl) in ejabberd 2.1.8 and 3.0.0-alp ...)
 	- ejabberd 2.1.9-1 (low)
 	[squeeze] - ejabberd <no-dsa> (Only triggerable with malformed config file)
 	NOTE: https://support.process-one.net/browse/EJAB-1498
-CVE-2011-4319
+CVE-2011-4319 (Cross-site scripting (XSS) vulnerability in the i18n translations help ...)
 	- rails <not-affected> (Only affects RoR 3.0 and above)
-CVE-2011-4318
+CVE-2011-4318 (Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostn ...)
 	- dovecot 1:2.0.18-1 (unimportant; bug #649511)
 	NOTE: Additional hardening
-CVE-2011-4317
+CVE-2011-4317 (The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2 ...)
 	{DSA-2405-1}
 	- apache2 2.2.21-3
 	NOTE: Related to CVE-2011-3368 and CVE-2011-3639 but a different issue
-CVE-2011-4316
+CVE-2011-4316 (Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, in cert ...)
 	NOT-FOR-US: ovirt
 	NOTE: While the Red Hat advisory refers to SPICE, this is a vulnerability in
 	NOTE: the server-side ovirt logic (contacted Red Hat for clarification)
-CVE-2011-4315
+CVE-2011-4315 (Heap-based buffer overflow in compression-pointer processing in core/n ...)
 	- nginx 1.1.8-1 (low)
 	[squeeze] - nginx 0.7.67-3+squeeze1
 	[lenny] - nginx <no-dsa> (Minor issue)
 	NOTE: http://trac.nginx.org/nginx/changeset/4268/nginx
-CVE-2011-4314
+CVE-2011-4314 (message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used i ...)
 	- openid4java 0.9.6.662-1
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2011-4313
+CVE-2011-4313 (query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9 ...)
 	{DSA-2347-1}
 	- bind9 1:9.8.1.dfsg.P1-1 (high; bug #649099)
-CVE-2011-4312
+CVE-2011-4312 (Multiple cross-site scripting (XSS) vulnerabilities in the commenting  ...)
 	NOT-FOR-US: Review Board
-CVE-2011-4311
+CVE-2011-4311 (ResourceSpace before 4.2.2833 does not properly validate access keys,  ...)
 	NOT-FOR-US: ResourceSpace
 CVE-2011-4310
 	RESERVED
 	- cmsms <itp> (bug #608888)
-CVE-2011-4309
+CVE-2011-4309 (Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote attacke ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4308
+CVE-2011-4308 (mod/forum/user.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5,  ...)
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2011-4307
+CVE-2011-4307 (Cross-site scripting (XSS) vulnerability in mod/wiki/lang/en/wiki.php  ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4306
+CVE-2011-4306 (Cross-site scripting (XSS) vulnerability in course/editsection.html in ...)
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4305
+CVE-2011-4305 (message/refresh.php in Moodle 1.9.x before 1.9.14 allows remote authen ...)
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4304
+CVE-2011-4304 (The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x before 2 ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4303
+CVE-2011-4303 (lib/db/upgrade.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4302
+CVE-2011-4302 (mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14, 2.0.x be ...)
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4301
+CVE-2011-4301 (The MoodleQuickForm class in the Forms Library in lib/formslib.php in  ...)
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4300
+CVE-2011-4300 (The file_browser component in Moodle 2.0.x before 2.0.5 and 2.1.x befo ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4299
+CVE-2011-4299 (Cross-site scripting (XSS) vulnerability in mod/wiki/pagelib.php in Mo ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4298
+CVE-2011-4298 (Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4297
+CVE-2011-4297 (comment/lib.php in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 do ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4296
+CVE-2011-4296 (lib/db/access.php in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1  ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4295
+CVE-2011-4295 (The moodle_enrol_external:role_assign function in enrol/externallib.ph ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4294
+CVE-2011-4294 (The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x b ...)
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4293
+CVE-2011-4293 (The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4292
+CVE-2011-4292 (Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4291
+CVE-2011-4291 (Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4290
+CVE-2011-4290 (Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php  ...)
 	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
-CVE-2011-4289
+CVE-2011-4289 (Moodle 2.0.x before 2.0.3 does not recognize the configuration setting ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4288
+CVE-2011-4288 (Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly im ...)
 	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
-CVE-2011-4287
+CVE-2011-4287 (admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force  ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4286
+CVE-2011-4286 (Multiple cross-site scripting (XSS) vulnerabilities in the media-filte ...)
 	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
-CVE-2011-4285
+CVE-2011-4285 (The default configuration of Moodle 2.0.x before 2.0.2 has an incorrec ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4284
+CVE-2011-4284 (Moodle 2.0.x before 2.0.2 allows remote attackers to obtain sensitive  ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4283
+CVE-2011-4283 (Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 places an IMS enterp ...)
 	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
-CVE-2011-4282
+CVE-2011-4282 (Multiple cross-site scripting (XSS) vulnerabilities in the course-tags ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4281
+CVE-2011-4281 (Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2 ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4280
+CVE-2011-4280 (Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4279
+CVE-2011-4279 (Moodle 2.0.x before 2.0.2 does not use the forceloginforprofiles setti ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4278
+CVE-2011-4278 (Cross-site scripting (XSS) vulnerability in the tag autocomplete funct ...)
 	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
-CVE-2011-4277
+CVE-2011-4277 (Cross-site scripting (XSS) vulnerability in CourseForum ProjectForum 7 ...)
 	NOT-FOR-US: CourseForum
-CVE-2011-4276
+CVE-2011-4276 (The Bluetooth service (com/android/phone/BluetoothHeadsetService.java) ...)
 	NOT-FOR-US: Android
-CVE-2011-4275
+CVE-2011-4275 (Multiple cross-site scripting (XSS) vulnerabilities in iTop (aka IT Op ...)
 	NOT-FOR-US: IT Operations Portal
-CVE-2011-4274
+CVE-2011-4274 (Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobil ...)
 	NOT-FOR-US: Movable Type plugin
-CVE-2011-4273
+CVE-2011-4273 (Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserv ...)
 	NOT-FOR-US: GoAhead Webserver
 CVE-2011-4272
 	REJECTED
@@ -2498,51 +2498,51 @@ CVE-2011-4268
 	REJECTED
 CVE-2011-4267
 	REJECTED
-CVE-2011-4266
+CVE-2011-4266 (Untrusted search path vulnerability in FFFTP before 1.98d allows local ...)
 	NOT-FOR-US: FFFTP
-CVE-2011-4265
+CVE-2011-4265 (Cross-site scripting (XSS) vulnerability in phpWebSite before 1.0.0 al ...)
 	NOT-FOR-US: phpWebSite
-CVE-2011-4264
+CVE-2011-4264 (Cross-site scripting (XSS) vulnerability in Etomite before 1.1 allows  ...)
 	NOT-FOR-US: Etomite
-CVE-2011-4263
+CVE-2011-4263 (Cross-site scripting (XSS) vulnerability in Schneider Electric PowerCh ...)
 	NOT-FOR-US: Schneider Electric PowerChute Business Edition
-CVE-2011-4262
+CVE-2011-4262 (Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 all ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4261
+CVE-2011-4261 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to execu ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4260
+CVE-2011-4260 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to execu ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4259
+CVE-2011-4259 (Integer underflow in RealNetworks RealPlayer before 15.0.0 allows remo ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4258
+CVE-2011-4258 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to execu ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4257
+CVE-2011-4257 (The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote  ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4256
+CVE-2011-4256 (The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPl ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4255
+CVE-2011-4255 (Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 and ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4254
+CVE-2011-4254 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to execu ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4253
+CVE-2011-4253 (Unspecified vulnerability in the RV20 codec in RealNetworks RealPlayer ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4252
+CVE-2011-4252 (The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPl ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4251
+CVE-2011-4251 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to execu ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4250
+CVE-2011-4250 (Unspecified vulnerability in the ATRC codec in RealNetworks RealPlayer ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4249
+CVE-2011-4249 (Array index error in the RV30 codec in RealNetworks RealPlayer before  ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4248
+CVE-2011-4248 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to execu ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4247
+CVE-2011-4247 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to execu ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4246
+CVE-2011-4246 (The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPla ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4245
+CVE-2011-4245 (The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Ma ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-4244
+CVE-2011-4244 (Heap-based buffer overflow in the RealVideo renderer in RealNetworks R ...)
 	NOT-FOR-US: RealNetworks RealPlayer
 CVE-2011-4243
 	RESERVED
@@ -2556,7 +2556,7 @@ CVE-2011-4239
 	RESERVED
 CVE-2011-4238
 	RESERVED
-CVE-2011-4237
+CVE-2011-4237 (CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks Comm ...)
 	NOT-FOR-US: Cisco
 CVE-2011-4236
 	RESERVED
@@ -2566,9 +2566,9 @@ CVE-2011-4234
 	RESERVED
 CVE-2011-4233
 	RESERVED
-CVE-2011-4232
+CVE-2011-4232 (The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces diff ...)
 	NOT-FOR-US: Cisco
-CVE-2011-4231
+CVE-2011-4231 (Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an IPsec hu ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2011-4230
 	RESERVED
@@ -2584,31 +2584,31 @@ CVE-2011-4225
 	RESERVED
 CVE-2011-4224
 	RESERVED
-CVE-2011-4223
+CVE-2011-4223 (Unspecified vulnerability in Investintech.com Absolute PDF Server allo ...)
 	NOT-FOR-US: Investintech.com Absolute PDF Server
-CVE-2011-4222
+CVE-2011-4222 (Unspecified vulnerability in Investintech.com Able2Extract and Able2Ex ...)
 	NOT-FOR-US: Investintech.com Able2Extract
-CVE-2011-4221
+CVE-2011-4221 (Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc Pr ...)
 	NOT-FOR-US: Investintech.com Able2Doc
-CVE-2011-4220
+CVE-2011-4220 (Investintech.com SlimPDF Reader does not properly restrict the argumen ...)
 	NOT-FOR-US: Investintech.com SlimPDF
-CVE-2011-4219
+CVE-2011-4219 (Investintech.com SlimPDF Reader does not prevent faulting-address data ...)
 	NOT-FOR-US: Investintech.com SlimPDF
-CVE-2011-4218
+CVE-2011-4218 (Investintech.com SlimPDF Reader does not prevent faulting-instruction  ...)
 	NOT-FOR-US: Investintech.com SlimPDF
-CVE-2011-4217
+CVE-2011-4217 (Investintech.com SlimPDF Reader does not properly restrict read operat ...)
 	NOT-FOR-US: Investintech.com SlimPDF
-CVE-2011-4216
+CVE-2011-4216 (Investintech.com SlimPDF Reader does not properly restrict write opera ...)
 	NOT-FOR-US: Investintech.com SlimPDF
-CVE-2011-4215
+CVE-2011-4215 (SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action  ...)
 	NOT-FOR-US: OneOrZero Action & Information Management System (AIMS)
-CVE-2011-4214
+CVE-2011-4214 (OneOrZero Action &amp; Information Management System (AIMS) 2.7.0 allo ...)
 	NOT-FOR-US: OneOrZero Action & Information Management System (AIMS)
-CVE-2011-4213
+CVE-2011-4213 (The sandbox environment in the Google App Engine Python SDK before 1.5 ...)
 	NOT-FOR-US: Google App Engine
-CVE-2011-4212
+CVE-2011-4212 (The sandbox environment in the Google App Engine Python SDK before 1.5 ...)
 	NOT-FOR-US: Google App Engine
-CVE-2011-4211
+CVE-2011-4211 (The FakeFile implementation in the sandbox environment in the Google A ...)
 	NOT-FOR-US: Google App Engine
 CVE-2011-4210
 	RESERVED
@@ -2624,11 +2624,11 @@ CVE-2011-4205
 	RESERVED
 CVE-2011-4204
 	RESERVED
-CVE-2011-4203
+CVE-2011-4203 (CRLF injection vulnerability in calendar/set.php in the Calendar compo ...)
 	NOT-FOR-US: Moodle addon
-CVE-2011-4202
+CVE-2011-4202 (The Tadasoft Restorepoint 3.2 evaluation image uses weak permissions ( ...)
 	NOT-FOR-US: Tadasoft Restorepoint
-CVE-2011-4201
+CVE-2011-4201 (remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation image a ...)
 	NOT-FOR-US: Tadasoft Restorepoint
 CVE-2011-4200
 	RESERVED
@@ -2636,7 +2636,7 @@ CVE-2011-4199
 	RESERVED
 CVE-2011-4198
 	RESERVED
-CVE-2011-4197
+CVE-2011-4197 (etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 cr ...)
 	NOT-FOR-US: pfSense
 CVE-2011-XXXX [spip privilege escalation]
 	- spip 2.1.12-1 (bug #649113)
@@ -2650,37 +2650,37 @@ CVE-2011-XXXX [spip path disclosure]
 	NOTE: Path disclosure not an issue for Debian
 CVE-2011-4196
 	RESERVED
-CVE-2011-4195
+CVE-2011-4195 (kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 an ...)
 	NOT-FOR-US: Suse kiwi (different from python-kiwi)
-CVE-2011-4194
+CVE-2011-4194 (Buffer overflow in Novell iPrint Server in Novell Open Enterprise Serv ...)
 	NOT-FOR-US: Novell iPrint
-CVE-2011-4193
+CVE-2011-4193 (Cross-site scripting (XSS) vulnerability in the overlay files tab in S ...)
 	NOT-FOR-US: Suse kiwi (different from python-kiwi)
-CVE-2011-4192
+CVE-2011-4192 (kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and ...)
 	NOT-FOR-US: Suse kiwi (different from python-kiwi)
-CVE-2011-4191
+CVE-2011-4191 (Stack-based buffer overflow in the xdrDecodeString function in XNFS.NL ...)
 	NOT-FOR-US: Novell NetWare
-CVE-2011-4190
+CVE-2011-4190 (The kdump implementation is missing the host key verification in the k ...)
 	NOT-FOR-US: kdump as used in SuSE
-CVE-2011-4189
+CVE-2011-4189 (The client in Novell GroupWise 8.0x through 8.02HP3 allows remote atta ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-4188
+CVE-2011-4188 (Buffer overflow in the Create Attribute function in jclient in Novell  ...)
 	NOT-FOR-US: Novell iManager
-CVE-2011-4187
+CVE-2011-4187 (Buffer overflow in the GetDriverSettings function in nipplib.dll in No ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-4186
+CVE-2011-4186 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client befo ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-4185
+CVE-2011-4185 (The GetPrinterURLList2 method in the ActiveX control in Novell iPrint  ...)
 	NOT-FOR-US: ActiveX
 CVE-2011-4184
 	RESERVED
-CVE-2011-4183
+CVE-2011-4183 (A vulnerability in open build service allows remote attackers to uploa ...)
 	- open-build-service <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=736243
 	NOTE: https://github.com/openSUSE/open-build-service/commit/5281e4bff9df31f1f91e22a0d1e9086b93b23d7e
-CVE-2011-4182
+CVE-2011-4182 (Missing escaping of ESSID values in sysconfig of SUSE Linux Enterprise ...)
 	NOT-FOR-US: sysconfig in SUSE Linux Enterprise
-CVE-2011-4181
+CVE-2011-4181 (A vulnerability in open build service allows remote attackers to gain  ...)
 	- open-build-service <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=734003
 	NOTE: https://github.com/openSUSE/open-build-service/commit/5281e4bff9df31f1f91e22a0d1e9086b93b23d7e
@@ -2698,54 +2698,54 @@ CVE-2011-4175
 	RESERVED
 CVE-2011-4174
 	RESERVED
-CVE-2011-4173
+CVE-2011-4173 (Cross-site request forgery (CSRF) vulnerability in Simple Machines For ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2011-4172
+CVE-2011-4172 (Multiple cross-site scripting (XSS) vulnerabilities in KENT-WEB WEB FO ...)
 	NOT-FOR-US: KENT WEB FORUM
-CVE-2011-4171
+CVE-2011-4171 (Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM W ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-4170
+CVE-2011-4170 (Cross-site scripting (XSS) vulnerability in the theme_adium_append_mes ...)
 	- empathy 3.2.1.1-1
 	[squeeze] - empathy <no-dsa> (Minor issue)
 	[lenny] - empathy <not-affected> (only affects webkit theming, not present in Lenny)
-CVE-2011-4169
+CVE-2011-4169 (Unspecified vulnerability in HP Managed Printing Administration before ...)
 	NOT-FOR-US: HP Managed Printing Administration
-CVE-2011-4168
+CVE-2011-4168 (Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in  ...)
 	NOT-FOR-US: HP Managed Printing Administration
-CVE-2011-4167
+CVE-2011-4167 (Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing  ...)
 	NOT-FOR-US: HP Managed Printing Administration
-CVE-2011-4166
+CVE-2011-4166 (Directory traversal vulnerability in the MPAUploader.Uploader.1.Upload ...)
 	NOT-FOR-US: HP Managed Printing Administration
-CVE-2011-4165
+CVE-2011-4165 (Unspecified vulnerability in HP Database Archiving Software 6.31 allow ...)
 	NOT-FOR-US: HP Database Archiving Software
-CVE-2011-4164
+CVE-2011-4164 (Unspecified vulnerability in HP Database Archiving Software 6.31 allow ...)
 	NOT-FOR-US: HP Database Archiving Software
-CVE-2011-4163
+CVE-2011-4163 (Unspecified vulnerability in HP Database Archiving Software 6.31 allow ...)
 	NOT-FOR-US: HP Database Archiving Software
-CVE-2011-4162
+CVE-2011-4162 (The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, ...)
 	NOT-FOR-US: HP Protect Tools Device Access Manager
-CVE-2011-4161
+CVE-2011-4161 (The default configuration of the HP CM8060 Color MFP with Edgeline; Co ...)
 	NOT-FOR-US: HP CM8060 Color MFP
-CVE-2011-4160
+CVE-2011-4160 (Unspecified vulnerability in HP Operations Agent 11.00 and Performance ...)
 	NOT-FOR-US: HP Operations Agent
-CVE-2011-4159
+CVE-2011-4159 (Unspecified vulnerability in System Administration Manager (SAM) in EM ...)
 	NOT-FOR-US: HP-UX
-CVE-2011-4158
+CVE-2011-4158 (Unspecified vulnerability in HP Directories Support for ProLiant Manag ...)
 	NOT-FOR-US: HP Directories Support
-CVE-2011-4157
+CVE-2011-4157 (Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on th ...)
 	NOT-FOR-US: HP SAN/iQ
-CVE-2011-4156
+CVE-2011-4156 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i  ...)
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-4155
+CVE-2011-4155 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i  ...)
 	NOT-FOR-US: HP Network Node Manager
 CVE-2011-4154
 	RESERVED
-CVE-2011-4153
+CVE-2011-4153 (PHP 5.3.8 does not always check the return value of the zend_strndup f ...)
 	{DSA-2408-1}
 	- php5 5.3.9-1 (low)
 CVE-2011-4152
 	RESERVED
-CVE-2011-4151
+CVE-2011-4151 (The krb5_db2_lockout_audit function in the Key Distribution Center (KD ...)
 	- krb5 1.10+dfsg~alpha1-1 (low; bug #646367)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	[lenny] - krb5 <not-affected> (introduced in 1.8)
@@ -2761,55 +2761,55 @@ CVE-2011-4146
 	REJECTED
 CVE-2011-4145
 	REJECTED
-CVE-2011-4144
+CVE-2011-4144 (Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 be ...)
 	NOT-FOR-US: EMC
-CVE-2011-4143
+CVE-2011-4143 (EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote att ...)
 	NOT-FOR-US: EMC
-CVE-2011-4142
+CVE-2011-4142 (The Web Search feature in EMC SourceOne Email Management 6.5 before 6. ...)
 	NOT-FOR-US: EMC SourceOne Email Management
-CVE-2011-4141
+CVE-2011-4141 (Untrusted search path vulnerability in EMC RSA SecurID Software Token  ...)
 	NOT-FOR-US: RSA SecurID
-CVE-2011-4140
+CVE-2011-4140 (The CSRF protection mechanism in Django through 1.2.7 and 1.3.x throug ...)
 	{DSA-2332-1}
 	- python-django 1.3.1-1 (bug #641405)
-CVE-2011-4139
+CVE-2011-4139 (Django before 1.2.7 and 1.3.x before 1.3.1 uses a request's HTTP Host  ...)
 	{DSA-2332-1}
 	- python-django 1.3.1-1 (bug #641405)
-CVE-2011-4138
+CVE-2011-4138 (The verify_exists functionality in the URLField implementation in Djan ...)
 	{DSA-2332-1}
 	- python-django 1.3.1-1 (bug #641405)
-CVE-2011-4137
+CVE-2011-4137 (The verify_exists functionality in the URLField implementation in Djan ...)
 	{DSA-2332-1}
 	- python-django 1.3.1-1 (bug #641405)
-CVE-2011-4136
+CVE-2011-4136 (django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, ...)
 	{DSA-2332-1}
 	- python-django 1.3.1-1 (bug #641405)
-CVE-2011-4135
+CVE-2011-4135 (Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexN ...)
 	NOT-FOR-US: Flexera FlexNet Publisher
-CVE-2011-4134
+CVE-2011-4134 (Heap-based buffer overflow in lmadmin in Flexera FlexNet Publisher 11. ...)
 	NOT-FOR-US: Flexera FlexNet Publisher
-CVE-2011-4133
+CVE-2011-4133 (Cross-site request forgery (CSRF) vulnerability in Moodle 1.9.x before ...)
 	{DSA-2262-1}
 	- moodle 1.9.9.dfsg2-3
-CVE-2011-4132
+CVE-2011-4132 (The cleanup_journal_tail function in the Journaling Block Device (JBD) ...)
 	- linux-2.6 3.1.6-1
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2011-4131
+CVE-2011-4131 (The NFSv4 implementation in the Linux kernel before 3.2.2 does not pro ...)
 	- linux 3.2.9-1 (low)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport, minor impact)
-CVE-2011-4130
+CVE-2011-4130 (Use-after-free vulnerability in the Response API in ProFTPD before 1.3 ...)
 	{DSA-2346-2 DSA-2346-1}
 	- proftpd-dfsg 1.3.4~rc3-2 (high; bug #648373)
 	[lenny] - proftpd-dfsg <not-affected> (vulnerable functionality not present)
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=3711
-CVE-2011-4129
+CVE-2011-4129 ((1) services/twitter/twitter-contact-view.c and (2) services/twitter/t ...)
 	- libsocialweb 0.25.20-1
-CVE-2011-4128
+CVE-2011-4128 (Buffer overflow in the gnutls_session_get_data function in lib/gnutls_ ...)
 	- gnutls26 2.12.14-1 (low; bug #648441)
 	[squeeze] - gnutls26 2.8.6-1+squeeze1
 	[lenny] - gnutls26 <no-dsa> (Minor issue)
-CVE-2011-4127
+CVE-2011-4127 (The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl c ...)
 	{DSA-2443-1 DSA-2389-1}
 	- libguestfs 1:1.14.8-1
 	- linux-2.6 <removed>
@@ -2821,7 +2821,7 @@ CVE-2011-4124
 	RESERVED
 CVE-2011-4123
 	REJECTED
-CVE-2011-4122
+CVE-2011-4122 (Directory traversal vulnerability in openpam_configure.c in OpenPAM be ...)
 	NOT-FOR-US: OpenPAM
 CVE-2011-4121
 	RESERVED
@@ -2844,15 +2844,15 @@ CVE-2011-4115
 	- libparallel-forkmanager-perl <not-affected> (issue introduced in 0.7.6 upstream, never in Debian)
 	NOTE: affected code was never in Debian. Upstream fixed in 1.0.0
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=68298
-CVE-2011-4114
+CVE-2011-4114 (The par_mktmpdir function in the PAR::Packer module before 1.012 for P ...)
 	- libpar-packer-perl 1.012-1 (bug #650706)
 	[squeeze] - libpar-packer-perl 1.006-1+squeeze1
-CVE-2011-4113
+CVE-2011-4113 (SQL injection vulnerability in the Views module before 6.x-2.13 for Dr ...)
 	- drupal6-mod-views 2.14-1
-CVE-2011-4112
+CVE-2011-4112 (The net subsystem in the Linux kernel before 3.1 does not properly res ...)
 	- linux-2.6 3.1-1 (unimportant)
 	NOTE: Turned out to be a non-issue, http://www.openwall.com/lists/oss-security/2011/11/24/3
-CVE-2011-4111
+CVE-2011-4111 (Buffer overflow in the ccid_card_vscard_handle_message function in hw/ ...)
 	- qemu 0.15.1+dfsg-2
 	[lenny] - qemu <not-affected> (Vulnerable CCID code not present)
 	[squeeze] - qemu <not-affected> (Vulnerable CCID code not present)
@@ -2860,57 +2860,57 @@ CVE-2011-4111
 	[wheezy] - xen <not-affected> (Vulnerable code introduced after 0.14.50, embedded version is 0.10.2)
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: Vulnerable code introduced after 0.14.50: http://git.qemu.org/?p=qemu.git;a=commit;h=edbb21363fbfe40e050f583df921484cbc31c79d
-CVE-2011-4110
+CVE-2011-4110 (The user_update function in security/keys/user_defined.c in the Linux  ...)
 	{DSA-2389-1}
 	- linux-2.6 3.1.4-1
-CVE-2011-4109
+CVE-2011-4109 (Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_ ...)
 	{DSA-2390-1}
 	- openssl 1.0.0c-1
-CVE-2011-4108
+CVE-2011-4108 (The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f ...)
 	{DSA-2390-1}
 	- openssl 1.0.0f-1 (low; bug #645805)
 	NOTE: http://rt.openssl.org/Ticket/Display.html?id=2625&user=guest&pass=guest
-CVE-2011-4107
+CVE-2011-4107 (The simplexml_load_string function in the XML import plug-in (librarie ...)
 	{DSA-2391-1}
 	- phpmyadmin 4:3.4.7.1-1 (bug #656247)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=751112
-CVE-2011-4106
+CVE-2011-4106 (TimThumb (timthumb.php) before 2.0 does not validate the entire source ...)
 	NOT-FOR-US: wordpress plugin timthumb
-CVE-2011-4105
+CVE-2011-4105 (LightDM before 1.0.6 allows local users to change ownership of arbitra ...)
 	- lightdm 1.0.6-2
-CVE-2011-4104
+CVE-2011-4104 (The from_yaml method in serializers.py in Django Tastypie before 0.9.1 ...)
 	- django-tastypie 0.9.10-1 (bug #647314)
-CVE-2011-4103
+CVE-2011-4103 (emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 doe ...)
 	{DSA-2344-1}
 	- python-django-piston 0.2.2-2 (high; bug #647315)
-CVE-2011-4102
+CVE-2011-4102 (Heap-based buffer overflow in the erf_read_header function in wiretap/ ...)
 	{DSA-2351-1}
 	- wireshark 1.6.3-1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-19.html
 	NOTE: http://anonsvn.wireshark.org/viewvc/trunk/wiretap/erf.c?r1=39508&r2=39507&pathrev=39508&view=patch
 	NOTE: Affects 1.0 and 1.2, the versions listed in the advisory are relative to the supported upstream branches
-CVE-2011-4101
+CVE-2011-4101 (The dissect_infiniband_common function in epan/dissectors/packet-infin ...)
 	- wireshark 1.6.3-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-18.html
-CVE-2011-4100
+CVE-2011-4100 (The csnStreamDissector function in epan/dissectors/packet-csn1.c in th ...)
 	- wireshark 1.6.3-1
 	[squeeze] - wireshark <not-affected> (Affects only 1.6.0-1.6.2)
 	[lenny] - wireshark <not-affected> (Affects only 1.6.0-1.6.2)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-17.html
-CVE-2011-4099
+CVE-2011-4099 (The capsh program in libcap before 2.22 does not change the current wo ...)
 	- libcap2 1:2.22-1 (low)
 	[squeeze] - libcap2 <no-dsa> (Minor issue)
-CVE-2011-4098
+CVE-2011-4098 (The fallocate implementation in the GFS2 filesystem in the Linux kerne ...)
 	- linux 3.2.1-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (fallocate support was added to GFS2 in 2.37)
-CVE-2011-4097
+CVE-2011-4097 (Integer overflow in the oom_badness function in mm/oom_kill.c in the L ...)
 	- linux-2.6 3.0.0-6
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.39)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.39)
-CVE-2011-4096
+CVE-2011-4096 (The idnsGrokReply function in Squid before 3.1.16 does not properly fr ...)
 	{DSA-2381-1}
 	- squid3 3.1.16-1
 	[lenny] - squid3 <not-affected> (no IPv6 support)
@@ -2920,16 +2920,16 @@ CVE-2011-4095
 CVE-2011-4094
 	RESERVED
 	NOT-FOR-US: Jara
-CVE-2011-4093
+CVE-2011-4093 (Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 ...)
 	- net6 1:1.3.14-1 (low; bug #647318)
 	[squeeze] - net6 <no-dsa> (Minor issue)
 	[lenny] - net6 <no-dsa> (Minor issue)
-CVE-2011-4092
+CVE-2011-4092 (obby (aka libobby) does not verify SSL server certificates, which allo ...)
 	- obby <removed> (low; bug #647317)
 	[wheezy] - obby <no-dsa> (Minor design limitation)
 	[lenny] - obby <no-dsa> (Minor design limitation)
 	[squeeze] - obby <no-dsa> (Minor design limitation)
-CVE-2011-4091
+CVE-2011-4091 (The libobby server in inc/server.hpp in libnet6 (aka net6) before 1.3. ...)
 	[squeeze] - net6 <no-dsa> (Minor issue)
 	[lenny] - net6 <no-dsa> (Minor issue)
 	- net6 1:1.3.14-1 (low; bug #647318)
@@ -2938,47 +2938,47 @@ CVE-2011-4090 [serendipity before 1.6 backend XSS in karma plugin]
 	- serendipity <removed> (bug #650937)
 	[squeeze] - serendipity <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/oss-sec/2011/q4/192
-CVE-2011-4089
+CVE-2011-4089 (The bzexe command in bzip2 1.0.5 and earlier generates compressed exec ...)
 	- bzip2 1.0.6-1 (low; bug #632862)
 	[squeeze] - bzip2 1.0.5-6+squeeze1
 	[lenny] - bzip2 <no-dsa> (Minor issue)
 CVE-2011-4088
 	RESERVED
 	NOT-FOR-US: abrt/libreport
-CVE-2011-4087
+CVE-2011-4087 (The br_parse_ip_options function in net/bridge/br_netfilter.c in the L ...)
 	- linux-2.6 3.0.0-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.37)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.37)
-CVE-2011-4086
+CVE-2011-4086 (The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linu ...)
 	{DSA-2469-1}
 	- linux-2.6 <removed> (low)
-CVE-2011-4085
+CVE-2011-4085 (The servlets invoked by httpha-invoker in JBoss Enterprise Application ...)
 	NOT-FOR-US: JBoss Enterprise SOA Platform
 CVE-2011-4084
 	REJECTED
-CVE-2011-4083
+CVE-2011-4083 (The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x  ...)
 	NOT-FOR-US: RedHat sos
 CVE-2011-4082
 	RESERVED
 	- phpldapadmin 0.9.8-1
-CVE-2011-4081
+CVE-2011-4081 (crypto/ghash-generic.c in the Linux kernel before 3.1 allows local use ...)
 	- linux-2.6 3.0.0-6
 	[squeeze] - linux-2.6 <not-affected> (CRYPTO_GHASH Introduced in 2.6.32)
-CVE-2011-4080
+CVE-2011-4080 (The sysrq_sysctl_handler function in kernel/sysctl.c in the Linux kern ...)
 	- linux-2.6 2.6.39-1
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.37 with eaf06b241b091357e72b76863ba16e89610d31bd)
 	[squeeze] - linux-2.6 <not-affected> (introduced in 2.6.37 with eaf06b241b091357e72b76863ba16e89610d31bd)
-CVE-2011-4079
+CVE-2011-4079 (Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.2 ...)
 	- openldap 2.4.28-1 (unimportant; bug #647610)
 	NOTE: Not exploitable with glibc, see
 	NOTE: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7059;selectid=7059
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4079
-CVE-2011-4078
+CVE-2011-4078 (include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5. ...)
 	- roundcube 0.6+dfsg-1 (bug #646675)
 	[squeeze] - roundcube <not-affected> (squeeze PHP version does not expose the issue)
 	NOTE: http://trac.roundcube.net/ticket/1488086
 	NOTE: This is arguably a PHP issue, but will probably not be fixed upstream.
-CVE-2011-4077
+CVE-2011-4077 (Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c  ...)
 	{DSA-2389-1}
 	- linux-2.6 3.0.0-6
 CVE-2011-4076
@@ -2986,13 +2986,13 @@ CVE-2011-4076
 	- nova 2012.1~e1-1
 	NOTE: https://bugs.launchpad.net/nova/+bug/868360
 	NOTE: the patch for this bug is available at https://review.openstack.org/#/c/794/
-CVE-2011-4075
+CVE-2011-4075 (The masort function in lib/functions.php in phpLDAPadmin 1.2.x before  ...)
 	{DSA-2333-1}
 	- phpldapadmin 1.2.0.5-2.1 (bug #646754)
-CVE-2011-4074
+CVE-2011-4074 (Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin 1. ...)
 	{DSA-2333-1}
 	- phpldapadmin 1.2.0.5-2.1 (bug #646769)
-CVE-2011-4073
+CVE-2011-4073 (Use-after-free vulnerability in the cryptographic helper handler funct ...)
 	{DSA-2374-1}
 	- openswan 1:2.6.37-1 (low; bug #650674)
 CVE-2011-4072
@@ -3001,107 +3001,107 @@ CVE-2011-4071
 	RESERVED
 CVE-2011-4070
 	RESERVED
-CVE-2011-4069
+CVE-2011-4069 (html/admin/login.php in PacketFence before 3.0.2 allows remote attacke ...)
 	NOT-FOR-US: PacketFence
-CVE-2011-4068
+CVE-2011-4068 (The check_password function in html/admin/login.php in PacketFence bef ...)
 	NOT-FOR-US: PacketFence
 CVE-2011-4067
 	RESERVED
-CVE-2011-4066
+CVE-2011-4066 (SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earl ...)
 	NOT-FOR-US: Gnuboard
 CVE-2011-4065
 	RESERVED
-CVE-2011-4063
+CVE-2011-4063 (chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x bef ...)
 	- asterisk 1:1.8.7.1~dfsg-1 (bug #647252)
 	[lenny] - asterisk <not-affected> (Only affects >= 1.8)
 	[squeeze] - asterisk <not-affected> (Only affects >= 1.8)
-CVE-2011-4062
+CVE-2011-4062 (Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows lo ...)
 	{DSA-2325-1}
 	- kfreebsd-10 10.0~svn226224-1
 	- kfreebsd-9 9.0~svn225873-1
 	- kfreebsd-8 8.2-11 (bug #645377)
 	- kfreebsd-7 <removed>
-CVE-2011-4061
+CVE-2011-4061 (Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) ...)
 	NOT-FOR-US: DB2
-CVE-2011-4060
+CVE-2011-4060 (The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 do ...)
 	NOT-FOR-US: QNX
 CVE-2011-4059
 	RESERVED
 CVE-2011-4058
 	RESERVED
-CVE-2011-4064
+CVE-2011-4064 (Cross-site scripting (XSS) vulnerability in the setup interface in php ...)
 	- phpmyadmin 4:3.4.6-1 (unimportant)
-CVE-2011-4057
+CVE-2011-4057 (Wibu-Systems AG CodeMeter Runtime 4.30c, 4.10b, and possibly other ver ...)
 	NOT-FOR-US: Wibu-Systems AG CodeMeter Runtime
-CVE-2011-4056
+CVE-2011-4056 (An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix Fac ...)
 	NOT-FOR-US: Siemens Tecnomatix
-CVE-2011-4055
+CVE-2011-4055 (Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix ...)
 	NOT-FOR-US: Siemens Tecnomatix
-CVE-2011-4054
+CVE-2011-4054 (Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder ...)
 	NOT-FOR-US: CA SiteMinder
-CVE-2011-4053
+CVE-2011-4053 (Untrusted search path vulnerability in 7-Technologies (7T) Interactive ...)
 	NOT-FOR-US: 7-Technologies (7T) Interactive Graphical SCADA System
-CVE-2011-4052
+CVE-2011-4052 (Stack-based buffer overflow in CEServer.exe in the CEServer component  ...)
 	NOT-FOR-US: InduSoft Web Studio
-CVE-2011-4051
+CVE-2011-4051 (CEServer.exe in the CEServer component in the Remote Agent module in I ...)
 	NOT-FOR-US: InduSoft Web Studio
-CVE-2011-4050
+CVE-2011-4050 (Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA Sys ...)
 	NOT-FOR-US: Interactive Graphical SCADA System
 CVE-2011-4049
 	RESERVED
-CVE-2011-4048
+CVE-2011-4048 (The Dell KACE K2000 System Deployment Appliance has a default username ...)
 	NOT-FOR-US: Dell appliance
-CVE-2011-4047
+CVE-2011-4047 (The Dell KACE K2000 System Deployment Appliance allows remote attacker ...)
 	NOT-FOR-US: Dell appliance
-CVE-2011-4046
+CVE-2011-4046 (The Dell KACE K2000 System Deployment Appliance stores the recovery ac ...)
 	NOT-FOR-US: Dell appliance
-CVE-2011-4045
+CVE-2011-4045 (Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in AR ...)
 	NOT-FOR-US: ARC Informatique
-CVE-2011-4044
+CVE-2011-4044 (An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVu ...)
 	NOT-FOR-US: ARC Informatique
-CVE-2011-4043
+CVE-2011-4043 (Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in A ...)
 	NOT-FOR-US: ARC Informatique
-CVE-2011-4042
+CVE-2011-4042 (An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVu ...)
 	NOT-FOR-US: ARC Informatique
-CVE-2011-4041
+CVE-2011-4041 (webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers t ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2011-4040
+CVE-2011-4040 (Buffer overflow in MiniSmtp 3.0.11818 in NJStar Communicator allows re ...)
 	NOT-FOR-US: NJStar Communicator
-CVE-2011-4039
+CVE-2011-4039 (Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in  ...)
 	NOT-FOR-US: Invensys Wonderware HMI Reports
-CVE-2011-4038
+CVE-2011-4038 (Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI Re ...)
 	NOT-FOR-US: Invensys Wonderware HMI Reports
-CVE-2011-4037
+CVE-2011-4037 (Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog ...)
 	NOT-FOR-US: Sielco Sistemi Winlog PRO
-CVE-2011-4036
+CVE-2011-4036 (Directory traversal vulnerability in Schneider Electric Vijeo Historia ...)
 	NOT-FOR-US: Schneider Electric Vijeo
-CVE-2011-4035
+CVE-2011-4035 (Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo H ...)
 	NOT-FOR-US: Schneider Electric Vijeo
-CVE-2011-4034
+CVE-2011-4034 (Buffer overflow in the Steema TeeChart ActiveX control, as used in Sch ...)
 	NOT-FOR-US: Steema TeeChart
-CVE-2011-4033
+CVE-2011-4033 (Buffer overflow in the Steema TeeChart ActiveX control, as used in Sch ...)
 	NOT-FOR-US: Steema TeeChart
 CVE-2011-4032
 	RESERVED
-CVE-2011-4031
+CVE-2011-4031 (Integer underflow in the asfrtp_parse_packet function in libavformat/r ...)
 	- libav 0.8-1 (bug #675767)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2011-4030
+CVE-2011-4030 (The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4 ...)
 	- plone3 <not-affected> (Only affects Plone 4.x)
-CVE-2011-4029
+CVE-2011-4029 (The LockServer function in os/utils.c in X.Org xserver before 1.11.2 a ...)
 	- xorg-server 2:1.11.1.901-2 (low)
 	[squeeze] - xorg-server 2:1.7.7-14
 	[lenny] - xorg-server <no-dsa> (Minor issue)
 	NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=b67581cf825940fdf52bf2e0af4330e695d724a4
 	NOTE: this has a poc now: http://web.archive.org/web/20111204204028/http://vladz.devzero.fr:80/Xorg-CVE-2011-4029.txt
-CVE-2011-4028
+CVE-2011-4028 (The LockServer function in os/utils.c in X.Org xserver before 1.11.2 a ...)
 	- xorg-server 2:1.11.1.901-2 (low)
 	[squeeze] - xorg-server 2:1.7.7-14
 	[lenny] - xorg-server <no-dsa> (Minor issue)
 	NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=6ba44b91e37622ef8c146d8f2ac92d708a18ed34
 CVE-2011-4027
 	RESERVED
-CVE-2011-4026
+CVE-2011-4026 (SQL injection vulnerability in thanks.php in NexusPHP 1.5 allows remot ...)
 	NOT-FOR-US: NexusPHP
 CVE-2011-XXXX [lintian disclosure of file presense]
 	- lintian 2.5.2 (unimportant)
@@ -3111,32 +3111,32 @@ CVE-2011-XXXX [0.1.1+dfsg-1 multiple issues]
 	[squeeze] - ibid 0.1.0+dfsg-2+squeeze1
 CVE-2011-4025
 	RESERVED
-CVE-2011-4024
+CVE-2011-4024 (Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Invent ...)
 	- ocsinventory-server 2.0.2-1 (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2011-4023
+CVE-2011-4023 (Memory leak in libcmd in Cisco NX-OS 5.0 on Nexus switches allows remo ...)
 	NOT-FOR-US: Cisco
-CVE-2011-4022
+CVE-2011-4022 (The sensor in Cisco Intrusion Prevention System (IPS) 7.0 and 7.1 allo ...)
 	NOT-FOR-US: Cisco
 CVE-2011-4021
 	RESERVED
 CVE-2011-4020
 	RESERVED
-CVE-2011-4019
+CVE-2011-4019 (Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2011-4018
 	RESERVED
 CVE-2011-4017
 	RESERVED
-CVE-2011-4016
+CVE-2011-4016 (The PPP implementation in Cisco IOS 12.2 and 15.0 through 15.2, when P ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-4015
+CVE-2011-4015 (Cisco IOS 15.2S allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-4014
+CVE-2011-4014 (The TAC Case Attachment tool in Cisco Wireless Control System (WCS) 7. ...)
 	NOT-FOR-US: Cisco
 CVE-2011-4013
 	RESERVED
-CVE-2011-4012
+CVE-2011-4012 (Cisco IOS 12.0, 15.0, and 15.1, when a Policy Feature Card 3C (PFC3C)  ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2011-4011
 	RESERVED
@@ -3146,172 +3146,172 @@ CVE-2011-4009
 	RESERVED
 CVE-2011-4008
 	RESERVED
-CVE-2011-4007
+CVE-2011-4007 (Cisco IOS 15.0 and 15.1 and IOS XE 3.x do not properly handle the "set ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-4006
+CVE-2011-4006 (The ESMTP inspection feature on Cisco Adaptive Security Appliances (AS ...)
 	NOT-FOR-US: Cisco
-CVE-2011-4005
+CVE-2011-4005 (Cross-site request forgery (CSRF) vulnerability in the Services Ready  ...)
 	NOT-FOR-US: Cisco SRP
-CVE-2011-4004
+CVE-2011-4004 (Buffer overflow in the ATAS32 processing functionality in the Cisco We ...)
 	NOT-FOR-US: Cisco Webex
 CVE-2011-4003
 	RESERVED
-CVE-2011-4002
+CVE-2011-4002 (HP no Mawashimono Nikki 6.6 and earlier allows remote attackers to exe ...)
 	NOT-FOR-US: HP no Mawashimono Nikki
-CVE-2011-4001
+CVE-2011-4001 (Directory traversal vulnerability in HP no Mawashimono Nikki 6.6 and e ...)
 	NOT-FOR-US: HP no Mawashimono Nikki
-CVE-2011-4000
+CVE-2011-4000 (Buffer overflow in ChaSen 2.4.x allows remote attackers to execute arb ...)
 	{DSA-2361-1}
 	- chasen 2.4.4-17 (medium; bug #648359)
-CVE-2011-3999
+CVE-2011-3999 (Cross-site scripting (XSS) vulnerability in the RSS/Atom feed-reader i ...)
 	NOT-FOR-US: Iwate Portal Bar
-CVE-2011-3998
+CVE-2011-3998 (Cross-site scripting (XSS) vulnerability in Apple WebObjects 5.2 and e ...)
 	NOT-FOR-US: Apple WebObjects
-CVE-2011-3997
+CVE-2011-3997 (Opengear console servers with firmware before 2.2.1 allow remote attac ...)
 	NOT-FOR-US: Opengear
-CVE-2011-3996
+CVE-2011-3996 (The LiveData Service in CSWorks before 2.0.4115.1 allows remote attack ...)
 	NOT-FOR-US: CSWorks
-CVE-2011-3995
+CVE-2011-3995 (Unspecified vulnerability in Twilight Frontier Touhou Hisouten 1.06 an ...)
 	NOT-FOR-US: Twilight Frontier Touhou Hisouten
-CVE-2011-3994
+CVE-2011-3994 (Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS before ...)
 	NOT-FOR-US: Movable Type plugin
-CVE-2011-3993
+CVE-2011-3993 (SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, ...)
 	NOT-FOR-US: Movable Type plugin
-CVE-2011-3992
+CVE-2011-3992 (Buffer overflow in the SSH server functionality on the D-Link DES-3800 ...)
 	NOT-FOR-US: D-Link device
-CVE-2011-3991
+CVE-2011-3991 (Untrusted search path vulnerability in FFFTP 1.98a and earlier allows  ...)
 	NOT-FOR-US: FFFTP
-CVE-2011-3990
+CVE-2011-3990 (Cross-site scripting (XSS) vulnerability in plugin/comment.inc.php in  ...)
 	NOT-FOR-US: PukiWiki
-CVE-2011-3989
+CVE-2011-3989 (SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows re ...)
 	NOT-FOR-US: DBD::mysqlPP Perl module
-CVE-2011-3988
+CVE-2011-3988 (SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE 2.11 ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2011-3987
+CVE-2011-3987 (dtsoftbus01.sys in DAEMON Tools Lite before 4.41.3, Pro Standard befor ...)
 	NOT-FOR-US: DAEMON Tools
-CVE-2011-3986
+CVE-2011-3986 (Cross-site scripting (XSS) vulnerability in Pligg before 1.2.0 allows  ...)
 	NOT-FOR-US: Pligg
-CVE-2011-3985
+CVE-2011-3985 (Cross-site scripting (XSS) vulnerability in Plume before 1.2.3 allows  ...)
 	NOT-FOR-US: Plume
-CVE-2011-3984
+CVE-2011-3984 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and ...)
 	NOT-FOR-US: KENT-WEB WEB FORUM
-CVE-2011-3983
+CVE-2011-3983 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and ...)
 	NOT-FOR-US: KENT-WEB WEB FORUM
-CVE-2011-3982
+CVE-2011-3982 (The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 do ...)
 	NOT-FOR-US: IBM AIX driver
-CVE-2011-3981
+CVE-2011-3981 (PHP remote file inclusion vulnerability in actions.php in the Allwebme ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2011-3980
+CVE-2011-3980 (Unspecified vulnerability in the Drag Drop Mass Upload (ameos_dragndro ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2011-3979
+CVE-2011-3979 (Cross-site scripting (XSS) vulnerability in ztemp/view_compiled/Theme/ ...)
 	NOT-FOR-US: Zikula Application Framework
-CVE-2011-3978
+CVE-2011-3978 (Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy.php  ...)
 	NOT-FOR-US: LightNEasy
-CVE-2011-3977
+CVE-2011-3977 (Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x b ...)
 	NOT-FOR-US: NoMachine NX components
-CVE-2011-3976
+CVE-2011-3976 (Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows remote FTP ...)
 	NOT-FOR-US: AmmSoft ScriptFTP
-CVE-2011-3975
+CVE-2011-3975 (A certain HTC update for Android 2.3.4 build GRJ22, when the Sense int ...)
 	NOT-FOR-US: HTC Android
-CVE-2011-3974
+CVE-2011-3974 (Integer signedness error in the decode_residual_inter function in cavs ...)
 	{DSA-2336-1}
 	- libav 4:0.7.1-7 (bug #641478)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
-CVE-2011-3973
+CVE-2011-3973 (cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3  ...)
 	{DSA-2336-1}
 	- libav 4:0.7.1-7 (bug #641478)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
-CVE-2011-3972
+CVE-2011-3972 (The shader translator implementation in Google Chrome before 17.0.963. ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3971
+CVE-2011-3971 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 allow ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3970
+CVE-2011-3970 (libxslt, as used in Google Chrome before 17.0.963.46, allows remote at ...)
 	- libxslt 1.1.26-11 (low; bug #660650)
 	[squeeze] - libxslt 1.1.26-6+squeeze1
-CVE-2011-3969
+CVE-2011-3969 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 allow ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3968
+CVE-2011-3968 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 allow ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3967
+CVE-2011-3967 (Unspecified vulnerability in Google Chrome before 17.0.963.46 allows r ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3966
+CVE-2011-3966 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 allow ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3965
+CVE-2011-3965 (Google Chrome before 17.0.963.46 does not properly check signatures, w ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3964
+CVE-2011-3964 (Google Chrome before 17.0.963.46 does not properly implement the drag- ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3963
+CVE-2011-3963 (Google Chrome before 17.0.963.46 does not properly handle PDF FAX imag ...)
 	- chromium-browser <not-affected> (Only affects proprietary Chrome)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3962
+CVE-2011-3962 (Google Chrome before 17.0.963.46 does not properly perform path clippi ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3961
+CVE-2011-3961 (Race condition in Google Chrome before 17.0.963.46 allows remote attac ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3960
+CVE-2011-3960 (Google Chrome before 17.0.963.46 does not properly decode audio data,  ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3959
+CVE-2011-3959 (Buffer overflow in the locale implementation in Google Chrome before 1 ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3958
+CVE-2011-3958 (Google Chrome before 17.0.963.46 does not properly perform casts of va ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3957
+CVE-2011-3957 (Use-after-free vulnerability in the garbage-collection functionality i ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3956
+CVE-2011-3956 (The extension implementation in Google Chrome before 17.0.963.46 does  ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3955
+CVE-2011-3955 (Google Chrome before 17.0.963.46 allows remote attackers to cause a de ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3954
+CVE-2011-3954 (Google Chrome before 17.0.963.46 allows remote attackers to cause a de ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3953
+CVE-2011-3953 (Google Chrome before 17.0.963.46 does not prevent monitoring of the cl ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3952
+CVE-2011-3952 (The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 ...)
 	{DSA-2494-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2011-3951
+CVE-2011-3951 (The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg befor ...)
 	{DSA-2494-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2011-3950
+CVE-2011-3950 (The dirac_decode_data_unit function in libavcodec/diracdec.c in FFmpeg ...)
 	- libav <not-affected> (Specific to newer ffmpeg after split)
 	- ffmpeg <not-affected> (Specific to newer ffmpeg after split)
-CVE-2011-3949
+CVE-2011-3949 (The dirac_unpack_idwt_params function in libavcodec/diracdec.c in FFmp ...)
 	- libav <not-affected> (Specific to newer ffmpeg after split)
 	- ffmpeg <not-affected> (Specific to newer ffmpeg after split)
 CVE-2011-3948
 	RESERVED
-CVE-2011-3947
+CVE-2011-3947 (Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0. ...)
 	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2011-3946
+CVE-2011-3946 (The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg bef ...)
 	{DSA-3003-1}
 	- libav 6:10.3-1 (unimportant)
 	- ffmpeg 7:2.4.1-1 (unimportant)
 	NOTE: Not suitable for code injection, not treated as security issue
-CVE-2011-3945
+CVE-2011-3945 (The decode_frame function in the KVG1 decoder (kgv1dec.c) in libavcode ...)
 	- libav 4:0.8.1-1
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2011-3944
+CVE-2011-3944 (The smacker_decode_header_tree function in libavcodec/smacker.c in FFm ...)
 	{DSA-2855-1}
 	- libav 6:9.10-1
 	- ffmpeg 7:2.4.1-1
@@ -3321,12 +3321,12 @@ CVE-2011-3943
 	RESERVED
 CVE-2011-3942
 	RESERVED
-CVE-2011-3941
+CVE-2011-3941 (The decode_mb function in libavcodec/error_resilience.c in FFmpeg befo ...)
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=6193ff68549ecbaf1a4d63a0e06964ec580ac620
-CVE-2011-3940
+CVE-2011-3940 (nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before  ...)
 	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
@@ -3334,19 +3334,19 @@ CVE-2011-3939
 	RESERVED
 CVE-2011-3938
 	RESERVED
-CVE-2011-3937
+CVE-2011-3937 (The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12,  ...)
 	- libav 6:0.8.3-1
 	- ffmpeg <not-affected> (Vulnerable code not present, introduced in 0.7)
-CVE-2011-3936
+CVE-2011-3936 (The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before 0.7 ...)
 	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2011-3935
+CVE-2011-3935 (The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows ...)
 	{DSA-3003-1}
 	- libav 6:10-1
 	- ffmpeg <not-affected> (vuln. code not present, introduced later)
 	NOTE: [Diego] applies to 0.8 and 9 only, cherrypicked fixes on ML
-CVE-2011-3934
+CVE-2011-3934 (Double free vulnerability in the vp3_update_thread_context function in ...)
 	{DSA-3003-1}
 	- libav 6:10-1 (unimportant)
 	- ffmpeg 7:2.4.1-1 (unimportant)
@@ -3360,23 +3360,23 @@ CVE-2011-3931
 	RESERVED
 CVE-2011-3930
 	RESERVED
-CVE-2011-3929
+CVE-2011-3929 (The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x be ...)
 	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2011-3928
+CVE-2011-3928 (Use-after-free vulnerability in Google Chrome before 16.0.912.77 allow ...)
 	- chromium-browser 16.0.912.77~r118311-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3927
+CVE-2011-3927 (Skia, as used in Google Chrome before 16.0.912.77, does not perform al ...)
 	- chromium-browser 16.0.912.77~r118311-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3926
+CVE-2011-3926 (Heap-based buffer overflow in the tree builder in Google Chrome before ...)
 	- chromium-browser 16.0.912.77~r118311-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3925
+CVE-2011-3925 (Use-after-free vulnerability in the Safe Browsing feature in Google Ch ...)
 	- chromium-browser 16.0.912.77~r118311-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3924
+CVE-2011-3924 (Use-after-free vulnerability in Google Chrome before 16.0.912.77 allow ...)
 	- chromium-browser 16.0.912.77~r118311-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2011-3923 [struts ParameterInterceptor remote code execution]
@@ -3384,71 +3384,71 @@ CVE-2011-3923 [struts ParameterInterceptor remote code execution]
 	- libstruts1.2-java <not-affected> (Only affects 2.x)
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-009
 	NOTE: http://blog.o0o.nu/2012/01/cve-2011-3923-yet-another-struts2.html
-CVE-2011-3922
+CVE-2011-3922 (Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows ...)
 	- chromium-browser 16.0.912.75~r116452-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3921
+CVE-2011-3921 (Use-after-free vulnerability in Google Chrome before 16.0.912.75 allow ...)
 	- chromium-browser 16.0.912.75~r116452-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2011-3920
 	RESERVED
-CVE-2011-3919
+CVE-2011-3919 (Heap-based buffer overflow in libxml2, as used in Google Chrome before ...)
 	{DSA-2394-1}
 	- chromium-browser 16.0.912.75~r116452-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libxml2 2.7.8.dfsg-7 (bug #656377)
-CVE-2011-3918
+CVE-2011-3918 (The Zygote process in Android 4.0.3 and earlier accepts fork requests  ...)
 	NOT-FOR-US: Android
-CVE-2011-3917
+CVE-2011-3917 (Stack-based buffer overflow in FileWatcher in Google Chrome before 16. ...)
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3916
+CVE-2011-3916 (Google Chrome before 16.0.912.63 does not properly handle PDF cross re ...)
 	- chromium-browser <not-affected> (Chrome pdf plugin)
-CVE-2011-3915
+CVE-2011-3915 (Buffer overflow in Google Chrome before 16.0.912.63 allows remote atta ...)
 	- chromium-browser <not-affected> (Chrome pdf plugin)
 	- webkit <not-affected> (Chrome pdf plugin)
-CVE-2011-3914
+CVE-2011-3914 (The internationalization (aka i18n) functionality in Google V8, as use ...)
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (v8-i18n chrome issue)
-CVE-2011-3913
+CVE-2011-3913 (Use-after-free vulnerability in Google Chrome before 16.0.912.63 allow ...)
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/100827
-CVE-2011-3912
+CVE-2011-3912 (Use-after-free vulnerability in Google Chrome before 16.0.912.63 allow ...)
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/100502
-CVE-2011-3911
+CVE-2011-3911 (Google Chrome before 16.0.912.63 does not properly handle PDF document ...)
 	- chromium-browser <not-affected> (Chrome pdf plugin)
 	- webkit <not-affected> (Chrome pdf plugin)
-CVE-2011-3910
+CVE-2011-3910 (Google Chrome before 16.0.912.63 does not properly handle YUV video fr ...)
 	- chromium-browser 16.0.912.63~r113337-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3909
+CVE-2011-3909 (The Cascading Style Sheets (CSS) implementation in Google Chrome befor ...)
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/98374
-CVE-2011-3908
+CVE-2011-3908 (Google Chrome before 16.0.912.63 does not properly parse SVG documents ...)
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/99025
-CVE-2011-3907
+CVE-2011-3907 (The view-source feature in Google Chrome before 16.0.912.63 allows rem ...)
 	- chromium-browser 16.0.912.63~r113337-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3906
+CVE-2011-3906 (The PDF parser in Google Chrome before 16.0.912.63 allows remote attac ...)
 	- chromium-browser <not-affected> (Chrome pdf plugin)
 	- webkit <not-affected> (Chrome pdf plugin)
-CVE-2011-3905
+CVE-2011-3905 (libxml2, as used in Google Chrome before 16.0.912.63, allows remote at ...)
 	{DSA-2394-1}
 	- libxml2 2.7.8.dfsg-5.1 (bug #652352)
-CVE-2011-3904
+CVE-2011-3904 (Use-after-free vulnerability in Google Chrome before 16.0.912.63 allow ...)
 	- chromium-browser 16.0.912.63~r113337-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/99462
-CVE-2011-3903
+CVE-2011-3903 (Google Chrome before 16.0.912.63 does not properly perform regex match ...)
 	- chromium-browser 16.0.912.63~r113337-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
@@ -3456,7 +3456,7 @@ CVE-2011-3902
 	RESERVED
 CVE-2011-3901
 	RESERVED
-CVE-2011-3900
+CVE-2011-3900 (Google V8, as used in Google Chrome before 15.0.874.121, allows remote ...)
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
 	- libv8 3.5.10.24
@@ -3464,29 +3464,29 @@ CVE-2011-3900
 	[squeeze] - libv8 <not-affected>
 CVE-2011-3899
 	RESERVED
-CVE-2011-3898
+CVE-2011-3898 (Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) ...)
 	- chromium-browser 15.0.874.121~r109964-1 (unimportant)
 	- webkit <not-affected> (Chrome issue)
-CVE-2011-3897
+CVE-2011-3897 (Use-after-free vulnerability in Google Chrome before 15.0.874.120 allo ...)
 	- chromium-browser 15.0.874.121~r109964-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/99023
-CVE-2011-3896
+CVE-2011-3896 (Buffer overflow in Google Chrome before 15.0.874.120 allows remote att ...)
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3895
+CVE-2011-3895 (Heap-based buffer overflow in the Vorbis decoder in Google Chrome befo ...)
 	{DSA-2471-1}
 	- chromium-browser 15.0.874.121~r109964-1
 	[squeeze] - chromium-browser <end-of-life>
 	- webkit <not-affected> (Chrome issue)
 	- ffmpeg 7:2.4.1-1
 	- libav 4:0.8~beta2-1 (bug #654534; bug #654573)
-CVE-2011-3894
+CVE-2011-3894 (Google Chrome before 15.0.874.120 does not properly perform VP8 decodi ...)
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3893
+CVE-2011-3893 (Google Chrome before 15.0.874.120 does not properly implement the MKV  ...)
 	{DSA-2471-1}
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
@@ -3496,7 +3496,7 @@ CVE-2011-3893
 	NOTE: this is due to http://llvm.org/bugs/show_bug.cgi?id=7554
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=106599
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=106621
-CVE-2011-3892
+CVE-2011-3892 (Double free vulnerability in the Theora decoder in Google Chrome befor ...)
 	{DSA-2471-1}
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
@@ -3504,75 +3504,75 @@ CVE-2011-3892
 	- libav 4:0.8~beta2-1 (bug #654534; bug #654571)
 	- ffmpeg 7:2.4.1-1
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=107489
-CVE-2011-3891
+CVE-2011-3891 (Google Chrome before 15.0.874.102 does not properly restrict access to ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3890
+CVE-2011-3890 (Use-after-free vulnerability in Google Chrome before 15.0.874.102 allo ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/97451
-CVE-2011-3889
+CVE-2011-3889 (Heap-based buffer overflow in the Web Audio implementation in Google C ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/96843
-CVE-2011-3888
+CVE-2011-3888 (Use-after-free vulnerability in Google Chrome before 15.0.874.102 allo ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/96868
-CVE-2011-3887
+CVE-2011-3887 (Google Chrome before 15.0.874.102 does not properly handle javascript: ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/96260
-CVE-2011-3886
+CVE-2011-3886 (Google V8, as used in Google Chrome before 15.0.874.102, allows remote ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	- webkit <not-affected> (Chrome issue)
 	- libv8 3.6
 	[squeeze] - libv8 <not-affected>
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3885
+CVE-2011-3885 (Use-after-free vulnerability in Google Chrome before 15.0.874.102 allo ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/97402
-CVE-2011-3884
+CVE-2011-3884 (Google Chrome before 15.0.874.102 does not properly address timing iss ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3883
+CVE-2011-3883 (Use-after-free vulnerability in Google Chrome before 15.0.874.102 allo ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/96632
-CVE-2011-3882
+CVE-2011-3882 (Use-after-free vulnerability in Google Chrome before 15.0.874.102 allo ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3881
+CVE-2011-3881 (WebKit, as used in Google Chrome before 15.0.874.102 and Android befor ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/97353
-CVE-2011-3880
+CVE-2011-3880 (Google Chrome before 15.0.874.102 does not prevent use of an unspecifi ...)
 	- chromium-browser 15.0.874.106~r107270-1 (unimportant)
 	- webkit <not-affected> (Chrome issue)
-CVE-2011-3879
+CVE-2011-3879 (Google Chrome before 15.0.874.102 does not prevent redirects to chrome ...)
 	- chromium-browser 15.0.874.106~r107270-1 (unimportant)
 	NOTE: http://trac.webkit.org/changeset/96610
-CVE-2011-3878
+CVE-2011-3878 (Race condition in Google Chrome before 15.0.874.102 allows remote atta ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/96999
-CVE-2011-3877
+CVE-2011-3877 (Cross-site scripting (XSS) vulnerability in the appcache internals pag ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-3876
+CVE-2011-3876 (Google Chrome before 15.0.874.102 does not properly handle downloading ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3875
+CVE-2011-3875 (Google Chrome before 15.0.874.102 does not properly handle drag and dr ...)
 	- chromium-browser 15.0.874.106~r107270-1 (unimportant)
 	- webkit <not-affected> (Chrome issue)
-CVE-2011-3874
+CVE-2011-3874 (Stack-based buffer overflow in libsysutils in Android 2.2.x through 2. ...)
 	NOT-FOR-US: Android
-CVE-2011-3873
+CVE-2011-3873 (Google Chrome before 14.0.835.202 does not properly implement shader t ...)
 	- chromium-browser 14.0.835.202~r103287-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
@@ -3581,393 +3581,393 @@ CVE-2011-XXXX [Fix file indirectory injection]
 	[squeeze] - puppet 2.6.2-5+squeeze1
 	NOTE: Only exploitable during build/test suite run
 	NOTE: DSA-2314-1
-CVE-2011-3872
+CVE-2011-3872 (Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterpri ...)
 	{DSA-2352-1}
 	- puppet 2.7.6-1
-CVE-2011-3871
+CVE-2011-3871 (Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when runni ...)
 	{DSA-2314-1}
 	- puppet 2.7.3-3
-CVE-2011-3870
+CVE-2011-3870 (Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows loca ...)
 	{DSA-2314-1}
 	- puppet 2.7.3-3
-CVE-2011-3869
+CVE-2011-3869 (Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows loca ...)
 	{DSA-2314-1}
 	- puppet 2.7.3-3
-CVE-2011-3868
+CVE-2011-3868 (Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player  ...)
 	NOT-FOR-US: Vmware
 CVE-2011-3867
 	REJECTED
-CVE-2011-3866
+CVE-2011-3866 (Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly re ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3865
+CVE-2011-3865 (Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3864
+CVE-2011-3864 (Cross-site scripting (XSS) vulnerability in the The Erudite theme befo ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3863
+CVE-2011-3863 (Cross-site scripting (XSS) vulnerability in the RedLine theme before 1 ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3862
+CVE-2011-3862 (Cross-site scripting (XSS) vulnerability in the Morning Coffee theme b ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3861
+CVE-2011-3861 (Cross-site scripting (XSS) vulnerability in the Web Minimalist 200901  ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3860
+CVE-2011-3860 (Cross-site scripting (XSS) vulnerability in the Cover WP theme before  ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3859
+CVE-2011-3859 (Cross-site scripting (XSS) vulnerability in the Trending theme before  ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3858
+CVE-2011-3858 (Cross-site scripting (XSS) vulnerability in the Pixiv Custom theme bef ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3857
+CVE-2011-3857 (Cross-site scripting (XSS) vulnerability in the Antisnews theme before ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3856
+CVE-2011-3856 (Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme b ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3855
+CVE-2011-3855 (Cross-site scripting (XSS) vulnerability in the F8 Lite theme before 4 ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3854
+CVE-2011-3854 (Cross-site scripting (XSS) vulnerability in the ZenLite theme before 4 ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3853
+CVE-2011-3853 (Cross-site scripting (XSS) vulnerability in the Hybrid theme before 0. ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3852
+CVE-2011-3852 (Cross-site scripting (XSS) vulnerability in the EvoLve theme before 1. ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3851
+CVE-2011-3851 (Cross-site scripting (XSS) vulnerability in the News theme before 0.2  ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3850
+CVE-2011-3850 (Cross-site scripting (XSS) vulnerability in the Atahualpa theme before ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3849
+CVE-2011-3849 (Unspecified vulnerability in dxserver before 6279 in CA Directory 8.1  ...)
 	NOT-FOR-US: CA Directory
-CVE-2011-3848
+CVE-2011-3848 (Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2. ...)
 	{DSA-2314-1}
 	- puppet 2.7.3-2
 CVE-2011-3847
 	RESERVED
-CVE-2011-3846
+CVE-2011-3846 (Cross-site request forgery (CSRF) vulnerability in HP System Managemen ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2011-3845
+CVE-2011-3845 (Use-after-free vulnerability in Apple Safari 5.1.2, when a plug-in wit ...)
 	NOT-FOR-US: Apple Safari
-CVE-2011-3844
+CVE-2011-3844 (Apple Safari 5.0.5 does not properly implement the setInterval functio ...)
 	NOT-FOR-US: Apple Safari
 CVE-2011-3843
 	RESERVED
 CVE-2011-3842
 	RESERVED
-CVE-2011-3841
+CVE-2011-3841 (Cross-site scripting (XSS) vulnerability in uploadify/get_profile_avat ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2011-3840
 	RESERVED
-CVE-2011-3839
+CVE-2011-3839 (The administration functionality in Wuzly 2.0 allows remote attackers  ...)
 	NOT-FOR-US: Wuzly
-CVE-2011-3838
+CVE-2011-3838 (Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attac ...)
 	NOT-FOR-US: Wuzly
-CVE-2011-3837
+CVE-2011-3837 (Directory traversal vulnerability in blog_system/data_functions.php in ...)
 	NOT-FOR-US: Wuzly
-CVE-2011-3836
+CVE-2011-3836 (Multiple cross-site request forgery (CSRF) vulnerabilities in Wuzly 2. ...)
 	NOT-FOR-US: Wuzly
-CVE-2011-3835
+CVE-2011-3835 (Multiple cross-site scripting (XSS) vulnerabilities in Wuzly 2.0 allow ...)
 	NOT-FOR-US: Wuzly
-CVE-2011-3834
+CVE-2011-3834 (Multiple integer overflows in the in_avi.dll plugin in Winamp before 5 ...)
 	NOT-FOR-US: Winamp
-CVE-2011-3833
+CVE-2011-3833 (Unrestricted file upload vulnerability in ftp_upload_file.php in Suppo ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-3832
+CVE-2011-3832 (Eval injection vulnerability in config.php in Support Incident Tracker ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-3831
+CVE-2011-3831 (SQL injection vulnerability in incident_attachments.php in Support Inc ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-3830
+CVE-2011-3830 (Cross-site scripting (XSS) vulnerability in search.php in Support Inci ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-3829
+CVE-2011-3829 (ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2011-3828
+CVE-2011-3828 (DVRemoteAx.ax 2.1.0.39 in the DVR Remote ActiveX control allows remote ...)
 	NOT-FOR-US: DVR Remote
-CVE-2011-3827
+CVE-2011-3827 (The iCalendar component in gwwww1.dll in GroupWise Internet Agent (GWI ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-3826
+CVE-2011-3826 (Zikula 1.2.4 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3825
+CVE-2011-3825 (Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3824
+CVE-2011-3824 (Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3823
+CVE-2011-3823 (Yamamah 1.0 allows remote attackers to obtain sensitive information vi ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3822
+CVE-2011-3822 (XOOPS 2.5.0 allows remote attackers to obtain sensitive information vi ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3821
+CVE-2011-3821 (xajax 0.6 beta1 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3820
+CVE-2011-3820 (WSN Software 6.0.6 allows remote attackers to obtain sensitive informa ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3819
+CVE-2011-3819 (WoW Server Status 4.1 allows remote attackers to obtain sensitive info ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3818
+CVE-2011-3818 (WordPress 2.9.2 and 3.0.4 allows remote attackers to obtain sensitive  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3817
+CVE-2011-3817 (Website Baker 2.8.1 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3816
+CVE-2011-3816 (WEBinsta mailing list manager 1.3e allows remote attackers to obtain s ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3815
+CVE-2011-3815 (WeBid 1.0.0 allows remote attackers to obtain sensitive information vi ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3814
+CVE-2011-3814 (WebCalendar 1.2.3, and other versions before 1.2.5, allows remote atta ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3813
+CVE-2011-3813 (Virtual War (aka VWar) 1.5.0r15 allows remote attackers to obtain sens ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3812
+CVE-2011-3812 (Vanilla 2.0.16 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3811
+CVE-2011-3811 (TomatoCart 1.1.3 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3810
+CVE-2011-3810 (TinyWebGallery (TWG) 1.8.3 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3809
+CVE-2011-3809 (TheHostingTool (THT) 1.2.3 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3808
+CVE-2011-3808 (The Bug Genie 2.1.2 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3807
+CVE-2011-3807 (Textpattern 4.2.0 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3806
+CVE-2011-3806 (TCExam 11.1.015 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3805
+CVE-2011-3805 (TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3804
+CVE-2011-3804 (SweetRice 0.7.1 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3803
+CVE-2011-3803 (SugarCRM 6.1.0 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3802
+CVE-2011-3802 (StatusNet 0.9.6 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3801
+CVE-2011-3801 (SimpleTest 1.0.1 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3800
+CVE-2011-3800 (Serendipity 1.5.5 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3799
+CVE-2011-3799 (ReOS 2.0.5 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3798
+CVE-2011-3798 (Rapid Leech 2.3-v42-svn322 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3797
+CVE-2011-3797 (ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3796
+CVE-2011-3796 (PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive informa ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3795
+CVE-2011-3795 (Podcast Generator 1.3 allows remote attackers to obtain sensitive info ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3794
+CVE-2011-3794 (Pligg CMS 1.1.3 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3793
+CVE-2011-3793 (Pixie 1.04 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3792
+CVE-2011-3792 (Pixelpost 1.7.3 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3791
+CVE-2011-3791 (Piwik 1.1 allows remote attackers to obtain sensitive information via  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3790
+CVE-2011-3790 (Piwigo 2.1.5 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3789
+CVE-2011-3789 (phpwcms 1.4.7 r412 allows remote attackers to obtain sensitive informa ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3788
+CVE-2011-3788 (PhpSecInfo 0.2.1 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3787
+CVE-2011-3787 (phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive infor ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3786
+CVE-2011-3786 (PHProjekt 6.0.5 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3785
+CVE-2011-3785 (PHP Point Of Sale (POS) 10.7 allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3784
+CVE-2011-3784 (Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3783
+CVE-2011-3783 (phpMyFAQ 2.6.13 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3782
+CVE-2011-3782 (phpLD 2-151.2.0 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3781
+CVE-2011-3781 (PHPIDS 0.6.5 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3780
+CVE-2011-3780 (PHP iCalendar 2.4 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3779
+CVE-2011-3779 (PhpHostBot 2.0 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3778
+CVE-2011-3778 (PhpGedView 4.2.3 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3777
+CVE-2011-3777 (phpFreeChat 1.3 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3776
+CVE-2011-3776 (phpFormGenerator 2.09 allows remote attackers to obtain sensitive info ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3775
+CVE-2011-3775 (PHPfileNavigator 2.3.3 allows remote attackers to obtain sensitive inf ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3774
+CVE-2011-3774 (php Easy Survey Package (phpESP) 2.1.1 allows remote attackers to obta ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3773
+CVE-2011-3773 (PHPDevShell 3.0.0-Beta-4b allows remote attackers to obtain sensitive  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3772
+CVE-2011-3772 (phpCollab 2.5 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3771
+CVE-2011-3771 (phpBook 2.1.0 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3770
+CVE-2011-3770 (phpAlbum 0.4.1.14 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3769
+CVE-2011-3769 (PHPads 2.0 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3768
+CVE-2011-3768 (Phorum 5.2.15a allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3767
+CVE-2011-3767 (osCommerce 3.0a5 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3766
+CVE-2011-3766 (OrangeHRM 2.6.0.2 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3765
+CVE-2011-3765 (Open-Realty 2.5.8 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3764
+CVE-2011-3764 (OpenDocMan 1.2.6-svn-2011-01-21 allows remote attackers to obtain sens ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3763
+CVE-2011-3763 (OpenCart 1.4.9.3 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3762
+CVE-2011-3762 (OpenBlog 1.2.1 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3761
+CVE-2011-3761 (NuSOAP 0.9.5 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3760
+CVE-2011-3760 (Nucleus 3.61 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3759
+CVE-2011-3759 (MyBB (aka MyBulletinBoard) 1.6 allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3758
+CVE-2011-3758 (::mound:: 2.1.6 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3757
+CVE-2011-3757 (Moodle 2.0.1 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3756
+CVE-2011-3756 (MicroBlog 0.9.5 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3755
+CVE-2011-3755 (MantisBT 1.2.4 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3754
+CVE-2011-3754 (Mambo 4.6.5 allows remote attackers to obtain sensitive information vi ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3753
+CVE-2011-3753 (LinPHA 1.3.4 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3752
+CVE-2011-3752 (LimeSurvey 1.90+ build9642-20101214 allows remote attackers to obtain  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3751
+CVE-2011-3751 (LifeType 1.2.10 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3750
+CVE-2011-3750 (kPlaylist 1.8.502 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3749
+CVE-2011-3749 (ka-Map 1.0-20070205 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3748
+CVE-2011-3748 (Kamads Classifieds 2_B3 allows remote attackers to obtain sensitive in ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3747
+CVE-2011-3747 (Joomla! 1.6.0 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3746
+CVE-2011-3746 (Jcow 4.2.1 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3745
+CVE-2011-3745 (HycusCMS 1.0.3 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3744
+CVE-2011-3744 (HTML Purifier 4.2.0 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3743
+CVE-2011-3743 (Hesk 2.2 allows remote attackers to obtain sensitive information via a ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3742
+CVE-2011-3742 (HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive info ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3741
+CVE-2011-3741 (Ganglia 3.1.7 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3740
+CVE-2011-3740 (FrontAccounting 2.3.1 allows remote attackers to obtain sensitive info ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3739
+CVE-2011-3739 (Freeway 1.5 Alpha allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3738
+CVE-2011-3738 (Feng Office 1.7.2 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3737
+CVE-2011-3737 (eyeOS 2.2.0.0 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3736
+CVE-2011-3736 (ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3735
+CVE-2011-3735 (Escort Agency CMS (aka escort-agency-cms) allows remote attackers to o ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3734
+CVE-2011-3734 (Energine 2.3.8 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3733
+CVE-2011-3733 (Elgg 1.7.6 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3732
+CVE-2011-3732 (eggBlog 4.1.2 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3731
+CVE-2011-3731 (e107 0.7.24 allows remote attackers to obtain sensitive information vi ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3730
+CVE-2011-3730 (Drupal 7.0 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3729
+CVE-2011-3729 (dotproject 2.1.4 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3728
+CVE-2011-3728 (Dolphin 7.0.4 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3727
+CVE-2011-3727 (DokuWiki 2009-12-25c allows remote attackers to obtain sensitive infor ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3726
+CVE-2011-3726 (DoceboLMS 4.0.4 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3725
+CVE-2011-3725 (DeluxeBB 1.3 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3724
+CVE-2011-3724 (CubeCart 4.4.3 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3723
+CVE-2011-3723 (Crafty Syntax 3.0.2 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3722
+CVE-2011-3722 (Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to obtai ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3721
+CVE-2011-3721 (concrete 5.4.0.5, 5.4.1, and 5.4.1.1 allows remote attackers to obtain ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3720
+CVE-2011-3720 (conceptcms 5.3.1, 5.3.3, and possibly other versions allows remote att ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3719
+CVE-2011-3719 (CodeIgniter 1.7.2 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3718
+CVE-2011-3718 (CMS Made Simple (CMSMS) 1.9.2 allows remote attackers to obtain sensit ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3717
+CVE-2011-3717 (ClipBucket 2.0.9 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3716
+CVE-2011-3716 (Claroline 1.9.7 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3715
+CVE-2011-3715 (ClanTiger 1.1.3 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3714
+CVE-2011-3714 (ClanSphere 2010.0 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3713
+CVE-2011-3713 (cFTP r80 allows remote attackers to obtain sensitive information via a ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3712
+CVE-2011-3712 (CakePHP 1.3.7 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3711
+CVE-2011-3711 (BIGACE 2.7.5 allows remote attackers to obtain sensitive information v ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3710
+CVE-2011-3710 (bbPress 1.0.2 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3709
+CVE-2011-3709 (b2evolution 3.3.3 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3708
+CVE-2011-3708 (Automne 4.0.2 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3707
+CVE-2011-3707 (JanRain PHP OpenID library (aka php-openid) 2.2.2 allows remote attack ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3706
+CVE-2011-3706 (ATutor 2.0 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3705
+CVE-2011-3705 (Arctic Fox CMS 0.9.4 allows remote attackers to obtain sensitive infor ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3704
+CVE-2011-3704 (appRain 0.1.0 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3703
+CVE-2011-3703 (AneCMS 1.0 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3702
+CVE-2011-3702 (Ananta Gazelle 1.0 allows remote attackers to obtain sensitive informa ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3701
+CVE-2011-3701 (AlegroCart 1.2.3 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3700
+CVE-2011-3700 (Advanced Electron Forum (AEF) 1.0.8 allows remote attackers to obtain  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3699
+CVE-2011-3699 (John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain  ...)
 	- libphp-adodb <unfixed> (unimportant)
 	NOTE: path is already known
-CVE-2011-3698
+CVE-2011-3698 (AdaptCMS 2.0.2 Beta allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3697
+CVE-2011-3697 (Achievo 1.4.5 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3696
+CVE-2011-3696 (60cycleCMS 2.5.2 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3695
+CVE-2011-3695 (111WebCalendar 1.2.3 allows remote attackers to obtain sensitive infor ...)
 	NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
-CVE-2011-3694
+CVE-2011-3694 (The Server Administration Console in NetSaro Enterprise Messenger Serv ...)
 	NOT-FOR-US: NetSaro Enterprise Messenger
-CVE-2011-3693
+CVE-2011-3693 (NetSaro Enterprise Messenger Server 2.0 allows local users to discover ...)
 	NOT-FOR-US: NetSaro Enterprise Messenger
-CVE-2011-3692
+CVE-2011-3692 (NetSaro Enterprise Messenger Server 2.0 stores cleartext console crede ...)
 	NOT-FOR-US: NetSaro Enterprise Messenger
-CVE-2011-3691
+CVE-2011-3691 (Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718  ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2011-3690
+CVE-2011-3690 (Untrusted search path vulnerability in PlotSoft PDFill PDF Editor 8.0  ...)
 	NOT-FOR-US: PlotSoft PDFill PDF Editor
-CVE-2011-3689
+CVE-2011-3689 (Cross-site scripting (XSS) vulnerability in Licenses.html in Wibu-Syst ...)
 	NOT-FOR-US: Wibu-Systems CodeMeter WebAdmin
-CVE-2011-3688
+CVE-2011-3688 (Multiple SQL injection vulnerabilities in Sonexis ConferenceManager 9. ...)
 	NOT-FOR-US: Sonexis ConferenceManager
-CVE-2011-3687
+CVE-2011-3687 (Multiple cross-site scripting (XSS) vulnerabilities in Sonexis Confere ...)
 	NOT-FOR-US: Sonexis ConferenceManager
-CVE-2011-3686
+CVE-2011-3686 (Multiple cross-site scripting (XSS) vulnerabilities in myAddressBook.a ...)
 	NOT-FOR-US: Sonexis ConferenceManager
-CVE-2011-3685
+CVE-2011-3685 (Tembria Server Monitor before 6.0.5 Build 2252 uses a substitution cip ...)
 	NOT-FOR-US: Tembria Server Monitor
-CVE-2011-3684
+CVE-2011-3684 (Multiple cross-site scripting (XSS) vulnerabilities in Tembria Server  ...)
 	NOT-FOR-US: Tembria Server Monitor
 CVE-2011-3683
 	RESERVED
@@ -3993,13 +3993,13 @@ CVE-2011-3673
 	REJECTED
 CVE-2011-3672
 	REJECTED
-CVE-2011-3671
+CVE-2011-3671 (Use-after-free vulnerability in the nsHTMLSelectElement function in ns ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3670
+CVE-2011-3670 (Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before  ...)
 	{DSA-2406-1 DSA-2402-1 DSA-2400-1}
 	- icedove 7.0-1
 	[lenny] - icedove <end-of-life>
@@ -4009,29 +4009,29 @@ CVE-2011-3670
 	- iceape 2.0.14-10
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-3669
+CVE-2011-3669 (Cross-site request forgery (CSRF) vulnerability in attachment.cgi in B ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2011-3668
+CVE-2011-3668 (Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bug ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2011-3667
+CVE-2011-3667 (The User.offer_account_by_email WebService method in Bugzilla 2.x and  ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <end-of-life> (Not supported in Squeeze LTS)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
-CVE-2011-3666
+CVE-2011-3666 (Mozilla Firefox before 3.6.25 and Thunderbird before 3.1.17 on Mac OS  ...)
 	- iceweasel <not-affected> (MacOS specific)
-CVE-2011-3665
+CVE-2011-3665 (Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaM ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3664
+CVE-2011-3664 (Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey befo ...)
 	- iceweasel <not-affected> (MacOS specific)
-CVE-2011-3663
+CVE-2011-3663 (Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaM ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
@@ -4039,30 +4039,30 @@ CVE-2011-3663
 	- iceape <not-affected> (Only affects Firefox >= 4)
 CVE-2011-3662
 	RESERVED
-CVE-2011-3661
+CVE-2011-3661 (YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 thro ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3660
+CVE-2011-3660 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 9.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3659
+CVE-2011-3659 (Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x  ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 10.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3658
+CVE-2011-3658 (The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and Se ...)
 	- iceweasel 9.0-1
 	- iceape 2.7.1-1
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3657
+CVE-2011-3657 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x an ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <end-of-life> (Not supported in Squeeze LTS)
 	[lenny] - bugzilla <no-dsa> (Minor issue)
@@ -4070,33 +4070,33 @@ CVE-2011-3656
 	RESERVED
 	- iceweasel 4.0-1
 	[squeeze] - iceweasel <end-of-life> (Iceweasel not supported in Squeeze LTS)
-CVE-2011-3655
+CVE-2011-3655 (Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perfor ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 8.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3654
+CVE-2011-3654 (The browser engine in Mozilla Firefox before 8.0 and Thunderbird befor ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 8.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3653
+CVE-2011-3653 (Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do n ...)
 	- iceweasel <not-affected> (MacOS X-specific)
-CVE-2011-3652
+CVE-2011-3652 (The browser engine in Mozilla Firefox before 8.0 and Thunderbird befor ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 8.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3651
+CVE-2011-3651 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 8.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3650
+CVE-2011-3650 (Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird befo ...)
 	{DSA-2345-1 DSA-2342-1 DSA-2341-1}
 	- icedove 3.1.16-1
 	[lenny] - icedove <end-of-life>
@@ -4106,9 +4106,9 @@ CVE-2011-3650
 	- iceape 2.0.14-9
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-3649
+CVE-2011-3649 (Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D (aka D2D) A ...)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2011-3648
+CVE-2011-3648 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6 ...)
 	{DSA-2345-1 DSA-2342-1 DSA-2341-1}
 	- icedove 3.1.16-1
 	[lenny] - icedove <end-of-life>
@@ -4118,7 +4118,7 @@ CVE-2011-3648
 	- iceape 2.0.14-9
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-3647
+CVE-2011-3647 (The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird ...)
 	{DSA-2345-1 DSA-2342-1 DSA-2341-1}
 	- icedove 3.1.16-1
 	[lenny] - icedove <end-of-life>
@@ -4128,9 +4128,9 @@ CVE-2011-3647
 	- iceape 2.0.14-9
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-3646
+CVE-2011-3646 (phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote atta ...)
 	- phpmyadmin 4:3.4.6-1 (unimportant)
-CVE-2011-3645
+CVE-2011-3645 (Newgen OmniDocs allows remote attackers to bypass intended access rest ...)
 	NOT-FOR-US: Newgen OmniDocs
 CVE-2011-XXXX [atftp DoS]
 	- atftp 0.7.dfsg-11 (low)
@@ -4147,7 +4147,7 @@ CVE-2011-3642 [flowplayer-core: Arbitrary plugins with remote code execution (XS
 	NOTE: https://code.google.com/p/flowplayer-core/issues/detail?id=441
 CVE-2011-3641
 	RESERVED
-CVE-2011-3640
+CVE-2011-3640 (** DISPUTED ** Untrusted search path vulnerability in Mozilla Network  ...)
 	{DSA-2339-1}
 	- nss 3.13.1.with.ckbi.1.88-1 (low; bug #647614)
 	[lenny] - nss <no-dsa> (Minor issue)
@@ -4155,24 +4155,24 @@ CVE-2011-3640
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: attacker needs to get malicious file into cwd first
 	NOTE: http://seclists.org/fulldisclosure/2011/Oct/734
-CVE-2011-3639
+CVE-2011-3639 (The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 an ...)
 	{DSA-2405-1}
 	- apache2 2.2.18-1
 	NOTE: Related to CVE-2011-3368 and CVE-2011-4317 but a different issue
-CVE-2011-3638
+CVE-2011-3638 (fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a modif ...)
 	- linux-2.6 3.0.0-1
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2011-3637
+CVE-2011-3637 (The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2 ...)
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.39)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.39)
-CVE-2011-3636
+CVE-2011-3636 (Cross-site request forgery (CSRF) vulnerability in the management inte ...)
 	NOT-FOR-US: FreeIPA
-CVE-2011-3635
+CVE-2011-3635 (Cross-site scripting (XSS) vulnerability in the theme_adium_append_mes ...)
 	- empathy 3.2.1.1-1
 	[squeeze] - empathy <no-dsa> (Minor issue)
 	[lenny] - empathy <not-affected> (only affects webkit theming, not present in Lenny)
-CVE-2011-3634
+CVE-2011-3634 (methods/https.cc in apt before 0.8.11 accepts connections when the cer ...)
 	{DLA-0005-1}
 	- apt 0.8.11 (low)
 	[squeeze] - apt 0.8.10.3+squeeze2
@@ -4193,19 +4193,19 @@ CVE-2011-3630 [hardlink has buffer overflows, is unsafe on changing trees]
 CVE-2011-3629
 	RESERVED
 	NOT-FOR-US: Joomla!
-CVE-2011-3628
+CVE-2011-3628 (Untrusted search path vulnerability in pam_motd (aka the MOTD module)  ...)
 	- pam 1.1.3-7 (low; bug #670076)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	[lenny] - pam <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/ubuntu/%2Bsource/pam/%2Bbug/610125
 	NOTE: https://launchpadlibrarian.net/82729670/610125.patch
 	NOTE: its not clear which version fixed this, but its present in the checked version 1.1.3-7
-CVE-2011-3627
+CVE-2011-3627 (The bytecode engine in ClamAV before 0.97.3 allows remote attackers to ...)
 	- clamav 0.97.3+dfsg-1 (low)
 	[squeeze] - clamav 0.97.3+dfsg-1~squeeze1
-CVE-2011-3626
+CVE-2011-3626 (Double free vulnerability in the prepare_exec function in src/exec.c i ...)
 	NOT-FOR-US: Logsurfer
-CVE-2011-3625
+CVE-2011-3625 (Stack-based buffer overflow in the sub_read_line_sami function in subr ...)
 	- mplayer 2:1.0~rc4.dfsg1+svn33713-2 (bug #645987)
 	[squeeze] - mplayer <not-affected> (Malformed SMI file correctly rejected, possibly introduced by later changes)
 	- mplayer2 2.0-134-g84d8671-9 (bug #646937)
@@ -4220,7 +4220,7 @@ CVE-2011-3624
 	- ruby1.9.1 <removed> (low; bug #646020)
 	[squeeze] - ruby1.9.1 <no-dsa> (Minor issue, there seems to be no patch upstream)
 	[wheezy] - ruby1.9.1 <no-dsa> (Minor issue)
-CVE-2011-3623
+CVE-2011-3623 (Multiple stack-based buffer overflows in VideoLAN VLC media player bef ...)
 	- vlc 1.1.3-1
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=285370
 CVE-2011-3622
@@ -4229,9 +4229,9 @@ CVE-2011-3622
 CVE-2011-3621
 	RESERVED
 	NOT-FOR-US: fluxbb
-CVE-2011-3620
+CVE-2011-3620 (Apache Qpid 0.12 does not properly verify credentials during the joini ...)
 	- qpid-cpp <not-affected> (Red Hat-specific extension, see bug #672124)
-CVE-2011-3619
+CVE-2011-3619 (The apparmor_setprocattr function in security/apparmor/lsm.c in the Li ...)
 	- linux-2.6 3.0.0-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
@@ -4243,11 +4243,11 @@ CVE-2011-3618 [atop insecure tempfile handling]
 CVE-2011-3617 [tahoe-lafs: an unauthorized user can delete files]
 	RESERVED
 	- tahoe-lafs 1.8.3-1 (bug #641540)
-CVE-2011-3616
+CVE-2011-3616 (The getSkillname function in the eve module in Conky 1.8.1 and earlier ...)
 	- conky 1.8.0-1.1 (low; bug #612033)
 	[squeeze] - conky 1.8.0-1+squeeze1
 	[lenny] - conky 1.6.0-2+lenny1
-CVE-2011-3615
+CVE-2011-3615 (Multiple SQL injection vulnerabilities in Simple Machines Forum (SMF)  ...)
 	NOT-FOR-US: Simple Machines Forum
 CVE-2011-3614 [vanilla plugin access control]
 	RESERVED
@@ -4269,28 +4269,28 @@ CVE-2011-3609 [CSRF in the JBoss AS 7 administration console & HTTP management A
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2011-3608
 	REJECTED
-CVE-2011-3607
+CVE-2011-3607 (Integer overflow in the ap_pregsub function in server/util.c in the Ap ...)
 	{DSA-2405-1}
 	- apache2 2.2.21-4
 CVE-2011-3606 [DOM based XSS in the JBoss AS 7 administration console]
 	RESERVED
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2011-3605
+CVE-2011-3605 (The process_rs function in the router advertisement daemon (radvd) bef ...)
 	{DSA-2323-1}
 	- radvd 1:1.8-1.1 (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
-CVE-2011-3604
+CVE-2011-3604 (The process_ra function in the router advertisement daemon (radvd) bef ...)
 	{DSA-2323-1}
 	- radvd 1:1.8-1.1 (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
-CVE-2011-3603
+CVE-2011-3603 (The router advertisement daemon (radvd) before 1.8.2 does not properly ...)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
 	NOTE: should be rejected (http://seclists.org/oss-sec/2011/q4/72)
-CVE-2011-3602
+CVE-2011-3602 (Directory traversal vulnerability in device-linux.c in the router adve ...)
 	{DSA-2323-1}
 	- radvd 1:1.8-1.1 (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
-CVE-2011-3601
+CVE-2011-3601 (Buffer overflow in the process_ra function in the router advertisement ...)
 	{DSA-2323-1}
 	- radvd 1:1.8-1.2 (bug #644614)
 	[squeeze] - radvd <not-affected> (No support for ND_OPT_DNSSL_INFORMATION)
@@ -4300,14 +4300,14 @@ CVE-2011-3600
 	RESERVED
 	- libxmlrpc3-java 3.1.3-1 (low)
 	[lenny] - libxmlrpc3-java <no-dsa> (Minor issue)
-CVE-2011-3599
+CVE-2011-3599 (The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when  ...)
 	- libcrypt-dsa-perl 1.17-3 (unimportant; bug #644189)
 	NOTE: All supported Debian kernels have /dev/random, so severity unimportant
-CVE-2011-3598
+CVE-2011-3598 (Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin befo ...)
 	- phppgadmin 5.0.3-1 (low; bug #644290)
 	[squeeze] - phppgadmin 4.2.3-1.1squeeze1
 	[lenny] - phppgadmin 4.2.2-1lenny1
-CVE-2011-3597
+CVE-2011-3597 (Eval injection vulnerability in the Digest module before 1.17 for Perl ...)
 	- libdigest-perl 1.17-1 (low; bug #644108)
 	[squeeze] - libdigest-perl 1.16-1+squeeze1
 	[lenny] - libdigest-perl 1.15-2+lenny1
@@ -4323,30 +4323,30 @@ CVE-2011-3596
 CVE-2011-3595
 	RESERVED
 	NOT-FOR-US: Joomla!
-CVE-2011-3594
+CVE-2011-3594 (The g_markup_escape_text function in the SILC protocol plug-in in libp ...)
 	- pidgin 2.10.1-1 (unimportant)
 	[squeeze] - pidgin 2.7.3-1+squeeze2
 	NOTE: relatively obscure client crash
-CVE-2011-3593
+CVE-2011-3593 (A certain Red Hat patch to the vlan_hwaccel_do_receive function in net ...)
 	- linux-2.6 <not-affected> (RHEL6 only because of badly backported patches)
-CVE-2011-3592
+CVE-2011-3592 (Multiple cross-site scripting (XSS) vulnerabilities in the PMA_unInlin ...)
 	- phpmyadmin 4:3.4.5-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-3591
+CVE-2011-3591 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4. ...)
 	- phpmyadmin 4:3.4.5-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-3590
+CVE-2011-3590 (The Red Hat mkdumprd script for kexec-tools, as distributed in the kex ...)
 	- kexec-tools <not-affected> (The flaw exists in kdump.init and mkdumprd scrits, shipped only with Red Hat and Fedora)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=716439
-CVE-2011-3589
+CVE-2011-3589 (The Red Hat mkdumprd script for kexec-tools, as distributed in the kex ...)
 	- kexec-tools <not-affected> (The flaw exists in kdump.init and mkdumprd scrits, shipped only with Red Hat and Fedora)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=716439
-CVE-2011-3588
+CVE-2011-3588 (The SSH configuration in the Red Hat mkdumprd script for kexec-tools,  ...)
 	- kexec-tools <not-affected> (The flaw exists in kdump.init and mkdumprd scrits, shipped only with Red Hat and Fedora)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=716439
-CVE-2011-3587
+CVE-2011-3587 (Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone  ...)
 	- zope2.10 <not-affected> (Introduced in 2.12)
 	- zope2.12 2.12.20-2
 CVE-2011-3586
@@ -4371,65 +4371,65 @@ CVE-2011-3583 [TYPO3-SA-2011-002]
 CVE-2011-3582
 	RESERVED
 	NOT-FOR-US: Advanced Electron Forums
-CVE-2011-3581
+CVE-2011-3581 (Heap-based buffer overflow in the ldns_rr_new_frm_str_internal functio ...)
 	{DSA-2353-1}
 	- ldns 1.6.11-1 (bug #647297)
-CVE-2011-3580
+CVE-2011-3580 (IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote att ...)
 	NOT-FOR-US: IceWarp Mail Server
-CVE-2011-3579
+CVE-2011-3579 (server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10 ...)
 	NOT-FOR-US: IceWarp Mail Server
-CVE-2011-3578
+CVE-2011-3578 (Cross-site scripting (XSS) vulnerability in bug_actiongroup_ext_page.p ...)
 	- mantis 1.2.7-1
 	[squeeze] - mantis 1.1.8+dfsg-10squeeze1
-CVE-2011-3577
+CVE-2011-3577 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.3 do ...)
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2011-3576
+CVE-2011-3576 (Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 8.5.2 all ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-3575
+CVE-2011-3575 (Stack-based buffer overflow in the NSFComputeEvaluateExt function in N ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-3574
+CVE-2011-3574 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows  ...)
 	NOT-FOR-US: Oracle Communications Unified
-CVE-2011-3573
+CVE-2011-3573 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows  ...)
 	NOT-FOR-US: Oracle Communications Unified
 CVE-2011-3572
 	REJECTED
-CVE-2011-3571
+CVE-2011-3571 (Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI)  ...)
 	NOTE: CVE was misused by Oracle. Replaced by CVE-2012-0507.
-CVE-2011-3570
+CVE-2011-3570 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows  ...)
 	NOT-FOR-US: Oracle Communications Unified
-CVE-2011-3569
+CVE-2011-3569 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-3568
+CVE-2011-3568 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-3567
 	REJECTED
-CVE-2011-3566
+CVE-2011-3566 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-3565
+CVE-2011-3565 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows  ...)
 	NOT-FOR-US: Oracle Communications Unified
-CVE-2011-3564
+CVE-2011-3564 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1  ...)
 	- glassfish <not-affected> (administration component not shipped)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=783897
-CVE-2011-3563
+CVE-2011-3563 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
-CVE-2011-3562
+CVE-2011-3562 (Unspecified vulnerability in the Portal component in Oracle Fusion Mid ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2011-3561
+CVE-2011-3561 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2011-3560
+CVE-2011-3560 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3559
+CVE-2011-3559 (Unspecified vulnerability in Oracle Communications Server 2.0; GlassFi ...)
 	NOT-FOR-US: Oracle Communications Server, GlassFish Enterprise Server, Sun Java System App Server
-CVE-2011-3558
+CVE-2011-3558 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
@@ -4437,217 +4437,217 @@ CVE-2011-3558
 	[squeeze] - openjdk-6 <not-affected> (Hotspot version too old)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3557
+CVE-2011-3557 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3556
+CVE-2011-3556 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3555
+CVE-2011-3555 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2011-3554
+CVE-2011-3554 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3553
+CVE-2011-3553 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3552
+CVE-2011-3552 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3551
+CVE-2011-3551 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3550
+CVE-2011-3550 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2011-3549
+CVE-2011-3549 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2011-3548
+CVE-2011-3548 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3547
+CVE-2011-3547 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3546
+CVE-2011-3546 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2011-3545
+CVE-2011-3545 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2011-3544
+CVE-2011-3544 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3543
+CVE-2011-3543 (Unspecified vulnerability in Oracle Solaris 11 Express allows remote a ...)
 	NOT-FOR-US: Oracle Solaris 11 Express
-CVE-2011-3542
+CVE-2011-3542 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows l ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3541
+CVE-2011-3541 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-3540
 	REJECTED
-CVE-2011-3539
+CVE-2011-3539 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows l ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3538
+CVE-2011-3538 (Unspecified vulnerability in the Sun Ray component in Oracle Virtualiz ...)
 	NOT-FOR-US: Oracle Virtualization
-CVE-2011-3537
+CVE-2011-3537 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3536
+CVE-2011-3536 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3535
+CVE-2011-3535 (Unspecified vulnerability in the Solaris component in Oracle Sun Produ ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3534
+CVE-2011-3534 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3533
+CVE-2011-3533 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-3532
+CVE-2011-3532 (Unspecified vulnerability in the Oracle Agile Product Supplier Collabo ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2011-3531
+CVE-2011-3531 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-3530
+CVE-2011-3530 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-3529
+CVE-2011-3529 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-3528
+CVE-2011-3528 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-3527
+CVE-2011-3527 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-3526
+CVE-2011-3526 (Unspecified vulnerability in the Siebel Core - UIF Server component in ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2011-3525
+CVE-2011-3525 (Unspecified vulnerability in the Application Express component in Orac ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-3524
+CVE-2011-3524 (Unspecified vulnerability in the EnterpriseOne Tools component in Orac ...)
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-3523
+CVE-2011-3523 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2011-3522
+CVE-2011-3522 (Unspecified vulnerability in SysFW 8.0 on certain SPARC T3, Netra SPAR ...)
 	NOT-FOR-US: SPARC T3, Netra SPARC T3, Sun Fire, and Sun Blade
-CVE-2011-3521
+CVE-2011-3521 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	{DSA-2358-1 DSA-2356-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b23~pre11-1
 	- openjdk-7 7~b147-2.0-1
-CVE-2011-3520
+CVE-2011-3520 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise PeopleTools
-CVE-2011-3519
+CVE-2011-3519 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-3518
+CVE-2011-3518 (Unspecified vulnerability in the Siebel Core - UIF Client component in ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2011-3517
+CVE-2011-3517 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle Su ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-3516
+CVE-2011-3516 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- sun-java6 <not-affected> (Windows-specific)
 	- openjdk-6 <not-affected> (Windows-specific)
-CVE-2011-3515
+CVE-2011-3515 (Unspecified vulnerability in the Oracle Solaris 10 and 11 Express allo ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3514
+CVE-2011-3514 (Unspecified vulnerability in the EnterpriseOne Tools component in Orac ...)
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-3513
+CVE-2011-3513 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-3512
+CVE-2011-3512 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-3511
+CVE-2011-3511 (Unspecified vulnerability in the Database Vault component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-3510
+CVE-2011-3510 (Unspecified vulnerability in the Oracle Business Intelligence Enterpri ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-3509
+CVE-2011-3509 (Unspecified vulnerability in the EnterpriseOne Tools component in Orac ...)
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-3508
+CVE-2011-3508 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-3507
+CVE-2011-3507 (Unspecified vulnerability in the Oracle Communications Unified compone ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-3506
+CVE-2011-3506 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle Su ...)
 	NOT-FOR-US: Oracle Sun Products Suite
 CVE-2011-3505
 	REJECTED
-CVE-2011-3504
+CVE-2011-3504 (The Matroska format decoder in FFmpeg before 0.8.3 does not properly a ...)
 	{DSA-2336-1}
 	- libav 4:0.7.2-1 (bug #643859)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
-CVE-2011-3503
+CVE-2011-3503 (Untrusted search path vulnerability in eSignal 10.6.2425.1208, and pos ...)
 	NOT-FOR-US: eSignal
-CVE-2011-3502
+CVE-2011-3502 (The web server in Cogent DataHub 7.1.1.63 and earlier allows remote at ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2011-3501
+CVE-2011-3501 (Integer overflow in Cogent DataHub 7.1.1.63 and earlier allows remote  ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2011-3500
+CVE-2011-3500 (Directory traversal vulnerability in the web server in Cogent DataHub  ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2011-3499
+CVE-2011-3499 (Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attacker ...)
 	NOT-FOR-US: Progea Movicon / PowerHMI
-CVE-2011-3498
+CVE-2011-3498 (Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and  ...)
 	NOT-FOR-US: Progea Movicon / PowerHMI
-CVE-2011-3497
+CVE-2011-3497 (service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote at ...)
 	NOT-FOR-US: Measuresoft ScadaPro
-CVE-2011-3496
+CVE-2011-3496 (service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote at ...)
 	NOT-FOR-US: Measuresoft ScadaPro
-CVE-2011-3495
+CVE-2011-3495 (Multiple directory traversal vulnerabilities in service.exe in Measure ...)
 	NOT-FOR-US: Measuresoft ScadaPro
-CVE-2011-3494
+CVE-2011-3494 (WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to ...)
 	NOT-FOR-US: eSignal
-CVE-2011-3493
+CVE-2011-3493 (Multiple stack-based buffer overflows in the DH_OneSecondTick function ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2011-3492
+CVE-2011-3492 (Stack-based buffer overflow in Azeotech DAQFactory 5.85 build 1853 and ...)
 	NOT-FOR-US: Azeotech DAQFactory
-CVE-2011-3491
+CVE-2011-3491 (Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and  ...)
 	NOT-FOR-US: Progea Movicon / PowerHMI
-CVE-2011-3490
+CVE-2011-3490 (Multiple stack-based buffer overflows in service.exe in Measuresoft Sc ...)
 	NOT-FOR-US: Measuresoft ScadaPro
-CVE-2011-3489
+CVE-2011-3489 (RnaUtility.dll in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and ea ...)
 	NOT-FOR-US: Rockwell RSLogix
-CVE-2011-3488
+CVE-2011-3488 (Use-after-free vulnerability in Equis MetaStock 11 and earlier allows  ...)
 	NOT-FOR-US: Equis MetaStock
-CVE-2011-3487
+CVE-2011-3487 (Directory traversal vulnerability in CarelDataServer.exe in Carel Plan ...)
 	NOT-FOR-US: Carel PlantVisor
-CVE-2011-3486
+CVE-2011-3486 (Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to ca ...)
 	NOT-FOR-US: Beckhoff TwinCAT
 CVE-2011-3485
 	RESERVED
-CVE-2011-3481
+CVE-2011-3481 (The index_get_ids function in index.c in imapd in Cyrus IMAP Server be ...)
 	{DSA-2377-1}
 	- cyrus-imapd-2.2 <unfixed>
 	- cyrus-imapd-2.4 2.4.11-1
@@ -4655,11 +4655,11 @@ CVE-2011-3481
 	[squeeze] - kolab-cyrus-imapd <end-of-life> (Unsupported in squeeze-lts)
 CVE-2011-3480
 	REJECTED
-CVE-2011-3479
+CVE-2011-3479 (Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcA ...)
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2011-3478
+CVE-2011-3478 (The host-services component in Symantec pcAnywhere 12.5.x through 12.5 ...)
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2011-3477
+CVE-2011-3477 (GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in S ...)
 	NOT-FOR-US: Symantec
 CVE-2011-3476
 	REJECTED
@@ -4685,21 +4685,21 @@ CVE-2011-3466
 	RESERVED
 CVE-2011-3465
 	RESERVED
-CVE-2011-3464
+CVE-2011-3464 (Off-by-one error in the png_formatted_warning function in pngerror.c i ...)
 	- libpng <not-affected> (Only affects libpng 1.5, which is only in experimental)
-CVE-2011-3463
+CVE-2011-3463 (WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not properl ...)
 	NOT-FOR-US: Mac OS X
-CVE-2011-3462
+CVE-2011-3462 (Time Machine in Apple Mac OS X before 10.7.3 does not verify the uniqu ...)
 	NOT-FOR-US: Mac OS X
 CVE-2011-3461
 	RESERVED
-CVE-2011-3460
+CVE-2011-3460 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows re ...)
 	NOT-FOR-US: QuickTime
-CVE-2011-3459
+CVE-2011-3459 (Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows r ...)
 	NOT-FOR-US: QuickTime
-CVE-2011-3458
+CVE-2011-3458 (QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to u ...)
 	NOT-FOR-US: QuickTime
-CVE-2011-3457
+CVE-2011-3457 (The OpenGL implementation in Apple Mac OS X before 10.7.3 does not pro ...)
 	NOT-FOR-US: Mac OS X
 CVE-2011-3456
 	RESERVED
@@ -4707,163 +4707,163 @@ CVE-2011-3455
 	RESERVED
 CVE-2011-3454
 	RESERVED
-CVE-2011-3453
+CVE-2011-3453 (Integer overflow in libresolv in Apple Mac OS X before 10.7.3 allows r ...)
 	NOT-FOR-US: Mac OS X
-CVE-2011-3452
+CVE-2011-3452 (Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the ...)
 	NOT-FOR-US: Mac OS X
 CVE-2011-3451
 	RESERVED
-CVE-2011-3450
+CVE-2011-3450 (CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restri ...)
 	NOT-FOR-US: Mac OS X
-CVE-2011-3449
+CVE-2011-3449 (Use-after-free vulnerability in CoreText in Apple Mac OS X before 10.7 ...)
 	NOT-FOR-US: Mac OS X
-CVE-2011-3448
+CVE-2011-3448 (Heap-based buffer overflow in CoreMedia in Apple Mac OS X before 10.7. ...)
 	NOT-FOR-US: Mac OS X
-CVE-2011-3447
+CVE-2011-3447 (CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 does not properly con ...)
 	NOT-FOR-US: Mac OS X
-CVE-2011-3446
+CVE-2011-3446 (Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not pro ...)
 	NOT-FOR-US: Mac OS X
 CVE-2011-3445
 	RESERVED
-CVE-2011-3444
+CVE-2011-3444 (Address Book in Apple Mac OS X before 10.7.3 automatically switches to ...)
 	NOT-FOR-US: Mac OS X
-CVE-2011-3443
+CVE-2011-3443 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...)
 	NOT-FOR-US: Webspecidied Safari webkit issue, likely a Apple dupe
-CVE-2011-3442
+CVE-2011-3442 (The kernel in Apple iOS before 5.0.1 does not ensure the validity of f ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3441
+CVE-2011-3441 (libinfo in Apple iOS before 5.0.1 does not properly formulate domain-n ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3440
+CVE-2011-3440 (The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad 2 does ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3439
+CVE-2011-3439 (FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attac ...)
 	{DSA-2350-1}
 	- freetype 2.4.8-1 (bug #649122)
-CVE-2011-3438
+CVE-2011-3438 (WebKit, as used in Safari 5.0.6, allows remote attackers to cause a de ...)
 	NOT-FOR-US: Apple Safari
-CVE-2011-3437
+CVE-2011-3437 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS  ...)
 	NOT-FOR-US: Apple Type Services (ATS) in Apple Mac OS
-CVE-2011-3436
+CVE-2011-3436 (Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a ...)
 	NOT-FOR-US: Open Directory in Apple Mac OS
-CVE-2011-3435
+CVE-2011-3435 (Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users ...)
 	NOT-FOR-US: Open Directory in Apple Mac OS
-CVE-2011-3434
+CVE-2011-3434 (The WiFi component in Apple iOS before 5 stores WiFi credentials in an ...)
 	NOT-FOR-US: WiFi component in Apple iOS
 CVE-2011-3433
 	RESERVED
-CVE-2011-3432
+CVE-2011-3432 (The UIKit Alerts component in Apple iOS before 5 allows remote attacke ...)
 	NOT-FOR-US: UIKit Alerts component in Apple iOS
-CVE-2011-3431
+CVE-2011-3431 (The Home screen component in Apple iOS before 5 does not properly supp ...)
 	NOT-FOR-US: Home screen component in Apple iOS
-CVE-2011-3430
+CVE-2011-3430 (The Settings component in Apple iOS before 5, when a configuration pro ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3429
+CVE-2011-3429 (The Settings component in Apple iOS before 5 stores a cleartext parent ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3428
+CVE-2011-3428 (Buffer overflow in QuickTime before 7.7.1 for Windows allows remote at ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2011-3427
+CVE-2011-3427 (The Data Security component in Apple iOS before 5 and Apple TV before  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3426
+CVE-2011-3426 (Cross-site scripting (XSS) vulnerability in Safari in Apple iOS before ...)
 	NOT-FOR-US: Apple iOS
 CVE-2011-3425
 	RESERVED
-CVE-2011-3424
+CVE-2011-3424 (Session fixation vulnerability in the Managed File Transfer server in  ...)
 	NOT-FOR-US: TIBCO Managed File Transfer Internet Server
-CVE-2011-3423
+CVE-2011-3423 (Cross-site scripting (XSS) vulnerability in the Managed File Transfer  ...)
 	NOT-FOR-US: TIBCO Managed File Transfer Internet Server
-CVE-2011-3482
+CVE-2011-3482 (The csnStreamDissector function in epan/dissectors/packet-csn1.c in th ...)
 	- wireshark 1.6.2-1
 	[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
 	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-16.html
-CVE-2011-3483
+CVE-2011-3483 (Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial ...)
 	{DSA-2395-1}
 	- wireshark 1.6.2-1
 	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-14.html
-CVE-2011-3484
+CVE-2011-3484 (The unxorFrame function in epan/dissectors/packet-opensafety.c in the  ...)
 	- wireshark 1.6.2-1
 	[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
 	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-12.html
-CVE-2011-3422
+CVE-2011-3422 (The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-3421
+CVE-2011-3421 (Multiple unspecified vulnerabilities in Google Chrome before 14.0.835. ...)
 	- chromium-browser 14.0.835.163~r101024-1 (unimportant)
 	NOTE: duplicate
-CVE-2011-3420
+CVE-2011-3420 (Multiple unspecified vulnerabilities in Google Chrome before 14.0.835. ...)
 	- chromium-browser 14.0.835.163~r101024-1 (unimportant)
 	NOTE: duplicate
 CVE-2011-3419
 	REJECTED
 CVE-2011-3418
 	REJECTED
-CVE-2011-3417
+CVE-2011-3417 (The Forms Authentication feature in the ASP.NET subsystem in Microsoft ...)
 	NOT-FOR-US: Microsoft ASP.NET
-CVE-2011-3416
+CVE-2011-3416 (The Forms Authentication feature in the ASP.NET subsystem in Microsoft ...)
 	NOT-FOR-US: Microsoft ASP.NET
-CVE-2011-3415
+CVE-2011-3415 (Open redirect vulnerability in the Forms Authentication feature in the ...)
 	NOT-FOR-US: Microsoft ASP.NET
-CVE-2011-3414
+CVE-2011-3414 (The CaseInsensitiveHashProvider.getHashCode function in the HashTable  ...)
 	NOT-FOR-US: Microsoft .NET Framework
 	NOTE: Might affect Mono, pinged maintainers
-CVE-2011-3413
+CVE-2011-3413 (Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibili ...)
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2011-3412
+CVE-2011-3412 (Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote atta ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2011-3411
+CVE-2011-3411 (Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2011-3410
+CVE-2011-3410 (Array index error in Microsoft Publisher 2003 SP3, and 2007 SP2 and SP ...)
 	NOT-FOR-US: Microsoft Publisher
 CVE-2011-3409
 	REJECTED
-CVE-2011-3408
+CVE-2011-3408 (Csrsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the  ...)
 	NOT-FOR-US: Microsoft Windows XP
 CVE-2011-3407
 	REJECTED
-CVE-2011-3406
+CVE-2011-3406 (Buffer overflow in Active Directory, Active Directory Application Mode ...)
 	NOT-FOR-US: Microsoft Active Directory
 CVE-2011-3405
 	REJECTED
-CVE-2011-3404
+CVE-2011-3404 (Microsoft Internet Explorer 6 through 9 does not properly use the Cont ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-3403
+CVE-2011-3403 (Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handl ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-3402
+CVE-2011-3402 (Unspecified vulnerability in the TrueType font parsing engine in win32 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-3401
+CVE-2011-3401 (ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windo ...)
 	NOT-FOR-US: Microsoft Media Player
-CVE-2011-3400
+CVE-2011-3400 (Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not properly h ...)
 	NOT-FOR-US: Microsoft Windows XP
 CVE-2011-3399
 	REJECTED
 CVE-2011-3398
 	REJECTED
-CVE-2011-3397
+CVE-2011-3397 (The Microsoft Time component in DATIME.DLL in Microsoft Windows XP SP2 ...)
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2011-3396
+CVE-2011-3396 (Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 a ...)
 	NOT-FOR-US: Microsoft PowerPoint
 CVE-2011-3395
 	REJECTED
-CVE-2011-3394
+CVE-2011-3394 (SQL injection vulnerability in findagent.php in MYRE Real Estate Softw ...)
 	NOT-FOR-US: MYRE Real Estate
-CVE-2011-3393
+CVE-2011-3393 (Multiple cross-site scripting (XSS) vulnerabilities in findagent.php i ...)
 	NOT-FOR-US: MYRE Real Estate
-CVE-2011-3392
+CVE-2011-3392 (Cross-site scripting (XSS) vulnerability in control.php in the control ...)
 	NOT-FOR-US: Phorum
-CVE-2011-3391
+CVE-2011-3391 (IBM Rational Build Forge 7.1.2 relies on client-side JavaScript code t ...)
 	NOT-FOR-US: IBM Rational Build Forge
-CVE-2011-3354
+CVE-2011-3354 (The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel b ...)
 	- quassel 0.7.3-1 (low; bug #640960)
 	[squeeze] - quassel 0.6.3-2+squeeze1 (bug #640960)
 	NOTE: http://git.quassel-irc.org/?p=quassel.git;a=commit;h=da215fcb9cd3096a3e223c87577d5d4ab8f8518b
-CVE-2011-3390
+CVE-2011-3390 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in IB ...)
 	NOT-FOR-US: IBM OpenAdmin Too
 CVE-2011-3350 [masqmail improper privilege dropping]
 	RESERVED
 	- masqmail 0.2.30-1 (low; bug #638002)
 	[lenny] - masqmail <no-dsa> (no security issue by itself)
 	[squeeze] - masqmail 0.2.27-1.1+squeeze1
-CVE-2011-3389
+CVE-2011-3389 (The SSL protocol, as used in certain configurations in Microsoft Windo ...)
 	{DSA-2398-1 DSA-2368-1 DSA-2358-1 DSA-2356-1 DLA-400-1 DLA-154-1}
 	- sun-java6 <removed> (bug #645881)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
@@ -4919,40 +4919,40 @@ CVE-2011-3389
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24972
 	NOTE: patch for 11 (jessie): https://code.asterisk.org/code/changelog/asterisk?cs=f233bcd81d85626ce5bdd27b05bc95d131faf3e4
 	NOTE: all versions vulnerable, backport required for wheezy
-CVE-2011-3388
+CVE-2011-3388 (Opera before 11.51 allows remote attackers to cause an insecure site t ...)
 	NOT-FOR-US: Opera
-CVE-2011-3387
+CVE-2011-3387 (The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authent ...)
 	NOT-FOR-US: IBM Java
-CVE-2011-3386
+CVE-2011-3386 (Unspecified vulnerability in Medtronic Paradigm wireless insulin pump  ...)
 	NOT-FOR-US: Medtronic Paradigm wireless insulin pump
-CVE-2011-3385
+CVE-2011-3385 (Cross-site scripting (XSS) vulnerability in WebsiteBaker before 2.8, a ...)
 	NOT-FOR-US: WebsiteBaker
-CVE-2011-3384
+CVE-2011-3384 (Cross-site scripting (XSS) vulnerability in the Sage add-on 1.3.10 and ...)
 	NOT-FOR-US: Sage
-CVE-2011-3383
+CVE-2011-3383 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and ...)
 	NOT-FOR-US: KENT-WEB WEB FORUM
-CVE-2011-3382
+CVE-2011-3382 (Cross-site scripting (XSS) vulnerability in Phorum before 5.2.16 allow ...)
 	NOT-FOR-US: Phorum
-CVE-2011-3381
+CVE-2011-3381 (Cross-site request forgery (CSRF) vulnerability in Phorum before 5.2.1 ...)
 	NOT-FOR-US: Phorum
-CVE-2011-3380
+CVE-2011-3380 (Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a deni ...)
 	- openswan <not-affected> (vulnerable versions never uploaded to the archive)
-CVE-2011-3379
+CVE-2011-3379 (The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __auto ...)
 	- php5 5.3.9-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.3.7)
 	[lenny] - php5 <not-affected> (Introduced in 5.3.7)
-CVE-2011-3378
+CVE-2011-3378 (RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attack ...)
 	- rpm 4.9.1.2-1 (low; bug #645325)
 	[squeeze] - rpm 4.8.1-6+squeeze1
 	[lenny] - rpm <no-dsa> (rpm isn't used a a package manager, very limited attack vector)
-CVE-2011-3377
+CVE-2011-3377 (The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x be ...)
 	{DSA-2420-1}
 	- openjdk-6 6b21~pre1-1
 	- icedtea-web 1.1.4-1
 	NOTE: Browser plugin was removed in openjdk-6 6b21~pre1-1.
-CVE-2011-3376
+CVE-2011-3376 (org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat  ...)
 	- tomcat7 7.0.22-1
-CVE-2011-3375
+CVE-2011-3375 (Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not pro ...)
 	{DSA-2401-1}
 	- tomcat6 6.0.33-1
 	- tomcat7 7.0.22-1
@@ -4963,75 +4963,75 @@ CVE-2011-3374 [apt-key insecure validation]
 CVE-2011-3373
 	RESERVED
 	NOT-FOR-US: Views Bulk Operations module for Drupal
-CVE-2011-3372
+CVE-2011-3372 (imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2 ...)
 	{DSA-2318-1}
 	- cyrus-imapd-2.2 2.4.11-1 (medium)
 	- cyrus-imapd-2.4 2.4.11-1 (medium)
 	- kolab-cyrus-imapd <removed> (medium)
 	[squeeze] - kolab-cyrus-imapd <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-3371
+CVE-2011-3371 (Multiple cross-site scripting (XSS) vulnerabilities in include/functio ...)
 	NOT-FOR-US: PunBB
 CVE-2011-3370
 	RESERVED
 	- statusnet <itp> (bug #491723)
-CVE-2011-3369
+CVE-2011-3369 (The add_conversation function in conversations.c in EtherApe before 0. ...)
 	- etherape 0.9.12-1 (low; bug #645324)
 	[lenny] - etherape <no-dsa> (Minor issue)
 	[squeeze] - etherape 0.9.8-1+squeeze1
-CVE-2011-3368
+CVE-2011-3368 (The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2 ...)
 	{DSA-2405-1}
 	- apache2 2.2.21-2 (medium)
 	NOTE: http://article.gmane.org/gmane.comp.apache.announce/61
-CVE-2011-3367
+CVE-2011-3367 (Arora, possibly 0.11 and other versions, does not use a certain font w ...)
 	- arora <unfixed> (unimportant)
 	NOTE: Requires CA compromise to exploit, browser still displays warning.
-CVE-2011-3366
+CVE-2011-3366 (Rekonq 0.7.0 and earlier does not use a certain font when rendering ce ...)
 	- rekonq <not-affected> (Only affected the 0.8.x devel versions and was fixed before final 0.8 release, see bug #647298)
 	NOTE: http://www.kde.org/info/security/advisory-20111003-1.txt
-CVE-2011-3365
+CVE-2011-3365 (The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and poss ...)
 	- kde4libs 4:4.7.2-1
 	[squeeze] - kde4libs <not-affected> (only 4.6.0 - 4.7.1 are vulnerable)
 	[lenny] - kde4libs <not-affected> (only 4.6.0 - 4.7.1 are vulnerable)
-CVE-2011-3364
+CVE-2011-3364 (Incomplete blacklist vulnerability in the svEscape function in setting ...)
 	- network-manager-applet <not-affected> (ifcfg-rh plugin not built/included in Debian)
-CVE-2011-3363
+CVE-2011-3363 (The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel be ...)
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 2.6.32-34
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in commit 1bfe73c2)
-CVE-2011-3362
+CVE-2011-3362 (Integer signedness error in the decode_residual_block function in cavs ...)
 	{DSA-2336-1}
 	- libav 4:0.7.1-7 (bug #641478)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 	NOTE: http://www.ocert.org/advisories/ocert-2011-002.html
-CVE-2011-3361
+CVE-2011-3361 (Cross-site scripting (XSS) vulnerability in CGI/Browse.pm in BackupPC  ...)
 	- backuppc 3.2.1-2 (bug #641450)
 	[squeeze] - backuppc 3.1.0-9.1
 	NOTE: http://sourceforge.net/mailarchive/forum.php?thread_name=f1f1ef74-716d-4af8-b1bf-c1ba6d9a98a1%40SC1EXHC-02.global.atheros.com&forum_name=backuppc-devel
 	NOTE: http://backuppc.cvs.sourceforge.net/viewvc/backuppc/BackupPC/lib/BackupPC/CGI/Browse.pm?r1=1.23&r2=1.24
-CVE-2011-3360
+CVE-2011-3360 (Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 an ...)
 	{DSA-2324-1}
 	- wireshark 1.6.2-1 (low)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-15.html
-CVE-2011-3359
+CVE-2011-3359 (The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux ker ...)
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 2.6.32-34
 	[lenny] - linux-2.6 <not-affected> (b43 allocate recieve buffer is 2404 bytes, which is already larger than the upstream fix of increasing it to 2382 bytes)
-CVE-2011-3358
+CVE-2011-3358 (Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before ...)
 	{DSA-2308-1}
 	- mantis 1.2.7-1 (low; bug #640297)
 	[squeeze] - mantis <not-affected> (Vulnerable code not present)
-CVE-2011-3357
+CVE-2011-3357 (Directory traversal vulnerability in bug_actiongroup_ext_page.php in M ...)
 	{DSA-2308-1}
 	- mantis 1.2.7-1 (medium; bug #640297)
-CVE-2011-3356
+CVE-2011-3356 (Multiple cross-site scripting (XSS) vulnerabilities in config_defaults ...)
 	- mantis 1.2.7-1 (low; bug #640297)
 	[squeeze] - mantis <not-affected> (Vulnerable code not present)
 	[lenny] - mantis <not-affected> (Vulnerable code not present)
 CVE-2011-3355
 	RESERVED
 	- evolution-data-server3 3.2.1-1 (bug #641052)
-CVE-2011-3353
+CVE-2011-3353 (Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev ...)
 	{DSA-2389-1}
 	- linux-2.6 3.1.0~rc4-1~experimental.1 (low)
 	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in commit 3b463ae0)
@@ -5047,39 +5047,39 @@ CVE-2011-3351
 CVE-2011-3349 [lightdm denial of service]
 	RESERVED
 	- lightdm 0.9.6-1 (bug #639151)
-CVE-2011-3348
+CVE-2011-3348 (The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when ...)
 	- apache2 2.2.21-1
 	[squeeze] - apache2 2.2.16-6+squeeze4
 	[lenny] - apache2 <not-affected> (introduced in 2.2.12)
-CVE-2011-3347
+CVE-2011-3347 (A certain Red Hat patch to the be2net implementation in the kernel pac ...)
 	- linux-2.6 3.2-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-3346
+CVE-2011-3346 (Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before ...)
 	- qemu-kvm 0.15.1+dfsg-1 (bug #646118)
 	[squeeze] - qemu-kvm <no-dsa> (SCSI support in 0.12 generally broken, no complete fix other than updating to 0.15)
-CVE-2011-3345
+CVE-2011-3345 (ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_ker ...)
 	- ofa-kernel <itp> (bug #541849)
-CVE-2011-3344
+CVE-2011-3344 (Cross-site scripting (XSS) vulnerability in the Lookup Login/Password  ...)
 	NOT-FOR-US: Red Hat Network Satellite server
-CVE-2011-3343
+CVE-2011-3343 (Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to ...)
 	{DSA-2386-1}
 	- openttd 1.1.3-1
 	NOTE: http://www.openwall.com/lists/oss-security/2011/09/02/4
-CVE-2011-3342
+CVE-2011-3342 (Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attacke ...)
 	{DSA-2386-1}
 	- openttd 1.1.3-1
 	NOTE: http://www.openwall.com/lists/oss-security/2011/09/02/4
-CVE-2011-3341
+CVE-2011-3341 (Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 al ...)
 	{DSA-2386-1}
 	- openttd 1.1.3-1
 	NOTE: http://www.openwall.com/lists/oss-security/2011/09/02/4
-CVE-2011-3340
+CVE-2011-3340 (SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remo ...)
 	NOT-FOR-US: ATCOM Netvolution
-CVE-2011-3339
+CVE-2011-3339 (Cross-site scripting (XSS) vulnerability in the Admin Control Center i ...)
 	NOT-FOR-US: Sentinel HASP Run-time Environment
 CVE-2011-3338
 	RESERVED
-CVE-2011-3337
+CVE-2011-3337 (eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 f ...)
 	NOT-FOR-US: eEye Digital Security Audits
 CVE-2011-3336
 	RESERVED
@@ -5089,46 +5089,46 @@ CVE-2011-3334
 	RESERVED
 CVE-2011-3333
 	RESERVED
-CVE-2011-3332
+CVE-2011-3332 (Stack-based buffer overflow in Iceni Argus 6.20 and earlier and Infix  ...)
 	NOT-FOR-US: Iceni Argus
 CVE-2011-3331
 	RESERVED
-CVE-2011-3330
+CVE-2011-3330 (Buffer overflow in the UnitelWay Windows Device Driver, as used in Sch ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2011-3329
 	RESERVED
-CVE-2011-3328
+CVE-2011-3328 (The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color ...)
 	- libpng <not-affected> (Introduced in 1.5.4, which was only in experimental and which has been fixed since then)
-CVE-2011-3327
+CVE-2011-3327 (Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ ...)
 	{DSA-2316-1}
 	- quagga 0.99.19-1
-CVE-2011-3326
+CVE-2011-3326 (The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99 ...)
 	{DSA-2316-1}
 	- quagga 0.99.19-1
-CVE-2011-3325
+CVE-2011-3325 (ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attacker ...)
 	{DSA-2316-1}
 	- quagga 0.99.19-1
-CVE-2011-3324
+CVE-2011-3324 (The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 impleme ...)
 	{DSA-2316-1}
 	- quagga 0.99.19-1
-CVE-2011-3323
+CVE-2011-3323 (The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows re ...)
 	{DSA-2316-1}
 	- quagga 0.99.19-1
-CVE-2011-3322
+CVE-2011-3322 (Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon  ...)
 	NOT-FOR-US: Scadatec Limited Procyon SCADA
-CVE-2011-3321
+CVE-2011-3321 (Heap-based buffer overflow in the Siemens WinCC Runtime Advanced Loade ...)
 	NOT-FOR-US: SIMATIC WinCC
-CVE-2011-3320
+CVE-2011-3320 (Cross-site scripting (XSS) vulnerability in the Web Administrator comp ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy Historian
-CVE-2011-3319
+CVE-2011-3319 (Buffer overflow in the WRF parsing functionality in the Cisco WebEx Re ...)
 	NOT-FOR-US: WebEx
-CVE-2011-3318
+CVE-2011-3318 (Cisco Video Surveillance 2421 and 2500 series cameras with software 1. ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3317
+CVE-2011-3317 (Multiple cross-site scripting (XSS) vulnerabilities in the Solution En ...)
 	NOT-FOR-US: Cisco
 CVE-2011-3316
 	RESERVED
-CVE-2011-3315
+CVE-2011-3315 (Directory traversal vulnerability in Cisco Unified Communications Mana ...)
 	NOT-FOR-US: Cisco
 CVE-2011-3314
 	RESERVED
@@ -5138,9 +5138,9 @@ CVE-2011-3312
 	RESERVED
 CVE-2011-3311
 	RESERVED
-CVE-2011-3310
+CVE-2011-3310 (The Home Page component in Cisco CiscoWorks Common Services before 4.1 ...)
 	NOT-FOR-US: Cisco CiscoWorks
-CVE-2011-3309
+CVE-2011-3309 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco
 CVE-2011-3308
 	RESERVED
@@ -5148,243 +5148,243 @@ CVE-2011-3307
 	RESERVED
 CVE-2011-3306
 	RESERVED
-CVE-2011-3305
+CVE-2011-3305 (Directory traversal vulnerability in Cisco Network Admission Control ( ...)
 	NOT-FOR-US: Cisco Network Admission Control
-CVE-2011-3304
+CVE-2011-3304 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3303
+CVE-2011-3303 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3302
+CVE-2011-3302 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3301
+CVE-2011-3301 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3300
+CVE-2011-3300 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3299
+CVE-2011-3299 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3298
+CVE-2011-3298 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3297
+CVE-2011-3297 (Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 befo ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3296
+CVE-2011-3296 (Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 befo ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3295
+CVE-2011-3295 (The NETIO and IPV4_IO processes in Cisco IOS XR 3.8 through 4.1, as us ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2011-3294
+CVE-2011-3294 (Cross-site scripting (XSS) vulnerability in the login page in the admi ...)
 	NOT-FOR-US: Cisco TelePresence
-CVE-2011-3293
+CVE-2011-3293 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Solu ...)
 	NOT-FOR-US: Cisco
 CVE-2011-3292
 	RESERVED
 CVE-2011-3291
 	RESERVED
-CVE-2011-3290
+CVE-2011-3290 (Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Orac ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3289
+CVE-2011-3289 (Cisco IOS 12.4 and 15.0 through 15.2 allows physically proximate attac ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-3288
+CVE-2011-3288 (Cisco Unified Presence before 8.5(4) does not properly detect recursio ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3287
+CVE-2011-3287 (Cisco Jabber Extensible Communications Platform (aka Jabber XCP) 2.x t ...)
 	NOT-FOR-US: Cisco
 CVE-2011-3286
 	RESERVED
-CVE-2011-3285
+CVE-2011-3285 (CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive  ...)
 	NOT-FOR-US: Cisco
 CVE-2011-3284
 	RESERVED
-CVE-2011-3283
+CVE-2011-3283 (Cisco Carrier Routing System 3.9.1 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3282
+CVE-2011-3282 (Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15 ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3281
+CVE-2011-3281 (Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in certain H ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3280
+CVE-2011-3280 (Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 a ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3279
+CVE-2011-3279 (The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through 12 ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3278
+CVE-2011-3278 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3277
+CVE-2011-3277 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3276
+CVE-2011-3276 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3275
+CVE-2011-3275 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x throug ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3274
+CVE-2011-3274 (Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15 ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3273
+CVE-2011-3273 (Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based Fir ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3272
+CVE-2011-3272 (The IP Service Level Agreement (IP SLA) functionality in Cisco IOS 15. ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3271
+CVE-2011-3271 (Unspecified vulnerability in the Smart Install functionality in Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3270
+CVE-2011-3270 (Unspecified vulnerability in Cisco IOS 12.2SB before 12.2(33)SB10 and  ...)
 	NOT-FOR-US: Cisco
 CVE-2011-3269
 	RESERVED
-CVE-2011-3268
+CVE-2011-3268 (Buffer overflow in the crypt function in PHP before 5.3.7 allows conte ...)
 	- php5 5.3.8-1
 	[squeeze] - php5 <not-affected> (Only affected 5.3.7)
 	[lenny] - php5 <not-affected> (Only affected 5.3.7)
-CVE-2011-3267
+CVE-2011-3267 (PHP before 5.3.7 does not properly implement the error_log function, w ...)
 	{DSA-2408-1}
 	- php5 5.3.7-1
 	[squeeze] - php5 <not-affected> (Vulnerable code not present)
 	[lenny] - php5 <not-affected> (Vulnerable code not present)
-CVE-2011-3266
+CVE-2011-3266 (The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and  ...)
 	- wireshark 1.6.2-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
-CVE-2011-3265
+CVE-2011-3265 (popup.php in Zabbix before 1.8.7 allows remote attackers to read the c ...)
 	- zabbix 1:1.8.9-1
 	[squeeze] - zabbix <end-of-life> (Not supported in Squeeze LTS)
-CVE-2011-3264
+CVE-2011-3264 (Zabbix before 1.8.6 allows remote attackers to obtain sensitive inform ...)
 	- zabbix 1:1.8.6-1 (unimportant)
 	[squeeze] - zabbix <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Installation path is known anyway for the Debian package
-CVE-2011-3263
+CVE-2011-3263 (zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows con ...)
 	- zabbix 1:1.8.6-1
 	[squeeze] - zabbix <end-of-life> (Not supported in Squeeze LTS)
-CVE-2011-3262
+CVE-2011-3262 (tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow ...)
 	{DSA-2337-1}
 	- xen 4.1.1-1
 	- xen-3 <removed>
 	[lenny] - xen-3 <no-dsa> (Minor issue; only marginally affected)
-CVE-2011-3261
+CVE-2011-3261 (Double free vulnerability in OfficeImport in Apple iOS before 5 allows ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3260
+CVE-2011-3260 (Buffer overflow in OfficeImport in Apple iOS before 5 allows remote at ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3259
+CVE-2011-3259 (The kernel in Apple iOS before 5 and Apple TV before 4.4 does not prop ...)
 	NOT-FOR-US: Apple iOS
 CVE-2011-3258
 	RESERVED
-CVE-2011-3257
+CVE-2011-3257 (The Data Access component in Apple iOS before 5 does not properly hand ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3256
+CVE-2011-3256 (FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5 ...)
 	{DSA-2328-1}
 	- freetype 2.4.7-1 (bug #646120)
-CVE-2011-3255
+CVE-2011-3255 (CFNetwork in Apple iOS before 5 stores AppleID credentials in an unspe ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3254
+CVE-2011-3254 (Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS befo ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3253
+CVE-2011-3253 (CalDAV in Apple iOS before 5 does not validate X.509 certificates for  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3252
+CVE-2011-3252 (Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, all ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2011-3251
+CVE-2011-3251 (Apple QuickTime before 7.7.1 on Windows allows remote attackers to exe ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-3250
+CVE-2011-3250 (Integer overflow in Apple QuickTime before 7.7.1 allows remote attacke ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-3249
+CVE-2011-3249 (Buffer overflow in Apple QuickTime before 7.7.1 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-3248
+CVE-2011-3248 (Integer signedness error in Apple QuickTime before 7.7.1 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-3247
+CVE-2011-3247 (Integer overflow in Apple QuickTime before 7.7.1 on Windows allows rem ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-3246
+CVE-2011-3246 (CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 do ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3245
+CVE-2011-3245 (The Keyboards component in Apple iOS before 5 displays the final chara ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-3244
+CVE-2011-3244 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3243
+CVE-2011-3243 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple i ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3242
+CVE-2011-3242 (The Private Browsing feature in Apple Safari before 5.1.1 on Mac OS X  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2011-3241
+CVE-2011-3241 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-3240
 	RESERVED
-CVE-2011-3239
+CVE-2011-3239 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3238
+CVE-2011-3238 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3237
+CVE-2011-3237 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3236
+CVE-2011-3236 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3235
+CVE-2011-3235 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3234
+CVE-2011-3234 (Google Chrome before 14.0.835.163 does not properly handle boxes, whic ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/92132
-CVE-2011-3233
+CVE-2011-3233 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-3232
+CVE-2011-3232 (YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, a ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-3231
+CVE-2011-3231 (The SSL implementation in Apple Safari before 5.1.1 on Mac OS X before ...)
 	NOT-FOR-US: Apple Safari
-CVE-2011-3230
+CVE-2011-3230 (Apple Safari before 5.1.1 on Mac OS X does not enforce an intended pol ...)
 	NOT-FOR-US: Apple Safari
-CVE-2011-3229
+CVE-2011-3229 (Directory traversal vulnerability in Apple Safari before 5.1.1 allows  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2011-3228
+CVE-2011-3228 (QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to e ...)
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2011-3227
+CVE-2011-3227 (libsecurity in Apple Mac OS X before 10.7.2 does not properly handle e ...)
 	NOT-FOR-US: libsecurity in Apple Mac OS X
-CVE-2011-3226
+CVE-2011-3226 (Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an LDAPv3 se ...)
 	NOT-FOR-US: Open Directory in Apple Mac OS X
-CVE-2011-3225
+CVE-2011-3225 (The SMB File Server component in Apple Mac OS X 10.7 before 10.7.2 doe ...)
 	NOT-FOR-US: SMB File Server component in Apple Mac OS X
-CVE-2011-3224
+CVE-2011-3224 (The User Documentation component in Apple Mac OS X through 10.6.8 uses ...)
 	NOT-FOR-US: User Documentation component in Apple Mac OS X
-CVE-2011-3223
+CVE-2011-3223 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows re ...)
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2011-3222
+CVE-2011-3222 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows re ...)
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2011-3221
+CVE-2011-3221 (QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the ...)
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2011-3220
+CVE-2011-3220 (QuickTime in Apple Mac OS X before 10.7.2 does not properly process UR ...)
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2011-3219
+CVE-2011-3219 (Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, all ...)
 	NOT-FOR-US: Apple CoreMedia
-CVE-2011-3218
+CVE-2011-3218 (The "Save for Web" selection in QuickTime Player in Apple Mac OS X thr ...)
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2011-3217
+CVE-2011-3217 (MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to e ...)
 	NOT-FOR-US: Mac OS X
-CVE-2011-3216
+CVE-2011-3216 (The kernel in Apple Mac OS X before 10.7.2 does not properly implement ...)
 	NOT-FOR-US: kernel in Apple Mac OS X
-CVE-2011-3215
+CVE-2011-3215 (The kernel in Apple Mac OS X before 10.7.2 does not properly prevent F ...)
 	NOT-FOR-US: kernel in Apple Mac OS X
-CVE-2011-3214
+CVE-2011-3214 (IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a ...)
 	NOT-FOR-US: IOGraphics in Apple Mac OS X
-CVE-2011-3213
+CVE-2011-3213 (The File Systems component in Apple Mac OS X before 10.7.2 does not pr ...)
 	NOT-FOR-US: File Systems component in Apple Mac OS X
-CVE-2011-3212
+CVE-2011-3212 (CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that  ...)
 	NOT-FOR-US: CoreStorage in Apple Mac OS X
-CVE-2011-3211
+CVE-2011-3211 (The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remo ...)
 	{DSA-2302-1}
 	- bcfg2 1.1.2-2 (bug #640028)
 	NOTE: information as reported by maintainer
-CVE-2011-3210
+CVE-2011-3210 (The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through  ...)
 	- openssl 1.0.0e-1
 	[lenny] - openssl 0.9.8g-15+lenny13
 	[squeeze] - openssl 0.9.8o-4squeeze3
-CVE-2011-3209
+CVE-2011-3209 (The div_long_long_rem implementation in include/asm-x86/div64.h in the ...)
 	- linux-2.6 2.6.26-1
-CVE-2011-3208
+CVE-2011-3208 (Stack-based buffer overflow in the split_wildmats function in nntpd.c  ...)
 	{DSA-2318-1}
 	- cyrus-imapd-2.2 2.4.11-1 (medium)
 	- cyrus-imapd-2.4 2.4.11-1 (medium)
 	- kolab-cyrus-imapd <removed> (medium)
 	[squeeze] - kolab-cyrus-imapd <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-3207
+CVE-2011-3207 (crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initial ...)
 	- openssl 1.0.0e-1
 	[squeeze] - openssl <not-affected> (only affects 1.0.0 through 1.0.0d)
 	[lenny] - openssl <not-affected> (only affects 1.0.0 through 1.0.0d)
-CVE-2011-3206
+CVE-2011-3206 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: RHQ
-CVE-2011-3205
+CVE-2011-3205 (Buffer overflow in the gopherToHTML function in gopher.cc in the Gophe ...)
 	{DSA-2304-1}
 	- squid3 3.1.15-1 (low; bug #639755)
 	- squid <not-affected> (Only a buffer overflow in Squid 3, see https://bugzilla.redhat.com/show_bug.cgi?id=734583#c4)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2011_3.txt
-CVE-2011-3204
+CVE-2011-3204 (hammerhead.cc in Hammerhead 2.1.4 allows local users to write to arbit ...)
 	- hammerhead <removed> (bug #639890)
 	[lenny] - hammerhead <no-dsa> (Minor issue)
 	[squeeze] - hammerhead <no-dsa> (Minor issue)
@@ -5395,158 +5395,158 @@ CVE-2011-3203 [Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution]
 CVE-2011-3202 [Jcow CMS 4.2 <= | Cross Site Scripting]
 	RESERVED
 	NOT-FOR-US: Jcow
-CVE-2011-3201
+CVE-2011-3201 (GNOME Evolution before 3.2.3 allows user-assisted remote attackers to  ...)
 	- evolution <unfixed> (unimportant)
 	NOTE: Any attacks still involve quite some social engineering
-CVE-2011-3200
+CVE-2011-3200 (Stack-based buffer overflow in the parseLegacySyslogMsg function in to ...)
 	- rsyslog 5.8.5-1 (low; bug #644611)
 	[squeeze] - rsyslog <no-dsa> (Minor issue)
 	[lenny] - rsyslog <no-dsa> (Minor issue)
 	NOTE: off-by-one/-two limited to 0 or :0
-CVE-2011-3199
+CVE-2011-3199 (Multiple cross-site scripting (XSS) vulnerabilities in Domain Technolo ...)
 	{DSA-2365-1}
 	- dtc 0.34.1-1 (bug #637584)
-CVE-2011-3198
+CVE-2011-3198 (Domain Technologie Control (DTC) before 0.34.1 includes a password in  ...)
 	{DSA-2365-1}
 	- dtc 0.34.1-1 (bug #637537)
-CVE-2011-3197
+CVE-2011-3197 (SQL injection vulnerability in Domain Technologie Control (DTC) before ...)
 	{DSA-2365-1}
 	- dtc 0.34.1-1 (bug #637487; bug #637498)
-CVE-2011-3196
+CVE-2011-3196 (The setup script in Domain Technologie Control (DTC) before 0.34.1 use ...)
 	{DSA-2365-1}
 	- dtc 0.34.1-1 (bug #637485)
-CVE-2011-3195
+CVE-2011-3195 (shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0. ...)
 	{DSA-2365-1}
 	- dtc 0.34.1-1 (bug #637477)
-CVE-2011-3194
+CVE-2011-3194 (Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt ...)
 	{DLA-117-1}
 	- qt4-x11 4:4.7.4-1 (bug #641738)
-CVE-2011-3193
+CVE-2011-3193 (Heap-based buffer overflow in the Lookup_MarkMarkPos function in the H ...)
 	{DLA-117-1}
 	- qt4-x11 4:4.7.4-1 (bug #641738)
 	- pango1.0 1.28.3-1
 	NOTE: affected code in pango1.0 removed earlier, but this is the version checked (lenny is affected)
-CVE-2011-3192
+CVE-2011-3192 (The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2. ...)
 	{DSA-2298-1}
 	- apache2 2.2.19-2
-CVE-2011-3191
+CVE-2011-3191 (Integer signedness error in the CIFSFindNext function in fs/cifs/cifss ...)
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-5
-CVE-2011-3190
+CVE-2011-3190 (Certain AJP protocol connector implementations in Apache Tomcat 7.0.0  ...)
 	{DSA-2401-1}
 	- tomcat6 6.0.35-1
 	- tomcat7 7.0.21-1
 	- tomcat5.5 <removed>
-CVE-2011-3189
+CVE-2011-3189 (The crypt function in PHP 5.3.7, when the MD5 hash type is used, retur ...)
 	- php5 5.3.8-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.3.7)
 	[lenny] - php5 <not-affected> (Introduced in 5.3.7)
-CVE-2011-3188
+CVE-2011-3188 (The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3 ...)
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-2
-CVE-2011-3187
+CVE-2011-3187 (The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip ...)
 	- rails <unfixed> (unimportant)
 	NOTE: X-Forwarded-For header is user supplied (like User-Agent)
-CVE-2011-3186
+CVE-2011-3186 (CRLF injection vulnerability in actionpack/lib/action_controller/respo ...)
 	{DSA-2301-1}
 	- rails 2.3.14
-CVE-2011-3185
+CVE-2011-3185 (gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted rem ...)
 	- pidgin <not-affected> (Windows-specific)
-CVE-2011-3184
+CVE-2011-3184 (The msn_httpconn_parse_data function in httpconn.c in the MSN protocol ...)
 	- pidgin 2.10.0-1 (unimportant)
 	NOTE: Only exploitable by a malicious MSN server to crash the client
 CVE-2011-3183
 	RESERVED
 	NOT-FOR-US: Concrete CMS
-CVE-2011-3182
+CVE-2011-3182 (PHP before 5.3.7 does not properly check the return values of the mall ...)
 	{DSA-2408-1}
 	- php5 5.3.7-1 (unimportant)
 	NOTE: exploitable by malicious scripts only
-CVE-2011-3181
+CVE-2011-3181 (Multiple cross-site scripting (XSS) vulnerabilities in the Tracking fe ...)
 	{DSA-2391-1}
 	- phpmyadmin 4:3.4.4-1
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-3180
+CVE-2011-3180 (kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 an ...)
 	NOT-FOR-US: Suse kiwi (different from python-kiwi)
-CVE-2011-3179
+CVE-2011-3179 (The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and ...)
 	NOT-FOR-US: Novell Messenger
-CVE-2011-3178
+CVE-2011-3178 (In the web ui of the openbuildservice before 2.3.0 a code injection of ...)
 	- open-build-service <not-affected> (Fixed before initial upload to Debian)
-CVE-2011-3177
+CVE-2011-3177 (The YaST2 network created files with world readable permissions which  ...)
 	NOT-FOR-US: YaST
-CVE-2011-3176
+CVE-2011-3176 (Stack-based buffer overflow in the Preboot Service in Novell ZENworks  ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2011-3175
+CVE-2011-3175 (Stack-based buffer overflow in the Preboot Service in Novell ZENworks  ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2011-3174
+CVE-2011-3174 (Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 Ac ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2011-3173
+CVE-2011-3173 (Stack-based buffer overflow in the GetDriverSettings function in nippl ...)
 	NOT-FOR-US: Novell Open Enterprise Server
-CVE-2011-3172
+CVE-2011-3172 (A vulnerability in pam_modules of SUSE SUSE Linux Enterprise allows at ...)
 	- libpam-unix2 <removed>
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=707645
 	NOTE: Issue was not fixed up to the version removed from unstable.
 	NOTE: Proposed update form SUSE: https://bugzilla.novell.com/attachment.cgi?id=441720
-CVE-2011-3171
+CVE-2011-3171 (Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly oth ...)
 	NOT-FOR-US: pure-FTPd add-on
-CVE-2011-3170
+CVE-2011-3170 (The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earl ...)
 	{DSA-2354-1}
 	- cups 1.5.0-8
 	NOTE: This ID is for an incomplete fix for CVE-2011-2896
-CVE-2011-3169
+CVE-2011-3169 (Unspecified vulnerability in the SMTP service implementation in HP TCP ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2011-3168
+CVE-2011-3168 (Unspecified vulnerability in the POP and IMAP service implementations  ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2011-3167
+CVE-2011-3167 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-3166
+CVE-2011-3166 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-3165
+CVE-2011-3165 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-3164
+CVE-2011-3164 (Unspecified vulnerability in HP-UX Containers (formerly HP-UX Secure R ...)
 	NOT-FOR-US: HP-UX
-CVE-2011-3163
+CVE-2011-3163 (HP MFP Digital Sending Software 4.9x through 4.91.21 allows local user ...)
 	NOT-FOR-US: HP MFP Digital Sending Software
-CVE-2011-3162
+CVE-2011-3162 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3161
+CVE-2011-3161 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3160
+CVE-2011-3160 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3159
+CVE-2011-3159 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3158
+CVE-2011-3158 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3157
+CVE-2011-3157 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3156
+CVE-2011-3156 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-3155
+CVE-2011-3155 (Unspecified vulnerability in HP Onboard Administrator (OA) 3.21 throug ...)
 	NOT-FOR-US: HP Onboard Administrator
-CVE-2011-3154
+CVE-2011-3154 (DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1 ...)
 	- update-manager <not-affected> (ubuntu-specific issue)
 	NOTE: see bug #650307
-CVE-2011-3153
+CVE-2011-3153 (dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows loca ...)
 	- lightdm 1.0.6-2
-CVE-2011-3152
+CVE-2011-3152 (DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87. ...)
 	- update-manager <not-affected> (ubuntu-specific issue)
 	NOTE: see bug #650307
 CVE-2011-3151
 	RESERVED
-CVE-2011-3150
+CVE-2011-3150 (Software Center in Ubuntu 11.10, 11.04 10.10 does not properly validat ...)
 	- software-center <not-affected> (ubuntu-specific issue)
 	NOTE: debian package does not contain the vulnerable purchaseview.py code, and probably won't ever as that's part of their commercial interface code
-CVE-2011-3149
+CVE-2011-3149 (The _expand_arg function in the pam_env module (modules/pam_env/pam_en ...)
 	{DSA-2326-1}
 	- pam 1.1.3-5
 	[lenny] - pam <not-affected> (user_env parsing not yet available)
-CVE-2011-3148
+CVE-2011-3148 (Stack-based buffer overflow in the _assemble_line function in modules/ ...)
 	{DSA-2326-1}
 	- pam 1.1.3-5
 	[lenny] - pam <not-affected> (user_env parsing not yet available)
 CVE-2011-3147
 	RESERVED
-CVE-2011-3146
+CVE-2011-3146 (librsvg before 2.34.1 uses the node name to identify the type of node, ...)
 	- librsvg 2.34.1-1
 	[squeeze] - librsvg <no-dsa> (Minor issue)
 	NOTE: http://git.gnome.org/browse/librsvg/commit/?id=34c95743ca692ea0e44778e41a7c0a129363de84
@@ -5556,64 +5556,64 @@ CVE-2011-3145
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
 	[lenny] - ecryptfs-utils <not-affected> (Vulnerable code not present)
-CVE-2011-3144
+CVE-2011-3144 (Cross-site scripting (XSS) vulnerability in Control Microsystems Clear ...)
 	NOT-FOR-US: Control Microsystems ClearSCADA
-CVE-2011-3143
+CVE-2011-3143 (Use-after-free vulnerability in Control Microsystems ClearSCADA 2005,  ...)
 	NOT-FOR-US: Control Microsystems ClearSCADA
-CVE-2011-3142
+CVE-2011-3142 (Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in W ...)
 	NOT-FOR-US: WellinTech KingView
-CVE-2011-3141
+CVE-2011-3141 (Buffer overflow in the InBatch BatchField ActiveX control for Invensys ...)
 	NOT-FOR-US: Wonderware InBatch
-CVE-2011-3140
+CVE-2011-3140 (IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and GX ...)
 	NOT-FOR-US: IBM Web Application Firewall
 CVE-2011-3139
 	REJECTED
-CVE-2011-3138
+CVE-2011-3138 (The LTPA STS module support implementation in IBM Tivoli Federated Ide ...)
 	NOT-FOR-US: Tivoli
-CVE-2011-3137
+CVE-2011-3137 (Unspecified vulnerability in the Management Console in IBM Tivoli Fede ...)
 	NOT-FOR-US: Tivoli
-CVE-2011-3136
+CVE-2011-3136 (Unspecified vulnerability in the Management Console in IBM Tivoli Fede ...)
 	NOT-FOR-US: Tivoli
-CVE-2011-3135
+CVE-2011-3135 (Unspecified vulnerability in the Runtime in IBM Tivoli Federated Ident ...)
 	NOT-FOR-US: Tivoli
-CVE-2011-3134
+CVE-2011-3134 (Unspecified vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, ...)
 	NOT-FOR-US: TIBCO Spotfire Server
-CVE-2011-3133
+CVE-2011-3133 (Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before 3 ...)
 	NOT-FOR-US: TIBCO Spotfire Server
-CVE-2011-3132
+CVE-2011-3132 (Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server 3.0. ...)
 	NOT-FOR-US: TIBCO Spotfire Server
-CVE-2011-3131
+CVE-2011-3131 (Xen 4.1.1 and earlier allows local guest OS kernels with control of a  ...)
 	{DSA-2582-1}
 	- xen 4.1.2-1
-CVE-2011-3130
+CVE-2011-3130 (wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before  ...)
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
-CVE-2011-3129
+CVE-2011-3129 (The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 be ...)
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
-CVE-2011-3128
+CVE-2011-3128 (WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached att ...)
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
-CVE-2011-3127
+CVE-2011-3127 (WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rend ...)
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
-CVE-2011-3126
+CVE-2011-3126 (WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote attacke ...)
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
-CVE-2011-3125
+CVE-2011-3125 (Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before ...)
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
-CVE-2011-3124
+CVE-2011-3124 (IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, a ...)
 	NOT-FOR-US: InfoSphere
-CVE-2011-3123
+CVE-2011-3123 (IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, a ...)
 	NOT-FOR-US: InfoSphere
-CVE-2011-3122
+CVE-2011-3122 (Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before ...)
 	{DSA-2470-1}
 	- wordpress 3.2.1+dfsg-1
 	NOTE: CVE allocated from the Wordpress 3.1.3 / 3.2 beta2 release announce
@@ -5630,164 +5630,164 @@ CVE-2011-3117
 	REJECTED
 CVE-2011-3116
 	REJECTED
-CVE-2011-3115
+CVE-2011-3115 (Google V8, as used in Google Chrome before 19.0.1084.52, allows remote ...)
 	- libv8 <not-affected> (Only affects >= 3.9, bug #687574)
-CVE-2011-3114
+CVE-2011-3114 (Multiple buffer overflows in the PDF functionality in Google Chrome be ...)
 	- chromium-browser <not-affected> (PDF functionality not built)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3113
+CVE-2011-3113 (The PDF functionality in Google Chrome before 19.0.1084.52 does not pr ...)
 	- chromium-browser <not-affected> (PDF functionality not built)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3112
+CVE-2011-3112 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
 	- chromium-browser <not-affected> (PDF functionality specific to Chrome)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3111
+CVE-2011-3111 (Google V8, as used in Google Chrome before 19.0.1084.52, allows remote ...)
 	- libv8 3.8.9.20-2 (bug #687574)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-3110
+CVE-2011-3110 (The PDF functionality in Google Chrome before 19.0.1084.52 allows remo ...)
 	- chromium-browser <not-affected> (PDF functionality not built)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3109
+CVE-2011-3109 (Google Chrome before 19.0.1084.52 on Linux does not properly perform a ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3108
+CVE-2011-3108 (Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allo ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3107
+CVE-2011-3107 (Google Chrome before 19.0.1084.52 does not properly implement JavaScri ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3106
+CVE-2011-3106 (The WebSockets implementation in Google Chrome before 19.0.1084.52 doe ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3105
+CVE-2011-3105 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) imple ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3104
+CVE-2011-3104 (Skia, as used in Google Chrome before 19.0.1084.52, allows remote atta ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3103
+CVE-2011-3103 (Google V8, as used in Google Chrome before 19.0.1084.52, does not prop ...)
 	- libv8 <not-affected> (Only affects >= 3.9, bug #687574)
-CVE-2011-3102
+CVE-2011-3102 (Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084 ...)
 	{DSA-2479-1}
 	- libxml2 2.7.8.dfsg-9.1 (bug #674191)
 	NOTE: http://git.gnome.org/browse/libxml2/commit/?id=d8e1faeaa99c7a7c07af01c1c72de352eb590a3e
-CVE-2011-3101
+CVE-2011-3101 (Google Chrome before 19.0.1084.46 on Linux does not properly mitigate  ...)
 	[squeeze] - chromium-browser <end-of-life>
 	- chromium-browser 20.0.1132.21~r139451-1
-CVE-2011-3100
+CVE-2011-3100 (Google Chrome before 19.0.1084.46 does not properly draw dash paths, w ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3099
+CVE-2011-3099 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3098
+CVE-2011-3098 (Google Chrome before 19.0.1084.46 on Windows uses an incorrect search  ...)
 	- chromium-browser <not-affected> (Windows-specific)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3097
+CVE-2011-3097 (The PDF functionality in Google Chrome before 19.0.1084.46 allows remo ...)
 	- chromium-browser <not-affected> (PDF functionality not built)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3096
+CVE-2011-3096 (Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on L ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3095
+CVE-2011-3095 (The OGG container in Google Chrome before 19.0.1084.46 allows remote a ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3094
+CVE-2011-3094 (Google Chrome before 19.0.1084.46 does not properly handle Tibetan tex ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3093
+CVE-2011-3093 (Google Chrome before 19.0.1084.46 does not properly handle glyphs, whi ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3092
+CVE-2011-3092 (The regex implementation in Google V8, as used in Google Chrome before ...)
 	- libv8 <not-affected> (Only affects >= 3.9, bug #687574)
-CVE-2011-3091
+CVE-2011-3091 (Use-after-free vulnerability in the IndexedDB implementation in Google ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3089
+CVE-2011-3089 (Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allo ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3088
+CVE-2011-3088 (Google Chrome before 19.0.1084.46 does not properly draw hairlines, wh ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3087
+CVE-2011-3087 (Google Chrome before 19.0.1084.46 does not properly perform window nav ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3086
+CVE-2011-3086 (Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allo ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3085
+CVE-2011-3085 (The Autofill feature in Google Chrome before 19.0.1084.46 does not pro ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3084
+CVE-2011-3084 (Google Chrome before 19.0.1084.46 does not use a dedicated process for ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3083
+CVE-2011-3083 (browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0. ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2011-3082
 	RESERVED
-CVE-2011-3081
+CVE-2011-3081 (Use-after-free vulnerability in Google Chrome before 18.0.1025.168 all ...)
 	- chromium-browser 18.0.1025.168~r134367-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3080
+CVE-2011-3080 (Race condition in the Inter-process Communication (IPC) implementation ...)
 	- chromium-browser 18.0.1025.168~r134367-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3079
+CVE-2011-3079 (The Inter-process Communication (IPC) implementation in Google Chrome  ...)
 	{DSA-3260-1}
 	- chromium-browser 18.0.1025.168~r134367-1
 	[squeeze] - chromium-browser <end-of-life>
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
 	- icedove <not-affected> (Only affects Thunderbird on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-57/
-CVE-2011-3078
+CVE-2011-3078 (Use-after-free vulnerability in Google Chrome before 18.0.1025.168 all ...)
 	- chromium-browser 18.0.1025.168~r134367-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3077
+CVE-2011-3077 (Use-after-free vulnerability in Google Chrome before 18.0.1025.151 all ...)
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3076
+CVE-2011-3076 (Use-after-free vulnerability in Google Chrome before 18.0.1025.151 all ...)
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3075
+CVE-2011-3075 (Use-after-free vulnerability in Google Chrome before 18.0.1025.151 all ...)
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3074
+CVE-2011-3074 (Use-after-free vulnerability in Google Chrome before 18.0.1025.151 all ...)
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3073
+CVE-2011-3073 (Use-after-free vulnerability in Google Chrome before 18.0.1025.151 all ...)
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3072
+CVE-2011-3072 (Google Chrome before 18.0.1025.151 allows remote attackers to bypass t ...)
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3071
+CVE-2011-3071 (Use-after-free vulnerability in the HTMLMediaElement implementation in ...)
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3070
+CVE-2011-3070 (Use-after-free vulnerability in Google Chrome before 18.0.1025.151 all ...)
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3069
+CVE-2011-3069 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) imple ...)
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3068
+CVE-2011-3068 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) imple ...)
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3067
+CVE-2011-3067 (Google Chrome before 18.0.1025.151 allows remote attackers to bypass t ...)
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3066
+CVE-2011-3066 (Skia, as used in Google Chrome before 18.0.1025.151, does not properly ...)
 	- chromium-browser 18.0.1025.151~r130497-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3065
+CVE-2011-3065 (Skia, as used in Google Chrome before 18.0.1025.142, allows remote att ...)
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3064
+CVE-2011-3064 (Use-after-free vulnerability in Google Chrome before 18.0.1025.142 all ...)
 	[squeeze] - chromium-browser <end-of-life>
 	- chromium-browser 18.0.1025.142~r129054-1
-CVE-2011-3063
+CVE-2011-3063 (Google Chrome before 18.0.1025.142 does not properly validate the rend ...)
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3062
+CVE-2011-3062 (Off-by-one error in the OpenType Sanitizer in Google Chrome before 18. ...)
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
 	- icedove 10.0.4-1
@@ -5796,99 +5796,99 @@ CVE-2011-3062
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2011-3061
+CVE-2011-3061 (Google Chrome before 18.0.1025.142 does not properly check X.509 certi ...)
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3060
+CVE-2011-3060 (Google Chrome before 18.0.1025.142 does not properly handle text fragm ...)
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3059
+CVE-2011-3059 (Google Chrome before 18.0.1025.142 does not properly handle SVG text e ...)
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3058
+CVE-2011-3058 (Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP ...)
 	- chromium-browser 18.0.1025.142~r129054-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3057
+CVE-2011-3057 (Google V8, as used in Google Chrome before 17.0.963.83, allows remote  ...)
 	- libv8 3.8.9.20-1 (bug #687574)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=117794
 	NOTE: access restricted to chrome/libv8 bug log, so uncheckable
-CVE-2011-3056
+CVE-2011-3056 (Google Chrome before 17.0.963.83 allows remote attackers to bypass the ...)
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3055
+CVE-2011-3055 (The browser native UI in Google Chrome before 17.0.963.83 does not req ...)
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3054
+CVE-2011-3054 (The WebUI privilege implementation in Google Chrome before 17.0.963.83 ...)
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3053
+CVE-2011-3053 (Use-after-free vulnerability in Google Chrome before 17.0.963.83 allow ...)
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3052
+CVE-2011-3052 (The WebGL implementation in Google Chrome before 17.0.963.83 does not  ...)
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3051
+CVE-2011-3051 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) imple ...)
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3050
+CVE-2011-3050 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) imple ...)
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3049
+CVE-2011-3049 (Google Chrome before 17.0.963.83 does not properly restrict the extens ...)
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3048
+CVE-2011-3048 (The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, ...)
 	{DSA-2446-1}
 	- libpng 1.2.49-1 (bug #667475)
-CVE-2011-3047
+CVE-2011-3047 (The GPU process in Google Chrome before 17.0.963.79 allows remote atta ...)
 	- chromium-browser 17.0.963.83~r127885-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3046
+CVE-2011-3046 (The extension subsystem in Google Chrome before 17.0.963.78 does not p ...)
 	- chromium-browser 17.0.963.78~r125577-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3045
+CVE-2011-3045 (Integer signedness error in the png_inflate function in pngrutil.c in  ...)
 	{DSA-2439-1}
 	- libpng 1.2.47-2 (bug #665208; high)
-CVE-2011-3044
+CVE-2011-3044 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 allow ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3043
+CVE-2011-3043 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 allow ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3042
+CVE-2011-3042 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 allow ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3041
+CVE-2011-3041 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 allow ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3040
+CVE-2011-3040 (Google Chrome before 17.0.963.65 does not properly handle text, which  ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3039
+CVE-2011-3039 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 allow ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3038
+CVE-2011-3038 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 allow ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3037
+CVE-2011-3037 (Google Chrome before 17.0.963.65 does not properly perform casts of un ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3036
+CVE-2011-3036 (Google Chrome before 17.0.963.65 does not properly perform a cast of a ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3035
+CVE-2011-3035 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 allow ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3034
+CVE-2011-3034 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 allow ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3033
+CVE-2011-3033 (Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65,  ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3032
+CVE-2011-3032 (Use-after-free vulnerability in Google Chrome before 17.0.963.65 allow ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3031
+CVE-2011-3031 (Use-after-free vulnerability in the element wrapper in Google V8, as u ...)
 	- chromium-browser 17.0.963.66~r124982-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2011-3030
@@ -5897,99 +5897,99 @@ CVE-2011-3029
 	RESERVED
 CVE-2011-3028
 	RESERVED
-CVE-2011-3027
+CVE-2011-3027 (Google Chrome before 17.0.963.56 does not properly perform a cast of a ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3026
+CVE-2011-3026 (Integer overflow in libpng, as used in Google Chrome before 17.0.963.5 ...)
 	{DSA-2410-1}
 	- libpng 1.2.46-5 (high; bug #660026)
-CVE-2011-3025
+CVE-2011-3025 (Google Chrome before 17.0.963.56 does not properly parse H.264 data, w ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3024
+CVE-2011-3024 (Google Chrome before 17.0.963.56 allows remote attackers to cause a de ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3023
+CVE-2011-3023 (Use-after-free vulnerability in Google Chrome before 17.0.963.56 allow ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3022
+CVE-2011-3022 (translate/translate_manager.cc in Google Chrome before 17.0.963.56 and ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3021
+CVE-2011-3021 (Use-after-free vulnerability in Google Chrome before 17.0.963.56 allow ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3020
+CVE-2011-3020 (Unspecified vulnerability in the Native Client validator implementatio ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3019
+CVE-2011-3019 (Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows  ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3018
+CVE-2011-3018 (Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows  ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3017
+CVE-2011-3017 (Use-after-free vulnerability in Google Chrome before 17.0.963.56 allow ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3016
+CVE-2011-3016 (Use-after-free vulnerability in Google Chrome before 17.0.963.56 allow ...)
 	- chromium-browser 17.0.963.56~r121963-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-3015
+CVE-2011-3015 (Multiple integer overflows in the PDF codecs in Google Chrome before 1 ...)
 	- chromium-browser <not-affected> (PDF functionality not built)
-CVE-2011-3014
+CVE-2011-3014 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1 ...)
 	NOT-FOR-US: Novell Data Synchronizer
-CVE-2011-3013
+CVE-2011-3013 (WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1 ...)
 	NOT-FOR-US: Novell Data Synchronizer
-CVE-2011-3012
+CVE-2011-3012 (The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremu ...)
 	- openarena 0.8.5-5+exp1
 	NOTE: Current openarena packages use the share ioquake3 engine
 	[squeeze] - openarena <no-dsa> (Minor issue, will be fixed in point update)
 	- ioquake3 1.36+svn1946-4
 	- tremulous 1.1.0-6 (bug #660836)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2011-3011
+CVE-2011-3011 (BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle  ...)
 	NOT-FOR-US: CA ARCserve D2D
-CVE-2011-3010
+CVE-2011-3010 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5. ...)
 	- twiki <removed>
-CVE-2011-3009
+CVE-2011-3009 (Ruby before 1.8.6-p114 does not reset the random seed upon forking, wh ...)
 	- ruby1.8 1.8.7.352-1
 	[squeeze] - ruby1.8 1.8.7.302-2squeeze2
-CVE-2011-3008
+CVE-2011-3008 (The default configuration of Avaya Secure Access Link (SAL) Gateway 1. ...)
 	NOT-FOR-US: Avaya Secure Access Link Gateway
-CVE-2011-3007
+CVE-2011-3007 (The myCIOScn ActiveX control (myCIOScn.dll) in McAfee SaaS Endpoint Pr ...)
 	NOT-FOR-US: McAfee SaaS
-CVE-2011-3006
+CVE-2011-3006 (The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS E ...)
 	NOT-FOR-US: McAfee SaaS
-CVE-2011-3005
+CVE-2011-3005 (Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunder ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3004
+CVE-2011-3004 (The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey b ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3003
+CVE-2011-3003 (Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attac ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3002
+CVE-2011-3002 (Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefo ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3001
+CVE-2011-3001 (Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey b ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3000
+CVE-2011-3000 (Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7. ...)
 	{DSA-2317-1 DSA-2313-1 DSA-2312-1}
 	- icedove 3.1.15-1
 	[lenny] - icedove <end-of-life>
@@ -5999,7 +5999,7 @@ CVE-2011-3000
 	- iceape 2.0.14-8
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2999
+CVE-2011-2999 (Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6. ...)
 	{DSA-2317-1 DSA-2313-1 DSA-2312-1}
 	- icedove 3.1.15-1
 	[lenny] - icedove <end-of-life>
@@ -6009,7 +6009,7 @@ CVE-2011-2999
 	- iceape 2.0.14-8
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2998
+CVE-2011-2998 (Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote ...)
 	{DSA-2317-1 DSA-2313-1 DSA-2312-1}
 	- icedove 3.1.15-1
 	[lenny] - icedove <end-of-life>
@@ -6020,18 +6020,18 @@ CVE-2011-2998
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: Only affects firefox 3.6 code base, not 4.0 oder later
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2997
+CVE-2011-2997 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- xulrunner <not-affected> (Only affects Firefox 6)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox 6)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 6)
 	- iceape <not-affected> (Only affects Firefox 6)
-CVE-2011-2996
+CVE-2011-2996 (Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x b ...)
 	- icedove <not-affected> (Only affects MacOS)
 	- xulrunner <not-affected> (Only affects MacOS)
 	- iceweasel <not-affected> (Only affects MacOS)
 	- iceape <not-affected> (Only affects MacOS)
-CVE-2011-2995
+CVE-2011-2995 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2317-1 DSA-2313-1 DSA-2312-1}
 	- icedove 3.1.15-1
 	[lenny] - icedove <end-of-life>
@@ -6043,65 +6043,65 @@ CVE-2011-2995
 	NOTE: xulrunner in wheezy is not covered by security support
 CVE-2011-2994
 	RESERVED
-CVE-2011-2993
+CVE-2011-2993 (The implementation of digital signatures for JAR files in Mozilla Fire ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2992
+CVE-2011-2992 (The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2991
+CVE-2011-2991 (The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x bef ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2990
+CVE-2011-2990 (The implementation of Content Security Policy (CSP) violation reports  ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-2989
+CVE-2011-2989 (The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x bef ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2988
+CVE-2011-2988 (Buffer overflow in an unspecified string class in the WebGL shader imp ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2987
+CVE-2011-2987 (Heap-based buffer overflow in Almost Native Graphics Layer Engine (ANG ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2986
+CVE-2011-2986 (Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x bef ...)
 	- xulrunner <not-affected> (Only affects Windows)
 	- iceweasel <not-affected> (Only affects Windows)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2985
+CVE-2011-2985 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 6.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 	- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2984
+CVE-2011-2984 (Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3 ...)
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
 	[lenny] - icedove <end-of-life>
@@ -6112,7 +6112,7 @@ CVE-2011-2984
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2983
+CVE-2011-2983 (Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12,  ...)
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
 	[lenny] - icedove <end-of-life>
@@ -6123,7 +6123,7 @@ CVE-2011-2983
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2982
+CVE-2011-2982 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
 	[lenny] - icedove <end-of-life>
@@ -6134,7 +6134,7 @@ CVE-2011-2982
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2981
+CVE-2011-2981 (The event-management implementation in Mozilla Firefox before 3.6.20,  ...)
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
 	[lenny] - icedove <end-of-life>
@@ -6145,23 +6145,23 @@ CVE-2011-2981
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2980
+CVE-2011-2980 (Untrusted search path vulnerability in the ThinkPadSensor::Startup fun ...)
 	- icedove <not-affected> (Only affects Windows)
 	- xulrunner <not-affected> (Only affects Windows)
 	- iceweasel <not-affected> (Only affects Windows)
-CVE-2011-2979
+CVE-2011-2979 (Bugzilla 4.1.x before 4.1.3 generates different responses for certain  ...)
 	{DSA-2322-1}
 	- bugzilla <not-affected> (Only affects Bugzilla 4.1, never uploaded to the archive)
-CVE-2011-2978
+CVE-2011-2978 (Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4 ...)
 	{DSA-2322-1}
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla 3.6.2.0-4.4
-CVE-2011-2977
+CVE-2011-2977 (Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x befo ...)
 	- bugzilla <not-affected> (Only affects Bugzilla on Windows)
-CVE-2011-2976
+CVE-2011-2976 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through 2 ...)
 	- bugzilla 3.6.1.0-0.1 (low)
 	NOTE: Fixed in 3.5.1, but 3.6.1 was first fixed upload to archive
-CVE-2011-2975
+CVE-2011-2975 (Double free vulnerability in the msAddImageSymbol function in mapsymbo ...)
 	- mapserver 6.0.1-1
 	[lenny] - mapserver <not-affected> (Vulnerable code not present)
 	[squeeze] - mapserver <not-affected> (Vulnerable code not present)
@@ -6185,79 +6185,79 @@ CVE-2011-2966
 	REJECTED
 CVE-2011-2965
 	REJECTED
-CVE-2011-2964
+CVE-2011-2964 (foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 al ...)
 	{DSA-2380-1}
 	- foomatic-filters 4.0.9-1
 	NOTE: There two implementation of the affected filter: the version from foomatic-filters
 	NOTE: 4.0 is written in C and has been assigned CVE-2011-2964 and the version in
 	NOTE: foomatic-filters 3.x is written in Perl and has been assigned CVE-2011-2697
 	NOTE: Fixed in foomatic-filters 4.0.8
-CVE-2011-2963
+CVE-2011-2963 (TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not  ...)
 	NOT-FOR-US: Progea Movicon
-CVE-2011-2962
+CVE-2011-2962 (Multiple stack-based buffer overflows in Invensys Wonderware Informati ...)
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2011-2961
+CVE-2011-2961 (Heap-based buffer overflow in AngelServer.exe 6.0.11.3 in Sunway pNetP ...)
 	NOT-FOR-US: Sunway pNetPower
-CVE-2011-2960
+CVE-2011-2960 (Heap-based buffer overflow in httpsvr.exe 6.0.5.3 in Sunway ForceContr ...)
 	NOT-FOR-US: Sunway ForceControl
-CVE-2011-2959
+CVE-2011-2959 (Stack-based buffer overflow in the Open Database Connectivity (ODBC) s ...)
 	NOT-FOR-US: 7-Technologies Interactive Graphical SCADA System (IGSS)
-CVE-2011-2958
+CVE-2011-2958 (Multiple cross-site scripting (XSS) vulnerabilities in Ecava IntegraXo ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2011-2957
+CVE-2011-2957 (Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnosti ...)
 	NOT-FOR-US: Rockwell Automation FactoryTalk Diagnostics Viewer
-CVE-2011-2956
+CVE-2011-2956 (AzeoTech DAQFactory before 5.85 (Build 1842) does not perform authenti ...)
 	NOT-FOR-US: AzeoTech DAQFactory
 CVE-2011-XXXX [rtkit: failure to drop supplemental groups]
 	- rtkit 0.10-2
 CVE-2011-XXXX [minissdpd multiple issues]
 	- minissdpd 1.0.20110729-1 (bug #635836)
-CVE-2011-2955
+CVE-2011-2955 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 1 ...)
 	NOT-FOR-US: RealNetworks RealPlayer 11.0
-CVE-2011-2954
+CVE-2011-2954 (Use-after-free vulnerability in the AutoUpdate feature in RealNetworks ...)
 	NOT-FOR-US: RealNetworks RealPlayer 11.0
-CVE-2011-2953
+CVE-2011-2953 (An unspecified ActiveX control in the browser plugin in RealNetworks R ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2952
+CVE-2011-2952 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 1 ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2951
+CVE-2011-2951 (Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0. ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2950
+CVE-2011-2950 (Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlaye ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2949
+CVE-2011-2949 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2948
+CVE-2011-2948 (RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, R ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2947
+CVE-2011-2947 (Cross-zone scripting vulnerability in the RealPlayer ActiveX control i ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2946
+CVE-2011-2946 (Unspecified vulnerability in an ActiveX control in RealNetworks RealPl ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2945
+CVE-2011-2945 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11. ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-2944
+CVE-2011-2944 (SQL injection vulnerability in login.php in MegaLab The Uploader befor ...)
 	NOT-FOR-US: MegaLab The Uploader
-CVE-2011-2943
+CVE-2011-2943 (The irc_msg_who function in msgs.c in the IRC protocol plugin in libpu ...)
 	- pidgin 2.10.0-1 (bug #638709)
 	[squeeze] - pidgin <not-affected> (Only affects 2.8 to 2.10)
 	[lenny] - pidgin <not-affected> (Only affects 2.8 to 2.10)
-CVE-2011-2942
+CVE-2011-2942 (A certain Red Hat patch to the __br_deliver function in net/bridge/br_ ...)
 	- linux-2.6 <not-affected> (RHEL-specific backport issue)
-CVE-2011-2941
+CVE-2011-2941 (Open redirect vulnerability in Red Hat JBoss Enterprise Portal Platfor ...)
 	NOT-FOR-US: JBoss Enterprise Portal Platform
-CVE-2011-2940
+CVE-2011-2940 (stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrar ...)
 	- stunnel4 3:4.42-1 (bug #638758)
 	[squeeze] - stunnel4 <not-affected> (Only 4.4x affected)
 	[lenny] - stunnel4 <not-affected> (Only 4.4x affected)
-CVE-2011-2939
+CVE-2011-2939 (Off-by-one error in the decode_xs function in Unicode/Unicode.xs in th ...)
 	- perl 5.12.4-4 (low; bug #637376)
 	[squeeze] - perl 5.10.1-17squeeze3
 	[lenny] - perl <no-dsa> (Minor issue)
 	- libencode-perl 2.44-1 (low)
-CVE-2011-2938
+CVE-2011-2938 (Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php  ...)
 	- mantis 1.2.6-1 (bug #638321)
 	[squeeze] - mantis <not-affected> (Only affects Mantis 1.1)
 	[lenny] - mantis <not-affected> (Only affects Mantis 1.1)
-CVE-2011-2937
+CVE-2011-2937 (Cross-site scripting (XSS) vulnerability in the UI messages functional ...)
 	- roundcube 0.5.4+dfsg-1 (low; bug #641996)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
 CVE-2011-2936
@@ -6272,25 +6272,25 @@ CVE-2011-2934
 CVE-2011-2933
 	RESERVED
 	NOT-FOR-US: WebsiteBaker
-CVE-2011-2932
+CVE-2011-2932 (Cross-site scripting (XSS) vulnerability in activesupport/lib/active_s ...)
 	{DSA-2655-1}
 	- rails 2.3.14
-CVE-2011-2931
+CVE-2011-2931 (Cross-site scripting (XSS) vulnerability in the strip_tags helper in a ...)
 	{DSA-2301-1}
 	- rails 2.3.14
-CVE-2011-2930
+CVE-2011-2930 (Multiple SQL injection vulnerabilities in the quote_table_name method  ...)
 	{DSA-2301-1}
 	- rails 2.3.14
-CVE-2011-2929
+CVE-2011-2929 (The template selection functionality in actionpack/lib/action_view/tem ...)
 	- rails <not-affected> (Only affects RoR 3.0 and above)
-CVE-2011-2928
+CVE-2011-2928 (The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kerne ...)
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-2
-CVE-2011-2927
+CVE-2011-2927 (Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6,  ...)
 	NOT-FOR-US: Red Hat Network Satellite server
 CVE-2011-2926
 	RESERVED
-CVE-2011-2925
+CVE-2011-2925 (Cumin in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0 re ...)
 	NOT-FOR-US: Cumin
 CVE-2011-2924
 	RESERVED
@@ -6306,33 +6306,33 @@ CVE-2011-2922
 CVE-2011-2921
 	RESERVED
 	- ktsuss <removed>
-CVE-2011-2920
+CVE-2011-2920 (Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6,  ...)
 	NOT-FOR-US: Red Hat Network Satellite server
-CVE-2011-2919
+CVE-2011-2919 (Cross-site scripting (XSS) vulnerability in Spacewalk 1.6, as used in  ...)
 	NOT-FOR-US: Red Hat Network Satellite server
-CVE-2011-2918
+CVE-2011-2918 (The Performance Events subsystem in the Linux kernel before 3.1 does n ...)
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-2
 	[lenny] - linux-2.6 <not-affected> (perf not yet present)
-CVE-2011-2917
+CVE-2011-2917 (SQL injection vulnerability in administrator/index2.php in Mambo CMS 4 ...)
 	NOT-FOR-US: Mambo
 CVE-2011-2916
 	RESERVED
 	- qtnx <removed> (low; bug #637439)
 	[squeeze] - qtnx <no-dsa> (Minor issue)
-CVE-2011-2915
+CVE-2011-2915 (Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams. ...)
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1
-CVE-2011-2914
+CVE-2011-2914 (Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.c ...)
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1
-CVE-2011-2913
+CVE-2011-2913 (Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.c ...)
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1
-CVE-2011-2912
+CVE-2011-2912 (Stack-based buffer overflow in the CSoundFile::ReadS3M function in src ...)
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1
-CVE-2011-2911
+CVE-2011-2911 (Integer overflow in the CSoundFile::ReadWav function in src/load_wav.c ...)
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1
 CVE-2011-2910
@@ -6340,110 +6340,110 @@ CVE-2011-2910
 	- ax25-tools 0.0.8-13.2 (low; bug #638198)
 	[lenny] - ax25-tools <no-dsa> (Minor issue)
 	[squeeze] - ax25-tools <no-dsa> (Minor issue)
-CVE-2011-2909
+CVE-2011-2909 (The do_devinfo_ioctl function in drivers/staging/comedi/comedi_fops.c  ...)
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-2
-CVE-2011-2908
+CVE-2011-2908 (Cross-site request forgery (CSRF) vulnerability in the JMX Console (jm ...)
 	NOT-FOR-US: JBoss Enterprise Application Platform
-CVE-2011-2907
+CVE-2011-2907 (Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource  ...)
 	- torque 2.4.15+dfsg-1
 	[squeeze] - torque <no-dsa> (Not fixable, would need an update to a release with MUNGE support, clusters typically run in locked down environments)
-CVE-2011-2906
+CVE-2011-2906 (** DISPUTED ** Integer signedness error in the pmcraid_ioctl_passthrou ...)
 	NOT-FOR-US: ** REJECT **
-CVE-2011-2905
+CVE-2011-2905 (Untrusted search path vulnerability in the perf_config function in too ...)
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-2
 	[lenny] - linux-2.6 <not-affected> (perf not yet present)
-CVE-2011-2904
+CVE-2011-2904 (Cross-site scripting (XSS) vulnerability in acknow.php in Zabbix befor ...)
 	- zabbix 1:1.8.6-1
 	[squeeze] - zabbix <no-dsa> (Will be handled through point update)
-CVE-2011-2903
+CVE-2011-2903 (Heap-based buffer overflow in tcptrack before 1.4.2 might allow attack ...)
 	- tcptrack 1.4.2-1 (unimportant; bug #551092)
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=377917
-CVE-2011-2902
+CVE-2011-2902 (zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-1 ...)
 	- xpdf 3.02-19 (low; bug #635849)
 	[lenny] - xpdf <no-dsa> (zxpdf script is indeed affected, but it's not associated with pdf handling by default, so not a concern for remote abuse)
 	[squeeze] - xpdf 3.02-12+squeeze1
-CVE-2011-2901
+CVE-2011-2901 (Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows  ...)
 	- xen <not-affected> (Only affects Xen <= 3.3)
 	- xen-3 <removed>
-CVE-2011-2900
+CVE-2011-2900 (Stack-based buffer overflow in the (1) put_dir function in mongoose.c  ...)
 	NOT-FOR-US: Mongoose
-CVE-2011-2899
+CVE-2011-2899 (pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic ...)
 	- foomatic-gui 0.7.9.5 (low)
 	- system-config-printer <not-affected> (Vulnerable code not present; bug #639243)
 	[squeeze] - system-config-printer <not-affected> (Vulnerable code not present)
 	[lenny] - system-config-printer <no-dsa> (Minor issue)
-CVE-2011-2898
+CVE-2011-2898 (net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not pr ...)
 	{DSA-2389-1}
 	- linux-2.6 3.0.0-1
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.27)
 CVE-2011-2897
 	RESERVED
 	- gdk-pixbuf <not-affected> (This only applies to the old standalone copy shipped until Lenny)
-CVE-2011-2896
+CVE-2011-2896 (The LZW decompressor in the LWZReadByte function in giftoppm.c in the  ...)
 	{DSA-2426-1 DSA-2354-1}
 	- cups 1.5.0-8
 	- gimp 2.6.11-5 (bug #643753)
-CVE-2011-2895
+CVE-2011-2895 (The LZW decompressor in (1) the BufCompressedFill function in fontfile ...)
 	{DSA-2293-1}
 	- libxfont 1:1.4.4-1
-CVE-2011-2894
+CVE-2011-2894 (Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3. ...)
 	- libspring-security-2.0-java 2.0.7.RELEASE-1 (bug #670901)
 	[squeeze] - libspring-security-2.0-java <no-dsa> (Minor issue)
-CVE-2011-2893
+CVE-2011-2893 (The DataPilot feature in IBM Lotus Symphony 3 before FP3 allows user-a ...)
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-2892
+CVE-2011-2892 (Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a fr ...)
 	NOT-FOR-US: Joomla!
-CVE-2011-2891
+CVE-2011-2891 (Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Joomla!
-CVE-2011-2890
+CVE-2011-2890 (The MediaViewMedia class in administrator/components/com_media/views/m ...)
 	NOT-FOR-US: Joomla!
-CVE-2011-2889
+CVE-2011-2889 (templates/system/error.php in Joomla! before 1.5.23 might allow remote ...)
 	NOT-FOR-US: Joomla!
-CVE-2011-2888
+CVE-2011-2888 (IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a den ...)
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-2887
+CVE-2011-2887 (IBM Lotus Symphony 3 before FP3 on Linux allows remote attackers to ca ...)
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-2886
+CVE-2011-2886 (IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a den ...)
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-2885
+CVE-2011-2885 (IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a den ...)
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-2884
+CVE-2011-2884 (Multiple unspecified vulnerabilities in IBM Lotus Symphony 3 before FP ...)
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2011-2883
+CVE-2011-2883 (The NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Ga ...)
 	NOT-FOR-US: Citrix Access Gateway
-CVE-2011-2882
+CVE-2011-2882 (Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control i ...)
 	NOT-FOR-US: Citrix Access Gateway
-CVE-2011-2881
+CVE-2011-2881 (Google Chrome before 14.0.835.202 does not properly handle Google V8 h ...)
 	- chromium-browser <not-affected> (chromium uses libv8 system copy)
 	- libv8 3.8.9.20-1 (bug #687574)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=97784
 	NOTE: access restricted to chrome/libv8 bug log, so uncheckable
-CVE-2011-2880
+CVE-2011-2880 (Use-after-free vulnerability in Google Chrome before 14.0.835.202 allo ...)
 	- chromium-browser 14.0.835.202~r103287-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/95667
 	NOTE: http://trac.webkit.org/changeset/95689
 	NOTE: http://trac.webkit.org/changeset/95728
-CVE-2011-2879
+CVE-2011-2879 (Google Chrome before 14.0.835.202 does not properly consider object li ...)
 	- chromium-browser 14.0.835.202~r103287-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/94984
-CVE-2011-2878
+CVE-2011-2878 (Google Chrome before 14.0.835.202 does not properly restrict access to ...)
 	- chromium-browser 14.0.835.202~r103287-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/95488
-CVE-2011-2877
+CVE-2011-2877 (Google Chrome before 14.0.835.202 does not properly handle SVG text, w ...)
 	- chromium-browser 14.0.835.202~r103287-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/94508
-CVE-2011-2876
+CVE-2011-2876 (Use-after-free vulnerability in Google Chrome before 14.0.835.202 allo ...)
 	- chromium-browser 14.0.835.202~r103287-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/95600
-CVE-2011-2875
+CVE-2011-2875 (Google V8, as used in Google Chrome before 14.0.835.163, does not prop ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (libv8 issue)
@@ -6451,529 +6451,529 @@ CVE-2011-2875
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://code.google.com/p/chromium/issues/detail?id=95920
 	NOTE: access restricted to chrome/libv8 bug log, so uncheckable
-CVE-2011-2874
+CVE-2011-2874 (Google Chrome before 14.0.835.163 does not perform an expected pin ope ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2873
+CVE-2011-2873 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2872
+CVE-2011-2872 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2871
+CVE-2011-2871 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2870
+CVE-2011-2870 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2869
+CVE-2011-2869 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2868
+CVE-2011-2868 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2867
+CVE-2011-2867 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
-CVE-2011-2866
+CVE-2011-2866 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle  ...)
 	NOT-FOR-US: Apple WebKit
 	NOTE: reported by google, likely duplicate
 CVE-2011-2865
 	RESERVED
-CVE-2011-2864
+CVE-2011-2864 (Google Chrome before 14.0.835.163 does not properly handle Tibetan cha ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 CVE-2011-2863
 	RESERVED
-CVE-2011-2862
+CVE-2011-2862 (Google V8, as used in Google Chrome before 14.0.835.163, does not prop ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2861
+CVE-2011-2861 (Google Chrome before 14.0.835.163 does not properly handle strings in  ...)
 	- chromium-browser <not-affected> (pdf plugin)
-CVE-2011-2860
+CVE-2011-2860 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 allo ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/93794
-CVE-2011-2859
+CVE-2011-2859 (Google Chrome before 14.0.835.163 uses incorrect permissions for non-g ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2858
+CVE-2011-2858 (Google Chrome before 14.0.835.163 does not properly handle triangle ar ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2857
+CVE-2011-2857 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 allo ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/93514
-CVE-2011-2856
+CVE-2011-2856 (Google V8, as used in Google Chrome before 14.0.835.163, allows remote ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected> (uses libv8 system copy)
 	- webkit <not-affected>
 	- libv8 3.4.14.21-1
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-2855
+CVE-2011-2855 (Google Chrome before 14.0.835.163 does not properly handle Cascading S ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/93227
-CVE-2011-2854
+CVE-2011-2854 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 allo ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/94109
 	NOTE: http://trac.webkit.org/changeset/94543
-CVE-2011-2853
+CVE-2011-2853 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 allo ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2852
+CVE-2011-2852 (Off-by-one error in Google V8, as used in Google Chrome before 14.0.83 ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected> (uses libv8 system copy)
 	- webkit <not-affected>
 	- libv8 3.4.14.21-1
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-2851
+CVE-2011-2851 (Google Chrome before 14.0.835.163 does not properly handle video, whic ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2850
+CVE-2011-2850 (Google Chrome before 14.0.835.163 does not properly handle Khmer chara ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2849
+CVE-2011-2849 (The WebSockets implementation in Google Chrome before 14.0.835.163 all ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2848
+CVE-2011-2848 (Google Chrome before 14.0.835.163 allows user-assisted remote attacker ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2847
+CVE-2011-2847 (Use-after-free vulnerability in the document loader in Google Chrome b ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/93521
-CVE-2011-2846
+CVE-2011-2846 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 allo ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-2845
+CVE-2011-2845 (Google Chrome before 15.0.874.102 does not properly handle history dat ...)
 	- chromium-browser 15.0.874.106~r107270-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2011-2844
+CVE-2011-2844 (Google Chrome before 14.0.835.163 does not properly process MP3 files, ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected>
-CVE-2011-2843
+CVE-2011-2843 (Google Chrome before 14.0.835.163 does not properly handle media buffe ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2842
+CVE-2011-2842 (The installer in Google Chrome before 14.0.835.163 on Mac OS X does no ...)
 	- chromium-browser <not-affected>
 	- webkit <not-affected>
-CVE-2011-2841
+CVE-2011-2841 (Google Chrome before 14.0.835.163 does not properly perform garbage co ...)
 	- chromium-browser <not-affected> (pdf plugin)
 	- webkit <not-affected>
-CVE-2011-2840
+CVE-2011-2840 (Google Chrome before 14.0.835.163 allows user-assisted remote attacker ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/90164
-CVE-2011-2839
+CVE-2011-2839 (The PDF implementation in Google Chrome before 13.0.782.215 on Linux d ...)
 	- chromium-browser <not-affected> (Pdf plugin)
-CVE-2011-2838
+CVE-2011-2838 (Google Chrome before 14.0.835.163 does not properly consider the MIME  ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2837
+CVE-2011-2837 (Google Chrome before 14.0.835.163 on Linux does not use the PIC and PI ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2836
+CVE-2011-2836 (Google Chrome before 14.0.835.163 does not require Infobar interaction ...)
 	- chromium-browser 14.0.835.163~r101024-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2835
+CVE-2011-2835 (Race condition in Google Chrome before 14.0.835.163 allows attackers t ...)
 	- chromium-browser 14.0.835.163~r101024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected>
-CVE-2011-2834
+CVE-2011-2834 (Double free vulnerability in libxml2, as used in Google Chrome before  ...)
 	{DSA-2394-1}
 	- libxml2 2.7.8.dfsg-5 (low; bug #643648)
-CVE-2011-2833
+CVE-2011-2833 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2832
 	RESERVED
-CVE-2011-2831
+CVE-2011-2831 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2830
+CVE-2011-2830 (Google V8, as used in Google Chrome before 14.0.835.163, does not prop ...)
 	NOTE: CVE description is wrong, see #656057
-CVE-2011-2829
+CVE-2011-2829 (Integer overflow in Google Chrome before 13.0.782.215 on 32-bit platfo ...)
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/92413
-CVE-2011-2828
+CVE-2011-2828 (Google V8, as used in Google Chrome before 13.0.782.215, allows remote ...)
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (Chromium specific)
-CVE-2011-2827
+CVE-2011-2827 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 allo ...)
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/91908
-CVE-2011-2826
+CVE-2011-2826 (Google Chrome before 13.0.782.215 allows remote attackers to bypass th ...)
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/91957
-CVE-2011-2825
+CVE-2011-2825 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 allo ...)
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/r91738
 	NOTE: http://trac.webkit.org/r91739
 	NOTE: http://trac.webkit.org/changeset/92744
-CVE-2011-2824
+CVE-2011-2824 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 allo ...)
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/92630
-CVE-2011-2823
+CVE-2011-2823 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 allo ...)
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-2822
+CVE-2011-2822 (Google Chrome before 13.0.782.215 on Windows does not properly parse U ...)
 	- chromium-browser <not-affected> (windows only)
 	- webkit <not-affected>
-CVE-2011-2821
+CVE-2011-2821 (Double free vulnerability in libxml2, as used in Google Chrome before  ...)
 	{DSA-2394-1}
 	- chromium-browser 13.0.782.215~r97094-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 	- libxml2 2.7.8.dfsg-5 (low; bug #643648)
 	[squeeze] - libxml2 <no-dsa> (denial-of-service only issue)
-CVE-2011-2820
+CVE-2011-2820 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2819
+CVE-2011-2819 (Google Chrome before 13.0.782.107 allows remote attackers to bypass th ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/91611
-CVE-2011-2818
+CVE-2011-2818 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 allo ...)
 	{DSA-2307-1}
 	- chromium-browser 13.0.782.107~r94237-1
 	NOTE: http://trac.webkit.org/changeset/91386
-CVE-2011-2817
+CVE-2011-2817 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2816
+CVE-2011-2816 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2815
+CVE-2011-2815 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2814
+CVE-2011-2814 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2813
+CVE-2011-2813 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2812
 	RESERVED
-CVE-2011-2811
+CVE-2011-2811 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2810
 	REJECTED
-CVE-2011-2809
+CVE-2011-2809 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2808
 	RESERVED
 CVE-2011-2807
 	RESERVED
-CVE-2011-2806
+CVE-2011-2806 (Google Chrome before 13.0.782.215 on Windows does not properly handle  ...)
 	- chromium-browser <not-affected> (It's in Windows-specific code)
-CVE-2011-2805
+CVE-2011-2805 (Google Chrome before 13.0.782.107 allows remote attackers to bypass th ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/91152
-CVE-2011-2804
+CVE-2011-2804 (Google Chrome before 13.0.782.107 does not properly handle nested func ...)
 	- chromium-browser <not-affected> (pdf plugin)
-CVE-2011-2803
+CVE-2011-2803 (Google Chrome before 13.0.782.107 does not properly handle Skia paths, ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (skia code)
-CVE-2011-2802
+CVE-2011-2802 (Google V8, as used in Google Chrome before 13.0.782.107, does not prop ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected>
 	- libv8 3.4
 	[squeeze] - libv8 <not-affected>
 	NOTE: Bug was introduced in http://code.google.com/p/v8/source/detail?r=8224
-CVE-2011-2801
+CVE-2011-2801 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 allo ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/90936
-CVE-2011-2800
+CVE-2011-2800 (Google Chrome before 13.0.782.107 allows remote attackers to obtain po ...)
 	{DSA-2307-1}
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/91044
 	NOTE: http://developer.apple.com/library/safari/#documentation/Tools/Conceptual/SafariExtensionGuide/MessagesandProxies/MessagesandProxies.html#//apple_ref/doc/uid/TP40009977-CH14-SW9
-CVE-2011-2799
+CVE-2011-2799 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 allo ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/90130
-CVE-2011-2798
+CVE-2011-2798 (Google Chrome before 13.0.782.107 does not properly restrict access to ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2797
+CVE-2011-2797 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 allo ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/90595
-CVE-2011-2796
+CVE-2011-2796 (Use-after-free vulnerability in Skia, as used in Google Chrome before  ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (skia code)
-CVE-2011-2795
+CVE-2011-2795 (Google Chrome before 13.0.782.107 does not prevent calls to functions  ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/89782
-CVE-2011-2794
+CVE-2011-2794 (Google Chrome before 13.0.782.107 does not properly perform text itera ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/89831
-CVE-2011-2793
+CVE-2011-2793 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 allo ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/89595
-CVE-2011-2792
+CVE-2011-2792 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 allo ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/89836
-CVE-2011-2791
+CVE-2011-2791 (The International Components for Unicode (ICU) functionality in Google ...)
 	- chromium-browser 13.0.782.107~r94237-1 (unimportant)
 	- webkit <not-affected> (icu issue)
 	NOTE: ICU bug only in debug build
-CVE-2011-2790
+CVE-2011-2790 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 allo ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/89165
-CVE-2011-2789
+CVE-2011-2789 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 allo ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2788
+CVE-2011-2788 (Buffer overflow in the inspector serialization functionality in Google ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/88444
-CVE-2011-2787
+CVE-2011-2787 (Google Chrome before 13.0.782.107 does not properly address re-entranc ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2786
+CVE-2011-2786 (Google Chrome before 13.0.782.107 does not ensure that the speech-inpu ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2785
+CVE-2011-2785 (The extensions implementation in Google Chrome before 13.0.782.107 doe ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2784
+CVE-2011-2784 (Google Chrome before 13.0.782.107 allows remote attackers to obtain se ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (issue in angleproject)
-CVE-2011-2783
+CVE-2011-2783 (Google Chrome before 13.0.782.107 does not ensure that developer-mode  ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2782
+CVE-2011-2782 (The drag-and-drop implementation in Google Chrome before 13.0.782.107  ...)
 	- chromium-browser 13.0.782.107~r94237-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 CVE-2011-2781
 	RESERVED
-CVE-2011-2780
+CVE-2011-2780 (Directory traversal vulnerability in includes/lib/gz.php in Chyrp 2.0  ...)
 	NOT-FOR-US: Chyrp
-CVE-2011-2779
+CVE-2011-2779 (Windows Event Log SmartConnector in HP ArcSight Connector Appliance be ...)
 	NOT-FOR-US: HP ArcSight Connector Appliance
-CVE-2011-2778
+CVE-2011-2778 (Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remo ...)
 	{DSA-2363-1}
 	- tor 0.2.2.35-1
-CVE-2011-2777
+CVE-2011-2777 (samples/powerbtn/powerbtn.sh in acpid (aka acpid2) 2.0.16 and earlier  ...)
 	- acpid 1:2.0.14-1
 	[lenny] - acpid <not-affected> (Vulnerable code not present)
 	[squeeze] - acpid 1:2.0.7-1squeeze3
-CVE-2011-2776
+CVE-2011-2776 (Buffer overflow in the Error function in super.c in Super 3.30.0 might ...)
 	{DSA-2383-1}
 	- super 3.30.0-6
 CVE-2011-2775
 	RESERVED
-CVE-2011-2774
+CVE-2011-2774 (The "Reply to message" feature in Mahara 1.3.x and 1.4.x before 1.4.1  ...)
 	- mahara 1.4.1-1
 	[squeeze] - mahara <not-affected> (Vulnerable code not present)
 	[lenny] - mahara <not-affected> (Vulnerable code not present)
-CVE-2011-4118
+CVE-2011-4118 (Mahara before 1.4.1, when MNet (aka the Moodle network feature) is use ...)
 	{DSA-2334-1}
 	- mahara 1.4.1-1
 	NOTE: http://mahara.org/interaction/forum/topic.php?id=4138
-CVE-2011-2773
+CVE-2011-2773 (Cross-site request forgery (CSRF) vulnerability in Mahara before 1.4.1 ...)
 	{DSA-2334-1}
 	- mahara 1.4.1-1
-CVE-2011-2772
+CVE-2011-2772 (The get_dataroot_image_path function in lib/file.php in Mahara before  ...)
 	{DSA-2334-1}
 	- mahara 1.4.1-1
-CVE-2011-2771
+CVE-2011-2771 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1 ...)
 	{DSA-2334-1}
 	- mahara 1.4.1-1
-CVE-2011-2770
+CVE-2011-2770 (Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html ...)
 	{DSA-2335-1}
 	- man2html 1.6g-6
-CVE-2011-2769
+CVE-2011-2769 (Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE a ...)
 	{DSA-2331-1}
 	- tor 0.2.2.34-1
-CVE-2011-2768
+CVE-2011-2768 (Tor before 0.2.2.34, when configured as a client or bridge, sends a TL ...)
 	{DSA-2331-1}
 	- tor 0.2.2.34-1
-CVE-2011-2767
+CVE-2011-2767 (mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl ...)
 	{DLA-1507-1}
 	- libapache2-mod-perl2 2.0.10-3 (bug #644169)
 	[stretch] - libapache2-mod-perl2 2.0.10-2+deb9u1
 	NOTE: https://mail-archives.apache.org/mod_mbox/perl-modperl/201110.mbox/raw/%3C20111004084343.GA21290%40ktnx.net%3E
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=126984
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1623265#c3
-CVE-2011-2766
+CVE-2011-2766 (The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by  ...)
 	{DSA-2327-1}
 	- libfcgi-perl 0.73-2 (bug #607479)
 	[lenny] - libfcgi-perl <not-affected> (Introduced in 0.70)
-CVE-2011-2765
+CVE-2011-2765 (pyro before 3.15 unsafely handles pid files in temporary directory loc ...)
 	- pyro 1:3.14-1 (low; bug #631912)
 	[lenny] - pyro <no-dsa> (Minor issue)
 	[squeeze] - pyro <no-dsa> (Minor issue)
 	NOTE: https://github.com/irmen/Pyro3/commit/554e095a62c4412c91f981e72fd34a936ac2bf1e
-CVE-2011-2764
+CVE-2011-2764 (The FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ...)
 	- openarena 0.8.5-5+exp1
 	NOTE: Current openarena packages use the share ioquake3 engine
 	[squeeze] - openarena 0.8.5-5+squeeze1
 	- ioquake3 1.36+svn1946-4
 	- tremulous 1.1.0-6 (bug #660836)
 	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2011-2763
+CVE-2011-2763 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and ...)
 	NOT-FOR-US: LifeSize Room appliance
-CVE-2011-2762
+CVE-2011-2762 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) all ...)
 	NOT-FOR-US: LifeSize Room appliance
-CVE-2011-2761
+CVE-2011-2761 (Google Chrome 14.0.794.0 does not properly handle a reload of a page g ...)
 	- chromium-browser 14.0.835.157~r99685-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium issue)
-CVE-2011-2760
+CVE-2011-2760 (Brocade BigIron RX switches allow remote attackers to bypass ACL rules ...)
 	NOT-FOR-US: Brocade BigIron RX
-CVE-2011-2759
+CVE-2011-2759 (The login page of IDSWebApp in the Web Administration Tool in IBM Tivo ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2011-2758
+CVE-2011-2758 (IDSWebApp in the Web Administration Tool in IBM Tivoli Directory Serve ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2011-2757
+CVE-2011-2757 (Directory traversal vulnerability in FileDownload.jsp in ManageEngine  ...)
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2011-2756
+CVE-2011-2756 (FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 801 ...)
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2011-2755
+CVE-2011-2755 (Directory traversal vulnerability in FileDownload.jsp in ManageEngine  ...)
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2011-2754
+CVE-2011-2754 (Cross-site scripting (XSS) vulnerability in the PageBuilder2 (aka Page ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2011-2753
+CVE-2011-2753 (Multiple cross-site request forgery (CSRF) vulnerabilities in Squirrel ...)
 	{DSA-2291-1}
 	- squirrelmail 2:1.4.22-1 (low)
 	NOTE: difficult to exploit
-CVE-2011-2752
+CVE-2011-2752 (CRLF injection vulnerability in SquirrelMail 1.4.21 and earlier allows ...)
 	{DSA-2291-1}
 	- squirrelmail 2:1.4.22-1 (low)
 	NOTE: difficult to exploit
-CVE-2011-2751
+CVE-2011-2751 (SQL injection vulnerability in Parodia before 6.809 allows remote atta ...)
 	NOT-FOR-US: Parodia
-CVE-2011-2750
+CVE-2011-2750 (NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote ...)
 	NOT-FOR-US: Novell File Reporter
-CVE-2011-2749
+CVE-2011-2749 (The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ES ...)
 	{DSA-2292-1}
 	- isc-dhcp 4.2.2-1 (bug #638404)
 	- dhcp3 <removed>
-CVE-2011-2748
+CVE-2011-2748 (The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ES ...)
 	{DSA-2292-1}
 	- isc-dhcp 4.2.2-1 (bug #638404)
 	- dhcp3 <removed>
-CVE-2011-2747
+CVE-2011-2747 (Google Picasa before 3.6 Build 105.67 does not properly handle invalid ...)
 	NOT-FOR-US: Google Picasa
-CVE-2011-2746
+CVE-2011-2746 (Unspecified vulnerability in Kernel/Modules/AdminPackageManager.pm in  ...)
 	- otrs2 2.4.7-1 (low)
 	[lenny] - otrs2 <no-dsa> (Minor issue)
-CVE-2011-2745
+CVE-2011-2745 (upload_handler.php in the swfupload extension in Chyrp 2.0 and earlier ...)
 	NOT-FOR-US: Chyrp
-CVE-2011-2744
+CVE-2011-2744 (Directory traversal vulnerability in Chyrp 2.1 and earlier allows remo ...)
 	NOT-FOR-US: Chyrp
-CVE-2011-2743
+CVE-2011-2743 (Multiple cross-site scripting (XSS) vulnerabilities in Chyrp 2.1 and e ...)
 	NOT-FOR-US: Chyrp
-CVE-2011-2742
+CVE-2011-2742 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, ...)
 	NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise
-CVE-2011-2741
+CVE-2011-2741 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, ...)
 	NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise
-CVE-2011-2740
+CVE-2011-2740 (EMC RSA Key Manager (RKM) Appliance 2.7 SP1 before 2.7.1.6, when Firef ...)
 	NOT-FOR-US: EMC RSA Key Manager
-CVE-2011-2739
+CVE-2011-2739 (The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x befo ...)
 	NOT-FOR-US: EMC Documentum eRoom
-CVE-2011-2738
+CVE-2011-2738 (Multiple unspecified vulnerabilities in Cisco Unified Service Monitor  ...)
 	NOT-FOR-US: Cisco Unified Service Monitor, CiscoWorks LAN Management Solution
-CVE-2011-2737
+CVE-2011-2737 (RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to re ...)
 	NOT-FOR-US: RSA enVision
-CVE-2011-2736
+CVE-2011-2736 (RSA enVision 4.x before 4 SP4 P3 places cleartext administrative crede ...)
 	NOT-FOR-US: RSA enVision
-CVE-2011-2735
+CVE-2011-2735 (Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4. ...)
 	NOT-FOR-US: EMC AutoStart
 CVE-2011-2734
 	REJECTED
-CVE-2011-2733
+CVE-2011-2733 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, ...)
 	NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise
-CVE-2011-2732
+CVE-2011-2732 (CRLF injection vulnerability in the logout functionality in VMware Spr ...)
 	- libspring-security-2.0-java 2.0.7.RELEASE-1 (bug #670901)
 	[squeeze] - libspring-security-2.0-java <no-dsa> (Minor issue)
-CVE-2011-2731
+CVE-2011-2731 (Race condition in the RunAsManager mechanism in VMware SpringSource Sp ...)
 	- libspring-security-2.0-java 2.0.7.RELEASE-1 (bug #670901)
 	[squeeze] - libspring-security-2.0-java <no-dsa> (Minor issue)
-CVE-2011-2730
+CVE-2011-2730 (VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023,  ...)
 	{DSA-2504-1}
 	- libspring-2.5-java <unfixed> (bug #677814)
-CVE-2011-2729
+CVE-2011-2729 (native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 t ...)
 	- commons-daemon 1.0.7-1
 	[squeeze] - commons-daemon <not-affected> (Support for libcap was only added in 1.0.6)
 	NOTE: According to http://tomcat.apache.org/security-7.html jsvc needs to be build againt libcap to be exploitable
-CVE-2011-2728
+CVE-2011-2728 (The bsd_glob function in the File::Glob module for Perl before 5.14.2  ...)
 	- perl 5.14.2-1 (unimportant)
 	NOTE: requires the attacker to manipulate glob flags
-CVE-2011-2727
+CVE-2011-2727 (The (1) templatewrap/templatefoot.php, (2) cmsjs/plugin.js.php, and (3 ...)
 	NOT-FOR-US: Tribiq CMS
 CVE-2011-2726 [SA-CORE-2011-003]
 	RESERVED
 	- drupal7 7.6-1
-CVE-2011-2725
+CVE-2011-2725 (Directory traversal vulnerability in Ark 4.7.x and earlier allows remo ...)
 	- kdeutils 4:4.6.5-4 (low; bug #635541)
 	[lenny] - kdeutils <no-dsa> (Minor issue)
 	[squeeze] - kdeutils 4:4.4.5-1+squeeze1
-CVE-2011-2724
+CVE-2011-2724 (The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs  ...)
 	- samba 2:3.4.7~dfsg-2 (low)
 	- cifs-utils 2:5.1-1 (low)
 	[squeeze] - cifs-utils 2:4.5-2+squeeze1
 	NOTE: cifs-utils was split off from the samba source package with 2:3.4.7~dfsg-2, so marking it as fixed
 	NOTE: http://web.archive.org/web/20111209193822/http://git.samba.org/?p=cifs-utils.git;a=commit;h=1e7a32924b22d1f786b6f490ce8590656f578f91
-CVE-2011-2723
+CVE-2011-2723 (The skb_gro_header_slow function in include/linux/netdevice.h in the L ...)
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-2
-CVE-2011-2722
+CVE-2011-2722 (The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Lin ...)
 	- hplip 3.11.10-1 (bug #635549; low)
 	[squeeze] - hplip 3.10.6-2+squeeze0
 	[lenny] - hplip <not-affected> (Vulnerable code not present)
-CVE-2011-2721
+CVE-2011-2721 (Off-by-one error in the cli_hm_scan function in matcher-hash.c in libc ...)
 	- clamav 0.97.2+dfsg-1 (bug #635599)
 	[squeeze] - clamav 0.97.2+dfsg-1~squeeze1
-CVE-2011-2720
+CVE-2011-2720 (The autocompletion functionality in GLPI before 0.80.2 does not blackl ...)
 	- glpi 0.80.2-1 (bug #635544; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2011-2719
+CVE-2011-2719 (libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3 ...)
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.2-1 (low)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-2718
+CVE-2011-2718 (Multiple directory traversal vulnerabilities in the relational schema  ...)
 	- phpmyadmin 4:3.4.3.2-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2011-2717
 	RESERVED
 	NOT-FOR-US: udhcp6c
-CVE-2011-2716
+CVE-2011-2716 (The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP s ...)
 	- busybox 1:1.20.0-3 (unimportant; bug #635548)
 	NOTE: the default action script of busybox is not vulnerable to this attack
 	NOTE: fixed in 1.20 (experimental). default script in udeb may be vulnerable.
@@ -6983,58 +6983,58 @@ CVE-2011-2715
 CVE-2011-2714
 	RESERVED
 	NOT-FOR-US: Drupal data module
-CVE-2011-2713
+CVE-2011-2713 (oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows u ...)
 	{DSA-2315-1}
 	- libreoffice 1:3.4.3-1
 	- openoffice.org 1:3.3.0-1
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package to migrate to libreoffice
-CVE-2011-2712
+CVE-2011-2712 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2011-2711
+CVE-2011-2711 (Cross-site scripting (XSS) vulnerability in the print_fileinfo functio ...)
 	NOT-FOR-US: cgit
-CVE-2011-2710
+CVE-2011-2710 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before  ...)
 	NOT-FOR-US: Joomla!
-CVE-2011-2709
+CVE-2011-2709 (libgssapi and libgssglue before 0.4 do not properly check privileges,  ...)
 	- libgssglue 0.4-1 (low; bug #670256)
 	[squeeze] - libgssglue <no-dsa> (Minor issue in Squeeze)
 	NOTE: Our mount.nfs does not link against libgssglue,
 	NOTE: so we do not appear to be affected directly.
 CVE-2011-2708
 	REJECTED
-CVE-2011-2707
+CVE-2011-2707 (The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Lin ...)
 	- linux-2.6 <not-affected> (xtensa arch not used in Debian)
 CVE-2011-2706
 	RESERVED
 	NOT-FOR-US: sNews
-CVE-2011-2705
+CVE-2011-2705 (The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby  ...)
 	{DLA-235-1 DLA-88-1}
 	- ruby1.8 1.8.7.352-1 (low; bug #635878)
 	- ruby1.9.1 1.9.3~preview1-1 (low)
-CVE-2011-2704
+CVE-2011-2704 (Stack-based buffer overflow in MapServer before 4.10.7 and 5.x before  ...)
 	{DSA-2285-1}
 	- mapserver 6.0.1-1
-CVE-2011-2703
+CVE-2011-2703 (Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x ...)
 	{DSA-2285-1}
 	- mapserver 6.0.1-1
-CVE-2011-2702
+CVE-2011-2702 (Integer signedness error in Glibc before 2.13 and eglibc before 2.13,  ...)
 	- eglibc 2.13-10
 	[squeeze] - eglibc <not-affected> (ssse3 optimizations not included in squeeze version)
 	- glibc <not-affected> (ssse3 optimizations not included)
 	NOTE: http://web.archive.org/web/20110824011938/http://www.nodefense.org:80/eglibc.txt
 	NOTE: fixed well before 2.13-10, but that is the present testing version that was available to check
-CVE-2011-2701
+CVE-2011-2701 (The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when OC ...)
 	- freeradius <not-affected> (Introduced in 2.1.11, even sid ships 2.1.10+dfsg-3+b2)
-CVE-2011-2700
+CVE-2011-2700 (Multiple buffer overflows in the si4713_write_econtrol_string function ...)
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-1
 	[lenny] - linux-2.6 <not-affected> (Driver introduced in 2.6.32)
-CVE-2011-2699
+CVE-2011-2699 (The IPv6 implementation in the Linux kernel before 3.1 does not genera ...)
 	- linux-2.6 3.0.0-2
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2011-2698
+CVE-2011-2698 (Off-by-one error in the elem_cell_id_aux function in epan/dissectors/p ...)
 	- wireshark 1.6.1-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
-CVE-2011-2697
+CVE-2011-2697 (foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 all ...)
 	{DSA-2380-1}
 	- hplip 3.10.6-2 (bug #635549; medium)
 	NOTE: hplip might have been fixed earlier than stable, current versions use foomatic-rip
@@ -7045,77 +7045,77 @@ CVE-2011-2697
 	NOTE: foomatic-filters 3.x is written in Perl and has been assigned CVE-2011-2697
 	NOTE: hplip includes local copy of the Perl version. It needs to be checked, whether
 	NOTE: it's modified somehow
-CVE-2011-2696
+CVE-2011-2696 (Integer overflow in libsndfile before 1.0.25 allows remote attackers t ...)
 	{DSA-2288-1}
 	- libsndfile 1.0.25-1
-CVE-2011-2695
+CVE-2011-2695 (Multiple off-by-one errors in the ext4 subsystem in the Linux kernel b ...)
 	- linux-2.6 3.0.0-1
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2011-2694
+CVE-2011-2694 (Cross-site scripting (XSS) vulnerability in the chg_passwd function in ...)
 	{DSA-2290-1}
 	- samba 2:3.5.10~dfsg-1 (low)
-CVE-2011-2693
+CVE-2011-2693 (The perf subsystem in the kernel package 2.6.32-122.el6.x86_64 in Red  ...)
 	NOTE: Duplicate of CVE-2011-2521
-CVE-2011-2692
+CVE-2011-2692 (The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0. ...)
 	{DSA-2287-1}
 	- libpng 1.2.46-1 (low; bug #633871)
-CVE-2011-2691
+CVE-2011-2691 (The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2. ...)
 	{DSA-2287-1}
 	- libpng 1.2.46-1 (low; bug #633871)
-CVE-2011-2690
+CVE-2011-2690 (Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1. ...)
 	{DSA-2287-1}
 	- libpng 1.2.46-1 (high; bug #633871)
-CVE-2011-2689
+CVE-2011-2689 (The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel befo ...)
 	- linux-2.6 3.0.0-1
 	[squeeze] - linux-2.6 <not-affected> (gfs didn't have fallocate support until 2.6.37)
 	[lenny] - linux-2.6 <not-affected> (gfs didn't have fallocate support until 2.6.37)
-CVE-2011-2688
+CVE-2011-2688 (SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_e ...)
 	{DSA-2279-1}
 	- libapache2-mod-authnz-external 3.2.4-2.1 (medium; bug #633637)
-CVE-2011-2687
+CVE-2011-2687 (Drupal 7.x before 7.3 allows remote attackers to bypass intended node_ ...)
 	NOTE: http://drupal.org/node/1168756
 	- drupal7 7.2-1 (bug #633385)
 	- drupal6 6.22-1
 	[squeeze] - drupal6 6.18-1squeeze1
-CVE-2011-2686
+CVE-2011-2686 (Ruby before 1.8.7-p352 does not reset the random seed upon forking, wh ...)
 	{DLA-88-1}
 	- ruby1.8 1.8.7.352-1 (low; bug #635878)
-CVE-2011-2685
+CVE-2011-2685 (Stack-based buffer overflow in the Lotus Word Pro import filter in Lib ...)
 	{DSA-2275-1}
 	- libreoffice 1:3.3.3-1
 	- openoffice.org 1:3.3.0-1
 	[lenny] - openoffice.org <not-affected> (Vulnerable code not present)
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package to migrate to libreoffice
-CVE-2011-2684
+CVE-2011-2684 (foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722df ...)
 	- foo2zjs 20110722dfsg-1 (low; bug #633870)
 	[lenny] - foo2zjs <no-dsa> (Minor issue)
 	[squeeze] - foo2zjs 20090908dfsg-5.1+squeeze0
-CVE-2011-2683
+CVE-2011-2683 (reseed seeds random numbers from an insecure HTTP request to random.or ...)
 	- reseed <removed>
 	[lenny] - reseed <no-dsa> (Minor issue)
-CVE-2011-2682
+CVE-2011-2682 (The Login component in IBM Rational DOORS Web Access 1.4.x before 1.4. ...)
 	NOT-FOR-US: IBM Rational DOORS Web Access
-CVE-2011-2681
+CVE-2011-2681 (IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 does not properly h ...)
 	NOT-FOR-US: IBM Rational DOORS Web Access
-CVE-2011-2680
+CVE-2011-2680 (Unspecified vulnerability in IBM Rational DOORS Web Access 1.4.x befor ...)
 	NOT-FOR-US: IBM Rational DOORS Web Access
-CVE-2011-2679
+CVE-2011-2679 (Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Web Acc ...)
 	NOT-FOR-US: IBM Rational DOORS Web Access
-CVE-2011-2678
+CVE-2011-2678 (The Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows platf ...)
 	NOT-FOR-US: Cisco VPN Client
-CVE-2011-2677
+CVE-2011-2677 (Cybozu Office before 8.0.0 allows remote authenticated users to bypass ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2011-2676
+CVE-2011-2676 (The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and A- ...)
 	NOT-FOR-US: A-Form
-CVE-2011-2675
+CVE-2011-2675 (Cross-site scripting (XSS) vulnerability in Enkai-kun before 110916 al ...)
 	NOT-FOR-US: Enkai-kun
-CVE-2011-2674
+CVE-2011-2674 (BaserCMS before 1.6.12 does not properly restrict additions to the mem ...)
 	NOT-FOR-US: BaserCMS
-CVE-2011-2673
+CVE-2011-2673 (Cross-site scripting (XSS) vulnerability in BaserCMS before 1.6.13.2 a ...)
 	NOT-FOR-US: BaserCMS
-CVE-2011-2672
+CVE-2011-2672 (Cross-site scripting (XSS) vulnerability in SemanticScuttle before 0.9 ...)
 	NOT-FOR-US: SemanticScuttle
-CVE-2011-2671
+CVE-2011-2671 (Unspecified vulnerability in Megalith 12th edition through 27th editio ...)
 	NOT-FOR-US: Megalith
 CVE-2011-2670
 	RESERVED
@@ -7123,142 +7123,142 @@ CVE-2011-2669
 	RESERVED
 CVE-2011-2668
 	RESERVED
-CVE-2011-2667
+CVE-2011-2667 (Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Sec ...)
 	NOT-FOR-US: CA Gateway Security for HTTP
-CVE-2011-2666
+CVE-2011-2666 (The default configuration of the SIP channel driver in Asterisk Open S ...)
 	- asterisk 1:1.8.3.3-1
 	[squeeze] - asterisk <no-dsa> (minor issue; can be addressed through configuration)
-CVE-2011-2665
+CVE-2011-2665 (reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8 ...)
 	- asterisk 1:1.8.4.3-1 (bug #631445)
 	[squeeze] - asterisk <not-affected>
 	[lenny] - asterisk <not-affected>
-CVE-2011-2664
+CVE-2011-2664 (Unspecified vulnerability in Check Point Multi-Domain Management / Pro ...)
 	NOT-FOR-US: Check Point Multi-Domain Management
-CVE-2011-2663
+CVE-2011-2663 (Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWi ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-2662
+CVE-2011-2662 (Integer signedness error in GroupWise Internet Agent (GWIA) in Novell  ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-2661
+CVE-2011-2661 (Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in No ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-2660
+CVE-2011-2660 (The modify_resolvconf_suse script in the vpnc package before 0.5.1-55. ...)
 	- vpnc <not-affected>
 	NOTE: This only affects the SUSE packaging.
 CVE-2011-2659
 	RESERVED
-CVE-2011-2658
+CVE-2011-2658 (The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Con ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2011-2657
+CVE-2011-2657 (Directory traversal vulnerability in the LaunchProcess function in the ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2011-2656
+CVE-2011-2656 (Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld M ...)
 	NOT-FOR-US: Novell ZENworks
-CVE-2011-2655
+CVE-2011-2655 (Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld M ...)
 	NOT-FOR-US: Novell ZENworks
-CVE-2011-2654
+CVE-2011-2654 (The RPC implementation in the server in Novell Cloud Manager 1.1.2 bef ...)
 	NOT-FOR-US: Novell Cloud Manager
-CVE-2011-2653
+CVE-2011-2653 (Directory traversal vulnerability in the rtrlet component in Novell ZE ...)
 	NOT-FOR-US: Novell ZENworks
-CVE-2011-2652
+CVE-2011-2652 (Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as use ...)
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2651
+CVE-2011-2651 (Unspecified vulnerability in the file browser in Kiwi before 3.74.2, a ...)
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2650
+CVE-2011-2650 (Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as use ...)
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2649
+CVE-2011-2649 (Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows at ...)
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2648
+CVE-2011-2648 (Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studi ...)
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2647
+CVE-2011-2647 (Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studi ...)
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2646
+CVE-2011-2646 (Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studi ...)
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2645
+CVE-2011-2645 (Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studi ...)
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2644
+CVE-2011-2644 (Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as use ...)
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2643
+CVE-2011-2643 (Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x befor ...)
 	- phpmyadmin 4:3.4.3.2-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-2642
+CVE-2011-2642 (Multiple cross-site scripting (XSS) vulnerabilities in the table Print ...)
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.2-1
 CVE-2011-XXXX [stardict: minor information disclosure]
 	- stardict 3.0.1-5 (low; bug #632260)
 	[squeeze] - stardict <no-dsa> (minor information disclosure)
 	[lenny] - stardict <no-dsa> (minor information disclosure)
-CVE-2011-2641
+CVE-2011-2641 (Opera 11.11 allows remote attackers to cause a denial of service (appl ...)
 	NOT-FOR-US: Opera
-CVE-2011-2640
+CVE-2011-2640 (Opera before 11.10 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Opera
-CVE-2011-2639
+CVE-2011-2639 (Opera before 11.10 does not properly handle hidden animated GIF images ...)
 	NOT-FOR-US: Opera
-CVE-2011-2638
+CVE-2011-2638 (Unspecified vulnerability in Opera before 11.10 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2011-2637
+CVE-2011-2637 (Unspecified vulnerability in Opera before 11.10 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2011-2636
+CVE-2011-2636 (Unspecified vulnerability in Opera before 11.10 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2011-2635
+CVE-2011-2635 (The Cascading Style Sheets (CSS) implementation in Opera before 11.10  ...)
 	NOT-FOR-US: Opera
-CVE-2011-2634
+CVE-2011-2634 (Opera before 11.10 allows remote attackers to hijack (1) searches and  ...)
 	NOT-FOR-US: Opera
-CVE-2011-2633
+CVE-2011-2633 (Unspecified vulnerability in Opera before 11.11 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2011-2632
+CVE-2011-2632 (Opera before 11.11 does not properly handle destruction of a Silverlig ...)
 	NOT-FOR-US: Opera
-CVE-2011-2631
+CVE-2011-2631 (The Cascading Style Sheets (CSS) implementation in Opera before 11.11  ...)
 	NOT-FOR-US: Opera
-CVE-2011-2630
+CVE-2011-2630 (Opera before 11.11 allows user-assisted remote attackers to cause a de ...)
 	NOT-FOR-US: Opera
-CVE-2011-2629
+CVE-2011-2629 (Unspecified vulnerability in Opera before 11.11 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2011-2628
+CVE-2011-2628 (Opera before 11.11 does not properly implement FRAMESET elements, whic ...)
 	NOT-FOR-US: Opera
-CVE-2011-2627
+CVE-2011-2627 (Unspecified vulnerability in the DOM implementation in Opera before 11 ...)
 	NOT-FOR-US: Opera
-CVE-2011-2626
+CVE-2011-2626 (Opera before 11.50 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Opera
-CVE-2011-2625
+CVE-2011-2625 (Opera before 11.50 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Opera
-CVE-2011-2624
+CVE-2011-2624 (Opera before 11.50 allows user-assisted remote attackers to cause a de ...)
 	NOT-FOR-US: Opera
-CVE-2011-2623
+CVE-2011-2623 (Unspecified vulnerability in the SVG BiDi implementation in Opera befo ...)
 	NOT-FOR-US: Opera
-CVE-2011-2622
+CVE-2011-2622 (Unspecified vulnerability in the Web Workers implementation in Opera b ...)
 	NOT-FOR-US: Opera
-CVE-2011-2621
+CVE-2011-2621 (Unspecified vulnerability in Opera before 11.50 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2011-2620
+CVE-2011-2620 (Unspecified vulnerability in Opera before 11.50 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2011-2619
+CVE-2011-2619 (Opera before 11.50 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Opera
-CVE-2011-2618
+CVE-2011-2618 (Opera before 11.50 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Opera
-CVE-2011-2617
+CVE-2011-2617 (Unspecified vulnerability in Opera before 11.50 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2011-2616
+CVE-2011-2616 (Unspecified vulnerability in Opera before 11.50 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2011-2615
+CVE-2011-2615 (Unspecified vulnerability in Opera before 11.50 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2011-2614
+CVE-2011-2614 (The SVG implementation in Opera before 11.50 allows remote attackers t ...)
 	NOT-FOR-US: Opera
-CVE-2011-2613
+CVE-2011-2613 (The Array.prototype.join method in Opera before 11.50 allows remote at ...)
 	NOT-FOR-US: Opera
-CVE-2011-2612
+CVE-2011-2612 (Unspecified vulnerability in Opera before 11.50 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2011-2611
+CVE-2011-2611 (Unspecified vulnerability in the printing functionality in Opera befor ...)
 	NOT-FOR-US: Opera
-CVE-2011-2610
+CVE-2011-2610 (Unspecified vulnerability in Opera before 11.50 has unknown impact and ...)
 	NOT-FOR-US: Opera
-CVE-2011-2609
+CVE-2011-2609 (Opera before 11.50 does not properly restrict data: URIs, which makes  ...)
 	NOT-FOR-US: Opera
-CVE-2011-2608
+CVE-2011-2608 (ovbbccb.exe 6.20.50.0 and other versions in HP OpenView Performance Ag ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-2607
+CVE-2011-2607 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert  ...)
 	NOT-FOR-US: IBM Rational Team Concert
-CVE-2011-2606
+CVE-2011-2606 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Rational ...)
 	NOT-FOR-US: IBM Rational Team Concert
-CVE-2011-2605
+CVE-2011-2605 (CRLF injection vulnerability in the nsCookieService::SetCookieStringIn ...)
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed> (unimportant)
 	[lenny] - xulrunner 1.9.0.19-12
@@ -7269,67 +7269,67 @@ CVE-2011-2605
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2604
+CVE-2011-2604 (The Intel G41 driver 6.14.10.5355 on Windows XP SP3 allows remote atta ...)
 	NOT-FOR-US: Windows XP
-CVE-2011-2603
+CVE-2011-2603 (The NVIDIA 9400M driver 6.2.6 on Mac OS X 10.6.7 allows remote attacke ...)
 	NOT-FOR-US: Mac OS X
-CVE-2011-2602
+CVE-2011-2602 (The NVIDIA Geforce 310 driver 6.14.12.7061 on Windows XP SP3 allows re ...)
 	NOT-FOR-US: Windows XP
-CVE-2011-2601
+CVE-2011-2601 (The GPU support functionality in Mac OS X does not properly restrict r ...)
 	NOT-FOR-US: Mac OS X
-CVE-2011-2600
+CVE-2011-2600 (The GPU support functionality in Windows XP does not properly restrict ...)
 	NOT-FOR-US: Windows XP
-CVE-2011-2599
+CVE-2011-2599 (Google Chrome 11 does not block use of a cross-domain image as a WebGL ...)
 	- chromium-browser <unfixed> (unimportant)
 	[squeeze] - chromium-browser <not-affected>
-CVE-2011-2598
+CVE-2011-2598 (The WebGL implementation in Mozilla Firefox 4.x allows remote attacker ...)
 	- xulrunner <not-affected> (Only affects Firefox 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 4.0, not yet in unstable)
-CVE-2011-2597
+CVE-2011-2597 (The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x  ...)
 	- wireshark 1.6.1-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
 CVE-2011-2596
 	RESERVED
-CVE-2011-2595
+CVE-2011-2595 (Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build 14 ...)
 	NOT-FOR-US: ACDSee FotoSlate
-CVE-2011-2594
+CVE-2011-2594 (Heap-based buffer overflow in KMPlayer 3.0.0.1441, and possibly other  ...)
 	NOT-FOR-US: KMPlayer
 	NOTE: This is http://www.kmplayer.com and not our kmplayer package.
-CVE-2011-2593
+CVE-2011-2593 (Integer overflow in the StartEpa method in the nsepacom ActiveX contro ...)
 	NOT-FOR-US: Citrix Access Gateway Enterprise Edition Plug-in
-CVE-2011-2592
+CVE-2011-2592 (Heap-based buffer overflow in the StartEpa method in the nsepacom Acti ...)
 	NOT-FOR-US: ActiveX control for Citrix Access Gateway
-CVE-2011-2591
+CVE-2011-2591 (Multiple buffer overflows in the Provideo ActiveX controls allow remot ...)
 	NOT-FOR-US: Provideo ActiveX
-CVE-2011-2590
+CVE-2011-2590 (The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010  ...)
 	NOT-FOR-US: UUSee 201
-CVE-2011-2589
+CVE-2011-2589 (Heap-based buffer overflow in the SendLogAction method in the UUPlayer ...)
 	NOT-FOR-US: UUSee 201
-CVE-2011-2588
+CVE-2011-2588 (Heap-based buffer overflow in the AVI_ChunkRead_strf function in libav ...)
 	- vlc 1.1.11-1 (bug #633675)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-2587
+CVE-2011-2587 (Heap-based buffer overflow in the DemuxAudioSipr function in real.c in ...)
 	- vlc 1.1.11-1 (bug #633674)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-2586
+CVE-2011-2586 (The HTTP client in Cisco IOS 12.4 and 15.0 allows user-assisted remote ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-2585
+CVE-2011-2585 (Cisco Show and Share 5(2), 5.2(1), and 5.2(2) before 5.2(2.1) allows r ...)
 	NOT-FOR-US: Cisco Show and Share
-CVE-2011-2584
+CVE-2011-2584 (Cisco Show and Share 5(2), 5.2(1), and 5.2(2) before 5.2(2.1) allows r ...)
 	NOT-FOR-US: Cisco Show and Share
-CVE-2011-2583
+CVE-2011-2583 (Cisco Unified Contact Center Express (aka CCX) 8.0 and 8.5 allows remo ...)
 	NOT-FOR-US: Cisco CCX
 CVE-2011-2582
 	RESERVED
-CVE-2011-2581
+CVE-2011-2581 (The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N ...)
 	NOT-FOR-US: Cisco NX-OS
 CVE-2011-2580
 	RESERVED
 CVE-2011-2579
 	RESERVED
-CVE-2011-2578
+CVE-2011-2578 (Memory leak in Cisco IOS 15.1 and 15.2 allows remote attackers to caus ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-2577
+CVE-2011-2577 (Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/ ...)
 	NOT-FOR-US: Cisco TelePresence
 CVE-2011-2576
 	RESERVED
@@ -7345,7 +7345,7 @@ CVE-2011-2571
 	RESERVED
 CVE-2011-2570
 	RESERVED
-CVE-2011-2569
+CVE-2011-2569 (Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing Sys ...)
 	NOT-FOR-US: Cisco NX-OS
 CVE-2011-2568
 	RESERVED
@@ -7355,15 +7355,15 @@ CVE-2011-2566
 	RESERVED
 CVE-2011-2565
 	RESERVED
-CVE-2011-2564
+CVE-2011-2564 (Unspecified vulnerability in the Service Advertisement Framework (SAF) ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-2563
+CVE-2011-2563 (Unspecified vulnerability in the Service Advertisement Framework (SAF) ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-2562
+CVE-2011-2562 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-2561
+CVE-2011-2561 (The SIP process in Cisco Unified Communications Manager (aka CUCM, for ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-2560
+CVE-2011-2560 (The Packet Capture Service in Cisco Unified Communications Manager (ak ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-2559
 	RESERVED
@@ -7373,7 +7373,7 @@ CVE-2011-2557
 	RESERVED
 CVE-2011-2556
 	RESERVED
-CVE-2011-2555
+CVE-2011-2555 (Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a defau ...)
 	NOT-FOR-US: Cisco TelePresence Recording Server
 CVE-2011-2554
 	RESERVED
@@ -7385,19 +7385,19 @@ CVE-2011-2551
 	RESERVED
 CVE-2011-2550
 	RESERVED
-CVE-2011-2549
+CVE-2011-2549 (Unspecified vulnerability in Cisco IOS XR 4.1.x before 4.1.1 on Cisco  ...)
 	NOT-FOR-US: Cisco IOS XR
 CVE-2011-2548
 	RESERVED
-CVE-2011-2547
+CVE-2011-2547 (The web-based management interface on Cisco SA 500 series security app ...)
 	NOT-FOR-US: Cisco SA 500 series appliances management interface
-CVE-2011-2546
+CVE-2011-2546 (SQL injection vulnerability in the web-based management interface on C ...)
 	NOT-FOR-US: Cisco SA 500 series appliances management interface
-CVE-2011-2545
+CVE-2011-2545 (Cross-site scripting (XSS) vulnerability in the SIP implementation on  ...)
 	NOT-FOR-US: Cisco SPA
-CVE-2011-2544
+CVE-2011-2544 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2011-2543
+CVE-2011-2543 (Buffer overflow in the cuil component in Cisco Telepresence System Int ...)
 	NOT-FOR-US: Cisco
 CVE-2011-2542
 	RESERVED
@@ -7414,133 +7414,133 @@ CVE-2011-2537
 	RESERVED
 CVE-2011-XXXX [unspecified security vulnerabilities from 4.3.7]
 	- movabletype-opensource 4.3.7+dfsg-1 (bug #631437)
-CVE-2011-2536
+CVE-2011-2536 (chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x bef ...)
 	{DSA-2276-2 DSA-2276-1}
 	- asterisk 1:1.8.4.4~dfsg-1 (bug #632029)
-CVE-2011-2534
+CVE-2011-2534 (Buffer overflow in the clusterip_proc_write function in net/ipv4/netfi ...)
 	- linux-2.6 2.6.32-34 (low)
-CVE-2011-2533
+CVE-2011-2533 (The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows lo ...)
 	- dbus 1.3.2~git20100715.821f99c-1 (unimportant)
 	NOTE: Compile-time only
-CVE-2011-2532
+CVE-2011-2532 (The json.decode function in util/json.lua in Prosody 0.8.x before 0.8. ...)
 	- prosody 0.8.1-1
 	[squeeze] - prosody <no-dsa> (Minor issue)
-CVE-2011-2531
+CVE-2011-2531 (Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect d ...)
 	- prosody 0.8.1-1
 	[squeeze] - prosody <no-dsa> (Minor issue)
-CVE-2011-2530
+CVE-2011-2530 (Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Instal ...)
 	NOT-FOR-US: EDS Hardware Installation tool
-CVE-2011-2535
+CVE-2011-2535 (chan_iax2.c in the IAX2 channel driver in Asterisk Open Source 1.4.x b ...)
 	{DSA-2276-2 DSA-2276-1}
 	- asterisk 1:1.8.4.3-1 (bug #631448)
 	[squeeze] - asterisk <not-affected>
 	[lenny] - asterisk <not-affected>
-CVE-2011-2529
+CVE-2011-2529 (chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x bef ...)
 	{DSA-2276-2 DSA-2276-1}
 	- asterisk 1:1.8.4.3-1 (bug #631446)
-CVE-2011-2528
+CVE-2011-2528 (Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x ...)
 	- plone3 <removed>
-CVE-2011-2527
+CVE-2011-2527 (The change_process_uid function in os-posix.c in Qemu 0.14.0 and earli ...)
 	{DSA-2282-1}
 	- qemu-kvm 0.14.1+dfsg-3 (bug #633669)
 	- kvm <not-affected> (Vulnerable code not present)
-CVE-2011-2526
+CVE-2011-2526 (Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7 ...)
 	{DSA-2401-1}
 	- tomcat6 6.0.32-7 (bug #634992)
 	- tomcat7 7.0.19-1 (bug #634992)
 	- tomcat5.5 <removed> (bug #634992)
-CVE-2011-2525
+CVE-2011-2525 (The qdisc_notify function in net/sched/sch_api.c in the Linux kernel b ...)
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.35-1
-CVE-2011-2524
+CVE-2011-2524 (Directory traversal vulnerability in soup-uri.c in SoupServer in libso ...)
 	{DSA-2369-1}
 	- libsoup2.4 2.34.3-1 (bug #635837)
 CVE-2011-2523
 	RESERVED
 	- vsftpd <not-affected> (backdoored version was never in the Debian archive)
-CVE-2011-2522
+CVE-2011-2522 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Samb ...)
 	{DSA-2290-1}
 	- samba 2:3.5.10~dfsg-1 (low)
-CVE-2011-2521
+CVE-2011-2521 (The x86_assign_hw_event function in arch/x86/kernel/cpu/perf_event.c i ...)
 	- linux-2.6 2.6.39-1 (low)
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-2520
+CVE-2011-2520 (fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickl ...)
 	NOT-FOR-US: system-config-firewall
-CVE-2011-2519
+CVE-2011-2519 (Xen in the Linux kernel, when running a guest on a host without hardwa ...)
 	- xen-3 3.2.1-2
 	NOTE: Possibly fixed earlier than 3.2.1-2, but that's the version in oldstable, which
 	NOTE: was checked to contain http://xenbits.xen.org/hg/xen-3.1-testing.hg/rev/15644
 	- xen <not-affected> (Only affects older Xen 3 releases)
-CVE-2011-2518
+CVE-2011-2518 (The tomoyo_mount_acl function in security/tomoyo/mount.c in the Linux  ...)
 	- linux-2.6 2.6.39-3 (low)
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-2517
+CVE-2011-2517 (Multiple buffer overflows in net/wireless/nl80211.c in the Linux kerne ...)
 	{DSA-2303-1}
 	- linux-2.6 2.6.39-3 (unimportant)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: Requires CAP_NET_ADMIn to exploit
-CVE-2011-2516
+CVE-2011-2516 (Off-by-one error in the XML signature feature in Apache XML Security f ...)
 	{DSA-2277-1}
 	- xml-security-c 1.6.1-1 (low; bug #632973)
 CVE-2011-2515
 	RESERVED
 	- packagekit 0.6.17-1
-CVE-2011-2514
+CVE-2011-2514 (The Java Network Launching Protocol (JNLP) implementation in IcedTea6  ...)
 	- openjdk-6 6b21~pre1-1
 	- icedtea-web 1.1-1
 	NOTE: Browser plugin was removed in openjdk-6 6b21~pre1-1.
-CVE-2011-2513
+CVE-2011-2513 (The Java Network Launching Protocol (JNLP) implementation in IcedTea6  ...)
 	- openjdk-6 6b21~pre1-1
 	- icedtea-web 1.1.2-1
 	NOTE: Browser plugin was removed in openjdk-6 6b21~pre1-1.
-CVE-2011-2512
+CVE-2011-2512 (The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not proper ...)
 	{DSA-2270-1}
 	- qemu-kvm 0.14.1+dfsg-2 (bug #631975)
 	- kvm <removed>
 	[lenny] - kvm <not-affected> (Vulnerability not present)
-CVE-2011-2511
+CVE-2011-2511 (Integer overflow in libvirt before 0.9.3 allows remote authenticated u ...)
 	{DSA-2280-1}
 	- libvirt 0.9.2-7 (bug #633630)
-CVE-2011-2510
+CVE-2011-2510 (Cross-site scripting (XSS) vulnerability in the RSS embedding feature  ...)
 	- dokuwiki 0.0.20110525a-1 (low; bug #631818)
 	[squeeze] - dokuwiki 0.0.20091225c-10+squeeze2
 	[lenny] - dokuwiki 0.0.20080505-4+lenny3
-CVE-2011-2509
+CVE-2011-2509 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before  ...)
 	NOT-FOR-US: Joomla!
-CVE-2011-2508
+CVE-2011-2508 (Directory traversal vulnerability in libraries/display_tbl.lib.php in  ...)
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.1-1
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-2507
+CVE-2011-2507 (libraries/server_synchronize.lib.php in the Synchronize implementation ...)
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.1-1 (unimportant)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: neutralized by Suhosin patch
-CVE-2011-2506
+CVE-2011-2506 (setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2  ...)
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.1-1 (low)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-2505
+CVE-2011-2505 (libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication ...)
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.1-1
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-2504
+CVE-2011-2504 (Untrusted search path vulnerability in x11perfcomp in XFree86 x11perf  ...)
 	- x11-apps 7.7~1 (low)
 	[squeeze] - x11-apps <no-dsa> (Minor issue)
-CVE-2011-2503
+CVE-2011-2503 (The insert_module function in runtime/staprun/staprun_funcs.c in the s ...)
 	{DSA-2348-1}
 	- systemtap 1.6-1 (bug #635542)
 	[lenny] - systemtap <not-affected> (Signed modules not yet supported)
-CVE-2011-2502
+CVE-2011-2502 (runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun ...)
 	- systemtap 1.6-1 (bug #635542)
 	[lenny] - systemtap <not-affected> (Affected option introduced in 1.4)
 	[squeeze] - systemtap <not-affected> (Affected option introduced in 1.4)
-CVE-2011-2501
+CVE-2011-2501 (The png_format_buffer function in pngerror.c in libpng 1.0.x before 1. ...)
 	{DSA-2287-1}
 	- libpng 1.2.44-3 (bug #632786)
-CVE-2011-2500
+CVE-2011-2500 (The host_reliable_addrinfo function in support/export/hostname.c in nf ...)
 	- nfs-utils 1:1.2.4-1 (bug #633155)
 	[lenny] - nfs-utils <not-affected> (Introduced in 1.2.3)
 	[squeeze] - nfs-utils <not-affected> (Introduced in 1.2.3)
@@ -7552,50 +7552,50 @@ CVE-2011-2498
 	- linux-2.6 2.6.39-1 (low)
 	[squeeze] - linux-2.6 <not-affected> (introduced in 2.6.36)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.36)
-CVE-2011-2497
+CVE-2011-2497 (Integer underflow in the l2cap_config_req function in net/bluetooth/l2 ...)
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.39-3
-CVE-2011-2496
+CVE-2011-2496 (Integer overflow in the vma_to_resize function in mm/mremap.c in the L ...)
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.39-1 (low)
-CVE-2011-2495
+CVE-2011-2495 (fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly r ...)
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-1 (low)
-CVE-2011-2494
+CVE-2011-2494 (kernel/taskstats.c in the Linux kernel before 3.1 allows local users t ...)
 	- linux-2.6 3.0.0-5 (low)
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2011-2493
+CVE-2011-2493 (The ext4_fill_super function in fs/ext4/super.c in the Linux kernel be ...)
 	- linux-2.6 2.6.39-1 (low)
 	[squeeze] - linux-2.6 <not-affected> (sbi->s_err-report didn't exist yet)
 	[lenny] - linux-2.6 <not-affected> (sbi->s_err-report didn't exist yet)
-CVE-2011-2492
+CVE-2011-2492 (The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not pr ...)
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-1 (low)
-CVE-2011-2491
+CVE-2011-2491 (The Network Lock Manager (NLM) protocol implementation in the NFS clie ...)
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-1
-CVE-2011-2490
+CVE-2011-2490 (opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not chec ...)
 	{DSA-2281-1}
 	- opie <removed> (bug #631345)
-CVE-2011-2489
+CVE-2011-2489 (Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 a ...)
 	{DSA-2281-1}
 	- opie <removed> (bug #631344)
-CVE-2011-2488
+CVE-2011-2488 (Joomla! before 1.5.23 does not properly check for errors, which allows ...)
 	NOT-FOR-US: Joomla!
 CVE-2011-2487
 	RESERVED
 	NOT-FOR-US: Apache CXF
-CVE-2011-2486
+CVE-2011-2486 (nspluginwrapper before 1.4.4 does not properly provide access to NPNVp ...)
 	- nspluginwrapper <unfixed> (bug #671846)
 	[squeeze] - nspluginwrapper <no-dsa> (Contrib not supported)
-CVE-2011-2485
+CVE-2011-2485 (The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk- ...)
 	- gdk-pixbuf 2.23.3-3.1 (bug #631524)
 	[squeeze] - gdk-pixbuf <no-dsa> (Minor issue)
 	[lenny] - gdk-pixbuf <no-dsa> (Minor issue)
-CVE-2011-2484
+CVE-2011-2484 (The add_del_listener function in kernel/taskstats.c in the Linux kerne ...)
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.39-3 (low)
-CVE-2011-2483
+CVE-2011-2483 (crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain plat ...)
 	{DSA-2399-1 DSA-2340-1}
 	- libcrypt-eksblowfish-perl <not-affected> (discovered and corrected in initial release in 2007)
 	- php-suhosin <not-affected> (bug #631283; that portion is not used since PHP 5.3)
@@ -7607,9 +7607,9 @@ CVE-2011-2483
 	- libxcrypt 1:2.4-1.1 (bug #679628)
 	[squeeze] - libxcrypt <no-dsa> (Minor issue)
 	NOTE: http://openwall.com/lists/oss-security/2011/06/20/2
-CVE-2011-2482
+CVE-2011-2482 (A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/ ...)
 	- linux-2.6 <not-affected> (RHEL-specific regression)
-CVE-2011-2481
+CVE-2011-2481 (Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace  ...)
 	- tomcat7 7.0.19-1
 CVE-2011-2480 [kfreebsd info disclosure]
 	RESERVED
@@ -7617,166 +7617,166 @@ CVE-2011-2480 [kfreebsd info disclosure]
 	- kfreebsd-8 8.2-3 (bug #631161)
 	[squeeze] - kfreebsd-8 8.1+dfsg-8+squeeze1
 	- kfreebsd-7 <removed>
-CVE-2011-2479
+CVE-2011-2479 (The Linux kernel before 2.6.39 does not properly create transparent hu ...)
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code introduced in 2.6.38)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code introduced in 2.6.38)
-CVE-2011-2478
+CVE-2011-2478 (Google SketchUp before 8 does not properly handle edge geometry in Ske ...)
 	NOT-FOR-US: Google SketchUp
-CVE-2011-2470
+CVE-2011-2470 (Cross-site scripting (XSS) vulnerability in chat/base/admin/login.php  ...)
 	NOT-FOR-US: A Really Simple Chat
 CVE-2011-2469
 	RESERVED
-CVE-2011-2467
+CVE-2011-2467 (SQL injection vulnerability in lsassd in Lsass in the Likewise Securit ...)
 	NOT-FOR-US: Likewise
 CVE-2011-2466
 	RESERVED
-CVE-2011-2465
+CVE-2011-2465 (Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and ...)
 	- bind9 1:9.8.1.dfsg.P1-1
 	[squeeze] - bind9 <not-affected> (Only affects 9.8)
 	[lenny] - bind9 <not-affected> (Only affects 9.8)
-CVE-2011-2464
+CVE-2011-2464 (Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9. ...)
 	{DSA-2272-1}
 	- bind9 1:9.8.1.dfsg-1 (high)
-CVE-2011-2463
+CVE-2011-2463 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 throu ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-2462
+CVE-2011-2462 (Unspecified vulnerability in the U3D component in Adobe Reader and Acr ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2011-2461
+CVE-2011-2461 (Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and ...)
 	NOT-FOR-US: Adobe Flex
-CVE-2011-2460
+CVE-2011-2460 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2459
+CVE-2011-2459 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2458
+CVE-2011-2458 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2457
+CVE-2011-2457 (Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2456
+CVE-2011-2456 (Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2455
+CVE-2011-2455 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2454
+CVE-2011-2454 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2453
+CVE-2011-2453 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2452
+CVE-2011-2452 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2451
+CVE-2011-2451 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2450
+CVE-2011-2450 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2449
+CVE-2011-2449 (The TextXtra module in Adobe Shockwave Player before 11.6.3.633 allows ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2011-2448
+CVE-2011-2448 (The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows  ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2011-2447
+CVE-2011-2447 (Adobe Shockwave Player before 11.6.3.633 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2011-2446
+CVE-2011-2446 (The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows  ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2011-2445
+CVE-2011-2445 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2444
+CVE-2011-2444 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2443
+CVE-2011-2443 (Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier  ...)
 	NOT-FOR-US: Adobe Photoshop Elements
-CVE-2011-2442
+CVE-2011-2442 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2441
+CVE-2011-2441 (Multiple stack-based buffer overflows in CoolType.dll in Adobe Reader  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2440
+CVE-2011-2440 (Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before 8. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2439
+CVE-2011-2439 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2438
+CVE-2011-2438 (Multiple stack-based buffer overflows in the image-parsing library in  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2437
+CVE-2011-2437 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2436
+CVE-2011-2436 (Heap-based buffer overflow in the image-parsing library in Adobe Reade ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2435
+CVE-2011-2435 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x befo ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2434
+CVE-2011-2434 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2433
+CVE-2011-2433 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2432
+CVE-2011-2432 (Buffer overflow in the U3D TIFF Resource in Adobe Reader and Acrobat 8 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2431
+CVE-2011-2431 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2430
+CVE-2011-2430 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2429
+CVE-2011-2429 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2428
+CVE-2011-2428 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2427
+CVE-2011-2427 (Stack-based buffer overflow in the ActionScript Virtual Machine (AVM)  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2426
+CVE-2011-2426 (Stack-based buffer overflow in the ActionScript Virtual Machine (AVM)  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2425
+CVE-2011-2425 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2424
+CVE-2011-2424 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2423
+CVE-2011-2423 (msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote  ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2422
+CVE-2011-2422 (Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2421
+CVE-2011-2421 (Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows attacker ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2420
+CVE-2011-2420 (Adobe Shockwave Player before 11.6.1.629 allows remote attackers to ex ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2419
+CVE-2011-2419 (IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote at ...)
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2011-2418
 	REJECTED
-CVE-2011-2417
+CVE-2011-2417 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2416
+CVE-2011-2416 (Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, M ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2415
+CVE-2011-2415 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Ma ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2414
+CVE-2011-2414 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Ma ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2413
 	RESERVED
-CVE-2011-2412
+CVE-2011-2412 (Unspecified vulnerability in HP Business Service Automation (BSA) Esse ...)
 	NOT-FOR-US: HP Business Service Automation
-CVE-2011-2411
+CVE-2011-2411 (Unspecified vulnerability on HP NonStop Servers with software H06.x th ...)
 	NOT-FOR-US: HP NonStop Servers
-CVE-2011-2410
+CVE-2011-2410 (Cross-site scripting (XSS) vulnerability in HP OpenView Performance In ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-2409
+CVE-2011-2409 (Cross-site scripting (XSS) vulnerability in the Calendar application i ...)
 	NOT-FOR-US: HP Palm webOS 3.x
-CVE-2011-2408
+CVE-2011-2408 (Cross-site scripting (XSS) vulnerability in the Contacts application i ...)
 	NOT-FOR-US: HP Palm webOS 3.x
-CVE-2011-2407
+CVE-2011-2407 (Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31 ...)
 	NOT-FOR-US: HP OpenView Performance Insight
-CVE-2011-2406
+CVE-2011-2406 (Cross-site scripting (XSS) vulnerability in HP OpenView Performance In ...)
 	NOT-FOR-US: HP OpenView Performance Insight
-CVE-2011-2405
+CVE-2011-2405 (The HP ProLiant SL Advanced Power Manager (SL-APM) with firmware befor ...)
 	NOT-FOR-US: HP ProLiant SL Advanced Power Manager
-CVE-2011-2404
+CVE-2011-2404 (A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care S ...)
 	NOT-FOR-US: HP Easy Printer Care Software
-CVE-2011-2403
+CVE-2011-2403 (SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, ...)
 	NOT-FOR-US: HP Network Automation
-CVE-2011-2402
+CVE-2011-2402 (Cross-site scripting (XSS) vulnerability in HP Network Automation 7.2x ...)
 	NOT-FOR-US: HP Network Automation
-CVE-2011-2401
+CVE-2011-2401 (Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x all ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2011-2400
+CVE-2011-2400 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x, 10.x, an ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2011-2399
+CVE-2011-2399 (Unspecified vulnerability in the Media Management Daemon (mmd) in HP D ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-2398
+CVE-2011-2398 (Unspecified vulnerability in the dynamic loader in HP HP-UX B.11.11, B ...)
 	NOT-FOR-US: HP-UX
-CVE-2011-2397
+CVE-2011-2397 (The Agent service in Iron Mountain Connected Backup 8.4 allows remote  ...)
 	NOT-FOR-US: Iron Mountain Connected Backup
 CVE-2011-2396
 	RESERVED
 CVE-2011-2394
 	RESERVED
-CVE-2011-2393
+CVE-2011-2393 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack  ...)
 	- kfreebsd-7 <removed> (low)
 	- kfreebsd-8 <removed> (low)
 	[squeeze] - kfreebsd-8 <no-dsa> (Minor issue)
@@ -7790,7 +7790,7 @@ CVE-2011-2393
 	NOTE: Starting with stretch kfreebsd is no longer supported
 CVE-2011-2392
 	RESERVED
-CVE-2011-2391
+CVE-2011-2391 (The IPv6 implementation in the kernel in Apple iOS before 7 allows rem ...)
 	NOT-FOR-US: Apple iOS
 CVE-2011-2390
 	RESERVED
@@ -7800,25 +7800,25 @@ CVE-2011-2388
 	RESERVED
 CVE-2011-2387
 	RESERVED
-CVE-2011-2386
+CVE-2011-2386 (VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey befo ...)
 	NOT-FOR-US: VisiWave Site Survey
-CVE-2011-2385
+CVE-2011-2385 (The iPhoneHandle package 0.9.x before 0.9.7 and 1.0.x before 1.0.3 in  ...)
 	- otrs2 <not-affected> (does not include iPhoneHandle package)
 CVE-2011-2384
 	RESERVED
-CVE-2011-2381
+CVE-2011-2381 (CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x  ...)
 	{DSA-2322-1}
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla 3.6.2.0-4.4
-CVE-2011-2380
+CVE-2011-2380 (Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4. ...)
 	{DSA-2322-1}
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla 3.6.2.0-4.4
-CVE-2011-2379
+CVE-2011-2379 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22. ...)
 	{DSA-2322-1}
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla 3.6.2.0-4.4
-CVE-2011-2378
+CVE-2011-2378 (The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird ...)
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
 	[lenny] - icedove <end-of-life>
@@ -7829,12 +7829,12 @@ CVE-2011-2378
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2377
+CVE-2011-2377 (Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird befor ...)
 	- xulrunner <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
 	- iceweasel <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
 	- iceape <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
 	- icedove <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
-CVE-2011-2376
+CVE-2011-2376 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed> (unimportant)
 	[lenny] - xulrunner 1.9.0.19-12
@@ -7845,10 +7845,10 @@ CVE-2011-2376
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2375
+CVE-2011-2375 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- xulrunner <not-affected> (Only affects Firefox 5.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 5.0, not yet in unstable)
-CVE-2011-2374
+CVE-2011-2374 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed> (unimportant)
 	[lenny] - xulrunner 1.9.0.19-12
@@ -7859,7 +7859,7 @@ CVE-2011-2374
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2373
+CVE-2011-2373 (Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x  ...)
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-3
@@ -7870,7 +7870,7 @@ CVE-2011-2373
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2372
+CVE-2011-2372 (Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7. ...)
 	{DSA-2317-1 DSA-2313-1 DSA-2312-1}
 	- icedove 3.1.15-1
 	[lenny] - icedove <end-of-life>
@@ -7880,7 +7880,7 @@ CVE-2011-2372
 	- iceape 2.0.14-8
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2371
+CVE-2011-2371 (Integer overflow in the Array.reduceRight method in Mozilla Firefox be ...)
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-3
@@ -7891,26 +7891,26 @@ CVE-2011-2371
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2370
+CVE-2011-2370 (Mozilla Firefox before 5.0 does not properly enforce the whitelist for ...)
 	- xulrunner <not-affected> (Only affects Firefox 4.x and above)
 	- iceweasel 5.0-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 4.x and above)
 	- iceape <not-affected> (Only affects Firefox 4.x and above)
 	- icedove <not-affected> (Only affects Firefox 4.x and above)
-CVE-2011-2369
+CVE-2011-2369 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x throug ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
-CVE-2011-2368
+CVE-2011-2368 (The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
-CVE-2011-2367
+CVE-2011-2367 (The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
-CVE-2011-2366
+CVE-2011-2366 (Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbir ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
-CVE-2011-2365
+CVE-2011-2365 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6 ...)
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- xulrunner <not-affected> (Vulnerable code not present)
 	- iceweasel 3.5.19-3
@@ -7920,12 +7920,12 @@ CVE-2011-2365
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
-CVE-2011-2364
+CVE-2011-2364 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6 ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 3.6)
 	- iceweasel <not-affected> (Only affects Firefox >= 3.6)
 	- iceape <not-affected> (Only affects Firefox >= 3.6)
 	- icedove <not-affected> (Only affects Firefox >= 3.6)
-CVE-2011-2363
+CVE-2011-2363 (Use-after-free vulnerability in the nsSVGPointList::AppendElement func ...)
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
 	- xulrunner <removed> (unimportant)
@@ -7936,7 +7936,7 @@ CVE-2011-2363
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2362
+CVE-2011-2362 (Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonke ...)
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
 	- xulrunner <removed> (unimportant)
@@ -7947,72 +7947,72 @@ CVE-2011-2362
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-2361
+CVE-2011-2361 (The Basic Authentication dialog implementation in Google Chrome before ...)
 	- chromium-browser 13.0.782.107~r94237-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2360
+CVE-2011-2360 (Google Chrome before 13.0.782.107 does not ensure that the user is pro ...)
 	- chromium-browser 13.0.782.107~r94237-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2359
+CVE-2011-2359 (Google Chrome before 13.0.782.107 does not properly track line boxes d ...)
 	{DSA-2307-1}
 	- chromium-browser 13.0.782.107~r94237-1
 	NOTE: http://trac.webkit.org/changeset/90068
-CVE-2011-2358
+CVE-2011-2358 (Google Chrome before 13.0.782.107 does not ensure that extension insta ...)
 	- chromium-browser 13.0.782.107~r94237-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-2357
+CVE-2011-2357 (Cross-application scripting vulnerability in the Browser URL loading f ...)
 	NOT-FOR-US: Android
-CVE-2011-2356
+CVE-2011-2356 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2355
 	RESERVED
-CVE-2011-2354
+CVE-2011-2354 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2353
 	RESERVED
-CVE-2011-2352
+CVE-2011-2352 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2351
+CVE-2011-2351 (Use-after-free vulnerability in Google Chrome before 12.0.742.112 allo ...)
 	- chromium-browser 12.0.742.112~r90304-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/88584
 	NOTE: http://trac.webkit.org/changeset/88549
-CVE-2011-2350
+CVE-2011-2350 (The HTML parser in Google Chrome before 12.0.742.112 does not properly ...)
 	- chromium-browser 12.0.742.112~r90304-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/88411
 	NOTE: http://trac.webkit.org/changeset/88434
-CVE-2011-2349
+CVE-2011-2349 (Use-after-free vulnerability in Google Chrome before 12.0.742.112 allo ...)
 	- chromium-browser 12.0.742.112~r90304-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/88456
-CVE-2011-2348
+CVE-2011-2348 (Google V8, as used in Google Chrome before 12.0.742.112, performs an i ...)
 	- libv8 3.4.14-1
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Fixed in V8 bleeding edge r8230, 3.2.10.17 and 3.3.10.9.
-CVE-2011-2347
+CVE-2011-2347 (Google Chrome before 12.0.742.112 does not properly handle Cascading S ...)
 	- chromium-browser 12.0.742.112~r90304-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/88448
-CVE-2011-2346
+CVE-2011-2346 (Use-after-free vulnerability in Google Chrome before 12.0.742.112 allo ...)
 	- chromium-browser 12.0.742.112~r90304-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: introduced in http://trac.webkit.org/changeset/77740
 	NOTE: http://trac.webkit.org/changeset/87827
-CVE-2011-2345
+CVE-2011-2345 (The NPAPI implementation in Google Chrome before 12.0.742.112 does not ...)
 	- chromium-browser <not-affected> (linux version is not affected)
 	- webkit <not-affected>
-CVE-2011-2344
+CVE-2011-2344 (Android Picasa in Android 3.0 and 2.x through 2.3.4 uses a cleartext H ...)
 	NOT-FOR-US: Android SDK
 CVE-2011-2343
 	RESERVED
-CVE-2011-2341
+CVE-2011-2341 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2340
 	RESERVED
-CVE-2011-2339
+CVE-2011-2339 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-2338
+CVE-2011-2338 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-2337
 	RESERVED
@@ -8024,124 +8024,124 @@ CVE-2011-2334
 	RESERVED
 CVE-2011-2333
 	RESERVED
-CVE-2011-2329
+CVE-2011-2329 (The rampart_timestamp_token_validate function in util/rampart_timestam ...)
 	- rampart 1.3.0-3 (low; bug #631221)
 	[squeeze] - rampart <no-dsa> (Minor issue)
-CVE-2011-2327
+CVE-2011-2327 (Unspecified vulnerability in the Oracle Communications Unified compone ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-2326
+CVE-2011-2326 (Unspecified vulnerability in the EnterpriseOne Tools component in Orac ...)
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-2325
+CVE-2011-2325 (Unspecified vulnerability in the EnterpriseOne Tools component in Orac ...)
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-2324
+CVE-2011-2324 (Unspecified vulnerability in the EnterpriseOne Tools component in Orac ...)
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-2323
+CVE-2011-2323 (Unspecified vulnerability in the Health Sciences - Oracle Thesaurus Ma ...)
 	NOT-FOR-US: Oracle Thesaurus Management System
-CVE-2011-2322
+CVE-2011-2322 (Unspecified vulnerability in the Database Vault component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2321
+CVE-2011-2321 (Unspecified vulnerability in the EnterpriseOne Tools component in Orac ...)
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-2320
+CVE-2011-2320 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-2319
+CVE-2011-2319 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-2318
+CVE-2011-2318 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-2317
+CVE-2011-2317 (Unspecified vulnerability in the EnterpriseOne Tools component in Orac ...)
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-2316
+CVE-2011-2316 (Unspecified vulnerability in the Siebel Apps - Marketing component in  ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2011-2315
+CVE-2011-2315 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2011-2314
+CVE-2011-2314 (Unspecified vulnerability in the Oracle Containers for J2EE component  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-2313
+CVE-2011-2313 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2312
+CVE-2011-2312 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2311
+CVE-2011-2311 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2310
+CVE-2011-2310 (Unspecified vulnerability in the Oracle Waveset component in Oracle Su ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-2309
+CVE-2011-2309 (Unspecified vulnerability in the Health Sciences - Oracle Clinical, Re ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2011-2308
+CVE-2011-2308 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-2307
+CVE-2011-2307 (Unspecified vulnerability in Oracle SysFW 8.1.0.a in various Oracle SP ...)
 	NOT-FOR-US: Oracle SysFW
-CVE-2011-2306
+CVE-2011-2306 (Unspecified vulnerability in Oracle Linux 4 and 5 allows remote authen ...)
 	NOT-FOR-US: Oracle Linux-specific feature
-CVE-2011-2305
+CVE-2011-2305 (Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local use ...)
 	- virtualbox-ose <not-affected> (Only affects 4.x)
 	- virtualbox 4.0.10-dfsg-1
-CVE-2011-2304
+CVE-2011-2304 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2303
+CVE-2011-2303 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-2302
+CVE-2011-2302 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-2301
+CVE-2011-2301 (Unspecified vulnerability in the Oracle Text component in Oracle Datab ...)
 	NOT-FOR-US: Oracle Database
-CVE-2011-2300
+CVE-2011-2300 (Unspecified vulnerability in Oracle VM VirtualBox 3.0, 3.1, 3.2, and 4 ...)
 	- virtualbox-guest-additions-iso 4.0.10-1 (bug #635276)
 	[squeeze] - virtualbox-guest-additions <no-dsa> (Non-free not supported)
-CVE-2011-2299
+CVE-2011-2299 (Unspecified vulnerability in Oracle SPARC Enterprise M3000, M4000, M50 ...)
 	NOT-FOR-US: Oracle SPARC Enterprise
-CVE-2011-2298
+CVE-2011-2298 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows r ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2297
+CVE-2011-2297 (Unspecified vulnerability in Oracle Solaris Cluster 3.3 allows local u ...)
 	NOT-FOR-US: Oracle Solaris Cluster
-CVE-2011-2296
+CVE-2011-2296 (Unspecified vulnerability in Oracle Solaris 11 Express allows local us ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2295
+CVE-2011-2295 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2294
+CVE-2011-2294 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows r ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2293
+CVE-2011-2293 (Unspecified vulnerability in Oracle Solaris 11 Express allows local us ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2292
+CVE-2011-2292 (Unspecified vulnerability in Oracle Solaris 9 and 11 Express allows lo ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2291
+CVE-2011-2291 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2290
+CVE-2011-2290 (Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows  ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2289
+CVE-2011-2289 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2288
+CVE-2011-2288 (Unspecified vulnerability in Sun Integrated Lights Out Manager (ILOM)  ...)
 	NOT-FOR-US: Oracle SysFW
-CVE-2011-2287
+CVE-2011-2287 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2286
+CVE-2011-2286 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows r ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2285
+CVE-2011-2285 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2284
+CVE-2011-2284 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2283
+CVE-2011-2283 (Unspecified vulnerability in the PeopleSoft Enterprise FMS component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2282
+CVE-2011-2282 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2281
+CVE-2011-2281 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2280
+CVE-2011-2280 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2279
+CVE-2011-2279 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2278
+CVE-2011-2278 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2277
+CVE-2011-2277 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2011-2276
 	REJECTED
-CVE-2011-2275
+CVE-2011-2275 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2274
+CVE-2011-2274 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2273
+CVE-2011-2273 (Unspecified vulnerability in the Agile Core Technology component in Or ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2011-2272
+CVE-2011-2272 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2271
+CVE-2011-2271 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2011-2270
 	REJECTED
@@ -8149,68 +8149,68 @@ CVE-2011-2269
 	REJECTED
 CVE-2011-2268
 	REJECTED
-CVE-2011-2267
+CVE-2011-2267 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-2266
 	REJECTED
 CVE-2011-2265
 	REJECTED
-CVE-2011-2264
+CVE-2011-2264 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-2263
+CVE-2011-2263 (Unspecified vulnerability in Sun Integrated Lights Out Manager in Orac ...)
 	NOT-FOR-US: Oracle SysFW
-CVE-2011-2262
+CVE-2011-2262 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2011-2261
+CVE-2011-2261 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle Secure Backup
-CVE-2011-2260
+CVE-2011-2260 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-2259
+CVE-2011-2259 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2258
+CVE-2011-2258 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2257
+CVE-2011-2257 (Unspecified vulnerability in the Database Target Type Menus component  ...)
 	NOT-FOR-US: Oracle Database Server and Enterprise Manager Grid Control
 CVE-2011-2256
 	REJECTED
-CVE-2011-2255
+CVE-2011-2255 (Unspecified vulnerability in the Oracle WebLogic Portal component in O ...)
 	NOT-FOR-US: Oracle Fusion
 CVE-2011-2254
 	REJECTED
-CVE-2011-2253
+CVE-2011-2253 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2252
+CVE-2011-2252 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle Secure Backup
-CVE-2011-2251
+CVE-2011-2251 (Unspecified vulnerability in the Oracle Secure Backup component in Ora ...)
 	NOT-FOR-US: Oracle Secure Backup
-CVE-2011-2250
+CVE-2011-2250 (Unspecified vulnerability in the PeopleSoft Enterprise FIN component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2011-2249
+CVE-2011-2249 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-2248
+CVE-2011-2248 (Unspecified vulnerability in the SQL Performance Advisories/UIs compon ...)
 	NOT-FOR-US: Oracle Database Server and Enterprise Manager Grid Control
 CVE-2011-2247
 	REJECTED
-CVE-2011-2246
+CVE-2011-2246 (Unspecified vulnerability in the Business Intelligence component in Or ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-2245
+CVE-2011-2245 (Unspecified vulnerability in the Solaris component in Oracle Sun Produ ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-2244
+CVE-2011-2244 (Unspecified vulnerability in the Security Framework component in Oracl ...)
 	NOT-FOR-US: Oracle Database Server and Enterprise Manager Grid Control
-CVE-2011-2243
+CVE-2011-2243 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2242
+CVE-2011-2242 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2241
+CVE-2011-2241 (Unspecified vulnerability in the Oracle Business Intelligence Enterpri ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-2240
+CVE-2011-2240 (Unspecified vulnerability in the Oracle Universal Installer component  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2239
+CVE-2011-2239 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2238
+CVE-2011-2238 (Unspecified vulnerability in the Database Vault component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2237
+CVE-2011-2237 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
 	NOT-FOR-US: Oracle Fusion
 CVE-2011-2236
 	REJECTED
@@ -8220,43 +8220,43 @@ CVE-2011-2234
 	REJECTED
 CVE-2011-2233
 	REJECTED
-CVE-2011-2232
+CVE-2011-2232 (Unspecified vulnerability in the XML Developer Kit component in Oracle ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2231
+CVE-2011-2231 (Unspecified vulnerability in the XML Developer Kit component in Oracle ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-2230
+CVE-2011-2230 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
 CVE-2011-2229
 	REJECTED
 CVE-2011-2228
 	REJECTED
-CVE-2011-2227
+CVE-2011-2227 (Cross-site scripting (XSS) vulnerability in Novell Identity Manager (a ...)
 	NOT-FOR-US: Novell Identity Manager
-CVE-2011-2226
+CVE-2011-2226 (Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as use ...)
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2225
+CVE-2011-2225 (Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studi ...)
 	NOT-FOR-US: Kiwi, SUSE Studio
-CVE-2011-2224
+CVE-2011-2224 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1 ...)
 	NOT-FOR-US: Novell Data Synchronizer
-CVE-2011-2223
+CVE-2011-2223 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1 ...)
 	NOT-FOR-US: Novell Data Synchronizer
-CVE-2011-2222
+CVE-2011-2222 (Session fixation vulnerability in WebAdmin in the Mobility Pack before ...)
 	NOT-FOR-US: Novell Data Synchronizer
-CVE-2011-2221
+CVE-2011-2221 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1 ...)
 	NOT-FOR-US: Novell Data Synchronizer
-CVE-2011-2220
+CVE-2011-2220 (Stack-based buffer overflow in NFREngine.exe in Novell File Reporter E ...)
 	NOT-FOR-US: Novell File Reporter
-CVE-2011-2219
+CVE-2011-2219 (Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-2218
+CVE-2011-2218 (Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-2217
+CVE-2011-2217 (Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex5 ...)
 	NOT-FOR-US: VMware
-CVE-2011-2213
+CVE-2011-2213 (The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux k ...)
 	{DSA-2389-1 DSA-2310-1}
 	- linux-2.6 2.6.39-3
 	[squeeze] - linux-2.6 2.6.32-36
-CVE-2011-2212
+CVE-2011-2212 (Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier ...)
 	{DSA-2282-1}
 	- qemu-kvm 0.14.1+dfsg-3 (bug #632987)
 	- kvm <removed>
@@ -8264,13 +8264,13 @@ CVE-2011-2207
 	RESERVED
 	- dirmngr <unfixed> (unimportant; bug #627377)
 	NOTE: Negligible impact
-CVE-2011-2206
+CVE-2011-2206 (XMLParser.pm in DJabberd before 0.85 allows remote authenticated users ...)
 	NOT-FOR-US: Djabberd
-CVE-2011-2205
+CVE-2011-2205 (Prosody before 0.8.1 does not properly detect recursion during entity  ...)
 	- prosody 0.7.0-1 (low; bug #579087)
 	[squeeze] - prosody <no-dsa> (Minor issue)
 	[lenny] - prosody <no-dsa> (Minor issue)
-CVE-2011-2204
+CVE-2011-2204 (Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7 ...)
 	{DSA-2401-1}
 	- tomcat5.5 <removed> (low; bug #632882)
 	[lenny] - tomcat5.5 <no-dsa> (Minor issue)
@@ -8278,30 +8278,30 @@ CVE-2011-2204
 	[lenny] - tomcat6 <no-dsa> (Minor issue)
 	[squeeze] - tomcat6 <no-dsa> (Minor issue)
 	- tomcat7 7.0.16-3 (low; bug #632882)
-CVE-2011-2201
+CVE-2011-2201 (The Data::FormValidator module 4.66 and earlier for Perl, when untaint ...)
 	- libdata-formvalidator-perl 4.66-3 (low; bug #629511)
 	[lenny] - libdata-formvalidator-perl <no-dsa> (Minor issue)
 	[squeeze] - libdata-formvalidator-perl 4.66-1+squeeze1
-CVE-2011-2200
+CVE-2011-2200 (The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus ( ...)
 	- dbus 1.4.12-1 (low; bug #629938)
 	[squeeze] - dbus 1.2.24-4+squeeze1
 	[lenny] - dbus <no-dsa> (Minor issue)
-CVE-2011-2197
+CVE-2011-2197 (The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x ...)
 	- rails <not-affected> (Affected plugin not installed, see bug #634990)
-CVE-2011-2196
+CVE-2011-2196 (jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as dis ...)
 	NOT-FOR-US: JBoss Seam
 CVE-2011-2195
 	RESERVED
-CVE-2011-2193
+CVE-2011-2193 (Multiple buffer overflows in Terascale Open-Source Resource and Queue  ...)
 	{DSA-2329-1}
 	- torque 2.4.15+dfsg-1 (bug #635342)
-CVE-2011-2192
+CVE-2011-2192 (The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10. ...)
 	{DSA-2271-1}
 	- curl 7.21.6-2 (high; bug #631615)
-CVE-2011-2191
+CVE-2011-2191 (Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in C ...)
 	- cherokee <removed> (low; bug #661993)
 	[squeeze] - cherokee <no-dsa> (Minor issue)
-CVE-2011-2189
+CVE-2011-2189 (net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does n ...)
 	- linux-2.6 2.6.35-1 (low)
 	[lenny] - linux-2.6 <no-dsa> (attacker needs elevated CAP_SYS_ADMIN privileges to abuse this)
 	[squeeze] - linux-2.6 <no-dsa> (attacker needs elevated CAP_SYS_ADMIN privileges to abuse this)
@@ -8318,154 +8318,154 @@ CVE-2011-2187
 CVE-2011-2186
 	RESERVED
 	NOTE: Disputed gitweb non-issue: https://bugzilla.redhat.com/show_bug.cgi?id=713298
-CVE-2011-2181
+CVE-2011-2181 (Multiple SQL injection vulnerabilities in A Really Simple Chat (ARSC)  ...)
 	NOT-FOR-US: A Really Simple Chat
-CVE-2011-2180
+CVE-2011-2180 (Cross-site scripting (XSS) vulnerability in dereferer.php in A Really  ...)
 	NOT-FOR-US: A Really Simple Chat
 CVE-2011-2177
 	RESERVED
 	NOT-FOR-US: Claimed older OpenOffice vulnerability, which was never disclosed
-CVE-2011-2176
+CVE-2011-2176 (GNOME NetworkManager before 0.8.6 does not properly enforce the auth_a ...)
 	- network-manager 0.9.0-1 (low; bug #631520)
 	[squeeze] - network-manager <no-dsa> (Minor issue)
 	NOTE: http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h=id=e7273c1609ac267e1d77ff03c97c8929f15e3737
 	NOTE: http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h=id=287fe10c40ae9b90ce703b79f3479b755f0956c0
 	NOTE: http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h=id=e5085f950730b1e2e68645231e2042127c29a82e
-CVE-2011-2167
+CVE-2011-2167 (script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot ...)
 	- dovecot 1:2.0.13-1 (low)
 	[squeeze] - dovecot <not-affected> (Vulnerable script not present)
 	[lenny] - dovecot <not-affected> (Vulnerable script not present)
-CVE-2011-2166
+CVE-2011-2166 (script-login in Dovecot 2.0.x before 2.0.13 does not follow the user a ...)
 	- dovecot 1:2.0.13-1 (low)
 	[squeeze] - dovecot <not-affected> (Vulnerable script not present)
 	[lenny] - dovecot <not-affected> (Vulnerable script not present)
-CVE-2011-2477
+CVE-2011-2477 (Multiple cross-site scripting (XSS) vulnerabilities in config.c in con ...)
 	- icinga 1.4.1-1
 	[squeeze] - icinga <no-dsa> (Minor issue)
 	- nagios3 3.4.1-1
 	[squeeze] - nagios3 <no-dsa> (Minor issue)
 	NOTE: Nagios might be fixed earlier than 3.4.1, checked the Wheezy version
-CVE-2011-2476
+CVE-2011-2476 (Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery ( ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2011-2208
+CVE-2011-2208 (Integer signedness error in the osf_getdomainname function in arch/alp ...)
 	{DSA-2310-1}
 	- linux-2.6 2.6.32-1
 	NOTE: Support for Alpha was dropped with Squeeze, so marking 2.6.32 as fixed
-CVE-2011-2209
+CVE-2011-2209 (Integer signedness error in the osf_sysinfo function in arch/alpha/ker ...)
 	{DSA-2310-1}
 	- linux-2.6 2.6.32-1
 	NOTE: Support for Alpha was dropped with Squeeze, so marking 2.6.32 as fixed
-CVE-2011-2210
+CVE-2011-2210 (The osf_getsysinfo function in arch/alpha/kernel/osf_sys.c in the Linu ...)
 	- linux-2.6 2.6.32-1
 	NOTE: Support for Alpha was dropped with Squeeze, so marking 2.6.32 as fixed
-CVE-2011-2211
+CVE-2011-2211 (The osf_wait4 function in arch/alpha/kernel/osf_sys.c in the Linux ker ...)
 	{DSA-2310-1}
 	- linux-2.6 2.6.32-1
 	NOTE: Support for Alpha was dropped with Squeeze, so marking 2.6.32 as fixed
-CVE-2011-2203
+CVE-2011-2203 (The hfs_find_init function in the Linux kernel 2.6 allows local users  ...)
 	- linux-2.6 3.1.1-1
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2011-2202
+CVE-2011-2202 (The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3. ...)
 	{DSA-2266-1}
 	- php5 5.3.6-12
-CVE-2011-2199
+CVE-2011-2199 (Buffer overflow in tftp-hpa before 5.1 allows remote attackers to caus ...)
 	- tftp-hpa 5.1-1 (low)
 	[squeeze] - tftp-hpa <no-dsa> (Minor issue)
 	NOTE: http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8
-CVE-2011-2198
+CVE-2011-2198 (The "insert-blank-characters" capability in caps.c in gnome-terminal ( ...)
 	- vte 1:0.28.1-1 (low; bug #629688)
 	[lenny] - vte <no-dsa> (Minor issue)
 	[squeeze] - vte 1:0.24.3-3
-CVE-2011-2185
+CVE-2011-2185 (Fabric before 1.1.0 allows local users to overwrite arbitrary files vi ...)
 	- fabric 1.1.2-1 (low; bug #629003)
 	[squeeze] - fabric <no-dsa> (Minor issue)
-CVE-2011-2475
+CVE-2011-2475 (Format string vulnerability in ECTrace.dll in the iMailGateway service ...)
 	NOT-FOR-US: Sybase OneBridge Mobile Data Suite
-CVE-2011-2474
+CVE-2011-2474 (Directory traversal vulnerability in the HTTP Server in Sybase EAServe ...)
 	NOT-FOR-US: Sybase EAServer
-CVE-2011-2473
+CVE-2011-2473 (The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and ear ...)
 	- oprofile 0.9.6-1.1+squeeze2 (bug #630084)
-CVE-2011-2472
+CVE-2011-2472 (Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 ...)
 	- oprofile 0.9.6-1.1+squeeze2 (bug #630084)
-CVE-2011-2471
+CVE-2011-2471 (utils/opcontrol in OProfile 0.9.6 and earlier might allow local users  ...)
 	- oprofile 0.9.6-1.1+squeeze2 (bug #630084)
-CVE-2011-2468
+CVE-2011-2468 (Directory traversal vulnerability in the web interface in AnyMacro Mai ...)
 	NOT-FOR-US: AnyMacro Mail System G4X
-CVE-2011-2395
+CVE-2011-2395 (The Neighbor Discovery (ND) protocol implementation in Cisco IOS on un ...)
 	NOT-FOR-US: Cisco
-CVE-2011-2383
+CVE-2011-2383 (Microsoft Internet Explorer 9 and earlier does not properly restrict c ...)
 	NOT-FOR-US: Microsoft
-CVE-2011-2342
+CVE-2011-2342 (The DOM implementation in Google Chrome before 12.0.742.91 allows remo ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/88071
-CVE-2011-2382
+CVE-2011-2382 (Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 bet ...)
 	NOT-FOR-US: Microsoft
-CVE-2011-2332
+CVE-2011-2332 (Google V8, as used in Google Chrome before 12.0.742.91, allows remote  ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8 3.4.14-1
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: execScript removed in libv8 3.2 branch
-CVE-2011-2194
+CVE-2011-2194 (Integer overflow in the XSPF playlist parser in VideoLAN VLC media pla ...)
 	{DSA-2257-1}
 	- vlc 1.1.10-1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	NOTE: http://repo.or.cz/w/vlc.git/commitdiff/cd929923ff49175a501bb3e9553a683bc42ff61c
-CVE-2011-2190
+CVE-2011-2190 (The generate_admin_password function in Cherokee before 1.2.99 uses ti ...)
 	- cherokee 1.0.14-1 (low; bug #647205)
 	[squeeze] - cherokee 1.0.8-5+squeeze1
 	[lenny] - cherokee <no-dsa> (Minor issue)
 	NOTE: http://code.google.com/p/cherokee/issues/detail?id=1212
-CVE-2011-2188
+CVE-2011-2188 (LuaExpat before 1.2.0 does not properly detect recursion during entity ...)
 	- lua-expat 1.2.0-1 (low; bug #629225)
 	[squeeze] - lua-expat 1.2.0-0squeeze1
 	[lenny] - lua-expat <no-dsa> (Minor issue)
-CVE-2011-2184
+CVE-2011-2184 (The key_replace_session_keyring function in security/keys/process_keys ...)
 	- linux-2.6 2.6.39-2
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.39)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.39)
-CVE-2011-2183
+CVE-2011-2183 (Race condition in the scan_get_next_rmap_item function in mm/ksm.c in  ...)
 	{DSA-2389-1}
 	- linux-2.6 2.6.39-3 (low)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[squeeze] - linux-2.6 2.6.32-36
-CVE-2011-2331
+CVE-2011-2331 (Integer overflow in img.exe in HP Intelligent Management Center (IMC)  ...)
 	NOT-FOR-US: HP Intelligent Management Center (IMC)
-CVE-2011-2330
+CVE-2011-2330 (Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1,  ...)
 	NOT-FOR-US: IBM Tivoli Management Framework
-CVE-2011-2328
+CVE-2011-2328 (Buffer overflow in HP LoadRunner allows remote attackers to cause a de ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2011-2215
+CVE-2011-2215 (Unspecified vulnerability in WalRack 1.x before 1.1.8 and 2.x before 2 ...)
 	NOT-FOR-US: WalRack
-CVE-2011-2214
+CVE-2011-2214 (Unspecified vulnerability in the Open Database Connectivity (ODBC) com ...)
 	NOT-FOR-US: 7T Interactive Graphical SCADA System
-CVE-2011-2175
+CVE-2011-2175 (Integer underflow in the visual_read function in wiretap/visual.c in W ...)
 	{DSA-2274-1}
 	- wireshark 1.6.0-1 (unimportant; bug #630159)
 	NOTE: Crashes w/o code injection not treated as security issues, see README.Security
-CVE-2011-2174
+CVE-2011-2174 (Double free vulnerability in the tvb_uncompress function in epan/tvbuf ...)
 	{DSA-2274-1}
 	- wireshark 1.6.0-1 (bug #630159)
-CVE-2011-2173
+CVE-2011-2173 (The implementation of OutputMediator objects in IBM WebSphere Portal 6 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2011-2172
+CVE-2011-2172 (Cross-site scripting (XSS) vulnerability in the search center in IBM W ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2011-2171
+CVE-2011-2171 (Unspecified vulnerability in the dbugs package in Google Chrome OS bef ...)
 	NOT-FOR-US: Google Chrome OS
-CVE-2011-2170
+CVE-2011-2170 (Google Chrome OS before R12 0.12.433.38 Beta, when Guest mode is enabl ...)
 	NOT-FOR-US: Google Chrome OS
-CVE-2011-2169
+CVE-2011-2169 (Google Chrome OS before R12 0.12.433.38 Beta allows local users to gai ...)
 	NOT-FOR-US: Google Chrome OS
-CVE-2011-2168
+CVE-2011-2168 (Multiple integer overflows in the glob implementation in libc in OpenB ...)
 	NOT-FOR-US: OpenBSD
-CVE-2011-2165
+CVE-2011-2165 (The STARTTLS implementation in WatchGuard XCS 9.0 and 9.1 does not pro ...)
 	NOT-FOR-US: WatchGuard XCS
-CVE-2011-2182
+CVE-2011-2182 (The ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel b ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.39-2
 	[squeeze] - linux-2.6 2.6.32-35
-CVE-2011-2179
+CVE-2011-2179 (Multiple cross-site scripting (XSS) vulnerabilities in config.c in con ...)
 	- nagios3 3.2.3-3 (bug #629127)
 	[lenny] - nagios3 <not-affected> (Affected feature got introduced in 3.2.2)
 	[squeeze] - nagios3 <not-affected> (Affected feature got introduced in 3.2.2)
@@ -8473,13 +8473,13 @@ CVE-2011-2179
 	[squeeze] - icinga <not-affected> (Affected feature got introduced in 1.3.1)
 	[lenny] - icinga <not-affected> (Affected feature got introduced in 1.3.1)
 	NOTE: http://tracker.nagios.org/view.php?id=224
-CVE-2011-2178
+CVE-2011-2178 (The virSecurityManagerGetPrivateData function in security/security_man ...)
 	- libvirt 0.9.1-2 (bug #629128)
 	[squeeze] - libvirt <not-affected> (Introduced in 0.8.8)
 	[lenny] - libvirt <not-affected> (Introduced in 0.8.8)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=709769
 	NOTE: https://www.redhat.com/archives/libvir-list/2011-May/msg01935.html
-CVE-2011-2216
+CVE-2011-2216 (reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8 ...)
 	- asterisk 1:1.8.4.2-1 (bug #629130)
 	[lenny] - asterisk <not-affected> (Only affects 1.8)
 	[squeeze] - asterisk <not-affected> (Only affects 1.8)
@@ -8488,212 +8488,212 @@ CVE-2011-XXXX [unspecified security vulnerabilities]
 	- movabletype-opensource 4.3.6+dfsg-1 (bug #627936)
 	[squeeze] - movabletype-opensource 4.3.5+dfsg-2+squeeze2
 	[lenny] - movabletype-opensource 4.2.3-1+lenny3
-CVE-2011-2164
+CVE-2011-2164 (Multiple unspecified vulnerabilities in Adobe Photoshop before 12.0.4  ...)
 	NOT-FOR-US: Photoshop
-CVE-2011-2163
+CVE-2011-2163 (Unspecified vulnerability in Virtualization Manager 1.2.2 in IBM Syste ...)
 	NOT-FOR-US: IBM Systems Director
-CVE-2011-2162
+CVE-2011-2162 (Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as ...)
 	{DSA-2306-1}
 	- libav 4:0.6-1 (bug #628448)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 	NOTE: duplicate of CVE-2011-1198
-CVE-2011-2161
+CVE-2011-2161 (The ape_read_header function in ape.c in libavformat in FFmpeg before  ...)
 	{DSA-2306-1}
 	- libav 4:0.6-1 (bug #628448)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1c31b26b
-CVE-2011-2160
+CVE-2011-2160 (The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPl ...)
 	{DSA-2306-1}
 	- libav 4:0.6-1 (bug #628448)
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
 	NOTE: duplicate of CVE-2011-0723
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=8069e2f6
-CVE-2011-2159
+CVE-2011-2159 (The SmarterTools SmarterStats 6.0 web server omits the Content-Type he ...)
 	NOT-FOR-US: SmarterStats
-CVE-2011-2158
+CVE-2011-2158 (The SmarterTools SmarterStats 6.0 web server sends incorrect Content-T ...)
 	NOT-FOR-US: SmarterStats
-CVE-2011-2157
+CVE-2011-2157 (The (1) Admin/frmEmailReportSettings.aspx and (2) Admin/frmGeneralSett ...)
 	NOT-FOR-US: SmarterStats
-CVE-2011-2156
+CVE-2011-2156 (The SmarterTools SmarterStats 6.0 web server allows remote attackers t ...)
 	NOT-FOR-US: SmarterStats
-CVE-2011-2155
+CVE-2011-2155 (Login.aspx in the SmarterTools SmarterStats 6.0 web server generates a ...)
 	NOT-FOR-US: SmarterStats
-CVE-2011-2154
+CVE-2011-2154 (login.aspx in the SmarterTools SmarterStats 6.0 web server does not in ...)
 	NOT-FOR-US: SmarterStats
-CVE-2011-2153
+CVE-2011-2153 (Login.aspx in the SmarterTools SmarterStats 6.0 web server supports UR ...)
 	NOT-FOR-US: SmarterStats
-CVE-2011-2152
+CVE-2011-2152 (The SmarterTools SmarterStats 6.0 web server generates web pages conta ...)
 	NOT-FOR-US: SmarterStats
-CVE-2011-2151
+CVE-2011-2151 (The (1) Admin/frmEmailReportSettings.aspx, (2) Admin/frmGeneralSetting ...)
 	NOT-FOR-US: SmarterStats
-CVE-2011-2150
+CVE-2011-2150 (The SmarterTools SmarterStats 6.0 web server does not properly validat ...)
 	NOT-FOR-US: SmarterStats
-CVE-2011-2149
+CVE-2011-2149 (Multiple SQL injection vulnerabilities in the SmarterTools SmarterStat ...)
 	NOT-FOR-US: SmarterStats
-CVE-2011-2148
+CVE-2011-2148 (Admin/frmSite.aspx in the SmarterTools SmarterStats 6.0 web server all ...)
 	NOT-FOR-US: SmarterStats
-CVE-2011-2147
+CVE-2011-2147 (Openswan 2.2.x does not properly restrict permissions for (1) /var/run ...)
 	- openswan <not-affected> (In Debian no starter.pid is ever written and the subsys entry gets created with -rw-r--r-- permissions, bug #628449)
-CVE-2011-2146
+CVE-2011-2146 (mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Wor ...)
 	- open-vm-tools 2:8.4.2+2011.08.21-471295-1 (bug #631507)
 	[lenny] - open-vm-tools <no-dsa> (Contrib not supported)
 	[squeeze] - open-vm-tools <no-dsa> (Contrib not supported)
-CVE-2011-2145
+CVE-2011-2145 (mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Wor ...)
 	- open-vm-tools 2:8.4.2+2011.08.21-471295-1 (bug #631508)
 	[lenny] - open-vm-tools <no-dsa> (Contrib not supported)
 	[squeeze] - open-vm-tools <no-dsa> (Contrib not supported)
-CVE-2011-2144
+CVE-2011-2144 (The eDocument Conversion Actions implementation in IBM Datacap Taskmas ...)
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
-CVE-2011-2143
+CVE-2011-2143 (IBM Datacap Taskmaster Capture 8.0.1 before FP1, when Windows Authenti ...)
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
-CVE-2011-2142
+CVE-2011-2142 (The Web Client Service in IBM Datacap Taskmaster Capture 8.0.1 before  ...)
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
-CVE-2011-2141
+CVE-2011-2141 (SQL injection vulnerability in TMWeb in IBM Datacap Taskmaster Capture ...)
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
-CVE-2011-2140
+CVE-2011-2140 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2139
+CVE-2011-2139 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2138
+CVE-2011-2138 (Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, M ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2137
+CVE-2011-2137 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Ma ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2136
+CVE-2011-2136 (Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, M ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2135
+CVE-2011-2135 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2134
+CVE-2011-2134 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Ma ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2133
+CVE-2011-2133 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 bef ...)
 	NOT-FOR-US: Adobe RoboHelp
-CVE-2011-2132
+CVE-2011-2132 (Adobe Flash Media Server (FMS) before 3.5.7, and 4.x before 4.0.3, all ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2011-2131
+CVE-2011-2131 (Adobe Photoshop 12.0 in Creative Suite 5 (CS5) and 12.1 in Creative Su ...)
 	NOT-FOR-US: Adobe Photoshop
-CVE-2011-2130
+CVE-2011-2130 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Ma ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2129
 	REJECTED
-CVE-2011-2128
+CVE-2011-2128 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2127
+CVE-2011-2127 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2126
+CVE-2011-2126 (Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows att ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2125
+CVE-2011-2125 (Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2124
+CVE-2011-2124 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2123
+CVE-2011-2123 (Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shoc ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2122
+CVE-2011-2122 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attacker ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2121
+CVE-2011-2121 (Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows at ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2120
+CVE-2011-2120 (Integer overflow in the CursorAsset x32 component in Adobe Shockwave P ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2119
+CVE-2011-2119 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attacker ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2118
+CVE-2011-2118 (The FLV ASSET Xtra component in Adobe Shockwave Player before 11.6.0.6 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2117
+CVE-2011-2117 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2116
+CVE-2011-2116 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2115
+CVE-2011-2115 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote at ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2114
+CVE-2011-2114 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2113
+CVE-2011-2113 (Multiple buffer overflows in the Shockwave3DAsset component in Adobe S ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2112
+CVE-2011-2112 (Multiple buffer overflows in IML32.dll in Adobe Shockwave Player befor ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2111
+CVE-2011-2111 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2110
+CVE-2011-2110 (Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2109
+CVE-2011-2109 (Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player bef ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2108
+CVE-2011-2108 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2107
+CVE-2011-2107 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2106
+CVE-2011-2106 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x be ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2105
+CVE-2011-2105 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x be ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2104
+CVE-2011-2104 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x be ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2103
+CVE-2011-2103 (Adobe Reader and Acrobat 8.x before 8.3 on Windows and Mac OS X allow  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2102
+CVE-2011-2102 (Unspecified vulnerability in Adobe Reader and Acrobat before 10.1 on W ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2101
+CVE-2011-2101 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x be ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2100
+CVE-2011-2100 (Untrusted search path vulnerability in Adobe Reader and Acrobat 8.x be ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2099
+CVE-2011-2099 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x be ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2098
+CVE-2011-2098 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x be ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2097
+CVE-2011-2097 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2096
+CVE-2011-2096 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2095
+CVE-2011-2095 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2094
+CVE-2011-2094 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2093
+CVE-2011-2093 (Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and e ...)
 	NOT-FOR-US: Adobe LiveCycle Data Services
-CVE-2011-2092
+CVE-2011-2092 (Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and e ...)
 	NOT-FOR-US: Adobe LiveCycle Data Services
-CVE-2011-2091
+CVE-2011-2091 (Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0 ...)
 	NOT-FOR-US: Adobe ColdFusion
 CVE-2011-2090
 	RESERVED
-CVE-2011-2089
+CVE-2011-2089 (Stack-based buffer overflow in the SetActiveXGUID method in the Versio ...)
 	NOT-FOR-US: ICONICS BizViz, GENESIS32
-CVE-2011-2088
+CVE-2011-2088 (XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymp ...)
 	- libstruts1.2-java <not-affected> (struts 2 issue)
-CVE-2011-2087
+CVE-2011-2087 (Multiple cross-site scripting (XSS) vulnerabilities in component handl ...)
 	- libstruts1.2-java <not-affected> (struts 2 issue)
 CVE-2011-2086
 	RESERVED
-CVE-2011-2085
+CVE-2011-2085 (Multiple cross-site request forgery (CSRF) vulnerabilities in Best Pra ...)
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-2084
+CVE-2011-2084 (Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 all ...)
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-2083
+CVE-2011-2083 (Multiple cross-site scripting (XSS) vulnerabilities in Best Practical  ...)
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-2082
+CVE-2011-2082 (The vulnerable-passwords script in Best Practical Solutions RT 3.x bef ...)
 	{DSA-2480-1}
 	- request-tracker4 4.0.5-3
-CVE-2011-2081
+CVE-2011-2081 (MediaCAST 8 and earlier does not properly handle requests for inventiv ...)
 	NOT-FOR-US: MediaCAST
-CVE-2011-2080
+CVE-2011-2080 (Multiple SQL injection vulnerabilities in MediaCAST 8 and earlier allo ...)
 	NOT-FOR-US: MediaCAST
-CVE-2011-2079
+CVE-2011-2079 (MediaCAST 8 and earlier allows remote attackers to have an unspecified ...)
 	NOT-FOR-US: MediaCAST
-CVE-2011-2078
+CVE-2011-2078 (Multiple cross-site scripting (XSS) vulnerabilities in the New Atlanta ...)
 	NOT-FOR-US: New Atlanta BlueDragon
-CVE-2011-2077
+CVE-2011-2077 (The default configuration of the New Atlanta BlueDragon administrative ...)
 	NOT-FOR-US: New Atlanta BlueDragon
-CVE-2011-2076
+CVE-2011-2076 (MediaCAST 8 and earlier stores passwords in cleartext, which makes it  ...)
 	NOT-FOR-US: MediaCAST
-CVE-2011-2075
+CVE-2011-2075 (Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 SP ...)
 	NOT-FOR-US: Historical Chrome issue on Windows
-CVE-2011-2074
+CVE-2011-2074 (Unspecified vulnerability in the client in Skype 5.x before 5.1.0.922  ...)
 	NOT-FOR-US: Skype
 CVE-2011-2073
 	RESERVED
-CVE-2011-2072
+CVE-2011-2072 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x thro ...)
 	NOT-FOR-US: Cisco
 CVE-2011-2071
 	RESERVED
@@ -8709,7 +8709,7 @@ CVE-2011-2066
 	RESERVED
 CVE-2011-2065
 	RESERVED
-CVE-2011-2064
+CVE-2011-2064 (Cisco IOS 12.4MDA before 12.4(24)MDA5 on the Cisco Content Services Ga ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2011-2063
 	RESERVED
@@ -8717,13 +8717,13 @@ CVE-2011-2062
 	RESERVED
 CVE-2011-2061
 	RESERVED
-CVE-2011-2060
+CVE-2011-2060 (The platform-sw component on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2011-2059
+CVE-2011-2059 (The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attac ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-2058
+CVE-2011-2058 (The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-2057
+CVE-2011-2057 (The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2011-2056
 	RESERVED
@@ -8754,13 +8754,13 @@ CVE-2011-2044
 	RESERVED
 CVE-2011-2043
 	RESERVED
-CVE-2011-2042
+CVE-2011-2042 (The Sybase SQL Anywhere database component in Cisco CiscoWorks Common  ...)
 	NOT-FOR-US: Cisco CiscoWorks
-CVE-2011-2041
+CVE-2011-2041 (The Start Before Logon (SBL) functionality in Cisco AnyConnect Secure  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-2040
+CVE-2011-2040 (The helper application in Cisco AnyConnect Secure Mobility Client (for ...)
 	NOT-FOR-US: Cisco
-CVE-2011-2039
+CVE-2011-2039 (The helper application in Cisco AnyConnect Secure Mobility Client (for ...)
 	NOT-FOR-US: Cisco
 CVE-2011-2038
 	RESERVED
@@ -8790,195 +8790,195 @@ CVE-2011-2026
 	RESERVED
 CVE-2011-2025
 	RESERVED
-CVE-2011-2024
+CVE-2011-2024 (Cisco Network Registrar before 7.2 has a default administrative passwo ...)
 	NOT-FOR-US: Cisco
-CVE-2011-2023
+CVE-2011-2023 (Cross-site scripting (XSS) vulnerability in functions/mime.php in Squi ...)
 	{DSA-2291-1}
 	- squirrelmail 2:1.4.22-1
-CVE-2011-2022
+CVE-2011-2022 (The agp_generic_remove_memory function in drivers/char/agp/generic.c i ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
-CVE-2011-2021
+CVE-2011-2021 (Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3  ...)
 	NOT-FOR-US: TIBCO iProcess Engine
-CVE-2011-2020
+CVE-2011-2020 (Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine befo ...)
 	NOT-FOR-US: TIBCO iProcess Engine
-CVE-2011-2019
+CVE-2011-2019 (Untrusted search path vulnerability in Microsoft Internet Explorer 9 o ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-2018
+CVE-2011-2018 (The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP ...)
 	NOT-FOR-US: Microsoft Windows XP
 CVE-2011-2017
 	REJECTED
-CVE-2011-2016
+CVE-2011-2016 (Untrusted search path vulnerability in Windows Mail and Windows Meetin ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-2015
 	REJECTED
-CVE-2011-2014
+CVE-2011-2014 (The LDAP over SSL (aka LDAPS) implementation in Active Directory, Acti ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2013
+CVE-2011-2013 (Integer overflow in the TCP/IP implementation in Microsoft Windows Vis ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2012
+CVE-2011-2012 (Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1,  ...)
 	NOT-FOR-US: Microsoft Forefront
-CVE-2011-2011
+CVE-2011-2011 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2010
+CVE-2011-2010 (The Microsoft Office Input Method Editor (IME) for Simplified Chinese  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2011-2009
+CVE-2011-2009 (Untrusted search path vulnerability in Windows Media Center in Microso ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2008
+CVE-2011-2008 (Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and  ...)
 	NOT-FOR-US: Microsoft Host Integration Server
-CVE-2011-2007
+CVE-2011-2007 (Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and  ...)
 	NOT-FOR-US: Microsoft Host Integration Server
 CVE-2011-2006
 	REJECTED
-CVE-2011-2005
+CVE-2011-2005 (afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 a ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2004
+CVE-2011-2004 (Array index error in win32k.sys in the kernel-mode drivers in Microsof ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2003
+CVE-2011-2003 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2002
+CVE-2011-2002 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2,  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2001
+CVE-2011-2001 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-2000
+CVE-2011-2000 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1999
+CVE-2011-1999 (Microsoft Internet Explorer 8 does not properly allocate and access me ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1998
+CVE-2011-1998 (Microsoft Internet Explorer 9 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1997
+CVE-2011-1997 (Microsoft Internet Explorer 6 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1996
+CVE-2011-1996 (Microsoft Internet Explorer 6 through 8 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1995
+CVE-2011-1995 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-1994
 	REJECTED
-CVE-2011-1993
+CVE-2011-1993 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1992
+CVE-2011-1992 (The XSS Filter in Microsoft Internet Explorer 8 allows remote attacker ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1991
+CVE-2011-1991 (Multiple untrusted search path vulnerabilities in Microsoft Windows XP ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1990
+CVE-2011-1990 (Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2;  ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-1989
+CVE-2011-1989 (Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-1988
+CVE-2011-1988 (Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Offic ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-1987
+CVE-2011-1987 (Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in O ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-1986
+CVE-2011-1986 (Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-1985
+CVE-2011-1985 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1984
+CVE-2011-1984 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1983
+CVE-2011-1983 (Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, Off ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2011-1982
+CVE-2011-1982 (Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize  ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2011-1981
 	REJECTED
-CVE-2011-1980
+CVE-2011-1980 (Untrusted search path vulnerability in Microsoft Office 2003 SP3 and 2 ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2011-1979
+CVE-2011-1979 (Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objec ...)
 	NOT-FOR-US: Microsoft Visio
-CVE-2011-1978
+CVE-2011-1978 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly valid ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2011-1977
+CVE-2011-1977 (The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Co ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2011-1976
+CVE-2011-1976 (Cross-site scripting (XSS) vulnerability in the Report Viewer Control  ...)
 	NOT-FOR-US: Microsoft Visual Studio
-CVE-2011-1975
+CVE-2011-1975 (Untrusted search path vulnerability in the Data Access Tracing compone ...)
 	NOT-FOR-US: Microsoft
-CVE-2011-1974
+CVE-2011-1974 (NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-1973
 	REJECTED
-CVE-2011-1972
+CVE-2011-1972 (Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not pro ...)
 	NOT-FOR-US: Microsoft Visio
-CVE-2011-1971
+CVE-2011-1971 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1970
+CVE-2011-1970 (The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1969
+CVE-2011-1969 (Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1,  ...)
 	NOT-FOR-US: Microsoft Forefront
-CVE-2011-1968
+CVE-2011-1968 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1967
+CVE-2011-1967 (Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1966
+CVE-2011-1966 (The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 do ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1965
+CVE-2011-1965 (Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and SP1 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1964
+CVE-2011-1964 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1963
+CVE-2011-1963 (Microsoft Internet Explorer 7 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1962
+CVE-2011-1962 (Microsoft Internet Explorer 6 through 9 does not properly handle unspe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1961
+CVE-2011-1961 (The telnet URI handler in Microsoft Internet Explorer 6 through 9 does ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1960
+CVE-2011-1960 (Microsoft Internet Explorer 6 through 9 does not properly implement Ja ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1959
+CVE-2011-1959 (The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1 ...)
 	{DSA-2274-1}
 	- wireshark 1.6.0-1 (unimportant; bug #630159)
 	NOTE: Crashes w/o code injection not treated as security issues, see README.Security
-CVE-2011-1958
+CVE-2011-1958 (Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assis ...)
 	{DSA-2274-1}
 	- wireshark 1.6.0-1 (unimportant)
 	NOTE: Crashes w/o code injection not treated as security issues, see README.Security
-CVE-2011-1957
+CVE-2011-1957 (The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the D ...)
 	{DSA-2274-1}
 	- wireshark 1.6.0-1 (unimportant)
 	NOTE: Crashes w/o code injection not treated as security issues, see README.Security
-CVE-2011-1956
+CVE-2011-1956 (The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect point ...)
 	- wireshark 1.4.6-1 (unimportant)
 	[lenny] - wireshark <not-affected> (Affects 1.4.5 only)
 	[squeeze] - wireshark <not-affected> (Affects 1.4.5 only)
 	NOTE: Crashes w/o code injection not treated as security issues, see README.Security
 CVE-2011-1955
 	RESERVED
-CVE-2011-1954
+CVE-2011-1954 (Multiple cross-site request forgery (CSRF) vulnerabilities in Post Rev ...)
 	NOT-FOR-US: Post Revolution
-CVE-2011-1953
+CVE-2011-1953 (Multiple cross-site scripting (XSS) vulnerabilities in common.php in P ...)
 	NOT-FOR-US: Post Revolution
-CVE-2011-1952
+CVE-2011-1952 (common.php in Post Revolution before 0.8.0c-2 allows remote attackers  ...)
 	NOT-FOR-US: Post Revolution
-CVE-2011-1951
+CVE-2011-1951 (lib/logmatcher.c in Balabit syslog-ng before 3.2.4, when the global fl ...)
 	- syslog-ng 3.2.4-1 (low)
 	[squeeze] - syslog-ng <not-affected> (Only affects PCRE >= 8.12)
 	[lenny] - syslog-ng <not-affected> (Only affects PCRE >= 8.12)
 	NOTE: http://git.balabit.hu/?p=bazsi/syslog-ng-3.2.git;a=commit;h=09710c0b105e579d35c7b5f6c66d1ea5e3a3d3ff
-CVE-2011-1950
+CVE-2011-1950 (plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users ...)
 	- plone3 <removed>
-CVE-2011-1949
+CVE-2011-1949 (Cross-site scripting (XSS) vulnerability in the safe_html filter in Pr ...)
 	- plone3 <removed>
-CVE-2011-1948
+CVE-2011-1948 (Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allo ...)
 	- plone3 <removed>
-CVE-2011-1947
+CVE-2011-1947 (fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time a ...)
 	- fetchmail 6.3.22-1 (unimportant)
 	NOTE: http://www.fetchmail.info/fetchmail-SA-2011-01.txt
-CVE-2011-1946
+CVE-2011-1946 (gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but pr ...)
 	NOT-FOR-US: libgnomesu
-CVE-2011-1945
+CVE-2011-1945 (The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and  ...)
 	{DSA-2309-1}
 	- openssl 1.0.0e-1 (low)
-CVE-2011-1944
+CVE-2011-1944 (Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x  ...)
 	{DSA-2255-1}
 	- libxml2 2.7.8.dfsg-3 (bug #628537)
-CVE-2011-1943
+CVE-2011-1943 (The destroy_one_secret function in nm-setting-vpn.c in libnm-util in t ...)
 	- network-manager-openvpn <not-affected> (Affected code was only in experimental, see bug #628730)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=708876
 CVE-2011-1942
 	RESERVED
-CVE-2011-1941
+CVE-2011-1941 (Open redirect vulnerability in the redirector feature in phpMyAdmin 3. ...)
 	- phpmyadmin 4:3.4.1-1
 	[lenny] - phpmyadmin <not-affected> (3.4.x only)
 	[squeeze] - phpmyadmin <not-affected> (3.4.x only)
-CVE-2011-1940
+CVE-2011-1940 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3. ...)
 	{DSA-2391-1}
 	- phpmyadmin 4:3.4.1-1
 	[lenny] - phpmyadmin <not-affected> (3.3.x+ only)
@@ -8987,15 +8987,15 @@ CVE-2011-1939
 	RESERVED
 	- zendframework 1.11.6-1 (low)
 	[squeeze] - zendframework <no-dsa> (Minor issue)
-CVE-2011-1938
+CVE-2011-1938 (Stack-based buffer overflow in the socket_connect function in ext/sock ...)
 	{DSA-2399-1}
 	- php5 5.3.6-13 (low)
 	[lenny] - php5 <not-affected> (The Lenny version doesn't use memcpy)
-CVE-2011-1937
+CVE-2011-1937 (Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier a ...)
 	NOT-FOR-US: Webmin
-CVE-2011-1936
+CVE-2011-1936 (Xen, when using x86 Intel processors and the VMX virtualization extens ...)
 	- linux-2.6 <not-affected> (Only affected the old Xen kernel patch from 2.6.18/2.6.26)
-CVE-2011-1935
+CVE-2011-1935 (pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d94372 ...)
 	- libpcap 1.1.1-4 (low; bug #623868)
 	[squeeze] - libpcap 1.1.1-2+squeeze1
 	[lenny] - libpcap <not-affected>
@@ -9009,10 +9009,10 @@ CVE-2011-1933
 	RESERVED
 	- libjifty-dbi-perl 0.68-1 (low; bug #622919)
 	[squeeze] - libjifty-dbi-perl 0.60-1+squeeze1
-CVE-2011-1932
+CVE-2011-1932 (Directory traversal vulnerability in io/filesystem/filesystem.cc in Wi ...)
 	- widelands 1:15-3 (low; bug #617960)
 	[lenny] - widelands <no-dsa> (Minor issue)
-CVE-2011-1931
+CVE-2011-1931 (sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg bef ...)
 	- libav 4:0.6.2-3 (bug #624339)
 	- ffmpeg <not-affected> (vulnerability introduced in 0.6)
 	- ffmpeg-debian <not-affected> (vulnerability introduced in 0.6)
@@ -9021,342 +9021,342 @@ CVE-2011-1930
 	- klibc 1.5.22-1 (low)
 	[squeeze] - klibc 1.5.20-1+squeeze1
 	[lenny] - klibc 1.5.12-2lenny1
-CVE-2011-1929
+CVE-2011-1929 (lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2. ...)
 	{DSA-2252-1}
 	- dovecot 1:2.0.13-1 (bug #627443)
 	NOTE: [lenny] - dovecot <not-affected> (Vulnerability introduced in 1.1)
 	NOTE: <e15277de7326d4d7f8b560cd853e1a12@muenster.org> claims lenny is affected
-CVE-2011-1928
+CVE-2011-1928 (The fnmatch implementation in apr_fnmatch.c in the Apache Portable Run ...)
 	{DSA-2237-2}
 	- apr 1.4.5-1 (bug #627182)
-CVE-2011-1927
+CVE-2011-1927 (The ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel b ...)
 	- linux-2.6 2.6.39-1 (high)
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-1926
+CVE-2011-1926 (The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not ...)
 	{DSA-2258-1 DSA-2242-1}
 	- cyrus-imapd-2.2 2.2.13p1-11 (bug #627081)
 	- cyrus-imapd-2.4 2.4.7-1
 	- kolab-cyrus-imapd 2.2.13p1-0.1 (bug #629350)
-CVE-2011-1925
+CVE-2011-1925 (nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote ...)
 	- nbd 1:2.9.22-1 (bug #627042)
 	[wheezy] - nbd <not-affected>
 	[squeeze] - nbd <not-affected>
 	[lenny] - nbd <not-affected>
-CVE-2011-1924
+CVE-2011-1924 (Buffer overflow in the policy_summarize function in or/policies.c in T ...)
 	- tor 0.2.1.30-1
 	[squeeze] - tor <no-dsa> (Only affects the central Tor directory servers)
 	[lenny] - tor <no-dsa> (Only affects the central Tor directory servers)
-CVE-2011-1923
+CVE-2011-1923 (The Diffie-Hellman key-exchange implementation in dhm.c in PolarSSL be ...)
 	- polarssl 0.14.3-1 (low; bug #616114)
 	[squeeze] - polarssl <no-dsa> (Minor issue)
-CVE-2011-1922
+CVE-2011-1922 (daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functiona ...)
 	- unbound 1.4.10-1 (unimportant)
 	[lenny] - unbound 1.4.6-1~lenny2 (unimportant)
 	[squeeze] - unbound 1.4.6-1+squeeze2 (unimportant)
 	NOTE: http://unbound.nlnetlabs.nl/downloads/CVE-2011-1922.txt
 	NOTE: asserts not enabled in Debian build
-CVE-2011-1921
+CVE-2011-1921 (The mod_dav_svn module for the Apache HTTP Server, as distributed in A ...)
 	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1
-CVE-2011-1920
+CVE-2011-1920 (The make include files in NetBSD before 1.6.2, as used in pmake 1.111  ...)
 	- pmake 1.111-3 (low; bug #626673)
 	[squeeze] - pmake 1.111-2+squeeze1
 	[lenny] - pmake 1.111-1+lenny1
-CVE-2011-1919
+CVE-2011-1919 (Multiple stack-based buffer overflows in GE Intelligent Platforms Prof ...)
 	NOT-FOR-US: GE Intelligent Platforms
-CVE-2011-1918
+CVE-2011-1918 (Stack-based buffer overflow in the Data Archiver service in GE Intelli ...)
 	NOT-FOR-US: GE Intelligent Platforms
 CVE-2011-1917
 	RESERVED
 CVE-2011-1916
 	RESERVED
-CVE-2011-1915
+CVE-2011-1915 (SQL injection vulnerability in eClient 7.3.2.3 in Enspire Distribution ...)
 	NOT-FOR-US: Enspire Distribution Management Solution
-CVE-2011-1914
+CVE-2011-1914 (Buffer overflow in the Advantech ADAM OLE for Process Control (OPC) Se ...)
 	NOT-FOR-US: ActiveX
-CVE-2011-1913
+CVE-2011-1913 (SQL injection vulnerability in the login form in the web interface in  ...)
 	NOT-FOR-US: Mercator SENTINEL
 CVE-2011-1912
 	RESERVED
-CVE-2011-1911
+CVE-2011-1911 (JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 ...)
 	NOT-FOR-US: JasperReports Server
-CVE-2011-1910
+CVE-2011-1910 (Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x befor ...)
 	{DSA-2244-1}
 	- bind9 1:9.8.1.dfsg-1 (high)
 	NOTE: https://lists.isc.org/pipermail/bind-users/2011-May/083819.html
 CVE-2011-1909
 	RESERVED
-CVE-2011-1908
+CVE-2011-1908 (Integer overflow in the Type 1 font decoder in the FreeType engine in  ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2011-1906
+CVE-2011-1906 (Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific ...)
 	NOT-FOR-US: Trustwave WebDefend Enterprise
-CVE-2011-1905
+CVE-2011-1905 (Multiple cross-site request forgery (CSRF) vulnerabilities in unspecif ...)
 	NOT-FOR-US: Proofpoint Messaging Security Gateway
-CVE-2011-1904
+CVE-2011-1904 (An unspecified function in the web interface in Proofpoint Messaging S ...)
 	NOT-FOR-US: Proofpoint Messaging Security Gateway
-CVE-2011-1903
+CVE-2011-1903 (SQL injection vulnerability in an unspecified function in Proofpoint M ...)
 	NOT-FOR-US: Proofpoint Messaging Security Gateway
-CVE-2011-1902
+CVE-2011-1902 (Directory traversal vulnerability in the web interface in Proofpoint M ...)
 	NOT-FOR-US: Proofpoint Messaging Security Gateway
-CVE-2011-1901
+CVE-2011-1901 (The mail-filter web interface in Proofpoint Messaging Security Gateway ...)
 	NOT-FOR-US: Proofpoint Messaging Security Gateway
-CVE-2011-1900
+CVE-2011-1900 (Directory traversal vulnerability in NTWebServer in InduSoft Web Studi ...)
 	NOT-FOR-US: InduSoft Web Studio
-CVE-2011-1899
+CVE-2011-1899 (Multiple cross-site scripting (XSS) vulnerabilities in CA eHealth 6.0. ...)
 	NOT-FOR-US: CA eHealth
-CVE-2011-1898
+CVE-2011-1898 (Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough  ...)
 	{DSA-2337-1}
 	- xen 4.1.1-1
 	[lenny] - xen-3 <not-affected>
-CVE-2011-1897
+CVE-2011-1897 (Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unifie ...)
 	NOT-FOR-US: Microsoft Forefront
-CVE-2011-1896
+CVE-2011-1896 (Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unifie ...)
 	NOT-FOR-US: Microsoft Forefront
-CVE-2011-1895
+CVE-2011-1895 (CRLF injection vulnerability in Microsoft Forefront Unified Access Gat ...)
 	NOT-FOR-US: Microsoft Forefront
-CVE-2011-1894
+CVE-2011-1894 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Window ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1893
+CVE-2011-1893 (Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoin ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2011-1892
+CVE-2011-1892 (Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and S ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2011-1891
+CVE-2011-1891 (Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoi ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2011-1890
+CVE-2011-1890 (Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2011-1889
+CVE-2011-1889 (The NSPLookupServiceNext function in the client in Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft Forefront Threat Management Gateway
-CVE-2011-1888
+CVE-2011-1888 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 a ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1887
+CVE-2011-1887 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 a ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1886
+CVE-2011-1886 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 does ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1885
+CVE-2011-1885 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1884
+CVE-2011-1884 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1883
+CVE-2011-1883 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1882
+CVE-2011-1882 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1881
+CVE-2011-1881 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1880
+CVE-2011-1880 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1879
+CVE-2011-1879 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1878
+CVE-2011-1878 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1877
+CVE-2011-1877 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1876
+CVE-2011-1876 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1875
+CVE-2011-1875 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1874
+CVE-2011-1874 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1873
+CVE-2011-1873 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Win ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1872
+CVE-2011-1872 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 all ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1871
+CVE-2011-1871 (Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows  ...)
 	NOT-FOR-US: Microsoft Windows Vista
-CVE-2011-1870
+CVE-2011-1870 (Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) i ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1869
+CVE-2011-1869 (The Distributed File System (DFS) implementation in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1868
+CVE-2011-1868 (The Distributed File System (DFS) implementation in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-XXXX [fglrx-driver xauth cookie leak]
 	- fglrx-driver 1:11-6-3 (low; bug #625868)
 	[squeeze] - fglrx-driver <no-dsa> (Non-free not supported)
 	[lenny] - fglrx-driver <no-dsa> (Non-free not supported)
-CVE-2011-1907
+CVE-2011-1907 (ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset ...)
 	- bind9 1:9.8.1.dfsg.P1-1
 	[squeeze] - bind9 <not-affected> (Only affects 9.8.0)
 	[lenny] - bind9 <not-affected> (Only affects 9.8.0)
-CVE-2011-1765
+CVE-2011-1765 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, w ...)
 	- mediawiki <not-affected> (Incomplete fix was never released for Debian, neither in sid, nor oldstable/stable)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534
-CVE-2011-1766
+CVE-2011-1766 (includes/User.php in MediaWiki before 1.16.5, when wgBlockDisablesLogi ...)
 	- mediawiki <not-affected> (Vulnerable code not present, planned next upload will skip it)
 	[lenny] - mediawiki <not-affected> (Vulnerable code not present, introduced in 1.16.0)
 	[squeeze] - mediawiki <not-affected> (Vulnerable code not present, introduced in 1.16.0)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534
-CVE-2011-1867
+CVE-2011-1867 (Stack-based buffer overflow in iNodeMngChecker.exe in the User Access  ...)
 	NOT-FOR-US: iNodeMngChecker.exe of HP Intelligent Management Center
-CVE-2011-1866
+CVE-2011-1866 (Buffer overflow in omniinet.exe in the inet service in HP OpenView Sto ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-1865
+CVE-2011-1865 (Multiple stack-based buffer overflows in the inet service in HP OpenVi ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-1864
+CVE-2011-1864 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6 ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1863
+CVE-2011-1863 (HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1862
+CVE-2011-1862 (Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7 ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1861
+CVE-2011-1861 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and  ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1860
+CVE-2011-1860 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and  ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1859
+CVE-2011-1859 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and  ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1858
+CVE-2011-1858 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and  ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1857
+CVE-2011-1857 (Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and  ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2011-1856
+CVE-2011-1856 (Cross-site scripting (XSS) vulnerability in HP Business Availability C ...)
 	NOT-FOR-US: HP Business Availability
-CVE-2011-1855
+CVE-2011-1855 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x all ...)
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-1854
+CVE-2011-1854 (Use-after-free vulnerability in HP Intelligent Management Center (IMC) ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1853
+CVE-2011-1853 (tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0 ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1852
+CVE-2011-1852 (Multiple stack-based buffer overflows in tftpserver.exe in HP Intellig ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1851
+CVE-2011-1851 (Stack-based buffer overflow in tftpserver.exe in HP Intelligent Manage ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1850
+CVE-2011-1850 (Stack-based buffer overflow in the logging functionality in dbman.exe  ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1849
+CVE-2011-1849 (tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0 ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1848
+CVE-2011-1848 (Stack-based buffer overflow in img.exe in HP Intelligent Management Ce ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2011-1847
+CVE-2011-1847 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows  ...)
 	NOT-FOR-US: IBM DB2 9.5
-CVE-2011-1846
+CVE-2011-1846 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows  ...)
 	NOT-FOR-US: IBM DB2 9.5
-CVE-2011-1845
+CVE-2011-1845 (Multiple memory leaks in the DataGrid control implementation in Micros ...)
 	NOT-FOR-US: Silverlight
-CVE-2011-1844
+CVE-2011-1844 (Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows remot ...)
 	NOT-FOR-US: Silverlight
-CVE-2011-1843
+CVE-2011-1843 (Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remot ...)
 	- tinyproxy 1.8.2-2 (unimportant; bug #627503)
 	[squeeze] - tinyproxy 1.8.2-1squeeze2 (unimportant)
 	NOTE: Only exploitable through config files, which are under admin control
-CVE-2011-1842
+CVE-2011-1842 (dbus_backend/lsd.py in the D-Bus backend in language-selector before 0 ...)
 	NOT-FOR-US: Ubuntu-specific language-selector package
-CVE-2011-1841
+CVE-2011-1841 (Cross-site scripting (XSS) vulnerability in the link_to helper in Mojo ...)
 	{DSA-2239-1}
 	- libmojolicious-perl 1.12-1
-CVE-2011-1840
+CVE-2011-1840 (The MartiniCreations PassmanLite Password Manager application before 1 ...)
 	NOT-FOR-US: MartiniCreations PassmanLite Password Manager for Android
-CVE-2011-1839
+CVE-2011-1839 (IBM Rational Build Forge 7.1.0 uses the HTTP GET method during redirec ...)
 	NOT-FOR-US: IBM Rational Build Forge 7.1.0
-CVE-2011-1838
+CVE-2011-1838 (Multiple cross-site scripting (XSS) vulnerabilities in TemplateLogin.p ...)
 	- twiki <removed>
-CVE-2011-1837
+CVE-2011-1837 (The lock-counter implementation in utils/mount.ecryptfs_private.c in e ...)
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
-CVE-2011-1836
+CVE-2011-1836 (utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not es ...)
 	- ecryptfs-utils 92-1
 	[squeeze] - ecryptfs-utils <not-affected> (Vulnerable code not present)
 	[lenny] - ecryptfs-utils <not-affected> (Vulnerable code not present)
-CVE-2011-1835
+CVE-2011-1835 (The encrypted private-directory setup process in utils/ecryptfs-setup- ...)
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
-CVE-2011-1834
+CVE-2011-1834 (utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not pr ...)
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
-CVE-2011-1833
+CVE-2011-1833 (Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in ...)
 	{DSA-2443-1}
 	- ecryptfs-utils 92-1
 	[squeeze] - ecryptfs-utils <no-dsa> (Minor issue)
 	- linux-2.6 3.1.1-1
 	NOTE: cannot be fixed in ecryptfs-utils (squeeze, lenny) until kernel fix is in place
-CVE-2011-1832
+CVE-2011-1832 (utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not pr ...)
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
-CVE-2011-1831
+CVE-2011-1831 (utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not pr ...)
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
 CVE-2011-1830
 	RESERVED
-CVE-2011-1829
+CVE-2011-1829 (APT before 0.8.15.2 does not properly validate inline GPG signatures,  ...)
 	- apt 0.8.15.2
 	[squeeze] - apt <not-affected> (Vulnerable code not present)
 	[lenny] - apt <not-affected> (Vulnerable code not present)
-CVE-2011-1828
+CVE-2011-1828 (usb-creator-helper in usb-creator before 0.2.28.3 does not enforce int ...)
 	NOT-FOR-US: usb-creator, Ubuntu-specific package
 CVE-2011-XXXX [spip DoS]
 	- spip 2.1.11-0.1
 	[squeeze] - spip 2.1.1-3squeeze1
-CVE-2011-1827
+CVE-2011-1827 (Multiple unspecified vulnerabilities in Check Point SSL Network Extend ...)
 	NOT-FOR-US: Check Point
-CVE-2011-1826
+CVE-2011-1826 (Open redirect vulnerability in the Administrative Console in CA Arcot  ...)
 	NOT-FOR-US: CA Arcot WebFort Versatile Authentication Server
-CVE-2011-1825
+CVE-2011-1825 (Multiple cross-site scripting (XSS) vulnerabilities in the Administrat ...)
 	NOT-FOR-US: CA Arcot WebFort Versatile Authentication Server
-CVE-2011-1824
+CVE-2011-1824 (The VEGAOpBitmap::AddLine function in Opera before 10.61 does not prop ...)
 	NOT-FOR-US: Opera
-CVE-2011-1823
+CVE-2011-1823 (The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 tru ...)
 	NOT-FOR-US: Android
-CVE-2011-1822
+CVE-2011-1822 (The LDAP_ADD implementation in IBM Tivoli Directory Server (TDS) 5.2 b ...)
 	NOT-FOR-US: Tivoli
-CVE-2011-1821
+CVE-2011-1821 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010 o ...)
 	NOT-FOR-US: Tivoli
-CVE-2011-1820
+CVE-2011-1820 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010,  ...)
 	NOT-FOR-US: Tivoli
-CVE-2011-1819
+CVE-2011-1819 (Google Chrome before 12.0.742.91 allows remote attackers to perform un ...)
 	- chromium-browser 12.0.742.91~r87961-1 (unimportant)
 	- webkit <not-affected> (chromium extensions)
-CVE-2011-1818
+CVE-2011-1818 (Use-after-free vulnerability in the image loader in Google Chrome befo ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/86725
-CVE-2011-1817
+CVE-2011-1817 (Google Chrome before 12.0.742.91 does not properly implement history d ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1816
+CVE-2011-1816 (Use-after-free vulnerability in the developer tools in Google Chrome b ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/86507
-CVE-2011-1815
+CVE-2011-1815 (Google Chrome before 12.0.742.91 allows remote attackers to inject scr ...)
 	- chromium-browser 12.0.742.91~r87961-1 (unimportant)
 	- webkit <not-affected> (chromium extensions specific)
-CVE-2011-1814
+CVE-2011-1814 (Google Chrome before 12.0.742.91 attempts to read data from an uniniti ...)
 	- chromium-browser <not-affected> (chromium pdiflugin)
 	- webkit <not-affected> (chromium pdf plugin)
-CVE-2011-1813
+CVE-2011-1813 (Google Chrome before 12.0.742.91 does not properly implement the frame ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1812
+CVE-2011-1812 (Google Chrome before 12.0.742.91 allows remote attackers to bypass int ...)
 	- chromium-browser 12.0.742.91~r87961-1 (unimportant)
 	- webkit <not-affected> (chromium extensions)
-CVE-2011-1811
+CVE-2011-1811 (Google Chrome before 12.0.742.91 does not properly handle a large numb ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <end-of-life>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1810
+CVE-2011-1810 (The Cascading Style Sheets (CSS) implementation in Google Chrome befor ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/83345
-CVE-2011-1809
+CVE-2011-1809 (Use-after-free vulnerability in the accessibility feature in Google Ch ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/80890
-CVE-2011-1808
+CVE-2011-1808 (Use-after-free vulnerability in Google Chrome before 12.0.742.91 allow ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/84096
 	NOTE: http://trac.webkit.org/changeset/84098
 	NOTE: http://trac.webkit.org/changeset/84119
-CVE-2011-1807
+CVE-2011-1807 (Google Chrome before 11.0.696.71 does not properly handle blobs, which ...)
 	- chromium-browser 11.0.696.71~r86024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1806
+CVE-2011-1806 (Google Chrome before 11.0.696.71 does not properly implement the GPU c ...)
 	- chromium-browser 11.0.696.71~r86024-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 CVE-2011-1805
 	RESERVED
-CVE-2011-1804
+CVE-2011-1804 (rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in ...)
 	- chromium-browser 11.0.696.71~r86024-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/86448
@@ -9364,36 +9364,36 @@ CVE-2011-1803
 	RESERVED
 CVE-2011-1802
 	RESERVED
-CVE-2011-1801
+CVE-2011-1801 (Unspecified vulnerability in Google Chrome before 11.0.696.71 allows r ...)
 	- chromium-browser 11.0.696.71~r86024-1 (unimportant)
 	NOTE: http://trac.webkit.org/changeset/85977
-CVE-2011-1800
+CVE-2011-1800 (Multiple integer overflows in the SVG Filters implementation in WebCor ...)
 	- chromium-browser 11.0.696.68~r84545-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/85926
-CVE-2011-1799
+CVE-2011-1799 (Google Chrome before 11.0.696.68 does not properly perform casts of va ...)
 	{DSA-2245-1}
 	- chromium-browser 11.0.696.68~r84545-1
-CVE-2011-1798
+CVE-2011-1798 (rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome  ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/84085
-CVE-2011-1797
+CVE-2011-1797 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	{DSA-2245-1}
 	- chromium-browser 12.0.742.91~r87961-1
-CVE-2011-1796
+CVE-2011-1796 (Use-after-free vulnerability in the FrameView::calculateScrollbarModes ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/84300
-CVE-2011-1795
+CVE-2011-1795 (Integer underflow in the HTMLFormElement::removeFormElement function i ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/83690
-CVE-2011-1794
+CVE-2011-1794 (Integer overflow in the FilterEffect::copyImageBytes function in platf ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/84422
-CVE-2011-1793
+CVE-2011-1793 (rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Goog ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/85406
@@ -9403,246 +9403,246 @@ CVE-2011-1791
 	RESERVED
 CVE-2011-1790
 	RESERVED
-CVE-2011-1789
+CVE-2011-1789 (The self-extracting installer in the vSphere Client Installer package  ...)
 	NOT-FOR-US: vSphere
-CVE-2011-1788
+CVE-2011-1788 (vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Up ...)
 	NOT-FOR-US: vCenter
-CVE-2011-1787
+CVE-2011-1787 (Race condition in mount.vmhgfs in the VMware Host Guest File System (H ...)
 	- open-vm-tools 2:8.4.2+2011.08.21-471295-1 (bug #631506)
 	[lenny] - open-vm-tools <no-dsa> (Contrib not supported)
 	[squeeze] - open-vm-tools <no-dsa> (Contrib not supported)
-CVE-2011-1786
+CVE-2011-1786 (lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 be ...)
 	NOT-FOR-US: Likewise
-CVE-2011-1785
+CVE-2011-1785 (VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to  ...)
 	NOT-FOR-US: VMware
-CVE-2011-1784
+CVE-2011-1784 (The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and e ...)
 	- keepalived 1:1.2.2-2 (low; bug #626281)
 	[lenny] - keepalived <no-dsa> (Minor issue)
 	[squeeze] - keepalived 1:1.1.20-1+squeeze1
-CVE-2011-1783
+CVE-2011-1783 (The mod_dav_svn module for the Apache HTTP Server, as distributed in A ...)
 	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1
-CVE-2011-1782
+CVE-2011-1782 (Heap-based buffer overflow in the read_channel_data function in file-p ...)
 	{DSA-2426-1}
 	- gimp 2.6.11-3 (bug #629830)
-CVE-2011-1781
+CVE-2011-1781 (SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows ...)
 	- systemtap 1.6-1 (bug #628819)
 	[squeeze] - systemtap <not-affected> (Only affects version 1.4.x)
 	[lenny] - systemtap <not-affected> (Only affects version 1.4.x)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=702687#c29
-CVE-2011-1780
+CVE-2011-1780 (The instruction emulation in Xen 3.0.3 allows local SMP guest users to ...)
 	- linux-2.6 <not-affected> (Only affected the old Xen kernel patch from 2.6.18/2.6.26)
-CVE-2011-1779
+CVE-2011-1779 (Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5  ...)
 	- libarchive 3.0.4-2 (bug #669197)
 	[squeeze] - libarchive <not-affected> (vulnerable code not present in 2.x series)
 	NOTE: http://code.google.com/p/libarchive/source/detail?r=0736e0890a8fce59e96d57340405c56f084407e7
 	NOTE: Might be fixed earlier than 3.0.4-2, but was tested against the Wheezy version
-CVE-2011-1778
+CVE-2011-1778 (Buffer overflow in libarchive through 2.8.5 allows remote attackers to ...)
 	{DSA-2413-1}
 	- libarchive 2.8.5-5 (bug #651844)
-CVE-2011-1777
+CVE-2011-1777 (Multiple buffer overflows in the (1) heap_add_entry and (2) relocate_d ...)
 	{DSA-2413-1}
 	- libarchive 2.8.5-5 (bug #651844)
-CVE-2011-1776
+CVE-2011-1776 (The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel b ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.39-1 (low)
-CVE-2011-1775
+CVE-2011-1775 (The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx i ...)
 	- tigervnc <not-affected> (Fixed before initial release in Debian)
 	NOTE: https://github.com/TigerVNC/tigervnc/commit/ce6c8b097f0d5b161039dc8c8208aff078d433ff
-CVE-2011-1774
+CVE-2011-1774 (WebKit in Apple Safari before 5.0.6 has improper libxslt security sett ...)
 	NOTE: CVE-2011-1774 is about webkit's interface to xmlsec, CVE-2011-1425 is the actual issue
 	NOTE: http://www.openwall.com/lists/oss-security/2011/05/09/4
-CVE-2011-1773
+CVE-2011-1773 (virt-v2v before 0.8.4 does not preserve the VNC console password when  ...)
 	NOT-FOR-US: virt-v2v
-CVE-2011-1772
+CVE-2011-1772 (Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache ...)
 	- libstruts1.2-java <not-affected> (xwork introduced in 2.x)
-CVE-2011-1771
+CVE-2011-1771 (The cifs_close function in fs/cifs/file.c in the Linux kernel before 2 ...)
 	- linux-2.6 2.6.38-4
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.37)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.37)
-CVE-2011-1770
+CVE-2011-1770 (Integer underflow in the dccp_parse_options function (net/dccp/options ...)
 	{DSA-2240-1}
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 2.6.32-34squeeze1
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.29 with commit e77b8363b2ea7c0d89919547c1a8b0562f298b57)
-CVE-2011-1769
+CVE-2011-1769 (SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is ena ...)
 	- systemtap 1.6-1 (unimportant; bug #628819)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=702687#c29
 	NOTE: http://sourceware.org/git/?p=systemtap.git;a=commit;h=fa2e3415185a28542d419a641ecd6cddd52e3cd9
 	NOTE: a DoS with a very limited exploitation possibility
-CVE-2011-1768
+CVE-2011-1768 (The tunnels implementation in the Linux kernel before 2.6.34, when tun ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.34-1
 	[squeeze] - linux-2.6 2.6.32-35
-CVE-2011-1767
+CVE-2011-1767 (net/ipv4/ip_gre.c in the Linux kernel before 2.6.34, when ip_gre is co ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.34-1
 	[squeeze] - linux-2.6 2.6.32-34squeeze1
-CVE-2011-1764
+CVE-2011-1764 (Format string vulnerability in the dkim_exim_verify_finish function in ...)
 	{DSA-2232-1}
 	- exim4 4.75-3 (high; bug #624670)
 	[lenny] - exim4 <not-affected> (vulnerable code not present)
-CVE-2011-1763
+CVE-2011-1763 (The get_free_port function in Xen allows local authenticated DomU user ...)
 	- linux-2.6 <not-affected> (Only affected the old Xen kernel patch from 2.6.18/2.6.26)
 CVE-2011-1762
 	RESERVED
-CVE-2011-1761
+CVE-2011-1761 (Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) ...)
 	{DSA-2415-1}
 	- libmodplug 1:0.8.8.4-1 (low; bug #625966)
-CVE-2011-1760
+CVE-2011-1760 (utils/opcontrol in OProfile 0.9.6 and earlier might allow local users  ...)
 	{DSA-2254-2 DSA-2254-1}
 	- oprofile 0.9.6-1.2 (medium; bug #624212)
-CVE-2011-1759
+CVE-2011-1759 (Integer overflow in the sys_oabi_semtimedop function in arch/arm/kerne ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.39-1
-CVE-2011-1758
+CVE-2011-1758 (The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in Sy ...)
 	- sssd <not-affected> (Only affects version 1.5+)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=700867
 	NOTE: http://git.fedorahosted.org/git/?p=sssd.git;a=commitdiff;h=fffdae81651b460f3d2c119c56d5caa09b4de42a
-CVE-2011-1757
+CVE-2011-1757 (DJabberd 0.84 and earlier does not properly detect recursion during en ...)
 	NOTE: DJabberd
-CVE-2011-1756
+CVE-2011-1756 (modules/xmpp/serv_xmpp.c in Citadel 7.86 and earlier does not properly ...)
 	{DSA-2250-1}
 	- citadel 8.04-1 (medium)
-CVE-2011-1755
+CVE-2011-1755 (jabberd2 before 2.2.14 does not properly detect recursion during entit ...)
 	- jabberd2 2.2.8-2.1 (medium)
-CVE-2011-1754
+CVE-2011-1754 (jabberd14 1.6.1.1 and earlier does not properly detect recursion durin ...)
 	{DSA-2249-1}
 	- jabberd14 1.6.1.1-5.1
-CVE-2011-1753
+CVE-2011-1753 (expat_erl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and ...)
 	{DSA-2248-1}
 	- ejabberd 2.1.6-2.1 (medium)
-CVE-2011-1752
+CVE-2011-1752 (The mod_dav_svn module for the Apache HTTP Server, as distributed in A ...)
 	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1
-CVE-2011-1751
+CVE-2011-1751 (The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Managem ...)
 	{DSA-2241-1}
 	- qemu-kvm 0.14.1+dfsg-1
 	- kvm <undetermined>
-CVE-2011-1750
+CVE-2011-1750 (Multiple heap-based buffer overflows in the virtio-blk driver (hw/virt ...)
 	{DSA-2230-1}
 	- qemu-kvm 0.14.1+dfsg-1 (bug #624177)
 	- kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=698906
-CVE-2011-1749
+CVE-2011-1749 (The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.ns ...)
 	- nfs-utils 1:1.2.3-3 (low; bug #629420)
 	[squeeze] - nfs-utils 1:1.2.2-4squeeze2
 	[lenny] - nfs-utils <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=697975
-CVE-2011-1748
+CVE-2011-1748 (The raw_release function in net/can/raw.c in the Linux kernel before 2 ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.39-1
-CVE-2011-1747
+CVE-2011-1747 (The agp subsystem in the Linux kernel 2.6.38.5 and earlier does not pr ...)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Can only be triggered with root equivalent privs -> non-issue
-CVE-2011-1746
+CVE-2011-1746 (Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_ ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
-CVE-2011-1745
+CVE-2011-1745 (Integer overflow in the agp_generic_insert_memory function in drivers/ ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
-CVE-2011-1744
+CVE-2011-1744 (EMC Captiva eInput 2.1.1 before 2.1.1.37 does not restrict the origin  ...)
 	NOT-FOR-US: EMC
-CVE-2011-1743
+CVE-2011-1743 (Cross-site scripting (XSS) vulnerability in EMC Captiva eInput 2.1.1 b ...)
 	NOT-FOR-US: EMC
-CVE-2011-1742
+CVE-2011-1742 (EMC Data Protection Advisor before 5.8.1 places cleartext account cred ...)
 	NOT-FOR-US: EMC
-CVE-2011-1741
+CVE-2011-1741 (Stack-based buffer overflow in ftserver.exe in the OpenText Hummingbir ...)
 	NOT-FOR-US: OpenText Hummingbird Client Connector
-CVE-2011-1740
+CVE-2011-1740 (EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote authen ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2011-1739
+CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 ...)
 	NOT-FOR-US: FreeBSD mountd
-CVE-2011-1738
+CVE-2011-1738 (HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Dev ...)
 	NOT-FOR-US: HP Palm webOS
-CVE-2011-1737
+CVE-2011-1737 (Multiple cross-site scripting (XSS) vulnerabilities in the Email appli ...)
 	NOT-FOR-US: HP Palm webOS
-CVE-2011-1736
+CVE-2011-1736 (Directory traversal vulnerability in OmniInet.exe in the Backup Client ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1735
+CVE-2011-1735 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Servi ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1734
+CVE-2011-1734 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Servi ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1733
+CVE-2011-1733 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Servi ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1732
+CVE-2011-1732 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Servi ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1731
+CVE-2011-1731 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Servi ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1730
+CVE-2011-1730 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Servi ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1729
+CVE-2011-1729 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Servi ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1728
+CVE-2011-1728 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Servi ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-1727
+CVE-2011-1727 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13,  ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2011-1726
+CVE-2011-1726 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13,  ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2011-1725
+CVE-2011-1725 (Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9 ...)
 	NOT-FOR-US: HP Network Automation
-CVE-2011-1724
+CVE-2011-1724 (Unspecified vulnerability in HP Virtual Server Environment before 6.3  ...)
 	NOT-FOR-US: HP Virtual Server Environment
-CVE-2011-1723
+CVE-2011-1723 (Cross-site scripting (XSS) vulnerability in app/views/layouts/base.rht ...)
 	NOT-FOR-US: WEC Discussion Forum
-CVE-2011-1722
+CVE-2011-1722 (Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_di ...)
 	NOT-FOR-US: WEC Discussion Forum
-CVE-2011-1721
+CVE-2011-1721 (Cross-site request forgery (CSRF) vulnerability in php/partie_administ ...)
 	NOT-FOR-US: WebJaxe
-CVE-2011-1720
+CVE-2011-1720 (The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x b ...)
 	{DSA-2233-1}
 	- postfix 2.8.3-1
 	NOTE: http://www.postfix.org/CVE-2011-1720.html
-CVE-2011-1719
+CVE-2011-1719 (Multiple stack-based buffer overflows in the Web Viewer ActiveX contro ...)
 	NOT-FOR-US: ActiveX
-CVE-2011-1718
+CVE-2011-1718 (The Web Agents component in CA SiteMinder R6 before SP6 CR2 and R12 be ...)
 	NOT-FOR-US: CA SiteMinder
-CVE-2011-1716
+CVE-2011-1716 (Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in X ...)
 	- xymon 4.3.7-1
 	[wheezy] - xymon <no-dsa> (Minor issue)
 	[squeeze] - xymon <no-dsa> (Minor issue)
-CVE-2011-1717
+CVE-2011-1717 (Skype for Android stores sensitive user data without encryption in sql ...)
 	NOT-FOR-US: Skype for Android
-CVE-2011-1715
+CVE-2011-1715 (Directory traversal vulnerability in framework/source/resource/qx/test ...)
 	NOT-FOR-US: QooxDoo
-CVE-2011-1714
+CVE-2011-1714 (Cross-site scripting (XSS) vulnerability in framework/source/resource/ ...)
 	NOT-FOR-US: QooxDoo
-CVE-2011-1713
+CVE-2011-1713 (Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 7, allo ...)
 	NOT-FOR-US: Microsoft
-CVE-2011-1712
+CVE-2011-1712 (The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.c ...)
 	- iceweasel 4.0.1-1 (unimportant)
-CVE-2011-1711
+CVE-2011-1711 (Unspecified vulnerability in the Mobility Pack 1.1.2 and earlier in No ...)
 	NOT-FOR-US: Mobility Pack 1.1.2 and earlier in Novell Data Synchronizer
-CVE-2011-1710
+CVE-2011-1710 (Multiple integer overflows in the HTTP server in the Novell XTier fram ...)
 	NOT-FOR-US: Novell XTier
-CVE-2011-1709
+CVE-2011-1709 (GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, ena ...)
 	- gdm3 <not-affected> (Vulnerable code patched out in Debian package in sid, patched in 3.0.4 experimental)
 	- gdm <not-affected> (Vulnerable code not present)
-CVE-2011-1708
+CVE-2011-1708 (Stack-based buffer overflow in nipplib.dll in Novell iPrint Client bef ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1707
+CVE-2011-1707 (Stack-based buffer overflow in nipplib.dll in Novell iPrint Client bef ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1706
+CVE-2011-1706 (Stack-based buffer overflow in nipplib.dll in Novell iPrint Client bef ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1705
+CVE-2011-1705 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client befo ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1704
+CVE-2011-1704 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client befo ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1703
+CVE-2011-1703 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client befo ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1702
+CVE-2011-1702 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client befo ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1701
+CVE-2011-1701 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client befo ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1700
+CVE-2011-1700 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client befo ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2011-1699
+CVE-2011-1699 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client befo ...)
 	NOT-FOR-US: Novell iPrint Client
 CVE-2011-1698
 	RESERVED
 CVE-2011-1697
 	RESERVED
-CVE-2011-1696
+CVE-2011-1696 (Cross-site scripting (XSS) vulnerability in Novell Identity Manager (a ...)
 	NOT-FOR-US: Novell Identity Manager
 CVE-2011-1695
 	RESERVED
@@ -9652,149 +9652,149 @@ CVE-2011-1693
 	RESERVED
 CVE-2011-1692
 	RESERVED
-CVE-2011-1691
+CVE-2011-1691 (The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in t ...)
 	- chromium-browser 12.0.742.91~r87961-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/82222
-CVE-2011-1690
+CVE-2011-1690 (Best Practical Solutions RT 3.6.0 through 3.6.10 and 3.8.0 through 3.8 ...)
 	{DSA-2220-1}
 	- request-tracker3.8 3.8.10-1 (bug #622774)
 	- request-tracker3.6 <removed>
-CVE-2011-1689
+CVE-2011-1689 (Multiple cross-site scripting (XSS) vulnerabilities in Best Practical  ...)
 	{DSA-2220-1}
 	- request-tracker3.8 3.8.10-1 (bug #622774)
 	- request-tracker3.6 <removed>
-CVE-2011-1688
+CVE-2011-1688 (Directory traversal vulnerability in Best Practical Solutions RT 3.2.0 ...)
 	{DSA-2220-1}
 	- request-tracker3.8 3.8.10-1 (bug #622774)
 	- request-tracker3.6 <removed>
-CVE-2011-1687
+CVE-2011-1687 (Best Practical Solutions RT 3.0.0 through 3.6.10, 3.8.0 through 3.8.9, ...)
 	{DSA-2220-1}
 	- request-tracker3.8 3.8.10-1 (bug #622774)
 	- request-tracker3.6 <removed>
-CVE-2011-1686
+CVE-2011-1686 (Multiple SQL injection vulnerabilities in Best Practical Solutions RT  ...)
 	{DSA-2220-1}
 	- request-tracker3.8 3.8.10-1 (bug #622774)
 	- request-tracker3.6 <removed>
-CVE-2011-1685
+CVE-2011-1685 (Best Practical Solutions RT 3.8.0 through 3.8.9 and 4.0.0rc through 4. ...)
 	{DSA-2220-1}
 	- request-tracker3.8 3.8.10-1 (bug #622774)
-CVE-2011-1683
+CVE-2011-1683 (IBM WebSphere Application Server (WAS) 6.0.x through 6.0.2.43, 6.1.x b ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2011-1682
+CVE-2011-1682 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpList  ...)
 	NOT-FOR-US: phpList
-CVE-2011-1684
+CVE-2011-1684 (Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4. ...)
 	{DSA-2218-1}
 	- vlc 1.1.8-3 (medium)
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	[squeeze] - vlc 1.1.3-1squeeze5
 	NOTE: CVE id requested
-CVE-2011-1681
+CVE-2011-1681 (vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka open-vm-t ...)
 	- open-vm-tools 2:8.4.2+2011.08.21-471295-1 (low; bug #623968)
 	[squeeze] - open-vm-tools <no-dsa> (Contrib not supported)
 	[lenny] - open-vm-tools <no-dsa> (Contrib not supported)
-CVE-2011-1680
+CVE-2011-1680 (ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab~ loc ...)
 	- ncpfs 2.2.6-9 (low; bug #660545)
 	[squeeze] - ncpfs <no-dsa> (Minor issue)
-CVE-2011-1679
+CVE-2011-1679 (ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the  ...)
 	- ncpfs 2.2.6-9 (low; bug #660545)
 	[squeeze] - ncpfs <no-dsa> (Minor issue)
-CVE-2011-1678
+CVE-2011-1678 (smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to app ...)
 	- samba 2:3.4.7~dfsg-2 (low)
 	- cifs-utils 2:5.1-1 (low)
 	[squeeze] - cifs-utils 2:4.5-2+squeeze1
 	NOTE: cifs-utils was split off from the samba source package with 2:3.4.7~dfsg-2, so marking it as fixed
 	NOTE: http://git.samba.org/?p=cifs-utils.git;a=commitdiff;h=f6eae44a3d05b6515a59651e6bed8b6dde689aec
-CVE-2011-1677
+CVE-2011-1677 (mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lo ...)
 	- util-linux 2.20.1-1 (low)
 	[squeeze] - util-linux <no-dsa> (Minor issue)
-CVE-2011-1676
+CVE-2011-1676 (mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp ...)
 	NOTE: This was found to be a non-issue, see http://thread.gmane.org/gmane.comp.security.oss.general/4374/focus=4983
-CVE-2011-1675
+CVE-2011-1675 (mount in util-linux 2.19 and earlier attempts to append to the /etc/mt ...)
 	- util-linux 2.20.1-1 (low)
 	[squeeze] - util-linux <no-dsa> (Minor issue)
-CVE-2011-1674
+CVE-2011-1674 (The NetGear ProSafe WNAP210 with firmware 2.0.12 allows remote attacke ...)
 	NOT-FOR-US: NetGear ProSafe WNAP210
-CVE-2011-1673
+CVE-2011-1673 (BackupConfig.php on the NetGear ProSafe WNAP210 allows remote attacker ...)
 	NOT-FOR-US: NetGear ProSafe WNAP210
-CVE-2011-1672
+CVE-2011-1672 (The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier ...)
 	NOT-FOR-US: Dell KACE K2000 Systems Deployment Appliance
-CVE-2011-1671
+CVE-2011-1671 (Cross-site scripting (XSS) vulnerability in app/controllers/todos_cont ...)
 	NOT-FOR-US: Tracks
-CVE-2011-1670
+CVE-2011-1670 (Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra ...)
 	NOT-FOR-US: InTerra
-CVE-2011-1669
+CVE-2011-1669 (Directory traversal vulnerability in wp-download.php in the WP Custom  ...)
 	NOT-FOR-US: WP Custom Pages module for WordPress
-CVE-2011-1668
+CVE-2011-1668 (Cross-site scripting (XSS) vulnerability in search.php in AR Web Conte ...)
 	NOT-FOR-US: AR Web Content Manager
-CVE-2011-1667
+CVE-2011-1667 (SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows  ...)
 	NOT-FOR-US: Anzeigenmarkt
-CVE-2011-1666
+CVE-2011-1666 (Metaways Tine 2.0 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: Metaways Tine
-CVE-2011-1665
+CVE-2011-1665 (PHPBoost 3.0 stores sensitive information under the web root with insu ...)
 	NOT-FOR-US: PHPBoost
-CVE-2011-1664
+CVE-2011-1664 (Cross-site request forgery (CSRF) vulnerability in the Translation Man ...)
 	NOT-FOR-US: Translation Management module for Drupal
-CVE-2011-1663
+CVE-2011-1663 (SQL injection vulnerability in the Translation Management module 6.x b ...)
 	NOT-FOR-US: Translation Management module for Drupal
-CVE-2011-1662
+CVE-2011-1662 (Cross-site scripting (XSS) vulnerability in Translation Management mod ...)
 	NOT-FOR-US: Translation Management module for Drupal
-CVE-2011-1661
+CVE-2011-1661 (The Node Quick Find module 6.x-1.1 for Drupal does not use db_rewrite_ ...)
 	NOT-FOR-US: Node Quick Find module for Drupal
-CVE-2011-1660
+CVE-2011-1660 (Multiple cross-site scripting (XSS) vulnerabilities in the DataDynamic ...)
 	NOT-FOR-US: GrapeCity Data Dynamics Reports
-CVE-2011-1659
+CVE-2011-1659 (Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or ...)
 	- eglibc 2.13-8
 	[squeeze] - eglibc 2.11.3-2
 	- glibc 2.13-8
 	[lenny] - glibc <no-dsa> (Minor issue)
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=8126d90480fa
-CVE-2011-1658
+CVE-2011-1658 (ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expan ...)
 	- eglibc 2.13-33 (low; bug #672119)
 	[squeeze] - eglibc <not-affected>
-CVE-2011-1657
+CVE-2011-1657 (The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions i ...)
 	{DSA-2408-1}
 	- php5 5.3.7-1 (unimportant)
 	NOTE: safe mode not supported
 CVE-2011-1656
 	RESERVED
-CVE-2011-1655
+CVE-2011-1655 (The management.asmx module in the Management Web Service in the Unifie ...)
 	NOT-FOR-US: CA Total Defense
-CVE-2011-1654
+CVE-2011-1654 (Directory traversal vulnerability in the Heartbeat Web Service in CA.I ...)
 	NOT-FOR-US: CA Total Defense
-CVE-2011-1653
+CVE-2011-1653 (Multiple SQL injection vulnerabilities in the Unified Network Control  ...)
 	NOT-FOR-US: CA Total Defense
-CVE-2011-1652
+CVE-2011-1652 (** DISPUTED ** The default configuration of Microsoft Windows 7 immedi ...)
 	NOT-FOR-US: Microsoft Windows 7
-CVE-2011-1651
+CVE-2011-1651 (Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1650
 	RESERVED
-CVE-2011-1649
+CVE-2011-1649 (The Internet Streamer application in Cisco Content Delivery System (CD ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1648
 	RESERVED
-CVE-2011-1647
+CVE-2011-1647 (The web management interface on the Cisco RVS4000 Gigabit Security Rou ...)
 	NOT-FOR-US: Cisco
-CVE-2011-1646
+CVE-2011-1646 (The web management interface on the Cisco RVS4000 Gigabit Security Rou ...)
 	NOT-FOR-US: Cisco
-CVE-2011-1645
+CVE-2011-1645 (The web management interface on the Cisco RVS4000 Gigabit Security Rou ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1644
 	RESERVED
-CVE-2011-1643
+CVE-2011-1643 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager)  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-1642
 	RESERVED
 CVE-2011-1641
 	RESERVED
-CVE-2011-1640
+CVE-2011-1640 (The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2011-1639
 	RESERVED
 CVE-2011-1638
 	RESERVED
-CVE-2011-1637
+CVE-2011-1637 (Cisco Unified IP Phones 7900 devices (aka TNP phones) with software be ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1636
 	RESERVED
@@ -9818,11 +9818,11 @@ CVE-2011-1627
 	RESERVED
 CVE-2011-1626
 	RESERVED
-CVE-2011-1625
+CVE-2011-1625 (Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switchi ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-1624
+CVE-2011-1624 (Cisco IOS 12.2(58)SE, when a login banner is configured, allows remote ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-1623
+CVE-2011-1623 (Cisco Media Processing Software before 1.2 on Media Experience Engine  ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1622
 	RESERVED
@@ -9842,39 +9842,39 @@ CVE-2011-1615
 	RESERVED
 CVE-2011-1614
 	RESERVED
-CVE-2011-1613
+CVE-2011-1613 (Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) softw ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
 CVE-2011-1612
 	RESERVED
 CVE-2011-1611
 	RESERVED
-CVE-2011-1610
+CVE-2011-1610 (Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-1609
+CVE-2011-1609 (SQL injection vulnerability in Cisco Unified Communications Manager (a ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-1608
 	RESERVED
-CVE-2011-1607
+CVE-2011-1607 (Directory traversal vulnerability in Cisco Unified Communications Mana ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-1606
+CVE-2011-1606 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-1605
+CVE-2011-1605 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-1604
+CVE-2011-1604 (Memory leak in Cisco Unified Communications Manager (aka CUCM, formerl ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2011-1603
+CVE-2011-1603 (Cisco Unified IP Phones 7900 devices (aka TNP phones) with software be ...)
 	NOT-FOR-US: Cisco
-CVE-2011-1602
+CVE-2011-1602 (The su utility on Cisco Unified IP Phones 7900 devices (aka TNP phones ...)
 	NOT-FOR-US: Cisco
 CVE-2011-1601
 	RESERVED
 CVE-2011-1600
 	RESERVED
-CVE-2011-1599
+CVE-2011-1599 (manager.c in the Manager Interface in Asterisk Open Source 1.4.x befor ...)
 	{DSA-2225-1}
 	- asterisk 1:1.8.3.3-1
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2011-1598
+CVE-2011-1598 (The bcm_release function in net/can/bcm.c in the Linux kernel before 2 ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
 CVE-2011-1597
@@ -9883,129 +9883,129 @@ CVE-2011-1597
 CVE-2011-1596
 	RESERVED
 	NOT-FOR-US: ** REJECT ** (regular bug in gnome-screensaver-dialog)
-CVE-2011-1595
+CVE-2011-1595 (Directory traversal vulnerability in the disk_create function in disk. ...)
 	- rdesktop 1.7.0-1 (low; bug #623552)
 	[squeeze] - rdesktop <no-dsa> (Minor issue)
 	[lenny] - rdesktop <no-dsa> (Minor issue)
-CVE-2011-1594
+CVE-2011-1594 (Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Netwo ...)
 	NOT-FOR-US: Red Hat Network Satellite server
-CVE-2011-1593
+CVE-2011-1593 (Multiple integer overflows in the next_pidmap function in kernel/pid.c ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
-CVE-2011-1592
+CVE-2011-1592 (The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x b ...)
 	- wireshark <not-affected> (Windows-specific)
-CVE-2011-1591
+CVE-2011-1591 (Stack-based buffer overflow in the DECT dissector in epan/dissectors/p ...)
 	- wireshark 1.4.5-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.4.x)
 	[lenny] - wireshark <not-affected> (Only affects 1.4.x)
-CVE-2011-1590
+CVE-2011-1590 (The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x befor ...)
 	{DSA-2274-1}
 	- wireshark 1.4.5-1 (unimportant)
-CVE-2011-1589
+CVE-2011-1589 (Directory traversal vulnerability in Path.pm in Mojolicious before 1.1 ...)
 	{DSA-2221-1}
 	- libmojolicious-perl 1.16-1
 CVE-2011-1588
 	RESERVED
 	- thunar <not-affected> (Introduced in 1.2, only in experimental)
 	NOTE: http://git.xfce.org/xfce/thunar/diff/?id=03dd312e157d4fa8a11d5fa402706ae5b05806fa
-CVE-2011-1587
+CVE-2011-1587 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, w ...)
 	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
-CVE-2011-1586
+CVE-2011-1586 (Directory traversal vulnerability in the KGetMetalink::File::isValidNa ...)
 	- kdenetwork 4:4.6.3-1
 	[squeeze] - kdenetwork 4:4.4.5-2+squeeze1
 	[lenny] - kdenetwork <not-affected> (Metalink plugin not yet present)
-CVE-2011-1585
+CVE-2011-1585 (The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kerne ...)
 	{DSA-2240-1}
 	- linux-2.6 <removed> (unimportant)
 	NOTE: an exploitation requires the ability to run mount.cifs w/ root privs
-CVE-2011-1584
+CVE-2011-1584 (The updateFile function in inc/core/class.dc.media.php in the Media Ma ...)
 	- dotclear <not-affected> (Fixed before initial upload to archive)
-CVE-2011-1583
+CVE-2011-1583 (Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xe ...)
 	{DSA-2337-1}
 	- xen 4.1.1-1
 	- xen-3 <removed>
 	[lenny] - xen-3 <no-dsa> (Minor issue; only marginally affected)
-CVE-2011-1582
+CVE-2011-1582 (Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servl ...)
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
-CVE-2011-1581
+CVE-2011-1581 (The bond_select_queue function in drivers/net/bonding/bond_main.c in t ...)
 	- linux-2.6 2.6.39-1 (low)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
-CVE-2011-1580
+CVE-2011-1580 (The transwiki import functionality in MediaWiki before 1.16.3 does not ...)
 	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
-CVE-2011-1579
+CVE-2011-1579 (The checkCss function in includes/Sanitizer.php in the wikitext parser ...)
 	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
-CVE-2011-1578
+CVE-2011-1578 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, w ...)
 	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
-CVE-2011-1577
+CVE-2011-1577 (Heap-based buffer overflow in the is_gpt_valid function in fs/partitio ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.39-3 (low)
 	[squeeze] - linux-2.6 2.6.32-35
-CVE-2011-1576
+CVE-2011-1576 (The Generic Receive Offload (GRO) implementation in the Linux kernel 2 ...)
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-5
 	[lenny] - linux-2.6 <not-affected> (Code not present)
 	NOTE: "...code path in question is no longer reachable..." not sure when this was fixed
-CVE-2011-1575
+CVE-2011-1575 (The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 ...)
 	- pure-ftpd 1.0.30-1 (low)
 	[squeeze] - pure-ftpd 1.0.28-3+squeeze1
 	[lenny] - pure-ftpd <no-dsa> (Minor issue)
-CVE-2011-1574
+CVE-2011-1574 (Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in l ...)
 	{DSA-2226-1}
 	- libmodplug 1:0.8.8.2-1 (low; bug #622091)
-CVE-2011-1573
+CVE-2011-1573 (net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip ...)
 	- linux-2.6 2.6.34-1
 	[squeeze] - linux-2.6 2.6.32-34
 	NOTE: http://xorl.wordpress.com/2011/05/08/cve-2011-1573-linux-kernel-sctp-initinit-ack-length-miscalculation/
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a8170c35e738d62e9919ce5b109cf4ed66e9
-CVE-2011-1572
+CVE-2011-1572 (Directory traversal vulnerability in the Admin Defined Commands (ADC)  ...)
 	{DSA-2215-1}
 	- gitolite 1.5.7-2
 	NOTE: https://github.com/sitaramc/gitolite/commit/a33f0f85047834212ff4baf5b479c6cf3d2a6075
 	NOTE: https://github.com/sitaramc/gitolite/commit/4ce00aef84d1ff7c35f7adbbb99a6241cfda00cc
 	[squeeze] - gitolite 1.5.4-2+squeeze1
-CVE-2011-1571
+CVE-2011-1571 (Unspecified vulnerability in the XSL Content portlet in Liferay Portal ...)
 	- liferay-portal <itp> (bug #569819)
-CVE-2011-1570
+CVE-2011-1570 (Cross-site scripting (XSS) vulnerability in Liferay Portal Community E ...)
 	- liferay-portal <itp> (bug #569819)
-CVE-2011-1569
+CVE-2011-1569 (download.aspx in Douran Portal 3.9.7.8 allows remote attackers to obta ...)
 	NOT-FOR-US: Douran Portal
-CVE-2011-1568
+CVE-2011-1568 (Format string vulnerability in the logText function in shmemmgr9.dll i ...)
 	NOT-FOR-US: 7-Technologies Interactive Graphical SCADA System
-CVE-2011-1567
+CVE-2011-1567 (Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11 ...)
 	NOT-FOR-US: 7-Technologies Interactive Graphical SCADA System
-CVE-2011-1566
+CVE-2011-1566 (Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier  ...)
 	NOT-FOR-US: 7-Technologies Interactive Graphical SCADA System
-CVE-2011-1565
+CVE-2011-1565 (Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063  ...)
 	NOT-FOR-US: 7-Technologies Interactive Graphical SCADA System
-CVE-2011-1564
+CVE-2011-1564 (Multiple integer overflows in the HMI application in DATAC RealFlex Re ...)
 	NOT-FOR-US: DATAC RealFlex RealWin
-CVE-2011-1563
+CVE-2011-1563 (Multiple stack-based buffer overflows in the HMI application in DATAC  ...)
 	NOT-FOR-US: DATAC RealFlex RealWin
-CVE-2011-1562
+CVE-2011-1562 (Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote attacker ...)
 	NOT-FOR-US: Ecava IntegraXor HMI
-CVE-2011-1561
+CVE-2011-1561 (The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, whe ...)
 	NOT-FOR-US: IBM AIX 6.1
-CVE-2011-1560
+CVE-2011-1560 (solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x  ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2011-1559
+CVE-2011-1559 (Unspecified vulnerability in the IBM Web Interface for Content Managem ...)
 	NOT-FOR-US: IBM WEBi
-CVE-2011-1558
+CVE-2011-1558 (Multiple cross-site scripting (XSS) vulnerabilities in the IBM Web Int ...)
 	NOT-FOR-US: IBM WEBi
 CVE-2011-XXXX [drupal6-mod-tagadelic XSS]
 	- drupal6-mod-tagadelic 1.3-1 (low)
 	NOTE: DRUPAL-SA-CONTRIB-2011-013
-CVE-2011-1557
+CVE-2011-1557 (SQL injection vulnerability in ICloudCenter ICJobSite 1.1 allows remot ...)
 	NOT-FOR-US: ICloudCenter ICJobSite
-CVE-2011-1556
+CVE-2011-1556 (SQL injection vulnerability in plugins/pdfClasses/pdfgen.php in Andy's ...)
 	NOT-FOR-US: Aphpkb
-CVE-2011-1555
+CVE-2011-1555 (SQL injection vulnerability in saa.php in Andy's PHP Knowledgebase (Ap ...)
 	NOT-FOR-US: Aphpkb
-CVE-2011-1554
+CVE-2011-1554 (Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3. ...)
 	{DSA-2388-1}
 	- t1lib 5.1.2-3.5
 	[lenny] - t1lib 5.1.2-3+lenny1
@@ -10013,7 +10013,7 @@ CVE-2011-1554
 	NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23
 	- xpdf 3.02-9
 	- poppler <not-affected> (never used t1lib)
-CVE-2011-1553
+CVE-2011-1553 (Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xp ...)
 	{DSA-2388-1}
 	- t1lib 5.1.2-3.5
 	[lenny] - t1lib 5.1.2-3+lenny1
@@ -10021,7 +10021,7 @@ CVE-2011-1553
 	NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23
 	- xpdf 3.02-9
 	- poppler <not-affected> (never used t1lib)
-CVE-2011-1552
+CVE-2011-1552 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and ot ...)
 	{DSA-2388-1}
 	- t1lib 5.1.2-3.5
 	[lenny] - t1lib 5.1.2-3+lenny1
@@ -10029,73 +10029,73 @@ CVE-2011-1552
 	NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=692909#c23
 	- xpdf 3.02-9
 	- poppler <not-affected> (never used t1lib)
-CVE-2011-1551
+CVE-2011-1551 (SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ direc ...)
 	- cobbler <not-affected> (bug #796151; perms different on Debian)
 	NOTE: /var/log/cobbler is set to cobbler:cobbler and daemon runs as root
-CVE-2011-1550
+CVE-2011-1550 (The default configuration of logrotate on SUSE openSUSE Factory uses r ...)
 	- logrotate <not-affected> (SuSE-specific, see CVE-2011-1548 for Debian)
-CVE-2011-1549
+CVE-2011-1549 (The default configuration of logrotate on Gentoo Linux uses root privi ...)
 	- logrotate <not-affected> (Gentoo-specific, see CVE-2011-1548 for Debian)
-CVE-2011-1548
+CVE-2011-1548 (The default configuration of logrotate on Debian GNU/Linux uses root p ...)
 	- logrotate 3.7.8-6
-CVE-2011-1547
+CVE-2011-1547 (Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0 ...)
 	NOT-FOR-US: NetBSD
-CVE-2011-1546
+CVE-2011-1546 (Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase (Ap ...)
 	NOT-FOR-US: Aphpkb
-CVE-2011-1545
+CVE-2011-1545 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control  ...)
 	NOT-FOR-US: HP Insight Control Performance Management
-CVE-2011-1544
+CVE-2011-1544 (Unspecified vulnerability in HP Insight Control Performance Management ...)
 	NOT-FOR-US: HP Insight Control Performance Management
-CVE-2011-1543
+CVE-2011-1543 (Cross-site request forgery (CSRF) vulnerability in HP Systems Insight  ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2011-1542
+CVE-2011-1542 (Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2011-1541
+CVE-2011-1541 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2011-1540
+CVE-2011-1540 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2011-1539
+CVE-2011-1539 (Unspecified vulnerability in HP Proliant Support Pack (PSP) before 8.7 ...)
 	NOT-FOR-US: HP Proliant Support Pack
-CVE-2011-1538
+CVE-2011-1538 (Open redirect vulnerability in HP Proliant Support Pack (PSP) before 8 ...)
 	NOT-FOR-US: HP Proliant Support Pack
-CVE-2011-1537
+CVE-2011-1537 (Cross-site scripting (XSS) vulnerability in HP Proliant Support Pack ( ...)
 	NOT-FOR-US: HP Proliant Support Pack
-CVE-2011-1536
+CVE-2011-1536 (Unspecified vulnerability in HP Performance Insight 5.0, 5.1x. 5.2x, 5 ...)
 	NOT-FOR-US: HP Performance Insight
-CVE-2011-1535
+CVE-2011-1535 (Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linu ...)
 	NOT-FOR-US: HP Insight Control
-CVE-2011-1534
+CVE-2011-1534 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x all ...)
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-1533
+CVE-2011-1533 (Cross-site scripting (XSS) vulnerability on the HP Photosmart D110 and ...)
 	NOT-FOR-US: HP Photosmart
-CVE-2011-1532
+CVE-2011-1532 (Unspecified vulnerability in the SNMP component on the HP Photosmart D ...)
 	NOT-FOR-US: HP Photosmart
-CVE-2011-1531
+CVE-2011-1531 (The webscan component in the Embedded Web Server (EWS) on the HP Photo ...)
 	NOT-FOR-US: HP Photosmart
-CVE-2011-1530
+CVE-2011-1530 (The process_tgs_req function in do_tgs_req.c in the Key Distribution C ...)
 	- krb5 1.10+dfsg~alpha1-7
 	[squeeze] - krb5 <not-affected> (Only affecs 1.9 and higher)
 	[lenny] - krb5 <not-affected> (Only affecs 1.9 and higher)
-CVE-2011-1529
+CVE-2011-1529 (The lookup_lockout_policy function in the Key Distribution Center (KDC ...)
 	{DSA-2379-1}
 	- krb5 1.10+dfsg~alpha1-1 (low; bug #646367)
 	[lenny] - krb5 <not-affected> (Introduced in 1.8)
-CVE-2011-1528
+CVE-2011-1528 (The krb5_ldap_lockout_audit function in the Key Distribution Center (K ...)
 	{DSA-2379-1}
 	- krb5 1.10+dfsg~alpha1-1 (low; bug #646367)
 	[lenny] - krb5 <not-affected> (Introduced in 1.8)
-CVE-2011-1527
+CVE-2011-1527 (The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerber ...)
 	- krb5 1.10+dfsg~alpha1-1 (low; bug #646367)
 	[squeeze] - krb5 <not-affected> (Introduced in 1.9)
 	[lenny] - krb5 <not-affected> (Introduced in 1.9)
-CVE-2011-1526
+CVE-2011-1526 (ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Application ...)
 	{DSA-2283-1}
 	- krb5-appl 1:1.0.1-1.1
-CVE-2011-1525
+CVE-2011-1525 (Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer  ...)
 	NOT-FOR-US: RealPlayer
-CVE-2011-1524
+CVE-2011-1524 (Cross-site scripting (XSS) vulnerability in the management login GUI p ...)
 	NOT-FOR-US: Symantec LiveUpdate Administrator
-CVE-2011-1523
+CVE-2011-1523 (Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.c ...)
 	- nagios3 3.2.3-3 (bug #629127)
 	- icinga 1.4.1-1 (bug #629131)
 	[squeeze] - nagios3 <no-dsa> (Minor issue)
@@ -10103,17 +10103,17 @@ CVE-2011-1523
 	[squeeze] - icinga <no-dsa> (Minor issue)
 	[lenny] - icinga <no-dsa> (Minor issue)
 	NOTE: http://tracker.nagios.org/view.php?id=207
-CVE-2011-1522
+CVE-2011-1522 (Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\ ...)
 	{DSA-2223-1}
 	- doctrine 1.2.4-1 (bug #622674)
-CVE-2011-1520
+CVE-2011-1520 (The default configuration of the server console in IBM Lotus Domino do ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2011-1519
+CVE-2011-1519 (The remote console in the Server Controller in IBM Lotus Domino 7.x an ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2011-1518
+CVE-2011-1518 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Req ...)
 	{DSA-2231-1}
 	- otrs2 2.4.10+dfsg1-1
-CVE-2011-1521
+CVE-2011-1521 (The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x befo ...)
 	{DLA-25-1}
 	- python3.1 <removed> (bug #628453)
 	[squeeze] - python3.1 <no-dsa> (Minor issue)
@@ -10132,69 +10132,69 @@ CVE-2011-XXXX [htmlpurifier various]
 	NOTE: If apps are vulnerable, this must be addressed there (as done for Mahara)
 CVE-2011-1517
 	RESERVED
-CVE-2011-1516
+CVE-2011-1516 (The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-1515
+CVE-2011-1515 (The inet service in HP OpenView Storage Data Protector 6.00 through 6. ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-1514
+CVE-2011-1514 (The inet service in HP OpenView Storage Data Protector 6.00 through 6. ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-1513
+CVE-2011-1513 (Static code injection vulnerability in install_.php in e107 CMS 0.7.24 ...)
 	NOT-FOR-US: e107
-CVE-2011-1512
+CVE-2011-1512 (Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used i ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1511
+CVE-2011-1511 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-1510
+CVE-2011-1510 (Cross-site scripting (XSS) vulnerability in SolutionSearch.do in Manag ...)
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2011-1509
+CVE-2011-1509 (The encryptPassword function in Login.js in ManageEngine ServiceDesk P ...)
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2011-1508
+CVE-2011-1508 (Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly  ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2011-1507
+CVE-2011-1507 (Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1 ...)
 	{DSA-2225-1}
 	- asterisk 1:1.8.3.3-1
-CVE-2011-1506
+CVE-2011-1506 (The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and Mail ...)
 	NOT-FOR-US: Kerio
-CVE-2011-1505
+CVE-2011-1505 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 serv ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2011-1504
+CVE-2011-1504 (Cross-site scripting (XSS) vulnerability in Liferay Portal Community E ...)
 	- liferay-portal <itp> (bug #569819)
-CVE-2011-1503
+CVE-2011-1503 (The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x a ...)
 	- liferay-portal <itp> (bug #569819)
-CVE-2011-1502
+CVE-2011-1502 (Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache ...)
 	- liferay-portal <itp> (bug #569819)
 CVE-2011-1501
 	REJECTED
-CVE-2011-1500
+CVE-2011-1500 (PreferencesPithosDialog.py in Pithos 0.3.7 does not properly restrict  ...)
 	- pithos 0.3.8-1 (low)
-CVE-2011-1499
+CVE-2011-1499 (acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting s ...)
 	{DSA-2222-1}
 	- tinyproxy 1.8.2-2 (bug #621493)
 	[lenny] - tinyproxy <not-affected> (Vulnerable code not present)
-CVE-2011-1498
+CVE-2011-1498 (Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used ...)
 	- httpcomponents-client 4.1.1-1 (bug #628727)
 	[squeeze] - httpcomponents-client 4.0.1-1squeeze1
 	NOTE: http://seclists.org/oss-sec/2011/q2/188
 	NOTE: http://web.archive.org/web/20130102213624/http://www.apache.org/dist/httpcomponents/httpclient/RELEASE_NOTES-4.1.x.txt
 CVE-2011-1497
 	RESERVED
-CVE-2011-1496
+CVE-2011-1496 (tmux 1.3 and 1.4 does not properly drop group privileges, which allows ...)
 	{DSA-2212-1}
 	- tmux 1.4-6 (bug #620304)
 	NOTE: CVE id requested
-CVE-2011-1495
+CVE-2011-1495 (drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earl ...)
 	{DSA-2240-1}
 	- linux-2.6 2.6.38-5 (unimportant)
-CVE-2011-1494
+CVE-2011-1494 (Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/m ...)
 	{DSA-2240-1}
 	- linux-2.6 2.6.38-5 (unimportant)
-CVE-2011-1493
+CVE-2011-1493 (Array index error in the rose_parse_national function in net/rose/rose ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
-CVE-2011-1492
+CVE-2011-1492 (steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not prop ...)
 	- roundcube 0.5.1-1
 	[squeeze] - roundcube <no-dsa> (Minor issue)
-CVE-2011-1491
+CVE-2011-1491 (The login form in Roundcube Webmail before 0.5.1 does not properly han ...)
 	- roundcube 0.5.1-1 (low)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
 CVE-2011-1490
@@ -10212,87 +10212,87 @@ CVE-2011-1488
 	- rsyslog 5.7.6-1 (low)
 	[squeeze] - rsyslog <no-dsa> (Minor issue)
 	[lenny] - rsyslog <no-dsa> (Minor issue)
-CVE-2011-1487
+CVE-2011-1487 (The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.1 ...)
 	{DSA-2265-1}
 	- perl 5.10.1-20 (unimportant; bug #622817)
 	NOTE: http://nntp.perl.org/group/perl.perl5.porters/171010
-CVE-2011-1486
+CVE-2011-1486 (libvirtd in libvirt before 0.9.0 does not use thread-safe error report ...)
 	{DSA-2280-1}
 	- libvirt 0.9.0-1 (low; bug #623222)
 	[lenny] - libvirt <no-dsa> (Minor issue)
-CVE-2011-1485
+CVE-2011-1485 (Race condition in the pkexec utility and polkitd daemon in PolicyKit ( ...)
 	{DSA-2319-1}
 	- policykit-1 0.101-4 (bug #644500)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=692922
-CVE-2011-1484
+CVE-2011-1484 (jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as dis ...)
 	NOT-FOR-US: JBoss Seam
-CVE-2011-1483
+CVE-2011-1483 (wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise ...)
 	NOT-FOR-US: JBoss Enterprise Web Platform
-CVE-2011-1482
+CVE-2011-1482 (Multiple cross-site request forgery (CSRF) vulnerabilities in mainfile ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2011-1481
+CVE-2011-1481 (Multiple cross-site scripting (XSS) vulnerabilities in Francisco Burzi ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2011-1480
+CVE-2011-1480 (SQL injection vulnerability in admin.php in the administration backend ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2011-1479
+CVE-2011-1479 (Double free vulnerability in the inotify subsystem in the Linux kernel ...)
 	- linux-2.6 2.6.38-4
 	[lenny] - linux-2.6 <not-affected> (Only affected 2.6.37 and 2.6.38)
 	[squeeze] - linux-2.6 <not-affected> (Only affected 2.6.37 and 2.6.38)
-CVE-2011-1478
+CVE-2011-1478 (The napi_reuse_skb function in net/core/dev.c in the Generic Receive O ...)
 	{DSA-2240-1}
 	- linux-2.6 2.6.38-1
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-1477
+CVE-2011-1477 (Multiple array index errors in sound/oss/opl3.c in the Linux kernel be ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
-CVE-2011-1476
+CVE-2011-1476 (Integer underflow in the Open Sound System (OSS) subsystem in the Linu ...)
 	{DSA-2240-1}
 	- linux-2.6 2.6.38-4
-CVE-2011-1475
+CVE-2011-1475 (The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not p ...)
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
 CVE-2011-1474
 	RESERVED
 	NOT-FOR-US: PaX hardening patch
 	NOTE: http://seclists.org/oss-sec/2011/q1/579
-CVE-2011-1473
+CVE-2011-1473 (** DISPUTED ** OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not ...)
 	NOTE: Generic protocol issue, no code fix. Workarounds exist, see bug #672456
 	NOTE: and http://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation.html
-CVE-2011-1472
+CVE-2011-1472 (The Nokia E75 phone with firmware before 211.12.01 allows physically p ...)
 	NOT-FOR-US: Nokia E75 phone
-CVE-2011-1471
+CVE-2011-1471 (Integer signedness error in zip_stream.c in the Zip extension in PHP b ...)
 	{DSA-2266-1}
 	- php5 5.3.6-1
-CVE-2011-1470
+CVE-2011-1470 (The Zip extension in PHP before 5.3.6 allows context-dependent attacke ...)
 	{DSA-2408-1}
 	- php5 5.3.6-1 (unimportant)
 	NOTE: exploitable by malicious scripts only
-CVE-2011-1469
+CVE-2011-1469 (Unspecified vulnerability in the Streams component in PHP before 5.3.6 ...)
 	{DSA-2408-1}
 	- php5 5.3.6-1 (unimportant)
 	NOTE: exploitable by malicious scripts only
-CVE-2011-1468
+CVE-2011-1468 (Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 mig ...)
 	{DSA-2408-1}
 	- php5 5.3.6-1 (unimportant)
 	NOTE: under normal conditions the amount of memory leaked is insignificant
-CVE-2011-1467
+CVE-2011-1467 (Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfm ...)
 	{DSA-2408-1}
 	- php5 5.3.6-1 (unimportant)
 	[lenny] - php5 <not-affected> (intl extension included since 5.3)
 	NOTE: Only triggerable with malicious script
-CVE-2011-1466
+CVE-2011-1466 (Integer overflow in the SdnToJulian function in the Calendar extension ...)
 	{DSA-2266-1}
 	- php5 5.3.6-1
 	NOTE: null pointer deref because of int overflow. Fix has a bug
-CVE-2011-1465
+CVE-2011-1465 (The SPDY implementation in net/http/http_network_transaction.cc in Goo ...)
 	- chromium-browser <not-affected> (only the dev version was affected)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1464
+CVE-2011-1464 (Buffer overflow in the strval function in PHP before 5.3.6, when the p ...)
 	{DSA-2408-1}
 	- php5 5.3.6-1 (unimportant)
 	NOTE: ini setting needs to be modified.
 CVE-2011-1463
 	RESERVED
-CVE-2011-1462
+CVE-2011-1462 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-1461
 	RESERVED
@@ -10302,396 +10302,396 @@ CVE-2011-1459
 	RESERVED
 CVE-2011-1458
 	RESERVED
-CVE-2011-1457
+CVE-2011-1457 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-1456
+CVE-2011-1456 (Google Chrome before 11.0.696.57 does not properly handle PDF forms, w ...)
 	- chromium-browser <not-affected> (chrome pdf plugin)
-CVE-2011-1455
+CVE-2011-1455 (Google Chrome before 11.0.696.57 does not properly handle PDF document ...)
 	- chromium-browser <not-affected> (chrome pdf plugin)
-CVE-2011-1454
+CVE-2011-1454 (Use-after-free vulnerability in the DOM id handling functionality in G ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/84015
-CVE-2011-1453
+CVE-2011-1453 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-1452
+CVE-2011-1452 (Google Chrome before 11.0.696.57 allows user-assisted remote attackers ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1451
+CVE-2011-1451 (Google Chrome before 11.0.696.57 does not properly handle DOM id maps, ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/83209
-CVE-2011-1450
+CVE-2011-1450 (Google Chrome before 11.0.696.57 does not properly present file dialog ...)
 	- chromium-browser 11.0.696.65~r84435-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1449
+CVE-2011-1449 (Use-after-free vulnerability in the WebSockets implementation in Googl ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/82088
-CVE-2011-1448
+CVE-2011-1448 (Google Chrome before 11.0.696.57 does not properly perform height calc ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/81786
-CVE-2011-1447
+CVE-2011-1447 (Google Chrome before 11.0.696.57 does not properly handle drop-down li ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/81851
-CVE-2011-1446
+CVE-2011-1446 (Google Chrome before 11.0.696.57 allows remote attackers to spoof the  ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1445
+CVE-2011-1445 (Google Chrome before 11.0.696.57 does not properly handle SVG document ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/81689
-CVE-2011-1444
+CVE-2011-1444 (Race condition in the sandbox launcher implementation in Google Chrome ...)
 	{DSA-2245-1}
 	- chromium-browser 11.0.696.65~r84435-1
 	- webkit <not-affected> (chromium sandbox)
-CVE-2011-1443
+CVE-2011-1443 (Google Chrome before 11.0.696.57 does not properly implement layering, ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/82624
-CVE-2011-1442
+CVE-2011-1442 (Google Chrome before 11.0.696.57 does not properly handle mutation eve ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/81611
-CVE-2011-1441
+CVE-2011-1441 (Google Chrome before 11.0.696.57 does not properly perform a cast of a ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/80773
 	NOTE: http://trac.webkit.org/changeset/81088
-CVE-2011-1440
+CVE-2011-1440 (Use-after-free vulnerability in Google Chrome before 11.0.696.57 allow ...)
 	{DSA-2245-1}
 	- chromium-browser 11.0.696.65~r84435-1
 	NOTE: http://trac.webkit.org/changeset/84009
-CVE-2011-1439
+CVE-2011-1439 (Google Chrome before 11.0.696.57 on Linux does not properly isolate re ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <end-of-life>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1438
+CVE-2011-1438 (Google Chrome before 11.0.696.57 allows remote attackers to bypass the ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/81399
-CVE-2011-1437
+CVE-2011-1437 (Multiple integer overflows in Google Chrome before 11.0.696.57 allow r ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/79462
-CVE-2011-1436
+CVE-2011-1436 (Google Chrome before 11.0.696.57 on Linux does not properly interact w ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1435
+CVE-2011-1435 (Google Chrome before 11.0.696.57 does not properly implement the tabs  ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <end-of-life>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1434
+CVE-2011-1434 (Google Chrome before 11.0.696.57 does not ensure thread safety during  ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <end-of-life>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1433
+CVE-2011-1433 (The (1) AgentInterface and (2) CustomerInterface components in Open Ti ...)
 	- otrs2 3.0.8+dfsg1-1 (unimportant)
 	NOTE: Negligible security impact
-CVE-2011-1432
+CVE-2011-1432 (The STARTTLS implementation in SCO SCOoffice Server does not properly  ...)
 	NOT-FOR-US: SCO SCOoffice Server
-CVE-2011-1431
+CVE-2011-1431 (The STARTTLS implementation in qmail-smtpd.c in qmail-smtpd in the net ...)
 	- qmail <removed> (unimportant; bug #652378)
 	NOTE: The TLS patch is shipped in the source package, but it's not applied
 	- netqmail <not-affected> (Doesn't include the TLS patch)
-CVE-2011-1430
+CVE-2011-1430 (The STARTTLS implementation in the server in Ipswitch IMail 11.03 and  ...)
 	NOT-FOR-US: Ipswitch IMail
-CVE-2011-1429
+CVE-2011-1429 (Mutt does not verify that the smtps server hostname matches the domain ...)
 	- mutt 1.5.21-5 (low; bug #619216)
 	[squeeze] - mutt 1.5.20-9+squeeze2
 	[lenny] - mutt <no-dsa> (Minor issue)
 	NOTE: http://dev.mutt.org/trac/ticket/3506
-CVE-2011-1428
+CVE-2011-1428 (Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does ...)
 	{DSA-2598-1}
 	- weechat 0.3.5-1
-CVE-2011-1427
+CVE-2011-1427 (Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 5. ...)
 	NOT-FOR-US: Kodak InSite
-CVE-2011-1426
+CVE-2011-1426 (The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 thr ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-1425
+CVE-2011-1425 (xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in  ...)
 	{DSA-2219-1}
 	- xmlsec1 1.2.14-1.1 (bug #620560)
 	NOTE: http://www.aleksey.com/xmlsec/news.html
-CVE-2011-1424
+CVE-2011-1424 (The default configuration of ExShortcut\Web.config in EMC SourceOne Em ...)
 	NOT-FOR-US: EMC SourceOne Email Management
-CVE-2011-1423
+CVE-2011-1423 (Cross-site scripting (XSS) vulnerability in RSA Data Loss Prevention ( ...)
 	NOT-FOR-US: RSA Data Loss Prevention Enterprise Manager
-CVE-2011-1422
+CVE-2011-1422 (Cross-site scripting (XSS) vulnerability in an unspecified Shockwave F ...)
 	NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise
-CVE-2011-1421
+CVE-2011-1421 (EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the  ...)
 	NOT-FOR-US: EMC NetWorker
-CVE-2011-1420
+CVE-2011-1420 (EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC p ...)
 	NOT-FOR-US: EMC Data Protection Advisor Collector
-CVE-2011-1419
+CVE-2011-1419 (Apache Tomcat 7.x before 7.0.11, when web.xml has no security constrai ...)
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
-CVE-2011-1418
+CVE-2011-1418 (The stateless address autoconfiguration (aka SLAAC) functionality in t ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-1417
+CVE-2011-1417 (Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 ...)
 	NOT-FOR-US: QuickLook,
-CVE-2011-1416
+CVE-2011-1416 (The Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0 ...)
 	NOT-FOR-US: BlackBerry
 CVE-2011-1415
 	REJECTED
-CVE-2011-1414
+CVE-2011-1414 (Cross-site scripting (XSS) vulnerability in the tibbr web server, as u ...)
 	NOT-FOR-US: TIBCO tibbr
-CVE-2011-1413
+CVE-2011-1413 (Google Chrome before 10.0.648.127 on Linux does not properly mitigate  ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1412
+CVE-2011-1412 (sys/sys_unix.c in the ioQuake3 engine on Unix and Linux, as used in Wo ...)
 	- openarena <not-affected> (Vulnerable code not present, the version in sid uses ioquake3)
 	- ioquake3 1.36+svn1946-4
-CVE-2011-1411
+CVE-2011-1411 (Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, ...)
 	{DSA-2284-1}
 	- opensaml2 2.4.3-1
 CVE-2011-1410
 	RESERVED
-CVE-2011-1409
+CVE-2011-1409 (Frams's Fast File EXchange (F*EX, aka fex) 20100208, and possibly othe ...)
 	{DSA-2259-1}
 	- fex 20110610-1
 CVE-2011-1408 [ikiwiki tty hijacking vulnerability]
 	RESERVED
 	- ikiwiki 3.20110608 (low)
 	[squeeze] - ikiwiki <no-dsa> (Minor issue)
-CVE-2011-1407
+CVE-2011-1407 (The DKIM implementation in Exim 4.7x before 4.76 permits matching for  ...)
 	{DSA-2236-1}
 	- exim4 4.76-1
 	[lenny] - exim4 <not-affected> (Vulnerable code not present)
-CVE-2011-1406
+CVE-2011-1406 (Mahara before 1.3.6 does not properly handle an https URL in the wwwro ...)
 	{DSA-2246-1}
 	- mahara 1.3.6-1
-CVE-2011-1405
+CVE-2011-1405 (Cross-site scripting (XSS) vulnerability in Mahara before 1.3.6 allows ...)
 	{DSA-2246-1}
 	- mahara 1.3.6-1
-CVE-2011-1404
+CVE-2011-1404 (Mahara before 1.3.6 does not properly restrict the data in responses t ...)
 	{DSA-2246-1}
 	- mahara 1.3.6-1
-CVE-2011-1403
+CVE-2011-1403 (Cross-site request forgery (CSRF) vulnerability in the pieforms implem ...)
 	{DSA-2246-1}
 	- mahara 1.3.6-1
-CVE-2011-1402
+CVE-2011-1402 (Mahara before 1.3.6 allows remote authenticated users to bypass intend ...)
 	{DSA-2246-1}
 	- mahara 1.3.6-1
-CVE-2011-1401
+CVE-2011-1401 (ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber  ...)
 	{DSA-2214-1}
 	- ikiwiki 3.20110328
-CVE-2011-1400
+CVE-2011-1400 (The default configuration of the shell_escape_commands directive in co ...)
 	{DSA-2198-1}
 	- tex-common 2.09
 CVE-2011-1399
 	RESERVED
-CVE-2011-1398
+CVE-2011-1398 (The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5. ...)
 	- php5 5.4.0~rc5-1 (low)
 	[squeeze] - php5 <no-dsa> (Minor issue)
-CVE-2011-1397
+CVE-2011-1397 (Cross-site request forgery (CSRF) vulnerability in the Labor Reporting ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2011-1396
+CVE-2011-1396 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-1395
+CVE-2011-1395 (Cross-site scripting (XSS) vulnerability in imicon.jsp in IBM Maximo A ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-1394
+CVE-2011-1394 (IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1,  ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2011-1393
+CVE-2011-1393 (Unspecified vulnerability in the authentication functionality in the s ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-1392
+CVE-2011-1392 (The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll i ...)
 	NOT-FOR-US: IBM Rational Rhapsody
-CVE-2011-1391
+CVE-2011-1391 (The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll i ...)
 	NOT-FOR-US: IBM Rational Rhapsody
-CVE-2011-1390
+CVE-2011-1390 (SQL injection vulnerability in the Maintenance tool in IBM Rational Cl ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2011-1389
+CVE-2011-1389 (Multiple directory traversal vulnerabilities in the vendor daemon in R ...)
 	NOT-FOR-US: Telelogic License Server
-CVE-2011-1388
+CVE-2011-1388 (The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll i ...)
 	NOT-FOR-US: IBM Rational Rhapsody
 CVE-2011-1387
 	RESERVED
-CVE-2011-1386
+CVE-2011-1386 (IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Iden ...)
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2011-1385
+CVE-2011-1385 (IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote att ...)
 	NOT-FOR-US: IBM AIX
-CVE-2011-1384
+CVE-2011-1384 (The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd prog ...)
 	NOT-FOR-US: IBM AIX
 CVE-2011-1383
 	RESERVED
 CVE-2011-1382
 	RESERVED
-CVE-2011-1381
+CVE-2011-1381 (Unspecified vulnerability in IBM OpenPages GRC Platform 6.1.0.1 before ...)
 	NOT-FOR-US: IBM OpenPages GRC Platform
 CVE-2011-1380
 	RESERVED
 CVE-2011-1379
 	RESERVED
-CVE-2011-1378
+CVE-2011-1378 (IBM WebSphere MQ 6.0 on OpenVMS, when the default rights of the MQM gr ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2011-1377
+CVE-2011-1377 (The Web Services Security component in the Web Services Feature Pack b ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2011-1376
+CVE-2011-1376 (iscdeploy in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.4 ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2011-1375
+CVE-2011-1375 (IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and wpar_ ...)
 	NOT-FOR-US: IBM AIX
-CVE-2011-1374
+CVE-2011-1374 (Buffer overflow in Apple QuickTime before 7.7.3 allows remote attacker ...)
 	NOT-FOR-US: Appe QuickTime
-CVE-2011-1373
+CVE-2011-1373 (Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2011-1372
+CVE-2011-1372 (The Web User Interface on the IBM TS3100 and TS3200 tape libraries wit ...)
 	NOT-FOR-US: IBM web interface to tape libraries
-CVE-2011-1371
+CVE-2011-1371 (Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM W ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2011-1370
+CVE-2011-1370 (The default configuration of the Sametime configuration servlet (SCS)  ...)
 	NOT-FOR-US: IBM Lotus Sametime
 CVE-2011-1369
 	RESERVED
-CVE-2011-1368
+CVE-2011-1368 (The JavaServer Faces (JSF) application functionality in IBM WebSphere  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2011-1367
+CVE-2011-1367 (Unspecified vulnerability in the File Load feature in IBM Rational App ...)
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2011-1366
+CVE-2011-1366 (Unspecified vulnerability in the Import feature in IBM Rational AppSca ...)
 	NOT-FOR-US: IBM Rational AppScan
 CVE-2011-1365
 	RESERVED
-CVE-2011-1364
+CVE-2011-1364 (Cross-site request forgery (CSRF) vulnerability in _ah/admin/interacti ...)
 	NOT-FOR-US: Goole App Engine Python SDK
 CVE-2011-1363
 	RESERVED
-CVE-2011-1362
+CVE-2011-1362 (Cross-site scripting (XSS) vulnerability in the Installation Verificat ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2011-1361
 	RESERVED
-CVE-2011-1360
+CVE-2011-1360 (Multiple cross-site scripting (XSS) vulnerabilities in IBM HTTP Server ...)
 	NOT-FOR-US: IBM HTTP Server
-CVE-2011-1359
+CVE-2011-1359 (Directory traversal vulnerability in the administration console in IBM ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2011-1358
 	RESERVED
-CVE-2011-1357
+CVE-2011-1357 (Cross-site scripting (XSS) vulnerability in agentDetect.jsp in the web ...)
 	NOT-FOR-US: IBM WebSphere Service Registry and Repository
-CVE-2011-1356
+CVE-2011-1356 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 bef ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2011-1355
+CVE-2011-1355 (Open redirect vulnerability in IBM WebSphere Application Server (WAS)  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2011-1354
 	RESERVED
-CVE-2011-1353
+CVE-2011-1353 (Unspecified vulnerability in Adobe Reader 10.x before 10.1.1 on Window ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-1352
+CVE-2011-1352 (The PowerVR SGX driver in Android before 2.3.6 allows attackers to gai ...)
 	NOT-FOR-US: Anroid
 CVE-2011-1351
 	RESERVED
-CVE-2011-1350
+CVE-2011-1350 (The PowerVR SGX driver in Android before 2.3.6 allows attackers to obt ...)
 	NOT-FOR-US: Android
 CVE-2011-1349
 	RESERVED
 CVE-2011-1348
 	RESERVED
-CVE-2011-1347
+CVE-2011-1347 (Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows  ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2011-1346
+CVE-2011-1346 (Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows  ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2011-1345
+CVE-2011-1345 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle objec ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2011-1344
+CVE-2011-1344 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-1343
+CVE-2011-1343 (SQL injection vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIb ...)
 	NOT-FOR-US: Tivoli
-CVE-2011-1342
+CVE-2011-1342 (SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ...)
 	NOT-FOR-US: Aimluck Aipo
-CVE-2011-1341
+CVE-2011-1341 (Cross-site request forgery (CSRF) vulnerability in Aimluck Aipo before ...)
 	NOT-FOR-US: Aimluck Aipo
-CVE-2011-1340
+CVE-2011-1340 (Cross-site scripting (XSS) vulnerability in skins/plone_templates/defa ...)
 	- plone3 <removed>
-CVE-2011-1339
+CVE-2011-1339 (Cross-site scripting (XSS) vulnerability in Google Search Appliance be ...)
 	NOT-FOR-US: Google Search Appliance
-CVE-2011-1338
+CVE-2011-1338 (Untrusted search path vulnerability in XnView before 1.98.1 allows loc ...)
 	NOT-FOR-US: XnView
-CVE-2011-1337
+CVE-2011-1337 (Opera before 11.50 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Opera
-CVE-2011-1336
+CVE-2011-1336 (Buffer overflow in ALZip 8.21 and earlier allows remote attackers to e ...)
 	NOT-FOR-US: ALZip
-CVE-2011-1335
+CVE-2011-1335 (Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8  ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2011-1334
+CVE-2011-1334 (Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu Ga ...)
 	NOT-FOR-US: Cybozu
-CVE-2011-1333
+CVE-2011-1333 (Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu ...)
 	NOT-FOR-US: Cybozu
-CVE-2011-1332
+CVE-2011-1332 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 throug ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2011-1331
+CVE-2011-1331 (JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitar ...)
 	NOT-FOR-US: JustSystems Ichitaro Products
-CVE-2011-1330
+CVE-2011-1330 (Cross-site scripting (XSS) vulnerability in WeblyGo 5.0 Pro/LE, 5.02 P ...)
 	NOT-FOR-US: WeblyGo
-CVE-2011-1329
+CVE-2011-1329 (WalRack 1.x before 1.1.9 and 2.x before 2.0.7 does not properly restri ...)
 	NOT-FOR-US: WalRack
-CVE-2011-1328
+CVE-2011-1328 (SQL injection vulnerability in RADVISION iVIEW Suite before 7.5 allows ...)
 	NOT-FOR-US: RADVISION iVIEW Suite
-CVE-2011-1327
+CVE-2011-1327 (The Keystroke Encryption feature in Trend Micro Internet Security 2009 ...)
 	NOT-FOR-US: Trend Micro Internet Security
-CVE-2011-1326
+CVE-2011-1326 (Unspecified vulnerability on the La Fonera+ router with firmware befor ...)
 	NOT-FOR-US: La Fonera+ router
-CVE-2011-1325
+CVE-2011-1325 (Cross-site request forgery (CSRF) vulnerability in EC-CUBE before 2.11 ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2011-1324
+CVE-2011-1324 (Multiple cross-site request forgery (CSRF) vulnerabilities in the mana ...)
 	NOT-FOR-US: Buffalo routers
-CVE-2011-1323
+CVE-2011-1323 (Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers with firmware 6. ...)
 	NOT-FOR-US: Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers
-CVE-2011-1322
+CVE-2011-1322 (The SOAP with Attachments API for Java (SAAJ) implementation in the We ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1321
+CVE-2011-1321 (The AuthCache purge implementation in the Security component in IBM We ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1320
+CVE-2011-1320 (The Security component in IBM WebSphere Application Server (WAS) 6.1.0 ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1319
+CVE-2011-1319 (The Security component in IBM WebSphere Application Server (WAS) 6.1.0 ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1318
+CVE-2011-1318 (Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1317
+CVE-2011-1317 (Memory leak in com.ibm.ws.jsp.runtime.WASJSPStrBufferImpl in the JavaS ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1316
+CVE-2011-1316 (The Session Initiation Protocol (SIP) Proxy in the HTTP Transport comp ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1315
+CVE-2011-1315 (Memory leak in the messaging engine in IBM WebSphere Application Serve ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1314
+CVE-2011-1314 (The Service Integration Bus (SIB) messaging engine in IBM WebSphere Ap ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1313
+CVE-2011-1313 (Double free vulnerability in IBM WebSphere Application Server (WAS) 6. ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1312
+CVE-2011-1312 (The Administrative Console component in IBM WebSphere Application Serv ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1311
+CVE-2011-1311 (The Security component in IBM WebSphere Application Server (WAS) befor ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1310
+CVE-2011-1310 (The Administrative Scripting Tools component in IBM WebSphere Applicat ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1309
+CVE-2011-1309 (The Plug-in component in IBM WebSphere Application Server (WAS) before ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1308
+CVE-2011-1308 (Cross-site scripting (XSS) vulnerability in the Installation Verificat ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1307
+CVE-2011-1307 (The installer in IBM WebSphere Application Server (WAS) before 7.0.0.1 ...)
 	NOT-FOR-US: WebSphere
-CVE-2011-1306
+CVE-2011-1306 (Unspecified vulnerability in the Scratchpad application in Google Chro ...)
 	NOT-FOR-US: Google ChromeOS
-CVE-2011-1305
+CVE-2011-1305 (Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/76713
-CVE-2011-1304
+CVE-2011-1304 (Unspecified vulnerability in Google Chrome before 11.0.696.57 allows r ...)
 	- chromium-browser 11.0.696.65~r84435-1 (unimportant)
-CVE-2011-1303
+CVE-2011-1303 (Google Chrome before 11.0.696.57 does not properly handle floating obj ...)
 	- chromium-browser 11.0.696.65~r84435-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/80682
-CVE-2011-1302
+CVE-2011-1302 (Heap-based buffer overflow in the GPU process in Google Chrome before  ...)
 	- chromium-browser 10.0.648.205~r81283-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1301
+CVE-2011-1301 (Use-after-free vulnerability in the GPU process in Google Chrome befor ...)
 	- chromium-browser 10.0.648.205~r81283-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1300
+CVE-2011-1300 (The Program::getActiveUniformMaxLength function in libGLESv2/Program.c ...)
 	NOT-FOR-US: Mozilla Firefox on Windows, Google Chrome on Windows
 CVE-2011-1299
 	RESERVED
@@ -10699,31 +10699,31 @@ CVE-2011-1298
 	RESERVED
 CVE-2011-1297
 	RESERVED
-CVE-2011-1296
+CVE-2011-1296 (Google Chrome before 10.0.648.204 does not properly handle SVG text, w ...)
 	- chromium-browser 10.0.648.204~r79063-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/80520
-CVE-2011-1295
+CVE-2011-1295 (WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari  ...)
 	- chromium-browser 10.0.648.204~r79063-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/80487
-CVE-2011-1294
+CVE-2011-1294 (Google Chrome before 10.0.648.204 does not properly handle Cascading S ...)
 	- chromium-browser 10.0.648.204~r79063-1
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/80144
-CVE-2011-1293
+CVE-2011-1293 (Use-after-free vulnerability in the HTMLCollection implementation in G ...)
 	{DSA-2245-1}
 	- chromium-browser 10.0.648.204~r79063-1
 	NOTE: http://trac.webkit.org/changeset/80797
-CVE-2011-1292
+CVE-2011-1292 (Use-after-free vulnerability in the frame-loader implementation in Goo ...)
 	{DSA-2245-1}
 	- chromium-browser 10.0.648.204~r79063-1
 	NOTE: http://trac.webkit.org/changeset/79808
-CVE-2011-1291
+CVE-2011-1291 (Google Chrome before 10.0.648.204 does not properly handle base string ...)
 	- chromium-browser 10.0.648.204~r79063-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1290
+CVE-2011-1290 (Integer overflow in WebKit, as used on the Research In Motion (RIM) Bl ...)
 	{DSA-2192-1}
 	- chromium-browser 10.0.648.133~r77742-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
@@ -10731,163 +10731,163 @@ CVE-2011-1290
 	NOTE: http://trac.webkit.org/changeset/80787
 CVE-2011-1289
 	RESERVED
-CVE-2011-1288
+CVE-2011-1288 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-1287
 	RESERVED
-CVE-2011-1286
+CVE-2011-1286 (Google V8, as used in Google Chrome before 10.0.648.127, allows remote ...)
 	- libv8 3.1.8.10-1 (bug #617418)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-1285
+CVE-2011-1285 (The regular-expression functionality in Google Chrome before 10.0.648. ...)
 	- libv8 3.1.8.10-1 (bug #617418)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-1284
+CVE-2011-1284 (Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) i ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1283
+CVE-2011-1283 (The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsyste ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1282
+CVE-2011-1282 (The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsyste ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1281
+CVE-2011-1281 (The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsyste ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1280
+CVE-2011-1280 (The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 200 ...)
 	NOT-FOR-US: Microsoft InfoPath, SQL Server, SQL Server Management Studio Express, Visual Studio
-CVE-2011-1279
+CVE-2011-1279 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, a ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter
-CVE-2011-1278
+CVE-2011-1278 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly valid ...)
 	NOT-FOR-US: Microsoft Excel, Office
-CVE-2011-1277
+CVE-2011-1277 (Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Forma ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter
-CVE-2011-1276
+CVE-2011-1276 (Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; O ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter, Excel Viewer, Office Compatibility Pack
-CVE-2011-1275
+CVE-2011-1275 (Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Ope ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter
-CVE-2011-1274
+CVE-2011-1274 (Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter, Excel Viewer, Office Compatibility Pack
-CVE-2011-1273
+CVE-2011-1273 (Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2 ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter, Excel Viewer, Office Compatibility Pack
-CVE-2011-1272
+CVE-2011-1272 (Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 ...)
 	NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter, Excel Viewer, Office Compatibility Pack
-CVE-2011-1271
+CVE-2011-1271 (The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1,  ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2011-1270
+CVE-2011-1270 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows r ...)
 	NOT-FOR-US: Microsoft PowerPoint 2002 SP3 and 2003 SP3
-CVE-2011-1269
+CVE-2011-1269 (Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2011-1268
+CVE-2011-1268 (The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 200 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1267
+CVE-2011-1267 (The SMB server in Microsoft Windows Vista SP1 and SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1266
+CVE-2011-1266 (The Vector Markup Language (VML) implementation in vgx.dll in Microsof ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1265
+CVE-2011-1265 (The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Win ...)
 	NOT-FOR-US: MS Windows
-CVE-2011-1264
+CVE-2011-1264 (Cross-site scripting (XSS) vulnerability in Active Directory Certifica ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1263
+CVE-2011-1263 (Cross-site scripting (XSS) vulnerability in the logon page in Remote D ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1262
+CVE-2011-1262 (Microsoft Internet Explorer 7 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1261
+CVE-2011-1261 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1260
+CVE-2011-1260 (Microsoft Internet Explorer 8 and 9 does not properly handle objects i ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-1259
 	REJECTED
-CVE-2011-1258
+CVE-2011-1258 (Microsoft Internet Explorer 6 through 8 does not properly restrict web ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1257
+CVE-2011-1257 (Race condition in Microsoft Internet Explorer 6 through 8 allows remot ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1256
+CVE-2011-1256 (Microsoft Internet Explorer 6 through 8 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1255
+CVE-2011-1255 (The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementa ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1254
+CVE-2011-1254 (Microsoft Internet Explorer 6 through 8 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1253
+CVE-2011-1253 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and  ...)
 	NOT-FOR-US: Microsoft .NET Framework, Silverlight
-CVE-2011-1252
+CVE-2011-1252 (Cross-site scripting (XSS) vulnerability in the SafeHTML function in t ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1251
+CVE-2011-1251 (Microsoft Internet Explorer 8 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1250
+CVE-2011-1250 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1249
+CVE-2011-1249 (The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1248
+CVE-2011-1248 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1247
+CVE-2011-1247 (Untrusted search path vulnerability in the Microsoft Active Accessibil ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1246
+CVE-2011-1246 (Microsoft Internet Explorer 8 does not properly handle content setting ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1245
+CVE-2011-1245 (Microsoft Internet Explorer 6 and 7 does not properly restrict script  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1244
+CVE-2011-1244 (Microsoft Internet Explorer 6, 7, and 8 does not enforce intended doma ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1243
+CVE-2011-1243 (The Windows Messenger ActiveX control in msgsc.dll in Microsoft Window ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1242
+CVE-2011-1242 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1241
+CVE-2011-1241 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1240
+CVE-2011-1240 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1239
+CVE-2011-1239 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1238
+CVE-2011-1238 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1237
+CVE-2011-1237 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1236
+CVE-2011-1236 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1235
+CVE-2011-1235 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1234
+CVE-2011-1234 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1233
+CVE-2011-1233 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1232
+CVE-2011-1232 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1231
+CVE-2011-1231 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1230
+CVE-2011-1230 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1229
+CVE-2011-1229 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1228
+CVE-2011-1228 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1227
+CVE-2011-1227 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1226
+CVE-2011-1226 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1225
+CVE-2011-1225 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-XXXX [dokuwiki ACL bypass]
 	- dokuwiki 0.0.20101107a-1 (low)
 	[squeeze] - dokuwiki <no-dsa> (Minor issue)
 	[lenny] - dokuwiki <no-dsa> (Minor issue)
-CVE-2011-1224
+CVE-2011-1224 (IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not u ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2011-1223
+CVE-2011-1223 (Buffer overflow in the Alternate Data Stream (aka ADS or named stream) ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2011-1222
+CVE-2011-1222 (Buffer overflow in the Journal Based Backup (JBB) feature in the backu ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2011-1221
+CVE-2011-1221 (Cross-zone scripting vulnerability in the RealPlayer ActiveX control i ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2011-1220
+CVE-2011-1220 (Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivo ...)
 	NOT-FOR-US: IBM Tivoli Management Framework
 CVE-2011-1219
 	RESERVED
-CVE-2011-1218
+CVE-2011-1218 (Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lot ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1217
+CVE-2011-1217 (Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lo ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1216
+CVE-2011-1216 (Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used i ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1215
+CVE-2011-1215 (Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used  ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1214
+CVE-2011-1214 (Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used  ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2011-1213
+CVE-2011-1213 (Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lot ...)
 	NOT-FOR-US: Autonomy KeyView
 CVE-2011-1212
 	RESERVED
@@ -10895,27 +10895,27 @@ CVE-2011-1211
 	RESERVED
 CVE-2011-1210
 	RESERVED
-CVE-2011-1209
+CVE-2011-1209 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 bef ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2011-1208
+CVE-2011-1208 (IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3 ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2011-1207
+CVE-2011-1207 (The ActiveBar1 ActiveX control in the Data Dynamics ActiveBar ActiveX  ...)
 	NOT-FOR-US: IBM Rational System
-CVE-2011-1206
+CVE-2011-1206 (Stack-based buffer overflow in the server process in ibmslapd.exe in I ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2011-1205
+CVE-2011-1205 (Multiple buffer overflows in unspecified COM objects in Rational Commo ...)
 	NOT-FOR-US: IBM Rational ClearCase, ClearQuest
-CVE-2011-1204
+CVE-2011-1204 (Google Chrome before 10.0.648.127 does not properly handle attributes, ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/79810
 	NOTE: very hard to merge: needs introduction of ScopedEventQueue.cpp
-CVE-2011-1203
+CVE-2011-1203 (Google Chrome before 10.0.648.127 does not properly handle SVG cursors ...)
 	{DSA-2189-1}
 	- chromium-browser 10.0.648.127~r76697-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/79476
-CVE-2011-1202
+CVE-2011-1202 (The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 a ...)
 	- libxslt 1.1.26-7 (low; bug #617413)
 	- xulrunner <removed> (unimportant)
 	[lenny] - xulrunner <no-dsa> (minor issue)
@@ -10929,83 +10929,83 @@ CVE-2011-1202
 	[squeeze] - libxslt 1.1.26-6+squeeze1
 	[lenny] - libxslt <no-dsa> (minor issue)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-1201
+CVE-2011-1201 (The context implementation in WebKit, as used in Google Chrome before  ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (losecontext not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/78921
-CVE-2011-1200
+CVE-2011-1200 (Google Chrome before 10.0.648.127 does not properly perform a cast of  ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/78744
-CVE-2011-1199
+CVE-2011-1199 (Google Chrome before 10.0.648.127 does not properly handle DataView ob ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (issue in libv8 bindings)
 	NOTE: https://trac.webkit.org/changeset/78738
-CVE-2011-1198
+CVE-2011-1198 (The video functionality in Google Chrome before 10.0.648.127 allows re ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- libav <not-affected> (Specific to ffmpeg-mt)
-CVE-2011-1197
+CVE-2011-1197 (Google Chrome before 10.0.648.127 does not properly perform table pain ...)
 	{DSA-2189-1}
 	- chromium-browser 10.0.648.127~r76697-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/79734
-CVE-2011-1196
+CVE-2011-1196 (The OGG container implementation in Google Chrome before 10.0.648.127  ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- libav 4:0.7.1-1
 	- ffmpeg-debian <not-affected> (Info from maintainer: the patch does not apply 0.5, and I failed to reproduce)
 	- ffmpeg <not-affected> (Info from maintainer: the patch does not apply 0.5, and I failed to reproduce)
-CVE-2011-1195
+CVE-2011-1195 (Use-after-free vulnerability in Google Chrome before 10.0.648.127 allo ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (vulnerable code not present)
 	NOTE: http://trac.webkit.org/changeset/78147
-CVE-2011-1194
+CVE-2011-1194 (Multiple unspecified vulnerabilities in Google Chrome before 10.0.648. ...)
 	- chromium-browser 10.0.648.127~r76697-1 (unimportant)
 	NOTE: http://trac.webkit.org/changeset/77049
 	NOTE: http://trac.webkit.org/changeset/77329
 	NOTE: popup blocker bypass not treated as a security issue
-CVE-2011-1193
+CVE-2011-1193 (Google V8, as used in Google Chrome before 10.0.648.127, allows remote ...)
 	- libv8 3.1.8.10-1 (bug #617418)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-1192
+CVE-2011-1192 (Google Chrome before 10.0.648.127 on Linux does not properly handle Un ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (issue in chromium-specific code)
 	NOTE: http://trac.webkit.org/changeset/76732
-CVE-2011-1191
+CVE-2011-1191 (Use-after-free vulnerability in Google Chrome before 10.0.648.127 allo ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (vulnerable code not yet present)
 	NOTE: http://trac.webkit.org/changeset/76652
-CVE-2011-1190
+CVE-2011-1190 (The Web Workers implementation in Google Chrome before 10.0.648.127 al ...)
 	{DSA-2189-1}
 	- chromium-browser 10.0.648.127~r76697-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/77563
-CVE-2011-1189
+CVE-2011-1189 (Google Chrome before 10.0.648.127 does not properly perform box layout ...)
 	{DSA-2189-1}
 	- chromium-browser 10.0.648.127~r76697-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/79689
-CVE-2011-1188
+CVE-2011-1188 (Google Chrome before 10.0.648.127 does not properly handle counter nod ...)
 	{DSA-2189-1}
 	- chromium-browser 10.0.648.127~r76697-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/77142
-CVE-2011-1187
+CVE-2011-1187 (Google Chrome before 10.0.648.127 allows remote attackers to bypass th ...)
 	- libv8 3.1.8.10-1 (bug #617418)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- icedove 17.0.2-1 (low)
@@ -11018,102 +11018,102 @@ CVE-2011-1187
 	[wheezy] - iceape <no-dsa> (Minor issue, also not fixed in ESV branch)
 	[squeeze] - iceape <no-dsa> (Minor issue, also not fixed in ESV branch)
 	NOTE: Fixed in Thunderbird 12 and Seamonkey 2.9
-CVE-2011-1186
+CVE-2011-1186 (Google Chrome before 10.0.648.127 on Linux does not properly handle pa ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1185
+CVE-2011-1185 (Google Chrome before 10.0.648.127 does not prevent (1) navigation and  ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://trac.webkit.org/changeset/74853
-CVE-2011-1184
+CVE-2011-1184 (The HTTP Digest Access Authentication implementation in Apache Tomcat  ...)
 	{DSA-2401-1}
 	- tomcat6 6.0.32-7
 	- tomcat7 7.0.12
 	- tomcat5.5 <removed>
-CVE-2011-1183
+CVE-2011-1183 (Apache Tomcat 7.0.11, when web.xml has no login configuration, does no ...)
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
-CVE-2011-1182
+CVE-2011-1182 (kernel/signal.c in the Linux kernel before 2.6.39 allows local users t ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-2
 CVE-2011-1181 [missing error handling in linux netdev]
 	REJECTED
-CVE-2011-1180
+CVE-2011-1180 (Multiple stack-based buffer overflows in the iriap_getvaluebyclass_ind ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
-CVE-2011-1179
+CVE-2011-1179 (The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly othe ...)
 	- spice-xpi <removed>
 	[jessie] - spice-xpi <end-of-life> (Broken with newer Firefox versions)
-CVE-2011-1178
+CVE-2011-1178 (Multiple integer overflows in the load_image function in file-pcx.c in ...)
 	- gimp 2.6.10-1
 	NOTE: Likely fixed earlier, but only the squeeze version was checked
 CVE-2011-1177
 	RESERVED
-CVE-2011-1176
+CVE-2011-1176 (The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk  ...)
 	{DSA-2202-1}
 	- apache2 2.2.17-2 (bug #618857; medium)
 	[lenny] - apache2 <not-affected> (different source package in lenny: apache2-mpm-itk)
 	- apache2-mpm-itk <removed>
 	[lenny] - apache2-mpm-itk <not-affected> (bug was introduced later, in 2.2.11-01)
-CVE-2011-1175
+CVE-2011-1175 (tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before  ...)
 	{DSA-2225-1}
 	- asterisk 1:1.8.3.3-1
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2011-1174
+CVE-2011-1174 (manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24, 1.6.2.x bef ...)
 	{DSA-2225-1}
 	- asterisk 1:1.8.3.3-1
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2011-1173
+CVE-2011-1173 (The econet_sendmsg function in net/econet/af_econet.c in the Linux ker ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1172
+CVE-2011-1172 (net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linu ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1171
+CVE-2011-1171 (net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1170
+CVE-2011-1170 (net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linu ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1169
+CVE-2011-1169 (Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi ...)
 	- linux-2.6 2.6.38-2
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.35)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.35)
-CVE-2011-1168
+CVE-2011-1168 (Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError f ...)
 	- kde4libs 4:4.4.5-4 (low)
 	[squeeze] - kde4libs 4:4.4.5-2+squeeze2
 	[lenny] - kde4libs <no-dsa> (Minor issue)
-CVE-2011-1167
+CVE-2011-1167 (Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in ...)
 	{DSA-2210-1}
 	- tiff 3.9.4-9 (bug #619614)
 	- tiff3 <not-affected> (fixed before initial upload)
-CVE-2011-1166
+CVE-2011-1166 (Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a d ...)
 	{DSA-2337-1}
 	- xen 4.1.0-1
 	- xen-3 <removed>
-CVE-2011-1165
+CVE-2011-1165 (Vino, possibly before 3.2, does not properly document that it opens po ...)
 	- vino <unfixed> (unimportant)
 	NOTE: Mostly interface glitches
-CVE-2011-1164
+CVE-2011-1164 (Vino before 2.99.4 can connect external networks contrary to the state ...)
 	- vino <unfixed> (unimportant)
 	NOTE: Mostly interface glitches
-CVE-2011-1163
+CVE-2011-1163 (The osf_partition function in fs/partitions/osf.c in the Linux kernel  ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-1
-CVE-2011-1162
+CVE-2011-1162 (The tpm_read function in the Linux kernel 2.6 does not properly clear  ...)
 	- linux-2.6 3.0.0-5 (low)
 	[squeeze] - linux-2.6 2.6.32-40
 CVE-2011-1161
 	REJECTED
-CVE-2011-1160
+CVE-2011-1160 (The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel be ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1159
+CVE-2011-1159 (acpid.c in acpid before 2.0.9 does not properly handle a situation in  ...)
 	{DSA-2362-1}
 	- acpid 1:2.0.9-1
 	[lenny] - acpid <no-dsa> (Minor issue)
-CVE-2011-1158
+CVE-2011-1158 (Cross-site scripting (XSS) vulnerability in feedparser.py in Universal ...)
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
 	[lenny] - feedparser <no-dsa> (Minor issue)
@@ -11122,7 +11122,7 @@ CVE-2011-1158
 	[squeeze] - planet-venus <no-dsa> (Minor issue)
 	[lenny] - planet-venus <no-dsa> (Minor issue)
 	NOTE: http://web.archive.org/web/20120304003020/https://code.google.com/p/feedparser/issues/detail?id=255
-CVE-2011-1157
+CVE-2011-1157 (Cross-site scripting (XSS) vulnerability in feedparser.py in Universal ...)
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
 	[lenny] - feedparser <no-dsa> (Minor issue)
@@ -11131,7 +11131,7 @@ CVE-2011-1157
 	[squeeze] - planet-venus <no-dsa> (Minor issue)
 	[lenny] - planet-venus <no-dsa> (Minor issue)
 	NOTE: http://web.archive.org/web/20120211010803/https://code.google.com/p/feedparser/issues/detail?id=254
-CVE-2011-1156
+CVE-2011-1156 (feedparser.py in Universal Feed Parser (aka feedparser or python-feedp ...)
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
 	[lenny] - feedparser <no-dsa> (Minor issue)
@@ -11140,13 +11140,13 @@ CVE-2011-1156
 	[squeeze] - planet-venus <no-dsa> (Minor issue)
 	[lenny] - planet-venus <no-dsa> (Minor issue)
 	NOTE: http://web.archive.org/web/20130326201801/http://code.google.com/p/feedparser/issues/detail?id=91
-CVE-2011-1155
+CVE-2011-1155 (The writeState function in logrotate.c in logrotate 3.7.9 and earlier  ...)
 	- logrotate 3.8.0-1
 	[squeeze] - logrotate <no-dsa> (Minor issue)
-CVE-2011-1154
+CVE-2011-1154 (The shred_file function in logrotate.c in logrotate 3.7.9 and earlier  ...)
 	- logrotate 3.8.0-1
 	[squeeze] - logrotate <no-dsa> (Minor issue)
-CVE-2011-1153
+CVE-2011-1153 (Multiple format string vulnerabilities in phar_object.c in the phar ex ...)
 	{DSA-2266-1}
 	- php5 5.3.6-1 (unimportant)
 	NOTE: only exploitable by malicious scripts
@@ -11158,16 +11158,16 @@ CVE-2011-1151
 CVE-2011-1150
 	RESERVED
 	NOT-FOR-US: bbPress
-CVE-2011-1149
+CVE-2011-1149 (Android before 2.3 does not properly restrict access to the system pro ...)
 	NOT-FOR-US: Android
-CVE-2011-1148
+CVE-2011-1148 (Use-after-free vulnerability in the substr_replace function in PHP 5.3 ...)
 	{DSA-2408-1}
 	- php5 5.4.0-1 (unimportant)
 	NOTE: only exploitable by malicious scripts
-CVE-2011-1147
+CVE-2011-1147 (Multiple stack-based and heap-based buffer overflows in the (1) decode ...)
 	{DSA-2225-1}
 	- asterisk 1:1.8.3.3-1 (bug #614580)
-CVE-2011-1146
+CVE-2011-1146 (libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restri ...)
 	{DSA-2194-1}
 	- libvirt 0.8.8-3 (low; bug #617773)
 	[lenny] - libvirt <not-affected> (Vulnerable code not present)
@@ -11178,201 +11178,201 @@ CVE-2011-1145 [buffer overflow in unixODBC's SQLDriverConnect()]
 	[squeeze] - unixodbc <no-dsa> (Only exploitable through a malicious server)
 	[lenny] - unixodbc <no-dsa> (Only exploitable through a malicious server)
 	NOTE: http://seclists.org/oss-sec/2011/q1/446
-CVE-2011-1144
+CVE-2011-1144 (The installer in PEAR 1.9.2 and earlier allows local users to overwrit ...)
 	- php5 <not-affected> (incomplete fix never used in Debian packages)
-CVE-2011-1143
+CVE-2011-1143 (epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark ...)
 	- wireshark 1.4.4-1 (unimportant)
-CVE-2011-1142
+CVE-2011-1142 (Stack consumption vulnerability in the dissect_ber_choice function in  ...)
 	- wireshark 1.4.4-1 (unimportant)
-CVE-2011-1141
+CVE-2011-1141 (epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14 ...)
 	{DSA-2201-1}
 	- wireshark 1.4.4-1 (unimportant)
-CVE-2011-1140
+CVE-2011-1140 (Multiple stack consumption vulnerabilities in the dissect_ms_compresse ...)
 	{DSA-2201-1}
 	- wireshark 1.4.4-1 (unimportant)
-CVE-2011-1139
+CVE-2011-1139 (wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1 ...)
 	{DSA-2201-1}
 	- wireshark 1.4.4-1 (unimportant)
-CVE-2011-1138
+CVE-2011-1138 (Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpa ...)
 	- wireshark 1.4.4-1
 	[lenny] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
-CVE-2011-1131
+CVE-2011-1131 (The PlushSearch2 function in Search.php in Simple Machines Forum (SMF) ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2011-1130
+CVE-2011-1130 (Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, doe ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2011-1129
+CVE-2011-1129 (Cross-site scripting (XSS) vulnerability in the EditNews function in M ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2011-1128
+CVE-2011-1128 (The loadUserSettings function in Load.php in Simple Machines Forum (SM ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2011-1127
+CVE-2011-1127 (SSI.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2 ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2011-1126
+CVE-2011-1126 (VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstat ...)
 	NOT-FOR-US: VMware Workstation
-CVE-2011-1125
+CVE-2011-1125 (Google Chrome before 9.0.597.107 does not properly perform layout, whi ...)
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (vulnerable code introduced in commit 75823)
 	NOTE: http://trac.webkit.org/changeset/78775
-CVE-2011-1124
+CVE-2011-1124 (Use-after-free vulnerability in Google Chrome before 9.0.597.107 allow ...)
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (Chromium specific)
-CVE-2011-1123
+CVE-2011-1123 (Google Chrome before 9.0.597.107 does not properly restrict access to  ...)
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1122
+CVE-2011-1122 (The WebGL implementation in Google Chrome before 9.0.597.107 allows re ...)
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=53782
-CVE-2011-1121
+CVE-2011-1121 (Integer overflow in Google Chrome before 9.0.597.107 allows remote att ...)
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: needs port (s/logicalBottom/bottom)
 	NOTE: http://trac.webkit.org/changeset/77565
-CVE-2011-1120
+CVE-2011-1120 (The WebGL implementation in Google Chrome before 9.0.597.107 allows re ...)
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (webgl support not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/77956
-CVE-2011-1119
+CVE-2011-1119 (Google Chrome before 9.0.597.107 does not properly determine device or ...)
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (device orientation code/support not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/77418
-CVE-2011-1118
+CVE-2011-1118 (Google Chrome before 9.0.597.107 does not properly handle TEXTAREA ele ...)
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/77144
-CVE-2011-1117
+CVE-2011-1117 (Google Chrome before 9.0.597.107 does not properly handle XHTML docume ...)
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/77262
-CVE-2011-1116
+CVE-2011-1116 (Google Chrome before 9.0.597.107 does not properly handle SVG animatio ...)
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/77548
-CVE-2011-1115
+CVE-2011-1115 (Google Chrome before 9.0.597.107 does not properly render tables, whic ...)
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/76915
-CVE-2011-1114
+CVE-2011-1114 (Google Chrome before 9.0.597.107 does not properly handle tables, whic ...)
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (vulnerable code introduced after 1.2, and the fix restores this code to its 1.2 state)
 	NOTE: http://trac.webkit.org/changeset/77141
-CVE-2011-1113
+CVE-2011-1113 (Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not pr ...)
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (chromium specific)
-CVE-2011-1112
+CVE-2011-1112 (Google Chrome before 9.0.597.107 does not properly perform SVG renderi ...)
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (Chromium specific)
-CVE-2011-1111
+CVE-2011-1111 (Google Chrome before 9.0.597.107 does not properly implement forms con ...)
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	NOTE: needs port (s/FormAssociatedElement/HTMLFormElement)
 	NOTE: http://trac.webkit.org/changeset/77114
-CVE-2011-1110
+CVE-2011-1110 (Google Chrome before 9.0.597.107 does not properly implement key frame ...)
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (vulnerable code not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/76828
-CVE-2011-1109
+CVE-2011-1109 (Google Chrome before 9.0.597.107 does not properly process nodes in Ca ...)
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/76728
-CVE-2011-1108
+CVE-2011-1108 (Google Chrome before 9.0.597.107 does not properly implement JavaScrip ...)
 	{DSA-2189-1}
 	- chromium-browser 9.0.597.107~r75357-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (Chromium specific)
-CVE-2011-1107
+CVE-2011-1107 (Unspecified vulnerability in Google Chrome before 9.0.597.107 allows r ...)
 	- chromium-browser 9.0.597.107~r75357-1
 	[squeeze] - chromium-browser <end-of-life>
 	- webkit <not-affected> (history controller code not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/76205
-CVE-2011-1106
+CVE-2011-1106 (Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server ...)
 	NOT-FOR-US: IBM Lotus Sametime
-CVE-2011-1105
+CVE-2011-1105 (Multiple cross-site scripting (XSS) vulnerabilities in Mutare EVM allo ...)
 	NOT-FOR-US: Mutare EVM
-CVE-2011-1104
+CVE-2011-1104 (Multiple cross-site request forgery (CSRF) vulnerabilities in Mutare E ...)
 	NOT-FOR-US: Mutare EVM
-CVE-2011-1103
+CVE-2011-1103 (The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before ho ...)
 	NOT-FOR-US: F-Secure Policy Manager
-CVE-2011-1102
+CVE-2011-1102 (Cross-site scripting (XSS) vulnerability in the WebReporting module in ...)
 	NOT-FOR-US: F-Secure Policy Manager
-CVE-2011-1101
+CVE-2011-1101 (Multiple unspecified vulnerabilities in a third-party component of the ...)
 	NOT-FOR-US: Citrix License Management Console
-CVE-2011-1100
+CVE-2011-1100 (Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost ...)
 	- pixelpost <removed>
-CVE-2011-1099
+CVE-2011-1099 (Multiple directory traversal vulnerabilities in FocalMedia.Net Quick P ...)
 	NOT-FOR-US: FocalMedia.Net Quick Polls
-CVE-2011-1098
+CVE-2011-1098 (Race condition in the createOutputFile function in logrotate.c in logr ...)
 	- logrotate 3.8.0-1 (low)
 	[squeeze] - logrotate <no-dsa> (Minor issue)
-CVE-2011-1097
+CVE-2011-1097 (rsync 3.x before 3.0.8, when certain recursion, deletion, and ownershi ...)
 	- rsync 3.0.8 (low; bug #621866)
 	[squeeze] - rsync <no-dsa> (Minor issue)
-CVE-2011-1096
+CVE-2011-1096 (The W3C XML Encryption Standard, as used in the JBoss Web Services (JB ...)
 	NOT-FOR-US: alleged flaw in W3C XML Encryption standard. Nothing specific to fix
-CVE-2011-1095
+CVE-2011-1095 (locale/programs/locale.c in locale in the GNU C Library (aka glibc or  ...)
 	- glibc 2.13-16
 	[lenny] - glibc <no-dsa> (Minor issue)
 	- eglibc 2.13-16
 	[squeeze] - eglibc 2.11.3-2
 	NOTE: http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904
 	NOTE: http://bugs.gentoo.org/show_bug.cgi?id=330923
-CVE-2011-1094
+CVE-2011-1094 (kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not  ...)
 	- kde4libs 4:4.4.5-4 (low)
 	[squeeze] - kde4libs 4:4.4.5-2+squeeze2
 	[lenny] - kde4libs <no-dsa> (Minor issue)
 	- kdelibs <not-affected> (vulnerable code not present)
 	NOTE: http://seclists.org/oss-sec/2011/q1/434
-CVE-2011-1093
+CVE-2011-1093 (The dccp_rcv_state_process function in net/dccp/input.c in the Datagra ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.38-1 (low)
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-1092
+CVE-2011-1092 (Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows conte ...)
 	{DSA-2408-1}
 	- php5 5.4.0-1 (unimportant)
 	NOTE: only exploitable by malicious scripts
 	NOTE: http://seclists.org/oss-sec/2011/q1/430
-CVE-2011-1091
+CVE-2011-1091 (libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 t ...)
 	- pidgin 2.7.11-1 (low)
 	[lenny] - pidgin <no-dsa> (Minor issue)
 	[squeeze] - pidgin <no-dsa> (Minor issue)
-CVE-2011-1090
+CVE-2011-1090 (The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux ker ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-1 (low)
-CVE-2011-1089
+CVE-2011-1089 (The addmntent function in the GNU C Library (aka glibc or libc6) 2.13  ...)
 	- glibc 2.13-8
 	- eglibc 2.13-8
 	[squeeze] - eglibc 2.11.3-1
 	NOTE: http://seclists.org/oss-sec/2011/q1/368
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=e1fb097f447a89aa69a926e45e673a52d86a6c57
-CVE-2011-1088
+CVE-2011-1088 (Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annota ...)
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
-CVE-2011-1087
+CVE-2011-1087 (Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assiste ...)
 	- vlc 1.1.10-1 (low; bug #616156)
 	[squeeze] - vlc <no-dsa> (Minor issue)
 	[lenny] - vlc <no-dsa> (Minor issue)
@@ -11387,39 +11387,39 @@ CVE-2011-1085
 CVE-2011-1084
 	RESERVED
 	NOT-FOR-US: smoothwall
-CVE-2011-1083
+CVE-2011-1083 (The epoll implementation in the Linux kernel 2.6.37.2 and earlier does ...)
 	- linux-2.6 3.2.9-1 (low)
 	[squeeze] - linux-2.6 2.6.32-47
-CVE-2011-1082
+CVE-2011-1082 (fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file des ...)
 	- linux-2.6 2.6.38-1 (low)
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-1081
+CVE-2011-1081 (modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attack ...)
 	- openldap 2.4.25-1 (low; bug #617606)
 	[lenny] - openldap 2.4.11-1+lenny2.1
 	[squeeze] - openldap 2.4.23-7.1
-CVE-2011-1080
+CVE-2011-1080 (The do_replace function in net/bridge/netfilter/ebtables.c in the Linu ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1079
+CVE-2011-1079 (The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1078
+CVE-2011-1078 (The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Lin ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1077
+CVE-2011-1077 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva  ...)
 	NOT-FOR-US: Apache Archiva
-CVE-2011-1076
+CVE-2011-1076 (net/dns_resolver/dns_key.c in the Linux kernel before 2.6.38 allows re ...)
 	- linux-2.6 2.6.38-1
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[wheezy] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 CVE-2011-1075
 	RESERVED
-CVE-2011-1074
+CVE-2011-1074 (crontab.c in crontab in FreeBSD allows local users to determine the ex ...)
 	- cron <not-affected> (Debian's cron not affected)
-CVE-2011-1073
+CVE-2011-1073 (crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users  ...)
 	- cron <not-affected> (Debian's cron not affected)
-CVE-2011-1071
+CVE-2011-1071 (The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIB ...)
 	- glibc 2.11.2-12
 	- eglibc 2.11.2-12 (bug #615120)
 	[squeeze] - eglibc 2.11.3-2
@@ -11431,66 +11431,66 @@ CVE-2011-1070
 CVE-2011-1069
 	RESERVED
 	NOT-FOR-US: PHPShop
-CVE-2011-1068
+CVE-2011-1068 (Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before 1. ...)
 	NOT-FOR-US: Microsoft Windows Azure SDK
-CVE-2011-1067
+CVE-2011-1067 (slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not  ...)
 	NOT-FOR-US: s389 LDAP server
-CVE-2011-1066
+CVE-2011-1066 (Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2 ...)
 	NOT-FOR-US: Messaging module for Drupal
-CVE-2011-1065
+CVE-2011-1065 (Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX con ...)
 	NOT-FOR-US: PIPI Player
-CVE-2011-1064
+CVE-2011-1064 (SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 ...)
 	NOT-FOR-US: Qi Bo CMS
-CVE-2011-1063
+CVE-2011-1063 (Multiple cross-site scripting (XSS) vulnerabilities in Cherry-Design P ...)
 	NOT-FOR-US: Cherry-Design Photopad
-CVE-2011-1062
+CVE-2011-1062 (Multiple cross-site scripting (XSS) vulnerabilities in include/html/he ...)
 	NOT-FOR-US: TaskFreak!
-CVE-2011-1061
+CVE-2011-1061 (SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows ...)
 	NOT-FOR-US: WSN Guest
-CVE-2011-1060
+CVE-2011-1060 (SQL injection vulnerability in the member function in classes/member.p ...)
 	NOT-FOR-US: WSN Guest
-CVE-2011-1059
+CVE-2011-1059 (Use-after-free vulnerability in WebCore in WebKit before r77705, as us ...)
 	- webkit <not-affected> (history controller code not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/77705
-CVE-2011-1058
+CVE-2011-1058 (Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) ...)
 	{DSA-2321-1}
 	- moin 1.9.3-3
 CVE-2011-1057
 	REJECTED
-CVE-2011-1056
+CVE-2011-1056 (The installer for Metasploit Framework 3.5.1, when running on Windows, ...)
 	NOT-FOR-US: Metasploit Framework
-CVE-2011-1055
+CVE-2011-1055 (SQL injection vulnerability in api/ice_media.cfc in Lingxia I.C.E CMS  ...)
 	NOT-FOR-US: Lingxia I.C.E CMS
-CVE-2011-1054
+CVE-2011-1054 (Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA ...)
 	NOT-FOR-US: IDA Pro
-CVE-2011-1053
+CVE-2011-1053 (Unspecified vulnerability in the Mach-O input file loader in Hex-Rays  ...)
 	NOT-FOR-US: IDA Pro
-CVE-2011-1052
+CVE-2011-1052 (Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pr ...)
 	NOT-FOR-US: IDA Pro
-CVE-2011-1051
+CVE-2011-1051 (Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in Hex-Ra ...)
 	NOT-FOR-US: IDA Pro
-CVE-2011-1050
+CVE-2011-1050 (Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown  ...)
 	NOT-FOR-US: IDA Pro
-CVE-2011-1049
+CVE-2011-1049 (Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro 5. ...)
 	NOT-FOR-US: IDA Pro
-CVE-2011-1048
+CVE-2011-1048 (SQL injection vulnerability in product.php in MihanTools 1.33 allows r ...)
 	NOT-FOR-US: MihanTools
-CVE-2011-1047
+CVE-2011-1047 (Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka F ...)
 	NOT-FOR-US: VastHTML Forum Server
-CVE-2011-1046
+CVE-2011-1046 (IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used  ...)
 	NOT-FOR-US: FileNet P8 Content Engine
-CVE-2011-1045
+CVE-2011-1045 (Unspecified vulnerability in the Rendition Engine (aka P8RE) 4.0.1 thr ...)
 	NOT-FOR-US: Rendition Engine
 CVE-2011-XXXX [pam_pgsql overflow]
 	- pam-pgsql 0.7.1-5 (bug #603436)
 	[lenny] - pam-pgsql 0.6.3-2+lenny1
 	[squeeze] - pam-pgsql 0.7.1-4+squeeze1
-CVE-2011-1044
+CVE-2011-1044 (The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c ...)
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 2.6.26-26lenny2
 CVE-2011-1043
 	RESERVED
-CVE-2011-1042
+CVE-2011-1042 (Use-after-free vulnerability in flimflamd in flimflam in Google Chrome ...)
 	NOT-FOR-US: flimflam in Google Chrome OS
 CVE-2011-1041
 	RESERVED
@@ -11498,27 +11498,27 @@ CVE-2011-1040
 	RESERVED
 CVE-2011-1039
 	RESERVED
-CVE-2011-1038
+CVE-2011-1038 (Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in t ...)
 	NOT-FOR-US: Lotus Sametime
 CVE-2011-1037
 	RESERVED
-CVE-2011-1036
+CVE-2011-1036 (The XML Security Database Parser class in the XMLSecDB ActiveX control ...)
 	NOT-FOR-US: CA Internet Security Suite
-CVE-2011-1035
+CVE-2011-1035 (The password reset in PivotX before 2.2.4 allows remote attackers to m ...)
 	NOT-FOR-US: PivotX
-CVE-2011-1034
+CVE-2011-1034 (Cross-site scripting (XSS) vulnerability in the UI in IBM Rational Bui ...)
 	NOT-FOR-US: IBM Rational Build Forge
-CVE-2011-1033
+CVE-2011-1033 (Stack-based buffer overflow in oninit in IBM Informix Dynamic Server ( ...)
 	NOT-FOR-US: IBM
-CVE-2011-1032
+CVE-2011-1032 (IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0 ...)
 	NOT-FOR-US: IBM
-CVE-2011-1031
+CVE-2011-1031 (The feh_unique_filename function in utils.c in feh 1.11.2 and earlier  ...)
 	- feh 1.12-1 (low)
 	[lenny] - feh <no-dsa> (Minor issue)
 	[squeeze] - feh <no-dsa> (Minor issue)
-CVE-2011-1030
+CVE-2011-1030 (Cross-site scripting (XSS) vulnerability in the Wikis component in IBM ...)
 	NOT-FOR-US: IBM
-CVE-2011-1029
+CVE-2011-1029 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert  ...)
 	NOT-FOR-US: IBM
 CVE-2011-1028
 	RESERVED
@@ -11526,49 +11526,49 @@ CVE-2011-1028
 	- smarty <removed>
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-1027
+CVE-2011-1027 (Off-by-one error in the convert_query_hexchar function in html.c in cg ...)
 	NOT-FOR-US: cgit
-CVE-2011-1026
+CVE-2011-1026 (Multiple cross-site request forgery (CSRF) vulnerabilities in Apache A ...)
 	NOT-FOR-US: Apache Archiva
-CVE-2011-1025
+CVE-2011-1025 (bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require  ...)
 	- openldap 2.4.25-1 (unimportant; bug #617606)
 	[squeeze] - openldap 2.4.23-7.1
 	NOTE: NBD backend disabled in Debian builds
-CVE-2011-1024
+CVE-2011-1024 (chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-sl ...)
 	- openldap 2.4.25-1 (low; bug #617606)
 	[lenny] - openldap 2.4.11-1+lenny2.1
 	[squeeze] - openldap 2.4.23-7.1
-CVE-2011-1023
+CVE-2011-1023 (The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel befo ...)
 	- linux-2.6 2.6.38-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.35)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.35)
-CVE-2011-1022
+CVE-2011-1022 (The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrul ...)
 	{DSA-2193-1}
 	- libcgroup 0.37.1-1 (bug #615987)
-CVE-2011-1021
+CVE-2011-1021 (drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local use ...)
 	- linux-2.6 2.6.37-1
 	[wheezy] - linux-2.6 <not-affected> (Introduced in 2.6.33)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.33)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.33)
-CVE-2011-1020
+CVE-2011-1020 (The proc filesystem implementation in the Linux kernel 2.6.37 and earl ...)
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.39-1
-CVE-2011-1019
+CVE-2011-1019 (The dev_load function in net/core/dev.c in the Linux kernel before 2.6 ...)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.32)
 	- linux-2.6 2.6.38-1 (unimportant)
 	NOTE: We won't fix this for Squeeze. This only applies to non-standard setups with fine
 	NOTE: grained security capability models, and an attacker can only load modules from
 	NOTE: /lib/modules, which is only writable with root privs
-CVE-2011-1018
+CVE-2011-1018 (logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbit ...)
 	{DSA-2182-1}
 	- logwatch 7.3.6.cvs20090906-2 (bug #615995)
-CVE-2011-1017
+CVE-2011-1017 (Heap-based buffer overflow in the ldm_frag_add function in fs/partitio ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
-CVE-2011-1016
+CVE-2011-1016 (The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not pr ...)
 	{DSA-2240-1}
 	- linux-2.6 2.6.38-1
-CVE-2011-1015
+CVE-2011-1015 (The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in P ...)
 	{DLA-25-1}
 	- python2.6 2.6.8-1 (low; bug #614860)
 	[wheezy] - python2.6 <no-dsa> (Minor issue, fix modifies behaviour, too intrusive to backport)
@@ -11581,18 +11581,18 @@ CVE-2011-1015
 	NOTE: http://bugs.python.org/issue2254
 CVE-2011-1014
 	REJECTED
-CVE-2011-1013
+CVE-2011-1013 (Integer signedness error in the drm_modeset_ctl function in (1) driver ...)
 	- linux-2.6 2.6.38-1
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-1012
+CVE-2011-1012 (The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux kernel ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.38-1
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-1011
+CVE-2011-1011 (The seunshare_mount function in sandbox/seunshare.c in seunshare in ce ...)
 	NOT-FOR-US: seunshare
-CVE-2011-1010
+CVE-2011-1010 (Buffer overflow in the mac_partition function in fs/partitions/mac.c i ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.37-2
 	[wheezy] - linux-2.6 2.6.32-31
@@ -11600,24 +11600,24 @@ CVE-2011-1010
 CVE-2011-1009
 	RESERVED
 	NOT-FOR-US: Vanilla Forums
-CVE-2011-1008
+CVE-2011-1008 (Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not ...)
 	- request-tracker3.8 3.8.10-1 (bug #614576)
 	[squeeze] - request-tracker3.8 3.8.8-7+squeeze1
 	[lenny] - request-tracker3.6 3.6.7-5+lenny6
-CVE-2011-1007
+CVE-2011-1007 (Best Practical Solutions RT before 3.8.9 does not perform certain redi ...)
 	- request-tracker3.6 <removed> (unimportant)
 	- request-tracker3.8 3.8.10-1 (unimportant)
 	NOTE: A physically proximate attacker can do far more damage anyway
-CVE-2011-1006
+CVE-2011-1006 (Heap-based buffer overflow in the parse_cgroup_spec function in tools/ ...)
 	{DSA-2193-1}
 	- libcgroup 0.37.1-1
-CVE-2011-1005
+CVE-2011-1005 (The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through  ...)
 	- ruby1.8 1.8.7.334-1 (bug #615517)
 	[lenny] - ruby1.8 <no-dsa> (Minor issue)
 	[squeeze] - ruby1.8 <no-dsa> (Minor issue)
 	- ruby1.9 <not-affected>
 	- ruby1.9.1 <not-affected>
-CVE-2011-1004
+CVE-2011-1004 (The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-4 ...)
 	- ruby1.8 1.8.7.334-1 (bug #615518)
 	[lenny] - ruby1.8 <no-dsa> (Minor issue)
 	[squeeze] - ruby1.8 <no-dsa> (Minor issue)
@@ -11625,27 +11625,27 @@ CVE-2011-1004
 	[lenny] - ruby1.9 <no-dsa> (Minor issue)
 	- ruby1.9.1 1.9.2.180-1 (bug #615519)
 	[squeeze] - ruby1.9.1 <no-dsa> (Minor issue, patch would change behaviour and might break things)
-CVE-2011-1003
+CVE-2011-1003 (Double free vulnerability in the vba_read_project_strings function in  ...)
 	- clamav 0.97+dfsg-1 (low)
 	[squeeze] - clamav 0.97+dfsg-2~squeeze1 (bug #617444)
 	[lenny] - clamav <end-of-life>
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=2486
 	NOTE: http://web.archive.org/web/20110304224953/http://git.clamav.net:80/gitweb?p=clamav-devel.git;a=commit;h=d21fb8d975f8c9688894a8cef4d50d977022e09f
-CVE-2011-1002
+CVE-2011-1002 (avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remo ...)
 	{DSA-2174-1}
 	- avahi 0.6.28-4 (bug #614785)
 	NOTE: duped with CVE-2011-0634
-CVE-2011-1001
+CVE-2011-1001 (dexdump in Android SDK before 2.3 does not properly perform structural ...)
 	NOT-FOR-US: Android SDK
-CVE-2011-1000
+CVE-2011-1000 (jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before 0 ...)
 	{DSA-2169-1}
 	- telepathy-gabble 0.9.15-2
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=34048
-CVE-2011-0999
+CVE-2011-0999 (mm/huge_memory.c in the Linux kernel before 2.6.38-rc5 does not preven ...)
 	- linux-2.6 <not-affected> (Introduced in 2.6.38-rc1, fixed in 2.6.38-rc5)
 CVE-2011-0998
 	RESERVED
-CVE-2011-0997
+CVE-2011-0997 (dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV befo ...)
 	{DSA-2217-1 DSA-2216-1}
 	- isc-dhcp 4.1.1-P1-16.1 (bug #621099)
 	- dhcp3 <removed>
@@ -11654,26 +11654,26 @@ CVE-2011-XXXX [isc-dhcp: omapi dos]
 	- dhcp3 <not-affected> (only affects 4.2.0)
 	NOTE: http://thread.gmane.org/gmane.comp.security.oss.general/4820
 	NOTE: inrodroduced in 4.2.0 and fixed in 4.2.1
-CVE-2011-0996
+CVE-2011-0996 (dhcpcd before 5.2.12 allows remote attackers to execute arbitrary comm ...)
 	- dhcpcd <not-affected> (old shell quoting code is not vulnerable)
 	NOTE: Debian's dhcpcd.sh is not vulnerable.
-CVE-2011-0995
+CVE-2011-0995 (The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 ...)
 	- ruby-sqlite3 <not-affected> (SuSE-specific packaging flaw)
-CVE-2011-0994
+CVE-2011-0994 (Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (N ...)
 	NOT-FOR-US: Novell File Reporter
-CVE-2011-0993
+CVE-2011-0993 (SUSE Lifecycle Management Server before 1.1 uses world readable postgr ...)
 	NOT-FOR-US: SUSE Lifecycle Management Server
-CVE-2011-0992
+CVE-2011-0992 (Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1  ...)
 	- mono <not-affected> (Moonlight no longer present in Debian)
-CVE-2011-0991
+CVE-2011-0991 (Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1  ...)
 	- mono <not-affected> (Moonlight no longer present in Debian)
-CVE-2011-0990
+CVE-2011-0990 (Race condition in the FastCopy optimization in the Array.Copy method i ...)
 	- mono <not-affected> (Moonlight no longer present in Debian)
-CVE-2011-0989
+CVE-2011-0989 (The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, ...)
 	- mono <not-affected> (Moonlight no longer present in Debian)
-CVE-2011-0988
+CVE-2011-0988 (pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and S ...)
 	- pure-ftpd <not-affected> (SUSE-specific)
-CVE-2011-1132
+CVE-2011-1132 (The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8  ...)
 	NOT-FOR-US: Apple IPv6 implementation
 CVE-2011-XXXX [kfreebsd dos]
 	- kfreebsd-8 8.2-1 (low; bug #613312; bug #611476)
@@ -11705,7 +11705,7 @@ CVE-2011-1135 [xinha multiple vulns]
 	- openacs <not-affected> (PHP bindings not used)
 	- dotlrn <not-affected> (PHP bindings not used)
 	NOTE: http://secunia.com/advisories/40669/
-CVE-2011-1137
+CVE-2011-1137 (Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d a ...)
 	{DSA-2185-1}
 	- proftpd-dfsg 1.3.3d-4 (bug #616179)
 	[lenny] - proftpd-dfsg <not-affected> (Vulnerable code not present)
@@ -11718,51 +11718,51 @@ CVE-2011-XXXX [incorrect handling of {$smarty.template} and {$smarty.current_dir
 	NOTE: http://code.google.com/p/smarty-php/source/detail?r=3989
 	NOTE: https://github.com/smarty-php/smarty/commit/0154f17de2b2dd16ff9c016923015ac19af9c0cb(3.0.7)
 	NOTE: non-issue in practice, if you can place arbitrary template files you have worse problems
-CVE-2011-0987
+CVE-2011-0987 (The PMA_Bookmark_get function in libraries/bookmark.lib.php in phpMyAd ...)
 	{DSA-2167-1}
 	- phpmyadmin 4:3.3.9.2-1
-CVE-2011-0986
+CVE-2011-0986 (phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not ...)
 	- phpmyadmin 4:3.3.9.2-1 (unimportant)
 	NOTE: Path disclosure; paths in Debian are public info already
-CVE-2011-0985
+CVE-2011-0985 (Google Chrome before 9.0.597.94 does not properly perform process term ...)
 	{DSA-2166-1}
 	- chromium-browser 9.0.597.98~r74359-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (Chromium specific)
-CVE-2011-0984
+CVE-2011-0984 (Google Chrome before 9.0.597.94 does not properly handle plug-ins, whi ...)
 	{DSA-2166-1}
 	- chromium-browser 9.0.597.98~r74359-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (doesn't include v8 code)
 	NOTE: http://trac.webkit.org/changeset/76264
 	NOTE: ^ this has to be the wrong commit, its a v8 fix, but that doesn't match the description at all
-CVE-2011-0983
+CVE-2011-0983 (Google Chrome before 9.0.597.94 does not properly handle anonymous blo ...)
 	{DSA-2166-1}
 	- chromium-browser 9.0.597.98~r74359-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (vulnerable code not yet present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/75810
-CVE-2011-0982
+CVE-2011-0982 (Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows ...)
 	- chromium-browser 9.0.597.98~r74359-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/76990
-CVE-2011-0981
+CVE-2011-0981 (Google Chrome before 9.0.597.94 does not properly perform event handli ...)
 	{DSA-2166-1}
 	- chromium-browser 9.0.597.98~r74359-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/76708
-CVE-2011-0980
+CVE-2011-0980 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, a ...)
 	NOT-FOR-US: Microsoft Office Excel 2003
-CVE-2011-0979
+CVE-2011-0979 (Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2 ...)
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2011-0978
+CVE-2011-0978 (Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and ...)
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2011-0977
+CVE-2011-0977 (Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 S ...)
 	NOT-FOR-US: Microsoft Office Excel
-CVE-2011-0976
+CVE-2011-0976 (Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2011-0975
+CVE-2011-0975 (Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in  ...)
 	NOT-FOR-US: BMC PATROL
 CVE-2011-0974
 	RESERVED
@@ -11780,21 +11780,21 @@ CVE-2011-0968
 	RESERVED
 CVE-2011-0967
 	RESERVED
-CVE-2011-0966
+CVE-2011-0966 (Directory traversal vulnerability in cwhp/auditLog.do in the Homepage  ...)
 	NOT-FOR-US: Cisco CiscoWorks Common Services
 CVE-2011-0965
 	RESERVED
 CVE-2011-0964
 	RESERVED
-CVE-2011-0963
+CVE-2011-0963 (The default configuration of the RADIUS authentication feature on the  ...)
 	NOT-FOR-US: Cisco Network Access Control (NAC) Guest Server
-CVE-2011-0962
+CVE-2011-0962 (Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.n ...)
 	NOT-FOR-US: Cisco Unified Operations Manager
-CVE-2011-0961
+CVE-2011-0961 (Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in t ...)
 	NOT-FOR-US: Cisco CiscoWorks Common Services
-CVE-2011-0960
+CVE-2011-0960 (Multiple SQL injection vulnerabilities in Cisco Unified Operations Man ...)
 	NOT-FOR-US: Cisco Unified Operations Manager
-CVE-2011-0959
+CVE-2011-0959 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified O ...)
 	NOT-FOR-US: Cisco Unified Operations Manager
 CVE-2011-0958
 	RESERVED
@@ -11810,31 +11810,31 @@ CVE-2011-0953
 	RESERVED
 CVE-2011-0952
 	RESERVED
-CVE-2011-0951
+CVE-2011-0951 (The web-based management interface in Cisco Secure Access Control Syst ...)
 	NOT-FOR-US: Cisco ACS
 CVE-2011-0950
 	RESERVED
-CVE-2011-0949
+CVE-2011-0949 (Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does no ...)
 	NOT-FOR-US: Cisco
 CVE-2011-0948
 	RESERVED
 CVE-2011-0947
 	RESERVED
-CVE-2011-0946
+CVE-2011-0946 (The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-0945
+CVE-2011-0945 (Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-0944
+CVE-2011-0944 (Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-0943
+CVE-2011-0943 (Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause  ...)
 	NOT-FOR-US: Cisco
 CVE-2011-0942
 	RESERVED
-CVE-2011-0941
+CVE-2011-0941 (Memory leak in Cisco Unified Communications Manager (CUCM) 6.x before  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-0940
 	RESERVED
-CVE-2011-0939
+CVE-2011-0939 (Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS X ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2011-0938
 	RESERVED
@@ -11842,7 +11842,7 @@ CVE-2011-0937
 	RESERVED
 CVE-2011-0936
 	RESERVED
-CVE-2011-0935
+CVE-2011-0935 (The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent perm ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2011-0934
 	RESERVED
@@ -11860,375 +11860,375 @@ CVE-2011-0928
 	RESERVED
 CVE-2011-0927
 	RESERVED
-CVE-2011-0926
+CVE-2011-0926 (A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Deskt ...)
 	NOT-FOR-US: Cisco Secure Desktop
-CVE-2011-0925
+CVE-2011-0925 (The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisc ...)
 	NOT-FOR-US: Cisco Secure Desktop
-CVE-2011-0924
+CVE-2011-0924 (The client in HP Data Protector does not verify the contents of files  ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-0923
+CVE-2011-0923 (The client in HP Data Protector does not properly validate EXEC_CMD ar ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-0922
+CVE-2011-0922 (The client in HP Data Protector allows remote attackers to execute arb ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-0921
+CVE-2011-0921 (crs.exe in the Cell Manager Service in the client in HP Data Protector ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2011-0920
+CVE-2011-0920 (The Remote Console in IBM Lotus Domino, when a certain unsupported con ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0919
+CVE-2011-0919 (Multiple stack-based buffer overflows in the (1) POP3 and (2) IMAP ser ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0918
+CVE-2011-0918 (Stack-based buffer overflow in the NRouter (aka Router) service in IBM ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0917
+CVE-2011-0917 (Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attacke ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0916
+CVE-2011-0916 (Stack-based buffer overflow in the SMTP service in IBM Lotus Domino al ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0915
+CVE-2011-0915 (Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before  ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0914
+CVE-2011-0914 (Integer signedness error in ndiiop.exe in the DIIOP implementation in  ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0913
+CVE-2011-0913 (Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation  ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2011-0912
+CVE-2011-0912 (Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2011-0911
+CVE-2011-0911 (Cross-site scripting (XSS) vulnerability in the Users module in Zikula ...)
 	NOT-FOR-US: zikula
-CVE-2011-0910
+CVE-2011-0910 (The cookie implementation in Vanilla Forums before 2.0.17.6 makes it e ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2011-0909
+CVE-2011-0909 (Cross-site scripting (XSS) vulnerability in Vanilla Forums before 2.0. ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2011-0908
+CVE-2011-0908 (Open redirect vulnerability in Vanilla Forums before 2.0.17.6 allows r ...)
 	NOT-FOR-US: Vanilla Forums
 CVE-2011-0907
 	RESERVED
 CVE-2011-0906
 	RESERVED
-CVE-2011-0905
+CVE-2011-0905 (The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver ...)
 	{DSA-2238-1}
 	- vino 2.28.2-3
 	- libvncserver <not-affected> (Performs sufficient range validation, but was initially reported as affected)
 	- kdenetwork 4:4.0
 	NOTE: Only affects the krfb from KDE 3.5
-CVE-2011-0904
+CVE-2011-0904 (The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver ...)
 	{DSA-2238-1}
 	- vino 2.28.2-3
 	- libvncserver <not-affected> (Performs sufficient range validation, but was initially reported as affected)
 	- kdenetwork 4:4.0
 	NOTE: Only affects the krfb from KDE 3.5
-CVE-2011-0903
+CVE-2011-0903 (Multiple directory traversal vulnerabilities in AR Web Content Manager ...)
 	NOT-FOR-US: AR Web Content Manager
-CVE-2011-0902
+CVE-2011-0902 (Multiple untrusted search path vulnerabilities in the Java Service in  ...)
 	NOT-FOR-US: SunOS
-CVE-2011-0901
+CVE-2011-0901 (Multiple stack-based buffer overflows in the tsc_launch_remote functio ...)
 	- tsclient <removed> (low; bug #613204)
 	[lenny] - tsclient <no-dsa> (Minor issue)
 	[squeeze] - tsclient <no-dsa> (Minor issue)
-CVE-2011-0900
+CVE-2011-0900 (Stack-based buffer overflow in the tsc_launch_remote function (src/sup ...)
 	- tsclient <removed> (low; bug #613204)
 	[lenny] - tsclient <no-dsa> (Minor issue)
 	[squeeze] - tsclient <no-dsa> (Minor issue)
-CVE-2011-0899
+CVE-2011-0899 (The AES encryption module 7.x-1.4 for Drupal leaves certain debugging  ...)
 	NOT-FOR-US: AES module for Drupal
-CVE-2011-0898
+CVE-2011-0898 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i  ...)
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-0897
+CVE-2011-0897 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00 all ...)
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-0896
+CVE-2011-0896 (Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on  ...)
 	NOT-FOR-US: HP-UX
-CVE-2011-0895
+CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and ...)
 	NOT-FOR-US: HP Network Node Manager
-CVE-2011-0894
+CVE-2011-0894 (Unspecified vulnerability in HP Operations 9.10 on UNIX platforms allo ...)
 	NOT-FOR-US: HP Operations
-CVE-2011-0893
+CVE-2011-0893 (Cross-site scripting (XSS) vulnerability in HP Operations 9.10 on UNIX ...)
 	NOT-FOR-US: HP Operations
-CVE-2011-0892
+CVE-2011-0892 (Cross-site scripting (XSS) vulnerability in HP Diagnostics 7.5x and 8. ...)
 	NOT-FOR-US: HP Diagnostics
-CVE-2011-0891
+CVE-2011-0891 (Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX ...)
 	NOT-FOR-US: HP HP-UX
-CVE-2011-0890
+CVE-2011-0890 (HP Discovery &amp; Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.6 ...)
 	NOT-FOR-US: HP Discovery & Dependency Mapping Inventory
-CVE-2011-0889
+CVE-2011-0889 (Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA ...)
 	NOT-FOR-US: HP Client Automation Enterprise
 CVE-2011-0888
 	RESERVED
-CVE-2011-0887
+CVE-2011-0887 (The web management portal on the SMC SMCD3G-CCR (aka Comcast Business  ...)
 	NOT-FOR-US: SMC SMCD3G-CCR
-CVE-2011-0886
+CVE-2011-0886 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web  ...)
 	NOT-FOR-US: SMC SMCD3G-CCR
-CVE-2011-0885
+CVE-2011-0885 (A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR ...)
 	NOT-FOR-US: SMC SMCD3G-CCR
-CVE-2011-0884
+CVE-2011-0884 (Unspecified vulnerability in the Oracle BPEL Process Manager component ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0883
+CVE-2011-0883 (Unspecified vulnerability in the Oracle Containers for J2EE component  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0882
+CVE-2011-0882 (Unspecified vulnerability in the Content Management component in Oracl ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0881
+CVE-2011-0881 (Unspecified vulnerability in the EMCTL component in Oracle Database Se ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0880
+CVE-2011-0880 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0879
+CVE-2011-0879 (Unspecified vulnerability in the Instance Management component in Orac ...)
 	NOT-FOR-US: Oracle Database Server
 CVE-2011-0878
 	REJECTED
-CVE-2011-0877
+CVE-2011-0877 (Unspecified vulnerability in the Instance Management component in Orac ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0876
+CVE-2011-0876 (Unspecified vulnerability in the Enterprise Manager Console component  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0875
+CVE-2011-0875 (Unspecified vulnerability in the EMCTL component in Oracle Database Se ...)
 	NOT-FOR-US: Oracle Database Server
 CVE-2011-0874
 	REJECTED
-CVE-2011-0873
+CVE-2011-0873 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0872
+CVE-2011-0872 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	NOT-FOR-US: OpenJDK on Microsoft Windows
-CVE-2011-0871
+CVE-2011-0871 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0870
+CVE-2011-0870 (Unspecified vulnerability in the Schema Management component in Oracle ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0869
+CVE-2011-0869 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0868
+CVE-2011-0868 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0867
+CVE-2011-0867 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0866
+CVE-2011-0866 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	NOT-FOR-US: Java on Windows
-CVE-2011-0865
+CVE-2011-0865 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0864
+CVE-2011-0864 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0863
+CVE-2011-0863 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
-CVE-2011-0862
+CVE-2011-0862 (Multiple unspecified vulnerabilities in the Java Runtime Environment ( ...)
 	{DSA-2358-1 DSA-2311-1}
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
 	- openjdk-6 6b18-1.8.9-0.1 (bug #629852)
-CVE-2011-0861
+CVE-2011-0861 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Upd ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0860
+CVE-2011-0860 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Upd ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0859
+CVE-2011-0859 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Tax ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0858
+CVE-2011-0858 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bun ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0857
+CVE-2011-0857 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bun ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0856
+CVE-2011-0856 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.49 GA thro ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0855
+CVE-2011-0855 (Unspecified vulnerability in the InForm component in Oracle Industry A ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2011-0854
+CVE-2011-0854 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.1 Bun ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0853
+CVE-2011-0853 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bun ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0852
+CVE-2011-0852 (Unspecified vulnerability in the Security Management component in Orac ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0851
+CVE-2011-0851 (Unspecified vulnerability in Oracle PeopleSoft Enterprise ELS 9.0 Bund ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0850
+CVE-2011-0850 (Unspecified vulnerability in Oracle PeopleSoft Enterprise CRM 8.9 Bund ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0849
+CVE-2011-0849 (Unspecified vulnerability in Oracle Java Dynamic Management Kit 5.1 al ...)
 	NOT-FOR-US: Oracle Java Dynamic Management Kit
-CVE-2011-0848
+CVE-2011-0848 (Unspecified vulnerability in the Security Framework component in Oracl ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0847
+CVE-2011-0847 (Unspecified vulnerability in the OpenSSO Enterprise and Sun Java Syste ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-0846
+CVE-2011-0846 (Unspecified vulnerability in the Oracle Sun Java System Access Manager ...)
 	NOT-FOR-US: Oracle Sun Java System Access Manager Policy Agent
-CVE-2011-0845
+CVE-2011-0845 (Unspecified vulnerability in the Database Control component in Oracle  ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2011-0844
+CVE-2011-0844 (Unspecified vulnerability in the OpenSSO Enterprise and Sun Java Syste ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-0843
+CVE-2011-0843 (Unspecified vulnerability in the Siebel CRM Core component in Oracle S ...)
 	NOT-FOR-US: Oracle Siebel CRM
 CVE-2011-0842
 	REJECTED
-CVE-2011-0841
+CVE-2011-0841 (Unspecified vulnerability in Oracle Solaris 11 Express allows remote a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0840
+CVE-2011-0840 (Unspecified vulnerability in Oracle PeopleSoft Enterprise PeopleTools  ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise PeopleTools
-CVE-2011-0839
+CVE-2011-0839 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allo ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0838
+CVE-2011-0838 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0837
+CVE-2011-0837 (Unspecified vulnerability in the Agile Technology Platform component i ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2011-0836
+CVE-2011-0836 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0835
+CVE-2011-0835 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0834
+CVE-2011-0834 (Unspecified vulnerability in the Siebel CRM Core component in Oracle S ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2011-0833
+CVE-2011-0833 (Unspecified vulnerability in the Siebel CRM Core component in Oracle S ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2011-0832
+CVE-2011-0832 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0831
+CVE-2011-0831 (Unspecified vulnerability in the Enterprise Config Management componen ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0830
+CVE-2011-0830 (Unspecified vulnerability in the Event Management component in Oracle  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0829
+CVE-2011-0829 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows l ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0828
+CVE-2011-0828 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle # ...)
 	NOT-FOR-US: Oracle PeopleSoft Enterprise
-CVE-2011-0827
+CVE-2011-0827 (Unspecified vulnerability in the PeopleSoft Enterprise component in Or ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-0826
+CVE-2011-0826 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle # ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2011-0825
+CVE-2011-0825 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0824
+CVE-2011-0824 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0823
+CVE-2011-0823 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0822
+CVE-2011-0822 (Unspecified vulnerability in the Streams, AQ &amp; Replication Mgmt co ...)
 	NOT-FOR-US: Oracle Database Serve
-CVE-2011-0821
+CVE-2011-0821 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local  ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0820
+CVE-2011-0820 (Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows  ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0819
+CVE-2011-0819 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0818
+CVE-2011-0818 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0817
+CVE-2011-0817 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	NOT-FOR-US: Java on Windows
-CVE-2011-0816
+CVE-2011-0816 (Unspecified vulnerability in the CMDB Metadata &amp; Instance APIs com ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0815
+CVE-2011-0815 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	NOT-FOR-US: Java on Windows
-CVE-2011-0814
+CVE-2011-0814 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
-CVE-2011-0813
+CVE-2011-0813 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0812
+CVE-2011-0812 (Unspecified vulnerability in the Solaris component in Oracle Solaris 8 ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0811
+CVE-2011-0811 (Unspecified vulnerability in the Enterprise Config Management componen ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0810
+CVE-2011-0810 (Unspecified vulnerability Oracle JD Edwards EnterpriseOne Tools 8.9 GA ...)
 	NOT-FOR-US: Oracle JD Edwards EnterpriseOne
-CVE-2011-0809
+CVE-2011-0809 (Unspecified vulnerability in the Web ADI component in Oracle E-Busines ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-0808
+CVE-2011-0808 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0807
+CVE-2011-0807 (Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2. ...)
 	NOT-FOR-US: Oracle Sun GlassFish Enterprise Server
-CVE-2011-0806
+CVE-2011-0806 (Unspecified vulnerability in the Network Foundation component in Oracl ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0805
+CVE-2011-0805 (Unspecified vulnerability in the UIX component in Oracle Database Serv ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0804
+CVE-2011-0804 (Unspecified vulnerability in the Database Vault component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0803
+CVE-2011-0803 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools compon ...)
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2011-0802
+CVE-2011-0802 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	[lenny] - sun-java6 6.26-0lenny1
 	[squeeze] - sun-java6 6.26-0squeeze1
 	- sun-java6 6.26-1 (bug #629852)
-CVE-2011-0801
+CVE-2011-0801 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows l ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0800
+CVE-2011-0800 (Unspecified vulnerability in the Solaris component in Oracle Solaris 8 ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0799
+CVE-2011-0799 (Unspecified vulnerability in the Oracle Warehouse Builder component in ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0798
+CVE-2011-0798 (Unspecified vulnerability in the Portal component in Oracle Fusion Mid ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0797
+CVE-2011-0797 (Unspecified vulnerability in the Applications Install component in Ora ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-0796
+CVE-2011-0796 (Unspecified vulnerability in the Applications Install component in Ora ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-0795
+CVE-2011-0795 (Unspecified vulnerability in the Single Sign On component in Oracle Fu ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0794
+CVE-2011-0794 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0793
+CVE-2011-0793 (Unspecified vulnerability in the Database Vault component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0792
+CVE-2011-0792 (Unspecified vulnerability in the Oracle Warehouse Builder component in ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2011-0791
+CVE-2011-0791 (Unspecified vulnerability in the Application Object Library component  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2011-0790
+CVE-2011-0790 (Unspecified vulnerability in Oracle Solaris 9 and 10 allows local user ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0789
+CVE-2011-0789 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2011-0788
+CVE-2011-0788 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	NOT-FOR-US: Java on Windows
-CVE-2011-0787
+CVE-2011-0787 (Unspecified vulnerability in the Application Service Level Management  ...)
 	NOT-FOR-US: Oracle
-CVE-2011-0786
+CVE-2011-0786 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	NOT-FOR-US: Java on Windows
-CVE-2011-0785
+CVE-2011-0785 (Unspecified vulnerability in the Oracle Help component in Oracle Datab ...)
 	NOT-FOR-US: Oracle
-CVE-2011-0784
+CVE-2011-0784 (Race condition in Google Chrome before 9.0.597.84 allows remote attack ...)
 	- chromium-browser 9.0.597.84~r72991-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0783
+CVE-2011-0783 (Unspecified vulnerability in Google Chrome before 9.0.597.84 allows us ...)
 	{DSA-2166-1}
 	- chromium-browser 9.0.597.84~r72991-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0782
+CVE-2011-0782 (Google Chrome before 9.0.597.84 on Mac OS X does not properly mitigate ...)
 	- chromium-browser <not-affected> (mac only)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0781
+CVE-2011-0781 (Google Chrome before 9.0.597.84 does not properly handle autofill prof ...)
 	- chromium-browser 9.0.597.84~r72991-1 (unimportant)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0780
+CVE-2011-0780 (The PDF event handler in Google Chrome before 9.0.597.84 does not prop ...)
 	- chromium-browser <not-affected> (Chrome pdf plugin)
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0779
+CVE-2011-0779 (Google Chrome before 9.0.597.84 does not properly handle a missing key ...)
 	{DSA-2192-1}
 	- chromium-browser 9.0.597.84~r72991-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0778
+CVE-2011-0778 (Google Chrome before 9.0.597.84 does not properly restrict drag and dr ...)
 	{DSA-2188-1 DSA-2166-1}
 	- chromium-browser 9.0.597.84~r72991-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit 1.2.7-1
 	NOTE: http://trac.webkit.org/changeset/71925
-CVE-2011-0777
+CVE-2011-0777 (Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows ...)
 	{DSA-2166-1}
 	- chromium-browser 9.0.597.84~r72991-1
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	NOTE: http://trac.webkit.org/changeset/72230
-CVE-2011-0776
+CVE-2011-0776 (The sandbox implementation in Google Chrome before 9.0.597.84 on Mac O ...)
 	- chromium-browser <not-affected> (mac only)
 	- webkit <not-affected> (chromium specific)
 CVE-2011-XXXX [evince segfault]
@@ -12247,32 +12247,32 @@ CVE-2011-XXXX [aptitude tempfile]
 	- aptitude 0.6.3-4 (low; bug #612034)
 	[squeeze] - aptitude 0.6.3-2.1+squeeze1 (bug #612034)
 	[lenny] - aptitude 0.4.11.11-1~lenny2 (bug #612034)
-CVE-2011-0775
+CVE-2011-0775 (pivotx/modules/module_image.php in PivotX 2.2.2 allows remote attacker ...)
 	NOT-FOR-US: PivotX
-CVE-2011-0774
+CVE-2011-0774 (PivotX before 2.2.2 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: PivotX
-CVE-2011-0773
+CVE-2011-0773 (Cross-site scripting (XSS) vulnerability in pivotx/modules/module_imag ...)
 	NOT-FOR-US: PivotX
-CVE-2011-0772
+CVE-2011-0772 (Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, a ...)
 	NOT-FOR-US: PivotX
-CVE-2011-0771
+CVE-2011-0771 (The Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not v ...)
 	NOT-FOR-US: Janrain Engage Drupal module
-CVE-2011-0770
+CVE-2011-0770 (Cross-site scripting (XSS) vulnerability in Windows Event Log SmartCon ...)
 	NOT-FOR-US: Windows Event Log SmartConnector
 CVE-2011-0769
 	RESERVED
 CVE-2011-0768
 	RESERVED
-CVE-2011-0767
+CVE-2011-0767 (Cross-site scripting (XSS) vulnerability in the management GUI in the  ...)
 	NOT-FOR-US: Imperva SecureSphere Web Application Firewall
-CVE-2011-0766
+CVE-2011-0766 (The random number generator in the Crypto application before 2.0.2.2,  ...)
 	- erlang 1:14.b.3-dfsg-1 (low; bug #628456)
 	[squeeze] - erlang 1:14.a-dfsg-3squeeze1
 	NOTE: http://www.kb.cert.org/vuls/id/178990
 	NOTE: https://github.com/erlang/otp/commit/f228601de45c5
-CVE-2011-0765
+CVE-2011-0765 (Unspecified vulnerability in lft in pWhois Layer Four Traceroute (LFT) ...)
 	NOT-FOR-US: pWhois Layer Four Traceroute
-CVE-2011-0764
+CVE-2011-0764 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and ot ...)
 	{DSA-2388-1}
 	- xpdf 3.02-9
 	- poppler <not-affected> (never used t1lib)
@@ -12282,185 +12282,185 @@ CVE-2011-0764
 	NOTE: http://www.toucan-system.com/advisories/tssa-2011-01.txt
 CVE-2011-0763
 	RESERVED
-CVE-2011-0762
+CVE-2011-0762 (The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 ...)
 	{DSA-2305-1}
 	- vsftpd 2.3.4-1 (bug #622741)
 	[squeeze] - vsftpd 2.3.2-3+squeeze2
 	[lenny] - vsftpd 2.0.7-1+lenny1
-CVE-2011-0761
+CVE-2011-0761 (Perl 5.10.x allows context-dependent attackers to cause a denial of se ...)
 	- perl 5.12.0-1 (unimportant; bug #628817)
-CVE-2011-0760
+CVE-2011-0760 (Multiple cross-site request forgery (CSRF) vulnerabilities in the conf ...)
 	NOT-FOR-US: WP Related Posts plugin for WordPress
-CVE-2011-0759
+CVE-2011-0759 (Multiple cross-site request forgery (CSRF) vulnerabilities in the conf ...)
 	NOT-FOR-US: Recaptcha plugin for WordPress
-CVE-2011-0758
+CVE-2011-0758 (The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8. ...)
 	NOT-FOR-US: CA ETrust
-CVE-2011-0757
+CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, ...)
 	NOT-FOR-US: IBM DB2
-CVE-2011-0756
+CVE-2011-0756 (The application server in Trustwave WebDefend Enterprise before 5.0 us ...)
 	NOT-FOR-US: Trustwave WebDefend Enterprise
-CVE-2011-0755
+CVE-2011-0755 (Integer overflow in the mt_rand function in PHP before 5.3.4 might mak ...)
 	- php5 5.3.5-1 (unimportant)
 	NOTE: Only exploitable with malicious script
-CVE-2011-0754
+CVE-2011-0754 (The SplFileInfo::getType function in the Standard PHP Library (SPL) ex ...)
 	- php5 <not-affected> (Only affects PHP on Windows)
-CVE-2011-0753
+CVE-2011-0753 (Race condition in the PCNTL extension in PHP before 5.3.4, when a user ...)
 	- php5 5.3.5-1 (unimportant)
 	NOTE: Only exploitable with malicious script
-CVE-2011-0752
+CVE-2011-0752 (The extract function in PHP before 5.2.15 does not prevent use of the  ...)
 	- php5 5.3.3-7 (unimportant)
 	NOTE: Only exploitable with malicious script
-CVE-2011-0751
+CVE-2011-0751 (Directory traversal vulnerability in nhttpd (aka Nostromo webserver) b ...)
 	NOT-FOR-US: Nostromo webserver
 CVE-2011-0750
 	RESERVED
 CVE-2011-0749
 	RESERVED
-CVE-2011-0748
+CVE-2011-0748 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpList  ...)
 	NOT-FOR-US: phpList
 CVE-2011-0747
 	RESERVED
-CVE-2011-0746
+CVE-2011-0746 (Cross-site request forgery (CSRF) vulnerability in Forms/PortForwardin ...)
 	NOT-FOR-US: ZyXEL O2 DSL Router
-CVE-2011-0745
+CVE-2011-0745 (SugarCRM before 6.1.3 does not properly handle reloads and direct requ ...)
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
 CVE-2011-0744
 	RESERVED
 CVE-2011-0743
 	RESERVED
-CVE-2011-0742
+CVE-2011-0742 (Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management ...)
 	NOT-FOR-US: Novell ZENworks Handheld Management
-CVE-2011-0741
+CVE-2011-0741 (Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution  ...)
 	NOT-FOR-US: ModX
-CVE-2011-0740
+CVE-2011-0740 (Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slas ...)
 	- magpierss 0.72-10 (low; bug #611940)
 	[squeeze] - magpierss 0.72-8+squeeze1
 	[lenny] - magpierss 0.72-5+lenny1
-CVE-2011-0739
+CVE-2011-0739 (The deliver function in the sendmail delivery agent (lib/mail/network/ ...)
 	NOT-FOR-US: Ruby mail gem
-CVE-2011-0738
+CVE-2011-0738 (MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through 5.0.2 ...)
 	NOT-FOR-US: MyProxy
-CVE-2011-0737
+CVE-2011-0737 (** DISPUTED ** Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote a ...)
 	NOT-FOR-US: Adobe Coldfusion
-CVE-2011-0736
+CVE-2011-0736 (** DISPUTED ** Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web app ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0735
+CVE-2011-0735 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9. ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0734
+CVE-2011-0734 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9. ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0733
+CVE-2011-0733 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9. ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0732
+CVE-2011-0732 (Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal ( ...)
 	NOT-FOR-US: IBM Tivoli Integrated Portal
-CVE-2011-0731
+CVE-2011-0731 (Buffer overflow in the DB2 Administration Server (DAS) component in IB ...)
 	NOT-FOR-US: IBM DB2
-CVE-2011-0730
+CVE-2011-0730 (Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in Ubu ...)
 	- eucalyptus <not-affected> (It was once removed from archive, then re-added as 3.1.0)
-CVE-2011-0729
+CVE-2011-0729 (dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector ...)
 	NOT-FOR-US: Ubuntu-specific language-selector package
-CVE-2011-0728
+CVE-2011-0728 (Cross-site scripting (XSS) vulnerability in templatefunctions.py in Lo ...)
 	- loggerhead 1.18.1-1 (low)
 	[squeeze] - loggerhead <no-dsa> (Minor issue)
-CVE-2011-0727
+CVE-2011-0727 (GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to ch ...)
 	{DSA-2205-1}
 	- gdm3 2.30.5-9
 	- gdm <not-affected> (Affected code was introduced in 2.28)
-CVE-2011-0726
+CVE-2011-0726 (The do_task_stat function in fs/proc/array.c in the Linux kernel befor ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-2
 	[lenny] - linux-2.6 2.6.26-26lenny3
 	[squeeze] - linux-2.6 2.6.32-32
-CVE-2011-0725
+CVE-2011-0725 (Absolute path traversal vulnerability in the org.debian.apt.UpdateCach ...)
 	- aptdaemon 0.43+bzr707-1
 	[squeeze] - aptdaemon <not-affected> (Introduced in 0.33)
-CVE-2011-0724
+CVE-2011-0724 (The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctl ...)
 	- italc <not-affected> (Only Edubuntu Live DVD affected)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/italc/+bug/714864
 	NOTE: http://web.archive.org/web/20140817234205/https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-February/001245.html
-CVE-2011-0723
+CVE-2011-0723 (FFmpeg 0.5.x, as used in MPlayer and other products, allows remote att ...)
 	{DSA-2306-1}
 	- libav 4:0.6-1
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
-CVE-2011-0722
+CVE-2011-0722 (FFmpeg before 0.5.4, as used in MPlayer and other products, allows rem ...)
 	{DSA-2306-1}
 	- libav 4:0.6-1
 	- ffmpeg 7:2.4.1-1
 	- ffmpeg-debian <end-of-life>
-CVE-2011-0721
+CVE-2011-0721 (Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in sh ...)
 	{DSA-2164-1}
 	- shadow 1:4.1.4.2+svn3283-3
 	[lenny] - shadow <not-affected> (Vulnerable code not present)
-CVE-2011-0720
+CVE-2011-0720 (Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga,  ...)
 	- plone3 <removed>
-CVE-2011-0719
+CVE-2011-0719 (Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 d ...)
 	{DSA-2175-1}
 	- samba 2:3.5.7~dfsg-1
-CVE-2011-0718
+CVE-2011-0718 (Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay a ...)
 	NOT-FOR-US: Red Hat Network Satellite/Spacewalk
-CVE-2011-0717
+CVE-2011-0717 (Session fixation vulnerability in Red Hat Network (RHN) Satellite Serv ...)
 	NOT-FOR-US: Red Hat Network Satellite/Spacewalk
-CVE-2011-0716
+CVE-2011-0716 (The br_multicast_add_group function in net/bridge/br_multicast.c in th ...)
 	- linux-2.6 2.6.38-1 (low)
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.34)
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.34)
 	[wheezy] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.34)
-CVE-2011-0715
+CVE-2011-0715 (The mod_dav_svn module for the Apache HTTP Server, as distributed in A ...)
 	{DSA-2181-1}
 	- subversion 1.6.16dfsg-1
-CVE-2011-0714
+CVE-2011-0714 (Use-after-free vulnerability in a certain Red Hat patch for the RPC se ...)
 	- linux-2.6 <not-affected> (This issue only affects Red Hat Enterprise Linux 6)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=678144
 	NOTE: http://seclists.org/oss-sec/2011/q1/438
-CVE-2011-0713
+CVE-2011-0713 (Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 t ...)
 	{DSA-2201-1}
 	- wireshark 1.4.4-1
 	[lenny] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953
-CVE-2011-0712
+CVE-2011-0712 (Multiple buffer overflows in the caiaq Native Instruments USB audio fu ...)
 	{DSA-2310-1}
 	- linux-2.6 2.6.37-2
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-0711
+CVE-2011-0711 (The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-1 (low)
-CVE-2011-0710
+CVE-2011-0710 (The task_show_regs function in arch/s390/kernel/traps.c in the Linux k ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.37-2 (low)
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-0709
+CVE-2011-0709 (The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux k ...)
 	- linux-2.6 <not-affected> (Introduced in 2.6.35-rc1 and fixed in 2.6.35-rc5)
-CVE-2011-0708
+CVE-2011-0708 (exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms p ...)
 	{DSA-2266-1}
 	- php5 5.3.6-1
-CVE-2011-0707
+CVE-2011-0707 (Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py  ...)
 	{DSA-2170-1}
 	- mailman 1:2.1.14-1
 	NOTE: patch http://mail.python.org/pipermail/mailman-developers/attachments/20110218/15500b22/attachment.txt
 	NOTE: present in 2.1.14 and earlier
 	NOTE: http://mail.python.org/pipermail/mailman-developers/2011-February/021317.html
-CVE-2011-0706
+CVE-2011-0706 (The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in Open ...)
 	{DSA-2224-1}
 	- openjdk-6 6b18-1.8.7-1
 CVE-2011-0705
 	REJECTED
-CVE-2011-0704
+CVE-2011-0704 (389 Directory Server 1.2.7.5, when built with mozldap, allows remote a ...)
 	NOT-FOR-US: 389 Directory Server
 CVE-2011-0703
 	RESERVED
 	- gksu-polkit <removed> (bug #684489)
 	[squeeze] - gksu-polkit <end-of-life> (Unsupported in squeeze-lts)
-CVE-2011-0702
+CVE-2011-0702 (The feh_unique_filename function in utils.c in feh before 1.11.2 might ...)
 	- feh 1.12-1 (low; bug #612035)
 	[squeeze] - feh <no-dsa> (Minor issue)
 	[lenny] - feh <no-dsa> (Minor issue)
-CVE-2011-0701
+CVE-2011-0701 (wp-admin/async-upload.php in the media uploader in WordPress before 3. ...)
 	{DSA-2190-1}
 	- wordpress 3.0.5+dfsg-1
 	[lenny] - wordpress <not-affected> (2.x version is not affected)
-CVE-2011-0700
+CVE-2011-0700 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress befor ...)
 	{DSA-2190-1}
 	- wordpress 3.0.5+dfsg-1
 	[lenny] - wordpress <not-affected> (2.x version is not affected)
@@ -12470,25 +12470,25 @@ CVE-2011-0699
 	[wheezy] - linux-2.6 <not-affected> (code introduced in .37)
 	[squeeze] - linux-2.6 <not-affected> (code introduced in .37)
 	[lenny] - linux-2.6 <not-affected> (code introduced in .37)
-CVE-2011-0698
+CVE-2011-0698 (Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2 ...)
 	- python-django <not-affected> (Windows-specific)
 	NOTE: http://www.djangoproject.com/weblog/2011/feb/08/security/
-CVE-2011-0697
+CVE-2011-0697 (Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4  ...)
 	{DSA-2163-1}
 	- python-django 1.2.5-1
 	[lenny] - python-django <not-affected> (Vulnerable code not present)
 	NOTE: http://www.djangoproject.com/weblog/2011/feb/08/security/
 	[squeeze] - python-django 1.2.3-3+squeeze1
-CVE-2011-0696
+CVE-2011-0696 (Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly val ...)
 	{DSA-2163-1}
 	- python-django 1.2.5-1
 	[lenny] - python-django <not-affected> (Vulnerable code not present)
 	NOTE: http://www.djangoproject.com/weblog/2011/feb/08/security/
 	[squeeze] - python-django 1.2.3-3+squeeze1
-CVE-2011-0695
+CVE-2011-0695 (Race condition in the cm_work_handler function in the InfiniBand drive ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-2
-CVE-2011-0694
+CVE-2011-0694 (RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 1 ...)
 	NOT-FOR-US: RealPlayer
 CVE-2011-0693
 	RESERVED
@@ -12500,123 +12500,123 @@ CVE-2011-0690
 	RESERVED
 CVE-2011-0689
 	RESERVED
-CVE-2011-0688
+CVE-2011-0688 (Intel Alert Management System (aka AMS or AMS2), as used in Symantec A ...)
 	NOT-FOR-US: Symantec Intel Alert Handler
-CVE-2011-0687
+CVE-2011-0687 (Opera before 11.01 does not properly implement Wireless Application Pr ...)
 	NOT-FOR-US: Opera
-CVE-2011-0686
+CVE-2011-0686 (Unspecified vulnerability in Opera before 11.01 allows remote attacker ...)
 	NOT-FOR-US: Opera
-CVE-2011-0685
+CVE-2011-0685 (The Delete Private Data feature in Opera before 11.01 does not properl ...)
 	NOT-FOR-US: Opera
-CVE-2011-0684
+CVE-2011-0684 (Opera before 11.01 does not properly handle redirections and unspecifi ...)
 	NOT-FOR-US: Opera
-CVE-2011-0683
+CVE-2011-0683 (Opera before 11.01 does not properly restrict the use of opera: URLs,  ...)
 	NOT-FOR-US: Opera
-CVE-2011-0682
+CVE-2011-0682 (Integer truncation error in opera.dll in Opera before 11.01 allows rem ...)
 	NOT-FOR-US: Opera
-CVE-2011-0681
+CVE-2011-0681 (The Cascading Style Sheets (CSS) Extensions for XML implementation in  ...)
 	NOT-FOR-US: Opera
-CVE-2011-0680
+CVE-2011-0680 (data/WorkingMessage.java in the Mms application in Android before 2.2. ...)
 	NOT-FOR-US: Mms for Android
-CVE-2011-0679
+CVE-2011-0679 (IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2011-0678
+CVE-2011-0678 (Unrestricted file upload vulnerability in the EasyEdit module in Lomte ...)
 	NOT-FOR-US: Lomtec ActiveWeb Professional
-CVE-2011-0677
+CVE-2011-0677 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0676
+CVE-2011-0676 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0675
+CVE-2011-0675 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0674
+CVE-2011-0674 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0673
+CVE-2011-0673 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0672
+CVE-2011-0672 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0671
+CVE-2011-0671 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0670
+CVE-2011-0670 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-0669
 	REJECTED
 CVE-2011-0668
 	RESERVED
-CVE-2011-0667
+CVE-2011-0667 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0666
+CVE-2011-0666 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0665
+CVE-2011-0665 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0664
+CVE-2011-0664 (Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and ...)
 	NOT-FOR-US: Microsoft .NET Framework, Silverlight
-CVE-2011-0663
+CVE-2011-0663 (Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5. ...)
 	NOT-FOR-US: Microsoft JScript
-CVE-2011-0662
+CVE-2011-0662 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0661
+CVE-2011-0661 (The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Se ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0660
+CVE-2011-0660 (The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 200 ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-0659
 	REJECTED
-CVE-2011-0658
+CVE-2011-0658 (Integer underflow in the OLE Automation protocol implementation in VBS ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0657
+CVE-2011-0657 (DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Wind ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0656
+CVE-2011-0656 (Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2011-0655
+CVE-2011-0655 (Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 fo ...)
 	NOT-FOR-US: Microsoft
-CVE-2011-0654
+CVE-2011-0654 (Integer underflow in the BowserWriteErrorLogEntry function in the Comm ...)
 	NOT-FOR-US: Windows 2003
-CVE-2011-0653
+CVE-2011-0653 (Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoin ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2011-0652
+CVE-2011-0652 (lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 all ...)
 	NOT-FOR-US: Look 'n' Stop Firewall
-CVE-2011-0651
+CVE-2011-0651 (Buffer overflow in the key exchange functionality in Icon Labs Iconfid ...)
 	NOT-FOR-US: Iconfidant SSL Server (VxWorks OS)
-CVE-2011-0650
+CVE-2011-0650 (Cross-site request forgery (CSRF) vulnerability in Greenbone Security  ...)
 	NOT-FOR-US: Greenbone Security Manager appliance
-CVE-2011-0649
+CVE-2011-0649 (Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through ...)
 	NOT-FOR-US: TIBCO Rendezvous
-CVE-2011-0648
+CVE-2011-0648 (Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote  ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2011-0647
+CVE-2011-0647 (The irccd.exe service in EMC Replication Manager Client before 5.3 and ...)
 	NOT-FOR-US: EMC
-CVE-2011-0646
+CVE-2011-0646 (SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows rem ...)
 	NOT-FOR-US: PHPLOWBIDS
-CVE-2011-0645
+CVE-2011-0645 (SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remot ...)
 	NOT-FOR-US: PHPCMS
-CVE-2011-0644
+CVE-2011-0644 (SQL injection vulnerability in include/admin/model_field.class.php in  ...)
 	NOT-FOR-US: PHPCMS
-CVE-2011-0643
+CVE-2011-0643 (Cross-site request forgery (CSRF) vulnerability in admin/conf_users_ed ...)
 	NOT-FOR-US: PHP Link Directory
-CVE-2011-0642
+CVE-2011-0642 (Cross-site request forgery (CSRF) vulnerability in news/admin.php in N ...)
 	NOT-FOR-US: N-13 News
-CVE-2011-0641
+CVE-2011-0641 (Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/admin. ...)
 	NOT-FOR-US: StatPressCN Wordpress Plugin
-CVE-2011-0640
+CVE-2011-0640 (The default configuration of udev on Linux does not warn the user befo ...)
 	NOTE: Not much that could sensibly be fixed here
-CVE-2011-0639
+CVE-2011-0639 (Apple Mac OS X does not properly warn the user before enabling additio ...)
 	NOT-FOR-US: Mac OS X
-CVE-2011-0638
+CVE-2011-0638 (Microsoft Windows does not properly warn the user before enabling addi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0637
+CVE-2011-0637 (The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a time ...)
 	NOT-FOR-US: AIX
-CVE-2011-0636
+CVE-2011-0636 (The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA C ...)
 	NOT-FOR-US: NVIDIA CUDA Toolkit
-CVE-2011-0635
+CVE-2011-0635 (Static code injection vulnerability in Simploo CMS 1.7.1 and earlier a ...)
 	NOT-FOR-US: Simploo
 CVE-2011-XXXX [shibboleth Single TransientID Mapped to Multiple Principals]
 	NOTE: Not packaged in Debian, separate package Shibboleth IdP
 	NOTE: http://shibboleth.internet2.edu/secadv/secadv_20110113.txt
-CVE-2011-0520
+CVE-2011-0520 (The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1 ...)
 	{DSA-2196-1}
 	- maradns 1.4.03-1.1 (bug #610834)
 CVE-2011-0634
 	REJECTED
-CVE-2011-0633
+CVE-2011-0633 (The Net::HTTPS module in libwww-perl (LWP) before 6.00, as used in WWW ...)
 	- libwww-perl 6.01-1 (low; bug #669126)
 	[squeeze] - libwww-perl <no-dsa> (Minor issue)
 CVE-2011-0632
@@ -12625,482 +12625,482 @@ CVE-2011-0631
 	RESERVED
 CVE-2011-0630
 	RESERVED
-CVE-2011-0629
+CVE-2011-0629 (Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 8. ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0628
+CVE-2011-0628 (Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows,  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0627
+CVE-2011-0627 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0626
+CVE-2011-0626 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0625
+CVE-2011-0625 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0624
+CVE-2011-0624 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0623
+CVE-2011-0623 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0622
+CVE-2011-0622 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0621
+CVE-2011-0621 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0620
+CVE-2011-0620 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0619
+CVE-2011-0619 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0618
+CVE-2011-0618 (Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows,  ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-0617
 	REJECTED
 CVE-2011-0616
 	REJECTED
-CVE-2011-0615
+CVE-2011-0615 (Multiple buffer overflows in Adobe Audition 3.0.1 and earlier allow re ...)
 	NOT-FOR-US: Adobe Audition
-CVE-2011-0614
+CVE-2011-0614 (Buffer overflow in Adobe Audition 3.0.1 and earlier allows remote atta ...)
 	NOT-FOR-US: Adobe Audition
-CVE-2011-0613
+CVE-2011-0613 (Multiple cross-site scripting (XSS) vulnerabilities in RoboHelp 7 and  ...)
 	NOT-FOR-US: RoboHelp
-CVE-2011-0612
+CVE-2011-0612 (Adobe Flash Media Server (FMS) before 3.5.6, and 4.x before 4.0.2, all ...)
 	NOT-FOR-US: Adobe Flash Media Server
-CVE-2011-0611
+CVE-2011-0611 (Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player / Acrobat Reader
-CVE-2011-0610
+CVE-2011-0610 (The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0609
+CVE-2011-0609 (Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlie ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0608
+CVE-2011-0608 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbi ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0607
+CVE-2011-0607 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbi ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0606
+CVE-2011-0606 (Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat 10 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0605
+CVE-2011-0605 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0604
+CVE-2011-0604 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 1 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0603
+CVE-2011-0603 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0602
+CVE-2011-0602 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2011-0601
 	REJECTED
-CVE-2011-0600
+CVE-2011-0600 (The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0599
+CVE-2011-0599 (The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 1 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0598
+CVE-2011-0598 (Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10 ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2011-0597
 	REJECTED
-CVE-2011-0596
+CVE-2011-0596 (The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0595
+CVE-2011-0595 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0594
+CVE-2011-0594 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0593
+CVE-2011-0593 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0592
+CVE-2011-0592 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0591
+CVE-2011-0591 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0590
+CVE-2011-0590 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0589
+CVE-2011-0589 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0588
+CVE-2011-0588 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x b ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0587
+CVE-2011-0587 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 1 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0586
+CVE-2011-0586 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0585
+CVE-2011-0585 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0584
+CVE-2011-0584 (Session fixation vulnerability in Adobe ColdFusion 8.0 through 9.0.1 a ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0583
+CVE-2011-0583 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 throu ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0582
+CVE-2011-0582 (Unspecified vulnerability in the administrator console in Adobe ColdFu ...)
 	NOT-FOR-US: ColdFusion
-CVE-2011-0581
+CVE-2011-0581 (Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 throug ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0580
+CVE-2011-0580 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0579
+CVE-2011-0579 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0578
+CVE-2011-0578 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbi ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0577
+CVE-2011-0577 (Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 all ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-0576
 	REJECTED
-CVE-2011-0575
+CVE-2011-0575 (Untrusted search path vulnerability in Adobe Flash Player before 10.2. ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0574
+CVE-2011-0574 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbi ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0573
+CVE-2011-0573 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbi ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0572
+CVE-2011-0572 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbi ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0571
+CVE-2011-0571 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbi ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0570
+CVE-2011-0570 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x b ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0569
+CVE-2011-0569 (The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0568
+CVE-2011-0568 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0567
+CVE-2011-0567 (AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x befor ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0566
+CVE-2011-0566 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0565
+CVE-2011-0565 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0564
+CVE-2011-0564 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0563
+CVE-2011-0563 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0562
+CVE-2011-0562 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x b ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2011-0561
+CVE-2011-0561 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbi ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0560
+CVE-2011-0560 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbi ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0559
+CVE-2011-0559 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbi ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0558
+CVE-2011-0558 (Integer overflow in Adobe Flash Player before 10.2.152.26 allows attac ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-0557
+CVE-2011-0557 (Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows re ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0556
+CVE-2011-0556 (The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0555
+CVE-2011-0555 (The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 al ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0554
+CVE-2011-0554 (The management console in Symantec IM Manager before 8.4.18 allows rem ...)
 	NOT-FOR-US: Symantec IM Manager
-CVE-2011-0553
+CVE-2011-0553 (SQL injection vulnerability in the management console in Symantec IM M ...)
 	NOT-FOR-US: Symantec IM Manager
-CVE-2011-0552
+CVE-2011-0552 (Multiple cross-site scripting (XSS) vulnerabilities in the management  ...)
 	NOT-FOR-US: Symantec IM Manager
-CVE-2011-0551
+CVE-2011-0551 (Cross-site request forgery (CSRF) vulnerability in the Web Interface i ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2011-0550
+CVE-2011-0550 (Multiple cross-site scripting (XSS) vulnerabilities in the Web Interfa ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2011-0549
+CVE-2011-0549 (SQL injection vulnerability in forget.php in the management GUI in Sym ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2011-0548
+CVE-2011-0548 (Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Aut ...)
 	NOT-FOR-US: Lotus Freelance Graphics
-CVE-2011-0547
+CVE-2011-0547 (Multiple integer overflows in vxsvc.exe in the Veritas Enterprise Admi ...)
 	NOT-FOR-US: Veritas
-CVE-2011-0546
+CVE-2011-0546 (Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not vali ...)
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2011-0545
+CVE-2011-0545 (Cross-site request forgery (CSRF) vulnerability in adduser.do in Syman ...)
 	NOT-FOR-US: Symantec LiveUpdate Administrator
 CVE-2011-0544
 	RESERVED
 	- phpbb3 3.0.7-PL1-5 (low; bug #612477)
 	[squeeze] - phpbb3 <no-dsa> (Minor issue)
-CVE-2011-0543
+CVE-2011-0543 (Certain legacy functionality in fusermount in fuse 2.8.5 and earlier,  ...)
 	- fuse 2.8.5-1 (low; bug #624551)
 	[squeeze] - fuse <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0541
-CVE-2011-0542
+CVE-2011-0542 (fusermount in fuse 2.8.5 and earlier does not perform a chdir to / bef ...)
 	- fuse 2.8.5-1 (low; bug #624551)
 	[squeeze] - fuse <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0541
-CVE-2011-0541
+CVE-2011-0541 (fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot  ...)
 	- fuse 2.8.5-1 (low; bug #624551)
 	[squeeze] - fuse <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0541
 CVE-2011-0540
 	REJECTED
-CVE-2011-0539
+CVE-2011-0539 (The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7,  ...)
 	- openssh 1:5.8p1-2
 	[squeeze] - openssh <not-affected> (Only affects OpenSSH 5.6 and 5.7)
 	[lenny] - openssh <not-affected> (Only affects OpenSSH 5.6 and 5.7)
-CVE-2011-0538
+CVE-2011-0538 (Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees a ...)
 	{DSA-2201-1}
 	- wireshark 1.4.3-3 (low; bug #613202)
-CVE-2011-0537
+CVE-2011-0537 (Multiple directory traversal vulnerabilities in (1) languages/Language ...)
 	- mediawiki <not-affected> (Only affected when running on Windows or Novell Netware)
-CVE-2011-0536
+CVE-2011-0536 (Multiple untrusted search path vulnerabilities in elf/dl-object.c in c ...)
 	- eglibc 2.11.2-8 (bug #600667)
 	- glibc <not-affected> (Lenny version not affected)
-CVE-2011-0535
+CVE-2011-0535 (Cross-site request forgery (CSRF) vulnerability in the Users module in ...)
 	NOT-FOR-US: zikula
-CVE-2011-0534
+CVE-2011-0534 (Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not en ...)
 	{DSA-2160-1}
 	- tomcat5.5 <not-affected> (Vulnerable code not present)
 	- tomcat6 6.0.28-10 (bug #612257)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2011-0533
+CVE-2011-0533 (Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 throu ...)
 	NOT-FOR-US: Apache Continuum
-CVE-2011-0532
+CVE-2011-0532 (The (1) backup and restore scripts, (2) main initialization script, an ...)
 	NOT-FOR-US: 389 LDAP server
-CVE-2011-0531
+CVE-2011-0531 (demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media play ...)
 	{DSA-2159-1}
 	- vlc 1.1.7-1 (medium)
 	[lenny] - vlc 0.8.6.h-4+lenny3
-CVE-2011-0530
+CVE-2011-0530 (Buffer overflow in the mainloop function in nbd-server.c in the server ...)
 	{DSA-2183-1}
 	- nbd 1:2.9.16-8 (bug #611187)
 	[etch] - nbd <not-affected> (reintroduced in 2.9.0)
 CVE-2011-0529
 	RESERVED
 	- weborf 0.12.5-1
-CVE-2011-0528
+CVE-2011-0528 (Puppet 2.6.0 through 2.6.3 does not properly restrict access to node r ...)
 	- puppet 2.6.2-3
 	[lenny] - puppet <not-affected> (Only affects 2.6.x)
-CVE-2011-0527
+CVE-2011-0527 (VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before 2.0 ...)
 	NOT-FOR-US: VMware vFabric tc Server
-CVE-2011-0526
+CVE-2011-0526 (Cross-site scripting (XSS) vulnerability in index.php in Vanilla Forum ...)
 	NOT-FOR-US: Vanilla Forums
 CVE-2011-0525
 	RESERVED
 	NOT-FOR-US: Batavi
-CVE-2011-0524
+CVE-2011-0524 (Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 ...)
 	- gypsy <itp> (bug #491723)
-CVE-2011-0523
+CVE-2011-0523 (gypsy 0.8 does not properly restrict the files that can be read while  ...)
 	- gypsy <itp> (bug #491723)
-CVE-2011-0521
+CVE-2011-0521 (The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in th ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.37-2
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-0519
+CVE-2011-0519 (SQL injection vulnerability in gallery.php in Gallarific PHP Photo Gal ...)
 	NOT-FOR-US: Gallarific
-CVE-2011-0518
+CVE-2011-0518 (Directory traversal vulnerability in core/lib/router.php in LotusCMS F ...)
 	NOT-FOR-US: LotusCMS
-CVE-2011-0517
+CVE-2011-0517 (Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and e ...)
 	NOT-FOR-US: Winlog Pro
-CVE-2011-0516
+CVE-2011-0516 (SQL injection vulnerability in mainx_a.php in E-PROMPT C BetMore Site  ...)
 	NOT-FOR-US: BetMore Site Suite
-CVE-2011-0515
+CVE-2011-0515 (KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2  ...)
 	NOT-FOR-US: Kingsoft AntiVirus
-CVE-2011-0514
+CVE-2011-0514 (The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows rem ...)
 	NOT-FOR-US: HP Data Protector Manager
-CVE-2011-0513
+CVE-2011-0513 (DCR.sys driver in SecurStar DriveCrypt 5.4, 5.3, and earlier allows lo ...)
 	NOT-FOR-US: SecurStar DriveCrypt
-CVE-2011-0512
+CVE-2011-0512 (SQL injection vulnerability in team.php in the Teams Structure module  ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2011-0511
+CVE-2011-0511 (SQL injection vulnerability in the allCineVid component (com_allcinevi ...)
 	NOT-FOR-US: Joomla! component
-CVE-2011-0510
+CVE-2011-0510 (SQL injection vulnerability in cart.php in Advanced Webhost Billing Sy ...)
 	NOT-FOR-US: Advanced Webhost Billing System
-CVE-2011-0509
+CVE-2011-0509 (Cross-site scripting (XSS) vulnerability in Vaadin before 6.4.9 allows ...)
 	NOT-FOR-US: Vaadin
-CVE-2011-0508
+CVE-2011-0508 (Cross-site scripting (XSS) vulnerability in system/modules/comments/Co ...)
 	NOT-FOR-US: Contao CMS
-CVE-2011-0507
+CVE-2011-0507 (FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 (3.1.7.1 ...)
 	NOT-FOR-US: Blackmoon FTP
 	NOTE: Windows-only
-CVE-2011-0506
+CVE-2011-0506 (Directory traversal vulnerability in modules/profile/user.php in Ax De ...)
 	NOT-FOR-US: AxDCMS
-CVE-2011-0505
+CVE-2011-0505 (Directory traversal vulnerability in system/system.php in Zwii 2.1.1,  ...)
 	NOT-FOR-US: Zwii
-CVE-2011-0504
+CVE-2011-0504 (Multiple cross-site scripting (XSS) vulnerabilities in VaM Shop 1.6, 1 ...)
 	NOT-FOR-US: VaM Shop
-CVE-2011-0503
+CVE-2011-0503 (Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, 1.6.1 ...)
 	NOT-FOR-US: VaM Shop
-CVE-2011-0502
+CVE-2011-0502 (Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly ...)
 	NOT-FOR-US: Music Animation Machine MIDI Player
 	NOTE: Windows-only
-CVE-2011-0501
+CVE-2011-0501 (Stack-based buffer overflow in Music Animation Machine MIDI Player 200 ...)
 	NOT-FOR-US: Music Animation Machine MIDI Player
 	NOTE: Windows-only
-CVE-2011-0500
+CVE-2011-0500 (Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and Vid ...)
 	NOT-FOR-US: VideoSpirit Pro
-CVE-2011-0499
+CVE-2011-0499 (Buffer overflow in VideoSpirit Pro 1.6.8.1 and possibly earlier versio ...)
 	NOT-FOR-US: VideoSpirit Pro
-CVE-2011-0498
+CVE-2011-0498 (Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, a ...)
 	NOT-FOR-US: Nokia Multimedia Player
-CVE-2011-0497
+CVE-2011-0497 (Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ES ...)
 	NOT-FOR-US: Sybase EAServer
-CVE-2011-0496
+CVE-2011-0496 (Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ES ...)
 	NOT-FOR-US: Sybase EAServer
-CVE-2011-0495
+CVE-2011-0495 (Stack-based buffer overflow in the ast_uri_encode function in main/uti ...)
 	{DSA-2171-1}
 	- asterisk 1:1.6.2.9-2+squeeze1 (bug #610487)
-CVE-2011-0494
+CVE-2011-0494 (Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Mana ...)
 	NOT-FOR-US: IBM Tivoli Access Manager
-CVE-2011-0489
+CVE-2011-0489 (The server components in Objectivity/DB 10.0 do not require authentica ...)
 	NOT-FOR-US: Objectivity/DB
-CVE-2011-0488
+CVE-2011-0488 (Stack-based buffer overflow in NTWebServer.exe in the test web service ...)
 	NOT-FOR-US: NTWebServer
-CVE-2011-0487
+CVE-2011-0487 (ICQ 7 does not verify the authenticity of updates, which allows man-in ...)
 	NOT-FOR-US: ICQ
-CVE-2011-0486
+CVE-2011-0486 (Cross-site scripting (XSS) vulnerability in cognos.cgi in IBM Cognos 8 ...)
 	NOT-FOR-US: IBM Cognos
-CVE-2011-0493
+CVE-2011-0493 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow remo ...)
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
-CVE-2011-0492
+CVE-2011-0492 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote at ...)
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
-CVE-2011-0491
+CVE-2011-0491 (The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2 ...)
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
-CVE-2011-0490
+CVE-2011-0490 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to L ...)
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
 CVE-2011-XXXX [multiple spip issues]
 	- spip 2.1.1-3 (bug #609212; bug #610016)
-CVE-2011-0485
+CVE-2011-0485 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do n ...)
 	- chromium-browser 9.0.597.45~r70550-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0484
+CVE-2011-0484 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do n ...)
 	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <not-affected> (vulnerable code not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/75082
 	NOTE: http://trac.webkit.org/changeset/75084
-CVE-2011-0483
+CVE-2011-0483 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do n ...)
 	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <not-affected> (vulnerable code not present in 1.2)
 	NOTE: http://trac.webkit.org/changeset/74787
-CVE-2011-0482
+CVE-2011-0482 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do n ...)
 	{DSA-2188-1}
 	- chromium-browser 6.0.472.63~r59945-5
 	- webkit 1.2.7-1
 	NOTE: http://trac.webkit.org/changeset/74779
-CVE-2011-0481
+CVE-2011-0481 (Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS befo ...)
 	- chromium-browser <not-affected> (Chrome PDF plugin)
 	- webkit <not-affected> (Chrome PDF plugin)
-CVE-2011-0480
+CVE-2011-0480 (Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFm ...)
 	{DSA-2306-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <not-affected> (webm not supported yet)
 	- ffmpeg-debian <not-affected> (webm not supported yet)
 	- libav 4:0.6.1-1 (bug #610550)
-CVE-2011-0479
+CVE-2011-0479 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do n ...)
 	- chromium-browser 9.0.597.45~r70550-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0478
+CVE-2011-0478 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do n ...)
 	- chromium-browser 6.0.472.63~r59945-5
 	NOTE: http://trac.webkit.org/changeset/74636
-CVE-2011-0477
+CVE-2011-0477 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do n ...)
 	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0476
+CVE-2011-0476 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allo ...)
 	- chromium-browser <not-affected> (Chrome PDF plugin)
 	- webkit <not-affected> (Chrome PDF plugin)
-CVE-2011-0475
+CVE-2011-0475 (Use-after-free vulnerability in Google Chrome before 8.0.552.237 and C ...)
 	- chromium-browser <not-affected> (Chrome PDF plugin)
 	- webkit <not-affected> (Chrome PDF plugin)
-CVE-2011-0474
+CVE-2011-0474 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do n ...)
 	- chromium-browser 6.0.472.63~r59945-5
 	NOTE: http://trac.webkit.org/changeset/74574
-CVE-2011-0473
+CVE-2011-0473 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do n ...)
 	- chromium-browser 6.0.472.63~r59945-5
 	NOTE: http://trac.webkit.org/changeset/73927
 	NOTE: http://trac.webkit.org/changeset/73937
-CVE-2011-0472
+CVE-2011-0472 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do n ...)
 	- chromium-browser <not-affected> (Chrome PDF plugin)
 	- webkit <not-affected> (Chrome PDF plugin)
-CVE-2011-0471
+CVE-2011-0471 (The node-iteration implementation in Google Chrome before 8.0.552.237  ...)
 	- chromium-browser 6.0.472.63~r59945-5
 	NOTE: http://trac.webkit.org/changeset/73559
 	NOTE: http://trac.webkit.org/changeset/73620
-CVE-2011-0470
+CVE-2011-0470 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do n ...)
 	- chromium-browser 9.0.597.45~r70550-1
 	[squeeze] - chromium-browser <not-affected>
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
-CVE-2011-0469
+CVE-2011-0469 (Code injection in openSUSE when running some source services used in t ...)
 	- open-build-service <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=679325
 	NOTE: Main fix: https://github.com/openSUSE/open-build-service/commit/76b0ab003f34435ca90d943e02dd22279cdeec2a
 	NOTE: Secondary fix: https://github.com/openSUSE/open-build-service/commit/23c8d21c75242999e29379e6ca8418a14c8725c6
-CVE-2011-0468
+CVE-2011-0468 (The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and befo ...)
 	NOT-FOR-US: OpenSUSE aaa_base package
-CVE-2011-0467
+CVE-2011-0467 (A vulnerability in the listing of available software of SUSE SUSE Stud ...)
 	NOT-FOR-US: SUSE Studio Onsite
-CVE-2011-0466
+CVE-2011-0466 (The API in SUSE openSUSE Build Service (OBS) 2.0.x before 2.0.8 and 2. ...)
 	NOT-FOR-US: openSUSE Build Service
-CVE-2011-0465
+CVE-2011-0465 (xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote ...)
 	{DSA-2213-1}
 	- x11-xserver-utils 7.6+2 (low; bug #621423)
 	NOTE: http://cgit.freedesktop.org/xorg/app/xrdb/commit/?id=1027d5df07398c1507fb1fe3a9981aa6b4bc3a56
 	NOTE: low as this is not enabled in a standard setup
-CVE-2011-0464
+CVE-2011-0464 (Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 ...)
 	NOT-FOR-US: Novell Vibe OnPrem
-CVE-2011-0463
+CVE-2011-0463 (The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Or ...)
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 2.6.32-34
-CVE-2011-0462
+CVE-2011-0462 (Multiple cross-site scripting (XSS) vulnerabilities in the login page  ...)
 	NOT-FOR-US: openSUSE Build Service
-CVE-2011-0461
+CVE-2011-0461 (/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 i ...)
 	NOT-FOR-US: OpenSUSE aaa_base package
-CVE-2011-0460
+CVE-2011-0460 (The init script in kbd, possibly 1.14.1 and earlier, allows local user ...)
 	- kbd <not-affected> (SUSE-specific)
-CVE-2011-0459
+CVE-2011-0459 (Cross-site scripting (XSS) vulnerability in Cyber-Ark Password Vault W ...)
 	NOT-FOR-US: Cyber-Ark
-CVE-2011-0458
+CVE-2011-0458 (Untrusted search path vulnerability in the Locate on Disk feature in G ...)
 	NOT-FOR-US: Google Picasa
-CVE-2011-0457
+CVE-2011-0457 (Cross-site scripting (XSS) vulnerability in e107 0.7.22 and earlier al ...)
 	NOT-FOR-US: e107
-CVE-2011-0456
+CVE-2011-0456 (webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier al ...)
 	- otrs2 2.4.5-1
-CVE-2011-0455
+CVE-2011-0455 (Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 an ...)
 	NOT-FOR-US: Things BBS
-CVE-2011-0454
+CVE-2011-0454 (Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 ...)
 	NOT-FOR-US: PPP Access Concentrator
-CVE-2011-0453
+CVE-2011-0453 (F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not requir ...)
 	NOT-FOR-US: F-Secure Internet Gatekeeper
-CVE-2011-0452
+CVE-2011-0452 (Untrusted search path vulnerability in the script function in Lunascap ...)
 	NOT-FOR-US: Lunascape
-CVE-2011-0451
+CVE-2011-0451 (Multiple cross-site scripting (XSS) vulnerabilities in (1) data/Smarty ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2011-0450
+CVE-2011-0450 (The downloads manager in Opera before 11.01 on Windows does not proper ...)
 	NOT-FOR-US: Opera
-CVE-2011-0449
+CVE-2011-0449 (actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x ...)
 	- rails <not-affected> (Only affects 3.x)
-CVE-2011-0448
+CVE-2011-0448 (Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the ...)
 	- rails <not-affected> (Only affects 3.x)
-CVE-2011-0447
+CVE-2011-0447 (Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3. ...)
 	{DSA-2247-1}
 	- rails 2.3.11-0.1 (bug #614864)
-CVE-2011-0446
+CVE-2011-0446 (Multiple cross-site scripting (XSS) vulnerabilities in the mail_to hel ...)
 	{DSA-2247-1}
 	- rails 2.3.11-0.1 (bug #614864)
-CVE-2011-0426
+CVE-2011-0426 (Directory traversal vulnerability in vCenter Server in VMware vCenter  ...)
 	NOT-FOR-US: VMware
-CVE-2011-0445
+CVE-2011-0445 (The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote ...)
 	- wireshark <not-affected> (Only affects Wireshark 1.4, fixed in experimental)
-CVE-2011-0444
+CVE-2011-0444 (Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-l ...)
 	- wireshark 1.2.11-6
 	[lenny] - wireshark <not-affected> (Vulnerable code not present)
-CVE-2011-0443
+CVE-2011-0443 (SQL injection vulnerability in inc/tinybb-settings.php in tinyBB 1.2,  ...)
 	NOT-FOR-US: tinyBB
-CVE-2011-0442
+CVE-2011-0442 (The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to t ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2011-0441
+CVE-2011-0441 (The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows lo ...)
 	{DSA-2195-1}
 	- php5 5.3.6-1 (bug #618489)
 	NOTE: Debian-specific
-CVE-2011-0440
+CVE-2011-0440 (Cross-site request forgery (CSRF) vulnerability in Mahara 1.2.x before ...)
 	{DSA-2206-1}
 	- mahara 1.2.7-1
-CVE-2011-0439
+CVE-2011-0439 (Cross-site scripting (XSS) vulnerability in Mahara 1.2.x before 1.2.7  ...)
 	{DSA-2206-1}
 	- mahara 1.2.7-1
-CVE-2011-0438
+CVE-2011-0438 (nslcd/pam.c in the nss-pam-ldapd 0.8.0 PAM module returns a success co ...)
 	- nss-pam-ldapd <not-affected> (Only affects 0.8.0, which was only uploaded to experimental)
-CVE-2011-0437
+CVE-2011-0437 (shared/inc/sql/ssh.php in the SSH accounts management implementation i ...)
 	{DSA-2179-1}
 	- dtc 0.32.10-1
-CVE-2011-0436
+CVE-2011-0436 (The register_user function in client/new_account_form.php in Domain Te ...)
 	{DSA-2179-1}
 	- dtc 0.32.10-1 (bug #614302)
-CVE-2011-0435
+CVE-2011-0435 (Domain Technologie Control (DTC) before 0.32.9 does not require authen ...)
 	{DSA-2179-1}
 	- dtc 0.32.10-1
-CVE-2011-0434
+CVE-2011-0434 (Multiple SQL injection vulnerabilities in Domain Technologie Control ( ...)
 	{DSA-2179-1}
 	- dtc 0.32.10-1
-CVE-2011-0433
+CVE-2011-0433 (Heap-based buffer overflow in the linetoken function in afmparse.c in  ...)
 	{DSA-2388-1}
 	- evince 2.32.0-1 (bug #614668)
 	[squeeze] - evince 2.30.3-2+squeeze1
@@ -13114,13 +13114,13 @@ CVE-2011-0433
 	NOTE: vuln source file is lib/t1lib/parseAFM.c, which differs slightly from evince's afmparse.c in the affected areas but it is indeed affected
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=640923
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=643882
-CVE-2011-0432
+CVE-2011-0432 (Multiple SQL injection vulnerabilities in the get_userinfo method in t ...)
 	{DSA-2177-1}
 	- pywebdav 0.9.4-3
-CVE-2011-0431
+CVE-2011-0431 (The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel  ...)
 	{DSA-2168-1}
 	- openafs 1.4.14+dfsg-1
-CVE-2011-0430
+CVE-2011-0430 (Double free vulnerability in the Rx server process in OpenAFS 1.4.14,  ...)
 	{DSA-2168-1}
 	- openafs 1.4.14+dfsg-1
 CVE-2011-0429
@@ -13131,34 +13131,34 @@ CVE-2011-0428
 	[squeeze] - ikiwiki 3.20100815.5
 	[lenny] - ikiwiki <not-affected> (Vulnerable code not present)
 	NOTE: https://ikiwiki.info/security/#index38h2
-CVE-2011-0427
+CVE-2011-0427 (Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0 ...)
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
 CVE-2011-0425
 	RESERVED
 CVE-2011-0424
 	RESERVED
-CVE-2011-0423
+CVE-2011-0423 (The PolyVision RoomWizard with firmware 3.2.3 has a default password o ...)
 	NOT-FOR-US: PolyVision RoomWizard
 CVE-2011-0422
 	RESERVED
-CVE-2011-0421
+CVE-2011-0421 (The _zip_name_locate function in zip_name_locate.c in the Zip extensio ...)
 	{DSA-2266-1}
 	- php5 5.3.6-1
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=307867
 	- libzip 0.10-1 (low)
 	[squeeze] - libzip <no-dsa> (Minor issue)
 	NOTE: http://hg.nih.at/libzip/?fd=13654bfdc88c;file=lib/zip_name_locate.c
-CVE-2011-0420
+CVE-2011-0420 (The grapheme_extract function in the Internationalization extension (I ...)
 	{DSA-2266-1}
 	- php5 5.3.6-1 (unimportant)
 	[lenny] - php5 <not-affected> (intl extension added in 5.3)
 	NOTE: Only triggerable through malicious script
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=306449
-CVE-2011-0419
+CVE-2011-0419 (Stack consumption vulnerability in the fnmatch implementation in apr_f ...)
 	{DSA-2237-2}
 	- apr 1.4.4-1 (low)
-CVE-2011-0418
+CVE-2011-0418 (The glob implementation in Pure-FTPd before 1.0.32, and in libc in Net ...)
 	- pure-ftpd 1.0.32-1 (unimportant)
 	NOTE: The attack could not be reproduced on Linux. The upstream change from 1.0.32
 	NOTE: only disables GLOB_BRACE, possibly to protect installations with a vulnerable libc
@@ -13168,104 +13168,104 @@ CVE-2011-0416
 	RESERVED
 CVE-2011-0415
 	RESERVED
-CVE-2011-0414
+CVE-2011-0414 (ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative s ...)
 	{DSA-2208-1}
 	- bind9 1:9.7.3.dfsg-1 (bug #601830)
 	[lenny] - bind9 <not-affected> (Introduced in 9.7.1)
-CVE-2011-0413
+CVE-2011-0413 (The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV ...)
 	{DSA-2184-1}
 	- isc-dhcp 4.1.1-P1-16 (bug #611217)
 	- dhcp3 <not-affected> (vuln code introduced in 4.0)
 	- dhcp <not-affected> (vuln code introduced in 4.0)
 	NOTE: maintainer is aware
 	NOTE: http://www.isc.org/software/dhcp/advisories/cve-2011-0413
-CVE-2011-0412
+CVE-2011-0412 (Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unenc ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2011-0411
+CVE-2011-0411 (The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x befo ...)
 	{DSA-2233-1}
 	- postfix 2.8.0-1 (bug #617849)
 	NOTE: http://www.securityfocus.com/archive/1/516901/30/0/threaded
 	NOTE: http://www.postfix.org/announcements/postfix-2.7.3.html
 	NOTE: http://www.postfix.org/CVE-2011-0411.html
 	NOTE: http://www.kb.cert.org/vuls/id/MAPG-8D9M5Q
-CVE-2011-0410
+CVE-2011-0410 (CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for networ ...)
 	NOT-FOR-US: CollabNet ScrumWorks Basic
 CVE-2011-0409
 	RESERVED
-CVE-2011-0408
+CVE-2011-0408 (pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cau ...)
 	- libpng <not-affected> (vulnerable code introduced in 1.5.0, not packaged)
-CVE-2011-0407
+CVE-2011-0407 (SQL injection vulnerability in the store function in _phenotype/system ...)
 	NOT-FOR-US: Phenotype CMS
-CVE-2011-0406
+CVE-2011-0406 (Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6. ...)
 	NOT-FOR-US: WellinTech KingView
-CVE-2011-0405
+CVE-2011-0405 (Directory traversal vulnerability in module.php in PhpGedView 4.2.3 an ...)
 	- phpgedview <removed>
-CVE-2011-0404
+CVE-2011-0404 (Stack-based buffer overflow in NetSupport Manager Agent for Linux 11.0 ...)
 	NOT-FOR-US: NetSupport Manager Agent for Linux
-CVE-2011-0403
+CVE-2011-0403 (Untrusted search path vulnerability in ImgBurn.exe in ImgBurn 2.4.0.0, ...)
 	NOT-FOR-US: ImgBurn
-CVE-2011-0402
+CVE-2011-0402 (dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted rem ...)
 	{DSA-2142-1}
 	- dpkg 1.15.8.8
-CVE-2011-0401
+CVE-2011-0401 (Piwik before 1.1 does not properly limit the number of files stored un ...)
 	- piwik <itp> (bug #506933)
-CVE-2011-0400
+CVE-2011-0400 (Cookie.php in Piwik before 1.1 does not set the secure flag for the se ...)
 	- piwik <itp> (bug #506933)
-CVE-2011-0399
+CVE-2011-0399 (Piwik before 1.1 does not prevent the rendering of the login form insi ...)
 	- piwik <itp> (bug #506933)
-CVE-2011-0398
+CVE-2011-0398 (The Piwik_Common::getIP function in Piwik before 1.1 does not properly ...)
 	- piwik <itp> (bug #506933)
 CVE-2011-0397
 	RESERVED
-CVE-2011-0396
+CVE-2011-0396 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0395
+CVE-2011-0395 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0394
+CVE-2011-0394 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0393
+CVE-2011-0393 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0392
+CVE-2011-0392 (Cisco TelePresence Recording Server devices with software 1.6.x do not ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0391
+CVE-2011-0391 (Cisco TelePresence Recording Server devices with software 1.6.x allow  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0390
+CVE-2011-0390 (The XML-RPC implementation on Cisco TelePresence Multipoint Switch (CT ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0389
+CVE-2011-0389 (Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0. ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0388
+CVE-2011-0388 (Cisco TelePresence Recording Server devices with software 1.6.x and Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0387
+CVE-2011-0387 (The administrative web interface on Cisco TelePresence Multipoint Swit ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0386
+CVE-2011-0386 (The XML-RPC implementation on Cisco TelePresence Recording Server devi ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0385
+CVE-2011-0385 (The administrative web interface on Cisco TelePresence Recording Serve ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0384
+CVE-2011-0384 (The Java Servlet framework on Cisco TelePresence Multipoint Switch (CT ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0383
+CVE-2011-0383 (The Java Servlet framework on Cisco TelePresence Recording Server devi ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0382
+CVE-2011-0382 (The CGI subsystem on Cisco TelePresence Recording Server devices with  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0381
+CVE-2011-0381 (Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0380
+CVE-2011-0380 (Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0379
+CVE-2011-0379 (Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 serie ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0378
+CVE-2011-0378 (The XML-RPC implementation on Cisco TelePresence endpoint devices with ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0377
+CVE-2011-0377 (Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0376
+CVE-2011-0376 (The TFTP implementation on Cisco TelePresence endpoint devices with so ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0375
+CVE-2011-0375 (The CGI implementation on Cisco TelePresence endpoint devices with sof ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0374
+CVE-2011-0374 (The CGI implementation on Cisco TelePresence endpoint devices with sof ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0373
+CVE-2011-0373 (The CGI implementation on Cisco TelePresence endpoint devices with sof ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0372
+CVE-2011-0372 (The CGI implementation on Cisco TelePresence endpoint devices with sof ...)
 	NOT-FOR-US: Cisco
 CVE-2011-0371
 	RESERVED
@@ -13281,7 +13281,7 @@ CVE-2011-0366
 	RESERVED
 CVE-2011-0365
 	RESERVED
-CVE-2011-0364
+CVE-2011-0364 (The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2 ...)
 	NOT-FOR-US: Cisco Security Agent Management
 CVE-2011-0363
 	RESERVED
@@ -13299,35 +13299,35 @@ CVE-2011-0357
 	RESERVED
 CVE-2011-0356
 	RESERVED
-CVE-2011-0355
+CVE-2011-0355 (Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-0354
+CVE-2011-0354 (The default configuration of Cisco Tandberg C Series Endpoints, and Ta ...)
 	NOT-FOR-US: Cisco
 CVE-2011-0353
 	RESERVED
-CVE-2011-0352
+CVE-2011-0352 (Buffer overflow in the web-based management interface on the Cisco Lin ...)
 	NOT-FOR-US: Linksys router
 CVE-2011-0351
 	RESERVED
-CVE-2011-0350
+CVE-2011-0350 (Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 o ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-0349
+CVE-2011-0349 (Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 o ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-0348
+CVE-2011-0348 (Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(2 ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2011-0347
+CVE-2011-0347 (Microsoft Internet Explorer on Windows XP allows remote attackers to t ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0346
+CVE-2011-0346 (Use-after-free vulnerability in the ReleaseInterface function in MSHTM ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0345
+CVE-2011-0345 (Directory traversal vulnerability in the NMS server in Alcatel-Lucent  ...)
 	NOT-FOR-US: Alcatel-Lucent OmniVista
-CVE-2011-0344
+CVE-2011-0344 (Multiple stack-based buffer overflows in unspecified CGI programs in t ...)
 	NOT-FOR-US: Unified Maintenance Tool
-CVE-2011-0342
+CVE-2011-0342 (Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in  ...)
 	NOT-FOR-US: InduSoft ISSymbol ActiveX
-CVE-2011-0341
+CVE-2011-0341 (Stack-based buffer overflow in the pdfmoz_onmouse function in apps/moz ...)
 	NOT-FOR-US: MuPDF plug-in for Firefox
-CVE-2011-0340
+CVE-2011-0340 (Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol. ...)
 	NOT-FOR-US: ISSymbol.ocx
 CVE-2011-0339
 	RESERVED
@@ -13337,19 +13337,19 @@ CVE-2011-0337
 	RESERVED
 CVE-2011-0336
 	RESERVED
-CVE-2011-0335
+CVE-2011-0335 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attacker ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0334
+CVE-2011-0334 (Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent (G ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-0333
+CVE-2011-0333 (Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf func ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2011-0332
+CVE-2011-0332 (Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom b ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2011-0331
+CVE-2011-0331 (Use-after-free vulnerability in the addOSPLext method in the Honeywell ...)
 	NOT-FOR-US: Honeywell ScanServer
-CVE-2011-0330
+CVE-2011-0330 (The Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx  ...)
 	NOT-FOR-US: Dell System Lite
-CVE-2011-0329
+CVE-2011-0329 (Directory traversal vulnerability in the GetData method in the Dell De ...)
 	NOT-FOR-US: Dell System Lite
 CVE-2011-0328
 	RESERVED
@@ -13359,35 +13359,35 @@ CVE-2011-0326
 	RESERVED
 CVE-2011-0325
 	RESERVED
-CVE-2011-0324
+CVE-2011-0324 (Multiple heap-based buffer overflows in Topaz Systems SigPlus Pro Acti ...)
 	NOT-FOR-US: Topaz Systems SigPlus
-CVE-2011-0323
+CVE-2011-0323 (Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other ver ...)
 	NOT-FOR-US: Topaz Systems SigPlus
-CVE-2011-0322
+CVE-2011-0322 (Unspecified vulnerability in EMC RSA Access Manager Server 5.5.x, 6.0. ...)
 	NOT-FOR-US: EMC RSA Access Manager Server
-CVE-2011-0321
+CVE-2011-0321 (librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before ...)
 	NOT-FOR-US: EMC NetWorker
-CVE-2011-0320
+CVE-2011-0320 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attacker ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0319
+CVE-2011-0319 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attacker ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0318
+CVE-2011-0318 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attacker ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0317
+CVE-2011-0317 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attacker ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-0316
+CVE-2011-0316 (The Administrative Console component in IBM WebSphere Application Serv ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2011-0315
+CVE-2011-0315 (Cross-site scripting (XSS) vulnerability in the Servlet Engine / Web C ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2011-0314
+CVE-2011-0314 (Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and ...)
 	NOT-FOR-US: IBM WebSphere MQ
 CVE-2011-0313
 	RESERVED
 CVE-2011-0312
 	RESERVED
-CVE-2011-0311
+CVE-2011-0311 (The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IB ...)
 	NOT-FOR-US: IBM Java
-CVE-2011-0310
+CVE-2011-0310 (Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote a ...)
 	NOT-FOR-US: IBM WebSphere MQ
 CVE-2011-0309
 	RESERVED
@@ -13425,17 +13425,17 @@ CVE-2011-0293
 	RESERVED
 CVE-2011-0292
 	RESERVED
-CVE-2011-0291
+CVE-2011-0291 (The BlackBerry PlayBook service on the Research In Motion (RIM) BlackB ...)
 	NOT-FOR-US: BlackBarry PlayBook
-CVE-2011-0290
+CVE-2011-0290 (The BlackBerry Collaboration Service in Research In Motion (RIM) Black ...)
 	NOT-FOR-US: BlackBerry Enterprise Server
 CVE-2011-0289
 	RESERVED
 CVE-2011-0288
 	RESERVED
-CVE-2011-0287
+CVE-2011-0287 (Unspecified vulnerability in the BlackBerry Administration API in Rese ...)
 	NOT-FOR-US: BlackBerry products
-CVE-2011-0286
+CVE-2011-0286 (Cross-site scripting (XSS) vulnerability in webdesktop/app in the Blac ...)
 	NOT-FOR-US: BlackBerry Enterprise Server
 CVE-2011-XXXX
 	- xdigger <removed> (bug #609096)
@@ -13450,10 +13450,10 @@ CVE-2011-XXXX [Crash with long HOME environment variable]
 CVE-2011-XXXX [Crash with long GGI_DISPLAY environment variable]
 	- libggi <removed> (bug #608981)
 	[squeeze] - libggi <no-dsa> (Minor issue)
-CVE-2011-0343
+CVE-2011-0343 (Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeB ...)
 	- syslog-ng 3.1.3-2 (bug #608491)
 	[lenny] - syslog-ng <not-affected> (2.0 not affected, also Freebsd-specific, which is not supported in Lenny anyway)
-CVE-2011-0285
+CVE-2011-0285 (The process_chpw_request function in schpw.c in the password-changing  ...)
 	- krb5 1.9.1+dfsg-1 (bug #622681)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze1
 	[lenny] - krb5 <not-affected> (see below)
@@ -13464,371 +13464,371 @@ CVE-2011-0285
 	NOTE: Those later releases add support for password changing over TCP, and
 	NOTE: the error path in the TCP handling code is what frees the
 	NOTE: uninitialized pointer. (Clarification by Tom Yu)
-CVE-2011-0284
+CVE-2011-0284 (Double free vulnerability in the prepare_error_as function in do_as_re ...)
 	- krb5 1.8.3+dfsg-6 (low; bug #618517)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze1
 	[lenny] - krb5 <no-dsa> (Will be fixed through a point update)
-CVE-2011-0283
+CVE-2011-0283 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 all ...)
 	- krb5 <not-affected> (Only affects 1.9.x)
 	[squeeze] - krb5 <no-dsa> (minor issue)
 	[lenny] - krb5 <no-dsa> (minor issue)
-CVE-2011-0282
+CVE-2011-0282 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x t ...)
 	- krb5 1.8.3+dfsg-5
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze1
 	[lenny] - krb5 <no-dsa> (Will be fixed in a point update)
-CVE-2011-0281
+CVE-2011-0281 (The unparse implementation in the Key Distribution Center (KDC) in MIT ...)
 	- krb5 1.8.3+dfsg-5
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze1
 	[lenny] - krb5 <no-dsa> (Will be fixed in a point update)
-CVE-2011-0280
+CVE-2011-0280 (Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manage ...)
 	NOT-FOR-US: HP Power Manager
-CVE-2011-0279
+CVE-2011-0279 (HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91. ...)
 	NOT-FOR-US: HP Multifunction Peripheral
-CVE-2011-0278
+CVE-2011-0278 (Unspecified vulnerability in HP Web Jetadmin 10.2 Service Release 3 an ...)
 	NOT-FOR-US: HP Web Jetadmin
-CVE-2011-0277
+CVE-2011-0277 (Cross-site request forgery (CSRF) vulnerability in HP Power Manager (H ...)
 	NOT-FOR-US: HP Power Manager
-CVE-2011-0276
+CVE-2011-0276 (HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 c ...)
 	NOT-FOR-US: HP OpenView Performance Insight Server
-CVE-2011-0275
+CVE-2011-0275 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6 ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-0274
+CVE-2011-0274 (Cross-site scripting (XSS) vulnerability in HP Business Availability C ...)
 	NOT-FOR-US: HP Business Availability
-CVE-2011-0273
+CVE-2011-0273 (Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell  ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
-CVE-2011-0272
+CVE-2011-0272 (Unspecified vulnerability in HP LoadRunner 9.52 allows remote attacker ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2011-0271
+CVE-2011-0271 (The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and  ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-0270
+CVE-2011-0270 (Format string vulnerability in nnmRptConfig.exe in HP OpenView Network ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-0269
+CVE-2011-0269 (Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manage ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-0268
+CVE-2011-0268 (Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manage ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-0267
+CVE-2011-0267 (Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network N ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-0266
+CVE-2011-0266 (Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manage ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-0265
+CVE-2011-0265 (Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manage ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-0264
+CVE-2011-0264 (Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node  ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-0263
+CVE-2011-0263 (Multiple stack-based buffer overflows in ovas.exe in the OVAS service  ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-0262
+CVE-2011-0262 (Buffer overflow in the stringToSeconds function in ovutil.dll in ovweb ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-0261
+CVE-2011-0261 (Unspecified vulnerability in jovgraph.exe in jovgraph in HP OpenView N ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-0260
+CVE-2011-0260 (The CoreProcesses component in Apple Mac OS X 10.7 before 10.7.2 does  ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0259
+CVE-2011-0259 (CoreFoundation, as used in Apple iTunes before 10.5, does not properly ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2011-0258
+CVE-2011-0258 (Apple QuickTime before 7.7 on Windows allows remote attackers to execu ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0257
+CVE-2011-0257 (Integer signedness error in Apple QuickTime before 7.7 allows remote a ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0256
+CVE-2011-0256 (Integer overflow in Apple QuickTime before 7.7 allows remote attackers ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0255
+CVE-2011-0255 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0254
+CVE-2011-0254 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0253
+CVE-2011-0253 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0252
+CVE-2011-0252 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0251
+CVE-2011-0251 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0250
+CVE-2011-0250 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0249
+CVE-2011-0249 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0248
+CVE-2011-0248 (Stack-based buffer overflow in the QuickTime ActiveX control in Apple  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0247
+CVE-2011-0247 (Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0246
+CVE-2011-0246 (Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows al ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0245
+CVE-2011-0245 (Buffer overflow in Apple QuickTime before 7.7 allows remote attackers  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2011-0244
+CVE-2011-0244 (WebKit in Apple Safari before 5.0.6 allows user-assisted remote attack ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-0243
 	RESERVED
-CVE-2011-0242
+CVE-2011-0242 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0241
+CVE-2011-0241 (Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 all ...)
 	NOT-FOR-US: Apple Safari
-CVE-2011-0240
+CVE-2011-0240 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-0239
 	RESERVED
-CVE-2011-0238
+CVE-2011-0238 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0237
+CVE-2011-0237 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-0236
 	RESERVED
-CVE-2011-0235
+CVE-2011-0235 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0234
+CVE-2011-0234 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0233
+CVE-2011-0233 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0232
+CVE-2011-0232 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0231
+CVE-2011-0231 (CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0230
+CVE-2011-0230 (Buffer overflow in the ATSFontDeactivate API in Apple Type Services (A ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0229
+CVE-2011-0229 (Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not pr ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0228
+CVE-2011-0228 (The Data Security component in Apple iOS before 4.2.10 and 4.3.x befor ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-0227
+CVE-2011-0227 (The queueing primitives in IOMobileFrameBuffer in Apple iOS before 4.2 ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-0226
+CVE-2011-0226 (Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, ...)
 	{DSA-2294-1}
 	- freetype 2.4.6-1 (bug #635871)
-CVE-2011-0225
+CVE-2011-0225 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0224
+CVE-2011-0224 (CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0223
+CVE-2011-0223 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0222
+CVE-2011-0222 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0221
+CVE-2011-0221 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-0220
 	RESERVED
-CVE-2011-0219
+CVE-2011-0219 (Apple Safari before 5.0.6 allows remote attackers to bypass the Same O ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0218
+CVE-2011-0218 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0217
+CVE-2011-0217 (Apple Safari before 5.0.6 provides AutoFill information to scripts tha ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0216
+CVE-2011-0216 (Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote  ...)
 	{DSA-2394-1}
 	- libxml2 2.7.8.dfsg-5.1 (bug #652352)
-CVE-2011-0215
+CVE-2011-0215 (ImageIO in Apple Safari before 5.0.6 on Windows does not properly addr ...)
 	NOT-FOR-US: ImageIO in Apple Safari
-CVE-2011-0214
+CVE-2011-0214 (CFNetwork in Apple Safari before 5.0.6 on Windows does not properly ha ...)
 	NOT-FOR-US: CFNetwork in Apple Safari
-CVE-2011-0213
+CVE-2011-0213 (Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows re ...)
 	NOT-FOR-US: QuickTime in Apple Mac OS
-CVE-2011-0212
+CVE-2011-0212 (servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0211
+CVE-2011-0211 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows r ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0210
+CVE-2011-0210 (QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to e ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0209
+CVE-2011-0209 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows r ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0208
+CVE-2011-0208 (QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0207
+CVE-2011-0207 (The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartex ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0206
+CVE-2011-0206 (Buffer overflow in International Components for Unicode (ICU) in Apple ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0205
+CVE-2011-0205 (Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0204
+CVE-2011-0204 (Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0203
+CVE-2011-0203 (Absolute path traversal vulnerability in xftpd in the FTP Server compo ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0202
+CVE-2011-0202 (Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allow ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0201
+CVE-2011-0201 (Off-by-one error in the CoreFoundation framework in Apple Mac OS X bef ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0200
+CVE-2011-0200 (Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows r ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0199
+CVE-2011-0199 (The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0198
+CVE-2011-0198 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac O ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0197
+CVE-2011-0197 (App Store in Apple Mac OS X before 10.6.8 creates a log entry containi ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0196
+CVE-2011-0196 (AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0195
+CVE-2011-0195 (The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4. ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-0194
+CVE-2011-0194 (Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allow ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0193
+CVE-2011-0193 (Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0192
+CVE-2011-0192 (Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other vers ...)
 	{DSA-2210-1}
 	- tiff 3.9.4-7
 	- tiff3 <not-affected> (fixed before initial upload)
-CVE-2011-0191
+CVE-2011-0191 (Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used  ...)
 	{DSA-2210-1}
 	- tiff 3.9.4-1
 	- tiff3 <not-affected> (fixed before initial upload)
 	NOTE: This might've been fixed earlier even
-CVE-2011-0190
+CVE-2011-0190 (Install Helper in Installer in Apple Mac OS X before 10.6.7 does not p ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0189
+CVE-2011-0189 (The default configuration of Terminal in Apple Mac OS X 10.6 before 10 ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0188
+CVE-2011-0188 (The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Rub ...)
 	{DLA-235-1 DLA-88-1}
 	- ruby1.8 1.8.7.352-1 (bug #628452)
 	- ruby1.9 <removed> (bug #628451)
 	- ruby1.9.1 1.9.2.290-1 (bug #628450)
-CVE-2011-0187
+CVE-2011-0187 (The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0186
+CVE-2011-0186 (QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to e ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0185
+CVE-2011-0185 (Format string vulnerability in the debug-logging feature in Applicatio ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2011-0184
+CVE-2011-0184 (QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0183
+CVE-2011-0183 (Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an un ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0182
+CVE-2011-0182 (The i386_set_ldt system call in the kernel in Apple Mac OS X before 10 ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0181
+CVE-2011-0181 (Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows rem ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0180
+CVE-2011-0180 (Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local u ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0179
+CVE-2011-0179 (CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to ex ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0178
+CVE-2011-0178 (The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 pro ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0177
+CVE-2011-0177 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0176
+CVE-2011-0176 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0175
+CVE-2011-0175 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0174
+CVE-2011-0174 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac O ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0173
+CVE-2011-0173 (Multiple format string vulnerabilities in AppleScript in Apple Mac OS  ...)
 	NOT-FOR-US: Apple Mac OS
-CVE-2011-0172
+CVE-2011-0172 (AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers t ...)
 	NOT-FOR-US: Apple Mac OS
 CVE-2011-0171
 	RESERVED
-CVE-2011-0170
+CVE-2011-0170 (Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes  ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2011-0169
+CVE-2011-0169 (WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, d ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0168
+CVE-2011-0168 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0167
+CVE-2011-0167 (The windows functionality in WebKit in Apple Safari before 5.0.4 allow ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0166
+CVE-2011-0166 (The HTML5 drag and drop functionality in WebKit in Apple Safari before ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0165
+CVE-2011-0165 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0164
+CVE-2011-0164 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0163
+CVE-2011-0163 (WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0162
+CVE-2011-0162 (Wi-Fi in Apple iOS before 4.3 and Apple TV before 4.2 does not properl ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-0161
+CVE-2011-0161 (WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0160
+CVE-2011-0160 (WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0159
+CVE-2011-0159 (The Safari Settings feature in Safari in Apple iOS 4.x before 4.3 does ...)
 	NOT-FOR-US: Safari in Apple iOS
-CVE-2011-0158
+CVE-2011-0158 (MobileSafari in Apple iOS before 4.3 does not properly implement appli ...)
 	NOT-FOR-US: MobileSafari in Apple iOS
-CVE-2011-0157
+CVE-2011-0157 (WebKit, as used in Apple iOS before 4.3, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0156
+CVE-2011-0156 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0155
+CVE-2011-0155 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0154
+CVE-2011-0154 (WebKit, as used in Apple iTunes before 10.2 on Windows and Apple iOS,  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0153
+CVE-2011-0153 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0152
+CVE-2011-0152 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0151
+CVE-2011-0151 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0150
+CVE-2011-0150 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0149
+CVE-2011-0149 (WebKit, as used in Apple iTunes before 10.2 on Windows, does not prope ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0148
+CVE-2011-0148 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0147
+CVE-2011-0147 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0146
+CVE-2011-0146 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0145
+CVE-2011-0145 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0144
+CVE-2011-0144 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0143
+CVE-2011-0143 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0142
+CVE-2011-0142 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0141
+CVE-2011-0141 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0140
+CVE-2011-0140 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0139
+CVE-2011-0139 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0138
+CVE-2011-0138 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0137
+CVE-2011-0137 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0136
+CVE-2011-0136 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0135
+CVE-2011-0135 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0134
+CVE-2011-0134 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0133
+CVE-2011-0133 (WebKit, as used in Apple iTunes before 10.2 on Windows, does not prope ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0132
+CVE-2011-0132 (Use-after-free vulnerability in the Runin box functionality in the Cas ...)
 	NOT-FOR-US: Apple
-CVE-2011-0131
+CVE-2011-0131 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0130
+CVE-2011-0130 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0129
+CVE-2011-0129 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0128
+CVE-2011-0128 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0127
+CVE-2011-0127 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0126
+CVE-2011-0126 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0125
+CVE-2011-0125 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0124
+CVE-2011-0124 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0123
+CVE-2011-0123 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0122
+CVE-2011-0122 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0121
+CVE-2011-0121 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0120
+CVE-2011-0120 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0119
+CVE-2011-0119 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0118
+CVE-2011-0118 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0117
+CVE-2011-0117 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0116
+CVE-2011-0116 (Use-after-free vulnerability in the setOuterText method in the htmlele ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0115
+CVE-2011-0115 (The DOM level 2 implementation in WebKit, as used in Apple iTunes befo ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0114
+CVE-2011-0114 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0113
+CVE-2011-0113 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0112
+CVE-2011-0112 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0111
+CVE-2011-0111 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in- ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-0110
 	REJECTED
@@ -13836,51 +13836,51 @@ CVE-2011-0109
 	REJECTED
 CVE-2011-0108
 	REJECTED
-CVE-2011-0107
+CVE-2011-0107 (Untrusted search path vulnerability in Microsoft Office XP SP3, Office ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2011-0106
 	REJECTED
-CVE-2011-0105
+CVE-2011-0105 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML F ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-0104
+CVE-2011-0104 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, a ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-0103
+CVE-2011-0103 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, a ...)
 	NOT-FOR-US: Microsoft Excel
 CVE-2011-0102
 	REJECTED
-CVE-2011-0101
+CVE-2011-0101 (Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary  ...)
 	NOT-FOR-US: Microsoft Excel
 CVE-2011-0100
 	REJECTED
 CVE-2011-0099
 	REJECTED
-CVE-2011-0098
+CVE-2011-0098 (Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 S ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-0097
+CVE-2011-0097 (Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-0096
+CVE-2011-0096 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Window ...)
 	NOT-FOR-US: Microsoft mhtml
 CVE-2011-0095
 	REJECTED
-CVE-2011-0094
+CVE-2011-0094 (Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 al ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0093
+CVE-2011-0093 (ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does  ...)
 	NOT-FOR-US: Microsoft Visio
-CVE-2011-0092
+CVE-2011-0092 (The LZW stream decompression functionality in ORMELEMS.DLL in Microsof ...)
 	NOT-FOR-US: Microsoft Visio
-CVE-2011-0091
+CVE-2011-0091 (Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does not pr ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0090
+CVE-2011-0090 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0089
+CVE-2011-0089 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0088
+CVE-2011-0088 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0087
+CVE-2011-0087 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0086
+CVE-2011-0086 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0085
+CVE-2011-0085 (Use-after-free vulnerability in the nsXULCommandDispatcher function in ...)
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
 	- xulrunner <removed> (unimportant)
@@ -13891,7 +13891,7 @@ CVE-2011-0085
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0084
+CVE-2011-0084 (The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox be ...)
 	{DSA-2297-1 DSA-2296-1 DSA-2295-1}
 	- icedove 3.1.12-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox >= 3.6)
@@ -13900,7 +13900,7 @@ CVE-2011-0084
 	- iceape 2.0.14-5
 	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-0083
+CVE-2011-0083 (Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem func ...)
 	{DSA-2273-3 DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
 	- xulrunner <removed> (unimportant)
@@ -13911,15 +13911,15 @@ CVE-2011-0083
 	- icedove 3.1.11-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0082
+CVE-2011-0082 (The X.509 certificate validation functionality in Mozilla Firefox 4.0. ...)
 	- xulrunner <removed> (unimportant)
 	- iceweasel <removed> (unimportant; bug #627552)
 	NOTE: Negligible impact
-CVE-2011-0081
+CVE-2011-0081 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6 ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <not-affected> (Only affects Firefox 4.0/3.6, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 4.0/3.6, not yet in unstable)
-CVE-2011-0080
+CVE-2011-0080 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13929,10 +13929,10 @@ CVE-2011-0080
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0079
+CVE-2011-0079 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- xulrunner <not-affected> (Only affects Firefox 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 4.0, not yet in unstable)
-CVE-2011-0078
+CVE-2011-0078 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5 ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13942,7 +13942,7 @@ CVE-2011-0078
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0077
+CVE-2011-0077 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5 ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13952,10 +13952,10 @@ CVE-2011-0077
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0076
+CVE-2011-0076 (Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozill ...)
 	- xulrunner <not-affected> (Only affects MacOS X)
 	- iceweasel <not-affected> (Only affects MacOS X)
-CVE-2011-0075
+CVE-2011-0075 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5 ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13965,7 +13965,7 @@ CVE-2011-0075
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0074
+CVE-2011-0074 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5 ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13975,7 +13975,7 @@ CVE-2011-0074
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0073
+CVE-2011-0073 (Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey b ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13983,7 +13983,7 @@ CVE-2011-0073
 	- iceape 2.0.14-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0072
+CVE-2011-0072 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5 ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -13993,7 +13993,7 @@ CVE-2011-0072
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0071
+CVE-2011-0071 (Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -14003,7 +14003,7 @@ CVE-2011-0071
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0070
+CVE-2011-0070 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5 ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -14013,7 +14013,7 @@ CVE-2011-0070
 	- icedove 3.1.10-1
 	[lenny] - icedove <end-of-life>
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0069
+CVE-2011-0069 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5 ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <not-affected> (Vulnerable code not present)
 	- iceweasel 3.5.19-1
@@ -14026,7 +14026,7 @@ CVE-2011-0068
 	RESERVED
 	- xulrunner <not-affected> (Only affects Firefox 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 4.0, not yet in unstable)
-CVE-2011-0067
+CVE-2011-0067 (Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey b ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -14034,7 +14034,7 @@ CVE-2011-0067
 	- iceape 2.0.14-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0066
+CVE-2011-0066 (Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6. ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -14043,7 +14043,7 @@ CVE-2011-0066
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.1.15-1+b1
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0065
+CVE-2011-0065 (Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6. ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
 	- xulrunner <removed> (unimportant)
 	- iceweasel 3.5.19-1
@@ -14052,22 +14052,22 @@ CVE-2011-0065
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.1.15-1+b1
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0064
+CVE-2011-0064 (The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in P ...)
 	{DSA-2178-1}
 	- pango1.0 1.28.3-2~sid1
 	[wheezy] - pango1.0 1.28.3-1+squeeze2
 	[lenny] - pango1.0 <not-affected> (introduced in code cleanup)
-CVE-2011-0063
+CVE-2011-0063 (The _list_file_get function in lib/Majordomo.pm in Majordomo 2 2011020 ...)
 	NOT-FOR-US: Majordomo
-CVE-2011-0062
+CVE-2011-0062 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- xulrunner <not-affected> (Only affects Firefox 3.6, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 3.6, not yet in unstable)
-CVE-2011-0061
+CVE-2011-0061 (Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird be ...)
 	- xulrunner <not-affected> (Only affects Firefox 3.6, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 3.6, not yet in unstable)
 CVE-2011-0060
 	REJECTED
-CVE-2011-0059
+CVE-2011-0059 (Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox bef ...)
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14078,11 +14078,11 @@ CVE-2011-0059
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0058
+CVE-2011-0058 (Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6. ...)
 	- icedove <not-affected> (Windows-specific)
 	- xulrunner <not-affected> (Windows-specific)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2011-0057
+CVE-2011-0057 (Use-after-free vulnerability in the Web Workers implementation in Mozi ...)
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14091,7 +14091,7 @@ CVE-2011-0057
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-0056
+CVE-2011-0056 (Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5 ...)
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14102,7 +14102,7 @@ CVE-2011-0056
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0055
+CVE-2011-0055 (Use-after-free vulnerability in the JSON.stringify method in js3250.dl ...)
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14111,7 +14111,7 @@ CVE-2011-0055
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-0054
+CVE-2011-0054 (Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5 ...)
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14120,7 +14120,7 @@ CVE-2011-0054
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-0053
+CVE-2011-0053 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14133,7 +14133,7 @@ CVE-2011-0053
 	NOTE: xulrunner in wheezy is not covered by security support
 CVE-2011-0052
 	RESERVED
-CVE-2011-0051
+CVE-2011-0051 (Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey b ...)
 	{DSA-2187-1 DSA-2186-1 DSA-2180-1}
 	- icedove 3.0.11-2
 	[lenny] - icedove <end-of-life>
@@ -14144,150 +14144,150 @@ CVE-2011-0051
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2011-0050
+CVE-2011-0050 (Cross-site scripting (XSS) vulnerability in the nonjs interface (inter ...)
 	{DSA-2158-1}
 	- cgiirc 0.5.9-3.1 (bug #612671)
-CVE-2011-0049
+CVE-2011-0049 (Directory traversal vulnerability in the _list_file_get function in li ...)
 	NOT-FOR-US: Majordomo
-CVE-2011-0048
+CVE-2011-0048 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4 ...)
 	{DSA-2322-1}
 	- bugzilla <removed> (bug #611176)
 	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
-CVE-2011-0047
+CVE-2011-0047 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 al ...)
 	- mediawiki 1:1.15.5-3 (low; bug #611787)
 	[lenny] - mediawiki 1:1.12.0-2lenny8 (low; bug #611787)
 	[squeeze] - mediawiki 1:1.15.5-2squeeze1 (low; bug #611787)
-CVE-2011-0046
+CVE-2011-0046 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla ...)
 	{DSA-2322-1}
 	- bugzilla <removed> (bug #611176)
 	[squeeze] - bugzilla 3.6.2.0-4.4
 	NOTE: http://www.bugzilla.org/security/3.2.9/
-CVE-2011-0045
+CVE-2011-0045 (The Trace Events functionality in the kernel in Microsoft Windows XP S ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-0044
 	REJECTED
-CVE-2011-0043
+CVE-2011-0043 (Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 suppo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0042
+CVE-2011-0042 (SBE.dll in the Stream Buffer Engine in Windows Media Player and Window ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0041
+CVE-2011-0041 (Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 an ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0040
+CVE-2011-0040 (The server in Microsoft Active Directory on Windows Server 2003 SP2 do ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0039
+CVE-2011-0039 (The Local Security Authority Subsystem Service (LSASS) in Microsoft Wi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0038
+CVE-2011-0038 (Untrusted search path vulnerability in Microsoft Internet Explorer 8 m ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0037
+CVE-2011-0037 (Microsoft Malware Protection Engine before 1.1.6603.0, as used in Micr ...)
 	NOT-FOR-US: Microsoft Malware Protection Engine
-CVE-2011-0036
+CVE-2011-0036 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0035
+CVE-2011-0035 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0034
+CVE-2011-0034 (Stack-based buffer overflow in the OpenType Compact Font Format (aka O ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0033
+CVE-2011-0033 (The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0032
+CVE-2011-0032 (Untrusted search path vulnerability in DirectShow in Microsoft Windows ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0031
+CVE-2011-0031 (The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in Microsof ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0030
+CVE-2011-0030 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0029
+CVE-2011-0029 (Untrusted search path vulnerability in the client in Microsoft Remote  ...)
 	NOT-FOR-US: Microsoft
-CVE-2011-0028
+CVE-2011-0028 (WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does n ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0027
+CVE-2011-0027 (Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows D ...)
 	NOT-FOR-US: Microsoft Data Access Components
-CVE-2011-0026
+CVE-2011-0026 (Integer signedness error in the SQLConnectW function in an ODBC API (o ...)
 	NOT-FOR-US: Microsoft Data Access Components
 CVE-2011-XXXX [remote DoS when case of the characters of a nickname is modified]
 	- bip 0.8.7-1
 	[squeeze] - bip 0.8.2-1squeeze3
 	[lenny] - bip <not-affected> (Vulnerable code not present)
-CVE-2011-0025
+CVE-2011-0025 (IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does  ...)
 	{DSA-2224-1}
 	- openjdk-6 6b18-1.8.5-1
 	[squeeze] - openjdk-6 <no-dsa> (bug #614151)
 	[lenny] - openjdk-6 <no-dsa> (bug #614151)
-CVE-2011-0024
+CVE-2011-0024 (Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 ...)
 	- wireshark 1.2-0-1
 CVE-2011-0023
 	RESERVED
-CVE-2011-0022
+CVE-2011-0022 (The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory ...)
 	NOT-FOR-US: 389 LDAP server
-CVE-2011-0522
+CVE-2011-0522 (The StripTags function in (1) the USF decoder (modules/codec/subtitles ...)
 	- vlc 1.1.3-1squeeze2
 	[lenny] - vlc 0.8.6.h-4+lenny3
-CVE-2011-0021
+CVE-2011-0021 (Multiple heap-based buffer overflows in cdg.c in the CDG decoder in Vi ...)
 	- vlc 1.1.3-1squeeze2
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=f9b664eac0e1a7bceed9d7b5854fd9fc351b4aab
-CVE-2011-0020
+CVE-2011-0020 (Heap-based buffer overflow in the pango_ft2_font_render_box_glyph func ...)
 	- pango1.0 1.28.3-1+squeeze1 (bug #610792)
-CVE-2011-0019
+CVE-2011-0019 (slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Dire ...)
 	NOT-FOR-US: 389 LDAP server
-CVE-2011-0018
+CVE-2011-0018 (The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1. ...)
 	NOT-FOR-US: OpenVAS Manager
-CVE-2011-0017
+CVE-2011-0017 (The open_log function in log.c in Exim 4.72 and earlier does not check ...)
 	{DSA-2154-1}
 	- exim4 4.72-4
-CVE-2011-0016
+CVE-2011-0016 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properl ...)
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
-CVE-2011-0015
+CVE-2011-0015 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properl ...)
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
-CVE-2011-0014
+CVE-2011-0014 (ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c ...)
 	{DSA-2162-1}
 	- openssl 0.9.8o-5 (low)
 	[lenny] - openssl <not-affected> (Only 0.9.8h through 0.9.8q are affected)
-CVE-2011-0013
+CVE-2011-0013 (Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manage ...)
 	{DSA-2160-1}
 	- tomcat5.5 <removed> (low)
 	[lenny] - tomcat5.5 <no-dsa> (Minor issue)
 	- tomcat6 6.0.28-10 (bug #612257)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2011-0012
+CVE-2011-0012 (The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly othe ...)
 	- spice-xpi <removed>
 	[jessie] - spice-xpi <end-of-life> (Broken with newer Firefox versions)
-CVE-2011-0011
+CVE-2011-0011 (qemu-kvm before 0.11.0 disables VNC authentication when the password i ...)
 	{DSA-2230-1}
 	- qemu-kvm 0.14.0+dfsg-1~tls (low; bug #611134)
 	- kvm <not-affected> (Vulnerable code not present)
 	NOTE: Harmless implementation bug, see discussion in #611134
-CVE-2011-0010
+CVE-2011-0010 (check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured ...)
 	- sudo 1.7.4p4-6 (bug #609641)
 	[lenny] - sudo <not-affected> (Only affects 1.7.x)
 	[squeeze] - sudo 1.7.4p4-2.squeeze.1
 	NOTE: http://www.sudo.ws/sudo/alerts/runas_group_pw.html
-CVE-2011-0009
+CVE-2011-0009 (Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc ...)
 	{DSA-2150-1}
 	- request-tracker3.8 3.8.8-7
-CVE-2011-0008
+CVE-2011-0008 (A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fe ...)
 	- sudo <not-affected> (Fedora-specific issue)
-CVE-2011-0007
+CVE-2011-0007 (pimd 2.1.5 and possibly earlier versions allows user-assisted local us ...)
 	{DSA-2147-1}
 	- pimd 2.1.6-1 (unimportant; bug #609304)
 	[squeeze] - pimd 2.1.1-1.1 (unimportant; bug #609304)
-CVE-2011-0006
+CVE-2011-0006 (The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c  ...)
 	- linux-2.6 2.6.32-30
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.30)
-CVE-2011-0005
+CVE-2011-0005 (Cross-site scripting (XSS) vulnerability in the com_search module for  ...)
 	NOT-FOR-US: Joomla!
-CVE-2011-0004
+CVE-2011-0004 (Multiple cross-site scripting (XSS) vulnerabilities in Piwik before 1. ...)
 	- piwik <itp> (bug #506933)
-CVE-2011-0003
+CVE-2011-0003 (MediaWiki before 1.16.1, when user or site JavaScript or CSS is enable ...)
 	{DTSA-207-1}
 	- mediawiki 1:1.15.5-2
 	[lenny] - mediawiki 1:1.12.0-2lenny7
-CVE-2011-0002
+CVE-2011-0002 (libuser before 0.57 uses a cleartext password value of (1) !! or (2) x ...)
 	- libuser 1:0.56.9.dfsg.1-1.1 (bug #610034)
-CVE-2011-0001
+CVE-2011-0001 (Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/ ...)
 	{DSA-2209-1}
 	- tgt 1:1.0.4-3
-CVE-2011-1072
+CVE-2011-1072 (The installer in PEAR before 1.9.2 allows local users to overwrite arb ...)
 	{DSA-2408-1}
 	- php5 5.3.6-1 (low; bug #546164)
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index eadc5798e0..d1bc92345e 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -1,6 +1,6 @@
-CVE-2012-6710
+CVE-2012-6710 (ext_find_user in eXtplorer through 2.1.2 allows remote attackers to by ...)
 	- extplorer <removed>
-CVE-2012-6709
+CVE-2012-6709 (ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Valid ...)
 	[experimental] - elinks 0.13~20190125-1
 	- elinks 0.13~20190125-3 (low; bug #891575)
 	[stretch] - elinks <ignored> (Minor issue)
@@ -11,7 +11,7 @@ CVE-2012-6709
 	NOTE: tested links2 against badssl.com, no apparent issue back in wheezy
 	NOTE: src:links2/2.6-1 adds verify-ssl-certs-510417.diff to verify SSL certs.
 	NOTE: src:links2 upstream in 2.11 adds support for verifying SSL certificates.
-CVE-2012-6708
+CVE-2012-6708 (jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attack ...)
 	- jquery 1.11.3+dfsg-1
 	[jessie] - jquery <ignored> (Too intrusive to backport)
 	[wheezy] - jquery <ignored> (Too invasive to fix)
@@ -19,7 +19,7 @@ CVE-2012-6708
 	NOTE: https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457d
 	NOTE: https://snyk.io/vuln/npm:jquery:20120206
 	NOTE: 1.9 release introduced backwards incompatible changes to fix this, so may be too invasive to fix
-CVE-2012-6707
+CVE-2012-6707 (WordPress through 4.8.2 uses a weak MD5-based password hashing algorit ...)
 	- wordpress <unfixed> (bug #880868)
 	[buster] - wordpress <postponed> (Minor issue, can be revisited with upstream has picked a new hashing solution)
 	[stretch] - wordpress <postponed> (Minor issue, can be revisited with upstream has picked a new hashing solution)
@@ -28,7 +28,7 @@ CVE-2012-6707
 	NOTE: https://core.trac.wordpress.org/ticket/21022
 	NOTE: Proposed patch (but not merged): https://core.trac.wordpress.org/attachment/ticket/21022/21022.3.diff
 	NOTE: Cf. https://core.trac.wordpress.org/ticket/21022#comment:80 and following.
-CVE-2012-6706
+CVE-2012-6706 (A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, a ...)
 	{DLA-1014-1 DLA-1003-1}
 	- unrar-nonfree 1:5.5.5-1 (bug #865461)
 	[stretch] - unrar-nonfree 1:5.3.2-1+deb9u1
@@ -39,7 +39,7 @@ CVE-2012-6706
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/9
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/d4699442bce76574573dc564e7f2177d679b88bd
-CVE-2012-6705
+CVE-2012-6705 (Cross Site Scripting (XSS) exists in Jamroom before 4.2.7 via the Stat ...)
 	NOT-FOR-US: Jamroom
 CVE-2012-XXXX [Option -localhost seems to fail to restrict ipv6 access]
 	- x11vnc <unfixed> (low; bug #672435)
@@ -47,53 +47,53 @@ CVE-2012-XXXX [Option -localhost seems to fail to restrict ipv6 access]
 	[stretch] - x11vnc <ignored> (Minor issue; workaround exits)
 	[jessie] - x11vnc <ignored> (Minor issue; workaround exits)
 	[wheezy] - x11vnc <ignored> (Minor issue; workaround exits)
-CVE-2012-6704
+CVE-2012-6704 (The sock_setsockopt function in net/core/sock.c in the Linux kernel be ...)
 	{DLA-772-1}
 	- linux 3.8.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/82981930125abfd39d7c8378a9cfdf5e1be2002b (v3.5-rc1)
-CVE-2012-6703
+CVE-2012-6703 (Integer overflow in the snd_compr_allocate_buffer function in sound/co ...)
 	- linux 3.8.11-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/b35cc8225845112a616e3a2266d2fde5ab13d3ab (3.7-rc1)
-CVE-2012-6702
+CVE-2012-6702 (Expat, when used in a parser that has not called XML_SetHashSalt or pa ...)
 	{DSA-3597-1 DLA-508-1}
 	- expat 2.1.1-3
-CVE-2012-6701
+CVE-2012-6701 (Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows l ...)
 	- linux <not-affected> (Fixed in v3.2.19; which was before src:linux rename)
 	- linux-2.6 3.2.19-1
 	NOTE: https://git.kernel.org/linus/a70b52ec1aaeaf60f4739edb1b422827cb6f3893 (v3.5-rc1)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=07343eab681bf8c22a2b31d978569a5f65253171 (v3.2.19)
-CVE-2012-6700
+CVE-2012-6700 (The decode_search function in dhcp.c in dhcpcd 3.x does not properly f ...)
 	{DSA-3534-1 DLA-362-1}
 	- dhcpcd <removed>
 	NOTE: https://launchpadlibrarian.net/228152582/dhcp.c.patch
 	NOTE: original ubuntu bug: https://bugs.launchpad.net/ubuntu/+source/dhcpcd/+bug/1517226
-CVE-2012-6699
+CVE-2012-6699 (The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP  ...)
 	{DSA-3534-1}
 	- dhcpcd <removed>
 	NOTE: https://launchpadlibrarian.net/228152582/dhcp.c.patch
 	NOTE: original ubuntu bug: https://bugs.launchpad.net/ubuntu/+source/dhcpcd/+bug/1517226
-CVE-2012-6698
+CVE-2012-6698 (The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP  ...)
 	{DSA-3534-1 DLA-362-1}
 	- dhcpcd <removed>
 	NOTE: https://launchpadlibrarian.net/228152582/dhcp.c.patch
 	NOTE: original ubuntu bug: https://bugs.launchpad.net/ubuntu/+source/dhcpcd/+bug/1517226
-CVE-2012-6695
+CVE-2012-6695 (GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password ...)
 	NOT-FOR-US: GE Healthcare Centricity PACS Workstation
-CVE-2012-6694
+CVE-2012-6694 (GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1, and Server 4. ...)
 	NOT-FOR-US: GE Healthcare Centricity PACS Workstation
-CVE-2012-6693
+CVE-2012-6693 (GE Healthcare Centricity PACS 4.0 Server has a default password of (1) ...)
 	NOT-FOR-US: GE Healthcare Centricity PACS
-CVE-2012-6692
+CVE-2012-6692 (Cross-site scripting (XSS) vulnerability in js/wp-seo-metabox.js in th ...)
 	NOT-FOR-US: WordPress plugin wordpress-seo
-CVE-2012-6691
+CVE-2012-6691 (Multiple cross-site request forgery (CSRF) vulnerabilities in the admi ...)
 	NOT-FOR-US: osCMax
-CVE-2012-6696
+CVE-2012-6696 (inspircd in Debian before 2.0.7 does not properly handle unsigned inte ...)
 	{DSA-3226-1 DLA-276-1}
 	- inspircd 2.0.16-1 (bug #780880)
 	NOTE: Correct fix: https://github.com/inspircd/inspircd/commit/ed28c1ba666b39581adb860bf51cdde43c84cc89
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/29/5
-CVE-2012-6697
+CVE-2012-6697 (InspIRCd before 2.0.7 allows remote attackers to cause a denial of ser ...)
 	{DSA-3226-1 DLA-276-1}
 	- inspircd 2.0.16-1 (bug #780880)
 	NOTE: https://github.com/inspircd/inspircd/commit/58c893e834ff20495d007709220881a3ff13f423
@@ -102,7 +102,7 @@ CVE-2012-6690
 	RESERVED
 CVE-2012-6688
 	RESERVED
-CVE-2012-6689
+CVE-2012-6689 (The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux  ...)
 	{DLA-246-1}
 	- linux 3.6.4-1
 	[wheezy] - linux 3.2.30-1
@@ -110,7 +110,7 @@ CVE-2012-6689
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=848949
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/13
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e1db19db5d6b9e4e83021595eab0dc8f107bef (v3.6-rc5)
-CVE-2012-6687
+CVE-2012-6687 (FastCGI (aka fcgi and libfcgi) 2.4.0 allows remote attackers to cause  ...)
 	{DLA-431-1 DLA-430-1}
 	- libfcgi 2.4.0-8.3 (bug #681591)
 	[wheezy] - libfcgi 2.4.0-8.1+deb7u1
@@ -132,14 +132,14 @@ CVE-2012-6685 [ruby-nokogiri XXE]
 	- libnokogiri-ruby <removed>
 	NOTE: https://github.com/sparklemotion/nokogiri/issues/693
 	NOTE: Full fix requires fixing CVE-2014-0191 in libxml2 too.
-CVE-2012-6684
+CVE-2012-6684 (Cross-site scripting (XSS) vulnerability in the RedCloth library 4.2.9 ...)
 	{DSA-3168-1 DLA-167-1}
 	- ruby-redcloth 4.2.9-4 (bug #774748)
 	- redcloth <removed>
 	NOTE: http://co3k.org/blog/redcloth-unfixed-xss-en
 CVE-2012-6683
 	RESERVED
-CVE-2012-6682
+CVE-2012-6682 (Cross-site scripting (XSS) vulnerability in downloads/actions/editdown ...)
 	NOT-FOR-US: DragonByte Technologies vBDownloads module for vBulletin
 CVE-2012-6681
 	RESERVED
@@ -161,49 +161,49 @@ CVE-2012-6673
 	RESERVED
 CVE-2012-6672
 	RESERVED
-CVE-2012-6671
+CVE-2012-6671 (Multiple cross-site scripting (XSS) vulnerabilities in actions/main.ph ...)
 	NOT-FOR-US: DragonByte Technologies Forumon RPG module for vBulletin
-CVE-2012-6670
+CVE-2012-6670 (Multiple cross-site scripting (XSS) vulnerabilities in the DragonByte  ...)
 	NOT-FOR-US: DragonByte Technologies vbActivity module for vBulletin
 CVE-2012-6669
 	RESERVED
-CVE-2012-6668
+CVE-2012-6668 (Multiple cross-site scripting (XSS) vulnerabilities in the Shout Repor ...)
 	NOT-FOR-US: DragonByte Technologies vBShout module for vBulletin
-CVE-2012-6667
+CVE-2012-6667 (Cross-site scripting (XSS) vulnerability in vbshout.php in DragonByte  ...)
 	NOT-FOR-US: DragonByte Technologies vBShout module for vBulletin
 CVE-2012-6666
 	RESERVED
-CVE-2012-6665
+CVE-2012-6665 (Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4  ...)
 	NOT-FOR-US: phpMoneyBooks
 CVE-2012-6664
 	RESERVED
 CVE-2012-6663
 	RESERVED
-CVE-2012-6662
+CVE-2012-6662 (Cross-site scripting (XSS) vulnerability in the default content option ...)
 	- jqueryui 1.10.1+dfsg-1
 	[wheezy] - jqueryui <not-affected> (ui.tooltip not yet present)
 	[squeeze] - jqueryui <not-affected> (code not present)
 	NOTE: http://bugs.jqueryui.com/ticket/8861
 	NOTE: https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde
-CVE-2012-6661
+CVE-2012-6661 (Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta ...)
 	- zope2.12 2.12.26-1
 	- zope2.13 <not-affected> (Fixed before initial upload in upstream version 2.13.19)
 	NOTE: CVE SPLIT from CVE-2012-5508
-CVE-2012-6660
+CVE-2012-6660 (GE Healthcare Precision MPi has a password of (1) orion for the servic ...)
 	NOT-FOR-US: GE Healthcare Precision MPi
-CVE-2012-6659
+CVE-2012-6659 (Cross-site scripting (XSS) vulnerability in the admin interface in Pho ...)
 	NOT-FOR-US: Phorum
-CVE-2012-6658
+CVE-2012-6658 (Multiple cross-site scripting (XSS) vulnerabilities in SpiceWorks 5.3. ...)
 	NOT-FOR-US: SpiceWorks
-CVE-2012-6657
+CVE-2012-6657 (The sock_setsockopt function in net/core/sock.c in the Linux kernel be ...)
 	{DLA-103-1}
 	- linux 3.6.4-1
 	[wheezy] - linux 3.2.32-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/linus/3e10986d1d698140747fcfc2761ec9cb64c1d582 (v3.6)
-CVE-2012-6654
+CVE-2012-6654 (Multiple SQL injection vulnerabilities in ZPanel 10.0.1 and earlier al ...)
 	NOT-FOR-US: ZPanel
-CVE-2012-6656
+CVE-2012-6656 (iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows con ...)
 	{DSA-3142-1 DLA-97-1}
 	- glibc 2.17-1
 	- eglibc <removed>
@@ -218,38 +218,38 @@ CVE-2012-6655 [passes (encrypted) passwords as commandline arguments]
 	[jessie] - accountsservice <ignored> (Minor issue)
 	[wheezy] - accountsservice <ignored> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=55000
-CVE-2012-6653
+CVE-2012-6653 (Unspecified vulnerability in the All Video Gallery (all-video-gallery) ...)
 	NOT-FOR-US: WordPress plugin all-video-gallery
 CVE-2012-6652
 	RESERVED
 	NOT-FOR-US: WordPress plugin wppageflip
-CVE-2012-6651
+CVE-2012-6651 (Multiple directory traversal vulnerabilities in the Vitamin plugin bef ...)
 	NOT-FOR-US: WordPress plugin vitamin
 CVE-2012-6650
 	RESERVED
 CVE-2012-6649
 	RESERVED
-CVE-2012-6648
+CVE-2012-6648 (gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as ...)
 	NOT-FOR-US: gdm-guest-session (Ubuntu-specific)
-CVE-2012-6647
+CVE-2012-6647 (The futex_wait_requeue_pi function in kernel/futex.c in the Linux kern ...)
 	- linux 3.2.29-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-47
 	NOTE: Upstream fix: https://git.kernel.org/linus/6f7b0a2a5c0fb03be7c25bd1745baa50582348ef
 	NOTE: Introduced in https://git.kernel.org/linus/52400ba946759af28442dee6265c5c0180ac7122
-CVE-2012-6646
+CVE-2012-6646 (F-Secure Anti-Virus, Safe Anywhere, and PSB Workstation Security befor ...)
 	NOT-FOR-US: F-Secure
-CVE-2012-6645
+CVE-2012-6645 (Cross-site scripting (XSS) vulnerability in the autocomplete functiona ...)
 	NOT-FOR-US: Drupal module Finder
-CVE-2012-6644
+CVE-2012-6644 (Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6  ...)
 	NOT-FOR-US: Drupal module ClipBucket
-CVE-2012-6643
+CVE-2012-6643 (Multiple SQL injection vulnerabilities in the update_counter function  ...)
 	NOT-FOR-US: Drupal module ClipBucket
-CVE-2012-6642
+CVE-2012-6642 (Cross-site scripting (XSS) vulnerability in ClipBucket 2.6 allows remo ...)
 	NOT-FOR-US: Drupal module ClipBucket
-CVE-2012-6641
+CVE-2012-6641 (Cross-site scripting (XSS) vulnerability in redirect.php in the Socoli ...)
 	NOT-FOR-US: PrestaShop
-CVE-2012-6640
+CVE-2012-6640 (Cross-site scripting (XSS) vulnerability in Horde Internet Mail Progra ...)
 	- php-horde-imp 5.0.22
 	- horde3 <removed> (low)
 	[squeeze] - horde3 <no-dsa> (Minor issue)
@@ -257,58 +257,58 @@ CVE-2012-6639
 	RESERVED
 	- cloud-init 0.7.1-1
 	NOTE: http://article.gmane.org/gmane.comp.security.oss.general/12299
-CVE-2012-6638
+CVE-2012-6638 (The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linu ...)
 	- linux 3.2.29-1
 	- linux-2.6  <removed>
 	[squeeze] - linux-2.6 2.6.32-47
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdf5af0daf8019cec2396cdef8fb042d80fe71fa
-CVE-2012-6637
+CVE-2012-6637 (Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier  ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2012-6636
+CVE-2012-6636 (The Android API before 17 does not properly restrict the WebView.addJa ...)
 	NOT-FOR-US: Android
-CVE-2012-6635
+CVE-2012-6635 (wp-admin/includes/class-wp-posts-list-table.php in WordPress before 3. ...)
 	- wordpress 3.4+dfsg-1
-CVE-2012-6634
+CVE-2012-6634 (wp-admin/media-upload.php in WordPress before 3.3.3 allows remote atta ...)
 	- wordpress 3.4+dfsg-1
-CVE-2012-6633
+CVE-2012-6633 (Cross-site scripting (XSS) vulnerability in wp-includes/default-filter ...)
 	- wordpress 3.4+dfsg-1
-CVE-2012-6621
+CVE-2012-6621 (Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3 ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2012-6620
+CVE-2012-6620 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) tasks a ...)
 	- php-horde-kronolith 4.0.2-1
 	- kronolith2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/horde/horde/commit/1228a6825a8dab3333d0a8c8986fc10d1f3d11b2
 	NOTE: fixed upstream in 3.0.17
-CVE-2012-6619
+CVE-2012-6619 (The default configuration for MongoDB before 2.3.2 does not validate o ...)
 	- mongodb 1:2.4.1-1
 	[wheezy] - mongodb <no-dsa> (Workaround exists, intrusive change)
 	[squeeze] - mongodb <no-dsa> (Workaround exists, intrusive change)
 	NOTE: http://article.gmane.org/gmane.comp.security.oss.general/11822
 	NOTE: https://jira.mongodb.org/browse/SERVER-7769
-CVE-2012-6618
+CVE-2012-6618 (The av_probe_input_buffer function in libavformat/utils.c in FFmpeg be ...)
 	{DSA-2947-1}
 	- libav 6:9.11-1
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e74cd2f4706f71da5e9205003c1d8263b54ed3fb
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=2115a3597457231a6e5c0527fe0ff8550f64b733
-CVE-2012-6617
+CVE-2012-6617 (The prepare_sdp_description function in ffserver.c in FFmpeg before 1. ...)
 	- libav 6:9.11-1
 	[wheezy] - libav <not-affected> (Introduced in 0.9 with d77f4afa9814b0433be6fdbfd7d8a113592ba680)
 	- ffmpeg <not-affected> (Introduced in 0.9 with d77f4afa9814b0433be6fdbfd7d8a113592ba680)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9929991da7b843e7d80154fcacc4e80579b86a2d
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=82b9799bb211ecd117171115e4a8b832c4942314
-CVE-2012-6616
+CVE-2012-6616 (The mov_text_decode_frame function in libavcodec/movtextdec.c in FFmpe ...)
 	- libav <not-affected> (Vulnerable code not present in libav)
 	- ffmpeg <not-affected> (Vulnerable code not present in older ffmpeg)
-CVE-2012-6615
+CVE-2012-6615 (The ff_ass_split_override_codes function in libavcodec/ass_split.c in  ...)
 	- libav <not-affected> (Vulnerable code not present in libav)
 	- ffmpeg <not-affected> (Vulnerable code not present in older ffmpeg)
 CVE-2012-6614
 	RESERVED
 CVE-2012-6613
 	RESERVED
-CVE-2012-6612
+CVE-2012-6612 (The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in A ...)
 	{DSA-2963-1}
 	- lucene-solr 3.6.2+dfsg-2 (bug #731113)
 CVE-2012-6611
@@ -317,213 +317,213 @@ CVE-2012-6610
 	RESERVED
 CVE-2012-6609
 	RESERVED
-CVE-2012-6608
+CVE-2012-6608 (Cross-site scripting (XSS) vulnerability in xmlservices/E_book.php in  ...)
 	NOT-FOR-US: Elastix
-CVE-2012-6607
+CVE-2012-6607 (The transform_save function in transform.c in Augeas before 1.0.0 allo ...)
 	- augeas 1.0.0-1 (low)
 	[squeeze] - augeas <no-dsa> (Minor issue)
 	[wheezy] - augeas <no-dsa> (Minor issue)
-CVE-2012-6632
+CVE-2012-6632 (Multiple cross-site scripting (XSS) vulnerabilities in Vessio NetBill  ...)
 	NOT-FOR-US: Vessio NetBill
-CVE-2012-6631
+CVE-2012-6631 (Cross-site request forgery (CSRF) vulnerability in accounts/admin/inde ...)
 	NOT-FOR-US: Vessio NetBill
-CVE-2012-6630
+CVE-2012-6630 (Multiple cross-site scripting (XSS) vulnerabilities in the Media Libra ...)
 	NOT-FOR-US: WordPress plugin Media Library Categories
-CVE-2012-6629
+CVE-2012-6629 (Multiple cross-site request forgery (CSRF) vulnerabilities in the News ...)
 	NOT-FOR-US: WordPress plugin Newsletter Manager
-CVE-2012-6628
+CVE-2012-6628 (Multiple cross-site scripting (XSS) vulnerabilities in the Newsletter  ...)
 	NOT-FOR-US: WordPress plugin Newsletter Manager
-CVE-2012-6627
+CVE-2012-6627 (Cross-site scripting (XSS) vulnerability in admin/test_mail.php in the ...)
 	NOT-FOR-US: WordPress plugin Newsletter Manager
-CVE-2012-6626
+CVE-2012-6626 (SQL injection vulnerability in verify-user.php in b2ePMS 1.0 allows re ...)
 	NOT-FOR-US: b2ePMS
-CVE-2012-6625
+CVE-2012-6625 (SQL injection vulnerability in fs-admin/fs-admin.php in the ForumPress ...)
 	NOT-FOR-US: WordPress plugin WP Forum Server
-CVE-2012-6624
+CVE-2012-6624 (Cross-site scripting (XSS) vulnerability in the SoundCloud Is Gold plu ...)
 	NOT-FOR-US: WordPress plugin SoundCloud Is Gold
-CVE-2012-6623
+CVE-2012-6623 (Cross-site scripting (XSS) vulnerability in fs-admin/wpf-add-forum.php ...)
 	NOT-FOR-US: WordPress plugin ForumPress WP Forum Server
-CVE-2012-6622
+CVE-2012-6622 (Multiple cross-site scripting (XSS) vulnerabilities in fs-admin/fs-adm ...)
 	NOT-FOR-US: WordPress plugin ForumPress WP Forum Server
-CVE-2012-6606
+CVE-2012-6606 (Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does no ...)
 	NOT-FOR-US: alo Alto Networks GlobalProtect
-CVE-2012-6605
+CVE-2012-6605 (The device-management command-line interface in Palo Alto Networks PAN ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6604
+CVE-2012-6604 (The device-management command-line interface in Palo Alto Networks PAN ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6603
+CVE-2012-6603 (The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0. ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6602
+CVE-2012-6602 (The device-management command-line interface in Palo Alto Networks PAN ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6601
+CVE-2012-6601 (The device-management command-line interface in Palo Alto Networks PAN ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6600
+CVE-2012-6600 (The device-management command-line interface in Palo Alto Networks PAN ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6599
+CVE-2012-6599 (The device-management command-line interface in Palo Alto Networks PAN ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6598
+CVE-2012-6598 (The device-management command-line interface in Palo Alto Networks PAN ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6597
+CVE-2012-6597 (Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows  ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6596
+CVE-2012-6596 (Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 st ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6595
+CVE-2012-6595 (The device-management command-line interface in Palo Alto Networks PAN ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6594
+CVE-2012-6594 (The device-management command-line interface in Palo Alto Networks PAN ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6593
+CVE-2012-6593 (Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows  ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6592
+CVE-2012-6592 (Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows  ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6591
+CVE-2012-6591 (The device-management command-line interface in Palo Alto Networks PAN ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6590
+CVE-2012-6590 (The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before  ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2012-6589
+CVE-2012-6589 (Cross-site scripting (XSS) vulnerability in search.php in MYRE Busines ...)
 	NOT-FOR-US: MYRE Business Directory
-CVE-2012-6588
+CVE-2012-6588 (SQL injection vulnerability in links.php in MYRE Business Directory al ...)
 	NOT-FOR-US: MYRE Business Directory
-CVE-2012-6587
+CVE-2012-6587 (Cross-site scripting (XSS) vulnerability in vacation/1_mobile/alert_me ...)
 	NOT-FOR-US: MYRE Vacation Rental
-CVE-2012-6586
+CVE-2012-6586 (Multiple SQL injection vulnerabilities in MYRE Vacation Rental Softwar ...)
 	NOT-FOR-US: MYRE Vacation Rental
-CVE-2012-6585
+CVE-2012-6585 (Cross-site scripting (XSS) vulnerability in search.php in MYRE Realty  ...)
 	NOT-FOR-US: MYRE Realty Manager
-CVE-2012-6584
+CVE-2012-6584 (Multiple SQL injection vulnerabilities in MYRE Realty Manager allow re ...)
 	NOT-FOR-US: MYRE Realty Manager
-CVE-2012-6583
+CVE-2012-6583 (Cross-site scripting (XSS) vulnerability in the Imagemenu module 6.x-1 ...)
 	NOT-FOR-US: Imagemenu Drupal contributed module
-CVE-2012-6582
+CVE-2012-6582 (Cross-site scripting (XSS) vulnerability in the Spambot module 6.x-3.x ...)
 	NOT-FOR-US: Spambot Drupal contributed module
-CVE-2012-6581
+CVE-2012-6581 (Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8 ...)
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=870406#c3
-CVE-2012-6580
+CVE-2012-6580 (Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8 ...)
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=870406#c3
-CVE-2012-6579
+CVE-2012-6579 (Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8 ...)
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=870406#c3
-CVE-2012-6578
+CVE-2012-6578 (Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8 ...)
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=870406#c3
-CVE-2012-6577
+CVE-2012-6577 (SQL injection vulnerability in the Formhandler extension before 1.4.1  ...)
 	NOT-FOR-US: Formhandler TYPO3 extension
-CVE-2012-6576
+CVE-2012-6576 (Cross-site scripting (XSS) vulnerability in the PRH Search module 7.x- ...)
 	NOT-FOR-US: Drupal module PRH Search
-CVE-2012-6575
+CVE-2012-6575 (Cross-site scripting (XSS) vulnerability in the Exposed Filter Data mo ...)
 	NOT-FOR-US: Drupal module Exposed Filter Data
-CVE-2012-6574
+CVE-2012-6574 (Cross-site scripting (XSS) vulnerability in the Fonecta verify module  ...)
 	NOT-FOR-US: Drupal module Fonecta verify
-CVE-2012-6572
+CVE-2012-6572 (Cross-site scripting (XSS) vulnerability in the phptemplate_preprocess ...)
 	NOT-FOR-US: Inf08 theme for Drupal
-CVE-2012-6571
+CVE-2012-6571 (The HTTP module in the (1) Branch Intelligent Management System (BIMS) ...)
 	NOT-FOR-US: Branch Intelligent Management System, Huawei routers
-CVE-2012-6570
+CVE-2012-6570 (The HTTP module in the (1) Branch Intelligent Management System (BIMS) ...)
 	NOT-FOR-US: Branch Intelligent Management System, Huawei routers
-CVE-2012-6569
+CVE-2012-6569 (Stack-based buffer overflow in the HTTP module in the (1) Branch Intel ...)
 	NOT-FOR-US: Branch Intelligent Management System, Huawei routers
-CVE-2012-6568
+CVE-2012-6568 (Buffer overflow in the back-end component in Huawei UTPS 1.0 allows lo ...)
 	NOT-FOR-US: Huawei UTPS
-CVE-2012-6567
+CVE-2012-6567 (REDCap before 4.14.0 allows remote authenticated users to execute arbi ...)
 	NOT-FOR-US: REDCap
-CVE-2012-6566
+CVE-2012-6566 (Cross-site scripting (XSS) vulnerability in REDCap before 4.14.2 allow ...)
 	NOT-FOR-US: REDCap
-CVE-2012-6565
+CVE-2012-6565 (Cross-site scripting (XSS) vulnerability in REDCap before 4.14.3 allow ...)
 	NOT-FOR-US: REDCap
-CVE-2012-6564
+CVE-2012-6564 (Cross-site scripting (XSS) vulnerability in REDCap before 4.14.5 allow ...)
 	NOT-FOR-US: REDCap
-CVE-2012-6563
+CVE-2012-6563 (engine/lib/access.php in Elgg before 1.8.5 does not properly clear cac ...)
 	- elgg <itp> (bug #526197)
-CVE-2012-6562
+CVE-2012-6562 (engine/lib/users.php in Elgg before 1.8.5 does not properly specify pe ...)
 	- elgg <itp> (bug #526197)
-CVE-2012-6561
+CVE-2012-6561 (Cross-site scripting (XSS) vulnerability in engine/lib/views.php in El ...)
 	- elgg <itp> (bug #526197)
-CVE-2012-6560
+CVE-2012-6560 (SQL injection vulnerability in deviceadd.php in FreeNAC 3.02 allows re ...)
 	NOT-FOR-US: FreeNAC
-CVE-2012-6559
+CVE-2012-6559 (Multiple cross-site scripting (XSS) vulnerabilities in FreeNAC 3.02 al ...)
 	NOT-FOR-US: FreeNAC
-CVE-2012-6558
+CVE-2012-6558 (Heap-based buffer overflow in HeavenTools PE Explorer 1.99 R6 allows r ...)
 	NOT-FOR-US: HeavenTools PE Explorer
-CVE-2012-6557
+CVE-2012-6557 (Multiple cross-site scripting (XSS) vulnerabilities in the AboutMe plu ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2012-6556
+CVE-2012-6556 (Multiple cross-site scripting (XSS) vulnerabilities in the FirstLastNa ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2012-6555
+CVE-2012-6555 (Cross-site scripting (XSS) vulnerability in the LatestComment plugin 1 ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2012-6554
+CVE-2012-6554 (functions/html_to_text.php in the Chat module before 1.5.2 for activeC ...)
 	NOT-FOR-US: activeCollab
-CVE-2012-6553
+CVE-2012-6553 (Heap-based buffer overflow in Resource Hacker 3.6.0.92 allows remote a ...)
 	NOT-FOR-US: Resource Hacker
-CVE-2012-6552
+CVE-2012-6552 (Unspecified vulnerability in admin/action.php in phpVMS 2.1.x before 2 ...)
 	NOT-FOR-US: phpVMS
-CVE-2012-6551
+CVE-2012-6551 (The default configuration of Apache ActiveMQ before 5.8.0 enables a sa ...)
 	- activemq <not-affected> (Example code not shipped in .deb)
-CVE-2012-6573
+CVE-2012-6573 (Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomple ...)
 	NOT-FOR-US: DRUPAL-SA-CONTRIB-2012-136
-CVE-2012-6550
+CVE-2012-6550 (Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 ...)
 	- db4o <unfixed> (unimportant)
 	NOTE: in doc package only
-CVE-2012-6549
+CVE-2012-6549 (The isofs_export_encode_fh function in fs/isofs/export.c in the Linux  ...)
 	{DSA-2668-1}
 	- linux 3.2.41-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6548
+CVE-2012-6548 (The udf_encode_fh function in fs/udf/namei.c in the Linux kernel befor ...)
 	{DSA-2668-1}
 	- linux 3.2.41-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6547
+CVE-2012-6547 (The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel  ...)
 	- linux 3.2.29-1 (low)
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 2.6.32-47
-CVE-2012-6546
+CVE-2012-6546 (The ATM implementation in the Linux kernel before 3.6 does not initial ...)
 	{DSA-2668-1}
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6545
+CVE-2012-6545 (The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 doe ...)
 	{DSA-2668-1}
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6544
+CVE-2012-6544 (The Bluetooth protocol stack in the Linux kernel before 3.6 does not p ...)
 	{DSA-2668-1}
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6543
+CVE-2012-6543 (The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kern ...)
 	- linux <not-affected> (Affected code introduced in 3.5)
 	- linux-2.6 <not-affected> (Affected code introduced in 3.5)
-CVE-2012-6542
+CVE-2012-6542 (The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel be ...)
 	{DSA-2668-1}
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6541
+CVE-2012-6541 (The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the L ...)
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.37)
-CVE-2012-6540
+CVE-2012-6540 (The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the ...)
 	{DSA-2668-1}
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6539
+CVE-2012-6539 (The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 ...)
 	{DSA-2668-1}
 	- linux 3.2.30-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6538
+CVE-2012-6538 (The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux ke ...)
 	- linux 3.2.32-1 (low)
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.33)
-CVE-2012-6537
+CVE-2012-6537 (net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initializ ...)
 	{DSA-2668-1}
 	- linux 3.2.32-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2012-6536
+CVE-2012-6536 (net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify th ...)
 	- linux 3.2.32-1 (low)
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.39)
@@ -532,111 +532,111 @@ CVE-2012-XXXX [null pointer dereference]
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://seclists.org/fulldisclosure/2013/Mar/134
 	NOTE: full disclosure post dosn't make it clear if a CVE was assigned for this or not, but it is fixed in the above version
-CVE-2012-6535
+CVE-2012-6535 (DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDr ...)
 	{DSA-2844-1}
 	- djvulibre 3.5.25.3-1
 	NOTE: http://sourceforge.net/p/djvu/djvulibre-git/ci/d4f0f6d37fe6a1fb427cfa33a64ead1eff32d28e/
 	NOTE: evince doesnt use an embedded version of this
-CVE-2012-6534
+CVE-2012-6534 (Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to  ...)
 	NOT-FOR-US: Novell Sentinel Log Manager
-CVE-2012-6533
+CVE-2012-6533 (Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryp ...)
 	NOT-FOR-US: Symantec PGP Desktop
-CVE-2012-6532
+CVE-2012-6532 ((1) Zend_Dom, (2) Zend_Feed, (3) Zend_Soap, and (4) Zend_XmlRpc in Zen ...)
 	{DLA-251-1}
 	- zendframework 1.11.13-1
-CVE-2012-6531
+CVE-2012-6531 ((1) Zend_Dom, (2) Zend_Feed, and (3) Zend_Soap in Zend Framework 1.x b ...)
 	{DLA-251-1}
 	- zendframework 1.11.13-1
-CVE-2012-6530
+CVE-2012-6530 (Stack-based buffer overflow in Sysax Multi Server before 5.52, when HT ...)
 	NOT-FOR-US: Sysax Multi Server
-CVE-2012-6529
+CVE-2012-6529 (Multiple SQL injection vulnerabilities in Marinet CMS allow remote att ...)
 	NOT-FOR-US: Marinet CMS
-CVE-2012-6528
+CVE-2012-6528 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 2 ...)
 	NOT-FOR-US: ATutor
-CVE-2012-6527
+CVE-2012-6527 (Cross-site scripting (XSS) vulnerability in the My Calendar plugin bef ...)
 	NOT-FOR-US: WordPress plugin My Calendar
-CVE-2012-6526
+CVE-2012-6526 (SQL injection vulnerability in show_code.php in Vastal I-Tech Freelanc ...)
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
-CVE-2012-6525
+CVE-2012-6525 (SQL injection vulnerability in members.php in PHPBridges allows remote ...)
 	NOT-FOR-US: PHPBridges
-CVE-2012-6524
+CVE-2012-6524 (SQL injection vulnerability in kommentar.php in pGB 2.12 allows remote ...)
 	NOT-FOR-US: pGB
-CVE-2012-6523
+CVE-2012-6523 (Multiple cross-site scripting (XSS) vulnerabilities in w-CMS 2.01 allo ...)
 	NOT-FOR-US: w-CMS 2.01
-CVE-2012-6522
+CVE-2012-6522 (Directory traversal vulnerability in the getContent function in codes/ ...)
 	NOT-FOR-US: w-CMS 2.01
-CVE-2012-6521
+CVE-2012-6521 (Cross-site scripting (XSS) vulnerability in apps/admin/handlers/versio ...)
 	NOT-FOR-US: Elefant CMS
-CVE-2012-6520
+CVE-2012-6520 (Multiple SQL injection vulnerabilities in the advanced search in Wikid ...)
 	NOT-FOR-US: Wikidforum
-CVE-2012-6519
+CVE-2012-6519 (SQL injection vulnerability in modules/poll/index.php in DIY-CMS 1.0 a ...)
 	NOT-FOR-US: DIY-CMS
-CVE-2012-6518
+CVE-2012-6518 (Cross-site request forgery (CSRF) vulnerability in mod.php in DiY-CMS  ...)
 	NOT-FOR-US: DiY-CMS
-CVE-2012-6517
+CVE-2012-6517 (Multiple cross-site scripting (XSS) vulnerabilities in DiY-CMS 1.0 all ...)
 	NOT-FOR-US: DiY-CMS
-CVE-2012-6516
+CVE-2012-6516 (SQL injection vulnerability in PHP Ticket System Beta 1 allows remote  ...)
 	NOT-FOR-US: PHP Ticket System Beta
-CVE-2012-6515
+CVE-2012-6515 (eFront 3.6.10, 3.6.11 build 15059, and earlier allows remote attackers ...)
 	NOT-FOR-US: eFront
-CVE-2012-6514
+CVE-2012-6514 (Cross-site scripting (XSS) vulnerability in the nBill (com_nbill) comp ...)
 	NOT-FOR-US: nBill for Joomla!
-CVE-2012-6513
+CVE-2012-6513 (Cross-site scripting (XSS) vulnerability in index.php/Admin_Preference ...)
 	NOT-FOR-US: gpEasy CMS
-CVE-2012-6512
+CVE-2012-6512 (The Organizer plugin 1.2.1 for WordPress allows remote attackers to ob ...)
 	NOT-FOR-US: Organizer wordpress plugin not in Debian
-CVE-2012-6511
+CVE-2012-6511 (Multiple cross-site scripting (XSS) vulnerabilities in organizer/page/ ...)
 	NOT-FOR-US: Organizer wordpress plugin not in Debian
-CVE-2012-6510
+CVE-2012-6510 (Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Ca ...)
 	NOT-FOR-US: NetArt Media Car Portal
-CVE-2012-6509
+CVE-2012-6509 (Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0  ...)
 	NOT-FOR-US: NetArt Media Car Portal
-CVE-2012-6508
+CVE-2012-6508 (Multiple cross-site request forgery (CSRF) vulnerabilities in NetArt M ...)
 	NOT-FOR-US: NetArt Media Car Portal
-CVE-2012-6507
+CVE-2012-6507 (Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 ...)
 	NOT-FOR-US: ChurchCMS
-CVE-2012-6506
+CVE-2012-6506 (Multiple cross-site scripting (XSS) vulnerabilities in the Zingiri Web ...)
 	NOT-FOR-US: Zingiri Web Shop wordpress plugin not in Debian
-CVE-2012-6505
+CVE-2012-6505 (Cross-site scripting (XSS) vulnerability in mods/hours/data/get_hours. ...)
 	NOT-FOR-US: PHP Volunteer Management not in Debian
-CVE-2012-6504
+CVE-2012-6504 (SQL injection vulnerability in mods/hours/data/get_hours.php in PHP Vo ...)
 	NOT-FOR-US: PHP Volunteer Management not in Debian
-CVE-2012-6503
+CVE-2012-6503 (Unspecified vulnerability in the NinjaXplorer component before 1.0.7 f ...)
 	NOT-FOR-US: NinjaXplorer for Joomla!
-CVE-2012-6502
+CVE-2012-6502 (Microsoft Internet Explorer before 10 allows remote attackers to obtai ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-6110
+CVE-2012-6110 (bcron-exec in bcron before 0.10 does not close file descriptors associ ...)
 	- bcron 0.09-13 (low; bug #686650)
 	[squeeze] - bcron 0.09-11+squeeze1
-CVE-2012-6501
+CVE-2012-6501 (The KillProcess method in the HP PKI ActiveX control (HPPKI.ocx) befor ...)
 	NOT-FOR-US: HP PKI ActiveX
-CVE-2012-6500
+CVE-2012-6500 (Directory traversal vulnerability in download.lib.php in Pragyan CMS 3 ...)
 	NOT-FOR-US: Pragyan CMS
-CVE-2012-6499
+CVE-2012-6499 (Open redirect vulnerability in age-verification.php in the Age Verific ...)
 	NOT-FOR-US: Age Verification plugin for WordPress
 CVE-2012-0722
 	REJECTED
-CVE-2012-6498
+CVE-2012-6498 (Unrestricted file upload vulnerability in index.php in Atomymaxsite 2. ...)
 	NOT-FOR-US: Atomymaxsite
-CVE-2012-6497
+CVE-2012-6497 (The Authlogic gem for Ruby on Rails, when used with certain versions b ...)
 	{DSA-2597-1}
 	- ruby-activerecord-3.2 3.2.6-3
 	- ruby-activerecord-2.3 2.3.14-3
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2012-6496
+CVE-2012-6496 (SQL injection vulnerability in the Active Record component in Ruby on  ...)
 	{DSA-2597-1}
 	- ruby-activerecord-3.2 3.2.6-3
 	- ruby-activerecord-2.3 2.3.14-3
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2012-6495
+CVE-2012-6495 (Multiple directory traversal vulnerabilities in the (1) twikidraw (act ...)
 	{DSA-2593-1}
 	- moin 1.9.5-3
 	[wheezy] - moin 1.9.4-8+deb7u1
 CVE-2012-6494
 	RESERVED
-CVE-2012-6493
+CVE-2012-6493 (Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Secu ...)
 	NOT-FOR-US: Rapid7 Nexpose Security Console
 CVE-2012-6492
 	RESERVED
@@ -678,37 +678,37 @@ CVE-2012-6474
 	RESERVED
 CVE-2012-6473
 	RESERVED
-CVE-2012-6472
+CVE-2012-6472 (Opera before 12.12 on UNIX uses weak permissions for the profile direc ...)
 	NOT-FOR-US: Opera
-CVE-2012-6471
+CVE-2012-6471 (Opera before 12.12 allows remote attackers to spoof the address field  ...)
 	NOT-FOR-US: Opera
-CVE-2012-6470
+CVE-2012-6470 (Opera before 12.12 does not properly allocate memory for GIF images, w ...)
 	NOT-FOR-US: Opera
-CVE-2012-6469
+CVE-2012-6469 (Opera before 12.11 allows remote attackers to determine the existence  ...)
 	NOT-FOR-US: Opera
-CVE-2012-6468
+CVE-2012-6468 (Heap-based buffer overflow in Opera before 12.11 allows remote attacke ...)
 	NOT-FOR-US: Opera
-CVE-2012-6467
+CVE-2012-6467 (Opera before 12.10 follows Internet shortcuts that are referenced by a ...)
 	NOT-FOR-US: Opera
-CVE-2012-6466
+CVE-2012-6466 (Opera before 12.10 does not properly handle incorrect size data in a W ...)
 	NOT-FOR-US: Opera
-CVE-2012-6465
+CVE-2012-6465 (Opera before 12.10 allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Opera
-CVE-2012-6464
+CVE-2012-6464 (Cross-site scripting (XSS) vulnerability in Opera before 12.10 allows  ...)
 	NOT-FOR-US: Opera
-CVE-2012-6463
+CVE-2012-6463 (Cross-site scripting (XSS) vulnerability in Opera before 12.10 allows  ...)
 	NOT-FOR-US: Opera
-CVE-2012-6462
+CVE-2012-6462 (Opera before 12.10 does not properly implement the Cross-Origin Resour ...)
 	NOT-FOR-US: Opera
-CVE-2012-6461
+CVE-2012-6461 (The X.509 certificate-validation functionality in the https implementa ...)
 	NOT-FOR-US: Opera
-CVE-2012-6460
+CVE-2012-6460 (Opera before 11.67 and 12.x before 12.02 allows remote attackers to ca ...)
 	NOT-FOR-US: Opera
-CVE-2012-6459
+CVE-2012-6459 (ConnMan 1.3 on Tizen continues to list the bluetooth service after off ...)
 	- connman 1.0-1.1 (bug #697580)
 	[wheezy] - connman 1.0-1.1+wheezy1
 	[squeeze] - connman <no-dsa> (Minor issue)
-CVE-2012-6458
+CVE-2012-6458 (Multiple cross-site scripting (XSS) vulnerabilities in the SilverStrip ...)
 	- silverstripe <itp> (bug #528461)
 CVE-2012-6457
 	RESERVED
@@ -718,7 +718,7 @@ CVE-2012-6455
 	RESERVED
 CVE-2012-6454
 	RESERVED
-CVE-2012-6452
+CVE-2012-6452 (Axway Secure Messenger before 6.5 Updated Release 7, as used in Axway  ...)
 	NOT-FOR-US: Axway Secure Messenger
 CVE-2012-6451
 	RESERVED
@@ -728,7 +728,7 @@ CVE-2012-6449
 	RESERVED
 CVE-2012-6448
 	RESERVED
-CVE-2012-6447
+CVE-2012-6447 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 5.0.0 ...)
 	NOT-FOR-US: Splunk
 CVE-2012-6446
 	RESERVED
@@ -738,42 +738,42 @@ CVE-2012-6444
 	RESERVED
 CVE-2012-6443
 	RESERVED
-CVE-2012-6453
+CVE-2012-6453 (Cross-site scripting (XSS) vulnerability in the RSS Reader extension b ...)
 	{DSA-2596-1}
 	- mediawiki-extensions 2.11 (bug #696179)
-CVE-2012-6442
+CVE-2012-6442 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-E ...)
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6441
+CVE-2012-6441 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-E ...)
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6440
+CVE-2012-6440 (The web-server password-authentication functionality in Rockwell Autom ...)
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6439
+CVE-2012-6439 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-E ...)
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6438
+CVE-2012-6438 (Buffer overflow in Rockwell Automation EtherNet/IP products; 1756-ENBT ...)
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6437
+CVE-2012-6437 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-E ...)
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6436
+CVE-2012-6436 (Buffer overflow in Rockwell Automation EtherNet/IP products; 1756-ENBT ...)
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6435
+CVE-2012-6435 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-E ...)
 	NOT-FOR-US: Rockwell Automation EtherNet/IP
-CVE-2012-6434
+CVE-2012-6434 (Multiple cross-site request forgery (CSRF) vulnerabilities in e107_adm ...)
 	NOT-FOR-US: e107
-CVE-2012-6433
+CVE-2012-6433 (Cross-site request forgery (CSRF) vulnerability in e107_admin/newspost ...)
 	NOT-FOR-US: e107
-CVE-2012-6432
+CVE-2012-6432 (Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the ...)
 	NOT-FOR-US: Symfony
-CVE-2012-6431
+CVE-2012-6431 (Symfony 2.0.x before 2.0.20 does not process URL encoded data consiste ...)
 	NOT-FOR-US: Symfony
-CVE-2012-6430
+CVE-2012-6430 (Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5. ...)
 	NOT-FOR-US: Open Solution Quick.Cart and Quick.Cms
-CVE-2012-6429
+CVE-2012-6429 (Buffer overflow in the PrepareSync method in the SyncService.dll Activ ...)
 	NOT-FOR-US: Samsung Kies
-CVE-2012-6428
+CVE-2012-6428 (Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establish ...)
 	NOT-FOR-US: Carlo Gavazzi EOS-Box
-CVE-2012-6427
+CVE-2012-6427 (Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with f ...)
 	NOT-FOR-US: Carlo Gavazzi EOS-Box
-CVE-2012-6426
+CVE-2012-6426 (LemonLDAP::NG before 1.2.3 does not use the signature-verification cap ...)
 	- lemonldap-ng 1.2.2-3 (bug #696329)
 	[wheezy] - lemonldap-ng 1.1.2-5+deb7u1
 	[squeeze] - lemonldap-ng <not-affected> (SAML code not present)
@@ -783,7 +783,7 @@ CVE-2012-6424
 	RESERVED
 CVE-2012-6423
 	RESERVED
-CVE-2012-6422
+CVE-2012-6422 (The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly ...)
 	NOT-FOR-US: Android kernel
 CVE-2012-6421
 	REJECTED
@@ -829,21 +829,21 @@ CVE-2012-6401
 	REJECTED
 CVE-2012-6400
 	RESERVED
-CVE-2012-6399
+CVE-2012-6399 (Cisco WebEx 4.1 on iOS does not verify that the server hostname matche ...)
 	NOT-FOR-US: Cisco
 CVE-2012-6398
 	RESERVED
-CVE-2012-6397
+CVE-2012-6397 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Social (former ...)
 	NOT-FOR-US: Cisco WebEx Social
-CVE-2012-6396
+CVE-2012-6396 (Cisco NX-OS on Nexus 7000 series switches does not properly handle cer ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2012-6395
+CVE-2012-6395 (Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
 CVE-2012-6394
 	RESERVED
 CVE-2012-6393
 	RESERVED
-CVE-2012-6392
+CVE-2012-6392 (Cisco Prime LAN Management Solution (LMS) 4.1 through 4.2.2 on Linux d ...)
 	NOT-FOR-US: Cisco Prime LMS
 CVE-2012-6391
 	RESERVED
@@ -885,11 +885,11 @@ CVE-2012-6373
 	RESERVED
 CVE-2012-6372
 	RESERVED
-CVE-2012-6371
+CVE-2012-6371 (The WPA2 implementation on the Belkin N900 F9K1104v1 router establishe ...)
 	NOT-FOR-US: Belkin router
 CVE-2012-6370
 	RESERVED
-CVE-2012-6369
+CVE-2012-6369 (Cross-site scripting (XSS) vulnerability in the Troubleshooting Report ...)
 	NOT-FOR-US: AgileBits 1Password
 CVE-2012-6368
 	REJECTED
@@ -907,35 +907,35 @@ CVE-2012-6362
 	REJECTED
 CVE-2012-6361
 	RESERVED
-CVE-2012-6360
+CVE-2012-6360 (Cross-site scripting (XSS) vulnerability in IBM Intelligent Operations ...)
 	NOT-FOR-US: IBM Intelligent Operations Center
-CVE-2012-6359
+CVE-2012-6359 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.11, 6. ...)
 	NOT-FOR-US: IBM Tivoli
 CVE-2012-6358
 	RESERVED
-CVE-2012-6357
+CVE-2012-6357 (IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7. ...)
 	NOT-FOR-US: IBM
-CVE-2012-6356
+CVE-2012-6356 (IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7. ...)
 	NOT-FOR-US: IBM
-CVE-2012-6355
+CVE-2012-6355 (IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management E ...)
 	NOT-FOR-US: IBM
-CVE-2012-6354
+CVE-2012-6354 (The management GUI on the IBM SAN Volume Controller and Storwize V7000 ...)
 	NOT-FOR-US: IBM
 CVE-2012-6353
 	RESERVED
-CVE-2012-6352
+CVE-2012-6352 (The Session Manager in IBM Sterling Connect:Direct through 4.1.0.3 on  ...)
 	NOT-FOR-US: IBM Sterling Connect:Direct
 CVE-2012-6351
 	RESERVED
-CVE-2012-6350
+CVE-2012-6350 (Cross-site scripting (XSS) vulnerability in the Web component in IBM C ...)
 	NOT-FOR-US: IBM Cognos TM1
-CVE-2012-6349
+CVE-2012-6349 (Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used i ...)
 	NOT-FOR-US: IBM Notes
-CVE-2012-6348
+CVE-2012-6348 (Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suit ...)
 	NOT-FOR-US: Centrify
-CVE-2012-6347
+CVE-2012-6347 (Multiple cross-site scripting (XSS) vulnerabilities in Java number for ...)
 	NOT-FOR-US: FortiGate
-CVE-2012-6346
+CVE-2012-6346 (Multiple cross-site scripting (XSS) vulnerabilities in FortiWeb before ...)
 	NOT-FOR-US: FortiWeb
 CVE-2012-6345
 	RESERVED
@@ -945,34 +945,34 @@ CVE-2012-6344
 	NOT-FOR-US: CyberArk Vault
 CVE-2012-6343
 	RESERVED
-CVE-2012-6342
+CVE-2012-6342 (Cross-site request forgery (CSRF) vulnerability in logout.action in At ...)
 	NOT-FOR-US: Atlassian Confluence
 CVE-2012-6341
 	RESERVED
 CVE-2012-6340
 	RESERVED
-CVE-2012-6339
+CVE-2012-6339 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: Cerberus FTP Server
 CVE-2012-6338
 	RESERVED
-CVE-2012-6337
+CVE-2012-6337 (The Track My Mobile feature in the SamsungDive subsystem for Android o ...)
 	NOT-FOR-US: SamsungDive on Samsung Galaxy
-CVE-2012-6336
+CVE-2012-6336 (The Missing Device feature in Lookout allows physically proximate atta ...)
 	NOT-FOR-US: Lookout
-CVE-2012-6335
+CVE-2012-6335 (The Anti-theft service in AVG AntiVirus for Android allows physically  ...)
 	NOT-FOR-US: AVG AntiVirus for Android
-CVE-2012-6334
+CVE-2012-6334 (The Track My Mobile feature in the SamsungDive subsystem for Android o ...)
 	NOT-FOR-US: SamsungDive subsystem for Android
-CVE-2012-6333
+CVE-2012-6333 (Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM ...)
 	{DSA-2636-1}
 	- xen 4.1.3-8
 CVE-2012-6332
 	RESERVED
 CVE-2012-6331
 	RESERVED
-CVE-2012-6330
+CVE-2012-6330 (The localization functionality in TWiki before 5.1.3, and Foswiki 1.0. ...)
 	- foswiki <itp> (bug #509864)
-CVE-2012-6329
+CVE-2012-6329 (The _compile function in Maketext.pm in the Locale::Maketext implement ...)
 	- perl 5.14.2-16 (bug #695224)
 	[squeeze] - perl 5.10.1-17squeeze5
 	- foswiki <itp> (bug #509864)
@@ -980,11 +980,11 @@ CVE-2012-6328
 	REJECTED
 CVE-2012-6327
 	REJECTED
-CVE-2012-6326
+CVE-2012-6326 (VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and ...)
 	NOT-FOR-US: vCenter
-CVE-2012-6325
+CVE-2012-6325 (VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not pr ...)
 	NOT-FOR-US: VMware vCenter Server Appliance
-CVE-2012-6324
+CVE-2012-6324 (Directory traversal vulnerability in VMware vCenter Server Appliance ( ...)
 	NOT-FOR-US: VMware vCenter Server Appliance
 CVE-2012-6323
 	RESERVED
@@ -1000,15 +1000,15 @@ CVE-2012-6318
 	RESERVED
 CVE-2012-6317
 	RESERVED
-CVE-2012-6316
+CVE-2012-6316 (Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL- ...)
 	NOT-FOR-US: TP-LINK
 CVE-2012-6315
 	REJECTED
-CVE-2012-6314
+CVE-2012-6314 (Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, wh ...)
 	NOT-FOR-US: Citrix XenDesktop
-CVE-2012-6313
+CVE-2012-6313 (simple-gmail-login.php in the Simple Gmail Login plugin before 1.1.4 f ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-6312
+CVE-2012-6312 (Cross-site scripting (XSS) vulnerability in the Video Lead Form plugin ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2012-6311
 	RESERVED
@@ -1026,7 +1026,7 @@ CVE-2012-6305
 	RESERVED
 CVE-2012-6304
 	RESERVED
-CVE-2012-6303
+CVE-2012-6303 (Heap-based buffer overflow in the GetWavHeader function in generic/jkS ...)
 	- snack 2.2.10-dfsg1-12.1 (low; bug #695614)
 	[squeeze] - snack 2.2.10-dfsg1-9+squeeze1
 	- wavesurfer <not-affected> (originally reported in wavesurfer, but actually a bug in libsnack, see bug #695615)
@@ -1034,13 +1034,13 @@ CVE-2012-6303
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/10/2
 CVE-2012-6302
 	RESERVED
-CVE-2012-6301
+CVE-2012-6301 (The Browser application in Android 4.0.3 allows remote attackers to ca ...)
 	NOT-FOR-US: Android browser
 CVE-2012-6300
 	RESERVED
-CVE-2012-6299
+CVE-2012-6299 (Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12 ...)
 	NOT-FOR-US: CA IdentityMinder
-CVE-2012-6298
+CVE-2012-6298 (Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12 ...)
 	NOT-FOR-US: CA IdentityMinder
 CVE-2012-6297
 	RESERVED
@@ -1056,7 +1056,7 @@ CVE-2012-6292
 	RESERVED
 CVE-2012-6291
 	RESERVED
-CVE-2012-6290
+CVE-2012-6290 (SQL injection vulnerability in ImageCMS before 4.2 allows remote authe ...)
 	NOT-FOR-US: ImageCMS
 CVE-2012-6289
 	REJECTED
@@ -1084,19 +1084,19 @@ CVE-2012-6278
 	REJECTED
 CVE-2012-6277
 	RESERVED
-CVE-2012-6276
+CVE-2012-6276 (Directory traversal vulnerability in the web-based management interfac ...)
 	NOT-FOR-US: TP-LINK TL-WR841N
-CVE-2012-6275
+CVE-2012-6275 (Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAn ...)
 	NOT-FOR-US: BigAnt IM Server
-CVE-2012-6274
+CVE-2012-6274 (BigAntSoft BigAnt IM Message Server does not require authentication fo ...)
 	NOT-FOR-US: BigAnt IM Server
-CVE-2012-6273
+CVE-2012-6273 (SQL injection vulnerability in BigAntSoft BigAnt IM Message Server all ...)
 	NOT-FOR-US: BigAnt IM Server
-CVE-2012-6272
+CVE-2012-6272 (Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage ...)
 	NOT-FOR-US: Dell OpenManage Server Administrator
-CVE-2012-6271
+CVE-2012-6271 (Adobe Shockwave Player through 11.6.8.638 allows remote attackers to t ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-6270
+CVE-2012-6270 (Adobe Shockwave Player through 11.6.8.638 allows remote attackers to t ...)
 	NOT-FOR-US: Adobe Shockwave
 CVE-2012-6269
 	REJECTED
@@ -1330,20 +1330,20 @@ CVE-2012-6155
 	RESERVED
 CVE-2012-6154
 	RESERVED
-CVE-2012-6153
+CVE-2012-6153 (http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient befor ...)
 	{DLA-222-1}
 	- commons-httpclient 3.1-10.2 (bug #692442)
 	NOTE: References to upstream patches for 4.x can be found in https://issues.apache.org/jira/browse/HTTPCLIENT-1549
-CVE-2012-6152
+CVE-2012-6152 (The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does n ...)
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2012-6151
+CVE-2012-6151 (Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB ...)
 	- net-snmp 5.7.2.1~dfsg-3 (low; bug #731625)
 	[wheezy] - net-snmp 5.4.3~dfsg-2.8+deb7u1
 	[squeeze] - net-snmp <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/p/net-snmp/bugs/2411/
 	NOTE: Upstream patch: http://sourceforge.net/p/net-snmp/code/ci/793d596838ff7cb48a73b675d62897c56c9e62df/
-CVE-2012-6150
+CVE-2012-6150 (The winbind_name_list_to_sid_string_list function in nsswitch/pam_winb ...)
 	- samba 2:4.0.13+dfsg-1 (low)
 	[wheezy] - samba 2:3.6.6-6+deb7u3
 	[squeeze] - samba <no-dsa> (Can be fixed along in a future DSA)
@@ -1351,49 +1351,49 @@ CVE-2012-6150
 	NOTE: introduced http://git.samba.org/?p=samba.git;a=commit;h=31f1a36901b5b8959dc51401c09c114829b50392
 	NOTE: fixed by http://git.samba.org/?p=samba.git;a=commitdiff;h=f62683956a3b182f6a61cc7a2b4ada2e74cde243
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=10300
-CVE-2012-6149
+CVE-2012-6149 (Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/not ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2012-6148
+CVE-2012-6148 (Cross-site scripting (XSS) vulnerability in the function menu API in T ...)
 	- typo3-src 4.5.19+dfsg1-4 (bug #692775)
 	[squeeze] - typo3-src <not-affected> (Vulnerable code not present)
 	NOTE: https://review.typo3.org/16300
-CVE-2012-6147
+CVE-2012-6147 (Cross-site scripting (XSS) vulnerability in the tree render API (TCA-T ...)
 	{DSA-2574-1}
 	- typo3-src 4.5.19+dfsg1-4 (bug #692775)
 	NOTE: https://review.typo3.org/16305
-CVE-2012-6146
+CVE-2012-6146 (The Backend History Module in TYPO3 4.5.x before 4.5.21, 4.6.x before  ...)
 	{DSA-2574-1}
 	- typo3-src 4.5.19+dfsg1-4 (bug #692775)
 	NOTE: https://review.typo3.org/16304
-CVE-2012-6145
+CVE-2012-6145 (Cross-site scripting (XSS) vulnerability in the Backend History module ...)
 	{DSA-2574-1}
 	- typo3-src 4.5.19+dfsg1-4 (bug #692775)
 	NOTE: https://review.typo3.org/16304
-CVE-2012-6144
+CVE-2012-6144 (SQL injection vulnerability in the Backend History module in TYPO3 4.5 ...)
 	{DSA-2574-1}
 	- typo3-src 4.5.19+dfsg1-4 (bug #692775)
 	NOTE: https://review.typo3.org/16304
-CVE-2012-6143
+CVE-2012-6143 (Spoon::Cookie in the Spoon module 0.24 for Perl does not properly use  ...)
 	- libspoon-perl <removed> (bug #715371; low)
 	[squeeze] - libspoon-perl <no-dsa> (Minor issue)
 	[wheezy] - libspoon-perl <no-dsa> (Minor issue)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=85217
-CVE-2012-6142
+CVE-2012-6142 (Session::Cookie in the HTML::EP module 0.2011 for Perl does not proper ...)
 	NOT-FOR-US: HTML-EP CPAN module
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=85216
-CVE-2012-6141
+CVE-2012-6141 (The App::Context module 0.01 through 0.968 for Perl does not properly  ...)
 	NOT-FOR-US: App-Context CPAN module
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=85215
-CVE-2012-6140
+CVE-2012-6140 (pam_google_authenticator.c in the PAM module in Google Authenticator b ...)
 	- google-authenticator 20130529-1 (bug #666129)
-CVE-2012-6139
+CVE-2012-6139 (libxslt before 1.1.28 allows remote attackers to cause a denial of ser ...)
 	{DSA-2654-1}
 	- libxslt 1.1.26-14.1 (bug #703933)
 	NOTE: http://git.gnome.org/browse/libxslt/commit/?id=6c99c519d97e5fcbec7a9537d190efb442e4e833
 	NOTE: http://git.gnome.org/browse/libxslt/commit/?id=dc11b6b379a882418093ecc8adf11f6166682e8d
 CVE-2012-6138
 	REJECTED
-CVE-2012-6137
+CVE-2012-6137 (rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does  ...)
 	NOT-FOR-US: Red Hat subscription-manager
 CVE-2012-6136
 	RESERVED
@@ -1402,28 +1402,28 @@ CVE-2012-6135
 	RESERVED
 	- ruby-passenger <not-affected> (Vulnerable code not present; bug #702219)
 	NOTE: 4.0.0 betas only
-CVE-2012-6134
+CVE-2012-6134 (Cross-site request forgery (CSRF) vulnerability in the omniauth-oauth2 ...)
 	- ruby-omniauth-oauth2 <not-affected> (Fixed in the first version uploaded to Debian)
 CVE-2012-6133 [XSS flaws in ok and error messages]
 	RESERVED
 	{DLA-298-1}
 	- roundup 1.4.20-1
 	NOTE: http://issues.roundup-tracker.org/issue2550724
-CVE-2012-6132
+CVE-2012-6132 (Cross-site scripting (XSS) vulnerability in Roundup before 1.4.20 allo ...)
 	{DLA-298-1}
 	- roundup 1.4.20-1
-CVE-2012-6131
+CVE-2012-6131 (Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup b ...)
 	{DLA-298-1}
 	- roundup 1.4.20-1
 	NOTE: http://issues.roundup-tracker.org/issue2550711
-CVE-2012-6130
+CVE-2012-6130 (Cross-site scripting (XSS) vulnerability in the history display in Rou ...)
 	{DLA-298-1}
 	- roundup 1.4.20-1
 	NOTE: http://issues.roundup-tracker.org/issue2550684
-CVE-2012-6129
+CVE-2012-6129 (Stack-based buffer overflow in utp.cpp in libutp, as used in Transmiss ...)
 	- transmission 2.52-3+nmu1 (bug #700234)
 	[squeeze] - transmission <not-affected> (UTP code not present)
-CVE-2012-6128
+CVE-2012-6128 (Multiple stack-based buffer overflows in http.c in OpenConnect before  ...)
 	{DSA-2623-1}
 	- openconnect 3.20-3 (bug #700794)
 	NOTE: http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/26f752c3dbf69227679fc6bebb4ae071aecec491
@@ -1452,37 +1452,37 @@ CVE-2012-6122
 	- chicken 4.8.0.3-1 (low; bug #702410)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	[squeeze] - chicken <no-dsa> (Minor issue)
-CVE-2012-6121
+CVE-2012-6121 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0 ...)
 	- roundcube <not-affected> (vulnerable code not in stable or testing)
 	NOTE: http://trac.roundcube.net/ticket/1488850
 	NOTE: Upstream patch: https://github.com/roundcube/roundcubemail/commit/74cd0a9b62f11bc07c5a1d3ba0098b54883eb0ba
-CVE-2012-6120
+CVE-2012-6120 (Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directo ...)
 	{DLA-29-1}
 	- puppet 2.6.4-2
 	[squeeze] - puppet <no-dsa> (Minor issue)
 	NOTE: puppet-common postinst in unstable sets dpkg-statoverride --update --add puppet puppet 0750 /var/log/puppet
 	NOTE: After starting puppetmaster permissions on directory are restricted
-CVE-2012-6119
+CVE-2012-6119 (Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager ...)
 	NOTE: Candlepin
-CVE-2012-6118
+CVE-2012-6118 (The Administer tab in Aeolus Conductor allows remote authenticated use ...)
 	NOT-FOR-US: Aeolus Cloud Configuration tool (not the pipe organ simulator in Debian)
-CVE-2012-6117
+CVE-2012-6117 (Aeolus Configuration Server, as used in Red Hat CloudForms Cloud Engin ...)
 	NOT-FOR-US: Aeolus Cloud Configuration tool (not the pipe organ simulator in Debian)
-CVE-2012-6116
+CVE-2012-6116 (modules/certs/manifests/config.pp in katello-configure before 1.3.3.pu ...)
 	NOTE: Candlepin
-CVE-2012-6115
+CVE-2012-6115 (The domain management tool (rhevm-manage-domains) in Red Hat Enterpris ...)
 	NOTE: RHEV management tool
 CVE-2012-6114 [temp file vulnerability in git-extras]
 	RESERVED
 	- git-extras 1.7.0-1.2 (bug #698490)
-CVE-2012-6113
+CVE-2012-6113 (The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 thr ...)
 	- php5 5.4.0~beta2-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.3.9)
 	NOTE: Introduced in http://git.php.net/?p=php-src.git;a=commitdiff;h=095cbc48a8f0090f3b0abc6155f2b61943c9eafb
 	NOTE: Fixed in 5.3.14 http://git.php.net/?p=php-src.git;a=commitdiff;h=270a406ac94b5fc5cc9ef59fc61e3b4b95648a3e
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1099793
 	NOTE: https://bugs.php.net/bug.php?id=61413
-CVE-2012-6112
+CVE-2012-6112 (classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellcheck ...)
 	- tinymce <not-affected> (TinyMCE Google spellchecker plugin)
 	- wordpress 3.5.1+dfsg-2
 	- moodle 2.5-1 (bug #702387)
@@ -1499,102 +1499,102 @@ CVE-2012-6111 [gnome-keyring does not discard stored secrets in some cases]
 	[squeeze] - gnome-keyring <no-dsa> (Minor issue)
 	[wheezy] - gnome-keyring <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/11/5
-CVE-2012-6109
+CVE-2012-6109 (lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x  ...)
 	- ruby-rack 1.4.1-2.1 (bug #698440)
 	- librack-ruby <removed>
 	[squeeze] - librack-ruby <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/rack/rack/commit/4fc44671b3cad569421f4f8b775c0590b86f575e
 	NOTE: https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ
-CVE-2012-6108
+CVE-2012-6108 (HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses world-writabl ...)
 	- hplip <not-affected> (permissions are 755 on wheezy, sid and experimental)
-CVE-2012-6107
+CVE-2012-6107 (Apache Axis2/C does not verify that the server hostname matches a doma ...)
 	- axis2c <removed> (bug #697974)
 	[squeeze] - axis2c <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://issues.apache.org/jira/browse/AXIS2C-1619
-CVE-2012-6106
+CVE-2012-6106 (calendar/managesubscriptions.php in the Manage Subscriptions implement ...)
 	- moodle <not-affected> (Only affects 2.4)
-CVE-2012-6105
+CVE-2012-6105 (blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3 ...)
 	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6104
+CVE-2012-6104 (blog/rsslib.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and  ...)
 	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.2 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6103
+CVE-2012-6103 (Multiple cross-site request forgery (CSRF) vulnerabilities in user/mes ...)
 	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.2 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6102
+CVE-2012-6102 (lib.php in the Submission comments plugin in the Assignment module in  ...)
 	- moodle <not-affected> (Only affects 2.3 and above)
-CVE-2012-6101
+CVE-2012-6101 (Multiple open redirect vulnerabilities in Moodle 2.2.x before 2.2.7, 2 ...)
 	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.2 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6100
+CVE-2012-6100 (report/outline/index.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2. ...)
 	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.2 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6099
+CVE-2012-6099 (The moodle1 backup converter in backup/converter/moodle1/lib.php in Mo ...)
 	- moodle 2.5-1
 	[squeeze] - moodle <not-affected> (Only affects 2.1 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6098
+CVE-2012-6098 (grade/edit/outcome/edit_form.php in Moodle 1.9.x through 1.9.19, 2.1.x ...)
 	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
-CVE-2012-6097
+CVE-2012-6097 (File descriptor leak in cronie 1.4.8, when running in certain environm ...)
 	[experimental] - cronie <unfixed> (low; bug #697811)
 	NOTE: Only present in experimental
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=786096
-CVE-2012-6096
+CVE-2012-6096 (Multiple stack-based buffer overflows in the get_history function in h ...)
 	{DSA-2653-1 DSA-2616-1}
 	- icinga 1.7.1-5 (bug #697931)
 	- nagios3 3.4.1-3 (bug #697930)
-CVE-2012-6095
+CVE-2012-6095 (ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows lo ...)
 	{DSA-2606-1}
 	- proftpd-dfsg 1.3.4a-3 (bug #697524)
 CVE-2012-6094
 	RESERVED
 	- cups <not-affected> (systemd patch not applied in Debian, see bug #697584)
-CVE-2012-6093
+CVE-2012-6093 (The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4. ...)
 	- qt4-x11 <not-affected> (Only affects environments where a different OpenSSL is used, doesn't apply to Debian; bug #697582)
 	NOTE: http://lists.qt-project.org/pipermail/announce/2013-January/000020.html
 	NOTE: https://codereview.qt-project.org/#change,42461
 	NOTE: Fixed in 4:4.8.2+dfsg-10
-CVE-2012-6092
+CVE-2012-6092 (Multiple cross-site scripting (XSS) vulnerabilities in the web demos i ...)
 	- activemq <not-affected> (Example code not shipped in .deb)
 CVE-2012-6091
 	RESERVED
-CVE-2012-6090
+CVE-2012-6090 (Multiple stack-based buffer overflows in the expand function in os/pl- ...)
 	- swi-prolog 5.10.4-5 (low; bug #697416)
 	[squeeze] - swi-prolog 5.10.1-1+squeeze1
 	NOTE: http://web.archive.org/web/20130309013536/http://web.archive.org/web/20130309013536/https://lists.iai.uni-bonn.de/pipermail/swi-prolog/2012/009428.html
 	NOTE: http://www.swi-prolog.org/git/pl.git/commitdiff/b2c88972e7515ada025e97e7d3ce3e34f81cf33e
-CVE-2012-6089
+CVE-2012-6089 (Multiple stack-based buffer overflows in the canoniseFileName function ...)
 	- swi-prolog 5.10.4-5 (low; bug #697416)
 	[squeeze] - swi-prolog 5.10.1-1+squeeze1
 	NOTE: http://web.archive.org/web/20130309013536/http://web.archive.org/web/20130309013536/https://lists.iai.uni-bonn.de/pipermail/swi-prolog/2012/009428.html
 	NOTE: http://www.swi-prolog.org/git/pl.git/commitdiff/a9a6fc8a2a9cf3b9154b490a4b1ffaa8be4d723c
-CVE-2012-6088
+CVE-2012-6088 (The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 d ...)
 	- rpm 4.10.1-2.1 (bug #697375)
 	[squeeze] - rpm <not-affected> (Introduced in rpm 4.10.0)
 	[wheezy] - rpm 4.10.0-5+deb7u1
-CVE-2012-6087
+CVE-2012-6087 (repository/s3/S3.php in the Amazon S3 library in Moodle through 2.2.11 ...)
 	- moodle 2.2.7.dfsg-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy1
 	NOTE: https://github.com/tpyo/amazon-s3-php-class/pull/36
 	NOTE: https://tracker.moodle.org/browse/MDL-40615
-CVE-2012-6086
+CVE-2012-6086 (libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x befo ...)
 	- zabbix 1:2.0.7+dfsg-1 (bug #697443)
 	[squeeze] - zabbix <no-dsa> (Will be handled through point update)
 	NOTE: https://support.zabbix.com/browse/ZBX-5924
-CVE-2012-6085
+CVE-2012-6085 (The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 a ...)
 	{DSA-2601-1}
 	- gnupg 1.4.12-7 (bug #697108)
 	- gnupg2 2.0.19-2 (bug #697251)
-CVE-2012-6084
+CVE-2012-6084 (modules/m_capab.c in (1) ircd-ratbox before 3.0.8 and (2) Charybdis be ...)
 	{DSA-2612-1}
 	- charybdis 3.3.0-7.1 (bug #697092)
 	- ircd-ratbox 3.0.7.dfsg-3 (bug #697093)
@@ -1605,17 +1605,17 @@ CVE-2012-6083
 	- freeciv 2.3.4-1 (low; bug #696306)
 	[squeeze] - freeciv <no-dsa> (Minor issue)
 	[wheezy] - freeciv 2.3.2-1+deb7u1
-CVE-2012-6082
+CVE-2012-6082 (Cross-site scripting (XSS) vulnerability in the rsslink function in th ...)
 	{DSA-2593-1}
 	- moin 1.9.5-2
 	[wheezy] - moin 1.9.4-8+deb7u1
 	NOTE: Fix http://hg.moinmo.in/moin/1.9/rev/c98ec456e493
-CVE-2012-6081
+CVE-2012-6081 (Multiple unrestricted file upload vulnerabilities in the (1) twikidraw ...)
 	{DSA-2593-1}
 	[wheezy] - moin 1.9.4-8+deb7u1
 	- moin 1.9.5-3 (bug #696948)
 	NOTE: Fix http://hg.moinmo.in/moin/1.9/rev/7e7e1cbb9d3f
-CVE-2012-6080
+CVE-2012-6080 (Directory traversal vulnerability in the _do_attachment_move function  ...)
 	{DSA-2593-1}
 	[wheezy] - moin 1.9.4-8+deb7u1
 	- moin 1.9.5-4 (bug #696949)
@@ -1632,26 +1632,26 @@ CVE-2012-6077
 	RESERVED
 	NOT-FOR-US: W3 Total Cache
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/30/3
-CVE-2012-6076
+CVE-2012-6076 (Inkscape before 0.48.4 reads .eps files from /tmp instead of the curre ...)
 	- inkscape 0.48.3.1-1.3 (low; bug #654341)
 	[squeeze] - inkscape <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/inkscape/+bug/911146
-CVE-2012-6075
+CVE-2012-6075 (Buffer overflow in the e1000_receive function in the e1000 device driv ...)
 	{DSA-2619-1 DSA-2608-1 DSA-2607-1}
 	- qemu 1.1.2+dfsg-4 (bug #696051)
 	- qemu-kvm 1.1.2+dfsg-4 (bug #696051)
 	- xen 4.1.3-8
 	[squeeze] - xen <not-affected> (In Squeeze the code is in the package xen-qemu-dm-4.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/30/1
-CVE-2012-6074
+CVE-2012-6074 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.491, Jenk ...)
 	- jenkins 1.447.2+dfsg-3 (bug #696816)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/28/1
-CVE-2012-6073
+CVE-2012-6073 (Open redirect vulnerability in Jenkins before 1.491, Jenkins LTS befor ...)
 	- jenkins 1.447.2+dfsg-3 (bug #696816)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/28/1
-CVE-2012-6072
+CVE-2012-6072 (CRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS befo ...)
 	- jenkins 1.447.2+dfsg-3 (bug #696816)
 	- jenkins-winstone 0.9.10-jenkins-37+dfsg-2 (bug #696974)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20
@@ -1663,143 +1663,143 @@ CVE-2012-6071 [libnusoap-php: Curl insecure usage]
 CVE-2012-6070 [falconpl: Curl insecure usage]
 	RESERVED
 	- falconpl 0.9.6.9-git20120606-2 (bug #696681)
-CVE-2012-6069
+CVE-2012-6069 (Directory traversal vulnerability in the Runtime Toolkit in CODESYS Ru ...)
 	NOT-FOR-US: CODESYS Runtime System
-CVE-2012-6068
+CVE-2012-6068 (The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not ...)
 	NOT-FOR-US: CODESYS Runtime System
-CVE-2012-6067
+CVE-2012-6067 (freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to byp ...)
 	NOT-FOR-US: freeFTPd
-CVE-2012-6066
+CVE-2012-6066 (freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypa ...)
 	NOT-FOR-US: freeFTPd
-CVE-2012-6065
+CVE-2012-6065 (The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Titl ...)
 	NOT-FOR-US: Drupal plugin
-CVE-2012-6064
+CVE-2012-6064 (Directory traversal vulnerability in lib/filemanager/imagemanager/imag ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2012-6063
+CVE-2012-6063 (Double free vulnerability in the sftp_mkdir function in sftp.c in libs ...)
 	{DSA-2577-1}
 	- libssh 0.5.3-1
 	[squeeze] - libssh 0.4.5-3+squeeze1
 	NOTE: Fix included in CVE-2012-4559 patch
 	NOTE: https://red.libssh.org/issues/84
 	NOTE: http://git.libssh.org/projects/libssh.git/commit/?h=v0-5&id=4d8420f3282ed07fc99fc5e930c17df27ef1e9b2
-CVE-2012-6062
+CVE-2012-6062 (The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the  ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6061
+CVE-2012-6061 (The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6060
+CVE-2012-6060 (Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/ ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6059
+CVE-2012-6059 (The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the  ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6058
+CVE-2012-6058 (Integer overflow in the dissect_icmpv6 function in epan/dissectors/pac ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6057
+CVE-2012-6057 (The dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6056
+CVE-2012-6056 (Integer overflow in the dissect_sack_chunk function in epan/dissectors ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6055
+CVE-2012-6055 (epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshar ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6054
+CVE-2012-6054 (The dissect_sflow_245_address_type function in epan/dissectors/packet- ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6053
+CVE-2012-6053 (epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x b ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-6052
+CVE-2012-6052 (Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensiti ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: not suitable for code injection
 	NOTE: Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=45511
-CVE-2012-6051
+CVE-2012-6051 (Google CityHash computes hash values without properly restricting the  ...)
 	- cityhash <removed> (bug #694999)
-CVE-2012-6050
+CVE-2012-6050 (The winbox service in MikroTik RouterOS 5.15 and earlier allows remote ...)
 	NOT-FOR-US: MikroTik RouterOS
-CVE-2012-6049
+CVE-2012-6049 (Open Solution Quick.Cart 5.0 allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: Open Solution Quick.Cart 5.0
-CVE-2012-6048
+CVE-2012-6048 (Guitar Pro 6.1.1 r10791 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Guitar Pro 6.1.1
-CVE-2012-6047
+CVE-2012-6047 (Cross-site request forgery (CSRF) vulnerability in X7 Chat 2.0.5.1 and ...)
 	NOT-FOR-US: X7 Chat 2.0.5.1
-CVE-2012-6046
+CVE-2012-6046 (Static code injection vulnerability in admin/banners.php in PHP Enter  ...)
 	NOT-FOR-US: PHP Enter
-CVE-2012-6045
+CVE-2012-6045 (Cross-site scripting (XSS) vulnerability in gb/user/index.php in Ramui ...)
 	NOT-FOR-US: Ramui Forum
-CVE-2012-6044
+CVE-2012-6044 (M-Player 0.4 allows remote attackers to cause a denial of service (cra ...)
 	NOT-FOR-US: M-Player (different from mplayer in the archive)
-CVE-2012-6043
+CVE-2012-6043 (Cross-site scripting (XSS) vulnerability in downloads.php in PHP-Fusio ...)
 	NOT-FOR-US: phpFusion
-CVE-2012-6042
+CVE-2012-6042 (GPSMapEdit 1.1.73.2 allows user-assisted remote attackers to cause a d ...)
 	NOT-FOR-US: GPSMapEdit
-CVE-2012-6041
+CVE-2012-6041 (Double free vulnerability in GreenBrowser before 6.0.1002, when the ke ...)
 	NOT-FOR-US: GreenBrowser
-CVE-2012-6040
+CVE-2012-6040 (Cross-site scripting (XSS) vulnerability in users.php in File King Adv ...)
 	NOT-FOR-US: File King Advanced File Management 1.4
-CVE-2012-6039
+CVE-2012-6039 (SQL injection vulnerability in view_comments.php in YABSoft Advanced I ...)
 	NOT-FOR-US: YABSoft Advanced Image Hosting
-CVE-2012-6038
+CVE-2012-6038 (admin/core/admin_func.php in razorCMS before 1.2.1 does not properly r ...)
 	NOT-FOR-US: razorCMS
-CVE-2012-6037
+CVE-2012-6037 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x be ...)
 	{DSA-2591-1}
 	- mahara 1.5.1-3
-CVE-2012-6036
+CVE-2012-6036 (The (1) memc_save_get_next_page, (2) tmemc_restore_put_page and (3) tm ...)
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6035
+CVE-2012-6035 (The do_tmem_destroy_pool function in the Transcendent Memory (TMEM) in ...)
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6034
+CVE-2012-6034 (The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv funct ...)
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6033
+CVE-2012-6033 (The do_tmem_control function in the Transcendent Memory (TMEM) in Xen  ...)
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6032
+CVE-2012-6032 (Multiple integer overflows in the (1) tmh_copy_from_client and (2) tmh ...)
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6031
+CVE-2012-6031 (The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, ...)
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6030
+CVE-2012-6030 (The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0,  ...)
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: CVE-2012-3497 has been SPLIT into this ID and others
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-6029
+CVE-2012-6029 (Multiple cross-site scripting (XSS) vulnerabilities in the web-authent ...)
 	NOT-FOR-US: Cisco NAC Appliance
 CVE-2012-6028
 	RESERVED
 CVE-2012-6027
 	RESERVED
-CVE-2012-6026
+CVE-2012-6026 (The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 ...)
 	NOT-FOR-US: Cisco Aironet Access Point
 CVE-2012-6025
 	RESERVED
@@ -1837,7 +1837,7 @@ CVE-2012-6009
 	RESERVED
 CVE-2012-6008
 	RESERVED
-CVE-2012-6007
+CVE-2012-6007 (Cross-site scripting (XSS) vulnerability in screens/base/web_auth_cust ...)
 	NOT-FOR-US: Cisco
 CVE-2012-6006
 	RESERVED
@@ -1867,11 +1867,11 @@ CVE-2012-5994
 	RESERVED
 CVE-2012-5993
 	RESERVED
-CVE-2012-5992
+CVE-2012-5992 (Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Wi ...)
 	NOT-FOR-US: Cisco
-CVE-2012-5991
+CVE-2012-5991 (screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WL ...)
 	NOT-FOR-US: Cisco
-CVE-2012-5990
+CVE-2012-5990 (Multiple cross-site scripting (XSS) vulnerabilities in Health Monitor  ...)
 	NOT-FOR-US: Cisco
 CVE-2012-5989
 	RESERVED
@@ -1893,111 +1893,111 @@ CVE-2012-5981
 	RESERVED
 CVE-2012-5980
 	RESERVED
-CVE-2012-5978
+CVE-2012-5978 (Multiple directory traversal vulnerabilities in the (1) View Connectio ...)
 	NOT-FOR-US: VMware View
-CVE-2012-5977
+CVE-2012-5977 (Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 1 ...)
 	{DSA-2605-1}
 	- asterisk 1:1.8.13.1~dfsg-2 (bug #697230)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2012-015.pdf
-CVE-2012-5976
+CVE-2012-5976 (Multiple stack consumption vulnerabilities in Asterisk Open Source 1.8 ...)
 	{DSA-2605-1}
 	- asterisk 1:1.8.13.1~dfsg-2 (bug #697230)
 	NOTE: http://downloads.digium.com/pub/security/AST-2012-014.pdf
-CVE-2012-5975
+CVE-2012-5975 (The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 thr ...)
 	NOT-FOR-US: Tectia SSH
 CVE-2012-5974
 	RESERVED
-CVE-2012-5973
+CVE-2012-5973 (CA XCOM Data Transport r11.0 and r11.5 on UNIX and Linux allows remote ...)
 	NOT-FOR-US: CA XCOM Data Transport
-CVE-2012-5972
+CVE-2012-5972 (Directory traversal vulnerability in the web server in SpecView 2.5 bu ...)
 	NOT-FOR-US: SpecView 2.5
 CVE-2012-5971
 	RESERVED
-CVE-2012-5970
+CVE-2012-5970 (The Huawei E585 device allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: Huawei device
-CVE-2012-5969
+CVE-2012-5969 (Multiple directory traversal vulnerabilities on the Huawei E585 device ...)
 	NOT-FOR-US: Huawei device
-CVE-2012-5968
+CVE-2012-5968 (The Huawei E585 device does not validate the status of admin sessions, ...)
 	NOT-FOR-US: Huawei device
-CVE-2012-5967
+CVE-2012-5967 (SQL injection vulnerability in menuXML.php in Centreon 2.3.3 through 2 ...)
 	NOT-FOR-US: Centreon
-CVE-2012-5966
+CVE-2012-5966 (The restricted telnet shell on the D-Link DSL2730U router allows remot ...)
 	NOT-FOR-US: D-Link DSL2730U router
-CVE-2012-5965
+CVE-2012-5965 (Stack-based buffer overflow in the unique_service_name function in ssd ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5964
+CVE-2012-5964 (Stack-based buffer overflow in the unique_service_name function in ssd ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5963
+CVE-2012-5963 (Stack-based buffer overflow in the unique_service_name function in ssd ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5962
+CVE-2012-5962 (Stack-based buffer overflow in the unique_service_name function in ssd ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5961
+CVE-2012-5961 (Stack-based buffer overflow in the unique_service_name function in ssd ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5960
+CVE-2012-5960 (Stack-based buffer overflow in the unique_service_name function in ssd ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5959
+CVE-2012-5959 (Stack-based buffer overflow in the unique_service_name function in ssd ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-CVE-2012-5958
+CVE-2012-5958 (Stack-based buffer overflow in the unique_service_name function in ssd ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
 CVE-2012-5957
 	RESERVED
-CVE-2012-5956
+CVE-2012-5956 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine As ...)
 	NOT-FOR-US: ManageEngine AssetExplorer 5.6
-CVE-2012-5955
+CVE-2012-5955 (Unspecified vulnerability in the IBM HTTP Server component 5.3 in IBM  ...)
 	NOT-FOR-US: WebSphere
-CVE-2012-5954
+CVE-2012-5954 (Unspecified vulnerability in IBM Tivoli Storage Manager for Space Mana ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2012-5953
+CVE-2012-5953 (IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6,  ...)
 	NOT-FOR-US: IBM
-CVE-2012-5952
+CVE-2012-5952 (IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6,  ...)
 	NOT-FOR-US: IBM
-CVE-2012-5951
+CVE-2012-5951 (Unspecified vulnerability in IBM Tivoli NetView 1.4, 5.1 through 5.4,  ...)
 	NOT-FOR-US: IBM Tivoli NetView
-CVE-2012-5950
+CVE-2012-5950 (Multiple cross-site request forgery (CSRF) vulnerabilities in IBM TRIR ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2012-5949
+CVE-2012-5949 (Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA App ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2012-5948
+CVE-2012-5948 (Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA App ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2012-5947
+CVE-2012-5947 (Buffer overflow in the vsflex7l ActiveX control in IBM SPSS SamplePowe ...)
 	NOT-FOR-US: IBM SPSS SamplePower
-CVE-2012-5946
+CVE-2012-5946 (Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM S ...)
 	NOT-FOR-US: IBM SPSS SamplePower
-CVE-2012-5945
+CVE-2012-5945 (Multiple buffer overflows in the Vsflex8l ActiveX control in IBM SPSS  ...)
 	NOT-FOR-US: IBM SPSS SamplePower
 CVE-2012-5944
 	RESERVED
-CVE-2012-5943
+CVE-2012-5943 (Cross-site scripting (XSS) vulnerability in IBM iNotes 8.5.x before 8. ...)
 	NOT-FOR-US: IBM iNotes
-CVE-2012-5942
+CVE-2012-5942 (Cross-site scripting (XSS) vulnerability in the Data Management Portal ...)
 	NOT-FOR-US: IBM Tivoli TADDM
-CVE-2012-5941
+CVE-2012-5941 (Cross-site scripting (XSS) vulnerability in the WebAdmin application 6 ...)
 	NOT-FOR-US: IBM
-CVE-2012-5940
+CVE-2012-5940 (The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezz ...)
 	NOT-FOR-US: IBM
-CVE-2012-5939
+CVE-2012-5939 (Cross-site scripting (XSS) vulnerability in Welcome.do in the Data Man ...)
 	NOT-FOR-US: IBM Tivoli TADDM
-CVE-2012-5938
+CVE-2012-5938 (The installation process in IBM InfoSphere Information Server 8.1, 8.5 ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-5937
+CVE-2012-5937 (Unspecified vulnerability in the CLA2 server in IBM Gentran Integratio ...)
 	NOT-FOR-US: IBM Gentran Integration
-CVE-2012-5936
+CVE-2012-5936 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
 CVE-2012-5935
 	RESERVED
@@ -2005,11 +2005,11 @@ CVE-2012-5934
 	RESERVED
 CVE-2012-5933
 	RESERVED
-CVE-2012-5932
+CVE-2012-5932 (Eval injection vulnerability in the ldapagnt_eval function in ldapagnt ...)
 	NOT-FOR-US: NetIQ Privileged User Manager 2.3.x
-CVE-2012-5931
+CVE-2012-5931 (Directory traversal vulnerability in the set_log_config function in re ...)
 	NOT-FOR-US: NetIQ Privileged User Manager 2.3.x
-CVE-2012-5930
+CVE-2012-5930 (The pa_modify_accounts function in auth.dll in unifid.exe in NetIQ Pri ...)
 	NOT-FOR-US: NetIQ Privileged User Manager 2.3.x
 CVE-2012-5929
 	RESERVED
@@ -2029,120 +2029,120 @@ CVE-2012-5922
 	RESERVED
 CVE-2012-5921
 	RESERVED
-CVE-2012-5920
+CVE-2012-5920 (Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2 ...)
 	- gwt <removed> (bug #691900)
 	[squeeze] - gwt <not-affected> (Vulnerable code not present)
-CVE-2012-5919
+CVE-2012-5919 (Multiple cross-site scripting (XSS) vulnerabilities in Havalite 1.0.4  ...)
 	NOT-FOR-US: havalite
-CVE-2012-5918
+CVE-2012-5918 (razorCMS 1.2 allows remote authenticated users to access administrator ...)
 	NOT-FOR-US: razorCMS
-CVE-2012-5917
+CVE-2012-5917 (SnackAmp 3.1.3 allows remote attackers to cause a denial of service (a ...)
 	NOT-FOR-US: SnackAmp
-CVE-2012-5916
+CVE-2012-5916 (Neocrome Seditio build 161 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Neocrome Seditio
-CVE-2012-5915
+CVE-2012-5915 (Neocrome Seditio build 161 and earlier allows remote attackers to obta ...)
 	NOT-FOR-US: Neocrome Seditio
-CVE-2012-5914
+CVE-2012-5914 (Multiple cross-site scripting (XSS) vulnerabilities in the sed_import  ...)
 	NOT-FOR-US: Neocrome Seditio
-CVE-2012-5913
+CVE-2012-5913 (Cross-site scripting (XSS) vulnerability in wp-integrator.php in the W ...)
 	NOT-FOR-US: Wordpress Integrator plugin
-CVE-2012-5912
+CVE-2012-5912 (Multiple SQL injection vulnerabilities in PicoPublisher 2.0 allow remo ...)
 	NOT-FOR-US: PicoPublisher
-CVE-2012-5911
+CVE-2012-5911 (Cross-site scripting (XSS) vulnerability in blogs/blog1.php in b2evolu ...)
 	NOT-FOR-US: b2evolution
-CVE-2012-5910
+CVE-2012-5910 (SQL injection vulnerability in blogs/htsrv/viewfile.php in b2evolution ...)
 	NOT-FOR-US: b2evolution
-CVE-2012-5909
+CVE-2012-5909 (SQL injection vulnerability in admin/modules/user/users.php in MyBB (a ...)
 	NOT-FOR-US: MyBB
-CVE-2012-5908
+CVE-2012-5908 (Cross-site scripting (XSS) vulnerability in admin/modules/user/users.p ...)
 	NOT-FOR-US: MyBB
-CVE-2012-5907
+CVE-2012-5907 (Directory traversal vulnerability in json.php in TomatoCart 1.2.0 Alph ...)
 	NOT-FOR-US: TomatoCart
-CVE-2012-5906
+CVE-2012-5906 (Multiple cross-site scripting (XSS) vulnerabilities in GreenBrowser 6. ...)
 	NOT-FOR-US: GreenBrowser
-CVE-2012-5905
+CVE-2012-5905 (Buffer overflow in KnFTPd 1.0.0 allows remote authenticated users to c ...)
 	NOT-FOR-US: KnFTPd
-CVE-2012-5904
+CVE-2012-5904 (Heap-based buffer overflow in IrfanView before 4.33 allows remote atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2012-5903
+CVE-2012-5903 (Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF ...)
 	NOT-FOR-US: Simple Machine Forum
-CVE-2012-5902
+CVE-2012-5902 (Cross-site scripting (XSS) vulnerability in ptk/lib/modal_bookmark.php ...)
 	NOT-FOR-US: DFLabs PTK
-CVE-2012-5901
+CVE-2012-5901 (DFLabs PTK 1.0.5 stores data files with predictable names under the we ...)
 	NOT-FOR-US: DFLabs PTK
-CVE-2012-5900
+CVE-2012-5900 (Multiple SQL injection vulnerabilities in SAMEDIA LandShop 0.9.2 allow ...)
 	NOT-FOR-US: SAMEDIA LandShop
-CVE-2012-5899
+CVE-2012-5899 (Cross-site scripting (XSS) vulnerability in admin/action/objects.php i ...)
 	NOT-FOR-US: SAMEDIA LandShop
-CVE-2012-5898
+CVE-2012-5898 (Cross-site request forgery (CSRF) vulnerability in SAMEDIA LandShop 0. ...)
 	NOT-FOR-US: SAMEDIA LandShop
-CVE-2012-5897
+CVE-2012-5897 (The (1) SimpleTree and (2) ReportTree classes in the ARDoc ActiveX con ...)
 	NOT-FOR-US: Quest in Trust
-CVE-2012-5896
+CVE-2012-5896 (The Annotation Objects Extension ActiveX control in AnnotateX.dll in Q ...)
 	NOT-FOR-US: Quest in Trust
-CVE-2012-5895
+CVE-2012-5895 (Multiple unspecified vulnerabilities in iRODS before 3.1 have unknown  ...)
 	NOT-FOR-US: iRODS
-CVE-2012-5894
+CVE-2012-5894 (SQL injection vulnerability in hava_post.php in Havalite CMS 1.1.0 and ...)
 	NOT-FOR-US: Havalite CMS
-CVE-2012-5893
+CVE-2012-5893 (Unrestricted file upload vulnerability in hava_upload.php in Havalite  ...)
 	NOT-FOR-US: Havalite CMS
-CVE-2012-5892
+CVE-2012-5892 (Havalite CMS 1.1.0 and earlier stores sensitive information under the  ...)
 	NOT-FOR-US: Havalite CMS
-CVE-2012-5891
+CVE-2012-5891 (Multiple cross-site request forgery (CSRF) vulnerabilities in photo/pa ...)
 	NOT-FOR-US: Dalbum
-CVE-2012-5890
+CVE-2012-5890 (The Front End User Registration (sr_feuser_register) extension before  ...)
 	NOT-FOR-US: Typo3 extension (sr_feuser_register)
-CVE-2012-5889
+CVE-2012-5889 (Cross-site scripting (XSS) vulnerability in the powermail extension be ...)
 	NOT-FOR-US: Typo3 extension (powermail)
-CVE-2012-5888
+CVE-2012-5888 (Cross-site scripting (XSS) vulnerability in Basic SEO Features (seo_ba ...)
 	NOT-FOR-US: Typo3 extension (seo_basics)
-CVE-2012-5887
+CVE-2012-5887 (The HTTP Digest Access Authentication implementation in Apache Tomcat  ...)
 	- tomcat6 6.0.35-5+nmu1 (bug #692439)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
 	- tomcat7 7.0.28-3+nmu1 (bug #692440)
-CVE-2012-5886
+CVE-2012-5886 (The HTTP Digest Access Authentication implementation in Apache Tomcat  ...)
 	- tomcat6 6.0.35-5+nmu1 (bug #692439)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
 	- tomcat7 7.0.28-3+nmu1 (bug #692440)
-CVE-2012-5885
+CVE-2012-5885 (The replay-countermeasure functionality in the HTTP Digest Access Auth ...)
 	- tomcat6 6.0.35-5+nmu1 (bug #692439)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
 	- tomcat7 7.0.28-3+nmu1 (bug #692440)
-CVE-2012-5884
+CVE-2012-5884 (The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 a ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <not-affected> (vulnerable code not present in 3.x)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-5883
+CVE-2012-5883 (Cross-site scripting (XSS) vulnerability in the Flash component infras ...)
 	- yui3 <not-affected>
 	- yui 2.9.0.dfsg.0.1-0.1 (bug #693608)
 	[squeeze] - yui <no-dsa> (Minor issue, Flash not build from source in oldstable)
 	- icinga-web 1.7.1+dfsg2-6 (bug #694641)
-CVE-2012-5882
+CVE-2012-5882 (Cross-site scripting (XSS) vulnerability in the Flash component infras ...)
 	- yui3 <not-affected>
 	- yui 2.9.0.dfsg.0.1-0.1 (bug #693608)
 	[squeeze] - yui <no-dsa> (Minor issue, Flash not build from source in oldstable)
 	- icinga-web 1.7.1+dfsg2-6 (bug #694641)
-CVE-2012-5881
+CVE-2012-5881 (Cross-site scripting (XSS) vulnerability in the Flash component infras ...)
 	- yui3 <not-affected>
 	- yui 2.9.0.dfsg.0.1-0.1 (bug #693608)
 	[squeeze] - yui <no-dsa> (Minor issue, Flash not build from source in oldstable)
 	- icinga-web 1.7.1+dfsg2-6 (bug #694641)
 CVE-2012-5880
 	RESERVED
-CVE-2012-5879
+CVE-2012-5879 (An ActiveX control in McHealthCheck.dll in McAfee Virtual Technician ( ...)
 	NOT-FOR-US: McAfee Virtual Technician
 CVE-2012-5878
 	RESERVED
-CVE-2012-5877
+CVE-2012-5877 (Nero MediaHome 4.5.8.0 and earlier allows remote attackers to cause a  ...)
 	NOT-FOR-US: Nero MediaHome
-CVE-2012-5876
+CVE-2012-5876 (Multiple off-by-one errors in NMMediaServerService.dll in Nero MediaHo ...)
 	NOT-FOR-US: Nero MediaHome
-CVE-2012-5875
+CVE-2012-5875 (Firefly Media Server 1.0.0.1359 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Firefly Media Server
-CVE-2012-5874
+CVE-2012-5874 (Multiple SQL injection vulnerabilities in the (1) update_whosonline_re ...)
 	NOT-FOR-US: Elite Bulletin Board
 CVE-2012-5873
 	RESERVED
@@ -2154,50 +2154,50 @@ CVE-2012-5870
 	RESERVED
 CVE-2012-5869
 	RESERVED
-CVE-2012-5868
+CVE-2012-5868 (WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upo ...)
 	- wordpress <unfixed> (unimportant; bug #696868)
 	NOTE: non-issue, see https://wordpress.org/support/topic/old-bug-cve-2012-5868
 CVE-2012-5867
 	RESERVED
-CVE-2012-5866
+CVE-2012-5866 (Cross-site scripting (XSS) vulnerability in include.php in Achievo 1.4 ...)
 	NOT-FOR-US: Achievo
-CVE-2012-5865
+CVE-2012-5865 (SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows re ...)
 	NOT-FOR-US: Achievo
-CVE-2012-5864
+CVE-2012-5864 (The management web pages on the Sinapsi eSolar Light Photovoltaic Syst ...)
 	NOT-FOR-US: Sinapsi eSolar Light Photovoltaic System Monitor
-CVE-2012-5863
+CVE-2012-5863 (ping.php on the Sinapsi eSolar Light Photovoltaic System Monitor (aka  ...)
 	NOT-FOR-US: Sinapsi eSolar Light Photovoltaic System Monitor
-CVE-2012-5862
+CVE-2012-5862 (login.php on the Sinapsi eSolar Light Photovoltaic System Monitor (aka ...)
 	NOT-FOR-US: Sinapsi eSolar Light Photovoltaic System Monitor
-CVE-2012-5861
+CVE-2012-5861 (Multiple SQL injection vulnerabilities on the Sinapsi eSolar Light Pho ...)
 	NOT-FOR-US: Sinapsi eSolar Light Photovoltaic System Monitor
-CVE-2012-5860
+CVE-2012-5860 (Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 s ...)
 	NOT-FOR-US: ID-One COSMO
-CVE-2012-5859
+CVE-2012-5859 (Samsung Kies Air 2.1.207051 and 2.1.210161 allows remote attackers to  ...)
 	NOT-FOR-US: Samsung Kies Air
-CVE-2012-5858
+CVE-2012-5858 (Samsung Kies Air 2.1.207051 and 2.1.210161 relies on the IP address fo ...)
 	NOT-FOR-US: Samsung Kies Air
 CVE-2012-5857
 	RESERVED
-CVE-2012-5856
+CVE-2012-5856 (Cross-site scripting (XSS) vulnerability in the Uk Cookie (aka uk-cook ...)
 	NOT-FOR-US: Wordpress plugin (uk cookie)
-CVE-2012-5855
+CVE-2012-5855 (The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and  ...)
 	- vlc <not-affected> (Windows only issue)
 	NOTE: Harmless crasher without security relevance
-CVE-2012-5853
+CVE-2012-5853 (SQL injection vulnerability in the "the_search_function" function in c ...)
 	NOT-FOR-US: "the_search_function" function in cardoza_ajax_search.php in the AJAX Post Search (cardoza-ajax-search) plugin for WordPress
 CVE-2012-5852
 	RESERVED
-CVE-2012-5851
+CVE-2012-5851 (html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chr ...)
 	- chromium-browser <unfixed> (unimportant)
 	- webkit <unfixed> (unimportant)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=92692
 	NOTE: Incomplete mitigation feature, not a security vulnerability per se
 CVE-2012-5850
 	RESERVED
-CVE-2012-5849
+CVE-2012-5849 (Multiple SQL injection vulnerabilities in ClipBucket 2.6 Revision 738  ...)
 	NOT-FOR-US: ClipBucket
-CVE-2012-5854
+CVE-2012-5854 (Heap-based buffer overflow in WeeChat 0.3.6 through 0.3.9 allows remot ...)
 	- weechat 0.3.9.1-1 (bug #693026)
 	[wheezy] - weechat 0.3.8-1+deb7u1
 	[squeeze] - weechat <not-affected> (Vulnerable code not present)
@@ -2211,47 +2211,47 @@ CVE-2012-5845
 	REJECTED
 CVE-2012-5844
 	REJECTED
-CVE-2012-5843
+CVE-2012-5843 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-5842
+CVE-2012-5842 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
-CVE-2012-5841
+CVE-2012-5841 (Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderb ...)
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-5840
+CVE-2012-5840 (Use-after-free vulnerability in the nsTextEditorState::PrepareEditor f ...)
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-5839
+CVE-2012-5839 (Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsCl ...)
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-5838
+CVE-2012-5838 (The copyTexImage2D implementation in the WebGL subsystem in Mozilla Fi ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-5837
+CVE-2012-5837 (The Web Developer Toolbar in Mozilla Firefox before 17.0 executes scri ...)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-5836
+CVE-2012-5836 (Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey be ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-5835
+CVE-2012-5835 (Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0 ...)
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
@@ -2260,7 +2260,7 @@ CVE-2012-5835
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-5834
 	REJECTED
-CVE-2012-5833
+CVE-2012-5833 (The texImage2D implementation in the WebGL subsystem in Mozilla Firefo ...)
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
@@ -2271,131 +2271,131 @@ CVE-2012-5832
 	REJECTED
 CVE-2012-5831
 	REJECTED
-CVE-2012-5830
+CVE-2012-5830 (Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox E ...)
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-5829
+CVE-2012-5829 (Heap-based buffer overflow in the nsWindow::OnExposeEvent function in  ...)
 	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 CVE-2012-5828
 	RESERVED
-CVE-2012-5827
+CVE-2012-5827 (Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote attack ...)
 	NOT-FOR-US: Joomla!
 CVE-2012-5826
 	RESERVED
-CVE-2012-5825
+CVE-2012-5825 (Tweepy does not verify that the server hostname matches a domain name  ...)
 	- tweepy 3.1.0-2 (low; bug #692444)
 	[jessie] - tweepy <no-dsa> (Minor issue)
 	[wheezy] - tweepy <no-dsa> (Minor issue)
-CVE-2012-5824
+CVE-2012-5824 (Trillian 5.1.0.19 does not verify that the server hostname matches a d ...)
 	NOT-FOR-US: Trillian
-CVE-2012-5823
+CVE-2012-5823 (Open Source Classifieds does not verify that the server hostname match ...)
 	NOT-FOR-US: Open Source Classifieds
-CVE-2012-5822
+CVE-2012-5822 (The contribution feature in Zamboni does not verify that the server ho ...)
 	NOT-FOR-US: Zamboni
-CVE-2012-5821
+CVE-2012-5821 (Lynx does not verify that the server's certificate is signed by a trus ...)
 	- lynx-cur 2.8.8dev.15-1 (low; bug #692443)
 	[squeeze] - lynx-cur <no-dsa> (Minor issue)
 	[wheezy] - lynx-cur <no-dsa> (Minor issue)
-CVE-2012-5820
+CVE-2012-5820 (The developer-account sample code in Google AdMob does not verify that ...)
 	NOT-FOR-US: Google AdMob
-CVE-2012-5819
+CVE-2012-5819 (FilesAnywhere does not verify that the server hostname matches a domai ...)
 	NOT-FOR-US: FilesAnywhere
-CVE-2012-5818
+CVE-2012-5818 (ElephantDrive does not verify that the server hostname matches a domai ...)
 	NOT-FOR-US: ElephantDrive
-CVE-2012-5817
+CVE-2012-5817 (Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools  ...)
 	NOT-FOR-US: Codehaus XFire
-CVE-2012-5816
+CVE-2012-5816 (AOL Instant Messenger (AIM) 1.0.1.2 does not verify that the server ho ...)
 	NOT-FOR-US: AOL Instant Messenger
-CVE-2012-5815
+CVE-2012-5815 (The Rackspace app 2.1.5 for iOS does not verify that the server hostna ...)
 	NOT-FOR-US: Rackspace app for iOS
-CVE-2012-5814
+CVE-2012-5814 (Weberknecht, as used in GitHub Gaug.es and other products, does not ve ...)
 	NOT-FOR-US: Weberknecht
-CVE-2012-5813
+CVE-2012-5813 (The Android_Pusher library for Android does not verify that the server ...)
 	NOT-FOR-US: Android app/lib
-CVE-2012-5812
+CVE-2012-5812 (The ACRA library for Android does not verify that the server hostname  ...)
 	NOT-FOR-US: Android app/lib
-CVE-2012-5811
+CVE-2012-5811 (The Breezy application for Android does not verify that the server hos ...)
 	NOT-FOR-US: Android app/lib
-CVE-2012-5810
+CVE-2012-5810 (The Chase mobile banking application for Android does not verify that  ...)
 	NOT-FOR-US: Android app/lib
-CVE-2012-5809
+CVE-2012-5809 (The Groupon Redemptions application for Android does not verify that t ...)
 	NOT-FOR-US: Android app/lib
-CVE-2012-5808
+CVE-2012-5808 (The LinkPoint module in Zen Cart does not verify that the server hostn ...)
 	NOT-FOR-US: Zen Cart module
-CVE-2012-5807
+CVE-2012-5807 (The Authorize.Net eCheck module in Zen Cart does not verify that the s ...)
 	NOT-FOR-US: Zen Cart module
-CVE-2012-5806
+CVE-2012-5806 (The PayPal Payments Pro module in Zen Cart does not verify that the se ...)
 	NOT-FOR-US: Zen Cart module
-CVE-2012-5805
+CVE-2012-5805 (The PayPal IPN functionality in Zen Cart does not verify that the serv ...)
 	NOT-FOR-US: Zen Cart module
-CVE-2012-5804
+CVE-2012-5804 (The CyberSource module in Ubercart does not verify that the server hos ...)
 	NOT-FOR-US: Ubercart module
-CVE-2012-5803
+CVE-2012-5803 (The Authorize.Net module in Ubercart does not verify that the server h ...)
 	NOT-FOR-US: Ubercart module
-CVE-2012-5802
+CVE-2012-5802 (The PayPal module in Ubercart does not verify that the server hostname ...)
 	NOT-FOR-US: Ubercart module
-CVE-2012-5801
+CVE-2012-5801 (The PayPal module in PrestaShop does not verify that the server hostna ...)
 	NOT-FOR-US: PrestaShop module
-CVE-2012-5800
+CVE-2012-5800 (The eBay module in PrestaShop does not verify that the server hostname ...)
 	NOT-FOR-US: PrestaShop module
-CVE-2012-5799
+CVE-2012-5799 (The Canada Post (aka CanadaPost) module in PrestaShop does not verify  ...)
 	NOT-FOR-US: PrestaShop module
-CVE-2012-5798
+CVE-2012-5798 (The PayPal Pro PayFlow EC module in osCommerce does not verify that th ...)
 	NOT-FOR-US: osCommerce module
-CVE-2012-5797
+CVE-2012-5797 (The PayPal Pro PayFlow module in osCommerce does not verify that the s ...)
 	NOT-FOR-US: osCommerce module
-CVE-2012-5796
+CVE-2012-5796 (The PayPal Pro module in osCommerce does not verify that the server ho ...)
 	NOT-FOR-US: osCommerce module
-CVE-2012-5795
+CVE-2012-5795 (The PayPal Express module in osCommerce does not verify that the serve ...)
 	NOT-FOR-US: osCommerce module
-CVE-2012-5794
+CVE-2012-5794 (The MoneyBookers module in osCommerce does not verify that the server  ...)
 	NOT-FOR-US: osCommerce module
-CVE-2012-5793
+CVE-2012-5793 (The Authorize.Net module in osCommerce does not verify that the server ...)
 	NOT-FOR-US: osCommerce module
-CVE-2012-5792
+CVE-2012-5792 (The Sage Pay Direct module in osCommerce does not verify that the serv ...)
 	NOT-FOR-US: osCommerce module
-CVE-2012-5791
+CVE-2012-5791 (PayPal Invoicing does not verify that the server hostname matches a do ...)
 	NOT-FOR-US: PayPal Invoicing
-CVE-2012-5790
+CVE-2012-5790 (PayPal Payments Standard PHP Library 20120427 does not verify that the ...)
 	NOT-FOR-US: PayPal Payments Standard PHP Library
-CVE-2012-5789
+CVE-2012-5789 (PayPal Payments Standard PHP Library before 20120427 does not verify t ...)
 	NOT-FOR-US: PayPal Payments Standard PHP Library
-CVE-2012-5788
+CVE-2012-5788 (The PayPal IPN utility does not verify that the server hostname matche ...)
 	NOT-FOR-US: The PayPal IPN utility
-CVE-2012-5787
+CVE-2012-5787 (The PayPal merchant SDK does not verify that the server hostname match ...)
 	NOT-FOR-US: The PayPal merchant SDK
-CVE-2012-5786
+CVE-2012-5786 (The wsdl_first_https sample code in distribution/src/main/release/samp ...)
 	NOT-FOR-US: Apache CXF
-CVE-2012-5785
+CVE-2012-5785 (Apache Axis2/Java 1.6.2 and earlier does not verify that the server ho ...)
 	NOT-FOR-US: Axis2/Java
 	NOTE: Axis2/C is packaged as axis2c, but this is a different software.
-CVE-2012-5784
+CVE-2012-5784 (Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Ma ...)
 	{DLA-169-1}
 	- axis 1.4-16.1 (low; bug #692650)
 	[squeeze] - axis <no-dsa> (Minor issue)
-CVE-2012-5783
+CVE-2012-5783 (Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Ser ...)
 	{DLA-222-1}
 	- commons-httpclient 3.1-10.1 (bug #692442)
 	[wheezy] - commons-httpclient <no-dsa> (Minor issue)
 	[squeeze] - commons-httpclient <no-dsa> (Minor issue)
-CVE-2012-5782
+CVE-2012-5782 (Amazon Flexible Payments Service (FPS) PHP Library does not verify tha ...)
 	NOT-FOR-US: Amazon Flexible Payments Service
-CVE-2012-5781
+CVE-2012-5781 (Amazon Elastic Load Balancing API Tools does not verify that the serve ...)
 	NOT-FOR-US: Amazon Elastic Load Balancing API Tools
-CVE-2012-5780
+CVE-2012-5780 (The Amazon merchant SDK does not verify that the server hostname match ...)
 	NOT-FOR-US: The Amazon merchant SDK
 CVE-2012-5779
 	RESERVED
 CVE-2012-5778
 	RESERVED
-CVE-2012-5777
+CVE-2012-5777 (Eval injection vulnerability in the ReplaceListVars function in the te ...)
 	NOT-FOR-US: EmpireCMS
 CVE-2012-5776
 	RESERVED
@@ -2409,35 +2409,35 @@ CVE-2012-5772
 	REJECTED
 CVE-2012-5771
 	REJECTED
-CVE-2012-5770
+CVE-2012-5770 (The SSL configuration in IBM Tivoli Application Dependency Discovery M ...)
 	NOT-FOR-US: IBM
-CVE-2012-5769
+CVE-2012-5769 (IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 all ...)
 	NOT-FOR-US: IBM SPSS Modeler
 CVE-2012-5768
 	RESERVED
-CVE-2012-5767
+CVE-2012-5767 (Unspecified vulnerability in the web interface on the IBM TS3500 Tape  ...)
 	NOT-FOR-US: IBM TS3500 Tape Library
-CVE-2012-5766
+CVE-2012-5766 (Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator  ...)
 	NOT-FOR-US: IBM
-CVE-2012-5765
+CVE-2012-5765 (The Web Client (aka CQ Web) in IBM Rational ClearQuest 7.1.2.x before  ...)
 	NOT-FOR-US: IBM Rational ClearQuest
 CVE-2012-5764
 	RESERVED
-CVE-2012-5763
+CVE-2012-5763 (Cross-site request forgery (CSRF) vulnerability in the WebAdmin applic ...)
 	NOT-FOR-US: IBM
-CVE-2012-5762
+CVE-2012-5762 (Cross-site scripting (XSS) vulnerability in the WebAdmin application 6 ...)
 	NOT-FOR-US: IBM
-CVE-2012-5761
+CVE-2012-5761 (Cross-site scripting (XSS) vulnerability in the WebAdmin application 6 ...)
 	NOT-FOR-US: IBM
-CVE-2012-5760
+CVE-2012-5760 (SQL injection vulnerability in the WebAdmin application 6.0.5, 6.0.8,  ...)
 	NOT-FOR-US: IBM
-CVE-2012-5759
+CVE-2012-5759 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
 	NOT-FOR-US: Websphere
-CVE-2012-5758
+CVE-2012-5758 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
 	NOT-FOR-US: Websphere
-CVE-2012-5757
+CVE-2012-5757 (Cross-site scripting (XSS) vulnerability in the Web Client in IBM Rati ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-5756
+CVE-2012-5756 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
 	NOT-FOR-US: Websphere
 CVE-2012-5755
 	RESERVED
@@ -2461,7 +2461,7 @@ CVE-2012-5746
 	RESERVED
 CVE-2012-5745
 	RESERVED
-CVE-2012-5744
+CVE-2012-5744 (Multiple cross-site scripting (XSS) vulnerabilities in the guest porta ...)
 	NOT-FOR-US: Cisco Identity Services Engine
 CVE-2012-5743
 	RESERVED
@@ -2503,7 +2503,7 @@ CVE-2012-5725
 	RESERVED
 CVE-2012-5724
 	RESERVED
-CVE-2012-5723
+CVE-2012-5723 (Cisco ASR 1000 devices with software before 3.8S, when BDI routing is  ...)
 	NOT-FOR-US: Cisco devices
 CVE-2012-5722
 	RESERVED
@@ -2515,7 +2515,7 @@ CVE-2012-5719
 	RESERVED
 CVE-2012-5718
 	RESERVED
-CVE-2012-5717
+CVE-2012-5717 (Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x thr ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
 CVE-2012-5716
 	RESERVED
@@ -2539,17 +2539,17 @@ CVE-2012-5707
 	RESERVED
 CVE-2012-5706
 	RESERVED
-CVE-2012-5705
+CVE-2012-5705 (Cross-site scripting (XSS) vulnerability in the settings page (admin/s ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-5704
+CVE-2012-5704 (The Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote a ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-5703
+CVE-2012-5703 (The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers ...)
 	NOT-FOR-US: VMware ESXi
-CVE-2012-5702
+CVE-2012-5702 (Multiple cross-site scripting (XSS) vulnerabilities in dotProject befo ...)
 	NOT-FOR-US: dotProject
-CVE-2012-5701
+CVE-2012-5701 (Multiple SQL injection vulnerabilities in dotProject before 2.1.7 allo ...)
 	NOT-FOR-US: dotProject
-CVE-2012-5700
+CVE-2012-5700 (Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko befo ...)
 	NOT-FOR-US: Baby Gekko
 CVE-2012-5699
 	RESERVED
@@ -2557,88 +2557,88 @@ CVE-2012-5698
 	RESERVED
 CVE-2012-5979
 	REJECTED
-CVE-2012-5697
+CVE-2012-5697 (The btinstall installation script in Bulb Security Smartphone Pentest  ...)
 	NOT-FOR-US: Smartphone Pentest Framework
-CVE-2012-5696
+CVE-2012-5696 (Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not ...)
 	NOT-FOR-US: Smartphone Pentest Framework
-CVE-2012-5695
+CVE-2012-5695 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb Sec ...)
 	NOT-FOR-US: Smartphone Pentest Framework
-CVE-2012-5694
+CVE-2012-5694 (Multiple SQL injection vulnerabilities in Bulb Security Smartphone Pen ...)
 	NOT-FOR-US: Smartphone Pentest Framework
 CVE-2012-5693
 	RESERVED
-CVE-2012-5692
+CVE-2012-5692 (Unspecified vulnerability in admin/sources/base/core.php in Invision P ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2012-5691
+CVE-2012-5691 (Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealP ...)
 	NOT-FOR-US: RealPlayer
-CVE-2012-5690
+CVE-2012-5690 (RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 throug ...)
 	NOT-FOR-US: RealPlayer
-CVE-2012-5689
+CVE-2012-5689 (ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain ...)
 	- bind9 1:9.8.4.dfsg.P1-6+nmu1 (bug #699145)
 	[squeeze] - bind9 <not-affected> (Only affects Bind 9.8 and 9.9)
 	- isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
-CVE-2012-5688
+CVE-2012-5688 (ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 i ...)
 	- bind9 1:9.8.4.dfsg.P1-1 (bug #695192)
 	[squeeze] - bind9 <not-affected> (Only affects 9.8 and 9.9)
 	- isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
-CVE-2012-5687
+CVE-2012-5687 (Directory traversal vulnerability in the web-based management feature  ...)
 	NOT-FOR-US: TP-LINK TL-WR841N router
 CVE-2012-5686
 	RESERVED
-CVE-2012-5685
+CVE-2012-5685 (SQL injection vulnerability in ZPanel 10.0.1 and earlier allows remote ...)
 	NOT-FOR-US: ZPanel
-CVE-2012-5684
+CVE-2012-5684 (Cross-site scripting (XSS) vulnerability in ZPanel 10.0.1 and earlier  ...)
 	NOT-FOR-US: ZPanel
-CVE-2012-5683
+CVE-2012-5683 (Multiple cross-site request forgery (CSRF) vulnerabilities in ZPanel 1 ...)
 	NOT-FOR-US: ZPanel
 CVE-2012-5682
 	REJECTED
 CVE-2012-5681
 	REJECTED
-CVE-2012-5680
+CVE-2012-5680 (Buffer overflow in Adobe Photoshop Camera Raw before 7.3 allows attack ...)
 	NOT-FOR-US: Adobe Photoshop Camera Raw
-CVE-2012-5679
+CVE-2012-5679 (Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attac ...)
 	NOT-FOR-US: Adobe Photoshop Camera Raw
-CVE-2012-5678
+CVE-2012-5678 (Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5677
+CVE-2012-5677 (Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x bef ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5676
+CVE-2012-5676 (Buffer overflow in Adobe Flash Player before 10.3.183.48 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5675
+CVE-2012-5675 (Adobe ColdFusion 9.0 through 9.0.2, and 10, allows local users to bypa ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2012-5674
+CVE-2012-5674 (Unspecified vulnerability in Adobe ColdFusion 10 before Update 5, when ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2012-5673
+CVE-2012-5673 (Unspecified vulnerability in Adobe Flash Player before 10.3.183.29 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5672
+CVE-2012-5672 (Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2012-5671
+CVE-2012-5671 (Heap-based buffer overflow in the dkim_exim_query_dns_txt function in  ...)
 	{DSA-2566-1}
 	- exim4 4.80-5.1 (medium)
-CVE-2012-5670
+CVE-2012-5670 (The _bdf_parse_glyphs function in FreeType before 2.4.11 allows contex ...)
 	- freetype 2.4.9-1.1 (bug #696691)
 	[squeeze] - freetype <not-affected> (Version in Squeeze doesn't parse alternative encoding format yet)
 	NOTE: https://savannah.nongnu.org/bugs/?37907
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8
-CVE-2012-5669
+CVE-2012-5669 (The _bdf_parse_glyphs function in FreeType before 2.4.11 allows contex ...)
 	- freetype 2.4.9-1.1 (unimportant; bug #696691)
 	NOTE: https://savannah.nongnu.org/bugs/?37906
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d
-CVE-2012-5668
+CVE-2012-5668 (FreeType before 2.4.11 allows context-dependent attackers to cause a d ...)
 	- freetype 2.4.9-1.1 (unimportant; bug #696691)
 	NOTE: https://savannah.nongnu.org/bugs/?37905
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a
-CVE-2012-5667
+CVE-2012-5667 (Multiple integer overflows in GNU Grep before 2.11 might allow context ...)
 	- grep 2.11-1 (low; bug #701897)
 	[squeeze] - grep 2.6.3-3+squeeze1
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/grep/+bug/1091473
 	NOTE: patch http://git.savannah.gnu.org/cgit/grep.git/commit/?id=cbbc1a45b9f843c811905c97c90a5d31f8e6c189
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/22/1
-CVE-2012-5666
+CVE-2012-5666 (Cross-site scripting (XSS) vulnerability in bookmarks/js/bookmarks.js  ...)
 	- owncloud 4.0.8debian-1.3 (bug #696574)
 	[wheezy] - owncloud 4.0.4debian2-3.2
-CVE-2012-5665
+CVE-2012-5665 (ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 does not properly  ...)
 	- owncloud 4.0.8debian-1.3 (bug #696574)
 	[wheezy] - owncloud 4.0.4debian2-3.2
 CVE-2012-5664
@@ -2647,57 +2647,57 @@ CVE-2012-5663
 	RESERVED
 	NOT-FOR-US: Isearch
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/21/1
-CVE-2012-5662
+CVE-2012-5662 (x3270 before 3.3.12ga12 does not verify that the server hostname match ...)
 	- ibm-3270 3.3.14ga11-1 (bug #706547)
 	[wheezy] - ibm-3270 <no-dsa> (Non-free not supported)
 	[squeeze] - ibm-3270 <no-dsa> (Non-free not supported)
 CVE-2012-5661
 	REJECTED
-CVE-2012-5660
+CVE-2012-5660 (abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2 ...)
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2012-5659
+CVE-2012-5659 (Untrusted search path vulnerability in plugins/abrt-action-install-deb ...)
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2012-5658
+CVE-2012-5658 (rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode ...)
 	NOT-FOR-US: OpenShift
-CVE-2012-5657
+CVE-2012-5657 (The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Z ...)
 	{DSA-2602-1}
 	- zendframework 1.11.13-1.1 (bug #696483)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/20/2
 	NOTE: http://framework.zend.com/security/advisory/ZF2012-05
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=889037
 	NOTE: http://secunia.com/advisories/51583
-CVE-2012-5656
+CVE-2012-5656 (The rasterization process in Inkscape before 0.48.4 allows local users ...)
 	- inkscape 0.48.3.1-1.2 (bug #696485)
 	[squeeze] - inkscape <no-dsa> (Minor issue)
-CVE-2012-5655
+CVE-2012-5655 (The Context module 6.x-3.x before 6.x-3.1 and 7.x-3.x before 7.x-3.0-b ...)
 	NOT-FOR-US: Context module for Drupal
-CVE-2012-5654
+CVE-2012-5654 (The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal, when co ...)
 	NOT-FOR-US: Nodewords: D6 Meta Tags module for Drupal
-CVE-2012-5653
+CVE-2012-5653 (The file upload feature in Drupal 6.x before 6.27 and 7.x before 7.18  ...)
 	{DSA-2776-1}
 	- drupal6 <removed> (bug #696343)
 	- drupal7 7.14-1.2 (bug #696342)
 	NOTE: http://drupal.org/SA-CORE-2012-004
-CVE-2012-5652
+CVE-2012-5652 (Drupal 6.x before 6.27 allows remote attackers to obtain sensitive inf ...)
 	{DSA-2776-1}
 	- drupal6 <removed> (bug #696343)
 	NOTE: http://drupal.org/SA-CORE-2012-004
-CVE-2012-5651
+CVE-2012-5651 (Drupal 6.x before 6.27 and 7.x before 7.18 displays information for bl ...)
 	{DSA-2776-1}
 	- drupal6 <removed> (bug #696343)
 	- drupal7 7.14-1.2 (bug #696342)
 	NOTE: http://drupal.org/SA-CORE-2012-004
-CVE-2012-5650
+CVE-2012-5650 (Cross-site scripting (XSS) vulnerability in the Futon UI in Apache Cou ...)
 	- couchdb 1.2.0-5 (bug #698439)
 	[squeeze] - couchdb <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-5649
+CVE-2012-5649 (Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2. ...)
 	- couchdb 1.2.0-5 (bug #698439)
 	[squeeze] - couchdb <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-5648
+CVE-2012-5648 (Multiple SQL injection vulnerabilities in Foreman before 1.0.2 allow r ...)
 	- foreman <itp> (bug #663101)
-CVE-2012-5647
+CVE-2012-5647 (Open redirect vulnerability in node-util/www/html/restorer.php in Red  ...)
 	NOT-FOR-US: OpenShift
-CVE-2012-5646
+CVE-2012-5646 (node-util/www/html/restorer.php in the Red Hat OpenShift Origin before ...)
 	NOT-FOR-US: OpenShift
 CVE-2012-5645
 	RESERVED
@@ -2710,16 +2710,16 @@ CVE-2012-5644 [(Complete) Information disclosure when moving user's home directo
 	[wheezy] - libuser <no-dsa> (Minor issue)
 	[squeeze] - libuser <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=885724#c7
-CVE-2012-5643
+CVE-2012-5643 (Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2. ...)
 	{DSA-2631-1}
 	- squid 2.7.STABLE9-2
 	NOTE: squid-cgi was removed in 2.7.STABLE9-2
 	- squid3 3.1.20-2.1 (bug #696187)
 	NOTE: possible regression, see #701123
-CVE-2012-5642
+CVE-2012-5642 (server/action.py in Fail2ban before 0.8.8 does not properly handle the ...)
 	- fail2ban 0.8.6-3wheezy1 (low; bug #696184)
 	[squeeze] - fail2ban <not-affected> (Introduced in 0.8.6, see #696187)
-CVE-2012-5641
+CVE-2012-5641 (Directory traversal vulnerability in the partition2 function in mochiw ...)
 	- couchdb <not-affected> (Only affects CouchDB on Windows)
 CVE-2012-5640 [thttpd: Local DoS vulnerability]
 	RESERVED
@@ -2734,21 +2734,21 @@ CVE-2012-5639
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=58295
 	NOTE: Additional hardening/UI improvement, not a direct vulnerability
 	NOTE: For 4.2: http://whatofhow.wordpress.com/2013/12/02/stealth-mode/
-CVE-2012-5638
+CVE-2012-5638 (The setup_logging function in log.h in SANLock uses world-writable per ...)
 	- sanlock 2.2-2 (bug #696424)
 CVE-2012-5637
 	REJECTED
-CVE-2012-5636
+CVE-2012-5636 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2012-5635
+CVE-2012-5635 (The GlusterFS functionality in Red Hat Storage Management Console 2.0, ...)
 	- glusterfs 3.5.0-1 (unimportant; bug #704944)
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=b8d5fd2b88db7e18a10e57a0edf1a41eda4f5314 (v3.4.0qa8)
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=11bb1fc5849a557d1a26e59bd651fbd0d07a1b8d (v3.5.0qa1)
 	NOTE: Neutralised by kernel hardening
-CVE-2012-5634
+CVE-2012-5634 (Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough,  ...)
 	{DSA-2636-1}
 	- xen 4.1.3-8 (low)
-CVE-2012-5633
+CVE-2012-5633 (The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6 ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2012-5632
 	RESERVED
@@ -2761,11 +2761,11 @@ CVE-2012-5630 [TOCTOU race conditions by copying and removing directory trees]
 	[wheezy] - libuser <no-dsa> (Minor issue)
 	[squeeze] - libuser <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=884685#c31
-CVE-2012-5629
+CVE-2012-5629 (The default configuration of the (1) LdapLoginModule and (2) LdapExtLo ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-5628
+CVE-2012-5628 (gofer before 0.68 uses world-writable permissions for /var/lib/gofer/j ...)
 	NOT-FOR-US: gofer component of PULP project
-CVE-2012-5627
+CVE-2012-5627 (Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and ...)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload to archive)
 	- mysql-5.1 <unfixed> (unimportant)
 	- mysql-5.5 <removed> (unimportant)
@@ -2774,24 +2774,24 @@ CVE-2012-5627
 CVE-2012-5626
 	RESERVED
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-5625
+CVE-2012-5625 (OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when usin ...)
 	- nova <not-affected> (Only affects OpenStack Folsom, bug #695830)
-CVE-2012-5624
+CVE-2012-5624 (The XMLHttpRequest object in Qt before 4.8.4 enables http redirection  ...)
 	- qt4-x11 4:4.8.2+dfsg-7 (bug #695156)
 	[squeeze] - qt4-x11 <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.qt-project.org/pipermail/announce/2012-November/000014.html
 CVE-2012-5623
 	RESERVED
 	NOT-FOR-US: change_passwd plugin for Squirrelmail
-CVE-2012-5622
+CVE-2012-5622 (Cross-site request forgery (CSRF) vulnerability in the management cons ...)
 	NOT-FOR-US: OpenShift
-CVE-2012-5621
+CVE-2012-5621 (lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows  ...)
 	- ekiga 3.2.7-6 (bug #702282; low)
 	[squeeze] - ekiga <no-dsa> (Minor issue)
 CVE-2012-5620
 	RESERVED
 	NOT-FOR-US: Docecot non-issue, see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695138#15
-CVE-2012-5619
+CVE-2012-5619 (The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file ...)
 	- sleuthkit 4.1.2-1 (unimportant; bug #695097)
 CVE-2012-5618
 	RESERVED
@@ -2801,9 +2801,9 @@ CVE-2012-5617 [privilege escalation due to improper authentication settings in p
 	- gksu-polkit <removed> (bug #695807)
 	[squeeze] - gksu-polkit <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/12/12/8
-CVE-2012-5616
+CVE-2012-5616 (Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly  ...)
 	NOT-FOR-US: CloudStack
-CVE-2012-5615
+CVE-2012-5615 (Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.2 ...)
 	{DSA-3054-1}
 	- mariadb-5.5 <not-affected> (Fixed before initial upload to archive)
 	- mysql-5.1 <removed> (low; bug #695001)
@@ -2812,7 +2812,7 @@ CVE-2012-5615
 	NOTE: http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/4676
 	NOTE: https://mariadb.atlassian.net/browse/MDEV-3909
 	NOTE: http://seclists.org/fulldisclosure/2012/Dec/9
-CVE-2012-5614
+CVE-2012-5614 (Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5. ...)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload to archive)
 	- mysql-5.5 <not-affected> (The affected versions were only in experimental)
 	- mysql-5.1 <removed> (low)
@@ -2825,40 +2825,40 @@ CVE-2012-5613
 	- mysql-5.5 <removed> (unimportant; bug #695001)
 	NOTE: Disputed as incorrect configuration
 	NOTE: http://seclists.org/fulldisclosure/2012/Dec/6
-CVE-2012-5612
+CVE-2012-5612 (Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions t ...)
 	- mysql-5.1 <not-affected> (MDL was introduced in 5.5)
 	- mysql-5.5 5.5.29+dfsg-1 (bug #695001)
 	NOTE: https://mariadb.atlassian.net/browse/MDEV-3908
-CVE-2012-5611
+CVE-2012-5611 (Stack-based buffer overflow in the acl_get function in Oracle MySQL 5. ...)
 	{DSA-2581-1}
 	- mysql-5.1 <unfixed> (bug #695001)
 	- mysql-5.5 5.5.29+dfsg-1 (bug #695001)
 	NOTE: http://seclists.org/fulldisclosure/2012/Dec/4
-CVE-2012-5610
+CVE-2012-5610 (Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud b ...)
 	- owncloud 4.0.8debian-1.1 (bug #693990)
 	[wheezy] - owncloud 4.0.4debian2-3.1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/30/2
-CVE-2012-5609
+CVE-2012-5609 (Incomplete blacklist vulnerability in lib/migrate.php in ownCloud befo ...)
 	- owncloud 4.0.8debian-1.1 (bug #693990)
 	[wheezy] - owncloud 4.0.4debian2-3.1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/30/2
-CVE-2012-5608
+CVE-2012-5608 (Cross-site scripting (XSS) vulnerability in apps/user_webdavauth/setti ...)
 	- owncloud 4.0.8debian-1.1 (bug #693990)
 	[wheezy] - owncloud 4.0.4debian2-3.1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/30/2
-CVE-2012-5607
+CVE-2012-5607 (The "Lost Password" reset functionality in ownCloud before 4.0.9 and 4 ...)
 	- owncloud 4.0.8debian-1.1 (bug #693990)
 	[wheezy] - owncloud 4.0.4debian2-3.1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/30/2
-CVE-2012-5606
+CVE-2012-5606 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
 	- owncloud 4.0.8debian-1.1 (bug #693990)
 	[wheezy] - owncloud 4.0.4debian2-3.1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/30/2
-CVE-2012-5605
+CVE-2012-5605 (Grinder in Red Hat CloudForms before 1.1 uses world-writable permissio ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2012-5604
+CVE-2012-5604 (The ldap_fluff gem for Ruby, as used in Red Hat CloudForms 1.1, when u ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2012-5603
+CVE-2012-5603 (proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does ...)
 	NOT-FOR-US: Red Hat CloudForms
 CVE-2012-5602
 	REJECTED
@@ -2882,23 +2882,23 @@ CVE-2012-5593
 	REJECTED
 CVE-2012-5592
 	REJECTED
-CVE-2012-5591
+CVE-2012-5591 (Cross-site scripting (XSS) vulnerability in the Zero Point module 6.x- ...)
 	NOT-FOR-US: Drupal Zero Point module
-CVE-2012-5590
+CVE-2012-5590 (SQL injection vulnerability in the Webmail Plus module for Drupal allo ...)
 	NOT-FOR-US: Drupal Webmail Plus module
-CVE-2012-5589
+CVE-2012-5589 (The MultiLink module 6.x-2.x before 6.x-2.7 and 7.x-2.x before 7.x-2.7 ...)
 	NOT-FOR-US: Drupal MultiLink module
-CVE-2012-5588
+CVE-2012-5588 (The Email Field module 6.x-1.x before 6.x-1.3 for Drupal, when using a ...)
 	NOT-FOR-US: Drupal Email Field module
-CVE-2012-5587
+CVE-2012-5587 (Cross-site scripting (XSS) vulnerability in the Email Field module 6.x ...)
 	NOT-FOR-US: Drupal Email Field module
-CVE-2012-5586
+CVE-2012-5586 (The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3  ...)
 	NOT-FOR-US: Drupal Services module
-CVE-2012-5585
+CVE-2012-5585 (Cross-site scripting (XSS) vulnerability in the Mixpanel module 6.x-1. ...)
 	NOT-FOR-US: Drupal Mixpanel module
-CVE-2012-5584
+CVE-2012-5584 (The Table of Contents module 6.x-3.x before 6.x-3.8 for Drupal does no ...)
 	NOT-FOR-US: Drupal Table of Contents module
-CVE-2012-5583
+CVE-2012-5583 (phpCAS before 1.3.2 does not verify that the server hostname matches a ...)
 	- php-cas 1.3.1-2
 	- moodle 2.2.7.dfsg-1
 	[squeeze] - moodle <no-dsa> (Minor issue)
@@ -2908,13 +2908,13 @@ CVE-2012-5582 [opendnssec curl usage]
 	RESERVED
 	- opendnssec <not-affected> (eppclient not built in Debian package)
 	NOTE: http://lists.opendnssec.org/pipermail/opendnssec-user/2012-November/002296.html
-CVE-2012-5581
+CVE-2012-5581 (Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allow ...)
 	{DSA-2589-1}
 	- tiff 4.0.2-1 (bug #694693)
 	- tiff3 3.9.6-10
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/28/1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=867235
-CVE-2012-5580
+CVE-2012-5580 (Format string vulnerability in the print_proxies function in bin/proxy ...)
 	- libproxy 0.3.1-4 (low)
 	[squeeze] - libproxy <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=791086
@@ -2931,127 +2931,127 @@ CVE-2012-5577 [Python keyring insecure permissions on migrated files]
 	- python-keyring 0.9.2-1.1 (bug #696736)
 	[wheezy] - python-keyring 0.7.1-1+deb7u1
 	[squeeze] - python-keyring <no-dsa> (Minor issue)
-CVE-2012-5576
+CVE-2012-5576 (Multiple stack-based buffer overflows in file-xwd.c in the X Window Du ...)
 	- gimp 2.8.2-2 (bug #693977)
 	[squeeze] - gimp 2.6.10-1+squeeze4
 	NOTE: Upstream fix http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=687392
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/21/2
-CVE-2012-5575
+CVE-2012-5575 (Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x befo ...)
 	NOT-FOR-US: Apache CXF
-CVE-2012-5574
+CVE-2012-5574 (lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote a ...)
 	NOT-FOR-US: Symfony
-CVE-2012-5573
+CVE-2012-5573 (The connection_edge_process_relay_cell function in or/relay.c in Tor b ...)
 	{DLA-17-1}
 	- tor 0.2.3.25-1 (low)
 	[squeeze] - tor 0.2.4.23-1~deb6u1
-CVE-2012-5572
+CVE-2012-5572 (CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.p ...)
 	- libdancer-perl 1.3114+dfsg-1 (low; bug #694279)
 	[wheezy] - libdancer-perl <no-dsa> (Minor issue)
 	NOTE: https://github.com/PerlDancer/Dancer/issues/859
-CVE-2012-5571
+CVE-2012-5571 (OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properl ...)
 	- keystone 2012.1.1-11 (bug #694433)
 CVE-2012-5570
 	RESERVED
-CVE-2012-5569
+CVE-2012-5569 (Multiple cross-site scripting (XSS) vulnerabilities in the Basic webma ...)
 	NOT-FOR-US: Drupal Webmail module
-CVE-2012-5568
+CVE-2012-5568 (Apache Tomcat through 7.0.x allows remote attackers to cause a denial  ...)
 	- tomcat6 6.0.41-3 (unimportant)
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	- tomcat7 <unfixed> (unimportant)
 	NOTE: No fix planned, can be mitigated by config changes:
 	NOTE: http://mail-archives.apache.org/mod_mbox/tomcat-users/200906.mbox/%3C4A3D0884.5080309@apache.org%3E
-CVE-2012-5567
+CVE-2012-5567 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith ...)
 	- kronolith2 <not-affected> (Vulnerable code not present in 2.x codebase and later versions not yet packaged in sid)
-CVE-2012-5566
+CVE-2012-5566 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith ...)
 	- kronolith2 <not-affected> (Vulnerable code not present in 2.x codebase and later versions not yet packaged in sid)
-CVE-2012-5565
+CVE-2012-5565 (Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in Hord ...)
 	- php-horde-imp <not-affected> (This doesn't seem to be packaged in sid's Horde and the imp3 and dimp1 packages from stable do not include the affected code)
-CVE-2012-5564
+CVE-2012-5564 (android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users t ...)
 	- android-tools <unfixed> (unimportant; bug #688280)
 	NOTE: Since android-tools/5.1.1.r38-1 the android-tools-adb binary package
 	NOTE: is not built anymore which used to contain /usr/bin/adb.
 	NOTE: Package still affected source-wise
 	- android-platform-system-core <unfixed> (unimportant; bug #823792)
 	NOTE: Neutralised by kernel hardening
-CVE-2012-5563
+CVE-2012-5563 (OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not prope ...)
 	- keystone <not-affected> (Folsom branch not packaged yet)
 CVE-2012-5562
 	RESERVED
 	NOT-FOR-US: Red Hat Satellite
-CVE-2012-5561
+CVE-2012-5561 (script/katello-generate-passphrase in Katello 1.1 uses world-readable  ...)
 	NOT-FOR-US: Katello
-CVE-2012-5560
+CVE-2012-5560 (The default configuration in mate-settings-daemon 1.5.3 allows local u ...)
 	- mate-settings-daemon <not-affected> (Fixed before initial release)
 	NOTE: https://github.com/mate-desktop/mate-settings-daemon/commit/c7d634acd12814a1fe298118e65f1c688b3a9f74#diff-52ccb9f1be1c09e2f24b64d37b56c2f4
-CVE-2012-5559
+CVE-2012-5559 (Cross-site scripting (XSS) vulnerability in the page manager node view ...)
 	NOT-FOR-US: Drupal chaos tool addon
 CVE-2012-5558
 	RESERVED
-CVE-2012-5557
+CVE-2012-5557 (The User Read-Only module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7. ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5556
+CVE-2012-5556 (Multiple cross-site request forgery (CSRF) vulnerabilities in the REST ...)
 	NOT-FOR-US: Drupal contributed-module
 CVE-2012-5555
 	RESERVED
-CVE-2012-5554
+CVE-2012-5554 (The default configuration for the Webform CiviCRM Integration module 7 ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5553
+CVE-2012-5553 (Multiple cross-site scripting (XSS) vulnerabilities in the OM Maximenu ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5552
+CVE-2012-5552 (The Password policy module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7 ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5551
+CVE-2012-5551 (Multiple cross-site scripting (XSS) vulnerabilities in the MailChimp m ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5550
+CVE-2012-5550 (SQL injection vulnerability in the Time Spent module 6.x and 7.x for D ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5549
+CVE-2012-5549 (Cross-site request forgery (CSRF) vulnerability in the Time Spent modu ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5548
+CVE-2012-5548 (Cross-site scripting (XSS) vulnerability in the Time Spent module 6.x  ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5547
+CVE-2012-5547 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Sear ...)
 	NOT-FOR-US: Drupal contributed-module
 CVE-2012-5546
 	REJECTED
-CVE-2012-5545
+CVE-2012-5545 (Multiple cross-site scripting (XSS) vulnerabilities in the ShareThis m ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5544
+CVE-2012-5544 (The Mandrill module 7.x-1.x before 7.x-1.2 for Drupal allows remote au ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5543
+CVE-2012-5543 (The Feeds module 7.x-2.x before 7.x-2.0-alpha6 for Drupal, when a fiel ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5542
+CVE-2012-5542 (Cross-site request forgery (CSRF) vulnerability in the Commerce Extra  ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5541
+CVE-2012-5541 (Cross-site scripting (XSS) vulnerability in the Twitter Pull module 6. ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5540
+CVE-2012-5540 (Multiple cross-site scripting (XSS) vulnerabilities in the Hostip modu ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5539
+CVE-2012-5539 (The Organic Groups (OG) module 7.x-1.x before 7.x-1.5 for Drupal does  ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5538
+CVE-2012-5538 (Cross-site scripting (XSS) vulnerability in the FileField Sources modu ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5537
+CVE-2012-5537 (The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal allo ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5536
+CVE-2012-5536 (A certain Red Hat build of the pam_ssh_agent_auth module on Red Hat En ...)
 	NOT-FOR-US: Red Hat-specific packaging flaw
 CVE-2012-5535
 	RESERVED
 	- gnome-system-log <not-affected> (Fedora-specific issue)
-CVE-2012-5534
+CVE-2012-5534 (The hook_process function in the plugin API for WeeChat 0.3.0 through  ...)
 	{DSA-2598-1}
 	- weechat 0.3.9.2-1
 	[wheezy] - weechat 0.3.8-1+deb7u1
-CVE-2012-5533
+CVE-2012-5533 (The http_request_split_value function in request.c in lighttpd before  ...)
 	- lighttpd 1.4.31-2
 	[squeeze] - lighttpd <not-affected> (Introduced in 1.4.31)
-CVE-2012-5532
+CVE-2012-5532 (The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distri ...)
 	- linux-tools <not-affected> (userspace daemon not built until later)
 	- linux-2.6 <not-affected> (userspace daemon not yet present)
-CVE-2012-5531
+CVE-2012-5531 (Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Port ...)
 	NOT-FOR-US: GateIn Portal
-CVE-2012-5530
+CVE-2012-5530 (The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PC ...)
 	- pcp 3.7.1 (bug #698735; low)
 	NOTE: first package in unstable is 3.7.1 (package has no debian revision)
 	[squeeze] - pcp 3.3.3-squeeze3
-CVE-2012-5529
+CVE-2012-5529 (TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allow ...)
 	{DSA-2648-1}
 	- firebird2.5 2.5.2~svn+54698.ds4-2 (low; bug #693210)
 	- firebird2.1 <not-affected> (Only affects 2.5.x)
@@ -3061,24 +3061,24 @@ CVE-2012-5527
 	RESERVED
 	- claws-mail-extra-plugins 3.8.1-2 (unimportant; bug #693391)
 	NOTE: More of a plain bug than a security vulnerability
-CVE-2012-5526
+CVE-2012-5526 (CGI.pm module before 3.63 for Perl does not properly escape newlines i ...)
 	{DSA-2587-1 DSA-2586-1}
 	- perl 5.14.2-16 (bug #693420)
 	- libcgi-pm-perl 3.61-2 (bug #693421)
 	NOTE: http://cpansearch.perl.org/src/MARKSTOS/CGI.pm-3.63/Changes
 	NOTE: https://github.com/markstos/CGI.pm/pull/23
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=877015
-CVE-2012-5525
+CVE-2012-5525 (The get_page_from_gfn hypercall function in Xen 4.2 allows local PV gu ...)
 	- xen <not-affected> (Only affects Xen 4.2 and xen-unstable)
-CVE-2012-5524
+CVE-2012-5524 (The _ssl_verify_callback function in tls_nb.py in Gajim before 0.15.3  ...)
 	- gajim 0.15.4-1 (low; bug #693282)
 	[wheezy] - gajim 0.15.1-4.1
 	[squeeze] - gajim <no-dsa> (Minor issue)
-CVE-2012-5523
+CVE-2012-5523 (core/email_api.php in MantisBT before 1.2.12 does not properly manage  ...)
 	- mantis 1.2.11-1.2 (bug #693283)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=14704
-CVE-2012-5522
+CVE-2012-5522 (MantisBT before 1.2.12 does not use an expected default value during d ...)
 	- mantis 1.2.11-1.2 (bug #693283)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=14496
@@ -3086,116 +3086,116 @@ CVE-2012-5521
 	RESERVED
 	- quagga <unfixed> (unimportant; bug #693102)
 	NOTE: Not reproducible so far
-CVE-2012-5520
+CVE-2012-5520 (The send_to_sourcefire function in manage_sql.c in OpenVAS Manager 3.x ...)
 	NOT-FOR-US: OpenVAS Manager
-CVE-2012-5519
+CVE-2012-5519 (CUPS 1.4.4, when running in certain Linux distributions such as Debian ...)
 	{DSA-2600-1}
 	- cups 1.5.3-2.7 (bug #692791)
 	NOTE: http://seclists.org/oss-sec/2012/q4/253
 CVE-2012-5518
 	RESERVED
 	NOT-FOR-US: ovirt / vsdm
-CVE-2012-5517
+CVE-2012-5517 (The online_pages function in mm/memory_hotplug.c in the Linux kernel b ...)
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-5516
+CVE-2012-5516 (Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when mo ...)
 	NOT-FOR-US: Red Hat Enterprise Virtualisation Manager
-CVE-2012-5515
+CVE-2012-5515 (The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and  ...)
 	{DSA-2582-1}
 	- xen 4.1.3-5
-CVE-2012-5514
+CVE-2012-5514 (The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earl ...)
 	{DSA-2582-1}
 	- xen 4.1.3-6
-CVE-2012-5513
+CVE-2012-5513 (The XENMEM_exchange handler in Xen 4.2 and earlier does not properly c ...)
 	{DSA-2582-1}
 	- xen 4.1.3-5
-CVE-2012-5512
+CVE-2012-5512 (Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allow ...)
 	- xen 4.1.3-5
 	[squeeze] - xen <not-affected> (Only affects Xen 4.1)
-CVE-2012-5511
+CVE-2012-5511 (Stack-based buffer overflow in the dirty video RAM tracking functional ...)
 	{DSA-2636-1}
 	- xen 4.1.3-5
-CVE-2012-5510
+CVE-2012-5510 (Xen 4.x, when downgrading the grant table version, does not properly r ...)
 	{DSA-2582-1}
 	- xen 4.1.3-5
-CVE-2012-5509
+CVE-2012-5509 (aeolus-configserver-setup in the Aeolas Configuration Server, as used  ...)
 	NOT-FOR-US: Aeolus Cloud Configuration tool (not the pipe organ simulator in Debian)
-CVE-2012-5508
+CVE-2012-5508 (The error pages in Plone before 4.2.3 and 4.3 before beta 1 allow remo ...)
 	- zope2.12 2.12.26-1 (bug #692899)
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/24
-CVE-2012-5507
+CVE-2012-5507 (AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone ...)
 	- zope2.12 2.12.26-1 (bug #692899)
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/23
-CVE-2012-5506
+CVE-2012-5506 (python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows r ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5505
+CVE-2012-5505 (atat.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote atta ...)
 	- zope2.12 2.12.26-1 (bug #692899)
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/21
-CVE-2012-5504
+CVE-2012-5504 (Cross-site scripting (XSS) vulnerability in widget_traversal.py in Plo ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5503
+CVE-2012-5503 (ftp.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attac ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5502
+CVE-2012-5502 (Cross-site scripting (XSS) vulnerability in safe_html.py in Plone befo ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5501
+CVE-2012-5501 (at_download.py in Plone before 4.2.3 and 4.3 before beta 1 allows remo ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5500
+CVE-2012-5500 (The batch id change script (renameObjectsByPaths.py) in Plone before 4 ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5499
+CVE-2012-5499 (python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows r ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5498
+CVE-2012-5498 (queryCatalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows rem ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5497
+CVE-2012-5497 (membership_tool.py in Plone before 4.2.3 and 4.3 before beta 1 allows  ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5496
+CVE-2012-5496 (kupu_spellcheck.py in Kupu in Plone before 4.0 allows remote attackers ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5495
+CVE-2012-5495 (python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows r ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5494
+CVE-2012-5494 (Cross-site scripting (XSS) vulnerability in python_scripts.py in Plone ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5493
+CVE-2012-5493 (gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote auth ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5492
+CVE-2012-5492 (uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remo ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5491
+CVE-2012-5491 (z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows  ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5490
+CVE-2012-5490 (Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone befor ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5489
+CVE-2012-5489 (The App.Undo.UndoSupport.get_request_var_or_attr function in Zope befo ...)
 	- zope2.12 <unfixed> (bug #692899)
 	[wheezy] - zope2.12 <no-dsa> (Minor issue)
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/05
-CVE-2012-5488
+CVE-2012-5488 (python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows r ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
-CVE-2012-5487
+CVE-2012-5487 (The sandbox whitelisting function (allowmodule.py) in Plone before 4.2 ...)
 	- zope2.12 <unfixed> (unimportant; bug #692899)
 	NOTE: Non-issue, see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692899#20
-CVE-2012-5486
+CVE-2012-5486 (ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used  ...)
 	- zope2.12 2.12.26-1 (bug #692899)
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/02
-CVE-2012-5485
+CVE-2012-5485 (registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allow ...)
 	NOT-FOR-US: Plone not packaged in Debian, see bug #692899
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/01
-CVE-2012-5484
+CVE-2012-5484 (The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtai ...)
 	NOT-FOR-US: FreeIPA
-CVE-2012-5483
+CVE-2012-5483 (tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Am ...)
 	- keystone <not-affected> (Debian packaging enforces correct permissions)
-CVE-2012-5482
+CVE-2012-5482 (The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (20 ...)
 	- glance 2012.1.1-3 (bug #692641)
-CVE-2012-5481
+CVE-2012-5481 (Moodle 2.3.x before 2.3.3 allows remote authenticated users to bypass  ...)
 	- moodle <not-affected> (Doesn't affect 1.9 or 2.2)
-CVE-2012-5480
+CVE-2012-5480 (The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x befor ...)
 	- moodle 2.2.3.dfsg-2.6
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy0
 	[squeeze] - moodle <not-affected> (Doesn't affect 1.9)
-CVE-2012-5479
+CVE-2012-5479 (The Portfolio plugin in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, ...)
 	- moodle 2.2.3.dfsg-2.6
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy0
 	[squeeze] - moodle <not-affected> (Doesn't affect 1.9)
-CVE-2012-5478
+CVE-2012-5478 (The AuthorizationInterceptor in JBoss Enterprise Application Platform  ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-5477
+CVE-2012-5477 (The smart proxy in Foreman before 1.1 uses a umask set to 0, which all ...)
 	- foreman <itp> (bug #663101)
 CVE-2012-5476
 	RESERVED
@@ -3205,25 +3205,25 @@ CVE-2012-5475 [YUI 2.x security issue regarding embedded SWF files]
 CVE-2012-5474
 	RESERVED
 	- horizon 2012.1.1-7
-CVE-2012-5473
+CVE-2012-5473 (The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x befor ...)
 	- moodle 2.2.3.dfsg-2.6
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy0
 	[squeeze] - moodle <not-affected> (Doesn't affect 1.9)
-CVE-2012-5472
+CVE-2012-5472 (lib/formslib.php in Moodle 2.2.x before 2.2.6 and 2.3.x before 2.3.3 a ...)
 	- moodle 2.2.3.dfsg-2.6
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy0
 	[squeeze] - moodle <not-affected> (Doesn't affect 1.9)
-CVE-2012-5471
+CVE-2012-5471 (The Dropbox Repository File Picker in Moodle 2.1.x before 2.1.9, 2.2.x ...)
 	- moodle 2.2.3.dfsg-2.6
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy0
 	[squeeze] - moodle <not-affected> (Doesn't affect 1.9)
-CVE-2012-5470
+CVE-2012-5470 (libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attacke ...)
 	- vlc 2.0.4-1 (bug #692130)
 	[wheezy] - vlc 2.0.3-4
 	[squeeze] - vlc <no-dsa> (Minor issue)
-CVE-2012-5469
+CVE-2012-5469 (The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remot ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-5468
+CVE-2012-5468 (Heap-based buffer overflow in iconvert.c in the bogolexer component in ...)
 	{DSA-2585-1}
 	- bogofilter 1.2.2+dfsg1-2 (bug #695139)
 CVE-2012-5467
@@ -3240,27 +3240,27 @@ CVE-2012-5462
 	RESERVED
 CVE-2012-5461
 	RESERVED
-CVE-2012-5460
+CVE-2012-5460 (Cross-site scripting (XSS) vulnerability in the help page in Juniper S ...)
 	NOT-FOR-US: Juniper IVE OS
-CVE-2012-5459
+CVE-2012-5459 (Untrusted search path vulnerability in VMware Workstation 8.x before 8 ...)
 	NOT-FOR-US: VMware
-CVE-2012-5458
+CVE-2012-5458 (VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 ...)
 	NOT-FOR-US: VMware
 CVE-2012-5457
 	RESERVED
-CVE-2012-5456
+CVE-2012-5456 (The Zoner AntiVirus Free application for Android does not verify that  ...)
 	NOT-FOR-US: Zoner AntiVirus Free
-CVE-2012-5455
+CVE-2012-5455 (Cross-site scripting (XSS) vulnerability in the language search compon ...)
 	NOT-FOR-US: Joomla! component
-CVE-2012-5454
+CVE-2012-5454 (user/index_inline_editor_submit.php in ATutor AContent 1.2-1 does not  ...)
 	NOT-FOR-US: ATutor AContent
-CVE-2012-5453
+CVE-2012-5453 (SQL injection vulnerability in user/index_inline_editor_submit.php in  ...)
 	NOT-FOR-US: ATutor AContent
-CVE-2012-5452
+CVE-2012-5452 (Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS 2.2 ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2012-5451
+CVE-2012-5451 (Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi bef ...)
 	NOT-FOR-US: TVMOBiLi
-CVE-2012-5450
+CVE-2012-5450 (Cross-site request forgery (CSRF) vulnerability in lib/filemanager/ima ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2012-5449
 	RESERVED
@@ -3270,9 +3270,9 @@ CVE-2012-5447
 	RESERVED
 CVE-2012-5446
 	RESERVED
-CVE-2012-5445
+CVE-2012-5445 (The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 s ...)
 	NOT-FOR-US: Cisco Native Unix
-CVE-2012-5444
+CVE-2012-5444 (Cisco TelePresence Video Communication Server (VCS) X7.0.3 does not pr ...)
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
 CVE-2012-5443
 	RESERVED
@@ -3302,35 +3302,35 @@ CVE-2012-5431
 	RESERVED
 CVE-2012-5430
 	RESERVED
-CVE-2012-5429
+CVE-2012-5429 (The VPN driver in Cisco VPN Client on Windows does not properly intera ...)
 	NOT-FOR-US: Cisco VPN Client
 CVE-2012-5428
 	RESERVED
-CVE-2012-5427
+CVE-2012-5427 (Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T a ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5426
 	RESERVED
 CVE-2012-5425
 	RESERVED
-CVE-2012-5424
+CVE-2012-5424 (Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5 ...)
 	NOT-FOR-US: Cisco
 CVE-2012-5423
 	RESERVED
-CVE-2012-5422
+CVE-2012-5422 (Unspecified vulnerability in Cisco IOS before 15.3(2)T on AS5400 devic ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5421
 	RESERVED
 CVE-2012-5420
 	RESERVED
-CVE-2012-5419
+CVE-2012-5419 (Cisco Adaptive Security Appliance (ASA) software 8.7.1 and 8.7.1.1 for ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2012-5418
 	RESERVED
-CVE-2012-5417
+CVE-2012-5417 (Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not  ...)
 	NOT-FOR-US: Cisco
-CVE-2012-5416
+CVE-2012-5416 (Buffer overflow in Cisco Unified MeetingPlace Web Conferencing before  ...)
 	NOT-FOR-US: Cisco
-CVE-2012-5415
+CVE-2012-5415 (Race condition on Cisco Adaptive Security Appliances (ASA) devices all ...)
 	NOT-FOR-US: Cisco
 CVE-2012-5414
 	RESERVED
@@ -3342,7 +3342,7 @@ CVE-2012-5411
 	RESERVED
 CVE-2012-5410
 	RESERVED
-CVE-2012-5409
+CVE-2012-5409 (AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and ea ...)
 	NOT-FOR-US: Siemens SiPass
 CVE-2012-5408
 	RESERVED
@@ -3370,64 +3370,64 @@ CVE-2012-5397
 	RESERVED
 CVE-2012-5396
 	RESERVED
-CVE-2012-5395
+CVE-2012-5395 (Session fixation vulnerability in the CentralAuth extension for MediaW ...)
 	NOT-FOR-US: Mediawiki extension CentralAuth
-CVE-2012-5394
+CVE-2012-5394 (Cross-site request forgery (CSRF) vulnerability in the CentralAuth ext ...)
 	NOT-FOR-US: mediawiki extension CentralAuth
 CVE-2012-5393
 	RESERVED
 CVE-2012-5392
 	RESERVED
-CVE-2012-5391
+CVE-2012-5391 (Session fixation vulnerability in Special:UserLogin in MediaWiki befor ...)
 	- mediawiki 1:1.19.3-1 (bug #694998)
 	[squeeze] - mediawiki 1:1.15.5-2squeeze5
-CVE-2012-5390
+CVE-2012-5390 (The standard universe shadow (condor_shadow.std) component in Condor 7 ...)
 	- condor <not-affected> (standard universe is disabled in the Debian package, see bug #697936)
 	NOTE: http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
 CVE-2012-5389
 	RESERVED
-CVE-2012-5388
+CVE-2012-5388 (Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the Wh ...)
 	NOT-FOR-US: White Label CMS
-CVE-2012-5387
+CVE-2012-5387 (Cross-site request forgery (CSRF) vulnerability in wlcms-plugin.php in ...)
 	NOT-FOR-US: WordPress plugin White Label CMS
-CVE-2012-5386
+CVE-2012-5386 (Directory traversal vulnerability in index.php in phpPaleo 4.8b180 all ...)
 	NOT-FOR-US: phpPaleo
-CVE-2012-5385
+CVE-2012-5385 (install/index.php in Craig Knudsen WebCalendar before 1.2.5 allows rem ...)
 	- webcalendar <removed>
-CVE-2012-5384
+CVE-2012-5384 (Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen W ...)
 	- webcalendar <removed>
-CVE-2012-5376
+CVE-2012-5376 (The Inter-process Communication (IPC) implementation in Google Chrome  ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5375
+CVE-2012-5375 (The CRC32C feature in the Btrfs implementation in the Linux kernel bef ...)
 	- linux 3.8-1 (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: btrfs support in Squeeze/Wheezy is not ready for production use
-CVE-2012-5374
+CVE-2012-5374 (The CRC32C feature in the Btrfs implementation in the Linux kernel bef ...)
 	- linux 3.8-1 (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: btrfs support in Squeeze/Wheezy is not ready for production use
-CVE-2012-5373
+CVE-2012-5373 (Oracle Java SE 7 and earlier, and OpenJDK 7 and earlier, computes hash ...)
 	- openjdk-6 <removed> (low)
 	[wheezy] - openjdk-6 <no-dsa> (Minor issue, no icedtea fix, too complex to backport)
 	[squeeze] - openjdk-6 <no-dsa> (Minor issue, no icedtea fix, too complex to backport)
 	- openjdk-7 <removed> (low)
 	[jessie] - openjdk-7 <ignored> (Minor issue, no icedtea fix, too complex to backport)
 	[wheezy] - openjdk-7 <no-dsa> (Minor issue, no icedtea fix, too complex to backport)
-CVE-2012-5372
+CVE-2012-5372 (Rubinius computes hash values without properly restricting the ability ...)
 	- rubinius  <itp> (bug #591817)
-CVE-2012-5371
+CVE-2012-5371 (Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes  ...)
 	{DLA-263-1}
 	- ruby1.8 <not-affected> (Only affects 1.9.x)
 	- ruby1.9.1 1.9.3.194-4 (bug #693024)
-CVE-2012-5370
+CVE-2012-5370 (JRuby computes hash values without properly restricting the ability to ...)
 	{DLA-209-1}
 	- jruby 1.5.6-5 (bug #694694)
 CVE-2012-5369
 	RESERVED
-CVE-2012-5368
+CVE-2012-5368 (phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained th ...)
 	- phpmyadmin <not-affected> (Only affects 3.5.x, not packaged yet, see #691728)
-CVE-2012-5367
+CVE-2012-5367 (Multiple SQL injection vulnerabilities in OrangeHRM 2.7.1 RC 1 allow r ...)
 	NOT-FOR-US: OrangeHRM
 CVE-2012-5366
 	RESERVED
@@ -3454,194 +3454,194 @@ CVE-2012-5363
 CVE-2012-5362
 	RESERVED
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-5361
+CVE-2012-5361 (Libavcodec in FFmpeg before 0.11 allows remote attackers to execute ar ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.5-1 (bug #694483)
 	NOTE: http://technet.microsoft.com/en-us/security/msvr/msvr12-017
 	NOTE: upstream needs a proper sample to reproduce the issue
-CVE-2012-5360
+CVE-2012-5360 (Libavcodec in FFmpeg before 0.11 allows remote attackers to execute ar ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.5-1 (bug #694483)
 	NOTE: http://technet.microsoft.com/en-us/security/msvr/msvr12-017
 	NOTE: upstream needs a proper sample to reproduce the issue
-CVE-2012-5359
+CVE-2012-5359 (Libavcodec in FFmpeg before 0.11 allows remote attackers to execute ar ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.5-1 (bug #694483)
 	NOTE: http://technet.microsoft.com/en-us/security/msvr/msvr12-017
 	NOTE: upstream needs a proper sample to reproduce the issue
-CVE-2012-5358
+CVE-2012-5358 (The XSLTCompiledTransform function in Ektron Content Management System ...)
 	NOT-FOR-US: Ektron Content Management System
-CVE-2012-5357
+CVE-2012-5357 (Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCom ...)
 	NOT-FOR-US: Ektron Content Management System
-CVE-2012-5356
+CVE-2012-5356 (The apt-add-repository tool in Ubuntu Software Properties 0.75.x befor ...)
 	NOT-FOR-US: apt-add-repository
-CVE-2012-5355
+CVE-2012-5355 (welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to ov ...)
 	NOT-FOR-US: xdiagnose
-CVE-2012-5354
+CVE-2012-5354 (Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey be ...)
 	- iceape <not-affected> (Only affects 16.x release from experimental)
 	- iceweasel <not-affected> (Only affects 16.x release from experimental)
 	- icedove <not-affected> (Only affects 16.x release from experimental)
-CVE-2012-5383
+CVE-2012-5383 (** DISPUTED ** Untrusted search path vulnerability in the installation ...)
 	- mysql-5.1 <not-affected> (Windows issue only)
 	- mysql-5.5 <not-affected> (Windows issue only)
-CVE-2012-5382
+CVE-2012-5382 (** DISPUTED ** Untrusted search path vulnerability in the installation ...)
 	NOT-FOR-US: Zend Server
-CVE-2012-5381
+CVE-2012-5381 (** DISPUTED ** Untrusted search path vulnerability in the installation ...)
 	- php5 <not-affected> (Windows issue only)
-CVE-2012-5380
+CVE-2012-5380 (** DISPUTED ** Untrusted search path vulnerability in the installation ...)
 	- ruby1.8 <not-affected> (Windows issue only)
 	- ruby1.9.1 <not-affected> (Windows issue only)
-CVE-2012-5379
+CVE-2012-5379 (** DISPUTED ** Untrusted search path vulnerability in the installation ...)
 	NOT-FOR-US: ActivePython
-CVE-2012-5378
+CVE-2012-5378 (Untrusted search path vulnerability in the installation functionality  ...)
 	NOT-FOR-US: ActiveTcl
-CVE-2012-5377
+CVE-2012-5377 (Untrusted search path vulnerability in the installation functionality  ...)
 	NOT-FOR-US: ActivePerl
-CVE-2012-5353
+CVE-2012-5353 (Eduserv OpenAthens SP 2.0 for Java allows remote attackers to forge me ...)
 	NOT-FOR-US: Eduserv
-CVE-2012-5352
+CVE-2012-5352 (Java Open Single Sign-On Project Home (JOSSO) allows remote attackers  ...)
 	NOT-FOR-US: josso
-CVE-2012-5351
+CVE-2012-5351 (Apache Axis2 allows remote attackers to forge messages and bypass auth ...)
 	- axis2c <removed> (low; bug #690421)
 	[squeeze] - axis2c <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://issues.apache.org/jira/browse/AXIS2C-1607
-CVE-2012-5350
+CVE-2012-5350 (SQL injection vulnerability in the Pay With Tweet plugin before 1.2 fo ...)
 	NOT-FOR-US: wp Pay With Tweet plugin
-CVE-2012-5349
+CVE-2012-5349 (Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the  ...)
 	NOT-FOR-US: wp Pay With Tweet plugin
-CVE-2012-5348
+CVE-2012-5348 (SQL injection vulnerability in MangosWeb Enhanced 3.0.3 allows remote  ...)
 	NOT-FOR-US: MangosWeb
-CVE-2012-5347
+CVE-2012-5347 (TinyWebGallery 1.8.3 allows remote attackers to execute arbitrary code ...)
 	NOT-FOR-US: TinyWebGallery
-CVE-2012-5346
+CVE-2012-5346 (Cross-site scripting (XSS) vulnerability in wp-live.php in the WP Live ...)
 	NOT-FOR-US: WP live plugin
-CVE-2012-5345
+CVE-2012-5345 (Buffer overflow in the Remote command server (Rcmd.bat) in IpTools (ak ...)
 	NOT-FOR-US: batch file
-CVE-2012-5344
+CVE-2012-5344 (Directory traversal vulnerability in the WebServer (Thttpd.bat) in IpT ...)
 	NOT-FOR-US: batch file
-CVE-2012-5343
+CVE-2012-5343 (Cross-site scripting (XSS) vulnerability in admin/login.php in Limny 3 ...)
 	NOT-FOR-US: Limny
-CVE-2012-5342
+CVE-2012-5342 (Multiple SQL injection vulnerabilities in SenseSites CommonSense CMS a ...)
 	NOT-FOR-US: SenseSites CommonSense
-CVE-2012-5341
+CVE-2012-5341 (Multiple cross-site scripting (XSS) vulnerabilities in statistik.php i ...)
 	NOT-FOR-US: Otterware StatIt
 CVE-2012-5340
 	RESERVED
-CVE-2012-5339
+CVE-2012-5339 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5. ...)
 	- phpmyadmin <not-affected> (Only affects 3.5.x, not packaged yet, see #691728)
-CVE-2012-5338
+CVE-2012-5338 (Open redirect vulnerability in JForum 2.1.9 allows remote attackers to ...)
 	NOT-FOR-US: JForum
-CVE-2012-5337
+CVE-2012-5337 (Multiple cross-site scripting (XSS) vulnerabilities in jforum.page in  ...)
 	NOT-FOR-US: jForum
-CVE-2012-5336
+CVE-2012-5336 (lib/base.php in ownCloud before 4.0.8 does not properly validate the u ...)
 	- owncloud 4.0.8debian-1
-CVE-2012-5335
+CVE-2012-5335 (Directory traversal vulnerability in Tiny Server 1.1.5 allows remote a ...)
 	NOT-FOR-US: Tiny Server
-CVE-2012-5334
+CVE-2012-5334 (SQL injection vulnerability in product_desc.php in Pre Printing Press  ...)
 	NOT-FOR-US: Pre Printing Press
-CVE-2012-5333
+CVE-2012-5333 (SQL injection vulnerability in page.php in Pre Printing Press allows r ...)
 	NOT-FOR-US: Pre Printing Press
-CVE-2012-5332
+CVE-2012-5332 (at32 Reverse Proxy 1.060.310 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: at32 Reverse Proxy
-CVE-2012-5331
+CVE-2012-5331 (Directory traversal vulnerability in asaanCart 0.9 allows remote attac ...)
 	NOT-FOR-US: asaanCart
-CVE-2012-5330
+CVE-2012-5330 (Multiple cross-site scripting (XSS) vulnerabilities in asaanCart 0.9 a ...)
 	NOT-FOR-US: asaanCart
-CVE-2012-5329
+CVE-2012-5329 (Buffer overflow in TYPSoft FTP Server 1.1 allows remote authenticated  ...)
 	NOT-FOR-US: TYPSoft FTP
-CVE-2012-5328
+CVE-2012-5328 (Multiple SQL injection vulnerabilities in the Mingle Forum plugin 1.0. ...)
 	NOT-FOR-US: WP Mingle Forum
-CVE-2012-5327
+CVE-2012-5327 (Multiple SQL injection vulnerabilities in fs-admin/fs-admin.php in the ...)
 	NOT-FOR-US: WP Mingle Forum
-CVE-2012-5326
+CVE-2012-5326 (Cross-site request forgery (CSRF) vulnerability in admin/function.php  ...)
 	NOT-FOR-US: IDevSpot iSupport
-CVE-2012-5325
+CVE-2012-5325 (Multiple cross-site scripting (XSS) vulnerabilities in the scr_do_redi ...)
 	NOT-FOR-US: WP Shortcode
-CVE-2012-5324
+CVE-2012-5324 (Multiple buffer overflows in the Pdf Printer Preferences ActiveX Contr ...)
 	NOT-FOR-US: PDF-XChange
-CVE-2012-5323
+CVE-2012-5323 (Cross-site request forgery (CSRF) vulnerability in webconfig/admin_pas ...)
 	NOT-FOR-US: Xavi ADSL router
-CVE-2012-5322
+CVE-2012-5322 (Multiple cross-site scripting (XSS) vulnerabilities in Xavi X7968 allo ...)
 	NOT-FOR-US: Xavi ADSL router
-CVE-2012-5321
+CVE-2012-5321 (tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote att ...)
 	- tikiwiki <removed>
-CVE-2012-5320
+CVE-2012-5320 (Cross-site request forgery (CSRF) vulnerability in password.cgi in Sag ...)
 	NOT-FOR-US: Sagem
-CVE-2012-5319
+CVE-2012-5319 (Cross-site request forgery (CSRF) vulnerability in setup/security.cgi  ...)
 	NOT-FOR-US: D-link
-CVE-2012-5318
+CVE-2012-5318 (Unrestricted file upload vulnerability in uploadify/scripts/uploadify. ...)
 	NOT-FOR-US: WP Kish
-CVE-2012-5317
+CVE-2012-5317 (SQL injection vulnerability in main_bigware_43.php in Bigware Shop bef ...)
 	NOT-FOR-US: Bigware Shop
-CVE-2012-5316
+CVE-2012-5316 (Multiple cross-site scripting (XSS) vulnerabilities in Barracuda Spam  ...)
 	NOT-FOR-US: Barracuda
-CVE-2012-5315
+CVE-2012-5315 (Multiple cross-site scripting (XSS) vulnerabilities in php ireport 1.0 ...)
 	NOT-FOR-US: iReport
-CVE-2012-5314
+CVE-2012-5314 (Cross-site scripting (XSS) vulnerability in ViewGit 0.0.6 and earlier  ...)
 	NOT-FOR-US: ViewGit
-CVE-2012-5313
+CVE-2012-5313 (SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows r ...)
 	NOT-FOR-US: Snitz Forums
-CVE-2012-5312
+CVE-2012-5312 (SQL injection vulnerability in Tribiq CMS allows remote attackers to e ...)
 	NOT-FOR-US: Tribiq CMS
 CVE-2012-5311
 	REJECTED
-CVE-2012-5310
+CVE-2012-5310 (SQL injection vulnerability in the WP e-Commerce plugin before 3.8.7.6 ...)
 	NOT-FOR-US: WP e-Commerce plugin
-CVE-2012-5309
+CVE-2012-5309 (servlet/traveler in IBM Lotus Notes Traveler through 8.5.3.3 Interim F ...)
 	NOT-FOR-US: Lotus Notes
-CVE-2012-5308
+CVE-2012-5308 (Cross-site request forgery (CSRF) vulnerability in servlet/traveler in ...)
 	NOT-FOR-US: Lotus Notes
-CVE-2012-5307
+CVE-2012-5307 (Cross-site scripting (XSS) vulnerability in servlet/traveler in IBM Lo ...)
 	NOT-FOR-US: Lotus Notes
-CVE-2012-5306
+CVE-2012-5306 (Stack-based buffer overflow in the SelectDirectory method in DcsCliCtr ...)
 	NOT-FOR-US: D-Link
-CVE-2012-5305
+CVE-2012-5305 (Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC Softwar ...)
 	NOT-FOR-US: DirectAdmin
-CVE-2012-5304
+CVE-2012-5304 (Static code injection vulnerability in administration/install.php in Y ...)
 	NOT-FOR-US: YVS
-CVE-2012-5303
+CVE-2012-5303 (Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrar ...)
 	- monkey <removed> (unimportant)
-CVE-2012-5302
+CVE-2012-5302 (The server in TIBCO Formvine 3.1.x and 3.2.x before 3.2.1 does not pro ...)
 	NOT-FOR-US: TIBCO Formvine
-CVE-2012-5301
+CVE-2012-5301 (The default configuration of Cerberus FTP Server before 5.0.4.0 suppor ...)
 	NOT-FOR-US: Cerberus
-CVE-2012-5300
+CVE-2012-5300 (SQL injection vulnerability in art_catalogo.php in MyStore Xpress Tien ...)
 	NOT-FOR-US: MyStore Xpress
-CVE-2012-5299
+CVE-2012-5299 (Mavili Guestbook, as released in November 2007, allows remote attacker ...)
 	NOT-FOR-US: Mavili Guestbook
-CVE-2012-5298
+CVE-2012-5298 (Mavili Guestbook, as released in November 2007, stores guestbook.mdb u ...)
 	NOT-FOR-US: Mavili Guestbook
-CVE-2012-5297
+CVE-2012-5297 (SQL injection vulnerability in edit.asp in Mavili Guestbook, as releas ...)
 	NOT-FOR-US: Mavili Guestbook
-CVE-2012-5296
+CVE-2012-5296 (Multiple cross-site scripting (XSS) vulnerabilities in Mavili Guestboo ...)
 	NOT-FOR-US: Mavili Guestbook
-CVE-2012-5295
+CVE-2012-5295 (Cross-site scripting (XSS) vulnerability in login.cfm in FuseTalk Foru ...)
 	NOT-FOR-US: FuseTalk
-CVE-2012-5294
+CVE-2012-5294 (SQL injection vulnerability in art_detalle.php in MyStore Xpress Tiend ...)
 	NOT-FOR-US: MyStore Xpress
-CVE-2012-5293
+CVE-2012-5293 (Multiple PHP remote file inclusion vulnerabilities in SAPID CMS 1.2.3  ...)
 	NOT-FOR-US: SAPID CMS
-CVE-2012-5292
+CVE-2012-5292 (Multiple SQL injection vulnerabilities in Atar2b CMS 4.0.1 allow remot ...)
 	NOT-FOR-US: Atar2b
-CVE-2012-5291
+CVE-2012-5291 (SQL injection vulnerability in team.php in Posse Softball Director CMS ...)
 	NOT-FOR-US: Posse Softball Director
-CVE-2012-5290
+CVE-2012-5290 (Multiple SQL injection vulnerabilities in EasyWebRealEstate allow remo ...)
 	NOT-FOR-US: EasyWebRealEstate
-CVE-2012-5289
+CVE-2012-5289 (Multiple SQL injection vulnerabilities in Plogger 1.0 RC1 allow remote ...)
 	NOT-FOR-US: Plogger
-CVE-2012-5288
+CVE-2012-5288 (SQL injection vulnerability in page.php in phpMyDirectory 1.3.3 allows ...)
 	NOT-FOR-US: phpMyDirectory
 CVE-2012-XXXX [gunicorn fails to drop supplemental groups]
 	- gunicorn 0.14.5-3 (low)
 	[squeeze] - gunicorn <no-dsa> (Minor issue)
-CVE-2012-5287
+CVE-2012-5287 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5286
+CVE-2012-5286 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5285
+CVE-2012-5285 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2012-5284
 	REJECTED
@@ -3651,71 +3651,71 @@ CVE-2012-5282
 	REJECTED
 CVE-2012-5281
 	REJECTED
-CVE-2012-5280
+CVE-2012-5280 (Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5279
+CVE-2012-5279 (Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5278
+CVE-2012-5278 (Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5277
+CVE-2012-5277 (Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5276
+CVE-2012-5276 (Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5275
+CVE-2012-5275 (Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5274
+CVE-2012-5274 (Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5273
+CVE-2012-5273 (Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows att ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-5272
+CVE-2012-5272 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5271
+CVE-2012-5271 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5270
+CVE-2012-5270 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5269
+CVE-2012-5269 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5268
+CVE-2012-5268 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5267
+CVE-2012-5267 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5266
+CVE-2012-5266 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5265
+CVE-2012-5265 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5264
+CVE-2012-5264 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5263
+CVE-2012-5263 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5262
+CVE-2012-5262 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5261
+CVE-2012-5261 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5260
+CVE-2012-5260 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5259
+CVE-2012-5259 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5258
+CVE-2012-5258 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5257
+CVE-2012-5257 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5256
+CVE-2012-5256 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5255
+CVE-2012-5255 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5254
+CVE-2012-5254 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5253
+CVE-2012-5253 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5252
+CVE-2012-5252 (Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5251
+CVE-2012-5251 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5250
+CVE-2012-5250 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5249
+CVE-2012-5249 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-5248
+CVE-2012-5248 (Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2012-5247
 	RESERVED
@@ -3723,24 +3723,24 @@ CVE-2012-5246
 	RESERVED
 CVE-2012-5245
 	RESERVED
-CVE-2012-5244
+CVE-2012-5244 (Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earli ...)
 	NOT-FOR-US: Banana Dance
-CVE-2012-5243
+CVE-2012-5243 (functions/suggest.php in Banana Dance B.2.6 and earlier allows remote  ...)
 	NOT-FOR-US: Banana Dance
-CVE-2012-5242
+CVE-2012-5242 (Directory traversal vulnerability in functions/suggest.php in Banana D ...)
 	NOT-FOR-US: Banana Dance
 CVE-2012-5241
 	RESERVED
 	NOT-FOR-US: PEAR module for Twitter
-CVE-2012-5240
+CVE-2012-5240 (Buffer overflow in the dissect_tlv function in epan/dissectors/packet- ...)
 	- wireshark 1.8.2-2 (bug #689972)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 CVE-2012-5239
 	REJECTED
-CVE-2012-5238
+CVE-2012-5238 (epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x b ...)
 	- wireshark 1.8.2-2 (bug #689972)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
-CVE-2012-5237
+CVE-2012-5237 (The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP ...)
 	- wireshark 1.8.2-2 (bug #689972)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 CVE-2012-5236 [Admin can decrypt user files]
@@ -3750,94 +3750,94 @@ CVE-2012-5236 [Admin can decrypt user files]
 	NOTE: http://owncloud.org/about/security/advisories/CVE-2012-5236/
 CVE-2012-5235
 	RESERVED
-CVE-2012-5234
+CVE-2012-5234 (Open redirect vulnerability in index.php in ocPortal before 7.1.6 allo ...)
 	- ocportal <itp> (bug #625865)
-CVE-2012-5233
+CVE-2012-5233 (Cross-site scripting (XSS) vulnerability in the stickynote module befo ...)
 	NOT-FOR-US: Drupal stickynote
-CVE-2012-5232
+CVE-2012-5232 (Cross-site scripting (XSS) vulnerability in the Quickl Form component  ...)
 	NOT-FOR-US: Joomla component
-CVE-2012-5231
+CVE-2012-5231 (miniCMS 1.0 and 2.0 allows remote attackers to execute arbitrary PHP c ...)
 	NOT-FOR-US: miniCMS
-CVE-2012-5230
+CVE-2012-5230 (Unspecified vulnerability in the JE Story Submit (com_jesubmit) compon ...)
 	NOT-FOR-US: Joomla jesusmit
-CVE-2012-5229
+CVE-2012-5229 (Cross-site scripting (XSS) vulnerability in css/gallery-css.php in the ...)
 	NOT-FOR-US: WP Gallery2
-CVE-2012-5228
+CVE-2012-5228 (Cross-site scripting (XSS) vulnerability in admin/index.php in phplist ...)
 	NOT-FOR-US: phplist
-CVE-2012-5227
+CVE-2012-5227 (SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2. ...)
 	NOT-FOR-US: Peel Shopping
-CVE-2012-5226
+CVE-2012-5226 (Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING 2 ...)
 	NOT-FOR-US: Peel Shopping
-CVE-2012-5225
+CVE-2012-5225 (Cross-site scripting (XSS) vulnerability in webscr.php in xClick Cart  ...)
 	NOT-FOR-US: xClick
-CVE-2012-5224
+CVE-2012-5224 (PHP remote file inclusion vulnerability in vb/includes/vba_cmps_includ ...)
 	NOT-FOR-US: vbadvanced CMPS
-CVE-2012-5223
+CVE-2012-5223 (The proc_deutf function in includes/functions_vbseocp_abstract.php in  ...)
 	NOT-FOR-US: vBSEO
-CVE-2012-5222
+CVE-2012-5222 (HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote att ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2012-5221
+CVE-2012-5221 (Directory traversal vulnerability in the PostScript Interpreter, as us ...)
 	NOT-FOR-US: HP LaserJet
-CVE-2012-5220
+CVE-2012-5220 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2012-5219
+CVE-2012-5219 (Cross-site scripting (XSS) vulnerability in HP Managed Printing Admini ...)
 	NOT-FOR-US: HP Managed Printing Administration
-CVE-2012-5218
+CVE-2012-5218 (HP ElitePad 900 PCs with BIOS F.0x before F.01 Update 1.0.0.8 do not e ...)
 	NOT-FOR-US: HP ElitePad 900
-CVE-2012-5217
+CVE-2012-5217 (HP System Management Homepage (SMH) before 7.2.1 allows remote attacke ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-5216
+CVE-2012-5216 (Cross-site request forgery (CSRF) vulnerability on HP ProCurve 1700-8  ...)
 	NOT-FOR-US: HP ProCurve
-CVE-2012-5215
+CVE-2012-5215 (Unspecified vulnerability on the HP LaserJet Pro M1212nf, M1213nf, M12 ...)
 	NOT-FOR-US: HP LaserJet Pro
-CVE-2012-5214
+CVE-2012-5214 (Unspecified vulnerability in HP ServiceCenter 6.2.8 before 6.2.8.10 al ...)
 	NOT-FOR-US: HP ServiceCenter
-CVE-2012-5213
+CVE-2012-5213 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5212
+CVE-2012-5212 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5211
+CVE-2012-5211 (Unspecified vulnerability in HP Intelligent Management Center (iMC) Us ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5210
+CVE-2012-5210 (Unspecified vulnerability in HP Intelligent Management Center (iMC) TA ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5209
+CVE-2012-5209 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5208
+CVE-2012-5208 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5207
+CVE-2012-5207 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5206
+CVE-2012-5206 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5205
+CVE-2012-5205 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5204
+CVE-2012-5204 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5203
+CVE-2012-5203 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5202
+CVE-2012-5202 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5201
+CVE-2012-5201 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5200
+CVE-2012-5200 (Cross-site scripting (XSS) vulnerability in HP Intelligent Management  ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-5199
+CVE-2012-5199 (Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and e ...)
 	NOT-FOR-US: HP ArcSight Connector Appliance
-CVE-2012-5198
+CVE-2012-5198 (Unspecified vulnerability in HP ArcSight Connector Appliance before 6. ...)
 	NOT-FOR-US: HP ArcSight Connector Appliance
-CVE-2012-5197
+CVE-2012-5197 (Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and ...)
 	- condor 7.8.2~dfsg.1-1+deb7u1 (unimportant)
 	NOTE: Not exploitable according to upstream
-CVE-2012-5196
+CVE-2012-5196 (Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x befo ...)
 	- condor 7.8.2~dfsg.1-1+deb7u1 (unimportant)
 	NOTE: Not exploitable according to upstream
-CVE-2012-5195
+CVE-2012-5195 (Heap-based buffer overflow in the Perl_repeatcpy function in util.c in ...)
 	{DSA-2586-1}
 	- perl 5.14.2-14 (bug #689314)
 CVE-2012-5194
 	RESERVED
 CVE-2012-5193
 	RESERVED
-CVE-2012-5192
+CVE-2012-5192 (Directory traversal vulnerability in gmap/view_overlay.php in Bitweave ...)
 	NOT-FOR-US: Bitweaver
 CVE-2012-5191
 	RESERVED
@@ -3845,361 +3845,361 @@ CVE-2012-5190
 	RESERVED
 CVE-2012-5189
 	REJECTED
-CVE-2012-5188
+CVE-2012-5188 (Untrusted search path vulnerability in mora Downloader before 1.0.0.1  ...)
 	NOT-FOR-US: mora Downloader
-CVE-2012-5187
+CVE-2012-5187 (The Weathernews Touch application 2.3.2 and earlier for Android allows ...)
 	NOT-FOR-US: Android
-CVE-2012-5186
+CVE-2012-5186 (Cross-site scripting (XSS) vulnerability in FLUGELz netmania myu-s and ...)
 	NOT-FOR-US: FLUGELz netmania myu-s, PHP WeblogSystem
-CVE-2012-5185
+CVE-2012-5185 (Directory traversal vulnerability in the Olive Toast Documents Pro Fil ...)
 	NOT-FOR-US: Olive Toast Documents Pro File Viewer
-CVE-2012-5184
+CVE-2012-5184 (Cross-site scripting (XSS) vulnerability in the Olive Toast Documents  ...)
 	NOT-FOR-US: Olive Toast Documents Pro File Viewer
-CVE-2012-5183
+CVE-2012-5183 (The Loctouch application 3.4.6 and earlier for Android allows attacker ...)
 	NOT-FOR-US: Loctouch application for Android
-CVE-2012-5182
+CVE-2012-5182 (The Loctouch application 3.4.6 and earlier for Android does not proper ...)
 	NOT-FOR-US: Loctouch application for Android
-CVE-2012-5181
+CVE-2012-5181 (Cross-site scripting (XSS) vulnerability in concrete5 Japanese 5.5.1 t ...)
 	NOT-FOR-US: concrete5
-CVE-2012-5180
+CVE-2012-5180 (The Opera Mobile application before 12.1 and Opera Mini application be ...)
 	NOT-FOR-US: Opera Mobile application for Android
-CVE-2012-5179
+CVE-2012-5179 (The Boat Browser application before 4.2 and Boat Browser Mini applicat ...)
 	NOT-FOR-US: Boat Browser application for Android
-CVE-2012-5178
+CVE-2012-5178 (Cross-site request forgery (CSRF) vulnerability in the Welcart plugin  ...)
 	NOT-FOR-US: WordPress Welcart plugin
-CVE-2012-5177
+CVE-2012-5177 (Cross-site scripting (XSS) vulnerability in the Welcart plugin before  ...)
 	NOT-FOR-US: WordPress Welcart plugin
-CVE-2012-5176
+CVE-2012-5176 (Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT 5.0 ...)
 	NOT-FOR-US: KENT-WEB ACCESS REPORT
-CVE-2012-5175
+CVE-2012-5175 (Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT 4.2 ...)
 	NOT-FOR-US: KENT-WEB ACCESS REPORT
-CVE-2012-5174
+CVE-2012-5174 (The KYOCERA AH-K3001V, AH-K3002V, WX300K, WX310K, WX320K, and WX320KR  ...)
 	NOT-FOR-US: KYOCERA
-CVE-2012-5173
+CVE-2012-5173 (Session fixation vulnerability in BIGACE before 2.7.8 allows remote at ...)
 	NOT-FOR-US: BIGACE
-CVE-2012-5172
+CVE-2012-5172 (The Asial Monaca Debugger application before 1.4.2 for Android allows  ...)
 	NOT-FOR-US: Asial Monaca Debugger
-CVE-2012-5171
+CVE-2012-5171 (Directory traversal vulnerability in Be Graph BeZIP before 3.10 allows ...)
 	NOT-FOR-US: Be Graph's BeZIP
-CVE-2012-5170
+CVE-2012-5170 (Open redirect vulnerability in Pebble before 2.6.4 allows remote attac ...)
 	NOT-FOR-US: Pebble blog
-CVE-2012-5169
+CVE-2012-5169 (Multiple cross-site scripting (XSS) vulnerabilities in file_manager/pr ...)
 	NOT-FOR-US: ATutor AContent
-CVE-2012-5168
+CVE-2012-5168 (ATutor AContent before 1.2-1 allows remote attackers to modify arbitra ...)
 	NOT-FOR-US: ATutor AContent
-CVE-2012-5167
+CVE-2012-5167 (Multiple SQL injection vulnerabilities in ATutor AContent before 1.2-1 ...)
 	NOT-FOR-US: ATutor AContent
-CVE-2012-5166
+CVE-2012-5166 (ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9. ...)
 	{DSA-2560-1}
 	- bind9 1:9.8.1.dfsg.P1-4.3 (bug #690118)
 	- isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
 CVE-2012-5165
 	RESERVED
-CVE-2012-5164
+CVE-2012-5164 (Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before ...)
 	NOT-FOR-US: Fork CMS
-CVE-2012-5163
+CVE-2012-5163 (Cross-site scripting (XSS) vulnerability in oc-admin/ajax/ajax.php in  ...)
 	NOT-FOR-US: OSClass not in Debian
-CVE-2012-5162
+CVE-2012-5162 (Multiple SQL injection vulnerabilities in oc-admin/ajax/ajax.php in OS ...)
 	NOT-FOR-US: OSClass not in Debian
-CVE-2012-5161
+CVE-2012-5161 (The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1  ...)
 	NOT-FOR-US: Citrix XenApp
 CVE-2012-5160
 	RESERVED
-CVE-2012-5158
+CVE-2012-5158 (Puppet Enterprise (PE) before 2.6.1 does not properly invalidate sessi ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2012-5157
+CVE-2012-5157 (Google Chrome before 24.0.1312.52 does not properly handle image data  ...)
 	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
-CVE-2012-5156
+CVE-2012-5156 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allo ...)
 	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
-CVE-2012-5155
+CVE-2012-5155 (Google Chrome before 24.0.1312.52 on Mac OS X does not use an appropri ...)
 	- chromium-browser <not-affected> (Only affects MacOS X)
-CVE-2012-5154
+CVE-2012-5154 (Integer overflow in Google Chrome before 24.0.1312.52 on Windows allow ...)
 	- chromium-browser <not-affected> (Only affects Windows)
-CVE-2012-5153
+CVE-2012-5153 (Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.5 ...)
 	- libv8 <not-affected> (bug #702261; kMinFixedIndex and kMaxFixedIndex are hard-coded to the correct values in 3.8.9.20, a later commit introduced a caclulation that produced incorrect values)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5152
+CVE-2012-5152 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a d ...)
 	[squeeze] - chromium-browser <end-of-life>
 	- chromium-browser 24.0.1312.68-1
-CVE-2012-5151
+CVE-2012-5151 (Integer overflow in Google Chrome before 24.0.1312.52 allows remote at ...)
 	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
-CVE-2012-5150
+CVE-2012-5150 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.6-1
-CVE-2012-5149
+CVE-2012-5149 (Integer overflow in the audio IPC layer in Google Chrome before 24.0.1 ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5148
+CVE-2012-5148 (The hyphenation functionality in Google Chrome before 24.0.1312.52 doe ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5147
+CVE-2012-5147 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5146
+CVE-2012-5146 (Google Chrome before 24.0.1312.52 allows remote attackers to bypass th ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5145
+CVE-2012-5145 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5144
+CVE-2012-5144 (Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0. ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:0.8.5-1 (bug #694483)
 	NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commitdiff;h=6d5b0092678b2a95dfe209a207550bd2fe9ef646
-CVE-2012-5143
+CVE-2012-5143 (Integer overflow in Google Chrome before 23.0.1271.97 allows remote at ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5142
+CVE-2012-5142 (Google Chrome before 23.0.1271.97 does not properly handle history nav ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5141
+CVE-2012-5141 (Google Chrome before 23.0.1271.97 does not properly restrict instantia ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5140
+CVE-2012-5140 (Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5139
+CVE-2012-5139 (Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5138
+CVE-2012-5138 (Google Chrome before 23.0.1271.95 does not properly handle file paths, ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5137
+CVE-2012-5137 (Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5136
+CVE-2012-5136 (Google Chrome before 23.0.1271.91 does not properly perform a cast of  ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5135
+CVE-2012-5135 (Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5134
+CVE-2012-5134 (Heap-based buffer underflow in the xmlParseAttValueComplex function in ...)
 	{DSA-2580-1}
 	- libxml2 2.8.0+dfsg1-7 (bug #694521)
-CVE-2012-5133
+CVE-2012-5133 (Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5132
+CVE-2012-5132 (Google Chrome before 23.0.1271.91 allows remote attackers to cause a d ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5131
+CVE-2012-5131 (Google Chrome before 23.0.1271.91 on Mac OS X does not properly mitiga ...)
 	- chromium-browser <not-affected> (MacOS-specific)
-CVE-2012-5130
+CVE-2012-5130 (Skia, as used in Google Chrome before 23.0.1271.91, allows remote atta ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5129
+CVE-2012-5129 (Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS  ...)
 	- mesa 8.0.5-3 (bug #695248)
 	[squeeze] - mesa <not-affected> (Vulnerable code not present)
-CVE-2012-5128
+CVE-2012-5128 (Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.6 ...)
 	- libv8 <not-affected> (Doesn't affect 3.8.9, see bug #694808)
-CVE-2012-5127
+CVE-2012-5127 (Integer overflow in Google Chrome before 23.0.1271.64 allows remote at ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libwebp 0.1.3-3+nmu1 (bug #704573)
 	NOTE: fixed in experimental version 0.2.1-1
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=442152
 	NOTE: Upstream announce: https://groups.google.com/a/webmproject.org/forum/?fromgroups=#!topic/webp-discuss/QTtgi8YfgkE
-CVE-2012-5126
+CVE-2012-5126 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5125
+CVE-2012-5125 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5124
+CVE-2012-5124 (Google Chrome before 23.0.1271.64 does not properly handle textures, w ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5123
+CVE-2012-5123 (Skia, as used in Google Chrome before 23.0.1271.64, allows remote atta ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5122
+CVE-2012-5122 (Google Chrome before 23.0.1271.64 does not properly perform a cast of  ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5121
+CVE-2012-5121 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5120
+CVE-2012-5120 (Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.6 ...)
 	- libv8 <not-affected> (Doesn't affect 3.8.9, see bug #694808)
-CVE-2012-5119
+CVE-2012-5119 (Race condition in Pepper, as used in Google Chrome before 23.0.1271.64 ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5118
+CVE-2012-5118 (Google Chrome before 23.0.1271.64 on Mac OS X does not properly valida ...)
 	- chromium-browser <not-affected> (MacOS-specific)
-CVE-2012-5117
+CVE-2012-5117 (Google Chrome before 23.0.1271.64 does not properly restrict the loadi ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5116
+CVE-2012-5116 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5115
+CVE-2012-5115 (Google Chrome before 23.0.1271.64 on Mac OS X does not properly mitiga ...)
 	- chromium-browser <not-affected> (MacOS-specific)
 CVE-2012-5114
 	RESERVED
 CVE-2012-5113
 	RESERVED
-CVE-2012-5112
+CVE-2012-5112 (Use-after-free vulnerability in the SVG implementation in WebKit, as u ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5111
+CVE-2012-5111 (Google Chrome before 22.0.1229.92 does not monitor for crashes of Pepp ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5110
+CVE-2012-5110 (The compositor in Google Chrome before 22.0.1229.92 allows remote atta ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5109
+CVE-2012-5109 (The International Components for Unicode (ICU) functionality in Google ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-5108
+CVE-2012-5108 (Race condition in Google Chrome before 22.0.1229.92 allows remote atta ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2012-5107
 	RESERVED
-CVE-2012-5106
+CVE-2012-5106 (Stack-based buffer overflow in FreeFloat FTP Server 1.0 allows remote  ...)
 	NOT-FOR-US: FreeFloat FTP Server
-CVE-2012-5159
+CVE-2012-5159 (phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror durin ...)
 	- phpmyadmin <not-affected>
-CVE-2012-5105
+CVE-2012-5105 (Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1 ...)
 	NOT-FOR-US: SQLiteManager
-CVE-2012-5104
+CVE-2012-5104 (Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in U ...)
 	NOT-FOR-US: UBB.threads
-CVE-2012-5103
+CVE-2012-5103 (Multiple cross-site scripting (XSS) vulnerabilities in action/add-subm ...)
 	NOT-FOR-US: Ggb guestbook
-CVE-2012-5102
+CVE-2012-5102 (Cross-site scripting (XSS) vulnerability in inc/extensions.php in Vert ...)
 	NOT-FOR-US: VertigoServ
-CVE-2012-5101
+CVE-2012-5101 (SQL injection vulnerability in the JExtensions JE Poll component befor ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2012-5100
+CVE-2012-5100 (Directory traversal vulnerability in HServer 0.1.1 allows remote attac ...)
 	NOT-FOR-US: HServer
-CVE-2012-5099
+CVE-2012-5099 (Cross-site scripting (XSS) vulnerability in list.php in PHPB2B 4.1 and ...)
 	NOT-FOR-US: PHPB2B
-CVE-2012-5098
+CVE-2012-5098 (Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, a ...)
 	NOT-FOR-US: PHP-X-Links
-CVE-2012-5097
+CVE-2012-5097 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-5096
+CVE-2012-5096 (Unspecified vulnerability in the Server component in Oracle MySQL 5.5. ...)
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-5095
+CVE-2012-5095 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris 10
-CVE-2012-5094
+CVE-2012-5094 (Unspecified vulnerability in the Oracle Agile PLM for Process componen ...)
 	NOT-FOR-US: Oracle Agile PLM
-CVE-2012-5093
+CVE-2012-5093 (Unspecified vulnerability in the Oracle Agile PLM for Process componen ...)
 	NOT-FOR-US: Oracle Agile PLM
-CVE-2012-5092
+CVE-2012-5092 (Unspecified vulnerability in the Oracle Agile PLM for Process componen ...)
 	NOT-FOR-US: Oracle Agile PLM
-CVE-2012-5091
+CVE-2012-5091 (Unspecified vulnerability in the Oracle Agile Product Supplier Collabo ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2012-5090
+CVE-2012-5090 (Unspecified vulnerability in the Oracle Agile PLM for Process componen ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2012-5089
+CVE-2012-5089 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5088
+CVE-2012-5088 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5087
+CVE-2012-5087 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5086
+CVE-2012-5086 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
-CVE-2012-5085
+CVE-2012-5085 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5084
+CVE-2012-5084 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5083
+CVE-2012-5083 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2012-5082
+CVE-2012-5082 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2012-5081
+CVE-2012-5081 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
 	NOTE: https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
 	NOTE: https://robotattack.org/
-CVE-2012-5080
+CVE-2012-5080 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2012-5079
+CVE-2012-5079 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5078
+CVE-2012-5078 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2012-5077
+CVE-2012-5077 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5076
+CVE-2012-5076 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5075
+CVE-2012-5075 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5074
+CVE-2012-5074 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5073
+CVE-2012-5073 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5072
+CVE-2012-5072 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5071
+CVE-2012-5071 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5070
+CVE-2012-5070 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5069
+CVE-2012-5069 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5068
+CVE-2012-5068 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-5067
+CVE-2012-5067 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2012-5066
+CVE-2012-5066 (Unspecified vulnerability in the Oracle Central Designer component in  ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2012-5065
+CVE-2012-5065 (Unspecified vulnerability in the Oracle WebCenter Sites component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-5064
+CVE-2012-5064 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-5063
+CVE-2012-5063 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-5062
+CVE-2012-5062 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2012-5061
+CVE-2012-5061 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-5060
+CVE-2012-5060 (Unspecified vulnerability in the Server component in Oracle MySQL 5.1. ...)
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-5059
+CVE-2012-5059 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-5058
+CVE-2012-5058 (Unspecified vulnerability in the Oracle iStore component in Oracle E-B ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-5057
+CVE-2012-5057 (CRLF injection vulnerability in ownCloud Server before 4.0.8 allows re ...)
 	- owncloud 4.0.8debian-1
-CVE-2012-5056
+CVE-2012-5056 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server ...)
 	- owncloud 4.0.8debian-1
-CVE-2012-5055
+CVE-2012-5055 (DaoAuthenticationProvider in VMware SpringSource Spring Security befor ...)
 	NOT-FOR-US: VMware
-CVE-2012-5054
+CVE-2012-5054 (Integer overflow in the copyRawDataTo method in the Matrix3D class in  ...)
 	NOT-FOR-US: Adobe Flash player
-CVE-2012-5053
+CVE-2012-5053 (Cross-site scripting (XSS) vulnerability in the Receiver Web User Inte ...)
 	NOT-FOR-US: Trimble Infrastructure GNSS Series Receivers
 CVE-2012-5052
 	RESERVED
-CVE-2012-5051
+CVE-2012-5051 (Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows re ...)
 	NOT-FOR-US: VMware
-CVE-2012-5050
+CVE-2012-5050 (Cross-site scripting (XSS) vulnerability in the server in VMware vCent ...)
 	NOT-FOR-US: VMware
-CVE-2012-5049
+CVE-2012-5049 (APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote  ...)
 	NOT-FOR-US: Optimalog Optima PLC
-CVE-2012-5048
+CVE-2012-5048 (APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote  ...)
 	NOT-FOR-US: Optimalog Optima PLC
 CVE-2012-5047
 	RESERVED
@@ -4207,7 +4207,7 @@ CVE-2012-5046
 	RESERVED
 CVE-2012-5045
 	RESERVED
-CVE-2012-5044
+CVE-2012-5044 (Cisco IOS before 15.3(1)T, when media flow-around is not used, allows  ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5043
 	RESERVED
@@ -4217,13 +4217,13 @@ CVE-2012-5041
 	RESERVED
 CVE-2012-5040
 	RESERVED
-CVE-2012-5039
+CVE-2012-5039 (The BGP Router process in Cisco IOS before 12.2(50)SY1 allows remote a ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5038
 	RESERVED
-CVE-2012-5037
+CVE-2012-5037 (The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-5036
+CVE-2012-5036 (Cisco IOS before 12.2(50)SY1 allows remote authenticated users to caus ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5035
 	RESERVED
@@ -4231,11 +4231,11 @@ CVE-2012-5034
 	RESERVED
 CVE-2012-5033
 	RESERVED
-CVE-2012-5032
+CVE-2012-5032 (The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation  ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5031
 	RESERVED
-CVE-2012-5030
+CVE-2012-5030 (Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5029
 	RESERVED
@@ -4261,13 +4261,13 @@ CVE-2012-5019
 	RESERVED
 CVE-2012-5018
 	RESERVED
-CVE-2012-5017
+CVE-2012-5017 (Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5016
 	RESERVED
 CVE-2012-5015
 	RESERVED
-CVE-2012-5014
+CVE-2012-5014 (Cisco IOS before 15.1(2)SY allows remote authenticated users to cause  ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-5013
 	RESERVED
@@ -4275,63 +4275,63 @@ CVE-2012-5012
 	RESERVED
 CVE-2012-5011
 	RESERVED
-CVE-2012-5010
+CVE-2012-5010 (ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (AS ...)
 	NOT-FOR-US: Adaptive Security Appliance Adaptive Security Appliance (ASA)
 CVE-2012-5009
 	RESERVED
 CVE-2012-5008
 	RESERVED
-CVE-2012-5007
+CVE-2012-5007 (The Fill PDF module 7.x-1.x before 7.x-1.2 for Drupal allows remote at ...)
 	NOT-FOR-US: Drupal addon Fill PDF
-CVE-2012-5006
+CVE-2012-5006 (Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser Plug ...)
 	NOT-FOR-US: Caminova DjVu Browser
-CVE-2012-5005
+CVE-2012-5005 (Cross-site request forgery (CSRF) vulnerability in admin/admin_options ...)
 	NOT-FOR-US: VR GPub
-CVE-2012-5004
+CVE-2012-5004 (Multiple cross-site request forgery (CSRF) vulnerabilities in Parallel ...)
 	NOT-FOR-US: Parallels H-Sphere
-CVE-2012-5003
+CVE-2012-5003 (nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not p ...)
 	NOT-FOR-US: No Machine NX Web Companion
-CVE-2012-5002
+CVE-2012-5002 (Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in R ...)
 	NOT-FOR-US: SR10 FTP server in Ricoh DC Software
-CVE-2012-5001
+CVE-2012-5001 (Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node M ...)
 	NOT-FOR-US: Hitachi JP1/Cm2/Network Node Manager
-CVE-2012-5000
+CVE-2012-5000 (SQL injection vulnerability in jokes/index.php in the Witze addon 0.9  ...)
 	NOT-FOR-US: deV!L'z Clanportal
-CVE-2012-4999
+CVE-2012-4999 (Mercury MR804 Router 8.0 3.8.1 Build 101220 Rel.53006nB allows remote  ...)
 	NOT-FOR-US: Mercury MR804 Router
-CVE-2012-4998
+CVE-2012-4998 (Cross-site scripting (XSS) vulnerability in index.php in starCMS allow ...)
 	NOT-FOR-US: starCMS
-CVE-2012-4997
+CVE-2012-4997 (Directory traversal vulnerability in acp/index.php in AneCMS allows re ...)
 	NOT-FOR-US: AneCMS
-CVE-2012-4996
+CVE-2012-4996 (Multiple SQL injection vulnerabilities in RivetTracker 1.03 and earlie ...)
 	NOT-FOR-US: RivetTracker
-CVE-2012-4995
+CVE-2012-4995 (Cross-site scripting (XSS) vulnerability in admin/userrighthandling.ph ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2012-4994
+CVE-2012-4994 (SQL injection vulnerability in admin/admin.php in LimeSurvey before 1. ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2012-4993
+CVE-2012-4993 (torrent_functions.php in RivetTracker 1.03 and earlier does not proper ...)
 	NOT-FOR-US: RivetTracker
-CVE-2012-4992
+CVE-2012-4992 (Multiple buffer overflows in FlashFXP.exe in FlashFXP 4.2 allow remote ...)
 	NOT-FOR-US: FlashFXP
-CVE-2012-4991
+CVE-2012-4991 (Multiple directory traversal vulnerabilities in Axway SecureTransport  ...)
 	NOT-FOR-US: Axway SecureTransport
-CVE-2012-4990
+CVE-2012-4990 (SQL injection vulnerability in admin/campaign-zone-link.php in OpenX 2 ...)
 	NOT-FOR-US: OpenX
-CVE-2012-4989
+CVE-2012-4989 (Cross-site scripting (XSS) vulnerability in admin/plugin-index.php in  ...)
 	NOT-FOR-US: OpenX
-CVE-2012-4988
+CVE-2012-4988 (Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JP ...)
 	NOT-FOR-US: XnView
-CVE-2012-4987
+CVE-2012-4987 (Stack-based buffer overflow in RealNetworks RealPlayer 15.0.5.109 allo ...)
 	NOT-FOR-US: RealPlayer
 CVE-2012-4986
 	RESERVED
-CVE-2012-4985
+CVE-2012-4985 (The Forescout CounterACT NAC device 6.3.4.1 does not block ARP and ICM ...)
 	NOT-FOR-US: Forescout device
 CVE-2012-4984
 	RESERVED
-CVE-2012-4983
+CVE-2012-4983 (Multiple cross-site scripting (XSS) vulnerabilities on the Forescout C ...)
 	NOT-FOR-US: Forescout device
-CVE-2012-4982
+CVE-2012-4982 (Open redirect vulnerability in assets/login on the Forescout CounterAC ...)
 	NOT-FOR-US: Forescout device
 CVE-2012-4981
 	RESERVED
@@ -4341,25 +4341,25 @@ CVE-2012-4979
 	RESERVED
 CVE-2012-4978
 	RESERVED
-CVE-2012-4977
+CVE-2012-4977 (Layton Helpbox 4.4.0 allows remote attackers to discover cleartext cre ...)
 	NOT-FOR-US: Layton Helpbox
-CVE-2012-4976
+CVE-2012-4976 (selectawasset.asp in Layton Helpbox 4.4.0 allows remote attackers to d ...)
 	NOT-FOR-US: Layton Helpbox
-CVE-2012-4975
+CVE-2012-4975 (editrequestuser.asp in Layton Helpbox 4.4.0 allows remote authenticate ...)
 	NOT-FOR-US: Layton Helpbox
-CVE-2012-4974
+CVE-2012-4974 (Layton Helpbox 4.4.0 allows remote authenticated users to change the l ...)
 	NOT-FOR-US: Layton Helpbox
 CVE-2012-4973
 	RESERVED
-CVE-2012-4972
+CVE-2012-4972 (Multiple cross-site scripting (XSS) vulnerabilities in Layton Helpbox  ...)
 	NOT-FOR-US: Layton Helpbox
-CVE-2012-4971
+CVE-2012-4971 (Multiple SQL injection vulnerabilities in Layton Helpbox 4.4.0 allow r ...)
 	NOT-FOR-US: Layton Helpbox
-CVE-2012-4970
+CVE-2012-4970 (Cross-site scripting (XSS) vulnerability in the web management interfa ...)
 	NOT-FOR-US: Polycom HDX Video End Points
-CVE-2012-4969
+CVE-2012-4969 (Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2012-4968
+CVE-2012-4968 (Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe 2. ...)
 	- silverstripe <itp> (bug #528461)
 CVE-2012-4967
 	REJECTED
@@ -4367,7 +4367,7 @@ CVE-2012-4966
 	REJECTED
 CVE-2012-4965
 	REJECTED
-CVE-2012-4964
+CVE-2012-4964 (The Samsung printer firmware before 20121031 has a hardcoded read-writ ...)
 	NOT-FOR-US: Samsung printer firmware
 CVE-2012-4963
 	RESERVED
@@ -4375,72 +4375,72 @@ CVE-2012-4962
 	RESERVED
 CVE-2012-4961
 	RESERVED
-CVE-2012-4960
+CVE-2012-4960 (The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6,  ...)
 	NOT-FOR-US: Huawei devices
-CVE-2012-4959
+CVE-2012-4959 (Directory traversal vulnerability in NFRAgent.exe in Novell File Repor ...)
 	NOT-FOR-US: Novell File Reporter
-CVE-2012-4958
+CVE-2012-4958 (Directory traversal vulnerability in NFRAgent.exe in Novell File Repor ...)
 	NOT-FOR-US: Novell File Reporter
-CVE-2012-4957
+CVE-2012-4957 (Absolute path traversal vulnerability in NFRAgent.exe in Novell File R ...)
 	NOT-FOR-US: Novell File Reporter
-CVE-2012-4956
+CVE-2012-4956 (Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0 ...)
 	NOT-FOR-US: Novell File Reporter
-CVE-2012-4955
+CVE-2012-4955 (Cross-site scripting (XSS) vulnerability in Dell OpenManage Server Adm ...)
 	NOT-FOR-US: Dell OpenManage SA
-CVE-2012-4954
+CVE-2012-4954 (The edit-profile page in Vanilla Forums before 2.1a32 allows remote au ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2012-4953
+CVE-2012-4953 (The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Syma ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2012-4952
+CVE-2012-4952 (Henry Schein Dentrix G5 before 15.1.294 has a single internal-database ...)
 	NOT-FOR-US: Dentrix
-CVE-2012-4951
+CVE-2012-4951 (Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in V ...)
 	NOT-FOR-US: VeriFone VeriCentre Web Console
-CVE-2012-4950
+CVE-2012-4950 (Cross-site scripting (XSS) vulnerability in the Keyword Search page in ...)
 	NOT-FOR-US: Pattern Insight
-CVE-2012-4949
+CVE-2012-4949 (SQL injection vulnerability in ESRI ArcGIS 10.1 allows remote authenti ...)
 	NOT-FOR-US: ESRI ArcGIS
-CVE-2012-4948
+CVE-2012-4948 (The default configuration of Fortinet Fortigate UTM appliances uses th ...)
 	NOT-FOR-US: Fortinet Fortigate UTM applianced
-CVE-2012-4947
+CVE-2012-4947 (Agile FleetCommander and FleetCommander Kiosk before 4.08 store databa ...)
 	NOT-FOR-US: FleetCommander
-CVE-2012-4946
+CVE-2012-4946 (Agile FleetCommander and FleetCommander Kiosk before 4.08 use an XOR f ...)
 	NOT-FOR-US: FleetCommander
-CVE-2012-4945
+CVE-2012-4945 (Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote ...)
 	NOT-FOR-US: FleetCommander
-CVE-2012-4944
+CVE-2012-4944 (Multiple unrestricted file upload vulnerabilities in Agile FleetComman ...)
 	NOT-FOR-US: FleetCommander
-CVE-2012-4943
+CVE-2012-4943 (Multiple cross-site request forgery (CSRF) vulnerabilities in Agile Fl ...)
 	NOT-FOR-US: FleetCommander
-CVE-2012-4942
+CVE-2012-4942 (Multiple cross-site scripting (XSS) vulnerabilities in Agile FleetComm ...)
 	NOT-FOR-US: FleetCommander
-CVE-2012-4941
+CVE-2012-4941 (Multiple SQL injection vulnerabilities in Agile FleetCommander and Fle ...)
 	NOT-FOR-US: FleetCommander
-CVE-2012-4940
+CVE-2012-4940 (Multiple directory traversal vulnerabilities in the View Log Files com ...)
 	NOT-FOR-US: Axigen Free Mail Server
-CVE-2012-4939
+CVE-2012-4939 (Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in th ...)
 	NOT-FOR-US: SolarWinds Orion Network Performance Monitor
-CVE-2012-4938
+CVE-2012-4938 (Cross-site scripting (XSS) vulnerability in the web interface in Patte ...)
 	NOT-FOR-US: Pattern Insight
-CVE-2012-4937
+CVE-2012-4937 (Session fixation vulnerability in the web interface in Pattern Insight ...)
 	NOT-FOR-US: Pattern Insight
-CVE-2012-4936
+CVE-2012-4936 (The web interface in Pattern Insight 2.3 allows remote attackers to co ...)
 	NOT-FOR-US: Pattern Insight
-CVE-2012-4935
+CVE-2012-4935 (Cross-site request forgery (CSRF) vulnerability in the web interface i ...)
 	NOT-FOR-US: Pattern Insight
-CVE-2012-4934
+CVE-2012-4934 (TomatoCart 1.1.7, when the PayPal Express Checkout module is enabled i ...)
 	NOT-FOR-US: TomatoCart
-CVE-2012-4933
+CVE-2012-4933 (The rtrlet web application in the Web Console in Novell ZENworks Asset ...)
 	NOT-FOR-US: Novell ZENworks
-CVE-2012-4932
+CVE-2012-4932 (Multiple cross-site scripting (XSS) vulnerabilities in SimpleInvoices  ...)
 	NOT-FOR-US: SimpleInvoices
 CVE-2012-4931
 	RESERVED
-CVE-2012-4930
+CVE-2012-4930 (The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Ch ...)
 	- iceweasel <not-affected> (Firefox ESV not support SDPY)
 	- chromium-browser 21.0.1180.57~r148591-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://www.imperialviolet.org/2012/09/21/crime.html
-CVE-2012-4929
+CVE-2012-4929 (The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google C ...)
 	{DSA-3253-1 DSA-2627-1 DSA-2626-1 DSA-2579-1 DLA-400-1 DLA-0008-1}
 	- iceweasel <not-affected> (Firefox ESV not use TLS/SSL compression)
 	- chromium-browser 22.0.1229.94~r161065-1
@@ -4457,239 +4457,239 @@ CVE-2012-4929
 	NOTE: openssl redhat announcement https://rhn.redhat.com/errata/RHSA-2013-0587.html
 	NOTE: openssl disables compression by default since dc5744cb78da6f2bcafeeefe22c604a51b52dfc5
 	- pound 2.6-3 (bug #727197)
-CVE-2012-4928
+CVE-2012-4928 (Cross-site scripting (XSS) vulnerability in ow_updates/index.php in Ox ...)
 	NOT-FOR-US: Oxwall 1.1.1
-CVE-2012-4927
+CVE-2012-4927 (SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1 ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2012-4926
+CVE-2012-4926 (approve.php in Img Pals Photo Host 1.0 does not authenticate requests, ...)
 	NOT-FOR-US: Img Pals Photo Host 1.0
-CVE-2012-4925
+CVE-2012-4925 (Multiple SQL injection vulnerabilities in approve.php in Img Pals Phot ...)
 	NOT-FOR-US: Img Pals Photo Host 1.0
-CVE-2012-4924
+CVE-2012-4924 (Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX  ...)
 	NOT-FOR-US: ASUS Net4Switch
-CVE-2012-4923
+CVE-2012-4923 (Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall ...)
 	NOT-FOR-US: Endian Firewall 2.4
-CVE-2012-4922
+CVE-2012-4922 (The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0 ...)
 	{DSA-2548-1}
 	- tor 0.2.3.22-rc-1
-CVE-2012-4921
+CVE-2012-4921 (Multiple cross-site request forgery (CSRF) vulnerabilities in the DVS  ...)
 	NOT-FOR-US: WordPress plugin DVS Custom Notification
-CVE-2012-4920
+CVE-2012-4920 (Directory traversal vulnerability in the zing_forum_output function in ...)
 	NOT-FOR-US: Wordpress plugin Zingiri Forum
 CVE-2012-4919
 	RESERVED
-CVE-2012-4918
+CVE-2012-4918 (Call of Duty Elite for iOS 2.0.1 does not properly validate the server ...)
 	NOT-FOR-US: Call of Duty Elite for iOS
-CVE-2012-4917
+CVE-2012-4917 (The TripAdvisor app 6.6 for iOS sends cleartext credentials, which all ...)
 	NOT-FOR-US: The TripAdvisor app 6.6 for iOS
 CVE-2012-4916
 	RESERVED
-CVE-2012-4915
+CVE-2012-4915 (Directory traversal vulnerability in the Google Doc Embedder plugin be ...)
 	NOT-FOR-US: WordPress plugin Google Doc Embedder
-CVE-2012-4914
+CVE-2012-4914 (Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows  ...)
 	NOT-FOR-US: CoolPDF
 CVE-2012-4913
 	RESERVED
-CVE-2012-4912
+CVE-2012-4912 (Cross-site scripting (XSS) vulnerability in the WebAccess component in ...)
 	NOT-FOR-US: Novell GroupWise
 CVE-2012-4911
 	REJECTED
 CVE-2012-4910
 	REJECTED
-CVE-2012-4909
+CVE-2012-4909 (Google Chrome before 18.0.1025308 on Android allows remote attackers t ...)
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4908
+CVE-2012-4908 (Google Chrome before 18.0.1025308 on Android allows remote attackers t ...)
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4907
+CVE-2012-4907 (Google Chrome before 18.0.1025308 on Android does not properly restric ...)
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4906
+CVE-2012-4906 (Google Chrome before 18.0.1025308 on Android does not properly restric ...)
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4905
+CVE-2012-4905 (Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0. ...)
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4904
+CVE-2012-4904 (Cross-application scripting vulnerability in Google Chrome before 18.0 ...)
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4903
+CVE-2012-4903 (Google Chrome before 18.0.1025308 on Android does not properly restric ...)
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2012-4902
+CVE-2012-4902 (Multiple cross-site request forgery (CSRF) vulnerabilities in Template ...)
 	NOT-FOR-US: Template CMS (http://template-cms.ru)
-CVE-2012-4901
+CVE-2012-4901 (Cross-site scripting (XSS) vulnerability in Template CMS 2.1.1 and ear ...)
 	NOT-FOR-US: Template CMS (http://template-cms.ru)
 CVE-2012-4900
 	RESERVED
-CVE-2012-4899
+CVE-2012-4899 (WellinTech KingView 6.5.3 and earlier uses a weak password-hashing alg ...)
 	NOT-FOR-US: WellinTech KingView
-CVE-2012-4898
+CVE-2012-4898 (Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a  ...)
 	NOT-FOR-US: Mesh OS
-CVE-2012-4897
+CVE-2012-4897 (Untrusted search path vulnerability in the installer in VMware Movie D ...)
 	NOT-FOR-US: VMware
-CVE-2012-4896
+CVE-2012-4896 (Heap-based buffer overflow in SumatraPDF before 2.1 allows remote atta ...)
 	NOT-FOR-US: SumatraPDF
-CVE-2012-4895
+CVE-2012-4895 (Heap-based buffer overflow in SumatraPDF before 2.1 allows remote atta ...)
 	NOT-FOR-US: SumatraPDF
-CVE-2012-4894
+CVE-2012-4894 (Google SketchUp before 8.0.14346 (aka 8 Maintenance 3) allows user-ass ...)
 	NOT-FOR-US: Google SketchUp
-CVE-2012-4893
+CVE-2012-4893 (Multiple cross-site request forgery (CSRF) vulnerabilities in file/sho ...)
 	NOT-FOR-US: Webmin
-CVE-2012-4892
+CVE-2012-4892 (Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS 201 ...)
 	NOT-FOR-US: FlatnuX CMS
-CVE-2012-4891
+CVE-2012-4891 (Cross-site scripting (XSS) vulnerability in fw/index2.do in ManageEngi ...)
 	NOT-FOR-US: ManageEngine Firewall Analyzer
-CVE-2012-4890
+CVE-2012-4890 (Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS 201 ...)
 	NOT-FOR-US: FlatnuX CMS
-CVE-2012-4889
+CVE-2012-4889 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Fi ...)
 	NOT-FOR-US: ManageEngine Firewall Analyzer
 CVE-2012-4888
 	RESERVED
 CVE-2012-4887
 	RESERVED
-CVE-2012-4886
+CVE-2012-4886 (Stack-based buffer overflow in wpsio.dll in Kingsoft WPS Office 2012 p ...)
 	NOT-FOR-US: WPS Office
-CVE-2012-4885
+CVE-2012-4885 (The wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x befor ...)
 	- mediawiki 1:1.19.0-1 (low)
 	[squeeze] - mediawiki <end-of-life>
-CVE-2012-4884
+CVE-2012-4884 (Argument injection vulnerability in Request Tracker (RT) 3.8.x before  ...)
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
-CVE-2012-4883
+CVE-2012-4883 (Multiple untrusted search path vulnerabilities in 3DVIA Composer V6R20 ...)
 	NOT-FOR-US: 3DVIA Composer V6R2012
-CVE-2012-4882
+CVE-2012-4882 (Multiple untrusted search path vulnerabilities in 3D XML Player 6.212. ...)
 	NOT-FOR-US: 3D XML Player
-CVE-2012-4881
+CVE-2012-4881 (Untrusted search path vulnerability in moviEZ HD 1.0 Build 2554-29894- ...)
 	NOT-FOR-US: moviEZ
-CVE-2012-4880
+CVE-2012-4880 (Multiple untrusted search path vulnerabilities in DVD Architect Pro 5. ...)
 	NOT-FOR-US: DVD Architect Pro
-CVE-2012-4879
+CVE-2012-4879 (The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, 7 ...)
 	NOT-FOR-US: WAGO I/O System 758
-CVE-2012-4878
+CVE-2012-4878 (Absolute path traversal vulnerability in controlcenter.php in FlatnuX  ...)
 	NOT-FOR-US: FlatnuX CMS
-CVE-2012-4877
+CVE-2012-4877 (Cross-site request forgery (CSRF) vulnerability in controlcenter.php i ...)
 	NOT-FOR-US: FlatnuX CMS
-CVE-2012-4876
+CVE-2012-4876 (Stack-based buffer overflow in the UltraMJCam ActiveX Control in TREND ...)
 	NOT-FOR-US: TRENDnet SecurView TV-IP121WN Wireless Internet Camera
 CVE-2012-4875
 	- ghostscript <not-affected> (Even if it's genuine, it's Windows-code)
-CVE-2012-4874
+CVE-2012-4874 (Unspecified vulnerability in the Another WordPress Classifieds Plugin  ...)
 	NOT-FOR-US: Another WordPress Classifieds Plugin for Wordpress
-CVE-2012-4873
+CVE-2012-4873 (Cross-site scripting (XSS) vulnerability in the file_download function ...)
 	NOT-FOR-US: GNUBoard
-CVE-2012-4872
+CVE-2012-4872 (Cross-site scripting (XSS) vulnerability in Tickets/Submit in Kayako F ...)
 	NOT-FOR-US: Kayako Fusion
-CVE-2012-4871
+CVE-2012-4871 (Cross-site scripting (XSS) vulnerability in service/graph_html.php in  ...)
 	NOT-FOR-US: LiteSpeed Web Server
-CVE-2012-4870
+CVE-2012-4870 (Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and ...)
 	NOT-FOR-US: FreePBX
-CVE-2012-4869
+CVE-2012-4869 (The callme_startcall function in recordings/misc/callme_page.php in Fr ...)
 	NOT-FOR-US: FreePBX
-CVE-2012-4868
+CVE-2012-4868 (SQL injection vulnerability in news.php in the Kunena component 1.7.2  ...)
 	NOT-FOR-US: Kunena component for Joomla!
-CVE-2012-4867
+CVE-2012-4867 (Directory traversal vulnerability in modules/com_vtiger_workflow/sortf ...)
 	NOT-FOR-US: vtiger CRM
-CVE-2012-4866
+CVE-2012-4866 (Untrusted search path vulnerability in Xtreme RAT 3.5 allows local use ...)
 	NOT-FOR-US: Xtreme RAT
-CVE-2012-4865
+CVE-2012-4865 (Buffer overflow in Oreans Themida 2.1.8.0 allows remote attackers to e ...)
 	NOT-FOR-US: Oreans Themida
-CVE-2012-4864
+CVE-2012-4864 (Oreans WinLicense 2.1.8.0 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Oreans WinLicense
 CVE-2012-4863
 	RESERVED
-CVE-2012-4862
+CVE-2012-4862 (The Host Connect emulator in IBM Rational Developer for System z 7.1 t ...)
 	NOT-FOR-US: IBM Rational
-CVE-2012-4861
+CVE-2012-4861 (The web server in InfoSphere Data Replication Dashboard in IBM InfoSph ...)
 	NOT-FOR-US: IBM InfoSphere
 CVE-2012-4860
 	RESERVED
-CVE-2012-4859
+CVE-2012-4859 (Unspecified vulnerability in IBM Tivoli Storage Manager for Space Mana ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2012-4858
+CVE-2012-4858 (IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF ...)
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-4857
+CVE-2012-4857 (Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 be ...)
 	NOT-FOR-US: IBM Informix
-CVE-2012-4856
+CVE-2012-4856 (The Service Processor in the IBM Power 5 91##-### and 940#-### before  ...)
 	NOT-FOR-US: IBM Power 5
-CVE-2012-4855
+CVE-2012-4855 (Unspecified vulnerability in the web services framework in IBM WebSphe ...)
 	NOT-FOR-US: IBM WebSphere Commerce
 CVE-2012-4854
 	RESERVED
-CVE-2012-4853
+CVE-2012-4853 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Appli ...)
 	NOT-FOR-US: Websphere
 CVE-2012-4852
 	RESERVED
-CVE-2012-4851
+CVE-2012-4851 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application  ...)
 	NOT-FOR-US: Websphere
-CVE-2012-4850
+CVE-2012-4850 (IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1, w ...)
 	NOT-FOR-US: Websphere
 CVE-2012-4849
 	RESERVED
-CVE-2012-4848
+CVE-2012-4848 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Found ...)
 	NOT-FOR-US: IBM Lotus Foundations Start
-CVE-2012-4847
+CVE-2012-4847 (IBM Cognos Business Intelligence (BI) 8.4 and 8.4.1 allows remote auth ...)
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-4846
+CVE-2012-4846 (IBM Lotus Notes 8.5.x before 8.5.3 FP3 does not include the HTTPOnly f ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2012-4845
+CVE-2012-4845 (The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, d ...)
 	NOT-FOR-US: AIX
-CVE-2012-4844
+CVE-2012-4844 (Cross-site scripting (XSS) vulnerability in the web server in IBM Lotu ...)
 	NOT-FOR-US: IBM Lotus Domino
 CVE-2012-4843
 	RESERVED
-CVE-2012-4842
+CVE-2012-4842 (Open redirect vulnerability in the web server in IBM Lotus Domino 8.5. ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2012-4841
+CVE-2012-4841 (Unspecified vulnerability in Tivoli Endpoint Manager for Remote Contro ...)
 	NOT-FOR-US: Tivoli
-CVE-2012-4840
+CVE-2012-4840 (IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF ...)
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-4839
+CVE-2012-4839 (The OSLC interface in the Web Client (aka CQ Web) in IBM Rational Clea ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-4838
+CVE-2012-4838 (IBM Flex System Chassis Management Module (CMM) and Integrated Managem ...)
 	NOT-FOR-US: IBM Flex
-CVE-2012-4837
+CVE-2012-4837 (IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF ...)
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-4836
+CVE-2012-4836 (Cross-site scripting (XSS) vulnerability in IBM Cognos Business Intell ...)
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-4835
+CVE-2012-4835 (Cross-site scripting (XSS) vulnerability in IBM Cognos Business Intell ...)
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-4834
+CVE-2012-4834 (Directory traversal vulnerability in LayerLoader.jsp in the theme comp ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2012-4833
+CVE-2012-4833 (fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not p ...)
 	NOT-FOR-US: AIX
-CVE-2012-4832
+CVE-2012-4832 (Information Services Framework (ISF) in IBM InfoSphere Information Ser ...)
 	NOT-FOR-US: IBM InfoSphere
 CVE-2012-4831
 	RESERVED
-CVE-2012-4830
+CVE-2012-4830 (Unspecified vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0. ...)
 	NOT-FOR-US: WebSphere
-CVE-2012-4829
+CVE-2012-4829 (IBM XIV Storage System Gen3 before 11.2 relies on a default X.509 v3 c ...)
 	NOT-FOR-US: IBM
 CVE-2012-4828
 	RESERVED
 CVE-2012-4827
 	RESERVED
-CVE-2012-4826
+CVE-2012-4826 (Stack-based buffer overflow in the SQL/PSM (aka SQL Persistent Stored  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2012-4825
+CVE-2012-4825 (Multiple cross-site scripting (XSS) vulnerabilities in servlet/travele ...)
 	NOT-FOR-US: Lotus Notes
-CVE-2012-4824
+CVE-2012-4824 (Open redirect vulnerability in servlet/traveler in IBM Lotus Notes Tra ...)
 	NOT-FOR-US: Lotus Notes
-CVE-2012-4823
+CVE-2012-4823 (Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and e ...)
 	- openjdk-6 <not-affected> (Vulnerabilities specific to IBM Java)
 	- openjdk-7 <not-affected> (Vulnerabilities specific to IBM Java)
-CVE-2012-4822
+CVE-2012-4822 (Multiple unspecified vulnerabilities in the JRE component in IBM Java  ...)
 	- openjdk-6 <not-affected> (Vulnerabilities specific to IBM Java)
 	- openjdk-7 <not-affected> (Vulnerabilities specific to IBM Java)
-CVE-2012-4821
+CVE-2012-4821 (Multiple unspecified vulnerabilities in the JRE component in IBM Java  ...)
 	- openjdk-6 <not-affected> (Vulnerabilities specific to IBM Java)
 	- openjdk-7 <not-affected> (Vulnerabilities specific to IBM Java)
-CVE-2012-4820
+CVE-2012-4820 (Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and e ...)
 	- openjdk-6 <not-affected> (Vulnerabilities specific to IBM Java)
 	- openjdk-7 <not-affected> (Vulnerabilities specific to IBM Java)
-CVE-2012-4819
+CVE-2012-4819 (Cross-site scripting (XSS) vulnerability in InfoSphere Business Glossa ...)
 	NOT-FOR-US: IBM InfoSphere
 CVE-2012-4818
 	RESERVED
-CVE-2012-4817
+CVE-2012-4817 (The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS ...)
 	NOT-FOR-US: IBM AIX, VIOS
-CVE-2012-4816
+CVE-2012-4816 (IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows rem ...)
 	NOT-FOR-US: IBM Rational Automation Framework
 CVE-2012-4815
 	RESERVED
@@ -4737,9 +4737,9 @@ CVE-2012-4794
 	REJECTED
 CVE-2012-4793
 	REJECTED
-CVE-2012-4792
+CVE-2012-4792 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-4791
+CVE-2012-4791 (Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows remote  ...)
 	NOT-FOR-US: Microsoft Exchange Server
 CVE-2012-4790
 	REJECTED
@@ -4747,9 +4747,9 @@ CVE-2012-4789
 	REJECTED
 CVE-2012-4788
 	REJECTED
-CVE-2012-4787
+CVE-2012-4787 (Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 a ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-4786
+CVE-2012-4786 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows S ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-4785
 	REJECTED
@@ -4757,9 +4757,9 @@ CVE-2012-4784
 	REJECTED
 CVE-2012-4783
 	REJECTED
-CVE-2012-4782
+CVE-2012-4782 (Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 a ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-4781
+CVE-2012-4781 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-4780
 	REJECTED
@@ -4767,25 +4767,25 @@ CVE-2012-4779
 	REJECTED
 CVE-2012-4778
 	REJECTED
-CVE-2012-4777
+CVE-2012-4777 (The code-optimization feature in the reflection implementation in Micr ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-4776
+CVE-2012-4776 (The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Fr ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-4775
+CVE-2012-4775 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows r ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2012-4774
+CVE-2012-4774 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vis ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-4773
+CVE-2012-4773 (Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion  ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2012-4772
+CVE-2012-4772 (SQL injection vulnerability in register/ in Subrion CMS before 2.2.3 a ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2012-4771
+CVE-2012-4771 (Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS bef ...)
 	NOT-FOR-US: Subrion CMS
 CVE-2012-4770
 	RESERVED
 CVE-2012-4769
 	RESERVED
-CVE-2012-4768
+CVE-2012-4768 (Cross-site scripting (XSS) vulnerability in the Download Monitor plugi ...)
 	NOT-FOR-US: Download Monitor plugin for WordPress
 CVE-2012-4767
 	RESERVED
@@ -4803,28 +4803,28 @@ CVE-2012-4761
 	RESERVED
 CVE-2012-4760
 	RESERVED
-CVE-2012-4759
+CVE-2012-4759 (Untrusted search path vulnerability in facebook_plugin.fpi in the Face ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2012-4758
+CVE-2012-4758 (Multiple untrusted search path vulnerabilities in CyberLink PowerProdu ...)
 	NOT-FOR-US: CyberLink PowerProducer
-CVE-2012-4757
+CVE-2012-4757 (Multiple untrusted search path vulnerabilities in CyberLink StreamAuth ...)
 	NOT-FOR-US: CyberLink StreamAuthor
-CVE-2012-4756
+CVE-2012-4756 (Multiple untrusted search path vulnerabilities in CyberLink LabelPrint ...)
 	NOT-FOR-US: CyberLink LabelPrint
-CVE-2012-4755
+CVE-2012-4755 (Untrusted search path vulnerability in SciTools Understand before 2.6  ...)
 	NOT-FOR-US: SciTools Unterstand
-CVE-2012-4754
+CVE-2012-4754 (Multiple untrusted search path vulnerabilities in MindManager 2012 10. ...)
 	NOT-FOR-US: MindManager
 CVE-2012-4410
 	REJECTED
-CVE-2012-4753
+CVE-2012-4753 (Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/05/17
 	NOTE: False assignment, will be rejected, see #688123
-CVE-2012-4752
+CVE-2012-4752 (appconfig.php in ownCloud before 4.0.6 does not properly restrict acce ...)
 	- owncloud 4.0.7debian-1
 	[wheezy] - owncloud 4.0.4debian2-2
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/05/17
-CVE-2012-4751
+CVE-2012-4751 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
 	- otrs2 3.1.7+dfsg1-6
 	[squeeze] - otrs2 2.4.9+dfsg1-3+squeeze4
 	NOTE: DSA-2733-1
@@ -4834,50 +4834,50 @@ CVE-2012-4749
 	RESERVED
 CVE-2012-4748
 	RESERVED
-CVE-2012-4746
+CVE-2012-4746 (Cross-site request forgery (CSRF) vulnerability in accessaccount.cgi i ...)
 	NOT-FOR-US: ZTE ZXDSL
-CVE-2012-4745
+CVE-2012-4745 (Cross-site scripting (XSS) vulnerability in admin/login.asp in Acuity  ...)
 	NOT-FOR-US: Acuity CMS
-CVE-2012-4744
+CVE-2012-4744 (Cross-site scripting (XSS) vulnerability in ssearch.php in the Siche s ...)
 	NOT-FOR-US: Zeroboard
-CVE-2012-4743
+CVE-2012-4743 (Multiple SQL injection vulnerabilities in ssearch.php in Siche search  ...)
 	NOT-FOR-US: Zeroboard
-CVE-2012-4742
+CVE-2012-4742 (The web_node_register function in web.pm in PacketFence before 3.0.2 m ...)
 	NOT-FOR-US: PacketFence
-CVE-2012-4741
+CVE-2012-4741 (The RADIUS extension in PacketFence before 3.3.0 uses a different user ...)
 	NOT-FOR-US: PacketFence
-CVE-2012-4740
+CVE-2012-4740 (Cross-site scripting (XSS) vulnerability in the captive portal in Pack ...)
 	NOT-FOR-US: PacketFence
-CVE-2012-4739
+CVE-2012-4739 (Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL V ...)
 	NOT-FOR-US: Barracuda SSL VPN
 CVE-2012-4738
 	RESERVED
-CVE-2012-4736
+CVE-2012-4736 (The Device Encryption Client component in Sophos SafeGuard Enterprise  ...)
 	NOT-FOR-US: Sophos SafeGuard Enterprise
 CVE-2012-4735
 	REJECTED
-CVE-2012-4734
+CVE-2012-4734 (Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows ...)
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
-CVE-2012-4733
+CVE-2012-4733 (Request Tracker (RT) 4.x before 4.0.13 does not properly enforce the D ...)
 	{DSA-2671-1}
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2012-4732
+CVE-2012-4732 (Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT ...)
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
-CVE-2012-4731
+CVE-2012-4731 (FAQ manager for Request Tracker (RTFM) before 2.4.5 does not properly  ...)
 	{DSA-2568-1}
 	- rtfm <removed>
 	- request-tracker4 4.0.7-2
-CVE-2012-4730
+CVE-2012-4730 (Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows ...)
 	{DSA-2567-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.7-2
-CVE-2012-4729
+CVE-2012-4729 (Wing FTP Server before 4.1.1 allows remote authenticated users to caus ...)
 	NOT-FOR-US: Wing FTP Server
-CVE-2012-4728
+CVE-2012-4728 (The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in QP ...)
 	NOT-FOR-US: Corel Quattro Pro
 CVE-2012-4727
 	RESERVED
@@ -4901,108 +4901,108 @@ CVE-2012-4718
 	REJECTED
 CVE-2012-4717
 	REJECTED
-CVE-2012-4716
+CVE-2012-4716 (N-Tron 702-W Industrial Wireless Access Point devices use the same (1) ...)
 	NOT-FOR-US: N-Tron 702-W Industrial Wireless Access Point
-CVE-2012-4715
+CVE-2012-4715 (Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enter ...)
 	NOT-FOR-US: Rockwell Automation RSLinx Enterprise
-CVE-2012-4714
+CVE-2012-4714 (Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryT ...)
 	NOT-FOR-US: Rockwell Automation FactoryTalk Services Platform
-CVE-2012-4713
+CVE-2012-4713 (Integer signedness error in RNADiagnostics.dll in Rockwell Automation  ...)
 	NOT-FOR-US: Rockwell Automation FactoryTalk Services Platform
-CVE-2012-4712
+CVE-2012-4712 (Moxa EDR-G903 series routers with firmware before 2.11 have a hardcode ...)
 	NOT-FOR-US: Moxa EDR-G903
-CVE-2012-4711
+CVE-2012-4711 (Buffer overflow in kingMess.exe 65.20.2003.10300 in WellinTech KingVie ...)
 	NOT-FOR-US: WellinTech KingView
-CVE-2012-4710
+CVE-2012-4710 (Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attack ...)
 	NOT-FOR-US: Invensys Wonderware Win-XML Exporter
-CVE-2012-4709
+CVE-2012-4709 (Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote atta ...)
 	NOT-FOR-US: Invensys
-CVE-2012-4708
+CVE-2012-4708 (Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9. ...)
 	NOT-FOR-US: 3S CODESYS Gateway-Server
-CVE-2012-4707
+CVE-2012-4707 (3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to e ...)
 	NOT-FOR-US: 3S CODESYS Gateway-Server
-CVE-2012-4706
+CVE-2012-4706 (Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27  ...)
 	NOT-FOR-US: 3S CODESYS Gateway-Server
-CVE-2012-4705
+CVE-2012-4705 (Directory traversal vulnerability in 3S CODESYS Gateway-Server before  ...)
 	NOT-FOR-US: 3S CODESYS Gateway-Server
-CVE-2012-4704
+CVE-2012-4704 (Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows  ...)
 	NOT-FOR-US: 3S CODESYS Gateway-Server
-CVE-2012-4703
+CVE-2012-4703 (The Emerson DeltaV SE3006 through 11.3.1, DeltaV VE3005 through 10.3.1 ...)
 	NOT-FOR-US: Emerson DeltaV
-CVE-2012-4702
+CVE-2012-4702 (360 Systems Maxx, Image Server Maxx, and Image Server 2000 have a hard ...)
 	NOT-FOR-US: 360 Systems Maxx, Image Server Maxx, and Image Server
-CVE-2012-4701
+CVE-2012-4701 (Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and  ...)
 	NOT-FOR-US: Tridium Niagara
-CVE-2012-4700
+CVE-2012-4700 (Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in Int ...)
 	NOT-FOR-US: IntegraXor SCADA Server
 CVE-2012-4699
 	REJECTED
-CVE-2012-4698
+CVE-2012-4698 (Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS  ...)
 	NOT-FOR-US: Siemens RuggedCom Rugged Operating System
-CVE-2012-4697
+CVE-2012-4697 (TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have har ...)
 	NOT-FOR-US: TURCK Programmable Gateway
-CVE-2012-4696
+CVE-2012-4696 (Buffer overflow in Beijer ADP 6.5.0-180_R1967 and 6.5.1-186_R2942, and ...)
 	NOT-FOR-US: Beijer
-CVE-2012-4695
+CVE-2012-4695 (LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR ...)
 	NOT-FOR-US: Rockwell Automation RSLinx Enterprise
-CVE-2012-4694
+CVE-2012-4694 (Moxa EDR-G903 series routers with firmware before 2.11 do not use a su ...)
 	NOT-FOR-US: Moxa EDR-G903
-CVE-2012-4693
+CVE-2012-4693 (Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSui ...)
 	NOT-FOR-US: Invensys Wonderware InTouch
 CVE-2012-4692
 	REJECTED
-CVE-2012-4691
+CVE-2012-4691 (Memory leak in Siemens Automation License Manager (ALM) 4.x and 5.x be ...)
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2012-4690
+CVE-2012-4690 (Rockwell Automation Allen-Bradley MicroLogix controller 1100, 1200, 14 ...)
 	NOT-FOR-US: Rockwell
-CVE-2012-4689
+CVE-2012-4689 (Integer overflow in CimWebServer.exe in GE Intelligent Platforms Profi ...)
 	NOT-FOR-US: Proficy
-CVE-2012-4688
+CVE-2012-4688 (The Central application in i-GEN opLYNX before 2.01.9 allows remote at ...)
 	NOT-FOR-US: Central application in i-GEN opLYNX
-CVE-2012-4687
+CVE-2012-4687 (Post Oak AWAM Bluetooth Reader Traffic System does not use a sufficien ...)
 	NOT-FOR-US: Post Oak
-CVE-2012-4686
+CVE-2012-4686 (SQL injection vulnerability in announcement.php in vBulletin 4.1.10 al ...)
 	NOT-FOR-US: vBulletin
-CVE-2012-4685
+CVE-2012-4685 (Cross-site scripting (XSS) vulnerability in Arbor Networks Peakflow SP ...)
 	NOT-FOR-US: Arbor Networks Peakflow SP
-CVE-2012-4684
+CVE-2012-4684 (The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 suppor ...)
 	- bitcoin 0.7.2-1
-CVE-2012-4683
+CVE-2012-4683 (Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers  ...)
 	- bitcoin 0.7.2-1 (bug #688813)
-CVE-2012-4682
+CVE-2012-4682 (Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers  ...)
 	- bitcoin 0.7.2-1 (bug #688813)
-CVE-2012-4737
+CVE-2012-4737 (channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and ...)
 	{DSA-2550-1}
 	- asterisk 1:1.8.13.1~dfsg-1 (bug #680470)
 CVE-2012-XXXX
 	- juju 0.5.1-2 (bug #685728)
-CVE-2012-4681
+CVE-2012-4681 (Multiple vulnerabilities in the Java Runtime Environment (JRE) compone ...)
 	- openjdk-7 7u3-2.1.2-1
 	- openjdk-6 <not-affected>
-CVE-2012-4680
+CVE-2012-4680 (Directory traversal vulnerability in the XML Server in IOServer before ...)
 	NOT-FOR-US: IOServer
-CVE-2012-4679
+CVE-2012-4679 (Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoo ...)
 	- newscoop <itp> (bug #604113)
-CVE-2012-4678
+CVE-2012-4678 (munin-cgi-graph for Munin 2.0 rc4 does not delete temporary files, whi ...)
 	- munin 2.0~rc6-1 (low; bug #668667)
 	[squeeze] - munin <not-affected> (Only affects 2.x branch)
-CVE-2012-4677
+CVE-2012-4677 (Tunnelblick 3.3beta20 and earlier allows local users to gain privilege ...)
 	NOT-FOR-US: Tunnelblick
-CVE-2012-4676
+CVE-2012-4676 (The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and e ...)
 	NOT-FOR-US: Tunnelblick
-CVE-2012-4675
+CVE-2012-4675 (Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote ...)
 	NOT-FOR-US: PluXml
-CVE-2012-4674
+CVE-2012-4674 (PluXml before 5.1.6 allows remote attackers to obtain the installation ...)
 	NOT-FOR-US: PluXml
-CVE-2012-4673
+CVE-2012-4673 (SQL injection vulnerability in application/controllers/invoice.php in  ...)
 	NOT-FOR-US: Neoinvoice
-CVE-2012-4672
+CVE-2012-4672 (Apple iChat Server does not verify that a request was made for an XMPP ...)
 	NOT-FOR-US: Apple iChat Server
-CVE-2012-4671
+CVE-2012-4671 (psyced before 20120821 does not verify that a request was made for an  ...)
 	NOT-FOR-US: psyced
-CVE-2012-4670
+CVE-2012-4670 (Tigase XMPP Server before 5.1.0 does not verify that a request was mad ...)
 	NOT-FOR-US: Tigase
-CVE-2012-4669
+CVE-2012-4669 (M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify ...)
 	NOT-FOR-US: M-Link
 CVE-2012-4666
 	RESERVED
@@ -5010,23 +5010,23 @@ CVE-2012-4665
 	RESERVED
 CVE-2012-4664
 	RESERVED
-CVE-2012-4663
+CVE-2012-4663 (The DCERPC inspection engine on Cisco Adaptive Security Appliances (AS ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4662
+CVE-2012-4662 (The DCERPC inspection engine on Cisco Adaptive Security Appliances (AS ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4661
+CVE-2012-4661 (Stack-based buffer overflow in the DCERPC inspection engine on Cisco A ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4660
+CVE-2012-4660 (The SIP inspection engine on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4659
+CVE-2012-4659 (The AAA functionality in the IPv4 SSL VPN implementations on Cisco Ada ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4658
+CVE-2012-4658 (The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-4657
 	RESERVED
 CVE-2012-4656
 	RESERVED
-CVE-2012-4655
+CVE-2012-4655 (The WebLaunch feature in Cisco Secure Desktop before 3.6.6020 does not ...)
 	NOT-FOR-US: Cisco Secure Desktop
 CVE-2012-4654
 	RESERVED
@@ -5034,7 +5034,7 @@ CVE-2012-4653
 	RESERVED
 CVE-2012-4652
 	RESERVED
-CVE-2012-4651
+CVE-2012-4651 (Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote att ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-4650
 	RESERVED
@@ -5050,7 +5050,7 @@ CVE-2012-4645
 	RESERVED
 CVE-2012-4644
 	RESERVED
-CVE-2012-4643
+CVE-2012-4643 (The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 serie ...)
 	NOT-FOR-US: Cisco
 CVE-2012-4642
 	RESERVED
@@ -5060,7 +5060,7 @@ CVE-2012-4640
 	RESERVED
 CVE-2012-4639
 	RESERVED
-CVE-2012-4638
+CVE-2012-4638 (Cisco IOS before 15.1(1)SY allows local users to cause a denial of ser ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-4637
 	RESERVED
@@ -5078,7 +5078,7 @@ CVE-2012-4631
 	RESERVED
 CVE-2012-4630
 	RESERVED
-CVE-2012-4629
+CVE-2012-4629 (The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Ad ...)
 	NOT-FOR-US: Cisco ASA
 CVE-2012-4628
 	RESERVED
@@ -5090,104 +5090,104 @@ CVE-2012-4625
 	RESERVED
 CVE-2012-4624
 	RESERVED
-CVE-2012-4623
+CVE-2012-4623 (The DHCPv6 server in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4622
+CVE-2012-4622 (Cisco IOS XE 03.02.00.XO.15.0(2)XO on Catalyst 4500E series switches,  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4621
+CVE-2012-4621 (The Device Sensor feature in Cisco IOS 15.0 through 15.2 allows remote ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4620
+CVE-2012-4620 (Cisco IOS 12.2 and 15.0 through 15.2 on Cisco 10000 series routers, wh ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4619
+CVE-2012-4619 (The NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4618
+CVE-2012-4618 (The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4617
+CVE-2012-4617 (The BGP implementation in Cisco IOS 15.2, IOS XE 3.5.xS before 3.5.2S, ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-4616
+CVE-2012-4616 (Directory traversal vulnerability in the Web UI in EMC Data Protection ...)
 	NOT-FOR-US: EMC Data Protection Advisor
-CVE-2012-4615
+CVE-2012-4615 (EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a hardc ...)
 	NOT-FOR-US: EMC
-CVE-2012-4614
+CVE-2012-4614 (The default configuration of EMC Smarts Network Configuration Manager  ...)
 	NOT-FOR-US: EMC
-CVE-2012-4613
+CVE-2012-4613 (EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 d ...)
 	NOT-FOR-US: EMC RSA Data Protection Manager Appliance
-CVE-2012-4612
+CVE-2012-4612 (Cross-site scripting (XSS) vulnerability in EMC RSA Data Protection Ma ...)
 	NOT-FOR-US: EMC RSA Data Protection Manager Appliance
-CVE-2012-4611
+CVE-2012-4611 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Adaptiv ...)
 	NOT-FOR-US: EMC
-CVE-2012-4610
+CVE-2012-4610 (EMC Avamar Client for VMware 6.1 stores the cleartext server root pass ...)
 	NOT-FOR-US: VMware
-CVE-2012-4609
+CVE-2012-4609 (The web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows ...)
 	NOT-FOR-US: EMC RSA NetWitness Informer
-CVE-2012-4608
+CVE-2012-4608 (Cross-site request forgery (CSRF) vulnerability in the web interface i ...)
 	NOT-FOR-US: EMC RSA NetWitness Informer
-CVE-2012-4607
+CVE-2012-4607 (Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7 ...)
 	NOT-FOR-US: EMC NetWorker
-CVE-2012-4667
+CVE-2012-4667 (Multiple cross-site scripting (XSS) vulnerabilities in SquidClamav 5.x ...)
 	- squidclamav <removed> (bug #685398)
 CVE-2012-4606
 	RESERVED
-CVE-2012-4605
+CVE-2012-4605 (The default configuration of the SMTP component in Websense Email Secu ...)
 	NOT-FOR-US: Websense Email Security
-CVE-2012-4604
+CVE-2012-4604 (The TRITON management console in Websense Web Security before 7.6 Hotf ...)
 	NOT-FOR-US: Websense Web Security
 CVE-2012-4603
 	RESERVED
-CVE-2012-4602
+CVE-2012-4602 (Multiple cross-site scripting (XSS) vulnerabilities in admin/code/tce_ ...)
 	NOT-FOR-US: Nicola Asuni TCExam
-CVE-2012-4601
+CVE-2012-4601 (Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 1 ...)
 	NOT-FOR-US: Nicola Asuni TCExam
-CVE-2012-4600
+CVE-2012-4600 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
 	{DSA-2536-1}
 	- otrs2 3.1.7+dfsg1-5
-CVE-2012-4599
+CVE-2012-4599 (McAfee SmartFilter Administration, and SmartFilter Administration Bess ...)
 	NOT-FOR-US: McAfee SmartFilter Administration
-CVE-2012-4598
+CVE-2012-4598 (An unspecified ActiveX control in McAfee Virtual Technician (MVT) befo ...)
 	NOT-FOR-US: McAfee Virtual Technician
-CVE-2012-4597
+CVE-2012-4597 (Cross-site scripting (XSS) vulnerability in McAfee Email and Web Secur ...)
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4596
+CVE-2012-4596 (Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0  ...)
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2012-4595
+CVE-2012-4595 (McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 throug ...)
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4594
+CVE-2012-4594 (McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows remote auth ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2012-4593
+CVE-2012-4593 (McAfee Application Control and Change Control 5.1.x and 6.0.0 do not e ...)
 	NOT-FOR-US: McAfee Application Control and Change Control
-CVE-2012-4592
+CVE-2012-4592 (The Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 doe ...)
 	NOT-FOR-US: McAfee Enterprise Mobility Manager
-CVE-2012-4591
+CVE-2012-4591 (About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) b ...)
 	NOT-FOR-US: McAfee Enterprise Mobility Manager
-CVE-2012-4590
+CVE-2012-4590 (Multiple cross-site scripting (XSS) vulnerabilities in About.aspx in t ...)
 	NOT-FOR-US: McAfee Enterprise Mobility Manager
-CVE-2012-4589
+CVE-2012-4589 (Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) b ...)
 	NOT-FOR-US: McAfee Enterprise Mobility Manager
-CVE-2012-4588
+CVE-2012-4588 (McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server b ...)
 	NOT-FOR-US: McAfee Enterprise Mobility Manager
-CVE-2012-4587
+CVE-2012-4587 (McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server b ...)
 	NOT-FOR-US: McAfee Enterprise Mobility Manager
-CVE-2012-4586
+CVE-2012-4586 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 bef ...)
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4585
+CVE-2012-4585 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 bef ...)
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4584
+CVE-2012-4584 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 bef ...)
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4583
+CVE-2012-4583 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 bef ...)
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4582
+CVE-2012-4582 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 bef ...)
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4581
+CVE-2012-4581 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 bef ...)
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4580
+CVE-2012-4580 (Cross-site scripting (XSS) vulnerability in McAfee Email and Web Secur ...)
 	NOT-FOR-US: McAfee Email and Web Security
-CVE-2012-4579
+CVE-2012-4579 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5. ...)
 	- phpmyadmin 4:3.4.11.1-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2012-4578
+CVE-2012-4578 (The geli encryption provider 7 before r239184 on FreeBSD 10 uses a wea ...)
 	- freebsd-utils <not-affected> (only affects dev version of 10)
 	NOTE: not sure if the bug is in the userland tool or in the kernel device
-CVE-2012-4577
+CVE-2012-4577 (The Linux firmware image on (1) Korenix Jetport 5600 series serial-dev ...)
 	NOT-FOR-US: Korenix Jetport 5600
 CVE-2012-4576 [freebsd privilege escalation]
 	RESERVED
@@ -5195,144 +5195,144 @@ CVE-2012-4576 [freebsd privilege escalation]
 	- kfreebsd-9 9.0-9 (bug #694097)
 	- kfreebsd-10 10.0~svn252032-1 (bug #694098)
 	[squeeze] - kfreebsd-8 8.1+dfsg-8+squeeze4
-CVE-2012-4575
+CVE-2012-4575 (The add_database function in objects.c in the pgbouncer pooler 1.5.2 f ...)
 	- pgbouncer 1.5.2-4
 	[squeeze] - pgbouncer <no-dsa> (Minor issue)
-CVE-2012-4574
+CVE-2012-4574 (Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions  ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2012-4573
+CVE-2012-4573 (The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (20 ...)
 	- glance 2012.1.1-2 (bug #692641)
-CVE-2012-4572
+CVE-2012-4572 (Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and J ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-4571
+CVE-2012-4571 (Python Keyring 0.9.1 does not securely initialize the cipher when encr ...)
 	- python-keyring 0.9.2-1 (bug #675379)
 	[wheezy] - python-keyring 0.7.1-1+deb7u1
 	[squeeze] - python-keyring <no-dsa> (Minor issue)
-CVE-2012-4570
+CVE-2012-4570 (SQL injection vulnerability in LetoDMS_Core/Core/inc.ClassDMS.php in L ...)
 	- php-letodms-core 3.3.8-1
-CVE-2012-4569
+CVE-2012-4569 (Multiple cross-site scripting (XSS) vulnerabilities in out/out.UsrMgr. ...)
 	- letodms 3.3.9+dfsg-1
-CVE-2012-4568
+CVE-2012-4568 (Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS  ...)
 	- letodms 3.3.9+dfsg-1
-CVE-2012-4567
+CVE-2012-4567 (Multiple cross-site scripting (XSS) vulnerabilities in LetoDMS (former ...)
 	- letodms 3.3.9+dfsg-1
-CVE-2012-4566
+CVE-2012-4566 (The DTLS support in radsecproxy before 1.6.2 does not properly verify  ...)
 	{DSA-2573-1}
 	- radsecproxy 1.6.2-1
-CVE-2012-4565
+CVE-2012-4565 (The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux ...)
 	- linux 3.2.35-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2012-4564
+CVE-2012-4564 (ppm2tiff does not check the return value of the TIFFScanlineSize funct ...)
 	{DSA-2575-1}
 	- tiff3 <not-affected> (The tiff-tools package is only built from the tiff source package)
 	- tiff 4.0.2-5 (bug #692345)
-CVE-2012-4563
+CVE-2012-4563 (Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2 ...)
 	- gwt <removed> (bug #691900)
 	[squeeze] - gwt <not-affected> (Vulnerable code not present)
-CVE-2012-4562
+CVE-2012-4562 (Multiple integer overflows in libssh before 0.5.3 allow remote attacke ...)
 	{DSA-2577-1}
 	- libssh 0.5.3-1
-CVE-2012-4561
+CVE-2012-4561 (The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from ...)
 	{DSA-2577-1}
 	- libssh 0.5.3-1
-CVE-2012-4560
+CVE-2012-4560 (Multiple buffer overflows in libssh before 0.5.3 allow remote attacker ...)
 	- libssh 0.5.3-1
 	[squeeze] - libssh <not-affected> (Vulnerable code not present)
-CVE-2012-4559
+CVE-2012-4559 (Multiple double free vulnerabilities in the (1) agent_sign_data functi ...)
 	{DSA-2577-1}
 	- libssh 0.5.3-1
-CVE-2012-4558
+CVE-2012-4558 (Multiple cross-site scripting (XSS) vulnerabilities in the balancer_ha ...)
 	{DSA-2637-1}
 	- apache2 2.2.22-13 (low)
-CVE-2012-4557
+CVE-2012-4557 (The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2. ...)
 	{DSA-2579-1}
 	- apache2 2.2.22-1
-CVE-2012-4556
+CVE-2012-4556 (The token processing system (pki-tps) in Red Hat Certificate System (R ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2012-4555
+CVE-2012-4555 (The token processing system (pki-tps) in Red Hat Certificate System (R ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2012-4554
+CVE-2012-4554 (The OpenID module in Drupal 7.x before 7.16 allows remote OpenID serve ...)
 	- drupal7 7.14-1.1 (bug #690817)
 	- drupal6 <not-affected> (according to upstream)
 	NOTE: http://drupal.org/node/1815912
-CVE-2012-4553
+CVE-2012-4553 (Drupal 7.x before 7.16 allows remote attackers to obtain sensitive inf ...)
 	- drupal7 7.14-1.1 (bug #690817)
 	- drupal6 <not-affected> (according to upstream)
 	NOTE: http://drupal.org/node/1815912
-CVE-2012-4552
+CVE-2012-4552 (Stack-based buffer overflow in the error function in ssg/ssgParser.cxx ...)
 	- plib 1.8.5-6 (low; bug #694810)
 	[squeeze] - plib <no-dsa> (Minor issue)
-CVE-2012-4551
+CVE-2012-4551 (Use-after-free vulnerability in libunity-webapps before 2.4.1 allows r ...)
 	NOT-FOR-US: libunity-webapps
-CVE-2012-4550
+CVE-2012-4550 (JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before  ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-4549
+CVE-2012-4549 (The processInvocation function in org.jboss.as.ejb3.security.Authoriza ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-4548
+CVE-2012-4548 (Argument injection vulnerability in syntax-highlighting.sh in cgit 9.0 ...)
 	- cgit <not-affected> (Fixed before the initial upload into the archive)
-CVE-2012-4547
+CVE-2012-4547 (Unspecified vulnerability in awredir.pl in AWStats before 7.1 has unkn ...)
 	- awstats <not-affected>
 	NOTE: awredir.pl is not installed into the binary package
-CVE-2012-4546
+CVE-2012-4546 (The default configuration for IPA servers in Red Hat Enterprise Linux  ...)
 	NOT-FOR-US: FreeIPA
-CVE-2012-4545
+CVE-2012-4545 (The http_negotiate_create_context function in protocol/http/http_negot ...)
 	{DSA-2592-1}
 	- elinks 0.12~pre5-9
-CVE-2012-4544
+CVE-2012-4544 (The PV domain builder in Xen 4.2 and earlier does not validate the siz ...)
 	{DSA-2636-1}
 	- xen 4.1.3-4 (low; bug #688125)
-CVE-2012-4543
+CVE-2012-4543 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certifi ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2012-4542
+CVE-2012-4542 (block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly c ...)
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	NOTE: No upstream fix seems to be planned/treated as non-issue. Marking as unimportant
-CVE-2012-4541
+CVE-2012-4541 (Cross-site scripting (XSS) vulnerability in Piwik before 1.9 allows re ...)
 	- piwik <itp> (bug #506933)
-CVE-2012-4540
+CVE-2012-4540 (Off-by-one error in the invoke function in IcedTeaScriptablePluginObje ...)
 	{DSA-2768-1}
 	- icedtea-web 1.3.1-1 (bug #692608)
 	NOTE: http://seclists.org/oss-sec/2012/q4/237
-CVE-2012-4539
+CVE-2012-4539 (Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hyper ...)
 	{DSA-2582-1}
 	- xen 4.1.3-4
-CVE-2012-4538
+CVE-2012-4538 (The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not  ...)
 	{DSA-2582-1}
 	- xen 4.1.3-4
-CVE-2012-4537
+CVE-2012-4537 (Xen 3.4 through 4.2, and possibly earlier versions, does not properly  ...)
 	{DSA-2582-1}
 	- xen 4.1.3-4
-CVE-2012-4536
+CVE-2012-4536 (The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in  ...)
 	- xen 4.1.3-4
 	[squeeze] - xen <not-affected> (Only affects 4.1.x)
-CVE-2012-4535
+CVE-2012-4535 (Xen 3.4 through 4.2, and possibly earlier versions, allows local guest ...)
 	{DSA-2582-1}
 	- xen 4.1.3-4
-CVE-2012-4534
+CVE-2012-4534 (org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x befor ...)
 	- tomcat7 7.0.28-1 (bug #695251)
 	- tomcat6 6.0.35-6 (bug #695250)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
-CVE-2012-4533
+CVE-2012-4533 (Cross-site scripting (XSS) vulnerability in the "extra" details in the ...)
 	{DSA-2563-1}
 	- viewvc 1.1.5-1.4 (low; bug #691062)
-CVE-2012-4532
+CVE-2012-4532 (Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl ...)
 	NOT-FOR-US: Joomla addon
-CVE-2012-4531
+CVE-2012-4531 (Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-4530
+CVE-2012-4530 (The load_script function in fs/binfmt_script.c in the Linux kernel bef ...)
 	- linux 3.2.35-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2012-4529
+CVE-2012-4529 (The org.apache.catalina.connector.Response.encodeURL method in Red Hat ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-4528
+CVE-2012-4528 (The mod_security2 module before 2.7.0 for the Apache HTTP Server allow ...)
 	- modsecurity-apache 2.6.6-5 (bug #691146)
 	- libapache-mod-security <removed>
 	[squeeze] - libapache-mod-security <no-dsa> (Minor issue)
-CVE-2012-4527
+CVE-2012-4527 (Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-as ...)
 	- mcrypt 2.6.8-1.3 (unimportant; bug #690924)
 	NOTE: patch proposed by submitter at RH bugzilla is incorrect
 	NOTE: Only occurs in cmdline parsing, no priv escalation. Only a security issue in constructed setups
@@ -5347,38 +5347,38 @@ CVE-2012-4525 [XSS in password.php]
 CVE-2012-4524 [xlockmore bypass]
 	RESERVED
 	- xlockmore <removed> (low)
-CVE-2012-4523
+CVE-2012-4523 (radsecproxy before 1.6.1 does not properly verify certificates when th ...)
 	{DSA-2573-1}
 	- radsecproxy 1.6.2-1
-CVE-2012-4522
+CVE-2012-4522 (The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlev ...)
 	{DLA-235-1}
 	- ruby1.8 <not-affected> (Only affects 1.9.x, see bug #690670)
 	- ruby1.9.1 1.9.3.194-3 (bug #690670)
 CVE-2012-4521 [rejected dupe assignment]
 	REJECTED
-CVE-2012-4520
+CVE-2012-4520 (The django.http.HttpRequest.get_host function in Django 1.3.x before 1 ...)
 	{DSA-2634-1}
 	- python-django 1.4.2-1 (bug #691145)
 CVE-2012-4519
 	RESERVED
 	NOT-FOR-US: Zenphoto
-CVE-2012-4518
+CVE-2012-4518 (ibacm 1.0.7 creates files with world-writable permissions, which allow ...)
 	NOT-FOR-US: ibacm
-CVE-2012-4517
+CVE-2012-4517 (ibacm before 1.0.6 does not properly manage reference counts for multi ...)
 	NOT-FOR-US: ibacm
-CVE-2012-4516
+CVE-2012-4516 (librdmacm 1.0.16, when ibacm.port is not specified, connects to port 6 ...)
 	- librdmacm 1.0.16-1 (bug #690672)
 	[squeeze] - librdmacm <not-affected> (Introduced in 1.0.12)
 	[wheezy] - librdmacm 1.0.15-1+deb7u1
-CVE-2012-4515
+CVE-2012-4515 (Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in ...)
 	- kdebase <removed> (unimportant)
 	- kde-baseapps <unfixed> (unimportant)
 	NOTE: Konqueror not supported security-wise
-CVE-2012-4514
+CVE-2012-4514 (rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows  ...)
 	- kdebase <removed> (unimportant)
 	- kde-baseapps <unfixed> (unimportant)
 	NOTE: Konqueror not supported security-wise
-CVE-2012-4513
+CVE-2012-4513 (khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remot ...)
 	- kdebase <removed> (unimportant)
 	- kde-baseapps <unfixed> (unimportant)
 	NOTE: Konqueror not supported security-wise
@@ -5387,190 +5387,190 @@ CVE-2012-4512
 	- kdebase <removed> (unimportant)
 	- kde-baseapps <unfixed> (unimportant)
 	NOTE: Konqueror not supported security-wise
-CVE-2012-4511
+CVE-2012-4511 (services/flickr/flickr.c in libsocialweb before 0.25.21 automatically  ...)
 	- libsocialweb 0.25.20-3.1 (low; bug #690675)
 	[wheezy] - libsocialweb 0.25.20-2.1
-CVE-2012-4510
+CVE-2012-4510 (cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile ...)
 	{DSA-2562-1}
 	- cups-pk-helper 0.2.3-1
 CVE-2012-4509
 	RESERVED
-CVE-2012-4508
+CVE-2012-4508 (Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16  ...)
 	{DSA-2668-1}
 	- linux 3.2.35-1
 	- linux-2.6 <removed>
-CVE-2012-4507
+CVE-2012-4507 (The strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 ...)
 	- claws-mail 3.8.1-2 (low; bug #690151)
 	[squeeze] - claws-mail 3.7.6-4+squeeze1
 	NOTE: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2743
 	NOTE: www.thewildbeast.co.uk/claws-mail/bugzilla/attachment.cgi?id=1165
-CVE-2012-4506
+CVE-2012-4506 (Directory traversal vulnerability in gitolite 3.x before 3.1, when wil ...)
 	- gitolite <not-affected> (Only affects 3.x releases)
 	NOTE: https://groups.google.com/forum/#!topic/gitolite/K9SnQNhCQ-0/discussion
 	NOTE: https://github.com/sitaramc/gitolite/commit/f636ce3ba3e340569b26d1e47b9d9b62dd8a3bf2
-CVE-2012-4505
+CVE-2012-4505 (Heap-based buffer overflow in the px_pac_reload function in lib/pac.c  ...)
 	{DSA-2571-1}
 	- libproxy 0.3.1-5.1 (bug #690376)
-CVE-2012-4504
+CVE-2012-4504 (Stack-based buffer overflow in the url::get_pac function in url.cpp in ...)
 	- libproxy <not-affected> (Vulnerable code not present)
 	NOTE: 0.4-only issue, fixed in newest upstream 0.4.9
-CVE-2012-4503
+CVE-2012-4503 (cmdmon.c in Chrony before 1.29 allows remote attackers to obtain poten ...)
 	{DSA-2760-1}
 	- chrony 1.29-1 (bug #719203)
-CVE-2012-4502
+CVE-2012-4502 (Multiple integer overflows in pktlength.c in Chrony before 1.29 allow  ...)
 	{DSA-2760-1}
 	- chrony 1.29-1 (bug #719203)
-CVE-2012-4501
+CVE-2012-4501 (Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows ...)
 	NOT-FOR-US: CloudStack
-CVE-2012-4500
+CVE-2012-4500 (The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows remo ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4499
+CVE-2012-4499 (The contact formatter page in the Email Field module 6.x-1.x before 6. ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4498
+CVE-2012-4498 (The Activism module 6.x-2.x before 6.x-2.1 for Drupal does not properl ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4497
+CVE-2012-4497 (Cross-site scripting (XSS) vulnerability in the "3 slide gallery" in t ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4496
+CVE-2012-4496 (Cross-site scripting (XSS) vulnerability in the Custom Publishing Opti ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4495
+CVE-2012-4495 (The Mime Mail module 6.x-1.x before 6.x-1.1 for Drupal does not proper ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4494
+CVE-2012-4494 (The Shibboleth authentication module 7.x-4.0 for Drupal does not prope ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4493
+CVE-2012-4493 (Cross-site scripting (XSS) vulnerability in the administrative interfa ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4492
+CVE-2012-4492 (Multiple cross-site scripting (XSS) vulnerabilities in the Shorten URL ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4491
+CVE-2012-4491 (The Monthly Archive by Node Type module 6.x for Drupal does not proper ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4490
+CVE-2012-4490 (Multiple cross-site scripting (XSS) vulnerabilities in the Excluded Us ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4489
+CVE-2012-4489 (Open redirect vulnerability in the securelogin_secure_redirect functio ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4488
+CVE-2012-4488 (The Location module 6.x before 6.x-3.2 and 7.x before 7.x-3.0-alpha1 f ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4487
+CVE-2012-4487 (The Subuser module before 6.x-1.8 for Drupal does not properly check " ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4486
+CVE-2012-4486 (Cross-site request forgery (CSRF) vulnerability in the Subuser module  ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4485
+CVE-2012-4485 (Multiple cross-site scripting (XSS) vulnerabilities in the galleryform ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4484
+CVE-2012-4484 (Cross-site scripting (XSS) vulnerability in the administrative interfa ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4483
+CVE-2012-4483 (The commons_discussion_views_default_views function in modules/feature ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4482
+CVE-2012-4482 (The Ubercart SecureTrading Payment Method module 6.x for Drupal does n ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2012-4481
+CVE-2012-4481 (The safe-level feature in Ruby 1.8.7 allows context-dependent attacker ...)
 	- ruby1.8 1.8.7.358-5 (bug #689945)
 	[squeeze] - ruby1.8 <not-affected> (problematic code not present)
 CVE-2012-4480
 	RESERVED
 	NOT-FOR-US: mom
-CVE-2012-4479
+CVE-2012-4479 (SQL injection vulnerability in the Drag &amp; Drop Gallery module 6.x  ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4478
+CVE-2012-4478 (Cross-site request forgery (CSRF) vulnerability in the Drag &amp; Drop ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4477
+CVE-2012-4477 (Unspecified vulnerability in the Drag &amp; Drop Gallery module 6.x fo ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4476
+CVE-2012-4476 (Cross-site scripting (XSS) vulnerability in the Drag &amp; Drop Galler ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4475
+CVE-2012-4475 (The Security Questions module for Drupal 6.x-1.x before 6.x-1.1 and 7. ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4474
+CVE-2012-4474 (Multiple cross-site scripting (XSS) vulnerabilities in the Colorbox No ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4473
+CVE-2012-4473 (The Restrict node page view module 7.x-1.x before 7.x-1.2 for Drupal a ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4472
+CVE-2012-4472 (Unrestricted file upload vulnerability in upload.php in the Drag &amp; ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4471
+CVE-2012-4471 (The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does  ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4470
+CVE-2012-4470 (The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not prop ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4469
+CVE-2012-4469 (Cross-site scripting (XSS) vulnerability in the Hashcash module 6.x-2. ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4468
+CVE-2012-4468 (Cross-site scripting (XSS) vulnerability in the Privatemsg module 7.x- ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-4467
+CVE-2012-4467 (The (1) do_siocgstamp and (2) do_siocgstampns functions in net/socket. ...)
 	- linux-2.6 <not-affected> (Vulnerable code introduced in 3.3)
 	- linux <not-affected> (Vulnerable code introduced in 3.3)
-CVE-2012-4466
+CVE-2012-4466 (Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 ...)
 	- ruby1.9.1 1.9.3.194-2 (low; bug #689075)
 	[squeeze] - ruby1.9.1 <not-affected> (Minor issue, please recheck)
-CVE-2012-4465
+CVE-2012-4465 (Heap-based buffer overflow in the substr function in parsing.c in cgit ...)
 	- cgit <not-affected> (Fixed before the initial upload into the archive)
-CVE-2012-4464
+CVE-2012-4464 (Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows ...)
 	- ruby1.9.1 1.9.3.194-2 (low; bug #689075)
 	[squeeze] - ruby1.9.1 <not-affected> (Introduced in 1.9.3)
-CVE-2012-4463
+CVE-2012-4463 (Midnight Commander (mc) 4.8.5 does not properly handle the (1) MC_EXT_ ...)
 	- mc 3:4.8.8-1 (low; bug #689571)
 	[wheezy] - mc <no-dsa> (Minor issue)
 	[squeeze] - mc <no-dsa> (Minor issue)
-CVE-2012-4462
+CVE-2012-4462 (aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, ...)
 	- condor <not-affected> (This bug only affects the Aviary contrib module, which isn't built in the Debian condor package, #690556)
-CVE-2012-4461
+CVE-2012-4461 (The KVM subsystem in the Linux kernel before 3.6.9, when running on ho ...)
 	{DSA-2668-1}
 	- linux-2.6 <removed>
 	- linux 3.2.35-1
-CVE-2012-4460
+CVE-2012-4460 (The serializing/deserializing functions in the qpid::framing::Buffer c ...)
 	- qpid-cpp <removed> (low; bug #772794)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
-CVE-2012-4459
+CVE-2012-4459 (Integer overflow in the qpid::framing::Buffer::checkAvailable function ...)
 	- qpid-cpp <removed> (low; bug #772794)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
-CVE-2012-4458
+CVE-2012-4458 (The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote at ...)
 	- qpid-cpp <removed> (low; bug #772794)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
-CVE-2012-4457
+CVE-2012-4457 (OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-3 do ...)
 	- keystone 2012.1.1-9 (bug #689210)
-CVE-2012-4456
+CVE-2012-4456 (The (1) OS-KSADM/services and (2) tenant APIs in OpenStack Keystone Es ...)
 	- keystone 2012.1.1-9 (bug #689210)
-CVE-2012-4455
+CVE-2012-4455 (openCryptoki 2.4.1 allows local users to create or set world-writable  ...)
 	- opencryptoki 3.4.1+dfsg-1 (low; bug #689417)
 	[jessie] - opencryptoki <no-dsa> (Minor issue)
 	[squeeze] - opencryptoki <no-dsa> (Minor issue)
 	[wheezy] - opencryptoki <no-dsa> (Minor issue)
-CVE-2012-4454
+CVE-2012-4454 (openCryptoki before 2.4.1, when using spinlocks, allows local users to ...)
 	- opencryptoki 3.4.1+dfsg-1 (low; bug #689417)
 	[jessie] - opencryptoki <no-dsa> (Minor issue)
 	[squeeze] - opencryptoki <no-dsa> (Minor issue)
 	[wheezy] - opencryptoki <no-dsa> (Minor issue)
-CVE-2012-4453
+CVE-2012-4453 (dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16  ...)
 	- dracut 020-1.1 (low; bug #688956)
 	[squeeze] - dracut <no-dsa> (Minor issue)
-CVE-2012-4452
+CVE-2012-4452 (MySQL 5.0.88, and possibly other versions and platforms, allows local  ...)
 	- mysql-dfsg-5.0 <not-affected> (Debian never included that 5.0.88 release)
 CVE-2012-4451 [php-ZendFramework: XSS vectors in multiple Zend Framework components ZF2012-03]
 	RESERVED
 	- zendframework <not-affected> (Vulnerable code introduced in 2.x, #688946)
-CVE-2012-4450
+CVE-2012-4450 (389 Directory Server 1.2.10 does not properly update the ACL when a DN ...)
 	- 389-ds-base 1.2.11.15-1 (bug #688942)
 	NOTE: Upstream ticket https://fedorahosted.org/389/ticket/340
 	NOTE: Upstream patch http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09
-CVE-2012-4449
+CVE-2012-4449 (Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 ge ...)
 	- hadoop <itp> (bug #793644)
-CVE-2012-4448
+CVE-2012-4448 (Cross-site request forgery (CSRF) vulnerability in wp-admin/index.php  ...)
 	- wordpress 3.5.1+dfsg-2 (low; bug #689031)
 	[squeeze] - wordpress <no-dsa> (Minor issue)
 	[wheezy] - wordpress <no-dsa> (Minor issue)
-CVE-2012-4447
+CVE-2012-4447 (Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 a ...)
 	{DSA-2561-1}
 	- tiff 4.0.2-4 (bug #688944)
 	- tiff3 3.9.6-9 (bug #688944)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=860198
-CVE-2012-4446
+CVE-2012-4446 (The default configuration for Apache Qpid 0.20 and earlier, when the f ...)
 	- qpid-cpp <removed> (low; bug #772794)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
-CVE-2012-4445
+CVE-2012-4445 (Heap-based buffer overflow in the eap_server_tls_process_fragment func ...)
 	{DSA-2557-1}
 	- hostapd <removed>
 	- wpa 1.0-3 (bug #689990)
-CVE-2012-4444
+CVE-2012-4444 (The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kern ...)
 	- linux 2.6.36-1~experimental.1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2012-4443
+CVE-2012-4443 (Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of roo ...)
 	- monkey <removed> (unimportant; bug #688008)
-CVE-2012-4442
+CVE-2012-4442 (Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the ro ...)
 	- monkey <removed> (unimportant; bug #688007)
 CVE-2012-4441 [jenkins XSS in CI game plugin]
 	RESERVED
@@ -5588,7 +5588,7 @@ CVE-2012-4438 [jenkins remote code execution]
 	RESERVED
 	- jenkins 1.447.2+dfsg-2 (bug #688298)
 	NOTE: http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
-CVE-2012-4437
+CVE-2012-4437 (Cross-site scripting (XSS) vulnerability in the SmartyException class  ...)
 	- smarty3 3.1.10-2 (bug #688153)
 	- smarty <removed> (bug #702710)
 	[squeeze] - smarty 2.6.26-0.2+squeeze1
@@ -5598,13 +5598,13 @@ CVE-2012-4437
 	NOTE: http://code.google.com/p/smarty-php/source/browse/trunk/distribution/change_log.txt
 	NOTE: http://code.google.com/p/smarty-php/source/detail?r=4658
 	NOTE: https://code.google.com/p/smarty-php/source/detail?r=4660
-CVE-2012-4436
+CVE-2012-4436 (Buffer overflow in the run_last_args function in client/fwknop.c in fw ...)
 	- fwknop 2.0.3-1 (bug #688151)
 	[squeeze] - fwknop <not-affected> (Vulnerable code not present)
 	[wheezy] - fwknop 2.0.0rc2-2+deb7u1
 	NOTE: http://seclists.org/oss-sec/2012/q3/509
 	NOTE: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=a60f05ad44e824f6230b22f8976399340cb535dc
-CVE-2012-4435
+CVE-2012-4435 (fwknop before 2.0.3 does not properly validate IP addresses, which all ...)
 	- fwknop 2.0.3-1 (bug #688151)
 	[squeeze] - fwknop <not-affected> (Vulnerable code not present)
 	[wheezy] - fwknop 2.0.0rc2-2+deb7u1
@@ -5617,23 +5617,23 @@ CVE-2012-4434 [fwknop 2.0.3: multiple DoS / code execution flaw]
 	[wheezy] - fwknop 2.0.0rc2-2+deb7u1
 	NOTE: http://seclists.org/oss-sec/2012/q3/509
 	NOTE: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=d46ba1c027a11e45821ba897a4928819bccc8f22
-CVE-2012-4433
+CVE-2012-4433 (Multiple integer overflows in operations/external/ppm-load.c in GEGL ( ...)
 	- gegl 0.2.0-2+nmu1 (bug #692435)
 	[squeeze] - gegl <not-affected> (PPM code not yet present)
 	NOTE: http://seclists.org/oss-sec/2012/q4/215
-CVE-2012-4432
+CVE-2012-4432 (Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x be ...)
 	- optipng <not-affected> (Introduced in 0.7, bug #687998)
-CVE-2012-4431
+CVE-2012-4431 (org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat ...)
 	- tomcat7 7.0.28-4 (bug #695251)
 	- tomcat6 6.0.35-6 (bug #695250)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
-CVE-2012-4430
+CVE-2012-4430 (The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 ...)
 	{DSA-2558-1}
 	- bacula 5.2.6+dfsg-4 (bug #687923)
 	[wheezy] - bacula 5.2.6+dfsg-2.1
 	NOTE: http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905
-CVE-2012-4429
+CVE-2012-4429 (Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read cl ...)
 	- vino 3.8.1-1 (bug #687596; low)
 	[squeeze] - vino <no-dsa> (Minor issue)
 	[wheezy] - vino <no-dsa> (Minor issue)
@@ -5643,142 +5643,142 @@ CVE-2012-4428
 	- openslp-dfsg 1.2.1-10 (bug #687597; low)
 	[squeeze] - openslp-dfsg <no-dsa> (Minor issue)
 	[wheezy] - openslp-dfsg <no-dsa> (Minor issue)
-CVE-2012-4427
+CVE-2012-4427 (The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force ...)
 	- gnome-shell <unfixed> (unimportant)
 	NOTE: I don't see much of a problem here, if you install from a repo, you need to trust it
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=684215
 	NOTE: As far as I can see there is still a yes/no prompt for the user. I suggest unfixed unimportant. -- helmut
-CVE-2012-4426
+CVE-2012-4426 (Multiple format string vulnerabilities in mcrypt 2.6.8 and earlier mig ...)
 	- mcrypt 2.6.8-1.1
 	[squeeze] - mcrypt <no-dsa> (minor issue, it doesn't affect libmcrypt)
-CVE-2012-4425
+CVE-2012-4425 (libgio, when used in setuid or other privileged programs in spice-gtk  ...)
 	- spice-gtk 0.12-5 (bug #689155)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/13/18
-CVE-2012-4424
+CVE-2012-4424 (Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library ...)
 	{DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.17-94 (low; bug #689423)
 	[wheezy] - eglibc 2.13-38+deb7u1
-CVE-2012-4423
+CVE-2012-4423 (The virNetServerProgramDispatchCall function in libvirt before 0.10.2  ...)
 	- libvirt 0.9.12-5 (bug #687598)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=857133
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/13/11
-CVE-2012-4422
+CVE-2012-4422 (wp-admin/plugins.php in WordPress before 3.4.2, when the multisite fea ...)
 	- wordpress 3.4.2+dfsg-1
-CVE-2012-4421
+CVE-2012-4421 (The create_post function in wp-includes/class-wp-atom-server.php in Wo ...)
 	- wordpress 3.4.2+dfsg-1
 CVE-2012-4420 [Duplicate of CVE-2012-4416]
 	RESERVED
 	NOT-FOR-US: Duplicate of CVE-2012-4416
-CVE-2012-4419
+CVE-2012-4419 (The compare_tor_addr_to_addr_policy function in or/policies.c in Tor b ...)
 	{DSA-2548-1}
 	- tor 0.2.3.22-rc-1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/12/5
 	NOTE: https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ReleaseNotes
 	NOTE: https://gitweb.torproject.org/tor.git/commitdiff/973c18bf0e84d14d8006a9ae97fde7f7fb97e404
 	NOTE: https://gitweb.torproject.org/tor.git/commitdiff/62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5
-CVE-2012-4418
+CVE-2012-4418 (Apache Axis2 allows remote attackers to forge messages and bypass auth ...)
 	NOT-FOR-US: We only provide Axis 1(Java) and the C-version of Axis
-CVE-2012-4417
+CVE-2012-4417 (GlusterFS 3.3.0, as used in Red Hat Storage server 2.0, allows local u ...)
 	- glusterfs 3.2.7-5 (low; bug #693112)
 	[wheezy] - glusterfs <no-dsa> (Minor issue)
 	[squeeze] - glusterfs <no-dsa> (Minor issue)
-CVE-2012-4416
+CVE-2012-4416 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
-CVE-2012-4415
+CVE-2012-4415 (Stack-based buffer overflow in the guac_client_plugin_open function in ...)
 	- libguac 0.6.0-2 (medium)
 	NOTE: maintainer contacted us, working on update
 	NOTE: http://guac-dev.org/trac/changeset/7dcefa744b4a38825619c00ae8b47e5bae6e38c0/libguac
-CVE-2012-4414
+CVE-2012-4414 (Multiple SQL injection vulnerabilities in the replication code in Orac ...)
 	- mysql-5.1 5.1.72-1 (low; bug #687484)
 	[squeeze] - mysql-5.1 <no-dsa> (Minor issue, currently not fixed in MySQL, can be included once fixed in 5.1.x)
 	- mysql-5.5 5.5.30+dfsg-1 (bug #687485)
-CVE-2012-4413
+CVE-2012-4413 (OpenStack Keystone 2012.1.3 does not invalidate existing tokens when g ...)
 	- keystone 2012.1.1-6 (bug #687428)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/12/7
-CVE-2012-4412
+CVE-2012-4412 (Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc ...)
 	{DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.17-94 (low; bug #687530)
 	[wheezy] - eglibc 2.13-38+deb7u1
-CVE-2012-4411
+CVE-2012-4411 (The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest ad ...)
 	{DSA-2543-1}
 	- xen 4.1.3-2
 	- xen-qemu-dm-4.0 <removed>
 	[squeeze] - xen <not-affected> (In Squeeze the code is in the package xen-qemu-dm-4.0)
-CVE-2012-4409
+CVE-2012-4409 (Stack-based buffer overflow in the check_file_head function in extra.c ...)
 	- mcrypt 2.6.8-1.1
 	[squeeze] - mcrypt <no-dsa> (minor issue, it doesn't affect libmcrypt)
 	NOTE: http://packetstormsecurity.org/files/116268/mcrypt-2.6.8-Buffer-Overflow-Proof-Of-Concept.html
-CVE-2012-4408
+CVE-2012-4408 (course/reset.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and ...)
 	- moodle 2.2.3.dfsg-2.3 (low; bug #687924)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-4407
+CVE-2012-4407 (lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and  ...)
 	- moodle 2.2.3.dfsg-2.3 (low; bug #687924)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-4406
+CVE-2012-4406 (OpenStack Object Storage (swift) before 1.7.0 uses the loads function  ...)
 	- swift 1.4.8-2 (bug #686812)
-CVE-2012-4405
+CVE-2012-4405 (Multiple integer underflows in the icmLut_allocate function in Interna ...)
 	{DSA-2595-1}
 	- argyll 1.4.0-7 (bug #687275)
 	[squeeze] - argyll <no-dsa> (Only standalone binary in squeeze, minor impact)
 	- ghostscript 9.05~dfsg-6.1 (bug #687274)
-CVE-2012-4404
+CVE-2012-4404 (security/__init__.py in MoinMoin 1.9 through 1.9.4 does not properly h ...)
 	{DSA-2538-1}
 	- moin 1.9.4-8
 	NOTE: http://hg.moinmo.in/moin/1.9/rev/7b9f39289e16
-CVE-2012-4403
+CVE-2012-4403 (theme/yui_combo.php in Moodle 2.3.x before 2.3.2 does not properly con ...)
 	- moodle <not-affected> (Only affects >= 2.3)
-CVE-2012-4402
+CVE-2012-4402 (webservice/lib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, a ...)
 	- moodle 2.2.3.dfsg-2.3 (bug #687924)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-4401
+CVE-2012-4401 (Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authent ...)
 	- moodle 2.2.3.dfsg-2.3 (low; bug #687924)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.2)
-CVE-2012-4400
+CVE-2012-4400 (repository/repository_ajax.php in Moodle 2.2.x before 2.2.5 and 2.3.x  ...)
 	- moodle 2.2.3.dfsg-2.3 (low; bug #687924)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.2)
-CVE-2012-4399
+CVE-2012-4399 (The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 all ...)
 	- cakephp <not-affected> (Does not affect 1.3)
 	NOTE: http://seclists.org/bugtraq/2012/Jul/101
 	NOTE: http://web.archive.org/web/20140822011643/http://bakery.cakephp.org:80/articles/markstory/2012/07/14/security_release_-_cakephp_2_1_5_2_2_1
-CVE-2012-4398
+CVE-2012-4398 (The __request_module function in kernel/kmod.c in the Linux kernel bef ...)
 	- linux 3.2.35-1 (low)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2012-4397
+CVE-2012-4397 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
 	- owncloud 4.0.1debian-1
-CVE-2012-4396
+CVE-2012-4396 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
 	- owncloud 4.0.2debian-1
-CVE-2012-4395
+CVE-2012-4395 (Cross-site scripting (XSS) vulnerability in index.php in ownCloud befo ...)
 	- owncloud 4.0.3debian-1
-CVE-2012-4394
+CVE-2012-4394 (Cross-site scripting (XSS) vulnerability in apps/files/js/filelist.js  ...)
 	- owncloud 4.0.5debian-1 (bug #686567)
 	[wheezy] - owncloud 4.0.4debian2-2
-CVE-2012-4393
+CVE-2012-4393 (Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud ...)
 	- owncloud 4.0.7debian-1 (bug #686567)
 	[wheezy] - owncloud 4.0.4debian2-2
-CVE-2012-4392
+CVE-2012-4392 (index.php in ownCloud 4.0.7 does not properly validate the oc_token co ...)
 	- owncloud 4.0.7debian-1 (bug #686567)
 	[wheezy] - owncloud 4.0.4debian2-2
-CVE-2012-4391
+CVE-2012-4391 (Cross-site request forgery (CSRF) vulnerability in core/ajax/appconfig ...)
 	- owncloud 4.0.7debian-1 (bug #686567)
 	[wheezy] - owncloud 4.0.4debian2-2
-CVE-2012-4390
+CVE-2012-4390 ((1) apps/calendar/appinfo/remote.php and (2) apps/contacts/appinfo/rem ...)
 	- owncloud 4.0.7debian-1 (bug #686567)
 	[wheezy] - owncloud 4.0.4debian2-2
-CVE-2012-4389
+CVE-2012-4389 (Incomplete blacklist vulnerability in lib/migrate.php in ownCloud befo ...)
 	- owncloud 4.0.7debian-1 (bug #686567)
 	[wheezy] - owncloud 4.0.4debian2-2
-CVE-2012-4388
+CVE-2012-4388 (The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4 ...)
 	- php5 5.4.1~rc1-1
 	[squeeze] - php5 <not-affected> (CVE-2011-1398 was never fixed in squeeze)
-CVE-2012-4387
+CVE-2012-4387 (Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a d ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
 	NOTE: http://struts.apache.org/2.x/docs/s2-011.html
-CVE-2012-4386
+CVE-2012-4386 (The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does no ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
 	NOTE: http://struts.apache.org/2.x/docs/s2-010.html
 CVE-2012-4385 [letodms CSRF]
@@ -5790,7 +5790,7 @@ CVE-2012-4384 [letodms XSS]
 CVE-2012-4383
 	RESERVED
 	NOT-FOR-US: Contao
-CVE-2012-4382
+CVE-2012-4382 (MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly pr ...)
 	- mediawiki 1:1.19.2-1 (bug #686330)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39823
@@ -5801,22 +5801,22 @@ CVE-2012-4381 [Passwords were stored in local DB even if auth systems like LDAP
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39184
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/31/6
-CVE-2012-4380
+CVE-2012-4380 (MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attack ...)
 	- mediawiki 1:1.19.2-1 (bug #686330)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39824
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/31/6
-CVE-2012-4379
+CVE-2012-4379 (MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a rest ...)
 	- mediawiki 1:1.19.2-1 (bug #686330)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39180
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/31/6
-CVE-2012-4378
+CVE-2012-4378 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki befor ...)
 	- mediawiki 1:1.19.2-1 (bug #686330)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=37587
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/31/6
-CVE-2012-4377
+CVE-2012-4377 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.18.5 an ...)
 	- mediawiki 1:1.19.2-1 (bug #686330)
 	[squeeze] - mediawiki <not-affected> (Introduced in 1.16)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39700
@@ -5841,93 +5841,93 @@ CVE-2012-4368
 	RESERVED
 CVE-2012-4367
 	RESERVED
-CVE-2012-4366
+CVE-2012-4366 (Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v ...)
 	NOT-FOR-US: Belkin wireless routers
 CVE-2012-4365
 	RESERVED
 CVE-2012-4364
 	RESERVED
-CVE-2012-4363
+CVE-2012-4363 (Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 al ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4362
+CVE-2012-4362 (hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has  ...)
 	NOT-FOR-US: HP Virtual SAN Appliance
-CVE-2012-4361
+CVE-2012-4361 (lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN  ...)
 	NOT-FOR-US: HP Virtual SAN Appliance
-CVE-2012-4360
+CVE-2012-4360 (Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0 ...)
 	NOT-FOR-US: mod_pagespeed
-CVE-2012-4359
+CVE-2012-4359 (Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA b ...)
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4358
+CVE-2012-4358 (Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA b ...)
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4357
+CVE-2012-4357 (Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 an ...)
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4356
+CVE-2012-4356 (Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog  ...)
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4355
+CVE-2012-4355 (TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and ...)
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4354
+CVE-2012-4354 (TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and ...)
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4353
+CVE-2012-4353 (Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pr ...)
 	NOT-FOR-US: Sielco Sistemi Winlog SCADA
-CVE-2012-4352
+CVE-2012-4352 (Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNe ...)
 	NOT-FOR-US: Stoneware webNetwork
-CVE-2012-4351
+CVE-2012-4351 (Integer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encry ...)
 	NOT-FOR-US: Symantec
-CVE-2012-4350
+CVE-2012-4350 (Multiple unquoted Windows search path vulnerabilities in the (1) Manag ...)
 	NOT-FOR-US: Symantec Enterprise Security Manager
-CVE-2012-4349
+CVE-2012-4349 (Unquoted Windows search path vulnerability in Symantec Network Access  ...)
 	NOT-FOR-US: Symantec Network Access Control
-CVE-2012-4348
+CVE-2012-4348 (The management console in Symantec Endpoint Protection (SEP) 11.0 befo ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2012-4347
+CVE-2012-4347 (Multiple directory traversal vulnerabilities in the management console ...)
 	NOT-FOR-US: Symantec
 CVE-2012-4346
 	RESERVED
-CVE-2012-4345
+CVE-2012-4345 (Multiple cross-site scripting (XSS) vulnerabilities in the Database St ...)
 	- phpmyadmin 4:3.4.11.1-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2012-4344
+CVE-2012-4344 (Cross-site scripting (XSS) vulnerability in Ipswitch WhatsUp Gold 15.0 ...)
 	NOT-FOR-US: Ipswitch
-CVE-2012-4343
+CVE-2012-4343 (Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow a ...)
 	- gallery3 <itp> (bug #511715)
-CVE-2012-4342
+CVE-2012-4342 (Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 befor ...)
 	- gallery3 <itp> (bug #511715)
-CVE-2012-4341
+CVE-2012-4341 (Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeav ...)
 	NOT-FOR-US: SAP NetWeaver ABAP
-CVE-2012-4340
+CVE-2012-4340 (Cross-site scripting (XSS) vulnerability in Sybase EAServer before 6.1 ...)
 	NOT-FOR-US: Sybase
 CVE-2012-4339
 	RESERVED
 CVE-2012-4338
 	RESERVED
-CVE-2012-4337
+CVE-2012-4337 (Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote atta ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2012-4336
+CVE-2012-4336 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Fl ...)
 	NOT-FOR-US: Flogr 2.5.6
-CVE-2012-4335
+CVE-2012-4335 (Samsung NET-i viewer 1.37.120316 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Samsung NET-i
-CVE-2012-4334
+CVE-2012-4334 (The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) STWCo ...)
 	NOT-FOR-US: Samsung NET-i
-CVE-2012-4333
+CVE-2012-4333 (Multiple stack-based buffer overflows in the BackupToAvi method in the ...)
 	NOT-FOR-US: Samsung NET-i
-CVE-2012-4332
+CVE-2012-4332 (The ShareYourCart plugin 1.7.1 for WordPress allows remote attackers t ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-4331
+CVE-2012-4331 (Multiple unspecified vulnerabilities in SPIP before 1.9.2.o, 2.0.x bef ...)
 	{DSA-2461-1}
 	- spip 2.1.13-1
-CVE-2012-4330
+CVE-2012-4330 (The Samsung D6000 TV and possibly other products allows remote attacke ...)
 	NOT-FOR-US: Samsung D6000 TV
-CVE-2012-4329
+CVE-2012-4329 (The Samsung D6000 TV and possibly other products allow remote attacker ...)
 	NOT-FOR-US: Samsung D6000 TV
-CVE-2012-4328
+CVE-2012-4328 (Unspecified vulnerability in the MAPI in vBulletin Suite 4.1.2 through ...)
 	NOT-FOR-US: vBulletin
-CVE-2012-4327
+CVE-2012-4327 (Unspecified vulnerability in the Image News slider plugin before 3.3 f ...)
 	NOT-FOR-US: Image News slider plugin for WordPress
-CVE-2012-4326
+CVE-2012-4326 (Cross-site request forgery (CSRF) vulnerability in commonsettings.php  ...)
 	NOT-FOR-US: AlstraSoft Site Uptime Enterprise
-CVE-2012-4325
+CVE-2012-4325 (Cross-site request forgery (CSRF) vulnerability in upload/users.php in ...)
 	NOT-FOR-US: Utopia News Pro
-CVE-2012-4324
+CVE-2012-4324 (Cross-site request forgery (CSRF) vulnerability in PHPJabbers Vacation ...)
 	NOT-FOR-US: PHPJabbers Vacation Rental Script
 CVE-2012-4323
 	RESERVED
@@ -5965,184 +5965,184 @@ CVE-2012-4307
 	RESERVED
 CVE-2012-4306
 	RESERVED
-CVE-2012-4305
+CVE-2012-4305 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 CVE-2012-4304
 	RESERVED
-CVE-2012-4303
+CVE-2012-4303 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion
 CVE-2012-4302
 	RESERVED
-CVE-2012-4301
+CVE-2012-4301 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 CVE-2012-4300
 	RESERVED
 CVE-2012-4299
 	RESERVED
-CVE-2012-4298
+CVE-2012-4298 (Integer signedness error in the vwr_read_rec_data_ethernet function in ...)
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
-CVE-2012-4297
+CVE-2012-4297 (Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/di ...)
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.6.x and 1.8.x)
-CVE-2012-4296
+CVE-2012-4296 (Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissect ...)
 	{DSA-2590-1}
 	- wireshark 1.8.2-1
-CVE-2012-4295
+CVE-2012-4295 (Array index error in the channelised_fill_sdh_g707_format function in  ...)
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
-CVE-2012-4294
+CVE-2012-4294 (Buffer overflow in the channelised_fill_sdh_g707_format function in ep ...)
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
-CVE-2012-4293
+CVE-2012-4293 (plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in  ...)
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-4292
+CVE-2012-4292 (The dissect_stun_message function in epan/dissectors/packet-stun.c in  ...)
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-4291
+CVE-2012-4291 (The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.1 ...)
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-4290
+CVE-2012-4290 (The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6. ...)
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-4289
+CVE-2012-4289 (epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x b ...)
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-4288
+CVE-2012-4288 (Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/ ...)
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
-CVE-2012-4287
+CVE-2012-4287 (epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1 ...)
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
-CVE-2012-4286
+CVE-2012-4286 (The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap- ...)
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
-CVE-2012-4285
+CVE-2012-4285 (The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the D ...)
 	- wireshark 1.8.2-1 (unimportant)
 	NOTE: not suitable for code injection
 CVE-2012-4284
 	RESERVED
-CVE-2012-4283
+CVE-2012-4283 (Cross-site scripting (XSS) vulnerability in the Login With Ajax plugin ...)
 	NOT-FOR-US: Login With Ajax plugin for Wordpress
-CVE-2012-4282
+CVE-2012-4282 (SQL injection vulnerability in photo.php in Trombinoscope 3.5 allows r ...)
 	NOT-FOR-US: Trombinoscope 3.5
-CVE-2012-4281
+CVE-2012-4281 (Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow ...)
 	NOT-FOR-US: Travelon Express 6.2.2
-CVE-2012-4280
+CVE-2012-4280 (Multiple cross-site request forgery (CSRF) vulnerabilities in admin/ag ...)
 	NOT-FOR-US: Free Realty 3.1-0.6
-CVE-2012-4279
+CVE-2012-4279 (Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow re ...)
 	NOT-FOR-US: Free Realty 3.1-0.6
-CVE-2012-4278
+CVE-2012-4278 (Multiple cross-site scripting (XSS) vulnerabilities in Free Realty 3.1 ...)
 	NOT-FOR-US: Free Realty
-CVE-2012-4277
+CVE-2012-4277 (Cross-site scripting (XSS) vulnerability in the smarty_function_html_o ...)
 	- smarty3 3.1.10-1
 	- smarty <removed> (low)
 	[squeeze] - smarty <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-4276
+CVE-2012-4276 (Unspecified vulnerability in Hitachi IT Operations Director 02-50-01 t ...)
 	NOT-FOR-US: Hitachi IT Operations Director
-CVE-2012-4275
+CVE-2012-4275 (Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Dire ...)
 	NOT-FOR-US: Hitachi IT Operations Director
-CVE-2012-4274
+CVE-2012-4274 (Unspecified vulnerability in Hitachi Cobol GUI Option 06-00, 06-01 thr ...)
 	NOT-FOR-US: Hitachi Cobol GUI Option
-CVE-2012-4273
+CVE-2012-4273 (Cross-site scripting (XSS) vulnerability in libs/xing.php in the 2 Cli ...)
 	NOT-FOR-US: 2 Click Social Media Buttons plugin for Wordpress
-CVE-2012-4272
+CVE-2012-4272 (Multiple cross-site scripting (XSS) vulnerabilities in the 2 Click Soc ...)
 	NOT-FOR-US: 2 Click Social Media Buttons plugin for WordPress
-CVE-2012-4271
+CVE-2012-4271 (Multiple cross-site scripting (XSS) vulnerabilities in bad-behavior-wo ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-4270
+CVE-2012-4270 (Cross-site scripting (XSS) vulnerability in eFront 3.6.11 allows remot ...)
 	NOT-FOR-US: eFront
-CVE-2012-4269
+CVE-2012-4269 (Unrestricted file upload vulnerability in eFront 3.6.11 allows remote  ...)
 	NOT-FOR-US: eFront
-CVE-2012-4268
+CVE-2012-4268 (Cross-site scripting (XSS) vulnerability in bulletproof-security/admin ...)
 	NOT-FOR-US: BulletProof Security plugin for WordPress
-CVE-2012-4267
+CVE-2012-4267 (Cross-site scripting (XSS) vulnerability in user/register in Sockso 1. ...)
 	NOT-FOR-US: Sockso
-CVE-2012-4266
+CVE-2012-4266 (Cross-site scripting (XSS) vulnerability in client_details.php in Prom ...)
 	NOT-FOR-US: Proman Xpress
-CVE-2012-4265
+CVE-2012-4265 (SQL injection vulnerability in category_edit.php in Proman Xpress 5.0. ...)
 	NOT-FOR-US: Proman Xpress
-CVE-2012-4264
+CVE-2012-4264 (Multiple cross-site scripting (XSS) vulnerabilities in the Better WP S ...)
 	NOT-FOR-US: Better WP Security plugin for WordPress
-CVE-2012-4263
+CVE-2012-4263 (Cross-site scripting (XSS) vulnerability in inc/admin/content.php in t ...)
 	NOT-FOR-US: Better WP Security plugin for Wordpress
-CVE-2012-4262
+CVE-2012-4262 (Multiple cross-site scripting (XSS) vulnerabilities in myCare2x allow  ...)
 	NOT-FOR-US: myCare2x
-CVE-2012-4261
+CVE-2012-4261 (SQL injection vulnerability in modules/patient/mycare2x_pat_info.php i ...)
 	NOT-FOR-US: myCare2x
-CVE-2012-4260
+CVE-2012-4260 (Multiple SQL injection vulnerabilities in myCare2x allow remote attack ...)
 	NOT-FOR-US: myCare2x
-CVE-2012-4259
+CVE-2012-4259 (Cross-site scripting (XSS) vulnerability in the contacts in (1) XPhone ...)
 	NOT-FOR-US: XPhone Virtual Directory
-CVE-2012-4258
+CVE-2012-4258 (Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2 ...)
 	NOT-FOR-US: MYRE Real Estate Software
-CVE-2012-4257
+CVE-2012-4257 (Yaqas (Yet Another Question &amp; Answer System) 1.0 Alpha 1 allows re ...)
 	NOT-FOR-US: Yaqas
-CVE-2012-4256
+CVE-2012-4256 (The jNews (com_jnews) component 7.5.1 for Joomla! allows remote attack ...)
 	NOT-FOR-US: jNews for Joomla!
-CVE-2012-4255
+CVE-2012-4255 (MySQLDumper 1.24.4 allows remote attackers to obtain sensitive informa ...)
 	NOT-FOR-US: MySQLDumper
-CVE-2012-4254
+CVE-2012-4254 (MySQLDumper 1.24.4 allows remote attackers to obtain sensitive informa ...)
 	NOT-FOR-US: MySQLDumper
-CVE-2012-4253
+CVE-2012-4253 (Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 all ...)
 	NOT-FOR-US: MySQLDumper
-CVE-2012-4252
+CVE-2012-4252 (Multiple cross-site request forgery (CSRF) vulnerabilities in MySQLDum ...)
 	NOT-FOR-US: MySQLDumper
-CVE-2012-4251
+CVE-2012-4251 (Multiple cross-site scripting (XSS) vulnerabilities in MySQLDumper 1.2 ...)
 	NOT-FOR-US: MySQLDumper
-CVE-2012-4250
+CVE-2012-4250 (Stack-based buffer overflow in the RequestScreenOptimization function  ...)
 	NOT-FOR-US: Samsung NET-i viewer
-CVE-2012-4249
+CVE-2012-4249 (The Amazon Lab126 com.lab126.system sendEvent implementation on the Ki ...)
 	NOT-FOR-US: Kindle Touch
-CVE-2012-4248
+CVE-2012-4248 (The Amazon Kindle Touch before 5.1.2 does not properly restrict access ...)
 	NOT-FOR-US: Kindle Touch
-CVE-2012-4247
+CVE-2012-4247 (Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/ind ...)
 	NOT-FOR-US: phplist
-CVE-2012-4246
+CVE-2012-4246 (Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/ind ...)
 	NOT-FOR-US: phplist
-CVE-2012-4245
+CVE-2012-4245 (The scriptfu network server in GIMP 2.6 does not require authenticatio ...)
 	- gimp <unfixed> (unimportant)
 	NOTE: The interface isn't designed or advertised to be secure, this is hardly a security issue in practice
-CVE-2012-4244
+CVE-2012-4244 (ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9. ...)
 	{DSA-2547-1}
 	- bind9 1:9.8.4.dfsg-1 (bug #693015)
 	[wheezy] - bind9 1:9.8.1.dfsg.P1-4.4
 	- isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
 CVE-2012-4243
 	RESERVED
-CVE-2012-4242
+CVE-2012-4242 (Cross-site scripting (XSS) vulnerability in the MF Gig Calendar plugin ...)
 	NOT-FOR-US: MF Gig Calendar
-CVE-2012-4241
+CVE-2012-4241 (Multiple cross-site scripting (XSS) vulnerabilities in Microcart 1.0 a ...)
 	NOT-FOR-US: Microcart
-CVE-2012-4240
+CVE-2012-4240 (SQL injection vulnerability in modules/calendar/json.php in Group-Offi ...)
 	NOT-FOR-US: Group-Office
 CVE-2012-4239
 	RESERVED
-CVE-2012-4238
+CVE-2012-4238 (Cross-site scripting (XSS) vulnerability in admin/code/tce_edit_answer ...)
 	NOT-FOR-US: TCExam
-CVE-2012-4237
+CVE-2012-4237 (Multiple SQL injection vulnerabilities in TCExam before 11.3.008 allow ...)
 	NOT-FOR-US: TCExam
-CVE-2012-4236
+CVE-2012-4236 (Cross-site scripting (XSS) vulnerability in the refresh_page function  ...)
 	NOT-FOR-US: Total Shop UK eCommerce
-CVE-2012-4235
+CVE-2012-4235 (The RSGallery2 (com_rsgallery2) component before 3.2.0 for Joomla! 2.5 ...)
 	NOT-FOR-US: Joomla addon
-CVE-2012-4234
+CVE-2012-4234 (Cross-site scripting (XSS) vulnerability in the group moderation scree ...)
 	NOT-FOR-US: Phorum
-CVE-2012-4233
+CVE-2012-4233 (LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffic ...)
 	{DSA-2570-1}
 	- libreoffice 1:3.5.4+dfsg-3 (low)
 	- openoffice.org 1:3.3.0-1 (low)
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package
 	NOTE: https://www.htbridge.com/advisory/HTB23106
-CVE-2012-4232
+CVE-2012-4232 (SQL injection vulnerability in admin/index.php in jCore before 1.0pre2 ...)
 	NOT-FOR-US: jCore
-CVE-2012-4231
+CVE-2012-4231 (Cross-site scripting (XSS) vulnerability in admin/index.php in jCore b ...)
 	NOT-FOR-US: jCore
-CVE-2012-4230
+CVE-2012-4230 (The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyM ...)
 	- tinymce <unfixed> (low; bug #796117)
 	[buster] - tinymce <no-dsa> (Minor issue)
 	[stretch] - tinymce <no-dsa> (Minor issue)
@@ -6155,9 +6155,9 @@ CVE-2012-4228
 	RESERVED
 CVE-2012-4227
 	RESERVED
-CVE-2012-4226
+CVE-2012-4226 (Multiple cross-site scripting (XSS) vulnerabilities in Quick Post Widg ...)
 	NOT-FOR-US: WordPress plugin Quick Post Widget
-CVE-2012-4225
+CVE-2012-4225 (NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows loc ...)
 	- nvidia-graphics-drivers 304.37-1 (bug #684781)
 	- nvidia-graphics-drivers-legacy-173xx 173.14.35-3
 	[squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze2
@@ -6168,283 +6168,283 @@ CVE-2012-4224
 	REJECTED
 CVE-2012-4223
 	REJECTED
-CVE-2012-4222
+CVE-2012-4222 (drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center (QuIC) Graphi ...)
 	- linux <not-affected> (Android-specific drivers)
 	- linux-2.6 <not-affected> (Android-specific drivers)
-CVE-2012-4221
+CVE-2012-4221 (Integer overflow in diagchar_core.c in the Qualcomm Innovation Center  ...)
 	- linux <not-affected> (Android-specific drivers)
 	- linux-2.6 <not-affected> (Android-specific drivers)
-CVE-2012-4220
+CVE-2012-4220 (diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics ( ...)
 	- linux <not-affected> (Android-specific drivers)
 	- linux-2.6 <not-affected> (Android-specific drivers)
-CVE-2012-4219
+CVE-2012-4219 (show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remot ...)
 	- phpmyadmin 4:4.0.1-1 (unimportant)
 	NOTE: Path disclosure irrelevant in Debian
-CVE-2012-4218
+CVE-2012-4218 (Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::S ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4217
+CVE-2012-4217 (Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdat ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4216
+CVE-2012-4216 (Use-after-free vulnerability in the gfxFont::GetFontEntry function in  ...)
 	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
-CVE-2012-4215
+CVE-2012-4215 (Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEv ...)
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-4214
+CVE-2012-4214 (Use-after-free vulnerability in the nsTextEditorState::PrepareEditor f ...)
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-4213
+CVE-2012-4213 (Use-after-free vulnerability in the nsEditor::FindNextLeafNode functio ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4212
+CVE-2012-4212 (Use-after-free vulnerability in the XPCWrappedNative::Mark function in ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2012-4211
 	REJECTED
-CVE-2012-4210
+CVE-2012-4210 (The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10. ...)
 	- iceweasel 10.0.11esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4209
+CVE-2012-4209 (Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderb ...)
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-4208
+CVE-2012-4208 (The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunder ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4207
+CVE-2012-4207 (The HZ-GB-2312 character-set implementation in Mozilla Firefox before  ...)
 	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
-CVE-2012-4206
+CVE-2012-4206 (Untrusted search path vulnerability in the installer in Mozilla Firefo ...)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2012-4205
+CVE-2012-4205 (Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey be ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4204
+CVE-2012-4204 (The str_unescape function in the JavaScript engine in Mozilla Firefox  ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4203
+CVE-2012-4203 (The New Tab page in Mozilla Firefox before 17.0 uses a privileged cont ...)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2012-4202
+CVE-2012-4202 (Heap-based buffer overflow in the image::RasterImage::DrawFrameTo func ...)
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-4201
+CVE-2012-4201 (The evalInSandbox implementation in Mozilla Firefox before 17.0, Firef ...)
 	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
 CVE-2012-4200
 	RESERVED
-CVE-2012-4199
+CVE-2012-4199 (template/en/default/bug/field-events.js.tmpl in Bugzilla 3.x before 3. ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-4198
+CVE-2012-4198 (The User.get method in Bugzilla/WebService/User.pm in Bugzilla 3.7.x a ...)
 	- bugzilla <not-affected> (Only affects 3.7 onwards)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-4197
+CVE-2012-4197 (Bugzilla/Attachment.pm in attachment.cgi in Bugzilla 2.x and 3.x befor ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-4196
+CVE-2012-4196 (Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunde ...)
 	- iceweasel 10.0.10esr-1
 	- icedove 10.0.10-1
 	- iceape 2.7.10-1
 	[squeeze] - iceape <not-affected> (vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (vulnerable code not present)
 	[squeeze] - icedove <not-affected> (vulnerable code not present)
-CVE-2012-4195
+CVE-2012-4195 (The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Fi ...)
 	- iceape <not-affected> (Only affects 16.x release from experimental)
 	- iceweasel <not-affected> (Only affects 16.x release from experimental)
 	- icedove <not-affected> (Only affects 16.x release from experimental)
-CVE-2012-4194
+CVE-2012-4194 (Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunde ...)
 	- iceape 2.7.10-1
 	- icedove 10.0.10-1
 	- iceweasel 10.0.10esr-1
 	[squeeze] - iceape <not-affected> (vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (vulnerable code not present)
 	[squeeze] - icedove <not-affected> (vulnerable code not present)
-CVE-2012-4193
+CVE-2012-4193 (Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunder ...)
 	- iceweasel 10.0.9esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (vulnerable code not present)
 	[squeeze] - icedove <not-affected> (vulnerable code not present)
-CVE-2012-4192
+CVE-2012-4192 (Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remot ...)
 	- iceweasel 10.0.9esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Regression not present in Squeeze)
 	[squeeze] - iceweasel <not-affected> (Regression not present in Squeeze)
 	[squeeze] - icedove <not-affected> (Regression not present in Squeeze)
-CVE-2012-4191
+CVE-2012-4191 (The mozilla::net::FailDelayManager::Lookup function in the WebSockets  ...)
 	- iceweasel <not-affected> (Doesn't affect ESR series)
-CVE-2012-4190
+CVE-2012-4190 (The FT2FontEntry::CreateFontEntry function in FreeType, as used in the ...)
 	- iceweasel <not-affected> (Only affects Firefox Mobile)
-CVE-2012-4189
+CVE-2012-4189 (Cross-site scripting (XSS) vulnerability in Bugzilla 4.1.x and 4.2.x b ...)
 	- bugzilla <not-affected> (Only affects 4.1 onwards)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-4188
+CVE-2012-4188 (Heap-based buffer overflow in the Convolve3x3 function in Mozilla Fire ...)
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-4187
+CVE-2012-4187 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4186
+CVE-2012-4186 (Heap-based buffer overflow in the nsWaveReader::DecodeAudioData functi ...)
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-4185
+CVE-2012-4185 (Buffer overflow in the nsCharTraits::length function in Mozilla Firefo ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4184
+CVE-2012-4184 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox befo ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4183
+CVE-2012-4183 (Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures f ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4182
+CVE-2012-4182 (Use-after-free vulnerability in the nsTextEditRules::WillInsert functi ...)
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-4181
+CVE-2012-4181 (Use-after-free vulnerability in the nsSMILAnimationController::DoSampl ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4180
+CVE-2012-4180 (Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhites ...)
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-4179
+CVE-2012-4179 (Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyT ...)
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-4178
+CVE-2012-4178 (SQL injection vulnerability in spywall/includes/deptUploads_data.php i ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-4177
+CVE-2012-4177 (The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote ...)
 	NOT-FOR-US: Ubisoft Uplay PC
-CVE-2012-4176
+CVE-2012-4176 (Array index error in Adobe Shockwave Player before 11.6.8.638 allows a ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-4175
+CVE-2012-4175 (Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows att ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-4174
+CVE-2012-4174 (Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows att ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-4173
+CVE-2012-4173 (Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows att ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-4172
+CVE-2012-4172 (Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows att ...)
 	NOT-FOR-US: Adobe Shockwave
-CVE-2012-4171
+CVE-2012-4171 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-4170
+CVE-2012-4170 (Buffer overflow in Adobe Photoshop CS6 13.x before 13.0.1 allows remot ...)
 	NOT-FOR-US: Adobe Photoshop CS6
 CVE-2012-4169
 	REJECTED
-CVE-2012-4168
+CVE-2012-4168 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-4167
+CVE-2012-4167 (Integer overflow in Adobe Flash Player before 10.3.183.23 and 11.x bef ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2012-4166
 	REJECTED
-CVE-2012-4165
+CVE-2012-4165 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-4164
+CVE-2012-4164 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-4163
+CVE-2012-4163 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-4162
+CVE-2012-4162 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Ma ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4161
+CVE-2012-4161 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Ma ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4160
+CVE-2012-4160 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4159
+CVE-2012-4159 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4158
+CVE-2012-4158 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4157
+CVE-2012-4157 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4156
+CVE-2012-4156 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4155
+CVE-2012-4155 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4154
+CVE-2012-4154 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4153
+CVE-2012-4153 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4152
+CVE-2012-4152 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4151
+CVE-2012-4151 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4150
+CVE-2012-4150 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4149
+CVE-2012-4149 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4148
+CVE-2012-4148 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4147
+CVE-2012-4147 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-4146
+CVE-2012-4146 (Opera before 12.01 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Opera
-CVE-2012-4145
+CVE-2012-4145 (Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, a ...)
 	NOT-FOR-US: Opera
-CVE-2012-4144
+CVE-2012-4144 (Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x befo ...)
 	NOT-FOR-US: Opera
-CVE-2012-4143
+CVE-2012-4143 (Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x befo ...)
 	NOT-FOR-US: Opera
-CVE-2012-4142
+CVE-2012-4142 (Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x befo ...)
 	NOT-FOR-US: Opera
 CVE-2012-XXXX [redeclipse code execution through map files]
 	- redeclipse 1.2-3 (bug #684143)
@@ -6454,7 +6454,7 @@ CVE-2012-XXXX [base name disclosure]
 CVE-2012-XXXX [insecure default configuration / authentication bypass]
 	- munin 2.0.5-1 (bug #682869)
 	[squeeze] - munin <no-dsa> (Minor issue)
-CVE-2012-4141
+CVE-2012-4141 (Directory traversal vulnerability in the CLI parser in Cisco NX-OS all ...)
 	NOT-FOR-US: Cisco
 CVE-2012-4140
 	REJECTED
@@ -6464,9 +6464,9 @@ CVE-2012-4138
 	REJECTED
 CVE-2012-4137
 	REJECTED
-CVE-2012-4136
+CVE-2012-4136 (The high-availability service in the Fabric Interconnect component in  ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4135
+CVE-2012-4135 (Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and ...)
 	NOT-FOR-US: Cisco
 CVE-2012-4134
 	REJECTED
@@ -6474,7 +6474,7 @@ CVE-2012-4133
 	REJECTED
 CVE-2012-4132
 	REJECTED
-CVE-2012-4131
+CVE-2012-4131 (Directory traversal vulnerability in tar in Cisco NX-OS allows local u ...)
 	NOT-FOR-US: Cisco
 CVE-2012-4130
 	REJECTED
@@ -6492,9 +6492,9 @@ CVE-2012-4124
 	REJECTED
 CVE-2012-4123
 	REJECTED
-CVE-2012-4122
+CVE-2012-4122 (The CLI parser in Cisco NX-OS allows local users to bypass intended ac ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4121
+CVE-2012-4121 (Cisco NX-OS allows local users to gain privileges, and read or modify  ...)
 	NOT-FOR-US: Cisco
 CVE-2012-4120
 	REJECTED
@@ -6502,151 +6502,151 @@ CVE-2012-4119
 	REJECTED
 CVE-2012-4118
 	REJECTED
-CVE-2012-4117
+CVE-2012-4117 (The fabric-interconnect component in Cisco Unified Computing System (U ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4116
+CVE-2012-4116 (The fabric-interconnect component in Cisco Unified Computing System (U ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4115
+CVE-2012-4115 (The fabric-interconnect component in Cisco Unified Computing System (U ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4114
+CVE-2012-4114 (The fabric-interconnect KVM module in Cisco Unified Computing System ( ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4113
+CVE-2012-4113 (The fabric-interconnect component in Cisco Unified Computing System (U ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4112
+CVE-2012-4112 (The Baseboard Management Controller (BMC) in Cisco Unified Computing S ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4111
+CVE-2012-4111 (The create certreq command in the fabric-interconnect component in Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4110
+CVE-2012-4110 (run-script in the fabric-interconnect component in Cisco Unified Compu ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4109
+CVE-2012-4109 (The clear sshkey command in the fabric-interconnect component in Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4108
+CVE-2012-4108 (The fabric-interconnect component in Cisco Unified Computing System (U ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4107
+CVE-2012-4107 (The fabric-interconnect component in Cisco Unified Computing System (U ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4106
+CVE-2012-4106 (The fabric-interconnect component in Cisco Unified Computing System (U ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4105
+CVE-2012-4105 (The fabric-interconnect component in Cisco Unified Computing System (U ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4104
+CVE-2012-4104 (Absolute path traversal vulnerability in the image-download process in ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4103
+CVE-2012-4103 (ethanalyzer in the fabric-interconnect component in Cisco Unified Comp ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4102
+CVE-2012-4102 (The activate firmware command in the fabric-interconnect component in  ...)
 	NOT-FOR-US: Cisco
 CVE-2012-4101
 	REJECTED
 CVE-2012-4100
 	REJECTED
-CVE-2012-4099
+CVE-2012-4099 (The BGP implementation in Cisco NX-OS does not properly filter AS path ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4098
+CVE-2012-4098 (The BGP implementation in Cisco NX-OS does not properly filter AS path ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4097
+CVE-2012-4097 (The BGP implementation in Cisco NX-OS does not properly filter segment ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4096
+CVE-2012-4096 (The local file editor in the Baseboard Management Controller (BMC) in  ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4095
+CVE-2012-4095 (The local file editor in the fabric-interconnect component in Cisco Un ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4094
+CVE-2012-4094 (Buffer overflow in the Smart Call Home feature in the fabric interconn ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4093
+CVE-2012-4093 (The Manager component in Cisco Unified Computing System (UCS) allows l ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4092
+CVE-2012-4092 (The management interface in the Central Software component in Cisco Un ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4091
+CVE-2012-4091 (The RIP service engine in Cisco NX-OS allows remote attackers to cause ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4090
+CVE-2012-4090 (The management interface in Cisco NX-OS on Nexus 7000 devices allows r ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4089
+CVE-2012-4089 (MCTOOLS in the fabric interconnect in Cisco Unified Computing System ( ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4088
+CVE-2012-4088 (The FTP server in Cisco Unified Computing System (UCS) has a hardcoded ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4087
+CVE-2012-4087 (A cluster setup script for fabric interconnect devices in Cisco Unifie ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4086
+CVE-2012-4086 (A setup script for fabric interconnect devices in Cisco Unified Comput ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4085
+CVE-2012-4085 (The Intelligent Platform Management Interface (IPMI) implementation in ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4084
+CVE-2012-4084 (Cross-site request forgery (CSRF) vulnerability in the web-management  ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4083
+CVE-2012-4083 (Multiple buffer overflows in the administrative web interface in Cisco ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4082
+CVE-2012-4082 (MCTools in the Cisco Management Controller in Cisco Unified Computing  ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4081
+CVE-2012-4081 (MCServer in the Cisco Management Controller in Cisco Unified Computing ...)
 	NOT-FOR-US: Cisco
 CVE-2012-4080
 	REJECTED
-CVE-2012-4079
+CVE-2012-4079 (The XML API service in the Fabric Interconnect component in Cisco Unif ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4078
+CVE-2012-4078 (The Baseboard Management Controller (BMC) in Cisco Unified Computing S ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4077
+CVE-2012-4077 (Cisco NX-OS allows local users to gain privileges and execute arbitrar ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4076
+CVE-2012-4076 (Cisco NX-OS allows local users to gain privileges and execute arbitrar ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2012-4075
+CVE-2012-4075 (Cisco NX-OS allows local users to gain privileges and execute arbitrar ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4074
+CVE-2012-4074 (The Board Management Controller (BMC) in the Serial over LAN (SoL) sub ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4073
+CVE-2012-4073 (The KVM subsystem in the client in Cisco Unified Computing System (UCS ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4072
+CVE-2012-4072 (The KVM subsystem in Cisco Unified Computing System (UCS) relies on a  ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4071
+CVE-2012-4071 (Cross-site scripting (XSS) vulnerability in the comments module in the ...)
 	NOT-FOR-US: Joomla addon
-CVE-2012-4070
+CVE-2012-4070 (SQL injection vulnerability in system/src/dispatcher.php in Dir2web 3. ...)
 	NOT-FOR-US: Dir2Web
-CVE-2012-4069
+CVE-2012-4069 (Dir2web 3.0 stores sensitive information under the web root with insuf ...)
 	NOT-FOR-US: Dir2Web
-CVE-2012-4068
+CVE-2012-4068 (Heap-based buffer overflow in the SoapServer service in Citrix Provisi ...)
 	NOT-FOR-US: Citrix
-CVE-2012-4067
+CVE-2012-4067 (Walrus in Eucalyptus before 3.2.2 allows remote attackers to cause a d ...)
 	- eucalyptus <removed> (bug #707592)
 	NOTE: https://github.com/eucalyptus/eucalyptus/commit/e958e60
 	NOTE: https://eucalyptus.atlassian.net/browse/EUCA-5277
-CVE-2012-4066
+CVE-2012-4066 (The internal message protocol for Walrus in Eucalyptus 3.2.0 and earli ...)
 	- eucalyptus <removed> (bug #702388)
-CVE-2012-4065
+CVE-2012-4065 (Eucalyptus before 3.1.1 does not properly restrict the binding of exte ...)
 	- eucalyptus 3.1.0-9 (bug #689599)
-CVE-2012-4064
+CVE-2012-4064 (Eucalyptus before 3.1.1 does not properly restrict the binding of exte ...)
 	- eucalyptus 3.1.0-9 (bug #689599)
-CVE-2012-4063
+CVE-2012-4063 (The Apache Santuario configuration in Eucalyptus before 3.1.1 does not ...)
 	- eucalyptus 3.1.0-9 (bug #689599)
 CVE-2012-4062
 	RESERVED
-CVE-2012-4061
+CVE-2012-4061 (Multiple SQL injection vulnerabilities in ASP-DEv XM Diary allow remot ...)
 	NOT-FOR-US: ASP-DEv XM Diary
-CVE-2012-4060
+CVE-2012-4060 (Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow  ...)
 	NOT-FOR-US: ASP-DEv XM Diary
-CVE-2012-4059
+CVE-2012-4059 (Cross-site request forgery (CSRF) vulnerability in home/secretqtn.php  ...)
 	NOT-FOR-US: Socketmail not in Debian
-CVE-2012-4058
+CVE-2012-4058 (Cross-site scripting (XSS) vulnerability in SocketMail Pro 2.2.9 allow ...)
 	NOT-FOR-US: Socketmail not in Debian
-CVE-2012-4057
+CVE-2012-4057 (Buffer overflow in the Player in Remote-Anything 5.60.15 allows remote ...)
 	NOT-FOR-US: Remote-Anything not in Debian
-CVE-2012-4056
+CVE-2012-4056 (SQL injection vulnerability in index2.php in Uiga Personal Portal allo ...)
 	NOT-FOR-US: Uiga personal portal
-CVE-2012-4055
+CVE-2012-4055 (SQL injection vulnerability in index2.php in Uiga Fan Club allows remo ...)
 	NOT-FOR-US: Uiga Fan Club
-CVE-2012-4054
+CVE-2012-4054 (Buffer overflow in the readfile function in CPE17 Autorun Killer 1.7.1 ...)
 	NOT-FOR-US: CPE17 Autorun Killer not in Debian
-CVE-2012-4053
+CVE-2012-4053 (Cross-site request forgery (CSRF) vulnerability in eZOE flash player i ...)
 	NOT-FOR-US: eZOE flash player not in Debian
-CVE-2012-4052
+CVE-2012-4052 (Multiple cross-site scripting (XSS) vulnerabilities in Jease before 2. ...)
 	NOT-FOR-US: Jease
-CVE-2012-4051
+CVE-2012-4051 (Multiple cross-site request forgery (CSRF) vulnerabilities in editAcco ...)
 	NOT-FOR-US: JAMF Casper suite
 CVE-2012-4047
 	RESERVED
-CVE-2012-4046
+CVE-2012-4046 (The D-Link DCS-932L camera with firmware 1.02 allows remote attackers  ...)
 	NOT-FOR-US: D-Link DCS-932L camera
-CVE-2012-4045
+CVE-2012-4045 (Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63  ...)
 	NOT-FOR-US: Winamp
 CVE-2012-4044
 	RESERVED
-CVE-2012-4043
+CVE-2012-4043 (Cross-site scripting (XSS) vulnerability in global-protect/login.esp i ...)
 	NOT-FOR-US: Palo Alto Networks software
 CVE-2012-4042
 	RESERVED
@@ -6658,186 +6658,186 @@ CVE-2012-4039
 	RESERVED
 CVE-2012-4038
 	RESERVED
-CVE-2012-4037
+CVE-2012-4037 (Multiple cross-site scripting (XSS) vulnerabilities in the web client  ...)
 	- transmission 2.52-3 (bug #683380)
 	[squeeze] - transmission <not-affected> (Version in Stable not affected)
-CVE-2012-4036
+CVE-2012-4036 (Unrestricted file upload vulnerability in admin.php in PBBoard 2.1.4 a ...)
 	NOT-FOR-US: PBBoard
-CVE-2012-4035
+CVE-2012-4035 (The new_password page in PBBoard 2.1.4 allows remote attackers to chan ...)
 	NOT-FOR-US: PBBoard
-CVE-2012-4034
+CVE-2012-4034 (Multiple SQL injection vulnerabilities in PBBoard 2.1.4 allow remote a ...)
 	NOT-FOR-US: PBBoard
-CVE-2012-4050
+CVE-2012-4050 (Multiple unspecified vulnerabilities in Google Chrome OS before 21.0.1 ...)
 	NOT-FOR-US: Google Chrome OS
-CVE-2012-4049
+CVE-2012-4049 (epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x b ...)
 	- wireshark 1.8.2-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2012-12.html
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/2
-CVE-2012-4048
+CVE-2012-4048 (The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9 ...)
 	{DSA-2590-1}
 	- wireshark 1.8.2-1 (bug #680056)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2012-11.html
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/2
-CVE-2012-4033
+CVE-2012-4033 (Multiple unspecified vulnerabilities in the Zingiri Web Shop plugin be ...)
 	NOT-FOR-US: Zingiri not in Debian
-CVE-2012-4032
+CVE-2012-4032 (Open redirect vulnerability in the login page in WebsitePanel before 1 ...)
 	NOT-FOR-US: WebsitePanel not in Debian
-CVE-2012-4031
+CVE-2012-4031 (Multiple directory traversal vulnerabilities in src/acloglogin.php in  ...)
 	NOT-FOR-US: Wangkongbao not in Debian
 CVE-2012-4030
 	RESERVED
 CVE-2012-4029
 	RESERVED
-CVE-2012-4028
+CVE-2012-4028 (Tridium Niagara AX Framework does not properly store credential data,  ...)
 	NOT-FOR-US: Tridium Niagara AX Framework
-CVE-2012-4027
+CVE-2012-4027 (Directory traversal vulnerability in Tridium Niagara AX Framework allo ...)
 	NOT-FOR-US: Tridium Niagara AX Framework
-CVE-2012-4026
+CVE-2012-4026 (The Johnson Controls Pegasys P2000 server with software before 3.11 al ...)
 	NOT-FOR-US: The Johnson Controls Pegasys P2000
-CVE-2012-4025
+CVE-2012-4025 (Integer overflow in the queue_init function in unsquashfs.c in unsquas ...)
 	- squashfs-tools 1:4.2+20121212-1 (low; bug #683371)
 	[squeeze] - squashfs-tools <no-dsa> (Minor issue)
 	[wheezy] - squashfs-tools <no-dsa> (Minor issue)
-CVE-2012-4024
+CVE-2012-4024 (Stack-based buffer overflow in the get_component function in unsquashf ...)
 	- squashfs-tools 1:4.2+20121212-1 (low; bug #683371)
 	[squeeze] - squashfs-tools <no-dsa> (Minor issue)
 	[wheezy] - squashfs-tools <no-dsa> (Minor issue)
-CVE-2012-4023
+CVE-2012-4023 (CRLF injection vulnerability in Pebble before 2.6.4 allows remote atta ...)
 	NOT-FOR-US: Pebble blog
-CVE-2012-4022
+CVE-2012-4022 (Pebble before 2.6.4 allows remote attackers to trigger loss of blog-en ...)
 	NOT-FOR-US: Pebble blog
-CVE-2012-4021
+CVE-2012-4021 (MosP kintai kanri before 4.1.0 does not properly perform authenticatio ...)
 	NOT-FOR-US: MosP kintai kanri
-CVE-2012-4020
+CVE-2012-4020 (MosP kintai kanri before 4.1.0 does not enforce privilege requirements ...)
 	NOT-FOR-US: MosP kintai kanri
-CVE-2012-4019
+CVE-2012-4019 (Cross-site scripting (XSS) vulnerability in tokyo_bbs.cgi in Come on G ...)
 	NOT-FOR-US: Come on Girls Interface (CGI) Tokyo BBS
-CVE-2012-4018
+CVE-2012-4018 (Cross-site scripting (XSS) vulnerability in Final Beta Laboratory MyWe ...)
 	NOT-FOR-US: Final Beta Laboratory MyWebSearch
-CVE-2012-4017
+CVE-2012-4017 (The jigbrowser+ application before 1.5.0 for Android does not properly ...)
 	NOT-FOR-US: Android application
-CVE-2012-4016
+CVE-2012-4016 (The ATOK application before 1.0.4 for Android allows remote attackers  ...)
 	NOT-FOR-US: Android application
-CVE-2012-4015
+CVE-2012-4015 (Cross-site scripting (XSS) vulnerability in the management screen in m ...)
 	NOT-FOR-US: My Little tool / My little admin SQL server 2000
-CVE-2012-4014
+CVE-2012-4014 (Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShie ...)
 	NOT-FOR-US: McAfee Email Anti-virus
-CVE-2012-4013
+CVE-2012-4013 (The WebView class in the Cybozu KUNAI Browser for Remote Service appli ...)
 	NOT-FOR-US: Cybozu KUNAI Browser
-CVE-2012-4012
+CVE-2012-4012 (The WebView class in the Cybozu KUNAI application before 2.0.6 for And ...)
 	NOT-FOR-US: Cybozu KUNAI
-CVE-2012-4011
+CVE-2012-4011 (The Cybozu KUNAI application before 2.0.6 for Android allows remote at ...)
 	NOT-FOR-US: Cybozu KUNAI
-CVE-2012-4010
+CVE-2012-4010 (Opera before 11.60 allows remote attackers to spoof the address bar vi ...)
 	NOT-FOR-US: Opera
-CVE-2012-4009
+CVE-2012-4009 (The WebView class in the Cybozu Live application 1.0.4 and earlier for ...)
 	NOT-FOR-US: Cybozu Live
-CVE-2012-4008
+CVE-2012-4008 (The Cybozu Live application 1.0.4 and earlier for Android allows remot ...)
 	NOT-FOR-US: Cybozu Live
-CVE-2012-4007
+CVE-2012-4007 (The mixi application before 4.3.0 for Android allows remote attackers  ...)
 	NOT-FOR-US: mixi application for Android
-CVE-2012-4006
+CVE-2012-4006 (The GREE application before 1.4.0, GREE Tanken Dorirando application b ...)
 	NOT-FOR-US: GREE application for Android
-CVE-2012-4005
+CVE-2012-4005 (The NHN Japan NAVER LINE application before 2.5.5 for Android does not ...)
 	NOT-FOR-US: NHN Japan NAVER LINE
-CVE-2012-4004
+CVE-2012-4004 (Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile applic ...)
 	NOT-FOR-US: Sleipnir Mobile
-CVE-2012-4003
+CVE-2012-4003 (Multiple cross-site scripting (XSS) vulnerabilities in GLPI-PROJECT GL ...)
 	- glpi 0.83.31-1 (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	NOTE: https://forge.indepnet.net/projects/glpi/versions/771
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/13/1
-CVE-2012-4002
+CVE-2012-4002 (Cross-site request forgery (CSRF) vulnerability in GLPI-PROJECT GLPI b ...)
 	- glpi 0.83.31-1 (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	NOTE: https://forge.indepnet.net/projects/glpi/versions/771
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/13/1
-CVE-2012-4001
+CVE-2012-4001 (The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server d ...)
 	NOT-FOR-US: mod_pagespeed
-CVE-2012-4000
+CVE-2012-4000 (Cross-site scripting (XSS) vulnerability in the print_textinputs_var f ...)
 	{DSA-2522-1}
 	- fckeditor 1:2.6.6-3 (bug #683418)
 	NOTE: http://disse.cting.org/2012/06/22/fckeditor-reflected-xss-vulnerability/
-CVE-2012-3999
+CVE-2012-3999 (Cross-site scripting (XSS) vulnerability in admin/login.php in Sticky  ...)
 	NOT-FOR-US: Sticky Notes
-CVE-2012-3998
+CVE-2012-3998 (Multiple SQL injection vulnerabilities in Sticky Notes before 0.2.2705 ...)
 	NOT-FOR-US: Sticky Notes
-CVE-2012-3997
+CVE-2012-3997 (Multiple cross-site scripting (XSS) vulnerabilities in Sticky Notes be ...)
 	NOT-FOR-US: Sticky Notes
-CVE-2012-3996
+CVE-2012-3996 (TikiWiki CMS/Groupware 8.3 and earlier allows remote attackers to obta ...)
 	- tikiwiki <removed>
-CVE-2012-3995
+CVE-2012-3995 (The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Fir ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3994
+CVE-2012-3994 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3993
+CVE-2012-3993 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox befo ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3992
+CVE-2012-3992 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3991
+CVE-2012-3991 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi ...)
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-3990
+CVE-2012-3990 (Use-after-free vulnerability in the IME State Manager implementation i ...)
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-3989
+CVE-2012-3989 (Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey be ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3988
+CVE-2012-3988 (Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox E ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3987
+CVE-2012-3987 (Mozilla Firefox before 16.0 on Android assigns chrome privileges to Re ...)
 	- iceweasel <not-affected> (Android-specific)
-CVE-2012-3986
+CVE-2012-3986 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi ...)
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
-CVE-2012-3985
+CVE-2012-3985 (Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey be ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3984
+CVE-2012-3984 (Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey be ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3983
+CVE-2012-3983 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3982
+CVE-2012-3982 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2572-1 DSA-2569-1 DSA-2565-1}
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
@@ -6845,150 +6845,150 @@ CVE-2012-3982
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-4747
+CVE-2012-4747 (Bugzilla 2.x and 3.x through 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1 ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=785522
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=785511
-CVE-2012-3981
+CVE-2012-3981 (Auth/Verify/LDAP.pm in Bugzilla 2.x and 3.x before 3.6.11, 3.7.x and 4 ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-3980
+CVE-2012-3980 (The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x befor ...)
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3979
+CVE-2012-3979 (Mozilla Firefox before 15.0 on Android does not properly implement uns ...)
 	- iceweasel <not-affected> (Only affects Firefox for Android)
-CVE-2012-3978
+CVE-2012-3978 (The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Fire ...)
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 CVE-2012-3977
 	REJECTED
-CVE-2012-3976
+CVE-2012-3976 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMo ...)
 	- iceweasel 10.0.7esr-1
 	- iceape 2.7.7-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3975
+CVE-2012-3975 (The DOMParser component in Mozilla Firefox before 15.0, Thunderbird be ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3974
+CVE-2012-3974 (Untrusted search path vulnerability in the installer in Mozilla Firefo ...)
 	- iceweasel <not-affected> (Only affects Firefox for Windows)
-CVE-2012-3973
+CVE-2012-3973 (The debugger in the developer-tools subsystem in Mozilla Firefox befor ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3972
+CVE-2012-3972 (The format-number functionality in the XSLT implementation in Mozilla  ...)
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-3971
+CVE-2012-3971 (Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla F ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3970
+CVE-2012-3970 (Use-after-free vulnerability in the nsTArray_base::Length function in  ...)
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3969
+CVE-2012-3969 (Integer overflow in the nsSVGFEMorphologyElement::Filter function in M ...)
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-3968
+CVE-2012-3968 (Use-after-free vulnerability in the WebGL implementation in Mozilla Fi ...)
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3967
+CVE-2012-3967 (The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 1 ...)
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3966
+CVE-2012-3966 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbi ...)
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3965
+CVE-2012-3965 (Mozilla Firefox before 15.0 does not properly restrict navigation to t ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
-CVE-2012-3964
+CVE-2012-3964 (Use-after-free vulnerability in the gfxTextRun::GetUserData function i ...)
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3963
+CVE-2012-3963 (Use-after-free vulnerability in the js::gc::MapAllocToTraceKind functi ...)
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3962
+CVE-2012-3962 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbi ...)
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-3961
+CVE-2012-3961 (Use-after-free vulnerability in the RangeData implementation in Mozill ...)
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3960
+CVE-2012-3960 (Use-after-free vulnerability in the mozSpellChecker::SetCurrentDiction ...)
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3959
+CVE-2012-3959 (Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode f ...)
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-3958
+CVE-2012-3958 (Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableEle ...)
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3957
+CVE-2012-3957 (Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function ...)
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
-CVE-2012-3956
+CVE-2012-3956 (Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Ru ...)
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
-CVE-2012-3955
+CVE-2012-3955 (ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remo ...)
 	{DSA-2551-1}
 	- isc-dhcp 4.2.4-2
 	[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u1
-CVE-2012-3954
+CVE-2012-3954 (Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and  ...)
 	{DSA-2519-2 DSA-2519-1 DSA-2516-1}
 	- isc-dhcp 4.2.4-2 (bug #686174)
 	[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u1
-CVE-2012-3953
+CVE-2012-3953 (SQL injection vulnerability in admin/index.php in phpList before 2.10. ...)
 	NOT-FOR-US: phplist
-CVE-2012-3952
+CVE-2012-3952 (Cross-site scripting (XSS) vulnerability in admin/index.php in phpList ...)
 	NOT-FOR-US: phplist
-CVE-2012-3951
+CVE-2012-3951 (The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutini ...)
 	NOT-FOR-US: Plixer Scrutinizer
-CVE-2012-3950
+CVE-2012-3950 (The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 throug ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-3949
+CVE-2012-3949 (The SIP implementation in Cisco Unified Communications Manager (CUCM)  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2012-3948
 	RESERVED
 CVE-2012-3947
 	RESERVED
-CVE-2012-3946
+CVE-2012-3946 (Cisco IOS before 15.3(2)S allows remote attackers to bypass interface  ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3945
 	RESERVED
@@ -6998,19 +6998,19 @@ CVE-2012-3943
 	RESERVED
 CVE-2012-3942
 	RESERVED
-CVE-2012-3941
+CVE-2012-3941 (Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) p ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-3940
+CVE-2012-3940 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 b ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-3939
+CVE-2012-3939 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 b ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-3938
+CVE-2012-3938 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 b ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-3937
+CVE-2012-3937 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 b ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-3936
+CVE-2012-3936 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 b ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-3935
+CVE-2012-3935 (Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Commu ...)
 	NOT-FOR-US: Cisco Unified Presence, Jabber Extensible Communications Platform
 CVE-2012-3934
 	RESERVED
@@ -7032,9 +7032,9 @@ CVE-2012-3926
 	RESERVED
 CVE-2012-3925
 	RESERVED
-CVE-2012-3924
+CVE-2012-3924 (The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is ena ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-3923
+CVE-2012-3923 (The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, whe ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3922
 	RESERVED
@@ -7042,19 +7042,19 @@ CVE-2012-3921
 	RESERVED
 CVE-2012-3920
 	RESERVED
-CVE-2012-3919
+CVE-2012-3919 (The Cisco Application Control Engine (ACE) module 3.0 for Cisco Cataly ...)
 	NOT-FOR-US: Cisco Application Control Engine
-CVE-2012-3918
+CVE-2012-3918 (Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/ ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3917
 	RESERVED
 CVE-2012-3916
 	RESERVED
-CVE-2012-3915
+CVE-2012-3915 (The DMVPN tunnel implementation in Cisco IOS 15.2 allows remote attack ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3914
 	RESERVED
-CVE-2012-3913
+CVE-2012-3913 (The Cisco VC220 and VC240 cameras allow remote attackers to cause a de ...)
 	NOT-FOR-US: Cisco
 CVE-2012-3912
 	RESERVED
@@ -7064,7 +7064,7 @@ CVE-2012-3910
 	RESERVED
 CVE-2012-3909
 	RESERVED
-CVE-2012-3908
+CVE-2012-3908 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE  ...)
 	NOT-FOR-US: Cisco Identity Services Engine
 CVE-2012-3907
 	RESERVED
@@ -7078,11 +7078,11 @@ CVE-2012-3903
 	RESERVED
 CVE-2012-3902
 	RESERVED
-CVE-2012-3901
+CVE-2012-3901 (The updateTime function in sensorApp on Cisco IPS 4200 series sensors  ...)
 	NOT-FOR-US: Cisco IPS 4200
 CVE-2012-3900
 	RESERVED
-CVE-2012-3899
+CVE-2012-3899 (sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not  ...)
 	NOT-FOR-US: Cisco IPS 4200
 CVE-2012-3898
 	RESERVED
@@ -7090,35 +7090,35 @@ CVE-2012-3897
 	RESERVED
 CVE-2012-3896
 	RESERVED
-CVE-2012-3895
+CVE-2012-3895 (Cisco IOS 15.0 through 15.3 allows remote authenticated users to cause ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3894
 	RESERVED
-CVE-2012-3893
+CVE-2012-3893 (The FlexVPN implementation in Cisco IOS 15.2 and 15.3 allows remote au ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3892
 	RESERVED
 CVE-2012-3891
 	RESERVED
-CVE-2012-3890
+CVE-2012-3890 (The in_mod plugin in Winamp before 5.63 allows remote attackers to cau ...)
 	NOT-FOR-US: Winamp
-CVE-2012-3889
+CVE-2012-3889 (The in_mod plugin in Winamp before 5.63 allows remote attackers to cau ...)
 	NOT-FOR-US: Winamp
-CVE-2012-3888
+CVE-2012-3888 (The login implementation in AirDroid 1.0.4 beta allows remote attacker ...)
 	NOT-FOR-US: AirDroid
-CVE-2012-3887
+CVE-2012-3887 (AirDroid before 1.0.7 beta uses a cleartext base64 format for data tra ...)
 	NOT-FOR-US: AirDroid
-CVE-2012-3886
+CVE-2012-3886 (AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogi ...)
 	NOT-FOR-US: AirDroid
-CVE-2012-3885
+CVE-2012-3885 (The default configuration of AirDroid 1.0.4 beta uses a four-character ...)
 	NOT-FOR-US: AirDroid
-CVE-2012-3884
+CVE-2012-3884 (AirDroid 1.0.4 beta implements authentication through direct transmiss ...)
 	NOT-FOR-US: AirDroid
 CVE-2012-3883
 	RESERVED
 CVE-2012-3882
 	RESERVED
-CVE-2012-3881
+CVE-2012-3881 (Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 all ...)
 	NOT-FOR-US: RTG, RTG2
 CVE-2012-3880
 	RESERVED
@@ -7134,30 +7134,30 @@ CVE-2012-3875
 	RESERVED
 CVE-2012-3874
 	RESERVED
-CVE-2012-3873
+CVE-2012-3873 (Multiple SQL injection vulnerabilities in Open Constructor 3.12.0 allo ...)
 	NOT-FOR-US: Open Constructor
-CVE-2012-3872
+CVE-2012-3872 (Multiple cross-site scripting (XSS) vulnerabilities in Open Constructo ...)
 	NOT-FOR-US: Open Constructor
-CVE-2012-3871
+CVE-2012-3871 (Cross-site scripting (XSS) vulnerability in data/hybrid/i_hybrid.php i ...)
 	NOT-FOR-US: Open Constructor
-CVE-2012-3870
+CVE-2012-3870 (Multiple cross-site scripting (XSS) vulnerabilities in objects/createo ...)
 	NOT-FOR-US: Open Constructor
-CVE-2012-3869
+CVE-2012-3869 (Cross-site scripting (XSS) vulnerability in include/classes/class.rex_ ...)
 	NOT-FOR-US: REDAXO
-CVE-2012-3868
+CVE-2012-3868 (Race condition in the ns_client structure management in ISC BIND 9.9.x ...)
 	NOTE: https://kb.isc.org/article/AA-00730
 	- bind9 <not-affected> (Vulnerable code not present, only affects 9.9.x)
 	- isc-dhcp <not-affected> (embeds bind 9.8.x; this issue only affects 9.9.x)
-CVE-2012-3867
+CVE-2012-3867 (lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2. ...)
 	{DSA-2511-1}
 	- puppet 2.7.18-1
-CVE-2012-3866
+CVE-2012-3866 (lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enter ...)
 	{DSA-2511-1}
 	- puppet 2.7.18-1
-CVE-2012-3865
+CVE-2012-3865 (Directory traversal vulnerability in lib/puppet/reports/store.rb in Pu ...)
 	{DSA-2511-1}
 	- puppet 2.7.18-1
-CVE-2012-3864
+CVE-2012-3864 (Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise be ...)
 	{DSA-2511-1}
 	- puppet 2.7.18-1
 CVE-2012-3862
@@ -7166,7 +7166,7 @@ CVE-2012-3861
 	RESERVED
 CVE-2012-3860
 	RESERVED
-CVE-2012-3859
+CVE-2012-3859 (Unspecified vulnerability in the WebAdmin Portal in Netsweeper has unk ...)
 	NOT-FOR-US: Netsweeper WebAdmin Portal
 CVE-2012-3858
 	RESERVED
@@ -7188,60 +7188,60 @@ CVE-2012-3850
 	RESERVED
 CVE-2012-3849
 	RESERVED
-CVE-2012-3848
+CVE-2012-3848 (Multiple cross-site scripting (XSS) vulnerabilities in the web console ...)
 	NOT-FOR-US: Plixer Scrutinizer
-CVE-2012-3863
+CVE-2012-3863 (channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and  ...)
 	{DSA-2550-1}
 	- asterisk 1:1.8.13.1~dfsg-1
-CVE-2012-3847
+CVE-2012-3847 (slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 a ...)
 	NOT-FOR-US: Windows utility
-CVE-2012-3846
+CVE-2012-3846 (Cross-site scripting (XSS) vulnerability in index.php in PHP-pastebin  ...)
 	NOT-FOR-US: php-pastebin not in Debian
-CVE-2012-3845
+CVE-2012-3845 (Buffer overflow in LAN Messenger 1.2.28 and earlier allows remote atta ...)
 	NOT-FOR-US: LAN Messenger not in Debian
-CVE-2012-3844
+CVE-2012-3844 (Cross-site scripting (XSS) vulnerability in vBulletin 4.1.12 allows re ...)
 	NOT-FOR-US: vBulletin not in Debian
-CVE-2012-3843
+CVE-2012-3843 (Cross-site scripting (XSS) vulnerability in the registration page in e ...)
 	NOT-FOR-US: e107 not in Debian
-CVE-2012-3842
+CVE-2012-3842 (Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in J ...)
 	NOT-FOR-US: DirectAdmin not in Debian
-CVE-2012-3841
+CVE-2012-3841 (Untrusted search path vulnerability in KMPlayer 3.2.0.19 allows local  ...)
 	NOT-FOR-US: KMPlayer not in Debian (not the KDE interface to mplayer)
-CVE-2012-3840
+CVE-2012-3840 (Multiple cross-site scripting (XSS) vulnerabilities in index.php/users ...)
 	NOT-FOR-US: MyClientBase not in Debian
-CVE-2012-3839
+CVE-2012-3839 (Multiple SQL injection vulnerabilities in application/core/MY_Model.ph ...)
 	NOT-FOR-US: MyClientBase not in Debian
-CVE-2012-3838
+CVE-2012-3838 (Gekko before 1.2.0 allows remote attackers to obtain the installation  ...)
 	NOT-FOR-US: Baby Gekko not in Debian
-CVE-2012-3837
+CVE-2012-3837 (Multiple cross-site scripting (XSS) vulnerabilities in apps/users/regi ...)
 	NOT-FOR-US: Baby Gekko not in Debian
-CVE-2012-3836
+CVE-2012-3836 (Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko befo ...)
 	NOT-FOR-US: Baby Gekko not in Debian
-CVE-2012-3835
+CVE-2012-3835 (Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open ...)
 	NOT-FOR-US: OSSIM not in Debian (different from Open Source Software Image Map)
-CVE-2012-3834
+CVE-2012-3834 (SQL injection vulnerability in forensics/base_qry_main.php in AlienVau ...)
 	NOT-FOR-US: OSSIM not in Debian (different from Open Source Software Image Map)
-CVE-2012-3833
+CVE-2012-3833 (Cross-site scripting (XSS) vulnerability in the default index page in  ...)
 	NOT-FOR-US: Quick.CMS not in Debian
-CVE-2012-3832
+CVE-2012-3832 (Cross-site scripting (XSS) vulnerability in decoda/Decoda.php in Decod ...)
 	NOT-FOR-US: Decoda not in Debian
-CVE-2012-3831
+CVE-2012-3831 (Cross-site scripting (XSS) vulnerability in decoda/templates/video.php ...)
 	NOT-FOR-US: Decoda not in Debian
-CVE-2012-3830
+CVE-2012-3830 (Cross-site scripting (XSS) vulnerability in decoda/templates/video.php ...)
 	NOT-FOR-US: Decoda not in Debian
-CVE-2012-3829
+CVE-2012-3829 (Joomla! 2.5.3 allows remote attackers to obtain the installation path  ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-3828
+CVE-2012-3828 (Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows remot ...)
 	NOT-FOR-US: Joomla!
 CVE-2012-3827
 	RESERVED
-CVE-2012-3826
+CVE-2012-3826 (Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x ...)
 	- wireshark 1.6.8-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (vulnerable code appeared in 1.4/1.6)
 	NOTE: not suitable for code injection
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125
 	NOTE: leftover of CVE-2012-2392
-CVE-2012-3825
+CVE-2012-3825 (Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x  ...)
 	- wireshark 1.6.8-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (vulnerable code appeared in 1.4/1.6)
 	NOTE: not suitable for code injection
@@ -7255,36 +7255,36 @@ CVE-2012-3822
 	RESERVED
 CVE-2012-3821
 	RESERVED
-CVE-2012-3820
+CVE-2012-3820 (Multiple SQL injection vulnerabilities in Campaign11.exe in Arial Soft ...)
 	NOT-FOR-US: Arial Software Campaign Enterprise
-CVE-2012-3819
+CVE-2012-3819 (Stack consumption vulnerability in dartwebserver.dll 1.9 and earlier,  ...)
 	NOT-FOR-US: dartwebserver.dll
-CVE-2012-3818
+CVE-2012-3818 (The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the versi ...)
 	- revelation 0.4.13-1.2 (bug #680059)
 	[squeeze] - revelation <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3818
 	NOTE: http://knoxin.blogspot.co.uk/2012/06/revelation-password-manager-considered.html
 	NOTE: http://als.regnet.cz/fpm2/feedback/2
-CVE-2012-3817
+CVE-2012-3817 (ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before  ...)
 	{DSA-2517-1}
 	- bind9 1:9.8.1.dfsg.P1-4.2 (bug #683259)
 	- isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
 	NOTE: https://kb.isc.org/article/AA-00729
 CVE-2012-XXXX [packagekit insecure temp file]
 	- packagekit 0.7.6-1 (bug #678189)
-CVE-2012-3816
+CVE-2012-3816 (WinRadius Server 2009 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: WinRadius
-CVE-2012-3815
+CVE-2012-3815 (Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA befo ...)
 	NOT-FOR-US: Sielco Sistemi Winlog
-CVE-2012-3814
+CVE-2012-3814 (Unrestricted file upload vulnerability in font-upload.php in the Font  ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2012-3813
 	RESERVED
-CVE-2012-3812
+CVE-2012-3812 (Double free vulnerability in apps/app_voicemail.c in Asterisk Open Sou ...)
 	{DSA-2550-1}
 	- asterisk 1:1.8.13.1~dfsg-1 (bug #680470)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2012-3811
+CVE-2012-3811 (Unrestricted file upload vulnerability in ImageUpload.ashx in the Wall ...)
 	NOT-FOR-US: Avaya IP Office Customer Call Reporter
 CVE-2012-3810
 	RESERVED
@@ -7296,39 +7296,39 @@ CVE-2012-3807
 	RESERVED
 CVE-2012-3806
 	RESERVED
-CVE-2012-3805
+CVE-2012-3805 (Multiple cross-site scripting (XSS) vulnerabilities in the getAllPasse ...)
 	NOT-FOR-US: Kajona
 CVE-2012-3804
 	RESERVED
 CVE-2012-3803
 	RESERVED
-CVE-2012-3802
+CVE-2012-3802 (Unspecified vulnerability in the Post Affiliate Pro (PAP) module for D ...)
 	NOT-FOR-US: Drupal module
 CVE-2012-3801
 	REJECTED
-CVE-2012-3800
+CVE-2012-3800 (Cross-site scripting (XSS) vulnerability in og.js in the Organic Group ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-3799
+CVE-2012-3799 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Maes ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-3798
+CVE-2012-3798 (The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creati ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-3797
+CVE-2012-3797 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro- ...)
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3796
+CVE-2012-3796 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro- ...)
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3795
+CVE-2012-3795 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro- ...)
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3794
+CVE-2012-3794 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro- ...)
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3793
+CVE-2012-3793 (Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and  ...)
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3792
+CVE-2012-3792 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro- ...)
 	NOT-FOR-US: Pro-face WinGP PC Runtime
-CVE-2012-3791
+CVE-2012-3791 (Multiple SQL injection vulnerabilities in Simple Web Content Managemen ...)
 	NOT-FOR-US: Simple Web Content Management System
-CVE-2012-3790
+CVE-2012-3790 (Cross-site scripting (XSS) vulnerability in index.php in Adiscon LogAn ...)
 	NOT-FOR-US: Adiscon LogAnalyzer
-CVE-2012-3789
+CVE-2012-3789 (Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3,  ...)
 	- bitcoin 0.5.0~rc1-1
 CVE-2012-3788
 	RESERVED
@@ -7390,451 +7390,451 @@ CVE-2012-3760
 	RESERVED
 CVE-2012-3759
 	RESERVED
-CVE-2012-3758
+CVE-2012-3758 (Buffer overflow in Apple QuickTime before 7.7.3 allows remote attacker ...)
 	NOT-FOR-US: QuickTime
-CVE-2012-3757
+CVE-2012-3757 (Apple QuickTime before 7.7.3 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: QuickTime
-CVE-2012-3756
+CVE-2012-3756 (Buffer overflow in Apple QuickTime before 7.7.3 allows remote attacker ...)
 	NOT-FOR-US: QuickTime
-CVE-2012-3755
+CVE-2012-3755 (Buffer overflow in Apple QuickTime before 7.7.3 allows remote attacker ...)
 	NOT-FOR-US: QuickTime
-CVE-2012-3754
+CVE-2012-3754 (Use-after-free vulnerability in the Clear method in the ActiveX contro ...)
 	NOT-FOR-US: QuickTime
-CVE-2012-3753
+CVE-2012-3753 (Buffer overflow in the plugin in Apple QuickTime before 7.7.3 allows r ...)
 	NOT-FOR-US: QuickTime
-CVE-2012-3752
+CVE-2012-3752 (Multiple buffer overflows in Apple QuickTime before 7.7.3 allow remote ...)
 	NOT-FOR-US: QuickTime
-CVE-2012-3751
+CVE-2012-3751 (Use-after-free vulnerability in the plugin in Apple QuickTime before 7 ...)
 	NOT-FOR-US: QuickTime
-CVE-2012-3750
+CVE-2012-3750 (The Passcode Lock implementation in Apple iOS before 6.0.1 does not pr ...)
 	NOT-FOR-US: iOS
-CVE-2012-3749
+CVE-2012-3749 (The extensions APIs in the kernel in Apple iOS before 6.0.1 provide ke ...)
 	NOT-FOR-US: iOS
-CVE-2012-3748
+CVE-2012-3748 (Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6 ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3747
+CVE-2012-3747 (WebKit, as used in Apple iOS before 6, allows remote attackers to exec ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3746
+CVE-2012-3746 (UIWebView in UIKit in Apple iOS before 6 does not properly use the Dat ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3745
+CVE-2012-3745 (Off-by-one error in Telephony in Apple iOS before 6 allows remote atta ...)
 	NOT-FOR-US: Telephony in Apple iOS
-CVE-2012-3744
+CVE-2012-3744 (Telephony in Apple iOS before 6 uses an SMS message's return address a ...)
 	NOT-FOR-US: Telephony in Apple iOS
-CVE-2012-3743
+CVE-2012-3743 (The System Logs implementation in Apple iOS before 6 does not restrict ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3742
+CVE-2012-3742 (Safari in Apple iOS before 6 does not properly restrict use of an unsp ...)
 	NOT-FOR-US: Apple Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3741
+CVE-2012-3741 (The Restrictions (aka Parental Controls) implementation in Apple iOS b ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3740
+CVE-2012-3740 (The Passcode Lock implementation in Apple iOS before 6 does not proper ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3739
+CVE-2012-3739 (The Passcode Lock implementation in Apple iOS before 6 allows physical ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3738
+CVE-2012-3738 (The Emergency Dialer screen in the Passcode Lock implementation in App ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3737
+CVE-2012-3737 (The Passcode Lock implementation in Apple iOS before 6 does not proper ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3736
+CVE-2012-3736 (The Passcode Lock implementation in Apple iOS before 6 allows physical ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3735
+CVE-2012-3735 (The Passcode Lock implementation in Apple iOS before 6 does not proper ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3734
+CVE-2012-3734 (Office Viewer in Apple iOS before 6 writes cleartext document data to  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3733
+CVE-2012-3733 (Messages in Apple iOS before 6, when multiple iMessage e-mail addresse ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3732
+CVE-2012-3732 (Mail in Apple iOS before 6 uses an S/MIME message's From address as th ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3731
+CVE-2012-3731 (Mail in Apple iOS before 6 does not properly implement the Data Protec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3730
+CVE-2012-3730 (Mail in Apple iOS before 6 does not properly handle reuse of Content-I ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3729
+CVE-2012-3729 (The Berkeley Packet Filter (BPF) interpreter implementation in the ker ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3728
+CVE-2012-3728 (The kernel in Apple iOS before 6 dereferences invalid pointers during  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3727
+CVE-2012-3727 (Buffer overflow in the IPsec component in Apple iOS before 6 allows re ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3726
+CVE-2012-3726 (Double free vulnerability in ImageIO in Apple iOS before 6 allows remo ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3725
+CVE-2012-3725 (The DNAv4 protocol implementation in the DHCP component in Apple iOS b ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3724
+CVE-2012-3724 (CFNetwork in Apple iOS before 6 does not properly identify the host po ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-3723
+CVE-2012-3723 (Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts fi ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-3722
+CVE-2012-3722 (The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and i ...)
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2012-3721
+CVE-2012-3721 (Profile Manager in Apple Mac OS X before 10.7.5 does not properly perf ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-3720
+CVE-2012-3720 (Mobile Accounts in Apple Mac OS X before 10.7.5 and 10.8.x before 10.8 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-3719
+CVE-2012-3719 (Mail in Apple Mac OS X before 10.7.5 does not properly handle embedded ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-3718
+CVE-2012-3718 (Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local use ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2012-3717
 	RESERVED
-CVE-2012-3716
+CVE-2012-3716 (CoreText in Apple Mac OS X 10.7.x before 10.7.5 allows remote attacker ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-3715
+CVE-2012-3715 (Apple Safari before 6.0.1 makes http requests for https URIs in certai ...)
 	NOT-FOR-US: Apple Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3714
+CVE-2012-3714 (The Form Autofill feature in Apple Safari before 6.0.1 does not restri ...)
 	NOT-FOR-US: Apple Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3713
+CVE-2012-3713 (Apple Safari before 6.0.1 does not properly handle the Quarantine attr ...)
 	NOT-FOR-US: Apple Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3712
+CVE-2012-3712 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3711
+CVE-2012-3711 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3710
+CVE-2012-3710 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3709
+CVE-2012-3709 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3708
+CVE-2012-3708 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3707
+CVE-2012-3707 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3706
+CVE-2012-3706 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3705
+CVE-2012-3705 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3704
+CVE-2012-3704 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3703
+CVE-2012-3703 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3702
+CVE-2012-3702 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3701
+CVE-2012-3701 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3700
+CVE-2012-3700 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3699
+CVE-2012-3699 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3698
+CVE-2012-3698 (Apple Xcode before 4.4 does not properly compose a designated requirem ...)
 	NOT-FOR-US: Apple Xcode
-CVE-2012-3697
+CVE-2012-3697 (WebKit in Apple Safari before 6.0 does not properly handle file: URLs, ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3696
+CVE-2012-3696 (CRLF injection vulnerability in WebKit in Apple Safari before 6.0 allo ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3695
+CVE-2012-3695 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3694
+CVE-2012-3694 (WebKit in Apple Safari before 6.0 does not properly handle drag-and-dr ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3693
+CVE-2012-3693 (Incomplete blacklist vulnerability in WebKit in Apple Safari before 6. ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3692
+CVE-2012-3692 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3691
+CVE-2012-3691 (WebKit in Apple Safari before 6.0 does not properly handle Cascading S ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3690
+CVE-2012-3690 (WebKit in Apple Safari before 6.0 does not properly handle drag-and-dr ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3689
+CVE-2012-3689 (WebKit in Apple Safari before 6.0 does not properly handle drag-and-dr ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3688
+CVE-2012-3688 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3687
+CVE-2012-3687 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3686
+CVE-2012-3686 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3685
+CVE-2012-3685 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3684
+CVE-2012-3684 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3683
+CVE-2012-3683 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3682
+CVE-2012-3682 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3681
+CVE-2012-3681 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3680
+CVE-2012-3680 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3679
+CVE-2012-3679 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3678
+CVE-2012-3678 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3677
+CVE-2012-3677 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3676
+CVE-2012-3676 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3675
+CVE-2012-3675 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3674
+CVE-2012-3674 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3673
+CVE-2012-3673 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3672
+CVE-2012-3672 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3671
+CVE-2012-3671 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3670
+CVE-2012-3670 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3669
+CVE-2012-3669 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3668
+CVE-2012-3668 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3667
+CVE-2012-3667 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3666
+CVE-2012-3666 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3665
+CVE-2012-3665 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3664
+CVE-2012-3664 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3663
+CVE-2012-3663 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3662
 	RESERVED
-CVE-2012-3661
+CVE-2012-3661 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3660
+CVE-2012-3660 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3659
+CVE-2012-3659 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3658
+CVE-2012-3658 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3657
+CVE-2012-3657 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3656
+CVE-2012-3656 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3655
+CVE-2012-3655 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3654
+CVE-2012-3654 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3653
+CVE-2012-3653 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3652
+CVE-2012-3652 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3651
+CVE-2012-3651 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3650
+CVE-2012-3650 (WebKit in Apple Safari before 6.0 accesses uninitialized memory locati ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3649
+CVE-2012-3649 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3648
+CVE-2012-3648 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3647
+CVE-2012-3647 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3646
+CVE-2012-3646 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3645
+CVE-2012-3645 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3644
+CVE-2012-3644 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3643
+CVE-2012-3643 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3642
+CVE-2012-3642 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3641
+CVE-2012-3641 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3640
+CVE-2012-3640 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3639
+CVE-2012-3639 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3638
+CVE-2012-3638 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3637
+CVE-2012-3637 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3636
+CVE-2012-3636 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3635
+CVE-2012-3635 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3634
+CVE-2012-3634 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3633
+CVE-2012-3633 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3632
+CVE-2012-3632 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3631
+CVE-2012-3631 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3630
+CVE-2012-3630 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3629
+CVE-2012-3629 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3628
+CVE-2012-3628 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3627
+CVE-2012-3627 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3626
+CVE-2012-3626 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3625
+CVE-2012-3625 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3624
+CVE-2012-3624 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3623
+CVE-2012-3623 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3622
+CVE-2012-3622 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3621
+CVE-2012-3621 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3620
+CVE-2012-3620 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3619
 	RESERVED
-CVE-2012-3618
+CVE-2012-3618 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3617
+CVE-2012-3617 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3616
+CVE-2012-3616 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3615
+CVE-2012-3615 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3614
+CVE-2012-3614 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3613
+CVE-2012-3613 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3612
+CVE-2012-3612 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3611
+CVE-2012-3611 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3610
+CVE-2012-3610 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3609
+CVE-2012-3609 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3608
+CVE-2012-3608 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3607
+CVE-2012-3607 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3606
+CVE-2012-3606 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3605
+CVE-2012-3605 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3604
+CVE-2012-3604 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3603
+CVE-2012-3603 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3602
+CVE-2012-3602 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3601
+CVE-2012-3601 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3600
+CVE-2012-3600 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3599
+CVE-2012-3599 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3598
+CVE-2012-3598 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers t ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3597
+CVE-2012-3597 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3596
+CVE-2012-3596 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3595
+CVE-2012-3595 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3594
+CVE-2012-3594 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3593
+CVE-2012-3593 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3592
+CVE-2012-3592 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3591
+CVE-2012-3591 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3590
+CVE-2012-3590 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3589
+CVE-2012-3589 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple iTunes / Safari; if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-3588
+CVE-2012-3588 (Directory traversal vulnerability in preview.php in the Plugin Newslet ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-3587
+CVE-2012-3587 (APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-ke ...)
 	- apt 0.7.25 (unimportant)
 	NOTE: net-update is disabled by default on Debian
 CVE-2012-3586
 	RESERVED
-CVE-2012-3585
+CVE-2012-3585 (Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plu ...)
 	NOT-FOR-US: IrfanView PlugIns
 CVE-2012-3584
 	RESERVED
 CVE-2012-3583
 	REJECTED
-CVE-2012-3582
+CVE-2012-3582 (Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly ...)
 	NOT-FOR-US: Symantec PGP Universal Server
-CVE-2012-3581
+CVE-2012-3581 (Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers t ...)
 	NOT-FOR-US: Symantec Messaging Gateway
-CVE-2012-3580
+CVE-2012-3580 (Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticat ...)
 	NOT-FOR-US: Symantec Messaging Gateway
-CVE-2012-3579
+CVE-2012-3579 (Symantec Messaging Gateway (SMG) before 10.0 has a default password fo ...)
 	NOT-FOR-US: Symantec Messaging Gateway
-CVE-2012-3578
+CVE-2012-3578 (Unrestricted file upload vulnerability in html/Upload.php in the FCCha ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-3577
+CVE-2012-3577 (Unrestricted file upload vulnerability in doupload.php in the Nmedia M ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-3576
+CVE-2012-3576 (Unrestricted file upload vulnerability in php/upload.php in the wpStor ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-3575
+CVE-2012-3575 (Unrestricted file upload vulnerability in uploader.php in the RBX Gall ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-3574
+CVE-2012-3574 (Unrestricted file upload vulnerability in includes/doajaxfileupload.ph ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2012-3573
 	REJECTED
-CVE-2012-3572
+CVE-2012-3572 (Open Source Competency Center (OSCC) MyMeeting 3.0.1 and earlier, and  ...)
 	NOT-FOR-US: Open Source Competency Center (OSCC) MyMeeting
-CVE-2012-3571
+CVE-2012-3571 (ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remo ...)
 	{DSA-2519-2 DSA-2519-1 DSA-2516-1}
 	- isc-dhcp 4.2.4-2 (bug #686174)
 	[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u1
-CVE-2012-3570
+CVE-2012-3570 (Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is ...)
 	- isc-dhcp 4.2.4-2 (bug #686174)
 	[squeeze] - isc-dhcp <not-affected> (Vulnerable code not present)
 	[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u1
-CVE-2012-3569
+CVE-2012-3569 (Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used ...)
 	NOT-FOR-US: VMware OVF Tool
-CVE-2012-3568
+CVE-2012-3568 (Opera before 12.00 Beta allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Opera
-CVE-2012-3567
+CVE-2012-3567 (Opera before 12.00 Beta allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Opera
-CVE-2012-3566
+CVE-2012-3566 (Opera before 12.00 Beta allows user-assisted remote attackers to cause ...)
 	NOT-FOR-US: Opera
-CVE-2012-3565
+CVE-2012-3565 (Opera before 12.00 Beta allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Opera
-CVE-2012-3564
+CVE-2012-3564 (Opera before 12.00 Beta allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Opera
-CVE-2012-3563
+CVE-2012-3563 (Opera before 12.00 Beta allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Opera
-CVE-2012-3562
+CVE-2012-3562 (Opera before 12.00 Beta allows user-assisted remote attackers to cause ...)
 	NOT-FOR-US: Opera
-CVE-2012-3561
+CVE-2012-3561 (Opera before 11.64 does not properly allocate memory for URL strings,  ...)
 	NOT-FOR-US: Opera
-CVE-2012-3560
+CVE-2012-3560 (Opera before 11.65 does not ensure that the address field corresponds  ...)
 	NOT-FOR-US: Opera
-CVE-2012-3559
+CVE-2012-3559 (Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknow ...)
 	NOT-FOR-US: Opera
-CVE-2012-3558
+CVE-2012-3558 (Opera before 11.65 does not ensure that the address field corresponds  ...)
 	NOT-FOR-US: Opera
-CVE-2012-3557
+CVE-2012-3557 (Opera before 11.65 does not properly restrict the reading of JSON stri ...)
 	NOT-FOR-US: Opera
-CVE-2012-3556
+CVE-2012-3556 (Opera before 11.65 does not properly restrict the opening of a pop-up  ...)
 	NOT-FOR-US: Opera
-CVE-2012-3555
+CVE-2012-3555 (Opera before 11.65 does not ensure that keyboard sequences are associa ...)
 	NOT-FOR-US: Opera
-CVE-2012-3554
+CVE-2012-3554 (SQL injection vulnerability in the RSGallery2 (com_rsgallery2) compone ...)
 	NOT-FOR-US: Joomla addon
-CVE-2012-3552
+CVE-2012-3552 (Race condition in the IP implementation in the Linux kernel before 3.0 ...)
 	{DSA-2668-1}
 	- linux 3.0-1
 	- linux-2.6 <removed>
-CVE-2012-3551
+CVE-2012-3551 (Cross-site scripting (XSS) vulnerability in crowbar_framework/app/view ...)
 	NOT-FOR-US: Crowbar
 CVE-2012-3550
 	REJECTED
-CVE-2012-3549
+CVE-2012-3549 (The SCTP implementation in FreeBSD 8.2 allows remote attackers to caus ...)
 	- kfreebsd-8 8.3-5 (bug #686961)
 	[squeeze] - kfreebsd-8 <no-dsa> (Minor issue)
 	- kfreebsd-9 9.0-7 (bug #686962)
 	- kfreebsd-10 10.0~svn242489-1 (bug #686963)
 	NOTE: http://www.exploit-db.com/exploits/20226/
-CVE-2012-3548
+CVE-2012-3548 (The dissect_drda function in epan/dissectors/packet-drda.c in Wireshar ...)
 	- wireshark 1.8.2-2 (unimportant; bug #686225)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: Doesn't allow code injection
 	NOTE: debian changelog contains CVE-2012-5239, but this was rejected in favour of CVE-2012-3548
-CVE-2012-3547
+CVE-2012-3547 (Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS ...)
 	{DSA-2546-1}
 	- freeradius 2.1.12+dfsg-1.1 (medium; bug #687175)
-CVE-2012-3546
+CVE-2012-3546 (org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6 ...)
 	- tomcat7 7.0.28-4 (bug #695251)
 	- tomcat6 6.0.35-6 (bug #695250)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
 CVE-2012-3545
 	REJECTED
-CVE-2012-3544
+CVE-2012-3544 (Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properl ...)
 	{DSA-2897-1 DSA-2725-1}
 	- tomcat6 6.0.37
 	- tomcat7 7.0.30
@@ -7842,52 +7842,52 @@ CVE-2012-3543
 	RESERVED
 	- mono 2.10.8.1-7 (bug #686562)
 	[squeeze] - mono <no-dsa> (Minor issue)
-CVE-2012-3542
+CVE-2012-3542 (OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and  ...)
 	- keystone 2012.1.1-5
 CVE-2012-3541
 	REJECTED
-CVE-2012-3540
+CVE-2012-3540 (Open redirect vulnerability in views/auth_forms.py in OpenStack Dashbo ...)
 	- horizon 2012.1.1-4 (bug #686050)
 CVE-2012-3539
 	REJECTED
-CVE-2012-3538
+CVE-2012-3538 (Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2012-3537
+CVE-2012-3537 (The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/cro ...)
 	NOT-FOR-US: crowbar ohai plugin
 	NOTE: https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87
-CVE-2012-3536
+CVE-2012-3536 (Two XSS vulnerabilities were fixed in message list and view in the Hup ...)
 	NOT-FOR-US: Apache James
-CVE-2012-3535
+CVE-2012-3535 (Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote ...)
 	{DSA-2629-1}
 	- openjpeg 1.3+dfsg-4.6 (bug #685970)
-CVE-2012-3534
+CVE-2012-3534 (GNU Gatekeeper before 3.1 does not limit the number of connections to  ...)
 	- gnugk 2:3.0.2-3 (low; bug #685969)
 	[squeeze] - gnugk <no-dsa> (Minor issue)
-CVE-2012-3533
+CVE-2012-3533 (The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 doe ...)
 	NOT-FOR-US: ovirt
-CVE-2012-3532
+CVE-2012-3532 (Cross-site request forgery (CSRF) vulnerability in the GateIn Portal c ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-3531
+CVE-2012-3531 (Cross-site scripting (XSS) vulnerability in the Install Tool in TYPO3  ...)
 	{DSA-2537-1}
 	- typo3-src 4.5.19+dfsg1-1 (bug #685011)
-CVE-2012-3530
+CVE-2012-3530 (Incomplete blacklist vulnerability in the t3lib_div::quoteJSvalue API  ...)
 	{DSA-2537-1}
 	- typo3-src 4.5.19+dfsg1-1 (bug #685011)
-CVE-2012-3529
+CVE-2012-3529 (The configuration module in the backend in TYPO3 4.5.x before 4.5.19,  ...)
 	{DSA-2537-1}
 	- typo3-src 4.5.19+dfsg1-1 (bug #685011)
-CVE-2012-3528
+CVE-2012-3528 (Multiple cross-site scripting (XSS) vulnerabilities in the backend in  ...)
 	{DSA-2537-1}
 	- typo3-src 4.5.19+dfsg1-1 (bug #685011)
-CVE-2012-3527
+CVE-2012-3527 (view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, ...)
 	{DSA-2537-1}
 	- typo3-src 4.5.19+dfsg1-1 (bug #685011)
-CVE-2012-3526
+CVE-2012-3526 (The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Ap ...)
 	{DSA-2532-1}
 	- libapache2-mod-rpaf 0.6-1 (bug #683984)
-CVE-2012-3525
+CVE-2012-3525 (s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a reques ...)
 	- jabberd2 2.2.17-1 (bug #685666)
-CVE-2012-3524
+CVE-2012-3524 (libdbus 1.5.x and earlier, when used in setuid or other privileged pro ...)
 	- dbus 1.6.8-1 (bug #689070)
 	[squeeze] - dbus 1.2.24-4+squeeze2
 	- glib2.0 2.33.12+really2.32.4-2
@@ -7896,366 +7896,366 @@ CVE-2012-3524
 	NOTE: http://www.openwall.com/lists/oss-security/2012/09/12/6
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=697105
 	NOTE: http://stealth.openwall.net/null/dzug.c
-CVE-2012-3523
+CVE-2012-3523 (The STARTTLS implementation in nnrpd in INN before 2.5.3 does not prop ...)
 	- inn <not-affected> (STARTTLS was introduced in 2.3, see bug #685581)
 	- inn2 2.5.3-1 (low; bug #685581)
 	[squeeze] - inn2 <no-dsa> (Minor issue)
-CVE-2012-3522
+CVE-2012-3522 (Cross-site scripting (XSS) vulnerability in contrib/langwiz.php in GeS ...)
 	- geshi <not-affected> (Vulnerable code not present, see bug #685323)
 	[squeeze] - geshi <no-dsa> (shipped as example/.gz)
-CVE-2012-3521
+CVE-2012-3521 (Multiple directory traversal vulnerabilities in the cssgen contrib mod ...)
 	- geshi 1.0.8.4-2 (bug #685324)
 	[squeeze] - geshi 1.0.8.4-1+squeeze1
-CVE-2012-3520
+CVE-2012-3520 (The Netlink implementation in the Linux kernel before 3.2.30 does not  ...)
 	- linux 3.2.29-1
 	- linux-2.6 <not-affected> (Introduced in 3.1)
-CVE-2012-3519
+CVE-2012-3519 (routerlist.c in Tor before 0.2.2.38 uses a different amount of time fo ...)
 	{DSA-2548-1}
 	- tor 0.2.3.20-rc-1 (low)
-CVE-2012-3518
+CVE-2012-3518 (The networkstatus_parse_vote_from_string function in routerparse.c in  ...)
 	{DSA-2548-1}
 	- tor 0.2.3.20-rc-1 (low)
-CVE-2012-3517
+CVE-2012-3517 (Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might all ...)
 	{DLA-17-1}
 	- tor 0.2.3.20-rc-1 (low)
 	[squeeze] - tor 0.2.4.23-1~deb6u1
-CVE-2012-3516
+CVE-2012-3516 (The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall ...)
 	- xen <not-affected> (Only affects >= 4.2)
-CVE-2012-3515
+CVE-2012-3515 (Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulat ...)
 	{DSA-2545-1 DSA-2543-1 DSA-2542-1}
 	- xen 4.1.3-2 (bug #686764)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
 	- xen-qemu-dm-4.0 <removed>
 	- qemu 1.1.2+dfsg-1
 	- qemu-kvm 1.1.2+dfsg-1
-CVE-2012-3514
+CVE-2012-3514 (OCaml Xml-Light Library before r234 computes hash values without restr ...)
 	- xml-light 2.2-15 (low; bug #685584)
 	[squeeze] - xml-light <no-dsa> (Minor issue)
-CVE-2012-3513
+CVE-2012-3513 (munin-cgi-graph in Munin before 2.0.6, when running as a CGI module un ...)
 	- munin 2.0.6-1 (bug #684076)
 	[squeeze] - munin <not-affected> (vulnerable code introduced in 2.x)
 	NOTE: http://www.munin-monitoring.org/ticket/1238
-CVE-2012-3512
+CVE-2012-3512 (Munin before 2.0.6 stores plugin state files that run as root in the s ...)
 	{DLA-20-1}
 	- munin 2.0.6-1 (bug #684075)
 	[squeeze] - munin 1.4.5-3+deb6u1
 	NOTE: http://www.munin-monitoring.org/ticket/1234
-CVE-2012-3511
+CVE-2012-3511 (Multiple race conditions in the madvise_remove function in mm/madvise. ...)
 	- linux 3.2.23-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-47
-CVE-2012-3510
+CVE-2012-3510 (Use-after-free vulnerability in the xacct_add_tsk function in kernel/t ...)
 	- linux 2.6.20-1
 	- linux-2.6 2.6.20-1
-CVE-2012-3509
+CVE-2012-3509 (Multiple integer overflows in the (1) _objalloc_alloc function in obja ...)
 	{DLA-324-1}
 	- binutils 2.22-8 (low; bug #688951)
-CVE-2012-4668
+CVE-2012-4668 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail 0.8.1 an ...)
 	- roundcube 0.7.2-4 (bug #685475)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.roundcube.net/ticket/1488613
-CVE-2012-3508
+CVE-2012-3508 (Cross-site scripting (XSS) vulnerability in program/lib/washtml.php in ...)
 	- roundcube 0.7.2-4 (bug #685475)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.roundcube.net/ticket/1488613
-CVE-2012-3507
+CVE-2012-3507 (Cross-site scripting (XSS) vulnerability in program/steps/mail/func.in ...)
 	- roundcube <not-affected> (only affects rc versions of 0.8)
 	NOTE: http://trac.roundcube.net/ticket/1488519
-CVE-2012-3506
+CVE-2012-3506 (Unspecified vulnerability in the Apache Open For Business Project (aka ...)
 	NOT-FOR-US: OFBiz
-CVE-2012-3505
+CVE-2012-3505 (Tinyproxy 1.8.3 and earlier allows remote attackers to cause a denial  ...)
 	{DSA-2564-1}
 	- tinyproxy 1.8.3-3 (bug #685281)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/tinyproxy/+bug/1036985
-CVE-2012-3504
+CVE-2012-3504 (The nssconfigFound function in genkey.pl in crypto-utils 2.4.1-34 allo ...)
 	NOT-FOR-US: genkey script from Red Hat, not present in Debian
-CVE-2012-3503
+CVE-2012-3503 (The installation script in Katello 1.0 and earlier does not properly g ...)
 	NOT-FOR-US: Katello
-CVE-2012-3502
+CVE-2012-3502 (The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp mo ...)
 	- apache2 <not-affected> (Only affects 2.4 from experimental)
 	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=53727
-CVE-2012-3501
+CVE-2012-3501 (The squidclamav_check_preview_handler function in squidclamav.c in Squ ...)
 	- squidclamav <removed> (bug #685398)
-CVE-2012-3500
+CVE-2012-3500 (scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpm ...)
 	{DSA-2549-1}
 	- devscripts 2.12.2
-CVE-2012-3499
+CVE-2012-3499 (Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP ...)
 	{DSA-2637-1}
 	- apache2 2.2.22-13 (low)
-CVE-2012-3498
+CVE-2012-3498 (PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and e ...)
 	- xen 4.1.3-2 (bug #686764)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
-CVE-2012-3497
+CVE-2012-3497 ((1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) T ...)
 	- xen 4.1.4-1 (unimportant; bug #686764)
 	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
 	NOTE: TMEM not supported for production systems (technology preview)
-CVE-2012-3496
+CVE-2012-3496 (XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer ...)
 	{DSA-2544-1}
 	- xen 4.1.3-2 (bug #686764)
-CVE-2012-3495
+CVE-2012-3495 (The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x ...)
 	- xen 4.1.3-2 (bug #686764)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
-CVE-2012-3494
+CVE-2012-3494 (The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4 ...)
 	{DSA-2544-1}
 	- xen 4.1.3-2 (bug #686764)
-CVE-2012-3493
+CVE-2012-3493 (The command_give_request_ad function in condor_startd.V6/command.cpp C ...)
 	- condor 7.8.2~dfsg.1-1+deb7u1 (bug #688210)
-CVE-2012-3492
+CVE-2012-3492 (The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor ...)
 	- condor 7.8.2~dfsg.1-1+deb7u1 (bug #688210)
-CVE-2012-3491
+CVE-2012-3491 (src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8. ...)
 	- condor 7.8.2~dfsg.1-1+deb7u1 (bug #688210)
 CVE-2012-3490
 	RESERVED
 	- condor 7.8.2~dfsg.1-1+deb7u1 (bug #688210)
-CVE-2012-3489
+CVE-2012-3489 (The xml_parse function in the libxml2 support in the core server compo ...)
 	{DSA-2534-1}
 	- postgresql-9.1 9.1.5-1
 	- postgresql-8.4 8.4.12-2
-CVE-2012-3488
+CVE-2012-3488 (The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8 ...)
 	{DSA-2534-1}
 	- postgresql-9.1 9.1.5-1
 	- postgresql-8.4 8.4.12-2
-CVE-2012-3487
+CVE-2012-3487 (Race condition in Tunnelblick 3.3beta20 and earlier allows local users ...)
 	NOT-FOR-US: Tunnelblick
-CVE-2012-3486
+CVE-2012-3486 (Tunnelblick 3.3beta20 and earlier allows local users to gain privilege ...)
 	NOT-FOR-US: Tunnelblick
-CVE-2012-3485
+CVE-2012-3485 (Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the n ...)
 	NOT-FOR-US: Tunnelblick
-CVE-2012-3484
+CVE-2012-3484 (Tunnelblick 3.3beta20 and earlier relies on a test for specific owners ...)
 	NOT-FOR-US: Tunnelblick
-CVE-2012-3483
+CVE-2012-3483 (Race condition in the runScript function in Tunnelblick 3.3beta20 and  ...)
 	NOT-FOR-US: Tunnelblick
-CVE-2012-3482
+CVE-2012-3482 (Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debu ...)
 	- fetchmail 6.3.22-1 (low)
 	[wheezy] - fetchmail <no-dsa> (Minor issue)
 	[squeeze] - fetchmail <no-dsa> (Minor issue)
-CVE-2012-3481
+CVE-2012-3481 (Integer overflow in the ReadImage function in plug-ins/common/file-gif ...)
 	- gimp 2.8.2-1 (bug #685397)
 	[squeeze] - gimp 2.6.10-1+squeeze4
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/20/8
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=776572
-CVE-2012-3480
+CVE-2012-3480 (Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, ...)
 	{DLA-165-1}
 	- eglibc 2.13-36 (bug #684889)
 	- glibc 2.13-36
-CVE-2012-3479
+CVE-2012-3479 (lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically execut ...)
 	{DSA-2603-1}
 	- emacs23 23.4+1-4 (bug #684695)
 	- emacs24 24.2+1-1 (bug #684694)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/13/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/13/2
-CVE-2012-3478
+CVE-2012-3478 (rssh 2.3.3 and earlier allows local users to bypass intended restricte ...)
 	{DSA-2530-1}
 	- rssh 2.3.3-5
-CVE-2012-3477
+CVE-2012-3477 (SQL injection vulnerability in signup_check.php in NeoInvoice allows r ...)
 	NOT-FOR-US: Neoinvoice
-CVE-2012-3476
+CVE-2012-3476 (Multiple cross-site scripting (XSS) vulnerabilities in (1) application ...)
 	NOT-FOR-US: Ushahidi
-CVE-2012-3475
+CVE-2012-3475 (The installer in the Ushahidi Platform before 2.5 omits certain calls  ...)
 	NOT-FOR-US: Ushahidi
-CVE-2012-3474
+CVE-2012-3474 (The comments API in application/libraries/api/MY_Comments_Api_Object.p ...)
 	NOT-FOR-US: Ushahidi
-CVE-2012-3473
+CVE-2012-3473 (The (1) reports API and (2) administration feature in the comments API ...)
 	NOT-FOR-US: Ushahidi
-CVE-2012-3472
+CVE-2012-3472 (The email API in application/libraries/api/MY_Email_Api_Object.php in  ...)
 	NOT-FOR-US: Ushahidi
-CVE-2012-3471
+CVE-2012-3471 (Multiple SQL injection vulnerabilities in the edit functions in (1) ap ...)
 	NOT-FOR-US: Ushahidi
-CVE-2012-3470
+CVE-2012-3470 (Multiple SQL injection vulnerabilities in application/libraries/api/MY ...)
 	NOT-FOR-US: Ushahidi
-CVE-2012-3469
+CVE-2012-3469 (Multiple SQL injection vulnerabilities in the Ushahidi Platform before ...)
 	NOT-FOR-US: Ushahidi
-CVE-2012-3468
+CVE-2012-3468 (Multiple SQL injection vulnerabilities in the Ushahidi Platform before ...)
 	NOT-FOR-US: Ushahidi
-CVE-2012-3467
+CVE-2012-3467 (Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism ...)
 	- qpid-cpp 0.16-7 (bug #684456)
 	[wheezy] - qpid-cpp 0.16-6+deb7u1
-CVE-2012-3466
+CVE-2012-3466 (GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set  ...)
 	- gnome-keyring 3.4.1-5 (bug #683655)
 	[squeeze] - gnome-keyring <not-affected> (Only affects gnome-keyring 3.4.x)
-CVE-2012-3465
+CVE-2012-3465 (Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view ...)
 	{DSA-2655-1}
 	- rails 2.3.14.1 (low)
 	- ruby-actionpack-3.2 3.2.6-4 (bug #684454)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2012-3464
+CVE-2012-3464 (Cross-site scripting (XSS) vulnerability in activesupport/lib/active_s ...)
 	{DSA-2655-1}
 	- rails 2.3.14.1 (low)
 	- ruby-actionpack-3.2 3.2.6-4 (bug #684454)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2012-3463
+CVE-2012-3463 (Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view ...)
 	- rails <not-affected> (Only affects RoR 3.x)
 	- ruby-actionpack-3.2 3.2.6-4 (bug #684454)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/09/8
 CVE-2012-3462
 	RESERVED
-CVE-2012-3461
+CVE-2012-3461 (The (1) otrl_base64_otr_decode function in src/b64.c; (2) otrl_proto_d ...)
 	{DSA-2526-1}
 	- libotr 3.2.1-1 (medium; bug #684121)
 CVE-2012-3460
 	RESERVED
 	NOT-FOR-US: Cumin
-CVE-2012-3459
+CVE-2012-3459 (Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realti ...)
 	NOT-FOR-US: Cumin
-CVE-2012-3458
+CVE-2012-3458 (Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES ...)
 	{DSA-2541-1}
 	- beaker 1.6.3-1.1 (bug #684890)
-CVE-2012-3457
+CVE-2012-3457 (PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for proc ...)
 	- pnp4nagios <unfixed> (unimportant; bug #683879)
 	NOTE: The permissions of this file are under the control of the admin
-CVE-2012-3456
+CVE-2012-3456 (Heap-based buffer overflow in the read function in filters/words/mswor ...)
 	- calligra 1:2.4.3-2 (bug #684004)
 	- wv2 0.4.2.dfsg.1-9.1 (low)
 	[squeeze] - wv2 <no-dsa> (Minor issue)
-CVE-2012-3455
+CVE-2012-3455 (Heap-based buffer overflow in the read function in filters/words/mswor ...)
 	- koffice <removed> (low)
 	[squeeze] - koffice <no-dsa> (Minor issue)
-CVE-2012-3454
+CVE-2012-3454 (eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/ext ...)
 	- extplorer 2.1.0b6+dfsg.3-4 (low; bug #683649)
 	[squeeze] - extplorer <no-dsa> (Minor issue)
-CVE-2012-3453
+CVE-2012-3453 (logol 1.5.0 uses world writable permissions for the /var/lib/logol/res ...)
 	- logol 1.5.0-4 (bug #683647)
-CVE-2012-3452
+CVE-2012-3452 (gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when mult ...)
 	- gnome-screensaver <not-affected> (vulnerable code not present)
-CVE-2012-3451
+CVE-2012-3451 (Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 al ...)
 	NOT-FOR-US: Apache CXF
-CVE-2012-3450
+CVE-2012-3450 (pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x  ...)
 	{DSA-2527-1}
 	- php5 5.4.4-1 (bug #683694)
 	NOTE: http://seclists.org/bugtraq/2012/Jun/60
 	NOTE: https://bugs.php.net/bug.php?id=61755
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/02/3
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/02/7
-CVE-2012-3449
+CVE-2012-3449 (Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/op ...)
 	- openvswitch 1.4.2+git20120612-8 (bug #683665)
-CVE-2012-3448
+CVE-2012-3448 (Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote at ...)
 	{DSA-2610-1}
 	- ganglia 3.3.8-1 (bug #683584)
-CVE-2012-3447
+CVE-2012-3447 (virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2  ...)
 	- nova 2012.1.1-6 (bug #684256)
-CVE-2012-3446
+CVE-2012-3446 (Apache Libcloud before 0.11.1 uses an incorrect regular expression dur ...)
 	- libcloud 0.5.0-1.1 (bug #683927)
-CVE-2012-3445
+CVE-2012-3445 (The virTypedParameterArrayClear function in libvirt 0.9.13 does not pr ...)
 	- libvirt 0.9.12-4 (bug #683483)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present)
 	NOTE: https://www.redhat.com/archives/libvir-list/2012-July/msg01650.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=844734
-CVE-2012-3444
+CVE-2012-3444 (The get_image_dimensions function in the image-handling functionality  ...)
 	{DSA-2529-1}
 	- python-django 1.4.1-1 (bug #683364)
 	NOTE: https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/31/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/31/2
-CVE-2012-3443
+CVE-2012-3443 (The django.forms.ImageField class in the form system in Django before  ...)
 	{DSA-2529-1}
 	- python-django 1.4.1-1 (bug #683364)
 	NOTE: https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/31/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/31/2
-CVE-2012-3442
+CVE-2012-3442 (The (1) django.http.HttpResponseRedirect and (2) django.http.HttpRespo ...)
 	{DSA-2529-1}
 	- python-django 1.4.1-1 (bug #683364)
 	NOTE: https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/31/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/31/2
-CVE-2012-3441
+CVE-2012-3441 (The database creation script (module/idoutils/db/scripts/create_mysqld ...)
 	- icinga <not-affected> (Debian uses dbconfig, which does the right thing, bug #683320)
-CVE-2012-3440
+CVE-2012-3440 (A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (R ...)
 	- sudo <not-affected> (Red Hat-specific postinst script)
 CVE-2012-3439
 	REJECTED
-CVE-2012-3438
+CVE-2012-3438 (The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8 ...)
 	- graphicsmagick 1.3.16-1.1 (low; bug #683284)
 	[squeeze] - graphicsmagick <no-dsa> (Minor issue)
-CVE-2012-3437
+CVE-2012-3437 (The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 an ...)
 	{DLA-242-1}
 	- imagemagick 8:6.7.7.10-3 (low; bug #683285)
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
-CVE-2012-3436
+CVE-2012-3436 (OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to cle ...)
 	{DSA-2524-1}
 	- openttd 1.2.1-2 (low; bug #683258)
-CVE-2012-3435
+CVE-2012-3435 (SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix ...)
 	{DSA-2539-1}
 	- zabbix 1:2.0.2+dfsg-1 (bug #683273)
 	NOTE: http://seclists.org/oss-sec/2012/q3/127
-CVE-2012-3434
+CVE-2012-3434 (Multiple cross-site scripting (XSS) vulnerabilities in userperspan.php ...)
 	NOT-FOR-US: WordPress plugin Count Per Day
-CVE-2012-3433
+CVE-2012-3433 (Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of ...)
 	{DSA-2531-1}
 	- xen 4.1.3-1 (bug #683279)
-CVE-2012-3432
+CVE-2012-3432 (The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations e ...)
 	{DSA-2531-1}
 	- xen 4.1.3-1 (bug #683279)
-CVE-2012-3431
+CVE-2012-3431 (The Teiid Java Database Connectivity (JDBC) socket, as used in JBoss E ...)
 	NOT-FOR-US: Teeid
-CVE-2012-3430
+CVE-2012-3430 (The rds_recvmsg function in net/rds/recv.c in the Linux kernel before  ...)
 	- linux 3.2.29-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-36
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/26/3
-CVE-2012-3429
+CVE-2012-3429 (The dns_to_ldap_dn_escape function in src/ldap_convert.c in bind-dyndb ...)
 	NOT-FOR-US: Dynamic LDAP backend plugin for BIND
-CVE-2012-3428
+CVE-2012-3428 (The IronJacamar container before 1.0.12.Final for JBoss Application Se ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-3427
+CVE-2012-3427 (EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platfor ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-3426
+CVE-2012-3426 (OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before ...)
 	- keystone 2012.1.1-1
-CVE-2012-3425
+CVE-2012-3425 (The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1 ...)
 	{DLA-375-1}
 	- libpng 1.2.49-1 (low; bug #668082)
-CVE-2012-3424
+CVE-2012-3424 (The decode_credentials method in actionpack/lib/action_controller/meta ...)
 	- rails <not-affected> (Only affects RoR 3.x)
 	- ruby-actionpack-3.2 3.2.6-3 (bug #683370)
-CVE-2012-3423
+CVE-2012-3423 (The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant ...)
 	- icedtea-web 1.3-1
-CVE-2012-3422
+CVE-2012-3422 (The getFirstInTableInstance function in the IcedTea-Web plugin before  ...)
 	- icedtea-web 1.3-1
-CVE-2012-3421
+CVE-2012-3421 (The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP)  ...)
 	{DSA-2533-1}
 	- pcp 3.6.5 (bug #685476)
-CVE-2012-3420
+CVE-2012-3420 (Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow ...)
 	{DSA-2533-1}
 	- pcp 3.6.5 (bug #685476)
-CVE-2012-3419
+CVE-2012-3419 (Performance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file ...)
 	{DSA-2533-1}
 	- pcp 3.6.5 (bug #685476)
-CVE-2012-3418
+CVE-2012-3418 (libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attack ...)
 	{DSA-2533-1}
 	- pcp 3.6.5 (bug #685476)
-CVE-2012-3417
+CVE-2012-3417 (The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota  ...)
 	- quota 4.00~pre1-1
 	NOTE: this is at least fixed in 4.00, I could not trace this back to an exact version
-CVE-2012-3416
+CVE-2012-3416 (Condor before 7.8.2 allows remote attackers to bypass host-based authe ...)
 	- condor 7.8.2~dfsg.1-1 (bug #685366)
 CVE-2012-3415
 	REJECTED
-CVE-2012-3414
+CVE-2012-3414 (Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload ...)
 	- libjs-swfupload 2.2.0.1+ds1-2 (low; bug #681323)
 	- wordpress 3.5.1+dfsg-1 (bug #698934)
 	NOTE: https://nealpoole.com/blog/2012/05/xss-and-csrf-via-swf-applets-swfupload-plupload/
-CVE-2012-3413
+CVE-2012-3413 (The HTMLQuoteColorer::process function in messageviewer/htmlquotecolor ...)
 	- kdepim <not-affected> (Only affects kdepim >= 4.6)
 	NOTE: CVE-request http://www.openwall.com/lists/oss-security/2012/07/13/3
 	NOTE: https://projects.kde.org/projects/kde/kdepim/repository/revisions/dbb2f72f4745e00f53031965a9c10b2d6862bd54
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1022690
-CVE-2012-3412
+CVE-2012-3412 (The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before  ...)
 	- linux 3.2.29-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-36
-CVE-2012-3411
+CVE-2012-3411 (Dnsmasq before 2.63test1, when used with certain libvirt configuration ...)
 	- dnsmasq 2.63-1 (low; bug #683372)
 	[wheezy] - dnsmasq <no-dsa> (Minor issue)
 	[squeeze] - dnsmasq <no-dsa> (Minor issue)
 	NOTE: Please see CVE-2013-0198
-CVE-2012-3410
+CVE-2012-3410 (Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 ...)
 	- bash 4.2-4 (low; bug #681278)
 	[squeeze] - bash <no-dsa> (Minor issue)
 CVE-2012-3409
 	RESERVED
 	- ecryptfs-utils 99-1 (bug #682220)
 	[squeeze] - ecryptfs-utils <not-affected> (home src/dest mountpoints hardcoded in that version)
-CVE-2012-3408
+CVE-2012-3408 (lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet En ...)
 	- puppet 2.7.18-1 (low)
 	[squeeze] - puppet <no-dsa> (Minor issue)
 	NOTE: http://puppetlabs.com/security/cve/cve-2012-3408/
@@ -8266,7 +8266,7 @@ CVE-2012-3407
 	NOT-FOR-US: plow
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/6
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/16
-CVE-2012-3406
+CVE-2012-3406 (The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka ...)
 	{DSA-3169-1 DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.19-14 (low; bug #681888)
@@ -8274,7 +8274,7 @@ CVE-2012-3406
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=826943
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/5
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/17
-CVE-2012-3405
+CVE-2012-3405 (The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Libr ...)
 	{DLA-165-1}
 	- glibc 2.13-35 (low; bug #681473)
 	- eglibc 2.13-35 (low; bug #681473)
@@ -8284,7 +8284,7 @@ CVE-2012-3405
 	NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=1d498daa95384e5c9ad5bcb35e7a996e5869ac39
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/5
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/17
-CVE-2012-3404
+CVE-2012-3404 (The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Libr ...)
 	- glibc 2.13-35 (low; bug #681473)
 	- eglibc 2.13-35 (low; bug #681473)
 	[squeeze] - eglibc 2.11.3-1
@@ -8293,59 +8293,59 @@ CVE-2012-3404
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=833703
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/5
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/17
-CVE-2012-3403
+CVE-2012-3403 (Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP ...)
 	- gimp 2.8.2-1 (bug #685397)
 	[squeeze] - gimp 2.6.10-1+squeeze4
-CVE-2012-3402
+CVE-2012-3402 (Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD p ...)
 	- gimp 2.4.0~rc1-1
 	NOTE: Only affects 2.2 series
-CVE-2012-3401
+CVE-2012-3401 (The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibT ...)
 	{DSA-2552-1}
 	- tiff 4.0.2-2 (bug #682115)
 	- tiff3 3.9.6-7 (bug #682195)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=837577
-CVE-2012-3400
+CVE-2012-3400 (Heap-based buffer overflow in the udf_load_logicalvol function in fs/u ...)
 	- linux 3.2.23-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-36
-CVE-2012-3399
+CVE-2012-3399 (Config/diff.php in Basilic 1.5.14 allows remote attackers to execute a ...)
 	NOT-FOR-US: Basilic
-CVE-2012-3398
+CVE-2012-3398 (Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, 2. ...)
 	- moodle 2.2.3.dfsg-1 (bug #682203)
 	[squeeze] - moodle <no-dsa> (Minor issue)
-CVE-2012-3397
+CVE-2012-3397 (lib/modinfolib.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7,  ...)
 	- moodle 2.2.3.dfsg-2.1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.0)
-CVE-2012-3396
+CVE-2012-3396 (Cross-site scripting (XSS) vulnerability in cohort/edit_form.php in Mo ...)
 	- moodle 2.2.3.dfsg-2.1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.0)
-CVE-2012-3395
+CVE-2012-3395 (SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0 ...)
 	- moodle 2.2.3.dfsg-2.1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.0)
-CVE-2012-3394
+CVE-2012-3394 (auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x before 2.0.10, 2.1.x bef ...)
 	- moodle 2.2.3.dfsg-2.1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-3393
+CVE-2012-3393 (Cross-site scripting (XSS) vulnerability in repository/lib.php in Mood ...)
 	- moodle 2.2.3.dfsg-2.1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-3392
+CVE-2012-3392 (mod/forum/unsubscribeall.php in Moodle 2.1.x before 2.1.7 and 2.2.x be ...)
 	- moodle 2.2.3.dfsg-1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-3391
+CVE-2012-3391 (mod/forum/rsslib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2 ...)
 	- moodle 2.2.3.dfsg-1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-3390
+CVE-2012-3390 (lib/filelib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 do ...)
 	- moodle 2.2.3.dfsg-1 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.1)
-CVE-2012-3389
+CVE-2012-3389 (Multiple cross-site scripting (XSS) vulnerabilities in mod/lti/typesse ...)
 	- moodle 2.2.3.dfsg-2.2 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.2)
-CVE-2012-3388
+CVE-2012-3388 (The is_enrolled function in lib/accesslib.php in Moodle 2.2.x before 2 ...)
 	- moodle 2.2.3.dfsg-2.2 (bug #682203)
 	[squeeze] - moodle <not-affected> (Only affects >= 2.2)
-CVE-2012-3387
+CVE-2012-3387 (Moodle 2.3.x before 2.3.1 uses only a client-side check for whether re ...)
 	- moodle <not-affected> (Only affects 2.3)
-CVE-2012-3386
+CVE-2012-3386 (The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x bef ...)
 	- automake 1:1.4-p6-13.1
 	- automake1.10 1:1.10.3-3
 	[squeeze] - automake1.10 1:1.10.3-1+squeeze1
@@ -8355,108 +8355,108 @@ CVE-2012-3386
 	[squeeze] - automake1.7 1.7.9-9.1+squeeze1
 	- automake1.9 1.9.6+nogfdl-4
 	[squeeze] - automake1.9 1.9.6+nogfdl-3.1+squeeze1
-CVE-2012-3385
+CVE-2012-3385 (WordPress before 3.4.1 does not properly restrict access to post conte ...)
 	- wordpress 3.4.1+dfsg-1 (bug #680721)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/02/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/08/1
-CVE-2012-3384
+CVE-2012-3384 (Cross-site request forgery (CSRF) vulnerability in the customizer in W ...)
 	- wordpress 3.4.1+dfsg-1 (bug #680721)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/02/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/08/1
-CVE-2012-3383
+CVE-2012-3383 (The map_meta_cap function in wp-includes/capabilities.php in WordPress ...)
 	- wordpress 3.4.1+dfsg-1 (bug #680721)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/02/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/08/1
-CVE-2012-3382
+CVE-2012-3382 (Cross-site scripting (XSS) vulnerability in the ProcessRequest functio ...)
 	{DSA-2512-1}
 	- mono 2.10.8.1-5 (bug #681095)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=769799
 	NOTE: https://github.com/mono/mono/commit/d16d4623edb210635bec3ca3786481b82cde25a2
-CVE-2012-3381
+CVE-2012-3381 (sfcb in sblim-sfcb places a zero-length directory name in the LD_LIBRA ...)
 	NOT-FOR-US: sblim-sfcb
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=770234
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=838160
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/06/7
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/06/8
-CVE-2012-3380
+CVE-2012-3380 (Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Nax ...)
 	- nginx 1.2.1-2
 	[squeeze] - nginx <not-affected> (naxsi package was introduced in 1.1.18-1)
 CVE-2012-3379 [as31: insecure file creation in /tmp]
 	REJECTED
-CVE-2012-3378
+CVE-2012-3378 (The register_application function in atk-adaptor/bridge.c in GNOME at- ...)
 	- at-spi2-atk 2.5.3-1 (bug #678026)
-CVE-2012-3377
+CVE-2012-3377 (Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG ...)
 	- vlc 2.0.2-1 (bug #680665)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commitdiff;h=16e9e126333fb7acb47d363366fee3deadc8331e
 	NOTE: http://securitytracker.com/id/1027224
-CVE-2012-3376
+CVE-2012-3376 (DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens  ...)
 	- hadoop <itp> (bug #535861)
 	NOTE: http://seclists.org/bugtraq/2012/Jul/48
-CVE-2012-3375
+CVE-2012-3375 (The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before ...)
 	- linux 3.2.23-1
 	- linux-2.6 <not-affected> (Introduced in 3.2)
-CVE-2012-3374
+CVE-2012-3374 (Buffer overflow in markup.c in the MXit protocol plugin in libpurple i ...)
 	{DSA-2509-1}
 	- pidgin 2.10.6-1 (bug #680661)
 	[squeeze] - pidgin 2.7.3-1+squeeze3
 	NOTE: http://www.pidgin.im/news/security/index.php?id=64
 	NOTE: http://hg.pidgin.im/pidgin/main/rev/ded93865ef42
-CVE-2012-3373
+CVE-2012-3373 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2012-3372
+CVE-2012-3372 (** DISPUTED ** The default configuration of Cyberoam UTM appliances us ...)
 	NOT-FOR-US: Cyberoam DPI devices
 	NOTE: https://blog.torproject.org/blog/security-vulnerability-found-cyberoam-dpi-devices-cve-2012-3372
 	NOTE: http://seclists.org/bugtraq/2012/Jul/20
-CVE-2012-3371
+CVE-2012-3371 (The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Ess ...)
 	- nova 2012.1.1-5 (bug #681301)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/13
 	NOTE: https://github.com/openstack/nova/commit/034762e8060dcf0a11cb039b9d426b0d0bb1801d
 	NOTE: https://github.com/openstack/nova/commit/25f5bd31805bd21d7b7e3583c775252aa8f737e9
 	NOTE: https://bugs.launchpad.net/nova/+bug/1017795
-CVE-2012-3370
+CVE-2012-3370 (The SecurityAssociation.getCredential method in JBoss Enterprise Appli ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-3369
+CVE-2012-3369 (The CallerIdentityLoginModule in JBoss Enterprise Application Platform ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-3368
+CVE-2012-3368 (Integer signedness error in attach.c in dtach 0.8 allows remote attack ...)
 	- dtach 0.8-2.1 (low; bug #625302)
 	[squeeze] - dtach 0.8-2+squeeze1
 	NOTE: http://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357
 	NOTE: http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=812551
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=835849
-CVE-2012-3367
+CVE-2012-3367 (Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate  ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2012-3366
+CVE-2012-3366 (The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers ...)
 	{DSA-2503-1}
 	- bcfg2 1.2.2-2 (bug #679272)
-CVE-2012-3365
+CVE-2012-3365 (The SQLite functionality in PHP before 5.3.15 allows remote attackers  ...)
 	- php5 <removed> (unimportant)
 	NOTE: open_basedir not supported
-CVE-2012-3364
+CVE-2012-3364 (Multiple stack-based buffer overflows in the Near Field Communication  ...)
 	- linux 3.2.23-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-3363
+CVE-2012-3363 (Zend_XmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.1 ...)
 	{DSA-2505-1}
 	- zendframework 1.11.12-1 (bug #679215)
 	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2012-3362
+CVE-2012-3362 (Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 a ...)
 	{DSA-2510-1}
 	- extplorer 2.1.0b6+dfsg.3-3 (bug #678737)
-CVE-2012-3361
+CVE-2012-3361 (virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2 ...)
 	- nova 2012.1.1-2 (bug #680110)
-CVE-2012-3360
+CVE-2012-3360 (Directory traversal vulnerability in virt/disk/api.py in OpenStack Com ...)
 	- nova 2012.1.1-2 (bug #680110)
-CVE-2012-3359
+CVE-2012-3359 (Luci in Red Hat Conga stores the user's username and password in a Bas ...)
 	NOT-FOR-US: Red Hat Conga
-CVE-2012-3358
+CVE-2012-3358 (Multiple heap-based buffer overflows in the j2k_read_sot function in j ...)
 	{DSA-2629-1}
 	- openjpeg 1.3+dfsg-4.4 (bug #681075)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/1
 	NOTE: Upstream patch: http://code.google.com/p/openjpeg/source/detail?r=1727
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=835767
-CVE-2012-3357
+CVE-2012-3357 (The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before 1. ...)
 	{DSA-2563-1}
 	- viewvc 1.1.5-1.3 (bug #679069)
 	NOTE: http://viewvc.tigris.org/issues/show_bug.cgi?id=353
@@ -8465,45 +8465,45 @@ CVE-2012-3357
 	NOTE: http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2757
 	NOTE: http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2759
 	NOTE: http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2760
-CVE-2012-3356
+CVE-2012-3356 (The remote SVN views functionality (lib/vclib/svn/svn_ra.py) in ViewVC ...)
 	{DSA-2563-1}
 	- viewvc 1.1.5-1.3 (bug #679069)
 	NOTE: http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2758
-CVE-2012-3355
+CVE-2012-3355 ((1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab. ...)
 	- rhythmbox 2.97-2.1 (low; bug #616673)
 	[squeeze] - rhythmbox <no-dsa> (Minor issue)
 	NOTE: Upstream bug report https://bugzilla.gnome.org/show_bug.cgi?id=678661
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=835076
-CVE-2012-3354
+CVE-2012-3354 (doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain P ...)
 	- dokuwiki 0.0.20130510a-1 (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/24/2
-CVE-2012-3353
+CVE-2012-3353 (The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling J ...)
 	NOT-FOR-US: Apache Sling
-CVE-2012-3553
+CVE-2012-3553 (chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open ...)
 	- asterisk <not-affected> (Only affects Asterisk 10)
 CVE-2012-3352
 	RESERVED
 CVE-2012-3351
 	RESERVED
-CVE-2012-3350
+CVE-2012-3350 (SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remo ...)
 	NOT-FOR-US: WebMatic
 	NOTE: http://seclists.org/bugtraq/2012/Jul/25
 CVE-2012-3349
 	RESERVED
 CVE-2012-3348
 	RESERVED
-CVE-2012-3347
+CVE-2012-3347 (AutoFORM PDM Archive before 7.0 implements user accounts in a way that ...)
 	NOT-FOR-US: AutoFORM PDM Archive
 CVE-2012-3346
 	RESERVED
-CVE-2012-3345
+CVE-2012-3345 (ioquake3 before r2253 allows local users to overwrite arbitrary files  ...)
 	- ioquake3 1.36+svn2224-4
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/15/3
 CVE-2012-3344
 	RESERVED
-CVE-2012-3343
+CVE-2012-3343 (Cross-site request forgery (CSRF) vulnerability in Microdasys before 3 ...)
 	NOT-FOR-US: Microdasys
-CVE-2012-3342
+CVE-2012-3342 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2012-3341
@@ -8520,183 +8520,183 @@ CVE-2012-3336
 	RESERVED
 CVE-2012-3335
 	RESERVED
-CVE-2012-3334
+CVE-2012-3334 (Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
-CVE-2012-3333
+CVE-2012-3333 (CRLF injection vulnerability in IBM Maximo Asset Management 7.x before ...)
 	NOT-FOR-US: IBM Maximo Asset Management and others
 CVE-2012-3332
 	RESERVED
-CVE-2012-3331
+CVE-2012-3331 (IBM Sametime allows remote attackers to obtain sensitive information f ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2012-3330
+CVE-2012-3330 (The proxy server in IBM WebSphere Application Server 7.0 before 7.0.0. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-3329
+CVE-2012-3329 (IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 ...)
 	NOT-FOR-US: IBM Advanced Settings Utility, Bootable Media Creator
-CVE-2012-3328
+CVE-2012-3328 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM
-CVE-2012-3327
+CVE-2012-3327 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM
-CVE-2012-3326
+CVE-2012-3326 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-3325
+CVE-2012-3325 (IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x be ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-3324
+CVE-2012-3324 (Directory traversal vulnerability in the UTL_FILE module in IBM DB2 an ...)
 	NOT-FOR-US: IBM DB2
-CVE-2012-3323
+CVE-2012-3323 (IBM Maximo Asset Management 6.2 before 6.2.8, 7.1 before 7.1.1.12, and ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-3322
+CVE-2012-3322 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM
-CVE-2012-3321
+CVE-2012-3321 (IBM SmartCloud Control Desk 7.5 allows remote authenticated users to b ...)
 	NOT-FOR-US: IBM
 CVE-2012-3320
 	RESERVED
-CVE-2012-3319
+CVE-2012-3319 (IBM Rational Business Developer 8.x before 8.0.1.4 allows remote attac ...)
 	NOT-FOR-US: IBM Rational Business Developer
 CVE-2012-3318
 	RESERVED
-CVE-2012-3317
+CVE-2012-3317 (IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5,  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2012-3316
+CVE-2012-3316 (Cross-site scripting (XSS) vulnerability in the Tivoli Process Automat ...)
 	NOT-FOR-US: IBM
-CVE-2012-3315
+CVE-2012-3315 (The Java servlets in the management console in IBM Tivoli Federated Id ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2012-3314
+CVE-2012-3314 (IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Iden ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2012-3313
+CVE-2012-3313 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-3312
+CVE-2012-3312 (The datasource definition editor in IBM InfoSphere Guardium 8.2 and ea ...)
 	NOT-FOR-US: IBM InfoSphere Guardium
-CVE-2012-3311
+CVE-2012-3311 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-3310
+CVE-2012-3310 (IBM Tivoli Federated Identity Manager (TFIM) before 6.1.1.14, 6.2.0 be ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2012-3309
+CVE-2012-3309 (Cross-site request forgery (CSRF) vulnerability in the account-creatio ...)
 	NOT-FOR-US: IBM InfoSphere Guardium
-CVE-2012-3308
+CVE-2012-3308 (Cross-site scripting (XSS) vulnerability in IBM Sametime 8.0.2 through ...)
 	NOT-FOR-US: IBM Sametime
 CVE-2012-3307
 	RESERVED
-CVE-2012-3306
+CVE-2012-3306 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-3305
+CVE-2012-3305 (Directory traversal vulnerability in IBM WebSphere Application Server  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-3304
+CVE-2012-3304 (The Administrative Console in IBM WebSphere Application Server (WAS) 6 ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2012-3303
 	RESERVED
-CVE-2012-3302
+CVE-2012-3302 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Domin ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2012-3301
+CVE-2012-3301 (Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotu ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2012-3300
+CVE-2012-3300 (IBM WebSphere Commerce 7.0 before 7.0.0.6, when persistent sessions an ...)
 	NOT-FOR-US: IBM WebSphere Commerce
 CVE-2012-3299
 	RESERVED
-CVE-2012-3298
+CVE-2012-3298 (Unspecified vulnerability in the REST services framework in IBM WebSph ...)
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2012-3297
+CVE-2012-3297 (Cross-site scripting (XSS) vulnerability in the embedded HTTP server i ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2012-3296
+CVE-2012-3296 (Cross-site scripting (XSS) vulnerability in the Help link in the login ...)
 	NOT-FOR-US: IBM Power Hardware Management Console
-CVE-2012-3295
+CVE-2012-3295 (IBM WebSphere MQ 7.1, when an SVRCONN channel is used, allows remote a ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2012-3294
+CVE-2012-3294 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Web  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2012-3293
+CVE-2012-3293 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2012-3292
+CVE-2012-3292 (The GridFTP in Globus Toolkit (GT) before 5.2.2, when certain autoconf ...)
 	{DSA-2523-1}
 	- globus-gridftp-server 6.5-1
-CVE-2012-3291
+CVE-2012-3291 (Heap-based buffer overflow in OpenConnect 3.18 allows remote servers t ...)
 	{DSA-2495-1}
 	- openconnect 3.18-1 (bug #677594)
-CVE-2012-3290
+CVE-2012-3290 (Multiple unspecified vulnerabilities in Google Chrome before 20.0.1132 ...)
 	NOT-FOR-US: Chrome books
-CVE-2012-3289
+CVE-2012-3289 (VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, V ...)
 	NOT-FOR-US: VMware
-CVE-2012-3288
+CVE-2012-3288 (VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Playe ...)
 	NOT-FOR-US: VMware
-CVE-2012-3287
+CVE-2012-3287 (Poul-Henning Kamp md5crypt has insufficient algorithmic complexity and ...)
 	NOT-FOR-US: md5crypt
-CVE-2012-3286
+CVE-2012-3286 (Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and e ...)
 	NOT-FOR-US: HP ArcSight appliance
-CVE-2012-3285
+CVE-2012-3285 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hyd ...)
 	NOT-FOR-US: HP LeftHand Virtual SAN Appliance
-CVE-2012-3284
+CVE-2012-3284 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hyd ...)
 	NOT-FOR-US: HP LeftHand Virtual SAN Appliance
-CVE-2012-3283
+CVE-2012-3283 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hyd ...)
 	NOT-FOR-US: HP LeftHand Virtual SAN Appliance
-CVE-2012-3282
+CVE-2012-3282 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hyd ...)
 	NOT-FOR-US: HP LeftHand Virtual SAN Appliance
-CVE-2012-3281
+CVE-2012-3281 (Unspecified vulnerability in Device Manager in HP XP P9000 Command Vie ...)
 	NOT-FOR-US: HP XP P9000 Command View
-CVE-2012-3280
+CVE-2012-3280 (Multiple unspecified vulnerabilities on HP NonStop Servers H06.x and J ...)
 	NOT-FOR-US: HP NonStop Servers
-CVE-2012-3279
+CVE-2012-3279 (Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node ...)
 	NOT-FOR-US: HP Network Node Manager i
-CVE-2012-3278
+CVE-2012-3278 (Stack-based buffer overflow in magentservice.exe in HP Diagnostics Ser ...)
 	NOT-FOR-US: HP Diagnostics Server
-CVE-2012-3277
+CVE-2012-3277 (HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8. ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2012-3276
+CVE-2012-3276 (HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8. ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2012-3275
+CVE-2012-3275 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and ...)
 	NOT-FOR-US: HP Network Node Manager
-CVE-2012-3274
+CVE-2012-3274 (Stack-based buffer overflow in uam.exe in the User Access Manager (UAM ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2012-3273
+CVE-2012-3273 (Multiple unspecified vulnerabilities on the HP LaserJet Pro 400 MFP M4 ...)
 	NOT-FOR-US: HP LaserJet
-CVE-2012-3272
+CVE-2012-3272 (Cross-site scripting (XSS) vulnerability on the HP Color LaserJet CM35 ...)
 	NOT-FOR-US: HP LaserJet
-CVE-2012-3271
+CVE-2012-3271 (Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) ...)
 	NOT-FOR-US: HP ILO
-CVE-2012-3270
+CVE-2012-3270 (Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5. ...)
 	NOT-FOR-US: HP Performance Insight
-CVE-2012-3269
+CVE-2012-3269 (Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5. ...)
 	NOT-FOR-US: HP Performance Insight
-CVE-2012-3268
+CVE-2012-3268 (Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, ...)
 	NOT-FOR-US: HP network devices
-CVE-2012-3267
+CVE-2012-3267 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.20 all ...)
 	NOT-FOR-US: HP NNMi
-CVE-2012-3266
+CVE-2012-3266 (Unspecified vulnerability in IBRIX 6.1.196 through 6.1.251 on HP IBRIX ...)
 	NOT-FOR-US: HP IBRIX
 CVE-2012-3265
 	REJECTED
-CVE-2012-3264
+CVE-2012-3264 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 thro ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2012-3263
+CVE-2012-3263 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 thro ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2012-3262
+CVE-2012-3262 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 thro ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2012-3261
+CVE-2012-3261 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 thro ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2012-3260
+CVE-2012-3260 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 thro ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2012-3259
+CVE-2012-3259 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 thro ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2012-3258
+CVE-2012-3258 (Unspecified vulnerability in HP Operations Orchestration 9.0 before 9. ...)
 	NOT-FOR-US: HP Operations Orchestration
-CVE-2012-3257
+CVE-2012-3257 (HP Business Availability Center (BAC) 8.07 allows remote authenticated ...)
 	NOT-FOR-US: HP Business Availability Center
-CVE-2012-3256
+CVE-2012-3256 (Cross-site request forgery (CSRF) vulnerability in HP Business Availab ...)
 	NOT-FOR-US: HP Business Availability Center
-CVE-2012-3255
+CVE-2012-3255 (Cross-site scripting (XSS) vulnerability in HP Business Availability C ...)
 	NOT-FOR-US: HP Business Availability Center
-CVE-2012-3254
+CVE-2012-3254 (Multiple unspecified vulnerabilities in HP iNode Management Center bef ...)
 	NOT-FOR-US: HP iNode Management Center
-CVE-2012-3253
+CVE-2012-3253 (Multiple unspecified vulnerabilities in HP Intelligent Management Cent ...)
 	NOT-FOR-US: HP Intelligent Management
-CVE-2012-3252
+CVE-2012-3252 (Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allow ...)
 	NOT-FOR-US: HP Serviceguard
-CVE-2012-3251
+CVE-2012-3251 (Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tie ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2012-3250
+CVE-2012-3250 (Unspecified vulnerability in HP Service Manager Server 7.11, 9.21, and ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2012-3249
+CVE-2012-3249 (HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remo ...)
 	NOT-FOR-US: HP Fortify Software Security Center
-CVE-2012-3248
+CVE-2012-3248 (HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remo ...)
 	NOT-FOR-US: HP Fortify Software Security Center
-CVE-2012-3247
+CVE-2012-3247 (Unspecified vulnerability on the HP Integrity Server BL860c i2, BL870c ...)
 	NOT-FOR-US: HP Integrity Server
 CVE-2012-3246
 	RESERVED
@@ -8704,321 +8704,321 @@ CVE-2012-3245
 	RESERVED
 CVE-2012-3244
 	RESERVED
-CVE-2012-3243
+CVE-2012-3243 (Cross-site scripting (XSS) vulnerability in the SEOgento plugin for Ma ...)
 	NOT-FOR-US: SEOgento plugin for Magento
 CVE-2012-3242
 	RESERVED
-CVE-2012-3241
+CVE-2012-3241 (The VMware Broker in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 does not  ...)
 	- eucalyptus <not-affected> (Fixed before initial release)
-CVE-2012-3240
+CVE-2012-3240 (The Walrus service in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 allows r ...)
 	- eucalyptus <not-affected> (Fixed before initial release)
 CVE-2012-3239
 	RESERVED
-CVE-2012-3238
+CVE-2012-3238 (Cross-site scripting (XSS) vulnerability in the Backup/Restore compone ...)
 	NOT-FOR-US: Astaro appliance
 CVE-2012-3237
 	RESERVED
-CVE-2012-3236
+CVE-2012-3236 (fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a deni ...)
 	- gimp 2.8.2-1 (unimportant)
 	NOTE: Harmless crasher w/o security impact
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=676804
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=0474376d234bc3d0901fd5e86f89d778a6473dd8 (GIMP_2_8_2)
 CVE-2012-3235
 	RESERVED
-CVE-2012-3234
+CVE-2012-3234 (RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1. ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2012-3233
+CVE-2012-3233 (Cross-site scripting (XSS) vulnerability in __swift/thirdparty/PHPExce ...)
 	NOT-FOR-US: Kayako Fusion 4.40.1148
-CVE-2012-3232
+CVE-2012-3232 (Cross-site scripting (XSS) vulnerability in search.php in web@all 2.0, ...)
 	NOT-FOR-US: web@all
-CVE-2012-3231
+CVE-2012-3231 (Multiple cross-site request forgery (CSRF) vulnerabilities in web@all  ...)
 	NOT-FOR-US: web@all
-CVE-2012-3230
+CVE-2012-3230 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-3229
+CVE-2012-3229 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-3228
+CVE-2012-3228 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3227
+CVE-2012-3227 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3226
+CVE-2012-3226 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3225
+CVE-2012-3225 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3224
+CVE-2012-3224 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3223
+CVE-2012-3223 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3222
+CVE-2012-3222 (Unspecified vulnerability in the Oracle iRecruitment component in Orac ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3221
+CVE-2012-3221 (Unspecified vulnerability in the Oracle VM Virtual Box component in Or ...)
 	{DSA-2594-1}
 	- virtualbox 4.1.18-dfsg-1.1 (bug #690777)
 	- virtualbox-ose <removed>
 	NOTE: http://www.halfdog.net/Security/2012/VirtualBoxSoftwareInterrupt0x8GuestCrash/
-CVE-2012-3220
+CVE-2012-3220 (Unspecified vulnerability in the Spatial component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-3219
+CVE-2012-3219 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2012-3218
+CVE-2012-3218 (Unspecified vulnerability in the Human Resources component in Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2012-3217
+CVE-2012-3217 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3216
+CVE-2012-3216 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b24-1.11.5-0ubuntu1 (bug #690774)
 	- openjdk-7 7u3-2.1.3-1 (bug #690774)
-CVE-2012-3215
+CVE-2012-3215 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when runnin ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3214
+CVE-2012-3214 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3213
+CVE-2012-3213 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2012-3212
+CVE-2012-3212 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when runnin ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3211
+CVE-2012-3211 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3210
+CVE-2012-3210 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3209
+CVE-2012-3209 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when runnin ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3208
+CVE-2012-3208 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3207
+CVE-2012-3207 (Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows l ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3206
+CVE-2012-3206 (Unspecified vulnerability in the Integrated Lights Out Manager CLI in  ...)
 	NOT-FOR-US: Oracle Sun Products Suite SysFW
-CVE-2012-3205
+CVE-2012-3205 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3204
+CVE-2012-3204 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3203
+CVE-2012-3203 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3202
+CVE-2012-3202 (Multiple unspecified vulnerabilities in the Oracle JRockit component i ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3201
+CVE-2012-3201 (Unspecified vulnerability in the PeopleSoft Enterprise Campus Solution ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3200
+CVE-2012-3200 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3199
+CVE-2012-3199 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3198
+CVE-2012-3198 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3197
+CVE-2012-3197 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3196
+CVE-2012-3196 (Unspecified vulnerability in the Oracle Human Resources component in O ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3195
+CVE-2012-3195 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3194
+CVE-2012-3194 (Unspecified vulnerability in the Oracle BI Publisher component in Orac ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3193
+CVE-2012-3193 (Unspecified vulnerability in the Oracle BI Publisher component in Orac ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3192
+CVE-2012-3192 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3191
+CVE-2012-3191 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3190
+CVE-2012-3190 (Unspecified vulnerability in the Oracle Universal Work Queue component ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3189
+CVE-2012-3189 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3188
+CVE-2012-3188 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3187
+CVE-2012-3187 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3186
+CVE-2012-3186 (Unspecified vulnerability in the Oracle WebCenter Sites component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3185
+CVE-2012-3185 (Unspecified vulnerability in the Oracle WebCenter Sites component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3184
+CVE-2012-3184 (Unspecified vulnerability in the Oracle WebCenter Sites component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3183
+CVE-2012-3183 (Unspecified vulnerability in the Oracle WebCenter Sites component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3182
+CVE-2012-3182 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3181
+CVE-2012-3181 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3180
+CVE-2012-3180 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3179
+CVE-2012-3179 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3178
+CVE-2012-3178 (Unspecified vulnerability in the kernel in Oracle Sun Solaris 11 allow ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3177
+CVE-2012-3177 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3176
+CVE-2012-3176 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-3175
+CVE-2012-3175 (Unspecified vulnerability in the Oracle Application Server Single Sign ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3174
+CVE-2012-3174 (Unspecified vulnerability in Oracle Java 7 before Update 11 allows rem ...)
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u3-2.1.4-1
-CVE-2012-3173
+CVE-2012-3173 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3172
+CVE-2012-3172 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-3171
+CVE-2012-3171 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3170
+CVE-2012-3170 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-3169
+CVE-2012-3169 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-3168
+CVE-2012-3168 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-3167
+CVE-2012-3167 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3166
+CVE-2012-3166 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3165
+CVE-2012-3165 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allow ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3164
+CVE-2012-3164 (Unspecified vulnerability in the Oracle Marketing component in Oracle  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3163
+CVE-2012-3163 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3162
+CVE-2012-3162 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3161
+CVE-2012-3161 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3160
+CVE-2012-3160 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3159
+CVE-2012-3159 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2012-3158
+CVE-2012-3158 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3157
+CVE-2012-3157 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3156
+CVE-2012-3156 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3155
+CVE-2012-3155 (Unspecified vulnerability in the CORBA ORB component in Sun GlassFish  ...)
 	- glassfish <removed> (bug #692035)
 	[stretch] - glassfish <ignored> (Only used a build dep, specific details withheld)
 	[jessie] - glassfish <end-of-life>
 	[wheezy] - glassfish <end-of-life>
 	NOTE: Oracle doesn't provide any useful public information to fix the package without importing a new upstream version.
-CVE-2012-3154
+CVE-2012-3154 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3153
+CVE-2012-3153 (Unspecified vulnerability in the Oracle Reports Developer component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3152
+CVE-2012-3152 (Unspecified vulnerability in the Oracle Reports Developer component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3151
+CVE-2012-3151 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-3150
+CVE-2012-3150 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2581-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3149
+CVE-2012-3149 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3148
+CVE-2012-3148 (Unspecified vulnerability in the Oracle Field Service component in Ora ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3147
+CVE-2012-3147 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3146
+CVE-2012-3146 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-3145
+CVE-2012-3145 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3144
+CVE-2012-3144 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
-CVE-2012-3143
+CVE-2012-3143 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2012-3142
+CVE-2012-3142 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3141
+CVE-2012-3141 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-3140
+CVE-2012-3140 (Unspecified vulnerability in the Oracle Agile PLM For Process componen ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3139
+CVE-2012-3139 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3138
+CVE-2012-3138 (Unspecified vulnerability in the Oracle iStore component in Oracle E-B ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-3137
+CVE-2012-3137 (The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0 ...)
 	NOT-FOR-US: Oracle Database
-CVE-2012-3136
+CVE-2012-3136 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.2-1
 	- openjdk-6 <not-affected>
-CVE-2012-3135
+CVE-2012-3135 (Unspecified vulnerability in the Oracle JRockit component in Oracle Fu ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2012-3134
+CVE-2012-3134 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-3133
+CVE-2012-3133 (Buffer overflow in the DataDirect ODBC driver, as used in Oracle Hyper ...)
 	NOT-FOR-US: Oracle
-CVE-2012-3132
+CVE-2012-3132 (SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0 ...)
 	NOT-FOR-US: Oracle Database
-CVE-2012-3131
+CVE-2012-3131 (Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows r ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3130
+CVE-2012-3130 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3129
+CVE-2012-3129 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3128
+CVE-2012-3128 (Unspecified vulnerability in Oracle SPARC T-Series Servers running Sys ...)
 	NOT-FOR-US: ILO firmware
-CVE-2012-3127
+CVE-2012-3127 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3126
+CVE-2012-3126 (Unspecified vulnerability in the Solaris Cluster component in Oracle S ...)
 	NOT-FOR-US: Solaris Cluster
-CVE-2012-3125
+CVE-2012-3125 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows re ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3124
+CVE-2012-3124 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3123
+CVE-2012-3123 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3122
+CVE-2012-3122 (Unspecified vulnerability in Oracle Sun Solaris 8 and 9 allows local u ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3121
+CVE-2012-3121 (Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows remote ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3120
+CVE-2012-3120 (Unspecified vulnerability in Oracle Sun Solaris 8 allows remote attack ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3119
+CVE-2012-3119 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products (PeopleSoft Enterprise HRMS)
-CVE-2012-3118
+CVE-2012-3118 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products (PeopleSoft Enterprise PeopleTools)
-CVE-2012-3117
+CVE-2012-3117 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3116
+CVE-2012-3116 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3115
+CVE-2012-3115 (Unspecified vulnerability in the Oracle MapViewer component in Oracle  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3114
+CVE-2012-3114 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-3113
+CVE-2012-3113 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products (PeopleSoft Enterprise HRMS)
-CVE-2012-3112
+CVE-2012-3112 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-3111
+CVE-2012-3111 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products (PeopleSoft Enterprise HRMS)
-CVE-2012-3110
+CVE-2012-3110 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3109
+CVE-2012-3109 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3108
+CVE-2012-3108 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3107
+CVE-2012-3107 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3106
+CVE-2012-3106 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-3105
+CVE-2012-3105 (The glBufferData function in the WebGL implementation in Mozilla Firef ...)
 	- iceweasel 10.0.5esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-3104
@@ -9037,11 +9037,11 @@ CVE-2012-3098
 	RESERVED
 CVE-2012-3097
 	RESERVED
-CVE-2012-3096
+CVE-2012-3096 (Cisco Unity Connection (UC) 7.1, 8.0, and 8.5 allows remote authentica ...)
 	NOT-FOR-US: Cisco Unity Connection
 CVE-2012-3095
 	RESERVED
-CVE-2012-3094
+CVE-2012-3094 (The VPN downloader in the download_install component in Cisco AnyConne ...)
 	NOT-FOR-US: Cisco AnyConnect Secure Mobility Client
 CVE-2012-3093
 	RESERVED
@@ -9053,7 +9053,7 @@ CVE-2012-3090
 	RESERVED
 CVE-2012-3089
 	RESERVED
-CVE-2012-3088
+CVE-2012-3088 (Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3. ...)
 	NOT-FOR-US: Cisco AnyConnect Secure Mobility Client
 CVE-2012-3087
 	RESERVED
@@ -9071,19 +9071,19 @@ CVE-2012-3081
 	RESERVED
 CVE-2012-3080
 	RESERVED
-CVE-2012-3079
+CVE-2012-3079 (Cisco IOS 12.2 allows remote attackers to cause a denial of service (C ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3078
 	RESERVED
 CVE-2012-3077
 	RESERVED
-CVE-2012-3076
+CVE-2012-3076 (The administrative web interface on Cisco TelePresence Recording Serve ...)
 	NOT-FOR-US: Cisco Telepresence
-CVE-2012-3075
+CVE-2012-3075 (The administrative web interface on Cisco TelePresence Immersive Endpo ...)
 	NOT-FOR-US: Cisco Telepresence
-CVE-2012-3074
+CVE-2012-3074 (An unspecified API on Cisco TelePresence Immersive Endpoint Devices be ...)
 	NOT-FOR-US: Cisco Telepresence
-CVE-2012-3073
+CVE-2012-3073 (The IP implementation on Cisco TelePresence Multipoint Switch before 1 ...)
 	NOT-FOR-US: Cisco Telepresence
 CVE-2012-3072
 	RESERVED
@@ -9103,31 +9103,31 @@ CVE-2012-3065
 	RESERVED
 CVE-2012-3064
 	RESERVED
-CVE-2012-3063
+CVE-2012-3063 (Cisco Application Control Engine (ACE) before A4(2.3) and A5 before A5 ...)
 	NOT-FOR-US: Cisco
-CVE-2012-3062
+CVE-2012-3062 (Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) sn ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-3061
 	RESERVED
-CVE-2012-3060
+CVE-2012-3060 (Cisco Unity Connection (UC) 8.6, 9.0, and 9.5 allows remote attackers  ...)
 	NOT-FOR-US: Cisco Unity Connection
 CVE-2012-3059
 	RESERVED
-CVE-2012-3058
+CVE-2012-3058 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the  ...)
 	NOT-FOR-US: Cisco
-CVE-2012-3057
+CVE-2012-3057 (Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) p ...)
 	NOT-FOR-US: Cisco WebEx Player
-CVE-2012-3056
+CVE-2012-3056 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L ...)
 	NOT-FOR-US: Cisco WebEx Player
-CVE-2012-3055
+CVE-2012-3055 (Stack-based buffer overflow in the Cisco WebEx Recording Format (WRF)  ...)
 	NOT-FOR-US: Cisco WebEx Player
-CVE-2012-3054
+CVE-2012-3054 (Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) p ...)
 	NOT-FOR-US: Cisco WebEx Player
-CVE-2012-3053
+CVE-2012-3053 (Buffer overflow in the Cisco WebEx Advanced Recording Format (ARF) pla ...)
 	NOT-FOR-US: Cisco WebEx Player
-CVE-2012-3052
+CVE-2012-3052 (Untrusted search path vulnerability in Cisco VPN Client 5.0 allows loc ...)
 	NOT-FOR-US: Cisco VPN Client
-CVE-2012-3051
+CVE-2012-3051 (Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote at ...)
 	NOT-FOR-US: Cisco NX-OS
 CVE-2012-3050
 	RESERVED
@@ -9135,7 +9135,7 @@ CVE-2012-3049
 	RESERVED
 CVE-2012-3048
 	RESERVED
-CVE-2012-3047
+CVE-2012-3047 (Cross-site scripting (XSS) vulnerability in the web-wizard setup page  ...)
 	NOT-FOR-US: Cisco
 CVE-2012-3046
 	RESERVED
@@ -9149,107 +9149,107 @@ CVE-2012-3042
 	REJECTED
 CVE-2012-3041
 	RESERVED
-CVE-2012-3040
+CVE-2012-3040 (Cross-site scripting (XSS) vulnerability in the web server on Siemens  ...)
 	NOT-FOR-US: Siemens
-CVE-2012-3039
+CVE-2012-3039 (Moxa OnCell Gateway G3111, G3151, G3211, and G3251 devices with firmwa ...)
 	NOT-FOR-US: Moxa OnCell Gateway
 CVE-2012-3038
 	RESERVED
-CVE-2012-3037
+CVE-2012-3037 (The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the priv ...)
 	NOT-FOR-US: Siemens SIMATIC PLC
 CVE-2012-3036
 	REJECTED
-CVE-2012-3035
+CVE-2012-3035 (Buffer overflow in Emerson DeltaV 9.3.1 and 10.3 through 11.3.1 allows ...)
 	NOT-FOR-US: Emerson DeltaV
-CVE-2012-3034
+CVE-2012-3034 (WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC  ...)
 	NOT-FOR-US: Siemens WinCC
 CVE-2012-3033
 	REJECTED
-CVE-2012-3032
+CVE-2012-3032 (SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 a ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2012-3031
+CVE-2012-3031 (Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2012-3030
+CVE-2012-3030 (WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC  ...)
 	NOT-FOR-US: Siemens WinCC
 CVE-2012-3029
 	REJECTED
-CVE-2012-3028
+CVE-2012-3028 (Cross-site request forgery (CSRF) vulnerability in WebNavigator in Sie ...)
 	NOT-FOR-US: Siemens WinCC
 CVE-2012-3027
 	REJECTED
-CVE-2012-3026
+CVE-2012-3026 (rifsrvd.exe in the Remote Interface Service in GE Intelligent Platform ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information Portal
-CVE-2012-3025
+CVE-2012-3025 (The default configuration of Tridium Niagara AX Framework through 3.6  ...)
 	NOT-FOR-US: Tridium Niagara AX Framework
-CVE-2012-3024
+CVE-2012-3024 (Tridium Niagara AX Framework through 3.6 uses predictable values for ( ...)
 	NOT-FOR-US: Tridium Niagara AX Framework
 CVE-2012-3023
 	RESERVED
-CVE-2012-3022
+CVE-2012-3022 (The SaveToFile method in a certain ActiveX control in TrendDisplay.dll ...)
 	NOT-FOR-US: Canary Labs TrendLink
-CVE-2012-3021
+CVE-2012-3021 (rifsrvd.exe in the Remote Interface Service in GE Intelligent Platform ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information Portal
-CVE-2012-3020
+CVE-2012-3020 (The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and OZW77 ...)
 	NOT-FOR-US: Siemens Synco OZW Web Server
 CVE-2012-3019
 	RESERVED
-CVE-2012-3018
+CVE-2012-3018 (The lockout-recovery feature in the Security Configurator component in ...)
 	NOT-FOR-US: ICONICS GENESIS32
-CVE-2012-3017
+CVE-2012-3017 (Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow remote a ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2012-3016
+CVE-2012-3016 (Siemens SIMATIC S7-400 PN CPU devices with firmware 6 before 6.0.3 all ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2012-3015
+CVE-2012-3015 (Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5. ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2012-3014
+CVE-2012-3014 (The Management Software application in GarrettCom Magnum MNS-6K before ...)
 	NOT-FOR-US: GarrettCom Magnum MNS-6K
-CVE-2012-3013
+CVE-2012-3013 (WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Indus ...)
 	NOT-FOR-US: WAGO I/O System 758
-CVE-2012-3012
+CVE-2012-3012 (The Arbiter Power Sentinel 1133A device with firmware before 11Jun2012 ...)
 	NOT-FOR-US: Arbiter Power Sentinel 1133A
-CVE-2012-3011
+CVE-2012-3011 (Directory traversal vulnerability in the web server in Fultek WinTr Sc ...)
 	NOT-FOR-US: Fultek WinTr Scada web server
-CVE-2012-3010
+CVE-2012-3010 (rifsrvd.exe in the Remote Interface Service in GE Intelligent Platform ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information Portal
-CVE-2012-3009
+CVE-2012-3009 (Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, an ...)
 	NOT-FOR-US: Siemens COMOS
-CVE-2012-3008
+CVE-2012-3008 (Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3. ...)
 	NOT-FOR-US: OSIsoft PI OPC DA Interface
-CVE-2012-3007
+CVE-2012-3007 (Stack-based buffer overflow in slssvc.exe before 58.x in Invensys Wond ...)
 	NOT-FOR-US: Invensys Wonderware SuiteLink
-CVE-2012-3006
+CVE-2012-3006 (The Innominate mGuard Smart HW before HW-101130 and BD before BD-10103 ...)
 	NOT-FOR-US: Innominate mGuard Smart
-CVE-2012-3005
+CVE-2012-3005 (Untrusted search path vulnerability in Invensys Wonderware InTouch 201 ...)
 	NOT-FOR-US: Wonderwar
-CVE-2012-3004
+CVE-2012-3004 (Multiple untrusted search path vulnerabilities in RealFlex RealWin bef ...)
 	NOT-FOR-US: RealFlex RealWin
-CVE-2012-3003
+CVE-2012-3003 (Open redirect vulnerability in an unspecified web application in Sieme ...)
 	NOT-FOR-US: WinCC
-CVE-2012-3002
+CVE-2012-3002 (The web interface on (1) Foscam and (2) Wansview IP cameras allows rem ...)
 	NOT-FOR-US: Foscam, Wansview IP cameras
-CVE-2012-3001
+CVE-2012-3001 (Mutiny Standard before 4.5-1.12 allows remote attackers to execute arb ...)
 	NOT-FOR-US: Mutiny Standard
-CVE-2012-3000
+CVE-2012-3000 (Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSe ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2012-2999
+CVE-2012-2999 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web  ...)
 	NOT-FOR-US: Cerberus FTP
-CVE-2012-2998
+CVE-2012-2998 (SQL injection vulnerability in the ad hoc query module in Trend Micro  ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2012-2997
+CVE-2012-2997 (XML External Entity (XXE) vulnerability in sam/admin/vpe2/public/php/s ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2012-2996
+CVE-2012-2996 (Cross-site request forgery (CSRF) vulnerability in saveAccountSubTab.i ...)
 	NOT-FOR-US: Trend Micro
-CVE-2012-2995
+CVE-2012-2995 (Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro Int ...)
 	NOT-FOR-US: Trend Micro
-CVE-2012-2994
+CVE-2012-2994 (The CoSoSys Endpoint Protector 4 appliance establishes an EPProot pass ...)
 	NOT-FOR-US: CoSoSys Endpoint Protector
-CVE-2012-2993
+CVE-2012-2993 (Microsoft Windows Phone 7 does not verify the domain name in the subje ...)
 	NOT-FOR-US: Microsoft Windows Phone
 CVE-2012-2992
 	RESERVED
-CVE-2012-2991
+CVE-2012-2991 (The PayPal (aka MODULE_PAYMENT_PAYPAL_STANDARD) module before 1.1 in o ...)
 	NOT-FOR-US: PayPal module in osCommerce Online Merchant
-CVE-2012-2990
+CVE-2012-2990 (The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller ...)
 	NOT-FOR-US: MarkAny ContentSAFER
 CVE-2012-2989
 	RESERVED
@@ -9257,88 +9257,88 @@ CVE-2012-2988
 	RESERVED
 CVE-2012-2987
 	RESERVED
-CVE-2012-2986
+CVE-2012-2986 (lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Applian ...)
 	NOT-FOR-US: HP Virtual SAN Appliance
-CVE-2012-2985
+CVE-2012-2985 (Cross-site scripting (XSS) vulnerability in InsertDocument.aspx in Cut ...)
 	NOT-FOR-US: CuteSoft Cute Editor
-CVE-2012-2984
+CVE-2012-2984 (Multiple cross-site scripting (XSS) vulnerabilities in monitor/m_overv ...)
 	NOT-FOR-US: Websense
-CVE-2012-2983
+CVE-2012-2983 (file/edit_html.cgi in Webmin 1.590 and earlier does not perform an aut ...)
 	NOT-FOR-US: Webmin
-CVE-2012-2982
+CVE-2012-2982 (file/show.cgi in Webmin 1.590 and earlier allows remote authenticated  ...)
 	NOT-FOR-US: Webmin
-CVE-2012-2981
+CVE-2012-2981 (Webmin 1.590 and earlier allows remote authenticated users to execute  ...)
 	NOT-FOR-US: Webmin
-CVE-2012-2980
+CVE-2012-2980 (The Samsung and HTC onTouchEvent method implementation for Android on  ...)
 	NOT-FOR-US: Samsung and HTC Android
 CVE-2012-2979 [VU#517036: NSD 3.2.13 emergency release]
 	RESERVED
 	- nsd3 <not-affected> (Debian version not affected)
-CVE-2012-2978
+CVE-2012-2978 (query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x bef ...)
 	{DSA-2515-1}
 	- nsd3 3.2.12-1
-CVE-2012-2977
+CVE-2012-2977 (The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 a ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2976
+CVE-2012-2976 (The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 a ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2975
+CVE-2012-2975 (Cross-site scripting (XSS) vulnerability in the traffic overview page  ...)
 	NOT-FOR-US: F5 ASM
-CVE-2012-2974
+CVE-2012-2974 (The web interface on the SMC SMC8024L2 switch allows remote attackers  ...)
 	NOT-FOR-US: SMC SMC8024L2 switch
 CVE-2012-2973
 	RESERVED
-CVE-2012-2972
+CVE-2012-2972 (The (1) server and (2) agent components in CA ARCserve Backup r12.5, r ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2012-2971
+CVE-2012-2971 (The server in CA ARCserve Backup r12.5, r15, and r16 on Windows does n ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2012-2970
+CVE-2012-2970 (The Synel SY-780/A Time &amp; Attendance terminal allows remote attack ...)
 	NOT-FOR-US: Synel terminal
-CVE-2012-2969
+CVE-2012-2969 (Caucho Quercus, as distributed in Resin before 4.0.29, allows remote a ...)
 	NOT-FOR-US: Caucho Quercus
-CVE-2012-2968
+CVE-2012-2968 (Directory traversal vulnerability in Caucho Quercus, as distributed in ...)
 	NOT-FOR-US: Caucho Quercus
-CVE-2012-2967
+CVE-2012-2967 (Caucho Quercus, as distributed in Resin before 4.0.29, does not proper ...)
 	NOT-FOR-US: Caucho Quercus
-CVE-2012-2966
+CVE-2012-2966 (Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entr ...)
 	NOT-FOR-US: Caucho Quercus
-CVE-2012-2965
+CVE-2012-2965 (Caucho Quercus, as distributed in Resin before 4.0.29, does not proper ...)
 	NOT-FOR-US: Caucho Quercus
-CVE-2012-2964
+CVE-2012-2964 (The BreakingPoint Storm appliance before 3.0 requires cleartext creden ...)
 	NOT-FOR-US: BreakingPoint Storm appliance
-CVE-2012-2963
+CVE-2012-2963 (The administrative interface in the embedded web server on the Breakin ...)
 	NOT-FOR-US: BreakingPoint Storm appliance
-CVE-2012-2962
+CVE-2012-2962 (SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutini ...)
 	NOT-FOR-US: Dell SonicWALL Scrutinizer
-CVE-2012-2961
+CVE-2012-2961 (SQL injection vulnerability in the management console in Symantec Web  ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2960
+CVE-2012-2960 (Cross-site scripting (XSS) vulnerability in the import functionality i ...)
 	NOT-FOR-US: HP ArcSight Connector, ArcSight Logger
-CVE-2012-2959
+CVE-2012-2959 (Cross-site request forgery (CSRF) vulnerability in password-manager/ch ...)
 	NOT-FOR-US: BMC
 CVE-2012-2958
 	RESERVED
-CVE-2012-2957
+CVE-2012-2957 (The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 a ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2956
+CVE-2012-2956 (SQL injection vulnerability in SpiceWorks 5.3.75941 allows remote auth ...)
 	NOT-FOR-US: SpiceWorks
-CVE-2012-2955
+CVE-2012-2955 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: IBM Lotus Protector, IBM ISS Proventia Network Mail Security
 CVE-2012-2954
 	RESERVED
-CVE-2012-2953
+CVE-2012-2953 (The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 a ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2952
+CVE-2012-2952 (SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and earlier a ...)
 	NOT-FOR-US: Jaow
 CVE-2012-2951
 	REJECTED
 CVE-2012-2950
 	RESERVED
-CVE-2012-2949
+CVE-2012-2949 (The ZTE sync_agent program for Android 2.3.4 on the Score M device use ...)
 	NOT-FOR-US: Android
-CVE-2012-2948
+CVE-2012-2948 (chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Ast ...)
 	{DSA-2493-1}
 	- asterisk 1:1.8.13.0~dfsg-1 (bug #675210)
-CVE-2012-2947
+CVE-2012-2947 (chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-ce ...)
 	{DSA-2493-1}
 	- asterisk 1:1.8.13.0~dfsg-1 (bug #675204)
 CVE-2012-2946
@@ -9346,283 +9346,283 @@ CVE-2012-2946
 CVE-2012-2945
 	RESERVED
 	- hadoop <itp> (bug #535861)
-CVE-2012-2944
+CVE-2012-2944 (Buffer overflow in the addchar function in common/parseconf.c in upsd  ...)
 	{DSA-2484-1}
 	- nut 2.6.4-1
 	NOTE: https://alioth.debian.org/tracker/index.php?func=detail&aid=313636&group_id=30602&atid=411542
-CVE-2012-2943
+CVE-2012-2943 (CRLF injection vulnerability in cryptographp.inc.php in Cryptographp a ...)
 	NOT-FOR-US: Cryptographp
-CVE-2012-2942
+CVE-2012-2942 (Buffer overflow in the trash buffer in the header capture functionalit ...)
 	{DSA-2711-1}
 	- haproxy 1.4.23-1 (bug #674447)
 	NOTE: According to upstream information this only was fixed in 1.4.21
 	NOTE: only a issue if using non-default value for global.tune.bufsize configuration option
 	NOTE: Reported as duplicate with CVE-2012-2391 http://seclists.org/oss-sec/2012/q2/417
-CVE-2012-2941
+CVE-2012-2941 (Cross-site scripting (XSS) vulnerability in search/ in Yandex.Server 2 ...)
 	NOT-FOR-US: Yandex.Server 2010 9.0 Enterprise
-CVE-2012-2940
+CVE-2012-2940 (MediaChance Real-DRAW PRO 5.2.4 allows remote attackers to cause a den ...)
 	NOT-FOR-US: MediaChance Real-DRAW PRO
-CVE-2012-2939
+CVE-2012-2939 (Multiple unrestricted file upload vulnerabilities in Travelon Express  ...)
 	NOT-FOR-US: Travelon Express
-CVE-2012-2938
+CVE-2012-2938 (Multiple cross-site scripting (XSS) vulnerabilities in Travelon Expres ...)
 	NOT-FOR-US: Travelon Express
-CVE-2012-2937
+CVE-2012-2937 (Multiple SQL injection vulnerabilities in Pligg CMS before 1.2.2 allow ...)
 	NOT-FOR-US: Pligg
-CVE-2012-2936
+CVE-2012-2936 (Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS befor ...)
 	NOT-FOR-US: Pligg
-CVE-2012-2935
+CVE-2012-2935 (Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Sh ...)
 	NOT-FOR-US: OSCommerce Online Merchant
-CVE-2012-2934
+CVE-2012-2934 (Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs,  ...)
 	{DSA-2501-1}
 	- xen 4.1.3~rc1+hg-20120614.a9c0a89c08f2-1
 CVE-2012-2933
 	RESERVED
-CVE-2012-2932
+CVE-2012-2932 (Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery  ...)
 	NOT-FOR-US: TinyWebGallery
 CVE-2012-2931
 	RESERVED
-CVE-2012-2930
+CVE-2012-2930 (Multiple cross-site request forgery (CSRF) vulnerabilities in TinyWebG ...)
 	NOT-FOR-US: TinyWebGallery
 CVE-2012-2929
 	RESERVED
-CVE-2012-2928
+CVE-2012-2928 (The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for  ...)
 	NOT-FOR-US: JIRA plugin
-CVE-2012-2927
+CVE-2012-2927 (The TM Software Tempo plugin before 6.4.3.1, 6.5.x before 6.5.0.2, and ...)
 	NOT-FOR-US: Atlassian JIRA
-CVE-2012-2926
+CVE-2012-2926 (Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0. ...)
 	NOT-FOR-US: Atlassian JIRA
-CVE-2012-2925
+CVE-2012-2925 (SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 a ...)
 	NOT-FOR-US: Simple PHP Agenda
-CVE-2012-2924
+CVE-2012-2924 (PHP remote file inclusion vulnerability in admin/setup.inc.php in Hype ...)
 	NOT-FOR-US: Hypermethod eLearning Server 4G
-CVE-2012-2923
+CVE-2012-2923 (SQL injection vulnerability in news.php4 in Hypermethod eLearning Serv ...)
 	NOT-FOR-US: Hypermethod eLearning Server 4G
-CVE-2012-2922
+CVE-2012-2922 (The request_path function in includes/bootstrap.inc in Drupal 7.14 and ...)
 	- drupal7 7.22-1 (unimportant)
 	NOTE: Path disclosure irrelevant for Debian
-CVE-2012-2921
+CVE-2012-2921 (Universal Feed Parser (aka feedparser or python-feedparser) before 5.1 ...)
 	- feedparser 5.1.2-1 (low; bug #674167)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
-CVE-2012-2920
+CVE-2012-2920 (Cross-site scripting (XSS) vulnerability in the userphoto_options_page ...)
 	NOT-FOR-US: WordPress User Photo plugin
-CVE-2012-2919
+CVE-2012-2919 (Directory traversal vulnerability in Upload/engine.php in Chevereto 1. ...)
 	NOT-FOR-US: Chevereto
-CVE-2012-2918
+CVE-2012-2918 (Cross-site scripting (XSS) vulnerability in Upload/engine.php in Cheve ...)
 	NOT-FOR-US: Chevereto
-CVE-2012-2917
+CVE-2012-2917 (Cross-site scripting (XSS) vulnerability in the Share and Follow plugi ...)
 	NOT-FOR-US: WordPress Share and Follow plugin
-CVE-2012-2916
+CVE-2012-2916 (Cross-site scripting (XSS) vulnerability in sabre_class_admin.php in t ...)
 	NOT-FOR-US: WordPress SABRE plugin
-CVE-2012-2915
+CVE-2012-2915 (Stack-based buffer overflow in Lattice Semiconductor PAC-Designer 6.2. ...)
 	NOT-FOR-US: Lattice Semiconductor PAC-Designer
-CVE-2012-2914
+CVE-2012-2914 (Cross-site scripting (XSS) vulnerability in captchademo.php in Unijimp ...)
 	NOT-FOR-US: Unijimpe Captcha
-CVE-2012-2913
+CVE-2012-2913 (Multiple cross-site scripting (XSS) vulnerabilities in the Leaflet plu ...)
 	NOT-FOR-US: WordPress Leaflet plugin
-CVE-2012-2912
+CVE-2012-2912 (Multiple cross-site scripting (XSS) vulnerabilities in the LeagueManag ...)
 	NOT-FOR-US: WordPress LeagueManager plugin
-CVE-2012-2911
+CVE-2012-2911 (Cross-site scripting (XSS) vulnerability in backupDB.php in SiliSoftwa ...)
 	NOT-FOR-US: SiliSoftware backupDB
-CVE-2012-2910
+CVE-2012-2910 (Multiple cross-site scripting (XSS) vulnerabilities in SiliSoftware ph ...)
 	NOT-FOR-US: SiliSoftware phpThumb
-CVE-2012-2909
+CVE-2012-2909 (Multiple cross-site scripting (XSS) vulnerabilities in Viscacha 0.8.1. ...)
 	NOT-FOR-US: Viscacha
-CVE-2012-2908
+CVE-2012-2908 (Multiple SQL injection vulnerabilities in admin/bbcodes.php in Viscach ...)
 	NOT-FOR-US: Viscacha
-CVE-2012-2907
+CVE-2012-2907 (Cross-site scripting (XSS) vulnerability in the aberdeen_breadcrumb fu ...)
 	NOT-FOR-US: Drupal Aberdeen theme
-CVE-2012-2906
+CVE-2012-2906 (Multiple cross-site scripting (XSS) vulnerabilities in artpublic/recom ...)
 	NOT-FOR-US: Artiphp CMS 5.5.0 Neo
-CVE-2012-2905
+CVE-2012-2905 (Artiphp CMS 5.5.0 Neo (r422) stores database backups with predictable  ...)
 	NOT-FOR-US: Artiphp CMS
-CVE-2012-2904
+CVE-2012-2904 (player.swf in LongTail JW Player 5.9 allows remote attackers to conduc ...)
 	NOT-FOR-US: LongTail JW Player
-CVE-2012-2903
+CVE-2012-2903 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Boo ...)
 	NOT-FOR-US: PHP Address Book
-CVE-2012-2902
+CVE-2012-2902 (Unrestricted file upload vulnerability in editor/extensions/browser/fi ...)
 	NOT-FOR-US: Joomla JCE
-CVE-2012-2901
+CVE-2012-2901 (Cross-site scripting (XSS) vulnerability in the Profile List in the Jo ...)
 	NOT-FOR-US: Joomla JCE
-CVE-2012-2900
+CVE-2012-2900 (Skia, as used in Google Chrome before 22.0.1229.92, does not properly  ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2899
+CVE-2012-2899 (Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls ...)
 	- chromium-browser <not-affected> (iOS-specific)
-CVE-2012-2898
+CVE-2012-2898 (Google Chrome before 21.0.1180.82 on iOS on iPad devices allows remote ...)
 	- chromium-browser <not-affected> (iOS-specific)
-CVE-2012-2897
+CVE-2012-2897 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows S ...)
 	- chromium-browser <not-affected> (Windows-specific)
-CVE-2012-2896
+CVE-2012-2896 (Integer overflow in the WebGL implementation in Google Chrome before 2 ...)
 	- chromium-browser <not-affected> (MacOS X-specific)
-CVE-2012-2895
+CVE-2012-2895 (The PDF functionality in Google Chrome before 22.0.1229.79 allows remo ...)
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
-CVE-2012-2894
+CVE-2012-2894 (Google Chrome before 22.0.1229.79 does not properly handle graphics-co ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2893
+CVE-2012-2893 (Double free vulnerability in libxslt, as used in Google Chrome before  ...)
 	{DSA-2555-1}
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libxslt 1.1.26-14 (bug #689422)
-CVE-2012-2892
+CVE-2012-2892 (Unspecified vulnerability in Google Chrome before 22.0.1229.79 allows  ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2891
+CVE-2012-2891 (The IPC implementation in Google Chrome before 22.0.1229.79 allows att ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2890
+CVE-2012-2890 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
-CVE-2012-2889
+CVE-2012-2889 (Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0. ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2888
+CVE-2012-2888 (Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allo ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2887
+CVE-2012-2887 (Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allo ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2886
+CVE-2012-2886 (Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0. ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2885
+CVE-2012-2885 (Double free vulnerability in Google Chrome before 22.0.1229.79 allows  ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2884
+CVE-2012-2884 (Skia, as used in Google Chrome before 22.0.1229.79, allows remote atta ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2883
+CVE-2012-2883 (Skia, as used in Google Chrome before 22.0.1229.79, allows remote atta ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2882
+CVE-2012-2882 (FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properl ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libav 6:0.8.5-1 (bug #694483)
 	- ffmpeg <not-affected> (vulnerable code not present)
 	NOTE: https://chromiumcodereview.appspot.com/10829204
 	NOTE: fixed with http://git.libav.org/?p=libav.git;a=commitdiff;h=7751e4693dd10ec98c20fbd9887233b575034272
-CVE-2012-2881
+CVE-2012-2881 (Google Chrome before 22.0.1229.79 does not properly handle plug-ins, w ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2880
+CVE-2012-2880 (Race condition in Google Chrome before 22.0.1229.79 allows remote atta ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2879
+CVE-2012-2879 (Google Chrome before 22.0.1229.79 allows remote attackers to cause a d ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2878
+CVE-2012-2878 (Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allo ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2877
+CVE-2012-2877 (The extension system in Google Chrome before 22.0.1229.79 does not pro ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2876
+CVE-2012-2876 (Buffer overflow in the SSE2 optimization functionality in Google Chrom ...)
 	- chromium-browser 22.0.1229.94~r161065-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2875
+CVE-2012-2875 (Multiple unspecified vulnerabilities in the PDF functionality in Googl ...)
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2874
+CVE-2012-2874 (Skia, as used in Google Chrome before 22.0.1229.79, allows remote atta ...)
 	[squeeze] - chromium-browser <end-of-life>
 	- chromium-browser 22.0.1229.94~r161065-1
 CVE-2012-2873
 	RESERVED
-CVE-2012-2872
+CVE-2012-2872 (Cross-site scripting (XSS) vulnerability in an SSL interstitial page i ...)
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2871
+CVE-2012-2871 (libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.11 ...)
 	{DSA-2555-1}
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libxslt 1.1.26-14 (bug #689422)
-CVE-2012-2870
+CVE-2012-2870 (libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180. ...)
 	{DSA-2555-1}
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libxslt 1.1.26-14 (bug #689422)
-CVE-2012-2869
+CVE-2012-2869 (Google Chrome before 21.0.1180.89 does not properly load URLs, which a ...)
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2868
+CVE-2012-2868 (Race condition in Google Chrome before 21.0.1180.89 allows remote atta ...)
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2867
+CVE-2012-2867 (The SPDY implementation in Google Chrome before 21.0.1180.89 allows re ...)
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2866
+CVE-2012-2866 (Google Chrome before 21.0.1180.89 does not properly perform a cast of  ...)
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2865
+CVE-2012-2865 (Google Chrome before 21.0.1180.89 does not properly perform line break ...)
 	- chromium-browser 21.0.1180.89~r154005-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2864
+CVE-2012-2864 (Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, C ...)
 	- mesa 8.0.4-2 (bug #685667)
 	[squeeze] - mesa <not-affected> (Vulnerable code not present)
-CVE-2012-2863
+CVE-2012-2863 (The PDF functionality in Google Chrome before 21.0.1180.75 allows remo ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2862
+CVE-2012-2862 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
 CVE-2012-2861
 	RESERVED
-CVE-2012-2860
+CVE-2012-2860 (The date-picker implementation in Google Chrome before 21.0.1180.57 on ...)
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/122918
-CVE-2012-2859
+CVE-2012-2859 (Google Chrome before 21.0.1180.57 on Linux does not properly handle ta ...)
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2858
+CVE-2012-2858 (Buffer overflow in the WebP decoder in Google Chrome before 21.0.1180. ...)
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2857
+CVE-2012-2857 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) DOM i ...)
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2856
+CVE-2012-2856 (The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2855
+CVE-2012-2855 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2854
+CVE-2012-2854 (Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21 ...)
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2853
+CVE-2012-2853 (The webRequest API in Google Chrome before 21.0.1180.57 on Mac OS X an ...)
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2852
+CVE-2012-2852 (The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2851
+CVE-2012-2851 (Multiple integer overflows in the PDF functionality in Google Chrome b ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2850
+CVE-2012-2850 (Multiple unspecified vulnerabilities in the PDF functionality in Googl ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2849
+CVE-2012-2849 (Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180. ...)
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2848
+CVE-2012-2848 (The drag-and-drop implementation in Google Chrome before 21.0.1180.57  ...)
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2847
+CVE-2012-2847 (Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21 ...)
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2846
+CVE-2012-2846 (Google Chrome before 21.0.1180.57 on Linux does not properly isolate r ...)
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2845
+CVE-2012-2845 (Integer overflow in the jpeg_data_load_data function in jpeg-data.c in ...)
 	- exif 0.6.20-2 (low; bug #681465)
 	[squeeze] - exif <no-dsa> (Minor crasher)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
-CVE-2012-2844
+CVE-2012-2844 (The PDF functionality in Google Chrome before 20.0.1132.57 does not pr ...)
 	- chromium-browser <not-affected>
-CVE-2012-2843
+CVE-2012-2843 (Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allo ...)
 	- chromium-browser 20.0.1132.57~r145807-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2842
+CVE-2012-2842 (Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allo ...)
 	- chromium-browser 20.0.1132.57~r145807-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2841
+CVE-2012-2841 (Integer underflow in the exif_entry_get_value function in exif-entry.c ...)
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
-CVE-2012-2840
+CVE-2012-2840 (Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-en ...)
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
@@ -9631,83 +9631,83 @@ CVE-2012-2839
 	RESERVED
 CVE-2012-2838
 	RESERVED
-CVE-2012-2837
+CVE-2012-2837 (The mnote_olympus_entry_get_value function in olympus/mnote-olympus-en ...)
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
-CVE-2012-2836
+CVE-2012-2836 (The exif_data_load_data function in exif-data.c in the EXIF Tag Parsin ...)
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
 CVE-2012-2835
 	RESERVED
-CVE-2012-2834
+CVE-2012-2834 (Integer overflow in Google Chrome before 20.0.1132.43 allows remote at ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2833
+CVE-2012-2833 (Buffer overflow in the JS API in the PDF functionality in Google Chrom ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2832
+CVE-2012-2832 (The image-codec implementation in the PDF functionality in Google Chro ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2831
+CVE-2012-2831 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allo ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2830
+CVE-2012-2830 (Google Chrome before 20.0.1132.43 does not properly set array values,  ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2829
+CVE-2012-2829 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) imple ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2828
+CVE-2012-2828 (Multiple integer overflows in the PDF functionality in Google Chrome b ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2827
+CVE-2012-2827 (Use-after-free vulnerability in the UI in Google Chrome before 20.0.11 ...)
 	- chromium-browser <not-affected> (MacOS specific)
-CVE-2012-2826
+CVE-2012-2826 (Google Chrome before 20.0.1132.43 does not properly implement texture  ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2825
+CVE-2012-2825 (The XSL implementation in Google Chrome before 20.0.1132.43 allows rem ...)
 	- libxslt 1.1.26-13 (low; bug #679283)
 	[squeeze] - libxslt 1.1.26-6+squeeze1
-CVE-2012-2824
+CVE-2012-2824 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allo ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2823
+CVE-2012-2823 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allo ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2822
+CVE-2012-2822 (The PDF functionality in Google Chrome before 20.0.1132.43 allows remo ...)
 	- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2821
+CVE-2012-2821 (The autofill implementation in Google Chrome before 20.0.1132.43 does  ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2820
+CVE-2012-2820 (Google Chrome before 20.0.1132.43 does not properly implement SVG filt ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2819
+CVE-2012-2819 (The texSubImage2D implementation in the WebGL subsystem in Google Chro ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2818
+CVE-2012-2818 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allo ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2817
+CVE-2012-2817 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allo ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <not-affected>
-CVE-2012-2816
+CVE-2012-2816 (Google Chrome before 20.0.1132.43 on Windows does not properly isolate ...)
 	- chromium-browser <not-affected> (windows-only)
-CVE-2012-2815
+CVE-2012-2815 (Google Chrome before 20.0.1132.43 allows remote attackers to obtain po ...)
 	- chromium-browser 20.0.1132.43~r143823-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2814
+CVE-2012-2814 (Buffer overflow in the exif_entry_format_value function in exif-entry. ...)
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
-CVE-2012-2813
+CVE-2012-2813 (The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Ta ...)
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
-CVE-2012-2812
+CVE-2012-2812 (The exif_entry_get_value function in exif-entry.c in the EXIF Tag Pars ...)
 	{DSA-2559-1}
 	- libexif 0.6.20-3 (bug #681454)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
@@ -9718,139 +9718,139 @@ CVE-2012-2810
 	RESERVED
 CVE-2012-2809
 	RESERVED
-CVE-2012-2808
+CVE-2012-2808 (The PRNG implementation in the DNS resolver in Bionic in Android befor ...)
 	- iceweasel <not-affected> (Only affects 37.x; only on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-41/
-CVE-2012-2807
+CVE-2012-2807 (Multiple integer overflows in libxml2, as used in Google Chrome before ...)
 	{DSA-2521-1}
 	- libxml2 2.8.0+dfsg1-5 (bug #679280)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=459eeb9dc752d5185f57ff6b135027f11981a626
-CVE-2012-2806
+CVE-2012-2806 (Heap-based buffer overflow in the get_sos function in jdmarker.c in li ...)
 	- libjpeg-turbo <not-affected> (Fixed before initial release)
-CVE-2012-2805
+CVE-2012-2805 (Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to ca ...)
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2804
+CVE-2012-2804 (Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 ...)
 	- ffmpeg 7:2.4.1-1
 	- libav 6:0.8.5-1 (bug #688847)
 	[squeeze] - ffmpeg <not-affected> (vulnerable code not present)
-CVE-2012-2803
+CVE-2012-2803 (Double free vulnerability in the mpeg_decode_frame function in libavco ...)
 	{DSA-2624-1}
 	- ffmpeg 7:2.4.1-1
 	- libav 6:0.8.5-1 (bug #688847)
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
-CVE-2012-2802
+CVE-2012-2802 (Unspecified vulnerability in the ac3_decode_frame function in libavcod ...)
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2801
+CVE-2012-2801 (Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, a ...)
 	{DSA-2624-1}
 	- libav 6:0.8.4-1 (bug #688847)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
-CVE-2012-2800
+CVE-2012-2800 (Unspecified vulnerability in the ff_ivi_process_empty_tile function in ...)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2799
+CVE-2012-2799 (Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg bef ...)
 	- libav <not-affected> (Vulnerable code not present in 0.8 version from unstable, fixed in 0.9 version in experimental)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-2798
+CVE-2012-2798 (Unspecified vulnerability in the decode_dds1 function in libavcodec/df ...)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2797
+CVE-2012-2797 (Unspecified vulnerability in the decode_frame_mp3on4 function in libav ...)
 	- ffmpeg 7:2.4.1-1
 	- libav 6:0.8.5-1 (bug #688847)
 	[squeeze] - ffmpeg <not-affected> (vulnerable code not present)
 	NOTE: patch proposed: http://patches.libav.org/patch/32642/
-CVE-2012-2796
+CVE-2012-2796 (Unspecified vulnerability in the vc1_decode_frame function in libavcod ...)
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2795
+CVE-2012-2795 (Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in ...)
 	- libav <not-affected> (Vulnerable code not present in 0.8 version from unstable, fixed in 0.9 version in experimental)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-2794
+CVE-2012-2794 (Unspecified vulnerability in the decode_mb_info function in libavcodec ...)
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2793
+CVE-2012-2793 (Unspecified vulnerability in the lag_decode_zero_run_line function in  ...)
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2792
+CVE-2012-2792 (Unspecified vulnerability in the decode_init function in libavcodec/wm ...)
 	- libav <not-affected> (Vulnerable code not present in 0.8 version from unstable, fixed in 0.9 version in experimental)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-2791
+CVE-2012-2791 (Multiple unspecified vulnerabilities in the (1) decode_band_hdr functi ...)
 	- libav 6:0.8.5-1 (bug #688847)
-CVE-2012-2790
+CVE-2012-2790 (Unspecified vulnerability in the read_var_block_data function in libav ...)
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2789
+CVE-2012-2789 (Unspecified vulnerability in the avi_read_packet function in libavform ...)
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 	NOTE: contrary to the description, this issue is about the decode_subframe in libavcodec/wmaprodec.c
-CVE-2012-2788
+CVE-2012-2788 (Unspecified vulnerability in the avi_read_packet function in libavform ...)
 	{DSA-2624-1}
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2787
+CVE-2012-2787 (Unspecified vulnerability in the decode_frame function in libavcodec/i ...)
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2786
+CVE-2012-2786 (Unspecified vulnerability in the decode_wdlt function in libavcodec/df ...)
 	- ffmpeg <not-affected> (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2785
+CVE-2012-2785 (Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in ...)
 	- libav <not-affected> (Vulnerable code not present in 0.8 version from unstable, fixed in 0.9 version in experimental)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-2784
+CVE-2012-2784 (Unspecified vulnerability in the decode_pic function in libavcodec/cav ...)
 	{DSA-2624-1}
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 	- ffmpeg 7:2.4.1-1
 	NOTE: duplicate of CVE-2012-2777
-CVE-2012-2783
+CVE-2012-2783 (Unspecified vulnerability in libavcodec/vp56.c in FFmpeg before 0.11,  ...)
 	{DSA-2624-1}
 	- ffmpeg 7:2.4.1-1 (bug #688849)
 	- libav 6:0.8.5-1 (bug #688847)
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
-CVE-2012-2782
+CVE-2012-2782 (Unspecified vulnerability in the decode_slice_header function in libav ...)
 	- libav <not-affected> (Doesn't affect libav)
-CVE-2012-2781
+CVE-2012-2781 (Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact a ...)
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2780
+CVE-2012-2780 (Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact a ...)
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2779
+CVE-2012-2779 (Unspecified vulnerability in the decode_frame function in libavcodec/i ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present, bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2778
+CVE-2012-2778 (Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact a ...)
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2777
+CVE-2012-2777 (Unspecified vulnerability in the decode_pic function in libavcodec/cav ...)
 	{DSA-2624-1}
 	[squeeze] - ffmpeg 4:0.5.9-1 (bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2776
+CVE-2012-2776 (Unspecified vulnerability in the decode_cell_data function in libavcod ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present, bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2775
+CVE-2012-2775 (Unspecified vulnerability in the read_var_block_data function in libav ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present, bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2774
+CVE-2012-2774 (The ff_MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg be ...)
 	- ffmpeg <not-affected> (there is no crash, just a couple uninitialized reads, harmless according to Janne)
 	- libav <not-affected> (there is no crash, just a couple uninitialized reads, harmless according to Janne)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=59a4b73531428d2f420b4dad545172c8483ced0f
 	NOTE: patch proposed: http://patches.libav.org/patch/32644/
-CVE-2012-2773
+CVE-2012-2773 (Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact a ...)
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2772
+CVE-2012-2772 (Unspecified vulnerability in the ff_rv34_decode_frame function in liba ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present, bug #688849)
 	- libav 6:0.8.4-1 (bug #688847)
-CVE-2012-2771
+CVE-2012-2771 (Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact a ...)
 	- ffmpeg 7:2.4.1-1
-CVE-2012-2770
+CVE-2012-2770 (The Authen::ExternalAuth extension before 0.11 for Best Practical Solu ...)
 	- rt-authen-externalauth 0.10-2 (bug #683288)
-CVE-2012-2769
+CVE-2012-2769 (Multiple cross-site scripting (XSS) vulnerabilities in the topic admin ...)
 	- request-tracker4 4.0.6-1
 	NOTE: bundled in RT4
-CVE-2012-2768
+CVE-2012-2768 (Multiple cross-site scripting (XSS) vulnerabilities in the topic admin ...)
 	{DSA-2535-1}
 	- rtfm <removed> (bug #683290)
 	- request-tracker4 4.0.6-1
@@ -9861,22 +9861,22 @@ CVE-2012-2766
 	RESERVED
 CVE-2012-2765
 	RESERVED
-CVE-2012-2764
+CVE-2012-2764 (Untrusted search path vulnerability in Google Chrome before 20.0.1132. ...)
 	- chromium-browser <not-affected> (Windows specific)
-CVE-2012-2763
+CVE-2012-2763 (Buffer overflow in the readstr_upto function in plug-ins/script-fu/tin ...)
 	- gimp 2.8.0-1 (unimportant)
 	NOTE: Only exploitable in rare/theoretical setups
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/31/1
 	NOTE: http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
 	NOTE: http://www.reactionpenetrationtesting.co.uk/advisories/scriptfubof.c
-CVE-2012-2762
+CVE-2012-2762 (SQL injection vulnerability in include/functions_trackbacks.inc.php in ...)
 	- serendipity <not-affected> (vulnerable code not present in 1.5.1, see bug #678139)
 CVE-2012-2761
 	RESERVED
-CVE-2012-2760
+CVE-2012-2760 (mod_auth_openid before 0.7 for Apache uses world-readable permissions  ...)
 	- libapache2-mod-auth-openid 0.7-0.1 (low; bug #674165)
 	[squeeze] - libapache2-mod-auth-openid <no-dsa> (Minor issue)
-CVE-2012-2759
+CVE-2012-2759 (Cross-site scripting (XSS) vulnerability in login-with-ajax.php in the ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2012-2758
 	RESERVED
@@ -9888,53 +9888,53 @@ CVE-2012-2755
 	RESERVED
 CVE-2012-2754
 	RESERVED
-CVE-2012-2753
+CVE-2012-2753 (Untrusted search path vulnerability in TrGUI.exe in the Endpoint Conne ...)
 	NOT-FOR-US: Endpoint Connect
-CVE-2012-2752
+CVE-2012-2752 (Untrusted search path vulnerability in VMware vMA 4.x and 5.x before 5 ...)
 	NOT-FOR-US: VMware
-CVE-2012-2751
+CVE-2012-2751 (ModSecurity before 2.6.6, when used with PHP, does not properly handle ...)
 	{DSA-2506-1}
 	- modsecurity-apache 2.6.6-1 (bug #678527)
 	- libapache-mod-security <removed> (bug #678529)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/22/1
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/22/2
-CVE-2012-2750
+CVE-2012-2750 (Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown imp ...)
 	{DSA-2780-1}
 	- mysql-5.5 5.5.23-1
 	- mysql-5.1 <unfixed>
 	NOTE: http://bugs.mysql.com/bug.php?id=59533
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2012-2749
+CVE-2012-2749 (MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authen ...)
 	{DSA-2496-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.24+dfsg-1
-CVE-2012-2748
+CVE-2012-2748 (Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote  ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-2747
+CVE-2012-2747 (Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote  ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-2746
+CVE-2012-2746 (389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server bef ...)
 	- 389-ds-base <not-affected> (Fixed before initial upload)
-CVE-2012-2745
+CVE-2012-2745 (The copy_creds function in kernel/cred.c in the Linux kernel before 3. ...)
 	- linux 3.2.15-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-46
-CVE-2012-2744
+CVE-2012-2744 (net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6 ...)
 	- linux 2.6.34-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-36
-CVE-2012-2743
+CVE-2012-2743 (Revelation 0.4.13-2 and earlier does not iterate through SHA hashing a ...)
 	- revelation 0.4.11-10 (low; bug #633088)
 	[squeeze] - revelation <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/18/1
-CVE-2012-2742
+CVE-2012-2742 (Revelation 0.4.13-2 and earlier uses only the first 32 characters of a ...)
 	- revelation 0.4.11-10 (bug #633088)
 	[squeeze] - revelation <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/18/1
-CVE-2012-2741
+CVE-2012-2741 (Cross-site scripting (XSS) vulnerability in public_html/lists/admin/ i ...)
 	NOT-FOR-US: phplist
-CVE-2012-2740
+CVE-2012-2740 (SQL injection vulnerability in public_html/lists/admin in phpList befo ...)
 	NOT-FOR-US: phplist
-CVE-2012-2739
+CVE-2012-2739 (Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 an ...)
 	- openjdk-6 <removed> (unimportant)
 	- openjdk-7 <removed> (unimportant)
 	NOTE: Upstream disputes this and states it needs to be fixed in Java apps itself
@@ -9942,11 +9942,11 @@ CVE-2012-2739
 	NOTE: http://armoredbarista.blogspot.de/2012/02/investigating-hashdos-issue.html
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/15/12
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/17/1
-CVE-2012-2738
+CVE-2012-2738 (The VteTerminal in gnome-terminal (vte) before 0.32.2 allows remote au ...)
 	- vte 1:0.28.2-5 (bug #677717)
 	- vte3 1:0.32.2-1
 	[squeeze] - vte 1:0.24.3-4
-CVE-2012-2737
+CVE-2012-2737 (The user_change_icon_file_authorized_cb function in /usr/libexec/accou ...)
 	- accountsservice 0.6.21-6 (bug #679429)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/28/9
 	NOTE: http://cgit.freedesktop.org/accountsservice/commit/?id=69b526a6cd4c078732068de2ba393cf9242a404b
@@ -9955,78 +9955,78 @@ CVE-2012-2736 [NetworkManager: creating new WPA-secured wireless network results
 	RESERVED
 	- network-manager 0.9.4.0-1 (low; bug #655972)
 	[squeeze] - network-manager 0.8.1-6+squeeze2
-CVE-2012-2735
+CVE-2012-2735 (Session fixation vulnerability in Cumin before 0.1.5444, as used in Re ...)
 	NOT-FOR-US: Cumin
-CVE-2012-2734
+CVE-2012-2734 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin be ...)
 	NOT-FOR-US: Cumin
-CVE-2012-2733
+CVE-2012-2733 (java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP  ...)
 	- tomcat6 6.0.35-5+nmu1 (bug #692439)
 	[squeeze] - tomcat6 6.0.35-1+squeeze3
 	NOTE: DSA 2725
 	- tomcat7 7.0.28-1 (bug #692440)
 CVE-2012-2732
 	REJECTED
-CVE-2012-2731
+CVE-2012-2731 (The Ubercart AJAX Cart 6.x-2.x before 6.x-2.1 for Drupal stores the PH ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2730
+CVE-2012-2730 (The Protected Node module 6.x-1.x before 6.x-1.6 for Drupal does not p ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2729
+CVE-2012-2729 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Simp ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2728
+CVE-2012-2728 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Node ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2727
+CVE-2012-2727 (Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and  ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2726
+CVE-2012-2726 (Cross-site scripting (XSS) vulnerability in the Protest module 6.x-1.x ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2725
+CVE-2012-2725 (classes/Filter/WhitelistedExternalFilter.php in the Authoring HTML mod ...)
 	NOT-FOR-US: Drupal module
 CVE-2012-2724
 	RESERVED
 	NOT-FOR-US: Drupal module
-CVE-2012-2723
+CVE-2012-2723 (Cross-site scripting (XSS) vulnerability in the Maestro module 7.x-1.x ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2722
+CVE-2012-2722 (The node selection interface in the WYSIWYG editor (CKEditor) in the N ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2721
+CVE-2012-2721 (The default views in the Organic Groups (OG) module 6.x-2.x before 6.x ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2720
+CVE-2012-2720 (The Token Authentication (tokenauth) module 6.x-1.x before 6.x-1.7 for ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2719
+CVE-2012-2719 (The filedepot module 6.x-1.x before 6.x-1.3 for Drupal, when accessed  ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2718
+CVE-2012-2718 (SQL injection vulnerability in the Counter module for Drupal allows re ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2717
+CVE-2012-2717 (Multiple cross-site scripting (XSS) vulnerabilities in the Mobile Tool ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2716
+CVE-2012-2716 (Cross-site request forgery (CSRF) vulnerability in the Comment Moderat ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2715
+CVE-2012-2715 (Cross-site scripting (XSS) vulnerability in the themes_links function  ...)
 	NOT-FOR-US: Drupal module
 CVE-2012-2714
 	RESERVED
 	NOT-FOR-US: Drupal module
-CVE-2012-2713
+CVE-2012-2713 (Cross-site request forgery (CSRF) vulnerability in the BrowserID (Mozi ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2712
+CVE-2012-2712 (Multiple cross-site scripting (XSS) vulnerabilities in the Search API  ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2711
+CVE-2012-2711 (Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Li ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2710
+CVE-2012-2710 (Cross-site scripting (XSS) vulnerability in the Zen module 6.x-1.x bef ...)
 	NOT-FOR-US: Drupal module
 CVE-2012-2709
 	REJECTED
-CVE-2012-2708
+CVE-2012-2708 (Cross-site scripting (XSS) vulnerability in the _hosting_task_log_tabl ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2707
+CVE-2012-2707 (The Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal does n ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2706
+CVE-2012-2706 (Cross-site scripting (XSS) vulnerability in the Post Affiliate Pro (PA ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2705
+CVE-2012-2705 (The filter_titles function in the Smart Breadcrumb module 6.x-1.x befo ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2704
+CVE-2012-2704 (The Advertisement module 6.x-2.x before 6.x-2.3 for Drupal does not pr ...)
 	NOT-FOR-US: Drupal Module
-CVE-2012-2703
+CVE-2012-2703 (Cross-site scripting (XSS) vulnerability in the Advertisement module 6 ...)
 	NOT-FOR-US: Drupal module
-CVE-2012-2702
+CVE-2012-2702 (The Ubercart Product Keys module 6.x-1.x before 6.x-1.1 for Drupal doe ...)
 	NOT-FOR-US: Drupal module
 CVE-2012-2701
 	REJECTED
@@ -10034,28 +10034,28 @@ CVE-2012-2700
 	REJECTED
 CVE-2012-2699
 	REJECTED
-CVE-2012-2698
+CVE-2012-2698 (Cross-site scripting (XSS) vulnerability in the outputPage function in ...)
 	[squeeze] - mediawiki <not-affected> (bug #677895; only affects experimental version 1.9.0)
 	- mediawiki 1:1.19.1-1
-CVE-2012-2697
+CVE-2012-2697 (Unspecified vulnerability in autofs, as used in Red Hat Enterprise Lin ...)
 	- autofs 5.0.6-1
 	NOTE: Fixed upstream with "fix paged ldap map read"
-CVE-2012-2696
+CVE-2012-2696 (The backend in Red Hat Enterprise Virtualization Manager (RHEV-M) befo ...)
 	NOT-FOR-US: Red Hat Enterprise Virtualisation
-CVE-2012-2695
+CVE-2012-2695 (The Active Record component in Ruby on Rails before 3.0.14, 3.1.x befo ...)
 	- ruby-activerecord-3.2 3.2.6-1 (bug #675429)
-CVE-2012-2694
+CVE-2012-2694 (actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before ...)
 	- ruby-activerecord-3.2 3.2.6-1 (bug #675429)
-CVE-2012-2693
+CVE-2012-2693 (libvirt, possibly before 0.9.12, does not properly assign USB devices  ...)
 	- libvirt 0.9.12-1 (bug #677496)
 	[squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-2692
+CVE-2012-2692 (MantisBT before 1.2.11 does not check the delete_attachments_threshold ...)
 	{DSA-2500-1}
 	- mantis 1.2.11-1 (bug #676783)
-CVE-2012-2691
+CVE-2012-2691 (The mc_issue_note_update function in the SOAP API in MantisBT before 1 ...)
 	- mantis 1.2.11-1 (bug #676783)
 	[squeeze] - mantis <not-affected> (according to maintainer)
-CVE-2012-2690
+CVE-2012-2690 (virt-edit in libguestfs before 1.18.0 does not preserve the permission ...)
 	- libguestfs 1:1.18.0-1
 	NOTE: Upstream patch https://www.redhat.com/archives/libguestfs/2012-February/msg00034.html
 	NOTE: https://www.redhat.com/archives/libguestfs/2012-February/msg00033.html
@@ -10064,67 +10064,67 @@ CVE-2012-2690
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/11/5
 CVE-2012-2689
 	RESERVED
-CVE-2012-2688
+CVE-2012-2688 (Unspecified vulnerability in the _php_stream_scandir function in the s ...)
 	{DSA-2527-1}
 	- php5 5.4.4-4 (low; bug #683274)
-CVE-2012-2687
+CVE-2012-2687 (Multiple cross-site scripting (XSS) vulnerabilities in the make_varian ...)
 	- apache2 2.2.22-8 (low)
 	[squeeze] - apache2 2.2.16-6+squeeze8
-CVE-2012-2686
+CVE-2012-2686 (crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TL ...)
 	- openssl 1.0.1e-1 (bug #699889)
 	[squeeze] - openssl <not-affected> (Vulnerable code not present)
 	NOTE: DoS in specific protocol + cpu type combination
-CVE-2012-2685
+CVE-2012-2685 (Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realti ...)
 	NOT-FOR-US: Cumin
-CVE-2012-2684
+CVE-2012-2684 (Multiple SQL injection vulnerabilities in the get_sample_filters_by_si ...)
 	NOT-FOR-US: Cumin
-CVE-2012-2683
+CVE-2012-2683 (Multiple cross-site scripting (XSS) vulnerabilities in Cumin before 0. ...)
 	NOT-FOR-US: Cumin
-CVE-2012-2682
+CVE-2012-2682 (Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG  ...)
 	NOT-FOR-US: Cumin
-CVE-2012-2681
+CVE-2012-2681 (Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realti ...)
 	NOT-FOR-US: Cumin
-CVE-2012-2680
+CVE-2012-2680 (Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realti ...)
 	NOT-FOR-US: Cumin
-CVE-2012-2679
+CVE-2012-2679 (Red Hat Network (RHN) Configuration Client (rhncfg-client) in rhncfg b ...)
 	NOT-FOR-US: Red Hat Network configuration client
-CVE-2012-2678
+CVE-2012-2678 (389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server bef ...)
 	- 389-ds-base <not-affected> (Fixed before initial upload)
-CVE-2012-2677
+CVE-2012-2677 (Integer overflow in the ordered_malloc function in boost/pool/pool.hpp ...)
 	- boost1.42 <removed> (low; bug #688331)
 	[squeeze] - boost1.42 <no-dsa> (Minor issue)
 	- boost1.49 1.49.0-3.1 (low; bug #677197)
-CVE-2012-2676
+CVE-2012-2676 (Multiple integer overflows in the (1) malloc and (2) calloc functions  ...)
 	NOT-FOR-US: Hoard memory allocator
-CVE-2012-2675
+CVE-2012-2675 (Multiple integer overflows in the (1) CallMalloc (malloc) and (2) nedp ...)
 	NOT-FOR-US: nedmalloc
-CVE-2012-2674
+CVE-2012-2674 (Multiple integer overflows in the (1) chk_malloc, (2) leak_malloc, and ...)
 	NOT-FOR-US: Android libc
-CVE-2012-2673
+CVE-2012-2673 (Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc ...)
 	- libgc 1:7.1-9 (bug #677195)
 	[squeeze] - libgc 1:6.8-2
-CVE-2012-2672
+CVE-2012-2672 (Oracle Mojarra 2.1.7 does not properly "clean up" the FacesContext ref ...)
 	- mojarra 2.2.8-1 (bug #677194)
 	[wheezy] - mojarra <not-affected> (Only affected in combination with EAP6/AS7 application servers, not shipped in Debian)
 	[squeeze] - mojarra <not-affected> (Only affected in combination with EAP6/AS7 application servers, not shipped in Debian)
-CVE-2012-2671
+CVE-2012-2671 (The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other  ...)
 	NOTE: https://github.com/rtomayko/rack-cache/blob/master/CHANGES
 	- ruby-rack-cache 1.2-1
-CVE-2012-2670
+CVE-2012-2670 (manageuser.php in Collabtive before 0.7.6 allows remote authenticated  ...)
 	- collabtive 0.7.6-1 (bug #676311)
 	NOTE: http://www.securityfocus.com/archive/1/522973/30/0/threaded
 	NOTE: http://xync.org/2012/06/04/Arbitrary-File-Upload-in-Collabtive.html
 	NOTE: http://www.collabtive.o-dyn.de/blog/?p=426
-CVE-2012-2669
+CVE-2012-2669 (The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distri ...)
 	- linux 3.2.23-1
 	[squeeze] - linux-2.6 <not-affected> (userspace daemon not yet present)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=761200
-CVE-2012-2668
+CVE-2012-2668 (libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, wh ...)
 	- openldap <not-affected> (OpenLDAP in Debian uses GNUTLS instead of Mozilla NSS)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=825875
 	NOTE: http://www.openldap.org/its/index.cgi?findid=7285
 	NOTE: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=2c2bb2e
-CVE-2012-2667
+CVE-2012-2667 (Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.p ...)
 	NOT-FOR-US: Symfony
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=418427
 	NOTE: http://symfony.com/blog/security-release-symfony-1-4-18-released
@@ -10132,22 +10132,22 @@ CVE-2012-2667
 	NOTE: http://trac.symfony-project.org/changeset/33466?format=diff&new=33466
 CVE-2012-2666
 	RESERVED
-CVE-2012-2665
+CVE-2012-2665 (Multiple heap-based buffer overflows in the XML manifest encryption ta ...)
 	{DSA-2520-1}
 	- libreoffice 1:3.5.4-7
 	- openoffice.org 1:3.3.0-1
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package
-CVE-2012-2664
+CVE-2012-2664 (The sosreport utility in the Red Hat sos package before 2.2-29 does no ...)
 	NOT-FOR-US: sosreport (Red Hat tool)
-CVE-2012-2663
+CVE-2012-2663 (extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP S ...)
 	- iptables <unfixed> (unimportant; bug #675445)
-CVE-2012-2662
+CVE-2012-2662 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certifi ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2012-2661
+CVE-2012-2661 (The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1. ...)
 	- rails <not-affected> (Doesn't affects RoR in Squeeze)
 	- ruby-activerecord-3.2 3.2.6-1 (bug #675396; bug #675429)
 	NOTE: http://seclists.org/oss-sec/2012/q2/448
-CVE-2012-2660
+CVE-2012-2660 (actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before ...)
 	- ruby-activerecord-3.2 3.2.6-1 (bug #675429)
 	NOTE: http://seclists.org/oss-sec/2012/q2/449
 CVE-2012-2659
@@ -10161,17 +10161,17 @@ CVE-2012-2657
 CVE-2012-2656 [XXE vulnerability in Restlet]
 	RESERVED
 	- restlet <itp> (bug #596472)
-CVE-2012-2655
+CVE-2012-2655 (PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0. ...)
 	{DSA-2491-1}
 	- postgresql-9.1 9.1.4-1
 	- postgresql-8.4 8.4.12-1
-CVE-2012-2654
+CVE-2012-2654 (The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2 ...)
 	- nova 2012.1-6 (bug #676465)
-CVE-2012-2653
+CVE-2012-2653 (arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly othe ...)
 	{DSA-2481-1}
 	- arpwatch 2.1a15-1.2 (bug #674715)
 	NOTE: Debian build includes the vulnerable patch (in .diff.gz)
-CVE-2012-2652
+CVE-2012-2652 (The bdrv_open function in Qemu 1.0 does not properly handle the failur ...)
 	{DSA-2545-1 DSA-2542-1}
 	- qemu 1.1.0+dfsg-1 (bug #678280)
 	- qemu-kvm 1.1.0+dfsg-1
@@ -10179,64 +10179,64 @@ CVE-2012-2651
 	RESERVED
 CVE-2012-2650
 	RESERVED
-CVE-2012-2649
+CVE-2012-2649 (The Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile  ...)
 	NOT-FOR-US: Sleipnir Mobile
-CVE-2012-2648
+CVE-2012-2648 (Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 an ...)
 	NOT-FOR-US: GoodReader
-CVE-2012-2647
+CVE-2012-2647 (Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote ...)
 	NOT-FOR-US: Yahoo! Toolbar
-CVE-2012-2646
+CVE-2012-2646 (The Sleipnir Mobile application before 2.1.0 and Sleipnir Mobile Black ...)
 	NOT-FOR-US: Sleipnir Mobile
-CVE-2012-2645
+CVE-2012-2645 (The Yahoo! Japan Yahoo! Browser application 1.2.0 and earlier for Andr ...)
 	NOT-FOR-US: The Yahoo! Japan Yahoo! Browser application
-CVE-2012-2644
+CVE-2012-2644 (Cross-site scripting (XSS) vulnerability in the MT4i plugin 3.1 beta 4 ...)
 	NOT-FOR-US: Movable Type MT4i plugin
-CVE-2012-2643
+CVE-2012-2643 (Cross-site scripting (XSS) vulnerability in KENT-WEB YY-BOARD before 6 ...)
 	NOT-FOR-US: KENT-WEB YY-BOARD
-CVE-2012-2642
+CVE-2012-2642 (Cross-site scripting (XSS) vulnerability in the MT4i plugin 3.1 beta 4 ...)
 	NOT-FOR-US: Movable Type MT4i plugin
-CVE-2012-2641
+CVE-2012-2641 (Cross-site scripting (XSS) vulnerability in Zenphoto before 1.4.3 allo ...)
 	NOT-FOR-US: Zenphoto
-CVE-2012-2640
+CVE-2012-2640 (The NEC BIGLOBE Yome Collection application 1.8.3 and earlier for Andr ...)
 	NOT-FOR-US: The NEC BIGLOBE Yome Collection
 CVE-2012-2639
 	REJECTED
-CVE-2012-2638
+CVE-2012-2638 (Cross-site scripting (XSS) vulnerability in SmallPICT.cgi in SmallPICT ...)
 	NOT-FOR-US: SmallPICT
-CVE-2012-2637
+CVE-2012-2637 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 an ...)
 	NOT-FOR-US: KENT-WEB WEB PATIO
-CVE-2012-2636
+CVE-2012-2636 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 an ...)
 	NOT-FOR-US: KENT-WEB WEB PATIO
-CVE-2012-2635
+CVE-2012-2635 (The Dolphin Browser HD application before 7.6 and Dolphin for Pad appl ...)
 	NOT-FOR-US: Dolphin
-CVE-2012-2634
+CVE-2012-2634 (Cross-site scripting (XSS) vulnerability in FeedDemon before 4.0, when ...)
 	NOT-FOR-US: FeedDemon
-CVE-2012-2633
+CVE-2012-2633 (Cross-site scripting (XSS) vulnerability in wassup.php in the WassUp p ...)
 	NOT-FOR-US: WassUp
-CVE-2012-2632
+CVE-2012-2632 (SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 th ...)
 	NOT-FOR-US: SEIL routers
-CVE-2012-2631
+CVE-2012-2631 (Cross-site scripting (XSS) vulnerability in WEBLOGIC @WEB ShoppingCart ...)
 	NOT-FOR-US: WEBLOGIC
-CVE-2012-2630
+CVE-2012-2630 (The Puella Magi Madoka Magica iP application 1.05 and earlier for Andr ...)
 	NOT-FOR-US: Puella Magi Madoka Magica iP (Android application)
 CVE-2012-2629
 	RESERVED
 CVE-2012-2628
 	RESERVED
-CVE-2012-2627
+CVE-2012-2627 (d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell So ...)
 	NOT-FOR-US: Plixer Scrutinizer
-CVE-2012-2626
+CVE-2012-2626 (cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell S ...)
 	NOT-FOR-US: Plixer Scrutinizer
-CVE-2012-2625
+CVE-2012-2625 (The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1a ...)
 	{DSA-2636-1}
 	- xen 4.1.3-4 (low; bug #688125)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2625
-CVE-2012-2624
+CVE-2012-2624 (Stack-based buffer overflow in Logica HotScan allows remote attackers  ...)
 	NOT-FOR-US: Logica HotScan
 CVE-2012-XXXX [two XSS]
 	- spip 2.1.14-1 (low; bug #672961)
 	[squeeze] - spip 2.1.1-3squeeze4
-CVE-2012-1675
+CVE-2012-1675 (The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, a ...)
 	NOT-FOR-US: Oracle Database
 CVE-2012-2623
 	RESERVED
@@ -10246,7 +10246,7 @@ CVE-2012-2621
 	RESERVED
 CVE-2012-2620
 	RESERVED
-CVE-2012-2619
+CVE-2012-2619 (The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, ...)
 	- firmware-nonfree <not-affected> (Affects different chipset combination, see bug #694716)
 CVE-2012-2618
 	RESERVED
@@ -10256,13 +10256,13 @@ CVE-2012-2616
 	RESERVED
 CVE-2012-2615
 	REJECTED
-CVE-2012-2614
+CVE-2012-2614 (Buffer overflow in programmer.exe in Lattice Diamond Programmer 1.4.2  ...)
 	NOT-FOR-US: Lattice Diamond Programmer
 CVE-2012-2613
 	RESERVED
-CVE-2012-2612
+CVE-2012-2612 (The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.7 ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-2611
+CVE-2012-2611 (The DiagTraceR3Info function in the Dialog processor in disp+work.exe  ...)
 	NOT-FOR-US: SAP NetWeaver
 CVE-2012-2610
 	RESERVED
@@ -10270,136 +10270,136 @@ CVE-2012-2609
 	RESERVED
 CVE-2012-2608
 	RESERVED
-CVE-2012-2607
+CVE-2012-2607 (The Johnson Controls CK721-A controller with firmware before SSM4388_0 ...)
 	NOT-FOR-US: The Johnson Controls CK721-A
-CVE-2012-2606
+CVE-2012-2606 (The agent in Bradford Network Sentry before 5.3.3 does not require aut ...)
 	NOT-FOR-US: Bradford Network Sentry
-CVE-2012-2605
+CVE-2012-2605 (Multiple cross-site request forgery (CSRF) vulnerabilities in the admi ...)
 	NOT-FOR-US: Bradford Network Sentry
-CVE-2012-2604
+CVE-2012-2604 (Multiple cross-site scripting (XSS) vulnerabilities in GuestAccess.jsp ...)
 	NOT-FOR-US: Bradford Network Sentry
-CVE-2012-2603
+CVE-2012-2603 (The server in CollabNet ScrumWorks Pro before 6.0 allows remote authen ...)
 	NOT-FOR-US: CollabNet ScrumWorks Pro
-CVE-2012-2602
+CVE-2012-2602 (Multiple cross-site request forgery (CSRF) vulnerabilities in SolarWin ...)
 	NOT-FOR-US: SolarWinds Orion Network Performance Monitor
-CVE-2012-2601
+CVE-2012-2601 (SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch WhatsU ...)
 	NOT-FOR-US: Ipswitch WhatsUp Gold
 CVE-2012-2600
 	RESERVED
 CVE-2012-2599
 	RESERVED
-CVE-2012-2598
+CVE-2012-2598 (Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 t ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2012-2597
+CVE-2012-2597 (Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3  ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2012-2596
+CVE-2012-2596 (The XPath functionality in unspecified web applications in Siemens Win ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2012-2595
+CVE-2012-2595 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified web ...)
 	NOT-FOR-US: Siemens WinCC
 CVE-2012-2594
 	RESERVED
 CVE-2012-2593
 	RESERVED
-CVE-2012-2592
+CVE-2012-2592 (Cross-site scripting (XSS) vulnerability in Axigen Mail Server 8.0.1 a ...)
 	NOT-FOR-US: AXIGEN Mail Server
-CVE-2012-2591
+CVE-2012-2591 (Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect  ...)
 	NOT-FOR-US: EmailArchitect
-CVE-2012-2590
+CVE-2012-2590 (Multiple cross-site scripting (XSS) vulnerabilities in ESCON SupportPo ...)
 	NOT-FOR-US: ESCON SupportPortal Professional Edition
 CVE-2012-2589
 	REJECTED
-CVE-2012-2588
+CVE-2012-2588 (Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Ente ...)
 	NOT-FOR-US: MailEnable Enterprise
-CVE-2012-2587
+CVE-2012-2587 (Multiple cross-site scripting (XSS) vulnerabilities in AfterLogic Mail ...)
 	NOT-FOR-US: AfterLogic MailSuite Pro
-CVE-2012-2586
+CVE-2012-2586 (Multiple cross-site scripting (XSS) vulnerabilities in Mailtraq 2.17.3 ...)
 	NOT-FOR-US: Mailtraq
-CVE-2012-2585
+CVE-2012-2585 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Se ...)
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2012-2584
+CVE-2012-2584 (Multiple cross-site scripting (XSS) vulnerabilities in Alt-N MDaemon F ...)
 	NOT-FOR-US: Alt-N MDaemon Free
-CVE-2012-2583
+CVE-2012-2583 (Cross-site scripting (XSS) vulnerability in Mini Mail Dashboard Widget ...)
 	NOT-FOR-US: WordPress plugin Mini Mail Dashboard Widget
-CVE-2012-2582
+CVE-2012-2582 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Req ...)
 	{DSA-2536-1}
 	- otrs2 3.1.7+dfsg1-4
 CVE-2012-2581
 	RESERVED
-CVE-2012-2580
+CVE-2012-2580 (Cross-site scripting (XSS) vulnerability in the Postie plugin 1.4.3, a ...)
 	NOT-FOR-US: WordPress plugin Postie
-CVE-2012-2579
+CVE-2012-2579 (Multiple cross-site scripting (XSS) vulnerabilities in the WP SimpleMa ...)
 	NOT-FOR-US: WordPress plugin SimpleMail
-CVE-2012-2578
+CVE-2012-2578 (Multiple cross-site scripting (XSS) vulnerabilities in SmarterMail 9.2 ...)
 	NOT-FOR-US: SmarterMail
-CVE-2012-2577
+CVE-2012-2577 (Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orio ...)
 	NOT-FOR-US: SolarWinds Orion Network Performance Monitor
-CVE-2012-2576
+CVE-2012-2576 (SQL injection vulnerability in the LoginServlet page in SolarWinds Sto ...)
 	NOT-FOR-US: SolarWinds
-CVE-2012-2575
+CVE-2012-2575 (Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 6.0a4 all ...)
 	NOT-FOR-US: NetWin SurgeMail
-CVE-2012-2574
+CVE-2012-2574 (SQL injection vulnerability in the management console in Symantec Web  ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2573
+CVE-2012-2573 (Multiple cross-site scripting (XSS) vulnerabilities in T-dah WebMail 3 ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2572
+CVE-2012-2572 (Cross-site scripting (XSS) vulnerability in the ThreeWP Email Reflecto ...)
 	NOT-FOR-US: WordPress plugin ThreeWP Email Reflector
-CVE-2012-2571
+CVE-2012-2571 (Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail Serv ...)
 	NOT-FOR-US: WinWebMail
-CVE-2012-2570
+CVE-2012-2570 (Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart ...)
 	NOT-FOR-US: X-Cart Gold
-CVE-2012-2569
+CVE-2012-2569 (Cross-site scripting (XSS) vulnerability in Synametrics Technologies X ...)
 	NOT-FOR-US: Synametrics Technologies Xeams
-CVE-2012-2568
+CVE-2012-2568 (d41d8cd98f00b204e9800998ecf8427e.php in the management web server on t ...)
 	NOT-FOR-US: Seagate BlackArmor
-CVE-2012-2567
+CVE-2012-2567 (The Xelex MobileTrack application 2.3.7 and earlier for Android uses h ...)
 	NOT-FOR-US: Xelex MobileTrack application
-CVE-2012-2566
+CVE-2012-2566 (Bloxx Web Filtering before 5.0.14 does not properly interpret X-Forwar ...)
 	NOT-FOR-US: Bloxx Web Filtering
-CVE-2012-2565
+CVE-2012-2565 (Bloxx Web Filtering before 5.0.14 does not use a salt during calculati ...)
 	NOT-FOR-US: Bloxx Web Filtering
-CVE-2012-2564
+CVE-2012-2564 (Multiple cross-site request forgery (CSRF) vulnerabilities in the admi ...)
 	NOT-FOR-US: Bloxx Web Filtering
-CVE-2012-2563
+CVE-2012-2563 (Multiple cross-site scripting (XSS) vulnerabilities in Bloxx Web Filte ...)
 	NOT-FOR-US: Bloxx Web Filtering
-CVE-2012-2562
+CVE-2012-2562 (The Xelex MobileTrack application 2.3.7 and earlier for Android does n ...)
 	NOT-FOR-US: Xelex MobileTrack application
-CVE-2012-2561
+CVE-2012-2561 (HP Business Service Management (BSM) 9.12 does not properly restrict t ...)
 	NOT-FOR-US: HP Business Service Management
-CVE-2012-2560
+CVE-2012-2560 (Directory traversal vulnerability in WellinTech KingView 6.53 allows r ...)
 	NOT-FOR-US: WellinTech KingView
-CVE-2012-2559
+CVE-2012-2559 (WellinTech KingHistorian 3.0 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: WellinTech KingHistorian
 CVE-2012-2558
 	RESERVED
-CVE-2012-2557
+CVE-2012-2557 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2012-2556
+CVE-2012-2556 (The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-2555
 	REJECTED
 CVE-2012-2554
 	REJECTED
-CVE-2012-2553
+CVE-2012-2553 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-2552
+CVE-2012-2552 (Cross-site scripting (XSS) vulnerability in the SQL Server Report Mana ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2012-2551
+CVE-2012-2551 (The server in Kerberos in Microsoft Windows Server 2008 R2 and R2 SP1, ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2012-2550
+CVE-2012-2550 (Microsoft Works 9 allows remote attackers to execute arbitrary code or ...)
 	NOT-FOR-US: Microsoft Works
-CVE-2012-2549
+CVE-2012-2549 (The IP-HTTPS server in Windows Server 2008 R2 and R2 SP1 and Server 20 ...)
 	NOT-FOR-US: Windows Server
-CVE-2012-2548
+CVE-2012-2548 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows r ...)
 	NOT-FOR-US: Internet Explorer
 CVE-2012-2547
 	REJECTED
-CVE-2012-2546
+CVE-2012-2546 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows r ...)
 	NOT-FOR-US: Internet Explorer
 CVE-2012-2545
 	REJECTED
 CVE-2012-2544
 	REJECTED
-CVE-2012-2543
+CVE-2012-2543 (Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 20 ...)
 	NOT-FOR-US: Microsoft Excel
 CVE-2012-2542
 	REJECTED
@@ -10407,13 +10407,13 @@ CVE-2012-2541
 	REJECTED
 CVE-2012-2540
 	REJECTED
-CVE-2012-2539
+CVE-2012-2539 (Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer;  ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2012-2538
 	REJECTED
 CVE-2012-2537
 	REJECTED
-CVE-2012-2536
+CVE-2012-2536 (Cross-site scripting (XSS) vulnerability in Microsoft Systems Manageme ...)
 	NOT-FOR-US: Microsoft Systems Management Server
 CVE-2012-2535
 	REJECTED
@@ -10421,49 +10421,49 @@ CVE-2012-2534
 	REJECTED
 CVE-2012-2533
 	REJECTED
-CVE-2012-2532
+CVE-2012-2532 (Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (I ...)
 	NOT-FOR-US: Microsoft FTP Service
-CVE-2012-2531
+CVE-2012-2531 (Microsoft Internet Information Services (IIS) 7.5 uses weak permission ...)
 	NOT-FOR-US: Microsoft IIS
-CVE-2012-2530
+CVE-2012-2530 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-2529
+CVE-2012-2529 (Integer overflow in the kernel in Microsoft Windows XP SP2 and SP3, Wi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-2528
+CVE-2012-2528 (Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and  ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2012-2527
+CVE-2012-2527 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-2526
+CVE-2012-2526 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-2525
 	REJECTED
-CVE-2012-2524
+CVE-2012-2524 (Microsoft Office 2007 SP2 and SP3 and 2010 SP1 allows remote attackers ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2012-2523
+CVE-2012-2523 (Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8,  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-2522
+CVE-2012-2522 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-2521
+CVE-2012-2521 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-2520
+CVE-2012-2520 (Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 SP ...)
 	NOT-FOR-US: Microsoft Infopath
-CVE-2012-2519
+CVE-2012-2519 (Untrusted search path vulnerability in Entity Framework in ADO.NET in  ...)
 	NOT-FOR-US: Microsoft .NET framework
 CVE-2012-2518
 	REJECTED
 CVE-2012-2517
 	RESERVED
-CVE-2012-2516
+CVE-2012-2516 (An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the  ...)
 	NOT-FOR-US: KeyWorks not in Debian
-CVE-2012-2515
+CVE-2012-2515 (Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX ...)
 	NOT-FOR-US: KeyWorks not in Debian
-CVE-2012-2514
+CVE-2012-2514 (The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 72 ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-2513
+CVE-2012-2513 (The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.1 ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-2512
+CVE-2012-2512 (The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 72 ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-2511
+CVE-2012-2511 (The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200 ...)
 	NOT-FOR-US: SAP NetWeaver
 CVE-2012-2510
 	RESERVED
@@ -10485,35 +10485,35 @@ CVE-2012-2502
 	RESERVED
 CVE-2012-2501
 	RESERVED
-CVE-2012-2500
+CVE-2012-2500 (Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not  ...)
 	NOT-FOR-US: Cisco
-CVE-2012-2499
+CVE-2012-2499 (The IPsec implementation in Cisco AnyConnect Secure Mobility Client 3. ...)
 	NOT-FOR-US: Cisco
-CVE-2012-2498
+CVE-2012-2498 (Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ...)
 	NOT-FOR-US: Cisco
 CVE-2012-2497
 	REJECTED
-CVE-2012-2496
+CVE-2012-2496 (A certain Java applet in the VPN downloader implementation in the WebL ...)
 	NOT-FOR-US: Cisco
-CVE-2012-2495
+CVE-2012-2495 (The HostScan downloader implementation in Cisco AnyConnect Secure Mobi ...)
 	NOT-FOR-US: Cisco
-CVE-2012-2494
+CVE-2012-2494 (The VPN downloader implementation in the WebLaunch feature in Cisco An ...)
 	NOT-FOR-US: Cisco
-CVE-2012-2493
+CVE-2012-2493 (The VPN downloader implementation in the WebLaunch feature in Cisco An ...)
 	NOT-FOR-US: Cisco
 CVE-2012-2492
 	RESERVED
 CVE-2012-2491
 	RESERVED
-CVE-2012-2490
+CVE-2012-2490 (Cisco IP Communicator 8.6 allows man-in-the-middle attackers to modify ...)
 	NOT-FOR-US: Cisco
 CVE-2012-2489
 	RESERVED
-CVE-2012-2488
+CVE-2012-2488 (Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series de ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-2487
 	RESERVED
-CVE-2012-2486
+CVE-2012-2486 (The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresenc ...)
 	NOT-FOR-US: Cisco Telepresence
 CVE-2012-2485
 	RESERVED
@@ -10537,17 +10537,17 @@ CVE-2012-2476
 	RESERVED
 CVE-2012-2475
 	RESERVED
-CVE-2012-2474
+CVE-2012-2474 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series de ...)
 	NOT-FOR-US: Cisco
 CVE-2012-2473
 	RESERVED
-CVE-2012-2472
+CVE-2012-2472 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco
 CVE-2012-2471
 	RESERVED
 CVE-2012-2470
 	RESERVED
-CVE-2012-2469
+CVE-2012-2469 (Cisco NX-OS 4.2, 5.0, 5.1, and 5.2 on Nexus 7000 series switches, when ...)
 	NOT-FOR-US: Cisco
 CVE-2012-2468
 	RESERVED
@@ -10567,7 +10567,7 @@ CVE-2012-2461
 	RESERVED
 CVE-2012-2460
 	RESERVED
-CVE-2012-2459
+CVE-2012-2459 (Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.6, 0.5 ...)
 	- bitcoin 0.6.2.1-1
 	NOTE: https://bitcointalk.org/index.php?topic=81749.0
 CVE-2012-2458
@@ -10576,7 +10576,7 @@ CVE-2012-2457
 	RESERVED
 CVE-2012-2456
 	REJECTED
-CVE-2012-2455
+CVE-2012-2455 (Advanced Productivity Software DTE Axiom before 12.3.3 does not valida ...)
 	NOT-FOR-US: Advanced Productivity Software DTE Axiom
 CVE-2012-2454
 	RESERVED
@@ -10584,17 +10584,17 @@ CVE-2012-2453
 	RESERVED
 CVE-2012-2452
 	RESERVED
-CVE-2012-2450
+CVE-2012-2450 (VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, V ...)
 	NOT-FOR-US: VMware
-CVE-2012-2449
+CVE-2012-2449 (VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, V ...)
 	NOT-FOR-US: VMware
-CVE-2012-2448
+CVE-2012-2448 (VMware ESXi 3.5 through 5.0 and ESX 3.5 through 4.1 allow remote attac ...)
 	NOT-FOR-US: VMware
-CVE-2012-2447
+CVE-2012-2447 (Cross-site request forgery (CSRF) vulnerability in accountmgr/adminupd ...)
 	NOT-FOR-US: Netsweeper WebAdmin Portal
-CVE-2012-2446
+CVE-2012-2446 (Cross-site scripting (XSS) vulnerability in tools/local_lookup.php in  ...)
 	NOT-FOR-US: Netsweeper WebAdmin Portal
-CVE-2012-2451
+CVE-2012-2451 (The Config::IniFiles module before 2.71 for Perl creates temporary fil ...)
 	- libconfig-inifiles-perl 2.72-1 (bug #671255; low)
 	[squeeze] - libconfig-inifiles-perl 2.52-1+squeeze1
 	NOTE: https://bitbucket.org/shlomif/perl-config-inifiles/changeset/a08fa26f4f59
@@ -10605,21 +10605,21 @@ CVE-2012-2444
 	RESERVED
 CVE-2012-2443
 	RESERVED
-CVE-2012-2442
+CVE-2012-2442 (Buffer overflow in the Video Manager in Nokia PC Suite 7.1.180.64 and  ...)
 	NOT-FOR-US: Nokia PC Suite
-CVE-2012-2441
+CVE-2012-2441 (RuggedCom Rugged Operating System (ROS) before 3.3 has a factory accou ...)
 	NOT-FOR-US: RuggedCom Rugged Operating System
-CVE-2012-2440
+CVE-2012-2440 (The default configuration of the TP-Link 8840T router enables web-base ...)
 	NOT-FOR-US: TP-Link router
-CVE-2012-2439
+CVE-2012-2439 (The default configuration of the NETGEAR ProSafe FVS318N firewall enab ...)
 	NOT-FOR-US: NETGEAR appliance
-CVE-2012-2438
+CVE-2012-2438 (ar web content manager (AWCM) 2.2 does not restrict the number of comm ...)
 	NOT-FOR-US: ar web content manager
-CVE-2012-2437
+CVE-2012-2437 (cookie_gen.php in ar web content manager (AWCM) 2.2 does not require a ...)
 	NOT-FOR-US: ar web content manager
-CVE-2012-2436
+CVE-2012-2436 (Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS befor ...)
 	NOT-FOR-US: Pligg
-CVE-2012-2435
+CVE-2012-2435 (Directory traversal vulnerability in the captcha module in Pligg CMS b ...)
 	NOT-FOR-US: Pligg
 CVE-2012-2434
 	RESERVED
@@ -10631,100 +10631,100 @@ CVE-2012-2431
 	RESERVED
 CVE-2012-2430
 	RESERVED
-CVE-2012-2429
+CVE-2012-2429 (The server in xArrow before 3.4.1 performs an invalid read operation,  ...)
 	NOT-FOR-US: xArrow
-CVE-2012-2428
+CVE-2012-2428 (Integer overflow in the server in xArrow before 3.4.1 allows remote at ...)
 	NOT-FOR-US: xArrow
-CVE-2012-2427
+CVE-2012-2427 (Heap-based buffer overflow in the server in xArrow before 3.4.1 allows ...)
 	NOT-FOR-US: xArrow
-CVE-2012-2426
+CVE-2012-2426 (The server in xArrow before 3.4.1 does not properly allocate memory, w ...)
 	NOT-FOR-US: xArrow
-CVE-2012-2425
+CVE-2012-2425 (The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) han ...)
 	NOT-FOR-US: Intuit
-CVE-2012-2424
+CVE-2012-2424 (The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) han ...)
 	NOT-FOR-US: Intuit
-CVE-2012-2423
+CVE-2012-2423 (The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) han ...)
 	NOT-FOR-US: Intuit
-CVE-2012-2422
+CVE-2012-2422 (Intuit QuickBooks 2009 through 2012 might allow remote attackers to ob ...)
 	NOT-FOR-US: Intuit
-CVE-2012-2421
+CVE-2012-2421 (Absolute path traversal vulnerability in the intu-help-qb (aka Intuit  ...)
 	NOT-FOR-US: Intuit
-CVE-2012-2420
+CVE-2012-2420 (The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) han ...)
 	NOT-FOR-US: Intuit
-CVE-2012-2419
+CVE-2012-2419 (Memory leak in the intu-help-qb (aka Intuit Help System Async Pluggabl ...)
 	NOT-FOR-US: Intuit
-CVE-2012-2418
+CVE-2012-2418 (Heap-based buffer overflow in the intu-help-qb (aka Intuit Help System ...)
 	NOT-FOR-US: Intuit
-CVE-2012-2417
+CVE-2012-2417 (PyCrypto before 2.6 does not produce appropriate prime numbers when us ...)
 	{DSA-2502-1}
 	- python-crypto 2.6-1
 	NOTE: https://bugs.launchpad.net/pycrypto/+bug/985164
-CVE-2012-2413
+CVE-2012-2413 (Cross-site scripting (XSS) vulnerability in the ja_purity template for ...)
 	NOT-FOR-US: Joomla template
 CVE-2012-2412
 	RESERVED
-CVE-2012-2411
+CVE-2012-2411 (Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and RealP ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2012-2410
+CVE-2012-2410 (Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlaye ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2012-2409
+CVE-2012-2409 (Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlaye ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2012-2408
+CVE-2012-2408 (The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2012-2407
+CVE-2012-2407 (Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlaye ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2012-2406
+CVE-2012-2406 (RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 throug ...)
 	NOT-FOR-US: RealPlayer
-CVE-2012-2405
+CVE-2012-2405 (Gallery 2 before 2.3.2 and 3 before 3.0.3 does not properly implement  ...)
 	- gallery2 <removed>
-CVE-2012-2404
+CVE-2012-2404 (wp-comments-post.php in WordPress before 3.3.2 supports offsite redire ...)
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2403
+CVE-2012-2403 (wp-includes/formatting.php in WordPress before 3.3.2 attempts to enabl ...)
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2402
+CVE-2012-2402 (wp-admin/plugins.php in WordPress before 3.3.2 allows remote authentic ...)
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2401
+CVE-2012-2401 (Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPres ...)
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2400
+CVE-2012-2400 (Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress  ...)
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2399
+CVE-2012-2399 (Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFupload ...)
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2416
+CVE-2012-2416 (chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x bef ...)
 	- asterisk 1:1.8.11.1~dfsg-1 (bug #670180)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2012-2415
+CVE-2012-2415 (Heap-based buffer overflow in chan_skinny.c in the Skinny channel driv ...)
 	{DSA-2460-1}
 	- asterisk 1:1.8.11.1~dfsg-1 (bug #670180)
-CVE-2012-2414
+CVE-2012-2414 (main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2. ...)
 	{DSA-2460-1}
 	- asterisk 1:1.8.11.1~dfsg-1 (bug #670180)
-CVE-2012-2398
+CVE-2012-2398 (Cross-site scripting (XSS) vulnerability in files/ajax/download.php in ...)
 	- owncloud 3.0.3-1
-CVE-2012-2397
+CVE-2012-2397 (Cross-site request forgery (CSRF) vulnerability in ownCloud before 3.0 ...)
 	- owncloud 3.0.3-1
-CVE-2012-2396
+CVE-2012-2396 (VideoLAN VLC media player 2.0.1 allows remote attackers to cause a den ...)
 	- vlc <not-affected> (Not used, see bug #671727)
 	- taglib 1.7.2-1 (unimportant)
-CVE-2012-2395
+CVE-2012-2395 (Incomplete blacklist vulnerability in action_power.py in Cobbler 2.2.0 ...)
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2012-2394
+CVE-2012-2394 (Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and  ...)
 	- wireshark 1.6.8-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7221
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=824419
-CVE-2012-2393
+CVE-2012-2393 (epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wiresha ...)
 	- wireshark 1.6.8-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2012-09.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7133
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=824413
-CVE-2012-2392
+CVE-2012-2392 (Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote att ...)
 	- wireshark 1.6.8-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805 Squeeze: vulnerable code not present
@@ -10738,122 +10738,122 @@ CVE-2012-2392
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=824411
 CVE-2012-2391
 	REJECTED
-CVE-2012-2390
+CVE-2012-2390 (Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows lo ...)
 	- linux 3.2.19-1 (low)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-46
-CVE-2012-2389
+CVE-2012-2389 (hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permi ...)
 	- hostapd <not-affected> (Debian package provides no default config file)
 	- wpa <not-affected> (Debian package provides no default config file)
-CVE-2012-2388
+CVE-2012-2388 (The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attacke ...)
 	{DSA-2483-1}
 	- strongswan 4.5.2-1.4
-CVE-2012-2387
+CVE-2012-2387 (devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random nu ...)
 	- devotee <itp> (bug #470995)
-CVE-2012-2386
+CVE-2012-2386 (Integer overflow in the phar_parse_tarfile function in tar.c in the ph ...)
 	{DSA-2492-1}
 	- php5 5.4.4~rc1-1
-CVE-2012-2385
+CVE-2012-2385 (The terminal dispatcher in mosh before 1.2.1 allows remote authenticat ...)
 	- mosh 1.2.1-1 (low; bug #673871)
 	[squeeze] - mosh 1.2.1-1 (low; bug #673871)
 	NOTE: https://github.com/keithw/mosh/issues/271
 	NOTE: https://github.com/keithw/mosh/commit/9791768705528e911bfca6c4d8aa88139035060e
-CVE-2012-2384
+CVE-2012-2384 (Integer overflow in the i915_gem_do_execbuffer function in drivers/gpu ...)
 	- linux-2.6 3.2.17-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-2383
+CVE-2012-2383 (Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/d ...)
 	- linux-2.6 3.2.17-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2012-2382
 	REJECTED
-CVE-2012-2381
+CVE-2012-2381 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller b ...)
 	NOT-FOR-US: Apache Roller
-CVE-2012-2380
+CVE-2012-2380 (Multiple cross-site request forgery (CSRF) vulnerabilities in the admi ...)
 	NOT-FOR-US: Apache Roller
-CVE-2012-2379
+CVE-2012-2379 (Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2. ...)
 	NOT-FOR-US: Apache CXF
-CVE-2012-2378
+CVE-2012-2378 (Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before  ...)
 	NOT-FOR-US: Apache CXF
-CVE-2012-2377
+CVE-2012-2377 (JGroups diagnostics service in JBoss Enterprise Portal Platform before ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-2376
+CVE-2012-2376 (Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and ea ...)
 	- php5 <not-affected> (Windows-specific vulnerability)
-CVE-2012-2375
+CVE-2012-2375 (The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 ...)
 	- linux 3.2.19-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Incomplete patch was not released)
-CVE-2012-2374
+CVE-2012-2374 (CRLF injection vulnerability in the tornado.web.RequestHandler.set_hea ...)
 	- python-tornado 2.1.0-3 (low; bug #673987)
 	[squeeze] - python-tornado <not-affected> (Vulnerable code not present)
-CVE-2012-2373
+CVE-2012-2373 (The Linux kernel before 3.4.5 on the x86 platform, when Physical Addre ...)
 	- linux-2.6 3.2.19-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-2372
+CVE-2012-2372 (The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram ...)
 	- linux 3.11.10-1 (unimportant)
 	[wheezy] - linux 3.2.53-1
 	NOTE: rds is not included in distributed kernel images, only marked as "experimental"
-CVE-2012-2371
+CVE-2012-2371 (Cross-site scripting (XSS) vulnerability in index.php in the WP-FaceTh ...)
 	NOT-FOR-US: WP-FaceThumb plugin for WordPress
-CVE-2012-2370
+CVE-2012-2370 (Multiple integer overflows in the read_bitmap_file_data function in io ...)
 	- gdk-pixbuf 2.26.1-1 (low)
-CVE-2012-2369
+CVE-2012-2369 (Format string vulnerability in the log_message_cb function in otr-plug ...)
 	{DSA-2476-1}
 	- pidgin-otr 3.2.1-1 (medium; bug #673154)
 	NOTE: libotr not affected
-CVE-2012-2368
+CVE-2012-2368 (Bytemark Symbiosis before Revision 1322 does not properly validate pas ...)
 	NOT-FOR-US: Bytemark Symbiosis
-CVE-2012-2367
+CVE-2012-2367 (Moodle 1.9.x before 1.9.18, 2.0.x before 2.0.9, 2.1.x before 2.1.6, an ...)
 	- moodle 2.2.3.dfsg-1 (low; bug #674163)
 	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze4
-CVE-2012-2366
+CVE-2012-2366 (mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2. ...)
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-2365
+CVE-2012-2365 (Cross-site scripting (XSS) vulnerability in Moodle 2.0.x before 2.0.9, ...)
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-2364
+CVE-2012-2364 (Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle  ...)
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-2363
+CVE-2012-2363 (SQL injection vulnerability in calendar/event.php in the calendar impl ...)
 	- moodle 2.0-1 (bug #674163)
 	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze4
 	NOTE: Only affects Moodle 1.9.x
-CVE-2012-2362
+CVE-2012-2362 (Cross-site scripting (XSS) vulnerability in blog/lib.php in the blog i ...)
 	- moodle 2.0-1 (bug #674163)
 	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze4
 	NOTE: Only affects Moodle 1.9.x
-CVE-2012-2361
+CVE-2012-2361 (Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php ...)
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-2360
+CVE-2012-2360 (Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Mood ...)
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-2359
+CVE-2012-2359 (admin/roles/override.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2. ...)
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-2358
+CVE-2012-2358 (Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3  ...)
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-2357
+CVE-2012-2357 (The Multi-Authentication feature in the Central Authentication Service ...)
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-2356
+CVE-2012-2356 (The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x ...)
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-2355
+CVE-2012-2355 (Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authent ...)
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-2354
+CVE-2012-2354 (Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authent ...)
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-2353
+CVE-2012-2353 (Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authent ...)
 	- moodle 2.2.3.dfsg-1 (bug #674163)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-2352
+CVE-2012-2352 (The archive management (arc_manage) page in wwsympa/wwsympa.fcgi.in in ...)
 	{DSA-2477-1}
 	- sympa 6.1.11~dfsg-1 (bug #672893; high)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/12/8
-CVE-2012-2351
+CVE-2012-2351 (The default configuration of the auth/saml plugin in Mahara before 1.4 ...)
 	{DSA-2467-1}
 	- mahara 1.4.2-1
 CVE-2012-2350 [pam_shield default configuration does not take any action]
@@ -10876,205 +10876,205 @@ CVE-2012-2343
 	REJECTED
 CVE-2012-2342
 	REJECTED
-CVE-2012-2341
+CVE-2012-2341 (Cross-site request forgery (CSRF) vulnerability in the Take Control mo ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/10/6
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/11/2
 	NOT-FOR-US: Drupal Take Control
-CVE-2012-2340
+CVE-2012-2340 (The Contact Forms module 7.x-1.x before 7.x-1.2 for Drupal does not sp ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/10/6
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/11/2
 	NOT-FOR-US: Drupal Contact Forms
-CVE-2012-2339
+CVE-2012-2339 (Cross-site scripting (XSS) vulnerability in the Glossary module 6.x-1. ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/10/6
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/11/2
 	NOT-FOR-US: Drupal Glossary
-CVE-2012-2338
+CVE-2012-2338 (SQL injection vulnerability in includes/picture.class.php in Galette 0 ...)
 	NOT-FOR-US: Galette
 	NOTE: http://redmine.ulysses.fr/issues/250
 	NOTE: http://redmine.ulysses.fr/projects/galette/repository/revisions/8c13ec159ba
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/10/5
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/11/1
-CVE-2012-2337
+CVE-2012-2337 (sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does no ...)
 	{DSA-2478-1}
 	- sudo 1.8.3p2-1.1 (bug #673766)
-CVE-2012-2336
+CVE-2012-2336 (sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when  ...)
 	- php5 5.4.3 (unimportant)
 	NOTE: Rather harmless bug
-CVE-2012-2335
+CVE-2012-2335 (php-wrapper.fcgi does not properly handle command-line arguments, whic ...)
 	NOT-FOR-US: Incomplete wrapper provided by PHP as workaround for CVE-2012-1823/CVE-2012-2311
-CVE-2012-2334
+CVE-2012-2334 (Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice. ...)
 	{DSA-2487-1}
 	- libreoffice 1:3.5.2~rc2-1
 	- openoffice.org 1:3.3.0-1
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package
-CVE-2012-2333
+CVE-2012-2333 (Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1 ...)
 	{DSA-2475-1}
 	- openssl 1.0.1c-1 (bug #672452)
 	NOTE: http://seclists.org/oss-sec/2012/q2/299
 	NOTE: http://www.openssl.org/news/secadv/20120510.txt
-CVE-2012-2332
+CVE-2012-2332 (SQL injection vulnerability in serendipity/serendipity_admin.php in Se ...)
 	- serendipity <removed> (bug #671937; low)
 	[squeeze] - serendipity <no-dsa> (Minor issue)
 	NOTE: http://web.archive.org/web/20120527103654/http://www.koramis.com:80/advisories/2012/KORAMIS-ADV2012-001.txt
 	NOTE: http://blog.s9y.org/archives/240-Serendipity-1.6.1-released.html
 	NOTE: CVE id requested http://seclists.org/oss-sec/2012/q2/276
-CVE-2012-2331
+CVE-2012-2331 (Cross-site scripting (XSS) vulnerability in serendipity/serendipity_ad ...)
 	- serendipity <removed> (bug #671937; low)
 	[squeeze] - serendipity <no-dsa> (Minor issue)
 	NOTE: http://web.archive.org/web/20120527103654/http://www.koramis.com:80/advisories/2012/KORAMIS-ADV2012-001.txt
 	NOTE: http://blog.s9y.org/archives/240-Serendipity-1.6.1-released.html
 	NOTE: CVE id requested http://seclists.org/oss-sec/2012/q2/276
-CVE-2012-2330
+CVE-2012-2330 (The Update method in src/node_http_parser.cc in Node.js before 0.6.17  ...)
 	- nodejs 0.6.17~dfsg1-1
 	NOTE: http://blog.nodejs.org/2012/05/07/http-server-security-vulnerability-please-upgrade-to-0-6-17/
 	NOTE: https://github.com/joyent/node/commit/c9a231d
-CVE-2012-2329
+CVE-2012-2329 (Buffer overflow in the apache_request_headers function in sapi/cgi/cgi ...)
 	- php5 5.4.3-1
 	[squeeze] - php5 <not-affected> (Vulnerable code not present)
 	NOTE: 5.4.x only
-CVE-2012-2328
+CVE-2012-2328 (internal/cimxml/sax/NodeFactory.java in Standards-Based Linux Instrume ...)
 	NOT-FOR-US: sblim
-CVE-2012-2327
+CVE-2012-2327 (MyBB (aka MyBulletinBoard) before 1.6.7 allows remote attackers to obt ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 	NOTE: http://blog.mybb.com/2012/04/01/mybb-1-6-7-update-1-8-development/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/07/14
-CVE-2012-2326
+CVE-2012-2326 (Cross-site scripting (XSS) vulnerability in the Admin Control Panel (A ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 	NOTE: http://blog.mybb.com/2012/04/01/mybb-1-6-7-update-1-8-development/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/07/14
-CVE-2012-2325
+CVE-2012-2325 (SQL injection vulnerability in the User Inline Moderation feature in t ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 	NOTE: http://blog.mybb.com/2012/04/01/mybb-1-6-7-update-1-8-development/
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/07/14
-CVE-2012-2324
+CVE-2012-2324 (Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) b ...)
 	NOT-FOR-US: MyBB
 CVE-2012-2323
 	REJECTED
-CVE-2012-2322
+CVE-2012-2322 (Integer overflow in the dhcpv6_get_option function in gdhcp/client.c i ...)
 	- connman 1.0-1 (bug #672989)
 	[squeeze] - connman <not-affected> (Vulnerable code not present)
-CVE-2012-2321
+CVE-2012-2321 (The loopback plug-in in ConnMan before 0.85 allows remote attackers to ...)
 	- connman 1.0-1 (low; bug #672989)
 	[squeeze] - connman <no-dsa> (Minor issue)
-CVE-2012-2320
+CVE-2012-2320 (ConnMan before 0.85 does not ensure that netlink messages originate fr ...)
 	- connman 1.0-1 (low; bug #672989)
 	[squeeze] - connman <no-dsa> (Minor issue)
-CVE-2012-2319
+CVE-2012-2319 (Multiple buffer overflows in the hfsplus filesystem implementation in  ...)
 	- linux 3.2.17-1 (low)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-46
-CVE-2012-2318
+CVE-2012-2318 (msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4  ...)
 	- pidgin 2.10.4-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2012-2317
+CVE-2012-2317 (The Debian php_crypt_revamped.patch patch for PHP 5.3.x, as used in th ...)
 	- php5 5.3.6-1 (bug #581170)
 	[squeeze] - php5 5.3.3-7+squeeze4
-CVE-2012-2316
+CVE-2012-2316 (Cross-site request forgery (CSRF) vulnerability in servlet/admin/AuthS ...)
 	NOT-FOR-US: OpenKM
-CVE-2012-2315
+CVE-2012-2315 (admin/Auth in OpenKM 5.1.7 and other versions before 5.1.8-2 does not  ...)
 	NOT-FOR-US: OpenKM
-CVE-2012-2314
+CVE-2012-2314 (The bootloader configuration module (pyanaconda/bootloader.py) in Anac ...)
 	NOT-FOR-US: The anaconda installer
-CVE-2012-2313
+CVE-2012-2313 (The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Lin ...)
 	- linux 3.2.19-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-46
 CVE-2012-2312
 	RESERVED
 	- jbossas4 <not-affected> (Only affects JBoss 7)
-CVE-2012-2311
+CVE-2012-2311 (sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when  ...)
 	{DSA-2465-1}
 	- php5 5.4.3-1 (bug #671880)
 	NOTE: This CVE ID is for the initial incomplete fix for CVE-2012-1823
 	NOTE: http://www.kb.cert.org/vuls/id/520827
-CVE-2012-2310
+CVE-2012-2310 (Cross-site scripting (XSS) vulnerability in the cctags module for Drup ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2309
+CVE-2012-2309 (Cross-site scripting (XSS) vulnerability in the Glossify Internal Link ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2308
+CVE-2012-2308 (Cross-site scripting (XSS) vulnerability in the Taxonomy Grid : Catalo ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2307
+CVE-2012-2307 (Cross-site request forgery (CSRF) vulnerability in the Addressbook mod ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2306
+CVE-2012-2306 (SQL injection vulnerability in the Addressbook module for Drupal 6.x-4 ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2305
+CVE-2012-2305 (Cross-site request forgery (CSRF) vulnerability in the Node Gallery mo ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2304
+CVE-2012-2304 (The Linkit module 7.x-2.x before 7.x-2.3 for Drupal, when using an ent ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2303
+CVE-2012-2303 (The Spaces module 6.x-3.x before 6.x-3.4 for Drupal does not enforce p ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2302
+CVE-2012-2302 (Site Documentation (Sitedoc) module for Drupal 6.x-1.x before 6.x-1.4  ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2301
+CVE-2012-2301 (The Ubercart module 6.x-2.x before 6.x-2.8 for Drupal allows remote au ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2300
+CVE-2012-2300 (Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart mo ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2299
+CVE-2012-2299 (The Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1  ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2298
+CVE-2012-2298 (Multiple cross-site scripting (XSS) vulnerabilities in the RealName mo ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2297
+CVE-2012-2297 (Multiple cross-site scripting (XSS) vulnerabilities in the Creative Co ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2296
+CVE-2012-2296 (The Janrain Engage (formerly RPX) module for Drupal 6.x-1.x. 6.x-2.x b ...)
 	NOT-FOR-US: Drupal addon not packaged
 CVE-2012-2295
 	REJECTED
-CVE-2012-2294
+CVE-2012-2294 (EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before  ...)
 	NOT-FOR-US: EMC RSA Archer
-CVE-2012-2293
+CVE-2012-2293 (Directory traversal vulnerability in EMC RSA Archer SmartSuite Framewo ...)
 	NOT-FOR-US: EMC RSA Archer
-CVE-2012-2292
+CVE-2012-2292 (The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Frame ...)
 	NOT-FOR-US: EMC RSA Archer
-CVE-2012-2291
+CVE-2012-2291 (EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2012-2290
+CVE-2012-2290 (The client in EMC NetWorker Module for Microsoft Applications (NMM) 2. ...)
 	NOT-FOR-US: EMC NetWorker Module for Microsoft Applications
-CVE-2012-2289
+CVE-2012-2289 (EMC ApplicationXtender Desktop before 6.5 SP2 and ApplicationXtender W ...)
 	NOT-FOR-US: EMC
-CVE-2012-2288
+CVE-2012-2288 (Format string vulnerability in the nsrd RPC service in EMC NetWorker 7 ...)
 	NOT-FOR-US: EMC NetWorker
-CVE-2012-2287
+CVE-2012-2287 (The authentication functionality in EMC RSA Authentication Agent 7.1 a ...)
 	NOT-FOR-US: EMC RSA Authentication agent
-CVE-2012-2286
+CVE-2012-2286 (Unspecified vulnerability in EMC RSA Adaptive Authentication On-Premis ...)
 	NOT-FOR-US: EMC RSA Authentication agent
-CVE-2012-2285
+CVE-2012-2285 (EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, a ...)
 	NOT-FOR-US: EMC Cloud Tiering Appliance
-CVE-2012-2284
+CVE-2012-2284 (The (1) install and (2) upgrade processes in EMC NetWorker Module for  ...)
 	NOT-FOR-US: EMC NetWorker Module for Microsoft Applications
-CVE-2012-2283
+CVE-2012-2283 (The Iomega Home Media Network Hard Drive with EMC Lifeline firmware be ...)
 	NOT-FOR-US: Iomega Home Media Network Hard Drive
-CVE-2012-2282
+CVE-2012-2282 (EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53. ...)
 	NOT-FOR-US: EMC Celerra/VNX/VNXe
-CVE-2012-2281
+CVE-2012-2281 (EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access Manage ...)
 	NOT-FOR-US: RSA Access Manager
 	NOTE: http://seclists.org/bugtraq/2012/Jul/36
-CVE-2012-2280
+CVE-2012-2280 (EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appl ...)
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2012-2279
+CVE-2012-2279 (Open redirect vulnerability in the Security Console in EMC RSA Authent ...)
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2012-2278
+CVE-2012-2278 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Self-Se ...)
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2012-2277
+CVE-2012-2277 (The IRM Server in EMC Documentum Information Rights Management 4.x bef ...)
 	NOT-FOR-US: EMC Documentum Information Rights Management
-CVE-2012-2276
+CVE-2012-2276 (The IRM Server in EMC Documentum Information Rights Management 4.x bef ...)
 	NOT-FOR-US: EMC Documentum Information Rights Management
-CVE-2012-2275
+CVE-2012-2275 (Multiple cross-site request forgery (CSRF) vulnerabilities in TestLink ...)
 	NOT-FOR-US: TestLink
-CVE-2012-2274
+CVE-2012-2274 (Cross-site scripting (XSS) vulnerability in pivotx/ajaxhelper.php in P ...)
 	NOT-FOR-US: PivotX
-CVE-2012-2273
+CVE-2012-2273 (Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allo ...)
 	NOT-FOR-US: Comodo Internet Security
 CVE-2012-2272
 	RESERVED
-CVE-2012-2271
+CVE-2012-2271 (Buffer overflow in the InitLicenKeys function in a certain ActiveX con ...)
 	NOT-FOR-US: SkinCrafter
-CVE-2012-2270
+CVE-2012-2270 (Open redirect vulnerability in index.php (aka the Login Page) in ownCl ...)
 	- owncloud 3.0.3-1
-CVE-2012-2269
+CVE-2012-2269 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
 	- owncloud 3.0.2-1
-CVE-2012-2268
+CVE-2012-2268 (master.exe in the SNMP Master Agent in RealNetworks Helix Server and H ...)
 	NOT-FOR-US: RealNetworks Helix
-CVE-2012-2267
+CVE-2012-2267 (master.exe in the SNMP Master Agent in RealNetworks Helix Server and H ...)
 	NOT-FOR-US: RealNetworks Helix
 CVE-2012-2266
 	REJECTED
@@ -11102,20 +11102,20 @@ CVE-2012-2255
 	REJECTED
 CVE-2012-2254
 	REJECTED
-CVE-2012-2253
+CVE-2012-2253 (Cross-site scripting (XSS) vulnerability in group/members.php in Mahar ...)
 	{DSA-2591-1}
 	- mahara 1.5.1-3.1 (bug #695789)
-CVE-2012-2252
+CVE-2012-2252 (Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsyn ...)
 	{DSA-2578-1}
 	- rssh 2.3.3-6
-CVE-2012-2251
+CVE-2012-2251 (rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync prot ...)
 	{DSA-2578-1}
 	- rssh 2.3.3-6
-CVE-2012-2250
+CVE-2012-2250 (Tor before 0.2.3.24-rc allows remote attackers to cause a denial of se ...)
 	{DLA-17-1}
 	- tor 0.2.3.24-rc-1 (low)
 	[squeeze] - tor 0.2.4.23-1~deb6u1
-CVE-2012-2249
+CVE-2012-2249 (Tor before 0.2.3.23-rc allows remote attackers to cause a denial of se ...)
 	{DLA-17-1}
 	- tor 0.2.3.23-rc-1 (low)
 	[squeeze] - tor 0.2.4.23-1~deb6u1
@@ -11125,39 +11125,39 @@ CVE-2012-2248 [build-influenced PATH set in dhclient]
 	[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u2
 	[squeeze] - isc-dhcp <not-affected> (CLIENT_PATH is not correctly defined)
 	NOTE: Debian-specific
-CVE-2012-2247
+CVE-2012-2247 (Cross-site scripting (XSS) vulnerability in Mahara 1.4.x before 1.4.5  ...)
 	{DSA-2591-1}
 	- mahara 1.5.1-3
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=4938
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1061980
-CVE-2012-2246
+CVE-2012-2246 (Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attacke ...)
 	{DSA-2591-1}
 	- mahara 1.5.1-3
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=493
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1057240
 CVE-2012-2245
 	REJECTED
-CVE-2012-2244
+CVE-2012-2244 (Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote authent ...)
 	{DSA-2591-1}
 	- mahara 1.5.1-3
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=4936
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1057238
-CVE-2012-2243
+CVE-2012-2243 (Cross-site scripting (XSS) vulnerability in Mahara 1.4.x before 1.4.5  ...)
 	{DSA-2591-1}
 	- mahara 1.5.1-3
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=4937
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1055232
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1063480
-CVE-2012-2242
+CVE-2012-2242 (scripts/dget.pl in devscripts before 2.10.73 allows remote attackers t ...)
 	{DSA-2549-1}
 	- devscripts 2.12.3
-CVE-2012-2241
+CVE-2012-2241 (scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to ...)
 	{DSA-2549-1}
 	- devscripts 2.12.3
-CVE-2012-2240
+CVE-2012-2240 (scripts/dscverify.pl in devscripts before 2.12.3 allows remote attacke ...)
 	{DSA-2549-1}
 	- devscripts 2.12.3
-CVE-2012-2239
+CVE-2012-2239 (Mahara 1.4.x before 1.4.4 and 1.5.x before 1.5.3 allows remote attacke ...)
 	{DSA-2591-1}
 	- mahara 1.5.1-3
 CVE-2012-2238
@@ -11167,11 +11167,11 @@ CVE-2012-2237
 	RESERVED
 	{DSA-2540-1}
 	- mahara 1.5.1-2
-CVE-2012-2236
+CVE-2012-2236 (SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 al ...)
 	NOT-FOR-US: PHP Gift Registry
-CVE-2012-2235
+CVE-2012-2235 (Cross-site scripting (XSS) vulnerability in Support Incident Tracker ( ...)
 	NOT-FOR-US: Support Incident Tracker
-CVE-2012-2234
+CVE-2012-2234 (Cross-site scripting (XSS) vulnerability in sources/users.queries.php  ...)
 	NOT-FOR-US: TeamPass.net
 CVE-2012-2233
 	RESERVED
@@ -11179,21 +11179,21 @@ CVE-2012-2232
 	RESERVED
 CVE-2012-2231
 	RESERVED
-CVE-2012-2230
+CVE-2012-2230 (Cloudera Manager 3.7.x before 3.7.5 and Service and Configuration Mana ...)
 	NOT-FOR-US: Cloudera Manager
 CVE-2012-2229
 	RESERVED
 CVE-2012-2228
 	RESERVED
-CVE-2012-2227
+CVE-2012-2227 (Directory traversal vulnerability in update/index.php in PluXml before ...)
 	NOT-FOR-US: PluXml
 CVE-2012-2226
 	RESERVED
-CVE-2012-2225
+CVE-2012-2225 (360zip 1.93beta allows remote attackers to execute arbitrary code via  ...)
 	NOT-FOR-US: 360zip
-CVE-2012-2224
+CVE-2012-2224 (Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitra ...)
 	NOT-FOR-US: Xunlei Thunder
-CVE-2012-2223
+CVE-2012-2223 (The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3 ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2012-2222
 	RESERVED
@@ -11205,161 +11205,161 @@ CVE-2012-2219
 	RESERVED
 CVE-2012-2218
 	RESERVED
-CVE-2012-2217
+CVE-2012-2217 (The HTC IQRD service for Android on the HTC EVO 4G before 4.67.651.3,  ...)
 	NOT-FOR-US: Android
 CVE-2012-2216
 	RESERVED
-CVE-2012-2095
+CVE-2012-2095 (The SetWiredProperty function in the D-Bus interface in WICD before 1. ...)
 	- wicd 1.7.2.4-1 (low; bug #668397)
 	[squeeze] - wicd 1.7.0+ds1-5+squeeze2
-CVE-2012-2215
+CVE-2012-2215 (Directory traversal vulnerability in the Preboot Service in Novell ZEN ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2012-2214
+CVE-2012-2214 (proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle  ...)
 	- pidgin 2.10.4-1
 	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 	NOTE: http://www.pidgin.im/news/security/?id=62
-CVE-2012-2213
+CVE-2012-2213 (** DISPUTED ** Squid 3.1.9 allows remote attackers to bypass the acces ...)
 	NOT-FOR-US: Disputed Squid access bypass, probably user error and minor impact anyway
-CVE-2012-2212
+CVE-2012-2212 (** DISPUTED ** McAfee Web Gateway 7.0 allows remote attackers to bypas ...)
 	NOT-FOR-US: McAfee Web Gateway
-CVE-2012-2211
+CVE-2012-2211 (Cross-site scripting (XSS) vulnerability in phpgwapi/inc/common_functi ...)
 	- egroupware <removed>
-CVE-2012-2210
+CVE-2012-2210 (The Sony Bravia TV KDL-32CX525 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Sony Bravia
-CVE-2012-2209
+CVE-2012-2209 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Pi ...)
 	- piwigo <removed> (bug #685364)
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2012-2208
+CVE-2012-2208 (Directory traversal vulnerability in upgrade.php in Piwigo before 2.3. ...)
 	- piwigo <removed> (bug #685364)
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
 CVE-2012-2207
 	RESERVED
-CVE-2012-2206
+CVE-2012-2206 (The Web Gateway component in IBM WebSphere MQ File Transfer Edition 7. ...)
 	NOT-FOR-US: IBM WebSphere MQ File Transfer Edition
-CVE-2012-2205
+CVE-2012-2205 (Cross-site scripting (XSS) vulnerability in IBM Rational ClearQuest 7. ...)
 	NOT-FOR-US: IBM Rational ClearQuest
 CVE-2012-2204
 	RESERVED
-CVE-2012-2203
+CVE-2012-2203 (IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM R ...)
 	NOT-FOR-US: IBM Global Security Kit
-CVE-2012-2202
+CVE-2012-2202 (Directory traversal vulnerability in javatester_init.php in IBM Lotus  ...)
 	NOT-FOR-US: IBM Lotus Protector, IBM ISS Proventia Network Mail Security System
 CVE-2012-2201
 	RESERVED
-CVE-2012-2200
+CVE-2012-2200 (The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS ...)
 	NOT-FOR-US: sendmail configuration in AIX
-CVE-2012-2199
+CVE-2012-2199 (The server message channel agent in the queue manager in the server in ...)
 	NOT-FOR-US: IBM WebSphere MQ
 CVE-2012-2198
 	RESERVED
-CVE-2012-2197
+CVE-2012-2197 (Stack-based buffer overflow in the Java Stored Procedure infrastructur ...)
 	NOT-FOR-US: IBM DB2
-CVE-2012-2196
+CVE-2012-2196 (IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through ...)
 	NOT-FOR-US: IBM DB2
 CVE-2012-2195
 	RESERVED
-CVE-2012-2194
+CVE-2012-2194 (Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored p ...)
 	NOT-FOR-US: IBM DB2
-CVE-2012-2193
+CVE-2012-2193 (Cross-site scripting (XSS) vulnerability in Query Studio in IBM Cognos ...)
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-2192
+CVE-2012-2192 (The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4- ...)
 	NOT-FOR-US: AIX
-CVE-2012-2191
+CVE-2012-2191 (IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM R ...)
 	NOT-FOR-US: IBM Global Security Kit
-CVE-2012-2190
+CVE-2012-2190 (IBM Global Security Kit (aka GSKit), as used in IBM HTTP Server in IBM ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2012-2189
 	RESERVED
-CVE-2012-2188
+CVE-2012-2188 (IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1. ...)
 	NOT-FOR-US: IBM Power Hardware Management Console
-CVE-2012-2187
+CVE-2012-2187 (IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2,  ...)
 	NOT-FOR-US: IBM Remote Supervisor Adapter
-CVE-2012-2186
+CVE-2012-2186 (Incomplete blacklist vulnerability in main/manager.c in Asterisk Open  ...)
 	{DSA-2550-1}
 	- asterisk 1:1.8.13.1~dfsg-1 (bug #680470)
-CVE-2012-2185
+CVE-2012-2185 (IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Con ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-2184
+CVE-2012-2184 (Session fixation vulnerability in IBM Maximo Asset Management 7.1 thro ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-2183
+CVE-2012-2183 (Session fixation vulnerability in IBM Maximo Asset Management 6.2 thro ...)
 	NOT-FOR-US: IBM Maximo Asset Management
 CVE-2012-2182
 	RESERVED
-CVE-2012-2181
+CVE-2012-2181 (Directory traversal vulnerability in the Dojo module in IBM WebSphere  ...)
 	NOT-FOR-US: IBM WebSphere not in Debian
-CVE-2012-2180
+CVE-2012-2180 (The chaining functionality in the Distributed Relational Database Arch ...)
 	NOT-FOR-US: IBM DB2
-CVE-2012-2179
+CVE-2012-2179 (libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite  ...)
 	NOT-FOR-US: AIX
 CVE-2012-2178
 	RESERVED
-CVE-2012-2177
+CVE-2012-2177 (Cross-site scripting (XSS) vulnerability in IBM Cognos Business Intell ...)
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2012-2176
+CVE-2012-2176 (Multiple stack-based buffer overflows in a certain ActiveX control in  ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2012-2175
+CVE-2012-2175 (Buffer overflow in the Attachment_Times method in a certain ActiveX co ...)
 	NOT-FOR-US: IBM Lotus iNotes
-CVE-2012-2174
+CVE-2012-2174 (The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote  ...)
 	NOT-FOR-US: Notes
-CVE-2012-2173
+CVE-2012-2173 (The ODBC driver in IBM Security AppScan Source 7.x and 8.x before 8.6  ...)
 	NOT-FOR-US: AppScan
-CVE-2012-2172
+CVE-2012-2172 (Cross-site scripting (XSS) vulnerability in SoftwareRegistration.do in ...)
 	NOT-FOR-US: IBM System Storage DS Storage Manager
-CVE-2012-2171
+CVE-2012-2171 (SQL injection vulnerability in ModuleServlet.do in the Storage Manager ...)
 	NOT-FOR-US: IBM System Storage DS Storage Manager
-CVE-2012-2170
+CVE-2012-2170 (The Application Snoop Servlet in IBM WebSphere Application Server 7.0  ...)
 	NOT-FOR-US: WebSphere
-CVE-2012-2169
+CVE-2012-2169 (Cross-site scripting (XSS) vulnerability in the file-upload functional ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-2168
+CVE-2012-2168 (IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 al ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-2167
+CVE-2012-2167 (The IBM XIV Storage System Gen3 before 11.1.0.a allows remote attacker ...)
 	NOT-FOR-US: IBM XIV Storage System Gen3
-CVE-2012-2166
+CVE-2012-2166 (IBM XIV Storage System 2810-A14 and 2812-A14 devices before level 10.2 ...)
 	NOT-FOR-US: IBM XIV Storage System
-CVE-2012-2165
+CVE-2012-2165 (IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3, w ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-2164
+CVE-2012-2164 (The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-2163
+CVE-2012-2163 (IBM Scale Out Network Attached Storage (SONAS) 1.1 through 1.3.1 allow ...)
 	NOT-FOR-US: IBM Scale Out Network Attached Storage
-CVE-2012-2162
+CVE-2012-2162 (The Web Server Plug-in in IBM WebSphere Application Server (WAS) 8.0 a ...)
 	NOT-FOR-US: WebSphere
-CVE-2012-2161
+CVE-2012-2161 (Cross-site scripting (XSS) vulnerability in deferredView.jsp in IBM Ec ...)
 	NOT-FOR-US: IBM Security AppScan Source
 CVE-2012-2160
 	RESERVED
-CVE-2012-2159
+CVE-2012-2159 (Open redirect vulnerability in IBM Eclipse Help System (IEHS), as used ...)
 	NOT-FOR-US: IBM Eclipse Help System
 CVE-2012-2158
 	RESERVED
 CVE-2012-2157
 	RESERVED
-CVE-2012-2156
+CVE-2012-2156 (Multiple cross-site scripting (XSS) vulnerabilities in Plume CMS 1.2.4 ...)
 	NOT-FOR-US: Plume CMS
-CVE-2012-2155
+CVE-2012-2155 (Cross-site request forgery (CSRF) vulnerability in the CDN2 Video modu ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2154
+CVE-2012-2154 (Cross-site scripting (XSS) vulnerability in the CDN2 Video module 6.x  ...)
 	NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2153
+CVE-2012-2153 (Drupal 7.x before 7.14 does not properly restrict access to nodes in a ...)
 	- drupal7 7.14-1
-CVE-2012-2152
+CVE-2012-2152 (Stack-based buffer overflow in the get_packet method in socket.c in dh ...)
 	{DSA-2498-1}
 	- dhcpcd 1:3.2.3-11 (bug #671265)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/02/4
-CVE-2012-2151
+CVE-2012-2151 (Multiple cross-site scripting (XSS) vulnerabilities in SPIP 1.9.x befo ...)
 	{DSA-2461-1}
 	- spip 2.1.13-1 (low; bug #671264)
-CVE-2012-2150
+CVE-2012-2150 (xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file ...)
 	- xfsprogs 3.2.4-1 (low; bug #793495)
 	[jessie] - xfsprogs <no-dsa> (Minor issue, too intrusive to backport)
 	[wheezy] - xfsprogs <no-dsa> (Minor issue)
 	[squeeze] - xfsprogs <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=817696
 	NOTE: http://oss.sgi.com/pipermail/xfs/2015-July/042726.html
-CVE-2012-2149
+CVE-2012-2149 (The WPXContentListener::_closeTableRow function in WPXContentListener. ...)
 	- libwpd 0.8.14-1
 	NOTE: http://permalink.gmane.org/gmane.comp.security.full-disclosure/85789
 	NOTE: http://sourceforge.net/p/libwpd/code/ci/437bf6702164e30761a10771f95dd1c796f474b7
@@ -11367,19 +11367,19 @@ CVE-2012-2149
 CVE-2012-2148
 	RESERVED
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-2147
+CVE-2012-2147 (munin-cgi-graph in Munin 2.0 rc4 allows remote attackers to cause a de ...)
 	- munin 2.0~rc6-1 (bug #670811)
 	[squeeze] - munin <not-affected> (Vulnerable code not present)
-CVE-2012-2146
+CVE-2012-2146 (Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique i ...)
 	- elixir 0.7.1-4 (low; bug #670919)
 	[jessie] - elixir <no-dsa> (Minor issue)
 	[squeeze] - elixir <no-dsa> (Minor issue)
 	[wheezy] - elixir <no-dsa> (Minor issue)
-CVE-2012-2145
+CVE-2012-2145 (Apache Qpid 0.17 and earlier does not properly restrict incoming clien ...)
 	- qpid-cpp 0.16-1 (bug #672124)
-CVE-2012-2144
+CVE-2012-2144 (Session fixation vulnerability in OpenStack Dashboard (Horizon) folsom ...)
 	- horizon 2012.1-4 (bug #671604)
-CVE-2012-2143
+CVE-2012-2143 (The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-REL ...)
 	{DSA-2491-1}
 	- postgresql-9.1 9.1.4-1
 	- postgresql-8.4 8.4.12-1
@@ -11390,38 +11390,38 @@ CVE-2012-2142 [Insufficient sanitization of escape sequences in the error messag
 	- xpdf <not-affected> (uses poppler's Error.cc)
 	- poppler 0.18.4-7  (unimportant; bug #487773)
 	NOTE: poppler upstream patch http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40
-CVE-2012-2141
+CVE-2012-2141 (Array index error in the handle_nsExtendOutput2Table function in agent ...)
 	- net-snmp 5.4.3~dfsg-2.5 (low; bug #672492)
 	[squeeze] - net-snmp 5.4.3~dfsg-2+squeeze1
 	NOTE: Red Hat patch: https://bugzilla.redhat.com/attachment.cgi?id=580443&action=diff
-CVE-2012-2140
+CVE-2012-2140 (The Mail gem before 2.4.3 for Ruby allows remote attackers to execute  ...)
 	- ruby-mail 2.4.4-1
-CVE-2012-2139
+CVE-2012-2139 (Directory traversal vulnerability in lib/mail/network/delivery_methods ...)
 	- ruby-mail 2.4.4-1
-CVE-2012-2138
+CVE-2012-2138 (The @CopyFrom operation in the POST servlet in the org.apache.sling.se ...)
 	NOT-FOR-US: Apache Sling
-CVE-2012-2137
+CVE-2012-2137 (Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Lin ...)
 	- linux 3.2.20-1
-CVE-2012-2136
+CVE-2012-2136 (The sock_alloc_send_pskb function in net/core/sock.c in the Linux kern ...)
 	- linux 3.2.20-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-46
-CVE-2012-2135
+CVE-2012-2135 (The utf-16 decoder in Python 3.1 through 3.3 does not update the align ...)
 	- python3.1 <unfixed> (bug #670389)
 	[squeeze] - python3.1 <no-dsa> (Minor issue)
 	- python3.2 3.2.3-1 (bug #670389)
 	- python3.3 3.3.1-1
 	NOTE: http://bugs.python.org/issue14579
-CVE-2012-2134
+CVE-2012-2134 (The handle_connection_error function in ldap_helper.c in bind-dyndb-ld ...)
 	NOT-FOR-US: Dynamic LDAP backend plugin for BIND
-CVE-2012-2133
+CVE-2012-2133 (Use-after-free vulnerability in the Linux kernel before 3.3.6, when hu ...)
 	{DSA-2469-1}
 	- linux-2.6 3.2.19-1
-CVE-2012-2132
+CVE-2012-2132 (libsoup 2.32.2 and earlier does not validate certificates or clear the ...)
 	- midori <unfixed> (unimportant; bug #672880)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=758431
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=817692
-CVE-2012-2131
+CVE-2012-2131 (Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSS ...)
 	{DSA-2454-2}
 	- openssl <not-affected> (only affected patch against 0.9.8)
 	NOTE: http://marc.info/?l=openssl-dev&m=133525318514423&w=2
@@ -11429,26 +11429,26 @@ CVE-2012-2130
 	RESERVED
 	- polarssl 1.1.2-1
 	[squeeze] - polarssl <not-affected> (Introduced in 0.99-pre4)
-CVE-2012-2129
+CVE-2012-2129 (Cross-site scripting (XSS) vulnerability in doku.php in DokuWiki 2012- ...)
 	- dokuwiki 0.0.20120125a-1 (low; bug #670917)
 	[squeeze] - dokuwiki <not-affected>
 	NOTE: http://secunia.com/advisories/48848/
 CVE-2012-2128
 	- dokuwiki 0.0.20120125a-1 (unimportant)
 	NOTE: http://bugs.dokuwiki.org/index.php?do=details&task_id=2488
-CVE-2012-2127
+CVE-2012-2127 (fs/proc/root.c in the procfs implementation in the Linux kernel before ...)
 	- linux-2.6 3.2-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 3.1)
-CVE-2012-2126
+CVE-2012-2126 (RubyGems before 1.8.23 does not verify an SSL certificate, which allow ...)
 	- rubygems 1.8.24-1 (bug #670228)
-CVE-2012-2125
+CVE-2012-2125 (RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which m ...)
 	- rubygems 1.8.24-1 (bug #670228)
-CVE-2012-2124
+CVE-2012-2124 (functions/imap_general.php in SquirrelMail, as used in Red Hat Enterpr ...)
 	- squirrelmail <not-affected> (Incorrect RedHat security update)
-CVE-2012-2123
+CVE-2012-2123 (The cap_bprm_set_creds function in security/commoncap.c in the Linux k ...)
 	{DSA-2469-1}
 	- linux-2.6 3.2.16-1
-CVE-2012-2122
+CVE-2012-2122 (sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.2 ...)
 	{DSA-2496-1}
 	- mysql-5.1 <removed> (bug #677018)
 	- mysql-5.5 5.5.24+dfsg-1
@@ -11456,126 +11456,126 @@ CVE-2012-2122
 	NOTE: http://seclists.org/oss-sec/2012/q2/493
 	NOTE: Issue only triggered with specific optimisation in glibc enabled; no builds in Debian known to be affected.
 	NOTE: Fixed versions indicate application of upstream patch which prevents issue regardless of opt.settings.
-CVE-2012-2121
+CVE-2012-2121 (The KVM implementation in the Linux kernel before 3.3.4 does not prope ...)
 	{DSA-2668-1}
 	- linux-2.6 3.2.17-1
-CVE-2012-2120
+CVE-2012-2120 (latex2man in texlive-extra-utils 2011.20120322, and possibly other ver ...)
 	- texlive-extra 2012.20130315-1 (low; bug #668779)
 	[wheezy] - texlive-extra <no-dsa> (Minor issue)
 	[squeeze] - texlive-extra 2009-10+squeeze1
-CVE-2012-2119
+CVE-2012-2119 (Buffer overflow in the macvtap device driver in the Linux kernel befor ...)
 	- linux 3.2.20-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present, was added in 3.1)
-CVE-2012-2118
+CVE-2012-2118 (Format string vulnerability in the LogVHdrMessageVerb function in os/l ...)
 	- xorg-server 2:1.12.1.902-1 (bug #673148)
 	[squeeze] - xorg-server <not-affected> (Introduced in 1.10)
 	NOTE: http://lists.x.org/pipermail/xorg-devel/2012-May/031411.html
-CVE-2012-2117
+CVE-2012-2117 (Cross-site scripting (XSS) vulnerability in the Gigya - Social optimiz ...)
 	NOT-FOR-US: Drupal plugin (Gigya - Social Optimization) not in Debian
-CVE-2012-2116
+CVE-2012-2116 (Cross-site request forgery (CSRF) vulnerability in the Commerce Reorde ...)
 	NOT-FOR-US: Drupal plugin (Commerce Reorder) not in Debian
-CVE-2012-2115
+CVE-2012-2115 (SQL injection vulnerability in interface/login/validateUser.php in Ope ...)
 	NOT-FOR-US: OpenEMR
-CVE-2012-2114
+CVE-2012-2114 (Stack-based buffer overflow in fprintf in musl before 0.8.8 and earlie ...)
 	NOT-FOR-US: musl libc not in Debian
-CVE-2012-2113
+CVE-2012-2113 (Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow r ...)
 	{DSA-2552-1}
 	- tiff 4.0.2-1 (bug #678140)
 	- tiff3 <not-affected> (The tiff-tools package is only built from the tiff source package)
-CVE-2012-2112
+CVE-2012-2112 (Cross-site scripting (XSS) vulnerability in the Exception Handler in T ...)
 	{DSA-2455-1}
 	- typo3-src 4.5.15+dfsg1-1 (bug #669158)
 	NOTE: http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/
-CVE-2012-2111
+CVE-2012-2111 (The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4)  ...)
 	{DSA-2463-1}
 	- samba 2:3.6.5-1
 	NOTE: http://www.samba.org/samba/history/samba-3.6.5.html
 	NOTE: According to the release notes Samba 3.4.x to 3.6.4 are affected
-CVE-2012-2110
+CVE-2012-2110 (The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL be ...)
 	{DSA-2454-1}
 	- openssl 1.0.1a-1
 	NOTE: http://www.openssl.org/news/secadv/20120419.txt
-CVE-2012-2109
+CVE-2012-2109 (SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1. ...)
 	NOT-FOR-US: wordpress buddypress plugin
-CVE-2012-2108
+CVE-2012-2108 (Stack-based buffer overflow in the main function in util/lpci_main.c i ...)
 	- csound 1:5.17.6~dfsg-1 (low; bug #661197)
 	[squeeze] - csound <no-dsa> (Minor issue)
-CVE-2012-2107
+CVE-2012-2107 (Integer overflow in the main function in util/lpci_main.c in Csound be ...)
 	- csound 1:5.17.6~dfsg-1 (bug #661197)
 	[squeeze] - csound <no-dsa> (Minor issue)
-CVE-2012-2106
+CVE-2012-2106 (Integer overflow in the pv_import function in util/pv_import.c in Csou ...)
 	- csound 1:5.17.6~dfsg-1 (bug #661197)
 	[squeeze] - csound <no-dsa> (Minor issue)
-CVE-2012-2105
+CVE-2012-2105 (Multiple SQL injection vulnerabilities in login.php in Timesheet Next  ...)
 	NOT-FOR-US: tsheetx
-CVE-2012-2104
+CVE-2012-2104 (cgi-bin/munin-cgi-graph in Munin 2.x writes data to a log file without ...)
 	- munin 2.0~rc6-1 (bug #668666)
 	[squeeze] - munin <not-affected> (Vulnerable code not present)
 	[lenny] - munin <not-affected> (Vulnerable code not present)
-CVE-2012-2103
+CVE-2012-2103 (The qmailscan plugin for Munin 1.4.5 allows local users to overwrite a ...)
 	- munin 2.0~rc6-1 (bug #668778)
 	[squeeze] - munin <not-affected> (Vulnerable code not present)
 	[lenny] - munin <not-affected> (Vulnerable code not present)
-CVE-2012-2102
+CVE-2012-2102 (MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authen ...)
 	{DSA-2496-1}
 	- mysql-5.1 5.1.62-1 (low; bug #670636)
 	- mysql-5.5 5.5.24+dfsg-1 (low)
-CVE-2012-2101
+CVE-2012-2101 (Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the ...)
 	- nova 2012.1-2 (bug #670637)
-CVE-2012-2100
+CVE-2012-2100 (The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kerne ...)
 	- linux-2.6 3.2.2-1
 	[squeeze] - linux-2.6 2.6.32-41squeeze1
 	NOTE: incomplete fix of CVE-2009-4307, introducing another issue:
 	NOTE: https://lkml.org/lkml/2012/2/20/422
-CVE-2012-2099
+CVE-2012-2099 (Multiple cross-site scripting (XSS) vulnerabilities in Wikidforum 2.10 ...)
 	NOT-FOR-US: Wikidforum
-CVE-2012-2098
+CVE-2012-2098 (Algorithmic complexity vulnerability in the sorting algorithms in bzip ...)
 	- libcommons-compress-java 1.4.1-1 (low; bug #674448)
 	[squeeze] - libcommons-compress-java <no-dsa> (Minor issue)
-CVE-2012-2097
+CVE-2012-2097 (Cross-site request forgery (CSRF) vulnerability in the Autosave module ...)
 	NOT-FOR-US: Drupal module Autosave
-CVE-2012-2096
+CVE-2012-2096 (The Fivestar module 6.x-1.x before 6.x-1.20 for Drupal does not proper ...)
 	NOT-FOR-US: Drupal module Fivestar
-CVE-2012-2094
+CVE-2012-2094 (Cross-site scripting (XSS) vulnerability in the refresh mechanism in t ...)
 	- horizon 2012.1-3
-CVE-2012-2093
+CVE-2012-2093 (src/common/latex.py in Gajim 0.15 allows local users to overwrite arbi ...)
 	{DSA-2453-2 DSA-2453-1}
 	- gajim 0.15-1.1 (low; bug #668710)
 CVE-2012-2092
 	RESERVED
 	- cobbler <not-affected> (Ubuntu specific cobbler-ubuntu-import script not present)
-CVE-2012-2091
+CVE-2012-2091 (Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2. ...)
 	- simgear 2.10.0-3 (unimportant; bug #669024)
 	- flightgear 2.6.0-1.1 (unimportant; bug #669025)
 	NOTE: Negligible security impact, very obscure attack vector
-CVE-2012-2090
+CVE-2012-2090 (Multiple format string vulnerabilities in FlightGear 2.6 and earlier a ...)
 	- simgear 2.10.0-2 (unimportant; bug #669024)
 	- flightgear 2.6.0-1.1 (unimportant; bug #669025)
 	NOTE: Negligible security impact, very obscure attack vector
-CVE-2012-2089
+CVE-2012-2089 (Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module mo ...)
 	- nginx 1.1.19-1
 	[squeeze] - nginx <not-affected> (Vulnerable code not present)
-CVE-2012-2088
+CVE-2012-2088 (Integer signedness error in the TIFFReadDirectory function in tif_dirr ...)
 	{DSA-2552-1}
 	- tiff 4.0-1 (bug #678140)
 	- tiff3 3.9.6-6
 CVE-2012-2087
 	RESERVED
-CVE-2012-2086
+CVE-2012-2086 (SQL injection vulnerability in the get_last_conversation_lines functio ...)
 	{DSA-2453-2 DSA-2453-1}
 	- gajim 0.15-1 (low; bug #668038)
-CVE-2012-2085
+CVE-2012-2085 (The exec_command function in common/helpers.py in Gajim before 0.15 al ...)
 	{DSA-2453-2 DSA-2453-1}
 	- gajim 0.15-1 (medium; bug #668038)
-CVE-2012-2084
+CVE-2012-2084 (Cross-site scripting (XSS) vulnerability in the Printer, email and PDF ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2083
+CVE-2012-2083 (Cross-site scripting (XSS) vulnerability in the fusion_core_preprocess ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2082
+CVE-2012-2082 (Cross-site scripting (XSS) vulnerability in the Chaos tool suite (aka  ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2081
+CVE-2012-2081 (The Organic Groups (OG) module 6.x-2.x before 6.x-2.3 for Drupal does  ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2080
+CVE-2012-2080 (Cross-site request forgery (CSRF) vulnerability in the Node Limit Numb ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
 CVE-2012-2079
 	RESERVED
@@ -11583,450 +11583,450 @@ CVE-2012-2079
 CVE-2012-2078
 	RESERVED
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2077
+CVE-2012-2077 (Cross-site request forgery (CSRF) vulnerability in the ShareThis modul ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2076
+CVE-2012-2076 (Cross-site scripting (XSS) vulnerability in the administration forms i ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2075
+CVE-2012-2075 (Cross-site scripting (XSS) vulnerability in the Contact Save module 6. ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2074
+CVE-2012-2074 (Unspecified vulnerability in certain default views in the Ubercart Vie ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2073
+CVE-2012-2073 (The Bundle copy module 7.x-1.x before 7.x-1.1 for Drupal does not chec ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2072
+CVE-2012-2072 (Cross-site scripting (XSS) vulnerability in the Share Buttons (AddToAn ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2071
+CVE-2012-2071 (Cross-site scripting (XSS) vulnerability in the Contact Forms module 6 ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2070
+CVE-2012-2070 (Cross-site scripting (XSS) vulnerability in the MultiBlock module 6.x- ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2069
+CVE-2012-2069 (Cross-site request forgery (CSRF) vulnerability in the Wishlist module ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2068
+CVE-2012-2068 (Multiple cross-site scripting (XSS) vulnerabilities in fancy_slide.mod ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2067
+CVE-2012-2067 (Unspecified vulnerability in the CKeditor module 6.x-2.x before 6.x-2. ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2066
+CVE-2012-2066 (Cross-site scripting (XSS) vulnerability in the FCKeditor module 6.x-2 ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2065
+CVE-2012-2065 (Cross-site scripting (XSS) vulnerability in the Language Icons module  ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2064
+CVE-2012-2064 (Cross-site scripting (XSS) vulnerability in theme/views_lang_switch.th ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2063
+CVE-2012-2063 (The Slidebox module before 7.x-1.4 for Drupal does not properly check  ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2062
+CVE-2012-2062 (Open redirect vulnerability in the Redirecting click bouncer module fo ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2061
+CVE-2012-2061 (Cross-site request forgery (CSRF) vulnerability in the Admin tools mod ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2060
+CVE-2012-2060 (Cross-site scripting (XSS) vulnerability in the Admin tools module for ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2059
+CVE-2012-2059 (Cross-site scripting (XSS) vulnerability in the ticketyboo News Ticker ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2058
+CVE-2012-2058 (The Ubercart Payflow module for Drupal does not use a secure token, wh ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2057
+CVE-2012-2057 (Cross-site request forgery (CSRF) vulnerability in the Ubercart Bulk S ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2056
+CVE-2012-2056 (Cross-site request forgery (CSRF) vulnerability in the Content Lock mo ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2055
+CVE-2012-2055 (GitHub Enterprise before 20120304 does not properly restrict the use o ...)
 	NOT-FOR-US: GitHub Enterprise
-CVE-2012-2054
+CVE-2012-2054 (Redmine before 1.3.2 does not properly restrict the use of a hash to p ...)
 	- redmine 1.3.2+dfsg1-1
 	[squeeze] - redmine <end-of-life> (Redmine not supported because of rails)
 	NOTE: http://www.redmine.org/issues/10390
 	NOTE: git mirror patch would be 5141f1e..177ff05
-CVE-2012-2053
+CVE-2012-2053 (The sudoers file in the Linux system configuration in F5 FirePass 6.0. ...)
 	NOT-FOR-US: F5 Firepass
-CVE-2012-2052
+CVE-2012-2052 (Stack-based buffer overflow in the U3D.8BI library plugin in Adobe Pho ...)
 	NOT-FOR-US: Adobe Photoshop plugin U3D.8BI library
-CVE-2012-2051
+CVE-2012-2051 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-2050
+CVE-2012-2050 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-2049
+CVE-2012-2049 (Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-2048
+CVE-2012-2048 (Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows at ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2012-2047
+CVE-2012-2047 (Adobe Shockwave Player before 11.6.6.636 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2046
+CVE-2012-2046 (Adobe Shockwave Player before 11.6.6.636 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2045
+CVE-2012-2045 (Adobe Shockwave Player before 11.6.6.636 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2044
+CVE-2012-2044 (Adobe Shockwave Player before 11.6.6.636 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2043
+CVE-2012-2043 (Adobe Shockwave Player before 11.6.6.636 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2042
+CVE-2012-2042 (Adobe Illustrator before CS6 allows attackers to execute arbitrary cod ...)
 	NOT-FOR-US: Adobe Illustrator
-CVE-2012-2041
+CVE-2012-2041 (CRLF injection vulnerability in the Component Browser in Adobe ColdFus ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2012-2040
+CVE-2012-2040 (Untrusted search path vulnerability in the installer in Adobe Flash Pl ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2039
+CVE-2012-2039 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2038
+CVE-2012-2038 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2037
+CVE-2012-2037 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2036
+CVE-2012-2036 (Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x bef ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2035
+CVE-2012-2035 (Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2034
+CVE-2012-2034 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-2033
+CVE-2012-2033 (Adobe Shockwave Player before 11.6.5.635 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2032
+CVE-2012-2032 (Adobe Shockwave Player before 11.6.5.635 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2031
+CVE-2012-2031 (Adobe Shockwave Player before 11.6.5.635 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2030
+CVE-2012-2030 (Adobe Shockwave Player before 11.6.5.635 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2029
+CVE-2012-2029 (Adobe Shockwave Player before 11.6.5.635 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2028
+CVE-2012-2028 (Buffer overflow in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12 ...)
 	NOT-FOR-US: Adobe Photoshop
-CVE-2012-2027
+CVE-2012-2027 (Use-after-free vulnerability in Adobe Photoshop CS5 12.x before 12.0.5 ...)
 	NOT-FOR-US: Adobe Photoshop
-CVE-2012-2026
+CVE-2012-2026 (Adobe Illustrator before CS6 allows attackers to execute arbitrary cod ...)
 	NOT-FOR-US: Adobe Illustrator
-CVE-2012-2025
+CVE-2012-2025 (Adobe Illustrator before CS6 allows attackers to execute arbitrary cod ...)
 	NOT-FOR-US: Adobe Illustrator
-CVE-2012-2024
+CVE-2012-2024 (Adobe Illustrator before CS6 allows attackers to execute arbitrary cod ...)
 	NOT-FOR-US: Adobe Illustrator
-CVE-2012-2023
+CVE-2012-2023 (Adobe Illustrator before CS6 allows attackers to execute arbitrary cod ...)
 	NOT-FOR-US: Adobe Illustrator
-CVE-2012-2022
+CVE-2012-2022 (Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node ...)
 	NOT-FOR-US: HP Network Node Manager
-CVE-2012-2021
+CVE-2012-2021 (Multiple cross-site scripting (XSS) vulnerabilities in HP AssetManager ...)
 	NOT-FOR-US: HP AssetManager
-CVE-2012-2020
+CVE-2012-2020 (Unspecified vulnerability in HP Operations Agent before 11.03.12 allow ...)
 	NOT-FOR-US: HP Operations Agent
-CVE-2012-2019
+CVE-2012-2019 (Unspecified vulnerability in HP Operations Agent before 11.03.12 allow ...)
 	NOT-FOR-US: HP Operations Agent
-CVE-2012-2018
+CVE-2012-2018 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i  ...)
 	NOT-FOR-US: HP Network Node Manager
-CVE-2012-2017
+CVE-2012-2017 (Unspecified vulnerability on HP Photosmart Wireless e-All-in-One B110, ...)
 	NOT-FOR-US: HP Photosmart Wireless e-All-in-One
-CVE-2012-2016
+CVE-2012-2016 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-2015
+CVE-2012-2015 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-2014
+CVE-2012-2014 (HP System Management Homepage (SMH) before 7.1.1 does not properly val ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-2013
+CVE-2012-2013 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-2012
+CVE-2012-2012 (HP System Management Homepage (SMH) before 7.1.1 does not have an off  ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-2011
+CVE-2012-2011 (Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin ...)
 	NOT-FOR-US: HP Web Jetadmin
-CVE-2012-2010
+CVE-2012-2010 (The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha pl ...)
 	NOT-FOR-US: OpenVMS
-CVE-2012-2009
+CVE-2012-2009 (Unspecified vulnerability in HP Performance Insight for Networks 5.3.x ...)
 	NOT-FOR-US: HP Performance Insight
-CVE-2012-2008
+CVE-2012-2008 (Cross-site scripting (XSS) vulnerability in HP Performance Insight for ...)
 	NOT-FOR-US: HP Performance Insight
-CVE-2012-2007
+CVE-2012-2007 (SQL injection vulnerability in HP Performance Insight for Networks 5.3 ...)
 	NOT-FOR-US: HP Performance Insight
-CVE-2012-2006
+CVE-2012-2006 (Unspecified vulnerability in HP Insight Management Agents before 9.0.0 ...)
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-2005
+CVE-2012-2005 (Cross-site scripting (XSS) vulnerability in HP Insight Management Agen ...)
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-2004
+CVE-2012-2004 (Open redirect vulnerability in HP Insight Management Agents before 9.0 ...)
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-2003
+CVE-2012-2003 (Cross-site request forgery (CSRF) vulnerability in HP Insight Manageme ...)
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-2002
+CVE-2012-2002 (Open redirect vulnerability in HP SNMP Agents for Linux before 9.0.0 a ...)
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-2001
+CVE-2012-2001 (Cross-site scripting (XSS) vulnerability in HP SNMP Agents for Linux b ...)
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-2000
+CVE-2012-2000 (Multiple unspecified vulnerabilities in HP System Health Application a ...)
 	NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-1999
+CVE-2012-1999 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7 ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2012-1998
+CVE-2012-1998 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7 ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2012-1997
+CVE-2012-1997 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7 ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2012-1996
+CVE-2012-1996 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7 ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2012-1995
+CVE-2012-1995 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7 ...)
 	NOT-FOR-US: HP Systems Insight Manager
 CVE-2012-1994
 	RESERVED
-CVE-2012-1993
+CVE-2012-1993 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-1992
+CVE-2012-1992 (Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS  ...)
 	NOT-FOR-US: CMD Made Simple
 CVE-2012-1991
 	RESERVED
-CVE-2012-1990
+CVE-2012-1990 (Multiple cross-site scripting (XSS) vulnerabilities in Schneider Elect ...)
 	NOT-FOR-US: Schneider Electric Kerweb
-CVE-2012-1989
+CVE-2012-1989 (telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) 1.2 ...)
 	- puppet 2.7.13-1
 	[squeeze] - puppet <not-affected> (Only affects 2.7.x)
-CVE-2012-1988
+CVE-2012-1988 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterpr ...)
 	{DSA-2451-1}
 	- puppet 2.7.13-1
-CVE-2012-1987
+CVE-2012-1987 (Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x befo ...)
 	{DSA-2451-1}
 	- puppet 2.7.13-1
-CVE-2012-1986
+CVE-2012-1986 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterpr ...)
 	{DSA-2451-1}
 	- puppet 2.7.13-1
-CVE-2012-1985
+CVE-2012-1985 (Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix  ...)
 	NOT-FOR-US: RealNetworks Helix
-CVE-2012-1984
+CVE-2012-1984 (Multiple cross-site scripting (XSS) vulnerabilities in RealNetworks He ...)
 	NOT-FOR-US: RealNetworks Helix
 CVE-2012-1983
 	RESERVED
-CVE-2012-1982
+CVE-2012-1982 (Cross-site scripting (XSS) vulnerability in my_admin/admin1_list_pages ...)
 	NOT-FOR-US: SocialCMS
 CVE-2012-1981
 	RESERVED
 CVE-2012-1980
 	RESERVED
-CVE-2012-1979
+CVE-2012-1979 (Cross-site scripting (XSS) vulnerability in starnet/index.php in Synde ...)
 	NOT-FOR-US: SyndeoCMS
-CVE-2012-1978
+CVE-2012-1978 (Multiple cross-site request forgery (CSRF) vulnerabilities in Simple P ...)
 	NOT-FOR-US: Simple PHP Agenda
-CVE-2012-1977
+CVE-2012-1977 (WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of ...)
 	NOT-FOR-US: WellinTech KingSCADA
-CVE-2012-1976
+CVE-2012-1976 (Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesVa ...)
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-1975
+CVE-2012-1975 (Use-after-free vulnerability in the PresShell::CompleteMove function i ...)
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-1974
+CVE-2012-1974 (Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore fun ...)
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-1973
+CVE-2012-1973 (Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject ...)
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-1972
+CVE-2012-1972 (Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentText ...)
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
-CVE-2012-1971
+CVE-2012-1971 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
-CVE-2012-1970
+CVE-2012-1970 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2556-1 DSA-2554-1 DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- iceape 2.7.7-1
 	- icedove 10.0.7-1
-CVE-2012-1969
+CVE-2012-1969 (The get_attachment_link function in Template.pm in Bugzilla 2.x and 3. ...)
 	- bugzilla <removed> (low)
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-1968
+CVE-2012-1968 (Bugzilla 4.1.x and 4.2.x before 4.2.2 and 4.3.x before 4.3.2 uses bug- ...)
 	- bugzilla <not-affected> (Only affects 4.1 to 4.3)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2012-1967
+CVE-2012-1967 (Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thun ...)
 	{DSA-2528-1 DSA-2514-1 DSA-2513-1}
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
-CVE-2012-1966
+CVE-2012-1966 (Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do ...)
 	{DSA-2514-1}
 	- iceweasel 10.0.6esr-1
-CVE-2012-1965
+CVE-2012-1965 (Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do ...)
 	- iceweasel 10.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
-CVE-2012-1964
+CVE-2012-1964 (The certificate-warning functionality in browser/components/certerror/ ...)
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1963
+CVE-2012-1963 (The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x ...)
 	- iceweasel 10.0.6esr-1
 	[squeeze] - iceweasel <not-affected> (CSP not yet available)
 	- icedove 10.0.6-1
 	[squeeze] - icedove <not-affected> (CSP not yet available)
 	- iceape 2.7.6-1
 	[squeeze] - iceape <not-affected> (CSP not yet available)
-CVE-2012-1962
+CVE-2012-1962 (Use-after-free vulnerability in the JSDependentString::undepend functi ...)
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1961
+CVE-2012-1961 (Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thun ...)
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1960
+CVE-2012-1960 (The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implemen ...)
 	- iceweasel <not-affected> (Only affects Firefox > 10)
-CVE-2012-1959
+CVE-2012-1959 (Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thun ...)
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1958
+CVE-2012-1958 (Use-after-free vulnerability in the nsGlobalWindow::PageHidden functio ...)
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1957
+CVE-2012-1957 (An unspecified parser-utility class in Mozilla Firefox 4.x through 13. ...)
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1956
+CVE-2012-1956 (Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey be ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Only affects Firefox >= 10)
-CVE-2012-1955
+CVE-2012-1955 (Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thun ...)
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1954
+CVE-2012-1954 (Use-after-free vulnerability in the nsDocument::AdoptNode function in  ...)
 	{DSA-2528-1 DSA-2514-1 DSA-2513-1}
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
-CVE-2012-1953
+CVE-2012-1953 (The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox  ...)
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1952
+CVE-2012-1952 (The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through ...)
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1951
+CVE-2012-1951 (Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased  ...)
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-1950
+CVE-2012-1950 (The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 a ...)
 	{DSA-2528-1 DSA-2514-1}
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
-CVE-2012-1949
+CVE-2012-1949 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox 13)
-CVE-2012-1948
+CVE-2012-1948 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2528-1 DSA-2514-1 DSA-2513-1}
 	- iceweasel 10.0.6esr-1
 	- icedove 10.0.6-1
 	- iceape 2.7.6-1
-CVE-2012-1947
+CVE-2012-1947 (Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozil ...)
 	{DSA-2499-1 DSA-2489-1 DSA-2488-1}
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
-CVE-2012-1946
+CVE-2012-1946 (Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore fun ...)
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
-CVE-2012-1945
+CVE-2012-1945 (Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thun ...)
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
-CVE-2012-1944
+CVE-2012-1944 (The Content Security Policy (CSP) implementation in Mozilla Firefox 4. ...)
 	- iceweasel 10.0.5esr-1
 	[squeeze] - iceweasel <not-affected> (CSP not yet available)
 	- icedove 10.0.5-1
 	[squeeze] - icedove <not-affected> (CSP not yet available)
-CVE-2012-1943
+CVE-2012-1943 (Untrusted search path vulnerability in Updater.exe in the Windows Upda ...)
 	- iceweasel <not-affected> (windows-specific)
-CVE-2012-1942
+CVE-2012-1942 (The Mozilla Updater and Windows Updater Service in Mozilla Firefox 12. ...)
 	- iceweasel <not-affected> (windows-specific)
-CVE-2012-1941
+CVE-2012-1941 (Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypothet ...)
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
-CVE-2012-1940
+CVE-2012-1940 (Use-after-free vulnerability in the nsFrameList::FirstChild function i ...)
 	{DSA-2499-1 DSA-2489-1 DSA-2488-1}
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
-CVE-2012-1939
+CVE-2012-1939 (jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird  ...)
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
-CVE-2012-1938
+CVE-2012-1938 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects iceweasel from experimental)
-CVE-2012-1937
+CVE-2012-1937 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2499-1 DSA-2489-1 DSA-2488-1}
 	- iceweasel 10.0.5esr-1
 	- icedove 10.0.5-1
-CVE-2012-1936
+CVE-2012-1936 (** DISPUTED ** The wp_create_nonce function in wp-includes/pluggable.p ...)
 	NOT-FOR-US: Disputed Wordpress issue
-CVE-2012-1935
+CVE-2012-1935 (Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x  ...)
 	- newscoop <itp> (bug #604113)
-CVE-2012-1934
+CVE-2012-1934 (SQL injection vulnerability in admin/country/edit.php in Newscoop befo ...)
 	- newscoop <itp> (bug #604113)
-CVE-2012-1933
+CVE-2012-1933 (Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x b ...)
 	- newscoop <itp> (bug #604113)
 CVE-2012-1932
 	RESERVED
-CVE-2012-1931
+CVE-2012-1931 (Opera before 11.62 on UNIX, when used in conjunction with an unspecifi ...)
 	NOT-FOR-US: Opera
-CVE-2012-1930
+CVE-2012-1930 (Opera before 11.62 on UNIX uses world-readable permissions for tempora ...)
 	NOT-FOR-US: Opera
-CVE-2012-1929
+CVE-2012-1929 (Opera before 11.62 on Mac OS X allows remote attackers to spoof the ad ...)
 	NOT-FOR-US: Opera
-CVE-2012-1928
+CVE-2012-1928 (Opera before 11.62 allows remote attackers to spoof the address field  ...)
 	NOT-FOR-US: Opera
-CVE-2012-1927
+CVE-2012-1927 (Opera before 11.62 allows remote attackers to spoof the address field  ...)
 	NOT-FOR-US: Opera
-CVE-2012-1926
+CVE-2012-1926 (Opera before 11.62 allows remote attackers to bypass the Same Origin P ...)
 	NOT-FOR-US: Opera
-CVE-2012-1925
+CVE-2012-1925 (Opera before 11.62 does not ensure that a dialog window is placed on t ...)
 	NOT-FOR-US: Opera
-CVE-2012-1924
+CVE-2012-1924 (Opera before 11.62 allows user-assisted remote attackers to trick user ...)
 	NOT-FOR-US: Opera
-CVE-2012-1923
+CVE-2012-1923 (RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x s ...)
 	NOT-FOR-US: RealNetworks Helix
-CVE-2012-1922
+CVE-2012-1922 (Multiple cross-site request forgery (CSRF) vulnerabilities in Sitecom  ...)
 	NOT-FOR-US: Sitecom WLM-2501
-CVE-2012-1921
+CVE-2012-1921 (Cross-site request forgery (CSRF) vulnerability in goform/admin/formWl ...)
 	NOT-FOR-US: Sitecom
-CVE-2012-1920
+CVE-2012-1920 (@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows rem ...)
 	- atmailopen <removed>
-CVE-2012-1919
+CVE-2012-1919 (CRLF injection vulnerability in mime.php in @Mail WebMail Client in At ...)
 	- atmailopen <removed>
-CVE-2012-1918
+CVE-2012-1918 (Multiple directory traversal vulnerabilities in (1) compose.php and (2 ...)
 	- atmailopen <removed>
-CVE-2012-1917
+CVE-2012-1917 (compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05  ...)
 	- atmailopen <removed>
-CVE-2012-1916
+CVE-2012-1916 (@Mail WebMail Client in AtMail Open-Source before 1.05 allows remote a ...)
 	- atmailopen <removed>
 CVE-2012-1915
 	RESERVED
@@ -12034,193 +12034,193 @@ CVE-2012-1914
 	RESERVED
 CVE-2012-1913
 	REJECTED
-CVE-2012-1912
+CVE-2012-1912 (Cross-site scripting (XSS) vulnerability in preferences.php in PHP Add ...)
 	NOT-FOR-US: PHP Address Book
-CVE-2012-1911
+CVE-2012-1911 (Multiple SQL injection vulnerabilities in PHP Address Book 6.2.12 and  ...)
 	NOT-FOR-US: PHP Address Book
-CVE-2012-1910
+CVE-2012-1910 (Bitcoin-Qt 0.5.0.x before 0.5.0.5; 0.5.1.x, 0.5.2.x, and 0.5.3.x befor ...)
 	- bitcoin <not-affected> (windows-only, qt gui not built)
-CVE-2012-1909
+CVE-2012-1909 (The Bitcoin protocol, as used in bitcoind before 0.4.4, wxBitcoin, Bit ...)
 	- bitcoin 0.6.0-1
-CVE-2012-1908
+CVE-2012-1908 (Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.3 all ...)
 	NOT-FOR-US: Splunk
-CVE-2012-1907
+CVE-2012-1907 (The scanner engine in PrivaWall Antivirus 5.6 and earlier does not rec ...)
 	NOT-FOR-US: PrivaWall Antivirus
-CVE-2012-1906
+CVE-2012-1906 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterpr ...)
 	{DSA-2451-1}
 	- puppet 2.7.13-1
 CVE-2012-1905
 	RESERVED
-CVE-2012-1904
+CVE-2012-1904 (mp4fformat.dll in the QuickTime File Format plugin in RealNetworks Rea ...)
 	NOT-FOR-US: RealPlayer
 CVE-2012-1903
 	RESERVED
-CVE-2012-1902
+CVE-2012-1902 (show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a con ...)
 	- phpmyadmin 4:3.4.10.2-1 (unimportant)
-CVE-2012-1901
+CVE-2012-1901 (Multiple cross-site request forgery (CSRF) vulnerabilities in FlexCMS  ...)
 	NOT-FOR-US: FlexCMS
-CVE-2012-1900
+CVE-2012-1900 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in  ...)
 	NOT-FOR-US: RazorCMS
-CVE-2012-1899
+CVE-2012-1899 (Multiple cross-site scripting (XSS) vulnerabilities in webfolio/admin/ ...)
 	NOT-FOR-US: Webfolio CMS
-CVE-2012-1898
+CVE-2012-1898 (Multiple cross-site scripting (XSS) vulnerabilities in wolfcms/admin/u ...)
 	NOT-FOR-US: Wolf CMS
-CVE-2012-1897
+CVE-2012-1897 (Multiple cross-site request forgery (CSRF) vulnerabilities in Wolf CMS ...)
 	NOT-FOR-US: Wolf CMS
-CVE-2012-1586
+CVE-2012-1586 (mount.cifs in cifs-utils 2.6 allows local users to determine the exist ...)
 	- cifs-utils 2:5.3-2 (unimportant; bug #665923)
 	NOTE: Harmless information leak, if a user can perform arbitrary CIFS mounts they probably
 	NOTE: can do a lot more with this
-CVE-2012-1896
+CVE-2012-1896 (Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider  ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-1895
+CVE-2012-1895 (The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-1894
+CVE-2012-1894 (Microsoft Office for Mac 2011 uses world-writable permissions for the  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2012-1893
+CVE-2012-1893 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1892
+CVE-2012-1892 (Cross-site scripting (XSS) vulnerability in Microsoft Visual Studio Te ...)
 	NOT-FOR-US: Microsoft Visual Studio Team Foundation Server
-CVE-2012-1891
+CVE-2012-1891 (Heap-based buffer overflow in Microsoft Data Access Components (MDAC)  ...)
 	NOT-FOR-US: Microsoft Data Access Components
-CVE-2012-1890
+CVE-2012-1890 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1889
+CVE-2012-1889 (Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitiali ...)
 	NOT-FOR-US: Microsoft XML Core Services
-CVE-2012-1888
+CVE-2012-1888 (Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1  ...)
 	NOT-FOR-US: Microsoft Visio
-CVE-2012-1887
+CVE-2012-1887 (Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2012-1886
+CVE-2012-1886 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2012-1885
+CVE-2012-1885 (Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and S ...)
 	NOT-FOR-US: Microsoft Excel
 CVE-2012-1884
 	REJECTED
 CVE-2012-1883
 	REJECTED
-CVE-2012-1882
+CVE-2012-1882 (Microsoft Internet Explorer 6 through 9 does not block cross-domain sc ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1881
+CVE-2012-1881 (Microsoft Internet Explorer 8 and 9 does not properly handle objects i ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1880
+CVE-2012-1880 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1879
+CVE-2012-1879 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1878
+CVE-2012-1878 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1877
+CVE-2012-1877 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1876
+CVE-2012-1876 (Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1875
+CVE-2012-1875 (Microsoft Internet Explorer 8 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1874
+CVE-2012-1874 (Microsoft Internet Explorer 8 and 9 does not properly handle objects i ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1873
+CVE-2012-1873 (Microsoft Internet Explorer 7 through 9 does not properly create and i ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1872
+CVE-2012-1872 (Cross-site scripting (XSS) vulnerability in Microsoft Internet Explore ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-1871
 	REJECTED
-CVE-2012-1870
+CVE-2012-1870 (The CBC mode in the TLS protocol, as used in Microsoft Windows XP SP2  ...)
 	NOT-FOR-US: Microsoft Windows XP
 CVE-2012-1869
 	REJECTED
-CVE-2012-1868
+CVE-2012-1868 (Race condition in the thread-creation implementation in win32k.sys in  ...)
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2012-1867
+CVE-2012-1867 (Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft ...)
 	NOT-FOR-US: Windows Windows
-CVE-2012-1866
+CVE-2012-1866 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1865
+CVE-2012-1865 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1864
+CVE-2012-1864 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1863
+CVE-2012-1863 (Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoin ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2012-1862
+CVE-2012-1862 (Open redirect vulnerability in Microsoft Office SharePoint Server 2007 ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2012-1861
+CVE-2012-1861 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Serve ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2012-1860
+CVE-2012-1860 (Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2012-1859
+CVE-2012-1859 (Cross-site scripting (XSS) vulnerability in scriptresx.ashx in Microso ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2012-1858
+CVE-2012-1858 (The toStaticHTML API (aka the SafeHTML component) in Microsoft Interne ...)
 	NOT-FOR-US: MicrosoftInternet Explorer, Communicator, Lync
-CVE-2012-1857
+CVE-2012-1857 (Cross-site scripting (XSS) vulnerability in the Enterprise Portal comp ...)
 	NOT-FOR-US: Microsoft Dynamics AX
-CVE-2012-1856
+CVE-2012-1856 (The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-1855
+CVE-2012-1855 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not prop ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-1854
+CVE-2012-1854 (Untrusted search path vulnerability in VBE6.dll in Microsoft Office 20 ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2012-1853
+CVE-2012-1853 (Stack-based buffer overflow in the Remote Administration Protocol (RAP ...)
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2012-1852
+CVE-2012-1852 (Heap-based buffer overflow in the Remote Administration Protocol (RAP) ...)
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2012-1851
+CVE-2012-1851 (Format string vulnerability in the Print Spooler service in Microsoft  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1850
+CVE-2012-1850 (The Remote Administration Protocol (RAP) implementation in the LanmanW ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1849
+CVE-2012-1849 (Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Atten ...)
 	NOT-FOR-US: Microsoft Lync, Attendee,, Attendant
-CVE-2012-1848
+CVE-2012-1848 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1847
+CVE-2012-1847 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Off ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2012-1846
+CVE-2012-1846 (Google Chrome 17.0.963.66 and earlier allows remote attackers to bypas ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-1845
+CVE-2012-1845 (Use-after-free vulnerability in Google Chrome 17.0.963.66 and earlier  ...)
 	- chromium-browser 20.0.1132.21~r139451-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-1844
+CVE-2012-1844 (The Quantum Scalar i500 tape library with firmware before i7.0.3 (604G ...)
 	NOT-FOR-US: Quantum Scalar
-CVE-2012-1843
+CVE-2012-1843 (Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on  ...)
 	NOT-FOR-US: Quantum Scalar
-CVE-2012-1842
+CVE-2012-1842 (Cross-site scripting (XSS) vulnerability in checkQKMProg.htm on the Qu ...)
 	NOT-FOR-US: Quantum Scalar
-CVE-2012-1841
+CVE-2012-1841 (Absolute path traversal vulnerability in logShow.htm on the Quantum Sc ...)
 	NOT-FOR-US: Quantum Scalar
-CVE-2012-1840
+CVE-2012-1840 (AjaXplorer 3.2.x before 3.2.5 and 4.0.x before 4.0.4 does not properly ...)
 	- ajaxplorer <itp> (bug #668381)
-CVE-2012-1839
+CVE-2012-1839 (Multiple directory traversal vulnerabilities in the Get Template featu ...)
 	- ajaxplorer <itp> (bug #668381)
-CVE-2012-1838
+CVE-2012-1838 (The web management interface on the LG-Nortel ELO GS24M switch allows  ...)
 	NOT-FOR-US: Nortel switch
-CVE-2012-1837
+CVE-2012-1837 (The (1) webreports, (2) post/create-role, and (3) post/update-role pro ...)
 	NOT-FOR-US: Tivoli
-CVE-2012-1836
+CVE-2012-1836 (Heap-based buffer overflow in dns.cpp in InspIRCd 2.0.5 might allow re ...)
 	{DSA-2448-1}
 	- inspircd 2.0.5-0.1 (bug #667914)
-CVE-2012-1835
+CVE-2012-1835 (Multiple cross-site scripting (XSS) vulnerabilities in the All-in-One  ...)
 	NOT-FOR-US: All-in-One Event Calendar plugin for WordPress
-CVE-2012-1834
+CVE-2012-1834 (Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head fun ...)
 	NOT-FOR-US: WordPress plugin CMS Tree Page View
-CVE-2012-1833
+CVE-2012-1833 (VMware SpringSource Grails before 1.3.8, and 2.x before 2.0.2, does no ...)
 	NOT-FOR-US: Grails
-CVE-2012-1832
+CVE-2012-1832 (WellinTech KingView 6.53 allows remote attackers to execute arbitrary  ...)
 	NOT-FOR-US: WellinTech KingView not in Debian
-CVE-2012-1831
+CVE-2012-1831 (Heap-based buffer overflow in WellinTech KingView 6.53 allows remote a ...)
 	NOT-FOR-US: WellinTech KingView not in Debian
-CVE-2012-1830
+CVE-2012-1830 (Stack-based buffer overflow in WellinTech KingView 6.53 allows remote  ...)
 	NOT-FOR-US: WellinTech KingView not in Debian
-CVE-2012-1829
+CVE-2012-1829 (Multiple cross-site scripting (XSS) vulnerabilities in AutoFORM PDM Ar ...)
 	NOT-FOR-US: AutoFORM PDM Archive
-CVE-2012-1828
+CVE-2012-1828 (The administrative functions in AutoFORM PDM Archive before 7.1 do not ...)
 	NOT-FOR-US: AutoFORM PDM Archive
-CVE-2012-1827
+CVE-2012-1827 (The web service in AutoFORM PDM Archive before 7.1 does not have autho ...)
 	NOT-FOR-US: AutoFORM PDM Archive
-CVE-2012-1826
+CVE-2012-1826 (dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to execute ...)
 	NOT-FOR-US: dotCMS not in Debian
-CVE-2012-1825
+CVE-2012-1825 (Multiple cross-site scripting (XSS) vulnerabilities in the status prog ...)
 	NOT-FOR-US: ForeScout CounterACT
-CVE-2012-1824
+CVE-2012-1824 (Untrusted search path vulnerability in Measuresoft ScadaPro Client bef ...)
 	NOT-FOR-US: Measuresoft ScadaPro
-CVE-2012-1823
+CVE-2012-1823 (sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when  ...)
 	{DSA-2465-1}
 	- php5 5.4.3-1
 	NOTE: http://ompldr.org/vZGxxaQ
@@ -12228,461 +12228,461 @@ CVE-2012-1823
 	NOTE: 5.4.2-1 'fixed' this, but fix is incomplete: CVE-2012-2311
 CVE-2012-1822
 	RESERVED
-CVE-2012-1821
+CVE-2012-1821 (The Network Threat Protection module in the Manager component in Syman ...)
 	NOT-FOR-US: Symantec Endpoint Protection on Windows Server 2003
-CVE-2012-1820
+CVE-2012-1820 (The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlie ...)
 	{DSA-2497-1}
 	- quagga 0.99.21-3 (bug #676510)
-CVE-2012-1819
+CVE-2012-1819 (Untrusted search path vulnerability in WellinTech KingView 6.53 allows ...)
 	NOT-FOR-US: WellinTech KingView
-CVE-2012-1818
+CVE-2012-1818 (An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstatio ...)
 	NOT-FOR-US: DeltaV (SCADA system) not in Debian
-CVE-2012-1817
+CVE-2012-1817 (Buffer overflow in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3. ...)
 	NOT-FOR-US: DeltaV (SCADA system) not in Debian
-CVE-2012-1816
+CVE-2012-1816 (PORTSERV.exe in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1,  ...)
 	NOT-FOR-US: DeltaV (SCADA system) not in Debian
-CVE-2012-1815
+CVE-2012-1815 (SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations  ...)
 	NOT-FOR-US: DeltaV (SCADA system) not in Debian
-CVE-2012-1814
+CVE-2012-1814 (Cross-site scripting (XSS) vulnerability in Emerson DeltaV and DeltaV  ...)
 	NOT-FOR-US: DeltaV (SCADA system) not in Debian
-CVE-2012-1813
+CVE-2012-1813 (eosfailoverservice.exe in C3-ilex EOScada before 11.0.19.2 allows remo ...)
 	NOT-FOR-US: C3-ilex EOScada
-CVE-2012-1812
+CVE-2012-1812 (eosfailoverservice.exe in C3-ilex EOScada before 11.0.19.2 allows remo ...)
 	NOT-FOR-US: C3-ilex EOScada
-CVE-2012-1811
+CVE-2012-1811 (EOSDataServer.exe in C3-ilex EOScada before 11.0.19.2 allows remote at ...)
 	NOT-FOR-US: C3-ilex EOScada
-CVE-2012-1810
+CVE-2012-1810 (EOSCoreScada.exe in C3-ilex EOScada before 11.0.19.2 allows remote att ...)
 	NOT-FOR-US: C3-ilex EOScada
-CVE-2012-1809
+CVE-2012-1809 (The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100 ...)
 	NOT-FOR-US: Koyo ECOM
-CVE-2012-1808
+CVE-2012-1808 (The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100 ...)
 	NOT-FOR-US: Koyo ECOM
-CVE-2012-1807
+CVE-2012-1807 (Cross-site scripting (XSS) vulnerability in the web server in the ECOM ...)
 	NOT-FOR-US: Koyo ECOM
-CVE-2012-1806
+CVE-2012-1806 (The ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM ...)
 	NOT-FOR-US: Koyo ECOM
-CVE-2012-1805
+CVE-2012-1805 (Buffer overflow in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM10 ...)
 	NOT-FOR-US: Koyo ECOM
-CVE-2012-1804
+CVE-2012-1804 (The OPC server in Progea Movicon before 11.3 allows remote attackers t ...)
 	NOT-FOR-US: Progea Movicon
-CVE-2012-1803
+CVE-2012-1803 (RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a facto ...)
 	NOT-FOR-US: RuggedCom Rugged Operating System
-CVE-2012-1802
+CVE-2012-1802 (Buffer overflow in the embedded web server on the Siemens Scalance X I ...)
 	NOT-FOR-US: Siemens Scalance X
-CVE-2012-1801
+CVE-2012-1801 (Multiple stack-based buffer overflows in (1) COM and (2) ActiveX contr ...)
 	NOT-FOR-US: ABB WebWare
-CVE-2012-1800
+CVE-2012-1800 (Stack-based buffer overflow in the Profinet DCP protocol implementatio ...)
 	NOT-FOR-US: Siemens Scalance S
-CVE-2012-1799
+CVE-2012-1799 (The web server on the Siemens Scalance S Security Module firewall S602 ...)
 	NOT-FOR-US: Siemens Scalance S
-CVE-2012-1798
+CVE-2012-1798 (The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick bef ...)
 	{DSA-2462-1}
 	- imagemagick 8:6.7.4.0-4 (bug #667635)
-CVE-2012-1797
+CVE-2012-1797 (IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has u ...)
 	NOT-FOR-US: IBM DB2
-CVE-2012-1796
+CVE-2012-1796 (Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as us ...)
 	NOT-FOR-US: Tivoli
-CVE-2012-1795
+CVE-2012-1795 (webglimpse.cgi in Webglimpse before 2.20.0 allows remote attackers to  ...)
 	NOT-FOR-US: Webglimpse
 CVE-2012-1794
 	RESERVED
 CVE-2012-1793
 	RESERVED
-CVE-2012-1792
+CVE-2012-1792 (Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Se ...)
 	NOT-FOR-US: OSCommerce Online Merchant
 CVE-2012-1791
 	RESERVED
-CVE-2012-1777
+CVE-2012-1777 (SQL injection vulnerability in my.activation.php3 in F5 FirePass 6.0.0 ...)
 	NOT-FOR-US: F5 Firepass
-CVE-2012-1776
+CVE-2012-1776 (Multiple heap-based buffer overflows in VideoLAN VLC media player befo ...)
 	- vlc 2.0.1-1 (low)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-1775
+CVE-2012-1775 (Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1  ...)
 	- vlc 2.0.1-1 (low)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-1790
+CVE-2012-1790 (Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows ...)
 	NOT-FOR-US: Webgrind
-CVE-2012-1789
+CVE-2012-1789 (Multiple cross-site scripting (XSS) vulnerabilities in Kongreg8 1.7.3  ...)
 	NOT-FOR-US: Kongreg8
-CVE-2012-1788
+CVE-2012-1788 (Multiple cross-site scripting (XSS) vulnerabilities in wonderdesk.cgi  ...)
 	NOT-FOR-US: WonderDesk SQL
-CVE-2012-1787
+CVE-2012-1787 (Multiple cross-site scripting (XSS) vulnerabilities in wgarcmin.cgi in ...)
 	NOT-FOR-US: Webglimpse
-CVE-2012-1786
+CVE-2012-1786 (The Media Upload form in the Video Embed &amp; Thumbnail Generator plu ...)
 	NOT-FOR-US: Media Upload form in the Video Embed & Thumbnail Generator plugin for WordPress
-CVE-2012-1785
+CVE-2012-1785 (kg_callffmpeg.php in the Video Embed &amp; Thumbnail Generator plugin  ...)
 	NOT-FOR-US: Video Embed & Thumbnail Generator plugin for WordPress
-CVE-2012-1784
+CVE-2012-1784 (SQL injection vulnerability in MyJobList 0.1.3 allows remote attackers ...)
 	NOT-FOR-US: MyJobList
-CVE-2012-1783
+CVE-2012-1783 (Tiny Server 1.1.9 and earlier allows remote attackers to cause a denia ...)
 	NOT-FOR-US: Tiny Server
-CVE-2012-1782
+CVE-2012-1782 (Multiple cross-site scripting (XSS) vulnerabilities in questions/ask i ...)
 	NOT-FOR-US: OSQA
-CVE-2012-1781
+CVE-2012-1781 (Multiple cross-site scripting (XSS) vulnerabilities in ajax/commentaja ...)
 	NOT-FOR-US: SocialCMS
-CVE-2012-1780
+CVE-2012-1780 (SQL injection vulnerability in search.php in SocialCMS 1.0.5 allows re ...)
 	NOT-FOR-US: SocialCMS
-CVE-2012-1779
+CVE-2012-1779 (Cross-site scripting (XSS) vulnerability in IDevSpot idev-BusinessDire ...)
 	NOT-FOR-US: IDevSpot idev-BusinessDirectory
-CVE-2012-1778
+CVE-2012-1778 (SQL injection vulnerability in artykul_print.php in CreateVision CMS a ...)
 	NOT-FOR-US: CreateVision CMS
-CVE-2012-1774
+CVE-2012-1774 (Unspecified vulnerability in the Open URL feature in Gretech GOM Media ...)
 	NOT-FOR-US: Gretech GOM Media Player
-CVE-2012-1773
+CVE-2012-1773 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1772
+CVE-2012-1772 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1771
+CVE-2012-1771 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1770
+CVE-2012-1770 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1769
+CVE-2012-1769 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1768
+CVE-2012-1768 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1767
+CVE-2012-1767 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1766
+CVE-2012-1766 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1765
+CVE-2012-1765 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris 10
-CVE-2012-1764
+CVE-2012-1764 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-1763
+CVE-2012-1763 (Unspecified vulnerability in the Oracle Clinical/Remote Data Capture c ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2012-1762
+CVE-2012-1762 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-1761
+CVE-2012-1761 (Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows  ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1760
+CVE-2012-1760 (Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows  ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1759
+CVE-2012-1759 (Unspecified vulnerability in the Oracle AutoVue component in Oracle Su ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-1758
+CVE-2012-1758 (Unspecified vulnerability in the Oracle AutoVue component in Oracle Su ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-1757
+CVE-2012-1757 (Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier al ...)
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.24+dfsg-1 (bug #682210)
-CVE-2012-1756
+CVE-2012-1756 (Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier al ...)
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.24+dfsg-1 (bug #682210)
-CVE-2012-1755
+CVE-2012-1755 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-1754
+CVE-2012-1754 (Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows  ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1753
+CVE-2012-1753 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-1752
+CVE-2012-1752 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2012-1751
+CVE-2012-1751 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-1750
+CVE-2012-1750 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allow ...)
 	NOT-FOR-US: Oracle Sun Solaris 8, 9, 10, and 11
-CVE-2012-1749
+CVE-2012-1749 (Unspecified vulnerability in the Oracle MapViewer component in Oracle  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1748
+CVE-2012-1748 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products 9.1
-CVE-2012-1747
+CVE-2012-1747 (Unspecified vulnerability in the Network Layer component in Oracle Dat ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-1746
+CVE-2012-1746 (Unspecified vulnerability in the Network Layer component in Oracle Dat ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-1745
+CVE-2012-1745 (Unspecified vulnerability in the Network Layer component in Oracle Dat ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-1744
+CVE-2012-1744 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1743
+CVE-2012-1743 (Unspecified vulnerability in the Oracle Clinical Remote Data Capture O ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2012-1742
+CVE-2012-1742 (Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows  ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1741
+CVE-2012-1741 (Unspecified vulnerability in the Enterprise Manager for Fusion Middlew ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1740
+CVE-2012-1740 (Unspecified vulnerability in the Oracle Application Express Listener c ...)
 	NOT-FOR-US: Oracle Application Express Listener
-CVE-2012-1739
+CVE-2012-1739 (Unspecified vulnerability in the Oracle E-Business Intelligence compon ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-1738
+CVE-2012-1738 (Unspecified vulnerability in the Oracle iPlanet Web Server component i ...)
 	NOT-FOR-US: Oracle Sun Products Suite, iPlanet Web Server
-CVE-2012-1737
+CVE-2012-1737 (Unspecified vulnerability in the Enterprise Manager for Oracle Databas ...)
 	NOT-FOR-US: Oracle
-CVE-2012-1736
+CVE-2012-1736 (Unspecified vulnerability in the Oracle MapViewer component in Oracle  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1735
+CVE-2012-1735 (Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier al ...)
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.24+dfsg-1 (bug #682210)
-CVE-2012-1734
+CVE-2012-1734 (Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, a ...)
 	{DSA-2496-1}
 	- mysql-5.1 <removed> (bug #682212)
 	- mysql-5.5 5.5.24+dfsg-1 (bug #682210)
-CVE-2012-1733
+CVE-2012-1733 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-1732
+CVE-2012-1732 (Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows  ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1731
+CVE-2012-1731 (Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows  ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1730
+CVE-2012-1730 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-1729
+CVE-2012-1729 (Unspecified vulnerability in the Hyperion BI+ component in Oracle Hype ...)
 	NOT-FOR-US: Oracle Hyperion
-CVE-2012-1728
+CVE-2012-1728 (Unspecified vulnerability in the Oracle Siebel CRM 8.1.1 and 8.2.2 all ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1727
+CVE-2012-1727 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-1726
+CVE-2012-1726 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1725
+CVE-2012-1725 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1724
+CVE-2012-1724 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1723
+CVE-2012-1723 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1722
+CVE-2012-1722 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (specific to Oracle Java)
 	- openjdk-7 <not-affected> (specific to Oracle Java)
-CVE-2012-1721
+CVE-2012-1721 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (specific to Oracle Java)
 	- openjdk-7 <not-affected> (specific to Oracle Java)
-CVE-2012-1720
+CVE-2012-1720 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java on Solaris)
 	- openjdk-7 <not-affected> (Only affects Java on Solaris)
-CVE-2012-1719
+CVE-2012-1719 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1718
+CVE-2012-1718 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1717
+CVE-2012-1717 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1716
+CVE-2012-1716 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1715
+CVE-2012-1715 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-1714
+CVE-2012-1714 (Unspecified vulnerability in a TList 6 ActiveX control in Oracle Hyper ...)
 	NOT-FOR-US: Oracle Hyperion Financial Management
-CVE-2012-1713
+CVE-2012-1713 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1712
+CVE-2012-1712 (Directory traversal vulnerability in the Liferay component in Oracle S ...)
 	NOT-FOR-US: Oracle Sun GlassFish Web Space Server
-CVE-2012-1711
+CVE-2012-1711 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2507-1}
 	- openjdk-6 6b24-1.11.3-1 (bug #677487)
 	- openjdk-7 7~u3-2.1.1-1 (bug #677486)
-CVE-2012-1710
+CVE-2012-1710 (Unspecified vulnerability in the Oracle WebCenter Forms Recognition co ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2012-1709
+CVE-2012-1709 (Unspecified vulnerability in the Oracle WebCenter Forms Recognition co ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2012-1708
+CVE-2012-1708 (Unspecified vulnerability in the Application Express component in Orac ...)
 	NOT-FOR-US: Oracle Database
-CVE-2012-1707
+CVE-2012-1707 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-1706
+CVE-2012-1706 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-1705
+CVE-2012-1705 (Unspecified vulnerability in the Server component in Oracle MySQL 5.1. ...)
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-1704
+CVE-2012-1704 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-1703
+CVE-2012-1703 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2496-1}
 	- mysql-5.1 5.1.62-1 (bug #670636)
 	- mysql-5.5 5.5.23-1
-CVE-2012-1702
+CVE-2012-1702 (Unspecified vulnerability in the Server component in Oracle MySQL 5.1. ...)
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-1701
+CVE-2012-1701 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1700
+CVE-2012-1700 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1699
+CVE-2012-1699 (The ProcSetEventMask function in difs/events.c in the xfs font server  ...)
 	- xfs 1:1.0.1-1
-CVE-2012-1698
+CVE-2012-1698 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote authe ...)
 	NOT-FOR-US: Solaris
-CVE-2012-1697
+CVE-2012-1697 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 5.5.23-1
-CVE-2012-1696
+CVE-2012-1696 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 5.5.23-1
-CVE-2012-1695
+CVE-2012-1695 (Unspecified vulnerability in the Oracle JRockit component in Oracle Fu ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2012-1694
+CVE-2012-1694 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attac ...)
 	NOT-FOR-US: Solaris
-CVE-2012-1693
+CVE-2012-1693 (Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers  ...)
 	NOT-FOR-US: Oracle SPARC Enterprise M Series Servers
-CVE-2012-1692
+CVE-2012-1692 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Solaris
-CVE-2012-1691
+CVE-2012-1691 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Solaris
-CVE-2012-1690
+CVE-2012-1690 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2496-1}
 	- mysql-5.1 5.1.62-1 (bug #670636)
 	- mysql-5.5 5.5.23-1
-CVE-2012-1689
+CVE-2012-1689 (Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, a ...)
 	{DSA-2496-1}
 	- mysql-5.1 <removed> (bug #682212)
 	- mysql-5.5 5.5.24+dfsg-1 (bug #682210)
-CVE-2012-1688
+CVE-2012-1688 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2496-1}
 	- mysql-5.1 5.1.62-1 (bug #670636)
 	- mysql-5.5 5.5.23-1
-CVE-2012-1687
+CVE-2012-1687 (Unspecified vulnerability in Oracle Solaris 10 and 11 allows local use ...)
 	NOT-FOR-US: Oracle Solaris 10 and 11
-CVE-2012-1686
+CVE-2012-1686 (Unspecified vulnerability in the Oracle Business Intelligence Enterpri ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1685
+CVE-2012-1685 (Unspecified vulnerability in the Secure Global Desktop component in Or ...)
 	NOT-FOR-US: Oracle Virtualization
-CVE-2012-1684
+CVE-2012-1684 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allow ...)
 	NOT-FOR-US: Solaris
-CVE-2012-1683
+CVE-2012-1683 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allow ...)
 	NOT-FOR-US: Solaris
-CVE-2012-1682
+CVE-2012-1682 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.2-1
-CVE-2012-1681
+CVE-2012-1681 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allow ...)
 	NOT-FOR-US: Solaris
-CVE-2012-1680
+CVE-2012-1680 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2012-1679
+CVE-2012-1679 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2012-1678
+CVE-2012-1678 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools compon ...)
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2012-1677
+CVE-2012-1677 (Unspecified vulnerability in the Oracle Application Server Single Sign ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-1676
+CVE-2012-1676 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2012-1674
+CVE-2012-1674 (Unspecified vulnerability in the Siebel Clinical component in Oracle I ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2012-1673
+CVE-2012-1673 (SQL injection vulnerability in loginscript.php in e-ticketing allows r ...)
 	NOT-FOR-US: e-ticketing
-CVE-2012-1672
+CVE-2012-1672 (SQL injection vulnerability in getcity.php in Hotel Booking Portal 0.1 ...)
 	NOT-FOR-US: Hotel Booking Portal
-CVE-2012-1671
+CVE-2012-1671 (Directory traversal vulnerability in index.php in phpPaleo 4.8b155 and ...)
 	NOT-FOR-US: phpPaleo
-CVE-2012-1670
+CVE-2012-1670 (admin/index.php in PHP Grade Book before 1.9.5 BETA allows remote atta ...)
 	NOT-FOR-US: PHP Grade Book
-CVE-2012-1669
+CVE-2012-1669 (Directory traversal vulnerability in index.php in phpMoneyBooks before ...)
 	NOT-FOR-US: phpMoneyBooks
 CVE-2012-1668
 	RESERVED
-CVE-2012-1667
+CVE-2012-1667 (ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9. ...)
 	{DSA-2486-1}
 	- bind9 1:9.8.1.dfsg.P1-4.1
 	- isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
-CVE-2012-1666
+CVE-2012-1666 (Untrusted search path vulnerability in VMware Tools in VMware Workstat ...)
 	NOT-FOR-US: VMware Tools
-CVE-2012-1665
+CVE-2012-1665 (Multiple SQL injection vulnerabilities in the admin panel in osCMax be ...)
 	NOT-FOR-US: osCMax
-CVE-2012-1664
+CVE-2012-1664 (Multiple cross-site scripting (XSS) vulnerabilities in the admin panel ...)
 	NOT-FOR-US: osCMax
-CVE-2012-1663
+CVE-2012-1663 (Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows  ...)
 	- gnutls28 3.0.14-1
 	- gnutls26 <not-affected> (only GNUTLS 3.0 is affected)
-CVE-2012-1662
+CVE-2012-1662 (CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP ...)
 	NOT-FOR-US: CA ARCserve Backup
-CVE-2012-1661
+CVE-2012-1661 (ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly pro ...)
 	NOT-FOR-US: ESRI ArcMap, ArcGIS
-CVE-2012-1660
+CVE-2012-1660 (Multiple cross-site scripting (XSS) vulnerabilities in components/sele ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1659
+CVE-2012-1659 (Cross-site scripting (XSS) vulnerability in the Node Recommendation mo ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1658
+CVE-2012-1658 (Cross-site scripting (XSS) vulnerability in the Read More Link module  ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1657
+CVE-2012-1657 (Cross-site scripting (XSS) vulnerability in block_class.module in the  ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1656
+CVE-2012-1656 (SQL injection vulnerability in the Multisite Search module 6.x-2.2 for ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1655
+CVE-2012-1655 (Unspecified vulnerability in the UC PayDutchGroup / WeDeal payment mod ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1654
+CVE-2012-1654 (Multiple cross-site scripting (XSS) vulnerabilities in the Data module ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1653
+CVE-2012-1653 (Cross-site scripting (XSS) vulnerability in the Taxonomy Views Integra ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1652
+CVE-2012-1652 (Cross-site scripting (XSS) vulnerability in the Hierarchical Select mo ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1651
+CVE-2012-1651 (Cross-site scripting (XSS) vulnerability in the Submenu Tree module be ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1650
+CVE-2012-1650 (The ZipCart module 6.x before 6.x-1.4 for Drupal checks the "access co ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1649
+CVE-2012-1649 (Cool Aid module before 6.x-1.9 for Drupal does not enforce access rest ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1648
+CVE-2012-1648 (Cross-site scripting (XSS) vulnerability in the Cool Aid module before ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1647
+CVE-2012-1647 (Multiple cross-site scripting (XSS) vulnerabilities in the "stand alon ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1646
+CVE-2012-1646 (Multiple cross-site scripting (XSS) vulnerabilities in the FAQ module  ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1645
+CVE-2012-1645 (The CDN module 6.x-2.2 and 7.x-2.2 for Drupal, when running in Origin  ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1644
+CVE-2012-1644 (The Organic Groups (OG) Vocabulary module 6.x-1.x before 6.x-1.2 for D ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1643
+CVE-2012-1643 (The Faster Permissions module 7.x-2.x before 7.x-1.2 for Drupal does n ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1642
+CVE-2012-1642 (includes/linkchecker.pages.inc in the Link checker module 6.x-2.x befo ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1641
+CVE-2012-1641 (The finder_import function in the Finder module 6.x-1.x before 6.x-1.2 ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1640
+CVE-2012-1640 (Multiple cross-site scripting (XSS) vulnerabilities in the Managesite  ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1639
+CVE-2012-1639 (Multiple cross-site scripting (XSS) vulnerabilities in product/commerc ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1638
+CVE-2012-1638 (SQL injection vulnerability in the Search Autocomplete module before 7 ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
 CVE-2012-1637
 	RESERVED
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1636
+CVE-2012-1636 (Cross-site request forgery (CSRF) vulnerability in the stickynote modu ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1635
+CVE-2012-1635 (The hook_node_access function in the revisioning module 7.x-1.x before ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1634
+CVE-2012-1634 (Cross-site scripting (XSS) vulnerability in video_filter.codecs.inc in ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1633
+CVE-2012-1633 (Cross-site request forgery (CSRF) vulnerability in the Password Policy ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1632
+CVE-2012-1632 (Cross-site scripting (XSS) vulnerability in password_policy.admin.inc  ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1631
+CVE-2012-1631 (Cross-site request forgery (CSRF) vulnerability in the Admin:hover mod ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1630
+CVE-2012-1630 (Cross-site scripting (XSS) vulnerability in the Taxonomy Navigator mod ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1629
+CVE-2012-1629 (Cross-site scripting (XSS) vulnerability in the Taxotouch module for D ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1628
+CVE-2012-1628 (Cross-site scripting (XSS) vulnerability in the SuperCron module for D ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1627
+CVE-2012-1627 (Cross-site scripting (XSS) vulnerability in vud_term.module in the Vot ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1626
+CVE-2012-1626 (SQL injection vulnerability in the conversion form for Events in the D ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1625
+CVE-2012-1625 (Eval injection vulnerability in the fillpdf_form_export_decode functio ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1624
+CVE-2012-1624 (Multiple cross-site scripting (XSS) vulnerabilities in the Lingotek mo ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1623
+CVE-2012-1623 (The Registration Codes module before 6.x-2.4 for Drupal does not restr ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-1622
+CVE-2012-1622 (Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to execut ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2012-1621
+CVE-2012-1621 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Open For ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2012-1620
+CVE-2012-1620 (slock 0.9 does not properly handle the XRaiseWindow event when the scr ...)
 	- suckless-tools 39-1 (unimportant; bug #667796)
 CVE-2012-1619
 	REJECTED
-CVE-2012-1618
+CVE-2012-1618 (Interaction error in the PostgreSQL JDBC driver before 8.2, when used  ...)
 	- libpgjava <not-affected> (Even the version in oldstable had 8.2)
-CVE-2012-1617
+CVE-2012-1617 (Directory traversal vulnerability in combine.php in OSClass before 2.3 ...)
 	NOT-FOR-US: OSClass not in Debian
-CVE-2012-1616
+CVE-2012-1616 (Use-after-free vulnerability in icclib before 2.13, as used by Argyll  ...)
 	- argyll 1.4.0-1
 	[squeeze] - argyll <no-dsa> (Only standalone binary in squeeze, minor impact)
 	NOTE: Starting with 1.4.0 argyll includes icclib 2.13, but it's hard to identify the
@@ -12690,119 +12690,119 @@ CVE-2012-1616
 CVE-2012-1615 [sectool dbus priv escalation]
 	RESERVED
 	NOT-FOR-US: sectool
-CVE-2012-1614
+CVE-2012-1614 (Coppermine Photo Gallery before 1.5.20 allows remote attackers to obta ...)
 	NOT-FOR-US: Coppermine
-CVE-2012-1613
+CVE-2012-1613 (Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Copper ...)
 	NOT-FOR-US: Coppermine
-CVE-2012-1612
+CVE-2012-1612 (Cross-site scripting (XSS) vulnerability in the update manager in Joom ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-1611
+CVE-2012-1611 (Joomla! 2.5.x before 2.5.4 does not properly check permissions, which  ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-1610
+CVE-2012-1610 (Integer overflow in the GetEXIFProperty function in magick/property.c  ...)
 	{DSA-2462-1}
 	- imagemagick 8:6.7.4.0-4 (bug #667635)
 CVE-2012-1609
 	RESERVED
-CVE-2012-1608
+CVE-2012-1608 (The t3lib_div::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, 4.5 ...)
 	{DSA-2445-1}
 	- typo3-src 4.5.14+dfsg1-1
-CVE-2012-1607
+CVE-2012-1607 (The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, ...)
 	{DSA-2445-1}
 	- typo3-src 4.5.14+dfsg1-1
-CVE-2012-1606
+CVE-2012-1606 (Multiple cross-site scripting (XSS) vulnerabilities in the Backend com ...)
 	{DSA-2445-1}
 	- typo3-src 4.5.14+dfsg1-1
-CVE-2012-1605
+CVE-2012-1605 (The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unser ...)
 	- typo3-src <not-affected> (vulnerable code not yet present)
-CVE-2012-1604
+CVE-2012-1604 (Cross-site scripting (XSS) vulnerability in NextBBS 0.6 allows remote  ...)
 	NOT-FOR-US: NextBBS
-CVE-2012-1603
+CVE-2012-1603 (Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0. ...)
 	NOT-FOR-US: NextBBS
-CVE-2012-1602
+CVE-2012-1602 (user.php in NextBBS 0.6 allows remote attackers to bypass authenticati ...)
 	NOT-FOR-US: NextBBS
-CVE-2012-1601
+CVE-2012-1601 (The KVM implementation in the Linux kernel before 3.3.6 allows host OS ...)
 	{DSA-2469-1}
 	- linux-2.6 3.2.17-1 (low)
-CVE-2012-1600
+CVE-2012-1600 (Multiple cross-site scripting (XSS) vulnerabilities in functions.php i ...)
 	- phppgadmin 5.0.4-1
 	[squeeze] - phppgadmin <no-dsa> (Minor issue, will be fixed through a point update)
-CVE-2012-1599
+CVE-2012-1599 (Joomla! 1.5.x before 1.5.26 does not properly check permissions, which ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-1598
+CVE-2012-1598 (Joomla! 1.5.x before 1.5.26 has unspecified impact and attack vectors  ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-1597
+CVE-2012-1597 (Cross-site scripting (XSS) vulnerability in the textEncode function in ...)
 	NOT-FOR-US: eZ Publish
-CVE-2012-1596
+CVE-2012-1596 (The mp2t_process_fragmented_payload function in epan/dissectors/packet ...)
 	- wireshark 1.6.6-1 (unimportant; bug #666058)
 	NOTE: Not suitable for code injection
-CVE-2012-1595
+CVE-2012-1595 (The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wi ...)
 	- wireshark 1.6.6-1 (bug #666058)
 	[squeeze] - wireshark 1.2.11-6+squeeze7
-CVE-2012-1594
+CVE-2012-1594 (epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wir ...)
 	- wireshark 1.6.6-1 (unimportant; bug #666058)
 	NOTE: Not suitable for code injection
-CVE-2012-1593
+CVE-2012-1593 (epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1 ...)
 	- wireshark 1.6.6-1 (unimportant; bug #666058)
 	[squeeze] - wireshark 1.2.11-6+squeeze7
 	NOTE: Not suitable for code injection
 CVE-2012-1592
 	RESERVED
 	- libstruts1.2-java <not-affected> (Only applies to Struts 2, see bug #657870)
-CVE-2012-1591
+CVE-2012-1591 (The image module in Drupal 7.x before 7.14 does not properly check per ...)
 	- drupal7 7.14-1 (bug #671402)
-CVE-2012-1590
+CVE-2012-1590 (The forum list in Drupal 7.x before 7.14 does not properly check user  ...)
 	- drupal7 7.14-1 (bug #671402)
-CVE-2012-1589
+CVE-2012-1589 (Open redirect vulnerability in the Form API in Drupal 7.x before 7.13  ...)
 	- drupal7 7.14-1 (bug #671402)
-CVE-2012-1588
+CVE-2012-1588 (Algorithmic complexity vulnerability in the _filter_url function in th ...)
 	- drupal7 7.14-1 (bug #671402)
 CVE-2012-1587
 	REJECTED
-CVE-2012-1585
+CVE-2012-1585 (OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticat ...)
 	- nova 2012-1~rc3-1 (bug #666888)
-CVE-2012-1584
+CVE-2012-1584 (Integer overflow in the mid function in toolkit/tbytevector.cpp in Tag ...)
 	- taglib 1.7.1-1 (low; bug #662705)
 	[squeeze] - taglib <no-dsa> (Minor issue)
-CVE-2012-1583
+CVE-2012-1583 (Double free vulnerability in the xfrm6_tunnel_rcv function in net/ipv6 ...)
 	- linux-2.6 2.6.22-1
-CVE-2012-1582
+CVE-2012-1582 (Cross-site scripting (XSS) vulnerability in the wikitext parser in Med ...)
 	- mediawiki 1:1.15.5-9 (bug #666269)
 	[squeeze] - mediawiki <end-of-life>
-CVE-2012-1581
+CVE-2012-1581 (MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak rand ...)
 	- mediawiki 1:1.15.5-9 (bug #666269)
 	[squeeze] - mediawiki <end-of-life>
-CVE-2012-1580
+CVE-2012-1580 (Cross-site request forgery (CSRF) vulnerability in Special:Upload in M ...)
 	- mediawiki <not-affected> (Vulnerable code not present, see bug #666269)
-CVE-2012-1579
+CVE-2012-1579 (The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x befor ...)
 	- mediawiki <not-affected> (Vulnerable code not present, see bug #666269)
-CVE-2012-1578
+CVE-2012-1578 (Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWik ...)
 	- mediawiki <not-affected> (Vulnerable code not present, see bug #666269)
 CVE-2012-1577
 	RESERVED
 	- dietlibc 0.33~cvs20120325-1 (unimportant)
-CVE-2012-1576
+CVE-2012-1576 (The myuser_delete function in libathemecore/account.c in Atheme 5.x be ...)
 	NOT-FOR-US: atheme
-CVE-2012-1575
+CVE-2012-1575 (Multiple cross-site scripting (XSS) vulnerabilities in Cumin before r5 ...)
 	NOT-FOR-US: cumin
-CVE-2012-1574
+CVE-2012-1574 (The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.20 ...)
 	- hadoop <itp> (bug #535861)
-CVE-2012-1573
+CVE-2012-1573 (gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3 ...)
 	{DSA-2441-1}
 	- gnutls26 2.12.18-1 (high)
 	- gnutls28 3.0.17-2 (high)
 CVE-2012-1572
 	RESERVED
 	- keystone 2012.1~rc2-1
-CVE-2012-1571
+CVE-2012-1571 (file before 5.11 and libmagic allow remote attackers to cause a denial ...)
 	{DSA-2422-1}
 	- file 5.11-1 (low; bug #664263)
-CVE-2012-1570
+CVE-2012-1570 (The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 over ...)
 	- maradns 1.4.12-1 (bug #665012)
 	[squeeze] - maradns 1.4.03-1.1+squeeze1
-CVE-2012-1569
+CVE-2012-1569 (The asn1_get_length_der function in decoding.c in GNU Libtasn1 before  ...)
 	{DSA-2440-1}
 	- libtasn1-3 2.12-1 (high)
-CVE-2012-1568
+CVE-2012-1568 (The ExecShield feature in a certain Red Hat patch for the Linux kernel ...)
 	- linux-2.6 <not-affected> (execshield issue)
 CVE-2012-1567
 	RESERVED
@@ -12810,9 +12810,9 @@ CVE-2012-1567
 CVE-2012-1566
 	RESERVED
 	NOT-FOR-US: LinuxMint
-CVE-2012-1565
+CVE-2012-1565 (Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and ...)
 	NOT-FOR-US: eZ Publish
-CVE-2012-1564
+CVE-2012-1564 (Cross-site scripting (XSS) vulnerability in administration/create_albu ...)
 	NOT-FOR-US: YVS
 CVE-2012-1563
 	RESERVED
@@ -12820,18 +12820,18 @@ CVE-2012-1563
 CVE-2012-1562
 	RESERVED
 	NOT-FOR-US: Joomla!
-CVE-2012-1561
+CVE-2012-1561 (Cross-site scripting (XSS) vulnerability in the Finder module 6.x-1.x  ...)
 	NOT-FOR-US: Drupal Finder
 CVE-2012-1560
 	RESERVED
 CVE-2012-1559
 	RESERVED
-CVE-2012-1558
+CVE-2012-1558 (yaSSL CyaSSL before 2.0.8 allows remote attackers to cause a denial of ...)
 	- cyassl <not-affected> (Fixed before initial upload)
 	NOTE: https://github.com/cyassl/cyassl/commit/6b77c8967aa34f2a0bae85e90a469c4170cb2bb1
-CVE-2012-1557
+CVE-2012-1557 (SQL injection vulnerability in admin/plib/api-rpc/Agent.php in Paralle ...)
 	NOT-FOR-US: Parallels Plesk Panel
-CVE-2012-1556
+CVE-2012-1556 (Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 f ...)
 	NOT-FOR-US: Synology DiskStation Manager extension
 CVE-2012-1555
 	RESERVED
@@ -12853,111 +12853,111 @@ CVE-2012-1547
 	RESERVED
 CVE-2012-1546
 	RESERVED
-CVE-2012-1545
+CVE-2012-1545 (Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-1544
 	REJECTED
-CVE-2012-1543
+CVE-2012-1543 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 CVE-2012-1542
 	RESERVED
-CVE-2012-1541
+CVE-2012-1541 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2012-1540
 	RESERVED
-CVE-2012-1539
+CVE-2012-1539 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1538
+CVE-2012-1538 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1537
+CVE-2012-1537 (Heap-based buffer overflow in DirectPlay in DirectX 9.0 through 11.1 i ...)
 	NOT-FOR-US: DirectX 9.0 in Microsoft Windows
 CVE-2012-1536
 	RESERVED
-CVE-2012-1535
+CVE-2012-1535 (Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2012-1534
 	REJECTED
-CVE-2012-1533
+CVE-2012-1533 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2012-1532
+CVE-2012-1532 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2012-1531
+CVE-2012-1531 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2012-1530
+CVE-2012-1530 (Heap-based buffer overflow in the XSLT engine in Adobe Reader and Acro ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2012-1529
+CVE-2012-1529 (Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 al ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2012-1528
+CVE-2012-1528 (Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1527
+CVE-2012-1527 (Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1526
+CVE-2012-1526 (Microsoft Internet Explorer 6 and 7 does not properly handle objects i ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1525
+CVE-2012-1525 (Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-1524
+CVE-2012-1524 (Microsoft Internet Explorer 9 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1523
+CVE-2012-1523 (Microsoft Internet Explorer 6 through 8 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1522
+CVE-2012-1522 (Microsoft Internet Explorer 9 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1521
+CVE-2012-1521 (Use-after-free vulnerability in the XML parser in Google Chrome before ...)
 	- chromium-browser 18.0.1025.168~r134367-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2012-1520
+CVE-2012-1520 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-1519
 	RESERVED
-CVE-2012-1518
+CVE-2012-1518 (VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, V ...)
 	NOT-FOR-US: VMware
-CVE-2012-1517
+CVE-2012-1517 (The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handl ...)
 	NOT-FOR-US: VMware
-CVE-2012-1516
+CVE-2012-1516 (The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 ...)
 	NOT-FOR-US: VMware
-CVE-2012-1515
+CVE-2012-1515 (VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properl ...)
 	NOT-FOR-US: VMware ESXi
-CVE-2012-1514
+CVE-2012-1514 (Cross-site request forgery (CSRF) vulnerability in VMware vShield Mana ...)
 	NOT-FOR-US: VMware vShield Manager
-CVE-2012-1513
+CVE-2012-1513 (The Web Configuration tool in VMware vCenter Orchestrator (vCO) 4.0 be ...)
 	NOT-FOR-US: VMware vCenter Orchestrator
-CVE-2012-1512
+CVE-2012-1512 (Cross-site scripting (XSS) vulnerability in the internal browser in vS ...)
 	NOT-FOR-US: VMware vSphere
-CVE-2012-1511
+CVE-2012-1511 (Cross-site scripting (XSS) vulnerability in View Manager Portal in VMw ...)
 	NOT-FOR-US: VMware View
-CVE-2012-1510
+CVE-2012-1510 (Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, an ...)
 	NOT-FOR-US: VMware ESXi
-CVE-2012-1509
+CVE-2012-1509 (Buffer overflow in the XPDM display driver in VMware View before 4.6.1 ...)
 	NOT-FOR-US: VMware View
-CVE-2012-1508
+CVE-2012-1508 (The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4 ...)
 	NOT-FOR-US: VMware ESXi
-CVE-2012-1507
+CVE-2012-1507 (Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM befor ...)
 	NOT-FOR-US: OrangeHRM
-CVE-2012-1506
+CVE-2012-1506 (SQL injection vulnerability in the updateStatus function in lib/models ...)
 	NOT-FOR-US: OrangeHRM
 CVE-2012-1505
 	RESERVED
 CVE-2012-1504
 	RESERVED
-CVE-2012-1503
+CVE-2012-1503 (Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Ap ...)
 	NOT-FOR-US: Six Apart
-CVE-2012-1502
+CVE-2012-1502 (Double free vulnerability in the PyPAM_conv in PAMmodule.c in PyPam 0. ...)
 	{DSA-2430-1}
 	- python-pam 0.4.2-13
 CVE-2012-1501
 	REJECTED
 CVE-2012-1500
 	RESERVED
-CVE-2012-1499
+CVE-2012-1499 (The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attac ...)
 	- openjpeg <not-affected> (vulnerable code introduced after 1.3)
-CVE-2012-1498
+CVE-2012-1498 (Multiple cross-site request forgery (CSRF) vulnerabilities in Webfolio ...)
 	NOT-FOR-US: Webfolio CMS
-CVE-2012-1497
+CVE-2012-1497 (The default configuration of Movable Type before 4.38, 5.0x before 5.0 ...)
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
 CVE-2012-1496
@@ -12970,7 +12970,7 @@ CVE-2012-1102 [XML::Atom Perl module XML entity expansion]
 	- libxml-atom-perl 0.39-1 (medium)
 CVE-2012-1494
 	RESERVED
-CVE-2012-1493
+CVE-2012-1493 (F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x  ...)
 	NOT-FOR-US: F5 BIG-IP appliances
 CVE-2012-1492
 	RESERVED
@@ -12986,225 +12986,225 @@ CVE-2012-1487
 	RESERVED
 CVE-2012-1486
 	RESERVED
-CVE-2012-1485
+CVE-2012-1485 (Unspecified vulnerability in the NetFront Life Browser (com.access_com ...)
 	NOT-FOR-US: NetFront Life Browser for Android
-CVE-2012-1484
+CVE-2012-1484 (Unspecified vulnerability in the WaliSMS CN (cn.com.wali.walisms) appl ...)
 	NOT-FOR-US: WaliSMS CN (cn.com.wali.walisms) application
-CVE-2012-1483
+CVE-2012-1483 (Unspecified vulnerability in the Message Forwarder (com.gmail.zbnetium ...)
 	NOT-FOR-US: Message Forwarder for Android
-CVE-2012-1482
+CVE-2012-1482 (Unspecified vulnerability in the TouchPal Contacts (com.cootek.smartdi ...)
 	NOT-FOR-US: TouchPal Contacts for Android
-CVE-2012-1481
+CVE-2012-1481 (Unspecified vulnerability in the Textdroid (com.app.android.textdroid) ...)
 	NOT-FOR-US: Textdroid for Android
-CVE-2012-1480
+CVE-2012-1480 (Unspecified vulnerability in the Pansi SMS (com.pansi.msg) application ...)
 	NOT-FOR-US: Pansi SMS
-CVE-2012-1479
+CVE-2012-1479 (Unspecified vulnerability in the AContact (com.movester.quickcontact)  ...)
 	NOT-FOR-US: AContact
-CVE-2012-1478
+CVE-2012-1478 (Unspecified vulnerability in the UCMobile BloveStorm (com.blovestorm)  ...)
 	NOT-FOR-US: UCMobile BloveStorm
-CVE-2012-1477
+CVE-2012-1477 (Unspecified vulnerability in the Cnectd (mci.cnectd) application 3.1.0 ...)
 	NOT-FOR-US: Cnectd
-CVE-2012-1476
+CVE-2012-1476 (Unspecified vulnerability in the KKtalk (com.kkliaotian.android) appli ...)
 	NOT-FOR-US: KKtalk
-CVE-2012-1475
+CVE-2012-1475 (Unspecified vulnerability in the YagattaTalk Messenger (com.iskoot.yag ...)
 	NOT-FOR-US: YagattaTalk Messenge
-CVE-2012-1474
+CVE-2012-1474 (Unspecified vulnerability in the Youni SMS (com.snda.youni) applicatio ...)
 	NOT-FOR-US: Youni SMS
 CVE-2012-1473
 	RESERVED
-CVE-2012-1472
+CVE-2012-1472 (VMware vCenter Chargeback Manager (aka CBM) before 2.0.1 does not prop ...)
 	NOT-FOR-US: VMware vCenter Chargeback Manager
-CVE-2012-1471
+CVE-2012-1471 (Directory traversal vulnerability in catalogue_file.php in ocPortal be ...)
 	- ocportal <itp> (bug #625865)
-CVE-2012-1470
+CVE-2012-1470 (Multiple cross-site scripting (XSS) vulnerabilities in code_editor.php ...)
 	- ocportal <itp> (bug #625865)
-CVE-2012-1469
+CVE-2012-1469 (Multiple cross-site scripting (XSS) vulnerabilities in Open Journal Sy ...)
 	- ojs <removed> (low)
 	[squeeze] - ojs <no-dsa> (Minor issue)
-CVE-2012-1468
+CVE-2012-1468 (Incomplete blacklist vulnerability in Open Journal Systems before 2.3. ...)
 	- ojs <removed> (low)
 	[squeeze] - ojs <no-dsa> (Minor issue)
-CVE-2012-1467
+CVE-2012-1467 (Multiple directory traversal vulnerabilities in the iBrowser plugin li ...)
 	- ojs <removed> (low)
 	[squeeze] - ojs <no-dsa> (Minor issue)
-CVE-2012-1466
+CVE-2012-1466 (The Traffic Grapher Server for NetMechanica NetDecision before 4.6.1 a ...)
 	NOT-FOR-US: NetMechanica NetDecision
-CVE-2012-1465
+CVE-2012-1465 (Stack-based buffer overflow in the HTTP Server in NetMechanica NetDeci ...)
 	NOT-FOR-US: NetMechanica NetDecision
-CVE-2012-1464
+CVE-2012-1464 (Dashboard Server for NetMechanica NetDecision before 4.6.1 allows remo ...)
 	NOT-FOR-US: NetMechanica NetDecision
-CVE-2012-1463
+CVE-2012-1463 (The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitd ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1462
+CVE-2012-1462 (The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG  ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1461
+CVE-2012-1461 (The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, C ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1460
+CVE-2012-1460 (The Gzip file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Ca ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1459
+CVE-2012-1459 (The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avir ...)
 	- clamav 0.97.5+dfsg-1 (low; bug #668273)
 	[squeeze] - clamav 0.97.5+dfsg-3~squeeze1
-CVE-2012-1458
+CVE-2012-1458 (The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4 ...)
 	- clamav 0.97.5+dfsg-1 (low; bug #668273)
 	[squeeze] - clamav 0.97.5+dfsg-3~squeeze1
-CVE-2012-1457
+CVE-2012-1457 (The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2. ...)
 	- clamav 0.97.5+dfsg-1 (low; bug #668273)
 	[squeeze] - clamav 0.97.5+dfsg-3~squeeze1
-CVE-2012-1456
+CVE-2012-1456 (The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1455
+CVE-2012-1455 (The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83 ...)
 	NOT-FOR-US: NOD32 Antivirus, Rising Antivirus
-CVE-2012-1454
+CVE-2012-1454 (The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gate ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1453
+CVE-2012-1453 (The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120 ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1452
+CVE-2012-1452 (The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Uti ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1451
+CVE-2012-1451 (The CAB file parser in Emsisoft Anti-Malware 5.1.0.1 and Ikarus Virus  ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1450
+CVE-2012-1450 (The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Sophos Anti-Viru ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1449
+CVE-2012-1449 (The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83 ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1448
+CVE-2012-1448 (The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend Mic ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1447
+CVE-2012-1447 (The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, D ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1446
+CVE-2012-1446 (The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee An ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1445
+CVE-2012-1445 (The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, F ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1444
+CVE-2012-1444 (The ELF file parser in eSafe 7.0.17.0, Prevx 3.0, Fortinet Antivirus 4 ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1443
+CVE-2012-1443 (The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Qu ...)
 	NOTE: clamav, but upstream evaluated it as invalid (#668273)
-CVE-2012-1442
+CVE-2012-1442 (The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee An ...)
 	NOT-FOR-US: Multiple Antivirus applications
-CVE-2012-1441
+CVE-2012-1441 (The Microsoft EXE file parser in eSafe 7.0.17.0 and Prevx 3.0 allows r ...)
 	NOT-FOR-US: eSafe, Prevx
-CVE-2012-1440
+CVE-2012-1440 (The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eT ...)
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1439
+CVE-2012-1439 (The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, F ...)
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1438
+CVE-2012-1438 (The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos A ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1437
+CVE-2012-1437 (The Microsoft Office file parser in Comodo Antivirus 7425 allows remot ...)
 	NOT-FOR-US: Comodo Antivirus 7425
-CVE-2012-1436
+CVE-2012-1436 (The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.1 ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1435
+CVE-2012-1435 (The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.1 ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1434
+CVE-2012-1434 (The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.1 ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1433
+CVE-2012-1433 (The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.1 ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1432
+CVE-2012-1432 (The Microsoft EXE file parser in Emsisoft Anti-Malware 5.1.0.1, eSafe  ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1431
+CVE-2012-1431 (The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Co ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1430
+CVE-2012-1430 (The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7 ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1429
+CVE-2012-1429 (The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisof ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1428
+CVE-2012-1428 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman An ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1427
+CVE-2012-1427 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman An ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1426
+CVE-2012-1426 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command A ...)
 	NOT-FOR-US: multiple Anti-Virus applications
-CVE-2012-1425
+CVE-2012-1425 (The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2. ...)
 	NOT-FOR-US: Multiple Antivirus applications
-CVE-2012-1424
+CVE-2012-1424 (The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat ...)
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1423
+CVE-2012-1423 (The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malwa ...)
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1422
+CVE-2012-1422 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, NOD32 Ant ...)
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1421
+CVE-2012-1421 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman An ...)
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1420
+CVE-2012-1420 (The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command A ...)
 	NOT-FOR-US: multiple Antivirus applications
-CVE-2012-1419
+CVE-2012-1419 (The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal ...)
 	- clamav 0.97.5+dfsg-1 (low; bug #668273)
 	[squeeze] - clamav 0.97.5+dfsg-3~squeeze1
-CVE-2012-1418
+CVE-2012-1418 (Multiple unspecified vulnerabilities in Google Chrome before 17.0.963. ...)
 	NOT-FOR-US: Chrome books
-CVE-2012-1417
+CVE-2012-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Local Phone boo ...)
 	NOT-FOR-US: Yealink VoIP Phone
-CVE-2012-1416
+CVE-2012-1416 (Multiple cross-site request forgery (CSRF) vulnerabilities in SocialCM ...)
 	NOT-FOR-US: SocialCMS
-CVE-2012-1415
+CVE-2012-1415 (Cross-site request forgery (CSRF) vulnerability in lib/logout.php in D ...)
 	NOT-FOR-US: DFLabs PTK
-CVE-2012-1414
+CVE-2012-1414 (Cross-site request forgery (CSRF) vulnerability in manager/news.php in ...)
 	NOT-FOR-US: Plume CMS
-CVE-2012-1413
+CVE-2012-1413 (Cross-site scripting (XSS) vulnerability in zc_install/includes/module ...)
 	NOT-FOR-US: Zen Cart
 CVE-2012-1412
 	RESERVED
 CVE-2012-1411
 	RESERVED
-CVE-2012-1410
+CVE-2012-1410 (Multiple cross-site scripting (XSS) vulnerabilities in the History Win ...)
 	- kadu 0.11.0-1
 	[squeeze] - kadu <not-affected> (Only affects >= 0.9)
-CVE-2012-1409
+CVE-2012-1409 (Unspecified vulnerability in the Tiny Password (com.tinycouch.android. ...)
 	NOT-FOR-US: Tiny Password
-CVE-2012-1408
+CVE-2012-1408 (Unspecified vulnerability in the App Lock (com.cc.applock) application ...)
 	NOT-FOR-US: App Lock
-CVE-2012-1407
+CVE-2012-1407 (Unspecified vulnerability in the GO Message Widget (com.gau.go.launche ...)
 	NOT-FOR-US: GO Message Widget
-CVE-2012-1406
+CVE-2012-1406 (Unspecified vulnerability in the GO Bookmark Widget (com.gau.go.launch ...)
 	NOT-FOR-US: GO Bookmark Widget
-CVE-2012-1405
+CVE-2012-1405 (Unspecified vulnerability in the GO Note Widget (com.gau.go.launcherex ...)
 	NOT-FOR-US: GO Note Widget
-CVE-2012-1404
+CVE-2012-1404 (Unspecified vulnerability in the Dolphin Browser Mini (com.dolphin.bro ...)
 	NOT-FOR-US: Dolphin Browser Mini
-CVE-2012-1403
+CVE-2012-1403 (Unspecified vulnerability in the Dolphin Browser CN (com.dolphin.brows ...)
 	NOT-FOR-US: Dolphin Browser CN
-CVE-2012-1402
+CVE-2012-1402 (Unspecified vulnerability in the QianXun YingShi (com.qianxun.yingshi) ...)
 	NOT-FOR-US: QianXun YingShi
-CVE-2012-1401
+CVE-2012-1401 (Unspecified vulnerability in the CamScanner (com.intsig.camscanner) ap ...)
 	NOT-FOR-US: CamScanner
-CVE-2012-1400
+CVE-2012-1400 (Unspecified vulnerability in the U+Box 2.0 Pad (lg.uplusbox.pad) appli ...)
 	NOT-FOR-US: U+Box
-CVE-2012-1399
+CVE-2012-1399 (Unspecified vulnerability in the U+Box 2.0 (lg.uplusbox) application 2 ...)
 	NOT-FOR-US: U+Box
-CVE-2012-1398
+CVE-2012-1398 (Unspecified vulnerability in the GO WeiboWidget (com.gau.go.launcherex ...)
 	NOT-FOR-US: GO WeiboWidget
-CVE-2012-1397
+CVE-2012-1397 (Unspecified vulnerability in the GO QQWeiboWidget (com.gau.go.launcher ...)
 	NOT-FOR-US: GO QQWeiboWidget
-CVE-2012-1396
+CVE-2012-1396 (Unspecified vulnerability in the GO FBWidget (com.gau.go.launcherex.go ...)
 	NOT-FOR-US: GO FBWidget
-CVE-2012-1395
+CVE-2012-1395 (Unspecified vulnerability in the GO TwiWidget (com.gau.go.launcherex.g ...)
 	NOT-FOR-US: GO TwiWidget
-CVE-2012-1394
+CVE-2012-1394 (Unspecified vulnerability in the GO Email Widget (com.gau.go.launchere ...)
 	NOT-FOR-US: GO Email Widget
-CVE-2012-1393
+CVE-2012-1393 (Unspecified vulnerability in the GO SMS Pro (com.jb.gosms) application ...)
 	NOT-FOR-US: GO SMS Pro
-CVE-2012-1392
+CVE-2012-1392 (Unspecified vulnerability in the Dolphin Browser HD (mobi.mgeek.TunnyB ...)
 	NOT-FOR-US: Dolphin Browser HD
-CVE-2012-1391
+CVE-2012-1391 (Unspecified vulnerability in the mOffice - Outlook sync (com.innov8tio ...)
 	NOT-FOR-US: mOffice - Outlook sync
-CVE-2012-1390
+CVE-2012-1390 (Unspecified vulnerability in the Miso (com.bazaarlabs.miso) applicatio ...)
 	NOT-FOR-US: Miso
-CVE-2012-1389
+CVE-2012-1389 (Unspecified vulnerability in the Di Long Weibo (com.icekirin.weibos) a ...)
 	NOT-FOR-US: Di Long Weibo
-CVE-2012-1388
+CVE-2012-1388 (Unspecified vulnerability in the XiXunTianTian (com.xixun.tiantian) ap ...)
 	NOT-FOR-US: XiXunTianTian
-CVE-2012-1387
+CVE-2012-1387 (Unspecified vulnerability in the RealTalk (com.tmsmanager.tms) applica ...)
 	NOT-FOR-US: RealTalk
-CVE-2012-1386
+CVE-2012-1386 (Unspecified vulnerability in the YouMail Visual Voicemail Plus (com.yo ...)
 	NOT-FOR-US: YouMail Visual Voicemail Plus
-CVE-2012-1385
+CVE-2012-1385 (Unspecified vulnerability in the NetEase WeiboHD (com.netease.wbhd) ap ...)
 	NOT-FOR-US: NetEase WeiboHD
-CVE-2012-1384
+CVE-2012-1384 (Unspecified vulnerability in the NetEase Pmail (com.netease.rpmms) app ...)
 	NOT-FOR-US: NetEase Pmail
-CVE-2012-1383
+CVE-2012-1383 (Unspecified vulnerability in the NetEase Reader (com.netease.pris) app ...)
 	NOT-FOR-US: NetEase Reader
-CVE-2012-1382
+CVE-2012-1382 (Unspecified vulnerability in the Youdao Dictionary (com.youdao.dict) a ...)
 	NOT-FOR-US: Youdao Dictionary
-CVE-2012-1381
+CVE-2012-1381 (Unspecified vulnerability in the NetEase CloudAlbum (com.netease.cloud ...)
 	NOT-FOR-US: NetEase CloudAlbum
-CVE-2012-1380
+CVE-2012-1380 (Unspecified vulnerability in the NetEaseWeibo (com.netease.wb) applica ...)
 	NOT-FOR-US: NetEaseWeibo
 CVE-2012-1379
 	RESERVED
@@ -13224,25 +13224,25 @@ CVE-2012-1372
 	RESERVED
 CVE-2012-1371
 	RESERVED
-CVE-2012-1370
+CVE-2012-1370 (Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 allows re ...)
 	NOT-FOR-US: Cisco
 CVE-2012-1369
 	RESERVED
 CVE-2012-1368
 	RESERVED
-CVE-2012-1367
+CVE-2012-1367 (The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and ...)
 	NOT-FOR-US: Cisco
-CVE-2012-1366
+CVE-2012-1366 (Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listene ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-1365
+CVE-2012-1365 (Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote authent ...)
 	NOT-FOR-US: Cisco
-CVE-2012-1364
+CVE-2012-1364 (Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote authent ...)
 	NOT-FOR-US: Cisco
 CVE-2012-1363
 	RESERVED
 CVE-2012-1362
 	RESERVED
-CVE-2012-1361
+CVE-2012-1361 (Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold (MMoH) featu ...)
 	NOT-FOR-US: Cisco
 CVE-2012-1360
 	RESERVED
@@ -13250,7 +13250,7 @@ CVE-2012-1359
 	RESERVED
 CVE-2012-1358
 	RESERVED
-CVE-2012-1357
+CVE-2012-1357 (The igmp_snoop_orib_fill_source_update function in the IGMP process in ...)
 	NOT-FOR-US: NX-OS
 CVE-2012-1356
 	RESERVED
@@ -13264,37 +13264,37 @@ CVE-2012-1352
 	RESERVED
 CVE-2012-1351
 	RESERVED
-CVE-2012-1350
+CVE-2012-1350 (Cisco IOS 12.3 and 12.4 on Aironet access points allows remote attacke ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-1349
 	RESERVED
-CVE-2012-1348
+CVE-2012-1348 (Cisco Wide Area Application Services (WAAS) appliances with software 4 ...)
 	NOT-FOR-US: Cisco Wide Area Application Services
 CVE-2012-1347
 	RESERVED
-CVE-2012-1346
+CVE-2012-1346 (Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause ...)
 	NOT-FOR-US: Cisco Emergency Responder
 CVE-2012-1345
 	RESERVED
-CVE-2012-1344
+CVE-2012-1344 (Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, allo ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-1343
 	RESERVED
-CVE-2012-1342
+CVE-2012-1342 (Cisco Carrier Routing System (CRS) 3.9, 4.0, and 4.1 allows remote att ...)
 	NOT-FOR-US: Cisco Carrier Routing System
 CVE-2012-1341
 	RESERVED
-CVE-2012-1340
+CVE-2012-1340 (The Fibre Channel over IP (FCIP) implementation in Cisco MDS NX-OS 4.2 ...)
 	NOT-FOR-US: Cisco MDS NX-OS
-CVE-2012-1339
+CVE-2012-1339 (The Fabric Interconnect component in Cisco Unified Computing System (U ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-1338
+CVE-2012-1338 (Cisco IOS 15.0 and 15.1 on Catalyst 3560 and 3750 series switches allo ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-1337
+CVE-2012-1337 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-1336
+CVE-2012-1336 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2012-1335
+CVE-2012-1335 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L ...)
 	NOT-FOR-US: Cisco WebEx
 CVE-2012-1334
 	RESERVED
@@ -13308,15 +13308,15 @@ CVE-2012-1330
 	RESERVED
 CVE-2012-1329
 	RESERVED
-CVE-2012-1328
+CVE-2012-1328 (Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2  ...)
 	NOT-FOR-US: Cisco IP Phone
-CVE-2012-1327
+CVE-2012-1327 (dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 al ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-1326
 	RESERVED
 CVE-2012-1325
 	RESERVED
-CVE-2012-1324
+CVE-2012-1324 (Race condition in the Zone-Based Firewall in Cisco IOS 15.1 and 15.2,  ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-1323
 	RESERVED
@@ -13330,25 +13330,25 @@ CVE-2012-1319
 	RESERVED
 CVE-2012-1318
 	RESERVED
-CVE-2012-1317
+CVE-2012-1317 (The multicast implementation in Cisco IOS before 15.1(1)SY allows remo ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-1316
 	RESERVED
-CVE-2012-1315
+CVE-2012-1315 (Memory leak in the SIP inspection feature in the Zone-Based Firewall i ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-1314
+CVE-2012-1314 (The WAAS Express feature in Cisco IOS 15.1 and 15.2 allows remote atta ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-1313
+CVE-2012-1313 (The remote debug shell on the PALO adapter card in Cisco Unified Compu ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-1312
+CVE-2012-1312 (The MACE feature in Cisco IOS 15.1 and 15.2 allows remote attackers to ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-1311
+CVE-2012-1311 (The RSVP feature in Cisco IOS 15.0 and 15.1 and IOS XE 3.2.xS through  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-1310
+CVE-2012-1310 (Memory leak in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1,  ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-1309
 	RESERVED
-CVE-2012-1308
+CVE-2012-1308 (Cross-site request forgery (CSRF) vulnerability in redpass.cgi in D-Li ...)
 	NOT-FOR-US: D-Link
 CVE-2012-1307
 	RESERVED
@@ -13358,11 +13358,11 @@ CVE-2012-1305
 	RESERVED
 CVE-2012-1304
 	RESERVED
-CVE-2012-1303
+CVE-2012-1303 (Multiple cross-site scripting (XSS) vulnerabilities in amCharts Flash  ...)
 	NOT-FOR-US: amCharts Flash
-CVE-2012-1302
+CVE-2012-1302 (Multiple cross-site scripting (XSS) vulnerabilities in amMap 2.6.3 all ...)
 	NOT-FOR-US: amMap
-CVE-2012-1301
+CVE-2012-1301 (The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to  ...)
 	NOT-FOR-US: Umbraco
 CVE-2012-1300
 	RESERVED
@@ -13370,26 +13370,26 @@ CVE-2012-1299
 	RESERVED
 CVE-2012-1298
 	RESERVED
-CVE-2012-1297
+CVE-2012-1297 (Multiple cross-site request forgery (CSRF) vulnerabilities in main.php ...)
 	NOT-FOR-US: Contao
-CVE-2012-1296
+CVE-2012-1296 (Multiple cross-site scripting (XSS) vulnerabilities in apps/admin/hand ...)
 	NOT-FOR-US: Elefant CMS
 CVE-2012-1295
 	RESERVED
-CVE-2012-1294
+CVE-2012-1294 (SQL injection vulnerability in CONTIMEX Impulsio CMS allows remote att ...)
 	NOT-FOR-US: CONTIMEX Impulsio CMS
-CVE-2012-1292
+CVE-2012-1292 (Unspecified vulnerability in the MessagingSystem servlet in SAP NetWea ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-1291
+CVE-2012-1291 (Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProces ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-1290
+CVE-2012-1290 (Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp  ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-1289
+CVE-2012-1289 (Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allo ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2012-1293
+CVE-2012-1293 (Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams' F ...)
 	{DSA-2414-1}
 	- fex 20120215-1 (low; bug #660621)
-CVE-2012-1288
+CVE-2012-1288 (The UTC Fire &amp; Security GE-MC100-NTP/GPS-ZB Master Clock device us ...)
 	NOT-FOR-US: UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock
 CVE-2012-1287
 	RESERVED
@@ -13437,11 +13437,11 @@ CVE-2012-1266
 	RESERVED
 CVE-2012-1265
 	RESERVED
-CVE-2012-1264
+CVE-2012-1264 (Unspecified vulnerability in Gretech GOM Media Player before 2.1.37.50 ...)
 	NOT-FOR-US: Gretech GOM Media Player
 CVE-2012-1263
 	RESERVED
-CVE-2012-1262
+CVE-2012-1262 (Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi i ...)
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
 CVE-2012-1261
@@ -13456,52 +13456,52 @@ CVE-2012-1257
 	RESERVED
 	- pidgin <unfixed> (unimportant)
 	NOTE: Negligible local information disclosure
-CVE-2012-1256
+CVE-2012-1256 (The single sign-on (SSO) implementation in EasyVista before 2010.1.1.8 ...)
 	NOT-FOR-US: EasyVista
-CVE-2012-1255
+CVE-2012-1255 (SQL injection vulnerability in Segue 2.2.10.2 and earlier allows remot ...)
 	NOT-FOR-US: Segue (CMS)
-CVE-2012-1254
+CVE-2012-1254 (Cross-site scripting (XSS) vulnerability in Segue 2.2.10.2 and earlier ...)
 	NOT-FOR-US: Segue (CMS)
-CVE-2012-1253
+CVE-2012-1253 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0 ...)
 	- roundcube 0.7-1 (low)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
-CVE-2012-1252
+CVE-2012-1252 (Cross-site scripting (XSS) vulnerability in RSSOwl before 2.1.1 allows ...)
 	- rssowl <itp> (bug #346541)
-CVE-2012-1251
+CVE-2012-1251 (Opera before 9.63 does not properly verify X.509 certificates from SSL ...)
 	NOT-FOR-US: Opera
-CVE-2012-1250
+CVE-2012-1250 (Logitec LAN-W300N/R routers with firmware before 2.27 do not properly  ...)
 	NOT-FOR-US: Logitec LAN-W300N/R device
-CVE-2012-1249
+CVE-2012-1249 (The iLunascape application 1.0.4.0 and earlier for Android does not pr ...)
 	NOT-FOR-US: iLunascape
-CVE-2012-1248
+CVE-2012-1248 (app/config/core.php in baserCMS 1.6.15 and earlier does not properly h ...)
 	NOT-FOR-US: BaserCMS
-CVE-2012-1247
+CVE-2012-1247 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and  ...)
 	NOT-FOR-US: KENT-WEB WEB MART
-CVE-2012-1246
+CVE-2012-1246 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and  ...)
 	NOT-FOR-US: KENT-WEB WEB MART
-CVE-2012-1245
+CVE-2012-1245 (Cross-site scripting (XSS) vulnerability in the cleanup_urls function  ...)
 	NOT-FOR-US: OSQA
-CVE-2012-1244
+CVE-2012-1244 (The NTT DOCOMO sp mode mail application 5400 and earlier for Android d ...)
 	NOT-FOR-US: Android app
-CVE-2012-1243
+CVE-2012-1243 (The TwitRocker2 application before 1.0.23 for Android does not properl ...)
 	NOT-FOR-US: Android app
-CVE-2012-1242
+CVE-2012-1242 (Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou,  ...)
 	NOT-FOR-US: various Ichitaro products
-CVE-2012-1241
+CVE-2012-1241 (GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 d ...)
 	NOT-FOR-US: ActiveScriptRuby
-CVE-2012-1240
+CVE-2012-1240 (Cross-site scripting (XSS) vulnerability in the RECRUIT Dokodemo Rikun ...)
 	NOT-FOR-US: RECRUIT Dokodemo
-CVE-2012-1239
+CVE-2012-1239 (The TopAccess web-based management interface on TOSHIBA TEC e-Studio m ...)
 	NOT-FOR-US: TOSHIBA TEC e-Studio
-CVE-2012-1238
+CVE-2012-1238 (Session fixation vulnerability in SENCHA SNS before 1.0.2 allows remot ...)
 	NOT-FOR-US: SENCHA SNS
-CVE-2012-1237
+CVE-2012-1237 (Cross-site request forgery (CSRF) vulnerability in SENCHA SNS before 1 ...)
 	NOT-FOR-US: SENCHA SNS
-CVE-2012-1236
+CVE-2012-1236 (Multiple cross-site request forgery (CSRF) vulnerabilities in Janetter ...)
 	NOT-FOR-US: Janetter
-CVE-2012-1235
+CVE-2012-1235 (Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin  ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-1234
+CVE-2012-1234 (SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
 CVE-2012-1233
 	RESERVED
@@ -13515,155 +13515,155 @@ CVE-2012-1229
 	RESERVED
 CVE-2012-1228
 	RESERVED
-CVE-2012-1227
+CVE-2012-1227 (Multiple cross-site request forgery (CSRF) vulnerabilities in admin.ph ...)
 	NOT-FOR-US: pluck
-CVE-2012-1226
+CVE-2012-1226 (Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alp ...)
 	- dolibarr 3.3.4-1
-CVE-2012-1225
+CVE-2012-1225 (Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and ...)
 	- dolibarr 3.3.4-1
-CVE-2012-1224
+CVE-2012-1224 (Cross-site scripting (XSS) vulnerability in system/classes/login.php i ...)
 	NOT-FOR-US: ContentLion Alpha
-CVE-2012-1223
+CVE-2012-1223 (RabidHamster R2/Extreme 1.65 and earlier uses a small search space of  ...)
 	NOT-FOR-US: RabidHamster
-CVE-2012-1222
+CVE-2012-1222 (Stack-based buffer overflow in RabidHamster R2/Extreme 1.65 and earlie ...)
 	NOT-FOR-US: RabidHamster
-CVE-2012-1221
+CVE-2012-1221 (Directory traversal vulnerability in the telnet server in RabidHamster ...)
 	NOT-FOR-US: RabidHamster
-CVE-2012-1220
+CVE-2012-1220 (Cross-site request forgery (CSRF) vulnerability in modules/config/admi ...)
 	NOT-FOR-US: GAzie
-CVE-2012-1219
+CVE-2012-1219 (Multiple cross-site scripting (XSS) vulnerabilities in freelancerKit 2 ...)
 	NOT-FOR-US: freelancerKit
-CVE-2012-1218
+CVE-2012-1218 (Multiple SQL injection vulnerabilities in freelancerKit 2.35 allow rem ...)
 	NOT-FOR-US: freelancerKit
-CVE-2012-1217
+CVE-2012-1217 (Multiple cross-site scripting (XSS) vulnerabilities in STHS v2 Web Por ...)
 	NOT-FOR-US: STHS
-CVE-2012-1216
+CVE-2012-1216 (Multiple cross-site request forgery (CSRF) vulnerabilities in admin.ph ...)
 	NOT-FOR-US: PBBoard
-CVE-2012-1215
+CVE-2012-1215 (Cross-site scripting (XSS) vulnerability in the Add friends module in  ...)
 	NOT-FOR-US: Yoono extension
-CVE-2012-1214
+CVE-2012-1214 (Cross-site scripting (XSS) vulnerability in the Add friends module in  ...)
 	NOT-FOR-US: Yoono Desktop Application
-CVE-2012-1213
+CVE-2012-1213 (Cross-site scripting (XSS) vulnerability in zimbra/h/calendar in Zimbr ...)
 	NOT-FOR-US: Zimbra Web Client
-CVE-2012-1212
+CVE-2012-1212 (Cross-site scripting (XSS) vulnerability in the smwfOnSfSetTargetName  ...)
 	NOT-FOR-US: Semantic Enterprise Wiki
-CVE-2012-1211
+CVE-2012-1211 (Cross-site scripting (XSS) vulnerability in pfile/kommentar.php in Pow ...)
 	NOT-FOR-US: Powie pFile
-CVE-2012-1210
+CVE-2012-1210 (SQL injection vulnerability in pfile/file.php in Powie pFile 1.02 allo ...)
 	NOT-FOR-US: Powie pFile
-CVE-2012-1209
+CVE-2012-1209 (Cross-site scripting (XSS) vulnerability in backend/core/engine/base.p ...)
 	NOT-FOR-US: Fork CMS
-CVE-2012-1208
+CVE-2012-1208 (Multiple cross-site scripting (XSS) vulnerabilities in backend/core/en ...)
 	NOT-FOR-US: Fork CMS
-CVE-2012-1207
+CVE-2012-1207 (Directory traversal vulnerability in frontend/core/engine/javascript.p ...)
 	NOT-FOR-US: Fork CMS
-CVE-2012-1206
+CVE-2012-1206 (Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote ...)
 	NOT-FOR-US: Hancom Office
-CVE-2012-1205
+CVE-2012-1205 (PHP remote file inclusion vulnerability in relocate-upload.php in Relo ...)
 	NOT-FOR-US: Relocate Upload plugin
 CVE-2012-1204
 	RESERVED
-CVE-2012-1203
+CVE-2012-1203 (Cross-site request forgery (CSRF) vulnerability in starnet/index.php i ...)
 	NOT-FOR-US: SyndeoCMS
 CVE-2012-1202
 	RESERVED
 CVE-2012-1201
 	RESERVED
-CVE-2012-1200
+CVE-2012-1200 (Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow r ...)
 	NOT-FOR-US: Nova CMS
-CVE-2012-1199
+CVE-2012-1199 (Multiple PHP remote file inclusion vulnerabilities in Basic Analysis a ...)
 	- acidbase <removed> (unimportant)
 	NOTE: requires register_globals to be on
-CVE-2012-1198
+CVE-2012-1198 (base_ag_main.php in Basic Analysis and Security Engine (BASE) 1.4.5 al ...)
 	- acidbase <removed> (unimportant; bug #661020)
 	NOTE: unreproducible issue, extremely low on details in original report
-CVE-2012-1197
+CVE-2012-1197 (Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build 13 ...)
 	NOT-FOR-US: ACDSee
-CVE-2012-1196
+CVE-2012-1196 (Directory traversal vulnerability in the VulCore web service (WSVulner ...)
 	NOT-FOR-US: Lenovo ThinkManagement Console
-CVE-2012-1195
+CVE-2012-1195 (Unrestricted file upload vulnerability in andesk/managementsuite/core/ ...)
 	NOT-FOR-US: Lenovo ThinkManagement Console
-CVE-2012-1194
+CVE-2012-1194 (The resolver in the DNS Server service in Microsoft Windows Server 200 ...)
 	NOTE: DNS protocol flaw
-CVE-2012-1193
+CVE-2012-1193 (The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites c ...)
 	NOTE: DNS protocol flaw
-CVE-2012-1192
+CVE-2012-1192 (The resolver in Unbound before 1.4.11 overwrites cached server names a ...)
 	NOTE: DNS protocol flaw
-CVE-2012-1191
+CVE-2012-1191 (The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites ...)
 	- djbdns <removed>
 	NOTE: DNS protocol flaw
 	NOTE: RH made an update: https://bugzilla.redhat.com/show_bug.cgi?id=838761
-CVE-2012-0869
+CVE-2012-0869 (Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EX ...)
 	{DSA-2414-1}
 	- fex 20120215-1 (low; bug #660621)
-CVE-2012-1190
+CVE-2012-1190 (Cross-site scripting (XSS) vulnerability in the replication-setup func ...)
 	- phpmyadmin 4:3.4.10.1-1 (unimportant)
 	[lenny] - phpmyadmin <not-affected>
 	[squeeze] - phpmyadmin <not-affected>
 	NOTE: hypothetical issue
-CVE-2012-1189
+CVE-2012-1189 (Stack-based buffer overflow in modules/graphic/ssgraph/grsound.cpp in  ...)
 	- torcs 1.3.3-1 (low; bug #660555)
 	[squeeze] - torcs <no-dsa> (Minor issue)
 	- speed-dreams <itp> (bug #599884)
-CVE-2012-1188
+CVE-2012-1188 (Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before ...)
 	NOT-FOR-US: Fork CMS
 CVE-2012-1187
 	RESERVED
 	- bitlbee 3.0.4+bzr855-1 (low)
 	[squeeze] - bitlbee <no-dsa> (Minor issue)
-CVE-2012-1186
+CVE-2012-1186 (Integer overflow in the SyncImageProfiles function in profile.c in Ima ...)
 	{DSA-2462-1}
 	- imagemagick 8:6.6.9.7-7 (bug #665007)
-CVE-2012-1185
+CVE-2012-1185 (Multiple integer overflows in (1) magick/profile.c or (2) magick/prope ...)
 	{DSA-2462-1}
 	- imagemagick 8:6.6.9.7-7 (bug #665007)
-CVE-2012-1184
+CVE-2012-1184 (Stack-based buffer overflow in the ast_parse_digest function in main/u ...)
 	- asterisk 1:1.8.10.0~dfsg-1 (bug #664411)
 	[squeeze] - asterisk <not-affected> (HTTP digest authentication code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/16/10
-CVE-2012-1183
+CVE-2012-1183 (Stack-based buffer overflow in the milliwatt_generate function in the  ...)
 	{DSA-2460-1}
 	- asterisk 1:1.8.10.0~dfsg-1 (bug #664411)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/16/10
-CVE-2012-1182
+CVE-2012-1182 (The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14 ...)
 	{DSA-2450-1}
 	- samba 2:3.6.4-1 (bug #668309)
 	- samba4 4.0.0~alpha19+dfsg1-1 (bug #668309)
-CVE-2012-1181
+CVE-2012-1181 (fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Se ...)
 	{DSA-2436-1}
 	- libapache2-mod-fcgid 1:2.3.6-1.1 (bug #615814)
-CVE-2012-1180
+CVE-2012-1180 (Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1 ...)
 	{DSA-2434-1}
 	- nginx 1.1.17-1 (bug #664137)
 	NOTE: http://seclists.org/oss-sec/2012/q1/644
-CVE-2012-1179
+CVE-2012-1179 (The Linux kernel before 3.3.1, when KVM is used, allows guest OS users ...)
 	- linux-2.6 3.2.14-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-1178
+CVE-2012-1178 (The msn_oim_report_to_user function in oim.c in the MSN protocol plugi ...)
 	- pidgin 2.10.2-1 (low; bug #664030)
 	[squeeze] - pidgin <no-dsa> (Only exploitable by malicious server)
 	NOTE: http://pidgin.im/news/security/?id=61
-CVE-2012-1177
+CVE-2012-1177 (libgdata before 0.10.2 and 0.11.x before 0.11.1 does not validate SSL  ...)
 	{DSA-2482-1}
 	- libgdata 0.10.2-1 (bug #664032)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/14/3
-CVE-2012-1176
+CVE-2012-1176 (Buffer overflow in the fribidi_utf8_to_unicode function in PyFriBidi b ...)
 	- pyfribidi 0.11.0-1 (bug #663189)
 	[squeeze] - pyfribidi <no-dsa> (Minor issue)
-CVE-2012-1175
+CVE-2012-1175 (Integer overflow in the GnashImage::size method in libbase/GnashImage. ...)
 	{DSA-2435-1}
 	- gnash 0.8.10-5 (bug #664023)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/14/5
-CVE-2012-1174
+CVE-2012-1174 (The rm_rf_children function in util.c in the systemd-logind login mana ...)
 	- systemd 44-1 (bug #664364)
-CVE-2012-1173
+CVE-2012-1173 (Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow r ...)
 	{DSA-2447-1}
 	- tiff3 3.9.6-2
 	- tiff 4.0.1-2
-CVE-2012-1172
+CVE-2012-1172 (The file-upload implementation in rfc1867.c in PHP before 5.4.0 does n ...)
 	{DSA-2465-1}
 	- php5 5.4.0-1 (bug #663760)
-CVE-2012-1171
+CVE-2012-1171 (The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to by ...)
 	- php5 <removed> (unimportant)
 	NOTE: according to php's security statement, safemode bypass issues are not treated as security-relevant
 CVE-2012-1170
@@ -13675,25 +13675,25 @@ CVE-2012-1169
 CVE-2012-1168
 	RESERVED
 	- moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-1167
+CVE-2012-1167 (The JBoss Server in JBoss Enterprise Application Platform 5.1.x before ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2012-1166
+CVE-2012-1166 (The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x be ...)
 	- ldm  2:2.2.7-1 (bug #663645)
 	[squeeze] - ldm <not-affected> (Introduced in 2.2)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/ldm/+bug/953340
-CVE-2012-1165
+CVE-2012-1165 (The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL befor ...)
 	{DSA-2454-1}
 	- openssl 1.0.0h-1 (low; bug #663642)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/12/3
-CVE-2012-1164
+CVE-2012-1164 (slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a den ...)
 	{DLA-203-1}
 	- openldap 2.4.31-1 (low; bug #663644)
 	[squeeze] - openldap <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/12/4
-CVE-2012-1163
+CVE-2012-1163 (Integer overflow in the _zip_readcdir function in zip_open.c in libzip ...)
 	- libzip 0.10.1-1 (bug #664990)
 	[squeeze] - libzip <not-affected> (Only affects 0.10.x)
-CVE-2012-1162
+CVE-2012-1162 (Heap-based buffer overflow in the _zip_readcdir function in zip_open.c ...)
 	- libzip 0.10.1-1 (bug #664990)
 	[squeeze] - libzip <not-affected> (Only affects 0.10.x)
 CVE-2012-1161
@@ -13718,17 +13718,17 @@ CVE-2012-1155
 	RESERVED
 	- moodle 1.9.9.dfsg2-6 (low; bug #668411)
 	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze4
-CVE-2012-1154
+CVE-2012-1154 (mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used  ...)
 	- libapache2-mod-cluster <itp> (bug #731410)
-CVE-2012-1153
+CVE-2012-1153 (Unrestricted file upload vulnerability in addons/uploadify/uploadify.p ...)
 	NOT-FOR-US: AppRain CMS
-CVE-2012-1152
+CVE-2012-1152 (Multiple format string vulnerabilities in the error reporting function ...)
 	{DSA-2432-1}
 	- libyaml-libyaml-perl 0.38-2 (bug #661548)
-CVE-2012-1151
+CVE-2012-1151 (Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD ...)
 	{DSA-2431-1}
 	- libdbd-pg-perl 2.19.0-1 (bug #661536)
-CVE-2012-1150
+CVE-2012-1150 (Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x b ...)
 	{DLA-25-1}
 	- python2.5 <removed> (low)
 	- python2.6 2.6.8-0.1 (low)
@@ -13737,106 +13737,106 @@ CVE-2012-1150
 	- python3.1 <removed> (low)
 	[squeeze] - python2.5 <no-dsa> (Minor issue)
 	[squeeze] - python3.1 <no-dsa> (Minor issue)
-CVE-2012-1149
+CVE-2012-1149 (Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3,  ...)
 	{DSA-2487-1 DSA-2473-1}
 	- libreoffice 1:3.4.5-1
 	- openoffice.org 1:3.3.0-1
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package to migrate to libreoffice
-CVE-2012-1148
+CVE-2012-1148 (Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat  ...)
 	{DSA-2525-1}
 	- xmlrpc-c 1.16.33-3.2 (low; bug #687672)
 	[squeeze] - xmlrpc-c <no-dsa> (Minor issue)
 	- expat 2.1.0~beta3-1 (bug #663579)
-CVE-2012-1147
+CVE-2012-1147 (readfilemap.c in expat before 2.1.0 allows context-dependent attackers ...)
 	- expat <not-affected> (readfilemap.c is not used in *IX)
-CVE-2012-1146
+CVE-2012-1146 (The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in t ...)
 	- linux-2.6 3.2.10-1 (low)
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-1145
+CVE-2012-1145 (spacewalk-backend in Red Hat Network Satellite 5.4 on Red Hat Enterpri ...)
 	NOT-FOR-US: RHN Satellite
-CVE-2012-1144
+CVE-2012-1144 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	{DSA-2428-1}
 	- freetype 2.4.9-1 (bug #662864)
-CVE-2012-1143
+CVE-2012-1143 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1142
+CVE-2012-1142 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	{DSA-2428-1}
 	- freetype 2.4.9-1 (bug #662864)
-CVE-2012-1141
+CVE-2012-1141 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1140
+CVE-2012-1140 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1139
+CVE-2012-1139 (Array index error in FreeType before 2.4.9, as used in Mozilla Firefox ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1138
+CVE-2012-1138 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1137
+CVE-2012-1137 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1136
+CVE-2012-1136 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	{DSA-2428-1}
 	- freetype 2.4.9-1 (bug #662864)
-CVE-2012-1135
+CVE-2012-1135 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1134
+CVE-2012-1134 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	{DSA-2428-1}
 	- freetype 2.4.9-1 (bug #662864)
-CVE-2012-1133
+CVE-2012-1133 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	{DSA-2428-1}
 	- freetype 2.4.9-1 (bug #662864)
-CVE-2012-1132
+CVE-2012-1132 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1131
+CVE-2012-1131 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1130
+CVE-2012-1130 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1129
+CVE-2012-1129 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1128
+CVE-2012-1128 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1127
+CVE-2012-1127 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1126
+CVE-2012-1126 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...)
 	- freetype 2.4.9-1 (unimportant; bug #662864)
 	NOTE: Crash only
-CVE-2012-1125
+CVE-2012-1125 (Unrestricted file upload vulnerability in uploadify/scripts/uploadify. ...)
 	NOT-FOR-US: Kish Guest Posting Plugin for WordPress (not in Debian)
 CVE-2012-1124
 	RESERVED
 	NOT-FOR-US: phxEventManager not in Debian
-CVE-2012-1123
+CVE-2012-1123 (The mci_check_login function in api/soap/mc_api.php in the SOAP API in ...)
 	{DSA-2500-1}
 	- mantis 1.2.10-1 (bug #662858)
-CVE-2012-1122
+CVE-2012-1122 (bug_actiongroup.php in MantisBT before 1.2.9 does not properly check t ...)
 	{DSA-2500-1}
 	- mantis 1.2.10-1 (low; bug #669927)
-CVE-2012-1121
+CVE-2012-1121 (MantisBT before 1.2.9 does not properly check permissions, which allow ...)
 	- mantis 1.2.10-1 (low; bug #669926)
 	[squeeze] - mantis <not-affected> (according to maintainer)
-CVE-2012-1120
+CVE-2012-1120 (The SOAP API in MantisBT before 1.2.9 does not properly enforce the bu ...)
 	{DSA-2500-1}
 	- mantis 1.2.10-1 (low; bug #669925)
-CVE-2012-1119
+CVE-2012-1119 (MantisBT before 1.2.9 does not audit when users copy or clone a bug re ...)
 	{DSA-2500-1}
 	- mantis 1.2.10-1 (low; bug #669928)
-CVE-2012-1118
+CVE-2012-1118 (The access_has_bug_level function in core/access_api.php in MantisBT b ...)
 	{DSA-2500-1}
 	- mantis 1.2.10-1 (low; bug #669924)
-CVE-2012-1117
+CVE-2012-1117 (Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 al ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-1116
+CVE-2012-1116 (SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 al ...)
 	NOT-FOR-US: Joomla!
 CVE-2012-1115
 	RESERVED
@@ -13850,25 +13850,25 @@ CVE-2012-1114
 	[squeeze] - phpldapadmin <no-dsa> (Minor issue)
 	- ldap-account-manager 3.6-2 (low; bug #661904)
 	[squeeze] - ldap-account-manager <no-dsa> (Minor issue)
-CVE-2012-1113
+CVE-2012-1113 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	- gallery2 2.3.2.dfsg-1 (low)
 	[squeeze] - gallery2 <no-dsa> (Minor issue)
-CVE-2012-1112
+CVE-2012-1112 (Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier ...)
 	NOT-FOR-US: OpenRealty CMS not in Debian
-CVE-2012-1111
+CVE-2012-1111 (lightdm before 1.0.9 does not properly close file descriptors before o ...)
 	- lightdm 1.0.9-1 (bug #658678)
-CVE-2012-1110
+CVE-2012-1110 (Multiple cross-site scripting (XSS) vulnerabilities in Etano 1.22 and  ...)
 	NOT-FOR-US: etano not in Debian
 CVE-2012-1109
 	RESERVED
 	NOT-FOR-US: mwlib not in Debian
-CVE-2012-1108
+CVE-2012-1108 (The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier al ...)
 	- taglib 1.7.1-1 (low; bug #662705)
 	[squeeze] - taglib <no-dsa> (Minor issue)
-CVE-2012-1107
+CVE-2012-1107 (The analyzeCurrent function in ape/apeproperties.cpp in TagLib 1.7 and ...)
 	- taglib 1.7.1-1 (low; bug #662705)
 	[squeeze] - taglib <no-dsa> (Minor issue)
-CVE-2012-1106
+CVE-2012-1106 (The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly ...)
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
 CVE-2012-1105
 	RESERVED
@@ -13882,25 +13882,25 @@ CVE-2012-1104
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	- glpi 0.80.7-2 (unimportant; bug #662944)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2012-1103
+CVE-2012-1103 (emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs in ...)
 	{DSA-2416-1}
 	- notmuch 0.11.1-1
 CVE-2012-1101
 	RESERVED
 	- systemd 43-1 (bug #662029)
-CVE-2012-1100
+CVE-2012-1100 (Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and  ...)
 	NOT-FOR-US: JBoss Operations Network
-CVE-2012-1099
+CVE-2012-1099 (Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view ...)
 	{DSA-2466-1}
 	- ruby-actionpack-2.3 2.3.14-3 (bug #668607)
 	- rails 2.3.14
 	NOTE: (code lives within ruby-actionpack in unstable)
-CVE-2012-1098
+CVE-2012-1098 (Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before ...)
 	- ruby-actionpack-2.3 2.3.14-3 (bug #668977)
 	- rails 2.3.14
 	[squeeze] - rails <not-affected> (Vulnerable code not present)
 	NOTE: (code lives within ruby-actionpack in unstable)
-CVE-2012-1097
+CVE-2012-1097 (The regset (aka register set) feature in the Linux kernel before 3.2.1 ...)
 	{DSA-2443-1}
 	- linux-2.6 3.2.10-1 (low)
 CVE-2012-1096
@@ -13912,7 +13912,7 @@ CVE-2012-1096
 	[wheezy] - network-manager <ignored> (Minor issue)
 	[squeeze] - network-manager <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=793329
-CVE-2012-1095
+CVE-2012-1095 (osc before 0.134 might allow remote OBS repository servers or package  ...)
 	- osc <unfixed> (unimportant)
 	NOTE: This is ultimately a bug in the respectice terminal emulations and not a vulnerability in osc
 CVE-2012-1094
@@ -13926,102 +13926,102 @@ CVE-2012-1092
 	REJECTED
 CVE-2012-1091
 	REJECTED
-CVE-2012-1090
+CVE-2012-1090 (The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3 ...)
 	{DSA-2443-1}
 	- linux-2.6 3.2.10-1
-CVE-2012-1089
+CVE-2012-1089 (Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2012-1088
+CVE-2012-1088 (iproute2 before 3.3.0 allows local users to overwrite arbitrary files  ...)
 	- iproute 20120319-1 (unimportant)
 	NOTE: 1st issue only exploitable at build time / 2nd issue just example script in iproute-doc
-CVE-2012-1087
+CVE-2012-1087 (Cross-site scripting (XSS) vulnerability in the Post data records to f ...)
 	NOT-FOR-US: bc_post2facebook extension for TYPO3
-CVE-2012-1086
+CVE-2012-1086 (Cross-site scripting (XSS) vulnerability in the UrlTool (aeurltool) ex ...)
 	NOT-FOR-US: aeurltool extension for TYPO3
-CVE-2012-1085
+CVE-2012-1085 (Unspecified vulnerability in the BE User Switch (beuserswitch) extensi ...)
 	NOT-FOR-US: beuserswitch for TYPO3
-CVE-2012-1084
+CVE-2012-1084 (Cross-site scripting (XSS) vulnerability in the BE User Switch (beuser ...)
 	NOT-FOR-US: beuserswitch for TYPO3
-CVE-2012-1083
+CVE-2012-1083 (Cross-site request forgery (CSRF) vulnerability in the Terminal PHP Sh ...)
 	NOT-FOR-US: terminal extension TYPO3
-CVE-2012-1082
+CVE-2012-1082 (Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell (te ...)
 	NOT-FOR-US: terminal extension TYPO3
-CVE-2012-1081
+CVE-2012-1081 (Cross-site scripting (XSS) vulnerability in the Yet another Google sea ...)
 	NOT-FOR-US: ya_googlesearch extension for TYPO3
-CVE-2012-1080
+CVE-2012-1080 (Cross-site scripting (XSS) vulnerability in the Euro Calculator (skt_e ...)
 	NOT-FOR-US: skt_eurocalc extension for TYPO3
-CVE-2012-1079
+CVE-2012-1079 (Unspecified vulnerability in the Webservices for TYPO3 (typo3_webservi ...)
 	NOT-FOR-US: typo3_webservice extension for TYPO3
-CVE-2012-1078
+CVE-2012-1078 (The System Utilities (sysutils) extension 1.0.3 and earlier for TYPO3  ...)
 	NOT-FOR-US: sysutils extension for TYPO3
-CVE-2012-1077
+CVE-2012-1077 (SQL injection vulnerability in the Post data records to facebook (bc_p ...)
 	NOT-FOR-US: bc_post2facebook extension for TYPO3
-CVE-2012-1076
+CVE-2012-1076 (Cross-site scripting (XSS) vulnerability in the Documents download (rt ...)
 	NOT-FOR-US: rtg_files extension for TYPO3
-CVE-2012-1075
+CVE-2012-1075 (SQL injection vulnerability in the Documents download (rtg_files) exte ...)
 	NOT-FOR-US: rtg_files extension for TYPO3
-CVE-2012-1074
+CVE-2012-1074 (SQL injection vulnerability in the White Papers (mm_whtppr) extension  ...)
 	NOT-FOR-US: mm_whtppr extension for TYPO3
-CVE-2012-1073
+CVE-2012-1073 (Cross-site scripting (XSS) vulnerability in the Category-System (toi_c ...)
 	NOT-FOR-US: toi_category extension for TYPO3
-CVE-2012-1072
+CVE-2012-1072 (SQL injection vulnerability in the Category-System (toi_category) exte ...)
 	NOT-FOR-US: toi_category extension for TYPO3
-CVE-2012-1071
+CVE-2012-1071 (SQL injection vulnerability in the Kitchen recipe (mv_cooking) extensi ...)
 	NOT-FOR-US: mv_cooking extension for TYPO3
-CVE-2012-1070
+CVE-2012-1070 (Cross-site scripting (XSS) vulnerability in the Modern FAQ (irfaq) ext ...)
 	NOT-FOR-US: irfaq extension for TYPO3
-CVE-2012-1069
+CVE-2012-1069 (Cross-site scripting (XSS) vulnerability in module/kb/search_word in t ...)
 	NOT-FOR-US: lknSupport
-CVE-2012-1068
+CVE-2012-1068 (Cross-site scripting (XSS) vulnerability in the rc_ajax function in co ...)
 	NOT-FOR-US: WP-RecentComments plugin for WordPress
-CVE-2012-1067
+CVE-2012-1067 (SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for  ...)
 	NOT-FOR-US: WP-RecentComments plugin for WordPress
-CVE-2012-1066
+CVE-2012-1066 (Cross-site scripting (XSS) vulnerability in the template module in Sma ...)
 	NOT-FOR-US: SmartyCMS
-CVE-2012-1065
+CVE-2012-1065 (Insecure method vulnerability in TuxScripting.dll in the TuxSystem Act ...)
 	NOT-FOR-US: TuxSystem
-CVE-2012-1064
+CVE-2012-1064 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer  ...)
 	NOT-FOR-US: EMC RSA Archer
-CVE-2012-1063
+CVE-2012-1063 (Multiple SQL injection vulnerabilities in ManageEngine Applications Ma ...)
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2012-1062
+CVE-2012-1062 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Ap ...)
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2012-1061
+CVE-2012-1061 (SQL injection vulnerability in GForge Advanced Server 6.0.0 and other  ...)
 	NOT-FOR-US: GForge Advanced Server
-CVE-2012-1060
+CVE-2012-1060 (Multiple cross-site scripting (XSS) vulnerabilities in revisioning_the ...)
 	NOT-FOR-US: Taxonomy module for Drupal
-CVE-2012-1059
+CVE-2012-1059 (Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Sh ...)
 	NOT-FOR-US: shirt module in OSCommerce
-CVE-2012-1058
+CVE-2012-1058 (Cross-site request forgery (CSRF) vulnerability in Flyspray 0.9.9.6 al ...)
 	NOT-FOR-US: Flyspray
-CVE-2012-1057
+CVE-2012-1057 (Cross-site request forgery (CSRF) vulnerability in the clickthrough tr ...)
 	NOT-FOR-US: Forward module for Drupal
-CVE-2012-1056
+CVE-2012-1056 (The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3  ...)
 	NOT-FOR-US: Forward module for Drupal
-CVE-2012-1055
+CVE-2012-1055 (Heap-based buffer overflow in PhotoLine 17.01 and possibly other versi ...)
 	NOT-FOR-US: PhotoLine
-CVE-2012-1054
+CVE-2012-1054 (Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterpr ...)
 	{DSA-2419-1}
 	- puppet 2.7.11-1
-CVE-2012-1053
+CVE-2012-1053 (The change_user method in the SUIDManager (lib/puppet/util/suidmanager ...)
 	{DSA-2419-1}
 	- puppet 2.7.11-1
-CVE-2012-1052
+CVE-2012-1052 (Buffer overflow in IvanView 1.2.15 allows remote attackers to execute  ...)
 	NOT-FOR-US: IvanView
-CVE-2012-1051
+CVE-2012-1051 (Heap-based buffer overflow in Xjp2.dll in the JPEG2000 plug-in in XnVi ...)
 	NOT-FOR-US: XnView
-CVE-2012-1050
+CVE-2012-1050 (Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x before 1. ...)
 	- mathopd <removed> (low; bug #660627)
 	[lenny] - mathopd <no-dsa> (Minor issue, configuration specific)
 	[squeeze] - mathopd <no-dsa> (Minor issue, configuration specific)
 	NOTE: this is only an issue in specific configurations but not in the Debian configuration
-CVE-2012-1049
+CVE-2012-1049 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine AD ...)
 	NOT-FOR-US: ManageEngine ADManager Plus
-CVE-2012-1048
+CVE-2012-1048 (Cross-site scripting (XSS) vulnerability in communityplusplus/www/admi ...)
 	NOT-FOR-US: eFront Community++
-CVE-2012-1047
+CVE-2012-1047 (Directory traversal vulnerability in the WWWHELP Service (js/html/wwhe ...)
 	NOT-FOR-US: Cyberoam Central Console
-CVE-2012-1046
+CVE-2012-1046 (Cross-site scripting (XSS) vulnerability in TM1 Web in IBM Cognos TM1  ...)
 	NOT-FOR-US: IBM Cognos
 CVE-2012-1045
 	RESERVED
@@ -14035,153 +14035,153 @@ CVE-2012-1041
 	RESERVED
 CVE-2012-1040
 	RESERVED
-CVE-2012-1039
+CVE-2012-1039 (Multiple cross-site scripting (XSS) vulnerabilities in Dotclear before ...)
 	- dotclear 2.4.2+dfsg-1
-CVE-2012-1038
+CVE-2012-1038 (Cross-site scripting (XSS) vulnerability in the WebAAA login functiona ...)
 	NOT-FOR-US: Juniper
-CVE-2012-1037
+CVE-2012-1037 (PHP remote file inclusion vulnerability in front/popup.php in GLPI 0.7 ...)
 	- glpi 0.80.7-1 (bug #659383; unimportant)
 	[squeeze] - glpi <not-affected> (Introduced in 0.78)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2012-1036
+CVE-2012-1036 (Cross-site scripting (XSS) vulnerability in the telerik HTML editor in ...)
 	NOT-FOR-US: telerik
-CVE-2012-1035
+CVE-2012-1035 (AdaCore Ada Web Services (AWS) before 2.10.2 computes hash values for  ...)
 	NOT-FOR-US: AdaCore Ada Web Services
-CVE-2012-1034
+CVE-2012-1034 (Multiple cross-site scripting (XSS) vulnerabilities in the admin inter ...)
 	NOT-FOR-US: EPiServer CMS
-CVE-2012-1033
+CVE-2012-1033 (The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server n ...)
 	- bind9 1:9.8.1.dfsg.P1-4.1 (low)
 	[squeeze] - bind9 <no-dsa> (low-severity dns protocol design flaw)
-CVE-2012-1032
+CVE-2012-1032 (Cross-site scripting (XSS) vulnerability in the Euroling SiteSeeker mo ...)
 	NOT-FOR-US: EPiServer CMS module Euroling SiteSeeker
-CVE-2012-1031
+CVE-2012-1031 (Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in cer ...)
 	NOT-FOR-US: EPiServer CMS
-CVE-2012-1030
+CVE-2012-1030 (Cross-site scripting (XSS) vulnerability in DotNetNuke 6.x through 6.0 ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2012-1029
+CVE-2012-1029 (SQL injection vulnerability in mobile/search/index.php in Tube Ace (Ad ...)
 	NOT-FOR-US: Tube Ace
-CVE-2012-1028
+CVE-2012-1028 (Cross-site scripting (XSS) vulnerability in bin/index.php in SimpleGro ...)
 	NOT-FOR-US: SimpleGroupWare
-CVE-2012-1027
+CVE-2012-1027 (Cross-site scripting (XSS) vulnerability in account-closed.tcl in ]pro ...)
 	NOT-FOR-US: project-open
-CVE-2012-1026
+CVE-2012-1026 (Multiple SQL injection vulnerabilities in login2.php in XRay CMS 1.1.1 ...)
 	NOT-FOR-US: XRay CMS
-CVE-2012-1025
+CVE-2012-1025 (Absolute path traversal vulnerability in file in Enigma2 Webinterface  ...)
 	NOT-FOR-US: Enigma2
-CVE-2012-1024
+CVE-2012-1024 (Directory traversal vulnerability in file in Enigma2 Webinterface 1.5r ...)
 	NOT-FOR-US: Enigma2
-CVE-2012-1023
+CVE-2012-1023 (Open redirect vulnerability in admin/index.php in 4images 1.7.10 allow ...)
 	NOT-FOR-US: 4images
-CVE-2012-1022
+CVE-2012-1022 (SQL injection vulnerability in admin/categories.php in 4images 1.7.10  ...)
 	NOT-FOR-US: 4images
-CVE-2012-1021
+CVE-2012-1021 (Cross-site scripting (XSS) vulnerability in admin/categories.php in 4i ...)
 	NOT-FOR-US: 4images
-CVE-2012-1020
+CVE-2012-1020 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in Ne ...)
 	NOT-FOR-US: NexorONE Online Banking
-CVE-2012-1019
+CVE-2012-1019 (Multiple cross-site scripting (XSS) vulnerabilities in XWiki Enterpris ...)
 	NOT-FOR-US: Xwiki Enterprise
-CVE-2012-1018
+CVE-2012-1018 (Cross-site scripting (XSS) vulnerability in includes/convert.php in D- ...)
 	NOT-FOR-US: Joomla addon
-CVE-2012-1017
+CVE-2012-1017 (Multiple SQL injection vulnerabilities in base_qry_main.php in Basic A ...)
 	- acidbase <removed> (low; bug #659287)
 	[squeeze] - acidbase <no-dsa> (Minor issue)
-CVE-2012-1016
+CVE-2012-1016 (The pkinit_server_return_padata function in plugins/preauth/pkinit/pki ...)
 	- krb5 1.10.1+dfsg-4+nmu1 (bug #702633)
 	[squeeze] - krb5 <not-affected> (introduced upstream with 3725d22140c23a376dd79b69d130be8e2b91005f, not affecting 1.8.x)
-CVE-2012-1015
+CVE-2012-1015 (The kdc_handle_protected_negotiation function in the Key Distribution  ...)
 	{DSA-2518-1}
 	- krb5 1.10.1+dfsg-2 (bug #683429)
 	NOTE: http://seclists.org/bugtraq/2012/Jul/171
-CVE-2012-1014
+CVE-2012-1014 (The process_as_req function in the Key Distribution Center (KDC) in MI ...)
 	{DSA-2518-1}
 	- krb5 1.10.1+dfsg-2 (bug #683429)
 	NOTE: http://seclists.org/bugtraq/2012/Jul/171
-CVE-2012-1013
+CVE-2012-1013 (The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmi ...)
 	- krb5 1.10.1+dfsg-3 (low; bug #687647)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	NOTE: DoS only triggered by clients with admin permissions
-CVE-2012-1012
+CVE-2012-1012 (server/server_stubs.c in the kadmin protocol implementation in MIT Ker ...)
 	- krb5 1.10.1+dfsg-1 (bug #670918)
 	[squeeze] - krb5 <not-affected> (vulnerable code not present)
 	NOTE: bug was introduced in krb5 1.10
-CVE-2012-1011
+CVE-2012-1011 (actions.php in the AllWebMenus plugin 1.1.8 for WordPress allows remot ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-1010
+CVE-2012-1010 (Unrestricted file upload vulnerability in actions.php in the AllWebMen ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2012-1009
+CVE-2012-1009 (NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build  ...)
 	NOT-FOR-US: NetSarang
-CVE-2012-1008
+CVE-2012-1008 (OfficeSIP Server 3.1 allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: OfficeSIP Server
-CVE-2012-1007
+CVE-2012-1007 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1 ...)
 	- libstruts1.2-java <removed> (unimportant; bug #657870)
 	NOTE: Just examples
-CVE-2012-1006
+CVE-2012-1006 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2 ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
-CVE-2012-1005
+CVE-2012-1005 (Multiple cross-site scripting (XSS) vulnerabilities in Sphinx Software ...)
 	NOT-FOR-US: Sphinx Software Mobile Web Server
-CVE-2012-1004
+CVE-2012-1004 (Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm  ...)
 	- foswiki <itp> (bug #509864)
-CVE-2012-1003
+CVE-2012-1003 (Multiple integer overflows in Opera 11.60 and earlier allow remote att ...)
 	NOT-FOR-US: Opera
-CVE-2012-1002
+CVE-2012-1002 (SQL injection vulnerability in author/edit.php in OpenConf 4.x before  ...)
 	NOT-FOR-US: OpenConf
 CVE-2012-1001
 	RESERVED
-CVE-2012-1000
+CVE-2012-1000 (Multiple cross-site scripting (XSS) vulnerabilities in LEPTON 1.1.3 an ...)
 	NOT-FOR-US: LEPTON
-CVE-2012-0999
+CVE-2012-0999 (SQL injection vulnerability in modules/news/rss.php in LEPTON before 1 ...)
 	NOT-FOR-US: LEPTON
-CVE-2012-0998
+CVE-2012-0998 (Directory traversal vulnerability in account/preferences.php in LEPTON ...)
 	NOT-FOR-US: LEPTON
-CVE-2012-0997
+CVE-2012-0997 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in  ...)
 	NOT-FOR-US: 11in1
-CVE-2012-0996
+CVE-2012-0996 (Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12- ...)
 	NOT-FOR-US: 11in1
-CVE-2012-0995
+CVE-2012-0995 (Multiple cross-site scripting (XSS) vulnerabilities in ZENphoto 1.4.2  ...)
 	NOT-FOR-US: ZENphoto
-CVE-2012-0994
+CVE-2012-0994 (SQL injection vulnerability in the Manage Albums feature in zp-core/ad ...)
 	NOT-FOR-US: ZENphoto
-CVE-2012-0993
+CVE-2012-0993 (Eval injection vulnerability in zp-core/zp-extensions/viewer_size_imag ...)
 	NOT-FOR-US: ZENphoto
-CVE-2012-0992
+CVE-2012-0992 (interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenti ...)
 	NOT-FOR-US: OpenEMR
-CVE-2012-0991
+CVE-2012-0991 (Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow re ...)
 	NOT-FOR-US: OpenEMR
-CVE-2012-0990
+CVE-2012-0990 (Cross-site request forgery (CSRF) vulnerability in admin/settings/upda ...)
 	NOT-FOR-US: DClassifieds
-CVE-2012-0989
+CVE-2012-0989 (Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial ...)
 	NOT-FOR-US: OneOrZero AIMS
-CVE-2012-0988
+CVE-2012-0988 (Multiple cross-site scripting (XSS) vulnerabilities in config/dmsDefau ...)
 	NOT-FOR-US: KnowledgeTree
-CVE-2012-0987
+CVE-2012-0987 (Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x  ...)
 	NOT-FOR-US: ImpressCMS
-CVE-2012-0986
+CVE-2012-0986 (Multiple cross-site scripting (XSS) vulnerabilities in ImpressCMS 1.2. ...)
 	NOT-FOR-US: ImpressCMS
-CVE-2012-0985
+CVE-2012-0985 (Multiple buffer overflows in the Wireless Manager ActiveX control 4.0. ...)
 	NOT-FOR-US: Sony VAIO wireless LAN management ActiveX
-CVE-2012-0984
+CVE-2012-0984 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS before 2. ...)
 	NOT-FOR-US: Xoops
-CVE-2012-0983
+CVE-2012-0983 (SQL injection vulnerability in Scriptsez.net Ez Album allows remote at ...)
 	NOT-FOR-US: Ez Album
-CVE-2012-0982
+CVE-2012-0982 (SQL injection vulnerability in search.php in Vastal I-Tech Agent Zone  ...)
 	NOT-FOR-US: Vastal I-Tech Agent Zone
-CVE-2012-0981
+CVE-2012-0981 (Directory traversal vulnerability in phpShowtime 2.0 allows remote att ...)
 	NOT-FOR-US: phpShowtime
-CVE-2012-0980
+CVE-2012-0980 (SQL injection vulnerability in download.php in phux Download Manager a ...)
 	NOT-FOR-US: phux.org Download Manager
-CVE-2012-0979
+CVE-2012-0979 (Cross-site scripting (XSS) vulnerability in TWiki allows remote attack ...)
 	- twiki <removed>
-CVE-2012-0978
+CVE-2012-0978 (Stack-based buffer overflow in npjp2.dll in LuraWave JP2 Browser Plug- ...)
 	NOT-FOR-US: LuraWave JP2 Browser Plug-In
-CVE-2012-0977
+CVE-2012-0977 (Stack-based buffer overflow in jp2_x.dll in LuraWave JP2 ActiveX Contr ...)
 	NOT-FOR-US: LuraWave JP2 ActiveX Control
-CVE-2012-0976
+CVE-2012-0976 (Cross-site scripting (XSS) vulnerability in admin/EditForm in SilverSt ...)
 	- silverstripe <itp> (bug #528461)
-CVE-2012-0975
+CVE-2012-0975 (Cross-site scripting (XSS) vulnerability in misc.php in Image Hosting  ...)
 	NOT-FOR-US: Image Hosting Script DPI
-CVE-2012-0974
+CVE-2012-0974 (Multiple cross-site scripting (XSS) vulnerabilities in the getParam fu ...)
 	NOT-FOR-US: OSClass
-CVE-2012-0973
+CVE-2012-0973 (Multiple SQL injection vulnerabilities in OSClass before 2.3.5 allow r ...)
 	NOT-FOR-US: OSClass
 CVE-2012-0972
 	REJECTED
@@ -14203,29 +14203,29 @@ CVE-2012-0964
 	REJECTED
 CVE-2012-0963
 	REJECTED
-CVE-2012-0962
+CVE-2012-0962 (Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when impor ...)
 	- aptdaemon 0.45-2 (low)
 	[squeeze] - aptdaemon <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.launchpad.net/software-center-agent/+bug/1052789
-CVE-2012-0961
+CVE-2012-0961 (Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ub ...)
 	- apt 0.9.7.7 (bug #695832)
 	[squeeze] - apt <not-affected> (Logged as 0600 in Squeeze)
-CVE-2012-0960
+CVE-2012-0960 (Unity integration extension (unity-firefox-extension) before 2.4.1 for ...)
 	NOT-FOR-US: Ubuntu Unity extension
-CVE-2012-0959
+CVE-2012-0959 (Remote Login Service (RLS) 1.0.0 does not properly clear account infor ...)
 	NOT-FOR-US: Ubuntu remote login service
-CVE-2012-0958
+CVE-2012-0958 (content/unity-api.js in the unity-firefox-extension extension 2.4.1 fo ...)
 	NOT-FOR-US: Firefox unity-firefox extension
-CVE-2012-0957
+CVE-2012-0957 (The override_release function in kernel/sys.c in the Linux kernel befo ...)
 	- linux 3.2.32-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 3.0)
 	NOTE: https://lkml.org/lkml/2012/10/9/550
-CVE-2012-0956
+CVE-2012-0956 (ubiquity-slideshow-ubuntu before 58.2, during installation, allows rem ...)
 	NOT-FOR-US: ubiquity-slideshow-ubuntu
 CVE-2012-0955
 	RESERVED
-CVE-2012-0954
+CVE-2012-0954 (APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-ke ...)
 	- apt 0.7.25 (unimportant)
 	NOTE: net-update is not enabled by default in Debian
 CVE-2012-0953
@@ -14234,125 +14234,125 @@ CVE-2012-0952
 	RESERVED
 CVE-2012-0951
 	RESERVED
-CVE-2012-0950
+CVE-2012-0950 (The Apport hook (DistUpgradeApport.py) in Update Manager, as used by U ...)
 	- update-manager <not-affected> (Ubuntu-specific)
-CVE-2012-0949
+CVE-2012-0949 (The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10,  ...)
 	- update-manager <not-affected> (Ubuntu-specific)
-CVE-2012-0948
+CVE-2012-0948 (DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12 ...)
 	- update-manager <not-affected> (Ubuntu-specific)
-CVE-2012-0947
+CVE-2012-0947 (Heap-based buffer overflow in the vqa_decode_chunk function in the VQA ...)
 	{DSA-2471-1}
 	- libav 6:0.8.2-1
 	- ffmpeg 7:2.4.1-1
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/libav/+bug/980963
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/03/4
-CVE-2012-0946
+CVE-2012-0946 (The NVIDIA UNIX driver before 295.40 allows local users to access arbi ...)
 	- nvidia-graphics-drivers 295.40-1
 	[squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze1
 CVE-2012-0945
 	RESERVED
-CVE-2012-0944
+CVE-2012-0944 (Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does  ...)
 	- aptdaemon 0.43+bzr790-1
 	[squeeze] - aptdaemon <not-affected> (Vulnerable code not present)
-CVE-2012-0943
+CVE-2012-0943 (debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1 ...)
 	- lightdm <not-affected> (Ubuntu-specific script)
-CVE-2012-0942
+CVE-2012-0942 (Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix  ...)
 	NOT-FOR-US: RealNetworks Helix
-CVE-2012-0941
+CVE-2012-0941 (Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiG ...)
 	NOT-FOR-US: Fortinet
 CVE-2012-0940
 	RESERVED
-CVE-2012-0939
+CVE-2012-0939 (Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier  ...)
 	NOT-FOR-US: TestLink
-CVE-2012-0938
+CVE-2012-0938 (Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and  ...)
 	NOT-FOR-US: TestLink
-CVE-2012-0937
+CVE-2012-0937 (** DISPUTED ** wp-admin/setup-config.php in the installation component ...)
 	- wordpress <unfixed> (unimportant)
-CVE-2012-0936
+CVE-2012-0936 (Cross-site scripting (XSS) vulnerability in web/springframework/securi ...)
 	- opennms <itp> (bug #450615)
-CVE-2012-0935
+CVE-2012-0935 (SQL injection vulnerability in Default.aspx in Aryadad CMS allows remo ...)
 	NOT-FOR-US: Aryadad CMS
-CVE-2012-0934
+CVE-2012-0934 (PHP remote file inclusion vulnerability in ajax/savetag.php in the The ...)
 	NOT-FOR-US: Wordpress plug-in
-CVE-2012-0933
+CVE-2012-0933 (Multiple cross-site scripting (XSS) vulnerabilities in Acidcat CMS 3.5 ...)
 	NOT-FOR-US: Acidcat CMS
-CVE-2012-0932
+CVE-2012-0932 (Cross-site scripting (XSS) vulnerability in admin/login.php in Lead Ca ...)
 	NOT-FOR-US: Lead Capture Page System
-CVE-2012-0931
+CVE-2012-0931 (Schneider Electric Modicon Quantum PLC does not perform authentication ...)
 	NOT-FOR-US: Schneider Electric Modicon Quantum PLC
-CVE-2012-0930
+CVE-2012-0930 (Cross-site scripting (XSS) vulnerability in Schneider Electric Modicon ...)
 	NOT-FOR-US: Schneider Electric Modicon Quantum PLC
-CVE-2012-0929
+CVE-2012-0929 (Multiple buffer overflows in Schneider Electric Modicon Quantum PLC al ...)
 	NOT-FOR-US: Schneider Electric Modicon Quantum PLC
-CVE-2012-0928
+CVE-2012-0928 (The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0. ...)
 	NOT-FOR-US: RealPlayer
-CVE-2012-0927
+CVE-2012-0927 (Unspecified vulnerability in RealNetworks RealPlayer 11.x, 14.x, and 1 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2012-0926
+CVE-2012-0926 (The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before  ...)
 	NOT-FOR-US: RealPlayer
-CVE-2012-0925
+CVE-2012-0925 (Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer ...)
 	NOT-FOR-US: RealPlayer
-CVE-2012-0924
+CVE-2012-0924 (RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and Real ...)
 	NOT-FOR-US: RealPlayer
-CVE-2012-0923
+CVE-2012-0923 (The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before  ...)
 	NOT-FOR-US: RealPlayer
-CVE-2012-0922
+CVE-2012-0922 (rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15 ...)
 	NOT-FOR-US: RealPlayer
 CVE-2012-0921
 	RESERVED
-CVE-2012-0920
+CVE-2012-0920 (Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012. ...)
 	{DSA-2456-1}
 	- dropbear 2012.55-1 (low; bug #661150)
 	NOTE: this is limited to authenticated users with enforced command restrictions
-CVE-2012-0919
+CVE-2012-0919 (Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Dire ...)
 	NOT-FOR-US: Hitachi IT Operations Director
-CVE-2012-0918
+CVE-2012-0918 (Unspecified vulnerability in Hitachi COBOL2002 Net Developer, Net Serv ...)
 	NOT-FOR-US: Hitachi
-CVE-2012-0917
+CVE-2012-0917 (Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Anal ...)
 	NOT-FOR-US: Hitachi IT Operations Analyzer
-CVE-2012-0916
+CVE-2012-0916 (Heap-based buffer overflow in RenRen Talk 2.9 allows remote attackers  ...)
 	NOT-FOR-US: RenRen Talk
-CVE-2012-0915
+CVE-2012-0915 (Integer signedness error in RenRen Talk 2.9 allows remote attackers to ...)
 	NOT-FOR-US: RenRen Talk
-CVE-2012-0914
+CVE-2012-0914 (Cross-site scripting (XSS) vulnerability in display_renderers/panels_r ...)
 	NOT-FOR-US: admin view in the Panels module for Drupal
-CVE-2012-0913
+CVE-2012-0913 (SQL injection vulnerability in checklogin.aspx in ICloudCenter ICTimeA ...)
 	NOT-FOR-US: ICloudCenter ICTimeAttendance
-CVE-2012-0912
+CVE-2012-0912 (SQL injection vulnerability in Stoneware webNetwork before 6.0.8.0 all ...)
 	NOT-FOR-US: Stoneware webNetwork
-CVE-2012-0911
+CVE-2012-0911 (TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote att ...)
 	- tikiwiki <removed>
 	NOTE: http://seclists.org/bugtraq/2012/Jul/19
 CVE-2012-0910
 	RESERVED
-CVE-2012-0909
+CVE-2012-0909 (Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupw ...)
 	- horde3 3.3.12+debian0-2.2 (low)
 	[squeeze] - horde3 <no-dsa> (Minor issue)
-CVE-2012-0907
+CVE-2012-0907 (Directory traversal vulnerability in the web player in NeoAxis NeoAxis ...)
 	NOT-FOR-US: NeoAxis NeoAxis web player
-CVE-2012-0906
+CVE-2012-0906 (SQL injection vulnerability in the Moviebase addon for deV!L'z Clanpor ...)
 	NOT-FOR-US: deV!L'z Clanportal
-CVE-2012-0905
+CVE-2012-0905 (SQL injection vulnerability in deV!L'z Clanportal (DZCP) Gamebase addo ...)
 	NOT-FOR-US: deV!L'z Clanportal
-CVE-2012-0904
+CVE-2012-0904 (VLC media player 1.1.11 allows remote attackers to cause a denial of s ...)
 	- vlc <not-affected> (not reproducible, no public fix from the vlc team either)
-CVE-2012-0903
+CVE-2012-0903 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Desktop  ...)
 	NOT-FOR-US: Zimbra Desktop
-CVE-2012-0902
+CVE-2012-0902 (AirTies Air 4450 1.1.2.18 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: AirTies Air
-CVE-2012-0901
+CVE-2012-0901 (Cross-site scripting (XSS) vulnerability in yousaytoo.php in YouSayToo ...)
 	NOT-FOR-US: YouSayToo auto-publishing plugin for WordPress
-CVE-2012-0900
+CVE-2012-0900 (Multiple cross-site scripting (XSS) vulnerabilities in Beehive Forum 1 ...)
 	NOT-FOR-US: Beehive Forum
-CVE-2012-0899
+CVE-2012-0899 (Cross-site scripting (XSS) vulnerability in referencement/sites_inscri ...)
 	NOT-FOR-US: Annuaire PHP
-CVE-2012-0898
+CVE-2012-0898 (Directory traversal vulnerability in meb_download.php in the myEASYbac ...)
 	NOT-FOR-US: myEASYbackup plugin for WordPress
-CVE-2012-0897
+CVE-2012-0897 (Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIn ...)
 	NOT-FOR-US: IrfanView PlugIns
-CVE-2012-0896
+CVE-2012-0896 (Absolute path traversal vulnerability in download.php in the Count Per ...)
 	NOT-FOR-US: Count Per Day module for WordPress
-CVE-2012-0895
+CVE-2012-0895 (Cross-site scripting (XSS) vulnerability in map/map.php in the Count P ...)
 	NOT-FOR-US: Count Per Day module for WordPress
 CVE-2012-0894
 	RESERVED
@@ -14360,7 +14360,7 @@ CVE-2012-0893
 	RESERVED
 CVE-2012-0892
 	RESERVED
-CVE-2012-0891
+CVE-2012-0891 (Multiple cross-site scripting (XSS) vulnerabilities in Puppet Dashboar ...)
 	NOT-FOR-US: puppet-dashboard
 CVE-2012-0890
 	RESERVED
@@ -14372,134 +14372,134 @@ CVE-2012-0887
 	RESERVED
 CVE-2012-0886
 	RESERVED
-CVE-2012-0908
+CVE-2012-0908 (Cross-site scripting (XSS) vulnerability in logout.php in SimpleSAMLph ...)
 	{DSA-2387-1}
 	- simplesamlphp 1.8.2-1
 	NOTE: http://code.google.com/p/simplesamlphp/issues/detail?id=468
-CVE-2012-0884
+CVE-2012-0884 (The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 i ...)
 	{DSA-2454-1}
 	- openssl 1.0.0h-1 (low)
 	NOTE: "If a Linux distribution picks up the fix for CVE-2012-0884 then they will want to pick up change 22161 at the same time" -- http://www.openwall.com/lists/oss-security/2012/03/23/12
-CVE-2012-0883
+CVE-2012-0883 (envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 place ...)
 	- apache2 <not-affected> (LD_LIBRARY_PATH not set in debian package)
-CVE-2012-0882
+CVE-2012-0882 (Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other v ...)
 	- mysql-5.5 5.5.22 (bug #675872)
 	- cyassl <not-affected> (Fixed before initial upload to archive)
 	NOTE: limited information about issue, only a video of exploit taking place
-CVE-2012-0881
+CVE-2012-0881 (Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to ca ...)
 	- libxerces2-java <unfixed> (unimportant)
 	NOTE: Negligible impact for Xerces
-CVE-2012-0880
+CVE-2012-0880 (Apache Xerces-C++ allows remote attackers to cause a denial of service ...)
 	- xerces-c <unfixed> (unimportant)
 	NOTE: Negligible impact for Xerces
-CVE-2012-0879
+CVE-2012-0879 (The I/O implementation for block devices in the Linux kernel before 2. ...)
 	{DSA-2469-1}
 	- linux-2.6 2.6.33-1
-CVE-2012-0878
+CVE-2012-0878 (Paste Script 1.7.5 and earlier does not properly set group memberships ...)
 	- pastescript 1.7.5-2 (low; bug #661061)
 	[squeeze] - pastescript <no-dsa> (Minor issue)
 	NOTE: https://groups.google.com/d/topic/paste-users/KqZRujMcJHE/discussion
 CVE-2012-0877 [hash table collisions CPU usage DoS]
 	RESERVED
 	- python-xml <removed>
-CVE-2012-0876
+CVE-2012-0876 (The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values ...)
 	{DSA-2525-1}
 	- expat 2.1.0~beta3-1 (bug #663579)
 	- xmlrpc-c 1.16.33-3.2 (low; bug #687672)
 	[squeeze] - xmlrpc-c <no-dsa> (Minor issue)
 	- python2.6 <not-affected> (configured with --with-system-expat since 2.6.6-4)
-CVE-2012-0875
+CVE-2012-0875 (SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged m ...)
 	- systemtap 1.7-1 (low; bug #660929; bug #660886)
 	[squeeze] - systemtap <not-affected> (Vulnerable code not present)
 	[lenny] - systemtap <not-affected> (Vulnerable code not present)
-CVE-2012-0874
+CVE-2012-0874 (The (1) JMXInvokerHAServlet and (2) EJBInvokerHAServlet invoker servle ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2012-0873
+CVE-2012-0873 (Multiple cross-site scripting (XSS) vulnerabilities in Boonex Dolphin  ...)
 	NOT-FOR-US: Boonex Dolphin
-CVE-2012-0872
+CVE-2012-0872 (Multiple cross-site scripting (XSS) vulnerabilities in OxWall 1.1.1 an ...)
 	NOT-FOR-US: OxWall
-CVE-2012-0871
+CVE-2012-0871 (The session_link_x11_socket function in login/logind-session.c in syst ...)
 	- systemd 43-1
-CVE-2012-0870
+CVE-2012-0870 (Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used  ...)
 	- samba 2:3.4.0~pre1-1
 	[lenny] - samba <not-affected> (pre-release issue)
 	[squeeze] - samba <not-affected> (pre-release issue)
-CVE-2012-0868
+CVE-2012-0868 (CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3 ...)
 	{DSA-2418-1}
 	- postgresql-9.1 9.1.3-1
 	- postgresql-8.4 8.4.11-1
-CVE-2012-0867
+CVE-2012-0867 (PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9 ...)
 	{DSA-2418-1}
 	- postgresql-9.1 9.1.3-1
 	- postgresql-8.4 8.4.11-1
-CVE-2012-0866
+CVE-2012-0866 (CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, ...)
 	{DSA-2418-1}
 	- postgresql-9.1 9.1.3-1
 	- postgresql-8.4 8.4.11-1
-CVE-2012-0865
+CVE-2012-0865 (Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier  ...)
 	NOT-FOR-US: CubeCart
-CVE-2012-0864
+CVE-2012-0864 (Integer overflow in the vfprintf function in stdio-common/vfprintf.c i ...)
 	- eglibc 2.13-31 (low; bug #660611)
 	[squeeze] - eglibc 2.11.3-4
-CVE-2012-0863
+CVE-2012-0863 (Mumble 1.2.3 and earlier uses world-readable permissions for .local/sh ...)
 	{DSA-2411-1}
 	- mumble 1.2.3-3 (bug #659039)
-CVE-2012-0862
+CVE-2012-0862 (builtins.c in Xinetd before 2.3.15 does not check the service type whe ...)
 	- xinetd 1:2.3.14-7.1 (bug #672381)
 	[squeeze] - xinetd <no-dsa> (Minor issue)
-CVE-2012-0861
+CVE-2012-0861 (The vds_installer in Red Hat Enterprise Virtualization Manager (RHEV-M ...)
 	NOT-FOR-US: Red Hat Enterprise Virtualisation
-CVE-2012-0860
+CVE-2012-0860 (Multiple untrusted search path vulnerabilities in Red Hat Enterprise V ...)
 	NOT-FOR-US: Red Hat Enterprise Virtualisation
-CVE-2012-0859
+CVE-2012-0859 (The render_line function in the vorbis codec (vorbis.c) in libavcodec  ...)
 	{DSA-2471-1}
 	- libav 6:0.8.3-1
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
-CVE-2012-0858
+CVE-2012-0858 (The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before 0.7 ...)
 	{DSA-2624-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.2.1-1
 	[squeeze] - ffmpeg 4:0.5.9-1
-CVE-2012-0857
+CVE-2012-0857 (Multiple buffer overflows in the get_qcx function in the J2K decoder ( ...)
 	- libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0856
+CVE-2012-0856 (Heap-based buffer overflow in the MPV_frame_start function in libavcod ...)
 	- libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0855
+CVE-2012-0855 (Heap-based buffer overflow in the get_sot function in the J2K decoder  ...)
 	- libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0854
+CVE-2012-0854 (The dpcm_decode_frame function in libavcodec/dpcm.c in FFmpeg before 0 ...)
 	- libav 4:0.8.1-1
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0853
+CVE-2012-0853 (The decodeTonalComponents function in the Actrac3 codec (atrac3.c) in  ...)
 	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2012-0852
+CVE-2012-0852 (The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg bef ...)
 	{DSA-2494-1}
 	- libav 4:0.8.1-1
 	- ffmpeg 7:2.4.1-1
-CVE-2012-0851
+CVE-2012-0851 (The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcod ...)
 	{DSA-2494-1}
 	- libav 6:0.8.3-1
 	- ffmpeg 7:2.4.1-1
-CVE-2012-0850
+CVE-2012-0850 (The sbr_qmf_synthesis function in libavcodec/aacsbr.c in FFmpeg before ...)
 	- libav 4:0.8.1-1
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0849
+CVE-2012-0849 (Integer overflow in the ff_j2k_dwt_init function in libavcodec/j2k_dwt ...)
 	- libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0848
+CVE-2012-0848 (Heap-based buffer overflow in the ws_snd_decode_frame function in liba ...)
 	- libav 4:0.8.1-1
 	- ffmpeg <not-affected> (Code in 0.5 not affected per upstream)
-CVE-2012-0847
+CVE-2012-0847 (Heap-based buffer overflow in the avfilter_filter_samples function in  ...)
 	- libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)
-CVE-2012-0846
+CVE-2012-0846 (Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar  ...)
 	- webcalendar <removed>
-CVE-2012-0845
+CVE-2012-0845 (SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2. ...)
 	{DLA-25-1}
 	- python3.1 <removed> (low)
 	[squeeze] - python3.1 <no-dsa> (Minor issue)
@@ -14518,52 +14518,52 @@ CVE-2012-0843
 CVE-2012-0842 [surf info leak]
 	RESERVED
 	- surf 0.4.1-6 (bug #659296)
-CVE-2012-0841
+CVE-2012-0841 (libxml2 before 2.8.0 computes hash values without restricting the abil ...)
 	{DSA-2417-1}
 	- libxml2 2.7.8.dfsg-8 (bug #660846)
-CVE-2012-0840
+CVE-2012-0840 (tables/apr_hash.c in the Apache Portable Runtime (APR) library through ...)
 	- apr 1.4.6-1 (low; bug #655435)
 	[squeeze] - apr <no-dsa> (exploitability in httpd extremely limited, not known to be exploitable in svn)
 	NOTE: Commit http://mail-archives.apache.org/mod_mbox/apr-commits/201201.mbox/%3C20120115003715.071D423888FD@eris.apache.org%3E seems to cause regressions
-CVE-2012-0839
+CVE-2012-0839 (OCaml 3.12.1 and earlier computes hash values without restricting the  ...)
 	- ocaml 4.00.0~beta2-1 (low; bug #659149)
 	[wheezy] - ocaml <no-dsa> (Minor issue)
 	[squeeze] - ocaml <no-dsa> (Minor issue)
-CVE-2012-0838
+CVE-2012-0838 (Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expressio ...)
 	- libstruts1.2-java <not-affected> (struts 2 issue)
-CVE-2012-0837
+CVE-2012-0837 (Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to  ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-0836
+CVE-2012-0836 (Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attacke ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-0835
+CVE-2012-0835 (Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 and 2.5.x befo ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-0834
+CVE-2012-0834 (Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in php ...)
 	- phpldapadmin 1.2.2-1 (low; bug #658907)
 	[squeeze] - phpldapadmin <no-dsa> (Minor issue)
-CVE-2012-0833
+CVE-2012-0833 (The acllas__handle_group_entry function in servers/plugins/acl/acllas. ...)
 	- 389-ds-base <not-affected> (Fixed before initial upload)
 CVE-2012-0832
 	RESERVED
-CVE-2012-0831
+CVE-2012-0831 (PHP before 5.3.10 does not properly perform a temporary change to the  ...)
 	{DSA-2408-1}
 	- php5 5.3.10-1
-CVE-2012-0830
+CVE-2012-0830 (The php_register_variable_ex function in php_variables.c in PHP 5.3.9  ...)
 	{DSA-2403-1}
 	- php5 5.3.10-1
 	NOTE: http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/
-CVE-2012-0829
+CVE-2012-0829 (Multiple cross-site request forgery (CSRF) vulnerabilities in Mibew Me ...)
 	NOT-FOR-US: Mibew Messenger
 CVE-2012-0828
 	RESERVED
 	- xchat <not-affected> (Only affects Xchat on Windows and Maemo)
-CVE-2012-0827
+CVE-2012-0827 (The File module in Drupal 7.x before 7.11, when using unspecified fiel ...)
 	- drupal7 7.11-1
 	- drupal6 <not-affected>
-CVE-2012-0826
+CVE-2012-0826 (Cross-site request forgery (CSRF) vulnerability in the Aggregator modu ...)
 	{DSA-2776-1}
 	- drupal7 7.11-1
 	- drupal6 6.26-1
-CVE-2012-0825
+CVE-2012-0825 (Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that Attrib ...)
 	{DSA-2776-1}
 	- drupal7 7.11-1
 	- drupal6 6.26-1
@@ -14571,42 +14571,42 @@ CVE-2012-0824
 	RESERVED
 	- gnusound <removed> (low; bug #654270)
 	[squeeze] - gnusound 0.7.5-3+squeeze1
-CVE-2012-0823
+CVE-2012-0823 (VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers  ...)
 	- libvpx 1.0.0-1
 	[squeeze] - libvpx <not-affected> (Introduced in 0.9.7)
 	NOTE: http://blog.webmproject.org/2012/01/vp8-codec-sdk-duclair-released.html
-CVE-2012-0822
+CVE-2012-0822 (Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x befo ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-0821
+CVE-2012-0821 (Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allo ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-0820
+CVE-2012-0820 (Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x be ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-0819
+CVE-2012-0819 (Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allo ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-0818
+CVE-2012-0818 (RESTEasy before 2.3.1 allows remote attackers to read arbitrary files  ...)
 	NOT-FOR-US: RESTEasy framework for JBoss
-CVE-2012-0817
+CVE-2012-0817 (Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attacker ...)
 	- samba 2:3.6.3-1 (low)
 	- samba4 4.0.0~alpha18.dfsg1-1
 	[squeeze] - samba <not-affected> (Only affects 3.6.x)
 	[lenny] - samba <not-affected> (Only affects 3.6.x)
 CVE-2012-0816
 	RESERVED
-CVE-2012-0815
+CVE-2012-0815 (The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 al ...)
 	{DLA-140-1}
 	- rpm 4.9.1.3-1 (bug #667031)
 	[squeeze] - rpm <no-dsa> (Minor issue)
-CVE-2012-0814
+CVE-2012-0814 (The auth_parse_options function in auth-options.c in sshd in OpenSSH b ...)
 	- openssh 1:5.6p1-1 (low; bug #657445)
 	[squeeze] - openssh 1:5.5p1-6+squeeze2
-CVE-2012-0813
+CVE-2012-0813 (Wicd before 1.7.1 saves sensitive information in log files in /var/log ...)
 	- wicd 1.7.1~b3-4 (unimportant; bug #652417)
 	NOTE: Not a security issue per se, logfile only accessible by root:adm
 CVE-2012-0812 [PostfixAdmin 2.3.4 multiple XSS vulnerabilities]
 	RESERVED
 	- postfixadmin 2.3.5-1
 	NOTE: http://seclists.org/oss-sec/2012/q1/285
-CVE-2012-0811
+CVE-2012-0811 (Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixad ...)
 	- postfixadmin 2.3.5-1
 	NOTE: http://seclists.org/oss-sec/2012/q1/285
 CVE-2012-0810
@@ -14614,77 +14614,77 @@ CVE-2012-0810
 	- linux-2.6 3.2.16-1 (bug #672660)
 	[squeeze] - linux-2.6 <not-affected> (rt patchset not yet present)
 	NOTE: Ben Hutchings said it was fixed in 3.2.9-1, I checked it for 3.2.16-1
-CVE-2012-0809
+CVE-2012-0809 (Format string vulnerability in the sudo_debug function in Sudo 1.8.0 t ...)
 	- sudo 1.8.3p2-1 (bug #657985)
 	[squeeze] - sudo <not-affected> (Vulnerable code not present)
 	[lenny] - sudo <not-affected> (Vulnerable code not present)
-CVE-2012-0808
+CVE-2012-0808 (as31 2.3.1-4 does not seed the random number generator and generates p ...)
 	- as31 2.3.1-5 (bug #655496)
 	[squeeze] - as31 <no-dsa> (The maintainer consider it a minor issue. Check comments in the bug report)
-CVE-2012-0807
+CVE-2012-0807 (Stack-based buffer overflow in the suhosin_encrypt_single_cookie funct ...)
 	- php-suhosin 0.9.33-1 (low; bug #657190)
 	[squeeze] - php-suhosin <no-dsa> (Exploitable in rare setups)
 	NOTE: https://github.com/stefanesser/suhosin/commit/73b1968ee30f6d9d2dae497544b910e68e114bfa
-CVE-2012-0806
+CVE-2012-0806 (Buffer overflow in Bip 0.8.8 and earlier might allow remote authentica ...)
 	{DSA-2393-1}
 	- bip 0.8.8-2 (bug #657217)
 	[lenny] - bip <not-affected> (Maintainer reports vulnerable code not present)
-CVE-2012-0805
+CVE-2012-0805 (Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, a ...)
 	{DSA-2449-1}
 	- sqlalchemy 0.6.7-1
-CVE-2012-0804
+CVE-2012-0804 (Heap-based buffer overflow in the proxy_connect function in src/client ...)
 	{DSA-2407-1}
 	- cvs 2:1.12.13+real-7
-CVE-2012-0803
+CVE-2012-0803 (The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows re ...)
 	NOT-FOR-US: Apache CXF
-CVE-2012-0802
+CVE-2012-0802 (Multiple buffer overflows in Spamdyke before 4.3.0 might allow remote  ...)
 	NOT-FOR-US: spamdyke
-CVE-2012-0801
+CVE-2012-0801 (lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 d ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2012-0800
+CVE-2012-0800 (The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2. ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2012-0799
+CVE-2012-0799 (Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous fr ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2012-0798
+CVE-2012-0798 (The self-enrolment functionality in Moodle 2.1.x before 2.1.4 and 2.2. ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2012-0797
+CVE-2012-0797 (The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x befo ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2012-0796
+CVE-2012-0796 (class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x  ...)
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2012-0795
+CVE-2012-0795 (Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, an ...)
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2012-0794
+CVE-2012-0794 (The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x before 1. ...)
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2012-0793
+CVE-2012-0793 (Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, an ...)
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2012-0792
+CVE-2012-0792 (mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authent ...)
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2012-0791
+CVE-2012-0791 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP befor ...)
 	{DSA-2485-1}
 	- imp4 4.3.10+debian0-1.1 (bug #659392)
-CVE-2012-0790
+CVE-2012-0790 (Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping ...)
 	{DSA-2651-1}
 	- smokeping 2.6.8-2 (bug #659899)
-CVE-2012-0789
+CVE-2012-0789 (Memory leak in the timezone functionality in PHP before 5.3.9 allows r ...)
 	- php5 5.3.9-1 (low)
 	[squeeze] - php5 <no-dsa> (Too intrusive to backport)
-CVE-2012-0788
+CVE-2012-0788 (The PDORow implementation in PHP before 5.3.9 does not properly intera ...)
 	{DSA-2408-1}
 	- php5 5.3.9-1
-CVE-2012-0787
+CVE-2012-0787 (The clone_file function in transfer.c in Augeas before 1.0.0, when cop ...)
 	{DLA-28-1}
 	- augeas 1.0.0-1 (low; bug #731132)
 	[wheezy] - augeas <no-dsa> (Minor issue)
-CVE-2012-0786
+CVE-2012-0786 (The transform_save function in transform.c in Augeas before 1.0.0 allo ...)
 	{DLA-28-1}
 	- augeas 1.0.0-1 (low; bug #731132)
 	[wheezy] - augeas <no-dsa> (Minor issue)
-CVE-2012-0885
+CVE-2012-0885 (chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x befor ...)
 	- asterisk 1:1.8.8.2~dfsg-1 (bug #656596)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
@@ -14693,666 +14693,666 @@ CVE-2012-0784
 	RESERVED
 CVE-2012-0783
 	RESERVED
-CVE-2012-0782
+CVE-2012-0782 (** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in  ...)
 	- wordpress <unfixed> (unimportant)
 	NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
-CVE-2012-0781
+CVE-2012-0781 (The tidy_diagnose function in PHP 5.3.8 might allow remote attackers t ...)
 	{DSA-2408-1}
 	- php5 5.3.9-1 (low)
-CVE-2012-0780
+CVE-2012-0780 (Adobe Illustrator before CS6 allows attackers to execute arbitrary cod ...)
 	NOT-FOR-US: Adobe Illustrator
-CVE-2012-0779
+CVE-2012-0779 (Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0778
+CVE-2012-0778 (Buffer overflow in Adobe Flash Professional before CS6 allows attacker ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0777
+CVE-2012-0777 (The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-0776
+CVE-2012-0776 (The installer in Adobe Reader 9.x before 9.5.1 and 10.x before 10.1.3  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-0775
+CVE-2012-0775 (The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-0774
+CVE-2012-0774 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2012-0773
+CVE-2012-0773 (The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0772
+CVE-2012-0772 (An unspecified ActiveX control in Adobe Flash Player before 10.3.183.1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0771
+CVE-2012-0771 (Adobe Shockwave Player before 11.6.4.634 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0770
+CVE-2012-0770 (Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 computes hash values for f ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2012-0769
+CVE-2012-0769 (Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0768
+CVE-2012-0768 (The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0767
+CVE-2012-0767 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0766
+CVE-2012-0766 (The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0765
+CVE-2012-0765 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp  ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0764
+CVE-2012-0764 (The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0763
+CVE-2012-0763 (The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0762
+CVE-2012-0762 (The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0761
+CVE-2012-0761 (The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0760
+CVE-2012-0760 (The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0759
+CVE-2012-0759 (Adobe Shockwave Player before 11.6.4.634 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0758
+CVE-2012-0758 (Heap-based buffer overflow in Adobe Shockwave Player before 11.6.4.634 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0757
+CVE-2012-0757 (The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-0756
+CVE-2012-0756 (Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0755
+CVE-2012-0755 (Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0754
+CVE-2012-0754 (Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0753
+CVE-2012-0753 (Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0752
+CVE-2012-0752 (Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on W ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0751
+CVE-2012-0751 (The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x  ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2012-0750
 	RESERVED
 CVE-2012-0749
 	RESERVED
-CVE-2012-0748
+CVE-2012-0748 (Multiple cross-site request forgery (CSRF) vulnerabilities in unspecif ...)
 	NOT-FOR-US: IBM Rational Team Concert
-CVE-2012-0747
+CVE-2012-0747 (SQL injection vulnerability in IBM Maximo Asset Management 6.2 through ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-0746
+CVE-2012-0746 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-0745
+CVE-2012-0745 (The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 t ...)
 	NOT-FOR-US: IBM AIX
-CVE-2012-0744
+CVE-2012-0744 (IBM Rational ClearQuest 7.1.x through 7.1.2.7 and 8.x through 8.0.0.3  ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-0743
+CVE-2012-0743 (IBM Tivoli Directory Server (TDS) 6.3 and earlier allows remote attack ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2012-0742
+CVE-2012-0742 (IBM Tivoli Event Pump 4.2.2, when the LOG_REQUESTS and VALIDATE_SOAP_U ...)
 	NOT-FOR-US: IBM Tivoli Event Pump
-CVE-2012-0741
+CVE-2012-0741 (IBM Security AppScan Enterprise before 8.6.0.2 and Rational Policy Tes ...)
 	NOT-FOR-US: (IBM Security AppScan Enterprise
-CVE-2012-0740
+CVE-2012-0740 (Cross-site scripting (XSS) vulnerability in the Web Admin Tool in IBM  ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
 CVE-2012-0739
 	RESERVED
-CVE-2012-0738
+CVE-2012-0738 (IBM Security AppScan Enterprise before 8.6.0.2 and Rational Policy Tes ...)
 	NOT-FOR-US: (IBM Security AppScan Enterprise
-CVE-2012-0737
+CVE-2012-0737 (Cross-site scripting (XSS) vulnerability in IBM Rational AppScan Enter ...)
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0736
+CVE-2012-0736 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not pr ...)
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0735
+CVE-2012-0735 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not pr ...)
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0734
+CVE-2012-0734 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not pr ...)
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0733
+CVE-2012-0733 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when Integ ...)
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0732
+CVE-2012-0732 (The Enterprise Console client in IBM Rational AppScan Enterprise 5.x a ...)
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0731
+CVE-2012-0731 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not pr ...)
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0730
+CVE-2012-0730 (Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Rati ...)
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0729
+CVE-2012-0729 (Unrestricted file upload vulnerability in IBM Rational AppScan Enterpr ...)
 	NOT-FOR-US: IBM Rational AppScan
-CVE-2012-0728
+CVE-2012-0728 (SQL injection vulnerability in IBM Maximo Asset Management 7.1 through ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-0727
+CVE-2012-0727 (SQL injection vulnerability in IBM Maximo Asset Management 7.5, as use ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-0726
+CVE-2012-0726 (The default configuration of TLS in IBM Tivoli Directory Server (TDS)  ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2012-0725
+CVE-2012-0725 (Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.10 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0724
+CVE-2012-0724 (Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.10 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2012-0723
+CVE-2012-0723 (The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, ...)
 	NOT-FOR-US: IBM AIX, VIOS
 CVE-2012-0721
 	REJECTED
-CVE-2012-0720
+CVE-2012-0720 (Cross-site scripting (XSS) vulnerability in the Integration Solution C ...)
 	NOT-FOR-US: IBM WebSphere Application
-CVE-2012-0719
+CVE-2012-0719 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Endpoint Manage ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
 CVE-2012-0718
 	RESERVED
-CVE-2012-0717
+CVE-2012-0717 (IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain S ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-0716
+CVE-2012-0716 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-0715
+CVE-2012-0715 (Cross-site scripting (XSS) vulnerability in the Gantt applet viewer in ...)
 	NOT-FOR-US: IBM Tivoli Change and Configuration Management Database
-CVE-2012-0714
+CVE-2012-0714 (Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Ma ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2012-0713
+CVE-2012-0713 (Unspecified vulnerability in the XML feature in IBM DB2 9.7 before FP6 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2012-0712
+CVE-2012-0712 (The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 th ...)
 	NOT-FOR-US: IBM DB2
-CVE-2012-0711
+CVE-2012-0711 (Integer signedness error in the db2dasrrm process in the DB2 Administr ...)
 	NOT-FOR-US: IBM DB2
-CVE-2012-0710
+CVE-2012-0710 (IBM DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 befor ...)
 	NOT-FOR-US: IBM DB2
-CVE-2012-0709
+CVE-2012-0709 (IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 does not  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2012-0708
+CVE-2012-0708 (Heap-based buffer overflow in the Ole API in the CQOle ActiveX control ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2012-0707
+CVE-2012-0707 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Lombardi Edi ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2012-0706
+CVE-2012-0706 (IBM Scale Out Network Attached Storage (SONAS) 1.3 before 1.3.2.3 requ ...)
 	NOT-FOR-US: IBM Scale Out network Attached Storage (SONAS)
-CVE-2012-0705
+CVE-2012-0705 (InfoSphere Import Export Manager in InfoSphere Information Server Meta ...)
 	NOT-FOR-US: InfoSphere Information Server
 CVE-2012-0704
 	RESERVED
-CVE-2012-0703
+CVE-2012-0703 (Open redirect vulnerability in Information Services Framework (ISF) in ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0702
+CVE-2012-0702 (Information Services Framework (ISF) in IBM InfoSphere Information Ser ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0701
+CVE-2012-0701 (The client applications in the DataStage Administrator client in InfoS ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0700
+CVE-2012-0700 (The client in InfoSphere FastTrack 8.1 through 8.7 in IBM InfoSphere I ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0699
+CVE-2012-0699 (Multiple cross-site request forgery (CSRF) vulnerabilities in Family C ...)
 	NOT-FOR-US: Family Connections CMS
-CVE-2012-0698
+CVE-2012-0698 (tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a deni ...)
 	{DSA-2576-1}
 	- trousers 0.3.9-1 (low; bug #692649)
-CVE-2012-0697
+CVE-2012-0697 (HP StorageWorks P2000 G3 MSA array systems have a default account, whi ...)
 	NOT-FOR-US: HP StorageWorks
-CVE-2012-0696
+CVE-2012-0696 (Multiple cross-site scripting (XSS) vulnerabilities in the Executive V ...)
 	NOT-FOR-US: IBM Cognos
-CVE-2012-0695
+CVE-2012-0695 (Multiple unspecified vulnerabilities in Google Chrome before 17.0.963. ...)
 	NOT-FOR-US: Google Chrome books
 CVE-2012-0694 [SugarCRM CE unserialize PHP code execution in multiple files]
 	RESERVED
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
 	NOTE: http://seclists.org/bugtraq/2012/Jun/165
-CVE-2012-0693
+CVE-2012-0693 (** DISPUTED ** submitticket.php in WHMCompleteSolution (WHMCS) 5.03 al ...)
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2012-0692
+CVE-2012-0692 (CA License (aka CA Licensing) before 1.90.03 allows local users to mod ...)
 	NOT-FOR-US: CA License
-CVE-2012-0691
+CVE-2012-0691 (CA License (aka CA Licensing) before 1.90.03 does not properly restric ...)
 	NOT-FOR-US: CA License
-CVE-2012-0690
+CVE-2012-0690 (TIBCO Spotfire Web Application, Web Player Application, Automation Ser ...)
 	NOT-FOR-US: TIBCO Spotfire
-CVE-2012-0689
+CVE-2012-0689 (The server in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric Activ ...)
 	NOT-FOR-US: TIBCO ActiveMatrix
-CVE-2012-0688
+CVE-2012-0688 (Cross-site scripting (XSS) vulnerability in TIBCO ActiveMatrix Platfor ...)
 	NOT-FOR-US: TIBCO ActiveMatrix
-CVE-2012-0687
+CVE-2012-0687 (TIBCO ActiveMatrix Runtime Platform in Service Grid and Service Bus 2. ...)
 	NOT-FOR-US: TIBCO ActiveMatrix
 CVE-2012-0686
 	RESERVED
-CVE-2012-0685
+CVE-2012-0685 (Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote  ...)
 	NOT-FOR-US: XnView
-CVE-2012-0684
+CVE-2012-0684 (Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote  ...)
 	NOT-FOR-US: XnView
-CVE-2012-0683
+CVE-2012-0683 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0682
+CVE-2012-0682 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0681
+CVE-2012-0681 (Apple Remote Desktop before 3.6.1 does not recognize the "Encrypt all  ...)
 	NOT-FOR-US: Apple Remote Desktop
-CVE-2012-0680
+CVE-2012-0680 (Apple Safari before 6.0 does not properly handle the autocomplete attr ...)
 	NOT-FOR-US: Apple Safari
-CVE-2012-0679
+CVE-2012-0679 (Apple Safari before 6.0 allows remote attackers to read arbitrary file ...)
 	NOT-FOR-US: Apple Safari
-CVE-2012-0678
+CVE-2012-0678 (Cross-site scripting (XSS) vulnerability in Apple Safari before 6.0 al ...)
 	NOT-FOR-US: Apple Safari
-CVE-2012-0677
+CVE-2012-0677 (Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2012-0676
+CVE-2012-0676 (WebKit in Apple Safari before 5.1.7 does not properly track state info ...)
 	NOT-FOR-US: Apple Safari
-CVE-2012-0675
+CVE-2012-0675 (Time Machine in Apple Mac OS X before 10.7.4 does not require continue ...)
 	NOT-FOR-US: Time Machine
-CVE-2012-0674
+CVE-2012-0674 (Safari in Apple iOS before 5.1.1 allows remote attackers to spoof the  ...)
 	NOT-FOR-US: Apple Safari
 CVE-2012-0673
 	RESERVED
-CVE-2012-0672
+CVE-2012-0672 (WebKit in Apple iOS before 5.1.1 allows remote attackers to execute ar ...)
 	NOTE: http://dl.packetstormsecurity.net/1205-advisories/APPLE-SA-2012-05-09-2.txt
-CVE-2012-0671
+CVE-2012-0671 (Apple QuickTime before 7.7.2 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0670
+CVE-2012-0670 (Integer overflow in Apple QuickTime before 7.7.2 allows remote attacke ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0669
+CVE-2012-0669 (Buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0668
+CVE-2012-0668 (Buffer overflow in Apple QuickTime before 7.7.2 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0667
+CVE-2012-0667 (Integer signedness error in Apple QuickTime before 7.7.2 on Windows al ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0666
+CVE-2012-0666 (Stack-based buffer overflow in the plugin in Apple QuickTime before 7. ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0665
+CVE-2012-0665 (Heap-based buffer overflow in Apple QuickTime before 7.7.2 allows remo ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0664
+CVE-2012-0664 (Heap-based buffer overflow in Apple QuickTime before 7.7.2 on Windows  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0663
+CVE-2012-0663 (Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0662
+CVE-2012-0662 (Integer overflow in the Security Framework in Apple Mac OS X before 10 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0661
+CVE-2012-0661 (Use-after-free vulnerability in QuickTime in Apple Mac OS X 10.7.x bef ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0660
+CVE-2012-0660 (Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows r ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0659
+CVE-2012-0659 (Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows r ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0658
+CVE-2012-0658 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows re ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0657
+CVE-2012-0657 (Quartz Composer in Apple Mac OS X before 10.7.4, when the RSS Visualiz ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0656
+CVE-2012-0656 (Race condition in LoginUIFramework in Apple Mac OS X 10.7.x before 10. ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0655
+CVE-2012-0655 (libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0654
+CVE-2012-0654 (libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized mem ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2012-0653
 	RESERVED
-CVE-2012-0652
+CVE-2012-0652 (Login Window in Apple Mac OS X 10.7.3, when Legacy File Vault or netwo ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0651
+CVE-2012-0651 (The directory server in Directory Service in Apple Mac OS X 10.6.8 all ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0650
+CVE-2012-0650 (Buffer overflow in the DirectoryService Proxy in DirectoryService in A ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0649
+CVE-2012-0649 (Race condition in the initialization routine in blued in Bluetooth in  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2012-0648
+CVE-2012-0648 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle  ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0647
+CVE-2012-0647 (WebKit in Apple Safari before 5.1.4 does not properly handle redirects ...)
 	NOT-FOR-US: Apple Safari/ if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0646
+CVE-2012-0646 (Format string vulnerability in VPN in Apple iOS before 5.1 allows remo ...)
 	NOT-FOR-US: VPN in Apple iOS
-CVE-2012-0645
+CVE-2012-0645 (Siri in Apple iOS before 5.1 does not properly restrict the ability of ...)
 	NOT-FOR-US: Siri
-CVE-2012-0644
+CVE-2012-0644 (Race condition in the Passcode Lock feature in Apple iOS before 5.1 al ...)
 	NOT-FOR-US: Passcode Lock in Apple iOS
-CVE-2012-0643
+CVE-2012-0643 (The kernel in Apple iOS before 5.1 does not properly handle debug syst ...)
 	NOT-FOR-US: kernel in Apple iOS
-CVE-2012-0642
+CVE-2012-0642 (Integer underflow in Apple iOS before 5.1 allows remote attackers to e ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-0641
+CVE-2012-0641 (CFNetwork in Apple iOS before 5.1 does not properly construct request  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2012-0640
+CVE-2012-0640 (WebKit in Apple Safari before 5.1.4 does not properly implement "From  ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0639
+CVE-2012-0639 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle  ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0638
+CVE-2012-0638 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle  ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0637
+CVE-2012-0637 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle  ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0636
+CVE-2012-0636 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle  ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0635
+CVE-2012-0635 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0634
+CVE-2012-0634 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle  ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0633
+CVE-2012-0633 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0632
+CVE-2012-0632 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0631
+CVE-2012-0631 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0630
+CVE-2012-0630 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0629
+CVE-2012-0629 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0628
+CVE-2012-0628 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0627
+CVE-2012-0627 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0626
+CVE-2012-0626 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0625
+CVE-2012-0625 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0624
+CVE-2012-0624 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0623
+CVE-2012-0623 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0622
+CVE-2012-0622 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0621
+CVE-2012-0621 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0620
+CVE-2012-0620 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0619
+CVE-2012-0619 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0618
+CVE-2012-0618 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0617
+CVE-2012-0617 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0616
+CVE-2012-0616 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0615
+CVE-2012-0615 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0614
+CVE-2012-0614 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0613
+CVE-2012-0613 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0612
+CVE-2012-0612 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0611
+CVE-2012-0611 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0610
+CVE-2012-0610 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0609
+CVE-2012-0609 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0608
+CVE-2012-0608 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0607
+CVE-2012-0607 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0606
+CVE-2012-0606 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0605
+CVE-2012-0605 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0604
+CVE-2012-0604 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0603
+CVE-2012-0603 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0602
+CVE-2012-0602 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0601
+CVE-2012-0601 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0600
+CVE-2012-0600 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0599
+CVE-2012-0599 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0598
+CVE-2012-0598 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0597
+CVE-2012-0597 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0596
+CVE-2012-0596 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0595
+CVE-2012-0595 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0594
+CVE-2012-0594 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0593
+CVE-2012-0593 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0592
+CVE-2012-0592 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0591
+CVE-2012-0591 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0590
+CVE-2012-0590 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple i ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0589
+CVE-2012-0589 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple i ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0588
+CVE-2012-0588 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple i ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0587
+CVE-2012-0587 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple i ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0586
+CVE-2012-0586 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple i ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0585
+CVE-2012-0585 (The Private Browsing feature in Safari in Apple iOS before 5.1 allows  ...)
 	NOT-FOR-US: Apple Safari/iTunes if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2012-0584
+CVE-2012-0584 (The Internationalized Domain Name (IDN) feature in Apple Safari before ...)
 	NOT-FOR-US: Apple Safari
-CVE-2012-0583
+CVE-2012-0583 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2496-1}
 	- mysql-5.1 5.1.62-1 (bug #670636)
 	- mysql-5.5 5.5.23-1
-CVE-2012-0582
+CVE-2012-0582 (Unspecified vulnerability in the Siebel Clinical component in Oracle I ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2012-0581
+CVE-2012-0581 (Unspecified vulnerability in the Oracle Agile component in Oracle Supp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-0580
+CVE-2012-0580 (Unspecified vulnerability in the Oracle Agile PLM for Process componen ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-0579
+CVE-2012-0579 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0578
+CVE-2012-0578 (Unspecified vulnerability in the Server component in Oracle MySQL 5.5. ...)
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-0577
+CVE-2012-0577 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0576
+CVE-2012-0576 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0575
+CVE-2012-0575 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0574
+CVE-2012-0574 (Unspecified vulnerability in the Server component in Oracle MySQL 5.1. ...)
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-0573
+CVE-2012-0573 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0572
+CVE-2012-0572 (Unspecified vulnerability in the Server component in Oracle MySQL 5.1. ...)
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2012-0571
+CVE-2012-0571 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0570
+CVE-2012-0570 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allow ...)
 	NOT-FOR-US: Solaris
-CVE-2012-0569
+CVE-2012-0569 (Unspecified vulnerability Oracle Sun Solaris 10 allows local users to  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-0568
+CVE-2012-0568 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows lo ...)
 	NOT-FOR-US: Solaris
-CVE-2012-0567
+CVE-2012-0567 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0566
+CVE-2012-0566 (Unspecified vulnerability in the Oracle Agile component in Oracle Supp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-0565
+CVE-2012-0565 (Unspecified vulnerability in the Oracle Agile component in Oracle Supp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-0564
+CVE-2012-0564 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0563
+CVE-2012-0563 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0562
+CVE-2012-0562 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0561
+CVE-2012-0561 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0560
+CVE-2012-0560 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0559
+CVE-2012-0559 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0558
+CVE-2012-0558 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle Primavera Products Suite
-CVE-2012-0557
+CVE-2012-0557 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0556
+CVE-2012-0556 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0555
+CVE-2012-0555 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0554
+CVE-2012-0554 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0553
+CVE-2012-0553 (Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5 ...)
 	{DSA-2780-1}
 	- mysql-5.1 <removed> (bug #712059)
 	- mysql-5.5 5.5.28+dfsg-1
 	- cyassl <not-affected> (Fixed before initial upload to archive)
 	NOTE: https://blogs.oracle.com/sunsecurity/entry/cve_2012_0553_buffer_overflow
-CVE-2012-0552
+CVE-2012-0552 (Unspecified vulnerability in the Oracle Spatial component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0551
+CVE-2012-0551 (Unspecified vulnerability in the Java Runtime Environment (JRE) in Ora ...)
 	- glassfish <not-affected> (Debian only builds some core libs, not the full application stack)
 	- openjdk-6 <not-affected> (specific to Oracle Java)
 	- openjdk-7 <not-affected> (specific to Oracle Java)
-CVE-2012-0550
+CVE-2012-0550 (Unspecified vulnerability in the GlassFish Enterprise Server component ...)
 	- glassfish <not-affected> (Debian only builds some core libs, not the full application stack)
-CVE-2012-0549
+CVE-2012-0549 (Unspecified vulnerability in the Oracle AutoVue Office component in Or ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2012-0548
+CVE-2012-0548 (Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers  ...)
 	NOT-FOR-US: Oracle SPARC Enterprise M Series Servers XCP 1110
-CVE-2012-0547
+CVE-2012-0547 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.2-1 (low)
 	- openjdk-6 6b24-1.11.4-1 (low)
-CVE-2012-0546
+CVE-2012-0546 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0545
+CVE-2012-0545 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0544
+CVE-2012-0544 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0543
+CVE-2012-0543 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0542
+CVE-2012-0542 (Unspecified vulnerability in the Oracle iStore component in Oracle E-B ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-0541
+CVE-2012-0541 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0540
+CVE-2012-0540 (Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier an ...)
 	{DSA-2496-1}
 	- mysql-5.1 <removed> (bug #682212)
 	- mysql-5.5 5.5.24+dfsg-1 (bug #682210)
-CVE-2012-0539
+CVE-2012-0539 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows lo ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-0538
+CVE-2012-0538 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0537
+CVE-2012-0537 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-0536
+CVE-2012-0536 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0535
+CVE-2012-0535 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-0534
+CVE-2012-0534 (Unspecified vulnerability in the RDBMS Core component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0533
+CVE-2012-0533 (Unspecified vulnerability in the PeopleSoft Enterprise FCSM component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0532
+CVE-2012-0532 (Unspecified vulnerability in the Identity Manager component in Oracle  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0531
+CVE-2012-0531 (Unspecified vulnerability in the PeopleSoft Enterprise Portal componen ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0530
+CVE-2012-0530 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0529
+CVE-2012-0529 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0528
+CVE-2012-0528 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0527
+CVE-2012-0527 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0526
+CVE-2012-0526 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0525
+CVE-2012-0525 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0524
+CVE-2012-0524 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0523
+CVE-2012-0523 (Unspecified vulnerability in the Oracle Grid Engine component in Oracl ...)
 	- gridengine 6.2u5-7.1
 	[squeeze] - gridengine <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.securityfocus.com/bid/53132
 	NOTE: http://gridscheduler.sourceforge.net/security.html
-CVE-2012-0522
+CVE-2012-0522 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0521
+CVE-2012-0521 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0520
+CVE-2012-0520 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0519
+CVE-2012-0519 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0518
+CVE-2012-0518 (Unspecified vulnerability in the Oracle Application Server Single Sign ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0517
+CVE-2012-0517 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0516
+CVE-2012-0516 (Unspecified vulnerability in the Oracle iPlanet Web Server component i ...)
 	NOT-FOR-US: Oracle Sun Products Suite
-CVE-2012-0515
+CVE-2012-0515 (Unspecified vulnerability in the Identity Manager Connector component  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0514
+CVE-2012-0514 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0513
+CVE-2012-0513 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-0512
+CVE-2012-0512 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0511
+CVE-2012-0511 (Unspecified vulnerability in the OCI component in Oracle Database Serv ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0510
+CVE-2012-0510 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0509
+CVE-2012-0509 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0508
+CVE-2012-0508 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2012-0507
+CVE-2012-0507 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	NOTE: Replacement for misused CVE-2011-3571.
-CVE-2012-0506
+CVE-2012-0506 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2012-0505
+CVE-2012-0505 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
-CVE-2012-0504
+CVE-2012-0504 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only applies to the Windows-specific update tool)
 	- openjdk-7 <not-affected> (Only applies to the Windows-specific update tool)
 	- sun-java6 <not-affected> (Only applies to the Windows-specific update tool)
-CVE-2012-0503
+CVE-2012-0503 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2012-0502
+CVE-2012-0502 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2012-0501
+CVE-2012-0501 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2012-0500
+CVE-2012-0500 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	NOTE: OpenJDK browser plugin is a different code base.
-CVE-2012-0499
+CVE-2012-0499 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	NOTE: According to the Red Hat bug tracker, this vulnerability does not affect Iced Tea/OpenJDK.
-CVE-2012-0498
+CVE-2012-0498 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
 	NOTE: According to the Red Hat bug tracker, this vulnerability does not affect Iced Tea/OpenJDK.
-CVE-2012-0497
+CVE-2012-0497 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2420-1}
 	- openjdk-6 6b24-1.11.1-1
 	- openjdk-7 7~u3-2.1-1
 	- sun-java6 <removed>
 	[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2012-0496
+CVE-2012-0496 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0495
+CVE-2012-0495 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0494
+CVE-2012-0494 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0493
+CVE-2012-0493 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0492
+CVE-2012-0492 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0491
+CVE-2012-0491 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0490
+CVE-2012-0490 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0489
+CVE-2012-0489 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0488
+CVE-2012-0488 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0487
+CVE-2012-0487 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0486
+CVE-2012-0486 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0485
+CVE-2012-0485 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0484
+CVE-2012-0484 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
 CVE-2012-0483
@@ -15363,7 +15363,7 @@ CVE-2012-0481
 	RESERVED
 CVE-2012-0480
 	RESERVED
-CVE-2012-0479
+CVE-2012-0479 (Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thun ...)
 	{DSA-2464-1 DSA-2458-1 DSA-2457-1}
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
@@ -15371,14 +15371,14 @@ CVE-2012-0479
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0478
+CVE-2012-0478 (The texImage2D implementation in the WebGL subsystem in Mozilla Firefo ...)
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.4esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0477
+CVE-2012-0477 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
 	{DSA-2464-1 DSA-2458-1 DSA-2457-1}
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
@@ -15388,7 +15388,7 @@ CVE-2012-0477
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-0476
 	RESERVED
-CVE-2012-0475
+CVE-2012-0475 (Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and Se ...)
 	- icedove 10.0.4-1
 	[wheezy] - icedove <no-dsa> (Minor issue, also not fixed in ESV branch)
 	[squeeze] - icedove <no-dsa> (Minor issue, also not fixed in ESV branch)
@@ -15399,25 +15399,25 @@ CVE-2012-0475
 	[squeeze] - iceape <no-dsa> (Minor issue, also not fixed in ESV branch)
 	[wheezy] - iceape <no-dsa> (Minor issue, also not fixed in ESV branch)
 	NOTE: Fixed in Thunderbird 12 and Seamonkey 2.9
-CVE-2012-0474
+CVE-2012-0474 (Cross-site scripting (XSS) vulnerability in the docshell implementatio ...)
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.4esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0473
+CVE-2012-0473 (The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x  ...)
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.4esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0472
+CVE-2012-0472 (The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, F ...)
 	- icedove <not-affected> (Windows-specific)
 	- iceweasel <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
-CVE-2012-0471
+CVE-2012-0471 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x throug ...)
 	{DSA-2464-1 DSA-2458-1 DSA-2457-1}
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
@@ -15425,7 +15425,7 @@ CVE-2012-0471
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0470
+CVE-2012-0470 (Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::Light ...)
 	{DSA-2464-1 DSA-2458-1 DSA-2457-1}
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
@@ -15433,18 +15433,18 @@ CVE-2012-0470
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0469
+CVE-2012-0469 (Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRan ...)
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.4esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0468
+CVE-2012-0468 (The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5. ...)
 	- icedove <not-affected> (Only affects Firefox 11 and above)
 	- iceweasel <not-affected> (Only affects Firefox 11 and above)
 	- iceape <not-affected> (Only affects Firefox 11 and above)
-CVE-2012-0467
+CVE-2012-0467 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2464-1 DSA-2458-1 DSA-2457-1}
 	- icedove 10.0.4-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
@@ -15452,90 +15452,90 @@ CVE-2012-0467
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.4-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0466
+CVE-2012-0466 (template/en/default/list/list.js.tmpl in Bugzilla 2.x and 3.x before 3 ...)
 	- bugzilla <removed> (low)
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-0465
+CVE-2012-0465 (Bugzilla 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, a ...)
 	- bugzilla <removed> (low)
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-0464
+CVE-2012-0464 (Use-after-free vulnerability in the browser engine in Mozilla Firefox  ...)
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0463
+CVE-2012-0463 (The nsWindow implementation in the browser engine in Mozilla Firefox b ...)
 	- iceweasel <not-affected> (Only affects Firefox Mobile on Android)
-CVE-2012-0462
+CVE-2012-0462 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0461
+CVE-2012-0461 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2458-1 DSA-2437-1 DSA-2433-1}
 	- icedove 10.0.3-1
 	- iceweasel 10.0.3esr-1
 	- iceape 2.7.3-1
-CVE-2012-0460
+CVE-2012-0460 (Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thun ...)
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0459
+CVE-2012-0459 (The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x ...)
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0458
+CVE-2012-0458 (Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x b ...)
 	{DSA-2458-1 DSA-2437-1 DSA-2433-1}
 	- icedove 10.0.3-1
 	- iceweasel 10.0.3esr-1
 	- iceape 2.7.3-1
-CVE-2012-0457
+CVE-2012-0457 (Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetwee ...)
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0456
+CVE-2012-0456 (The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4. ...)
 	{DSA-2458-1 DSA-2437-1 DSA-2433-1}
 	- icedove 10.0.3-1
 	- iceweasel 10.0.3esr-1
 	- iceape 2.7.3-1
-CVE-2012-0455
+CVE-2012-0455 (Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x b ...)
 	{DSA-2458-1 DSA-2437-1 DSA-2433-1}
 	- icedove 10.0.3-1
 	- iceweasel 10.0.3esr-1
 	- iceape 2.7.3-1
-CVE-2012-0454
+CVE-2012-0454 (Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Fire ...)
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
-CVE-2012-0453
+CVE-2012-0453 (Cross-site request forgery (CSRF) vulnerability in xmlrpc.cgi in Bugzi ...)
 	- bugzilla <removed>
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-0452
+CVE-2012-0452 (Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Th ...)
 	- icedove <not-affected> (Introduced in Thunderbird 10)
 	- iceweasel 10.0.1-1
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Vulnerable version never uploaded to the archive)
-CVE-2012-0451
+CVE-2012-0451 (CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Fire ...)
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (CSP introduced in Thunderbird 3.3)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (CSP introduced in Firefox 4)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (CSP introduced in Seamonkey 2.1)
-CVE-2012-0450
+CVE-2012-0450 (Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and  ...)
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
@@ -15543,7 +15543,7 @@ CVE-2012-0450
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2012-0449
+CVE-2012-0449 (Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before  ...)
 	{DSA-2406-1 DSA-2402-1 DSA-2400-1}
 	- icedove 10.0.3-1
 	[lenny] - icedove <end-of-life>
@@ -15553,11 +15553,11 @@ CVE-2012-0449
 	- iceape 2.0.14-10
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2012-0448
+CVE-2012-0448 (Bugzilla 2.x and 3.x before 3.4.14, 3.5.x and 3.6.x before 3.6.8, 3.7. ...)
 	- bugzilla <removed> (low)
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-0447
+CVE-2012-0447 (Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaM ...)
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
@@ -15565,7 +15565,7 @@ CVE-2012-0447
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2012-0446
+CVE-2012-0446 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
@@ -15573,7 +15573,7 @@ CVE-2012-0446
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2012-0445
+CVE-2012-0445 (Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaM ...)
 	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
@@ -15581,7 +15581,7 @@ CVE-2012-0445
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2012-0444
+CVE-2012-0444 (Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before  ...)
 	{DSA-2412-1 DSA-2406-1 DSA-2402-1 DSA-2400-1}
 	- libvorbisidec 1.0.2+svn18153-0.1 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
@@ -15593,13 +15593,13 @@ CVE-2012-0444
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.14-10
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2012-0443
+CVE-2012-0443 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 10.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2012-0442
+CVE-2012-0442 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2406-1 DSA-2402-1 DSA-2400-1}
 	- icedove 10.0.3-1
 	[lenny] - icedove <end-of-life>
@@ -15609,14 +15609,14 @@ CVE-2012-0442
 	- iceape 2.0.14-10
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: xulrunner in wheezy is not covered by security support
-CVE-2012-0441
+CVE-2012-0441 (The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security  ...)
 	{DSA-2490-1}
 	- nss 3.13.4-1
-CVE-2012-0440
+CVE-2012-0440 (Cross-site request forgery (CSRF) vulnerability in jsonrpc.cgi in Bugz ...)
 	- bugzilla <removed> (low)
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-0439
+CVE-2012-0439 (An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 ...)
 	NOT-FOR-US: GroupWise
 CVE-2012-0438
 	RESERVED
@@ -15624,27 +15624,27 @@ CVE-2012-0437
 	RESERVED
 CVE-2012-0436
 	RESERVED
-CVE-2012-0435
+CVE-2012-0435 (SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify ...)
 	NOT-FOR-US: YAST
-CVE-2012-0434
+CVE-2012-0434 (The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permission ...)
 	NOT-FOR-US: Crowbar
-CVE-2012-0433
+CVE-2012-0433 (The install-chef-suse.sh script shipped with crowbar before 2012-10-02 ...)
 	NOT-FOR-US: crowbar
-CVE-2012-0432
+CVE-2012-0432 (Stack-based buffer overflow in the Novell NCP implementation in NetIQ  ...)
 	NOT-FOR-US: NetIQ eDirectory
 CVE-2012-0431
 	RESERVED
-CVE-2012-0430
+CVE-2012-0430 (Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 a ...)
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2012-0429
+CVE-2012-0429 (dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8. ...)
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2012-0428
+CVE-2012-0428 (Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x b ...)
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2012-0427
+CVE-2012-0427 (yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 before 2008. ...)
 	NOT-FOR-US: inst-source-utils
-CVE-2012-0426
+CVE-2012-0426 (Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 in SUS ...)
 	NOT-FOR-US: SUSE Linux Enterprise for SAP Applications
-CVE-2012-0425
+CVE-2012-0425 (LanItems.ycp in save_y2logs in yast2-network before 2.24.4 in SUSE YaS ...)
 	NOT-FOR-US: SUSE YaST
 CVE-2012-0424
 	RESERVED
@@ -15652,98 +15652,98 @@ CVE-2012-0423
 	RESERVED
 CVE-2012-0422
 	RESERVED
-CVE-2012-0421
+CVE-2012-0421 (The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager ...)
 	NOT-FOR-US: SUSE Audit Log Keeper daemon
-CVE-2012-0420
+CVE-2012-0420 (zypp-refresh-wrapper in SUSE Zypper before 1.3.20 and 1.6.x before 1.6 ...)
 	NOT-FOR-US: SUSE Zypper
-CVE-2012-0419
+CVE-2012-0419 (Directory traversal vulnerability in the agent HTTP interfaces in Nove ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2012-0418
+CVE-2012-0418 (Unspecified vulnerability in the client in Novell GroupWise 8.0 before ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2012-0417
+CVE-2012-0417 (Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWis ...)
 	NOT-FOR-US: Novell GroupWise
 CVE-2012-0416
 	RESERVED
 CVE-2012-0415
 	RESERVED
-CVE-2012-0414
+CVE-2012-0414 (Cross-site scripting (XSS) vulnerability in the Spacewalk service in S ...)
 	NOT-FOR-US: SuSE extension to Spacewalk
 CVE-2012-0413
 	RESERVED
 CVE-2012-0412
 	RESERVED
-CVE-2012-0411
+CVE-2012-0411 (Unspecified vulnerability in Novell iPrint Client before 5.82 allows r ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2012-0410
+CVE-2012-0410 (Directory traversal vulnerability in WebAccess in Novell GroupWise bef ...)
 	NOT-FOR-US: Groupwise
-CVE-2012-0409
+CVE-2012-0409 (Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4. ...)
 	NOT-FOR-US: EMC
 CVE-2012-0408
 	REJECTED
-CVE-2012-0407
+CVE-2012-0407 (Integer overflow in the DPA_Utilities library in EMC Data Protection A ...)
 	NOT-FOR-US: emc.com Data Protection Advisor
-CVE-2012-0406
+CVE-2012-0406 (The DPA_Utilities.cProcessAuthenticationData function in EMC Data Prot ...)
 	NOT-FOR-US: emc.com Data Protection Advisor
 CVE-2012-0405
 	REJECTED
-CVE-2012-0404
+CVE-2012-0404 (Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom befor ...)
 	NOT-FOR-US: EMC Documentum eRoom
-CVE-2012-0403
+CVE-2012-0403 (Directory traversal vulnerability in EMC RSA enVision 4.x before 4.1 P ...)
 	NOT-FOR-US: EMC RSA enVision
-CVE-2012-0402
+CVE-2012-0402 (EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded cre ...)
 	NOT-FOR-US: EMC RSA enVision
-CVE-2012-0401
+CVE-2012-0401 (Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before  ...)
 	NOT-FOR-US: EMC RSA enVision
-CVE-2012-0400
+CVE-2012-0400 (EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the ...)
 	NOT-FOR-US: EMC RSA enVision
-CVE-2012-0399
+CVE-2012-0399 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA enVisio ...)
 	NOT-FOR-US: EMC RSA enVision
-CVE-2012-0398
+CVE-2012-0398 (EMC Documentum eRoom before 7.4.4 does not properly validate session c ...)
 	NOT-FOR-US: EMC Documentum eRoom
-CVE-2012-0397
+CVE-2012-0397 (Buffer overflow in EMC RSA SecurID Software Token Converter before 2.6 ...)
 	NOT-FOR-US: EMC RSA SecurID Software Token Converter
-CVE-2012-0396
+CVE-2012-0396 (EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not properly e ...)
 	NOT-FOR-US: EMC
-CVE-2012-0395
+CVE-2012-0395 (Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before  ...)
 	NOT-FOR-US: EMC
-CVE-2012-0394
+CVE-2012-0394 (** DISPUTED ** The DebuggingInterceptor component in Apache Struts bef ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2, #657870)
-CVE-2012-0393
+CVE-2012-0393 (The ParameterInterceptor component in Apache Struts before 2.3.1.1 doe ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2, #657870)
-CVE-2012-0392
+CVE-2012-0392 (The CookieInterceptor component in Apache Struts before 2.3.1.1 does n ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2, #657870)
-CVE-2012-0391
+CVE-2012-0391 (The ExceptionDelegator component in Apache Struts before 2.2.3.1 inter ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2, #657870)
-CVE-2012-0390
+CVE-2012-0390 (The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain  ...)
 	- gnutls28 3.0.11-1
 	- gnutls26 <not-affected> (lacks DTLS support and is not affected)
-CVE-2012-0389
+CVE-2012-0389 (Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in  ...)
 	NOT-FOR-US: MailEnable Professional
-CVE-2012-0388
+CVE-2012-0388 (Memory leak in the H.323 inspection feature in the Zone-Based Firewall ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0387
+CVE-2012-0387 (Memory leak in the HTTP Inspection Engine feature in the Zone-Based Fi ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0386
+CVE-2012-0386 (The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0385
+CVE-2012-0385 (The Smart Install feature in Cisco IOS 12.2, 15.0, 15.1, and 15.2 allo ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0384
+CVE-2012-0384 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x thr ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0383
+CVE-2012-0383 (Memory leak in the NAT feature in Cisco IOS 12.4, 15.0, and 15.1 allow ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0382
+CVE-2012-0382 (The Multicast Source Discovery Protocol (MSDP) implementation in Cisco ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0381
+CVE-2012-0381 (The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 throu ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2012-0380
 	RESERVED
 CVE-2012-0379
 	RESERVED
-CVE-2012-0378
+CVE-2012-0378 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
 CVE-2012-0377
 	RESERVED
-CVE-2012-0376
+CVE-2012-0376 (The voice-sipstack component in Cisco Unified Communications Manager ( ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2012-0375
 	RESERVED
@@ -15753,45 +15753,45 @@ CVE-2012-0373
 	RESERVED
 CVE-2012-0372
 	RESERVED
-CVE-2012-0371
+CVE-2012-0371 (Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6. ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2012-0370
+CVE-2012-0370 (Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6. ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2012-0369
+CVE-2012-0369 (Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0  ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2012-0368
+CVE-2012-0368 (The administrative management interface on Cisco Wireless LAN Controll ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2012-0367
+CVE-2012-0367 (Cisco Unity Connection before 7.1.5b(Su5), 8.0 and 8.5 before 8.5.1(Su ...)
 	NOT-FOR-US: Cisco Unity Connection
-CVE-2012-0366
+CVE-2012-0366 (Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated  ...)
 	NOT-FOR-US: Cisco Unity Connection
-CVE-2012-0365
+CVE-2012-0365 (Directory traversal vulnerability in the Local TFTP file-upload applic ...)
 	NOT-FOR-US: Cisco SRP 520 series devices
-CVE-2012-0364
+CVE-2012-0364 (Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W- ...)
 	NOT-FOR-US: Cisco SRP devices
-CVE-2012-0363
+CVE-2012-0363 (The web interface on Cisco SRP 520 series devices with firmware before ...)
 	NOT-FOR-US: Cisco SRP devices
-CVE-2012-0362
+CVE-2012-0362 (The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0361
+CVE-2012-0361 (The sccp-protocol component in Cisco IP Communicator (CIPC) 7.0 throug ...)
 	NOT-FOR-US: Cisco
-CVE-2012-0360
+CVE-2012-0360 (Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is ena ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0359
+CVE-2012-0359 (The Cisco Cius with software before 9.2(1) SR2 allows remote attackers ...)
 	NOT-FOR-US: Cisco Cius
-CVE-2012-0358
+CVE-2012-0358 (Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf. ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
 CVE-2012-0357
 	RESERVED
-CVE-2012-0356
+CVE-2012-0356 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2012-0355
+CVE-2012-0355 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2012-0354
+CVE-2012-0354 (The Threat Detection feature on Cisco Adaptive Security Appliances (AS ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2012-0353
+CVE-2012-0353 (The UDP inspection engine on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2012-0352
+CVE-2012-0352 (Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series switches ...)
 	NOT-FOR-US: Cisco NX-OS
 CVE-2012-0351
 	RESERVED
@@ -15815,277 +15815,277 @@ CVE-2012-0342
 	RESERVED
 CVE-2012-0341
 	RESERVED
-CVE-2012-0340
+CVE-2012-0340 (Cross-site scripting (XSS) vulnerability in the management interface o ...)
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
-CVE-2012-0339
+CVE-2012-0339 (Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also k ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0338
+CVE-2012-0338 (Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also k ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2012-0337
+CVE-2012-0337 (SQL injection vulnerability in the web component in Cisco Unified Meet ...)
 	NOT-FOR-US: Cisco
 CVE-2012-0336
 	RESERVED
-CVE-2012-0335
+CVE-2012-0335 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
 	NOT-FOR-US: Cisco
 CVE-2012-0334
 	RESERVED
-CVE-2012-0333
+CVE-2012-0333 (Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and  ...)
 	NOT-FOR-US: Cisco
 CVE-2012-0332
 	RESERVED
-CVE-2012-0331
+CVE-2012-0331 (Cisco TelePresence Video Communication Server with software before X7. ...)
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
-CVE-2012-0330
+CVE-2012-0330 (Cisco TelePresence Video Communication Server with software before X7. ...)
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
-CVE-2012-0329
+CVE-2012-0329 (Cisco Digital Media Manager 5.2.2 and earlier, and 5.2.3, allows remot ...)
 	NOT-FOR-US: Cisco Digital Media Manager
-CVE-2012-0328
+CVE-2012-0328 (Janetter before 3.3.0.0 (aka 3.3.0) allows remote attackers to obtain  ...)
 	NOT-FOR-US: Janetter
-CVE-2012-0327
+CVE-2012-0327 (Cross-site scripting (XSS) vulnerability in Redmine before 1.3.2 allow ...)
 	- redmine 1.3.2+dfsg1-1
 	[squeeze] - redmine <end-of-life> (Redmine not supported because of rails)
 	NOTE: http://jvn.jp/en/jp/JVN93406632/
 	NOTE: patch unclear: difficult to find the patch in 1.3.2 release
-CVE-2012-0326
+CVE-2012-0326 (The twicca application 0.7.0 through 0.9.30 for Android does not prope ...)
 	NOT-FOR-US: twicca application for Android
-CVE-2012-0325
+CVE-2012-0325 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenk ...)
 	- jenkins 1.424.6+dfsg-1
-CVE-2012-0324
+CVE-2012-0324 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenk ...)
 	- jenkins 1.424.6+dfsg-1
-CVE-2012-0323
+CVE-2012-0323 (Cross-site scripting (XSS) vulnerability in the Autocomplete plugin be ...)
 	NOT-FOR-US: Autocomplete plugin for SquirrelMail
-CVE-2012-0322
+CVE-2012-0322 (The EStrongs ES File Explorer application 1.6.0.2 through 1.6.1.1 for  ...)
 	NOT-FOR-US: EStrongs ES File Explorer
-CVE-2012-0321
+CVE-2012-0321 (Unspecified vulnerability in the device driver in Kingsoft Internet Se ...)
 	NOT-FOR-US: Kingsoft Internet Security 2011
-CVE-2012-0320
+CVE-2012-0320 (Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow ...)
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
-CVE-2012-0319
+CVE-2012-0319 (The file-management system in Movable Type before 4.38, 5.0x before 5. ...)
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
-CVE-2012-0318
+CVE-2012-0318 (Multiple cross-site scripting (XSS) vulnerabilities in Movable Type be ...)
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
-CVE-2012-0317
+CVE-2012-0317 (Multiple cross-site request forgery (CSRF) vulnerabilities in Movable  ...)
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
-CVE-2012-0316
+CVE-2012-0316 (The Cookpad 1.5.16 and earlier and Cookpad Noseru 1.1.1 and earlier ap ...)
 	NOT-FOR-US: Cookpad
-CVE-2012-0315
+CVE-2012-0315 (Untrusted search path vulnerability in ALFTP before 5.31 allows local  ...)
 	NOT-FOR-US: ALFTP
-CVE-2012-0314
+CVE-2012-0314 (Multiple cross-site request forgery (CSRF) vulnerabilities on the eAcc ...)
 	NOT-FOR-US: eAccess Pocket WiFi
-CVE-2012-0313
+CVE-2012-0313 (Cross-site scripting (XSS) vulnerability in glucose 2 before stage 6.2 ...)
 	NOT-FOR-US: glucose
-CVE-2012-0312
+CVE-2012-0312 (Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before  ...)
 	NOT-FOR-US: osCommerce
-CVE-2012-0311
+CVE-2012-0311 (Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before  ...)
 	NOT-FOR-US: osCommerce
-CVE-2012-0310
+CVE-2012-0310 (CRLF injection vulnerability in Cogent DataHub 7.1.2 and earlier, Casc ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2012-0309
+CVE-2012-0309 (Cross-site scripting (XSS) vulnerability in Cogent DataHub 7.1.2 and e ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2012-0308
+CVE-2012-0308 (Cross-site request forgery (CSRF) vulnerability in Symantec Messaging  ...)
 	NOT-FOR-US: Symantec Messaging Gateway
-CVE-2012-0307
+CVE-2012-0307 (Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messag ...)
 	NOT-FOR-US: Symantec Messaging Gateway
-CVE-2012-0306
+CVE-2012-0306 (Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote attacker ...)
 	NOT-FOR-US: Symantec Ghost Solution Suite
-CVE-2012-0305
+CVE-2012-0305 (Untrusted search path vulnerability in Symantec System Recovery 2011 b ...)
 	NOT-FOR-US: Symantec System Recovery 2011 before SP2 and Backup Exec System Recovery 2010 before SP5
-CVE-2012-0304
+CVE-2012-0304 (Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions ( ...)
 	NOT-FOR-US: Symantec LiveUpdate Administrator
-CVE-2012-0303
+CVE-2012-0303 (Multiple cross-site request forgery (CSRF) vulnerabilities in Brightma ...)
 	NOT-FOR-US: Symantec Message Filter
-CVE-2012-0302
+CVE-2012-0302 (Cross-site scripting (XSS) vulnerability in Brightmail Control Center  ...)
 	NOT-FOR-US: Symantec Message Filter
-CVE-2012-0301
+CVE-2012-0301 (Session fixation vulnerability in Brightmail Control Center in Symante ...)
 	NOT-FOR-US: Symantec Message Filter
-CVE-2012-0300
+CVE-2012-0300 (Brightmail Control Center in Symantec Message Filter 6.3 does not prop ...)
 	NOT-FOR-US: Symantec Message Filter
-CVE-2012-0299
+CVE-2012-0299 (The file-management scripts in the management GUI in Symantec Web Gate ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-0298
+CVE-2012-0298 (The file-management scripts in the management GUI in Symantec Web Gate ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-0297
+CVE-2012-0297 (The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-0296
+CVE-2012-0296 (Multiple cross-site scripting (XSS) vulnerabilities in the management  ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2012-0295
+CVE-2012-0295 (The Manager service in the management console in Symantec Endpoint Pro ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2012-0294
+CVE-2012-0294 (Directory traversal vulnerability in the Manager service in the manage ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2012-0293
+CVE-2012-0293 (Multiple SQL injection vulnerabilities in Symantec Altiris WISE Packag ...)
 	NOT-FOR-US: Symantec Altiris WISE Package Studio
-CVE-2012-0292
+CVE-2012-0292 (The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT ...)
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2012-0291
+CVE-2012-0291 (Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnyw ...)
 	NOT-FOR-US: pcAnywhere
-CVE-2012-0290
+CVE-2012-0290 (Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnyw ...)
 	NOT-FOR-US: Symantec pcAnywhere
-CVE-2012-0289
+CVE-2012-0289 (Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x throug ...)
 	NOT-FOR-US: Symantec Network Access Control
 CVE-2012-0288
 	RESERVED
-CVE-2012-0287
+CVE-2012-0287 (Cross-site scripting (XSS) vulnerability in wp-comments-post.php in Wo ...)
 	- wordpress 3.3.1+dfsg-1
 	[squeeze] - wordpress <not-affected> (only 3.3.x vulnerable)
 	[lenny] - wordpress <not-affected> (only 3.3.x vulnerable)
-CVE-2012-0286
+CVE-2012-0286 (Cross-site request forgery (CSRF) vulnerability in Stoneware webNetwor ...)
 	NOT-FOR-US: Stoneware webNetwork
-CVE-2012-0285
+CVE-2012-0285 (Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNe ...)
 	NOT-FOR-US: Stoneware webNetwork
-CVE-2012-0284
+CVE-2012-0284 (Stack-based buffer overflow in the SetSource method in the Cisco Links ...)
 	NOT-FOR-US: Cisco
-CVE-2012-0283
+CVE-2012-0283 (Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList func ...)
 	- dokuwiki 0.0.20120125b-1 (low; bug #683378)
 	[squeeze] - dokuwiki <not-affected> (Vulnerable functionality not present, see #683378)
-CVE-2012-0282
+CVE-2012-0282 (Heap-based buffer overflow in XnView before 1.99 allows remote attacke ...)
 	NOT-FOR-US: XnView
 CVE-2012-0281
 	RESERVED
 CVE-2012-0280
 	RESERVED
-CVE-2012-0279
+CVE-2012-0279 (Quest Toad for Data Analysts 3.0.1 uses weak permissions (Everyone: Fu ...)
 	NOT-FOR-US: Quest (quest.com) Toad
-CVE-2012-0278
+CVE-2012-0278 (Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for I ...)
 	NOT-FOR-US: IrfanView
-CVE-2012-0277
+CVE-2012-0277 (Heap-based buffer overflow in XnView before 1.99 allows remote attacke ...)
 	NOT-FOR-US: XnView
-CVE-2012-0276
+CVE-2012-0276 (Multiple heap-based buffer overflows in XnView before 1.99 allow remot ...)
 	NOT-FOR-US: XnView
-CVE-2012-0275
+CVE-2012-0275 (Heap-based buffer overflow in Photoshop.exe in Adobe Photoshop CS5 12. ...)
 	NOT-FOR-US: Adobe Photoshop CS5
 CVE-2012-0274
 	RESERVED
-CVE-2012-0273
+CVE-2012-0273 (Multiple stack-based buffer overflows in MinaliC 2.0.0 allow remote at ...)
 	NOT-FOR-US: MinaliC (Webserver)
-CVE-2012-0272
+CVE-2012-0272 (Cross-site scripting (XSS) vulnerability in the WebAccess component in ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2012-0271
+CVE-2012-0271 (Integer overflow in the WebConsole component in gwia.exe in GroupWise  ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2012-0270
+CVE-2012-0270 (Multiple stack-based buffer overflows in Csound before 5.16.6 allow re ...)
 	- csound 1:5.16.6~dfsg-1 (low; bug #661197)
 	[squeeze] - csound <no-dsa> (Minor issue)
 	NOTE: http://secunia.com/secunia_research/2012-3/
 	NOTE: http://csound.git.sourceforge.net/git/gitweb.cgi?p=csound/csound5.git;a=commitdiff;h=7d617a9551fb6c552ba16874b71266fcd90f3a6f
-CVE-2012-0269
+CVE-2012-0269 (Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 throug ...)
 	NOT-FOR-US: various Ichitaro products
-CVE-2012-0268
+CVE-2012-0268 (Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo ...)
 	NOT-FOR-US: Yahoo! Messenger
-CVE-2012-0267
+CVE-2012-0267 (The StopModule method in the NTR ActiveX control before 2.0.4.8 allows ...)
 	NOT-FOR-US: NTR ActiveX control
-CVE-2012-0266
+CVE-2012-0266 (Multiple stack-based buffer overflows in the NTR ActiveX control befor ...)
 	NOT-FOR-US: NTR ActiveX control
-CVE-2012-0265
+CVE-2012-0265 (Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2012-0264
+CVE-2012-0264 (op5 Monitor and op5 Appliance before 5.5.0 do not properly manage sess ...)
 	NOT-FOR-US: op5
-CVE-2012-0263
+CVE-2012-0263 (monitor/index.php in op5 Monitor and op5 Appliance before 5.5.1 allows ...)
 	NOT-FOR-US: op5
-CVE-2012-0262
+CVE-2012-0262 (op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and  ...)
 	NOT-FOR-US: op5
-CVE-2012-0261
+CVE-2012-0261 (license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appli ...)
 	NOT-FOR-US: op5
-CVE-2012-0260
+CVE-2012-0260 (The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before ...)
 	{DSA-2462-1}
 	- imagemagick 8:6.7.4.0-4 (bug #667635)
-CVE-2012-0259
+CVE-2012-0259 (The GetEXIFProperty function in magick/property.c in ImageMagick befor ...)
 	{DSA-2462-1}
 	- imagemagick 8:6.7.4.0-4 (bug #667635)
-CVE-2012-0258
+CVE-2012-0258 (Heap-based buffer overflow in the WWCabFile ActiveX component in the W ...)
 	NOT-FOR-US: Invensys Wonderware Application Server
-CVE-2012-0257
+CVE-2012-0257 (Heap-based buffer overflow in the WWCabFile ActiveX component in the W ...)
 	NOT-FOR-US: Invensys Wonderware Application Server
-CVE-2012-0256
+CVE-2012-0256 (Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3. ...)
 	- trafficserver 3.0.4-1
-CVE-2012-0255
+CVE-2012-0255 (The BGP implementation in bgpd in Quagga before 0.99.20.1 does not pro ...)
 	{DSA-2459-1}
 	- quagga 0.99.20.1-1
-CVE-2012-0254
+CVE-2012-0254 (Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL Acti ...)
 	NOT-FOR-US: Honeywell
-CVE-2012-0253
+CVE-2012-0253 (Multiple cross-site scripting (XSS) vulnerabilities in Demand Media Pl ...)
 	NOT-FOR-US: Demand Media Pluck SiteLife
 CVE-2012-0252
 	RESERVED
 CVE-2012-0251
 	RESERVED
-CVE-2012-0250
+CVE-2012-0250 (Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before ...)
 	{DSA-2459-1}
 	- quagga 0.99.20.1-1
-CVE-2012-0249
+CVE-2012-0249 (Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c  ...)
 	{DSA-2459-1}
 	- quagga 0.99.20.1-1
-CVE-2012-0248
+CVE-2012-0248 (ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a den ...)
 	{DSA-2427-1}
 	- imagemagick 8:6.6.9.7-6 (low; bug #659339)
-CVE-2012-0247
+CVE-2012-0247 (ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a den ...)
 	{DSA-2427-1}
 	- imagemagick 8:6.6.9.7-6 (bug #659339)
-CVE-2012-0246
+CVE-2012-0246 (Directory traversal vulnerability in an unspecified ActiveX control in ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2012-0245
+CVE-2012-0245 (Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB Rob ...)
 	NOT-FOR-US: ABB Robot Communications Runtime
-CVE-2012-0244
+CVE-2012-0244 (Multiple SQL injection vulnerabilities in Advantech/BroadWin WebAccess ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0243
+CVE-2012-0243 (Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/Bro ...)
 	NOT-FOR-US: ActiveX
-CVE-2012-0242
+CVE-2012-0242 (Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0241
+CVE-2012-0241 (Advantech/BroadWin WebAccess before 7.0 allows remote attackers to cau ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0240
+CVE-2012-0240 (GbScriptAddUp.asp in Advantech/BroadWin WebAccess before 7.0 does not  ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0239
+CVE-2012-0239 (uaddUpAdmin.asp in Advantech/BroadWin WebAccess before 7.0 does not pr ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0238
+CVE-2012-0238 (Stack-based buffer overflow in opcImg.asp in Advantech/BroadWin WebAcc ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0237
+CVE-2012-0237 (Advantech/BroadWin WebAccess before 7.0 allows remote attackers to (1) ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0236
+CVE-2012-0236 (Advantech/BroadWin WebAccess 7.0 and earlier allows remote attackers t ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0235
+CVE-2012-0235 (Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin  ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0234
+CVE-2012-0234 (SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0233
+CVE-2012-0233 (Cross-site scripting (XSS) vulnerability in Advantech/BroadWin WebAcce ...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0232
+CVE-2012-0232 (Directory traversal vulnerability in rifsrvd.exe in the Remote Interfa ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information Portal
-CVE-2012-0231
+CVE-2012-0231 (PRLicenseMgr.exe in the Proficy Server License Manager in GE Intellige ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy Plant Applications
-CVE-2012-0230
+CVE-2012-0230 (PRRDS.exe in the Proficy Remote Data Service in GE Intelligent Platfor ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy Plant Applications
-CVE-2012-0229
+CVE-2012-0229 (The Data Archiver service in GE Intelligent Platforms Proficy Historia ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy Historian
-CVE-2012-0228
+CVE-2012-0228 (Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not proper ...)
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2012-0227
+CVE-2012-0227 (Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in Component ...)
 	NOT-FOR-US: Open Automation Software OPC Systems.NET
-CVE-2012-0226
+CVE-2012-0226 (SQL injection vulnerability in Invensys Wonderware Information Server  ...)
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2012-0225
+CVE-2012-0225 (Cross-site scripting (XSS) vulnerability in Invensys Wonderware Inform ...)
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2012-0224
+CVE-2012-0224 (Untrusted search path vulnerability in 7-Technologies (7T) AQUIS 1.5 a ...)
 	NOT-FOR-US: 7-Technologies (7T) AQUIS
-CVE-2012-0223
+CVE-2012-0223 (Untrusted search path vulnerability in 7-Technologies (7T) TERMIS 2.10 ...)
 	NOT-FOR-US: TERMIS
-CVE-2012-0222
+CVE-2012-0222 (The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Al ...)
 	NOT-FOR-US: Rockwell Automation Allen-Bradley FactoryTalk
-CVE-2012-0221
+CVE-2012-0221 (The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Al ...)
 	NOT-FOR-US: Rockwell Automation Allen-Bradley FactoryTalk
-CVE-2012-0220
+CVE-2012-0220 (Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin ...)
 	{DSA-2474-1}
 	- ikiwiki 3.20120516
-CVE-2012-0219
+CVE-2012-0219 (Heap-based buffer overflow in the xioscan_readline function in xio-rea ...)
 	- socat 1.7.1.3-1.3 (low; bug #672994)
 	[squeeze] - socat <no-dsa> (Minor issue)
 	NOTE: http://www.dest-unreach.org/socat/contrib/socat-secadv3.html
-CVE-2012-0218
+CVE-2012-0218 (Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler  ...)
 	{DSA-2501-1}
 	- xen 4.1.3~rc1+hg-20120614.a9c0a89c08f2-1
-CVE-2012-0217
+CVE-2012-0217 (The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier,  ...)
 	{DSA-2508-1 DSA-2501-1}
 	- xen 4.1.3~rc1+hg-20120614.a9c0a89c08f2-1
 	- kfreebsd-8 8.3-4 (bug #677297)
@@ -16095,327 +16095,327 @@ CVE-2012-0217
 	NOTE: microsoft windows, which is also a part of this id assignment (and a
 	NOTE: bit strangely the only os currently called out in the mitre description).
 	NOTE: also affected the linux kernel, and was fixed 6 years earlier as CVE-2006-0744.
-CVE-2012-0216
+CVE-2012-0216 (The default configuration of the apache2 package in Debian GNU/Linux s ...)
 	{DSA-2452-1}
 	- apache2 2.2.22-4 (low)
-CVE-2012-0215
+CVE-2012-0215 (model/modelstorage.py in the Tryton application framework (trytond) be ...)
 	{DSA-2444-1}
 	- tryton-server 2.2.2-1 (medium)
-CVE-2012-0214
+CVE-2012-0214 (The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Ad ...)
 	- apt 0.8.15.10
 	[squeeze] - apt <not-affected> (Vulnerable code not present)
 	[lenny] - apt <not-affected> (Vulnerable code not present)
-CVE-2012-0213
+CVE-2012-0213 (The UnhandledDataStructure function in hwpf/model/UnhandledDataStructu ...)
 	{DSA-2468-1}
 	- libjakarta-poi-java <removed>
-CVE-2012-0212
+CVE-2012-0212 (debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11. ...)
 	{DSA-2409-1}
 	- devscripts 2.11.4
-CVE-2012-0211
+CVE-2012-0211 (debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11. ...)
 	{DSA-2409-1}
 	- devscripts 2.11.4
-CVE-2012-0210
+CVE-2012-0210 (debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11. ...)
 	{DSA-2409-1}
 	- devscripts 2.11.4
-CVE-2012-0209
+CVE-2012-0209 (Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edit ...)
 	- horde3 3.3.12+debian0-2 (bug #660077)
 	[squeeze] - horde3 <not-affected> (Introduced in 3.3.12)
 	[lenny] - horde3 <not-affected> (Introduced in 3.3.12)
-CVE-2012-0208
+CVE-2012-0208 (Unspecified vulnerability in the Oracle Grid Engine component in Oracl ...)
 	{DSA-2472-1}
 	- gridengine 6.2u5-6
 	NOTE: http://www.securityfocus.com/bid/53123/info
 	NOTE: http://gridscheduler.sourceforge.net/security.html
-CVE-2012-0207
+CVE-2012-0207 (The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel b ...)
 	- linux-2.6 3.1.8-2 (bug #654876)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
-CVE-2012-0206
+CVE-2012-0206 (common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2 ...)
 	{DSA-2385-1}
 	- pdns 3.0-1.1 (high)
-CVE-2012-0205
+CVE-2012-0205 (InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere  ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0204
+CVE-2012-0204 (Untrusted search path vulnerability in InfoSphere Import Export Manage ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0203
+CVE-2012-0203 (Cross-site scripting (XSS) vulnerability in InfoSphere Metadata Workbe ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2012-0202
+CVE-2012-0202 (Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Ser ...)
 	NOT-FOR-US: Admin Server in IBM Cognos TM1
-CVE-2012-0201
+CVE-2012-0201 (Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Persona ...)
 	NOT-FOR-US: IBM Personal Communications
-CVE-2012-0200
+CVE-2012-0200 (The server in IBM solidDB 6.5 before Interim Fix 6 does not properly i ...)
 	NOT-FOR-US: IBM solidDB
-CVE-2012-0199
+CVE-2012-0199 (Multiple SQL injection vulnerabilities in IBM Tivoli Provisioning Mana ...)
 	NOT-FOR-US: IBM Tivoli Provisioning Manager Express
-CVE-2012-0198
+CVE-2012-0198 (Stack-based buffer overflow in the RunAndUploadFile method in the Isig ...)
 	NOT-FOR-US: IBM Tivoli Provisioning Manager Express
 CVE-2012-0197
 	RESERVED
 CVE-2012-0196
 	RESERVED
-CVE-2012-0195
+CVE-2012-0195 (Cross-site scripting (XSS) vulnerability in the Start Center Layout an ...)
 	NOT-FOR-US: IBM Maximo Asset Management and others
-CVE-2012-0194
+CVE-2012-0194 (The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Se ...)
 	NOT-FOR-US: AIX
-CVE-2012-0193
+CVE-2012-0193 (IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.43, 6.1 befor ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-0192
+CVE-2012-0192 (Multiple integer overflows in vclmi.dll in the visual class library mo ...)
 	NOT-FOR-US: IBM Lotus Symphony
-CVE-2012-0191
+CVE-2012-0191 (The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP ...)
 	NOT-FOR-US: IBM Lotus Expeditor
-CVE-2012-0190
+CVE-2012-0190 (Unspecified vulnerability in the Render method in the ExportHTML.ocx A ...)
 	NOT-FOR-US: IBM SPSS Dimensions
-CVE-2012-0189
+CVE-2012-0189 (Multiple unspecified vulnerabilities in the (1) PrintFile and (2) Save ...)
 	NOT-FOR-US: IBM SPSS SamplePower
-CVE-2012-0188
+CVE-2012-0188 (Unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX ...)
 	NOT-FOR-US: IBM SPSS Dimensions
-CVE-2012-0187
+CVE-2012-0187 (Untrusted search path vulnerability in IBM Lotus Expeditor 6.1.x and 6 ...)
 	NOT-FOR-US: IBM Lotus Expeditor
-CVE-2012-0186
+CVE-2012-0186 (Directory traversal vulnerability in the Eclipse Help component in IBM ...)
 	NOT-FOR-US: IBM Lotus Expeditor
-CVE-2012-0185
+CVE-2012-0185 (Heap-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 201 ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2012-0184
+CVE-2012-0184 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Off ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2012-0183
+CVE-2012-0183 (Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2012-0182
+CVE-2012-0182 (Microsoft Word 2007 SP2 and SP3 does not properly handle memory during ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2012-0181
+CVE-2012-0181 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0180
+CVE-2012-0180 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0179
+CVE-2012-0179 (Double free vulnerability in tcpip.sys in Microsoft Windows Server 200 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0178
+CVE-2012-0178 (Race condition in partmgr.sys in Windows Partition Manager in Microsof ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0177
+CVE-2012-0177 (Heap-based buffer overflow in the Office Works File Converter in Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0176
+CVE-2012-0176 (Double free vulnerability in Microsoft Silverlight 4 before 4.1.10329  ...)
 	NOT-FOR-US: Microsoft Silverlight
-CVE-2012-0175
+CVE-2012-0175 (The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0174
+CVE-2012-0174 (Windows Firewall in tcpip.sys in Microsoft Windows Vista SP2, Windows  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0173
+CVE-2012-0173 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0172
+CVE-2012-0172 (Microsoft Internet Explorer 6 through 8 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-0171
+CVE-2012-0171 (Microsoft Internet Explorer 6 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-0170
+CVE-2012-0170 (Microsoft Internet Explorer 6 and 7 does not properly handle objects i ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-0169
+CVE-2012-0169 (Microsoft Internet Explorer 9 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-0168
+CVE-2012-0168 (Microsoft Internet Explorer 6 through 9 allows user-assisted remote at ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-0167
+CVE-2012-0167 (Heap-based buffer overflow in the Office GDI+ library in Microsoft Off ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-0166
 	REJECTED
-CVE-2012-0165
+CVE-2012-0165 (GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2 and Office 200 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0164
+CVE-2012-0164 (Microsoft .NET Framework 4 does not properly compare index values, whi ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-0163
+CVE-2012-0163 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-0162
+CVE-2012-0162 (Microsoft .NET Framework 4 does not properly allocate buffers, which a ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-0161
+CVE-2012-0161 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1,  ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-0160
+CVE-2012-0160 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1,  ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-0159
+CVE-2012-0159 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vis ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0158
+CVE-2012-0158 (The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 Activ ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0157
+CVE-2012-0157 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0156
+CVE-2012-0156 (DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0155
+CVE-2012-0155 (Microsoft Internet Explorer 9 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0154
+CVE-2012-0154 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft
 CVE-2012-0153
 	REJECTED
-CVE-2012-0152
+CVE-2012-0152 (The Remote Desktop Protocol (RDP) service in Microsoft Windows Server  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0151
+CVE-2012-0151 (The Authenticode Signature Verification function in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0150
+CVE-2012-0150 (Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0149
+CVE-2012-0149 (afd.sys in the Ancillary Function Driver in Microsoft Windows Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0148
+CVE-2012-0148 (afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0147
+CVE-2012-0147 (Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Upda ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0146
+CVE-2012-0146 (Open redirect vulnerability in Microsoft Forefront Unified Access Gate ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0145
+CVE-2012-0145 (Cross-site scripting (XSS) vulnerability in wizardlist.aspx in Microso ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0144
+CVE-2012-0144 (Cross-site scripting (XSS) vulnerability in themeweb.aspx in Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0143
+CVE-2012-0143 (Microsoft Excel 2003 SP3 and Office 2008 for Mac do not properly handl ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0142
+CVE-2012-0142 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Off ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0141
+CVE-2012-0141 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Off ...)
 	NOT-FOR-US: Microsoft
 CVE-2012-0140
 	REJECTED
 CVE-2012-0139
 	REJECTED
-CVE-2012-0138
+CVE-2012-0138 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memo ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0137
+CVE-2012-0137 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memo ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0136
+CVE-2012-0136 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memo ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0135
+CVE-2012-0135 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-0134
+CVE-2012-0134 (Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8 ...)
 	NOT-FOR-US: HP OpenVMS
-CVE-2012-0133
+CVE-2012-0133 (HP ProCurve 5400 zl switches with certain serial numbers include a com ...)
 	NOT-FOR-US: HP ProCurve
-CVE-2012-0132
+CVE-2012-0132 (Cross-site scripting (XSS) vulnerability in HP Business Availability C ...)
 	NOT-FOR-US: HP Business Availability
-CVE-2012-0131
+CVE-2012-0131 (Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.1 ...)
 	NOT-FOR-US: HP HP-UX
-CVE-2012-0130
+CVE-2012-0130 (HP Onboard Administrator (OA) before 3.50 allows remote attackers to o ...)
 	NOT-FOR-US: HP Onboard Administrator
-CVE-2012-0129
+CVE-2012-0129 (HP Onboard Administrator (OA) before 3.50 allows remote attackers to b ...)
 	NOT-FOR-US: HP Onboard Administrator
-CVE-2012-0128
+CVE-2012-0128 (HP Onboard Administrator (OA) before 3.50 allows remote attackers to r ...)
 	NOT-FOR-US: HP Onboard Administrator
-CVE-2012-0127
+CVE-2012-0127 (Unspecified vulnerability in HP Performance Manager 9.00 allows remote ...)
 	NOT-FOR-US: HP Performance Manager
-CVE-2012-0126
+CVE-2012-0126 (Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 ...)
 	NOT-FOR-US: HP HP-UX
-CVE-2012-0125
+CVE-2012-0125 (Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.31 ...)
 	NOT-FOR-US: HP HP-UX
-CVE-2012-0124
+CVE-2012-0124 (Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.0 ...)
 	NOT-FOR-US: HP Data Protector Express
-CVE-2012-0123
+CVE-2012-0123 (Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.0 ...)
 	NOT-FOR-US: HP Data Protector Express
-CVE-2012-0122
+CVE-2012-0122 (Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.0 ...)
 	NOT-FOR-US: HP Data Protector Express
-CVE-2012-0121
+CVE-2012-0121 (Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.0 ...)
 	NOT-FOR-US: HP Data Protector Express
-CVE-2012-0120
+CVE-2012-0120 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0119
+CVE-2012-0119 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0118
+CVE-2012-0118 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0117
+CVE-2012-0117 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental)
-CVE-2012-0116
+CVE-2012-0116 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0115
+CVE-2012-0115 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0114
+CVE-2012-0114 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0113
+CVE-2012-0113 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0112
+CVE-2012-0112 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0111
+CVE-2012-0111 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox 4.1.8-dfsg-1 (bug #659950)
 	[squeeze] - virtualbox <not-affected> (Vulnerable code not present, see #659950)
-CVE-2012-0110
+CVE-2012-0110 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0109
+CVE-2012-0109 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0108
+CVE-2012-0108 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0107
+CVE-2012-0107 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0106
+CVE-2012-0106 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0105
+CVE-2012-0105 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox-guest-additions-iso 4.1.8-1 (bug #659951)
 	[squeeze] - virtualbox-guest-additions-iso <not-affected> (Vulnerable code not present, see #659950)
-CVE-2012-0104
+CVE-2012-0104 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1  ...)
 	- glassfish <not-affected> (Debian package only builds a few API elements)
-CVE-2012-0103
+CVE-2012-0103 (Unspecified vulnerability in Oracle Solaris 11 Express allows local us ...)
 	NOT-FOR-US: Oracle Solaris Kernel
-CVE-2012-0102
+CVE-2012-0102 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0101
+CVE-2012-0101 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0100
+CVE-2012-0100 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allo ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0099
+CVE-2012-0099 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allo ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0098
+CVE-2012-0098 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0097
+CVE-2012-0097 (Unspecified vulnerability in Oracle Solaris 11 Express allows local us ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0096
+CVE-2012-0096 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0095
+CVE-2012-0095 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0094
+CVE-2012-0094 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allo ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2012-0093
+CVE-2012-0093 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0092
+CVE-2012-0092 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0091
+CVE-2012-0091 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0090
+CVE-2012-0090 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0089
+CVE-2012-0089 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0088
+CVE-2012-0088 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0087
+CVE-2012-0087 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0086
+CVE-2012-0086 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0085
+CVE-2012-0085 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0084
+CVE-2012-0084 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0083
+CVE-2012-0083 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2012-0082
+CVE-2012-0082 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0081
+CVE-2012-0081 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.1.1  ...)
 	- glassfish <not-affected> (Debian package only builds a few API elements)
-CVE-2012-0080
+CVE-2012-0080 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0079
+CVE-2012-0079 (Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote  ...)
 	NOT-FOR-US: Oracle OpenSSO
-CVE-2012-0078
+CVE-2012-0078 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-0077
+CVE-2012-0077 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2012-0076
+CVE-2012-0076 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0075
+CVE-2012-0075 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2429-1}
 	- mysql-5.1 5.1.61-2 (bug #659687)
-CVE-2012-0074
+CVE-2012-0074 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component i ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2012-0073
+CVE-2012-0073 (Unspecified vulnerability in the Oracle Forms component in Oracle E-Bu ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2012-0072
+CVE-2012-0072 (Unspecified vulnerability in the Listener component in Oracle Database ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2012-0071
+CVE-2012-0071 (Unspecified vulnerability in the Oracle Imaging and Process Management ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2012-0785 [Jenkins and hash collision attack]
 	RESERVED
@@ -16425,29 +16425,29 @@ CVE-2012-0785 [Jenkins and hash collision attack]
 CVE-2012-0070
 	RESERVED
 	NOT-FOR-US: spamdyke not in Debian
-CVE-2012-0069
+CVE-2012-0069 (SQL injection vulnerability in ajax.php in Batavi before 1.2.1 allows  ...)
 	NOT-FOR-US: batavi not in Debian
-CVE-2012-0068
+CVE-2012-0068 (The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x  ...)
 	{DSA-2395-1}
 	- wireshark 1.6.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6670
-CVE-2012-0067
+CVE-2012-0067 (wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1. ...)
 	{DSA-2395-1}
 	- wireshark 1.6.5-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6668
-CVE-2012-0066
+CVE-2012-0066 (Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote att ...)
 	{DSA-2395-1}
 	- wireshark 1.6.5-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6666
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6667
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6669
-CVE-2012-0065
+CVE-2012-0065 (Heap-based buffer overflow in the receive_packet function in libusbmux ...)
 	- usbmuxd 1.0.7-2 (medium; bug #656581)
 	[lenny] - usbmuxd <not-affected> (introduced in 1.0.7)
 	[squeeze] - usbmuxd <not-affected> (introduced in 1.0.7)
-CVE-2012-0064
+CVE-2012-0064 (xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB de ...)
 	- xorg-server 2:1.11.3.901-2 (high; bug #656410)
 	[squeeze] - xorg-server <not-affected> (introduced in 1.11)
 	[lenny] - xorg-server <not-affected> (introduced in 1.11)
@@ -16456,27 +16456,27 @@ CVE-2012-0063
 	RESERVED
 	- tucan <unfixed> (bug #656388)
 	[squeeze] - tucan <no-dsa> (Minor issue)
-CVE-2012-0062
+CVE-2012-0062 (Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3 ...)
 	NOT-FOR-US: JBoss Operations Network
-CVE-2012-0061
+CVE-2012-0061 (The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not ...)
 	{DLA-140-1}
 	- rpm 4.9.1.3-1 (bug #667031)
 	[squeeze] - rpm <no-dsa> (Minor issue)
-CVE-2012-0060
+CVE-2012-0060 (RPM before 4.9.1.3 does not properly validate region tags, which allow ...)
 	{DLA-140-1}
 	- rpm 4.9.1.3-1 (bug #667031)
 	[squeeze] - rpm <no-dsa> (Minor issue)
-CVE-2012-0059
+CVE-2012-0059 (Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 inc ...)
 	NOT-FOR-US: RHN Satellite
-CVE-2012-0058
+CVE-2012-0058 (The kiocb_batch_free function in fs/aio.c in the Linux kernel before 3 ...)
 	- linux-2.6 3.2.2-1
 	[wheezy] - linux-2.6 <not-affected> (introduced in 3.2-rc1)
 	[squeeze] - linux-2.6 <not-affected> (introduced in 3.2-rc1)
 	[lenny] - linux-2.6 <not-affected> (introduced in 3.2-rc1)
-CVE-2012-0057
+CVE-2012-0057 (PHP before 5.3.9 has improper libxslt security settings, which allows  ...)
 	{DSA-2399-1}
 	- php5 5.3.9-1 (bug #656308)
-CVE-2012-0056
+CVE-2012-0056 (The mem_write function in the Linux kernel before 3.2.2, when ASLR is  ...)
 	- linux-2.6 3.2.1-2
 	[squeeze] - linux-2.6 <not-affected> (introduced in 2.6.39)
 	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.39)
@@ -16484,17 +16484,17 @@ CVE-2012-0056
 CVE-2012-0055
 	RESERVED
 	NOT-FOR-US: overlayfs is not (yet) in the Debian kernel
-CVE-2012-0054
+CVE-2012-0054 (libs/updater.py in GoLismero 0.6.3, and other versions before Git revi ...)
 	NOT-FOR-US: golismero not in Debian
-CVE-2012-0053
+CVE-2012-0053 (protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not pro ...)
 	{DSA-2405-1}
 	- apache2 2.2.22-1 (low)
-CVE-2012-0052
+CVE-2012-0052 (Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3 ...)
 	NOT-FOR-US: JBoss Operations Network
 CVE-2012-0051
 	RESERVED
 	- tahoe-lafs <not-affected> (Only affects 1.9.0, not uploaded to the archive)
-CVE-2012-0050
+CVE-2012-0050 (OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, ...)
 	{DSA-2392-1}
 	- openssl 1.0.0g-1
 	NOTE: http://www.openssl.org/news/secadv/20120118.txt
@@ -16504,139 +16504,139 @@ CVE-2012-0049
 	- openttd 1.1.5-1 (low)
 	NOTE: http://vcs.openttd.org/svn/changeset/23764
 	NOTE: http://security.openttd.org/en/CVE-2012-0049
-CVE-2012-0048
+CVE-2012-0048 (OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial  ...)
 	NOTE: contacted MITRE, will be rejected
-CVE-2012-0047
+CVE-2012-0047 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
 	NOT-FOR-US: Apache Wicket
 CVE-2012-0046 [mediawiki info leak]
 	RESERVED
 	- mediawiki 1:1.15.5-6 (low; bug #655694)
 	[squeeze] - mediawiki 1:1.15.5-2squeeze3
 	[lenny] - mediawiki <not-affected> (Vulnerable code not present)
-CVE-2012-0045
+CVE-2012-0045 (The em_syscall function in arch/x86/kvm/emulate.c in the KVM implement ...)
 	{DSA-2443-1}
 	- linux-2.6 3.2.2-1
 	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2012-0044
+CVE-2012-0044 (Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu ...)
 	- linux-2.6 3.1.5-1
 	[squeeze] - linux-2.6 2.6.32-40
-CVE-2012-0043
+CVE-2012-0043 (Buffer overflow in the reassemble_message function in epan/dissectors/ ...)
 	- wireshark 1.6.5-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
-CVE-2012-0042
+CVE-2012-0042 (Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly ...)
 	{DSA-2395-1}
 	- wireshark 1.6.5-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2012-0041
+CVE-2012-0041 (The dissect_packet function in epan/packet.c in Wireshark 1.4.x before ...)
 	{DSA-2395-1}
 	- wireshark 1.6.5-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6663
-CVE-2012-0040
+CVE-2012-0040 (Cross-site scripting (XSS) vulnerability in modules/core/www/no_cookie ...)
 	{DSA-2387-1}
 	- simplesamlphp 1.8.2-1
 	NOTE: http://groups.google.com/group/simplesamlphp-announce/browse_thread/thread/cb96723ee3c6751e
-CVE-2012-0039
+CVE-2012-0039 (** DISPUTED ** GLib 2.31.8 and earlier, when the g_str_hash function i ...)
 	- glib2.0 <unfixed> (unimportant; bug #655044)
-CVE-2012-0038
+CVE-2012-0038 (Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c ...)
 	- linux-2.6 3.2.1-1
 	[squeeze] - linux-2.6 2.6.32-41
-CVE-2012-0037
+CVE-2012-0037 (Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 ...)
 	{DSA-2438-1}
 	- raptor 1.4.21-7.1 (bug #677427)
-CVE-2012-0036
+CVE-2012-0036 (curl and libcurl 7.2x before 7.24.0 do not properly consider special c ...)
 	{DSA-2398-1}
 	- curl 7.24.0-1
 	[lenny] - curl <not-affected> (Only affects 7.20.0 to 7.23.1)
 	NOTE: http://curl.haxx.se/docs/adv_20120124.html
-CVE-2012-0035
+CVE-2012-0035 (Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as u ...)
 	- cedet <removed> (low; bug #655299)
 	[squeeze] - cedet <no-dsa> (Minor issue)
 	- emacs23 23.3+1-5 (low; bug #655300)
 	[squeeze] - emacs23 <no-dsa> (Minor issue)
-CVE-2012-0034
+CVE-2012-0034 (The NonManagedConnectionFactory in JBoss Enterprise Application Platfo ...)
 	NOT-FOR-US: JBoss Enterprise Application Platform
-CVE-2012-0033
+CVE-2012-0033 (The CBounceDCCMod::OnPrivCTCP function in bouncedcc.cpp in the bounced ...)
 	- znc 0.202-2
 	[squeeze] - znc <not-affected> (Only affects 0.200 and 0.202)
 	[lenny] - znc <not-affected> (Only affects 0.200 and 0.202)
-CVE-2012-0032
+CVE-2012-0032 (Red Hat JBoss Operations Network (JON) before 3.0.1 uses 0777 permissi ...)
 	NOT-FOR-US: JBoss Operations Network
-CVE-2012-0031
+CVE-2012-0031 (scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow  ...)
 	{DSA-2405-1}
 	- apache2 2.2.22-1 (low)
-CVE-2012-0030
+CVE-2012-0030 (Nova 2011.3 and Essex, when using the OpenStack API, allows remote aut ...)
 	- nova 2012.1~rc1-1
-CVE-2012-0029
+CVE-2012-0029 (Heap-based buffer overflow in the process_tx_desc function in the e100 ...)
 	{DSA-2404-1 DSA-2396-1}
 	- qemu-kvm 1.0+dfsg-5
 	- xen-qemu-dm-4.0 <removed>
 	[squeeze] - xen <not-affected> (vulnerable code not present)
 	- xen 4.1.3~rc1+hg-20120614.a9c0a89c08f2-1 (medium)
-CVE-2012-0028
+CVE-2012-0028 (The robust futex implementation in the Linux kernel before 2.6.28 does ...)
 	- linux-2.6 2.6.32-1
-CVE-2012-0027
+CVE-2012-0027 (The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle inva ...)
 	- openssl 1.0.0f-1
 	[lenny] - openssl <not-affected> (no GOST support)
 	[squeeze] - openssl <not-affected> (no GOST support)
 CVE-2012-0026
 	REJECTED
-CVE-2012-0025
+CVE-2012-0025 (Double free vulnerability in the Free_All_Memory function in jpeg/dect ...)
 	NOT-FOR-US: libfpx
-CVE-2012-0024
+CVE-2012-0024 (MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values  ...)
 	- maradns 1.4.09-1
 	[squeeze] - maradns <no-dsa> (Minor issue)
 	[lenny] - maradns <no-dsa> (Minor issue)
 	NOTE: a DoS that requires being able to do recursive queries. Allowing recursive queries to the general public is already a security issue to begin with, so this issue can better be addressed in a point update.
-CVE-2012-0023
+CVE-2012-0023 (Double free vulnerability in the get_chunk_header function in modules/ ...)
 	- vlc 1.1.13-1
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
-CVE-2012-0022
+CVE-2012-0022 (Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7 ...)
 	{DSA-2401-1}
 	- tomcat5 <removed>
 	- tomcat6 6.0.35-1
 	- tomcat7 7.0.23-1
-CVE-2012-0021
+CVE-2012-0021 (The log_cookie function in mod_log_config.c in the mod_log_config modu ...)
 	- apache2 2.2.22-1
 	[squeeze] - apache2 <not-affected> (Introduced in 2.2.17)
 	[lenny] - apache2 <not-affected> (Introduced in 2.2.17)
-CVE-2012-0020
+CVE-2012-0020 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memo ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0019
+CVE-2012-0019 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memo ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0018
+CVE-2012-0018 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly validate at ...)
 	NOT-FOR-US: Microsoft Visio
-CVE-2012-0017
+CVE-2012-0017 (Cross-site scripting (XSS) vulnerability in inplview.aspx in Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0016
+CVE-2012-0016 (Untrusted search path vulnerability in Microsoft Expression Design; Ex ...)
 	NOT-FOR-US: Microsoft Expression Design
-CVE-2012-0015
+CVE-2012-0015 (Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0014
+CVE-2012-0014 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 befo ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0013
+CVE-2012-0013 (Incomplete blacklist vulnerability in the Windows Packager configurati ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0012
+CVE-2012-0012 (Microsoft Internet Explorer 9 does not properly handle the creation an ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0011
+CVE-2012-0011 (Microsoft Internet Explorer 7 through 9 does not properly handle objec ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0010
+CVE-2012-0010 (Microsoft Internet Explorer 6 through 9 does not properly perform copy ...)
 	NOT-FOR-US: Microsoft
-CVE-2012-0009
+CVE-2012-0009 (Untrusted search path vulnerability in the Windows Object Packager con ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0008
+CVE-2012-0008 (Untrusted search path vulnerability in Microsoft Visual Studio 2008 SP ...)
 	NOT-FOR-US: Microsoft Visual Studio 2008
-CVE-2012-0007
+CVE-2012-0007 (The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0  ...)
 	NOT-FOR-US: Microsoft Anti-Cross Site Scripting Library
-CVE-2012-0006
+CVE-2012-0006 (The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0005
+CVE-2012-0005 (The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsyste ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0004
+CVE-2012-0004 (Unspecified vulnerability in DirectShow in DirectX in Microsoft Window ...)
 	NOT-FOR-US: DirectX
-CVE-2012-0003
+CVE-2012-0003 (Unspecified vulnerability in winmm.dll in Windows Multimedia Library i ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0002
+CVE-2012-0002 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0001
+CVE-2012-0001 (The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windo ...)
 	NOT-FOR-US: Microsoft Windows
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index e8ee279b64..7dc3d4716a 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -1,29 +1,29 @@
-CVE-2013-7469
+CVE-2013-7469 (Seafile through 6.2.11 always uses the same Initialization Vector (IV) ...)
 	- seafile <unfixed> (bug #923009)
 	[buster] - seafile <ignored> (Minor issue)
 	NOTE: https://github.com/haiwen/seafile/issues/350
-CVE-2013-7468
+CVE-2013-7468 (Simple Machines Forum (SMF) 2.0.4 allows PHP Code Injection via the in ...)
 	NOT-FOR-US: Simple Machines Forum (SMF)
-CVE-2013-7467
+CVE-2013-7467 (Simple Machines Forum (SMF) 2.0.4 allows XSS via the index.php?action= ...)
 	NOT-FOR-US: Simple Machines Forum (SMF)
-CVE-2013-7466
+CVE-2013-7466 (Simple Machines Forum (SMF) 2.0.4 allows local file inclusion, with re ...)
 	NOT-FOR-US: Simple Machines Forum (SMF)
-CVE-2013-7465
+CVE-2013-7465 (Ice Cold Apps Servers Ultimate 6.0.2(12) does not require authenticati ...)
 	NOT-FOR-US: Ice Cold Apps Servers Ultimate
-CVE-2013-7464
+CVE-2013-7464 (In csrf-magic before 1.0.4, if $GLOBALS['csrf']['secret'] is not confi ...)
 	- zoneminder <not-affected> (Vulnerable code never in a embedded copy version for zoneminder)
 	- cacti <not-affected> (Vulnerable code never in any release inclusing embedded copy, i.e. pre 1.0.4)
 	NOTE: Issue is in embedded csrf-magic
 	NOTE: http://repo.or.cz/csrf-magic.git/commit/9d2537f70d58b16aeba89779aaf1573b8d618e11 (v1.0.4)
-CVE-2013-7463
+CVE-2013-7463 (The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use  ...)
 	NOT-FOR-US: aescrypt gem for Ruby
-CVE-2013-7462
+CVE-2013-7462 (A directory traversal vulnerability in the web application in McAfee ( ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2013-7461
+CVE-2013-7461 (A write protection and execution bypass vulnerability in McAfee (now I ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2013-7460
+CVE-2013-7460 (A write protection and execution bypass vulnerability in McAfee (now I ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2013-7459
+CVE-2013-7459 (Heap-based buffer overflow in the ALGnew function in block_templace.c  ...)
 	{DLA-773-1}
 	- python-crypto 2.6.1-7 (bug #849495)
 	[jessie] - python-crypto 2.6.1-5+deb8u1
@@ -32,13 +32,13 @@ CVE-2013-7459
 	NOTE: All users of pycrypto's AES module in Debian that allow the mode
 	NOTE: of operation to be specified from outside check for ECB explicitly
 	NOTE: and  create the objects without specifying an IV.
-CVE-2013-7458
+CVE-2013-7458 (linenoise, as used in Redis before 3.2.3, uses world-readable permissi ...)
 	{DSA-3634-1 DLA-577-1}
 	- redis 2:3.2.1-4 (bug #832460)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/1
-CVE-2013-7457
+CVE-2013-7457 (Unspecified vulnerability in the Qualcomm components in Android before ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2013-7456
+CVE-2013-7456 (gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1 ...)
 	{DSA-3602-1 DSA-3587-1}
 	- libgd2 2.1.1-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -49,27 +49,27 @@ CVE-2013-7456
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72227
 	NOTE: Fixed in 7.0.7, 5.6.22, 5.5.36
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3
-CVE-2013-7455
+CVE-2013-7455 (Double free vulnerability in the DefaultICCintents function in cmscnvr ...)
 	- lcms2 2.6-1
 	[wheezy] - lcms2 <not-affected> (vulnerable code not present, no cmsPipelineFree(Lut); in Error:-part)
 	NOTE: https://www.kb.cert.org/vuls/id/369800
 	NOTE: https://github.com/mm2/Little-CMS/commit/fefaaa43c382eee632ea3ad0cfa915335140e1db#diff-189a94f0a7a47efdd43f5567e27a973b
-CVE-2013-7454
+CVE-2013-7454 (The validator module before 1.1.0 for Node.js allows remote attackers  ...)
 	- validator.js <not-affected> (Fixed before initial release)
-CVE-2013-7453
+CVE-2013-7453 (The validator module before 1.1.0 for Node.js allows remote attackers  ...)
 	- validator.js <not-affected> (Fixed before initial release)
-CVE-2013-7452
+CVE-2013-7452 (The validator module before 1.1.0 for Node.js allows remote attackers  ...)
 	- validator.js <not-affected> (Fixed before initial release)
-CVE-2013-7451
+CVE-2013-7451 (The validator module before 1.1.0 for Node.js allows remote attackers  ...)
 	- validator.js <not-affected> (Fixed before initial release)
-CVE-2013-7450
+CVE-2013-7450 (Pulp before 2.3.0 uses the same the same certificate authority key and ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2013-7448
+CVE-2013-7448 (Directory traversal vulnerability in wiki.c in didiwiki allows remote  ...)
 	{DSA-3485-1 DLA-424-1}
 	- didiwiki 0.5-12 (bug #815111)
 	NOTE: https://github.com/OpenedHand/didiwiki/pull/1/files
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/19/4
-CVE-2013-7447
+CVE-2013-7447 (Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gd ...)
 	{DLA-419-1}
 	- gtk+2.0 2.24.30-1.1 (bug #799275)
 	[jessie] - gtk+2.0 2.24.25-3+deb8u1
@@ -78,7 +78,7 @@ CVE-2013-7447
 	[wheezy] - gtk+3.0 3.4.2-7+deb7u1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=703220
 	NOTE: Fixed by: https://git.gnome.org/browse/gtk+/commit?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6
-CVE-2013-7446
+CVE-2013-7446 (Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel ...)
 	{DSA-3426-1 DLA-360-1}
 	- linux 4.2.6-2
 	- linux-2.6 <removed>
@@ -87,7 +87,7 @@ CVE-2013-7446
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/18/9
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ec0d215f9420564fc8286dcf93d2d068bb53a07e (v2.6.26-rc9)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7d267278a9ece963d77eefec61630223fce08c6c (v4.4-rc4)
-CVE-2013-7445
+CVE-2013-7445 (The Direct Rendering Manager (DRM) subsystem in the Linux kernel throu ...)
 	- linux <unfixed>
 	[stretch] - linux <ignored> (Minor issue, requires invasive changes)
 	[jessie] - linux <ignored> (Minor issue, requires invasive changes)
@@ -95,13 +95,13 @@ CVE-2013-7445
 	[jessie] - linux-4.9 <ignored> (Minor issue, requires invasive changes)
 	- linux-2.6 <removed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=60533
-CVE-2013-7444
+CVE-2013-7444 (The Special:Contributions page in MediaWiki before 1.22.0 allows remot ...)
 	- mediawiki 1:1.25.5-1 (bug #799096)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T106893
 	NOTE: https://github.com/wikimedia/mediawiki/commit/dc2966bd05b69321300c63fd0bd78e7c78ecea6e
-CVE-2013-7443
+CVE-2013-7443 (Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows r ...)
 	- sqlite3 3.8.3-1
 	[wheezy] - sqlite3 <not-affected> (Vulnerable code introduced in 3.8.2)
 	[squeeze] - sqlite3 <not-affected> (Vulnerable code introduced in 3.8.2)
@@ -109,9 +109,9 @@ CVE-2013-7443
 	NOTE: Introduced by: https://www.sqlite.org/src/info/b0bb975c0986fe01
 	NOTE: https://www.sqlite.org/src/info/520070ec7fbaac
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/14/5
-CVE-2013-7442
+CVE-2013-7442 (GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password ...)
 	NOT-FOR-US: GE Healthcare Centricity PACS Workstation
-CVE-2013-7440
+CVE-2013-7440 (The ssl.match_hostname function in CPython (aka Python) before 2.7.9 a ...)
 	- python3.4 3.4~b1-4
 	- python3.3 3.3.3-1
 	- python3.2 <removed>
@@ -128,7 +128,7 @@ CVE-2013-7440
 	NOTE: https://bugs.python.org/issue17997#msg194950
 	NOTE: https://hg.python.org/cpython/rev/10d0edadbcdd
 	NOTE: The CVE is only about refusing multiple wildcards. Backporting that part only is not so difficult.
-CVE-2013-7439
+CVE-2013-7439 (Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen mac ...)
 	{DSA-3224-1 DLA-199-1}
 	- libx11 2:1.6.0-1
 	NOTE: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=39547d600a13713e15429f49768e54c3173c828d
@@ -149,33 +149,33 @@ CVE-2013-7439
 	NOTE: open-vm-tools (TBD / 8.4.2-261024-1+build1)
 	NOTE: wine-gecko-1.4 (wheezy)
 	NOTE: list completed by analyzing http://codesearch.debian.net/results/SetReqLen and http://codesearch.debian.net/results/MakeBigReq
-CVE-2013-7438
+CVE-2013-7438 (Multiple buffer overflows in pbm212030 allow remote attackers to cause ...)
 	NOT-FOR-US: pbm2l2030
 	NOTE: http://www.openprinting.org/driver/pbm2l2030/ (typo in the official CVE description)
-CVE-2013-7441
+CVE-2013-7441 (The modern style negotiation in Network Block Device (nbd-server) 2.9. ...)
 	{DSA-3271-1}
 	- nbd 1:3.4-1 (bug #781547)
 	[squeeze] - nbd <not-affected> (Named export introduced in 2.9.17)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/19/6
-CVE-2013-7435
+CVE-2013-7435 (The open-ils.pcrud endpoint in Evergreen before 2.5.9, 2.6.x before 2. ...)
 	NOT-FOR-US: Evergreen library
 CVE-2013-7434
 	RESERVED
-CVE-2013-7433
+CVE-2013-7433 (Cross-site scripting (XSS) vulnerability in the Googlemaps plugin befo ...)
 	NOT-FOR-US: Googlemaps plugin for Joomla!
-CVE-2013-7432
+CVE-2013-7432 (The Googlemaps plugin before 3.1 for Joomla! allows remote attackers t ...)
 	NOT-FOR-US: Googlemaps plugin for Joomla!
-CVE-2013-7431
+CVE-2013-7431 (Full path disclosure in the Googlemaps plugin before 3.1 for Joomla!. ...)
 	NOT-FOR-US: Googlemaps plugin for Joomla!
-CVE-2013-7430
+CVE-2013-7430 (Cross-site scripting (XSS) vulnerability in the Googlemaps plugin befo ...)
 	NOT-FOR-US: Googlemaps plugin for Joomla!
-CVE-2013-7429
+CVE-2013-7429 (The Googlemaps plugin before 3.1 for Joomla! allows remote attackers t ...)
 	NOT-FOR-US: Googlemaps plugin for Joomla!
-CVE-2013-7428
+CVE-2013-7428 (The Googlemaps plugin before 3.1 for Joomla! allows remote attackers t ...)
 	NOT-FOR-US: Googlemaps plugin for Joomla!
 CVE-2013-7427
 	RESERVED
-CVE-2013-7436
+CVE-2013-7436 (noVNC before 0.5 does not set the secure flag for a cookie in an https ...)
 	- novnc 1:0.4+dfsg+1+20131010+gitf68af8af3d-4 (bug #778618)
 	[wheezy] - novnc <not-affected> (Only an issue in combination with later OpenStack components)
 	NOTE: https://github.com/kanaka/noVNC/commit/ad941faddead705cd611921730054767a0b32dcd
@@ -188,13 +188,13 @@ CVE-2013-XXXX [TOCTOU race when expanding JAR files]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=959433
 	NOTE: libbluray is only in wheezy and later and the issue is neutered by the kernel hardening for /tmp
 	NOTE: Affected code removed in 0.7.0-1
-CVE-2013-7437
+CVE-2013-7437 (Multiple integer overflows in potrace 1.11 allow remote attackers to c ...)
 	{DLA-675-1}
 	- potrace 1.12-1 (bug #778646)
 	[squeeze] - potrace <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=955808
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/12
-CVE-2013-7449
+CVE-2013-7449 (The ssl_do_connect function in common/server.c in HexChat before 2.10. ...)
 	- xchat 2.8.8-10 (bug #776609)
 	[jessie] - xchat <no-dsa> (Minor issue)
 	[wheezy] - xchat <no-dsa> (Minor issue)
@@ -207,16 +207,16 @@ CVE-2013-7449
 	NOTE: https://github.com/hexchat/hexchat/issues/524
 	NOTE: https://github.com/hexchat/hexchat/commit/c9b63f7f9be01692b03fa15275135a4910a7e02d (v2.12.0)
 	NOTE: https://github.com/hexchat/hexchat/commit/c99f2ba645d1f4d01d6d2bb0cc1238825e15c604 (v2.10.2)
-CVE-2013-7426
+CVE-2013-7426 (Insecure Temporary file vulnerability in /tmp/kamailio_fifo in kamaili ...)
 	- kamailio 4.0.2-1 (bug #712083)
-CVE-2013-7424
+CVE-2013-7424 (The getaddrinfo function in glibc before 2.15, when compiled with libi ...)
 	{DSA-3169-1 DLA-165-1}
 	- glibc 2.15-1
 	- eglibc 2.15-1
 	NOTE: http://seclists.org/oss-sec/2015/q1/306
 	NOTE: Upstream fix: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=2e96f1c7
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=981942
-CVE-2013-7423
+CVE-2013-7423 (The send_dg function in resolv/res_send.c in GNU C Library (aka glibc  ...)
 	{DLA-165-1}
 	- glibc 2.19-1 (bug #722075)
 	[wheezy] - eglibc 2.13-38+deb7u5
@@ -224,7 +224,7 @@ CVE-2013-7423
 	NOTE: Fix: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f9d2d03254a58d92635a311a42253eeed5a40a47
 	NOTE: Upstream report: https://sourceware.org/bugzilla/show_bug.cgi?id=15946
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/28/16
-CVE-2013-7421
+CVE-2013-7421 (The Crypto API in the Linux kernel before 3.18.5 allows local users to ...)
 	{DSA-3170-1}
 	- linux 3.16.7-ckt4-2
 	- linux-2.6 <removed>
@@ -232,7 +232,7 @@ CVE-2013-7421
 	NOTE: https://lkml.org/lkml/2013/3/4/70
 	NOTE: https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d26a105b5a7 (v3.19-rc1)
-CVE-2013-7422
+CVE-2013-7422 (Integer underflow in regcomp.c in Perl before 5.20, as used in Apple O ...)
 	- perl 5.20.0-1 (bug #776046)
 	[wheezy] - perl <no-dsa> (Minor issue)
 	[squeeze] - perl <no-dsa> (Minor issue)
@@ -241,15 +241,15 @@ CVE-2013-7422
 CVE-2013-XXXX [lhasa: several directory traversal vulnerabilities]
 	- lhasa 0.2.0-1
 	[wheezy] - lhasa <no-dsa> (Minor issue)
-CVE-2013-7420
+CVE-2013-7420 (Buffer overflow in Hancom Office 2010 SE allows remote attackers to ex ...)
 	NOT-FOR-US: Hancom Office 2010 SE
-CVE-2013-7419
+CVE-2013-7419 (Cross-site scripting (XSS) vulnerability in includes/refreshDate.php i ...)
 	NOT-FOR-US: Joomlaskin JS Multi Hotel (aka JS MultiHotel and Js-Multi-Hotel) plugin for WordPress
-CVE-2013-7418
+CVE-2013-7418 (cgi-bin/iptablesgui.cgi in IPCop (aka IPCop Firewall) before 2.1.5 all ...)
 	NOT-FOR-US: IPCop
-CVE-2013-7417
+CVE-2013-7417 (Cross-site scripting (XSS) vulnerability in cgi-bin/ipinfo.cgi in IPCo ...)
 	NOT-FOR-US: IPCop
-CVE-2013-7416
+CVE-2013-7416 (canto_curses/guibase.py in Canto Curses before 0.9.0 allows remote fee ...)
 	- canto <removed> (bug #731582)
 	[wheezy] - canto <not-affected> (Vulnerable code not present)
 	[squeeze] - canto <not-affected> (Vulnerable code not present)
@@ -265,102 +265,102 @@ CVE-2013-7411
 	RESERVED
 CVE-2013-7410
 	RESERVED
-CVE-2013-7409
+CVE-2013-7409 (Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attacke ...)
 	NOT-FOR-US: ALLPlayer
-CVE-2013-7408
+CVE-2013-7408 (F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cook ...)
 	NOT-FOR-US: F5 BIG-IP Analytics
-CVE-2013-7407
+CVE-2013-7407 (Cross-site request forgery (CSRF) vulnerability in the MRBS module for ...)
 	NOT-FOR-US: Drupal module MRBS
-CVE-2013-7406
+CVE-2013-7406 (SQL injection vulnerability in the MRBS module for Drupal allows remot ...)
 	NOT-FOR-US: Drupal module MRBS
-CVE-2013-7405
+CVE-2013-7405 (The Ad Hoc Reporting feature in GE Healthcare Centricity DMS 4.2 has a ...)
 	NOT-FOR-US: GE Healthcare Centricity DMS
-CVE-2013-7404
+CVE-2013-7404 (GE Healthcare Discovery NM 750b has a password of 2getin for the insit ...)
 	NOT-FOR-US: GE Healthcare Discovery NM 750b
 CVE-2013-7403
 	RESERVED
 	NOT-FOR-US: WordPress plugin wp-video-commando
-CVE-2013-7400
+CVE-2013-7400 (The Direct Mail (direct_mail) extension before 3.1.2 for TYPO3 allows  ...)
 	NOT-FOR-US: TYPO3 extension direct_mail
 CVE-2013-7399
 	RESERVED
-CVE-2013-7402
+CVE-2013-7402 (Multiple unspecified vulnerabilities in request.c in c-icap 0.2.x allo ...)
 	{DSA-3101-1}
 	- c-icap 1:0.3.1-1
 	NOTE: http://sourceforge.net/p/c-icap/code/1018/
 	NOTE: http://sourceforge.net/p/c-icap/code/1021
-CVE-2013-7401
+CVE-2013-7401 (The parse_request function in request.c in c-icap 0.2.x allows remote  ...)
 	{DSA-3101-1}
 	- c-icap 1:0.3.1-1
 	NOTE: http://sourceforge.net/p/c-icap/bugs/59/
 	NOTE: http://sourceforge.net/p/c-icap/code/1018/
-CVE-2013-7398
+CVE-2013-7398 (main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Htt ...)
 	- async-http-client <not-affected> (Vulnerable code not present, bug #773364)
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/issues/197
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/commit/3c9152e2c75f7e8b654beec40383748a14c6b51b
-CVE-2013-7397
+CVE-2013-7397 (Async Http Client (aka AHC or async-http-client) before 1.9.0 skips X. ...)
 	- async-http-client 1.6.5-3
 	[wheezy] - async-http-client <no-dsa> (Minor issue)
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/issues/352
 CVE-2013-7396
 	RESERVED
-CVE-2013-7395
+CVE-2013-7395 (ZOLL Defibrillator / Monitor X Series has a default (1) supervisor pas ...)
 	NOT-FOR-US: ZOLL Defibrillator / Monitor X Series
-CVE-2013-7394
+CVE-2013-7394 (The "runshellscript echo.sh" script in Splunk before 5.0.5 allows remo ...)
 	NOT-FOR-US: Splunk
-CVE-2013-7393
+CVE-2013-7393 (The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local  ...)
 	- subversion 1.8.5-1 (unimportant)
 	NOTE: Optional admin-side utilities in Subversion 1.8.x
 	NOTE: split form CVE-2013-4262
-CVE-2013-7392
+CVE-2013-7392 (Gitlist allows remote attackers to execute arbitrary commands via shel ...)
 	- gitlist <itp> (bug #750368)
-CVE-2013-7391
+CVE-2013-7391 (The Entity API module 7.x-1.x before 7.x-1.2 for Drupal, when using th ...)
 	NOT-FOR-US: Drupal contributed module Entity API
 CVE-2013-7390
 	RESERVED
-CVE-2013-7389
+CVE-2013-7389 (Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645  ...)
 	NOT-FOR-US: D-Link router
-CVE-2013-7388
+CVE-2013-7388 (Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (f ...)
 	NOT-FOR-US: Trimble SketchUp
-CVE-2013-7387
+CVE-2013-7387 (Session fixation vulnerability in DataLife Engine (DLE) 9.7 and earlie ...)
 	NOT-FOR-US: DataLife Engine
-CVE-2013-7386
+CVE-2013-7386 (Format string vulnerability in the PROJECT::write_account_file functio ...)
 	- boinc 7.1.10+dfsg-1 (low)
 	[squeeze] - boinc <no-dsa> (Minor issue)
 	[wheezy] - boinc <no-dsa> (Minor issue)
-CVE-2013-7385
+CVE-2013-7385 (LiveZilla 5.1.2.1 and earlier includes the MD5 hash of the operator pa ...)
 	NOT-FOR-US: LiveZilla
-CVE-2013-7384
+CVE-2013-7384 (UnrealIRCd 3.2.10 before 3.2.10.2 allows remote attackers to cause a d ...)
 	- unrealircd <itp> (bug #515130)
-CVE-2013-7382
+CVE-2013-7382 (VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and e ...)
 	NOT-FOR-US: VICIDIAL
 CVE-2013-7381
 	RESERVED
 CVE-2013-7380
 	RESERVED
-CVE-2013-7379
+CVE-2013-7379 (The admin API in the tomato module before 0.0.6 for Node.js does not p ...)
 	NOT-FOR-US: tomato module for Node.js
 CVE-2013-7378
 	RESERVED
-CVE-2013-7377
+CVE-2013-7377 (The codem-transcode module before 0.5.0 for Node.js, when ffprobe is e ...)
 	NOT-FOR-US: codem-transcode Node module
-CVE-2013-7376
+CVE-2013-7376 (Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2. ...)
 	NOT-FOR-US: OpenX
-CVE-2013-7383
+CVE-2013-7383 (x2gocleansessions in X2Go Server before 4.0.0.8 and 4.0.1.x before 4.0 ...)
 	- x2goserver <not-affected> (Fixed with first upload to Debian)
 	NOTE: Fixed by: http://code.x2go.org/gitweb?p=x2goserver.git;a=commit;h=5a2aa0c36ef7a57d87e3bb6f7c6b2558ed5430f7 (4.0.1.10)
 	NOTE: Fixed by: http://code.x2go.org/gitweb?p=x2goserver.git;a=commit;h=b03665513ab1969b069c1351fe17cbb8b5fca256 (4.0.0.8)
 	NOTE: Fixed by: http://code.x2go.org/gitweb?p=x2goserver.git;a=commit;h=8347d3fef0e5cbabe4aa48f503612fa7b9d078f8 (4.0.0.8)
 	NOTE: Fixed by: http://code.x2go.org/gitweb?p=x2goserver.git;a=commit;h=bf44925ecccda436caa1cfc34f89eced9c1bd104 (4.0.0.8)
-CVE-2013-7375
+CVE-2013-7375 (SQL injection vulnerability in includes/classes/Authenticate.class.php ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2013-7373
+CVE-2013-7373 (Android before 4.4 does not properly arrange for seeding of the OpenSS ...)
 	NOT-FOR-US: Android
-CVE-2013-7372
+CVE-2013-7372 (The engineNextBytes function in classlib/modules/security/src/main/jav ...)
 	NOT-FOR-US: Android
-CVE-2013-7369
+CVE-2013-7369 (SQL injection vulnerability in an unspecified DLL in the FSDBCom Activ ...)
 	NOT-FOR-US: F-Secure Anti-Virus
-CVE-2013-7374
+CVE-2013-7374 (The Ubuntu Date and Time Indicator (aka indicator-datetime) 13.10.0+13 ...)
 	NOT-FOR-US: indicator-datetime
 CVE-2013-7371 [XSS in the Sencha Labs Connect middleware]
 	RESERVED
@@ -369,102 +369,102 @@ CVE-2013-7371 [XSS in the Sencha Labs Connect middleware]
 CVE-2013-7370 [XSS in the Sencha Labs Connect middleware]
 	RESERVED
 	- node-connect 3.0.0-1 (bug #744374)
-CVE-2013-7368
+CVE-2013-7368 (Multiple cross-site scripting (XSS) vulnerabilities in Gnew 2013.1 all ...)
 	NOT-FOR-US: Gnew
-CVE-2013-7367
+CVE-2013-7367 (SAP Enterprise Portal does not properly restrict access to the Federat ...)
 	NOT-FOR-US: SAP
-CVE-2013-7366
+CVE-2013-7366 (The SAP Software Deployment Manager (SDM), in certain unspecified cond ...)
 	NOT-FOR-US: SAP
-CVE-2013-7365
+CVE-2013-7365 (Cross-site scripting (XSS) vulnerability in SAP Enterprise Portal allo ...)
 	NOT-FOR-US: SAP
-CVE-2013-7364
+CVE-2013-7364 (An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver d ...)
 	NOT-FOR-US: SAP
-CVE-2013-7363
+CVE-2013-7363 (Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Soluti ...)
 	NOT-FOR-US: SAP
-CVE-2013-7362
+CVE-2013-7362 (An unspecified RFC function in SAP CCMS Agent allows remote attackers  ...)
 	NOT-FOR-US: SAP
-CVE-2013-7361
+CVE-2013-7361 (Directory traversal vulnerability in SAP CMS and CM Services allows at ...)
 	NOT-FOR-US: SAP
-CVE-2013-7360
+CVE-2013-7360 (Unspecified vulnerability in SAP adminadapter allows remote attackers  ...)
 	NOT-FOR-US: SAP
-CVE-2013-7359
+CVE-2013-7359 (Unspecified vulnerability in SAP Mobile Infrastructure allows remote a ...)
 	NOT-FOR-US: SAP
-CVE-2013-7358
+CVE-2013-7358 (Unspecified vulnerability in SAP Guided Procedures Archive Monitor all ...)
 	NOT-FOR-US: SAP
-CVE-2013-7357
+CVE-2013-7357 (Unspecified vulnerability in the configuration service in SAP J2EE Eng ...)
 	NOT-FOR-US: SAP
-CVE-2013-7356
+CVE-2013-7356 (Unspecified vulnerability in the SAP CCMS / Database Monitors for Orac ...)
 	NOT-FOR-US: SAP
-CVE-2013-7355
+CVE-2013-7355 (SQL injection vulnerability in SAP BI Universal Data Integration allow ...)
 	NOT-FOR-US: SAP
-CVE-2013-7354
+CVE-2013-7354 (Multiple integer overflows in libpng before 1.5.14rc03 allow remote at ...)
 	- libpng <not-affected> (Only affects 1.5 and later)
 	NOTE: http://sourceforge.net/p/png-mng/mailman/message/32215052/
 	NOTE: http://sourceforge.net/p/libpng/bugs/199/
 	- libpng1.6 1.6.10-1
-CVE-2013-7353
+CVE-2013-7353 (Integer overflow in the png_set_unknown_chunks function in libpng/pngs ...)
 	- libpng <not-affected> (Only affects 1.5 and later)
 	NOTE: http://sourceforge.net/p/png-mng/mailman/message/32215052/
 	NOTE: http://sourceforge.net/p/libpng/bugs/199/
 	- libpng1.6 1.6.10-1
-CVE-2013-7352
+CVE-2013-7352 (Cross-site request forgery (CSRF) vulnerability in blogs/admin.php in  ...)
 	NOT-FOR-US: b2evolution
-CVE-2013-7350
+CVE-2013-7350 (Multiple unspecified vulnerabilities in Check Point Security Gateway 8 ...)
 	NOT-FOR-US: Check Point Security Gateway
-CVE-2013-7349
+CVE-2013-7349 (Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote att ...)
 	NOT-FOR-US: Gnew
-CVE-2013-7346
+CVE-2013-7346 (Cross-site request forgery (CSRF) vulnerability in Symphony CMS before ...)
 	NOT-FOR-US: Symphony CMS
 CVE-2013-7351 [several XSS]
 	RESERVED
 	- shaarli 0.0.41~beta~dfsg2-4 (bug #743252)
 	NOTE: https://github.com/sebsauvage/Shaarli/commit/53da201749f8f362323ef278bf338f1d9f7a925a
-CVE-2013-7348
+CVE-2013-7348 (Double free vulnerability in the ioctx_alloc function in fs/aio.c in t ...)
 	- linux 3.13.4-1
 	[wheezy] - linux <not-affected> (Introduced and fixed in 3.13 series)
 	- linux-2.6 <not-affected> (Introduced and fixed in 3.13 series)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d558023207e008a4476a3b7bb8706b2a2bf5d84f
-CVE-2013-7347
+CVE-2013-7347 (Luci in Red Hat Conga does not properly enforce the user session timeo ...)
 	NOT-FOR-US: Red Hat Conga
-CVE-2013-7344
+CVE-2013-7344 (Unspecified vulnerability in core/settings.php in ownCloud before 4.0. ...)
 	- owncloud 5.0.3+dfsg-1
-CVE-2013-7343
+CVE-2013-7343 (Cross-site scripting (XSS) vulnerability in flowplayer.swf in the Flas ...)
 	NOT-FOR-US: Flowplayer
 	NOTE: Present in the source in some Moodle packages, see #736800
-CVE-2013-7342
+CVE-2013-7342 (Cross-site scripting (XSS) vulnerability in flowplayer.swf in the Flas ...)
 	NOT-FOR-US: Flowplayer
 	NOTE: Present in the source in some Moodle packages, see #736800
-CVE-2013-7340
+CVE-2013-7340 (VideoLAN VLC Media Player before 2.0.7 allows remote attackers to caus ...)
 	- vlc 2.2.0~rc2-1 (unimportant)
 	NOTE: No security impact
 	NOTE: Might be fixed earlier than 2.2.0~rc2, but only that version was checked
 CVE-2013-7337
 	RESERVED
-CVE-2013-7341
+CVE-2013-7341 (Multiple cross-site scripting (XSS) vulnerabilities in Flowplayer Flas ...)
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-7339
+CVE-2013-7339 (The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel be ...)
 	{DSA-2906-1}
 	- linux 3.13-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c2349758acf1874e4c2b93fe41d072336f1a31d0
-CVE-2013-7336
+CVE-2013-7336 (The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in lib ...)
 	- libvirt 1.1.4-1
 	[wheezy] - libvirt <not-affected> (Vulnerable code not present)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present)
 	NOTE: http://www.redhat.com/archives/libvir-list/2013-September/msg01208.html
-CVE-2013-7335
+CVE-2013-7335 (Open redirect vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x b ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2013-7334
+CVE-2013-7334 (Cross-site request forgery (CSRF) vulnerability in ImageCMS before 4.2 ...)
 	NOT-FOR-US: ImageCMS
 CVE-2013-7333
 	RESERVED
-CVE-2013-7332
+CVE-2013-7332 (The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earl ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-7331
+CVE-2013-7331 (The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earl ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-7345
+CVE-2013-7345 (The BEGIN regular expression in the awk script detector in magic/Magdi ...)
 	{DSA-3064-1 DSA-2873-1}
 	- file 1:5.17-0.1 (bug #703993)
 	NOTE: http://bugs.gw.com/view.php?id=164
@@ -479,22 +479,22 @@ CVE-2013-7345
 	NOTE: create_data_file.php /usr/share/file/magic.mgc > data_info.c" once
 	NOTE: you have a fixed libmagic1 installed.
 	NOTE: fixed by php5 5.4.27 so DSA 3064-1 also fixed it in Wheezy
-CVE-2013-7330
+CVE-2013-7330 (Jenkins before 1.502 allows remote authenticated users to configure an ...)
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/36342d71e29e0620f803a7470ce96c61761648d8
-CVE-2013-7328
+CVE-2013-7328 (Multiple integer signedness errors in the gdImageCrop function in ext/ ...)
 	- php5 5.5.9+dfsg-1
 	[wheezy] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
-CVE-2013-7327
+CVE-2013-7327 (The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does ...)
 	- php5 5.5.9+dfsg-1
 	[wheezy] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
-CVE-2013-7326
+CVE-2013-7326 (Cross-site scripting (XSS) vulnerability in vTiger CRM 5.4.0 allows re ...)
 	NOT-FOR-US: vTiger CRM
 CVE-2013-7324
 	RESERVED
-CVE-2013-7329
+CVE-2013-7329 (The CGI::Application module before 4.50_50 and 4.50_51 for Perl, when  ...)
 	- libcgi-application-perl 4.50-2 (bug #739505)
 	[wheezy] - libcgi-application-perl <no-dsa> (Minor issue)
 	[squeeze] - libcgi-application-perl <no-dsa> (Minor issue)
@@ -504,17 +504,17 @@ CVE-2013-7325
 	{DSA-2836-1}
 	- devscripts 2.13.9
 	[squeeze] - devscripts <no-dsa> (Minor issue)
-CVE-2013-7321
+CVE-2013-7321 (Cross-site scripting (XSS) vulnerability in D-Link DAP-2253 Access Poi ...)
 	NOT-FOR-US: D-Link hardware
-CVE-2013-7320
+CVE-2013-7320 (Cross-site request forgery (CSRF) vulnerability in D-Link DAP-2253 Acc ...)
 	NOT-FOR-US: D-Link hardware
-CVE-2013-7319
+CVE-2013-7319 (Cross-site scripting (XSS) vulnerability in the Download Manager plugi ...)
 	NOT-FOR-US: WordPress plugin Download Manager
-CVE-2013-7322
+CVE-2013-7322 (usersfile.c in liboath in OATH Toolkit before 2.4.1 does not properly  ...)
 	- oath-toolkit 2.4.1-1 (low; bug #738515)
 	[wheezy] - oath-toolkit <no-dsa> (Minor issue)
 	NOTE: http://lists.nongnu.org/archive/html/oath-toolkit-help/2013-12/msg00000.html
-CVE-2013-7338
+CVE-2013-7338 (Python before 3.3.4 RC1 allows remote attackers to cause a denial of s ...)
 	- python2.5 <not-affected> (Only affects 3.x)
 	- python2.6 <not-affected> (Only affects 3.x)
 	- python2.7 <not-affected> (Only affects 3.x)
@@ -545,113 +545,113 @@ CVE-2013-XXXX [autopostgresqlbackup code injection]
 CVE-2013-XXXX [buffer overflow in commandline parsing]
 	- swath 0.4.3-3 (low; bug #698189)
 	[squeeze] - swath 0.4.0-4+squeeze1
-CVE-2013-7323
+CVE-2013-7323 (python-gnupg before 0.3.5 allows context-dependent attackers to execut ...)
 	{DSA-2946-1}
 	- python-gnupg 0.3.6-1 (bug #738509)
-CVE-2013-7318
+CVE-2013-7318 (Cross-site scripting (XSS) vulnerability in BusinessFlow/login in Algo ...)
 	NOT-FOR-US: AlgoSec Firewall Analyzer
-CVE-2013-7317
+CVE-2013-7317 (Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before  ...)
 	NOT-FOR-US: CS-Cart
-CVE-2013-7316
+CVE-2013-7316 (Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versi ...)
 	- gitlab <not-affected> (Fixed before initial upload to Debian)
-CVE-2013-7315
+CVE-2013-7315 (The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4 ...)
 	{DSA-2842-1}
 	- libspring-java 3.0.6.RELEASE-10 (low; bug #720902)
-CVE-2013-7314
+CVE-2013-7314 (The OSPF implementation on NEC IP38X, IX1000, IX2000, and IX3000 route ...)
 	NOT-FOR-US: NEC routers
-CVE-2013-7313
+CVE-2013-7313 (The OSPF implementation in Juniper Junos through 13.x, JunosE, and Scr ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-7312
+CVE-2013-7312 (The OSPF implementation on Enterasys switches and routers does not con ...)
 	NOT-FOR-US: Enterasys switches and routers
-CVE-2013-7311
+CVE-2013-7311 (The OSPF implementation in Check Point Gaia OS R75.X and R76 and IPSO  ...)
 	NOT-FOR-US: Check Point Gaia OS
-CVE-2013-7310
+CVE-2013-7310 (The OSPF implementation on Yamaha routers does not consider the possib ...)
 	NOT-FOR-US: Yamaha routers
-CVE-2013-7309
+CVE-2013-7309 (The OSPF implementation in Extreme Networks EXOS does not consider the ...)
 	NOT-FOR-US: Extreme Networks EXOS
-CVE-2013-7308
+CVE-2013-7308 (The OSPF implementation on the D-Link DES-3810-28 switch with firmware ...)
 	NOT-FOR-US: D-Link DES-3810-28 switch
-CVE-2013-7307
+CVE-2013-7307 (The OSPF implementation on the Brocade Vyatta vRouter with software be ...)
 	NOT-FOR-US: Brocade Vyatta vRouter
-CVE-2013-7306
+CVE-2013-7306 (The OSPF implementation on Brocade routers does not consider the possi ...)
 	NOT-FOR-US: Brocade routers
-CVE-2013-7305
+CVE-2013-7305 (fpw.php in e107 through 1.0.4 does not check the user_ban field, which ...)
 	NOT-FOR-US: e107
-CVE-2013-7304
+CVE-2013-7304 (Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does  ...)
 	NOT-FOR-US: Check Point Endpoint Security MI Server
 CVE-2013-7297
 	RESERVED
-CVE-2013-7295
+CVE-2013-7295 (Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a ce ...)
 	- tor 0.2.4.20-1 (low)
 	[wheezy] - tor <no-dsa> (Minor issue)
 	[squeeze] - tor <not-affected> (OpenSSL in oldstable not affected)
-CVE-2013-7303
+CVE-2013-7303 (Multiple cross-site scripting (XSS) vulnerabilities in (1) squelettes- ...)
 	- spip 3.0.13-1 (bug #736170)
 	[wheezy] - spip 2.1.17-1+deb7u3
 	[squeeze] - spip <end-of-life> (Not supported in Squeeze LTS)
-CVE-2013-7302
+CVE-2013-7302 (Session fixation vulnerability in the Ubercart module 6.x-2.x before 6 ...)
 	NOT-FOR-US: Drupal contrib
-CVE-2013-7301
+CVE-2013-7301 (Cantata before 1.2.2 does not restrict access to files in the play que ...)
 	- cantata <not-affected> (Vulnerable code introduced with 1.2.0; bug #736154)
 	NOTE: https://code.google.com/p/cantata/issues/detail?id=356
-CVE-2013-7300
+CVE-2013-7300 (Absolute path traversal vulnerability in cantata before 1.2.2 allows l ...)
 	- cantata <not-affected> (Vulnerable code introduced with 1.2.0; bug #736154)
 	NOTE: https://code.google.com/p/cantata/issues/detail?id=356
-CVE-2013-7299
+CVE-2013-7299 (framework/common/messageheaderparser.cpp in Tntnet before 2.2.1 allows ...)
 	- tntnet 2.2.1-1 (low; bug #735881)
 	[wheezy] - tntnet <no-dsa> (Minor issue)
 	[squeeze] - tntnet <no-dsa> (Minor issue)
-CVE-2013-7298
+CVE-2013-7298 (query_params.cpp in cxxtools before 2.2.1 allows remote attackers to c ...)
 	- cxxtools 2.2.1-1 (low; bug #735880)
 	[wheezy] - cxxtools <not-affected> (Issue not present, introduced in v2.2)
 	[squeeze] - cxxtools <not-affected> (Issue not present, introduced in v2.2)
-CVE-2013-7296
+CVE-2013-7296 (The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler befo ...)
 	- poppler <not-affected> (Introduced in a3cee0e7e9dd292c70fe1fa19a92e70bbc1e1b41)
 	NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=58e04a08afee
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=328511
-CVE-2013-7294
+CVE-2013-7294 (The ikev2parent_inI1outR1 function in pluto/ikev2_parent.c in libreswa ...)
 	NOT-FOR-US: libreswan, strongSwan not affected (pluto never supported ikev2)
-CVE-2013-7293
+CVE-2013-7293 (The ASUS WL-330NUL router has a configuration process that relies on a ...)
 	NOT-FOR-US: ASUS router
-CVE-2013-7292
+CVE-2013-7292 (VASCO IDENTIKEY Authentication Server (IAS) 3.4.x allows remote authen ...)
 	NOT-FOR-US: VASCO IAS
-CVE-2013-7291
+CVE-2013-7291 (memcached before 1.4.17, when running in verbose mode, allows remote a ...)
 	{DLA-701-1}
 	- memcached 1.4.20-1 (low; bug #735314)
 	[squeeze] - memcached <no-dsa> (Minor issue)
 	NOTE: https://github.com/memcached/memcached/commit/fbe823d9a61b5149cd6e3b5e17bd28dd3b8dd760
-CVE-2013-7290
+CVE-2013-7290 (The do_item_get function in items.c in memcached 1.4.4 and other versi ...)
 	- memcached 1.4.13-0.2
 	[squeeze] - memcached 1.4.5-1+deb6u1
 	NOTE: https://github.com/memcached/memcached/commit/fbe823d9a61b5149cd6e3b5e17bd28dd3b8dd760
 	NOTE: actual patch should be adjusted in case there is a further memcached upload accoring to upstream commit
-CVE-2013-7289
+CVE-2013-7289 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
 	NOT-FOR-US: Andy's PHP Knowledgebase (Aphpkb)
 CVE-2013-7287
 	RESERVED
 CVE-2013-7286
 	RESERVED
-CVE-2013-7283
+CVE-2013-7283 (Race condition in the libreswan.spec files for Red Hat Enterprise Linu ...)
 	- libreswan <not-affected> (Fixed before initial upload in Debian; /tmp-race in libreswan.spec for rpm based systems)
-CVE-2013-7282
+CVE-2013-7282 (The management web interface on the Nisuta NS-WIR150NE router with fir ...)
 	NOT-FOR-US: Nisuta NS-WIR150NE router
-CVE-2013-7280
+CVE-2013-7280 (Buffer overflow in HansoTools Hanso Player 2.1.0, 2.5.0, and earlier a ...)
 	NOT-FOR-US: HansoTools Hanso Player
-CVE-2013-7279
+CVE-2013-7279 (Cross-site scripting (XSS) vulnerability in views/video-management/pre ...)
 	NOT-FOR-US: WordPress plugin S3 Video
-CVE-2013-7278
+CVE-2013-7278 (SQL injection vulnerability in Naxtech CMS Afroditi 1.0 allows remote  ...)
 	NOT-FOR-US: Naxtech CMS Afroditi
-CVE-2013-7277
+CVE-2013-7277 (Multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP Know ...)
 	NOT-FOR-US: Andy's PHP Knowledgebase (Aphpkb)
-CVE-2013-7276
+CVE-2013-7276 (Cross-site scripting (XSS) vulnerability in inc/raf_form.php in the Re ...)
 	NOT-FOR-US: WordPress plugin Recommend to a friend
-CVE-2013-7275
+CVE-2013-7275 (Cross-site scripting (XSS) vulnerability in misc.php in MyBB (aka MyBu ...)
 	NOT-FOR-US: MyBB
-CVE-2013-7274
+CVE-2013-7274 (Cross-site scripting (XSS) vulnerability in Wallpaper Script 3.5.0082  ...)
 	NOT-FOR-US: Wallpaper Script
 CVE-2013-7272
 	RESERVED
-CVE-2013-7288
+CVE-2013-7288 (Cross-site scripting (XSS) vulnerability in the mycode_parse_video fun ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 CVE-2013-7285 [remote code execution via deserialization in XStream]
 	RESERVED
@@ -661,50 +661,50 @@ CVE-2013-7285 [remote code execution via deserialization in XStream]
 	NOTE: http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html
 	NOTE: http://markmail.org/message/kfqoqdfj5fnup5co?q=list:org.codehaus.xstream.dev&page=3
 	NOTE: initial patch: https://fisheye.codehaus.org/changelog/xstream?cs=2210
-CVE-2013-7284
+CVE-2013-7284 (The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Stora ...)
 	- libplrpc-perl <removed> (high; bug #734789)
 	[squeeze] - libplrpc-perl <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Upstream appears dead.
-CVE-2013-7273
+CVE-2013-7273 (GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list  ...)
 	- gdm3 3.8.3-1 (low; bug #683338)
 	[wheezy] - gdm3 <no-dsa> (Minor issue)
 	[squeeze] - gdm3 <not-affected> (Vulnerable code not present)
-CVE-2013-7271
+CVE-2013-7271 (The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel befor ...)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	- linux 3.12.6-1
 	[wheezy] - linux 3.2.54-1
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
-CVE-2013-7270
+CVE-2013-7270 (The packet_recvmsg function in net/packet/af_packet.c in the Linux ker ...)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	- linux 3.12.6-1
 	[wheezy] - linux 3.2.54-1
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
-CVE-2013-7269
+CVE-2013-7269 (The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel  ...)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	- linux 3.12.6-1
 	[wheezy] - linux 3.2.54-1
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
-CVE-2013-7268
+CVE-2013-7268 (The ipx_recvmsg function in net/ipx/af_ipx.c in the Linux kernel befor ...)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	- linux 3.12.6-1
 	[wheezy] - linux 3.2.54-1
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
-CVE-2013-7267
+CVE-2013-7267 (The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel  ...)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	- linux 3.12.6-1
 	[wheezy] - linux 3.2.54-1
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
-CVE-2013-7266
+CVE-2013-7266 (The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the  ...)
 	{DLA-103-1}
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
@@ -712,82 +712,82 @@ CVE-2013-7266
 	[wheezy] - linux 3.2.54-1
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
-CVE-2013-7262
+CVE-2013-7262 (SQL injection vulnerability in the msPostGISLayerSetTimeFilter functio ...)
 	- mapserver 6.4.1-1 (low; bug #734565)
 	[wheezy] - mapserver 6.0.1-3.2+deb7u2
 	[squeeze] - mapserver 5.6.5-2+squeeze3
 	NOTE: https://github.com/mapserver/mapserver/issues/4834
 CVE-2013-7261
 	RESERVED
-CVE-2013-7260
+CVE-2013-7260 (Multiple stack-based buffer overflows in RealNetworks RealPlayer befor ...)
 	NOT-FOR-US: RealPlayer
-CVE-2013-7281
+CVE-2013-7281 (The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux kern ...)
 	- linux-2.6 <not-affected> (Introduced in 3.10)
 	- linux 3.12.6-1 (low)
 	[wheezy] - linux <not-affected> (Introduced in 3.10)
-CVE-2013-7265
+CVE-2013-7265 (The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel b ...)
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.54-1
 	- linux 3.12.6-1 (low)
-CVE-2013-7264
+CVE-2013-7264 (The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel ...)
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.54-1
 	- linux 3.12.6-1 (low)
-CVE-2013-7263
+CVE-2013-7263 (The Linux kernel before 3.12.4 updates certain length values before en ...)
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.12.6-1 (low)
 	[wheezy] - linux 3.2.54-1 (low)
-CVE-2013-7251
+CVE-2013-7251 (Multiple cross-site request forgery (CSRF) vulnerabilities in ProjectF ...)
 	NOT-FOR-US: ProjectForge
-CVE-2013-7250
+CVE-2013-7250 (Cross-site scripting (XSS) vulnerability in the JsonBuilder implementa ...)
 	NOT-FOR-US: ProjectForge
-CVE-2013-7248
+CVE-2013-7248 (Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other ...)
 	NOT-FOR-US: Franklin Fueling Systems TS-550
-CVE-2013-7247
+CVE-2013-7247 (cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware ...)
 	NOT-FOR-US: Franklin Fueling Systems TS-550
-CVE-2013-7246
+CVE-2013-7246 (Buffer overflow in the IconCreate method in an ActiveX control in the  ...)
 	NOT-FOR-US: DaumGame ActiveX plugin
-CVE-2013-7245
+CVE-2013-7245 (The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows  ...)
 	NOT-FOR-US: SAP Sybase ASE
 CVE-2013-7244
 	RESERVED
-CVE-2013-7243
+CVE-2013-7243 (Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3 ...)
 	NOT-FOR-US: GetSimple CMS
 CVE-2013-7238
 	RESERVED
 CVE-2013-7237
 	RESERVED
-CVE-2013-7259
+CVE-2013-7259 (Multiple cross-site request forgery (CSRF) vulnerabilities in Neo4J 1. ...)
 	- neo4j-community <itp> (bug #685615)
 	NOTE: http://blog.diniscruz.com/2013/08/neo4j-csrf-payload-to-start-processes.html
-CVE-2013-7258
+CVE-2013-7258 (Cross-site scripting (XSS) vulnerability in web2ldap 1.1.x before 1.1. ...)
 	- web2ldap <removed> (low; bug #734107)
-CVE-2013-7257
+CVE-2013-7257 (Cross-site scripting (XSS) vulnerability in Codiad 2.0.7 allows remote ...)
 	NOT-FOR-US: Codiad
-CVE-2013-7256
+CVE-2013-7256 (Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4. ...)
 	NOT-FOR-US: Ops View
-CVE-2013-7255
+CVE-2013-7255 (Open redirect vulnerability in Opsview before 4.4.2 allows remote atta ...)
 	NOT-FOR-US: Ops View
-CVE-2013-7254
+CVE-2013-7254 (Cross-site scripting (XSS) vulnerability in Opsview before 4.4.2 allow ...)
 	NOT-FOR-US: Ops View
 CVE-2013-7253
 	RESERVED
-CVE-2013-7252
+CVE-2013-7252 (kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ...)
 	- kde-runtime 4:4.12.2-1
 	[wheezy] - kde-runtime <no-dsa> (4.12 introduces a GnuPG backend, no backport planned)
 	- kdebase-runtime <removed>
 	[squeeze] - kdebase-runtime <no-dsa> (4.12 introduces a GnuPG backend, no backport planned)
 	NOTE: http://gaganpreet.in/blog/2013/07/24/kwallet-security-analysis/
 	NOTE: Upstream advisory: https://www.kde.org/info/security/advisory-20150109-1.txt
-CVE-2013-7233
+CVE-2013-7233 (Cross-site request forgery (CSRF) vulnerability in the retrospam compo ...)
 	- wordpress <unfixed> (unimportant)
 	NOTE: issue only allows comments from posts to be moved to "needs moderation" list
-CVE-2013-7232
+CVE-2013-7232 (SQL injection vulnerability in ESRI ArcGIS for Server through 10.2 all ...)
 	NOT-FOR-US: ESRI ArcGIS
-CVE-2013-7231
+CVE-2013-7231 (Cross-site scripting (XSS) vulnerability in the Mobile Content Server  ...)
 	NOT-FOR-US: ESRI ArcGIS
 CVE-2013-7230
 	RESERVED
@@ -797,19 +797,19 @@ CVE-2013-7228
 	RESERVED
 CVE-2013-7227
 	RESERVED
-CVE-2013-7226
+CVE-2013-7226 (Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5 ...)
 	- php5 5.5.9+dfsg-1
 	[wheezy] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
 	NOTE: https://bugs.php.net/bug.php?id=66356
 	NOTE: http://www.php.net/manual/en/function.imagecrop.php
-CVE-2013-7219
+CVE-2013-7219 (SQL injection vulnerability in vote.php in the 2Glux Sexy Polling (com ...)
 	NOT-FOR-US: Joomla component com_sexypolling
 CVE-2013-7218
 	RESERVED
-CVE-2013-7217
+CVE-2013-7217 (Unspecified vulnerability in Zimbra Collaboration Server 7.2.5 and ear ...)
 	NOT-FOR-US: Zimbra
-CVE-2013-7216
+CVE-2013-7216 (Multiple SQL injection vulnerabilities in Classifieds Creator 2.0 allo ...)
 	NOT-FOR-US: Classifieds Creator
 CVE-2013-7215
 	RESERVED
@@ -823,7 +823,7 @@ CVE-2013-7211
 	RESERVED
 CVE-2013-7210
 	RESERVED
-CVE-2013-7209
+CVE-2013-7209 (Cross-site request forgery (CSRF) vulnerability in admBase/login.page  ...)
 	NOT-FOR-US: jForum
 CVE-2013-7208
 	RESERVED
@@ -831,11 +831,11 @@ CVE-2013-7207
 	RESERVED
 CVE-2013-7206
 	RESERVED
-CVE-2013-7204
+CVE-2013-7204 (Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Co ...)
 	NOT-FOR-US: Conceptronic CIPCAMPTIWL Camera
-CVE-2013-7202
+CVE-2013-7202 (The WebHybridClient class in PayPal 5.3 and earlier for Android allows ...)
 	NOT-FOR-US: Paypal for Android
-CVE-2013-7201
+CVE-2013-7201 (WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL ...)
 	NOT-FOR-US: Paypal for Android
 CVE-2013-7200
 	RESERVED
@@ -845,48 +845,48 @@ CVE-2013-7198
 	RESERVED
 CVE-2013-7197
 	RESERVED
-CVE-2013-7196
+CVE-2013-7196 (static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote authen ...)
 	NOT-FOR-US: PHPFox
-CVE-2013-7195
+CVE-2013-7195 (PHPFox 3.7.3 and 3.7.4 allows remote authenticated users to bypass int ...)
 	NOT-FOR-US: PHPFox
-CVE-2013-7194
+CVE-2013-7194 (Multiple cross-site scripting (XSS) vulnerabilities in www/administrat ...)
 	NOT-FOR-US: eFront
-CVE-2013-7193
+CVE-2013-7193 (Multiple SQL injection vulnerabilities in C2C Forward Auction Creator  ...)
 	NOT-FOR-US: C2C Forward Auction Creator
-CVE-2013-7192
+CVE-2013-7192 (Multiple SQL injection vulnerabilities in Dynamic Biz Website Builder  ...)
 	NOT-FOR-US: Dynamic Biz Website Builder
-CVE-2013-7190
+CVE-2013-7190 (Multiple directory traversal vulnerabilities in iScripts AutoHoster, p ...)
 	NOT-FOR-US: iScripts AutoHoster
-CVE-2013-7186
+CVE-2013-7186 (Buffer overflow in Steinberg MyMp3PRO 5.0 (Build 5.1.0.21) allows remo ...)
 	NOT-FOR-US: Steinberg MyMp3PRO
 CVE-2013-7185
 	RESERVED
-CVE-2013-7184
+CVE-2013-7184 (Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attacke ...)
 	NOT-FOR-US: Gretech GOM Media Player
-CVE-2013-7183
+CVE-2013-7183 (cgi-bin/reboot.cgi on Seowon Intech SWC-9100 routers allows remote att ...)
 	NOT-FOR-US: Seowon Intech SWC-9100
-CVE-2013-7182
+CVE-2013-7182 (Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdl ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2013-7181
+CVE-2013-7181 (Cross-site scripting (XSS) vulnerability in user/ldap_user/add in Fort ...)
 	NOT-FOR-US: FortiWeb
-CVE-2013-7180
+CVE-2013-7180 (Cobham SAILOR 900 VSAT; SAILOR FleetBroadBand 150, 250, and 500; EXPLO ...)
 	NOT-FOR-US: Cobham
-CVE-2013-7179
+CVE-2013-7179 (The ping functionality in cgi-bin/diagnostic.cgi on Seowon Intech SWC- ...)
 	NOT-FOR-US: Seowon Intech SWC-9100 routers
 CVE-2013-7178
 	RESERVED
-CVE-2013-7177
+CVE-2013-7177 (config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban b ...)
 	{DSA-2979-1 DLA-0021-1}
 	- fail2ban 0.8.11-1
 	[squeeze] - fail2ban 0.8.4-3+squeeze3
 	NOTE: https://github.com/fail2ban/fail2ban/commit/bd175f026737d66e7110868fb50b3760ff75e087
-CVE-2013-7176
+CVE-2013-7176 (config/filter.d/postfix.conf in the postfix filter in Fail2ban before  ...)
 	{DSA-2979-1 DLA-0021-1}
 	- fail2ban 0.8.11-1
 	[squeeze] - fail2ban 0.8.4-3+squeeze3
-CVE-2013-7175
+CVE-2013-7175 (Multiple SQL injection vulnerabilities in Avanset Visual CertExam Mana ...)
 	NOT-FOR-US: Avanset Visual CertExam Manager
-CVE-2013-7174
+CVE-2013-7174 (Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS be ...)
 	NOT-FOR-US: QNAP QTS
 CVE-2013-7173
 	RESERVED
@@ -944,46 +944,46 @@ CVE-2013-7151
 	RESERVED
 CVE-2013-7150
 	RESERVED
-CVE-2013-7249
+CVE-2013-7249 (Fat Free CRM before 0.12.1 does not restrict XML serialization, which  ...)
 	NOT-FOR-US: Fat Free CRM
-CVE-2013-7242
+CVE-2013-7242 (SQL injection vulnerability in zp-core/zp-extensions/wordpress_import. ...)
 	NOT-FOR-US: Zenphoto
-CVE-2013-7241
+CVE-2013-7241 (Cross-site scripting (XSS) vulnerability in the export function in zp- ...)
 	NOT-FOR-US: Zenphoto
-CVE-2013-7240
+CVE-2013-7240 (Directory traversal vulnerability in download-file.php in the Advanced ...)
 	NOT-FOR-US: Dewplayer
-CVE-2013-7239
+CVE-2013-7239 (memcached before 1.4.17 allows remote attackers to bypass authenticati ...)
 	{DSA-2832-1}
 	- memcached 1.4.13-0.3 (bug #733643)
 	[squeeze] - memcached <not-affected> (vulnerable code present, but SASL authentication support not enabled)
 	NOTE: https://code.google.com/p/memcached/wiki/ReleaseNotes1417
 	NOTE: https://code.google.com/p/memcached/issues/detail?id=316
 	NOTE: https://github.com/memcached/memcached/commit/87c1cf0f20be20608d3becf854e9cf0910f4ad32
-CVE-2013-7236
+CVE-2013-7236 (Simple Machines Forum (SMF) 2.0.6, 1.1.19, and earlier allows remote a ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2013-7235
+CVE-2013-7235 (Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows  ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2013-7234
+CVE-2013-7234 (Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows  ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2013-7225
+CVE-2013-7225 (Multiple SQL injection vulnerabilities in app/controllers/home_control ...)
 	NOT-FOR-US: Fat Free CRM
-CVE-2013-7224
+CVE-2013-7224 (Fat Free CRM before 0.12.1 does not restrict JSON serialization, which ...)
 	NOT-FOR-US: Fat Free CRM
-CVE-2013-7223
+CVE-2013-7223 (Multiple cross-site request forgery (CSRF) vulnerabilities in Fat Free ...)
 	NOT-FOR-US: Fat Free CRM
-CVE-2013-7222
+CVE-2013-7222 (config/initializers/secret_token.rb in Fat Free CRM before 0.12.1 has  ...)
 	NOT-FOR-US: Fat Free CRM
-CVE-2013-7221
+CVE-2013-7221 (The automatic screen lock functionality in GNOME Shell (aka gnome-shel ...)
 	- gnome-shell 3.10.1-1
 	[wheezy] - gnome-shell <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=708313
 	NOTE: https://git.gnome.org/browse/gnome-shell/commit/js/ui/main.js?id=efdf1ff755943fba1f8a9aaeff77daa3ed338088
-CVE-2013-7220
+CVE-2013-7220 (js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allo ...)
 	- gnome-shell 3.8.4-1
 	[wheezy] - gnome-shell <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=686740
 	NOTE: https://git.gnome.org/browse/gnome-shell/commit/js/ui/screenShield.js?id=209014b083dbe86ed0e0860a6016735571b56f94
-CVE-2013-7205
+CVE-2013-7205 (Off-by-one error in the process_cgivars function in contrib/daemonchk. ...)
 	{DLA-1615-1}
 	- nagios3 <removed> (low; bug #771466)
 	[squeeze] - nagios3 <no-dsa> (Minor issue)
@@ -991,18 +991,18 @@ CVE-2013-7205
 	NOTE: additional changed files for nagios3, cf. CVE-2013-7108
 	NOTE: Fixed by https://sourceforge.net/p/nagios/nagioscore/ci/d97e03f32741a7d851826b03ed73ff4c9612a866/
 	NOTE: See also https://github.com/Icinga/icinga-core/issues/1399
-CVE-2013-7203
+CVE-2013-7203 (gitolite before commit fa06a34 might allow local users to read arbitra ...)
 	- gitolite3 3.5.3.1-1
 	NOTE: http://marc.info/?l=oss-security&m=138783069700756&w=2
-CVE-2013-7191
+CVE-2013-7191 (Cross-site scripting (XSS) vulnerability in Tenmiles Helpdesk Pilot al ...)
 	NOT-FOR-US: Tenmiles Helpdesk Pilot
-CVE-2013-7189
+CVE-2013-7189 (Multiple SQL injection vulnerabilities in iScripts AutoHoster, possibl ...)
 	NOT-FOR-US: iScripts AutoHoster
-CVE-2013-7188
+CVE-2013-7188 (Cross-site scripting (XSS) vulnerability in KBKP Software HostBill bef ...)
 	NOT-FOR-US: HostBill
-CVE-2013-7187
+CVE-2013-7187 (SQL injection vulnerability in form.php in the FormCraft plugin 1.3.7  ...)
 	NOT-FOR-US: WordPress plugin FormCraft
-CVE-2013-7149
+CVE-2013-7149 (SQL injection vulnerability in www/delivery/axmlrpc.php (aka the XML-R ...)
 	NOT-FOR-US: Revive Adserver
 CVE-2013-7148
 	REJECTED
@@ -1012,30 +1012,30 @@ CVE-2013-7146
 	REJECTED
 CVE-2013-7145
 	REJECTED
-CVE-2013-7144
+CVE-2013-7144 (LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X doe ...)
 	NOT-FOR-US: LINE
-CVE-2013-7143
+CVE-2013-7143 (Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-7142
+CVE-2013-7142 (Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-7141
+CVE-2013-7141 (Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-7140
+CVE-2013-7140 (XML External Entity (XXE) vulnerability in the CalDAV interface in Ope ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-7139
+CVE-2013-7139 (SQL injection vulnerability in download.php in Horizon Quick Content M ...)
 	NOT-FOR-US: Horizon CMS
-CVE-2013-7138
+CVE-2013-7138 (Directory traversal vulnerability in lib/functions/d-load.php in Horiz ...)
 	NOT-FOR-US: Horizon CMS
-CVE-2013-7137
+CVE-2013-7137 (The "remember me" functionality in login.php in Burden before 1.8.1 al ...)
 	NOT-FOR-US: Burden
-CVE-2013-7136
+CVE-2013-7136 (The UPC Ireland Cisco EPC 2425 router (aka Horizon Box) does not have  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-7135
+CVE-2013-7135 (The Proc::Daemon module 0.14 for Perl uses world-writable permissions  ...)
 	- libproc-daemon-perl 0.14-2 (low; bug #732283)
 	[wheezy] - libproc-daemon-perl <no-dsa> (Minor issue)
 	[squeeze] - libproc-daemon-perl <not-affected> (does not have pid_file option)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=91450
-CVE-2013-7134
+CVE-2013-7134 (Juvia uses the same secret key for all installations, which allows rem ...)
 	NOT-FOR-US: Juvia
 CVE-2013-7133
 	RESERVED
@@ -1043,15 +1043,15 @@ CVE-2013-7132
 	RESERVED
 CVE-2013-7131
 	RESERVED
-CVE-2013-7130
+CVE-2013-7130 (The i_create_images_and_backing (aka create_images_and_backing) method ...)
 	- nova 2013.2.2 (low; bug #736465)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/nova/+bug/1251590
-CVE-2013-7129
+CVE-2013-7129 (Cross-site scripting (XSS) vulnerability in ThemeBeans Blooog theme 1. ...)
 	NOT-FOR-US: WordPress theme
-CVE-2013-7128
+CVE-2013-7128 (Valve Bug Reporter in the valve-bugreporter package 2.10+bsos1 in Valv ...)
 	NOT-FOR-US: SteamOS
-CVE-2013-7127
+CVE-2013-7127 (Apple Safari 6.0.5 on Mac OS X 10.7.5 and 10.8.5 stores cleartext cred ...)
 	NOT-FOR-US: Apple Safari
 CVE-2013-7126
 	REJECTED
@@ -1079,17 +1079,17 @@ CVE-2013-7115
 	REJECTED
 CVE-2013-7109
 	RESERVED
-CVE-2013-7105
+CVE-2013-7105 (Buffer overflow in the Interstage HTTP Server log functionality, as us ...)
 	NOT-FOR-US: Fujitsu Interstage HTTP Server
-CVE-2013-7104
+CVE-2013-7104 (McAfee Email Gateway 7.6 allows remote authenticated administrators to ...)
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2013-7103
+CVE-2013-7103 (McAfee Email Gateway 7.6 allows remote authenticated administrators to ...)
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2013-7102
+CVE-2013-7102 (Multiple unrestricted file upload vulnerabilities in (1) media-upload. ...)
 	NOT-FOR-US: WordPress theme OptimizePress
 CVE-2013-7101
 	RESERVED
-CVE-2013-7100
+CVE-2013-7100 (Buffer overflow in the unpacksms16 function in apps/app_sms.c in Aster ...)
 	{DSA-2835-1}
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2013-006.html
 	- asterisk 1:11.7.0~dfsg-1 (bug #732355)
@@ -1097,50 +1097,50 @@ CVE-2013-7099
 	RESERVED
 CVE-2013-7098
 	RESERVED
-CVE-2013-7097
+CVE-2013-7097 (Directory traversal vulnerability in 7 Media Web Solutions eduTrac bef ...)
 	NOT-FOR-US: eduTrac
-CVE-2013-7096
+CVE-2013-7096 (Multiple SQL injection vulnerabilities in SAP EMR Unwired allow remote ...)
 	NOT-FOR-US: Sap EMR
-CVE-2013-7095
+CVE-2013-7095 (The XML parser (crm_flex_data) in SAP Customer Relationship Management ...)
 	NOT-FOR-US: Sap CRM
-CVE-2013-7094
+CVE-2013-7094 (SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2013-7093
+CVE-2013-7093 (SAP Network Interface Router (SAProuter) 39.3 SP4 allows remote attack ...)
 	NOT-FOR-US: SAP Network Interface Router
-CVE-2013-7092
+CVE-2013-7092 (Multiple SQL injection vulnerabilities in /admin/cgi-bin/rpc/doReport/ ...)
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2013-7091
+CVE-2013-7091 (Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,Aj ...)
 	NOT-FOR-US: Zimbra
 CVE-2013-7090
 	RESERVED
 CVE-2013-7084
 	RESERVED
-CVE-2013-7114
+CVE-2013-7114 (Multiple buffer overflows in the create_ntlmssp_v2_key function in epa ...)
 	{DSA-2825-1}
 	- wireshark 1.10.4-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-68.html
-CVE-2013-7113
+CVE-2013-7113 (epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.1 ...)
 	{DSA-2825-1}
 	- wireshark 1.10.4-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-67.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9488
-CVE-2013-7112
+CVE-2013-7112 (The dissect_sip_common function in epan/dissectors/packet-sip.c in the ...)
 	{DLA-497-1}
 	- wireshark 1.10.4-1 (unimportant)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-66.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9388
 	NOTE: Not suitable for code injection
-CVE-2013-7111
+CVE-2013-7111 (The put_call function in the API client (api/api_client.rb) in the Bas ...)
 	NOT-FOR-US: Bio Basespace SDK Ruby Gem
-CVE-2013-7110
+CVE-2013-7110 (Transifex command-line client before 0.10 does not validate X.509 cert ...)
 	- transifex-client 0.10-1
 	[wheezy] - transifex-client <not-affected> (Incomplete patch was never released)
 	NOTE: fix for CVE-2013-2073 was incorrect/incomplete
 	NOTE: https://github.com/transifex/transifex-client/issues/42
 	NOTE: https://github.com/transifex/transifex-client/commit/6d69d61
-CVE-2013-7108
+CVE-2013-7108 (Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, a ...)
 	{DSA-2956-1 DLA-1615-1 DLA-60-1}
 	- icinga 1.10.2-1 (low)
 	- nagios3 <removed> (low; bug #771466)
@@ -1149,7 +1149,7 @@ CVE-2013-7108
 	NOTE: https://dev.icinga.org/issues/5251
 	NOTE: separate CVE requested for nagios, http://www.openwall.com/lists/oss-security/2013/12/23/4
 	NOTE: Fixed by https://sourceforge.net/p/nagios/nagioscore/ci/d97e03f32741a7d851826b03ed73ff4c9612a866/
-CVE-2013-7107
+CVE-2013-7107 (Cross-site request forgery (CSRF) vulnerability in cmd.cgi in Icinga 1 ...)
 	{DSA-2956-1}
 	- icinga 1.10.2-1 (low)
 	[squeeze] - icinga <no-dsa> (Minor issue)
@@ -1158,30 +1158,30 @@ CVE-2013-7107
 	[squeeze] - nagios3 <no-dsa> (Minor issue)
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
 	NOTE: https://dev.icinga.org/issues/5346
-CVE-2013-7106
+CVE-2013-7106 (Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 befo ...)
 	{DSA-2956-1}
 	- icinga 1.10.2-1
 	[squeeze] - icinga <not-affected> (Vulnerable code not present)
 	NOTE: https://dev.icinga.org/issues/5250
 CVE-2013-7083
 	RESERVED
-CVE-2013-7068
+CVE-2013-7068 (The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allow ...)
 	NOT-FOR-US: Drupal module
-CVE-2013-7067
+CVE-2013-7067 (The OG Features module 6.x-1.x before 6.x-1.4 for Drupal does not prop ...)
 	NOT-FOR-US: Drupal module
-CVE-2013-7066
+CVE-2013-7066 (The Entity reference module 7.x-1.x before 7.x-1.1-rc1 for Drupal allo ...)
 	NOT-FOR-US: Drupal module
-CVE-2013-7065
+CVE-2013-7065 (The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allow ...)
 	NOT-FOR-US: Drupal module
-CVE-2013-7064
+CVE-2013-7064 (Cross-site scripting (XSS) vulnerability in the EU Cookie Compliance m ...)
 	NOT-FOR-US: Drupal module
-CVE-2013-7063
+CVE-2013-7063 (The Invitation module 7.x-2.x for Drupal does not properly check permi ...)
 	NOT-FOR-US: Drupal module
 CVE-2013-7059
 	RESERVED
 CVE-2013-7058
 	RESERVED
-CVE-2013-7057
+CVE-2013-7057 (Cross-site request forgery (CSRF) vulnerability in Axway SecureTranspo ...)
 	NOT-FOR-US: Axway SecureTransport
 CVE-2013-7056
 	RESERVED
@@ -1208,9 +1208,9 @@ CVE-2013-7045
 	RESERVED
 CVE-2013-7044
 	RESERVED
-CVE-2013-7043
+CVE-2013-7043 (Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Sc ...)
 	NOT-FOR-US: Cisco
-CVE-2013-7042
+CVE-2013-7042 (SUSE Lifecycle Management Server (SLMS) before 1.3.7 uses world-readab ...)
 	NOT-FOR-US: SUSE Lifecycle Management Server
 CVE-2013-7037
 	RESERVED
@@ -1218,26 +1218,26 @@ CVE-2013-7036
 	RESERVED
 CVE-2013-7035
 	RESERVED
-CVE-2013-7034
+CVE-2013-7034 (The setCookieValue function in _lib/functions.global.inc.php in LiveZi ...)
 	NOT-FOR-US: LiveZilla
-CVE-2013-7033
+CVE-2013-7033 (LiveZilla before 5.1.2.1 includes the operator password in plaintext i ...)
 	NOT-FOR-US: LiveZilla
-CVE-2013-7032
+CVE-2013-7032 (Multiple cross-site scripting (XSS) vulnerabilities in the web based o ...)
 	NOT-FOR-US: LiveZilla
 CVE-2013-7031
 	RESERVED
-CVE-2013-7030
+CVE-2013-7030 (** DISPUTED ** The TFTP service in Cisco Unified Communications Manage ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2013-7029
 	RESERVED
 CVE-2013-7028
 	RESERVED
-CVE-2013-7027
+CVE-2013-7027 (The ieee80211_radiotap_iterator_init function in net/wireless/radiotap ...)
 	- linux 3.11.7-1 (unimportant)
 	[wheezy] - linux 3.2.53-1
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Non-issue: https://bugzilla.redhat.com/show_bug.cgi?id=1040010#c1
-CVE-2013-7026
+CVE-2013-7026 (Multiple race conditions in ipc/shm.c in the Linux kernel before 3.12. ...)
 	- linux 3.12.5-1
 	[wheezy] - linux <not-affected> (Introduced in 8b8d52ac382b)
 	- linux-2.6 <not-affected> (Introduced in 8b8d52ac382b)
@@ -1255,49 +1255,49 @@ CVE-2013-7087 [[clamav: WWPack corrupt heap memory]
 	- clamav 0.97.7+dfsg-1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/71990820d01c246e4e61408a3659dd9d92949b38
 	NOTE: from https://github.com/vrtadmin/clamav-devel/commits/master/libclamav/wwunpack.c
-CVE-2013-7086
+CVE-2013-7086 (The message function in lib/webbynode/notify.rb in the Webbynode gem 1 ...)
 	NOT-FOR-US: Ruby Gem Webbynode
-CVE-2013-7085
+CVE-2013-7085 (Uscan in devscripts 2.13.5, when USCAN_EXCLUSION is enabled, allows re ...)
 	- devscripts 2.13.9 (bug #732006)
 	[wheezy] - devscripts <not-affected> (does not contain the vulnerable code; introduced in 2.13.5)
 	[squeeze] - devscripts <not-affected> (does not contain the vulnerable code; introduced in 2.13.5)
-CVE-2013-7082
+CVE-2013-7082 (Cross-site scripting (XSS) vulnerability in the errorAction method in  ...)
 	NOT-FOR-US: Typo3 Flow
 	NOTE: https://review.typo3.org/#/c/26176/
 	NOTE: CVE assigned for Typo3 Flow, correspond to CVE-2013-7078
-CVE-2013-7081
+CVE-2013-7081 (The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31 ...)
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26182/
-CVE-2013-7080
+CVE-2013-7080 (The creating record functionality in Extension table administration li ...)
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26178/
-CVE-2013-7079
+CVE-2013-7079 (Open redirect vulnerability in the OpenID extension in TYPO3 4.5.0 thr ...)
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26179/
-CVE-2013-7078
+CVE-2013-7078 (Cross-site scripting (XSS) vulnerability in the errorAction method in  ...)
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26176/
-CVE-2013-7077
+CVE-2013-7077 (Cross-site scripting (XSS) vulnerability in the Backend User Administr ...)
 	- typo3-src <not-affected> (Affects versions 6.0.0 to 6.0.11, 6.1.0 to 6.1.6)
-CVE-2013-7076
+CVE-2013-7076 (Cross-site scripting (XSS) vulnerability in Extension Manager in TYPO3 ...)
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26181/
-CVE-2013-7075
+CVE-2013-7075 (The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4 ...)
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26175/
-CVE-2013-7074
+CVE-2013-7074 (Multiple cross-site scripting (XSS) vulnerabilities in Content Editing ...)
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26184/
 	NOTE: https://review.typo3.org/#/c/26183/
 	NOTE: https://review.typo3.org/#/c/26177/
-CVE-2013-7073
+CVE-2013-7073 (The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4 ...)
 	{DSA-2834-1}
 	- typo3-src 4.5.32+dfsg1-1 (bug #731999)
 	NOTE: https://review.typo3.org/#/c/26180/
@@ -1314,45 +1314,45 @@ CVE-2013-7062 [XSS]
 	- zope2.12 <removed> (low)
 	[wheezy] - zope2.12 <no-dsa> (Minor issue)
 	- zope2.13 <not-affected> (Vulnerable code not present)
-CVE-2013-7061
+CVE-2013-7061 (Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows rem ...)
 	NOT-FOR-US: Plone
-CVE-2013-7060
+CVE-2013-7060 (Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows rem ...)
 	NOT-FOR-US: Plone
-CVE-2013-7049
+CVE-2013-7049 (Stack-based buffer overflow in fish.cpp in the Fish plugin for ZNC, as ...)
 	NOTE: vulnerable code not found in Debian
 	NOTE: http://www.openwall.com/lists/oss-security/2013/12/11/14
 	NOT-FOR-US: FiSH Plugin for ZNC IRC Bouncer
-CVE-2013-7048
+CVE-2013-7048 (OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlie ...)
 	- nova 2013.2.2 (bug #732022)
 	[wheezy] - nova <not-affected> (Support for live snapshots added later)
 	NOTE: https://bugs.launchpad.net/nova/+bug/1227027
-CVE-2013-7050
+CVE-2013-7050 (The get_main_source_dir function in scripts/uscan.pl in devscripts bef ...)
 	- devscripts 2.13.8 (bug #731849)
 	[wheezy] - devscripts <not-affected> (does not contain the vulnerable code; introduced in 2.13.5)
 	[squeeze] - devscripts <not-affected> (does not contain the vulnerable code; introduced in 2.13.5)
 	NOTE: http://anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git;a=commitdiff;h=91f05b5
-CVE-2013-7069
+CVE-2013-7069 (ack 2.00 through 2.11_02 allows remote attackers to execute arbitrary  ...)
 	- ack-grep 2.12-1 (bug #731848)
 	[wheezy] - ack-grep <not-affected> (don't support per-project .ackrc files)
 	[squeeze] - ack-grep <not-affected> (don't support per-project .ackrc files)
 	NOTE: https://github.com/petdance/ack2/issues/399
-CVE-2013-7025
+CVE-2013-7025 (Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlert ...)
 	NOT-FOR-US: Dell SonicWALL Global Management System
 CVE-2013-7007
 	RESERVED
 CVE-2013-7006
 	RESERVED
-CVE-2013-7005
+CVE-2013-7005 (D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware be ...)
 	NOT-FOR-US: D-Link DSR-150
-CVE-2013-7004
+CVE-2013-7004 (D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware be ...)
 	NOT-FOR-US: D-Link DSR-150
-CVE-2013-7003
+CVE-2013-7003 (Multiple cross-site scripting (XSS) vulnerabilities in LiveZilla befor ...)
 	NOT-FOR-US: LiveZilla
-CVE-2013-7041
+CVE-2013-7041 (The pam_userdb module for Pam uses a case-insensitive method to compar ...)
 	- pam 1.1.8-3.1 (low; bug #731368)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	[wheezy] - pam <no-dsa> (Minor issue)
-CVE-2013-7040
+CVE-2013-7040 (Python 2.7 before 3.4 only uses the last eight bits of the prefix to r ...)
 	- python2.5 <removed> (unimportant)
 	- python2.6 <removed> (unimportant)
 	- python2.7 <unfixed> (unimportant)
@@ -1361,68 +1361,68 @@ CVE-2013-7040
 	- python3.3 <removed> (unimportant)
 	- python3.4 3.4.0-1 (unimportant)
 	NOTE: upstream tagged this as wontfix for versions older than 3.4
-CVE-2013-7039
+CVE-2013-7039 (Stack-based buffer overflow in the MHD_digest_auth_check function in l ...)
 	- libmicrohttpd 0.9.32-1 (low; bug #731933)
 	[wheezy] - libmicrohttpd 0.9.20-1+deb7u1
 	[squeeze] - libmicrohttpd <no-dsa> (Minor issue, only expoitable in corner cases)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039390
-CVE-2013-7038
+CVE-2013-7038 (The MHD_http_unescape function in libmicrohttpd before 0.9.32 might al ...)
 	- libmicrohttpd 0.9.32-1 (low; bug #731933)
 	[squeeze] - libmicrohttpd <no-dsa> (Minor issue)
 	[wheezy] - libmicrohttpd <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039384
-CVE-2013-7024
+CVE-2013-7024 (The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpe ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/fe448cd28d674c3eff3072552eae366d0b659ce9
 	NOTE: https://trac.ffmpeg.org/ticket/2921
 	NOTE: Only present in libav trunk
-CVE-2013-7023
+CVE-2013-7023 (The ff_combine_frame function in libavcodec/parser.c in FFmpeg before  ...)
 	- ffmpeg <not-affected> (max_alloc not present in old ffmpeg/libav)
 	- libav <not-affected> (max_alloc not present in old ffmpeg/libav)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
 	NOTE: https://trac.ffmpeg.org/ticket/2982
-CVE-2013-7022
+CVE-2013-7022 (The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before  ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/e07ac727c1cc9eed39e7f9117c97006f719864bd
 	NOTE: https://trac.ffmpeg.org/ticket/2971
 	NOTE: Only present in libav trunk
-CVE-2013-7021
+CVE-2013-7021 (The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/cdd5df8189ff1537f7abe8defe971f80602cc2d2
 	NOTE: https://trac.ffmpeg.org/ticket/2905
-CVE-2013-7020
+CVE-2013-7020 (The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1  ...)
 	{DSA-3027-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.4-1
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/b05cd1ea7e45a836f7f6071a716c38bb30326e0f
-CVE-2013-7019
+CVE-2013-7019 (The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1  ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/a1b9004b768bef606ee98d417bceb9392ceb788d
 	NOTE: https://trac.ffmpeg.org/ticket/2898
 	NOTE: Only present in libav trunk
-CVE-2013-7018
+CVE-2013-7018 (libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use  ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/9a271a9368eaabf99e6c2046103acb33957e63b7
 	NOTE: https://trac.ffmpeg.org/ticket/2895
 	NOTE: Only present in libav trunk
-CVE-2013-7017
+CVE-2013-7017 (libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to  ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/912ce9dd2080c5837285a471d750fa311e09b555
 	NOTE: Only present in libav trunk
-CVE-2013-7016
+CVE-2013-7016 (The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1  ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/8bb11c3ca77b52e05a9ed1496a65f8a76e6e2d8f
 	NOTE: https://trac.ffmpeg.org/ticket/2848
 	NOTE: Only present in libav trunk
-CVE-2013-7015
+CVE-2013-7015 (The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg be ...)
 	{DSA-2855-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -1430,192 +1430,192 @@ CVE-2013-7015
 	NOTE: ffmpeg fix: https://github.com/FFmpeg/FFmpeg/commit/880c73cd76109697447fbfbaa8e5ee5683309446
 	NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commit;h=57070b1468edc6ac8cb3696c817f3c943975d4c1
 	NOTE: https://trac.ffmpeg.org/ticket/2844
-CVE-2013-7014
+CVE-2013-7014 (Integer signedness error in the add_bytes_l2_c function in libavcodec/ ...)
 	{DSA-2855-1}
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:9.11-1
 	NOTE: https://trac.ffmpeg.org/ticket/2919
 	NOTE: Fix in ffmpeg: https://github.com/FFmpeg/FFmpeg/commit/86736f59d6a527d8bc807d09b93f971c0fe0bb07
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=d1916d13e28b87f4b1b214231149e12e1d536b4b
-CVE-2013-7013
+CVE-2013-7013 (The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before  ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/821a5938d100458f4d09d634041b05c860554ce0
 	NOTE: https://trac.ffmpeg.org/ticket/2922
 	NOTE: Only present in libav trunk
-CVE-2013-7012
+CVE-2013-7012 (The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1  ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/780669ef7c23c00836a24921fcc6b03be2b8ca4a
 	NOTE: https://trac.ffmpeg.org/ticket/3080
 	NOTE: Only present in libav trunk
-CVE-2013-7011
+CVE-2013-7011 (The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1  ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Reproducer fails on libav 0.8.9 and 9.11)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/547d690d676064069d44703a1917e0dab7e33445
 	NOTE: https://trac.ffmpeg.org/ticket/2906
-CVE-2013-7010
+CVE-2013-7010 (Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg b ...)
 	{DSA-2855-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:9.11-1
 	NOTE: ffmpeg fix: https://github.com/FFmpeg/FFmpeg/commit/454a11a1c9c686c78aa97954306fb63453299760
 	NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commit;h=d1916d13e28b87f4b1b214231149e12e1d536b4b
-CVE-2013-7009
+CVE-2013-7009 (The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before  ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Not reproducible with 0.8.9)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/3819db745da2ac7fb3faacb116788c32f4753f34
 	NOTE: https://trac.ffmpeg.org/ticket/2850
-CVE-2013-7008
+CVE-2013-7008 (The decode_slice_header function in libavcodec/h264.c in FFmpeg before ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Crash not reproducable, libav code is different)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/29ffeef5e73b8f41ff3a3f2242d356759c66f91f
 	NOTE: https://trac.ffmpeg.org/ticket/2927
-CVE-2013-7002
+CVE-2013-7002 (Cross-site scripting (XSS) vulnerability in mobile/php/translation/ind ...)
 	NOT-FOR-US: LiveZilla
-CVE-2013-7001
+CVE-2013-7001 (The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS &amp; MMS Gat ...)
 	NOT-FOR-US: NowSMS
-CVE-2013-7000
+CVE-2013-7000 (The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS &amp; MMS Gat ...)
 	NOT-FOR-US: NowSMS
-CVE-2013-6999
+CVE-2013-6999 (** DISPUTED ** The IsHandleEntrySecure function in win32k.sys in the k ...)
 	NOT-FOR-US: Microsoft Windows Server 2008 SP2
 CVE-2013-6998
 	REJECTED
-CVE-2013-6997
+CVE-2013-6997 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange (O ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2013-6996
 	RESERVED
 CVE-2013-6995
 	REJECTED
-CVE-2013-6994
+CVE-2013-6994 (OpenText Exceed OnDemand (EoD) 8 transmits the session ID in cleartext ...)
 	NOT-FOR-US: OpenText Exceed OnDemand
-CVE-2013-6993
+CVE-2013-6993 (Cross-site scripting (XSS) vulnerability in the Ad-minister plugin 0.6 ...)
 	NOT-FOR-US: WordPress plugin Ad-minister
-CVE-2013-6992
+CVE-2013-6992 (Cross-site request forgery (CSRF) vulnerability in askapache-firefox-a ...)
 	NOT-FOR-US: WordPress plugin AskApache Firefox Adsense
-CVE-2013-6991
+CVE-2013-6991 (Cross-site scripting (XSS) vulnerability in the WP-Cron Dashboard plug ...)
 	NOT-FOR-US: WordPress plugin WP-Cron Dashboard
-CVE-2013-6990
+CVE-2013-6990 (FortiGuard FortiAuthenticator before 3.0 allows remote administrators  ...)
 	NOT-FOR-US: FortiGuard FortiAuthenticator
 CVE-2013-6989
 	RESERVED
 CVE-2013-6988
 	RESERVED
-CVE-2013-6987
+CVE-2013-6987 (Multiple directory traversal vulnerabilities in the FileBrowser compon ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2013-6986
+CVE-2013-6986 (The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in ...)
 	NOT-FOR-US: ZippyYum
 CVE-2013-6984
 	RESERVED
-CVE-2013-6983
+CVE-2013-6983 (SQL injection vulnerability in the web interface in Cisco Unified Pres ...)
 	NOT-FOR-US: Cisco Unified Presence Server
-CVE-2013-6982
+CVE-2013-6982 (The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not pro ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-6981
+CVE-2013-6981 (Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a d ...)
 	NOT-FOR-US: Cisco IOS XE
 CVE-2013-6980
 	RESERVED
-CVE-2013-6979
+CVE-2013-6979 (The VTY authentication implementation in Cisco IOS XE 03.02.xxSE and 0 ...)
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-6978
+CVE-2013-6978 (The disaster recovery system (DRS) component in Cisco Unified Communic ...)
 	NOT-FOR-US: Cisco
 CVE-2013-6977
 	RESERVED
-CVE-2013-6976
+CVE-2013-6976 (Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6975
+CVE-2013-6975 (Directory traversal vulnerability in the command-line interface in Cis ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-6974
+CVE-2013-6974 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco ...)
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2013-6973
+CVE-2013-6973 (Cisco WebEx Training Center allows remote attackers to discover regist ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6972
+CVE-2013-6972 (Cisco WebEx Training Center allows remote attackers to discover sessio ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6971
+CVE-2013-6971 (Open redirect vulnerability in Cisco WebEx Training Center allows remo ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6970
+CVE-2013-6970 (Cisco WebEx Meeting Center allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6969
+CVE-2013-6969 (The training-registration page in Cisco WebEx Training Center allows r ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6968
+CVE-2013-6968 (Cisco WebEx Training Center provides different error messages for regi ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6967
+CVE-2013-6967 (Open redirect vulnerability in the mobile-browser subsystem in Cisco W ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6966
+CVE-2013-6966 (Open redirect vulnerability in Cisco WebEx Training Center allows remo ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6965
+CVE-2013-6965 (The registration component in Cisco WebEx Training Center provides the ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6964
+CVE-2013-6964 (Cisco WebEx Meeting Center allows remote authenticated users to bypass ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6963
+CVE-2013-6963 (Cross-site scripting (XSS) vulnerability in the registration component ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6962
+CVE-2013-6962 (Cross-site scripting (XSS) vulnerability in the mobile-browser subsyst ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6961
+CVE-2013-6961 (Cross-site scripting (XSS) vulnerability in the Collaboration Partner  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6960
+CVE-2013-6960 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Mee ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6959
+CVE-2013-6959 (Open redirect vulnerability in Cisco WebEx Sales Center allows remote  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6958
+CVE-2013-6958 (Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the ...)
 	NOT-FOR-US: Juniper NetScreen Firewall
-CVE-2013-6957
+CVE-2013-6957 (Cross-site scripting (XSS) vulnerability in the web administrative com ...)
 	NOT-FOR-US: Juniper
-CVE-2013-6956
+CVE-2013-6956 (Cross-site scripting (XSS) vulnerability in the Secure Access Service  ...)
 	NOT-FOR-US: Juniper Junos Pulse Secure Access Service
-CVE-2013-6955
+CVE-2013-6955 (webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 bef ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2013-6954
+CVE-2013-6954 (The png_do_expand_palette function in libpng before 1.6.8 allows remot ...)
 	{DSA-2923-1}
 	- libpng <not-affected> (Vulnerable code introduced in 1.6.1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1045561
 	NOTE: http://sourceforge.net/mailarchive/message.php?msg_id=31751422
-CVE-2013-6953
+CVE-2013-6953 (BlogEngine.NET 2.8.0.0 and earlier allows remote attackers to read use ...)
 	NOT-FOR-US: BlogEngine.NET
-CVE-2013-6952
+CVE-2013-6952 (The Belkin WeMo Home Automation firmware before 3949 has a hardcoded G ...)
 	NOT-FOR-US: Belkin WeMo
-CVE-2013-6951
+CVE-2013-6951 (The Belkin WeMo Home Automation firmware before 3949 does not maintain ...)
 	NOT-FOR-US: Belkin WeMo
-CVE-2013-6950
+CVE-2013-6950 (The Belkin WeMo Home Automation firmware before 3949 does not use SSL  ...)
 	NOT-FOR-US: Belkin WeMo
-CVE-2013-6949
+CVE-2013-6949 (The Belkin WeMo Home Automation firmware before 3949 does not properly ...)
 	NOT-FOR-US: Belkin WeMo
-CVE-2013-6948
+CVE-2013-6948 (The peerAddresses API in the Belkin WeMo Home Automation firmware befo ...)
 	NOT-FOR-US: Belkin WeMo
 CVE-2013-6947
 	RESERVED
 CVE-2013-6946
 	RESERVED
-CVE-2013-6945
+CVE-2013-6945 (The M2M Broker in OSEHRA VistA, as distributed before September 30, 20 ...)
 	- vista <itp> (bug #541242)
-CVE-2013-6944
+CVE-2013-6944 (Cross-site scripting (XSS) vulnerability in the user interface in the  ...)
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6943
+CVE-2013-6943 (Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9. ...)
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6942
+CVE-2013-6942 (Cross-site request forgery (CSRF) vulnerability in Citrix NetScaler Ap ...)
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6941
+CVE-2013-6941 (Unspecified vulnerability in Citrix NetScaler Application Delivery Con ...)
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6940
+CVE-2013-6940 (Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9. ...)
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6939
+CVE-2013-6939 (Unspecified vulnerability in Citrix NetScaler Application Delivery Con ...)
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6938
+CVE-2013-6938 (Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9. ...)
 	NOT-FOR-US: Citrix NetScaler SDX
-CVE-2013-6937
+CVE-2013-6937 (Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows ...)
 	NOT-FOR-US: VideoCharge
-CVE-2013-6936
+CVE-2013-6936 (Multiple SQL injection vulnerabilities in ajaxfs.php in the Ajax forum ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
-CVE-2013-6935
+CVE-2013-6935 (Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows ...)
 	NOT-FOR-US: VideoCharge
-CVE-2013-6934
+CVE-2013-6934 (The parseRTSPRequestString function in Live Networks Live555 Streaming ...)
 	- liblivemedia <not-affected> (incomplete patch never applied)
 	- vlc <not-affected> (never built against liblivemedia with incomplete patch)
 	- mplayer <not-affected> (never built against liblivemedia with incomplete patch)
 	- mplayer2 <not-affected> (b-d's on liblivemedia but doesn't actually build the support for it)
-CVE-2013-6933
+CVE-2013-6933 (The parseRTSPRequestString function in Live Networks Live555 Streaming ...)
 	{DSA-3156-1}
 	- liblivemedia 2014.01.13-1
 	[squeeze] - liblivemedia <not-affected> (vuln. code introduced in 2011.08.13)
@@ -1627,73 +1627,73 @@ CVE-2013-6933
 	- mplayer2 <not-affected> (b-d's on liblivemedia but doesn't actually build the support for it)
 	NOTE: vlc fixed by binNMU 2.1.2-2+b1, but since binNMUs are not visible to the security tracker, the subsequent sid upload is tracked
 	NOTE: for wheezy the version present at release of DSA 3156 is used (2.0.3-5+deb7u2), although strictly speaking it's 2.0.3-5+deb7u2+b1
-CVE-2013-6932
+CVE-2013-6932 (Buffer overflow in IrfanView before 4.37, when a multibyte-character d ...)
 	NOT-FOR-US: IrfanView
-CVE-2013-6931
+CVE-2013-6931 (SQL injection vulnerability in the API in Cybozu Garoon 3.7.x before 3 ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6930
+CVE-2013-6930 (SQL injection vulnerability in the page-navigation implementation in C ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6929
+CVE-2013-6929 (SQL injection vulnerability in Cybozu Garoon 3.7 SP2 and earlier allow ...)
 	NOT-FOR-US: Cybozu Garoon
 CVE-2013-6928
 	RESERVED
 CVE-2013-6927
 	RESERVED
-CVE-2013-6926
+CVE-2013-6926 (The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 all ...)
 	NOT-FOR-US: Siemens
-CVE-2013-6925
+CVE-2013-6925 (The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 all ...)
 	NOT-FOR-US: Siemens
-CVE-2013-6924
+CVE-2013-6924 (Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow re ...)
 	NOT-FOR-US: Seagate BlackArmor NAS devices
-CVE-2013-6923
+CVE-2013-6923 (Multiple cross-site scripting (XSS) vulnerabilities in Seagate BlackAr ...)
 	NOT-FOR-US: Seagate BlackArmor NAS 220 devices
-CVE-2013-6922
+CVE-2013-6922 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Seag ...)
 	NOT-FOR-US: Seagate BlackArmor NAS 220
 CVE-2013-6921
 	RESERVED
-CVE-2013-6985
+CVE-2013-6985 (SQL injection vulnerability in m_worklog/log_searchday.jsp in Enorth W ...)
 	NOT-FOR-US: Enorth Webpublisher CMS
-CVE-2013-6920
+CVE-2013-6920 (Siemens SINAMICS S/G controllers with firmware before 4.6.11 do not re ...)
 	NOT-FOR-US: Siemens
-CVE-2013-6919
+CVE-2013-6919 (The default configuration of phpThumb before 1.7.12 has a false value  ...)
 	NOT-FOR-US: phpThumb
 CVE-2013-6917
 	RESERVED
-CVE-2013-6916
+CVE-2013-6916 (Cross-site scripting (XSS) vulnerability in the Yahoo! User Interface  ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6915
+CVE-2013-6915 (Cross-site scripting (XSS) vulnerability in the system-administration  ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6914
+CVE-2013-6914 (Cross-site scripting (XSS) vulnerability in a calendar component in Cy ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6913
+CVE-2013-6913 (Cross-site scripting (XSS) vulnerability in a search component in Cybo ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6912
+CVE-2013-6912 (Cross-site scripting (XSS) vulnerability in a calendar component in Cy ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6911
+CVE-2013-6911 (Cross-site scripting (XSS) vulnerability in the bulletin-board compone ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6910
+CVE-2013-6910 (Cross-site scripting (XSS) vulnerability in Ajax components in Cybozu  ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6909
+CVE-2013-6909 (Cross-site scripting (XSS) vulnerability in a report component in Cybo ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6908
+CVE-2013-6908 (Cross-site scripting (XSS) vulnerability in a mail component in Cybozu ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6907
+CVE-2013-6907 (Cross-site scripting (XSS) vulnerability in a mail component in Cybozu ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6906
+CVE-2013-6906 (Cross-site scripting (XSS) vulnerability in a mail component in Cybozu ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6905
+CVE-2013-6905 (Cross-site scripting (XSS) vulnerability in a phone component in Cyboz ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6904
+CVE-2013-6904 (Cross-site scripting (XSS) vulnerability in a note component in Cybozu ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6903
+CVE-2013-6903 (Cross-site scripting (XSS) vulnerability in a schedule component in Cy ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6902
+CVE-2013-6902 (Cross-site scripting (XSS) vulnerability in the Space function in Cybo ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6901
+CVE-2013-6901 (Cross-site scripting (XSS) vulnerability in the Space function in Cybo ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6900
+CVE-2013-6900 (Cross-site scripting (XSS) vulnerability in the system-administration  ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6918
+CVE-2013-6918 (The web interface on the Satechi travel router 1.5, when Wi-Fi is used ...)
 	NOT-FOR-US: Satechi travel router
 CVE-2013-6899
 	RESERVED
@@ -1709,37 +1709,37 @@ CVE-2013-6894
 	RESERVED
 CVE-2013-6893
 	RESERVED
-CVE-2013-6892
+CVE-2013-6892 (WebSVN 2.3.3 allows remote authenticated users to read arbitrary files ...)
 	{DSA-3137-1 DLA-136-1}
 	- websvn 2.3.3-1.2 (bug #775682)
-CVE-2013-6891
+CVE-2013-6891 (lppasswd in CUPS before 1.7.1, when running with setuid privileges, al ...)
 	- cups 1.7.1-1
 	[wheezy] - cups <not-affected> (Vulnerable code introduced with 1.6.4)
 	[squeeze] - cups <not-affected> (Vulnerable code introduced with 1.6.4)
 	NOTE: https://www.cups.org/str.php?L4319
-CVE-2013-6890
+CVE-2013-6890 (denyhosts 2.6 uses an incorrect regular expression when analyzing auth ...)
 	{DSA-2826-1}
 	- denyhosts 2.6-10.1
-CVE-2013-6889
+CVE-2013-6889 (GNU Rush 1.7 does not properly drop privileges, which allows local use ...)
 	- rush 1.7+dfsg-4 (bug #733505)
 	[wheezy] - rush 1.7+dfsg-1+deb7u1
-CVE-2013-6888
+CVE-2013-6888 (Uscan in devscripts before 2.13.9 allows remote attackers to execute a ...)
 	{DSA-2836-1}
 	- devscripts 2.13.9
 	[squeeze] - devscripts <no-dsa> (Minor issue)
-CVE-2013-6887
+CVE-2013-6887 (OpenJPEG 1.5.1 allows remote attackers to cause a denial of service vi ...)
 	- openjpeg 1.5.2-1 (bug #731237)
 	[wheezy] - openjpeg <not-affected> (Only affects 1.5)
 	[squeeze] - openjpeg <not-affected> (Only affects 1.5)
-CVE-2013-6886
+CVE-2013-6886 (RealVNC VNC 5.0.6 on Mac OS X, Linux, and UNIX allows local users to g ...)
 	- vnc4 <not-affected> (Only affects 5.0.6, binaries in Debian version are not setuid root)
-CVE-2013-6884
+CVE-2013-6884 (The write-blocker in CRU Ditto Forensic FieldStation with firmware bef ...)
 	NOT-FOR-US: Ditto Forensic FieldStation
-CVE-2013-6883
+CVE-2013-6883 (Cross-site request forgery (CSRF) vulnerability in CRU Ditto Forensic  ...)
 	NOT-FOR-US: Ditto Forensic FieldStation
-CVE-2013-6882
+CVE-2013-6882 (Multiple cross-site scripting (XSS) vulnerabilities in CRU Ditto Foren ...)
 	NOT-FOR-US: Ditto Forensic FieldStation
-CVE-2013-6881
+CVE-2013-6881 (CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows ...)
 	NOT-FOR-US: Ditto Forensic FieldStation
 CVE-2013-6880
 	RESERVED
@@ -1750,26 +1750,26 @@ CVE-2013-6879
 CVE-2013-6878
 	RESERVED
 	NOT-FOR-US: MijoSearch
-CVE-2013-6877
+CVE-2013-6877 (Heap-based buffer overflow in RealNetworks RealPlayer before 17.0.4.61 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2013-6876
+CVE-2013-6876 (The (1) pty_init_terminal and (2) pipe_init_terminal functions in main ...)
 	- s3d 0.2.2-9 (unimportant)
 	NOTE: http://hmarco.org/bugs/s3dvt_0.2.2-root-shell.html
 	NOTE: Not running with elevated privileges in Debian packaging
-CVE-2013-6875
+CVE-2013-6875 (SQL injection vulnerability in functions/prepend_adm.php in Nagios Cor ...)
 	NOT-FOR-US: Nagios XI
-CVE-2013-6874
+CVE-2013-6874 (Stack-based buffer overflow in Vortex Light Alloy before 4.7.4 allows  ...)
 	NOT-FOR-US: Vortex Light Alloy
-CVE-2013-6873
+CVE-2013-6873 (SQL injection vulnerability in Testa Online Test Management System (OT ...)
 	NOT-FOR-US: Testa Online Test Management System
-CVE-2013-6872
+CVE-2013-6872 (SQL injection vulnerability in managetimetracker.php in Collabtive bef ...)
 	- collabtive 1.2-1 (low)
 	[wheezy] - collabtive <no-dsa> (Minor issue)
 CVE-2013-6871
 	RESERVED
-CVE-2013-6870
+CVE-2013-6870 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk befor ...)
 	NOT-FOR-US: Splunk Web
-CVE-2013-6885
+CVE-2013-6885 (The microcode on AMD 16h 00h through 0Fh processors does not properly  ...)
 	{DSA-3128-1 DLA-155-1}
 	- linux 3.14.2-1
 	- linux-2.6 <removed>
@@ -1785,9 +1785,9 @@ CVE-2013-6855
 	RESERVED
 CVE-2013-6854
 	RESERVED
-CVE-2013-6853
+CVE-2013-6853 (Cross-site scripting (XSS) vulnerability in clickstream.js in Y! Toolb ...)
 	NOT-FOR-US: Y! Toolbar plugin
-CVE-2013-6852
+CVE-2013-6852 (Cross-site request forgery (CSRF) vulnerability in html/json.html on H ...)
 	NOT-FOR-US: Hewlett-Packard network equipment
 CVE-2013-6851
 	RESERVED
@@ -1811,161 +1811,161 @@ CVE-2013-6842
 	RESERVED
 CVE-2013-6841
 	RESERVED
-CVE-2013-6840
+CVE-2013-6840 (Siemens COMOS before 9.2.0.8.1, 10.0 before 10.0.3.1.40, and 10.1 befo ...)
 	NOT-FOR-US: Siemens COMOS
-CVE-2013-6839
+CVE-2013-6839 (SQL injection vulnerability in InstantSoft InstantCMS 1.10.3 and earli ...)
 	NOT-FOR-US: InstantCMS
-CVE-2013-6838
+CVE-2013-6838 (An unspecified Enghouse Interactive Professional Services "addon produ ...)
 	NOT-FOR-US: IVR Pro/Contact Center (VIP2000)
-CVE-2013-6837
+CVE-2013-6837 (Cross-site scripting (XSS) vulnerability in the setTimeout function in ...)
 	- web2py <removed> (unimportant)
 	NOTE: python-web2py contains /usr/share/web2py/applications/examples/static/js/jquery.prettyPhoto.js
 	NOTE: Only an example code
-CVE-2013-6836
+CVE-2013-6836 (Heap-based buffer overflow in the ms_escher_get_data function in plugi ...)
 	- gnumeric 1.12.9-1 (low)
 	[wheezy] - gnumeric <no-dsa> (Minor issue)
 	[squeeze] - gnumeric <no-dsa> (Minor issue)
 	NOTE: https://projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.9.shtml
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=712772
-CVE-2013-6835
+CVE-2013-6835 (TelephonyUI Framework in Apple iOS 7 before 7.1, when Safari is used,  ...)
 	NOT-FOR-US: iOS
-CVE-2013-6834
+CVE-2013-6834 (The ql_eioctl function in sys/dev/qlxgbe/ql_ioctl.c in the kernel in F ...)
 	- kfreebsd-9 <not-affected> (Only affects 10.x)
 	- kfreebsd-8 <not-affected> (Only affects 10.x)
 	- kfreebsd-10 10.0~svn258623-1 (bug #730519)
-CVE-2013-6833
+CVE-2013-6833 (The qls_eioctl function in sys/dev/qlxge/qls_ioctl.c in the kernel in  ...)
 	- kfreebsd-9 <not-affected> (Only affects 10.x)
 	- kfreebsd-8 <not-affected> (Only affects 10.x)
 	- kfreebsd-10 10.0~svn258623-1 (bug #730519)
-CVE-2013-6832
+CVE-2013-6832 (The nand_ioctl function in sys/dev/nand/nand_geom.c in the nand driver ...)
 	- kfreebsd-9 <not-affected> (Only affects 10.x)
 	- kfreebsd-8 <not-affected> (Only affects 10.x)
 	- kfreebsd-10 10.0~svn258623-1 (bug #730518)
-CVE-2013-6831
+CVE-2013-6831 (PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms h ...)
 	NOT-FOR-US: PineApp Mail-SeCure
-CVE-2013-6830
+CVE-2013-6830 (admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on 5 ...)
 	NOT-FOR-US: PineApp Mail-SeCure
-CVE-2013-6829
+CVE-2013-6829 (admin/confnetworking.html in PineApp Mail-SeCure allows remote attacke ...)
 	NOT-FOR-US: PineApp Mail-SeCure
-CVE-2013-6828
+CVE-2013-6828 (admin/management.html in PineApp Mail-SeCure allows remote attackers t ...)
 	NOT-FOR-US: PineApp Mail-SeCure
-CVE-2013-6827
+CVE-2013-6827 (Absolute path traversal vulnerability in admin/viewmsg.php in PineApp  ...)
 	NOT-FOR-US: PineApp Mail-SeCure
-CVE-2013-6826
+CVE-2013-6826 (cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiA ...)
 	NOT-FOR-US: Fortinet FortiAnalyzer
-CVE-2013-6825
+CVE-2013-6825 ((1) movescu.cc and (2) storescp.cc in dcmnet/apps/, (3) dcmnet/libsrc/ ...)
 	- dcmtk <unfixed> (unimportant)
 	NOTE: http://hmarco.org/bugs/dcmtk-3.6.1-privilege-escalation.html
 	NOTE: Not running with elevated privileges in Debian packaging
 	NOTE: http://git.dcmtk.org/web?p=dcmtk.git;a=commitdiff;h=beaf5a5c24101daeeafa48c375120b16197c9e95;hp=5349794c4c458c76609b7aeb53d0ca28cf9fe9f0
-CVE-2013-6824
+CVE-2013-6824 (Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 ...)
 	- zabbix 1:2.2.0+dfsg-6 (low)
 	[squeeze] - zabbix <no-dsa> (Minor issue)
 	[wheezy] - zabbix <no-dsa> (Minor issue)
 	NOTE: https://support.zabbix.com/browse/ZBX-7479
-CVE-2013-6823
+CVE-2013-6823 (GRMGApp in SAP NetWeaver allows remote attackers to bypass intended ac ...)
 	NOT-FOR-US: SAP
-CVE-2013-6822
+CVE-2013-6822 (GRMGApp in SAP NetWeaver allows remote attackers to have unspecified i ...)
 	NOT-FOR-US: SAP
-CVE-2013-6821
+CVE-2013-6821 (Directory traversal vulnerability in the Exportability Check Service i ...)
 	NOT-FOR-US: SAP
-CVE-2013-6820
+CVE-2013-6820 (Unrestricted file upload vulnerability in the SAP NetWeaver Developmen ...)
 	NOT-FOR-US: SAP
-CVE-2013-6819
+CVE-2013-6819 (Cross-site scripting (XSS) vulnerability in Performance Provider in SA ...)
 	NOT-FOR-US: SAP
-CVE-2013-6818
+CVE-2013-6818 (SAP NetWeaver Logviewer 6.30, when running on Windows, allows remote a ...)
 	NOT-FOR-US: SAP
-CVE-2013-6817
+CVE-2013-6817 (Heap-based buffer overflow in SAP Network Interface Router (SAProuter) ...)
 	NOT-FOR-US: SAP
-CVE-2013-6816
+CVE-2013-6816 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDum ...)
 	NOT-FOR-US: SAP
-CVE-2013-6815
+CVE-2013-6815 (The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS A ...)
 	NOT-FOR-US: SAP
-CVE-2013-6814
+CVE-2013-6814 (The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote ...)
 	NOT-FOR-US: SAP
 CVE-2013-6813
 	RESERVED
-CVE-2013-6812
+CVE-2013-6812 (The ONEDC app before 1.7 for iOS does not properly verify X.509 certif ...)
 	NOT-FOR-US: ONEDC app
 CVE-2013-6811
 	RESERVED
-CVE-2013-6810
+CVE-2013-6810 (The server in Brocade Network Advisor before 12.1.0, as used in EMC Co ...)
 	NOT-FOR-US: EMC Connectrix Manager Converged Network Edition
-CVE-2013-6809
+CVE-2013-6809 (Format string vulnerability in the client in Tftpd32 before 4.50 allow ...)
 	NOT-FOR-US: Tftpd32
-CVE-2013-6808
+CVE-2013-6808 (Cross-site scripting (XSS) vulnerability in lib/NSSDropoff.php in Zend ...)
 	NOT-FOR-US: ZendTo
-CVE-2013-6869
+CVE-2013-6869 (SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC funct ...)
 	NOT-FOR-US: Sap NetWeaver
-CVE-2013-6868
+CVE-2013-6868 (SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4 ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6867
+CVE-2013-6867 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (AS ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6866
+CVE-2013-6866 (SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15. ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6865
+CVE-2013-6865 (SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4 ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6864
+CVE-2013-6864 (Directory traversal vulnerability in SAP Sybase Adaptive Server Enterp ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6863
+CVE-2013-6863 (SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4 ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6862
+CVE-2013-6862 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (AS ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6861
+CVE-2013-6861 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (AS ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6860
+CVE-2013-6860 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (AS ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6859
+CVE-2013-6859 (SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15. ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6858
+CVE-2013-6858 (Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashb ...)
 	- horizon 2013.2-2 (bug #730752)
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/openstack/horizon/commit/6179f70290783e55b10bbd4b3b7ee74db3f8ef70
-CVE-2013-6807
+CVE-2013-6807 (The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ciph ...)
 	NOT-FOR-US: OpenText Exceed OnDemand
-CVE-2013-6806
+CVE-2013-6806 (OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle attackers to ...)
 	NOT-FOR-US: OpenText Exceed onDemand
-CVE-2013-6805
+CVE-2013-6805 (OpenText Exceed OnDemand (EoD) 8 uses weak encryption for passwords, w ...)
 	NOT-FOR-US: OpenText Exceed OnDemand
-CVE-2013-6804
+CVE-2013-6804 (Cross-site scripting (XSS) vulnerability in the Search module before 1 ...)
 	NOT-FOR-US: Jamroom Search module
 CVE-2013-6803
 	RESERVED
-CVE-2013-6802
+CVE-2013-6802 (Google Chrome before 31.0.1650.57 allows remote attackers to bypass in ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6801
+CVE-2013-6801 (Microsoft Word 2003 SP2 and SP3 on Windows XP SP3 allows remote attack ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-6800
+CVE-2013-6800 (An unspecified third-party database module for the Key Distribution Ce ...)
 	NOTE: Pointless split from CVE-2013-1418
-CVE-2013-6799
+CVE-2013-6799 (Apple Mac OS X 10.9 allows local users to cause a denial of service (m ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-6798
+CVE-2013-6798 (BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 o ...)
 	NOT-FOR-US: BlackBerry Link
-CVE-2013-6797
+CVE-2013-6797 (Cross-site request forgery (CSRF) vulnerability in bluewrench-video-wi ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2013-6796
+CVE-2013-6796 (The SMTP server in DeepOfix 3.3 and earlier allows remote attackers to ...)
 	NOT-FOR-US: DeepOfix
-CVE-2013-6795
+CVE-2013-6795 (The Updater in Rackspace Openstack Windows Guest Agent for XenServer b ...)
 	NOT-FOR-US: Rackspace Windows Agent and Updater
-CVE-2013-6794
+CVE-2013-6794 (Cross-site scripting (XSS) vulnerability in the Calendar module in Ola ...)
 	NOT-FOR-US: Olat
-CVE-2013-6793
+CVE-2013-6793 (Multiple cross-site scripting (XSS) vulnerabilities in the Calendar mo ...)
 	NOT-FOR-US: Olat
 CVE-2013-6792
 	RESERVED
-CVE-2013-6791
+CVE-2013-6791 (Microsoft Enhanced Mitigation Experience Toolkit (EMET) before 4.0 use ...)
 	NOT-FOR-US: Microsoft Enhanced Mitigation Experience Toolkit
 CVE-2013-6790
 	RESERVED
-CVE-2013-6789
+CVE-2013-6789 (security/MemberLoginForm.php in SilverStripe 3.0.3 supports credential ...)
 	- silverstripe <itp> (bug #528461)
-CVE-2013-6788
+CVE-2013-6788 (The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses s ...)
 	NOT-FOR-US: Bitrix Site Manager
-CVE-2013-6787
+CVE-2013-6787 (SQL injection vulnerability in the check_user_password function in mai ...)
 	NOT-FOR-US: Chamilo LMS
-CVE-2013-6786
+CVE-2013-6786 (Cross-site scripting (XSS) vulnerability in Allegro RomPager before 4. ...)
 	NOT-FOR-US: Allegro RomPager
 CVE-2013-6785
 	RESERVED
@@ -1977,7 +1977,7 @@ CVE-2013-6782
 	RESERVED
 CVE-2013-6781
 	RESERVED
-CVE-2013-6780
+CVE-2013-6780 (Cross-site scripting (XSS) vulnerability in uploader.swf in the Upload ...)
 	- yui <removed> (low; bug #730104)
 	[squeeze] - yui <no-dsa> (Not backportable, doesn't build from source in oldstable/stable)
 	[wheezy] - yui <no-dsa> (Not backportable, doesn't build from source in oldstable/stable)
@@ -1992,27 +1992,27 @@ CVE-2013-6777
 	RESERVED
 CVE-2013-6776
 	RESERVED
-CVE-2013-6775
+CVE-2013-6775 (The Chainfire SuperSU package before 1.69 for Android allows attackers ...)
 	NOT-FOR-US: Chainfire SuperSU package
-CVE-2013-6774
+CVE-2013-6774 (Untrusted search path vulnerability in the ChainsDD Superuser package  ...)
 	NOT-FOR-US: Chainfire SuperSU package
 CVE-2013-6773
 	RESERVED
 CVE-2013-6772
 	RESERVED
-CVE-2013-6771
+CVE-2013-6771 (Directory traversal vulnerability in the collect script in Splunk befo ...)
 	NOT-FOR-US: Splunk
-CVE-2013-6770
+CVE-2013-6770 (The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Andro ...)
 	NOT-FOR-US: CyanogenMod/ClockWorkMod/Koush
-CVE-2013-6769
+CVE-2013-6769 (The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Andro ...)
 	NOT-FOR-US: CyanogenMod/ClockWorkMod/Koush
-CVE-2013-6768
+CVE-2013-6768 (Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Ko ...)
 	NOT-FOR-US: CyanogenMod/ClockWorkMod/Koush
-CVE-2013-6767
+CVE-2013-6767 (Stack-based buffer overflow in pepoly.dll in Quick Heal AntiVirus Pro  ...)
 	NOT-FOR-US: QuickHeal AntiVirus
 CVE-2013-6764
 	REJECTED
-CVE-2013-6763
+CVE-2013-6763 (The uio_mmap_physical function in drivers/uio/uio.c in the Linux kerne ...)
 	NOTE: Red Hat consider this as a non-issue:
 	NOTE: http://seclists.org/oss-sec/2013/q4/282
 CVE-2013-6762
@@ -2041,143 +2041,143 @@ CVE-2013-6751
 	REJECTED
 CVE-2013-6750
 	RESERVED
-CVE-2013-6749
+CVE-2013-6749 (Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr  ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2013-6748
+CVE-2013-6748 (Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr  ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2013-6747
+CVE-2013-6747 (IBM GSKit 7.x before 7.0.4.48 and 8.x before 8.0.50.16, as used in IBM ...)
 	NOT-FOR-US: IBM GSKit
-CVE-2013-6746
+CVE-2013-6746 (Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Docume ...)
 	NOT-FOR-US: IBM FileNet Business Process Manager
-CVE-2013-6745
+CVE-2013-6745 (Cross-site scripting (XSS) vulnerability in the IMS server before Ifix ...)
 	NOT-FOR-US: IBM
-CVE-2013-6744
+CVE-2013-6744 (The Stored Procedure infrastructure in IBM DB2 9.5, 9.7 before FP9a, 1 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2013-6743
+CVE-2013-6743 (Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM  ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-6742
+CVE-2013-6742 (The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x throu ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-6741
+CVE-2013-6741 (IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and ...)
 	NOT-FOR-US: IBM Maximo Asset Management and others
 CVE-2013-6740
 	RESERVED
-CVE-2013-6739
+CVE-2013-6739 (IBM SPSS Modeler before 16 on UNIX allows remote authenticated users t ...)
 	NOT-FOR-US: IBM
-CVE-2013-6738
+CVE-2013-6738 (Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics L ...)
 	NOT-FOR-US: IBM
-CVE-2013-6737
+CVE-2013-6737 (IBM System Storage Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.3 ...)
 	NOT-FOR-US: IBM Storwize V7000 Unified
 CVE-2013-6736
 	RESERVED
-CVE-2013-6735
+CVE-2013-6735 (IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-6734
+CVE-2013-6734 (IBM WebSphere eXtreme Scale Client 7.1 through 8.6.0.4 does not proper ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-6733
+CVE-2013-6733 (Cross-site scripting (XSS) vulnerability in the Web Application in the ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-6732
+CVE-2013-6732 (Cross-site scripting (XSS) vulnerability in the server in IBM Cognos B ...)
 	NOT-FOR-US: IBM Cognos
-CVE-2013-6731
+CVE-2013-6731 (IBM Netezza Performance Portal 2.x before 2.0.0.3 allows remote authen ...)
 	NOT-FOR-US: IBM Netezza
-CVE-2013-6730
+CVE-2013-6730 (IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-6729
+CVE-2013-6729 (Cross-site scripting (XSS) vulnerability in IBM QuickFile 1.0.0.0 befo ...)
 	NOT-FOR-US: IBM QuickFile
-CVE-2013-6728
+CVE-2013-6728 (The charting component in IBM WebSphere Dashboard Framework (WDF) 6.1. ...)
 	NOT-FOR-US: IBM WebSphere Dashboard Framework
-CVE-2013-6727
+CVE-2013-6727 (The Connect client in IBM Sametime 8.5.2 through 8.5.2.1 and 9.0 befor ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-6726
+CVE-2013-6726 (Multiple cross-site scripting (XSS) vulnerabilities in WebProcess.srv  ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2013-6725
+CVE-2013-6725 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-6724
+CVE-2013-6724 (Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS  ...)
 	NOT-FOR-US: IBM SPSS SamplePower
-CVE-2013-6723
+CVE-2013-6723 (IBM WebSphere Portal 8.0.0.1 before CF09 does not properly handle refe ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-6722
+CVE-2013-6722 (Unrestricted file upload vulnerability in the Registration/Edit My Pro ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-6721
+CVE-2013-6721 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Service Regi ...)
 	NOT-FOR-US: IBM WebSphere Service Registry and Repository
-CVE-2013-6720
+CVE-2013-6720 (Directory traversal vulnerability in download.php in the Passive Captu ...)
 	NOT-FOR-US: IBM Tealeaf
-CVE-2013-6719
+CVE-2013-6719 (delivery.php in the Passive Capture Application (PCA) web console in I ...)
 	NOT-FOR-US: IBM Tealeaf CX
-CVE-2013-6718
+CVE-2013-6718 (The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3 ...)
 	NOT-FOR-US: IBM firmware
-CVE-2013-6717
+CVE-2013-6717 (The OLAP query engine in IBM DB2 and DB2 Connect 9.7 through FP9, 9.8  ...)
 	NOT-FOR-US: IBM
 CVE-2013-6716
 	REJECTED
 CVE-2013-6715
 	RESERVED
-CVE-2013-6714
+CVE-2013-6714 (The FlashCopy Manager for VMware component in IBM Tivoli Storage Flash ...)
 	NOT-FOR-US: IBM Tivoli Storage FlashCopy Manager
-CVE-2013-6713
+CVE-2013-6713 (The Data Protection for VMware component in IBM Tivoli Storage Manager ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager for Virtual Environments
-CVE-2013-6712
+CVE-2013-6712 (The scan function in ext/date/lib/parse_iso_intervals.c in PHP through ...)
 	{DSA-2816-1}
 	- php5 5.5.6+dfsg-2 (bug #731112)
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=12fe4e90be7bfa2a763197079f68f5568a14e071
-CVE-2013-6711
+CVE-2013-6711 (Cross-site scripting (XSS) vulnerability in the product-creation admin ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6710
+CVE-2013-6710 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Trainin ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6709
+CVE-2013-6709 (The registration component in Cisco WebEx Training Center provides the ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6708
+CVE-2013-6708 (Cisco Cloud Portal 9.4 allows remote attackers to read files of unspec ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6707
+CVE-2013-6707 (Memory leak in the connection-manager implementation in Cisco Adaptive ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6706
+CVE-2013-6706 (The Cisco Express Forwarding processing module in Cisco IOS XE allows  ...)
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-6705
+CVE-2013-6705 (The IP Device Tracking (IPDT) feature in Cisco IOS and IOS XE allows r ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6704
+CVE-2013-6704 (Cisco IOS XE does not properly manage memory for TFTP UDP flows, which ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6703
+CVE-2013-6703 (The TLS/SSLv3 module on Cisco ONS 15454 controller cards allows remote ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6702
+CVE-2013-6702 (The management implementation on Cisco ONS 15454 controller cards with ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6701
+CVE-2013-6701 (The tNetTaskLimit process on the Transport Node Controller (TNC) on Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6700
+CVE-2013-6700 (The SNMP module in Cisco IOS XR allows remote attackers to cause a den ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-6699
+CVE-2013-6699 (The Control and Provisioning of Wireless Access Points (CAPWAP) protoc ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6698
+CVE-2013-6698 (The web interface on Cisco Wireless LAN Controller (WLC) devices does  ...)
 	NOT-FOR-US: Cisco
 CVE-2013-6697
 	RESERVED
-CVE-2013-6696
+CVE-2013-6696 (Cisco Adaptive Security Appliance (ASA) Software does not properly han ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6695
+CVE-2013-6695 (The RBAC implementation in Cisco Secure Access Control System (ACS) do ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6694
+CVE-2013-6694 (The IPSec implementation in Cisco IOS allows remote attackers to cause ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6693
+CVE-2013-6693 (The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 rout ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6692
+CVE-2013-6692 (Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool du ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6691
+CVE-2013-6691 (The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (A ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2013-6690
+CVE-2013-6690 (Multiple cross-site scripting (XSS) vulnerabilities in the web interfa ...)
 	NOT-FOR-US: Cisco
-CVE-2013-6689
+CVE-2013-6689 (Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier a ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-6688
+CVE-2013-6688 (Directory traversal vulnerability in the license-upload interface in t ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-6687
+CVE-2013-6687 (The web portal in the Enterprise License Manager component in Cisco We ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2013-6686
+CVE-2013-6686 (The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows r ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-6685
+CVE-2013-6685 (The firmware on Cisco Unified IP phones 8961, 9951, and 9971 uses weak ...)
 	NOT-FOR-US: Cisco Unified IP phones
-CVE-2013-6684
+CVE-2013-6684 (The web framework on Cisco Wireless LAN Controller (WLC) devices does  ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2013-6683
+CVE-2013-6683 (The IPv6 implementation in Cisco NX-OS does not properly handle neighb ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-6682
+CVE-2013-6682 (The phone-proxy implementation in Cisco Adaptive Security Appliance (A ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2013-6681
 	RESERVED
@@ -2193,11 +2193,11 @@ CVE-2013-6676
 	REJECTED
 CVE-2013-6675
 	REJECTED
-CVE-2013-6674
+CVE-2013-6674 (Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x t ...)
 	- icedove 24.2.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2014/mfsa2014-14.html
-CVE-2013-6673
+CVE-2013-6673 (Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird ...)
 	- iceweasel 24.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 24.2.0-1
@@ -2205,10 +2205,10 @@ CVE-2013-6673
 	- iceape <removed>
 	[wheezy] - iceape <end-of-life>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-6672
+CVE-2013-6672 (Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow u ...)
 	- iceweasel <not-affected> (Only affects Firefox 25)
 	- iceape <not-affected> (Only affects Firefox 25)
-CVE-2013-6671
+CVE-2013-6671 (The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26 ...)
 	- iceweasel 24.2.0esr-1
 	- icedove 24.2.0-1
 	- iceape <removed>
@@ -2220,7 +2220,7 @@ CVE-2013-6670
 	RESERVED
 CVE-2013-6669
 	RESERVED
-CVE-2013-6668
+CVE-2013-6668 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, a ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2229,69 +2229,69 @@ CVE-2013-6668
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2013-6667
+CVE-2013-6667 (Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750 ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6666
+CVE-2013-6666 (The PepperFlashRendererHost::OnNavigate function in renderer/pepper/pe ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6665
+CVE-2013-6665 (Heap-based buffer overflow in the ResourceProvider::InitializeSoftware ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6664
+CVE-2013-6664 (Use-after-free vulnerability in the FormAssociatedElement::formRemoved ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6663
+CVE-2013-6663 (Use-after-free vulnerability in the SVGImage::setContainerSize functio ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6662
+CVE-2013-6662 (Google Chrome caches TLS sessions before certificate validation occurs ...)
 	NOTE: Chrome issue fixed end of 2013, not really worth figuring out in which version
-CVE-2013-6661
+CVE-2013-6661 (Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750 ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6660
+CVE-2013-6660 (The drag-and-drop implementation in Google Chrome before 33.0.1750.117 ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6659
+CVE-2013-6659 (The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socke ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6658
+CVE-2013-6658 (Multiple use-after-free vulnerabilities in the layout implementation i ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6657
+CVE-2013-6657 (core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used i ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6656
+CVE-2013-6656 (The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in th ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6655
+CVE-2013-6655 (Use-after-free vulnerability in Blink, as used in Google Chrome before ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6654
+CVE-2013-6654 (The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVG ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6653
+CVE-2013-6653 (Use-after-free vulnerability in the web contents implementation in Goo ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6652
+CVE-2013-6652 (Directory traversal vulnerability in sandbox/win/src/named_pipe_dispat ...)
 	- chromium-browser <not-affected> (Windows-specific)
 CVE-2013-6651
 	RESERVED
-CVE-2013-6650
+CVE-2013-6650 (The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Goo ...)
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2300,7 +2300,7 @@ CVE-2013-6650
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2013-6649
+CVE-2013-6649 (Use-after-free vulnerability in the RenderSVGImage::paint function in  ...)
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2309,33 +2309,33 @@ CVE-2013-6649
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2013-6648
+CVE-2013-6648 (SkRegion::setPath in Skia allows remote attackers to cause a denial of ...)
 	- skia <itp> (bug #818180)
-CVE-2013-6647
+CVE-2013-6647 (A use-after-free in AnimationController::endAnimationUpdate in Google  ...)
 	- chromium-browser <not-affected> (According to upstream bug only affected interim version, not a stable release)
-CVE-2013-6646
+CVE-2013-6646 (Use-after-free vulnerability in the Web Workers implementation in Goog ...)
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6645
+CVE-2013-6645 (Use-after-free vulnerability in the OnWindowRemovingFromRootWindow fun ...)
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6644
+CVE-2013-6644 (Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700 ...)
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6643
+CVE-2013-6643 (The OneClickSigninBubbleView::WindowClosing function in browser/ui/vie ...)
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6642
+CVE-2013-6642 (Google Chrome through 32.0.1700.23 on Android allows remote attackers  ...)
 	- chromium-browser <not-affected> (only affects google chrome on android)
-CVE-2013-6641
+CVE-2013-6641 (Use-after-free vulnerability in the FormAssociatedElement::formRemoved ...)
 	{DSA-2862-1}
 	- chromium-browser 32.0.1700.123-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6640
+CVE-2013-6640 (The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc ...)
 	{DSA-2811-1}
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
@@ -2343,7 +2343,7 @@ CVE-2013-6640
 	- libv8-3.14 3.14.5.8-5
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6639
+CVE-2013-6639 (The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc ...)
 	{DSA-2811-1}
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
@@ -2351,7 +2351,7 @@ CVE-2013-6639
 	- libv8-3.14 3.14.5.8-5
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6638
+CVE-2013-6638 (Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, ...)
 	{DSA-2811-1}
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
@@ -2360,19 +2360,19 @@ CVE-2013-6638
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: libv8 not covered by security support
-CVE-2013-6637
+CVE-2013-6637 (Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650 ...)
 	{DSA-2811-1}
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6636
+CVE-2013-6636 (The FrameLoader::notifyIfInitialDocumentAccessed function in core/load ...)
 	{DSA-2811-1}
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6635
+CVE-2013-6635 (Use-after-free vulnerability in the editing implementation in Blink, a ...)
 	{DSA-2811-1}
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6634
+CVE-2013-6634 (The OneClickSigninHelper::ShowInfoBarIfPossible function in browser/ui ...)
 	{DSA-2811-1}
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2382,23 +2382,23 @@ CVE-2013-6620
 	RESERVED
 CVE-2013-6619
 	RESERVED
-CVE-2013-6618
+CVE-2013-6618 (jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 befo ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-6617
+CVE-2013-6617 (The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not ...)
 	- salt 0.17.1+dfsg-1
-CVE-2013-6766
+CVE-2013-6766 (OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows rem ...)
 	NOT-FOR-US: OpenVAS Administrator (only uploaded to exp 2.5 years ago)
-CVE-2013-6765
+CVE-2013-6765 (OpenVAS Manager 3.0 before 3.0.7 and 4.0 before 4.0.4 allows remote at ...)
 	NOT-FOR-US: OpenVAS Manager (only uploaded to experimental 2.5 years ago)
-CVE-2013-6632
+CVE-2013-6632 (Integer overflow in Google Chrome before 31.0.1650.57 allows remote at ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6631
+CVE-2013-6631 (Use-after-free vulnerability in the Channel::SendRTCPPacket function i ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6630
+CVE-2013-6630 (The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as  ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2417,7 +2417,7 @@ CVE-2013-6630
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
 	NOTE: http://packetstormsecurity.com/files/123989/IJG-jpeg6b-libjpeg-turbo-Uninitialized-Memory.html
-CVE-2013-6629
+CVE-2013-6629 (The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-t ...)
 	{DSA-2923-1 DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2436,35 +2436,35 @@ CVE-2013-6629
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
 	NOTE: http://packetstormsecurity.com/files/123989/IJG-jpeg6b-libjpeg-turbo-Uninitialized-Memory.html
-CVE-2013-6628
+CVE-2013-6628 (net/socket/ssl_client_socket_nss.cc in the TLS implementation in Googl ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6627
+CVE-2013-6627 (net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 do ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6626
+CVE-2013-6626 (The WebContentsImpl::AttachInterstitialPage function in content/browse ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6625
+CVE-2013-6625 (Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, a ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6624
+CVE-2013-6624 (Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allo ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6623
+CVE-2013-6623 (The SVG implementation in Blink, as used in Google Chrome before 31.0. ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6622
+CVE-2013-6622 (Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocu ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-6621
+CVE-2013-6621 (Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allo ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -2698,7 +2698,7 @@ CVE-2013-6503
 	RESERVED
 CVE-2013-6502
 	RESERVED
-CVE-2013-6501
+CVE-2013-6501 (The default soap.wsdl_cache_dir setting in (1) php.ini-production and  ...)
 	- php5 <removed> (unimportant)
 	NOTE: Rendererd unexpoitable by kernel level hardening for tmp races
 CVE-2013-6500
@@ -2713,128 +2713,128 @@ CVE-2013-6499 [loading a module relative to the cwd]
 	NOTE: by src:perl not having '.' in INC since 5.22.2-4 by default.
 CVE-2013-6498
 	RESERVED
-CVE-2013-6497
+CVE-2013-6497 (clamscan in ClamAV before 0.98.5, when using -a option, allows remote  ...)
 	{DLA-95-1}
 	- clamav 0.98.5+dfsg-1
 	[wheezy] - clamav 0.98.5+dfsg-0+deb7u1
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11088
-CVE-2013-6496
+CVE-2013-6496 (Red Hat Conga 0.12.2 allows remote attackers to obtain sensitive infor ...)
 	NOT-FOR-US: Red Hat Conga
 CVE-2013-6495
 	RESERVED
 	NOT-FOR-US: JBossWeb Bayeux
-CVE-2013-6494
+CVE-2013-6494 (fedup 0.9.0 in Fedora 19, 20, and 21 uses a temporary directory with a ...)
 	NOT-FOR-US: fedup (Fedora specific)
-CVE-2013-6493
+CVE-2013-6493 (The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc  ...)
 	- icedtea-web 1.4.2-1 (low)
 	[wheezy] - icedtea-web <no-dsa> (Minor issue)
-CVE-2013-6492
+CVE-2013-6492 (The Piranha Configuration Tool in Piranha 0.8.6 does not properly rest ...)
 	NOT-FOR-US: Pirhana
-CVE-2013-6491
+CVE-2013-6491 (The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo bef ...)
 	- nova 2013.2.3-1
 	[wheezy] - nova <no-dsa> (Minor issue)
-CVE-2013-6490
+CVE-2013-6490 (The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remot ...)
 	{DSA-2859-2 DSA-2859-1}
 	- pidgin 2.10.8-1
-CVE-2013-6489
+CVE-2013-6489 (Integer signedness error in the MXit functionality in Pidgin before 2. ...)
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
 CVE-2013-6488
 	REJECTED
-CVE-2013-6487
+CVE-2013-6487 (Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu ...)
 	{DSA-2859-1 DSA-2852-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
 	- libgadu 1:1.11.3-1
-CVE-2013-6486
+CVE-2013-6486 (gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted rem ...)
 	- pidgin <not-affected> (Windows-specific)
-CVE-2013-6485
+CVE-2013-6485 (Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows  ...)
 	{DSA-2859-2 DSA-2859-1}
 	- pidgin 2.10.8-1
-CVE-2013-6484
+CVE-2013-6484 (The STUN protocol implementation in libpurple in Pidgin before 2.10.8  ...)
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2013-6483
+CVE-2013-6483 (The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not ...)
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <no-dsa> (Not suitable for code injection)
-CVE-2013-6482
+CVE-2013-6482 (Pidgin before 2.10.8 allows remote MSN servers to cause a denial of se ...)
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2013-6481
+CVE-2013-6481 (libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows rem ...)
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2013-6480
+CVE-2013-6480 (Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter f ...)
 	- libcloud <not-affected> (affects 0.12.3 to 0.13.3)
 	NOTE: version prior to 0.12.3 don't include a DigitalOcean driver
-CVE-2013-6479
+CVE-2013-6479 (util.c in libpurple in Pidgin before 2.10.8 does not properly allocate ...)
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <no-dsa> (Not suitable for code injection)
-CVE-2013-6478
+CVE-2013-6478 (gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with un ...)
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2013-6477
+CVE-2013-6477 (Multiple integer signedness errors in libpurple in Pidgin before 2.10. ...)
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <no-dsa> (Not suitable for code injection)
-CVE-2013-6476
+CVE-2013-6476 (The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pd ...)
 	{DSA-2876-1 DSA-2875-1}
 	- cups-filters 1.0.47-1 (bug #741318)
 	- cups 1.5.0-16 (bug #741333)
 	NOTE: cups moved filters to separate package in 1.5.0-16
 	NOTE: in oldstable present in debian/local/filters/pdf-filters/pdftoopvp
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7176
-CVE-2013-6475
+CVE-2013-6475 (Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPS ...)
 	{DSA-2876-1 DSA-2875-1}
 	- cups-filters 1.0.47-1 (bug #741318)
 	- cups 1.5.0-16 (bug #741333)
 	NOTE: cups moved filters to separate package in 1.5.0-16
 	NOTE: in oldstable present in debian/local/filters/pdf-filters/pdftoopvp
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7176
-CVE-2013-6474
+CVE-2013-6474 (Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-fi ...)
 	{DSA-2876-1 DSA-2875-1}
 	- cups-filters 1.0.47-1 (bug #741318)
 	- cups 1.5.0-16 (bug #741333)
 	NOTE: cups moved filters to separate package in 1.5.0-16
 	NOTE: in oldstable present in debian/local/filters/pdf-filters/pdftoopvp
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7176
-CVE-2013-6473
+CVE-2013-6473 (Multiple heap-based buffer overflows in the urftopdf filter in cups-fi ...)
 	- cups-filters 1.0.47-1 (bug #741318)
 	[wheezy] - cups-filters <not-affected> (does not contain urftopdf filter)
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7175
-CVE-2013-6472
+CVE-2013-6472 (MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 ...)
 	{DSA-2891-1}
 	- mediawiki 1:1.19.10+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=58699
 CVE-2013-6471
 	RESERVED
-CVE-2013-6470
+CVE-2013-6470 (The default configuration in the standalone controller quickstack mani ...)
 	NOT-FOR-US: openstack foreman-installer
-CVE-2013-6469
+CVE-2013-6469 (JBoss Overlord Run Time Governance (RTGov) 1.0 for JBossAS allows remo ...)
 	NOT-FOR-US: JBoss SOA RTgov
-CVE-2013-6468
+CVE-2013-6468 (JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM S ...)
 	NOT-FOR-US: JBoss Drolls
-CVE-2013-6467
+CVE-2013-6467 (Libreswan 3.7 and earlier allows remote attackers to cause a denial of ...)
 	- libreswan <not-affected> (Fixed before the initial upload to Debian)
 	NOTE: https://libreswan.org/security/CVE-2013-6467/CVE-2013-6467.txt
-CVE-2013-6466
+CVE-2013-6466 (Openswan 2.6.39 and earlier allows remote attackers to cause a denial  ...)
 	{DSA-2893-1}
 	- openswan <removed> (bug #737406)
 	NOTE: https://libreswan.org/security/CVE-2013-6467/CVE-2013-6467.txt
-CVE-2013-6465
+CVE-2013-6465 (Multiple cross-site scripting (XSS) vulnerabilities in JBPM KIE Workbe ...)
 	NOT-FOR-US: JBPM KIE Workbench
 CVE-2013-6464
 	RESERVED
 CVE-2013-6463
 	REJECTED
-CVE-2013-6462
+CVE-2013-6462 (Stack-based buffer overflow in the bdfReadCharacters function in bitma ...)
 	{DSA-2838-1}
 	- libxfont 1:1.4.7-1
 CVE-2013-6461 [DoS while parsing XML entities]
@@ -2847,43 +2847,43 @@ CVE-2013-6460 [DoS while parsing XML documents]
 	- ruby-nokogiri <not-affected> (jruby implementation not shiped)
 	- libnokogiri-ruby <not-affected> (1.4 and earlier not affected)
 	NOTE: https://groups.google.com/forum/#!topic/ruby-security-ann/DeJpjTAg1FA
-CVE-2013-6459
+CVE-2013-6459 (Cross-site scripting (XSS) vulnerability in the will_paginate gem befo ...)
 	- ruby-will-paginate 3.0.5-1 (low; bug #733209)
 	[wheezy] - ruby-will-paginate <no-dsa> (Minor issue)
 	- libwill-paginate-ruby <removed>
 	[squeeze] - libwill-paginate-ruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mislav/will_paginate/releases/tag/v3.0.5
-CVE-2013-6458
+CVE-2013-6458 (Multiple race conditions in the (1) virDomainBlockStats, (2) virDomain ...)
 	{DSA-2846-1}
 	- libvirt 1.2.1-1 (bug #734556)
 	[squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://www.redhat.com/archives/libvir-list/2013-December/msg01202.html
 	NOTE: upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=db86da5ca2109e4006c286a09b6c75bfe10676ad
-CVE-2013-6457
+CVE-2013-6457 (The libxlDomainGetNumaParameters function in the libxl driver (libxl/l ...)
 	- libvirt 1.2.1-1
 	[wheezy] - libvirt <not-affected> (Vulnerable code not present)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present)
 	NOTE: https://www.redhat.com/archives/libvir-list/2013-December/msg01258.html
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=f9ee91d35510ccbc6fc42cef8864b291b2d220f4
 	NOTE: Introduced in http://libvirt.org/git/?p=libvirt.git;a=commit;h=261c4f5fb93c5e23b8002f2760d4a7937cdb7f63
-CVE-2013-6456
+CVE-2013-6456 (The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allow ...)
 	- libvirt 1.2.3-1 (bug #732394)
 	[wheezy] - libvirt <not-affected> (Vulnerable code not present, introduced in v1.0.1)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present, introduced in v1.0.1)
 CVE-2013-6455
 	RESERVED
 	NOT-FOR-US: Mediawiki CentralAuth extension
-CVE-2013-6454
+CVE-2013-6454 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10,  ...)
 	{DSA-2891-1}
 	- mediawiki 1:1.19.10+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=58472
-CVE-2013-6453
+CVE-2013-6453 (MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 ...)
 	{DSA-2891-1}
 	- mediawiki 1:1.19.10+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=58553
-CVE-2013-6452
+CVE-2013-6452 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10,  ...)
 	{DSA-2891-1}
 	- mediawiki 1:1.19.10+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
@@ -2894,81 +2894,81 @@ CVE-2013-6451
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=58088
 	NOTE: Introduced by the fix for CVE-2013-4568
-CVE-2013-6450
+CVE-2013-6450 (The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l  ...)
 	{DSA-2833-1}
 	- openssl 1.0.1e-5 (low)
 	[squeeze] - openssl <not-affected> (Versions earlier than 1.0.0 are not affected)
-CVE-2013-6449
+CVE-2013-6449 (The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0. ...)
 	{DSA-2833-1}
 	- openssl 1.0.1e-5 (bug #732754)
 	[squeeze] - openssl <not-affected> (TLS 1.2 support introduced in 1.0.1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1045363
 	NOTE: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ca98926
 	NOTE: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0294b2b
-CVE-2013-6448
+CVE-2013-6448 (The InterfaceGenerator handler in JBoss Seam Remoting in JBoss Seam 2  ...)
 	NOT-FOR-US: JBoss Seam
-CVE-2013-6447
+CVE-2013-6447 (Multiple XML External Entity (XXE) vulnerabilities in the (1) Executio ...)
 	NOT-FOR-US: JBoss Seam
-CVE-2013-6446
+CVE-2013-6446 (The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before  ...)
 	NOT-FOR-US: Cloudera
-CVE-2013-6445
+CVE-2013-6445 (Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG  ...)
 	NOT-FOR-US: Cumin
-CVE-2013-6444
+CVE-2013-6444 (PyWBEM 0.7 and earlier does not verify that the server hostname matche ...)
 	- pywbem 0.8.0~dev650-1 (bug #732594)
 	[squeeze] - pywbem <no-dsa> (Minor issue)
 	[wheezy] - pywbem <no-dsa> (Minor issue)
 	NOTE: Fix: https://bugzilla.redhat.com/attachment.cgi?id=851357
-CVE-2013-6443
+CVE-2013-6443 (CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attacker ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2013-6442
+CVE-2013-6442 (The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before ...)
 	- samba 2:4.1.6+dfsg-1 (low)
 	[squeeze] - samba <not-affected> (Only affects 4.x and later)
 	[wheezy] - samba <not-affected> (Only affects 4.x and later)
 	- samba4 <removed>
 	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
 	NOTE: http://www.samba.org/samba/security/CVE-2013-6442
-CVE-2013-6441
+CVE-2013-6441 (The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta ...)
 	{DLA-442-1}
 	- lxc 1.0.0-1 (unimportant)
 	NOTE: getting root on host, if not using unprivileged containers or
 	NOTE: restricting the containers with apparmor or selinux.
 	NOTE: CVE is kept as no official documentation explicitly document this fact
 	NOTE: https://github.com/lxc/lxc/commit/f4d5cc8e1f39d132b61e110674528cac727ae0e2 (lxc-1.0.0.beta2)
-CVE-2013-6440
+CVE-2013-6440 (The (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter, ...)
 	- opensaml2 <not-affected> (Debian provides the C-based Shibboleth implementation)
 	NOTE: http://shibboleth.net/community/advisories/secadv_20131213.txt
 	NOTE: http://blog.sendsafely.com/post/69590974866/web-based-single-sign-on-and-the-dangers-of-saml-xml
-CVE-2013-6439
+CVE-2013-6439 (Candlepin in Red Hat Subscription Asset Manager 1.0 through 1.3 uses a ...)
 	NOT-FOR-US: Candlepin
-CVE-2013-6438
+CVE-2013-6438 (The dav_xml_get_cdata function in main/util.c in the mod_dav module in ...)
 	{DLA-66-1}
 	- apache2 2.4.9-1
 	[wheezy] - apache2 2.2.22-13+deb7u2
-CVE-2013-6437
+CVE-2013-6437 (The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and ice ...)
 	- nova 2013.2.2
 	[wheezy] - nova <not-affected> (Vulnerable code not present)
-CVE-2013-6436
+CVE-2013-6436 (The lxcDomainGetMemoryParameters method in lxc/lxc_driver.c in libvirt ...)
 	- libvirt 1.2.0-1
 	[squeeze] - libvirt <not-affected> (vulnerable code not present, introduced in 1.1)
 	[wheezy] - libvirt <not-affected> (vulnerable code not present, introduced in 1.1)
-CVE-2013-6435
+CVE-2013-6435 (Race condition in RPM 4.11.1 and earlier allows remote attackers to ex ...)
 	{DSA-3129-1 DLA-140-1}
 	- rpm 4.11.3-1.1 (bug #773101)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039811
-CVE-2013-6434
+CVE-2013-6434 (The remote-viewer in Red Hat Enterprise Virtualization Manager (RHEV-M ...)
 	NOT-FOR-US: RHEV Manager
-CVE-2013-6433
+CVE-2013-6433 (The default configuration in the Red Hat openstack-neutron package bef ...)
 	- quantum <removed>
 	[wheezy] - quantum <no-dsa> (Minor issue)
 	- neutron 2014.1-1
 	NOTE: Likely fixed even earlier than 2014.1-1, but that was the oldest version checked
-CVE-2013-6432
+CVE-2013-6432 (The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel befor ...)
 	- linux 3.12.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.11)
 	- linux-2.6 <not-affected> (Vulnerable code introduced in 3.11)
 	NOTE: Introduced by https://git.kernel.org/linus/6d0bfe22611602f36617bc7aa2ffa1bbb2f54c67
 	NOTE: fixed by https://git.kernel.org/linus/cf970c002d270c36202bd5b9c2804d3097a52da0
-CVE-2013-6431
+CVE-2013-6431 (The fib6_add function in net/ipv6/ip6_fib.c in the Linux kernel before ...)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux 3.11.5-1 (low)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -2977,24 +2977,24 @@ CVE-2013-6430
 	RESERVED
 	{DSA-2857-1}
 	- libspring-java 3.0.6.RELEASE-11 (bug #735420)
-CVE-2013-6429
+CVE-2013-6429 (The SourceHttpMessageConverter in Spring MVC in Spring Framework befor ...)
 	{DSA-2857-1}
 	- libspring-java 3.0.6.RELEASE-11 (bug #735420)
-CVE-2013-6428
+CVE-2013-6428 (The ReST API in OpenStack Orchestration API (Heat) before Havana 2013. ...)
 	- heat 2013.2.1-1 (bug #732033)
 	NOTE: https://launchpad.net/bugs/1256983
-CVE-2013-6427
+CVE-2013-6427 (upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing  ...)
 	{DSA-2829-1}
 	- hplip 3.13.11-2 (bug #731480)
 	[squeeze] - hplip <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=853405
-CVE-2013-6426
+CVE-2013-6426 (The cloudformation-compatible API in OpenStack Orchestration API (Heat ...)
 	- heat 2013.2.1-1 (bug #732033)
 	NOTE: https://launchpad.net/bugs/1256049
-CVE-2013-6425
+CVE-2013-6425 (Integer underflow in the pixman_trapezoid_valid macro in pixman.h in P ...)
 	{DSA-2823-1}
 	- pixman 0.30.2-2
-CVE-2013-6424
+CVE-2013-6424 (Integer underflow in the xTrapezoidValid macro in render/picture.h in  ...)
 	{DSA-2822-1}
 	- xorg-server 2:1.14.2.901-1 (low; bug #742922)
 	NOTE: Band-aid fix in Wheezy not applicable to upstream code, fixed post-Wheezy
@@ -3002,27 +3002,27 @@ CVE-2013-6424
 	NOTE: Mark the first post-wheezy xorg-server as a pseudo fixed version
 CVE-2013-6423
 	RESERVED
-CVE-2013-6422
+CVE-2013-6422 (The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling di ...)
 	{DSA-2824-1}
 	- curl 7.34.0-1
 	[squeeze] - curl <not-affected> (issue introduced with 59cf93cc, 7.21.4)
-CVE-2013-6421
+CVE-2013-6421 (The unpack_zip function in archive_unpacker.rb in the sprout gem 0.7.2 ...)
 	NOT-FOR-US: Ruby Gem sprout
-CVE-2013-6420
+CVE-2013-6420 (The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP befor ...)
 	{DSA-2816-1}
 	- php5 5.5.6+dfsg-2 (bug #731895)
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c1224573c773b6845e83505f717fbf820fc18415
-CVE-2013-6419
+CVE-2013-6419 (Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 ...)
 	- neutron 2013.2.1-1
 	- nova 2013.2.1-1
 	[wheezy] - nova <not-affected> (Only exploitable in combination in neutron, not in Wheezy)
 	NOTE: https://launchpad.net/bugs/1235450
-CVE-2013-6418
+CVE-2013-6418 (PyWBEM 0.7 and earlier uses a separate connection to validate X.509 ce ...)
 	- pywbem 0.8.0~dev650-1 (low; bug #732594)
 	[squeeze] - pywbem <no-dsa> (Minor issue)
 	[wheezy] - pywbem <no-dsa> (Minor issue)
 	NOTE: fix: https://bugzilla.redhat.com/attachment.cgi?id=851357
-CVE-2013-6417
+CVE-2013-6417 (actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before ...)
 	{DSA-2888-1}
 	- rails-4.0 4.0.2+dfsg-1 (bug #731290)
 	- rails-3.2 3.2.16-3+0
@@ -3031,13 +3031,13 @@ CVE-2013-6417
 	- rails <not-affected> (vulnerable code not present)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 	NOTE: CVE for incomplete fix for CVE-2013-0155
-CVE-2013-6416
+CVE-2013-6416 (Cross-site scripting (XSS) vulnerability in the simple_format helper i ...)
 	- rails-4.0 4.0.2+dfsg-1 (bug #731290)
 	- ruby-actionpack-3.2 <not-affected> (vulnerable code not present)
 	- ruby-actionpack-2.3 <not-affected> (vulnerable code not present)
 	- rails <not-affected> (vulnerable code not present)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-6415
+CVE-2013-6415 (Cross-site scripting (XSS) vulnerability in the number_to_currency hel ...)
 	{DSA-2888-1}
 	- rails-4.0 4.0.2+dfsg-1 (bug #731290)
 	- rails-3.2 3.2.16-3+0
@@ -3046,7 +3046,7 @@ CVE-2013-6415
 	[wheezy] - ruby-actionpack-2.3 <end-of-life>
 	- rails <not-affected> (vulnerable code not present)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-6414
+CVE-2013-6414 (actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on ...)
 	{DSA-2888-1}
 	- rails-4.0 4.0.2+dfsg-1 (bug #731290)
 	- rails-3.2 3.2.16-3+0
@@ -3054,32 +3054,32 @@ CVE-2013-6414
 	- ruby-actionpack-2.3 <not-affected> (vulnerable code not present)
 	- rails <not-affected> (vulnerable code not present)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-6413
+CVE-2013-6413 (Use-after-free vulnerability in UnrealIRCd 3.2.10 before 3.2.10.2 allo ...)
 	- unrealircd <itp> (bug #515130)
 	NOTE: http://forums.unrealircd.com/viewtopic.php?f=2&t=8221
-CVE-2013-6412
+CVE-2013-6412 (The transform_save function in transform.c in Augeas 1.0.0 through 1.1 ...)
 	{DLA-28-1}
 	- augeas 1.2.0-0.1 (bug #731111)
 	[wheezy] - augeas <not-affected> (Affected patch not present/applied)
 	[squeeze] - augeas <not-affected> (Affected patch not present/applied)
 	NOTE: only if applied original patch for CVE-2012-0786
-CVE-2013-6411
+CVE-2013-6411 (The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3. ...)
 	- openttd 1.3.3-1 (low)
 	[squeeze] - openttd 1.0.4-7
 	[wheezy] - openttd 1.2.1-3
 	NOTE: http://bugs.openttd.org/task/5820
-CVE-2013-6410
+CVE-2013-6410 (nbd-server in Network Block Device (nbd) before 3.5 does not properly  ...)
 	{DSA-2806-1}
 	- nbd 1:3.5-1
 	NOTE: http://anonscm.debian.org/gitweb/?p=users/wouter/nbd.git;a=commitdiff;h=0e9bd98c44dd94d9ede92655a36849fbc8cbf5b9
-CVE-2013-6409
+CVE-2013-6409 (Debian adequate before 0.8.1, when run by root with the --user option, ...)
 	- adequate 0.8.1 (bug #730691)
 	NOTE: https://bitbucket.org/jwilk/adequate/commits/94e5fc5d810057bffb673501ed809f7c2dabd9ee
-CVE-2013-6408
+CVE-2013-6408 (The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does no ...)
 	{DSA-2963-1}
 	- lucene-solr 3.6.2+dfsg-2 (bug #731113)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-4881
-CVE-2013-6407
+CVE-2013-6407 (The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remo ...)
 	{DSA-2963-1}
 	- lucene-solr 3.6.2+dfsg-2 (bug #731113)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-3895
@@ -3087,41 +3087,41 @@ CVE-2013-6406
 	REJECTED
 CVE-2013-6405
 	REJECTED
-CVE-2013-6404
+CVE-2013-6404 (Quassel core (server daemon) in Quassel IRC before 0.9.2 does not prop ...)
 	- quassel 0.9.2-1 (low)
 	[wheezy] - quassel 0.8.0-1+deb7u1
 	[squeeze] - quassel <no-dsa> (Minor issue)
 	NOTE: https://github.com/quassel/quassel/commit/a1a24da
-CVE-2013-6403
+CVE-2013-6403 (The admin page in ownCloud before 5.0.13 allows remote attackers to by ...)
 	- owncloud 5.0.13+dfsg-1
-CVE-2013-6402
+CVE-2013-6402 (base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11  ...)
 	{DSA-2829-1}
 	- hplip 3.13.11-2.1 (bug #725876)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=852368
-CVE-2013-6401
+CVE-2013-6401 (Jansson, possibly 2.4 and earlier, does not restrict the ability to tr ...)
 	- jansson 2.6-1 (bug #738647)
 	[wheezy] - jansson <no-dsa> (Minor issue)
-CVE-2013-6400
+CVE-2013-6400 (Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been a ...)
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (4.2.x and later are vulnerable)
 	[squeeze] - xen <not-affected> (4.2.x and later are vulnerable)
-CVE-2013-6399
+CVE-2013-6399 (Array index error in the virtio_load function in hw/virtio/virtio.c in ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-6398
+CVE-2013-6398 (The virtual router in Apache CloudStack before 4.2.1 does not preserve ...)
 	NOT-FOR-US: Apache CloudStack
-CVE-2013-6397
+CVE-2013-6397 (Directory traversal vulnerability in SolrResourceLoader in Apache Solr ...)
 	{DSA-2963-1}
 	- lucene-solr 3.6.2+dfsg-2 (bug #731113)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-4882
-CVE-2013-6396
+CVE-2013-6396 (The OpenStack Python client library for Swift (python-swiftclient) 1.0 ...)
 	- python-swiftclient 1:2.0.2-1 (bug #730626)
 	NOTE: https://bugs.launchpad.net/python-swiftclient/+bug/1199783
-CVE-2013-6395
+CVE-2013-6395 (Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web  ...)
 	- ganglia-web <unfixed> (unimportant; bug #730507)
 	[squeeze] - ganglia <not-affected> (Vulnerable code not present)
 	NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone, #702776
@@ -3130,61 +3130,61 @@ CVE-2013-6395
 	NOTE: ganglia-web and ganglia are now two separate source packages
 	NOTE: starting with 3.6.0-1 the web front is no longer built from src:ganglia so marking this version as fixed
 	NOTE: https://github.com/ganglia/ganglia-web/issues/218
-CVE-2013-6394
+CVE-2013-6394 (Percona XtraBackup before 2.1.6 uses a constant string for the initial ...)
 	- percona-xtrabackup 2.1.6-2 (bug #730544)
-CVE-2013-6393
+CVE-2013-6393 (The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0 ...)
 	{DSA-2870-1 DSA-2850-1}
 	- libyaml 0.1.4-3 (bug #737076)
 	- libyaml-libyaml-perl 0.41-4
-CVE-2013-6392
+CVE-2013-6392 (The genlock_dev_ioctl function in genlock.c in the Genlock driver for  ...)
 	- linux-2.6 <not-affected> (Android-specific)
 	- linux <not-affected> (Android-specific)
 	NOTE: https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625&h=jb_3.2.3
-CVE-2013-6391
+CVE-2013-6391 (The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013. ...)
 	- keystone 2013.2.1-1 (bug #731981)
 	[wheezy] - keystone <not-affected> (vulnerable code not present)
 	NOTE: https://launchpad.net/bugs/1242597
 CVE-2013-6390
 	RESERVED
-CVE-2013-6389
+CVE-2013-6389 (Open redirect vulnerability in the Overlay module in Drupal 7.x before ...)
 	{DSA-2804-1}
 	- drupal7 7.24-1
-CVE-2013-6388
+CVE-2013-6388 (Cross-site scripting (XSS) vulnerability in the Color module in Drupal ...)
 	{DSA-2804-1}
 	- drupal7 7.24-1
-CVE-2013-6387
+CVE-2013-6387 (Cross-site scripting (XSS) vulnerability in the Image module in Drupal ...)
 	{DSA-2804-1}
 	- drupal7 7.24-1
-CVE-2013-6386
+CVE-2013-6386 (Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mt_rand functi ...)
 	{DSA-2828-1 DSA-2804-1}
 	- drupal6 <removed>
 	- drupal7 7.24-1
 	NOTE: https://drupal.org/SA-CORE-2013-003
-CVE-2013-6385
+CVE-2013-6385 (The form API in Drupal 6.x before 6.29 and 7.x before 7.24, when used  ...)
 	{DSA-2828-1 DSA-2804-1}
 	- drupal6 <removed>
 	- drupal7 7.24-1
 	NOTE: https://drupal.org/SA-CORE-2013-003
-CVE-2013-6384
+CVE-2013-6384 ((1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 ...)
 	- ceilometer 2013.2-4 (bug #730227)
-CVE-2013-6383
+CVE-2013-6383 (The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the L ...)
 	{DSA-2906-1}
 	- linux-2.6 <removed>
 	[wheezy] - linux 3.2.53-1
 	- linux 3.11.8-1
 	NOTE: https://git.kernel.org/linus/f856567b930dfcdbc3323261bf77240ccdde01f5
-CVE-2013-6382
+CVE-2013-6382 (Multiple buffer underflows in the XFS implementation in the Linux kern ...)
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.11.10-1 (low)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-6381
+CVE-2013-6381 (Buffer overflow in the qeth_snmp_command function in drivers/s390/net/ ...)
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.11.10-1 (low)
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://git.kernel.org/linus/6fb392b1a63ae36c31f62bc3fc8630b49d602b62
-CVE-2013-6380
+CVE-2013-6380 (The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in th ...)
 	{DSA-2906-1}
 	- linux-2.6 <removed>
 	- linux 3.11.10-1
@@ -3192,7 +3192,7 @@ CVE-2013-6380
 	NOTE: https://git.kernel.org/linus/b4789b8e6be3151a955ade74872822f30e8cd914
 CVE-2013-6379
 	REJECTED
-CVE-2013-6378
+CVE-2013-6378 (The lbs_debugfs_write function in drivers/net/wireless/libertas/debugf ...)
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.11.10-1 (low)
@@ -3200,39 +3200,39 @@ CVE-2013-6378
 	NOTE: https://git.kernel.org/linus/a497e47d4aec37aaf8f13509f3ef3d1f6a717d88
 CVE-2013-6377
 	REJECTED
-CVE-2013-6376
+CVE-2013-6376 (The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM s ...)
 	- linux 3.12.5-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 	- linux-2.6 <not-affected> (Introduced in 3.7)
-CVE-2013-6375
+CVE-2013-6375 (Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does n ...)
 	- xen 4.4.0-1 (bug #730254)
 	[squeeze] - xen <not-affected> (Only affects >= 4.2)
 	[wheezy] - xen <not-affected> (Only affects >= 4.2)
-CVE-2013-6374
+CVE-2013-6374 (Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer ...)
 	- jenkins <not-affected> (Affected plugins are not shipped in Debian, bug #730457)
-CVE-2013-6373
+CVE-2013-6373 (The Exclusion plugin before 0.9 for Jenkins does not properly prevent  ...)
 	- jenkins <not-affected> (Affected plugins are not shipped in Debian, bug #730457)
-CVE-2013-6372
+CVE-2013-6372 (The Subversion plugin before 1.54 for Jenkins stores credentials using ...)
 	- jenkins <not-affected> (Affected plugins are not shipped in Debian, bug #730457)
-CVE-2013-6371
+CVE-2013-6371 (The hash functionality in json-c before 0.12 allows context-dependent  ...)
 	- json-c 0.11-4 (bug #744008)
 	[wheezy] - json-c <no-dsa> (Minor issue)
 	[squeeze] - json-c <no-dsa> (Minor issue)
 	NOTE: https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015
-CVE-2013-6370
+CVE-2013-6370 (Buffer overflow in the printbuf APIs in json-c before 0.12 allows remo ...)
 	- json-c 0.11-4 (bug #744008)
 	[wheezy] - json-c <no-dsa> (Minor issue)
 	[squeeze] - json-c <no-dsa> (Minor issue)
 	NOTE: https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015
-CVE-2013-6369
+CVE-2013-6369 (Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig ...)
 	{DSA-2900-1}
 	- jbigkit 2.0-2.1 (bug #743960)
-CVE-2013-6368
+CVE-2013-6368 (The KVM subsystem in the Linux kernel through 3.12.5 allows local user ...)
 	- linux 3.12.5-1
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport, KVM server not supported in squeeze-lts)
 	- linux-2.6 <removed>
 	[wheezy] - linux 3.2.54-1
-CVE-2013-6367
+CVE-2013-6367 (The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsyst ...)
 	{DSA-2906-1}
 	- linux 3.12.5-1
 	- linux-2.6 <removed>
@@ -3245,14 +3245,14 @@ CVE-2013-6361
 	RESERVED
 CVE-2013-6360
 	RESERVED
-CVE-2013-6359
+CVE-2013-6359 (Munin::Master::Node in Munin before 2.0.18 allows remote attackers to  ...)
 	{DSA-2815-1 DLA-20-1}
 	- munin 2.0.18-1
 	[squeeze] - munin 1.4.5-3+deb6u1
 	NOTE: http://munin-monitoring.org/ticket/1397
 CVE-2013-6358
 	RESERVED
-CVE-2013-6357
+CVE-2013-6357 (** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the  ...)
 	NOT-FOR-US: Disputed non-issue in Tomcat
 CVE-2013-6356
 	REJECTED
@@ -3268,26 +3268,26 @@ CVE-2013-6351
 	RESERVED
 CVE-2013-6350
 	RESERVED
-CVE-2013-6349
+CVE-2013-6349 (McAfee Email Gateway (MEG) 7.0 before 7.0.4 and 7.5 before 7.5.1 allow ...)
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2013-6348
+CVE-2013-6348 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2 ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.15.3)
 	NOTE: https://issues.apache.org/jira/browse/WW-4213
-CVE-2013-6347
+CVE-2013-6347 (Session fixation vulnerability in Novell ZENworks Configuration Manage ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-6346
+CVE-2013-6346 (Cross-site request forgery (CSRF) vulnerability in the ZCC page in Nov ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-6345
+CVE-2013-6345 (Unspecified vulnerability in the ZCC page in Novell ZENworks Configura ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-6344
+CVE-2013-6344 (The ZCC page in Novell ZENworks Configuration Management (ZCM) before  ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-6343
+CVE-2013-6343 (Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT ...)
 	NOT-FOR-US: ASUS Router
-CVE-2013-6342
+CVE-2013-6342 (Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin b ...)
 	NOT-FOR-US: Tweet Blender plugin for WP
-CVE-2013-6341
+CVE-2013-6341 (SQL injection vulnerability in Dokeos 2.2 RC2 and earlier allows remot ...)
 	NOT-FOR-US: Dokeos
-CVE-2013-6366
+CVE-2013-6366 (The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote aut ...)
 	NOT-FOR-US: VMware Hyperic HQ
 CVE-2013-6365 [CSRF edit.php]
 	RESERVED
@@ -3304,103 +3304,103 @@ CVE-2013-6364 [XSS and CSRF search.php]
 	- turba2 <removed>
 	[squeeze] - turba2 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/horde/horde/commit/74f9add4ad86c29b608270e33b17426163b3c8cf
-CVE-2013-6340
+CVE-2013-6340 (epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x b ...)
 	{DSA-2792-1}
 	- wireshark 1.10.3-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9263
-CVE-2013-6339
+CVE-2013-6339 (The dissect_openwire_type function in epan/dissectors/packet-openwire. ...)
 	{DLA-497-1}
 	- wireshark 1.10.3-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (OpenWire dissector introduced in 1.8.0)
 	NOTE: Not suitable for code injection
-CVE-2013-6338
+CVE-2013-6338 (The dissect_sip_common function in epan/dissectors/packet-sip.c in the ...)
 	{DSA-2792-1}
 	- wireshark 1.10.3-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9228
-CVE-2013-6337
+CVE-2013-6337 (Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x bef ...)
 	{DSA-2792-1}
 	- wireshark 1.10.3-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9168 not accessible
-CVE-2013-6336
+CVE-2013-6336 (The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c ...)
 	{DSA-2792-1}
 	- wireshark 1.10.3-1
 	[squeeze] - wireshark <not-affected> (code introduced in 1.6.0)
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=52036
-CVE-2013-6335
+CVE-2013-6335 (The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Spac ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2013-6334
+CVE-2013-6334 (IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, ...)
 	NOT-FOR-US: IBM
-CVE-2013-6333
+CVE-2013-6333 (Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in M ...)
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6332
+CVE-2013-6332 (Unrestricted file upload vulnerability in IBM Algo One UDS 4.7.0 throu ...)
 	NOT-FOR-US: IBM Algo One UDS
-CVE-2013-6331
+CVE-2013-6331 (SQL injection vulnerability in IBM Algo One, as used in MetaData Manag ...)
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6330
+CVE-2013-6330 (IBM WebSphere Application Server 7.x before 7.0.0.31, when simpleFileS ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-6329
+CVE-2013-6329 (IBM Global Security Kit (aka GSKit), as used in Content Manager OnDema ...)
 	NOT-FOR-US: IBM Global Security Kit
-CVE-2013-6328
+CVE-2013-6328 (Cross-site scripting (XSS) vulnerability in the Web Content Manager (W ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-6327
+CVE-2013-6327 (Cross-site scripting (XSS) vulnerability in the HTTP Option in IBM Ste ...)
 	NOT-FOR-US: IBM
 CVE-2013-6326
 	RESERVED
-CVE-2013-6325
+CVE-2013-6325 (IBM WebSphere Application Server 7.x before 7.0.0.31, 8.0.x before 8.0 ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2013-6324
 	RESERVED
-CVE-2013-6323
+CVE-2013-6323 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-6322
+CVE-2013-6322 (Cross-site scripting (XSS) vulnerability in Sterling Order Management  ...)
 	NOT-FOR-US: IBM Sterling Selling and Fulfillment Suite
-CVE-2013-6321
+CVE-2013-6321 (SQL injection vulnerability in IBM Atlas eDiscovery Process Management ...)
 	NOT-FOR-US: IBM Atlas eDiscovery Process Management
-CVE-2013-6320
+CVE-2013-6320 (Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in M ...)
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6319
+CVE-2013-6319 (IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 throug ...)
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6318
+CVE-2013-6318 (Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in M ...)
 	NOT-FOR-US: IBM Algo One
 CVE-2013-6317
 	RESERVED
-CVE-2013-6316
+CVE-2013-6316 (IBM WebSphere Portal 7.0.0.x before 7.0.0.2 CF26 and 8.0.0.x before 8. ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-6315
+CVE-2013-6315 (IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and E ...)
 	NOT-FOR-US: IBM InfoSphere Enterprise Records
-CVE-2013-6314
+CVE-2013-6314 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Enterprise  ...)
 	NOT-FOR-US: IBM InfoSphere Enterprise Records
 CVE-2013-6313
 	RESERVED
-CVE-2013-6312
+CVE-2013-6312 (Unspecified vulnerability in IBM Rational Service Tester 8.3.x and 8.5 ...)
 	NOT-FOR-US: IBM
-CVE-2013-6311
+CVE-2013-6311 (SQL injection vulnerability in IBM Marketing Platform 9.1 before FP2 a ...)
 	NOT-FOR-US: IBM Marketing Platform
-CVE-2013-6310
+CVE-2013-6310 (Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 9.1 ...)
 	NOT-FOR-US: IBM Marketing Platform
-CVE-2013-6309
+CVE-2013-6309 (IBM Marketing Platform 9.1 before FP2 allows remote authenticated user ...)
 	NOT-FOR-US: IBM Marketing Platform
-CVE-2013-6308
+CVE-2013-6308 (IBM Marketing Platform 9.1 before FP2 allows remote authenticated user ...)
 	NOT-FOR-US: IBM Marketing Platform
-CVE-2013-6307
+CVE-2013-6307 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7 ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2013-6306
+CVE-2013-6306 (Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01A ...)
 	NOT-FOR-US: IBM Power 7
-CVE-2013-6305
+CVE-2013-6305 (IBM Platform Symphony 5.2 before build 229037 and 6.1.0.1 before build ...)
 	NOT-FOR-US: IBM Platform Symphony
-CVE-2013-6304
+CVE-2013-6304 (Multiple directory traversal vulnerabilities in Algo Risk Application  ...)
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6303
+CVE-2013-6303 (Directory traversal vulnerability in IBM Algo One, as used in MetaData ...)
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6302
+CVE-2013-6302 (SQL injection vulnerability in IBM Algo One, as used in MetaData Manag ...)
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6301
+CVE-2013-6301 (Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in M ...)
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6300
+CVE-2013-6300 (Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in M ...)
 	NOT-FOR-US: IBM Algo One
-CVE-2013-6299
+CVE-2013-6299 (Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in M ...)
 	NOT-FOR-US: IBM Algo One
 CVE-2013-6298
 	RESERVED
@@ -3424,21 +3424,21 @@ CVE-2013-6287
 	RESERVED
 CVE-2013-6286
 	RESERVED
-CVE-2013-6284
+CVE-2013-6284 (Unspecified vulnerability in the Statutory Reporting for Insurance (FS ...)
 	NOT-FOR-US: Financial Services module for SAP ERP Central Component
-CVE-2013-6283
+CVE-2013-6283 (VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to ...)
 	- vlc 2.1.0-2 (unimportant)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: User-assisted DoS for X session (freezes window manager) in 2.0.3-5
-CVE-2013-6282
+CVE-2013-6282 (The (1) get_user and (2) put_user API functions in the Linux kernel be ...)
 	- linux 3.6.4-1~experimental.1
 	- linux-2.6 <not-affected> (Introduced in 2.6.38)
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://www.codeaurora.org/projects/security-advisories/missing-access-checks-putusergetuser-kernel-api-cve-2013-6282
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/arm/include/asm/uaccess.h?id=8404663f81d212918ff85f493649a7991209fa04
-CVE-2013-6281
+CVE-2013-6281 (Cross-site scripting (XSS) vulnerability in codebase/spreadsheet.php i ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2013-6280
+CVE-2013-6280 (Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit plu ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2013-6279
 	RESERVED
@@ -3452,9 +3452,9 @@ CVE-2013-6274
 	RESERVED
 CVE-2013-6273
 	RESERVED
-CVE-2013-6272
+CVE-2013-6272 (The NotificationBroadcastReceiver class in the com.android.phone proce ...)
 	NOT-FOR-US: Android
-CVE-2013-6271
+CVE-2013-6271 (Android 4.0 through 4.3 allows attackers to bypass intended access res ...)
 	NOT-FOR-US: Android
 CVE-2013-6270
 	RESERVED
@@ -3462,7 +3462,7 @@ CVE-2013-6269
 	RESERVED
 CVE-2013-6268
 	RESERVED
-CVE-2013-6267
+CVE-2013-6267 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline befor ...)
 	NOT-FOR-US: Claroline
 CVE-2013-6266
 	REJECTED
@@ -3504,17 +3504,17 @@ CVE-2013-6248
 	REJECTED
 CVE-2013-6247
 	REJECTED
-CVE-2013-6246
+CVE-2013-6246 (The Dell Quest One Password Manager, possibly 5.0, allows remote attac ...)
 	NOT-FOR-US: Dell Quest One Password Manager
-CVE-2013-6245
+CVE-2013-6245 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (AS ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6244
+CVE-2013-6244 (The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2013-6289
+CVE-2013-6289 (Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3  ...)
 	NOT-FOR-US: TYPO3 extension Apache Solr
-CVE-2013-6288
+CVE-2013-6288 (Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extensio ...)
 	NOT-FOR-US: TYPO3 extension Apache Solr
-CVE-2013-6285
+CVE-2013-6285 (The search component in the Treasurer application in Tyler Technologie ...)
 	NOT-FOR-US: Tyler Technologies TaxWeb
 CVE-2013-6275 [CSRF]
 	RESERVED
@@ -3523,7 +3523,7 @@ CVE-2013-6275 [CSRF]
 CVE-2013-6242
 	RESERVED
 	NOT-FOR-US: Open-Xchange
-CVE-2013-6241
+CVE-2013-6241 (The Birthday widget in the backend in Open-Xchange (OX) AppSuite 7.2.x ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2013-6240
 	RESERVED
@@ -3531,110 +3531,110 @@ CVE-2013-6239
 	RESERVED
 CVE-2013-6238
 	RESERVED
-CVE-2013-6237
+CVE-2013-6237 (The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 an ...)
 	NOT-FOR-US: ISL Light
 CVE-2013-6236
 	RESERVED
 	NOT-FOR-US: Stem Innovations IZON
-CVE-2013-6235
+CVE-2013-6235 (Multiple cross-site scripting (XSS) vulnerabilities in JAMon (Java App ...)
 	- libjamon-java <not-affected> (jamon.war/JAMon web apps gets excluded by debian/orig-tar.sh)
 	NOTE: http://seclists.org/bugtraq/2014/Jan/92
 CVE-2013-6234
 	RESERVED
 	NOT-FOR-US: SpagoBI
-CVE-2013-6233
+CVE-2013-6233 (Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows  ...)
 	NOT-FOR-US: SpagoBI
-CVE-2013-6232
+CVE-2013-6232 (Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows  ...)
 	NOT-FOR-US: SpagoBI
 CVE-2013-6231
 	RESERVED
 	NOT-FOR-US: SpagoBI
-CVE-2013-6230
+CVE-2013-6230 (The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in  ...)
 	- bind9 <not-affected> (Affects only Windows systems)
 	NOTE: https://kb.isc.org/article/AA-01062
-CVE-2013-6229
+CVE-2013-6229 (Multiple cross-site scripting (XSS) vulnerabilities in Atmail Webmail  ...)
 	- atmailopen <removed>
 CVE-2013-6228
 	RESERVED
-CVE-2013-6227
+CVE-2013-6227 (Unrestricted file upload vulnerability in plugins/editor.zoho/agent/sa ...)
 	NOT-FOR-US: Zoho plugin in Pydio (AjaXplorer)
-CVE-2013-6226
+CVE-2013-6226 (Directory traversal vulnerability in plugins/editor.zoho/agent/save_zo ...)
 	NOT-FOR-US: Pydio (AjaXplorer) Zoho Editor plugin
 CVE-2013-6225
 	RESERVED
-CVE-2013-6224
+CVE-2013-6224 (Multiple cross-site scripting (XSS) vulnerabilities in LiveZilla befor ...)
 	NOT-FOR-US: Livezilla
-CVE-2013-6223
+CVE-2013-6223 (LiveZilla before 5.1.1.0 stores the admin Base64 encoded username and  ...)
 	NOT-FOR-US: Livezilla
-CVE-2013-6222
+CVE-2013-6222 (Cross-site scripting (XSS) vulnerability in the Mobility Web Client an ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2013-6221
+CVE-2013-6221 (Directory traversal vulnerability in CommunicationServlet in HP Servic ...)
 	NOT-FOR-US: HP Service Virtualization
-CVE-2013-6220
+CVE-2013-6220 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i  ...)
 	NOT-FOR-US: HP
-CVE-2013-6219
+CVE-2013-6219 (Unspecified vulnerability in HP HP-UX Whitelisting (aka WLI) before A. ...)
 	NOT-FOR-US: HP-UX
-CVE-2013-6218
+CVE-2013-6218 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9. ...)
 	NOT-FOR-US: HP
 CVE-2013-6217
 	REJECTED
-CVE-2013-6216
+CVE-2013-6216 (Unspecified vulnerability in HP Array Configuration Utility, Array Dia ...)
 	NOT-FOR-US: HP
-CVE-2013-6215
+CVE-2013-6215 (Unspecified vulnerability in the Integration Service in HP Universal C ...)
 	NOT-FOR-US: HP Universal Configuration Management Database Integration Service
-CVE-2013-6214
+CVE-2013-6214 (Unspecified vulnerability in the Integration Service in HP Universal C ...)
 	NOT-FOR-US: HP
-CVE-2013-6213
+CVE-2013-6213 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner b ...)
 	NOT-FOR-US: HP
-CVE-2013-6212
+CVE-2013-6212 (Unspecified vulnerability in HP Database and Middleware Automation 10. ...)
 	NOT-FOR-US: HP
-CVE-2013-6211
+CVE-2013-6211 (Unspecified vulnerability in HP StoreOnce Virtual Storage Appliance (V ...)
 	NOT-FOR-US: HP StoreOnce
-CVE-2013-6210
+CVE-2013-6210 (Unspecified vulnerability in HP Unified Functional Testing before 12.0 ...)
 	NOT-FOR-US: HP Unified Functional Testing
-CVE-2013-6209
+CVE-2013-6209 (Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP HP-U ...)
 	NOT-FOR-US: NFS subsystem in HP HP-UX
-CVE-2013-6208
+CVE-2013-6208 (Unspecified vulnerability in HP Smart Update Manager 5.3.5 before buil ...)
 	NOT-FOR-US: HP Smart Update Manager
-CVE-2013-6207
+CVE-2013-6207 (Unspecified vulnerability in the loadFileContents function in the SOAP ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2013-6206
+CVE-2013-6206 (Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and Insigh ...)
 	NOT-FOR-US: HP
-CVE-2013-6205
+CVE-2013-6205 (Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and Insigh ...)
 	NOT-FOR-US: HP
-CVE-2013-6204
+CVE-2013-6204 (The Web Console in HP Application Information Optimizer (formerly HP D ...)
 	NOT-FOR-US: HP Application Information Optimizer
-CVE-2013-6203
+CVE-2013-6203 (The Web Console in HP Application Information Optimizer (formerly HP D ...)
 	NOT-FOR-US: HP Application Information Optimizer
-CVE-2013-6202
+CVE-2013-6202 (Multiple cross-site request forgery (CSRF) vulnerabilities in HP Servi ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2013-6201
+CVE-2013-6201 (Unspecified vulnerability in HP Security Management System 3.3.0, 3.5. ...)
 	NOT-FOR-US: HP Security Management System
-CVE-2013-6200
+CVE-2013-6200 (Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows ...)
 	NOT-FOR-US: HP-UX
 CVE-2013-6199
 	REJECTED
-CVE-2013-6198
+CVE-2013-6198 (Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier ...)
 	NOT-FOR-US: HP Service Manager WebTier and Windows Client
-CVE-2013-6197
+CVE-2013-6197 (Unspecified vulnerability in HP Service Manager WebTier and Windows Cl ...)
 	NOT-FOR-US: HP Service Manager WebTier and Windows Client
-CVE-2013-6196
+CVE-2013-6196 (Cross-site scripting (XSS) vulnerability in HP Autonomy Ultraseek 5 al ...)
 	NOT-FOR-US: HP Autonomy Ultraseek
-CVE-2013-6195
+CVE-2013-6195 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows rem ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2013-6194
+CVE-2013-6194 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows rem ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2013-6193
+CVE-2013-6193 (Unspecified vulnerability on HP LaserJet M1522n and M2727; LaserJet Pr ...)
 	NOT-FOR-US: HP Printers
-CVE-2013-6192
+CVE-2013-6192 (Cross-site request forgery (CSRF) vulnerability in HP Operations Orche ...)
 	NOT-FOR-US: HP Operations Orchestration
-CVE-2013-6191
+CVE-2013-6191 (Cross-site scripting (XSS) vulnerability in HP Operations Orchestratio ...)
 	NOT-FOR-US: HP Operations Orchestration
 CVE-2013-6190
 	REJECTED
-CVE-2013-6189
+CVE-2013-6189 (Unspecified vulnerability in the Archive Query Server in HP Applicatio ...)
 	NOT-FOR-US: HP Application Information Optimizer
-CVE-2013-6188
+CVE-2013-6188 (Cross-site request forgery (CSRF) vulnerability in HP System Managemen ...)
 	NOT-FOR-US: HP System Management Homepage
 CVE-2013-6187
 	REJECTED
@@ -3646,50 +3646,50 @@ CVE-2013-6184
 	REJECTED
 CVE-2013-6183
 	REJECTED
-CVE-2013-6182
+CVE-2013-6182 (Unquoted Windows search path vulnerability in EMC Replication Manager  ...)
 	NOT-FOR-US: EMC Replication Manager
-CVE-2013-6181
+CVE-2013-6181 (EMC Watch4Net before 6.3 stores cleartext polled-device passwords in t ...)
 	NOT-FOR-US: EMC Watch4net
-CVE-2013-6180
+CVE-2013-6180 (EMC RSA Security Analytics (SA) 10.x before 10.3, and RSA NetWitness N ...)
 	NOT-FOR-US: RSA Security Analytics
 CVE-2013-6179
 	REJECTED
-CVE-2013-6178
+CVE-2013-6178 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer  ...)
 	NOT-FOR-US: EMC RSA Archer GRC
-CVE-2013-6177
+CVE-2013-6177 (Directory traversal vulnerability in EMC Document Sciences xPression 4 ...)
 	NOT-FOR-US: EMC
-CVE-2013-6176
+CVE-2013-6176 (Multiple SQL injection vulnerabilities in EMC Document Sciences xPress ...)
 	NOT-FOR-US: EMC
-CVE-2013-6175
+CVE-2013-6175 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Document Sc ...)
 	NOT-FOR-US: EMC
-CVE-2013-6174
+CVE-2013-6174 (Multiple open redirect vulnerabilities in xAdmin in EMC Document Scien ...)
 	NOT-FOR-US: EMC
-CVE-2013-6173
+CVE-2013-6173 (Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Docu ...)
 	NOT-FOR-US: EMC
-CVE-2013-6172
+CVE-2013-6172 (steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x  ...)
 	{DSA-2787-1}
 	- roundcube 0.9.4-1.1 (bug #727668)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://web.archive.org/web/20160304042345/http://roundcube.net/news/2013/10/21/security-updates-095-and-087/
 	NOTE: http://trac.roundcube.net/ticket/1489382
-CVE-2013-6171
+CVE-2013-6171 (checkpassword-reply in Dovecot before 2.2.7 performs setuid operations ...)
 	- dovecot 1:2.2.9-1 (low; bug #729063)
 	[wheezy] - dovecot <no-dsa> (Minor issue)
 	[squeeze] - dovecot <no-dsa> (Minor issue)
-CVE-2013-6170
+CVE-2013-6170 (Juniper Junos 10.0 before 10.0S28, 10.4 before 10.4R7, 11.1 before 11. ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-6169
+CVE-2013-6169 (The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) we ...)
 	{DSA-2775-1}
 	- ejabberd 2.1.11-1 (bug #722105)
-CVE-2013-6168
+CVE-2013-6168 (Cross-site scripting (XSS) vulnerability in Zikula Application Framewo ...)
 	NOT-FOR-US: Zikula
 CVE-2013-6165
 	RESERVED
-CVE-2013-6164
+CVE-2013-6164 (SQL injection vulnerability in view/objectDetail.php in Project'Or RIA ...)
 	NOT-FOR-US: Project'Or RIA
-CVE-2013-6163
+CVE-2013-6163 (Multiple cross-site scripting (XSS) vulnerabilities in ProjeQtOr (form ...)
 	NOT-FOR-US: Project'Or RIA
-CVE-2013-6162
+CVE-2013-6162 (Cross-site scripting (XSS) vulnerability in Code-Crafters Ability Mail ...)
 	NOT-FOR-US: Code-Crafters Ability Mail Server
 CVE-2013-6161
 	REJECTED
@@ -3727,11 +3727,11 @@ CVE-2013-6145
 	REJECTED
 CVE-2013-6144
 	REJECTED
-CVE-2013-6143
+CVE-2013-6143 (The Schneider Electric Telvent SAGE 3030 RTU with firmware C3413-500-0 ...)
 	NOT-FOR-US: Schneider Electric Telvent SAGE 3030 RTU
-CVE-2013-6142
+CVE-2013-6142 (DNP3Driver.exe in the DNP3 driver in Schneider Electric ClearSCADA 201 ...)
 	NOT-FOR-US: Schneider Electric ClearSCADA
-CVE-2013-6141
+CVE-2013-6141 (Unspecified vulnerability in op5 Monitor before 6.1.3 allows attackers ...)
 	NOT-FOR-US: op5
 CVE-2013-6140
 	RESERVED
@@ -3755,19 +3755,19 @@ CVE-2013-6131
 	RESERVED
 CVE-2013-6130
 	RESERVED
-CVE-2013-6128
+CVE-2013-6128 (The KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before 65.30. ...)
 	NOT-FOR-US: WellinTech KingView
-CVE-2013-6127
+CVE-2013-6127 (The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65. ...)
 	NOT-FOR-US: WellinTech KingView
 CVE-2013-6126
 	REJECTED
 CVE-2013-6125
 	REJECTED
-CVE-2013-6124
+CVE-2013-6124 (The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Foru ...)
 	NOT-FOR-US: Qualcomm (Android)
-CVE-2013-6123
+CVE-2013-6123 (Multiple array index errors in drivers/media/video/msm/server/msm_cam_ ...)
 	NOT-FOR-US: Android Linux kernel
-CVE-2013-6122
+CVE-2013-6122 (goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux ker ...)
 	NOT-FOR-US: Goodix gt915 Android touchscreen driver
 CVE-2013-6121
 	RESERVED
@@ -3777,19 +3777,19 @@ CVE-2013-6119
 	RESERVED
 CVE-2013-6118
 	RESERVED
-CVE-2013-6117
+CVE-2013-6117 (Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to byp ...)
 	NOT-FOR-US: Dahua DVR
 CVE-2013-6116
 	RESERVED
 CVE-2013-6115
 	RESERVED
-CVE-2013-6114
+CVE-2013-6114 (Integer overflow in the OZDocument::parseElement function in Apple Mot ...)
 	NOT-FOR-US: Apple Motion
 CVE-2013-6113
 	RESERVED
 CVE-2013-6112
 	RESERVED
-CVE-2013-6111
+CVE-2013-6111 (Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0 ...)
 	NOT-FOR-US: mod_pagespeed
 CVE-2013-6110
 	RESERVED
@@ -3853,20 +3853,20 @@ CVE-2013-6081
 	REJECTED
 CVE-2013-6080
 	REJECTED
-CVE-2013-6079
+CVE-2013-6079 (Buffer overflow in MostGear Soft Easy LAN Folder Share 3.2.0.100 allow ...)
 	NOT-FOR-US: MostGear Soft Easy LAN Folder Share
-CVE-2013-6078
+CVE-2013-6078 (The default configuration of EMC RSA BSAFE Toolkits and RSA Data Prote ...)
 	NOT-FOR-US: EMC RSA
-CVE-2013-6077
+CVE-2013-6077 (Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not pro ...)
 	NOT-FOR-US: Citrix XenDesktop
-CVE-2013-6076
+CVE-2013-6076 (strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a deni ...)
 	- strongswan 5.1.0-3
 	[squeeze] - strongswan <not-affected> (Vulnerable Code not present, introduced by upstream commit 30216000d3752026127c2f91470ce165ab3d3926)
 	[wheezy] - strongswan <not-affected> (Vulnerable Code not present, introduced by upstream commit 30216000d3752026127c2f91470ce165ab3d3926)
-CVE-2013-6075
+CVE-2013-6075 (The compare_dn function in utils/identification.c in strongSwan 4.3.3  ...)
 	{DSA-2789-1}
 	- strongswan 5.1.0-3
-CVE-2013-6074
+CVE-2013-6074 (Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2013-6073
 	RESERVED
@@ -3888,16 +3888,16 @@ CVE-2013-6065
 	RESERVED
 CVE-2013-6064
 	RESERVED
-CVE-2013-6243
+CVE-2013-6243 (SQL injection vulnerability in the Landing Pages plugin 1.2.3, before  ...)
 	NOT-FOR-US: WordPress Landing Pages Plugin
-CVE-2013-6167
+CVE-2013-6167 (Mozilla Firefox through 27 sends HTTP Cookie headers without first val ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=858215
-CVE-2013-6166
+CVE-2013-6166 (Google Chrome before 29 sends HTTP Cookie headers without first valida ...)
 	- chromium-browser 31.0.1650.57-1 (low)
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=238041
-CVE-2013-6129
+CVE-2013-6129 (The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote at ...)
 	NOT-FOR-US: VBulletin
 CVE-2013-6063
 	RESERVED
@@ -3909,7 +3909,7 @@ CVE-2013-6060
 	RESERVED
 CVE-2013-6059
 	RESERVED
-CVE-2013-6058
+CVE-2013-6058 (SQL injection vulnerability in appRain CMF 3.0.2 and earlier allows re ...)
 	NOT-FOR-US: appRain CMS
 CVE-2013-6057
 	RESERVED
@@ -3917,167 +3917,167 @@ CVE-2013-6056
 	RESERVED
 CVE-2013-6055
 	REJECTED
-CVE-2013-6054
+CVE-2013-6054 (Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and  ...)
 	{DSA-2808-1}
 	- openjpeg 1.3+dfsg-4.7 (bug #731237)
-CVE-2013-6053
+CVE-2013-6053 (OpenJPEG 1.5.1 allows remote attackers to obtain sensitive information ...)
 	- openjpeg 1.5.2-1 (bug #731237)
 	[wheezy] - openjpeg <not-affected> (Only affects 1.5)
 	[squeeze] - openjpeg <not-affected> (Only affects 1.5)
-CVE-2013-6052
+CVE-2013-6052 (OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive i ...)
 	{DSA-2808-1}
 	- openjpeg 1.3+dfsg-4.7 (bug #731237)
-CVE-2013-6051
+CVE-2013-6051 (The bgp_attr_unknown function in bgp_attr.c in Quagga 0.99.21 does not ...)
 	{DSA-2803-1}
 	- quagga 0.99.22.4-1 (bug #730513)
 	[squeeze] - quagga <not-affected> (Only affects 0.99.21)
-CVE-2013-6050
+CVE-2013-6050 (Integer overflow in Links before 2.8 allows remote attackers to cause  ...)
 	{DSA-2807-1}
 	- links2 2.8-1
-CVE-2013-6049
+CVE-2013-6049 (apt-listbugs before 0.1.10 creates temporary files insecurely, which a ...)
 	- apt-listbugs 0.1.10 (low)
 	[squeeze] - apt-listbugs <no-dsa> (Minor issue)
 	[wheezy] - apt-listbugs 0.1.8+deb7u1
-CVE-2013-6048
+CVE-2013-6048 (The get_group_tree function in lib/Munin/Master/HTMLConfig.pm in Munin ...)
 	{DSA-2815-1 DLA-20-1}
 	- munin 2.0.18-1
 	[squeeze] - munin 1.4.5-3+deb6u1
-CVE-2013-6047
+CVE-2013-6047 (Multiple cross-site scripting (XSS) vulnerabilities in the site creati ...)
 	- ikiwiki-hosting 0.20131025
 	[wheezy] - ikiwiki-hosting <no-dsa> (Minor XSS)
 CVE-2013-6046
 	RESERVED
-CVE-2013-6045
+CVE-2013-6045 (Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might ...)
 	{DSA-2808-1}
 	- openjpeg 1.3+dfsg-4.7 (bug #731237)
-CVE-2013-6044
+CVE-2013-6044 (The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6 ...)
 	{DSA-2740-1}
 	- python-django 1.5.2-1
-CVE-2013-6043
+CVE-2013-6043 (The login function in Softaculous Webuzo before 2.1.4 provides differe ...)
 	NOT-FOR-US: Softaculous Webuzo
-CVE-2013-6042
+CVE-2013-6042 (Cross-site scripting (XSS) vulnerability in filemanager/login.php in t ...)
 	NOT-FOR-US: Softaculous Webuzo
-CVE-2013-6041
+CVE-2013-6041 (index.php in Softaculous Webuzo before 2.1.4 allows remote attackers t ...)
 	NOT-FOR-US: Softaculous Webuzo
-CVE-2013-6040
+CVE-2013-6040 (Multiple unspecified vulnerabilities in the MW6 Aztec, DataMatrix, and ...)
 	NOT-FOR-US: MW6 Technologies
-CVE-2013-6039
+CVE-2013-6039 (Multiple cross-site scripting (XSS) vulnerabilities in NagiosQL 3.2 SP ...)
 	NOT-FOR-US: NagiosQL
-CVE-2013-6038
+CVE-2013-6038 (Stack-based buffer overflow in Trimble SketchUp Viewer 13.0.4124 allow ...)
 	NOT-FOR-US: Trimble SketchUp Viewer
-CVE-2013-6037
+CVE-2013-6037 (Cross-site scripting (XSS) vulnerability in index.php in Aker Secure M ...)
 	NOT-FOR-US: Aker Secure Mail Gateway
 CVE-2013-6036
 	RESERVED
-CVE-2013-6035
+CVE-2013-6035 (The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800 ...)
 	NOT-FOR-US: Inmarsat broadband satellite terminals
-CVE-2013-6034
+CVE-2013-6034 (The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800 ...)
 	NOT-FOR-US: Inmarsat broadband satellite terminals
-CVE-2013-6033
+CVE-2013-6033 (Multiple cross-site scripting (XSS) vulnerabilities on Lexmark W840 th ...)
 	NOT-FOR-US: Lexmark
-CVE-2013-6032
+CVE-2013-6032 (cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x befo ...)
 	NOT-FOR-US: Lexmark
-CVE-2013-6031
+CVE-2013-6031 (The Huawei E355 adapter with firmware 21.157.37.01.910 does not requir ...)
 	NOT-FOR-US: Huawei E355 adapter
-CVE-2013-6030
+CVE-2013-6030 (Directory traversal vulnerability on the Emerson Network Power Avocent ...)
 	NOT-FOR-US: Emerson Network Power
-CVE-2013-6029
+CVE-2013-6029 (Stack-based buffer overflow in the AT&amp;T Connect Participant Applic ...)
 	NOT-FOR-US: AT&T Connect Participant Application
-CVE-2013-6028
+CVE-2013-6028 (Multiple cross-site request forgery (CSRF) vulnerabilities in Atmail W ...)
 	NOT-FOR-US: Atmail Webmail Server
-CVE-2013-6027
+CVE-2013-6027 (Stack-based buffer overflow in the RuntimeDiagnosticPing function in / ...)
 	NOT-FOR-US: D-Link
-CVE-2013-6026
+CVE-2013-6026 (The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-60 ...)
 	NOT-FOR-US: D-Link
-CVE-2013-6025
+CVE-2013-6025 (The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE)  ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
-CVE-2013-6024
+CVE-2013-6024 (The Edge Client components in F5 BIG-IP APM 10.x through 10.2.4 and 11 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2013-6023
+CVE-2013-6023 (Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firm ...)
 	NOT-FOR-US: TVT TD-2308SS-B DVR
 CVE-2013-6022
 	RESERVED
-CVE-2013-6021
+CVE-2013-6021 (Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8  ...)
 	NOT-FOR-US: WatchGuard WSM and Fireware
-CVE-2013-6020
+CVE-2013-6020 (passwordRequestPOST.jsp in Tyler Technologies TaxWeb 3.13.3.1 sends di ...)
 	NOT-FOR-US: Tyler Technologies TaxWeb
-CVE-2013-6019
+CVE-2013-6019 (Cross-site scripting (XSS) vulnerability in Tyler Technologies TaxWeb  ...)
 	NOT-FOR-US: Tyler Technologies TaxWeb
-CVE-2013-6018
+CVE-2013-6018 (Cross-site request forgery (CSRF) vulnerability in login.jsp in Tyler  ...)
 	NOT-FOR-US: Tyler Technologies TaxWeb
-CVE-2013-6017
+CVE-2013-6017 (Cross-site scripting (XSS) vulnerability in Atmail Webmail Server befo ...)
 	NOT-FOR-US: Atmail Webmail Server
-CVE-2013-6016
+CVE-2013-6016 (The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, E ...)
 	NOT-FOR-US: F5
-CVE-2013-6015
+CVE-2013-6015 (Juniper Junos before 10.4S14, 11.4 before 11.4R5-S2, 12.1R before 12.1 ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-6014
+CVE-2013-6014 (Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before  ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-6013
+CVE-2013-6013 (Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 befor ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-6012
+CVE-2013-6012 (Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before 12.1X45-D ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-6011
+CVE-2013-6011 (Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10. ...)
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2013-6010
+CVE-2013-6010 (Cross-site scripting (XSS) vulnerability in the Comment Attachment plu ...)
 	NOT-FOR-US: Wordpress Comment-Attachment plugin
-CVE-2013-6009
+CVE-2013-6009 (CRLF injection vulnerability in Open-Xchange AppSuite before 7.2.2, wh ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2013-6008
 	REJECTED
 CVE-2013-6007
 	REJECTED
-CVE-2013-6006
+CVE-2013-6006 (Cybozu Garoon 3.5 through 3.7 SP2 allows remote attackers to bypass Ke ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6005
+CVE-2013-6005 (Cross-site scripting (XSS) vulnerability in Cybozu Dezie before 8.1.0  ...)
 	NOT-FOR-US: Cybozu Dezie
-CVE-2013-6004
+CVE-2013-6004 (Session fixation vulnerability in Cybozu Garoon before 3.7.2 allows re ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6003
+CVE-2013-6003 (CRLF injection vulnerability in Cybozu Garoon 3.1 through 3.5 SP5, whe ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6002
+CVE-2013-6002 (The server in Cybozu Garoon before 3.7 SP1 allows remote attackers to  ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6001
+CVE-2013-6001 (SQL injection vulnerability in the Space function in Cybozu Garoon bef ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-6000
+CVE-2013-6000 (Directory traversal vulnerability in Tattyan HP TOWN before 5_10_1 all ...)
 	NOT-FOR-US: Tattyan HP TOWN
-CVE-2013-5999
+CVE-2013-5999 (Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify ...)
 	NOT-FOR-US: Kingsoft KDrive Personal
-CVE-2013-5998
+CVE-2013-5998 (Unspecified vulnerability in the Web manager implementation on D-Link  ...)
 	NOT-FOR-US: D-Link
-CVE-2013-5997
+CVE-2013-5997 (Unspecified vulnerability in the SSH implementation on D-Link Japan DE ...)
 	NOT-FOR-US: D-Link
-CVE-2013-5996
+CVE-2013-5996 (Multiple cross-site scripting (XSS) vulnerabilities in shopping/paymen ...)
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-5995
+CVE-2013-5995 (data/class/helper/SC_Helper_Address.php in the front-features implemen ...)
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-5994
+CVE-2013-5994 (data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php in LOCKON EC-C ...)
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-5993
+CVE-2013-5993 (Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 2.11 ...)
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-5992
+CVE-2013-5992 (Cross-site scripting (XSS) vulnerability in the displaySystemError fun ...)
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-5991
+CVE-2013-5991 (The displaySystemError function in html/handle_error.php in LOCKON EC- ...)
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-5990
+CVE-2013-5990 (Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; I ...)
 	NOT-FOR-US: JustSystems Ichitaro
 CVE-2013-5989
 	RESERVED
 CVE-2013-5988
 	RESERVED
-CVE-2013-5987
+CVE-2013-5987 (Unspecified vulnerability in NVIDIA graphics driver Release 331, 325,  ...)
 	- nvidia-graphics-drivers 304.117-1 (bug #735271)
 	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/3377
-CVE-2013-5986
+CVE-2013-5986 (Unspecified vulnerability in NVIDIA graphics driver Release 331, 325,  ...)
 	- nvidia-graphics-drivers 304.117-1 (bug #735271)
 	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/3377
 CVE-2013-5985
 	RESERVED
-CVE-2013-5984
+CVE-2013-5984 (Directory traversal vulnerability in userfiles/modules/admin/backup/de ...)
 	NOT-FOR-US: Microweber
-CVE-2013-5983
+CVE-2013-5983 (Multiple cross-site scripting (XSS) vulnerabilities in GuppY before 4. ...)
 	NOT-FOR-US: GuppY
 CVE-2013-5982
 	RESERVED
@@ -4085,61 +4085,61 @@ CVE-2013-5981
 	RESERVED
 CVE-2013-5980
 	RESERVED
-CVE-2013-5979
+CVE-2013-5979 (Directory traversal vulnerability in Spring Signage Xibo 1.2.x before  ...)
 	NOT-FOR-US: Xibo
 CVE-2013-5978
 	RESERVED
-CVE-2013-5977
+CVE-2013-5977 (Cross-site request forgery (CSRF) vulnerability in Cart66Product.php i ...)
 	NOT-FOR-US: Cart66 Lite plugin for WordPress
-CVE-2013-5976
+CVE-2013-5976 (Cross-site scripting (XSS) vulnerability in the access policy logout p ...)
 	NOT-FOR-US: F5 BIG-IP APM
-CVE-2013-5975
+CVE-2013-5975 (The access policy logon page (logon.inc) in F5 BIG-IP APM 11.1.0 throu ...)
 	NOT-FOR-US: F5 BIG-IP APM
 CVE-2013-5974
 	REJECTED
-CVE-2013-5973
+CVE-2013-5973 (VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to r ...)
 	NOT-FOR-US: VMware ESXi and ESX
-CVE-2013-5972
+CVE-2013-5972 (VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 ...)
 	NOT-FOR-US: VMware
-CVE-2013-5971
+CVE-2013-5971 (Session fixation vulnerability in the vSphere Web Client Server in VMw ...)
 	NOT-FOR-US: VMware vSphere
-CVE-2013-5970
+CVE-2013-5970 (hostd-vmdb in VMware ESXi 4.0 through 5.0 and ESX 4.0 through 4.1 allo ...)
 	NOT-FOR-US: VMware ESXi and ESX
 CVE-2013-5969
 	RESERVED
-CVE-2013-5968
+CVE-2013-5968 (Cross-site scripting (XSS) vulnerability in CA SiteMinder 12.0 through ...)
 	NOT-FOR-US: CA SiteMinder
-CVE-2013-5967
+CVE-2013-5967 (Multiple SQL injection vulnerabilities in AlienVault Open Source Secur ...)
 	NOT-FOR-US: AlienVault Open Source Security Information Management
-CVE-2013-5966
+CVE-2013-5966 (Cross-site scripting (XSS) vulnerability in ZK Framework before 5.0.13 ...)
 	NOT-FOR-US: ZK Framework
-CVE-2013-5965
+CVE-2013-5965 (The Node View Permissions module 7.x-1.x before 7.x-1.2 for Drupal doe ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-5964
+CVE-2013-5964 (Cross-site scripting (XSS) vulnerability in the administration page in ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-5963
+CVE-2013-5963 (Unrestricted file upload vulnerability in multi.php in Simple Dropbox  ...)
 	NOT-FOR-US: WordPress plugin Simple Dropbox Upload
-CVE-2013-5962
+CVE-2013-5962 (Unrestricted file upload vulnerability in frames/upload-images.php in  ...)
 	NOT-FOR-US: Complete Gallery Manager plugin for Wordpress
-CVE-2013-5961
+CVE-2013-5961 (Unrestricted file upload vulnerability in lazyseo.php in the Lazy SEO  ...)
 	NOT-FOR-US: WordPress plugin Lazy SEO
-CVE-2013-5960
+CVE-2013-5960 (The authenticated-encryption feature in the symmetric-encryption imple ...)
 	NOT-FOR-US: OWASP Enterprise Security API for Java
-CVE-2013-5958
+CVE-2013-5958 (The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2. ...)
 	NOT-FOR-US: Symfony
-CVE-2013-5957
+CVE-2013-5957 (Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location. ...)
 	- civicrm <not-affected> (Fixed before initial upload to the archive)
-CVE-2013-5956
+CVE-2013-5956 (Cross-site scripting (XSS) vulnerability in includes/flvthumbnail.php  ...)
 	NOT-FOR-US: Joomla plugin
-CVE-2013-5955
+CVE-2013-5955 (Cross-site scripting (XSS) vulnerability in manage.php in the PBBookin ...)
 	NOT-FOR-US: Joomla plugin
-CVE-2013-5954
+CVE-2013-5954 (Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2. ...)
 	NOT-FOR-US: OpenX
-CVE-2013-5953
+CVE-2013-5953 (Multiple cross-site scripting (XSS) vulnerabilities in tmpl/layout_edi ...)
 	NOT-FOR-US: Joomla component multi calendar
-CVE-2013-5952
+CVE-2013-5952 (Multiple cross-site scripting (XSS) vulnerabilities in the Freichat (c ...)
 	NOT-FOR-US: Joomla component Freichat
-CVE-2013-5951
+CVE-2013-5951 (Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer 2.1.3 ...)
 	{DSA-2882-1}
 	- extplorer <removed> (bug #741908)
 	NOTE: http://seclists.org/fulldisclosure/2014/Mar/273
@@ -4147,45 +4147,45 @@ CVE-2013-5950
 	RESERVED
 CVE-2013-5949
 	RESERVED
-CVE-2013-5948
+CVE-2013-5948 (The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC ...)
 	NOT-FOR-US: ASUS router
 CVE-2013-5947
 	RESERVED
-CVE-2013-5946
+CVE-2013-5946 (The runShellCmd function in systemCheck.htm in D-Link DSR-150 with fir ...)
 	NOT-FOR-US: D-Link
 CVE-2013-5945
 	RESERVED
-CVE-2013-5944
+CVE-2013-5944 (The integrated web server on Siemens SCALANCE X-200 switches with firm ...)
 	NOT-FOR-US: web server on Siemens switches
-CVE-2013-5959
+CVE-2013-5959 (Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2  ...)
 	NOT-FOR-US: Blue Coat ProxySG
-CVE-2013-5943
+CVE-2013-5943 (Multiple cross-site scripting (XSS) vulnerabilities in Graphite before ...)
 	- graphite-web 0.9.12+debian-1
-CVE-2013-5942
+CVE-2013-5942 (Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely,  ...)
 	- graphite-web 0.9.12+debian-1
 CVE-2013-5941
 	RESERVED
 CVE-2013-5940
 	RESERVED
-CVE-2013-5939
+CVE-2013-5939 (Multiple cross-site scripting (XSS) vulnerabilities in the Guestbook m ...)
 	NOT-FOR-US: PHPCMS
-CVE-2013-5938
+CVE-2013-5938 (Cross-site scripting (XSS) vulnerability in the Click2Sell Suite modul ...)
 	NOT-FOR-US: Click2Sell Suite Drupal contributed module
-CVE-2013-5937
+CVE-2013-5937 (Cross-site request forgery (CSRF) vulnerability in the Click2Sell Suit ...)
 	NOT-FOR-US: Click2Sell Suite Drupal contributed module
-CVE-2013-5936
+CVE-2013-5936 (The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2- ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-5935
+CVE-2013-5935 (The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2- ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-5934
+CVE-2013-5934 (Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2- ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-5933
+CVE-2013-5933 (Stack-based buffer overflow in the sub_E110 function in init in a cert ...)
 	NOT-FOR-US: Motorola
-CVE-2013-5932
+CVE-2013-5932 (Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro Securi ...)
 	NOT-FOR-US: Sophos UTM
-CVE-2013-5931
+CVE-2013-5931 (SQL injection vulnerability in property_listings_detail.php in Real Es ...)
 	NOT-FOR-US: Real Estate PHP Script
-CVE-2013-5930
+CVE-2013-5930 (Cross-site scripting (XSS) vulnerability in search_residential.php in  ...)
 	NOT-FOR-US: Real Estate PHP Script
 CVE-2013-5929
 	RESERVED
@@ -4207,470 +4207,470 @@ CVE-2013-5921
 	RESERVED
 CVE-2013-5920
 	RESERVED
-CVE-2013-5919
+CVE-2013-5919 (Suricata before 1.4.6 allows remote attackers to cause a denial of ser ...)
 	- suricata 2.0-1 (bug #751658)
 	[wheezy] - suricata <no-dsa> (Minor issue)
 	[squeeze] - suricata <no-dsa> (Minor issue)
 	NOTE: https://github.com/OISF/suricata/commit/cd80dcbfd4616582daa39fa56960208ee8e23262
-CVE-2013-5918
+CVE-2013-5918 (Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in t ...)
 	NOT-FOR-US: Platinum SEO plugin for WordPress
-CVE-2013-5917
+CVE-2013-5917 (SQL injection vulnerability in wp-comments-post.php in the NOSpam PTI  ...)
 	NOT-FOR-US: NOSpam PTIa plugin for Wordpress
-CVE-2013-5916
+CVE-2013-5916 (Cross-site scripting (XSS) vulnerability in falha.php in the Bradesco  ...)
 	NOT-FOR-US: WordPress plugin wp-e-commerce
-CVE-2013-5915
+CVE-2013-5915 (The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly  ...)
 	{DSA-2782-1}
 	- polarssl 1.3.1-1 (bug #725359)
 	NOTE: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2013-05
-CVE-2013-5914
+CVE-2013-5914 (Buffer overflow in the ssl_read_record function in ssl_tls.c in PolarS ...)
 	{DSA-2782-1}
 	- polarssl 1.2.0-1 (bug #725359)
 	NOTE: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2013-04
-CVE-2013-5913
+CVE-2013-5913 (Cross-site scripting (XSS) vulnerability in the getRecommSearch functi ...)
 	NOT-FOR-US: OXID eShop
-CVE-2013-5912
+CVE-2013-5912 (VhttpdMgr in Thomson Reuters Velocity Analytics Vhayu Analytic Server  ...)
 	NOT-FOR-US: Thomson Reuters Velocity Analytics Vhayu Analytic Server
-CVE-2013-5911
+CVE-2013-5911 (Cross-site scripting (XSS) vulnerability in devform.php in Tenable Sec ...)
 	NOT-FOR-US: Tenable SecurityCenter
-CVE-2013-5910
+CVE-2013-5910 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Emb ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2013-5909
+CVE-2013-5909 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5908
+CVE-2013-5908 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.35+dfsg-1
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2013-5907
+CVE-2013-5907 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JR ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2013-5906
+CVE-2013-5906 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 all ...)
 	- openjdk-6 <not-affected> (Installation performed differently for Linux distros)
 	- openjdk-7 <not-affected> (Installation performed differently for Linux distros)
-CVE-2013-5905
+CVE-2013-5905 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 all ...)
 	- openjdk-6 <not-affected> (Installation performed differently for Linux distros)
 	- openjdk-7 <not-affected> (Installation performed differently for Linux distros)
-CVE-2013-5904
+CVE-2013-5904 (Unspecified vulnerability in Oracle Java SE 7u45 allows remote attacke ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2013-5903
 	REJECTED
-CVE-2013-5902
+CVE-2013-5902 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remot ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5901
+CVE-2013-5901 (Unspecified vulnerability in the Oracle Identity Manager component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5900
+CVE-2013-5900 (Unspecified vulnerability in the Oracle Identity Manager component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5899
+CVE-2013-5899 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remot ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5898
+CVE-2013-5898 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remot ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5897
+CVE-2013-5897 (Unspecified vulnerability in the Oracle Agile Product Lifecycle Manage ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-5896
+CVE-2013-5896 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Ja ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2013-5895
+CVE-2013-5895 (Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 all ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5894
+CVE-2013-5894 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2013-5893
+CVE-2013-5893 (Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded  ...)
 	- openjdk-6 <not-affected> (Only affects OpenJDK 7)
 	- openjdk-7 7u51-2.4.4-1
-CVE-2013-5892
+CVE-2013-5892 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DSA-2878-1}
 	- virtualbox-ose <removed> (low)
 	- virtualbox 4.3.6-dfsg-1 (low; bug #735410)
-CVE-2013-5891
+CVE-2013-5891 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2848-1}
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.35+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2013-5890
+CVE-2013-5890 (Unspecified vulnerability in the Oracle Payroll component in Oracle E- ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-5889
+CVE-2013-5889 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remot ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5888
+CVE-2013-5888 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when runnin ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5887
+CVE-2013-5887 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remot ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5886
+CVE-2013-5886 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5885
+CVE-2013-5885 (Unspecified vulnerability in Oracle Solaris 11.1 allows local users to ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5884
+CVE-2013-5884 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Ja ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2013-5883
+CVE-2013-5883 (Unspecified vulnerability in Oracle Solaris 8 allows local users to af ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5882
+CVE-2013-5882 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2013-5881
+CVE-2013-5881 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2013-5880
+CVE-2013-5880 (Unspecified vulnerability in the Oracle Demantra Demand Management com ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-5879
+CVE-2013-5879 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5878
+CVE-2013-5878 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Emb ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2013-5877
+CVE-2013-5877 (Unspecified vulnerability in the Oracle Demantra Demand Management com ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-5876
+CVE-2013-5876 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local u ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5875
+CVE-2013-5875 (Unspecified vulnerability in Oracle Solaris 11.1 allows local users to ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5874
+CVE-2013-5874 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-5873
+CVE-2013-5873 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5872
+CVE-2013-5872 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local u ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5871
+CVE-2013-5871 (Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Pro ...)
 	NOT-FOR-US: Oracle Supply Chain Products
-CVE-2013-5870
+CVE-2013-5870 (Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 all ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5869
+CVE-2013-5869 (Unspecified vulnerability in the Oracle WebCenter Portal component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5868
+CVE-2013-5868 (Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Pro ...)
 	NOT-FOR-US: Oracle Supply Chain Products
-CVE-2013-5867
+CVE-2013-5867 (Unspecified vulnerability in the Siebel Core - Server Infrastructure c ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-5866
+CVE-2013-5866 (Unspecified vulnerability in Oracle Solaris 11.1 allows local users to ...)
 	NOT-FOR-US: Solaris
-CVE-2013-5865
+CVE-2013-5865 (Unspecified vulnerability in Oracle Solaris 11.1 allows local users to ...)
 	NOT-FOR-US: Solaris
-CVE-2013-5864
+CVE-2013-5864 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local u ...)
 	NOT-FOR-US: Solaris
-CVE-2013-5863
+CVE-2013-5863 (Unspecified vulnerability in Oracle Solaris 11.1 allows remote attacke ...)
 	NOT-FOR-US: Solaris
-CVE-2013-5862
+CVE-2013-5862 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local u ...)
 	NOT-FOR-US: Solaris
-CVE-2013-5861
+CVE-2013-5861 (Unspecified vulnerability in Oracle Solaris 11.1 allows remote attacke ...)
 	NOT-FOR-US: Solaris
-CVE-2013-5860
+CVE-2013-5860 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2013-5859
+CVE-2013-5859 (Unspecified vulnerability in the Instantis EnterpriseTrack component i ...)
 	NOT-FOR-US: Oracle Primavera Products Suite
-CVE-2013-5858
+CVE-2013-5858 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-5857
+CVE-2013-5857 (Unspecified vulnerability in the Oracle Health Sciences InForm compone ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-5856
+CVE-2013-5856 (Unspecified vulnerability in the Oracle Health Sciences InForm compone ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-5855
+CVE-2013-5855 (Oracle Mojarra 2.2.x before 2.2.6 and 2.1.x before 2.1.28 does not per ...)
 	- mojarra 2.2.8-1 (low; bug #740586)
 	[squeeze] - mojarra <no-dsa> (Minor issue)
 	[wheezy] - mojarra <no-dsa> (Minor issue)
 	NOTE: https://java.net/jira/browse/JAVASERVERFACES-3150
 	NOTE: https://java.net/projects/mojarra/sources/svn/revision/12793
-CVE-2013-5854
+CVE-2013-5854 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaF ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5853
+CVE-2013-5853 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-5852
+CVE-2013-5852 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5851
+CVE-2013-5851 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java  ...)
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5850
+CVE-2013-5850 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5849
+CVE-2013-5849 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5848
+CVE-2013-5848 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5847
+CVE-2013-5847 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS eCompensat ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5846
+CVE-2013-5846 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and Java ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5845
+CVE-2013-5845 (Unspecified vulnerability in the Oracle iLearning component in Oracle  ...)
 	NOT-FOR-US: Oracle iLearning
-CVE-2013-5844
+CVE-2013-5844 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaF ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5843
+CVE-2013-5843 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-5842
+CVE-2013-5842 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5841
+CVE-2013-5841 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5840
+CVE-2013-5840 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5839
+CVE-2013-5839 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
 	NOT-FOR-US: Solaris
-CVE-2013-5838
+CVE-2013-5838 (Unspecified vulnerability in Oracle Java SE 7u25 and earlier, and Java ...)
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5837
+CVE-2013-5837 (Unspecified vulnerability in the Oracle Health Sciences InForm compone ...)
 	NOT-FOR-US: Solaris
-CVE-2013-5836
+CVE-2013-5836 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5835
+CVE-2013-5835 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-5834
+CVE-2013-5834 (Unspecified vulnerability in Oracle Solaris 8 allows local users to af ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5833
+CVE-2013-5833 (Unspecified vulnerability in Oracle Solaris 8 and 9 allows local users ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5832
+CVE-2013-5832 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-5831
+CVE-2013-5831 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5830
+CVE-2013-5830 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5829
+CVE-2013-5829 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5828
+CVE-2013-5828 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-5827
+CVE-2013-5827 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-5826
+CVE-2013-5826 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-5825
+CVE-2013-5825 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5824
+CVE-2013-5824 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5823
+CVE-2013-5823 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/a7758faab30d
-CVE-2013-5822
+CVE-2013-5822 (Unspecified vulnerability in the Oracle iLearning component in Oracle  ...)
 	NOT-FOR-US: Oracle iLearning
-CVE-2013-5821
+CVE-2013-5821 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11.1 allows  ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-5820
+CVE-2013-5820 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5819
+CVE-2013-5819 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5818
+CVE-2013-5818 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5817
+CVE-2013-5817 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5816
+CVE-2013-5816 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2013-5815
+CVE-2013-5815 (Unspecified vulnerability in the Oracle Identity Analytics component i ...)
 	NOT-FOR-US: Oracle Fusion Middleware Oracle Identity Analytics
-CVE-2013-5814
+CVE-2013-5814 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5813
+CVE-2013-5813 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5812
+CVE-2013-5812 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5811
+CVE-2013-5811 (Unspecified vulnerability in the Oracle Health Sciences InForm compone ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-5810
+CVE-2013-5810 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaF ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5809
+CVE-2013-5809 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5808
+CVE-2013-5808 (Unspecified vulnerability in the Oracle iPlanet Web Proxy Server compo ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5807
+CVE-2013-5807 (Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32  ...)
 	{DSA-2818-1}
 	- mysql-5.5 5.5.33
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5 and 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-5806
+CVE-2013-5806 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java  ...)
 	- openjdk-6 <not-affected> (Specific to MacOS X)
 	- openjdk-7 7u45-2.4.3-1
 	NOTE: openjdk-7 package mentioned this CVE, specifc to Mac OS X?
-CVE-2013-5805
+CVE-2013-5805 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java  ...)
 	- openjdk-6 <not-affected> (Specific to MacOS X)
 	- openjdk-7 7u45-2.4.3-1
 	NOTE: openjdk-7 package mentioned this CVE, specific to MacOS X?
-CVE-2013-5804
+CVE-2013-5804 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1 (unimportant)
 	- openjdk-7 7u45-2.4.3-1 (unimportant)
 	NOTE: Javadoc comments can contain arbitrary HTML
-CVE-2013-5803
+CVE-2013-5803 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/0b84d3b434c2
-CVE-2013-5802
+CVE-2013-5802 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5801
+CVE-2013-5801 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-5800
+CVE-2013-5800 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java  ...)
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5799
+CVE-2013-5799 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-5798
+CVE-2013-5798 (Unspecified vulnerability in the Oracle Identity Manager component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5797
+CVE-2013-5797 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5796
+CVE-2013-5796 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-5795
+CVE-2013-5795 (Unspecified vulnerability in the Oracle Demantra Demand Management com ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-5794
+CVE-2013-5794 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5793
+CVE-2013-5793 (Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-5792
+CVE-2013-5792 (Unspecified vulnerability in the Techstack component in Oracle E-Busin ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-5791
+CVE-2013-5791 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5790
+CVE-2013-5790 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5789
+CVE-2013-5789 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5788
+CVE-2013-5788 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java  ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5787
+CVE-2013-5787 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5786
+CVE-2013-5786 (Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-5785
+CVE-2013-5785 (Unspecified vulnerability in the Oracle Reports Developer component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5784
+CVE-2013-5784 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5783
+CVE-2013-5783 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/2790e9ace697
-CVE-2013-5782
+CVE-2013-5782 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5781
+CVE-2013-5781 (Unspecified vulnerability in Oracle PARC Enterprise T4 Servers running ...)
 	NOT-FOR-US: Oracle PARC Enterprise
-CVE-2013-5780
+CVE-2013-5780 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE  ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5779
+CVE-2013-5779 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5778
+CVE-2013-5778 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5777
+CVE-2013-5777 (Unspecified vulnerability in the Java SE and JavaFX components in Orac ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5776
+CVE-2013-5776 (Unspecified vulnerability in the Java SE and Java SE Embedded componen ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-5775
+CVE-2013-5775 (Unspecified vulnerability in the Java SE and JavaFX components in Orac ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5774
+CVE-2013-5774 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5773
+CVE-2013-5773 (Unspecified vulnerability in the Oracle Containers for J2EE component  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5772
+CVE-2013-5772 (Unspecified vulnerability in the Java SE component in Oracle Java SE J ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-5771
+CVE-2013-5771 (Unspecified vulnerability in the XML Parser component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-5770
+CVE-2013-5770 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-5769
+CVE-2013-5769 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-5768
+CVE-2013-5768 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-5767
+CVE-2013-5767 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-5766
+CVE-2013-5766 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-5765
+CVE-2013-5765 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5764
+CVE-2013-5764 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-5763
+CVE-2013-5763 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-5762
+CVE-2013-5762 (Unspecified vulnerability in the Oracle Siebel CTMS component in Oracl ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2013-5761
+CVE-2013-5761 (Unspecified vulnerability in the Siebel Core - Server BizLogic Script  ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2013-5760
+CVE-2013-5760 (QNAP Photo Station before firmware 4.0.3 build0912 allows remote attac ...)
 	NOT-FOR-US: QNAP firmware
 CVE-2013-5759
 	REJECTED
-CVE-2013-5758
+CVE-2013-5758 (cgi-bin/cgiServer.exx in Yealink VoIP Phone SIP-T38G allows remote aut ...)
 	NOT-FOR-US: Yealink VoIP Phone
-CVE-2013-5757
+CVE-2013-5757 (Absolute path traversal vulnerability in Yealink VoIP Phone SIP-T38G a ...)
 	NOT-FOR-US: Yealink VoIP Phone
-CVE-2013-5756
+CVE-2013-5756 (Directory traversal vulnerability in Yealink VoIP Phone SIP-T38G allow ...)
 	NOT-FOR-US: Yealink VoIP Phone
-CVE-2013-5755
+CVE-2013-5755 (config/.htpasswd in Yealink IP Phone SIP-T38G has a hardcoded password ...)
 	NOT-FOR-US: Yealink IP Phone
-CVE-2013-5754
+CVE-2013-5754 (The authorization implementation on Dahua DVR appliances accepts a has ...)
 	NOT-FOR-US: Dahua DVR
 CVE-2013-5753
 	RESERVED
 CVE-2013-5752
 	RESERVED
-CVE-2013-5751
+CVE-2013-5751 (Directory traversal vulnerability in SAP NetWeaver 7.x allows remote a ...)
 	NOT-FOR-US: SAP NetWeaver 7.x
-CVE-2013-5750
+CVE-2013-5750 (The login form in the FriendsOfSymfony FOSUserBundle bundle before 1.3 ...)
 	NOT-FOR-US: FriendsOfSymfony FOSUserBundle
-CVE-2013-5749
+CVE-2013-5749 (Cross-site scripting (XSS) vulnerability in management/prioritize_plan ...)
 	NOT-FOR-US: SimpleRisk
-CVE-2013-5748
+CVE-2013-5748 (Cross-site request forgery (CSRF) vulnerability in management/prioriti ...)
 	NOT-FOR-US: SimpleRisk
 CVE-2013-5747
 	RESERVED
 CVE-2013-5746
 	RESERVED
-CVE-2013-5744
+CVE-2013-5744 (Cross-site scripting (XSS) vulnerability in Feng Office 2.3.2-rc and e ...)
 	NOT-FOR-US: Feng Office
 CVE-2013-5743
 	RESERVED
@@ -4678,19 +4678,19 @@ CVE-2013-5743
 	[squeeze] - zabbix <end-of-life> (Not supported in Squeeze LTS)
 CVE-2013-5742
 	RESERVED
-CVE-2013-5741
+CVE-2013-5741 (Triangle Research International (aka Tri) Nano-10 PLC devices with fir ...)
 	NOT-FOR-US: Triangle Research International Nano-10 PLC
-CVE-2013-5745
+CVE-2013-5745 (The vino_server_client_data_pending function in vino-server.c in GNOME ...)
 	- vino 3.10.1-1 (low; bug #724545)
 	[wheezy] - vino <no-dsa> (Minor issue)
 	[squeeze] - vino <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2013/Sep/105
-CVE-2013-5740
+CVE-2013-5740 (Unspecified vulnerability in the Intel Trusted Execution Technology (T ...)
 	NOT-FOR-US: Intel Trusted Execution Technology
-CVE-2013-5739
+CVE-2013-5739 (The default configuration of WordPress before 3.6.1 does not prevent u ...)
 	{DSA-2757-1}
 	- wordpress 3.6.1+dfsg-1
-CVE-2013-5738
+CVE-2013-5738 (The get_allowed_mime_types function in wp-includes/functions.php in Wo ...)
 	{DSA-2757-1}
 	- wordpress 3.6.1+dfsg-1
 CVE-2013-5737
@@ -4707,7 +4707,7 @@ CVE-2013-5732
 	RESERVED
 CVE-2013-5731
 	RESERVED
-CVE-2013-5730
+CVE-2013-5730 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link D ...)
 	NOT-FOR-US: D-Link
 CVE-2013-5729
 	RESERVED
@@ -4715,114 +4715,114 @@ CVE-2013-5728
 	RESERVED
 CVE-2013-5727
 	RESERVED
-CVE-2013-5726
+CVE-2013-5726 (Tweetbot 1.3.3 for Mac, and 2.8.5 for iPad and iPhone, does not requir ...)
 	NOT-FOR-US: Tweetbot for iOS and Mac
-CVE-2013-5725
+CVE-2013-5725 (The Metaclassy Byword app 2.x before 2.1 for iOS does not require conf ...)
 	NOT-FOR-US: Byword for iOS
-CVE-2013-5724
+CVE-2013-5724 (Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permis ...)
 	{DSA-2752-1}
 	- phpbb3 3.0.11-4 (bug #711172)
-CVE-2013-5723
+CVE-2013-5723 (SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attack ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2013-5716
+CVE-2013-5716 (Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remot ...)
 	NOT-FOR-US: Gretech GOM Media Player
-CVE-2013-5715
+CVE-2013-5715 (Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has uns ...)
 	NOT-FOR-US: Gretech GOM Media Player
-CVE-2013-5714
+CVE-2013-5714 (Multiple cross-site scripting (XSS) vulnerabilities in ls/htmlchat.php ...)
 	NOT-FOR-US: WordPress plugin videowhisper-live-streaming-integration
 CVE-2013-5713
 	RESERVED
 CVE-2013-5712
 	RESERVED
-CVE-2013-5711
+CVE-2013-5711 (Cross-site scripting (XSS) vulnerability in admin/walkthrough/walkthro ...)
 	NOT-FOR-US: Design-approval-system Plugin for WordPress
-CVE-2013-5722
+CVE-2013-5722 (Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x bef ...)
 	{DSA-2756-1}
 	- wireshark 1.10.2-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-59.html
-CVE-2013-5721
+CVE-2013-5721 (The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ di ...)
 	{DLA-497-1}
 	- wireshark 1.10.2-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-58.html
-CVE-2013-5720
+CVE-2013-5720 (Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 ...)
 	{DSA-2756-1}
 	- wireshark 1.10.2-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-57.html
-CVE-2013-5719
+CVE-2013-5719 (epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark ...)
 	{DLA-497-1}
 	- wireshark 1.10.2-1 (unimportant)
 	NOTE: Not suitable for code injection
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-56.html
-CVE-2013-5718
+CVE-2013-5718 (The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in ...)
 	{DSA-2756-1}
 	- wireshark 1.10.2-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-55.html
-CVE-2013-5717
+CVE-2013-5717 (The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does ...)
 	- wireshark 1.10.2-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2013-54.html
-CVE-2013-5710
+CVE-2013-5710 (The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel  ...)
 	{DSA-2769-1}
 	- kfreebsd-9 9.2~svn255465-1 (bug #722337)
 	- kfreebsd-8 <removed>
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
-CVE-2013-5709
+CVE-2013-5709 (The authentication implementation in the web server on Siemens SCALANC ...)
 	NOT-FOR-US: Siemens SCALANCE X-200
-CVE-2013-5708
+CVE-2013-5708 (Coursemill Learning Management System (LMS) 6.8 constructs secret toke ...)
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-5707
+CVE-2013-5707 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Lear ...)
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-5706
+CVE-2013-5706 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Lear ...)
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-5705
+CVE-2013-5705 (apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attack ...)
 	{DSA-2991-1 DLA-34-1}
 	- modsecurity-apache 2.7.7-1
 	- libapache-mod-security <removed>
 	[squeeze] - libapache-mod-security 2.5.12-1+squeeze4
 	NOTE: Upstream commit: https://github.com/SpiderLabs/ModSecurity/commit/f8d441cd25172fdfe5b613442fedfc0da3cc333d
 	NOTE: http://martin.swende.se/blog/HTTPChunked.html
-CVE-2013-5704
+CVE-2013-5704 (The mod_headers module in the Apache HTTP Server 2.2.22 allows remote  ...)
 	{DLA-71-1}
 	- apache2 2.4.10-2 (medium)
 	[wheezy] - apache2 2.2.22-13+deb7u4
 	NOTE: http://marc.info/?l=apache-httpd-dev&m=139636309822854&w=2
-CVE-2013-5703
+CVE-2013-5703 (The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute ...)
 	NOT-FOR-US: DrayTek Vigor 2700 router
-CVE-2013-5702
+CVE-2013-5702 (Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in Wa ...)
 	NOT-FOR-US: Watchguard Server Center
-CVE-2013-5701
+CVE-2013-5701 (Multiple untrusted search path vulnerabilities in (1) Watchguard Log C ...)
 	NOT-FOR-US: Watchguard Server Center
-CVE-2013-5700
+CVE-2013-5700 (The Bloom Filter implementation in bitcoind and Bitcoin-Qt 0.8.x befor ...)
 	- bitcoin 0.8.4-1
 	NOTE: https://bitcointalk.org/index.php?topic=287351.0
 CVE-2013-5699
 	RESERVED
-CVE-2013-5698
+CVE-2013-5698 (Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and  ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-5697
+CVE-2013-5697 (SQL injection vulnerability in mod_accounting.c in the mod_accounting  ...)
 	- libapache-mod-acct <removed>
-CVE-2013-5696
+CVE-2013-5696 (inc/central.class.php in GLPI before 0.84.2 does not attempt to make i ...)
 	- glpi 0.84.2-1 (unimportant; bug #723837)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2013-5695
+CVE-2013-5695 (Multiple cross-site scripting (XSS) vulnerabilities in Opsview before  ...)
 	NOT-FOR-US: Ops View
-CVE-2013-5694
+CVE-2013-5694 (SQL injection vulnerability in status/service/acknowledge in Opsview b ...)
 	NOT-FOR-US: Ops View
-CVE-2013-5693
+CVE-2013-5693 (Cross-site scripting (XSS) vulnerability in X2Engine X2CRM before 3.5  ...)
 	NOT-FOR-US: X2CRM
-CVE-2013-5692
+CVE-2013-5692 (Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows  ...)
 	NOT-FOR-US: X2CRM
-CVE-2013-5691
+CVE-2013-5691 (The (1) IPv6 and (2) ATM ioctl request handlers in the kernel in FreeB ...)
 	{DSA-2769-1}
 	- kfreebsd-9 9.2~svn255465-1 (bug #722338)
 	- kfreebsd-8 <removed>
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
-CVE-2013-5690
+CVE-2013-5690 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Ap ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2013-5687
 	RESERVED
@@ -4838,34 +4838,34 @@ CVE-2013-5682
 	RESERVED
 CVE-2013-5681
 	RESERVED
-CVE-2013-5680
+CVE-2013-5680 (Heap-based buffer overflow in hfaxd in HylaFAX+ 5.2.4 through 5.5.3, w ...)
 	- hylafax <not-affected> (Not built with LDAP support)
 	NOTE: http://www.securityfocus.com/archive/1/528943/30/0/threaded
-CVE-2013-5679
+CVE-2013-5679 (The authenticated-encryption feature in the symmetric-encryption imple ...)
 	NOT-FOR-US: OWASP Enterprise Security API for Java
 CVE-2013-5678
 	RESERVED
 CVE-2013-5677
 	RESERVED
-CVE-2013-5676
+CVE-2013-5676 (The Jenkins Plugin for SonarQube 3.7 and earlier allows remote authent ...)
 	NOT-FOR-US: SonarQube Jenkins plugin
-CVE-2013-5674
+CVE-2013-5674 (badges/external.php in Moodle 2.5.x before 2.5.2 does not properly han ...)
 	- moodle 2.5.2-1
 	[squeeze] - moodle <not-affected> (Only affects 2.5.x)
-CVE-2013-5669
+CVE-2013-5669 (The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext crede ...)
 	NOT-FOR-US: Thecus NAS server N8800
-CVE-2013-5668
+CVE-2013-5668 (The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5 ...)
 	NOT-FOR-US: Thecus NAS server N8800
-CVE-2013-5667
+CVE-2013-5667 (The Thecus NAS server N8800 with firmware 5.03.01 allows remote attack ...)
 	NOT-FOR-US: Thecus NAS server N8800
-CVE-2013-5666
+CVE-2013-5666 (The sendfile system-call implementation in sys/kern/uipc_syscalls.c in ...)
 	- kfreebsd-9 9.2~svn255465-1 (bug #722336)
 	[wheezy] - kfreebsd-9 <not-affected> (Only affects 9.2.x)
 CVE-2013-5665
 	RESERVED
-CVE-2013-5664
+CVE-2013-5664 (Cross-site scripting (XSS) vulnerability in the web-based device-manag ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2013-5663
+CVE-2013-5663 (The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4 ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2013-5662
 	RESERVED
@@ -4874,7 +4874,7 @@ CVE-2013-5661 [DNS response rate limiting can simplify cache poisoning attacks]
 	NOTE: DNS protocol flaw
 	NOTE: http://www.certa.ssi.gouv.fr/site/CERTA-2013-AVI-506/index.html
 	NOTE: https://www.isc.org/blogs/cache-poisoning-gets-a-second-wind-from-rrl-probably-not/
-CVE-2013-5660
+CVE-2013-5660 (Buffer overflow in Power Software WinArchiver 3.2 allows remote attack ...)
 	NOT-FOR-US: Power Software WinArchiver
 CVE-2013-5659
 	RESERVED
@@ -4886,48 +4886,48 @@ CVE-2013-5656
 	RESERVED
 CVE-2013-5689 [Arbitrary File Upload]
 	REJECTED
-CVE-2013-5688
+CVE-2013-5688 (Multiple directory traversal vulnerabilities in index.php in AjaXplore ...)
 	- ajaxplorer <itp> (bug #668381)
 CVE-2013-5675
 	RESERVED
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2013-4298
+CVE-2013-4298 (The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8- ...)
 	{DSA-2750-1}
 	- imagemagick 8:6.7.7.10-6 (bug #721273)
 	[squeeze] - imagemagick <not-affected> (Code not vulnerable)
-CVE-2013-5673
+CVE-2013-5673 (SQL injection vulnerability in testimonial.php in the IndiaNIC Testimo ...)
 	NOT-FOR-US: IndiaNIC Testimonial plugin 2.2 for WordPress
-CVE-2013-5672
+CVE-2013-5672 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Indi ...)
 	NOT-FOR-US: IndiaNIC Testimonial plugin 2.2 for WordPress
-CVE-2013-5671
+CVE-2013-5671 (lib/dragonfly/imagemagickutils.rb in the fog-dragonfly gem 0.8.2 for R ...)
 	NOT-FOR-US: fog-dragonfly Ruby Gem
-CVE-2013-5670
+CVE-2013-5670 (Cross-site scripting (XSS) vulnerability in spell-check-savedicts.php  ...)
 	- serendipity <not-affected> (Spellcheck plugin not included in 1.5.x)
-CVE-2013-5653
+CVE-2013-5653 (The getenv and filenameforall functions in Ghostscript 9.10 ignore the ...)
 	{DSA-3691-1 DLA-674-1}
 	- ghostscript 9.19~dfsg-3.1 (low; bug #839118)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=694724
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ab109aaeb3ddba59518b036fb288402a65cf7ce8
 CVE-2013-5652
 	RESERVED
-CVE-2013-5650
+CVE-2013-5650 (Junos Pulse Secure Access Service (IVE) 7.1 before 7.1r5, 7.2 before 7 ...)
 	NOT-FOR-US: Junos Pulse Secure Access Service
-CVE-2013-5649
+CVE-2013-5649 (Multiple cross-site scripting (XSS) vulnerabilities in Juniper Junos P ...)
 	NOT-FOR-US: Juniper
-CVE-2013-5655
+CVE-2013-5655 (Directory traversal vulnerability in the FTP server in YingZhi Python  ...)
 	NOT-FOR-US: YingZhi Python for iOS
-CVE-2013-5654
+CVE-2013-5654 (Vulnerability in YingZhi Python Programming Language v1.9 allows arbit ...)
 	NOT-FOR-US: YingZhi Python for iOS
-CVE-2013-5651
+CVE-2013-5651 (The virBitmapParse function in util/virbitmap.c in libvirt before 1.1. ...)
 	- libvirt 1.1.2~rc1-1
 	[jessie] - libvirt <not-affected> (vulnerable code not introduced, introduced in v0.10.2-rc1)
 	[wheezy] - libvirt <not-affected> (vulnerable code not introduced, introduced in v0.10.2-rc1)
 	[squeeze] - libvirt <not-affected> (vulnerable code not introduced, introduced in v0.10.2-rc1)
 	NOTE: introduced by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=0fc89098a68f0f6962de8be4fc03ddd960ffbf08
 	NOTE: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=47b9127e883677a0d60d767030a147450e919a25
-CVE-2013-5646
+CVE-2013-5646 (Cross-site scripting (XSS) vulnerability in Roundcube webmail 1.0-git  ...)
 	- roundcube <not-affected> (Unclear, 0.9.2 reported not affected, all other issues covered by CVE-2013-5645)
-CVE-2013-5645
+CVE-2013-5645 (Multiple cross-site scripting (XSS) vulnerabilities in Roundcube webma ...)
 	- roundcube 0.9.4-1 (bug #721592)
 	[wheezy] - roundcube <no-dsa> (Minor issue)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
@@ -4938,19 +4938,19 @@ CVE-2013-5644
 	RESERVED
 CVE-2013-5643
 	REJECTED
-CVE-2013-5640
+CVE-2013-5640 (Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote att ...)
 	NOT-FOR-US: Gnew
-CVE-2013-5639
+CVE-2013-5639 (Directory traversal vulnerability in users/login.php in Gnew 2013.1 an ...)
 	NOT-FOR-US: Gnew
-CVE-2013-5648
+CVE-2013-5648 (Absolute path traversal vulnerability in the handleStartDataFile funct ...)
 	- libdigidoc <not-affected> (Fixed before initial upload to the archive)
-CVE-2013-5647
+CVE-2013-5647 (lib/sounder/sound.rb in the sounder gem 1.0.1 for Ruby allows remote a ...)
 	NOT-FOR-US: Sounder Ruby Gem
-CVE-2013-5642
+CVE-2013-5642 (The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1 ...)
 	{DSA-2749-1}
 	- asterisk 1:11.5.1~dfsg-1 (bug #721220)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2013-005.html
-CVE-2013-5641
+CVE-2013-5641 (The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1 ...)
 	{DSA-2749-1}
 	- asterisk 1:11.5.1~dfsg-1 (bug #721220)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2013-004.html
@@ -4958,9 +4958,9 @@ CVE-2013-5638
 	RESERVED
 CVE-2013-5637
 	RESERVED
-CVE-2013-5636
+CVE-2013-5636 (Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Se ...)
 	NOT-FOR-US: Check Point Endpoint Security
-CVE-2013-5635
+CVE-2013-5635 (Media Encryption EPM Explorer in Check Point Endpoint Security through ...)
 	NOT-FOR-US: Check Point Endpoint Security
 CVE-2013-5633
 	REJECTED
@@ -4990,10 +4990,10 @@ CVE-2013-5621
 	REJECTED
 CVE-2013-5620
 	REJECTED
-CVE-2013-5619
+CVE-2013-5619 (Multiple integer overflows in the binary-search implementation in Spid ...)
 	- iceweasel <not-affected> (Only affects Firefox 25)
 	- iceape <not-affected> (Only affects Firefox 25)
-CVE-2013-5618
+CVE-2013-5618 (Use-after-free vulnerability in the nsNodeUtils::LastRelease function  ...)
 	- iceweasel 24.2.0esr-1
 	- icedove 24.2.0-1
 	- iceape <removed>
@@ -5003,7 +5003,7 @@ CVE-2013-5618
 	[squeeze] - iceape <end-of-life>
 CVE-2013-5617
 	RESERVED
-CVE-2013-5616
+CVE-2013-5616 (Use-after-free vulnerability in the nsEventListenerManager::HandleEven ...)
 	- iceweasel 24.2.0esr-1
 	- icedove 24.2.0-1
 	- iceape <removed>
@@ -5011,7 +5011,7 @@ CVE-2013-5616
 	[wheezy] - iceape <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-5615
+CVE-2013-5615 (The JavaScript implementation in Mozilla Firefox before 26.0, Firefox  ...)
 	- iceweasel 24.2.0esr-1
 	- icedove 24.2.0-1
 	- iceape <removed>
@@ -5019,9 +5019,9 @@ CVE-2013-5615
 	[wheezy] - iceape <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-5614
+CVE-2013-5614 (Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly  ...)
 	- iceweasel <not-affected> (Only affects Firefox 25)
-CVE-2013-5613
+CVE-2013-5613 (Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove  ...)
 	- iceweasel 24.2.0esr-1
 	- icedove 24.2.0-1
 	- iceape <removed>
@@ -5029,15 +5029,15 @@ CVE-2013-5613
 	[wheezy] - iceape <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-5612
+CVE-2013-5612 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26. ...)
 	- iceweasel <not-affected> (Only affects Firefox 25)
-CVE-2013-5611
+CVE-2013-5611 (Mozilla Firefox before 26.0 does not properly remove the Application I ...)
 	- iceweasel <not-affected> (Only affects Firefox 25)
-CVE-2013-5610
+CVE-2013-5610 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox 25)
 	- iceape <not-affected> (Only affects Firefox 25)
 	- icedove <not-affected> (Only affects Firefox 25)
-CVE-2013-5609
+CVE-2013-5609 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel 24.2.0esr-1
 	- icedove 24.2.0-1
 	- iceape <removed>
@@ -5047,17 +5047,17 @@ CVE-2013-5609
 	[squeeze] - iceape <end-of-life>
 CVE-2013-5608
 	RESERVED
-CVE-2013-5607
+CVE-2013-5607 (Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape  ...)
 	{DSA-2820-1}
 	- nspr 2:4.10.2-1
-CVE-2013-5606
+CVE-2013-5606 (The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Netw ...)
 	{DSA-2994-1 DLA-23-1}
 	- nss 2:3.15.3-1 (bug #735105)
 	[squeeze] - nss 3.12.8-1+squeeze8
-CVE-2013-5605
+CVE-2013-5605 (Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 be ...)
 	{DSA-2800-1}
 	- nss 2:3.15.3-1
-CVE-2013-5604
+CVE-2013-5604 (The txXPathNodeUtils::getBaseURI function in the XSLT processor in Moz ...)
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5066,13 +5066,13 @@ CVE-2013-5604
 	[wheezy] - iceape <end-of-life>
 	[squeeze] - iceape <end-of-life>
 	- iceape <removed>
-CVE-2013-5603
+CVE-2013-5603 (Use-after-free vulnerability in the nsContentUtils::ContentIsHostInclu ...)
 	- iceweasel 24.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-5602
+CVE-2013-5602 (The Worker::SetEventListener function in the Web workers implementatio ...)
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5081,7 +5081,7 @@ CVE-2013-5602
 	[wheezy] - iceape <end-of-life>
 	- icedove 17.0.10-1
 	- iceape <removed>
-CVE-2013-5601
+CVE-2013-5601 (Use-after-free vulnerability in the nsEventListenerManager::SetEventHa ...)
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5090,7 +5090,7 @@ CVE-2013-5601
 	- iceape <removed>
 	[wheezy] - iceape <end-of-life>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-5600
+CVE-2013-5600 (Use-after-free vulnerability in the nsIOService::NewChannelFromURIWith ...)
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5099,7 +5099,7 @@ CVE-2013-5600
 	[squeeze] - iceape <end-of-life>
 	- icedove 17.0.10-1
 	- iceape <removed>
-CVE-2013-5599
+CVE-2013-5599 (Use-after-free vulnerability in the nsIPresShell::GetPresContext funct ...)
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5108,13 +5108,13 @@ CVE-2013-5599
 	[squeeze] - iceape <end-of-life>
 	- icedove 17.0.10-1
 	- iceape <removed>
-CVE-2013-5598
+CVE-2013-5598 (PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 ...)
 	- iceweasel 24.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox >=24)
 	- iceape <not-affected> (Only affects Firefox >=24)
-CVE-2013-5597
+CVE-2013-5597 (Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad fu ...)
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5123,13 +5123,13 @@ CVE-2013-5597
 	[squeeze] - iceape <end-of-life>
 	- icedove 17.0.10-1
 	- iceape <removed>
-CVE-2013-5596
+CVE-2013-5596 (The cycle collection (CC) implementation in Mozilla Firefox before 25. ...)
 	- iceweasel 24.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-5595
+CVE-2013-5595 (The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x ...)
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5140,25 +5140,25 @@ CVE-2013-5595
 	- iceape <removed>
 CVE-2013-5594
 	RESERVED
-CVE-2013-5593
+CVE-2013-5593 (The SELECT element implementation in Mozilla Firefox before 25.0, Fire ...)
 	- iceweasel 24.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-5592
+CVE-2013-5592 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel 24.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox >=24)
 	- iceape <not-affected> (Only affects Firefox >=24)
-CVE-2013-5591
+CVE-2013-5591 (Unspecified vulnerability in the browser engine in Mozilla Firefox bef ...)
 	- iceweasel 24.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox >=24)
 	- iceape <not-affected> (Only affects Firefox >=24)
-CVE-2013-5590
+CVE-2013-5590 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2797-1 DSA-2788-1}
 	- iceweasel 24.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5167,17 +5167,17 @@ CVE-2013-5590
 	[wheezy] - iceape <end-of-life>
 	- icedove 17.0.10-1
 	- iceape <removed>
-CVE-2013-5634
+CVE-2013-5634 (arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM platform ...)
 	- linux 3.11.5-1
 	[wheezy] - linux <not-affected> (KVM for arm introduced in 3.9)
 	- linux-2.6 <not-affected> (KVM for arm introduced in 3.9)
-CVE-2013-5586
+CVE-2013-5586 (Cross-site scripting (XSS) vulnerability in wikka.php in WikkaWiki bef ...)
 	NOT-FOR-US: WikkaWiki
 CVE-2013-5585
 	RESERVED
 CVE-2013-5584
 	RESERVED
-CVE-2013-5583
+CVE-2013-5583 (Cross-site scripting (XSS) vulnerability in libraries/idna_convert/exa ...)
 	NOT-FOR-US: Joomla!
 CVE-2013-5582
 	RESERVED
@@ -5187,32 +5187,32 @@ CVE-2013-5581
 	NOT-FOR-US: Ammyy Admin
 CVE-2013-5579
 	RESERVED
-CVE-2013-5578
+CVE-2013-5578 (Buffer overflow in the ToDot method in the WINGRAPHVIZLib.NEATO Active ...)
 	NOT-FOR-US: StarUML
 CVE-2013-5577
 	RESERVED
 CVE-2013-5574
 	RESERVED
-CVE-2013-5573
+CVE-2013-5573 (Cross-site scripting (XSS) vulnerability in the default markup formatt ...)
 	- jenkins 1.565.2-1 (bug #732708)
 	NOTE: http://seclists.org/fulldisclosure/2013/Dec/159
-CVE-2013-5572
+CVE-2013-5572 (Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bi ...)
 	- zabbix 1:2.2.2+dfsg-1 (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2013/Sep/151
 	NOTE: Non-issue
 CVE-2013-5571
 	RESERVED
-CVE-2013-5570
+CVE-2013-5570 (Cross-site scripting (XSS) vulnerability in the Javascript and CSS Opt ...)
 	NOT-FOR-US: TYPO3 extension (js_css_optimizer)
-CVE-2013-5569
+CVE-2013-5569 (SQL injection vulnerability in the Slideshare extension 0.1.0 for TYPO ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2013-5589
+CVE-2013-5589 (SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earl ...)
 	{DSA-2747-1}
 	- cacti 0.8.8b+dfsg-3
-CVE-2013-5588
+CVE-2013-5588 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b an ...)
 	{DSA-2747-1}
 	- cacti 0.8.8b+dfsg-3
-CVE-2013-5587
+CVE-2013-5587 (Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 4.x b ...)
 	{DSA-2671-1}
 	- request-tracker3.8 <not-affected> (only covers the issues in 4.x)
 	- request-tracker4 4.0.12-2 (bug #709836)
@@ -5222,274 +5222,274 @@ CVE-2013-5587
 	NOTE: patch for 4.0.13: https://github.com/bestpractical/rt/compare/rt-4.0.12...rt-4.0.13
 	NOTE: still not clear why the split was done, but confirmed by upstream that this issue
 	NOTE: is covered by the fixes applied for CVE-2013-3371
-CVE-2013-5580
+CVE-2013-5580 (The (1) Conn_StartLogin and (2) cb_Read_Resolver_Result functions in c ...)
 	- ngircd <not-affected> (only affects 20, 20.1, and 20.2)
 	NOTE: http://arthur.barton.de/pipermail/ngircd-ml/2013-August/000652.html
-CVE-2013-5576
+CVE-2013-5576 (administrator/components/com_media/helpers/media.php in the media mana ...)
 	NOT-FOR-US: Joomla!
 CVE-2013-5575
 	REJECTED
-CVE-2013-5568
+CVE-2013-5568 (The auto-update implementation in Cisco Adaptive Security Appliance (A ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5567
+CVE-2013-5567 (Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier,  ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2013-5566
+CVE-2013-5566 (Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote attacker ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-5565
+CVE-2013-5565 (The OSPFv3 functionality in Cisco IOS XR 5.1 allows remote attackers t ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5564
+CVE-2013-5564 (The Java process in the Impact server in Cisco Prime Central for Hoste ...)
 	NOT-FOR-US: Cisco Prime Central for Hosted Collaboration Solution
-CVE-2013-5563
+CVE-2013-5563 (Cross-site scripting (XSS) vulnerability in Query/NewQueryResult.jsp i ...)
 	NOT-FOR-US: Cisco CS-MARS
-CVE-2013-5562
+CVE-2013-5562 (The ITM web server in Cisco Prime Central for Hosted Collaboration Sol ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5561
+CVE-2013-5561 (The Safe Search enforcement feature in Cisco Adaptive Security Applian ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5560
+CVE-2013-5560 (The IPv6 implementation in Cisco Adaptive Security Appliance (ASA) Sof ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5559
+CVE-2013-5559 (Buffer overflow in the Active Template Library (ATL) framework in the  ...)
 	NOT-FOR-US: Cisco AnyConnect Secure Mobility Client
-CVE-2013-5558
+CVE-2013-5558 (The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 befor ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5557
+CVE-2013-5557 (The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in C ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5556
+CVE-2013-5556 (The license-installation module on the Cisco Nexus 1000V switch 4.2(1) ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5555
+CVE-2013-5555 (Cisco Unified Communications Manager (aka CUCM or Unified CM) allows r ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-5554
+CVE-2013-5554 (Directory traversal vulnerability in the web-management interface in t ...)
 	NOT-FOR-US: Cisco Wide Area Application Services
-CVE-2013-5553
+CVE-2013-5553 (Multiple memory leaks in Cisco IOS 15.1 before 15.1(4)M7 allow remote  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5552
+CVE-2013-5552 (Cisco IOS 12.4(24)MDB9 and earlier on Content Services Gateway (CSG) d ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5551
+CVE-2013-5551 (Cisco Adaptive Security Appliance (ASA) Software, when certain same-se ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5550
+CVE-2013-5550 (The fabric-interconnect component in Cisco Unified Computing System (U ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-5549
+CVE-2013-5549 (Cisco IOS XR 3.8.1 through 4.2.0 does not properly process fragmented  ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-5548
+CVE-2013-5548 (The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC is use ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5547
+CVE-2013-5547 (Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attac ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5546
+CVE-2013-5546 (The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 b ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5545
+CVE-2013-5545 (The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5544
+CVE-2013-5544 (The VPN authentication functionality in Cisco Adaptive Security Applia ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5543
+CVE-2013-5543 (Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devic ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5542
+CVE-2013-5542 (Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.2),  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5541
+CVE-2013-5541 (Cross-site scripting (XSS) vulnerability in the file-upload interface  ...)
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-5540
+CVE-2013-5540 (The file-upload feature in Cisco Identity Services Engine (ISE) allows ...)
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-5539
+CVE-2013-5539 (The upload-dialog implementation in Cisco Identity Services Engine (IS ...)
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-5538
+CVE-2013-5538 (The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak p ...)
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-5537
+CVE-2013-5537 (The web framework on Cisco Web Security Appliance (WSA), Email Securit ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5536
+CVE-2013-5536 (Cisco Secure Access Control System (ACS) does not properly implement a ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5535
+CVE-2013-5535 (The analytics page on Cisco Video Surveillance 4000 IP cameras has har ...)
 	NOT-FOR-US: Cisco Video Surveillance 4000 IP cameras
-CVE-2013-5534
+CVE-2013-5534 (Directory traversal vulnerability in the attachment service in the Voi ...)
 	NOT-FOR-US: Cisco Unity Connection
-CVE-2013-5533
+CVE-2013-5533 (The image-upgrade functionality on Cisco 9900 Unified IP phones allows ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5532
+CVE-2013-5532 (Buffer overflow in the web-application interface on Cisco 9900 IP phon ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5531
+CVE-2013-5531 (Cisco Identity Services Engine (ISE) 1.x before 1.1.1 allows remote at ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5530
+CVE-2013-5530 (The web framework in Cisco Identity Services Engine (ISE) 1.0 and 1.1. ...)
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-5529
+CVE-2013-5529 (The deployment module in the server in Cisco WebEx Meeting Center does ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2013-5528
+CVE-2013-5528 (Directory traversal vulnerability in the Tomcat administrative web int ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-5527
+CVE-2013-5527 (The OSPF functionality in Cisco IOS and IOS XE allows remote attackers ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5526
+CVE-2013-5526 (Cisco 9900 fourth-generation IP phones do not properly perform SDP neg ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5525
+CVE-2013-5525 (SQL injection vulnerability in the web framework in Cisco Identity Ser ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5524
+CVE-2013-5524 (Cross-site scripting (XSS) vulnerability in the troubleshooting page i ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5523
+CVE-2013-5523 (The Sponsor Portal in Cisco Identity Services Engine (ISE) 1.2 and ear ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5522
+CVE-2013-5522 (Cisco IOS on Catalyst 3750X switches has default Service Module creden ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5521
+CVE-2013-5521 (Cisco Identity Services Engine does not properly restrict the creation ...)
 	NOT-FOR-US: Cisco
 CVE-2013-5520
 	RESERVED
-CVE-2013-5519
+CVE-2013-5519 (Cross-site scripting (XSS) vulnerability in the management interface o ...)
 	NOT-FOR-US: Cisco
 CVE-2013-5518
 	RESERVED
-CVE-2013-5517
+CVE-2013-5517 (SQL injection vulnerability in the web framework in Cisco Unified Comm ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5516
+CVE-2013-5516 (The Media Snapshot implementation on Cisco TelePresence Multipoint Swi ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5515
+CVE-2013-5515 (The Clientless SSL VPN feature in Cisco Adaptive Security Appliance (A ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2013-5514
 	RESERVED
-CVE-2013-5513
+CVE-2013-5513 (Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46 ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5512
+CVE-2013-5512 (Race condition in the HTTP Deep Packet Inspection (DPI) feature in Cis ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5511
+CVE-2013-5511 (The Adaptive Security Device Management (ASDM) remote-management featu ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5510
+CVE-2013-5510 (The remote-access VPN implementation in Cisco Adaptive Security Applia ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5509
+CVE-2013-5509 (The SSL implementation in Cisco Adaptive Security Appliance (ASA) Soft ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5508
+CVE-2013-5508 (The SQL*Net inspection engine in Cisco Adaptive Security Appliance (AS ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5507
+CVE-2013-5507 (The IPsec implementation in Cisco Adaptive Security Appliance (ASA) So ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5506
+CVE-2013-5506 (The authorization functionality in Cisco Firewall Services Module (FWS ...)
 	NOT-FOR-US: Cisco Firewall Services Module
-CVE-2013-5505
+CVE-2013-5505 (Cross-site scripting (XSS) vulnerability in an administration page in  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5504
+CVE-2013-5504 (Cross-site scripting (XSS) vulnerability in the Mobile Device Manageme ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5503
+CVE-2013-5503 (The UDP process in Cisco IOS XR 4.3.1 does not free packet memory upon ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5502
+CVE-2013-5502 (The web interface in Cisco MediaSense does not properly protect the cl ...)
 	NOT-FOR-US: Cisco MediaSense
-CVE-2013-5501
+CVE-2013-5501 (Cross-site scripting (XSS) vulnerability in the oraservice page in Cis ...)
 	NOT-FOR-US: Cisco MediaSense
-CVE-2013-5500
+CVE-2013-5500 (Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin se ...)
 	NOT-FOR-US: Cisco MediaSense
-CVE-2013-5499
+CVE-2013-5499 (The remember feature in the DHCP server in Cisco IOS allows remote att ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5498
+CVE-2013-5498 (The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-5497
+CVE-2013-5497 (The authentication manager process in the web framework in Cisco Intru ...)
 	NOT-FOR-US: Cisco Intrusion Prevention System
-CVE-2013-5496
+CVE-2013-5496 (Open Network Environment Platform (ONEP) in Cisco NX-OS allows remote  ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-5495
+CVE-2013-5495 (Cross-site scripting (XSS) vulnerability in the web framework in the A ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2013-5494
+CVE-2013-5494 (Cross-site request forgery (CSRF) vulnerability in the web framework i ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2013-5493
+CVE-2013-5493 (The diagnostic module in the firmware on Cisco Virtualization Experien ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5492
+CVE-2013-5492 (administration.jsp in Cisco SocialMiner allows remote attackers to obt ...)
 	NOT-FOR-US: Cisco
 CVE-2013-5491
 	RESERVED
-CVE-2013-5490
+CVE-2013-5490 (Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows re ...)
 	NOT-FOR-US: Cisco Prime Data Center Network Manager
-CVE-2013-5489
+CVE-2013-5489 (The gadget implementation in Cisco SocialMiner does not properly restr ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5488
+CVE-2013-5488 (Cisco Common Services, as used in Cisco Prime LAN Management Solution  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5487
+CVE-2013-5487 (DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) befo ...)
 	NOT-FOR-US: Cisco Prime Data Center Network Manager
-CVE-2013-5486
+CVE-2013-5486 (Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN  ...)
 	NOT-FOR-US: Cisco Prime Data Center Network Manager
 CVE-2013-5485
 	RESERVED
 CVE-2013-5484
 	RESERVED
-CVE-2013-5483
+CVE-2013-5483 (Cross-site scripting (XSS) vulnerability in bookmarklet.jsp in Cisco S ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5482
+CVE-2013-5482 (Cisco Prime LAN Management Solution (LMS) does not properly restrict u ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5481
+CVE-2013-5481 (The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5480
+CVE-2013-5480 (The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15. ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5479
+CVE-2013-5479 (The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15. ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5478
+CVE-2013-5478 (Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF int ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5477
+CVE-2013-5477 (The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 throug ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5476
+CVE-2013-5476 (The Zone-Based Firewall (ZFW) feature in Cisco IOS 15.1 through 15.2,  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5475
+CVE-2013-5475 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 thro ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5474
+CVE-2013-5474 (Race condition in the IPv6 virtual fragmentation reassembly (VFR) impl ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5473
+CVE-2013-5473 (Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3 ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5472
+CVE-2013-5472 (The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5471
+CVE-2013-5471 (Cross-site request forgery (CSRF) vulnerability in the web framework i ...)
 	NOT-FOR-US: Cisco Global Site Selector
-CVE-2013-5470
+CVE-2013-5470 (Cisco Secure Access Control System (ACS) does not properly handle requ ...)
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2013-5469
+CVE-2013-5469 (The TCP implementation in Cisco IOS does not properly implement the tr ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-5468
+CVE-2013-5468 (IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 throug ...)
 	NOT-FOR-US: IBM Algo One
-CVE-2013-5467
+CVE-2013-5467 (Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, ...)
 	NOT-FOR-US: IBM Tivoli Monitoring
-CVE-2013-5466
+CVE-2013-5466 (The XSLT library in IBM DB2 and DB2 Connect 9.5 through 10.5, and the  ...)
 	NOT-FOR-US: IBM DB2 and DB2 Connect
-CVE-2013-5465
+CVE-2013-5465 (IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7. ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5464
+CVE-2013-5464 (IBM Maximo Asset Management 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 befo ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5463
+CVE-2013-5463 (The WinCollect agent in IBM Security QRadar SIEM before 7.1.1.569824 a ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2013-5462
+CVE-2013-5462 (IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM Con ...)
 	NOT-FOR-US: IBM
-CVE-2013-5461
+CVE-2013-5461 (IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Rem ...)
 	NOT-FOR-US: IBM
-CVE-2013-5460
+CVE-2013-5460 (IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control  ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5459
+CVE-2013-5459 (Unspecified vulnerability in IBM Rational Software Architect (RSA) Des ...)
 	NOT-FOR-US: IBM
-CVE-2013-5458
+CVE-2013-5458 (Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remo ...)
 	NOT-FOR-US: IBM JDK
-CVE-2013-5457
+CVE-2013-5457 (Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 befo ...)
 	NOT-FOR-US: IBM JDK
-CVE-2013-5456
+CVE-2013-5456 (The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0  ...)
 	NOT-FOR-US: IBM JDK
-CVE-2013-5455
+CVE-2013-5455 (IBM SmartCloud Provisioning 2.1 before FP3 IF0001 allows remote authen ...)
 	NOT-FOR-US: IBM SmartCloud Provisioning
-CVE-2013-5454
+CVE-2013-5454 (IBM WebSphere Portal 6.0 through 6.0.1.7, 6.1.0 through 6.1.0.6 CF27,  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-5453
+CVE-2013-5453 (IBM Security AppScan Enterprise 5.6 through 8.7.0.1 allows remote auth ...)
 	NOT-FOR-US: IBM
-CVE-2013-5452
+CVE-2013-5452 (IBM FileNet Business Process Framework 4.1.0 allows remote authenticat ...)
 	NOT-FOR-US: IBM FileNet Business Process Framework
 CVE-2013-5451
 	RESERVED
-CVE-2013-5450
+CVE-2013-5450 (IBM Security AppScan Enterprise 8.5 through 8.7.0.1, when Jazz authent ...)
 	NOT-FOR-US: IBM
-CVE-2013-5449
+CVE-2013-5449 (Cross-site scripting (XSS) vulnerability in workingSet.jsp in IBM Ecli ...)
 	NOT-FOR-US: IBM
-CVE-2013-5448
+CVE-2013-5448 (Cross-site scripting (XSS) vulnerability in the Right Click Plugin con ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2013-5447
+CVE-2013-5447 (Stack-based buffer overflow in IBM Forms Viewer 4.x before 4.0.0.3 and ...)
 	NOT-FOR-US: IBM Forms Viewer
-CVE-2013-5446
+CVE-2013-5446 (The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 ...)
 	NOT-FOR-US: IBM WebSphere DataPower XC10 appliances
-CVE-2013-5445
+CVE-2013-5445 (IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before I ...)
 	NOT-FOR-US: IBM Cognos
-CVE-2013-5444
+CVE-2013-5444 (The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, ...)
 	NOT-FOR-US: IBM Cognos
-CVE-2013-5443
+CVE-2013-5443 (Cross-site request forgery (CSRF) vulnerability in IBM Cognos Express  ...)
 	NOT-FOR-US: IBM Cognos
-CVE-2013-5442
+CVE-2013-5442 (Cross-site scripting (XSS) vulnerability in the Local Management Inter ...)
 	NOT-FOR-US: IBM
 CVE-2013-5441
 	RESERVED
-CVE-2013-5440
+CVE-2013-5440 (IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows l ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
 CVE-2013-5439
 	RESERVED
-CVE-2013-5438
+CVE-2013-5438 (Cross-site scripting (XSS) vulnerability in the web server in IBM Flex ...)
 	NOT-FOR-US: IBM Flex System Manager
 CVE-2013-5437
 	RESERVED
@@ -5499,135 +5499,135 @@ CVE-2013-5435
 	RESERVED
 CVE-2013-5434
 	RESERVED
-CVE-2013-5433
+CVE-2013-5433 (The Data Growth Solution for JD Edwards EnterpriseOne in IBM InfoSpher ...)
 	NOT-FOR-US: IBM
 CVE-2013-5432
 	RESERVED
-CVE-2013-5431
+CVE-2013-5431 (Open redirect vulnerability in IBM Tivoli Federated Identity Manager ( ...)
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2013-5430
+CVE-2013-5430 (The Jazz Team Server component in IBM Security AppScan Enterprise 8.x  ...)
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-5429
+CVE-2013-5429 (The Risk Based Access functionality in IBM Tivoli Federated Identity M ...)
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2013-5428
+CVE-2013-5428 (IBM WebSphere DataPower XC10 appliances 2.5.0 do not require authentic ...)
 	NOT-FOR-US: IBM WebSphere DataPower XC10 appliances
-CVE-2013-5427
+CVE-2013-5427 (Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Mast ...)
 	NOT-FOR-US: IBM InfoSphere Master Data Management
-CVE-2013-5426
+CVE-2013-5426 (Session fixation vulnerability in IBM InfoSphere Master Data Managemen ...)
 	NOT-FOR-US: IBM
-CVE-2013-5425
+CVE-2013-5425 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-5424
+CVE-2013-5424 (IBM Flex System Manager (FSM) 1.3.0 allows remote attackers to bypass  ...)
 	NOT-FOR-US: IBM Flex System Manager
-CVE-2013-5423
+CVE-2013-5423 (IBM Flex System Manager (FSM) 1.1 through 1.3 before 1.3.2.0 allows re ...)
 	NOT-FOR-US: IBM Flex System Manager
-CVE-2013-5422
+CVE-2013-5422 (The Web Client in IBM Rational ClearQuest 7.1 through 7.1.2.12, 8.0.0. ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2013-5421
+CVE-2013-5421 (Cross-site scripting (XSS) vulnerability in the IMS server before Ifix ...)
 	NOT-FOR-US: IBM
-CVE-2013-5420
+CVE-2013-5420 (The IMS server before Ifix 6 in IBM Security Access Manager for Enterp ...)
 	NOT-FOR-US: IBM Security Access Manager
-CVE-2013-5419
+CVE-2013-5419 (Multiple buffer overflows in (1) mkque and (2) mkquedev in bos.rte.pri ...)
 	NOT-FOR-US: IBM AIX
-CVE-2013-5418
+CVE-2013-5418 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-5417
+CVE-2013-5417 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-5416
+CVE-2013-5416 (Unspecified vulnerability in IBM Rational ClearCase through 7.1.2.12,  ...)
 	NOT-FOR-US: IBM Rational ClearCase
-CVE-2013-5415
+CVE-2013-5415 (Buffer overflow in IBM Rational ClearCase through 7.1.2.12, 8.0.0.x be ...)
 	NOT-FOR-US: IBM Rational ClearCase
-CVE-2013-5414
+CVE-2013-5414 (The migration functionality in IBM WebSphere Application Server (WAS)  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-5413
+CVE-2013-5413 (IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not i ...)
 	NOT-FOR-US: IBM
 CVE-2013-5412
 	RESERVED
-CVE-2013-5411
+CVE-2013-5411 (IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow re ...)
 	NOT-FOR-US: IBM
 CVE-2013-5410
 	RESERVED
-CVE-2013-5409
+CVE-2013-5409 (Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator  ...)
 	NOT-FOR-US: IBM
 CVE-2013-5408
 	RESERVED
-CVE-2013-5407
+CVE-2013-5407 (IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not p ...)
 	NOT-FOR-US: IBM
-CVE-2013-5406
+CVE-2013-5406 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2 ...)
 	NOT-FOR-US: IBM
-CVE-2013-5405
+CVE-2013-5405 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2 ...)
 	NOT-FOR-US: IBM
-CVE-2013-5404
+CVE-2013-5404 (Cross-site scripting (XSS) vulnerability in the search implementation  ...)
 	NOT-FOR-US: IBM Rational Quality Manager
-CVE-2013-5403
+CVE-2013-5403 (Unspecified vulnerability on the IBM WebSphere DataPower XC10 applianc ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-5402
+CVE-2013-5402 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM
-CVE-2013-5401
+CVE-2013-5401 (The command-port listener in IBM WebSphere MQ Internet Pass-Thru (MQIP ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2013-5400
+CVE-2013-5400 (An unspecified servlet in IBM Platform Symphony Developer Edition (DE) ...)
 	NOT-FOR-US: IBM Platform Symphony Developer Edition
 CVE-2013-5399
 	RESERVED
-CVE-2013-5398
+CVE-2013-5398 (Unspecified vulnerability in the Webservice Axis Gateway in IBM Ration ...)
 	NOT-FOR-US: IBM
-CVE-2013-5397
+CVE-2013-5397 (Unspecified vulnerability in the Webservice Axis Gateway in IBM Ration ...)
 	NOT-FOR-US: IBM
 CVE-2013-5396
 	RESERVED
-CVE-2013-5395
+CVE-2013-5395 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, an ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5394
+CVE-2013-5394 (The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8. ...)
 	NOT-FOR-US: IBM WebSphere eXtreme Scale
-CVE-2013-5393
+CVE-2013-5393 (The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8. ...)
 	NOT-FOR-US: IBM WebSphere eXtreme Scale
 CVE-2013-5392
 	RESERVED
-CVE-2013-5391
+CVE-2013-5391 (IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix  ...)
 	NOT-FOR-US: IBM
-CVE-2013-5390
+CVE-2013-5390 (Cross-site scripting (XSS) vulnerability in the monitoring console in  ...)
 	NOT-FOR-US: IBM WebSphere eXtreme Scale
-CVE-2013-5389
+CVE-2013-5389 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 ...)
 	NOT-FOR-US: IBM Domino
-CVE-2013-5388
+CVE-2013-5388 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 ...)
 	NOT-FOR-US: IBM Domino
-CVE-2013-5387
+CVE-2013-5387 (Buffer overflow in IBM Platform Symphony 5.2, 6.1, and 6.1.1 allows re ...)
 	NOT-FOR-US: IBM
 CVE-2013-5386
 	RESERVED
-CVE-2013-5385
+CVE-2013-5385 (The OSPF implementation in IBM i 6.1 and 7.1, in z/OS on zSeries serve ...)
 	NOT-FOR-US: IBM
 CVE-2013-5384
 	RESERVED
-CVE-2013-5383
+CVE-2013-5383 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, an ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5382
+CVE-2013-5382 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, an ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5381
+CVE-2013-5381 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, a ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5380
+CVE-2013-5380 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, an ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-5379
+CVE-2013-5379 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.x b ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-5378
+CVE-2013-5378 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.x b ...)
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2013-5377
 	RESERVED
-CVE-2013-5376
+CVE-2013-5376 (Cross-site scripting (XSS) vulnerability in IBM Storwize V7000 Unified ...)
 	NOT-FOR-US: IBM Storwize V7000 Unified
-CVE-2013-5375
+CVE-2013-5375 (Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 befo ...)
 	NOT-FOR-US: IBM JDK
 CVE-2013-5374
 	RESERVED
-CVE-2013-5373
+CVE-2013-5373 (The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through  ...)
 	NOT-FOR-US: IBM Rational ClearCase
-CVE-2013-5372
+CVE-2013-5372 (The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12,  ...)
 	NOT-FOR-US: IBM
-CVE-2013-5371
+CVE-2013-5371 (The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Wind ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2013-5370
+CVE-2013-5370 (Unspecified vulnerability in IBM SPSS Collaboration and Deployment Ser ...)
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-5369
+CVE-2013-5369 (IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1 ...)
 	NOT-FOR-US: IBM SPSS Analytical Decision Management
 CVE-2013-5368
 	RESERVED
@@ -5635,9 +5635,9 @@ CVE-2013-5367
 	RESERVED
 CVE-2013-5366
 	RESERVED
-CVE-2013-5365
+CVE-2013-5365 (Heap-based buffer overflow in Autodesk SketchBook for Enterprise 2014, ...)
 	NOT-FOR-US: Autodesk SketchBook
-CVE-2013-5364
+CVE-2013-5364 (Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and ...)
 	NOT-FOR-US: Secunia CSI Agent
 CVE-2013-5363
 	RESERVED
@@ -5647,27 +5647,27 @@ CVE-2013-5361
 	RESERVED
 CVE-2013-5360
 	RESERVED
-CVE-2013-5359
+CVE-2013-5359 (Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9 ...)
 	NOT-FOR-US: Google Picasa
-CVE-2013-5358
+CVE-2013-5358 (Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote a ...)
 	NOT-FOR-US: Google Picasa
-CVE-2013-5357
+CVE-2013-5357 (Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 13 ...)
 	NOT-FOR-US: Google Picasa
-CVE-2013-5356
+CVE-2013-5356 (Sharetronix 3.1.1.3, 3.1.1, and earlier does not properly restrict acc ...)
 	NOT-FOR-US: Sharetronix
-CVE-2013-5355
+CVE-2013-5355 (Multiple cross-site request forgery (CSRF) vulnerabilities in Sharetro ...)
 	NOT-FOR-US: Sharetronix
-CVE-2013-5354
+CVE-2013-5354 (Multiple SQL injection vulnerabilities in Sharetronix 3.1.1 allow remo ...)
 	NOT-FOR-US: Sharetronix
-CVE-2013-5353
+CVE-2013-5353 (Unrestricted file upload vulnerability in system/controllers/ajax/atta ...)
 	NOT-FOR-US: Sharetronix
-CVE-2013-5352
+CVE-2013-5352 (Sharetronix 3.1.1.3, 3.1.1, and earlier allows remote attackers to exe ...)
 	NOT-FOR-US: Sharetronix
-CVE-2013-5351
+CVE-2013-5351 (Heap-based buffer overflow in IrfanView before 4.37 allows remote atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2013-5350
+CVE-2013-5350 (The "Remember me" feature in the opSecurityUser::getRememberLoginCooki ...)
 	NOT-FOR-US: OpenPNE
-CVE-2013-5349
+CVE-2013-5349 (Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 1 ...)
 	NOT-FOR-US: Google Picasa
 CVE-2013-5348
 	REJECTED
@@ -5697,76 +5697,76 @@ CVE-2013-5336
 	REJECTED
 CVE-2013-5335
 	REJECTED
-CVE-2013-5334
+CVE-2013-5334 (Adobe Shockwave Player before 12.0.7.148 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-5333
+CVE-2013-5333 (Adobe Shockwave Player before 12.0.7.148 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-5332
+CVE-2013-5332 (Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-5331
+CVE-2013-5331 (Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-5330
+CVE-2013-5330 (Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-5329
+CVE-2013-5329 (Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-5328
+CVE-2013-5328 (Adobe ColdFusion 10 before Update 12 allows remote attackers to read a ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-5327
+CVE-2013-5327 (MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary c ...)
 	NOT-FOR-US: Adobe RoboHelp
-CVE-2013-5326
+CVE-2013-5326 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 befor ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-5325
+CVE-2013-5325 (Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote a ...)
 	NOT-FOR-US: Adobe
-CVE-2013-5324
+CVE-2013-5324 (Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-5323
+CVE-2013-5323 (Cross-site scripting (XSS) vulnerability in the Static Info Tables (st ...)
 	NOT-FOR-US: TYPO3 extension (Static Info Tables)
-CVE-2013-5322
+CVE-2013-5322 (SQL injection vulnerability in the CoolURI extension before 1.0.30 for ...)
 	NOT-FOR-US: TYPO3 extension (CoolURI)
-CVE-2013-5321
+CVE-2013-5321 (Multiple SQL injection vulnerabilities in AlienVault Open Source Secur ...)
 	NOT-FOR-US: AlienVault Open Source Security Information Management
-CVE-2013-5320
+CVE-2013-5320 (Cross-site scripting (XSS) vulnerability in Forums/EditPost.aspx in mo ...)
 	NOT-FOR-US: mojoPortal
-CVE-2013-5319
+CVE-2013-5319 (Cross-site scripting (XSS) vulnerability in secure/admin/user/views/de ...)
 	NOT-FOR-US: Atlassian JIRA
-CVE-2013-5318
+CVE-2013-5318 (SQL injection vulnerability in Ginkgo CMS 5.0 allows remote attackers  ...)
 	NOT-FOR-US: Ginkgo CMS
-CVE-2013-5317
+CVE-2013-5317 (Cross-site scripting (XSS) vulnerability in RiteCMS 1.0.0 allows remot ...)
 	NOT-FOR-US: RiteCMS
-CVE-2013-5316
+CVE-2013-5316 (Cross-site request forgery (CSRF) vulnerability in RiteCMS 1.0.0 allow ...)
 	NOT-FOR-US: RiteCMS
-CVE-2013-5313
+CVE-2013-5313 (Cross-site request forgery (CSRF) vulnerability in core/admin/modules/ ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2013-5312
+CVE-2013-5312 (Multiple cross-site scripting (XSS) vulnerabilities in Vastal I-Tech p ...)
 	NOT-FOR-US: Vastal I-Tech phpVID
-CVE-2013-5311
+CVE-2013-5311 (Multiple SQL injection vulnerabilities in Vastal I-Tech phpVID 1.2.3 a ...)
 	NOT-FOR-US: Vastal I-Tech phpVID
-CVE-2013-5315
+CVE-2013-5315 (Cross-site scripting (XSS) vulnerability in the Resource Manager in th ...)
 	NOT-FOR-US: Drupal module
-CVE-2013-5314
+CVE-2013-5314 (Cross-site scripting (XSS) vulnerability in serendipity_admin_image_se ...)
 	- serendipity <removed>
 	[squeeze] - serendipity <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-5310
+CVE-2013-5310 (SQL injection vulnerability in the DB Integration (wfqbe) extension be ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2013-5309
+CVE-2013-5309 (Cross-site scripting (XSS) vulnerability in install/forum_data/src/cus ...)
 	NOT-FOR-US: FUDforum
-CVE-2013-5308
+CVE-2013-5308 (Cross-site scripting (XSS) vulnerability in the RealURL Management (re ...)
 	NOT-FOR-US: TYPO3 extension
-CVE-2013-5307
+CVE-2013-5307 (Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_sea ...)
 	NOT-FOR-US: Faceted Search Typo3 extension
-CVE-2013-5306
+CVE-2013-5306 (SQL injection vulnerability in the Browser - TYPO3 without PHP (browse ...)
 	NOT-FOR-US: TYPO3 Extension
-CVE-2013-5305
+CVE-2013-5305 (Cross-site scripting (XSS) vulnerability in the Store Locator (locator ...)
 	NOT-FOR-US: typo3 third party component (locator)
-CVE-2013-5304
+CVE-2013-5304 (SQL injection vulnerability in the Store Locator (locator) extension b ...)
 	NOT-FOR-US: typo3 third party component (locator)
-CVE-2013-5303
+CVE-2013-5303 (Unspecified vulnerability in the Store Locator (locator) extension bef ...)
 	NOT-FOR-US: typo3 third party component (locator)
-CVE-2013-5302
+CVE-2013-5302 (SQL injection vulnerability in the Faceted Search (ke_search) extensio ...)
 	NOT-FOR-US: Faceted Search Typo3 extension
-CVE-2013-5301
+CVE-2013-5301 (Directory traversal vulnerability in help.php in Trustport Webfilter 5 ...)
 	NOT-FOR-US: Trustport Webfilter
-CVE-2013-5300
+CVE-2013-5300 (Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open ...)
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2013-5299
 	RESERVED
@@ -5908,33 +5908,33 @@ CVE-2013-5231
 	RESERVED
 CVE-2013-5230
 	RESERVED
-CVE-2013-5229
+CVE-2013-5229 (The Remote Desktop full-screen feature in Apple OS X before 10.9 and A ...)
 	NOT-FOR-US: Apple
-CVE-2013-5228
+CVE-2013-5228 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-5227
+CVE-2013-5227 (Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers ...)
 	NOT-FOR-US: Safari
 CVE-2013-5226
 	RESERVED
-CVE-2013-5225
+CVE-2013-5225 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2013-5224
 	RESERVED
-CVE-2013-5223
+CVE-2013-5223 (Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760 ...)
 	NOT-FOR-US: D-Link DSL-2760U Gateway
-CVE-2013-5222
+CVE-2013-5222 (Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for ...)
 	NOT-FOR-US: ESRI ArcGIS
-CVE-2013-5221
+CVE-2013-5221 (The mobile-upload feature in Esri ArcGIS for Server 10.1 through 10.2  ...)
 	NOT-FOR-US: Esri ArcGIS
-CVE-2013-5220
+CVE-2013-5220 (goform/login on the HOT HOTBOX router with software 2.1.11 allows remo ...)
 	NOT-FOR-US: HOT HOTBOX router
-CVE-2013-5219
+CVE-2013-5219 (Directory traversal vulnerability on the HOT HOTBOX router with softwa ...)
 	NOT-FOR-US: HOT HOTBOX router
-CVE-2013-5218
+CVE-2013-5218 (Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with ...)
 	NOT-FOR-US: HOT HOTBOX router
-CVE-2013-5216
+CVE-2013-5216 (Directory traversal vulnerability in logreader/uploadreader.jsp in Cap ...)
 	NOT-FOR-US: Performance Guard
-CVE-2013-5215
+CVE-2013-5215 (Cross-site scripting (XSS) vulnerability in the web interface "WiFi sc ...)
 	NOT-FOR-US: FOSCAM Wireless IP Camera
 CVE-2013-5214
 	RESERVED
@@ -5943,7 +5943,7 @@ CVE-2013-5213
 CVE-2013-5212
 	RESERVED
 	NOT-FOR-US: easyXDM
-CVE-2013-5211
+CVE-2013-5211 (The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 al ...)
 	- ntp 1:4.2.8p3+dfsg-1 (low; bug #733940)
 	[jessie] - ntp <no-dsa> (No backportable code fix exists, default configuration is safe, tiny subsection of affected users can run a backport)
 	[wheezy] - ntp <no-dsa> (No backportable code fix exists, default configuration is safe, tiny subsection of affected users can run a backport)
@@ -5951,16 +5951,16 @@ CVE-2013-5211
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=1532
 	NOTE: mitigated if noquery used. Only a problem for (public) ntp servers allowing
 	NOTE: querying ntpd status, so allowing monlist
-CVE-2013-5210
+CVE-2013-5210 (Cross-site scripting (XSS) vulnerability in the GUI login page in ADTR ...)
 	NOT-FOR-US: Adtran Netvanta
-CVE-2013-5209
+CVE-2013-5209 (The sctp_send_initiate_ack function in sys/netinet/sctp_output.c in th ...)
 	{DSA-2743-1}
 	- kfreebsd-8 <removed> (bug #720476)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	- kfreebsd-9 9.2~svn254368-2 (bug #720475)
 	- kfreebsd-10 10.0~svn254663-1 (bug #720478)
-CVE-2013-5208
+CVE-2013-5208 (HR Systems Strategies info:HR HRIS 7.9 does not properly protect the d ...)
 	NOT-FOR-US: HR Systems Strategies
 CVE-2013-5207
 	RESERVED
@@ -5976,157 +5976,157 @@ CVE-2013-5202
 	RESERVED
 CVE-2013-5201
 	RESERVED
-CVE-2013-5200
+CVE-2013-5200 (The (1) REST and (2) memcache interfaces in the Hazelcast cluster API  ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-5199
+CVE-2013-5199 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-5198
+CVE-2013-5198 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-5197
+CVE-2013-5197 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-5196
+CVE-2013-5196 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-5195
+CVE-2013-5195 (WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2013-5194
 	RESERVED
-CVE-2013-5193
+CVE-2013-5193 (The App Store component in Apple iOS before 7.0.4 does not properly en ...)
 	NOT-FOR-US: Apple
-CVE-2013-5192
+CVE-2013-5192 (The USB hub controller in Apple Mac OS X before 10.9 allows local user ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5191
+CVE-2013-5191 (The syslog implementation in Apple Mac OS X before 10.9 allows local u ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5190
+CVE-2013-5190 (Smart Card Services in Apple Mac OS X before 10.9 does not properly im ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5189
+CVE-2013-5189 (Apple Mac OS X before 10.9 does not preserve a certain administrative  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5188
+CVE-2013-5188 (The Screen Lock implementation in Apple Mac OS X before 10.9, when hib ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5187
+CVE-2013-5187 (The Screen Lock implementation in Apple Mac OS X before 10.9 does not  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5186
+CVE-2013-5186 (Power Management in Apple Mac OS X before 10.9 does not properly handl ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5185
+CVE-2013-5185 (The ldapsearch command-line program in OpenLDAP in Apple Mac OS X befo ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5184
+CVE-2013-5184 (The kernel in Apple Mac OS X before 10.9 does not properly check for e ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5183
+CVE-2013-5183 (Mail in Apple Mac OS X before 10.9, when Kerberos authentication is en ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5182
+CVE-2013-5182 (Mail in Apple Mac OS X before 10.9 allows remote attackers to spoof th ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5181
+CVE-2013-5181 (The auto-configuration feature in Mail in Apple Mac OS X before 10.9 s ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5180
+CVE-2013-5180 (The srandomdev function in Libc in Apple Mac OS X before 10.9, when th ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5179
+CVE-2013-5179 (App Sandbox in Apple Mac OS X before 10.9 allows attackers to bypass i ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5178
+CVE-2013-5178 (LaunchServices in Apple Mac OS X before 10.9 does not properly restric ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5177
+CVE-2013-5177 (The kernel in Apple Mac OS X before 10.9 allows local users to cause a ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5176
+CVE-2013-5176 (The kernel in Apple Mac OS X before 10.9 does not properly handle inte ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5175
+CVE-2013-5175 (The kernel in Apple Mac OS X before 10.9 allows local users to obtain  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5174
+CVE-2013-5174 (Integer signedness error in the kernel in Apple Mac OS X before 10.9 a ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5173
+CVE-2013-5173 (The random-number generator in the kernel in Apple Mac OS X before 10. ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5172
+CVE-2013-5172 (The kernel in Apple Mac OS X before 10.9 does not properly determine t ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5171
+CVE-2013-5171 (CoreGraphics in Apple Mac OS X before 10.9 allows local users to bypas ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5170
+CVE-2013-5170 (Buffer underflow in CoreGraphics in Apple Mac OS X before 10.9 allows  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5169
+CVE-2013-5169 (CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5168
+CVE-2013-5168 (Console in Apple Mac OS X before 10.9 allows user-assisted remote atta ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5167
+CVE-2013-5167 (CFNetwork in Apple Mac OS X before 10.9 does not properly support Safa ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5166
+CVE-2013-5166 (The Bluetooth USB host controller in Apple Mac OS X before 10.9 premat ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5165
+CVE-2013-5165 (socketfilterfw in Application Firewall in Apple Mac OS X before 10.9 d ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-5164
+CVE-2013-5164 (Multiple race conditions in the Phone app in Apple iOS before 7.0.3 al ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5163
+CVE-2013-5163 (Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update ...)
 	NOT-FOR-US: Apple OS X
-CVE-2013-5162
+CVE-2013-5162 (Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physi ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5161
+CVE-2013-5161 (Passcode Lock in Apple iOS before 7.0.2 does not properly manage the l ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5160
+CVE-2013-5160 (Passcode Lock in Apple iOS before 7.0.2 on iPhone devices allows physi ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5159
+CVE-2013-5159 (WebKit in Apple iOS before 7 allows remote attackers to bypass the Sam ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5158
+CVE-2013-5158 (The Social subsystem in Apple iOS before 7 does not properly restrict  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5157
+CVE-2013-5157 (The Twitter subsystem in Apple iOS before 7 does not require API confo ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5156
+CVE-2013-5156 (The Telephony subsystem in Apple iOS before 7 does not require API con ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5155
+CVE-2013-5155 (The Sandbox subsystem in Apple iOS before 7 allows attackers to cause  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5154
+CVE-2013-5154 (The Sandbox subsystem in Apple iOS before 7 determines the sandboxing  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5153
+CVE-2013-5153 (Springboard in Apple iOS before 7 does not properly manage the lock st ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5152
+CVE-2013-5152 (Mobile Safari in Apple iOS before 7 allows remote attackers to spoof t ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5151
+CVE-2013-5151 (Mobile Safari in Apple iOS before 7 does not prevent HTML interpretati ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5150
+CVE-2013-5150 (The history-clearing feature in Safari in Apple iOS before 7 does not  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5149
+CVE-2013-5149 (The Push Notifications subsystem in Apple iOS before 7 provides the pu ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5148
+CVE-2013-5148 (Apple Keynote before 6.0 does not properly handle the interaction betw ...)
 	NOT-FOR-US: Apple Keynote
-CVE-2013-5147
+CVE-2013-5147 (Passcode Lock in Apple iOS before 7 does not properly manage the lock  ...)
 	NOT-FOR-US: Apple iOS
 CVE-2013-5146
 	RESERVED
-CVE-2013-5145
+CVE-2013-5145 (kextd in Kext Management in Apple iOS before 7 does not properly verif ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5144
+CVE-2013-5144 (Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physi ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5143
+CVE-2013-5143 (The RADIUS service in Server App in Apple OS X Server before 3.0 selec ...)
 	NOT-FOR-US: Apple OS X Server
-CVE-2013-5142
+CVE-2013-5142 (The kernel in Apple iOS before 7 does not initialize unspecified kerne ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5141
+CVE-2013-5141 (The kernel in Apple iOS before 7 uses an incorrect data size for a cer ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5140
+CVE-2013-5140 (The kernel in Apple iOS before 7 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5139
+CVE-2013-5139 (The IOSerialFamily driver in Apple iOS before 7 allows attackers to ex ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5138
+CVE-2013-5138 (IOCatalogue in IOKitUser in Apple iOS before 7 allows attackers to cau ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5137
+CVE-2013-5137 (IOKit in Apple iOS before 7 allows attackers to send user-interface ev ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5136
+CVE-2013-5136 (Apple Remote Desktop before 3.7 does not properly use server authentic ...)
 	NOT-FOR-US: Apple Remote Desktop
-CVE-2013-5135
+CVE-2013-5135 (Format string vulnerability in Screen Sharing Server in Apple Mac OS X ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5134
 	REJECTED
-CVE-2013-5133
+CVE-2013-5133 (Backup in Apple iOS before 7.1 does not properly restrict symlinks, wh ...)
 	NOT-FOR-US: Apple
-CVE-2013-5132
+CVE-2013-5132 (Apple AirPort Base Station Firmware before 7.6.4 does not properly han ...)
 	NOT-FOR-US: Apple AirPort
-CVE-2013-5131
+CVE-2013-5131 (Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5130
+CVE-2013-5130 (WebKit in Apple Safari before 6.1 disables the Private Browsing featur ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-5129
+CVE-2013-5129 (Multiple cross-site scripting (XSS) vulnerabilities in WebKit in Apple ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5128
+CVE-2013-5128 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5127
+CVE-2013-5127 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5126
+CVE-2013-5126 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-5125
+CVE-2013-5125 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
 CVE-2013-5124
 	RESERVED
@@ -6139,15 +6139,15 @@ CVE-2013-5123 [insecure mirroring]
 CVE-2013-5122
 	RESERVED
 	NOT-FOR-US: Linksys
-CVE-2013-5121
+CVE-2013-5121 (SQL injection vulnerability in PHPFox before 3.6.0 (build6) allows rem ...)
 	NOT-FOR-US: PHPFox
-CVE-2013-5120
+CVE-2013-5120 (SQL injection vulnerability in PHPFox before 3.6.0 (build4) allows rem ...)
 	NOT-FOR-US: PHPFox
-CVE-2013-5119
+CVE-2013-5119 (Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier allows man-in-the- ...)
 	NOT-FOR-US: Zimbra Collaboration Suite
-CVE-2013-5118
+CVE-2013-5118 (Cross-site scripting (XSS) vulnerability in the Good for Enterprise ap ...)
 	NOT-FOR-US: Good for Enterprise app for iOS
-CVE-2013-5117
+CVE-2013-5117 (SQL injection vulnerability in the RSS page (DNNArticleRSS.aspx) in th ...)
 	NOT-FOR-US: DotNetNuke
 CVE-2013-5116
 	RESERVED
@@ -6165,9 +6165,9 @@ CVE-2013-5110
 	RESERVED
 CVE-2013-5109
 	RESERVED
-CVE-2013-5108
+CVE-2013-5108 (Multiple cross-site scripting (XSS) vulnerabilities in the xn function ...)
 	- rockmongo <itp> (bug #702961)
-CVE-2013-5107
+CVE-2013-5107 (Directory traversal vulnerability in RockMongo 1.1.5 and earlier allow ...)
 	- rockmongo <itp> (bug #702961)
 CVE-2013-5106
 	RESERVED
@@ -6181,26 +6181,26 @@ CVE-2013-5102
 	RESERVED
 CVE-2013-5101
 	RESERVED
-CVE-2013-5100
+CVE-2013-5100 (Cross-site scripting (XSS) vulnerability in the Static Methods since 2 ...)
 	NOT-FOR-US: TYPO3 extension Static Methods
-CVE-2013-5099
+CVE-2013-5099 (Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS  ...)
 	NOT-FOR-US: Anchor CMS
-CVE-2013-5098
+CVE-2013-5098 (Cross-site scripting (XSS) vulnerability in admin/admin.php in the Dow ...)
 	NOT-FOR-US: WordPress plugin download-monitor
-CVE-2013-5097
+CVE-2013-5097 (Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance a ...)
 	NOT-FOR-US: Juniper Junos Space
-CVE-2013-5096
+CVE-2013-5096 (Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance a ...)
 	NOT-FOR-US: Juniper Junos Space
-CVE-2013-5095
+CVE-2013-5095 (Cross-site scripting (XSS) vulnerability in the web-based interface in ...)
 	NOT-FOR-US: Juniper Junos Space
-CVE-2013-5094
+CVE-2013-5094 (Cross-site scripting (XSS) vulnerability in index.exp in McAfee Vulner ...)
 	NOT-FOR-US: McAfee Vulnerability Manager
-CVE-2013-5093
+CVE-2013-5093 (The renderLocalView function in render/views.py in graphite-web in Gra ...)
 	- graphite-web 0.9.12+debian-1 (bug #720454)
 	NOTE: http://ceriksen.com/2013/08/20/graphite-remote-code-execution-vulnerability-advisory/
-CVE-2013-5092
+CVE-2013-5092 (Cross-site scripting (XSS) vulnerability in afa/php/Login.php in AlgoS ...)
 	NOT-FOR-US: AlgoSec Firewall Analyzer
-CVE-2013-5091
+CVE-2013-5091 (SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0  ...)
 	NOT-FOR-US: vTiger CRM
 CVE-2013-5090
 	REJECTED
@@ -6238,7 +6238,7 @@ CVE-2013-5074
 	REJECTED
 CVE-2013-5073
 	REJECTED
-CVE-2013-5072
+CVE-2013-5072 (Cross-site scripting (XSS) vulnerability in Outlook Web Access in Micr ...)
 	NOT-FOR-US: Microsoft Exchange Server OWA
 CVE-2013-5071
 	REJECTED
@@ -6252,7 +6252,7 @@ CVE-2013-5067
 	REJECTED
 CVE-2013-5066
 	REJECTED
-CVE-2013-5065
+CVE-2013-5065 (NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Serv ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-5064
 	REJECTED
@@ -6264,119 +6264,119 @@ CVE-2013-5061
 	REJECTED
 CVE-2013-5060
 	REJECTED
-CVE-2013-5059
+CVE-2013-5059 (Microsoft SharePoint Server 2010 SP1 and SP2 and 2013, and Office Web  ...)
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2013-5058
+CVE-2013-5058 (Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP ...)
 	NOT-FOR-US: Microsoft Windows Kernel
-CVE-2013-5057
+CVE-2013-5057 (hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not im ...)
 	NOT-FOR-US: Microsoft Windows Kernel
-CVE-2013-5056
+CVE-2013-5056 (Use-after-free vulnerability in the Scripting Runtime Object Library i ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-5055
 	REJECTED
-CVE-2013-5054
+CVE-2013-5054 (Microsoft Office 2013 and 2013 RT allows remote attackers to discover  ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2013-5053
 	REJECTED
-CVE-2013-5052
+CVE-2013-5052 (Microsoft Internet Explorer 7 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-5051
+CVE-2013-5051 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-5050
 	REJECTED
-CVE-2013-5049
+CVE-2013-5049 (Microsoft Internet Explorer 6 through 9 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-5048
+CVE-2013-5048 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-5047
+CVE-2013-5047 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-5046
+CVE-2013-5046 (Microsoft Internet Explorer 7 through 11 allows local users to bypass  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-5045
+CVE-2013-5045 (Microsoft Internet Explorer 10 and 11 allows local users to bypass the ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-5044
 	REJECTED
 CVE-2013-5043
 	REJECTED
-CVE-2013-5042
+CVE-2013-5042 (Cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR  ...)
 	NOT-FOR-US: Microsoft ASP.NET SignalR
 CVE-2013-5041
 	REJECTED
 CVE-2013-5040
 	RESERVED
-CVE-2013-5039
+CVE-2013-5039 (Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSec ...)
 	NOT-FOR-US: HOT HOTBOX router
-CVE-2013-5038
+CVE-2013-5038 (The HOT HOTBOX router with software 2.1.11 allows remote attackers to  ...)
 	NOT-FOR-US: HOT HOTBOX router
-CVE-2013-5037
+CVE-2013-5037 (The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12 ...)
 	NOT-FOR-US: HOT HOTBOX router
-CVE-2013-5036
+CVE-2013-5036 (The Square Squash allows remote attackers to execute arbitrary code vi ...)
 	NOT-FOR-US: Square Squash
-CVE-2013-5035
+CVE-2013-5035 (Multiple race conditions in HtmlCleaner before 2.6, as used in Open-Xc ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-5034
+CVE-2013-5034 (Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2 ...)
 	NOT-FOR-US: Atmail
-CVE-2013-5033
+CVE-2013-5033 (Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2 ...)
 	NOT-FOR-US: Atmail
-CVE-2013-5032
+CVE-2013-5032 (Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2 ...)
 	NOT-FOR-US: Atmail
-CVE-2013-5031
+CVE-2013-5031 (Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2 ...)
 	NOT-FOR-US: Atmail
-CVE-2013-5030
+CVE-2013-5030 (Ruckus Wireless Zoneflex 2942 devices with firmware 9.6.0.0.267 allow  ...)
 	NOT-FOR-US: Ruckus Wireless Zoneflex
-CVE-2013-5029
+CVE-2013-5029 (phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to byp ...)
 	- phpmyadmin 4:4.0.5-1
 	[squeeze] - phpmyadmin <no-dsa> (Backport not feasible and X-Frame-Options protection enough on any modern browser)
 	[wheezy] - phpmyadmin <no-dsa> (Backport not feasible and X-Frame-Options protection enough on any modern browser)
-CVE-2013-5028
+CVE-2013-5028 (SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok In ...)
 	NOT-FOR-US: Kwok Information Server
 CVE-2013-5027
 	RESERVED
-CVE-2013-5026
+CVE-2013-5026 (An ActiveX control in lookout650.ocx, lookout660.ocx, and lookout670.o ...)
 	NOT-FOR-US: National Instruments Lookout
-CVE-2013-5025
+CVE-2013-5025 (An ActiveX control in exlauncher.dll in the Help subsystem in National ...)
 	NOT-FOR-US: National Instruments
-CVE-2013-5024
+CVE-2013-5024 (An ActiveX control in NationalInstruments.Help2.dll in National Instru ...)
 	NOT-FOR-US: National Instruments
-CVE-2013-5023
+CVE-2013-5023 (The ActiveX controls in the HelpAsst component in NI Help Links in Nat ...)
 	NOT-FOR-US: National Instruments
-CVE-2013-5022
+CVE-2013-5022 (Absolute path traversal vulnerability in the 3D Graph ActiveX control  ...)
 	NOT-FOR-US: National Instruments
-CVE-2013-5021
+CVE-2013-5021 (Multiple absolute path traversal vulnerabilities in National Instrumen ...)
 	NOT-FOR-US: National Instruments
-CVE-2013-5020
+CVE-2013-5020 (Multiple cross-site scripting (XSS) vulnerabilities in bb_admin.php in ...)
 	NOT-FOR-US: miniBB
-CVE-2013-5019
+CVE-2013-5019 (Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote att ...)
 	NOT-FOR-US: Ultra Mini HTTPD
-CVE-2013-5018
+CVE-2013-5018 (The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not prope ...)
 	- strongswan <not-affected> (Only affects 5.0.4 from experimental)
 	NOTE: The PEM aspect is under control of the administrator, so not a security issue
 	NOTE: The XAuth / EAP Issue only affects 5.0.3/5.0.4
-CVE-2013-5017
+CVE-2013-5017 (SNMPConfig.php in the management console in Symantec Web Gateway (SWG) ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2013-5016
+CVE-2013-5016 (Symantec Critical System Protection (SCSP) before 5.2.9, when installe ...)
 	NOT-FOR-US: Symantec
-CVE-2013-5015
+CVE-2013-5015 (SQL injection vulnerability in the management console in Symantec Endp ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2013-5014
+CVE-2013-5014 (The management console in Symantec Endpoint Protection Manager (SEPM)  ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2013-5013
+CVE-2013-5013 (Multiple cross-site scripting (XSS) vulnerabilities in the management  ...)
 	NOT-FOR-US: Symantec WEB Gateway
-CVE-2013-5012
+CVE-2013-5012 (Multiple SQL injection vulnerabilities in the management console on th ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2013-5011
+CVE-2013-5011 (Unquoted Windows search path vulnerability in the client in Symantec E ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2013-5010
+CVE-2013-5010 (The Application/Device Control (ADC) component in the client in Symant ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2013-5009
+CVE-2013-5009 (The Management Console in Symantec Endpoint Protection (SEP) 11.x befo ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2013-5008
+CVE-2013-5008 (The agent and task-agent components in Symantec Management Platform 7. ...)
 	NOT-FOR-US: Symantec
 CVE-2013-5007
 	RESERVED
-CVE-2013-5006
+CVE-2013-5006 (main_internet.php on the Western Digital My Net N600 and N750 with fir ...)
 	NOT-FOR-US: Western Digital Router
-CVE-2013-5005
+CVE-2013-5005 (Multiple cross-site scripting (XSS) vulnerabilities in ajaxRequest/met ...)
 	NOT-FOR-US: Tripwire Enterprise
 CVE-2013-5004
 	RESERVED
@@ -6392,217 +6392,217 @@ CVE-2013-4990
 	RESERVED
 CVE-2013-4989
 	RESERVED
-CVE-2013-4988
+CVE-2013-4988 (Stack-based buffer overflow in IcoFX 2.5 and earlier allows remote att ...)
 	NOT-FOR-US: IcoFX
-CVE-2013-4987
+CVE-2013-4987 (PineApp Mail-SeCure before 3.70 allows remote authenticated users to g ...)
 	NOT-FOR-US: PinApp
-CVE-2013-4986
+CVE-2013-4986 (Stack-based buffer overflow in PDFAX0722_IconCool.dll 7.22.1125.2121 i ...)
 	NOT-FOR-US: PDFCool
 CVE-2013-4985
 	RESERVED
 	NOT-FOR-US: Vivotek IP Cameras
-CVE-2013-4984
+CVE-2013-4984 (The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos ...)
 	NOT-FOR-US: Sophos Web Protection Appliance
-CVE-2013-4983
+CVE-2013-4983 (The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appl ...)
 	NOT-FOR-US: Sophos Web Protection Appliance
 CVE-2013-4982
 	RESERVED
 	NOT-FOR-US: AVTECH DVR
-CVE-2013-4981
+CVE-2013-4981 (Buffer overflow in cgi-bin/user/Config.cgi in AVTECH AVN801 DVR with f ...)
 	NOT-FOR-US: AVTECH DVR
-CVE-2013-4980
+CVE-2013-4980 (Buffer overflow in the RTSP Packet Handler in AVTECH AVN801 DVR with f ...)
 	NOT-FOR-US: AVTECH DVR
-CVE-2013-4979
+CVE-2013-4979 (Buffer overflow in the gldll32.dll module in EPS Viewer 3.2 and earlie ...)
 	NOT-FOR-US: EPS Viewer
-CVE-2013-4978
+CVE-2013-4978 (Stack-based buffer overflow in AloahaPDFViewer 5.0.0.7 and earlier in  ...)
 	NOT-FOR-US: Aloaha PDF Suite
-CVE-2013-4977
+CVE-2013-4977 (Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E I ...)
 	NOT-FOR-US: Hikvision IP camera
 CVE-2013-4976
 	RESERVED
 CVE-2013-4975
 	RESERVED
-CVE-2013-4974
+CVE-2013-4974 (RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 throug ...)
 	NOT-FOR-US: RealPlayer
-CVE-2013-4973
+CVE-2013-4973 (Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.5 ...)
 	NOT-FOR-US: RealPlayer
 CVE-2013-4972
 	RESERVED
-CVE-2013-4971
+CVE-2013-4971 (Puppet Enterprise before 3.2.0 does not properly restrict access to no ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4970
 	RESERVED
-CVE-2013-4969
+CVE-2013-4969 (Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) be ...)
 	{DSA-2831-1}
 	- puppet 3.4.1-1
 	NOTE: http://puppetlabs.com/security/cve/cve-2013-4969
 CVE-2013-4968
 	RESERVED
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4967
+CVE-2013-4967 (Puppet Enterprise before 3.0.1 allows remote attackers to obtain the d ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4966
+CVE-2013-4966 (The master external node classification script in Puppet Enterprise be ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4965
+CVE-2013-4965 (Puppet Enterprise before 3.1.0 does not properly restrict the number o ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4964
+CVE-2013-4964 (Puppet Enterprise before 3.0.1 does not set the secure flag for the se ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4963
+CVE-2013-4963 (Multiple cross-site request forgery (CSRF) vulnerabilities in Puppet E ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4962
+CVE-2013-4962 (The reset password page in Puppet Enterprise before 3.0.1 does not for ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4961
+CVE-2013-4961 (Puppet Enterprise before 3.0.1 includes version information for the Ap ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4960
 	RESERVED
-CVE-2013-4959
+CVE-2013-4959 (Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensit ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4958
+CVE-2013-4958 (Puppet Enterprise before 3.0.1 does not use a session timeout, which m ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4957
+CVE-2013-4957 (The dashboard report in Puppet Enterprise before 3.0.1 allows attacker ...)
 	NOT-FOR-US: puppet-dashboard
-CVE-2013-4956
+CVE-2013-4956 (Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3. ...)
 	{DSA-2761-1}
 	- puppet 3.2.4-1
 	[squeeze] - puppet <not-affected> (puppet module not yet present)
-CVE-2013-4955
+CVE-2013-4955 (Open redirect vulnerability in the login page in Puppet Enterprise bef ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4954
+CVE-2013-4954 (Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in ...)
 	NOT-FOR-US: Genetech Solutions Pie-Register
-CVE-2013-4953
+CVE-2013-4953 (SQL injection vulnerability in play.php in Top Games Script 1.2 allows ...)
 	NOT-FOR-US: Top Games Script
-CVE-2013-4952
+CVE-2013-4952 (SQL injection vulnerability in functions/global.php in Elemata CMS RC  ...)
 	NOT-FOR-US: Elemata CMS
-CVE-2013-4951
+CVE-2013-4951 (Multiple cross-site scripting (XSS) vulnerabilities in Mintboard 0.3 a ...)
 	NOT-FOR-US: Mintboard
-CVE-2013-4950
+CVE-2013-4950 (Cross-site scripting (XSS) vulnerability in view.php in Machform 2 all ...)
 	NOT-FOR-US: Machform
-CVE-2013-4949
+CVE-2013-4949 (Unrestricted file upload vulnerability in view.php in Machform 2 allow ...)
 	NOT-FOR-US: Machform
-CVE-2013-4948
+CVE-2013-4948 (SQL injection vulnerability in view.php in Machform 2 allows remote at ...)
 	NOT-FOR-US: Machform
-CVE-2013-4947
+CVE-2013-4947 (Unspecified vulnerability in the update and build database page in Saw ...)
 	NOT-FOR-US: Sawmill
-CVE-2013-4946
+CVE-2013-4946 (Multiple cross-site scripting (XSS) vulnerabilities in BMC Service Des ...)
 	NOT-FOR-US: BMC Service Desk Express
-CVE-2013-4945
+CVE-2013-4945 (Multiple SQL injection vulnerabilities in BMC Service Desk Express (SD ...)
 	NOT-FOR-US: BMC Service Desk Express
-CVE-2013-4944
+CVE-2013-4944 (Cross-site scripting (XSS) vulnerability in the BuddyPress Extended Fr ...)
 	NOT-FOR-US: BuddyPress
-CVE-2013-4943
+CVE-2013-4943 (The client application in Siemens COMOS before 9.1 Update 458, 9.2 bef ...)
 	NOT-FOR-US: Siemens COMOS
-CVE-2013-4942
+CVE-2013-4942 (Cross-site scripting (XSS) vulnerability in flashuploader.swf in the U ...)
 	- moodle 2.5.1-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-4941
+CVE-2013-4941 (Cross-site scripting (XSS) vulnerability in uploader.swf in the Upload ...)
 	- moodle 2.5.1-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not installed in package)
-CVE-2013-4940
+CVE-2013-4940 (Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility c ...)
 	- moodle 2.5.1-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-4939
+CVE-2013-4939 (Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility c ...)
 	- moodle 2.5.1-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-4938
+CVE-2013-4938 (The LTI (aka IMS-LTI) mod_form implementation in Moodle through 2.1.10 ...)
 	- moodle 2.5.1-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-4995
+CVE-2013-4995 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before 3. ...)
 	{DSA-2975-1 DLA-0014-1}
 	- phpmyadmin 4:4.0.4.2-1 (low)
 	[squeeze] - phpmyadmin 4:3.3.7-8
-CVE-2013-4996
+CVE-2013-4996 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5. ...)
 	{DSA-2975-1 DLA-0014-1}
 	- phpmyadmin 4:4.0.4.2-1
 	[squeeze] - phpmyadmin 4:3.3.7-8
-CVE-2013-4997
+CVE-2013-4997 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5. ...)
 	- phpmyadmin 4:4.0.4.2-1
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2013-4998
+CVE-2013-4998 (phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote ...)
 	- phpmyadmin 4:4.0.4.2-1 (unimportant)
 	NOTE: Full path disclosure irrelevant in Debian packages
-CVE-2013-4999
+CVE-2013-4999 (phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sens ...)
 	- phpmyadmin 4:4.0.4.2-1 (unimportant)
 	NOTE: Full path disclosure irrelevant in Debian packages
-CVE-2013-5000
+CVE-2013-5000 (phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sens ...)
 	- phpmyadmin 4:4.0.4.2-1 (unimportant)
 	NOTE: Full path disclosure irrelevant in Debian packages
-CVE-2013-5001
+CVE-2013-5001 (Cross-site scripting (XSS) vulnerability in libraries/plugins/transfor ...)
 	- phpmyadmin 4:4.0.4.2-1 (low)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2013-5002
+CVE-2013-5002 (Cross-site scripting (XSS) vulnerability in libraries/schema/Export_Re ...)
 	{DSA-2975-1}
 	- phpmyadmin 4:4.0.4.2-1 (low)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2013-5003
+CVE-2013-5003 (Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5. ...)
 	{DSA-2975-1 DLA-0014-1}
 	- phpmyadmin 4:4.0.4.2-1
 	[squeeze] - phpmyadmin 4:3.3.7-8
-CVE-2013-4937
+CVE-2013-4937 (Multiple unspecified vulnerabilities in the AiCloud feature on the ASU ...)
 	NOT-FOR-US: Asus firmware
-CVE-2013-4936
+CVE-2013-4936 (The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PRO ...)
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4935
+CVE-2013-4935 (The dissect_per_length_determinant function in epan/dissectors/packet- ...)
 	{DSA-2734-1}
 	- wireshark 1.10.1-1
-CVE-2013-4934
+CVE-2013-4934 (The netmon_open function in wiretap/netmon.c in the Netmon file parser ...)
 	{DSA-2734-1}
 	- wireshark 1.10.1-1
-CVE-2013-4933
+CVE-2013-4933 (The netmon_open function in wiretap/netmon.c in the Netmon file parser ...)
 	{DSA-2734-1}
 	- wireshark 1.10.1-1
-CVE-2013-4932
+CVE-2013-4932 (Multiple array index errors in epan/dissectors/packet-gsm_a_common.c i ...)
 	{DSA-2734-1}
 	- wireshark 1.10.1-1
-CVE-2013-4931
+CVE-2013-4931 (epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1  ...)
 	{DLA-497-1}
 	- wireshark 1.10.1-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-4930
+CVE-2013-4930 (The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c  ...)
 	{DSA-2734-1}
 	- wireshark 1.10.1-1
 	[squeeze] - wireshark <not-affected> (Affected dissector not yet present)
-CVE-2013-4929
+CVE-2013-4929 (The parseFields function in epan/dissectors/packet-dis-pdus.c in the D ...)
 	{DLA-497-1}
 	- wireshark 1.10.1-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-4928
+CVE-2013-4928 (Integer signedness error in the dissect_headers function in epan/disse ...)
 	- wireshark 1.10.1-1 (unimportant)
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
 	NOTE: Not suitable for code injection
-CVE-2013-4927
+CVE-2013-4927 (Integer signedness error in the get_type_length function in epan/disse ...)
 	{DLA-497-1}
 	- wireshark 1.10.1-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-4926
+CVE-2013-4926 (epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator diss ...)
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4925
+CVE-2013-4925 (Integer signedness error in epan/dissectors/packet-dcom-sysact.c in th ...)
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4924
+CVE-2013-4924 (epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator diss ...)
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4923
+CVE-2013-4923 (Memory leak in the dissect_dcom_ActivationProperties function in epan/ ...)
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4922
+CVE-2013-4922 (Double free vulnerability in the dissect_dcom_ActivationProperties fun ...)
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4921
+CVE-2013-4921 (Off-by-one error in the dissect_radiotap function in epan/dissectors/p ...)
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4920
+CVE-2013-4920 (The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly i ...)
 	- wireshark 1.10.1-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
@@ -6620,9 +6620,9 @@ CVE-2013-4914
 	RESERVED
 CVE-2013-4913
 	RESERVED
-CVE-2013-4912
+CVE-2013-4912 (Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 be ...)
 	NOT-FOR-US: Siemens
-CVE-2013-4911
+CVE-2013-4911 (Cross-site request forgery (CSRF) vulnerability in Siemens WinCC (TIA  ...)
 	NOT-FOR-US: Siemens
 CVE-2013-4910
 	RESERVED
@@ -6644,11 +6644,11 @@ CVE-2013-4902
 	RESERVED
 CVE-2013-4901
 	RESERVED
-CVE-2013-4900
+CVE-2013-4900 (Directory traversal vulnerability in DeWeS web server 0.4.2 and possib ...)
 	NOT-FOR-US: DeWeS web server (Twilight CMS)
-CVE-2013-4899
+CVE-2013-4899 (Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and poss ...)
 	NOT-FOR-US: Twilight CMS
-CVE-2013-4898
+CVE-2013-4898 (Unrestricted file upload vulnerability in the user profile page featur ...)
 	NOT-FOR-US: Timeline Plugin for SocialEngine
 CVE-2013-4897
 	REJECTED
@@ -6662,61 +6662,61 @@ CVE-2013-4893
 	RESERVED
 CVE-2013-4892
 	RESERVED
-CVE-2013-4891
+CVE-2013-4891 (The xss_clean function in CodeIgniter before 2.1.4 might allow remote  ...)
 	- codeigniter <itp> (bug #471583)
-CVE-2013-4889
+CVE-2013-4889 (Multiple cross-site request forgery (CSRF) vulnerabilities in index.ph ...)
 	NOT-FOR-US: Digital Signage Xibo
-CVE-2013-4888
+CVE-2013-4888 (Cross-site scripting (XSS) vulnerability in index.php in Digital Signa ...)
 	NOT-FOR-US: Digital Signage Xibo
-CVE-2013-4887
+CVE-2013-4887 (SQL injection vulnerability in index.php in Digital Signage Xibo 1.4.2 ...)
 	NOT-FOR-US: Digital Signage Xibo
 CVE-2013-4886
 	RESERVED
-CVE-2013-4885
+CVE-2013-4885 (The http-domino-enum-passwords.nse script in NMap before 6.40, when do ...)
 	- nmap 6.40-0.1 (low; bug #719289)
 	[squeeze] - nmap <not-affected> (Vulnerable code not present)
 	[wheezy] - nmap 6.00-0.3+deb7u1
-CVE-2013-4884
+CVE-2013-4884 (Cross-site scripting (XSS) vulnerability in McAfee SuperScan 4.0 allow ...)
 	NOT-FOR-US: McAfee SuperScan
 CVE-2013-5217
 	REJECTED
-CVE-2013-4890
+CVE-2013-4890 (The DMCRUIS/0.1 web server on the Samsung PS50C7700 TV allows remote a ...)
 	NOT-FOR-US: Samsung TV
-CVE-2013-4883
+CVE-2013-4883 (Multiple cross-site scripting (XSS) vulnerabilities in McAfee ePolicy  ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2013-4882
+CVE-2013-4882 (Multiple SQL injection vulnerabilities in McAfee ePolicy Orchestrator  ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2013-4881
+CVE-2013-4881 (Cross-site request forgery (CSRF) vulnerability in core/admin/modules/ ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2013-4880
+CVE-2013-4880 (Cross-site scripting (XSS) vulnerability in core/admin/modules/develop ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2013-4879
+CVE-2013-4879 (SQL injection vulnerability in core/inc/bigtree/cms.php in BigTree CMS ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2013-4878
+CVE-2013-4878 (The default configuration of Parallels Plesk Panel 9.0.x and 9.2.x on  ...)
 	NOT-FOR-US: Parallels Plesk Panel
-CVE-2013-4877
+CVE-2013-4877 (The Verizon Wireless Network Extender SCS-26UC4 and SCS-2U01 does not  ...)
 	NOT-FOR-US: Verizon Wireless Network Extender
-CVE-2013-4876
+CVE-2013-4876 (The Verizon Wireless Network Extender SCS-2U01 has a hardcoded passwor ...)
 	NOT-FOR-US: Verizon Wireless Network Extender
-CVE-2013-4875
+CVE-2013-4875 (The Uboot bootloader on the Verizon Wireless Network Extender SCS-2U01 ...)
 	NOT-FOR-US: Verizon Wireless Network Extender SCS-2U01
-CVE-2013-4874
+CVE-2013-4874 (The Uboot bootloader on the Verizon Wireless Network Extender SCS-26UC ...)
 	NOT-FOR-US: Verizon Wireless Network Extender
-CVE-2013-4873
+CVE-2013-4873 (The Yahoo! Tumblr app before 3.4.1 for iOS sends cleartext credentials ...)
 	NOT-FOR-US: iOS app
-CVE-2013-4872
+CVE-2013-4872 (Google Glass before XE6 does not properly restrict the processing of Q ...)
 	NOT-FOR-US: Google Glass
-CVE-2013-4871
+CVE-2013-4871 (Cross-site request forgery (CSRF) vulnerability in the TEQneers SEO En ...)
 	NOT-FOR-US: TYPO3 extension tq_seo
-CVE-2013-4870
+CVE-2013-4870 (SQL injection vulnerability in the News Search (news_search) extension ...)
 	NOT-FOR-US: TYPO3 extension news_search
-CVE-2013-4869
+CVE-2013-4869 (Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) and  ...)
 	NOT-FOR-US: Cisco
 CVE-2013-4868
 	RESERVED
 CVE-2013-4867
 	RESERVED
-CVE-2013-4866
+CVE-2013-4866 (The LIXIL Corporation My SATIS Genius Toilet application for Android h ...)
 	NOT-FOR-US: LIXIL Corporation My SATIS Genius Toilet application for Android
 CVE-2013-4865
 	RESERVED
@@ -6728,11 +6728,11 @@ CVE-2013-4862
 	RESERVED
 CVE-2013-4861
 	RESERVED
-CVE-2013-4860
+CVE-2013-4860 (Radio Thermostat CT80 And CT50 with firmware 1.4.64 and earlier does n ...)
 	NOT-FOR-US: Radio Thermostat
 CVE-2013-4859
 	RESERVED
-CVE-2013-4858
+CVE-2013-4858 (Microsoft Windows Movie Maker 2.1.4026.0 on Windows XP SP3 allows remo ...)
 	NOT-FOR-US: Microsoft Windows Movie Maker
 CVE-2013-4857
 	RESERVED
@@ -6740,13 +6740,13 @@ CVE-2013-4856
 	RESERVED
 CVE-2013-4855
 	RESERVED
-CVE-2013-4854
+CVE-2013-4854 (The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x bef ...)
 	{DSA-2728-1}
 	- bind9 1:9.8.4.dfsg.P1-6+nmu3 (bug #717936)
 	NOTE: https://kb.isc.org/article/AA-01015/0
 CVE-2013-4853
 	RESERVED
-CVE-2013-4852
+CVE-2013-4852 (Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and o ...)
 	{DSA-2736-1}
 	- putty 0.63-1 (bug #718779)
 	- filezilla 3.7.3-1 (low; bug #718800)
@@ -6754,7 +6754,7 @@ CVE-2013-4852
 	[wheezy] - filezilla <no-dsa> (Minor issue)
 	NOTE: http://www.securityfocus.com/archive/1/527763/30/0
 	NOTE: http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896
-CVE-2013-4851
+CVE-2013-4851 (The vfs_hang_addrlist function in sys/kern/vfs_export.c in the NFS ser ...)
 	{DSA-2743-1}
 	- kfreebsd-9 9.1-4 (bug #717958)
 	- kfreebsd-8 8.3-7 (bug #717959)
@@ -6768,171 +6768,171 @@ CVE-2013-4848
 	RESERVED
 CVE-2013-4847
 	RESERVED
-CVE-2013-4846
+CVE-2013-4846 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2013-4845
+CVE-2013-4845 (Cross-site scripting (XSS) vulnerability on HP Officejet Pro 8500 (aka ...)
 	NOT-FOR-US: HP Officejet Pro
-CVE-2013-4844
+CVE-2013-4844 (Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31 ...)
 	NOT-FOR-US: HP Service Manager and ServiceCenter
-CVE-2013-4843
+CVE-2013-4843 (Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with fi ...)
 	NOT-FOR-US: HP iLO
-CVE-2013-4842
+CVE-2013-4842 (Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 ...)
 	NOT-FOR-US: HP iLO
-CVE-2013-4841
+CVE-2013-4841 (Unspecified vulnerability in dbd_manager in LeftHand OS before 11.0 in ...)
 	NOT-FOR-US: HP StoreVirtual
-CVE-2013-4840
+CVE-2013-4840 (Unspecified vulnerability in HP and H3C VPN Firewall Module products S ...)
 	NOT-FOR-US: HP and H3C VPN Firewall Module
-CVE-2013-4839
+CVE-2013-4839 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner b ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4838
+CVE-2013-4838 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner b ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4837
+CVE-2013-4837 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner b ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4836
+CVE-2013-4836 (Unspecified vulnerability in the GossipService SOAP Request implementa ...)
 	NOT-FOR-US: HP Application LifeCycle Management
-CVE-2013-4835
+CVE-2013-4835 (The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x befor ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2013-4834
+CVE-2013-4834 (Unspecified vulnerability in the client component in HP Application Li ...)
 	NOT-FOR-US: HP Application LifeCycle Management
-CVE-2013-4833
+CVE-2013-4833 (Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 th ...)
 	NOT-FOR-US: HP
-CVE-2013-4832
+CVE-2013-4832 (HP Service Manager 9.30 through 9.32 allows remote authenticated users ...)
 	NOT-FOR-US: HP
-CVE-2013-4831
+CVE-2013-4831 (HP Service Manager 9.30 through 9.32 does not properly manage privileg ...)
 	NOT-FOR-US: HP
-CVE-2013-4830
+CVE-2013-4830 (HP Service Manager 9.30 through 9.32 allows remote attackers to execut ...)
 	NOT-FOR-US: HP
-CVE-2013-4829
+CVE-2013-4829 (HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet E ...)
 	NOT-FOR-US: HP
-CVE-2013-4828
+CVE-2013-4828 (HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet E ...)
 	NOT-FOR-US: HP
-CVE-2013-4827
+CVE-2013-4827 (SQL injection vulnerability in HP Intelligent Management Center (iMC)  ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2013-4826
+CVE-2013-4826 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2013-4825
+CVE-2013-4825 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2013-4824
+CVE-2013-4824 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2013-4823
+CVE-2013-4823 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2013-4822
+CVE-2013-4822 (Unspecified vulnerability in HP Intelligent Management Center (iMC) an ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2013-4821
+CVE-2013-4821 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2013-4820
+CVE-2013-4820 (Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall  ...)
 	NOT-FOR-US: HP
-CVE-2013-4819
+CVE-2013-4819 (Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through 1 ...)
 	NOT-FOR-US: HP
-CVE-2013-4818
+CVE-2013-4818 (Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall  ...)
 	NOT-FOR-US: HP
-CVE-2013-4817
+CVE-2013-4817 (Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through 1 ...)
 	NOT-FOR-US: HP
 CVE-2013-4816
 	REJECTED
-CVE-2013-4815
+CVE-2013-4815 (Cross-site scripting (XSS) vulnerability in the web interface in HP Ar ...)
 	NOT-FOR-US: HP
-CVE-2013-4814
+CVE-2013-4814 (Cross-site scripting (XSS) vulnerability in HP XP P9000 Command View A ...)
 	NOT-FOR-US: HP
-CVE-2013-4813
+CVE-2013-4813 (The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3 ...)
 	NOT-FOR-US: HP
-CVE-2013-4812
+CVE-2013-4812 (UpdateCertificatesServlet in the SNAC registration server in HP ProCur ...)
 	NOT-FOR-US: HP
-CVE-2013-4811
+CVE-2013-4811 (UpdateDomainControllerServlet in the SNAC registration server in HP Pr ...)
 	NOT-FOR-US: HP
-CVE-2013-4810
+CVE-2013-4810 (HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Dr ...)
 	NOT-FOR-US: HP
-CVE-2013-4809
+CVE-2013-4809 (Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCu ...)
 	NOT-FOR-US: HP
-CVE-2013-4808
+CVE-2013-4808 (Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and  ...)
 	NOT-FOR-US: HP
-CVE-2013-4807
+CVE-2013-4807 (Unspecified vulnerability on the HP LaserJet Pro P1102w, P1606dn, M121 ...)
 	NOT-FOR-US: HP
-CVE-2013-4806
+CVE-2013-4806 (The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8### ...)
 	NOT-FOR-US: HP routers
-CVE-2013-4805
+CVE-2013-4805 (Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) fir ...)
 	NOT-FOR-US: HP Integrated Lights-Out firmware
-CVE-2013-4804
+CVE-2013-4804 (Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch  ...)
 	NOT-FOR-US: HP Business Process Monitor
 CVE-2013-4803
 	REJECTED
-CVE-2013-4802
+CVE-2013-4802 (Cross-site scripting (XSS) vulnerability in HP Application Lifecycle M ...)
 	NOT-FOR-US: HP
-CVE-2013-4801
+CVE-2013-4801 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote  ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4800
+CVE-2013-4800 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote  ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4799
+CVE-2013-4799 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote  ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4798
+CVE-2013-4798 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote  ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-4797
+CVE-2013-4797 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote  ...)
 	NOT-FOR-US: HP LoadRunner
 CVE-2013-4796
 	RESERVED
-CVE-2013-4795
+CVE-2013-4795 (Cross-site scripting (XSS) vulnerability in the Submitters list in Rev ...)
 	- reviewboard <itp> (bug #653113)
 CVE-2013-4794
 	RESERVED
-CVE-2013-4793
+CVE-2013-4793 (The update function in umbraco.webservices/templates/templateService.c ...)
 	NOT-FOR-US: Umbraco
 CVE-2013-4792
 	RESERVED
 CVE-2013-4791
 	RESERVED
-CVE-2013-4790
+CVE-2013-4790 (Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 be ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-4789
+CVE-2013-4789 (SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0 ...)
 	NOT-FOR-US: Cotonti
-CVE-2013-4788
+CVE-2013-4788 (The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6 ...)
 	{DLA-165-1}
 	- glibc 2.17-94 (low; bug #717178)
 	- eglibc <removed>
 	[wheezy] - eglibc 2.13-38+deb7u1
-CVE-2013-4787
+CVE-2013-4787 (Android 1.6 Donut through 4.2 Jelly Bean does not properly check crypt ...)
 	NOT-FOR-US: Android
-CVE-2013-4786
+CVE-2013-4786 (The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange P ...)
 	NOTE: Design flaw in the IPMI 2.0 specification. Any correctly implemented device is vulnerable.
 	NOTE: Contacted relevant maintainers: Since few to no devices do mutual authentication, tools shipped by Debian are generally not affected. At best, the tools can print a warning for vulnerable devices.
-CVE-2013-4784
+CVE-2013-4784 (The HP Integrated Lights-Out (iLO) BMC implementation allows remote at ...)
 	NOT-FOR-US: HP IPMI device
-CVE-2013-4781
+CVE-2013-4781 (core/getLog.php on the Siemens Enterprise OpenScape Branch appliance a ...)
 	NOT-FOR-US: Siemens Enterprise OpenScape
-CVE-2013-4780
+CVE-2013-4780 (core/getLog.php on the Siemens Enterprise OpenScape Branch appliance a ...)
 	NOT-FOR-US: Siemens Enterprise OpenScape
-CVE-2013-4779
+CVE-2013-4779 (Cross-site scripting (XSS) vulnerability in core/handleTw.php on the S ...)
 	NOT-FOR-US: Siemens Enterprise OpenScape
-CVE-2013-4778
+CVE-2013-4778 (core/getLog.php on the Siemens Enterprise OpenScape Branch appliance a ...)
 	NOT-FOR-US: Siemens Enterprise OpenScape
-CVE-2013-4777
+CVE-2013-4777 (A certain configuration of Android 2.3.7 on the Motorola Defy XT phone ...)
 	NOT-FOR-US: Motorola
-CVE-2013-4776
+CVE-2013-4776 (NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earli ...)
 	NOT-FOR-US: NETGEAR
-CVE-2013-4775
+CVE-2013-4775 (NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earli ...)
 	NOT-FOR-US: NETGEAR
-CVE-2013-4785
+CVE-2013-4785 (The web interface on the Dell iDRAC6 with firmware before 1.95 allows  ...)
 	NOT-FOR-US: Dell
-CVE-2013-4783
+CVE-2013-4783 (The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3 ...)
 	NOT-FOR-US: Dell
-CVE-2013-4782
+CVE-2013-4782 (The Supermicro BMC implementation allows remote attackers to bypass au ...)
 	NOT-FOR-US: Supermicro
 CVE-2013-4774
 	RESERVED
 CVE-2013-4773
 	RESERVED
-CVE-2013-4772
+CVE-2013-4772 (D-Link DIR-505L SharePort Mobile Companion 1.01 and DIR-826L Wireless  ...)
 	NOT-FOR-US: D-Link
 CVE-2013-4771
 	RESERVED
 CVE-2013-4770
 	RESERVED
-CVE-2013-4769
+CVE-2013-4769 (The cloud controller (aka CLC) component in Eucalyptus 3.3.x and 3.4.x ...)
 	- eucalyptus <removed>
-CVE-2013-4768
+CVE-2013-4768 (The web services APIs in Eucalyptus 2.0 through 3.4.1 allow remote att ...)
 	- eucalyptus <removed>
-CVE-2013-4767
+CVE-2013-4767 (Unspecified vulnerability in Eucalyptus before 3.3.2 has unknown impac ...)
 	- eucalyptus <removed>
-CVE-2013-4766
+CVE-2013-4766 (The gather log service in Eucalyptus before 3.3.1 allows remote attack ...)
 	- eucalyptus <removed>
 CVE-2013-4765
 	RESERVED
@@ -6940,21 +6940,21 @@ CVE-2013-4764
 	RESERVED
 CVE-2013-4763
 	RESERVED
-CVE-2013-4762
+CVE-2013-4762 (Puppet Enterprise before 3.0.1 does not sufficiently invalidate a sess ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-4761
+CVE-2013-4761 (Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x befo ...)
 	{DSA-2761-1}
 	- puppet 3.2.4-1 (low)
 	[squeeze] - puppet <no-dsa> (non-standard config and attacker requires local access to master)
 CVE-2013-4760
 	RESERVED
-CVE-2013-4759
+CVE-2013-4759 (Multiple cross-site scripting (XSS) vulnerabilities in the Magnolia Fo ...)
 	NOT-FOR-US: Magnolia CMS
 CVE-2013-4757
 	RESERVED
 CVE-2013-4756
 	RESERVED
-CVE-2013-4758
+CVE-2013-4758 (Double free vulnerability in the writeDataError function in the Elasti ...)
 	- rsyslog <not-affected> (omelasticsearch plugin not enabled; see #715009)
 	[squeeze] - rsyslog <not-affected> (omelasticsearch plugin not yet present)
 	[wheezy] - rsyslog <not-affected> (omelasticsearch plugin not yet present)
@@ -6962,9 +6962,9 @@ CVE-2013-4758
 	NOTE: http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=80f88242982c9c6ad6ce8628fc5b94ea74051cf4
 CVE-2013-4755
 	RESERVED
-CVE-2013-4754
+CVE-2013-4754 (Multiple cross-site scripting (XSS) vulnerabilities in Owl Intranet Kn ...)
 	NOT-FOR-US: Owl Intranet Knowledgebase
-CVE-2013-4753
+CVE-2013-4753 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.11. ...)
 	NOT-FOR-US: Claroline
 CVE-2013-4752
 	RESERVED
@@ -6974,72 +6974,72 @@ CVE-2013-4751
 	NOT-FOR-US: Symfony Validator component
 CVE-2013-4750
 	RESERVED
-CVE-2013-4749
+CVE-2013-4749 (Cross-site scripting (XSS) vulnerability in the UserTask Center, Messa ...)
 	NOT-FOR-US: sys_messages TYPO3 extension
-CVE-2013-4748
+CVE-2013-4748 (SQL injection vulnerability in the News system (news) extension before ...)
 	NOT-FOR-US: News system TYPO3 extension
-CVE-2013-4747
+CVE-2013-4747 (Cross-site scripting (XSS) vulnerability in the Accessible browse resu ...)
 	NOT-FOR-US: Accessible browse results TYPO3 extension
-CVE-2013-4746
+CVE-2013-4746 (Cross-site scripting (XSS) vulnerability in the My quiz and poll (myqu ...)
 	NOT-FOR-US: My quiz and poll TYPO3 extension
-CVE-2013-4745
+CVE-2013-4745 (SQL injection vulnerability in the My quiz and poll (myquizpoll) exten ...)
 	NOT-FOR-US: My quiz and poll TYPO3 extension
-CVE-2013-4744
+CVE-2013-4744 (Cross-site scripting (XSS) vulnerability in the PHPUnit extension befo ...)
 	NOT-FOR-US: PHPUnit TYPO3 extension
 CVE-2013-4743
 	RESERVED
-CVE-2013-4742
+CVE-2013-4742 (Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers ...)
 	NOT-FOR-US: SurgeFTP
 CVE-2013-4741
 	RESERVED
-CVE-2013-4740
+CVE-2013-4740 (goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux ker ...)
 	NOT-FOR-US: Goodix gt915 Android touchscreen driver
-CVE-2013-4739
+CVE-2013-4739 (The MSM camera driver for the Linux kernel 3.x, as used in Qualcomm In ...)
 	- linux <not-affected> (Android-specific camera drivers)
-CVE-2013-4738
+CVE-2013-4738 (Multiple stack-based buffer overflows in the MSM camera driver for the ...)
 	- linux <not-affected> (Android-specific camera drivers)
-CVE-2013-4737
+CVE-2013-4737 (The CONFIG_STRICT_MEMORY_RWX implementation for the Linux kernel 3.x,  ...)
 	- linux <not-affected> (Affected code not in mainline kernel)
 	- linux-2.6 <not-affected> (Affected code not in mainline kernel)
 	NOTE: https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=4256415b296348ff16cd17a5b8f8dce4dea37328
-CVE-2013-4736
+CVE-2013-4736 (Multiple integer overflows in the JPEG engine drivers in the MSM camer ...)
 	NOTE: https://www.codeaurora.org/projects/security-advisories/integer-overflow-and-signedness-issue-camera-jpeg-engines-cve-2013-4736
 	NOT-FOR-US: camera JPEG engines on Android Linux kernels
-CVE-2013-4735
+CVE-2013-4735 (The Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monro ...)
 	NOT-FOR-US: Digital Alert Systems and Monroe Electronics
-CVE-2013-4734
+CVE-2013-4734 (dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2. ...)
 	NOT-FOR-US: Alert Systems and Monroe Electronics
-CVE-2013-4733
+CVE-2013-4733 (The web server on the Digital Alert Systems DASDEC EAS device before 2 ...)
 	NOT-FOR-US: Alert Systems and Monroe Electronics
-CVE-2013-4732
+CVE-2013-4732 (** DISPUTED ** The administrative web server on the Digital Alert Syst ...)
 	NOT-FOR-US: Alert Systems and Monroe Electronics
-CVE-2013-4731
+CVE-2013-4731 (ajax.cgi in the web interface on the Choice Wireless Green Packet WIXF ...)
 	NOT-FOR-US: Choice Wireless Green Packet modem
-CVE-2013-4730
+CVE-2013-4730 (Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to ...)
 	NOT-FOR-US: PCMan FTP Server
-CVE-2013-4729
+CVE-2013-4729 (import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict ...)
 	- phpmyadmin 4:4.0.4.1-1
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
-CVE-2013-4728
+CVE-2013-4728 (DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b ...)
 	NOT-FOR-US: Acora CMS
-CVE-2013-4727
+CVE-2013-4727 (DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b ...)
 	NOT-FOR-US: Acora CMS
-CVE-2013-4726
+CVE-2013-4726 (Cross-site request forgery (CSRF) vulnerability in DDSN Interactive cm ...)
 	NOT-FOR-US: Acora CMS
-CVE-2013-4725
+CVE-2013-4725 (DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b ...)
 	NOT-FOR-US: Acora CMS
-CVE-2013-4724
+CVE-2013-4724 (DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b ...)
 	NOT-FOR-US: Acora CMS
-CVE-2013-4723
+CVE-2013-4723 (Open redirect vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a ...)
 	NOT-FOR-US: Acora CMS
-CVE-2013-4722
+CVE-2013-4722 (Multiple cross-site scripting (XSS) vulnerabilities in Admin/login/def ...)
 	NOT-FOR-US: Acora CMS
-CVE-2013-4721
+CVE-2013-4721 (SQL injection vulnerability in the RSS feed from records extension 1.0 ...)
 	NOT-FOR-US: records extension for TYPO3
-CVE-2013-4720
+CVE-2013-4720 (SQL injection vulnerability in the WEC Discussion Forum extension befo ...)
 	NOT-FOR-US: WEC Discussion Forum
-CVE-2013-4719
+CVE-2013-4719 (SQL injection vulnerability in the SEO Pack for tt_news extension befo ...)
 	NOT-FOR-US: SEO Pack for tt_news extension for TYPO3
 CVE-2013-4718 [XSS]
 	RESERVED
@@ -7049,51 +7049,51 @@ CVE-2013-4717 [SQL injection]
 	{DSA-2733-1}
 	- otrs2 3.2.9-1
 	NOTE: http://web.archive.org/web/20131023033811/http://www.otrs.com:80/en/open-source/community-news/security-advisories/security-advisory-2013-05/
-CVE-2013-4716
+CVE-2013-4716 (Cross-site scripting (XSS) vulnerability in Tattyan HP TOWN 5_9_3 and  ...)
 	NOT-FOR-US: Tattyan HP TOWN
-CVE-2013-4715
+CVE-2013-4715 (SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6. ...)
 	NOT-FOR-US: Tiki Wiki
-CVE-2013-4714
+CVE-2013-4714 (Cross-site scripting (XSS) vulnerability in Tiki Wiki CMS Groupware 6  ...)
 	NOT-FOR-US: Tiki Wiki
-CVE-2013-4713
+CVE-2013-4713 (Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk w ...)
 	NOT-FOR-US: I-O DATA DEVICE RockDisk
-CVE-2013-4712
+CVE-2013-4712 (I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlie ...)
 	NOT-FOR-US: I-O DATA DEVICE HDL-A and HDL2-A devices
-CVE-2013-4711
+CVE-2013-4711 (Cross-site scripting (XSS) vulnerability in Accela BizSearch 3.2 on Li ...)
 	NOT-FOR-US: Accela Bizsearch
-CVE-2013-4710
+CVE-2013-4710 (Android 3.0 through 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, ...)
 	NOT-FOR-US: Android
-CVE-2013-4709
+CVE-2013-4709 (Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 ...)
 	NOT-FOR-US: PPP Access Concentrator
-CVE-2013-4708
+CVE-2013-4708 (The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc.  ...)
 	NOT-FOR-US: Internet Initiative Japan Inc
-CVE-2013-4707
+CVE-2013-4707 (The SSH implementation on D-Link Japan DES-3810 devices with firmware  ...)
 	NOT-FOR-US: D-Link
-CVE-2013-4706
+CVE-2013-4706 (The SSH implementation on the D-Link Japan DWL-2100AP with firmware be ...)
 	NOT-FOR-US: D-Link
-CVE-2013-4705
+CVE-2013-4705 (Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows  ...)
 	NOT-FOR-US: Opera
-CVE-2013-4704
+CVE-2013-4704 (Cross-site scripting (XSS) vulnerability in ChamaNet ChamaCargo 7.0000 ...)
 	NOT-FOR-US: ChamaNet ChamaCargo
-CVE-2013-4703
+CVE-2013-4703 (Cross-site scripting (XSS) vulnerability in the top-page customization ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2013-4702
+CVE-2013-4702 (Multiple directory traversal vulnerabilities in the doApiAction functi ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2013-4701
+CVE-2013-4701 (Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and earlier allows remo ...)
 	- php-openid 2.2.2-1.2 (low; bug #721221)
 	[wheezy] - php-openid <no-dsa> (Minor issue)
 	[squeeze] - php-openid <no-dsa> (Minor issue)
-CVE-2013-4700
+CVE-2013-4700 (The Yahoo! Japan Shopping application 1.4 and earlier for Android does ...)
 	NOT-FOR-US: Yahoo shopping app
-CVE-2013-4699
+CVE-2013-4699 (The Yahoo! Japan Yafuoku! application 4.3.0 and earlier for iOS and An ...)
 	NOT-FOR-US: Yahoo shopping app
-CVE-2013-4698
+CVE-2013-4698 (Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to o ...)
 	NOT-FOR-US: Cybozu Mailwise
-CVE-2013-4697
+CVE-2013-4697 (Multiple unspecified vulnerabilities in Hitachi JP1/IT Desktop Managem ...)
 	NOT-FOR-US: Hitachi
 CVE-2013-4695
 	RESERVED
-CVE-2013-4694
+CVE-2013-4694 (Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Bu ...)
 	NOT-FOR-US: Winamp
 CVE-2013-4693
 	RESERVED
@@ -7101,49 +7101,49 @@ CVE-2013-4692
 	RESERVED
 CVE-2013-4691
 	RESERVED
-CVE-2013-4690
+CVE-2013-4690 (Juniper Junos 10.4 before 10.4S13, 11.4 before 11.4R7-S1, 12.1 before  ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4689
+CVE-2013-4689 (J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R befor ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4688
+CVE-2013-4688 (flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MS ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4687
+CVE-2013-4687 (flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4686
+CVE-2013-4686 (The kernel in Juniper Junos 10.4 before 10.4R14, 11.4 before 11.4R8, 1 ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4685
+CVE-2013-4685 (Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 be ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4684
+CVE-2013-4684 (flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R8, 12.1 b ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2013-4683
+CVE-2013-4683 (SQL injection vulnerability in the meta_feedit extension 0.1.10 and ea ...)
 	NOT-FOR-US: meta_feedit extension for TYPO3
-CVE-2013-4682
+CVE-2013-4682 (SQL injection vulnerability in the Multishop extension before 2.0.39 f ...)
 	NOT-FOR-US: Multishop extension for TYPO3
-CVE-2013-4681
+CVE-2013-4681 (SQL injection vulnerability in the sofortueberweisung2commerce extensi ...)
 	NOT-FOR-US: sofortueberweisung2commerce extension TYPO3
-CVE-2013-4680
+CVE-2013-4680 (Open redirect vulnerability in Maag Form Captcha extension 2.0.0 and e ...)
 	NOT-FOR-US: meta_feedit extension for TYPO3
-CVE-2013-4679
+CVE-2013-4679 (Symantec Workspace Virtualization before 6.x before 6.4.1953.0, when a ...)
 	NOT-FOR-US: Symantec Workspace Virtualization
-CVE-2013-4678
+CVE-2013-4678 (The NDMP protocol implementation in Symantec Backup Exec 2010 R3 befor ...)
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2013-4677
+CVE-2013-4677 (Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 us ...)
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2013-4676
+CVE-2013-4676 (Multiple cross-site scripting (XSS) vulnerabilities in Symantec Backup ...)
 	NOT-FOR-US: Symantec Backup Exec
 CVE-2013-4675
 	RESERVED
-CVE-2013-4674
+CVE-2013-4674 (Cross-site scripting (XSS) vulnerability in the Web Email Protection c ...)
 	NOT-FOR-US: Symantec
-CVE-2013-4673
+CVE-2013-4673 (The management console on the Symantec Web Gateway (SWG) appliance bef ...)
 	NOT-FOR-US: Symantec
-CVE-2013-4672
+CVE-2013-4672 (The management console on the Symantec Web Gateway (SWG) appliance bef ...)
 	NOT-FOR-US: Symantec
-CVE-2013-4671
+CVE-2013-4671 (Cross-site request forgery (CSRF) vulnerability in the management cons ...)
 	NOT-FOR-US: Symantec
-CVE-2013-4670
+CVE-2013-4670 (Multiple cross-site scripting (XSS) vulnerabilities in the management  ...)
 	NOT-FOR-US: Symantec
-CVE-2013-4668
+CVE-2013-4668 (Directory traversal vulnerability in File Roller 3.6.x before 3.6.4, 3 ...)
 	- file-roller 3.8.3-1
 	[squeeze] - file-roller <not-affected> (Doesn't use libarchive)
 	[wheezy] - file-roller <not-affected> (Doesn't use libarchive)
@@ -7156,15 +7156,15 @@ CVE-2013-4665
 	RESERVED
 CVE-2013-4664
 	RESERVED
-CVE-2013-4663
+CVE-2013-4663 (git_http_controller.rb in the redmine_git_hosting plugin for Redmine a ...)
 	NOT-FOR-US: Redmine plugin redmine_git_hosting
-CVE-2013-4662
+CVE-2013-4662 (The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through  ...)
 	- civicrm <not-affected> (Fixed before initial upload to the archive)
-CVE-2013-4661
+CVE-2013-4661 (CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly  ...)
 	- civicrm <not-affected> (Fixed before initial upload to the archive)
-CVE-2013-4660
+CVE-2013-4660 (The JS-YAML module before 2.0.5 for Node.js parses input without prope ...)
 	NOT-FOR-US: js-yaml
-CVE-2013-4659
+CVE-2013-4659 (Buffer overflow in Broadcom ACSD allows remote attackers to execute ar ...)
 	NOT-FOR-US: Broadcom ACSD
 CVE-2013-4658
 	RESERVED
@@ -7176,17 +7176,17 @@ CVE-2013-4655
 	RESERVED
 CVE-2013-4654
 	RESERVED
-CVE-2013-4653
+CVE-2013-4653 (Multiple cross-site scripting (XSS) vulnerabilities in the signin func ...)
 	NOT-FOR-US: Alcatel-Lucent Omnitouch
-CVE-2013-4652
+CVE-2013-4652 (Unspecified vulnerability in the command-line management interface on  ...)
 	NOT-FOR-US: Siemens
-CVE-2013-4651
+CVE-2013-4651 (Siemens Scalance W7xx devices with firmware before 4.5.4 use the same  ...)
 	NOT-FOR-US: Siemens
-CVE-2013-4650
+CVE-2013-4650 (MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authen ...)
 	- mongodb 1:2.4.5-1 (bug #715007)
 	[squeeze] - mongodb <not-affected> (Only affects 2.4.x)
 	[wheezy] - mongodb <not-affected> (Only affects 2.4.x)
-CVE-2013-4649
+CVE-2013-4649 (Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6. ...)
 	NOT-FOR-US: DotNetNuke
 CVE-2013-4648
 	RESERVED
@@ -7212,71 +7212,71 @@ CVE-2013-4638
 	RESERVED
 CVE-2013-4637
 	RESERVED
-CVE-2013-4669
+CVE-2013-4669 (FortiClient before 4.3.5.472 on Windows, before 4.0.3.134 on Mac OS X, ...)
 	NOT-FOR-US: FortiClient
-CVE-2013-4636
+CVE-2013-4636 (The mget function in libmagic/softmagic.c in the Fileinfo component in ...)
 	- php5 5.5.0+dfsg-1
 	[squeeze] - php5 <not-affected> (Introduced with 10367fa7c6a4a2cf9bee02d8905e284185428f09)
 	[wheezy] - php5 <not-affected> (Introduced with 10367fa7c6a4a2cf9bee02d8905e284185428f09)
 	- file <not-affected> (bug in code modified for PHP)
 	NOTE: Tested with the squeeze and wheezy versions
-CVE-2013-4635
+CVE-2013-4635 (Integer overflow in the SdnToJewish function in jewish.c in the Calend ...)
 	- php5 5.5.0+dfsg-1 (unimportant)
 	NOTE: exploitable by malicious scripts only
-CVE-2013-4634
+CVE-2013-4634 (SQL injection vulnerability in the jQuery autocomplete for indexed_sea ...)
 	NOT-FOR-US: rzautocomplete extension for Typo3
-CVE-2013-4633
+CVE-2013-4633 (Huawei Seco Versatile Security Manager (VSM) before V200R002C00SPC300  ...)
 	NOT-FOR-US: Huawei Seco Versatile Security Manager
-CVE-2013-4632
+CVE-2013-4632 (The Huawei Access Router (AR) before V200R002SPC003 allows remote atta ...)
 	NOT-FOR-US: The Huawei Access Router
-CVE-2013-4631
+CVE-2013-4631 (Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 is enabl ...)
 	NOT-FOR-US: Huawei AR 150, 200, 1200, 2200, and 3200 routers,
-CVE-2013-4630
+CVE-2013-4630 (Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 320 ...)
 	NOT-FOR-US: Huawei routers
-CVE-2013-4629
+CVE-2013-4629 (The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conf ...)
 	NOT-FOR-US: Huawei viewpoint
-CVE-2013-4628
+CVE-2013-4628 (The firewall module on the Huawei Quidway Service Process Unit (SPU) b ...)
 	NOT-FOR-US: Huawei Quidway Service Process Unit
-CVE-2013-4627
+CVE-2013-4627 (Unspecified vulnerability in bitcoind and Bitcoin-Qt 0.8.x allows remo ...)
 	- bitcoin 0.8.3-1
-CVE-2013-4626
+CVE-2013-4626 (Cross-site scripting (XSS) vulnerability in the BackWPup plugin before ...)
 	NOT-FOR-US: WordPress plugin BackWPup
-CVE-2013-4625
+CVE-2013-4625 (Cross-site scripting (XSS) vulnerability in files/installer.cleanup.ph ...)
 	NOT-FOR-US: WordPress plugin Duplicator
-CVE-2013-4624
+CVE-2013-4624 (Multiple cross-site scripting (XSS) vulnerabilities in Jahia xCM 6.6.1 ...)
 	NOT-FOR-US: Jahia xCM
-CVE-2013-4623
+CVE-2013-4623 (The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 an ...)
 	{DSA-2782-1}
 	- polarssl 1.2.8-1 (low; bug #719954)
-CVE-2013-4622
+CVE-2013-4622 (The 3G Mobile Hotspot feature on the HTC Droid Incredible has a defaul ...)
 	NOT-FOR-US: HTC Droid Incredible
 CVE-2013-4621
 	RESERVED
-CVE-2013-4620
+CVE-2013-4620 (Cross-site scripting (XSS) vulnerability in interface/main/onotes/offi ...)
 	NOT-FOR-US: OpenEMR
-CVE-2013-4619
+CVE-2013-4619 (Multiple SQL injection vulnerabilities in OpenEMR 4.1.1 allow remote a ...)
 	NOT-FOR-US: OpenEMR
 CVE-2013-4618
 	RESERVED
-CVE-2013-4617
+CVE-2013-4617 (Jahia xCM before 6.6.2 does not include the HTTPOnly flag in a Set-Coo ...)
 	NOT-FOR-US: Jahia xCM
-CVE-2013-4616
+CVE-2013-4616 (The WifiPasswordController generateDefaultPassword method in Preferenc ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-4615
+CVE-2013-4615 (The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, a ...)
 	NOT-FOR-US: EMC Smarts Network Configuration Manager
-CVE-2013-4614
+CVE-2013-4614 (English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300,  ...)
 	NOT-FOR-US: EMC Smarts Network Configuration Manager
-CVE-2013-4613
+CVE-2013-4613 (The default configuration of the administrative interface on the Canon ...)
 	NOT-FOR-US: EMC RSA Data Protection Manager Appliance
-CVE-2013-4612
+CVE-2013-4612 (Multiple cross-site scripting (XSS) vulnerabilities in REDCap before 5 ...)
 	NOT-FOR-US: REDCap
-CVE-2013-4611
+CVE-2013-4611 (Multiple unspecified vulnerabilities in REDCap before 5.1.1 allow remo ...)
 	NOT-FOR-US: REDCap
-CVE-2013-4610
+CVE-2013-4610 (Unspecified vulnerability in the Data Search utility in data-entry for ...)
 	NOT-FOR-US: REDCap
-CVE-2013-4609
+CVE-2013-4609 (REDCap before 5.0.4 and 5.1.x before 5.1.3 does not reject certain und ...)
 	NOT-FOR-US: REDCap
-CVE-2013-4608
+CVE-2013-4608 (Cross-site scripting (XSS) vulnerability in REDCap before 5.0.6 allows ...)
 	NOT-FOR-US: REDCap
 CVE-2013-4607
 	RESERVED
@@ -7284,7 +7284,7 @@ CVE-2013-4606
 	RESERVED
 CVE-2013-4605
 	RESERVED
-CVE-2013-4604
+CVE-2013-4604 (Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly r ...)
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2013-4603
 	RESERVED
@@ -7292,53 +7292,53 @@ CVE-2013-4602
 	RESERVED
 CVE-2013-4601
 	RESERVED
-CVE-2013-4600
+CVE-2013-4600 (Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms ...)
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2013-4599
+CVE-2013-4599 (The Misery module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.2 fo ...)
 	NOT-FOR-US: Drupal module misery
-CVE-2013-4598
+CVE-2013-4598 (The Groups, Communities and Co (GCC) module 7.x-1.x before 7.x-1.1 for ...)
 	NOT-FOR-US: Drupal module GCC
-CVE-2013-4597
+CVE-2013-4597 (The Revisioning module 7.x-1.x before 7.x-1.6 for Drupal does not prop ...)
 	NOT-FOR-US: Drupal module Revisioning
-CVE-2013-4596
+CVE-2013-4596 (The Node Access Keys module 7.x-1.x before 7.x-1.1 for Drupal does not ...)
 	NOT-FOR-US: Drupal module Node Access Keys
-CVE-2013-4595
+CVE-2013-4595 (The Secure Pages module 6.x-2.x before 6.x-2.0 for Drupal does not pro ...)
 	NOT-FOR-US: Drupal module Secure Pages
-CVE-2013-4594
+CVE-2013-4594 (The Payment for Webform module 7.x-1.x before 7.x-1.5 for Drupal does  ...)
 	NOT-FOR-US: Drupal module Payment for Webform
 CVE-2013-4593
 	RESERVED
 	- ruby-omniauth-facebook <not-affected> (Fixed before initial release)
-CVE-2013-4592
+CVE-2013-4592 (Memory leak in the __kvm_set_memory_region function in virt/kvm/kvm_ma ...)
 	- linux 3.8-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport, KVM server not supported in squeeze-lts)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-4591
+CVE-2013-4591 (Buffer overflow in the __nfs4_get_acl_uncached function in fs/nfs/nfs4 ...)
 	- linux 3.8-1
 	[wheezy] - linux <not-affected> (Introduced in 3.6)
 	- linux-2.6 <not-affected> (Introduced in 3.6)
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=12d6e7538e2d418c08f082b1b44ffa5fb7270ed8
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e40f193f5bb022e927a57a4f5d5194e4f12ddb74
-CVE-2013-4590
+CVE-2013-4590 (Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-R ...)
 	{DSA-3530-1 DLA-91-1}
 	- tomcat6 6.0.39 (low)
 	[squeeze] - tomcat6 <no-dsa> (Minor issue)
 	- tomcat7 7.0.50 (low)
 	[wheezy] - tomcat7 <no-dsa> (Minor issue)
 	- tomcat8 8.0.0
-CVE-2013-4589
+CVE-2013-4589 (The ExportAlphaQuantumType function in export.c in GraphicsMagick befo ...)
 	- graphicsmagick 1.3.18-1 (low; bug #729661)
 	[squeeze] - graphicsmagick <no-dsa> (Minor issue)
 	[wheezy] - graphicsmagick <no-dsa> (Minor issue)
-CVE-2013-4588
+CVE-2013-4588 (Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl. ...)
 	{DSA-2906-1}
 	- linux <not-affected> (fixed in 2.6.33)
 	- linux-2.6 2.6.37-1
 	NOTE: 2.6.37-1 first version including 2.6.33 in unstable for linux-2.6
 	NOTE: https://git.kernel.org/linus/04bcef2a83f40c6db24222b27a52892cba39dffb
 	NOTE: http://seclists.org/fulldisclosure/2013/Nov/77
-CVE-2013-4587
+CVE-2013-4587 (Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm ...)
 	{DSA-2906-1}
 	- linux 3.12.5-1
 	- linux-2.6 <removed>
@@ -7358,30 +7358,30 @@ CVE-2013-4583
 CVE-2013-4582 [Local file inclusion vulnerability]
 	RESERVED
 	- gitlab <not-affected> (Fixed before initial upload to Debian)
-CVE-2013-4581
+CVE-2013-4581 (GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Ed ...)
 	- gitlab <not-affected> (Fixed before initial upload to Debian)
-CVE-2013-4580
+CVE-2013-4580 (GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Ed ...)
 	- gitlab <not-affected> (Fixed before initial upload to Debian)
-CVE-2013-4579
+CVE-2013-4579 (The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9 ...)
 	- linux-2.6 <not-affected> (ath9k not yet present)
 	- linux 3.12.8-1 (bug #729573)
 	[wheezy] - linux 3.2.54-1
 	NOTE: http://www.mathyvanhoef.com/2013/11/unmasking-spoofed-mac-address.html
-CVE-2013-4578
+CVE-2013-4578 (jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote atta ...)
 	- openjdk-7 7u51-2.4.4-1
 	- openjdk-6 6b30-1.13.1-1
-CVE-2013-4577
+CVE-2013-4577 (A certain Debian patch for GNU GRUB uses world-readable permissions fo ...)
 	- grub2 2.00-20 (unimportant; bug #632598)
 	NOTE: Additional hardening for rare setups, not a vulnerability
-CVE-2013-4576
+CVE-2013-4576 (GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introduc ...)
 	{DSA-2821-1}
 	- gnupg 1.4.15-3
-CVE-2013-4575
+CVE-2013-4575 (Heap-based buffer overflow in the utility program in the Linux agent i ...)
 	NOT-FOR-US: Symantec Backup Exec
-CVE-2013-4574
+CVE-2013-4574 (Cross-site scripting (XSS) vulnerability in the TimeMediaHandler exten ...)
 	NOT-FOR-US: TimedMediaHandler mediawiki extension
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=56699
-CVE-2013-4573
+CVE-2013-4573 (Cross-site scripting (XSS) vulnerability in the ZeroRatedMobileAccess  ...)
 	NOT-FOR-US: mediawiki extension ZeroRatedMobileAccess
 CVE-2013-4572
 	RESERVED
@@ -7389,106 +7389,106 @@ CVE-2013-4572
 	- mediawiki 1:1.19.8+dfsg-2.2 (bug #729629)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=53032
-CVE-2013-4571
+CVE-2013-4571 (Buffer overflow in php-luasandbox in the Scribuntu extension for Media ...)
 	NOT-FOR-US: php-luasandbox / Scribunto mediawiki extension
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=49705
-CVE-2013-4570
+CVE-2013-4570 (The zend_inline_hash_func function in php-luasandbox in the Scribuntu  ...)
 	NOT-FOR-US: php-luasandbox / Scribunto mediawiki extension
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=54527
-CVE-2013-4569
+CVE-2013-4569 (The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before  ...)
 	NOT-FOR-US: mediawiki extension CleanChanges
-CVE-2013-4568
+CVE-2013-4568 (Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki ...)
 	{DSA-2891-1}
 	- mediawiki 1:1.19.8+dfsg-2.2 (bug #729629)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=55332
-CVE-2013-4567
+CVE-2013-4567 (Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki ...)
 	{DSA-2891-1}
 	- mediawiki 1:1.19.8+dfsg-2.2 (bug #729629)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=55332
-CVE-2013-4566
+CVE-2013-4566 (mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the ...)
 	- libapache2-mod-nss 1.0.8-4 (low; bug #731627)
 	[wheezy] - libapache2-mod-nss <no-dsa> (Minor issue)
-CVE-2013-4565
+CVE-2013-4565 (Heap-based buffer overflow in the __OLEdecode function in ppthtml 0.5. ...)
 	- xlhtml <removed> (low; bug #729279)
 	[wheezy] - xlhtml <no-dsa> (Minor issue)
 	[squeeze] - xlhtml <no-dsa> (Minor issue)
-CVE-2013-4564
+CVE-2013-4564 (Libreswan 3.6 allows remote attackers to cause a denial of service (cr ...)
 	- libreswan <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://libreswan.org/security/CVE-2013-4564/CVE-2013-4564.txt.asc
 	NOTE: https://github.com/libreswan/libreswan/commit/9b31deafbdbf0c2206358dfbf2d4e343e365f23f
-CVE-2013-4563
+CVE-2013-4563 (The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux  ...)
 	- linux-2.6 <not-affected> (Introduced in v3.10-rc5)
 	- linux 3.11.10-1
 	[wheezy] - linux <not-affected> (Introduced in v3.10-rc5)
 	NOTE: Introduced: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e2bd517c108816220f262d7954b697af03b5f9c
 	NOTE: fixed in: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e033e0
-CVE-2013-4562
+CVE-2013-4562 (The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store t ...)
 	- ruby-omniauth-facebook <not-affected> (Fixed before initial release)
 	NOTE: https://github.com/mkdynamic/omniauth-facebook/commit/ccfcc26fe7e34acbd75ad4a095fd01ce5ff48ee7
 CVE-2013-4561
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2013-4560
+CVE-2013-4560 (Use-after-free vulnerability in lighttpd before 1.4.33 allows remote a ...)
 	{DSA-2795-1}
 	- lighttpd 1.4.33-1+nmu1 (bug #729453)
-CVE-2013-4559
+CVE-2013-4559 (lighttpd before 1.4.33 does not check the return value of the (1) setu ...)
 	{DSA-2795-1}
 	- lighttpd 1.4.33-1+nmu1 (bug #729453)
-CVE-2013-4558
+CVE-2013-4558 (The get_parent_resource function in repos.c in mod_dav_svn Apache HTTP ...)
 	- subversion 1.7.14-1
 	[squeeze] - subversion <not-affected> (Only affects 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4)
 	[wheezy] - subversion <not-affected> (Only affects 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4)
 	NOTE: http://subversion.apache.org/security/CVE-2013-4558-advisory.txt
-CVE-2013-4557
+CVE-2013-4557 (The Security Screen (_core_/securite/ecran_securite.php) before 1.1.8  ...)
 	{DSA-2794-1}
 	- spip 2.1.24-1 (bug #729172)
-CVE-2013-4556
+CVE-2013-4556 (Cross-site scripting (XSS) vulnerability in the author page (prive/for ...)
 	{DSA-2794-1}
 	- spip 2.1.24-1 (bug #729172)
-CVE-2013-4555
+CVE-2013-4555 (Cross-site request forgery (CSRF) vulnerability in ecrire/action/logou ...)
 	{DSA-2794-1}
 	- spip 2.1.24-1 (bug #729172)
-CVE-2013-4554
+CVE-2013-4554 (Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), an ...)
 	- xen <not-affected> (Doesn't affect Linux)
-CVE-2013-4553
+CVE-2013-4553 (The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possib ...)
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-4552
+CVE-2013-4552 (lib/Auth/Source/External.php in the drupalauth module before 1.2.2 for ...)
 	NOT-FOR-US: drupalauth module for simpleSAMLphp
-CVE-2013-4551
+CVE-2013-4551 (Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not  ...)
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Only affects 4.2.x and later)
 	[squeeze] - xen <not-affected> (Only affects 4.2.x and later)
-CVE-2013-4550
+CVE-2013-4550 (Bip before 0.8.9, when running as a daemon, writes SSL handshake error ...)
 	- bip 0.8.9-1 (low)
 	[wheezy] - bip <no-dsa> (Minor issue)
 	[squeeze] - bip <no-dsa> (Minor issue)
 	NOTE: Upstream commit: https://projects.duckcorp.org/projects/bip/repository/revisions/df45c4c2d6f892e3e1dec23ce0ed2575b53a7d8c
 	NOTE: https://projects.duckcorp.org/issues/261
 	NOTE: Difference between CVE-2011-5268 and CVE-2013-4550: http://www.openwall.com/lists/oss-security/2014/01/02/9
-CVE-2013-4549
+CVE-2013-4549 (QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers t ...)
 	- qtbase-opensource-src 5.1.1+dfsg-6
 	- qt4-x11 4:4.8.5+git192-g085f851+dfsg-1 (low; bug #750141)
 	[wheezy] - qt4-x11 <no-dsa> (Minor issue)
 	[squeeze] - qt4-x11 <no-dsa> (Minor issue)
 	NOTE: https://codereview.qt-project.org/#change,70708
-CVE-2013-4548
+CVE-2013-4548 (The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH ...)
 	- openssh 1:6.4p1-1 (bug #729029)
 	[wheezy] - openssh <not-affected> (AES-GCM support introduced in 6.2)
 	[squeeze] - openssh <not-affected> (AES-GCM support introduced in 6.2)
-CVE-2013-4547
+CVE-2013-4547 (nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attack ...)
 	{DSA-2802-1}
 	- nginx 1.4.4-1 (bug #730012)
 	[squeeze] - nginx <not-affected> (Only applies to 0.8.41 - 1.5.6)
-CVE-2013-4546
+CVE-2013-4546 (The repository import feature in gitlab-shell before 1.7.4, as used in ...)
 	- gitlab <not-affected> (Fixed before initial upload to Debian)
-CVE-2013-4545
+CVE-2013-4545 (cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disab ...)
 	{DSA-2798-1}
 	- curl 7.33.0-1
-CVE-2013-4544
+CVE-2013-4544 (hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local gu ...)
 	- qemu 2.0.0+dfsg-1
 	[wheezy] - qemu <not-affected> (Introduced in 1.4)
 	[squeeze] - qemu <not-affected> (Introduced in 1.4)
@@ -7496,7 +7496,7 @@ CVE-2013-4544
 	NOTE: see BTS bug #744213
 CVE-2013-4543
 	REJECTED
-CVE-2013-4542
+CVE-2013-4542 (The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU be ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
@@ -7504,35 +7504,35 @@ CVE-2013-4542
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	NOTE: virtio-scsi support introduced in v1.1: http://wiki.qemu.org/ChangeLog/1.1
-CVE-2013-4541
+CVE-2013-4541 (The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4540
+CVE-2013-4540 (Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 migh ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4539
+CVE-2013-4539 (Multiple buffer overflows in the tsc210x_load function in hw/input/tsc ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4538
+CVE-2013-4538 (Multiple buffer overflows in the ssd0323_load function in hw/display/s ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4537
+CVE-2013-4537 (The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 al ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
@@ -7555,14 +7555,14 @@ CVE-2013-4535
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4534
+CVE-2013-4534 (Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows remot ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4533
+CVE-2013-4533 (Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in  ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
@@ -7577,21 +7577,21 @@ CVE-2013-4532
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4531
+CVE-2013-4531 (Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows re ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4530
+CVE-2013-4530 (Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote a ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed>
-CVE-2013-4529
+CVE-2013-4529 (Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remot ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
@@ -7600,88 +7600,88 @@ CVE-2013-4529
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 CVE-2013-4528
 	REJECTED
-CVE-2013-4527
+CVE-2013-4527 (Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow re ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4526
+CVE-2013-4526 (Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote at ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4525
+CVE-2013-4525 (Cross-site scripting (XSS) vulnerability in mod/quiz/report/responses/ ...)
 	- moodle 2.5.3-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-4524
+CVE-2013-4524 (Directory traversal vulnerability in repository/filesystem/lib.php in  ...)
 	- moodle 2.5.3-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-4523
+CVE-2013-4523 (Cross-site scripting (XSS) vulnerability in message/lib.php in Moodle  ...)
 	- moodle 2.5.3-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-4522
+CVE-2013-4522 (lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x b ...)
 	- moodle 2.5.3-1 (low)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 CVE-2013-4521
 	RESERVED
 	NOT-FOR-US: Nuxeo
-CVE-2013-4520
+CVE-2013-4520 (xslt.c in libxslt before 1.1.25 allows context-dependent attackers to  ...)
 	- libxslt <not-affected> (The versions in wheezy and squeeze contain the full patch)
-CVE-2013-4519
+CVE-2013-4519 (Multiple cross-site scripting (XSS) vulnerabilities in Review Board 1. ...)
 	- reviewboard <itp> (bug #653113)
 CVE-2013-4518
 	RESERVED
 	NOT-FOR-US: Red Hat Update Infrastructure
-CVE-2013-4517
+CVE-2013-4517 (Apache Santuario XML Security for Java before 1.5.6, when applying Tra ...)
 	- libxml-security-java 1.5.6-1 (bug #733938)
 	[squeeze] - libxml-security-java <no-dsa> (Minor issue, too intrusive to backport)
 	[wheezy] - libxml-security-java <no-dsa> (Minor issue, too intrusive to backport)
 	NOTE: http://santuario.apache.org/secadv.data/cve-2013-4517.txt.asc
-CVE-2013-4516
+CVE-2013-4516 (The mp_get_count function in drivers/staging/sb105x/sb_pci_mp.c in the ...)
 	- linux 3.12-1 (unimportant)
 	[wheezy] - linux <not-affected> (Affected code not present yet)
 	- linux-2.6 <not-affected> (Affected code not present yet)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a8b33654b1e3b0c74d4a1fed041c9aae50b3c427
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2013-4515
+CVE-2013-4515 (The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Li ...)
 	- linux 3.12-1 (unimportant)
 	NOTE: bcm driver not built
 	- linux-2.6 <not-affected> (Affected code not present yet)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8d1e72250c847fa96498ec029891de4dc638a5ba
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2013-4514
+CVE-2013-4514 (Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in t ...)
 	- linux 3.12-1 (unimportant)
 	NOTE: wlags49_h2 driver not built
 	- linux-2.6 <not-affected> (Affected code not present yet)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5e2f339865fb443107e5b10603e53bbc92dc054
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2013-4513
+CVE-2013-4513 (Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpa ...)
 	- linux 3.12-1 (unimportant)
 	[wheezy] - linux <not-affected> (Affected code not present yet)
 	- linux-2.6 <not-affected> (Affected code not present yet)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c2c65cd2e14ada6de44cb527e7f1990bede24e15
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2013-4512
+CVE-2013-4512 (Buffer overflow in the exitcode_proc_write function in arch/um/kernel/ ...)
 	{DSA-2906-1}
 	- linux 3.11.8-1 (low)
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=201f99f170df14ba52ea4c52847779042b7a623b
-CVE-2013-4511
+CVE-2013-4511 (Multiple integer overflows in Alchemy LCD frame-buffer drivers in the  ...)
 	{DSA-2906-1}
 	- linux 3.11.8-1
 	- linux-2.6 <removed>
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7314e613d
-CVE-2013-4510
+CVE-2013-4510 (Directory traversal vulnerability in the client in Tryton 3.0.0, as di ...)
 	{DSA-2791-1}
 	- tryton-client 2.8.4-1
 	NOTE: https://bugs.tryton.org/issue3446
-CVE-2013-4509
+CVE-2013-4509 (The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlie ...)
 	- mozc 1.12.1599.102-1 (low; bug #729065)
 	[wheezy] - mozc <not-affected> (Only in combination with Ibus 1.5.4, which is not in stable)
 	- ibus-anthy 1.5.4-1 (low; bug #729065)
@@ -7697,61 +7697,61 @@ CVE-2013-4509
 	NOTE: This is rather a bug in the various IBus engines not in ibus itself, asked maintainers to investigate affected engines,
 	NOTE: can be assigned to affected engines once more info is available
 	NOTE: Introduced in 1.5, so stable/oldstable not affected
-CVE-2013-4508
+CVE-2013-4508 (lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphe ...)
 	{DSA-2795-1}
 	- lighttpd 1.4.33-1+nmu1 (bug #729453)
 	NOTE: http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_01.txt
 	NOTE: http://redmine.lighttpd.net/issues/2525
-CVE-2013-4507
+CVE-2013-4507 (Cross-site scripting (XSS) vulnerability in CollectiveAccess Providenc ...)
 	NOT-FOR-US: CollectiveAccess
 CVE-2013-4506
 	RESERVED
-CVE-2013-4505
+CVE-2013-4505 (The is_this_legal function in mod_dontdothat for Apache Subversion 1.4 ...)
 	- subversion 1.7.14-1 (bug #730541; unimportant)
 	NOTE: Not built in the binary packages
-CVE-2013-4504
+CVE-2013-4504 (The Monster Menus module 7.x-1.x before 7.x-1.15 allows remote attacke ...)
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4503
+CVE-2013-4503 (Cross-site scripting (XSS) vulnerability in the Feed Element Mapper mo ...)
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4502
+CVE-2013-4502 (The FileField Sources module 6.x-1.x before 6.x-1.9 and 7.x-1.x before ...)
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4501
+CVE-2013-4501 (The default views in the Quiz module 6.x-4.x before 6.x-4.5 for Drupal ...)
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4500
+CVE-2013-4500 (The Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote authen ...)
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4499
+CVE-2013-4499 (Cross-site scripting (XSS) vulnerability in the Bean module 7.x-1.x be ...)
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4498
+CVE-2013-4498 (The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 fo ...)
 	NOT-FOR-US: Drupal contrib module
-CVE-2013-4497
+CVE-2013-4497 (The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Ha ...)
 	- nova 2013.2-1
 	[wheezy] - nova <not-affected> (OpenStack Essex is not affected)
 	NOTE: https://bugs.launchpad.net/nova/+bug/1073306
 	NOTE: https://github.com/openstack/nova/commit/ba0d007fb78bd1182c3c0b808dbd7ccc84640e80
 	NOTE: https://bugs.launchpad.net/nova/+bug/1202266
 	NOTE: https://github.com/openstack/nova/commit/5cced7a6dd32d231c606e25dbf762d199bf9cca7
-CVE-2013-4496
+CVE-2013-4496 (Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 d ...)
 	- samba 2:4.1.6+dfsg-1 (low)
 	[wheezy] - samba 2:3.6.6-6+deb7u3
 	[squeeze] - samba <no-dsa> (Minor issue)
 	- samba4 <removed>
 	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
 	NOTE: http://www.samba.org/samba/security/CVE-2013-4496
-CVE-2013-4495
+CVE-2013-4495 (The send_the_mail function in server/svr_mail.c in Terascale Open-Sour ...)
 	{DSA-2796-1}
 	- torque 2.4.16+dfsg-1.3 (bug #729333)
-CVE-2013-4494
+CVE-2013-4494 (Xen before 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock a ...)
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2013-4493
 	RESERVED
-CVE-2013-4492
+CVE-2013-4492 (Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n  ...)
 	{DSA-2830-1}
 	- ruby-i18n 0.6.9-1
 	- libi18n-ruby <removed>
 	[squeeze] - libi18n-ruby <not-affected> (vulnerable code not present)
-CVE-2013-4491
+CVE-2013-4491 (Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view ...)
 	{DSA-2888-1}
 	- rails-4.0 4.0.2+dfsg-1 (bug #731290)
 	- rails-3.2 3.2.16-3+0
@@ -7759,146 +7759,146 @@ CVE-2013-4491
 	- ruby-actionpack-2.3 <not-affected> (vulnerable code not present)
 	- rails <not-affected> (Vulnerable code not present)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-4490
+CVE-2013-4490 (The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before ...)
 	- gitlab <not-affected> (Fixed before initial release to Debian)
-CVE-2013-4489
+CVE-2013-4489 (The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x befo ...)
 	- gitlab <not-affected> (Fixed before initial release to Debian)
-CVE-2013-4488
+CVE-2013-4488 (libgadu before 1.12.0 does not verify X.509 certificates from SSL serv ...)
 	- libgadu <unfixed> (unimportant)
 	NOTE: Intentional design decision
-CVE-2013-4487
+CVE-2013-4487 (Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in ...)
 	- gnutls28 <not-affected> (libdane is not built; original patch for CVE-2013-4466 not applied)
 	- gnutls26 <not-affected> (only 3.1.x and 3.2.x)
 	NOTE: off-by one issue in original fix for CVE-2013-4466
 CVE-2013-4486
 	RESERVED
 	NOT-FOR-US: Zanata
-CVE-2013-4485
+CVE-2013-4485 (389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8. ...)
 	- 389-ds-base 1.3.2.9-1 (bug #730115)
-CVE-2013-4484
+CVE-2013-4484 (Varnish before 3.0.5 allows remote attackers to cause a denial of serv ...)
 	{DSA-2814-1}
 	- varnish 3.0.5-1 (medium; bug #728989)
 	NOTE: https://www.varnish-cache.org/trac/ticket/1367
-CVE-2013-4483
+CVE-2013-4483 (The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3 ...)
 	- linux 3.11.8-1 (low)
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <no-dsa> (Minor issue, too intrusive to backport)
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6062a8
-CVE-2013-4482
+CVE-2013-4482 (Untrusted search path vulnerability in python-paste-script (aka paster ...)
 	NOT-FOR-US: LuCi
-CVE-2013-4481
+CVE-2013-4481 (Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with  ...)
 	NOT-FOR-US: LuCi
-CVE-2013-4480
+CVE-2013-4480 (Red Hat Satellite 5.6 and earlier does not disable the web interface t ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2013-4479
+CVE-2013-4479 (lib/sup/message_chunks.rb in Sup before 0.13.2.1 and 0.14.x before 0.1 ...)
 	{DSA-2805-1}
 	- sup-mail 0.12.1+git20120407.aaa852f-1+deb7u1 (bug #728232)
 	NOTE: https://github.com/sup-heliotrope/sup/commit/ca0302e0c716682d2de22e9136400c704cc93e42
-CVE-2013-4478
+CVE-2013-4478 (Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers ...)
 	{DSA-2805-1}
 	- sup-mail 0.12.1+git20120407.aaa852f-1+deb7u1 (bug #728232)
 	NOTE: http://rubyforge.org/pipermail/sup-talk/2013-October/004996.html
 	NOTE: https://github.com/sup-heliotrope/sup/commit/8b46cdbfc14e07ca07d403aa28b0e7bc1c544785
-CVE-2013-4477
+CVE-2013-4477 (The LDAP backend in OpenStack Identity (Keystone) Grizzly and Havana,  ...)
 	- keystone 2013.2-2 (bug #728233)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1242855
-CVE-2013-4476
+CVE-2013-4476 (Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is ...)
 	- samba 2:4.0.11+dfsg-1 (low)
 	[wheezy] - samba <not-affected> (Doesn't provide AD functionality)
 	[squeeze] - samba <not-affected> (Doesn't provide AD functionality)
 	- samba4 <removed> (low)
 	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
-CVE-2013-4475
+CVE-2013-4475 (Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1. ...)
 	{DSA-2812-1}
 	- samba 2:4.0.11+dfsg-1 (low)
 	- samba4 <removed> (low)
 	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
-CVE-2013-4474
+CVE-2013-4474 (Format string vulnerability in the extractPages function in utils/pdfs ...)
 	{DLA-1074-1}
 	- poppler 0.18.4-9 (low; bug #729064)
 	[squeeze] - poppler <not-affected> (pdfseparate not yet present)
-CVE-2013-4473
+CVE-2013-4473 (Stack-based buffer overflow in the extractPages function in utils/pdfs ...)
 	{DLA-1074-1}
 	- poppler 0.18.4-9 (low; bug #729064)
 	[squeeze] - poppler <not-affected> (pdfseparate not yet present)
-CVE-2013-4472
+CVE-2013-4472 (The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 a ...)
 	- poppler <unfixed> (unimportant)
 	- xpdf <unfixed> (unimportant)
 	NOTE: specific to non-*NIX systems
-CVE-2013-4471
+CVE-2013-4471 (The Identity v3 API in OpenStack Dashboard (Horizon) before 2013.2 doe ...)
 	- horizon 2013.2-1
 	[wheezy] - horizon <not-affected> (v3 API introduced in Grizzly)
 	NOTE: https://bugs.launchpad.net/horizon/+bug/1237989
-CVE-2013-4470
+CVE-2013-4470 (The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is  ...)
 	{DLA-0015-1}
 	- linux 3.11.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	[wheezy] - linux 3.2.53-1
-CVE-2013-4469
+CVE-2013-4469 (OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_ima ...)
 	- nova 2013.2-3 (low; bug #728605)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: CVE for incomplete fix of CVE-2013-2096
-CVE-2013-4468
+CVE-2013-4468 (VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and e ...)
 	NOT-FOR-US: VICIDIAL
-CVE-2013-4467
+CVE-2013-4467 (Multiple SQL injection vulnerabilities in the agent interface (agc/) i ...)
 	NOT-FOR-US: VICIDIAL
-CVE-2013-4466
+CVE-2013-4466 (Buffer overflow in the dane_query_tlsa function in the DANE library (l ...)
 	- gnutls26 <not-affected> (only 3.1.x and 3.2.x)
 	- gnutls28 <not-affected> (libdane is not built)
 	NOTE: http://www.gnutls.org/security.html#GNUTLS-SA-2013-3
 	NOTE: Upstream commit for 3.2.x: https://gitlab.com/gnutls/gnutls/commit/ed51e5e53cfbab3103d6b7b85b7ba4515e4f30c3
-CVE-2013-4465
+CVE-2013-4465 (Unrestricted file upload vulnerability in the avatar upload functional ...)
 	NOT-FOR-US: Simple Machines Forum
 CVE-2013-4464
 	RESERVED
-CVE-2013-4463
+CVE-2013-4463 (OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly ...)
 	- nova 2013.2-3 (low; bug #728605)
 	[wheezy] - nova <no-dsa> (Minor issue)
 CVE-2013-4462
 	RESERVED
 	NOT-FOR-US: WordPress plugin
-CVE-2013-4461
+CVE-2013-4461 (SQL injection vulnerability in the web interface for cumin in Red Hat  ...)
 	NOT-FOR-US: Cumin
-CVE-2013-4460
+CVE-2013-4460 (Cross-site scripting (XSS) vulnerability in account_sponsor_page.php i ...)
 	{DSA-3120-1}
 	- mantis <removed> (low; bug #727180)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=16513
-CVE-2013-4459
+CVE-2013-4459 (LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the  ...)
 	- lightdm <not-affected> (Only in combination with guest profile, apparmor and 1.8.x branch)
-CVE-2013-4458
+CVE-2013-4458 (Stack-based buffer overflow in the getaddrinfo function in sysdeps/pos ...)
 	{DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.18-1 (low; bug #727181)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	NOTE: https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=16072
-CVE-2013-4457
+CVE-2013-4457 (The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent  ...)
 	NOT-FOR-US: Cocaine rubygem
 CVE-2013-4456
 	RESERVED
-CVE-2013-4455
+CVE-2013-4455 (Katello Installer before 0.0.18 uses world-readable permissions for /e ...)
 	NOT-FOR-US: Katello
 CVE-2013-4454
 	RESERVED
 	NOT-FOR-US: WordPress plugin
-CVE-2013-4453
+CVE-2013-4453 (Cross-site scripting (XSS) vulnerability in templates/login.php in LDA ...)
 	- ldap-account-manager 4.4-1 (medium; bug #726976)
 	[wheezy] - ldap-account-manager <no-dsa> (Minor issue)
 	[squeeze] - ldap-account-manager <no-dsa> (Minor issue)
-CVE-2013-4452
+CVE-2013-4452 (Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions ...)
 	NOT-FOR-US: JBoss Operation Network
-CVE-2013-4451
+CVE-2013-4451 (gitolite commit fa06a34 through 3.5.3 might allow attackers to have un ...)
 	- gitolite <not-affected> (vulnerable code introduced for v3.5.3)
 	- gitolite3 <not-affected> (vulnerable code introduced for v3.5.3)
-CVE-2013-4450
+CVE-2013-4450 (The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8. ...)
 	- nodejs 0.10.21~dfsg1-1 (medium)
 	NOTE: https://github.com/joyent/node/commit/085dd30e93da67362f044ad1b3b6b2d997064692
 	NOTE: http://blog.nodejs.org/2013/10/18/node-v0-10-21-stable/
-CVE-2013-4449
+CVE-2013-4449 (The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not prope ...)
 	{DSA-3209-1 DLA-203-1}
 	- openldap 2.4.39-1.1 (low; bug #729367)
 	[wheezy] - openldap <no-dsa> (Minor issue)
@@ -7907,19 +7907,19 @@ CVE-2013-4449
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1019490
 CVE-2013-4448
 	RESERVED
-CVE-2013-4447
+CVE-2013-4447 (Cross-site scripting (XSS) vulnerability in the API in the Simplenews  ...)
 	NOT-FOR-US: Simplenews Drupal contributed module
-CVE-2013-4446
+CVE-2013-4446 (The _json_decode function in plugins/context_reaction_block.inc in the ...)
 	NOT-FOR-US: Context Drupal contributed module
-CVE-2013-4445
+CVE-2013-4445 (The json rendering functionality in the Context module 6.x-2.x before  ...)
 	NOT-FOR-US: Context Drupal contributed module
-CVE-2013-4444
+CVE-2013-4444 (Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0 ...)
 	- tomcat7 7.0.40-1
 	[wheezy] - tomcat7 7.0.28-4+deb7u3
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1470435
 CVE-2013-4443
 	REJECTED
-CVE-2013-4442
+CVE-2013-4442 (Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated  ...)
 	- pwgen 2.07-1 (unimportant; bug #767008)
 	NOTE: /dev/random is universally available, if an attacker can create an environment
 	NOTE: where it's not available that opens a far bigger can of worms
@@ -7927,62 +7927,62 @@ CVE-2013-4441 [Phonemes mode has heavy bias and is enabled by default]
 	RESERVED
 	- pwgen <unfixed> (unimportant; bug #726578)
 	NOTE: pwgen is documented to generate memorable passwords, so this is by design
-CVE-2013-4440
+CVE-2013-4440 (Password Generator (aka Pwgen) before 2.07 generates weak non-tty pass ...)
 	- pwgen 2.07-1 (unimportant; bug #725507)
 	NOTE: Documented shortcoming
-CVE-2013-4439
+CVE-2013-4439 (Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authen ...)
 	- salt 0.17.1+dfsg-1 (bug #726480)
-CVE-2013-4438
+CVE-2013-4438 (Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute  ...)
 	- salt 0.17.1+dfsg-1 (bug #726480)
-CVE-2013-4437
+CVE-2013-4437 (Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 h ...)
 	- salt 0.17.1+dfsg-1 (bug #726480)
-CVE-2013-4436
+CVE-2013-4436 (The default configuration for salt-ssh in Salt (aka SaltStack) 0.17.0  ...)
 	- salt 0.17.1+dfsg-1 (bug #726480)
-CVE-2013-4435
+CVE-2013-4435 (Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated ...)
 	- salt 0.17.1+dfsg-1 (bug #726480)
-CVE-2013-4434
+CVE-2013-4434 (Dropbear SSH Server before 2013.59 generates error messages for a fail ...)
 	- dropbear 2012.55-1.4 (low; bug #726118)
 	[squeeze] - dropbear <no-dsa> (Minor issue)
 	[wheezy] - dropbear <no-dsa> (Minor issue)
-CVE-2013-4433
+CVE-2013-4433 (Cross-site scripting (XSS) vulnerability in XHProf before 0.9.4 allows ...)
 	- xhprof 0.9.4-1 (bug #726284)
-CVE-2013-4432
+CVE-2013-4432 (Mahara before 1.5.13, 1.6.x before 1.6.8, and 1.7.x before 1.7.4 does  ...)
 	- mahara <removed> (low; bug #727539)
 	[squeeze] - mahara <no-dsa> (Minor issue)
 	NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.7_STABLE/revision/5831
 	NOTE: https://gitorious.org/mahara/mahara/commit/0b4952e063f50c001e4c2dfc5749f55258bff952
-CVE-2013-4431
+CVE-2013-4431 (Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 does  ...)
 	- mahara <removed> (low; bug #727552)
 	[squeeze] - mahara <no-dsa> (Minor issue)
 	NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.7_STABLE/revision/5832
 	NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.5_STABLE/revision/5542
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1233500
-CVE-2013-4430
+CVE-2013-4430 (Cross-site scripting (XSS) vulnerability in Mahara before 1.5.12, 1.6. ...)
 	- mahara <removed> (unimportant; bug #727548)
 	NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.7_STABLE/revision/5830
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1175446
 	NOTE: Only exploitable during installation
-CVE-2013-4429
+CVE-2013-4429 (Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 does  ...)
 	- mahara <removed> (low; bug #727545)
 	NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.7_STABLE/revision/5833
 	NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.5_STABLE/revision/5543
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1211758
 	[squeeze] - mahara <no-dsa> (Minor issue)
-CVE-2013-4428
+CVE-2013-4428 (OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly ...)
 	- glance 2013.2-1 (bug #726478)
 	[wheezy] - glance <not-affected> (does not have the download_image)
-CVE-2013-4427
+CVE-2013-4427 (pyxtrlock before 0.2 does not properly check the return values of the  ...)
 	NOT-FOR-US: pyxtrlock
-CVE-2013-4426
+CVE-2013-4426 (pyxtrlock before 0.1 uses an incorrect variable name, which allows phy ...)
 	NOT-FOR-US: pyxtrlock
-CVE-2013-4425
+CVE-2013-4425 (The DICOM listener in OsiriX before 5.8 and before 2.5-MD, when starti ...)
 	NOT-FOR-US: Osirix
-CVE-2013-4424
+CVE-2013-4424 (Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Port ...)
 	NOT-FOR-US: GateIn
 CVE-2013-4423
 	RESERVED
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2013-4422
+CVE-2013-4422 (SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 ...)
 	- quassel 0.9.1-1
 	[wheezy] - quassel <no-dsa> (Issue only relevant if the Qt 4.8.5 fix would be backported)
 	[squeeze] - quassel <not-affected> (qt4-x11 is too old)
@@ -7993,28 +7993,28 @@ CVE-2013-4422
 	NOTE: Caused by a change in Qt's postgres driver:
 	NOTE: https://bugreports.qt-project.org/browse/QTBUG-30076
 	NOTE: https://qt.gitorious.org/qt/qtbase/commit/e3c5351d06ce8a12f035cd0627356bc64d8c334a
-CVE-2013-4421
+CVE-2013-4421 (The buf_decompress function in packet.c in Dropbear SSH Server before  ...)
 	- dropbear 2012.55-1.4 (low; bug #726019)
 	[squeeze] - dropbear <no-dsa> (Minor issue)
 	[wheezy] - dropbear <no-dsa> (Minor issue)
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/0bf76f54de6f
-CVE-2013-4420
+CVE-2013-4420 (Multiple directory traversal vulnerabilities in the (1) tar_extract_gl ...)
 	{DSA-2863-1}
 	- libtar 1.2.20-2 (bug #731860)
-CVE-2013-4419
+CVE-2013-4419 (The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when ...)
 	- libguestfs 1:1.22.7-1
 	[wheezy] - libguestfs 1:1.18.1-1+deb7u3
 CVE-2013-4418
 	REJECTED
 CVE-2013-4417
 	REJECTED
-CVE-2013-4416
+CVE-2013-4416 (The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, a ...)
 	- xen <not-affected> (ocaml version of the xenstore daemon not used in Debian)
-CVE-2013-4415
+CVE-2013-4415 (Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and R ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2013-4414
+CVE-2013-4414 (Cross-site scripting (XSS) vulnerability in the web interface for cumi ...)
 	NOT-FOR-US: Cumin
-CVE-2013-4413
+CVE-2013-4413 (Directory traversal vulnerability in controller/concerns/render_redire ...)
 	NOT-FOR-US: Wicked Ruby Gem
 CVE-2013-4412 [NULL ptr dereference]
 	RESERVED
@@ -8034,123 +8034,123 @@ CVE-2013-4409 [unsanitized eval() vulnerability]
 	- python-django-djblets <removed> (low)
 	[squeeze] - python-django-djblets <no-dsa> (Minor issue)
 	NOTE: Fix: https://github.com/djblets/djblets/commit/36cd15763742652ca990f913b44e91c69c707269
-CVE-2013-4408
+CVE-2013-4408 (Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done functi ...)
 	{DSA-2812-1}
 	- samba 2:4.0.13+dfsg-1
 	- samba4 <removed>
 	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
-CVE-2013-4407
+CVE-2013-4407 (HTTP::Body::Multipart in the HTTP-Body 1.08, 1.17, and earlier module  ...)
 	{DSA-2801-1}
 	- libhttp-body-perl 1.17-2 (bug #721634)
 	[squeeze] - libhttp-body-perl <not-affected> (Vulnerable code introduced in 1.08)
-CVE-2013-4406
+CVE-2013-4406 (The Quick Tabs module 6.x-2.x before 6.x-2.2, 6.x-3.x before 6.x-3.2,  ...)
 	NOT-FOR-US: Quick Tabs Drupal contributed module
-CVE-2013-4405
+CVE-2013-4405 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web  ...)
 	NOT-FOR-US: Cumin
-CVE-2013-4404
+CVE-2013-4404 (cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce use ...)
 	NOT-FOR-US: Cumin
 CVE-2013-4403
 	REJECTED
-CVE-2013-4402
+CVE-2013-4402 (The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x be ...)
 	{DSA-2774-1 DSA-2773-1}
 	- gnupg2 2.0.22-1 (bug #725433)
 	- gnupg 1.4.15-1 (bug #725439)
-CVE-2013-4401
+CVE-2013-4401 (The virConnectDomainXMLToNative API function in libvirt 1.1.0 through  ...)
 	- libvirt 1.1.4-1 (bug #727101)
 	[squeeze] - libvirt <not-affected> (Introduced in 1.1.0, REMOTE_PROC_CONNECT_DOMAIN_XML_TO|FROM_NATIVE not yet present)
 	[wheezy] - libvirt <not-affected> (Introduced in 1.1.0, REMOTE_PROC_CONNECT_DOMAIN_XML_TO|FROM_NATIVE not yet present)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c
-CVE-2013-4400
+CVE-2013-4400 (virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to  ...)
 	- libvirt 1.1.4-1 (bug #727101)
 	[squeeze] - libvirt <not-affected> (Introduced in 1.1.2, virt-login-shell not yet present)
 	[wheezy] - libvirt <not-affected> (Introduced in 1.1.2, virt-login-shell not yet present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1015228#c3
-CVE-2013-4399
+CVE-2013-4399 (The remoteClientFreeFunc function in daemon/remote.c in libvirt before ...)
 	- libvirt 1.1.4-1
 	[wheezy] - libvirt <not-affected> (Introduced in 1.1.0)
 	[squeeze] - libvirt <not-affected> (Introduced in 1.1.0)
 CVE-2013-4398
 	REJECTED
-CVE-2013-4397
+CVE-2013-4397 (Multiple integer overflows in the th_read function in lib/block.c in l ...)
 	{DSA-2817-1}
 	- libtar 1.2.20-1 (bug #725938)
-CVE-2013-4396
+CVE-2013-4396 (Use-after-free vulnerability in the doImageText function in dix/dixfon ...)
 	{DSA-2784-1}
 	- xorg-server 2:1.14.3-4
 CVE-2013-4395
 	RESERVED
 	NOT-FOR-US: Simple Machines Forum
-CVE-2013-4394
+CVE-2013-4394 (The SetX11Keyboard function in systemd, when PolicyKit Local Authority ...)
 	{DSA-2777-1}
 	- systemd 204-5 (bug #725357)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=862324
 	NOTE: http://cgit.freedesktop.org/systemd/systemd/commit/?id=0b507b17a760b21e33fc52ff377db6aa5086c680
-CVE-2013-4393
+CVE-2013-4393 (journald in systemd, when the origin of native messages is set to file ...)
 	- systemd 204-5 (bug #725357)
 	[wheezy] - systemd <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=859104
 	NOTE: http://cgit.freedesktop.org/systemd/systemd/commit/?id=1dfa7e79a60de680086b1d93fcc3629b463f58bd
-CVE-2013-4392
+CVE-2013-4392 (systemd, when updating file permissions, allows local users to change  ...)
 	- systemd <unfixed> (unimportant; bug #725357)
 	[wheezy] - systemd <not-affected> (/etc/tmpfiles.d not supported in Wheezy)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=859060
 	NOTE: only relevant to systems running systemd along with selinux
-CVE-2013-4391
+CVE-2013-4391 (Integer overflow in the valid_user_field function in journal/journald- ...)
 	{DSA-2777-1}
 	- systemd 204-5 (bug #725357)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=859051
 	NOTE: http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e
-CVE-2013-4390
+CVE-2013-4390 (Open redirect vulnerability in the AbstractAuthenticationFormServlet i ...)
 	NOT-FOR-US: Apache Sling
-CVE-2013-4389
+CVE-2013-4389 (Multiple format string vulnerabilities in log_subscriber.rb files in t ...)
 	{DSA-2888-1 DSA-2887-1}
 	- rails-4.0 <not-affected> (Only affects 3.x)
 	- ruby-actionmailer-3.2 3.2.16-1 (bug #726576)
 	- ruby-actionmailer-2.3 <not-affected> (Only affects 3.x)
 	- rails <not-affected> (Only affects 3.x)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-4388
+CVE-2013-4388 (Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio. ...)
 	{DSA-2973-1}
 	- vlc 2.1.0-1 (bug #726528)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commitdiff;h=9794ec1cd268c04c8bca13a5fae15df6594dff3e
-CVE-2013-4387
+CVE-2013-4387 (net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not prop ...)
 	{DLA-0015-1}
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	- linux 3.11.5-1
 	[wheezy] - linux 3.2.53-1
-CVE-2013-4386
+CVE-2013-4386 (Multiple SQL injection vulnerabilities in app/models/concerns/host_com ...)
 	- foreman <itp> (bug #663101)
-CVE-2013-4385
+CVE-2013-4385 (Buffer overflow in the "read-string!" procedure in the "extras" unit i ...)
 	- chicken 4.8.0.5-1 (bug #724740; low)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	[squeeze] - chicken <no-dsa> (Minor issue)
 	NOTE: http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=cd1b9775005ebe220ba11265dbf5396142e65f26
-CVE-2013-4384
+CVE-2013-4384 (Cross-site scripting (XSS) vulnerability in Google Site Search module  ...)
 	NOT-FOR-US: Drupal module
-CVE-2013-4383
+CVE-2013-4383 (Cross-site scripting (XSS) vulnerability in the jQuery Countdown modul ...)
 	NOT-FOR-US: Drupal module
 CVE-2013-4382
 	REJECTED
 CVE-2013-4381
 	REJECTED
-CVE-2013-4380
+CVE-2013-4380 (Cross-site scripting (XSS) vulnerability in the MediaFront module 6.x- ...)
 	NOT-FOR-US: Drupal module
-CVE-2013-4379
+CVE-2013-4379 (The Make Meeting Scheduler module 6.x-1.x before 6.x-1.3 for Drupal al ...)
 	NOT-FOR-US: Drupal module
-CVE-2013-4378
+CVE-2013-4378 (Cross-site scripting (XSS) vulnerability in HtmlSessionInformationsRep ...)
 	NOT-FOR-US: Javamelody
-CVE-2013-4377
+CVE-2013-4377 (Use-after-free vulnerability in the virtio-pci implementation in Qemu  ...)
 	- qemu 1.7.0+dfsg-4
 	[wheezy] - qemu <not-affected> (Introduced in 1.4)
 	[squeeze] - qemu <not-affected> (Introduced in 1.4)
 	- qemu-kvm <not-affected> (Introduced in 1.4)
 	NOTE: patches: http://thread.gmane.org/gmane.comp.emulators.qemu/234440
-CVE-2013-4376
+CVE-2013-4376 (The setgid wrapper libx2go-server-db-sqlite3-wrapper.c in X2Go Server  ...)
 	- x2goserver <not-affected> (Fixed with first upload to Debian)
 	NOTE: Fixed by: https://code.x2go.org/gitweb?p=x2goserver.git;a=commitdiff;h=42264c88d7885474ebe3763b2991681ddfcfa69a
-CVE-2013-4375
+CVE-2013-4375 (The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4. ...)
 	- xen 4.2
 	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
@@ -8167,58 +8167,58 @@ CVE-2013-4375
 CVE-2013-4374
 	RESERVED
 	NOT-FOR-US: RHQ MondoDB Drift Server
-CVE-2013-4373
+CVE-2013-4373 (The storeFiles method in JPADriftServerBean in Red Hat JBoss Operation ...)
 	NOT-FOR-US: Red Hat JBoss Operations Network
-CVE-2013-4372
+CVE-2013-4372 (Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management ...)
 	NOT-FOR-US: JBoss Fuse
-CVE-2013-4371
+CVE-2013-4371 (Use-after-free vulnerability in the libxl_list_cpupool function in the ...)
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
 	[squeeze] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
-CVE-2013-4370
+CVE-2013-4370 (The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x an ...)
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
 	[squeeze] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
-CVE-2013-4369
+CVE-2013-4369 (The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and ...)
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
 	[squeeze] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
-CVE-2013-4368
+CVE-2013-4368 (The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier ...)
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2013-4367
 	RESERVED
 	NOT-FOR-US: ovirt
-CVE-2013-4366
+CVE-2013-4366 (http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x bef ...)
 	- httpcomponents-client 4.3.2-1
 	[wheezy] - httpcomponents-client <not-affected> (vulnerable code not present)
 	NOTE: http://svn.apache.org/r1528614
-CVE-2013-4365
+CVE-2013-4365 (Heap-based buffer overflow in the fcgid_header_bucket_read function in ...)
 	{DSA-2778-1}
 	- libapache2-mod-fcgid 1:2.3.9-1 (bug #725942)
-CVE-2013-4364
+CVE-2013-4364 ((1) oo-analytics-export and (2) oo-analytics-import in the openshift-o ...)
 	NOT-FOR-US: OpenShift
-CVE-2013-4363
+CVE-2013-4363 (Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION ...)
 	- rubygems <removed> (unimportant; bug #722361)
 	- libgems-ruby <removed> (unimportant; bug #722361)
 	NOTE: Non-issue, you trust the site providing the gem with installing arbitrary code, allowing
 	NOTE: it a potential elevated CPU consumption doesn't add any extra harm
 	NOTE: CVE for incomplete fix for CVE-2013-4287
-CVE-2013-4362
+CVE-2013-4362 (WEB-DAV Linux File System (davfs2) 1.4.6 and 1.4.7 allow local users t ...)
 	{DSA-2765-1}
 	- davfs2 1.4.7-3 (bug #723034)
 	NOTE: http://savannah.nongnu.org/bugs/?40034
-CVE-2013-4361
+CVE-2013-4361 (The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use ...)
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2013-4360
 	REJECTED
-CVE-2013-4359
+CVE-2013-4359 (Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 ...)
 	{DSA-2767-1}
 	- proftpd-dfsg 1.3.5~rc3-2.1 (bug #723179)
-CVE-2013-4358
+CVE-2013-4358 (libavcodec/h264.c in FFmpeg before 0.11.4 allows remote attackers to c ...)
 	- libav 6:9.1-1
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (Vulnerable code not present)
@@ -8234,31 +8234,31 @@ CVE-2013-4357 [getaddrinfo(), glob_in_dir stack overflow]
 	NOTE: https://sourceware.org/git/?p=glibc.git;a=commit;h=34a9094f49241ebb72084c536cf468fd51ebe3ec
 	NOTE: https://sourceware.org/git/?p=glibc.git;a=commit;h=c8fc0c91695b1c7003c7170861274161f9224817
 	NOTE: Fixed upstream in 2.14
-CVE-2013-4356
+CVE-2013-4356 (Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when ...)
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Only affects 4.3+)
 	[squeeze] - xen <not-affected> (Only affects 4.3+)
-CVE-2013-4355
+CVE-2013-4355 (Xen 4.3.x and earlier does not properly handle certain errors, which a ...)
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-4354
+CVE-2013-4354 (The API before 2.1 in OpenStack Image Registry and Delivery Service (G ...)
 	- glance <unfixed> (unimportant)
 	NOTE: https://bugs.launchpad.net/glance/+bug/1226078
 	NOTE: according to upstream bug there will probably not be a patch for this issue
-CVE-2013-4353
+CVE-2013-4353 (The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1. ...)
 	{DSA-2837-1}
 	- openssl 1.0.1f-1
 	[squeeze] - openssl <not-affected> (Only affects 1.0.1 to 1.0.1e)
-CVE-2013-4352
+CVE-2013-4352 (The cache_invalidate function in modules/cache/cache_storage.c in the  ...)
 	- apache2 2.4.7-1 (low)
 	[wheezy] - apache2 <not-affected> (Only affects 2.4.[56])
 	[squeeze] - apache2 <not-affected> (Only affects 2.4.[56])
-CVE-2013-4351
+CVE-2013-4351 (GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bi ...)
 	{DSA-2774-1 DSA-2773-1}
 	- gnupg 1.4.15-1 (low; bug #722722)
 	- gnupg2 2.0.22-1 (low; bug #722724)
-CVE-2013-4350
+CVE-2013-4350 (The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel th ...)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux 3.11.5-1
 	[wheezy] - linux 3.2.53-1
@@ -8266,26 +8266,26 @@ CVE-2013-4350
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=95ee62083cb6453e056562d91f597552021e6ae7
 CVE-2013-4349
 	REJECTED
-CVE-2013-4348
+CVE-2013-4348 (The skb_flow_dissect function in net/core/flow_dissector.c in the Linu ...)
 	- linux 3.11.6-2
 	- linux-2.6 <not-affected> (Introduced in 3.2)
 	[wheezy] - linux 3.2.53-2
-CVE-2013-4347
+CVE-2013-4347 (The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier func ...)
 	- python-oauth2 <removed> (low; bug #722657)
 	[wheezy] - python-oauth2 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/09/12/5
 	NOTE: https://github.com/simplegeo/python-oauth2/issues/9
-CVE-2013-4346
+CVE-2013-4346 (The Server.verify_request function in SimpleGeo python-oauth2 does not ...)
 	- python-oauth2 <removed> (low; bug #722656)
 	[wheezy] - python-oauth2 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/09/12/5
 	NOTE: https://github.com/simplegeo/python-oauth2/issues/129
-CVE-2013-4345
+CVE-2013-4345 (Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c ...)
 	{DSA-2906-1}
 	- linux-2.6 <removed>
 	- linux 3.11.5-1
 	[wheezy] - linux 3.2.53-1
-CVE-2013-4344
+CVE-2013-4344 (Buffer overflow in the SCSI implementation in QEMU, as used in Xen, wh ...)
 	{DSA-2933-1 DSA-2932-1}
 	- xen 4.2-1
 	[wheezy] - xen <not-affected> (Vulnerable code not present in the bundled 0.10 qemu)
@@ -8298,27 +8298,27 @@ CVE-2013-4344
 	NOTE: Xen in Squeeze uses a separate source package: xen-qemu-dm-4.0
 	NOTE: Xen in Wheezy includes qemu
 	NOTE: Xen after Wheezy uses qemu-system-x86 from qemu, marking 4.2 as pseudo fixed
-CVE-2013-4343
+CVE-2013-4343 (Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel  ...)
 	- linux 3.11.5-1
 	[wheezy] - linux <not-affected> (Introduced in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
-CVE-2013-4342
+CVE-2013-4342 (xinetd does not enforce the user and group configuration directives fo ...)
 	- xinetd 1:2.3.15-2 (bug #324678)
 	[wheezy] - xinetd 1:2.3.14-7.1+deb7u1
 	[squeeze] - xinetd <no-dsa> (Minor issue)
-CVE-2013-4341
+CVE-2013-4341 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle through  ...)
 	- moodle 2.5.2-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-4340
+CVE-2013-4340 (wp-admin/includes/post.php in WordPress before 3.6.1 allows remote aut ...)
 	{DSA-2757-1}
 	- wordpress 3.6.1+dfsg-1 (bug #722537)
 	NOTE: http://core.trac.wordpress.org/changeset/25321
-CVE-2013-4339
+CVE-2013-4339 (WordPress before 3.6.1 does not properly validate URLs before use in a ...)
 	{DSA-2757-1}
 	- wordpress 3.6.1+dfsg-1 (bug #722537)
 	NOTE: http://core.trac.wordpress.org/changeset/25323
 	NOTE: http://core.trac.wordpress.org/changeset/25324
-CVE-2013-4338
+CVE-2013-4338 (wp-includes/functions.php in WordPress before 3.6.1 does not properly  ...)
 	{DSA-2757-1}
 	- wordpress 3.6.1+dfsg-1 (bug #722537)
 	NOTE: http://core.trac.wordpress.org/changeset/25325
@@ -8335,47 +8335,47 @@ CVE-2013-4334
 CVE-2013-4333
 	RESERVED
 	NOT-FOR-US: OpenPNE
-CVE-2013-4332
+CVE-2013-4332 (Multiple integer overflows in malloc/malloc.c in the GNU C Library (ak ...)
 	{DLA-165-1}
 	- glibc 2.17-93 (bug #722536)
 	- eglibc <removed>
 	[wheezy] - eglibc 2.13-38+deb7u1
-CVE-2013-4331
+CVE-2013-4331 (Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1 ...)
 	- lightdm 1.6.2-1 (bug #721744)
 	[wheezy] - lightdm <not-affected> (Introduced in 1.4)
-CVE-2013-4330
+CVE-2013-4330 (Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, ...)
 	NOT-FOR-US: Apache Camel
-CVE-2013-4329
+CVE-2013-4329 (The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is ...)
 	{DSA-3006-1}
 	- xen 4.3.0-1
 	[squeeze] - xen <not-affected> (libxl not packaged in squeeze)
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-09/msg00001.html
 CVE-2013-4328
 	REJECTED
-CVE-2013-4327
+CVE-2013-4327 (systemd does not properly use D-Bus for communication with a polkit au ...)
 	{DSA-2777-1}
 	- systemd 204-5 (bug #723713)
-CVE-2013-4326
+CVE-2013-4326 (RealtimeKit (aka rtkit) 0.5 does not properly use D-Bus for communicat ...)
 	- rtkit 0.10-3 (bug #723714)
 	[wheezy] - rtkit 0.10-2+wheezy1
-CVE-2013-4325
+CVE-2013-4325 (The check_permission_v1 function in base/pkit.py in HP Linux Imaging a ...)
 	{DSA-2829-1}
 	- hplip 3.13.9-1 (bug #723716)
-CVE-2013-4324
+CVE-2013-4324 (spice-gtk 0.14, and possibly other versions, invokes the polkit author ...)
 	- spice-gtk 0.21-0nocelt1 (low)
 	[wheezy] - spice-gtk <no-dsa> (Minor issue)
 CVE-2013-4323
 	RESERVED
-CVE-2013-4322
+CVE-2013-4322 (Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-R ...)
 	{DSA-3530-1 DSA-2897-1 DLA-91-1}
 	- tomcat6 6.0.39
 	- tomcat7 7.0.50
 	- tomcat8 8.0.0
-CVE-2013-4321
+CVE-2013-4321 (The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x ...)
 	- typo3-src <not-affected> (All versions from 6.0.0 up to the development branch of 6.2)
-CVE-2013-4320
+CVE-2013-4320 (The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.9 and 6.1.x ...)
 	- typo3-src <not-affected> (All versions from 6.0.0 up to the development branch of 6.2)
-CVE-2013-4319
+CVE-2013-4319 (pbs_mom in Terascale Open-Source Resource and Queue Manager (aka TORQU ...)
 	{DSA-2770-1}
 	- torque 2.4.16+dfsg-1.1 (bug #722306)
 	NOTE: http://www.supercluster.org/pipermail/torqueusers/2013-September/016098.html
@@ -8383,27 +8383,27 @@ CVE-2013-4318
 	RESERVED
 	NOT-FOR-US: Ruby gem Features
 	NOTE: http://www.openwall.com/lists/oss-security/2013/09/09/9
-CVE-2013-4317
+CVE-2013-4317 (In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API  ...)
 	NOT-FOR-US: CloudStack
-CVE-2013-4316
+CVE-2013-4316 (Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.15.1)
 	NOTE: http://struts.apache.org/release/2.3.x/docs/s2-019.html
-CVE-2013-4315
+CVE-2013-4315 (Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x  ...)
 	{DSA-2755-1}
 	- python-django 1.5.3-1 (bug #722605)
-CVE-2013-4314
+CVE-2013-4314 (The X509Extension in pyOpenSSL before 0.13.1 does not properly handle  ...)
 	{DSA-2763-1}
 	- pyopenssl 0.13-2.1 (bug #722055)
-CVE-2013-4313
+CVE-2013-4313 (Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5 ...)
 	- moodle 2.5.2-1
 	[squeeze] - moodle <not-affected>
-CVE-2013-4312
+CVE-2013-4312 (The Linux kernel before 4.4.1 allows local users to bypass file-descri ...)
 	{DSA-3503-1 DSA-3448-1}
 	- linux 4.3.3-6
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/linus/712f4aad406bb1ed67f3f98d04c044191f0ff593 (v4.5-rc1)
 	NOTE: First patch for mitigation in 4.3.3-6, 4.3.5-1 adds a second bit required, that is CVE-2016-2847
-CVE-2013-4311
+CVE-2013-4311 (libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x ...)
 	- libvirt 1.1.3~rc1-1 (unimportant)
 	NOTE: polkit support not activated in Debian build prior to 1.2.9.
 	NOTE: sourcewise support for 3-arg pkcheck syntax in libvirt is included
@@ -8411,22 +8411,22 @@ CVE-2013-4311
 	NOTE: to wait for the pu in #726558 for policykit-1/0.105-3+deb7u1 and have a rebuild
 	NOTE: of libvirt then.
 	NOTE: Needs a build dependency on libpolkit-gobject-1-dev
-CVE-2013-4310
+CVE-2013-4310 (Apache Struts 2.0.0 through 2.3.15.1 allows remote attackers to bypass ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.15.1)
 	NOTE: http://struts.apache.org/release/2.3.x/docs/s2-018.html
 CVE-2013-4309
 	RESERVED
-CVE-2013-4308
+CVE-2013-4308 (Cross-site scripting (XSS) vulnerability in pages/TalkpageHistoryView. ...)
 	NOT-FOR-US: Mediawiki LiquidThreads extension
-CVE-2013-4307
+CVE-2013-4307 (Multiple cross-site scripting (XSS) vulnerabilities in repo/includes/E ...)
 	NOT-FOR-US: Mediawiki Wikibase
-CVE-2013-4306
+CVE-2013-4306 (Cross-site request forgery (CSRF) vulnerability in api/ApiQueryCheckUs ...)
 	NOT-FOR-US: Mediawiki CheckUser extension
-CVE-2013-4305
+CVE-2013-4305 (Cross-site scripting (XSS) vulnerability in contrib/example.php in the ...)
 	- mediawiki-extensions <removed> (unimportant)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=49070
 	NOTE: Just an example file
-CVE-2013-4304
+CVE-2013-4304 (The CentralAuth extension for MediaWiki 1.19.x before 1.19.8, 1.20.x b ...)
 	NOT-FOR-US: Mediawiki CentralAuth extension
 CVE-2013-4303 [mediawiki XSS with IE6]
 	RESERVED
@@ -8434,85 +8434,85 @@ CVE-2013-4303 [mediawiki XSS with IE6]
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=52746
 	NOTE: IE6 lacks so many security features that this doesn't matter
-CVE-2013-4302
+CVE-2013-4302 ((1) ApiBlock.php, (2) ApiCreateAccount.php, (3) ApiLogin.php, (4) ApiM ...)
 	{DSA-2753-1}
 	- mediawiki 1:1.19.8+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=49090
-CVE-2013-4301
+CVE-2013-4301 (includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x  ...)
 	- mediawiki 1:1.19.8+dfsg-1 (unimportant)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: Full path disclosure irrelevant in Debian
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=46332
-CVE-2013-4300
+CVE-2013-4300 (The scm_check_creds function in net/core/scm.c in the Linux kernel bef ...)
 	- linux 3.11.5-1
 	[wheezy] - linux <not-affected> (Not exploitable by unprivileged users in 3.2)
 	- linux-2.6 <not-affected> (Not exploitable by unprivileged users in 2.6.32)
-CVE-2013-4299
+CVE-2013-4299 (Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linu ...)
 	{DSA-2906-1}
 	- linux-2.6 <removed>
 	- linux 3.11.6-2
 	[wheezy] - linux 3.2.53-1
 	NOTE: upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9c6a182649f4259db704ae15a91ac820e63b0ca
-CVE-2013-4297
+CVE-2013-4297 (The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1. ...)
 	- libvirt 1.1.2-2
 	[jessie] - libvirt <not-affected> (Introduced with 8aabd597b379db5ae1655e36dff4f10d5622830a)
 	[wheezy] - libvirt <not-affected> (Introduced with 8aabd597b379db5ae1655e36dff4f10d5622830a)
 	[squeeze] - libvirt <not-affected> (Introduced with 8aabd597b379db5ae1655e36dff4f10d5622830a)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=2dba0323ff0cec31bdcea9dd3b2428af297401f2
 	NOTE: Introduced with 8aabd597b379db5ae1655e36dff4f10d5622830a, 1.0.6
-CVE-2013-4296
+CVE-2013-4296 (The remoteDispatchDomainMemoryStats function in daemon/remote.c in lib ...)
 	{DSA-2764-1}
 	- libvirt 1.1.4-1
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present, introduced by commit 158ba8730e44b7dd07a21ab90499996c5dec080a)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=158ba8730e44b7dd07a21ab90499996c5dec080a
 	NOTE: Fix: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=e7f400a110e2e3673b96518170bfea0855dd82c0
-CVE-2013-4295
+CVE-2013-4295 (The gadget renderer in Apache Shindig 2.5.0 for PHP allows remote atta ...)
 	NOT-FOR-US: Apache Shindig
-CVE-2013-4294
+CVE-2013-4294 (The (1) mamcache and (2) KVS token backends in OpenStack Identity (Key ...)
 	- keystone 2013.1.3-2 (bug #722505)
 	[wheezy] - keystone <not-affected> (only affects Folsom release and above)
-CVE-2013-4293
+CVE-2013-4293 (The server in Red Hat JBoss Operations Network (JON) 3.1.2 logs passwo ...)
 	NOT-FOR-US: Red Hat JBoss Operations Network
-CVE-2013-4292
+CVE-2013-4292 (libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of servic ...)
 	- libvirt 1.1.2~rc2-1 (bug #721325)
 	[jessie] - libvirt <not-affected> (Introduced with 1.1.0)
 	[wheezy] - libvirt <not-affected> (Introduced with 1.1.0)
 	[squeeze] - libvirt <not-affected> (Introduced with 1.1.0)
-CVE-2013-4291
+CVE-2013-4291 (The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1. ...)
 	- libvirt 1.1.2-2
 	[jessie] - libvirt <not-affected> (vulnerable code not introduced, introduced in 1.1.1)
 	[wheezy] - libvirt <not-affected> (vulnerable code not introduced, introduced in 1.1.1)
 	[squeeze] - libvirt <not-affected> (vulnerable code not introduced, introduced in 1.1.1)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=745aa55fbf3e076c4288d5ec3239f5a5d43508a6
-CVE-2013-4290
+CVE-2013-4290 (Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote att ...)
 	- openjpeg <removed> (unimportant; bug #722540)
 	NOTE: JP3D code not built in the binary package, see #722540
-CVE-2013-4289
+CVE-2013-4289 (Multiple integer overflows in lib/openjp3d/jp3d.c in OpenJPEG before 1 ...)
 	- openjpeg <removed> (unimportant; bug #722540)
 	NOTE: JP3D code not built in the binary package, see #722540
-CVE-2013-4288
+CVE-2013-4288 (Race condition in PolicyKit (aka polkit) allows local users to bypass  ...)
 	- policykit-1 0.105-3+nmu1 (low; bug #723717)
 	[squeeze] - policykit-1 <no-dsa> (The update only deprecates an API and introduces a new option for pkcheck, no src package uses this API)
 	[wheezy] - policykit-1 <no-dsa> (The update only deprecates an API and introduces a new option for pkcheck, no src package uses this API)
-CVE-2013-4287
+CVE-2013-4287 (Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN  ...)
 	- rubygems <removed> (unimportant; bug #722361)
 	- libgems-ruby <removed> (unimportant; bug #722361)
 	NOTE: Non-issue, you trust the site providing the gem with installing arbitrary code, allowing
 	NOTE: it a potential elevated CPU consumption doesn't add any extra harm
-CVE-2013-4286
+CVE-2013-4286 (Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-R ...)
 	{DSA-3530-1 DSA-2897-1 DLA-91-1}
 	- tomcat6 6.0.39
 	- tomcat7 7.0.47
 	- tomcat8 8.0.0
-CVE-2013-4285
+CVE-2013-4285 (A certain Gentoo patch for the PAM S/Key module does not properly clea ...)
 	NOT-FOR-US: pam_skey
-CVE-2013-4284
+CVE-2013-4284 (Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers  ...)
 	NOT-FOR-US: Cumin
-CVE-2013-4283
+CVE-2013-4283 (ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attacker ...)
 	- 389-ds-base 1.3.2.9-1 (bug #721222)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=999634
-CVE-2013-4282
+CVE-2013-4282 (Stack-based buffer overflow in the reds_handle_ticket function in serv ...)
 	{DSA-2839-1}
 	- spice 0.12.4-0nocelt2 (bug #728314)
 	NOTE: http://cgit.freedesktop.org/spice/spice/commit/?id=8af619009660b24e0b41ad26b30289eea288fcc2
@@ -8521,18 +8521,18 @@ CVE-2013-4281
 CVE-2013-4280
 	RESERVED
 	- vdsm <itp> (bug #668538)
-CVE-2013-4279
+CVE-2013-4279 (imapsync 1.564 and earlier performs a release check by default, which  ...)
 	- imapsync <removed>
-CVE-2013-4278
+CVE-2013-4278 (The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizz ...)
 	- nova 2013.1.3-1 (bug #720602)
 	[wheezy] - nova <not-affected> (Affected code not present)
 	NOTE: incomplete fix for CVE-2013-2256
-CVE-2013-4277
+CVE-2013-4277 (Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1 ...)
 	- subversion 1.7.13-1 (low; bug #721542)
 	[squeeze] - subversion <no-dsa> (Minor issue, PID file not created by default)
 	[wheezy] - subversion <no-dsa> (Minor issue, PID file not created by default)
 	NOTE: http://subversion.apache.org/security/CVE-2013-4277-advisory.txt
-CVE-2013-4276
+CVE-2013-4276 (Multiple stack-based buffer overflows in LittleCMS (aka lcms or liblcm ...)
 	- lcms 1.19.dfsg1-1.3 (low; bug #718682)
 	[squeeze] - lcms <no-dsa> (Minor issue)
 	[wheezy] - lcms 1.19.dfsg2-1.2+deb7u1
@@ -8540,15 +8540,15 @@ CVE-2013-4276
 CVE-2013-4275
 	RESERVED
 	NOT-FOR-US: Drupal contributed module Zen
-CVE-2013-4274
+CVE-2013-4274 (Cross-site scripting (XSS) vulnerability in the password_policy_admin_ ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-4273
+CVE-2013-4273 (The Entity API module 7.x-1.x before 7.x-1.2 for Drupal does not prope ...)
 	NOT-FOR-US: Drupal contributed module Entity API
-CVE-2013-4272
+CVE-2013-4272 (The BOTCHA Spam Prevention module 7.x-1.x before 7.x-1.6, 7.x-2.x befo ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-4271
+CVE-2013-4271 (The default configuration of the ObjectRepresentation class in Restlet ...)
 	- restlet <itp> (bug #596472)
-CVE-2013-4270
+CVE-2013-4270 (The net_ctl_permissions function in net/sysctl_net.c in the Linux kern ...)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
 	- linux 3.11.5-1
 	[wheezy] - linux <not-affected> (Introduced in 3.8)
@@ -8565,44 +8565,44 @@ CVE-2013-4267
 	- ajaxplorer <itp> (bug #668381)
 CVE-2013-4266
 	REJECTED
-CVE-2013-4265
+CVE-2013-4265 (The av_reallocp_array function in libavutil/mem.c in FFmpeg before 2.0 ...)
 	- ffmpeg <not-affected> (Affected function codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (Affected function not present in libav)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/c94f9e854228e0ea00e1de8769d8d3f7cab84a55
-CVE-2013-4264
+CVE-2013-4264 (The kempf_decode_tile function in libavcodec/g2meet.c in FFmpeg before ...)
 	- ffmpeg <not-affected> (g2meet codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (g2meet codec not present in libav)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2960576378d17d71cc8dccc926352ce568b5eec1
-CVE-2013-4263
+CVE-2013-4263 (libavfilter in FFmpeg before 2.0.1 has unspecified impact and remote v ...)
 	- ffmpeg <not-affected> (Affected video filters not present in ffmpeg 0.5)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/e43a0a232dbf6d3c161823c2e07c52e76227a1bc
 	NOTE: [Anton] the report and the fix appear completely bogus, likely working around bugs from completely different parts of the code; most probably not present in any libav release
-CVE-2013-4262
+CVE-2013-4262 (svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile ...)
 	- subversion 1.8.5-1 (unimportant)
 	NOTE: Optional admin-side utilities in Subversion 1.8.x
-CVE-2013-4261
+CVE-2013-4261 (OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apac ...)
 	- nova 2013.2-1 (low)
 	[wheezy] - nova <no-dsa> (Will be fixed in a point update)
 	NOTE: https://bugs.launchpad.net/nova/+bug/1215091/comments/10 (relevant question for other components)
 	NOTE: probably does not affect Essex/2012.1, see https://bugs.launchpad.net/nova/+bug/1215091/comments/6
-CVE-2013-4260
+CVE-2013-4260 (lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when p ...)
 	- ansible <not-affected> (affected code introduced with ansible 1.2)
-CVE-2013-4259
+CVE-2013-4259 (runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using C ...)
 	- ansible 1.3.4+dfsg-1 (bug #721766)
 	NOTE: upstream commit: https://github.com/ansible/ansible/commit/6bf5d195065bc23b5fc72ba690d7ed45f228aaf0
-CVE-2013-4258
+CVE-2013-4258 (Format string vulnerability in the osLogMsg function in server/os/aulo ...)
 	{DSA-2771-1}
 	- nas 1.9.3-6 (bug #720287)
 CVE-2013-4257 [Heap Overflow]
 	REJECTED
-CVE-2013-4256
+CVE-2013-4256 (Multiple stack-based and heap-based buffer overflows in Network Audio  ...)
 	{DSA-2771-1}
 	- nas 1.9.3-6 (bug #720287)
-CVE-2013-4255
+CVE-2013-4255 (The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier do ...)
 	- condor 8.0.5~dfsg.1-1 (bug #721693)
 	[wheezy] - condor <no-dsa> (Minor issue)
-CVE-2013-4254
+CVE-2013-4254 (The validate_event function in arch/arm/kernel/perf_event.c in the Lin ...)
 	- linux 3.10.11-1
 	[wheezy] - linux 3.2.51-1
 	- linux-2.6 <not-affected> (No perf support on arm)
@@ -8617,53 +8617,53 @@ CVE-2013-4251 [weave /tmp and current directory issues]
 	[wheezy] - python-scipy <no-dsa> (Minor issue)
 	[squeeze] - python-scipy 0.7.2+dfsg1-1+deb6u1
 	NOTE: https://github.com/scipy/scipy/commit/bd296e0336420b840fcd2faabb97084fd252a973
-CVE-2013-4250
+CVE-2013-4250 (The (1) file upload component and (2) File Abstraction Layer (FAL) in  ...)
 	- typo3-src <not-affected> (All versions from 6.0.0 up to the development branch of 6.2)
-CVE-2013-4249
+CVE-2013-4249 (Cross-site scripting (XSS) vulnerability in the AdminURLFieldWidget wi ...)
 	- python-django 1.5.2-1
 	[wheezy] - python-django <not-affected> (1.4.x not affected)
 	[squeeze] - python-django <not-affected> (1.2.x not affected)
 	NOTE: problem introduced with https://github.com/django/django/commit/ac2052ebc84c45709ab5f0f25e685bf656ce79bc
-CVE-2013-4248
+CVE-2013-4248 (The openssl_x509_parse function in openssl.c in the OpenSSL module in  ...)
 	{DSA-2742-1}
 	- php5 5.5.3+dfsg-1 (bug #719765)
 	NOTE: fix in 5.5.2 incomplete, see http://php.net/ChangeLog-5.php
-CVE-2013-4247
+CVE-2013-4247 (Off-by-one error in the build_unc_path_to_root function in fs/cifs/con ...)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
 	- linux 3.9.6-1
 	[wheezy] - linux <not-affected> (Introduced in 3.8)
-CVE-2013-4246
+CVE-2013-4246 (libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might all ...)
 	- subversion <not-affected> (only affects 1.8.0 and 1.8.1)
 CVE-2013-4245 [Arbitrary code execution due to insecure CWD Python module load]
 	RESERVED
 	- gnome-orca <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2013-4244
+CVE-2013-4244 (The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier ...)
 	{DSA-2744-1}
 	- tiff 4.0.3-3
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
-CVE-2013-4243
+CVE-2013-4243 (Heap-based buffer overflow in the readgifimage function in the gif2tif ...)
 	{DSA-2965-1 DLA-0013-1}
 	- tiff 4.0.3-9 (low; bug #742917)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
 	[squeeze] - tiff 3.9.4-5+squeeze11
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2451
-CVE-2013-4242
+CVE-2013-4242 (GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x ...)
 	{DSA-2731-1 DSA-2730-1}
 	- gnupg 1.4.14-1 (bug #717880)
 	- libgcrypt11 1.5.3-1
 CVE-2013-4241
 	RESERVED
 	NOT-FOR-US: WordPress plugin HMS Testimonials
-CVE-2013-4240
+CVE-2013-4240 (Multiple cross-site request forgery (CSRF) vulnerabilities in the HMS  ...)
 	NOT-FOR-US: WordPress plugin HMS Testimonials
-CVE-2013-4239
+CVE-2013-4239 (The xenDaemonListDefinedDomains function in xen/xend_internal.c in lib ...)
 	- libvirt 1.1.2~rc1-1 (bug #719533)
 	[wheezy] - libvirt <not-affected> (Introduced in 1.1.1)
 	[squeeze] - libvirt <not-affected> (Introduced in 1.1.1)
 	NOTE: Introduced by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=632180d1
 	NOTE: Fixed by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=0e671a16
-CVE-2013-4238
+CVE-2013-4238 (The ssl.match_hostname function in the SSL module in Python 2.6 throug ...)
 	{DSA-2880-1 DLA-25-1}
 	- python2.5 <removed> (low)
 	[squeeze] - python2.5 <no-dsa> (Minor issue)
@@ -8677,35 +8677,35 @@ CVE-2013-4238
 	- python3.3 3.3.2-6 (low; bug #719567)
 	NOTE: http://bugs.python.org/issue18709
 	NOTE: https://bugs.mageia.org/show_bug.cgi?id=10989
-CVE-2013-4237
+CVE-2013-4237 (sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2. ...)
 	{DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.17-94 (bug #719558)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=14699
 	NOTE: http://sourceware.org/ml/libc-alpha/2013-05/msg00445.html
-CVE-2013-4236
+CVE-2013-4236 (VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged  ...)
 	- vdsm <itp> (bug #668538)
 CVE-2013-4235 [TOCTOU race conditions by copying and removing directory trees]
 	RESERVED
 	- shadow <unfixed> (unimportant; bug #778950)
-CVE-2013-4234
+CVE-2013-4234 (Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2)  ...)
 	{DSA-2751-1}
 	- libmodplug 1:0.8.8.4-4 (bug #719462)
-CVE-2013-4233
+CVE-2013-4233 (Integer overflow in the abc_set_parts function in load_abc.cpp in libm ...)
 	{DSA-2751-1}
 	- libmodplug 1:0.8.8.4-4 (bug #719462)
-CVE-2013-4232
+CVE-2013-4232 (Use-after-free vulnerability in the t2p_readwrite_pdf_image function i ...)
 	{DSA-2744-1}
 	- tiff 4.0.3-2 (bug #719303)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
-CVE-2013-4231
+CVE-2013-4231 (Multiple buffer overflows in libtiff before 4.0.3 allow remote attacke ...)
 	{DSA-2744-1}
 	- tiff 4.0.3-2 (bug #719303)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
-CVE-2013-4230
+CVE-2013-4230 (The mm_webform submodule in the Monster Menus module 6.x-6.x before 6. ...)
 	NOT-FOR-US: Monster Menus Drupal contributed module
-CVE-2013-4229
+CVE-2013-4229 (Cross-site scripting (XSS) vulnerability in the Monster Menus module 7 ...)
 	NOT-FOR-US: Monster Menus Drupal contributed module
 CVE-2013-4228
 	RESERVED
@@ -8722,120 +8722,120 @@ CVE-2013-4225
 CVE-2013-4224
 	RESERVED
 	NOTE: Dublicate of CVE-2013-4187, thus rejected
-CVE-2013-4223
+CVE-2013-4223 (The Gentoo Nullmailer package before 1.11-r2 uses world-readable permi ...)
 	- nullmailer 1:1.11-2 (low; bug #684619)
 	[squeeze] - nullmailer <no-dsa> (Minor issue)
 	NOTE: CVE originally for /etc/nullmailer/remotes permissions in gentoo, but Debian
 	NOTE: had the same problem until 1:1.11-2
-CVE-2013-4222
+CVE-2013-4222 (OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, an ...)
 	- keystone 2013.1.3-1 (bug #719290)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present in Openstack Essex)
 	NOTE: http://lists.openstack.org/pipermail/openstack-security/2013-August/000263.html
-CVE-2013-4221
+CVE-2013-4221 (The default configuration of the ObjectRepresentation class in Restlet ...)
 	- restlet <itp> (bug #596472)
 	NOTE: http://blog.diniscruz.com/2013/08/using-xmldecoder-to-execute-server-side.html
 	NOTE: https://github.com/o2platform/DefCon_RESTing
-CVE-2013-4220
+CVE-2013-4220 (The bad_mode function in arch/arm64/kernel/traps.c in the Linux kernel ...)
 	- linux-2.6 <not-affected> (ARM64 not supported)
 	- linux <not-affected> (ARM64 not yet supported)
-CVE-2013-4219
+CVE-2013-4219 (Multiple integer overflows in the Intel WiMAX Network Service through  ...)
 	- wimax-tools <itp> (bug #627975)
-CVE-2013-4218
+CVE-2013-4218 (The InitMethodAndPassword function in InfraStack/OSAgnostic/WiMax/Agen ...)
 	- wimax-tools <itp> (bug #627975)
-CVE-2013-4217
+CVE-2013-4217 (The OSAL_Crypt_SetEncryptedPassword function in InfraStack/OSDependent ...)
 	- wimax-tools <itp> (bug #627975)
-CVE-2013-4216
+CVE-2013-4216 (The Trace_OpenLogFile function in InfraStack/OSDependent/Linux/InfraSt ...)
 	- wimax-tools <itp> (bug #627975)
-CVE-2013-4215
+CVE-2013-4215 (The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins 1.4.1 ...)
 	- nagios-plugins 1.4.16+git20130902-1 (unimportant)
 	NOTE: vulnerable code present, but check_ipxping is neither built nor installed
 	- monitoring-plugins <not-affected> (Fixed before initial upload to Debian)
 	NOTE: contrib/check_ipxping removed from src:monitoring-pluging before the
 	NOTE: initial upload to Debian after the source package rename.
-CVE-2013-4214
+CVE-2013-4214 (rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIE ...)
 	- nagios3 3.5.1-1 (low; bug #719056)
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
 	[squeeze] - nagios3 <not-affected> (html/rss-newsfeed.php not present)
 	NOTE: fixed by removing html/rss-newsfeed.php completely
 	NOTE: http://anonscm.debian.org/gitweb/?p=pkg-nagios/pkg-nagios3.git;a=commit;h=c88bef82308c99601732bb9517a1af5bc6928282
-CVE-2013-4213
+CVE-2013-4213 (Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not pro ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2013-4212
+CVE-2013-4212 (Certain getText methods in the ActionSupport controller in Apache Roll ...)
 	NOT-FOR-US: Apache Roller
 CVE-2013-4211
 	RESERVED
 	NOT-FOR-US: OpenX
-CVE-2013-4210
+CVE-2013-4210 (The org.jboss.remoting.transport.socket.ServerThread class in Red Hat  ...)
 	NOT-FOR-US: JBoss Remoting
-CVE-2013-4209
+CVE-2013-4209 (Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to ...)
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2013-4208
+CVE-2013-4208 (The rsa_verify function in PuTTY before 0.63 (1) does not clear sensit ...)
 	{DSA-2736-1}
 	- putty 0.63-1
 	- filezilla 3.7.3-1 (low; bug #719070)
 	[squeeze] - filezilla <no-dsa> (Minor issue)
 	[wheezy] - filezilla <no-dsa> (Minor issue)
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html
-CVE-2013-4207
+CVE-2013-4207 (Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH serv ...)
 	{DSA-2736-1}
 	- putty 0.63-1
 	- filezilla 3.7.3-1 (low; bug #719070)
 	[squeeze] - filezilla <no-dsa> (Minor issue)
 	[wheezy] - filezilla <no-dsa> (Minor issue)
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html
-CVE-2013-4206
+CVE-2013-4206 (Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY ...)
 	{DSA-2736-1}
 	- putty 0.63-1
 	- filezilla 3.7.3-1 (low; bug #719070)
 	[squeeze] - filezilla <no-dsa> (Minor issue)
 	[wheezy] - filezilla <no-dsa> (Minor issue)
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html
-CVE-2013-4205
+CVE-2013-4205 (Memory leak in the unshare_userns function in kernel/user_namespace.c  ...)
 	- linux 3.10.7-1
 	[wheezy] - linux <not-affected> (Introduced in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
-CVE-2013-4204
+CVE-2013-4204 (Multiple cross-site scripting (XSS) vulnerabilities in the JUnit files ...)
 	- gwt <removed> (low)
 	[squeeze] - gwt <no-dsa> (Minor issue)
 	NOTE: http://www.gwtproject.org/release-notes.html#Release_Notes_2_5_1_RC1
-CVE-2013-4203
+CVE-2013-4203 (The self.run_gpg function in lib/rgpg/gpg_helper.rb in the rgpg gem be ...)
 	NOT-FOR-US: Ruby Rgpg Gem
-CVE-2013-4202
+CVE-2013-4202 (The (1) backup (api/contrib/backups.py) and (2) volume transfer (contr ...)
 	- cinder 2013.1.2-4 (bug #719118)
-CVE-2013-4201
+CVE-2013-4201 (Katello allows remote authenticated users to call the "system remove_d ...)
 	NOT-FOR-US: Katello
-CVE-2013-4200
+CVE-2013-4200 (The isURLInPortal method in the URLTool class in in_portal.py in Plone ...)
 	NOT-FOR-US: Plone
-CVE-2013-4199
+CVE-2013-4199 ((1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 through 4.1, 4. ...)
 	NOT-FOR-US: Plone
-CVE-2013-4198
+CVE-2013-4198 (mail_password.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4. ...)
 	NOT-FOR-US: Plone
-CVE-2013-4197
+CVE-2013-4197 (member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and  ...)
 	NOT-FOR-US: Plone
-CVE-2013-4196
+CVE-2013-4196 (The object manager implementation (objectmanager.py) in Plone 2.1 thro ...)
 	NOT-FOR-US: Plone
-CVE-2013-4195
+CVE-2013-4195 (Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) p ...)
 	NOT-FOR-US: Plone
-CVE-2013-4194
+CVE-2013-4194 (The WYSIWYG component (wysiwyg.py) in Plone 2.1 through 4.1, 4.2.x thr ...)
 	NOT-FOR-US: Plone
-CVE-2013-4193
+CVE-2013-4193 (typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3. ...)
 	NOT-FOR-US: Plone
-CVE-2013-4192
+CVE-2013-4192 (sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x thr ...)
 	NOT-FOR-US: Plone
-CVE-2013-4191
+CVE-2013-4191 (zip.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x throug ...)
 	NOT-FOR-US: Plone
-CVE-2013-4190
+CVE-2013-4190 (Multiple cross-site scripting (XSS) vulnerabilities in (1) spamProtect ...)
 	NOT-FOR-US: Plone
-CVE-2013-4189
+CVE-2013-4189 (Multiple unspecified vulnerabilities in (1) dataitems.py, (2) get.py,  ...)
 	NOT-FOR-US: Plone
-CVE-2013-4188
+CVE-2013-4188 (traverser.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x  ...)
 	NOT-FOR-US: Plone
 CVE-2013-4187 [Access Bypass]
 	RESERVED
 	NOT-FOR-US: Flippy Contributed Drupal module
 CVE-2013-4186
 	REJECTED
-CVE-2013-4185
+CVE-2013-4185 (Algorithmic complexity vulnerability in OpenStack Compute (Nova) befor ...)
 	- nova 2013.1.2-3 (low; bug #718907)
 	[wheezy] - nova <no-dsa> (Minor issue)
 CVE-2013-4184 [symlink attacks]
@@ -8843,21 +8843,21 @@ CVE-2013-4184 [symlink attacks]
 	- libdata-uuid-perl <unfixed> (unimportant; bug #718949)
 	NOTE: https://github.com/rjbs/Data-UUID/issues/5
 	NOTE: Neutralised by kernel temp hardening
-CVE-2013-4183
+CVE-2013-4183 (The clear_volume function in LVMVolumeDriver driver in OpenStack Cinde ...)
 	- cinder 2013.1.2-4 (bug #719010)
-CVE-2013-4182
+CVE-2013-4182 (app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 doe ...)
 	- foreman <itp> (bug #663101)
-CVE-2013-4181
+CVE-2013-4181 (Cross-site scripting (XSS) vulnerability in the addAlert function in t ...)
 	NOT-FOR-US: ovirt
-CVE-2013-4180
+CVE-2013-4180 (The (1) power and (2) ipmi_boot actions in the HostController in Forem ...)
 	- foreman <itp> (bug #663101)
-CVE-2013-4179
+CVE-2013-4179 (The security group extension in OpenStack Compute (Nova) Grizzly 2013. ...)
 	- nova 2013.1.3-1
 	[wheezy] - nova <not-affected> (Vulnerable code not present)
 	NOTE: CVE for incomplete fix applied for CVE-2013-1664
-CVE-2013-4178
+CVE-2013-4178 (The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1 ...)
 	NOT-FOR-US: GA Login Drupal contributed module
-CVE-2013-4177
+CVE-2013-4177 (The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1 ...)
 	NOT-FOR-US: GA Login Drupal contributed module
 CVE-2013-4176 [information disclosure]
 	RESERVED
@@ -8865,19 +8865,19 @@ CVE-2013-4176 [information disclosure]
 CVE-2013-4175 [local denial of service]
 	RESERVED
 	NOT-FOR-US: MySecureShell
-CVE-2013-4174
+CVE-2013-4174 (Multiple cross-site scripting (XSS) vulnerabilities in the Scald modul ...)
 	NOT-FOR-US: Scald Drupal contributed module
-CVE-2013-4173
+CVE-2013-4173 (Directory traversal vulnerability in the trend-data daemon (xymond_rrd ...)
 	- xymon 4.3.17-2 (bug #717895)
 	[wheezy] - xymon <no-dsa> (Not remotely exploitable in Debian default config)
 	[squeeze] - xymon <no-dsa> (Not remotely exploitable in Debian default config)
-CVE-2013-4172
+CVE-2013-4172 (The Red Hat CloudForms Management Engine 5.1 allow remote administrato ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2013-4171
+CVE-2013-4171 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller b ...)
 	NOT-FOR-US: Apache Roller
 CVE-2013-4170
 	RESERVED
-CVE-2013-4169
+CVE-2013-4169 (GNOME Display Manager (gdm) before 2.21.1 allows local users to change ...)
 	- gdm <removed> (unimportant)
 	- gdm3 <not-affected> (Only affected older gdm < 2.21.1)
 	NOTE: In Debian /tmp/.X11-unix is created by  /etc/init.d/x11-common
@@ -8887,33 +8887,33 @@ CVE-2013-4168 [start and end time fields not filtered]
 	- smokeping 2.6.8-2 (low)
 	[squeeze] - smokeping <no-dsa> (Minor issue)
 	NOTE: https://github.com/oetiker/SmokePing/commit/bad9f9c28f0939b269f90072aa4cf41f20f15563
-CVE-2013-4167
+CVE-2013-4167 (Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) be ...)
 	- cmsms <itp> (bug #608888)
 CVE-2013-4166 [problem in GPG key selection when encrypting mail]
 	RESERVED
 	- evolution <unfixed> (unimportant)
 	NOTE: Regular UI bug, not a security issue.
-CVE-2013-4165
+CVE-2013-4165 (The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provid ...)
 	- bitcoin 0.8.4-1 (bug #717828)
 	NOTE: https://github.com/bitcoin/bitcoin/issues/2838
-CVE-2013-4164
+CVE-2013-4164 (Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 bef ...)
 	{DSA-2810-1 DSA-2809-1}
 	- ruby1.8 1.8.7.358-9 (bug #730189)
 	- ruby1.9.1 1.9.3.484-1 (bug #730178)
 	- ruby2.0 2.0.0.353-1 (bug #730190)
 	NOTE: https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/
-CVE-2013-4163
+CVE-2013-4163 (The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6  ...)
 	{DSA-2745-1}
 	- linux 3.10.5-1
 	- linux-2.6 <not-affected> (Introduced in 3.5)
-CVE-2013-4162
+CVE-2013-4162 (The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6  ...)
 	{DSA-2906-1 DSA-2745-1}
 	- linux 3.10.5-1 (low)
 	- linux-2.6 <removed> (low)
 CVE-2013-4161
 	RESERVED
 	- gksu-polkit <not-affected> (CVE for improperly applied fix for CVE-2012-5617 on Red Hat)
-CVE-2013-4160
+CVE-2013-4160 (Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other ...)
 	- lcms 1.19.dfsg1-1.3 (low; bug #728208)
 	[squeeze] - lcms <no-dsa> (Minor issue)
 	[wheezy] - lcms 1.19.dfsg2-1.2+deb7u1
@@ -8921,7 +8921,7 @@ CVE-2013-4160
 	[wheezy] - lcms2 2.2+git20110628-2.2+deb7u1
 	NOTE: https://github.com/mm2/Little-CMS/commit/91c2db7f2559be504211b283bc3a2c631d6f06d9
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=826097#c9
-CVE-2013-4159
+CVE-2013-4159 (ctdb before 2.3 in OpenSUSE 12.3 and 13.1 does not create temporary fi ...)
 	- ctdb 2.5.1+debian0-1 (bug #749840)
 	[wheezy] - ctdb <no-dsa> (Minor issue)
 	[squeeze] - ctdb <no-dsa> (Minor issue)
@@ -8930,59 +8930,59 @@ CVE-2013-4158
 	- smokeping <not-affected> (fix for CVE-2012-0790/DSA-2651-1 uses regexp from 2.6.9 upstream release)
 	NOTE: CVE is for incomplete fix for CVE-2012-0790
 	NOTE: Debian package applied already the more complete fix, see #659899
-CVE-2013-4157
+CVE-2013-4157 (Red Hat Storage 2.0 allows local users to overwrite arbitrary files vi ...)
 	NOT-FOR-US: Red Hat Storage Server
-CVE-2013-4156
+CVE-2013-4156 (Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to caus ...)
 	- libreoffice 1:4.1.0-1 (unimportant)
 	[wheezy] - libreoffice <ignored> (Minor issue)
 	- openoffice.org <removed> (unimportant)
 	NOTE: Harmless crash
-CVE-2013-4155
+CVE-2013-4155 (OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows aut ...)
 	{DSA-2737-1}
 	- swift 1.8.0-7 (bug #719008)
-CVE-2013-4154
+CVE-2013-4154 (The qemuAgentCommand function in libvirt before 1.1.1, when a guest ag ...)
 	- libvirt 1.1.0-4 (low; bug #717355)
 	[squeeze] - libvirt <not-affected> (only affects >= 1.1.0)
 	[wheezy] - libvirt <not-affected> (only affects >= 1.1.0)
 	NOTE: Introduced by http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=d47eff88fe50e43a36671f6d8d0eeda52835d5e0 (v1.1.0)
 	NOTE: http://openwall.com/lists/oss-security/2013/07/19/12
-CVE-2013-4153
+CVE-2013-4153 (Double free vulnerability in the qemuAgentGetVCPUs function in qemu/qe ...)
 	- libvirt 1.1.0-4 (bug #717354)
 	[squeeze] - libvirt <not-affected> (Introduced in 1.0.6)
 	[wheezy] - libvirt <not-affected> (Introduced in 1.0.6)
 	NOTE: http://openwall.com/lists/oss-security/2013/07/19/11
-CVE-2013-4152
+CVE-2013-4152 (The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1,  ...)
 	{DSA-2842-1}
 	- libspring-java 3.0.6.RELEASE-10 (low; bug #720902)
-CVE-2013-4151
+CVE-2013-4151 (The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 a ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4150
+CVE-2013-4150 (The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 thro ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4149
+CVE-2013-4149 (Buffer overflow in virtio_net_load function in net/virtio-net.c in QEM ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4148
+CVE-2013-4148 (Integer signedness error in the virtio_net_load function in hw/net/vir ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4147
+CVE-2013-4147 (Multiple format string vulnerabilities in Yet Another Radius Daemon (Y ...)
 	- yardradius <removed> (low; bug #714612)
 	[squeeze] - yardradius <no-dsa> (Minor issue)
 	[wheezy] - yardradius <no-dsa> (Minor issue)
@@ -8992,30 +8992,30 @@ CVE-2013-4145
 	REJECTED
 CVE-2013-4144
 	RESERVED
-CVE-2013-4143
+CVE-2013-4143 (The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockm ...)
 	- xlockmore <removed>
 	NOTE: http://openwall.com/lists/oss-security/2013/07/16/8
 CVE-2013-4142
 	REJECTED
 CVE-2013-4141
 	REJECTED
-CVE-2013-4140
+CVE-2013-4140 (Cross-site scripting (XSS) vulnerability in the TinyBox (Simple Splash ...)
 	NOT-FOR-US: TinyBox Drupal contributed module
-CVE-2013-4139
+CVE-2013-4139 (The Stage File Proxy module 7.x-1.x before 7.x-1.4 for Drupal allows r ...)
 	NOT-FOR-US: Stage File Proxy Drupal contributed module
-CVE-2013-4138
+CVE-2013-4138 (Cross-site scripting (XSS) vulnerability in the Hatch theme 7.x-1.x be ...)
 	NOT-FOR-US: Hatch Drupal contributed module
-CVE-2013-4137
+CVE-2013-4137 (Multiple SQL injection vulnerabilities in StatusNet 1.0 before 1.0.2 a ...)
 	- statusnet <itp> (bug #491723)
-CVE-2013-4136
+CVE-2013-4136 (ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 f ...)
 	- passenger 3.0.13debian-1.2
 	- ruby-passenger 3.0.13debian-1.2 (low; bug #717176)
 	[squeeze] - passenger <no-dsa> (minor, local, issue)
 	[wheezy] - ruby-passenger 3.0.13debian-1+deb7u1
-CVE-2013-4135
+CVE-2013-4135 (The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt ...)
 	{DSA-2729-1}
 	- openafs 1.6.5-1
-CVE-2013-4134
+CVE-2013-4134 (OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 use ...)
 	{DSA-2729-1}
 	- openafs 1.6.5-1
 CVE-2013-4133 [memory leak]
@@ -9023,37 +9023,37 @@ CVE-2013-4133 [memory leak]
 	- kde-workspace 4:4.10.5-3 (unimportant; bug #717180)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=314919
 	NOTE: Plain bug, security implication rather far-fetched
-CVE-2013-4132
+CVE-2013-4132 (KDE-Workspace 4.10.5 and earlier does not properly handle the return v ...)
 	- kde-workspace 4:4.10.5-3 (bug #717180)
 	[wheezy] - kde-workspace <not-affected> (Only exploitable with glibc 2.17)
 	- kdebase-workspace <not-affected> (Only exploitable with glibc 2.17)
 	NOTE: https://git.reviewboard.kde.org/r/111261/
 	NOTE: https://projects.kde.org/projects/kde/kde-workspace/repository/revisions/45b7f137fbc0b942fd2c9b4e8d8c1f0293e64ba7
 	NOTE: only relevant with eglibc >= 2.17.
-CVE-2013-4131
+CVE-2013-4131 (The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through ...)
 	- subversion 1.7.13-1 (bug #717794)
 	[squeeze] - subversion <not-affected> (Only affects >= 1.7)
 	[wheezy] - subversion <not-affected> (Only affects >= 1.7)
-CVE-2013-4130
+CVE-2013-4130 (The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty ...)
 	{DSA-2839-1}
 	- spice 0.12.4-0nocelt1 (low; bug #717030)
 	[wheezy] - spice <no-dsa> (Minor issue)
-CVE-2013-4129
+CVE-2013-4129 (The bridge multicast implementation in the Linux kernel through 3.10.3 ...)
 	- linux <not-affected> (Introduced in 3.11-rc1)
 	- linux-2.6 <not-affected> (Introduced in 3.11-rc1)
-CVE-2013-4128
+CVE-2013-4128 (Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not pro ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2013-4127
+CVE-2013-4127 (Use-after-free vulnerability in the vhost_net_set_backend function in  ...)
 	- linux 3.10.5-1
 	[wheezy] - linux <not-affected> (Introduced in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
 CVE-2013-4126
 	RESERVED
-CVE-2013-4125
+CVE-2013-4125 (The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack  ...)
 	- linux 3.10.5-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 	- linux-2.6 <not-affected> (Introduced in 3.7)
-CVE-2013-4124
+CVE-2013-4124 (Integer overflow in the read_nttrans_ea_list function in nttrans.c in  ...)
 	- samba 2:3.6.17-1 (low)
 	[wheezy] - samba 2:3.6.6-6+deb7u1
 	[squeeze] - samba 2:3.5.6~dfsg-3squeeze10
@@ -9062,13 +9062,13 @@ CVE-2013-4124
 	NOTE: https://www.samba.org/samba/security/CVE-2013-4124
 	NOTE: samba as per 2:4.0.9+dfsg-2 is the first upload of the unified samba 4.x package to unstable.
 	NOTE: Issue also fixed in 4.0.8 upstream, thus the fix still contained in 4.x in unstable
-CVE-2013-4123
+CVE-2013-4123 (client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3 ...)
 	- squid <not-affected> (Only affects 3.2 onwards)
 	- squid3 3.3.8-1 (bug #716743)
 	[wheezy] - squid3 <not-affected> (Only affects 3.2 onwards)
 	[squeeze] - squid3 <not-affected> (Only affects 3.2 onwards)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2013_3.txt
-CVE-2013-4122
+CVE-2013-4122 (Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a ...)
 	{DSA-3368-1}
 	- cyrus-sasl2 2.1.26.dfsg1-14 (bug #716835; bug #784112)
 	[wheezy] - cyrus-sasl2 <not-affected> (Only exploitable with eglibc 2.17 and later)
@@ -9083,40 +9083,40 @@ CVE-2013-4121
 CVE-2013-4120
 	RESERVED
 	NOT-FOR-US: Katello
-CVE-2013-4119
+CVE-2013-4119 (FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause  ...)
 	- freerdp <not-affected> (The server part is not build)
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/0773bb9303d24473fe1185d85a424dfe159aff53
 	NOTE: Server disabled: option(WITH_SERVER "Build server binaries" OFF) in CMakeLists.txt
-CVE-2013-4118
+CVE-2013-4118 (FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial o ...)
 	- freerdp <not-affected> (The server part is not build)
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/7d58aac24fe20ffaad7bd9b40c9ddf457c1b06e7
 	NOTE: Server disabled: option(WITH_SERVER "Build server binaries" OFF) in CMakeLists.txt
-CVE-2013-4117
+CVE-2013-4117 (Cross-site scripting (XSS) vulnerability in includes/CatGridPost.php i ...)
 	NOT-FOR-US: WordPress plugin category-grid-view-gallery
-CVE-2013-4116
+CVE-2013-4116 (lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local us ...)
 	- npm 1.3.10~dfsg-1 (bug #715325)
 	NOTE: Upstream fix https://github.com/isaacs/npm/commit/f4d31693
 	NOTE: https://github.com/isaacs/npm/issues/3635
-CVE-2013-4115
+CVE-2013-4115 (Buffer overflow in the idnsALookup function in dns_internal.cc in Squi ...)
 	- squid <not-affected> (Only affects 3.2 onwards)
 	- squid3 3.3.8-1 (bug #716743)
 	[wheezy] - squid3 <not-affected> (Only affects 3.2 onwards)
 	[squeeze] - squid3 <not-affected> (Only affects 3.2 onwards)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2013_2.txt
-CVE-2013-4114
+CVE-2013-4114 (The automatic update request in Nagstamont before 0.9.10 uses a cleart ...)
 	- nagstamon 0.9.9-2 (low; bug #716718)
 	[wheezy] - nagstamon <no-dsa> (Minor issue)
 	[squeeze] - nagstamon <no-dsa> (Minor issue)
 	NOTE: update checks are disabled in Debian by default, see debian/patches/check-for-new-version.patch
-CVE-2013-4113
+CVE-2013-4113 (ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing  ...)
 	{DSA-2723-1}
 	- php5 5.5.0+dfsg-15 (bug #717139)
-CVE-2013-4112
+CVE-2013-4112 (The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and ...)
 	- libjgroups-java 2.12.2.Final-4 (bug #717031)
 	[wheezy] - libjgroups-java <no-dsa> (Minor issue)
 	[squeeze] - libjgroups-java <no-dsa> (Minor issue)
 	NOTE: libjgroups-java/2.12.2.Final-4 disables diagnostic probing by default
-CVE-2013-4111
+CVE-2013-4111 (The Python client library for Glance (python-glanceclient) before 0.10 ...)
 	- python-glanceclient 1:0.9.0-2 (bug #718282)
 CVE-2013-4110
 	RESERVED
@@ -9151,23 +9151,23 @@ CVE-2013-4101
 CVE-2013-4100
 	RESERVED
 	NOT-FOR-US: Cryptocat
-CVE-2013-4099
+CVE-2013-4099 (Multiple unspecified vulnerabilities in OpenAL32.dll in JOAL 2.0-rc11, ...)
 	NOT-FOR-US: JOGAMP
-CVE-2013-4098
+CVE-2013-4098 (ServerAdmin/ErrorViewer.jsp in DS3 Authentication Server allow remote  ...)
 	NOT-FOR-US: DS3 Authentication Server
-CVE-2013-4097
+CVE-2013-4097 (ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows r ...)
 	NOT-FOR-US: DS3 Authentication Server
-CVE-2013-4096
+CVE-2013-4096 (ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server allo ...)
 	NOT-FOR-US: DS3 Authentication Server
-CVE-2013-4095
+CVE-2013-4095 (plain/actionsets.html in the SecureSphere Operations Manager (SOM) Man ...)
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2013-4094
+CVE-2013-4094 (The Key Management feature in the SecureSphere Operations Manager (SOM ...)
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2013-4093
+CVE-2013-4093 (The SecureSphere Operations Manager (SOM) Management Server in Imperva ...)
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2013-4092
+CVE-2013-4092 (The SecureSphere Operations Manager (SOM) Management Server in Imperva ...)
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2013-4091
+CVE-2013-4091 (The SecureSphere Operations Manager (SOM) Management Server in Imperva ...)
 	NOT-FOR-US: Imperva SecureSphere
 CVE-2013-4090
 	RESERVED
@@ -9188,62 +9188,62 @@ CVE-2013-4085
 	RESERVED
 CVE-2013-4084
 	RESERVED
-CVE-2013-4083
+CVE-2013-4083 (The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the D ...)
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark 1.2.11-6+squeeze11
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8717
-CVE-2013-4082
+CVE-2013-4082 (The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file par ...)
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8760
-CVE-2013-4081
+CVE-2013-4081 (The http_payload_subdissector function in epan/dissectors/packet-http. ...)
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (unimportant; bug #711918)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8733
 	NOTE: Not suitable for code injection
-CVE-2013-4080
+CVE-2013-4080 (The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors ...)
 	{DLA-497-1}
 	- wireshark 1.10.0-1 (unimportant; bug #711918)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8764
-CVE-2013-4079
+CVE-2013-4079 (The dissect_schedule_message function in epan/dissectors/packet-gsm_cb ...)
 	{DLA-497-1}
 	- wireshark 1.10.0-1 (unimportant; bug #711918)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8730
-CVE-2013-4078
+CVE-2013-4078 (epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x b ...)
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7862
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8729
-CVE-2013-4077
+CVE-2013-4077 (Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8. ...)
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8697
-CVE-2013-4076
+CVE-2013-4076 (Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissector ...)
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7880
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8727
-CVE-2013-4075
+CVE-2013-4075 (epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wire ...)
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8+)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7664
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8726
-CVE-2013-4074
+CVE-2013-4074 (The dissect_capwap_data function in epan/dissectors/packet-capwap.c in ...)
 	{DSA-2709-1}
 	- wireshark 1.10.0-1 (bug #711918)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8725
-CVE-2013-4073
+CVE-2013-4073 (The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/s ...)
 	{DSA-2809-1 DSA-2738-1}
 	- ruby1.8 1.8.7.358-7.1 (bug #714541)
 	- ruby1.9.1 1.9.3.194-8.2 (bug #714543)
@@ -9257,125 +9257,125 @@ CVE-2013-4072
 	RESERVED
 CVE-2013-4071
 	RESERVED
-CVE-2013-4070
+CVE-2013-4070 (The Portal application in IBM SPSS Collaboration and Deployment Servic ...)
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4069
+CVE-2013-4069 (The Portal application in IBM SPSS Collaboration and Deployment Servic ...)
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4068
+CVE-2013-4068 (Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 b ...)
 	NOT-FOR-US: IBM
-CVE-2013-4067
+CVE-2013-4067 (IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and  ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2013-4066
+CVE-2013-4066 (IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and  ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2013-4065
+CVE-2013-4065 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x ...)
 	NOT-FOR-US: iNotes in IBM Domino
-CVE-2013-4064
+CVE-2013-4064 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x ...)
 	NOT-FOR-US: iNotes in IBM Domino
-CVE-2013-4063
+CVE-2013-4063 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x ...)
 	NOT-FOR-US: iNotes in IBM Domino
-CVE-2013-4062
+CVE-2013-4062 (IBM Rational Policy Tester 8.5 before 8.5.0.5 does not verify X.509 ce ...)
 	NOT-FOR-US: IBM
-CVE-2013-4061
+CVE-2013-4061 (IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check  ...)
 	NOT-FOR-US: IBM
 CVE-2013-4060
 	RESERVED
-CVE-2013-4059
+CVE-2013-4059 (Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere  ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-4058
+CVE-2013-4058 (Multiple SQL injection vulnerabilities in IBM InfoSphere Information S ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-4057
+CVE-2013-4057 (Cross-site request forgery (CSRF) vulnerability in the XML Pack in IBM ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-4056
+CVE-2013-4056 (Cross-site request forgery (CSRF) vulnerability in the Data Quality Co ...)
 	NOT-FOR-US: IBM
-CVE-2013-4055
+CVE-2013-4055 (Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web ...)
 	NOT-FOR-US: IBM Domino
-CVE-2013-4054
+CVE-2013-4054 (Directory traversal vulnerability in WMQ Telemetry in IBM WebSphere MQ ...)
 	NOT-FOR-US: WebSphere
-CVE-2013-4053
+CVE-2013-4053 (The WS-Security implementation in IBM WebSphere Application Server (WA ...)
 	NOT-FOR-US: WebSphere
-CVE-2013-4052
+CVE-2013-4052 (Cross-site scripting (XSS) vulnerability in the UDDI Administrative co ...)
 	NOT-FOR-US: WebSphere
-CVE-2013-4051
+CVE-2013-4051 (Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web ...)
 	NOT-FOR-US: IBM Domino
-CVE-2013-4050
+CVE-2013-4050 (Cross-site request forgery (CSRF) vulnerability in webadmin.nsf in Dom ...)
 	NOT-FOR-US: IBM Domino
-CVE-2013-4049
+CVE-2013-4049 (Unrestricted file upload vulnerability in IBM SPSS Analytical Decision ...)
 	NOT-FOR-US: IBM SPSS
-CVE-2013-4048
+CVE-2013-4048 (Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical Decisi ...)
 	NOT-FOR-US: IBM SPSS
-CVE-2013-4047
+CVE-2013-4047 (Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical Decisi ...)
 	NOT-FOR-US: IBM SPSS
-CVE-2013-4046
+CVE-2013-4046 (Open redirect vulnerability in IBM SPSS Collaboration and Deployment S ...)
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4045
+CVE-2013-4045 (Cross-site scripting (XSS) vulnerability in the Portal application in  ...)
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4044
+CVE-2013-4044 (IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF ...)
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4043
+CVE-2013-4043 (The server in IBM SPSS Collaboration and Deployment Services 4.x befor ...)
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4042
+CVE-2013-4042 (Unspecified vulnerability in IBM SPSS Collaboration and Deployment Ser ...)
 	NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
-CVE-2013-4041
+CVE-2013-4041 (Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 ...)
 	NOT-FOR-US: IBM JDK
-CVE-2013-4040
+CVE-2013-4040 (IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x be ...)
 	NOT-FOR-US: IBM Tivoli Application Dependency Discovery Manager
-CVE-2013-4039
+CVE-2013-4039 (IBM WebSphere Extended Deployment Compute Grid 8.0 before 8.0.0.3 allo ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-4038
+CVE-2013-4038 (The Intelligent Platform Management Interface (IPMI) implementation in ...)
 	NOT-FOR-US: IBM BladeCenter
-CVE-2013-4037
+CVE-2013-4037 (The RAKP protocol support in the Intelligent Platform Management Inter ...)
 	NOT-FOR-US: IBM BladeCenter
-CVE-2013-4036
+CVE-2013-4036 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data ...)
 	NOT-FOR-US: IBM
-CVE-2013-4035
+CVE-2013-4035 (IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, ...)
 	NOT-FOR-US: IBM Sterling
-CVE-2013-4034
+CVE-2013-4034 (IBM Cognos Business Intelligence 8.4.1 before IF3, 10.1.0 before IF4,  ...)
 	NOT-FOR-US: IBM
-CVE-2013-4033
+CVE-2013-4033 (IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through ...)
 	NOT-FOR-US: IBM DB2
-CVE-2013-4032
+CVE-2013-4032 (The Fast Communications Manager (FCM) in IBM DB2 Enterprise Server Edi ...)
 	NOT-FOR-US: IBM
-CVE-2013-4031
+CVE-2013-4031 (The Intelligent Platform Management Interface (IPMI) implementation in ...)
 	NOT-FOR-US: IBM BladeCenter
-CVE-2013-4030
+CVE-2013-4030 (Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X ...)
 	NOT-FOR-US: IBM System X and Flex System
 CVE-2013-4029
 	RESERVED
 CVE-2013-4028
 	RESERVED
-CVE-2013-4027
+CVE-2013-4027 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, a ...)
 	NOT-FOR-US: IBM Maximo Asset Management
 CVE-2013-4026
 	RESERVED
-CVE-2013-4025
+CVE-2013-4025 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager  ...)
 	NOT-FOR-US: IBM
-CVE-2013-4024
+CVE-2013-4024 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager  ...)
 	NOT-FOR-US: IBM
 CVE-2013-4023
 	RESERVED
-CVE-2013-4022
+CVE-2013-4022 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager  ...)
 	NOT-FOR-US: IBM
-CVE-2013-4021
+CVE-2013-4021 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, an ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4020
+CVE-2013-4020 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, a ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4019
+CVE-2013-4019 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4018
+CVE-2013-4018 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, an ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4017
+CVE-2013-4017 (SQL injection vulnerability in IBM Maximo Asset Management 7.1 before  ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4016
+CVE-2013-4016 (SQL injection vulnerability in IBM Maximo Asset Management 7.x before  ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4015
+CVE-2013-4015 (Microsoft Internet Explorer 6 through 10 allows local users to bypass  ...)
 	NOT-FOR-US: MS IE
-CVE-2013-4014
+CVE-2013-4014 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4013
+CVE-2013-4013 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, a ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4012
+CVE-2013-4012 (IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF09, when Content Templat ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-4011
+CVE-2013-4011 (Multiple unspecified vulnerabilities in the InfiniBand subsystem in IB ...)
 	NOT-FOR-US: IBM AIX
 CVE-2013-4010
 	RESERVED
@@ -9383,84 +9383,84 @@ CVE-2013-4009
 	RESERVED
 CVE-2013-4008
 	RESERVED
-CVE-2013-4007
+CVE-2013-4007 (Cross-site scripting (XSS) vulnerability in adv_sw.php in the Advanced ...)
 	NOT-FOR-US: IBM
-CVE-2013-4006
+CVE-2013-4006 (IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before 8.5. ...)
 	NOT-FOR-US: IBM
-CVE-2013-4005
+CVE-2013-4005 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-4004
+CVE-2013-4004 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-4003
+CVE-2013-4003 (Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA App ...)
 	NOT-FOR-US: IBM TRIRIGA
-CVE-2013-4002
+CVE-2013-4002 (XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used i ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-4001
+CVE-2013-4001 (Session fixation vulnerability in IBM Cognos Command Center before 10. ...)
 	NOT-FOR-US: IBM Cognos Command Center
-CVE-2013-4000
+CVE-2013-4000 (Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Cogn ...)
 	NOT-FOR-US: IBM Cognos Command Center
-CVE-2013-3999
+CVE-2013-3999 (Cross-site scripting (XSS) vulnerability in IBM Social Media Analytics ...)
 	NOT-FOR-US: IBM Social Media Analytics
-CVE-2013-3998
+CVE-2013-3998 (CRLF injection vulnerability in the Web Application Enterprise Console ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-3997
+CVE-2013-3997 (Open redirect vulnerability in the Web Application Enterprise Console  ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-3996
+CVE-2013-3996 (IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle FR ...)
 	NOT-FOR-US: IBM
-CVE-2013-3995
+CVE-2013-3995 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere BigInsights ...)
 	NOT-FOR-US: IBM
 CVE-2013-3994
 	RESERVED
-CVE-2013-3993
+CVE-2013-3993 (IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated  ...)
 	NOT-FOR-US: IBM InfoSphere BigInsights
-CVE-2013-3992
+CVE-2013-3992 (Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere BigI ...)
 	NOT-FOR-US: IBM
 CVE-2013-3991
 	RESERVED
-CVE-2013-3990
+CVE-2013-3990 (Cross-site scripting (XSS) vulnerability in the MIME e-mail functional ...)
 	NOT-FOR-US: IBM
-CVE-2013-3989
+CVE-2013-3989 (IBM Security AppScan Enterprise 8.x before 8.8 sends a cleartext AppSc ...)
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-3988
+CVE-2013-3988 (The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x throu ...)
 	NOT-FOR-US: IBM Sametime
 CVE-2013-3987
 	RESERVED
-CVE-2013-3986
+CVE-2013-3986 (IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote attackers to cause  ...)
 	NOT-FOR-US: IBM
-CVE-2013-3985
+CVE-2013-3985 (The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-3984
+CVE-2013-3984 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3983
+CVE-2013-3983 (The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x throu ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3982
+CVE-2013-3982 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3981
+CVE-2013-3981 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3980
+CVE-2013-3980 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3979
+CVE-2013-3979 (Multiple cross-site scripting (XSS) vulnerabilities in the help pages  ...)
 	NOT-FOR-US: IBM Cognos Command Center
-CVE-2013-3978
+CVE-2013-3978 (The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x throu ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3977
+CVE-2013-3977 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3976
+CVE-2013-3976 (The (1) Data Protection for Exchange component 6.1 before 6.1.3.4 and  ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2013-3975
+CVE-2013-3975 (Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x th ...)
 	NOT-FOR-US: IBM Sametime
 CVE-2013-3974
 	RESERVED
-CVE-2013-3973
+CVE-2013-3973 (SQL injection vulnerability in IBM Maximo Asset Management 7.1 before  ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-3972
+CVE-2013-3972 (IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-3971
+CVE-2013-3971 (IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0. ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-3970
+CVE-2013-3970 (Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7. ...)
 	NOT-FOR-US: Juniper Junos Pulse Secure Access Service
-CVE-2013-3969
+CVE-2013-3969 (The find prototype in scripting/engine_v8.h in MongoDB 2.4.0 through 2 ...)
 	- mongodb 1:2.4.5-1 (bug #715007; bug #717173)
 	[squeeze] - mongodb <not-affected> (Only affects 2.4.x)
 	[wheezy] - mongodb <not-affected> (Only affects 2.4.x)
@@ -9473,41 +9473,41 @@ CVE-2013-3966
 	RESERVED
 CVE-2013-3965
 	RESERVED
-CVE-2013-3964
+CVE-2013-3964 (Cross-site scripting (XSS) vulnerability in Samsung SHR-5162, SHR-5082 ...)
 	NOT-FOR-US: Samsung
-CVE-2013-3963
+CVE-2013-3963 (Cross-site request forgery (CSRF) vulnerability in goform/usermanage i ...)
 	NOT-FOR-US: Grandstream
-CVE-2013-3962
+CVE-2013-3962 (Cross-site scripting (XSS) vulnerability in Grandstream GXV3501, GXV35 ...)
 	NOT-FOR-US: Grandstream
-CVE-2013-3961
+CVE-2013-3961 (SQL injection vulnerability in edit_event.php in Simple PHP Agenda bef ...)
 	NOT-FOR-US: Simple PHP Agenda
 CVE-2013-3960
 	RESERVED
-CVE-2013-3959
+CVE-2013-3959 (The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIM ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-3958
+CVE-2013-3958 (The login implementation in the Web Navigator in Siemens WinCC before  ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-3957
+CVE-2013-3957 (SQL injection vulnerability in the login screen in the Web Navigator i ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-3956
+CVE-2013-3956 (The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windo ...)
 	NOT-FOR-US: Novell Client on Windows
-CVE-2013-3955
+CVE-2013-3955 (The get_xattrinfo function in the XNU kernel in Apple iOS 5.x and 6.x  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-3954
+CVE-2013-3954 (The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-3953
+CVE-2013-3953 (The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-3952
+CVE-2013-3952 (The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-3951
+CVE-2013-3951 (sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-3950
+CVE-2013-3950 (Stack-based buffer overflow in the openSharedCacheFile function in dyl ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-3949
+CVE-2013-3949 (The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-3948
+CVE-2013-3948 (Apple iOS 6.1.3 does not follow redirects during determination of the  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-3947
+CVE-2013-3947 (Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 ...)
 	NOT-FOR-US: AhnLab V3 Internet Security
 CVE-2013-3946
 	RESERVED
@@ -9515,17 +9515,17 @@ CVE-2013-3945
 	RESERVED
 CVE-2013-3944
 	RESERVED
-CVE-2013-3943
+CVE-2013-3943 (Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6. ...)
 	NOT-FOR-US: DotNetNukeDot
 CVE-2013-3942
 	RESERVED
 CVE-2013-3941
 	RESERVED
-CVE-2013-3940
+CVE-2013-3940 (Integer overflow in the Graphics Device Interface (GDI) in Microsoft W ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-3939
 	RESERVED
-CVE-2013-3938
+CVE-2013-3938 (Integer overflow in xnview.exe in XnView 2.13 allows remote attackers  ...)
 	NOT-FOR-US: XnView
 CVE-2013-3937
 	RESERVED
@@ -9533,347 +9533,347 @@ CVE-2013-3936
 	RESERVED
 CVE-2013-3935
 	RESERVED
-CVE-2013-3934
+CVE-2013-3934 (Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as use ...)
 	NOT-FOR-US: Kingsoft Office 2013
-CVE-2013-3933
+CVE-2013-3933 (Cross-site scripting (XSS) vulnerability in the JoomShopping (com_joom ...)
 	NOT-FOR-US: Joomla component com_joomshopping
 CVE-2013-3932
 	RESERVED
 CVE-2013-3931
 	RESERVED
-CVE-2013-3930
+CVE-2013-3930 (Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows r ...)
 	NOT-FOR-US: Core FTP (client)
-CVE-2013-3929
+CVE-2013-3929 (Cross-site scripting (XSS) vulnerability in admin/editevent.php in CMS ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2013-3928
+CVE-2013-3928 (Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in ...)
 	NOT-FOR-US: Chasys Draw IES
-CVE-2013-3927
+CVE-2013-3927 (Unspecified vulnerability in the client library in Siemens COMOS 9.2 b ...)
 	NOT-FOR-US: Siemens COMOS
-CVE-2013-3926
+CVE-2013-3926 (** DISPUTED ** Atlassian Crowd 2.6.3 allows remote attackers to execut ...)
 	NOT-FOR-US: Atlassian Crowd
-CVE-2013-3925
+CVE-2013-3925 (Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4 ...)
 	NOT-FOR-US: Atlassian Crowd
 CVE-2013-3924
 	RESERVED
-CVE-2013-3923
+CVE-2013-3923 (Directory traversal vulnerability in SavySoda WiFi HD Free before 7.0  ...)
 	NOT-FOR-US: SavySoda WiFi HD Free
-CVE-2013-3922
+CVE-2013-3922 (Directory traversal vulnerability in Gummy Bear Studios FTP Drive + HT ...)
 	NOT-FOR-US: Gummy Bear Studios FTP Drive + HTTP Server
-CVE-2013-3921
+CVE-2013-3921 (Directory traversal vulnerability in Easytime Studio Easy File Manager ...)
 	NOT-FOR-US: Easytime Studio Easy File Manager
-CVE-2013-3920
+CVE-2013-3920 (Cross-site scripting (XSS) vulnerability in Jahia xCM before 6.6.2 all ...)
 	NOT-FOR-US: Jahia xCM
-CVE-2013-3918
+CVE-2013-3918 (The InformationCardSigninHelper Class ActiveX control in icardie.dll i ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3917
+CVE-2013-3917 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3916
+CVE-2013-3916 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3915
+CVE-2013-3915 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3914
+CVE-2013-3914 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-3913
 	REJECTED
-CVE-2013-3912
+CVE-2013-3912 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3911
+CVE-2013-3911 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3910
+CVE-2013-3910 (Microsoft Internet Explorer 6 through 9 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3909
+CVE-2013-3909 (Microsoft Internet Explorer 6 through 8 allows remote attackers to rea ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3908
+CVE-2013-3908 (Microsoft Internet Explorer 6 through 10 allows user-assisted remote a ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3907
+CVE-2013-3907 (portcls.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, ...)
 	NOT-FOR-US: Microsoft Windows Vista
-CVE-2013-3906
+CVE-2013-3906 (GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3905
+CVE-2013-3905 (Microsoft Outlook 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT does n ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-3904
 	REJECTED
-CVE-2013-3903
+CVE-2013-3903 (Array index error in win32k.sys in the kernel-mode drivers in Microsof ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3902
+CVE-2013-3902 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-3901
 	REJECTED
-CVE-2013-3900
+CVE-2013-3900 (The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3899
+CVE-2013-3899 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3898
+CVE-2013-3898 (Microsoft Windows 8 and Windows Server 2012, when Hyper-V is used, doe ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3897
+CVE-2013-3897 (Use-after-free vulnerability in the CDisplayPointer class in mshtml.dl ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3896
+CVE-2013-3896 (Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate  ...)
 	NOT-FOR-US: Microsoft Silverlight
-CVE-2013-3895
+CVE-2013-3895 (Microsoft SharePoint Server 2007 SP3 and 2010 SP1 and SP2 allows remot ...)
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2013-3894
+CVE-2013-3894 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3893
+CVE-2013-3893 (Use-after-free vulnerability in the SetMouseCapture implementation in  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3892
+CVE-2013-3892 (Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2013-3891
+CVE-2013-3891 (Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary c ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2013-3890
+CVE-2013-3890 (Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3889
+CVE-2013-3889 (Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3888
+CVE-2013-3888 (dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3887
+CVE-2013-3887 (The Ancillary Function Driver (AFD) in afd.sys in the kernel-mode driv ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3886
+CVE-2013-3886 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3885
+CVE-2013-3885 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3884
 	REJECTED
 CVE-2013-3883
 	REJECTED
-CVE-2013-3882
+CVE-2013-3882 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3881
+CVE-2013-3881 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3880
+CVE-2013-3880 (The App Container feature in the kernel-mode drivers in Microsoft Wind ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3879
+CVE-2013-3879 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3878
+CVE-2013-3878 (Stack-based buffer overflow in the LRPC client in Microsoft Windows XP ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-3877
 	REJECTED
-CVE-2013-3876
+CVE-2013-3876 (DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3875
+CVE-2013-3875 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3874
+CVE-2013-3874 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3873
+CVE-2013-3873 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3872
+CVE-2013-3872 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3871
+CVE-2013-3871 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3870
+CVE-2013-3870 (Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 a ...)
 	NOT-FOR-US: Microsoft Outlook
-CVE-2013-3869
+CVE-2013-3869 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vis ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3868
+CVE-2013-3868 (Microsoft Active Directory Lightweight Directory Service (AD LDS) on W ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-3867
 	REJECTED
-CVE-2013-3866
+CVE-2013-3866 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3865
+CVE-2013-3865 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3864
+CVE-2013-3864 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3863
+CVE-2013-3863 (Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote atta ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3862
+CVE-2013-3862 (Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3861
+CVE-2013-3861 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allo ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-3860
+CVE-2013-3860 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-3859
+CVE-2013-3859 (Microsoft Pinyin IME 2010, when used in conjunction with Microsoft Off ...)
 	NOT-FOR-US: Microsoft Pinyin IME
-CVE-2013-3858
+CVE-2013-3858 (Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3857
+CVE-2013-3857 (Microsoft Word Automation Services in SharePoint Server 2010 SP1 and S ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3856
+CVE-2013-3856 (Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3855
+CVE-2013-3855 (Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3854
+CVE-2013-3854 (Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3853
+CVE-2013-3853 (Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3852
+CVE-2013-3852 (Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1; Office Compatibility  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3851
+CVE-2013-3851 (Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, Of ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3850
+CVE-2013-3850 (Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compat ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2013-3849
+CVE-2013-3849 (Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3848
+CVE-2013-3848 (Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3847
+CVE-2013-3847 (Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3846
+CVE-2013-3846 (Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 a ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3845
+CVE-2013-3845 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-3844
 	REJECTED
-CVE-2013-3842
+CVE-2013-3842 (Unspecified vulnerability Oracle Solaris 10 allows local users to affe ...)
 	NOT-FOR-US: Solaris
-CVE-2013-3841
+CVE-2013-3841 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-3840
+CVE-2013-3840 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-3839
+CVE-2013-3839 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2818-1 DSA-2780-1}
 	- mysql-5.5 5.5.33
 	- mysql-5.1 <removed>
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-3838
+CVE-2013-3838 (Unspecified vulnerability in Oracle SPARC Enterprise T &amp; M Series  ...)
 	NOT-FOR-US: Oracle SPARC Enterprise
-CVE-2013-3837
+CVE-2013-3837 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows remote  ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3836
+CVE-2013-3836 (Unspecified vulnerability in the Oracle Web Cache component in Oracle  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3835
+CVE-2013-3835 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3834
+CVE-2013-3834 (Unspecified vulnerability in the Oracle Secure Global Desktop componen ...)
 	NOT-FOR-US: Oracle Secure Global Desktop
-CVE-2013-3833
+CVE-2013-3833 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3832
+CVE-2013-3832 (Unspecified vulnerability in the Siebel Server Remote component in Ora ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-3831
+CVE-2013-3831 (Unspecified vulnerability in the Oracle Portal component in Oracle Fus ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3830
+CVE-2013-3830 (Unspecified vulnerability in the Hyperion Strategic Finance component  ...)
 	NOT-FOR-US: Oracle Hyperion
-CVE-2013-3829
+CVE-2013-3829 (Unspecified vulnerability in the Java SE, Java SE Embedded component i ...)
 	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 7u45-2.4.3-1
-CVE-2013-3828
+CVE-2013-3828 (Unspecified vulnerability in the Oracle Web Services component in Orac ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3827
+CVE-2013-3827 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2013-3826
+CVE-2013-3826 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3825
+CVE-2013-3825 (Unspecified vulnerability in the Oracle Agile Product Collaboration co ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-3824
+CVE-2013-3824 (Unspecified vulnerability in the Oracle Agile Collaboration Framework  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-3823
+CVE-2013-3823 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-3822
+CVE-2013-3822 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-3821
+CVE-2013-3821 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3820
+CVE-2013-3820 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3819
+CVE-2013-3819 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3818
+CVE-2013-3818 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2013-3817
 	REJECTED
-CVE-2013-3816
+CVE-2013-3816 (Unspecified vulnerability in the Oracle Policy Automation component in ...)
 	NOT-FOR-US: Oracle Industry Applications
 CVE-2013-3815
 	REJECTED
-CVE-2013-3814
+CVE-2013-3814 (Unspecified vulnerability in the Oracle Retail Invoice Matching compon ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-3813
+CVE-2013-3813 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3812
+CVE-2013-3812 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2818-1}
 	- mysql-5.5 5.5.33+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3811
+CVE-2013-3811 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3810
+CVE-2013-3810 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3809
+CVE-2013-3809 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2818-1}
 	- mysql-5.5 5.5.33+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3808
+CVE-2013-3808 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2780-1}
 	- mysql-5.5 5.5.31
 	- mysql-5.1 <removed>
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3807
+CVE-2013-3807 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3806
+CVE-2013-3806 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3805
+CVE-2013-3805 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 5.5.31
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5 and 5.6)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3804
+CVE-2013-3804 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2818-1 DSA-2780-1}
 	- mysql-5.5 5.5.33+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3803
+CVE-2013-3803 (Unspecified vulnerability in the Hyperion BI+ component in Oracle Hype ...)
 	NOT-FOR-US: Oracle Hyperion
-CVE-2013-3802
+CVE-2013-3802 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2818-1 DSA-2780-1}
 	- mysql-5.5 5.5.33+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3801
+CVE-2013-3801 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 5.5.31
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3800
+CVE-2013-3800 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3799
+CVE-2013-3799 (Unspecified vulnerability in Oracle Solaris 10 and 11, when running on ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3798
+CVE-2013-3798 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3797
+CVE-2013-3797 (Unspecified vulnerability in Oracle Solaris 11 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3796
+CVE-2013-3796 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3795
+CVE-2013-3795 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects 5.5 and 5.6)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3794
+CVE-2013-3794 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 5.5.31
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3793
+CVE-2013-3793 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2818-1}
 	- mysql-5.5 5.5.33+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3792
+CVE-2013-3792 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DLA-313-1}
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <no-dsa> (Minor issue)
@@ -9881,109 +9881,109 @@ CVE-2013-3792
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	NOTE: https://www.virtualbox.org/ticket/11863
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
-CVE-2013-3791
+CVE-2013-3791 (Unspecified vulnerability in Enterprise Manager (EM) Base Platform 10. ...)
 	NOT-FOR-US: Oracle Enterprise Manager
-CVE-2013-3790
+CVE-2013-3790 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3789
+CVE-2013-3789 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3788
+CVE-2013-3788 (Unspecified vulnerability in the Oracle iSupplier Portal component in  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-3787
+CVE-2013-3787 (Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote at ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3786
+CVE-2013-3786 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3785
+CVE-2013-3785 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3784
+CVE-2013-3784 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3783
+CVE-2013-3783 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2818-1}
 	- mysql-5.5 5.5.33+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3782
+CVE-2013-3782 (Unspecified vulnerability in the Secure Global Desktop component in Or ...)
 	NOT-FOR-US: Oracle Virtualization
-CVE-2013-3781
+CVE-2013-3781 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3780
+CVE-2013-3780 (Unspecified vulnerability in the PeopleSoft Enterprise Portal componen ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3779
+CVE-2013-3779 (Unspecified vulnerability in the Secure Global Desktop component in Or ...)
 	NOT-FOR-US: Oracle Virtualization
-CVE-2013-3778
+CVE-2013-3778 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-3777
+CVE-2013-3777 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-3776
+CVE-2013-3776 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3775
+CVE-2013-3775 (Unspecified vulnerability in the Oracle iLearning component in Oracle  ...)
 	NOT-FOR-US: Oracle iLearning
-CVE-2013-3774
+CVE-2013-3774 (Unspecified vulnerability in the Network Layer component in Oracle Dat ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3773
+CVE-2013-3773 (Unspecified vulnerability in the SPARC Enterprise M Series Servers com ...)
 	NOT-FOR-US: Oracle and Sun Systems Products Suite
-CVE-2013-3772
+CVE-2013-3772 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3771
+CVE-2013-3771 (Unspecified vulnerability in the Oracle executable component in Oracle ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3770
+CVE-2013-3770 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3769
+CVE-2013-3769 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3768
+CVE-2013-3768 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3767
+CVE-2013-3767 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite Access Gate
-CVE-2013-3766
+CVE-2013-3766 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle Primavera Products Suite
-CVE-2013-3765
+CVE-2013-3765 (Unspecified vulnerability in Oracle Solaris 11 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3764
+CVE-2013-3764 (Unspecified vulnerability in the Oracle Endeca Server component in Ora ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3763
+CVE-2013-3763 (Unspecified vulnerability in the Oracle Endeca Server component in Ora ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3762
+CVE-2013-3762 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-3761
+CVE-2013-3761 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products Portal
-CVE-2013-3760
+CVE-2013-3760 (Unspecified vulnerability in the Oracle executable component in Oracle ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3759
+CVE-2013-3759 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-3758
+CVE-2013-3758 (Unspecified vulnerability in the Enterprise Manager (EM) Base Platform ...)
 	NOT-FOR-US: Oracle Enterprise Manager
-CVE-2013-3757
+CVE-2013-3757 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows re ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3756
+CVE-2013-3756 (Unspecified vulnerability in the Oracle Landed Cost Management compone ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-3755
+CVE-2013-3755 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-3754
+CVE-2013-3754 (Unspecified vulnerability in the Solaris Cluster component in Oracle a ...)
 	NOT-FOR-US: Solaris
-CVE-2013-3753
+CVE-2013-3753 (Unspecified vulnerability in Oracle Solaris 11 allows remote attackers ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3752
+CVE-2013-3752 (Unspecified vulnerability in Oracle Solaris 11 allows remote attackers ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3751
+CVE-2013-3751 (Unspecified vulnerability in the XML Parser component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-3750
+CVE-2013-3750 (Unspecified vulnerability in Oracle Solaris 11 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3749
+CVE-2013-3749 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-3748
+CVE-2013-3748 (Unspecified vulnerability in Oracle Solaris 11 allows remote attackers ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3747
+CVE-2013-3747 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-3746
+CVE-2013-3746 (Unspecified vulnerability in the Solaris Cluster component in Oracle a ...)
 	NOT-FOR-US: Solaris
-CVE-2013-3745
+CVE-2013-3745 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows lo ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-3744
+CVE-2013-3744 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-3743
+CVE-2013-3743 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
 	- openjdk-7 <not-affected> (Only affects Java 5 and Java 6)
@@ -9991,28 +9991,28 @@ CVE-2013-3741
 	RESERVED
 CVE-2013-3740
 	RESERVED
-CVE-2013-3739
+CVE-2013-3739 (Directory traversal vulnerability in editor.php in Network Weathermap  ...)
 	NOT-FOR-US: Network Weathermap
 CVE-2013-3738
 	RESERVED
-CVE-2013-3843
+CVE-2013-3843 (Stack-based buffer overflow in the mk_request_header_process function  ...)
 	- monkey <removed>
 	[squeeze] - monkey <no-dsa> (Minor issue)
-CVE-2013-3919
+CVE-2013-3919 (resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, a ...)
 	- bind9 <not-affected> (vulnerable code not present)
 	NOTE: https://kb.isc.org/article/AA-00967
-CVE-2013-3742
+CVE-2013-3742 (Cross-site scripting (XSS) vulnerability in view_create.php (aka the C ...)
 	- phpmyadmin 4:4.0.1-3 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2013-3737
+CVE-2013-3737 (The MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Requ ...)
 	NOT-FOR-US: Request Tracker extension MobileUI
-CVE-2013-3736
+CVE-2013-3736 (Cross-site scripting (XSS) vulnerability in the MobileUI (aka RT-Exten ...)
 	NOT-FOR-US: Request Tracker extension MobileUI
-CVE-2013-3735
+CVE-2013-3735 (** DISPUTED ** The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 bef ...)
 	- php5 <removed> (unimportant)
 	NOTE: exploitable by malicious scripts only
-CVE-2013-3734
+CVE-2013-3734 (** DISPUTED ** The Embedded Jopr component in JBoss Application Server ...)
 	NOT-FOR-US: Embedded Jopr
 CVE-2013-3733
 	RESERVED
@@ -10022,28 +10022,28 @@ CVE-2013-3731
 	RESERVED
 CVE-2013-3730
 	RESERVED
-CVE-2013-3729
+CVE-2013-3729 (Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler ...)
 	NOT-FOR-US: Kasseler CMS
-CVE-2013-3728
+CVE-2013-3728 (Cross-site scripting (XSS) vulnerability in Kasseler CMS before 2 r123 ...)
 	NOT-FOR-US: Kasseler CMS
-CVE-2013-3727
+CVE-2013-3727 (SQL injection vulnerability in Kasseler CMS before 2 r1232 allows remo ...)
 	NOT-FOR-US: Kasseler CMS
 CVE-2013-3726
 	REJECTED
 CVE-2013-3725
 	RESERVED
-CVE-2013-3724
+CVE-2013-3724 (The mk_request_header_process function in mk_request.c in Monkey 1.1.1 ...)
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
 CVE-2013-3723
 	RESERVED
 CVE-2013-3722
 	RESERVED
-CVE-2013-3721
+CVE-2013-3721 (SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows ...)
 	NOT-FOR-US: PsychoStats
-CVE-2013-3720
+CVE-2013-3720 (Cross-site scripting (XSS) vulnerability in widget_remove.php in the F ...)
 	NOT-FOR-US: Wordpress plugin Feedweb
-CVE-2013-3719
+CVE-2013-3719 (Cross-site scripting (XSS) vulnerability in the aiContactSafe componen ...)
 	NOT-FOR-US: Joomla!
 CVE-2013-3718 [evince missing check on number of pages]
 	RESERVED
@@ -10059,27 +10059,27 @@ CVE-2013-3715
 	RESERVED
 CVE-2013-3714
 	RESERVED
-CVE-2013-3713
+CVE-2013-3713 (The image creation configuration in aaa_base before 16.26.1 for openSU ...)
 	NOT-FOR-US: openSUSE live installer
-CVE-2013-3712
+CVE-2013-3712 (SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for Sy ...)
 	NOT-FOR-US: SUSE Studio Onsite
 CVE-2013-3711
 	RESERVED
-CVE-2013-3710
+CVE-2013-3710 (SUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate ...)
 	NOT-FOR-US: SUSE Lifecycle Management Server
-CVE-2013-3709
+CVE-2013-3709 (WebYaST 1.3 uses weak permissions for config/initializers/secret_token ...)
 	NOT-FOR-US: WebYast
-CVE-2013-3708
+CVE-2013-3708 (The id1.GetPrinterURLList function in Novell iPrint Client before 5.93 ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2013-3707
+CVE-2013-3707 (The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302 ...)
 	NOT-FOR-US: Novell Open Enterprise Server 2
-CVE-2013-3706
+CVE-2013-3706 (Directory traversal vulnerability in the PreBoot service in Novell ZEN ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-3705
+CVE-2013-3705 (The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on  ...)
 	NOT-FOR-US: Novell Client
-CVE-2013-3704
+CVE-2013-3704 (The RPM GPG key import and handling feature in libzypp 12.15.0 and ear ...)
 	- libzypp <not-affected> (Fixed before initial upload)
-CVE-2013-3703
+CVE-2013-3703 (The controller of the Open Build Service API prior to version 2.4.4 is ...)
 	NOT-FOR-US: Open Build Service
 CVE-2013-3702
 	REJECTED
@@ -10091,29 +10091,29 @@ CVE-2013-3699
 	REJECTED
 CVE-2013-3698
 	REJECTED
-CVE-2013-3697
+CVE-2013-3697 (Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Clie ...)
 	NOT-FOR-US: Novell Client on Windows
 CVE-2013-3696
 	RESERVED
 CVE-2013-3695
 	RESERVED
-CVE-2013-3694
+CVE-2013-3694 (BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 o ...)
 	NOT-FOR-US: BlackBerry Link
-CVE-2013-3693
+CVE-2013-3693 (The BlackBerry Universal Device Service in BlackBerry Enterprise Servi ...)
 	NOT-FOR-US: BlackBerry
-CVE-2013-3692
+CVE-2013-3692 (BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses ...)
 	NOT-FOR-US: Blackberry OS
 CVE-2013-3691
 	RESERVED
-CVE-2013-3690
+CVE-2013-3690 (Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi i ...)
 	NOT-FOR-US: Brickcom
-CVE-2013-3689
+CVE-2013-3689 (Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, ...)
 	NOT-FOR-US: Brickcom
-CVE-2013-3688
+CVE-2013-3688 (The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, a ...)
 	NOT-FOR-US: TP-Link
-CVE-2013-3687
+CVE-2013-3687 (AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, ...)
 	NOT-FOR-US: AirLive cameras
-CVE-2013-3686
+CVE-2013-3686 (cgi-bin/operator/param in AirLive WL2600CAM and possibly other camera  ...)
 	NOT-FOR-US: AirLive
 CVE-2013-3685
 	RESERVED
@@ -10130,35 +10130,35 @@ CVE-2013-3680
 	RESERVED
 CVE-2013-3679
 	RESERVED
-CVE-2013-3678
+CVE-2013-3678 (Multiple unspecified vulnerabilities in SAP Governance, Risk, and Comp ...)
 	NOT-FOR-US: SAP
 CVE-2013-3677
 	RESERVED
 CVE-2013-3676
 	RESERVED
-CVE-2013-3675
+CVE-2013-3675 (The process_frame_obj function in sanm.c in libavcodec in FFmpeg befor ...)
 	- ffmpeg <not-affected> (Smush codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (Smush codec not present in libav)
-CVE-2013-3674
+CVE-2013-3674 (The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg  ...)
 	{DSA-3003-1}
 	- ffmpeg <not-affected> (CD Graphics Video Decoder not present in 0.5 ffmpeg)
 	- libav 6:10.4-1
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ef2dbd2392e3e4d430e0173e1e5c4df9f18b6dd
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a1599f3f7ea8478d1f6a95e59e3bc6bc86d5f812
-CVE-2013-3673
+CVE-2013-3673 (The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg befo ...)
 	- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
 	- libav <not-affected> (Doesn't affect libav, specific to current ffmpeg)
-CVE-2013-3672
+CVE-2013-3672 (The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg befo ...)
 	{DSA-3003-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.4-1
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7fa6db2545643efb4fe2e0bb501fa50af35a6330
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=70cd3b8e659c3522eea5c16a65d14b8658894a94
-CVE-2013-3671
+CVE-2013-3671 (The format_line function in log.c in libavutil in FFmpeg before 1.2.1  ...)
 	- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
 	- libav <not-affected> (Doesn't affect libav, specific to current ffmpeg)
-CVE-2013-3670
+CVE-2013-3670 (The rle_unpack function in vmdav.c in libavcodec in FFmpeg git 2013032 ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10-1
@@ -10169,63 +10169,63 @@ CVE-2013-3669
 	RESERVED
 CVE-2013-3668
 	RESERVED
-CVE-2013-3667
+CVE-2013-3667 (The software update mechanism as used in Bare Bones Software Yojimbo b ...)
 	NOT-FOR-US: Various proprietary software updaters
-CVE-2013-3666
+CVE-2013-3666 (The LG Hidden Menu component for Android on the LG Optimus G E973 allo ...)
 	NOT-FOR-US: LG Hidden Menu
-CVE-2013-3665
+CVE-2013-3665 (Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT ...)
 	NOT-FOR-US: AutoCAD
-CVE-2013-3664
+CVE-2013-3664 (Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689) al ...)
 	NOT-FOR-US: Trimble SketchUp
-CVE-2013-3663
+CVE-2013-3663 (Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (f ...)
 	NOT-FOR-US: Trimble SketchUp
-CVE-2013-3662
+CVE-2013-3662 (Timbre SketchUp (formerly Google SketchUp) before 8 Maintenance 2 allo ...)
 	NOT-FOR-US: Trimble SketchUp
-CVE-2013-3661
+CVE-2013-3661 (The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3660
+CVE-2013-3660 (The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3659
+CVE-2013-3659 (The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for Andr ...)
 	NOT-FOR-US: Android application NTT DOCOMO
-CVE-2013-3658
+CVE-2013-3658 (Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and  ...)
 	NOT-FOR-US: VMware
-CVE-2013-3657
+CVE-2013-3657 (Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, a ...)
 	NOT-FOR-US: VMware
-CVE-2013-3656
+CVE-2013-3656 (Cybozu Office 9.1.0 and earlier does not properly manage sessions, whi ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2013-3655
+CVE-2013-3655 (The Sharp AQUOS PhotoPlayer HN-PP150 with firmware before 1.04.00.04 a ...)
 	NOT-FOR-US: Sharp AQUOS PhotoPlayer
-CVE-2013-3654
+CVE-2013-3654 (Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.1 ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2013-3653
+CVE-2013-3653 (Multiple cross-site scripting (XSS) vulnerabilities in the RecommendSe ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2013-3652
+CVE-2013-3652 (Cross-site scripting (XSS) vulnerability in data/class/pages/products/ ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2013-3651
+CVE-2013-3651 (LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to conduc ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2013-3650
+CVE-2013-3650 (Directory traversal vulnerability in the lfCheckFileName function in d ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2013-3649
+CVE-2013-3649 (Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL before  ...)
 	NOT-FOR-US: KENT-WEB CLIP-MAIL
-CVE-2013-3648
+CVE-2013-3648 (Cross-site scripting (XSS) vulnerability in KENT-WEB POST-MAIL before  ...)
 	NOT-FOR-US: KENT-WEB POST-MAIL
-CVE-2013-3647
+CVE-2013-3647 (The WebView class in the Cybozu Live application before 2.0.1 for Andr ...)
 	NOT-FOR-US: Cybozu Live for Android
-CVE-2013-3646
+CVE-2013-3646 (The Cybozu Live application before 2.0.1 for Android allows remote att ...)
 	NOT-FOR-US: Cybozu Live for Android
-CVE-2013-3645
+CVE-2013-3645 (Cross-site scripting (XSS) vulnerability in the Orchard.Comments modul ...)
 	NOT-FOR-US: Orchard
-CVE-2013-3644
+CVE-2013-3644 (Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; I ...)
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2013-3643
+CVE-2013-3643 (The Galapagos Browser application for Android does not properly implem ...)
 	NOT-FOR-US: Galapagos Browser application for Android
-CVE-2013-3642
+CVE-2013-3642 (The Angel Browser application 1.47b and earlier for Android 1.6 throug ...)
 	NOT-FOR-US: Angel Browser application
-CVE-2013-3641
+CVE-2013-3641 (The Pizza Hut Japan Official Order application before 1.1.1.a for Andr ...)
 	NOT-FOR-US: The Pizza Hut Japan Official Order for Android
-CVE-2013-3640
+CVE-2013-3640 (Cross-site scripting (XSS) vulnerability in the Instant Web Publish fu ...)
 	NOT-FOR-US: FileMaker Pro
-CVE-2013-3639
+CVE-2013-3639 (Multiple cross-site scripting (XSS) vulnerabilities in Xaraya 2.4.0-b1 ...)
 	NOT-FOR-US: Xaraya
 CVE-2013-3638
 	RESERVED
@@ -10235,15 +10235,15 @@ CVE-2013-3636
 	RESERVED
 CVE-2013-3635
 	RESERVED
-CVE-2013-3634
+CVE-2013-3634 (The SNMPv3 functionality on Siemens Scalance X200 IRT switches with fi ...)
 	NOT-FOR-US: Siemens switches
-CVE-2013-3633
+CVE-2013-3633 (The web interface on Siemens Scalance X200 IRT switches with firmware  ...)
 	NOT-FOR-US: Siemens
-CVE-2013-3632
+CVE-2013-3632 (The Cron service in rpc.php in OpenMediaVault allows remote authentica ...)
 	NOT-FOR-US: OpenMediaVault
-CVE-2013-3631
+CVE-2013-3631 (NAS4Free 9.1.0.1.804 and earlier allows remote authenticated users to  ...)
 	NOT-FOR-US: NAS4Free
-CVE-2013-3630
+CVE-2013-3630 (Moodle through 2.5.2 allows remote authenticated administrators to exe ...)
 	NOTE: For Moodle: Not a securiy issue according to upstream, only applicable to administrators, see bug #775842
 	NOTE: https://tracker.moodle.org/browse/MDL-41449
 	NOTE: https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats
@@ -10251,17 +10251,17 @@ CVE-2013-3629
 	RESERVED
 CVE-2013-3628
 	RESERVED
-CVE-2013-3627
+CVE-2013-3627 (FrameworkService.exe in McAfee Framework Service in McAfee Managed Age ...)
 	NOT-FOR-US: McAfee
-CVE-2013-3626
+CVE-2013-3626 (Directory traversal vulnerability in the Session Server in Attachmate  ...)
 	NOT-FOR-US: Attachmate Verastream Host Integrator
-CVE-2013-3625
+CVE-2013-3625 (An unspecified DLL file in Baramundi Management Suite 7.5 through 8.9  ...)
 	NOT-FOR-US: Baramundi Management Suite
-CVE-2013-3624
+CVE-2013-3624 (The OS deployment feature in Baramundi Management Suite 7.5 through 8. ...)
 	NOT-FOR-US: Baramundi Management Suite
-CVE-2013-3623
+CVE-2013-3623 (Multiple stack-based buffer overflows in cgi/close_window.cgi in the w ...)
 	NOT-FOR-US: Intelligent Platform Management Interface
-CVE-2013-3622
+CVE-2013-3622 (Buffer overflow in logout.cgi in the Intelligent Platform Management I ...)
 	NOT-FOR-US: Intelligent Platform Management Interface
 CVE-2013-3621
 	RESERVED
@@ -10271,65 +10271,65 @@ CVE-2013-3619
 	RESERVED
 CVE-2013-3618
 	RESERVED
-CVE-2013-3617
+CVE-2013-3617 (The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authe ...)
 	NOT-FOR-US: Openbravo ERP
-CVE-2013-3616
+CVE-2013-3616 (Cross-site scripting (XSS) vulnerability in the KnowledgeView Editoria ...)
 	NOT-FOR-US: KnowledgeView Editorial and Management application
-CVE-2013-3615
+CVE-2013-3615 (Dahua DVR appliances use a password-hash algorithm with a short hash l ...)
 	NOT-FOR-US: Dahua DVR
-CVE-2013-3614
+CVE-2013-3614 (Dahua DVR appliances have a small value for the maximum password lengt ...)
 	NOT-FOR-US: Dahua DVR
-CVE-2013-3613
+CVE-2013-3613 (Dahua DVR appliances do not properly restrict UPnP requests, which mak ...)
 	NOT-FOR-US: Dahua DVR
-CVE-2013-3612
+CVE-2013-3612 (Dahua DVR appliances have a hardcoded password for (1) the root accoun ...)
 	NOT-FOR-US: Dahua DVR
 CVE-2013-3611
 	REJECTED
-CVE-2013-3610
+CVE-2013-3610 (qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0 ...)
 	NOT-FOR-US: ASUS router
-CVE-2013-3609
+CVE-2013-3609 (The web interface in the Intelligent Platform Management Interface (IP ...)
 	NOT-FOR-US: Intelligent Platform Management Interface
-CVE-2013-3608
+CVE-2013-3608 (The web interface in the Intelligent Platform Management Interface (IP ...)
 	NOT-FOR-US: Intelligent Platform Management Interface
-CVE-2013-3607
+CVE-2013-3607 (Multiple stack-based buffer overflows in the web interface in the Inte ...)
 	NOT-FOR-US: Intelligent Platform Management Interface
-CVE-2013-3606
+CVE-2013-3606 (The login page in the GoAhead web server on Dell PowerConnect 3348 1.2 ...)
 	NOT-FOR-US: GoAhead web server on Dell PowerConnect
-CVE-2013-3605
+CVE-2013-3605 (Cross-site request forgery (CSRF) vulnerability in Coursemill Learning ...)
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3604
+CVE-2013-3604 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Lear ...)
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3603
+CVE-2013-3603 (Cross-site scripting (XSS) vulnerability in Coursemill Learning Manage ...)
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3602
+CVE-2013-3602 (SQL injection vulnerability in admindocumentworker.jsp in Coursemill L ...)
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3601
+CVE-2013-3601 (Coursemill Learning Management System (LMS) 6.6 does not properly rest ...)
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3600
+CVE-2013-3600 (Coursemill Learning Management System (LMS) 6.6 allows remote authenti ...)
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3599
+CVE-2013-3599 (userlogin.jsp in Coursemill Learning Management System (LMS) 6.6 and 6 ...)
 	NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-3598
+CVE-2013-3598 (Directory traversal vulnerability in servlet/CreateTemplateServlet in  ...)
 	NOT-FOR-US: SearchBlox
-CVE-2013-3597
+CVE-2013-3597 (servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows  ...)
 	NOT-FOR-US: SearchBlox
-CVE-2013-3596
+CVE-2013-3596 (AdvancePro Advanceware allows remote authenticated users to obtain sen ...)
 	NOT-FOR-US: AdvancePro Advanceware
-CVE-2013-3595
+CVE-2013-3595 (The OpenManage web application 2.5 build 1.19 on Dell PowerConnect 334 ...)
 	NOT-FOR-US: Dell PowerConnect
-CVE-2013-3594
+CVE-2013-3594 (The SSH service on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and ...)
 	NOT-FOR-US: Dell PowerConnect
-CVE-2013-3593
+CVE-2013-3593 (Baramundi Management Suite 7.5 through 8.9 uses cleartext for (1) clie ...)
 	NOT-FOR-US: Baramundi Management Suite
 CVE-2013-3592
 	RESERVED
 CVE-2013-3591
 	RESERVED
-CVE-2013-3590
+CVE-2013-3590 (Unrestricted file upload vulnerability in admin/uploadImage.html in Se ...)
 	NOT-FOR-US: SearchBlox
-CVE-2013-3589
+CVE-2013-3589 (Cross-site scripting (XSS) vulnerability in the login page in the Admi ...)
 	NOT-FOR-US: Dell iDRAC6
-CVE-2013-3588
+CVE-2013-3588 (The web management interface on Zyxel P660 devices allows remote attac ...)
 	NOT-FOR-US: Zyxel
 CVE-2013-3587 [BREACH attack against HTTP compression]
 	RESERVED
@@ -10339,37 +10339,37 @@ CVE-2013-3587 [BREACH attack against HTTP compression]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=995168
 	NOTE: https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/
 	NOTE: https://www.mail-archive.com/dev@httpd.apache.org/msg57592.html
-CVE-2013-3586
+CVE-2013-3586 (Samsung Web Viewer for Samsung DVR devices allows remote attackers to  ...)
 	NOT-FOR-US: Samsung DVR devices
-CVE-2013-3585
+CVE-2013-3585 (Samsung Web Viewer for Samsung DVR devices stores credentials in clear ...)
 	NOT-FOR-US: Samsung DVR devices
-CVE-2013-3584
+CVE-2013-3584 (Cross-site scripting (XSS) vulnerability in Corporater EPM Suite allow ...)
 	NOT-FOR-US: Corporater EPM Suite
-CVE-2013-3583
+CVE-2013-3583 (Cross-site request forgery (CSRF) vulnerability in saveProperties.html ...)
 	NOT-FOR-US: Corporater EPM Suite
-CVE-2013-3582
+CVE-2013-3582 (Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z6 ...)
 	NOT-FOR-US: Dell
-CVE-2013-3581
+CVE-2013-3581 (ajax.cgi in the web interface on the Choice Wireless Green Packet WIXF ...)
 	NOT-FOR-US: Choice Wireless Green Packet WIXFMR-111 4G WiMax modem
-CVE-2013-3580
+CVE-2013-3580 (The TrustGo Antivirus &amp; Mobile Security application before 1.3.6 f ...)
 	NOT-FOR-US: TrustGo
-CVE-2013-3579
+CVE-2013-3579 (The Lookout Mobile Security application before 8.17-8a39d3f for Androi ...)
 	NOT-FOR-US: Lookout Mobile Security application for Android
-CVE-2013-3578
+CVE-2013-3578 (SQL injection vulnerability in the Help Desk application in Wave EMBAS ...)
 	NOT-FOR-US: ERAS
-CVE-2013-3577
+CVE-2013-3577 (SQL injection vulnerability in the Help Desk application in Wave EMBAS ...)
 	NOT-FOR-US: ERAS
-CVE-2013-3576
+CVE-2013-3576 (ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote au ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2013-3575
+CVE-2013-3575 (hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.47 ...)
 	NOT-FOR-US: HP Insight Diagnostics
-CVE-2013-3574
+CVE-2013-3574 (Absolute path traversal vulnerability in hpdiags/frontend2/commands/sa ...)
 	NOT-FOR-US: HP Insight Diagnostics
-CVE-2013-3573
+CVE-2013-3573 (HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct u ...)
 	NOT-FOR-US: HP Insight Diagnostics
-CVE-2013-3572
+CVE-2013-3572 (Cross-site scripting (XSS) vulnerability in the administer interface i ...)
 	NOT-FOR-US: Ubiquiti Networks UniFi
-CVE-2013-3571
+CVE-2013-3571 (socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used f ...)
 	- socat 1.7.1.3-1.5 (low; bug #709931)
 	[squeeze] - socat <no-dsa> (Minor issue)
 	[wheezy] - socat <no-dsa> (Minor issue)
@@ -10380,7 +10380,7 @@ CVE-2013-3569
 	RESERVED
 CVE-2013-3568
 	RESERVED
-CVE-2013-3567
+CVE-2013-3567 (Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterpri ...)
 	{DSA-2715-1}
 	- puppet 3.2.2-1 (bug #712745)
 CVE-2013-3566
@@ -10391,50 +10391,50 @@ CVE-2013-3565 [XSS in HTTP Interface]
 	NOTE: Negligible impact
 CVE-2013-3564
 	RESERVED
-CVE-2013-3563
+CVE-2013-3563 (Stack-based buffer overflow in db_netserver in Lianja SQL Server befor ...)
 	NOT-FOR-US: Lianja SQL Server
-CVE-2013-3562
+CVE-2013-3562 (Multiple integer signedness errors in the tvb_unmasked function in epa ...)
 	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8499
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-29.html
-CVE-2013-3561
+CVE-2013-3561 (Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remot ...)
 	- wireshark <not-affected> (This CVE ID is for the Wireshark trunk, the fix 1.8 is CVE-2013-3562)
-CVE-2013-3560
+CVE-2013-3560 (The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg- ...)
 	{DSA-2700-1}
 	- wireshark 1.8.7-1 (unimportant; bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-28.html
 	NOTE: Not suitable for code injection
-CVE-2013-3559
+CVE-2013-3559 (epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wiresha ...)
 	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-27.html
-CVE-2013-3558
+CVE-2013-3558 (The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c i ...)
 	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-26.html
-CVE-2013-3557
+CVE-2013-3557 (The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ...)
 	{DSA-2700-1}
 	- wireshark 1.8.7-1 (unimportant; bug #709167)
 	[squeeze] - wireshark 1.2.11-6+squeeze11
 	NOTE: Not suitable for code injection
-CVE-2013-3556
+CVE-2013-3556 (The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 ...)
 	- wireshark <not-affected> (Only affected the dev trunk)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-25.html (r48943)
-CVE-2013-3555
+CVE-2013-3555 (epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8 ...)
 	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-24.html
 CVE-2013-3554
 	RESERVED
-CVE-2013-3553
+CVE-2013-3553 (Nitro Pro 7.5.0.22 and earlier and Nitro Reader 2.5.0.36 and earlier a ...)
 	NOT-FOR-US: Nitro Pro
-CVE-2013-3552
+CVE-2013-3552 (Nitro Pro 7.5.0.29 and earlier and Nitro Reader 2.5.0.45 and earlier a ...)
 	NOT-FOR-US: Nitro Pro
 CVE-2013-3551
 	RESERVED
@@ -10455,55 +10455,55 @@ CVE-2013-3545
 	RESERVED
 CVE-2013-3544
 	REJECTED
-CVE-2013-3543
+CVE-2013-3543 (The AXIS Media Control (AMC) ActiveX control (AxisMediaControlEmb.dll) ...)
 	NOT-FOR-US: AXIS Media Control
 CVE-2013-3542
 	RESERVED
-CVE-2013-3541
+CVE-2013-3541 (Directory traversal vulnerability in cgi-bin/admin/fileread in AirLive ...)
 	NOT-FOR-US: AirLive
-CVE-2013-3540
+CVE-2013-3540 (Cross-site request forgery (CSRF) vulnerability in cgi-bin/admin/usrgr ...)
 	NOT-FOR-US: AirLive
-CVE-2013-3539
+CVE-2013-3539 (Cross-site request forgery (CSRF) vulnerability in the command/user.cg ...)
 	NOT-FOR-US: Sony
-CVE-2013-3538
+CVE-2013-3538 (Multiple cross-site scripting (XSS) vulnerabilities in todooforum.php  ...)
 	NOT-FOR-US: Todoo Forum
-CVE-2013-3537
+CVE-2013-3537 (Multiple SQL injection vulnerabilities in todooforum.php in Todoo Foru ...)
 	NOT-FOR-US: Todoo Forum
-CVE-2013-3536
+CVE-2013-3536 (SQL injection vulnerability in the gp_LoadUserFromHash function in fun ...)
 	NOT-FOR-US: grouppay plugin
-CVE-2013-3535
+CVE-2013-3535 (Multiple cross-site scripting (XSS) vulnerabilities in CMSLogik 1.2.0  ...)
 	NOT-FOR-US: CMSLogik
-CVE-2013-3534
+CVE-2013-3534 (Cross-site scripting (XSS) vulnerability in the aiContactSafe componen ...)
 	NOT-FOR-US: aiContactSafe
-CVE-2013-3533
+CVE-2013-3533 (Multiple SQL injection vulnerabilities in Virtual Access Monitor 3.10. ...)
 	NOT-FOR-US: Virtual Access Monitor
-CVE-2013-3532
+CVE-2013-3532 (SQL injection vulnerability in settings.php in the Web Dorado Spider V ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2013-3531
+CVE-2013-3531 (SQL injection vulnerability in meneger.php in RadioCMS 2.2 allows remo ...)
 	NOT-FOR-US: RadioCMS
-CVE-2013-3530
+CVE-2013-3530 (SQL injection vulnerability in playlist.php in the Spiffy XSPF Player  ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2013-3529
+CVE-2013-3529 (Multiple cross-site scripting (XSS) vulnerabilities in user/obits.php  ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2013-3528
+CVE-2013-3528 (Unspecified vulnerability in the update check in Vanilla Forums before ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2013-3527
+CVE-2013-3527 (Multiple SQL injection vulnerabilities in Vanilla Forums before 2.0.18 ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2013-3526
+CVE-2013-3526 (Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2013-3525
 	NOTE: http://web.archive.org/web/20151225141212/http://blog.bestpractical.com/2013/04/on-our-security-policies.html
-CVE-2013-3524
+CVE-2013-3524 (SQL injection vulnerability in popupnewsitem/ in the Pop Up News modul ...)
 	NOT-FOR-US: phpVMS
-CVE-2013-3523
+CVE-2013-3523 (SQL injection vulnerability in This HTML Is Simple (THIS) before 1.2.4 ...)
 	NOT-FOR-US: This HTML Is Simple
-CVE-2013-3522
+CVE-2013-3522 (SQL injection vulnerability in index.php/ajax/api/reputation/vote in v ...)
 	NOT-FOR-US: vBulletin
 CVE-2013-3521
 	REJECTED
-CVE-2013-3520
+CVE-2013-3520 (VMware vCenter Chargeback Manager (aka CBM) before 2.5.1 does not prop ...)
 	NOT-FOR-US: VMware vCenter Chargeback Manager
-CVE-2013-3519
+CVE-2013-3519 (lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x ...)
 	NOT-FOR-US: VMware
 CVE-2013-3518
 	RESERVED
@@ -10511,47 +10511,47 @@ CVE-2013-3517
 	RESERVED
 CVE-2013-3516
 	RESERVED
-CVE-2013-3515
+CVE-2013-3515 (Multiple cross-site scripting (XSS) vulnerabilities in OpenX Source 2. ...)
 	NOT-FOR-US: OpenX
-CVE-2013-3514
+CVE-2013-3514 (Multiple directory traversal vulnerabilities in OpenX before 2.8.10 re ...)
 	NOT-FOR-US: OpenX
-CVE-2013-3513
+CVE-2013-3513 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Noma ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3512
+CVE-2013-3512 (The Cacti component in GroundWork Monitor Enterprise 6.7.0 does not pr ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3511
+CVE-2013-3511 (Open redirect vulnerability in the NeDi component in GroundWork Monito ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3510
+CVE-2013-3510 (Multiple SQL injection vulnerabilities in GroundWork Monitor Enterpris ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3509
+CVE-2013-3509 (html/System-NeDi.php in the NeDi component in GroundWork Monitor Enter ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3508
+CVE-2013-3508 (html/System-Files.php in the System File Overview feature in the NeDi  ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3507
+CVE-2013-3507 (The NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remot ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3506
+CVE-2013-3506 (cgi-bin/performance/perfchart.cgi in the Performance component in Grou ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3505
+CVE-2013-3505 (The Nagios-App component in GroundWork Monitor Enterprise 6.7.0 allows ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3504
+CVE-2013-3504 (Directory traversal vulnerability in monarch.cgi in the MONARCH compon ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3503
+CVE-2013-3503 (The Profile Importer feature in monarch.cgi in the MONARCH component i ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3502
+CVE-2013-3502 (monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterp ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3501
+CVE-2013-3501 (Multiple cross-site scripting (XSS) vulnerabilities in GroundWork Moni ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3500
+CVE-2013-3500 (The Foundation webapp admin interface in GroundWork Monitor Enterprise ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3499
+CVE-2013-3499 (GroundWork Monitor Enterprise 6.7.0 performs authentication on the bas ...)
 	NOT-FOR-US: GroundWork Monitor Enterprise
-CVE-2013-3498
+CVE-2013-3498 (Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Sec ...)
 	NOT-FOR-US: Juniper
-CVE-2013-3497
+CVE-2013-3497 (Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance a ...)
 	NOT-FOR-US: Juniper
-CVE-2013-3496
+CVE-2013-3496 (Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator  ...)
 	NOT-FOR-US: Infotecs ViPNet Client
-CVE-2013-3495
+CVE-2013-3495 (The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x a ...)
 	- xen 4.4.1-3 (unimportant)
 	NOTE: Hardware design flaw, no software solution
 CVE-2013-3494
@@ -10560,7 +10560,7 @@ CVE-2013-3493
 	RESERVED
 CVE-2013-3492
 	RESERVED
-CVE-2013-3491
+CVE-2013-3491 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Shar ...)
 	NOT-FOR-US: WordPress plugin sharebar
 CVE-2013-3490
 	RESERVED
@@ -10568,257 +10568,257 @@ CVE-2013-3489
 	RESERVED
 CVE-2013-3488
 	RESERVED
-CVE-2013-3487
+CVE-2013-3487 (Multiple cross-site scripting (XSS) vulnerabilities in the security lo ...)
 	NOT-FOR-US: BulletProof Security plugin for WordPress
 CVE-2013-3486
 	RESERVED
-CVE-2013-3485
+CVE-2013-3485 (Multiple untrusted search path vulnerabilities in Soda PDF 5.1.183.105 ...)
 	NOT-FOR-US: Soda PDF
-CVE-2013-3484
+CVE-2013-3484 (Multiple cross-site scripting (XSS) vulnerabilities in dotCMS before 2 ...)
 	NOT-FOR-US: dotCMS
-CVE-2013-3483
+CVE-2013-3483 (Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER V ...)
 	NOT-FOR-US: ERADAS ER Viewer
-CVE-2013-3482
+CVE-2013-3482 (Stack-based buffer overflow in the rf_report_error function in ermappe ...)
 	NOT-FOR-US: ERADAS ER Viewer
-CVE-2013-3481
+CVE-2013-3481 (Stack-based buffer overflow in Artweaver Plus and Free before 3.1.5 al ...)
 	NOT-FOR-US: Artweaver
-CVE-2013-3480
+CVE-2013-3480 (Integer overflow in Sagelight 4.4 and earlier allows remote attackers  ...)
 	NOT-FOR-US: Sagelight
-CVE-2013-3479
+CVE-2013-3479 (Cross-site request forgery (CSRF) vulnerability in the ShareThis plugi ...)
 	NOT-FOR-US: WordPress plugin ShareThis
-CVE-2013-3478
+CVE-2013-3478 (SQL injection vulnerability in Apptha WordPress Video Gallery 2.0, 1.6 ...)
 	NOT-FOR-US: Apptha WordPress Video Gallery
-CVE-2013-3477
+CVE-2013-3477 (Cross-site request forgery (CSRF) vulnerability in the Related Posts b ...)
 	NOT-FOR-US: WordPress plugin related-posts-by-zemanta
-CVE-2013-3476
+CVE-2013-3476 (Cross-site request forgery (CSRF) vulnerability in the WordPress Relat ...)
 	NOT-FOR-US: WordPress plugin wordpress-23-related-posts-plugin
-CVE-2013-3475
+CVE-2013-3475 (Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 ...)
 	NOT-FOR-US: IBM
-CVE-2013-3474
+CVE-2013-3474 (The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3473
+CVE-2013-3473 (The web framework in Cisco Prime Central for Hosted Collaboration Solu ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3472
+CVE-2013-3472 (Cross-site request forgery (CSRF) vulnerability in the Enterprise Lice ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3471
+CVE-2013-3471 (The captive portal application in Cisco Identity Services Engine (ISE) ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3470
+CVE-2013-3470 (The RIP process in Cisco IOS XR allows remote attackers to cause a den ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-3469
+CVE-2013-3469 (Cisco Mobility Services Engine does not properly set up the Oracle SSL ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3468
+CVE-2013-3468 (The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote att ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3467
+CVE-2013-3467 (Memory leak in the CLI component on Cisco Unified Computing System (UC ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3466
+CVE-2013-3466 (The EAP-FAST authentication module in Cisco Secure Access Control Serv ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3465
 	RESERVED
-CVE-2013-3464
+CVE-2013-3464 (Cisco IOS XR allows local users to cause a denial of service (Silicon  ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-3463
+CVE-2013-3463 (The protocol-inspection feature on Cisco Adaptive Security Appliances  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3462
+CVE-2013-3462 (Buffer overflow in Cisco Unified Communications Manager (Unified CM) 7 ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3461
+CVE-2013-3461 (Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) be ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3460
+CVE-2013-3460 (Memory leak in Cisco Unified Communications Manager (Unified CM) 8.5(x ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3459
+CVE-2013-3459 (Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3458
+CVE-2013-3458 (Cisco Adaptive Security Appliances (ASA) devices, when SMP is used, do ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2013-3457
+CVE-2013-3457 (Absolute path traversal vulnerability in the web interface in Cisco Fi ...)
 	NOT-FOR-US: Cisco Finesse
 CVE-2013-3456
 	RESERVED
-CVE-2013-3455
+CVE-2013-3455 (Cisco Finesse allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3454
+CVE-2013-3454 (Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3453
+CVE-2013-3453 (Memory leak in Cisco Unified Communications Manager IM and Presence Se ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3452
 	RESERVED
-CVE-2013-3451
+CVE-2013-3451 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Un ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-3450
+CVE-2013-3450 (Cross-site request forgery (CSRF) vulnerability in the User WebDialer  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2013-3449
 	RESERVED
-CVE-2013-3448
+CVE-2013-3448 (Cisco WebEx Meetings Server does not check whether a user account is a ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3447
 	RESERVED
-CVE-2013-3446
+CVE-2013-3446 (Open redirect vulnerability in the login page in Cisco Digital Media M ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3445
+CVE-2013-3445 (The firewall subsystem in Cisco Identity Services Engine has an incorr ...)
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-3444
+CVE-2013-3444 (The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0 ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3443
+CVE-2013-3443 (The web service framework in Cisco WAAS Software 4.x and 5.x before 5. ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3442
+CVE-2013-3442 (The web portal in Cisco Unified Communications Manager (Unified CM) al ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-3441
+CVE-2013-3441 (Cisco Aironet 3600 access points allow remote attackers to cause a den ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3440
+CVE-2013-3440 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3439
+CVE-2013-3439 (Cross-site scripting (XSS) vulnerability in Cisco Unified Operations M ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3438
+CVE-2013-3438 (The web framework in the server in Cisco Unified MeetingPlace Web Conf ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3437
+CVE-2013-3437 (SQL injection vulnerability in the management application in Cisco Uni ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3436
+CVE-2013-3436 (The default configuration of the Group Encrypted Transport VPN (GET VP ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-3435
+CVE-2013-3435 (The Cisco Unified IP Conference Station 7937G allows remote attackers  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3434
+CVE-2013-3434 (Untrusted search path vulnerability in Cisco Unified Communications Ma ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3433
+CVE-2013-3433 (Untrusted search path vulnerability in Cisco Unified Communications Ma ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3432
 	RESERVED
-CVE-2013-3431
+CVE-2013-3431 (Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require a ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3430
+CVE-2013-3430 (Cisco Video Surveillance Manager (VSM) before 7.0.0 allows remote atta ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3429
+CVE-2013-3429 (Multiple directory traversal vulnerabilities in Cisco Video Surveillan ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3428
+CVE-2013-3428 (The web interface in Cisco Secure Access Control System (ACS) does not ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3427
 	RESERVED
-CVE-2013-3426
+CVE-2013-3426 (The Serviceability servlet on Cisco 9900 IP phones does not properly r ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3425
+CVE-2013-3425 (The Meeting Center component in Cisco WebEx 11 generates different err ...)
 	NOT-FOR-US: Cisco WebEx 11
-CVE-2013-3424
+CVE-2013-3424 (Cross-site request forgery (CSRF) vulnerability in Administration and  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3423
+CVE-2013-3423 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3422
+CVE-2013-3422 (Cross-site scripting (XSS) vulnerability in Administration pages in Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3421
+CVE-2013-3421 (Cross-site scripting (XSS) vulnerability in the Help index page in Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3420
+CVE-2013-3420 (Cross-site request forgery (CSRF) vulnerability in the web framework o ...)
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2013-3419
+CVE-2013-3419 (Cross-site scripting (XSS) vulnerability in Cisco Unified MeetingPlace ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3418
+CVE-2013-3418 (Cisco Unified Communications Domain Manager does not properly allocate ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3417
+CVE-2013-3417 (The administrative web interface in Cisco Video Surveillance Operation ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3416
+CVE-2013-3416 (Cross-site scripting (XSS) vulnerability in the web framework in the u ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3415
+CVE-2013-3415 (Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) a ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-3414
+CVE-2013-3414 (Cross-site scripting (XSS) vulnerability in the WebVPN portal login pa ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3413
+CVE-2013-3413 (Cross-site scripting (XSS) vulnerability in the search form in the adm ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3412
+CVE-2013-3412 (SQL injection vulnerability in Cisco Unified Communications Manager (C ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3411
+CVE-2013-3411 (The IDSM-2 drivers in Cisco Intrusion Prevention System (IPS) Software ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3410
+CVE-2013-3410 (Cisco Intrusion Prevention System (IPS) Software on IPS NME devices be ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3409
+CVE-2013-3409 (The portal in Cisco Prime Central for Hosted Collaboration Solution (H ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3408
+CVE-2013-3408 (The firmware on Cisco Virtualization Experience Client 6000 devices se ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3407
+CVE-2013-3407 (The web interface in Cisco Server Provisioner 6.4.0 Patch 5-1301292331 ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3406
+CVE-2013-3406 (The "Files Available for Download" implementation in the Cisco Intelli ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3405
+CVE-2013-3405 (The web portal in TC software on Cisco TelePresence endpoints does not ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3404
+CVE-2013-3404 (SQL injection vulnerability in Cisco Unified Communications Manager (C ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3403
+CVE-2013-3403 (Multiple untrusted search path vulnerabilities in Cisco Unified Commun ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3402
+CVE-2013-3402 (An unspecified function in Cisco Unified Communications Manager (CUCM) ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3401
+CVE-2013-3401 (The SIP implementation in Cisco TelePresence TC Software allows remote ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3400
+CVE-2013-3400 (The license-installation module in Cisco NX-OS on Nexus 1000V devices  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3399
+CVE-2013-3399 (Buffer overflow in an unspecified Android API on the Cisco Desktop Col ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3398
+CVE-2013-3398 (The web framework in Cisco Prime Central for Hosted Collaboration Solu ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3397
+CVE-2013-3397 (Cross-site request forgery (CSRF) vulnerability in the Unified Service ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3396
+CVE-2013-3396 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3395
+CVE-2013-3395 (Cross-site request forgery (CSRF) vulnerability in the web framework o ...)
 	NOT-FOR-US: Cisco IronPort Web Security Appliance
-CVE-2013-3394
+CVE-2013-3394 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3393
+CVE-2013-3393 (The Precision Video Engine component in Cisco Jabber for Windows and C ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3392
+CVE-2013-3392 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco We ...)
 	NOT-FOR-US: Cisco WebEx Social
 CVE-2013-3391
 	RESERVED
-CVE-2013-3390
+CVE-2013-3390 (Memory leak in Cisco Prime Central for Hosted Collaboration Solution ( ...)
 	NOT-FOR-US: Cisco Prime Central
-CVE-2013-3389
+CVE-2013-3389 (Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance  ...)
 	NOT-FOR-US: Cisco Prime Central
-CVE-2013-3388
+CVE-2013-3388 (Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance  ...)
 	NOT-FOR-US: Cisco Prime Central
-CVE-2013-3387
+CVE-2013-3387 (Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance  ...)
 	NOT-FOR-US: Cisco Prime Central
-CVE-2013-3386
+CVE-2013-3386 (The IronPort Spam Quarantine (ISQ) component in the web framework in I ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3385
+CVE-2013-3385 (The management GUI in the web framework in IronPort AsyncOS on Cisco W ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3384
+CVE-2013-3384 (The web framework in IronPort AsyncOS on Cisco Web Security Appliance  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3383
+CVE-2013-3383 (The web framework in IronPort AsyncOS on Cisco Web Security Appliance  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3382
+CVE-2013-3382 (The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Secu ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2013-3381
+CVE-2013-3381 (Cisco Hosted Collaboration Mediation allows remote attackers to cause  ...)
 	NOT-FOR-US: Cisco Hosted Collaboration Mediation
-CVE-2013-3380
+CVE-2013-3380 (The administrative web interface in the Access Control Server in Cisco ...)
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2013-3379
+CVE-2013-3379 (The firewall subsystem in Cisco TelePresence TC Software before 4.2 do ...)
 	NOT-FOR-US: Cisco TelePresence TC Software
-CVE-2013-3378
+CVE-2013-3378 (Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 ...)
 	NOT-FOR-US: Cisco TelePresence TC Software
-CVE-2013-3377
+CVE-2013-3377 (Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1 ...)
 	NOT-FOR-US: Cisco TelePresence TC Software
-CVE-2013-3376
+CVE-2013-3376 (Open redirect vulnerability in the help page in Cisco Video Surveillan ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3375
+CVE-2013-3375 (Cross-site scripting (XSS) vulnerability in the portal page in Cisco P ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3374
+CVE-2013-3374 (Unspecified vulnerability in Request Tracker (RT) 3.8.x before 3.8.17  ...)
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2013-3373
+CVE-2013-3373 (CRLF injection vulnerability in Request Tracker (RT) 3.8.x before 3.8. ...)
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2013-3372
+CVE-2013-3372 (Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allow ...)
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2013-3371
+CVE-2013-3371 (Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 3.8.3 ...)
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2013-3370
+CVE-2013-3370 (Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 does  ...)
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2013-3369
+CVE-2013-3369 (Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allow ...)
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
-CVE-2013-3368
+CVE-2013-3368 (bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4. ...)
 	{DSA-2671-1 DSA-2670-1}
 	- request-tracker3.8 <removed>
 	- request-tracker4 4.0.12-2 (bug #709836)
@@ -10826,89 +10826,89 @@ CVE-2013-3367
 	RESERVED
 CVE-2013-3366
 	RESERVED
-CVE-2013-3365
+CVE-2013-3365 (TRENDnet TEW-812DRU router allows remote authenticated users to execut ...)
 	NOT-FOR-US: TRENDnet TEW-812DRU router
 CVE-2013-3364
 	RESERVED
-CVE-2013-3363
+CVE-2013-3363 (Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3362
+CVE-2013-3362 (Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3361
+CVE-2013-3361 (Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3360
+CVE-2013-3360 (Adobe Shockwave Player before 12.0.4.144 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-3359
+CVE-2013-3359 (Adobe Shockwave Player before 12.0.4.144 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-3358
+CVE-2013-3358 (Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x be ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3357
+CVE-2013-3357 (Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x be ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3356
+CVE-2013-3356 (Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x bef ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3355
+CVE-2013-3355 (Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Wind ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3354
+CVE-2013-3354 (Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Wind ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3353
+CVE-2013-3353 (Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x bef ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3352
+CVE-2013-3352 (Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Wind ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3351
+CVE-2013-3351 (Multiple stack-based buffer overflows in Adobe Reader and Acrobat befo ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3350
+CVE-2013-3350 (Adobe ColdFusion 10 before Update 11 allows remote attackers to call C ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-3349
+CVE-2013-3349 (Unspecified vulnerability in Adobe ColdFusion 9.0 through 9.0.2, when  ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-3348
+CVE-2013-3348 (Adobe Shockwave Player before 12.0.3.133 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-3347
+CVE-2013-3347 (Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3346
+CVE-2013-3346 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3345
+CVE-2013-3345 (Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3344
+CVE-2013-3344 (Heap-based buffer overflow in Adobe Flash Player before 11.7.700.232 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3343
+CVE-2013-3343 (Adobe Flash Player before 10.3.183.90 and 11.x before 11.7.700.224 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3342
+CVE-2013-3342 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3341
+CVE-2013-3341 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3340
+CVE-2013-3340 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3339
+CVE-2013-3339 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3338
+CVE-2013-3338 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3337
+CVE-2013-3337 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3336
+CVE-2013-3336 (Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 1 ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-3335
+CVE-2013-3335 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3334
+CVE-2013-3334 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3333
+CVE-2013-3333 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3332
+CVE-2013-3332 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3331
+CVE-2013-3331 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3330
+CVE-2013-3330 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3329
+CVE-2013-3329 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3328
+CVE-2013-3328 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3327
+CVE-2013-3327 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3326
+CVE-2013-3326 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3325
+CVE-2013-3325 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-3324
+CVE-2013-3324 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2013-3323
 	RESERVED
@@ -10918,7 +10918,7 @@ CVE-2013-3321
 	RESERVED
 CVE-2013-3320
 	RESERVED
-CVE-2013-3319
+CVE-2013-3319 (The GetComputerSystem method in the HostControl service in SAP Netweav ...)
 	NOT-FOR-US: SAP Netweaver
 CVE-2013-3318
 	REJECTED
@@ -10926,7 +10926,7 @@ CVE-2013-3317
 	RESERVED
 CVE-2013-3316
 	RESERVED
-CVE-2013-3315
+CVE-2013-3315 (The server in TIBCO Silver Mobile 1.1.0 does not properly verify acces ...)
 	NOT-FOR-US: TIBCO
 CVE-2013-3314
 	RESERVED
@@ -10948,13 +10948,13 @@ CVE-2013-3306
 	RESERVED
 CVE-2013-3305
 	RESERVED
-CVE-2013-3304
+CVE-2013-3304 (Directory traversal vulnerability in Dell EqualLogic PS4000 with firmw ...)
 	NOT-FOR-US: Dell EqualLogic PS4000
 CVE-2013-3303
 	RESERVED
-CVE-2013-3300
+CVE-2013-3300 (The JsonParser class in json/JsonParser.scala in Lift before 2.5 inter ...)
 	NOT-FOR-US: Lift Framework
-CVE-2013-3299
+CVE-2013-3299 (RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers  ...)
 	NOT-FOR-US: RealPlayer
 CVE-2013-3298
 	RESERVED
@@ -10962,9 +10962,9 @@ CVE-2013-3297
 	RESERVED
 CVE-2013-3296
 	RESERVED
-CVE-2013-3295
+CVE-2013-3295 (Directory traversal vulnerability in install/popup.php in Exponent CMS ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2013-3294
+CVE-2013-3294 (Multiple SQL injection vulnerabilities in Exponent CMS before 2.2.0 re ...)
 	NOT-FOR-US: Exponent CMS
 CVE-2013-3293
 	RESERVED
@@ -10976,13 +10976,13 @@ CVE-2013-3290
 	RESERVED
 CVE-2013-3289
 	REJECTED
-CVE-2013-3288
+CVE-2013-3288 (Cross-site scripting (XSS) vulnerability on the EMC RSA Data Protectio ...)
 	NOT-FOR-US: EMC
-CVE-2013-3287
+CVE-2013-3287 (EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level ...)
 	NOT-FOR-US: EMC Unisphere for VMAX
-CVE-2013-3286
+CVE-2013-3286 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum  ...)
 	NOT-FOR-US: EMC Documentum
-CVE-2013-3285
+CVE-2013-3285 (The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8 ...)
 	NOT-FOR-US: EMC NetWorker
 CVE-2013-3284
 	REJECTED
@@ -10990,47 +10990,47 @@ CVE-2013-3283
 	REJECTED
 CVE-2013-3282
 	REJECTED
-CVE-2013-3281
+CVE-2013-3281 (Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop befo ...)
 	NOT-FOR-US: EMC Documentum
-CVE-2013-3280
+CVE-2013-3280 (EMC RSA Authentication Agent 7.1.x before 7.1.2 for Web for Internet I ...)
 	NOT-FOR-US: RSA Authentication Agent for Web for Internet Information Services
-CVE-2013-3279
+CVE-2013-3279 (EMC Atmos before 2.1.4 has a blank password for the PostgreSQL account ...)
 	NOT-FOR-US: EMC
-CVE-2013-3278
+CVE-2013-3278 (EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage ...)
 	NOT-FOR-US: EMC
-CVE-2013-3277
+CVE-2013-3277 (Open redirect vulnerability in EMC RSA Archer GRC 5.x before 5.4 allow ...)
 	NOT-FOR-US: EMC
-CVE-2013-3276
+CVE-2013-3276 (EMC RSA Archer GRC 5.x before 5.4 allows remote authenticated users to ...)
 	NOT-FOR-US: EMC
-CVE-2013-3275
+CVE-2013-3275 (EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store  ...)
 	NOT-FOR-US: EMC
-CVE-2013-3274
+CVE-2013-3274 (EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store  ...)
 	NOT-FOR-US: EMC
-CVE-2013-3273
+CVE-2013-3273 (EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, a ...)
 	NOT-FOR-US: EMC
-CVE-2013-3272
+CVE-2013-3272 (EMC Replication Manager (RM) before 5.4.4 places encoded passwords in  ...)
 	NOT-FOR-US: EMC
-CVE-2013-3271
+CVE-2013-3271 (EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the m ...)
 	NOT-FOR-US: EMC
-CVE-2013-3270
+CVE-2013-3270 (EMC VNX Control Station before 7.1.70.2 and Celerra Control Station be ...)
 	NOT-FOR-US: EMC
-CVE-2013-3302
+CVE-2013-3302 (Race condition in the smb_send_rqst function in fs/cifs/transport.c in ...)
 	- linux-2.6 <not-affected> (Introduced in 3.7)
 	- linux 3.8-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
-CVE-2013-3301
+CVE-2013-3301 (The ftrace implementation in the Linux kernel before 3.8.8 allows loca ...)
 	{DSA-2669-1}
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux 3.8.11-1 (low)
 	NOTE: https://git.kernel.org/linus/6a76f8c0ab19f215af2a3442870eeb5f0e81998d
 	NOTE: Not enabled in default kernels
-CVE-2013-3269
+CVE-2013-3269 (Cross-site request forgery (CSRF) vulnerability in Cybozu Office befor ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2013-3268
+CVE-2013-3268 (Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after  ...)
 	NOT-FOR-US: Novell iManager
-CVE-2013-3267
+CVE-2013-3267 (Cross-site scripting (XSS) vulnerability in the highlighter plugin in  ...)
 	NOT-FOR-US: Joomla!
-CVE-2013-3266
+CVE-2013-3266 (The nfsrvd_readdir function in sys/fs/nfsserver/nfs_nfsdport.c in the  ...)
 	{DSA-2672-1}
 	- kfreebsd-9 9.0-11 (bug #706414)
 	- kfreebsd-8 <removed> (bug #706418)
@@ -11039,131 +11039,131 @@ CVE-2013-3266
 	NOTE: http://www.freebsd.org/security/advisories/FreeBSD-SA-13:05.nfsserver.asc
 CVE-2013-3265
 	RESERVED
-CVE-2013-3264
+CVE-2013-3264 (The WP Ultimate Email Marketer plugin 1.1.0 and possibly earlier for W ...)
 	NOT-FOR-US: WP Ultimate Email Marketer
-CVE-2013-3263
+CVE-2013-3263 (Multiple cross-site scripting (XSS) vulnerabilities in the WP Ultimate ...)
 	NOT-FOR-US: WP Ultimate Email Marketer
-CVE-2013-3262
+CVE-2013-3262 (Cross-site scripting (XSS) vulnerability in admin/admin.php in the Dow ...)
 	NOT-FOR-US: WordPress plugin download-monitor
-CVE-2013-3261
+CVE-2013-3261 (Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the  ...)
 	NOT-FOR-US: WordPress plugin flash-album-gallery
-CVE-2013-3260
+CVE-2013-3260 (Heap-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11  ...)
 	NOT-FOR-US: INMATRIX Zoom Player
-CVE-2013-3259
+CVE-2013-3259 (Stack-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 ...)
 	NOT-FOR-US: INMATRIX Zoom Player
-CVE-2013-3258
+CVE-2013-3258 (Cross-site request forgery (CSRF) vulnerability in he Digg Digg plugin ...)
 	NOT-FOR-US: WordPress plugin digg-digg
-CVE-2013-3257
+CVE-2013-3257 (Cross-site request forgery (CSRF) vulnerability in the Related Posts p ...)
 	NOT-FOR-US: WordPress plugin related-posts
-CVE-2013-3256
+CVE-2013-3256 (Cross-site request forgery (CSRF) vulnerability in the Shareaholic Sex ...)
 	NOT-FOR-US: WordPress plugin sexybookmarks
 CVE-2013-3255
 	RESERVED
-CVE-2013-3254
+CVE-2013-3254 (Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the  ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2013-3253
+CVE-2013-3253 (Cross-site request forgery (CSRF) vulnerability in admin/setting.php i ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2013-3252
+CVE-2013-3252 (Cross-site request forgery (CSRF) vulnerability in the options admin p ...)
 	NOT-FOR-US: WordPress plugin WP-PostViews
-CVE-2013-3251
+CVE-2013-3251 (Cross-site request forgery (CSRF) vulnerability in the qTranslate plug ...)
 	NOT-FOR-US: WordPress plugin qTranslate
-CVE-2013-3250
+CVE-2013-3250 (Cross-site request forgery (CSRF) vulnerability in the WP Maintenance  ...)
 	NOT-FOR-US: WP Maintenance Mode plugin for Wordpress
-CVE-2013-3249
+CVE-2013-3249 (Stack-based buffer overflow in the "Add from text file" feature in the ...)
 	NOT-FOR-US: DameWare Remote Support
-CVE-2013-3248
+CVE-2013-3248 (Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows lo ...)
 	NOT-FOR-US: Corel PDF Fusion
 CVE-2013-3247
 	RESERVED
 CVE-2013-3246
 	RESERVED
-CVE-2013-3245
+CVE-2013-3245 (** DISPUTED ** plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media P ...)
 	- vlc 2.0.7-1 (unimportant)
 	NOTE: Harmless crasher
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=59c9e8309d5b435a2d85c2c9eaae979ba56ccdd9
 	NOTE: http://secunia.com/blog/372/
 	NOTE: http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia
-CVE-2013-3244
+CVE-2013-3244 (Multiple unspecified vulnerabilities in the CJDB_FILL_MEMORY_FROM_PPB  ...)
 	NOT-FOR-US: SAP ERP Central Component
-CVE-2013-3243
+CVE-2013-3243 (Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allow ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2013-3242
+CVE-2013-3242 (plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 an ...)
 	NOT-FOR-US: Joomla!
-CVE-2013-3241
+CVE-2013-3241 (export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3  ...)
 	- phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2013-3240
+CVE-2013-3240 (Directory traversal vulnerability in the Export feature in phpMyAdmin  ...)
 	- phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2013-3239
+CVE-2013-3239 (phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir ...)
 	{DLA-0014-1}
 	- phpmyadmin 4:3.4.11.1-2
 	[squeeze] - phpmyadmin 4:3.3.7-8
 	NOTE: Requires non-default option saveDir to be enabled, an authenticated untrusted user and Apache mod_mime
-CVE-2013-3238
+CVE-2013-3238 (phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote a ...)
 	- phpmyadmin <not-affected> (exploitable PHP on Windows only)
 	NOTE: code patched in 4:3.4.11.1-2 nonetheless
-CVE-2013-3237
+CVE-2013-3237 (The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the L ...)
 	- linux-2.6 <not-affected> ((net/vmw_vsock/af_vsock.c not present)
 	- linux <not-affected> (net/vmw_vsock/af_vsock.c not present)
 	- open-vm-tools 2:9.2.2-893683-8 (low; bug #706557)
 	[wheezy] - open-vm-tools <no-dsa> (Minor information leak)
 	[squeeze] - open-vm-tools <no-dsa> (Contrib not supported, minor information leak)
-CVE-2013-3236
+CVE-2013-3236 (The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transp ...)
 	- linux-2.6 <not-affected> (VM Sockets only introduced in 3.9-rc1)
 	- linux <not-affected> (VM Sockets introduced in 3.9-rc1)
-CVE-2013-3235
+CVE-2013-3235 (net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initiali ...)
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3234
+CVE-2013-3234 (The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel be ...)
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3233
+CVE-2013-3233 (The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux ker ...)
 	- linux-2.6 <not-affected> (net/nfc/llcp/sock.c not present, introduced in 3.3)
 	- linux <not-affected> (net/nfc/llcp/sock.c not present, introduced in 3.3)
-CVE-2013-3232
+CVE-2013-3232 (The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel  ...)
 	- linux-2.6 <not-affected> (Introduced and fixed during 3.9 cycle)
 	- linux <not-affected> (Introduced and fixed during 3.9 cycle)
-CVE-2013-3231
+CVE-2013-3231 (The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel be ...)
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3230
+CVE-2013-3230 (The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux kern ...)
 	- linux-2.6 <not-affected> (net/l2tp/l2tp_ip6.c not present)
 	- linux <not-affected> (net/l2tp/l2tp_ip6.c introduced in 3.5)
-CVE-2013-3229
+CVE-2013-3229 (The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kern ...)
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3228
+CVE-2013-3228 (The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux ker ...)
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3227
+CVE-2013-3227 (The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linu ...)
 	{DSA-2669-1}
 	- linux-2.6 <not-affected> (net/caif/caif_socket.c introduced in v2.6.35)
 	- linux 3.8.11-1 (low)
-CVE-2013-3226
+CVE-2013-3226 (The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kern ...)
 	- linux-2.6 <not-affected> (Vulnerable code not yet present)
 	- linux <not-affected> (Vulnerable code not yet present)
 	NOTE: sco_sock_recvmsg only introduced with v3.8, bt_sock_recvmsg has its own CVE ID
-CVE-2013-3225
+CVE-2013-3225 (The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the ...)
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3224
+CVE-2013-3224 (The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Li ...)
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3223
+CVE-2013-3223 (The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel be ...)
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3222
+CVE-2013-3222 (The vcc_recvmsg function in net/atm/common.c in the Linux kernel befor ...)
 	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
-CVE-2013-3221
+CVE-2013-3221 (The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and  ...)
 	- rails-3.2 <unfixed> (unimportant)
 	- ruby-activerecord-3.2 <unfixed> (unimportant)
 	- ruby-activerecord-2.3 <unfixed> (unimportant)
@@ -11171,9 +11171,9 @@ CVE-2013-3221
 	- rails 2.3.14.1 (unimportant)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 	NOTE: This is a general design problem and only mitigated by documented best practices
-CVE-2013-3220
+CVE-2013-3220 (bitcoind and Bitcoin-Qt before 0.4.9rc2, 0.5.x before 0.5.8rc2, 0.6.x  ...)
 	- bitcoin 0.8.1-1
-CVE-2013-3219
+CVE-2013-3219 (bitcoind and Bitcoin-Qt 0.8.x before 0.8.1 do not enforce a certain bl ...)
 	- bitcoin 0.8.1-1
 CVE-2013-3218
 	RESERVED
@@ -11185,91 +11185,91 @@ CVE-2013-3215
 	RESERVED
 CVE-2013-3214
 	RESERVED
-CVE-2013-3213
+CVE-2013-3213 (Multiple SQL injection vulnerabilities in vTiger CRM 5.0.0 through 5.4 ...)
 	NOT-FOR-US: vTiger CRM
 CVE-2013-3212
 	RESERVED
-CVE-2013-3211
+CVE-2013-3211 (Unspecified vulnerability in Opera before 12.15 has unknown impact and ...)
 	NOT-FOR-US: Opera
-CVE-2013-3210
+CVE-2013-3210 (Opera before 12.15 does not properly block top-level domains in Set-Co ...)
 	NOT-FOR-US: Opera
-CVE-2013-3209
+CVE-2013-3209 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3208
+CVE-2013-3208 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3207
+CVE-2013-3207 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3206
+CVE-2013-3206 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3205
+CVE-2013-3205 (Microsoft Internet Explorer 6 through 8 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3204
+CVE-2013-3204 (Microsoft Internet Explorer 7 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3203
+CVE-2013-3203 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3202
+CVE-2013-3202 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3201
+CVE-2013-3201 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3200
+CVE-2013-3200 (The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3199
+CVE-2013-3199 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3198
+CVE-2013-3198 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsof ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3197
+CVE-2013-3197 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsof ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3196
+CVE-2013-3196 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsof ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3195
+CVE-2013-3195 (The DSA_InsertItem function in Comctl32.dll in the Windows common cont ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3194
+CVE-2013-3194 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3193
+CVE-2013-3193 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3192
+CVE-2013-3192 (Cross-site scripting (XSS) vulnerability in Microsoft Internet Explore ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3191
+CVE-2013-3191 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3190
+CVE-2013-3190 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3189
+CVE-2013-3189 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3188
+CVE-2013-3188 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3187
+CVE-2013-3187 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3186
+CVE-2013-3186 (The Protected Mode feature in Microsoft Internet Explorer 7 through 10 ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3185
+CVE-2013-3185 (Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 ...)
 	NOT-FOR-US: Microsoft Active Directory Federation Services
-CVE-2013-3184
+CVE-2013-3184 (Microsoft Internet Explorer 7 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3183
+CVE-2013-3183 (The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Serv ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3182
+CVE-2013-3182 (The Windows NAT Driver (aka winnat) service in Microsoft Windows Serve ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3181
+CVE-2013-3181 (usp10.dll in the Unicode Scripts Processor in Microsoft Windows XP SP2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3180
+CVE-2013-3180 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Serve ...)
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2013-3179
+CVE-2013-3179 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Serve ...)
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2013-3178
+CVE-2013-3178 (Microsoft Silverlight 5 before 5.1.20513.0 does not properly initializ ...)
 	NOT-FOR-US: Microsoft Silverlight
 CVE-2013-3177
 	REJECTED
 CVE-2013-3176
 	REJECTED
-CVE-2013-3175
+CVE-2013-3175 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vis ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3174
+CVE-2013-3174 (DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3173
+CVE-2013-3173 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3172
+CVE-2013-3172 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3171
+CVE-2013-3171 (The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3 ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-3170
 	REJECTED
@@ -11277,129 +11277,129 @@ CVE-2013-3169
 	REJECTED
 CVE-2013-3168
 	REJECTED
-CVE-2013-3167
+CVE-2013-3167 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3166
+CVE-2013-3166 (Cross-site scripting (XSS) vulnerability in Microsoft Internet Explore ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3165
 	REJECTED
-CVE-2013-3164
+CVE-2013-3164 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3163
+CVE-2013-3163 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3162
+CVE-2013-3162 (Microsoft Internet Explorer 7 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3161
+CVE-2013-3161 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3160
+CVE-2013-3160 (Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, an ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2013-3159
+CVE-2013-3159 (Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2013-3158
+CVE-2013-3158 (Microsoft Excel 2003 SP3 and 2007 SP3 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2013-3157
+CVE-2013-3157 (Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Off ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3156
+CVE-2013-3156 (Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Off ...)
 	NOT-FOR-US: Microsoft Access
-CVE-2013-3155
+CVE-2013-3155 (Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Off ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3154
+CVE-2013-3154 (The signature-update functionality in Windows Defender on Microsoft Wi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3153
+CVE-2013-3153 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3152
+CVE-2013-3152 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3151
+CVE-2013-3151 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3150
+CVE-2013-3150 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3149
+CVE-2013-3149 (Microsoft Internet Explorer 7 and 8 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3148
+CVE-2013-3148 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3147
+CVE-2013-3147 (Microsoft Internet Explorer 6 through 9 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3146
+CVE-2013-3146 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3145
+CVE-2013-3145 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3144
+CVE-2013-3144 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3143
+CVE-2013-3143 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3142
+CVE-2013-3142 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3141
+CVE-2013-3141 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3140
+CVE-2013-3140 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3139
+CVE-2013-3139 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3138
+CVE-2013-3138 (Integer overflow in the TCP/IP kernel-mode driver in Microsoft Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3137
+CVE-2013-3137 (Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allow ...)
 	NOT-FOR-US: Microsoft FrontPage
-CVE-2013-3136
+CVE-2013-3136 (The kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windo ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-3135
 	REJECTED
-CVE-2013-3134
+CVE-2013-3134 (The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-3133
+CVE-2013-3133 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not prop ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-3132
+CVE-2013-3132 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-3131
+CVE-2013-3131 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverli ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-3130
 	REJECTED
-CVE-2013-3129
+CVE-2013-3129 (Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3128
+CVE-2013-3128 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-3127
+CVE-2013-3127 (The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows M ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-3126
+CVE-2013-3126 (Microsoft Internet Explorer 9 and 10, when script debugging is enabled ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3125
+CVE-2013-3125 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3124
+CVE-2013-3124 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3123
+CVE-2013-3123 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3122
+CVE-2013-3122 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3121
+CVE-2013-3121 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3120
+CVE-2013-3120 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3119
+CVE-2013-3119 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3118
+CVE-2013-3118 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3117
+CVE-2013-3117 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3116
+CVE-2013-3116 (Microsoft Internet Explorer 7 through 9 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3115
+CVE-2013-3115 (Microsoft Internet Explorer 7 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3114
+CVE-2013-3114 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3113
+CVE-2013-3113 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3112
+CVE-2013-3112 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3111
+CVE-2013-3111 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-3110
+CVE-2013-3110 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3109
 	RESERVED
 CVE-2013-3108
 	RESERVED
-CVE-2013-3107
+CVE-2013-3107 (VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding ...)
 	NOT-FOR-US: vCenter
-CVE-2013-3106
+CVE-2013-3106 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Ap ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2013-3105
 	RESERVED
@@ -11415,60 +11415,60 @@ CVE-2013-3100
 	RESERVED
 CVE-2013-3099
 	RESERVED
-CVE-2013-3098
+CVE-2013-3098 (Multiple cross-site request forgery (CSRF) vulnerabilities in TRENDnet ...)
 	NOT-FOR-US: TRENDnet TEW-812DRU router
 CVE-2013-3097
 	RESERVED
 CVE-2013-3096
 	RESERVED
-CVE-2013-3095
+CVE-2013-3095 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link D ...)
 	NOT-FOR-US: D-Link
 CVE-2013-3094
 	RESERVED
 CVE-2013-3093
 	RESERVED
-CVE-2013-3092
+CVE-2013-3092 (The Belkin N300 (F7D7301v1) router allows remote attackers to bypass a ...)
 	NOT-FOR-US: Belkin router
 CVE-2013-3091
 	RESERVED
-CVE-2013-3090
+CVE-2013-3090 (Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 rou ...)
 	NOT-FOR-US: Belkin N300 router
-CVE-2013-3089
+CVE-2013-3089 (Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin ...)
 	NOT-FOR-US: Belkin N300
 CVE-2013-3088
 	RESERVED
-CVE-2013-3087
+CVE-2013-3087 (Multiple cross-site scripting (XSS) vulnerabilities in Belkin N900 rou ...)
 	NOT-FOR-US: Belkin N900 router
-CVE-2013-3086
+CVE-2013-3086 (Cross-site request forgery (CSRF) vulnerability in util_system.html in ...)
 	NOT-FOR-US: Belkin N900
 CVE-2013-3085
 	RESERVED
-CVE-2013-3084
+CVE-2013-3084 (Multiple cross-site scripting (XSS) vulnerabilities in Belkin Model F5 ...)
 	NOT-FOR-US: Belkin router
-CVE-2013-3083
+CVE-2013-3083 (Cross-site request forgery (CSRF) vulnerability in cgi-bin/system_sett ...)
 	NOT-FOR-US: Belkin
-CVE-2013-3082
+CVE-2013-3082 (Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_p ...)
 	NOT-FOR-US: Jojo CMS
-CVE-2013-3081
+CVE-2013-3081 (SQL injection vulnerability in the checkEmailFormat function in plugin ...)
 	NOT-FOR-US: Jojo CMS
-CVE-2013-3080
+CVE-2013-3080 (VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remo ...)
 	NOT-FOR-US: vCenter
-CVE-2013-3079
+CVE-2013-3079 (VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remo ...)
 	NOT-FOR-US: vCenter
 CVE-2013-3078
 	RESERVED
-CVE-2013-3077
+CVE-2013-3077 (Multiple integer overflows in the IP_MSFILTER and IPV6_MSFILTER featur ...)
 	{DSA-2743-1}
 	- kfreebsd-8 <removed> (bug #720470)
 	[wheezy] - kfreebsd-8 8.3-6+deb7u1
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	- kfreebsd-9 9.2~svn254368-2 (bug #720468)
 	- kfreebsd-10 10.0~svn254663-1 (bug #720471)
-CVE-2013-3076
+CVE-2013-3076 (The crypto API in the Linux kernel through 3.9-rc8 does not initialize ...)
 	{DSA-2669-1}
 	- linux 3.8.11-1 (low)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2013-3075
+CVE-2013-3075 (Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Comp ...)
 	NOT-FOR-US: Mitsubishi MX Component 3
 CVE-2013-3074
 	RESERVED
@@ -11480,35 +11480,35 @@ CVE-2013-3071
 	RESERVED
 CVE-2013-3070
 	RESERVED
-CVE-2013-3069
+CVE-2013-3069 (Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WNDR470 ...)
 	NOT-FOR-US: NETGEAR devices
-CVE-2013-3068
+CVE-2013-3068 (Cross-site request forgery (CSRF) vulnerability in apply.cgi in Linksy ...)
 	NOT-FOR-US: Linksys
 CVE-2013-3067
 	RESERVED
-CVE-2013-3066
+CVE-2013-3066 (Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict  ...)
 	NOT-FOR-US: Linksys
-CVE-2013-3065
+CVE-2013-3065 (Cross-site scripting (XSS) vulnerability in the Parental Controls sect ...)
 	NOT-FOR-US: Linksys
-CVE-2013-3064
+CVE-2013-3064 (Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA ...)
 	NOT-FOR-US: Linksys
-CVE-2013-3063
+CVE-2013-3063 (SAP BASIS Communication Services 4.6B through 7.30 allows remote authe ...)
 	NOT-FOR-US: SAP BASIS Communication Services
-CVE-2013-3062
+CVE-2013-3062 (The CP_RC_TRANSACTION_CALL_BY_SET function in the Engineering Workbenc ...)
 	NOT-FOR-US: SAP
-CVE-2013-3061
+CVE-2013-3061 (The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Speci ...)
 	NOT-FOR-US: SAP
-CVE-2013-3060
+CVE-2013-3060 (The web console in Apache ActiveMQ before 5.8.0 does not require authe ...)
 	- activemq <not-affected> (Web console not provided in Debian package, see #702670)
-CVE-2013-3059
+CVE-2013-3059 (Cross-site scripting (XSS) vulnerability in the Voting plugin in Jooml ...)
 	NOT-FOR-US: Joomla!
-CVE-2013-3058
+CVE-2013-3058 (Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.1 ...)
 	NOT-FOR-US: Joomla!
-CVE-2013-3057
+CVE-2013-3057 (Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authe ...)
 	NOT-FOR-US: Joomla!
-CVE-2013-3056
+CVE-2013-3056 (Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authe ...)
 	NOT-FOR-US: Joomla!
-CVE-2013-3055
+CVE-2013-3055 (Lexmark Markvision Enterprise before 1.8 provides a diagnostic interfa ...)
 	NOT-FOR-US: Lexmark Markvision Enterprise
 CVE-2013-3054
 	RESERVED
@@ -11516,77 +11516,77 @@ CVE-2013-3053
 	RESERVED
 CVE-2013-3052
 	RESERVED
-CVE-2013-3051
+CVE-2013-3051 (The TrustZone kernel, when used in conjunction with a certain Motorola ...)
 	NOT-FOR-US: TrustZone kernel
-CVE-2013-3050
+CVE-2013-3050 (SQL injection vulnerability in ZAPms 1.41 and earlier allows remote at ...)
 	NOT-FOR-US: ZAPms
-CVE-2013-3049
+CVE-2013-3049 (IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0. ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-3048
+CVE-2013-3048 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-3047
+CVE-2013-3047 (IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-3046
+CVE-2013-3046 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-3045
+CVE-2013-3045 (The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-3044
+CVE-2013-3044 (The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-3043
+CVE-2013-3043 (Directory traversal vulnerability in the client in IBM Rational Softwa ...)
 	NOT-FOR-US: IBM
-CVE-2013-3042
+CVE-2013-3042 (Directory traversal vulnerability in the server in IBM Rational Softwa ...)
 	NOT-FOR-US: IBM
-CVE-2013-3041
+CVE-2013-3041 (The Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 bef ...)
 	NOT-FOR-US: IBM
-CVE-2013-3040
+CVE-2013-3040 (IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, an ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2013-3039
+CVE-2013-3039 (IBM Rational Requirements Composer before 4.0.4 does not properly perf ...)
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2013-3038
+CVE-2013-3038 (Unspecified vulnerability in IBM Rational Requirements Composer before ...)
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2013-3037
+CVE-2013-3037 (Unspecified vulnerability in IBM Rational Requirements Composer before ...)
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2013-3036
+CVE-2013-3036 (Open redirect vulnerability in IBM Rational Requirements Composer befo ...)
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2013-3035
+CVE-2013-3035 (The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1,  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2013-3034
+CVE-2013-3034 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2013-3033
+CVE-2013-3033 (SQL injection vulnerability in the server component in IBM Tivoli Remo ...)
 	NOT-FOR-US: IBM Tivoli Remote Control
-CVE-2013-3032
+CVE-2013-3032 (Cross-site scripting (XSS) vulnerability in the MIME e-mail functional ...)
 	NOT-FOR-US: IBM Domino
-CVE-2013-3031
+CVE-2013-3031 (A SQL stored procedure in the Universal Cache component in IBM solidDB ...)
 	NOT-FOR-US: IBM
-CVE-2013-3030
+CVE-2013-3030 (The servlet gateway in IBM Cognos Business Intelligence 8.4.1 before I ...)
 	NOT-FOR-US: IBM
-CVE-2013-3029
+CVE-2013-3029 (Cross-site request forgery (CSRF) vulnerability in the Administrative  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-3028
+CVE-2013-3028 (Multiple buffer overflows in mqm programs in IBM WebSphere MQ 7.0.x be ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-3027
+CVE-2013-3027 (Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino  ...)
 	NOT-FOR-US: IBM Domino
-CVE-2013-3026
+CVE-2013-3026 (Buffer overflow in the Lotus Quickr for Domino ActiveX control in qp2. ...)
 	NOT-FOR-US: Lotus Quickr for Domino ActiveX
-CVE-2013-3025
+CVE-2013-3025 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational Fo ...)
 	NOT-FOR-US: IBM
-CVE-2013-3024
+CVE-2013-3024 (IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX all ...)
 	NOT-FOR-US: IBM
-CVE-2013-3023
+CVE-2013-3023 (IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and  ...)
 	NOT-FOR-US: IBM
 CVE-2013-3022
 	REJECTED
 CVE-2013-3021
 	RESERVED
-CVE-2013-3020
+CVE-2013-3020 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
 CVE-2013-3019
 	RESERVED
-CVE-2013-3018
+CVE-2013-3018 (The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Depend ...)
 	NOT-FOR-US: IBM
-CVE-2013-3017
+CVE-2013-3017 (IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2 ...)
 	NOT-FOR-US: IBM
-CVE-2013-3016
+CVE-2013-3016 (IBM WebSphere Portal 6.1, 7.0, and 8.0 allows remote attackers to acce ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2013-3015
 	RESERVED
@@ -11594,131 +11594,131 @@ CVE-2013-3014
 	RESERVED
 CVE-2013-3013
 	RESERVED
-CVE-2013-3012
+CVE-2013-3012 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
 	NOT-FOR-US: IBM JDK
-CVE-2013-3011
+CVE-2013-3011 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
 	NOT-FOR-US: IBM JDK
-CVE-2013-3010
+CVE-2013-3010 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
 	NOT-FOR-US: IBM JDK
-CVE-2013-3009
+CVE-2013-3009 (The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1 ...)
 	NOT-FOR-US: IBM JDK
-CVE-2013-3008
+CVE-2013-3008 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
 	NOT-FOR-US: IBM JDK
-CVE-2013-3007
+CVE-2013-3007 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
 	NOT-FOR-US: IBM JDK
-CVE-2013-3006
+CVE-2013-3006 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
 	NOT-FOR-US: IBM JDK
-CVE-2013-3005
+CVE-2013-3005 (The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02,  ...)
 	NOT-FOR-US: TFTP client in IBM AIX
-CVE-2013-3004
+CVE-2013-3004 (Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli  ...)
 	NOT-FOR-US: IBM Tivoli Application Dependency Discovery Manager
-CVE-2013-3003
+CVE-2013-3003 (Unspecified vulnerability in SOAP Gateway in IBM IMS Enterprise Suite  ...)
 	NOT-FOR-US: IBM
 CVE-2013-3002
 	RESERVED
-CVE-2013-3001
+CVE-2013-3001 (Directory traversal vulnerability in IBM InfoSphere Data Replication D ...)
 	NOT-FOR-US: IBM
-CVE-2013-3000
+CVE-2013-3000 (SQL injection vulnerability in IBM InfoSphere Data Replication Dashboa ...)
 	NOT-FOR-US: IBM
-CVE-2013-2999
+CVE-2013-2999 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data Replic ...)
 	NOT-FOR-US: IBM
-CVE-2013-2998
+CVE-2013-2998 (frontcontroller.jsp in IBM Maximo Asset Management 7.x before 7.5.0.6  ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-2997
+CVE-2013-2997 (IBM Security AppScan Enterprise before 8.7 does not invalidate the ses ...)
 	NOT-FOR-US: IBM
 CVE-2013-2996
 	RESERVED
 CVE-2013-2995
 	RESERVED
-CVE-2013-2994
+CVE-2013-2994 (IBM WebSphere Commerce 7.0 Feature Pack 4 and Feature Pack 5 incorrect ...)
 	NOT-FOR-US: IBM
-CVE-2013-2993
+CVE-2013-2993 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.7 do ...)
 	NOT-FOR-US: IBM
-CVE-2013-2992
+CVE-2013-2992 (The Search component in IBM WebSphere Commerce 7.0 FP4 through FP6, in ...)
 	NOT-FOR-US: IBM
 CVE-2013-2991
 	REJECTED
 CVE-2013-2990
 	REJECTED
-CVE-2013-2989
+CVE-2013-2989 (The file-copying functionality in IBM Sterling Connect:Direct 3.8.00,  ...)
 	NOT-FOR-US: IBM
-CVE-2013-2988
+CVE-2013-2988 (Absolute path traversal vulnerability in the server in IBM Cognos Busi ...)
 	NOT-FOR-US: IBM Cognos
-CVE-2013-2987
+CVE-2013-2987 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
 CVE-2013-2986
 	REJECTED
-CVE-2013-2985
+CVE-2013-2985 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-2984
+CVE-2013-2984 (Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 a ...)
 	NOT-FOR-US: IBM
-CVE-2013-2983
+CVE-2013-2983 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling Fi ...)
 	NOT-FOR-US: IBM
-CVE-2013-2982
+CVE-2013-2982 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-2981
+CVE-2013-2981 (Directory traversal vulnerability in the Web Console in IBM Data Studi ...)
 	NOT-FOR-US: IBM Data Studio
-CVE-2013-2980
+CVE-2013-2980 (Cross-site request forgery (CSRF) vulnerability in the Web Console in  ...)
 	NOT-FOR-US: IBM Data Studio
-CVE-2013-2979
+CVE-2013-2979 (Directory traversal vulnerability in IBM Optim Performance Manager 4.1 ...)
 	NOT-FOR-US: IBM
-CVE-2013-2978
+CVE-2013-2978 (Absolute path traversal vulnerability in the server in IBM Cognos Busi ...)
 	NOT-FOR-US: IBM Cognos
-CVE-2013-2977
+CVE-2013-2977 (Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and ...)
 	NOT-FOR-US: IBM Notes
-CVE-2013-2976
+CVE-2013-2976 (The Administrative console in IBM WebSphere Application Server (WAS) 6 ...)
 	NOT-FOR-US: IBM
 CVE-2013-2975
 	RESERVED
-CVE-2013-2974
+CVE-2013-2974 (The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager ...)
 	NOT-FOR-US: IBM Tivoli Application Dependency Discovery Manager
 CVE-2013-2973
 	REJECTED
-CVE-2013-2972
+CVE-2013-2972 (IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended ...)
 	NOT-FOR-US: IBM
 CVE-2013-2971
 	REJECTED
-CVE-2013-2970
+CVE-2013-2970 (Unspecified vulnerability in IBM QRadar Security Information and Event ...)
 	NOT-FOR-US: IBM
-CVE-2013-2969
+CVE-2013-2969 (Cross-site scripting (XSS) vulnerability in IBM Sterling Control Cente ...)
 	NOT-FOR-US: IBM Sterling Control Center
-CVE-2013-2968
+CVE-2013-2968 (An unspecified buffer-read method in IBM Sterling Control Center (SCC) ...)
 	NOT-FOR-US: IBM Sterling Control Center
-CVE-2013-2967
+CVE-2013-2967 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2013-2966
 	RESERVED
 CVE-2013-2965
 	RESERVED
-CVE-2013-2964
+CVE-2013-2964 (Buffer overflow in dsmtca in IBM Tivoli Storage Manager (TSM) through  ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
 CVE-2013-2963
 	RESERVED
-CVE-2013-2962
+CVE-2013-2962 (Buffer overflow in the Launcher in IBM WebSphere Transformation Extend ...)
 	NOT-FOR-US: IBM WebSphere Transformation Extender
-CVE-2013-2961
+CVE-2013-2961 (The internal web server in the Basic Services component in IBM Tivoli  ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2013-2960
+CVE-2013-2960 (Buffer overflow in KDSMAIN in the Basic Services component in IBM Tivo ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2013-2959
+CVE-2013-2959 (The Console in IBM InfoSphere Optim Data Growth for Oracle E-Business  ...)
 	NOT-FOR-US: IBM
 CVE-2013-2958
 	RESERVED
-CVE-2013-2957
+CVE-2013-2957 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Data  ...)
 	NOT-FOR-US: IBM
-CVE-2013-2956
+CVE-2013-2956 (SQL injection vulnerability in the Console in IBM InfoSphere Optim Dat ...)
 	NOT-FOR-US: IBM
-CVE-2013-2955
+CVE-2013-2955 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Data  ...)
 	NOT-FOR-US: IBM
-CVE-2013-2954
+CVE-2013-2954 (The login page in the Console in IBM InfoSphere Optim Data Growth for  ...)
 	NOT-FOR-US: IBM
-CVE-2013-2953
+CVE-2013-2953 (IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, ...)
 	NOT-FOR-US: IBM
 CVE-2013-2952
 	RESERVED
-CVE-2013-2951
+CVE-2013-2951 (IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace fi ...)
 	NOT-FOR-US: IBM
-CVE-2013-2950
+CVE-2013-2950 (CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before 6. ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2013-2949
 	RESERVED
@@ -11728,9 +11728,9 @@ CVE-2013-2947
 	RESERVED
 CVE-2013-2946
 	RESERVED
-CVE-2013-2945
+CVE-2013-2945 (SQL injection vulnerability in blogs/admin.php in b2evolution before 4 ...)
 	NOT-FOR-US: b2evolution
-CVE-2013-2944
+CVE-2013-2944 (strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDS ...)
 	{DSA-2665-1}
 	- strongswan 4.6.4-7
 CVE-2013-2943
@@ -11739,76 +11739,76 @@ CVE-2013-2942
 	RESERVED
 CVE-2013-2941
 	RESERVED
-CVE-2013-2940
+CVE-2013-2940 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka  ...)
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2939
+CVE-2013-2939 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka  ...)
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2938
+CVE-2013-2938 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka  ...)
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2937
+CVE-2013-2937 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka  ...)
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2936
+CVE-2013-2936 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka  ...)
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2935
+CVE-2013-2935 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka  ...)
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2934
+CVE-2013-2934 (Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulativ ...)
 	NOT-FOR-US: Citrix CloudPortal Services Manager
-CVE-2013-2933
+CVE-2013-2933 (Unspecified vulnerability in Citrix CloudPortal Services Manager (aka  ...)
 	NOT-FOR-US: Citrix CloudPortal Services Manager
 CVE-2013-2932
 	RESERVED
-CVE-2013-2931
+CVE-2013-2931 (Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650 ...)
 	{DSA-2799-1}
 	- chromium-browser 31.0.1650.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2930
+CVE-2013-2930 (The perf_trace_event_perm function in kernel/trace/trace_event_perf.c  ...)
 	- linux-2.6 <not-affected> (Introduced in v3.4)
 	[wheezy] - linux <not-affected> (Introduced in v3.4)
 	- linux 3.11.8-1
 	NOTE: Introduced by ced39002f5ea
-CVE-2013-2929
+CVE-2013-2929 (The Linux kernel before 3.12.2 does not properly use the get_dumpable  ...)
 	{DSA-2906-1}
 	- linux-2.6 <removed>
 	- linux 3.11.10-1
 	[wheezy] - linux 3.2.53-2
-CVE-2013-2928
+CVE-2013-2928 (Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599 ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2927
+CVE-2013-2927 (Use-after-free vulnerability in the HTMLFormElement::prepareForSubmiss ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2926
+CVE-2013-2926 (Use-after-free vulnerability in the IndentOutdentCommand::tryIndenting ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2925
+CVE-2013-2925 (Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink,  ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2924
+CVE-2013-2924 (Use-after-free vulnerability in International Components for Unicode ( ...)
 	{DSA-2786-1 DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
 	- icu 4.8.1.1-13+nmu1 (bug #726477)
-CVE-2013-2923
+CVE-2013-2923 (Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599 ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2922
+CVE-2013-2922 (Use-after-free vulnerability in core/html/HTMLTemplateElement.cpp in B ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2921
+CVE-2013-2921 (Double free vulnerability in the ResourceFetcher::didLoadResource func ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2920
+CVE-2013-2920 (The DoResolveRelativeHost function in url/url_canon_relative.cc in Goo ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2919
+CVE-2013-2919 (Google V8, as used in Google Chrome before 30.0.1599.66, allows remote ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -11817,153 +11817,153 @@ CVE-2013-2919
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2013-2918
+CVE-2013-2918 (Use-after-free vulnerability in the RenderBlock::collapseAnonymousBloc ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2917
+CVE-2013-2917 (The ReverbConvolverStage::ReverbConvolverStage function in core/platfo ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2916
+CVE-2013-2916 (Blink, as used in Google Chrome before 30.0.1599.66, allows remote att ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2915
+CVE-2013-2915 (Google Chrome before 30.0.1599.66 preserves pending NavigationEntry ob ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2914
+CVE-2013-2914 (Use-after-free vulnerability in the color-chooser dialog in Google Chr ...)
 	- chromium-browser <not-affected> (windows-specific issue)
-CVE-2013-2913
+CVE-2013-2913 (Use-after-free vulnerability in the XMLDocumentParser::append function ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2912
+CVE-2013-2912 (Use-after-free vulnerability in the PepperInProcessRouter::SendToHost  ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2911
+CVE-2013-2911 (Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet f ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2910
+CVE-2013-2910 (Use-after-free vulnerability in modules/webaudio/AudioScheduledSourceN ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2909
+CVE-2013-2909 (Use-after-free vulnerability in Blink, as used in Google Chrome before ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2908
+CVE-2013-2908 (Google Chrome before 30.0.1599.66 uses incorrect function calls to det ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2907
+CVE-2013-2907 (The Window.prototype object implementation in Google Chrome before 30. ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2906
+CVE-2013-2906 (Multiple race conditions in the Web Audio implementation in Blink, as  ...)
 	{DSA-2785-1}
 	- chromium-browser 30.0.1599.101-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2905
+CVE-2013-2905 (The SharedMemory::Create function in memory/shared_memory_posix.cc in  ...)
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2904
+CVE-2013-2904 (Use-after-free vulnerability in the Document::finishedParsing function ...)
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2903
+CVE-2013-2903 (Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocu ...)
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2902
+CVE-2013-2902 (Use-after-free vulnerability in the XSLT ProcessingInstruction impleme ...)
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libxslt <not-affected> (according to https://chromiumcodereview.appspot.com/20856002 this is an issue on chromium's side of xslt handling)
-CVE-2013-2901
+CVE-2013-2901 (Multiple integer overflows in (1) libGLESv2/renderer/Renderer9.cpp and ...)
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2900
+CVE-2013-2900 (The FilePath::ReferencesParent function in files/file_path.cc in Googl ...)
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2899
+CVE-2013-2899 (drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) sub ...)
 	- linux 3.10.11-1 (low)
 	[wheezy] - linux 3.2.51-1
 	- linux-2.6 <not-affected> (driver introduced in 2.6.35)
-CVE-2013-2898
+CVE-2013-2898 (drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsy ...)
 	- linux 3.10.11-1 (low)
 	[wheezy] - linux <not-affected> (driver introduced in 3.7)
 	- linux-2.6 <not-affected> (driver introduced in 3.7)
-CVE-2013-2897
+CVE-2013-2897 (Multiple array index errors in drivers/hid/hid-multitouch.c in the Hum ...)
 	- linux 3.11.5-1 (low)
 	- linux-2.6 <not-affected> (driver introduced in 2.6.38)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-2896
+CVE-2013-2896 (drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem  ...)
 	- linux 3.10.11-1 (low)
 	[wheezy] - linux 3.2.51-1
 	- linux-2.6 <not-affected> (Vulnerable feature probing code not present)
-CVE-2013-2895
+CVE-2013-2895 (drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subs ...)
 	- linux 3.11.5-1 (low)
 	- linux-2.6 <not-affected> (driver introduced in 3.2)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-2894
+CVE-2013-2894 (drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) sub ...)
 	- linux 3.11.5-1 (low)
 	[wheezy] - linux <not-affected> (driver introduced in 3.6)
 	- linux-2.6 <not-affected> (driver introduced in 3.6)
-CVE-2013-2893
+CVE-2013-2893 (The Human Interface Device (HID) subsystem in the Linux kernel through ...)
 	{DSA-2906-1}
 	- linux 3.11.5-1 (low)
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-2892
+CVE-2013-2892 (drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in  ...)
 	{DSA-2766-1}
 	- linux 3.10.11-1 (low)
 	[wheezy] - linux 3.2.51-1
 	- linux-2.6 <removed> (low)
-CVE-2013-2891
+CVE-2013-2891 (drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subs ...)
 	- linux 3.11.5-1 (low)
 	[wheezy] - linux <not-affected> (steelseries driver introduced in 3.9)
 	- linux-2.6 <not-affected> (steelseries driver introduced in 3.9)
-CVE-2013-2890
+CVE-2013-2890 (drivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem i ...)
 	- linux <not-affected> (buzz driver introduced in 3.11 cycle, only in experimental)
 	- linux-2.6 <not-affected> (buzz driver introduced in 3.11 cycle)
-CVE-2013-2889
+CVE-2013-2889 (drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem i ...)
 	{DSA-2906-1}
 	- linux 3.11.5-1 (low)
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-2888
+CVE-2013-2888 (Multiple array index errors in drivers/hid/hid-core.c in the Human Int ...)
 	{DSA-2766-1}
 	- linux 3.10.11-1
 	- linux-2.6 <removed>
 	[wheezy] - linux 3.2.51-1
-CVE-2013-2887
+CVE-2013-2887 (Multiple unspecified vulnerabilities in Google Chrome before 29.0.1547 ...)
 	{DSA-2741-1}
 	- chromium-browser 29.0.1547.57-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2886
+CVE-2013-2886 (Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500 ...)
 	{DSA-2732-1}
 	- chromium-browser 28.0.1500.95-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2885
+CVE-2013-2885 (Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allo ...)
 	{DSA-2732-1}
 	- chromium-browser 28.0.1500.95-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2884
+CVE-2013-2884 (Use-after-free vulnerability in the DOM implementation in Google Chrom ...)
 	{DSA-2732-1}
 	- chromium-browser 28.0.1500.95-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2883
+CVE-2013-2883 (Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allo ...)
 	{DSA-2732-1}
 	- chromium-browser 28.0.1500.95-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2882
+CVE-2013-2882 (Google V8, as used in Google Chrome before 28.0.1500.95, allows remote ...)
 	{DSA-2732-1}
 	- chromium-browser 28.0.1500.95-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -11972,171 +11972,171 @@ CVE-2013-2882
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2013-2881
+CVE-2013-2881 (Google Chrome before 28.0.1500.95 does not properly handle frames, whi ...)
 	{DSA-2732-1}
 	- chromium-browser 28.0.1500.95-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2880
+CVE-2013-2880 (Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500 ...)
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2879
+CVE-2013-2879 (Google Chrome before 28.0.1500.71 does not properly determine the circ ...)
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2878
+CVE-2013-2878 (Google Chrome before 28.0.1500.71 allows remote attackers to cause a d ...)
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2877
+CVE-2013-2877 (parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0 ...)
 	{DSA-2779-1 DSA-2724-1}
 	- libxml2 2.9.1+dfsg1-1 (bug #715531)
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2876
+CVE-2013-2876 (browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1 ...)
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2875
+CVE-2013-2875 (core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in B ...)
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2874
+CVE-2013-2874 (Google Chrome before 28.0.1500.71 on Windows, when an Nvidia GPU is us ...)
 	- chromium-browser <not-affected> (Windows-specific)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2873
+CVE-2013-2873 (Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allo ...)
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2872
+CVE-2013-2872 (Google Chrome before 28.0.1500.71 on Mac OS X does not ensure a suffic ...)
 	- chromium-browser <not-affected> (MacOS specific)
-CVE-2013-2871
+CVE-2013-2871 (Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allo ...)
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2870
+CVE-2013-2870 (Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allo ...)
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2869
+CVE-2013-2869 (Google Chrome before 28.0.1500.71 allows remote attackers to cause a d ...)
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2868
+CVE-2013-2868 (common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71  ...)
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2867
+CVE-2013-2867 (Google Chrome before 28.0.1500.71 does not properly prevent pop-under  ...)
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2866
+CVE-2013-2866 (The Flash plug-in in Google Chrome before 27.0.1453.116, as used on Go ...)
 	- chromium-browser <not-affected> (Flash plugin not included in Chromium)
-CVE-2013-2865
+CVE-2013-2865 (Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453 ...)
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2864
+CVE-2013-2864 (The PDF functionality in Google Chrome before 27.0.1453.110 allows rem ...)
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
-CVE-2013-2863
+CVE-2013-2863 (Google Chrome before 27.0.1453.110 does not properly handle SSL socket ...)
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2862
+CVE-2013-2862 (Skia, as used in Google Chrome before 27.0.1453.110, does not properly ...)
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2861
+CVE-2013-2861 (Use-after-free vulnerability in the SVG implementation in Google Chrom ...)
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2860
+CVE-2013-2860 (Use-after-free vulnerability in Google Chrome before 27.0.1453.110 all ...)
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2859
+CVE-2013-2859 (Google Chrome before 27.0.1453.110 allows remote attackers to bypass t ...)
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2858
+CVE-2013-2858 (Use-after-free vulnerability in the HTML5 Audio implementation in Goog ...)
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2857
+CVE-2013-2857 (Use-after-free vulnerability in Google Chrome before 27.0.1453.110 all ...)
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2856
+CVE-2013-2856 (Use-after-free vulnerability in Google Chrome before 27.0.1453.110 all ...)
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2855
+CVE-2013-2855 (The Developer Tools API in Google Chrome before 27.0.1453.110 allows r ...)
 	{DSA-2706-1}
 	- chromium-browser 27.0.1453.110-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2854
+CVE-2013-2854 (Google Chrome before 27.0.1453.110 on Windows provides an incorrect ha ...)
 	- chromium-browser <not-affected> (Windows-specific)
-CVE-2013-2853
+CVE-2013-2853 (The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ...)
 	{DSA-2724-1}
 	- chromium-browser 28.0.1500.71-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2852
+CVE-2013-2852 (Format string vulnerability in the b43_request_firmware function in dr ...)
 	{DSA-2766-1 DSA-2745-1}
 	- linux 3.9.8-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2013-2851
+CVE-2013-2851 (Format string vulnerability in the register_disk function in block/gen ...)
 	{DSA-2766-1 DSA-2745-1}
 	- linux 3.9.8-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2013-2850
+CVE-2013-2850 (Heap-based buffer overflow in the iscsi_add_notunderstood_response fun ...)
 	- linux 3.9.4-1
 	- linux-2.6 <not-affected> (Introduced in 3.1)
 	[wheezy] - linux 3.2.46-1
-CVE-2013-2849
+CVE-2013-2849 (Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome b ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2848
+CVE-2013-2848 (The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remot ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2847
+CVE-2013-2847 (Race condition in the workers implementation in Google Chrome before 2 ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2846
+CVE-2013-2846 (Use-after-free vulnerability in the media loader in Google Chrome befo ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2845
+CVE-2013-2845 (The Web Audio implementation in Google Chrome before 27.0.1453.93 allo ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2844
+CVE-2013-2844 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) imple ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2843
+CVE-2013-2843 (Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allo ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2842
+CVE-2013-2842 (Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allo ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2841
+CVE-2013-2841 (Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allo ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2840
+CVE-2013-2840 (Use-after-free vulnerability in the media loader in Google Chrome befo ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2839
+CVE-2013-2839 (Google Chrome before 27.0.1453.93 does not properly perform a cast of  ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2838
+CVE-2013-2838 (Google V8, as used in Google Chrome before 27.0.1453.93, allows remote ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -12145,68 +12145,68 @@ CVE-2013-2838
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2013-2837
+CVE-2013-2837 (Use-after-free vulnerability in the SVG implementation in Google Chrom ...)
 	{DSA-2695-1}
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2836
+CVE-2013-2836 (Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453 ...)
 	- chromium-browser 27.0.1453.93-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-2835
+CVE-2013-2835 (Google Chrome OS before 26.0.1410.57 does not properly enforce origin  ...)
 	NOT-FOR-US: Google Chrome OS
-CVE-2013-2834
+CVE-2013-2834 (Google Chrome OS before 26.0.1410.57 does not properly enforce origin  ...)
 	NOT-FOR-US: Google Chrome OS
-CVE-2013-2833
+CVE-2013-2833 (Use-after-free vulnerability in the O3D plug-in in Google Chrome OS be ...)
 	NOT-FOR-US: Google Chrome OS
-CVE-2013-2832
+CVE-2013-2832 (The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in ...)
 	NOT-FOR-US: Google Chrome OS
 CVE-2013-2831
 	RESERVED
-CVE-2013-2830
+CVE-2013-2830 (Use-after-free vulnerability in SumatraPDF Reader 2.x before 2.2.1 all ...)
 	NOT-FOR-US: SumatraPDF Reader
-CVE-2013-2829
+CVE-2013-2829 (MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote at ...)
 	NOT-FOR-US: MatrikonOPC SCADA DNP3 OPC Server
-CVE-2013-2828
+CVE-2013-2828 (The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for  ...)
 	NOT-FOR-US: OSIsoft PI Interface
-CVE-2013-2827
+CVE-2013-2827 (An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, K ...)
 	NOT-FOR-US: WellinTech KingSCADA
-CVE-2013-2826
+CVE-2013-2826 (WellinTech KingSCADA before 3.1.2, KingAlarm&amp;Event before 3.1, and ...)
 	NOT-FOR-US: WellinTech KingSCADA
-CVE-2013-2825
+CVE-2013-2825 (The DNP3 service in the Outstation component on Elecsys Director Gatew ...)
 	NOT-FOR-US: Elecsys Director Gateway
-CVE-2013-2824
+CVE-2013-2824 (Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo  ...)
 	NOT-FOR-US: Schneider Electric StruxureWare SCADA Expert Vijeo Citect
-CVE-2013-2823
+CVE-2013-2823 (The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intell ...)
 	NOT-FOR-US: Catapult DNP3 I/O driver
-CVE-2013-2822
+CVE-2013-2822 (NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27. ...)
 	NOT-FOR-US: NovaTech
-CVE-2013-2821
+CVE-2013-2821 (NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27. ...)
 	NOT-FOR-US: NovaTech
-CVE-2013-2820
+CVE-2013-2820 (The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and  ...)
 	NOT-FOR-US: Sierra Wireless AirLink Raven X EV-DO gateways
-CVE-2013-2819
+CVE-2013-2819 (The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and  ...)
 	NOT-FOR-US: Sierra Wireless AirLink Raven X EV-DO gateways
-CVE-2013-2818
+CVE-2013-2818 (The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 allow ...)
 	NOT-FOR-US: e-terracontrol
-CVE-2013-2817
+CVE-2013-2817 (An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation  ...)
 	NOT-FOR-US: Mitsubishi Electric Automation MC-WorX Suite
-CVE-2013-2816
+CVE-2013-2816 (The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateway ...)
 	NOT-FOR-US: Cooper Power Systems
 CVE-2013-2815
 	REJECTED
-CVE-2013-2814
+CVE-2013-2814 (Cooper Power Systems Cybectec DNP3 Master OPC Server allows remote att ...)
 	NOT-FOR-US: Cooper Power Systems
-CVE-2013-2813
+CVE-2013-2813 (The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateway ...)
 	NOT-FOR-US: Cooper Power Systems
 CVE-2013-2812
 	RESERVED
-CVE-2013-2811
+CVE-2013-2811 (The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intell ...)
 	NOT-FOR-US: Catapult DNP3 I/O driver
-CVE-2013-2810
+CVE-2013-2810 (Emerson Process Management ROC800 RTU with software 3.50 and earlier,  ...)
 	NOT-FOR-US: Emerson
-CVE-2013-2809
+CVE-2013-2809 (The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for  ...)
 	NOT-FOR-US: OSIsoft PI Interface
-CVE-2013-2808
+CVE-2013-2808 (Heap-based buffer overflow in Xper in Philips Xper Information Managem ...)
 	NOT-FOR-US: Xper
 CVE-2013-2807
 	RESERVED
@@ -12214,64 +12214,64 @@ CVE-2013-2806
 	RESERVED
 CVE-2013-2805
 	RESERVED
-CVE-2013-2804
+CVE-2013-2804 (The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 ...)
 	NOT-FOR-US: TOP Server OPC Server
-CVE-2013-2803
+CVE-2013-2803 (ProSoft RadioLinx ControlScape before 6.00.040 uses a deficient PRNG a ...)
 	NOT-FOR-US: ProSoft RadioLinx ControlScape
-CVE-2013-2802
+CVE-2013-2802 (The universal protocol implementation in Sixnet UDR before 2.0 and RTU ...)
 	NOT-FOR-US: Sixnet
-CVE-2013-2801
+CVE-2013-2801 (The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows remo ...)
 	NOT-FOR-US: OSIsoft PI Interface
-CVE-2013-2800
+CVE-2013-2800 (The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows remo ...)
 	NOT-FOR-US: OSIsoft PI Interface
 CVE-2013-2799
 	REJECTED
-CVE-2013-2798
+CVE-2013-2798 (Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL- ...)
 	NOT-FOR-US: Schweitzer Engineering Laboratories
 CVE-2013-2797
 	RESERVED
-CVE-2013-2796
+CVE-2013-2796 (Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and ...)
 	NOT-FOR-US: Schneider Electric Vijeo Citect
 CVE-2013-2795
 	REJECTED
-CVE-2013-2794
+CVE-2013-2794 (Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DN ...)
 	NOT-FOR-US: Triangle MicroWorks SCADA
-CVE-2013-2793
+CVE-2013-2793 (Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DN ...)
 	NOT-FOR-US: Triangle MicroWorks SCADA
-CVE-2013-2792
+CVE-2013-2792 (Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL- ...)
 	NOT-FOR-US: Schweitzer Engineering Laboratories
-CVE-2013-2791
+CVE-2013-2791 (MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cau ...)
 	NOT-FOR-US: MatrikonOPC
-CVE-2013-2790
+CVE-2013-2790 (The master-station DNP3 driver before driver19.exe, and Beta2041.exe,  ...)
 	NOT-FOR-US: IOServer
-CVE-2013-2789
+CVE-2013-2789 (The Kepware DNP Master Driver for the KEPServerEX Communications Platf ...)
 	NOT-FOR-US: Kepware
-CVE-2013-2788
+CVE-2013-2788 (The DNP3 Slave service in SUBNET Solutions SubSTATION Server 2.7.0033  ...)
 	NOT-FOR-US: SUBNET Solutions SubSTATION Server
-CVE-2013-2787
+CVE-2013-2787 (Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cau ...)
 	NOT-FOR-US: Alstom e-terracontrol
-CVE-2013-2786
+CVE-2013-2786 (Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 Studi ...)
 	NOT-FOR-US: Alstom Grid MiCOM S1
-CVE-2013-2785
+CVE-2013-2785 (Multiple buffer overflows in CimWebServer.exe in the WebView component ...)
 	NOT-FOR-US: GE Intelligent Platforms
-CVE-2013-2784
+CVE-2013-2784 (Triangle Research International (aka Tri) Nano-10 PLC devices with fir ...)
 	NOT-FOR-US: Triangle Research International
-CVE-2013-2783
+CVE-2013-2783 (The DNP3 driver in IOServer drivers 1.0.19.0 allows remote attackers t ...)
 	NOT-FOR-US: IOServer DNP3 drivers
-CVE-2013-2782
+CVE-2013-2782 (Schneider Electric Trio J-Series License Free Ethernet Radio with firm ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2013-2781
+CVE-2013-2781 (Use-after-free vulnerability in the server application in 3S CODESYS G ...)
 	NOT-FOR-US: 3S CODESYS Gateway
-CVE-2013-2780
+CVE-2013-2780 (Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cau ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2013-2779
+CVE-2013-2779 (Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on  ...)
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-2778
+CVE-2013-2778 (Cross-site request forgery (CSRF) vulnerability in addressbook/registe ...)
 	NOT-FOR-US: PHP Address Book
-CVE-2013-2777
+CVE-2013-2777 (sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets op ...)
 	{DSA-2642-1}
 	- sudo 1.8.5p2-1+nmu1 (bug #701839)
-CVE-2013-2776
+CVE-2013-2776 (sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on ...)
 	{DSA-2642-1}
 	- sudo 1.8.5p2-1+nmu1 (bug #701839)
 CVE-2013-2775
@@ -12284,17 +12284,17 @@ CVE-2013-2772
 	RESERVED
 CVE-2013-2771
 	RESERVED
-CVE-2013-2770
+CVE-2013-2770 (The installation functionality in the Novell Kanaka component before 2 ...)
 	NOT-FOR-US: Novell Open Enterprise Server (OES) on Mac OS X
 CVE-2013-2769
 	RESERVED
 CVE-2013-2768
 	RESERVED
-CVE-2013-2767
+CVE-2013-2767 (Unspecified vulnerability in Citrix NetScaler Access Gateway Enterpris ...)
 	NOT-FOR-US: Citrix NetScaler Access Gateway
-CVE-2013-2766
+CVE-2013-2766 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.3.0 ...)
 	NOT-FOR-US: Splunk
-CVE-2013-2765
+CVE-2013-2765 (The ModSecurity module before 2.7.4 for the Apache HTTP Server allows  ...)
 	- modsecurity-apache 2.6.6-9 (bug #710217)
 	- libapache-mod-security <removed> (bug #710217)
 	[wheezy] - modsecurity-apache 2.6.6-6+deb7u1
@@ -12304,39 +12304,39 @@ CVE-2013-2765
 CVE-2013-2764
 	RESERVED
 	NOT-FOR-US: Secure Entry Server
-CVE-2013-2763
+CVE-2013-2763 (** DISPUTED ** The Schneider Electric M340 PLC modules allow remote at ...)
 	NOT-FOR-US: Schneider Electric M340 modules
-CVE-2013-2762
+CVE-2013-2762 (The Schneider Electric Magelis XBT HMI controller has a default passwo ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2013-2761
+CVE-2013-2761 (The Schneider Electric M340 BMXNOE01xx and BMXP3420xx PLC modules allo ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2013-2760
+CVE-2013-2760 (Buffer overflow in Groovy Media Player 3.2.0 allows remote attackers t ...)
 	NOT-FOR-US: Groovy Media Player
 CVE-2013-2759
 	RESERVED
-CVE-2013-2758
+CVE-2013-2758 (Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerl ...)
 	NOT-FOR-US: CloudStack
-CVE-2013-2757
+CVE-2013-2757 (Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 P ...)
 	NOT-FOR-US: Citrix
-CVE-2013-2756
+CVE-2013-2756 (Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerl ...)
 	NOT-FOR-US: CloudStack
 CVE-2013-2755
 	RESERVED
-CVE-2013-2754
+CVE-2013-2754 (Cross-site request forgery (CSRF) vulnerability in Umisoft UMI.CMS bef ...)
 	NOT-FOR-US: Umisoft UMI.CMS
 CVE-2013-2753
 	RESERVED
-CVE-2013-2752
+CVE-2013-2752 (Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_ha ...)
 	NOT-FOR-US: NETGEAR ReadyNAS RAIDiator
-CVE-2013-2751
+CVE-2013-2751 (Eval injection vulnerability in frontview/lib/np_handler.pl in the Fro ...)
 	NOT-FOR-US: NETGEAR ReadyNAS RAIDiator
-CVE-2013-2750
+CVE-2013-2750 (Cross-site scripting (XSS) vulnerability in e107_plugins/content/handl ...)
 	NOT-FOR-US: e107
 CVE-2013-2749
 	REJECTED
 CVE-2013-2748
 	RESERVED
-CVE-2013-2747
+CVE-2013-2747 (The password reset feature in Courion Access Risk Management Suite Ver ...)
 	NOT-FOR-US: Courion Access Risk Management Suite
 CVE-2013-2746
 	RESERVED
@@ -12345,13 +12345,13 @@ CVE-2013-2745 [SQL Injection]
 	- minidlna 1.1.2+dfsg-1 (low; bug #717131)
 	[wheezy] - minidlna <no-dsa> (Minor issue, DLNA only used in a trusted context)
 	NOTE: http://www.securityfocus.com/archive/1/527299/30/0
-CVE-2013-2744
+CVE-2013-2744 (importbuddy.php in the BackupBuddy plugin 2.2.25 for WordPress allows  ...)
 	NOT-FOR-US: BackupBuddy plugin for WordPress
-CVE-2013-2743
+CVE-2013-2743 (importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28 ...)
 	NOT-FOR-US: BackupBuddy plugin for WordPress
-CVE-2013-2742
+CVE-2013-2742 (importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28 ...)
 	NOT-FOR-US: BackupBuddy plugin for WordPress
-CVE-2013-2741
+CVE-2013-2741 (importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28 ...)
 	NOT-FOR-US: BackupBuddy plugin for WordPress
 CVE-2013-2740
 	RESERVED
@@ -12365,113 +12365,113 @@ CVE-2013-2738 [SQL Injection]
 	- minidlna 1.1.2+dfsg-1 (low; bug #717131)
 	NOTE: http://www.securityfocus.com/archive/1/527299/30/0
 	[wheezy] - minidlna <no-dsa> (Minor issue, DLNA only used in a trusted context)
-CVE-2013-2737
+CVE-2013-2737 (A JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x be ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2736
+CVE-2013-2736 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2735
+CVE-2013-2735 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2734
+CVE-2013-2734 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2733
+CVE-2013-2733 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x bef ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2732
+CVE-2013-2732 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2731
+CVE-2013-2731 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2730
+CVE-2013-2730 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x bef ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2729
+CVE-2013-2729 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x be ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2728
+CVE-2013-2728 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-2727
+CVE-2013-2727 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x be ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2726
+CVE-2013-2726 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2725
+CVE-2013-2725 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2724
+CVE-2013-2724 (Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2723
+CVE-2013-2723 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2722
+CVE-2013-2722 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2721
+CVE-2013-2721 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2720
+CVE-2013-2720 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2719
+CVE-2013-2719 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2718
+CVE-2013-2718 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2717
+CVE-2013-2717 (Multiple unspecified vulnerabilities in the System Management (aka Sys ...)
 	NOT-FOR-US: EMC
-CVE-2013-2716
+CVE-2013-2716 (Puppet Labs Puppet Enterprise before 2.8.0 does not use a "randomized  ...)
 	NOT-FOR-US: Puppet Labs Puppet Enterprise
-CVE-2013-2715
+CVE-2013-2715 (Cross-site scripting (XSS) vulnerability in the admin view in the Sear ...)
 	NOT-FOR-US: Drupal module search_api
 CVE-2013-2714
 	RESERVED
-CVE-2013-2713
+CVE-2013-2713 (Cross-site request forgery (CSRF) vulnerability in users_maint.html in ...)
 	NOT-FOR-US: KrisonAV
-CVE-2013-2712
+CVE-2013-2712 (Cross-site scripting (XSS) vulnerability in services/get_article.php i ...)
 	NOT-FOR-US: KrisonAV
 CVE-2013-2711
 	RESERVED
-CVE-2013-2710
+CVE-2013-2710 (Cross-site request forgery (CSRF) vulnerability in the Contextual Rela ...)
 	NOT-FOR-US: WordPress plugin Contextual Related Posts
-CVE-2013-2709
+CVE-2013-2709 (Cross-site request forgery (CSRF) vulnerability in the FourSquare Chec ...)
 	NOT-FOR-US: WordPress plugin FourSquare Checkins
-CVE-2013-2708
+CVE-2013-2708 (Cross-site request forgery (CSRF) vulnerability in the Content Slide p ...)
 	NOT-FOR-US: WordPress plugin Content Slide
-CVE-2013-2707
+CVE-2013-2707 (Cross-site request forgery (CSRF) vulnerability in the Login With Ajax ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2013-2706
+CVE-2013-2706 (Cross-site request forgery (CSRF) vulnerability in the Stream Video Pl ...)
 	NOT-FOR-US: WordPress plugin Stream Video Player
-CVE-2013-2705
+CVE-2013-2705 (Cross-site request forgery (CSRF) vulnerability in the WordPress Simpl ...)
 	NOT-FOR-US: WordPress plugin Simple Paypal Shopping Cart
-CVE-2013-2704
+CVE-2013-2704 (Cross-site request forgery (CSRF) vulnerability in the Dropdown Menu W ...)
 	NOT-FOR-US: WordPress plugin Dropdown Menu Widget
-CVE-2013-2703
+CVE-2013-2703 (Cross-site request forgery (CSRF) vulnerability in the Facebook Member ...)
 	NOT-FOR-US: Facebook Members plugin for WordPres
-CVE-2013-2702
+CVE-2013-2702 (Cross-site request forgery (CSRF) vulnerability in the Easy AdSense Li ...)
 	NOT-FOR-US: Easy AdSense Lite plugin for WordPress
-CVE-2013-2701
+CVE-2013-2701 (Cross-site request forgery (CSRF) vulnerability in the Social Sharing  ...)
 	NOT-FOR-US: social sharing toolkit plugin for wp
-CVE-2013-2700
+CVE-2013-2700 (Cross-site request forgery (CSRF) vulnerability in the Add/Edit page ( ...)
 	NOT-FOR-US: WordPress plugin WP125
-CVE-2013-2699
+CVE-2013-2699 (Cross-site request forgery (CSRF) vulnerability in the underConstructi ...)
 	NOT-FOR-US: WordPress plugin underConstruction
-CVE-2013-2698
+CVE-2013-2698 (Cross-site request forgery (CSRF) vulnerability in the Calendar plugin ...)
 	NOT-FOR-US: WordPress plugin calendar
-CVE-2013-2697
+CVE-2013-2697 (Cross-site request forgery (CSRF) vulnerability in the WP-DownloadMana ...)
 	NOT-FOR-US: Wordpress plugin Downloadmanager
-CVE-2013-2696
+CVE-2013-2696 (Cross-site request forgery (CSRF) vulnerability in the All in One Webm ...)
 	NOT-FOR-US: WordPress plugin All in One Webmaster
-CVE-2013-2695
+CVE-2013-2695 (Cross-site scripting (XSS) vulnerability in invite.php in the WP Sympo ...)
 	NOT-FOR-US: WordPress plugin wp-symposium
-CVE-2013-2694
+CVE-2013-2694 (Open redirect vulnerability in invite.php in the WP Symposium plugin 1 ...)
 	NOT-FOR-US: WordPress plugin wp-symposium
-CVE-2013-2693
+CVE-2013-2693 (Cross-site request forgery (CSRF) vulnerability in the Options in the  ...)
 	NOT-FOR-US: WordPress plugin WP-Print
-CVE-2013-2692
+CVE-2013-2692 (Cross-site request forgery (CSRF) vulnerability in the Admin web inter ...)
 	NOT-FOR-US: OpenVPN Access Server
-CVE-2013-2691
+CVE-2013-2691 (Stack-based buffer overflow in the JetMPG.ax module in jetAudio 8.0.17 ...)
 	NOT-FOR-US: jetAudio
-CVE-2013-2690
+CVE-2013-2690 (SQL injection vulnerability in index.php in Synchroweb Technology SynC ...)
 	NOT-FOR-US: Synchroweb Technology SynConnect 2.0
 CVE-2013-2689
 	RESERVED
-CVE-2013-2688
+CVE-2013-2688 (Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5 ...)
 	NOT-FOR-US: QNX Software Development Platform
-CVE-2013-2687
+CVE-2013-2687 (Stack-based buffer overflow in the bpe_decompress function in (1) Blac ...)
 	NOT-FOR-US: QNX
-CVE-2013-2686
+CVE-2013-2686 (main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1. ...)
 	- asterisk 1:1.8.13.1~dfsg-2 (bug #704114)
 	[squeeze] - asterisk <not-affected> (httpd code does not read HTTP POST variables)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-20967
-CVE-2013-2685
+CVE-2013-2685 (Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk  ...)
 	- asterisk <not-affected> (H264 code not yet present)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-20901
 CVE-2013-2684
@@ -12500,9 +12500,9 @@ CVE-2013-2673
 	RESERVED
 CVE-2013-2672
 	RESERVED
-CVE-2013-2671
+CVE-2013-2671 (Multiple cross-site scripting (XSS) vulnerabilities in the Brother MFC ...)
 	NOT-FOR-US: Brother printer
-CVE-2013-2670
+CVE-2013-2670 (Cross-site scripting (XSS) vulnerability in the Brother MFC-9970CDW pr ...)
 	NOT-FOR-US: Brother printer
 CVE-2013-2669
 	RESERVED
@@ -12536,11 +12536,11 @@ CVE-2013-2655
 	RESERVED
 CVE-2013-2654
 	RESERVED
-CVE-2013-2653
+CVE-2013-2653 (security/MemberLoginForm.php in SilverStripe 3.0.3 supports login usin ...)
 	- silverstripe <itp> (bug #528461)
-CVE-2013-2652
+CVE-2013-2652 (CRLF injection vulnerability in help/help_language.php in WebCollab 3. ...)
 	NOT-FOR-US: WebCollab
-CVE-2013-2651
+CVE-2013-2651 (Multiple cross-site scripting (XSS) vulnerabilities in BoltWire 3.5 an ...)
 	NOT-FOR-US: Boltwire
 CVE-2013-2650
 	RESERVED
@@ -12552,38 +12552,38 @@ CVE-2013-2647
 	RESERVED
 CVE-2013-2646
 	RESERVED
-CVE-2013-2645
+CVE-2013-2645 (Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-L ...)
 	NOT-FOR-US: TP-LINK Router
 CVE-2013-2644
 	REJECTED
-CVE-2013-2643
+CVE-2013-2643 (Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appl ...)
 	NOT-FOR-US: Sophos Web Appliance
-CVE-2013-2642
+CVE-2013-2642 (Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to exe ...)
 	NOT-FOR-US: Sophos Web Appliance
-CVE-2013-2641
+CVE-2013-2641 (Directory traversal vulnerability in patience.cgi in Sophos Web Applia ...)
 	NOT-FOR-US: Sophos Web Appliance
-CVE-2013-2640
+CVE-2013-2640 (ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress doe ...)
 	NOT-FOR-US: MailUp plugin for Wordpress
-CVE-2013-2639
+CVE-2013-2639 (Cross-site scripting (XSS) vulnerability in CTERA Cloud Storage OS bef ...)
 	NOT-FOR-US: CTERA Cloud Storage OS
 CVE-2013-2638
 	RESERVED
 CVE-2013-2637
 	RESERVED
-CVE-2013-2636
+CVE-2013-2636 (net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initiali ...)
 	- linux <not-affected> (Introduced in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
-CVE-2013-2635
+CVE-2013-2635 (The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux ker ...)
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
-CVE-2013-2634
+CVE-2013-2634 (net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize c ...)
 	{DSA-2668-1}
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
-CVE-2013-2633
+CVE-2013-2633 (Piwik before 1.11 accepts input from a POST request instead of a GET r ...)
 	- piwik <itp> (bug #506933)
-CVE-2013-2632
+CVE-2013-2632 (Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, ...)
 	- libv8 <removed>
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
@@ -12591,13 +12591,13 @@ CVE-2013-2632
 	NOTE: libv8 not covered by security support
 CVE-2013-2631
 	RESERVED
-CVE-2013-2630
+CVE-2013-2630 (Cross-site scripting (XSS) vulnerability in CA Service Desk Manager 12 ...)
 	NOT-FOR-US: CA Service Desk Manager
-CVE-2013-2629
+CVE-2013-2629 (Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers ...)
 	NOT-FOR-US: Leed
-CVE-2013-2628
+CVE-2013-2628 (Multiple cross-site request forgery (CSRF) vulnerabilities in action.p ...)
 	NOT-FOR-US: Leed
-CVE-2013-2627
+CVE-2013-2627 (SQL injection vulnerability in action.php in Leed (Light Feed), possib ...)
 	NOT-FOR-US: Leed
 CVE-2013-2626
 	RESERVED
@@ -12620,15 +12620,15 @@ CVE-2013-2621
 	NOT-FOR-US: Uebimiau Webmail
 CVE-2013-2620
 	RESERVED
-CVE-2013-2619
+CVE-2013-2619 (Directory traversal vulnerability in Aspen before 0.22 allows remote a ...)
 	NOT-FOR-US: Aspen
-CVE-2013-2618
+CVE-2013-2618 (Cross-site scripting (XSS) vulnerability in editor.php in Network Weat ...)
 	NOT-FOR-US: Network Weathermap
-CVE-2013-2617
+CVE-2013-2617 (lib/curl.rb in the Curl Gem for Ruby allows remote attackers to execut ...)
 	NOT-FOR-US: Ruby Curl gem
-CVE-2013-2616
+CVE-2013-2616 (lib/mini_magick.rb in the MiniMagick Gem 1.3.1 for Ruby allows remote  ...)
 	NOT-FOR-US: Ruby MiniMagick gem
-CVE-2013-2615
+CVE-2013-2615 (lib/entry_controller.rb in the fastreader Gem 1.0.8 for Ruby allows re ...)
 	NOT-FOR-US: Ruby fastreader gem
 CVE-2013-2614
 	RESERVED
@@ -12650,33 +12650,33 @@ CVE-2013-2606
 	RESERVED
 CVE-2013-2605
 	RESERVED
-CVE-2013-2604
+CVE-2013-2604 (RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Insta ...)
 	NOT-FOR-US: RealNetworks GameHouse RealArcade Installer
-CVE-2013-2603
+CVE-2013-2603 (The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in Re ...)
 	NOT-FOR-US: RealNetworks GameHouse RealArcade Installer
-CVE-2013-2602
+CVE-2013-2602 (Multiple array index errors in the MyHeritage SEQueryObject ActiveX co ...)
 	NOT-FOR-US: MyHeritage SEQueryObject ActiveX control
-CVE-2013-2601
+CVE-2013-2601 (The NDVM in Citrix XenClient XT before 2.1.3 and 3.x before 3.1.4 allo ...)
 	NOT-FOR-US: Citrix XenClient XT
 CVE-2013-2600 [MiniUPnPd information disclosure]
 	RESERVED
 	- miniupnpd 1.8.20130730-1 (bug #716936)
-CVE-2013-2599
+CVE-2013-2599 (A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonC ...)
 	NOT-FOR-US: Qualcomm (Android)
-CVE-2013-2598
+CVE-2013-2598 (app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed ...)
 	NOT-FOR-US: Little Kernel (bootloader)
-CVE-2013-2597
+CVE-2013-2597 (Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c ...)
 	NOT-FOR-US: Android Linux kernel (affects {sound/soc/,arch/arm/mach-}msm/qdsp6v2)
 	NOTE: https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-acdb-audio-driver-cve-2013-2597
-CVE-2013-2596
+CVE-2013-2596 (Integer overflow in the fb_mmap function in drivers/video/fbmem.c in t ...)
 	- linux 3.9-1
 	[wheezy] - linux 3.2.46-1
 	NOTE: the issue comes from fbmem code from linux mainline, the exploit was just targetting motorola
 	NOTE: phones that ship code that is based on the original linux code, but both are affected.
 	NOTE: an exploit needs access to /dev/fb0 which is not world readable/writable on Debian
-CVE-2013-2595
+CVE-2013-2595 (The device-initialization functionality in the MSM camera driver for t ...)
 	NOT-FOR-US: Qualcomm MSM Camera driver
-CVE-2013-2594
+CVE-2013-2594 (SQL injection vulnerability in reports/calldiary.php in Hornbill Suppo ...)
 	NOT-FOR-US: Supportworks ITSM
 CVE-2013-2593
 	RESERVED
@@ -12692,27 +12692,27 @@ CVE-2013-2588
 	RESERVED
 CVE-2013-2587
 	RESERVED
-CVE-2013-2586
+CVE-2013-2586 (XAMPP 1.8.1 does not properly restrict access to xampp/lang.php, which ...)
 	NOT-FOR-US: XAMPPP
-CVE-2013-2585
+CVE-2013-2585 (Cross-site scripting (XSS) vulnerability in Atmail Webmail Server 6.6. ...)
 	- atmailopen <removed>
 CVE-2013-2584
 	RESERVED
-CVE-2013-2583
+CVE-2013-2583 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Ap ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-2582
+CVE-2013-2582 (CRLF injection vulnerability in the redirect servlet in Open-Xchange A ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-2581
+CVE-2013-2581 (cgi-bin/firmwareupgrade in TP-Link IP Cameras TL-SC3130, TL-SC3130G, T ...)
 	NOT-FOR-US: TP-Link IP Cameras
-CVE-2013-2580
+CVE-2013-2580 (Unrestricted file upload vulnerability in cgi-bin/uploadfile in TP-Lin ...)
 	NOT-FOR-US: TP-Link IP Cameras
-CVE-2013-2579
+CVE-2013-2579 (TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and p ...)
 	NOT-FOR-US: TP-Link IP Cameras
-CVE-2013-2578
+CVE-2013-2578 (cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, T ...)
 	NOT-FOR-US: TP-Link IP Cameras
-CVE-2013-2577
+CVE-2013-2577 (Buffer overflow in XnView before 2.04 allows remote attackers to execu ...)
 	NOT-FOR-US: XnView
-CVE-2013-2576
+CVE-2013-2576 (Buffer overflow in Artweaver before 3.1.6 allows remote attackers to c ...)
 	NOT-FOR-US: Artweaver
 CVE-2013-2575
 	RESERVED
@@ -12733,51 +12733,51 @@ CVE-2013-2568
 	RESERVED
 CVE-2013-2567
 	RESERVED
-CVE-2013-2566
+CVE-2013-2566 (The RC4 algorithm, as used in the TLS protocol and SSL protocol, has m ...)
 	NOTE: Generic protocol flaw in RC4
-CVE-2013-2565
+CVE-2013-2565 (A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, edit ...)
 	NOT-FOR-US: Mambo CMS
-CVE-2013-2564
+CVE-2013-2564 (Mambo CMS 4.6.5 allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: Mambo CMS
-CVE-2013-2563
+CVE-2013-2563 (Mambo CMS 4.6.5 uses world-readable permissions on configuration.php,  ...)
 	NOT-FOR-US: Mambo CMS
-CVE-2013-2562
+CVE-2013-2562 (Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the ...)
 	NOT-FOR-US: Mambo CMS
-CVE-2013-2561
+CVE-2013-2561 (OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary fi ...)
 	- ibutils 1.5.7-2 (low; bug #704063)
 	[squeeze] - ibutils <no-dsa> (Minor issue)
 	[wheezy] - ibutils <no-dsa> (Minor issue)
-CVE-2013-2560
+CVE-2013-2560 (Directory traversal vulnerability in the web interface on Foscam devic ...)
 	NOT-FOR-US: Foscam
-CVE-2013-2559
+CVE-2013-2559 (SQL injection vulnerability in Symphony CMS before 2.3.2 allows remote ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2013-2558
+CVE-2013-2558 (Unspecified vulnerability in Microsoft Windows 8 allows remote attacke ...)
 	NOT-FOR-US: Windows 8
-CVE-2013-2557
+CVE-2013-2557 (The sandbox protection mechanism in Microsoft Internet Explorer 9 allo ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2013-2556
+CVE-2013-2556 (Unspecified vulnerability in Microsoft Windows Vista SP2, Windows Serv ...)
 	NOT-FOR-US: Windows 7
-CVE-2013-2555
+CVE-2013-2555 (Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x bef ...)
 	NOT-FOR-US: Adobe Flash plugin
-CVE-2013-2554
+CVE-2013-2554 (Unspecified vulnerability in Microsoft Windows 7 allows attackers to b ...)
 	NOT-FOR-US: Windows 7
-CVE-2013-2553
+CVE-2013-2553 (Unspecified vulnerability in the kernel in Microsoft Windows 7 allows  ...)
 	NOT-FOR-US: Windows 7
-CVE-2013-2552
+CVE-2013-2552 (Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2013-2551
+CVE-2013-2551 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2013-2550
+CVE-2013-2550 (Unspecified vulnerability in Adobe Reader 11.0.02 allows attackers to  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2549
+CVE-2013-2549 (Unspecified vulnerability in Adobe Reader 11.0.02 allows remote attack ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2548
+CVE-2013-2548 (The crypto_report_one function in crypto/crypto_user.c in the report A ...)
 	- linux 3.2.41-1 (low)
 	- linux-2.6 <not-affected> (Introduced in 3.2)
-CVE-2013-2547
+CVE-2013-2547 (The crypto_report_one function in crypto/crypto_user.c in the report A ...)
 	- linux 3.2.41-1 (low)
 	- linux-2.6 <not-affected> (Introduced in 3.2)
-CVE-2013-2546
+CVE-2013-2546 (The report API in the crypto user configuration API in the Linux kerne ...)
 	- linux 3.2.41-1 (low)
 	- linux-2.6 <not-affected> (Introduced in 3.2)
 CVE-2013-2545
@@ -12838,7 +12838,7 @@ CVE-2013-2518
 	REJECTED
 CVE-2013-2517
 	REJECTED
-CVE-2013-2516
+CVE-2013-2516 (Vulnerability in FileUtils v0.7, Ruby Gem Fileutils &lt;= v0.7 Command ...)
 	- ruby-fileutils <itp> (bug #900515)
 CVE-2013-2515
 	RESERVED
@@ -12856,15 +12856,15 @@ CVE-2013-2509
 	RESERVED
 CVE-2013-2508
 	RESERVED
-CVE-2013-2507
+CVE-2013-2507 (Multiple cross-site scripting (XSS) vulnerabilities in the Brother MFC ...)
 	NOT-FOR-US: Brother
-CVE-2013-2506
+CVE-2013-2506 (app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x before 1. ...)
 	NOT-FOR-US: Spree
 CVE-2013-2505
 	RESERVED
-CVE-2013-2504
+CVE-2013-2504 (Cross-site scripting (XSS) vulnerability in SPS/Portal/default.aspx in ...)
 	NOT-FOR-US: Matrix42 Service Store
-CVE-2013-2503
+CVE-2013-2503 (Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and  ...)
 	- privoxy 3.0.21-1 (low; bug #702896)
 	[wheezy] - privoxy <no-dsa> (Minor issue)
 	[squeeze] - privoxy <no-dsa> (Minor issue)
@@ -12872,31 +12872,31 @@ CVE-2013-2503
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/ChangeLog?revision=1.188&view=markup
 CVE-2013-2502
 	RESERVED
-CVE-2013-2501
+CVE-2013-2501 (Cross-site scripting (XSS) vulnerability in the Terillion Reviews plug ...)
 	NOT-FOR-US: Terillion Reviews plugin for Wordpress
 CVE-2013-2500
 	RESERVED
 CVE-2013-2499
 	RESERVED
-CVE-2013-2498
+CVE-2013-2498 (SQL injection vulnerability in the login page in flexycms/modules/user ...)
 	NOT-FOR-US: SimpleHRM
 CVE-2013-2497
 	RESERVED
-CVE-2013-2496
+CVE-2013-2496 (The msrle_decode_8_16_24_32 function in msrledec.c in libavcodec in FF ...)
 	- libav 6:0.8.6-1 (bug #703200)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
-CVE-2013-2495
+CVE-2013-2495 (The iff_read_header function in iff.c in libavformat in FFmpeg through ...)
 	- libav 6:0.8.6-1 (bug #703200)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
-CVE-2013-2494
+CVE-2013-2494 (libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to ...)
 	- isc-dhcp 4.2.4-6 (low; bug #704426)
 	[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u6
 	[squeeze] - isc-dhcp <not-affected> (Only affects 4.2.x)
-CVE-2013-2493
+CVE-2013-2493 (The Hook_Terminate function in chrome_frame/protocol_sink_wrap.cc in t ...)
 	NOT-FOR-US: Google Chrome Frame plugin for Internet Explorer
-CVE-2013-2492
+CVE-2013-2492 (Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 185 ...)
 	{DSA-2648-1 DSA-2647-1}
 	- firebird2.1 <unfixed> (bug #702735)
 	- firebird2.5 2.5.2~svn+54698.ds4-2 (bug #702736)
@@ -12907,14 +12907,14 @@ CVE-2013-2490
 	RESERVED
 CVE-2013-2489
 	RESERVED
-CVE-2013-2488
+CVE-2013-2488 (The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1 ...)
 	{DSA-2644-1}
 	- wireshark 1.8.2-5
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-22.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8380
 	NOTE: Versions affected: 1.8.0 to 1.8.X, 1.6.0 to 1.6.X
-CVE-2013-2487
+CVE-2013-2487 (epan/dissectors/packet-reload.c in the REsource LOcation And Discovery ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (only 1.8.x series)
@@ -12922,7 +12922,7 @@ CVE-2013-2487
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364
 	NOTE: Versions affected: 1.8.0 to 1.8.5
 	NOTE: Not suitable for code injection
-CVE-2013-2486
+CVE-2013-2486 (The dissect_diagnosticrequest function in epan/dissectors/packet-reloa ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (only 1.8.x series)
@@ -12930,21 +12930,21 @@ CVE-2013-2486
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364
 	NOTE: Versions affected: 1.8.0 to 1.8.5
 	NOTE: Not suitable for code injection
-CVE-2013-2485
+CVE-2013-2485 (The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1 ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-20.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8359
 	NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
 	NOTE: Not suitable for code injection
-CVE-2013-2484
+CVE-2013-2484 (The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1 ...)
 	{DSA-2644-1}
 	- wireshark 1.8.2-5
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-19.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8346
 	NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
-CVE-2013-2483
+CVE-2013-2483 (The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the A ...)
 	{DSA-2644-1}
 	- wireshark 1.8.2-5 (unimportant)
 	[wheezy] - wireshark 1.8.2-5wheezy1
@@ -12952,14 +12952,14 @@ CVE-2013-2483
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8340
 	NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
 	NOTE: Not suitable for code injection
-CVE-2013-2482
+CVE-2013-2482 (The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1 ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-17.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8337
 	NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
 	NOTE: Not suitable for code injection
-CVE-2013-2481
+CVE-2013-2481 (Integer signedness error in the dissect_mount_dirpath_call function in ...)
 	{DSA-2644-1}
 	- wireshark 1.8.2-5 (unimportant)
 	[wheezy] - wireshark 1.8.2-5wheezy1
@@ -12967,14 +12967,14 @@ CVE-2013-2481
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8335
 	NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
 	NOTE: Not suitable for code injection
-CVE-2013-2480
+CVE-2013-2480 (The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8 ...)
 	{DSA-2644-1}
 	- wireshark 1.8.2-5
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-15.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8332
 	NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
-CVE-2013-2479
+CVE-2013-2479 (The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mp ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
@@ -12982,21 +12982,21 @@ CVE-2013-2479
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8039
 	NOTE: Versions affected: 1.8.0 to 1.8.5
 	NOTE: Not suitable for code injection
-CVE-2013-2478
+CVE-2013-2478 (The dissect_server_info function in epan/dissectors/packet-ms-mms.c in ...)
 	{DSA-2644-1}
 	- wireshark 1.8.2-5
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-13.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8382
 	NOTE: announce mentions: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
-CVE-2013-2477
+CVE-2013-2477 (The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly  ...)
 	- wireshark 1.8.2-5
 	[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-12.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8383
 	NOTE: Versions affected: 1.8.0 to 1.8.5
-CVE-2013-2476
+CVE-2013-2476 (The dissect_hartip function in epan/dissectors/packet-hartip.c in the  ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
@@ -13004,7 +13004,7 @@ CVE-2013-2476
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8360
 	NOTE: Versions affected: 1.8.0 to 1.8.5
 	NOTE: Not suitable for code injection
-CVE-2013-2475
+CVE-2013-2475 (The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attack ...)
 	- wireshark 1.8.2-5
 	[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
 	[wheezy] - wireshark 1.8.2-5wheezy1
@@ -13013,490 +13013,490 @@ CVE-2013-2475
 	NOTE: Versions affected: 1.8.0 to 1.8.5
 CVE-2013-2474
 	RESERVED
-CVE-2013-2473
+CVE-2013-2473 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2472
+CVE-2013-2472 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2471
+CVE-2013-2471 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2470
+CVE-2013-2470 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2469
+CVE-2013-2469 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2468
+CVE-2013-2468 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2467
+CVE-2013-2467 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java 5)
 	- openjdk-7 <not-affected> (Only affects Java 5)
-CVE-2013-2466
+CVE-2013-2466 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2465
+CVE-2013-2465 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2464
+CVE-2013-2464 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-2463
+CVE-2013-2463 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2462
+CVE-2013-2462 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2461
+CVE-2013-2461 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2460
+CVE-2013-2460 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2722-1}
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2459
+CVE-2013-2459 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2458
+CVE-2013-2458 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2722-1}
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2457
+CVE-2013-2457 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 <not-affected> (Only applies to Java 7)
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2456
+CVE-2013-2456 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2455
+CVE-2013-2455 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2454
+CVE-2013-2454 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2722-1}
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2453
+CVE-2013-2453 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-7 7u25-2.3.10-1
 	- openjdk-6 6b27-1.12.6-1
-CVE-2013-2452
+CVE-2013-2452 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2451
+CVE-2013-2451 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2450
+CVE-2013-2450 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2449
+CVE-2013-2449 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2722-1}
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2448
+CVE-2013-2448 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2447
+CVE-2013-2447 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2446
+CVE-2013-2446 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2445
+CVE-2013-2445 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2444
+CVE-2013-2444 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2443
+CVE-2013-2443 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-7 7u25-2.3.10-1
 	- openjdk-6 6b27-1.12.6-1
-CVE-2013-2442
+CVE-2013-2442 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2441
+CVE-2013-2441 (Unspecified vulnerability in the Agile EDM component in Oracle Supply  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2013-2440
+CVE-2013-2440 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2439
+CVE-2013-2439 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Installation performed differently for Linux distros)
 	- openjdk-7 <not-affected> (Installation performed differently for Linux distros)
-CVE-2013-2438
+CVE-2013-2438 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-2437
+CVE-2013-2437 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2436
+CVE-2013-2436 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 <not-affected> (Only affects Java7)
-CVE-2013-2435
+CVE-2013-2435 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2434
+CVE-2013-2434 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-2433
+CVE-2013-2433 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2432
+CVE-2013-2432 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-2431
+CVE-2013-2431 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 <not-affected> (Only affects Java7)
-CVE-2013-2430
+CVE-2013-2430 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-2429
+CVE-2013-2429 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-2428
+CVE-2013-2428 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-2427
+CVE-2013-2427 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-2426
+CVE-2013-2426 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 <not-affected> (Only affects Java 7)
-CVE-2013-2425
+CVE-2013-2425 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only applies to Java 7)
 	- openjdk-7 <not-affected> (Installation performed differently for Linux distros)
-CVE-2013-2424
+CVE-2013-2424 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-2423
+CVE-2013-2423 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 <not-affected> (Only applies to Java 7)
-CVE-2013-2422
+CVE-2013-2422 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-2421
+CVE-2013-2421 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 <not-affected> (Only affects Java 7)
-CVE-2013-2420
+CVE-2013-2420 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-2419
+CVE-2013-2419 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-3187-1 DLA-219-1}
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
 	- icu 52.1-1
-CVE-2013-2418
+CVE-2013-2418 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2417
+CVE-2013-2417 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-2416
+CVE-2013-2416 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2415
+CVE-2013-2415 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java 7)
-CVE-2013-2414
+CVE-2013-2414 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-2413
+CVE-2013-2413 (Unspecified vulnerability in the Siebel Enterprise Application Integra ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-2412
+CVE-2013-2412 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-7 7u25-2.3.10-1
 	- openjdk-6 6b27-1.12.6-1
-CVE-2013-2411
+CVE-2013-2411 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle Primavera Products
-CVE-2013-2410
+CVE-2013-2410 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2409
+CVE-2013-2409 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2408
+CVE-2013-2408 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2407
+CVE-2013-2407 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-2406
+CVE-2013-2406 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2405
+CVE-2013-2405 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle Primavera Products
-CVE-2013-2404
+CVE-2013-2404 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2403
+CVE-2013-2403 (Unspecified vulnerability in the Siebel Enterprise Application Integra ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-2402
+CVE-2013-2402 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2401
+CVE-2013-2401 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2400
+CVE-2013-2400 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-2399
+CVE-2013-2399 (Unspecified vulnerability in the Siebel Call Center component in Oracl ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-2398
+CVE-2013-2398 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-2397
+CVE-2013-2397 (Unspecified vulnerability in the Oracle Retail Central Office componen ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-2396
+CVE-2013-2396 (Unspecified vulnerability in the Oracle Applications Manager component ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-2395
+CVE-2013-2395 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows re ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
-CVE-2013-2394
+CVE-2013-2394 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-2393
+CVE-2013-2393 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-2392
+CVE-2013-2392 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 a ...)
 	{DSA-2780-1 DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-2391
+CVE-2013-2391 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 a ...)
 	{DSA-2780-1 DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-2390
+CVE-2013-2390 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-2389
+CVE-2013-2389 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 a ...)
 	{DSA-2780-1 DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <removed>
-CVE-2013-2388
+CVE-2013-2388 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-2387
+CVE-2013-2387 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-2386
+CVE-2013-2386 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-2385
+CVE-2013-2385 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-2384
+CVE-2013-2384 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-3187-1 DLA-219-1}
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
 	- icu 52.1-1
-CVE-2013-2383
+CVE-2013-2383 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-3187-1 DLA-219-1}
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
 	- icu 52.1-1
-CVE-2013-2382
+CVE-2013-2382 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-2381
+CVE-2013-2381 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows re ...)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
-CVE-2013-2380
+CVE-2013-2380 (Unspecified vulnerability in the Oracle JRockit component in Oracle Fu ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-2379
+CVE-2013-2379 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-2378
+CVE-2013-2378 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 a ...)
 	{DSA-2780-1}
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-2377
+CVE-2013-2377 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-2376
+CVE-2013-2376 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.1 ...)
 	{DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 and 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-2375
+CVE-2013-2375 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 a ...)
 	{DSA-2780-1 DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-2374
+CVE-2013-2374 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-2373
+CVE-2013-2373 (The Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x befo ...)
 	NOT-FOR-US: TIBCO Spotfire Web Player
-CVE-2013-2372
+CVE-2013-2372 (Cross-site scripting (XSS) vulnerability in the Engine in TIBCO Spotfi ...)
 	NOT-FOR-US: TIBCO Spotfire Web Player
-CVE-2013-2371
+CVE-2013-2371 (The Web API in the Statistics Server in TIBCO Spotfire Statistics Serv ...)
 	NOT-FOR-US: TIBCO Spotfire Statistics
-CVE-2013-2370
+CVE-2013-2370 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote  ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-2369
+CVE-2013-2369 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote  ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-2368
+CVE-2013-2368 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote  ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2013-2367
+CVE-2013-2367 (Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21,  ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2013-2366
+CVE-2013-2366 (Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch  ...)
 	NOT-FOR-US: HP Business Process Monitor
-CVE-2013-2365
+CVE-2013-2365 (HP Database and Middleware Automation (DMA) 10.x before 10.10, when SS ...)
 	NOT-FOR-US: HP DMA
-CVE-2013-2364
+CVE-2013-2364 (Cross-site scripting (XSS) vulnerability in HP System Management Homep ...)
 	NOT-FOR-US: HP SMH
-CVE-2013-2363
+CVE-2013-2363 (HP System Management Homepage (SMH) before 7.2.1 allows remote attacke ...)
 	NOT-FOR-US: HP SMH
-CVE-2013-2362
+CVE-2013-2362 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP SMH
-CVE-2013-2361
+CVE-2013-2361 (Cross-site scripting (XSS) vulnerability in HP System Management Homep ...)
 	NOT-FOR-US: HP SMH
-CVE-2013-2360
+CVE-2013-2360 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP SMH
-CVE-2013-2359
+CVE-2013-2359 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP SMH
-CVE-2013-2358
+CVE-2013-2358 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP SMH
-CVE-2013-2357
+CVE-2013-2357 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...)
 	NOT-FOR-US: HP SMH
-CVE-2013-2356
+CVE-2013-2356 (HP System Management Homepage (SMH) before 7.2.1 allows remote attacke ...)
 	NOT-FOR-US: HP SMH
-CVE-2013-2355
+CVE-2013-2355 (HP System Management Homepage (SMH) before 7.2.1 allows remote attacke ...)
 	NOT-FOR-US: HP SMH
 CVE-2013-2354
 	REJECTED
-CVE-2013-2353
+CVE-2013-2353 (Unspecified vulnerability in HP StoreOnce D2D Backup System 1.x before ...)
 	NOT-FOR-US: HP
-CVE-2013-2352
+CVE-2013-2352 (LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage d ...)
 	NOT-FOR-US: HP
-CVE-2013-2351
+CVE-2013-2351 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, 9. ...)
 	NOT-FOR-US: HP Network Node Manager
-CVE-2013-2350
+CVE-2013-2350 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows rem ...)
 	NOT-FOR-US: Data Protector
-CVE-2013-2349
+CVE-2013-2349 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows rem ...)
 	NOT-FOR-US: Data Protector
-CVE-2013-2348
+CVE-2013-2348 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows rem ...)
 	NOT-FOR-US: Data Protector
-CVE-2013-2347
+CVE-2013-2347 (The Backup Client Service (OmniInet.exe) in HP Storage Data Protector  ...)
 	NOT-FOR-US: Data Protector
-CVE-2013-2346
+CVE-2013-2346 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows rem ...)
 	NOT-FOR-US: Data Protector
-CVE-2013-2345
+CVE-2013-2345 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows rem ...)
 	NOT-FOR-US: Data Protector
-CVE-2013-2344
+CVE-2013-2344 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows rem ...)
 	NOT-FOR-US: Data Protector
-CVE-2013-2343
+CVE-2013-2343 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hyd ...)
 	NOT-FOR-US: HP
-CVE-2013-2342
+CVE-2013-2342 (The HP StoreOnce D2D backup system with software before 3.0.0 has a de ...)
 	NOT-FOR-US: HP StoreOnce D2D backup system
-CVE-2013-2341
+CVE-2013-2341 (Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, J ...)
 	NOT-FOR-US: HP
-CVE-2013-2340
+CVE-2013-2340 (Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, J ...)
 	NOT-FOR-US: HP
-CVE-2013-2339
+CVE-2013-2339 (HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Cli ...)
 	NOT-FOR-US: HP Smart Zero Client
-CVE-2013-2338
+CVE-2013-2338 (Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) car ...)
 	NOT-FOR-US: HP Integrated Lights-Out
-CVE-2013-2337
+CVE-2013-2337 (Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, 9 ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2013-2336
+CVE-2013-2336 (HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8 ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2013-2335
+CVE-2013-2335 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2334
+CVE-2013-2334 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2333
+CVE-2013-2333 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2332
+CVE-2013-2332 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2331
+CVE-2013-2331 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2330
+CVE-2013-2330 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2329
+CVE-2013-2329 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2328
+CVE-2013-2328 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2327
+CVE-2013-2327 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2326
+CVE-2013-2326 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2325
+CVE-2013-2325 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2324
+CVE-2013-2324 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.0 ...)
 	NOT-FOR-US: HP Storage Data Protector
-CVE-2013-2323
+CVE-2013-2323 (HP SQL/MX 3.0 through 3.2 on NonStop servers, when SQL/MP Objects are  ...)
 	NOT-FOR-US: HP
-CVE-2013-2322
+CVE-2013-2322 (HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are  ...)
 	NOT-FOR-US: HP
-CVE-2013-2321
+CVE-2013-2321 (Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tie ...)
 	NOT-FOR-US: HP Service Manager
 CVE-2013-2320
 	RESERVED
-CVE-2013-2319
+CVE-2013-2319 (FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.5 ...)
 	NOT-FOR-US: FileMaker Pro
-CVE-2013-2318
+CVE-2013-2318 (The Content Provider in the MovatwiTouch application before 1.793 and  ...)
 	NOT-FOR-US: MovatwiTouch
-CVE-2013-2317
+CVE-2013-2317 (The Sleipnir Mobile application 2.9.1 and earlier and Sleipnir Mobile  ...)
 	NOT-FOR-US: Sleipnir Mobile
-CVE-2013-2316
+CVE-2013-2316 (The Yahoo! Browser application 1.4.4 and earlier for Android allows re ...)
 	NOT-FOR-US: Yahoo! Browser application for Android
-CVE-2013-2315
+CVE-2013-2315 (data/class/pages/forgot/LC_Page_Forgot.php in LOCKON EC-CUBE 2.11.0 th ...)
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-2314
+CVE-2013-2314 (Cross-site scripting (XSS) vulnerability in the adminAuthorization fun ...)
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-2313
+CVE-2013-2313 (Session fixation vulnerability in LOCKON EC-CUBE 2.11.0 through 2.12.3 ...)
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-2312
+CVE-2013-2312 (Cross-site scripting (XSS) vulnerability in the shopping-cart screen i ...)
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2013-2311
+CVE-2013-2311 (Cross-site scripting (XSS) vulnerability in static/js/share.js (aka th ...)
 	- web2py <not-affected> (Vulnerable code not present)
-CVE-2013-2310
+CVE-2013-2310 (SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP  ...)
 	NOT-FOR-US: SoftBank Wi-Fi Spot Configuration Software
-CVE-2013-2309
+CVE-2013-2309 (Cross-site scripting (XSS) vulnerability in the management screen in O ...)
 	NOT-FOR-US: OpenPNE
-CVE-2013-2308
+CVE-2013-2308 (The (1) OWA Helper and (2) OSG Lite programs in SoftBank Online Servic ...)
 	NOT-FOR-US: SoftBank Online Service Gate
-CVE-2013-2307
+CVE-2013-2307 (The Yahoo! Browser application before 1.4.3 for Android allows remote  ...)
 	NOT-FOR-US: Yahoo! Browser application for Android
-CVE-2013-2306
+CVE-2013-2306 (The jigbrowser+ application before 1.6.4 for Android does not properly ...)
 	NOT-FOR-US: jigbrowser+ application for Android
-CVE-2013-2305
+CVE-2013-2305 (Cross-site request forgery (CSRF) vulnerability in Cybozu Office befor ...)
 	NOT-FOR-US: Cybozu
-CVE-2013-2304
+CVE-2013-2304 (The Sleipnir Mobile application 2.8.0 and earlier and Sleipnir Mobile  ...)
 	NOT-FOR-US: Sleipnir
-CVE-2013-2303
+CVE-2013-2303 (Sleipnir 4.0.0.4000 and earlier on Windows allows remote attackers to  ...)
 	NOT-FOR-US: Sleipnir
-CVE-2013-2302
+CVE-2013-2302 (TransWARE Active! mail 6, when an external public interface is used, a ...)
 	NOT-FOR-US: TransWARE Active! mail
-CVE-2013-2301
+CVE-2013-2301 (The OMRON OpenWnn application before 1.3.6 for Android uses weak permi ...)
 	NOT-FOR-US: OpenWnn application
-CVE-2013-2300
+CVE-2013-2300 (The FlickWnn (aka OpenWnn/Flick support) application 2.02 and earlier  ...)
 	NOT-FOR-US: FlickWnn Android App
-CVE-2013-2299
+CVE-2013-2299 (Cross-site scripting (XSS) vulnerability in Advantech WebAccess (forme ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2013-2298
+CVE-2013-2298 (Multiple stack-based buffer overflows in the XML parser in BOINC 7.x a ...)
 	- boinc 7.0.65+dfsg-1 (low)
 	[wheezy] - boinc <no-dsa> (Minor issue, only exploitable by a rogue BOINC server)
 	[squeeze] - boinc <no-dsa> (Minor issue, only exploitable by a rogue BOINC server)
 	NOTE: http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git;a=commitdiff;h=2fea03824925cbcb976f4191f4d8321e41a4d95b
-CVE-2013-2297
+CVE-2013-2297 (Eucalyptus EuStore sets a blank root password in the default configura ...)
 	- eucalyptus <removed>
-CVE-2013-2296
+CVE-2013-2296 (Walrus in Eucalyptus before 3.2.2 does not verify authorization for th ...)
 	- eucalyptus <removed> (bug #707592)
 	NOTE: commit: https://github.com/eucalyptus/eucalyptus/commit/da7bb8b7c15d453e62df38eff5c12d0998e6eab1
 	NOTE: https://eucalyptus.atlassian.net/browse/EUCA-3074
@@ -13505,19 +13505,19 @@ CVE-2013-2295
 CVE-2013-2294
 	RESERVED
 	NOT-FOR-US: ViewGit
-CVE-2013-2293
+CVE-2013-2293 (The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before ...)
 	- bitcoin 0.8.1-2 (bug #705265)
-CVE-2013-2292
+CVE-2013-2292 (bitcoind and Bitcoin-Qt 0.8.0 and earlier allow remote attackers to ca ...)
 	- bitcoin 0.8.1-1
 CVE-2013-2291
 	RESERVED
-CVE-2013-2290
+CVE-2013-2290 (Cross-site scripting (XSS) vulnerability in the dashboard of the Aruba ...)
 	NOT-FOR-US: Aruba Networks ArubaOS
-CVE-2013-2289
+CVE-2013-2289 (Cross-site scripting (XSS) vulnerability in admin/templates/default.ph ...)
 	NOT-FOR-US: Batavi
 CVE-2013-2288
 	RESERVED
-CVE-2013-2287
+CVE-2013-2287 (Multiple cross-site scripting (XSS) vulnerabilities in views/notify.ph ...)
 	NOT-FOR-US: WordPress plugin Uploader
 CVE-2013-2286
 	RESERVED
@@ -13533,50 +13533,50 @@ CVE-2013-2281
 	RESERVED
 CVE-2013-2280
 	RESERVED
-CVE-2013-2279
+CVE-2013-2279 (CA SiteMinder Federation (FSS) 12.5, 12.0, and r6; Federation (Standal ...)
 	NOT-FOR-US: CA SiteMinder
-CVE-2013-2278
+CVE-2013-2278 (Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when runni ...)
 	NOT-FOR-US: War FTP Daemon
-CVE-2013-2277
+CVE-2013-2277 (The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcod ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.6-1 (bug #703200)
-CVE-2013-2276
+CVE-2013-2276 (The avcodec_decode_audio4 function in utils.c in libavcodec in FFmpeg  ...)
 	- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
 	- libav <not-affected> (Doesn't affect libav, specific to current ffmpeg)
-CVE-2013-2275
+CVE-2013-2275 (The default configuration for puppet masters 0.25.0 and later in Puppe ...)
 	{DSA-2643-1}
 	- puppet 2.7.18-3
-CVE-2013-2274
+CVE-2013-2274 (Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 al ...)
 	{DSA-2643-1}
 	- puppet 2.7-1
 	NOTE: Only affects puppet 2.6.x
-CVE-2013-2273
+CVE-2013-2273 (bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0  ...)
 	- bitcoin 0.8.1-1
-CVE-2013-2272
+CVE-2013-2272 (The penny-flooding protection mechanism in the CTxMemPool::accept meth ...)
 	- bitcoin 0.8.1-2 (bug #705266)
-CVE-2013-2271
+CVE-2013-2271 (The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active admi ...)
 	NOT-FOR-US: D-Link DSL-2740B Gateway
-CVE-2013-2270
+CVE-2013-2270 (Cross-site scripting (XSS) vulnerability in the administration page in ...)
 	NOT-FOR-US: Airvana
-CVE-2013-2269
+CVE-2013-2269 (The Sponsorship Confirmation functionality in Aruba Networks ClearPass ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2013-2268
+CVE-2013-2268 (Unspecified vulnerability in the MathML implementation in WebKit in Go ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <not-affected> (Vulnerable code not present)
 	NOTE: MathML added in chromium 24.x, disabled again in 25.x
 CVE-2013-2267
 	RESERVED
-CVE-2013-2266
+CVE-2013-2266 (libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5 ...)
 	{DSA-2656-1}
 	- bind9 1:9.8.4.dfsg.P1-6+nmu1 (bug #704174)
 CVE-2013-2265
 	RESERVED
-CVE-2013-2264
+CVE-2013-2264 (The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2,  ...)
 	- asterisk 1:1.8.13.1~dfsg-2 (low; bug #704114)
 	[squeeze] - asterisk <no-dsa> (Minor information leak)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-21013
-CVE-2013-2263
+CVE-2013-2263 (Unspecified vulnerability in Citrix Access Gateway Standard Edition 5. ...)
 	NOT-FOR-US: Citrix Access Gateway
 CVE-2013-2262
 	RESERVED
@@ -13596,7 +13596,7 @@ CVE-2013-2258
 CVE-2013-2257
 	RESERVED
 	NOT-FOR-US: Cryptocat
-CVE-2013-2256
+CVE-2013-2256 (OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 do ...)
 	- nova 2013.1.2-3 (bug #718905)
 	[wheezy] - nova <not-affected> (Affected code not present)
 CVE-2013-2255 [Inconsistent and non-validating HTTPS client]
@@ -13605,78 +13605,78 @@ CVE-2013-2255 [Inconsistent and non-validating HTTPS client]
 	[wheezy] - keystone <no-dsa> (Minor issue)
 	- swift <not-affected> (See https://bugs.launchpad.net/keystone/+bug/1188189/comments/5)
 	NOTE: Fixes for keystone: https://review.openstack.org/#/c/76476/
-CVE-2013-2254
+CVE-2013-2254 (The deepGetOrCreateNode function in impl/operations/AbstractCreateOper ...)
 	NOT-FOR-US: Apache Sling
 CVE-2013-2253
 	RESERVED
 CVE-2013-2252
 	RESERVED
-CVE-2013-2251
+CVE-2013-2251 (Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute  ...)
 	- libstruts1.2-java <not-affected> (Only affect 2.x)
-CVE-2013-2250
+CVE-2013-2250 (Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05 ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2013-2249
+CVE-2013-2249 (mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Ser ...)
 	- apache2 2.4.6-1
 	[wheezy] - apache2 <not-affected> (mod_session_dbd available apache 2.3 and later only)
 	[squeeze] - apache2 <not-affected> (mod_session_dbd available apache 2.3 and later only)
-CVE-2013-2248
+CVE-2013-2248 (Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through  ...)
 	- libstruts1.2-java <not-affected> (Only affect 2.x)
-CVE-2013-2247
+CVE-2013-2247 (The Fast Permissions Administration module 6.x-2.x before 6.x-2.5 and  ...)
 	NOT-FOR-US: Fast Permissions Administration Drupal contributed module
-CVE-2013-2246
+CVE-2013-2246 (mod/feedback/lib.php in Moodle through 2.1.10, 2.2.x before 2.2.11, 2. ...)
 	- moodle 2.5.1-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232503
-CVE-2013-2245
+CVE-2013-2245 (rss/file.php in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x befo ...)
 	- moodle 2.5.1-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232502
-CVE-2013-2244
+CVE-2013-2244 (Multiple cross-site scripting (XSS) vulnerabilities in lib/conditionli ...)
 	- moodle <not-affected> (Only affects 2.4.x and 2.5.x)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232501
-CVE-2013-2243
+CVE-2013-2243 (mod/lesson/pagetypes/matching.php in Moodle through 2.2.11, 2.3.x befo ...)
 	- moodle 2.5.1-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232500
-CVE-2013-2242
+CVE-2013-2242 (mod/chat/gui_sockets/index.php in Moodle through 2.1.10, 2.2.x before  ...)
 	- moodle 2.5.1-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232498
-CVE-2013-2241
+CVE-2013-2241 (modules/gallery/helpers/data_rest.php in Gallery 3 before 3.0.9 allows ...)
 	- gallery3 <itp> (bug #511715)
-CVE-2013-2240
+CVE-2013-2240 (lib/flowplayer.swf.php in Gallery 3 before 3.0.9 does not properly rem ...)
 	- gallery3 <itp> (bug #511715)
-CVE-2013-2239
+CVE-2013-2239 (vzkernel before 042stab080.2 in the OpenVZ modification for the Linux  ...)
 	{DSA-2766-1}
 	- linux-2.6 <removed> (low)
 	- linux <not-affected> (openvz flavour no longer included after Squeeze)
-CVE-2013-2238
+CVE-2013-2238 (Multiple buffer overflows in the switch_perform_substitution function  ...)
 	- freeswitch <itp> (bug #389591)
-CVE-2013-2237
+CVE-2013-2237 (The key_notify_policy_flush function in net/key/af_key.c in the Linux  ...)
 	{DSA-2766-1 DSA-2745-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.9.4-1 (low)
 	NOTE: https://github.com/torvalds/linux/commit/85dfb745ee40232876663ae206cba35f24ab2a40
-CVE-2013-2236
+CVE-2013-2236 (Stack-based buffer overflow in the new_msg_lsa_change_notify function  ...)
 	{DSA-2803-1}
 	- quagga 0.99.22.4-1 (bug #726724)
 	NOTE: http://lists.quagga.net/pipermail/quagga-dev/2013-July/010621.html
 CVE-2013-2235
 	RESERVED
-CVE-2013-2234
+CVE-2013-2234 (The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions  ...)
 	{DSA-2766-1 DSA-2745-1}
 	- linux-2.6 <removed>
 	- linux 3.10.1-1
-CVE-2013-2233
+CVE-2013-2233 (Ansible before 1.2.1 makes it easier for remote attackers to conduct m ...)
 	- ansible 1.3.4+dfsg-1 (bug #714822)
 	NOTE: https://github.com/ansible/ansible/issues/857
-CVE-2013-2232
+CVE-2013-2232 (The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux ke ...)
 	{DSA-2766-1 DSA-2745-1}
 	- linux-2.6 <removed>
 	- linux 3.10.1-1
-CVE-2013-2231
+CVE-2013-2231 (Unquoted Windows search path vulnerability in the QEMU Guest Agent ser ...)
 	- qemu <not-affected> (Only affects win32 build)
-CVE-2013-2230
+CVE-2013-2230 (The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows re ...)
 	- libvirt 1.1.0-3 (bug #715559)
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced in with commit abf75aea)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced in with commit abf75aea)
@@ -13691,41 +13691,41 @@ CVE-2013-2227 [local file inclusion]
 	RESERVED
 	- glpi 0.83.91-1 (bug #714720; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2013-2226
+CVE-2013-2226 (Multiple SQL injection vulnerabilities in GLPI before 0.83.9 allow rem ...)
 	- glpi 0.83.91-1 (bug #714720; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2013-2225
+CVE-2013-2225 (inc/ticket.class.php in GLPI 0.83.9 and earlier allows remote attacker ...)
 	- glpi 0.83.91-1 (bug #714720; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2013-2224
+CVE-2013-2224 (A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterpr ...)
 	- linux-2.6 <not-affected> (Caused by RHEL backport)
 	- linux <not-affected> (Caused by RHEL backport)
-CVE-2013-2223
+CVE-2013-2223 (GNU ZRTPCPP before 3.2.0 allows remote attackers to obtain sensitive i ...)
 	- libzrtpcpp 2.3.4-1 (bug #714650)
 	[squeeze] - libzrtpcpp <no-dsa> (Minor issue)
 	[wheezy] - libzrtpcpp <no-dsa> (Minor issue)
-CVE-2013-2222
+CVE-2013-2222 (Multiple stack-based buffer overflows in GNU ZRTPCPP before 3.2.0 allo ...)
 	- libzrtpcpp 2.3.4-1 (bug #714650)
 	[squeeze] - libzrtpcpp <no-dsa> (Minor issue)
 	[wheezy] - libzrtpcpp <no-dsa> (Minor issue)
-CVE-2013-2221
+CVE-2013-2221 (Heap-based buffer overflow in the ZRtp::storeMsgTemp function in GNU Z ...)
 	- libzrtpcpp 2.3.4-1 (bug #714650)
 	[squeeze] - libzrtpcpp <no-dsa> (Minor issue)
 	[wheezy] - libzrtpcpp <no-dsa> (Minor issue)
-CVE-2013-2220
+CVE-2013-2220 (Buffer overflow in the radius_get_vendor_attr function in the Radius e ...)
 	{DSA-2726-1}
 	- php-radius 1.2.5-2.4 (bug #714362)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/06/28/2
-CVE-2013-2219
+CVE-2013-2219 (The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server ...)
 	- 389-ds-base 1.3.2.9-1 (bug #718325)
-CVE-2013-2218
+CVE-2013-2218 (Double free vulnerability in the virConnectListAllInterfaces method in ...)
 	- libvirt 1.1.0-1 (bug #714699)
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced in 1.0.6)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced in 1.0.6)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced in 1.0.6)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=244e0b8cf15ca2ef48d82058e728656e6c4bad11
 	NOTE: Vulnerable code introduced in http://libvirt.org/git/?p=libvirt.git;a=commit;h=7ac2c4fe624f30f2c8270116513fa2ddab07631f
-CVE-2013-2217
+CVE-2013-2217 (cache.py in Suds 0.4, when tempdir is set to None, allows local users  ...)
 	- suds 0.4.1-8 (low; bug #714340)
 	[squeeze] - suds 0.3.9-1+deb6u1
 	[wheezy] - suds 0.4.1-5+deb7u1
@@ -13733,7 +13733,7 @@ CVE-2013-2216
 	RESERVED
 CVE-2013-2215
 	REJECTED
-CVE-2013-2214
+CVE-2013-2214 (status.cgi in Nagios 4.0 before 4.0 beta4 and 3.x before 3.5.1 does no ...)
 	- nagios3 3.4.1-4 (low)
 	[wheezy] - nagios3 3.4.1-3+deb7u1
 	[squeeze] - nagios3 <no-dsa> (disputed, minor issue)
@@ -13741,107 +13741,107 @@ CVE-2013-2214
 CVE-2013-2213 [KRandom::random() Small Space of Random Values]
 	RESERVED
 	- kdeplasma-addons <not-affected> (only affects if incomplete patch for CVE-2013-2120 is applied)
-CVE-2013-2212
+CVE-2013-2212 (The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling ca ...)
 	- xen 4.3.0-1 (unimportant)
 	NOTE: Hardware design flaw, no software solution
 	NOTE: http://xenbits.xen.org/xsa/advisory-60.html
-CVE-2013-2211
+CVE-2013-2211 (The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2 ...)
 	{DSA-3006-1}
 	- xen 4.3.0-1
 	[squeeze] - xen <not-affected> (libxl not packaged in squeeze)
-CVE-2013-2210
+CVE-2013-2210 (Heap-based buffer overflow in the XML Signature Reference functionalit ...)
 	{DSA-2717-1}
 	- xml-security-c 1.6.1-7 (bug #714241)
 	NOTE: http://santuario.apache.org/secadv.data/CVE-2013-2210.txt
-CVE-2013-2209
+CVE-2013-2209 (Cross-site scripting (XSS) vulnerability in the auto-complete widget i ...)
 	NOT-FOR-US: Reviewboard (this was once in experimental, but removed later on)
-CVE-2013-2208
+CVE-2013-2208 (tpp 1.3.1 allows remote attackers to execute arbitrary commands via a  ...)
 	- tpp 1.3.1-3 (low; bug #706644)
 	[squeeze] - tpp <no-dsa> (Minor issue)
 	[wheezy] - tpp <no-dsa> (Minor issue)
-CVE-2013-2207
+CVE-2013-2207 (pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not pr ...)
 	- eglibc <removed>
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	- glibc 2.21-1 (low; bug #717544)
 	[jessie] - glibc 2.19-18+deb8u4
 	NOTE: Patch: https://sourceware.org/git/?p=glibc.git;a=commit;h=e4608715e6e1dd2adc91982fd151d5ba4f761d69
-CVE-2013-2206
+CVE-2013-2206 (The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in th ...)
 	{DSA-2766-1}
 	- linux-2.6 <removed>
 	- linux 3.9.4-1
 	[wheezy] - linux 3.2.46-1
-CVE-2013-2205
+CVE-2013-2205 (The default configuration of SWFUpload in WordPress before 3.5.2 has a ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2204
+CVE-2013-2204 (moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media  ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2203
+CVE-2013-2203 (WordPress before 3.5.2, when the uploads directory forbids write acces ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2202
+CVE-2013-2202 (WordPress before 3.5.2 allows remote attackers to read arbitrary files ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2201
+CVE-2013-2201 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress befor ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2200
+CVE-2013-2200 (WordPress before 3.5.2 does not properly check the capabilities of rol ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2199
+CVE-2013-2199 (The HTTP API in WordPress before 3.5.2 allows remote attackers to send ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2198
 	RESERVED
 	NOT-FOR-US: Login Security Drupal contributed module
-CVE-2013-2197
+CVE-2013-2197 (The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7. ...)
 	NOT-FOR-US: Login Security Drupal contributed module
-CVE-2013-2196
+CVE-2013-2196 (Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen ...)
 	{DSA-3006-1}
 	- xen 4.3.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-2195
+CVE-2013-2195 (The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest adm ...)
 	{DSA-3006-1}
 	- xen 4.3.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-2194
+CVE-2013-2194 (Multiple integer overflows in the Elf parser (libelf) in Xen 4.2.x and ...)
 	{DSA-3006-1}
 	- xen 4.3.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-2193
+CVE-2013-2193 (Apache HBase 0.92.x before 0.92.3 and 0.94.x before 0.94.9, when the K ...)
 	NOT-FOR-US: Apache HBase
 	NOTE: There was the package in unstable, but never in a release, see #630821
-CVE-2013-2192
+CVE-2013-2192 (The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alph ...)
 	NOT-FOR-US: Apache Hadoop
 	NOTE: There was the package in unstable, but never in a release, see 630820
-CVE-2013-2191
+CVE-2013-2191 (python-bugzilla before 0.9.0 does not validate X.509 certificates, whi ...)
 	NOT-FOR-US: python-bugzilla
-CVE-2013-2190
+CVE-2013-2190 (The translate_hierarchy_event function in x11/clutter-device-manager-x ...)
 	- clutter-1.0 1.14.4-3 (low; bug #714264)
 	[squeeze] - clutter-1.0 <no-dsa> (Minor issue)
 	[wheezy] - clutter-1.0 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=701974
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=954054
-CVE-2013-2189
+CVE-2013-2189 (Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to caus ...)
 	- libreoffice 1:3.4.3-1 (unimportant)
 	- openoffice.org 1:3.3.0-1 (unimportant)
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package
 	NOTE: Plain crasher, not treated as security issue
-CVE-2013-2188
+CVE-2013-2188 (A certain Red Hat patch to the do_filp_open function in fs/namei.c in  ...)
 	- linux-2.6 <not-affected> (RHEL-specific issue)
 	- linux <not-affected> (RHEL-specific issue)
-CVE-2013-2187
+CVE-2013-2187 (Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through ...)
 	NOT-FOR-US: Apache Archiva
-CVE-2013-2186
+CVE-2013-2186 (The DiskFileItem class in Apache Commons FileUpload, as used in Red Ha ...)
 	{DSA-2827-1}
 	- libcommons-fileupload-java 1.3-2.1 (bug #726601)
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2013-2185
+CVE-2013-2185 (** DISPUTED ** The readObject method in the DiskFileItem class in Apac ...)
 	NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=974813
 	NOTE: http://www.openwall.com/lists/oss-security/2013/09/05/4
-CVE-2013-2184
+CVE-2013-2184 (Movable Type before 5.2.6 does not properly use the Storable::thaw fun ...)
 	{DSA-3183-1}
 	- movabletype-opensource 5.2.7+dfsg-1 (bug #712602)
 	[squeeze] - movabletype-opensource <no-dsa> (Minor issue)
@@ -13851,41 +13851,41 @@ CVE-2013-2183
 	RESERVED
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
-CVE-2013-2182
+CVE-2013-2182 (The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5 ...)
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
-CVE-2013-2181
+CVE-2013-2181 (Cross-site scripting (XSS) vulnerability in the Directory Listing plug ...)
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
 CVE-2013-2180
 	RESERVED
 	NOT-FOR-US: uk-cookie Wordpress plugin
-CVE-2013-2179
+CVE-2013-2179 (X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing ...)
 	- xdm <not-affected> (Not affected when PAM is used)
 	[squeeze] - xdm <not-affected> (same as above and glibc too old)
 	[wheezy] - xdm <not-affected> (same as above and glibc too old)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/06/11/5
-CVE-2013-2178
+CVE-2013-2178 (The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and ap ...)
 	{DSA-2708-1}
 	- fail2ban 0.8.10-1
-CVE-2013-2177
+CVE-2013-2177 (Cross-site scripting (XSS) vulnerability in the Display Suite module 7 ...)
 	NOT-FOR-US: third party drupal module (Display Suite)
-CVE-2013-2176
+CVE-2013-2176 (Unquoted Windows search path vulnerability in the Red Hat Enterprise V ...)
 	NOT-FOR-US: Red Hat Enterprise Virtualization Apt service
-CVE-2013-2175
+CVE-2013-2175 (HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to ...)
 	{DSA-2711-1}
 	- haproxy 1.4.24-1
-CVE-2013-2174
+CVE-2013-2174 (Heap-based buffer overflow in the curl_easy_unescape function in lib/e ...)
 	{DSA-2713-1}
 	- curl 7.31.0-1
-CVE-2013-2173
+CVE-2013-2173 (wp-includes/class-phpass.php in WordPress 3.5.1, when a password-prote ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2172
+CVE-2013-2172 (jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache San ...)
 	{DSA-3065-1 DLA-85-1}
 	- libxml-security-java 1.5.5-2 (bug #720375)
 	NOTE: http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc
-CVE-2013-2171
+CVE-2013-2171 (The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementati ...)
 	{DSA-2714-1}
 	- kfreebsd-9 9.0-12 (bug #712664)
 	- kfreebsd-8 <not-affected> (Only affects 9.x)
@@ -13893,7 +13893,7 @@ CVE-2013-2170
 	REJECTED
 CVE-2013-2169
 	REJECTED
-CVE-2013-2168
+CVE-2013-2168 (The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix ...)
 	{DSA-2707-1}
 	- dbus 1.6.12-1
 	[squeeze] - dbus <not-affected> (Introduced in 1.4.16)
@@ -13905,133 +13905,133 @@ CVE-2013-2166 [middleware memcache encryption bypass]
 	RESERVED
 	- python-keystoneclient 1:0.2.5-2 (bug #713819)
 	[wheezy] - python-keystoneclient <not-affected> (Vulnerable code not present)
-CVE-2013-2165
+CVE-2013-2165 (ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementati ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2013-2164
+CVE-2013-2164 (The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the ...)
 	{DSA-2766-1 DSA-2745-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.9.8-1 (low)
-CVE-2013-2163
+CVE-2013-2163 (Monkey HTTP Daemon (monkeyd) before 1.2.2 allows remote attackers to c ...)
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
-CVE-2013-2162
+CVE-2013-2162 (Race condition in the post-installation script (mysql-server-5.5.posti ...)
 	{DSA-2818-1 DLA-75-1}
 	- mysql-5.5 5.5.35+dfsg-1 (low; bug #711600)
 	- mysql-5.1 <removed> (low)
 	[squeeze] - mysql-5.1 <no-dsa> (Minor issue, can be included in a future DSA)
-CVE-2013-2161
+CVE-2013-2161 (XML injection vulnerability in account/utils.py in OpenStack Swift Fol ...)
 	{DSA-2737-1}
 	- swift 1.8.0-6 (low; bug #712202)
 	[wheezy] - swift 1.4.8-2+deb7u1
-CVE-2013-2160
+CVE-2013-2160 (The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x befo ...)
 	NOT-FOR-US: Apache CXF
 CVE-2013-2159 [monkey broken authentication]
 	RESERVED
 	- monkey <removed>
 	[squeeze] - monkey <no-dsa> (Minor issue)
-CVE-2013-2158
+CVE-2013-2158 (Cross-site request forgery (CSRF) vulnerability in the Services module ...)
 	NOT-FOR-US: Services Drupal contributed modules
-CVE-2013-2157
+CVE-2013-2157 (OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when u ...)
 	- keystone 2013.1.2-1 (bug #712160)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
-CVE-2013-2156
+CVE-2013-2156 (Heap-based buffer overflow in the Exclusive Canonicalization functiona ...)
 	{DSA-2710-1}
 	- xml-security-c 1.6.1-6
-CVE-2013-2155
+CVE-2013-2155 (Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7. ...)
 	{DSA-2710-1}
 	- xml-security-c 1.6.1-6
-CVE-2013-2154
+CVE-2013-2154 (Stack-based buffer overflow in the XML Signature Reference functionali ...)
 	{DSA-2710-1}
 	- xml-security-c 1.6.1-6
-CVE-2013-2153
+CVE-2013-2153 (The XML digital signature functionality (xsec/dsig/DSIGReference.cpp)  ...)
 	{DSA-2710-1}
 	- xml-security-c 1.6.1-6
-CVE-2013-2152
+CVE-2013-2152 (Unquoted Windows search path vulnerability in the SPICE service, as us ...)
 	NOT-FOR-US: Spice service for Windows
-CVE-2013-2151
+CVE-2013-2151 (Unquoted Windows search path vulnerability in Red Hat Enterprise Virtu ...)
 	NOT-FOR-US: RHEV Agent for Windows
-CVE-2013-2150
+CVE-2013-2150 (Multiple cross-site scripting (XSS) vulnerabilities in js/viewer.js in ...)
 	- owncloud <not-affected> (affects only experimental version)
-CVE-2013-2149
+CVE-2013-2149 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
 	- owncloud 4.0.16debian-1 (bug #711517)
-CVE-2013-2148
+CVE-2013-2148 (The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c ...)
 	{DSA-2745-1}
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <not-affected> (fanotify introduced in 2.6.36)
 	- linux 3.9.8-1 (low)
-CVE-2013-2147
+CVE-2013-2147 (The HP Smart Array controller disk-array driver and Compaq SMART2 cont ...)
 	{DSA-2906-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.11.5-1 (low)
 	[wheezy] - linux 3.2.53-1
-CVE-2013-2146
+CVE-2013-2146 (arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before 3.8. ...)
 	- linux-2.6 <not-affected> (Introduced in 3.1)
 	- linux 3.9.4-1
 	[wheezy] - linux 3.2.46-1
-CVE-2013-2145
+CVE-2013-2145 (The cpansign verify functionality in the Module::Signature module befo ...)
 	- libmodule-signature-perl 0.73-1 (bug #711239)
 	[wheezy] - libmodule-signature-perl 0.68-1+deb7u1
 	[squeeze] - libmodule-signature-perl 0.63-1+squeeze1
-CVE-2013-2144
+CVE-2013-2144 (Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not  ...)
 	NOT-FOR-US: RHEV Manager
-CVE-2013-2143
+CVE-2013-2143 (The users controller in Katello 1.5.0-14 and earlier, and Red Hat Sate ...)
 	NOT-FOR-US: Katello
-CVE-2013-2142
+CVE-2013-2142 (userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME  ...)
 	- libimobiledevice 1.1.5-0.1 (low; bug #710885)
 	[squeeze] - libimobiledevice <not-affected> (Vulnerable code was introduced later)
 	[wheezy] - libimobiledevice <not-affected> (Vulnerable code was introduced later)
-CVE-2013-2141
+CVE-2013-2141 (The do_tkill function in kernel/signal.c in the Linux kernel before 3. ...)
 	{DSA-2766-1 DSA-2669-1}
 	- linux-2.6 <removed>
 	- linux 3.9.4-1
-CVE-2013-2140
+CVE-2013-2140 (The dispatch_discard_io function in drivers/block/xen-blkback/blkback. ...)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux 3.10.1-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2013-2139
+CVE-2013-2139 (Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows  ...)
 	{DSA-2840-1}
 	- srtp 1.4.5~20130609~dfsg-1 (bug #711163)
-CVE-2013-2138
+CVE-2013-2138 (The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0 ...)
 	- gallery <not-affected> (Old 1.5 version not affected)
-CVE-2013-2137
+CVE-2013-2137 (Cross-site scripting (XSS) vulnerability in the "View Log" screen in t ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2013-2136
+CVE-2013-2136 (Multiple cross-site scripting (XSS) vulnerabilities in Apache CloudSta ...)
 	NOT-FOR-US: Apache CloudStack
-CVE-2013-2135
+CVE-2013-2135 (Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arb ...)
 	- libstruts1.2-java <not-affected> (Only affects 2.x)
 	NOTE: http://struts.apache.org/release/2.3.x/docs/s2-015.html
-CVE-2013-2134
+CVE-2013-2134 (Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arb ...)
 	- libstruts1.2-java <not-affected> (Only affects 2.x)
 	NOTE: http://struts.apache.org/release/2.3.x/docs/s2-015.html
-CVE-2013-2133
+CVE-2013-2133 (The EJB invocation handler implementation in Red Hat JBossWS, as used  ...)
 	NOT-FOR-US: JBoss WS
-CVE-2013-2132
+CVE-2013-2132 (bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2 ...)
 	{DSA-2705-1}
 	- pymongo 2.5.2-1 (bug #710597)
 	[squeeze] - pymongo <not-affected> (bson module not present)
 	NOTE: https://jira.mongodb.org/browse/PYTHON-532
 	NOTE: https://github.com/mongodb/mongo-python-driver/commit/a060c15ef87e0f0e72974c7c0e57fe811bbd06a2
-CVE-2013-2131
+CVE-2013-2131 (Format string vulnerability in the rrdtool module 1.4.7 for Python, as ...)
 	- rrdtool 1.4.8-1 (unimportant; bug #708866)
 	NOTE: Non-issue, calling application need to perform sanitising
-CVE-2013-2130
+CVE-2013-2130 (ZNC 1.0 allows remote authenticated users to cause a denial of service ...)
 	- znc 1.0-5 (bug #720632)
 	[squeeze] - znc <not-affected> (Vulnerable code not present)
 	[wheezy] - znc <not-affected> (Vulnerable code not present)
-CVE-2013-2129
+CVE-2013-2129 (Cross-site scripting (XSS) vulnerability in the Webform module 6.x-3.x ...)
 	NOT-FOR-US: Webform Drupal contributed module
-CVE-2013-2128
+CVE-2013-2128 (The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel befor ...)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-24
 	- linux 2.6.35-1~experimental.1
 	NOTE: https://git.kernel.org/linus/baff42ab1494528907bf4d5870359e31711746ae
-CVE-2013-2127
+CVE-2013-2127 (Buffer overflow in the exposure correction code in LibRaw before 0.15. ...)
 	- libraw <not-affected> (Only affects 0.15, 0.15 was only in experimental)
 	- libkdcraw <not-affected> (embeds libraw 0.14)
 	- darktable <not-affected> (embeds libraw 0.14)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/28/3
 	NOTE: https://github.com/LibRaw/LibRaw/commit/2f912f5b33582961b1cdbd9fd828589f8b78f21d
-CVE-2013-2126
+CVE-2013-2126 (Multiple double free vulnerabilities in the LibRaw::unpack function in ...)
 	- libraw 0.15.3-1 (low; bug #710353)
 	[wheezy] - libraw <no-dsa> (Not suitable for code injection, minor issue)
 	[squeeze] - libraw <not-affected> (Vulnerable code not present)
@@ -14043,18 +14043,18 @@ CVE-2013-2126
 	[squeeze] - kdegraphics <not-affected> (embedded version of kdcraw+libraw too old)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/28/3
 	NOTE: https://github.com/LibRaw/LibRaw/commit/19ffddb0fe1a4ffdb459b797ffcf7f490d28b5a6
-CVE-2013-2125
+CVE-2013-2125 (OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which al ...)
 	- opensmtpd 5.3.3p1-1
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/18/8
-CVE-2013-2124
+CVE-2013-2124 (Double free vulnerability in inspect-fs.c in LibguestFS 1.20.x before  ...)
 	- libguestfs 1:1.20.8-1 (bug #710290)
 	[wheezy] - libguestfs <not-affected> (Vulnerable code not present)
 	NOTE: Introduced with commit https://github.com/libguestfs/libguestfs/commit/5a3da366268825b26b470cde35658b67c1d11cd4
-CVE-2013-2123
+CVE-2013-2123 (The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3 ...)
 	NOT-FOR-US: Node access user reference Drupal contributed module
-CVE-2013-2122
+CVE-2013-2122 (The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not prope ...)
 	NOT-FOR-US: Edit Limit Drupal contributed module
-CVE-2013-2121
+CVE-2013-2121 (Eval injection vulnerability in the create method in the Bookmarks con ...)
 	- foreman <itp> (bug #663101)
 CVE-2013-2120 [weak generated passwords]
 	RESERVED
@@ -14063,34 +14063,34 @@ CVE-2013-2120 [weak generated passwords]
 	[wheezy] - kdeplasma-addons <no-dsa> (Minor issue)
 	[squeeze] - kdeplasma-addons <no-dsa> (Minor issue)
 	NOTE: Original fix https://projects.kde.org/projects/kde/kdeplasma-addons/repository/revisions/36a1fe49cb70f717c4a6e9eeee2c9186503a8dce not sufficient
-CVE-2013-2119
+CVE-2013-2119 (Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby al ...)
 	- ruby-passenger 3.0.13debian-1.1 (low; bug #710351)
 	[wheezy] - ruby-passenger 3.0.13debian-1+deb7u1
-CVE-2013-2118
+CVE-2013-2118 (SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23  ...)
 	{DSA-2694-1}
 	- spip 2.1.22-1 (bug #709674)
-CVE-2013-2117
+CVE-2013-2117 (Directory traversal vulnerability in the cgit_parse_readme function in ...)
 	- cgit <not-affected> (Fixed before the initial upload into the archive)
-CVE-2013-2116
+CVE-2013-2116 (The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in G ...)
 	{DSA-2697-1}
 	- gnutls26 2.12.23-5 (bug #709301)
 	[squeeze] - gnutls26 <not-affected> (vulnerable code not backported)
-CVE-2013-2115
+CVE-2013-2115 (Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arb ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
-CVE-2013-2114
+CVE-2013-2114 (Unrestricted file upload vulnerability in the chunk upload API in Medi ...)
 	- mediawiki 1:1.19.7+dfsg-1
 	[squeeze] - mediawiki <not-affected> (Vulnerable code not present)
-CVE-2013-2113
+CVE-2013-2113 (The create method in app/controllers/users_controller.rb in Foreman be ...)
 	- foreman <itp> (bug #663101)
-CVE-2013-2112
+CVE-2013-2112 (The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.1 ...)
 	{DSA-2703-1}
 	- subversion 1.7.9-1+nmu2 (bug #711033)
 	NOTE: http://subversion.apache.org/security/CVE-2013-2112-advisory.txt
-CVE-2013-2111
+CVE-2013-2111 (The IMAP functionality in Dovecot before 2.2.2 allows remote attackers ...)
 	- dovecot <not-affected> (vulnerable code appeared in 2.2)
 	[squeeze] - dovecot <not-affected> (vulnerable code appeared in 2.2)
 	[wheezy] - dovecot  <not-affected> (vulnerable code appeared in 2.2)
-CVE-2013-2110
+CVE-2013-2110 (Heap-based buffer overflow in the php_quot_print_encode function in ex ...)
 	- php5 5.5.0~rc3+dfsg-1
 	[wheezy] - php5 <not-affected> (Vulnerable code not present)
 	[squeeze] - php5 <not-affected> (Vulnerable code not present)
@@ -14102,14 +14102,14 @@ CVE-2013-2109
 CVE-2013-2108
 	RESERVED
 	NOT-FOR-US: WordPress plugin wp-cleanfix
-CVE-2013-2107
+CVE-2013-2107 (Cross-site request forgery (CSRF) vulnerability in the Mail On Update  ...)
 	NOT-FOR-US: WordPress plugin mail-on-update
 CVE-2013-2106 [Authentication credential disclosure]
 	RESERVED
 	- webauth <not-affected> (vulnerable code only in 4.4.1 up to 4.5.2)
-CVE-2013-2105
+CVE-2013-2105 (The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local  ...)
 	NOT-FOR-US: Show In Browser Ruby Gem
-CVE-2013-2104
+CVE-2013-2104 (python-keystoneclient before 0.2.4, as used in OpenStack Keystone (Fol ...)
 	- keystone <not-affected> (Vulnerable code only in experimental versions of keystone)
 	[wheezy] - keystone <not-affected> (PKI token support not yet present)
 	- python-keystoneclient 1:0.2.5-1
@@ -14120,14 +14120,14 @@ CVE-2013-2104
 CVE-2013-2103
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2013-2102
+CVE-2013-2102 (The default configuration of Red Hat JBoss Portal before 6.1.0 enables ...)
 	NOT-FOR-US: GateIn Portal
 CVE-2013-2101
 	RESERVED
 	NOT-FOR-US: Katello
-CVE-2013-2100
+CVE-2013-2100 (The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage ...)
 	NOT-FOR-US: Gentoo Portage binary package installer
-CVE-2013-2099
+CVE-2013-2099 (Algorithmic complexity vulnerability in the ssl.match_hostname functio ...)
 	{DLA-1107-1}
 	- python2.7 2.7.5-5 (low; bug #709066)
 	[wheezy] - python2.7 <not-affected> (Backport was introduced in 2.7.3-11)
@@ -14157,13 +14157,13 @@ CVE-2013-2098
 CVE-2013-2097 [zPanel themes remote command execution as root]
 	RESERVED
 	NOT-FOR-US: zPanel
-CVE-2013-2096
+CVE-2013-2096 (OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify t ...)
 	- nova 2013.1.2-2 (low; bug #710157)
 	[wheezy] - nova <no-dsa> (Minor issue)
 CVE-2013-2095
 	RESERVED
 	NOT-FOR-US: openshift-origin-controller Ruby Gem
-CVE-2013-2094
+CVE-2013-2094 (The perf_swevent_init function in kernel/events/core.c in the Linux ke ...)
 	{DSA-2669-1}
 	- linux 3.8.11-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
@@ -14176,52 +14176,52 @@ CVE-2013-2092
 CVE-2013-2091
 	RESERVED
 	- dolibarr 3.3.4-1
-CVE-2013-2090
+CVE-2013-2090 (The set_meta_data function in lib/cremefraiche.rb in the Creme Fraiche ...)
 	NOT-FOR-US: Creme Fraiche Ruby Gem
-CVE-2013-2089
+CVE-2013-2089 (Incomplete blacklist vulnerability in ownCloud before 5.0.6 allows rem ...)
 	- owncloud <not-affected> (Only affects 5.0.x)
-CVE-2013-2088
+CVE-2013-2088 (contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23  ...)
 	- subversion 1.7.5-1 (unimportant)
 	NOTE: 1.7.5 upstream does not ship anymore the contrib/ directory
 	NOTE: both affected tools not installed into the binary packages
-CVE-2013-2087
+CVE-2013-2087 (Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 befor ...)
 	- gallery <not-affected> (Vulnerable code not present)
-CVE-2013-2086
+CVE-2013-2086 (The configuration loader in ownCloud 5.0.x before 5.0.6 allows remote  ...)
 	- owncloud <not-affected> (Only owncloud 5.0.x)
-CVE-2013-2085
+CVE-2013-2085 (Directory traversal vulnerability in apps/files_trashbin/index.php in  ...)
 	- owncloud <not-affected> (Only affects 5.0.x)
 CVE-2013-2084
 	RESERVED
-CVE-2013-2083
+CVE-2013-2083 (The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10 ...)
 	- moodle 2.5-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38885
-CVE-2013-2082
+CVE-2013-2082 (Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2. ...)
 	- moodle 2.5-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37245
-CVE-2013-2081
+CVE-2013-2081 (Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2. ...)
 	- moodle 2.5-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37822
-CVE-2013-2080
+CVE-2013-2080 (The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, ...)
 	- moodle 2.5-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37475
-CVE-2013-2079
+CVE-2013-2079 (mod/assign/locallib.php in the assignment module in Moodle 2.3.x befor ...)
 	- moodle <not-affected> (Only affects 2.3 and later)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38443
-CVE-2013-2078
+CVE-2013-2078 (Xen 4.0.2 through 4.0.4, 4.1.x, and 4.2.x allows local PV guest users  ...)
 	{DSA-3006-1}
 	- xen 4.2.2-1
 	[squeeze] - xen <not-affected> (No PVSAVE support in squeeze)
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-06/msg00000.html
-CVE-2013-2077
+CVE-2013-2077 (Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of ...)
 	{DSA-3006-1}
 	- xen 4.2.2-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-06/msg00001.html
-CVE-2013-2076
+CVE-2013-2076 (Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only sa ...)
 	{DSA-3006-1}
 	- xen 4.2.2-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
@@ -14229,59 +14229,59 @@ CVE-2013-2076
 CVE-2013-2075
 	RESERVED
 	- chicken <not-affected> (Incomplete fix was never applied)
-CVE-2013-2074
+CVE-2013-2074 (kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows att ...)
 	{DLA-952-1}
 	- kde4libs 4:4.10.5-1 (low; bug #707776)
 	[squeeze] - kde4libs <no-dsa> (Minor issue)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=319428
 	NOTE: https://cgit.kde.org/kdelibs.git/commit/?h=KDE/4.14&id=65d736dab592bced4410ccfa4699de89f78c96ca
 	NOTE: https://cgit.kde.org/kdelibs.git/commit/?h=KDE/4.14&id=898135a59d91184692ed1bcee8bb4c6d80d6f7b9
-CVE-2013-2073
+CVE-2013-2073 (Transifex command-line client before 0.9 does not validate X.509 certi ...)
 	- transifex-client 0.9-1 (low)
 	[wheezy] - transifex-client <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/oss-sec/2013/q2/394
-CVE-2013-2072
+CVE-2013-2072 (Buffer overflow in the Python bindings for the xc_vcpu_setaffinity cal ...)
 	{DSA-3041-1}
 	- xen 4.2.2-1 (low)
 	[squeeze] - xen <no-dsa> (Minor issue, can be postponed to the next Xen DSA)
 	[wheezy] - xen <no-dsa> (Minor issue, can be postponed to the next Xen DSA)
-CVE-2013-2071
+CVE-2013-2071 (java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7 ...)
 	{DSA-2897-1}
 	- tomcat7 7.0.40-1 (bug #707704)
 	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=54178
-CVE-2013-2070
+CVE-2013-2070 (http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and  ...)
 	{DSA-2721-1}
 	- nginx 1.4.1-1 (bug #708164)
 	[squeeze] - nginx <not-affected> (Vulnerable code not present)
-CVE-2013-2069
+CVE-2013-2069 (Red Hat livecd-tools before 13.4.4, 17.x before 17.17, 18.x before 18. ...)
 	NOT-FOR-US: Red Hat livecd-tools
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/23/2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=964299
-CVE-2013-2068
+CVE-2013-2068 (Multiple directory traversal vulnerabilities in the AgentController in ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2013-2067
+CVE-2013-2067 (java/org/apache/catalina/authenticator/FormAuthenticator.java in the f ...)
 	{DSA-2897-1 DSA-2725-1}
 	- tomcat7 7.0.33
 	- tomcat6 6.0.37
-CVE-2013-2066
+CVE-2013-2066 (Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to c ...)
 	{DSA-2674-1}
 	- libxv 2:1.0.7-1+deb7u1
-CVE-2013-2065
+CVE-2013-2065 ((1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 ...)
 	{DLA-235-1}
 	- ruby1.9.1 1.9.3.448-1 (low)
 	[wheezy] - ruby1.9.1 1.9.3.194-8.1+deb7u1
 	- ruby1.8 <not-affected> (Only affects 1.9 and 2.x)
 	NOTE: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=40732
-CVE-2013-2064
+CVE-2013-2064 (Integer overflow in X.org libxcb 1.9 and earlier allows X servers to t ...)
 	{DSA-2686-1}
 	- libxcb 1.8.1-2+deb7u1
-CVE-2013-2063
+CVE-2013-2063 (Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers t ...)
 	{DSA-2689-1}
 	- libxtst 2:1.2.1-1+deb7u1
-CVE-2013-2062
+CVE-2013-2062 (Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X se ...)
 	{DSA-2685-1}
 	- libxp 1:1.0.1-2+deb7u1
-CVE-2013-2061
+CVE-2013-2061 (The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, ...)
 	- openvpn 2.3.1-1 (low; bug #707329)
 	[squeeze] - openvpn 2.1.3-2+squeeze2
 	[wheezy] - openvpn 2.2.1-8+deb7u1
@@ -14289,11 +14289,11 @@ CVE-2013-2061
 CVE-2013-2060
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2013-2059
+CVE-2013-2059 (OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly bef ...)
 	- keystone 2013.1.1-2 (bug #707598)
 	[wheezy] - keystone 2012.1.1-13+wheezy1
 	NOTE: http://lists.openstack.org/pipermail/openstack-announce/2013-May/000099.html
-CVE-2013-2058
+CVE-2013-2058 (The host_start function in drivers/usb/chipidea/host.c in the Linux ke ...)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux 3.8-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -14301,84 +14301,84 @@ CVE-2013-2058
 CVE-2013-2057
 	RESERVED
 	NOT-FOR-US: YaBB
-CVE-2013-2056
+CVE-2013-2056 (The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Sate ...)
 	NOT-FOR-US: RHN Satellite
-CVE-2013-2055
+CVE-2013-2055 (Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x  ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2013-2054
+CVE-2013-2054 (Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3. ...)
 	- strongswan 4.3.4-1
 	NOTE: http://download.strongswan.org/patches/11_pluto_atodn_patch/CVE-2013-2054.txt
-CVE-2013-2053
+CVE-2013-2053 (Buffer overflow in the atodn function in Openswan before 2.6.39, when  ...)
 	{DSA-2893-1}
 	- openswan <removed> (low; bug #709144)
-CVE-2013-2052
+CVE-2013-2052 (Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when O ...)
 	- libreswan <not-affected> (Fixed before the initial upload to Debian)
 	NOTE: https://libreswan.org/security/CVE-2013-2052/CVE-2013-2052.txt
-CVE-2013-2051
+CVE-2013-2051 (The Tomcat 6 DIGEST authentication functionality as used in Red Hat En ...)
 	- tomcat6 <not-affected> (RedHat-specific issue)
 	- tomcat7 <not-affected> (RedHat-specific issue)
-CVE-2013-2050
+CVE-2013-2050 (SQL injection vulnerability in the miq_policy controller in Red Hat Cl ...)
 	NOT-FOR-US: CloudForms Management Engine
-CVE-2013-2049
+CVE-2013-2049 (Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers  ...)
 	NOT-FOR-US: CloudForms Management Engine
-CVE-2013-2048
+CVE-2013-2048 (ownCloud before 5.0.6 does not properly check permissions, which allow ...)
 	- owncloud <not-affected> (Only affects 5.0.x)
-CVE-2013-2047
+CVE-2013-2047 (The login page (aka index.php) in ownCloud before 5.0.6 does not disab ...)
 	- owncloud <not-affected> (Only 5.0.x)
-CVE-2013-2046
+CVE-2013-2046 (SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4. ...)
 	- owncloud <not-affected> (Only affects 4.5.x)
-CVE-2013-2045
+CVE-2013-2045 (SQL injection vulnerability in lib/db.php in ownCloud Server 5.0.x bef ...)
 	- owncloud <not-affected> (Only affects 5.0.x)
-CVE-2013-2044
+CVE-2013-2044 (Open redirect vulnerability in the Login Page (index.php) in ownCloud  ...)
 	- owncloud <not-affected> (Only 5.0.x)
-CVE-2013-2043
+CVE-2013-2043 (apps/calendar/ajax/events.php in ownCloud before 4.5.11 and 5.x before ...)
 	- owncloud <not-affected> (Only 5.0.x and 4.5.x)
-CVE-2013-2042
+CVE-2013-2042 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
 	- owncloud 4.0.15debian-1
-CVE-2013-2041
+CVE-2013-2041 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 5.0.x  ...)
 	- owncloud <not-affected> (Only affects 5.0.x)
-CVE-2013-2040
+CVE-2013-2040 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
 	- owncloud 4.0.15debian-1
-CVE-2013-2039
+CVE-2013-2039 (Directory traversal vulnerability in lib/files/view.php in ownCloud be ...)
 	- owncloud 4.0.15debian-1
-CVE-2013-2038
+CVE-2013-2038 (The NMEA0183 driver in gpsd before 3.9 allows remote attackers to caus ...)
 	- gpsd 3.6-5 (bug #706665)
 	[wheezy] - gpsd 3.6-4+deb7u1
 	[squeeze] - gpsd <no-dsa> (Minor issue)
 	NOTE: http://lists.nongnu.org/archive/html/gpsd-dev/2013-05/msg00000.html
-CVE-2013-2037
+CVE-2013-2037 (httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, ...)
 	- python-httplib2 0.8-2 (low; bug #706602)
 	[squeeze] - python-httplib2 <no-dsa> (Minor issue)
 	[wheezy] - python-httplib2 0.7.4-2+deb7u1
 	NOTE: http://openwall.com/lists/oss-security/2013/05/01/5
-CVE-2013-2036
+CVE-2013-2036 (Cross-site scripting (XSS) vulnerability in the Filebrowser module 6.x ...)
 	NOT-FOR-US: Drupal module Filebrowser
-CVE-2013-2035
+CVE-2013-2035 (Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni ...)
 	- hawtjni 1.10-1 (low; bug #708293)
 	[wheezy] - hawtjni 1.0~+git0c502e20c4-3+deb7u1
-CVE-2013-2034
+CVE-2013-2034 (Multiple cross-site request forgery (CSRF) vulnerabilities in Jenkins  ...)
 	- jenkins 1.509.2+dfsg-1 (bug #706725)
-CVE-2013-2033
+CVE-2013-2033 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS  ...)
 	- jenkins 1.509.2+dfsg-1 (bug #706725)
-CVE-2013-2032
+CVE-2013-2032 (MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extens ...)
 	{DSA-2891-1}
 	- mediawiki 1:1.19.6-1 (low; bug #706601)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=46590
-CVE-2013-2031
+CVE-2013-2031 (MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attacke ...)
 	{DSA-2891-1}
 	- mediawiki 1:1.19.6-1 (bug #706601)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=47304
-CVE-2013-2030
+CVE-2013-2030 (keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, a ...)
 	- nova <not-affected> (Option not present in nova/2012.1.1)
 	NOTE: http://lists.openstack.org/pipermail/openstack-announce/2013-May/000098.html
-CVE-2013-2029
+CVE-2013-2029 (nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others ...)
 	- nagios3 <not-affected> (Affected file nagios.upgrade_to_v3.sh not in Debian)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/04/30/8
-CVE-2013-2028
+CVE-2013-2028 (The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx  ...)
 	- nginx <not-affected> (Vulnerable code not present)
-CVE-2013-2027
+CVE-2013-2027 (Jython 2.2.1 uses the current umask to set the privileges of the class ...)
 	[experimental] - jython 2.7.0+repack-1
 	- jython 2.7.1+repack-1 (low; bug #777079)
 	[stretch] - jython <ignored> (Minor issue)
@@ -14391,7 +14391,7 @@ CVE-2013-2027
 	NOTE: which should not be in /usr beeing a cachedir.
 CVE-2013-2026
 	REJECTED
-CVE-2013-2025
+CVE-2013-2025 (Cross-site scripting (XSS) vulnerability in Ushahidi Platform 2.5.x th ...)
 	NOT-FOR-US: Ushahidi
 CVE-2013-2024 [OS command injection vulnerability in Chicken Scheme]
 	RESERVED
@@ -14399,22 +14399,22 @@ CVE-2013-2024 [OS command injection vulnerability in Chicken Scheme]
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	[squeeze] - chicken <no-dsa> (Minor issue)
 	NOTE: http://lists.nongnu.org/archive/html/chicken-announce/2013-04/msg00000.html
-CVE-2013-2023
+CVE-2013-2023 (Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in ...)
 	- jquery-jplayer 2.1.0-2
 	NOTE: used for jPlayer 2.2.23 XSS
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/05/3
-CVE-2013-2022
+CVE-2013-2022 (Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jp ...)
 	- jquery-jplayer 2.1.0-2
 	NOTE: https://github.com/happyworm/jPlayer/commit/c5fe17bb4459164bd59153b57248cf94b8867373
 	NOTE: used for jPlayer 2.2.20 XSS
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/05/3
-CVE-2013-2021
+CVE-2013-2021 (pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause ...)
 	- clamav 0.97.8+dfsg-1
 	[squeeze] - clamav 0.97.8+dfsg-1~squeeze1
-CVE-2013-2020
+CVE-2013-2020 (Integer underflow in the cli_scanpe function in pe.c in ClamAV before  ...)
 	- clamav 0.97.8+dfsg-1
 	[squeeze] - clamav 0.97.8+dfsg-1~squeeze1
-CVE-2013-2019
+CVE-2013-2019 (Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote ...)
 	- boinc 6.13.6+dfsg-1 (low)
 	[squeeze] - boinc <no-dsa> (Minor issue)
 	NOTE: http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git;a=commitdiff;h=9a4140ae30a72e5175f3f31646d91f2d58df7156
@@ -14424,7 +14424,7 @@ CVE-2013-2018 [SQL injections in the server-side scheduler code]
 	[squeeze] - boinc <not-affected> (Vulnerable code not present)
 	[wheezy] - boinc <no-dsa> (Minor issue)
 	NOTE: server-maker not shipped in squeeze
-CVE-2013-2017
+CVE-2013-2017 (The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6. ...)
 	- linux 2.6.34-1
 	- linux-2.6 2.6.34-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.33)
@@ -14441,14 +14441,14 @@ CVE-2013-2016 [qemu: virtio: out-of-bounds config space access]
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2013-04/msg05254.html
 	NOTE: http://marc.info/?l=oss-security&m=136722323931507&w=2
 	NOTE: Only pratically affects virtio-rng according to oss-reference (and if mmap_min_addr = 0)
-CVE-2013-2015
+CVE-2013-2015 (The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel be ...)
 	{DSA-2669-1 DSA-2668-1}
 	- linux 3.8-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2013-2014
+CVE-2013-2014 (OpenStack Identity (Keystone) before 2013.1 allows remote attackers to ...)
 	- keystone 2013.1.1-2 (bug #708515)
 	[wheezy] - keystone <no-dsa> (Minor issue)
-CVE-2013-2013
+CVE-2013-2013 (The user-password-update command in python-keystoneclient before 0.2.4 ...)
 	- python-keystoneclient 1:0.2.5-1 (bug #709535)
 	[wheezy] - python-keystoneclient 2012.1-3+deb7u1
 	NOTE: https://bugs.launchpad.net/python-keystoneclient/+bug/938315
@@ -14471,174 +14471,174 @@ CVE-2013-2009
 CVE-2013-2008
 	RESERVED
 	NOT-FOR-US: WP Super Cache
-CVE-2013-2007
+CVE-2013-2007 (The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when s ...)
 	- qemu <not-affected> (qemu guest agent introduced in 1.4, vulnerable versions were only in experimental)
 	- qemu-kvm <not-affected> (qemu guest agent introduced in 1.4)
-CVE-2013-2006
+CVE-2013-2006 (OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode loggin ...)
 	- keystone 2013.1.1-2
 	[wheezy] - keystone <no-dsa> (Minor issue)
 	NOTE: https://review.openstack.org/#/c/26826/2/keystone/common/config.py
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1172195
-CVE-2013-2005
+CVE-2013-2005 (X.org libXt 1.1.3 and earlier does not check the return value of the X ...)
 	{DSA-2680-1}
 	- libxt 1:1.1.3-1+deb7u1
-CVE-2013-2004
+CVE-2013-2004 (The (1) GetDatabase and (2) _XimParseStringFile functions in X.org lib ...)
 	{DSA-2693-1}
 	- libx11 2:1.5.0-1+deb7u1
-CVE-2013-2003
+CVE-2013-2003 (Integer overflow in X.org libXcursor 1.1.13 and earlier allows X serve ...)
 	{DSA-2681-1}
 	- libxcursor 1:1.1.13-1+deb7u1
-CVE-2013-2002
+CVE-2013-2002 (Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to c ...)
 	{DSA-2680-1}
 	- libxt 1:1.1.3-1+deb7u1
-CVE-2013-2001
+CVE-2013-2001 (Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers ...)
 	{DSA-2692-1}
 	- libxxf86vm 1:1.1.2-1+deb7u1
-CVE-2013-2000
+CVE-2013-2000 (Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow ...)
 	{DSA-2690-1}
 	- libxxf86dga 2:1.1.3-2+deb7u1
-CVE-2013-1999
+CVE-2013-1999 (Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to ...)
 	{DSA-2675-1}
 	- libxvmc 2:1.0.8-1
-CVE-2013-1998
+CVE-2013-1998 (Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X ser ...)
 	{DSA-2683-1}
 	- libxi 2:1.6.1-1+deb7u1
-CVE-2013-1997
+CVE-2013-1997 (Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and ear ...)
 	{DSA-2693-1}
 	- libx11 2:1.5.0-1+deb7u1
-CVE-2013-1996
+CVE-2013-1996 (X.org libFS 1.0.4 and earlier allows X servers to trigger allocation o ...)
 	{DSA-2687-1}
 	- libfs 2:1.0.4-1+deb7u1
-CVE-2013-1995
+CVE-2013-1995 (X.org libXi 1.7.1 and earlier allows X servers to trigger allocation o ...)
 	{DSA-2683-1}
 	- libxi 2:1.6.1-1+deb7u1
-CVE-2013-1994
+CVE-2013-1994 (Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro ...)
 	{DSA-2679-1}
 	- xserver-xorg-video-openchrome 1:0.2.906-2+deb7u1
-CVE-2013-1993
+CVE-2013-1993 (Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier a ...)
 	{DSA-2678-1}
 	- mesa 8.0.5-6
-CVE-2013-1992
+CVE-2013-1992 (Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X s ...)
 	{DSA-2673-1}
 	- libdmx 1:1.1.2-1+deb7u1
-CVE-2013-1991
+CVE-2013-1991 (Multiple integer overflows in X.org libXxf86dga 1.1.3 and earlier allo ...)
 	{DSA-2690-1}
 	- libxxf86dga 2:1.1.3-2+deb7u1
-CVE-2013-1990
+CVE-2013-1990 (Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X  ...)
 	{DSA-2675-1}
 	- libxvmc 2:1.0.8-1
-CVE-2013-1989
+CVE-2013-1989 (Multiple integer overflows in X.org libXv 1.0.7 and earlier allow X se ...)
 	{DSA-2674-1}
 	- libxv 2:1.0.7-1+deb7u1
-CVE-2013-1988
+CVE-2013-1988 (Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X  ...)
 	{DSA-2688-1}
 	- libxres 2:1.0.6-1+deb7u1
-CVE-2013-1987
+CVE-2013-1987 (Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow ...)
 	{DSA-2677-1}
 	- libxrender 1:0.9.7-1+deb7u1
-CVE-2013-1986
+CVE-2013-1986 (Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow  ...)
 	{DSA-2684-1}
 	- libxrandr 2:1.3.2-2+deb7u1
-CVE-2013-1985
+CVE-2013-1985 (Integer overflow in X.org libXinerama 1.1.2 and earlier allows X serve ...)
 	{DSA-2691-1}
 	- libxinerama 2:1.1.2-1+deb7u1
-CVE-2013-1984
+CVE-2013-1984 (Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X se ...)
 	{DSA-2683-1}
 	- libxi 2:1.6.1-1+deb7u1
-CVE-2013-1983
+CVE-2013-1983 (Integer overflow in X.org libXfixes 5.0 and earlier allows X servers t ...)
 	{DSA-2676-1}
 	- libxfixes 1:5.0-4+deb7u1
-CVE-2013-1982
+CVE-2013-1982 (Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X  ...)
 	{DSA-2682-1}
 	- libxext 2:1.3.1-2+deb7u1
-CVE-2013-1981
+CVE-2013-1981 (Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and ea ...)
 	{DSA-2693-1}
 	- libx11 2:1.5.0-1+deb7u1
-CVE-2013-1980
+CVE-2013-1980 (Buffer overflow in the get_dsmp function in loaders/masi_load.c in lib ...)
 	- xmp 3.4.0-3 (low; bug #706667)
 	[wheezy] - xmp <no-dsa> (Minor issue)
 	[squeeze] - xmp <no-dsa> (Minor issue)
-CVE-2013-1979
+CVE-2013-1979 (The scm_set_cred function in include/net/scm.h in the Linux kernel bef ...)
 	{DSA-2669-1}
 	- linux 3.8.11-1
 	- linux-2.6 <not-affected> (Introduced in 2.6.36)
-CVE-2013-1978
+CVE-2013-1978 (Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c ...)
 	{DSA-2813-1}
 	- gimp 2.8.10-0.1 (bug #731305)
-CVE-2013-1977
+CVE-2013-1977 (OpenStack devstack uses world-readable permissions for keystone.conf,  ...)
 	- keystone <not-affected> (permissions to /etc/keystone/keystone.conf restricted in postinst)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/04/19/2
-CVE-2013-1976
+CVE-2013-1976 (The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in ...)
 	- tomcat6 <not-affected> (RedHat-specific issue)
 	- tomcat7 <not-affected> (RedHat-specific issue)
 CVE-2013-1975
 	RESERVED
 CVE-2013-1974
 	RESERVED
-CVE-2013-1973
+CVE-2013-1973 (The autocomplete callback in Autocomplete Widgets for Text and Number  ...)
 	NOT-FOR-US: Drupal contributed module
-CVE-2013-1972
+CVE-2013-1972 (Cross-site request forgery (CSRF) vulnerability in the elFinder file m ...)
 	NOT-FOR-US: Drupal contributed module
-CVE-2013-1971
+CVE-2013-1971 (Cross-site scripting (XSS) vulnerability in the MP3 Player module for  ...)
 	NOT-FOR-US: Drupal contributed module
 CVE-2013-1970
 	REJECTED
-CVE-2013-1969
+CVE-2013-1969 (Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly  ...)
 	- libxml2 <not-affected> (Affecting only 2.9.x, see bug #705722)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f
-CVE-2013-1968
+CVE-2013-1968 (Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authent ...)
 	{DSA-2703-1}
 	- subversion 1.7.9-1+nmu2 (bug #711033)
 	NOTE: https://subversion.apache.org/security/CVE-2013-1968-advisory.txt
-CVE-2013-1967
+CVE-2013-1967 (Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in M ...)
 	- owncloud <not-affected> (Vulnerable code not present)
 	NOTE: oC >= 4.5 only
-CVE-2013-1966
+CVE-2013-1966 (Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arb ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
-CVE-2013-1965
+CVE-2013-1965 (Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 b ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
-CVE-2013-1964
+CVE-2013-1964 (Xen 4.0.x and 4.1.x incorrectly releases a grant reference when releas ...)
 	{DSA-2666-1}
 	- xen 4.1.4-3
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-04/msg00006.html
-CVE-2013-1963
+CVE-2013-1963 (The contacts application in ownCloud before 4.5.10 and 5.x before 5.0. ...)
 	- owncloud <not-affected> (Vulnerable code not present)
 	NOTE: oC >= 4.5 only
-CVE-2013-1962
+CVE-2013-1962 (The remoteDispatchStoragePoolListAllVolumes function in the storage po ...)
 	- libvirt <not-affected> (Vulnerable code not present)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=ca697e90d5bd6a6dfb94bfb6d4438bdf9a44b739
-CVE-2013-1961
+CVE-2013-1961 (Stack-based buffer overflow in the t2p_write_pdf_page function in tiff ...)
 	{DSA-2698-1 DLA-610-1}
 	- tiff 4.0.2-6+nmu1 (bug #706674)
 	- tiff3 3.9.7-1 (bug #712840)
-CVE-2013-1960
+CVE-2013-1960 (Heap-based buffer overflow in the t2p_process_jpeg_strip function in t ...)
 	{DSA-2698-1}
 	- tiff 4.0.2-6+nmu1 (bug #706675)
 	- tiff3 <not-affected> (tiff command line tools not build in tiff3)
-CVE-2013-1959
+CVE-2013-1959 (kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have ...)
 	- linux 3.8.11-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 	- linux-2.6 <not-affected> (Introduced in 3.7)
-CVE-2013-1958
+CVE-2013-1958 (The scm_check_creds function in net/core/scm.c in the Linux kernel bef ...)
 	- linux 3.8.13-1
 	[wheezy] - linux <not-affected> (Not exploitable by unprivileged users)
 	- linux-2.6 <not-affected> (Not exploitable by unprivileged users)
-CVE-2013-1957
+CVE-2013-1957 (The clone_mnt function in fs/namespace.c in the Linux kernel before 3. ...)
 	- linux 3.8.13-1
 	[wheezy] - linux <not-affected> (Not exploitable by unprivileged users)
 	- linux-2.6 <not-affected> (Not exploitable by unprivileged users)
-CVE-2013-1956
+CVE-2013-1956 (The create_user_ns function in kernel/user_namespace.c in the Linux ke ...)
 	- linux 3.8.11-1
 	[wheezy] - linux <not-affected> (Not exploitable by unprivileged users)
 	- linux-2.6 <not-affected> (Not exploitable by unprivileged users)
-CVE-2013-1955
+CVE-2013-1955 (Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php a ...)
 	NOT-FOR-US: Easy PHP Calendar
-CVE-2013-1954
+CVE-2013-1954 (The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player ...)
 	{DSA-2973-1}
 	- vlc 2.0.6-1 (bug #705136)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.videolan.org/security/sa1302.html
-CVE-2013-1953
+CVE-2013-1953 (Integer underflow in the input_bmp_reader function in input-bmp.c in A ...)
 	- autotrace 0.31.1-16+nmu1 (low; bug #742873)
 	[wheezy] - autotrace <no-dsa> (Minor issue)
 	[squeeze] - autotrace <no-dsa> (Minor issue)
@@ -14648,62 +14648,62 @@ CVE-2013-1953
 	NOTE: and fixed with 57f805a159874107c6c98065f9aa648c3634b8fd
 	NOTE: https://git.gnome.org/browse/gimp/commit/?h=d9c6f88141aecf956c5d7
 	NOTE: https://git.gnome.org/browse/gimp/commit/?h=57f805a159874107c6c98
-CVE-2013-1952
+CVE-2013-1952 (Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, ...)
 	{DSA-2666-1}
 	- xen 4.1.4-4
 CVE-2013-1951
 	RESERVED
 	- mediawiki 1:1.19.5-1
 	[squeeze] - mediawiki <end-of-life>
-CVE-2013-1950
+CVE-2013-1950 (The svc_dg_getargs function in libtirpc 0.2.3 and earlier allows remot ...)
 	- libtirpc <not-affected> (regression code not present)
 	NOTE: Regression introduced with 82cc2e6129c872c8be09381055f2fb5641c5e6fe
 	NOTE: Regression fixed with a9f437119d79a438cb12e510f3cadd4060102c9f
 	NOTE: http://www.openwall.com/lists/oss-security/2013/04/22/9
-CVE-2013-1949
+CVE-2013-1949 (Social Media Widget (social-media-widget) plugin 4.0 for WordPress con ...)
 	NOT-FOR-US: Wordpress Social Media Widget
-CVE-2013-1948
+CVE-2013-1948 (converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent ...)
 	NOT-FOR-US: Ruby gem md2pdf
-CVE-2013-1947
+CVE-2013-1947 (kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers  ...)
 	NOT-FOR-US: Ruby Gem kelredd-pruview
-CVE-2013-1946
+CVE-2013-1946 (The RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.3 and 7. ...)
 	NOT-FOR-US: RESTful Web Services (RESTWS) Drupal cotributed module
 CVE-2013-1945
 	RESERVED
 	NOT-FOR-US: Red Hat specific packaging flaw of Ruby in Red Hat OpenShift Enterprise
-CVE-2013-1944
+CVE-2013-1944 (The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 d ...)
 	{DSA-2660-1}
 	- curl 7.29.0-2.1 (bug #705274)
 	[wheezy] - curl 7.26.0-1+wheezy2
 	NOTE: http://curl.haxx.se/docs/adv_20130412.html
-CVE-2013-1943
+CVE-2013-1943 (The KVM subsystem in the Linux kernel before 3.0 does not check whethe ...)
 	- linux <not-affected> (RHEL-specific backport regression)
 	- linux-2.6 <not-affected> (RHEL-specific backport regression)
-CVE-2013-1942
+CVE-2013-1942 (Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jp ...)
 	- owncloud <not-affected> (Depends on libjs-jquery-jplayer)
 	- jquery-jplayer 2.1.0-2
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-014/
 	NOTE: https://github.com/happyworm/jPlayer/commit/e8ca190f7f972a6a421cb95f09e138720e40ed6d
-CVE-2013-1941
+CVE-2013-1941 (The installation routine in ownCloud Server before 4.0.14, 4.5.x befor ...)
 	- owncloud 5.0.4~rc1+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-015/
-CVE-2013-1940
+CVE-2013-1940 (X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly ...)
 	{DSA-2661-1}
 	- xorg-server 2:1.12.4-6
-CVE-2013-1939
+CVE-2013-1939 (The HTML\Browser plugin in SabreDAV before 1.6.9, 1.7.x before 1.7.7,  ...)
 	- owncloud <not-affected> (Windows version only)
 	- php-sabredav <not-affected> (running in Windows hosts)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-016/
 CVE-2013-1938
 	RESERVED
 	NOT-FOR-US: Zimbra
-CVE-2013-1937
+CVE-2013-1937 (** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in  ...)
 	- phpmyadmin <not-affected> (Affected are versions 3.5.0 to 3.5.7, older versions not vulnerable)
 	NOTE: http://seclists.org/fulldisclosure/2013/Apr/100
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/79089c9bc02c82c15419fd9d6496b8781ae08a5a
 CVE-2013-1936
 	REJECTED
-CVE-2013-1935
+CVE-2013-1935 (A certain Red Hat patch to the KVM subsystem in the kernel package bef ...)
 	- linux <not-affected> (RHEL-specific backport regression)
 	- linux-2.6 <not-affected> (RHEL-specific backport regression)
 CVE-2013-1934 [mantis: XSS issue in adm_config_report.php when displaying complex value]
@@ -14711,7 +14711,7 @@ CVE-2013-1934 [mantis: XSS issue in adm_config_report.php when displaying comple
 	{DSA-3120-1}
 	- mantis <removed> (low; bug #717482)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-1933
+CVE-2013-1933 (The extract_from_ocr function in lib/docsplit/text_extractor.rb in the ...)
 	NOT-FOR-US: Karteek Docsplit Ruby Gem
 CVE-2013-1932 [mantis: XSS vulnerability on Configuration Report page]
 	RESERVED
@@ -14725,114 +14725,114 @@ CVE-2013-1930 [mantis: Close button available to users despite workflow restrict
 	RESERVED
 	- mantis <not-affected> (affects only Mantis 1.2.12 and later)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/04/04/8
-CVE-2013-1929
+CVE-2013-1929 (Heap-based buffer overflow in the tg3_read_vpd function in drivers/net ...)
 	{DSA-2669-1 DSA-2668-1}
 	- linux 3.8.11-1
 	- linux-2.6 <removed>
-CVE-2013-1928
+CVE-2013-1928 (The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linu ...)
 	{DSA-2668-1}
 	- linux 3.2.35-1
 	- linux-2.6 <removed>
-CVE-2013-1927
+CVE-2013-1927 (The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remo ...)
 	- icedtea-web 1.3.2-1
-CVE-2013-1926
+CVE-2013-1926 (The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the sa ...)
 	- icedtea-web 1.3.2-1
-CVE-2013-1925
+CVE-2013-1925 (The Chaos Tool Suite (ctools) module 7.x-1.x before 7.x-1.3 for Drupal ...)
 	NOT-FOR-US: CTools module for Drupal
 CVE-2013-1924
 	RESERVED
 	NOT-FOR-US: Commerce Skrill Drupal module
-CVE-2013-1923
+CVE-2013-1923 (rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for ...)
 	- nfs-utils 1:1.2.8-1 (low; bug #707401)
 	[squeeze] - nfs-utils <no-dsa> (Minor issue)
 	[wheezy] - nfs-utils 1:1.2.6-4
-CVE-2013-1922
+CVE-2013-1922 (qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw ...)
 	- xen <not-affected> (qemu-nbd-xen built, but not installed into the binary packages)
 	- qemu 1.5.0+dfsg-1 (low; bug #705544)
 	[squeeze] - qemu <no-dsa> (Minor issue)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- xen-qemu-dm-4.0 <not-affected> (qemu-nbd not installed by the binary package)
-CVE-2013-1921
+CVE-2013-1921 (PicketBox, as used in Red Hat JBoss Enterprise Application Platform be ...)
 	NOT-FOR-US: Red Hat JBoss Enterprise Application Platform (Debian's jboss only provides some classes)
-CVE-2013-1920
+CVE-2013-1920 (Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running "under m ...)
 	- xen <not-affected> (XSM not enabled in build)
 	NOTE: Debian package not build with XSM_ENABLE, thus resulted binary packages not affected
-CVE-2013-1919
+CVE-2013-1919 (Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which a ...)
 	{DSA-2662-1}
 	- xen 4.1.4-3
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-04/msg00003.html
-CVE-2013-1918
+CVE-2013-1918 (Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and ea ...)
 	{DSA-2666-1}
 	- xen 4.1.4-4
-CVE-2013-1917
+CVE-2013-1917 (Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not ...)
 	{DSA-2662-1}
 	- xen 4.1.4-3
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html
 CVE-2013-1916
 	RESERVED
 	NOT-FOR-US: WordPress plugin
-CVE-2013-1915
+CVE-2013-1915 (ModSecurity before 2.7.3 allows remote attackers to read arbitrary fil ...)
 	{DSA-2659-1}
 	- modsecurity-apache 2.6.6-6 (bug #704625)
 	- libapache-mod-security <removed>
 	NOTE: https://github.com/SpiderLabs/ModSecurity/commit/d4d80b38aa85eccb26e3c61b04d16e8ca5de76fe
 	NOTE: http://marc.info/?l=oss-security&m=136499182131283&w=2
-CVE-2013-1914
+CVE-2013-1914 (Stack-based buffer overflow in the getaddrinfo function in sysdeps/pos ...)
 	{DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.17-2 (low; bug #704623)
 	[wheezy] - eglibc 2.13-38+deb7u1
-CVE-2013-1913
+CVE-2013-1913 (Integer overflow in the load_image function in file-xwd.c in the X Win ...)
 	{DSA-2813-1}
 	- gimp 2.8.10-0.1 (bug #731305)
-CVE-2013-1912
+CVE-2013-1912 (Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5- ...)
 	{DSA-2711-1}
 	- haproxy 1.4.23-1 (bug #704611)
 	NOTE: http://git.1wt.eu/web?p=haproxy-1.4.git;a=commitdiff;h=dc80672211
-CVE-2013-1911
+CVE-2013-1911 (lib/ldoce/word.rb in the ldoce 0.0.2 gem for Ruby allows remote attack ...)
 	NOT-FOR-US: ldoce ruby gem
 CVE-2013-1910 [Not removing bad metadata and using it in next run]
 	RESERVED
 	- yum <unfixed> (unimportant)
 	NOTE: http://yum.baseurl.org/gitweb?p=yum.git;a=commitdiff;h=c148eb10b798270b3d15087433c8efb2a79a69d0
 	NOTE: Only used for bootstraps of chroots, see README.Debian
-CVE-2013-1909
+CVE-2013-1909 (The Python client in Apache Qpid before 2.2 does not verify that the s ...)
 	- qpid-python 0.22-1 (low; bug #714133)
 	[wheezy] - qpid-python <no-dsa> (Minor issue)
-CVE-2013-1908
+CVE-2013-1908 (The Commons Wikis module before 7.x-3.1 for Drupal, as used in the Com ...)
 	NOT-FOR-US: Drupal module
-CVE-2013-1907
+CVE-2013-1907 (The Commons Group module before 7.x-3.1 for Drupal, as used in the Com ...)
 	NOT-FOR-US: Drupal module
-CVE-2013-1906
+CVE-2013-1906 (Cross-site scripting (XSS) vulnerability in the Rules module 7.x-2.x b ...)
 	NOT-FOR-US: Drupal module Rules
-CVE-2013-1905
+CVE-2013-1905 (Cross-site scripting (XSS) vulnerability in the Zero Point theme 7.x-1 ...)
 	NOT-FOR-US: Drupal theme Zero Point
-CVE-2013-1904
+CVE-2013-1904 (Absolute path traversal vulnerability in steps/mail/sendmail.inc in Ro ...)
 	- roundcube 0.7.2-9
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
-CVE-2013-1903
+CVE-2013-1903 (PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x bef ...)
 	- postgresql-9.1 <not-affected> (installer related)
 	- postgresql-8.4 <not-affected> (installer related)
-CVE-2013-1902
+CVE-2013-1902 (PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.1 ...)
 	- postgresql-9.1 <not-affected> (installer related)
 	- postgresql-8.4 <not-affected> (installer related)
-CVE-2013-1901
+CVE-2013-1901 (PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly ...)
 	{DSA-2658-1}
 	- postgresql-9.1 9.1.9-1
-CVE-2013-1900
+CVE-2013-1900 (PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13 ...)
 	{DSA-2658-1 DSA-2657-1}
 	- postgresql-9.1 9.1.9-1
 	- postgresql-8.4 8.4.17-1
-CVE-2013-1899
+CVE-2013-1899 (Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1 ...)
 	{DSA-2658-1}
 	- postgresql-9.1 9.1.9-1 (bug #704479)
-CVE-2013-1898
+CVE-2013-1898 (lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows remo ...)
 	NOT-FOR-US: Ruby gem Thumbshooter
-CVE-2013-1897
+CVE-2013-1897 (The do_search function in ldap/servers/slapd/search.c in 389 Directory ...)
 	- 389-ds-base 1.3.2.9-1 (bug #704421)
 	NOTE: http://git.fedorahosted.org/cgit/389/ds.git/commit/?h=389-ds-base-1.2.11&id=5a18c828533a670e7143327893f8171a19062286
 	NOTE: https://fedorahosted.org/389/ticket/47308
-CVE-2013-1896
+CVE-2013-1896 (mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly de ...)
 	- apache2 2.4.6-1 (low; bug #717272)
 	[wheezy] - apache2 2.2.22-13+deb7u1
 	[squeeze] - apache2 2.2.16-6+squeeze12
@@ -14844,53 +14844,53 @@ CVE-2013-1895 [concurrency issue leading to auth bypass]
 	NOTE: https://code.google.com/p/py-bcrypt/source/detail?r=b03cc5246ea21a839fd027da5616d8d470247558
 CVE-2013-1894
 	REJECTED
-CVE-2013-1893
+CVE-2013-1893 (SQL injection vulnerability in addressbookprovider.php in ownCloud Ser ...)
 	- owncloud <not-affected> (only affecting 5.0 branch)
-CVE-2013-1892
+CVE-2013-1892 (MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate ...)
 	- mongodb 1:2.4.1-1 (bug #704042)
 	[wheezy] - mongodb 1:2.0.6-1.1
 	[squeeze] - mongodb <no-dsa> (Minor isue, Spidermonkey in Lenny is EOLed)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/25/7
 CVE-2013-1891
 	RESERVED
-CVE-2013-1890
+CVE-2013-1890 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server ...)
 	- owncloud <not-affected> (only affecting 5.0 branch)
 CVE-2013-1889
 	RESERVED
 	- libapache2-mod-ruid2 0.9.8-1 (low; bug #704066)
 	[wheezy] - libapache2-mod-ruid2 <no-dsa> (Minor issue)
 	NOTE: Fix: https://github.com/mind04/mod-ruid2/commit/1fed9dda70cd44d54301df19730a29ae0989e0a2
-CVE-2013-1888
+CVE-2013-1888 (pip before 1.3 allows local users to overwrite arbitrary files via a s ...)
 	- python-pip <not-affected>
 	[squeeze] - python-pip <not-affected>
 	NOTE: https://github.com/pypa/pip/pull/780/files
 	NOTE: Not-affected as vulnerable code only in 1.3, and 1.3.1-1 fixed the issue.
-CVE-2013-1887
+CVE-2013-1887 (Multiple cross-site scripting (XSS) vulnerabilities in the Views modul ...)
 	- drupal6 <not-affected> (only affects 7.x-3.x to 7.x-3.6)
 	- drupal7 <not-affected> (views module not packaged)
-CVE-2013-1886
+CVE-2013-1886 (Format string vulnerability in the token processing system (pki-tps) i ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2013-1885
+CVE-2013-1885 (Multiple cross-site scripting (XSS) vulnerabilities in the token proce ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2013-1884
+CVE-2013-1884 (The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through ...)
 	- subversion 1.7.9-1 (bug #704940)
 	[wheezy] - subversion <not-affected> (Subversion HTTPD servers 1.7.0 through 1.7.8 (inclusive))
 	[squeeze] - subversion <not-affected> (Subversion HTTPD servers 1.7.0 through 1.7.8 (inclusive))
 	NOTE: http://bugs.debian.org/704940#32
 	NOTE: http://subversion.apache.org/security/CVE-2013-1884-advisory.txt
-CVE-2013-1883
+CVE-2013-1883 (Mantis Bug Tracker (aka MantisBT) 1.2.12 before 1.2.15 allows remote a ...)
 	- mantis <not-affected> (only affects 1.2.12 to 1.2.14)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/21/3
 CVE-2013-1882
 	RESERVED
-CVE-2013-1881
+CVE-2013-1881 (GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary f ...)
 	- librsvg 2.40.0-1 (bug #724741)
 	[wheezy] - librsvg 2.36.1-2
 	[squeeze] - librsvg 2.26.3-1+deb6u2
-CVE-2013-1880
+CVE-2013-1880 (Cross-site scripting (XSS) vulnerability in the Portfolio publisher se ...)
 	- activemq <not-affected> (portfolio demo app not shipped in Debian package)
 	NOTE: https://issues.apache.org/jira/browse/AMQ-4398
-CVE-2013-1879
+CVE-2013-1879 (Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache Ac ...)
 	- activemq <not-affected> (scheduler not shipped in Debian package)
 	NOTE: https://issues.apache.org/jira/browse/AMQ-4397
 CVE-2013-1878
@@ -14899,26 +14899,26 @@ CVE-2013-1877
 	REJECTED
 CVE-2013-1876
 	REJECTED
-CVE-2013-1875
+CVE-2013-1875 (command_wrap.rb in the command_wrap Gem for Ruby allows remote attacke ...)
 	NOT-FOR-US: ruby gem command_wrap
-CVE-2013-1874
+CVE-2013-1874 (Untrusted search path vulnerability in csi in Chicken before 4.8.2 all ...)
 	- chicken 4.8.0.3-1 (low; bug #702410)
 	[squeeze] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/19/11
 CVE-2013-1873 [linux kernel kernel stack memory disclosure]
 	REJECTED
-CVE-2013-1872
+CVE-2013-1872 (The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent atta ...)
 	{DSA-2704-1}
 	- mesa 8.0.5-7
 	[squeeze] - mesa <not-affected> (Vulnerable code not present)
-CVE-2013-1871
+CVE-2013-1871 (Cross-site scripting (XSS) vulnerability in account/EditAddress.do in  ...)
 	NOT-FOR-US: Red Hat Satellite
 CVE-2013-1870
 	REJECTED
-CVE-2013-1869
+CVE-2013-1869 (CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Re ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2013-1868
+CVE-2013-1868 (Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earli ...)
 	{DSA-2973-1}
 	- vlc 2.0.5-1
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
@@ -14928,116 +14928,116 @@ CVE-2013-1867
 	RESERVED
 CVE-2013-1866
 	RESERVED
-CVE-2013-1865
+CVE-2013-1865 (OpenStack Keystone Folsom (2012.2) does not properly perform revocatio ...)
 	- keystone <not-affected> (only affects folsom)
 	NOTE: fixed in experimental with keystone/2012.2.3-2
-CVE-2013-1864
+CVE-2013-1864 (The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga ...)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/15/6
 	- ekiga 4.0.1-1 (low; bug #704133)
 	[wheezy] - ekiga <no-dsa> (Minor issue)
 	[squeeze] - ekiga <no-dsa> (Minor issue)
-CVE-2013-1863
+CVE-2013-1863 (Samba 4.x before 4.0.4, when configured as an Active Directory domain  ...)
 	- samba4 <not-affected> (Debian package only uses ntvfs, see #679678)
 	NOTE: http://www.samba.org/samba/history/samba-4.0.4.html
 	NOTE: http://www.samba.org/samba/security/CVE-2013-1863
-CVE-2013-1862
+CVE-2013-1862 (mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2. ...)
 	- apache2 2.4.1-1 (unimportant)
 	[wheezy] - apache2 2.2.22-13+deb7u1
 	[squeeze] - apache2 2.2.16-6+squeeze12
 	NOTE: Such injection issues are not treated as security issues
-CVE-2013-1861
+CVE-2013-1861 (MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, ...)
 	{DSA-2818-1 DSA-2780-1}
 	- mariadb-5.5 <not-affected> (Fixed before initial upload to archive)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.33+dfsg-1 (low; bug #706715)
 	- mysql-5.1 <removed> (low; bug #706715)
 	NOTE: https://mariadb.atlassian.net/browse/MDEV-4252
-CVE-2013-1860
+CVE-2013-1860 (Heap-based buffer overflow in the wdm_in_callback function in drivers/ ...)
 	{DSA-2668-1}
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
-CVE-2013-1859
+CVE-2013-1859 (The Node Parameter Control module 6.x-1.x for Drupal does not properly ...)
 	NOT-FOR-US: Drupal module Node Parameter Control
-CVE-2013-1858
+CVE-2013-1858 (The clone system-call implementation in the Linux kernel before 3.8.3  ...)
 	- linux <not-affected> (Only exploitable starting with 3.7)
 	- linux-2.6 <not-affected> (Only exploitable starting with 3.7)
 	NOTE: http://stealth.openwall.net/xSports/clown-newuser.c
-CVE-2013-1857
+CVE-2013-1857 (The sanitize helper in lib/action_controller/vendor/html-scanner/html/ ...)
 	{DSA-2655-1}
 	- ruby-actionpack-3.2 3.2.6-6 (bug #703349)
 	- ruby-actionpack-2.3 2.3.14-5
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-1856
+CVE-2013-1856 (The ActiveSupport::XmlMini_JDOM backend in lib/active_support/xml_mini ...)
 	- ruby-activesupport-2.3 <not-affected> (Only affects 3.x and later)
 	- ruby-activesupport-3.2 3.2.6-6 (bug #703350)
 	- rails <not-affected> (Only affects 3.x and later)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-1855
+CVE-2013-1855 (The sanitize_css method in lib/action_controller/vendor/html-scanner/h ...)
 	{DSA-2655-1}
 	- ruby-actionpack-3.2 3.2.6-6 (bug #703349)
 	- ruby-actionpack-2.3 2.3.14-5
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-1854
+CVE-2013-1854 (The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1. ...)
 	{DSA-2655-1}
 	- ruby-activerecord-3.2 3.2.6-5 (bug #703348)
 	- ruby-activerecord-2.3 2.3.14-6
 	- ruby-activesupport-2.3 2.3.14-7
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-1853
+CVE-2013-1853 (Almanah Diary 0.9.0 and 0.10.0 does not encrypt the database when clos ...)
 	- almanah 0.9.1-1 (bug #702905)
 	[squeeze] - almanah <not-affected> (Only affect Almanah used in combination with glib 2.32)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=695117
-CVE-2013-1852
+CVE-2013-1852 (SQL injection vulnerability in leaguemanager.php in the LeagueManager  ...)
 	NOT-FOR-US: WordPress plugin LeagueManager
-CVE-2013-1851
+CVE-2013-1851 (Incomplete blacklist vulnerability in lib/migrate.php in ownCloud befo ...)
 	- owncloud 4.0.8debian-1.6 (bug #703094)
 	NOTE: https://owncloud.org/about/security/advisories/oC-SA-2013-010/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/14/8
-CVE-2013-1850
+CVE-2013-1850 (Multiple incomplete blacklist vulnerabilities in (1) import.php and (2 ...)
 	- owncloud 4.0.8debian-1.6 (bug #703094)
 	NOTE: https://owncloud.org/about/security/advisories/oC-SA-2013-009/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/14/8
-CVE-2013-1849
+CVE-2013-1849 (The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through ...)
 	{DLA-207-1}
 	- subversion 1.7.9-1 (bug #704940)
 	[squeeze] - subversion <no-dsa> (Minor issue)
 	[wheezy] - subversion 1.6.17dfsg-4+deb7u2
 	NOTE: http://seclists.org/fulldisclosure/2013/Mar/56
-CVE-2013-1848
+CVE-2013-1848 (fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect argume ...)
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.33)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/8
-CVE-2013-1847
+CVE-2013-1847 (The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through ...)
 	{DLA-207-1}
 	- subversion 1.7.9-1 (bug #704940)
 	[squeeze] - subversion <no-dsa> (Minor issue)
 	[wheezy] - subversion 1.6.17dfsg-4+deb7u2
 	NOTE: http://subversion.apache.org/security/CVE-2013-1847-advisory.txt
-CVE-2013-1846
+CVE-2013-1846 (The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before  ...)
 	{DLA-207-1}
 	- subversion 1.7.9-1 (bug #704940)
 	[squeeze] - subversion <no-dsa> (Minor issue)
 	[wheezy] - subversion 1.6.17dfsg-4+deb7u2
 	NOTE: http://subversion.apache.org/security/CVE-2013-1846-advisory.txt
-CVE-2013-1845
+CVE-2013-1845 (The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before  ...)
 	{DLA-207-1}
 	- subversion 1.7.9-1 (bug #704940)
 	[squeeze] - subversion <no-dsa> (Minor issue)
 	[wheezy] - subversion 1.6.17dfsg-4+deb7u2
 	NOTE: http://subversion.apache.org/security/CVE-2013-1845-advisory.txt
-CVE-2013-1844
+CVE-2013-1844 (Cross-site scripting (XSS) vulnerability in Piwik before 1.11 allows r ...)
 	- piwik <itp> (bug #506933)
-CVE-2013-1843
+CVE-2013-1843 (Open redirect vulnerability in the Access tracking mechanism in TYPO3  ...)
 	{DSA-2646-1}
 	- typo3-src 4.5.19+dfsg1-5 (bug #702574)
-CVE-2013-1842
+CVE-2013-1842 (SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x be ...)
 	{DSA-2646-1}
 	- typo3-src 4.5.19+dfsg1-5 (bug #702574)
-CVE-2013-1841
+CVE-2013-1841 (Net-Server, when the reverse-lookups option is enabled, does not check ...)
 	- libnet-server-perl <unfixed> (low; bug #702914)
 	[buster] - libnet-server-perl <ignored> (Minor issue)
 	[stretch] - libnet-server-perl <ignored> (Minor issue)
@@ -15045,65 +15045,65 @@ CVE-2013-1841
 	[wheezy] - libnet-server-perl <ignored> (Minor issue)
 	[squeeze] - libnet-server-perl <no-dsa> (Minor issue)
 	NOTE: https://rt.cpan.org/Ticket/Display.html?id=83909
-CVE-2013-1840
+CVE-2013-1840 (The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and Gr ...)
 	- glance 2012.1.1-5 (bug #703063)
-CVE-2013-1839
+CVE-2013-1839 (The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x befo ...)
 	- squid3 <not-affected> (the errors were introduced in trunk rev.11496 in 3.2.0.9)
 	NOTE: According to http://seclists.org/bugtraq/2013/Mar/68 not affecting 3.1?
 	NOTE: http://bazaar.launchpad.net/~squid/squid/3.2/revision/11796
-CVE-2013-1838
+CVE-2013-1838 (OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1)  ...)
 	- nova 2012.1.1-15 (bug #703064)
 CVE-2013-1837
 	RESERVED
-CVE-2013-1836
+CVE-2013-1836 (Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and ...)
 	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-1835
+CVE-2013-1835 (Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and ...)
 	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-1834
+CVE-2013-1834 (notes/edit.php in Moodle 1.9.x through 1.9.19, 2.x through 2.1.10, 2.2 ...)
 	- moodle 2.5-1 (low; bug #703870)
 	[squeeze] - moodle <no-dsa> (Minor issue)
-CVE-2013-1833
+CVE-2013-1833 (Multiple cross-site scripting (XSS) vulnerabilities in the File Picker ...)
 	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-1832
+CVE-2013-1832 (repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2 ...)
 	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2013-1831
+CVE-2013-1831 (lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x b ...)
 	- moodle 2.5-1 (low; bug #703870)
 	[squeeze] - moodle <no-dsa> (Minor issue)
-CVE-2013-1830
+CVE-2013-1830 (user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x befo ...)
 	- moodle 2.5-1 (low; bug #703870)
 	[squeeze] - moodle <no-dsa> (Minor issue)
-CVE-2013-1829
+CVE-2013-1829 (calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not ...)
 	- moodle <not-affected> (Only in 2.4 to 2.4.1)
-CVE-2013-1828
+CVE-2013-1828 (The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the L ...)
 	- linux <not-affected> (Introduced in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
-CVE-2013-1827
+CVE-2013-1827 (net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to ...)
 	- linux 3.2.29-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-47
-CVE-2013-1826
+CVE-2013-1826 (The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux k ...)
 	{DSA-2668-1}
 	- linux 3.2.32-1 (low)
 	- linux-2.6 <removed> (low)
 	NOTE: Probably gone since 3.2.32-1, but I checked 3.2.41-2
 CVE-2013-1825
 	REJECTED
-CVE-2013-1824
+CVE-2013-1824 (The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows re ...)
 	{DSA-2639-1}
 	- php5 5.4.4-14
 	NOTE: See CVE-2013-1643
 	NOTE: http://git.php.net/?p=web/php.git;a=commitdiff;h=e8432b34ee7a196a14a6e0191a00fe73b5a095e7
-CVE-2013-1823
+CVE-2013-1823 (Cross-site scripting (XSS) vulnerability in the Notifications form in  ...)
 	NOT-FOR-US: Katello
-CVE-2013-1822
+CVE-2013-1822 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x  ...)
 	- owncloud <not-affected> (owncloud stable4 (4.0.x) is not affected)
 	NOTE: https://owncloud.org/about/security/advisories/oC-SA-2013-008/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/14/8
-CVE-2013-1821
+CVE-2013-1821 (lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows ...)
 	{DSA-2809-1 DSA-2738-1}
 	- ruby1.9.1 1.9.3.194-8.1 (bug #702525)
 	- ruby1.8 1.8.7.358-7 (bug #702526)
@@ -15111,12 +15111,12 @@ CVE-2013-1821
 CVE-2013-1820
 	RESERVED
 	- tuned <not-affected> (Fixed before initial release to Debian)
-CVE-2013-1819
+CVE-2013-1819 (The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel bef ...)
 	- linux 3.8-1
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <no-dsa> (Too risky to backport, minor impact)
 	[wheezy] - linux <no-dsa> (Too risky to backport, minor impact)
-CVE-2013-1818
+CVE-2013-1818 (maintenance/mwdoc-filter.php in MediaWiki before 1.20.3 allows remote  ...)
 	- mediawiki <not-affected> (mwdoc-filter.php introduced in 1.20)
 	NOTE: register_globals is not supported in Debian anyway, see PHP's README.Debian.security
 CVE-2013-1817 [mediawiki information disclosure in unblock API]
@@ -15127,15 +15127,15 @@ CVE-2013-1816 [mediawiki insecure curl usage]
 	RESERVED
 	- mediawiki 1:1.19.4-1
 	[squeeze] - mediawiki <end-of-life>
-CVE-2013-1815
+CVE-2013-1815 (PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create th ...)
 	NOT-FOR-US: OpenStack PackStack
-CVE-2013-1814
+CVE-2013-1814 (The users/get program in the User RPC API in Apache Rave 0.11 through  ...)
 	NOT-FOR-US: Apache Rave
-CVE-2013-1813
+CVE-2013-1813 (util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for p ...)
 	- busybox 1:1.20.0-8 (low; bug #701965)
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	[squeeze] - busybox <no-dsa> (Minor issue)
-CVE-2013-1812
+CVE-2013-1812 (The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID provide ...)
 	- ruby-openid 2.1.8debian-6 (bug #702217)
 	- libopenid-ruby <removed> (bug #702217)
 	[squeeze] - libopenid-ruby 2.1.8debian-1+squeeze1
@@ -15144,7 +15144,7 @@ CVE-2013-1811 [Reporter can change issue status to 'new']
 	{DSA-3120-1}
 	- mantis <removed> (low; bug #698481)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-1810
+CVE-2013-1810 (Multiple cross-site scripting (XSS) vulnerabilities in core/summary_ap ...)
 	- mantis <not-affected> (only affects MantisBT 1.2.12)
 CVE-2013-1809 [Gambas creates hijackable directory in /tmp]
 	RESERVED
@@ -15153,106 +15153,106 @@ CVE-2013-1809 [Gambas creates hijackable directory in /tmp]
 	[wheezy] - gambas3 <no-dsa> (Minor issue)
 	[squeeze] - gambas2 <no-dsa> (Minor issue)
 	NOTE: https://code.google.com/p/gambas/issues/detail?id=365
-CVE-2013-1808
+CVE-2013-1808 (Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and Zero ...)
 	- db4o <unfixed> (unimportant)
 	- jenkins 1.509.2+dfsg-1 (bug #706725)
-CVE-2013-1807
+CVE-2013-1807 (PHP-Fusion before 7.02.06 stores backup files with predictable filenam ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2013-1806
+CVE-2013-1806 (Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02 ...)
 	NOT-FOR-US: PHP-Fusion
 CVE-2013-1805
 	REJECTED
-CVE-2013-1804
+CVE-2013-1804 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion befo ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2013-1803
+CVE-2013-1803 (Multiple SQL injection vulnerabilities in PHP-Fusion before 7.02.06 al ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2013-1802
+CVE-2013-1802 (The extlib gem 0.9.15 and earlier for Ruby does not properly restrict  ...)
 	{DLA-172-1}
 	- ruby-extlib 0.9.15-3 (bug #697895)
 	- libextlib-ruby <removed> (bug #697895)
-CVE-2013-1801
+CVE-2013-1801 (The httparty gem 0.9.0 and earlier for Ruby does not properly restrict ...)
 	NOT-FOR-US: httparty Ruby gem
-CVE-2013-1800
+CVE-2013-1800 (The crack gem 0.3.1 and earlier for Ruby does not properly restrict ca ...)
 	- ruby-crack 0.3.2-1
-CVE-2013-1799
+CVE-2013-1799 (Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before 3.7.91 ...)
 	- gnome-online-accounts <not-affected> (Incomplete patch wasn't applied in Debian)
-CVE-2013-1798
+CVE-2013-1798 (The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux ke ...)
 	{DSA-2668-1}
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/9
-CVE-2013-1797
+CVE-2013-1797 (Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel ...)
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport, KVM server not supported in squeeze-lts)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/9
-CVE-2013-1796
+CVE-2013-1796 (The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux ker ...)
 	{DSA-2669-1 DSA-2668-1}
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/9
-CVE-2013-1795
+CVE-2013-1795 (Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote att ...)
 	{DSA-2638-1}
 	- openafs 1.6.1-3
-CVE-2013-1794
+CVE-2013-1794 (Buffer overflow in certain client utilities in OpenAFS before 1.6.2 al ...)
 	{DSA-2638-1}
 	- openafs 1.6.1-3
 CVE-2013-1793
 	RESERVED
 	NOT-FOR-US: openstack-utils
-CVE-2013-1792
+CVE-2013-1792 (Race condition in the install_user_keyrings function in security/keys/ ...)
 	{DSA-2668-1}
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
 CVE-2013-1791
 	RESERVED
-CVE-2013-1790
+CVE-2013-1790 (poppler/Stream.cc in poppler before 0.22.1 allows context-dependent at ...)
 	{DSA-2719-1}
 	- poppler 0.18.4-6 (low; bug #702071)
-CVE-2013-1789
+CVE-2013-1789 (splash/Splash.cc in poppler before 0.22.1 allows context-dependent att ...)
 	- poppler <not-affected> (vulnerable code introduced in a later version)
-CVE-2013-1788
+CVE-2013-1788 (poppler before 0.22.1 allows context-dependent attackers to cause a de ...)
 	{DSA-2719-1}
 	- poppler 0.18.4-6 (low; bug #702071)
-CVE-2013-1787
+CVE-2013-1787 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-1786
+CVE-2013-1786 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-1785
+CVE-2013-1785 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-1784
+CVE-2013-1784 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-1783
+CVE-2013-1783 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in pag ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-1782
+CVE-2013-1782 (Cross-site scripting (XSS) vulnerability in the Responsive Blog Theme  ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-1781
+CVE-2013-1781 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-1780
+CVE-2013-1780 (Cross-site scripting (XSS) vulnerability in the Best Responsive Theme  ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-1779
+CVE-2013-1779 (Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-1778
+CVE-2013-1778 (Cross-site scripting (XSS) vulnerability in the Creative Theme 7.x-1.x ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-1777
+CVE-2013-1777 (The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as ...)
 	NOT-FOR-US: JMX componenent of Apache Geronimo is not packaged
-CVE-2013-1776
+CVE-2013-1776 (sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_ticket ...)
 	{DSA-2642-1}
 	- sudo 1.8.5p2-1+nmu1 (bug #701839)
-CVE-2013-1775
+CVE-2013-1775 (sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows loca ...)
 	{DSA-2642-1}
 	- sudo 1.8.5p2-1+nmu1 (bug #701838)
 	NOTE: severity depends a lot on the environment
-CVE-2013-1774
+CVE-2013-1774 (The chase_port function in drivers/usb/serial/io_ti.c in the Linux ker ...)
 	{DSA-2668-1}
 	- linux 3.2.38-1
 	- linux-2.6 <removed>
-CVE-2013-1773
+CVE-2013-1773 (Buffer overflow in the VFAT filesystem implementation in the Linux ker ...)
 	{DSA-2668-1}
 	- linux 3.2.15-1
 	- linux-2.6 <removed>
 	NOTE: Probably gone since 3.2.15-1, but I checked 3.2.41-2
-CVE-2013-1772
+CVE-2013-1772 (The log_prefix function in kernel/printk.c in the Linux kernel 3.x bef ...)
 	- linux 3.2.39-1
 	- linux-2.6 <not-affected> (Vulnerability exposed since 3.0)
 CVE-2013-1771 [monkey: world-readable logdir]
@@ -15260,48 +15260,48 @@ CVE-2013-1771 [monkey: world-readable logdir]
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/02/24/5
-CVE-2013-1770
+CVE-2013-1770 (Cross-site scripting (XSS) vulnerability in views_view.php in Ganglia  ...)
 	- ganglia 3.6.0-1 (low; bug #700158)
 	[squeeze] - ganglia <no-dsa> (Minor issue)
 	[wheezy] - ganglia <no-dsa> (Minor issue)
 	- ganglia-web 3.5.8-3 (bug #700159)
 	NOTE: starting with 3.6.0-1 the web front is no longer built from src:ganglia so marking this version as fixed
 	NOTE: Upstream non-verified fix https://github.com/ganglia/ganglia-web/commit/552965f33bf79d41ccbec3f1f26840c8bab54ad6
-CVE-2013-1769
+CVE-2013-1769 (A certain hashing algorithm in Telepathy Gabble 0.16.x before 0.16.5 a ...)
 	- telepathy-gabble 0.16.5-1 (low; bug #702252)
 	[squeeze] - telepathy-gabble <no-dsa> (Minor issue)
-CVE-2013-1768
+CVE-2013-1768 (The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and ...)
 	- openjpa 2.2.2-1 (bug #716937)
 	[squeeze] - openjpa <no-dsa> (Minor issue)
 	[wheezy] - openjpa <no-dsa> (Minor issue)
-CVE-2013-1767
+CVE-2013-1767 (Use-after-free vulnerability in the shmem_remount_fs function in mm/sh ...)
 	{DSA-2668-1}
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
-CVE-2013-1766
+CVE-2013-1766 (libvirt 1.0.2 and earlier sets the group owner to kvm for device files ...)
 	{DSA-2650-1}
 	- libvirt 0.9.12-8 (bug #701649)
-CVE-2013-1765
+CVE-2013-1765 (Multiple cross-site scripting (XSS) vulnerabilities in jwplayer.swf in ...)
 	NOT-FOR-US: WordPress plugin smart-flv
-CVE-2013-1764
+CVE-2013-1764 (The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local  ...)
 	- packagekit <not-affected> (Zypp backend specific to SuSE)
-CVE-2013-1763
+CVE-2013-1763 (Array index error in the __sock_diag_rcv_msg function in net/core/sock ...)
 	- linux <not-affected> (Introduced in 3.3)
 	NOTE: 3.6.9 and 3.7.8 in experimental are affected, 3.8 will be fixed.
-CVE-2013-1762
+CVE-2013-1762 (stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM  ...)
 	{DSA-2664-1}
 	- stunnel4 3:4.53-1.1 (bug #702267)
 CVE-2013-1761
 	RESERVED
 CVE-2013-1760
 	RESERVED
-CVE-2013-1759
+CVE-2013-1759 (Cross-site scripting (XSS) vulnerability in the Responsive Logo Slides ...)
 	NOT-FOR-US: WordPress plugin responsive-logo-slideshow
-CVE-2013-1758
+CVE-2013-1758 (Cross-site scripting (XSS) vulnerability in the Marekkis Watermark plu ...)
 	NOT-FOR-US: WordPress plugin marekkis-watermark
 CVE-2013-1757
 	RESERVED
-CVE-2013-1756
+CVE-2013-1756 (The Dragonfly gem 0.7 before 0.8.6 and 0.9.x before 0.9.13 for Ruby, w ...)
 	NOT-FOR-US: Dragonfly Ruby gem
 CVE-2013-1755
 	RESERVED
@@ -15348,13 +15348,13 @@ CVE-2013-1751
 	RESERVED
 	- twiki <removed>
 	NOTE: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2013-1751
-CVE-2013-1750
+CVE-2013-1750 (Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 ...)
 	NOT-FOR-US: RealPlayer
-CVE-2013-1749
+CVE-2013-1749 (Cross-site scripting (XSS) vulnerability in edit.php in PHP Address Bo ...)
 	NOT-FOR-US: PHP Address Book
-CVE-2013-1748
+CVE-2013-1748 (Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow ...)
 	NOT-FOR-US: PHP Address Book
-CVE-2013-1747
+CVE-2013-1747 (channel.c in ngIRCd 20 and 20.1 allows remote attackers to cause a den ...)
 	- ngircd <not-affected> (Vulnerable version was only in experimental, introduced in 20.1-1~exp1 and fixed in 20.2-1~exp1)
 CVE-2013-1746
 	RESERVED
@@ -15362,44 +15362,44 @@ CVE-2013-1745
 	RESERVED
 CVE-2013-1744
 	RESERVED
-CVE-2013-1743
+CVE-2013-1743 (Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in B ...)
 	- bugzilla <not-affected> (Only affects 4.1 to 4.4)
 	- bugzilla4 <itp> (bug #669643)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=924932
-CVE-2013-1742
+CVE-2013-1742 (Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.c ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=924802
-CVE-2013-1741
+CVE-2013-1741 (Integer overflow in Mozilla Network Security Services (NSS) 3.15 befor ...)
 	{DSA-2994-1 DLA-23-1}
 	- nss 2:3.15.3-1 (bug #735105)
 	[squeeze] - nss 3.12.8-1+squeeze8
 	NOTE: https://hg.mozilla.org/projects/nss/rev/612d7d1eb9e7
-CVE-2013-1740
+CVE-2013-1740 (The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Net ...)
 	- nss 2:3.15.4-1
 	[squeeze] - nss <no-dsa> (false start disabled by default, needs to be enabled by clients)
 	[wheezy] - nss <no-dsa> (false start disabled by default, needs to be enabled by clients)
 	NOTE: false start must be enabled by the client (mainly browsers)
-CVE-2013-1739
+CVE-2013-1739 (Mozilla Network Security Services (NSS) before 3.15.2 does not ensure  ...)
 	{DSA-2790-1}
 	- nss 2:3.15.2-1 (bug #726473)
 	[squeeze] - nss <not-affected> (Introduced in 3.14.3)
 	NOTE: https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.2_release_notes
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1012656
-CVE-2013-1738
+CVE-2013-1738 (Use-after-free vulnerability in the JS_GetGlobalForScopeChain function ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1737
+CVE-2013-1737 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbi ...)
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 17.0.9-1
 	[squeeze] - icedove <end-of-life>
-CVE-2013-1736
+CVE-2013-1736 (The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24 ...)
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15408,7 +15408,7 @@ CVE-2013-1736
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1735
+CVE-2013-1735 (Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity ...)
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15417,16 +15417,16 @@ CVE-2013-1735
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1734
+CVE-2013-1734 (Cross-site request forgery (CSRF) vulnerability in attachment.cgi in B ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=913904
-CVE-2013-1733
+CVE-2013-1733 (Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in  ...)
 	- bugzilla <not-affected> (Only affects 4.4)
 	- bugzilla4 <itp> (bug #669643)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=911593
-CVE-2013-1732
+CVE-2013-1732 (Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla ...)
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15435,11 +15435,11 @@ CVE-2013-1732
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1731
+CVE-2013-1731 (Untrusted search path vulnerability in the GL tracing functionality in ...)
 	- iceweasel <not-affected> (Android-specific)
 	- icedove <not-affected> (Android-specific)
 	- iceape <not-affected> (Android-specific)
-CVE-2013-1730
+CVE-2013-1730 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbi ...)
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15448,25 +15448,25 @@ CVE-2013-1730
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1729
+CVE-2013-1729 (The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA g ...)
 	- iceweasel <not-affected> (MacOS-specific)
 	- icedove <not-affected> (MacOS-specific)
 	- iceape <not-affected> (MacOS-specific)
-CVE-2013-1728
+CVE-2013-1728 (The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunde ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1727
+CVE-2013-1727 (Mozilla Firefox before 24.0 on Android allows attackers to bypass the  ...)
 	- iceweasel <not-affected> (Android-specific)
 	- icedove <not-affected> (Android-specific)
 	- iceape <not-affected> (Android-specific)
-CVE-2013-1726
+CVE-2013-1726 (Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x befor ...)
 	- iceweasel <not-affected> (Updater not used in Debian)
 	- icedove <not-affected> (Updater not used in Debian)
 	- iceape <not-affected> (Updater not used in Debian)
-CVE-2013-1725
+CVE-2013-1725 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbi ...)
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15475,19 +15475,19 @@ CVE-2013-1725
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1724
+CVE-2013-1724 (Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsD ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1723
+CVE-2013-1723 (The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird befor ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1722
+CVE-2013-1722 (Use-after-free vulnerability in the nsAnimationManager::BuildAnimation ...)
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15496,24 +15496,24 @@ CVE-2013-1722
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1721
+CVE-2013-1721 (Integer overflow in the drawLineLoop function in the libGLESv2 library ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1720
+CVE-2013-1720 (The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tr ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1719
+CVE-2013-1719 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1718
+CVE-2013-1718 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15522,7 +15522,7 @@ CVE-2013-1718
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1717
+CVE-2013-1717 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbi ...)
 	{DSA-2746-1 DSA-2735-1}
 	- iceweasel 17.0.8esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15533,9 +15533,9 @@ CVE-2013-1717
 	[wheezy] - iceape <end-of-life>
 CVE-2013-1716
 	RESERVED
-CVE-2013-1715
+CVE-2013-1715 (Multiple untrusted search path vulnerabilities in the (1) full install ...)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2013-1714
+CVE-2013-1714 (The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ...)
 	{DSA-2746-1 DSA-2735-1}
 	- iceweasel 17.0.8esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15544,7 +15544,7 @@ CVE-2013-1714
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1713
+CVE-2013-1713 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbi ...)
 	{DSA-2746-1 DSA-2735-1}
 	- iceweasel 17.0.8esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15553,14 +15553,14 @@ CVE-2013-1713
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1712
+CVE-2013-1712 (Multiple untrusted search path vulnerabilities in updater.exe in Mozil ...)
 	- iceweasel <not-affected> (Windows-specific)
 	- icedove <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
-CVE-2013-1711
+CVE-2013-1711 (The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaM ...)
 	- iceweasel <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1710
+CVE-2013-1710 (The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0 ...)
 	{DSA-2746-1 DSA-2735-1}
 	- iceweasel 17.0.8esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15569,7 +15569,7 @@ CVE-2013-1710
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1709
+CVE-2013-1709 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbi ...)
 	{DSA-2746-1 DSA-2735-1}
 	- iceweasel 17.0.8esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15578,32 +15578,32 @@ CVE-2013-1709
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1708
+CVE-2013-1708 (Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote att ...)
 	- iceweasel <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1707
+CVE-2013-1707 (Stack-based buffer overflow in Mozilla Updater in Mozilla Firefox befo ...)
 	- iceweasel <not-affected> (Windows-specific)
 	- icedove <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
-CVE-2013-1706
+CVE-2013-1706 (Stack-based buffer overflow in maintenanceservice.exe in the Mozilla M ...)
 	- iceweasel <not-affected> (Windows-specific)
 	- icedove <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
-CVE-2013-1705
+CVE-2013-1705 (Heap-based buffer underflow in the cryptojs_interpret_key_gen_type fun ...)
 	- iceweasel 23.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1704
+CVE-2013-1704 (Use-after-free vulnerability in the nsINode::GetParentNode function in ...)
 	- iceweasel <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
 CVE-2013-1703
 	RESERVED
-CVE-2013-1702
+CVE-2013-1702 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox > 17)
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1701
+CVE-2013-1701 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2746-1 DSA-2735-1}
 	- iceweasel 17.0.8esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15612,13 +15612,13 @@ CVE-2013-1701
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1700
+CVE-2013-1700 (The Mozilla Maintenance Service in Mozilla Firefox before 22.0 on Wind ...)
 	- iceweasel <not-affected> (Only affects Firefox > 17)
-CVE-2013-1699
+CVE-2013-1699 (The Internationalized Domain Name (IDN) display algorithm in Mozilla F ...)
 	- iceweasel <not-affected> (Only affects Firefox > 17)
-CVE-2013-1698
+CVE-2013-1698 (The getUserMedia permission implementation in Mozilla Firefox before 2 ...)
 	- iceweasel <not-affected> (Only affects Firefox > 17)
-CVE-2013-1697
+CVE-2013-1697 (The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ...)
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15627,11 +15627,11 @@ CVE-2013-1697
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1696
+CVE-2013-1696 (Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Opti ...)
 	- iceweasel <not-affected> (Only affects Firefox > 17)
-CVE-2013-1695
+CVE-2013-1695 (Mozilla Firefox before 22.0 does not properly implement certain DocShe ...)
 	- iceweasel <not-affected> (Only affects Firefox > 17)
-CVE-2013-1694
+CVE-2013-1694 (The PreserveWrapper implementation in Mozilla Firefox before 22.0, Fir ...)
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15640,7 +15640,7 @@ CVE-2013-1694
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1693
+CVE-2013-1693 (The SVG filter implementation in Mozilla Firefox before 22.0, Firefox  ...)
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15649,7 +15649,7 @@ CVE-2013-1693
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1692
+CVE-2013-1692 (Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbi ...)
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15660,7 +15660,7 @@ CVE-2013-1692
 	[wheezy] - iceape <end-of-life>
 CVE-2013-1691
 	RESERVED
-CVE-2013-1690
+CVE-2013-1690 (Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbi ...)
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15672,9 +15672,9 @@ CVE-2013-1690
 CVE-2013-1689
 	RESERVED
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1688
+CVE-2013-1688 (The Profiler implementation in Mozilla Firefox before 22.0 parses untr ...)
 	- iceweasel <not-affected> (Only affects Firefox > 17)
-CVE-2013-1687
+CVE-2013-1687 (The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implemen ...)
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15683,7 +15683,7 @@ CVE-2013-1687
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1686
+CVE-2013-1686 (Use-after-free vulnerability in the mozilla::ResetDir function in Mozi ...)
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15692,7 +15692,7 @@ CVE-2013-1686
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1685
+CVE-2013-1685 (Use-after-free vulnerability in the nsIDocument::GetRootElement functi ...)
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15701,7 +15701,7 @@ CVE-2013-1685
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1684
+CVE-2013-1684 (Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::Lo ...)
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15710,11 +15710,11 @@ CVE-2013-1684
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1683
+CVE-2013-1683 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox 21)
 	- icedove <not-affected> (Only affects Firefox 21)
 	- iceape <not-affected> (Only affects Firefox 21)
-CVE-2013-1682
+CVE-2013-1682 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2720-1 DSA-2716-1}
 	- iceweasel 17.0.7esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15723,7 +15723,7 @@ CVE-2013-1682
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1681
+CVE-2013-1681 (Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocke ...)
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15732,7 +15732,7 @@ CVE-2013-1681
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1680
+CVE-2013-1680 (Use-after-free vulnerability in the nsFrameList::FirstChild function i ...)
 	{DSA-2720-1 DSA-2699-1}
 	[squeeze] - iceweasel <end-of-life>
 	- iceweasel 17.0.6esr-1
@@ -15741,7 +15741,7 @@ CVE-2013-1680
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1679
+CVE-2013-1679 (Use-after-free vulnerability in the mozilla::plugins::child::_geturlno ...)
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15750,7 +15750,7 @@ CVE-2013-1679
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1678
+CVE-2013-1678 (The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before 2 ...)
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15759,7 +15759,7 @@ CVE-2013-1678
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1677
+CVE-2013-1677 (The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox befor ...)
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15768,7 +15768,7 @@ CVE-2013-1677
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1676
+CVE-2013-1676 (The SelectionIterator::GetNextSegment function in Mozilla Firefox befo ...)
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15777,7 +15777,7 @@ CVE-2013-1676
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1675
+CVE-2013-1675 (Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbi ...)
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15786,7 +15786,7 @@ CVE-2013-1675
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1674
+CVE-2013-1674 (Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox E ...)
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15795,15 +15795,15 @@ CVE-2013-1674
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1673
+CVE-2013-1673 (The Mozilla Updater in Mozilla Firefox before 21.0 on Windows does not ...)
 	- iceweasel <not-affected> (Windows build only)
-CVE-2013-1672
+CVE-2013-1672 (The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefo ...)
 	- iceweasel <not-affected> (Windows build only)
 	- icedove <not-affected> (Windows build only)
 	- iceape <not-affected> (Windows build only)
-CVE-2013-1671
+CVE-2013-1671 (Mozilla Firefox before 21.0 does not properly implement the INPUT elem ...)
 	- iceweasel <not-affected> (Doesn't affect ESR 17 series, only later versions in experimental)
-CVE-2013-1670
+CVE-2013-1670 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox befo ...)
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -15812,108 +15812,108 @@ CVE-2013-1670
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-1669
+CVE-2013-1669 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox 20)
 	- icedove <not-affected> (Only affects Firefox 20)
 	- iceape <not-affected> (Only affects Firefox 20)
-CVE-2013-1668
+CVE-2013-1668 (The uploadFile function in upload/index.php in CosCMS before 1.822 all ...)
 	NOT-FOR-US: CosCMS
-CVE-2013-1667
+CVE-2013-1667 (The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-depen ...)
 	{DSA-2641-1}
 	- perl 5.14.2-19 (bug #702296)
 	NOTE: http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html
 CVE-2013-1666
 	RESERVED
 	- foswiki <itp> (bug #509864)
-CVE-2013-1665
+CVE-2013-1665 (The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used ...)
 	{DSA-2634-1}
 	- keystone 2012.1.1-13 (bug #700948)
 	- python-django 1.4.4-1
-CVE-2013-1664
+CVE-2013-1664 (The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used ...)
 	- keystone 2012.1.1-13 (bug #700948)
 	- nova 2012.1.1-13 (bug #700949)
 	- cinder 2012.2.3-1 (bug #700950)
 CVE-2013-1663
 	RESERVED
-CVE-2013-1662
+CVE-2013-1662 (vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x a ...)
 	NOT-FOR-US: VMware
-CVE-2013-1661
+CVE-2013-1661 (VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly im ...)
 	NOT-FOR-US: VMware ESXi
 CVE-2013-1660
 	REJECTED
-CVE-2013-1659
+CVE-2013-1659 (VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5 ...)
 	NOT-FOR-US: vCenter
 CVE-2013-1658
 	RESERVED
 CVE-2013-1657
 	RESERVED
-CVE-2013-1656
+CVE-2013-1656 (Spree Commerce 1.0.x through 1.3.2 allows remote authenticated adminis ...)
 	NOT-FOR-US: Spree
-CVE-2013-1655
+CVE-2013-1655 (Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1 ...)
 	{DSA-2643-1}
 	- puppet 2.7.18-3
-CVE-2013-1654
+CVE-2013-1654 (Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterpri ...)
 	{DSA-2643-1}
 	- puppet 2.7.18-3
-CVE-2013-1653
+CVE-2013-1653 (Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and ...)
 	{DSA-2643-1}
 	- puppet 2.7.18-3
-CVE-2013-1652
+CVE-2013-1652 (Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and ...)
 	{DSA-2643-1}
 	- puppet 2.7.18-3
-CVE-2013-1651
+CVE-2013-1651 (OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before re ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-1650
+CVE-2013-1650 (Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-1649
+CVE-2013-1649 (Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-1648
+CVE-2013-1648 (The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14,  ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-1647
+CVE-2013-1647 (Multiple CRLF injection vulnerabilities in Open-Xchange Server before  ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-1646
+CVE-2013-1646 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Se ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2013-1645
+CVE-2013-1645 (Directory traversal vulnerability in Open-Xchange Server before 6.20.7 ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2013-1644
 	RESERVED
-CVE-2013-1643
+CVE-2013-1643 (The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows re ...)
 	{DSA-2639-1}
 	- php5 5.4.4-14 (bug #702221)
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=c737b89473df9dba6742b8fc8fbf6d009bf05c36
 CVE-2013-1642
 	RESERVED
-CVE-2013-1641
+CVE-2013-1641 (Directory traversal vulnerability in the zip download functionality in ...)
 	NOT-FOR-US: QuiXplorer
-CVE-2013-1640
+CVE-2013-1640 (The (1) template and (2) inline_template functions in the master serve ...)
 	{DSA-2643-1}
 	- puppet 2.7.18-3
-CVE-2013-1639
+CVE-2013-1639 (Opera before 12.13 does not send CORS preflight requests in all requir ...)
 	NOT-FOR-US: Opera
-CVE-2013-1638
+CVE-2013-1638 (Opera before 12.13 allows remote attackers to execute arbitrary code v ...)
 	NOT-FOR-US: Opera
-CVE-2013-1637
+CVE-2013-1637 (Opera before 12.13 allows remote attackers to execute arbitrary code v ...)
 	NOT-FOR-US: Opera
-CVE-2013-1636
+CVE-2013-1636 (Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Op ...)
 	- biomaj-watcher 1.2.2-1 (low; bug #742859)
 	[wheezy] - biomaj-watcher <no-dsa> (Minor issue)
-CVE-2013-1635
+CVE-2013-1635 (ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not  ...)
 	{DSA-2639-1}
 	- php5 5.4.4-14 (unimportant; bug #702221)
 	NOTE: open_basedir not supported
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=702b436ef470cc02f8e2cc21f2fadeee42103c74
 CVE-2013-1634
 	RESERVED
-CVE-2013-1633
+CVE-2013-1633 (easy_install in setuptools before 0.7 uses HTTP to retrieve packages f ...)
 	- distribute <unfixed> (unimportant)
 	NOTE: Lack of a security feature, not a vulnerability
 CVE-2013-1632
 	RESERVED
 CVE-2013-1631
 	RESERVED
-CVE-2013-1630
+CVE-2013-1630 (pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repos ...)
 	NOT-FOR-US: pyshop
-CVE-2013-1629
+CVE-2013-1629 (pip before 1.3 uses HTTP to retrieve packages from the PyPI repository ...)
 	- python-pip 1.3.1-1 (low; bug #710163)
 	[wheezy] - python-pip <no-dsa> (Minor issue)
 	[squeeze] - python-pip <no-dsa> (Minor issue)
@@ -15922,17 +15922,17 @@ CVE-2013-1629
 	[squeeze] - python-virtualenv <no-dsa> (Minor issue)
 CVE-2013-1628
 	REJECTED
-CVE-2013-1627
+CVE-2013-1627 (Absolute path traversal vulnerability in NTWebServer.exe in Indusoft S ...)
 	NOT-FOR-US: Indusoft Studio, Advantech Studio
 CVE-2013-1626
 	RESERVED
 CVE-2013-1625
 	RESERVED
-CVE-2013-1624
+CVE-2013-1624 (The TLS implementation in the Bouncy Castle Java library before 1.48 a ...)
 	- bouncycastle 1.48+dfsg-2 (low; bug #699885)
 	[squeeze] - bouncycastle <no-dsa> (Minor issue)
 	[wheezy] - bouncycastle <no-dsa> (Minor issue)
-CVE-2013-1623
+CVE-2013-1623 (The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 do not ...)
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.30+dfsg-1.1 (bug #699886)
@@ -15940,45 +15940,45 @@ CVE-2013-1623
 	NOTE: cyassl: fixed upstream in 2.5.0
 CVE-2013-1622
 	REJECTED
-CVE-2013-1621
+CVE-2013-1621 (Array index error in the SSL module in PolarSSL before 1.2.5 might all ...)
 	{DSA-2622-1}
 	- polarssl 1.1.4-2 (bug #699887)
-CVE-2013-1620
+CVE-2013-1620 (The TLS implementation in Mozilla Network Security Services (NSS) does ...)
 	- nss 2:3.14.3-1 (low; bug #699888)
 	[squeeze] - nss <no-dsa> (Minor issue)
-CVE-2013-1619
+CVE-2013-1619 (The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28,  ...)
 	- gnutls26 2.12.20-4
 	[squeeze] - gnutls26 <no-dsa> (Too intrusive to backport)
 	- gnutls28 3.0.22-3
-CVE-2013-1618
+CVE-2013-1618 (The TLS implementation in Opera before 12.13 does not properly conside ...)
 	NOT-FOR-US: Opera
-CVE-2013-1617
+CVE-2013-1617 (Multiple SQL injection vulnerabilities in the management console on th ...)
 	NOT-FOR-US: Symantec
-CVE-2013-1616
+CVE-2013-1616 (The management console on the Symantec Web Gateway (SWG) appliance bef ...)
 	NOT-FOR-US: Symantec
-CVE-2013-1615
+CVE-2013-1615 (The management console (aka Java console) on the Symantec Security Inf ...)
 	NOT-FOR-US: Symantec
-CVE-2013-1614
+CVE-2013-1614 (Multiple cross-site scripting (XSS) vulnerabilities in the management  ...)
 	NOT-FOR-US: Symantec
-CVE-2013-1613
+CVE-2013-1613 (SQL injection vulnerability in the management console (aka Java consol ...)
 	NOT-FOR-US: Symantec
-CVE-2013-1612
+CVE-2013-1612 (Buffer overflow in secars.dll in the management console in Symantec En ...)
 	NOT-FOR-US: Symantec
-CVE-2013-1611
+CVE-2013-1611 (Multiple cross-site scripting (XSS) vulnerabilities in administrative- ...)
 	NOT-FOR-US: Symantec Brightmail Gateway
-CVE-2013-1610
+CVE-2013-1610 (Unquoted Windows search path vulnerability in RDDService in Symantec P ...)
 	NOT-FOR-US: Symantec
-CVE-2013-1609
+CVE-2013-1609 (Multiple unquoted Windows search path vulnerabilities in the (1) File  ...)
 	NOT-FOR-US: Symantec
-CVE-2013-1608
+CVE-2013-1608 (Directory traversal vulnerability in the Management Console on the Sym ...)
 	NOT-FOR-US: Symantec
 CVE-2013-1607
 	RESERVED
-CVE-2013-1606
+CVE-2013-1606 (Buffer overflow in the ubnt-streamer RTSP service on the Ubiquiti UBNT ...)
 	NOT-FOR-US: Ubiquiti UBNT AirCam
-CVE-2013-1605
+CVE-2013-1605 (Buffer overflow in MayGion IP Cameras with firmware before 2013.04.22  ...)
 	NOT-FOR-US: MayGion IP Cameras
-CVE-2013-1604
+CVE-2013-1604 (Directory traversal vulnerability in MayGion IP Cameras with firmware  ...)
 	NOT-FOR-US: MayGion IP Cameras
 CVE-2013-1603
 	RESERVED
@@ -16004,425 +16004,425 @@ CVE-2013-1593
 	RESERVED
 CVE-2013-1592
 	RESERVED
-CVE-2013-1591
+CVE-2013-1591 (Stack-based buffer overflow in libpixman, as used in Pale Moon before  ...)
 	- pixman 0.26.0-4 (bug #700308)
 	[squeeze] - pixman <not-affected> (Vulnerable code not present)
-CVE-2013-1590
+CVE-2013-1590 (Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6 ...)
 	{DSA-2625-1}
 	- wireshark 1.8.6-1
 	[wheezy] - wireshark 1.8.2-5wheezy1
-CVE-2013-1589
+CVE-2013-1589 (Double free vulnerability in epan/proto.c in the dissection engine in  ...)
 	- wireshark 1.8.6-1 (unimportant)
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Not suitable for code injection
-CVE-2013-1588
+CVE-2013-1588 (Multiple buffer overflows in the dissect_pft_fec_detailed function in  ...)
 	{DSA-2625-1}
 	- wireshark 1.8.6-1
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8213
 	NOTE: Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47098
-CVE-2013-1587
+CVE-2013-1587 (The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c i ...)
 	- wireshark 1.8.6-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7679
 	NOTE: Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=44700
-CVE-2013-1586
+CVE-2013-1586 (The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1. ...)
 	{DSA-2625-1}
 	- wireshark 1.8.6-1
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8111
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46999
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47000
-CVE-2013-1585
+CVE-2013-1585 (epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5  ...)
 	- wireshark 1.8.6-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8112
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46705
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46678
-CVE-2013-1584
+CVE-2013-1584 (The dissect_version_5_and_6_primary_header function in epan/dissectors ...)
 	- wireshark 1.8.6-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46579
-CVE-2013-1583
+CVE-2013-1583 (The dissect_version_4_primary_header function in epan/dissectors/packe ...)
 	- wireshark 1.8.6-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46577
-CVE-2013-1582
+CVE-2013-1582 (The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP ...)
 	{DSA-2625-1}
 	- wireshark 1.8.6-1
 	[wheezy] - wireshark 1.8.2-5wheezy1
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7871
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=45646
-CVE-2013-1571
+CVE-2013-1571 (Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-1570
+CVE-2013-1570 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows re ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
-CVE-2013-1569
+CVE-2013-1569 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-3187-1 DLA-219-1}
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
 	- icu 52.1-1
-CVE-2013-1568
+CVE-2013-1568 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1567
+CVE-2013-1567 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows re ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
-CVE-2013-1566
+CVE-2013-1566 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows re ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
-CVE-2013-1565
+CVE-2013-1565 (Unspecified vulnerability in the Oracle GoldenGate Veridata component  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1564
+CVE-2013-1564 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1563
+CVE-2013-1563 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
 	- openjdk-7 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
-CVE-2013-1562
+CVE-2013-1562 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services
-CVE-2013-1561
+CVE-2013-1561 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1560
+CVE-2013-1560 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services
-CVE-2013-1559
+CVE-2013-1559 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1558
+CVE-2013-1558 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-1557
+CVE-2013-1557 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-1556
+CVE-2013-1556 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1555
+CVE-2013-1555 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5. ...)
 	{DSA-2780-1}
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1554
+CVE-2013-1554 (Unspecified vulnerability in the Network Layer component in Oracle Dat ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-1553
+CVE-2013-1553 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1552
+CVE-2013-1552 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.2 ...)
 	{DSA-2780-1}
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1551
+CVE-2013-1551 (Unspecified vulnerability in the Siebel Enterprise Application Integra ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-1550
+CVE-2013-1550 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-1549
+CVE-2013-1549 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1548
+CVE-2013-1548 (Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows re ...)
 	{DSA-2780-1}
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.1)
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1547
+CVE-2013-1547 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1546
+CVE-2013-1546 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1545
+CVE-2013-1545 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1544
+CVE-2013-1544 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 a ...)
 	{DSA-2780-1 DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1543
+CVE-2013-1543 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-1542
+CVE-2013-1542 (Unspecified vulnerability in the Oracle Containers for J2EE component  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1541
+CVE-2013-1541 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Finacial Services
-CVE-2013-1540
+CVE-2013-1540 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-1539
+CVE-2013-1539 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services
-CVE-2013-1538
+CVE-2013-1538 (Unspecified vulnerability in the Network Layer component in Oracle Dat ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-1537
+CVE-2013-1537 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-1536
+CVE-2013-1536 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products
-CVE-2013-1535
+CVE-2013-1535 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1534
+CVE-2013-1534 (Unspecified vulnerability in the Workload Manager component in Oracle  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-1533
+CVE-2013-1533 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle financial Services Software
-CVE-2013-1532
+CVE-2013-1532 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 a ...)
 	{DSA-2780-1 DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1531
+CVE-2013-1531 (Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.2 ...)
 	{DSA-2780-1}
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1530
+CVE-2013-1530 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-1529
+CVE-2013-1529 (Unspecified vulnerability in the Oracle WebCenter Interaction componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1528
+CVE-2013-1528 (Unspecified vulnerability in the Oracle HRMS component in Oracle E-Bus ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-1527
+CVE-2013-1527 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-1526
+CVE-2013-1526 (Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows re ...)
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1525
+CVE-2013-1525 (Unspecified vulnerability in the Oracle Retail Integration Bus compone ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-1524
+CVE-2013-1524 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-1523
+CVE-2013-1523 (Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.1 ...)
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 and 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1522
+CVE-2013-1522 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1521
+CVE-2013-1521 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.2 ...)
 	{DSA-2780-1}
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1520
+CVE-2013-1520 (Unspecified vulnerability in the Oracle Clinical Remote Data Capture O ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2013-1519
+CVE-2013-1519 (Unspecified vulnerability in the Application Express component in Orac ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2013-1518
+CVE-2013-1518 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-1517
+CVE-2013-1517 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-1516
+CVE-2013-1516 (Unspecified vulnerability in the Oracle WebCenter Capture component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1515
+CVE-2013-1515 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Only affects 3.x)
-CVE-2013-1514
+CVE-2013-1514 (Unspecified vulnerability in the Oracle Containers for J2EE component  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2013-1513
+CVE-2013-1513 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-1512
+CVE-2013-1512 (Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows re ...)
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1511
+CVE-2013-1511 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.1 ...)
 	{DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 and 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1510
+CVE-2013-1510 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2013-1509
+CVE-2013-1509 (Unspecified vulnerability in the Oracle WebCenter Sites component in O ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2013-1508
+CVE-2013-1508 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Only affects 3.x)
-CVE-2013-1507
+CVE-2013-1507 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Solaris
-CVE-2013-1506
+CVE-2013-1506 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 a ...)
 	{DSA-2780-1}
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1505
+CVE-2013-1505 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2013-1504
+CVE-2013-1504 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2013-1503
+CVE-2013-1503 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2013-1502
+CVE-2013-1502 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 ...)
 	{DSA-2667-1}
 	- mysql-5.5 5.5.31+dfsg-1
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 and 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mariadb-5.5 <not-affected> (Fixed before initial upload)
-CVE-2013-1501
+CVE-2013-1501 (Unspecified vulnerability in the Oracle iStore component in Oracle E-B ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2013-1500
+CVE-2013-1500 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	{DSA-2727-1 DSA-2722-1}
 	- openjdk-6 6b27-1.12.6-1
 	- openjdk-7 7u25-2.3.10-1
-CVE-2013-1499
+CVE-2013-1499 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Solaris
-CVE-2013-1498
+CVE-2013-1498 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Solaris
-CVE-2013-1497
+CVE-2013-1497 (Unspecified vulnerability in the Oracle COREid Access component in Ora ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2013-1496
+CVE-2013-1496 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Solaris
-CVE-2013-1495
+CVE-2013-1495 (asr in Oracle Auto Service Request in Oracle Support Tools before 4.3. ...)
 	NOT-FOR-US: Oracle Auto Service Request
-CVE-2013-1494
+CVE-2013-1494 (Unspecified vulnerability in Oracle Sun Solaris 10, when running on SP ...)
 	NOT-FOR-US: Solaris
-CVE-2013-1493
+CVE-2013-1493 (The color management (CMM) functionality in the 2D component in Oracle ...)
 	- openjdk-6 6b27-1.12.4-1
 	- openjdk-7 7u3-2.1.7-1
-CVE-2013-1492
+CVE-2013-1492 (Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5 ...)
 	{DSA-2780-1}
 	- mysql-5.1 <removed> (bug #712059)
 	- mysql-5.5 5.5.30+dfsg-1
 	- cyassl <not-affected> (Fixed before initial upload to archive)
 	NOTE: https://blogs.oracle.com/sunsecurity/entry/cve_2013_1492_buffer_overflow
-CVE-2013-1491
+CVE-2013-1491 (The Java Runtime Environment (JRE) component in Oracle Java SE 7 Updat ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-1490
+CVE-2013-1490 (Unspecified vulnerability in Oracle Java SE 7 Update 11 (JRE 1.7.0_11- ...)
 	- openjdk-6 <not-affected> (Not exploitable in OpenJDK6)
 	- openjdk-7 <not-affected> (Icedtea 2.3 not affected)
-CVE-2013-1489
+CVE-2013-1489 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-1488
+CVE-2013-1488 (The Java Runtime Environment (JRE) component in Oracle Java SE 7 Updat ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 <not-affected> (Only affects Java7)
-CVE-2013-1487
+CVE-2013-1487 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-1486
+CVE-2013-1486 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.6-1
 	- openjdk-6 6b27-1.12.3-1
-CVE-2013-1485
+CVE-2013-1485 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.6-1
 	- openjdk-6 <not-affected> (Only affects Java7)
-CVE-2013-1484
+CVE-2013-1484 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-7 7u3-2.1.6-1
 	- openjdk-6 <not-affected> (Only affects Java7)
-CVE-2013-1483
+CVE-2013-1483 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1482
+CVE-2013-1482 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1481
+CVE-2013-1481 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Icedtea uses a different sound implementation than Oracle Java)
 	- openjdk-7 <not-affected> (Icedtea uses a different sound implementation than Oracle Java)
-CVE-2013-1480
+CVE-2013-1480 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-1479
+CVE-2013-1479 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1478
+CVE-2013-1478 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-1477
+CVE-2013-1477 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1476
+CVE-2013-1476 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-1475
+CVE-2013-1475 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-1474
+CVE-2013-1474 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1473
+CVE-2013-1473 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-1472
+CVE-2013-1472 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-1471
+CVE-2013-1471 (Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.h ...)
 	NOT-FOR-US: Fortinet FortiMail
-CVE-2013-1581
+CVE-2013-1581 (The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-et ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1580
+CVE-2013-1580 (The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c  ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1579
+CVE-2013-1579 (The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in  ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1578
+CVE-2013-1578 (The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1577
+CVE-2013-1577 (The dissect_sip_p_charging_func_addresses function in epan/dissectors/ ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1576
+CVE-2013-1576 (The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1575
+CVE-2013-1575 (The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-a ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1574
+CVE-2013-1574 (The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1573
+CVE-2013-1573 (The csnStreamDissector function in epan/dissectors/packet-csn1.c in th ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1572
+CVE-2013-1572 (The dissect_oampdu_event_notification function in epan/dissectors/pack ...)
 	{DLA-497-1}
 	- wireshark 1.8.6-1 (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1470
+CVE-2013-1470 (Cross-site scripting (XSS) vulnerability in calendar/index.php in the  ...)
 	NOTE: There was a RFP long time ago, bug #203818
 	NOTE: https://www.htbridge.com/advisory/HTB23143
 	NOT-FOR-US: Geeklog
-CVE-2013-1469
+CVE-2013-1469 (Directory traversal vulnerability in install.php in Piwigo before 2.4. ...)
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
 	NOTE: https://www.htbridge.com/advisory/HTB23144
-CVE-2013-1468
+CVE-2013-1468 (Cross-site request forgery (CSRF) vulnerability in the LocalFiles Edit ...)
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
 	NOTE: https://www.htbridge.com/advisory/HTB23144
 CVE-2013-1467
 	RESERVED
-CVE-2013-1466
+CVE-2013-1466 (Multiple cross-site scripting (XSS) vulnerabilities in glFusion before ...)
 	NOT-FOR-US: glFusion
-CVE-2013-1465
+CVE-2013-1465 (The Cubecart::_basket method in classes/cubecart.class.php in CubeCart ...)
 	NOT-FOR-US: CubeCart
-CVE-2013-1464
+CVE-2013-1464 (Cross-site scripting (XSS) vulnerability in assets/player.swf in the A ...)
 	{DSA-2772-1}
 	- typo3-src 4.5.29+dfsg1-1
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2013-1463
+CVE-2013-1463 (Cross-site scripting (XSS) vulnerability in js/tabletools/zeroclipboar ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2013-1462
+CVE-2013-1462 (Integer signedness error in the ExecuteSoapAction function in the SOAP ...)
 	- miniupnpd <not-affected> (Fixed before initial upload to archive)
-CVE-2013-1461
+CVE-2013-1461 (The ExecuteSoapAction function in the SOAPAction handler in the HTTP s ...)
 	- miniupnpd <not-affected> (Fixed before initial upload to archive)
 CVE-2013-1460
 	RESERVED
@@ -16434,51 +16434,51 @@ CVE-2013-1457
 	RESERVED
 CVE-2013-1456
 	RESERVED
-CVE-2013-1455
+CVE-2013-1455 (Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive infor ...)
 	NOT-FOR-US: Joomla!
-CVE-2013-1454
+CVE-2013-1454 (Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive infor ...)
 	NOT-FOR-US: Joomla!
-CVE-2013-1453
+CVE-2013-1453 (plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2  ...)
 	NOT-FOR-US: Joomla!
 CVE-2013-1452
 	RESERVED
 CVE-2013-4696
 	REJECTED
-CVE-2013-1451
+CVE-2013-1451 (Microsoft Internet Explorer 8 and 9, when the Proxy Settings configura ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1450
+CVE-2013-1450 (Microsoft Internet Explorer 8 and 9, when the Proxy Settings configura ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-1449
 	RESERVED
 CVE-2013-1448
 	RESERVED
-CVE-2013-1447
+CVE-2013-1447 (OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of  ...)
 	{DSA-2808-1}
 	- openjpeg 1.3+dfsg-4.7 (bug #731237)
 CVE-2013-1446
 	RESERVED
-CVE-2013-1445
+CVE-2013-1445 (The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not pr ...)
 	{DSA-2781-1}
 	- python-crypto 2.6.1-1
-CVE-2013-1444
+CVE-2013-1444 (A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2,  ...)
 	- txt2man 1.5.5-4.1 (bug #724614)
 	[wheezy] - txt2man <no-dsa> (Minor issue)
 	[squeeze] - txt2man <no-dsa> (Minor issue)
-CVE-2013-1443
+CVE-2013-1443 (The authentication framework (django.contrib.auth) in Django 1.4.x bef ...)
 	{DSA-2758-1}
 	- python-django 1.5.4-1 (bug #723043)
-CVE-2013-1442
+CVE-2013-1442 (Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not pr ...)
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: advisory say: In Xen 4.0.2 through 4.0.4 as well as in Xen 4.1.x XSAVE support is disabled by default
-CVE-2013-1441
+CVE-2013-1441 (econvert in ExactImage 0.8.9 and earlier does not properly initialize  ...)
 	{DSA-2754-1}
 	- exactimage 0.8.9-2
 	NOTE: a different issue than CVE-2013-1438
 CVE-2013-1440
 	RESERVED
-CVE-2013-1439
+CVE-2013-1439 (The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before ...)
 	- libraw 0.15.4-1 (bug #721338)
 	[wheezy] - libraw <no-dsa> (Minor issue)
 	[squeeze] - libraw <no-dsa> (Minor issue)
@@ -16486,7 +16486,7 @@ CVE-2013-1439
 	[wheezy] - libkdcraw <no-dsa> (Minor issue)
 	- darktable 1.2.2-2 (bug #721339)
 	[wheezy] - darktable 1.0.4-1+deb7u2
-CVE-2013-1438
+CVE-2013-1438 (Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in lib ...)
 	{DSA-2748-1}
 	- libraw 0.15.4-1 (bug #721231)
 	[wheezy] - libraw <no-dsa> (Minor issue)
@@ -16514,30 +16514,30 @@ CVE-2013-1437 [Code execution when gathering version metadata]
 	NOTE: this is by 'design', but previous to version Module::Metadata 1.000015
 	NOTE: the statement was This module provides a standard way to gather metadata
 	NOTE: about a .pm file *without* executing unsafe code.
-CVE-2013-1436
+CVE-2013-1436 (The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 all ...)
 	- xmonad-contrib 0.11.2-1 (low)
 	[squeeze] - xmonad-contrib <no-dsa> (Minor issue)
 	[wheezy] - xmonad-contrib 0.10-4~deb7u1
-CVE-2013-1435
+CVE-2013-1435 ((1) snmp.php and (2) rrd.php in Cacti before 0.8.8b allows remote atta ...)
 	{DSA-2739-1}
 	- cacti 0.8.8b+dfsg-1
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7392
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7393
-CVE-2013-1434
+CVE-2013-1434 (Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) u ...)
 	{DSA-2739-1}
 	- cacti 0.8.8b+dfsg-1
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7394
 CVE-2013-1433
 	REJECTED
-CVE-2013-1432
+CVE-2013-1432 (Xen 4.1.x and 4.2.x, when the XSA-45 patch is in place, does not prope ...)
 	{DSA-3006-1}
 	- xen 4.3.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: All Xen versions having the XSA-45/CVE-2013-1918 fixes applied are vulnerable
-CVE-2013-1431
+CVE-2013-1431 (The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0 ...)
 	{DSA-2702-1}
 	- telepathy-gabble 0.16.6-1
-CVE-2013-1430
+CVE-2013-1430 (An issue was discovered in xrdp before 0.9.1. When successfully loggin ...)
 	- xrdp 0.9.1~2016121126+git5171fa7-1
 	[jessie] - xrdp <no-dsa> (Minor issue)
 	[wheezy] - xrdp <no-dsa> (Minor issue)
@@ -16549,10 +16549,10 @@ CVE-2013-1430
 CVE-2013-1429 [Lintian unsafe symlinks]
 	RESERVED
 	- lintian 2.5.10.5 (bug #705553; unimportant)
-CVE-2013-1428
+CVE-2013-1428 (Stack-based buffer overflow in the receive_tcppacket function in net_p ...)
 	{DSA-2663-1}
 	- tinc 1.0.19-3
-CVE-2013-1427
+CVE-2013-1427 (The configuration file for the FastCGI PHP support for lighttpd before ...)
 	{DSA-2649-1}
 	- lighttpd 1.4.31-4
 CVE-2013-1426 [mahara: stored XSS in tinyMCE editor]
@@ -16569,61 +16569,61 @@ CVE-2013-1424 [matplotlib buffer overrun]
 	- matplotlib 1.4.2-3.1 (low; bug #775691)
 	[wheezy] - matplotlib <no-dsa> (Minor issue)
 	[squeeze] - matplotlib <no-dsa> (Minor issue)
-CVE-2013-1423
+CVE-2013-1423 ((1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3)  ...)
 	{DSA-2633-1}
 	- fusionforge 5.2.1+20130227-1
 CVE-2013-1422
 	RESERVED
-CVE-2013-1421
+CVE-2013-1421 (Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar  ...)
 	- webcalendar <removed>
 CVE-2013-1420
 	RESERVED
 CVE-2013-1419
 	RESERVED
-CVE-2013-1418
+CVE-2013-1418 (The setup_server_realm function in main.c in the Key Distribution Cent ...)
 	{DLA-1265-1}
 	- krb5 1.11.3+dfsg-3+nmu1 (low; bug #728845)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757
 	NOTE: https://github.com/krb5/krb5/commit/5d2d9a1abe46a2c1a8614d4672d08d9d30a5f8bf
-CVE-2013-1417
+CVE-2013-1417 (do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (a ...)
 	- krb5 1.11.3+dfsg-3+nmu1 (low; bug #730085)
 	[squeeze] - krb5 <not-affected> (Vulnerable code only present in 1.11.x)
 	[wheezy] - krb5 <not-affected> (Vulnerable code only present in 1.11.x)
 	NOTE: https://github.com/krb5/krb5/commit/4c023ba43c16396f0d199e2df1cfa59b88b62acc
-CVE-2013-1416
+CVE-2013-1416 (The prep_reprocess_req function in do_tgs_req.c in the Key Distributio ...)
 	- krb5 1.10.1+dfsg-5 (low; bug #704775)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
-CVE-2013-1415
+CVE-2013-1415 (The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_cr ...)
 	- krb5 1.10.1+dfsg-4 (low)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	NOTE: https://github.com/krb5/krb5/commit/c773d3c775e9b2d88bcdff5f8a8ba88d7ec4e8ed
 	NOTE: https://github.com/krb5/krb5/commit/b71f8c4aacea8849ceaf31a2fa95e143f3943097
-CVE-2013-1414
+CVE-2013-1414 (Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet ...)
 	NOT-FOR-US: Fortinet FortiOS on FortiGate firewall devices
-CVE-2013-1413
+CVE-2013-1413 (Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit ...)
 	NOT-FOR-US: synetics i-doit
-CVE-2013-1412
+CVE-2013-1412 (DataLife Engine (DLE) 9.7 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: DataLife Engine
 CVE-2013-1411
 	RESERVED
 CVE-2013-1410
 	RESERVED
-CVE-2013-1409
+CVE-2013-1409 (Cross-site scripting (XSS) vulnerability in the CommentLuv plugin befo ...)
 	NOT-FOR-US: CommentLuv plugin for Wordpress
-CVE-2013-1408
+CVE-2013-1408 (Multiple SQL injection vulnerabilities in the Wysija Newsletters plugi ...)
 	NOT-FOR-US: WordPress plugin wysija-newsletters
-CVE-2013-1407
+CVE-2013-1407 (Multiple cross-site scripting (XSS) vulnerabilities in the Events Mana ...)
 	NOT-FOR-US: WordPress plugin Events Master Pro
-CVE-2013-1406
+CVE-2013-1406 (The Virtual Machine Communication Interface (VMCI) implementation in v ...)
 	NOT-FOR-US: VMware Workstation, Fusion, View, ESXi, ESX
-CVE-2013-1405
+CVE-2013-1405 (VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, V ...)
 	NOT-FOR-US: VMware
 CVE-2013-1404
 	RESERVED
 CVE-2013-1403
 	RESERVED
-CVE-2013-1402
+CVE-2013-1402 (DigiLIBE 3.4 and possibly other versions sends a redirect but does not ...)
 	NOT-FOR-US: DigiLIBE
 CVE-2013-1401
 	RESERVED
@@ -16632,11 +16632,11 @@ CVE-2013-1400
 CVE-2013-0243 [Basic constraints vulnerability]
 	RESERVED
 	- haskell-tls-extra 0.4.6.1-1 (bug #698545)
-CVE-2013-1399
+CVE-2013-1399 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1)  ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-1398
+CVE-2013-1398 (The pe_mcollective module in Puppet Enterprise (PE) before 2.7.1 does  ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2013-1397
+CVE-2013-1397 (Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote atta ...)
 	- php-symfony2-yaml <not-affected> (Only affects versions 2.0, 2.1, 2.2)
 CVE-2013-1396
 	RESERVED
@@ -16644,7 +16644,7 @@ CVE-2013-1395
 	RESERVED
 CVE-2013-1394
 	RESERVED
-CVE-2013-1393
+CVE-2013-1393 (Cross-site scripting (XSS) vulnerability in the CurvyCorners module 6. ...)
 	NOT-FOR-US: Drupal module CurvyCorners
 CVE-2013-1392
 	RESERVED
@@ -16652,66 +16652,66 @@ CVE-2013-1391
 	RESERVED
 CVE-2013-1390
 	RESERVED
-CVE-2013-1389
+CVE-2013-1389 (Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 11, 9. ...)
 	NOT-FOR-US: Adobe ColdFusion 9.0
-CVE-2013-1388
+CVE-2013-1388 (Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, 9. ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-1387
+CVE-2013-1387 (Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, 9. ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-1386
+CVE-2013-1386 (Adobe Shockwave Player before 12.0.2.122 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-1385
+CVE-2013-1385 (Adobe Shockwave Player before 12.0.2.122 does not prevent access to ad ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-1384
+CVE-2013-1384 (Adobe Shockwave Player before 12.0.2.122 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-1383
+CVE-2013-1383 (Buffer overflow in Adobe Shockwave Player before 12.0.2.122 allows att ...)
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2013-1382
 	REJECTED
 CVE-2013-1381
 	REJECTED
-CVE-2013-1380
+CVE-2013-1380 (Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1379
+CVE-2013-1379 (Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1378
+CVE-2013-1378 (Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1377
+CVE-2013-1377 (Adobe Digital Editions 2.x before 2.0.1 allows attackers to execute ar ...)
 	NOT-FOR-US: Adobe Digital Editions
-CVE-2013-1376
+CVE-2013-1376 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x bef ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-1375
+CVE-2013-1375 (Heap-based buffer overflow in Adobe Flash Player before 10.3.183.68 an ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1374
+CVE-2013-1374 (Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1373
+CVE-2013-1373 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1372
+CVE-2013-1372 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1371
+CVE-2013-1371 (Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1370
+CVE-2013-1370 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1369
+CVE-2013-1369 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1368
+CVE-2013-1368 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1367
+CVE-2013-1367 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1366
+CVE-2013-1366 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1365
+CVE-2013-1365 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-1364
+CVE-2013-1364 (The user.login function in Zabbix before 1.8.16 and 2.x before 2.0.5rc ...)
 	- zabbix 1:2.0.4+dfsg-2 (bug #698541)
 	[squeeze] - zabbix <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: patches in https://support.zabbix.com/browse/ZBX-6097
 CVE-2013-1363
 	RESERVED
-CVE-2013-1362
+CVE-2013-1362 (Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In  ...)
 	- nagios-nrpe 2.13-3 (low; bug #701227)
 	[squeeze] - nagios-nrpe <no-dsa> (Minor issue)
-CVE-2013-1361
+CVE-2013-1361 (Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with  ...)
 	NOT-FOR-US: Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software
 CVE-2013-1360
 	RESERVED
@@ -16735,225 +16735,225 @@ CVE-2013-1351
 	RESERVED
 CVE-2013-1350
 	RESERVED
-CVE-2013-1349
+CVE-2013-1349 (Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 al ...)
 	NOT-FOR-US: openSIS
-CVE-2013-1348
+CVE-2013-1348 (The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attacke ...)
 	- php-symfony2-yaml <not-affected> (Only affects version 2.0)
-CVE-2013-1347
+CVE-2013-1347 (Microsoft Internet Explorer 8 does not properly handle objects in memo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1346
+CVE-2013-1346 (mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0  ...)
 	NOT-FOR-US: Microsoft Malware Protection Engine
-CVE-2013-1345
+CVE-2013-1345 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-1344
+CVE-2013-1344 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1343
+CVE-2013-1343 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1342
+CVE-2013-1342 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1341
+CVE-2013-1341 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-1340
+CVE-2013-1340 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-1339
+CVE-2013-1339 (The Print Spooler in Microsoft Windows Vista SP2, Windows Server 2008  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-1338
+CVE-2013-1338 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1337
+CVE-2013-1337 (Microsoft .NET Framework 4.5 does not properly create policy requireme ...)
 	NOT-FOR-US: Microsoft .NET Framework 4.5
-CVE-2013-1336
+CVE-2013-1336 (The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-1335
+CVE-2013-1335 (Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to exec ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2013-1334
+CVE-2013-1334 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1333
+CVE-2013-1333 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1332
+CVE-2013-1332 (dxgkrnl.sys (aka the DirectX graphics kernel subsystem) in the kernel- ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1331
+CVE-2013-1331 (Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac a ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-1330
+CVE-2013-1330 (The default configuration of Microsoft SharePoint Portal Server 2003 S ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2013-1329
+CVE-2013-1329 (Integer signedness error in Microsoft Publisher 2003 SP3 allows remote ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1328
+CVE-2013-1328 (Microsoft Publisher 2003 SP3, 2007 SP3, and 2010 SP1 allows remote att ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1327
+CVE-2013-1327 (Integer signedness error in Microsoft Publisher 2003 SP3 allows remote ...)
 	NOT-FOR-US: Microsoft Publisher
 CVE-2013-1326
 	REJECTED
-CVE-2013-1325
+CVE-2013-1325 (Heap-based buffer overflow in Microsoft Office 2003 SP3 and 2007 SP3 a ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-1324
+CVE-2013-1324 (Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-1323
+CVE-2013-1323 (Microsoft Publisher 2003 SP3 does not properly handle NULL values for  ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1322
+CVE-2013-1322 (Microsoft Publisher 2003 SP3 does not properly check table range data, ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1321
+CVE-2013-1321 (Microsoft Publisher 2003 SP3 does not properly check the data type of  ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1320
+CVE-2013-1320 (Buffer overflow in Microsoft Publisher 2003 SP3 allows remote attacker ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1319
+CVE-2013-1319 (Microsoft Publisher 2003 SP3 does not properly check the return value  ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1318
+CVE-2013-1318 (Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1317
+CVE-2013-1317 (Integer overflow in Microsoft Publisher 2003 SP3 allows remote attacke ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1316
+CVE-2013-1316 (Microsoft Publisher 2003 SP3 does not properly validate the size of an ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2013-1315
+CVE-2013-1315 (Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Offi ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-1314
 	REJECTED
-CVE-2013-1313
+CVE-2013-1313 (Object Linking and Embedding (OLE) Automation in Microsoft Windows XP  ...)
 	NOT-FOR-US: Microsoft Windows XP
-CVE-2013-1312
+CVE-2013-1312 (Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 a ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1311
+CVE-2013-1311 (Use-after-free vulnerability in Microsoft Internet Explorer 8 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1310
+CVE-2013-1310 (Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 al ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1309
+CVE-2013-1309 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1308
+CVE-2013-1308 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1307
+CVE-2013-1307 (Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 al ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1306
+CVE-2013-1306 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1305
+CVE-2013-1305 (HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT a ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-1304
+CVE-2013-1304 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1303
+CVE-2013-1303 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1302
+CVE-2013-1302 (Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lyn ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-1301
+CVE-2013-1301 (Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attacker ...)
 	NOT-FOR-US: Microsoft Visio
-CVE-2013-1300
+CVE-2013-1300 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-1299
+CVE-2013-1299 (Microsoft Windows Modern Mail allows remote attackers to spoof link ta ...)
 	NOT-FOR-US: Microsoft Windows Modern Mail
 CVE-2013-1298
 	REJECTED
-CVE-2013-1297
+CVE-2013-1297 (Microsoft Internet Explorer 6 through 8 does not properly restrict dat ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1296
+CVE-2013-1296 (The Remote Desktop ActiveX control in mstscax.dll in Microsoft Remote  ...)
 	NOT-FOR-US: Microsoft Remote Desktop Connection Client
-CVE-2013-1295
+CVE-2013-1295 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1294
+CVE-2013-1294 (Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Wind ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1293
+CVE-2013-1293 (The NTFS kernel-mode driver in Microsoft Windows Vista SP2, Windows Se ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1292
+CVE-2013-1292 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1291
+CVE-2013-1291 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Win ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1290
+CVE-2013-1290 (Microsoft SharePoint Server 2013, in certain configurations involving  ...)
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2013-1289
+CVE-2013-1289 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Serve ...)
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2013-1288
+CVE-2013-1288 (Use-after-free vulnerability in Microsoft Internet Explorer 8 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-1287
+CVE-2013-1287 (The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1286
+CVE-2013-1286 (The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1285
+CVE-2013-1285 (The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1284
+CVE-2013-1284 (Race condition in the kernel in Microsoft Windows 8, Windows Server 20 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1283
+CVE-2013-1283 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1282
+CVE-2013-1282 (The LDAP service in Microsoft Active Directory, Active Directory Appli ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-1281
+CVE-2013-1281 (The NFS server in Microsoft Windows Server 2008 R2 and R2 SP1 and Serv ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1280
+CVE-2013-1280 (The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1279
+CVE-2013-1279 (Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Wind ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1278
+CVE-2013-1278 (Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Wind ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1277
+CVE-2013-1277 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1276
+CVE-2013-1276 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1275
+CVE-2013-1275 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1274
+CVE-2013-1274 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1273
+CVE-2013-1273 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1272
+CVE-2013-1272 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1271
+CVE-2013-1271 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1270
+CVE-2013-1270 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1269
+CVE-2013-1269 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1268
+CVE-2013-1268 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1267
+CVE-2013-1267 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1266
+CVE-2013-1266 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1265
+CVE-2013-1265 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1264
+CVE-2013-1264 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1263
+CVE-2013-1263 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1262
+CVE-2013-1262 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1261
+CVE-2013-1261 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1260
+CVE-2013-1260 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1259
+CVE-2013-1259 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1258
+CVE-2013-1258 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1257
+CVE-2013-1257 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1256
+CVE-2013-1256 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1255
+CVE-2013-1255 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1254
+CVE-2013-1254 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1253
+CVE-2013-1253 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1252
+CVE-2013-1252 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1251
+CVE-2013-1251 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1250
+CVE-2013-1250 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1249
+CVE-2013-1249 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1248
+CVE-2013-1248 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1247
+CVE-2013-1247 (Cross-site scripting (XSS) vulnerability in the wireless configuration ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1246
+CVE-2013-1246 (Cisco TelePresence System Software does not properly handle inactive t ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1245
+CVE-2013-1245 (The user-management page in Cisco WebEx Social relies on client-side v ...)
 	NOT-FOR-US: Cisco WebEx Social
-CVE-2013-1244
+CVE-2013-1244 (Cross-site scripting (XSS) vulnerability in the portal module in Cisco ...)
 	NOT-FOR-US: Cisco WebEx Social
-CVE-2013-1243
+CVE-2013-1243 (The IP stack in Cisco Intrusion Prevention System (IPS) Software in AS ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1242
+CVE-2013-1242 (Memory leak in the web framework in the server in Cisco Unified Presen ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1241
+CVE-2013-1241 (The ISM module in Cisco IOS on ISR G2 routers does not properly handle ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1240
+CVE-2013-1240 (The command-line interface in Cisco Unified Communications Manager (CU ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2013-1239
 	RESERVED
@@ -16961,322 +16961,322 @@ CVE-2013-1238
 	RESERVED
 CVE-2013-1237
 	RESERVED
-CVE-2013-1236
+CVE-2013-1236 (Cisco TelePresence Supervisor MSE 8050 before 2.3(1.31) allows remote  ...)
 	NOT-FOR-US: Cisco TelePresence Supervisor
-CVE-2013-1235
+CVE-2013-1235 (Cisco Wireless LAN Controller (WLC) devices do not properly address th ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2013-1234
+CVE-2013-1234 (The SNMP module in Cisco IOS XR allows remote authenticated users to c ...)
 	NOT-FOR-US: Cisco IOS XR
 CVE-2013-1233
 	REJECTED
-CVE-2013-1232
+CVE-2013-1232 (The HTTP implementation in Cisco WebEx Node for MCS, WebEx Meetings Se ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1231
+CVE-2013-1231 (The HTTP implementation in Cisco WebEx Node for MCS and WebEx Meetings ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1230
+CVE-2013-1230 (Cisco Unified Communications Domain Manager allows remote attackers to ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1229
+CVE-2013-1229 (TMSSNMPService.exe in TelePresence Manager in Cisco TelePresence Manag ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1228
+CVE-2013-1228 (Cisco Jabber on Windows does not verify X.509 certificates from SSL se ...)
 	NOT-FOR-US: Cisco Jabber
-CVE-2013-1227
+CVE-2013-1227 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2013-1226
+CVE-2013-1226 (The Ethernet frame-forwarding implementation in Cisco NX-OS on Nexus 7 ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-1225
+CVE-2013-1225 (Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11  ...)
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2013-1224
+CVE-2013-1224 (Directory traversal vulnerability in the Resource Manager in Cisco Uni ...)
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2013-1223
+CVE-2013-1223 (The log viewer in Cisco Unified Customer Voice Portal (CVP) Software b ...)
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2013-1222
+CVE-2013-1222 (The Tomcat Web Management feature in Cisco Unified Customer Voice Port ...)
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2013-1221
+CVE-2013-1221 (The Tomcat Web Management feature in Cisco Unified Customer Voice Port ...)
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2013-1220
+CVE-2013-1220 (The CallServer component in Cisco Unified Customer Voice Portal (CVP)  ...)
 	NOT-FOR-US: Cisco Unified Customer Voice Portal
-CVE-2013-1219
+CVE-2013-1219 (SensorApp in Cisco Intrusion Prevention System (IPS) allows local user ...)
 	NOT-FOR-US: Cisco Intrusion Prevention System
-CVE-2013-1218
+CVE-2013-1218 (Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1217
+CVE-2013-1217 (The generic input/output control implementation in Cisco IOS does not  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1216
+CVE-2013-1216 (Memory leak in the SNMP module in Cisco IOS XR allows remote authentic ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-1215
+CVE-2013-1215 (The vpnclient program in the Easy VPN component on Cisco Adaptive Secu ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1214
+CVE-2013-1214 (The scripts editor in Cisco Unified Contact Center Express (aka Unifie ...)
 	NOT-FOR-US: Cisco Unified Contact Center Express
-CVE-2013-1213
+CVE-2013-1213 (Cisco NX-OS on the Nexus 1000V does not assign the proper priority to  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1212
+CVE-2013-1212 (The SSL functionality in Cisco NX-OS on the Nexus 1000V does not prope ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1211
+CVE-2013-1211 (Cisco NX-OS on the Nexus 1000V does not properly handle authentication ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1210
+CVE-2013-1210 (Array index error in the Virtual Ethernet Module (VEM) kernel driver f ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1209
+CVE-2013-1209 (The encryption functionality in the Virtual Supervisor Module (VSM) to ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1208
+CVE-2013-1208 (The encryption functionality in Cisco NX-OS on the Nexus 1000V does no ...)
 	NOT-FOR-US: Cisco
 CVE-2013-1207
 	RESERVED
 CVE-2013-1206
 	RESERVED
-CVE-2013-1205
+CVE-2013-1205 (The Event Center module in Cisco WebEx Meetings Server does not perfor ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2013-1204
+CVE-2013-1204 (Memory leak in the SNMP process in Cisco IOS XR allows remote attacker ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-1203
+CVE-2013-1203 (Cisco ASA CX Context-Aware Security Software allows remote attackers t ...)
 	NOT-FOR-US: Cisco ASA
 CVE-2013-1202
 	RESERVED
 CVE-2013-1201
 	RESERVED
-CVE-2013-1200
+CVE-2013-1200 (Session fixation vulnerability in Cisco Secure Access Control System ( ...)
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2013-1199
+CVE-2013-1199 (Race condition in the CIFS implementation in the rewriter module in th ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1198
+CVE-2013-1198 (Cross-site scripting (XSS) vulnerability in a Flash component in Cisco ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-1197
+CVE-2013-1197 (The XML parser in the server in Cisco Unified Presence (CUP) allows re ...)
 	NOT-FOR-US: Cisco Unified Presence
-CVE-2013-1196
+CVE-2013-1196 (The command-line interface in Cisco Secure Access Control System (ACS) ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1195
+CVE-2013-1195 (The time-based ACL implementation on Cisco Adaptive Security Appliance ...)
 	NOT-FOR-US: isco Adaptive Security Appliances
-CVE-2013-1194
+CVE-2013-1194 (The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA)  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1193
+CVE-2013-1193 (The Secure Shell (SSH) implementation on Cisco Adaptive Security Appli ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1192
+CVE-2013-1192 (The JAR files on Cisco Device Manager for Cisco MDS 9000 devices befor ...)
 	NOT-FOR-US: Cisco Device Manager
-CVE-2013-1191
+CVE-2013-1191 (Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authen ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1190
+CVE-2013-1190 (The C-Series Rack Server component 1.4 in Cisco Unified Computing Syst ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1189
+CVE-2013-1189 (Cisco Universal Broadband (aka uBR) 10000 series routers, when an IPv4 ...)
 	NOT-FOR-US: Cisco Universal Broadband 10000 series routers
-CVE-2013-1188
+CVE-2013-1188 (Cisco Unified Communications Manager (CUCM) does not properly limit th ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-1187
+CVE-2013-1187 (The Connection Manager in Cisco Jabber Extensible Communications Platf ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1186
+CVE-2013-1186 (Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before  ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-1185
+CVE-2013-1185 (The web interface in the Manager component in Cisco Unified Computing  ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-1184
+CVE-2013-1184 (The management API in the XML API management service in the Manager co ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-1183
+CVE-2013-1183 (Buffer overflow in the Intelligent Platform Management Interface (IPMI ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-1182
+CVE-2013-1182 (The login page in the Web Console in the Manager component in Cisco Un ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2013-1181
+CVE-2013-1181 (Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.0(3)N2(2), Nexu ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1180
+CVE-2013-1180 (Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 700 ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-1179
+CVE-2013-1179 (Multiple buffer overflows in the (1) SNMP and (2) License Manager impl ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-1178
+CVE-2013-1178 (Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implem ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-1177
+CVE-2013-1177 (SQL injection vulnerability in Cisco Network Admission Control (NAC) M ...)
 	NOT-FOR-US: Cisco Network Admission Control Manager
-CVE-2013-1176
+CVE-2013-1176 (The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4. ...)
 	NOT-FOR-US: Cisco
 CVE-2013-1175
 	REJECTED
-CVE-2013-1174
+CVE-2013-1174 (Cisco Tivoli Business Service Manager (TBSM) in Hosted Collaboration M ...)
 	NOT-FOR-US: Cisco Tivoli Business Service Manager
-CVE-2013-1173
+CVE-2013-1173 (Heap-based buffer overflow in ciscod.exe in the Cisco Security Service ...)
 	NOT-FOR-US: Cisco AnyConnect
-CVE-2013-1172
+CVE-2013-1172 (The Cisco Security Service in Cisco AnyConnect Secure Mobility Client  ...)
 	NOT-FOR-US: Cisco AnyConnect
-CVE-2013-1171
+CVE-2013-1171 (Multiple cross-site scripting (XSS) vulnerabilities in the element-lis ...)
 	NOT-FOR-US: Cisco Connected Grid Network Management System (CG-NMS)
-CVE-2013-1170
+CVE-2013-1170 (The Cisco Prime Network Control System (NCS) appliance with software b ...)
 	NOT-FOR-US: Cisco Prime Network Control System
-CVE-2013-1169
+CVE-2013-1169 (Cisco Unified MeetingPlace Web Conferencing Server 7.x before 7.1MR1 P ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace Web Conferencing Server
-CVE-2013-1168
+CVE-2013-1168 (The web server in Cisco Unified MeetingPlace Application Server 7.x be ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace Application Server
-CVE-2013-1167
+CVE-2013-1167 (Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Ag ...)
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-1166
+CVE-2013-1166 (Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before ...)
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-1165
+CVE-2013-1165 (Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7 ...)
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-1164
+CVE-2013-1164 (Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregatio ...)
 	NOT-FOR-US: Cisco IOS XE
-CVE-2013-1163
+CVE-2013-1163 (Multiple SQL injection vulnerabilities in the device-management implem ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1162
+CVE-2013-1162 (The traffic engineering (TE) processing subsystem in Cisco IOS XR allo ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1161
+CVE-2013-1161 (The XML parser in the Cisco Jabber IM application for Android allows r ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1160
+CVE-2013-1160 (Cross-site scripting (XSS) vulnerability in the OpenView web menus in  ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1159
+CVE-2013-1159 (Cross-site scripting (XSS) vulnerability in the Netcool Impact (NCI) w ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1158
+CVE-2013-1158 (Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring  ...)
 	NOT-FOR-US: IBM
-CVE-2013-1157
+CVE-2013-1157 (Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring  ...)
 	NOT-FOR-US: IBM
-CVE-2013-1156
+CVE-2013-1156 (Directory traversal vulnerability in Cisco Prime Central for Hosted Co ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1155
+CVE-2013-1155 (The auth-proxy functionality in Cisco Firewall Services Module (FWSM)  ...)
 	NOT-FOR-US: Cisco Firewall Services Module
-CVE-2013-1154
+CVE-2013-1154 (The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, ...)
 	NOT-FOR-US: Cisco Small Business switches
-CVE-2013-1153
+CVE-2013-1153 (Cross-site request forgery (CSRF) vulnerability in the web interface i ...)
 	NOT-FOR-US: Cisco Prime Infrastructure
-CVE-2013-1152
+CVE-2013-1152 (Cisco Adaptive Security Appliances (ASA) devices with software 9.0 bef ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2013-1151
+CVE-2013-1151 (Cisco Adaptive Security Appliances (ASA) devices with software 7.x bef ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2013-1150
+CVE-2013-1150 (The authentication-proxy implementation on Cisco Adaptive Security App ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2013-1149
+CVE-2013-1149 (Cisco Adaptive Security Appliances (ASA) devices with software 7.x bef ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
-CVE-2013-1148
+CVE-2013-1148 (The General Responder implementation in the IP Service Level Agreement ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1147
+CVE-2013-1147 (The Protocol Translation (PT) functionality in Cisco IOS 12.3 through  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1146
+CVE-2013-1146 (The Smart Install client functionality in Cisco IOS 12.2 and 15.0 thro ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1145
+CVE-2013-1145 (Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based P ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1144
+CVE-2013-1144 (Memory leak in the IKEv1 implementation in Cisco IOS 15.1 allows remot ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1143
+CVE-2013-1143 (The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15 ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1142
+CVE-2013-1142 (Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1141
+CVE-2013-1141 (The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2013-1140
+CVE-2013-1140 (The XML parser in Cisco Security Monitoring, Analysis, and Response Sy ...)
 	NOT-FOR-US: Cisco Security MARS
-CVE-2013-1139
+CVE-2013-1139 (The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 thr ...)
 	NOT-FOR-US: Cisco Cloud Portal
-CVE-2013-1138
+CVE-2013-1138 (The NAT process on Cisco Adaptive Security Appliances (ASA) devices al ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1137
+CVE-2013-1137 (Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 al ...)
 	NOT-FOR-US: Cisco Unified Presence Server
-CVE-2013-1136
+CVE-2013-1136 (The crypto engine process in Cisco IOS on Aggregation Services Router  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2013-1135
+CVE-2013-1135 (Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance  ...)
 	NOT-FOR-US: Cisco Prime Central
-CVE-2013-1134
+CVE-2013-1134 (The Location Bandwidth Manager (LBM) Intracluster-communication featur ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-1133
+CVE-2013-1133 (Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-1132
+CVE-2013-1132 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified C ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1131
+CVE-2013-1131 (Cisco Small Business Wireless Access Points WAP200, WAP2000, WAP200E,  ...)
 	NOT-FOR-US: Cisco Small Business Wireless Access Points
-CVE-2013-1130
+CVE-2013-1130 (Cisco AnyConnect Secure Mobility Client on Mac OS X uses weak permissi ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1129
+CVE-2013-1129 (Memory leak in Cisco Unity Connection 9.x allows remote attackers to c ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1128
+CVE-2013-1128 (Multiple cross-site request forgery (CSRF) vulnerabilities in the serv ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
 CVE-2013-1127
 	RESERVED
 CVE-2013-1126
 	RESERVED
-CVE-2013-1125
+CVE-2013-1125 (The command-line interface in Cisco Identity Services Engine Software, ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1124
+CVE-2013-1124 (The Cisco Network Admission Control (NAC) agent on Mac OS X does not v ...)
 	NOT-FOR-US: Cisco Network Admission Control
-CVE-2013-1123
+CVE-2013-1123 (Multiple cross-site scripting (XSS) vulnerabilities in the server in C ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2013-1122
+CVE-2013-1122 (Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtua ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-1121
+CVE-2013-1121 (The regex engine in the BGP implementation in Cisco NX-OS, when a comp ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2013-1120
+CVE-2013-1120 (Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisc ...)
 	NOT-FOR-US: Cisco Unity Express
-CVE-2013-1119
+CVE-2013-1119 (Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD be ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1118
+CVE-2013-1118 (Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) play ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1117
+CVE-2013-1117 (Buffer overflow in the exception handler in Cisco WebEx Recording Form ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1116
+CVE-2013-1116 (Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player  ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1115
+CVE-2013-1115 (Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player  ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2013-1114
+CVE-2013-1114 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity Exp ...)
 	NOT-FOR-US: Cisco Unity Express
-CVE-2013-1113
+CVE-2013-1113 (Cross-site scripting (XSS) vulnerability in Cisco Unified Communicatio ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2013-1112
+CVE-2013-1112 (Cisco Carrier Routing System (CRS) allows remote attackers to cause a  ...)
 	NOT-FOR-US: Cisco Carrier Routing System
-CVE-2013-1111
+CVE-2013-1111 (The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and 9 ...)
 	NOT-FOR-US: Cisco ATA 187 Analog Telephone Adaptor
-CVE-2013-1110
+CVE-2013-1110 (Cisco WebEx Training Center allow remote authenticated users to bypass ...)
 	NOT-FOR-US: Cisco WebEx Training Center
-CVE-2013-1109
+CVE-2013-1109 (Cross-site request forgery (CSRF) vulnerability in testingLibraryActio ...)
 	NOT-FOR-US: Cisco WebEx Training Center
-CVE-2013-1108
+CVE-2013-1108 (Cisco WebEx Training Center allows remote authenticated users to remov ...)
 	NOT-FOR-US: Cisco WebEx Training Center
-CVE-2013-1107
+CVE-2013-1107 (The search function in Cisco Webex Social (formerly Cisco Quad) allows ...)
 	NOT-FOR-US: Cisco Webex Social
 CVE-2013-1106
 	RESERVED
-CVE-2013-1105
+CVE-2013-1105 (Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7 ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2013-1104
+CVE-2013-1104 (The HTTP Profiling functionality on Cisco Wireless LAN Controller (WLC ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2013-1103
+CVE-2013-1103 (Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7 ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2013-1102
+CVE-2013-1102 (The Wireless Intrusion Prevention System (wIPS) component on Cisco Wir ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
 CVE-2013-1101
 	RESERVED
-CVE-2013-1100
+CVE-2013-1100 (The HTTP server in Cisco IOS on Catalyst switches does not properly ha ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2013-1099
 	REJECTED
 CVE-2013-1098
 	RESERVED
-CVE-2013-1097
+CVE-2013-1097 (Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in  ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-1096
+CVE-2013-1096 (Cross-site scripting (XSS) vulnerability in the Roles Based Provisioni ...)
 	NOT-FOR-US: Novell Identity Manager
-CVE-2013-1095
+CVE-2013-1095 (Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in  ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-1094
+CVE-2013-1094 (Cross-site scripting (XSS) vulnerability in a ZCC page in zenworks-cor ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-1093
+CVE-2013-1093 (Open redirect vulnerability in the fwdToURL function in the ZCC login  ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-1092
+CVE-2013-1092 (Multiple unquoted Windows search path vulnerabilities in Novell ZENwor ...)
 	NOT-FOR-US: Novell ZENworks Desktop Management
-CVE-2013-1091
+CVE-2013-1091 (Stack-based buffer overflow in Novell iPrint Client before 5.90 allows ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2013-1090
+CVE-2013-1090 (The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership fo ...)
 	- php-horde <not-affected> (SuSE specific packaging flaw)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=811369
 CVE-2013-1089
 	RESERVED
-CVE-2013-1088
+CVE-2013-1088 (Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 ...)
 	NOT-FOR-US: Novell iManager
-CVE-2013-1087
+CVE-2013-1087 (Cross-site scripting (XSS) vulnerability in the client in Novell Group ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2013-1086
+CVE-2013-1086 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupW ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2013-1085
+CVE-2013-1085 (Stack-based buffer overflow in the nim: protocol handler in Novell Gro ...)
 	NOT-FOR-US: Novell Messenger
-CVE-2013-1084
+CVE-2013-1084 (Directory traversal vulnerability in the GetFle method in the umaninv  ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2013-1083
+CVE-2013-1083 (Unspecified vulnerability in the login functionality in the Reporting  ...)
 	NOT-FOR-US: Novell Identity Manager
-CVE-2013-1082
+CVE-2013-1082 (Directory traversal vulnerability in DUSAP.php in Novell ZENworks Mobi ...)
 	NOT-FOR-US: Novell ZENworks
-CVE-2013-1081
+CVE-2013-1081 (Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile ...)
 	NOT-FOR-US: Novell ZENworks
-CVE-2013-1080
+CVE-2013-1080 (The web server in Novell ZENworks Configuration Management (ZCM) 10.3  ...)
 	NOT-FOR-US: Novell ZENworks
-CVE-2013-1079
+CVE-2013-1079 (Directory traversal vulnerability in the ISCreateObject method in an A ...)
 	NOT-FOR-US: Novell ZENworks
 CVE-2013-1078
 	RESERVED
@@ -17294,48 +17294,48 @@ CVE-2013-1072
 	REJECTED
 CVE-2013-1071
 	REJECTED
-CVE-2013-1070
+CVE-2013-1070 (Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as ...)
 	NOT-FOR-US: Ubuntu MAAS
-CVE-2013-1069
+CVE-2013-1069 (Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permi ...)
 	NOT-FOR-US: Ubuntu MAAS
-CVE-2013-1068
+CVE-2013-1068 (The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 1:2013.2. ...)
 	- nova 2014.1.1-4 (bug #753579)
 	[wheezy] - nova <not-affected> (Vulnerable code not present)
 	- cinder 2014.1.1-3 (bug #753585)
 	[wheezy] - cinder <not-affected> (Vulnerable code not present)
 	NOTE: Requires includedir to be defined in /etc/sudoers file
-CVE-2013-1067
+CVE-2013-1067 (Apport 2.12.5 and earlier uses weak permissions for core dump files cr ...)
 	[experimental] - apport 2.12.6-1 (bug #727661)
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, as we have an explicit (bug) reference for apport
-CVE-2013-1066
+CVE-2013-1066 (language-selector 0.110.x before 0.110.1, 0.90.x before 0.90.1, and 0. ...)
 	NOT-FOR-US: language-selector
-CVE-2013-1065
+CVE-2013-1065 (backend.py in Jockey before 0.9.7-0ubuntu7.11 does not properly use D- ...)
 	NOT-FOR-US: jockey
-CVE-2013-1064
+CVE-2013-1064 (apt-xapian-index before 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5. ...)
 	- apt-xapian-index 0.47 (low; bug #724837)
 	[wheezy] - apt-xapian-index <no-dsa> (Minor issue, only allows a possibly prohibited update of the Xapian package index)
 	[squeeze] - apt-xapian-index <no-dsa> (Minor issue, only allows a possibly prohibited update of the Xapian package index)
-CVE-2013-1063
+CVE-2013-1063 (usb-creator 0.2.47 before 0.2.47.1, 0.2.40 before 0.2.40ubuntu2, and 0 ...)
 	NOT-FOR-US: usb-creator
-CVE-2013-1062
+CVE-2013-1062 (ubuntu-system-service 0.2.4 before 0.2.4.1. 0.2.3 before 0.2.3.1, and  ...)
 	NOT-FOR-US: ubuntu-system-service
-CVE-2013-1061
+CVE-2013-1061 (dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before 0 ...)
 	- software-properties 0.92.18 (low)
 	[wheezy] - software-properties <no-dsa> (Minor issue)
 	[squeeze] - software-properties <not-affected> (Vulnerable code not present)
-CVE-2013-1060
+CVE-2013-1060 (A certain Ubuntu build procedure for perf, as distributed in the Linux ...)
 	NOT-FOR-US: Ubuntu packaging specific
-CVE-2013-1059
+CVE-2013-1059 (net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote at ...)
 	{DSA-2745-1}
 	- linux 3.10.1-1 (low)
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <not-affected> (CEPH was introduced in 2.6.34)
-CVE-2013-1058
+CVE-2013-1058 (maas-import-pxe-files in MAAS before 13.10 does not verify the integri ...)
 	NOT-FOR-US: Ubuntu MAAS
-CVE-2013-1057
+CVE-2013-1057 (Untrusted search path vulnerability in maas-import-pxe-files in MAAS b ...)
 	NOT-FOR-US: Ubuntu MAAS
-CVE-2013-1056
+CVE-2013-1056 (X.org X server 1.13.3 and earlier, when not run as root, allows local  ...)
 	- xorg-server <not-affected> (Ubuntu-specific patch, see http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1056.html)
 CVE-2013-1055
 	RESERVED
@@ -17343,501 +17343,501 @@ CVE-2013-1054
 	RESERVED
 CVE-2013-1053
 	RESERVED
-CVE-2013-1052
+CVE-2013-1052 (pam-xdg-support, as used in Ubuntu 12.10, does not properly handle the ...)
 	NOT-FOR-US: pam-xdg-support (Ubuntu-specific package)
-CVE-2013-1051
+CVE-2013-1051 (apt 0.8.16, 0.9.7, and possibly other versions does not properly handl ...)
 	- apt 0.9.7.8
 	[squeeze] - apt <not-affected> (InRelease support not used)
-CVE-2013-1050
+CVE-2013-1050 (The default configuration in gnome-screensaver 3.5.4 through 3.6.0 set ...)
 	- gnome-screensaver <not-affected> (Ubuntu-specific Unity patch)
-CVE-2013-1049
+CVE-2013-1049 (Buffer overflow in the RFC1413 (ident) client in cfingerd 1.4.3-3 allo ...)
 	{DSA-2635-1}
 	- cfingerd 1.4.3-3.1 (bug #700098)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/cfingerd/+bug/1104425
-CVE-2013-1048
+CVE-2013-1048 (The Debian apache2ctl script in the apache2 package squeeze before 2.2 ...)
 	{DSA-2637-1}
 	- apache2 2.2.22-13
-CVE-2013-1047
+CVE-2013-1047 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-1046
+CVE-2013-1046 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-1045
+CVE-2013-1045 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-1044
+CVE-2013-1044 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-1043
+CVE-2013-1043 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-1042
+CVE-2013-1042 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-1041
+CVE-2013-1041 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-1040
+CVE-2013-1040 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-1039
+CVE-2013-1039 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-1038
+CVE-2013-1038 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-1037
+CVE-2013-1037 (WebKit, as used in Apple iOS before 7, allows remote attackers to exec ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-1036
+CVE-2013-1036 (Safari in Apple iOS before 7 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-1035
+CVE-2013-1035 (The iTunes ActiveX control in Apple iTunes before 11.1 allows remote a ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1034
+CVE-2013-1034 (Multiple cross-site scripting (XSS) vulnerabilities in Wiki Server in  ...)
 	NOT-FOR-US: Apple Mac OS X Server
-CVE-2013-1033
+CVE-2013-1033 (Screen Lock in Apple Mac OS X before 10.8.5 does not properly track se ...)
 	NOT-FOR-US: Screen Lock in Apple Mac OS X
-CVE-2013-1032
+CVE-2013-1032 (QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to e ...)
 	NOT-FOR-US: QuickTime in Apple Mac OS X
-CVE-2013-1031
+CVE-2013-1031 (Power Management in Apple Mac OS X before 10.8.5 does not properly per ...)
 	NOT-FOR-US: Power Management in Apple Mac OS X
-CVE-2013-1030
+CVE-2013-1030 (mdmclient in Mobile Device Management in Apple Mac OS X before 10.8.5  ...)
 	NOT-FOR-US: Mobile Device Management in Apple Mac OS X
-CVE-2013-1029
+CVE-2013-1029 (The kernel in Apple Mac OS X before 10.8.5 allows remote attackers to  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-1028
+CVE-2013-1028 (The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-1027
+CVE-2013-1027 (Installer in Apple Mac OS X before 10.8.5 provides an option to contin ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-1026
+CVE-2013-1026 (Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remo ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-1025
+CVE-2013-1025 (Buffer overflow in CoreGraphics in Apple Mac OS X before 10.8.5 allows ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-1024
+CVE-2013-1024 (CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly i ...)
 	NOT-FOR-US: CoreMedia Playback
-CVE-2013-1023
+CVE-2013-1023 (WebKit, as used in Apple Safari before 6.0.5, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-1022
+CVE-2013-1022 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1021
+CVE-2013-1021 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1020
+CVE-2013-1020 (Apple QuickTime before 7.7.4 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1019
+CVE-2013-1019 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1018
+CVE-2013-1018 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1017
+CVE-2013-1017 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1016
+CVE-2013-1016 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1015
+CVE-2013-1015 (Apple QuickTime before 7.7.4 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-1014
+CVE-2013-1014 (Apple iTunes before 11.0.3 does not properly verify X.509 certificates ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1013
+CVE-2013-1013 (XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-1012
+CVE-2013-1012 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-1011
+CVE-2013-1011 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1010
+CVE-2013-1010 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1009
+CVE-2013-1009 (WebKit, as used in Apple Safari before 6.0.5, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-1008
+CVE-2013-1008 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1007
+CVE-2013-1007 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1006
+CVE-2013-1006 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1005
+CVE-2013-1005 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1004
+CVE-2013-1004 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1003
+CVE-2013-1003 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1002
+CVE-2013-1002 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1001
+CVE-2013-1001 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1000
+CVE-2013-1000 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0999
+CVE-2013-0999 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0998
+CVE-2013-0998 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0997
+CVE-2013-0997 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0996
+CVE-2013-0996 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0995
+CVE-2013-0995 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0994
+CVE-2013-0994 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0993
+CVE-2013-0993 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0992
+CVE-2013-0992 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0991
+CVE-2013-0991 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middl ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0990
+CVE-2013-0990 (SMB in Apple Mac OS X before 10.8.4, when file sharing is enabled, all ...)
 	NOT-FOR-US: Apple
-CVE-2013-0989
+CVE-2013-0989 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-0988
+CVE-2013-0988 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-0987
+CVE-2013-0987 (Apple QuickTime before 7.7.4 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-0986
+CVE-2013-0986 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-0985
+CVE-2013-0985 (Disk Management in Apple Mac OS X before 10.8.4 does not properly auth ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-0984
+CVE-2013-0984 (Directory Service in Apple Mac OS X through 10.6.8 allows remote attac ...)
 	NOT-FOR-US: Mac OS Server
-CVE-2013-0983
+CVE-2013-0983 (Stack consumption vulnerability in CoreAnimation in Apple Mac OS X bef ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-0982
+CVE-2013-0982 (The Private Browsing feature in CFNetwork in Apple Mac OS X before 10. ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-0981
+CVE-2013-0981 (The IOUSBDeviceFamily driver in the USB implementation in the kernel i ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-0980
+CVE-2013-0980 (The Passcode Lock implementation in Apple iOS before 6.1.3 does not pr ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-0979
+CVE-2013-0979 (lockdownd in Lockdown in Apple iOS before 6.1.3 does not properly cons ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-0978
+CVE-2013-0978 (The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-0977
+CVE-2013-0977 (dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not prop ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-0976
+CVE-2013-0976 (IOAcceleratorFamily in Apple Mac OS X before 10.8.3 allows remote atta ...)
 	NOT-FOR-US: Mac OS X
-CVE-2013-0975
+CVE-2013-0975 (Buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.8.4 a ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2013-0974
+CVE-2013-0974 (StoreKit in Apple iOS before 6.1 does not properly handle the disablin ...)
 	NOT-FOR-US: Apple StoreKit
-CVE-2013-0973
+CVE-2013-0973 (Software Update in Apple Mac OS X through 10.7.5 does not prevent plug ...)
 	NOT-FOR-US: Mac OS X
 CVE-2013-0972
 	RESERVED
-CVE-2013-0971
+CVE-2013-0971 (Use-after-free vulnerability in PDFKit in Apple Mac OS X before 10.8.3 ...)
 	NOT-FOR-US: Mac OS X
-CVE-2013-0970
+CVE-2013-0970 (Messages in Apple Mac OS X before 10.8.3 allows remote attackers to by ...)
 	NOT-FOR-US: Mac OS X
-CVE-2013-0969
+CVE-2013-0969 (Login Window in Apple Mac OS X before 10.8.3 does not prevent applicat ...)
 	NOT-FOR-US: Mac OS X
-CVE-2013-0968
+CVE-2013-0968 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0967
+CVE-2013-0967 (CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the l ...)
 	NOT-FOR-US: Mac OS X
-CVE-2013-0966
+CVE-2013-0966 (The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac ...)
 	NOT-FOR-US: Apple mod_hfs_apple
 CVE-2013-0965
 	RESERVED
-CVE-2013-0964
+CVE-2013-0964 (The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not pr ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0963
+CVE-2013-0963 (Identity Services in Apple iOS before 6.1 does not properly handle val ...)
 	NOT-FOR-US: Identity Services in Apple iOS
-CVE-2013-0962
+CVE-2013-0962 (Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0961
+CVE-2013-0961 (WebKit in Apple Safari before 6.0.3 allows remote attackers to execute ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0960
+CVE-2013-0960 (WebKit in Apple Safari before 6.0.3 allows remote attackers to execute ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0959
+CVE-2013-0959 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0958
+CVE-2013-0958 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0957
+CVE-2013-0957 (Data Protection in Apple iOS before 7 allows attackers to bypass inten ...)
 	NOT-FOR-US: Apple iOS
-CVE-2013-0956
+CVE-2013-0956 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0955
+CVE-2013-0955 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0954
+CVE-2013-0954 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0953
+CVE-2013-0953 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0952
+CVE-2013-0952 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0951
+CVE-2013-0951 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0950
+CVE-2013-0950 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0949
+CVE-2013-0949 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0948
+CVE-2013-0948 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2013-0947
+CVE-2013-0947 (EMC RSA Authentication Manager 8.0 before P1 allows local users to dis ...)
 	NOT-FOR-US: EMC
-CVE-2013-0946
+CVE-2013-0946 (Buffer overflow in the Library Control Program (LCP) in EMC AlphaStor  ...)
 	NOT-FOR-US: EMC
-CVE-2013-0945
+CVE-2013-0945 (EMC Avamar Client before 6.1.101-89 does not verify that the server ho ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2013-0944
+CVE-2013-0944 (The web-based file-restore interface in EMC Avamar Server before 6.1.0 ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2013-0943
+CVE-2013-0943 (EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain se ...)
 	NOT-FOR-US: EMC
-CVE-2013-0942
+CVE-2013-0942 (Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Age ...)
 	NOT-FOR-US: EMC RSA Authentication Agent
-CVE-2013-0941
+CVE-2013-0941 (EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5  ...)
 	NOT-FOR-US: EMC
-CVE-2013-0940
+CVE-2013-0940 (The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and  ...)
 	NOT-FOR-US: EMC NetWorker
-CVE-2013-0939
+CVE-2013-0939 (EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, D ...)
 	NOT-FOR-US: EMC
-CVE-2013-0938
+CVE-2013-0938 (Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop befo ...)
 	NOT-FOR-US: EMC
-CVE-2013-0937
+CVE-2013-0937 (Session fixation vulnerability in EMC Documentum Webtop before 6.7 SP2 ...)
 	NOT-FOR-US: EMC
-CVE-2013-0936
+CVE-2013-0936 (Cross-site scripting (XSS) vulnerability in EMC Smarts IP Manager, Sma ...)
 	NOT-FOR-US: EMC
-CVE-2013-0935
+CVE-2013-0935 (EMC Smarts Network Configuration Manager (NCM) before 9.2 does not req ...)
 	NOT-FOR-US: EMC
-CVE-2013-0934
+CVE-2013-0934 (EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework ...)
 	NOT-FOR-US: EMC
-CVE-2013-0933
+CVE-2013-0933 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer  ...)
 	NOT-FOR-US: EMC
-CVE-2013-0932
+CVE-2013-0932 (EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework ...)
 	NOT-FOR-US: EMC
-CVE-2013-0931
+CVE-2013-0931 (EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not en ...)
 	NOT-FOR-US: EMC RSA
-CVE-2013-0930
+CVE-2013-0930 (Buffer overflow in Drive Control Program (DCP) in EMC AlphaStor 4.0 be ...)
 	NOT-FOR-US: EMC AlphaStor
-CVE-2013-0929
+CVE-2013-0929 (Format string vulnerability in the _vsnsprintf function in rrobotd.exe ...)
 	NOT-FOR-US: EMC AlphaStor
-CVE-2013-0928
+CVE-2013-0928 (The NetWorker command processor in rrobotd.exe in the Device Manager i ...)
 	NOT-FOR-US: EMC AlphaStor
-CVE-2013-0927
+CVE-2013-0927 (Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c r ...)
 	NOT-FOR-US: Chrome OS
-CVE-2013-0926
+CVE-2013-0926 (Google Chrome before 26.0.1410.43 does not properly handle active cont ...)
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0925
+CVE-2013-0925 (Google Chrome before 26.0.1410.43 does not ensure that an extension ha ...)
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0924
+CVE-2013-0924 (The extension functionality in Google Chrome before 26.0.1410.43 does  ...)
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0923
+CVE-2013-0923 (The USB Apps API in Google Chrome before 26.0.1410.43 allows remote at ...)
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0922
+CVE-2013-0922 (Google Chrome before 26.0.1410.43 does not properly restrict brute-for ...)
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0921
+CVE-2013-0921 (The Isolated Sites feature in Google Chrome before 26.0.1410.43 does n ...)
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0920
+CVE-2013-0920 (Use-after-free vulnerability in the extension bookmarks API in Google  ...)
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0919
+CVE-2013-0919 (Use-after-free vulnerability in Google Chrome before 26.0.1410.43 on L ...)
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0918
+CVE-2013-0918 (Google Chrome before 26.0.1410.43 does not prevent navigation to devel ...)
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0917
+CVE-2013-0917 (The URL loader in Google Chrome before 26.0.1410.43 allows remote atta ...)
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0916
+CVE-2013-0916 (Use-after-free vulnerability in the Web Audio implementation in Google ...)
 	- chromium-browser 26.0.1410.43-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0915
+CVE-2013-0915 (The GPU process in Google Chrome OS before 25.0.1364.173 allows attack ...)
 	NOT-FOR-US: Overflow in Chrome-specific libs
-CVE-2013-0914
+CVE-2013-0914 (The flush_signal_handlers function in kernel/signal.c in the Linux ker ...)
 	{DSA-2668-1}
 	- linux 3.2.41-1 (low)
 	- linux-2.6 <removed> (low)
-CVE-2013-0913
+CVE-2013-0913 (Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the  ...)
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code was introduced later)
-CVE-2013-0912
+CVE-2013-0912 (WebKit in Google Chrome before 25.0.1364.160 allows remote attackers t ...)
 	- chromium-browser 25.0.1364.160-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0911
+CVE-2013-0911 (Directory traversal vulnerability in Google Chrome before 25.0.1364.15 ...)
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0910
+CVE-2013-0910 (Google Chrome before 25.0.1364.152 does not properly manage the intera ...)
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0909
+CVE-2013-0909 (The XSS Auditor in Google Chrome before 25.0.1364.152 allows remote at ...)
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0908
+CVE-2013-0908 (Google Chrome before 25.0.1364.152 does not properly manage bindings o ...)
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0907
+CVE-2013-0907 (Race condition in Google Chrome before 25.0.1364.152 allows remote att ...)
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0906
+CVE-2013-0906 (The IndexedDB implementation in Google Chrome before 25.0.1364.152 all ...)
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0905
+CVE-2013-0905 (Use-after-free vulnerability in Google Chrome before 25.0.1364.152 all ...)
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0904
+CVE-2013-0904 (The Web Audio implementation in Google Chrome before 25.0.1364.152 all ...)
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0903
+CVE-2013-0903 (Use-after-free vulnerability in Google Chrome before 25.0.1364.152 all ...)
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0902
+CVE-2013-0902 (Use-after-free vulnerability in the frame-loader implementation in Goo ...)
 	- chromium-browser 25.0.1364.152-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2013-0901
 	RESERVED
-CVE-2013-0900
+CVE-2013-0900 (Race condition in the International Components for Unicode (ICU) funct ...)
 	{DSA-2786-1}
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
 	- icu 4.8.1.1-12 (low; bug #702346)
 	[squeeze] - icu <no-dsa> (Minor issue for standalone ICU outside of browser context)
-CVE-2013-0899
+CVE-2013-0899 (Integer overflow in the padding implementation in the opus_packet_pars ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
 	- opus 0.9.14+20120615-1+nmu1 (bug #704870)
-CVE-2013-0898
+CVE-2013-0898 (Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on W ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0897
+CVE-2013-0897 (Off-by-one error in the PDF functionality in Google Chrome before 25.0 ...)
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0896
+CVE-2013-0896 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25. ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0895
+CVE-2013-0895 (Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0894
+CVE-2013-0894 (Buffer overflow in the vorbis_parse_setup_hdr_floors function in the V ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.6-1 (bug #703200)
-CVE-2013-0893
+CVE-2013-0893 (Race condition in Google Chrome before 25.0.1364.97 on Windows and Lin ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0892
+CVE-2013-0892 (Multiple unspecified vulnerabilities in the IPC layer in Google Chrome ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0891
+CVE-2013-0891 (Integer overflow in Google Chrome before 25.0.1364.97 on Windows and L ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0890
+CVE-2013-0890 (Multiple unspecified vulnerabilities in the IPC layer in Google Chrome ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0889
+CVE-2013-0889 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25. ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0888
+CVE-2013-0888 (Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linu ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0887
+CVE-2013-0887 (The developer-tools process in Google Chrome before 25.0.1364.97 on Wi ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0886
+CVE-2013-0886 (Google Chrome before 25.0.1364.99 on Mac OS X does not properly implem ...)
 	- chromium-browser <not-affected> (Mac OS X only)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0885
+CVE-2013-0885 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25. ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0884
+CVE-2013-0884 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25. ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0883
+CVE-2013-0883 (Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linu ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0882
+CVE-2013-0882 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25. ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0881
+CVE-2013-0881 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25. ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0880
+CVE-2013-0880 (Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on W ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0879
+CVE-2013-0879 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25. ...)
 	- chromium-browser 25.0.1364.97-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0878
+CVE-2013-0878 (The advance_line function in libavcodec/targa.c in FFmpeg before 1.1.3 ...)
 	- ffmpeg <not-affected> (Affected code not present in 0.5 ffmpeg)
 	- libav <not-affected> (Affected code not present in libav)
-CVE-2013-0877
+CVE-2013-0877 (The old_codec37 function in libavcodec/sanm.c in FFmpeg before 1.1.3 a ...)
 	- ffmpeg <not-affected> (Smush codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (Smush codec not present in libav)
-CVE-2013-0876
+CVE-2013-0876 (Multiple integer overflows in the (1) old_codec37 and (2) old_codec47  ...)
 	- ffmpeg <not-affected> (Smush codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (Smush codec not present in libav)
-CVE-2013-0875
+CVE-2013-0875 (The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in FFm ...)
 	- ffmpeg <not-affected> (Affected code not present in 0.5 ffmpeg)
 	- libav <not-affected> (Affected code not present in libav)
-CVE-2013-0874
+CVE-2013-0874 (The (1) doubles2str and (2) shorts2str functions in libavcodec/tiff.c  ...)
 	- ffmpeg <not-affected> (Affected code not present in 0.5 ffmpeg)
 	- libav <not-affected> (Affected code not present in libav)
-CVE-2013-0873
+CVE-2013-0873 (The read_header function in libavcodec/shorten.c in FFmpeg before 1.1. ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.6-1 (bug #717009)
 	NOTE: Commit in libav trunk http://git.libav.org/?p=libav.git;a=commit;h=c10da30d8426a1f681d99a780b6e311f7fb4e5c5
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=4f1279154ee9baf2078241bf5619774970d18b25
 	NOTE: Fix needed for ffmpeg 0.5
-CVE-2013-0872
+CVE-2013-0872 (The swr_init function in libswresample/swresample.c in FFmpeg before 1 ...)
 	- ffmpeg <not-affected> (libswresample not yet present in ffmpeg/0.5)
 	- libav <not-affected> (libswresample not present in libav, linavresamle not affected)
-CVE-2013-0871
+CVE-2013-0871 (Race condition in the ptrace functionality in the Linux kernel before  ...)
 	{DSA-2632-1}
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
-CVE-2013-0870
+CVE-2013-0870 (The 'vp3_decode_frame' function in FFmpeg 1.1.4 moves threads check ou ...)
 	- ffmpeg <not-affected> (No threading support in vp3 from ffmpeg 0.5)
 	- libav <not-affected> (Vulnerable code added in ffmpeg post-merge)
-CVE-2013-0869
+CVE-2013-0869 (The field_end function in libavcodec/h264.c in FFmpeg before 1.1.2 all ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.5-1
 	NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commit;h=706acb558a38eba633056773280155d66c2f4b24
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=695af8eed642ff0104834495652d1ee784a4c14d
 	NOTE: Fix needed in ffmpeg 0.5
-CVE-2013-0868
+CVE-2013-0868 (libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers ...)
 	{DSA-3003-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.3-1
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f67a0d115254461649470452058fa3c28c0df294
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
-CVE-2013-0867
+CVE-2013-0867 (The decode_slice_header function in libavcodec/h264.c in FFmpeg before ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Code in libav is different/not affect as per libav h264 maintainer)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=11c99c78bafa77f679a1a3ba06ad00984b9a4cae
-CVE-2013-0866
+CVE-2013-0866 (The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before 1 ...)
 	{DSA-2793-1}
 	- ffmpeg <not-affected> (Code in 0.5 is different/not affected)
 	- libav 6:0.8.7-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=96f452ac647dae33c53c242ef3266b65a9beafb6
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a943a132f36f4df8fe2f749744677b71984abce7
-CVE-2013-0865
+CVE-2013-0865 (The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg befor ...)
 	{DSA-2855-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:9.8-1 (bug #717009)
 	NOTE: libav commit: http://git.libav.org/?p=libav.git;a=commit;h=f7d18deb73d1dd1b27b2c7062c9a10d168a6c62a
-CVE-2013-0864
+CVE-2013-0864 (The gif_copy_img_rect function in libavcodec/gifdec.c in FFmpeg before ...)
 	- ffmpeg <not-affected> (These changes are specific to current ffmpeg and don't affect ffmpeg 0.5)
 	- libav <not-affected> ((These changes are specific to ffmpeg and don't affect libav)
-CVE-2013-0863
+CVE-2013-0863 (Buffer overflow in the rle_decode function in libavcodec/sanm.c in FFm ...)
 	- ffmpeg <not-affected> (Smush codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (Smush codec not present in libav)
-CVE-2013-0862
+CVE-2013-0862 (Multiple integer overflows in the process_frame_obj function in libavc ...)
 	- ffmpeg <not-affected> (Smush codec not present in 0.5 ffmpeg)
 	- libav <not-affected> (Smush codec not present in libav)
-CVE-2013-0861
+CVE-2013-0861 (The avcodec_decode_audio4 function in libavcodec/utils.c in FFmpeg bef ...)
 	- ffmpeg <not-affected> (These changes are specific to current ffmpeg and don't affect ffmpeg 0.5)
 	- libav <not-affected> (Affected code not present in libav 0.8.x)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d270c3202539e8364c46410e15f7570800e33343
 	NOTE: Affects the libav version in experimental
-CVE-2013-0860
+CVE-2013-0860 (The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpe ...)
 	{DSA-3003-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.1-1
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=23318a57358358e7a4dc551e830e4503f0638cfe
 	NOTE: [Vittorio] not present in master and 10, fix pushed to 9 and 0.8
-CVE-2013-0859
+CVE-2013-0859 (The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg befor ...)
 	- ffmpeg <not-affected> (These changes are specific to current ffmpeg and don't affect ffmpeg 0.5)
 	- libav <not-affected> ((These changes are specific to ffmpeg and don't affect libav)
-CVE-2013-0858
+CVE-2013-0858 (The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg befor ...)
 	{DSA-2793-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -17845,45 +17845,45 @@ CVE-2013-0858
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=13451f5520ce6b0afde861b2285dda659f8d4fb4
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=50cf5a7fb78846fc39b3ecdaa896a10bcd74da2a
 	NOTE: Fixed in 0.8.9
-CVE-2013-0857
+CVE-2013-0857 (The decode_frame_ilbm function in libavcodec/iff.c in FFmpeg before 1. ...)
 	{DSA-2793-1}
 	- ffmpeg <not-affected> (IFF PBM/ILBM bitmap decoder not present in 0.5 ffmpeg)
 	- libav 6:9.9-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=2fbb37b51bbea891392ad357baf8f3dff00bac05
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=7d65e960c72f36b73ae7fe84f8e427d758e61da9
 	NOTE: Fixed in 0.8.9
-CVE-2013-0856
+CVE-2013-0856 (The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1  ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:9.10-1
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=fd4f4923cce6a2cbf4f48640b4ac706e614a1594
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=78aa2ed620178044a227fbbe48f749c0dc86023f
-CVE-2013-0855
+CVE-2013-0855 (Integer overflow in the alac_decode_close function in libavcodec/alac. ...)
 	- ffmpeg <not-affected> (0.5 series not affected)
 	- libav 6:9.9-1 (bug #717009)
 	[wheezy] - libav <not-affected> (0.8 series not affected)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3920d1387834e2bc334aff9f518f4beb24e470bd
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=f7c5883126f9440547933eefcf000aa78af4821c
-CVE-2013-0854
+CVE-2013-0854 (The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c ...)
 	{DSA-2793-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.8-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1f41cffe1e3e79620f587545bdfcbd7e6e68ed29
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=cfbd98abe82cfcb9984a18d08697251b72b110c8
-CVE-2013-0853
+CVE-2013-0853 (The wavpack_decode_frame function in libavcodec/wavpack.c in FFmpeg be ...)
 	{DSA-2793-1}
 	- ffmpeg <not-affected> (Vulnerability introduced later)
 	- libav 6:0.8.8-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=be818df547c3b0ae4fadb50fd210139a8636706a
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=ed50673066956d6f2201a57c3254569f2ab08d9d
-CVE-2013-0852
+CVE-2013-0852 (The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg ...)
 	{DSA-3003-1}
 	- ffmpeg <not-affected> (PGS subtitle decoder not present)
 	- libav 6:10.3-1
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c0d68be555f5858703383040e04fcd6529777061
-CVE-2013-0851
+CVE-2013-0851 (The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 a ...)
 	{DSA-3003-1}
 	- ffmpeg <not-affected> (Electronic Arts Madcow Video decoder not present in ffmpeg 0.5)
 	- libav 6:10.3-1
@@ -17891,32 +17891,32 @@ CVE-2013-0851
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=f9204ec56a4cf73843d1e5b8563d3584c2c05b47 (v10)
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=e8ff7972064631afbdf240ec6bfd9dec30cf2ce8 (v9)
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=187cfd3c13a1deb47661486824a5b8f41e158a7a (v0.8)
-CVE-2013-0850
+CVE-2013-0850 (The decode_slice_header function in libavcodec/h264.c in FFmpeg before ...)
 	{DSA-2793-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.7-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6c184880ee2e09fd68c0ae217173832cee5afc1
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=6e5cdf26281945ddea3aaf5eca4d127791f23ca8
-CVE-2013-0849
+CVE-2013-0849 (The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg bef ...)
 	{DSA-2855-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:9.3-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3ae610451170cd5a28b33950006ff0bd23036845
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=488f87be873506abb01d67708a67c10a4dd29283
-CVE-2013-0848
+CVE-2013-0848 (The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1  ...)
 	{DSA-3003-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.4-1
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6abb9a901fca27da14d4fffbb01948288b5da3ba
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=a7153444df9040bf6ae103e0bbf6104b66f974cb
-CVE-2013-0847
+CVE-2013-0847 (The ff_id3v2_parse function in libavformat/id3v2.c in FFmpeg before 1. ...)
 	- ffmpeg <not-affected> (Affected code not present in ffmpeg 0.5)
 	- libav <not-affected> (Code in libav is different, read_ttag)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=10416a4d56fa8a89784e4fb62099c3cab17a9952
-CVE-2013-0846
+CVE-2013-0846 (Array index error in the qdm2_decode_super_block function in libavcode ...)
 	{DSA-2855-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -17924,7 +17924,7 @@ CVE-2013-0846
 	NOTE: ffmpeg commit: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a7ee6281f7ef1c29284e3a4cadfe0f227ffde1ed
 	NOTE: libav commit: http://git.libav.org/?p=libav.git;a=commit;h=39bec05ed42e505d17877b0c23f16322f9b5883b
 	NOTE: Needed for ffmpeg 0.5
-CVE-2013-0845
+CVE-2013-0845 (libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to  ...)
 	{DSA-2855-1}
 	- ffmpeg <not-affected> (MPEG-4 ALS decoder not present in ffmpeg/0.5)
 	- libav 6:9.11-1
@@ -17932,7 +17932,7 @@ CVE-2013-0845
 	NOTE: Fixed in revisions: v9-2748-g2a0fb72, v9.10-7-g3f7d890
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=2a0fb72
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=3f7d890
-CVE-2013-0844
+CVE-2013-0844 (Off-by-one error in the adpcm_decode_frame function in libavcodec/adpc ...)
 	{DSA-2793-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -17940,53 +17940,53 @@ CVE-2013-0844
 	NOTE: ffmpeg commit: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f18c873ab5ee3c78d00fdcc2582b39c133faecb4
 	NOTE: libav commit: https://git.libav.org/?p=libav.git;a=commitdiff;h=12576afe206d35231ccd61f9033c5fdab6a11e
 	NOTE: Fixed in 0.8.9
-CVE-2013-0843
+CVE-2013-0843 (content/renderer/media/webrtc_audio_renderer.cc in Google Chrome befor ...)
 	- chromium-browser <not-affected> (MacOS-specific)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0842
+CVE-2013-0842 (Google Chrome before 24.0.1312.56 does not properly handle %00 charact ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0841
+CVE-2013-0841 (Array index error in the content-blocking functionality in Google Chro ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0840
+CVE-2013-0840 (Google Chrome before 24.0.1312.56 does not validate URLs during the op ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0839
+CVE-2013-0839 (Use-after-free vulnerability in Google Chrome before 24.0.1312.56 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0838
+CVE-2013-0838 (Google Chrome before 24.0.1312.52 on Linux uses weak permissions for s ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0837
+CVE-2013-0837 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a d ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0836
+CVE-2013-0836 (Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.5 ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8 <not-affected> (bug #702261; vulnerablility was fixed by reverting to old implementation as found in version 3.8.9.20)
-CVE-2013-0835
+CVE-2013-0835 (Unspecified vulnerability in the Geolocation implementation in Google  ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0834
+CVE-2013-0834 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a d ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0833
+CVE-2013-0833 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a d ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0832
+CVE-2013-0832 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allo ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0831
+CVE-2013-0831 (Directory traversal vulnerability in Google Chrome before 24.0.1312.52 ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0830
+CVE-2013-0830 (The IPC layer in Google Chrome before 24.0.1312.52 on Windows omits a  ...)
 	- chromium-browser <not-affected> (Only affects Windows)
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0829
+CVE-2013-0829 (Google Chrome before 24.0.1312.52 does not properly maintain database  ...)
 	- chromium-browser 24.0.1312.68-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2013-0828
+CVE-2013-0828 (The PDF functionality in Google Chrome before 24.0.1312.52 does not pr ...)
 	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2013-0827
@@ -18021,28 +18021,28 @@ CVE-2013-0813
 	RESERVED
 CVE-2013-0812
 	RESERVED
-CVE-2013-0811
+CVE-2013-0811 (Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 al ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0810
+CVE-2013-0810 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vis ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-0809
+CVE-2013-0809 (Unspecified vulnerability in the 2D component in the Java Runtime Envi ...)
 	- openjdk-6 6b27-1.12.4-1
 	- openjdk-7 7u3-2.1.7-1
 CVE-2013-0808
 	RESERVED
-CVE-2013-0807
+CVE-2013-0807 (Cross-site scripting (XSS) vulnerability in the NewSectionPrompt funct ...)
 	NOT-FOR-US: gpEasy CMS
 CVE-2013-0806
 	RESERVED
-CVE-2013-0805
+CVE-2013-0805 (Multiple cross-site scripting (XSS) vulnerabilities in the search feat ...)
 	NOT-FOR-US: IT Operations Portal
-CVE-2013-0804
+CVE-2013-0804 (The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP ...)
 	NOT-FOR-US: GroupWise
 CVE-2013-0803
 	RESERVED
 CVE-2013-0802
 	RESERVED
-CVE-2013-0801
+CVE-2013-0801 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2720-1 DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -18051,7 +18051,7 @@ CVE-2013-0801
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0800
+CVE-2013-0800 (Integer signedness error in the pixman_fill_sse2 function in pixman-ss ...)
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -18064,13 +18064,13 @@ CVE-2013-0800
 	NOTE: The description is misleading: Firefox embeds a copy of Cairo, the interdiff
 	NOTE: shows the respective change at mozilla-esr17/gfx/cairo/cairo/src/cairo-image-surface.c
 	NOTE: Apparently the forked copy has changed, the code isn't present in vanilla Cairo
-CVE-2013-0799
+CVE-2013-0799 (Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox  ...)
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
-CVE-2013-0798
+CVE-2013-0798 (Mozilla Firefox before 20.0 on Android uses world-writable and world-r ...)
 	- iceweasel <not-affected> (Only affects Firefox on Android)
-CVE-2013-0797
+CVE-2013-0797 (Untrusted search path vulnerability in the Mozilla Updater in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
-CVE-2013-0796
+CVE-2013-0796 (The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x b ...)
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -18079,7 +18079,7 @@ CVE-2013-0796
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0795
+CVE-2013-0795 (The System Only Wrapper (SOW) implementation in Mozilla Firefox before ...)
 	{DSA-2720-1 DSA-2699-1}
 	- icedove 17.0.7-1
 	[squeeze] - icedove <end-of-life>
@@ -18088,13 +18088,13 @@ CVE-2013-0795
 	- iceweasel 17.0.5esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0794
+CVE-2013-0794 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent o ...)
 	- iceweasel 17.0.5esr-1 (low)
 	[squeeze] - iceweasel <end-of-life>
 	- iceape <removed> (low)
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0793
+CVE-2013-0793 (Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbi ...)
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -18103,22 +18103,22 @@ CVE-2013-0793
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0792
+CVE-2013-0792 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_ ...)
 	- iceweasel 17.0.5esr-1 (low)
 	[squeeze] - iceweasel <end-of-life>
 	- iceape <removed> (low)
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0791
+CVE-2013-0791 (The CERT_DecodeCertPackage function in Mozilla Network Security Servic ...)
 	- nss 2:3.14.3-1 (unimportant)
 	NOTE: client crash only
-CVE-2013-0790
+CVE-2013-0790 (Unspecified vulnerability in the browser engine in Mozilla Firefox bef ...)
 	- iceweasel <not-affected> (Only affects Firefox on Android)
-CVE-2013-0789
+CVE-2013-0789 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox 19)
 	- icedove <not-affected> (Only affects Firefox 19)
 	- iceape <not-affected> (Only affects Firefox 19)
-CVE-2013-0788
+CVE-2013-0788 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -18127,7 +18127,7 @@ CVE-2013-0788
 	- icedove 17.0.5-1
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0787
+CVE-2013-0787 (Use-after-free vulnerability in the nsEditor::IsPreformatted function  ...)
 	{DSA-2699-1}
 	[squeeze] - iceweasel <end-of-life>
 	- iceweasel 17.0.5esr-1
@@ -18136,19 +18136,19 @@ CVE-2013-0787
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0786
+CVE-2013-0786 (The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2013-0785
+CVE-2013-0785 (Cross-site scripting (XSS) vulnerability in show_bug.cgi in Bugzilla b ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2013-0784
+CVE-2013-0784 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0783
+CVE-2013-0783 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	[squeeze] - iceweasel <end-of-life>
@@ -18157,7 +18157,7 @@ CVE-2013-0783
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0782
+CVE-2013-0782 (Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion ...)
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	[squeeze] - iceweasel <end-of-life>
@@ -18166,11 +18166,11 @@ CVE-2013-0782
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0781
+CVE-2013-0781 (Use-after-free vulnerability in the nsPrintEngine::CommonPrint functio ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0780
+CVE-2013-0780 (Use-after-free vulnerability in the nsOverflowContinuationTracker::Fin ...)
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	[squeeze] - iceweasel <end-of-life>
@@ -18179,19 +18179,19 @@ CVE-2013-0780
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0779
+CVE-2013-0779 (The nsCodingStateMachine::NextState function in Mozilla Firefox before ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0778
+CVE-2013-0778 (The ClusterIterator::NextCluster function in Mozilla Firefox before 19 ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0777
+CVE-2013-0777 (Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint fun ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0776
+CVE-2013-0776 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbi ...)
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	[squeeze] - iceweasel <end-of-life>
@@ -18200,7 +18200,7 @@ CVE-2013-0776
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0775
+CVE-2013-0775 (Use-after-free vulnerability in the nsImageLoadingContent::OnStopConta ...)
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	[squeeze] - iceweasel <end-of-life>
@@ -18209,11 +18209,11 @@ CVE-2013-0775
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0774
+CVE-2013-0774 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbi ...)
 	- iceape <not-affected> (Introduced in Firefox 15)
 	- iceweasel <not-affected> (Introduced in Firefox 15)
 	- icedove <not-affected> (Introduced in Firefox 15)
-CVE-2013-0773
+CVE-2013-0773 (The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implemen ...)
 	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	[squeeze] - iceweasel <end-of-life>
@@ -18222,152 +18222,152 @@ CVE-2013-0773
 	- iceape <removed>
 	[squeeze] - iceape <end-of-life>
 	[wheezy] - iceape <end-of-life>
-CVE-2013-0772
+CVE-2013-0772 (The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0,  ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0771
+CVE-2013-0771 (Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundari ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0770
+CVE-2013-0770 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0769
+CVE-2013-0769 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 10.0.12-1
 	[squeeze] - icedove <end-of-life>
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0768
+CVE-2013-0768 (Stack-based buffer overflow in the Canvas implementation in Mozilla Fi ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0767
+CVE-2013-0767 (The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox b ...)
 	[squeeze] - iceweasel <end-of-life>
 	- iceweasel 10.0.12esr-1
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0766
+CVE-2013-0766 (Use-after-free vulnerability in the ~nsHTMLEditRules implementation in ...)
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0765
+CVE-2013-0765 (Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey  ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0764
+CVE-2013-0764 (The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox befo ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0763
+CVE-2013-0763 (Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox E ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0762
+CVE-2013-0762 (Use-after-free vulnerability in the imgRequest::OnStopFrame function i ...)
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0761
+CVE-2013-0761 (Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrac ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0760
+CVE-2013-0760 (Buffer overflow in the CharDistributionAnalysis::HandleOneChar functio ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0759
+CVE-2013-0759 (Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x  ...)
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0758
+CVE-2013-0758 (Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x  ...)
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0757
+CVE-2013-0757 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox befo ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0756
+CVE-2013-0756 (Use-after-free vulnerability in the obj_toSource function in Mozilla F ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0755
+CVE-2013-0755 (Use-after-free vulnerability in the mozVibrate implementation in the V ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0754
+CVE-2013-0754 (Use-after-free vulnerability in the ListenerManager implementation in  ...)
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0753
+CVE-2013-0753 (Use-after-free vulnerability in the serializeToStream implementation i ...)
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 10.0.12-1
 	[squeeze] - icedove <end-of-life>
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0752
+CVE-2013-0752 (Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbi ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0751
+CVE-2013-0751 (Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do no ...)
 	- iceape <not-affected> (Android-specific)
 	- iceweasel <not-affected> (Android-specific)
 	- icedove <not-affected> (Android-specific)
-CVE-2013-0750
+CVE-2013-0750 (Integer overflow in the JavaScript implementation in Mozilla Firefox b ...)
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0749
+CVE-2013-0749 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0748
+CVE-2013-0748 (The XBL.__proto__.toString implementation in Mozilla Firefox before 18 ...)
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0747
+CVE-2013-0747 (The gPluginHandler.handleEvent function in the plugin handler in Mozil ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0746
+CVE-2013-0746 (Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x  ...)
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	- icedove 10.0.12-1
 	- iceape 2.7.12-1
 	[squeeze] - iceape <end-of-life>
-CVE-2013-0745
+CVE-2013-0745 (The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox E ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
-CVE-2013-0744
+CVE-2013-0744 (Use-after-free vulnerability in the TableBackgroundPainter::TableBackg ...)
 	- iceweasel 10.0.12esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 10.0.12-1
@@ -18376,11 +18376,11 @@ CVE-2013-0744
 	[squeeze] - iceape <end-of-life>
 CVE-2013-0743
 	REJECTED
-CVE-2013-0742
+CVE-2013-0742 (Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote att ...)
 	NOT-FOR-US: Corel PDF Fusion
-CVE-2013-0741
+CVE-2013-0741 (Cross-site scripting (XSS) vulnerability in imagegen.ashx in Percipien ...)
 	NOT-FOR-US: Percipient Studios ImageGen
-CVE-2013-0740
+CVE-2013-0740 (Open redirect vulnerability in Dell OpenManage Server Administrator (O ...)
 	NOT-FOR-US: Dell OpenManage Server Administrator
 CVE-2013-0739
 	RESERVED
@@ -18388,86 +18388,86 @@ CVE-2013-0738
 	RESERVED
 CVE-2013-0737
 	RESERVED
-CVE-2013-0736
+CVE-2013-0736 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Ming ...)
 	NOT-FOR-US: mingle forum plugin for wp
-CVE-2013-0735
+CVE-2013-0735 (Multiple SQL injection vulnerabilities in wpf.class.php in the Mingle  ...)
 	NOT-FOR-US: Mingle Forum Wordpress plugin
-CVE-2013-0734
+CVE-2013-0734 (Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Foru ...)
 	NOT-FOR-US: Mingle Forum Wordpress plugin
-CVE-2013-0733
+CVE-2013-0733 (Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 1 ...)
 	NOT-FOR-US: Corel PaintShop Pro
-CVE-2013-0732
+CVE-2013-0732 (Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before ...)
 	NOT-FOR-US: Nuance PDF Reader
-CVE-2013-0731
+CVE-2013-0731 (ajax.functions.php in the MailUp plugin before 1.3.3 for WordPress doe ...)
 	NOT-FOR-US: MailUp plugin for Wordpress
-CVE-2013-0730
+CVE-2013-0730 (Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 4.x th ...)
 	NOT-FOR-US: Newscoop
-CVE-2013-0729
+CVE-2013-0729 (Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5. ...)
 	NOT-FOR-US: Tracker Software PDF-XChange
-CVE-2013-0728
+CVE-2013-0728 (Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APO ...)
 	NOT-FOR-US: ERDAS ECWP Browser Plugin
-CVE-2013-0727
+CVE-2013-0727 (Multiple untrusted search path vulnerabilities in Global Mapper 14.1.0 ...)
 	NOT-FOR-US: Global Mapper
-CVE-2013-0726
+CVE-2013-0726 (Stack-based buffer overflow in the ERM_convert_to_correct_webpath func ...)
 	NOT-FOR-US: ERDAS ER Viewer
 CVE-2013-0725
 	RESERVED
-CVE-2013-0724
+CVE-2013-0724 (PHP remote file inclusion vulnerability in includes/generate-pdf.php i ...)
 	NOT-FOR-US: Wordpress plugin ecommerce Shop Styling
-CVE-2013-0723
+CVE-2013-0723 (Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsh ...)
 	NOT-FOR-US: Kingsoft Spreadsheets
-CVE-2013-0722
+CVE-2013-0722 (Stack-based buffer overflow in the scan_load_hosts function in ec_scan ...)
 	- ettercap 1:0.7.5.1-2 (low; bug #697987)
 	[squeeze] - ettercap 1:0.7.3-2.1+squeeze1
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/10/2
 	NOTE: http://www.exploit-db.com/exploits/23945/
 	NOTE: https://secunia.com/advisories/51731/
 	NOTE: Proposed patch http://www.securation.com/files/2013/01/ec.patch
-CVE-2013-0721
+CVE-2013-0721 (wp-php-widget.php in the WP PHP widget plugin 1.0.2 for WordPress allo ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2013-0720
+CVE-2013-0720 (The COBIME application before 0.9.4 for Android uses weak permissions  ...)
 	NOT-FOR-US: COBIME
-CVE-2013-0719
+CVE-2013-0719 (The ArtIME Japanese Input application 1.1.2 and earlier for Android us ...)
 	NOT-FOR-US: ArtIME Japanese Input application
-CVE-2013-0718
+CVE-2013-0718 (The Simeji application 4.8.1 and earlier for Android uses weak permiss ...)
 	NOT-FOR-US: Simeji
-CVE-2013-0717
+CVE-2013-0717 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web- ...)
 	NOT-FOR-US: NEC Aterm routers
-CVE-2013-0716
+CVE-2013-0716 (The web server in Wind River VxWorks 5.5 through 6.9 allows remote att ...)
 	NOT-FOR-US: Wind River VxWorks
-CVE-2013-0715
+CVE-2013-0715 (The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remo ...)
 	NOT-FOR-US: Wind River VxWorks
-CVE-2013-0714
+CVE-2013-0714 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allow ...)
 	NOT-FOR-US: Wind River VxWorks
-CVE-2013-0713
+CVE-2013-0713 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allow ...)
 	NOT-FOR-US: Wind River VxWorks
-CVE-2013-0712
+CVE-2013-0712 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allow ...)
 	NOT-FOR-US: Wind River VxWorks
-CVE-2013-0711
+CVE-2013-0711 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allow ...)
 	NOT-FOR-US: Wind River VxWorks
-CVE-2013-0710
+CVE-2013-0710 (Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows re ...)
 	NOT-FOR-US: Kingsoft Writer
-CVE-2013-0709
+CVE-2013-0709 (Cross-site scripting (XSS) vulnerability in dopvSTAR* 0091 allows remo ...)
 	NOT-FOR-US: Bayashi dopvSTAR
-CVE-2013-0708
+CVE-2013-0708 (Cross-site scripting (XSS) vulnerability in dopvCOMET* 0009b allows re ...)
 	NOT-FOR-US: Bayashi dopvCOMET
-CVE-2013-0707
+CVE-2013-0707 (Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichit ...)
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2013-0706
+CVE-2013-0706 (NEC Universal RAID Utility 1.40 Rev 680 and earlier, 2.31 Rev 1492 and ...)
 	NOT-FOR-US: NEC Universal RAID Utility
-CVE-2013-0705
+CVE-2013-0705 (Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) befo ...)
 	NOT-FOR-US: LSI 3ware Disk Manager
-CVE-2013-0704
+CVE-2013-0704 (Directory traversal vulnerability in the GREE application before 1.3.3 ...)
 	NOT-FOR-US: GREE Android app
-CVE-2013-0703
+CVE-2013-0703 (Cross-site scripting (XSS) vulnerability in imgboard.com imgboard befo ...)
 	NOT-FOR-US: imgboard
-CVE-2013-0702
+CVE-2013-0702 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 throug ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-0701
+CVE-2013-0701 (SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allow ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2013-0700
+CVE-2013-0700 (Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cau ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2013-0699
+CVE-2013-0699 (The Galil RIO-47100 Pocket PLC allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Galil RIO-47100
 CVE-2013-0698
 	REJECTED
@@ -18477,243 +18477,243 @@ CVE-2013-0696
 	REJECTED
 CVE-2013-0695
 	REJECTED
-CVE-2013-0694
+CVE-2013-0694 (The Emerson Process Management ROC800 RTU with software 3.50 and earli ...)
 	NOT-FOR-US: Emerson Process Management
-CVE-2013-0693
+CVE-2013-0693 (The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU wi ...)
 	NOT-FOR-US: Emerson Process Management
-CVE-2013-0692
+CVE-2013-0692 (The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU wi ...)
 	NOT-FOR-US: Emerson Process Management
 CVE-2013-0691
 	REJECTED
 CVE-2013-0690
 	REJECTED
-CVE-2013-0689
+CVE-2013-0689 (The TFTP server on the Emerson Process Management ROC800 RTU with soft ...)
 	NOT-FOR-US: Emerson Process Management
-CVE-2013-0688
+CVE-2013-0688 (Cross-site scripting (XSS) vulnerability in Invensys Wonderware Inform ...)
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2013-0687
+CVE-2013-0687 (The installer routine in Schneider Electric MiCOM S1 Studio uses world ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2013-0686
+CVE-2013-0686 (Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal,  ...)
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2013-0685
+CVE-2013-0685 (Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal,  ...)
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2013-0684
+CVE-2013-0684 (SQL injection vulnerability in Invensys Wonderware Information Server  ...)
 	NOT-FOR-US: Invensys Wonderware Information Server
-CVE-2013-0683
+CVE-2013-0683 (The DataSim and DataPid demonstration clients in Cogent Real-Time Syst ...)
 	NOT-FOR-US: DataSim and DataPid demonstration clients
-CVE-2013-0682
+CVE-2013-0682 (Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub befo ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2013-0681
+CVE-2013-0681 (Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub befo ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2013-0680
+CVE-2013-0680 (Stack-based buffer overflow in the web server in Cogent Real-Time Syst ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2013-0679
+CVE-2013-0679 (Directory traversal vulnerability in the web server in Siemens WinCC b ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0678
+CVE-2013-0678 (Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and o ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0677
+CVE-2013-0677 (The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 be ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0676
+CVE-2013-0676 (Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and o ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0675
+CVE-2013-0675 (Buffer overflow in CCEServer (aka the central communications component ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0674
+CVE-2013-0674 (Buffer overflow in the RegReader ActiveX control in Siemens WinCC befo ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0673
+CVE-2013-0673 (Directory traversal vulnerability in the web interface in the Health M ...)
 	NOT-FOR-US: MatrikonOPC
-CVE-2013-0672
+CVE-2013-0672 (Cross-site scripting (XSS) vulnerability in the HMI web application in ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0671
+CVE-2013-0671 (Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 all ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0670
+CVE-2013-0670 (CRLF injection vulnerability in the HMI web application in Siemens Win ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0669
+CVE-2013-0669 (The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0668
+CVE-2013-0668 (Multiple cross-site scripting (XSS) vulnerabilities in the HMI web app ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0667
+CVE-2013-0667 (Cross-site scripting (XSS) vulnerability in the HMI web application in ...)
 	NOT-FOR-US: Siemens WinCC
-CVE-2013-0666
+CVE-2013-0666 (The configuration utility in MatrikonOPC Security Gateway 1.0 allows r ...)
 	NOT-FOR-US: MatrikonOPC
-CVE-2013-0665
+CVE-2013-0665 (Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before  ...)
 	NOT-FOR-US: Schweitzer Engineering Laboratories AcSELerator QuickSet
-CVE-2013-0664
+CVE-2013-0664 (The FactoryCast service on the Schneider Electric Quantum 140NOE77111  ...)
 	NOT-FOR-US: Schneider Electric Quantum modules
-CVE-2013-0663
+CVE-2013-0663 (Cross-site request forgery (CSRF) vulnerability on the Schneider Elect ...)
 	NOT-FOR-US: Schneider Electric Quantum modules
-CVE-2013-0662
+CVE-2013-0662 (Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider El ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2013-0661
 	RESERVED
 CVE-2013-0660
 	RESERVED
-CVE-2013-0659
+CVE-2013-0659 (The debugging feature on the Siemens CP 1604 and CP 1616 interface car ...)
 	NOT-FOR-US: Siemens Interface Card
-CVE-2013-0658
+CVE-2013-0658 (Heap-based buffer overflow in RFManagerService.exe in Schneider Electr ...)
 	NOT-FOR-US: Schneider Electric Accutech Manager
-CVE-2013-0657
+CVE-2013-0657 (Stack-based buffer overflow in Schneider Electric Interactive Graphica ...)
 	NOT-FOR-US: Schneider Electric IGSS
-CVE-2013-0656
+CVE-2013-0656 (Buffer overflow in a third-party ActiveX component in Siemens SIMATIC  ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2013-0655
+CVE-2013-0655 (The client in Schneider Electric Software Update (SESU) Utility 1.0.x  ...)
 	NOT-FOR-US: Schneider Electric SESU
-CVE-2013-0654
+CVE-2013-0654 (CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICIT ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy
-CVE-2013-0653
+CVE-2013-0653 (Directory traversal vulnerability in substitute.bcl in the WebView Cim ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy
-CVE-2013-0652
+CVE-2013-0652 (GE Intelligent Platforms Proficy Real-Time Information Portal does not ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy
-CVE-2013-0651
+CVE-2013-0651 (The Portal installation process in GE Intelligent Platforms Proficy Re ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy
-CVE-2013-0650
+CVE-2013-0650 (Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0649
+CVE-2013-0649 (Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0648
+CVE-2013-0648 (Unspecified vulnerability in the ExternalInterface ActionScript functi ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0647
+CVE-2013-0647 (Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0646
+CVE-2013-0646 (Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x bef ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0645
+CVE-2013-0645 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0644
+CVE-2013-0644 (Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0643
+CVE-2013-0643 (The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0642
+CVE-2013-0642 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0641
+CVE-2013-0641 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x bef ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-0640
+CVE-2013-0640 (Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-0639
+CVE-2013-0639 (Integer overflow in Adobe Flash Player before 10.3.183.63 and 11.x bef ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0638
+CVE-2013-0638 (Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0637
+CVE-2013-0637 (Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0636
+CVE-2013-0636 (Stack-based buffer overflow in Adobe Shockwave Player before 12.0.0.11 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-0635
+CVE-2013-0635 (Adobe Shockwave Player before 12.0.0.112 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2013-0634
+CVE-2013-0634 (Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on  ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0633
+CVE-2013-0633 (Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0632
+CVE-2013-0632 (administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-0631
+CVE-2013-0631 (Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sens ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-0630
+CVE-2013-0630 (Buffer overflow in Adobe Flash Player before 10.3.183.50 and 11.x befo ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2013-0629
+CVE-2013-0629 (Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not con ...)
 	NOT-FOR-US: Adobe ColdFusion
 CVE-2013-0628
 	REJECTED
-CVE-2013-0627
+CVE-2013-0627 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0626
+CVE-2013-0626 (Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0625
+CVE-2013-0625 (Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configu ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-0624
+CVE-2013-0624 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0623
+CVE-2013-0623 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0622
+CVE-2013-0622 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0621
+CVE-2013-0621 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x bef ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0620
+CVE-2013-0620 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0619
+CVE-2013-0619 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0618
+CVE-2013-0618 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0617
+CVE-2013-0617 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x bef ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0616
+CVE-2013-0616 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0615
+CVE-2013-0615 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x bef ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0614
+CVE-2013-0614 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0613
+CVE-2013-0613 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x be ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0612
+CVE-2013-0612 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x bef ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0611
+CVE-2013-0611 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0610
+CVE-2013-0610 (Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0609
+CVE-2013-0609 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x be ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0608
+CVE-2013-0608 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0607
+CVE-2013-0607 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0606
+CVE-2013-0606 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x bef ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0605
+CVE-2013-0605 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0604
+CVE-2013-0604 (Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0603
+CVE-2013-0603 (Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0602
+CVE-2013-0602 (Use-after-free vulnerability in Adobe Reader and Acrobat 9.x before 9. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0601
+CVE-2013-0601 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2013-0600
+CVE-2013-0600 (Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance de ...)
 	NOT-FOR-US: IBM WebSphere DataPower XC10 Appliance devices
-CVE-2013-0599
+CVE-2013-0599 (IBM Eclipse Help System (IEHS), as used in IBM Rational Directory Serv ...)
 	NOT-FOR-US: IBM
-CVE-2013-0598
+CVE-2013-0598 (Cross-site request forgery (CSRF) vulnerability in the Web Client in I ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2013-0597
+CVE-2013-0597 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0596
+CVE-2013-0596 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0595
+CVE-2013-0595 (Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2013-0594
+CVE-2013-0594 (Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0593
+CVE-2013-0593 (Unspecified vulnerability in the olch2x32 ActiveX control in IBM SPSS  ...)
 	NOT-FOR-US: IBM SPSS SamplePower
-CVE-2013-0592
+CVE-2013-0592 (Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fi ...)
 	NOT-FOR-US: IBM
-CVE-2013-0591
+CVE-2013-0591 (Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus  ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2013-0590
+CVE-2013-0590 (Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus  ...)
 	NOT-FOR-US: IBM Lotus Domino
-CVE-2013-0589
+CVE-2013-0589 (IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote  ...)
 	NOT-FOR-US: IBM
 CVE-2013-0588
 	RESERVED
-CVE-2013-0587
+CVE-2013-0587 (Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere P ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-0586
+CVE-2013-0586 (Cross-site scripting (XSS) vulnerability in the server in IBM Cognos B ...)
 	NOT-FOR-US: IBM Cognos
-CVE-2013-0585
+CVE-2013-0585 (Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere  ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2013-0584
+CVE-2013-0584 (The Data Replication Dashboard component in IBM InfoSphere Replication ...)
 	NOT-FOR-US: IBM InfoSphere Replication Server
 CVE-2013-0583
 	RESERVED
-CVE-2013-0582
+CVE-2013-0582 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Ident ...)
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2013-0581
+CVE-2013-0581 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Business Pr ...)
 	NOT-FOR-US: IBM
-CVE-2013-0580
+CVE-2013-0580 (Cross-site request forgery (CSRF) vulnerability in the Optim E-Busines ...)
 	NOT-FOR-US: IBM
-CVE-2013-0579
+CVE-2013-0579 (The Optim E-Business Console in IBM Data Growth Solution for Oracle E- ...)
 	NOT-FOR-US: IBM
-CVE-2013-0578
+CVE-2013-0578 (The Sterling Order Management APIs in IBM Sterling Multi-Channel Fulfi ...)
 	NOT-FOR-US: IBM
-CVE-2013-0577
+CVE-2013-0577 (The Optim E-Business Console in IBM Data Growth Solution for Oracle E- ...)
 	NOT-FOR-US: IBM
-CVE-2013-0576
+CVE-2013-0576 (Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise Port ...)
 	NOT-FOR-US: IBM Tivoli Monitoring
 CVE-2013-0575
 	RESERVED
@@ -18721,21 +18721,21 @@ CVE-2013-0574
 	RESERVED
 CVE-2013-0573
 	RESERVED
-CVE-2013-0572
+CVE-2013-0572 (Cross-site scripting (XSS) vulnerability in IBM Document Connect for A ...)
 	NOT-FOR-US: IBM Document Connect for Application Support Facility
-CVE-2013-0571
+CVE-2013-0571 (Cross-site scripting (XSS) vulnerability in IBM Document Connect for A ...)
 	NOT-FOR-US: IBM Document Connect for Application Support Facility
-CVE-2013-0570
+CVE-2013-0570 (The Fibre Channel over Ethernet (FCoE) feature in IBM System Networkin ...)
 	NOT-FOR-US: IBM
-CVE-2013-0569
+CVE-2013-0569 (Cross-site scripting (XSS) vulnerability in the Communities component  ...)
 	NOT-FOR-US: IBM Connections
-CVE-2013-0568
+CVE-2013-0568 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0567
+CVE-2013-0567 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0566
+CVE-2013-0566 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Acceler ...)
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2013-0565
+CVE-2013-0565 (Cross-site scripting (XSS) vulnerability in the RPC adapter for the We ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2013-0564
 	RESERVED
@@ -18745,11 +18745,11 @@ CVE-2013-0562
 	RESERVED
 CVE-2013-0561
 	RESERVED
-CVE-2013-0560
+CVE-2013-0560 (Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0559
+CVE-2013-0559 (Unspecified vulnerability in IBM API Management 2.0 before 2.0.0.1 all ...)
 	NOT-FOR-US: IBM
-CVE-2013-0558
+CVE-2013-0558 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
 CVE-2013-0557
 	RESERVED
@@ -18759,17 +18759,17 @@ CVE-2013-0555
 	RESERVED
 CVE-2013-0554
 	RESERVED
-CVE-2013-0553
+CVE-2013-0553 (The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as us ...)
 	NOT-FOR-US: IBM Sametime
 CVE-2013-0552
 	RESERVED
-CVE-2013-0551
+CVE-2013-0551 (The Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 thro ...)
 	NOT-FOR-US: IBM Tivoli Monitoring
 CVE-2013-0550
 	REJECTED
-CVE-2013-0549
+CVE-2013-0549 (Cross-site scripting (XSS) vulnerability in the Web Content Manager -  ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2013-0548
+CVE-2013-0548 (Multiple cross-site scripting (XSS) vulnerabilities in the Basic Servi ...)
 	NOT-FOR-US: IBM Tivoli
 CVE-2013-0547
 	RESERVED
@@ -18777,59 +18777,59 @@ CVE-2013-0546
 	RESERVED
 CVE-2013-0545
 	RESERVED
-CVE-2013-0544
+CVE-2013-0544 (Directory traversal vulnerability in the Administrative Console in IBM ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0543
+CVE-2013-0543 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0542
+CVE-2013-0542 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0541
+CVE-2013-0541 (Buffer overflow in IBM WebSphere Application Server (WAS) 6.1 before 6 ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0540
+CVE-2013-0540 (IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before 8.5. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0539
+CVE-2013-0539 (An unspecified third-party component in IBM Sterling B2B Integrator 5. ...)
 	NOT-FOR-US: IBM
-CVE-2013-0538
+CVE-2013-0538 (Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x before ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2013-0537
+CVE-2013-0537 (The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0536
+CVE-2013-0536 (ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0 ...)
 	NOT-FOR-US: IBM Notes
-CVE-2013-0535
+CVE-2013-0535 (Multiple cross-site scripting (XSS) vulnerabilities in the Classic Mee ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-0534
+CVE-2013-0534 (The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-0533
+CVE-2013-0533 (Cross-site scripting (XSS) vulnerability in the Sametime Links server  ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2013-0532
+CVE-2013-0532 (Cross-site request forgery (CSRF) vulnerability in IBM Security AppSca ...)
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-0531
+CVE-2013-0531 (The SSL implementation in IBM Security AppScan Enterprise before 8.7.0 ...)
 	NOT-FOR-US: IBM
 CVE-2013-0530
 	RESERVED
-CVE-2013-0529
+CVE-2013-0529 (The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 ...)
 	NOT-FOR-US: IBM Sterling Connect:Direct
 CVE-2013-0528
 	REJECTED
-CVE-2013-0527
+CVE-2013-0527 (The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 ...)
 	NOT-FOR-US: IBM Sterling Connect:Direct
-CVE-2013-0526
+CVE-2013-0526 (ping.php in Global Console Manager 16 (GCM16) and Global Console Manag ...)
 	NOT-FOR-US: IBM GCM16
-CVE-2013-0525
+CVE-2013-0525 (Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5. ...)
 	NOT-FOR-US: IBM Domino
 CVE-2013-0524
 	RESERVED
-CVE-2013-0523
+CVE-2013-0523 (IBM WebSphere Commerce Enterprise 5.6.x through 5.6.1.5, 6.0.x through ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2013-0522
+CVE-2013-0522 (The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2,  ...)
 	NOT-FOR-US: IBM
 CVE-2013-0521
 	RESERVED
-CVE-2013-0520
+CVE-2013-0520 (IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fi ...)
 	NOT-FOR-US: IBM
-CVE-2013-0519
+CVE-2013-0519 (IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fi ...)
 	NOT-FOR-US: IBM
-CVE-2013-0518
+CVE-2013-0518 (IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fi ...)
 	NOT-FOR-US: IBM
 CVE-2013-0517
 	RESERVED
@@ -18839,35 +18839,35 @@ CVE-2013-0515
 	RESERVED
 CVE-2013-0514
 	RESERVED
-CVE-2013-0513
+CVE-2013-0513 (IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rationa ...)
 	NOT-FOR-US: IBM Security AppScan Enterprise, Rational Policy Tester
-CVE-2013-0512
+CVE-2013-0512 (Stack-based buffer overflow in the Manual Explore browser plug-in for  ...)
 	NOT-FOR-US: IBM Security AppScan Enterprise, Rational Policy Tester
-CVE-2013-0511
+CVE-2013-0511 (Multiple SQL injection vulnerabilities in IBM Security AppScan Enterpr ...)
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-0510
+CVE-2013-0510 (IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 includes a secu ...)
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-0509
+CVE-2013-0509 (Buffer overflow in the Transaction MIB agent in IBM Tivoli Netcool Sys ...)
 	NOT-FOR-US: IBM
-CVE-2013-0508
+CVE-2013-0508 (Multiple buffer overflows in IBM Tivoli Netcool System Service Monitor ...)
 	NOT-FOR-US: IBM
 CVE-2013-0507
 	RESERVED
-CVE-2013-0506
+CVE-2013-0506 (Cross-site scripting (XSS) vulnerability in IBM Sterling Order Managem ...)
 	NOT-FOR-US: IBM Sterling Order Management
-CVE-2013-0505
+CVE-2013-0505 (IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 b ...)
 	NOT-FOR-US: IBM Sterling Order Management
-CVE-2013-0504
+CVE-2013-0504 (Buffer overflow in the broker service in Adobe Flash Player before 10. ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0503
+CVE-2013-0503 (Cross-site scripting (XSS) vulnerability in the Bookmarks component in ...)
 	NOT-FOR-US: IBM Lotus Connections
-CVE-2013-0502
+CVE-2013-0502 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2013-0501
+CVE-2013-0501 (The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edra ...)
 	NOT-FOR-US: IBM Cognos Disclosure Management
-CVE-2013-0500
+CVE-2013-0500 (IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 does not pro ...)
 	NOT-FOR-US: IBM Storwize V7000 Unified
-CVE-2013-0499
+CVE-2013-0499 (Cross-site scripting (XSS) vulnerability in the echo functionality on  ...)
 	NOT-FOR-US: IBM
 CVE-2013-0498
 	RESERVED
@@ -18877,375 +18877,375 @@ CVE-2013-0496
 	RESERVED
 CVE-2013-0495
 	RESERVED
-CVE-2013-0494
+CVE-2013-0494 (IBM Sterling B2B Integrator 5.0 and 5.1 allows remote attackers to cau ...)
 	NOT-FOR-US: IBM Sterling Integrator
 CVE-2013-0493
 	RESERVED
-CVE-2013-0492
+CVE-2013-0492 (Cross-site scripting (XSS) vulnerability in IBM Informix Open Admin To ...)
 	NOT-FOR-US: IBM Informix
 CVE-2013-0491
 	RESERVED
-CVE-2013-0490
+CVE-2013-0490 (Unspecified vulnerability in IBM InfoSphere Guardium S-TAP 8.1 for DB2 ...)
 	NOT-FOR-US: IBM InfoSphere Guardium
-CVE-2013-0489
+CVE-2013-0489 (Cross-site request forgery (CSRF) vulnerability in webadmin.nsf (aka t ...)
 	NOT-FOR-US: IBM Domino
-CVE-2013-0488
+CVE-2013-0488 (Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web  ...)
 	NOT-FOR-US: IBM Domino
-CVE-2013-0487
+CVE-2013-0487 (The Java Console in IBM Domino 8.5.x allows remote authenticated users ...)
 	NOT-FOR-US: IBM Domino
-CVE-2013-0486
+CVE-2013-0486 (Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attac ...)
 	NOT-FOR-US: IBM Domino
-CVE-2013-0485
+CVE-2013-0485 (Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before S ...)
 	NOT-FOR-US: IBM Java SDK
-CVE-2013-0484
+CVE-2013-0484 (The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows r ...)
 	NOT-FOR-US: IBM Cognos TM1
-CVE-2013-0483
+CVE-2013-0483 (The login component in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2 ...)
 	NOT-FOR-US: IBM IMS Enterprise Suite
-CVE-2013-0482
+CVE-2013-0482 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.29, 8.0 before ...)
 	NOT-FOR-US: IBM
-CVE-2013-0481
+CVE-2013-0481 (The console in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling Fi ...)
 	NOT-FOR-US: IBM
 CVE-2013-0480
 	RESERVED
-CVE-2013-0479
+CVE-2013-0479 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0478
+CVE-2013-0478 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data ...)
 	NOT-FOR-US: IBM
-CVE-2013-0477
+CVE-2013-0477 (Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0476
+CVE-2013-0476 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0475
+CVE-2013-0475 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0474
+CVE-2013-0474 (The Manual Explore browser plug-in in IBM Security AppScan Enterprise  ...)
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-0473
+CVE-2013-0473 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Security Ap ...)
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-0472
+CVE-2013-0472 (The Web GUI in the client in IBM Tivoli Storage Manager (TSM) 6.3 befo ...)
 	NOT-FOR-US: IBM
-CVE-2013-0471
+CVE-2013-0471 (The traditional scheduler in the client in IBM Tivoli Storage Manager  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0470
+CVE-2013-0470 (HTTPD in IBM Netezza Performance Portal 1.0.2 allows remote authentica ...)
 	NOT-FOR-US: IBM
 CVE-2013-0469
 	RESERVED
-CVE-2013-0468
+CVE-2013-0468 (Cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrato ...)
 	NOT-FOR-US: IBM
-CVE-2013-0467
+CVE-2013-0467 (IBM Eclipse Help System (IEHS), as used in IBM Data Studio 3.1 and 3.1 ...)
 	NOT-FOR-US: IBM
-CVE-2013-0466
+CVE-2013-0466 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Message Brok ...)
 	NOT-FOR-US: IBM
-CVE-2013-0465
+CVE-2013-0465 (Unspecified vulnerability in the IBM WebSphere Cast Iron physical and  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0464
+CVE-2013-0464 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Eclipse Hel ...)
 	NOT-FOR-US: IBM
-CVE-2013-0463
+CVE-2013-0463 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0462
+CVE-2013-0462 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0461
+CVE-2013-0461 (Cross-site scripting (XSS) vulnerability in the virtual member manager ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0460
+CVE-2013-0460 (Cross-site request forgery (CSRF) vulnerability in the portlet subsyst ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0459
+CVE-2013-0459 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0458
+CVE-2013-0458 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0457
+CVE-2013-0457 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM
-CVE-2013-0456
+CVE-2013-0456 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2013-0455
+CVE-2013-0455 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2 ...)
 	NOT-FOR-US: IBM
-CVE-2013-0454
+CVE-2013-0454 (The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IB ...)
 	- samba 2:3.6.6-1
 	[squeeze] - samba <not-affected> (only Samba 3.6.0 - 3.6.5 (inclusive) affected)
 	NOTE: https://www.samba.org/samba/security/CVE-2013-0454
-CVE-2013-0453
+CVE-2013-0453 (Cross-site scripting (XSS) vulnerability in Web Reports in IBM Tivoli  ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2013-0452
+CVE-2013-0452 (Cross-site request forgery (CSRF) vulnerability in the Software Use An ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2013-0451
+CVE-2013-0451 (SQL injection vulnerability in IBM Maximo Asset Management 6.2 through ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-0450
+CVE-2013-0450 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0449
+CVE-2013-0449 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0448
+CVE-2013-0448 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java7)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-0447
+CVE-2013-0447 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-0446
+CVE-2013-0446 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0445
+CVE-2013-0445 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12.1-1
 	- openjdk-7 7u17-2.3.8-1
 	NOTE: icedtea fix: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/6527ae06da69
 	NOTE: openjdk-7 fixed in experimental: 7u13-2.3.6-1
-CVE-2013-0444
+CVE-2013-0444 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java7)
 	- openjdk-7 7u3-2.1.6-1
 	NOTE: IcedTea commit: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/ce04db4aba39
-CVE-2013-0443
+CVE-2013-0443 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0442
+CVE-2013-0442 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
 	NOTE: icedtea fix: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/6527ae06da69
-CVE-2013-0441
+CVE-2013-0441 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0440
+CVE-2013-0440 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0439
+CVE-2013-0439 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-0438
+CVE-2013-0438 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0437
+CVE-2013-0437 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java7)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-0436
+CVE-2013-0436 (Unspecified vulnerability in the JavaFX component in Oracle Java SE Ja ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-0435
+CVE-2013-0435 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0434
+CVE-2013-0434 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0433
+CVE-2013-0433 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0432
+CVE-2013-0432 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0431
+CVE-2013-0431 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Only affects Java7)
 	- openjdk-7 7u3-2.1.6-1
 	NOTE: IcedTea commit: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/b09c28ff798f
-CVE-2013-0430
+CVE-2013-0430 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0429
+CVE-2013-0429 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0428
+CVE-2013-0428 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0427
+CVE-2013-0427 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0426
+CVE-2013-0426 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0425
+CVE-2013-0425 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0424
+CVE-2013-0424 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 7u3-2.1.6-1
-CVE-2013-0423
+CVE-2013-0423 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0422
+CVE-2013-0422 (Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remot ...)
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u3-2.1.4-1
 	NOTE: Exploitable on Linux http://www.openwall.com/lists/oss-security/2013/01/11/1
 CVE-2013-0421
 	REJECTED
-CVE-2013-0420
+CVE-2013-0420 (Unspecified vulnerability in the VirtualBox component in Oracle Virtua ...)
 	- virtualbox 4.1.18-dfsg-2 (bug #698292)
 	- virtualbox-ose <not-affected> (Vulnerable code not present)
-CVE-2013-0419
+CVE-2013-0419 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0418
+CVE-2013-0418 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Outside In
-CVE-2013-0417
+CVE-2013-0417 (Unspecified vulnerability in the Sun Storage Common Array Manager (CAM ...)
 	NOT-FOR-US: Sun Storage Common Array Manager
-CVE-2013-0416
+CVE-2013-0416 (Unspecified vulnerability in the Siebel Enterprise Application Integra ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2013-0415
+CVE-2013-0415 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0414
+CVE-2013-0414 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0413
+CVE-2013-0413 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0412
+CVE-2013-0412 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allow ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0411
+CVE-2013-0411 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows lo ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0410
+CVE-2013-0410 (Unspecified vulnerability in the Agile EDM component in Oracle Supply  ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2013-0409
+CVE-2013-0409 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-0408
+CVE-2013-0408 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0407
+CVE-2013-0407 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0406
+CVE-2013-0406 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attac ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0405
+CVE-2013-0405 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allow ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0404
+CVE-2013-0404 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0403
+CVE-2013-0403 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allow ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0402
+CVE-2013-0402 (Heap-based buffer overflow in the Java Runtime Environment (JRE) compo ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-0401
+CVE-2013-0401 (The Java Runtime Environment (JRE) component in Oracle Java SE 7 Updat ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
-CVE-2013-0400
+CVE-2013-0400 (Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local  ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0399
+CVE-2013-0399 (Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local  ...)
 	NOT-FOR-US: Solaris
-CVE-2013-0398
+CVE-2013-0398 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows re ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2013-0397
+CVE-2013-0397 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle Applications Framework
-CVE-2013-0396
+CVE-2013-0396 (Unspecified vulnerability in the Application Performance Management (A ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0395
+CVE-2013-0395 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0394
+CVE-2013-0394 (Unspecified vulnerability in the PeopleSoft HRMS component in Oracle P ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0393
+CVE-2013-0393 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Outside In
-CVE-2013-0392
+CVE-2013-0392 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0391
+CVE-2013-0391 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0390
+CVE-2013-0390 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle Applications Framework
-CVE-2013-0389
+CVE-2013-0389 (Unspecified vulnerability in the Server component in Oracle MySQL 5.1. ...)
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0388
+CVE-2013-0388 (Unspecified vulnerability in the PeopleSoft HRMS component in Oracle P ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0387
+CVE-2013-0387 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0386
+CVE-2013-0386 (Unspecified vulnerability in the Server component in Oracle MySQL 5.5. ...)
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0385
+CVE-2013-0385 (Unspecified vulnerability in the Server component in Oracle MySQL 5.1. ...)
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0384
+CVE-2013-0384 (Unspecified vulnerability in the Server component in Oracle MySQL 5.1. ...)
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0383
+CVE-2013-0383 (Unspecified vulnerability in the Server component in Oracle MySQL 5.1. ...)
 	{DSA-2780-1}
 	- mysql-5.1 <removed>
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0382
+CVE-2013-0382 (Unspecified vulnerability in the Oracle Marketing component in Oracle  ...)
 	NOT-FOR-US: Oracle E Business suite
-CVE-2013-0381
+CVE-2013-0381 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle E Business suite
-CVE-2013-0380
+CVE-2013-0380 (Unspecified vulnerability in the Oracle Payroll component in Oracle E- ...)
 	NOT-FOR-US: Oracle E Business suite
-CVE-2013-0379
+CVE-2013-0379 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-0378
+CVE-2013-0378 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-0377
+CVE-2013-0377 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle E Business suite
-CVE-2013-0376
+CVE-2013-0376 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E Business suite
-CVE-2013-0375
+CVE-2013-0375 (Unspecified vulnerability in the Server component in Oracle MySQL 5.1. ...)
 	{DSA-2780-1}
 	- mysql-5.1 5.1.67
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0374
+CVE-2013-0374 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Enterprise Manager
-CVE-2013-0373
+CVE-2013-0373 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Enterprise Manager
-CVE-2013-0372
+CVE-2013-0372 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Enterprise Manager
-CVE-2013-0371
+CVE-2013-0371 (Unspecified vulnerability in the Server component in Oracle MySQL 5.5. ...)
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0370
+CVE-2013-0370 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain product suite
-CVE-2013-0369
+CVE-2013-0369 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0368
+CVE-2013-0368 (Unspecified vulnerability in the Server component in Oracle MySQL 5.5. ...)
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0367
+CVE-2013-0367 (Unspecified vulnerability in the Server component in Oracle MySQL 5.5. ...)
 	- mysql-5.1 <not-affected> (Only affects 5.5)
 	- mysql-5.5 5.5.29+dfsg-1
-CVE-2013-0366
+CVE-2013-0366 (Unspecified vulnerability in the Mobile Server component in Oracle Dat ...)
 	NOT-FOR-US: Oracle Database Mobile/Lite Server
-CVE-2013-0365
+CVE-2013-0365 (Unspecified vulnerability in the Siebel CRM component in Oracle Siebel ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2013-0364
+CVE-2013-0364 (Unspecified vulnerability in the Mobile Server component in Oracle Dat ...)
 	NOT-FOR-US: Oracle Database Mobile/Lite Server
-CVE-2013-0363
+CVE-2013-0363 (Unspecified vulnerability in the Mobile Server component in Oracle Dat ...)
 	NOT-FOR-US: Oracle Database Mobile/Lite Server
-CVE-2013-0362
+CVE-2013-0362 (Unspecified vulnerability in the Mobile Server component in Oracle Dat ...)
 	NOT-FOR-US: Oracle Database Mobile/Lite Server
-CVE-2013-0361
+CVE-2013-0361 (Unspecified vulnerability in the Mobile Server component in Oracle Dat ...)
 	NOT-FOR-US: Oracle Database Mobile/Lite Server
-CVE-2013-0360
+CVE-2013-0360 (Unspecified vulnerability in the Application Performance Management (A ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0359
+CVE-2013-0359 (Unspecified vulnerability in the APM - Application Performance Managem ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0358
+CVE-2013-0358 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0357
+CVE-2013-0357 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0356
+CVE-2013-0356 (Unspecified vulnerability in the PeopleSoft PeopleTools component in O ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2013-0355
+CVE-2013-0355 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0354
+CVE-2013-0354 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0353
+CVE-2013-0353 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0352
+CVE-2013-0352 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2013-0351
+CVE-2013-0351 (Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2013-0350
+CVE-2013-0350 (tmp_smtp.c in pktstat 1.8.5 allows local users to overwrite arbitrary  ...)
 	- pktstat 1.8.5-3 (bug #701211)
 	[squeeze] - pktstat <not-affected> (Vulnerable code not present)
-CVE-2013-0349
+CVE-2013-0349 (The hidp_setup_hid function in net/bluetooth/hidp/core.c in the Linux  ...)
 	{DSA-2668-1}
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
-CVE-2013-0348
+CVE-2013-0348 (thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readab ...)
 	- thttpd <removed> (low)
 	[squeeze] - thttpd <no-dsa> (Minor issue)
 	NOTE: http://blogs.gentoo.org/blueness/2014/10/03/sthttpd-a-very-tiny-and-very-fast-http-server-with-a-mature-codebase/
-CVE-2013-0347
+CVE-2013-0347 (The Gentoo init script for webfs uses world-readable permissions for / ...)
 	- webfs 1.21+ds1-9 (low; bug #701638)
 	[wheezy] - webfs <no-dsa> (Minor issue)
 	[squeeze] - webfs <no-dsa> (Minor issue)
-CVE-2013-0346
+CVE-2013-0346 (** DISPUTED ** Apache Tomcat 7.x uses world-readable permissions for t ...)
 	- tomcat6 <not-affected> (Log files are owned by tomcat:tomcat)
-CVE-2013-0345
+CVE-2013-0345 (varnish 3.0.3 uses world-readable permissions for the /var/log/varnish ...)
 	- varnish <not-affected> (Logfiles are owned by varnishlog:varnishlog)
 CVE-2013-0344
 	RESERVED
-CVE-2013-0343
+CVE-2013-0343 (The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux  ...)
 	{DSA-2906-1}
 	- linux 3.10.11-1 (low)
 	[wheezy] - linux 3.2.51-1
@@ -19261,17 +19261,17 @@ CVE-2013-0342 [CreateID() creates serialized packet IDs for RADIUS]
 	NOTE: this is initially related to #700669
 CVE-2013-0341 [external entity expansion]
 	REJECTED
-CVE-2013-0340
+CVE-2013-0340 (expat 2.1.0 and earlier does not properly handle entities expansion un ...)
 	- expat <unfixed> (unimportant)
 	NOTE: Expat provides API to mitigate expansion attacks, ultimately under control of the app using Expat
 	NOTE: https://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-0340.html
-CVE-2013-0339
+CVE-2013-0339 (libxml2 through 2.9.1 does not properly handle external entities expan ...)
 	{DSA-2652-1}
 	- libxml2 2.8.0+dfsg1-7+nmu1 (bug #702260)
-CVE-2013-0338
+CVE-2013-0338 (libxml2 2.9.0 and earlier allows context-dependent attackers to cause  ...)
 	{DSA-2652-1}
 	- libxml2 2.8.0+dfsg1-7+nmu1 (bug #702260)
-CVE-2013-0337
+CVE-2013-0337 (The default configuration of nginx, possibly 1.3.13 and earlier, uses  ...)
 	- nginx <unfixed> (low; bug #701112)
 	[buster] - nginx <ignored> (Minor issue)
 	[stretch] - nginx <ignored> (Minor issue)
@@ -19281,113 +19281,113 @@ CVE-2013-0337
 	NOTE: Can only be fixed properly once https://trac.nginx.org/nginx/ticket/376
 	NOTE: resolved upstream.
 	NOTE: Originally fixed in 1.4.4-2 but reintroduced with DSA-3701-1 fixes.
-CVE-2013-0336
+CVE-2013-0336 (The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ ...)
 	- 389-ds-base 1.3.2.9-1 (bug #704077)
-CVE-2013-0335
+CVE-2013-0335 (OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1)  ...)
 	- nova 2012.1.1-14 (bug #701773)
-CVE-2013-0334
+CVE-2013-0334 (Bundler before 1.7, when multiple top-level source lines are used, all ...)
 	- bundler 1.7.2-1 (low; bug #762739)
 	[wheezy] - bundler <no-dsa> (Minor issue)
-CVE-2013-0333
+CVE-2013-0333 (lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before ...)
 	{DSA-2613-1}
 	- rails 2.3.14.1 (bug #699226)
 	- ruby-activesupport-2.3 2.3.14-6 (bug #699249)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 	NOTE: https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/1h2DR63ViGo
-CVE-2013-0332
+CVE-2013-0332 (Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x befo ...)
 	{DSA-2640-1}
 	- zoneminder 1.25.0-1 (bug #700912)
-CVE-2013-0331
+CVE-2013-0331 (Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticate ...)
 	- jenkins 1.480.3+dfsg-1 (bug #700761)
-CVE-2013-0330
+CVE-2013-0330 (Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480 ...)
 	- jenkins 1.480.3+dfsg-1 (bug #700761)
-CVE-2013-0329
+CVE-2013-0329 (Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480 ...)
 	- jenkins 1.480.3+dfsg-1 (bug #700761)
-CVE-2013-0328
+CVE-2013-0328 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.502 and L ...)
 	- jenkins 1.480.3+dfsg-1 (bug #700761)
-CVE-2013-0327
+CVE-2013-0327 (Cross-site request forgery (CSRF) vulnerability in Jenkins master in J ...)
 	- jenkins 1.480.3+dfsg-1 (bug #700761)
 CVE-2013-0326 [_base images permissions world readable]
 	RESERVED
 	- nova <unfixed> (unimportant)
 	NOTE: Unfixed upstream, typical installation not multi-user anyway
-CVE-2013-0325
+CVE-2013-0325 (Multiple cross-site scripting (XSS) vulnerabilities in the Varnish mod ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0324
+CVE-2013-0324 (Cross-site scripting (XSS) vulnerability in the Rendered links formatt ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0323
+CVE-2013-0323 (Cross-site scripting (XSS) vulnerability in the Display Suite module 7 ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0322
+CVE-2013-0322 (Cross-site scripting (XSS) vulnerability in Views in the Ubercart modu ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0321
+CVE-2013-0321 (Cross-site scripting (XSS) vulnerability in Views in the Ubercart View ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0320
+CVE-2013-0320 (Cross-site request forgery (CSRF) vulnerability in the Taxonomy Manage ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0319
+CVE-2013-0319 (Cross-site scripting (XSS) vulnerability in the Yandex.Metrics module  ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0318
+CVE-2013-0318 (The admin page in the Banckle Chat module for Drupal does not properly ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0317
+CVE-2013-0317 (Cross-site scripting (XSS) vulnerability in the Manager Change for Org ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0316
+CVE-2013-0316 (The Image module in Drupal 7.x before 7.20 allows remote attackers to  ...)
 	- drupal7 7.14-2 (bug #701165)
 	- drupal6 <not-affected> (Only affects Drupal 7)
-CVE-2013-0315
+CVE-2013-0315 (The GateIn Portal export/import gadget in JBoss Enterprise Portal Plat ...)
 	NOT-FOR-US: GateIn Portal
-CVE-2013-0314
+CVE-2013-0314 (The GateIn Portal export/import gadget in JBoss Enterprise Portal Plat ...)
 	NOT-FOR-US: GateIn Portal
-CVE-2013-0313
+CVE-2013-0313 (The evm_update_evmxattr function in security/integrity/evm/evm_crypto. ...)
 	- linux 3.2.39-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2013-0312
+CVE-2013-0312 (389 Directory Server before 1.3.0.4 allows remote attackers to cause a ...)
 	- 389-ds-base 1.3.0.3-1
-CVE-2013-0311
+CVE-2013-0311 (The translate_desc function in drivers/vhost/vhost.c in the Linux kern ...)
 	- linux 3.2.41-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2013-0310
+CVE-2013-0310 (The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux k ...)
 	- linux 3.2.29-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2013-0309
+CVE-2013-0309 (arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when  ...)
 	- linux 3.2.32-1
 	- linux-2.6 <not-affected> (THP not in Squeeze)
 	NOTE: Probably gone since 3.2.32, but I checked 3.2.41-2
-CVE-2013-0308
+CVE-2013-0308 (The imap-send command in GIT before 1.8.1.4 does not verify that the s ...)
 	- git <not-affected> (OpenSSL support is not enabled in Debian, see bug #701586)
 	NOTE: http://marc.info/?l=git&m=136134619013145&w=2
 	NOTE: Further reference about SSL support in imap-send #434599 needs to be adressed first
-CVE-2013-0307
+CVE-2013-0307 (Cross-site scripting (XSS) vulnerability in settings.php in ownCloud b ...)
 	- owncloud 4.0.8debian-1.5 (bug #701115)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-003/
-CVE-2013-0306
+CVE-2013-0306 (The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and ...)
 	{DSA-2634-1}
 	- python-django 1.4.4-1 (bug #701186)
-CVE-2013-0305
+CVE-2013-0305 (The administrative interface for Django 1.3.x before 1.3.6, 1.4.x befo ...)
 	{DSA-2634-1}
 	- python-django 1.4.4-1 (bug #701186)
 	NOTE: https://www.djangoproject.com/weblog/2013/feb/19/security/
-CVE-2013-0304
+CVE-2013-0304 (ownCloud Server before 4.5.7 does not properly check ownership of cale ...)
 	- owncloud 5.0.3+dfsg-1
-CVE-2013-0303
+CVE-2013-0303 (Unspecified vulnerability in core/ajax/translations.php in ownCloud be ...)
 	- owncloud 4.0.8debian-1.5 (bug #701115)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-006/
-CVE-2013-0302
+CVE-2013-0302 (Unspecified vulnerability in ownCloud Server before 4.0.12 allows remo ...)
 	- owncloud 5.0.3+dfsg-1
-CVE-2013-0301
+CVE-2013-0301 (Cross-site request forgery (CSRF) vulnerability in apps/calendar/ajax/ ...)
 	- owncloud 4.0.8debian-1.5 (bug #701115)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-004/
-CVE-2013-0300
+CVE-2013-0300 (Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud ...)
 	- owncloud <not-affected> (Vulnerably code not present, only affects 4.5 branch)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-004/
-CVE-2013-0299
+CVE-2013-0299 (Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud ...)
 	- owncloud 4.0.8debian-1.5 (bug #701115)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-004/
-CVE-2013-0298
+CVE-2013-0298 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x  ...)
 	- owncloud <not-affected> (Vulnerably code not present, only affects 4.5 branch)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-003/
-CVE-2013-0297
+CVE-2013-0297 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
 	- owncloud 4.0.8debian-1.5 (bug #701115)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-003/
-CVE-2013-0296
+CVE-2013-0296 (Race condition in pigz before 2.2.5 uses permissions derived from the  ...)
 	- pigz 2.2.4-2 (low; bug #700608)
 	[squeeze] - pigz 2.1.6-1+squeeze1
 CVE-2013-0295 [CreateID() creates serialized packet IDs for RADIUS]
@@ -19400,36 +19400,36 @@ CVE-2013-0294 [potentially predictable password hashing]
 CVE-2013-0293 [Lock screen accepts F2 to drop to shell]
 	RESERVED
 	- ovirt-node <itp> (bug #502024)
-CVE-2013-0292
+CVE-2013-0292 (The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib b ...)
 	- dbus-glib 0.100.1-1 (bug #700638; high)
 	[squeeze] - dbus-glib 0.88-2.1+squeeze1
 CVE-2013-0291
 	RESERVED
-CVE-2013-0290
+CVE-2013-0290 (The __skb_recv_datagram function in net/core/datagram.c in the Linux k ...)
 	- linux <not-affected> (Introduced in 3.4, fixed in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.4)
-CVE-2013-0289
+CVE-2013-0289 (Isync 0.4 before 1.0.6, does not verify that the server hostname match ...)
 	- isync 1.0.4-2.2 (low; bug #701052)
 	[squeeze] - isync <no-dsa> (Minor issue)
 	NOTE: http://isync.git.sourceforge.net/git/gitweb.cgi?p=isync/isync;a=patch;h=914ede18664980925628a9ed2a73ad05f85aeedb
-CVE-2013-0288
+CVE-2013-0288 (nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dep ...)
 	{DSA-2628-1}
 	- nss-pam-ldapd 0.8.10-3 (bug #690319)
-CVE-2013-0287
+CVE-2013-0287 (The Simple Access Provider in System Security Services Daemon (SSSD) 1 ...)
 	- sssd <not-affected> (Introduced in 1.9.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/12
 CVE-2013-0286
 	RESERVED
-CVE-2013-0285
+CVE-2013-0285 (The nori gem 2.0.x before 2.0.2, 1.1.x before 1.1.4, and 1.0.x before  ...)
 	NOT-FOR-US: nori Ruby gem
-CVE-2013-0284
+CVE-2013-0284 (Ruby agent 3.2.0 through 3.5.2 serializes sensitive data when communic ...)
 	NOT-FOR-US: newrelic_rpm Ruby gem
 CVE-2013-0283
 	RESERVED
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2013-0282
+CVE-2013-0282 (OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, ...)
 	- keystone 2012.1.1-13 (bug #700947)
-CVE-2013-0281
+CVE-2013-0281 (Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configura ...)
 	- pacemaker 1.1.10-1 (low; bug #700923)
 	[squeeze] - pacemaker <no-dsa> (Minor issue)
 	[wheezy] - pacemaker <no-dsa> (Minor issue)
@@ -19440,19 +19440,19 @@ CVE-2013-0279
 	REJECTED
 CVE-2013-0278
 	REJECTED
-CVE-2013-0277
+CVE-2013-0277 (ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allow ...)
 	{DSA-2620-1}
 	- ruby-activerecord-2.3 2.3.14-5
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2013-0276
+CVE-2013-0276 (ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and  ...)
 	{DSA-2620-1}
 	- ruby-activemodel-3.2 3.2.6-3
 	- ruby-activerecord-2.3 2.3.14-5
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 	NOTE: The fix for 3.2 is present in ruby-activemodel-3.2, not ruby-activerecord-3.2
-CVE-2013-0275
+CVE-2013-0275 (Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web bef ...)
 	- ganglia 3.6.0-1 (low; bug #700158)
 	[squeeze] - ganglia <no-dsa> (Minor issue)
 	[wheezy] - ganglia <no-dsa> (Minor issue)
@@ -19460,233 +19460,233 @@ CVE-2013-0275
 	NOTE: starting with 3.6.0-1 the web front is no longer built from src:ganglia so marking this version as fixed
 	NOTE: https://github.com/ganglia/ganglia-web/commit/31d348947419058c43b8dfcd062e2988abd5058e
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=892823
-CVE-2013-0274
+CVE-2013-0274 (upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminat ...)
 	- pidgin 2.10.6-3
 	NOTE: http://www.pidgin.im/news/security/?id=68
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2013-0273
+CVE-2013-0273 (sametime.c in the Sametime protocol plugin in libpurple in Pidgin befo ...)
 	- pidgin 2.10.6-3
 	[squeeze] - pidgin <no-dsa> (Not suitable for code injection)
 	NOTE: http://pidgin.im/news/security/?id=67
-CVE-2013-0272
+CVE-2013-0272 (Buffer overflow in http.c in the MXit protocol plugin in libpurple in  ...)
 	- pidgin 2.10.6-3
 	NOTE: http://pidgin.im/news/security/?id=66
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2013-0271
+CVE-2013-0271 (The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might al ...)
 	- pidgin 2.10.6-3
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
 	NOTE: http://pidgin.im/news/security/?id=65
-CVE-2013-0270
+CVE-2013-0270 (OpenStack Keystone Grizzly before 2013.1, Folsom, and possibly earlier ...)
 	- keystone 2013.1.1-2
 	[wheezy] - keystone <no-dsa> (Too intrusive to backport)
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1099025
 	NOTE: See notes on ubuntu security tracker, change too intrusive to be backported
-CVE-2013-0269
+CVE-2013-0269 (The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7  ...)
 	{DLA-263-1 DLA-215-1}
 	- ruby-json 1.7.3-3 (bug #700436)
 	- libjson-ruby <removed>
 	- ruby1.9.1 1.9.3.194-7 (bug #700471)
 	- ruby1.8 <not-affected> (json ext not present in 1.8)
-CVE-2013-0268
+CVE-2013-0268 (The msr_open function in arch/x86/kernel/msr.c in the Linux kernel bef ...)
 	- linux 3.2.39-1
 	- linux-2.6 2.6.32-48squeeze1
-CVE-2013-0267
+CVE-2013-0267 (The Privileges portion of the web GUI and the XMLRPC API in Apache VCL ...)
 	NOT-FOR-US: Apache VCL
-CVE-2013-0266
+CVE-2013-0266 (manifests/base.pp in the puppetlabs-cinder module, as used in PackStac ...)
 	NOT-FOR-US: Openstack Packstack
-CVE-2013-0265
+CVE-2013-0265 (The redirect_stderr function in xnbd_common.c in xnbd-server and xndb- ...)
 	- xnbd 0.1.0-pre-hg20-e75b93a47722-3 (low)
 	NOTE: http://seclists.org/oss-sec/2013/q1/248
 CVE-2013-0264
 	RESERVED
 	NOT-FOR-US: Cumin
-CVE-2013-0263
+CVE-2013-0263 (Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5,  ...)
 	{DSA-2783-1}
 	- ruby-rack 1.4.1-2.1 (bug #700226)
 	- librack-ruby <removed> (bug #700226)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=802794
 	NOTE: Patches in git, commits 0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07 and 9a81b961457805f6d1a5c275d053068440421e11
-CVE-2013-0262
+CVE-2013-0262 (rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before  ...)
 	- ruby-rack 1.4.1-2.1 (bug #700173)
 	- librack-ruby <not-affected> (Introduced in 1.4.0, see #700226)
 	NOTE: Patches in git, commit 6f237e4c9fab649d3750482514f0fde76c56ab30
-CVE-2013-0261
+CVE-2013-0261 ((1) installer/basedefs.py and (2) modules/ospluginutils.py in PackStac ...)
 	NOT-FOR-US: Openstack Packstack
-CVE-2013-0260
+CVE-2013-0260 (Unspecified vulnerability in the Drush Debian Packaging module for Dru ...)
 	NOT-FOR-US: Drupal module debuild
 	NOTE: This is a different thing from the drush package.
-CVE-2013-0259
+CVE-2013-0259 (Cross-site scripting (XSS) vulnerability in the Boxes module 7.x-1.x b ...)
 	NOT-FOR-US: Drupal module Boxes
-CVE-2013-0258
+CVE-2013-0258 (The Google Authenticator login (ga_login) module 7.x before 7.x-1.3 fo ...)
 	NOT-FOR-US: Drupal module ga_login
-CVE-2013-0257
+CVE-2013-0257 (The email2image module 6.x-1.x and 6.x-2.x for Drupal does not properl ...)
 	NOT-FOR-US: Drupal module email2image
-CVE-2013-0256
+CVE-2013-0256 (darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1 ...)
 	{DLA-235-1}
 	- ruby1.9.1 1.9.3.194-6 (low; bug #699929)
 	- ruby1.8 <not-affected> (Only affects 1.9 and 2.0)
 	NOTE: http://marc.info/?l=oss-security&m=136021623726440&w=2
 	NOTE: https://github.com/rdoc/rdoc/commit/ffa87887ee0517793df7541629a470e331f9fe60
-CVE-2013-0255
+CVE-2013-0255 (PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12 ...)
 	{DSA-2630-1}
 	- postgresql-9.1 9.1.8-1
 	- postgresql-8.4 8.4.16-1
-CVE-2013-0254
+CVE-2013-0254 (The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before  ...)
 	{DLA-210-1}
 	- qt4-x11 4:4.8.2+dfsg-11 (bug #699870)
 	NOTE: possible follow-up problem if patch is applied: http://bugs.debian.org/700530
 	NOTE: but bug in xorg server, needs checking
-CVE-2013-0253
+CVE-2013-0253 (The default configuration of Apache Maven 3.0.4, when using Maven Wago ...)
 	- wagon2 2.2-3+nmu1 (bug #701991)
-CVE-2013-0252
+CVE-2013-0252 (boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1. ...)
 	- boost1.50 <removed> (bug #699650)
 	- boost1.49 1.49.0-3.2 (bug #699649)
 	- boost1.42 <not-affected> (Boost.Locale was not part of boost until 1.48.0, bug #699719)
-CVE-2013-0251
+CVE-2013-0251 (Stack-based buffer overflow in llogincircuit.cc in latd 1.25 through 1 ...)
 	- latd 1.31 (low; bug #699625)
 	[squeeze] - latd <no-dsa> (Minor issue)
-CVE-2013-0250
+CVE-2013-0250 (The init_nss_hash function in exec/totemcrypto.c in Corosync 2.0 befor ...)
 	- corosync <not-affected> (Introduced in v1.99.8-2-ge925f42; bug #699615)
 	NOTE: https://github.com/corosync/corosync/commit/4378915a33ab7fbbb5874f79dd7cd71b014ef44e#L0R407
 	NOTE: http://www.openwall.com/lists/oss-security/2013/02/01/1
-CVE-2013-0249
+CVE-2013-0249 (Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message ...)
 	- curl 7.29.0-1 (bug #700002)
 	[squeeze] - curl <not-affected> (Only affects 7.26.0 to 7.28.1)
 	[wheezy] - curl 7.26.0-1+wheezy1
-CVE-2013-0248
+CVE-2013-0248 (The default configuration of javax.servlet.context.tempdir in Apache C ...)
 	- libcommons-fileupload-java 1.3-1 (unimportant)
 	NOTE: Only affects example code
-CVE-2013-0247
+CVE-2013-0247 (OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and ear ...)
 	- keystone 2012.1.1-12 (bug #699835)
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1098307
-CVE-2013-0246
+CVE-2013-0246 (The Image module in Drupal 7.x before 7.19, when a private file system ...)
 	- drupal7 7.14-1.3 (bug #698334)
 	NOTE: https://drupal.org/SA-CORE-2013-001
-CVE-2013-0245
+CVE-2013-0245 (The printer friendly version functionality in the Book module in Drupa ...)
 	{DSA-2776-1}
 	- drupal6 <removed> (bug #698333)
 	- drupal7 7.14-1.3 (bug #698334)
 	NOTE: https://drupal.org/SA-CORE-2013-001
-CVE-2013-0244
+CVE-2013-0244 (Cross-site scripting (XSS) vulnerability in Drupal 6.x before 6.28 and ...)
 	{DSA-2776-1}
 	- drupal6 <removed> (bug #698333)
 	- drupal7 7.14-1.3 (bug #698334)
 	NOTE: https://drupal.org/SA-CORE-2013-001
-CVE-2013-0242
+CVE-2013-0242 (Buffer overflow in the extend_buffers function in the regular expressi ...)
 	{DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.17-2 (low; bug #699399)
 	[wheezy] - eglibc 2.13-38+deb7u1
 	NOTE: http://seclists.org/oss-sec/2013/q1/202
-CVE-2013-0241
+CVE-2013-0241 (The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to  ...)
 	- xserver-xorg-video-qxl 0.0.17-1 (bug #699396)
 	[squeeze] - xserver-xorg-video-qxl <no-dsa> (minor denial of service issue)
 	NOTE: squeeze is affected since it could be a guest of an affected qemu-kvm version
-CVE-2013-0240
+CVE-2013-0240 (Gnome Online Accounts (GOA) 3.4.x, 3.6.x before 3.6.3, and 3.7.x befor ...)
 	- gnome-online-accounts 3.4.2-2 (bug #699825)
-CVE-2013-0239
+CVE-2013-0239 (Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, w ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2013-0238
+CVE-2013-0238 (The try_parse_v4_netmask function in hostmask.c in IRCD-Hybrid before  ...)
 	{DSA-2618-1}
 	- ircd-hybrid 1:7.2.2.dfsg.2-10 (bug #699267; high)
 	[squeeze] - ircd-hybrid 7.2.2.dfsg.2-6.2+squeeze1
 	- oftc-hybrid <unfixed>
-CVE-2013-0237
+CVE-2013-0237 (Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode p ...)
 	- wordpress 3.5.1+dfsg-1 (bug #698929)
 	NOTE: http://wordpress.org/news/2013/01/wordpress-3-5-1/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/25/7
-CVE-2013-0236
+CVE-2013-0236 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress befor ...)
 	- wordpress 3.5.1+dfsg-1 (bug #698927)
 	NOTE: http://wordpress.org/news/2013/01/wordpress-3-5-1/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/25/7
-CVE-2013-0235
+CVE-2013-0235 (The XMLRPC API in WordPress before 3.5.1 allows remote attackers to se ...)
 	- wordpress 3.5.1+dfsg-1 (bug #698916)
 	NOTE: http://wordpress.org/news/2013/01/wordpress-3-5-1/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/25/7
-CVE-2013-0234
+CVE-2013-0234 (Cross-site scripting (XSS) vulnerability in the Twitter widget in Elgg ...)
 	- elgg <itp> (bug #526197)
-CVE-2013-0233
+CVE-2013-0233 (Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, ...)
 	- ruby-devise 3.4.1-1
-CVE-2013-0232
+CVE-2013-0232 (includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and  ...)
 	{DSA-2640-1}
 	- zoneminder 1.25.0-4 (bug #698910)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=904103
 	NOTE: Upstream forum post: http://www.zoneminder.com/forums/viewtopic.php?f=29&t=20771
-CVE-2013-0231
+CVE-2013-0231 (The pciback_enable_msi function in the PCI backend driver (drivers/xen ...)
 	{DSA-2632-1}
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
-CVE-2013-0230
+CVE-2013-0230 (Stack-based buffer overflow in the ExecuteSoapAction function in the S ...)
 	- miniupnpd <not-affected> (Fixed before initial upload to archive)
-CVE-2013-0229
+CVE-2013-0229 (The ProcessSSDPRequest function in minissdp.c in the SSDP handler in M ...)
 	- miniupnpd <not-affected> (Fixed before initial upload to archive)
-CVE-2013-0228
+CVE-2013-0228 (The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel ...)
 	{DLA-103-1}
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
 	NOTE: was actually fixed in 2.6.32-46squeeze1 but upload was done and no DSA was released for that version.
-CVE-2013-0227
+CVE-2013-0227 (Cross-site scripting (XSS) vulnerability in the Search API Sorts modul ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0226
+CVE-2013-0226 (The Keyboard Shortcut Utility module 7.x-1.x before 7.x-1.1 for Drupal ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0225
+CVE-2013-0225 (Cross-site scripting (XSS) vulnerability in the User Relationships mod ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0224
+CVE-2013-0224 (The Video module 7.x-2.x before 7.x-2.9 for Drupal, when using the FFm ...)
 	NOT-FOR-US: Drupal addon
-CVE-2013-0223
+CVE-2013-0223 (The SUSE coreutils-i18n.patch for GNU coreutils allows context-depende ...)
 	- coreutils <not-affected> (Affected patch not added to Debian package)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/21/14
-CVE-2013-0222
+CVE-2013-0222 (The SUSE coreutils-i18n.patch for GNU coreutils allows context-depende ...)
 	- coreutils <not-affected> (Affected patch not added to Debian package)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/21/14
-CVE-2013-0221
+CVE-2013-0221 (The SUSE coreutils-i18n.patch for GNU coreutils allows context-depende ...)
 	- coreutils <not-affected> (Affected patch not added to Debian package)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/21/14
-CVE-2013-0220
+CVE-2013-0220 (The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomnt ...)
 	- sssd 1.8.4-2 (low; bug #698871)
 	[squeeze] - sssd <not-affected> (autofs and ssh responders not yet present)
-CVE-2013-0219
+CVE-2013-0219 (System Security Services Daemon (SSSD) before 1.9.4, when (1) creating ...)
 	- sssd 1.8.4-2 (low; bug #698871)
 	[squeeze] - sssd <no-dsa> (Minor issue)
-CVE-2013-0218
+CVE-2013-0218 (The GUI installer in JBoss Enterprise Application Platform (EAP) and E ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2013-0217
+CVE-2013-0217 (Memory leak in drivers/net/xen-netback/netback.c in the Xen netback fu ...)
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2013-0216
+CVE-2013-0216 (The Xen netback functionality in the Linux kernel before 3.7.8 allows  ...)
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48
-CVE-2013-0215
+CVE-2013-0215 (oxenstored in Xen 4.1.x, Xen 4.2.x, and xen-unstable does not properly ...)
 	- xen <not-affected> (ocaml version of the xenstore daemon not used in Debian)
-CVE-2013-0214
+CVE-2013-0214 (Cross-site request forgery (CSRF) vulnerability in the Samba Web Admin ...)
 	{DSA-2617-1}
 	- samba 2:3.6.6-5
-CVE-2013-0213
+CVE-2013-0213 (The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3 ...)
 	{DSA-2617-1}
 	- samba 2:3.6.6-5
-CVE-2013-0212
+CVE-2013-0212 (store/swift.py in OpenStack Glance Essex (2012.1), Folsom (2012.2) bef ...)
 	- glance 2012.1.1-4
-CVE-2013-0211
+CVE-2013-0211 (Integer signedness error in the archive_write_zip_data function in arc ...)
 	- libarchive 3.0.4-3 (bug #703957)
 	[squeeze] - libarchive <not-affected> (Vulnerable code not present)
-CVE-2013-0210
+CVE-2013-0210 (The smart proxy Puppet run API in Foreman before 1.2.0 allows remote a ...)
 	- foreman <itp> (bug #663101)
-CVE-2013-0209
+CVE-2013-0209 (lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x thro ...)
 	{DSA-2611-1}
 	- movabletype-opensource 5.1.2+dfsg-1 (bug #697666)
 	NOTE: Versions 5.0 or higher not affected
-CVE-2013-0208
+CVE-2013-0208 (The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Es ...)
 	- nova 2012.1.1-12
-CVE-2013-0207
+CVE-2013-0207 (Cross-site request forgery (CSRF) vulnerability in the Mark Complete m ...)
 	NOT-FOR-US: module for Drupal
-CVE-2013-0206
+CVE-2013-0206 (Unrestricted file upload vulnerability in the Live CSS module 6.x-2.x  ...)
 	NOT-FOR-US: module for Drupal
-CVE-2013-0205
+CVE-2013-0205 (Cross-site request forgery (CSRF) vulnerability in the RESTful Web Ser ...)
 	NOT-FOR-US: module for Drupal
-CVE-2013-0204
+CVE-2013-0204 (settings/personal.php in ownCloud 4.5.x before 4.5.6 allows remote aut ...)
 	- owncloud <not-affected> (Vulnerably code not present, only affects 4.5 branch)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-002/
 CVE-2013-0203 [XSS vulnerabilities]
@@ -19699,22 +19699,22 @@ CVE-2013-0202 [XSS vulnerabilities]
 	- owncloud 4.0.8debian-1.4 (bug #698737)
 	[wheezy] - owncloud 4.0.4debian2-3.3
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-001/
-CVE-2013-0201
+CVE-2013-0201 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, ...)
 	- owncloud 4.0.8debian-1.4 (bug #698737)
 	[wheezy] - owncloud 4.0.4debian2-3.3
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-001/
-CVE-2013-0200
+CVE-2013-0200 (HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local user ...)
 	{DSA-2829-1}
 	- hplip 3.12.6-3.1 (low; bug #701185)
 	[squeeze] - hplip <no-dsa> (Minor issue)
-CVE-2013-0199
+CVE-2013-0199 (The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict acce ...)
 	NOT-FOR-US: FreeIPA
-CVE-2013-0198
+CVE-2013-0198 (Dnsmasq before 2.66test2, when used with certain libvirt configuration ...)
 	- dnsmasq 2.66-1 (low)
 	[wheezy] - dnsmasq <no-dsa> (Minor issue)
 	[squeeze] - dnsmasq <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/18/2
-CVE-2013-0197
+CVE-2013-0197 (Cross-site scripting (XSS) vulnerability in the filter_draw_selection_ ...)
 	- mantis <not-affected> (This only affects the 1.2.12 version, which isn't present in Debian, bug #698481)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=15373
 CVE-2013-0196
@@ -19737,46 +19737,46 @@ CVE-2013-0192
 	NOT-FOR-US: Simple Machines Forum
 CVE-2013-0188
 	REJECTED
-CVE-2013-0190
+CVE-2013-0190 (The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23  ...)
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-47
-CVE-2013-0189
+CVE-2013-0189 (cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and oth ...)
 	{DSA-2631-1}
 	- squid 2.7.STABLE9-2
 	NOTE: squid-cgi was removed in 2.7.STABLE9-2
 	- squid3 3.1.20-2.1 (bug #696187)
 	NOTE: possible regression, see #701123
-CVE-2013-0191
+CVE-2013-0191 (libpam-pgsql (aka pam_pgsql) 0.7 does not properly handle a NULL value ...)
 	- pam-pgsql 0.7.3.1-4 (bug #698241)
 	[squeeze] - pam-pgsql 0.7.1-4+squeeze2
 	NOTE: patch: https://sourceforge.net/u/lvella/pam-pgsql/ci/9361f5970e5dd90a747319995b67c2f73b91448c/
 	NOTE: bugreport: https://sourceforge.net/p/pam-pgsql/bugs/13/
-CVE-2013-0187
+CVE-2013-0187 (Foreman before 1.1 allows remote authenticated users to gain privilege ...)
 	- foreman <itp> (bug #663101)
 CVE-2013-0186
 	RESERVED
 	NOT-FOR-US: ManageIQ EVM (CloudForms)
-CVE-2013-0185
+CVE-2013-0185 (Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise ...)
 	NOT-FOR-US: ManageIQ EVM (CloudForms)
-CVE-2013-0184
+CVE-2013-0184 (Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x ...)
 	{DSA-2783-1}
 	- ruby-rack 1.4.1-2.1 (bug #698440)
 	- librack-ruby <removed>
-CVE-2013-0183
+CVE-2013-0183 (multipart/parser.rb in Rack 1.3.x before 1.3.8 and 1.4.x before 1.4.3  ...)
 	{DSA-2783-1}
 	- ruby-rack 1.4.1-2.1 (bug #698440)
 	- librack-ruby <removed>
 	NOTE: commit 24d512531bd88f2d6ce94b3a3d9798fde8fbb713 refactored the multipart module
 	NOTE: and introduced the fast_forward_to_first_boundry function.
 	NOTE: https://github.com/rack/rack/commit/24d512531bd88f2d6ce94b3a3d9798fde8fbb713
-CVE-2013-0182
+CVE-2013-0182 (The Payment module 7.x-1.x before 7.x-1.3 for Drupal does not properly ...)
 	NOT-FOR-US: Drupal module Payment
-CVE-2013-0181
+CVE-2013-0181 (Cross-site scripting (XSS) vulnerability in Views in the Search API (s ...)
 	NOT-FOR-US: Drupal module search_api
 CVE-2013-0180
 	RESERVED
-CVE-2013-0179
+CVE-2013-0179 (The process_bin_delete function in memcached.c in memcached 1.4.4 and  ...)
 	- memcached 1.4.13-0.2 (low; bug #698231)
 	[squeeze] - memcached 1.4.5-1+deb6u1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=895054
@@ -19788,32 +19788,32 @@ CVE-2013-0178 [redis 2.4: Insecure temporary flaw use for redis service's vm swa
 	[squeeze] - redis <no-dsa> (Minor issue)
 	[wheezy] - redis <no-dsa> (Minor issue)
 	NOTE: RedHat bugreport mentions 2.4 is affected, but not 2.6
-CVE-2013-0177
+CVE-2013-0177 (Multiple cross-site scripting (XSS) vulnerabilities in widget/screen/M ...)
 	NOT-FOR-US: OFBiz
-CVE-2013-0176
+CVE-2013-0176 (The publickey_from_privatekey function in libssh before 0.5.4, when no ...)
 	- libssh 0.5.4-1 (low; bug #698963)
 	[squeeze] - libssh <no-dsa> (Minor issue)
 	NOTE: http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/
 	NOTE: http://git.libssh.org/projects/libssh.git/commit/?h=v0-5&id=55b09f426417406bb25c0b9c474fbab1398b0dc8
-CVE-2013-0175
+CVE-2013-0175 (multi_xml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possib ...)
 	- ruby-multi-xml <not-affected> (Vulnerable version never in the archive)
 	NOTE: fixed in https://rubygems.org/gems/multi_xml/versions/0.5.2
-CVE-2013-0174
+CVE-2013-0174 (The external node classifier (ENC) API in Foreman before 1.1 allows re ...)
 	- foreman <itp> (bug #663101)
-CVE-2013-0173
+CVE-2013-0173 (Foreman before 1.1 uses a salt of "foreman" to hash root passwords, wh ...)
 	- foreman <itp> (bug #663101)
-CVE-2013-0172
+CVE-2013-0172 (Samba 4.0.x before 4.0.1, in certain Active Directory domain-controlle ...)
 	- samba4 4.0.0~beta2+dfsg1-3.1 (high; bug #699188)
 	- samba <not-affected> (Only affects Active Directory functionality)
 	NOTE: https://lists.samba.org/archive/samba-technical/2013-January/089911.html
-CVE-2013-0171
+CVE-2013-0171 (Foreman before 1.1 allows remote attackers to execute arbitrary code v ...)
 	- foreman <itp> (bug #663101)
-CVE-2013-0170
+CVE-2013-0170 (Use-after-free vulnerability in the virNetMessageFree function in rpc/ ...)
 	- libvirt 0.9.12-6 (bug #699224)
 	[squeeze] - libvirt <not-affected> (Vulnerable code not present, see bug #699224)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=893450
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=46532e3e8ed5f5a736a02f67d6c805492f9ca720
-CVE-2013-0169
+CVE-2013-0169 (The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as use ...)
 	{DSA-2622-1 DSA-2621-1}
 	- openssl 1.0.1e-1 (bug #699889)
 	- bouncycastle 1.48+dfsg-2 (low; bug #699885)
@@ -19835,42 +19835,42 @@ CVE-2013-0169
 	- tlslite <removed>
 	[wheezy] - tlslite <no-dsa> (Minor issue)
 	NOTE: http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
-CVE-2013-0168
+CVE-2013-0168 (The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHE ...)
 	NOTE: RHEV management tool
-CVE-2013-0167
+CVE-2013-0167 (VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged  ...)
 	- vdsm <itp> (bug #668538)
-CVE-2013-0166
+CVE-2013-0166 (OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d do ...)
 	{DSA-2621-1}
 	- openssl 1.0.1e-1 (bug #699889)
 CVE-2013-0165
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2013-0164
+CVE-2013-0164 (The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Re ...)
 	NOT-FOR-US: OpenShift
 CVE-2013-0163
 	RESERVED
 	NOT-FOR-US: OpenShift haproxy cartridge
-CVE-2013-0162
+CVE-2013-0162 (The diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser  ...)
 	- ruby-parser 2.3.1-2 (bug #701637)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/02/22/5
 CVE-2013-0161
 	RESERVED
 	NOT-FOR-US: Havalite CMS
-CVE-2013-0160
+CVE-2013-0160 (The Linux kernel through 3.7.9 allows local users to obtain sensitive  ...)
 	{DSA-2669-1}
 	- linux 3.8.12-1 (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Minor information leak, rather a missing hardening feature than a security vulnerability.
-CVE-2013-0159
+CVE-2013-0159 (The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 ...)
 	NOT-FOR-US: Fedora build script
-CVE-2013-0158
+CVE-2013-0158 (Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before  ...)
 	- jenkins 1.480.2+dfsg-1~exp1 (bug #697617)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04
-CVE-2013-0157
+CVE-2013-0157 ((a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably ot ...)
 	- util-linux 2.20.1-5.5 (bug #697464; low)
 	[squeeze] - util-linux <no-dsa> (Minor issue)
 	[wheezy] - util-linux <no-dsa> (Minor issue)
-CVE-2013-0156
+CVE-2013-0156 (active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2. ...)
 	{DSA-2604-1}
 	- rails 2.3.14.1 (bug #697722; high)
 	- ruby-activesupport-2.3 2.3.14-5 (bug #697789)
@@ -19879,7 +19879,7 @@ CVE-2013-0156
 	NOTE: http://www.insinuator.net/2013/01/rails-yaml/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/08/14
 	NOTE: experimental has 3.2.8-1 and should be affected too
-CVE-2013-0155
+CVE-2013-0155 (Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x befo ...)
 	{DSA-2609-1}
 	- ruby-activerecord-3.2 3.2.6-4 (bug #697744)
 	- ruby-activerecord-2.3 2.3.14-4
@@ -19887,84 +19887,84 @@ CVE-2013-0155
 	- rails 2.3.14.1
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/08/13
-CVE-2013-0154
+CVE-2013-0154 (The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debug ...)
 	- xen <not-affected> (Only applies to Xen 4.2, which is only available in experimental)
-CVE-2013-0153
+CVE-2013-0153 (The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, wh ...)
 	{DSA-2636-1}
 	- xen 4.1.4-2
-CVE-2013-0152
+CVE-2013-0152 (Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a ...)
 	- xen <not-affected> (Only applies to Xen 4.2, which is only available in experimental)
-CVE-2013-0151
+CVE-2013-0151 (The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x ...)
 	- xen <not-affected> (Only applies to Xen 4.2, which is only available in experimental)
-CVE-2013-0150
+CVE-2013-0150 (Directory traversal vulnerability in an unspecified signed Java applet ...)
 	NOT-FOR-US: F5 BIG-IP APM, FirePass and other F5 products
-CVE-2013-0149
+CVE-2013-0149 (The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 throug ...)
 	- quagga <not-affected>
 	NOTE: OSPF protocol vulnerability, quagga implementation not affected
-CVE-2013-0148
+CVE-2013-0148 (The Data Camouflage (aka FairCom Standard Encryption) algorithm in Fai ...)
 	NOT-FOR-US: FairCom c-treeACE
 CVE-2013-0147
 	RESERVED
 CVE-2013-0146
 	RESERVED
-CVE-2013-0145
+CVE-2013-0145 (Buffer overflow in the TFTPD service in Serva32 2.1.0 allows remote at ...)
 	NOT-FOR-US: Serva32
-CVE-2013-0144
+CVE-2013-0144 (Cross-site request forgery (CSRF) vulnerability in cgi-bin/create_user ...)
 	NOT-FOR-US: QNAP
-CVE-2013-0143
+CVE-2013-0143 (cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3,  ...)
 	NOT-FOR-US: QNAP
-CVE-2013-0142
+CVE-2013-0142 (QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Sta ...)
 	NOT-FOR-US: QNAP
-CVE-2013-0141
+CVE-2013-0141 (Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2013-0140
+CVE-2013-0140 (SQL injection vulnerability in the Agent-Handler component in McAfee e ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2013-0139
+CVE-2013-0139 (The Arecont Vision AV1355DN MegaDome camera allows remote attackers to ...)
 	NOT-FOR-US: Arecont Vision
-CVE-2013-0138
+CVE-2013-0138 (BitZipper 2013 before Update 1 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: BitZipper
-CVE-2013-0137
+CVE-2013-0137 (The default configuration of the Digital Alert Systems DASDEC EAS devi ...)
 	NOT-FOR-US: Digital Alert Systems and Monroe Electronics
-CVE-2013-0136
+CVE-2013-0136 (Multiple directory traversal vulnerabilities in the EditDocument servl ...)
 	NOT-FOR-US: Mutiny
-CVE-2013-0135
+CVE-2013-0135 (Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow ...)
 	NOT-FOR-US: PHP Address Book
-CVE-2013-0134
+CVE-2013-0134 (Cross-site scripting (XSS) vulnerability in the web interface in AirDr ...)
 	NOT-FOR-US: AirDroid
-CVE-2013-0133
+CVE-2013-0133 (Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapp ...)
 	NOT-FOR-US: Parallels Plesk Panel
-CVE-2013-0132
+CVE-2013-0132 (The suexec implementation in Parallels Plesk Panel 11.0.9 contains a c ...)
 	NOT-FOR-US: Parallels Plesk Panel
-CVE-2013-0131
+CVE-2013-0131 (Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 3 ...)
 	- nvidia-graphics-drivers 304.88-1 (bug #704547)
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/3290
-CVE-2013-0130
+CVE-2013-0130 (Multiple buffer overflows in Core FTP before 2.2 build 1769 allow remo ...)
 	NOT-FOR-US: Core FTP
-CVE-2013-0129
+CVE-2013-0129 (Multiple cross-site scripting (XSS) vulnerabilities in pd-admin before ...)
 	NOT-FOR-US: pd-admin
-CVE-2013-0128
+CVE-2013-0128 (The Contact Customer Support feature in the TigerText Free Private Tex ...)
 	NOT-FOR-US: TigerText
-CVE-2013-0127
+CVE-2013-0127 (IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Inte ...)
 	NOT-FOR-US: IBM Lotus Notes
-CVE-2013-0126
+CVE-2013-0126 (Multiple cross-site request forgery (CSRF) vulnerabilities in index.cg ...)
 	NOT-FOR-US: Verizon router
-CVE-2013-0125
+CVE-2013-0125 (Cross-site scripting (XSS) vulnerability in fileview.asp in C2 WebReso ...)
 	NOT-FOR-US: C2 WebResource
-CVE-2013-0124
+CVE-2013-0124 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: ASKIA
-CVE-2013-0123
+CVE-2013-0123 (Multiple SQL injection vulnerabilities in the administration interface ...)
 	NOT-FOR-US: ASKIA
-CVE-2013-0122
+CVE-2013-0122 (The avast! Mobile Security application before 2.0.4400 for Android all ...)
 	NOT-FOR-US: avast! Mobile Security application
 CVE-2013-0121
 	RESERVED
-CVE-2013-0120
+CVE-2013-0120 (The web interface on Dell PowerConnect 6248P switches allows remote at ...)
 	NOT-FOR-US: Dell Switches
 CVE-2013-0119
 	RESERVED
-CVE-2013-0118
+CVE-2013-0118 (CS-Cart before 3.0.6, when PayPal Standard Payments is configured, all ...)
 	NOT-FOR-US: CS-Cart
 CVE-2013-0117
 	RESERVED
@@ -19974,19 +19974,19 @@ CVE-2013-0115
 	RESERVED
 CVE-2013-0114
 	RESERVED
-CVE-2013-0113
+CVE-2013-0113 (Nuance PDF Reader 7.0 and PDF Viewer Plus 7.1 allow remote attackers t ...)
 	NOT-FOR-US: Nuance PDF Reader
 CVE-2013-0112
 	RESERVED
-CVE-2013-0111
+CVE-2013-0111 (daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed wit ...)
 	NOT-FOR-US: NVIDIA Update Service Daemon
-CVE-2013-0110
+CVE-2013-0110 (nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distr ...)
 	NOT-FOR-US: NVIDIA Stereoscopic 3D Driver service
-CVE-2013-0109
+CVE-2013-0109 (The NVIDIA driver before 307.78, and Release 310 before 311.00, in the ...)
 	NOT-FOR-US: NVIDIA Display Driver service on Windows
-CVE-2013-0108
+CVE-2013-0108 (An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buil ...)
 	NOT-FOR-US: Honeywell
-CVE-2013-0107
+CVE-2013-0107 (Stack-based buffer overflow in Foxit Advanced PDF Editor 3 before 3.04 ...)
 	NOT-FOR-US: Foxit Advanced PDF Editor
 CVE-2013-0106
 	RESERVED
@@ -20008,53 +20008,53 @@ CVE-2013-0098
 	REJECTED
 CVE-2013-0097
 	REJECTED
-CVE-2013-0096
+CVE-2013-0096 (Writer in Microsoft Windows Essentials 2011 and 2012 allows remote att ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-0095
+CVE-2013-0095 (Outlook in Microsoft Office for Mac 2008 before 12.3.6 and Office for  ...)
 	NOT-FOR-US: Outlook in Microsoft Office for Mac
-CVE-2013-0094
+CVE-2013-0094 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0093
+CVE-2013-0093 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0092
+CVE-2013-0092 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0091
+CVE-2013-0091 (Use-after-free vulnerability in Microsoft Internet Explorer 8 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0090
+CVE-2013-0090 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0089
+CVE-2013-0089 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0088
+CVE-2013-0088 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0087
+CVE-2013-0087 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0086
+CVE-2013-0086 (Microsoft OneNote 2010 SP1 does not properly determine buffer sizes du ...)
 	NOT-FOR-US: Microsoft OneNote
-CVE-2013-0085
+CVE-2013-0085 (Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2013-0084
+CVE-2013-0084 (Directory traversal vulnerability in Microsoft SharePoint Server 2010  ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2013-0083
+CVE-2013-0083 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Serve ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2013-0082
+CVE-2013-0082 (Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-0081
+CVE-2013-0081 (Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 ...)
 	NOT-FOR-US: Microsoft
-CVE-2013-0080
+CVE-2013-0080 (Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2013-0079
+CVE-2013-0079 (Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arb ...)
 	NOT-FOR-US: Microsoft Visio Viewer
-CVE-2013-0078
+CVE-2013-0078 (The Microsoft Antimalware Client in Windows Defender on Windows 8 and  ...)
 	NOT-FOR-US: Microsoft Antimalware Client
-CVE-2013-0077
+CVE-2013-0077 (Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server 2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-0076
+CVE-2013-0076 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Serv ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-0075
+CVE-2013-0075 (The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Serv ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-0074
+CVE-2013-0074 (Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 d ...)
 	NOT-FOR-US: Microsoft Silverlight
-CVE-2013-0073
+CVE-2013-0073 (The Windows Forms (aka WinForms) component in Microsoft .NET Framework ...)
 	NOT-FOR-US: Microsoft .NET Framework
 CVE-2013-0072
 	REJECTED
@@ -20142,63 +20142,63 @@ CVE-2013-0032
 	REJECTED
 CVE-2013-0031
 	REJECTED
-CVE-2013-0030
+CVE-2013-0030 (The Vector Markup Language (VML) implementation in Microsoft Internet  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0029
+CVE-2013-0029 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0028
+CVE-2013-0028 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0027
+CVE-2013-0027 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0026
+CVE-2013-0026 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0025
+CVE-2013-0025 (Use-after-free vulnerability in Microsoft Internet Explorer 8 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0024
+CVE-2013-0024 (Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 al ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0023
+CVE-2013-0023 (Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 a ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0022
+CVE-2013-0022 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0021
+CVE-2013-0021 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0020
+CVE-2013-0020 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0019
+CVE-2013-0019 (Use-after-free vulnerability in Microsoft Internet Explorer 7 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2013-0018
+CVE-2013-0018 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-0017
 	REJECTED
 CVE-2013-0016
 	REJECTED
-CVE-2013-0015
+CVE-2013-0015 (Microsoft Internet Explorer 6 through 9 does not properly perform auto ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-0014
 	REJECTED
-CVE-2013-0013
+CVE-2013-0013 (The SSL provider component in Microsoft Windows Vista SP2, Windows Ser ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-0012
 	REJECTED
-CVE-2013-0011
+CVE-2013-0011 (The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-0010
+CVE-2013-0010 (Cross-site scripting (XSS) vulnerability in Microsoft System Center Op ...)
 	NOT-FOR-US: Microsoft System Center Opera Manager
-CVE-2013-0009
+CVE-2013-0009 (Cross-site scripting (XSS) vulnerability in Microsoft System Center Op ...)
 	NOT-FOR-US: Microsoft System Center Opera Manager
-CVE-2013-0008
+CVE-2013-0008 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2,  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-0007
+CVE-2013-0007 (Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not pro ...)
 	NOT-FOR-US: Microsoft XML Core Services
-CVE-2013-0006
+CVE-2013-0006 (Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not pro ...)
 	NOT-FOR-US: Microsoft XML Core Services
-CVE-2013-0005
+CVE-2013-0005 (The WCF Replace function in the Open Data (aka OData) protocol impleme ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-0004
+CVE-2013-0004 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5. ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-0003
+CVE-2013-0003 (Buffer overflow in a System.DirectoryServices.Protocols (S.DS.P) names ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-0002
+CVE-2013-0002 (Buffer overflow in the Windows Forms (aka WinForms) component in Micro ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2013-0001
+CVE-2013-0001 (The Windows Forms (aka WinForms) component in Microsoft .NET Framework ...)
 	NOT-FOR-US: Microsoft .NET Framework
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 00b7200226..8ffddb78fe 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -1,126 +1,126 @@
-CVE-2014-10079
+CVE-2014-10079 (In Vembu StoreGrid 4.4.x, the front page of the server web interface l ...)
 	NOT-FOR-US: Vembu StoreGrid
-CVE-2014-10078
+CVE-2014-10078 (Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregs ...)
 	NOT-FOR-US: Vembu StoreGrid
 CVE-2014-1000000
 	REJECTED
-CVE-2014-10077
+CVE-2014-10077 (Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 f ...)
 	{DLA-1584-1}
 	- ruby-i18n 0.7.0-3 (bug #913093)
 	[stretch] - ruby-i18n <no-dsa> (Minor issue)
 	NOTE: https://github.com/svenfuchs/i18n/pull/289
 	NOTE: https://github.com/svenfuchs/i18n/commit/24e71a9a4901ed18c9cab5c53109fd9bf2416bcb
-CVE-2014-10076
+CVE-2014-10076 (The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character ...)
 	NOT-FOR-US: wp-db-backup plugin WordPress
-CVE-2014-10075
+CVE-2014-10075 (The karo gem 2.3.8 for Ruby allows Remote command injection via the ho ...)
 	NOT-FOR-US: karo gem
-CVE-2014-10074
+CVE-2014-10074 (Umbraco before 7.2.0 has a remote PHP code execution vulnerability bec ...)
 	NOT-FOR-US: Umbraco
-CVE-2014-10073
+CVE-2014-10073 (The create_response function in server/server.c in Psensor before 1.1. ...)
 	{DLA-1361-1}
 	- psensor 1.1.5-1 (low; bug #896195)
 	[jessie] - psensor 1.1.3-2+deb8u1
 	NOTE: http://git.wpitchoune.net/gitweb/?p=psensor.git;a=commitdiff;h=8b10426dcc0246c1712a99460dd470dcb1cc4d9c
-CVE-2014-10072
+CVE-2014-10072 (In utils.c in zsh before 5.0.6, there is a buffer overflow when scanni ...)
 	{DLA-1304-1}
 	- zsh 5.0.6-1
 	NOTE: https://sourceforge.net/p/zsh/code/ci/3e06aeabd8a9e8384ebaa8b08996cd1f64737210
-CVE-2014-10071
+CVE-2014-10071 (In exec.c in zsh before 5.0.7, there is a buffer overflow for very lon ...)
 	{DLA-1304-1}
 	- zsh 5.0.7-3
 	NOTE: https://sourceforge.net/p/zsh/code/ci/49a3086bb67575435251c70ee598e2fd406ef055
 	NOTE: Debian needed to add cherry-pick-9982ab6f-missing-changelog-entry
-CVE-2014-10070
+CVE-2014-10070 (zsh before 5.0.7 allows evaluation of the initial values of integer va ...)
 	{DLA-1304-1}
 	- zsh 5.0.7-3
 	NOTE: https://sourceforge.net/p/zsh/code/ci/546203a770cec329e73781c3c8ab1078390aee72
-CVE-2014-10069
+CVE-2014-10069 (Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared ...)
 	NOT-FOR-US: Hitron CVE-30360 devices
-CVE-2014-10068
+CVE-2014-10068 (The inert directory handler in inert node module before 1.1.1 always a ...)
 	NOT-FOR-US: inert
-CVE-2014-10067
+CVE-2014-10067 (paypal-ipn before 3.0.0 uses the `test_ipn` parameter (which is set by ...)
 	NOT-FOR-US: paypal-ipn
-CVE-2014-10066
+CVE-2014-10066 (Versions less than 0.1.4 of the static file server module fancy-server ...)
 	NOT-FOR-US: fancy-server
-CVE-2014-10065
+CVE-2014-10065 (Certain input when passed into remarkable before 1.4.1 will bypass the ...)
 	NOT-FOR-US: remarkable
-CVE-2014-10064
+CVE-2014-10064 (The qs module before 1.0.0 does not have an option or default for spec ...)
 	- node-qs 2.2.4-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/28
 	NOTE: nodejs not security by security support
-CVE-2014-9998
+CVE-2014-9998 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9997
+CVE-2014-9997 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9996
+CVE-2014-9996 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9995
+CVE-2014-9995 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9994
+CVE-2014-9994 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9993
+CVE-2014-9993 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2014-9992
 	RESERVED
-CVE-2014-9991
+CVE-2014-9991 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9990
+CVE-2014-9990 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9989
+CVE-2014-9989 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9988
+CVE-2014-9988 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9987
+CVE-2014-9987 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9986
+CVE-2014-9986 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9985
+CVE-2014-9985 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10063
+CVE-2014-10063 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10062
+CVE-2014-10062 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2014-10061
 	RESERVED
 CVE-2014-10060
 	RESERVED
-CVE-2014-10059
+CVE-2014-10059 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10058
+CVE-2014-10058 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10057
+CVE-2014-10057 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10056
+CVE-2014-10056 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10055
+CVE-2014-10055 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10054
+CVE-2014-10054 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10053
+CVE-2014-10053 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10052
+CVE-2014-10052 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10051
+CVE-2014-10051 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10050
+CVE-2014-10050 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2014-10049
 	RESERVED
-CVE-2014-10048
+CVE-2014-10048 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10047
+CVE-2014-10047 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10046
+CVE-2014-10046 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10045
+CVE-2014-10045 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10044
+CVE-2014-10044 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10043
+CVE-2014-10043 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-10039
+CVE-2014-10039 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9984
+CVE-2014-9984 (nscd in the GNU C Library (aka glibc or libc6) before version 2.20 doe ...)
 	- glibc 2.19-14
 	- eglibc <removed>
 	[wheezy] - eglibc <not-affected> (Vulnerable code not present)
@@ -128,139 +128,139 @@ CVE-2014-9984
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=c44496df2f090a56d3bf75df930592dac6bba46f
 CVE-2014-9982
 	RESERVED
-CVE-2014-9981
+CVE-2014-9981 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9980
+CVE-2014-9980 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9979
+CVE-2014-9979 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9978
+CVE-2014-9978 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9977
+CVE-2014-9977 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9976
+CVE-2014-9976 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9975
+CVE-2014-9975 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9974
+CVE-2014-9974 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9973
+CVE-2014-9973 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9972
+CVE-2014-9972 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9971
+CVE-2014-9971 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9970
+CVE-2014-9970 (jasypt before 1.9.2 allows a timing attack against the password hash c ...)
 	- jasypt 1.9.2-1
 	[jessie] - jasypt <no-dsa> (Minor issue)
 	[wheezy] - jasypt <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/jasypt/code/668/
-CVE-2014-9969
+CVE-2014-9969 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9968
+CVE-2014-9968 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9967
+CVE-2014-9967 (In all Android releases from CAF using the Linux kernel, an untrusted  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9966
+CVE-2014-9966 (In all Android releases from CAF using the Linux kernel, a Time-of-che ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9965
+CVE-2014-9965 (In all Android releases from CAF using the Linux kernel, a vulnerabili ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9964
+CVE-2014-9964 (In all Android releases from CAF using the Linux kernel, an integer ov ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9963
+CVE-2014-9963 (In all Android releases from CAF using the Linux kernel, a buffer over ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9962
+CVE-2014-9962 (In all Android releases from CAF using the Linux kernel, a vulnerabili ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9961
+CVE-2014-9961 (In all Android releases from CAF using the Linux kernel, a vulnerabili ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9960
+CVE-2014-9960 (In all Android releases from CAF using the Linux kernel, a buffer over ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9959
+CVE-2014-9959 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9958
+CVE-2014-9958 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9957
+CVE-2014-9957 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9956
+CVE-2014-9956 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9955
+CVE-2014-9955 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9954
+CVE-2014-9954 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9953
+CVE-2014-9953 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2014-9952
+CVE-2014-9952 (In the Secure File System in all Android releases from CAF using the L ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9951
+CVE-2014-9951 (In TrustZone in all Android releases from CAF using the Linux kernel,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9950
+CVE-2014-9950 (In Core Kernel in all Android releases from CAF using the Linux kernel ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9949
+CVE-2014-9949 (In TrustZone in all Android releases from CAF using the Linux kernel,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9948
+CVE-2014-9948 (In TrustZone in all Android releases from CAF using the Linux kernel,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9947
+CVE-2014-9947 (In TrustZone in all Android releases from CAF using the Linux kernel,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9946
+CVE-2014-9946 (In Core Kernel in all Android releases from CAF using the Linux kernel ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9945
+CVE-2014-9945 (In TrustZone in all Android releases from CAF using the Linux kernel,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9944
+CVE-2014-9944 (In the Secure File System in all Android releases from CAF using the L ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9943
+CVE-2014-9943 (In Core Kernel in all Android releases from CAF using the Linux kernel ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9942
+CVE-2014-9942 (In Boot in all Android releases from CAF using the Linux kernel, a Use ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9941
+CVE-2014-9941 (In the Embedded File System in all Android releases from CAF using the ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9940
+CVE-2014-9940 (The regulator_ena_gpio_free function in drivers/regulator/core.c in th ...)
 	{DSA-3945-1}
 	- linux 4.0.2-1 (low)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2014-9938
+CVE-2014-9938 (contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize ...)
 	- git 1:2.0.0~rc2-1
 	[wheezy] - git <not-affected> (Vulnerable code introduced in 1.8.1-rc0)
 	NOTE: https://github.com/git/git/commit/8976500cbbb13270398d3b3e07a17b8cc7bff43f
 	NOTE: https://github.com/njhartwell/pw3nage
 	NOTE: Vulnerability likely introduced by the "pc_mode" in https://github.com/git/git/commit/1bfc51ac814125de03ddf1900245e42d6ce0d250
-CVE-2014-9937
+CVE-2014-9937 (In TrustZone a buffer overflow vulnerability can potentially occur in  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9936
+CVE-2014-9936 (In TrustZone a time-of-check time-of-use race condition could potentia ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9935
+CVE-2014-9935 (In TrustZone an integer overflow vulnerability leading to a buffer ove ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9934
+CVE-2014-9934 (A PKCS#1 v1.5 signature verification routine in all Android releases f ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9933
+CVE-2014-9933 (Due to missing input validation in all Android releases from CAF using ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9932
+CVE-2014-9932 (In TrustZone, an integer overflow vulnerability can potentially occur  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9931
+CVE-2014-9931 (A buffer overflow vulnerability in all Android releases from CAF using ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9930
+CVE-2014-9930 (In WCDMA in all Android releases from CAF using the Linux kernel, a Us ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9929
+CVE-2014-9929 (In WCDMA in all Android releases from CAF using the Linux kernel, a Us ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9928
+CVE-2014-9928 (In GERAN in all Android releases from CAF using the Linux kernel, a Bu ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9927
+CVE-2014-9927 (In UIM in all Android releases from CAF using the Linux kernel, a Buff ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9926
+CVE-2014-9926 (In GNSS in all Android releases from CAF using the Linux kernel, a Use ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9925
+CVE-2014-9925 (In HDR in all Android releases from CAF using the Linux kernel, a Buff ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9924
+CVE-2014-9924 (In 1x in all Android releases from CAF using the Linux kernel, a Signe ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9923
+CVE-2014-9923 (In NAS in all Android releases from CAF using the Linux kernel, a Buff ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9922
+CVE-2014-9922 (The eCryptfs subsystem in the Linux kernel before 3.18 allows local us ...)
 	- linux 4.0.2-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux 3.2.82-1
 	NOTE: Fixed by: https://git.kernel.org/linus/69c433ed2ecd2d3264efd7afec4439524b319121 (v3.18-rc2)
-CVE-2014-9921
+CVE-2014-9921 (Information disclosure vulnerability in McAfee (now Intel Security) Cl ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2014-9920
+CVE-2014-9920 (Unauthorized execution of binary vulnerability in McAfee (now Intel Se ...)
 	NOT-FOR-US: Intel antivirus
 CVE-2014-9919
 	RESERVED
@@ -268,12 +268,12 @@ CVE-2014-9918
 	RESERVED
 CVE-2014-9917
 	RESERVED
-CVE-2014-9916
+CVE-2014-9916 (Multiple cross-site scripting (XSS) vulnerabilities in Bilboplanet 2.0 ...)
 	NOT-FOR-US: Bilboplanet
-CVE-2014-9914
+CVE-2014-9914 (Race condition in the ip4_datagram_release_cb function in net/ipv4/dat ...)
 	- linux 3.16.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
-CVE-2014-9913
+CVE-2014-9913 (Buffer overflow in the list_files function in list.c in Info-Zip UnZip ...)
 	{DLA-741-1}
 	- unzip 6.0-21 (bug #847485)
 	[jessie] - unzip 6.0-16+deb8u3
@@ -282,40 +282,40 @@ CVE-2014-9913
 	NOTE: can be used to verify a fix (which trigger the issue in unzip -l but crash
 	NOTE: in different areas of the unzip codebase)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/11/03/5
-CVE-2014-9912
+CVE-2014-9912 (The get_icu_disp_value_src_php function in ext/intl/locale/locale_meth ...)
 	- php5 5.6.0+dfsg-1
 	[wheezy] - php5 5.4.34-0+deb7u1
 	NOTE: Fixed in 5.6.0, 5.5.14, 5.4.30, 5.3.29
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=67397
 	NOTE: Upstream patch: https://bugs.php.net/patch-display.php?bug_id=67397&patch=bug67397-patch&revision=latest
 	NOTE: PHP workaround for CVE-2014-9911 in icu
-CVE-2014-9911
+CVE-2014-9911 (Stack-based buffer overflow in the ures_getByKeyWithFallback function  ...)
 	{DSA-3725-1 DLA-744-1}
 	- icu 55.1-3
 	NOTE: http://bugs.icu-project.org/trac/ticket/10891
 	NOTE: Fixed by: http://bugs.icu-project.org/trac/changeset/35699
 	NOTE: The patch addressing CVE-2014-9911 is applied in 54.1 , but the
 	NOTE: first fixed package version uploaded to unstable is 55.1-3 .
-CVE-2014-9910
+CVE-2014-9910 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Android Broadcom driver
-CVE-2014-9909
+CVE-2014-9909 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Android Broadcom driver
 CVE-2014-9908
 	RESERVED
-CVE-2014-9907
+CVE-2014-9907 (coders/dds.c in ImageMagick allows remote attackers to cause a denial  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832942)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/21eae25a8db5fdcd112dbcfcd9e5c37e32d32e2f
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d7325bac173492b358417a0ad49fabad44447d52
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/504ada82b6fa38a30c846c1c29116af7290decb2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2014-9906
+CVE-2014-9906 (Use-after-free vulnerability in DBD::mysql before 4.029 allows attacke ...)
 	{DSA-3635-1 DLA-576-1}
 	- libdbd-mysql-perl 4.033-1
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=97625
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/pull/27
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/a56ae87a4c1c1fead7d09c3653905841ccccf1cc
-CVE-2014-9905
+CVE-2014-9905 (Multiple cross-site scripting (XSS) vulnerabilities in the Web Calenda ...)
 	- sogo 2.2.5-1
 	[wheezy] - sogo <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://github.com/inverse-inc/sogo/commit/1a7fc2a0e90a19dfb1fce292ae5ff53aa513ade9 (SOGo-2.2.0)
@@ -323,101 +323,101 @@ CVE-2014-9905
 	NOTE: https://github.com/inverse-inc/sogo/commit/3a5e44e7eb8b390b67a8f8a83030b49606956501 (SOGo-2.2.0)
 	NOTE: https://github.com/inverse-inc/sogo/commit/c94595ea7f0f843c2d7abf25df039b2bbe707625 (SOGo-2.2.0)
 	NOTE: https://sogo.nu/bugs/view.php?id=2598
-CVE-2014-9904
+CVE-2014-9904 (The snd_compress_check_input function in sound/core/compress_offload.c ...)
 	{DSA-3616-1}
 	- linux 4.0.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: 4.0.2-1 the first version in unstable after 3.17-rc1
 	NOTE: Fixed by: https://git.kernel.org/linus/6217e5ede23285ddfee10d2e4ba0cc2d4c046205 (3.17-rc1)
 	NOTE: Introduced by: https://git.kernel.org/linus/b35cc8225845112a616e3a2266d2fde5ab13d3ab (3.7-rc1)
-CVE-2014-9903
+CVE-2014-9903 (The sched_read_attr function in kernel/sched/core.c in the Linux kerne ...)
 	- linux <not-affected>
 	NOTE: vulnerable code between 3.14-rc1 and 3.14-rc4
-CVE-2014-9902
+CVE-2014-9902 (Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualc ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9901
+CVE-2014-9901 (The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (201 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9900
+CVE-2014-9900 (The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel ...)
 	- linux <unfixed> (unimportant)
-CVE-2014-9899
+CVE-2014-9899 (drivers/usb/host/ehci-msm2.c in the Qualcomm components in Android bef ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9898
+CVE-2014-9898 (arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components  ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9897
+CVE-2014-9897 (sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm components in A ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9896
+CVE-2014-9896 (drivers/char/adsprpc.c in the Qualcomm components in Android before 20 ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9895
+CVE-2014-9895 (drivers/media/media-device.c in the Linux kernel before 3.11, as used  ...)
 	{DLA-833-1}
 	- linux 3.11.5-1
-CVE-2014-9894
+CVE-2014-9894 (drivers/misc/qseecom.c in the Qualcomm components in Android before 20 ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9893
+CVE-2014-9893 (drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm components in And ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9892
+CVE-2014-9892 (The snd_compr_tstamp function in sound/core/compress_offload.c in the  ...)
 	- linux <unfixed> (unimportant)
 	NOTE: Not considered a security issue/invalid issue by the Debian kernel team
-CVE-2014-9891
+CVE-2014-9891 (drivers/misc/qseecom.c in the Qualcomm components in Android before 20 ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9890
+CVE-2014-9890 (Off-by-one error in drivers/media/platform/msm/camera_v2/sensor/cci/ms ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9889
+CVE-2014-9889 (drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualco ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9888
+CVE-2014-9888 (arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platf ...)
 	{DLA-833-1}
 	- linux 3.13.4-1
-CVE-2014-9887
+CVE-2014-9887 (drivers/misc/qseecom.c in the Qualcomm components in Android before 20 ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9886
+CVE-2014-9886 (arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components  ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9885
+CVE-2014-9885 (Format string vulnerability in drivers/thermal/qpnp-adc-tm.c in the Qu ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9884
+CVE-2014-9884 (drivers/misc/qseecom.c in the Qualcomm components in Android before 20 ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9883
+CVE-2014-9883 (Integer overflow in drivers/char/diag/diag_dci.c in the Qualcomm compo ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9882
+CVE-2014-9882 (Buffer overflow in drivers/media/radio/radio-iris.c in the Qualcomm co ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9881
+CVE-2014-9881 (drivers/media/radio/radio-iris.c in the Qualcomm components in Android ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9880
+CVE-2014-9880 (drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9879
+CVE-2014-9879 (The mdss mdp3 driver in the Qualcomm components in Android before 2016 ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9878
+CVE-2014-9878 (drivers/mmc/card/mmc_block_test.c in the Qualcomm components in Androi ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9877
+CVE-2014-9877 (drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9876
+CVE-2014-9876 (drivers/char/diag/diagfwd.c in the Qualcomm components in Android befo ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9875
+CVE-2014-9875 (drivers/char/diag/diag_dci.c in the Qualcomm components in Android bef ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9874
+CVE-2014-9874 (Buffer overflow in the Qualcomm components in Android before 2016-08-0 ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9873
+CVE-2014-9873 (Integer underflow in drivers/char/diag/diag_dci.c in the Qualcomm comp ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9872
+CVE-2014-9872 (The diag driver in the Qualcomm components in Android before 2016-08-0 ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9871
+CVE-2014-9871 (Multiple buffer overflows in drivers/media/platform/msm/camera_v2/isp/ ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9870
+CVE-2014-9870 (The Linux kernel before 3.11 on ARM platforms, as used in Android befo ...)
 	- linux 3.11.5-1
 	[wheezy] - linux <no-dsa> (Minor issue, hardly a security impact, cf. kernel-sec)
-CVE-2014-9869
+CVE-2014-9869 (drivers/media/platform/msm/camera_v2/isp/msm_isp_stats_util.c in the Q ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9868
+CVE-2014-9868 (drivers/media/platform/msm/camera_v2/sensor/csiphy/msm_csiphy.c in the ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9867
+CVE-2014-9867 (drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qua ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9866
+CVE-2014-9866 (drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qua ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9865
+CVE-2014-9865 (drivers/misc/qseecom.c in the Qualcomm components in Android before 20 ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9864
+CVE-2014-9864 (drivers/misc/qseecom.c in the Qualcomm components in Android before 20 ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9863
+CVE-2014-9863 (Integer underflow in the diag driver in the Qualcomm components in And ...)
 	- linux <not-affected> (Android-specific driver)
-CVE-2014-9862
+CVE-2014-9862 (Integer signedness error in bspatch.c in bspatch in bsdiff, as used in ...)
 	{DLA-697-1}
 	- bsdiff 4.3-17
 	[jessie] - bsdiff <no-dsa> (Minor issue; can be fixed via point release)
@@ -436,217 +436,217 @@ CVE-2014-9856
 	RESERVED
 CVE-2014-9855
 	RESERVED
-CVE-2014-9803
+CVE-2014-9803 (arch/arm64/include/asm/pgtable.h in the Linux kernel before 3.15-rc5-n ...)
 	- linux <not-affected> (Vulnerable code never present, introduced and fixed in 3.16 development cycle)
 	NOTE: Introduced by: https://git.kernel.org/linus/bc07c2c6e9ed125d362af0214b6313dca180cb08 (v3.16-rc1)
 	NOTE: Fixed by (revert of commit): https://git.kernel.org/linus/5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830 (v3.16-rc1)
-CVE-2014-9804
+CVE-2014-9804 (vision.c in ImageMagick allows remote attackers to cause a denial of s ...)
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code introduced later)
-CVE-2014-9805
+CVE-2014-9805 (ImageMagick allows remote attackers to cause a denial of service (segm ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9806
+CVE-2014-9806 (ImageMagick allows remote attackers to cause a denial of service (file ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9807
+CVE-2014-9807 (The pdb coder in ImageMagick allows remote attackers to cause a denial ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9808
+CVE-2014-9808 (ImageMagick allows remote attackers to cause a denial of service (segm ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9809
+CVE-2014-9809 (ImageMagick allows remote attackers to cause a denial of service (segm ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9810
+CVE-2014-9810 (The dpx file handler in ImageMagick allows remote attackers to cause a ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9811
+CVE-2014-9811 (The xwd file handler in ImageMagick allows remote attackers to cause a ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9812
+CVE-2014-9812 (ImageMagick allows remote attackers to cause a denial of service (NULL ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9813
+CVE-2014-9813 (ImageMagick allows remote attackers to cause a denial of service (appl ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9814
+CVE-2014-9814 (ImageMagick allows remote attackers to cause a denial of service (NULL ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9815
+CVE-2014-9815 (ImageMagick allows remote attackers to cause a denial of service (appl ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9816
+CVE-2014-9816 (ImageMagick allows remote attackers to cause a denial of service (out- ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9817
+CVE-2014-9817 (Heap-based buffer overflow in ImageMagick allows remote attackers to h ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9818
+CVE-2014-9818 (ImageMagick allows remote attackers to cause a denial of service (out- ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9819
+CVE-2014-9819 (Heap-based buffer overflow in ImageMagick allows remote attackers to h ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9820
+CVE-2014-9820 (Heap-based buffer overflow in ImageMagick allows remote attackers to h ...)
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
-CVE-2014-9821
+CVE-2014-9821 (Heap-based buffer overflow in ImageMagick allows remote attackers to h ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9822
+CVE-2014-9822 (Heap-based buffer overflow in ImageMagick allows remote attackers to h ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9823
+CVE-2014-9823 (Heap-based buffer overflow in ImageMagick allows remote attackers to h ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9824
+CVE-2014-9824 (Heap-based buffer overflow in ImageMagick allows remote attackers to h ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9825
+CVE-2014-9825 (Heap-based buffer overflow in ImageMagick allows remote attackers to h ...)
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
-CVE-2014-9826
+CVE-2014-9826 (ImageMagick allows remote attackers to have unspecified impact via vec ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <no-dsa> (No apparent security impact)
-CVE-2014-9827
+CVE-2014-9827 (coders/xpm.c in ImageMagick allows remote attackers to have unspecifie ...)
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
-CVE-2014-9828
+CVE-2014-9828 (coders/psd.c in ImageMagick allows remote attackers to have unspecifie ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9829
+CVE-2014-9829 (coders/sun.c in ImageMagick allows remote attackers to cause a denial  ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9830
+CVE-2014-9830 (coders/sun.c in ImageMagick allows remote attackers to have unspecifie ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9831
+CVE-2014-9831 (coders/wpg.c in ImageMagick allows remote attackers to have unspecifie ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9832
+CVE-2014-9832 (Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9833
+CVE-2014-9833 (Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9834
+CVE-2014-9834 (Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9835
+CVE-2014-9835 (Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9836
+CVE-2014-9836 (ImageMagick 6.8.9-9 allows remote attackers to cause a denial of servi ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9837
+CVE-2014-9837 (coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote att ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9838
+CVE-2014-9838 (magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9839
+CVE-2014-9839 (magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attacke ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9840
+CVE-2014-9840 (ImageMagick 6.8.9-9 allows remote attackers to cause a denial of servi ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9841
+CVE-2014-9841 (The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allo ...)
 	{DLA-960-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9842
+CVE-2014-9842 (Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagi ...)
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (Leak in a code path that does not exist in this version)
-CVE-2014-9843
+CVE-2014-9843 (The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 al ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9844
+CVE-2014-9844 (The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allow ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9845
+CVE-2014-9845 (The ReadDIBImage function in coders/dib.c in ImageMagick allows remote ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9846
+CVE-2014-9846 (Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageM ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9847
+CVE-2014-9847 (The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9848
+CVE-2014-9848 (Memory leak in ImageMagick allows remote attackers to cause a denial o ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9849
+CVE-2014-9849 (The png coder in ImageMagick allows remote attackers to cause a denial ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9850
+CVE-2014-9850 (Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a  ...)
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (Affected section of code not present in wheezy; examine diff introduced by commit 2257d1eadd02d89d225fce21013a1219d221dc7d with context of 20)
 	NOTE: patch supposed to be https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/patch/?id=2257d1eadd02d89d225fce21013a1219d221dc7d
-CVE-2014-9851
+CVE-2014-9851 (ImageMagick 6.8.9.9 allows remote attackers to cause a denial of servi ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	NOTE: https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/patch/?id=33b2d377b94eb738011bc7d5e90ca0a16ce4d471
-CVE-2014-9852
+CVE-2014-9852 (distribute-cache.c in ImageMagick re-uses objects after they have been ...)
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	[wheezy] - imagemagick <not-affected> (distribute-cache.c does not exist in 6.7.7.10)
-CVE-2014-9853
+CVE-2014-9853 (Memory leak in coders/rle.c in ImageMagick allows remote attackers to  ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9854
+CVE-2014-9854 (coders/tiff.c in ImageMagick allows remote attackers to cause a denial ...)
 	{DLA-731-1}
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
-CVE-2014-9802
+CVE-2014-9802 (Multiple integer overflows in lib/libfdt/fdt.c in the Qualcomm compone ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9801
+CVE-2014-9801 (Multiple integer overflows in lib/libfdt/fdt_rw.c in the Qualcomm comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9800
+CVE-2014-9800 (Integer overflow in lib/heap/heap.c in the Qualcomm components in Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9799
+CVE-2014-9799 (The makefile in the Qualcomm components in Android before 2016-07-05 o ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9798
+CVE-2014-9798 (platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android b ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2014-9797
 	REJECTED
-CVE-2014-9796
+CVE-2014-9796 (app/aboot/aboot.c in the Qualcomm components in Android before 2016-07 ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9795
+CVE-2014-9795 (app/aboot/aboot.c in the Qualcomm components in Android before 2016-07 ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2014-9794
 	REJECTED
-CVE-2014-9793
+CVE-2014-9793 (platform/msm_shared/mmc.c in the Qualcomm components in Android before ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9792
+CVE-2014-9792 (arch/arm/mach-msm/ipc_router.c in the Qualcomm components in Android b ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2014-9791
 	REJECTED
-CVE-2014-9790
+CVE-2014-9790 (drivers/mmc/core/debugfs.c in the Qualcomm components in Android befor ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2014-9789
+CVE-2014-9789 (The (1) alloc and (2) free APIs in arch/arm/mach-msm/qdsp6v2/msm_audio ...)
 	- linux <not-affected> (Android-specific)
-CVE-2014-9788
+CVE-2014-9788 (Multiple buffer overflows in the voice drivers in the Qualcomm compone ...)
 	- linux <not-affected> (Android-specific)
-CVE-2014-9787
+CVE-2014-9787 (Integer overflow in drivers/misc/qseecom.c in the Qualcomm components  ...)
 	- linux <not-affected> (Android-specific)
-CVE-2014-9786
+CVE-2014-9786 (Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sen ...)
 	- linux <not-affected> (Android-specific)
-CVE-2014-9785
+CVE-2014-9785 (drivers/misc/qseecom.c in the Qualcomm components in Android before 20 ...)
 	- linux <not-affected> (Android-specific)
-CVE-2014-9784
+CVE-2014-9784 (Multiple buffer overflows in drivers/char/diag/diag_debugfs.c in the Q ...)
 	- linux <not-affected> (Android-specific)
-CVE-2014-9783
+CVE-2014-9783 (drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualc ...)
 	- linux <not-affected> (Android-specific)
-CVE-2014-9782
+CVE-2014-9782 (drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in ...)
 	- linux <not-affected> (Android-specific)
-CVE-2014-9781
+CVE-2014-9781 (Buffer overflow in drivers/video/fbcmap.c in the Qualcomm components i ...)
 	- linux <not-affected> (Android-specific)
-CVE-2014-9780
+CVE-2014-9780 (drivers/video/msm/mdss/mdp3_ctrl.c in the Qualcomm components in Andro ...)
 	- linux <not-affected> (Android-specific)
-CVE-2014-9779
+CVE-2014-9779 (arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components i ...)
 	- linux <not-affected> (Android-specific)
-CVE-2014-9778
+CVE-2014-9778 (The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/com ...)
 	- linux <not-affected> (Android-specific)
-CVE-2014-9777
+CVE-2014-9777 (The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common ...)
 	- linux <not-affected> (Android-specific)
 CVE-2014-9776
 	RESERVED
@@ -654,37 +654,37 @@ CVE-2014-9775
 	RESERVED
 CVE-2014-9774
 	RESERVED
-CVE-2014-9773
+CVE-2014-9773 (modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attacker ...)
 	- atheme-services 7.0.7-2
 	[jessie] - atheme-services <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/atheme/atheme/issues/397
 	NOTE: Fixed by: https://github.com/atheme/atheme/commit/c597156adc60a45b5f827793cd420945f47bc03b
 	NOTE: Introduced in: https://github.com/atheme/atheme/commit/5c734f28068cf47b9b450af4dcf37195734b15be
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2
-CVE-2014-9772
+CVE-2014-9772 (The validator package before 2.0.0 for Node.js allows remote attackers ...)
 	- validator.js <not-affected> (Fixed before initial release)
-CVE-2014-9771
+CVE-2014-9771 (Integer overflow in imlib2 before 1.4.7 allows remote attackers to cau ...)
 	{DSA-3555-1}
 	- imlib2 1.4.7-1 (bug #820206)
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=143f299
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1324774
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/3
-CVE-2014-9770
+CVE-2014-9770 (tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions fo ...)
 	- systemd 215-1
 	[wheezy] - systemd <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=972612
 	NOTE: Introduced by: https://github.com/systemd/systemd/commit/a606871da508995f5ede113a8fc6538afd98966c (v213)
 	NOTE: Fixed by (for volatile journals): https://github.com/systemd/systemd/commit/176f2acf8dee45fee832fd2ab07243f63783a238 (v214)
-CVE-2014-9769
+CVE-2014-9769 (pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to o ...)
 	- pcre3 2:8.38-1 (bug #819050)
 	[jessie] - pcre3 2:8.35-3.3+deb8u4
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
 	NOTE: Upstream fix: http://vcs.pcre.org/pcre?view=revision&revision=1475 (8.36)
 	NOTE: Introduced in: http://vcs.pcre.org/pcre?view=revision&revision=1434 (8.35)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/26/1
-CVE-2014-9768
+CVE-2014-9768 (** DISPUTED ** IBM Tivoli NetView Access Services (NVAS) allows remote ...)
 	NOT-FOR-US: Tivoli
-CVE-2014-9767
+CVE-2014-9767 (Directory traversal vulnerability in the ZipArchive::extractTo functio ...)
 	- hhvm 3.12.1+dfsg-1
 	- php5 5.6.13+dfsg-1
 	[jessie] - php5 5.6.13+dfsg-0+deb8u1
@@ -692,29 +692,29 @@ CVE-2014-9767
 	NOTE: https://bugs.php.net/bug.php?id=70350
 	NOTE: https://bugs.php.net/bug.php?id=67996
 	NOTE: https://github.com/facebook/hhvm/commit/65c95a01541dd2fbc9c978ac53bed235b5376686
-CVE-2014-9766
+CVE-2014-9766 (Integer overflow in the create_bits function in pixman-bits-image.c in ...)
 	{DSA-3525-1 DLA-429-1}
 	- pixman 0.32.6-1
 	NOTE: https://lists.freedesktop.org/archives/pixman/2014-April/003244.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=972647
-CVE-2014-9765
+CVE-2014-9765 (Buffer overflow in the main_get_appheader function in xdelta3-main.h i ...)
 	{DSA-3484-1 DLA-417-1}
 	- xdelta3 3.0.8-dfsg-1.1 (bug #814067)
 	NOTE: https://github.com/jmacd/xdelta-devel/commit/ef93ff74203e030073b898c05e8b4860b5d09ef2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/08/1
-CVE-2014-9764
+CVE-2014-9764 (imlib2 before 1.4.7 allows remote attackers to cause a denial of servi ...)
 	{DSA-3537-1 DLA-401-1}
 	- imlib2 1.4.7-1
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=1f9b0b32728803a1578e658cd0955df773e34f49
-CVE-2014-9763
+CVE-2014-9763 (imlib2 before 1.4.7 allows remote attackers to cause a denial of servi ...)
 	{DSA-3537-1 DLA-401-1}
 	- imlib2 1.4.7-1
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=c21beaf1780cf3ca291735ae7d58a3dde63277a2
-CVE-2014-9762
+CVE-2014-9762 (imlib2 before 1.4.7 allows remote attackers to cause a denial of servi ...)
 	{DSA-3537-1 DLA-401-1}
 	- imlib2 1.4.7-1
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=39641e74a560982fbf93f29bf96b37d27803cb56
-CVE-2014-9761
+CVE-2014-9761 (Multiple stack-based buffer overflows in the GNU C Library (aka glibc  ...)
 	{DLA-411-1}
 	- glibc 2.23-1 (bug #813187)
 	[jessie] - glibc <no-dsa> (Minor issue)
@@ -724,44 +724,44 @@ CVE-2014-9761
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e02cabecf0d025ec4f4ddee290bdf7aadb873bb3
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8f5e8b01a1da2a207228f2072c934fa5918554b8
 	NOTE: Fixed for 2.23 upstream
-CVE-2014-9760
+CVE-2014-9760 (Cross-site scripting (XSS) vulnerability in the displayLogin function  ...)
 	- gosa 2.7.4+reloaded1-5
 	[wheezy] - gosa 2.7.4-4.3~deb7u2
 	[squeeze] - gosa 2.6.11-3+squeeze4
 	NOTE: Fixed in 2.7.4+reloaded1-3 with follow-up fix in 2.7.4+reloaded1-5
 	NOTE: https://github.com/gosa-project/gosa-core/commit/e35b990464a2c2cf64d6833a217ed944876e7732
-CVE-2014-9759
+CVE-2014-9759 (Incomplete blacklist vulnerability in the config_is_private function i ...)
 	- mantis <not-affected> (Affects >= 1.3.0-beta.1)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/7927c275
 	NOTE: https://sourceforge.net/p/mantisbt/mailman/message/32948048/
 	NOTE: https://mantisbt.org/bugs/view.php?id=20277
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/02/1
-CVE-2014-9758
+CVE-2014-9758 (Cross-site scripting (XSS) vulnerability in Magento E-Commerce Platfor ...)
 	NOT-FOR-US: Magento
-CVE-2014-9757
+CVE-2014-9757 (The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before ...)
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2014-9755
+CVE-2014-9755 (The hardware VPN client in Viprinet MultichannelVPN Router 300 version ...)
 	NOT-FOR-US: Viprinet
-CVE-2014-9754
+CVE-2014-9754 (The hardware VPN client in Viprinet MultichannelVPN Router 300 version ...)
 	NOT-FOR-US: Viprinet
-CVE-2014-9756
+CVE-2014-9756 (The psf_fwrite function in file_io.c in libsndfile allows attackers to ...)
 	{DLA-928-1 DLA-356-1}
 	- libsndfile 1.0.25-10 (bug #804447)
 	[jessie] - libsndfile 1.0.25-9.1+deb8u1
 	NOTE: https://github.com/erikd/libsndfile/commit/725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6
 CVE-2014-9753
 	RESERVED
-CVE-2014-9752
+CVE-2014-9752 (Unrestricted file upload vulnerability in mods/_core/properties/lib/co ...)
 	NOT-FOR-US: ATutor
-CVE-2014-9751
+CVE-2014-9751 (The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before ...)
 	{DSA-3154-1 DLA-149-1}
 	- ntp 1:4.2.6.p5+dfsg-4
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2672 (not yet public)
-CVE-2014-9750
+CVE-2014-9750 (ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentic ...)
 	{DSA-3154-2 DSA-3154-1 DLA-149-1}
 	- ntp 1:4.2.6.p5+dfsg-5
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2671
-CVE-2014-9749
+CVE-2014-9749 (Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest auth ...)
 	- squid <not-affected> (related code not present in 2.7.X)
 	- squid3 3.4.8-6 (bug #776464)
 	[wheezy] - squid3 <no-dsa> (Minor issue)
@@ -774,7 +774,7 @@ CVE-2014-9748
 	- libuv 1.7.4-1 (unimportant)
 	- nodejs 4.0.0~dfsg-1 (unimportant)
 	NOTE: Only affects Windows
-CVE-2014-9745
+CVE-2014-9745 (The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 ...)
 	{DSA-3370-1 DLA-319-1}
 	- freetype 2.6-1 (bug #798620)
 	NOTE: https://launchpad.net/bugs/1492124
@@ -782,7 +782,7 @@ CVE-2014-9745
 	NOTE: https://savannah.nongnu.org/bugs/?41590
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75 (VER-2-5-3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/4
-CVE-2014-9746
+CVE-2014-9746 (The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse ...)
 	{DSA-3370-1 DLA-319-1}
 	- freetype 2.6-1 (bug #798619)
 	NOTE: https://launchpad.net/bugs/1449225
@@ -790,7 +790,7 @@ CVE-2014-9746
 	NOTE: https://savannah.nongnu.org/bugs/?41309
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1 (VER-2-5-3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/4
-CVE-2014-9747
+CVE-2014-9747 (The t42_parse_encoding function in type42/t42parse.c in FreeType befor ...)
 	{DSA-3370-1 DLA-319-1}
 	- freetype 2.6-1 (bug #798619)
 	NOTE: https://launchpad.net/bugs/1449225
@@ -798,20 +798,20 @@ CVE-2014-9747
 	NOTE: https://savannah.nongnu.org/bugs/?41309
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1 (VER-2-5-3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/4
-CVE-2014-9744
+CVE-2014-9744 (Memory leak in PolarSSL before 1.3.9 allows remote attackers to cause  ...)
 	- polarssl 1.3.9-1
 	[wheezy] - polarssl <not-affected> (Affects only 1.3.x series)
 	[squeeze] - polarssl <not-affected> (Affects only 1.3.x series)
-CVE-2014-9743
+CVE-2014-9743 (Cross-site scripting (XSS) vulnerability in the httpd_HtmlError functi ...)
 	- vlc 2.2.0~rc2-1
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - vlc <end-of-life> (Unsupported in wheezy-lts)
-CVE-2014-9742
+CVE-2014-9742 (The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x bef ...)
 	{DLA-449-1}
 	- botan1.10 1.10.8-1
 	NOTE: Introduced in 1.8.3, fixed in 1.10.8 and 1.11.9
 	NOTE: http://botan.randombit.net/security.html
-CVE-2014-9939
+CVE-2014-9939 (ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow wh ...)
 	{DLA-552-1 DLA-324-1}
 	- binutils 2.25.90.20151125-1
 	[jessie] - binutils <ignored> (Minor issue)
@@ -819,55 +819,55 @@ CVE-2014-9939
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/31/6
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18750
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=7e27a9d5f22f9f7ead11738b1546d0b5c737266b
-CVE-2014-8878
+CVE-2014-8878 (KDE KMail does not encrypt attachments in emails when "automatic encry ...)
 	- kdepim 4:4.14.5-1 (bug #791800)
 	[jessie] - kdepim <no-dsa> (Minor issue)
 	[wheezy] - kdepim <no-dsa> (Minor issue)
 	[squeeze] - kdepim <not-affected> (Bogus condition not present)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=340312
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/15/5
-CVE-2014-9741
+CVE-2014-9741 (Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for ...)
 	NOT-FOR-US: ArcGIS
-CVE-2014-9740
+CVE-2014-9740 (Cross-site scripting (XSS) vulnerability in the Rules Link module 7.x- ...)
 	NOT-FOR-US: Rules Link module for Drupal
-CVE-2014-9739
+CVE-2014-9739 (Cross-site scripting (XSS) vulnerability in the Node Field module 7.x- ...)
 	NOT-FOR-US: Node Field module for Drupal
-CVE-2014-9738
+CVE-2014-9738 (Multiple cross-site scripting (XSS) vulnerabilities in the Tournament  ...)
 	NOT-FOR-US: Tournament module for Drupal
-CVE-2014-9737
+CVE-2014-9737 (Open redirect vulnerability in the Language Switcher Dropdown module 7 ...)
 	NOT-FOR-US: Language Switcher Dropdown module for Drupal
-CVE-2014-9736
+CVE-2014-9736 (GE Healthcare Centricity Clinical Archive Audit Trail Repository has a ...)
 	NOT-FOR-US: GE Healthcare Centricity Clinical Archive Audit Trail Repository
-CVE-2014-9735
+CVE-2014-9735 (The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for  ...)
 	NOT-FOR-US: WordPress plugins ThemePunch Slider Revolution (revslider) and Showbiz Pro
-CVE-2014-9734
+CVE-2014-9734 (Directory traversal vulnerability in the Slider Revolution (revslider) ...)
 	NOT-FOR-US: Slider Revolution (revslider) plugin for WordPress
-CVE-2014-9733
+CVE-2014-9733 (nw.js before 0.11.5 can simulate user input events in a normal frame,  ...)
 	NOT-FOR-US: nw.js
-CVE-2014-9727
+CVE-2014-9727 (AVM Fritz!Box allows remote attackers to execute arbitrary commands vi ...)
 	NOT-FOR-US: AVM Fritz!Box
-CVE-2014-9731
+CVE-2014-9731 (The UDF filesystem implementation in the Linux kernel before 3.18.2 do ...)
 	{DLA-246-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.68-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14 (v3.19-rc3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/03/4
-CVE-2014-9730
+CVE-2014-9730 (The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel be ...)
 	{DLA-246-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.68-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9 (v3.19-rc3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/02/7
-CVE-2014-9729
+CVE-2014-9729 (The udf_read_inode function in fs/udf/inode.c in the Linux kernel befo ...)
 	{DLA-246-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.68-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e159332b9af4b04d882dbcfe1bb0117f0a6d4b58 (v3.19-rc3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/02/7
-CVE-2014-9728
+CVE-2014-9728 (The UDF filesystem implementation in the Linux kernel before 3.18.2 do ...)
 	{DLA-246-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.68-1
@@ -895,13 +895,13 @@ CVE-2014-9720
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1222816
 CVE-2014-9719
 	RESERVED
-CVE-2014-9721
+CVE-2014-9721 (libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to  ...)
 	{DSA-3255-1}
 	- zeromq3 4.0.5+dfsg-3 (bug #784366)
 	NOTE: https://github.com/zeromq/libzmq/issues/1273
 	NOTE: https://github.com/zeromq/zeromq4-x/commit/b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/8
-CVE-2014-9717
+CVE-2014-9717 (fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH u ...)
 	- linux 4.0.2-1 (low)
 	[jessie] - linux <ignored> (Too intrusive to backport)
 	[wheezy] - linux <not-affected> (user namespaces known broken before 3.5, see kernel-sec info)
@@ -910,11 +910,11 @@ CVE-2014-9717
 	NOTE: Proposed fixes: http://www.spinics.net/lists/linux-containers/msg30786.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/17/4
 	NOTE: CVE assignement for issue in http://marc.info/?l=linux-kernel&m=141271552117745&w=2
-CVE-2014-9716
+CVE-2014-9716 (Cross-site scripting (XSS) vulnerability in WebODF before 0.5.4 allows ...)
 	- owncloud <not-affected> (embedded partial copy doesn't contain the related code)
 	- owncloud-documents <not-affected> (embedded partial copy doesn't contain the related code)
 	- webodf <itp> (bug #727529)
-CVE-2014-9715
+CVE-2014-9715 (include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem ...)
 	{DSA-3237-1}
 	- linux 3.14.5-1 (bug #741667)
 	- linux-2.6 <not-affected> (Introduced in 3.6)
@@ -923,28 +923,28 @@ CVE-2014-9715
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5b423f6a40a0327f9d40bc8b97ce9be266f74368 (v3.6-rc5)
 	NOTE: Introduced in 3.2.x in https://git.kernel.org/cgit/linux/kernel/git/bwh/linux-3.2.y.git/commit/?id=cc1b75d796ad050c83c95733c4220aaa04fa1304 (v3.2.33)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/08/1
-CVE-2014-9714
+CVE-2014-9714 (Cross-site scripting (XSS) vulnerability in the WddxPacket::recursiveA ...)
 	- hhvm 3.11.0+dfsg-1
 	NOTE: https://github.com/facebook/hhvm/commit/324701c9fd31beb4f070f1b7ef78b115fbdfec34
-CVE-2014-9712
+CVE-2014-9712 (Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 b ...)
 	NOT-FOR-US: Websense TRITON V-Series appliances
-CVE-2014-9713
+CVE-2014-9713 (The default slapd configuration in the Debian openldap package 2.4.23- ...)
 	{DSA-3209-1 DLA-203-1}
 	- openldap 2.4.40-2 (bug #761406)
-CVE-2014-9711
+CVE-2014-9711 (Multiple cross-site scripting (XSS) vulnerabilities in the Investigati ...)
 	NOT-FOR-US: Websense
-CVE-2014-9708
+CVE-2014-9708 (Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attac ...)
 	NOT-FOR-US: Appweb Web Server
-CVE-2014-9707
+CVE-2014-9707 (EmbedThis GoAhead 3.0.0 through 3.4.1 does not properly handle path se ...)
 	NOT-FOR-US: GoAhead Web Server
-CVE-2014-9710
+CVE-2014-9710 (The Btrfs implementation in the Linux kernel before 3.19 does not ensu ...)
 	- linux 3.16.7-ckt9-1
 	[wheezy] - linux <no-dsa> (btrfs in 3.2 is just a tech preview and not usable for production)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (btrfs in 2.6.32 is just a tech preview and not usable for production)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339 (v3.19-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/24/11
-CVE-2014-9718
+CVE-2014-9718 (The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in  ...)
 	{DSA-3259-1}
 	- qemu 1:2.3+dfsg-1 (unimportant; bug #781250)
 	[wheezy] - qemu <postponed> (Can be fixed along in later update)
@@ -957,7 +957,7 @@ CVE-2014-9718
 	NOTE: mitigated using some kind of resource limits in security-sensitive environments,
 	NOTE: and looping can trivially be done inside the virtual machine just fine, achieving
 	NOTE: the same effect
-CVE-2014-9706
+CVE-2014-9706 (The build_index_from_tree function in index.py in Dulwich before 0.9.9 ...)
 	{DSA-3206-1}
 	- dulwich 0.10.1-1 (bug #780989)
 	[jessie] - dulwich 0.9.7-3
@@ -976,7 +976,7 @@ CVE-2014-9699
 	RESERVED
 CVE-2014-9698
 	RESERVED
-CVE-2014-9709
+CVE-2014-9709 (The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used  ...)
 	{DSA-3215-1 DLA-189-1}
 	- libgd2 2.1.0-5
 	- php5 5.6.5+dfsg-1 (unimportant)
@@ -988,60 +988,60 @@ CVE-2014-9709
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=5fc2fede9c7c963c950d8b96dcc0f7af88b4d695
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd, the embedded copy was fixed upstream in 5.6.5
 	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/469990b43c294692493f15f8400560fe5d966a02
-CVE-2014-9701
+CVE-2014-9701 (Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.19 and ...)
 	- mantis <removed> (bug #780875)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Fixed by https://github.com/mantisbt/mantisbt/commit/d95f070d (1.2.x)
 	NOTE: http://article.gmane.org/gmane.comp.security.oss.general/15022
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=19493
-CVE-2014-9697
+CVE-2014-9697 (Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote attack ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9696
+CVE-2014-9696 (The Hyper Module Management (HMM) software of Huawei Tecal E9000 Chass ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9695
+CVE-2014-9695 (The Hyper Module Management (HMM) software of Huawei Tecal E9000 Chass ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9694
+CVE-2014-9694 (Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal R ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9693
+CVE-2014-9693 (Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal R ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9692
+CVE-2014-9692 (Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal R ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9691
+CVE-2014-9691 (Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal R ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9690
+CVE-2014-9690 (Huawei home gateways WS318 with software V100R001C01B022 and earlier v ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9705
+CVE-2014-9705 (Heap-based buffer overflow in the enchant_broker_request_dict function ...)
 	{DSA-3195-1 DLA-212-1}
 	- php5 5.6.6+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68552
 	NOTE: http://svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/10/6
-CVE-2014-9689
+CVE-2014-9689 (content/renderer/device_sensors/device_orientation_event_pump.cc in Go ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-9688
+CVE-2014-9688 (Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for  ...)
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2014-9687
+CVE-2014-9687 (eCryptfs 104 and earlier uses a default salt to encrypt the mount pass ...)
 	- ecryptfs-utils 103-4 (bug #780385)
 	[wheezy] - ecryptfs-utils <no-dsa> (Minor issue)
 	[squeeze] - ecryptfs-utils <no-dsa> (Minor issue)
 	NOTE: http://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/839
-CVE-2014-9686
+CVE-2014-9686 (The Googlemaps plugin 3.2 and earlier for Joomla! allows remote attack ...)
 	NOT-FOR-US: Googlemaps plugin for Joomla!
-CVE-2014-9685
+CVE-2014-9685 (Multiple cross-site scripting (XSS) vulnerabilities in Vanilla Forums  ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2014-9684
+CVE-2014-9684 (OpenStack Image Registry and Delivery Service (Glance) 2014.2 through  ...)
 	- glance <not-affected> (Only affects 2014.2.x releases, only present in experimental)
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: https://review.openstack.org/#/c/122427/
-CVE-2014-9683
+CVE-2014-9683 (Off-by-one error in the ecryptfs_decode_from_filename function in fs/e ...)
 	{DSA-3170-1 DLA-246-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=942080643bce061c3dd9d5718d3b745dcb39a8bc (v3.19-rc1)
-CVE-2014-9682
+CVE-2014-9682 (The dns-sync module before 0.1.1 for node.js allows context-dependent  ...)
 	NOT-FOR-US: node-dns-sync
 CVE-2014-XXXX [more to CVE-2014-6585]
 	[experimental] - icu 55.1-1
@@ -1051,11 +1051,11 @@ CVE-2014-XXXX [more to CVE-2014-6585]
 	[squeeze] - icu <not-affected> (All relevant changes already applied)
 	NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37086
 	NOTE: icu_4.4.1-8+squeeze3 already has the full patch except for the changes in source/layout/ContextualSubstSubtables.cpp which are commented out anyway... and the remaining if test is probably only meaningful when the backtrackClassArray call is uncommented.
-CVE-2014-9678
+CVE-2014-9678 (FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers  ...)
 	NOT-FOR-US: FlexPaper
-CVE-2014-9677
+CVE-2014-9677 (Cross-site scripting (XSS) vulnerability in FlexPaperViewer.swf in Fle ...)
 	NOT-FOR-US: FlexPaper
-CVE-2014-9676
+CVE-2014-9676 (The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 ...)
 	{DLA-464-1}
 	- ffmpeg <not-affected> (Vulnerable code not present in a ffmpeg version in the archive)
 	- libav 6:11.2-1
@@ -1063,59 +1063,59 @@ CVE-2014-9676
 	NOTE: ffmpeg: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=169065fbfb3da1ab776379c333aebc54bb1f1bc4
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=b3f04657368a32a9903406395f865e230b1de348
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/04/10
-CVE-2014-9675
+CVE-2014-9675 (bdf/bdflib.c in FreeType before 2.5.4 identifies property names by onl ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=151
-CVE-2014-9674
+CVE-2014-9674 (The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType befor ...)
 	{DSA-3461-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=153
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e
-CVE-2014-9673
+CVE-2014-9673 (Integer signedness error in the Mac_Read_POST_Resource function in bas ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=154
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415
-CVE-2014-9672
+CVE-2014-9672 (Array index error in the parse_fond function in base/ftmac.c in FreeTy ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=155
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=18a8f0d9943369449bc4de92d411c78fb08d616c
-CVE-2014-9671
+CVE-2014-9671 (Off-by-one error in the pcf_get_properties function in pcf/pcfread.c i ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=157
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3
-CVE-2014-9670
+CVE-2014-9670 (Multiple integer signedness errors in the pcf_get_encodings function i ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=158
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6
-CVE-2014-9669
+CVE-2014-9669 (Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 a ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=163
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565
-CVE-2014-9668
+CVE-2014-9668 (The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4  ...)
 	- freetype 2.5.2-3 (bug #777656)
 	[wheezy] - freetype <not-affected> (Vulnerable code not present)
 	[squeeze] - freetype <not-affected> (Vulnerable code not present)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=164
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538
-CVE-2014-9667
+CVE-2014-9667 (sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length cal ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=166
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891
-CVE-2014-9666
+CVE-2014-9666 (The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before  ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=167
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439
-CVE-2014-9665
+CVE-2014-9665 (The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4  ...)
 	{DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	[wheezy] - freetype <not-affected> (Vulnerable code not present)
@@ -1123,57 +1123,57 @@ CVE-2014-9665
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=168
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=54abd22891bd51ef8b533b24df53b3019b5cee81
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b3500af717010137046ec4076d1e1c0641e33727
-CVE-2014-9664
+CVE-2014-9664 (FreeType before 2.5.4 does not check for the end of the data during ce ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=183
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd
-CVE-2014-9663
+CVE-2014-9663 (The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5 ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=184
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1
-CVE-2014-9662
+CVE-2014-9662 (cff/cf2ft.c in FreeType before 2.5.4 does not validate the return valu ...)
 	- freetype 2.5.2-3 (bug #777656)
 	[wheezy] - freetype <not-affected> (Vulnerable code not present)
 	[squeeze] - freetype <not-affected> (Vulnerable code not present)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=185
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5f201ab5c24cb69bc96b724fd66e739928d6c5e2
-CVE-2014-9661
+CVE-2014-9661 (type42/t42parse.c in FreeType before 2.5.4 does not consider that scan ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=187
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669
-CVE-2014-9660
+CVE-2014-9660 (The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5. ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=188
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab
-CVE-2014-9659
+CVE-2014-9659 (cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2. ...)
 	- freetype 2.5.2-3 (bug #777656)
 	[wheezy] - freetype <not-affected> (vulnerable code not present and thus incomplete fix not applied as well)
 	[squeeze] - freetype <not-affected> (vulnerable code not present and thus incomplete fix not applied as well)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=190
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8
 	NOTE: CVE due to incomplete fix for CVE-2014-2240
-CVE-2014-9658
+CVE-2014-9658 (The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5 ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=194
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c
-CVE-2014-9657
+CVE-2014-9657 (The tt_face_load_hdmx function in truetype/ttpload.c in FreeType befor ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=195
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55
-CVE-2014-9656
+CVE-2014-9656 (The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType b ...)
 	{DSA-3188-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=196
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f0292bb9920aa1dbfed5f53861e7c7a89b35833a
-CVE-2014-9679
+CVE-2014-9679 (Integer underflow in the cupsRasterReadPixels function in filter/raste ...)
 	{DSA-3172-1 DLA-159-1}
 	[experimental] - cups 2.0.2-1
 	- cups 1.7.5-11 (bug #778387)
@@ -1183,7 +1183,7 @@ CVE-2014-9679
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/10/15
 CVE-2014-9681
 	REJECTED
-CVE-2014-9680
+CVE-2014-9680 (sudo before 1.8.12 does not ensure that the TZ environment variable is ...)
 	{DSA-3167-1 DLA-160-1}
 	- sudo 1.8.12-1 (bug #772707)
 	[jessie] - sudo 1.8.10p3-1+deb8u2
@@ -1195,56 +1195,56 @@ CVE-2014-9680
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/09/12
 CVE-2014-XXXX [RPATH set to untrusted directory]
 	[experimental] - noise <unfixed> (bug #759868)
-CVE-2014-9655
+CVE-2014-9655 (The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeX ...)
 	{DSA-3273-1 DLA-610-1 DLA-221-1}
 	- tiff 4.0.3-12.1 (bug #777390)
 	- tiff3 <removed>
 	NOTE: http://lcamtuf.coredump.cx/afl/vulns/libtiff-cvs-1.tif
 	NOTE: http://lcamtuf.coredump.cx/afl/vulns/libtiff-cvs-2.tif
-CVE-2014-9654
+CVE-2014-9654 (The Regular Expressions package in International Components for Unicod ...)
 	{DSA-3187-1 DLA-219-1}
 	- icu 52.1-7.1 (bug #776719)
 	NOTE: https://ssl.icu-project.org/trac/changeset/36801
 	NOTE: https://chromium.googlesource.com/chromium/deps/icu/+/dd727641e190d60e4593bcb3a35c7f51eb4925c5
-CVE-2014-9653
+CVE-2014-9653 (readelf.c in file before 5.22, as used in the Fileinfo component in PH ...)
 	{DSA-3196-1 DLA-204-1}
 	- file 1:5.22+15-1 (bug #777585)
 	- php5 <not-affected> (readelf.c not used and even removed in 5.4.36-0+deb7u3)
 	NOTE: http://bugs.gw.com/view.php?id=409
 	NOTE: http://mx.gw.com/pipermail/file/2014/001649.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/04/13
-CVE-2014-9983
+CVE-2014-9983 (Directory Traversal exists in RAR 4.x and 5.x because an unpack operat ...)
 	- rar 2:5.3.b2-1 (bug #774172)
 	[jessie] - rar <no-dsa> (Non-free not supported)
 	[wheezy] - rar <no-dsa> (Non-free not supported)
 	[squeeze] - rar <no-dsa> (Not fixed upstream and license does not allow modification)
 	NOTE: Version 5.21 upstream changes behaviour: by default rar skips symbolic links
 	NOTE: symbolic links with absolute paths in link target when extracting.
-CVE-2014-9648
+CVE-2014-9648 (components/navigation_interception/intercept_navigation_resource_throt ...)
 	- chromium-browser <not-affected> (Chrome on Android)
-CVE-2014-9647
+CVE-2014-9647 (Use-after-free vulnerability in PDFium, as used in Google Chrome befor ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-9646
+CVE-2014-9646 (Unquoted Windows search path vulnerability in the GoogleChromeDistribu ...)
 	- chromium-browser <not-affected> (Windows specific problem for chromium-browser)
-CVE-2014-9643
+CVE-2014-9643 (K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and T ...)
 	NOT-FOR-US: K7 components for Windows
-CVE-2014-9642
+CVE-2014-9642 (bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protect ...)
 	NOT-FOR-US: BullGuard components
-CVE-2014-9641
+CVE-2014-9641 (The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, ...)
 	NOT-FOR-US: Trend Micro
-CVE-2014-9633
+CVE-2014-9633 (The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote at ...)
 	NOT-FOR-US: COMODO Backup
-CVE-2014-9632
+CVE-2014-9632 (The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 ...)
 	NOT-FOR-US: AVG
-CVE-2014-9644
+CVE-2014-9644 (The Crypto API in the Linux kernel before 3.18.5 allows local users to ...)
 	{DSA-3170-1}
 	- linux 3.16.7-ckt4-2
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in v2.6.38-rc1)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4943ba16bbc2 (v3.19-rc1)
-CVE-2014-9645
+CVE-2014-9645 (The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 ...)
 	{DLA-1445-1}
 	- busybox 1:1.22.0-15 (low; bug #776186)
 	[wheezy] - busybox <no-dsa> (Minor issue)
@@ -1253,7 +1253,7 @@ CVE-2014-9645
 	NOTE: http://git.busybox.net/busybox/commit/?id=4e314faa0aecb66717418e9a47a4451aec59262b
 CVE-2014-9631
 	RESERVED
-CVE-2014-9638
+CVE-2014-9638 (oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial ...)
 	{DLA-1010-1 DLA-317-1}
 	- vorbis-tools 1.4.0-7 (unimportant; bug #776086)
 	[jessie] - vorbis-tools 1.4.0-6+deb8u1
@@ -1262,7 +1262,7 @@ CVE-2014-9638
 	NOTE: Fixed by: https://github.com/mark4o/opus-tools/commit/8c412e619b83eb6dd32191909cf6672e93e5802e
 	NOTE: No security impact
 	NOTE: proposed patch: http://lists.xiph.org/pipermail/vorbis-dev/2015-February/020423.html
-CVE-2014-9639
+CVE-2014-9639 (Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attacke ...)
 	{DLA-1010-1 DLA-317-1}
 	- vorbis-tools 1.4.0-7 (low; bug #776086)
 	[jessie] - vorbis-tools 1.4.0-6+deb8u1
@@ -1273,20 +1273,20 @@ CVE-2014-9639
 	NOTE: https://trac.xiph.org/ticket/2136
 	NOTE: Fixed by: https://github.com/mark4o/opus-tools/commit/8c412e619b83eb6dd32191909cf6672e93e5802e
 	NOTE: proposed patch: http://lists.xiph.org/pipermail/vorbis-dev/2015-February/020423.html
-CVE-2014-9640
+CVE-2014-9640 (oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause ...)
 	{DLA-1010-1 DLA-317-1}
 	- vorbis-tools 1.4.0-6 (bug #771363)
 	[squeeze] - vorbis-tools <no-dsa> (Minor issue)
 	NOTE: https://trac.xiph.org/ticket/2009
 	NOTE: Upstream fix: https://trac.xiph.org/changeset/19117
-CVE-2014-9649
+CVE-2014-9649 (Cross-site scripting (XSS) vulnerability in the management plugin in R ...)
 	- rabbitmq-server 3.4.1-1
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	[wheezy] - rabbitmq-server <no-dsa> (Minor issue)
 	[squeeze] - rabbitmq-server <not-affected> (Management web UI not available in version 1.8.1)
 	NOTE: https://groups.google.com/forum/#!topic/rabbitmq-users/-3Z2FyGtXhs
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/21/13
-CVE-2014-9650
+CVE-2014-9650 (CRLF injection vulnerability in the management plugin in RabbitMQ 2.1. ...)
 	- rabbitmq-server 3.4.1-1
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	[wheezy] - rabbitmq-server <no-dsa> (Minor issue)
@@ -1294,10 +1294,10 @@ CVE-2014-9650
 	NOTE: https://groups.google.com/forum/#!topic/rabbitmq-users/-3Z2FyGtXhs
 	NOTE: Fixed by: https://github.com/rabbitmq/rabbitmq-management/commit/b5a5fc31bd49ad821a655ea9e2fe920d670a62ad
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/21/13
-CVE-2014-9732
+CVE-2014-9732 (The cabd_extract function in cabd.c in libmspack before 0.5 does not p ...)
 	- libmspack 0.5-1 (bug #774665)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2014-9637
+CVE-2014-9637 (GNU patch 2.7.2 and earlier allows remote attackers to cause a denial  ...)
 	- patch 2.7.1-7
 	[wheezy] - patch <not-affected> (Vulnerability introduced later)
 	[squeeze] - patch <not-affected> (Vulnerability introduced later)
@@ -1343,17 +1343,17 @@ CVE-2014-9625 [Buffer overflow in updater]
 	- vlc <not-affected> (Update mechanism not enabled in the Debian package)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14
-CVE-2014-9623
+CVE-2014-9623 (OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allo ...)
 	- glance 2014.1.3-12 (bug #776580)
 	[wheezy] - glance <no-dsa> (Minor issue)
 	NOTE: Versions: up to 2014.1.3 and 2014.2 version up to 2014.2.1
-CVE-2014-9619
+CVE-2014-9619 (Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/aja ...)
 	NOT-FOR-US: Netsweeper
-CVE-2014-9618
+CVE-2014-9618 (The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x befo ...)
 	NOT-FOR-US: Netsweeper
 CVE-2014-9617
 	RESERVED
-CVE-2014-9616
+CVE-2014-9616 (Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 a ...)
 	NOT-FOR-US: Netsweeper
 CVE-2014-9615
 	RESERVED
@@ -1363,9 +1363,9 @@ CVE-2014-9613
 	RESERVED
 CVE-2014-9612
 	RESERVED
-CVE-2014-9611
+CVE-2014-9611 (Netsweeper before 4.0.5 allows remote attackers to bypass authenticati ...)
 	NOT-FOR-US: Netsweeper
-CVE-2014-9610
+CVE-2014-9610 (Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 a ...)
 	NOT-FOR-US: Netsweeper
 CVE-2014-9609
 	RESERVED
@@ -1375,9 +1375,9 @@ CVE-2014-9607
 	RESERVED
 CVE-2014-9606
 	RESERVED
-CVE-2014-9605
+CVE-2014-9605 (WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x  ...)
 	NOT-FOR-US: Netsweeper
-CVE-2014-9604
+CVE-2014-9604 (libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a ze ...)
 	{DSA-3189-1}
 	- ffmpeg 7:2.5.1-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -1385,47 +1385,47 @@ CVE-2014-9604
 	NOTE: Applies to 0.8, but in different file (utvideo.c)
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=0ce3a0f9d9523a9bcad4c6d451ca5bbd7a4f420d
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f
-CVE-2014-9603
+CVE-2014-9603 (The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg before 2.5. ...)
 	- ffmpeg 7:2.5.1-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <not-affected> (Vulnerable code not present, reproducer tested with 8, 11 and trunk)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3030fb7e0d41836f8add6399e9a7c7b740b48bfd
-CVE-2014-9602
+CVE-2014-9602 (libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits a ...)
 	- ffmpeg 7:2.5.1-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
-CVE-2014-9601
+CVE-2014-9601 (Pillow before 2.7.0 allows remote attackers to cause a denial of servi ...)
 	- pillow 2.6.1-2 (bug #776303)
 	- python-imaging <removed>
 	[wheezy] - python-imaging <no-dsa> (Minor issue)
 	[squeeze] - python-imaging <no-dsa> (Minor issue)
 	NOTE: https://github.com/python-pillow/Pillow/commit/b3e09122e527ae554eb590741bbd7611d5710e40
 	NOTE: http://web.archive.org/web/20150921104441/http://pillow.readthedocs.org:80/releasenotes/2.7.0.html#png-text-chunk-size-limits
-CVE-2014-9600
+CVE-2014-9600 (Untrusted search path vulnerability in Macroplant iExplorer 3.6.3.0 al ...)
 	NOT-FOR-US: Macroplant iExplorer
-CVE-2014-9599
+CVE-2014-9599 (Cross-site scripting (XSS) vulnerability in the filemanager in b2evolu ...)
 	- b2evolution <removed>
-CVE-2014-9598
+CVE-2014-9598 (The picture_Release function in misc/picture.c in VideoLAN VLC media p ...)
 	NOTE: https://trac.videolan.org/vlc/ticket/13390
 	NOTE: http://seclists.org/fulldisclosure/2015/Jan/72
 	NOTE: This was originally reported for VLC; but upstream states that it is in libavcodec
 	NOTE: This seems to be Windows-specific issue, the reported error couldn't be reproduced
 	NOTE: with any ffmpeg release and libav/0.8.
-CVE-2014-9597
+CVE-2014-9597 (The picture_pool_Delete function in misc/picture_pool.c in VideoLAN VL ...)
 	NOTE: https://trac.videolan.org/vlc/ticket/13389
 	NOTE: http://seclists.org/fulldisclosure/2015/Jan/72
 	NOTE: This was originally reported for VLC; but upstream states that it is in libavcodec
 	NOTE: This seems to be Windows-specific issue, the reported error couldn't be reproduced
 	NOTE: with any ffmpeg release and libav/0.8.
-CVE-2014-9596
+CVE-2014-9596 (Panasonic Arbitrator Back-End Server (BES) MK 2.0 VPU before 9.3.1 bui ...)
 	NOT-FOR-US: Panasonic Arbitrator Back-End Server
-CVE-2014-9595
+CVE-2014-9595 (Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32- ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-9594
+CVE-2014-9594 (Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32- ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-9593
+CVE-2014-9593 (Apache CloudStack before 4.3.2 and 4.4.x before 4.4.2 allows remote at ...)
 	NOT-FOR-US: Apache CloudStack
-CVE-2014-9624
+CVE-2014-9624 (CAPTCHA bypass vulnerability in MantisBT before 1.2.19. ...)
 	- mantis <removed> (bug #780875)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
@@ -1436,15 +1436,15 @@ CVE-2014-XXXX [TYPO3-CORE-SA-2014-002: Multiple Vulnerabilities in TYPO3 CMS]
 	[wheezy] - typo3-src <end-of-life> (See DSA 3314)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/
-CVE-2014-9636
+CVE-2014-9636 (unzip 6.0 allows remote attackers to cause a denial of service (out-of ...)
 	{DSA-3152-1 DLA-150-1}
 	- unzip 6.0-15 (bug #776589)
 	NOTE: http://seclists.org/oss-sec/2014/q4/489
 	NOTE: http://seclists.org/oss-sec/2014/q4/507
 	NOTE: http://www.info-zip.org/phpBB3/viewtopic.php?f=7&t=450
-CVE-2014-9635
+CVE-2014-9635 (Jenkins before 1.586 does not set the HttpOnly flag in a Set-Cookie he ...)
 	- jenkins 1.565.3-3 (bug #769682)
-CVE-2014-9634
+CVE-2014-9634 (Jenkins before 1.586 does not set the secure flag on session cookies w ...)
 	- jenkins 1.565.3-3 (bug #769682)
 CVE-2014-999999
 	REJECTED
@@ -1485,165 +1485,165 @@ CVE-2014-10041
 	RESERVED
 CVE-2014-10040
 	RESERVED
-CVE-2014-10038
+CVE-2014-10038 (SQL injection vulnerability in agenda/indexdate.php in DomPHP 0.83 and ...)
 	NOT-FOR-US: DomPHP
-CVE-2014-10037
+CVE-2014-10037 (Directory traversal vulnerability in DomPHP 0.83 and earlier allows re ...)
 	NOT-FOR-US: DomPHP
-CVE-2014-10036
+CVE-2014-10036 (Cross-site scripting (XSS) vulnerability in JetBrains TeamCity before  ...)
 	NOT-FOR-US: JetBrains TeamCity
-CVE-2014-10035
+CVE-2014-10035 (Multiple cross-site scripting (XSS) vulnerabilities in the admin area  ...)
 	NOT-FOR-US: couponPHP
-CVE-2014-10034
+CVE-2014-10034 (Multiple SQL injection vulnerabilities in the admin area in couponPHP  ...)
 	NOT-FOR-US: couponPHP
-CVE-2014-10033
+CVE-2014-10033 (SQL injection vulnerability in the update_zone function in catalog/adm ...)
 	NOT-FOR-US: osCommerce Online Merchant
-CVE-2014-10032
+CVE-2014-10032 (SQL injection vulnerability in news_popup.php in Taboada MacroNews 1.0 ...)
 	NOT-FOR-US: Taboada MacroNews
-CVE-2014-10031
+CVE-2014-10031 (Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0. ...)
 	NOT-FOR-US: Qualcomm Eudora WorldMail
-CVE-2014-10030
+CVE-2014-10030 (Open redirect vulnerability in forums/login.php in FluxBB before 1.4.1 ...)
 	NOT-FOR-US: FluxBB
-CVE-2014-10029
+CVE-2014-10029 (SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and ...)
 	NOT-FOR-US: FluxBB
-CVE-2014-10028
+CVE-2014-10028 (Cross-site scripting (XSS) vulnerability in D-Link DAP-1360 router wit ...)
 	NOT-FOR-US: D-Link DAP-1360 router
-CVE-2014-10027
+CVE-2014-10027 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link D ...)
 	NOT-FOR-US: D-Link DAP-1360
-CVE-2014-10026
+CVE-2014-10026 (index.cgi in D-Link DAP-1360 with firmware 2.5.4 and earlier allows re ...)
 	NOT-FOR-US: D-Link DAP-1360
-CVE-2014-10025
+CVE-2014-10025 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link D ...)
 	NOT-FOR-US: D-Link DAP-1360
-CVE-2014-10024
+CVE-2014-10024 (Multiple integer signedness errors in DirectShowDemuxFilter, as used i ...)
 	NOT-FOR-US: Divx Web Player, Divx Player and Divx plugins
-CVE-2014-10023
+CVE-2014-10023 (Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allo ...)
 	NOT-FOR-US: TopicsViewer
-CVE-2014-10021
+CVE-2014-10021 (Unrestricted file upload vulnerability in UploadHandler.php in the WP  ...)
 	NOT-FOR-US: WP Symposium plugin for WordPress
-CVE-2014-10020
+CVE-2014-10020 (SQL injection vulnerability in login.php in Simple e-document 1.31 all ...)
 	NOT-FOR-US: Simple e-document
-CVE-2014-10019
+CVE-2014-10019 (Multiple cross-site request forgery (CSRF) vulnerabilities in webconfi ...)
 	NOT-FOR-US: Teracom T2-B-Gawv1.4U10Y-BI modem
-CVE-2014-10018
+CVE-2014-10018 (Cross-site scripting (XSS) vulnerability in webconfig/wlan/country.htm ...)
 	NOT-FOR-US: Teracom T2-B-Gawv1.4U10Y-BI modem
-CVE-2014-10017
+CVE-2014-10017 (Multiple SQL injection vulnerabilities in the Welcart e-Commerce plugi ...)
 	NOT-FOR-US: Welcart e-Commerce plugin for WordPress
-CVE-2014-10016
+CVE-2014-10016 (Multiple cross-site scripting (XSS) vulnerabilities in the Welcart e-C ...)
 	NOT-FOR-US: Welcart e-Commerce plugin for WordPress
-CVE-2014-10015
+CVE-2014-10015 (SQL injection vulnerability in load-calendar.php in PHPJabbers Event B ...)
 	NOT-FOR-US: PHPJabbers Event Booking Calendar
-CVE-2014-10014
+CVE-2014-10014 (Multiple cross-site request forgery (CSRF) vulnerabilities in PHPJabbe ...)
 	NOT-FOR-US: PHPJabbers Event Booking Calendar
-CVE-2014-10013
+CVE-2014-10013 (SQL injection vulnerability in the Another WordPress Classifieds Plugi ...)
 	NOT-FOR-US: Another WordPress Classifieds Plugin plugin for WordPress
-CVE-2014-10012
+CVE-2014-10012 (Cross-site scripting (XSS) vulnerability in the Another WordPress Clas ...)
 	NOT-FOR-US: Another WordPress Classifieds Plugin plugin for WordPress
-CVE-2014-10011
+CVE-2014-10011 (Stack-based buffer overflow in UltraCamLib in the UltraCam ActiveX Con ...)
 	NOT-FOR-US: TRENDnet SecurView camera TV-IP422WN
-CVE-2014-10010
+CVE-2014-10010 (Directory traversal vulnerability in PHPJabbers Appointment Scheduler  ...)
 	NOT-FOR-US: PHPJabbers Appointment Scheduler
-CVE-2014-10009
+CVE-2014-10009 (Multiple cross-site scripting (XSS) vulnerabilities in Stark CRM 1.0 a ...)
 	NOT-FOR-US: Stark CRM
-CVE-2014-10008
+CVE-2014-10008 (Multiple cross-site request forgery (CSRF) vulnerabilities in Stark CR ...)
 	NOT-FOR-US: Stark CRM
-CVE-2014-10007
+CVE-2014-10007 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Weblog 4. ...)
 	NOT-FOR-US: Maian Weblog
-CVE-2014-10006
+CVE-2014-10006 (Multiple cross-site request forgery (CSRF) vulnerabilities in Maian Up ...)
 	NOT-FOR-US: Maian Uploader
-CVE-2014-10005
+CVE-2014-10005 (Maian Uploader 4.0 allows remote attackers to obtain sensitive informa ...)
 	NOT-FOR-US: Maian Uploader
 CVE-2014-100040
 	RESERVED
-CVE-2014-10004
+CVE-2014-10004 (SQL injection vulnerability in admin/data_files/move.php in Maian Uplo ...)
 	NOT-FOR-US: Maian Uploader
-CVE-2014-100039
+CVE-2014-100039 (mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local  ...)
 	NOT-FOR-US: Malwarebytes Anti-Exploit
-CVE-2014-100038
+CVE-2014-100038 (Cross-site scripting (XSS) vulnerability in Storytlr 1.3.dev and earli ...)
 	NOT-FOR-US: Storytlr
-CVE-2014-100037
+CVE-2014-100037 (Cross-site scripting (XSS) vulnerability in Storytlr 1.3.dev and earli ...)
 	NOT-FOR-US: Storytlr
-CVE-2014-100036
+CVE-2014-100036 (Cross-site scripting (XSS) vulnerability in FlatPress 1.0.2 allows rem ...)
 	- flatpress <itp> (bug #466297)
-CVE-2014-100035
+CVE-2014-100035 (SQL injection vulnerability in the ticket grid in the admin interface  ...)
 	NOT-FOR-US: LicensePal ArcticDesk
-CVE-2014-100034
+CVE-2014-100034 (Cross-site scripting (XSS) vulnerability in the frontend interface in  ...)
 	NOT-FOR-US: LicensePal ArcticDesk
-CVE-2014-100033
+CVE-2014-100033 (Directory traversal vulnerability in LicensePal ArcticDesk before 1.2. ...)
 	NOT-FOR-US: LicensePal ArcticDesk
-CVE-2014-100032
+CVE-2014-100032 (Cross-site scripting (XSS) vulnerability in top.html in the Airties Ai ...)
 	NOT-FOR-US: Airties Air 6372 modem
-CVE-2014-100031
+CVE-2014-100031 (Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL ...)
 	NOT-FOR-US: Ganesha Digital Library
-CVE-2014-100030
+CVE-2014-100030 (Cross-site scripting (XSS) vulnerability in module/search/function.php ...)
 	NOT-FOR-US: Ganesha Digital Library
-CVE-2014-10003
+CVE-2014-10003 (Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader  ...)
 	NOT-FOR-US: Maian Uploader
-CVE-2014-100029
+CVE-2014-100029 (Multiple directory traversal vulnerabilities in class/session.php in G ...)
 	NOT-FOR-US: Ganesha Digital Library
-CVE-2014-100028
+CVE-2014-100028 (Cross-site scripting (XSS) vulnerability in /signup in WEBCrafted allo ...)
 	NOT-FOR-US: WEBCrafted
-CVE-2014-100027
+CVE-2014-100027 (Cross-site scripting (XSS) vulnerability in the WP SlimStat plugin bef ...)
 	NOT-FOR-US: WP SlimStat plugin for WordPress
-CVE-2014-100026
+CVE-2014-100026 (Cross-site scripting (XSS) vulnerability in readme.php in the April's  ...)
 	NOT-FOR-US: April's Super Functions Pack plugin for WordPress
-CVE-2014-100025
+CVE-2014-100025 (Cross-site request forgery (CSRF) vulnerability in index.php/user_data ...)
 	NOT-FOR-US: Savsoft Quiz
-CVE-2014-100024
+CVE-2014-100024 (Cross-site scripting (XSS) vulnerability in Seo Panel before 3.4.0 all ...)
 	NOT-FOR-US: Seo Panel
-CVE-2014-100023
+CVE-2014-100023 (Multiple cross-site scripting (XSS) vulnerabilities in question.php in ...)
 	NOT-FOR-US: mTouch Quiz
-CVE-2014-100022
+CVE-2014-100022 (SQL injection vulnerability in question.php in the mTouch Quiz before  ...)
 	NOT-FOR-US: mTouch Quiz
-CVE-2014-100021
+CVE-2014-100021 (Cross-site scripting (XSS) vulnerability in symfony/web/index.php/pim/ ...)
 	NOT-FOR-US: OrangeHRM
-CVE-2014-100020
+CVE-2014-100020 (SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.0 ...)
 	NOT-FOR-US: iTechClassifieds
-CVE-2014-10002
+CVE-2014-10002 (Unspecified vulnerability in JetBrains TeamCity before 8.1 allows remo ...)
 	NOT-FOR-US: JetBrains TeamCity
-CVE-2014-100019
+CVE-2014-100019 (SQL injection vulnerability in the LTree converter in Pomm before 1.1. ...)
 	NOT-FOR-US: LTree converter in Pomm
-CVE-2014-100018
+CVE-2014-100018 (Cross-site scripting (XSS) vulnerability in the Unconfirmed plugin bef ...)
 	NOT-FOR-US: Unconfirmed plugin for WordPress
-CVE-2014-100017
+CVE-2014-100017 (Cross-site scripting (XSS) vulnerability in canned_opr.php in PhpOnlin ...)
 	NOT-FOR-US: PhpOnlineChat
-CVE-2014-100016
+CVE-2014-100016 (Cross-site scripting (XSS) vulnerability in photocrati-gallery/ecomm-s ...)
 	NOT-FOR-US: Photocrati theme for WordPress
-CVE-2014-100015
+CVE-2014-100015 (Directory traversal vulnerability in pdmwService.exe in SolidWorks Wor ...)
 	NOT-FOR-US: SolidWorks Workgroup PDM
-CVE-2014-100014
+CVE-2014-100014 (Multiple stack-based buffer overflows in pdmwService.exe in SolidWorks ...)
 	NOT-FOR-US: SolidWorks Workgroup PDM
-CVE-2014-100013
+CVE-2014-100013 (Multiple cross-site scripting (XSS) vulnerabilities in clientResponse  ...)
 	NOT-FOR-US: clientResponse
-CVE-2014-100012
+CVE-2014-100012 (SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote att ...)
 	NOT-FOR-US: Sendy
-CVE-2014-100011
+CVE-2014-100011 (SQL injection vulnerability in /send-to in Sendy 1.1.9.1 allows remote ...)
 	NOT-FOR-US: Sendy
-CVE-2014-100010
+CVE-2014-100010 (Cross-site scripting (XSS) vulnerability in ClanSphere 2011.4 allows r ...)
 	NOT-FOR-US: ClanSphere
-CVE-2014-10001
+CVE-2014-10001 (Multiple cross-site request forgery (CSRF) vulnerabilities in PHPJabbe ...)
 	NOT-FOR-US: PHPJabbers Appointment Scheduler
-CVE-2014-100009
+CVE-2014-100009 (The Joomlaskin JS Multi Hotel (aka JS MultiHotel and Js-Multi-Hotel) p ...)
 	NOT-FOR-US: JS MultiHotel
-CVE-2014-100008
+CVE-2014-100008 (Cross-site scripting (XSS) vulnerability in includes/delete_img.php in ...)
 	NOT-FOR-US: JS MultiHotel
-CVE-2014-100007
+CVE-2014-100007 (Cross-site scripting (XSS) vulnerability in the HK Exif Tags plugin be ...)
 	NOT-FOR-US: HK Exif Tags plugin for WordPress
-CVE-2014-100006
+CVE-2014-100006 (Multiple cross-site scripting (XSS) vulnerabilities in modules_v3/goog ...)
 	NOT-FOR-US: webtrees
-CVE-2014-100005
+CVE-2014-100005 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link D ...)
 	NOT-FOR-US: D-Link DIR-600 router
-CVE-2014-100004
+CVE-2014-100004 (Cross-site scripting (XSS) vulnerability in Sitecore CMS before 7.0 Up ...)
 	NOT-FOR-US: Sitecore CMS
-CVE-2014-100003
+CVE-2014-100003 (SQL injection vulnerability in includes/ym-download_functions.include. ...)
 	NOT-FOR-US: Code Futures YourMembers plugin for WordPress
-CVE-2014-100002
+CVE-2014-100002 (Directory traversal vulnerability in ManageEngine SupportCenter Plus 7 ...)
 	NOT-FOR-US: ManageEngine SupportCenter Plus
-CVE-2014-100001
+CVE-2014-100001 (Cross-site request forgery (CSRF) vulnerability in the SEO Plugin Live ...)
 	NOT-FOR-US: SEO Plugin LiveOptim
 CVE-2014-100000
 	REJECTED
 CVE-2014-10000
 	REJECTED
-CVE-2014-9651
+CVE-2014-9651 (Buffer overflow in CHICKEN 4.9.0.x before 4.9.0.2, 4.9.x before 4.9.1, ...)
 	- chicken 4.10.0-1 (bug #775346)
 	[jessie] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
@@ -1656,77 +1656,77 @@ CVE-2014-1137
 	REJECTED
 CVE-2014-1004
 	REJECTED
-CVE-2014-9585
+CVE-2014-9585 (The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel thro ...)
 	{DSA-3170-1 DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/commit/?id=fbe1bf140671619508dfa575d74a185ae53c5dbb
 	NOTE: http://marc.info/?l=linux-kernel&m=141911002822659&w=2
-CVE-2014-9583
+CVE-2014-9583 (common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2 ...)
 	NOT-FOR-US: infosvr in ASUS WRT firmware
-CVE-2014-9582
+CVE-2014-9582 (Cross-site scripting (XSS) vulnerability in components/filemanager/dia ...)
 	NOT-FOR-US: Codiad
-CVE-2014-9581
+CVE-2014-9581 (Directory traversal vulnerability in components/filemanager/download.p ...)
 	NOT-FOR-US: Codiad
-CVE-2014-9580
+CVE-2014-9580 (Cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP ...)
 	NOT-FOR-US: ProjectSend
-CVE-2014-9579
+CVE-2014-9579 (VDG Security SENSE (formerly DIVA) 2.3.13 stores administrator credent ...)
 	NOT-FOR-US: VDG Security SENSE
-CVE-2014-9578
+CVE-2014-9578 (VDG Security SENSE (formerly DIVA) 2.3.13 performs authentication with ...)
 	NOT-FOR-US: VDG Security SENSE
-CVE-2014-9577
+CVE-2014-9577 (VDG Security SENSE (formerly DIVA) 2.3.13 sends the user database when ...)
 	NOT-FOR-US: VDG Security SENSE
-CVE-2014-9576
+CVE-2014-9576 (VDG Security SENSE (formerly DIVA) 2.3.13 has a hardcoded password of  ...)
 	NOT-FOR-US: VDG Security SENSE
-CVE-2014-9575
+CVE-2014-9575 (VDG Security SENSE (formerly DIVA) before 2.3.15 allows remote attacke ...)
 	NOT-FOR-US: VDG Security SENSE
-CVE-2014-9574
+CVE-2014-9574 (Directory traversal vulnerability in install.php in FluxBB before 1.5. ...)
 	NOT-FOR-US: FluxBB
-CVE-2014-9573
+CVE-2014-9573 (SQL injection vulnerability in manage_user_page.php in MantisBT before ...)
 	- mantis <removed> (bug #780875)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Upstream patch: http://github.com/mantisbt/mantisbt/commit/69c2d28d (1.2.x)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17940
-CVE-2014-9572
+CVE-2014-9572 (MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly ...)
 	- mantis <removed> (bug #780875)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Upstream patch: http://github.com/mantisbt/mantisbt/commit/5571bcf9 (1.2.x)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17939
-CVE-2014-9571
+CVE-2014-9571 (Cross-site scripting (XSS) vulnerability in admin/install.php in Manti ...)
 	- mantis <removed> (bug #780875)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Upstream patch: http://github.com/mantisbt/mantisbt/commit/6d47c047 (1.2.x)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17938
-CVE-2014-9570
+CVE-2014-9570 (Multiple cross-site scripting (XSS) vulnerabilities in the MyWebsiteAd ...)
 	NOT-FOR-US: WordPress plugin MyWebsiteAdvisor Simple Security
-CVE-2014-9569
+CVE-2014-9569 (Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver B ...)
 	NOT-FOR-US: SAP NetWeaver Business Client
-CVE-2014-9568
+CVE-2014-9568 (puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie  ...)
 	NOT-FOR-US: Puppet module rabbitmq
-CVE-2014-9567
+CVE-2014-9567 (Unrestricted file upload vulnerability in process-upload.php in Projec ...)
 	NOT-FOR-US: ProjectSend
-CVE-2014-9566
+CVE-2014-9566 (Multiple SQL injection vulnerabilities in the Manage Accounts page in  ...)
 	NOT-FOR-US: SolarWinds
-CVE-2014-9565
+CVE-2014-9565 (Cross-site request forgery (CSRF) vulnerability in IBM Flex System EN6 ...)
 	NOT-FOR-US: IBM
-CVE-2014-9564
+CVE-2014-9564 (CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet a ...)
 	NOT-FOR-US: IBM
-CVE-2014-9563
+CVE-2014-9563 (CRLF injection vulnerability in the web-based management (WBM) interfa ...)
 	NOT-FOR-US:  Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone
-CVE-2014-9562
+CVE-2014-9562 (Cross-site scripting (XSS) vulnerability in display_dialog.php in M2 O ...)
 	NOT-FOR-US: M2 OptimalSite
-CVE-2014-9561
+CVE-2014-9561 (Cross-site scripting (XSS) vulnerability in redir_last_post_list.php i ...)
 	NOT-FOR-US: SoftBB
-CVE-2014-9560
+CVE-2014-9560 (SQL injection vulnerability in redir_last_post_list.php in SoftBB 0.1. ...)
 	NOT-FOR-US: SoftBB
-CVE-2014-9559
+CVE-2014-9559 (Cross-site scripting (XSS) vulnerability in SnipSnap 0.5.2a, 1.0b1, an ...)
 	NOT-FOR-US: SnipSnap
-CVE-2014-9558
+CVE-2014-9558 (Multiple SQL injection vulnerabilities in SmartCMS v.2. ...)
 	NOT-FOR-US: SmartCMS
-CVE-2014-9557
+CVE-2014-9557 (Multiple cross-site scripting (XSS) vulnerabilities in SmartCMS v.2. ...)
 	NOT-FOR-US: SmartCMS
 CVE-2014-9555
 	RESERVED
@@ -1780,185 +1780,185 @@ CVE-2014-9531
 	RESERVED
 CVE-2014-9530
 	RESERVED
-CVE-2014-9528
+CVE-2014-9528 (SQL injection vulnerability in the actionIndex function in protected/m ...)
 	NOT-FOR-US: HumHub
-CVE-2014-9527
+CVE-2014-9527 (HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cau ...)
 	- libapache-poi-java 3.10.1-2 (low; bug #775171)
 	[wheezy] - libapache-poi-java <no-dsa> (Minor issue)
-CVE-2014-9587
+CVE-2014-9587 (Multiple cross-site request forgery (CSRF) vulnerabilities in Roundcub ...)
 	{DLA-613-1}
 	- roundcube 1.1.1+dfsg.1-2 (bug #775576)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
 	[wheezy] - roundcube <no-dsa> (Minor issue)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/376cbfd4f2dfcf455717409b70d9d056cbeb08b1
-CVE-2014-9526
+CVE-2014-9526 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 5.7.2 ...)
 	NOT-FOR-US: concrete5
-CVE-2014-9525
+CVE-2014-9525 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Time ...)
 	NOT-FOR-US: Timed Popup (wp-timed-popup) plugin for WordPress
-CVE-2014-9524
+CVE-2014-9524 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Face ...)
 	NOT-FOR-US: Facebook Like Box (cardoza-facebook-like-box) plugin for WordPress
-CVE-2014-9523
+CVE-2014-9523 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Our  ...)
 	NOT-FOR-US: Our Team Showcase (our-team-enhanced) plugin for WordPress
-CVE-2014-9522
+CVE-2014-9522 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Papoo Light ...)
 	NOT-FOR-US: CMS Papoo Light
-CVE-2014-9521
+CVE-2014-9521 (Unrestricted file upload vulnerability in uploadScript.php in Infinite ...)
 	NOT-FOR-US: InfiniteWP Admin Panel
-CVE-2014-9520
+CVE-2014-9520 (SQL injection vulnerability in execute.php in InfiniteWP Admin Panel b ...)
 	NOT-FOR-US: InfiniteWP Admin Panel
-CVE-2014-9519
+CVE-2014-9519 (SQL injection vulnerability in login.php in InfiniteWP Admin Panel bef ...)
 	NOT-FOR-US: InfiniteWP Admin Panel
-CVE-2014-9518
+CVE-2014-9518 (Cross-site scripting (XSS) vulnerability in login.cgi in D-Link router ...)
 	NOT-FOR-US: login.cgi in D-Link router DIR-655 (rev Bx) with firmware before 2.12b01
-CVE-2014-9517
+CVE-2014-9517 (Cross-site scripting (XSS) vulnerability in D-link IP camera DCS-2103  ...)
 	NOT-FOR-US: D-link IP camera DCS-2103
-CVE-2014-9516
+CVE-2014-9516 (Cross-site scripting (XSS) vulnerability in Social Microblogging PRO 1 ...)
 	NOT-FOR-US: Social Microblogging PRO
-CVE-2014-9515
+CVE-2014-9515 (Dozer improperly uses a reflection-based approach to type conversion,  ...)
 	NOT-FOR-US: Dozer
-CVE-2014-9514
+CVE-2014-9514 (Cross-site scripting (XSS) vulnerability in BMC Footprints Service Cor ...)
 	NOT-FOR-US: BMC
-CVE-2014-9512
+CVE-2014-9512 (rsync 3.1.1 allows remote attackers to write to arbitrary files via a  ...)
 	- rsync 3.1.1-3 (low; bug #778333)
 	[wheezy] - rsync <not-affected> (Affected sanitising functionality not yet present)
 	[squeeze] - rsync <not-affected> (Affected sanitising functionality not yet present)
 	NOTE: http://xteam.baidu.com/?p=169
 CVE-2014-9511
 	RESERVED
-CVE-2014-9510
+CVE-2014-9510 (Cross-site request forgery (CSRF) vulnerability in the administration  ...)
 	NOT-FOR-US: TP-Link TL-WR840N router
-CVE-2014-9509
+CVE-2014-9509 (The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x t ...)
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life> (See DSA 3314)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Solution is to remove he configuration options config.prefixLocalAnchors
 	NOTE: (and optionally also config.baseUrl) in favor of config.absRefPrefix
-CVE-2014-9508
+CVE-2014-9508 (The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x t ...)
 	- typo3-src 4.5.40+dfsg1-1 (bug #775105)
 	[wheezy] - typo3-src <end-of-life> (See DSA 3314)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://review.typo3.org/#/c/35222/
 	NOTE: https://review.typo3.org/gitweb?p=Packages/TYPO3.CMS.git;a=commitdiff;h=63ae7ddd11d284a121f23ce86282e3149bc16f96
-CVE-2014-9505
+CVE-2014-9505 (Cross-site scripting (XSS) vulnerability in the School Administration  ...)
 	NOT-FOR-US: School Administration module for Drupal
-CVE-2014-9504
+CVE-2014-9504 (The OG Subgroups module, when used with the Open Atrium module 7.x-2.x ...)
 	NOT-FOR-US: Open Atrium module for Drupal
-CVE-2014-9503
+CVE-2014-9503 (The Discussions sub module in the Open Atrium module 7.x-2.x before 7. ...)
 	NOT-FOR-US: Open Atrium module for Drupal
-CVE-2014-9502
+CVE-2014-9502 (Multiple cross-site request forgery (CSRF) vulnerabilities in unspecif ...)
 	NOT-FOR-US: Open Atrium module for Drupal
-CVE-2014-9501
+CVE-2014-9501 (Cross-site scripting (XSS) vulnerability in the Poll Chart Block modul ...)
 	NOT-FOR-US: Poll Chart Block module for Drupal
-CVE-2014-9500
+CVE-2014-9500 (Cross-site scripting (XSS) vulnerability in the Moip module 7.x-1.x be ...)
 	NOT-FOR-US: Moip module for Drupal
-CVE-2014-9499
+CVE-2014-9499 (Cross-site scripting (XSS) vulnerability in the Godwin's Law module be ...)
 	NOT-FOR-US: Godwin's Law for Drupal
-CVE-2014-9498
+CVE-2014-9498 (Cross-site scripting (XSS) vulnerability in the Webform Invitation mod ...)
 	NOT-FOR-US: Webform Invitation module for Drupal
 CVE-2014-9492
 	REJECTED
-CVE-2014-9491
+CVE-2014-9491 (The devzvol_readdir function in illumos does not check the return valu ...)
 	NOT-FOR-US: illumos
-CVE-2014-9490
+CVE-2014-9490 (The numtok function in lib/raven/okjson.rb in the raven-ruby gem befor ...)
 	NOT-FOR-US: raven ruby gem
-CVE-2014-9488
+CVE-2014-9488 (The is_utf8_well_formed function in GNU less before 475 allows remote  ...)
 	- less 481-1 (unimportant; bug #780247)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/10/14
 	NOTE: https://blog.fuzzing-project.org/3-less-out-of-bounds-read-access-TFPA-0022014.html
 CVE-2014-9484
 	RESERVED
-CVE-2014-9473
+CVE-2014-9473 (Unrestricted file upload vulnerability in lib_nonajax.php in the Cform ...)
 	NOT-FOR-US: formsII plugin for WordPress
-CVE-2014-9472
+CVE-2014-9472 (The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before ...)
 	{DSA-3176-1 DLA-158-1}
 	- request-tracker4 4.2.8-3
 	- request-tracker3.8 <removed> (unimportant)
 CVE-2014-9470
 	RESERVED
-CVE-2014-9469
+CVE-2014-9469 (Cross-site scripting (XSS) vulnerability in vBulletin 3.5.4, 3.6.0, 3. ...)
 	NOT-FOR-US: vBulletin
-CVE-2014-9468
+CVE-2014-9468 (Multiple cross-site scripting (XSS) vulnerabilities in InstantASP Inst ...)
 	NOT-FOR-US: InstantASP InstantForum.NET
 CVE-2014-9467
 	RESERVED
-CVE-2014-9466
+CVE-2014-9466 (Open-Xchange (OX) AppSuite and Server before 7.4.2-rev42, 7.6.0 before ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2014-9464
+CVE-2014-9464 (SQL injection vulnerability in Category.php in Microweber CMS 0.95 bef ...)
 	NOT-FOR-US: Microweber CMS
-CVE-2014-9463
+CVE-2014-9463 (functions_vbseo_hook.php in the VBSEO module for vBulletin allows remo ...)
 	NOT-FOR-US: vBulletin
-CVE-2014-9462
+CVE-2014-9462 (The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows ...)
 	{DSA-3257-1 DLA-237-1}
 	- mercurial 3.4-1 (bug #783237)
 	NOTE: http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html
 	NOTE: http://selenic.com/hg/rev/e3f30068d2eb
-CVE-2014-9461
+CVE-2014-9461 (Directory traversal vulnerability in models/Cart66.php in the Cart66 L ...)
 	NOT-FOR-US: Cart66 Lite plugin for WordPress
-CVE-2014-9460
+CVE-2014-9460 (Multiple cross-site request forgery (CSRF) vulnerabilities in the WP-V ...)
 	NOT-FOR-US: WP-ViperGB plugin for WordPress
-CVE-2014-9459
+CVE-2014-9459 (Cross-site request forgery (CSRF) vulnerability in the AdminObserver f ...)
 	NOT-FOR-US: e107
-CVE-2014-9458
+CVE-2014-9458 (Heap-based buffer overflow in the GDB debugger module in Hex-Rays IDA  ...)
 	NOT-FOR-US: Hex-Rays IDA Pro
-CVE-2014-9457
+CVE-2014-9457 (SQL injection vulnerability in classes/mono_display.class.php in PMB 4 ...)
 	NOT-FOR-US: PMB
-CVE-2014-9456
+CVE-2014-9456 (Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have uns ...)
 	NOT-FOR-US: NotePad++
-CVE-2014-9455
+CVE-2014-9455 (SQL injection vulnerability in showads.php in CTS Projects &amp; Softw ...)
 	NOT-FOR-US: CTS Projects & Software ClassAd
-CVE-2014-9454
+CVE-2014-9454 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Simp ...)
 	NOT-FOR-US: Simple Sticky Footer plugin for WordPress
-CVE-2014-9453
+CVE-2014-9453 (Multiple cross-site scripting (XSS) vulnerabilities in simple-visitor- ...)
 	NOT-FOR-US: Simple visitor stat plugin for WordPress
-CVE-2014-9452
+CVE-2014-9452 (Directory traversal vulnerability in VDG Security SENSE (formerly DIVA ...)
 	NOT-FOR-US: VDG Security SENSE
-CVE-2014-9451
+CVE-2014-9451 (Multiple stack-based buffer overflows in the DIVA web service API (/we ...)
 	NOT-FOR-US: VDG Security SENS
-CVE-2014-9448
+CVE-2014-9448 (Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 all ...)
 	NOT-FOR-US: Mini-stream RM-MP3 Converter
-CVE-2014-9445
+CVE-2014-9445 (SQL injection vulnerability in incl/create.inc.php in Installatron GQ  ...)
 	NOT-FOR-US: GQ File Manager
-CVE-2014-9444
+CVE-2014-9444 (Cross-site scripting (XSS) vulnerability in the Frontend Uploader plug ...)
 	NOT-FOR-US: Frontend Uploader plugin for WordPress
-CVE-2014-9443
+CVE-2014-9443 (Cross-site scripting (XSS) vulnerability in the Relevanssi plugin befo ...)
 	NOT-FOR-US: Relevanssi plugin for WordPress
-CVE-2014-9442
+CVE-2014-9442 (SQL injection vulnerability in models/Cart66Ajax.php in the Cart66 Lit ...)
 	NOT-FOR-US: Cart66 Lite plugin for WordPress
-CVE-2014-9441
+CVE-2014-9441 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Ligh ...)
 	NOT-FOR-US: Lightbox Photo Gallery plugin for WordPress
-CVE-2014-9440
+CVE-2014-9440 (SQL injection vulnerability in browse.php in phpMyRecipes 1.2.2 allows ...)
 	NOT-FOR-US: phpMyRecipes
-CVE-2014-9439
+CVE-2014-9439 (Cross-site scripting (XSS) vulnerability in Easy File Sharing Web Serv ...)
 	NOT-FOR-US: Easy File Sharing Web Server
-CVE-2014-9438
+CVE-2014-9438 (Cross-site request forgery (CSRF) vulnerability in the Moderator Contr ...)
 	NOT-FOR-US: vBulletin
-CVE-2014-9437
+CVE-2014-9437 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Slid ...)
 	NOT-FOR-US: Sliding Social Icons plugin for WordPress
-CVE-2014-9436
+CVE-2014-9436 (Absolute path traversal vulnerability in SysAid On-Premise before 14.4 ...)
 	NOT-FOR-US: SysAid
-CVE-2014-9435
+CVE-2014-9435 (Multiple SQL injection vulnerabilities in Absolut Engine 1.73 allow re ...)
 	NOT-FOR-US: Absolut Engine
-CVE-2014-9434
+CVE-2014-9434 (Cross-site scripting (XSS) vulnerability in admin/managerrelated.php i ...)
 	NOT-FOR-US: Absolut Engine
-CVE-2014-9431
+CVE-2014-9431 (Multiple cross-site request forgery (CSRF) vulnerabilities in Smoothwa ...)
 	NOT-FOR-US: Smoothwall
-CVE-2014-9430
+CVE-2014-9430 (Cross-site scripting (XSS) vulnerability in httpd/cgi-bin/vpn.cgi/vpnc ...)
 	NOT-FOR-US: Smoothwall
-CVE-2014-9429
+CVE-2014-9429 (Multiple cross-site scripting (XSS) vulnerabilities in Smoothwall Expr ...)
 	NOT-FOR-US: Smoothwall
-CVE-2014-9507
+CVE-2014-9507 (MediaWiki 1.21.x, 1.22.x before 1.22.14, and 1.23.x before 1.23.7, whe ...)
 	- mediawiki <not-affected> (There is no content handler in REL1_19)
 	NOTE: Upstream bug https://phabricator.wikimedia.org/T72901
-CVE-2014-9506
+CVE-2014-9506 (MantisBT before 1.2.18 does not properly check permissions when sendin ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=9885
-CVE-2014-9584
+CVE-2014-9584 (The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the ...)
 	{DSA-3128-1 DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/linus/4e2024624e678f0ebb916e6192bd23c1f9fdf696 (v3.19-rc3)
-CVE-2014-10022
+CVE-2014-10022 (Apache Traffic Server before 5.1.2 allows remote attackers to cause a  ...)
 	- trafficserver 5.2.0-1 (bug #778895)
 	[wheezy] - trafficserver <not-affected> (Only affects 5.x)
 	NOTE: https://issues.apache.org/jira/browse/TS-3223 (fixed in 5.1.2)
@@ -1973,50 +1973,50 @@ CVE-2014-XXXX [insecure LUA default load path]
 	- libquvi 0.4.1-3 (low; bug #774555)
 	[wheezy] - libquvi <no-dsa> (Minor issue)
 	[squeeze] - libquvi <no-dsa> (Minor issue)
-CVE-2014-9489
+CVE-2014-9489 (The gollum-grit_adapter Ruby gem dependency in gollum before 3.1.1 and ...)
 	NOT-FOR-US: Gollum wiki
-CVE-2014-9487
+CVE-2014-9487 (The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.1 ...)
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
 CVE-2014-9481
 	RESERVED
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
-CVE-2014-9480
+CVE-2014-9480 (Cross-site scripting (XSS) vulnerability in the Hovercards extension f ...)
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
-CVE-2014-9479
+CVE-2014-9479 (Cross-site scripting (XSS) vulnerability in the preview in the Templat ...)
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
-CVE-2014-9478
+CVE-2014-9478 (Cross-site scripting (XSS) vulnerability in the preview in the ExpandT ...)
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
-CVE-2014-9477
+CVE-2014-9477 (Multiple cross-site scripting (XSS) vulnerabilities in the Listings ex ...)
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
-CVE-2014-9450
+CVE-2014-9450 (Multiple SQL injection vulnerabilities in chart_bar.php in the fronten ...)
 	- zabbix 1:2.2.7+dfsg-2 (bug #774750)
 	[squeeze] - zabbix <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://support.zabbix.com/browse/ZBX-8582
 	NOTE: https://github.com/svn2github/zabbix/commit/984bd3bec2d6ca5a80104a5574d19b7f4d04f24b
-CVE-2014-9449
+CVE-2014-9449 (Buffer overflow in the RiffVideo::infoTagsHandler function in riffvide ...)
 	- exiv2 0.24-4.1 (bug #773846)
 	[wheezy] - exiv2 <not-affected> (Vulnerable code not present)
 	[squeeze] - exiv2 <not-affected> (Vulnerable code not present)
 	NOTE: http://dev.exiv2.org/issues/960
 	NOTE: http://dev.exiv2.org/projects/exiv2/repository/diff?rev=3264&rev_to=3263
-CVE-2014-9447
+CVE-2014-9447 (Directory traversal vulnerability in the read_long_names function in l ...)
 	- elfutils 0.159-4.1 (bug #775536)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	[squeeze] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
-CVE-2014-9529
+CVE-2014-9529 (Race condition in the key_gc_unused_keys function in security/keys/gc. ...)
 	{DSA-3128-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: http://marc.info/?l=linux-kernel&m=141986398232547&w=2
 	NOTE: http://marc.info/?l=linux-kernel&m=142047362307894&w=2
-CVE-2014-9513
+CVE-2014-9513 (Insecure use of temporary files in xbindkeys-config 0.1.3-2 allows rem ...)
 	- xbindkeys-config <unfixed> (unimportant; bug #772473)
 	[jessie] - xbindkeys-config <no-dsa> (Minor issue)
 	[wheezy] - xbindkeys-config <no-dsa> (Minor issue)
 	[squeeze] - xbindkeys-config <no-dsa> (Minor issue)
 	NOTE: Not exploitable with kernel hardening since jessie
-CVE-2014-9495
+CVE-2014-9495 (Heap-based buffer overflow in the png_combine_row function in libpng b ...)
 	- libpng <not-affected> (Affects 1.5.x and 1.6.x series)
 	- texlive-bin 2014.20140926.35254-4 (bug #773824)
 	[squeeze] - texlive-bin <not-affected> (has a copy of libpng 1.2)
@@ -2025,13 +2025,13 @@ CVE-2014-9495
 	- iceweasel <not-affected> (squeeze used the system libpng, and later versions define their own limits)
 	- icedove <not-affected> (squeeze used the system libpng, and later versions define their own limits)
 	NOTE: http://sourceforge.net/p/png-mng/mailman/message/33173461/
-CVE-2014-9465
+CVE-2014-9465 (senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Z ...)
 	- zarafa <itp> (bug #658433)
-CVE-2014-9446
+CVE-2014-9446 (Multiple cross-site scripting (XSS) vulnerabilities in the Staff clien ...)
 	- koha <itp> (bug #702134)
-CVE-2014-9433
+CVE-2014-9433 (Multiple cross-site scripting (XSS) vulnerabilities in cms/front_conte ...)
 	NOT-FOR-US: Contenido CMS
-CVE-2014-9432
+CVE-2014-9432 (Multiple cross-site scripting (XSS) vulnerabilities in templates/2k11/ ...)
 	- serendipity <removed>
 CVE-2014-XXXX [denial of service with specific packets]
 	- libhtp 1:0.5.25-1 (bug #774897)
@@ -2040,35 +2040,35 @@ CVE-2014-XXXX [denial of service with specific packets]
 	NOTE: https://redmine.openinfosecfoundation.org/issues/1272
 	NOTE: https://github.com/inliniac/libhtp/commit/4acebf251bb6c8343dd5f37f1b48cb38fec4fed4
 	NOTE: CVE Request: http://seclists.org/oss-sec/2014/q4/1035
-CVE-2014-9485
+CVE-2014-9485 (Directory traversal vulnerability in the do_extract_currentfile functi ...)
 	- minizip 1.1-5 (low; bug #774321)
-CVE-2014-9426
+CVE-2014-9426 (** DISPUTED ** The apprentice_load function in libmagic/apprentice.c i ...)
 	NOTE: Disputed PHP issue to be rejected, code wasn't present in squeeze/wheezy or file (PHP-specific)
-CVE-2014-9423
+CVE-2014-9423 (The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c  ...)
 	{DSA-3153-1 DLA-146-1}
 	- krb5 1.12.1+dfsg-17
-CVE-2014-9422
+CVE-2014-9422 (The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadm ...)
 	{DSA-3153-1 DLA-146-1}
 	- krb5 1.12.1+dfsg-17
-CVE-2014-9421
+CVE-2014-9421 (The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in  ...)
 	{DSA-3153-1 DLA-146-1}
 	- krb5 1.12.1+dfsg-17
-CVE-2014-9418
+CVE-2014-9418 (The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eS ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9417
+CVE-2014-9417 (The Meeting component in Huawei eSpace Desktop before V100R001C03 allo ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9416
+CVE-2014-9416 (Multiple untrusted search path vulnerabilities in Huawei eSpace Deskto ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9415
+CVE-2014-9415 (Huawei eSpace Desktop before V100R001C03 allows local users to cause a ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9414
+CVE-2014-9414 (The W3 Total Cache plugin before 0.9.4.1 for WordPress does not proper ...)
 	NOT-FOR-US: WordPress plugin W3 Total Cache
-CVE-2014-9413
+CVE-2014-9413 (Multiple cross-site request forgery (CSRF) vulnerabilities in the IP B ...)
 	NOT-FOR-US: IP Ban (simple-ip-ban) plugin for WordPress
-CVE-2014-9482
+CVE-2014-9482 (Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through ...)
 	- dwarfutils <not-affected> (Vulnerable code introduced later, see bug #774530)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/12/31/3
-CVE-2014-9427
+CVE-2014-9427 (sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x  ...)
 	{DSA-3117-1}
 	- php5 5.6.5+dfsg-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.4.1)
@@ -2077,25 +2077,25 @@ CVE-2014-9427
 CVE-2014-XXXX [CRAM-MD5 authentication bypass]
 	- dbmail <not-affected> (Only affects versions supporting cram-md5, so 3.0.0 and later)
 	NOTE: http://blog.gmane.org/gmane.mail.imap.dbmail/day=20141219
-CVE-2014-9483
+CVE-2014-9483 (Emacs 24.4 allows remote attackers to bypass security restrictions. ...)
 	- emacs24 24.5+1-1 (unimportant; bug #774090)
 	- emacs23 <not-affected> (Only affects Emacs 24)
 	NOTE: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=18939
 	NOTE: Plain bug, security implications rather far-fetched
-CVE-2014-9556
+CVE-2014-9556 (Integer overflow in the qtmd_decompress function in libmspack 0.4 allo ...)
 	- libmspack 0.4-2 (bug #773041)
 	- cabextract 1.4-5 (bug #772891)
 	[wheezy] - cabextract <no-dsa> (Minor issue)
 	[squeeze] - cabextract <no-dsa> (Minor issue)
 	NOTE: Starting with 1.4-5 cabextract uses the mspack system library
-CVE-2014-9428
+CVE-2014-9428 (The batadv_frag_merge_packets function in net/batman-adv/fragmentation ...)
 	- linux 3.16.7-ckt4-1 (bug #774155)
 	[wheezy] - linux <not-affected> (Introduced in 3.13)
 	- linux-2.6 <not-affected> (Introduced in 3.13)
 	NOTE: http://thread.gmane.org/gmane.linux.network/343494
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=610bfc6bc99bc83680d190ebc69359a05fc7f605 (v3.13-rc1)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5b6698b0e4a37053de35cc24ee695b98a7eb712b
-CVE-2014-9496
+CVE-2014-9496 (The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attacke ...)
 	{DLA-928-1 DLA-356-1}
 	- libsndfile 1.0.25-9.1 (low; bug #774162)
 	[squeeze] - libsndfile <no-dsa> (Minor issue)
@@ -2103,68 +2103,68 @@ CVE-2014-XXXX [a2p: buffer overflow]
 	- perl 5.22.0~rc2-1 (unimportant; bug #769606)
 CVE-2014-9486
 	REJECTED
-CVE-2014-9497
+CVE-2014-9497 (Buffer overflow in mpg123 before 1.18.0. ...)
 	{DLA-655-1}
 	- mpg123 1.18.0-1
 	[squeeze] - mpg123 <not-affected> (Introduced in 1.14.1)
 	NOTE: http://sourceforge.net/p/mpg123/bugs/201/
-CVE-2014-9425
+CVE-2014-9425 (Double free vulnerability in the zend_ts_hash_graceful_destroy functio ...)
 	- php5 <removed> (unimportant; bug #774154)
 	NOTE: php5 binary packages not built with --with-maintainer-zts
-CVE-2014-9424
+CVE-2014-9424 (Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext fu ...)
 	- libressl <itp> (bug #754513)
-CVE-2014-9412
+CVE-2014-9412 (Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Ma ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2014-9411
+CVE-2014-9411 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2014-9410
+CVE-2014-9410 (The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2014-9409
 	RESERVED
-CVE-2014-9408
+CVE-2014-9408 (Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location ...)
 	NOT-FOR-US: Ekahau Real-Time Location Tracking System
-CVE-2014-9407
+CVE-2014-9407 (Multiple cross-site request forgery (CSRF) vulnerabilities in Revive A ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2014-9406
+CVE-2014-9406 (ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT  ...)
 	NOT-FOR-US: ARRIS Touchstone TG862G/CT Telephony Gateway
 CVE-2014-9405
 	RESERVED
 CVE-2014-9404
 	RESERVED
-CVE-2014-9401
+CVE-2014-9401 (Cross-site request forgery (CSRF) vulnerability in the WP Limit Posts  ...)
 	NOT-FOR-US: WP Limit Posts Automatically plugin for WordPress
-CVE-2014-9400
+CVE-2014-9400 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Wp U ...)
 	NOT-FOR-US: Wp Unique Article Header Image plugin for WordPress
-CVE-2014-9399
+CVE-2014-9399 (Cross-site request forgery (CSRF) vulnerability in the TweetScribe plu ...)
 	NOT-FOR-US: TweetScribe plugin for WordPress
-CVE-2014-9398
+CVE-2014-9398 (Cross-site request forgery (CSRF) vulnerability in the Twitter LiveBlo ...)
 	NOT-FOR-US: Twitter LiveBlog plugin for WordPress
-CVE-2014-9397
+CVE-2014-9397 (Cross-site request forgery (CSRF) vulnerability in the twimp-wp plugin ...)
 	NOT-FOR-US: twimp-wp plugin for WordPress
-CVE-2014-9396
+CVE-2014-9396 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Simp ...)
 	NOT-FOR-US: SimpleFlickr plugin for WordPress
-CVE-2014-9395
+CVE-2014-9395 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Simp ...)
 	NOT-FOR-US: Simplelife plugin for WordPress
-CVE-2014-9394
+CVE-2014-9394 (Multiple cross-site request forgery (CSRF) vulnerabilities in the PWGR ...)
 	NOT-FOR-US: PWGRandom plugin for WordPress
-CVE-2014-9393
+CVE-2014-9393 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Post ...)
 	NOT-FOR-US: Post to Twitter plugin for WordPress
-CVE-2014-9392
+CVE-2014-9392 (Cross-site request forgery (CSRF) vulnerability in the PictoBrowser (p ...)
 	NOT-FOR-US: PictoBrowser plugin for WordPress
-CVE-2014-9391
+CVE-2014-9391 (Multiple cross-site request forgery (CSRF) vulnerabilities in the gSli ...)
 	NOT-FOR-US: gSlideShow plugin for WordPress
-CVE-2014-9389
+CVE-2014-9389 (Directory traversal vulnerability in Sonatype Nexus OSS and Pro before ...)
 	NOT-FOR-US: Sonatype Nexus OSS and Pro
-CVE-2014-9388
+CVE-2014-9388 (bug_report.php in MantisBT before 1.2.18 allows remote attackers to as ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17878
-CVE-2014-9387
+CVE-2014-9387 (SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_ ...)
 	NOT-FOR-US: SAP BussinessObjects Edge
-CVE-2014-9386
+CVE-2014-9386 (Zenoss Core before 4.2.5 SP161 sets an infinite lifetime for the sessi ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-9385
+CVE-2014-9385 (Cross-site request forgery (CSRF) vulnerability in Zenoss Core through ...)
 	- zenoss <itp> (bug #361253)
 CVE-2014-9384
 	RESERVED
@@ -2172,26 +2172,26 @@ CVE-2014-9383
 	RESERVED
 CVE-2014-9382
 	RESERVED
-CVE-2014-9375
+CVE-2014-9375 (Directory traversal vulnerability in the LibraryFileUploadServlet serv ...)
 	NOT-FOR-US: Lexmark
-CVE-2014-9373
+CVE-2014-9373 (Directory traversal vulnerability in the CollectorConfInfoServlet serv ...)
 	NOT-FOR-US: ManageEngine NetFlow Analyzer
-CVE-2014-9372
+CVE-2014-9372 (Directory traversal vulnerability in the UploadAccountActivities servl ...)
 	NOT-FOR-US: ManageEngine Password Manager Pro
-CVE-2014-9371
+CVE-2014-9371 (The NativeAppServlet in ManageEngine Desktop Central MSP before 90075  ...)
 	NOT-FOR-US: ManageEngine Desktop Central MSP
 CVE-2014-9370
 	RESERVED
-CVE-2014-9369
+CVE-2014-9369 (Siemens SPC controllers SPC4000, SPC5000, and SPC6000 before 3.6.0 all ...)
 	NOT-FOR-US: Siemens
-CVE-2014-9368
+CVE-2014-9368 (Cross-site request forgery (CSRF) vulnerability in the twitterDash plu ...)
 	NOT-FOR-US: WordPress plugin twitterDash
-CVE-2014-9367
+CVE-2014-9367 (Incomplete blacklist vulnerability in the urlEncode function in lib/TW ...)
 	- twiki <removed>
 	NOTE: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-9367
 CVE-2014-9366
 	RESERVED
-CVE-2014-9493
+CVE-2014-9493 (The V2 API in OpenStack Image Registry and Delivery Service (Glance) b ...)
 	- glance 2014.1.3-6 (bug #773836)
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: up to 2014.1.3 and 2014.2 version up to 2014.2.1
@@ -2201,21 +2201,21 @@ CVE-2014-XXXX
 	[squeeze] - json-glib <not-affected> (Tool not yet present)
 	[wheezy] - json-glib <not-affected> (Tool not yet present)
 	NOTE: Negligible security impact
-CVE-2014-9475
+CVE-2014-9475 (Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki bef ...)
 	{DSA-3110-1}
 	- mediawiki 1:1.19.20+dfsg-2.2 (bug #773654)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://phabricator.wikimedia.org/T76686 (still not public)
-CVE-2014-9476
+CVE-2014-9476 (MediaWiki 1.2x before 1.22.15, 1.23.x before 1.23.8, and 1.24.x before ...)
 	- mediawiki <not-affected> (CORS support was added in 1.20)
 	NOTE: https://phabricator.wikimedia.org/T77028
-CVE-2014-9419
+CVE-2014-9419 (The __switch_to function in arch/x86/kernel/process_64.c in the Linux  ...)
 	{DSA-3128-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too risky to backport)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=f647d7c155f069c1a068030255c300663516420e (v3.19-rc1)
-CVE-2014-9420
+CVE-2014-9420 (The rock_continue function in fs/isofs/rock.c in the Linux kernel thro ...)
 	{DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.65-1
@@ -2239,33 +2239,33 @@ CVE-2014-9390 [arbitrary command execution vulnerability on case-insensitive fil
 	[jessie] - dulwich <no-dsa> (Minor issue)
 	[wheezy] - dulwich <no-dsa> (Minor issue)
 	[squeeze] - dulwich <no-dsa> (Minor issue)
-CVE-2014-9376
+CVE-2014-9376 (Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a ...)
 	- ettercap 1:0.8.1-3 (bug #773416)
 	[squeeze] - ettercap <not-affected> (Vulnerable code not present according to upstream author in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20)
-CVE-2014-9377
+CVE-2014-9377 (Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns ...)
 	- ettercap 1:0.8.1-3 (bug #773416)
 	[squeeze] - ettercap <not-affected> (Vulnerable code not present according to upstream author in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20)
-CVE-2014-9378
+CVE-2014-9378 (Ettercap 0.8.1 does not validate certain return values, which allows r ...)
 	- ettercap 1:0.8.1-3 (bug #773416)
 	[squeeze] - ettercap <not-affected> (Vulnerable code not present according to upstream author in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20)
-CVE-2014-9379
+CVE-2014-9379 (The radius_get_attribute function in dissectors/ec_radius.c in Etterca ...)
 	- ettercap 1:0.8.1-3 (bug #773416)
 	[squeeze] - ettercap <not-affected> (Vulnerable code not present according to upstream author in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20)
-CVE-2014-9380
+CVE-2014-9380 (The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 al ...)
 	{DLA-126-1}
 	- ettercap 1:0.8.1-3 (bug #773416)
 	NOTE: Patch for squeeze in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20
-CVE-2014-9381
+CVE-2014-9381 (Integer signedness error in the dissector_cvs function in dissectors/e ...)
 	{DLA-126-1}
 	- ettercap 1:0.8.1-3 (bug #773416)
 	NOTE: Patch for squeeze in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20
-CVE-2014-9403
+CVE-2014-9403 (The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC bef ...)
 	- znc 1.2-4 (bug #744712)
 	[wheezy] - znc <no-dsa> (Minor issue)
 	[squeeze] - znc <no-dsa> (Minor issue)
 	NOTE: https://github.com/znc/znc/issues/528
 	NOTE: https://github.com/znc/znc/commit/8756be513ab6663dcd64087006b257ff34e8e487
-CVE-2014-9620
+CVE-2014-9620 (The ELF parser in file 5.08 through 5.21 allows remote attackers to ca ...)
 	{DSA-3121-1}
 	- file 1:5.21+15-1
 	[squeeze] - file <not-affected> (Introduced in 5.08)
@@ -2273,7 +2273,7 @@ CVE-2014-9620
 	NOTE: Report: http://mx.gw.com/pipermail/file/2014/001653.html
 	NOTE: Fix: https://github.com/file/file/commit/ce90e05774dd77d86cfc8dfa6da57b32816841c4
 	NOTE: Introduced by: https://github.com/file/file/commit/956a45ab1c54b11304b367056f41905e72a02380#diff-bc5c24ef9f39a5f4963ca28ecbc645b3L423
-CVE-2014-9621
+CVE-2014-9621 (The ELF parser in file 5.16 through 5.21 allows remote attackers to ca ...)
 	- file 1:5.21+15-1
 	[wheezy] - file <not-affected> (Introduced in 5.16)
 	[squeeze] - file <not-affected> (Introduced in 5.16)
@@ -2284,7 +2284,7 @@ CVE-2014-9621
 	NOTE: Fix: https://github.com/file/file/commit/65437cee25199dbd385fb35901bc0011e164276c
 	NOTE: Introduced by: https://github.com/file/file/commit/c8451af8ab0c2e2a93ce93b9c68257d31576cc85 (5.16)
 	NOTE: readelf.c has been removed in PHP in 5.6.5, see http://php.net/ChangeLog-5.php#5.6.5
-CVE-2014-9494
+CVE-2014-9494 (RabbitMQ before 3.4.0 allows remote attackers to bypass the loopback_u ...)
 	- rabbitmq-server 3.4.1-1 (bug #773134)
 	[jessie] - rabbitmq-server 3.3.5-1.1
 	[wheezy] - rabbitmq-server <not-affected> (does not have this access control mechanism)
@@ -2292,7 +2292,7 @@ CVE-2014-9494
 	NOTE: http://hg.rabbitmq.com/rabbitmq-management/rev/c3c41177a11a
 	NOTE: http://hg.rabbitmq.com/rabbitmq-management/rev/35e916df027d
 	NOTE: http://www.rabbitmq.com/release-notes/README-3.4.0.txt
-CVE-2014-9652
+CVE-2014-9652 (The mconvert function in softmagic.c in file before 5.21, as used in t ...)
 	{DSA-3126-1 DSA-3121-1 DLA-145-1}
 	- file 1:5.21+15-1
 	[squeeze] - file <not-affected> (The code was not vulnerable, confirmed with Valgrind on the test data submitted to upstream)
@@ -2302,7 +2302,7 @@ CVE-2014-9652
 	NOTE: http://bugs.gw.com/view.php?id=398
 	NOTE: https://github.com/file/file/commit/59e63838913eee47f5c120a6c53d4565af638158
 	NOTE: https://bugs.php.net/bug.php?id=68735
-CVE-2014-9402
+CVE-2014-9402 (The nss_dns implementation of getnetbyname in GNU C Library (aka glibc ...)
 	{DSA-3169-1 DLA-122-1}
 	- glibc 2.19-14 (bug #775572)
 	- eglibc <removed>
@@ -2312,99 +2312,99 @@ CVE-2014-XXXX [freetype: out of bounds write]
 	[wheezy] - freetype <not-affected> (introduced in freetype 2.5)
 	[squeeze] - freetype <not-affected> (introduced in freetype 2.5)
 	NOTE: The affected code isn't enabled in Debian, see #773084
-CVE-2014-9364
+CVE-2014-9364 (Cross-site scripting (XSS) vulnerability in the Unified Login form in  ...)
 	NOT-FOR-US: LoginToboggan Drupal Module
-CVE-2014-9363
+CVE-2014-9363 (Open redirect vulnerability in the path-based meta tag editing form in ...)
 	NOT-FOR-US: Meta tags quick Drupal Module
-CVE-2014-9362
+CVE-2014-9362 (Cross-site scripting (XSS) vulnerability in the path-based meta tag ed ...)
 	NOT-FOR-US: Meta tags quick Drupal module
-CVE-2014-9361
+CVE-2014-9361 (The LoginToboggan module 7.x-1.x before 7.x-1.4 for Drupal does not pr ...)
 	NOT-FOR-US: LoginToboggan Drupal Module
-CVE-2014-9360
+CVE-2014-9360 (XML external entity (XXE) vulnerability in Scalix Web Access 11.4.6.12 ...)
 	NOT-FOR-US: Scalix Web Access
 CVE-2014-9359
 	RESERVED
-CVE-2014-9358
+CVE-2014-9358 (Docker before 1.3.3 does not properly validate image IDs, which allows ...)
 	- docker.io 1.3.3~dfsg1-1 (bug #772909)
-CVE-2014-9357
+CVE-2014-9357 (Docker 1.3.2 allows remote attackers to execute arbitrary code with ro ...)
 	- docker.io 1.3.3~dfsg1-1 (bug #772909)
 CVE-2014-9356 [Path traversal during processing of absolute symlinks]
 	RESERVED
 	- docker.io 1.3.3~dfsg1-1 (bug #772909)
-CVE-2014-9355
+CVE-2014-9355 (Puppet Enterprise before 3.7.1 allows remote authenticated users to ob ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2014-9354
+CVE-2014-9354 (NetApp OnCommand Balance before 4.2P3 allows local users to obtain sen ...)
 	NOT-FOR-US: NetApp OnCommand Balance
-CVE-2014-9353
+CVE-2014-9353 (NetApp OnCommand Balance before 4.2P2 contains a "default privileged a ...)
 	NOT-FOR-US: NetApp OnCommand Balance
-CVE-2014-9352
+CVE-2014-9352 (Cross-site scripting (XSS) vulnerability in the mail administration lo ...)
 	NOT-FOR-US: Scalix Web Access
-CVE-2014-9350
+CVE-2014-9350 (TP-Link TL-WR740N 4 with firmware 3.17.0 Build 140520, 3.16.6 Build 13 ...)
 	NOT-FOR-US: TP-Link Router
-CVE-2014-9349
+CVE-2014-9349 (Multiple cross-site scripting (XSS) vulnerabilities in admin/robots.li ...)
 	NOT-FOR-US: RobotStats
-CVE-2014-9348
+CVE-2014-9348 (SQL injection vulnerability in the formulaireRobot function in admin/r ...)
 	NOT-FOR-US: RobotStats
-CVE-2014-9347
+CVE-2014-9347 (SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allo ...)
 	NOT-FOR-US: phpMyRecipes
-CVE-2014-9346
+CVE-2014-9346 (Multiple cross-site scripting (XSS) vulnerabilities in the Hierarchica ...)
 	NOT-FOR-US: Hierarchical Select Drupal Module
-CVE-2014-9345
+CVE-2014-9345 (SQL injection vulnerability in Guruperl.net Advertise With Pleasure! P ...)
 	NOT-FOR-US: AWP PRO
-CVE-2014-9344
+CVE-2014-9344 (Cross-site request forgery (CSRF) vulnerability in Snowfox CMS before  ...)
 	NOT-FOR-US: Snowfox CMS
-CVE-2014-9343
+CVE-2014-9343 (Open redirect vulnerability in modules/system/controller/selectlanguag ...)
 	NOT-FOR-US: Snowfox CMS
-CVE-2014-9342
+CVE-2014-9342 (Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2014-9341
+CVE-2014-9341 (Multiple cross-site request forgery (CSRF) vulnerabilities in the yURL ...)
 	NOT-FOR-US: WordPress plugin yURL ReTwitt
-CVE-2014-9340
+CVE-2014-9340 (Multiple cross-site request forgery (CSRF) vulnerabilities in the wpCo ...)
 	NOT-FOR-US: WordPress plugin wpCommentTwit
-CVE-2014-9339
+CVE-2014-9339 (Multiple cross-site request forgery (CSRF) vulnerabilities in the SPNb ...)
 	NOT-FOR-US: WordPress plugin SPNbabble
-CVE-2014-9338
+CVE-2014-9338 (Multiple cross-site request forgery (CSRF) vulnerabilities in the O2Tw ...)
 	NOT-FOR-US: WordPress plugin O2Tweet
-CVE-2014-9337
+CVE-2014-9337 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Miki ...)
 	NOT-FOR-US: WordPress plugin Mikiurl Wordpress Eklentisi
-CVE-2014-9336
+CVE-2014-9336 (Multiple cross-site request forgery (CSRF) vulnerabilities in the iTwi ...)
 	NOT-FOR-US: WordPress plugin iTwitter
-CVE-2014-9335
+CVE-2014-9335 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Dand ...)
 	NOT-FOR-US: WordPress plugin DandyID Services
-CVE-2014-9334
+CVE-2014-9334 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Bird ...)
 	NOT-FOR-US: Bird Feeder plugin for WordPress
 CVE-2014-9333
 	RESERVED
 CVE-2014-9332
 	RESERVED
-CVE-2014-9331
+CVE-2014-9331 (Cross-site request forgery (CSRF) vulnerability in ZOHO ManageEngine D ...)
 	NOT-FOR-US: ZOHO ManageEngine Desktop Central
-CVE-2014-9330
+CVE-2014-9330 (Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows  ...)
 	{DSA-3273-1 DLA-221-1}
 	- tiff 4.0.3-12 (bug #773987)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2494
 CVE-2014-9329
 	RESERVED
-CVE-2014-9328
+CVE-2014-9328 (ClamAV before 0.98.6 allows remote attackers to have unspecified impac ...)
 	{DLA-233-1}
 	- clamav 0.98.6+dfsg-1
 	[wheezy] - clamav 0.98.6+dfsg-0+deb7u1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/5e1fbf3668bd167828d675830103b3c1ccdcb76d
 CVE-2014-9327
 	RESERVED
-CVE-2014-9326
+CVE-2014-9326 (The automatic signature update functionality in the (1) Phone Home fea ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2014-9325
+CVE-2014-9325 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 all ...)
 	- twiki <removed>
 	NOTE: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-9325
-CVE-2014-9324
+CVE-2014-9324 (The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17, 3.3.x befo ...)
 	{DSA-3124-1}
 	- otrs2 3.3.9-3
 	[squeeze] - otrs2 <not-affected> (Problematic module got introduced later)
 	NOTE: https://www.otrs.com/security-advisory-2014-06-incomplete-access-control/
 	NOTE: Fix for 3.1.x: https://github.com/OTRS/otrs/commit/3058438a372db0d1a11c365d48a5fc7b1db24e90
-CVE-2014-9322
+CVE-2014-9322 (arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not  ...)
 	- linux 3.16.7-ckt2-1
 	[wheezy] - linux 3.2.63-2+deb7u2
 	- linux-2.6 <removed>
@@ -2414,23 +2414,23 @@ CVE-2014-9321
 CVE-2014-9320
 	RESERVED
 	NOT-FOR-US: SAP Business Objects
-CVE-2014-9319
+CVE-2014-9319 (The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg  ...)
 	- libav <not-affected> (Vulnerable code not present, reproducer tested with 8, 11 and trunk)
 	- ffmpeg 2.4.4-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=ea38e5a6b75706477898eb1e6582d667dbb9946c
-CVE-2014-9318
+CVE-2014-9318 (The raw_decode function in libavcodec/rawdec.c in FFMpeg before 2.1.6, ...)
 	- libav <not-affected> (Vulnerable code not present, format not supported)
 	- ffmpeg 2.4.4-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=1d3a3b9f8907625b361420d48fe05716859620ff
-CVE-2014-9317
+CVE-2014-9317 (The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg before ...)
 	{DLA-1611-1}
 	- libav <removed>
 	- ffmpeg 2.4.4-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=79ceaf827be0b070675d4cd0a55c3386542defd8
-CVE-2014-9316
+CVE-2014-9316 (The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg befor ...)
 	- libav <not-affected> (Vulnerable code not present, reproducer tested with 8, 11 and trunk)
 	- ffmpeg 2.4.4-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -2441,41 +2441,41 @@ CVE-2014-9314
 	RESERVED
 CVE-2014-9313
 	RESERVED
-CVE-2014-9312
+CVE-2014-9312 (Unrestricted File Upload vulnerability in Photo Gallery 1.2.5. ...)
 	NOT-FOR-US: Photo Gallery
-CVE-2014-9311
+CVE-2014-9311 (Cross-site scripting (XSS) vulnerability in admin.php in the Shareahol ...)
 	NOT-FOR-US: Shareaholic plugin for WordPress
-CVE-2014-9310
+CVE-2014-9310 (Cross-site scripting (XSS) vulnerability in the WordPress Backup to Dr ...)
 	NOT-FOR-US: WordPress Backup to Dropbox plugin for WordPress
 CVE-2014-9309
 	RESERVED
-CVE-2014-9308
+CVE-2014-9308 (Unrestricted file upload vulnerability in inc/amfphp/administration/ba ...)
 	NOT-FOR-US: WordPress plugin WP EasyCart
 CVE-2014-9307
 	RESERVED
 CVE-2014-9306
 	RESERVED
-CVE-2014-9305
+CVE-2014-9305 (SQL injection vulnerability in the shortcodeProductsTable function in  ...)
 	NOT-FOR-US: shortcodeProductsTable function in models/Cart66Ajax.php in the Cart66 Lite plugin for WordPress
-CVE-2014-9304
+CVE-2014-9304 (Plex Media Server before 0.9.9.3 allows remote attackers to bypass the ...)
 	NOT-FOR-US: Plex Media Server
-CVE-2014-9303
+CVE-2014-9303 (EntryPass N5200 Active Network Control Panel allows remote attackers t ...)
 	NOT-FOR-US: EntryPass
-CVE-2014-9302
+CVE-2014-9302 (Server-side request forgery (SSRF) vulnerability in the cmisbrowser se ...)
 	NOT-FOR-US: Alfresco Community Edition
-CVE-2014-9301
+CVE-2014-9301 (Server-side request forgery (SSRF) vulnerability in the proxy servlet  ...)
 	NOT-FOR-US: Alfreso Community Edition
-CVE-2014-9300
+CVE-2014-9300 (Cross-site request forgery (CSRF) vulnerability in the cmisbrowser ser ...)
 	NOT-FOR-US: Alfreso Community Edition
 CVE-2014-9299
 	REJECTED
-CVE-2014-9374
+CVE-2014-9374 (Double free vulnerability in the WebSocket Server (res_http_websocket  ...)
 	- asterisk 1:13.1.0~dfsg-1 (bug #773230)
 	[jessie] - asterisk 1:11.13.1~dfsg-2
 	[wheezy] - asterisk <not-affected> (Web socket code not yet present)
 	[squeeze] - asterisk <not-affected> (Web socket code not yet present)
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-019.html
-CVE-2014-9323
+CVE-2014-9323 (The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x befo ...)
 	{DSA-3109-1 DLA-130-1 DLA-123-1}
 	- firebird2.5 2.5.3.26778.ds4-5 (bug #772880)
 	- firebird2.1 <removed>
@@ -2485,25 +2485,25 @@ CVE-2014-9298
 	REJECTED
 CVE-2014-9297
 	REJECTED
-CVE-2014-9296
+CVE-2014-9296 (The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 contin ...)
 	{DSA-3108-1 DLA-116-1}
 	- ntp 1:4.2.6.p5+dfsg-3.2 (bug #773576)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2670 (not yet open)
-CVE-2014-9295
+CVE-2014-9295 (Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allo ...)
 	{DSA-3108-1 DLA-116-1}
 	- ntp 1:4.2.6.p5+dfsg-3.2 (bug #773576)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2667 (not yet open)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2668 (not yet open)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2669 (not yet open)
-CVE-2014-9294
+CVE-2014-9294 (util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RN ...)
 	{DSA-3108-1 DLA-116-1}
 	- ntp 1:4.2.6.p5+dfsg-3.2 (bug #773576)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2666 (not yet open)
-CVE-2014-9293
+CVE-2014-9293 (The config_auth function in ntpd in NTP before 4.2.7p11, when an auth  ...)
 	{DSA-3108-1 DLA-116-1}
 	- ntp 1:4.2.6.p5+dfsg-3.2 (bug #773576)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2665 (not yet open)
-CVE-2014-9292
+CVE-2014-9292 (Server-side request forgery (SSRF) vulnerability in proxy.php in the j ...)
 	NOT-FOR-US: jRSS WordPress Plugin
 CVE-2014-9291
 	REJECTED
@@ -2519,33 +2519,33 @@ CVE-2014-9286
 	REJECTED
 CVE-2014-9285
 	REJECTED
-CVE-2014-9284
+CVE-2014-9284 (The Buffalo WHR-1166DHP 1.60 and earlier, WSR-600DHP 1.60 and earlier, ...)
 	NOT-FOR-US: Buffalo routers
-CVE-2014-9283
+CVE-2014-9283 (The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows remot ...)
 	NOT-FOR-US: BestWebSoft plugin for WordPress
-CVE-2014-9282
+CVE-2014-9282 (Directory traversal vulnerability in the Speed Root Explorer applicati ...)
 	NOT-FOR-US: Speed Root Explorer
-CVE-2014-9268
+CVE-2014-9268 (The AdView.AdViewer.1 ActiveX control in Autodesk Design Review (ADR)  ...)
 	NOT-FOR-US: Autodesk Design Review
-CVE-2014-9267
+CVE-2014-9267 (Heap-based buffer overflow in the PTC IsoView ActiveX control allows r ...)
 	NOT-FOR-US: PTC IsoView
-CVE-2014-9266
+CVE-2014-9266 (The STWConfig ActiveX control in Samsung SmartViewer does not properly ...)
 	NOT-FOR-US: Samsung SmartViewer
-CVE-2014-9265
+CVE-2014-9265 (Stack-based buffer overflow in the BackupToAvi method in the CNC_Ctrl  ...)
 	NOT-FOR-US: Samsung SmartViewer
-CVE-2014-9264
+CVE-2014-9264 (Stack-based buffer overflow in the .NET Data Provider in SAP SQL Anywh ...)
 	NOT-FOR-US: SAP SQL Anywhere
-CVE-2014-9263
+CVE-2014-9263 (Multiple buffer overflows in the PocketNetNVRMediaClientAxCtrl.NVRMedi ...)
 	NOT-FOR-US: 3S Pocketnet Tech VMS
-CVE-2014-9262
+CVE-2014-9262 (The Duplicator plugin in Wordpress before 0.5.10 allows remote authent ...)
 	NOT-FOR-US: Duplicator plugin in Wordpress
-CVE-2014-9261
+CVE-2014-9261 (The sanitize function in Codoforum 2.5.1 does not properly implement f ...)
 	NOT-FOR-US: Codoforum
-CVE-2014-9260
+CVE-2014-9260 (The basic_settings function in the download manager plugin for WordPre ...)
 	NOT-FOR-US: download manager plugin for WordPress
 CVE-2014-9259
 	RESERVED
-CVE-2014-9258
+CVE-2014-9258 (SQL injection vulnerability in ajax/getDropdownValue.php in GLPI befor ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2014-9257
@@ -2554,58 +2554,58 @@ CVE-2014-9256
 	RESERVED
 CVE-2014-9255
 	RESERVED
-CVE-2014-9254
+CVE-2014-9254 (bb_func_unsub.php in MiniBB 3.1 before 20141127 uses an incorrect regu ...)
 	NOT-FOR-US: MiniBB
-CVE-2014-9253
+CVE-2014-9253 (The default file type whitelist configuration in conf/mime.conf in the ...)
 	- dokuwiki 0.0.20140929.d-1 (bug #773429)
 	[jessie] - dokuwiki <no-dsa> (Minor issue)
 	[wheezy] - dokuwiki <no-dsa> (Minor issue)
 	[squeeze] - dokuwiki <no-dsa> (Minor issue)
 	NOTE: https://github.com/splitbrain/dokuwiki/commit/778ddf6f2cd9ed38b9db2d73e823b8c21243a960
 	NOTE: Advisory: http://security.szurek.pl/dokuwiki-20140929a-xss.html
-CVE-2014-9252
+CVE-2014-9252 (Zenoss Core through 5 Beta 3 stores cleartext passwords in the session ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-9251
+CVE-2014-9251 (Zenoss Core through 5 Beta 3 uses a weak algorithm to hash passwords,  ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-9250
+CVE-2014-9250 (Zenoss Core through 5 Beta 3 does not include the HTTPOnly flag in a S ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-9249
+CVE-2014-9249 (The default configuration of Zenoss Core before 5 allows remote attack ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-9248
+CVE-2014-9248 (Zenoss Core through 5 Beta 3 does not require complex passwords, which ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-9247
+CVE-2014-9247 (Zenoss Core through 5 Beta 3 allows remote authenticated users to obta ...)
 	- zenoss <itp> (bug #361253)
 CVE-2014-9246
 	REJECTED
-CVE-2014-9245
+CVE-2014-9245 (Zenoss Core through 5 Beta 3 allows remote attackers to obtain sensiti ...)
 	- zenoss <itp> (bug #361253)
 CVE-2014-9244
 	REJECTED
-CVE-2014-9243
+CVE-2014-9243 (Multiple cross-site scripting (XSS) vulnerabilities in WebsiteBaker 2. ...)
 	NOT-FOR-US: WebsiteBaker
-CVE-2014-9242
+CVE-2014-9242 (SQL injection vulnerability in admin/pages/modify.php in WebsiteBaker  ...)
 	NOT-FOR-US: WebsiteBaker
-CVE-2014-9241
+CVE-2014-9241 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBul ...)
 	NOT-FOR-US: MyBB
-CVE-2014-9240
+CVE-2014-9240 (SQL injection vulnerability in member.php in MyBB (aka MyBulletinBoard ...)
 	NOT-FOR-US: MyBB
-CVE-2014-9239
+CVE-2014-9239 (SQL injection vulnerability in the IPS Connect service (interface/ipsc ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2014-9238
+CVE-2014-9238 (D-link IP camera DCS-2103 with firmware 1.0.0 allows remote attackers  ...)
 	NOT-FOR-US: D-link DCS-2103
-CVE-2014-9237
+CVE-2014-9237 (SQL injection vulnerability in Proticaret E-Commerce 3.0 allows remote ...)
 	NOT-FOR-US: Proticaret E-Commerce
-CVE-2014-9236
+CVE-2014-9236 (Cross-site scripting (XSS) vulnerability in php/edit_photos.php in Zop ...)
 	- zoph <removed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2014/Nov/45
 	NOTE: https://github.com/jeroenrnl/zoph/issues/59
 	NOTE: The SQL injection and XSS claims appear to be mostly unfounded.
-CVE-2014-9235
+CVE-2014-9235 (Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes Pho ...)
 	- zoph <removed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2014/Nov/45
 	NOTE: https://github.com/jeroenrnl/zoph/issues/59
 	NOTE: The SQL injection and XSS claims appear to be mostly unfounded.
-CVE-2014-9234
+CVE-2014-9234 (Directory traversal vulnerability in cgi-bin/sddownload.cgi in D-link  ...)
 	NOT-FOR-US: D-link DCS-2103
 CVE-2014-9233
 	REJECTED
@@ -2613,143 +2613,143 @@ CVE-2014-9232
 	REJECTED
 CVE-2014-9231
 	REJECTED
-CVE-2014-9230
+CVE-2014-9230 (Cross-site scripting (XSS) vulnerability in the administration console ...)
 	NOT-FOR-US: Enforce Server in Symantec Data Loss Prevention
-CVE-2014-9229
+CVE-2014-9229 (Multiple SQL injection vulnerabilities in interface PHP scripts in the ...)
 	NOT-FOR-US: Symantec
-CVE-2014-9228
+CVE-2014-9228 (sysplant.sys in the Manager component in Symantec Endpoint Protection  ...)
 	NOT-FOR-US: Symantec
-CVE-2014-9227
+CVE-2014-9227 (Multiple untrusted search path vulnerabilities in the Manager componen ...)
 	NOT-FOR-US: Symantec
-CVE-2014-9226
+CVE-2014-9226 (The management server in Symantec Critical System Protection (SCSP) 5. ...)
 	NOT-FOR-US: Symantec Data Center Security
-CVE-2014-9225
+CVE-2014-9225 (The ajaxswing webui in the management server in Symantec Critical Syst ...)
 	NOT-FOR-US: Symantec Data Center Security
-CVE-2014-9224
+CVE-2014-9224 (Cross-site scripting (XSS) vulnerability in the ajaxswing webui in the ...)
 	NOT-FOR-US: Symantec Data Center Security
-CVE-2014-9223
+CVE-2014-9223 (Multiple buffer overflows in AllegroSoft RomPager, as used in Huawei H ...)
 	NOT-FOR-US: RomPager
 	NOTE: http://mis.fortunecook.ie/
-CVE-2014-9222
+CVE-2014-9222 (AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway  ...)
 	NOT-FOR-US: RomPager
 	NOTE: http://mis.fortunecook.ie/
-CVE-2014-9221
+CVE-2014-9221 (strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to ...)
 	{DSA-3118-1}
 	- strongswan 5.2.1-5
 	[squeeze] - strongswan <not-affected> (MODP_CUSTOM Diffie-Hellman group not implemented in 4.4.1)
-CVE-2014-9217
+CVE-2014-9217 (Graylog2 before 0.92 allows remote attackers to bypass LDAP authentica ...)
 	- graylog2 <itp> (bug #652273)
 CVE-2014-9216
 	RESERVED
-CVE-2014-9215
+CVE-2014-9215 (SQL injection vulnerability in the CheckEmail function in includes/fun ...)
 	NOT-FOR-US: PBBoard
 CVE-2014-9214
 	RESERVED
 CVE-2014-9213
 	RESERVED
-CVE-2014-9212
+CVE-2014-9212 (Multiple cross-site scripting (XSS) vulnerabilities in Altitude uAgent ...)
 	NOT-FOR-US: Altitude uAgent
 CVE-2014-9211
 	RESERVED
 CVE-2014-9210
 	REJECTED
-CVE-2014-9209
+CVE-2014-9209 (Untrusted search path vulnerability in the Clean Utility application i ...)
 	NOT-FOR-US: Rockwell Automation FactoryTalk Services Platform
-CVE-2014-9208
+CVE-2014-9208 (Multiple stack-based buffer overflows in unspecified DLL files in Adva ...)
 	NOT-FOR-US: Advantech
-CVE-2014-9207
+CVE-2014-9207 (Untrusted search path vulnerability in CmnView.exe in CIMON CmnView 2. ...)
 	NOT-FOR-US: CIMON CmnView
-CVE-2014-9206
+CVE-2014-9206 (Stack-based buffer overflow in Device Type Manager (DTM) 3.1.6 and ear ...)
 	NOT-FOR-US: Schneider Electric Invensys
-CVE-2014-9205
+CVE-2014-9205 (Stack-based buffer overflow in the PmBase64Decode function in an unspe ...)
 	NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2014-9204
+CVE-2014-9204 (Stack-based buffer overflow in OPCTest.exe in Rockwell Automation RSLi ...)
 	NOT-FOR-US: OPCTest.exe in Rockwell Automation RSLinx Classic
-CVE-2014-9203
+CVE-2014-9203 (Buffer overflow in the Field Device Tool (FDT) Frame application in th ...)
 	NOT-FOR-US: HART Device Type Manager (DTM) library
-CVE-2014-9202
+CVE-2014-9202 (Multiple stack-based buffer overflows in an unspecified DLL file in Ad ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-9201
+CVE-2014-9201 (Beckwith Electric M-6200 Digital Voltage Regulator Control with firmwa ...)
 	NOT-FOR-US: Beckwith Electric digital voltage regulators
-CVE-2014-9200
+CVE-2014-9200 (Stack-based buffer overflow in an unspecified DLL file in a DTM develo ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-9199
+CVE-2014-9199 (The Clorius Controls Java web client before 01.00.0009g allows remote  ...)
 	NOT-FOR-US: Clorius Controls Java web client
-CVE-2014-9198
+CVE-2014-9198 (The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gatew ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-9197
+CVE-2014-9197 (The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware b ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-9196
+CVE-2014-9196 (Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 ...)
 	NOT-FOR-US: Eaton Cooper Power Systems
-CVE-2014-9195
+CVE-2014-9195 (Phoenix Contact ProConOs and MultiProg do not require authentication,  ...)
 	NOT-FOR-US: Phoenix Contact ProConOs and MultiProg
-CVE-2014-9194
+CVE-2014-9194 (Arbiter 1094B GPS Substation Clock allows remote attackers to cause a  ...)
 	NOT-FOR-US: Arbiter 1094B GPS Substation Clock
-CVE-2014-9193
+CVE-2014-9193 (Innominate mGuard with firmware before 7.6.6 and 8.x before 8.1.4 allo ...)
 	NOT-FOR-US: Innominate mGuard
-CVE-2014-9192
+CVE-2014-9192 (Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 t ...)
 	NOT-FOR-US: Trihedral Engineering VTScada
-CVE-2014-9191
+CVE-2014-9191 (The CodeWrights HART Device Type Manager (DTM) library in Emerson HART ...)
 	NOT-FOR-US: Emerson HART DTM
-CVE-2014-9190
+CVE-2014-9190 (Stack-based buffer overflow in Schneider Electric Wonderware InTouch A ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2014-9189
 	RESERVED
-CVE-2014-9188
+CVE-2014-9188 (Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Elec ...)
 	NOT-FOR-US: Schneider Electric ProClima
 CVE-2014-9187
 	RESERVED
 CVE-2014-9186
 	RESERVED
-CVE-2014-9185
+CVE-2014-9185 (Static code injection vulnerability in install.php in Morfy CMS 1.05 a ...)
 	NOT-FOR-US: Morfy CMS
-CVE-2014-9184
+CVE-2014-9184 (ZTE ZXDSL 831CII allows remote attackers to bypass authentication via  ...)
 	NOT-FOR-US: ZTE ZXDSL Modem
-CVE-2014-9183
+CVE-2014-9183 (ZTE ZXDSL 831CII has a default password of admin for the admin account ...)
 	NOT-FOR-US: ZTE ZDSL Modem
-CVE-2014-9182
+CVE-2014-9182 (models/comment.php in Anchor CMS 0.9.2 and earlier allows remote attac ...)
 	NOT-FOR-US: Anchor CMS
-CVE-2014-9181
+CVE-2014-9181 (Multiple directory traversal vulnerabilities in Plex Media Server befo ...)
 	NOT-FOR-US: Plex Media Server
-CVE-2014-9180
+CVE-2014-9180 (Open redirect vulnerability in go.php in Eleanor CMS allows remote att ...)
 	NOT-FOR-US: Eleanor CMS
-CVE-2014-9179
+CVE-2014-9179 (Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket Sys ...)
 	NOT-FOR-US: SupportEzzy Ticket System plugin for WordPress
-CVE-2014-9178
+CVE-2014-9178 (Multiple SQL injection vulnerabilities in classes/ajax.php in the Smar ...)
 	NOT-FOR-US: Smarty Pants Plugin for WordPress
-CVE-2014-9177
+CVE-2014-9177 (The HTML5 MP3 Player with Playlist Free plugin before 2.7 for WordPres ...)
 	NOT-FOR-US: Playlist Free WordPress Plugin
-CVE-2014-9176
+CVE-2014-9176 (Cross-site scripting (XSS) vulnerability in the InstaSqueeze Sexy Sque ...)
 	NOT-FOR-US: InstaSqueeze Sexy Squeeze Pages plugin for WordPress
-CVE-2014-9175
+CVE-2014-9175 (SQL injection vulnerability in wpdatatables.php in the wpDataTables pl ...)
 	NOT-FOR-US: wpDataTables WordPress Plugin
-CVE-2014-9174
+CVE-2014-9174 (Cross-site scripting (XSS) vulnerability in the Google Analytics by Yo ...)
 	NOT-FOR-US: Google Analytics by Yoast (google-analytics-for-wordpress) plugin for WordPress
-CVE-2014-9173
+CVE-2014-9173 (SQL injection vulnerability in view.php in the Google Doc Embedder plu ...)
 	NOT-FOR-US: Google Doc Embedder plugin for WordPress
-CVE-2014-9474
+CVE-2014-9474 (Buffer overflow in the mpfr_strtofr function in GNU MPFR before 3.1.2- ...)
 	- mpfr4 3.1.2-2 (low; bug #772008)
 	[squeeze] - mpfr4 <no-dsa> (Minor issue)
 	[wheezy] - mpfr4 <no-dsa> (Minor issue)
 	NOTE: https://gforge.inria.fr/scm/viewvc.php?view=rev&root=mpfr&revision=9243
-CVE-2014-9275
+CVE-2014-9275 (UnRTF allows remote attackers to cause a denial of service (out-of-bou ...)
 	{DSA-3158-1 DLA-133-1}
 	- unrtf 0.21.5-2 (bug #772811)
 	NOTE: https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00000.html
 	NOTE: https://lists.gnu.org/archive/html/bug-unrtf/2014-12/msg00001.html
 	NOTE: Patch: https://bitbucket.org/medoc/unrtf-int/commits/1df886f2e65f7c512a6217588ae8d94d4bcbc63d
 	NOTE: Patch: https://bitbucket.org/medoc/unrtf-int/commits/3c7ff3f888de0f0d957fe67b6bd4bec9c0d475f3
-CVE-2014-9274
+CVE-2014-9274 (UnRTF allows remote attackers to cause a denial of service (crash) and ...)
 	{DSA-3158-1 DLA-133-1}
 	- unrtf 0.21.5-2 (bug #772811)
 	NOTE: https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html
 	NOTE: https://lists.gnu.org/archive/html/bug-unrtf/2014-12/msg00000.html
 	NOTE: Patch: https://bitbucket.org/medoc/unrtf-int/commits/b0cef89a170a66bc48f8dd288ce562ea8ca91f7a
-CVE-2014-9278
+CVE-2014-9278 (The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 a ...)
 	- openssh <not-affected> (patch not applied to Debian)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1169843
 	NOTE: Patch https://bugzilla.mindrot.org/show_bug.cgi?id=1867 from not applied in Debian
-CVE-2014-9277
+CVE-2014-9277 (The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki bef ...)
 	{DSA-3100-1}
 	- mediawiki 1:1.19.20+dfsg-2.1 (bug #772764)
 	[squeeze] - mediawiki <end-of-life>
@@ -2757,19 +2757,19 @@ CVE-2014-9277
 	NOTE: backported patches for 1.19:
 	NOTE: https://gerrit.wikimedia.org/r/#/c/175725/
 	NOTE: https://gerrit.wikimedia.org/r/#/c/175960/
-CVE-2014-9276
+CVE-2014-9276 (Cross-site request forgery (CSRF) vulnerability in the Special:Expande ...)
 	- mediawiki <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=71111
 	NOTE: No special expand templates before 1.23.x but available as extension.
-CVE-2014-9220
+CVE-2014-9220 (SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x be ...)
 	NOT-FOR-US: OpenVAS Manager
-CVE-2014-9219
+CVE-2014-9219 (Cross-site scripting (XSS) vulnerability in the redirection feature in ...)
 	- phpmyadmin 4:4.2.12-2 (bug #774194)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/9b2479b7216dd91a6cc2f231c0fd6b85d457f6e2
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php
-CVE-2014-9218
+CVE-2014-9218 (libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x be ...)
 	{DSA-3382-1 DLA-336-1}
 	- phpmyadmin 4:4.2.12-2 (low; bug #774194)
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/1ac863c7573d12012374d5d41e5c7dc5505ea6e1 (master)
@@ -2786,65 +2786,65 @@ CVE-2014-9168
 	REJECTED
 CVE-2014-9167
 	REJECTED
-CVE-2014-9166
+CVE-2014-9166 (Adobe ColdFusion 10 before Update 15 and 11 before Update 3 allows att ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2014-9165
+CVE-2014-9165 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-9164
+CVE-2014-9164 (Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-9163
+CVE-2014-9163 (Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 an ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-9162
+CVE-2014-9162 (Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-9161
+CVE-2014-9161 (CoolType.dll in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x  ...)
 	NOT-FOR-US: Adobe
-CVE-2014-9160
+CVE-2014-9160 (Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x  ...)
 	NOT-FOR-US: Adobe
-CVE-2014-9159
+CVE-2014-9159 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-9158
+CVE-2014-9158 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 o ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-9155
+CVE-2014-9155 (Directory traversal vulnerability in the Avatar Uploader module 6.x-1. ...)
 	NOT-FOR-US: Avatar Uploader module for Drupal
-CVE-2014-9154
+CVE-2014-9154 (The Notify module 7.x-1.x before 7.x-1.1 for Drupal does not properly  ...)
 	NOT-FOR-US: Notify module for Drupal
-CVE-2014-9153
+CVE-2014-9153 (Cross-site scripting (XSS) vulnerability in the Services module 7.x-3. ...)
 	NOT-FOR-US: Services module for Drupal
-CVE-2014-9152
+CVE-2014-9152 (The _user_resource_create function in the Services module 7.x-3.x befo ...)
 	NOT-FOR-US: Services module for Drupal
-CVE-2014-9151
+CVE-2014-9151 (The Services module 7.x-3.x before 7.x-3.10 for Drupal does not proper ...)
 	NOT-FOR-US: Services module for Drupal
-CVE-2014-9150
+CVE-2014-9150 (Race condition in the MoveFileEx call hook feature in Adobe Reader and ...)
 	NOT-FOR-US: Adobe
 CVE-2014-9149
 	RESERVED
-CVE-2014-9148
+CVE-2014-9148 (Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access res ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2014-9147
+CVE-2014-9147 (Fiyo CMS 2.0.1.8 allows remote attackers to obtain sensitive informati ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2014-9146
+CVE-2014-9146 (Multiple cross-site scripting (XSS) vulnerabilities in Fiyo CMS 2.0.1. ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2014-9145
+CVE-2014-9145 (Multiple SQL injection vulnerabilities in Fiyo CMS 2.0.1.8 allow remot ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2014-9144
+CVE-2014-9144 (Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attac ...)
 	NOT-FOR-US: Technicolor routers
-CVE-2014-9143
+CVE-2014-9143 (Open redirect vulnerability in Technicolor Router TD5130 with firmware ...)
 	NOT-FOR-US: Technicolor routers
-CVE-2014-9142
+CVE-2014-9142 (Cross-site scripting (XSS) vulnerability in Technicolor Router TD5130  ...)
 	NOT-FOR-US: Technicolor routers
-CVE-2014-9141
+CVE-2014-9141 (The installer in Thomson Reuters Fixed Assets CS 13.1.4 and earlier us ...)
 	NOT-FOR-US: Thomson Reuters Fixed Assets
 CVE-2014-9139
 	RESERVED
 CVE-2014-9138
 	RESERVED
-CVE-2014-9137
+CVE-2014-9137 (Huawei USG9500 with software V200R001C01SPC800 and earlier versions, V ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9136
+CVE-2014-9136 (Huawei FusionManager with software V100R002C03 and V100R003C00 could a ...)
 	NOT-FOR-US: Huawei
-CVE-2014-9135
+CVE-2014-9135 (The PackageInstaller module in Huawei P7-L10 smartphones before V100R0 ...)
 	NOT-FOR-US: PackageInstaller module in Huawei P7-L10
-CVE-2014-9134
+CVE-2014-9134 (Unrestricted file upload vulnerability in Huawei Honor Cube Wireless R ...)
 	NOT-FOR-US: Huawei Wireless Router
 CVE-2014-9133
 	RESERVED
@@ -2868,17 +2868,17 @@ CVE-2014-9122
 	RESERVED
 CVE-2014-9121
 	RESERVED
-CVE-2014-9120
+CVE-2014-9120 (Cross-site scripting (XSS) vulnerability in Subrion CMS before 3.2.3 a ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2014-9119
+CVE-2014-9119 (Directory traversal vulnerability in download.php in the DB Backup plu ...)
 	NOT-FOR-US: WordPress plugin db-backup
-CVE-2014-9118
+CVE-2014-9118 (The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 ...)
 	NOT-FOR-US: ZHONE Router
-CVE-2014-9115
+CVE-2014-9115 (SQL injection vulnerability in the rate_picture function in include/fu ...)
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2014-9113
+CVE-2014-9113 (CCH Wolters Kluwer ProSystem fx Engagement (aka PFX Engagement) 7.1 an ...)
 	NOT-FOR-US: PFX Engagement
 CVE-2014-9111
 	RESERVED
@@ -2894,27 +2894,27 @@ CVE-2014-9106
 	RESERVED
 CVE-2014-9105
 	RESERVED
-CVE-2014-9104
+CVE-2014-9104 (Multiple cross-site request forgery (CSRF) vulnerabilities in the XML- ...)
 	NOT-FOR-US: Desktop Client in OpenVPN Access Server
-CVE-2014-9103
+CVE-2014-9103 (Multiple cross-site scripting (XSS) vulnerabilities in the Kunena comp ...)
 	NOT-FOR-US: Kunena component for Joomla!
-CVE-2014-9102
+CVE-2014-9102 (Multiple SQL injection vulnerabilities in the Kunena component before  ...)
 	NOT-FOR-US: Kunena component for Joomla!
-CVE-2014-9101
+CVE-2014-9101 (Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall 1 ...)
 	NOT-FOR-US: Oxwall and SkaDate Lite
-CVE-2014-9100
+CVE-2014-9100 (Cross-site scripting (XSS) vulnerability in the WhyDoWork AdSense plug ...)
 	NOT-FOR-US: WhyDoWork AdSense plugin for WordPress
-CVE-2014-9099
+CVE-2014-9099 (Cross-site request forgery (CSRF) vulnerability in the WhyDoWork AdSen ...)
 	NOT-FOR-US: WhyDoWork AdSense plugin for WordPress
-CVE-2014-9098
+CVE-2014-9098 (Multiple cross-site scripting (XSS) vulnerabilities in the Apptha Word ...)
 	NOT-FOR-US: Apptha WordPress Plugin
-CVE-2014-9097
+CVE-2014-9097 (Multiple SQL injection vulnerabilities in the Apptha WordPress Video G ...)
 	NOT-FOR-US: Apptha WordPress Plugin
-CVE-2014-9096
+CVE-2014-9096 (Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0 ...)
 	NOT-FOR-US: Pligg
-CVE-2014-9095
+CVE-2014-9095 (Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4 ...)
 	NOT-FOR-US: Raritan Power IQ
-CVE-2014-9094
+CVE-2014-9094 (Multiple cross-site scripting (XSS) vulnerabilities in deploy/designer ...)
 	NOT-FOR-US: Digital Zoom Studio (DZS) Video Gallery plugin for WordPress
 CVE-2014-9088
 	RESERVED
@@ -2958,10 +2958,10 @@ CVE-2014-9068
 	RESERVED
 CVE-2014-9067
 	RESERVED
-CVE-2014-9066
+CVE-2014-9066 (Xen 4.4.x and earlier, when using a large number of VCPUs, does not pr ...)
 	- xen <unfixed> (unimportant)
 	NOTE: Architectual/design limitation, not treated as a security issue
-CVE-2014-9065
+CVE-2014-9065 (common/spinlock.c in Xen 4.4.x and earlier does not properly handle re ...)
 	- xen 4.4.1-6
 	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
 	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
@@ -2973,14 +2973,14 @@ CVE-2014-9062
 	RESERVED
 CVE-2014-9061
 	RESERVED
-CVE-2014-9060
+CVE-2014-9060 (The LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x bef ...)
 	- moodle 2.7.5+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47927
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=275165
 CVE-2014-9058
 	RESERVED
-CVE-2014-9057
+CVE-2014-9057 (SQL injection vulnerability in the XML-RPC interface in Movable Type b ...)
 	{DSA-3183-1}
 	- movabletype-opensource <removed> (bug #774192)
 	[squeeze] - movabletype-opensource <end-of-life> (Not supported in Squeeze LTS)
@@ -2998,120 +2998,120 @@ CVE-2014-9052
 	RESERVED
 CVE-2014-9051
 	RESERVED
-CVE-2014-9049
+CVE-2014-9049 (The documents application in ownCloud Server 6.x before 6.0.6 and 7.x  ...)
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-025
-CVE-2014-9048
+CVE-2014-9048 (The documents application in ownCloud Server 6.x before 6.0.6 and 7.x  ...)
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-024
-CVE-2014-9047
+CVE-2014-9047 (Multiple unspecified vulnerabilities in the preview system in ownCloud ...)
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-026
-CVE-2014-9046
+CVE-2014-9046 (The OC_Util::getUrlContent function in ownCloud Server before 5.0.18,  ...)
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-023
-CVE-2014-9045
+CVE-2014-9045 (The FTP backend in user_external in ownCloud Server before 5.0.18 and  ...)
 	- owncloud 7~20140504+dfsg-1
 	NOTE: Only affects 5.x and 6.x, so marking first 7 release as fixed
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-022
-CVE-2014-9044
+CVE-2014-9044 (Asset Pipeline in ownCloud 7.x before 7.0.3 uses an MD5 hash of the ab ...)
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-021
-CVE-2014-9043
+CVE-2014-9043 (The user_ldap (aka LDAP user and group backend) application in ownClou ...)
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-020
-CVE-2014-9042
+CVE-2014-9042 (Cross-site scripting (XSS) vulnerability in the import functionality i ...)
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-028
-CVE-2014-9041
+CVE-2014-9041 (The import functionality in the bookmarks application in ownCloud serv ...)
 	- owncloud 7.0.3+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-019
 CVE-2014-9040
 	RESERVED
-CVE-2014-9029
+CVE-2014-9029 (Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jp ...)
 	{DSA-3089-1 DLA-101-1}
 	- jasper 1.900.1-debian1-2.2 (bug #772036)
-CVE-2014-9027
+CVE-2014-9027 (Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDS ...)
 	NOT-FOR-US: ZTE ZXDSL 831CII
-CVE-2014-9026
+CVE-2014-9026 (The Ubercart module 7.x-3.x before 7.x-3.7 for Drupal does not properl ...)
 	NOT-FOR-US: Ubercart module for Drupal
-CVE-2014-9025
+CVE-2014-9025 (The default checkout completion rule in the commerce_order module in t ...)
 	NOT-FOR-US: Drupal Commerce module for Drupal
-CVE-2014-9024
+CVE-2014-9024 (The Protected Pages module 7.x-2.x before 7.x-2.4 for Drupal allows re ...)
 	NOT-FOR-US: Protected Pages module for Drupal
-CVE-2014-9023
+CVE-2014-9023 (The Twilio module 7.x-1.x before 7.x-1.9 for Drupal does not properly  ...)
 	NOT-FOR-US: Twilio module for Drupal
-CVE-2014-9022
+CVE-2014-9022 (The Webform Component Roles module 6.x-1.x before 6.x-1.8 and 7.x-1.x  ...)
 	NOT-FOR-US: Webform Component Roles module for Drupal
-CVE-2014-9021
+CVE-2014-9021 (Multiple cross-site scripting (XSS) vulnerabilities in ZTE ZXDSL 831 a ...)
 	NOT-FOR-US: ZTE ZXDSL 831
-CVE-2014-9020
+CVE-2014-9020 (Cross-site scripting (XSS) vulnerability in the Quick Stats page (psil ...)
 	NOT-FOR-US: ZTE ZXDSL 831 and 831CII
-CVE-2014-9019
+CVE-2014-9019 (Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDS ...)
 	NOT-FOR-US: ZTE ZXDSL 831CII
-CVE-2014-9017
+CVE-2014-9017 (Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 (buil ...)
 	NOT-FOR-US: OpenKM
-CVE-2014-9156
+CVE-2014-9156 (The FileField module 6.x-3.x before 6.x-3.13 for Drupal does not prope ...)
 	NOT-FOR-US: Drupal module FileField
-CVE-2014-9129
+CVE-2014-9129 (Cross-site request forgery (CSRF) vulnerability in the CreativeMinds C ...)
 	NOT-FOR-US: WordPress plugin cm-download-manager
-CVE-2014-8123
+CVE-2014-8123 (Buffer overflow in the bGetPPS function in wordole.c in Antiword 0.37  ...)
 	- antiword 0.37-5 (bug #771768)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/12/01/4
 	NOTE: This actually was fixed long time ago in https://bugs.debian.org/407015
-CVE-2014-8104
+CVE-2014-8104 (OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before ...)
 	{DSA-3084-1 DLA-98-1}
 	- openvpn 2.3.4-5
 	NOTE: https://github.com/OpenVPN/openvpn/commit/c5590a6821e37f3b29735f55eb0c2b9c0924138c
 	NOTE: http://web.archive.org/web/20150514123219/https://forums.openvpn.net/topic17625.html
-CVE-2014-9272
+CVE-2014-9272 (The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x befo ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/05378e00
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17297
-CVE-2014-9281
+CVE-2014-9281 (Cross-site scripting (XSS) vulnerability in admin/copy_field.php in Ma ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/e5fc835a
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17876
-CVE-2014-9271
+CVE-2014-9271 (Cross-site scripting (XSS) vulnerability in file_download.php in Manti ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17874
 	NOTE: http://github.com/mantisbt/mantisbt/commit/9fb8cf36f
-CVE-2014-9270
+CVE-2014-9270 (Cross-site scripting (XSS) vulnerability in the projax_array_serialize ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/0bff06ec
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17583
-CVE-2014-9269
+CVE-2014-9269 (Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/511564cc
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17890
-CVE-2014-9280
+CVE-2014-9280 (The current_user_get_bug_filter function in core/current_user_api.php  ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/599364b2
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17875
-CVE-2014-9279
+CVE-2014-9279 (The print_test_result function in admin/upgrade_unattended.php in Mant ...)
 	- mantis <removed> (unimportant)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/0826cef8
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17877
 	NOTE: unimportant, source affected but unrelevant for Debian, upgrade_unattended.php removed also in binary package
-CVE-2014-9140
+CVE-2014-9140 (Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6 ...)
 	{DSA-3086-1 DLA-102-1}
 	- tcpdump 4.6.2-3
 	NOTE: https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda
 	NOTE: http://seclists.org/tcpdump/2014/q4/72
-CVE-2014-9130
+CVE-2014-9130 (scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka ...)
 	{DSA-3115-1 DSA-3103-1 DSA-3102-1 DLA-127-1 DLA-110-1 DLA-109-1}
 	- libyaml 0.1.6-3 (bug #771366)
 	- libyaml-libyaml-perl 0.41-6 (bug #771365)
@@ -3120,24 +3120,24 @@ CVE-2014-9130
 	NOTE: https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
 	NOTE: for pyyaml: might be need to be removed here (no-CVE assigned) or separate CVE
 	NOTE: for pyyaml: https://bitbucket.org/xi/pyyaml/commits/ddf211a41bb231c365fece5599b7e484e6dc33fc/raw/
-CVE-2014-9117
+CVE-2014-9117 (MantisBT before 1.2.18 uses the public_key parameter value as the key  ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/7bb78e4581ff1092c811ea96582fe602624cdcdd
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17811
-CVE-2014-9116
+CVE-2014-9116 (The write_one_header function in mutt 1.5.23 does not properly handle  ...)
 	{DSA-3083-1 DLA-100-1}
 	- mutt 1.5.23-2 (bug #771125)
 	NOTE: Detailed analysis in https://bugzilla.redhat.com/show_bug.cgi?id=1168463#c4
 	NOTE: Upstream bugreport: http://dev.mutt.org/trac/ticket/3716
-CVE-2014-9114
+CVE-2014-9114 (Blkid in util-linux before 2.26rc-1 allows local users to execute arbi ...)
 	- util-linux 2.25.2-4 (bug #771274)
 	[squeeze] - util-linux <no-dsa> (Minor issue)
 	[wheezy] - util-linux <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/11/26/13
 	NOTE: https://github.com/karelzak/util-linux/commit/89e90ae7b2826110ea28c1c0eb8e7c56c3907bdc
-CVE-2014-9112
+CVE-2014-9112 (Heap-based buffer overflow in the process_copy_in function in GNU Cpio ...)
 	{DSA-3111-1 DLA-111-1}
 	- cpio 2.11+dfsg-4 (bug #772793)
 	NOTE: http://lcamtuf.coredump.cx/afl/vulns/lesspipe-cpio-bad-write.cpio
@@ -3147,37 +3147,37 @@ CVE-2014-9112
 	NOTE: http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=58df4f1b (fixup of former commit)
 	NOTE: http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=fd262d11 (fix null deref)
 	NOTE: http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=f6a8a2cb (fix test suite in former commit)
-CVE-2014-9089
+CVE-2014-9089 (Multiple SQL injection vulnerabilities in view_all_bug_page.php in Man ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17841
 	NOTE: http://github.com/mantisbt/mantisbt/commit/b0021673
-CVE-2014-9273
+CVE-2014-9273 (lib/handle.c in Hivex before 1.3.11 allows local users to execute arbi ...)
 	- hivex 1.3.11-1 (low)
 	[jessie] - hivex 1.3.10-2+deb8u1
 	[wheezy] - hivex <no-dsa> (Minor issue)
 	[squeeze] - hivex <no-dsa> (Minor issue)
 	NOTE: https://github.com/libguestfs/hivex/commit/357f26fa64fd1d9ccac2331fe174a8ee9c607adb
 	NOTE: https://github.com/libguestfs/hivex/commit/4bbdf555f88baeae0fa804a369a81a83908bd705
-CVE-2014-9087
+CVE-2014-9087 (Integer underflow in the ksba_oid_to_str function in Libksba before 1. ...)
 	{DSA-3078-1 DLA-141-1}
 	- libksba 1.3.2-1 (bug #770972)
 	- gnupg2 <not-affected> (Fixed before entering unstable; affected only 2.1 and betas)
 	NOTE: http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html
 	NOTE: Upstream commit: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=f715b9e156dfa99ae829fc694e5a0abd23ef97d7
-CVE-2014-9157
+CVE-2014-9157 (Format string vulnerability in the yyerror function in lib/cgraph/scan ...)
 	{DSA-3098-1 DLA-105-1}
 	- graphviz 2.38.0-7 (bug #772648)
 	NOTE: https://github.com/ellson/graphviz/commit/99eda421f7ddc27b14e4ac1d2126e5fe41719081
-CVE-2014-9471
+CVE-2014-9471 (The parse_datetime function in GNU coreutils allows remote attackers t ...)
 	- coreutils 8.23-1 (low)
 	[wheezy] - coreutils <no-dsa> (Minor issue)
 	[squeeze] - coreutils <no-dsa> (Minor issue)
 	NOTE: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16872
 	NOTE: http://debbugs.gnu.org/cgi/bugreport.cgi?msg=11;filename=date-tz-crash.patch;att=1;bug=16872
 	NOTE: http://debbugs.gnu.org/cgi/bugreport.cgi?msg=19;filename=coreutils-date-crash.patch;att=1;bug=16872
-CVE-2014-9365
+CVE-2014-9365 (The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4)  ...)
 	- python2.5 <removed>
 	[squeeze] - python2.5 <no-dsa> (Too intrusive to backport)
 	- python2.6 <removed>
@@ -3193,78 +3193,78 @@ CVE-2014-9365
 	- python3.4 3.4.2-2
 	[jessie] - python3.4 <no-dsa> (Backporting to stable would break existing applications)
 	NOTE: http://bugs.python.org/issue22417
-CVE-2014-9351
+CVE-2014-9351 (engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote ...)
 	- teeworlds 0.6.2+dfsg-2 (bug #770514)
 	[wheezy] - teeworlds <no-dsa> (Minor issue)
 	[squeeze] - teeworlds <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/teeworlds/teeworlds/commit/a766cb44bcffcdb0b88e776d01c5ee1323d44f85
 	NOTE: https://www.teeworlds.com/?page=news&id=11200
-CVE-2014-9093
+CVE-2014-9093 (LibreOffice before 4.3.5 allows remote attackers to cause a denial of  ...)
 	{DSA-3163-1}
 	- libreoffice 1:4.3.3-2 (bug #771163)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=86449
 	NOTE: http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-4-3&id=b4840d3632e4404bee4bd192a7db916cbad3a401
 	NOTE: fixed in experimental with 1:4.4.0~beta1-1
-CVE-2014-9092
+CVE-2014-9092 (libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial o ...)
 	- libjpeg-turbo 1:1.3.1-11 (bug #768369)
-CVE-2014-9090
+CVE-2014-9090 (The do_double_fault function in arch/x86/kernel/traps.c in the Linux k ...)
 	{DSA-3093-1 DLA-103-1}
 	- linux 3.16.7-ckt2-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6f442be2fb22be02cafa606f1769fa1e6f894441 (v3.18-rc6)
-CVE-2014-9059
+CVE-2014-9059 (lib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x befo ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47966
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=275146
-CVE-2014-9050
+CVE-2014-9050 (Heap-based buffer overflow in the cli_scanpe function in libclamav/pe. ...)
 	{DLA-95-1}
 	- clamav 0.98.5+dfsg-1 (bug #770985)
 	[wheezy] - clamav 0.98.5+dfsg-0+deb7u1
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11155
 	NOTE: Upstream commit: https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e
-CVE-2014-9039
+CVE-2014-9039 (wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x befo ...)
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: Upstream patch: http://core.trac.wordpress.org/changeset/30431
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
-CVE-2014-9038
+CVE-2014-9038 (wp-includes/http.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3. ...)
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
 	NOTE: Upstream patch: https://core.trac.wordpress.org/changeset/30444
-CVE-2014-9037
+CVE-2014-9037 (WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4. ...)
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
-CVE-2014-9036
+CVE-2014-9036 (Cross-site scripting (XSS) vulnerability in WordPress before 3.7.5, 3. ...)
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
-CVE-2014-9035
+CVE-2014-9035 (Cross-site scripting (XSS) vulnerability in Press This in WordPress be ...)
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
-CVE-2014-9034
+CVE-2014-9034 (wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3 ...)
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
 	NOTE: Upstream patch: http://core.trac.wordpress.org/changeset/30467
-CVE-2014-9033
+CVE-2014-9033 (Cross-site request forgery (CSRF) vulnerability in wp-login.php in Wor ...)
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
 	NOTE: Upstream patch: http://core.trac.wordpress.org/changeset/30418
-CVE-2014-9032
+CVE-2014-9032 (Cross-site scripting (XSS) vulnerability in the media-playlists featur ...)
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	[wheezy] - wordpress <not-affected> (Affects 3.9, 3.9.1, 3.9.2, 4.0 only)
 	[squeeze] - wordpress <not-affected> (Affects 3.9, 3.9.1, 3.9.2, 4.0 only)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
-CVE-2014-9031
+CVE-2014-9031 (Cross-site scripting (XSS) vulnerability in the wptexturize function i ...)
 	{DSA-3085-1 DLA-236-1}
 	- wordpress 4.0.1+dfsg-1 (bug #770425)
 	NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
-CVE-2014-9028
+CVE-2014-9028 (Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 ...)
 	{DSA-3082-1 DLA-99-1}
 	- flac 1.3.0-3 (bug #770918)
 	NOTE: Upstream patches:
@@ -3286,68 +3286,68 @@ CVE-2014-9008
 	RESERVED
 CVE-2014-9007
 	RESERVED
-CVE-2014-9006
+CVE-2014-9006 (Monstra 3.0.1 and earlier uses a cookie to track how many login attemp ...)
 	NOT-FOR-US: Monstra
-CVE-2014-9005
+CVE-2014-9005 (Multiple SQL injection vulnerabilities in vldPersonals before 2.7.1 al ...)
 	NOT-FOR-US: vldPersonals
-CVE-2014-9004
+CVE-2014-9004 (Cross-site scripting (XSS) vulnerability in vldPersonals before 2.7.1  ...)
 	NOT-FOR-US: vldPersonals
-CVE-2014-9003
+CVE-2014-9003 (Cross-site request forgery (CSRF) vulnerability in Lantronix xPrintSer ...)
 	NOT-FOR-US: Lantronix xPrintServer
-CVE-2014-9002
+CVE-2014-9002 (Lantronix xPrintServer does not properly restrict access to ips/, whic ...)
 	NOT-FOR-US: Lantronix xPrintServer
-CVE-2014-9001
+CVE-2014-9001 (reminders/index.php in Incredible PBX 11 2.0.6.5.0 allows remote authe ...)
 	NOT-FOR-US: Incredible PBX
-CVE-2014-9000
+CVE-2014-9000 (Mule Enterprise Management Console (MMC) does not properly restrict ac ...)
 	NOT-FOR-US: Mule Enterprise Management Console
-CVE-2014-8999
+CVE-2014-8999 (SQL injection vulnerability in htdocs/modules/system/admin.php in XOOP ...)
 	NOT-FOR-US: XOOPS
-CVE-2014-8998
+CVE-2014-8998 (lib/message.php in X7 Chat 2.0.0 through 2.0.5.1 allows remote authent ...)
 	NOT-FOR-US: X7 Chat
-CVE-2014-8997
+CVE-2014-8997 (Unrestricted file upload vulnerability in the Photo functionality in D ...)
 	NOT-FOR-US: DigitalVidhya Digi Online Examination System
-CVE-2014-8996
+CVE-2014-8996 (Multiple cross-site scripting (XSS) vulnerabilities in Nibbleblog befo ...)
 	NOT-FOR-US: Nibbleblog
-CVE-2014-8995
+CVE-2014-8995 (SQL injection vulnerability in Maarch LetterBox 2.8 allows remote atta ...)
 	NOT-FOR-US: Maarch LetterBox
-CVE-2014-8993
+CVE-2014-8993 (Cross-site scripting (XSS) vulnerability in the backend in Open-Xchang ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2014-8992
+CVE-2014-8992 (Cross-site scripting (XSS) vulnerability in manager/assets/fileapi/Fil ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2014-9030
+CVE-2014-9030 (The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x ...)
 	{DSA-3140-1}
 	- xen 4.4.1-4 (low; bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-9015
+CVE-2014-9015 (Drupal 6.x before 6.34 and 7.x before 7.34 allows remote attackers to  ...)
 	{DSA-3075-1}
 	- drupal7 7.32-1+deb8u1 (bug #770469)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2014-006
-CVE-2014-9016
+CVE-2014-9016 (The password hashing API in Drupal 7.x before 7.34 and the Secure Pass ...)
 	{DSA-3075-1}
 	- drupal7 7.32-1+deb8u1 (bug #770469)
 	- drupal6 <not-affected> (Only affects Drupal 7.x)
 	NOTE: https://www.drupal.org/SA-CORE-2014-006
-CVE-2014-9018
+CVE-2014-9018 (Icecast before 2.4.1 transmits the output of the on-connect script, wh ...)
 	- icecast2 2.4.0-1.1 (bug #770222)
 	[wheezy] - icecast2 <no-dsa> (Minor issue)
 	[squeeze] - icecast2 <no-dsa> (Minor issue)
 	NOTE: https://trac.xiph.org/ticket/2089
-CVE-2014-8994
+CVE-2014-8994 (The check_diskio plugin 3.2.6 and earlier for Nagios and Icinga allows ...)
 	NOT-FOR-US: check_diskio nagios/icinga plugin
-CVE-2014-8989
+CVE-2014-8989 (The Linux kernel through 3.17.4 does not properly restrict dropping of ...)
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <not-affected> (User namespaces only usable in later kernels)
 	NOTE: http://thread.gmane.org/gmane.linux.man/7385/
-CVE-2014-8986
+CVE-2014-8986 (Cross-site scripting (XSS) vulnerability in the selection list in the  ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/cabacdc291c251bfde0dc2a2c945c02cef41bf40
 	NOTE: https://github.com/mantisbt/mantisbt/commit/e326b73a (1.2.x)
-CVE-2014-8985
+CVE-2014-8985 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
 CVE-2014-8984
 	REJECTED
@@ -3383,13 +3383,13 @@ CVE-2014-8969
 	REJECTED
 CVE-2014-8968
 	REJECTED
-CVE-2014-8967
+CVE-2014-8967 (Use-after-free vulnerability in Microsoft Internet Explorer allows rem ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-8966
+CVE-2014-8966 (Microsoft Internet Explorer 6 through 8 allows remote attackers to exe ...)
 	NOT-FOR-US: Internet Explorer
 CVE-2014-8965
 	RESERVED
-CVE-2014-8964
+CVE-2014-8964 (Heap-based buffer overflow in PCRE 8.36 and earlier allows remote atta ...)
 	- pcre3 2:8.35-3.3 (bug #770478)
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
 	[squeeze] - pcre3 <no-dsa> (Minor issue)
@@ -3397,52 +3397,52 @@ CVE-2014-8964
 	NOTE: http://www.exim.org/viewvc/pcre2?revision=154&view=revision
 CVE-2014-8963
 	RESERVED
-CVE-2014-8962
+CVE-2014-8962 (Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3. ...)
 	{DSA-3082-1 DLA-99-1}
 	- flac 1.3.0-3 (bug #770918)
 	NOTE: https://git.xiph.org/?p=flac.git;a=patch;h=5b3033a2b355068c11fe637e14ac742d273f076e
 	NOTE: http://lists.xiph.org/pipermail/flac-dev/2014-November/005185.html
-CVE-2014-8961
+CVE-2014-8961 (Directory traversal vulnerability in libraries/error_report.lib.php in ...)
 	- phpmyadmin 4:4.2.12-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php
-CVE-2014-8960
+CVE-2014-8960 (Cross-site scripting (XSS) vulnerability in libraries/error_report.lib ...)
 	- phpmyadmin 4:4.2.12-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php
-CVE-2014-8959
+CVE-2014-8959 (Directory traversal vulnerability in libraries/gis/GIS_Factory.class.p ...)
 	- phpmyadmin 4:4.2.12-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php
-CVE-2014-8958
+CVE-2014-8958 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...)
 	{DSA-3382-1 DLA-336-1}
 	- phpmyadmin 4:4.2.12-1 (low)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/42b64e12b5f596366f94ef72365fd69a019ba820 and
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/c7685e5acd3f8e722f4f374c6fa821590865b68d need
 	NOTE: to be backported to 3.4
-CVE-2014-8957
+CVE-2014-8957 (Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 allow ...)
 	NOT-FOR-US: OpenKM
-CVE-2014-8956
+CVE-2014-8956 (Stack-based buffer overflow in the K7Sentry.sys kernel mode driver (ak ...)
 	NOT-FOR-US: K7 Computing
-CVE-2014-8955
+CVE-2014-8955 (Cross-site scripting (XSS) vulnerability in the Contact Form Clean and ...)
 	NOT-FOR-US: WordPress plugin clean-and-simple-contact-form-by-meg-nicholas
-CVE-2014-8954
+CVE-2014-8954 (Multiple cross-site scripting (XSS) vulnerabilities in phpSound 1.0.5  ...)
 	NOT-FOR-US: phpSound
-CVE-2014-8953
+CVE-2014-8953 (Multiple cross-site request forgery (CSRF) vulnerabilities in Php Scri ...)
 	NOT-FOR-US: Php Scriptlerim Who's Who
-CVE-2014-8952
+CVE-2014-8952 (Multiple unspecified vulnerabilities in Check Point Security Gateway R ...)
 	NOT-FOR-US: Check Point Security Gateway
-CVE-2014-8951
+CVE-2014-8951 (Unspecified vulnerability in Check Point Security Gateway R75, R76, R7 ...)
 	NOT-FOR-US: Check Point Security Gateway
-CVE-2014-8950
+CVE-2014-8950 (Unspecified vulnerability in Check Point Security Gateway R77 and R77. ...)
 	NOT-FOR-US: Check Point Security Gateway
-CVE-2014-8949
+CVE-2014-8949 (The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows rem ...)
 	NOT-FOR-US: WordPress plugin iMember360
-CVE-2014-8948
+CVE-2014-8948 (Cross-site request forgery (CSRF) vulnerability in the iMember360 plug ...)
 	NOT-FOR-US: WordPress plugin iMember360
 CVE-2014-8947
 	RESERVED
@@ -3484,43 +3484,43 @@ CVE-2014-8929
 	REJECTED
 CVE-2014-8928
 	REJECTED
-CVE-2014-8927
+CVE-2014-8927 (Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Met ...)
 	NOT-FOR-US: IBM
-CVE-2014-8926
+CVE-2014-8926 (Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Met ...)
 	NOT-FOR-US: IBM
-CVE-2014-8925
+CVE-2014-8925 (Cross-site request forgery (CSRF) vulnerability in ClearQuest Web in I ...)
 	NOT-FOR-US: IBM
-CVE-2014-8924
+CVE-2014-8924 (The server in IBM License Metric Tool 7.2.2 before IF15 and 7.5 before ...)
 	NOT-FOR-US: IBM
-CVE-2014-8923
+CVE-2014-8923 (The (1) IBM Tivoli Identity Manager Active Directory adapter before 5. ...)
 	NOT-FOR-US: IBM
 CVE-2014-8922
 	RESERVED
-CVE-2014-8921
+CVE-2014-8921 (The IBM Notes Traveler Companion application 1.0 and 1.1 before 201411 ...)
 	NOT-FOR-US: IBM Notes Traveler Companion
-CVE-2014-8920
+CVE-2014-8920 (Buffer overflow in the Data Transfer Program in IBM i Access 5770-XE1  ...)
 	NOT-FOR-US: IBM
 CVE-2014-8919
 	RESERVED
-CVE-2014-8918
+CVE-2014-8918 (IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 does not  ...)
 	NOT-FOR-US: IBM
-CVE-2014-8917
+CVE-2014-8917 (Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/ ...)
 	NOT-FOR-US: IBM
-CVE-2014-8916
+CVE-2014-8916 (Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform ...)
 	NOT-FOR-US: IBM
 CVE-2014-8915
 	RESERVED
-CVE-2014-8914
+CVE-2014-8914 (Cross-site scripting (XSS) vulnerability in the Process Portal in IBM  ...)
 	NOT-FOR-US: IBM
-CVE-2014-8913
+CVE-2014-8913 (Cross-site scripting (XSS) vulnerability in the Process Portal in IBM  ...)
 	NOT-FOR-US: IBM
-CVE-2014-8912
+CVE-2014-8912 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-8911
+CVE-2014-8911 (Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0. ...)
 	NOT-FOR-US: IBM Content Navigator
-CVE-2014-8910
+CVE-2014-8910 (IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 t ...)
 	NOT-FOR-US: IBM DB2
-CVE-2014-8909
+CVE-2014-8909 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2014-8908
 	RESERVED
@@ -3530,43 +3530,43 @@ CVE-2014-8906
 	RESERVED
 CVE-2014-8905
 	RESERVED
-CVE-2014-8904
+CVE-2014-8904 (lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows  ...)
 	NOT-FOR-US: IBM AIX, VIOS
-CVE-2014-8903
+CVE-2014-8903 (IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before  ...)
 	NOT-FOR-US: IBM
-CVE-2014-8902
+CVE-2014-8902 (Cross-site scripting (XSS) vulnerability in the Blog Portlet in IBM We ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-8901
+CVE-2014-8901 (IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 thro ...)
 	NOT-FOR-US: IBM
-CVE-2014-8900
+CVE-2014-8900 (Cross-site request forgery (CSRF) vulnerability in IBM UrbanCode Relea ...)
 	NOT-FOR-US: IBM
-CVE-2014-8899
+CVE-2014-8899 (Cross-site scripting (XSS) vulnerability in the Collaboration Server i ...)
 	NOT-FOR-US: IBM
-CVE-2014-8898
+CVE-2014-8898 (Cross-site scripting (XSS) vulnerability in the Collaboration Server i ...)
 	NOT-FOR-US: IBM
-CVE-2014-8897
+CVE-2014-8897 (Cross-site scripting (XSS) vulnerability in the Collaboration Server i ...)
 	NOT-FOR-US: IBM
-CVE-2014-8896
+CVE-2014-8896 (The Collaboration Server in IBM InfoSphere Master Data Management Serv ...)
 	NOT-FOR-US: IBM
-CVE-2014-8895
+CVE-2014-8895 (IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3. ...)
 	NOT-FOR-US: IBM
-CVE-2014-8894
+CVE-2014-8894 (Open redirect vulnerability in IBM TRIRIGA Application Platform 3.2.1. ...)
 	NOT-FOR-US: IBM
-CVE-2014-8893
+CVE-2014-8893 (Multiple cross-site scripting (XSS) vulnerabilities in (1) mainpage.js ...)
 	NOT-FOR-US: IBM
-CVE-2014-8892
+CVE-2014-8892 (Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK ...)
 	NOT-FOR-US: IBM Java
-CVE-2014-8891
+CVE-2014-8891 (Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK ...)
 	NOT-FOR-US: IBM Java
-CVE-2014-8890
+CVE-2014-8890 (IBM WebSphere Application Server Liberty Profile 8.5.x before 8.5.5.4  ...)
 	NOT-FOR-US: IBM
-CVE-2014-8889
+CVE-2014-8889 (Dropbox SDK for Android before 1.6.2 might allow remote attackers to o ...)
 	NOT-FOR-US: Dropbox SDK for Android
-CVE-2014-8888
+CVE-2014-8888 (The remote administration interface in D-Link DIR-815 devices with fir ...)
 	NOT-FOR-US: D-Link
-CVE-2014-8887
+CVE-2014-8887 (IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8. ...)
 	NOT-FOR-US: IBM Marketing Operations
-CVE-2014-8886
+CVE-2014-8886 (AVM FRITZ!OS before 6.30 extracts the contents of firmware updates bef ...)
 	NOT-FOR-US: AVM FRITZ!OS
 CVE-2014-8885
 	RESERVED
@@ -3580,15 +3580,15 @@ CVE-2014-8880
 	RESERVED
 CVE-2014-8879
 	RESERVED
-CVE-2014-8877
+CVE-2014-8877 (The alterSearchQuery function in lib/controllers/CmdownloadController. ...)
 	NOT-FOR-US: CreativeMinds CM Downloads Manager plugin for WordPress
 CVE-2014-8876
 	RESERVED
-CVE-2014-8875
+CVE-2014-8875 (The XML_RPC_cd function in lib/pear/XML/RPC.php in Revive Adserver bef ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2014-8874
+CVE-2014-8874 (The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predic ...)
 	NOT-FOR-US: TYPO3 Extension ke_questionnaire
-CVE-2014-8873
+CVE-2014-8873 (A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 in ...)
 	{DSA-3316-1 DSA-3235-1}
 	- openjdk-8 8u45-b14-1 (high)
 	- openjdk-7 7u79-2.5.5-1 (high)
@@ -3600,21 +3600,21 @@ CVE-2014-8873
 	NOTE: Starting with mime-support 3.53, MimeType entries in desktop
 	NOTE: files end up in /etc/mailcap, which introduces the user-initiated
 	NOTE: code execution.
-CVE-2014-8872
+CVE-2014-8872 (Improper Verification of Cryptographic Signature in AVM FRITZ!Box 6810 ...)
 	NOT-FOR-US: AVM FRITZ!Box
-CVE-2014-8871
+CVE-2014-8871 (Directory traversal vulnerability in hybris Commerce software suite 5. ...)
 	NOT-FOR-US: hybris Commerce
-CVE-2014-8870
+CVE-2014-8870 (Open redirect vulnerability in mobiquo/smartbanner/welcome.php in the  ...)
 	NOT-FOR-US: Woltlab Burning Board plugin Tapatalk
-CVE-2014-8869
+CVE-2014-8869 (Multiple cross-site scripting (XSS) vulnerabilities in mobiquo/smartba ...)
 	NOT-FOR-US: Woltlab Burning Board plugin Tapatalk
-CVE-2014-8868
+CVE-2014-8868 (EntryPass N5200 Active Network Control Panel does not properly restric ...)
 	NOT-FOR-US: EntryPass N5200
-CVE-2014-8867
+CVE-2014-8867 (The acceleration support for the "REP MOVS" instruction in Xen 4.4.x,  ...)
 	{DSA-3140-1}
 	- xen 4.4.1-5 (bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-8866
+CVE-2014-8866 (The compatibility mode hypercall argument translation in Xen 3.3.x thr ...)
 	{DSA-3140-1}
 	- xen 4.4.1-5 (bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
@@ -3668,55 +3668,55 @@ CVE-2014-8842
 	RESERVED
 CVE-2014-8841
 	RESERVED
-CVE-2014-8840
+CVE-2014-8840 (The iTunes Store component in Apple iOS before 8.1.3 allows remote att ...)
 	NOT-FOR-US: Apple
-CVE-2014-8839
+CVE-2014-8839 (Spotlight in Apple OS X before 10.10.2 does not enforce the Mail "Load ...)
 	NOT-FOR-US: Apple
-CVE-2014-8838
+CVE-2014-8838 (The Security component in Apple OS X before 10.10.2 does not properly  ...)
 	NOT-FOR-US: Apple
-CVE-2014-8837
+CVE-2014-8837 (Multiple unspecified vulnerabilities in the Bluetooth driver in Apple  ...)
 	NOT-FOR-US: Apple
-CVE-2014-8836
+CVE-2014-8836 (The Bluetooth driver in Apple OS X before 10.10.2 allows attackers to  ...)
 	NOT-FOR-US: Apple
-CVE-2014-8835
+CVE-2014-8835 (The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 ...)
 	NOT-FOR-US: Apple
-CVE-2014-8834
+CVE-2014-8834 (UserAccountUpdater in Apple OS X 10.10 before 10.10.2 stores a PDF doc ...)
 	NOT-FOR-US: Apple
-CVE-2014-8833
+CVE-2014-8833 (SpotlightIndex in Apple OS X before 10.10.2 does not properly perform  ...)
 	NOT-FOR-US: Apple
-CVE-2014-8832
+CVE-2014-8832 (The indexing functionality in Spotlight in Apple OS X before 10.10.2 w ...)
 	NOT-FOR-US: Apple
-CVE-2014-8831
+CVE-2014-8831 (security_taskgate in Apple OS X before 10.10.2 allows attackers to rea ...)
 	NOT-FOR-US: Apple
-CVE-2014-8830
+CVE-2014-8830 (Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 al ...)
 	NOT-FOR-US: Apple
-CVE-2014-8829
+CVE-2014-8829 (SceneKit in Apple OS X before 10.10.2 allows attackers to execute arbi ...)
 	NOT-FOR-US: Apple
-CVE-2014-8828
+CVE-2014-8828 (Sandbox in Apple OS X before 10.10 allows attackers to write to the sa ...)
 	NOT-FOR-US: Apple
-CVE-2014-8827
+CVE-2014-8827 (LoginWindow in Apple OS X before 10.10.2 does not transition to the lo ...)
 	NOT-FOR-US: Apple
-CVE-2014-8826
+CVE-2014-8826 (LaunchServices in Apple OS X before 10.10.2 does not properly handle f ...)
 	NOT-FOR-US: Apple
-CVE-2014-8825
+CVE-2014-8825 (The kernel in Apple OS X before 10.10.2 does not properly perform iden ...)
 	NOT-FOR-US: Apple
-CVE-2014-8824
+CVE-2014-8824 (The kernel in Apple OS X before 10.10.2 does not properly validate IOD ...)
 	NOT-FOR-US: Apple
-CVE-2014-8823
+CVE-2014-8823 (The IOUSBControllerUserClient::ReadRegister function in the IOUSB cont ...)
 	NOT-FOR-US: Apple
-CVE-2014-8822
+CVE-2014-8822 (IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute a ...)
 	NOT-FOR-US: Apple
-CVE-2014-8821
+CVE-2014-8821 (The Intel Graphics Driver in Apple OS X before 10.10.2 allows local us ...)
 	NOT-FOR-US: Apple
-CVE-2014-8820
+CVE-2014-8820 (The Intel Graphics Driver in Apple OS X before 10.10.2 allows local us ...)
 	NOT-FOR-US: Apple
-CVE-2014-8819
+CVE-2014-8819 (The Intel Graphics Driver in Apple OS X before 10.10.2 allows local us ...)
 	NOT-FOR-US: Apple
 CVE-2014-8818
 	REJECTED
-CVE-2014-8817
+CVE-2014-8817 (coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 d ...)
 	NOT-FOR-US: Apple
-CVE-2014-8816
+CVE-2014-8816 (CoreGraphics in Apple OS X before 10.10 allows remote attackers to exe ...)
 	NOT-FOR-US: Apple
 CVE-2014-8815
 	RESERVED
@@ -3728,9 +3728,9 @@ CVE-2014-8812
 	RESERVED
 CVE-2014-8811
 	RESERVED
-CVE-2014-8810
+CVE-2014-8810 (SQL injection vulnerability in ajax/mail_functions.php in the WP Sympo ...)
 	NOT-FOR-US: WP Symposium plugin for WordPress
-CVE-2014-8809
+CVE-2014-8809 (Multiple cross-site scripting (XSS) vulnerabilities in the WP Symposiu ...)
 	NOT-FOR-US: WP Symposium plugin for WordPress
 CVE-2014-8808
 	RESERVED
@@ -3744,13 +3744,13 @@ CVE-2014-8804
 	RESERVED
 CVE-2014-8803
 	RESERVED
-CVE-2014-8802
+CVE-2014-8802 (The Pie Register plugin before 2.0.14 for WordPress does not properly  ...)
 	NOT-FOR-US: WordPress plugin Pie Register
-CVE-2014-8801
+CVE-2014-8801 (Directory traversal vulnerability in services/getfile.php in the Paid  ...)
 	NOT-FOR-US: Paid Memberships Pro plugin for WordPress
-CVE-2014-8800
+CVE-2014-8800 (Cross-site scripting (XSS) vulnerability in nextend-facebook-settings. ...)
 	NOT-FOR-US: Nextend Facebook Connect plugin for WordPress
-CVE-2014-8799
+CVE-2014-8799 (Directory traversal vulnerability in the dp_img_resize function in php ...)
 	NOT-FOR-US: dp_img_resize function in php/dp-functions.php in the DukaPress plugin for WordPress
 CVE-2014-8798
 	RESERVED
@@ -3762,17 +3762,17 @@ CVE-2014-8795
 	RESERVED
 CVE-2014-8794
 	RESERVED
-CVE-2014-8793
+CVE-2014-8793 (Cross-site scripting (XSS) vulnerability in lib/max/Admin/UI/Field/Pub ...)
 	NOT-FOR-US: Revive Adserver
 CVE-2014-8792
 	RESERVED
-CVE-2014-8791
+CVE-2014-8791 (project/register.php in Tuleap before 7.7, when sys_create_project_in_ ...)
 	NOT-FOR-US: Enalean Tuleap
-CVE-2014-8790
+CVE-2014-8790 (XML external entity (XXE) vulnerability in admin/api.php in GetSimple  ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2014-8789
+CVE-2014-8789 (GleamTech FileVista before 6.1 allows remote authenticated users to cr ...)
 	NOT-FOR-US: GleamTech FileVista
-CVE-2014-8788
+CVE-2014-8788 (GleamTech FileVista before 6.1 allows remote authenticated users to ob ...)
 	NOT-FOR-US: GleamTech FileVista
 CVE-2014-8787
 	RESERVED
@@ -3788,63 +3788,63 @@ CVE-2014-8782
 	RESERVED
 CVE-2014-8781
 	RESERVED
-CVE-2014-8780
+CVE-2014-8780 (Cross-site scripting (XSS) vulnerability in Jease 2.11 allows remote a ...)
 	NOT-FOR-US: Jease
-CVE-2014-8779
+CVE-2014-8779 (Pexip Infinity before 8 uses the same SSH host keys across different c ...)
 	NOT-FOR-US: Pexip Infinity
-CVE-2014-8778
+CVE-2014-8778 (Checkmarx CxSAST (formerly CxSuite) before 7.1.8 allows remote authent ...)
 	NOT-FOR-US: Checkmarx
 CVE-2014-8777
 	RESERVED
 CVE-2014-8776
 	RESERVED
-CVE-2014-8775
+CVE-2014-8775 (MODX Revolution 2.x before 2.2.15 does not include the HTTPOnly flag i ...)
 	NOT-FOR-US: MODx Revolution
-CVE-2014-8774
+CVE-2014-8774 (Cross-site scripting (XSS) vulnerability in manager/index.php in MODX  ...)
 	NOT-FOR-US: MODx Revolution
-CVE-2014-8773
+CVE-2014-8773 (MODX Revolution 2.x before 2.2.15 allows remote attackers to bypass th ...)
 	NOT-FOR-US: MODx Revolution
-CVE-2014-8772
+CVE-2014-8772 (Cross-site scripting (XSS) vulnerability in the search_controller in X ...)
 	NOT-FOR-US: X3 CMS
-CVE-2014-8771
+CVE-2014-8771 (Multiple cross-site request forgery (CSRF) vulnerabilities in the admi ...)
 	NOT-FOR-US: X3 CMS
-CVE-2014-8770
+CVE-2014-8770 (Unrestricted file upload vulnerability in magmi/web/magmi.php in the M ...)
 	NOT-FOR-US: Magento
-CVE-2014-8988
+CVE-2014-8988 (MantisBT before 1.2.18 allows remote authenticated users to bypass the ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/5f0b150b
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17742
-CVE-2014-9622
+CVE-2014-9622 (Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported ...)
 	{DSA-3131-1 DLA-217-1}
 	- xdg-utils 1.1.0~rc1+git20111210-7.3 (bug #773085)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=66670
-CVE-2014-8991
+CVE-2014-8991 (pip 1.3 through 1.5.6 allows local users to cause a denial of service  ...)
 	- python-pip 1.5.6-4 (bug #725847)
 	[wheezy] - python-pip <not-affected> (Vulnerable code only in >= 1.3)
 	[squeeze] - python-pip <not-affected> (Vulnerable code only in >= 1.3)
 	NOTE: https://github.com/pypa/pip/pull/2122
-CVE-2014-8987
+CVE-2014-8987 (Cross-site scripting (XSS) vulnerability in the "set configuration" bo ...)
 	- mantis <not-affected> (Vulnerable code introduced later)
 	NOTE: Affected upstream versions >= 1.2.13, <= 1.2.17
 	NOTE: https://github.com/mantisbt/mantisbt/commit/49c3d089
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17870
-CVE-2014-8884
+CVE-2014-8884 (Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_ ...)
 	{DSA-3093-1 DLA-118-1}
 	- linux 3.16.7-ckt2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f2e323ec96077642d397bb1c355def536d489d16 (v3.18-rc1)
-CVE-2014-8769
+CVE-2014-8769 (tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensi ...)
 	{DSA-3086-1 DLA-102-1}
 	- tcpdump 4.6.2-2 (bug #770424)
 	NOTE: http://www.securityfocus.com/archive/1/534009/30/0/threaded
-CVE-2014-8768
+CVE-2014-8768 (Multiple Integer underflows in the geonet_print function in tcpdump 4. ...)
 	- tcpdump 4.6.2-2 (bug #770415)
 	[wheezy] - tcpdump <not-affected> (Vulnerable code added in 4.5.0)
 	[squeeze] - tcpdump <not-affected> (Vulnerable code added in 4.5.0)
 	NOTE: http://www.securityfocus.com/archive/1/534010/30/0/threaded
-CVE-2014-8767
+CVE-2014-8767 (Integer underflow in the olsr_print function in tcpdump 3.9.6 through  ...)
 	{DSA-3086-1 DLA-102-1}
 	- tcpdump 4.6.2-2 (bug #770434)
 	NOTE: http://www.securityfocus.com/archive/1/534011/30/0/threaded
@@ -3856,31 +3856,31 @@ CVE-2014-8740
 	RESERVED
 CVE-2014-8739
 	RESERVED
-CVE-2014-8736
+CVE-2014-8736 (The Open Atrium Core module for Drupal before 7.x-2.22 allows remote a ...)
 	NOT-FOR-US: Drupal module Open Atrium Core
-CVE-2014-8735
+CVE-2014-8735 (The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7 ...)
 	NOT-FOR-US: Drupal module Bad Behavior
-CVE-2014-8734
+CVE-2014-8734 (The Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal ...)
 	NOT-FOR-US: Drupal module Organic Groups Menu
-CVE-2014-8733
+CVE-2014-8733 (Cloudera Manager 5.2.0, 5.2.1, and 5.3.0 stores the LDAP bind password ...)
 	NOT-FOR-US: Cloudera Manager
-CVE-2014-8730
+CVE-2014-8730 (The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 throu ...)
 	NOT-FOR-US: SSL/TLS implementation error in F5 products (and historic NSS releases)
 CVE-2014-8729
 	RESERVED
-CVE-2014-8728
+CVE-2014-8728 (SQL injection vulnerability in the login page (login/login) in Subex R ...)
 	NOT-FOR-US: Subex
-CVE-2014-8727
+CVE-2014-8727 (Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2. ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2014-8726
 	RESERVED
 CVE-2014-8725
 	RESERVED
-CVE-2014-8724
+CVE-2014-8724 (Cross-site scripting (XSS) vulnerability in the W3 Total Cache plugin  ...)
 	NOT-FOR-US: W3 Total Cache plugin for WordPress
-CVE-2014-8723
+CVE-2014-8723 (GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2014-8722
+CVE-2014-8722 (GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive inform ...)
 	NOT-FOR-US: GetSimple CMS
 CVE-2014-8721
 	RESERVED
@@ -3894,21 +3894,21 @@ CVE-2014-8717
 	RESERVED
 CVE-2014-8715
 	RESERVED
-CVE-2014-8708
+CVE-2014-8708 (Pluck CMS 4.7.2 allows remote attackers to execute arbitrary code via  ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2014-8707
+CVE-2014-8707 (Cross-site scripting (XSS) vulnerability in TinyMCE in Pluck CMS 4.7.2 ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2014-8706
+CVE-2014-8706 (Pluck CMS 4.7.2 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2014-8705
+CVE-2014-8705 (PHP remote file inclusion vulnerability in editInplace.php in Wonder C ...)
 	NOT-FOR-US: Wonder CMS
-CVE-2014-8704
+CVE-2014-8704 (Directory traversal vulnerability in index.php in Wonder CMS 2014 allo ...)
 	NOT-FOR-US: Wonder CMS
-CVE-2014-8703
+CVE-2014-8703 (Cross-site scripting (XSS) vulnerability in Wonder CMS 2014 allows rem ...)
 	NOT-FOR-US: Wonder CMS
-CVE-2014-8702
+CVE-2014-8702 (Wonder CMS 2014 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Wonder CMS
-CVE-2014-8701
+CVE-2014-8701 (Wonder CMS 2014 allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Wonder CMS
 CVE-2014-8700
 	RESERVED
@@ -3930,84 +3930,84 @@ CVE-2014-8692
 	RESERVED
 CVE-2014-8691
 	RESERVED
-CVE-2014-8690
+CVE-2014-8690 (Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS be ...)
 	NOT-FOR-US: Exponent CMS
 CVE-2014-8689
 	RESERVED
-CVE-2014-8688
+CVE-2014-8688 (An issue was discovered in Telegram Messenger 2.6 for iOS and 1.8.2 fo ...)
 	NOT-FOR-US: Telegram Messenger
-CVE-2014-8687
+CVE-2014-8687 (Seagate Business NAS devices with firmware before 2015.00322 allow rem ...)
 	NOT-FOR-US: Seagate Business NAS devices
-CVE-2014-8686
+CVE-2014-8686 (CodeIgniter before 2.2.0 makes it easier for attackers to decode sessi ...)
 	- codeigniter <itp> (bug #471583)
 CVE-2014-8685
 	RESERVED
-CVE-2014-8684
+CVE-2014-8684 (CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through  ...)
 	- codeigniter <itp> (bug #471583)
-CVE-2014-8683
+CVE-2014-8683 (Cross-site scripting (XSS) vulnerability in models/issue.go in Gogs (a ...)
 	NOT-FOR-US: Go Git Service
-CVE-2014-8682
+CVE-2014-8682 (Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0. ...)
 	NOT-FOR-US: Go Git Service
-CVE-2014-8681
+CVE-2014-8681 (SQL injection vulnerability in the GetIssues function in models/issue. ...)
 	NOT-FOR-US: Go Git Service
-CVE-2014-8680
+CVE-2014-8680 (The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remot ...)
 	- bind9 <not-affected> (Only affects 9.10 to 9.11)
 	NOTE: https://kb.isc.org/article/AA-01217/0
 CVE-2014-8679
 	RESERVED
-CVE-2014-8678
+CVE-2014-8678 (The ConfigSaveServlet servlet in ManageEngine OpUtils before build 710 ...)
 	NOT-FOR-US: ManageEngine OpUtils
-CVE-2014-8677
+CVE-2014-8677 (The installation process for SOPlanning 1.32 and earlier allows remote ...)
 	NOT-FOR-US: SOPlanning
-CVE-2014-8676
+CVE-2014-8676 (Directory traversal vulnerability in the file_get_contents function in ...)
 	NOT-FOR-US: SOPlanning
-CVE-2014-8675
+CVE-2014-8675 (Soplanning 1.32 and earlier generates static links for sharing ICAL ca ...)
 	NOT-FOR-US: SOPlanning
 CVE-2014-8674
 	RESERVED
 CVE-2014-8673
 	RESERVED
-CVE-2014-8672
+CVE-2014-8672 (Cross-site scripting (XSS) vulnerability in the RewardingYourself appl ...)
 	NOT-FOR-US: RewardingYourself application for Android and BlackBerry
-CVE-2014-8671
+CVE-2014-8671 (Cross-site scripting (XSS) vulnerability in the GWT Mobile PhoneGap Sh ...)
 	NOT-FOR-US: GWT Mobile PhoneGap Showcase application for Android
-CVE-2014-8670
+CVE-2014-8670 (Open redirect vulnerability in go.php in vBulletin 4.2.1 allows remote ...)
 	NOT-FOR-US: vBulletin
-CVE-2014-8669
+CVE-2014-8669 (The SAP Promotion Guidelines (CRM-MKT-MPL-TPM-PPG) module for SAP CRM  ...)
 	NOT-FOR-US: SAP
-CVE-2014-8668
+CVE-2014-8668 (SQL injection vulnerability in SAP Contract Accounting allows remote a ...)
 	NOT-FOR-US: SAP
-CVE-2014-8667
+CVE-2014-8667 (Cross-site scripting (XSS) vulnerability in SAP HANA Web-based Develop ...)
 	NOT-FOR-US: SAP
-CVE-2014-8666
+CVE-2014-8666 (The User &amp; Server configuration, InfoView refresh, user rights (BI ...)
 	NOT-FOR-US: SAP
-CVE-2014-8665
+CVE-2014-8665 (The SAP Business Intelligence Development Workbench allows remote atta ...)
 	NOT-FOR-US: SAP
-CVE-2014-8664
+CVE-2014-8664 (SQL injection vulnerability in Product Safety (EHS-SAF) component in S ...)
 	NOT-FOR-US: SAP
-CVE-2014-8663
+CVE-2014-8663 (SQL injection vulnerability in Data Basis (BW-WHM-DBA) in SAP NetWeave ...)
 	NOT-FOR-US: SAP
-CVE-2014-8662
+CVE-2014-8662 (Unspecified vulnerability in SAP Payroll Process allows remote attacke ...)
 	NOT-FOR-US: SAP
-CVE-2014-8661
+CVE-2014-8661 (The SAP CRM Internet Sales module allows remote attackers to execute a ...)
 	NOT-FOR-US: SAP
-CVE-2014-8660
+CVE-2014-8660 (SAP Document Management Services allows local users to execute arbitra ...)
 	NOT-FOR-US: SAP
-CVE-2014-8659
+CVE-2014-8659 (Directory traversal vulnerability in SAP Environment, Health, and Safe ...)
 	NOT-FOR-US: SAP
-CVE-2014-8658
+CVE-2014-8658 (Cross-site scripting (XSS) vulnerability in RefinedWiki Original Theme ...)
 	NOT-FOR-US: Atlassian Confluence theme
-CVE-2014-8657
+CVE-2014-8657 (The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gatew ...)
 	NOT-FOR-US: Compal Gateways
-CVE-2014-8656
+CVE-2014-8656 (The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gatew ...)
 	NOT-FOR-US: Compal Gateways
-CVE-2014-8655
+CVE-2014-8655 (The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gatew ...)
 	NOT-FOR-US: Compal Gateways
-CVE-2014-8654
+CVE-2014-8654 (Multiple cross-site request forgery (CSRF) vulnerabilities in Compal B ...)
 	NOT-FOR-US: Compal Gateways
-CVE-2014-8653
+CVE-2014-8653 (Cross-site scripting (XSS) vulnerability in Compal Broadband Networks  ...)
 	NOT-FOR-US: Compal Gateways
-CVE-2014-8652
+CVE-2014-8652 (Elipse E3 3.x and earlier allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Elipse E3
 CVE-2014-8649
 	REJECTED
@@ -4021,43 +4021,43 @@ CVE-2014-8645
 	REJECTED
 CVE-2014-8644
 	RESERVED
-CVE-2014-8643
+CVE-2014-8643 (Mozilla Firefox before 35.0 on Windows allows remote attackers to bypa ...)
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-07.html
-CVE-2014-8642
+CVE-2014-8642 (Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider  ...)
 	- iceweasel <not-affected> (Only affects versions > 31.x)
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-08.html
-CVE-2014-8641
+CVE-2014-8641 (Use-after-free vulnerability in the WebRTC implementation in Mozilla F ...)
 	{DSA-3127-1}
 	- iceweasel 31.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-06.html
-CVE-2014-8640
+CVE-2014-8640 (The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in  ...)
 	- iceweasel <not-affected> (Only affects versions > 31.x)
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-05.html
-CVE-2014-8639
+CVE-2014-8639 (Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird ...)
 	{DSA-3132-1 DSA-3127-1}
 	- iceweasel 31.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-04.html
-CVE-2014-8638
+CVE-2014-8638 (The navigator.sendBeacon implementation in Mozilla Firefox before 35.0 ...)
 	{DSA-3132-1 DSA-3127-1}
 	- iceweasel 31.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-03.html
-CVE-2014-8637
+CVE-2014-8637 (Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly  ...)
 	- iceweasel <not-affected> (Only affects versions > 31.x)
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-02.html
-CVE-2014-8636
+CVE-2014-8636 (The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaM ...)
 	- iceweasel <not-affected> (Only affects versions > 31.x)
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-09.html
-CVE-2014-8635
+CVE-2014-8635 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects versions > 31.x)
-CVE-2014-8634
+CVE-2014-8634 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3132-1 DSA-3127-1}
 	- iceweasel 31.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -4066,40 +4066,40 @@ CVE-2014-8634
 	NOTE: http://www.mozilla.org/security/announce/2015/mfsa2015-01.html
 CVE-2014-8633
 	RESERVED
-CVE-2014-8632
+CVE-2014-8632 (The structured-clone implementation in Mozilla Firefox before 34.0 and ...)
 	- iceweasel <not-affected> (Only affects Firefox 33)
-CVE-2014-8631
+CVE-2014-8631 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox befo ...)
 	- iceweasel <not-affected> (Only affects Firefox 33)
-CVE-2014-8630
+CVE-2014-8630 (Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x ...)
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
 	[squeeze] - bugzilla <end-of-life>
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1079065
-CVE-2014-8629
+CVE-2014-8629 (Cross-site scripting (XSS) vulnerability in the Page visualization age ...)
 	NOT-FOR-US: Pandora FMS
 CVE-2014-8624
 	RESERVED
 CVE-2014-8623
 	RESERVED
-CVE-2014-8622
+CVE-2014-8622 (Cross-site scripting (XSS) vulnerability in compfight-search.php in th ...)
 	NOT-FOR-US: Compfight plugin for WordPress
-CVE-2014-8621
+CVE-2014-8621 (SQL injection vulnerability in the Store Locator plugin 2.3 through 3. ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2014-8620
 	RESERVED
-CVE-2014-8619
+CVE-2014-8619 (Cross-site scripting (XSS) vulnerability in the autolearn configuratio ...)
 	NOT-FOR-US: Fortinet FortiWeb
-CVE-2014-8618
+CVE-2014-8618 (Cross-site scripting (XSS) vulnerability in the theme login page in Fo ...)
 	NOT-FOR-US: Fortinet FortiADC
-CVE-2014-8617
+CVE-2014-8617 (Cross-site scripting (XSS) vulnerability in the Web Action Quarantine  ...)
 	NOT-FOR-US: FortiMail
-CVE-2014-8616
+CVE-2014-8616 (Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiO ...)
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2014-8615
 	REJECTED
 CVE-2014-8614
 	REJECTED
-CVE-2014-8613
+CVE-2014-8613 (The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before ...)
 	[experimental] - kfreebsd-11 11.0~svn284956-1
 	- kfreebsd-10 10.1~svn274115-2 (bug #776416)
 	- kfreebsd-9 <removed>
@@ -4109,7 +4109,7 @@ CVE-2014-8613
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, can be fixed in a point release)
 	[squeeze] - kfreebsd-8 <not-affected> (kfreebsd-i386/amd64 not supported in Squeeze LTS)
 	NOTE: https://security.freebsd.org/advisories/FreeBSD-SA-15:03.sctp.asc
-CVE-2014-8612
+CVE-2014-8612 (Multiple array index errors in the Stream Control Transmission Protoco ...)
 	[experimental] - kfreebsd-11 11.0~svn284956-1
 	- kfreebsd-10 10.1~svn274115-2 (bug #776415)
 	- kfreebsd-9 <removed>
@@ -4119,34 +4119,34 @@ CVE-2014-8612
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, can be fixed in a point release)
 	[squeeze] - kfreebsd-8 <not-affected> (kfreebsd-i386/amd64 not supported in Squeeze LTS)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-SA-15:02.kmem.asc
-CVE-2014-8611
+CVE-2014-8611 (The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and ...)
 	NOT-FOR-US: Apple
-CVE-2014-8610
+CVE-2014-8610 (AndroidManifest.xml in Android before 5.0.0 does not require the SEND_ ...)
 	NOT-FOR-US: Android
-CVE-2014-8609
+CVE-2014-8609 (The addAccount method in src/com/android/settings/accounts/AddAccountS ...)
 	NOT-FOR-US: Android
-CVE-2014-8608
+CVE-2014-8608 (The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) be ...)
 	NOT-FOR-US: K7 Computing
-CVE-2014-8607
+CVE-2014-8607 (The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! provides  ...)
 	NOT-FOR-US: XCloner plugin for WordPress and Joomla!
-CVE-2014-8606
+CVE-2014-8606 (Directory traversal vulnerability in the XCloner plugin 3.1.1 for Word ...)
 	NOT-FOR-US: XCloner plugin for WordPress and Joomla!
-CVE-2014-8605
+CVE-2014-8605 (The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! stores da ...)
 	NOT-FOR-US: XCloner plugin for WordPress and Joomla!
-CVE-2014-8604
+CVE-2014-8604 (The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! returns t ...)
 	NOT-FOR-US: XCloner plugin for WordPress and Joomla!
-CVE-2014-8603
+CVE-2014-8603 (cloner.functions.php in the XCloner plugin 3.1.1 for WordPress and 3.5 ...)
 	NOT-FOR-US: XCloner plugin for WordPress and Joomla!
-CVE-2014-8602
+CVE-2014-8602 (iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegatio ...)
 	{DSA-3097-1 DLA-107-1}
 	- unbound 1.4.22-3 (bug #772622)
 	NOTE: http://www.unbound.net/pipermail/unbound-users/2014-December/003662.html
-CVE-2014-8601
+CVE-2014-8601 (PowerDNS Recursor before 3.6.2 does not limit delegation chaining, whi ...)
 	{DSA-3096-1 DLA-104-1}
 	- pdns-recursor 3.6.2-1
 	NOTE: http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/
 	NOTE: Backported patches available at https://downloads.powerdns.com/patches/2014-02/
-CVE-2014-8600
+CVE-2014-8600 (Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.1 ...)
 	- kde-runtime 4:4.14.2-2 (bug #769632)
 	[wheezy] - kde-runtime <no-dsa> (Minor issue)
 	[squeeze] - kdebase-runtime <no-dsa> (Minor issue)
@@ -4159,74 +4159,74 @@ CVE-2014-8599
 	RESERVED
 CVE-2014-8597
 	RESERVED
-CVE-2014-8596
+CVE-2014-8596 (Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow rem ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2014-8595
+CVE-2014-8595 (arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not ...)
 	{DSA-3140-1}
 	- xen 4.4.1-4 (bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-8594
+CVE-2014-8594 (The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x d ...)
 	{DSA-3140-1}
 	- xen 4.4.1-4 (low; bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-8593
+CVE-2014-8593 (Multiple cross-site scripting (XSS) vulnerabilities in Allomani Weblin ...)
 	NOT-FOR-US: Allomani Weblinks
-CVE-2014-8587
+CVE-2014-8587 (SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8 ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-8586
+CVE-2014-8586 (SQL injection vulnerability in the CP Multi View Event Calendar plugin ...)
 	NOT-FOR-US: WordPress plugin CP Multi View Event Calendar
-CVE-2014-8585
+CVE-2014-8585 (Directory traversal vulnerability in the WordPress Download Manager pl ...)
 	NOT-FOR-US: WordPress plugin WordPress Download Manager
 	NOTE: To be REJECTED
-CVE-2014-8584
+CVE-2014-8584 (Cross-site scripting (XSS) vulnerability in the Web Dorado Spider Vide ...)
 	NOT-FOR-US: WordPress plugin Web Dorado Spider Video Player (aka WordPress Video Player)
-CVE-2014-8738
+CVE-2014-8738 (The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU bi ...)
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141124-1
 	- binutils-mingw-w64 5.2
 	NOTE: Upstream tracker: https://sourceware.org/bugzilla/show_bug.cgi?id=17533
 	NOTE: Upstream patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bb0d867169d7e9743d229804106a8fbcab7f3b3f
-CVE-2014-8737
+CVE-2014-8737 (Multiple directory traversal vulnerabilities in GNU binutils 2.24 and  ...)
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141124-1
 	- binutils-mingw-w64 5.2
 	NOTE: Upstream tracker: https://sourceware.org/bugzilla/show_bug.cgi?id=17552
 	NOTE: Upstream patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=dd9b91de2149ee81d47f708e7b0bbf57da10ad42
-CVE-2014-8732
+CVE-2014-8732 (Cross-site scripting (XSS) vulnerability in phpMemcachedAdmin 1.2.2 an ...)
 	NOT-FOR-US: phpMemcachedAdmin
-CVE-2014-8731
+CVE-2014-8731 (PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute ...)
 	NOT-FOR-US: phpMemcachedAdmin
-CVE-2014-8716
+CVE-2014-8716 (The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to c ...)
 	{DLA-960-1 DLA-90-1}
 	- imagemagick 8:6.8.9.9-3 (bug #768494)
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26456
-CVE-2014-8714
+CVE-2014-8714 (The dissect_write_structured_field function in epan/dissectors/packet- ...)
 	{DSA-3076-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-2 (bug #769410)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-23.html
 	NOTE: Versions 1.12.0 to 1.12.1, and 1.10.0 to 1.10.10. It is fixed in versions 1.12.2 and 1.10.11.
-CVE-2014-8713
+CVE-2014-8713 (Stack-based buffer overflow in the build_expert_data function in epan/ ...)
 	{DSA-3076-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-2 (bug #769410)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-22.html
 	NOTE: Versions 1.12.0 to 1.12.1, and 1.10.0 to 1.10.10. It is fixed in versions 1.12.2 and 1.10.11.
-CVE-2014-8712
+CVE-2014-8712 (The build_expert_data function in epan/dissectors/packet-ncp2222.inc i ...)
 	{DSA-3076-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-2 (bug #769410)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-22.html
 	NOTE: Versions 1.12.0 to 1.12.1, and 1.10.0 to 1.10.10. It is fixed in versions 1.12.2 and 1.10.11.
-CVE-2014-8711
+CVE-2014-8711 (Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQ ...)
 	{DSA-3076-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-2 (bug #769410)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-21.html
 	NOTE: Versions 1.12.0 to 1.12.1, and 1.10.0 to 1.10.10. It is fixed in versions 1.12.2 and 1.10.11.
-CVE-2014-8710
+CVE-2014-8710 (The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the  ...)
 	{DSA-3076-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-2 (bug #769410)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-20.html
 	NOTE: Versions 1.10.0 to 1.10.10. It is fixed in versions 1.12.2 and 1.10.11.
-CVE-2014-8709
+CVE-2014-8709 (The ieee80211_fragment function in net/mac80211/tx.c in the Linux kern ...)
 	{DLA-118-1}
 	- linux 3.14.2-1
 	[wheezy] - linux 3.2.57-1
@@ -4238,54 +4238,54 @@ CVE-2014-8650 [does not handle mutual authentication]
 	- python-requests-kerberos 0.5-2 (bug #768408)
 	NOTE: https://github.com/requests/requests-kerberos/pull/36
 	NOTE: request adding https://github.com/mkomitee/requests-kerberos/commit/9c1e08cc17bb6950455a85d33d391ecd2bce6eb6
-CVE-2014-8628
+CVE-2014-8628 (Memory leak in PolarSSL before 1.2.12 and 1.3.x before 1.3.9 allows re ...)
 	{DSA-3116-1 DLA-129-1}
 	- polarssl 1.3.9-1
 	NOTE: Cf. https://bugzilla.redhat.com/show_bug.cgi?id=1159845#c5 and following.
 	NOTE: Patch for 1.2.x: https://github.com/polarssl/polarssl/commit/6b440389136afbcb0d831f880176c830bd3e0c7c
 	NOTE: Version 1.2.11 also brings other security-relevant fixes. Maybe update to new upstream version?
-CVE-2014-8627
+CVE-2014-8627 (PolarSSL 1.3.8 does not properly negotiate the signature algorithm to  ...)
 	- polarssl 1.3.9-1
 	[wheezy] - polarssl <not-affected> (Problem introduced in 1.3.8)
 	[squeeze] - polarssl <not-affected> (Problem introduced in 1.3.8)
-CVE-2014-8626
+CVE-2014-8626 (Stack-based buffer overflow in the date_from_ISO8601 function in ext/x ...)
 	- php5 5.2.9.dfsg.1-1
 	NOTE: https://bugs.php.net/bug.php?id=45226
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c818d0d01341907fee82bdb81cab07b7d93bb9db
-CVE-2014-8625
+CVE-2014-8625 (Multiple format string vulnerabilities in the parse_error_msg function ...)
 	- dpkg 1.17.22 (unimportant; bug #768485)
 	[wheezy] - dpkg 1.16.16
 	[squeeze] - dpkg <not-affected> (Regression introduced in 1.16.2)
 	NOTE: Rendered non-exploitable by toolchain hardening
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/1389135
 	NOTE: Regression introduced with https://anonscm.debian.org/cgit/dpkg/dpkg.git/commit/?id=0b8652b226a7601dfd71471797d15168a7337242 (1.16.2)
-CVE-2014-8598
+CVE-2014-8598 (The XML Import/Export plugin in MantisBT 1.2.x does not restrict acces ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/80a15487
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17780
-CVE-2014-8592
+CVE-2014-8592 (Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver  ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-8591
+CVE-2014-8591 (Unspecified vulnerability in SAP Internet Communication Manager (ICM), ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-8590
+CVE-2014-8590 (XML external entity (XXE) vulnerability in the Web Service Navigator i ...)
 	NOT-FOR-US: SAP NetWeaver Application Server
-CVE-2014-8589
+CVE-2014-8589 (Integer overflow in SAP Network Interface Router (SAProuter) 40.4 allo ...)
 	NOT-FOR-US: SAP Network Interface Router
-CVE-2014-8588
+CVE-2014-8588 (SQL injection vulnerability in metadata.xsjs in SAP HANA 1.00.60.37937 ...)
 	NOT-FOR-US: SAP HANA
 CVE-2014-8581
 	RESERVED
-CVE-2014-8580
+CVE-2014-8580 (Citrix NetScaler Application Delivery Controller and NetScaler Gateway ...)
 	NOT-FOR-US: Citrix Netscaler
-CVE-2014-8579
+CVE-2014-8579 (TRENDnet TEW-823DRU devices with firmware before 1.00b36 have a hardco ...)
 	NOT-FOR-US: TRENDnet TEW-823DRU devices
-CVE-2014-8578
+CVE-2014-8578 (Cross-site scripting (XSS) vulnerability in the Groups panel in OpenSt ...)
 	- horizon 2014.1.1-3
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 	NOTE: this was split from CVE-2014-3475 by MITRE
-CVE-2014-8577
+CVE-2014-8577 (Multiple cross-site scripting (XSS) vulnerabilities in Croogo before 2 ...)
 	NOT-FOR-US: Croogo
 CVE-2014-8576
 	REJECTED
@@ -4295,11 +4295,11 @@ CVE-2014-8574
 	REJECTED
 CVE-2014-8573
 	REJECTED
-CVE-2014-8572
+CVE-2014-8572 (Huawei AC6605 with software V200R001C00; AC6605 with software V200R002 ...)
 	NOT-FOR-US: Huawei
-CVE-2014-8571
+CVE-2014-8571 (Apps on Huawei Ascend P6 mobile phones with software EDGE-U00 V100R001 ...)
 	NOT-FOR-US: Huawei
-CVE-2014-8570
+CVE-2014-8570 (Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703 ...)
 	NOT-FOR-US: Huawei
 CVE-2014-8569
 	RESERVED
@@ -4307,7 +4307,7 @@ CVE-2014-8568
 	RESERVED
 CVE-2014-8565
 	REJECTED
-CVE-2014-8564
+CVE-2014-8564 (The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3. ...)
 	- gnutls28 3.3.8-4 (bug #769154)
 	- gnutls26 <not-affected> (Vulnerable code not present; no support for ECC)
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/e821e1908686657a45c1b735f6d077b7a8493e2b (3.3.x branch)
@@ -4317,72 +4317,72 @@ CVE-2014-8563
 	RESERVED
 CVE-2014-8560
 	RESERVED
-CVE-2014-8558
+CVE-2014-8558 (JExperts Channel Platform 5.0.33_CCB allows remote authenticated users ...)
 	NOT-FOR-US: JExperts Tecnologia Channel Software
-CVE-2014-8557
+CVE-2014-8557 (Multiple cross-site scripting (XSS) vulnerabilities in JExperts Channe ...)
 	NOT-FOR-US: JExperts Tecnologia Channel Software
 CVE-2014-8556
 	RESERVED
-CVE-2014-8555
+CVE-2014-8555 (Directory traversal vulnerability in report/reportViewAction.jsp in Pr ...)
 	NOT-FOR-US: Progress Software OpenEdge
-CVE-2014-8553
+CVE-2014-8553 (The mci_account_get_array_by_id function in api/soap/mc_account_api.ph ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17243 (currently private)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/f779e3d4394a0638d822849863c4098421d911c5
-CVE-2014-8552
+CVE-2014-8552 (The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before  ...)
 	NOT-FOR-US: Siemens
-CVE-2014-8551
+CVE-2014-8551 (The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before  ...)
 	NOT-FOR-US: Siemens
 CVE-2014-8550
 	RESERVED
-CVE-2014-8549
+CVE-2014-8549 (libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the numb ...)
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:11.2-1 (bug #773626)
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=550f3e9df3410b3dd975e590042c0d83e20a8da3
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=cee4490b521fd0d02476d46aa2598af24fb8d686
-CVE-2014-8548
+CVE-2014-8548 (Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows rem ...)
 	{DSA-3189-1}
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:11.2-1 (bug #773626)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c727401aa9d62335e89d118a5b4e202edf39d905
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=d423dd72be451462c6fb1cbbe313bed0194001ab
-CVE-2014-8547
+CVE-2014-8547 (libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute i ...)
 	{DSA-3189-1}
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:11.2-1 (bug #773626)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f1457864be8fb9653643519dea1c6492f1dde57
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=0b39ac6f54505a538c21fe49a626de94c518c903
-CVE-2014-8546
+CVE-2014-8546 (Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 allow ...)
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Vulnerable code not present, reproducer tested with 8, 11 and trunk)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e7e5114c506957f40aafd794e06de1a7e341e9d5
-CVE-2014-8545
+CVE-2014-8545 (libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-blac ...)
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3e2b745020c2dbf0201fe7df3dad9e7e0b2e1bb6
-CVE-2014-8544
+CVE-2014-8544 (libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bi ...)
 	{DSA-3189-1}
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:11.3-1 (bug #773626)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=ae5e1f3d663a8c9a532d89e588cbc61f171c9186
-CVE-2014-8543
+CVE-2014-8543 (libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all line ...)
 	{DSA-3189-1}
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:11.2-1 (bug #773626)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8b0e96e1f21b761ca15dbb470cd619a1ebf86c3e
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=17ba719d9ba30c970f65747f42d5fbb1e447ca28
-CVE-2014-8542
+CVE-2014-8542 (libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID dur ...)
 	{DLA-1654-1}
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
@@ -4390,107 +4390,107 @@ CVE-2014-8542
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=105654e376a736d243aef4a1d121abebce912e6b
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=88626e5af8d006e67189bf10b96b982502a7e8ad
-CVE-2014-8541
+CVE-2014-8541 (libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension  ...)
 	- ffmpeg 7:2.4.3-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:11.2-1 (bug #773626)
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=5c378d6a6df8243f06c87962b873bd563e58cd39
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=809c3023b699c54c90511913d3b6140dd2436550
-CVE-2014-8539
+CVE-2014-8539 (Cross-site scripting (XSS) vulnerability in Simple Email Form 1.8.5 an ...)
 	NOT-FOR-US: Simple Email
-CVE-2014-8651
+CVE-2014-8651 (The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and ...)
 	- kde-workspace 4:4.11.13-2 (unimportant)
 	NOTE: https://projects.kde.org/projects/kde/kde-workspace/repository/diff?rev=54d0bfb5effff9c8cf60da890b7728cbe36a454e&rev_to=fd2aa9deed44fad6107625ad7360157fea7296f6
 	NOTE: On Debian changing the clock requires authentication, so it's not exploitable
 	NOTE: in the standard setup
-CVE-2014-8583
+CVE-2014-8583 (mod_wsgi before 4.2.4 for Apache, when creating a daemon process group ...)
 	- mod-wsgi 4.2.7-1
 	[wheezy] - mod-wsgi <no-dsa> (Minor issue)
 	[squeeze] - mod-wsgi <no-dsa> (Minor issue)
 	NOTE: https://github.com/GrahamDumpleton/mod_wsgi/commit/545354a80b9cc20d8b6916ca30542eab36c3b8bd
-CVE-2014-8582
+CVE-2014-8582 (FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point  ...)
 	NOT-FOR-US: FortiNet FortiADC-E
-CVE-2014-8567
+CVE-2014-8567 (The mod_auth_mellon module before 0.8.1 allows remote attackers to cau ...)
 	- libapache2-mod-auth-mellon 0.9.0
-CVE-2014-8566
+CVE-2014-8566 (The mod_auth_mellon module before 0.8.1 allows remote attackers to obt ...)
 	- libapache2-mod-auth-mellon 0.9.1
-CVE-2014-8554
+CVE-2014-8554 (SQL injection vulnerability in the mc_project_get_attachments function ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17812
 	NOTE: http://github.com/mantisbt/mantisbt/commit/99ffb0af (1.2.x branch)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/5faf97ab (master)
-CVE-2014-8540
+CVE-2014-8540 (The groups API in GitLab 6.x and 7.x before 7.4.3 allows remote authen ...)
 	- gitlab <not-affected> (Fixed before initial upload to Debian)
-CVE-2014-8538
+CVE-2014-8538 (The Hijab Modern (aka com.Aisyaidea.HijabModern) application 1.0 for A ...)
 	NOT-FOR-US: Hijab Modern (aka com.Aisyaidea.HijabModern) application for Android
-CVE-2014-8537
+CVE-2014-8537 (McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local u ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8536
+CVE-2014-8536 (McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local u ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8535
+CVE-2014-8535 (McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local u ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8534
+CVE-2014-8534 (Unspecified vulnerability in the login form in McAfee Network Data Los ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8533
+CVE-2014-8533 (McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote at ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8532
+CVE-2014-8532 (Unspecified vulnerability in McAfee Network Data Loss Prevention befor ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8531
+CVE-2014-8531 (The TLS/SSL Server in McAfee Network Data Loss Prevention (NDLP) befor ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8530
+CVE-2014-8530 (Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8529
+CVE-2014-8529 (McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH k ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8528
+CVE-2014-8528 (McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8527
+CVE-2014-8527 (McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local use ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8526
+CVE-2014-8526 (McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local use ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8525
+CVE-2014-8525 (McAfee Network Data Loss Prevention (NDLP) before 9.3 does not include ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8524
+CVE-2014-8524 (McAfee Network Data Loss Prevention (NDLP) before 9.3 does not disable ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8523
+CVE-2014-8523 (Cross-site request forgery (CSRF) vulnerability in McAfee Network Data ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8522
+CVE-2014-8522 (The MySQL database in McAfee Network Data Loss Prevention (NDLP) befor ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8521
+CVE-2014-8521 (Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss P ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8520
+CVE-2014-8520 (McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote at ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8519
+CVE-2014-8519 (Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP ...)
 	NOT-FOR-US: McAfee
-CVE-2014-8518
+CVE-2014-8518 (The (1) Removable Media and (2) CD and DVD encryption offsite access o ...)
 	NOT-FOR-US: McAfee
 CVE-2014-8516
 	RESERVED
-CVE-2014-8515
+CVE-2014-8515 (The web interface in BitTorrent allows remote attackers to execute arb ...)
 	NOT-FOR-US: uTorrent
-CVE-2014-8514
+CVE-2014-8514 (Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Elec ...)
 	NOT-FOR-US: Schneider Electric ProClima
-CVE-2014-8513
+CVE-2014-8513 (Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Elec ...)
 	NOT-FOR-US: Schneider Electric ProClima
-CVE-2014-8512
+CVE-2014-8512 (Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electr ...)
 	NOT-FOR-US: Schneider Electric ProClima
-CVE-2014-8511
+CVE-2014-8511 (Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electr ...)
 	NOT-FOR-US: Schneider Electric ProClima
-CVE-2014-8510
+CVE-2014-8510 (The AdminUI in Trend Micro InterScan Web Security Virtual Appliance (I ...)
 	NOT-FOR-US: Trend Micro InterScan Web Security Virtual Appliance
-CVE-2014-8509
+CVE-2014-8509 (The lazy_bdecode function in BitTorrent bootstrap-dht (aka Bootstrap)  ...)
 	NOT-FOR-US: BitTorrent bootstrap-dht (aka Bootstrap)
-CVE-2014-8508
+CVE-2014-8508 (Cross-site scripting (XSS) vulnerability in s_network.asp in the Denon ...)
 	NOT-FOR-US: Denon devices
-CVE-2014-8507
+CVE-2014-8507 (Multiple SQL injection vulnerabilities in the queryLastApp method in p ...)
 	NOT-FOR-US: Android
-CVE-2014-8506
+CVE-2014-8506 (Multiple SQL injection vulnerabilities in Etiko CMS allow remote attac ...)
 	NOT-FOR-US: Etiko CMS
-CVE-2014-8505
+CVE-2014-8505 (Multiple cross-site scripting (XSS) vulnerabilities in Etiko CMS allow ...)
 	NOT-FOR-US: Etiko CMS
-CVE-2014-8504
+CVE-2014-8504 (Stack-based buffer overflow in the srec_scan function in bfd/srec.c in ...)
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
@@ -4499,50 +4499,50 @@ CVE-2014-8504
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17510#c7
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17510#c8
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=708d7d0d11f0f2d776171979aa3479e8e12a38a0
-CVE-2014-8503
+CVE-2014-8503 (Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in ...)
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c33
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c34
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0102ea8cec5fc509bba6c91df61b7ce23a799d32
-CVE-2014-8502
+CVE-2014-8502 (Heap-based buffer overflow in the pe_print_edata function in bfd/peXXi ...)
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	NOTE: See https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c17
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5a4b0ccc20ba30caef53b01bee2c0aaa5b855339
-CVE-2014-8501
+CVE-2014-8501 (The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutil ...)
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	- gdb <unfixed> (unimportant)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7e1e19887abd24aeb15066b141cdff5541e0ec8e
-CVE-2014-8500
+CVE-2014-8500 (ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through  ...)
 	{DSA-3094-1 DLA-112-1}
 	- bind9 1:9.9.5.dfsg-7 (bug #772610)
 	NOTE: https://kb.isc.org/article/AA-01216/0
-CVE-2014-8499
+CVE-2014-8499 (Multiple SQL injection vulnerabilities in ManageEngine Password Manage ...)
 	NOT-FOR-US: ManageEngine Password Manager Pro (PMP)
-CVE-2014-8498
+CVE-2014-8498 (SQL injection vulnerability in BulkEditSearchResult.cc in ManageEngine ...)
 	NOT-FOR-US: ManageEngine Password Manager Pro (PMP)
 CVE-2014-8497
 	RESERVED
-CVE-2014-8496
+CVE-2014-8496 (Digicom DG-5514T ADSL router with firmware 3.2 generates predictable s ...)
 	NOT-FOR-US: Digicom Router
-CVE-2014-8495
+CVE-2014-8495 (Citrix XenMobile MDX Toolkit before 9.0.4, when used to wrap iOS 8 app ...)
 	NOT-FOR-US: Citrix XenMobile MDX Toolkit
-CVE-2014-8494
+CVE-2014-8494 (ESTsoft ALUpdate 8.5.1.0.0 uses weak permissions (Users: Full Control) ...)
 	NOT-FOR-US: ESTsoft ALUpdate
-CVE-2014-8493
+CVE-2014-8493 (ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to ...)
 	NOT-FOR-US: ZTE ZXHN H108L
-CVE-2014-8492
+CVE-2014-8492 (Multiple cross-site scripting (XSS) vulnerabilities in assets/misc/fal ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2014-8491
+CVE-2014-8491 (The Grand Flagallery plugin before 4.25 for WordPress allows remote at ...)
 	NOT-FOR-US: Grand Flagallery plugin for WordPress
 CVE-2014-8490
 	RESERVED
-CVE-2014-8990
+CVE-2014-8990 (default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attacke ...)
 	{DSA-3130-1}
 	- lsyncd 2.1.5-2 (low; bug #767227)
 	[squeeze] - lsyncd <no-dsa> (Minor issue)
@@ -4550,24 +4550,24 @@ CVE-2014-8990
 	NOTE: Upstream commit: https://github.com/creshal/lsyncd/commit/18f02ad013b41a72753912155ae2ba72f2a53e52
 	NOTE: also required: https://github.com/axkibe/lsyncd/commit/e9ffda07f0145f50f2756f8ee3fb0775b455122b
 	NOTE: the initial commit would be an incomplete fix and needs additional changes
-CVE-2014-8559
+CVE-2014-8559 (The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2  ...)
 	{DSA-3170-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <not-affected> (Introduced in 2.6.38)
 	NOTE: References in http://www.openwall.com/lists/oss-security/2014/10/30/7
 	NOTE: Upstream fix: https://git.kernel.org/linus/ca5358ef75fc69fee5322a38a340f5739d997c10 (v3.19-rc1)
 	NOTE: Upstream fix: https://git.kernel.org/linus/946e51f2bf37f1656916eb75bd0742ba33983c28 (v3.19-rc1)
-CVE-2014-8517
+CVE-2014-8517 (The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in Net ...)
 	- tnftp 20130505-2 (low; bug #767171)
 	[wheezy] - tnftp <no-dsa> (Minor issue)
 	[squeeze] - tnftp <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/10/28/4
-CVE-2014-9915
+CVE-2014-9915 (Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers ...)
 	- imagemagick 8:6.8.9.9-1 (bug #767240)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	[squeeze] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2014-8355
+CVE-2014-8355 (PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers  ...)
 	{DLA-960-1 DLA-242-1}
 	- imagemagick 8:6.8.9.9-1 (bug #767240)
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
@@ -4576,11 +4576,11 @@ CVE-2014-8355
 	[wheezy] - graphicsmagick <no-dsa> (Minor issue)
 	[squeeze] - graphicsmagick <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/p/graphicsmagick/code/ci/4426024497f9ed26cbadc5af5a5de55ac84796ff/ (graphicsmagick)
-CVE-2014-8562
+CVE-2014-8562 (DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to ca ...)
 	{DLA-960-1 DLA-242-1}
 	- imagemagick 8:6.8.9.9-1 (bug #767240)
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
-CVE-2014-8354
+CVE-2014-8354 (The HorizontalFilter function in resize.c in ImageMagick before 6.8.9- ...)
 	{DLA-960-1 DLA-242-1}
 	- imagemagick 8:6.8.9.9-1
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
@@ -4590,23 +4590,23 @@ CVE-2014-8561 [Remotely DOS: convert +profile regression enters infinite loop ex
 	- imagemagick 8:6.8.9.9-1 (bug #764872)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code introduced later; regression)
 	[squeeze] - imagemagick <not-affected> (Vulnerable code introduced later; regression)
-CVE-2014-8489
+CVE-2014-8489 (Open redirect vulnerability in startSSO.ping in the SP Endpoints in Pi ...)
 	NOT-FOR-US: PingFederate SP Endpoints
-CVE-2014-8488
+CVE-2014-8488 (Cross-site scripting (XSS) vulnerability in the administrator panel in ...)
 	NOT-FOR-US: yourls
-CVE-2014-8487
+CVE-2014-8487 (Kony Management (aka Enterprise Mobile Management or EMM) 1.2 and earl ...)
 	NOT-FOR-US: Kony Management
 CVE-2014-8486
 	REJECTED
 CVE-2014-8482
 	RESERVED
-CVE-2014-8479
+CVE-2014-8479 (The FTP server on Siemens SCALANCE X-300 switches with firmware before ...)
 	NOT-FOR-US: FTP server on Siemens SCALANCE X-300 switches
-CVE-2014-8478
+CVE-2014-8478 (The web server on Siemens SCALANCE X-300 switches with firmware before ...)
 	NOT-FOR-US: web server on Siemens SCALANCE X-300 switches
 CVE-2014-8477
 	RESERVED
-CVE-2014-8476
+CVE-2014-8476 (The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initial ...)
 	{DSA-3070-1}
 	[experimental] - kfreebsd-11 11.0~svn284956-1 (bug #768109)
 	- kfreebsd-10 10.1~svn274115-1 (bug #768108)
@@ -4615,23 +4615,23 @@ CVE-2014-8476
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, can be fixed in a point release)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://security.FreeBSD.org/advisories/FreeBSD-SA-14:25.setlogin.asc
-CVE-2014-8475
+CVE-2014-8475 (FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos suppo ...)
 	- openssh <not-affected> (freebsd-specific build system issue)
-CVE-2014-8474
+CVE-2014-8474 (CA Cloud Service Management (CSM) before Summer 2014 allows remote att ...)
 	NOT-FOR-US: CA Cloud Service Management
-CVE-2014-8473
+CVE-2014-8473 (Cross-site request forgery (CSRF) vulnerability in CA Cloud Service Ma ...)
 	NOT-FOR-US: CA Cloud Service Management
-CVE-2014-8472
+CVE-2014-8472 (CA Cloud Service Management (CSM) before Summer 2014 does not properly ...)
 	NOT-FOR-US: CA Cloud Service Management
-CVE-2014-8471
+CVE-2014-8471 (CA Cloud Service Management (CSM) before Summer 2014 allows remote att ...)
 	NOT-FOR-US: CA Cloud Service Management
 CVE-2014-8470
 	RESERVED
-CVE-2014-8469
+CVE-2014-8469 (Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in ...)
 	NOT-FOR-US: PHPFox
 CVE-2014-7401
 	REJECTED
-CVE-2014-8483
+CVE-2014-8483 (The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allo ...)
 	{DSA-3068-1 DSA-3063-1 DLA-168-1}
 	- quassel 0.10.0-2.1 (bug #766962)
 	[squeeze] - quassel <not-affected> (Problematic code does not exist in 0.6.3-2+squeeze2)
@@ -4639,23 +4639,23 @@ CVE-2014-8483
 	NOTE: http://bugs.quassel-irc.org/issues/1314
 	- konversation 1.5-2 (bug #768191)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=210792
-CVE-2014-8481
+CVE-2014-8481 (The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem ...)
 	- linux <not-affected> (Present in 3.17 with incomplete fix)
 	- linux-2.6 <not-affected> (Present in 3.17 with incomplete fix)
 	NOTE: Fix: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=a430c9166312e1aa3d80bce32374233bdbfeba32
-CVE-2014-8480
+CVE-2014-8480 (The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem ...)
 	- linux <not-affected> (Introduced in 3.17)
 	- linux-2.6 <not-affected> (Introduced in 3.17)
 	NOTE: The NULL pointer dereference was introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=41061cdb98a0bec464278b4db8e894a3121671f5 (v3.17-rc1)
 	NOTE: Fix: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=3f6f1480d86bf9fc16c160d803ab1d006e3058d5
-CVE-2014-8485
+CVE-2014-8485 (The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 a ...)
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	NOTE: http://lcamtuf.blogspot.com.au/2014/10/psa-dont-run-strings-on-untrusted-files.html
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=493a33860c71cac998f1a56d6d87d6faa801fbaa
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17510
-CVE-2014-8484
+CVE-2014-8484 (The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before ...)
 	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.51.20140903-1
 	- binutils-mingw-w64 5.2
@@ -4676,55 +4676,55 @@ CVE-2014-8463
 	RESERVED
 CVE-2014-8462
 	RESERVED
-CVE-2014-8461
+CVE-2014-8461 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 o ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8460
+CVE-2014-8460 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8459
+CVE-2014-8459 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 o ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8458
+CVE-2014-8458 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 o ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8457
+CVE-2014-8457 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8456
+CVE-2014-8456 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 o ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8455
+CVE-2014-8455 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8454
+CVE-2014-8454 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8453
+CVE-2014-8453 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 o ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8452
+CVE-2014-8452 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 o ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8451
+CVE-2014-8451 (An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8450
+CVE-2014-8450 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-8449
+CVE-2014-8449 (Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 1 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8448
+CVE-2014-8448 (An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8447
+CVE-2014-8447 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 o ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8446
+CVE-2014-8446 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 o ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-8445
+CVE-2014-8445 (Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 o ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2014-8444
 	REJECTED
-CVE-2014-8443
+CVE-2014-8443 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-8442
+CVE-2014-8442 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-8441
+CVE-2014-8441 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-8440
+CVE-2014-8440 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-8439
+CVE-2014-8439 (Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-8438
+CVE-2014-8438 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-8437
+CVE-2014-8437 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2014-8436
 	RESERVED
@@ -4740,71 +4740,71 @@ CVE-2014-8431
 	RESERVED
 CVE-2014-8430
 	RESERVED
-CVE-2014-8429
+CVE-2014-8429 (Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats x ...)
 	NOT-FOR-US: xEpan CMS
-CVE-2014-8428
+CVE-2014-8428 (Privilege escalation vulnerability in Barracuda Load Balancer 5.0.0.01 ...)
 	NOT-FOR-US: Barracuda
 CVE-2014-8427
 	RESERVED
-CVE-2014-8426
+CVE-2014-8426 (Hard coded weak credentials in Barracuda Load Balancer 5.0.0.015. ...)
 	NOT-FOR-US: Barracuda
-CVE-2014-8425
+CVE-2014-8425 (The management portal in ARRIS VAP2500 before FW08.41 allows remote at ...)
 	NOT-FOR-US: Management portal in ARRIS VAP2500
-CVE-2014-8424
+CVE-2014-8424 (ARRIS VAP2500 before FW08.41 does not properly validate passwords, whi ...)
 	NOT-FOR-US: ARRIS VAP2500
-CVE-2014-8423
+CVE-2014-8423 (Unspecified vulnerability in the management portal in ARRIS VAP2500 be ...)
 	NOT-FOR-US: ARRIS VAP2500
-CVE-2014-8422
+CVE-2014-8422 (The web-based management (WBM) interface in Unify (former Siemens) Ope ...)
 	NOT-FOR-US:  Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone
-CVE-2014-8421
+CVE-2014-8421 (Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 de ...)
 	NOT-FOR-US:  Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone
-CVE-2014-8420
+CVE-2014-8420 (The ViewPoint web application in Dell SonicWALL Global Management Syst ...)
 	NOT-FOR-US: Dell SonicWALL
-CVE-2014-8419
+CVE-2014-8419 (Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read ...)
 	NOT-FOR-US: Wibu-Systems CodeMeter Runtime
-CVE-2014-8418
+CVE-2014-8418 (The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32,  ...)
 	{DLA-455-1}
 	- asterisk 1:13.1.0~dfsg-1 (bug #771463)
 	[jessie] - asterisk 1:11.13.1~dfsg-2
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24534
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-018.html
-CVE-2014-8417
+CVE-2014-8417 (ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13 ...)
 	- asterisk 1:13.1.0~dfsg-1 (bug #771463)
 	[jessie] - asterisk 1:11.13.1~dfsg-2
 	[wheezy] - asterisk <not-affected> (Only affects 11.x, 12.x and 13.x)
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24490
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-017.html
-CVE-2014-8416
+CVE-2014-8416 (Use-after-free vulnerability in the PJSIP channel driver in Asterisk O ...)
 	- asterisk 1:13.1.0~dfsg-1
 	[jessie] - asterisk <not-affected> (PJSIP channel not available yet)
 	[wheezy] - asterisk <not-affected> (PJSIP channel not available yet)
 	[squeeze] - asterisk <not-affected> (PJSIP channel not available yet)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24471
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-016.html
-CVE-2014-8415
+CVE-2014-8415 (Race condition in the chan_pjsip channel driver in Asterisk Open Sourc ...)
 	- asterisk 1:13.1.0~dfsg-1
 	[jessie] - asterisk <not-affected> (PJSIP channel not available yet)
 	[wheezy] - asterisk <not-affected> (PJSIP channel not available yet)
 	[squeeze] - asterisk <not-affected> (PJSIP channel not available yet)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24471
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-015.html
-CVE-2014-8414
+CVE-2014-8414 (ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 ...)
 	- asterisk 1:13.1.0~dfsg-1 (bug #771463)
 	[jessie] - asterisk 1:11.13.1~dfsg-2
 	[wheezy] - asterisk <not-affected> (Only affects 11.x)
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24440
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-014.html
-CVE-2014-8413
+CVE-2014-8413 (The res_pjsip_acl module in Asterisk Open Source 12.x before 12.7.1 an ...)
 	- asterisk 1:13.1.0~dfsg-1
 	[jessie] - asterisk <not-affected> (PJSIP channel not available yet)
 	[wheezy] - asterisk <not-affected> (PJSIP channel not available yet)
 	[squeeze] - asterisk <not-affected> (PJSIP channel not available yet)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24531
 	NOTE: http://downloads.digium.com/pub/security/AST-2014-013.html
-CVE-2014-8412
+CVE-2014-8412 (The (1) VoIP channel drivers, (2) DUNDi, and (3) Asterisk Manager Inte ...)
 	{DLA-455-1}
 	- asterisk 1:13.1.0~dfsg-1 (bug #771463)
 	[jessie] - asterisk 1:11.13.1~dfsg-2
@@ -4835,115 +4835,115 @@ CVE-2014-8401
 	RESERVED
 CVE-2014-8400
 	RESERVED
-CVE-2014-8398
+CVE-2014-8398 (Multiple untrusted search path vulnerabilities in Corel FastFlick allo ...)
 	NOT-FOR-US: Corel FastFlick
-CVE-2014-8397
+CVE-2014-8397 (Untrusted search path vulnerability in Corel VideoStudio PRO X7 or Fas ...)
 	NOT-FOR-US: Corel
-CVE-2014-8396
+CVE-2014-8396 (Untrusted search path vulnerability in Corel PDF Fusion allows local u ...)
 	NOT-FOR-US: Corel PDF Fusion
-CVE-2014-8395
+CVE-2014-8395 (Untrusted search path vulnerability in Corel Painter 2015 allows local ...)
 	NOT-FOR-US: Corel Painter
-CVE-2014-8394
+CVE-2014-8394 (Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow ...)
 	NOT-FOR-US: Corel CAD
-CVE-2014-8393
+CVE-2014-8393 (DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Cor ...)
 	NOT-FOR-US: Corel
 CVE-2014-8392
 	RESERVED
-CVE-2014-8391
+CVE-2014-8391 (The Web interface in Sendio before 7.2.4 does not properly handle sess ...)
 	NOT-FOR-US: Sendio
-CVE-2014-8390
+CVE-2014-8390 (Multiple buffer overflows in Schneider Electric VAMPSET before 2.2.168 ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-8389
+CVE-2014-8389 (cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18  ...)
 	NOT-FOR-US: AirLive
-CVE-2014-8388
+CVE-2014-8388 (Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-8387
+CVE-2014-8387 (cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point all ...)
 	NOT-FOR-US: Advantech EKI-6340
-CVE-2014-8386
+CVE-2014-8386 (Multiple stack-based buffer overflows in Advantech AdamView 4.3 and ea ...)
 	NOT-FOR-US: Advantech AdamView
-CVE-2014-8385
+CVE-2014-8385 (Buffer overflow on Advantech EKI-1200 gateways with firmware before 1. ...)
 	NOT-FOR-US: Advantech EKI-1200 gateways
-CVE-2014-8384
+CVE-2014-8384 (The InFocus IN3128HD projector with firmware 0.26 does not restrict ac ...)
 	NOT-FOR-US: InFocus IN3128HD projector
-CVE-2014-8383
+CVE-2014-8383 (The InFocus IN3128HD projector with firmware 0.26 allows remote attack ...)
 	NOT-FOR-US: InFocus IN3128HD projector
 CVE-2014-8382
 	RESERVED
-CVE-2014-8381
+CVE-2014-8381 (Multiple cross-site scripting (XSS) vulnerabilities in Megapolis.Porta ...)
 	NOT-FOR-US: Megapolis.Portal Manager
-CVE-2014-8380
+CVE-2014-8380 (Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote ...)
 	NOT-FOR-US: Splunk
-CVE-2014-8379
+CVE-2014-8379 (Multiple cross-site scripting (XSS) vulnerabilities in the Marketo MA  ...)
 	NOT-FOR-US: Drupal module Marketo MA
-CVE-2014-8378
+CVE-2014-8378 (Cross-site scripting (XSS) vulnerability in the TableField module 7.x- ...)
 	NOT-FOR-US: Drupal module TableField
-CVE-2014-8377
+CVE-2014-8377 (Cross-site scripting (XSS) vulnerability in Webasyst Shop-Script 5.2.2 ...)
 	NOT-FOR-US: Webasyst Shop-Script
-CVE-2014-8376
+CVE-2014-8376 (Cross-site scripting (XSS) vulnerability in the context administration ...)
 	NOT-FOR-US: Drupal module Site Banner
-CVE-2014-8375
+CVE-2014-8375 (SQL injection vulnerability in GBgallery.php in the GB Gallery Slidesh ...)
 	NOT-FOR-US: WordPress plugin GB Gallery Slideshow
 CVE-2014-8374
 	REJECTED
-CVE-2014-8373
+CVE-2014-8373 (The VMware Remote Console (VMRC) function in VMware vCloud Automation  ...)
 	NOT-FOR-US: VMware vCloud Automation Center
-CVE-2014-8372
+CVE-2014-8372 (AirWatch by VMware On-Premise 7.3.x before 7.3.3.0 (FP3) allows remote ...)
 	NOT-FOR-US: VMware AirWatch
-CVE-2014-8371
+CVE-2014-8371 (VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before ...)
 	NOT-FOR-US: VMware vSphere
-CVE-2014-8370
+CVE-2014-8370 (VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, ...)
 	NOT-FOR-US: VMware
-CVE-2014-8369
+CVE-2014-8369 (The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kern ...)
 	{DSA-3093-1}
 	- linux 3.16.7-ckt2-1
 	- linux-2.6 <not-affected> (Incomplete fix for CVE-2014-3601 was not applied)
 	NOTE: Introduced by http://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7
 	NOTE: Fixed by: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=3d32e4dbe71374a6780eaf51d719d76f9a9bf22f
-CVE-2014-8368
+CVE-2014-8368 (The web interface in Aruba Networks AirWave before 7.7.14 and 8.x befo ...)
 	NOT-FOR-US: Aruba Networks AirWave
-CVE-2014-8367
+CVE-2014-8367 (SQL injection vulnerability in Aruba Networks ClearPass Policy Manager ...)
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2014-8366
+CVE-2014-8366 (SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote a ...)
 	NOT-FOR-US: openSIS
-CVE-2014-8365
+CVE-2014-8365 (Multiple cross-site scripting (XSS) vulnerabilities in Xornic Contact  ...)
 	NOT-FOR-US: Xornic Contact Us Form
-CVE-2014-8364
+CVE-2014-8364 (Cross-site scripting (XSS) vulnerability in ss_handler.php in the Word ...)
 	NOT-FOR-US: WordPress plugin wpSS
-CVE-2014-8363
+CVE-2014-8363 (SQL injection vulnerability in ss_handler.php in the WordPress Spreads ...)
 	NOT-FOR-US: WordPress plugin wpSS
-CVE-2014-8362
+CVE-2014-8362 (Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable  ...)
 	NOT-FOR-US: Vivint Sky Control Panel
-CVE-2014-8361
+CVE-2014-8361 (The miniigd SOAP service in Realtek SDK allows remote attackers to exe ...)
 	NOT-FOR-US: Realtek SDK
-CVE-2014-8360
+CVE-2014-8360 (Directory traversal vulnerability in inc/autoload.function.php in GLPI ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
 	NOTE: original bug: https://forge.indepnet.net/issues/5101
 	NOTE: followup: https://forge.indepnet.net/issues/5113
 	NOTE: appears to be a generic autoloading abuse; possibly with
 	NOTE: some use of simplepie being the attack vector
-CVE-2014-8359
+CVE-2014-8359 (Untrusted search path vulnerability in Huawei Mobile Partner for Windo ...)
 	NOT-FOR-US: Huawei Mobile Partner for Windows
-CVE-2014-8358
+CVE-2014-8358 (Huawei EC156, EC176, and EC177 USB Modem products with software before ...)
 	NOT-FOR-US: Huawei
-CVE-2014-8357
+CVE-2014-8357 (backupsettings.html in the web administrative portal in Zhone zNID GPO ...)
 	NOT-FOR-US: ZHONE Router
 CVE-2014-8356
 	RESERVED
 	NOT-FOR-US: ZHONE Router
 CVE-2014-8353
 	RESERVED
-CVE-2014-8352
+CVE-2014-8352 (Cross-site scripting (XSS) vulnerability in json.php in French Nationa ...)
 	NOT-FOR-US: CookieViz
-CVE-2014-8351
+CVE-2014-8351 (SQL injection vulnerability in info.php in French National Commission  ...)
 	NOT-FOR-US: CookieViz
-CVE-2014-8349
+CVE-2014-8349 (Cross-site scripting (XSS) vulnerability in Liferay Portal Enterprise  ...)
 	NOT-FOR-US: Liferay Portal
 CVE-2014-8348
 	RESERVED
 CVE-2014-8347
 	RESERVED
-CVE-2014-8346
+CVE-2014-8346 (The Remote Controls feature on Samsung mobile devices does not validat ...)
 	NOT-FOR-US: Samsung mobile devices
 CVE-2014-8345
 	RESERVED
@@ -4955,33 +4955,33 @@ CVE-2014-8342
 	RESERVED
 CVE-2014-8341
 	RESERVED
-CVE-2014-8340
+CVE-2014-8340 (SQL injection vulnerability in Php/Functions/log_function.php in phpTr ...)
 	NOT-FOR-US: phpTrafficA
-CVE-2014-8339
+CVE-2014-8339 (SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ...)
 	NOT-FOR-US: Nuevolabs Nuevoplayer for clipshare
 CVE-2014-8338
 	RESERVED
 CVE-2014-8337
 	RESERVED
-CVE-2014-8336
+CVE-2014-8336 (The "Sql Run Query" panel in WP-DBManager (aka Database Manager) plugi ...)
 	NOT-FOR-US: WP-DBManager plugin for WordPress
-CVE-2014-8335
+CVE-2014-8335 ((1) wp-dbmanager.php and (2) database-manage.php in the WP-DBManager ( ...)
 	NOT-FOR-US: WP-DBManager (aka Database Manager) plugin for WordPress
-CVE-2014-8334
+CVE-2014-8334 (The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPr ...)
 	NOT-FOR-US: WordPress plugin wp-dbmanager
 CVE-2014-8332
 	RESERVED
-CVE-2014-8331
+CVE-2014-8331 (Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei H ...)
 	NOT-FOR-US: Huawei HiLink
-CVE-2014-8330
+CVE-2014-8330 (Cross-site scripting (XSS) vulnerability in EspoCRM allows remote auth ...)
 	NOT-FOR-US: EspoCRM
-CVE-2014-8329
+CVE-2014-8329 (Schrack Technik microControl with firmware before 1.7.0 (937) stores s ...)
 	NOT-FOR-US: Schrack Technik microControl
-CVE-2014-8324
+CVE-2014-8324 (network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to  ...)
 	- aircrack-ng 1:1.2-0~beta3-2 (bug #767979)
 	NOTE: https://github.com/aircrack-ng/aircrack-ng/commit/88702a3ce4c28a973bf69023cd0312f412f6193e
 	NOTE: https://github.com/aircrack-ng/aircrack-ng/pull/16
-CVE-2014-8323
+CVE-2014-8323 (buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to ...)
 	- aircrack-ng 1:1.2-0~beta3-2 (bug #767979)
 	NOTE: https://github.com/aircrack-ng/aircrack-ng/commit/da087238963c1239fdabd47dc1b65279605aca70
 	NOTE: https://github.com/aircrack-ng/aircrack-ng/pull/15
@@ -4995,25 +4995,25 @@ CVE-2014-8321 [GPS stack overflow]
 	- aircrack-ng 1:1.2-0~beta3-2 (bug #767979)
 	NOTE: https://github.com/aircrack-ng/aircrack-ng/commit/ff70494dd389ba570dbdbf36f217c28d4381c6b5
 	NOTE: https://github.com/aircrack-ng/aircrack-ng/pull/13
-CVE-2014-8320
+CVE-2014-8320 (Cross-site scripting (XSS) vulnerability in the Custom Search module 6 ...)
 	NOT-FOR-US: Drupal module Custom Search
-CVE-2014-8319
+CVE-2014-8319 (Cross-site scripting (XSS) vulnerability in the easy_social_admin_summ ...)
 	NOT-FOR-US: Drupal module Easy Social
-CVE-2014-8318
+CVE-2014-8318 (Cross-site scripting (XSS) vulnerability in the Webform module 6.x-3.x ...)
 	NOT-FOR-US: Drupal module Webform
-CVE-2014-8317
+CVE-2014-8317 (Cross-site scripting (XSS) vulnerability in the Webform Validation mod ...)
 	NOT-FOR-US: Drupal module Webform Validation
-CVE-2014-8350
+CVE-2014-8350 (Smarty before 3.1.21 allows remote attackers to bypass the secure mode ...)
 	{DLA-452-1}
 	- smarty3 3.1.21-1 (bug #765920)
 	- smarty <not-affected> (Only affects 3.x series)
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/smarty-php/smarty/commit/279bdbd3521cd717cae6a3ba48f1c3c6823f439d.patch
-CVE-2014-8399
+CVE-2014-8399 (The default configuration in systemd-shim 8 enables the Abandon debugg ...)
 	- systemd-shim 8-4
 	NOTE: Fixed by: https://github.com/desrt/systemd-shim/commit/d2e91c118f6128875274a638007702d1cc665893
 	NOTE: with version 8-4 systemd-shim does not ship anymore a dbus policy, see https://bugs.debian.org/765101
-CVE-2014-8333
+CVE-2014-8333 (The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows r ...)
 	- nova 2014.1.3-7
 	[wheezy] - nova <not-affected> (Vulnerable code not present)
 	NOTE: versions affected up to to 2014.1.3
@@ -5022,52 +5022,52 @@ CVE-2014-8333
 CVE-2014-8328
 	RESERVED
 	NOT-FOR-US: TYPO3 extension dce
-CVE-2014-8327
+CVE-2014-8327 (The fal_sftp extension before 0.2.6 for TYPO3 uses weak permissions fo ...)
 	NOT-FOR-US: TYPO3 extension fal_sftp
-CVE-2014-8326
+CVE-2014-8326 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...)
 	- phpmyadmin 4:4.2.10.1-1 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php
-CVE-2014-8325
+CVE-2014-8325 (The Calendar Base (cal) extension before 1.5.9 and 1.6.x before 1.6.1  ...)
 	NOT-FOR-US: TYPO3 extension cal
-CVE-2014-8316
+CVE-2014-8316 (XML External Entity (XXE) vulnerability in polestar_xml.jsp in SAP Bus ...)
 	NOT-FOR-US: SAP BusinessObjects Explorer
-CVE-2014-8315
+CVE-2014-8315 (polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 repl ...)
 	NOT-FOR-US: SAP BusinessObjects Explorer
-CVE-2014-8314
+CVE-2014-8314 (Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA Develo ...)
 	NOT-FOR-US: SAP HANA
-CVE-2014-8313
+CVE-2014-8313 (Eval injection in ide/core/base/server/net.xsjs in the Developer Workb ...)
 	NOT-FOR-US: SAP HANA
-CVE-2014-8312
+CVE-2014-8312 (Business Warehouse (BW) in SAP Netweaver AS ABAP 7.31 allows remote au ...)
 	NOT-FOR-US: SAP Netweaver AS ABAP
-CVE-2014-8311
+CVE-2014-8311 (SAP BusinessObjects Edge 4.0 allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: SAP BusinessObjects Edge
-CVE-2014-8310
+CVE-2014-8310 (The CMS CORBA listener in SAP BusinessObjects BI Edge 4.0 allows remot ...)
 	NOT-FOR-US: SAP BusinessObjects BI Edge
-CVE-2014-8309
+CVE-2014-8309 (SAP BusinessObjects 4.0 and BusinessObjects XI (BOXI) R2 and 3.1 gener ...)
 	NOT-FOR-US: SAP
-CVE-2014-8308
+CVE-2014-8308 (Cross-site scripting (XSS) vulnerability in the Send to Inbox function ...)
 	NOT-FOR-US: SAP BusinessObjects BI EDGE
-CVE-2014-8307
+CVE-2014-8307 (Multiple cross-site scripting (XSS) vulnerabilities in skins/default/o ...)
 	NOT-FOR-US: C97net Cart Engine
-CVE-2014-8306
+CVE-2014-8306 (SQL injection vulnerability in the sql_query function in cart.php in C ...)
 	NOT-FOR-US: C97net Cart Engine
-CVE-2014-8305
+CVE-2014-8305 (Open redirect vulnerability in the redir function in includes/function ...)
 	NOT-FOR-US: C97net Cart Engine
-CVE-2014-8304
+CVE-2014-8304 (Cross-site scripting (XSS) vulnerability in In-Portal CMS 5.2.0 and ea ...)
 	NOT-FOR-US: In-Portal
-CVE-2014-8303
+CVE-2014-8303 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enter ...)
 	NOT-FOR-US: Splunk Web
-CVE-2014-8302
+CVE-2014-8302 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enter ...)
 	NOT-FOR-US: Splunk Web
-CVE-2014-8301
+CVE-2014-8301 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enter ...)
 	NOT-FOR-US: Splunk Web
 CVE-2014-8300
 	RESERVED
 CVE-2014-8299
 	RESERVED
-CVE-2014-8298
+CVE-2014-8298 (The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R ...)
 	- nvidia-graphics-drivers 340.65-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -5080,38 +5080,38 @@ CVE-2014-8298
 	[squeeze] - nvidia-graphics-drivers-legacy-96xx <no-dsa> (Non-free not supported)
 CVE-2014-8297
 	RESERVED
-CVE-2014-8296
+CVE-2014-8296 (Cross-site scripting (XSS) vulnerability in the Modal Frame API module ...)
 	NOT-FOR-US: Drupal module Modal Frame API
 CVE-2014-XXXX [freecad downloads and executes code]
 	- freecad 0.14.3702+dfsg-3 (bug #764814)
 	[squeeze] - freecad <not-affected> (Problematic code not present)
 	NOTE: http://freecadweb.org/tracker/view.php?id=1785
-CVE-2014-8295
+CVE-2014-8295 (SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows ...)
 	NOT-FOR-US: Bacula-Web
 	NOTE: Bacula-Web is not part of bacula itself and not ITP #656891
-CVE-2014-8294
+CVE-2014-8294 (Multiple SQL injection vulnerabilities in Voice Of Web AllMyGuests 0.4 ...)
 	NOT-FOR-US: Voice Of Web AllMyGuests
-CVE-2014-8293
+CVE-2014-8293 (Cross-site scripting (XSS) vulnerability in Voice Of Web AllMyGuests 0 ...)
 	NOT-FOR-US: Voice Of Web AllMyGuests
-CVE-2014-8764
+CVE-2014-8764 (DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP ...)
 	{DSA-3059-1 DLA-79-1}
 	- dokuwiki 0.0.20140929.a-1 (bug #766545)
 	[jessie] - dokuwiki <not-affected> (PHP 5.6 in jessie fixes this on the PHP level, see #766545)
 	NOTE: Fix at PHP level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c
-CVE-2014-8763
+CVE-2014-8763 (DokuWiki before 2014-05-05b, when using Active Directory for LDAP auth ...)
 	{DSA-3059-1 DLA-79-1}
 	- dokuwiki 0.0.20140929.a-1 (bug #766545)
 	[jessie] - dokuwiki <not-affected> (PHP 5.6 in jessie fixes this on the PHP level, see #766545)
 	NOTE: Fix at PHP level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c
-CVE-2014-8762
+CVE-2014-8762 (The ajax_mediadiff function in DokuWiki before 2014-05-05a allows remo ...)
 	{DSA-3059-1}
 	- dokuwiki 0.0.20140505.a+dfsg-1 (bug #766545)
 	[squeeze] - dokuwiki <not-affected> (Vulnerable code not present)
-CVE-2014-8761
+CVE-2014-8761 (inc/template.php in DokuWiki before 2014-05-05a only checks for access ...)
 	{DSA-3059-1}
 	- dokuwiki 0.0.20140505.a+dfsg-1 (bug #766545)
 	[squeeze] - dokuwiki <not-affected> (Vulnerable code not present)
-CVE-2014-8760
+CVE-2014-8760 (ejabberd before 2.1.13 does not enforce the starttls_required setting  ...)
 	{DLA-881-1}
 	- ejabberd 14.07-3 (low; bug #767535)
 	[squeeze] - ejabberd <no-dsa> (Minor issue)
@@ -5119,35 +5119,35 @@ CVE-2014-8760
 	NOTE: Patch https://github.com/processone/ejabberd/commit/7bdc1151b
 CVE-2014-8759
 	RESERVED
-CVE-2014-8758
+CVE-2014-8758 (Cross-site scripting (XSS) vulnerability in Best Gallery Albums Plugin ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2014-8757
+CVE-2014-8757 (LG On-Screen Phone (OSP) before 4.3.010 allows remote attackers to byp ...)
 	NOT-FOR-US: LG On-Screen Phone
-CVE-2014-8756
+CVE-2014-8756 (The NcrCtl4.NcrNet.1 control in Panasonic Network Camera Recorder befo ...)
 	NOT-FOR-US: Panasonic Network Camera
-CVE-2014-8755
+CVE-2014-8755 (Panasonic Network Camera View 3 and 4 allows remote attackers to execu ...)
 	NOT-FOR-US: Panasonic Network Camera
-CVE-2014-8754
+CVE-2014-8754 (Open redirect vulnerability in track-click.php in the Ad-Manager plugi ...)
 	NOT-FOR-US: WordPress plugin ad-manager-for-wp
-CVE-2014-8753
+CVE-2014-8753 (Multiple cross-site scripting (XSS) vulnerabilities in Cit-e-Net Cit-e ...)
 	NOT-FOR-US: Cit-e-Net
-CVE-2014-8752
+CVE-2014-8752 (Multiple cross-site scripting (XSS) vulnerabilities in view.php in JCE ...)
 	NOT-FOR-US: JCE-Tech PHP Video Script
-CVE-2014-8751
+CVE-2014-8751 (Multiple cross-site scripting (XSS) vulnerabilities in goYWP WebPress  ...)
 	NOT-FOR-US: goYWP WebPress
-CVE-2014-8749
+CVE-2014-8749 (Server-side request forgery (SSRF) vulnerability in admin/htaccess/bps ...)
 	NOT-FOR-US: BulletProof Security plugin for WordPress
-CVE-2014-8748
+CVE-2014-8748 (Cross-site scripting (XSS) vulnerability in the Google Doubleclick for ...)
 	NOT-FOR-US: Drupal module Google Doubleclick for Publishers
-CVE-2014-8747
+CVE-2014-8747 (Cross-site scripting (XSS) vulnerability in the Drupal Commons module  ...)
 	NOT-FOR-US: Drupal module Drupal Commons
-CVE-2014-8746
+CVE-2014-8746 (Cross-site scripting (XSS) vulnerability in the Skeleton theme 7.x-1.2 ...)
 	NOT-FOR-US: Drupal theme Skeleton
-CVE-2014-8745
+CVE-2014-8745 (Cross-site scripting (XSS) vulnerability in the Custom Search module 6 ...)
 	NOT-FOR-US: Drupal module Custom Search
-CVE-2014-8744
+CVE-2014-8744 (Cross-site scripting (XSS) vulnerability in the Nivo Slider module 7.x ...)
 	NOT-FOR-US: Drupal module Nivo Slider
-CVE-2014-8743
+CVE-2014-8743 (Multiple cross-site scripting (XSS) vulnerabilities in the Maestro mod ...)
 	NOT-FOR-US: Drupal module Maestro
 CVE-2014-8292
 	REJECTED
@@ -5183,7 +5183,7 @@ CVE-2014-8277
 	REJECTED
 CVE-2014-8276
 	REJECTED
-CVE-2014-8275
+CVE-2014-8275 (OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k d ...)
 	{DSA-3125-1 DLA-132-1}
 	- openssl 1.0.1k-1
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=86edf13b1c97526c0cf63c37342aaa01f5442688
@@ -5194,20 +5194,20 @@ CVE-2014-8274
 	RESERVED
 CVE-2014-8273
 	RESERVED
-CVE-2014-8272
+CVE-2014-8272 (The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6  ...)
 	NOT-FOR-US: Dell iDRAC6
 CVE-2014-8271
 	RESERVED
 	NOT-FOR-US: uefi
-CVE-2014-8270
+CVE-2014-8270 (BMC Track-It! 11.3 allows remote attackers to gain privileges and exec ...)
 	NOT-FOR-US: BMC Track-It!
-CVE-2014-8269
+CVE-2014-8269 (Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) H ...)
 	NOT-FOR-US: Honeywell OPOS Suite
-CVE-2014-8268
+CVE-2014-8268 (QPR Portal before 2012.2.1 allows remote attackers to modify or delete ...)
 	NOT-FOR-US: QPR Portal
-CVE-2014-8267
+CVE-2014-8267 (Cross-site scripting (XSS) vulnerability in QPR Portal 2014.1.1 and ea ...)
 	NOT-FOR-US: QPR Portal
-CVE-2014-8266
+CVE-2014-8266 (Multiple cross-site scripting (XSS) vulnerabilities in the note-creati ...)
 	NOT-FOR-US: QPR Portal
 CVE-2014-8265
 	RESERVED
@@ -5243,17 +5243,17 @@ CVE-2014-8250
 	RESERVED
 CVE-2014-8249
 	RESERVED
-CVE-2014-8248
+CVE-2014-8248 (SQL injection vulnerability in CA Release Automation (formerly iTKO LI ...)
 	NOT-FOR-US: CA Release Automation
-CVE-2014-8247
+CVE-2014-8247 (Cross-site scripting (XSS) vulnerability in CA Release Automation (for ...)
 	NOT-FOR-US: CA Release Automation
-CVE-2014-8246
+CVE-2014-8246 (Cross-site request forgery (CSRF) vulnerability in CA Release Automati ...)
 	NOT-FOR-US: CA Release Automation
 CVE-2014-8245
 	RESERVED
-CVE-2014-8244
+CVE-2014-8244 (Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.4 ...)
 	NOT-FOR-US: Linksys SMART WiFi
-CVE-2014-8243
+CVE-2014-8243 (Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.4 ...)
 	NOT-FOR-US: Linksys SMART WiFi
 CVE-2014-8239
 	REJECTED
@@ -5389,7 +5389,7 @@ CVE-2014-8182 [crash in ldap_domain2hostlist when processing SRV records]
 CVE-2014-8181 [scsi: do not fill dirty page content in the SG_IO buffer]
 	RESERVED
 	- linux <not-affected> (Specific to RHEL 7)
-CVE-2014-8180
+CVE-2014-8180 (MongoDB on Red Hat Satellite 6 allows local users to bypass authentica ...)
 	NOT-FOR-US: Red Hat Satellite
 CVE-2014-8179
 	RESERVED
@@ -5397,58 +5397,58 @@ CVE-2014-8179
 CVE-2014-8178
 	RESERVED
 	- docker.io 1.8.3~ds1-1
-CVE-2014-8177
+CVE-2014-8177 (The Red Hat gluster-swift package, as used in Red Hat Gluster Storage  ...)
 	NOT-FOR-US: gluster-swift
-CVE-2014-8176
+CVE-2014-8176 (The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9. ...)
 	{DSA-3287-1 DLA-247-1}
 	- openssl 1.0.1h-1
 	NOTE: http://openssl.org/news/secadv/20150611.txt
-CVE-2014-8175
+CVE-2014-8175 (Red Hat JBoss Fuse before 6.2.0 allows remote authenticated users to b ...)
 	NOT-FOR-US: JBoss Fuse
-CVE-2014-8174
+CVE-2014-8174 (eDeploy makes it easier for remote attackers to execute arbitrary code ...)
 	- edeploy <itp> (bug #717664)
-CVE-2014-8173
+CVE-2014-8173 (The pmd_none_or_trans_huge_or_clear_bad function in include/asm-generi ...)
 	- linux 3.13.4-1
 	[wheezy] - linux <not-affected> (Introduced in 3.10 with 1998cc048901)
 	- linux-2.6 <not-affected> (Introduced in 3.10 with 1998cc048901)
 	NOTE: Upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee53664bda169f519ce3c6a22d378f0b946c8178 (v3.13-rc5)
-CVE-2014-8172
+CVE-2014-8172 (The filesystem implementation in the Linux kernel before 3.13 performs ...)
 	- linux 3.13.4-1
 	[wheezy] - linux <no-dsa> (Too intrusive to backport)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	NOTE: Upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eee5cc2702929fd41cce28058dc6d6717f723f87 (v3.13-rc1)
-CVE-2014-8171
+CVE-2014-8171 (The memory resource controller (aka memcg) in the Linux kernel allows  ...)
 	- linux 3.12.6-1
 	[wheezy] - linux <no-dsa> (Too difficult and risky to backport)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too difficult and risky to backport)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3812c8c8f3953921ef18544110dafc3505c1ac62 (v3.12-rc1)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4942642080ea82d99ab5b653abb9a12b7ba31f4a (v3.12-rc6)
-CVE-2014-8170
+CVE-2014-8170 (ovirt_safe_delete_config in ovirtfunctions.py and other unspecified lo ...)
 	- ovirt-node <itp> (bug #502024)
-CVE-2014-8169
+CVE-2014-8169 (automount 5.0.8, when a program map uses certain interpreted languages ...)
 	- autofs 5.0.8-2 (bug #779591)
 	[wheezy] - autofs <not-affected> (Vulnerable code introduced in 5.0.8)
 	- autofs5 <not-affected> (Vulnerable code introduced in 5.0.8)
-CVE-2014-8168
+CVE-2014-8168 (Red Hat Satellite 6 allows local users to access mongod and delete pul ...)
 	NOT-FOR-US: Red Hat Satellite
 CVE-2014-8167
 	RESERVED
 	NOT-FOR-US: Red Hat vdms and vdsclient
-CVE-2014-8166
+CVE-2014-8166 (The browsing feature in the server in CUPS does not filter ANSI escape ...)
 	- cups <unfixed> (unimportant)
 	NOTE: Patch: https://bugzilla.redhat.com/attachment.cgi?id=916761
 	NOTE: Terminal emulators need to perform proper escaping
-CVE-2014-8165
+CVE-2014-8165 (scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the p ...)
 	- powerpc-utils <not-affected> (Vulnerable code not present)
 	NOTE: http://sourceforge.net/p/powerpc-utils/mailman/message/32884230
 CVE-2014-8164
 	RESERVED
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2014-8163
+CVE-2014-8163 (Directory traversal vulnerability in the XMLRPC interface in Red Hat S ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2014-8162
+CVE-2014-8162 (XML external entity (XXE) in the RPC interface in Spacewalk and Red Ha ...)
 	NOT-FOR-US: Red Hat Satellite
 CVE-2014-8161
 	RESERVED
@@ -5457,25 +5457,25 @@ CVE-2014-8161
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
-CVE-2014-8160
+CVE-2014-8160 (net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before  ...)
 	{DSA-3170-1 DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=db29a9508a9246e77087c5531e45b2c88ec6988b (v3.18-rc1)
 	NOTE: http://www.spinics.net/lists/netfilter-devel/msg33430.html
-CVE-2014-8159
+CVE-2014-8159 (The InfiniBand (IB) implementation in the Linux kernel package before  ...)
 	{DSA-3237-1 DLA-246-1}
 	- linux 3.16.7-ckt9-1
 	- linux-2.6 <removed>
-CVE-2014-8158
+CVE-2014-8158 (Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1  ...)
 	{DSA-3138-1 DLA-138-1}
 	- jasper 1.900.1-debian1-2.4 (bug #775970)
 	NOTE: http://www.ocert.org/advisories/ocert-2015-001.html
-CVE-2014-8157
+CVE-2014-8157 (Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 ...)
 	{DSA-3138-1 DLA-138-1}
 	- jasper 1.900.1-debian1-2.4 (bug #775970)
 	NOTE: http://www.ocert.org/advisories/ocert-2015-001.html
-CVE-2014-8156
+CVE-2014-8156 (The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso- ...)
 	- fso-deviced 0.12.0-5
 	[wheezy] - fso-deviced <no-dsa> (Minor issue)
 	- fso-datad 0.12.0-3
@@ -5491,12 +5491,12 @@ CVE-2014-8156
 	- phonefsod 0.1+git20121018-2
 	[wheezy] - phonefsod <no-dsa> (Minor issue)
 	[squeeze] - phonefsod <no-dsa> (Minor issue)
-CVE-2014-8155
+CVE-2014-8155 (GnuTLS before 2.9.10 does not verify the activation and expiration dat ...)
 	{DLA-180-1}
 	- gnutls26 2.9.10-1
 	- gnutls28 <not-affected> (Initial version 3.0.0-1 already contained the check based on 2.9.10)
 	NOTE: Fixed by: https://gitlab.com/gnutls/gnutls/commit/897cbce62c0263a498088ac3e465aa5f05f8719c
-CVE-2014-8154
+CVE-2014-8154 (The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect b ...)
 	- vala-0.26 0.26.1-1.1 (bug #775913)
 	- vala-0.16 <not-affected> (MapInfo not yet present)
 	- vala-0.14 <not-affected> (MapInfo not yet present)
@@ -5505,24 +5505,24 @@ CVE-2014-8154
 	NOTE: https://git.gnome.org/browse/vala/commit/?id=3092537db65887e24a3d3e87a27caf9c5295e4f7
 	NOTE: Binaries with buggy bindings package that use Gst.MapInfo() function
 	NOTE: are affected as well and need to be rebuilt, shotwell, rygel, ...
-CVE-2014-8153
+CVE-2014-8153 (The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using ...)
 	- neutron <not-affected> (Affects neutron 2014.2 up to 2014.2.1)
-CVE-2014-8152
+CVE-2014-8152 (Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remot ...)
 	- libxml-security-java <not-affected> (streaming XML Signature support introduced in 2.0.0)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1634334
 	NOTE: http://santuario.apache.org/secadv.data/CVE-2014-8152.txt.asc
-CVE-2014-8151
+CVE-2014-8151 (The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in l ...)
 	- curl <not-affected> (Only relevant when building with darwinssl/Mac OS X)
 	NOTE: http://curl.haxx.se/docs/adv_20150108A.html
-CVE-2014-8150
+CVE-2014-8150 (CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, ...)
 	{DSA-3122-1 DLA-134-1}
 	- curl 7.38.0-4
 	NOTE: http://curl.haxx.se/docs/adv_20150108B.html
-CVE-2014-8149
+CVE-2014-8149 (OpenDaylight defense4all 1.1.0 and earlier allows remote authenticated ...)
 	NOT-FOR-US: OpenDaylight
-CVE-2014-8148
+CVE-2014-8148 (The default D-Bus access control rule in Midgard2 10.05.7.1 allows loc ...)
 	- midgard2-core <removed> (bug #774630)
-CVE-2014-8147
+CVE-2014-8147 (The resolveImplicitLevels function in common/ubidi.c in the Unicode Bi ...)
 	{DSA-3323-1}
 	- icu 52.1-9 (bug #784773)
 	[wheezy] - icu <not-affected> (Vulnerable code not present)
@@ -5532,7 +5532,7 @@ CVE-2014-8147
 	[wheezy] - chromium-browser <not-affected> (Vulnerable code not present)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37080
-CVE-2014-8146
+CVE-2014-8146 (The resolveImplicitLevels function in common/ubidi.c in the Unicode Bi ...)
 	{DSA-3323-1}
 	- icu 52.1-9 (bug #784773)
 	[wheezy] - icu <not-affected> (Vulnerable code not present)
@@ -5542,22 +5542,22 @@ CVE-2014-8146
 	[wheezy] - chromium-browser <not-affected> (Vulnerable code not present)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37162
-CVE-2014-8145
+CVE-2014-8145 (Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 an ...)
 	{DSA-3112-1 DLA-1687-1 DLA-128-1}
 	- sox 14.4.2-2 (bug #773720)
 	[stretch] - sox 14.4.1-5+deb9u1
 	NOTE: The two needed patches were added in 14.4.1-5 but not to the series file
 	NOTE: so the patches got not applied during build.
-CVE-2014-8144
+CVE-2014-8144 (Cross-site request forgery (CSRF) vulnerability in doorkeeper before 1 ...)
 	NOT-FOR-US: doorkeeper OAuth provider
-CVE-2014-8143
+CVE-2014-8143 (Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc ...)
 	- samba 2:4.1.17+dfsg-1 (bug #776993)
 	[wheezy] - samba <not-affected> (Only affects 4.0 and later)
 	[squeeze] - samba <not-affected> (Only affects 4.0 and later)
 	- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: AD-related packages removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: https://www.samba.org/samba/security/CVE-2014-8143
-CVE-2014-8142
+CVE-2014-8142 (Use-after-free vulnerability in the process_nested_data function in ex ...)
 	{DSA-3117-1}
 	- php5 5.6.5+dfsg-1 (unimportant)
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=630f9c33c23639de85c3fd306b209b538b73b4c9
@@ -5575,42 +5575,42 @@ CVE-2014-8139 [CRC32 heap overflow]
 	RESERVED
 	{DSA-3113-1 DLA-150-1 DLA-124-1}
 	- unzip 6.0-16 (bug #773722)
-CVE-2014-8138
+CVE-2014-8138 (Heap-based buffer overflow in the jp2_decode function in JasPer 1.900. ...)
 	{DSA-3106-1 DLA-121-1}
 	- jasper 1.900.1-debian1-2.3 (bug #773463)
-CVE-2014-8137
+CVE-2014-8137 (Double free vulnerability in the jas_iccattrval_destroy function in Ja ...)
 	{DSA-3106-1 DLA-121-1}
 	- jasper 1.900.1-debian1-2.3 (bug #773463)
-CVE-2014-8136
+CVE-2014-8136 (The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 func ...)
 	- libvirt 1.2.9-7 (bug #773856)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced later)
 	NOTE: Upstream commit: http://libvirt.org/git/?p=libvirt.git;a=commit;h=2bdcd29c713dfedd813c89f56ae98f6f3898313d (v1.2.11-rc2)
 	NOTE: Introduced in http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=abf75aea247e (v1.1.0-rc1)
-CVE-2014-8135
+CVE-2014-8135 (The storageVolUpload function in storage/storage_driver.c in libvirt b ...)
 	- libvirt 1.2.9-7 (bug #773855)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced later)
 	NOTE: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=87b9437f8951f9d24f9a85c6bbfff0e54df8c984 (v1.2.11-rc1)
 	NOTE: Introduced by http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=4a85bf3e2fa703fdc14e8c49d5017ef04832a1d7 (v1.2.8-rc1)
-CVE-2014-8134
+CVE-2014-8134 (The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux  ...)
 	{DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.65-1
 	- linux-2.6 <removed>
 	NOTE: http://www.spinics.net/lists/kvm/msg111458.html
-CVE-2014-8133
+CVE-2014-8133 (arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation ...)
 	{DSA-3128-1 DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=41bdc78544b8a93a9c6814b8bbbfef966272abbe
-CVE-2014-8132
+CVE-2014-8132 (Double free vulnerability in the ssh_packet_kexinit function in kex.c  ...)
 	- libssh 0.6.3-4 (bug #773577)
 	[wheezy] - libssh 0.5.4-1+deb7u3
 	[squeeze] - libssh <not-affected> (Issue only present in versions > 0.5.1, squeeze has 0.4.5)
 	NOTE: http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/
 	NOTE: Upstream patch: http://git.libssh.org/projects/libssh.git/commit/?id=c2aed4ca78030d9014a890cb4370e6dc8264823f
-CVE-2014-8131
+CVE-2014-8131 (The qemu implementation of virConnectGetAllDomainStats in libvirt befo ...)
 	- libvirt 1.2.9-7 (bug #773858)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced later)
@@ -5618,13 +5618,13 @@ CVE-2014-8131
 	NOTE: Introduced by http://libvirt.org/git/?p=libvirt.git;a=commit;h=1f4831ee (v1.2.9-rc1)
 	NOTE: https://www.redhat.com/archives/libvir-list/2014-December/msg00551.html
 	NOTE: https://www.redhat.com/archives/libvir-list/2014-December/msg00600.html
-CVE-2014-8130
+CVE-2014-8130 (The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not rejec ...)
 	- tiff <unfixed> (unimportant; bug #776185)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
 	NOTE: Advisory: http://www.conostix.com/pub/adv/CVE-2014-8130-LibTIFF-Division_By_Zero.txt
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2483
 	NOTE: Crash in a frontend tool w/o potential for code injection, marked as unimportant
-CVE-2014-8129
+CVE-2014-8129 (LibTIFF 4.0.3 allows remote attackers to cause a denial of service (ou ...)
 	{DSA-3273-1 DLA-610-1 DLA-221-1}
 	- tiff 4.0.3-12.1 (bug #776185)
 	- tiff3 <removed>
@@ -5647,7 +5647,7 @@ CVE-2014-8128 [out-of-bounds write]
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2499 (thumbnail and tiffcmp) [not fixed yet in CVS HEAD]
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2501 (tiffdither)
 	NOTE: The tiff3 source package doesn't build the TIFF tools, but most of these bugs are in the library
-CVE-2014-8127
+CVE-2014-8127 (LibTIFF 4.0.3 allows remote attackers to cause a denial of service (ou ...)
 	{DSA-3273-1}
 	- tiff 4.0.6-3 (unimportant; bug #776185)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
@@ -5670,16 +5670,16 @@ CVE-2014-8126 [mailx invocation enables code execution as condor user]
 	NOTE: https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=41878
 	NOTE: https://github.com/htcondor/htcondor/commit/e891cea9970496aac74caf72604475a2b7e6a0ca.patch
 	NOTE: https://github.com/htcondor/htcondor/commit/aebc6b0492acdc8b21b39ba22e33661752c2c37d.patch
-CVE-2014-8125
+CVE-2014-8125 (XML external entity (XXE) vulnerability in Drools and jBPM before 6.2. ...)
 	NOT-FOR-US: jBPM
-CVE-2014-8124
+CVE-2014-8124 (OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014 ...)
 	- horizon 2014.1.3-6 (bug #772710)
 	[wheezy] - horizon <no-dsa> (Minor issue)
 	- python-django-openstack-auth 1.1.6-5 (bug #772712)
 	NOTE: up to 2014.1.3 and 2014.2 version up to 2014.2.1
-CVE-2014-8122
+CVE-2014-8122 (Race condition in JBoss Weld before 2.2.8 and 3.x before 3.0.0 Alpha3  ...)
 	NOT-FOR-US: JBoss Weld
-CVE-2014-8121
+CVE-2014-8121 (DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in ...)
 	{DSA-3480-1 DLA-316-1}
 	- glibc 2.21-1 (low; bug #779587)
 	[jessie] - glibc 2.19-18+deb8u2
@@ -5687,9 +5687,9 @@ CVE-2014-8121
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 	NOTE: Patch: https://sourceware.org/git/?p=glibc.git;a=commit;h=03d2730b44cc2236318fd978afa2651753666c55
-CVE-2014-8120
+CVE-2014-8120 (The agent in Thermostat before 1.0.6, when using unspecified configura ...)
 	NOT-FOR-US: Thermostat Hotspot instrumentation
-CVE-2014-8119
+CVE-2014-8119 (The find_ifcfg_path function in netcf before 0.2.7 might allow attacke ...)
 	- netcf <not-affected> (suse and redhat driver are not built on Debian)
 	NOTE: Issue is in the way the netcf's find_ifcfg_path() function processed
 	NOTE: certain XPath expressions according to Red Hat bugzilla.
@@ -5699,18 +5699,18 @@ CVE-2014-8119
 	NOTE: https://www.redhat.com/archives/augeas-devel/2014-December/msg00000.html
 	NOTE: The affected code is only in drv_redhat.c and drv_suse.c and the Debian
 	NOTE: build not affected.
-CVE-2014-8118
+CVE-2014-8118 (Integer overflow in RPM 4.12 and earlier allows remote attackers to ex ...)
 	{DSA-3129-1 DLA-140-1}
 	- rpm 4.11.3-1.1 (bug #773101)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1168715
-CVE-2014-8117
+CVE-2014-8117 (softmagic.c in file before 5.21 does not properly limit recursion, whi ...)
 	{DSA-3121-1 DSA-2868-1 DLA-145-1 DLA-131-1}
 	- file 1:5.21+15-1 (low; bug #773148)
 	- php5 5.6.4+dfsg-2
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
 	NOTE: https://github.com/file/file/commit/6f737ddfadb596d7d4a993f7ed2141ffd664a81c
 	NOTE: Other commits needed as well: http://www.openwall.com/lists/oss-security/2014/12/16/2
-CVE-2014-8116
+CVE-2014-8116 (The ELF parser (readelf.c) in file before 5.21 allows remote attackers ...)
 	{DSA-3121-1 DLA-131-1}
 	- file 1:5.21+15-1 (low; bug #773148)
 	- php5 5.6.4+dfsg-2
@@ -5720,82 +5720,82 @@ CVE-2014-8116
 	NOTE: https://github.com/file/file/commit/b4c01141e5367f247b84dcaf6aefbb4e741842b
 	NOTE: https://github.com/file/file/commit/d7cdad007c507e6c79f51f058dd77fab70ceb9f6
 	NOTE: Other commits needed as well: http://www.openwall.com/lists/oss-security/2014/12/16/2
-CVE-2014-8115
+CVE-2014-8115 (The default authorization constrains in KIE Workbench 6.0.x allows rem ...)
 	NOT-FOR-US: KIE Workbench
-CVE-2014-8114
+CVE-2014-8114 (The UberFire Framework 0.3.x does not properly restrict paths, which a ...)
 	NOT-FOR-US: UberFire Framework
 CVE-2014-8113
 	RESERVED
-CVE-2014-8112
+CVE-2014-8112 (389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x bef ...)
 	- 389-ds-base 1.3.3.5-4 (bug #779909)
-CVE-2014-8111
+CVE-2014-8111 (Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rule ...)
 	{DSA-3278-1 DLA-240-1}
 	- libapache-mod-jk 1:1.2.40+svn150520-1 (bug #783233)
 	NOTE: Fix: http://svn.apache.org/r1647017
-CVE-2014-8110
+CVE-2014-8110 (Multiple cross-site scripting (XSS) vulnerabilities in the web based a ...)
 	- activemq <not-affected> (Admin console not enabled in the Debian package, see #702670)
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt
-CVE-2014-8109
+CVE-2014-8109 (mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2. ...)
 	- apache2 2.4.10-9
 	[wheezy] - apache2 <not-affected> (mod_lua only in 2.4)
 	[squeeze] - apache2 <not-affected> (mod_lua only in 2.4)
-CVE-2014-8108
+CVE-2014-8108 (The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x  ...)
 	- subversion 1.8.10-5 (bug #773315)
 	[wheezy] - subversion <not-affected> (Introduced in 1.7.0)
 	[squeeze] - subversion <not-affected> (Introduced in 1.7.0)
 	NOTE: http://subversion.apache.org/security/CVE-2014-8108-advisory.txt
 CVE-2014-8107
 	REJECTED
-CVE-2014-8106
+CVE-2014-8106 (Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirr ...)
 	{DSA-3088-1 DSA-3087-1}
 	- qemu 2.1+dfsg-9 (bug #772025)
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life>
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2014-12/msg00508.html
-CVE-2014-8105
+CVE-2014-8105 (389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does n ...)
 	- 389-ds-base 1.3.3.5-4 (bug #779909)
-CVE-2014-8103
+CVE-2014-8103 (X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x befor ...)
 	- xorg-server 2:1.16.2.901-1
 	[wheezy] - xorg-server <not-affected> (Introduced in 1.15.0)
 	[squeeze] - xorg-server <not-affected> (Introduced in 1.15.0)
-CVE-2014-8102
+CVE-2014-8102 (The SProcXFixesSelectSelectionInput function in the XFixes extension i ...)
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8101
+CVE-2014-8101 (The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 o ...)
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8100
+CVE-2014-8100 (The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11  ...)
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8099
+CVE-2014-8099 (The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11  ...)
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8098
+CVE-2014-8098 (The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) ...)
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8097
+CVE-2014-8097 (The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and  ...)
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8096
+CVE-2014-8096 (The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X ...)
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8095
+CVE-2014-8095 (The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and ...)
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8094
+CVE-2014-8094 (Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extens ...)
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8093
+CVE-2014-8093 (Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org  ...)
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8092
+CVE-2014-8092 (Multiple integer overflows in X.Org X Window System (aka X11 or X) X11 ...)
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8091
+CVE-2014-8091 (X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xser ...)
 	{DSA-3095-1 DLA-120-1}
 	- xorg-server 2:1.16.2.901-1
-CVE-2014-8090
+CVE-2014-8090 (The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x befo ...)
 	{DSA-3159-1 DSA-3157-1 DLA-200-1 DLA-88-1}
 	- ruby1.8 <not-affected> (Incomplete fix never relesed for 1.9)
 	- ruby1.9.1 <not-affected> (Incomplete fix never relesed for 1.9)
@@ -5803,19 +5803,19 @@ CVE-2014-8090
 	- ruby2.1 2.1.5-1 (bug #770932)
 	NOTE: For the incomplete fix for CVE-2014-8080
 	NOTE: https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/
-CVE-2014-8087
+CVE-2014-8087 (Cross-site scripting (XSS) vulnerability in the post highlights plugin ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2014-8085
+CVE-2014-8085 (Unrestricted file upload vulnerability in the CWebContact::doModel met ...)
 	NOT-FOR-US: OsClass
-CVE-2014-8084
+CVE-2014-8084 (Directory traversal vulnerability in oc-includes/osclass/controller/aj ...)
 	NOT-FOR-US: OsClass
-CVE-2014-8083
+CVE-2014-8083 (SQL injection vulnerability in the Search::setJsonAlert method in OSCl ...)
 	NOT-FOR-US: OsClass
-CVE-2014-8082
+CVE-2014-8082 (lib/functions/database.class.php in TestLink before 1.9.13 allows remo ...)
 	NOT-FOR-US: TestLink
-CVE-2014-8081
+CVE-2014-8081 (lib/execute/execSetResults.php in TestLink before 1.9.13 allows remote ...)
 	NOT-FOR-US: TestLink
-CVE-2014-8080
+CVE-2014-8080 (The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p ...)
 	{DSA-3159-1 DSA-3157-1 DLA-200-1 DLA-88-1}
 	- ruby1.8 <removed>
 	- ruby1.9.1 <removed>
@@ -5823,21 +5823,21 @@ CVE-2014-8080
 	- ruby2.1 2.1.4-1
 	NOTE: https://www.ruby-lang.org/en/news/2014/10/27/rexml-dos-cve-2014-8080/
 	NOTE: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/?pathrev=48161
-CVE-2014-8079
+CVE-2014-8079 (Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x bef ...)
 	NOT-FOR-US: Drupal theme MAYO
-CVE-2014-8078
+CVE-2014-8078 (Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e- ...)
 	NOT-FOR-US: Drupal module Print
-CVE-2014-8077
+CVE-2014-8077 (Cross-site scripting (XSS) vulnerability in the NewsFlash theme 6.x-1. ...)
 	NOT-FOR-US: Drupal theme NewsFlash
-CVE-2014-8076
+CVE-2014-8076 (Cross-site scripting (XSS) vulnerability in the Professional theme 7.x ...)
 	NOT-FOR-US: Drupal theme Professional
-CVE-2014-8075
+CVE-2014-8075 (Cross-site scripting (XSS) vulnerability in the Tribune module 6.x-1.x ...)
 	NOT-FOR-US: Drupal theme Tribune
-CVE-2014-8766
+CVE-2014-8766 (Multiple SQL injection vulnerabilities in Allomani Weblinks 1.0 allow  ...)
 	NOT-FOR-US: Allomani Weblinks
-CVE-2014-8765
+CVE-2014-8765 (Multiple cross-site scripting (XSS) vulnerabilities in the Project Iss ...)
 	NOT-FOR-US: Drupal module Project Issue File Review
-CVE-2014-8750
+CVE-2014-8750 (Race condition in the VMware driver in OpenStack Compute (Nova) before ...)
 	- nova <not-affected> (ESX driver not enabled in libvirt)
 	NOTE: https://launchpad.net/bugs/1357372
 CVE-2014-XXXX [rsync collision attack]
@@ -5849,7 +5849,7 @@ CVE-2014-XXXX [rsync collision attack]
 	NOTE: https://github.com/therealmik/rsync-collision
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=eac858085e3ac94ec0ab5061d11f52652c90a869
 	NOTE: https://lists.samba.org/archive/rsync/2015-May/030123.html
-CVE-2014-8242
+CVE-2014-8242 (librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, w ...)
 	[experimental] - librsync 1.0.0-1~exp1
 	- librsync <unfixed> (low; bug #776246)
 	[buster] - librsync <no-dsa> (Minor issue, too instrusive to backport)
@@ -5857,15 +5857,15 @@ CVE-2014-8242
 	[jessie] - librsync <no-dsa> (Minor issue, too instrusive to backport)
 	[wheezy] - librsync <no-dsa> (Minor issue, too instrusive to backport)
 	[squeeze] - librsync <no-dsa> (Minor issue, too instrusive to backport)
-CVE-2014-8241
+CVE-2014-8241 (XRegion in TigerVNC allows remote VNC servers to cause a denial of ser ...)
 	- tigervnc 1.7.0-2 (bug #849478)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1151312
 	NOTE: Patch applied in Red Hat https://bugzilla.redhat.com/attachment.cgi?id=946490
-CVE-2014-8240
+CVE-2014-8240 (Integer overflow in TigerVNC allows remote VNC servers to cause a deni ...)
 	- tigervnc 1.7.0-1 (bug #849479)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1151307
 	NOTE: Patch https://bugzilla.redhat.com/attachment.cgi?id=947578 is not applied
-CVE-2014-8086
+CVE-2014-8086 (Race condition in the ext4_file_write_iter function in fs/ext4/file.c  ...)
 	- linux 3.16.7-ckt2-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
@@ -5875,23 +5875,23 @@ CVE-2014-8089 [ZF2014-06: SQL injection vector when manually quoting values for
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.9+dfsg-1
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-06
-CVE-2014-8088
+CVE-2014-8088 (The (1) Zend_Ldap class in Zend before 1.12.9 and (2) Zend\Ldap compon ...)
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.9+dfsg-1
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-05
-CVE-2014-8074
+CVE-2014-8074 (Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 ...)
 	NOT-FOR-US: Foxit PDF SDK
-CVE-2014-8073
+CVE-2014-8073 (Cross-site request forgery (CSRF) vulnerability in OpenMRS 2.1 Standal ...)
 	NOT-FOR-US: OpenMRS
-CVE-2014-8072
+CVE-2014-8072 (The administration module in OpenMRS 2.1 Standalone Edition allows rem ...)
 	NOT-FOR-US: OpenMRS
-CVE-2014-8071
+CVE-2014-8071 (Multiple cross-site scripting (XSS) vulnerabilities in OpenMRS 2.1 Sta ...)
 	NOT-FOR-US: OpenMRS
-CVE-2014-8070
+CVE-2014-8070 (Open redirect vulnerability in YOOtheme Pagekit CMS 0.8.7 allows remot ...)
 	NOT-FOR-US: YOOtheme Pagekit CMS
-CVE-2014-8069
+CVE-2014-8069 (Multiple cross-site scripting (XSS) vulnerabilities in YOOtheme Pageki ...)
 	NOT-FOR-US: YOOtheme Pagekit CMS
-CVE-2014-8068
+CVE-2014-8068 (Adobe Digital Editions (DE) 4 does not use encryption for transmission ...)
 	NOT-FOR-US: Adobe Digital Editions
 CVE-2014-8067
 	REJECTED
@@ -5955,123 +5955,123 @@ CVE-2014-8038
 	REJECTED
 CVE-2014-8037
 	RESERVED
-CVE-2014-8036
+CVE-2014-8036 (The outlookpa component in Cisco WebEx Meetings Server does not proper ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8035
+CVE-2014-8035 (The web framework in Cisco WebEx Meetings Server produces different re ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8034
+CVE-2014-8034 (Cisco WebEx Meetings Server 1.5 presents the same CAPTCHA challenge fo ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-8033
+CVE-2014-8033 (The play/modules component in Cisco WebEx Meetings Server allows remot ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8032
+CVE-2014-8032 (The OutlookAction LI in Cisco WebEx Meetings Server allows remote auth ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8031
+CVE-2014-8031 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meeting ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8030
+CVE-2014-8030 (Cross-site scripting (XSS) vulnerability in sendPwMail.do in Cisco Web ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8029
+CVE-2014-8029 (Open redirect vulnerability in the web interface in Cisco Secure Acces ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8028
+CVE-2014-8028 (Multiple cross-site scripting (XSS) vulnerabilities in the web framewo ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8027
+CVE-2014-8027 (The RBAC component in Cisco Secure Access Control System (ACS) allows  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8026
+CVE-2014-8026 (Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8025
+CVE-2014-8025 (The API in the Guest Server in Cisco Jabber, when HTML5 is used, allow ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8024
+CVE-2014-8024 (The API in the Guest Server in Cisco Jabber, when the HTML5 CORS featu ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8023
+CVE-2014-8023 (Cisco Adaptive Security Appliance (ASA) Software 9.2(.3) and earlier,  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8022
+CVE-2014-8022 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Identity  ...)
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2014-8021
+CVE-2014-8021 (Cross-site scripting (XSS) vulnerability in Cisco AnyConnect Secure Mo ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8020
+CVE-2014-8020 (Cisco Unified Communication Domain Manager Platform Software allows re ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8019
+CVE-2014-8019 (Directory traversal vulnerability in Cisco Enterprise Content Delivery ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8018
+CVE-2014-8018 (Multiple cross-site scripting (XSS) vulnerabilities in Business Voice  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8017
+CVE-2014-8017 (The periodic-backup feature in Cisco Identity Services Engine (ISE) al ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8016
+CVE-2014-8016 (The Cisco IronPort Email Security Appliance (ESA) allows remote attack ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8015
+CVE-2014-8015 (The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remo ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8014
+CVE-2014-8014 (Cisco IOS XR allows remote attackers to cause a denial of service (RSV ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8013
+CVE-2014-8013 (The TACACS+ command-authorization implementation in Cisco NX-OS allows ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8012
+CVE-2014-8012 (Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login pa ...)
 	NOT-FOR-US: Cisco
 CVE-2014-8011
 	RESERVED
-CVE-2014-8010
+CVE-2014-8010 (The web framework in Cisco Unified Communications Domain Manager 8 all ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-8009
+CVE-2014-8009 (The Management subsystem in Cisco Unified Computing System 2.1(3f) and ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2014-8008
+CVE-2014-8008 (Absolute path traversal vulnerability in the Real-Time Monitoring Tool ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8007
+CVE-2014-8007 (Cisco Prime Infrastructure allows remote authenticated users to read d ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8006
+CVE-2014-8006 (The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Defini ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8005
+CVE-2014-8005 (Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8004
+CVE-2014-8004 (Cisco IOS XR allows remote attackers to cause a denial of service (LIS ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8003
+CVE-2014-8003 (Cisco Integrated Management Controller in Cisco Unified Computing Syst ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2014-8002
+CVE-2014-8002 (Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2 ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8001
+CVE-2014-8001 (Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allo ...)
 	NOT-FOR-US: Cisco
-CVE-2014-8000
+CVE-2014-8000 (Cisco Unified Communications Manager IM and Presence Service 9.1(1) pr ...)
 	NOT-FOR-US: Cisco
-CVE-2014-7999
+CVE-2014-7999 (Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 al ...)
 	NOT-FOR-US: Cisco-Meraki devices
-CVE-2014-7998
+CVE-2014-7998 (Cisco IOS on Aironet access points, when "dot11 aaa authenticator" deb ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-7997
+CVE-2014-7997 (The DHCP implementation in Cisco IOS on Aironet access points does not ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-7996
+CVE-2014-7996 (Cross-site request forgery (CSRF) vulnerability in the web framework i ...)
 	NOT-FOR-US: Cisco
-CVE-2014-7995
+CVE-2014-7995 (Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 al ...)
 	NOT-FOR-US: Cisco-Meraki devices
-CVE-2014-7994
+CVE-2014-7994 (Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 al ...)
 	NOT-FOR-US: Cisco-Meraki devices
-CVE-2014-7993
+CVE-2014-7993 (Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 al ...)
 	NOT-FOR-US: Cisco-Meraki devices
-CVE-2014-7992
+CVE-2014-7992 (The DLSw implementation in Cisco IOS does not initialize packet buffer ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-7991
+CVE-2014-7991 (The Remote Mobile Access Subsystem in Cisco Unified Communications Man ...)
 	NOT-FOR-US: Cisco
-CVE-2014-7990
+CVE-2014-7990 (Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 de ...)
 	NOT-FOR-US: Cisco
-CVE-2014-7989
+CVE-2014-7989 (Cisco Unified Computing System on B-Series blade servers allows local  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-7988
+CVE-2014-7988 (The Unified Messaging Service (UMS) in Cisco Unity Connection 10.5 and ...)
 	NOT-FOR-US: Cisco
-CVE-2014-7987
+CVE-2014-7987 (Cross-site scripting (XSS) vulnerability in EspoCRM before 2.6.0 allow ...)
 	NOT-FOR-US: EspoCRM
-CVE-2014-7986
+CVE-2014-7986 (install/index.php in EspoCRM before 2.6.0 allows remote attackers to r ...)
 	NOT-FOR-US: EspoCRM
-CVE-2014-7985
+CVE-2014-7985 (Directory traversal vulnerability in EspoCRM before 2.6.0 allows remot ...)
 	NOT-FOR-US: EspoCRM
-CVE-2014-7984
+CVE-2014-7984 (Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote att ...)
 	NOT-FOR-US: Joomla!
-CVE-2014-7983
+CVE-2014-7983 (Cross-site scripting (XSS) vulnerability in com_contact in Joomla! CMS ...)
 	NOT-FOR-US: Joomla component com_contact
-CVE-2014-7982
+CVE-2014-7982 (Cross-site scripting (XSS) vulnerability in Joomla! CMS 2.5.x before 2 ...)
 	NOT-FOR-US: Joomla!
-CVE-2014-7981
+CVE-2014-7981 (SQL injection vulnerability in Joomla! CMS 3.1.x and 3.2.x before 3.2. ...)
 	NOT-FOR-US: Joomla!
-CVE-2014-7980
+CVE-2014-7980 (Multiple cross-site scripting (XSS) vulnerabilities in template.php in ...)
 	NOT-FOR-US: Drupal theme Zen
-CVE-2014-7979
+CVE-2014-7979 (Cross-site scripting (XSS) vulnerability in the SimpleCorp theme 7.x-1 ...)
 	NOT-FOR-US: Drupal theme SimpleCorp
-CVE-2014-7978
+CVE-2014-7978 (Cross-site scripting (XSS) vulnerability in the BlueMasters theme 7.x- ...)
 	NOT-FOR-US: Drupal theme BlueMasters
 CVE-2014-7977
 	RESERVED
@@ -6099,21 +6099,21 @@ CVE-2014-7962
 	RESERVED
 CVE-2014-7961
 	RESERVED
-CVE-2014-7959
+CVE-2014-7959 (SQL injection vulnerability in admin/htaccess/bpsunlock.php in the Bul ...)
 	NOT-FOR-US: BulletProof Security plugin for WordPress
-CVE-2014-7958
+CVE-2014-7958 (Cross-site scripting (XSS) vulnerability in admin/htaccess/bpsunlock.p ...)
 	NOT-FOR-US: BulletProof Security plugin for WordPress
-CVE-2014-7957
+CVE-2014-7957 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Pods ...)
 	NOT-FOR-US: WordPress plugin Pods
-CVE-2014-7956
+CVE-2014-7956 (Cross-site scripting (XSS) vulnerability in the Pods plugin before 2.5 ...)
 	NOT-FOR-US: WordPress plugin Pods
 CVE-2014-7955
 	RESERVED
-CVE-2014-7954
+CVE-2014-7954 (Directory traversal vulnerability in the doSendObjectInfo method in fr ...)
 	NOT-FOR-US: MtpServer class in Android
-CVE-2014-7953
+CVE-2014-7953 (Race condition in the bindBackupAgent method in the ActivityManagerSer ...)
 	NOT-FOR-US: Android
-CVE-2014-7952
+CVE-2014-7952 (The backup mechanism in the adb tool in Android might allow attackers  ...)
 	- android-platform-system-core <undetermined>
 CVE-2014-7951
 	RESERVED
@@ -6121,11 +6121,11 @@ CVE-2014-7950
 	RESERVED
 CVE-2014-7949
 	RESERVED
-CVE-2014-7948
+CVE-2014-7948 (The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in conte ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7947
+CVE-2014-7947 (OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0. ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
@@ -6133,47 +6133,47 @@ CVE-2014-7947
 	[jessie] - openjpeg2 <no-dsa> (Minor issue)
 	NOTE: If backported to jessie, https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c needs to be included
 	- openjpeg <not-affected> (Vulnerable code not present)
-CVE-2014-7946
+CVE-2014-7946 (The RenderTable::simplifiedNormalFlowLayout function in core/rendering ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7945
+CVE-2014-7945 (OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0. ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7944
+CVE-2014-7944 (The sycc422_to_rgb function in fxcodec/codec/fx_codec_jpx_opj.cpp in P ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7943
+CVE-2014-7943 (Skia, as used in Google Chrome before 40.0.2214.91, allows remote atta ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7942
+CVE-2014-7942 (The Fonts implementation in Google Chrome before 40.0.2214.91 does not ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7941
+CVE-2014-7941 (The SelectionOwner::ProcessTarget function in ui/base/x/selection_owne ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7940
+CVE-2014-7940 (The collator implementation in i18n/ucol.cpp in International Componen ...)
 	{DSA-3187-1 DLA-219-1}
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- icu 52.1-7.1 (bug #776265)
-CVE-2014-7939
+CVE-2014-7939 (Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-7938
+CVE-2014-7938 (The Fonts implementation in Google Chrome before 40.0.2214.91 allows r ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7937
+CVE-2014-7937 (Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before  ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
@@ -6183,19 +6183,19 @@ CVE-2014-7937
 	[jessie] - libav <not-affected> (Can't reproduce the issue)
 	[wheezy] - libav <not-affected> (Can't reproduce the issue)
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c50704ebf1777bee76772c4835d9760b3721057
-CVE-2014-7936
+CVE-2014-7936 (Use-after-free vulnerability in the ZoomBubbleView::Close function in  ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7935
+CVE-2014-7935 (Use-after-free vulnerability in browser/speech/tts_message_filter.cc i ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7934
+CVE-2014-7934 (Use-after-free vulnerability in the DOM implementation in Blink, as us ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7933
+CVE-2014-7933 (Use-after-free vulnerability in the matroska_read_seek function in lib ...)
 	{DSA-3189-1}
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
@@ -6205,235 +6205,235 @@ CVE-2014-7933
 	- libav 6:11.3-1
 	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682
-CVE-2014-7932
+CVE-2014-7932 (Use-after-free vulnerability in the Element::detach function in core/d ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7931
+CVE-2014-7931 (factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-7930
+CVE-2014-7930 (Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp  ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7929
+CVE-2014-7929 (Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDoc ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7928
+CVE-2014-7928 (hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, d ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-7927
+CVE-2014-7927 (The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-l ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-7926
+CVE-2014-7926 (The Regular Expressions package in International Components for Unicod ...)
 	{DSA-3187-1 DLA-219-1}
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- icu 52.1-7.1 (bug #776265)
-CVE-2014-7925
+CVE-2014-7925 (Use-after-free vulnerability in the WebAudio implementation in Blink,  ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7924
+CVE-2014-7924 (Use-after-free vulnerability in the IndexedDB implementation in Google ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7923
+CVE-2014-7923 (The Regular Expressions package in International Components for Unicod ...)
 	{DSA-3187-1 DLA-219-1}
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- icu 52.1-7.1 (bug #776265)
-CVE-2014-7922
+CVE-2014-7922 (The GoogleAuthUtil.getToken method in the Google Play services SDK bef ...)
 	NOT-FOR-US: Google Play
-CVE-2014-7921
+CVE-2014-7921 (mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers t ...)
 	NOT-FOR-US: Android MediaServer
-CVE-2014-7920
+CVE-2014-7920 (mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to  ...)
 	NOT-FOR-US: Android MediaServer
-CVE-2014-7919
+CVE-2014-7919 (b/libs/gui/ISurfaceComposer.cpp in Android allows attackers to trigger ...)
 	NOT-FOR-US: Android
 CVE-2014-7918
 	RESERVED
-CVE-2014-7917
+CVE-2014-7917 (Integer overflow in SampleTable.cpp in libstagefright in Android befor ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2014-7916
+CVE-2014-7916 (Integer overflow in SampleTable.cpp in libstagefright in Android befor ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2014-7915
+CVE-2014-7915 (Integer overflow in SampleTable.cpp in libstagefright in Android befor ...)
 	NOT-FOR-US: libstagefright in Android
 CVE-2014-7914
 	RESERVED
-CVE-2014-7913
+CVE-2014-7913 (The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as ...)
 	{DLA-506-1}
 	- dhcpcd5 7.0.8-0.1 (unimportant; bug #846938)
 	NOTE: https://roy.marples.name/git/dhcpcd.git/commit/?id=93f3066bb0bc0974eab1943543205312a6b512ad
 	NOTE: Not exploitable according to upstream, possibly limited to Bionic
-CVE-2014-7912
+CVE-2014-7912 (The get_option function in dhcp.c in dhcpcd before 6.2.0, as used in d ...)
 	{DLA-506-1}
 	- dhcpcd5 6.9.1-1
 	[jessie] - dhcpcd5 <no-dsa> (Minor issue)
 	NOTE: https://dev.marples.name/rDHCc204b018d1cfe740fb3179532070ae10fe34aaf3
-CVE-2014-7911
+CVE-2014-7911 (luni/src/main/java/java/io/ObjectInputStream.java in the java.io.Objec ...)
 	NOT-FOR-US: Android
-CVE-2014-7910
+CVE-2014-7910 (Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171 ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=433500 (private)
-CVE-2014-7909
+CVE-2014-7909 (effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before  ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=391001 (private)
-CVE-2014-7908
+CVE-2014-7908 (Multiple integer overflows in the CheckMov function in media/base/cont ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=425980 (private)
-CVE-2014-7907
+CVE-2014-7907 (Multiple use-after-free vulnerabilities in modules/screen_orientation/ ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=424453 (private)
-CVE-2014-7906
+CVE-2014-7906 (Use-after-free vulnerability in the Pepper plugins in Google Chrome be ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=423030 (private)
-CVE-2014-7905
+CVE-2014-7905 (Google Chrome before 39.0.2171.65 on Android does not prevent navigati ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=421817 (private)
-CVE-2014-7904
+CVE-2014-7904 (Buffer overflow in Skia, as used in Google Chrome before 39.0.2171.65, ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=418161 (private)
-CVE-2014-7903
+CVE-2014-7903 (Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google  ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7902
+CVE-2014-7902 (Use-after-free vulnerability in PDFium, as used in Google Chrome befor ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7901
+CVE-2014-7901 (Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7900
+CVE-2014-7900 (Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile func ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7899
+CVE-2014-7899 (Google Chrome before 38.0.2125.101 allows remote attackers to spoof th ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
 	NOTE: https://chromium.googlesource.com/chromium/src/+/5cfbddc9cc972f5133f26664dbf5810bb569cd04
-CVE-2014-7898
+CVE-2014-7898 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sa ...)
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7897
+CVE-2014-7897 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sa ...)
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7896
+CVE-2014-7896 (Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Com ...)
 	NOT-FOR-US: HP
-CVE-2014-7895
+CVE-2014-7895 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sa ...)
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7894
+CVE-2014-7894 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sa ...)
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7893
+CVE-2014-7893 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sa ...)
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7892
+CVE-2014-7892 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sa ...)
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7891
+CVE-2014-7891 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sa ...)
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7890
+CVE-2014-7890 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sa ...)
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7889
+CVE-2014-7889 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sa ...)
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
-CVE-2014-7888
+CVE-2014-7888 (The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sa ...)
 	NOT-FOR-US: The OLE Point of Sale (OPOS) drivers
 CVE-2014-7887
 	REJECTED
 CVE-2014-7886
 	RESERVED
 	NOT-FOR-US: HP Network Automation
-CVE-2014-7885
+CVE-2014-7885 (Multiple unspecified vulnerabilities in HP ArcSight Enterprise Securit ...)
 	NOT-FOR-US: HP ArcSight
-CVE-2014-7884
+CVE-2014-7884 (Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P ...)
 	NOT-FOR-US: HP ArcSight
-CVE-2014-7883
+CVE-2014-7883 (HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTT ...)
 	NOT-FOR-US: HP
-CVE-2014-7882
+CVE-2014-7882 (Unspecified vulnerability in HP SiteScope 11.1x and 11.2x allows remot ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2014-7881
+CVE-2014-7881 (Cross-site scripting (XSS) vulnerability in the server in HP Insight C ...)
 	NOT-FOR-US: HP Insight Control
-CVE-2014-7880
+CVE-2014-7880 (Multiple unspecified vulnerabilities in the POP implementation in HP O ...)
 	NOT-FOR-US: HP OpenVMS TCP/IP
-CVE-2014-7879
+CVE-2014-7879 (HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration inc ...)
 	NOT-FOR-US: HP-UX
-CVE-2014-7878
+CVE-2014-7878 (The Application Lifecycle Service (ALS) in HP Helion Cloud Development ...)
 	NOT-FOR-US: HP Helion Cloud Development Platform
-CVE-2014-7877
+CVE-2014-7877 (Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows loc ...)
 	NOT-FOR-US: HP-UX
-CVE-2014-7876
+CVE-2014-7876 (Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 ...)
 	NOT-FOR-US: HP Integrated Lights-Out
-CVE-2014-7875
+CVE-2014-7875 (Unspecified vulnerability on the HP LaserJet CM3530 Multifunction Prin ...)
 	NOT-FOR-US: HP Color LaserJet Printers
-CVE-2014-7874
+CVE-2014-7874 (Cross-site request forgery (CSRF) vulnerability in HP System Managemen ...)
 	NOT-FOR-US: HP-UX running System Management Homepage
 CVE-2014-7873
 	RESERVED
-CVE-2014-7872
+CVE-2014-7872 (Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC s ...)
 	NOT-FOR-US: Comodo GeekBuddy
-CVE-2014-7871
+CVE-2014-7871 (SQL injection vulnerability in Open-Xchange (OX) AppSuite before 7.4.2 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2014-7870
+CVE-2014-7870 (Cross-site scripting (XSS) vulnerability in the Custom Search module 6 ...)
 	NOT-FOR-US: Drupal module Custom Search
-CVE-2014-7869
+CVE-2014-7869 (Cross-site scripting (XSS) vulnerability in the configuration UI in th ...)
 	NOT-FOR-US: Drupal module Context Form Alteration
-CVE-2014-7868
+CVE-2014-7868 (Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager  ...)
 	NOT-FOR-US: ZOHO
-CVE-2014-7867
+CVE-2014-7867 (SQL injection vulnerability in the com.manageengine.opmanager.servlet. ...)
 	NOT-FOR-US: ZOHO
-CVE-2014-7866
+CVE-2014-7866 (Multiple directory traversal vulnerabilities in ZOHO ManageEngine OpMa ...)
 	NOT-FOR-US: ZOHO
 CVE-2014-7865
 	REJECTED
-CVE-2014-7864
+CVE-2014-7864 (Multiple SQL injection vulnerabilities in the FailOverHelperServlet (a ...)
 	NOT-FOR-US: ZOHO ManageEngine OpManager
 CVE-2014-7863
 	RESERVED
-CVE-2014-7862
+CVE-2014-7862 (The DCPluginServelet servlet in ManageEngine Desktop Central and Deskt ...)
 	NOT-FOR-US: ManageEngine
-CVE-2014-7861
+CVE-2014-7861 (The IOHIDSecurePromptClient function in Apple OS X does not properly v ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-7975
+CVE-2014-7975 (The do_umount function in fs/namespace.c in the Linux kernel through 3 ...)
 	- linux 3.16.7-1
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (User namespaces only usable in later kernels)
 	NOTE: http://thread.gmane.org/gmane.linux.kernel.stable/109312
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ef3a56b1c466629cd0bf482b09c7b0e5a085bb5 (v3.18-rc1)
-CVE-2014-7970
+CVE-2014-7970 (The pivot_root implementation in fs/namespace.c in the Linux kernel th ...)
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <not-affected> (User namespaces only usable in later kernels)
 	- linux 3.16.7-1
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0d0826019e529f21c84687521d03f60cd241ca7d
-CVE-2014-7968
+CVE-2014-7968 (VDSM allows remote attackers to cause a denial of service (connection  ...)
 	- vdsm <itp> (bug #668538)
-CVE-2014-7967
+CVE-2014-7967 (Multiple unspecified vulnerabilities in Google V8 before 3.28.71.15, a ...)
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
@@ -6442,17 +6442,17 @@ CVE-2014-7967
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: libv8 not covered by security support
-CVE-2014-7960
+CVE-2014-7960 (OpenStack Object Storage (Swift) before 2.2.0 allows remote authentica ...)
 	- swift 2.2.0-1
 	[wheezy] - swift <no-dsa> (Minor issue)
 	NOTE: affected version: all up to 2.1.0
-CVE-2014-7860
+CVE-2014-7860 (The web/web_file/fb_publish.php script in D-Link DNS-320L before 1.04b ...)
 	NOT-FOR-US: D-Link
-CVE-2014-7859
+CVE-2014-7859 (Stack-based buffer overflow in login_mgr.cgi in D-Link firmware DNR-32 ...)
 	NOT-FOR-US: D-Link
-CVE-2014-7858
+CVE-2014-7858 (The check_login function in D-Link DNR-326 before 2.10 build 03 allows ...)
 	NOT-FOR-US: D-Link
-CVE-2014-7857
+CVE-2014-7857 (D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 Build ...)
 	NOT-FOR-US: D-Link
 CVE-2014-7856
 	RESERVED
@@ -6460,31 +6460,31 @@ CVE-2014-7855
 	RESERVED
 CVE-2014-7854
 	RESERVED
-CVE-2014-7853
+CVE-2014-7853 (The JBoss Application Server (WildFly) JacORB subsystem in Red Hat JBo ...)
 	NOT-FOR-US: JBoss AS/WildFly Domain Management
-CVE-2014-7852
+CVE-2014-7852 (Cross-site scripting (XSS) vulnerability in JBoss RichFaces, as used i ...)
 	NOT-FOR-US: RichFaces
-CVE-2014-7851
+CVE-2014-7851 (oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session afte ...)
 	NOT-FOR-US: ovirt-engine-webadmin
-CVE-2014-7850
+CVE-2014-7850 (Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x  ...)
 	- freeipa 4.3.1-1 (unimportant)
 	NOTE: https://fedorahosted.org/freeipa/ticket/4742
 	NOTE: Upstream commit: https://pagure.io/freeipa/c/af9fd4dfe2c18e52127480c959c35ad37b566095
-CVE-2014-7849
+CVE-2014-7849 (The Role Based Access Control (RBAC) implementation in JBoss Enterpris ...)
 	NOT-FOR-US: JBoss AS/WildFly Domain Management
-CVE-2014-7848
+CVE-2014-7848 (lib/phpunit/bootstrap.php in Moodle 2.6.x before 2.6.6 and 2.7.x befor ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47287
-CVE-2014-7847
+CVE-2014-7847 (iplookup/index.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47321
-CVE-2014-7846
+CVE-2014-7846 (tag/tag_autocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47965
-CVE-2014-7845
+CVE-2014-7845 (The generate_password function in Moodle through 2.4.11, 2.5.x before  ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47050
@@ -6493,24 +6493,24 @@ CVE-2014-7844
 	{DSA-3105-1 DSA-3104-1 DLA-114-1 DLA-113-1}
 	- bsd-mailx 8.1.2-0.20141216cvs-1
 	- heirloom-mailx 12.5-3.1 (bug #773417)
-CVE-2014-7843
+CVE-2014-7843 (The __clear_user function in arch/arm64/lib/clear_user.S in the Linux  ...)
 	- linux 3.16.7-ckt2-1
 	[wheezy] - linux <not-affected> (arm64 support introduced in 3.7)
 	- linux-2.6 <not-affected> (arm64 support introduced in 3.7)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1163744
 	NOTE: Upstream patch proposal: https://lkml.org/lkml/2014/11/12/584
-CVE-2014-7842
+CVE-2014-7842 (Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 ...)
 	- linux 3.16.7-ckt2-1
 	[wheezy] - linux 3.2.65-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a2b9e6c1a35a (v3.18-rc1)
-CVE-2014-7841
+CVE-2014-7841 (The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCT ...)
 	{DSA-3093-1 DLA-118-1}
 	- linux 3.16.7-ckt2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream patch: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e40607cbe270a9e8360907cb1e62ddf0736e4864 (v3.18-rc5)
-CVE-2014-7840
+CVE-2014-7840 (The host_from_stream_offset function in arch_init.c in QEMU, when load ...)
 	- qemu 2.1+dfsg-8 (low; bug #769451)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
@@ -6518,46 +6518,46 @@ CVE-2014-7840
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	NOTE: http://thread.gmane.org/gmane.comp.emulators.qemu/306117
-CVE-2014-7839
+CVE-2014-7839 (DocumentProvider in RESTEasy 2.3.7 and 3.0.9 does not configure the (1 ...)
 	- resteasy 3.0.6-2 (bug #770544)
 	NOTE: https://issues.jboss.org/browse/RESTEASY-1130
-CVE-2014-7838
+CVE-2014-7838 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Foru ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47924
-CVE-2014-7837
+CVE-2014-7837 (mod/wiki/admin.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47949
-CVE-2014-7836
+CVE-2014-7836 (Multiple cross-site request forgery (CSRF) vulnerabilities in the LTI  ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47924
-CVE-2014-7835
+CVE-2014-7835 (webservice/upload.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2. ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47868
-CVE-2014-7834
+CVE-2014-7834 (mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x befor ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45303
-CVE-2014-7833
+CVE-2014-7833 (mod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x  ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47697
-CVE-2014-7832
+CVE-2014-7832 (mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x b ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47921
-CVE-2014-7831
+CVE-2014-7831 (lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not  ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47766
-CVE-2014-7830
+CVE-2014-7830 (Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47865
-CVE-2014-7829
+CVE-2014-7829 (Directory traversal vulnerability in actionpack/lib/action_dispatch/mi ...)
 	- rails 2:4.1.8-1 (bug #770934)
 	[wheezy] - rails <not-affected> (src:rails in wheezy is just a transition package)
 	[squeeze] - rails <not-affected> (Only affects >= 3)
@@ -6565,50 +6565,50 @@ CVE-2014-7829
 	- ruby-actionpack-3.2 <removed>
 	[wheezy] - ruby-actionpack-3.2 <no-dsa> (Minor issue)
 	- ruby-actionpack-2.3 <not-affected> (Only affects >= 3)
-CVE-2014-7828
+CVE-2014-7828 (FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled ...)
 	- freeipa 4.0.5-1 (bug #768294)
 	NOTE: https://fedorahosted.org/freeipa/ticket/4690
-CVE-2014-7827
+CVE-2014-7827 (The org.jboss.security.plugins.mapping.JBossMappingManager implementat ...)
 	NOT-FOR-US: JBoss Security
-CVE-2014-7826
+CVE-2014-7826 (kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does  ...)
 	- linux 3.16.7-ckt2-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	- linux-2.6 <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=086ba77a6db00ed858ff07451bedee197df868c9 (v3.18-rc3)
 	NOTE: Support for SOFT_DISABLE to syscall events was added in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d562aff93bfb530b0992141500a402d17081189d (v3.13-rc1)
-CVE-2014-7825
+CVE-2014-7825 (kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does  ...)
 	- linux 3.16.7-ckt2-1
 	[wheezy] - linux <not-affected> (Affected feature not enabled)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Affected feature not enabled)
 	NOTE: CONFIG_FTRACE_SYSCALL not enabled in squeeze
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=086ba77a6db00ed858ff07451bedee197df868c9 (v3.18-rc3)
-CVE-2014-7824
+CVE-2014-7824 (D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9. ...)
 	{DSA-3099-1}
 	- dbus 1.8.10-1
 	[squeeze] - dbus <not-affected> (dbus 1.2.x does not support FD passing)
 	NOTE: Since this CVE is only a complement for the fix to CVE-2014-3636, versions not affected by CVE-2014-3636 do not need the patch provided for this CVE.
-CVE-2014-7823
+CVE-2014-7823 (The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote rea ...)
 	- libvirt 1.2.9-4 (bug #769149)
 	[wheezy] - libvirt <not-affected> (Introduced in v1.0.0)
 	[squeeze] - libvirt <not-affected> (Introduced in v1.0.0)
 	NOTE: Introduced in http://libvirt.org/git/?p=libvirt.git;a=commit;h=28f8dfdcccd4c0f69063ef741545b37d8a7f7935 (v1.0.0)
 	NOTE: Fixed by http://libvirt.org/git/?p=libvirt.git;a=commit;h=b1674ad5a97441b7e1bd5f5ebaff498ef2fbb11b
-CVE-2014-7822
+CVE-2014-7822 (The implementation of certain splice_write file operations in the Linu ...)
 	{DSA-3170-1 DLA-155-1}
 	- linux 3.16.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fixes: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8d0207652cbe27d1f962050737848e5ad4671958 (v3.16-rc1)
-CVE-2014-7821
+CVE-2014-7821 (OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows  ...)
 	- neutron 2014.1.3-6 (bug #770431)
 	NOTE: Versions up to 2014.1.3 and 2014.2
 	NOTE: https://launchpad.net/bugs/1378450
 CVE-2014-7820
 	RESERVED
-CVE-2014-7819
+CVE-2014-7819 (Multiple directory traversal vulnerabilities in server.rb in Sprockets ...)
 	- ruby-sprockets 2.12.3-1
 	[wheezy] - ruby-sprockets <no-dsa> (Minor issue)
-CVE-2014-7818
+CVE-2014-7818 (Directory traversal vulnerability in actionpack/lib/action_dispatch/mi ...)
 	- rails 2:4.1.8-1 (bug #770934)
 	[wheezy] - rails <not-affected> (src:rails in wheezy is just a transition package)
 	[squeeze] - rails <not-affected> (Only affects >= 3)
@@ -6616,31 +6616,31 @@ CVE-2014-7818
 	- ruby-actionpack-3.2 <removed>
 	[wheezy] - ruby-actionpack-3.2 <no-dsa> (Minor issue)
 	- ruby-actionpack-2.3 <not-affected> (Only affects >= 3)
-CVE-2014-7817
+CVE-2014-7817 (The wordexp function in GNU C Library (aka glibc) 2.21 does not enforc ...)
 	{DSA-3142-1 DLA-97-1}
 	- glibc 2.19-14 (bug #775572)
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Will be fixed through a point update)
 	NOTE: https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html
 	NOTE: Git commit: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c
-CVE-2014-7816
+CVE-2014-7816 (Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.1 ...)
 	- undertow <not-affected> (only when running on Windows)
-CVE-2014-7815
+CVE-2014-7815 (The set_pixel_format function in ui/vnc.c in QEMU allows remote attack ...)
 	{DSA-3067-1 DSA-3066-1}
 	- qemu 2.1+dfsg-7
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life>
 	NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e6908bfe8e07f2b452e78e677da1b45b1c0f6829
-CVE-2014-7814
+CVE-2014-7814 (SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engin ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2014-7813
+CVE-2014-7813 (Red Hat CloudForms 3 Management Engine (CFME) allows remote authentica ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2014-7812
+CVE-2014-7812 (Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Netw ...)
 	NOT-FOR-US: Red Hat Satellite / Spacewalk
-CVE-2014-7811
+CVE-2014-7811 (Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and R ...)
 	NOT-FOR-US: Red Hat Satellite / Spacewalk
-CVE-2014-7810
+CVE-2014-7810 (The Expression Language (EL) implementation in Apache Tomcat 6.x befor ...)
 	{DSA-3530-1 DSA-3447-1 DSA-3428-1 DLA-232-1}
 	- tomcat6 6.0.41-3 (bug #787010)
 	NOTE: Marked as fixed in 6.0.41-3 which only builds the libservlet2.5-java and libservlet2.5-java-doc packages
@@ -6650,263 +6650,263 @@ CVE-2014-7810
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1659538 (6.x)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1644019 (7.x)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1645644 (7.x)
-CVE-2014-7809
+CVE-2014-7809 (Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable &lt;s ...)
 	- libstruts1.2-java <not-affected> (Struts 2.0.0 through to Struts 2.3.16.3)
-CVE-2014-7808
+CVE-2014-7808 (Apache Wicket before 1.5.13, 6.x before 6.19.0, and 7.x before 7.0.0-M ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2014-7807
+CVE-2014-7807 (Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows rem ...)
 	NOT-FOR-US: Apache CloudStack
 CVE-2014-7806
 	REJECTED
 CVE-2014-7805
 	REJECTED
-CVE-2014-7804
+CVE-2014-7804 (The Gangsta Auto Thief III (aka com.apptreestudios.gdup3) application  ...)
 	NOT-FOR-US: Gangsta Auto Thief III (aka com.apptreestudios.gdup3) application for Android
-CVE-2014-7803
+CVE-2014-7803 (The Woodward Bail (aka com.onesolutionapps.woodwardbailandroid) applic ...)
 	NOT-FOR-US: Woodward Bail (aka com.onesolutionapps.woodwardbailandroid) application for Android
-CVE-2014-7802
+CVE-2014-7802 (The Top Roller Coasters Europe 2 (aka com.appaapps.top10tallesteuropea ...)
 	NOT-FOR-US: Top Roller Coasters Europe 2 (aka com.appaapps.top10tallesteuropeanrollercoasters2) application for Android
 CVE-2014-7801
 	REJECTED
-CVE-2014-7800
+CVE-2014-7800 (The Daily Green (aka it.opentt.blog.dailygreen) application 2014.07 dl ...)
 	NOT-FOR-US: Daily Green (aka it.opentt.blog.dailygreen) application for Android
-CVE-2014-7799
+CVE-2014-7799 (The Squishy birds (aka com.tatmob.squishybirds) application 1.0.1 for  ...)
 	NOT-FOR-US: Squishy birds (aka com.tatmob.squishybirds) application for Android
-CVE-2014-7798
+CVE-2014-7798 (The Coca-Cola FM Brasil (aka com.enyetech.radio.coca_cola.fm_br) appli ...)
 	NOT-FOR-US: Coca-Cola FM Brasil (aka com.enyetech.radio.coca_cola.fm_br) application for Android
-CVE-2014-7797
+CVE-2014-7797 (The Thai food (aka com.foods.thaifood) application 1.0 for Android doe ...)
 	NOT-FOR-US: Thai food (aka com.foods.thaifood) application for Android
-CVE-2014-7796
+CVE-2014-7796 (The House365 Radio (aka com.nobexinc.wls_27853803.rc) application 3.2. ...)
 	NOT-FOR-US: House365 Radio (aka com.nobexinc.wls_27853803.rc) application for Android
-CVE-2014-7795
+CVE-2014-7795 (The Harpers Bazaar Art (aka com.itp.harpersart) application @7F080181  ...)
 	NOT-FOR-US: Harpers Bazaar Art (aka com.itp.harpersart) application for Android
-CVE-2014-7794
+CVE-2014-7794 (The Knights of the Void (aka me.narr8.android.serial.knights_of_the_vo ...)
 	NOT-FOR-US: Knights of the Void (aka me.narr8.android.serial.knights_of_the_void) application for Android
-CVE-2014-7793
+CVE-2014-7793 (The CB - Calciatori Brutti (aka com.calciatori.brutti) application 1.0 ...)
 	NOT-FOR-US: CB - Calciatori Brutti (aka com.calciatori.brutti) application for Android
 CVE-2014-7792
 	REJECTED
-CVE-2014-7791
+CVE-2014-7791 (The Backyard Wrestling (aka com.wBackyardWrestling) application 0.1 fo ...)
 	NOT-FOR-US: Backyard Wrestling (aka com.wBackyardWrestling) application for Android
 CVE-2014-7790
 	REJECTED
-CVE-2014-7789
+CVE-2014-7789 (The Zillion Muslims (aka com.zillionmuslims.src) application 1.1 for A ...)
 	NOT-FOR-US: Zillion Muslims (aka com.zillionmuslims.src) application for Android
-CVE-2014-7788
+CVE-2014-7788 (The Best Free Giveaways (aka com.wIphone5GiveAways) application 0.1 fo ...)
 	NOT-FOR-US: Best Free Giveaways (aka com.wIphone5GiveAways) application for Android
-CVE-2014-7787
+CVE-2014-7787 (The iShuttle (aka com.synapse.ishuttle_user) application 1.0 for Andro ...)
 	NOT-FOR-US: iShuttle (aka com.synapse.ishuttle_user) application for Android
-CVE-2014-7786
+CVE-2014-7786 (The English Football Magazine (aka com.magzter.englishfootball) applic ...)
 	NOT-FOR-US: English Football Magazine (aka com.magzter.englishfootball) application for Android
-CVE-2014-7785
+CVE-2014-7785 (The AAAA Discount Bail (aka com.onesolutionapps.aaaadiscountbailandroi ...)
 	NOT-FOR-US: AAAA Discount Bail (aka com.onesolutionapps.aaaadiscountbailandroid) application for Android
-CVE-2014-7784
+CVE-2014-7784 (The Schon! Magazine (aka com.magzter.schonmagazine) application 3.0 fo ...)
 	NOT-FOR-US: Schon! Magazine (aka com.magzter.schonmagazine) application for Android
-CVE-2014-7783
+CVE-2014-7783 (The Bill G. Bennett (aka com.billgbennett) application 1.0 for Android ...)
 	NOT-FOR-US: Bill G. Bennett (aka com.billgbennett) application for Android
-CVE-2014-7782
+CVE-2014-7782 (The Macedonia Hacienda Hotel (aka appinventor.ai_orolimpio999.HotelMac ...)
 	NOT-FOR-US: Macedonia Hacienda Hotel (aka appinventor.ai_orolimpio999.HotelMacedonia) application for Android
-CVE-2014-7781
+CVE-2014-7781 (The Marijuana Handbook Lite - Weed (aka com.fallacystudios.marijuanaha ...)
 	NOT-FOR-US: Marijuana Handbook Lite - Weed (aka com.fallacystudios.marijuanahandbooklite) application for Android
-CVE-2014-7780
+CVE-2014-7780 (The Pakistan Cricket News (aka com.conduit.app_cf18df8bdf454eb0a836e2d ...)
 	NOT-FOR-US: Pakistan Cricket News (aka com.conduit.app_cf18df8bdf454eb0a836e2d29886bc40.app) application for Android
-CVE-2014-7779
+CVE-2014-7779 (The Kuran'in Bilimsel Mucizeleri (aka com.wKurannBilimselMucizeleri) a ...)
 	NOT-FOR-US: Kuran'in Bilimsel Mucizeleri (aka com.wKurannBilimselMucizeleri) application for Android
-CVE-2014-7778
+CVE-2014-7778 (The Epc World (aka com.magzter.epcworld) application 3.1 for Android d ...)
 	NOT-FOR-US: Epc World (aka com.magzter.epcworld) application for Android
-CVE-2014-7777
+CVE-2014-7777 (The Slingshot Forum (aka com.tapatalk.theslingshotforumcom) applicatio ...)
 	NOT-FOR-US: Slingshot Forum (aka com.tapatalk.theslingshotforumcom) application for Android
-CVE-2014-7776
+CVE-2014-7776 (The Kavita KS (aka com.snaplion.kavitaks) application 2.4 for Android  ...)
 	NOT-FOR-US: Kavita KS (aka com.snaplion.kavitaks) application for Android
-CVE-2014-7775
+CVE-2014-7775 (The Champak - Hindi (aka com.magzter.champakhindi) application 3.0.1 f ...)
 	NOT-FOR-US: Champak - Hindi (aka com.magzter.champakhindi) application for Android
-CVE-2014-7774
+CVE-2014-7774 (The Herbs &amp; Flowers Dictionary (aka com.wHerbsNFlowersDictionary)  ...)
 	NOT-FOR-US: Herbs & Flowers Dictionary (aka com.wHerbsNFlowersDictionary) application for Android
-CVE-2014-7773
+CVE-2014-7773 (The Cleveland Football STREAM (aka com.appstronautme.clevelandfootball ...)
 	NOT-FOR-US: Cleveland Football STREAM (aka com.appstronautme.clevelandfootballstream) application for Android
-CVE-2014-7772
+CVE-2014-7772 (The MB Tickets (aka com.xcr.android.mbtickets) application 3.0.1 for A ...)
 	NOT-FOR-US: MB Tickets (aka com.xcr.android.mbtickets) application for Android
-CVE-2014-7771
+CVE-2014-7771 (The World Tamil Bayan (aka com.wWorldTamilBayan) application 0.1 for A ...)
 	NOT-FOR-US: World Tamil Bayan (aka com.wWorldTamilBayan) application for Android
-CVE-2014-7770
+CVE-2014-7770 (The Lagu POP Indonesia (aka com.lagu.pop.indonesia.xygwphqpuomclljvaa) ...)
 	NOT-FOR-US: Lagu POP Indonesia (aka com.lagu.pop.indonesia.xygwphqpuomclljvaa) application for Android
-CVE-2014-7769
+CVE-2014-7769 (The Accurate Lending (aka com.soln.S7B193908AEA1937C7CBB4E889A46D3C0)  ...)
 	NOT-FOR-US: Accurate Lending (aka com.soln.S7B193908AEA1937C7CBB4E889A46D3C0) application for Android
-CVE-2014-7768
+CVE-2014-7768 (The Analects of Confucius (aka com.azbc88881.lunyu) application 8.0 fo ...)
 	NOT-FOR-US: Analects of Confucius (aka com.azbc88881.lunyu) application for Android
-CVE-2014-7767
+CVE-2014-7767 (The A+ (aka cn.xrzcm) application 1.0.1 for Android does not verify X. ...)
 	NOT-FOR-US: A+ (aka cn.xrzcm) application for Android
-CVE-2014-7766
+CVE-2014-7766 (The 7 Habits Personal Development (aka appinventor.ai_ingka_d_jiw.TheC ...)
 	NOT-FOR-US: 7 Habits Personal Development (aka appinventor.ai_ingka_d_jiw.TheCompleteGuideToApplyingThe7HabitsInHolisticPersonalDevelopment) application for Android
-CVE-2014-7765
+CVE-2014-7765 (The Hundred Thousands Kid Book (aka it.tinytap.attsa.thousands) applic ...)
 	NOT-FOR-US: Hundred Thousands Kid Book (aka it.tinytap.attsa.thousands) application for Android
-CVE-2014-7764
+CVE-2014-7764 (The Semper Invicta Fitness (aka com.semper.invicta.fitness) applicatio ...)
 	NOT-FOR-US: Semper Invicta Fitness (aka com.semper.invicta.fitness) application for Android
-CVE-2014-7763
+CVE-2014-7763 (The Listen up! mirucho (aka jp.ameba.kiiteyo.android) application 1.1. ...)
 	NOT-FOR-US: Listen up! mirucho (aka jp.ameba.kiiteyo.android) application for Android
-CVE-2014-7762
+CVE-2014-7762 (The Bite it! (aka com.ASA1Touch.Bite_it) application 1.1.8 for Android ...)
 	NOT-FOR-US: Bite it! (aka com.ASA1Touch.Bite_it) application for Android
-CVE-2014-7761
+CVE-2014-7761 (The Ink Cards (aka com.sincerely.android.ink) application 2.0.4 for An ...)
 	NOT-FOR-US: Ink Cards (aka com.sincerely.android.ink) application for Android
-CVE-2014-7760
+CVE-2014-7760 (The Health assistance service (aka net.nttcloud.ft.karada) application ...)
 	NOT-FOR-US: Health assistance service (aka net.nttcloud.ft.karada) application for Android
-CVE-2014-7759
+CVE-2014-7759 (The Jazz Lovers Radio (aka com.nobexinc.wls_99273254.rc) application 3 ...)
 	NOT-FOR-US: Jazz Lovers Radio (aka com.nobexinc.wls_99273254.rc) application for Android
-CVE-2014-7758
+CVE-2014-7758 (The AMKAMAL Science Portfolio (aka com.wAMKAMALSciencePortfolio) appli ...)
 	NOT-FOR-US: AMKAMAL Science Portfolio (aka com.wAMKAMALSciencePortfolio) application for Android
-CVE-2014-7757
+CVE-2014-7757 (The Awful Ninja Game (aka com.absolutelyawfulapplications.awfulninjaga ...)
 	NOT-FOR-US: Awful Ninja Game (aka com.absolutelyawfulapplications.awfulninjagame) application for Android
-CVE-2014-7756
+CVE-2014-7756 (The Radiohead fan (aka nl.jborsje.android.bandnews.radiohead) applicat ...)
 	NOT-FOR-US: Radiohead fan (aka nl.jborsje.android.bandnews.radiohead) application for Android
-CVE-2014-7755
+CVE-2014-7755 (The eTopUpOnline (aka com.moremagic.etopup.client.android) application ...)
 	NOT-FOR-US: eTopUpOnline (aka com.moremagic.etopup.client.android) application for Android
-CVE-2014-7754
+CVE-2014-7754 (The Condor S.E. (aka com.app_condorsoutheast.layout) application 1.399 ...)
 	NOT-FOR-US: Condor S.E. (aka com.app_condorsoutheast.layout) application for Android
-CVE-2014-7753
+CVE-2014-7753 (The Circa News (aka cir.ca) application 2.1.3 for Android does not ver ...)
 	NOT-FOR-US: Circa News (aka cir.ca) application for Android
-CVE-2014-7752
+CVE-2014-7752 (The NASIOC (aka net.endoftime.android.forumrunner.nasioc) application  ...)
 	NOT-FOR-US: NASIOC (aka net.endoftime.android.forumrunner.nasioc) application for Android
-CVE-2014-7751
+CVE-2014-7751 (The Recetas de Tragos (aka com.wRecetasdeTragos) application 0.1 for A ...)
 	NOT-FOR-US: Recetas de Tragos (aka com.wRecetasdeTragos) application for Android
-CVE-2014-7750
+CVE-2014-7750 (The Taster Magazine (aka com.magazinecloner.taster) application @7F080 ...)
 	NOT-FOR-US: Taster Magazine (aka com.magazinecloner.taster) application for Android
-CVE-2014-7749
+CVE-2014-7749 (The CamDictionary (aka com.intsig.camdict) application 2.3.0.20131118  ...)
 	NOT-FOR-US: CamDictionary (aka com.intsig.camdict) application for Android
-CVE-2014-7748
+CVE-2014-7748 (The Garip Ve Ilginc Olaylar (aka com.wGaripveeIlgincOlay) application  ...)
 	NOT-FOR-US: Garip Ve Ilginc Olaylar (aka com.wGaripveeIlgincOlay) application for Android
 CVE-2014-7747
 	REJECTED
-CVE-2014-7746
+CVE-2014-7746 (The Fusion Flowers - Weddings (aka com.triactivemedia.fusionweddings)  ...)
 	NOT-FOR-US: Fusion Flowers - Weddings (aka com.triactivemedia.fusionweddings) application for Android
-CVE-2014-7745
+CVE-2014-7745 (The Flight Manager (aka com.flightmanager.view) application 4.0 for An ...)
 	NOT-FOR-US: Flight Manager (aka com.flightmanager.view) application for Android
-CVE-2014-7744
+CVE-2014-7744 (The Musulmanin.com (aka com.wSalyafiyailimurdjiya) application 0.1 for ...)
 	NOT-FOR-US: Musulmanin.com (aka com.wSalyafiyailimurdjiya) application for Android
-CVE-2014-7743
+CVE-2014-7743 (The Humor Ironias y Realidades (aka com.wHumork) application 0.63.1337 ...)
 	NOT-FOR-US: Humor Ironias y Realidades (aka com.wHumork) application for Android
-CVE-2014-7742
+CVE-2014-7742 (The Noticias del Vaticano (aka com.wNoticiasdelVaticano) application 0 ...)
 	NOT-FOR-US: Noticias del Vaticano (aka com.wNoticiasdelVaticano) application for Android
-CVE-2014-7741
+CVE-2014-7741 (The Healing Bookstore (aka com.wHealingBookstore) application 0.1 for  ...)
 	NOT-FOR-US: Healing Bookstore (aka com.wHealingBookstore) application for Android
-CVE-2014-7740
+CVE-2014-7740 (The Pony Magazine (aka com.triactivemedia.ponymagazine) application @7 ...)
 	NOT-FOR-US: Pony Magazine (aka com.triactivemedia.ponymagazine) application for Android
-CVE-2014-7739
+CVE-2014-7739 (The Anahi A Adopter FR (aka com.wAnahiAAdopterFR) application 0.1 for  ...)
 	NOT-FOR-US: Anahi A Adopter FR (aka com.wAnahiAAdopterFR) application for Android
 CVE-2014-7738
 	REJECTED
-CVE-2014-7737
+CVE-2014-7737 (The FMAC : Federation Culinaire (aka com.fmac) application 1.0 for And ...)
 	NOT-FOR-US: FMAC : Federation Culinaire (aka com.fmac) application for Android
 CVE-2014-7736
 	REJECTED
-CVE-2014-7735
+CVE-2014-7735 (The Dr. Sheikh Adnan Ibrahim (aka com.amitaff.adnanIbrahim) applicatio ...)
 	NOT-FOR-US: Dr. Sheikh Adnan Ibrahim (aka com.amitaff.adnanIbrahim) application for Android
-CVE-2014-7734
+CVE-2014-7734 (The Reds Anytime Bail (aka com.onesolutionapps.redsanytimebailandroid) ...)
 	NOT-FOR-US: Reds Anytime Bail (aka com.onesolutionapps.redsanytimebailandroid) application for Android
-CVE-2014-7733
+CVE-2014-7733 (The Karaf Magazin (aka com.magzter.karafmagazin) application 3.0 for A ...)
 	NOT-FOR-US: Karaf Magazin (aka com.magzter.karafmagazin) application for Android
 CVE-2014-7732
 	REJECTED
-CVE-2014-7731
+CVE-2014-7731 (The Radio de la Cato (aka com.radio.de.la.cato) application 2.0 for An ...)
 	NOT-FOR-US: Radio de la Cato (aka com.radio.de.la.cato) application for Android
 CVE-2014-7730
 	REJECTED
 CVE-2014-7729
 	REJECTED
-CVE-2014-7728
+CVE-2014-7728 (The Logan Banner (aka com.soln.S8B5C1F53B8CBE06D5DE0A0E7E23DCDA7) appl ...)
 	NOT-FOR-US: Logan Banner (aka com.soln.S8B5C1F53B8CBE06D5DE0A0E7E23DCDA7) application for Android
-CVE-2014-7727
+CVE-2014-7727 (The Dj Brad H (aka com.dreamstep.wDjBradH) application 0.90 for Androi ...)
 	NOT-FOR-US: Dj Brad H (aka com.dreamstep.wDjBradH) application for Android
-CVE-2014-7726
+CVE-2014-7726 (The Golosinas Simpson1 (aka com.wGolosinasSimpson1) application 0.1 fo ...)
 	NOT-FOR-US: Golosinas Simpson1 (aka com.wGolosinasSimpson1) application for Android
-CVE-2014-7725
+CVE-2014-7725 (The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) applicatio ...)
 	NOT-FOR-US: Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application for Android
-CVE-2014-7724
+CVE-2014-7724 (The Chemssou Blink (aka com.chemssou.blink) application 1.0 for Androi ...)
 	NOT-FOR-US: Chemssou Blink (aka com.chemssou.blink) application for Android
-CVE-2014-7723
+CVE-2014-7723 (The Carnegie Mellon Silicon Valley (aka edu.cmu.sv.mobile) application ...)
 	NOT-FOR-US: Carnegie Mellon Silicon Valley (aka edu.cmu.sv.mobile) application for Android
-CVE-2014-7722
+CVE-2014-7722 (The Indian Jeweller (aka com.magzter.indianjeweller) application 3.0 f ...)
 	NOT-FOR-US: Indian Jeweller (aka com.magzter.indianjeweller) application for Android
-CVE-2014-7721
+CVE-2014-7721 (The President Clicker (aka com.flexymind.pclicker) application 1.0.4 f ...)
 	NOT-FOR-US: President Clicker (aka com.flexymind.pclicker) application for Android
-CVE-2014-7720
+CVE-2014-7720 (The Better Homes and Gardens Aus (aka com.pacificmagazines.betterhomes ...)
 	NOT-FOR-US: Better Homes and Gardens Aus (aka com.pacificmagazines.betterhomesandgardens) application for Android
-CVE-2014-7719
+CVE-2014-7719 (The BASEBALL MANAGER K (aka com.cjenm.yagamkgoogle) application 1.13 f ...)
 	NOT-FOR-US: BASEBALL MANAGER K (aka com.cjenm.yagamkgoogle) application for Android
-CVE-2014-7718
+CVE-2014-7718 (The Travel+Leisure (aka com.magzter.travelleisure) application 3.0 for ...)
 	NOT-FOR-US: Travel+Leisure (aka com.magzter.travelleisure) application for Android
-CVE-2014-7717
+CVE-2014-7717 (The Mills-Hazel Property Mgmt (aka com.appexpress.millshazelpropertyma ...)
 	NOT-FOR-US: Mills-Hazel Property Mgmt (aka com.appexpress.millshazelpropertymanagement) application for Android
-CVE-2014-7716
+CVE-2014-7716 (The Ultimate Christian Radios (aka com.ngg.ultimatechristianradios) ap ...)
 	NOT-FOR-US: Ultimate Christian Radios (aka com.ngg.ultimatechristianradios) application for Android
-CVE-2014-7715
+CVE-2014-7715 (The GIGA HOBBY (aka com.innopage.store.gigahobby) application 1.0.6 fo ...)
 	NOT-FOR-US: GIGA HOBBY (aka com.innopage.store.gigahobby) application for Android
-CVE-2014-7714
+CVE-2014-7714 (The ibon (aka tw.net.pic.mobi) application 3.2.1 for Android does not  ...)
 	NOT-FOR-US: ibon (aka tw.net.pic.mobi) application for Android
-CVE-2014-7713
+CVE-2014-7713 (The Skin&amp;Ink Magazine (aka com.triactivemedia.skinandink) applicat ...)
 	NOT-FOR-US: Skin&Ink Magazine (aka com.triactivemedia.skinandink) application for Android
-CVE-2014-7712
+CVE-2014-7712 (The Tiket.com Hotel &amp; Flight (aka com.tiket.gits) application 1.1. ...)
 	NOT-FOR-US: Tiket.com Hotel & Flight (aka com.tiket.gits) application for Android
 CVE-2014-7711
 	REJECTED
-CVE-2014-7710
+CVE-2014-7710 (The India Today Telugu (aka com.magzter.indiatoday.telugu) application ...)
 	NOT-FOR-US: India Today Telugu (aka com.magzter.indiatoday.telugu) application for Android
 CVE-2014-7709
 	REJECTED
-CVE-2014-7708
+CVE-2014-7708 (The Raven - The Culture Lover (aka com.booksbyraven) application 1.60  ...)
 	NOT-FOR-US: Raven - The Culture Lover (aka com.booksbyraven) application for Android
-CVE-2014-7707
+CVE-2014-7707 (The Outdoor Design And Living (aka com.pocketmagsau.outdoordesignandli ...)
 	NOT-FOR-US: Outdoor Design And Living (aka com.pocketmagsau.outdoordesignandliving) application for Android
 CVE-2014-7706
 	REJECTED
-CVE-2014-7705
+CVE-2014-7705 (The Atkins Diet Free Shopping List (aka com.wAtkinsDietFreeShoppingLis ...)
 	NOT-FOR-US: Atkins Diet Free Shopping List (aka com.wAtkinsDietFreeShoppingList) application for Android
 CVE-2014-7704
 	REJECTED
-CVE-2014-7703
+CVE-2014-7703 (The Terrorizer Magazine (aka com.triactivemedia.terrorizer) applicatio ...)
 	NOT-FOR-US: Terrorizer Magazine (aka com.triactivemedia.terrorizer) application for Android
-CVE-2014-7702
+CVE-2014-7702 (The ahtty (aka com.crevation.babylon.ahtty) application 1.97.16 for An ...)
 	NOT-FOR-US: ahtty (aka com.crevation.babylon.ahtty) application for Android
-CVE-2014-7701
+CVE-2014-7701 (The DoNotTrackMe - Mobile Privacy (aka com.abine.dnt) application 1.1. ...)
 	NOT-FOR-US: DoNotTrackMe - Mobile Privacy (aka com.abine.dnt) application for Android
-CVE-2014-7700
+CVE-2014-7700 (The Flying Fox (aka com.chillingo.slyfoxfree.android.aja) application  ...)
 	NOT-FOR-US: Flying Fox (aka com.chillingo.slyfoxfree.android.aja) application for Android
 CVE-2014-7699
 	REJECTED
-CVE-2014-7698
+CVE-2014-7698 (The Xinhua International (aka org.xinhua.xnews_international) applicat ...)
 	NOT-FOR-US: Xinhua International (aka org.xinhua.xnews_international) application for Android
-CVE-2014-7697
+CVE-2014-7697 (The Eyvah! Bosandim ozgurum (aka com.wEyvahBosandimBlog) application 0 ...)
 	NOT-FOR-US: Eyvah! Bosandim ozgurum (aka com.wEyvahBosandimBlog) application for Android
-CVE-2014-7696
+CVE-2014-7696 (The Halftime Magazine (aka com.magzter.halftimemagazine) application 3 ...)
 	NOT-FOR-US: Halftime Magazine (aka com.magzter.halftimemagazine) application for Android
-CVE-2014-7695
+CVE-2014-7695 (The easaa Baoneng (aka com.easaa.baoneng) application 1.0 for Android  ...)
 	NOT-FOR-US: easaa Baoneng (aka com.easaa.baoneng) application for Android
-CVE-2014-7694
+CVE-2014-7694 (The Corvette Museum (aka com.app_corvettemuseum.layout) application 1. ...)
 	NOT-FOR-US: Corvette Museum (aka com.app_corvettemuseum.layout) application for Android
-CVE-2014-7693
+CVE-2014-7693 (The JusApp! (aka com.tapatalk.jusappcombrforum) application 3.7.5 for  ...)
 	NOT-FOR-US: JusApp! (aka com.tapatalk.jusappcombrforum) application for Android
-CVE-2014-7692
+CVE-2014-7692 (The Lent Experience (aka com.wLentExperience) application 0.1 for Andr ...)
 	NOT-FOR-US: Lent Experience (aka com.wLentExperience) application for Android
-CVE-2014-7691
+CVE-2014-7691 (The Life Story of Sheikh Mujib (aka com.wbongobondho) application 0.1  ...)
 	NOT-FOR-US: Life Story of Sheikh Mujib (aka com.wbongobondho) application for Android
-CVE-2014-7690
+CVE-2014-7690 (The myfone Shopping (aka com.twm.pt.eccart) application 2.1.01.00.040  ...)
 	NOT-FOR-US: myfone Shopping (aka com.twm.pt.eccart) application for Android
-CVE-2014-7689
+CVE-2014-7689 (The GzoneRC - The RC Hobby Hub (aka com.wGzoneRC) application 0.1 for  ...)
 	NOT-FOR-US: GzoneRC - The RC Hobby Hub (aka com.wGzoneRC) application for Android
-CVE-2014-7688
+CVE-2014-7688 (The Home Improvement (aka com.whomeimprovementapp) application 0.1 for ...)
 	NOT-FOR-US: Home Improvement (aka com.whomeimprovementapp) application for Android
 CVE-2014-7687
 	REJECTED
-CVE-2014-7686
+CVE-2014-7686 (The So. Co. Business Partnership (aka com.ChamberMe.SCBPSOUTHERNCO) ap ...)
 	NOT-FOR-US: So. Co. Business Partnership (aka com.ChamberMe.SCBPSOUTHERNCO) application for Android
-CVE-2014-7685
+CVE-2014-7685 (The Razer Comms - Gaming Messenger (aka com.razerzone.comms) applicati ...)
 	NOT-FOR-US: Razer Comms - Gaming Messenger (aka com.razerzone.comms) application for Android
 CVE-2014-7684
 	REJECTED
-CVE-2014-7683
+CVE-2014-7683 (The Free Canadian Author Previews (aka com.booksellerscanada.authorpre ...)
 	NOT-FOR-US: Free Canadian Author Previews (aka com.booksellerscanada.authorpreview) application for Android
-CVE-2014-7682
+CVE-2014-7682 (The GR8! TV (aka com.magzter.greighttv) application 3.0 for Android do ...)
 	NOT-FOR-US: GR8! TV (aka com.magzter.greighttv) application for Android
-CVE-2014-7681
+CVE-2014-7681 (The VMware vForums 2014 (aka com.coreapps.android.followme.vmwarevforu ...)
 	NOT-FOR-US: VMware vForums 2014 (aka com.coreapps.android.followme.vmwarevforums) application for Android
 CVE-2014-7680
 	REJECTED
@@ -6914,157 +6914,157 @@ CVE-2014-7679
 	REJECTED
 CVE-2014-7678
 	REJECTED
-CVE-2014-7677
+CVE-2014-7677 (The Scudetto (aka com.scudetto) application 2.7 for Android does not v ...)
 	NOT-FOR-US: Scudetto (aka com.scudetto) application for Android
-CVE-2014-7676
+CVE-2014-7676 (The Home Made Air Freshener (aka com.wHomeMadeAirFreshener) applicatio ...)
 	NOT-FOR-US: Home Made Air Freshener (aka com.wHomeMadeAirFreshener) application for Android
 CVE-2014-7675
 	REJECTED
-CVE-2014-7674
+CVE-2014-7674 (The TicketOne.it (aka it.ticketone.mobile.app.Android) application 2.2 ...)
 	NOT-FOR-US: TicketOne.it (aka it.ticketone.mobile.app.Android) application for Android
 CVE-2014-7673
 	REJECTED
 CVE-2014-7672
 	REJECTED
-CVE-2014-7671
+CVE-2014-7671 (The Tekno Apsis (aka com.teknoapsis) application 2.4 for Android does  ...)
 	NOT-FOR-US: Tekno Apsis (aka com.teknoapsis) application for Android
-CVE-2014-7670
+CVE-2014-7670 (The Motor Town: Machine Soul Free (aka com.alawar.motortownfree) appli ...)
 	NOT-FOR-US: Motor Town: Machine Soul Free (aka com.alawar.motortownfree) application for Android
 CVE-2014-7669
 	REJECTED
-CVE-2014-7668
+CVE-2014-7668 (The Ads Free. Cz advert (aka cz.inzeratyzdarma.cz) application 1.4 for ...)
 	NOT-FOR-US: Ads Free. Cz advert (aka cz.inzeratyzdarma.cz) application for Android
-CVE-2014-7667
+CVE-2014-7667 (The Coca-Cola FM Honduras (aka com.enyetech.radio.coca_cola.fm_hn) app ...)
 	NOT-FOR-US: Coca-Cola FM Honduras (aka com.enyetech.radio.coca_cola.fm_hn) application for Android
-CVE-2014-7666
+CVE-2014-7666 (The American Waterfowler (aka com.magazinecloner.americanwaterfowler)  ...)
 	NOT-FOR-US: American Waterfowler (aka com.magazinecloner.americanwaterfowler) application for Android
 CVE-2014-7665
 	REJECTED
-CVE-2014-7664
+CVE-2014-7664 (The Bilingual Magic Ball Relajo (aka com.wBilingualMagicBallRelajo) ap ...)
 	NOT-FOR-US: Bilingual Magic Ball Relajo (aka com.wBilingualMagicBallRelajo) application for Android
-CVE-2014-7663
+CVE-2014-7663 (The Right to the Nitty Gritty (aka com.wGoNittyGritty) application 0.1 ...)
 	NOT-FOR-US: Right to the Nitty Gritty (aka com.wGoNittyGritty) application for Android
 CVE-2014-7662
 	REJECTED
-CVE-2014-7661
+CVE-2014-7661 (The Masquito Blogger (aka com.wmasquito) application 0.1 for Android d ...)
 	NOT-FOR-US: Masquito Blogger (aka com.wmasquito) application for Android
-CVE-2014-7660
+CVE-2014-7660 (The Gent Magazine (aka com.magzter.thegentmagazine) application 3.0 fo ...)
 	NOT-FOR-US: Gent Magazine (aka com.magzter.thegentmagazine) application for Android
-CVE-2014-7659
+CVE-2014-7659 (The ExpeditersOnline.com Forum (aka com.quoord.tapatalkeo.activity) ap ...)
 	NOT-FOR-US: ExpeditersOnline.com Forum (aka com.quoord.tapatalkeo.activity) application for Android
 CVE-2014-7658
 	REJECTED
 CVE-2014-7657
 	REJECTED
-CVE-2014-7656
+CVE-2014-7656 (The Indian Management (aka com.magzter.indianmanagement) application 3 ...)
 	NOT-FOR-US: Indian Management (aka com.magzter.indianmanagement) application for Android
-CVE-2014-7655
+CVE-2014-7655 (The Dresden Transport Museum (aka de.appack.project.vmd) application 2 ...)
 	NOT-FOR-US: Dresden Transport Museum (aka de.appack.project.vmd) application for Android
 CVE-2014-7654
 	REJECTED
 CVE-2014-7653
 	REJECTED
-CVE-2014-7652
+CVE-2014-7652 (The Magicam Photo Magic Editor (aka mobi.magicam.editor) application 5 ...)
 	NOT-FOR-US: Magicam Photo Magic Editor (aka mobi.magicam.editor) application for Android
 CVE-2014-7651
 	REJECTED
-CVE-2014-7650
+CVE-2014-7650 (The JJA- Juvenile Justice Act 1986 (aka com.felix.jja) application 1.0 ...)
 	NOT-FOR-US: JJA- Juvenile Justice Act 1986 (aka com.felix.jja) application for Android
-CVE-2014-7649
+CVE-2014-7649 (The Classic Car Buyer (aka com.magazinecloner.carbuyer) application @7 ...)
 	NOT-FOR-US: Classic Car Buyer (aka com.magazinecloner.carbuyer) application for Android
-CVE-2014-7648
+CVE-2014-7648 (The SMARTalk (aka jp.co.fusioncom.smartalk.android) application 1.1 fo ...)
 	NOT-FOR-US: SMARTalk (aka jp.co.fusioncom.smartalk.android) application for Android
-CVE-2014-7647
+CVE-2014-7647 (The BOOKING DISCOUNT (aka com.wmygoodhotelscom) application 0.1 for An ...)
 	NOT-FOR-US: BOOKING DISCOUNT (aka com.wmygoodhotelscom) application for Android
-CVE-2014-7646
+CVE-2014-7646 (The EMT-Paramedic Lite (aka com.wEMTparamedicLite) application 0.1 for ...)
 	NOT-FOR-US: EMT-Paramedic Lite (aka com.wEMTparamedicLite) application for Android
 CVE-2014-7645
 	REJECTED
-CVE-2014-7644
+CVE-2014-7644 (The Go MSX MLS (aka com.doapps.android.realestate.RE_16b9c09c4d5b0e174 ...)
 	NOT-FOR-US: Go MSX MLS (aka com.doapps.android.realestate.RE_16b9c09c4d5b0e174208f35e7c49f9a0) application for Android
-CVE-2014-7643
+CVE-2014-7643 (The C.R. Group (aka com.c.r.group) application 1.0 for Android does no ...)
 	NOT-FOR-US: C.R. Group (aka com.c.r.group) application for Android
-CVE-2014-7642
+CVE-2014-7642 (The Pegasus Airlines (aka com.wPegasusAirlines) application 0.84.13503 ...)
 	NOT-FOR-US: Pegasus Airlines (aka com.wPegasusAirlines) application for Android
 CVE-2014-7641
 	REJECTED
-CVE-2014-7640
+CVE-2014-7640 (The Hotel Room (aka com.wHotelRoom) application 0.1 for Android does n ...)
 	NOT-FOR-US: Hotel Room (aka com.wHotelRoom) application for Android
 CVE-2014-7639
 	REJECTED
-CVE-2014-7638
+CVE-2014-7638 (The Fabuestereo 88.1 FM (aka com.nobexinc.wls_27892411.rc) application ...)
 	NOT-FOR-US: Fabuestereo 88.1 FM (aka com.nobexinc.wls_27892411.rc) application for Android
 CVE-2014-7637
 	REJECTED
-CVE-2014-7636
+CVE-2014-7636 (The United Hawk Nation (aka com.united12thman) application 2.1 for And ...)
 	NOT-FOR-US: United Hawk Nation (aka com.united12thman) application for Android
 CVE-2014-7635
 	REJECTED
-CVE-2014-7634
+CVE-2014-7634 (The Adopt O Pet (aka com.wFindAPet) application 0.1 for Android does n ...)
 	NOT-FOR-US: Adopt O Pet (aka com.wFindAPet) application for Android
-CVE-2014-7633
+CVE-2014-7633 (The Dino Zoo (aka com.tappocket.dinozoostar) application 1.5 for Andro ...)
 	NOT-FOR-US: Dino Zoo (aka com.tappocket.dinozoostar) application for Android
-CVE-2014-7632
+CVE-2014-7632 (The news revolution - bahrain (aka com.news.revolution.BH) application ...)
 	NOT-FOR-US: news revolution - bahrain (aka com.news.revolution.BH) application for Android
-CVE-2014-7631
+CVE-2014-7631 (The Villa Antonia (aka com.appbuilder.u7p5019) application 1 for Andro ...)
 	NOT-FOR-US: Villa Antonia (aka com.appbuilder.u7p5019) application for Android
-CVE-2014-7630
+CVE-2014-7630 (The Fling Gold (aka com.mbgames.fling.gold) application 1.1.3 for Andr ...)
 	NOT-FOR-US: Fling Gold (aka com.mbgames.fling.gold) application for Android
-CVE-2014-7629
+CVE-2014-7629 (The Yulman Stadium (aka com.dub.app.tulanestadium) application 1.4.25  ...)
 	NOT-FOR-US: Yulman Stadium (aka com.dub.app.tulanestadium) application for Android
-CVE-2014-7628
+CVE-2014-7628 (The Acorn Comms (aka com.acorncomms.app) application 3.0 for Android d ...)
 	NOT-FOR-US: Acorn Comms (aka com.acorncomms.app) application for Android
 CVE-2014-7627
 	REJECTED
-CVE-2014-7626
+CVE-2014-7626 (The Atme (aka com.bedigital.atme) application 1.0.10 for Android does  ...)
 	NOT-FOR-US: Atme (aka com.bedigital.atme) application for Android
 CVE-2014-7625
 	REJECTED
-CVE-2014-7624
+CVE-2014-7624 (The Guess the Pixel Character Quiz (aka com.aiadp.pixelcQuiz) applicat ...)
 	NOT-FOR-US: Guess the Pixel Character Quiz (aka com.aiadp.pixelcQuiz) application for Android
 CVE-2014-7623
 	REJECTED
-CVE-2014-7622
+CVE-2014-7622 (The Affinity Mobile ATM Locator (aka com.collegemobile.affinity.locato ...)
 	NOT-FOR-US: Affinity Mobile ATM Locator (aka com.collegemobile.affinity.locator) application for Android
-CVE-2014-7621
+CVE-2014-7621 (The EIN Lookup (aka appinventor.ai_siwanuth.EINLookup) application 1.1 ...)
 	NOT-FOR-US: EIN Lookup (aka appinventor.ai_siwanuth.EINLookup) application for Android
-CVE-2014-7620
+CVE-2014-7620 (The Authors On Tour - Live! (aka com.appmakr.app122286) application 4  ...)
 	NOT-FOR-US: Authors On Tour - Live! (aka com.appmakr.app122286) application for Android
 CVE-2014-7619
 	REJECTED
-CVE-2014-7618
+CVE-2014-7618 (The Interior Design (aka com.interior.design.mcreda) application 1.0 f ...)
 	NOT-FOR-US: Interior Design (aka com.interior.design.mcreda) application for Android
-CVE-2014-7617
+CVE-2014-7617 (The www.roads365.com (aka ydx.android) application 1.0.1 for Android d ...)
 	NOT-FOR-US: www.roads365.com (aka ydx.android) application for Android
-CVE-2014-7616
+CVE-2014-7616 (The Physics Forums (aka com.tapatalk.physicsforumscom) application 3.9 ...)
 	NOT-FOR-US: Physics Forums (aka com.tapatalk.physicsforumscom) application for Android
 CVE-2014-7615
 	REJECTED
-CVE-2014-7614
+CVE-2014-7614 (The Warrior Beach Retreat (aka com.wWarriorBeachRetreat) application 0 ...)
 	NOT-FOR-US: Warrior Beach Retreat (aka com.wWarriorBeachRetreat) application for Android
-CVE-2014-7613
+CVE-2014-7613 (The WASPS Official Programmes (aka com.triactivemedia.wasps) applicati ...)
 	NOT-FOR-US: WASPS Official Programmes (aka com.triactivemedia.wasps) application for Android
-CVE-2014-7612
+CVE-2014-7612 (The e-Kiosk (aka com.ekioskreader.android.pdfviewer) application 1.74  ...)
 	NOT-FOR-US: e-Kiosk (aka com.ekioskreader.android.pdfviewer) application for Android
-CVE-2014-7611
+CVE-2014-7611 (The Lost Temple (aka com.crazy.game.good.mengchenglu.templeI) applicat ...)
 	NOT-FOR-US: Lost Temple (aka com.crazy.game.good.mengchenglu.templeI) application for Android
-CVE-2014-7610
+CVE-2014-7610 (The Kadinlar Kulubu KKMobileApp (aka com.tapatalk.kadinlarkulubucom) a ...)
 	NOT-FOR-US: Kadinlar Kulubu KKMobileApp (aka com.tapatalk.kadinlarkulubucom) application for Android
-CVE-2014-7609
+CVE-2014-7609 (The iStunt 2 (aka com.miniclip.istunt2) application 1.1.2 for Android  ...)
 	NOT-FOR-US: iStunt 2 (aka com.miniclip.istunt2) application for Android
-CVE-2014-7608
+CVE-2014-7608 (The Carrier Enterprise HVAC Assist (aka com.es.CE) application 4.0 for ...)
 	NOT-FOR-US: Carrier Enterprise HVAC Assist (aka com.es.CE) application for Android
-CVE-2014-7607
+CVE-2014-7607 (The Swamiji.tv (aka org.yidl.SwamijiTV) application 2.0 for Android do ...)
 	NOT-FOR-US: Swamiji.tv (aka org.yidl.SwamijiTV) application for Android
-CVE-2014-7606
+CVE-2014-7606 (The Concursive (aka com.concursive.app) application 2.1 for Android do ...)
 	NOT-FOR-US: Concursive (aka com.concursive.app) application for Android
-CVE-2014-7605
+CVE-2014-7605 (The Actors Key (aka com.conduit.app_f83daeb6861b401bb103c33ea4210029.a ...)
 	NOT-FOR-US: Actors Key (aka com.conduit.app_f83daeb6861b401bb103c33ea4210029.app) application for Android
-CVE-2014-7604
+CVE-2014-7604 (The Easy Tips For Glowing Skin (aka com.n.easytipsforglowingskin) appl ...)
 	NOT-FOR-US: Easy Tips For Glowing Skin (aka com.n.easytipsforglowingskin) application for Android
-CVE-2014-7603
+CVE-2014-7603 (The Gravey Design (aka com.dreamstep.wGraveyDesign) application 0.58.1 ...)
 	NOT-FOR-US: Gravey Design (aka com.dreamstep.wGraveyDesign) application for Android
-CVE-2014-7602
+CVE-2014-7602 (The FRONT (aka com.magazinecloner.front) application @7F08017A for And ...)
 	NOT-FOR-US: FRONT (aka com.magazinecloner.front) application for Android
 CVE-2014-7601
 	REJECTED
@@ -7072,586 +7072,586 @@ CVE-2014-7600
 	REJECTED
 CVE-2014-7599
 	REJECTED
-CVE-2014-7598
+CVE-2014-7598 (The Poker Puzzle (aka com.sharpiq.pokerpuzzle) application 1.0.0 for A ...)
 	NOT-FOR-US: Poker Puzzle (aka com.sharpiq.pokerpuzzle) application for Android
-CVE-2014-7597
+CVE-2014-7597 (The Fabulas Infantiles (aka com.mobincube.android.sc_9I1A3) applicatio ...)
 	NOT-FOR-US: Fabulas Infantiles (aka com.mobincube.android.sc_9I1A3) application for Android
-CVE-2014-7596
+CVE-2014-7596 (The Paramore (aka uk.co.pixelkicks.paramore) application 2.3.4 for And ...)
 	NOT-FOR-US: Paramore (aka uk.co.pixelkicks.paramore) application for Android
-CVE-2014-7595
+CVE-2014-7595 (The devada.co.uk (aka com.wdevadacouk) application 1.2 for Android doe ...)
 	NOT-FOR-US: devada.co.uk (aka com.wdevadacouk) application for Android
 CVE-2014-7594
 	REJECTED
-CVE-2014-7593
+CVE-2014-7593 (The Mr Whippet - Yorkshire Ice (aka com.appytimes.ice) application 1.1 ...)
 	NOT-FOR-US: Mr Whippet - Yorkshire Ice (aka com.appytimes.ice) application for Android
-CVE-2014-7592
+CVE-2014-7592 (The FOL (aka com.desire2learn.fol.mobile.app.campuslife.directory) app ...)
 	NOT-FOR-US: FOL (aka com.desire2learn.fol.mobile.app.campuslife.directory) application for Android
-CVE-2014-7591
+CVE-2014-7591 (The Demon (aka com.ireadercity.c24) application 3.0.2 for Android does ...)
 	NOT-FOR-US: Demon (aka com.ireadercity.c24) application for Android
-CVE-2014-7590
+CVE-2014-7590 (The WebPromoExperts (aka ua.com.webpromoexperts) application 1.8 for A ...)
 	NOT-FOR-US: WebPromoExperts (aka ua.com.webpromoexperts) application for Android
-CVE-2014-7589
+CVE-2014-7589 (The Industrial and Commercial Bank of China (ICBC) Banking (aka com.ic ...)
 	NOT-FOR-US: Industrial and Commercial Bank of China (ICBC) Banking (aka com.icbc.android) application for Android
 CVE-2014-7588
 	REJECTED
-CVE-2014-7587
+CVE-2014-7587 (The Blocked in Free (aka com.blueup.blocked) application 1.0 for Andro ...)
 	NOT-FOR-US: Blocked in Free (aka com.blueup.blocked) application for Android
 CVE-2014-7586
 	REJECTED
-CVE-2014-7585
+CVE-2014-7585 (The Biplane Forum (aka com.gcspublishing.biplaneforum) application 3.7 ...)
 	NOT-FOR-US: Biplane Forum (aka com.gcspublishing.biplaneforum) application for Android
-CVE-2014-7584
+CVE-2014-7584 (The ACN2GO (aka com.dataparadigm.acnmobile) application 1.7 for Androi ...)
 	NOT-FOR-US: ACN2GO (aka com.dataparadigm.acnmobile) application for Android
 CVE-2014-7583
 	REJECTED
-CVE-2014-7582
+CVE-2014-7582 (The Water Lateral Sizer (aka com.wWaterLateralSizer) application 1.2 f ...)
 	NOT-FOR-US: Water Lateral Sizer (aka com.wWaterLateralSizer) application for Android
-CVE-2014-7581
+CVE-2014-7581 (The Quotes of Travis Barker (aka com.celebrity_quotes.travisbarker) ap ...)
 	NOT-FOR-US: Quotes of Travis Barker (aka com.celebrity_quotes.travisbarker) application for Android
-CVE-2014-7580
+CVE-2014-7580 (The Thailand Investor News (aka nudecreative.thaistock.set) applicatio ...)
 	NOT-FOR-US: Thailand Investor News (aka nudecreative.thaistock.set) application for Android
 CVE-2014-7579
 	REJECTED
-CVE-2014-7578
+CVE-2014-7578 (The Bieber News Now (aka com.jbnews) application 12.0.5 for Android do ...)
 	NOT-FOR-US: Bieber News Now (aka com.jbnews) application for Android
-CVE-2014-7577
+CVE-2014-7577 (The B&amp;H Photo Video Pro Audio (aka com.bhphoto) application 2.5.1  ...)
 	NOT-FOR-US: B&H Photo Video Pro Audio (aka com.bhphoto) application for Android
-CVE-2014-7576
+CVE-2014-7576 (The Chien Binh Bakugan 2 LongTieng (aka com.htv.chien.binh.bakugan.ii. ...)
 	NOT-FOR-US: Chien Binh Bakugan 2 LongTieng (aka com.htv.chien.binh.bakugan.ii.hanh.trinh.moi.long.tieng) application for Android
-CVE-2014-7575
+CVE-2014-7575 (The eBiblio Andalucia (aka com.bqreaders.reader.ebiblioandalucia) appl ...)
 	NOT-FOR-US: eBiblio Andalucia (aka com.bqreaders.reader.ebiblioandalucia) application for Android
 CVE-2014-7574
 	REJECTED
-CVE-2014-7573
+CVE-2014-7573 (The droid Survey Offline Forms (aka com.contact.droidSURVEY) applicati ...)
 	NOT-FOR-US: droid Survey Offline Forms (aka com.contact.droidSURVEY) application for Android
-CVE-2014-7572
+CVE-2014-7572 (The Stoner's Handbook L- Bud Guide (aka fallacystudios.stonershandbook ...)
 	NOT-FOR-US: Stoner's Handbook L- Bud Guide (aka fallacystudios.stonershandbooklite) application for Android
-CVE-2014-7571
+CVE-2014-7571 (The Grey's Anatomy Fan (aka nl.jborsje.android.tvfan.greysanatomy) app ...)
 	NOT-FOR-US: Grey's Anatomy Fan (aka nl.jborsje.android.tvfan.greysanatomy) application for Android
-CVE-2014-7570
+CVE-2014-7570 (The Fire Equipments Screen lock (aka com.locktheworld.screen.lock.them ...)
 	NOT-FOR-US: Fire Equipments Screen lock (aka com.locktheworld.screen.lock.theme.FireEquipments) application for Android
-CVE-2014-7569
+CVE-2014-7569 (The Best Greatness Quotes (aka best.free.greatness.quotes.android.app) ...)
 	NOT-FOR-US: Best Greatness Quotes (aka best.free.greatness.quotes.android.app) application for Android
-CVE-2014-7568
+CVE-2014-7568 (The Marcus Butler Unofficial (aka com.automon.ay.marcus.butler) applic ...)
 	NOT-FOR-US: Marcus Butler Unofficial (aka com.automon.ay.marcus.butler) application for Android
-CVE-2014-7567
+CVE-2014-7567 (The iMig 2012 (aka com.webges.imig) application 1.0.0 for Android does ...)
 	NOT-FOR-US: iMig 2012 (aka com.webges.imig) application for Android
-CVE-2014-7566
+CVE-2014-7566 (The Stift Neuburg (aka de.appack.project.neuburg) application 1.1 for  ...)
 	NOT-FOR-US: Stift Neuburg (aka de.appack.project.neuburg) application for Android
-CVE-2014-7565
+CVE-2014-7565 (The Rando Noeux (aka com.gmteditions.NoeuxLesMinesDistrib) application ...)
 	NOT-FOR-US: Rando Noeux (aka com.gmteditions.NoeuxLesMinesDistrib) application for Android
-CVE-2014-7564
+CVE-2014-7564 (The Simple Car Care Tip and Advice (aka com.a1481542198504ee106f182c8a ...)
 	NOT-FOR-US: Simple Car Care Tip and Advice (aka com.a1481542198504ee106f182c8a.a40350826a) application for Android
-CVE-2014-7563
+CVE-2014-7563 (The Tactical Force LLC (aka com.conduit.app_69f61a8852b046f2846054b30c ...)
 	NOT-FOR-US: Tactical Force LLC (aka com.conduit.app_69f61a8852b046f2846054b30c4032a7.app) application for Android
-CVE-2014-7562
+CVE-2014-7562 (The Health Advocate SmartHelp (aka com.healthadvocate.ui) application  ...)
 	NOT-FOR-US: Health Advocate SmartHelp (aka com.healthadvocate.ui) application for Android
 CVE-2014-7561
 	REJECTED
-CVE-2014-7560
+CVE-2014-7560 (The Fabasoft Cloud (aka com.fabasoft.android.cmis.folio_cloud) applica ...)
 	NOT-FOR-US: Fabasoft Cloud (aka com.fabasoft.android.cmis.folio_cloud) application for Android
-CVE-2014-7559
+CVE-2014-7559 (The InstaTalks (aka com.natrobit.instatalks) application 1.3.1 for And ...)
 	NOT-FOR-US: InstaTalks (aka com.natrobit.instatalks) application for Android
-CVE-2014-7558
+CVE-2014-7558 (The Everest Poker (aka com.wEverestPoker) application 0.1 for Android  ...)
 	NOT-FOR-US: Everest Poker (aka com.wEverestPoker) application for Android
-CVE-2014-7557
+CVE-2014-7557 (The zroadster.com (aka com.tapatalk.zroadstercomforum) application 2.4 ...)
 	NOT-FOR-US: zroadster.com (aka com.tapatalk.zroadstercomforum) application for Android
 CVE-2014-7556
 	REJECTED
-CVE-2014-7555
+CVE-2014-7555 (The Apparound BLEND (aka com.apparound.mobile.catalogo) application 4. ...)
 	NOT-FOR-US: Apparound BLEND (aka com.apparound.mobile.catalogo) application for Android
-CVE-2014-7554
+CVE-2014-7554 (The Bouqs - Flowers Simplified (aka com.bouqs.activity) application 1. ...)
 	NOT-FOR-US: Bouqs - Flowers Simplified (aka com.bouqs.activity) application for Android
-CVE-2014-7553
+CVE-2014-7553 (The GET NYCE Lightworks (aka com.wGETNYCE) application 0.84.13506.9895 ...)
 	NOT-FOR-US: GET NYCE Lightworks (aka com.wGETNYCE) application for Android
-CVE-2014-7552
+CVE-2014-7552 (The Zombie Diary (aka com.ezjoy.feelingtouch.zombiediary) application  ...)
 	NOT-FOR-US: Zombie Diary (aka com.ezjoy.feelingtouch.zombiediary) application for Android
-CVE-2014-7551
+CVE-2014-7551 (The Noticias Bebes Beybies (aka com.beybies) application 1.0 for Andro ...)
 	NOT-FOR-US: Noticias Bebes Beybies (aka com.beybies) application for Android
-CVE-2014-7550
+CVE-2014-7550 (The basketball news &amp; videos (aka com.basketbal.news.caesar) appli ...)
 	NOT-FOR-US: basketball news & videos (aka com.basketbal.news.caesar) application for Android
 CVE-2014-7549
 	REJECTED
 CVE-2014-7548
 	REJECTED
-CVE-2014-7547
+CVE-2014-7547 (The Texas Poker Unlimited Hold'em (aka com.fpinternet.texaspokerunlimi ...)
 	NOT-FOR-US: Texas Poker Unlimited Hold'em (aka com.fpinternet.texaspokerunlimitedholdem) application for Android
-CVE-2014-7546
+CVE-2014-7546 (The Buddhist Prayer (aka com.buddhist.prayer.mantra.sutra) application ...)
 	NOT-FOR-US: Buddhist Prayer (aka com.buddhist.prayer.mantra.sutra) application for Android
 CVE-2014-7545
 	REJECTED
-CVE-2014-7544
+CVE-2014-7544 (The Secret City - Motion Comic (aka me.narr8.android.serial.the_secret ...)
 	NOT-FOR-US: Secret City - Motion Comic (aka me.narr8.android.serial.the_secret_city) application for Android
-CVE-2014-7543
+CVE-2014-7543 (The Blood (aka com.sheridan.ash) application 2.1 for Android does not  ...)
 	NOT-FOR-US: Blood (aka com.sheridan.ash) application for Android
-CVE-2014-7542
+CVE-2014-7542 (The l'Informatiu (aka com.linformatiu.spm) application 2.0 for Android ...)
 	NOT-FOR-US: l'Informatiu (aka com.linformatiu.spm) application for Android
 CVE-2014-7541
 	REJECTED
 CVE-2014-7540
 	REJECTED
-CVE-2014-7539
+CVE-2014-7539 (The Zhang Zhijun Taiwan Visit 2014-06-25 (aka com.zizizzi) application ...)
 	NOT-FOR-US: Zhang Zhijun Taiwan Visit 2014-06-25 (aka com.zizizzi) application for Android
-CVE-2014-7538
+CVE-2014-7538 (The Headlines news India (aka com.dreamstep.wHEADLINESNEWSINDIA) appli ...)
 	NOT-FOR-US: Headlines news India (aka com.dreamstep.wHEADLINESNEWSINDIA) application for Android
 CVE-2014-7537
 	REJECTED
-CVE-2014-7536
+CVE-2014-7536 (The Service Academy Forums (aka com.tapatalk.serviceacademyforumscom)  ...)
 	NOT-FOR-US: Service Academy Forums (aka com.tapatalk.serviceacademyforumscom) application for Android
-CVE-2014-7535
+CVE-2014-7535 (The Classic Racer (aka com.triactivemedia.classicracer) application @7 ...)
 	NOT-FOR-US: Classic Racer (aka com.triactivemedia.classicracer) application for Android
-CVE-2014-7534
+CVE-2014-7534 (The Funny &amp; Interesting Things (aka com.wFunnyandInterestingThings ...)
 	NOT-FOR-US: Funny & Interesting Things (aka com.wFunnyandInterestingThings) application for Android
-CVE-2014-7533
+CVE-2014-7533 (The NotreDame Seguradora (aka br.com.notredame.mobile.NotreDame) appli ...)
 	NOT-FOR-US: NotreDame Seguradora (aka br.com.notredame.mobile.NotreDame) application for Android
-CVE-2014-7532
+CVE-2014-7532 (The GES Agri Connect (aka com.wAgriConnect) application 0.1 for Androi ...)
 	NOT-FOR-US: GES Agri Connect (aka com.wAgriConnect) application for Android
 CVE-2014-7531
 	REJECTED
-CVE-2014-7530
+CVE-2014-7530 (The PRIX IMPORT (aka com.myapphone.android.myapppriximport) applicatio ...)
 	NOT-FOR-US: PRIX IMPORT (aka com.myapphone.android.myapppriximport) application for Android
-CVE-2014-7529
+CVE-2014-7529 (The Bodyguard for Hire (aka com.dreamstep.wBodyGuardforHire) applicati ...)
 	NOT-FOR-US: Bodyguard for Hire (aka com.dreamstep.wBodyGuardforHire) application for Android
-CVE-2014-7528
+CVE-2014-7528 (The Horsepower (aka com.apptive.android.apps.horsepower) application 2 ...)
 	NOT-FOR-US: Horsepower (aka com.apptive.android.apps.horsepower) application for Android
-CVE-2014-7527
+CVE-2014-7527 (The Savage Nation Mobile Web (aka com.wSavageNation) application 0.57. ...)
 	NOT-FOR-US: Savage Nation Mobile Web (aka com.wSavageNation) application for Android
-CVE-2014-7526
+CVE-2014-7526 (The Immunize Canada (aka ca.ohri.immunizeapp) application 1.0.1 for An ...)
 	NOT-FOR-US: Immunize Canada (aka ca.ohri.immunizeapp) application for Android
-CVE-2014-7525
+CVE-2014-7525 (The Domain Name Search &amp; Web Host (aka com.wDomainNameSearchandReg ...)
 	NOT-FOR-US: Domain Name Search & Web Host (aka com.wDomainNameSearchandRegistration) application for Android
-CVE-2014-7524
+CVE-2014-7524 (The Bed and Breakfast (aka com.wbedandbreakfastapp) application 0.1 fo ...)
 	NOT-FOR-US: Bed and Breakfast (aka com.wbedandbreakfastapp) application for Android
-CVE-2014-7523
+CVE-2014-7523 (The Radio Bethlehem RB2000 (aka com.Abuhadbah.rbl2000v2) application 1 ...)
 	NOT-FOR-US: Radio Bethlehem RB2000 (aka com.Abuhadbah.rbl2000v2) application for Android
-CVE-2014-7522
+CVE-2014-7522 (The Maccabi Pakal (aka com.ideomobile.pakalmaccabi) application 1.2 fo ...)
 	NOT-FOR-US: Maccabi Pakal (aka com.ideomobile.pakalmaccabi) application for Android
-CVE-2014-7521
+CVE-2014-7521 (The Anderson Musaamil (aka com.app_andersonmusaamil.layout) applicatio ...)
 	NOT-FOR-US: Anderson Musaamil (aka com.app_andersonmusaamil.layout) application for Android
-CVE-2014-7520
+CVE-2014-7520 (The Nova 92.1 FM (aka com.wNova921FM) application 1.0 for Android does ...)
 	NOT-FOR-US: Nova 92.1 FM (aka com.wNova921FM) application for Android
-CVE-2014-7519
+CVE-2014-7519 (The Cycling Manager Game Cff (aka com.CyclingManagerGame) application  ...)
 	NOT-FOR-US: Cycling Manager Game Cff (aka com.CyclingManagerGame) application for Android
-CVE-2014-7518
+CVE-2014-7518 (The Bowl Expo 2014 (aka com.coreapps.android.followme.bowlexpo14) appl ...)
 	NOT-FOR-US: Bowl Expo 2014 (aka com.coreapps.android.followme.bowlexpo14) application for Android
-CVE-2014-7517
+CVE-2014-7517 (The Myanmar Movies HD (aka com.wmyanmarmoviesHD) application 0.1 for A ...)
 	NOT-FOR-US: Myanmar Movies HD (aka com.wmyanmarmoviesHD) application for Android
-CVE-2014-7516
+CVE-2014-7516 (The Central East LHIN News (aka com.wCentralEastLHINNews) application  ...)
 	NOT-FOR-US: Central East LHIN News (aka com.wCentralEastLHINNews) application for Android
-CVE-2014-7515
+CVE-2014-7515 (The Bail Bonds (aka com.onesolutionapps.chadlewisbailbondsandroid) app ...)
 	NOT-FOR-US: Bail Bonds (aka com.onesolutionapps.chadlewisbailbondsandroid) application for Android
 CVE-2014-7514
 	REJECTED
-CVE-2014-7513
+CVE-2014-7513 (The Top Hangover Cures (aka com.TopHangoverCures) application 1.2 for  ...)
 	NOT-FOR-US: Top Hangover Cures (aka com.TopHangoverCures) application for Android
 CVE-2014-7512
 	REJECTED
 CVE-2014-7511
 	REJECTED
-CVE-2014-7510
+CVE-2014-7510 (The Graffit It (aka com.presenttechnologies.graffitit) application 1.1 ...)
 	NOT-FOR-US: Graffit It (aka com.presenttechnologies.graffitit) application for Android
-CVE-2014-7509
+CVE-2014-7509 (The A Very Short History of Japan (aka com.ireadercity.c51) applicatio ...)
 	NOT-FOR-US: A Very Short History of Japan (aka com.ireadercity.c51) application for Android
-CVE-2014-7508
+CVE-2014-7508 (The Help For Doc (aka com.childrens.physician.relations) application 1 ...)
 	NOT-FOR-US: Help For Doc (aka com.childrens.physician.relations) application for Android
-CVE-2014-7507
+CVE-2014-7507 (The Hector Leal (aka ad.hector.leal.com) application 13/08/14 for Andr ...)
 	NOT-FOR-US: Hector Leal (aka ad.hector.leal.com) application for Android
-CVE-2014-7506
+CVE-2014-7506 (The Realtime Music Rank (aka com.blogspot.imapp.immusicrank2) applicat ...)
 	NOT-FOR-US: Realtime Music Rank (aka com.blogspot.imapp.immusicrank2) application for Android
-CVE-2014-7505
+CVE-2014-7505 (The AppTalk (aka com.chatatami.apptalk) application 1.4.8 for Android  ...)
 	NOT-FOR-US: AppTalk (aka com.chatatami.apptalk) application for Android
 CVE-2014-7504
 	REJECTED
 CVE-2014-7503
 	REJECTED
-CVE-2014-7502
+CVE-2014-7502 (The Escucha elDiario.es (aka es.lacabradev.escuchaeldiario) applicatio ...)
 	NOT-FOR-US: Escucha elDiario.es (aka es.lacabradev.escuchaeldiario) application for Android
-CVE-2014-7501
+CVE-2014-7501 (The Translation Widget (aka com.wTranslationGadget) application 0.1 fo ...)
 	NOT-FOR-US: Translation Widget (aka com.wTranslationGadget) application for Android
 CVE-2014-7500
 	REJECTED
-CVE-2014-7499
+CVE-2014-7499 (The Sword (aka com.ireadercity.c25) application 3.0.2 for Android does ...)
 	NOT-FOR-US: Sword (aka com.ireadercity.c25) application for Android
-CVE-2014-7498
+CVE-2014-7498 (The Space Cinema (aka it.thespacecinema.android) application 2.0.6 for ...)
 	NOT-FOR-US: Space Cinema (aka it.thespacecinema.android) application for Android
-CVE-2014-7497
+CVE-2014-7497 (The Portfolium (aka com.wPortfolium) application 0.1 for Android does  ...)
 	NOT-FOR-US: Portfolium (aka com.wPortfolium) application for Android
 CVE-2014-7496
 	REJECTED
-CVE-2014-7495
+CVE-2014-7495 (The LogosQuest - Beginnings (aka com.wLogosQuest) application 1.0 for  ...)
 	NOT-FOR-US: LogosQuest - Beginnings (aka com.wLogosQuest) application for Android
-CVE-2014-7494
+CVE-2014-7494 (The Kontan Kiosk (aka com.appsfoundry.scoopwl.id.kontankiosk) applicat ...)
 	NOT-FOR-US: Kontan Kiosk (aka com.appsfoundry.scoopwl.id.kontankiosk) application for Android
-CVE-2014-7493
+CVE-2014-7493 (The 100 Books (aka com.ireadercity.c20) application 3.0.2 for Android  ...)
 	NOT-FOR-US: 100 Books (aka com.ireadercity.c20) application for Android
-CVE-2014-7492
+CVE-2014-7492 (The Secretos de belleza (aka com.rareartifact.secretosdebelleza83A55CB ...)
 	NOT-FOR-US: Secretos de belleza (aka com.rareartifact.secretosdebelleza83A55CB8) application for Android
-CVE-2014-7491
+CVE-2014-7491 (The Short Stories (aka com.ireadercity.c48) application 3.0.2 for Andr ...)
 	NOT-FOR-US: Short Stories (aka com.ireadercity.c48) application for Android
-CVE-2014-7490
+CVE-2014-7490 (The Menaka - Marathi (aka com.magzter.menakamarathi) application 3.0 f ...)
 	NOT-FOR-US: Menaka - Marathi (aka com.magzter.menakamarathi) application for Android
 CVE-2014-7489
 	REJECTED
-CVE-2014-7488
+CVE-2014-7488 (The Vineyard All In (aka com.wVineyardAllIn) application 0.1 for Andro ...)
 	NOT-FOR-US: Vineyard All In (aka com.wVineyardAllIn) application for Android
-CVE-2014-7487
+CVE-2014-7487 (The ADT Aesthetic Dentistry Today (aka com.magazinecloner.aestheticden ...)
 	NOT-FOR-US: ADT Aesthetic Dentistry Today (aka com.magazinecloner.aestheticdentistry) application for Android
-CVE-2014-7486
+CVE-2014-7486 (The Mitsubishi Road Assist (aka com.agero.mitsubishi) application 1.0  ...)
 	NOT-FOR-US: Mitsubishi Road Assist (aka com.agero.mitsubishi) application for Android
-CVE-2014-7485
+CVE-2014-7485 (The Not Lost Just Somewhere Else (aka it.tinytap.attsa.notlost) applic ...)
 	NOT-FOR-US: Not Lost Just Somewhere Else (aka it.tinytap.attsa.notlost) application for Android
-CVE-2014-7484
+CVE-2014-7484 (The Coca-Cola FM Guatemala (aka com.enyetech.radio.coca_cola.fm_gu) ap ...)
 	NOT-FOR-US: Coca-Cola FM Guatemala (aka com.enyetech.radio.coca_cola.fm_gu) application for Android
-CVE-2014-7483
+CVE-2014-7483 (The Desire2Learn FUSION 2014 (aka com.desire2learn.fusion2012) applica ...)
 	NOT-FOR-US: Desire2Learn FUSION 2014 (aka com.desire2learn.fusion2012) application for Android
 CVE-2014-7482
 	REJECTED
-CVE-2014-7481
+CVE-2014-7481 (The ETG Hosting (aka com.etg.web.hosting) application 2.0 for Android  ...)
 	NOT-FOR-US: ETG Hosting (aka com.etg.web.hosting) application for Android
 CVE-2014-7480
 	REJECTED
 CVE-2014-7479
 	REJECTED
-CVE-2014-7478
+CVE-2014-7478 (The nashaplaneta.su (aka com.wNashaPlaneta) application 1.02 for Andro ...)
 	NOT-FOR-US: nashaplaneta.su (aka com.wNashaPlaneta) application for Android
 CVE-2014-7477
 	REJECTED
-CVE-2014-7476
+CVE-2014-7476 (The Healthy Lunch Diet Recipes (aka com.best.lunchdietrecipes) applica ...)
 	NOT-FOR-US: Healthy Lunch Diet Recipes (aka com.best.lunchdietrecipes) application for Android
-CVE-2014-7475
+CVE-2014-7475 (The Ionic View (aka com.ionic.viewapp) application 0.0.2 for Android d ...)
 	NOT-FOR-US: Ionic View (aka com.ionic.viewapp) application for Android
 CVE-2014-7474
 	REJECTED
 CVE-2014-7473
 	REJECTED
-CVE-2014-7472
+CVE-2014-7472 (The CSApp - Colegio San Agustin (aka com.goodbarber.csapp) application ...)
 	NOT-FOR-US: CSApp - Colegio San Agustin (aka com.goodbarber.csapp) application for Android
-CVE-2014-7471
+CVE-2014-7471 (The international-arbitration-attorney.com (aka com.w0f1d79a1010d819ac ...)
 	NOT-FOR-US: international-arbitration-attorney.com (aka com.w0f1d79a1010d819acbee876007d0bebc) application for Android
-CVE-2014-7470
+CVE-2014-7470 (The I Know the Movie (aka com.guilardi.jesaislefilm2) application jesa ...)
 	NOT-FOR-US: I Know the Movie (aka com.guilardi.jesaislefilm2) application for Android
-CVE-2014-7469
+CVE-2014-7469 (The Best Beginning (aka com.bbbeta) application 2.0 for Android does n ...)
 	NOT-FOR-US: Best Beginning (aka com.bbbeta) application for Android
-CVE-2014-7468
+CVE-2014-7468 (The AG Klettern Odenwald (aka de.appack.project.agko) application 1.2  ...)
 	NOT-FOR-US: AG Klettern Odenwald (aka de.appack.project.agko) application for Android
-CVE-2014-7467
+CVE-2014-7467 (The HoneyBee Mag (aka com.magzter.honeybeemag) application 3.0 for And ...)
 	NOT-FOR-US: HoneyBee Mag (aka com.magzter.honeybeemag) application for Android
-CVE-2014-7466
+CVE-2014-7466 (The Live TV Browser (aka com.wHDSmartBrowser) application 2.0 for Andr ...)
 	NOT-FOR-US: Live TV Browser (aka com.wHDSmartBrowser) application for Android
-CVE-2014-7465
+CVE-2014-7465 (The PC Advisor (aka com.triactivemedia.pcadvisor) application @7F08017 ...)
 	NOT-FOR-US: PC Advisor (aka com.triactivemedia.pcadvisor) application for Android
-CVE-2014-7464
+CVE-2014-7464 (The Magic Stamp (aka vn.avagame.apotatem) application 2.8 for Android  ...)
 	NOT-FOR-US: Magic Stamp (aka vn.avagame.apotatem) application for Android
-CVE-2014-7463
+CVE-2014-7463 (The IM5 Fans Planet (aka uk.co.pixelkicks.im5) application 2.3.1 for A ...)
 	NOT-FOR-US: IM5 Fans Planet (aka uk.co.pixelkicks.im5) application for Android
-CVE-2014-7462
+CVE-2014-7462 (The Fashion Story: Neon 90's (aka com.teamlava.fashionstory39) applica ...)
 	NOT-FOR-US: Fashion Story: Neon 90's (aka com.teamlava.fashionstory39) application for Android
-CVE-2014-7461
+CVE-2014-7461 (The A King Sperm by Dr. Seema Rao (aka com.wKingSperm) application 0.6 ...)
 	NOT-FOR-US: A King Sperm by Dr. Seema Rao (aka com.wKingSperm) application for Android
-CVE-2014-7460
+CVE-2014-7460 (The Slots Heaven:FREE Slot Machine (aka com.twelvegigs.heaven.slots) a ...)
 	NOT-FOR-US: Slots Heaven:FREE Slot Machine (aka com.twelvegigs.heaven.slots) application for Android
-CVE-2014-7459
+CVE-2014-7459 (The Press-Leader (aka com.soln.S95309F65AD59F99CFC2C710A517B0B7E) appl ...)
 	NOT-FOR-US: Press-Leader (aka com.soln.S95309F65AD59F99CFC2C710A517B0B7E) application for Android
-CVE-2014-7458
+CVE-2014-7458 (The BloomYou Valentine (aka com.bloomyouteam.bloomyou.valentine) appli ...)
 	NOT-FOR-US: BloomYou Valentine (aka com.bloomyouteam.bloomyou.valentine) application for Android
-CVE-2014-7457
+CVE-2014-7457 (The Electronics For You (aka com.magzter.electronicsforyou) applicatio ...)
 	NOT-FOR-US: Electronics For You (aka com.magzter.electronicsforyou) application for Android
-CVE-2014-7456
+CVE-2014-7456 (The Digit Magazine (aka com.magzter.digitmagazine) application 3.01 fo ...)
 	NOT-FOR-US: Digit Magazine (aka com.magzter.digitmagazine) application for Android
-CVE-2014-7455
+CVE-2014-7455 (The Zoella Unofficial (aka com.automon.ay.zoella) application 1.4.0.5  ...)
 	NOT-FOR-US: Zoella Unofficial (aka com.automon.ay.zoella) application for Android
-CVE-2014-7454
+CVE-2014-7454 (The Detox Juicing Diet Recipes (aka com.wDetoxJuicingDietRecipes) appl ...)
 	NOT-FOR-US: Detox Juicing Diet Recipes (aka com.wDetoxJuicingDietRecipes) application for Android
 CVE-2014-7453
 	REJECTED
-CVE-2014-7452
+CVE-2014-7452 (The Shaklee Product Catalog (aka com.wProductCatalog) application 2.0  ...)
 	NOT-FOR-US: Shaklee Product Catalog (aka com.wProductCatalog) application for Android
 CVE-2014-7451
 	REJECTED
-CVE-2014-7450
+CVE-2014-7450 (The allnurses (aka com.tapatalk.allnursescom) application 3.4.10 for A ...)
 	NOT-FOR-US: allnurses (aka com.tapatalk.allnursescom) application for Android
-CVE-2014-7449
+CVE-2014-7449 (The My NGEMC Account (aka com.ngemc.smartapps) application 1.153.0034  ...)
 	NOT-FOR-US: My NGEMC Account (aka com.ngemc.smartapps) application for Android
-CVE-2014-7448
+CVE-2014-7448 (The DealSide Institutional (aka com.magzter.dealsideinstitutional) app ...)
 	NOT-FOR-US: DealSide Institutional (aka com.magzter.dealsideinstitutional) application for Android
-CVE-2014-7447
+CVE-2014-7447 (The Dattch - The Lesbian App (aka com.dattch.dattch.app) application 0 ...)
 	NOT-FOR-US: Dattch - The Lesbian App (aka com.dattch.dattch.app) application for Android
-CVE-2014-7446
+CVE-2014-7446 (The Bilingual Magic Ball (aka com.wBilingualMagicBall) application 0.1 ...)
 	NOT-FOR-US: Bilingual Magic Ball (aka com.wBilingualMagicBall) application for Android
-CVE-2014-7445
+CVE-2014-7445 (The LEGEND OF TRANCE (aka com.legendoftrance) application 1.0 for Andr ...)
 	NOT-FOR-US: LEGEND OF TRANCE (aka com.legendoftrance) application for Android
-CVE-2014-7444
+CVE-2014-7444 (The Baidu Navigation (aka com.baidu.navi) application 3.5.0 for Androi ...)
 	NOT-FOR-US: Baidu Navigation (aka com.baidu.navi) application for Android
-CVE-2014-7443
+CVE-2014-7443 (The Face Fun Photo Collage Maker 2 (aka com.kauf.facefunphotocollagema ...)
 	NOT-FOR-US: Face Fun Photo Collage Maker 2 (aka com.kauf.facefunphotocollagemaker2) application for Android
 CVE-2014-7442
 	REJECTED
-CVE-2014-7441
+CVE-2014-7441 (The Pakan Ken Tube (aka com.PakanKen) application 0.1 for Android does ...)
 	NOT-FOR-US: Pakan Ken Tube (aka com.PakanKen) application for Android
 CVE-2014-7440
 	REJECTED
-CVE-2014-7439
+CVE-2014-7439 (The bene+ odmeny a slevy (aka cz.gemoney.bene.android) application 1.2 ...)
 	NOT-FOR-US: bene+ odmeny a slevy (aka cz.gemoney.bene.android) application for Android
 CVE-2014-7438
 	REJECTED
 	NOT-FOR-US: pbm2l2030 printer driver
-CVE-2014-7437
+CVE-2014-7437 (The Love Horoscope Guide (aka com.charl.charlylovehoroscopes) applicat ...)
 	NOT-FOR-US: Love Horoscope Guide (aka com.charl.charlylovehoroscopes) application for Android
-CVE-2014-7436
+CVE-2014-7436 (The SOS recette (aka com.sos.recette) application 1.0 for Android does ...)
 	NOT-FOR-US: SOS recette (aka com.sos.recette) application for Android
-CVE-2014-7435
+CVE-2014-7435 (The AJD Bail Bonds (aka com.onesolutionapps.ajdbailbondsandroid) appli ...)
 	NOT-FOR-US: AJD Bail Bonds (aka com.onesolutionapps.ajdbailbondsandroid) application for Android
-CVE-2014-7434
+CVE-2014-7434 (The RTSinfo (aka ch.rts.rtsinfo) application 1.4.8 for Android does no ...)
 	NOT-FOR-US: RTSinfo (aka ch.rts.rtsinfo) application for Android
-CVE-2014-7433
+CVE-2014-7433 (The Student ID (aka com.computas.studentbevis) application 1.2 for And ...)
 	NOT-FOR-US: Student ID (aka com.computas.studentbevis) application for Android
-CVE-2014-7432
+CVE-2014-7432 (The CalculatorApp (aka com.intuit.alm.testandroidapp) application 4.0  ...)
 	NOT-FOR-US: CalculatorApp (aka com.intuit.alm.testandroidapp) application for Android
-CVE-2014-7431
+CVE-2014-7431 (The Breeze Jersey (aka com.sc.breezeje.banking) application 1.0 for An ...)
 	NOT-FOR-US: Breeze Jersey (aka com.sc.breezeje.banking) application for Android
-CVE-2014-7430
+CVE-2014-7430 (The Flood-It (aka com.appspot.eoltek.flood) application 4.2 for Androi ...)
 	NOT-FOR-US: Flood-It (aka com.appspot.eoltek.flood) application for Android
 CVE-2014-7429
 	REJECTED
-CVE-2014-7428
+CVE-2014-7428 (The 7725.com Three Kingdoms (aka com.platform7725.youai.jiejian) appli ...)
 	NOT-FOR-US: 7725.com Three Kingdoms (aka com.platform7725.youai.jiejian) application for Android
-CVE-2014-7427
+CVE-2014-7427 (The Hunting Trophy Whitetails (aka com.wHuntingTrophyWhitetails) appli ...)
 	NOT-FOR-US: Hunting Trophy Whitetails (aka com.wHuntingTrophyWhitetails) application for Android
 CVE-2014-7426
 	REJECTED
-CVE-2014-7425
+CVE-2014-7425 (The Doodle Devil Free (aka com.joybits.doodledevil_free) application 2 ...)
 	NOT-FOR-US: Doodle Devil Free (aka com.joybits.doodledevil_free) application for Android
-CVE-2014-7424
+CVE-2014-7424 (The Quran Abu Bakr AshShatiri Free (aka com.wQuranAbuBakrFREE) applica ...)
 	NOT-FOR-US: Quran Abu Bakr AshShatiri Free (aka com.wQuranAbuBakrFREE) application for Android
-CVE-2014-7423
+CVE-2014-7423 (The Youth Incorporated (aka com.magzter.youthincorporated) application ...)
 	NOT-FOR-US: Youth Incorporated (aka com.magzter.youthincorporated) application for Android
-CVE-2014-7422
+CVE-2014-7422 (The HEA Mobile (aka com.homerelectric.smartapps) application 1.153.003 ...)
 	NOT-FOR-US: HEA Mobile (aka com.homerelectric.smartapps) application for Android
-CVE-2014-7421
+CVE-2014-7421 (The Revel in the Rideau Lakes (aka com.mytoursapp.android.app326) appl ...)
 	NOT-FOR-US: Revel in the Rideau Lakes (aka com.mytoursapp.android.app326) application for Android
-CVE-2014-7420
+CVE-2014-7420 (The Just Bureaucracy (aka com.magzter.justbureaucracy) application 3.0 ...)
 	NOT-FOR-US: Just Bureaucracy (aka com.magzter.justbureaucracy) application for Android
-CVE-2014-7419
+CVE-2014-7419 (The PokeCreator Lite (aka com.pokecreator.builderlite) application 1.1 ...)
 	NOT-FOR-US: PokeCreator Lite (aka com.pokecreator.builderlite) application for Android
-CVE-2014-7418
+CVE-2014-7418 (The BBC Knowledge Magazine (aka com.magzter.bbcknowledge) application  ...)
 	NOT-FOR-US: BBC Knowledge Magazine (aka com.magzter.bbcknowledge) application for Android
-CVE-2014-7417
+CVE-2014-7417 (The Real Academia de Bellas Artes (aka com.adianteventures.adianteapps ...)
 	NOT-FOR-US: Real Academia de Bellas Artes (aka com.adianteventures.adianteapps.real_academia_de_bellas_artes) application for Android
-CVE-2014-7416
+CVE-2014-7416 (The Craft Stamper Magazine (aka com.triactivemedia.craftstamper) appli ...)
 	NOT-FOR-US: Craft Stamper Magazine (aka com.triactivemedia.craftstamper) application for Android
-CVE-2014-7415
+CVE-2014-7415 (The Asylum! (aka com.nobexinc.wls_96362255.rc) application 3.3.10 for  ...)
 	NOT-FOR-US: Asylum! (aka com.nobexinc.wls_96362255.rc) application for Android
-CVE-2014-7414
+CVE-2014-7414 (The CLEO Malaysia (aka com.magzter.cleomalaysia) application 3.01 for  ...)
 	NOT-FOR-US: CLEO Malaysia (aka com.magzter.cleomalaysia) application for Android
-CVE-2014-7413
+CVE-2014-7413 (The Rajendra Suriji (aka com.rajendrasuriji.nakodabhairav.com) applica ...)
 	NOT-FOR-US: Rajendra Suriji (aka com.rajendrasuriji.nakodabhairav.com) application for Android
 CVE-2014-7412
 	REJECTED
 CVE-2014-7411
 	REJECTED
-CVE-2014-7410
+CVE-2014-7410 (The Aptallik Testi (aka com.wAptallikTesti) application 4.0 for Androi ...)
 	NOT-FOR-US: Aptallik Testi (aka com.wAptallikTesti) application for Android
-CVE-2014-7409
+CVE-2014-7409 (The Liburan Hemat (aka com.liburan.bro) application 1.0 for Android do ...)
 	NOT-FOR-US: Liburan Hemat (aka com.liburan.bro) application for Android
-CVE-2014-7408
+CVE-2014-7408 (The Gary Johnson for President '12 (aka com.GaryJohnson2012) applicati ...)
 	NOT-FOR-US: Gary Johnson for President '12 (aka com.GaryJohnson2012) application for Android
-CVE-2014-7407
+CVE-2014-7407 (The Game Day Tix (aka com.xcr.android.mygamedaytickets) application 2. ...)
 	NOT-FOR-US: Game Day Tix (aka com.xcr.android.mygamedaytickets) application for Android
-CVE-2014-7406
+CVE-2014-7406 (The Deakin University (aka com.desire2learn.campuslife.deakin.edu.au.d ...)
 	NOT-FOR-US: Deakin University (aka com.desire2learn.campuslife.deakin.edu.au.directory) application for Android
-CVE-2014-7405
+CVE-2014-7405 (The Belaire Family Orthodontics (aka com.app_bf.layout) application 1. ...)
 	NOT-FOR-US: Belaire Family Orthodontics (aka com.app_bf.layout) application for Android
 CVE-2014-7404
 	REJECTED
-CVE-2014-7403
+CVE-2014-7403 (The NZHondas.com (aka com.tapatalk.nzhondascom) application 3.6.14 for ...)
 	NOT-FOR-US: NZHondas.com (aka com.tapatalk.nzhondascom) application for Android
 CVE-2014-7400
 	REJECTED
-CVE-2014-7399
+CVE-2014-7399 (The Suzanne Glathar (aka com.app_sglathar.layout) application 1.399 fo ...)
 	NOT-FOR-US: Suzanne Glathar (aka com.app_sglathar.layout) application for Android
-CVE-2014-7398
+CVE-2014-7398 (The Dil Bilgisi Kurallari (aka com.buronya.dilbilgisi) application 1.0 ...)
 	NOT-FOR-US: Dil Bilgisi Kurallari (aka com.buronya.dilbilgisi) application for Android
-CVE-2014-7397
+CVE-2014-7397 (The ileri Gazetesi - Yozgat (aka com.byfes.ilerigazetesi) application  ...)
 	NOT-FOR-US: ileri Gazetesi - Yozgat (aka com.byfes.ilerigazetesi) application for Android
-CVE-2014-7396
+CVE-2014-7396 (The PocketKnife Bravo Super (aka com.wPocketKnifeBravo) application 0. ...)
 	NOT-FOR-US: PocketKnife Bravo Super (aka com.wPocketKnifeBravo) application for Android
-CVE-2014-7395
+CVE-2014-7395 (The USF BCM (aka com.appmakr.app193115) application 252847 for Android ...)
 	NOT-FOR-US: USF BCM (aka com.appmakr.app193115) application for Android
-CVE-2014-7394
+CVE-2014-7394 (The www.alaaliwat.com (aka com.alaliwat.marsa) application 4.9 for And ...)
 	NOT-FOR-US: www.alaaliwat.com (aka com.alaliwat.marsa) application for Android
-CVE-2014-7393
+CVE-2014-7393 (The 100 Beauty Tips (aka com.ww100BeautyTipsApp) application 1.1 for A ...)
 	NOT-FOR-US: 100 Beauty Tips (aka com.ww100BeautyTipsApp) application for Android
-CVE-2014-7392
+CVE-2014-7392 (The Russian Federation Traffic Rules (aka com.russia.pdd) application  ...)
 	NOT-FOR-US: Russian Federation Traffic Rules (aka com.russia.pdd) application for Android
-CVE-2014-7391
+CVE-2014-7391 (The Synx addictive puzzle game (aka us.synx.mobile.play) application 1 ...)
 	NOT-FOR-US: Synx addictive puzzle game (aka us.synx.mobile.play) application for Android
-CVE-2014-7390
+CVE-2014-7390 (The Enchanted Fashion Crush (aka com.tabtale.springcrushbundleint) app ...)
 	NOT-FOR-US: Enchanted Fashion Crush (aka com.tabtale.springcrushbundleint) application for Android
-CVE-2014-7389
+CVE-2014-7389 (The Amnesia Groove (aka com.nobexinc.wls_88552576.rc) application 3.2. ...)
 	NOT-FOR-US: Amnesia Groove (aka com.nobexinc.wls_88552576.rc) application for Android
-CVE-2014-7388
+CVE-2014-7388 (The Sunday Indian Oriya (aka com.magzter.thesundayindianoriya) applica ...)
 	NOT-FOR-US: Sunday Indian Oriya (aka com.magzter.thesundayindianoriya) application for Android
-CVE-2014-7387
+CVE-2014-7387 (The ACC Advocacy Action (aka com.acc.app.android.ui) application 2.0 f ...)
 	NOT-FOR-US: ACC Advocacy Action (aka com.acc.app.android.ui) application for Android
 CVE-2014-7386
 	REJECTED
-CVE-2014-7385
+CVE-2014-7385 (The Aperture Mobile Media (aka com.app_aperturemobilemedia.layout) app ...)
 	NOT-FOR-US: Aperture Mobile Media (aka com.app_aperturemobilemedia.layout) application for Android
-CVE-2014-7384
+CVE-2014-7384 (The Joe's Lawn Service (aka com.appexpress.joeslawnservice) applicatio ...)
 	NOT-FOR-US: Joe's Lawn Service (aka com.appexpress.joeslawnservice) application for Android
 CVE-2014-7383
 	REJECTED
-CVE-2014-7382
+CVE-2014-7382 (The Alternative Connection (aka com.wAlternativeConnection) applicatio ...)
 	NOT-FOR-US: Alternative Connection (aka com.wAlternativeConnection) application for Android
 CVE-2014-7381
 	REJECTED
-CVE-2014-7380
+CVE-2014-7380 (The Cedar Kiosk (aka com.apps2you.cedarkiosk) application 1.1 for Andr ...)
 	NOT-FOR-US: Cedar Kiosk (aka com.apps2you.cedarkiosk) application for Android
-CVE-2014-7379
+CVE-2014-7379 (The Kiddie Kinderschoenen (aka nl.eigenwinkelapp.kiddiekinderschoenen) ...)
 	NOT-FOR-US: Kiddie Kinderschoenen (aka nl.eigenwinkelapp.kiddiekinderschoenen) application for Android
-CVE-2014-7378
+CVE-2014-7378 (The Jobranco (aka com.jobranco) application 1.1 for Android does not v ...)
 	NOT-FOR-US: Jobranco (aka com.jobranco) application for Android
 CVE-2014-7377
 	REJECTED
-CVE-2014-7376
+CVE-2014-7376 (The Facebook Profits on Steroids (aka com.wFacebookProfitsonSteroids)  ...)
 	NOT-FOR-US: Facebook Profits on Steroids (aka com.wFacebookProfitsonSteroids) application for Android
-CVE-2014-7375
+CVE-2014-7375 (The Childcare (aka com.app_macchildcare.layout) application 1.399 for  ...)
 	NOT-FOR-US: Childcare (aka com.app_macchildcare.layout) application for Android
-CVE-2014-7374
+CVE-2014-7374 (The SPIN - Motion Comic (aka me.narr8.android.serial.spin) application ...)
 	NOT-FOR-US: SPIN - Motion Comic (aka me.narr8.android.serial.spin) application for Android
-CVE-2014-7373
+CVE-2014-7373 (The Inspire Weddings (aka com.magzter.inspireweddings) application 3.0 ...)
 	NOT-FOR-US: Inspire Weddings (aka com.magzter.inspireweddings) application for Android
-CVE-2014-7372
+CVE-2014-7372 (The Mr.Sausage (aka com.app_mrsausage.layout) application 1.301 for An ...)
 	NOT-FOR-US: Mr.Sausage (aka com.app_mrsausage.layout) application for Android
-CVE-2014-7371
+CVE-2014-7371 (The Magic Balloonman Marty Boone (aka com.app_martyboone.layout) appli ...)
 	NOT-FOR-US: Magic Balloonman Marty Boone (aka com.app_martyboone.layout) application for Android
-CVE-2014-7370
+CVE-2014-7370 (The Job MoBleeps (aka com.wJobMoBleeps) application 0.1 for Android do ...)
 	NOT-FOR-US: Job MoBleeps (aka com.wJobMoBleeps) application for Android
-CVE-2014-7369
+CVE-2014-7369 (The Il Brillo Parlante (aka com.wIlBrilloParlante) application 0.1 for ...)
 	NOT-FOR-US: Il Brillo Parlante (aka com.wIlBrilloParlante) application for Android
-CVE-2014-7368
+CVE-2014-7368 (The Compassion Satisfaction (aka com.wCompassionSatisfactionWorkshopPr ...)
 	NOT-FOR-US: Compassion Satisfaction (aka com.wCompassionSatisfactionWorkshopPresentation) application for Android
-CVE-2014-7367
+CVE-2014-7367 (The TuS 1947 Radis (aka com.tus1947radis) application 1.0 for Android  ...)
 	NOT-FOR-US: TuS 1947 Radis (aka com.tus1947radis) application for Android
-CVE-2014-7366
+CVE-2014-7366 (The Identity (aka com.magzter.identity) application 3.01 for Android d ...)
 	NOT-FOR-US: Identity (aka com.magzter.identity) application for Android
 CVE-2014-7365
 	REJECTED
-CVE-2014-7364
+CVE-2014-7364 (The Promotional Items (aka com.wPromotionalItems) application 0.1 for  ...)
 	NOT-FOR-US: Promotional Items (aka com.wPromotionalItems) application for Android
 CVE-2014-7363
 	REJECTED
-CVE-2014-7362
+CVE-2014-7362 (The Naranjas Con Tocados (aka com.NaranjasConTocados.com) application  ...)
 	NOT-FOR-US: Naranjas Con Tocados (aka com.NaranjasConTocados.com) application for Android
-CVE-2014-7361
+CVE-2014-7361 (The Harry's Pub (aka com.emunching.harryspub) application 1.0.0 for An ...)
 	NOT-FOR-US: Harry's Pub (aka com.emunching.harryspub) application for Android
-CVE-2014-7360
+CVE-2014-7360 (The How To Boil Eggs (aka com.appmakr.app842173) application 251333 fo ...)
 	NOT-FOR-US: How To Boil Eggs (aka com.appmakr.app842173) application for Android
-CVE-2014-7359
+CVE-2014-7359 (The MAPA DA MINA (aka com.wMAPADAMINA) application 0.1 for Android doe ...)
 	NOT-FOR-US: MAPA DA MINA (aka com.wMAPADAMINA) application for Android
-CVE-2014-7358
+CVE-2014-7358 (The Vermont Powder (aka com.concursive.vermontpowder) application 4.1  ...)
 	NOT-FOR-US: Vermont Powder (aka com.concursive.vermontpowder) application for Android
-CVE-2014-7357
+CVE-2014-7357 (The Grandparenting is Great (aka com.app_gig.layout) application 1.400 ...)
 	NOT-FOR-US: Grandparenting is Great (aka com.app_gig.layout) application for Android
 CVE-2014-7356
 	REJECTED
 CVE-2014-7355
 	REJECTED
-CVE-2014-7354
+CVE-2014-7354 (The Penumbra eMag (aka com.magzter.penumbraemag) application 3.0 for A ...)
 	NOT-FOR-US: Penumbra eMag (aka com.magzter.penumbraemag) application for Android
-CVE-2014-7353
+CVE-2014-7353 (The JAZAN 24 (aka com.jazan24.Mcreda) application 1.0 for Android does ...)
 	NOT-FOR-US: JAZAN 24 (aka com.jazan24.Mcreda) application for Android
-CVE-2014-7352
+CVE-2014-7352 (The India's Anthem (aka appinventor.ai_opalfoxy83.India_Anthem) applic ...)
 	NOT-FOR-US: India's Anthem (aka appinventor.ai_opalfoxy83.India_Anthem) application for Android
-CVE-2014-7351
+CVE-2014-7351 (The GLOBAL MOVIE MAGAZINE (aka com.magzter.globalmoviemagazine) applic ...)
 	NOT-FOR-US: GLOBAL MOVIE MAGAZINE (aka com.magzter.globalmoviemagazine) application for Android
 CVE-2014-7350
 	REJECTED
 CVE-2014-7349
 	REJECTED
-CVE-2014-7348
+CVE-2014-7348 (The HOT CARS (aka com.magzter.hotcars) application 3.0 for Android doe ...)
 	NOT-FOR-US: HOT CARS (aka com.magzter.hotcars) application for Android
 CVE-2014-7347
 	REJECTED
-CVE-2014-7346
+CVE-2014-7346 (The Bespoke (aka com.magzter.bespoke) application 3.0 for Android does ...)
 	NOT-FOR-US: Bespoke (aka com.magzter.bespoke) application for Android
-CVE-2014-7345
+CVE-2014-7345 (The DIYChatroom (aka com.tapatalk.diychatroomcom) application 3.4.0 fo ...)
 	NOT-FOR-US: DIYChatroom (aka com.tapatalk.diychatroomcom) application for Android
-CVE-2014-7344
+CVE-2014-7344 (The Classic Arms &amp; Militaria (aka com.magazinecloner.classicarmsan ...)
 	NOT-FOR-US: Classic Arms & Militaria (aka com.magazinecloner.classicarmsandm) application for Android
 CVE-2014-7343
 	REJECTED
-CVE-2014-7342
+CVE-2014-7342 (The Echo News (aka com.solo.report) 1.10 application (beta) for Androi ...)
 	NOT-FOR-US: Echo News (aka com.solo.report) 1.10 application for Android
-CVE-2014-7341
+CVE-2014-7341 (The SAsync (aka com.sasync.sasyncmap) application 1.2.0 for Android do ...)
 	NOT-FOR-US: SAsync (aka com.sasync.sasyncmap) application for Android
-CVE-2014-7340
+CVE-2014-7340 (The Old Bike Mart (aka com.magazinecloner.oldbike) application @7F0801 ...)
 	NOT-FOR-US: Old Bike Mart (aka com.magazinecloner.oldbike) application for Android
-CVE-2014-7339
+CVE-2014-7339 (The Cuanto Conoces A un Amigo (aka com.makeitpossible.CuantoConocesAun ...)
 	NOT-FOR-US: Cuanto Conoces A un Amigo (aka com.makeitpossible.CuantoConocesAunAmigo) application for Android
-CVE-2014-7338
+CVE-2014-7338 (The faailkhair (aka com.faailkhair.app) application 1.0 for Android do ...)
 	NOT-FOR-US: faailkhair (aka com.faailkhair.app) application for Android
-CVE-2014-7337
+CVE-2014-7337 (The Acorn Estate Agents (aka com.acorn.ea) application 3.1 for Android ...)
 	NOT-FOR-US: Acorn Estate Agents (aka com.acorn.ea) application for Android
-CVE-2014-7336
+CVE-2014-7336 (The Taking Your Company Public (aka biz.app4mobile.app_016e43d03ee54d1 ...)
 	NOT-FOR-US: Taking Your Company Public (aka biz.app4mobile.app_016e43d03ee54d1facd6c9532a00e724.app) application for Android
-CVE-2014-7335
+CVE-2014-7335 (The Liver Health - Hepatitis C (aka gov.nyc.dohmh.HepC) application 2. ...)
 	NOT-FOR-US: Liver Health - Hepatitis C (aka gov.nyc.dohmh.HepC) application for Android
-CVE-2014-7334
+CVE-2014-7334 (The Where Dallas (aka com.magzter.wheredallas) application 3.0.2 for A ...)
 	NOT-FOR-US: Where Dallas (aka com.magzter.wheredallas) application for Android
-CVE-2014-7333
+CVE-2014-7333 (The Aloha Guide (aka com.aloha.guide.japnese) application 1.3 for Andr ...)
 	NOT-FOR-US: Aloha Guide (aka com.aloha.guide.japnese) application for Android
 CVE-2014-7332
 	REJECTED
-CVE-2014-7331
+CVE-2014-7331 (The TodaysSeniorsNetwork (aka com.wTodaysSeniorsNetwork) application 0 ...)
 	NOT-FOR-US: TodaysSeniorsNetwork (aka com.wTodaysSeniorsNetwork) application for Android
-CVE-2014-7330
+CVE-2014-7330 (The XtendCU Mobile (aka com.metova.cuae.xtend) application 1.0.28 for  ...)
 	NOT-FOR-US: XtendCU Mobile (aka com.metova.cuae.xtend) application for Android
-CVE-2014-7329
+CVE-2014-7329 (The Motoring Classics (aka com.aptusi.android.motoring) application 1. ...)
 	NOT-FOR-US: Motoring Classics (aka com.aptusi.android.motoring) application for Android
-CVE-2014-7328
+CVE-2014-7328 (The brain abundance info (aka com.wbrainabundance) application 0.1 for ...)
 	NOT-FOR-US: brain abundance info (aka com.wbrainabundance) application for Android
-CVE-2014-7327
+CVE-2014-7327 (The Macau Business (aka com.magzter.macaubusiness) application 3.0 for ...)
 	NOT-FOR-US: Macau Business (aka com.magzter.macaubusiness) application for Android
-CVE-2014-7326
+CVE-2014-7326 (The ETA Mobile (aka com.en2grate.etamobile) application 1.6.6 for Andr ...)
 	NOT-FOR-US: ETA Mobile (aka com.en2grate.etamobile) application for Android
-CVE-2014-7325
+CVE-2014-7325 (The Business Intelligence (aka com.magzter.businessintelligence) appli ...)
 	NOT-FOR-US: Business Intelligence (aka com.magzter.businessintelligence) application for Android
 CVE-2014-7324
 	REJECTED
-CVE-2014-7323
+CVE-2014-7323 (The Dignity Dialogue (aka com.magzter.dignitydialogue) application 3.0 ...)
 	NOT-FOR-US: Dignity Dialogue (aka com.magzter.dignitydialogue) application for Android
 CVE-2014-7322
 	REJECTED
-CVE-2014-7321
+CVE-2014-7321 (The Firenze map (aka com.wFirenzemap) application 0.1 for Android does ...)
 	NOT-FOR-US: Firenze map (aka com.wFirenzemap) application for Android
-CVE-2014-7320
+CVE-2014-7320 (The SHIRAKABA (aka com.SHIRAKABA) application 1.0 for Android does not ...)
 	NOT-FOR-US: SHIRAKABA (aka com.SHIRAKABA) application for Android
 CVE-2014-7319
 	REJECTED
 CVE-2014-7318
 	REJECTED
-CVE-2014-7317
+CVE-2014-7317 (The Aloha Bail Bonds (aka com.onesolutionapps.alohabailbondsandroid) a ...)
 	NOT-FOR-US: Aloha Bail Bonds (aka com.onesolutionapps.alohabailbondsandroid) application for Android
-CVE-2014-7316
+CVE-2014-7316 (The Safe Arrival (aka com.synrevoice.safearrival) application 1.2 for  ...)
 	NOT-FOR-US: Safe Arrival (aka com.synrevoice.safearrival) application for Android
-CVE-2014-7315
+CVE-2014-7315 (The Where Atlanta (aka com.magzter.whereatlanta) application 3.0.2 for ...)
 	NOT-FOR-US: Where Atlanta (aka com.magzter.whereatlanta) application for Android
-CVE-2014-7314
+CVE-2014-7314 (The Intelligent SME (aka com.magzter.intelligentsme) application 3.0 f ...)
 	NOT-FOR-US: Intelligent SME (aka com.magzter.intelligentsme) application for Android
-CVE-2014-7313
+CVE-2014-7313 (The One You Fitness (aka com.app_oneyou.layout) application 1.399 for  ...)
 	NOT-FOR-US: One You Fitness (aka com.app_oneyou.layout) application for Android
 CVE-2014-7312
 	REJECTED
 CVE-2014-7311
 	REJECTED
-CVE-2014-7310
+CVE-2014-7310 (The Ali Visual (aka com.ali.visual) application 1.0 for Android does n ...)
 	NOT-FOR-US: Ali Visual (aka com.ali.visual) application for Android
-CVE-2014-7309
+CVE-2014-7309 (The Where2Stop-Cardlocks-Free (aka appinventor.ai_kidatheart99.Where2S ...)
 	NOT-FOR-US: Where2Stop-Cardlocks-Free (aka appinventor.ai_kidatheart99.Where2Stop_Cardlocks) application for Android
 CVE-2014-7308
 	REJECTED
-CVE-2014-7307
+CVE-2014-7307 (The ForoSocuellamos (aka com.forosocuellamos.tlcttbeukajwpeqreg) appli ...)
 	NOT-FOR-US: ForoSocuellamos (aka com.forosocuellamos.tlcttbeukajwpeqreg) application for Android
 CVE-2014-7306
 	RESERVED
@@ -7665,179 +7665,179 @@ CVE-2014-7302
 	RESERVED
 CVE-2014-7301
 	RESERVED
-CVE-2014-7299
+CVE-2014-7299 (Unspecified vulnerability in administrative interfaces in ArubaOS 6.3. ...)
 	NOT-FOR-US: Aruba ArubaOS
-CVE-2014-7298
+CVE-2014-7298 (adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify  ...)
 	NOT-FOR-US: Centrify
-CVE-2014-7297
+CVE-2014-7297 (Unspecified vulnerability in the folder framework in the Enfold theme  ...)
 	NOT-FOR-US: folder framework in the Enfold theme for WordPress
-CVE-2014-7296
+CVE-2014-7296 (The default configuration in the accessibility engine in SpagoBI 5.0.0 ...)
 	NOT-FOR-US: Spago
-CVE-2014-7294
+CVE-2014-7294 (Open redirect vulnerability in the logon page in NYU OpenSSO Integrati ...)
 	NOT-FOR-US: Ex Libris Patron Directory Services
-CVE-2014-7293
+CVE-2014-7293 (Cross-site scripting (XSS) vulnerability in the logon page in NYU Open ...)
 	NOT-FOR-US: NYU OpenSSO Integration for Ex Libris Patron Directory Services
-CVE-2014-7292
+CVE-2014-7292 (Open redirect vulnerability in the Click-Through feature in Newtellige ...)
 	NOT-FOR-US: Newtelligence dasBlog
-CVE-2014-7291
+CVE-2014-7291 (Multiple cross-site scripting (XSS) vulnerabilities in api_events.php  ...)
 	NOT-FOR-US: Springshare LibCal
-CVE-2014-7290
+CVE-2014-7290 (Multiple cross-site scripting (XSS) vulnerabilities in Atlas Systems A ...)
 	NOT-FOR-US: Atlas Systems Aeon
-CVE-2014-7289
+CVE-2014-7289 (SQL injection vulnerability in the management server in Symantec Criti ...)
 	NOT-FOR-US: Symantec Data Center Security
-CVE-2014-7288
+CVE-2014-7288 (Symantec PGP Universal Server and Encryption Management Server before  ...)
 	NOT-FOR-US: Symantec Encryption Management Server
-CVE-2014-7287
+CVE-2014-7287 (The key-management component in Symantec PGP Universal Server and Encr ...)
 	NOT-FOR-US: Symantec
-CVE-2014-7286
+CVE-2014-7286 (Buffer overflow in AClient in Symantec Deployment Solution 6.9 and ear ...)
 	NOT-FOR-US: Symantec Deployment Solution
-CVE-2014-7285
+CVE-2014-7285 (The management console on the Symantec Web Gateway (SWG) appliance bef ...)
 	NOT-FOR-US: Symantec Web Gateway
 CVE-2014-7282
 	RESERVED
-CVE-2014-7281
+CVE-2014-7281 (Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda Tech ...)
 	NOT-FOR-US: Tenda A32 Router
-CVE-2014-7280
+CVE-2014-7280 (Cross-site scripting (XSS) vulnerability in the Web UI before 2.3.4 Bu ...)
 	NOT-FOR-US: Nessus Web UI
-CVE-2014-7279
+CVE-2014-7279 (The Konke Smart Plug K does not require authentication for TELNET sess ...)
 	NOT-FOR-US: Konke Smart Plug K
-CVE-2014-7284
+CVE-2014-7284 (The net_get_random_once implementation in net/core/utils.c in the Linu ...)
 	- linux 3.16.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.13)
 	- linux-2.6 <not-affected> (Vulnerable code introduced in 3.13)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3d4405226d27b3a215e4d03cfa51f536244e5de7 (v3.15-rc7)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a48e42920ff38bc90bbf75143fff4555723d4540
 	NOTE: http://secondlookforensics.com/ngro-linux-kernel-bug/
-CVE-2014-7283
+CVE-2014-7283 (The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs i ...)
 	- linux 3.16.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.10 upstream)
 	- linux-2.6 <not-affected> (Vulnerable code introduced in 3.10 upstream)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c88547a8119e3b581318ab65e9b72f27f23e641d (v3.15-rc1)
 	NOTE: http://marc.info/?l=linux-xfs&m=139590613002926&w=2
 	NOTE: Reproducer: http://oss.sgi.com/cgi-bin/gitweb.cgi?p=xfs/cmds/xfstests.git;a=commitdiff;h=947ee8bd4b59770534297572b14c695e9c6e001e
-CVE-2014-7295
+CVE-2014-7295 (The (1) Special:Preferences and (2) Special:UserLogin pages in MediaWi ...)
 	{DSA-3046-1}
 	- mediawiki 1:1.19.20+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=70672
-CVE-2014-7278
+CVE-2014-7278 (The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1. ...)
 	NOT-FOR-US: ZyXEL
-CVE-2014-7277
+CVE-2014-7277 (Cross-site scripting (XSS) vulnerability in the login page on the ZyXE ...)
 	NOT-FOR-US: ZyXEL
 CVE-2014-7276
 	RESERVED
-CVE-2014-7275
+CVE-2014-7275 (The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does  ...)
 	{DSA-3091-1 DLA-106-1}
 	- getmail4 4.46.0-1 (bug #766670)
-CVE-2014-7274
+CVE-2014-7274 (The IMAP-over-SSL implementation in getmail 4.44.0 does not verify tha ...)
 	{DSA-3091-1 DLA-106-1}
 	- getmail4 4.46.0-1 (bug #766670)
-CVE-2014-7273
+CVE-2014-7273 (The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does  ...)
 	{DSA-3091-1 DLA-106-1}
 	- getmail4 4.44.0-1 (bug #766670)
-CVE-2014-7272
+CVE-2014-7272 (Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users ...)
 	[experimental] - sddm 0.11.0-1
 	- sddm 0.11.0-2
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=897788
-CVE-2014-7271
+CVE-2014-7271 (Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users ...)
 	[experimental] - sddm 0.11.0-1
 	- sddm 0.11.0-2
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=897788
-CVE-2014-7270
+CVE-2014-7270 (Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U ...)
 	NOT-FOR-US: ASUS routers
-CVE-2014-7269
+CVE-2014-7269 (ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier ...)
 	NOT-FOR-US: ASUS routers
-CVE-2014-7268
+CVE-2014-7268 (Cross-site scripting (XSS) vulnerability in the data-export feature in ...)
 	NOT-FOR-US: Ricksoft WBS Gantt-Chart add-on for JIRA
-CVE-2014-7267
+CVE-2014-7267 (Cross-site scripting (XSS) vulnerability in the output-page generator  ...)
 	NOT-FOR-US: Ricksoft WBS Gantt-Chart add-on for JIRA
-CVE-2014-7266
+CVE-2014-7266 (Algorithmic complexity vulnerability in Cybozu Remote Service Manager  ...)
 	NOT-FOR-US: Cybozu Remote Service Manager
-CVE-2014-7265
+CVE-2014-7265 (Cross-site scripting (XSS) vulnerability in LinPHA allows remote attac ...)
 	NOT-FOR-US: LinPHA
-CVE-2014-7264
+CVE-2014-7264 (Multiple cross-site scripting (XSS) vulnerabilities in admin/themes/de ...)
 	- chyrp <itp> (bug #664739)
-CVE-2014-7263
+CVE-2014-7263 (Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows ...)
 	NOT-FOR-US: ULTRAPOP.JP i-HTTPD
-CVE-2014-7262
+CVE-2014-7262 (Cross-site scripting (XSS) vulnerability in the Omake BBS component in ...)
 	NOT-FOR-US: ULTRAPOP.JP i-HTTPD
-CVE-2014-7261
+CVE-2014-7261 (Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows ...)
 	NOT-FOR-US: ULTRAPOP.JP i-HTTPD
-CVE-2014-7260
+CVE-2014-7260 (The Server Side Includes (SSI) implementation in the File Upload BBS c ...)
 	NOT-FOR-US: ULTRAPOP.JP i-HTTPD
-CVE-2014-7259
+CVE-2014-7259 (SQUARE ENIX Co., Ltd. Kaku-San-Sei Million Arthur before 2.25 for Andr ...)
 	NOT-FOR-US: SQUARE ENIX
-CVE-2014-7258
+CVE-2014-7258 (Cross-site scripting (XSS) vulnerability in KENT-WEB Clip Board 2.91 a ...)
 	NOT-FOR-US: KENT-WEB CLip Board
 CVE-2014-7257
 	RESERVED
-CVE-2014-7256
+CVE-2014-7256 (The (1) PPP Access Concentrator (PPPAC) and (2) Dial-Up Networking Int ...)
 	NOT-FOR-US: SEIL Routers
-CVE-2014-7255
+CVE-2014-7255 (Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 2.50 throug ...)
 	NOT-FOR-US: SEIL Routers
-CVE-2014-7254
+CVE-2014-7254 (Unspecified vulnerability in ARROWS Me F-11D allows physically proxima ...)
 	NOT-FOR-US: Arrows Me
-CVE-2014-7253
+CVE-2014-7253 (FUJITSU F-12C, ARROWS Tab LTE F-01D, ARROWS Kiss F-03D, and REGZA Phon ...)
 	NOT-FOR-US: ARROWS
-CVE-2014-7252
+CVE-2014-7252 (Multiple unspecified vulnerabilities in the Syslink driver for Texas I ...)
 	NOT-FOR-US: ARROWS
-CVE-2014-7251
+CVE-2014-7251 (XML external entity (XXE) vulnerability in the WebHMI server in Yokoga ...)
 	NOT-FOR-US: Yokogawa
-CVE-2014-7250
+CVE-2014-7250 (The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly ...)
 	- kfreebsd-8 <undetermined>
 	[wheezy] - kfreebsd-8 <end-of-life> (Not supported in wheezy LTS)
 	- kfreebsd-9 <undetermined>
 	[wheezy] - kfreebsd-9 <end-of-life> (Not supported in wheezy LTS)
 	- kfreebsd-10 <undetermined> (bug #778367)
 	[jessie] - kfreebsd-10 <end-of-life> (Not supported in Jessie LTS)
-CVE-2014-7249
+CVE-2014-7249 (Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, A ...)
 	NOT-FOR-US: Allied Telesis
-CVE-2014-7248
+CVE-2014-7248 (Cross-site scripting (XSS) vulnerability in IPA iLogScanner 4.0 allows ...)
 	NOT-FOR-US: IPA iLogScanner
-CVE-2014-7247
+CVE-2014-7247 (Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; I ...)
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2014-7246
+CVE-2014-7246 (The Core Server in OpenAM 9.5.3 through 9.5.5, 10.0.0 through 10.0.2,  ...)
 	NOT-FOR-US: OpenAM (SSO Server)
 	NOTE: This is not the openam answering machine.
 CVE-2014-7245
 	REJECTED
 CVE-2014-7244
 	REJECTED
-CVE-2014-7243
+CVE-2014-7243 (LG Electronics Mobile WiFi router L-09C, L-03E, and L-04D does not res ...)
 	NOT-FOR-US: LG Routers
-CVE-2014-7242
+CVE-2014-7242 (The SumaHo application 3.0.0 and earlier for Android and the SumaHo "d ...)
 	NOT-FOR-US: SumaHo (applications for Android)
-CVE-2014-7241
+CVE-2014-7241 (The TSUTAYA application 5.3 and earlier for Android allows remote atta ...)
 	NOT-FOR-US: TSUTAYA application for Android
-CVE-2014-7240
+CVE-2014-7240 (Cross-site scripting (XSS) vulnerability in the Easy Contact Form Solu ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2014-7239
 	RESERVED
 CVE-2014-7238
 	RESERVED
-CVE-2014-7237
+CVE-2014-7237 (lib/TWiki/Sandbox.pm in TWiki 6.0.0 and earlier, when running on Windo ...)
 	- twiki <removed>
 	NOTE: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7237
 CVE-2014-7236
 	RESERVED
 	- twiki <removed>
 	NOTE: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236
-CVE-2014-7235
+CVE-2014-7235 (htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Rec ...)
 	NOT-FOR-US: FreePBX
 CVE-2014-7234
 	REJECTED
-CVE-2014-7233
+CVE-2014-7233 (GE Healthcare Precision THUNIS-800+ has a default password of (1) 1973 ...)
 	NOT-FOR-US: GE Healthcare Precision THUNIS-800+
-CVE-2014-7232
+CVE-2014-7232 (GE Healthcare Discovery XR656 and XR656 G2 has a password of (1) 2geti ...)
 	NOT-FOR-US: GE Healthcare Discovery XR656 and XR656 G2
-CVE-2014-7229
+CVE-2014-7229 (Unspecified vulnerability in Joomla! before 2.5.4 before 2.5.26, 3.x b ...)
 	NOT-FOR-US: Joomla!
-CVE-2014-7228
+CVE-2014-7228 (Akeeba Restore (restore.php), as used in Joomla! 2.5.4 through 2.5.25, ...)
 	NOT-FOR-US: Joomla!
 CVE-2014-7227
 	REJECTED
-CVE-2014-7226
+CVE-2014-7226 (The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and ea ...)
 	NOT-FOR-US: Rejetto HTTP File Server
 CVE-2014-7225
 	RESERVED
@@ -7846,10 +7846,10 @@ CVE-2014-7224
 	NOT-FOR-US: Android addJavascriptInterface
 CVE-2014-7223
 	RESERVED
-CVE-2014-7222
+CVE-2014-7222 (Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote a ...)
 	- teamspeak-client <removed>
 	[wheezy] - teamspeak-client <end-of-life> (non-free is not supported)
-CVE-2014-7221
+CVE-2014-7221 (TeamSpeak Client 3.0.14 and earlier allows remote authenticated users  ...)
 	- teamspeak-client <removed>
 	[wheezy] - teamspeak-client <end-of-life> (non-free is not supported)
 CVE-2014-7220
@@ -7858,12 +7858,12 @@ CVE-2014-7219
 	RESERVED
 CVE-2014-7218
 	RESERVED
-CVE-2014-7217
+CVE-2014-7217 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...)
 	- phpmyadmin 4:4.2.9.1-1 (low)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-7216
+CVE-2014-7216 (Multiple stack-based buffer overflows in Yahoo! Messenger 11.5.0.228 a ...)
 	NOT-FOR-US: Yahoo
 CVE-2014-7215
 	REJECTED
@@ -7881,14 +7881,14 @@ CVE-2014-7210 [pdns in Debian creates too privileged MySQL user]
 	- pdns 3.3.1-1
 	[squeeze] - pdns <not-affected> (Vulnerabile code not present)
 	NOTE: Debian packaging specific.
-CVE-2014-7209
+CVE-2014-7209 (run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 al ...)
 	{DSA-3114-1 DLA-125-1}
 	- mime-support 3.58
-CVE-2014-7208
+CVE-2014-7208 (GParted before 0.15.0 allows local users to execute arbitrary commands ...)
 	- gparted 0.16.1-1
 	[wheezy] - gparted <no-dsa> (Minor issue)
 	[squeeze] - gparted <no-dsa> (Minor issue)
-CVE-2014-7207
+CVE-2014-7207 (A certain Debian patch to the IPv6 implementation in the Linux kernel  ...)
 	{DSA-3060-1}
 	- linux <not-affected> (Issue specific to 3.2.x)
 	NOTE: In 3.2.x introduced with https://git.kernel.org/cgit/linux/kernel/git/bwh/linux-3.2.y.git/commit/?h=linux-3.2.y&id=64b5c251d5b2cee4a0f697bfb90d79263f6dd517
@@ -7897,12 +7897,12 @@ CVE-2014-7207
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=916e4cf46d0204806c062c8c6c4d1f633852c5b6 (v3.14-rc6)
 	NOTE: http://bugs.debian.org/766195
 	- linux-2.6 <not-affected> (Issue specific to 3.2.x)
-CVE-2014-7206
+CVE-2014-7206 (The changelog command in Apt before 1.0.9.2 allows local users to writ ...)
 	{DSA-3048-1}
 	- apt 1.0.9.2 (bug #763780)
 	[squeeze] - apt <not-affected> (apt changelog command and vulnerable code not present)
 	NOTE: mitigated by Linux kernel features in wheezy and up
-CVE-2014-7300
+CVE-2014-7300 (GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used ...)
 	- gnome-shell 3.14.1-1 (low)
 	[wheezy] - gnome-shell <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=737456
@@ -7912,22 +7912,22 @@ CVE-2014-7300
 	NOTE: oom-killer allows authentication bypass for command execution.
 	NOTE: Therefore, the product must limit the aggregate memory consumption of
 	NOTE: all active requests, and the lack of this limit is a vulnerability.
-CVE-2014-7231
+CVE-2014-7231 (The strutils.mask_password function in the OpenStack Oslo utility libr ...)
 	- python-oslo.utils 0.2.0-1
 	NOTE: https://launchpad.net/bugs/1345233
 	NOTE: https://review.openstack.org/gitweb?p=openstack%2Foslo.utils.git;a=commitdiff;h=e0425691d90bce0bbe847a9ff49468ce0fab5486
-CVE-2014-7230
+CVE-2014-7230 (The processutils.execute function in OpenStack oslo-incubator, Cinder, ...)
 	- cinder 2014.1.3-4 (low; bug #765704)
 	- nova 2014.1.3-5 (low; bug #765714)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	- openstack-trove 2014.1.3-1 (low)
 	NOTE: https://launchpad.net/bugs/1343604
-CVE-2014-7205
+CVE-2014-7205 (Eval injection vulnerability in the internals.batch function in lib/ba ...)
 	NOTE: https://nodesecurity.io/advisories/bassmaster_js_injection
 	NOT-FOR-US: node.js package bassmaster
-CVE-2014-7201
+CVE-2014-7201 (Multiple SQL injection vulnerabilities in the search function in pi1/c ...)
 	NOT-FOR-US: JobControl extension for TYPO3
-CVE-2014-7200
+CVE-2014-7200 (Cross-site scripting (XSS) vulnerability in pi1/class.tx_dmmjobcontrol ...)
 	NOT-FOR-US: JobControl extension for TYPO3
 CVE-2014-7198
 	RESERVED
@@ -7935,43 +7935,43 @@ CVE-2014-7197
 	RESERVED
 CVE-2014-7196
 	REJECTED
-CVE-2014-7195
+CVE-2014-7195 (Spotfire Web Player Engine in TIBCO Spotfire Web Player 6.0.x before 6 ...)
 	NOT-FOR-US: Spotfire Web Player
-CVE-2014-7194
+CVE-2014-7194 (TIBCO Managed File Transfer Internet Server before 7.2.4, Managed File ...)
 	NOT-FOR-US: TIBCO
-CVE-2014-7193
+CVE-2014-7193 (The Crumb plugin before 3.0.0 for Node.js does not properly restrict t ...)
 	NOT-FOR-US: Crumb
-CVE-2014-7192
+CVE-2014-7192 (Eval injection vulnerability in index.js in the syntax-error package b ...)
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773623)
 	NOTE: libv8 not covered by security support
-CVE-2014-7191
+CVE-2014-7191 (The qs module before 1.0.0 in Node.js does not call the compact functi ...)
 	- node-qs 2.2.4-1
 	NOTE: https://github.com/raymondfeng/node-querystring/commit/43a604b7847e56bba49d0ce3e222fe89569354d8
 	NOTE: https://nodesecurity.io/advisories/qs_dos_memory_exhaustion
-CVE-2014-7188
+CVE-2014-7188 (The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 t ...)
 	{DSA-3041-1}
 	- xen 4.4.1-3
 	[squeeze] - xen <end-of-life>
 CVE-2014-7184
 	RESERVED
-CVE-2014-7183
+CVE-2014-7183 (Multiple cross-site scripting (XSS) vulnerabilities in the search.php  ...)
 	NOT-FOR-US: LifeCart
-CVE-2014-7182
+CVE-2014-7182 (Multiple cross-site scripting (XSS) vulnerabilities in the WP Google M ...)
 	NOT-FOR-US: WP Google Maps plugin for WordPress
-CVE-2014-7181
+CVE-2014-7181 (Cross-site scripting (XSS) vulnerability in the Max Foundry MaxButtons ...)
 	NOT-FOR-US: Max Foundry MaxButtons plugin for WordPress
-CVE-2014-7180
+CVE-2014-7180 (Electric Cloud ElectricCommander before 4.2.6 and 5.x before 5.0.3 use ...)
 	NOT-FOR-US: ElectricCommander
 CVE-2014-7179
 	RESERVED
-CVE-2014-7178
+CVE-2014-7178 (Enalean Tuleap before 7.5.99.6 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Enalean Tuleap
-CVE-2014-7177
+CVE-2014-7177 (XML External Entity vulnerability in Enalean Tuleap 7.2 and earlier al ...)
 	NOT-FOR-US: Enalean Tuleap
-CVE-2014-7176
+CVE-2014-7176 (SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows r ...)
 	NOT-FOR-US: Enalean Tuleap
 CVE-2014-7175
 	RESERVED
@@ -7983,34 +7983,34 @@ CVE-2014-7172
 	RESERVED
 CVE-2014-7171
 	RESERVED
-CVE-2014-7170
+CVE-2014-7170 (Race condition in Puppet Server 0.2.0 allows local users to obtain sen ...)
 	NOT-FOR-US: Puppet Server (replacement for puppetmaster)
-CVE-2014-7204
+CVE-2014-7204 (jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a de ...)
 	{DSA-3042-1 DLA-69-1}
 	- exuberant-ctags 1:5.9~svn20110310-8 (bug #742605)
 	NOTE: http://sourceforge.net/p/ctags/code/791/
-CVE-2014-7203
+CVE-2014-7203 (libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces ...)
 	- zeromq <not-affected> (Vulnerable code not present, only zmq 4.x onwards)
 	- zeromq3 4.0.5+dfsg-1
 	NOTE: Code commit: https://github.com/zeromq/libzmq/issues/1191
-CVE-2014-7202
+CVE-2014-7202 (stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allow ...)
 	- zeromq <not-affected> (Vulnerable code not present, only zmq 4.x onwards)
 	- zeromq3 4.0.5+dfsg-1
 	NOTE: Code commit: https://github.com/zeromq/libzmq/issues/1190
-CVE-2014-7190
+CVE-2014-7190 (Multiple cross-site request forgery (CSRF) vulnerabilities in Openfile ...)
 	NOT-FOR-US: Openfiler
-CVE-2014-7189
+CVE-2014-7189 (crpyto/tls in Go 1.1 before 1.3.2, when SessionTicketsDisabled is enab ...)
 	- golang 2:1.3.2-1
 	[wheezy] - golang <not-affected> (Vulnerable code not present, only Go 1.1 onwards)
 	NOTE: https://groups.google.com/forum/#!msg/golang-nuts/eeOHNw_shwU/OHALUmroA5kJ
 	NOTE: https://code.google.com/p/go/source/detail?r=eae0457c101512f59296538f0162749eba325892&name=release-branch.go1.3
-CVE-2014-7187
+CVE-2014-7187 (Off-by-one error in the read_token_word function in parse.y in GNU Bas ...)
 	{DSA-3035-1 DLA-63-1}
 	- bash 4.3-9.2
-CVE-2014-7186
+CVE-2014-7186 (The redirection implementation in parse.y in GNU Bash through 4.3 bash ...)
 	{DSA-3035-1 DLA-63-1}
 	- bash 4.3-9.2
-CVE-2014-7185
+CVE-2014-7185 (Integer overflow in bufferobject.c in Python before 2.7.8 allows conte ...)
 	- python2.5 <removed> (low)
 	[squeeze] - python2.5 <no-dsa> (Minor issue)
 	- python2.6 <removed> (low)
@@ -8040,11 +8040,11 @@ CVE-2014-7160
 	RESERVED
 CVE-2014-7159
 	RESERVED
-CVE-2014-7158
+CVE-2014-7158 (Cross-site request forgery (CSRF) vulnerability in Exinda WAN Optimiza ...)
 	NOT-FOR-US: Exinda WAN Optimization Suite
-CVE-2014-7157
+CVE-2014-7157 (Cross-site scripting (XSS) vulnerability in Exinda WAN Optimization Su ...)
 	NOT-FOR-US: Exinda WAN Optimization Suite
-CVE-2014-7153
+CVE-2014-7153 (SQL injection vulnerability in the editgallery function in admin/galle ...)
 	NOT-FOR-US: WordPress plugin Huge-IT Image Gallery
 CVE-2014-XXXX [cyassl: RSA Padding check vulnerability]
 	- cyassl <removed>
@@ -8053,28 +8053,28 @@ CVE-2014-XXXX [cyassl: RSA Padding check vulnerability]
 	NOTE: http://www.yassl.com/yaSSL/Blog/Entries/2014/9/12_CyaSSL_3.2.0_Released.html
 	NOTE: http://www.intelsecurity.com/advanced-threat-research/#
 	NOTE: similar to CVE-2014-1568 in nss
-CVE-2014-7199
+CVE-2014-7199 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.19,  ...)
 	{DSA-3036-1}
 	- mediawiki 1:1.19.19+dfsg-1 (bug #762754)
 	[squeeze] - mediawiki <end-of-life>
-CVE-2014-7169
+CVE-2014-7169 (GNU Bash through 4.3 bash43-025 processes trailing strings after certa ...)
 	{DSA-3035-1 DLA-63-1}
 	- bash 4.3-9.2 (bug #762760)
-CVE-2014-7156
+CVE-2014-7156 (The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen  ...)
 	{DSA-3041-1}
 	- xen 4.4.1-3
 	[squeeze] - xen <end-of-life>
-CVE-2014-7155
+CVE-2014-7155 (The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen  ...)
 	{DSA-3041-1}
 	- xen 4.4.1-3
 	[squeeze] - xen <end-of-life>
-CVE-2014-7154
+CVE-2014-7154 (Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x do ...)
 	{DSA-3041-1}
 	- xen 4.4.1-3
 	[squeeze] - xen <end-of-life>
-CVE-2014-7152
+CVE-2014-7152 (Cross-site scripting (XSS) vulnerability in the Easy MailChimp Forms p ...)
 	NOT-FOR-US: WordPress plugin Easy MailChimp Forms
-CVE-2014-7151
+CVE-2014-7151 (Multiple cross-site scripting (XSS) vulnerabilities in the NEX-Forms L ...)
 	NOT-FOR-US: NEX-Forms Lite plugin for WordPress
 CVE-2014-7150
 	RESERVED
@@ -8084,98 +8084,98 @@ CVE-2014-7148
 	RESERVED
 CVE-2014-7147
 	RESERVED
-CVE-2014-7146
+CVE-2014-7146 (The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remot ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17725
 	NOTE: https://github.com/mantisbt/mantisbt/commit/bed19db9 (1.2.x branch)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/84017535 (master)
-CVE-2014-7140
+CVE-2014-7140 (Unspecified vulnerability in the management interface in Citrix NetSca ...)
 	NOT-FOR-US: Citrix NetScaler
-CVE-2014-7139
+CVE-2014-7139 (Multiple cross-site scripting (XSS) vulnerabilities in the Contact For ...)
 	NOT-FOR-US: WordPress plugin Contact Form DB
-CVE-2014-7138
+CVE-2014-7138 (Cross-site scripting (XSS) vulnerability in the Google Calendar Events ...)
 	NOT-FOR-US: WordPress plugin Google Calendar Events
-CVE-2014-7137
+CVE-2014-7137 (Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6. ...)
 	- dolibarr 3.5.5+dfsg1-1 (bug #770313)
-CVE-2014-7136
+CVE-2014-7136 (Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka ...)
 	NOT-FOR-US: K7 Computing
-CVE-2014-7135
+CVE-2014-7135 (The Ayuntamiento de Coana (aka com.wInfoCoa) application 0.2 for Andro ...)
 	NOT-FOR-US: Ayuntamiento de Coana (aka com.wInfoCoa) application for Android
-CVE-2014-7134
+CVE-2014-7134 (The PROF. USMAN ALI AWHEELA (aka com.wPROFUAAWHEELA) application 2.1 f ...)
 	NOT-FOR-US: PROF. USMAN ALI AWHEELA (aka com.wPROFUAAWHEELA) application for Android
 CVE-2014-7133
 	REJECTED
-CVE-2014-7132
+CVE-2014-7132 (The Jambatan PBB Semporna (aka com.wJAMBATANPBBSEMPORNA) application 1 ...)
 	NOT-FOR-US: Jambatan PBB Semporna (aka com.wJAMBATANPBBSEMPORNA) application for Android
-CVE-2014-7131
+CVE-2014-7131 (The Digital Content NewFronts 2014 (aka com.coreapps.android.followme. ...)
 	NOT-FOR-US: Digital Content NewFronts 2014 (aka com.coreapps.android.followme.newfronts2014) application for Android
 CVE-2014-7130
 	REJECTED
-CVE-2014-7129
+CVE-2014-7129 (The Argus Leader Print Edition (aka com.argusleader.android.prod) appl ...)
 	NOT-FOR-US: Argus Leader Print Edition (aka com.argusleader.android.prod) application for Android
-CVE-2014-7128
+CVE-2014-7128 (The Toyota OC (aka com.tapatalk.toyotaownersclubcomforums) application ...)
 	NOT-FOR-US: Toyota OC (aka com.tapatalk.toyotaownersclubcomforums) application for Android
-CVE-2014-7127
+CVE-2014-7127 (The Football Espana magazine (aka com.triactivemedia.footballespana) a ...)
 	NOT-FOR-US: Football Espana magazine (aka com.triactivemedia.footballespana) application for Android
 CVE-2014-7126
 	REJECTED
-CVE-2014-7125
+CVE-2014-7125 (The Motor (aka com.magzter.motorhwpublishing) application 3.0 for Andr ...)
 	NOT-FOR-US: Motor (aka com.magzter.motorhwpublishing) application for Android
-CVE-2014-7124
+CVE-2014-7124 (The IP Alarm (aka com.cosesy.gadget.alarm) application 1.4 for Android ...)
 	NOT-FOR-US: IP Alarm (aka com.cosesy.gadget.alarm) application for Android
-CVE-2014-7123
+CVE-2014-7123 (The Brevir Harian V2 (aka com.brevir.harian.v) application 2.0 for And ...)
 	NOT-FOR-US: Brevir Harian V2 (aka com.brevir.harian.v) application for Android
-CVE-2014-7122
+CVE-2014-7122 (The Lansing State Journal Print (aka com.lansingjournal.android.prod)  ...)
 	NOT-FOR-US: Lansing State Journal Print (aka com.lansingjournal.android.prod) application for Android
-CVE-2014-7121
+CVE-2014-7121 (The Dhanam (aka com.magzter.dhanam) application 3.1 for Android does n ...)
 	NOT-FOR-US: Dhanam (aka com.magzter.dhanam) application for Android
-CVE-2014-7120
+CVE-2014-7120 (The Model Laboratory (aka com.magazinecloner.modellaboratory) applicat ...)
 	NOT-FOR-US: Model Laboratory (aka com.magazinecloner.modellaboratory) application for Android
-CVE-2014-7119
+CVE-2014-7119 (The GNAM 2013 (aka com.beepeers.gndam) application 1.0 for Android doe ...)
 	NOT-FOR-US: GNAM 2013 (aka com.beepeers.gndam) application for Android
-CVE-2014-7118
+CVE-2014-7118 (The Itography Item Hunt (aka com.itography.application) application 3. ...)
 	NOT-FOR-US: Itography Item Hunt (aka com.itography.application) application for Android
-CVE-2014-7117
+CVE-2014-7117 (The Forest Area FCU Mobile (aka com.metova.cuae.fafcu) application 1.0 ...)
 	NOT-FOR-US: Forest Area FCU Mobile (aka com.metova.cuae.fafcu) application for Android
-CVE-2014-7116
+CVE-2014-7116 (The NRA Journal (aka com.magazinecloner.nationalrifleassociationjourna ...)
 	NOT-FOR-US: NRA Journal (aka com.magazinecloner.nationalrifleassociationjournal) application for Android
-CVE-2014-7115
+CVE-2014-7115 (The Letters to God - soc. network (aka com.wPismakBoguLetterstoGod) ap ...)
 	NOT-FOR-US: Letters to God - soc. network (aka com.wPismakBoguLetterstoGod) application for Android
 CVE-2014-7114
 	REJECTED
-CVE-2014-7113
+CVE-2014-7113 (The NASA Universe Wallpapers Xeus (aka com.xeusNASA) application 1.0 f ...)
 	NOT-FOR-US: NASA Universe Wallpapers Xeus (aka com.xeusNASA) application for Android
 CVE-2014-7112
 	REJECTED
-CVE-2014-7111
+CVE-2014-7111 (The Android Excellence (aka an.exc.ap) application 1.4.1 for Android d ...)
 	NOT-FOR-US: Android Excellence (aka an.exc.ap) application for Android
 CVE-2014-7110
 	REJECTED
-CVE-2014-7109
+CVE-2014-7109 (The Nesvarnik (aka cz.dtest.nesvarnik) application 1.0 for Android doe ...)
 	NOT-FOR-US: Nesvarnik (aka cz.dtest.nesvarnik) application for Android
-CVE-2014-7108
+CVE-2014-7108 (The Stop Headaches and Migraines (aka com.StopHeadachesandMigraines) a ...)
 	NOT-FOR-US: Stop Headaches and Migraines (aka com.StopHeadachesandMigraines) application for Android
-CVE-2014-7107
+CVE-2014-7107 (The Human Factor (aka com.magzter.thehumanfactor) application 3.01 for ...)
 	NOT-FOR-US: The Human Factor (aka com.magzter.thehumanfactor) application for Android
-CVE-2014-7106
+CVE-2014-7106 (The Orakel-Ball (aka com.wOrakelball) application 0.2 for Android does ...)
 	NOT-FOR-US: Orakel-Ball (aka com.wOrakelball) application for Android
 CVE-2014-7105
 	REJECTED
-CVE-2014-7104
+CVE-2014-7104 (The gymnoOVP (iOVP) (aka com.johtru.gymnoOVP) application 1.2 for Andr ...)
 	NOT-FOR-US: gymnoOVP (iOVP) (aka com.johtru.gymnoOVP) application for Android
-CVE-2014-7103
+CVE-2014-7103 (The Oskarshamnsliv (aka appinventor.ai_stadslivsguiden.Oskarshamnsliv) ...)
 	NOT-FOR-US: Oskarshamnsliv (aka appinventor.ai_stadslivsguiden.Oskarshamnsliv) application for Android
-CVE-2014-7102
+CVE-2014-7102 (The Car Insurance Quote Comparison (aka com.seopa.quotezone) applicati ...)
 	NOT-FOR-US: Car Insurance Quote Comparison (aka com.seopa.quotezone) application for Android
-CVE-2014-7101
+CVE-2014-7101 (The Talk Radio Europe (aka com.nobexinc.wls_31251464.rc) application 3 ...)
 	NOT-FOR-US: Talk Radio Europe (aka com.nobexinc.wls_31251464.rc) application for Android
-CVE-2014-7100
+CVE-2014-7100 (The www.sm3ny.com (aka sm3ny.com) application 1.0 for Android does not ...)
 	NOT-FOR-US: www.sm3ny.com (aka sm3ny.com) application for Android
-CVE-2014-7099
+CVE-2014-7099 (The Woodcraft Magazine (aka com.magzter.woodcraftmagazine) application ...)
 	NOT-FOR-US: Woodcraft Magazine (aka com.magzter.woodcraftmagazine) application for Android
-CVE-2014-7098
+CVE-2014-7098 (The Fylet Secure Large File Sender (aka com.application.fyletFileSende ...)
 	NOT-FOR-US: Fylet Secure Large File Sender (aka com.application.fyletFileSender) application for Android
 CVE-2014-7097
 	REJECTED
@@ -8185,963 +8185,963 @@ CVE-2014-7095
 	REJECTED
 CVE-2014-7094
 	REJECTED
-CVE-2014-7093
+CVE-2014-7093 (The Superbike Magazine (aka com.triactivemedia.superbike) application  ...)
 	NOT-FOR-US: Superbike Magazine (aka com.triactivemedia.superbike) application for Android
-CVE-2014-7092
+CVE-2014-7092 (The Ubooly (aka com.ubooly.ubooly) application 4.3.0 for Android does  ...)
 	NOT-FOR-US: Ubooly (aka com.ubooly.ubooly) application for Android
-CVE-2014-7091
+CVE-2014-7091 (The Sacramento Kings (aka com.tibco.gse.sports) application 6.0.8 for  ...)
 	NOT-FOR-US: Sacramento Kings (aka com.tibco.gse.sports) application for Android
-CVE-2014-7090
+CVE-2014-7090 (The MyVCCCD (aka com.dub.app.ventura) application 1.4.14 for Android d ...)
 	NOT-FOR-US: MyVCCCD (aka com.dub.app.ventura) application for Android
-CVE-2014-7089
+CVE-2014-7089 (The COMPETITION INFORMATION (aka com.ear.bilgiyarismasi) application 0 ...)
 	NOT-FOR-US: COMPETITION INFORMATION (aka com.ear.bilgiyarismasi) application for Android
-CVE-2014-7088
+CVE-2014-7088 (The JDM Lifestyle (aka com.hondatech) application 6.4 for Android does ...)
 	NOT-FOR-US: JDM Lifestyle (aka com.hondatech) application for Android
-CVE-2014-7087
+CVE-2014-7087 (The Top Roller Coasters Europe 1 (aka com.appaapps.top10tallesteuropea ...)
 	NOT-FOR-US: Top Roller Coasters Europe 1 (aka com.appaapps.top10tallesteuropeanrollercoasters1) application for Android
-CVE-2014-7086
+CVE-2014-7086 (The Killer Screen lock (aka com.cc.theme.shashou) application 0.5 for  ...)
 	NOT-FOR-US: Killer Screen lock (aka com.cc.theme.shashou) application for Android
-CVE-2014-7085
+CVE-2014-7085 (The i Newspaper (aka com.independent.thei) application @7F080184 for A ...)
 	NOT-FOR-US: i Newspaper (aka com.independent.thei) application for Android
-CVE-2014-7084
+CVE-2014-7084 (The Hesheng 80 (aka com.ireadercity.c29) application 3.0.2 for Android ...)
 	NOT-FOR-US: Hesheng 80 (aka com.ireadercity.c29) application for Android
-CVE-2014-7083
+CVE-2014-7083 (The Jiu Jik (aka com.scmp.jiujik) application 1.4.0 for Android does n ...)
 	NOT-FOR-US: Jiu Jik (aka com.scmp.jiujik) application for Android
-CVE-2014-7082
+CVE-2014-7082 (The No Disturb (aka com.blogspot.imapp.imnodisturb) application 3.3 fo ...)
 	NOT-FOR-US: No Disturb (aka com.blogspot.imapp.imnodisturb) application for Android
 CVE-2014-7081
 	REJECTED
-CVE-2014-7080
+CVE-2014-7080 (The Sigong ebook (aka com.sigongsa.sigonggenre) application 1.0.0 for  ...)
 	NOT-FOR-US: Sigong ebook (aka com.sigongsa.sigonggenre) application for Android
-CVE-2014-7079
+CVE-2014-7079 (The Romeo and Juliet (aka jp.co.cybird.appli.android.rjs) application  ...)
 	NOT-FOR-US: Romeo and Juliet (aka jp.co.cybird.appli.android.rjs) application for Android
-CVE-2014-7078
+CVE-2014-7078 (The Payoneer Sign Up (aka com.wPayoneerSignUp) application 0.1 for And ...)
 	NOT-FOR-US: Payoneer Sign Up (aka com.wPayoneerSignUp) application for Android
-CVE-2014-7077
+CVE-2014-7077 (The Gulf Coast Educators FCU (aka com.metova.cuae.gcefcu) application  ...)
 	NOT-FOR-US: Gulf Coast Educators FCU (aka com.metova.cuae.gcefcu) application for Android
-CVE-2014-7076
+CVE-2014-7076 (The Sanctuary Asia (aka com.magzter.sanctuaryasia) application 3.0 for ...)
 	NOT-FOR-US: Sanctuary Asia (aka com.magzter.sanctuaryasia) application for Android
-CVE-2014-7075
+CVE-2014-7075 (The HAPPY (aka com.tw.knowhowdesign.sinfonghuei) application 2.0 for A ...)
 	NOT-FOR-US: HAPPY (aka com.tw.knowhowdesign.sinfonghuei) application for Android
 CVE-2014-7074
 	REJECTED
-CVE-2014-7073
+CVE-2014-7073 (The Andrew Magdy Kamal's Network (aka com.wAndSocialREWApps) applicati ...)
 	NOT-FOR-US: Andrew Magdy Kamal's Network (aka com.wAndSocialREWApps) application for Android
-CVE-2014-7072
+CVE-2014-7072 (The Venezia map (aka com.wVeneziamap) application 0.1 for Android does ...)
 	NOT-FOR-US: Venezia map (aka com.wVeneziamap) application for Android
-CVE-2014-7071
+CVE-2014-7071 (The Autocar India (aka com.magzter.autocarindia) application 3.03 for  ...)
 	NOT-FOR-US: Autocar India (aka com.magzter.autocarindia) application for Android
-CVE-2014-7070
+CVE-2014-7070 (The Air War Hero (aka com.dev.airwar) application 3.0 for Android does ...)
 	NOT-FOR-US: Air War Hero (aka com.dev.airwar) application for Android
-CVE-2014-7069
+CVE-2014-7069 (The Aventino Brand (aka com.AventinoBrand) application 2.2 for Android ...)
 	NOT-FOR-US: Aventino Brand (aka com.AventinoBrand) application for Android
-CVE-2014-7068
+CVE-2014-7068 (The Neumann Student Activities (aka com.appmakr.app153856) application ...)
 	NOT-FOR-US: Neumann Student Activities (aka com.appmakr.app153856) application for Android
-CVE-2014-7067
+CVE-2014-7067 (The BTD5 Videos (aka com.wxTYILIEIRBTD5Videos) application 0.1 for And ...)
 	NOT-FOR-US: BTD5 Videos (aka com.wxTYILIEIRBTD5Videos) application for Android
-CVE-2014-7066
+CVE-2014-7066 (The LegalEra (aka com.magzter.legalera) application 3.0 for Android do ...)
 	NOT-FOR-US: LegalEra (aka com.magzter.legalera) application for Android
-CVE-2014-7065
+CVE-2014-7065 (The Nigerias Business Directory (aka com.wNigeriasBusinessDirectory) a ...)
 	NOT-FOR-US: Nigerias Business Directory (aka com.wNigeriasBusinessDirectory) application for Android
-CVE-2014-7064
+CVE-2014-7064 (The ben10 omniverse walkthrough (aka com.wben10omniverse2walkthrough)  ...)
 	NOT-FOR-US: ben10 omniverse walkthrough (aka com.wben10omniverse2walkthrough) application for Android
-CVE-2014-7063
+CVE-2014-7063 (The Bikers Romagna (aka com.bikers.romagna) application 1.0 for Androi ...)
 	NOT-FOR-US: Bikers Romagna (aka com.bikers.romagna) application for Android
-CVE-2014-7062
+CVE-2014-7062 (The Association Min Ajlik (aka com.association.min.ajlik) application  ...)
 	NOT-FOR-US: Association Min Ajlik (aka com.association.min.ajlik) application for Android
-CVE-2014-7061
+CVE-2014-7061 (The MODSIM World 2014 (aka com.concursive.modsimworld) application 2.0 ...)
 	NOT-FOR-US: MODSIM World 2014 (aka com.concursive.modsimworld) application for Android
-CVE-2014-7060
+CVE-2014-7060 (The Your Tango (aka com.your.tango) application 1.0 for Android does n ...)
 	NOT-FOR-US: Your Tango (aka com.your.tango) application for Android
-CVE-2014-7059
+CVE-2014-7059 (The TheDevildogGamer (aka com.wTheDevildogGamer) application 1.0 for A ...)
 	NOT-FOR-US: TheDevildogGamer (aka com.wTheDevildogGamer) applicationfor Android
-CVE-2014-7058
+CVE-2014-7058 (The Efendimizin Sunnetleri (aka com.wEfendimizinSunnetleri) applicatio ...)
 	NOT-FOR-US: Efendimizin Sunnetleri (aka com.wEfendimizinSunnetleri) application for Android
-CVE-2014-7057
+CVE-2014-7057 (The Hong Kong Tatler Society (aka com.magzter.hongkongtatlersociety) a ...)
 	NOT-FOR-US: Hong Kong Tatler Society (aka com.magzter.hongkongtatlersociety) application for Android
-CVE-2014-7056
+CVE-2014-7056 (The Yeast Infection (aka com.wyeastinfectionapp) application 0.1 for A ...)
 	NOT-FOR-US: Yeast Infection (aka com.wyeastinfectionapp) application for Android
-CVE-2014-7055
+CVE-2014-7055 (The NCCI's Annual Issues Symposium (aka com.quickmobile.ais14) applica ...)
 	NOT-FOR-US: NCCI's Annual Issues Symposium (aka com.quickmobile.ais14) application for Android
-CVE-2014-7054
+CVE-2014-7054 (The musica de barrios sonideros (aka com.nobexinc.wls_93155702.rc) app ...)
 	NOT-FOR-US: musica de barrios sonideros (aka com.nobexinc.wls_93155702.rc) application for Android
-CVE-2014-7053
+CVE-2014-7053 (The City Star ME (aka com.citystarme) application 1.0 for Android does ...)
 	NOT-FOR-US: City Star ME (aka com.citystarme) application for Android
-CVE-2014-7052
+CVE-2014-7052 (The sahab-alkher.com (aka com.tapatalk.sahabalkhercomvb) application 2 ...)
 	NOT-FOR-US: sahab-alkher.com (aka com.tapatalk.sahabalkhercomvb) application for Android
 CVE-2014-7051
 	REJECTED
-CVE-2014-7050
+CVE-2014-7050 (The givenu give (aka com.givenu.give) application 1.5.3 for Android do ...)
 	NOT-FOR-US: givenu give (aka com.givenu.give) application for Android
-CVE-2014-7049
+CVE-2014-7049 (The SomTodo - Task/To-do widget (aka com.somcloud.somtodo) application ...)
 	NOT-FOR-US: SomTodo - Task/To-do widget (aka com.somcloud.somtodo) application for Android
-CVE-2014-7048
+CVE-2014-7048 (The Bear ID Lock (aka com.wBearIDLock) application 0.1 for Android doe ...)
 	NOT-FOR-US: Bear ID Lock (aka com.wBearIDLock) application for Android
-CVE-2014-7047
+CVE-2014-7047 (The Ocean Avenue Mobile Pro (aka com.oceanavenue.mobile) application 2 ...)
 	NOT-FOR-US: Ocean Avenue Mobile Pro (aka com.oceanavenue.mobile) application for Android
-CVE-2014-7046
+CVE-2014-7046 (The George Wassouf (aka com.devkhr32.georgewassouf) application 1.0 fo ...)
 	NOT-FOR-US: George Wassouf (aka com.devkhr32.georgewassouf) application for Android
-CVE-2014-7045
+CVE-2014-7045 (The Bust Out Bail (aka com.onesolutionapps.bustoutbailandroid) applica ...)
 	NOT-FOR-US: Bust Out Bail (aka com.onesolutionapps.bustoutbailandroid) application for Android
-CVE-2014-7044
+CVE-2014-7044 (The Street Walker (aka kt.road.StreetWalker) application 0.0.1 for And ...)
 	NOT-FOR-US: Street Walker (aka kt.road.StreetWalker) application for Android
-CVE-2014-7043
+CVE-2014-7043 (The Cadpage (aka net.anei.cadpage) application 1.7.44 for Android does ...)
 	NOT-FOR-US: Cadpage (aka net.anei.cadpage) application for Android
-CVE-2014-7042
+CVE-2014-7042 (** DISPUTED ** The My nTelos (aka com.telespree.ntelospostpay) applica ...)
 	NOT-FOR-US: My nTelos (aka com.telespree.ntelospostpay) application for Android
-CVE-2014-7041
+CVE-2014-7041 (The SimGene (aka com.japanbioinformatics.simgene) application 1.3 for  ...)
 	NOT-FOR-US: SimGene (aka com.japanbioinformatics.simgene) application for Android
-CVE-2014-7040
+CVE-2014-7040 (The UniCredit Investors (aka eu.unicreditgroup.brand.ucinvestors) appl ...)
 	NOT-FOR-US: UniCredit Investors (aka eu.unicreditgroup.brand.ucinvestors) application for Android
-CVE-2014-7039
+CVE-2014-7039 (The Wild Women United (aka com.wildwomenunited) application 1.0 for An ...)
 	NOT-FOR-US: Wild Women United (aka com.wildwomenunited) application for Android
-CVE-2014-7038
+CVE-2014-7038 (The Al Jazeera (aka com.Al.Jazeera.net) application 6.0 for Android do ...)
 	NOT-FOR-US: Al Jazeera (aka com.Al.Jazeera.net) application for Android
-CVE-2014-7037
+CVE-2014-7037 (The Noble Sticker "FREE" (aka com.kuronecostudio.kizokustamp.free) app ...)
 	NOT-FOR-US: Noble Sticker "FREE" (aka com.kuronecostudio.kizokustamp.free) application for Android
-CVE-2014-7036
+CVE-2014-7036 (The Quest Federal CU Mobile (aka com.metova.cuae.questfcu) application ...)
 	NOT-FOR-US: Quest Federal CU Mobile (aka com.metova.cuae.questfcu) application for Android
-CVE-2014-7035
+CVE-2014-7035 (The Harmonizers Planet (aka uk.co.pixelkicks.fifthharmony) application ...)
 	NOT-FOR-US: Harmonizers Planet (aka uk.co.pixelkicks.fifthharmony) application for Android
-CVE-2014-7034
+CVE-2014-7034 (The Senator Inn &amp; Spa (aka com.conduit.app_cc06e8e9659c4cf7b361ad0 ...)
 	NOT-FOR-US: Senator Inn & Spa (aka com.conduit.app_cc06e8e9659c4cf7b361ad0b7717f3a4.app) application for Android
-CVE-2014-7033
+CVE-2014-7033 (The Cure Viewer (aka com.livedoor.android.cureviewer) application 1.03 ...)
 	NOT-FOR-US: Cure Viewer (aka com.livedoor.android.cureviewer) application for Android
-CVE-2014-7032
+CVE-2014-7032 (The MYHABIT (aka com.amazon.myhabit) application @7F080041 for Android ...)
 	NOT-FOR-US: MYHABIT (aka com.amazon.myhabit) application for Android
-CVE-2014-7031
+CVE-2014-7031 (The RedAtoms Three (aka com.redatoms.mojodroid.tw.gp) application 2.5  ...)
 	NOT-FOR-US: RedAtoms Three (aka com.redatoms.mojodroid.tw.gp) application for Android
-CVE-2014-7030
+CVE-2014-7030 (The Dieta Dukan passo a passo (aka com.rareartifact.dukanpasoapaso82BE ...)
 	NOT-FOR-US: Dieta Dukan passo a passo (aka com.rareartifact.dukanpasoapaso82BE0897) application for Android
-CVE-2014-7029
+CVE-2014-7029 (The Bultmonster Registret (aka com.bultmonster.registret) application  ...)
 	NOT-FOR-US: Bultmonster Registret (aka com.bultmonster.registret) application for Android
-CVE-2014-7028
+CVE-2014-7028 (The Ibis pau centre (aka com.myapphone.android.myappibispaucentre) app ...)
 	NOT-FOR-US: Ibis pau centre (aka com.myapphone.android.myappibispaucentre) application for Android
-CVE-2014-7027
+CVE-2014-7027 (The Esercizi per le donne (aka com.rareartifact.eserciziperledonne6D55 ...)
 	NOT-FOR-US: Esercizi per le donne (aka com.rareartifact.eserciziperledonne6D5578C6) application for Android
-CVE-2014-7026
+CVE-2014-7026 (The LIFE TIME FITNESS (aka com.lifetimefitness.ltfmobile) application  ...)
 	NOT-FOR-US: LIFE TIME FITNESS (aka com.lifetimefitness.ltfmobile) application for Android
-CVE-2014-7025
+CVE-2014-7025 (The Who-is-it? Lite name caller time limited free (aka de.profiler.and ...)
 	NOT-FOR-US: Who-is-it? Lite name caller time limited free (aka de.profiler.android.whoisit) application for Android
-CVE-2014-7024
+CVE-2014-7024 (The Hardest Game Collection (aka com.lotfun.abuse) application 1.5.0 f ...)
 	NOT-FOR-US: Hardest Game Collection (aka com.lotfun.abuse) application for Android
-CVE-2014-7023
+CVE-2014-7023 (The Find Color (aka com.chudong.color) application 1.1.1 for Android d ...)
 	NOT-FOR-US: Find Color (aka com.chudong.color) application for Android
-CVE-2014-7022
+CVE-2014-7022 (The Modelisme.com forum/portail (aka com.tapatalk.modelismecomforum) a ...)
 	NOT-FOR-US: Modelisme.com forum/portail (aka com.tapatalk.modelismecomforum) application for Android
-CVE-2014-7021
+CVE-2014-7021 (The Leg Surgery - Kids Games (aka com.harriskerioe.legsurgery) applica ...)
 	NOT-FOR-US: Leg Surgery - Kids Games (aka com.harriskerioe.legsurgery) application for Android
-CVE-2014-7020
+CVE-2014-7020 (The Diabetes Forum (aka com.tapatalk.diabetescoukdiabetesforum) applic ...)
 	NOT-FOR-US: Diabetes Forum (aka com.tapatalk.diabetescoukdiabetesforum) application for Android
-CVE-2014-7019
+CVE-2014-7019 (The Clarks Inn (aka com.ClarksInn) application 3.3.0 for Android does  ...)
 	NOT-FOR-US: Clarks Inn (aka com.ClarksInn) application for Android
-CVE-2014-7018
+CVE-2014-7018 (The LOVE DANCE (aka com.efunfun.ddianle.lovedance) application 1.2.062 ...)
 	NOT-FOR-US: LOVE DANCE (aka com.efunfun.ddianle.lovedance) application for Android
-CVE-2014-7017
+CVE-2014-7017 (The Tim Ban Bon Phuong (aka com.entertaiment.timbanbonphuong) applicat ...)
 	NOT-FOR-US: Tim Ban Bon Phuong (aka com.entertaiment.timbanbonphuong) application for Android
-CVE-2014-7016
+CVE-2014-7016 (The Mahasna Batik (aka com.batik.mahasna) application 1.0 for Android  ...)
 	NOT-FOR-US: Mahasna Batik (aka com.batik.mahasna) application for Android
-CVE-2014-7015
+CVE-2014-7015 (The JJ Texas Hold'em Poker (aka cn.jj.poker) application 1.13.23.HD fo ...)
 	NOT-FOR-US: JJ Texas Hold'em Poker (aka cn.jj.poker) application for Android
 CVE-2014-7014
 	REJECTED
-CVE-2014-7013
+CVE-2014-7013 (The Funny Photo Color Editor (aka com.doirdeditor.funcloreditor) appli ...)
 	NOT-FOR-US: Funny Photo Color Editor (aka com.doirdeditor.funcloreditor) application for Android
-CVE-2014-7012
+CVE-2014-7012 (The Coffee Inn (aka lt.lemonlabs.android.coffeeinn) application 2.0.1  ...)
 	NOT-FOR-US: Coffee Inn (aka lt.lemonlabs.android.coffeeinn) application for Android
-CVE-2014-7011
+CVE-2014-7011 (The NWTC Mobile (aka com.dub.app.nwtc) application 1.4.17 for Android  ...)
 	NOT-FOR-US: NWTC Mobile (aka com.dub.app.nwtc) application for Android
-CVE-2014-7010
+CVE-2014-7010 (The UTSA Mobile (aka com.dub.app.utsa) application 1.4.21 for Android  ...)
 	NOT-FOR-US: UTSA Mobile (aka com.dub.app.utsa) application for Android
-CVE-2014-7009
+CVE-2014-7009 (The HKBN My Account (aka com.hkbn.myaccount) application @7F070015 for ...)
 	NOT-FOR-US: HKBN My Account (aka com.hkbn.myaccount) application for Android
-CVE-2014-7008
+CVE-2014-7008 (The Forum FrAndroid beta (aka com.tapatalk.forumfrandroidcom) applicat ...)
 	NOT-FOR-US: Forum FrAndroid beta (aka com.tapatalk.forumfrandroidcom) application for Android
-CVE-2014-7007
+CVE-2014-7007 (The Master Mix (aka com.nobexinc.wls_24832536.rc) application 3.3.5 fo ...)
 	NOT-FOR-US: Master Mix (aka com.nobexinc.wls_24832536.rc) application for Android
-CVE-2014-7006
+CVE-2014-7006 (The HydFM (aka com.apheliontechnologies.hydfm) application 1.1.9 for A ...)
 	NOT-FOR-US: HydFM (aka com.apheliontechnologies.hydfm) application for Android
-CVE-2014-7005
+CVE-2014-7005 (The Foconet (aka suporte.com.foconet) application 1.0 for Android does ...)
 	NOT-FOR-US: Foconet (aka suporte.com.foconet) application for Android
-CVE-2014-7004
+CVE-2014-7004 (The PETA (aka com.peta.android) application 1.1 for Android does not v ...)
 	NOT-FOR-US: PETA (aka com.peta.android) application for Android
-CVE-2014-7003
+CVE-2014-7003 (The Goodwin (aka com.goodwin.Goodwin) application 1.15 for Android doe ...)
 	NOT-FOR-US: Goodwin (aka com.goodwin.Goodwin) application for Android
-CVE-2014-7002
+CVE-2014-7002 (The Sopexa Pavillon France (aka com.goomeoevents.pavillonfrance) appli ...)
 	NOT-FOR-US: Sopexa Pavillon France (aka com.goomeoevents.pavillonfrance) application for Android
-CVE-2014-7001
+CVE-2014-7001 (The Jian Ren (aka cn.sh.scustom.janren) application 1.5.1 for Android  ...)
 	NOT-FOR-US: Jian Ren (aka cn.sh.scustom.janren) application for Android
-CVE-2014-7000
+CVE-2014-7000 (The Paul Alexander Campaign (aka hr.apps.n51261427) application 4.5.8  ...)
 	NOT-FOR-US: Paul Alexander Campaign (aka hr.apps.n51261427) application for Android
-CVE-2014-6999
+CVE-2014-6999 (The Questoes OAB (aka com.pedefeijao.questoesoab) application oab_andr ...)
 	NOT-FOR-US: Questoes OAB (aka com.pedefeijao.questoesoab) application for Android
-CVE-2014-6998
+CVE-2014-6998 (The PinkFong TV (aka kr.co.smartstudy.pinkfongtv_android_googlemarket) ...)
 	NOT-FOR-US: PinkFong TV (aka kr.co.smartstudy.pinkfongtv_android_googlemarket) application for Android
-CVE-2014-6997
+CVE-2014-6997 (The Dino Village (aka com.tappocket.dinovillage) application 1.6 for A ...)
 	NOT-FOR-US: Dino Village (aka com.tappocket.dinovillage) application for Android
-CVE-2014-6996
+CVE-2014-6996 (The Martial Arts Battle Card (aka com.tapenjoy.zjh.tw) application 1.0 ...)
 	NOT-FOR-US: Martial Arts Battle Card (aka com.tapenjoy.zjh.tw) application for Android
-CVE-2014-6995
+CVE-2014-6995 (The adidas eyewear (aka com.adidasep.eyewear) application 1.2 for Andr ...)
 	NOT-FOR-US: adidas eyewear (aka com.adidasep.eyewear) application for Android
-CVE-2014-6994
+CVE-2014-6994 (The Atecea (aka com.atecea) application 1.2 for Android does not verif ...)
 	NOT-FOR-US: Atecea (aka com.atecea) application for Android
-CVE-2014-6993
+CVE-2014-6993 (The Codeeta Coupons (aka com.codeeta.promos) application 1.0.5 for And ...)
 	NOT-FOR-US: Codeeta Coupons (aka com.codeeta.promos) application for Android
-CVE-2014-6992
+CVE-2014-6992 (The Timeless Black (aka com.apptive.android.apps.timeless) application ...)
 	NOT-FOR-US: Timeless Black (aka com.apptive.android.apps.timeless) application for Android
-CVE-2014-6991
+CVE-2014-6991 (The LiveAuctions.tv (aka air.LiveAndroidMaxx) application 2.005 for An ...)
 	NOT-FOR-US: LiveAuctions.tv (aka air.LiveAndroidMaxx) application for Android
-CVE-2014-6990
+CVE-2014-6990 (The Albasit artes y danza (aka com.adianteventures.adianteapps.albasit ...)
 	NOT-FOR-US: Albasit artes y danza (aka com.adianteventures.adianteapps.albasit_artes_y_danza) application for Android
-CVE-2014-6989
+CVE-2014-6989 (The Germanwings (aka com.germanwings.android) application 2.1.13 for A ...)
 	NOT-FOR-US: Germanwings (aka com.germanwings.android) application for Android
-CVE-2014-6988
+CVE-2014-6988 (The Quotes in Images (aka pt.lumberapps.imagensfrases) application 3.7 ...)
 	NOT-FOR-US: Quotes in Images (aka pt.lumberapps.imagensfrases) application for Android
-CVE-2014-6987
+CVE-2014-6987 (The Mass Gaming TV (aka net.massgamers) application 1.0 for Android do ...)
 	NOT-FOR-US: Mass Gaming TV (aka net.massgamers) application for Android
-CVE-2014-6986
+CVE-2014-6986 (The Pregnancy Tips (aka com.rareartifact.tipsforpregnant71C80129) appl ...)
 	NOT-FOR-US: Pregnancy Tips (aka com.rareartifact.tipsforpregnant71C80129) application for Android
-CVE-2014-6985
+CVE-2014-6985 (The Georgia Packing (aka com.tapatalk.georgiapackingorg) application 3 ...)
 	NOT-FOR-US: Georgia Packing (aka com.tapatalk.georgiapackingorg) application for Android
-CVE-2014-6984
+CVE-2014-6984 (The Shots (aka com.shots.android) application 1.0.8 for Android does n ...)
 	NOT-FOR-US: Shots (aka com.shots.android) application for Android
-CVE-2014-6983
+CVE-2014-6983 (The NBE (aka com.nbe.app) application 1.1 for Android does not verify  ...)
 	NOT-FOR-US: NBE (aka com.nbe.app) application for Android
-CVE-2014-6982
+CVE-2014-6982 (The Arabic Troll Football (aka com.hamoosh.ArabicTrollFootball) applic ...)
 	NOT-FOR-US: Arabic Troll Football (aka com.hamoosh.ArabicTrollFootball) application for Android
-CVE-2014-6981
+CVE-2014-6981 (The Taiwan Business Bank (aka com.mitake.TBB) application 2.04 for And ...)
 	NOT-FOR-US: Taiwan Business Bank (aka com.mitake.TBB) application for Android
-CVE-2014-6980
+CVE-2014-6980 (The LINE PLAY (aka jp.naver.lineplay.android) application 2.3.1.1 for  ...)
 	NOT-FOR-US: LINE PLAY (aka jp.naver.lineplay.android) application for Android
-CVE-2014-6979
+CVE-2014-6979 (The MiWay Insurance Ltd (aka com.MiWay.MD) application 1.2 for Android ...)
 	NOT-FOR-US: MiWay Insurance Ltd (aka com.MiWay.MD) application for Android
-CVE-2014-6978
+CVE-2014-6978 (The Karim Rahal Essoulami (aka com.karim.rahal.essoulami.lcxogeyuiztee ...)
 	NOT-FOR-US: Karim Rahal Essoulami (aka com.karim.rahal.essoulami.lcxogeyuizteegxvnq) application for Android
-CVE-2014-6977
+CVE-2014-6977 (The eLearn (aka com.desire2learn.campuslife.chattanoogastate.edu.direc ...)
 	NOT-FOR-US: eLearn (aka com.desire2learn.campuslife.chattanoogastate.edu.directory) application for Android
-CVE-2014-6976
+CVE-2014-6976 (The Aeroexpress (aka ru.lynx.aero) application 2.6.2 for Android does  ...)
 	NOT-FOR-US: Aeroexpress (aka ru.lynx.aero) application for Android
-CVE-2014-6975
+CVE-2014-6975 (The Twin Lin (aka com.twinlin.twmo) application 5 for Android does not ...)
 	NOT-FOR-US: Twin Lin (aka com.twinlin.twmo) application for Android
-CVE-2014-6974
+CVE-2014-6974 (The MifaShow Hairstyles (aka com.mifashow) application 3.7 for Android ...)
 	NOT-FOR-US: MifaShow Hairstyles (aka com.mifashow) application for Android
-CVE-2014-6973
+CVE-2014-6973 (The Care4Kids (aka com.codetherapy.care4kids) application 1.03 for And ...)
 	NOT-FOR-US: Care4Kids (aka com.codetherapy.care4kids) application for Android
-CVE-2014-6972
+CVE-2014-6972 (The Kazakhstan Radio (aka com.wordbox.kazakhstanRadio) application 2.5 ...)
 	NOT-FOR-US: Kazakhstan Radio (aka com.wordbox.kazakhstanRadio) application for Android
-CVE-2014-6971
+CVE-2014-6971 (The Easy Video Downloader (aka com.simon.padillar.EasyVideo) applicati ...)
 	NOT-FOR-US: Easy Video Downloader (aka com.simon.padillar.EasyVideo) application for Android
-CVE-2014-6970
+CVE-2014-6970 (The North American Ismaili Games (aka hr.apps.n166983741) application  ...)
 	NOT-FOR-US: North American Ismaili Games (aka hr.apps.n166983741) application for Android
-CVE-2014-6969
+CVE-2014-6969 (The Deltin Suites (aka com.DeltinSuites) application 3.4.1 for Android ...)
 	NOT-FOR-US: Deltin Suites (aka com.DeltinSuites) application for Android
-CVE-2014-6968
+CVE-2014-6968 (The Grandma's Grotto (aka com.mobileappsuite.grandmasgrotto) applicati ...)
 	NOT-FOR-US: Grandma's Grotto (aka com.mobileappsuite.grandmasgrotto) application for Android
-CVE-2014-6967
+CVE-2014-6967 (The Albion College (aka com.vivomobile.albioncollege) application 2.1. ...)
 	NOT-FOR-US: Albion College (aka com.vivomobile.albioncollege) application for Android
-CVE-2014-6966
+CVE-2014-6966 (The West Bend School District (aka net.parentlink.westbend) applicatio ...)
 	NOT-FOR-US: West Bend School District (aka net.parentlink.westbend) application for Android
-CVE-2014-6965
+CVE-2014-6965 (The FAZ.NET (aka net.faz.FAZ) application 1.0.1 for Android does not v ...)
 	NOT-FOR-US: FAZ.NET (aka net.faz.FAZ) application for Android
-CVE-2014-6964
+CVE-2014-6964 (The Hanyang University Admissions (aka kr.ac.hanyang.planner) applicat ...)
 	NOT-FOR-US: Hanyang University Admissions (aka kr.ac.hanyang.planner) application for Android
-CVE-2014-6963
+CVE-2014-6963 (The feiron (aka es.sw.feironmobile.app) application 1.1 for Android do ...)
 	NOT-FOR-US: feiron (aka es.sw.feironmobile.app) application for Android
-CVE-2014-6962
+CVE-2014-6962 (The Elk Grove PublicStuff (aka com.wassabi.elkgrove) application 3.2 f ...)
 	NOT-FOR-US: Elk Grove PublicStuff (aka com.wassabi.elkgrove) application for Android
-CVE-2014-6961
+CVE-2014-6961 (The SudaniNet (aka com.sudaninet.wtwqiqbegq_btwlda) application 2.0 fo ...)
 	NOT-FOR-US: SudaniNet (aka com.sudaninet.wtwqiqbegq_btwlda) application for Android
-CVE-2014-6960
+CVE-2014-6960 (The Multitrac (aka com.multitrac) application 1.04 for Android does no ...)
 	NOT-FOR-US: Multitrac (aka com.multitrac) application for Android
-CVE-2014-6959
+CVE-2014-6959 (The QinCard (aka com.haowan.qincard) application 2.0 for Android does  ...)
 	NOT-FOR-US: QinCard (aka com.haowan.qincard) application for Android
-CVE-2014-6958
+CVE-2014-6958 (The ISMRM-ESMRMB 2014 (aka com.coreapps.android.followme.ismrm_esmrmb1 ...)
 	NOT-FOR-US: ISMRM-ESMRMB 2014 (aka com.coreapps.android.followme.ismrm_esmrmb14) application for Android
-CVE-2014-6957
+CVE-2014-6957 (The scottcolibmn (aka com.bredir.boopsie.scottlib) application 4.5.110 ...)
 	NOT-FOR-US: scottcolibmn (aka com.bredir.boopsie.scottlib) application for Android
-CVE-2014-6956
+CVE-2014-6956 (The Hydrogen Water (aka com.appzone628) application 1.0 for Android do ...)
 	NOT-FOR-US: Hydrogen Water (aka com.appzone628) application for Android
-CVE-2014-6955
+CVE-2014-6955 (The Le Grand Bleu (aka com.appzone468) application 1.0 for Android doe ...)
 	NOT-FOR-US: Le Grand Bleu (aka com.appzone468) application for Android
-CVE-2014-6954
+CVE-2014-6954 (The Deer Hunting Calls + Guide (aka com.anawaz.deerhuntingcalls.free)  ...)
 	NOT-FOR-US: Deer Hunting Calls + Guide (aka com.anawaz.deerhuntingcalls.free) application for Android
-CVE-2014-6953
+CVE-2014-6953 (The AFTERLIFE WITH ARCHIE (aka com.afterlifewitharchie.afterlifewithar ...)
 	NOT-FOR-US: AFTERLIFE WITH ARCHIE (aka com.afterlifewitharchie.afterlifewitharchie) application for Android
-CVE-2014-6952
+CVE-2014-6952 (The Manga Facts (aka app.mangafacts.ar) application 1.0 for Android do ...)
 	NOT-FOR-US: Manga Facts (aka app.mangafacts.ar) application for Android
-CVE-2014-6951
+CVE-2014-6951 (The OneFile Ignite (aka uk.co.onefile.ignite) application 1.19 for And ...)
 	NOT-FOR-US: OneFile Ignite (aka uk.co.onefile.ignite) application for Android
-CVE-2014-6950
+CVE-2014-6950 (The Mt. Airy News (aka com.soln.SBE4A803AD6430A6E9DBA5688AA644148) app ...)
 	NOT-FOR-US: Mt. Airy News (aka com.soln.SBE4A803AD6430A6E9DBA5688AA644148) application for Android
-CVE-2014-6949
+CVE-2014-6949 (The Akne Ernahrung (aka com.rareartifact.akneernahrung72010074) applic ...)
 	NOT-FOR-US: Akne Ernahrung (aka com.rareartifact.akneernahrung72010074) application for Android
-CVE-2014-6948
+CVE-2014-6948 (The TH3 professional Al Mohtarif (aka com.th3professional.almohtarif)  ...)
 	NOT-FOR-US: TH3 professional Al Mohtarif (aka com.th3professional.almohtarif) application for Android
-CVE-2014-6947
+CVE-2014-6947 (The Archie Comics (aka com.iversecomics.archie.android) application 1. ...)
 	NOT-FOR-US: Archie Comics (aka com.iversecomics.archie.android) application for Android
-CVE-2014-6946
+CVE-2014-6946 (The Re:kyu (aka com.appzone619) application 1.0 for Android does not v ...)
 	NOT-FOR-US: Re:kyu (aka com.appzone619) application for Android
-CVE-2014-6945
+CVE-2014-6945 (The Neeku Naaku Dash Dash (aka com.dakshaa.nndd) application 1.0 for A ...)
 	NOT-FOR-US: Neeku Naaku Dash Dash (aka com.dakshaa.nndd) application for Android
-CVE-2014-6944
+CVE-2014-6944 (The mitfahrgelegenheit.at (aka com.carpooling.android.at) application  ...)
 	NOT-FOR-US: mitfahrgelegenheit.at (aka com.carpooling.android.at) application for Android
-CVE-2014-6943
+CVE-2014-6943 (The Konigsleiten (aka com.knigsleiten) application 1.0 for Android doe ...)
 	NOT-FOR-US: Konigsleiten (aka com.knigsleiten) application for Android
-CVE-2014-6942
+CVE-2014-6942 (The Alisha Marie (Unofficial) (aka com.automon.ay.alisha.marie) applic ...)
 	NOT-FOR-US: Alisha Marie (Unofficial) (aka com.automon.ay.alisha.marie) application for Android
-CVE-2014-6941
+CVE-2014-6941 (The NOS Alive (aka pt.optimus.optimusalive2011) application 5.1 for An ...)
 	NOT-FOR-US: NOS Alive (aka pt.optimus.optimusalive2011) application for Android
-CVE-2014-6940
+CVE-2014-6940 (The Absolute Lending Solutions (aka com.soln.S008F6C05EC0B63264B429F6D ...)
 	NOT-FOR-US: Absolute Lending Solutions (aka com.soln.S008F6C05EC0B63264B429F6D76286562) application for Android
-CVE-2014-6939
+CVE-2014-6939 (The Sketch W Friends FREE -Tablets (aka air.com.xlabz.SketchWFriendsFr ...)
 	NOT-FOR-US: Sketch W Friends FREE -Tablets (aka air.com.xlabz.SketchWFriendsFree) application for Android
-CVE-2014-6938
+CVE-2014-6938 (The Apostilas musicais (aka com.apostilas) application 1.0 for Android ...)
 	NOT-FOR-US: Apostilas musicais (aka com.apostilas) application for Android
-CVE-2014-6937
+CVE-2014-6937 (The China CITIC Bank Credit Card (aka com.citiccard.mobilebank) applic ...)
 	NOT-FOR-US: China CITIC Bank Credit Card (aka com.citiccard.mobilebank) application for Android
-CVE-2014-6936
+CVE-2014-6936 (The IDS 2013 (aka de.mobileeventguide.ids2013) application 1.21 for An ...)
 	NOT-FOR-US: IDS 2013 (aka de.mobileeventguide.ids2013) application for Android
-CVE-2014-6935
+CVE-2014-6935 (The ColorMania - Color Quiz Game (aka com.ColormaniaColoringGames) app ...)
 	NOT-FOR-US: ColorMania - Color Quiz Game (aka com.ColormaniaColoringGames) application for Android
-CVE-2014-6934
+CVE-2014-6934 (The Physics Chemistry Biology Quiz (aka com.pdevsmcqs.pcbmcqseries) ap ...)
 	NOT-FOR-US: Physics Chemistry Biology Quiz (aka com.pdevsmcqs.pcbmcqseries) application for Android
-CVE-2014-6933
+CVE-2014-6933 (The Toraware Takojyou (aka ltd.pte.wavea.torawaretakojyou) application ...)
 	NOT-FOR-US: Toraware Takojyou (aka ltd.pte.wavea.torawaretakojyou) application for Android
-CVE-2014-6932
+CVE-2014-6932 (The All Navalny (aka com.all.navalny) application 1.10 for Android doe ...)
 	NOT-FOR-US: All Navalny (aka com.all.navalny) application for Android
-CVE-2014-6931
+CVE-2014-6931 (The Treves Dance Center (aka com.myapphone.android.myapptrvesdancecent ...)
 	NOT-FOR-US: Treves Dance Center (aka com.myapphone.android.myapptrvesdancecenter) application for Android
-CVE-2014-6930
+CVE-2014-6930 (The Abram Radio Groove! (aka com.nobexinc.wls_79226887.rc) application ...)
 	NOT-FOR-US: Abram Radio Groove! (aka com.nobexinc.wls_79226887.rc) application for Android
-CVE-2014-6929
+CVE-2014-6929 (The AIHce 2014 (aka com.coreapps.android.followme.aihce2014) applicati ...)
 	NOT-FOR-US: AIHce 2014 (aka com.coreapps.android.followme.aihce2014) application for Android
-CVE-2014-6928
+CVE-2014-6928 (The Rastreador de Celulares (aka com.mobincube.android.sc_9KTH8) appli ...)
 	NOT-FOR-US: Rastreador de Celulares (aka com.mobincube.android.sc_9KTH8) application for Android
-CVE-2014-6927
+CVE-2014-6927 (The Myanmar Housing : mmHome (aka com.mmhome3) application 1.3 for And ...)
 	NOT-FOR-US: Myanmar Housing : mmHome (aka com.mmhome3) application for Android
-CVE-2014-6926
+CVE-2014-6926 (The Allt om Brollop (aka com.paperton.wl.alltombrollop) application 1. ...)
 	NOT-FOR-US: Allt om Brollop (aka com.paperton.wl.alltombrollop) application for Android
-CVE-2014-6925
+CVE-2014-6925 (The Steyr Forum (aka com.tapatalk.steyrclubcomvb) application 3.9.12 f ...)
 	NOT-FOR-US: Steyr Forum (aka com.tapatalk.steyrclubcomvb) application for Android
-CVE-2014-6924
+CVE-2014-6924 (The Metro News (aka com.netpia.ha.metro) application 1.6.5 for Android ...)
 	NOT-FOR-US: Metro News (aka com.netpia.ha.metro) application for Android
-CVE-2014-6923
+CVE-2014-6923 (The Dubrovnik Guided Walking Tours (aka com.mytoursapp.android.app351) ...)
 	NOT-FOR-US: Dubrovnik Guided Walking Tours (aka com.mytoursapp.android.app351) application for Android
-CVE-2014-6922
+CVE-2014-6922 (The KFAI Community Radio (aka com.skyblue.pra.kfai) application 2.0.4  ...)
 	NOT-FOR-US: KFAI Community Radio (aka com.skyblue.pra.kfai) application for Android
-CVE-2014-6921
+CVE-2014-6921 (The Buckhorn Grill (aka com.orderingapps.buckhorn) application 2.8 for ...)
 	NOT-FOR-US: Buckhorn Grill (aka com.orderingapps.buckhorn) application for Android
-CVE-2014-6920
+CVE-2014-6920 (The Canal 44 (aka com.canal.canal44) application 1.0 for Android does  ...)
 	NOT-FOR-US: Canal 44 (aka com.canal.canal44) application for Android
-CVE-2014-6919
+CVE-2014-6919 (The Metalcasting Newsstand (aka air.com.yudu.ReaderAIR3017071) applica ...)
 	NOT-FOR-US: Metalcasting Newsstand (aka air.com.yudu.ReaderAIR3017071) application for Android
-CVE-2014-6918
+CVE-2014-6918 (The Bikers Underground (aka hr.ap.n66871172) application 4.5.10 for An ...)
 	NOT-FOR-US: Bikers Underground (aka hr.ap.n66871172) application for Android
-CVE-2014-6917
+CVE-2014-6917 (The www.knote.kr Smart (aka kr.or.knote.android) application 1.0.3 for ...)
 	NOT-FOR-US: www.knote.kr Smart (aka kr.or.knote.android) application for Android
-CVE-2014-6916
+CVE-2014-6916 (The mama.cn (aka cn.ziipin.mama.ui) application 1.02 for Android does  ...)
 	NOT-FOR-US: mama.cn (aka cn.ziipin.mama.ui) application for Android
 CVE-2014-6915
 	REJECTED
-CVE-2014-6914
+CVE-2014-6914 (The Houcine El Jasmi (aka com.devkhr31.houcineeljasmi) application 1.0 ...)
 	NOT-FOR-US: Houcine El Jasmi (aka com.devkhr31.houcineeljasmi) application for Android
-CVE-2014-6913
+CVE-2014-6913 (The Dive The World (aka com.paperton.wl.divetheworld) application 1.53 ...)
 	NOT-FOR-US: Dive The World (aka com.paperton.wl.divetheworld) application for Android
-CVE-2014-6912
+CVE-2014-6912 (The IRA's 59th Annual Conference (aka com.coreapps.android.followme.ir ...)
 	NOT-FOR-US: IRA's 59th Annual Conference (aka com.coreapps.android.followme.ira_14) application for Android
-CVE-2014-6911
+CVE-2014-6911 (The diziturky HD 2015 (aka com.adv.diziturky) application 2014 for And ...)
 	NOT-FOR-US: diziturky HD 2015 (aka com.adv.diziturky) application for Android
-CVE-2014-6910
+CVE-2014-6910 (The MemorizeIt! (aka com.kshinenterprises.kshinent.memorizeit) applica ...)
 	NOT-FOR-US: MemorizeIt! (aka com.kshinenterprises.kshinent.memorizeit) application for Android
-CVE-2014-6909
+CVE-2014-6909 (The Coca-Cola FM Peru (aka com.enyetech.radio.coca_cola.fm_pe) applica ...)
 	NOT-FOR-US: Coca-Cola FM Peru (aka com.enyetech.radio.coca_cola.fm_pe) application for Android
-CVE-2014-6908
+CVE-2014-6908 (The Forum IC (aka com.tapatalk.forumimmigrercom) application 3.3.12 fo ...)
 	NOT-FOR-US: Forum IC (aka com.tapatalk.forumimmigrercom) application for Android
-CVE-2014-6907
+CVE-2014-6907 (The Rakuten Install (aka co.jp.rakuten.installapp) application 1.5.0 f ...)
 	NOT-FOR-US: Rakuten Install (aka co.jp.rakuten.installapp) application for Android
-CVE-2014-6906
+CVE-2014-6906 (The Loli Chocolate Cake (aka com.alison.kang.chocolatecake) applicatio ...)
 	NOT-FOR-US: Loli Chocolate Cake (aka com.alison.kang.chocolatecake) application for Android
-CVE-2014-6905
+CVE-2014-6905 (The H2O Human Harmony Organization (aka com.netpia.ha.theh2o) applicat ...)
 	NOT-FOR-US: H2O Human Harmony Organization (aka com.netpia.ha.theh2o) application for Android
-CVE-2014-6904
+CVE-2014-6904 (The Safe Browser - The Web Filter (aka com.cloudacl) application 1.2.5 ...)
 	NOT-FOR-US: Safe Browser - The Web Filter (aka com.cloudacl) application for Android
-CVE-2014-6903
+CVE-2014-6903 (The Gulf Power Mobile Bill Pay (aka com.tionetworks.gulf) application  ...)
 	NOT-FOR-US: Gulf Power Mobile Bill Pay (aka com.tionetworks.gulf) application for Android
-CVE-2014-6902
+CVE-2014-6902 (The Anjuke (aka com.anjuke.android.app) application 7.1.7 for Android  ...)
 	NOT-FOR-US: Anjuke (aka com.anjuke.android.app) application for Android
-CVE-2014-6901
+CVE-2014-6901 (The RADIOS DEL ECUADOR (aka com.nobexinc.wls_87612622.rc) application  ...)
 	NOT-FOR-US: RADIOS DEL ECUADOR (aka com.nobexinc.wls_87612622.rc) application for Android
-CVE-2014-6900
+CVE-2014-6900 (The EAGE Amsterdam 2014 (aka com.coreapps.android.followme.eage_2014)  ...)
 	NOT-FOR-US: EAGE Amsterdam 2014 (aka com.coreapps.android.followme.eage_2014) application for Android
-CVE-2014-6899
+CVE-2014-6899 (The Jazeera Airways (aka com.winit.jazeeraairways) application 2.7 for ...)
 	NOT-FOR-US: Jazeera Airways (aka com.winit.jazeeraairways) application for Android
-CVE-2014-6898
+CVE-2014-6898 (The Boopsie MyLibrary (aka com.bredir.boopsie.mylibrary) application 4 ...)
 	NOT-FOR-US: Boopsie MyLibrary (aka com.bredir.boopsie.mylibrary) application for Android
-CVE-2014-6897
+CVE-2014-6897 (The Skyrim Map (aka com.neko.skyrimmap) application 2.1 for Android do ...)
 	NOT-FOR-US: Skyrim Map (aka com.neko.skyrimmap) application for Android
-CVE-2014-6896
+CVE-2014-6896 (The Yik Yak (aka com.yik.yak) application 2.0.002 for Android does not ...)
 	NOT-FOR-US: Yik Yak (aka com.yik.yak) application for Android
-CVE-2014-6895
+CVE-2014-6895 (The Throne Rush (aka com.progrestar.bft) application 2.3.10 for Androi ...)
 	NOT-FOR-US: Throne Rush (aka com.progrestar.bft) application for Android
-CVE-2014-6894
+CVE-2014-6894 (The Lucktastic (aka com.lucktastic.scratch) application 1.2.6 for Andr ...)
 	NOT-FOR-US: Lucktastic (aka com.lucktastic.scratch) application for Android
-CVE-2014-6893
+CVE-2014-6893 (The Pushpins Grocery Coupons (aka com.pushpinsapp.pushpins) applicatio ...)
 	NOT-FOR-US: Pushpins Grocery Coupons (aka com.pushpinsapp.pushpins) application for Android
-CVE-2014-6892
+CVE-2014-6892 (The kalahari.com Shopping (aka com.kalahari.shop) application 1.4.2.1  ...)
 	NOT-FOR-US: kalahari.com Shopping (aka com.kalahari.shop) application for Android
-CVE-2014-6891
+CVE-2014-6891 (The Vodafone Avantaj Cepte (aka com.vodafone.avantajcepte.main) applic ...)
 	NOT-FOR-US: Vodafone Avantaj Cepte (aka com.vodafone.avantajcepte.main) application for Android
-CVE-2014-6890
+CVE-2014-6890 (The CouponCabin - Coupons &amp; Deals (aka com.couponcabin) applicatio ...)
 	NOT-FOR-US: CouponCabin - Coupons & Deals (aka com.couponcabin) application for Android
-CVE-2014-6889
+CVE-2014-6889 (The GunBroker.com (aka com.gunbroker.android) application 1.1.2 for An ...)
 	NOT-FOR-US: GunBroker.com (aka com.gunbroker.android) application for Android
-CVE-2014-6888
+CVE-2014-6888 (The PennyTalk Mobile (aka net.idt.pennytalk.android) application 2.0.3 ...)
 	NOT-FOR-US: PennyTalk Mobile (aka net.idt.pennytalk.android) application for Android
-CVE-2014-6887
+CVE-2014-6887 (The EXPRESS (aka com.gpshopper.express.android) application 2.5.3 for  ...)
 	NOT-FOR-US: EXPRESS (aka com.gpshopper.express.android) application for Android
-CVE-2014-6886
+CVE-2014-6886 (The WePhone - phone calls vs skype (aka com.wephoneapp) application 1. ...)
 	NOT-FOR-US: WePhone - phone calls vs skype (aka com.wephoneapp) application for Android
-CVE-2014-6885
+CVE-2014-6885 (The Academy Sports + Outdoors Visa (aka com.usbank.icsmobile.academysp ...)
 	NOT-FOR-US: Academy Sports + Outdoors Visa (aka com.usbank.icsmobile.academysports) application for Android
-CVE-2014-6884
+CVE-2014-6884 (The Ford Credit Account Manager (aka com.fordcredit.accountmanager) ap ...)
 	NOT-FOR-US: Ford Credit Account Manager (aka com.fordcredit.accountmanager) application for Android
-CVE-2014-6883
+CVE-2014-6883 (The CNNMoney Portfolio for stocks (aka com.cnn.portfolio) application  ...)
 	NOT-FOR-US: CNNMoney Portfolio for stocks (aka com.cnn.portfolio) application for Android
-CVE-2014-6882
+CVE-2014-6882 (The Western Federal Credit Union (aka com.kerrata.pulse.western) appli ...)
 	NOT-FOR-US: Western Federal Credit Union (aka com.kerrata.pulse.western) application for Android
-CVE-2014-6881
+CVE-2014-6881 (The PNC Virtual Wallet (aka com.pnc.ecommerce.mobile.vw.android) appli ...)
 	NOT-FOR-US: PNC Virtual Wallet (aka com.pnc.ecommerce.mobile.vw.android) application for Android
-CVE-2014-6880
+CVE-2014-6880 (The TradeHero (aka com.tradehero.th) application 2.2.5 for Android doe ...)
 	NOT-FOR-US: TradeHero (aka com.tradehero.th) application for Android
-CVE-2014-6879
+CVE-2014-6879 (The Equifax Mobile (aka com.equifax) application 1.5 for Android does  ...)
 	NOT-FOR-US: Equifax Mobile (aka com.equifax) application for Android
-CVE-2014-6878
+CVE-2014-6878 (The RBFCU Mobile (aka com.Vertifi.DeposZip.P314089681) application 3.1 ...)
 	NOT-FOR-US: RBFCU Mobile (aka com.Vertifi.DeposZip.P314089681) application for Android
-CVE-2014-6877
+CVE-2014-6877 (The Santander Personal Banking (aka com.sovereign.santander) applicati ...)
 	NOT-FOR-US: Santander Personal Banking (aka com.sovereign.santander) application for Android
-CVE-2014-6876
+CVE-2014-6876 (The American Express Serve (aka com.serve.mobile) application @7F0901E ...)
 	NOT-FOR-US: American Express Serve (aka com.serve.mobile) application for Android
-CVE-2014-6875
+CVE-2014-6875 (The Woodforest Mobile Banking (aka com.woodforest) application 3.1 for ...)
 	NOT-FOR-US: Woodforest Mobile Banking (aka com.woodforest) application for Android
-CVE-2014-6874
+CVE-2014-6874 (The ModSim Connected (aka com.concursive.modsim) application 2.0 for A ...)
 	NOT-FOR-US: ModSim Connected (aka com.concursive.modsim) application for Android
-CVE-2014-6873
+CVE-2014-6873 (The AMGC (aka com.amec.uae) application 6.0 for Android does not verif ...)
 	NOT-FOR-US: AMGC (aka com.amec.uae) application for Android
-CVE-2014-6872
+CVE-2014-6872 (The TTNET Muzik (aka com.ttnet.muzik) application 3.2 for Android does ...)
 	NOT-FOR-US: TTNET Muzik (aka com.ttnet.muzik) application for Android
-CVE-2014-6871
+CVE-2014-6871 (The Hogs Fly Crazy (aka com.pedrojayme.hogsflycrazy) application 1.0.0 ...)
 	NOT-FOR-US: Hogs Fly Crazy (aka com.pedrojayme.hogsflycrazy) application for Android
-CVE-2014-6870
+CVE-2014-6870 (The BGEnergy (aka com.bluegrass.smartapps) application 1.153.0034 for  ...)
 	NOT-FOR-US: BGEnergy (aka com.bluegrass.smartapps) application for Android
-CVE-2014-6869
+CVE-2014-6869 (The barcode scanner (aka tw.com.books.android.plus) application 2.3.0  ...)
 	NOT-FOR-US: barcode scanner (aka tw.com.books.android.plus) application for Android
-CVE-2014-6868
+CVE-2014-6868 (The DS audio (aka com.synology.DSaudio) application 3.4 for Android do ...)
 	NOT-FOR-US: DS audio (aka com.synology.DSaudio) application for Android
-CVE-2014-6867
+CVE-2014-6867 (The Sortir en Alsace (aka com.axessweb.sortirenalsace) application 0.5 ...)
 	NOT-FOR-US: Sortir en Alsace (aka com.axessweb.sortirenalsace) application for Android
-CVE-2014-6866
+CVE-2014-6866 (The HomeAdvisor Mobile (aka com.servicemagic.consumer) application 3.0 ...)
 	NOT-FOR-US: HomeAdvisor Mobile (aka com.servicemagic.consumer) application for Android
-CVE-2014-6865
+CVE-2014-6865 (The Jamal Bates Show (aka com.conduit.app_3a95e13827c54c4da9056fafb33e ...)
 	NOT-FOR-US: Jamal Bates Show (aka com.conduit.app_3a95e13827c54c4da9056fafb33ecc8d.app) application for Android
-CVE-2014-6864
+CVE-2014-6864 (The Forest River Forums (aka com.socialknowledge.forestriverforums) ap ...)
 	NOT-FOR-US: Forest River Forums (aka com.socialknowledge.forestriverforums) application for Android
-CVE-2014-6863
+CVE-2014-6863 (The Mootorratturid &amp; biker.ee (aka ee.digitalfruit.mootorratturid) ...)
 	NOT-FOR-US: Mootorratturid & biker.ee (aka ee.digitalfruit.mootorratturid) application for Android
-CVE-2014-6862
+CVE-2014-6862 (The ArtAcces (aka cat.gencat.mobi.artacces) application 1.0 for Androi ...)
 	NOT-FOR-US: ArtAcces (aka cat.gencat.mobi.artacces) application for Android
-CVE-2014-6861
+CVE-2014-6861 (The Terrarienbilder.com Forum (aka com.tapatalk.terrarienbildercomvb)  ...)
 	NOT-FOR-US: Terrarienbilder.com Forum (aka com.tapatalk.terrarienbildercomvb) application for Android
-CVE-2014-6860
+CVE-2014-6860 (The Trial Tracker (aka com.etcweb.android.trial_tracker) application 1 ...)
 	NOT-FOR-US: Trial Tracker (aka com.etcweb.android.trial_tracker) application for Android
-CVE-2014-6859
+CVE-2014-6859 (The Daum Maps - Subway (aka net.daum.android.map) application 3.9.1 fo ...)
 	NOT-FOR-US: Daum Maps - Subway (aka net.daum.android.map) application for Android
-CVE-2014-6858
+CVE-2014-6858 (The Mostafa Shemeas (aka com.mostafa.shemeas.website) application 1.0  ...)
 	NOT-FOR-US: Mostafa Shemeas (aka com.mostafa.shemeas.website) application for Android
-CVE-2014-6857
+CVE-2014-6857 (The Car Wallpapers HD (aka com.arab4x4.gallery.app) application 1.3 fo ...)
 	NOT-FOR-US: Car Wallpapers HD (aka com.arab4x4.gallery.app) application for Android
-CVE-2014-6856
+CVE-2014-6856 (The AHRAH (aka com.vet2pet.aid219426) application 219426 for Android d ...)
 	NOT-FOR-US: AHRAH (aka com.vet2pet.aid219426) application for Android
-CVE-2014-6855
+CVE-2014-6855 (The Long (aka com.imop.longjiang.android) application 1.0.4 for Androi ...)
 	NOT-FOR-US: Long (aka com.imop.longjiang.android) application for Android
-CVE-2014-6854
+CVE-2014-6854 (The EyeXam (aka com.globaleyeventures.eyexam) application 1.4 for Andr ...)
 	NOT-FOR-US: EyeXam (aka com.globaleyeventures.eyexam) application for Android
-CVE-2014-6853
+CVE-2014-6853 (The Foxit MobilePDF - PDF Reader (aka com.foxit.mobile.pdf.lite) appli ...)
 	NOT-FOR-US: Foxit MobilePDF - PDF Reader (aka com.foxit.mobile.pdf.lite) application for Android
-CVE-2014-6852
+CVE-2014-6852 (The LedLine.gr Official (aka com.automon.ledline.gr) application 1.4.0 ...)
 	NOT-FOR-US: LedLine.gr Official (aka com.automon.ledline.gr) application for Android
-CVE-2014-6851
+CVE-2014-6851 (The New Beginnings CFC (aka com.goodbarber.nbcfc) application 1.1 for  ...)
 	NOT-FOR-US: New Beginnings CFC (aka com.goodbarber.nbcfc) application for Android
-CVE-2014-6850
+CVE-2014-6850 (The SED Account (aka com.starkville.smartapps) application 1.153.0034  ...)
 	NOT-FOR-US: SED Account (aka com.starkville.smartapps) application for Android
 CVE-2014-6849
 	REJECTED
-CVE-2014-6848
+CVE-2014-6848 (The DS file (aka com.synology.DSfile) application 4.1.1 for Android do ...)
 	NOT-FOR-US: DS file (aka com.synology.DSfile) application for Android
-CVE-2014-6847
+CVE-2014-6847 (The Horoscopes and Dreams (aka com.horoscopesanddreams) application 1. ...)
 	NOT-FOR-US: Horoscopes and Dreams (aka com.horoscopesanddreams) application for Android
-CVE-2014-6846
+CVE-2014-6846 (The Four Seasons Beverly Hills (aka com.intelitycorp.FourSeasons.andro ...)
 	NOT-FOR-US: Four Seasons Beverly Hills (aka com.intelitycorp.FourSeasons.android.ice) application for Android
-CVE-2014-6845
+CVE-2014-6845 (The MediaFire (aka com.mediafire.android) application 1.1.1 for Androi ...)
 	NOT-FOR-US: MediaFire (aka com.mediafire.android) application for Android
-CVE-2014-6844
+CVE-2014-6844 (The ABC Song (aka com.tabtale.abcsingalong) application 1.0.0 for Andr ...)
 	NOT-FOR-US: ABC Song (aka com.tabtale.abcsingalong) application for Android
-CVE-2014-6843
+CVE-2014-6843 (The Sweatshop (aka com.orderingapps.sweatshop) application 2.96 for An ...)
 	NOT-FOR-US: Sweatshop (aka com.orderingapps.sweatshop) application for Android
-CVE-2014-6842
+CVE-2014-6842 (The Daily Advertiser Print (aka com.lafayettedailyadv.android.prod) ap ...)
 	NOT-FOR-US: Daily Advertiser Print (aka com.lafayettedailyadv.android.prod) application for Android
-CVE-2014-6841
+CVE-2014-6841 (The RTI INDIA (aka com.vbulletin.build_890) application 3.8.21 for And ...)
 	NOT-FOR-US: RTI INDIA (aka com.vbulletin.build_890) application for Android
-CVE-2014-6840
+CVE-2014-6840 (The My Wedding Planner (aka app.wedding) application 1.5 for Android d ...)
 	NOT-FOR-US: My Wedding Planner (aka app.wedding) application for Android
-CVE-2014-6839
+CVE-2014-6839 (The Alma Corinthiana (aka com.alma.corinthiana) application 1.0 for An ...)
 	NOT-FOR-US: Alma Corinthiana (aka com.alma.corinthiana) application for Android
-CVE-2014-6838
+CVE-2014-6838 (The Groupama toujours la (aka com.groupama.toujoursla) application 1.3 ...)
 	NOT-FOR-US: Groupama toujours la (aka com.groupama.toujoursla) application for Android
-CVE-2014-6837
+CVE-2014-6837 (The Hillside (aka com.hillside.hermanus) application 1.1 for Android d ...)
 	NOT-FOR-US: Hillside (aka com.hillside.hermanus) application for Android
-CVE-2014-6836
+CVE-2014-6836 (The DS photo+ (aka com.synology.dsphoto) application 3.3 for Android d ...)
 	NOT-FOR-US: DS photo+ (aka com.synology.dsphoto) application for Android
-CVE-2014-6835
+CVE-2014-6835 (The Herbal Guide (aka com.pocket.herbal.guide) application 1.0 for And ...)
 	NOT-FOR-US: Herbal Guide (aka com.pocket.herbal.guide) application for Android
-CVE-2014-6834
+CVE-2014-6834 (The Instaroid - Instagram Viewer (aka net.muik.instaroid) application  ...)
 	NOT-FOR-US: Instaroid - Instagram Viewer (aka net.muik.instaroid) application for Android
-CVE-2014-6833
+CVE-2014-6833 (The AuctionTrac Dealer (aka com.adesa.dealer.phone) application 2.0.3  ...)
 	NOT-FOR-US: AuctionTrac Dealer (aka com.adesa.dealer.phone) application for Android
-CVE-2014-6832
+CVE-2014-6832 (The Bersa Forum (aka com.gcspublishing.bersaforum) application 3.9.16  ...)
 	NOT-FOR-US: Bersa Forum (aka com.gcspublishing.bersaforum) application for Android
-CVE-2014-6831
+CVE-2014-6831 (The Hippo Studio (aka com.appgreen.hippostudio) application 1.0 for An ...)
 	NOT-FOR-US: Hippo Studio (aka com.appgreen.hippostudio) application for Android
-CVE-2014-6830
+CVE-2014-6830 (The Covet Fashion - Shopping Game (aka com.crowdstar.covetfashion) app ...)
 	NOT-FOR-US: Covet Fashion - Shopping Game (aka com.crowdstar.covetfashion) application for Android
-CVE-2014-6829
+CVE-2014-6829 (The Hook (aka com.hook.android) application 0.9.3 for Android does not ...)
 	NOT-FOR-US: Hook (aka com.hook.android) application for Android
-CVE-2014-6828
+CVE-2014-6828 (The Gulf Credit Union (aka Fi_Mobile.Gulf) application 1.1 for Android ...)
 	NOT-FOR-US: Gulf Credit Union (aka Fi_Mobile.Gulf) application for Android
-CVE-2014-6827
+CVE-2014-6827 (The DK ONLINE Beta (aka com.sgmobile.dkonline) application 1.0.2 for A ...)
 	NOT-FOR-US: DK ONLINE Beta (aka com.sgmobile.dkonline) application for Android
-CVE-2014-6826
+CVE-2014-6826 (The Tic-Tac To The MAX FREE (aka com.tothemax) application 1.2 for And ...)
 	NOT-FOR-US: Tic-Tac To The MAX FREE (aka com.tothemax) application for Android
-CVE-2014-6825
+CVE-2014-6825 (The Teatro Franco Parenti (aka com.mintlab.mx.teatroparenti) applicati ...)
 	NOT-FOR-US: Teatro Franco Parenti (aka com.mintlab.mx.teatroparenti) application for Android
-CVE-2014-6824
+CVE-2014-6824 (The kamkomesan (aka com.anek.kamkomesan) application 1.0 for Android d ...)
 	NOT-FOR-US: kamkomesan (aka com.anek.kamkomesan) application for Android
-CVE-2014-6823
+CVE-2014-6823 (The kuailecaidengmi (aka com.licai.kuailecaidengmi) application 1.7.12 ...)
 	NOT-FOR-US: kuailecaidengmi (aka com.licai.kuailecaidengmi) application for Android
-CVE-2014-6822
+CVE-2014-6822 (The Nerdico (aka com.nerdico.danielepais) application 1.9 Stable for A ...)
 	NOT-FOR-US: Nerdico (aka com.nerdico.danielepais) application for Android
-CVE-2014-6821
+CVE-2014-6821 (The voetbal (aka nl.jborsje.android.voetbal.az) application 4.7.2 for  ...)
 	NOT-FOR-US: voetbal (aka nl.jborsje.android.voetbal.az) application for Android
-CVE-2014-6820
+CVE-2014-6820 (The Amebra Ameba (aka jp.honeytrap15.amebra) application 1.0.0 for And ...)
 	NOT-FOR-US: Amebra Ameba (aka jp.honeytrap15.amebra) application for Android
-CVE-2014-6819
+CVE-2014-6819 (The Lapp Group Catalogue (aka com.prinovis.LappKabel) application 1.4  ...)
 	NOT-FOR-US: Lapp Group Catalogue (aka com.prinovis.LappKabel) application for Android
-CVE-2014-6818
+CVE-2014-6818 (The OHBM 20th Annual Meeting (aka com.coreapps.android.followme.ohbm20 ...)
 	NOT-FOR-US: OHBM 20th Annual Meeting (aka com.coreapps.android.followme.ohbm2014) application for Android
-CVE-2014-6817
+CVE-2014-6817 (The Cove (aka org.covechurch.app) application 1.0.2 for Android does n ...)
 	NOT-FOR-US: Cove (aka org.covechurch.app) application for Android
-CVE-2014-6816
+CVE-2014-6816 (The WISDOM (aka lvtu99.com.nescmxiaoniuniu) application 2.1 for Androi ...)
 	NOT-FOR-US: WISDOM (aka lvtu99.com.nescmxiaoniuniu) application for Android
-CVE-2014-6815
+CVE-2014-6815 (The Vouch! (aka com.voucherry.voucherry) application 2.1.6 for Android ...)
 	NOT-FOR-US: Vouch! (aka com.voucherry.voucherry) application for Android
-CVE-2014-6814
+CVE-2014-6814 (The Sentinels Randomizer (aka com.mikehipps.sentinelsrandomizer) appli ...)
 	NOT-FOR-US: Sentinels Randomizer (aka com.mikehipps.sentinelsrandomizer) application for Android
-CVE-2014-6813
+CVE-2014-6813 (The klassens (aka com.mcreda.klassens.apps) application 1.0 for Androi ...)
 	NOT-FOR-US: klassens (aka com.mcreda.klassens.apps) application for Android
-CVE-2014-6812
+CVE-2014-6812 (The Aloha Guide (aka com.aloha.guide.english) application 1.5 for Andr ...)
 	NOT-FOR-US: Aloha Guide (aka com.aloha.guide.english) application for Android
 CVE-2014-6811
 	REJECTED
-CVE-2014-6810
+CVE-2014-6810 (The RIMS 2014 Annual Conference (aka com.coreapps.android.followme.rim ...)
 	NOT-FOR-US: RIMS 2014 Annual Conference (aka com.coreapps.android.followme.rims2014) application for Android
 CVE-2014-6809
 	REJECTED
-CVE-2014-6808
+CVE-2014-6808 (The Active 24 (aka com.zentity.app.active24) application 1.0.1 for And ...)
 	NOT-FOR-US: Active 24 (aka com.zentity.app.active24) application for Android
-CVE-2014-6807
+CVE-2014-6807 (The OLA School (aka com.conduit.app_00f9890a4f0145f2aae9d714e20b273a.a ...)
 	NOT-FOR-US: OLA School (aka com.conduit.app_00f9890a4f0145f2aae9d714e20b273a.app) application for Android
-CVE-2014-6806
+CVE-2014-6806 (The Thanodi - Setswana Translator (aka com.thanodi.thanodi) applicatio ...)
 	NOT-FOR-US: Thanodi - Setswana Translator (aka com.thanodi.thanodi) application for Android
-CVE-2014-6805
+CVE-2014-6805 (The weibo (aka magic.weibo) application 1.2 for Android does not verif ...)
 	NOT-FOR-US: weibo (aka magic.weibo) application for Android
-CVE-2014-6804
+CVE-2014-6804 (The Deschutes Public MobileLibrary (aka com.bredir.boopsie.deschutes)  ...)
 	NOT-FOR-US: Deschutes Public MobileLibrary (aka com.bredir.boopsie.deschutes) application for Android
-CVE-2014-6803
+CVE-2014-6803 (The Bank of Moscow EIRTS Rent (aka ru.bm.rbs.android) application 1.0. ...)
 	NOT-FOR-US: Bank of Moscow EIRTS Rent (aka ru.bm.rbs.android) application for Android
-CVE-2014-6802
+CVE-2014-6802 (The First Assembly NLR (aka com.subsplash.thechurchapp.firstassemblynl ...)
 	NOT-FOR-US: First Assembly NLR (aka com.subsplash.thechurchapp.firstassemblynlr) application for Android
-CVE-2014-6801
+CVE-2014-6801 (The frank matano (aka com.frank.matano) application 1.0 for Android do ...)
 	NOT-FOR-US: frank matano (aka com.frank.matano) application for Android
-CVE-2014-6800
+CVE-2014-6800 (The Bloom Township 206 (aka net.parentlink.bloom) application 4.0.500  ...)
 	NOT-FOR-US: Bloom Township 206 (aka net.parentlink.bloom) application for Android
-CVE-2014-6799
+CVE-2014-6799 (The Investigation Tool (aka gov.ca.post.lp.itool) application 1.0.0 fo ...)
 	NOT-FOR-US: Investigation Tool (aka gov.ca.post.lp.itool) application for Android
-CVE-2014-6798
+CVE-2014-6798 (The McMaster Marauders (aka com.weever.marauders) application 1.0.1 fo ...)
 	NOT-FOR-US: McMaster Marauders (aka com.weever.marauders) application for Android
-CVE-2014-6797
+CVE-2014-6797 (The Abu Ali Anasheeds (aka com.faapps.abuali_anasheeds) application 1. ...)
 	NOT-FOR-US: Abu Ali Anasheeds (aka com.faapps.abuali_anasheeds) application for Android
-CVE-2014-6796
+CVE-2014-6796 (The LocalSense (aka com.LocalSense) application 1.2.1 for Android does ...)
 	NOT-FOR-US: LocalSense (aka com.LocalSense) application for Android
-CVE-2014-6795
+CVE-2014-6795 (The Beekeeping Forum (aka com.tapatalk.supporttapatalkcomxxxxx) applic ...)
 	NOT-FOR-US: Beekeeping Forum (aka com.tapatalk.supporttapatalkcomxxxxx) application for Android
-CVE-2014-6794
+CVE-2014-6794 (The AAPLD (aka com.bredir.boopsie.aapld) application 4.5.110 for Andro ...)
 	NOT-FOR-US: AAPLD (aka com.bredir.boopsie.aapld) application for Android
-CVE-2014-6793
+CVE-2014-6793 (The Arch Friend (aka com.xyproto.archfriend) application 0.4.2 for And ...)
 	NOT-FOR-US: Arch Friend (aka com.xyproto.archfriend) application for Android
-CVE-2014-6792
+CVE-2014-6792 (The Suriname Radio (aka com.wordbox.surinameRadio) application 1.5 for ...)
 	NOT-FOR-US: Suriname Radio (aka com.wordbox.surinameRadio) application for Android
-CVE-2014-6791
+CVE-2014-6791 (The Angel Reigns (aka com.conduit.app_dab60e7bd60d4f23a14b3fb7357f9dcd ...)
 	NOT-FOR-US: Angel Reigns (aka com.conduit.app_dab60e7bd60d4f23a14b3fb7357f9dcd.app) application for Android
-CVE-2014-6790
+CVE-2014-6790 (The INVEX (aka com.mobilatolye.keyinternet) application 1.0.2 for Andr ...)
 	NOT-FOR-US: INVEX (aka com.mobilatolye.keyinternet) application for Android
-CVE-2014-6789
+CVE-2014-6789 (The Anaheim Library 2Go! (aka com.bredir.boopsie.anaheim) application  ...)
 	NOT-FOR-US: Anaheim Library 2Go! (aka com.bredir.boopsie.anaheim) application for Android
-CVE-2014-6788
+CVE-2014-6788 (The Oman News (aka com.oman.news.rmtzlnbuooordciw) application 1.0 for ...)
 	NOT-FOR-US: Oman News (aka com.oman.news.rmtzlnbuooordciw) application for Android
-CVE-2014-6787
+CVE-2014-6787 (The Counter Intuition (aka com.counter.intuition) application 1.2 for  ...)
 	NOT-FOR-US: Counter Intuition (aka com.counter.intuition) application for Android
-CVE-2014-6786
+CVE-2014-6786 (The Math for Kids - Subtraction (aka it.tinytap.attsa.deepsub) applica ...)
 	NOT-FOR-US: Math for Kids - Subtraction (aka it.tinytap.attsa.deepsub) application for Android
-CVE-2014-6785
+CVE-2014-6785 (The Renny McLean Ministries (aka com.subsplash.thechurchapp.s_GJQX72)  ...)
 	NOT-FOR-US: Renny McLean Ministries (aka com.subsplash.thechurchapp.s_GJQX72) application for Android
-CVE-2014-6784
+CVE-2014-6784 (The Fermononrespiri Mobile (aka com.tapatalk.rmonlineitforums) applica ...)
 	NOT-FOR-US: Fermononrespiri Mobile (aka com.tapatalk.rmonlineitforums) application for Android
-CVE-2014-6783
+CVE-2014-6783 (The Campus Link - Campus TV HKUSU (aka com.campus.tv.hkusu) applicatio ...)
 	NOT-FOR-US: Campus Link - Campus TV HKUSU (aka com.campus.tv.hkusu) application for Android
-CVE-2014-6782
+CVE-2014-6782 (The Abraham Tours (aka com.mytoursapp.android.app432) application 1.1. ...)
 	NOT-FOR-US: Abraham Tours (aka com.mytoursapp.android.app432) application for Android
-CVE-2014-6781
+CVE-2014-6781 (The Aloha Stadium - Hawaii (aka com.stadium.aloha) application 1.2 for ...)
 	NOT-FOR-US: Aloha Stadium - Hawaii (aka com.stadium.aloha) application for Android
-CVE-2014-6780
+CVE-2014-6780 (The MeiTalk (aka com.playjia.meitalk) application @7F060012 for Androi ...)
 	NOT-FOR-US: MeiTalk (aka com.playjia.meitalk) application for Android
-CVE-2014-6779
+CVE-2014-6779 (The Cart App (aka com.virtecha.mobilewallet) application 1.5 for Andro ...)
 	NOT-FOR-US: Cart App (aka com.virtecha.mobilewallet) application for Android
-CVE-2014-6778
+CVE-2014-6778 (The Goat Forum (aka com.gcspublishing.goatspot) application 3.9.15 for ...)
 	NOT-FOR-US: Goat Forum (aka com.gcspublishing.goatspot) application for Android
-CVE-2014-6777
+CVE-2014-6777 (The blueeleph (aka eg.film.blueeleph) application 1.0 for Android does ...)
 	NOT-FOR-US: blueeleph (aka eg.film.blueeleph) application for Android
-CVE-2014-6776
+CVE-2014-6776 (The United Advantage NW Federal Cr (aka com.myappengine.uanwfcu) appli ...)
 	NOT-FOR-US: United Advantage NW Federal Cr (aka com.myappengine.uanwfcu) application for Android
-CVE-2014-6775
+CVE-2014-6775 (The Light for Pets (aka com.helenwoodward.light4pets) application 1.0  ...)
 	NOT-FOR-US: Light for Pets (aka com.helenwoodward.light4pets) application for Android
-CVE-2014-6774
+CVE-2014-6774 (The USEK (aka com.university.usek) application 1.0.8 for Android does  ...)
 	NOT-FOR-US: USEK (aka com.university.usek) application for Android
-CVE-2014-6773
+CVE-2014-6773 (The CIH Quiz game (aka com.bowenehs.cihquizgameapp) application 1.3 fo ...)
 	NOT-FOR-US: CIH Quiz game (aka com.bowenehs.cihquizgameapp) application for Android
-CVE-2014-6772
+CVE-2014-6772 (The United Educational CU (aka com.metova.cuae.uecu) application 1.0.2 ...)
 	NOT-FOR-US: United Educational CU (aka com.metova.cuae.uecu) application for Android
-CVE-2014-6771
+CVE-2014-6771 (The United Heritage Mobile (aka Fi_Mobile.UHCU) application 1.1 for An ...)
 	NOT-FOR-US: United Heritage Mobile (aka Fi_Mobile.UHCU) application for Android
-CVE-2014-6770
+CVE-2014-6770 (The Aerospace Jobs (aka com.app_aerospacejobs.layout) application 1.39 ...)
 	NOT-FOR-US: Aerospace Jobs (aka com.app_aerospacejobs.layout) application for Android
-CVE-2014-6769
+CVE-2014-6769 (The Meteo Belgique (aka com.mobilesoft.belgiumweather) application 3.2 ...)
 	NOT-FOR-US: Meteo Belgique (aka com.mobilesoft.belgiumweather) application for Android
-CVE-2014-6768
+CVE-2014-6768 (The Anywhere Anytime Yoga Workout (aka com.bayart.yoga) application 1. ...)
 	NOT-FOR-US: Anywhere Anytime Yoga Workout (aka com.bayart.yoga) application for Android
-CVE-2014-6767
+CVE-2014-6767 (The Juggle! FREE (aka com.jakyl.juggleforfree) application 3.0.0 for A ...)
 	NOT-FOR-US: Juggle! FREE (aka com.jakyl.juggleforfree) application for Android
-CVE-2014-6766
+CVE-2014-6766 (The Afro-Beat (aka com.zero.themelock.tambourine) application 0.2 for  ...)
 	NOT-FOR-US: Afro-Beat (aka com.zero.themelock.tambourine) application for Android
-CVE-2014-6765
+CVE-2014-6765 (The No Fuss Home Loans (aka com.soln.SA2CAA74BBC3AFEFE7C8BE3F3AAC499E7 ...)
 	NOT-FOR-US: No Fuss Home Loans (aka com.soln.SA2CAA74BBC3AFEFE7C8BE3F3AAC499E7) application for Android
-CVE-2014-6764
+CVE-2014-6764 (The Assyrian (aka com.b2.assyrian.activity) application 2.2 for Androi ...)
 	NOT-FOR-US: Assyrian (aka com.b2.assyrian.activity) application for Android
-CVE-2014-6763
+CVE-2014-6763 (The Codename Birdgame (aka com.devsecondfictioncom.devsecondfictioncom ...)
 	NOT-FOR-US: Codename Birdgame (aka com.devsecondfictioncom.devsecondfictioncom.birdadhoc) application for Android
-CVE-2014-6762
+CVE-2014-6762 (The bongomovie (aka com.mbwasi.bongomovie) application 1.0 for Android ...)
 	NOT-FOR-US: bongomovie (aka com.mbwasi.bongomovie) application for Android
-CVE-2014-6761
+CVE-2014-6761 (The Aprende a Meditar (aka com.rareartifact.aprendeameditar544CB0A2) a ...)
 	NOT-FOR-US: Aprende a Meditar (aka com.rareartifact.aprendeameditar544CB0A2) application for Android
-CVE-2014-6760
+CVE-2014-6760 (The Harem Thief Dating (aka com.haremthief.haremthief) application 1.2 ...)
 	NOT-FOR-US: Harem Thief Dating (aka com.haremthief.haremthief) application for Android
-CVE-2014-6759
+CVE-2014-6759 (The Downton Abbey Fan Portal (aka com.downton.abbey.fan.portal) applic ...)
 	NOT-FOR-US: Downton Abbey Fan Portal (aka com.downton.abbey.fan.portal) application for Android
-CVE-2014-6758
+CVE-2014-6758 (The Qin Story (aka com.kongzhong.tjmammoth.android.cqqslengp) applicat ...)
 	NOT-FOR-US: Qin Story (aka com.kongzhong.tjmammoth.android.cqqslengp) application for Android
-CVE-2014-6757
+CVE-2014-6757 (The Koran - AlqoranVideos (aka com.alqoran.videos.example) application ...)
 	NOT-FOR-US: Koran - AlqoranVideos (aka com.alqoran.videos.example) application for Android
-CVE-2014-6756
+CVE-2014-6756 (The Reddit Aww (aka org.biais.redditawww) application 1.2.1 for Androi ...)
 	NOT-FOR-US: Reddit Aww (aka org.biais.redditawww) application for Android
-CVE-2014-6755
+CVE-2014-6755 (The SDN Forum (TapaTalk) (aka com.tapatalk.forumshiftdeletenet) applic ...)
 	NOT-FOR-US: SDN Forum (TapaTalk) (aka com.tapatalk.forumshiftdeletenet) application for Android
-CVE-2014-6754
+CVE-2014-6754 (The Vector Outage Manager (aka nz.co.vector.outagemanager) application ...)
 	NOT-FOR-US: Vector Outage Manager (aka nz.co.vector.outagemanager) application for Android
-CVE-2014-6753
+CVE-2014-6753 (The sunnat e rasool (aka com.imsoft.sunnat_e_rasool) application 2.0 f ...)
 	NOT-FOR-US: sunnat e rasool (aka com.imsoft.sunnat_e_rasool) application for Android
-CVE-2014-6752
+CVE-2014-6752 (The Mindless Behavior Fan Base (aka com.mindless.behavior.fan.base) ap ...)
 	NOT-FOR-US: Mindless Behavior Fan Base (aka com.mindless.behavior.fan.base) application for Android
-CVE-2014-6751
+CVE-2014-6751 (The Grasshopper Beta (aka com.grasshopper.dialer) application 2.1 for  ...)
 	NOT-FOR-US: Grasshopper Beta (aka com.grasshopper.dialer) application for Android
-CVE-2014-6750
+CVE-2014-6750 (The $0.99 Kindle Books (aka com.kindle.books.for99) application 6.0 fo ...)
 	NOT-FOR-US: $0.99 Kindle Books (aka com.kindle.books.for99) application for Android
-CVE-2014-6749
+CVE-2014-6749 (The American Nurses Association (aka com.dub.poweredbydub.assoc.ana) a ...)
 	NOT-FOR-US: American Nurses Association (aka com.dub.poweredbydub.assoc.ana) application for Android
-CVE-2014-6748
+CVE-2014-6748 (The GEMAIRE's HVAC Assist (aka com.es.Gemaire) application 5.0 for And ...)
 	NOT-FOR-US: GEMAIRE's HVAC Assist (aka com.es.Gemaire) application for Android
-CVE-2014-6747
+CVE-2014-6747 (The SeeOn (aka com.seeon) application 4.0.7 for Android does not verif ...)
 	NOT-FOR-US: SeeOn (aka com.seeon) application for Android
-CVE-2014-6746
+CVE-2014-6746 (The Infiniti Roadside Assistance (aka com.ccas.rsa.common.infiniti) ap ...)
 	NOT-FOR-US: Infiniti Roadside Assistance (aka com.ccas.rsa.common.infiniti) application for Android
-CVE-2014-6745
+CVE-2014-6745 (The Family Location (aka com.sosocome.family) application 3.4 2014-5-2 ...)
 	NOT-FOR-US: Family Location (aka com.sosocome.family) application for Android
-CVE-2014-6744
+CVE-2014-6744 (The Al-Ahsa News (aka com.alahsa.news) application 2.0 for Android doe ...)
 	NOT-FOR-US: Al-Ahsa News (aka com.alahsa.news) application for Android
-CVE-2014-6743
+CVE-2014-6743 (The Hearsay: A Social Party Game (aka air.com.lip.per) application 1.7 ...)
 	NOT-FOR-US: Hearsay: A Social Party Game (aka air.com.lip.per) application for Android
-CVE-2014-6742
+CVE-2014-6742 (The All around Cyprus (aka com.cyprus.newspapers) application 2.11 for ...)
 	NOT-FOR-US: All around Cyprus (aka com.cyprus.newspapers) application for Android
-CVE-2014-6741
+CVE-2014-6741 (The John MacArthur (aka com.john.macarthur) application 1.0.26 for And ...)
 	NOT-FOR-US: John MacArthur (aka com.john.macarthur) application for Android
-CVE-2014-6740
+CVE-2014-6740 (The XD Forum (aka com.tapatalk.xdforumcomforum) application 3.9.17 for ...)
 	NOT-FOR-US: XD Forum (aka com.tapatalk.xdforumcomforum) application for Android
-CVE-2014-6739
+CVE-2014-6739 (The Well-Being Connect Mobile (aka com.healthways.wellbeinggo) applica ...)
 	NOT-FOR-US: Well-Being Connect Mobile (aka com.healthways.wellbeinggo) application for Android
-CVE-2014-6738
+CVE-2014-6738 (The Maccabi Tel Aviv (aka com.monkeytech.maccabi) application 1.0 for  ...)
 	NOT-FOR-US: Maccabi Tel Aviv (aka com.monkeytech.maccabi) application for Android
-CVE-2014-6737
+CVE-2014-6737 (The Ultimate Target-Armored Sniper (aka air.wood.liame.ultimatetarget) ...)
 	NOT-FOR-US: Ultimate Target-Armored Sniper (aka air.wood.liame.ultimatetarget) application for Android
-CVE-2014-6736
+CVE-2014-6736 (The EPL Hat Trick (aka com.hat.trick.goal) application 1.0 for Android ...)
 	NOT-FOR-US: EPL Hat Trick (aka com.hat.trick.goal) application for Android
-CVE-2014-6735
+CVE-2014-6735 (The imagine Next bmobile (aka com.conduit.app_51c3c19581af465092327dd2 ...)
 	NOT-FOR-US: imagine Next bmobile (aka com.conduit.app_51c3c19581af465092327dd25591b224.app) application for Android
-CVE-2014-6734
+CVE-2014-6734 (The Wine Making (aka com.gcspublishing.winemakingtalk) application 3.7 ...)
 	NOT-FOR-US: Wine Making (aka com.gcspublishing.winemakingtalk) application for Android
-CVE-2014-6733
+CVE-2014-6733 (The My T-Mobile (aka at.tmobile.android.myt) application @7F0C0030 for ...)
 	NOT-FOR-US: My T-Mobile (aka at.tmobile.android.myt) application for Android
-CVE-2014-6732
+CVE-2014-6732 (The Westpac Mobile Banking (aka org.westpac.bank) application 5.21 for ...)
 	NOT-FOR-US: Westpac Mobile Banking (aka org.westpac.bank) application for Android
-CVE-2014-6731
+CVE-2014-6731 (The Alfa-Bank (aka ru.alfabank.mobile.android) application 5.5.1.1 for ...)
 	NOT-FOR-US: Alfa-Bank (aka ru.alfabank.mobile.android) application for Android
-CVE-2014-6730
+CVE-2014-6730 (The Melodigram (aka com.minusdegree.melodigramandroid) application 1.1 ...)
 	NOT-FOR-US: Melodigram (aka com.minusdegree.melodigramandroid) application for Android
-CVE-2014-6729
+CVE-2014-6729 (The Grilling with Rich (aka com.grilling.with.rich) application 1.0 fo ...)
 	NOT-FOR-US: Grilling with Rich (aka com.grilling.with.rich) application for Android
-CVE-2014-6728
+CVE-2014-6728 (The ThinkPal (aka com.mythinkpalapp) application 1.6.3 for Android doe ...)
 	NOT-FOR-US: ThinkPal (aka com.mythinkpalapp) application for Android
-CVE-2014-6727
+CVE-2014-6727 (The Mikeius (Official App) (aka com.automon.mikeius) application 1.4.2 ...)
 	NOT-FOR-US: Mikeius (Official App) (aka com.automon.mikeius) application for Android
-CVE-2014-6726
+CVE-2014-6726 (The 30A (aka com.app30a) application 5.26.2 for Android does not verif ...)
 	NOT-FOR-US: 30A (aka com.app30a) application for Android
-CVE-2014-6725
+CVE-2014-6725 (The SchoolXM (aka apprentice.schoolxm) application 1.2 for Android doe ...)
 	NOT-FOR-US: SchoolXM (aka apprentice.schoolxm) application for Android
-CVE-2014-6724
+CVE-2014-6724 (The Soap Making (aka com.tapatalk.soapmakingforumcom) application 3.7. ...)
 	NOT-FOR-US: Soap Making (aka com.tapatalk.soapmakingforumcom) application for Android
-CVE-2014-6723
+CVE-2014-6723 (The Comics Plus (aka com.iversecomics.comicsplus.android) application  ...)
 	NOT-FOR-US: Comics Plus (aka com.iversecomics.comicsplus.android) application for Android
-CVE-2014-6722
+CVE-2014-6722 (The Pescuit Crap Lite (aka ro.aventurilapescui.pescuitcrap.lite) appli ...)
 	NOT-FOR-US: Pescuit Crap Lite (aka ro.aventurilapescui.pescuitcrap.lite) application for Android
-CVE-2014-6721
+CVE-2014-6721 (The Pharmaguideline (aka com.pharmaguideline) application 1.2.0 for An ...)
 	NOT-FOR-US: Pharmaguideline (aka com.pharmaguideline) application for Android
-CVE-2014-6720
+CVE-2014-6720 (The Pesca de Carpa Lite (aka com.clearfishing.pescadecarpa.lite) appli ...)
 	NOT-FOR-US: Pesca de Carpa Lite (aka com.clearfishing.pescadecarpa.lite) application for Android
-CVE-2014-6719
+CVE-2014-6719 (The Kayak Angler Magazine (aka air.com.yudu.ReaderAIR1360155) applicat ...)
 	NOT-FOR-US: Kayak Angler Magazine (aka air.com.yudu.ReaderAIR1360155) application for Android
-CVE-2014-6718
+CVE-2014-6718 (The My Mobile Day (aka com.mymobileday) application 1.3 for Android do ...)
 	NOT-FOR-US: My Mobile Day (aka com.mymobileday) application for Android
-CVE-2014-6717
+CVE-2014-6717 (The iTriage Health (aka com.healthagen.iTriage) application 5.29 for A ...)
 	NOT-FOR-US: iTriage Health (aka com.healthagen.iTriage) application for Android
-CVE-2014-6716
+CVE-2014-6716 (The fastin (aka moda.azyae.fastin.net) application 1.0 for Android doe ...)
 	NOT-FOR-US: fastin (aka moda.azyae.fastin.net) application for Android
-CVE-2014-6715
+CVE-2014-6715 (The SlotMachine (aka com.popoinnovation.SlotMachine) application 1.03  ...)
 	NOT-FOR-US: SlotMachine (aka com.popoinnovation.SlotMachine) application for Android
-CVE-2014-6714
+CVE-2014-6714 (The WebMD (aka com.webmd.android) application 3.5 for Android does not ...)
 	NOT-FOR-US: WebMD (aka com.webmd.android) application for Android
-CVE-2014-6713
+CVE-2014-6713 (The MedQuiz: Medical Chat and MCQs (aka com.pdevsmedd.med) application ...)
 	NOT-FOR-US: MedQuiz: Medical Chat and MCQs (aka com.pdevsmedd.med) application for Android
-CVE-2014-6712
+CVE-2014-6712 (The Airlines International (aka org.iata.IAMagazine) application 1.0 f ...)
 	NOT-FOR-US: Airlines International (aka org.iata.IAMagazine) application for Android
-CVE-2014-6711
+CVE-2014-6711 (The ABC Lounge Webradio (aka com.nobexinc.wls_66087017.rc) application ...)
 	NOT-FOR-US: ABC Lounge Webradio (aka com.nobexinc.wls_66087017.rc) application for Android
-CVE-2014-6710
+CVE-2014-6710 (The Chifro Kids Coloring Game (aka com.chifro.kids_coloring_game) appl ...)
 	NOT-FOR-US: Chifro Kids Coloring Game (aka com.chifro.kids_coloring_game) application for Android
-CVE-2014-6709
+CVE-2014-6709 (The TechRadar News (aka com.techradar.news) application 1.0 for Androi ...)
 	NOT-FOR-US: TechRadar News (aka com.techradar.news) application for Android
-CVE-2014-6708
+CVE-2014-6708 (The Sporting Club Uphoria (aka com.sportinginnovations.skc) applicatio ...)
 	NOT-FOR-US: Sporting Club Uphoria (aka com.sportinginnovations.skc) application for Android
-CVE-2014-6707
+CVE-2014-6707 (The 7Sage LSAT Prep - Proctor (aka com.sevensage.lsat) application 2.1 ...)
 	NOT-FOR-US: 7Sage LSAT Prep - Proctor (aka com.sevensage.lsat) application for Android
-CVE-2014-6706
+CVE-2014-6706 (The Embry-Riddle (aka com.dub.app.erau) application 1.4.04 for Android ...)
 	NOT-FOR-US: Embry-Riddle (aka com.dub.app.erau) application for Android
-CVE-2014-6705
+CVE-2014-6705 (The Maher Zain (aka com.vanagas.app.maher_zain) application 1.1 for An ...)
 	NOT-FOR-US: Maher Zain (aka com.vanagas.app.maher_zain) application for Android
-CVE-2014-6704
+CVE-2014-6704 (The Utah Jazz (aka com.sportinginnovations.jazz) application 2.0.0 for ...)
 	NOT-FOR-US: Utah Jazz (aka com.sportinginnovations.jazz) application for Android
-CVE-2014-6703
+CVE-2014-6703 (The phonearabs4 (aka com.phonearabs4.myapps) application 1.4 for Andro ...)
 	NOT-FOR-US: phonearabs4 (aka com.phonearabs4.myapps) application for Android
-CVE-2014-6702
+CVE-2014-6702 (The StarSat International (aka com.conduit.app_b15a1814d2d840198e70e3c ...)
 	NOT-FOR-US: StarSat International (aka com.conduit.app_b15a1814d2d840198e70e3c235af5e8b.app) application for Android
-CVE-2014-6701
+CVE-2014-6701 (The Vendormate Mobile (aka com.vendormate.mobile) application 3.0 for  ...)
 	NOT-FOR-US: Vendormate Mobile (aka com.vendormate.mobile) application for Android
-CVE-2014-6700
+CVE-2014-6700 (The NBA Game Time 2013-2014 (aka com.nbadigital.gametimelite) applicat ...)
 	NOT-FOR-US: NBA Game Time 2013-2014 (aka com.nbadigital.gametimelite) application for Android
-CVE-2014-6699
+CVE-2014-6699 (The Weather Channel (aka com.weather.Weather) application 5.2.0 for An ...)
 	NOT-FOR-US: Weather Channel (aka com.weather.Weather) application for Android
-CVE-2014-6698
+CVE-2014-6698 (The Galaxy Online 2 (aka air.com.igg.galaxyAPhone) application 1.2.3 f ...)
 	NOT-FOR-US: Galaxy Online 2 (aka air.com.igg.galaxyAPhone) application for Android
-CVE-2014-6697
+CVE-2014-6697 (The Morocco Weather (aka com.mobilesoft.meteomaroc) application 3.1 fo ...)
 	NOT-FOR-US: Morocco Weather (aka com.mobilesoft.meteomaroc) application for Android
-CVE-2014-6696
+CVE-2014-6696 (The Candy Girl Party Makeover (aka com.bearhugmedia.android_candygirlp ...)
 	NOT-FOR-US: Candy Girl Party Makeover (aka com.bearhugmedia.android_candygirlparty) application for Android
-CVE-2014-6695
+CVE-2014-6695 (The Wedding Photo Frames-Love Pics (aka com.WeddingPhotoFramesLovePics ...)
 	NOT-FOR-US: Wedding Photo Frames-Love Pics (aka com.WeddingPhotoFramesLovePics) application for Android
-CVE-2014-6694
+CVE-2014-6694 (The 5SOS Family Planet (aka uk.co.pixelkicks.fivesos) application 2.3. ...)
 	NOT-FOR-US: 5SOS Family Planet (aka uk.co.pixelkicks.fivesos) application for Android
-CVE-2014-6693
+CVE-2014-6693 (The Juiker (aka org.itri) application 3.2.0829.1 for Android does not  ...)
 	NOT-FOR-US: Juiker (aka org.itri) application for Android
-CVE-2014-6692
+CVE-2014-6692 (The Kingsoft Clip (Office Tool) (aka cn.wps.clip) application 1.5.1 fo ...)
 	NOT-FOR-US: Kingsoft Clip (Office Tool) (aka cn.wps.clip) application for Android
-CVE-2014-6691
+CVE-2014-6691 (The UC Browser HD (aka com.uc.browser.hd) application 3.3.1.469 for An ...)
 	NOT-FOR-US: UC Browser HD (aka com.uc.browser.hd) application for Android
-CVE-2014-6690
+CVE-2014-6690 (The InstaMessage - Instagram Chat (aka com.futurebits.instamessage.fre ...)
 	NOT-FOR-US: InstaMessage - Instagram Chat (aka com.futurebits.instamessage.free) application for Android
-CVE-2014-6689
+CVE-2014-6689 (The JW Cards (aka com.jingwei.card) application 3.8.0 for Android does ...)
 	NOT-FOR-US: JW Cards (aka com.jingwei.card) application for Android
-CVE-2014-6688
+CVE-2014-6688 (The Voices.com (aka com.voices.voices) application 1.5 for Android doe ...)
 	NOT-FOR-US: Voices.com (aka com.voices.voices) application for Android
-CVE-2014-6687
+CVE-2014-6687 (The wSaudichannelAlNasr (aka com.wSaudichannelAlNasr) application 0.1  ...)
 	NOT-FOR-US: wSaudichannelAlNasr (aka com.wSaudichannelAlNasr) application for Android
-CVE-2014-6686
+CVE-2014-6686 (The Zoho Books - Accounting App (aka com.zoho.books) application 3.1.9 ...)
 	NOT-FOR-US: Zoho Books - Accounting App (aka com.zoho.books) application for Android
-CVE-2014-6685
+CVE-2014-6685 (The Tsushima Travel Guide (aka com.netjapan.ntsushima) application 1.9 ...)
 	NOT-FOR-US: Tsushima Travel Guide (aka com.netjapan.ntsushima) application for Android
-CVE-2014-6684
+CVE-2014-6684 (The MOL bringaPONT (aka hu.mol.bringapont) application 1.1 for Android ...)
 	NOT-FOR-US: MOL bringaPONT (aka hu.mol.bringapont) application for Android
-CVE-2014-6683
+CVE-2014-6683 (The Open Electrical Webser (aka com.wOpenElectricalWeb) application 0. ...)
 	NOT-FOR-US: Open Electrical Webser (aka com.wOpenElectricalWeb) application for Android
-CVE-2014-6682
+CVE-2014-6682 (The w88235ff7bdc2fb574f1789750ea99ed6 (aka com.w88235ff7bdc2fb574f1789 ...)
 	NOT-FOR-US: w88235ff7bdc2fb574f1789750ea99ed6 (aka com.w88235ff7bdc2fb574f1789750ea99ed6) application for Android
-CVE-2014-6681
+CVE-2014-6681 (The Mahabharata Audiocast (aka com.wordbox.mahabharataAudiocast) appli ...)
 	NOT-FOR-US: Mahabharata Audiocast (aka com.wordbox.mahabharataAudiocast) application for Android
-CVE-2014-6680
+CVE-2014-6680 (The superheroquiz (aka com.davidhey.superheroquiz) application 1.0 for ...)
 	NOT-FOR-US: superheroquiz (aka com.davidhey.superheroquiz) application for Android
-CVE-2014-6679
+CVE-2014-6679 (The wEPISDParentPortal (aka com.dreamstep.wEPISDParentPortal) applicat ...)
 	NOT-FOR-US: wEPISDParentPortal (aka com.dreamstep.wEPISDParentPortal) application for Android
-CVE-2014-6678
+CVE-2014-6678 (The Algeria Radio (aka com.wordbox.algeriaRadio) application 2.5 for A ...)
 	NOT-FOR-US: Algeria Radio (aka com.wordbox.algeriaRadio) application for Android
-CVE-2014-6677
+CVE-2014-6677 (The Ticket Round Up (aka com.xcr.android.ticketroundupapp) application ...)
 	NOT-FOR-US: Ticket Round Up (aka com.xcr.android.ticketroundupapp) application for Android
-CVE-2014-6676
+CVE-2014-6676 (The Exercitii pentru abdomen (aka com.rareartifact.exercitiipentruabdo ...)
 	NOT-FOR-US: Exercitii pentru abdomen (aka com.rareartifact.exercitiipentruabdomen41E29322) application for Android
-CVE-2014-6675
+CVE-2014-6675 (The Ruta Exacta (aka com.rutaexacta.m) application 1.0 for Android doe ...)
 	NOT-FOR-US: Ruta Exacta (aka com.rutaexacta.m) application for Android
-CVE-2014-6674
+CVE-2014-6674 (The Amazighmusic (aka nl.appsandroo.Amazighmusic) application 1.0 for  ...)
 	NOT-FOR-US: Amazighmusic (aka nl.appsandroo.Amazighmusic) application for Android
-CVE-2014-6673
+CVE-2014-6673 (The ChallengerTX (aka com.zhtiantian.ChallengerTX) application 3.9.12. ...)
 	NOT-FOR-US: ChallengerTX (aka com.zhtiantian.ChallengerTX) application for Android
-CVE-2014-6672
+CVE-2014-6672 (The Friendcaster (aka uk.co.senab.blueNotifyFree) application 5.4.5 fo ...)
 	NOT-FOR-US: Friendcaster (aka uk.co.senab.blueNotifyFree) application for Android
-CVE-2014-6671
+CVE-2014-6671 (The World Cup 2014 Brazil - Xem TV (aka vn.letshare.football.worldcup) ...)
 	NOT-FOR-US: World Cup 2014 Brazil - Xem TV (aka vn.letshare.football.worldcup) application for Android
-CVE-2014-6670
+CVE-2014-6670 (The SingaporeMotherhood Forum (aka com.tapatalk.singaporemotherhoodcom ...)
 	NOT-FOR-US: SingaporeMotherhood Forum (aka com.tapatalk.singaporemotherhoodcomforum) application for Android
-CVE-2014-6669
+CVE-2014-6669 (The Inside Crochet (aka com.magazinecloner.insidecrochet) application  ...)
 	NOT-FOR-US: Inside Crochet (aka com.magazinecloner.insidecrochet) application for Android
-CVE-2014-6668
+CVE-2014-6668 (The African Radios Live (aka com.nana.africanradioslive) application 1 ...)
 	NOT-FOR-US: African Radios Live (aka com.nana.africanradioslive) application for Android
-CVE-2014-6667
+CVE-2014-6667 (The racemotocross (aka com.bossappsmk.racemotocross) application 1.2 f ...)
 	NOT-FOR-US: racemotocross (aka com.bossappsmk.racemotocross) application for Android
-CVE-2014-6666
+CVE-2014-6666 (The Baglamukhi (aka com.wshribaglamukhiblog) application 0.1 for Andro ...)
 	NOT-FOR-US: Baglamukhi (aka com.wshribaglamukhiblog) application for Android
-CVE-2014-6665
+CVE-2014-6665 (The Ahmed Bukhatir Nasheeds TV (aka com.wAhmedBukhatirApp) application ...)
 	NOT-FOR-US: Ahmed Bukhatir Nasheeds TV (aka com.wAhmedBukhatirApp) application for Android
-CVE-2014-6664
+CVE-2014-6664 (The Latin Angels Music HD (aka com.applizards.lafreetj) application 2. ...)
 	NOT-FOR-US: Latin Angels Music HD (aka com.applizards.lafreetj) application for Android
-CVE-2014-6663
+CVE-2014-6663 (The Addis Gag Funny Amharic Pic (aka com.wAmharicFunnyPicture) applica ...)
 	NOT-FOR-US: Addis Gag Funny Amharic Pic (aka com.wAmharicFunnyPicture) application for Android
-CVE-2014-6662
+CVE-2014-6662 (The Forum Krstarice (aka com.tapatalk.forumkrstaricacom) application 3 ...)
 	NOT-FOR-US: Forum Krstarice (aka com.tapatalk.forumkrstaricacom) application for Android
-CVE-2014-6661
+CVE-2014-6661 (The netease movie (aka com.netease.movie) application 4.7.2 for Androi ...)
 	NOT-FOR-US: netease movie (aka com.netease.movie) application for Android
-CVE-2014-6660
+CVE-2014-6660 (The Koleksi Hadis Nabi SAW (aka com.wKoleksiHadisNabiSAW) application  ...)
 	NOT-FOR-US: Koleksi Hadis Nabi SAW (aka com.wKoleksiHadisNabiSAW) application for Android
-CVE-2014-6659
+CVE-2014-6659 (The Defence.pk (aka com.tapatalk.defencepkforums) application 2.4.13.1 ...)
 	NOT-FOR-US: Defence.pk (aka com.tapatalk.defencepkforums) application for Android
-CVE-2014-6658
+CVE-2014-6658 (The Apploi Job Search- Find Jobs (aka com.apploi) application 4.19 for ...)
 	NOT-FOR-US: Apploi Job Search- Find Jobs (aka com.apploi) application for Android
-CVE-2014-6657
+CVE-2014-6657 (The Leadership Newspapers (aka com.LeadershipNewspapers) application 1 ...)
 	NOT-FOR-US: Leadership Newspapers (aka com.LeadershipNewspapers) application for Android
-CVE-2014-6656
+CVE-2014-6656 (The drareym (aka com.drareym) application 0.1 for Android does not ver ...)
 	NOT-FOR-US: drareym (aka com.drareym) application for Android
-CVE-2014-6655
+CVE-2014-6655 (The Tortoise Forum (aka org.tortoiseforum.android.forumrunner) applica ...)
 	NOT-FOR-US: Tortoise Forum (aka org.tortoiseforum.android.forumrunner) application for Android
-CVE-2014-6654
+CVE-2014-6654 (The wTrootrooTvIzle (aka com.wTrootrooTvIzle) application 0.1 for Andr ...)
 	NOT-FOR-US: wTrootrooTvIzle (aka com.wTrootrooTvIzle) application for Android
-CVE-2014-6653
+CVE-2014-6653 (The Afghan Radio (aka com.wordbox.afghanRadio) application 2.5 for And ...)
 	NOT-FOR-US: Afghan Radio (aka com.wordbox.afghanRadio) application for Android
-CVE-2014-6652
+CVE-2014-6652 (The Wizaz Forum (aka com.tapatalk.wizazplforum) application 3.6.4 for  ...)
 	NOT-FOR-US: Wizaz Forum (aka com.tapatalk.wizazplforum) application for Android
-CVE-2014-6651
+CVE-2014-6651 (The Planet of the Vapes Forum (aka com.tapatalk.planetofthevapescoukfo ...)
 	NOT-FOR-US: Planet of the Vapes Forum (aka com.tapatalk.planetofthevapescoukforums) application for Android
-CVE-2014-6650
+CVE-2014-6650 (The NextGenUpdate (aka com.tapatalk.nextgenupdatecomforums) applicatio ...)
 	NOT-FOR-US: NextGenUpdate (aka com.tapatalk.nextgenupdatecomforums) application for Android
-CVE-2014-6649
+CVE-2014-6649 (The MyBroadband Tapatalk (aka com.tapatalk.mybroadbandcozavb) applicat ...)
 	NOT-FOR-US: MyBroadband Tapatalk (aka com.tapatalk.mybroadbandcozavb) application for Android
-CVE-2014-6648
+CVE-2014-6648 (The iPhone4.TW (aka com.tapatalk.iPhone4TWforums) application 3.3.20 f ...)
 	NOT-FOR-US: iPhone4.TW (aka com.tapatalk.iPhone4TWforums) application for Android
-CVE-2014-6647
+CVE-2014-6647 (The ElForro.com (aka com.tapatalk.elforrocom) application 2.4.3.10 for ...)
 	NOT-FOR-US: ElForro.com (aka com.tapatalk.elforrocom) application for Android
-CVE-2014-6646
+CVE-2014-6646 (The bellyhoodcom (aka com.tapatalk.bellyhoodcom) application 3.4.23 fo ...)
 	NOT-FOR-US: bellyhoodcom (aka com.tapatalk.bellyhoodcom) application for Android
-CVE-2014-6645
+CVE-2014-6645 (The Batch library for Android does not verify X.509 certificates from  ...)
 	NOT-FOR-US: Batch library for Android
 CVE-2014-6644
 	REJECTED
-CVE-2014-6643
+CVE-2014-6643 (The FIAT Forum (aka com.tapatalk.fiatforumcom) application 3.8.41 for  ...)
 	NOT-FOR-US: FIAT Forum (aka com.tapatalk.fiatforumcom) application for Android
-CVE-2014-6642
+CVE-2014-6642 (The Mark's Daily Apple Forum (aka com.tapatalk.marksdailyapplecomforum ...)
 	NOT-FOR-US: Mark's Daily Apple Forum (aka com.tapatalk.marksdailyapplecomforum) application for Android
-CVE-2014-6641
+CVE-2014-6641 (The Homesteading Today (aka com.tapatalk.homesteadingtodaycom) applica ...)
 	NOT-FOR-US: Homesteading Today (aka com.tapatalk.homesteadingtodaycom) application for Android
-CVE-2014-6640
+CVE-2014-6640 (The DNB Trade (aka lt.dnb.mobiletrade) application 1 for Android does  ...)
 	NOT-FOR-US: DNB Trade (aka lt.dnb.mobiletrade) application for Android
-CVE-2014-6639
+CVE-2014-6639 (The TIO MobilePay - Bill Payments (aka com.tionetworks.mobile.android. ...)
 	NOT-FOR-US: TIO MobilePay - Bill Payments (aka com.tionetworks.mobile.android.tioclient) application for Android
-CVE-2014-6638
+CVE-2014-6638 (The wTMDesktop (aka com.wTMDesktop) application 1 for Android does not ...)
 	NOT-FOR-US: wTMDesktop (aka com.wTMDesktop) application for Android
-CVE-2014-6637
+CVE-2014-6637 (The Facebook Facts (aka com.wFacebookFacts) application 0.1 for Androi ...)
 	NOT-FOR-US: Facebook Facts (aka com.wFacebookFacts) application for Android
-CVE-2014-6636
+CVE-2014-6636 (The LG Telepresence (aka com.rsupport.rtc.lge) application 2.0.12 Buil ...)
 	NOT-FOR-US: LG Telepresence (aka com.rsupport.rtc.lge) application for Android
-CVE-2014-6635
+CVE-2014-6635 (Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.0 allows  ...)
 	NOT-FOR-US: Exponent CMS
 CVE-2014-6634
 	RESERVED
-CVE-2014-6633
+CVE-2014-6633 (The safe_eval function in trytond in Tryton before 2.4.15, 2.6.x befor ...)
 	{DSA-3043-1 DLA-70-1}
 	- tryton-server 3.2.3-1
 	NOTE: https://bugs.tryton.org/issue4155
-CVE-2014-6632
+CVE-2014-6632 (Joomla! 2.5.x before 2.5.25, 3.x before 3.2.4, and 3.3.x before 3.3.4  ...)
 	NOT-FOR-US: Joomla!
-CVE-2014-6631
+CVE-2014-6631 (Cross-site scripting (XSS) vulnerability in com_media in Joomla! 3.2.x ...)
 	NOT-FOR-US: Joomla!
 CVE-2014-6630
 	RESERVED
 CVE-2014-6629
 	RESERVED
-CVE-2014-6628
+CVE-2014-6628 (Aruba Networks ClearPass Policy Manager (CPPM) before 6.5.0 allows rem ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6627
+CVE-2014-6627 (Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows re ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6626
+CVE-2014-6626 (Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not  ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6625
+CVE-2014-6625 (The Policy Manager in Aruba Networks ClearPass before 6.3.6 and 6.4.x  ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6624
+CVE-2014-6624 (The Insight module in Aruba Networks ClearPass before 6.3.6 and 6.4.x  ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6623
+CVE-2014-6623 (Cross-site request forgery (CSRF) vulnerability in the Insight module  ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6622
+CVE-2014-6622 (Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows re ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6621
+CVE-2014-6621 (Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not  ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6620
+CVE-2014-6620 (Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass b ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-6619
+CVE-2014-6619 (Multiple cross-site scripting (XSS) vulnerabilities in register-exec.p ...)
 	NOT-FOR-US: PizzaInn_Project Restaurant Script
-CVE-2014-6618
+CVE-2014-6618 (Cross-site scripting (XSS) vulnerability in Your Online Shop allows re ...)
 	NOT-FOR-US: Your Online Shop
-CVE-2014-6617
+CVE-2014-6617 (Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 conta ...)
 	NOT-FOR-US: Softing FG-100
-CVE-2014-6616
+CVE-2014-6616 (Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Si ...)
 	NOT-FOR-US: Softing FG-100
 CVE-2014-6615
 	RESERVED
@@ -9151,9 +9151,9 @@ CVE-2014-6613
 	RESERVED
 CVE-2014-6612
 	RESERVED
-CVE-2014-6611
+CVE-2014-6611 (The BlackBerry World app before 5.0.0.262 on BlackBerry 10 OS 10.2.0,  ...)
 	NOT-FOR-US: BlackBerry
-CVE-2014-6609
+CVE-2014-6609 (The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 ...)
 	- asterisk <not-affected> (only affects 12.x series)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-009.html
 CVE-2014-6608
@@ -9162,15 +9162,15 @@ CVE-2014-6606
 	RESERVED
 CVE-2014-6605
 	RESERVED
-CVE-2014-6604
+CVE-2014-6604 (Cross-site scripting (XSS) vulnerability in class-s2-list-table.php in ...)
 	NOT-FOR-US: Subscribe2 plugin for WordPress
-CVE-2014-6603
+CVE-2014-6603 (The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricat ...)
 	[squeeze] - suricata <not-affected> (Vulnerable code not yet present)
 	[wheezy] - suricata <not-affected> (Vulnerable code not yet present)
 	- suricata 2.0.4-1 (bug #762828)
-CVE-2014-6602
+CVE-2014-6602 (Microsoft Asha OS on the Microsoft Mobile Nokia Asha 501 phone 14.0.4  ...)
 	NOT-FOR-US: Microsoft Asha OS
-CVE-2014-7144
+CVE-2014-7144 (OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x befo ...)
 	- python-keystonemiddleware 1.0.0-3 (bug #762748)
 	- python-keystoneclient 1:0.10.1-2 (bug #762749)
 	[wheezy] - python-keystoneclient <no-dsa> (Minor issue)
@@ -9179,317 +9179,317 @@ CVE-2014-7143 [twisted: trustRoot not respected in HTTP client]
 	- twisted 14.0.2-1 (bug #761983)
 	[wheezy] - twisted <not-affected> (Only affects 14.0 series)
 	[squeeze] - twisted <not-affected> (Only affects 14.0 series)
-CVE-2014-6610
+CVE-2014-6610 (Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Ce ...)
 	{DLA-455-1}
 	- asterisk 1:11.12.1~dfsg-1 (medium; bug #762164)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-010.html
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-010-11.diff applies on 1:1.8.13.1~dfsg1-3+deb7u3
 	NOTE: Squeeze version doesn't have res/res_fax_spandsp.c with the problem.
-CVE-2014-6607
+CVE-2014-6607 (M/Monit 3.3.2 and earlier does not verify the original password before ...)
 	NOT-FOR-US: M/Monit
-CVE-2014-6601
+CVE-2014-6601 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allow ...)
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2014-6600
+CVE-2014-6600 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2014-6599
+CVE-2014-6599 (Unspecified vulnerability in the Siebel Core - Common Components compo ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6598
+CVE-2014-6598 (Unspecified vulnerability in the Oracle Communications Diameter Signal ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6597
+CVE-2014-6597 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6596
+CVE-2014-6596 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6595
+CVE-2014-6595 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox 4.3.18-dfsg-2 (bug #775888)
 	[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
 	- virtualbox-ose <not-affected> (Introduced in 4.3)
-CVE-2014-6594
+CVE-2014-6594 (Unspecified vulnerability in the Oracle iLearning component in Oracle  ...)
 	NOT-FOR-US: Oracle iLearning
-CVE-2014-6593
+CVE-2014-6593 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u ...)
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2014-6592
+CVE-2014-6592 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fu ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6591
+CVE-2014-6591 (Unspecified vulnerability in the Java SE component in Oracle Java SE 5 ...)
 	{DSA-3187-1 DSA-3147-1 DSA-3144-1 DLA-219-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
 	- icu 52.1-7 (bug #775884)
-CVE-2014-6590
+CVE-2014-6590 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox 4.3.18-dfsg-2 (bug #775888)
 	[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
 	- virtualbox-ose <not-affected> (Introduced in 4.3)
-CVE-2014-6589
+CVE-2014-6589 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox 4.3.18-dfsg-2 (bug #775888)
 	[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
 	- virtualbox-ose <not-affected> (Introduced in 4.3)
-CVE-2014-6588
+CVE-2014-6588 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox 4.3.18-dfsg-2 (bug #775888)
 	[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
 	- virtualbox-ose <not-affected> (Introduced in 4.3)
-CVE-2014-6587
+CVE-2014-6587 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allow ...)
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2014-6586
+CVE-2014-6586 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6585
+CVE-2014-6585 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u ...)
 	{DSA-3187-1 DSA-3147-1 DSA-3144-1 DLA-219-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
 	- icu 52.1-7.1 (bug #776264)
-CVE-2014-6584
+CVE-2014-6584 (Unspecified vulnerability in the Integrated Lights Out Manager (ILOM)  ...)
 	NOT-FOR-US: Oracle Sun Systems Products Suite ILOM
-CVE-2014-6583
+CVE-2014-6583 (Unspecified vulnerability in the Oracle Marketing component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6582
+CVE-2014-6582 (Unspecified vulnerability in the Oracle HCM Configuration Workbench co ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6581
+CVE-2014-6581 (Unspecified vulnerability in the Oracle Customer Intelligence componen ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6580
+CVE-2014-6580 (Unspecified vulnerability in the Oracle Reports Developer component in ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6579
+CVE-2014-6579 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6578
+CVE-2014-6578 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6577
+CVE-2014-6577 (Unspecified vulnerability in the XML Developer's Kit for C component i ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6576
+CVE-2014-6576 (Unspecified vulnerability in the Oracle Adaptive Access Manager compon ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6575
+CVE-2014-6575 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remot ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2014-6574
+CVE-2014-6574 (Unspecified vulnerability in the Oracle Agile PLM for Process componen ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6573
+CVE-2014-6573 (Unspecified vulnerability in the Enterprise Manager Ops Center compone ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6572
+CVE-2014-6572 (Unspecified vulnerability in the Oracle Customer Interaction History c ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6571
+CVE-2014-6571 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6570
+CVE-2014-6570 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2014-6569
+CVE-2014-6569 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6568
+CVE-2014-6568 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, a ...)
 	{DSA-3135-1}
 	- mysql-5.5 5.5.42-1 (bug #775881)
 	- mariadb-10.0 10.0.16-1 (bug #775882)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2014-6567
+CVE-2014-6567 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6566
+CVE-2014-6566 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6565
+CVE-2014-6565 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools compon ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6564
+CVE-2014-6564 (Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
-CVE-2014-6563
+CVE-2014-6563 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6562
+CVE-2014-6562 (Unspecified vulnerability in Oracle Java SE 8u20 allows remote attacke ...)
 	- openjdk-8 8u40~b09-1
-CVE-2014-6561
+CVE-2014-6561 (Unspecified vulnerability in the Oracle Payments component in Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6560
+CVE-2014-6560 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6559
+CVE-2014-6559 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, a ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-10.0 10.0.15-1
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6558
+CVE-2014-6558 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u ...)
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6557
+CVE-2014-6557 (Unspecified vulnerability in the Application Performance Management co ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2014-6556
+CVE-2014-6556 (Unspecified vulnerability in the Oracle Applications DBA component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6555
+CVE-2014-6555 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier an ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-10.0 10.0.15-1
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6554
+CVE-2014-6554 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6553
+CVE-2014-6553 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6552
+CVE-2014-6552 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6551
+CVE-2014-6551 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier an ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6550
+CVE-2014-6550 (Unspecified vulnerability in the Oracle Applications Object Library co ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6549
+CVE-2014-6549 (Unspecified vulnerability in Oracle Java SE 8u25 allows remote attacke ...)
 	- openjdk-8 8u40~b22-1
-CVE-2014-6548
+CVE-2014-6548 (Unspecified vulnerability in the Oracle SOA Suite component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6547
+CVE-2014-6547 (Unspecified vulnerability in the JPublisher component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6546
+CVE-2014-6546 (Unspecified vulnerability in the JPublisher component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6545
+CVE-2014-6545 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6544
+CVE-2014-6544 (Unspecified vulnerability in the JDBC component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6543
+CVE-2014-6543 (Unspecified vulnerability in the Agile PLM component in Oracle Supply  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-6542
+CVE-2014-6542 (Unspecified vulnerability in the SQLJ component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6541
+CVE-2014-6541 (Unspecified vulnerability in the Recovery component in Oracle Database ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6540
+CVE-2014-6540 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox-guest-additions <removed>
 	- virtualbox-guest-additions-iso 4.3.14-1
 	[wheezy] - virtualbox-guest-additions-iso <no-dsa> (Non-free not supported)
 	[squeeze] - virtualbox-guest-additions <no-dsa> (Non-free not supported)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
-CVE-2014-6539
+CVE-2014-6539 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-6538
+CVE-2014-6538 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6537
+CVE-2014-6537 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6536
+CVE-2014-6536 (Unspecified vulnerability in the Agile PLM component in Oracle Supply  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-6535
+CVE-2014-6535 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-6534
+CVE-2014-6534 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6533
+CVE-2014-6533 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-6532
+CVE-2014-6532 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allow ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6531
+CVE-2014-6531 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u ...)
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6530
+CVE-2014-6530 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, a ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6529
+CVE-2014-6529 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-6528
+CVE-2014-6528 (Unspecified vulnerability in the Siebel Core - System Management compo ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6527
+CVE-2014-6527 (Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remot ...)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6526
+CVE-2014-6526 (Unspecified vulnerability in the Oracle Directory Server Enterprise Ed ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6525
+CVE-2014-6525 (Unspecified vulnerability in the Oracle Web Applications Desktop Integ ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6524
+CVE-2014-6524 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-6523
+CVE-2014-6523 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-6522
+CVE-2014-6522 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6521
+CVE-2014-6521 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-6520
+CVE-2014-6520 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier al ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mysql-5.1 <not-affected> (Only affects 5.5 series)
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6519
+CVE-2014-6519 (Unspecified vulnerability in Oracle Java SE 7u67 and 8u20, and Java SE ...)
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6518
+CVE-2014-6518 (Unspecified vulnerability in Oracle Solaris 10 and 11 allows local use ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-6517
+CVE-2014-6517 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java ...)
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6516
+CVE-2014-6516 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools compon ...)
 	NOT-FOR-US: Oracle JD Edwards Products
-CVE-2014-6515
+CVE-2014-6515 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allow ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6514
+CVE-2014-6514 (Unspecified vulnerability in the PL/SQL component in Oracle Database S ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6513
+CVE-2014-6513 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and  ...)
 	- openjdk-6 <not-affected> (Windows-specific)
 	- openjdk-7 <not-affected> (Windows-specific)
 	- openjdk-8 <not-affected> (Windows-specific)
-CVE-2014-6512
+CVE-2014-6512 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u ...)
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
 	NOTE: Upstream OpenJDK commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/0798607dd425
-CVE-2014-6511
+CVE-2014-6511 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u ...)
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6510
+CVE-2014-6510 (Unspecified vulnerability in Oracle Solaris 11 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-6509
+CVE-2014-6509 (Unspecified vulnerability in Oracle Solaris 10 allows local users to a ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-6508
+CVE-2014-6508 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remot ...)
 	NOT-FOR-US: Oracle Sun Solaris 10 and 11
-CVE-2014-6507
+CVE-2014-6507 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, a ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
 	- mariadb-10.0 10.0.15-1
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6506
+CVE-2014-6506 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u ...)
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6505
+CVE-2014-6505 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, a ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6504
+CVE-2014-6504 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, an ...)
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6503
+CVE-2014-6503 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allow ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6502
+CVE-2014-6502 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u ...)
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6501
+CVE-2014-6501 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-6500
+CVE-2014-6500 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, a ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
@@ -9497,13 +9497,13 @@ CVE-2014-6500
 	- percona-xtradb-cluster-5.5 <removed>
 	- cyassl <removed> (bug #770229)
 	- wolfssl <not-affected> (WolfSSL not affected)
-CVE-2014-6499
+CVE-2014-6499 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6498
+CVE-2014-6498 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-6497
+CVE-2014-6497 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-6496
+CVE-2014-6496 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, a ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
@@ -9511,7 +9511,7 @@ CVE-2014-6496
 	- percona-xtradb-cluster-5.5 <removed>
 	- cyassl <removed> (bug #770229)
 	- wolfssl <not-affected> (WolfSSL not affected)
-CVE-2014-6495
+CVE-2014-6495 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, a ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
@@ -9519,7 +9519,7 @@ CVE-2014-6495
 	- percona-xtradb-cluster-5.5 <removed>
 	- cyassl <removed> (bug #770229)
 	- wolfssl <not-affected> (WolfSSL not affected)
-CVE-2014-6494
+CVE-2014-6494 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, a ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
@@ -9527,15 +9527,15 @@ CVE-2014-6494
 	- percona-xtradb-cluster-5.5 <removed>
 	- cyassl <removed> (bug #770229)
 	- wolfssl <not-affected> (WolfSSL not affected)
-CVE-2014-6493
+CVE-2014-6493 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allow ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6492
+CVE-2014-6492 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6491
+CVE-2014-6491 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier an ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
@@ -9543,37 +9543,37 @@ CVE-2014-6491
 	- percona-xtradb-cluster-5.5 <removed>
 	- cyassl <removed> (bug #770229)
 	- wolfssl <not-affected> (WolfSSL not affected)
-CVE-2014-6490
+CVE-2014-6490 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-6489
+CVE-2014-6489 (Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only MySQL 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
-CVE-2014-6488
+CVE-2014-6488 (Unspecified vulnerability in the Enterprise Manager for Oracle Databas ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control EM Base Plattform
-CVE-2014-6487
+CVE-2014-6487 (Unspecified vulnerability in the Oracle Identity Manager component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6486
+CVE-2014-6486 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-6485
+CVE-2014-6485 (Unspecified vulnerability in Oracle Java SE 8u20 and JavaFX 2.2.65 all ...)
 	- openjdk-8 8u40~b09-1
-CVE-2014-6484
+CVE-2014-6484 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, a ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6483
+CVE-2014-6483 (Unspecified vulnerability in the Application Express component in Orac ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6482
+CVE-2014-6482 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-6481
+CVE-2014-6481 (Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote at ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-6480
+CVE-2014-6480 (Unspecified vulnerability in the Solaris Cluster component in Oracle S ...)
 	NOT-FOR-US: Oracle
-CVE-2014-6479
+CVE-2014-6479 (Unspecified vulnerability in the Oracle Applications Technology compon ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-6478
+CVE-2014-6478 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, a ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
@@ -9581,97 +9581,97 @@ CVE-2014-6478
 	- percona-xtradb-cluster-5.5 <removed>
 	- cyassl <removed>
 	- wolfssl <not-affected> (WolfSSL not affected)
-CVE-2014-6477
+CVE-2014-6477 (Unspecified vulnerability in the JPublisher component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database
-CVE-2014-6476
+CVE-2014-6476 (Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remot ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6475
+CVE-2014-6475 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-6474
+CVE-2014-6474 (Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
-CVE-2014-6473
+CVE-2014-6473 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Oracle Sun Solaris 10 and 11
-CVE-2014-6472
+CVE-2014-6472 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-6471
+CVE-2014-6471 (Unspecified vulnerability in the Oracle Applications Manager component ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-6470
+CVE-2014-6470 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-6469
+CVE-2014-6469 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier an ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
 	- mariadb-10.0 10.0.15-1
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6468
+CVE-2014-6468 (Unspecified vulnerability in Oracle Java SE 8u20 allows local users to ...)
 	- openjdk-8 8u40~b09-1
-CVE-2014-6467
+CVE-2014-6467 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6466
+CVE-2014-6466 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6465
+CVE-2014-6465 (Unspecified vulnerability in the Oracle Communications Session Border  ...)
 	NOT-FOR-US: Oracle Communications Applications
-CVE-2014-6464
+CVE-2014-6464 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier an ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.40-1
 	- mariadb-5.5 <removed>
 	- mariadb-10.0 10.0.15-1
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6463
+CVE-2014-6463 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier an ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
-CVE-2014-6462
+CVE-2014-6462 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-6461
+CVE-2014-6461 (Unspecified vulnerability in the Agile PLM component in Oracle Supply  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-6460
+CVE-2014-6460 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-6459
+CVE-2014-6459 (Unspecified vulnerability in the Oracle Secure Global Desktop componen ...)
 	NOT-FOR-US: Oracle Virtualization
-CVE-2014-6458
+CVE-2014-6458 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allow ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6457
+CVE-2014-6457 (Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u ...)
 	{DSA-3080-1 DSA-3077-1 DLA-96-1}
 	- openjdk-6 6b33-1.13.5-1
 	- openjdk-7 7u71-2.5.3-1
 	- openjdk-8 8u40~b09-1
-CVE-2014-6456
+CVE-2014-6456 (Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remot ...)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-6455
+CVE-2014-6455 (Unspecified vulnerability in the SQLJ component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6454
+CVE-2014-6454 (Unspecified vulnerability in the SQLJ component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6453
+CVE-2014-6453 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6452
+CVE-2014-6452 (Unspecified vulnerability in the SQLJ component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-6451
+CVE-2014-6451 (J-Web in Juniper vSRX virtual firewalls with Junos OS before 15.1X49-D ...)
 	NOT-FOR-US: Juniper
-CVE-2014-6450
+CVE-2014-6450 (Juniper Junos OS before 11.4R12-S4, 12.1X44 before 12.1X44-D41, 12.1X4 ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2014-6449
+CVE-2014-6449 (Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X ...)
 	NOT-FOR-US: Juniper Junos OS
 CVE-2014-6448
 	RESERVED
 CVE-2014-6447
 	RESERVED
-CVE-2014-6446
+CVE-2014-6446 (The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPre ...)
 	NOT-FOR-US: WordPress plugin Infusionsoft Gravity Forms
-CVE-2014-6445
+CVE-2014-6445 (Multiple cross-site scripting (XSS) vulnerabilities in includes/toAdmi ...)
 	NOT-FOR-US: WordPress plugin Contact Form 7 Integrations
-CVE-2014-6444
+CVE-2014-6444 (Multiple cross-site scripting (XSS) vulnerabilities in the Titan Frame ...)
 	NOT-FOR-US: Titan Framework plugin for WordPress
 CVE-2014-6443
 	RESERVED
@@ -9679,13 +9679,13 @@ CVE-2014-6442
 	RESERVED
 CVE-2014-6441
 	RESERVED
-CVE-2014-6440
+CVE-2014-6440 (VideoLAN VLC media player before 2.1.5 allows remote attackers to exec ...)
 	- vlc 2.1.5-1 (low)
 	[wheezy] - vlc <not-affected> (Introduced in 2.1)
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-6439
+CVE-2014-6439 (Cross-site scripting (XSS) vulnerability in the CORS functionality in  ...)
 	- elasticsearch 1.0.3+dfsg-4 (bug #763958; low)
-CVE-2014-6438
+CVE-2014-6438 (The URI.decode_www_form_component method in Ruby before 1.9.2-p330 all ...)
 	{DLA-275-1}
 	- ruby1.9.1 1.9.3.0-1
 	- ruby1.8 <not-affected> (Vulnerable code not present)
@@ -9694,15 +9694,15 @@ CVE-2014-6438
 	NOTE: https://github.com/ruby/ruby/commit/5082e91876502a2f3dde862406a0efe9f85afcdb
 	NOTE: https://github.com/ruby/ruby/commit/7b9354af8805c02ed968765abe300162e0fcc943
 	NOTE: CVE assignment is specific to ruby 1.9.x series?
-CVE-2014-6437
+CVE-2014-6437 (Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow remo ...)
 	NOT-FOR-US: Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices
-CVE-2014-6436
+CVE-2014-6436 (Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly ...)
 	NOT-FOR-US: Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices
-CVE-2014-6435
+CVE-2014-6435 (cgi-bin/AZ_Retrain.cgi in Aztech ADSL DSL5018EN (1T1R), DSL705E, and D ...)
 	NOT-FOR-US: Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices
-CVE-2014-6434
+CVE-2014-6434 (gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary c ...)
 	NOT-FOR-US: GoPro
-CVE-2014-6433
+CVE-2014-6433 (gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary f ...)
 	NOT-FOR-US: GoPro
 CVE-2014-6420
 	RESERVED
@@ -9712,15 +9712,15 @@ CVE-2014-6415
 	RESERVED
 CVE-2014-6413
 	RESERVED
-CVE-2014-6412
+CVE-2014-6412 (WordPress before 4.4 makes it easier for remote attackers to predict p ...)
 	- wordpress <not-affected> (Affects only Wordpress on Windows systems)
 CVE-2014-6411
 	RESERVED
-CVE-2014-6409
+CVE-2014-6409 (Cross-site request forgery (CSRF) vulnerability in M/Monit 3.3.2 and e ...)
 	NOT-FOR-US: M/Monit
-CVE-2014-6408
+CVE-2014-6408 (Docker 1.3.0 through 1.3.1 allows remote attackers to modify the defau ...)
 	- docker.io 1.3.2~dfsg1-1
-CVE-2014-6407
+CVE-2014-6407 (Docker before 1.3.2 allows remote attackers to write to arbitrary file ...)
 	- docker.io 1.3.2~dfsg1-1
 CVE-2014-6406
 	RESERVED
@@ -9742,146 +9742,146 @@ CVE-2014-6398
 	RESERVED
 CVE-2014-6397
 	RESERVED
-CVE-2014-6396
+CVE-2014-6396 (The dissector_postgresql function in dissectors/ec_postgresql.c in Ett ...)
 	- ettercap 1:0.8.1-3 (bug #773416)
 	[squeeze] - ettercap <not-affected> (Vulnerable code not present according to upstream author in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20)
-CVE-2014-6395
+CVE-2014-6395 (Heap-based buffer overflow in the dissector_postgresql function in dis ...)
 	- ettercap 1:0.8.1-3 (bug #773416)
 	[squeeze] - ettercap <not-affected> (Vulnerable code not present according to upstream author in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416#20)
-CVE-2014-6394
+CVE-2014-6394 (visionmedia send before 0.8.4 for Node.js uses a partial comparison fo ...)
 	- node-send 0.9.4-1
 	NOTE: https://nodesecurity.io/advisories/send-directory-traversal
-CVE-2014-6393
+CVE-2014-6393 (The Express web framework before 3.11 and 4.x before 4.5 for Node.js d ...)
 	- node-express <unfixed> (unimportant)
 	NOTE: libv8 is not covered by security support
-CVE-2014-6392
+CVE-2014-6392 (** DISPUTED ** Cross-site scripting (XSS) vulnerability in the Faceboo ...)
 	NOT-FOR-US: Facebook app and Facebook Messenger app for iOS
 CVE-2014-6391
 	RESERVED
 CVE-2014-6390
 	RESERVED
-CVE-2014-6389
+CVE-2014-6389 (backup.php in PHPCompta/NOALYSS before 6.7.2 allows remote attackers t ...)
 	NOT-FOR-US: PhpCompta
 CVE-2014-6388
 	REJECTED
-CVE-2014-7145
+CVE-2014-7145 (The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before ...)
 	- linux 3.16.3-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 	- linux-2.6 <not-affected> (Introduced in 3.7)
 	NOTE: upstream fix: https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce (v3.17-rc2)
-CVE-2014-6432
+CVE-2014-6432 (The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniff ...)
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-19.html
-CVE-2014-6431
+CVE-2014-6431 (Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer ...)
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-19.html
-CVE-2014-6430
+CVE-2014-6430 (The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniff ...)
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-19.html
-CVE-2014-6429
+CVE-2014-6429 (The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniff ...)
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-19.html
-CVE-2014-6428
+CVE-2014-6428 (The dissect_spdu function in epan/dissectors/packet-ses.c in the SES d ...)
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-18.html
-CVE-2014-6427
+CVE-2014-6427 (Off-by-one error in the is_rtsp_request_or_reply function in epan/diss ...)
 	{DSA-3049-1}
 	- wireshark 1.12.1+g01b65bf-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-17.html
-CVE-2014-6426
+CVE-2014-6426 (The dissect_hip_tlv function in epan/dissectors/packet-hip.c in the HI ...)
 	- wireshark 1.12.1+g01b65bf-1
 	[wheezy] - wireshark <not-affected> (Only applies to 1.12.x)
 	[squeeze] - wireshark <not-affected> (Only applies to 1.12.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-16.html
-CVE-2014-6425
+CVE-2014-6425 (The (1) get_quoted_string and (2) get_unquoted_string functions in epa ...)
 	- wireshark 1.12.1+g01b65bf-1
 	[wheezy] - wireshark <not-affected> (Only applies to 1.12.x)
 	[squeeze] - wireshark <not-affected> (Only applies to 1.12.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-15.html
-CVE-2014-6424
+CVE-2014-6424 (The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow ...)
 	{DSA-3049-1}
 	- wireshark 1.12.1+g01b65bf-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-14.html
-CVE-2014-6423
+CVE-2014-6423 (The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in th ...)
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-13.html
-CVE-2014-6422
+CVE-2014-6422 (The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate ...)
 	{DSA-3049-1 DLA-198-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-12.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=04c05a21e34cec326f1aff2f5f8a6e74e1ced984 (v1.11.3)
-CVE-2014-6421
+CVE-2014-6421 (Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x  ...)
 	- wireshark 1.12.0~rc1-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2014-12.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=81c4eee84b6ee19fd27929856fa1465b1af148c6 (v1.10.10)
-CVE-2014-6418
+CVE-2014-6418 (net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3,  ...)
 	- linux 3.16.3-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
 	NOTE: http://tracker.ceph.com/issues/8979
-CVE-2014-6417
+CVE-2014-6417 (net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3,  ...)
 	- linux 3.16.3-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
 	NOTE: http://tracker.ceph.com/issues/8979
-CVE-2014-6416
+CVE-2014-6416 (Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux ker ...)
 	- linux 3.16.3-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
 	NOTE: http://tracker.ceph.com/issues/8979
-CVE-2014-6414
+CVE-2014-6414 (OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows re ...)
 	- neutron 2014.1.3-1
 	NOTE: vulnerable versions up to 2013.2.4 and 2014.1 versions up to 2014.1.2
-CVE-2014-6410
+CVE-2014-6410 (The __udf_read_inode function in fs/udf/inode.c in the Linux kernel th ...)
 	{DLA-118-1}
 	- linux 3.16.5-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c03aa9f6e1f938618e6db2e23afef0574efeeb65 (v3.17-rc5)
-CVE-2014-6386
+CVE-2014-6386 (Juniper Junos 11.4 before 11.4R8, 12.1X44 before 12.1X44-D35, 12.1X45  ...)
 	NOT-FOR-US: Juniper
-CVE-2014-6385
+CVE-2014-6385 (Juniper Junos 11.4 before 11.4R13, 12.1X44 before 12.1X44-D45, 12.1X46 ...)
 	NOT-FOR-US: Juniper
-CVE-2014-6384
+CVE-2014-6384 (Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D25,  ...)
 	NOT-FOR-US: Juniper
-CVE-2014-6383
+CVE-2014-6383 (The stateless firewall in Juniper Junos 13.3R3, 14.1R1, and 14.1R2, wh ...)
 	NOT-FOR-US: Juniper
-CVE-2014-6382
+CVE-2014-6382 (The Juniper MX Series routers with Junos 13.3R3 through 13.3Rx before  ...)
 	NOT-FOR-US: Juniper
-CVE-2014-6381
+CVE-2014-6381 (Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9. ...)
 	NOT-FOR-US: Juniper
-CVE-2014-6380
+CVE-2014-6380 (Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12. ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-6379
+CVE-2014-6379 (Juniper Junos 11.4 before R12, 12.1 before R10, 12.1X44 before D35, 12 ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-6378
+CVE-2014-6378 (Juniper Junos 11.4 before R12-S4, 12.1X44 before D35, 12.1X45 before D ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-6377
+CVE-2014-6377 (Juniper JunosE before 13.3.3p0-1, 14.x before 14.3.2, and 15.x before  ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-6376
+CVE-2014-6376 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6375
+CVE-2014-6375 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6374
+CVE-2014-6374 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6373
+CVE-2014-6373 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-6372
 	REJECTED
@@ -9889,113 +9889,113 @@ CVE-2014-6371
 	REJECTED
 CVE-2014-6370
 	REJECTED
-CVE-2014-6369
+CVE-2014-6369 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6368
+CVE-2014-6368 (Microsoft Internet Explorer 11 allows remote attackers to bypass the A ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-6367
 	REJECTED
-CVE-2014-6366
+CVE-2014-6366 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6365
+CVE-2014-6365 (Microsoft Internet Explorer 8 through 11 allows remote attackers to by ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6364
+CVE-2014-6364 (Use-after-free vulnerability in Microsoft Office 2007 SP3; 2010 SP2; 2 ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2014-6363
+CVE-2014-6363 (vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Inter ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6362
+CVE-2014-6362 (Use-after-free vulnerability in Microsoft Office 2007 SP3, 2010 SP2, a ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2014-6361
+CVE-2014-6361 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold and SP1, Exc ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2014-6360
+CVE-2014-6360 (Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pac ...)
 	NOT-FOR-US: Microsoft Excel
 CVE-2014-6359
 	REJECTED
 CVE-2014-6358
 	REJECTED
-CVE-2014-6357
+CVE-2014-6357 (Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2014-6356
+CVE-2014-6356 (Array index error in Microsoft Word 2007 SP3, Word 2010 SP2, and Offic ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2014-6355
+CVE-2014-6355 (The Graphics Component in Microsoft Windows Server 2003 SP2, Windows V ...)
 	NOT-FOR-US: Microsft Windows
-CVE-2014-6354
+CVE-2014-6354 (Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Interne ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6353
+CVE-2014-6353 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6352
+CVE-2014-6352 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6351
+CVE-2014-6351 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6350
+CVE-2014-6350 (Microsoft Internet Explorer 10 and 11 allows remote attackers to gain  ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6349
+CVE-2014-6349 (Microsoft Internet Explorer 10 and 11 allows remote attackers to gain  ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6348
+CVE-2014-6348 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6347
+CVE-2014-6347 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6346
+CVE-2014-6346 (Microsoft Internet Explorer 8 through 11 allows remote attackers to re ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6345
+CVE-2014-6345 (Microsoft Internet Explorer 9 and 10 allows remote attackers to read c ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6344
+CVE-2014-6344 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6343
+CVE-2014-6343 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6342
+CVE-2014-6342 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6341
+CVE-2014-6341 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6340
+CVE-2014-6340 (Microsoft Internet Explorer 6 through 11 allows remote attackers to re ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6339
+CVE-2014-6339 (Microsoft Internet Explorer 8 and 9 allows remote attackers to bypass  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-6338
 	REJECTED
-CVE-2014-6337
+CVE-2014-6337 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6336
+CVE-2014-6336 (Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumula ...)
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2014-6335
+CVE-2014-6335 (Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2014-6334
+CVE-2014-6334 (Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6333
+CVE-2014-6333 (Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6332
+CVE-2014-6332 (OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vist ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6331
+CVE-2014-6331 (Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3 ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6330
+CVE-2014-6330 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6329
+CVE-2014-6329 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6328
+CVE-2014-6328 (Microsoft Internet Explorer 8 through 11 allows remote attackers to by ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6327
+CVE-2014-6327 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6326
+CVE-2014-6326 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server  ...)
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2014-6325
+CVE-2014-6325 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server  ...)
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2014-6324
+CVE-2014-6324 (The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-6323
+CVE-2014-6323 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ob ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-6322
+CVE-2014-6322 (The Windows Audio service in Microsoft Windows Vista SP2, Windows Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6321
+CVE-2014-6321 (Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Wind ...)
 	NOT-FOR-US: Microsoft
 CVE-2014-6320
 	REJECTED
-CVE-2014-6319
+CVE-2014-6319 (Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, ...)
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2014-6318
+CVE-2014-6318 (The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft  ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6317
+CVE-2014-6317 (Array index error in win32k.sys in the kernel-mode drivers in Microsof ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-6316
+CVE-2014-6316 (core/string_api.php in MantisBT before 1.2.18 does not properly catego ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
@@ -10004,17 +10004,17 @@ CVE-2014-6316
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17362
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17698
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17811
-CVE-2014-6315
+CVE-2014-6315 (Multiple cross-site scripting (XSS) vulnerabilities in the Web-Dorado  ...)
 	NOT-FOR-US: WordPress plugin Photo Gallery
 CVE-2014-6314
 	RESERVED
-CVE-2014-6313
+CVE-2014-6313 (Cross-site scripting (XSS) vulnerability in the WooCommerce plugin bef ...)
 	NOT-FOR-US: WordPress plugin WooCommerce
-CVE-2014-6312
+CVE-2014-6312 (Cross-site request forgery (CSRF) vulnerability in the Login Widget Wi ...)
 	NOT-FOR-US: Login Widget With Shortcode (login-sidebar-widget) plugin for WordPress
-CVE-2014-6309
+CVE-2014-6309 (The HTTP and WebSocket engine components in the server in Kaazing Gate ...)
 	NOT-FOR-US: Kaazing Gateway
-CVE-2014-6308
+CVE-2014-6308 (Directory traversal vulnerability in OSClass before 3.4.2 allows remot ...)
 	NOT-FOR-US: OsClass
 CVE-2014-6307
 	RESERVED
@@ -10022,62 +10022,62 @@ CVE-2014-6306
 	RESERVED
 CVE-2014-6305
 	RESERVED
-CVE-2014-6304
+CVE-2014-6304 (The Form Controls CSS file in PNMsoft Sequence Kinetics before 7.7 all ...)
 	NOT-FOR-US: PNMsoft
-CVE-2014-6303
+CVE-2014-6303 (The Monitoring Administration pages in PNMsoft Sequence Kinetics befor ...)
 	NOT-FOR-US: PNMsoft
-CVE-2014-6302
+CVE-2014-6302 (The Monitoring Administration pages in PNMsoft Sequence Kinetics befor ...)
 	NOT-FOR-US: PNMsoft
-CVE-2014-6301
+CVE-2014-6301 (Multiple cross-site scripting (XSS) vulnerabilities in the tables-mana ...)
 	NOT-FOR-US: PNMsoft
-CVE-2014-6300
+CVE-2014-6300 (Cross-site scripting (XSS) vulnerability in the micro history implemen ...)
 	- phpmyadmin 4:4.2.8.1-1
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-6299
+CVE-2014-6299 (Cross-site request forgery (CSRF) vulnerability in the mm_forum extens ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6298
+CVE-2014-6298 (Unrestricted file upload vulnerability in the mm_forum extension befor ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6297
+CVE-2014-6297 (Cross-site scripting (XSS) vulnerability in the mm_forum extension bef ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6296
+CVE-2014-6296 (Cross-site scripting (XSS) vulnerability in the WEC Map (wec_map) exte ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6295
+CVE-2014-6295 (SQL injection vulnerability in the WEC Map (wec_map) extension before  ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6294
+CVE-2014-6294 (Cross-site scripting (XSS) vulnerability in the External links click s ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6293
+CVE-2014-6293 (SQL injection vulnerability in the Statistics (ke_stats) extension bef ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6292
+CVE-2014-6292 (The femanager extension before 1.0.9 for TYPO3 allows remote frontend  ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6291
+CVE-2014-6291 (Cross-site scripting (XSS) vulnerability in the Alphabetic Sitemap (al ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6290
+CVE-2014-6290 (The News (tt_news) extension before 3.5.2 for TYPO3 allows remote atta ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6289
+CVE-2014-6289 (The Ajax dispatcher for Extbase in the Yet Another Gallery (yag) exten ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6288
+CVE-2014-6288 (The powermail extension 2.x before 2.0.11 for TYPO3 allows remote atta ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2014-6287
+CVE-2014-6287 (The findMacroMarker function in parserLib.pas in Rejetto HTTP File Ser ...)
 	NOT-FOR-US: Rejetto HTTP File Server
 CVE-2014-6286
 	RESERVED
 CVE-2014-6285
 	RESERVED
-CVE-2014-6284
+CVE-2014-6284 (SAP Adaptive Server Enterprise (ASE) before 15.7 SP132 and 16.0 before ...)
 	NOT-FOR-US: SAP Adaptive Server Enterprise
-CVE-2014-6283
+CVE-2014-6283 (SAP Adaptive Server Enterprise (ASE) 15.7 before SP122 or SP63, 15.5 b ...)
 	NOT-FOR-US: SAP Adaptive Server Enterprise
 CVE-2014-6282
 	RESERVED
 CVE-2014-6281
 	RESERVED
-CVE-2014-6280
+CVE-2014-6280 (Multiple cross-site scripting (XSS) vulnerabilities in OSClass before  ...)
 	NOT-FOR-US: OsClass
 CVE-2014-6279
 	RESERVED
-CVE-2014-6278
+CVE-2014-6278 (GNU Bash through 4.3 bash43-026 does not properly parse function defin ...)
 	- bash 4.3-9.2 (high)
 	[wheezy] - bash 4.2+dfsg-0.1+deb7u3 (high)
 	[squeeze] - bash 4.1-3+deb6u2 (high)
@@ -10085,7 +10085,7 @@ CVE-2014-6278
 	NOTE: exploitation of this issue by making bash only use environment variables
 	NOTE: with specific names (BASH_FUNC_*()) to define functions from its
 	NOTE: environment.
-CVE-2014-6277
+CVE-2014-6277 (GNU Bash through 4.3 bash43-026 does not properly parse function defin ...)
 	- bash 4.3-9.2
 	[wheezy] - bash 4.2+dfsg-0.1+deb7u3
 	[squeeze] - bash 4.1-3+deb6u2
@@ -10093,7 +10093,7 @@ CVE-2014-6277
 	NOTE: exploitation of this issue by making bash only use environment variables
 	NOTE: with specific names (BASH_FUNC_*()) to define functions from its
 	NOTE: environment.
-CVE-2014-6276
+CVE-2014-6276 (schema.py in Roundup before 1.5.1 does not properly limit attributes i ...)
 	{DSA-3502-1}
 	- roundup <removed> (bug #816780)
 	NOTE: http://hg.code.sf.net/p/roundup/code/rev/a403c29ffaf9
@@ -10107,13 +10107,13 @@ CVE-2014-6274 [S3 and Glacier remotes creds embedded in the git repo were not en
 	- git-annex 5.20140919
 	[wheezy] - git-annex <not-affected> (Vulnerable code introduced in 3.20121126)
 	NOTE: https://git-annex.branchable.com/upgrades/insecure_embedded_creds/
-CVE-2014-6273
+CVE-2014-6273 (Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and ...)
 	{DSA-3031-1 DLA-58-1}
 	- apt 1.0.3
-CVE-2014-6272
+CVE-2014-6272 (Multiple integer overflows in the evbuffer API in Libevent 1.4.x befor ...)
 	{DSA-3119-1 DLA-137-1}
 	- libevent 2.0.21-stable-2 (bug #774645)
-CVE-2014-6271
+CVE-2014-6271 (GNU Bash through 4.3 processes trailing strings after function definit ...)
 	{DSA-3032-1 DLA-59-1}
 	- bash 4.3-9.1
 CVE-2014-6267
@@ -10128,25 +10128,25 @@ CVE-2014-6263
 	RESERVED
 CVE-2014-6262
 	RESERVED
-CVE-2014-6261
+CVE-2014-6261 (Zenoss Core through 5 Beta 3 does not properly implement the Check For ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-6260
+CVE-2014-6260 (Zenoss Core through 5 Beta 3 does not require a password for modifying ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-6259
+CVE-2014-6259 (Zenoss Core through 5 Beta 3 does not properly detect recursion during ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-6258
+CVE-2014-6258 (An unspecified endpoint in Zenoss Core through 5 Beta 3 allows remote  ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-6257
+CVE-2014-6257 (Zenoss Core through 5 Beta 3 allows remote attackers to bypass intende ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-6256
+CVE-2014-6256 (Zenoss Core through 5 Beta 3 allows remote attackers to bypass intende ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-6255
+CVE-2014-6255 (Open redirect vulnerability in the login form in Zenoss Core before 4. ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-6254
+CVE-2014-6254 (Multiple cross-site scripting (XSS) vulnerabilities in Zenoss Core thr ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-6253
+CVE-2014-6253 (Multiple cross-site request forgery (CSRF) vulnerabilities in Zenoss C ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-6387
+CVE-2014-6387 (gpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to  ...)
 	{DSA-3120-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
@@ -10160,7 +10160,7 @@ CVE-2014-XXXX [install-sh: insecure use of /tmp]
 	- automake-1.15 1:1.15-3 (unimportant; bug #760455)
 	NOTE: http://seclists.org/oss-sec/2014/q3/588
 	NOTE: Neutralised by kernel hardening
-CVE-2014-6252
+CVE-2014-6252 (Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.5029 ...)
 	NOT-FOR-US: SAP NetWeaver
 CVE-2014-6311 [/tmp file vulnerability in generate_doxygen.pl]
 	RESERVED
@@ -10169,7 +10169,7 @@ CVE-2014-6311 [/tmp file vulnerability in generate_doxygen.pl]
 CVE-2014-6310
 	RESERVED
 	- chicken <not-affected> (Affects only CHICKEN Scheme on the Android platform)
-CVE-2014-6270
+CVE-2014-6270 (Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squi ...)
 	- squid <removed> (unimportant)
 	NOTE: SNMP not built in squid 2
 	- squid3 3.4.8-1 (low; bug #761002)
@@ -10179,7 +10179,7 @@ CVE-2014-6270
 	NOTE: Upstream commits: http://bazaar.launchpad.net/~squid/squid/trunk/revision/13574
 	NOTE: http://bazaar.launchpad.net/~squid/squid/trunk/revision/13582
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2014_3.txt
-CVE-2014-7142
+CVE-2014-7142 (The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain ...)
 	- squid 4.1-1
 	[squeeze] - squid <no-dsa> (Minor issue)
 	[wheezy] - squid <no-dsa> (Minor issue)
@@ -10188,7 +10188,7 @@ CVE-2014-7142
 	[wheezy] - squid3 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=891268
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2014_4.txt
-CVE-2014-7141
+CVE-2014-7141 (The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain ...)
 	- squid 4.1-1
 	[squeeze] - squid <no-dsa> (Minor issue)
 	[wheezy] - squid <no-dsa> (Minor issue)
@@ -10197,11 +10197,11 @@ CVE-2014-7141
 	[wheezy] - squid3 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=891268
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2014_4.txt
-CVE-2014-6268
+CVE-2014-6268 (The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest u ...)
 	- xen 4.4.1-3
 	[wheezy] - xen <not-affected> (Affects only Xen 4.4 onwards)
 	[squeeze] - xen <not-affected> (Affects only Xen 4.4 onwards)
-CVE-2014-6251
+CVE-2014-6251 (Stack-based buffer overflow in CPUMiner before 2.4.1 allows remote att ...)
 	NOT-FOR-US: CPUMiner, related to cgminer according to #773624
 CVE-2014-6250
 	RESERVED
@@ -10217,41 +10217,41 @@ CVE-2014-6245
 	RESERVED
 CVE-2014-6244
 	RESERVED
-CVE-2014-6243
+CVE-2014-6243 (Cross-site scripting (XSS) vulnerability in the EWWW Image Optimizer p ...)
 	NOT-FOR-US: WordPress plugin EWWW Image Optimizer
-CVE-2014-6242
+CVE-2014-6242 (Multiple SQL injection vulnerabilities in the All In One WP Security & ...)
 	NOT-FOR-US: WordPress plugin All In One WP Security
-CVE-2014-6230
+CVE-2014-6230 (WP-Ban plugin before 1.6.4 for WordPress, when running in certain conf ...)
 	NOT-FOR-US: WordPress plugin WP-Ban
-CVE-2014-6229
+CVE-2014-6229 (The HashContext class in hphp/runtime/ext/ext_hash.cpp in Facebook Hip ...)
 	NOT-FOR-US: Facebook HipHop Virtual Machine
-CVE-2014-6228
+CVE-2014-6228 (Integer overflow in the string_chunk_split function in hphp/runtime/ba ...)
 	NOT-FOR-US: Facebook HipHop Virtual Machine
-CVE-2014-3618
+CVE-2014-3618 (Heap-based buffer overflow in formisc.c in formail in procmail 3.22 al ...)
 	{DSA-3019-1 DLA-46-1}
 	- procmail 3.22-22 (bug #760443)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/09/03/8
-CVE-2014-6241
+CVE-2014-6241 (SQL injection vulnerability in the wt_directory extension before 1.4.1 ...)
 	NOT-FOR-US: Typo3 extension wt_directory
-CVE-2014-6240
+CVE-2014-6240 (Cross-site scripting (XSS) vulnerability in the Google Sitemap (weeaar ...)
 	NOT-FOR-US: Typo3 extension weeaar_googlesitemap
-CVE-2014-6239
+CVE-2014-6239 (SQL injection vulnerability in the Address visualization with Google M ...)
 	NOT-FOR-US: Typo3 extension st_address_map
-CVE-2014-6238
+CVE-2014-6238 (Cross-site scripting (XSS) vulnerability in the Akronymmanager (aka SB ...)
 	NOT-FOR-US: Typo3 extension Akronymmanager
-CVE-2014-6237
+CVE-2014-6237 (Cross-site scripting (XSS) vulnerability in the News Pack extension 0. ...)
 	NOT-FOR-US: Typo3 extension News Pack
-CVE-2014-6236
+CVE-2014-6236 (Unspecified vulnerability in the LumoNet PHP Include (lumophpinclude)  ...)
 	NOT-FOR-US: Typo3 extension lumophpinclude
-CVE-2014-6235
+CVE-2014-6235 (Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for  ...)
 	NOT-FOR-US: Typo3 extension DomPDF
-CVE-2014-6234
+CVE-2014-6234 (Cross-site scripting (XSS) vulnerability in the Open Graph protocol (j ...)
 	NOT-FOR-US: Typo3 extension jh_opengraphprotocol
-CVE-2014-6233
+CVE-2014-6233 (SQL injection vulnerability in the Flat Manager (flatmgr) extension be ...)
 	NOT-FOR-US: Typo3 extension flatmgr
-CVE-2014-6232
+CVE-2014-6232 (Unspecified vulnerability in the LDAP (eu_ldap) extension before 2.8.1 ...)
 	NOT-FOR-US: Typo3 extension eu_ldap
-CVE-2014-6231
+CVE-2014-6231 (Unspecified vulnerability in the CWT Frontend Edit (cwt_feedit) extens ...)
 	NOT-FOR-US: Typo3 extension cwt_feedit
 	NOTE: This is different from the feedit extension in typo3-src.
 CVE-2014-6227
@@ -10264,9 +10264,9 @@ CVE-2014-6224
 	RESERVED
 CVE-2014-6223
 	RESERVED
-CVE-2014-6222
+CVE-2014-6222 (Directory traversal vulnerability in IBM Marketing Operations 7.x and  ...)
 	NOT-FOR-US: IBM Marketing Operations
-CVE-2014-6221
+CVE-2014-6221 (The MSCAPI/MSCNG interface implementation in GSKit in IBM Rational Cle ...)
 	NOT-FOR-US: IBM Rational ClearCase
 CVE-2014-6220
 	RESERVED
@@ -10278,19 +10278,19 @@ CVE-2014-6217
 	RESERVED
 CVE-2014-6216
 	RESERVED
-CVE-2014-6215
+CVE-2014-6215 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
 	NOT-FOR-US: IBM
-CVE-2014-6214
+CVE-2014-6214 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Porta ...)
 	NOT-FOR-US: IBM
 CVE-2014-6213
 	RESERVED
-CVE-2014-6212
+CVE-2014-6212 (The Echo API in IBM Emptoris Contract Management 9.5.x before 9.5.0.6  ...)
 	NOT-FOR-US: IBM
-CVE-2014-6211
+CVE-2014-6211 (The command-line scripts in IBM WebSphere Commerce 6.0 through 6.0.0.1 ...)
 	NOT-FOR-US: IBM
-CVE-2014-6210
+CVE-2014-6210 (IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5  ...)
 	NOT-FOR-US: IBM
-CVE-2014-6209
+CVE-2014-6209 (IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 thro ...)
 	NOT-FOR-US: IBM
 CVE-2014-6208
 	RESERVED
@@ -10310,264 +10310,264 @@ CVE-2014-6201
 	RESERVED
 CVE-2014-6200
 	RESERVED
-CVE-2014-6199
+CVE-2014-6199 (The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x a ...)
 	NOT-FOR-US: IBM
-CVE-2014-6198
+CVE-2014-6198 (Cross-site request forgery (CSRF) vulnerability in IBM Security Networ ...)
 	NOT-FOR-US: IBM
-CVE-2014-6197
+CVE-2014-6197 (IBM Security Network Protection 5.1.x and 5.2.x before 5.2.0.0 FP5 and ...)
 	NOT-FOR-US: IBM
-CVE-2014-6196
+CVE-2014-6196 (Cross-site scripting (XSS) vulnerability in IBM Web Experience Factory ...)
 	NOT-FOR-US: IBM WEF
-CVE-2014-6195
+CVE-2014-6195 (The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage  ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-6194
+CVE-2014-6194 (Directory traversal vulnerability in an unspecified web form in IBM Ma ...)
 	NOT-FOR-US: IBM Maximo
-CVE-2014-6193
+CVE-2014-6193 (IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, ...)
 	NOT-FOR-US: IBM
-CVE-2014-6192
+CVE-2014-6192 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program M ...)
 	NOT-FOR-US: IBM
-CVE-2014-6191
+CVE-2014-6191 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program M ...)
 	NOT-FOR-US: IBM
-CVE-2014-6190
+CVE-2014-6190 (The log viewer in IBM Workload Deployer 3.1 before 3.1.0.7 allows remo ...)
 	NOT-FOR-US: IBM
-CVE-2014-6189
+CVE-2014-6189 (Cross-site scripting (XSS) vulnerability in IBM Security Network Prote ...)
 	NOT-FOR-US: IBM
-CVE-2014-6188
+CVE-2014-6188 (Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere S ...)
 	NOT-FOR-US: IBM
-CVE-2014-6187
+CVE-2014-6187 (Multiple cross-site request forgery (CSRF) vulnerabilities in IBM WebS ...)
 	NOT-FOR-US: IBM
-CVE-2014-6186
+CVE-2014-6186 (IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3. ...)
 	NOT-FOR-US: IBM
-CVE-2014-6185
+CVE-2014-6185 (dsmtca in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6. ...)
 	NOT-FOR-US: IBM
 	NOTE: https://www-01.ibm.com/support/docview.wss?uid=swg21695715
-CVE-2014-6184
+CVE-2014-6184 (Stack-based buffer overflow in dsmtca in the client in IBM Tivoli Stor ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-6183
+CVE-2014-6183 (IBM Security Network Protection 5.1 before 5.1.0.0 FP13, 5.1.1 before  ...)
 	NOT-FOR-US: IBM Security Network Protection
-CVE-2014-6182
+CVE-2014-6182 (Directory traversal vulnerability in an export function in the Process ...)
 	NOT-FOR-US: IBM
-CVE-2014-6181
+CVE-2014-6181 (IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0. ...)
 	NOT-FOR-US: IBM
-CVE-2014-6180
+CVE-2014-6180 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSpher ...)
 	NOT-FOR-US: IBM
-CVE-2014-6179
+CVE-2014-6179 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSpher ...)
 	NOT-FOR-US: IBM
-CVE-2014-6178
+CVE-2014-6178 (Cross-site scripting (XSS) vulnerability in the widgets in IBM WebSphe ...)
 	NOT-FOR-US: IBM
-CVE-2014-6177
+CVE-2014-6177 (IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0. ...)
 	NOT-FOR-US: IBM
-CVE-2014-6176
+CVE-2014-6176 (IBM WebSphere Process Server 7.0, WebSphere Enterprise Service Bus 7.0 ...)
 	NOT-FOR-US: IBM
-CVE-2014-6175
+CVE-2014-6175 (Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7 ...)
 	NOT-FOR-US: IBM Marketing Operations
-CVE-2014-6174
+CVE-2014-6174 (IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before 8.0 ...)
 	NOT-FOR-US: IBM
-CVE-2014-6173
+CVE-2014-6173 (Cross-site scripting (XSS) vulnerability in the Process Inspector in I ...)
 	NOT-FOR-US: IBM
-CVE-2014-6172
+CVE-2014-6172 (IBM API Management 3.0 before 3.0.4.0 IF1 allows remote attackers to o ...)
 	NOT-FOR-US: IBM
-CVE-2014-6171
+CVE-2014-6171 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
 	NOT-FOR-US: IBM
-CVE-2014-6170
+CVE-2014-6170 (The HTTPInput node in IBM WebSphere Message Broker 7.0 before 7.0.0.8  ...)
 	NOT-FOR-US: IBM
-CVE-2014-6169
+CVE-2014-6169 (Cross-site scripting (XSS) vulnerability in IBM Forms Experience Build ...)
 	NOT-FOR-US: IBM Forms Experience Builder
-CVE-2014-6168
+CVE-2014-6168 (Cross-site request forgery (CSRF) vulnerability in IBM Security Identi ...)
 	NOT-FOR-US: IBM
-CVE-2014-6167
+CVE-2014-6167 (Cross-site scripting (XSS) vulnerability in the URL rewriting feature  ...)
 	NOT-FOR-US: IBM
-CVE-2014-6166
+CVE-2014-6166 (The Communications Enabled Applications (CEA) service in IBM WebSphere ...)
 	NOT-FOR-US: IBM
 CVE-2014-6165
 	RESERVED
-CVE-2014-6164
+CVE-2014-6164 (IBM WebSphere Application Server 8.0.x before 8.0.0.10 and 8.5.x befor ...)
 	NOT-FOR-US: IBM
-CVE-2014-6163
+CVE-2014-6163 (Cross-site scripting (XSS) vulnerability on the IBM WebSphere DataPowe ...)
 	NOT-FOR-US: IBM
 CVE-2014-6162
 	RESERVED
-CVE-2014-6161
+CVE-2014-6161 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool/Impact  ...)
 	NOT-FOR-US: IBM
-CVE-2014-6160
+CVE-2014-6160 (IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0. ...)
 	NOT-FOR-US: IBM
-CVE-2014-6159
+CVE-2014-6159 (IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 t ...)
 	NOT-FOR-US: IBM
-CVE-2014-6158
+CVE-2014-6158 (Multiple directory traversal vulnerabilities in the file-upload featur ...)
 	NOT-FOR-US: IBM
 CVE-2014-6157
 	RESERVED
 CVE-2014-6156
 	RESERVED
-CVE-2014-6155
+CVE-2014-6155 (Multiple directory traversal vulnerabilities in the ServiceRegistry UI ...)
 	NOT-FOR-US: IBM
-CVE-2014-6154
+CVE-2014-6154 (Directory traversal vulnerability in IBM Optim Performance Manager for ...)
 	NOT-FOR-US: IBM Optim
-CVE-2014-6153
+CVE-2014-6153 (The Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3 ...)
 	NOT-FOR-US: IBM
-CVE-2014-6152
+CVE-2014-6152 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Inte ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-6151
+CVE-2014-6151 (CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2 ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-6150
+CVE-2014-6150 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dep ...)
 	NOT-FOR-US: IBM Tivoli TADDM
-CVE-2014-6149
+CVE-2014-6149 (Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Applica ...)
 	NOT-FOR-US: IBM Tivoli TADDM
-CVE-2014-6148
+CVE-2014-6148 (IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 th ...)
 	NOT-FOR-US: IBM Tivoli TADDM
-CVE-2014-6147
+CVE-2014-6147 (IBM Flex System Manager (FSM) 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.0, 1.3. ...)
 	NOT-FOR-US: IBM FSM
-CVE-2014-6146
+CVE-2014-6146 (IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Dire ...)
 	NOT-FOR-US: IBM
-CVE-2014-6145
+CVE-2014-6145 (Cross-site scripting (XSS) vulnerability in the server in IBM Cognos B ...)
 	NOT-FOR-US: IBM
-CVE-2014-6144
+CVE-2014-6144 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manag ...)
 	NOT-FOR-US: IBM
-CVE-2014-6143
+CVE-2014-6143 (The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allo ...)
 	NOT-FOR-US: IBM
 CVE-2014-6142
 	RESERVED
-CVE-2014-6141
+CVE-2014-6141 (IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6. ...)
 	NOT-FOR-US: IBM
-CVE-2014-6140
+CVE-2014-6140 (IBM Tivoli Endpoint Manager Mobile Device Management (MDM) before 9.0. ...)
 	NOT-FOR-US: IBM Endpoint Manager Mobile Device Management Components
-CVE-2014-6139
+CVE-2014-6139 (The Search REST API in IBM Business Process Manager 8.0.1.3, 8.5.0.1,  ...)
 	NOT-FOR-US: IBM BPM
-CVE-2014-6138
+CVE-2014-6138 (The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allo ...)
 	NOT-FOR-US: IBM
-CVE-2014-6137
+CVE-2014-6137 (Cross-site scripting (XSS) vulnerability in the Relay Diagnostic page  ...)
 	NOT-FOR-US: IBM Endpoint Manager
-CVE-2014-6136
+CVE-2014-6136 (IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 supports  ...)
 	NOT-FOR-US: IBM
-CVE-2014-6135
+CVE-2014-6135 (IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8. ...)
 	NOT-FOR-US: IBM
-CVE-2014-6134
+CVE-2014-6134 (IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, ...)
 	NOT-FOR-US: IBM
-CVE-2014-6133
+CVE-2014-6133 (IBM API Management 3.x before 3.0.1.0 allows local users to obtain sen ...)
 	NOT-FOR-US: IBM API Management
-CVE-2014-6132
+CVE-2014-6132 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSpher ...)
 	NOT-FOR-US: IBM
-CVE-2014-6131
+CVE-2014-6131 (IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative ...)
 	NOT-FOR-US: IBM
-CVE-2014-6130
+CVE-2014-6130 (The IBM Notes Traveler application before 9.0.1.3 for Android lacks a  ...)
 	NOT-FOR-US: IBM Notes Traveler application for Android
-CVE-2014-6129
+CVE-2014-6129 (IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative ...)
 	NOT-FOR-US: IBM
 CVE-2014-6128
 	RESERVED
 CVE-2014-6127
 	RESERVED
-CVE-2014-6126
+CVE-2014-6126 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-6125
+CVE-2014-6125 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Porta ...)
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2014-6124
 	RESERVED
-CVE-2014-6123
+CVE-2014-6123 (IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0. ...)
 	NOT-FOR-US: IBM
-CVE-2014-6122
+CVE-2014-6122 (IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8. ...)
 	NOT-FOR-US: IBM
-CVE-2014-6121
+CVE-2014-6121 (Cross-site scripting (XSS) vulnerability in IBM Security AppScan Enter ...)
 	NOT-FOR-US: IBM
-CVE-2014-6120
+CVE-2014-6120 (IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0. ...)
 	NOT-FOR-US: IBM Rational AppScan Source
-CVE-2014-6119
+CVE-2014-6119 (IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8. ...)
 	NOT-FOR-US: IBM
 CVE-2014-6118
 	RESERVED
 CVE-2014-6117
 	RESERVED
-CVE-2014-6116
+CVE-2014-6116 (The Telemetry Component in WebSphere MQ 8.0.0.1 before p000-001-L14091 ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-6115
+CVE-2014-6115 (IBM Rational Insight 1.1.1.5 allows remote attackers to bypass authent ...)
 	NOT-FOR-US: IBM Rational Insight
-CVE-2014-6114
+CVE-2014-6114 (The Hosted Transparent Decision Service in the Rule Execution Server i ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-6113
+CVE-2014-6113 (Cross-site scripting (XSS) vulnerability in the Web Reports component  ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-6112
+CVE-2014-6112 (IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and S ...)
 	NOT-FOR-US: IBM
-CVE-2014-6111
+CVE-2014-6111 (IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and S ...)
 	NOT-FOR-US: IBM
-CVE-2014-6110
+CVE-2014-6110 (IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properl ...)
 	NOT-FOR-US: IBM
-CVE-2014-6109
+CVE-2014-6109 (IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and S ...)
 	NOT-FOR-US: IBM
-CVE-2014-6108
+CVE-2014-6108 (IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and S ...)
 	NOT-FOR-US: IBM
-CVE-2014-6107
+CVE-2014-6107 (IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote at ...)
 	NOT-FOR-US: IBM
-CVE-2014-6106
+CVE-2014-6106 (Cross-site request forgery (CSRF) vulnerability in IBM Security Identi ...)
 	NOT-FOR-US: IBM
-CVE-2014-6105
+CVE-2014-6105 (IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote at ...)
 	NOT-FOR-US: IBM
 CVE-2014-6104
 	RESERVED
 CVE-2014-6103
 	RESERVED
-CVE-2014-6102
+CVE-2014-6102 (IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5. ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-6101
+CVE-2014-6101 (Cross-site scripting (XSS) vulnerability in the redirect-login feature ...)
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2014-6100
+CVE-2014-6100 (Cross-site scripting (XSS) vulnerability in the Admin UI in IBM Tivoli ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2014-6099
+CVE-2014-6099 (The Change Password feature in IBM Sterling B2B Integrator 5.2.x throu ...)
 	NOT-FOR-US: IBM Sterling
-CVE-2014-6098
+CVE-2014-6098 (IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote at ...)
 	NOT-FOR-US: IBM
-CVE-2014-6097
+CVE-2014-6097 (IBM DB2 9.7 before FP10 and 9.8 through FP5 on Linux, UNIX, and Window ...)
 	NOT-FOR-US: IBM
-CVE-2014-6096
+CVE-2014-6096 (Cross-site scripting (XSS) vulnerability in IBM Security Identity Mana ...)
 	NOT-FOR-US: IBM
-CVE-2014-6095
+CVE-2014-6095 (Directory traversal vulnerability in IBM Security Identity Manager 6.x ...)
 	NOT-FOR-US: IBM
 CVE-2014-6094
 	RESERVED
-CVE-2014-6093
+CVE-2014-6093 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-6092
+CVE-2014-6092 (IBM Curam Social Program Management (SPM) 5.2 before SP6 EP6, 6.0 SP2  ...)
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-6091
+CVE-2014-6091 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program M ...)
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-6090
+CVE-2014-6090 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1)  ...)
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-6089
+CVE-2014-6089 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security A ...)
 	NOT-FOR-US: IBM
-CVE-2014-6088
+CVE-2014-6088 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security A ...)
 	NOT-FOR-US: IBM
-CVE-2014-6087
+CVE-2014-6087 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security A ...)
 	NOT-FOR-US: IBM
-CVE-2014-6086
+CVE-2014-6086 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security A ...)
 	NOT-FOR-US: IBM
 CVE-2014-6085
 	RESERVED
-CVE-2014-6084
+CVE-2014-6084 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security A ...)
 	NOT-FOR-US: IBM
-CVE-2014-6083
+CVE-2014-6083 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security A ...)
 	NOT-FOR-US: IBM
-CVE-2014-6082
+CVE-2014-6082 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security A ...)
 	NOT-FOR-US: IBM
 CVE-2014-6081
 	RESERVED
-CVE-2014-6080
+CVE-2014-6080 (SQL injection vulnerability in IBM Security Access Manager for Mobile  ...)
 	NOT-FOR-US: IBM
-CVE-2014-6079
+CVE-2014-6079 (Cross-site scripting (XSS) vulnerability in the Local Management Inter ...)
 	NOT-FOR-US: IBM Security Access Manager
-CVE-2014-6078
+CVE-2014-6078 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security A ...)
 	NOT-FOR-US: IBM
-CVE-2014-6077
+CVE-2014-6077 (Cross-site request forgery (CSRF) vulnerability in IBM Security Access ...)
 	NOT-FOR-US: IBM
-CVE-2014-6076
+CVE-2014-6076 (IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security A ...)
 	NOT-FOR-US: IBM
-CVE-2014-6075
+CVE-2014-6075 (IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch  ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-6074
+CVE-2014-6074 (IBM UrbanCode Deploy 6.1.0.2 before IF1 allows remote authenticated us ...)
 	NOT-FOR-US: IBM UrbanCode Deploy
 CVE-2014-6073
 	RESERVED
 CVE-2014-6072
 	RESERVED
-CVE-2014-6071
+CVE-2014-6071 (jQuery 1.4.2 allows remote attackers to conduct cross-site scripting ( ...)
 	- jquery 1.6.1-1
 	[squeeze] - jquery <no-dsa> (Only exploitable when following anti-patterns)
 	NOTE: see https://bugzilla.redhat.com/show_bug.cgi?id=1136683#c2
@@ -10581,7 +10581,7 @@ CVE-2014-6066
 	RESERVED
 CVE-2014-6065
 	RESERVED
-CVE-2014-6064
+CVE-2014-6064 (The Accounts tab in the administrative user interface in McAfee Web Ga ...)
 	NOT-FOR-US: McAfee Web Gateway
 CVE-2014-6063
 	RESERVED
@@ -10597,14 +10597,14 @@ CVE-2014-6057
 	RESERVED
 CVE-2014-6056
 	RESERVED
-CVE-2014-6055
+CVE-2014-6055 (Multiple stack-based buffer overflows in the File Transfer feature in  ...)
 	{DSA-3081-1 DLA-197-1}
 	- libvncserver 0.9.9+dfsg-6.1 (bug #762745)
 	NOTE: https://github.com/newsoft/libvncserver/commit/06ccdf016154fde8eccb5355613ba04c59127b2e
 	NOTE: https://github.com/newsoft/libvncserver/commit/f528072216dec01cee7ca35d94e171a3b909e677
 	NOTE: https://github.com/newsoft/libvncserver/commit/256964b884c980038cd8b2f0d180fbb295b1c748 (improvement)
 	NOTE: check for possible ABI break: https://bugzilla.redhat.com/show_bug.cgi?id=1144293#c2
-CVE-2014-6054
+CVE-2014-6054 (The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c ...)
 	{DSA-3081-1 DLA-197-1}
 	- libvncserver 0.9.9+dfsg-6.1 (bug #762745)
 	NOTE: https://github.com/newsoft/libvncserver/commit/05a9bd41a8ec0a9d580a8f420f41718bdd235446
@@ -10612,37 +10612,37 @@ CVE-2014-6054
 	NOTE: https://github.com/newsoft/libvncserver/commit/5dee1cbcd83920370a487c4fd2718aa4d3eba548 (required for sparc)
 	NOTE: https://github.com/newsoft/libvncserver/commit/819481c5e2003cd36d002336c248de8c75de362e (hardening)
 	NOTE: https://github.com/newsoft/libvncserver/commit/e5d9b6a07257c12bf3b6242ddea79ea1c95353a8 (hardening)
-CVE-2014-6053
+CVE-2014-6053 (The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c ...)
 	{DSA-3081-1 DLA-197-1}
 	- libvncserver 0.9.9+dfsg-6.1 (bug #762745)
 	NOTE: https://github.com/newsoft/libvncserver/commit/6037a9074d52b1963c97cb28ea1096c7c14cbf28
-CVE-2014-6052
+CVE-2014-6052 (The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibV ...)
 	{DSA-3081-1 DLA-197-1}
 	- libvncserver 0.9.9+dfsg-6.1 (bug #762745)
 	NOTE: https://github.com/newsoft/libvncserver/commit/85a778c0e45e87e35ee7199f1f25020648e8b812
-CVE-2014-6051
+CVE-2014-6051 (Integer overflow in the MallocFrameBuffer function in vncviewer.c in L ...)
 	{DSA-3081-1 DLA-197-1}
 	- libvncserver 0.9.9+dfsg-6.1 (bug #762745)
 	NOTE: https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273
-CVE-2014-6050
+CVE-2014-6050 (phpMyFAQ before 2.8.13 allows remote attackers to bypass the CAPTCHA p ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-6049
+CVE-2014-6049 (phpMyFAQ before 2.8.13 allows remote authenticated users with admin pr ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-6048
+CVE-2014-6048 (phpMyFAQ before 2.8.13 allows remote attackers to read arbitrary attac ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-6047
+CVE-2014-6047 (phpMyFAQ before 2.8.13 allows remote authenticated users with certain  ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-6046
+CVE-2014-6046 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyFAQ ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-6045
+CVE-2014-6045 (SQL injection vulnerability in phpMyFAQ before 2.8.13 allows remote au ...)
 	NOT-FOR-US: phpMyFAQ
 CVE-2014-6044
 	RESERVED
-CVE-2014-6043
+CVE-2014-6043 (ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020  ...)
 	NOT-FOR-US: ZOHO ManageEngine EventLog Analyzer
 CVE-2014-6042
 	RESERVED
-CVE-2014-6041
+CVE-2014-6041 (The Android WebView in Android before 4.4 allows remote attackers to b ...)
 	NOT-FOR-US: Android Browser application
 CVE-2014-6039
 	RESERVED
@@ -10650,1031 +10650,1031 @@ CVE-2014-6039
 CVE-2014-6038
 	RESERVED
 	NOT-FOR-US: ManageEngine EventLog Analyzer
-CVE-2014-6037
+CVE-2014-6037 (Directory traversal vulnerability in the agentUpload servlet in ZOHO M ...)
 	NOT-FOR-US: ZOHO ManageEngine EventLog Analyzer
-CVE-2014-6036
+CVE-2014-6036 (Directory traversal vulnerability in the multipartRequest servlet in Z ...)
 	NOT-FOR-US: ZOHO
-CVE-2014-6035
+CVE-2014-6035 (Directory traversal vulnerability in the FileCollector servlet in ZOHO ...)
 	NOT-FOR-US: ZOHO
-CVE-2014-6034
+CVE-2014-6034 (Directory traversal vulnerability in the com.me.opmanager.extranet.rem ...)
 	NOT-FOR-US: ZOHO
 CVE-2014-6033
 	REJECTED
-CVE-2014-6032
+CVE-2014-6032 (Multiple XML External Entity (XXE) vulnerabilities in the Configuratio ...)
 	NOT-FOR-US: F5 Networks Big-IP
-CVE-2014-6031
+CVE-2014-6031 (Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10 ...)
 	NOT-FOR-US: F5 BIG-IP systems
-CVE-2014-6030
+CVE-2014-6030 (Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET b ...)
 	NOT-FOR-US: ClassApps SelectSurvey.NET
 CVE-2014-6026
 	RESERVED
-CVE-2014-6025
+CVE-2014-6025 (The Chartboost library before 2.0.2 for Android does not verify X.509  ...)
 	NOT-FOR-US: Chartboost library for Android
-CVE-2014-6024
+CVE-2014-6024 (The Flurry library before 3.4.0 for Android does not verify X.509 cert ...)
 	NOT-FOR-US: Flurry library for Android
-CVE-2014-6023
+CVE-2014-6023 (The s-peek credit rating report (aka com.rhomobile.speek) application  ...)
 	NOT-FOR-US: s-peek credit rating report (aka com.rhomobile.speek) application for Android
-CVE-2014-6022
+CVE-2014-6022 (The Versent Books (aka com.versentbooks) application 1.1.99 for Androi ...)
 	NOT-FOR-US: Versent Books (aka com.versentbooks) application for Android
-CVE-2014-6021
+CVE-2014-6021 (The Harley-Davidson Visa (aka com.usbank.icsmobile.harleydavidson) app ...)
 	NOT-FOR-US: Harley-Davidson Visa (aka com.usbank.icsmobile.harleydavidson) application for Android
-CVE-2014-6020
+CVE-2014-6020 (The Fuel Rewards Network (aka com.excentus.frn) application 1 for Andr ...)
 	NOT-FOR-US: Fuel Rewards Network (aka com.excentus.frn) application for Android
-CVE-2014-6019
+CVE-2014-6019 (The psychology (aka com.alek.psychology) application 1.0.2 for Android ...)
 	NOT-FOR-US: psychology (aka com.alek.psychology) application for Android
-CVE-2014-6018
+CVE-2014-6018 (The global beauty research (aka com.appems.topgirl) application 1.6 fo ...)
 	NOT-FOR-US: global beauty research (aka com.appems.topgirl) application for Android
-CVE-2014-6017
+CVE-2014-6017 (The Doodle Drop (aka net.lazyer.DoodleDrop) application 1 for Android  ...)
 	NOT-FOR-US: Doodle Drop (aka net.lazyer.DoodleDrop) application for Android
-CVE-2014-6016
+CVE-2014-6016 (The Celluloid (aka com.eurisko.celluloid) application 1.3 for Android  ...)
 	NOT-FOR-US: Celluloid (aka com.eurisko.celluloid) application for Android
-CVE-2014-6015
+CVE-2014-6015 (The TuCarro (aka com.tucarro) application 2.0.5 for Android does not v ...)
 	NOT-FOR-US: TuCarro (aka com.tucarro) application for Android
-CVE-2014-6014
+CVE-2014-6014 (The Conquest Of Fantasia (aka air.com.ingen.studios.cof.sg) applicatio ...)
 	NOT-FOR-US: Conquest Of Fantasia (aka air.com.ingen.studios.cof.sg) application for Android
-CVE-2014-6013
+CVE-2014-6013 (The nuSquare (aka tw.com.nuphoto.nusquare) application 1.0.78 for Andr ...)
 	NOT-FOR-US: nuSquare (aka tw.com.nuphoto.nusquare) application for Android
-CVE-2014-6012
+CVE-2014-6012 (The Gravity Bounce (aka net.toddm.gb) application 1.1 for Android does ...)
 	NOT-FOR-US: Gravity Bounce (aka net.toddm.gb) application for Android
-CVE-2014-6011
+CVE-2014-6011 (The cutprice (aka kr.co.wedoit.cutprice) application 1.0.4 for Android ...)
 	NOT-FOR-US: cutprice (aka kr.co.wedoit.cutprice) application for Android
-CVE-2014-6010
+CVE-2014-6010 (The Rasta Weed Widgets HD (aka aw.awesomewidgets.rastaweed) applicatio ...)
 	NOT-FOR-US: Rasta Weed Widgets HD (aka aw.awesomewidgets.rastaweed) application for Android
-CVE-2014-6009
+CVE-2014-6009 (The Zombie Detector (aka com.jimmybolstad.zombiedetector) application  ...)
 	NOT-FOR-US: Zombie Detector (aka com.jimmybolstad.zombiedetector) application for Android
-CVE-2014-6008
+CVE-2014-6008 (The Blitz Bingo (aka com.appMobi.sbbingo.app) application 2.3 for Andr ...)
 	NOT-FOR-US: Blitz Bingo (aka com.appMobi.sbbingo.app) application for Android
-CVE-2014-6007
+CVE-2014-6007 (The LikeHero Get Instagram Likes (aka com.fraoula.likehero) applicatio ...)
 	NOT-FOR-US: LikeHero Get Instagram Likes (aka com.fraoula.likehero) application for Android
-CVE-2014-6006
+CVE-2014-6006 (The Gratta &amp; Vinci? (aka com.dreamstep.wGrattaevinci) application  ...)
 	NOT-FOR-US: Gratta & Vinci? (aka com.dreamstep.wGrattaevinci) application for Android
-CVE-2014-6005
+CVE-2014-6005 (The Survey.com Mobile (aka com.survey.android) application 3.2.16 for  ...)
 	NOT-FOR-US: Survey.com Mobile (aka com.survey.android) application for Android
-CVE-2014-6004
+CVE-2014-6004 (The Pocket Cam Photo Editor (aka mobi.pocketcam.editor) application 3  ...)
 	NOT-FOR-US: Pocket Cam Photo Editor (aka mobi.pocketcam.editor) application for Android
-CVE-2014-6003
+CVE-2014-6003 (The Belas Frases de Amor (aka com.goodbarber.frasesdeamor) application ...)
 	NOT-FOR-US: Belas Frases de Amor (aka com.goodbarber.frasesdeamor) application for Android
-CVE-2014-6002
+CVE-2014-6002 (The DTE Energy (aka com.dteenergy.mydte) application 3.0.3 for Android ...)
 	NOT-FOR-US: DTE Energy (aka com.dteenergy.mydte) application for Android
-CVE-2014-6001
+CVE-2014-6001 (The gewara (aka com.gewara) application 5.2.3 for Android does not ver ...)
 	NOT-FOR-US: gewara (aka com.gewara) application for Android
-CVE-2014-6000
+CVE-2014-6000 (The FreshDirect (aka com.freshdirect.android) application 2.7.1 for An ...)
 	NOT-FOR-US: FreshDirect (aka com.freshdirect.android) application for Android
-CVE-2014-5999
+CVE-2014-5999 (The autonavi (aka com.telenav.doudouyou.android.autonavi) application  ...)
 	NOT-FOR-US: autonavi (aka com.telenav.doudouyou.android.autonavi) application for Android
-CVE-2014-5998
+CVE-2014-5998 (The SkyDrive Assistant (aka com.dhh.sky) application 2.1 for Android d ...)
 	NOT-FOR-US: SkyDrive Assistant (aka com.dhh.sky) application for Android
-CVE-2014-5997
+CVE-2014-5997 (The Auto Trader (aka za.co.autotrader.android.app) application 2 for A ...)
 	NOT-FOR-US: Auto Trader (aka za.co.autotrader.android.app) application for Android
-CVE-2014-5996
+CVE-2014-5996 (The DEKRA Used Car Report (aka com.dekra.maengelreport) application 3. ...)
 	NOT-FOR-US: DEKRA Used Car Report (aka com.dekra.maengelreport) application for Android
-CVE-2014-5995
+CVE-2014-5995 (The eWUS mobile (aka pl.dreryk.ewustest) application 1.4.5 for Android ...)
 	NOT-FOR-US: eWUS mobile (aka pl.dreryk.ewustest) application for Android
-CVE-2014-5994
+CVE-2014-5994 (The ding* ezetop. Top-up Any Phone (aka com.ezetop.world) application  ...)
 	NOT-FOR-US: ding* ezetop. Top-up Any Phone (aka com.ezetop.world) application for Android
-CVE-2014-5993
+CVE-2014-5993 (The MLB Preplay (aka com.preplay.android.mlb) application 5.4.2 for An ...)
 	NOT-FOR-US: MLB Preplay (aka com.preplay.android.mlb) application for Android
-CVE-2014-5992
+CVE-2014-5992 (The successsecrets (aka com.alek.successsecrets) application 1.2.3 for ...)
 	NOT-FOR-US: successsecrets (aka com.alek.successsecrets) application for Android
-CVE-2014-5991
+CVE-2014-5991 (The Skin Conditions and Diseases (aka com.appsgeyser.wSkinConditions)  ...)
 	NOT-FOR-US: Skin Conditions and Diseases (aka com.appsgeyser.wSkinConditions) application for Android
-CVE-2014-5990
+CVE-2014-5990 (The cookbible (aka net.bookjam.cookbible) application 1.0.0 for Androi ...)
 	NOT-FOR-US: cookbible (aka net.bookjam.cookbible) application for Android
-CVE-2014-5989
+CVE-2014-5989 (The baby days (aka jp.co.cyberagent.babydays) application 1.5.8 for An ...)
 	NOT-FOR-US: baby days (aka jp.co.cyberagent.babydays) application for Android
-CVE-2014-5988
+CVE-2014-5988 (The Azkend Gold (aka com.the10tons.azkend.gold) application 1.2.6 for  ...)
 	NOT-FOR-US: Azkend Gold (aka com.the10tons.azkend.gold) application for Android
-CVE-2014-5987
+CVE-2014-5987 (The My3 - by 3HK (aka com.my3) application @7F0A0001 for Android does  ...)
 	NOT-FOR-US: My3 - by 3HK (aka com.my3) application for Android
-CVE-2014-5986
+CVE-2014-5986 (The Educational Puzzles - Letters (aka com.EducationalPuzzlesLetters)  ...)
 	NOT-FOR-US: Educational Puzzles - Letters (aka com.EducationalPuzzlesLetters) application for Android
-CVE-2014-5985
+CVE-2014-5985 (The Animal Kaiser Zangetsu (aka com.wAnimalKaiserZangetsu) application ...)
 	NOT-FOR-US: Animal Kaiser Zangetsu (aka com.wAnimalKaiserZangetsu) application for Android
-CVE-2014-5984
+CVE-2014-5984 (The Little Dragons (aka com.playcomo.dragongame) application 1.0.256 f ...)
 	NOT-FOR-US: Little Dragons (aka com.playcomo.dragongame) application for Android
-CVE-2014-5983
+CVE-2014-5983 (The Threadflip : Buy, Sell Fashion (aka com.threadflip.android) applic ...)
 	NOT-FOR-US: Threadflip : Buy, Sell Fashion (aka com.threadflip.android) application for Android
-CVE-2014-5982
+CVE-2014-5982 (The RunKeeper - GPS Track Run Walk (aka com.fitnesskeeper.runkeeper.pr ...)
 	NOT-FOR-US: RunKeeper - GPS Track Run Walk (aka com.fitnesskeeper.runkeeper.pro) application for Android
-CVE-2014-5981
+CVE-2014-5981 (The MoWeather (aka com.moji.moweather) application 1.40.05 for Android ...)
 	NOT-FOR-US: MoWeather (aka com.moji.moweather) application for Android
-CVE-2014-5980
+CVE-2014-5980 (The Genertel (aka com.genertel) application 2.6.0 for Android does not ...)
 	NOT-FOR-US: Genertel (aka com.genertel) application for Android
-CVE-2014-5979
+CVE-2014-5979 (The TV Bengali Open Directory (aka com.TVBengali) application 1.4 for  ...)
 	NOT-FOR-US: TV Bengali Open Directory (aka com.TVBengali) application for Android
-CVE-2014-5978
+CVE-2014-5978 (The memetan (aka memetan.android.com.activity) application 1.1.0 for A ...)
 	NOT-FOR-US: memetan (aka memetan.android.com.activity) application for Android
-CVE-2014-5977
+CVE-2014-5977 (The Mobile Face (aka com.wFacemobile) application 0.74.13432.91159 for ...)
 	NOT-FOR-US: Mobile Face (aka com.wFacemobile) application for Android
-CVE-2014-5976
+CVE-2014-5976 (The alibaba (aka com.alibaba.wireless) application 4.1.0.0 for Android ...)
 	NOT-FOR-US: alibaba (aka com.alibaba.wireless) application for Android
-CVE-2014-5975
+CVE-2014-5975 (The eponyms (aka com.anddeveloper.eponyms) application 3.2 for Android ...)
 	NOT-FOR-US: eponyms (aka com.anddeveloper.eponyms) application for Android
-CVE-2014-5974
+CVE-2014-5974 (The PSECU Mobile+ (aka com.Vertifi.Mobile.P231381116) application 2.2  ...)
 	NOT-FOR-US: PSECU Mobile+ (aka com.Vertifi.Mobile.P231381116) application for Android
-CVE-2014-5973
+CVE-2014-5973 (The Aquarium Advice (aka com.socialknowledge.aquariumadvice) applicati ...)
 	NOT-FOR-US: Aquarium Advice (aka com.socialknowledge.aquariumadvice) application for Android
-CVE-2014-5972
+CVE-2014-5972 (The Loving - Couple Essential (aka com.xiaoenai.app) application 4.0.1 ...)
 	NOT-FOR-US: Loving - Couple Essential (aka com.xiaoenai.app) application for Android
-CVE-2014-5971
+CVE-2014-5971 (The Fiksu library for Android does not verify X.509 certificates from  ...)
 	NOT-FOR-US: Fiksu library for Android
-CVE-2014-5970
+CVE-2014-5970 (The BabyBus (aka com.sinyee.babybus.concert.ru) application 3.91 for A ...)
 	NOT-FOR-US: BabyBus (aka com.sinyee.babybus.concert.ru) application for Android
-CVE-2014-5969
+CVE-2014-5969 (The healthylifestyle (aka com.alek.healthylifestyle) application 1.2.2 ...)
 	NOT-FOR-US: healthylifestyle (aka com.alek.healthylifestyle) application for Android
-CVE-2014-5968
+CVE-2014-5968 (The iGolf - Golf GPS (aka com.igolf) application 20 for Android does n ...)
 	NOT-FOR-US: iGolf - Golf GPS (aka com.igolf) application for Android
-CVE-2014-5967
+CVE-2014-5967 (The Designs Nail Arts (aka com.decoracionesnailart.flickr) application ...)
 	NOT-FOR-US: Designs Nail Arts (aka com.decoracionesnailart.flickr) application for Android
-CVE-2014-5966
+CVE-2014-5966 (The Dreamland Super Theme GO Gold (aka com.gau.go.launcherex.viptheme. ...)
 	NOT-FOR-US: Designs Nail Arts (aka com.decoracionesnailart.flickr) application for Android
-CVE-2014-5965
+CVE-2014-5965 (The GrooveMusic (aka com.mobincube.android.sc_2HKFF) application 2.0.0 ...)
 	NOT-FOR-US: GrooveMusic (aka com.mobincube.android.sc_2HKFF) application for Android
-CVE-2014-5964
+CVE-2014-5964 (The MegaBank (aka com.megabank.mobilebank) application 2.0 for Android ...)
 	NOT-FOR-US: MegaBank (aka com.megabank.mobilebank) application for Android
-CVE-2014-5963
+CVE-2014-5963 (The Halieutics (aka com.corn.Halieutics) application 21.40.5 for Andro ...)
 	NOT-FOR-US: Halieutics (aka com.corn.Halieutics) application for Android
-CVE-2014-5962
+CVE-2014-5962 (The Guess The Actor (aka com.gamelikeinc.actors) application 1.1 for A ...)
 	NOT-FOR-US: Guess The Actor (aka com.gamelikeinc.actors) application for Android
-CVE-2014-5961
+CVE-2014-5961 (The russiananime (aka com.rareartifact.russiananime68A5CCFE) applicati ...)
 	NOT-FOR-US: russiananime (aka com.rareartifact.russiananime68A5CCFE) application for Android
-CVE-2014-5960
+CVE-2014-5960 (The BundesArztsuche (aka de.kbv.bas) application 1.0.1 for Android doe ...)
 	NOT-FOR-US: BundesArztsuche (aka de.kbv.bas) application for Android
-CVE-2014-5959
+CVE-2014-5959 (The tx Smart (aka com.wooriwm.txsmart) application 7.05 for Android do ...)
 	NOT-FOR-US: tx Smart (aka com.wooriwm.txsmart) application for Android
-CVE-2014-5958
+CVE-2014-5958 (The ChatBox - Chat Rooms (aka com.droidchatroom.messengerapp) applicat ...)
 	NOT-FOR-US: ChatBox - Chat Rooms (aka com.droidchatroom.messengerapp) application for Android
-CVE-2014-5957
+CVE-2014-5957 (The Alien War Survivors (aka com.ly.a13.gp) application 1.3.1 for Andr ...)
 	NOT-FOR-US: Alien War Survivors (aka com.ly.a13.gp) application for Android
-CVE-2014-5956
+CVE-2014-5956 (The VPlayer Video Player (aka me.abitno.vplayer.t) application 3.2.6 f ...)
 	NOT-FOR-US: VPlayer Video Player (aka me.abitno.vplayer.t) application for Android
-CVE-2014-5955
+CVE-2014-5955 (The Atomic Fusion (aka com.bytesized.fusion) application 1.7 for Andro ...)
 	NOT-FOR-US: Atomic Fusion (aka com.bytesized.fusion) application for Android
-CVE-2014-5954
+CVE-2014-5954 (The State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application 2.0.1 ...)
 	NOT-FOR-US: State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application for Android
-CVE-2014-5953
+CVE-2014-5953 (The KASKUS (aka com.kaskus.android) application 2.13.0 for Android doe ...)
 	NOT-FOR-US: KASKUS (aka com.kaskus.android) application for Android
-CVE-2014-5952
+CVE-2014-5952 (The E-Dziennik (aka com.librus.dziennik) application 0.5.2 for Android ...)
 	NOT-FOR-US: E-Dziennik (aka com.librus.dziennik) application for Android
-CVE-2014-5951
+CVE-2014-5951 (The SinoPac (aka com.sionpac.app.SinoPac) application 2.4.2 for Androi ...)
 	NOT-FOR-US: SinoPac (aka com.sionpac.app.SinoPac) application for Android
-CVE-2014-5950
+CVE-2014-5950 (The NOW (aka com.smtown.smtownnow.androidapp) application 0.9.8 for An ...)
 	NOT-FOR-US: NOW (aka com.smtown.smtownnow.androidapp) application for Android
-CVE-2014-5949
+CVE-2014-5949 (The TICKET APP - Concerts &amp; Sports (aka com.xcr.android.ticketapp) ...)
 	NOT-FOR-US: TICKET APP - Concerts & Sports (aka com.xcr.android.ticketapp) application for Android
-CVE-2014-5948
+CVE-2014-5948 (The Obama for America (aka com.barackobama.ofa) application 1.02 for A ...)
 	NOT-FOR-US: Obama for America (aka com.barackobama.ofa) application for Android
-CVE-2014-5947
+CVE-2014-5947 (The psicofxp (aka com.tapatalk.psicofxpcom) application 2.4.12.15 for  ...)
 	NOT-FOR-US: psicofxp (aka com.tapatalk.psicofxpcom) application for Android
-CVE-2014-5946
+CVE-2014-5946 (The forumhawaaworldcom (aka com.tapatalk.forumhawaaworldcom) applicati ...)
 	NOT-FOR-US: forumhawaaworldcom (aka com.tapatalk.forumhawaaworldcom) application for Android
-CVE-2014-5945
+CVE-2014-5945 (The Edline Mobile (aka com.wEdlineFree) application 0.63.13369.34294 f ...)
 	NOT-FOR-US: Edline Mobile (aka com.wEdlineFree) application for Android
-CVE-2014-5944
+CVE-2014-5944 (The Soccer Blitz (aka soccer.blitz) application 1.06 for Android does  ...)
 	NOT-FOR-US: Soccer Blitz (aka soccer.blitz) application for Android
-CVE-2014-5943
+CVE-2014-5943 (The LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application Beta ...)
 	NOT-FOR-US: LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application for Android
-CVE-2014-5942
+CVE-2014-5942 (The Baby Stomach Surgery (aka com.harriskerioe.stomachsurgery) applica ...)
 	NOT-FOR-US: Baby Stomach Surgery (aka com.harriskerioe.stomachsurgery) application for Android
-CVE-2014-5941
+CVE-2014-5941 (The Armpit Spa &amp; Girl Games (aka com.freegames.spamakeover) applic ...)
 	NOT-FOR-US: Armpit Spa & Girl Games (aka com.freegames.spamakeover) application for Android
-CVE-2014-5940
+CVE-2014-5940 (The PocketPC.ch (aka com.tapatalk.pocketpcch) application 3.9.51 for A ...)
 	NOT-FOR-US: PocketPC.ch (aka com.tapatalk.pocketpcch) application for Android
-CVE-2014-5939
+CVE-2014-5939 (The travelzadcomvb (aka com.tapatalk.travelzadcomvb) application 3.3.1 ...)
 	NOT-FOR-US: travelzadcomvb (aka com.tapatalk.travelzadcomvb) application for Android
-CVE-2014-5938
+CVE-2014-5938 (The AllDealsAsia All Deals ADA app (aka com.ada.deals) application 4.2 ...)
 	NOT-FOR-US: AllDealsAsia All Deals ADA app (aka com.ada.deals) application for Android
-CVE-2014-5937
+CVE-2014-5937 (The Social Networking (aka com.wSocialNetworkingSites) application 0.3 ...)
 	NOT-FOR-US: Social Networking (aka com.wSocialNetworkingSites) application for Android
-CVE-2014-5936
+CVE-2014-5936 (The INCOgnito Private Browser (aka com.SL.InCoBrowser) application 1.4 ...)
 	NOT-FOR-US: INCOgnito Private Browser (aka com.SL.InCoBrowser) application for Android
-CVE-2014-5935
+CVE-2014-5935 (The Daily Free App @ Amazon (aka com.kattanweb.android.dfaa) applicati ...)
 	NOT-FOR-US: Daily Free App @ Amazon (aka com.kattanweb.android.dfaa) application for Android
-CVE-2014-5934
+CVE-2014-5934 (The Flurv Chat (aka com.flurv.android) application 4.3.3 for Android d ...)
 	NOT-FOR-US: Flurv Chat (aka com.flurv.android) application for Android
-CVE-2014-5933
+CVE-2014-5933 (The Coke Studio 7 (aka com.cokeshare.pakistan) application 1 for Andro ...)
 	NOT-FOR-US: Coke Studio 7 (aka com.cokeshare.pakistan) application for Android
-CVE-2014-5932
+CVE-2014-5932 (The Vodafone Mobile@Work (aka com.mobileiron.vodafone.MIClient) applic ...)
 	NOT-FOR-US: Vodafone Mobile@Work (aka com.mobileiron.vodafone.MIClient) application for Android
-CVE-2014-5931
+CVE-2014-5931 (The Stop &amp; Shop SCAN IT! Mobile (aka com.modivmedia.scanitss) appl ...)
 	NOT-FOR-US: Stop & Shop SCAN IT! Mobile (aka com.modivmedia.scanitss) application for Android
-CVE-2014-5930
+CVE-2014-5930 (The Store and Share (aka sg.com.singnet.mystorage.android) application ...)
 	NOT-FOR-US: Store and Share (aka sg.com.singnet.mystorage.android) application for Android
-CVE-2014-5929
+CVE-2014-5929 (The emartmall (aka kr.co.emart.emartmall) application 1.3.3 for Androi ...)
 	NOT-FOR-US: emartmall (aka kr.co.emart.emartmall) application for Android
-CVE-2014-5928
+CVE-2014-5928 (The Steganos Online Shield VPN (aka com.steganos.onlineshield) applica ...)
 	NOT-FOR-US: Steganos Online Shield VPN (aka com.steganos.onlineshield) application for Android
-CVE-2014-5927
+CVE-2014-5927 (The FastCustomer -- Fast Customer (aka www.fastcustomer.com) applicati ...)
 	NOT-FOR-US: FastCustomer -- Fast Customer (aka www.fastcustomer.com) application for Android
-CVE-2014-5926
+CVE-2014-5926 (The DCU Mobile Banking (aka com.Vertifi.Mobile.P211391825) application ...)
 	NOT-FOR-US: DCU Mobile Banking (aka com.Vertifi.Mobile.P211391825) application for Android
-CVE-2014-5925
+CVE-2014-5925 (The 10000 Kindle Books Downloads (aka com.ww10000KindleBooksLatestnBes ...)
 	NOT-FOR-US: 10000 Kindle Books Downloads (aka com.ww10000KindleBooksLatestnBestSellers) application for Android
-CVE-2014-5924
+CVE-2014-5924 (The Monster Makeup (aka com.bearhugmedia.android_monster) application  ...)
 	NOT-FOR-US: Monster Makeup (aka com.bearhugmedia.android_monster) application for Android
-CVE-2014-5923
+CVE-2014-5923 (The Facebook Status Via (aka com.StatusViaAdvanced) application 3.5 fo ...)
 	NOT-FOR-US: Facebook Status Via (aka com.StatusViaAdvanced) application for Android
-CVE-2014-5922
+CVE-2014-5922 (The ga6748 (aka com.g.ga6748) application 1 for Android does not verif ...)
 	NOT-FOR-US: ga6748 (aka com.g.ga6748) application for Android
-CVE-2014-5921
+CVE-2014-5921 (The Need for Speed Network (aka com.ea.nfsautolog.bv) application 1.0. ...)
 	NOT-FOR-US: Need for Speed Network (aka com.ea.nfsautolog.bv) application for Android
-CVE-2014-5920
+CVE-2014-5920 (The VK Amberfog (aka com.amberfog.vkfree) application 3.5.6 for Androi ...)
 	NOT-FOR-US: VK Amberfog (aka com.amberfog.vkfree) application for Android
-CVE-2014-5919
+CVE-2014-5919 (The SurDoc - 100GB+ FREE storage (aka com.jd.surdoc) application 1.3.4 ...)
 	NOT-FOR-US: SurDoc - 100GB+ FREE storage (aka com.jd.surdoc) application for Android
-CVE-2014-5918
+CVE-2014-5918 (The Secret Circle - talk freely (aka com.easyxapp.secret) application  ...)
 	NOT-FOR-US: Secret Circle - talk freely (aka com.easyxapp.secret) application for Android
-CVE-2014-5917
+CVE-2014-5917 (The Slideshow 365 (aka com.Slideshow) application 3.6 for Android does ...)
 	NOT-FOR-US: Slideshow 365 (aka com.Slideshow) application for Android
-CVE-2014-5916
+CVE-2014-5916 (The Minha Oi (aka br.com.mobicare.minhaoi) application 1.15.0 for Andr ...)
 	NOT-FOR-US: Minha Oi (aka br.com.mobicare.minhaoi) application for Android
-CVE-2014-5915
+CVE-2014-5915 (The Tigo Copa Mundial FIFA 2014 (aka com.fwc2014.millicom.and) applica ...)
 	NOT-FOR-US: Tigo Copa Mundial FIFA 2014 (aka com.fwc2014.millicom.and) application for Android
-CVE-2014-5914
+CVE-2014-5914 (The Finansbank Cep Subesi (aka com.finansbank.mobile.cepsube) applicat ...)
 	NOT-FOR-US: Finansbank Cep Subesi (aka com.finansbank.mobile.cepsube) application for Android
-CVE-2014-5913
+CVE-2014-5913 (The Allies in War (aka com.gamelion.aiw) application 1.3.2 for Android ...)
 	NOT-FOR-US: Allies in War (aka com.gamelion.aiw) application for Android
-CVE-2014-5912
+CVE-2014-5912 (The InNote (aka com.intsig.notes) application 1.0.3.20131119 for Andro ...)
 	NOT-FOR-US: InNote (aka com.intsig.notes) application for Android
-CVE-2014-5911
+CVE-2014-5911 (The Free App Icons &amp; Icon Packs (aka com.jellytap.cooliconfinder)  ...)
 	NOT-FOR-US: Free App Icons & Icon Packs (aka com.jellytap.cooliconfinder) application for Android
-CVE-2014-5910
+CVE-2014-5910 (The Dog Whistle (aka com.dogwhistle.dogtrainingandroidapp) application ...)
 	NOT-FOR-US: Dog Whistle (aka com.dogwhistle.dogtrainingandroidapp) application for Android
-CVE-2014-5909
+CVE-2014-5909 (The watcha (aka com.frograms.watcha) application 2.0.2 for Android doe ...)
 	NOT-FOR-US: watcha (aka com.frograms.watcha) application for Android
-CVE-2014-5908
+CVE-2014-5908 (The Kmart (aka com.kmart.android) application @7F0C00EF for Android do ...)
 	NOT-FOR-US: Kmart (aka com.kmart.android) application for Android
-CVE-2014-5907
+CVE-2014-5907 (The Pet Salon (aka com.libiitech.petsalon) application 1.0.1 for Andro ...)
 	NOT-FOR-US: Pet Salon (aka com.libiitech.petsalon) application for Android
-CVE-2014-5906
+CVE-2014-5906 (The Lil Wayne Slots: FREE SLOTS (aka com.lilwayneslots.slots.android)  ...)
 	NOT-FOR-US: Lil Wayne Slots: FREE SLOTS (aka com.lilwayneslots.slots.android) application for Android
-CVE-2014-5905
+CVE-2014-5905 (The Grocery List - Tomatoes (aka com.meucarrinho) application 5.1.4 fo ...)
 	NOT-FOR-US: Grocery List - Tomatoes (aka com.meucarrinho) application for Android
-CVE-2014-5904
+CVE-2014-5904 (The MiniInTheBox Online Shopping (aka com.miniinthebox.android) applic ...)
 	NOT-FOR-US: MiniInTheBox Online Shopping (aka com.miniinthebox.android) application for Android
-CVE-2014-5903
+CVE-2014-5903 (The Mobile@Work (aka com.mobileiron) application 6.0.0.1.12R for Andro ...)
 	NOT-FOR-US: Mobile@Work (aka com.mobileiron) application for Android
-CVE-2014-5902
+CVE-2014-5902 (The UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) applicat ...)
 	NOT-FOR-US: UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) application for Android
-CVE-2014-5901
+CVE-2014-5901 (The Beauty Bible - App for Girls (aka com.my.beauty.bible) application ...)
 	NOT-FOR-US: Beauty Bible - App for Girls (aka com.my.beauty.bible) application for Android
-CVE-2014-5900
+CVE-2014-5900 (The myHomework Student Planner (aka com.myhomeowork) application 3.0.2 ...)
 	NOT-FOR-US: myHomework Student Planner (aka com.myhomeowork) application for Android
-CVE-2014-5899
+CVE-2014-5899 (The Nespresso (aka com.nespresso.activities) application 2.4.1 for And ...)
 	NOT-FOR-US: Nespresso (aka com.nespresso.activities) application for Android
-CVE-2014-5898
+CVE-2014-5898 (The Heavy Duty Truck Driver Simulator 3D (aka com.oas.heavy.duty.truck ...)
 	NOT-FOR-US: Heavy Duty Truck Driver Simulator 3D (aka com.oas.heavy.duty.truck.driver.simulator3d) application for Android
-CVE-2014-5897
+CVE-2014-5897 (The Parallel Mafia MMORPG (aka com.perblue.pm.client) application @7F0 ...)
 	NOT-FOR-US: Parallel Mafia MMORPG (aka com.perblue.pm.client) application for Android
-CVE-2014-5896
+CVE-2014-5896 (The GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) appl ...)
 	NOT-FOR-US: GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) application for Android
-CVE-2014-5895
+CVE-2014-5895 (The ShopYourWay (aka com.sears.shopyourway) application 1.9 for Androi ...)
 	NOT-FOR-US: ShopYourWay (aka com.sears.shopyourway) application for Android
-CVE-2014-5894
+CVE-2014-5894 (The AireTalk: Text, Call, &amp; More! (aka com.pingshow.amper) applica ...)
 	NOT-FOR-US: AireTalk: Text, Call, & More! (aka com.pingshow.amper) application for Android
-CVE-2014-5893
+CVE-2014-5893 (The froyo (aka com.shinsegae.mobile.froyo) application 5.1.3 for Andro ...)
 	NOT-FOR-US: froyo (aka com.shinsegae.mobile.froyo) application for Android
-CVE-2014-5892
+CVE-2014-5892 (The greenbill (aka com.show.greenbill_G) application 2.0.3 for Android ...)
 	NOT-FOR-US: greenbill (aka com.show.greenbill_G) application for Android
-CVE-2014-5891
+CVE-2014-5891 (The SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application 1.1 ...)
 	NOT-FOR-US: SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application for Android
-CVE-2014-5890
+CVE-2014-5890 (The KBO sports2i 2014 (aka com.sports2i) application 5.1.00 for Androi ...)
 	NOT-FOR-US: KBO sports2i 2014 (aka com.sports2i) application for Android
-CVE-2014-5889
+CVE-2014-5889 (The Android Forums (aka com.tapatalk.androidforumscom) application 2.4 ...)
 	NOT-FOR-US: Android Forums (aka com.tapatalk.androidforumscom) application for Android
-CVE-2014-5888
+CVE-2014-5888 (The SLOTS: Bible Slots Free (aka com.topfreegames.topbibleslots) appli ...)
 	NOT-FOR-US: SLOTS: Bible Slots Free (aka com.topfreegames.topbibleslots) application for Android
-CVE-2014-5887
+CVE-2014-5887 (The Yell Local Search (aka com.yell.launcher2) application 4.2.1.4 for ...)
 	NOT-FOR-US: Yell Local Search (aka com.yell.launcher2) application for Android
-CVE-2014-5886
+CVE-2014-5886 (The iVysilani ceske televize (aka cz.motion.ivysilani) application 1.6 ...)
 	NOT-FOR-US: iVysilani ceske televize (aka cz.motion.ivysilani) application for Android
-CVE-2014-5885
+CVE-2014-5885 (The Disaster Alert (aka disasterAlert.PDC) application 3.2 for Android ...)
 	NOT-FOR-US: Disaster Alert (aka disasterAlert.PDC) application for Android
-CVE-2014-5884
+CVE-2014-5884 (The 1&amp;1 Online Storage (aka de.einsundeins.smartdrive) application ...)
 	NOT-FOR-US: 1&1 Online Storage (aka de.einsundeins.smartdrive) application for Android
-CVE-2014-5883
+CVE-2014-5883 (The 7-ELEVEN (aka ecowork.seven) application 2.08.000 for Android does ...)
 	NOT-FOR-US: 7-ELEVEN (aka ecowork.seven) application for Android
-CVE-2014-5882
+CVE-2014-5882 (The Homoo Ijiri (aka jp.co.applica) application 3.7 for Android does n ...)
 	NOT-FOR-US: Homoo Ijiri (aka jp.co.applica) application for Android
-CVE-2014-5881
+CVE-2014-5881 (The Yahoo! Japan Box (aka jp.co.yahoo.android.ybox) application 1.5.1  ...)
 	NOT-FOR-US: Yahoo! ybox application for android
-CVE-2014-5879
+CVE-2014-5879 (The tvguide (aka kenneth.tvguide) application 1.9.14 for Android does  ...)
 	NOT-FOR-US: tvguide application for Android
-CVE-2014-5878
+CVE-2014-5878 (The ium (aka net.ium.mobile.android) application 3.3.4 for Android doe ...)
 	NOT-FOR-US: ium application for Android
-CVE-2014-5877
+CVE-2014-5877 (The TV Guide (aka net.micene.minigroup.palimpsests.lite) application 5 ...)
 	NOT-FOR-US: TV Guide application for Android
-CVE-2014-5876
+CVE-2014-5876 (The WD My Cloud (aka com.wdc.wd2go) application 4.0.0 for Android does ...)
 	NOT-FOR-US: WD My Cloud application for Android
-CVE-2014-5875
+CVE-2014-5875 (The Sylphone (aka com.sylpheo.prospectosyl) application 5.3.8 for Andr ...)
 	NOT-FOR-US: Sylphone application for Android
-CVE-2014-5874
+CVE-2014-5874 (The SplashID (aka com.splashidandroid) application 7.2.2 for Android d ...)
 	NOT-FOR-US: SplashID application for Android
-CVE-2014-5873
+CVE-2014-5873 (The Sears (aka com.sears.android) application 6.2.8 for Android does n ...)
 	NOT-FOR-US: Sears application for Android
-CVE-2014-5872
+CVE-2014-5872 (The SafeNetMobile Pass (aka securecomputing.devices.android.controller ...)
 	NOT-FOR-US: SafeNetMobile Pass application for Android
-CVE-2014-5871
+CVE-2014-5871 (The Piwik Mobile 2 (aka org.piwik.mobile2) application 2.0.1 for Andro ...)
 	NOT-FOR-US: Piwik Mobile 2 application for Android
-CVE-2014-5870
+CVE-2014-5870 (The Kmart (aka com.kmart.android) application 6.2.8 for Android does n ...)
 	NOT-FOR-US: Kmart application for Android
-CVE-2014-5869
+CVE-2014-5869 (The CNNMoney Portfolio (aka com.cnn.cnnmoney) application 1.03 for And ...)
 	NOT-FOR-US: CNNMoney Portfolio application for Android
-CVE-2014-5868
+CVE-2014-5868 (The Cisco Technical Support (aka com.cisco.swtg_android) application 3 ...)
 	NOT-FOR-US: Cisco Technical Support application for Android
-CVE-2014-5867
+CVE-2014-5867 (The Capital One Spark Pay (aka com.capitalone.sparkpay) application 0. ...)
 	NOT-FOR-US: Capital One Spark Pay application for Android
-CVE-2014-5866
+CVE-2014-5866 (The CA DMV (aka gov.ca.dmv) application 2 for Android does not verify  ...)
 	NOT-FOR-US: CA DMV application for Android
-CVE-2014-5865
+CVE-2014-5865 (The Ask.com (aka com.ask.android) application 2.2.5 for Android does n ...)
 	NOT-FOR-US: Ask.com application for Android
-CVE-2014-5864
+CVE-2014-5864 (The Swish payments (aka se.bankgirot.swish) application 2 for Android  ...)
 	NOT-FOR-US: Swish payments application for Android
-CVE-2014-5863
+CVE-2014-5863 (The mpang.gp (aka air.com.cjenm.mpang.gp) application 4.0.0 for Androi ...)
 	NOT-FOR-US: mpang.gp application for Android
-CVE-2014-5862
+CVE-2014-5862 (The ecalendar2 (aka cn.etouch.ecalendar2) application 4.5.3 for Androi ...)
 	NOT-FOR-US: ecalendar2 application for Android
-CVE-2014-5861
+CVE-2014-5861 (The BoyAhoy - Gay Chat (aka com.boyahoy.android) application 4.3.6 for ...)
 	NOT-FOR-US: BoyAhoy application for Android
-CVE-2014-5860
+CVE-2014-5860 (The Slide Show Creator (aka com.amem) application 4.4.3 for Android do ...)
 	NOT-FOR-US: Slide Show Creator application for Android
-CVE-2014-5859
+CVE-2014-5859 (The Star Girl: Colors of Spring (aka com.animoca.google.starGirlSpring ...)
 	NOT-FOR-US: Star Girl application for Android
-CVE-2014-5858
+CVE-2014-5858 (The Candy Blast (aka com.appgame7.candyblast) application 1.1.001 for  ...)
 	NOT-FOR-US: Candy Blast application for Android
-CVE-2014-5857
+CVE-2014-5857 (The White &amp; Yellow Pages (aka com.avantar.wny) application 5.1.1 f ...)
 	NOT-FOR-US: White & Yellow Pages application for Android
-CVE-2014-5856
+CVE-2014-5856 (The Selfie Camera -Facial Beauty- (aka com.cfinc.cunpic) application 1 ...)
 	NOT-FOR-US: Selfie Camera application for Android
-CVE-2014-5855
+CVE-2014-5855 (The CJmall (aka com.cjoshppingphone) application 4.1.8 for Android doe ...)
 	NOT-FOR-US: CJmall application for Android
-CVE-2014-5854
+CVE-2014-5854 (The Windows Live Hotmail PUSH mail (aka com.clearhub.wl) application 1 ...)
 	NOT-FOR-US: Windows Live Hotmail PUSH mail application for Android
-CVE-2014-5853
+CVE-2014-5853 (The Knights N Squires (aka com.com2us.imhero.normal.freefull.google.gl ...)
 	NOT-FOR-US: Knights N Squires application for Android
-CVE-2014-5852
+CVE-2014-5852 (The Kakao (aka com.com2us.tinypang.kakao.freefull2.google.global.andro ...)
 	NOT-FOR-US: Kakao application for Android
-CVE-2014-5851
+CVE-2014-5851 (The Dark Summoner (aka com.darksummoner) application 1.03.39 for Andro ...)
 	NOT-FOR-US: Dark Summoner application for Android
-CVE-2014-5850
+CVE-2014-5850 (The Kaave Fali (aka com.didilabs.kaavefali) application 1.5.1 for Andr ...)
 	NOT-FOR-US: Kaave Fali application for Android
-CVE-2014-5849
+CVE-2014-5849 (The Maleficent Free Fall (aka com.disney.maleficent_goo) application 1 ...)
 	NOT-FOR-US: Maleficent Free Fall application for Android
-CVE-2014-5848
+CVE-2014-5848 (The Dubstep Hero (aka com.electricpunch.dubstephero) application 1.9 f ...)
 	NOT-FOR-US: Dubstep Hero application for Android
-CVE-2014-5847
+CVE-2014-5847 (The Big Win Slots - Slot Machines (aka com.gosub60.BigWinSlots) applic ...)
 	NOT-FOR-US: Big Win Slot application for Android
-CVE-2014-5846
+CVE-2014-5846 (The Fairy Princess Makeover Salon (aka com.mobgams.dressup.fairy.princ ...)
 	NOT-FOR-US: Fairy Princess Makeover Salon application for Android
-CVE-2014-5845
+CVE-2014-5845 (The Strike Fighters Israel (aka com.thirdwire.strikefighters.mideast.a ...)
 	NOT-FOR-US: Strike Fighers Israel application for Android
-CVE-2014-5844
+CVE-2014-5844 (The Alsunna (aka com.wAlsunna) application 0.1 for Android does not ve ...)
 	NOT-FOR-US: Alsunna application for Android
-CVE-2014-5843
+CVE-2014-5843 (The ADP AGENCY Immobiliare (aka com.wAdpagencyAndroid) application 0.1 ...)
 	NOT-FOR-US: ADP AGENCY Immobiliare application for Android
-CVE-2014-5842
+CVE-2014-5842 (The 2G Live Tv (aka com.ww2GLiveTv) application 0.9 for Android does n ...)
 	NOT-FOR-US: 2G Live TV application for Android
-CVE-2014-5841
+CVE-2014-5841 (The Girls Calendar Period&amp;Weight (aka jp.co.cybird.apps.lifestyle. ...)
 	NOT-FOR-US: Girls Calendar Period&Weight application for Android
-CVE-2014-5840
+CVE-2014-5840 (The forfone: Free Calls &amp; Messages (aka com.forfone.sip) forfone a ...)
 	NOT-FOR-US: forfone application for Android
-CVE-2014-5839
+CVE-2014-5839 (The Acces Compte (aka com.fullsix.android.labanquepostale.accountacces ...)
 	NOT-FOR-US: Acces Compte application for Android
-CVE-2014-5838
+CVE-2014-5838 (The Girls Games - Shoes Maker (aka com.g6677.android.shoemaker) applic ...)
 	NOT-FOR-US: Girls Games application for Android
-CVE-2014-5837
+CVE-2014-5837 (The My Railway (aka com.gameinsight.myrailway) application 1.1.33 for  ...)
 	NOT-FOR-US: My Railway application for Android
-CVE-2014-5836
+CVE-2014-5836 (The GittiGidiyor (aka com.gittigidiyormobil) application 1.4.1 for And ...)
 	NOT-FOR-US: GittiGidiyor application for Android
-CVE-2014-5835
+CVE-2014-5835 (The Club Personal (aka com.globant.clubpersonal) application 2.6 for A ...)
 	NOT-FOR-US: Club Personal application for Android
-CVE-2014-5834
+CVE-2014-5834 (The Solitaire Deluxe (aka com.gosub60.solfree2) application 2.8.5 for  ...)
 	NOT-FOR-US: Solitaire Deluxe application for Android
-CVE-2014-5833
+CVE-2014-5833 (The FriendCaster Chat (aka com.handmark.friendcaster.chat) application ...)
 	NOT-FOR-US: Friendaster Chat application for Android
-CVE-2014-5832
+CVE-2014-5832 (The hananbank (aka com.hanabank.ebk.channel.android.hananbank) applica ...)
 	NOT-FOR-US: hananbank application for Android
-CVE-2014-5831
+CVE-2014-5831 (The Hotel Story: Resort Simulation (aka com.happylabs.hotelstory) appl ...)
 	NOT-FOR-US: Hotel Story application for Android
-CVE-2014-5830
+CVE-2014-5830 (The Farm Frenzy Gold (aka com.herocraft.game.farmfrenzy.gold) applicat ...)
 	NOT-FOR-US: Farm Frenzy Gold application for Android
-CVE-2014-5829
+CVE-2014-5829 (The Hobby Lobby Stores (aka com.hobbylobbystores.android) application  ...)
 	NOT-FOR-US: Hobby Lobby Stores application for Android
-CVE-2014-5828
+CVE-2014-5828 (The 3Kundenzone (aka com.hutchison3g.at.android.selfcare) application  ...)
 	NOT-FOR-US: 3Kundenzone application for Android
-CVE-2014-5827
+CVE-2014-5827 (The Ibotta - Better than Coupons. (aka com.ibotta.android) application ...)
 	NOT-FOR-US: Ibotta application for Android
-CVE-2014-5826
+CVE-2014-5826 (The Rix GO Locker Theme (aka com.jiubang.goscreenlock.theme.rix.getjar ...)
 	NOT-FOR-US: Rix GO Locker Theme application for Android
-CVE-2014-5825
+CVE-2014-5825 (The Guess The Movie (aka com.june.guessthemovie) application 2.982 for ...)
 	NOT-FOR-US: Guess The Movie application for Android
-CVE-2014-5824
+CVE-2014-5824 (The longjiang (aka com.longjiang.kr) application 2.0.6 for Android doe ...)
 	NOT-FOR-US: longjiang application for Android
-CVE-2014-5823
+CVE-2014-5823 (The The Cleaner - Speed up &amp; Clean (aka com.liquidum.thecleaner) a ...)
 	NOT-FOR-US: The Cleaner application for Android
-CVE-2014-5822
+CVE-2014-5822 (The VK Kate Mobile (aka com.perm.kate) application 9.6.1 for Android d ...)
 	NOT-FOR-US: VK Kate Mobile application for Android
-CVE-2014-5821
+CVE-2014-5821 (The Guitar Tuner Free - GuitarTuna (aka com.ovelin.guitartuna) applica ...)
 	NOT-FOR-US: Guitar Tuner Free application for Android
-CVE-2014-5820
+CVE-2014-5820 (The OkCupid Dating (com.okcupid.okcupid) application 3.4.6 for Android ...)
 	NOT-FOR-US: OkCupid Dating application for Android
-CVE-2014-5819
+CVE-2014-5819 (The PHONE for Google Voice &amp; GTalk (aka com.moplus.gvphone) applic ...)
 	NOT-FOR-US: PHONE for Google Voice & GTalk application for Android
-CVE-2014-5818
+CVE-2014-5818 (The Tiny Tower (aka com.mobage.ww.a560.tinytower_android) application  ...)
 	NOT-FOR-US: Tiny Tower application for Android
-CVE-2014-5817
+CVE-2014-5817 (The Mini Pets (aka com.miniclip.animalshelter) application 2.0.3 for A ...)
 	NOT-FOR-US: Mini Pets application for Android
-CVE-2014-5816
+CVE-2014-5816 (The MeiPai (aka com.meitu.meipaimv) application 1.2.0 for Android does ...)
 	NOT-FOR-US: MeiPai application for Android
-CVE-2014-5815
+CVE-2014-5815 (The Solitaire Arena (aka com.mavenhut.solitaire) application 1.0.15 fo ...)
 	NOT-FOR-US: Solitaire Arena application for Android
 CVE-2014-5814
 	REJECTED
-CVE-2014-5813
+CVE-2014-5813 (The lostword (aka zozo.android.lostword) application 5.9 for Android d ...)
 	NOT-FOR-US: lostword application for Android
-CVE-2014-5812
+CVE-2014-5812 (The VDM Officiel (aka vdm.activities) application 5 for Android does n ...)
 	NOT-FOR-US: VDM Officiel application for Android
-CVE-2014-5811
+CVE-2014-5811 (The ZOOM Cloud Meetings (aka us.zoom.videomeetings) application @7F060 ...)
 	NOT-FOR-US: ZOOM cloud Meetings application for Android
-CVE-2014-5810
+CVE-2014-5810 (The SGK Hizmet Dokumu 4a (aka tr.gov.sgk.hizmetDokumu4a) application 1 ...)
 	NOT-FOR-US: SGK Hizmet Dokumu 4a application for Android
-CVE-2014-5809
+CVE-2014-5809 (The Smart Browser (aka smartbrowser.geniuscloud) application 2.0 for A ...)
 	NOT-FOR-US: Smart Browser (aka smartbrowser.geniuscloud) application for Android
-CVE-2014-5808
+CVE-2014-5808 (The Whisper (aka sh.whisper) application 4.0.6 for Android does not ve ...)
 	NOT-FOR-US: Whisper application for Android
-CVE-2014-5807
+CVE-2014-5807 (The Safari Browser (aka safari.safaribrowser.internetexplorer) applica ...)
 	NOT-FOR-US: Safari Browser application for Android
-CVE-2014-5806
+CVE-2014-5806 (The World of Tanks Assistant (aka ru.worldoftanks.mobile) application  ...)
 	NOT-FOR-US: World of Tanks Assistant application for Android
-CVE-2014-5805
+CVE-2014-5805 (The Dating for everyone - Mamba! (aka ru.mamba.client) application 3.5 ...)
 	NOT-FOR-US: Dating for everyone - Mamba! application for Android
-CVE-2014-5804
+CVE-2014-5804 (The Mail.Ru Dating (aka ru.mail.love) application 3 for Android does n ...)
 	NOT-FOR-US: Mail.Ru Dating application for Android
-CVE-2014-5803
+CVE-2014-5803 (The Towers N' Trolls (aka project.android.ftdjni) application 1.6.4 fo ...)
 	NOT-FOR-US: Towers N' Trolls application for Android
-CVE-2014-5802
+CVE-2014-5802 (The PlayScape (aka playscape.mominis.gameconsole.com) application 9.3. ...)
 	NOT-FOR-US: PlayScape application for Android
-CVE-2014-5801
+CVE-2014-5801 (The DataGard VPN + AV (aka ocshield.com) application @7F050013 for And ...)
 	NOT-FOR-US: DataGard VPN + AV application for Android
-CVE-2014-5800
+CVE-2014-5800 (The smart.nhibzbanking (aka nh.smart.nhibzbanking) application 2.1 for ...)
 	NOT-FOR-US: smart.nhibzbanking application for Android
-CVE-2014-5799
+CVE-2014-5799 (The smart.card (aka nh.smart.card) application 3.2 for Android does no ...)
 	NOT-FOR-US: smart.card application for Android
-CVE-2014-5798
+CVE-2014-5798 (The smart.calculator (aka nh.smart.calculator) application 2 for Andro ...)
 	NOT-FOR-US: smart.calculator application for Android
-CVE-2014-5797
+CVE-2014-5797 (The smart (aka nh.smart) application 3.0.5 for Android does not verify ...)
 	NOT-FOR-US: smart application for Android
-CVE-2014-5796
+CVE-2014-5796 (The Chest Workout (aka net.p4p.chest) application 2.0.8 for Android do ...)
 	NOT-FOR-US: Chest workout application for Android
-CVE-2014-5794
+CVE-2014-5794 (The 8 Minutes Abs Workout (aka net.p4p.absen) application 2.0.9 for An ...)
 	NOT-FOR-US: 8 Minutes Abs Workout application for Android
-CVE-2014-5793
+CVE-2014-5793 (The Bilgi Yarisi (aka net.mobilecraft.bilgiyarisi) application 1.8 for ...)
 	NOT-FOR-US: Bilgi Yarisi application for Android
-CVE-2014-5792
+CVE-2014-5792 (The Reign of Dragons: Build-Battle (aka net.gree.android.pf.greeapp575 ...)
 	NOT-FOR-US: Reign of Dragons application for Android
-CVE-2014-5791
+CVE-2014-5791 (The Daum Cloud (aka net.daum.android.cloud) application 1.6.18 for And ...)
 	NOT-FOR-US: Daum cloud application for Android
-CVE-2014-5790
+CVE-2014-5790 (The Pets Fun House (aka mominis.Generic_Android.Pets_Fun_House) applic ...)
 	NOT-FOR-US: Pets Fun House application for Android
-CVE-2014-5789
+CVE-2014-5789 (The Ninja Chicken Ooga Booga (aka mominis.Generic_Android.Ninja_Chicke ...)
 	NOT-FOR-US: Nija Chicken Ooga Booga application for Android
-CVE-2014-5788
+CVE-2014-5788 (The Ninja Chicken Adventure Island (aka mominis.Generic_Android.Ninja_ ...)
 	NOT-FOR-US: Ninja Chicken Adventure Island application for Android
-CVE-2014-5787
+CVE-2014-5787 (The Ninja Chicken (aka mominis.Generic_Android.Ninja_Chicken) applicat ...)
 	NOT-FOR-US: Ninja Chicken application for Android
-CVE-2014-5786
+CVE-2014-5786 (The Jewels &amp; Diamonds (aka mominis.Generic_Android.Jewels_and_Diam ...)
 	NOT-FOR-US: Jewels & Diamonds application for Android
-CVE-2014-5785
+CVE-2014-5785 (The Bouncy Bill World-Cup (aka mominis.Generic_Android.Bouncy_Bill_Wor ...)
 	NOT-FOR-US: Bouncy Bill World-Cup application for Android
-CVE-2014-5784
+CVE-2014-5784 (The Bouncy Bill Seasons (aka mominis.Generic_Android.Bouncy_Bill_Seaso ...)
 	NOT-FOR-US: Bouncy Bill Seasons application for Android
-CVE-2014-5783
+CVE-2014-5783 (The Bouncy Bill Monster Smasher ed (aka mominis.Generic_Android.Bouncy ...)
 	NOT-FOR-US: Bouncy Bill Monster Smasher ed application for Android
-CVE-2014-5782
+CVE-2014-5782 (The Bouncy Bill Halloween (aka mominis.Generic_Android.Bouncy_Bill_Hal ...)
 	NOT-FOR-US: Bouncy Bill Halloween application for Android
-CVE-2014-5781
+CVE-2014-5781 (The Bouncy Bill Easter Tales (aka mominis.Generic_Android.Bouncy_Bill_ ...)
 	NOT-FOR-US: Bouncy Bill Easter Tales application for Android
-CVE-2014-5780
+CVE-2014-5780 (The Bouncy Bill (aka mominis.Generic_Android.Bouncy_Bill) application  ...)
 	NOT-FOR-US: Bouncy Bill application for Android
-CVE-2014-5779
+CVE-2014-5779 (The Jack'd - Gay Chat &amp; Dating (aka mobi.jackd.android) applicatio ...)
 	NOT-FOR-US: Jack'd - Gay Chat & Dating (aka mobi.jackd.android) application for Android
-CVE-2014-5778
+CVE-2014-5778 (The Pou (aka me.pou.app) application 1.4.53 for Android does not verif ...)
 	NOT-FOR-US: Pou (aka me.pou.app) application for Android
-CVE-2014-5777
+CVE-2014-5777 (The icon wallpaper dressup-CocoPPa (aka jp.united.app.cocoppa) applica ...)
 	NOT-FOR-US: icon wallpaper dressup-CocoPPa (aka jp.united.app.cocoppa) application for Android
-CVE-2014-5776
+CVE-2014-5776 (The PlayMemories Online (aka jp.co.sony.tablet.PersonalSpace) applicat ...)
 	NOT-FOR-US: PlayMemories Online (aka jp.co.sony.tablet.PersonalSpace) application for Android
-CVE-2014-5775
+CVE-2014-5775 (The Super Fast Browser (aka iron.web.jalepano.browser) application 2.0 ...)
 	NOT-FOR-US: Super Fast Browser (aka iron.web.jalepano.browser) application for Android
-CVE-2014-5774
+CVE-2014-5774 (The Web Browser &amp; Explorer (aka internetexplorer.browser.webexplor ...)
 	NOT-FOR-US: Web Browser & Explorer (aka internetexplorer.browser.webexplorer) application for Android
-CVE-2014-5773
+CVE-2014-5773 (The RegisteredAssistant (aka Icr.RegisteredAssistant) application 0.2. ...)
 	NOT-FOR-US: RegisteredAssistant (aka Icr.RegisteredAssistant) application for Android
-CVE-2014-5772
+CVE-2014-5772 (The Government Bookstore (aka hksarg.isd.sop.govbookstore) application ...)
 	NOT-FOR-US: Government Bookstore (aka hksarg.isd.sop.govbookstore) application for Android
-CVE-2014-5771
+CVE-2014-5771 (The Credit Union of Texas Mobile (aka Fi_Mobile.CUOT) application 1.1  ...)
 	NOT-FOR-US: Credit Union of Texas Mobile (aka Fi_Mobile.CUOT) application for Android
-CVE-2014-5770
+CVE-2014-5770 (The Web Browser for Android (aka explore.web.browser) application 1.2  ...)
 	NOT-FOR-US: Web Browser for Android (aka explore.web.browser) application for Android
-CVE-2014-5769
+CVE-2014-5769 (The Mobiscope Local (aka ehs.mobiscope.kernel) application 1.05 for An ...)
 	NOT-FOR-US: Mobiscope Local (aka ehs.mobiscope.kernel) application for Android
-CVE-2014-5768
+CVE-2014-5768 (The Food Planner (aka dk.boggie.madplan.android) application 4.8.4.3-g ...)
 	NOT-FOR-US: Food Planner (aka dk.boggie.madplan.android) application for Android
-CVE-2014-5767
+CVE-2014-5767 (The IM+ (aka de.shapeservices.impluslite) application 6.6.2 for Androi ...)
 	NOT-FOR-US: IM+ (aka de.shapeservices.impluslite) application for Android
-CVE-2014-5766
+CVE-2014-5766 (The Uber B2B (aka de.mobileeventguide.uberb2b) application 1.9 for And ...)
 	NOT-FOR-US: Uber B2B (aka de.mobileeventguide.uberb2b) application for Android
-CVE-2014-5765
+CVE-2014-5765 (The Paint for Friends (aka de.lotumlabs.buddypainting) application 1.5 ...)
 	NOT-FOR-US: Paint for Friends (aka de.lotumlabs.buddypainting) application for Android
-CVE-2014-5764
+CVE-2014-5764 (The Antivirus Free (aka com.zrgiu.antivirus) application 7.2.16.02 for ...)
 	NOT-FOR-US: Antivirus Free (aka com.zrgiu.antivirus) application for Android
-CVE-2014-5763
+CVE-2014-5763 (The Kid Mode: Free Games + Lock (aka com.zoodles.kidmode) application  ...)
 	NOT-FOR-US: Kid Mode: Free Games + Lock (aka com.zoodles.kidmode) application for Android
-CVE-2014-5762
+CVE-2014-5762 (The Cut the Rope: Time Travel (aka com.zeptolab.timetravel.free.google ...)
 	NOT-FOR-US: Cut the Rope: Time Travel (aka com.zeptolab.timetravel.free.google) application for Android
-CVE-2014-5761
+CVE-2014-5761 (The Zipcar (aka com.zc.android) application 3.4.2 for Android does not ...)
 	NOT-FOR-US: Zipcar (aka com.zc.android) application for Android
-CVE-2014-5760
+CVE-2014-5760 (The Pizza Hut (aka com.yum.pizzahut) application 2.0.5 for Android doe ...)
 	NOT-FOR-US: Pizza Hut (aka com.yum.pizzahut) application for Android
-CVE-2014-5759
+CVE-2014-5759 (The Awesome Antivirus 2014 (aka com.yoursite.top5antivirus2014) applic ...)
 	NOT-FOR-US: Awesome Antivirus 2014 (aka com.yoursite.top5antivirus2014) application for Android
-CVE-2014-5758
+CVE-2014-5758 (The Yellow Pages Local Search (aka com.yellowbook.android2) applicatio ...)
 	NOT-FOR-US: Yellow Pages Local Search (aka com.yellowbook.android2) application for Android
-CVE-2014-5757
+CVE-2014-5757 (The Buy Tickets (aka com.xcr.android.buytickets) application 2.3 for A ...)
 	NOT-FOR-US: Buy Tickets (aka com.xcr.android.buytickets) application for Android
-CVE-2014-5756
+CVE-2014-5756 (The Buy 99 Cents Only Products (aka com.ww99CentsOnlyStores) applicati ...)
 	NOT-FOR-US: Buy 99 Cents Only Products (aka com.ww99CentsOnlyStores) application for Android
-CVE-2014-5755
+CVE-2014-5755 (The verizon (aka com.wverizonwirelessbill) application 0.1 for Android ...)
 	NOT-FOR-US: verizon (aka com.wverizonwirelessbill) application for Android
-CVE-2014-5754
+CVE-2014-5754 (The Verizon Instant Refills 24/7 (aka com.wVerizonInstantRefill247) ap ...)
 	NOT-FOR-US: Verizon Instant Refills 24/7 (aka com.wVerizonInstantRefill247) application for Android
-CVE-2014-5753
+CVE-2014-5753 (The Twitter No Background (aka com.wTwitternobackground) application 0 ...)
 	NOT-FOR-US: Twitter No Background (aka com.wTwitternobackground) application for Android
-CVE-2014-5752
+CVE-2014-5752 (The wTradersActivity (aka com.wTradersActivity) application 0.1 for An ...)
 	NOT-FOR-US: wTradersActivity (aka com.wTradersActivity) application for Android
-CVE-2014-5751
+CVE-2014-5751 (The Tor Browser the Short Guide (aka com.wTorShortUserManual) applicat ...)
 	NOT-FOR-US: Tor Browser the Short Guide (aka com.wTorShortUserManual) application for Android
-CVE-2014-5750
+CVE-2014-5750 (The Pro Bet Tips (aka com.wProBetTips) application 0.2 for Android doe ...)
 	NOT-FOR-US: Pro Bet Tips (aka com.wProBetTips) application for Android
-CVE-2014-5749
+CVE-2014-5749 (The Jelly Splash (aka com.wooga.jelly_splash) application 1.11.3 for A ...)
 	NOT-FOR-US: Jelly Splash (aka com.wooga.jelly_splash) application for Android
-CVE-2014-5748
+CVE-2014-5748 (The wK12olslogin (aka com.wK12olslogin) application 0.1 for Android do ...)
 	NOT-FOR-US: wK12olslogin (aka com.wK12olslogin) application for Android
-CVE-2014-5747
+CVE-2014-5747 (The XFINITY Constant Guard Mobile (aka com.whitesky.mobile.android) ap ...)
 	NOT-FOR-US: XFINITY Constant Guard Mobile (aka com.whitesky.mobile.android) application for Android
-CVE-2014-5746
+CVE-2014-5746 (The Government Best Jobs (aka com.wGovernmentBestJobs) application 0.1 ...)
 	NOT-FOR-US: Government Best Jobs (aka com.wGovernmentBestJobs) application for Android
-CVE-2014-5745
+CVE-2014-5745 (The FREE Pageplus Activation (aka com.wFREEPageplusActivations) applic ...)
 	NOT-FOR-US: FREE Pageplus Activation (aka com.wFREEPageplusActivations) application for Android
-CVE-2014-5744
+CVE-2014-5744 (The RE-VOLT 2 : MULTIPLAYER (aka com.wegoi.revolt2multiplayer) applica ...)
 	NOT-FOR-US: RE-VOLT 2 : MULTIPLAYER (aka com.wegoi.revolt2multiplayer) application for Android
-CVE-2014-5743
+CVE-2014-5743 (The RE-VOLT 2 : Best RC 3D Racing (aka com.wego.revolt2_global) applic ...)
 	NOT-FOR-US: RE-VOLT 2 : Best RC 3D Racing (aka com.wego.revolt2_global) application for Android
-CVE-2014-5742
+CVE-2014-5742 (The Eversnap Private Photo Album (aka com.weddingsnap.android) applica ...)
 	NOT-FOR-US: Eversnap Private Photo Album (aka com.weddingsnap.android) application for Android
-CVE-2014-5741
+CVE-2014-5741 (The Security - Complete (aka com.webroot.security.complete) applicatio ...)
 	NOT-FOR-US: Security - Complete (aka com.webroot.security.complete) application for Android
-CVE-2014-5740
+CVE-2014-5740 (The Security - Free (aka com.webroot.security) application 3.6.0.6610  ...)
 	NOT-FOR-US: Security - Free (aka com.webroot.security) application for Android
-CVE-2014-5739
+CVE-2014-5739 (The Garfield's Diner (aka com.webprancer.google.GarfieldsDiner) applic ...)
 	NOT-FOR-US: Garfield's Diner (aka com.webprancer.google.GarfieldsDiner) application for Android
-CVE-2014-5738
+CVE-2014-5738 (The Garfield's Defense (aka com.webprancer.google.garfieldDefense) app ...)
 	NOT-FOR-US: Garfield's Defense (aka com.webprancer.google.garfieldDefense) application for Android
-CVE-2014-5737
+CVE-2014-5737 (The CDsoft (aka com.wCDSOFT) application 0.2 for Android does not veri ...)
 	NOT-FOR-US: CDsoft (aka com.wCDSOFT) application for Android
-CVE-2014-5736
+CVE-2014-5736 (The Buy Coins (aka com.wBuyCoins) application 0.62.13364.24150 for And ...)
 	NOT-FOR-US: Buy Coins (aka com.wBuyCoins) application for Android
-CVE-2014-5735
+CVE-2014-5735 (The Buy A Gift (aka com.wBuyAGift) application 13529.90084 for Android ...)
 	NOT-FOR-US: Buy A Gift (aka com.wBuyAGift) application for Android
-CVE-2014-5734
+CVE-2014-5734 (The Buy Books (aka com.wBooksForSale) application 0.1 for Android does ...)
 	NOT-FOR-US: Buy Books (aka com.wBooksForSale) application for Android
-CVE-2014-5733
+CVE-2014-5733 (The Shop Love (aka com.waterwish.shoplove) application 1.05 for Androi ...)
 	NOT-FOR-US: Shop Love (aka com.waterwish.shoplove) application for Android
-CVE-2014-5732
+CVE-2014-5732 (The Wamba - meet women and men (aka com.wamba.client) application 3 fo ...)
 	NOT-FOR-US: Wamba - meet women and men (aka com.wamba.client) application for Android
-CVE-2014-5731
+CVE-2014-5731 (The Word Search (aka com.virtuesoft.wordsearch) application 2.3.0 for  ...)
 	NOT-FOR-US: Word Search (aka com.virtuesoft.wordsearch) application for Android
-CVE-2014-5730
+CVE-2014-5730 (The russkoe TB HD (aka com.videotelecom.russkoeHD) application 3.6 for ...)
 	NOT-FOR-US: russkoe TB HD (aka com.videotelecom.russkoeHD) application for Android
-CVE-2014-5729
+CVE-2014-5729 (The Viddy (aka com.viddy.Viddy) application 1.3.9 for Android does not ...)
 	NOT-FOR-US: Viddy (aka com.viddy.Viddy) application for Android
-CVE-2014-5728
+CVE-2014-5728 (The Vevo - Watch HD Music Videos (aka com.vevo) application 2.0.27 for ...)
 	NOT-FOR-US: Vevo - Watch HD Music Videos (aka com.vevo) application for Android
-CVE-2014-5727
+CVE-2014-5727 (The uTorrent Remote (aka com.utorrent.web) application 1.0.20110929 fo ...)
 	NOT-FOR-US: uTorrent Remote (aka com.utorrent.web) application for Android
-CVE-2014-5726
+CVE-2014-5726 (The Security Service myBranch App (aka com.tyfone.ssfcu.mbanking) appl ...)
 	NOT-FOR-US: Security Service myBranch App (aka com.tyfone.ssfcu.mbanking) application for Android
-CVE-2014-5725
+CVE-2014-5725 (The Truecaller - Caller ID &amp; Block (aka com.truecaller) applicatio ...)
 	NOT-FOR-US: Truecaller - Caller ID & Block (aka com.truecaller) application for Android
-CVE-2014-5724
+CVE-2014-5724 (The Gambling Insider Magazine (aka com.triactivemedia.gambling) applic ...)
 	NOT-FOR-US: Gambling Insider Magazine (aka com.triactivemedia.gambling) application for Android
-CVE-2014-5723
+CVE-2014-5723 (The Trapster (aka com.trapster.android) application 4.3.2 for Android  ...)
 	NOT-FOR-US: Trapster (aka com.trapster.android) application for Android
-CVE-2014-5722
+CVE-2014-5722 (The SwiftKey Keyboard + Emoji (aka com.touchtype.swiftkey) application ...)
 	NOT-FOR-US: SwiftKey Keyboard + Emoji (aka com.touchtype.swiftkey) application for Android
-CVE-2014-5721
+CVE-2014-5721 (The Touchnote Postcards (aka com.touchnote.android) application 4.2.7  ...)
 	NOT-FOR-US: Touchnote Postcards (aka com.touchnote.android) application for Android
-CVE-2014-5720
+CVE-2014-5720 (The Bike Race Free - Top Free Game (aka com.topfreegames.bikeracefreew ...)
 	NOT-FOR-US: Bike Race Free - Top Free Game (aka com.topfreegames.bikeracefreeworld) application for Android
-CVE-2014-5719
+CVE-2014-5719 (The BIKE RACING 2014 (aka com.timuzsolutions.bikeracing2014) applicati ...)
 	NOT-FOR-US: BIKE RACING 2014 (aka com.timuzsolutions.bikeracing2014) application for Android
 CVE-2014-5718
 	REJECTED
-CVE-2014-5717
+CVE-2014-5717 (The Fashion Style (aka com.thirtysixyougames.google.starGirlSingapore) ...)
 	NOT-FOR-US: Fashion Style (aka com.thirtysixyougames.google.starGirlSingapore) application for Android
-CVE-2014-5716
+CVE-2014-5716 (The GUNSHIP BATTLE : Helicopter 3D (aka com.theonegames.gunshipbattle) ...)
 	NOT-FOR-US: GUNSHIP BATTLE : Helicopter 3D (aka com.theonegames.gunshipbattle) application for Android
-CVE-2014-5715
+CVE-2014-5715 (The Street Racing (aka com.tgb.streetracing.lite5pp) application 4.0.4 ...)
 	NOT-FOR-US: Street Racing (aka com.tgb.streetracing.lite5pp) application for Android
-CVE-2014-5714
+CVE-2014-5714 (The Text Me! Free Texting &amp; Call (aka com.textmeinc.textme) applic ...)
 	NOT-FOR-US: Text Me! Free Texting & Call (aka com.textmeinc.textme) application for Android
-CVE-2014-5713
+CVE-2014-5713 (The Telly - Watch the good stuff (aka com.telly) application 2.5.1 for ...)
 	NOT-FOR-US: Telly - Watch the good stuff (aka com.telly) application for Android
-CVE-2014-5712
+CVE-2014-5712 (The Turbo River Racing Free (aka com.tektite.androidgames.trrfree) app ...)
 	NOT-FOR-US: Turbo River Racing Free (aka com.tektite.androidgames.trrfree) application for Android
-CVE-2014-5711
+CVE-2014-5711 (The Microsoft Tech Companion (aka com.technet) application 1.0.6 for A ...)
 	NOT-FOR-US: Microsoft Tech Companion (aka com.technet) application for Android
-CVE-2014-5710
+CVE-2014-5710 (The Cisco Class Locator Fast Lane (aka com.tabletkings.mycompany.fastl ...)
 	NOT-FOR-US: Cisco Class Locator Fast Lane (aka com.tabletkings.mycompany.fastlane.cisco) application for Android
-CVE-2014-5709
+CVE-2014-5709 (The Donut Maker (aka com.sunstorm.android.donut) application 1.27 for  ...)
 	NOT-FOR-US: Donut Maker (aka com.sunstorm.android.donut) application for Android
-CVE-2014-5708
+CVE-2014-5708 (The Best Racing/moto Games Ranking (aka com.subapp.android.racing) app ...)
 	NOT-FOR-US: Best Racing/moto Games Ranking (aka com.subapp.android.racing) application for Android
-CVE-2014-5707
+CVE-2014-5707 (The Bunny Run (aka com.stargirlgames.google.bunnyrun) application 1.1. ...)
 	NOT-FOR-US: Bunny Run (aka com.stargirlgames.google.bunnyrun) application for Android
-CVE-2014-5706
+CVE-2014-5706 (The SomNote - Journal/Memo (aka com.somcloud.somnote) application 2.1. ...)
 	NOT-FOR-US: SomNote - Journal/Memo (aka com.somcloud.somnote) application for Android
-CVE-2014-5705
+CVE-2014-5705 (The Sonic CD Lite (aka com.soa.sega.soniccdlite) application 1.0.4 for ...)
 	NOT-FOR-US: Sonic CD Lite (aka com.soa.sega.soniccdlite) application for Android
-CVE-2014-5704
+CVE-2014-5704 (The DISH Anywhere (aka com.sm.SlingGuide.Dish) application 3.5.10 for  ...)
 	NOT-FOR-US: DISH Anywhere (aka com.sm.SlingGuide.Dish) application for Android
-CVE-2014-5703
+CVE-2014-5703 (The Slingo Lottery Challenge (aka com.slingo.slingolotterychallenge) a ...)
 	NOT-FOR-US: Slingo Lottery Challenge (aka com.slingo.slingolotterychallenge) application for Android
-CVE-2014-5702
+CVE-2014-5702 (The Penguin Run (aka com.skyboard.google.penguinRun) application 1.1 f ...)
 	NOT-FOR-US: Penguin Run (aka com.skyboard.google.penguinRun) application for Android
-CVE-2014-5701
+CVE-2014-5701 (The Skout: Chats. Friends. Fun. (aka com.skout.android) application 4. ...)
 	NOT-FOR-US: Skout: Chats. Friends. Fun. (aka com.skout.android) application for Android
-CVE-2014-5700
+CVE-2014-5700 (The Brain lab - brain age games IQ (aka com.sixdead.brainlab) applicat ...)
 	NOT-FOR-US: Brain lab - brain age games IQ (aka com.sixdead.brainlab) application for Android
-CVE-2014-5699
+CVE-2014-5699 (The Parallel Kingdom MMO (aka com.silvermoon.client) application @7F07 ...)
 	NOT-FOR-US: Parallel Kingdom MMO (aka com.silvermoon.client) application for Android
-CVE-2014-5698
+CVE-2014-5698 (The Furdiburb (aka com.sheado.lite.pet) application 1.1.2 for Android  ...)
 	NOT-FOR-US: Furdiburb (aka com.sheado.lite.pet) application for Android
-CVE-2014-5697
+CVE-2014-5697 (The Dress Up! Girl Party (aka com.sgn.DressUp.GirlParty) application 2 ...)
 	NOT-FOR-US: Dress Up! Girl Party (aka com.sgn.DressUp.GirlParty) application for Android
-CVE-2014-5696
+CVE-2014-5696 (The Sonic 4 Episode II LITE (aka com.sega.sonic4ep2lite) application 2 ...)
 	NOT-FOR-US: Sonic 4 Episode II LITE (aka com.sega.sonic4ep2lite) application for Android
-CVE-2014-5695
+CVE-2014-5695 (The Hello Kitty Cafe (aka com.sd.google.helloKittyCafe) application 1. ...)
 	NOT-FOR-US: Hello Kitty Cafe (aka com.sd.google.helloKittyCafe) application for Android
-CVE-2014-5694
+CVE-2014-5694 (The Scoutmob local deals &amp; events (aka com.scoutmob.ile) applicati ...)
 	NOT-FOR-US: Scoutmob local deals & events (aka com.scoutmob.ile) application for Android
-CVE-2014-5693
+CVE-2014-5693 (The Slots Vacation - FREE Slots (aka com.scopely.slotsvacation) applic ...)
 	NOT-FOR-US: Slots Vacation - FREE Slots (aka com.scopely.slotsvacation) application for Android
-CVE-2014-5692
+CVE-2014-5692 (The Safeway (aka com.safeway.client.android.safeway) application 4.1.0 ...)
 	NOT-FOR-US: Safeway (aka com.safeway.client.android.safeway) application for Android
-CVE-2014-5691
+CVE-2014-5691 (The Best Phone Security (aka com.rvappstudios.phonesecurity) applicati ...)
 	NOT-FOR-US: Best Phone Security (aka com.rvappstudios.phonesecurity) application for Android
-CVE-2014-5690
+CVE-2014-5690 (The Runtastic Timer (aka com.runtastic.android.timer) application 1.0. ...)
 	NOT-FOR-US: Runtastic Timer (aka com.runtastic.android.timer) application for Android
-CVE-2014-5689
+CVE-2014-5689 (The Runtastic Road Bike (aka com.runtastic.android.roadbike.lite) appl ...)
 	NOT-FOR-US: Runtastic Road Bike (aka com.runtastic.android.roadbike.lite) application for Android
-CVE-2014-5688
+CVE-2014-5688 (The Runtastic Pedometer (aka com.runtastic.android.pedometer.lite) app ...)
 	NOT-FOR-US: Runtastic Pedometer (aka com.runtastic.android.pedometer.lite) application for Android
-CVE-2014-5687
+CVE-2014-5687 (The Runtastic Mountain Bike (aka com.runtastic.android.mountainbike.li ...)
 	NOT-FOR-US: Runtastic Mountain Bike (aka com.runtastic.android.mountainbike.lite) application for Android
-CVE-2014-5686
+CVE-2014-5686 (The Runtastic Me (aka com.runtastic.android.me.lite) application 1.0.2 ...)
 	NOT-FOR-US: Runtastic Me (aka com.runtastic.android.me.lite) application for Android
-CVE-2014-5685
+CVE-2014-5685 (The Runtastic Heart Rate (aka com.runtastic.android.heartrate.lite) ap ...)
 	NOT-FOR-US: Runtastic Heart Rate (aka com.runtastic.android.heartrate.lite) application for Android
-CVE-2014-5684
+CVE-2014-5684 (The Runtastic Running &amp; Fitness (aka com.runtastic.android) applic ...)
 	NOT-FOR-US: Runtastic Running & Fitness (aka com.runtastic.android) application for Android
-CVE-2014-5683
+CVE-2014-5683 (The Piano Teacher (aka com.rubycell.pianisthd) application 20140730 fo ...)
 	NOT-FOR-US: Piano Teacher (aka com.rubycell.pianisthd) application for Android
-CVE-2014-5682
+CVE-2014-5682 (The Retale - Weekly Ads &amp; Deals (aka com.retale.android) applicati ...)
 	NOT-FOR-US: Retale - Weekly Ads & Deals (aka com.retale.android) application for Android
-CVE-2014-5681
+CVE-2014-5681 (The XDA-Developers (aka com.quoord.tapatalkxda.activity) application 3 ...)
 	NOT-FOR-US: XDA-Developers (aka com.quoord.tapatalkxda.activity) application for Android
-CVE-2014-5680
+CVE-2014-5680 (The Tapatalk (aka com.quoord.tapatalkpro.activity) application 4.8.0 f ...)
 	NOT-FOR-US: Tapatalk (aka com.quoord.tapatalkpro.activity) application for Android
-CVE-2014-5679
+CVE-2014-5679 (The PopU 2: Get Likes on Instagram (aka com.popuapp.popu) application  ...)
 	NOT-FOR-US: PopU 2: Get Likes on Instagram (aka com.popuapp.popu) application for Android
-CVE-2014-5678
+CVE-2014-5678 (The IQ Test (aka com.pophub.androidiqtest.free) application 3.3 for An ...)
 	NOT-FOR-US: IQ Test (aka com.pophub.androidiqtest.free) application for Android
-CVE-2014-5677
+CVE-2014-5677 (The Point Inside Shopping &amp; Travel (aka com.pointinside.android.ap ...)
 	NOT-FOR-US: Point Inside Shopping & Travel (aka com.pointinside.android.app) application for Android
-CVE-2014-5676
+CVE-2014-5676 (The Township (aka com.playrix.township) application 1.5.1 for Android  ...)
 	NOT-FOR-US: Township (aka com.playrix.township) application for Android
-CVE-2014-5675
+CVE-2014-5675 (The Phonegram - Instagram Download (aka com.pinssible.padgram) applica ...)
 	NOT-FOR-US: Phonegram - Instagram Download (aka com.pinssible.padgram) application for Android
-CVE-2014-5674
+CVE-2014-5674 (The PicsArt - Photo Studio (aka com.picsart.studio) application 4.5.5  ...)
 	NOT-FOR-US: PicsArt - Photo Studio (aka com.picsart.studio) application for Android
-CVE-2014-5673
+CVE-2014-5673 (The Easy Finder &amp; Anti-Theft (aka com.nqmobile.easyfinder) applica ...)
 	NOT-FOR-US: Easy Finder & Anti-Theft (aka com.nqmobile.easyfinder) application for Android
-CVE-2014-5672
+CVE-2014-5672 (The NQ Mobile Security &amp; Antivirus (aka com.nqmobile.antivirus20)  ...)
 	NOT-FOR-US: NQ Mobile Security & Antivirus (aka com.nqmobile.antivirus20) application for Android
-CVE-2014-5671
+CVE-2014-5671 (The Super Stickman Golf (aka com.noodlecake.ssg) application 2.2 for A ...)
 	NOT-FOR-US: Super Stickman Golf (aka com.noodlecake.ssg) application for Android
-CVE-2014-5670
+CVE-2014-5670 (The SAS: Zombie Assault 3 (aka com.ninjakiwi.sas3zombieassault) applic ...)
 	NOT-FOR-US: SAS: Zombie Assault 3 (aka com.ninjakiwi.sas3zombieassault) application for Android
-CVE-2014-5669
+CVE-2014-5669 (The 9GAG - Funny pics and videos (aka com.ninegag.android.app) applica ...)
 	NOT-FOR-US: 9GAG - Funny pics and videos (aka com.ninegag.android.app) application for Android
-CVE-2014-5668
+CVE-2014-5668 (The BAND -Group sharing &amp; planning (aka com.nhn.android.band) appl ...)
 	NOT-FOR-US: BAND -Group sharing & planning (aka com.nhn.android.band) application for Android
-CVE-2014-5667
+CVE-2014-5667 (The Vault-Hide SMS, Pics &amp; Videos (aka com.netqin.ps) application  ...)
 	NOT-FOR-US: Vault-Hide SMS, Pics & Videos (aka com.netqin.ps) application for Android
-CVE-2014-5666
+CVE-2014-5666 (The AVD Download Video (aka com.myboyfriendisageek.videocatcher.demo)  ...)
 	NOT-FOR-US: AVD Download Video (aka com.myboyfriendisageek.videocatcher.demo) application for Android
-CVE-2014-5665
+CVE-2014-5665 (The Mzone Login (aka com.mr384.MzoneLogin) application 1.2.0 for Andro ...)
 	NOT-FOR-US: Mzone Login (aka com.mr384.MzoneLogin) application for Android
-CVE-2014-5664
+CVE-2014-5664 (The Spider Solitaire (aka com.mobilityware.spider) application 3.0.0 f ...)
 	NOT-FOR-US: Spider Solitaire (aka com.mobilityware.spider) application for Android
-CVE-2014-5663
+CVE-2014-5663 (The FreeCell Solitaire (aka com.mobilityware.freecell) application 2.1 ...)
 	NOT-FOR-US: FreeCell Solitaire (aka com.mobilityware.freecell) application for Android
-CVE-2014-5662
+CVE-2014-5662 (The Rail Rush (aka com.miniclip.railrush) application 1.9.0 for Androi ...)
 	NOT-FOR-US: Rail Rush (aka com.miniclip.railrush) application for Android
-CVE-2014-5661
+CVE-2014-5661 (The Anger of Stick 3 (aka com.miniclip.angerofstick3) application 1.0. ...)
 	NOT-FOR-US: Anger of Stick 3 (aka com.miniclip.angerofstick3) application for Android
-CVE-2014-5660
+CVE-2014-5660 (The TN Members 1st FCU-RDC (aka com.metova.cuae.tmffcu) application 1. ...)
 	NOT-FOR-US: TN Members 1st FCU-RDC (aka com.metova.cuae.tmffcu) application for Android
-CVE-2014-5659
+CVE-2014-5659 (The ASTRO File Manager with Cloud (aka com.metago.astro) application A ...)
 	NOT-FOR-US: ASTRO File Manager with Cloud (aka com.metago.astro) application for Android
-CVE-2014-5658
+CVE-2014-5658 (The MercadoLibre (aka com.mercadolibre) application 3.8.7 for Android  ...)
 	NOT-FOR-US: MercadoLibre (aka com.mercadolibre) application for Android
-CVE-2014-5657
+CVE-2014-5657 (The CA Lottery Results (aka com.matcho0.calotto) application 2.1 for A ...)
 	NOT-FOR-US: CA Lottery Results (aka com.matcho0.calotto) application for Android
-CVE-2014-5656
+CVE-2014-5656 (The TRA Auctions for Buyers (aka com.manheim.tra) application 2.6 for  ...)
 	NOT-FOR-US: TRA Auctions for Buyers (aka com.manheim.tra) application for Android
-CVE-2014-5655
+CVE-2014-5655 (The CM Browser - Fast &amp; Secure (aka com.ksmobile.cb) application 5 ...)
 	NOT-FOR-US: CM Browser - Fast & Secure (aka com.ksmobile.cb) application for Android
-CVE-2014-5654
+CVE-2014-5654 (The Kaspersky Internet Security (aka com.kms.free) application 11.4.4. ...)
 	NOT-FOR-US: Kaspersky Internet Security (aka com.kms.free) application for Android
-CVE-2014-5653
+CVE-2014-5653 (The Unblock Me FREE (aka com.kiragames.unblockmefree) application 1.4. ...)
 	NOT-FOR-US: Unblock Me FREE (aka com.kiragames.unblockmefree) application for Android
-CVE-2014-5652
+CVE-2014-5652 (The Kicksend Photo Prints (aka com.kicksend.android.print) application ...)
 	NOT-FOR-US: Kicksend Photo Prints (aka com.kicksend.android.print) application for Android
-CVE-2014-5651
+CVE-2014-5651 (The Kicksend: Share &amp; Print Photos (aka com.kicksend.android) appl ...)
 	NOT-FOR-US: Kicksend: Share & Print Photos (aka com.kicksend.android) application for Android
-CVE-2014-5650
+CVE-2014-5650 (The Traffic Jam Free (aka com.jiuzhangtech.rushhour) application 1.7.7 ...)
 	NOT-FOR-US: Traffic Jam Free (aka com.jiuzhangtech.rushhour) application for Android
-CVE-2014-5649
+CVE-2014-5649 (The iLove - Free Dating &amp; Chat App (aka com.jestadigital.android.i ...)
 	NOT-FOR-US: iLove - Free Dating & Chat App (aka com.jestadigital.android.ilove) application for Android
-CVE-2014-5648
+CVE-2014-5648 (The Chat, Flirt &amp; Dating Heart JAUMO (aka com.jaumo) application 2 ...)
 	NOT-FOR-US: Chat, Flirt & Dating Heart JAUMO (aka com.jaumo) application for Android
-CVE-2014-5647
+CVE-2014-5647 (The ISL Light Remote Desktop (aka com.islonline.isllight.mobile.androi ...)
 	NOT-FOR-US: ISL Light Remote Desktop (aka com.islonline.isllight.mobile.android) application for Android
-CVE-2014-5646
+CVE-2014-5646 (The AMC Security- Antivirus, Clean (aka com.iobit.mobilecare) applicat ...)
 	NOT-FOR-US: AMC Security- Antivirus, Clean (aka com.iobit.mobilecare) application for Android
-CVE-2014-5645
+CVE-2014-5645 (The CamScanner -Phone PDF Creator (aka com.intsig.camscanner) applicat ...)
 	NOT-FOR-US: CamScanner -Phone PDF Creator (aka com.intsig.camscanner) application for Android
-CVE-2014-5644
+CVE-2014-5644 (The Brightest LED Flashlight (aka com.intellectualflame.ledflashlight. ...)
 	NOT-FOR-US: Brightest LED Flashlight (aka com.intellectualflame.ledflashlight.washer) application for Android
-CVE-2014-5643
+CVE-2014-5643 (The Instachat -Instagram Messenger (aka com.instachat.android) applica ...)
 	NOT-FOR-US: Instachat -Instagram Messenger (aka com.instachat.android) application for Android
-CVE-2014-5642
+CVE-2014-5642 (The IMPI Mobile Security (aka com.impi) application 2.1.0 for Android  ...)
 	NOT-FOR-US: IMPI Mobile Security (aka com.impi) application for Android
-CVE-2014-5641
+CVE-2014-5641 (The Cloud Manager (aka com.ileaf.cloud_manager) application 1.6 for An ...)
 	NOT-FOR-US: Cloud Manager (aka com.ileaf.cloud_manager) application for Android
-CVE-2014-5640
+CVE-2014-5640 (The CM Backup -Restore,Cloud,Photo (aka com.ijinshan.kbackup) applicat ...)
 	NOT-FOR-US: CM Backup -Restore,Cloud,Photo (aka com.ijinshan.kbackup) application for Android
-CVE-2014-5639
+CVE-2014-5639 (The ADT Taxis (aka com.icabbi.adttaxisApp) application 6 for Android d ...)
 	NOT-FOR-US: ADT Taxis (aka com.icabbi.adttaxisApp) application for Android
-CVE-2014-5638
+CVE-2014-5638 (The Huntington Mobile (aka com.huntington.m) application 2.1.222 for A ...)
 	NOT-FOR-US: Huntington Mobile (aka com.huntington.m) application for Android
-CVE-2014-5637
+CVE-2014-5637 (The Eu Sei (aka com.guilardi.eusei) application eusei_android_5.5 for  ...)
 	NOT-FOR-US: Eu Sei (aka com.guilardi.eusei) application for Android
-CVE-2014-5636
+CVE-2014-5636 (The Cloud Browser (aka com.granitamalta.cloudbrowser) application 2.2. ...)
 	NOT-FOR-US: Cloud Browser (aka com.granitamalta.cloudbrowser) application for Android
-CVE-2014-5635
+CVE-2014-5635 (The Buy Yorkshire Conference (aka com.gotfocus.buyyorkshire) applicati ...)
 	NOT-FOR-US: Buy Yorkshire Conference (aka com.gotfocus.buyyorkshire) application for Android
-CVE-2014-5634
+CVE-2014-5634 (The Madipass Martinique (aka com.goodbarber.madipassmartinique) applic ...)
 	NOT-FOR-US: Madipass Martinique (aka com.goodbarber.madipassmartinique) application for Android
-CVE-2014-5633
+CVE-2014-5633 (The Kiss Kiss Office (aka com.girlsgames123.kisskissoffice) applicatio ...)
 	NOT-FOR-US: Kiss Kiss Office (aka com.girlsgames123.kisskissoffice) application for Android
-CVE-2014-5632
+CVE-2014-5632 (The Mega Jump (aka com.getsetgames.megajump) application @7F080002 for ...)
 	NOT-FOR-US: Mega Jump (aka com.getsetgames.megajump) application for Android
-CVE-2014-5631
+CVE-2014-5631 (The Video Poker Casino (aka com.geaxgame.videopoker) application 1.0.5 ...)
 	NOT-FOR-US: Video Poker Casino (aka com.geaxgame.videopoker) application for Android
-CVE-2014-5630
+CVE-2014-5630 (The Home Repair (aka com.gcspublishing.houserepairtalk) application 3. ...)
 	NOT-FOR-US: Home Repair (aka com.gcspublishing.houserepairtalk) application for Android
-CVE-2014-5629
+CVE-2014-5629 (The Stupid Zombies (aka com.gameresort.stupidzombies) application 1.12 ...)
 	NOT-FOR-US: Stupid Zombies (aka com.gameresort.stupidzombies) application for Android
-CVE-2014-5628
+CVE-2014-5628 (The Wonder Zoo - Animal rescue ! (aka com.gameloft.android.ANMP.GloftZ ...)
 	NOT-FOR-US: Wonder Zoo - Animal rescue ! (aka com.gameloft.android.ANMP.GloftZRHM) application for Android
-CVE-2014-5627
+CVE-2014-5627 (The Ice Age Village (aka com.gameloft.android.ANMP.GloftIAHM) applicat ...)
 	NOT-FOR-US: Ice Age Village (aka com.gameloft.android.ANMP.GloftIAHM) application for Android
-CVE-2014-5626
+CVE-2014-5626 (The Brothers In Arms 2 Free+ (aka com.gameloft.android.ANMP.GloftB2HM) ...)
 	NOT-FOR-US: Brothers In Arms 2 Free+ (aka com.gameloft.android.ANMP.GloftB2HM) application for Android
-CVE-2014-5625
+CVE-2014-5625 (The Perfect Kick (aka com.gamegou.PerfectKick.google) application 1.3. ...)
 	NOT-FOR-US: Perfect Kick (aka com.gamegou.PerfectKick.google) application for Android
-CVE-2014-5624
+CVE-2014-5624 (The Sniper Shooter Free - Fun Game (aka com.fungamesforfree.snipershoo ...)
 	NOT-FOR-US: Sniper Shooter Free - Fun Game (aka com.fungamesforfree.snipershooter.free) application for Android
-CVE-2014-5623
+CVE-2014-5623 (The penguinchefshop (aka com.freegames.penguinchefshop) application 1. ...)
 	NOT-FOR-US: penguinchefshop (aka com.freegames.penguinchefshop) application for Android
-CVE-2014-5622
+CVE-2014-5622 (The Follow Mania for Instagram (aka com.followmania) application 1.2.1 ...)
 	NOT-FOR-US: Follow Mania for Instagram (aka com.followmania) application for Android
-CVE-2014-5621
+CVE-2014-5621 (The Office Zombie (aka com.fluik.OfficeZombieGoogleFree) application 1 ...)
 	NOT-FOR-US: Office Zombie (aka com.fluik.OfficeZombieGoogleFree) application for Android
-CVE-2014-5620
+CVE-2014-5620 (The Office Jerk Free (aka com.fluik.OfficeJerkFree) application 1.7.13 ...)
 	NOT-FOR-US: Office Jerk Free (aka com.fluik.OfficeJerkFree) application for Android
 CVE-2014-5619
 	REJECTED
-CVE-2014-5618
+CVE-2014-5618 (The Cartoon Camera (aka com.fingersoft.cartooncamera) application 1.2. ...)
 	NOT-FOR-US: Cartoon Camera (aka com.fingersoft.cartooncamera) application for Android
-CVE-2014-5617
+CVE-2014-5617 (The Exsoul Web Browser (aka com.exsoul) application 3.3.3 for Android  ...)
 	NOT-FOR-US: Exsoul Web Browser (aka com.exsoul) application for Android
-CVE-2014-5616
+CVE-2014-5616 (The Web Browser &amp; Explorer (aka com.explore.web.browser) applicati ...)
 	NOT-FOR-US: Web Browser & Explorer (aka com.explore.web.browser) application for Android
-CVE-2014-5615
+CVE-2014-5615 (The Snap Secure (aka com.exclaim.snapsecure.app) application 9.5 for A ...)
 	NOT-FOR-US: Snap Secure (aka com.exclaim.snapsecure.app) application for Android
-CVE-2014-5614
+CVE-2014-5614 (The Love Collage - Photo Editor (aka com.etoolkit.lovecollage) applica ...)
 	NOT-FOR-US: Love Collage - Photo Editor (aka com.etoolkit.lovecollage) application for Android
-CVE-2014-5613
+CVE-2014-5613 (The Able Remote (aka com.entertailion.android.remote) application 2.3. ...)
 	NOT-FOR-US: Able Remote (aka com.entertailion.android.remote) application for Android
-CVE-2014-5612
+CVE-2014-5612 (The Gmarket (aka com.ebay.kr.gmarket) application 5.1.3 for Android do ...)
 	NOT-FOR-US: Gmarket (aka com.ebay.kr.gmarket) application for Android
-CVE-2014-5611
+CVE-2014-5611 (The eBay Kleinanzeigen for Germany (aka com.ebay.kleinanzeigen) applic ...)
 	NOT-FOR-US: eBay Kleinanzeigen for Germany (aka com.ebay.kleinanzeigen) application for Android
-CVE-2014-5610
+CVE-2014-5610 (The ce4arab market (aka com.dreamstep.wce4arabmarket) application 0.12 ...)
 	NOT-FOR-US: ce4arab market (aka com.dreamstep.wce4arabmarket) application for Android
-CVE-2014-5609
+CVE-2014-5609 (The Stickman Ski Racer (aka com.djinnworks.StickmanSkiRacer.free) appl ...)
 	NOT-FOR-US: Stickman Ski Racer (aka com.djinnworks.StickmanSkiRacer.free) application for Android
-CVE-2014-5608
+CVE-2014-5608 (The Line Runner (Free) (aka com.djinnworks.linerunnerfree) application ...)
 	NOT-FOR-US: Line Runner (Free) (aka com.djinnworks.linerunnerfree) application for Android
-CVE-2014-5607
+CVE-2014-5607 (The Where's My Water? Free (aka com.disney.WMWLite) application 1.9.1  ...)
 	NOT-FOR-US: Where's My Water? Free (aka com.disney.WMWLite) application for Android
-CVE-2014-5606
+CVE-2014-5606 (The Where's My Perry? Free (aka com.disney.WMPLite) application 1.5.1  ...)
 	NOT-FOR-US: Where's My Perry? Free (aka com.disney.WMPLite) application for Android
-CVE-2014-5605
+CVE-2014-5605 (The QQ Copy (aka com.digimobistudio.qqcopy) application 1 for Android  ...)
 	NOT-FOR-US: QQ Copy (aka com.digimobistudio.qqcopy) application for Android
-CVE-2014-5604
+CVE-2014-5604 (The Akinator the Genie FREE (aka com.digidust.elokence.akinator.freemi ...)
 	NOT-FOR-US: Akinator the Genie FREE (aka com.digidust.elokence.akinator.freemium) application for Android
-CVE-2014-5603
+CVE-2014-5603 (The DeskRoll Remote Desktop (aka com.deskroll.client1) application 0.6 ...)
 	NOT-FOR-US: DeskRoll Remote Desktop (aka com.deskroll.client1) application for Android
-CVE-2014-5602
+CVE-2014-5602 (The Magzter -Magazine &amp; Book Store (aka com.dci.magzter) applicati ...)
 	NOT-FOR-US: Magzter -Magazine & Book Store (aka com.dci.magzter) application for Android
-CVE-2014-5601
+CVE-2014-5601 (The 1800CONTACTS App (aka com.contacts1800.ecomapp) application 2.7.0  ...)
 	NOT-FOR-US: 1800CONTACTS App (aka com.contacts1800.ecomapp) application for Android
-CVE-2014-5600
+CVE-2014-5600 (The familyconnect (aka com.comcast.plaxo.familyconnect.app) applicatio ...)
 	NOT-FOR-US: familyconnect (aka com.comcast.plaxo.familyconnect.app) application for Android
-CVE-2014-5599
+CVE-2014-5599 (The Tiny Farm (aka com.com2us.tinyfarm.normal.freefull.google.global.a ...)
 	NOT-FOR-US: Tiny Farm (aka com.com2us.tinyfarm.normal.freefull.google.global.android.common) application for Android
-CVE-2014-5598
+CVE-2014-5598 (The Puzzle Family (aka com.com2us.puzzlefamily.up.freefull.google.glob ...)
 	NOT-FOR-US: Puzzle Family (aka com.com2us.puzzlefamily.up.freefull.google.global.android.common) application for Android
-CVE-2014-5597
+CVE-2014-5597 (The 9 Innings: 2014 Pro Baseball (aka com.com2us.nipb2013.normal.freef ...)
 	NOT-FOR-US: 9 Innings: 2014 Pro Baseball (aka com.com2us.nipb2013.normal.freefull.google.global.android.common) application for Android
-CVE-2014-5596
+CVE-2014-5596 (The Homerun Battle 2 (aka com.com2us.homerunbattle2.normal.freefull.go ...)
 	NOT-FOR-US: Homerun Battle 2 (aka com.com2us.homerunbattle2.normal.freefull.google.global.android.common) application for Android
-CVE-2014-5595
+CVE-2014-5595 (The actionpuzzlefamily for Kakao (aka com.com2us.actionpuzzlefamily.ka ...)
 	NOT-FOR-US: actionpuzzlefamily for Kakao (aka com.com2us.actionpuzzlefamily.kakao.freefull.google.global.android.common) application for Android
-CVE-2014-5594
+CVE-2014-5594 (The CIBC Mobile Banking (aka com.cibc.android.mobi) application 3.2 fo ...)
 	NOT-FOR-US: CIBC Mobile Banking (aka com.cibc.android.mobi) application for Android
-CVE-2014-5593
+CVE-2014-5593 (The Christian Dating Cafe (aka com.christiancafe.mobile.android) appli ...)
 	NOT-FOR-US: Christian Dating Cafe (aka com.christiancafe.mobile.android) application for Android
-CVE-2014-5592
+CVE-2014-5592 (The Free Dating Heart COL (aka com.choiceoflove.dating) application 2. ...)
 	NOT-FOR-US: Free Dating Heart COL (aka com.choiceoflove.dating) application for Android
-CVE-2014-5591
+CVE-2014-5591 (The Frankly Chat (aka com.chatfrankly.android) application 3.0.1 for A ...)
 	NOT-FOR-US: Frankly Chat (aka com.chatfrankly.android) application for Android
-CVE-2014-5590
+CVE-2014-5590 (The Snake Evolution (aka com.btwgames.snake) application 1.3.1 for And ...)
 	NOT-FOR-US: Snake Evolution (aka com.btwgames.snake) application for Android
-CVE-2014-5589
+CVE-2014-5589 (The Now Browser (Material) (aka com.browser.nowbasic) 2.8.1 applicatio ...)
 	NOT-FOR-US: Now Browser (Material) (aka com.browser.nowbasic) 2.8.1 application for Android
-CVE-2014-5588
+CVE-2014-5588 (The Free eBooks (aka com.bmfapps.freekindlebooks) application 14 for A ...)
 	NOT-FOR-US: Free eBooks (aka com.bmfapps.freekindlebooks) application for Android
-CVE-2014-5587
+CVE-2014-5587 (The brokenscreencrank (aka com.biggame.brokenscreencrank) application  ...)
 	NOT-FOR-US: brokenscreencrank (aka com.biggame.brokenscreencrank) application for Android
-CVE-2014-5586
+CVE-2014-5586 (The BIATNET (aka com.biatnet.mobile) application 1.1 for Android does  ...)
 	NOT-FOR-US: BIATNET (aka com.biatnet.mobile) application for Android
-CVE-2014-5585
+CVE-2014-5585 (The Like4Like: Get Instagram Likes (aka com.bepop.bepop) application 2 ...)
 	NOT-FOR-US: Like4Like: Get Instagram Likes (aka com.bepop.bepop) application for Android
-CVE-2014-5584
+CVE-2014-5584 (The Background Check BeenVerified (aka com.beenverified.android) appli ...)
 	NOT-FOR-US: Background Check BeenVerified (aka com.beenverified.android) application for Android
-CVE-2014-5583
+CVE-2014-5583 (The Most Popular Ringtones (aka com.bbs.mostpopularringtones) applicat ...)
 	NOT-FOR-US: Most Popular Ringtones (aka com.bbs.mostpopularringtones) application for Android
-CVE-2014-5582
+CVE-2014-5582 (The Ingress Intel Helper (aka com.bb.ingressintel) application 1.2 for ...)
 	NOT-FOR-US: Ingress Intel Helper (aka com.bb.ingressintel) application for Android
-CVE-2014-5581
+CVE-2014-5581 (The mirror photo shape (aka com.baiwang.styleinstamirror) application  ...)
 	NOT-FOR-US: mirror photo shape (aka com.baiwang.styleinstamirror) application for Android
-CVE-2014-5580
+CVE-2014-5580 (The BackgroundCheckProTool (aka com.BackgroundCheckProTool) applicatio ...)
 	NOT-FOR-US: BackgroundCheckProTool (aka com.BackgroundCheckProTool) application for Android
-CVE-2014-5579
+CVE-2014-5579 (The Anywhere Pad-Meet, Collaborate (aka com.azeus.anywherepad) applica ...)
 	NOT-FOR-US: Anywhere Pad-Meet, Collaborate (aka com.azeus.anywherepad) application for Android
-CVE-2014-5578
+CVE-2014-5578 (The Trading 212 FOREX (aka com.avuscapital.trading212) application bef ...)
 	NOT-FOR-US: Trading 212 FOREX (aka com.avuscapital.trading212) application for Android
-CVE-2014-5577
+CVE-2014-5577 (The AVON Buy &amp; Sell (aka com.AVONBeautyntheRep) application 0.3 fo ...)
 	NOT-FOR-US: AVON Buy & Sell (aka com.AVONBeautyntheRep) application for Android
-CVE-2014-5576
+CVE-2014-5576 (The Avira Secure Backup (aka com.avira.avirabackup) application 1.2.3  ...)
 	NOT-FOR-US: Avira Secure Backup (aka com.avira.avirabackup) application for Android
 CVE-2014-5575
 	REJECTED
-CVE-2014-5574
+CVE-2014-5574 (The Ask.fm - Social Q&amp;A Network (aka com.askfm) application 1.2.4  ...)
 	NOT-FOR-US: Ask.fm - Social Q&A Network (aka com.askfm) application for Android
-CVE-2014-5573
+CVE-2014-5573 (The Appstros - FREE Gift Cards! (aka com.appstros.main) application 1. ...)
 	NOT-FOR-US: Appstros - FREE Gift Cards! (aka com.appstros.main) application for Android
-CVE-2014-5572
+CVE-2014-5572 (The Jazzpodium De Tor (aka com.appmakr.app273713) application 206160 f ...)
 	NOT-FOR-US: Jazzpodium De Tor (aka com.appmakr.app273713) application for Android
-CVE-2014-5571
+CVE-2014-5571 (The Appeak Poker (aka com.appeak.poker) application 2.4.5 for Android  ...)
 	NOT-FOR-US: Appeak Poker (aka com.appeak.poker) application for Android
-CVE-2014-5570
+CVE-2014-5570 (The DailyFinance - Stocks &amp; News (aka com.aol.mobile.dailyFinance) ...)
 	NOT-FOR-US: DailyFinance - Stocks & News (aka com.aol.mobile.dailyFinance) application for Android
-CVE-2014-5569
+CVE-2014-5569 (The Star Girl (aka com.animoca.google.starGirl) application 3.4.1 for  ...)
 	NOT-FOR-US: Star Girl (aka com.animoca.google.starGirl) application for Android
-CVE-2014-5568
+CVE-2014-5568 (The Las Vegas Lottery Scratch Off (aka com.androkera.lottery) applicat ...)
 	NOT-FOR-US: Las Vegas Lottery Scratch Off (aka com.androkera.lottery) application for Android
-CVE-2014-5567
+CVE-2014-5567 (The hasb_e_haal (aka com.anawaz.hasb_e_haal) application 1.0.9 for And ...)
 	NOT-FOR-US: hasb_e_haal (aka com.anawaz.hasb_e_haal) application for Android
-CVE-2014-5566
+CVE-2014-5566 (The Selfshot - Front Flash Camera (aka com.americos.selfshot) applicat ...)
 	NOT-FOR-US: Selfshot - Front Flash Camera (aka com.americos.selfshot) application for Android
-CVE-2014-5565
+CVE-2014-5565 (The GadgetTrak Mobile Security (aka com.activetrak.android.app) applic ...)
 	NOT-FOR-US: GadgetTrak Mobile Security (aka com.activetrak.android.app) application for Android
-CVE-2014-5564
+CVE-2014-5564 (The Angry Gran Toss (aka com.aceviral.angrygrantoss) application 1.1.1 ...)
 	NOT-FOR-US: Angry Gran Toss (aka com.aceviral.angrygrantoss) application for Android
-CVE-2014-5563
+CVE-2014-5563 (The Show do Milhao 2014 (aka br.com.lgrmobile.sdm) application 1.4.6 f ...)
 	NOT-FOR-US: Show do Milhao 2014 (aka br.com.lgrmobile.sdm) application for Android
-CVE-2014-5562
+CVE-2014-5562 (The Coles Credit Card App (aka au.com.colesfinancialservices.mobile) a ...)
 	NOT-FOR-US: Coles Credit Card App (aka au.com.colesfinancialservices.mobile) application for Android
-CVE-2014-5561
+CVE-2014-5561 (The Word Search Free (aka air.wordSearchFree) application 4.9 for Andr ...)
 	NOT-FOR-US: Word Search Free (aka air.wordSearchFree) application for Android
-CVE-2014-5560
+CVE-2014-5560 (The Popscene (Music Industry Sim) (aka air.Popscene) application 1.04  ...)
 	NOT-FOR-US: Popscene (Music Industry Sim) (aka air.Popscene) application for Android
-CVE-2014-5559
+CVE-2014-5559 (The Kids GoldFish Care (aka air.josiane.sauveterre.kidsgoldfishcare) a ...)
 	NOT-FOR-US: Kids GoldFish Care (aka air.josiane.sauveterre.kidsgoldfishcare) application for Android
-CVE-2014-5558
+CVE-2014-5558 (The Hard Time (Prison Sim) (aka air.HardTime) application 1.111 for An ...)
 	NOT-FOR-US: Hard Time (Prison Sim) (aka air.HardTime) application for Android
-CVE-2014-5557
+CVE-2014-5557 (The America's Economy for Phone (aka air.gov.census.mobile.phone.ameri ...)
 	NOT-FOR-US: America's Economy for Phone (aka air.gov.census.mobile.phone.americaseconomy) application for Android
-CVE-2014-5556
+CVE-2014-5556 (The Fly Fishing &amp; Fly Tying (aka air.com.yudu.ReaderAIR3209899) ap ...)
 	NOT-FOR-US: Fly Fishing & Fly Tying (aka air.com.yudu.ReaderAIR3209899) application for Android
-CVE-2014-5555
+CVE-2014-5555 (The Counting &amp; Addition Kids Games (aka air.com.tribalnova.ilearnw ...)
 	NOT-FOR-US: Counting & Addition Kids Games (aka air.com.tribalnova.ilearnwith.ipad.PokoAddEn) application for Android
-CVE-2014-5554
+CVE-2014-5554 (The Fun Preschool Creativity Game (aka air.com.tribalnova.ilearnwith.i ...)
 	NOT-FOR-US: Fun Preschool Creativity Game (aka air.com.tribalnova.ilearnwith.ipad.MotherAppEn) application for Android
-CVE-2014-5553
+CVE-2014-5553 (The Kids Preschool Learning Games (aka air.com.tribalnova.ilearnwith.i ...)
 	NOT-FOR-US: Kids Preschool Learning Games (aka air.com.tribalnova.ilearnwith.ipad.App3En) application for Android
-CVE-2014-5552
+CVE-2014-5552 (The Numbers &amp; Addition! Math games (aka air.com.tribalnova.ilearnw ...)
 	NOT-FOR-US: Numbers & Addition! Math games (aka air.com.tribalnova.ilearnwith.ipad.App2En) application for Android
-CVE-2014-5551
+CVE-2014-5551 (The Alphabet &amp; Spelling Kids Games (aka air.com.tribalnova.ilearnw ...)
 	NOT-FOR-US: Alphabet & Spelling Kids Games (aka air.com.tribalnova.ilearnwith.ipad.App1En) application for Android
-CVE-2014-5550
+CVE-2014-5550 (The Animals! Kids Preschool Games (aka air.com.tribalnova.Animals) app ...)
 	NOT-FOR-US: Animals! Kids Preschool Games (aka air.com.tribalnova.Animals) application for Android
-CVE-2014-5549
+CVE-2014-5549 (The Puppy Slots (aka air.com.starluxstudios.PuppySlotsFree) applicatio ...)
 	NOT-FOR-US: Puppy Slots (aka air.com.starluxstudios.PuppySlotsFree) application for Android
-CVE-2014-5548
+CVE-2014-5548 (The Christmas Words (aka air.com.sevenBulls.summerWords) application 1 ...)
 	NOT-FOR-US: Christmas Words (aka air.com.sevenBulls.summerWords) application for Android
-CVE-2014-5547
+CVE-2014-5547 (The Mahjong Galaxy Space Lite (aka air.com.permadi.mahjongIris) applic ...)
 	NOT-FOR-US: Mahjong Galaxy Space Lite (aka air.com.permadi.mahjongIris) application for Android
-CVE-2014-5546
+CVE-2014-5546 (The Africa Memory (aka air.com.klon4enabor4e.AfricaMemory) application ...)
 	NOT-FOR-US: Africa Memory (aka air.com.klon4enabor4e.AfricaMemory) application for Android
-CVE-2014-5545
+CVE-2014-5545 (The Sprint jump (aka air.com.ilaz.appilas) application 1 for Android d ...)
 	NOT-FOR-US: Sprint jump (aka air.com.ilaz.appilas) application for Android
-CVE-2014-5544
+CVE-2014-5544 (The SongPop (aka air.com.freshplanet.games.WaM) application 1.21.2 for ...)
 	NOT-FOR-US: SongPop (aka air.com.freshplanet.games.WaM) application for Android
-CVE-2014-5543
+CVE-2014-5543 (The Hidden Object - Alice Free (aka air.com.differencegames.hovisionso ...)
 	NOT-FOR-US: Hidden Object - Alice Free (aka air.com.differencegames.hovisionsofalicefree) application for Android
-CVE-2014-5542
+CVE-2014-5542 (The Hidden Object Mystery (aka air.com.differencegames.hodetectivemyst ...)
 	NOT-FOR-US: Hidden Object Mystery (aka air.com.differencegames.hodetectivemysteryfree) application for Android
-CVE-2014-5541
+CVE-2014-5541 (The Hidden Memory - Aladdin FREE! (aka air.com.differencegames.hmaladd ...)
 	NOT-FOR-US: Hidden Memory - Aladdin FREE! (aka air.com.differencegames.hmaladdinfree) application for Android
-CVE-2014-5540
+CVE-2014-5540 (The Flick a Trade (aka air.com.cygnecode.fat) application 3.3 for Andr ...)
 	NOT-FOR-US: Flick a Trade (aka air.com.cygnecode.fat) application for Android
-CVE-2014-5539
+CVE-2014-5539 (The Michael Baker FCU (aka air.com.creditunionhomebanking.mb155) appli ...)
 	NOT-FOR-US: Michael Baker FCU (aka air.com.creditunionhomebanking.mb155) application for Android
-CVE-2014-5538
+CVE-2014-5538 (The Westmoreland Water FCU (aka air.com.creditunionhomebanking.mb115)  ...)
 	NOT-FOR-US: Westmoreland Water FCU (aka air.com.creditunionhomebanking.mb115) application for Android
-CVE-2014-5537
+CVE-2014-5537 (The Abduction Stacker Free (aka air.com.chewygames.abductionstacker2)  ...)
 	NOT-FOR-US: Abduction Stacker Free (aka air.com.chewygames.abductionstacker2) application for Android
-CVE-2014-5536
+CVE-2014-5536 (The Bingo Bash - Free Bingo Casino (aka air.com.bitrhymes.bingo) appli ...)
 	NOT-FOR-US: Bingo Bash - Free Bingo Casino (aka air.com.bitrhymes.bingo) application for Android
-CVE-2014-5535
+CVE-2014-5535 (The Baby Get Up - Kids Care (aka air.brown.jordansa.getup) application ...)
 	NOT-FOR-US: Baby Get Up - Kids Care (aka air.brown.jordansa.getup) application for Android
-CVE-2014-5534
+CVE-2014-5534 (The Princess Shopping (aka air.android.PrincessShopping) application 2 ...)
 	NOT-FOR-US: Princess Shopping (aka air.android.PrincessShopping) application for Android
 CVE-2014-5533
 	REJECTED
-CVE-2014-5532
+CVE-2014-5532 (The Honolulu (aka adidas.jp.android.running.honolulu) application 2 fo ...)
 	NOT-FOR-US: Honolulu (aka adidas.jp.android.running.honolulu) application for Android
-CVE-2014-5531
+CVE-2014-5531 (The Abode (aka abode.webview) application 1.7 for Android does not ver ...)
 	NOT-FOR-US: Abode (aka abode.webview) application for Android
 CVE-2014-5530
 	REJECTED
-CVE-2014-5529
+CVE-2014-5529 (The Gameloft library for Android does not verify X.509 certificates fr ...)
 	NOT-FOR-US: Gameloft library for Android
-CVE-2014-5528
+CVE-2014-5528 (The Appsflyer library for Android does not verify X.509 certificates f ...)
 	NOT-FOR-US: Appsflyer library for Android
-CVE-2014-5527
+CVE-2014-5527 (The Tapjoy library for Android does not verify X.509 certificates from ...)
 	NOT-FOR-US: Tapjoy library for Android
-CVE-2014-5526
+CVE-2014-5526 (The Inmobi library for Android does not verify X.509 certificates from ...)
 	NOT-FOR-US: Inmobi library for Android
-CVE-2014-5525
+CVE-2014-5525 (The MoMinis library for Android does not verify X.509 certificates fro ...)
 	NOT-FOR-US: MoMinis library for Android
-CVE-2014-5524
+CVE-2014-5524 (The Adcolony library for Android does not verify X.509 certificates fr ...)
 	NOT-FOR-US: Adcolony library for Android
 CVE-2014-5523
 	REJECTED
 CVE-2014-5522
 	REJECTED
-CVE-2014-5521
+CVE-2014-5521 (plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows  ...)
 	NOT-FOR-US: XRMS CRM
-CVE-2014-5520
+CVE-2014-5520 (SQL injection vulnerability in XRMS CRM, possibly 1.99.2, allows remot ...)
 	NOT-FOR-US: XRMS CRM
 CVE-2014-5518
 	RESERVED
@@ -11700,21 +11700,21 @@ CVE-2014-5511
 	- ntopng 1.2.1+dfsg1-1 (bug #760990)
 CVE-2014-5510
 	RESERVED
-CVE-2014-5508
+CVE-2014-5508 (Multiple integer overflows in the HelpServ module (mod-helpserv.c) in  ...)
 	NOT-FOR-US: srvx (irc services)
-CVE-2014-5507
+CVE-2014-5507 (iBackup 10.0.0.32 and earlier uses weak permissions (Everyone: Full Co ...)
 	NOT-FOR-US: iBackup
-CVE-2014-5506
+CVE-2014-5506 (Double free vulnerability in SAP Crystal Reports allows remote attacke ...)
 	NOT-FOR-US: SAP Crystal Reports
-CVE-2014-5505
+CVE-2014-5505 (Stack-based buffer overflow in SAP Crystal Reports allows remote attac ...)
 	NOT-FOR-US: SAP Crystal Reports
-CVE-2014-5504
+CVE-2014-5504 (SolarWinds Log and Event Manager before 6.0 uses "static" credentials, ...)
 	NOT-FOR-US: SolarWinds
-CVE-2014-5503
+CVE-2014-5503 (SQL injection vulnerability in the Guest Login Portal in the Sophos Cy ...)
 	NOT-FOR-US: Sophos Cyberoam CyberoamOS
-CVE-2014-5502
+CVE-2014-5502 (The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows ...)
 	NOT-FOR-US: Sophos Cyberoam CyberoamOS
-CVE-2014-5501
+CVE-2014-5501 (Stack-based buffer overflow in the diagnose service in the Sophos Cybe ...)
 	NOT-FOR-US: Sophos Cyberoam CyberoamOS
 CVE-2014-5500
 	RESERVED
@@ -11780,81 +11780,81 @@ CVE-2014-5468
 	RESERVED
 CVE-2014-5467
 	RESERVED
-CVE-2014-5466
+CVE-2014-5466 (Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk We ...)
 	NOT-FOR-US: Splunk
-CVE-2014-5465
+CVE-2014-5465 (Directory traversal vulnerability in force-download.php in the Downloa ...)
 	NOT-FOR-US: WordPress plugin Download Shortcode
 CVE-2014-5463
 	RESERVED
-CVE-2014-5462
+CVE-2014-5462 (Multiple SQL injection vulnerabilities in OpenEMR 4.1.2 (Patch 7) and  ...)
 	NOT-FOR-US: OpenEMR
-CVE-2014-5460
+CVE-2014-5460 (Unrestricted file upload vulnerability in the Tribulant Slideshow Gall ...)
 	NOT-FOR-US: Tribulant Slideshow Gallery plugin for WordPress
-CVE-2014-6269
+CVE-2014-6269 (Multiple integer overflows in the http_request_forward_body function i ...)
 	- haproxy 1.5.4-1
 	[squeeze] - haproxy <not-affected> (Vulnerable code not present)
 	NOTE: http://article.gmane.org/gmane.comp.web.haproxy/17726
 	NOTE: http://article.gmane.org/gmane.comp.web.haproxy/18097
 	NOTE: http://git.haproxy.org/?p=haproxy-1.5.git;a=commitdiff;h=b4d05093bc89f71377230228007e69a1434c1a0c
-CVE-2014-5256
+CVE-2014-5256 (Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider th ...)
 	- nodejs <unfixed> (unimportant; bug #760385)
 	NOTE: libv8 is not covered by security support
-CVE-2014-7402
+CVE-2014-7402 (The SK encar (aka com.encardirect.app) application @7F050000 for Andro ...)
 	NOT-FOR-US: SK encar (aka com.encardirect.app) application for Android
-CVE-2014-6070
+CVE-2014-6070 (Multiple cross-site scripting (XSS) vulnerabilities in Adiscon LogAnal ...)
 	- loganalyzer 3.6.6+dfsg-1 (bug #760372)
-CVE-2014-6029
+CVE-2014-6029 (TorrentFlux 2.4 allows remote authenticated users to delete or modify  ...)
 	- torrentflux <removed> (bug #759573)
 	[wheezy] - torrentflux <no-dsa> (Minor issue)
 	[squeeze] - torrentflux <no-dsa> (Minor issue)
-CVE-2014-6028
+CVE-2014-6028 (TorrentFlux 2.4 allows remote authenticated users to obtain other user ...)
 	- torrentflux <removed> (bug #759573)
 	[wheezy] - torrentflux <no-dsa> (Minor issue)
 	[squeeze] - torrentflux <no-dsa> (Minor issue)
-CVE-2014-6027
+CVE-2014-6027 (Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.4 ...)
 	- torrentflux <removed> (bug #759574)
 	[wheezy] - torrentflux <no-dsa> (Minor issue)
 	[squeeze] - torrentflux <no-dsa> (Minor issue)
-CVE-2014-6040
+CVE-2014-6040 (GNU C Library (aka glibc) before 2.20 allows context-dependent attacke ...)
 	{DSA-3142-1 DLA-97-1}
 	- glibc 2.19-12
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Will be fixed in a point update)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17325
 	NOTE: https://sourceware.org/ml/libc-alpha/2014-08/msg00473.html
-CVE-2014-5519
+CVE-2014-5519 (The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execut ...)
 	- phpwiki <removed>
-CVE-2014-5509
+CVE-2014-5509 (clipedit in the Clipboard module for Perl allows local users to delete ...)
 	- libclipboard-perl <not-affected> (Fixed with initial upload to Debian)
-CVE-2014-5458
+CVE-2014-5458 (SQL injection vulnerability in sqrl_verify.php in php-sqrl allows remo ...)
 	NOT-FOR-US: php-sqrl
-CVE-2014-5457
+CVE-2014-5457 (QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-R ...)
 	NOT-FOR-US: QNAP
-CVE-2014-5456
+CVE-2014-5456 (Cross-site scripting (XSS) vulnerability in the Social Stats module be ...)
 	NOT-FOR-US: Drupal Social Stats module
-CVE-2014-5455
+CVE-2014-5455 (Unquoted Windows search path vulnerability in the ptservice service in ...)
 	NOT-FOR-US: PrivateTunnel as bundled in OpenVPN
-CVE-2014-5454
+CVE-2014-5454 (Unrestricted file upload vulnerability in the image upload module in S ...)
 	NOT-FOR-US: SAS Visual Analytics
-CVE-2014-5453
+CVE-2014-5453 (Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Ful ...)
 	NOT-FOR-US: Ubisoft Uplay PC
-CVE-2014-5452
+CVE-2014-5452 (CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibili ...)
 	NOT-FOR-US: HL7 C-CDA
-CVE-2014-5451
+CVE-2014-5451 (Cross-site scripting (XSS) vulnerability in manager/templates/default/ ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2014-5446
+CVE-2014-5446 (Directory traversal vulnerability in the DisplayChartPDF servlet in ZO ...)
 	NOT-FOR-US: ZOHO
-CVE-2014-5445
+CVE-2014-5445 (Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine  ...)
 	NOT-FOR-US: ZOHO
-CVE-2014-5444
+CVE-2014-5444 (Geary before 0.6.3 does not present the user with a warning when a TLS ...)
 	- geary 0.6.3-1
 	NOTE: Upstream bugreport: https://bugzilla.gnome.org/show_bug.cgi?id=713247
 	NOTE: Upstream fix: https://git.gnome.org/browse/geary/commit/?h=geary-0.6&id=55f06a7bdcedb7efde6a516bde626ea28793ca7e
 CVE-2014-5442
 	RESERVED
-CVE-2014-5441
+CVE-2014-5441 (Multiple cross-site scripting (XSS) vulnerabilities in app/views/layou ...)
 	NOT-FOR-US: Fat Free CRM
-CVE-2014-5440
+CVE-2014-5440 (SQL injection vulnerability in Login.aspx in MPEX Business Solutions M ...)
 	NOT-FOR-US: MX-SmartTimer
 CVE-2014-5439
 	RESERVED
@@ -11862,9 +11862,9 @@ CVE-2014-5439
 	- sniffit 0.3.7.beta-20 (bug #845122)
 	[jessie] - sniffit 0.3.7.beta-17+deb8u1
 	NOTE: http://hmarco.org/bugs/CVE-2014-5439-sniffit_0.3.7-stack-buffer-overflow.html
-CVE-2014-5438
+CVE-2014-5438 (Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT ...)
 	NOT-FOR-US: Arris Touchstone
-CVE-2014-5437
+CVE-2014-5437 (Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS To ...)
 	NOT-FOR-US: Arris Touchstone
 CVE-2014-5436
 	RESERVED
@@ -11878,101 +11878,101 @@ CVE-2014-5432
 	RESERVED
 CVE-2014-5431
 	RESERVED
-CVE-2014-5430
+CVE-2014-5430 (Untrusted search path vulnerability in ABB RobotStudio 5.6x before 5.6 ...)
 	NOT-FOR-US: ABB RobotStudio
-CVE-2014-5429
+CVE-2014-5429 (DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and  ...)
 	NOT-FOR-US: Elipse SCADA
-CVE-2014-5428
+CVE-2014-5428 (Unrestricted file upload vulnerability in unspecified web services in  ...)
 	NOT-FOR-US: Johnson Controls Metasys
-CVE-2014-5427
+CVE-2014-5427 (Johnson Controls Metasys 4.1 through 6.5, as used in Application and D ...)
 	NOT-FOR-US: Johnson Controls Metasys
-CVE-2014-5426
+CVE-2014-5426 (MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attack ...)
 	NOT-FOR-US: MatrikonOPC
-CVE-2014-5425
+CVE-2014-5425 (IOServer before Beta2112.exe allows remote attackers to cause a denial ...)
 	NOT-FOR-US: IOServer
-CVE-2014-5424
+CVE-2014-5424 (Rockwell Automation Connected Components Workbench (CCW) before 7.00.0 ...)
 	NOT-FOR-US: Rockwell Automation Connected Components Workbench
-CVE-2014-5423
+CVE-2014-5423 (CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0. ...)
 	NOT-FOR-US: CareFusion
-CVE-2014-5422
+CVE-2014-5422 (CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0. ...)
 	NOT-FOR-US: CareFusion
-CVE-2014-5421
+CVE-2014-5421 (CareFusion Pyxis SupplyStation 8.1 with hardware test tool 1.0.16 and  ...)
 	NOT-FOR-US: CareFusion
-CVE-2014-5420
+CVE-2014-5420 (CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0. ...)
 	NOT-FOR-US: CareFusion
-CVE-2014-5419
+CVE-2014-5419 (GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware  ...)
 	NOT-FOR-US: GE Multilink
-CVE-2014-5418
+CVE-2014-5418 (GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware  ...)
 	NOT-FOR-US: GE Multilink
-CVE-2014-5417
+CVE-2014-5417 (Cross-site scripting (XSS) vulnerability in Meinberg NTP Server firmwa ...)
 	NOT-FOR-US: Meinberg NTP Server firmware on LANTIME M-Series devices
 CVE-2014-5416
 	REJECTED
-CVE-2014-5415
+CVE-2014-5415 (Beckhoff Embedded PC images before 2014-10-22 and Automation Device Sp ...)
 	NOT-FOR-US: Beckhoff Embedded PC image
-CVE-2014-5414
+CVE-2014-5414 (Beckhoff Embedded PC images before 2014-10-22 and Automation Device Sp ...)
 	NOT-FOR-US: Beckhoff Embedded PC image
-CVE-2014-5413
+CVE-2014-5413 (Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 throug ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5412
+CVE-2014-5412 (Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 throug ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5411
+CVE-2014-5411 (Multiple cross-site scripting (XSS) vulnerabilities in Schneider Elect ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5410
+CVE-2014-5410 (The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400  ...)
 	NOT-FOR-US: MicroLogix controller
-CVE-2014-5409
+CVE-2014-5409 (The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE D ...)
 	NOT-FOR-US: GE Digital Energy Hydran
-CVE-2014-5408
+CVE-2014-5408 (Cross-site scripting (XSS) vulnerability in the login script in the Wi ...)
 	NOT-FOR-US: Nordex Control 2
-CVE-2014-5407
+CVE-2014-5407 (Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2. ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5406
+CVE-2014-5406 (The Hospira LifeCare PCA Infusion System before 7.0 does not validate  ...)
 	NOT-FOR-US: Hospira LifeCare
-CVE-2014-5405
+CVE-2014-5405 (Hospira MedNet before 6.1 uses a hardcoded cleartext password to contr ...)
 	NOT-FOR-US: Hospira MedNet
 CVE-2014-5404
 	REJECTED
-CVE-2014-5403
+CVE-2014-5403 (Hospira MedNet before 6.1 uses hardcoded cryptographic keys for protec ...)
 	NOT-FOR-US: Hospira MedNet
 CVE-2014-5402
 	REJECTED
 CVE-2014-5401
 	RESERVED
-CVE-2014-5400
+CVE-2014-5400 (The installation component in Hospira MedNet before 6.1 places clearte ...)
 	NOT-FOR-US: Hospira MedNet
-CVE-2014-5399
+CVE-2014-5399 (SQL injection vulnerability in Schneider Electric Wonderware Informati ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5398
+CVE-2014-5398 (Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1  ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5397
+CVE-2014-5397 (Cross-site scripting (XSS) vulnerability in Schneider Electric Wonderw ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-5396
+CVE-2014-5396 (The web interface in Schrack Technik microControl with firmware before ...)
 	NOT-FOR-US: Schrack Technik microControl
-CVE-2014-5395
+CVE-2014-5395 (Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei H ...)
 	NOT-FOR-US: Huawei Routers
-CVE-2014-5394
+CVE-2014-5394 (Multiple Huawei Campus switches allow remote attackers to enumerate us ...)
 	NOT-FOR-US: Huawei
-CVE-2014-5393
+CVE-2014-5393 (Directory traversal vulnerability in the JobScheduler Operations Cente ...)
 	NOT-FOR-US: JobScheduler
-CVE-2014-5392
+CVE-2014-5392 (XML External Entity (XXE) vulnerability in JobScheduler before 1.6.424 ...)
 	NOT-FOR-US: JobScheduler
-CVE-2014-5391
+CVE-2014-5391 (Cross-site scripting (XSS) vulnerability in the JobScheduler Operation ...)
 	NOT-FOR-US: JobScheduler
 CVE-2014-5390
 	RESERVED
-CVE-2014-5389
+CVE-2014-5389 (SQL injection vulnerability in content-audit-schedule.php in the Conte ...)
 	NOT-FOR-US: WordPress plugin Content Audit
-CVE-2014-5387
+CVE-2014-5387 (Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine be ...)
 	NOT-FOR-US: EllisLab ExpressionEngine Core
-CVE-2014-5386
+CVE-2014-5386 (The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cp ...)
 	NOT-FOR-US: Facebook HipHop Virtual Machine
-CVE-2014-5385
+CVE-2014-5385 (com/salesmanager/central/profile/ProfileAction.java in Shopizer 1.1.5  ...)
 	NOT-FOR-US: Shopizer
-CVE-2014-5384
+CVE-2014-5384 (The VIQR module in the iconv implementation in FreeBSD 10.0 before p6  ...)
 	NOT-FOR-US: iconv system library of FreeBSD and NetBSD
-CVE-2014-5383
+CVE-2014-5383 (SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows re ...)
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-5472
+CVE-2014-5472 (The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the ...)
 	{DLA-103-1}
 	- linux 3.16.2-1
 	[wheezy] - linux 3.2.63-1
@@ -11980,7 +11980,7 @@ CVE-2014-5472
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=88
 	NOTE: https://github.com/torvalds/linux/commit/410dd3cf4c9b36f27ed4542ee18b1af5e68645a4
 	NOTE: commit contained first in v3.17-rc2
-CVE-2014-5471
+CVE-2014-5471 (Stack consumption vulnerability in the parse_rock_ridge_inode_internal ...)
 	{DLA-103-1}
 	- linux 3.16.2-1
 	[wheezy] - linux 3.2.63-1
@@ -11988,25 +11988,25 @@ CVE-2014-5471
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=88
 	NOTE: https://github.com/torvalds/linux/commit/410dd3cf4c9b36f27ed4542ee18b1af5e68645a4
 	NOTE: commit contained first in v3.17-rc2
-CVE-2014-5464
+CVE-2014-5464 (Cross-site scripting (XSS) vulnerability in the nDPI traffic classific ...)
 	- ntopng 1.2.1+dfsg1-1 (bug #760990)
 	NOTE: http://seclists.org/fulldisclosure/2014/Aug/65
-CVE-2014-5459
+CVE-2014-5459 (The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows lo ...)
 	- php5 <removed> (unimportant; bug #682157; bug #759282)
 	NOTE: Although #682157 and #759282 got closed the issues with unsafe use of
 	NOTE: /tmp are not yet resolved, cf. https://bugs.debian.org/682157#36
 	NOTE: Neutralised by kernel hardening
-CVE-2014-5450
+CVE-2014-5450 (Zarafa Collaboration Platform 4.1 uses world-readable permissions for  ...)
 	- zarafa <itp> (bug #658433)
-CVE-2014-5449
+CVE-2014-5449 (Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for th ...)
 	- zarafa <itp> (bug #658433)
-CVE-2014-5448
+CVE-2014-5448 (Zarafa 5.00 uses world-readable permissions for the files in the log d ...)
 	- zarafa <itp> (bug #658433)
-CVE-2014-5447
+CVE-2014-5447 (Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions (644 ...)
 	- zarafa <itp> (bug #658433)
-CVE-2014-5443
+CVE-2014-5443 (Seafile Server before 3.1.2 and Server Professional Edition before 3.1 ...)
 	- seafile <not-affected> (Fixed before initial upload to the archive)
-CVE-2014-5388
+CVE-2014-5388 (Off-by-one error in the pci_read function in the ACPI PCI hotplug inte ...)
 	- qemu 2.1+dfsg-5
 	[squeeze] - qemu <not-affected> (Introduced in 1.7)
 	[wheezy] - qemu <not-affected> (Introduced in 1.7)
@@ -12015,7 +12015,7 @@ CVE-2014-5388
 	[wheezy] - qemu-kvm <not-affected> (Introduced in 1.7)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-08/msg03338.html
 	NOTE: Introduced in  http://git.qemu.org/?p=qemu.git;a=commit;h=db4728e6fec0364b866d3106125974eedc00e091
-CVE-2014-5382
+CVE-2014-5382 (Multiple cross-site scripting (XSS) vulnerabilities in the web interfa ...)
 	NOT-FOR-US: Schrack Technik microControl
 CVE-2014-5381
 	RESERVED
@@ -12025,11 +12025,11 @@ CVE-2014-5379
 	RESERVED
 CVE-2014-5378
 	RESERVED
-CVE-2014-5377
+CVE-2014-5377 (ReadUsersFromMasterServlet in ManageEngine DeviceExpert before 5.9 bui ...)
 	NOT-FOR-US: ManageEngine DeviceExpert
-CVE-2014-5376
+CVE-2014-5376 (Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0, when a pre-ge ...)
 	NOT-FOR-US: Adaptive Computing Moab
-CVE-2014-5375
+CVE-2014-5375 (The server in Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0  ...)
 	NOT-FOR-US: Adaptive Computing Moab
 CVE-2014-5374
 	RESERVED
@@ -12039,9 +12039,9 @@ CVE-2014-5372
 	RESERVED
 CVE-2014-5371
 	RESERVED
-CVE-2014-5370
+CVE-2014-5370 (Directory traversal vulnerability in the CFChart servlet (com.naryx.ta ...)
 	NOT-FOR-US: New Atlanta BlueDragon
-CVE-2014-5369
+CVE-2014-5369 (Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption  ...)
 	- enigmail 2:1.7.2-1
 	[wheezy] - enigmail <not-affected> (Introduced in 1.7)
 	[squeeze] - enigmail <not-affected> (Introduced in 1.7)
@@ -12058,141 +12058,141 @@ CVE-2014-5364
 	RESERVED
 CVE-2014-5363
 	RESERVED
-CVE-2014-5362
+CVE-2014-5362 (The admin interface in Landesk Management Suite 9.6 and earlier allows ...)
 	NOT-FOR-US: LANDesk Management Suite
-CVE-2014-5361
+CVE-2014-5361 (Multiple cross-site request forgery (CSRF) vulnerabilities in Landesk  ...)
 	NOT-FOR-US: LANDesk Management Suite
-CVE-2014-5360
+CVE-2014-5360 (Cross-site scripting (XSS) vulnerability in the admin interface in LAN ...)
 	NOT-FOR-US: LANDESK Management Suite
-CVE-2014-5359
+CVE-2014-5359 (Directory traversal vulnerability in SafeNet Authentication Service (S ...)
 	NOT-FOR-US: SafeNet Authentication Service
 CVE-2014-5358
 	RESERVED
 CVE-2014-5357
 	RESERVED
-CVE-2014-5355
+CVE-2014-5355 (MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a kr ...)
 	{DLA-1265-1}
 	- krb5 1.12.1+dfsg-18 (bug #778647)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	NOTE: Upstream commit: https://github.com/krb5/krb5/commit/102bb6ebf20f9174130c85c3b052ae104e5073ec
-CVE-2014-5354
+CVE-2014-5354 (plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka  ...)
 	- krb5 1.12.1+dfsg-16 (bug #773228)
 	[wheezy] - krb5 <not-affected> (do not expose a way for principal entries to have no long-term key material)
 	[squeeze] - krb5 <not-affected> (do not expose a way for principal entries to have no long-term key material)
 	NOTE: Upstream commit: https://github.com/krb5/krb5/commit/04038bf3633c4b909b5ded3072dc88c8c419bf16
-CVE-2014-5353
+CVE-2014-5353 (The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap ...)
 	{DLA-1265-1}
 	- krb5 1.12.1+dfsg-16 (bug #773226)
 	[squeeze] - krb5 <no-dsa> (Minor issue, needs elevated privileges to trigger crash)
 	NOTE: Upstream commit: https://github.com/krb5/krb5/commit/d1f707024f1d0af6e54a18885322d70fa15ec4d3
-CVE-2014-5352
+CVE-2014-5352 (The krb5_gss_process_context_token function in lib/gssapi/krb5/process ...)
 	{DSA-3153-1 DLA-146-1}
 	- krb5 1.12.1+dfsg-17
-CVE-2014-5351
+CVE-2014-5351 (The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal. ...)
 	{DLA-1265-1}
 	- krb5 1.12.1+dfsg-10 (bug #762479)
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8018
 	NOTE: Upstream commit: https://github.com/krb5/krb5/commit/af0ed4df4dfae762ab5fb605f5a0c8f59cb4f6ca
-CVE-2014-5350
+CVE-2014-5350 (Multiple directory traversal vulnerabilities in Bitdefender GravityZon ...)
 	NOT-FOR-US: Bitdefender GravityZone
-CVE-2014-5349
+CVE-2014-5349 (Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allo ...)
 	NOT-FOR-US: Baidu Spark Browser
-CVE-2014-5348
+CVE-2014-5348 (Cross-site scripting (XSS) vulnerability in apps/zxtm/locallog.cgi in  ...)
 	NOT-FOR-US: Riverbed Stingray Traffic Manager Virtual Appliance
-CVE-2014-5347
+CVE-2014-5347 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Disq ...)
 	NOT-FOR-US: Disqus Comment System plugin for WordPress
-CVE-2014-5346
+CVE-2014-5346 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Disq ...)
 	NOT-FOR-US: Disqus Comment System plugin for WordPress
-CVE-2014-5345
+CVE-2014-5345 (Cross-site scripting (XSS) vulnerability in upgrade.php in the Disqus  ...)
 	NOT-FOR-US: Disqus Comment System plugin for WordPress
-CVE-2014-5344
+CVE-2014-5344 (Multiple cross-site scripting (XSS) vulnerabilities in the Mobiloud (m ...)
 	NOT-FOR-US: Mobiloud (mobiloud-mobile-app-plugin) plugin for WordPress
-CVE-2014-5343
+CVE-2014-5343 (Cross-site scripting (XSS) vulnerability in Feng Office allows remote  ...)
 	NOT-FOR-US: Feng Office
-CVE-2014-5342
+CVE-2014-5342 (Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows re ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-5341
+CVE-2014-5341 (The SFTP external storage driver (files_external) in ownCloud Server b ...)
 	- owncloud 7~20140504+dfsg-1
 	NOTE: Only affects 5.x and 6.x, so marking first 7 release as fixed
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2014-019
-CVE-2014-5340
+CVE-2014-5340 (The wato component in Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 ...)
 	- check-mk 1.2.6p4-1 (bug #758883)
 	[wheezy] - check-mk <not-affected> (does not use pickle, vulnerable code not present)
 	NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=192d41525502dc8de10ac99f57bd988450c17566
 	NOTE: introduces incompatible changes to older versions, see https://bugzilla.redhat.com/show_bug.cgi?id=1132337#c2
-CVE-2014-5339
+CVE-2014-5339 (Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allows remote authent ...)
 	- check-mk 1.2.6p4-1 (bug #758883)
 	[wheezy] - check-mk <not-affected>  (Vulnerable code not present)
 	NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=7998aa4d53d2fef7302c0761b9c8f47e2f626e18
-CVE-2014-5338
+CVE-2014-5338 (Multiple cross-site scripting (XSS) vulnerabilities in the multisite c ...)
 	- check-mk 1.2.6p4-1 (bug #758883)
 	[wheezy] - check-mk <no-dsa> (Minor issue)
 	NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=076468b10e660abdeaaaa6c459a4aa3ce8e07
-CVE-2014-5337
+CVE-2014-5337 (The WordPress Mobile Pack plugin before 2.0.2 for WordPress does not p ...)
 	NOT-FOR-US: WordPress plugin Mobile Pack
-CVE-2014-5335
+CVE-2014-5335 (Multiple cross-site request forgery (CSRF) vulnerabilities in innovaph ...)
 	NOT-FOR-US: innovaphone PBX
-CVE-2014-5334
+CVE-2014-5334 (FreeNAS before 9.3-M3 has a blank admin password, which allows remote  ...)
 	NOT-FOR-US: FreeNAS
-CVE-2014-5332
+CVE-2014-5332 (Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local ...)
 	- linux <not-affected> (drivers/video/tegra not present)
 	NOTE: http://googleprojectzero.blogspot.de/2015/01/exploiting-nvmap-to-escape-chrome.html
-CVE-2014-5331
+CVE-2014-5331 (Cross-site scripting (XSS) vulnerability in Aflax allows remote attack ...)
 	NOT-FOR-US: Aflax
-CVE-2014-5330
+CVE-2014-5330 (Cross-site scripting (XSS) vulnerability in BirdBlog allows remote att ...)
 	NOT-FOR-US: BirdBlog
 CVE-2014-5329
 	RESERVED
-CVE-2014-5328
+CVE-2014-5328 (Buffer overflow in the Webserver component on the Huawei E5332 router  ...)
 	NOT-FOR-US: Huawei router
-CVE-2014-5327
+CVE-2014-5327 (Buffer overflow in the Webserver component on the Huawei E5332 router  ...)
 	NOT-FOR-US: Huawei router
-CVE-2014-5326
+CVE-2014-5326 (Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR)  ...)
 	- dwr <itp> (bug #601517)
-CVE-2014-5325
+CVE-2014-5325 (The (1) DOMConverter, (2) JDOMConverter, (3) DOM4JConverter, and (4) X ...)
 	- dwr <itp> (bug #601517)
-CVE-2014-5324
+CVE-2014-5324 (Unrestricted file upload vulnerability in the N-Media file uploader pl ...)
 	NOT-FOR-US: N-Media file uploader plugin for WordPress
-CVE-2014-5323
+CVE-2014-5323 (The Yuko Yuko (aka jp.co.yukoyuko.android.yukoyuko_android) applicatio ...)
 	NOT-FOR-US: Yuko Yuko (aka jp.co.yukoyuko.android.yukoyuko_android) application for Android
-CVE-2014-5322
+CVE-2014-5322 (Cross-site scripting (XSS) vulnerability in the Instant Web Publish fu ...)
 	NOT-FOR-US: FileMaker Pro
-CVE-2014-5321
+CVE-2014-5321 (FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.5 ...)
 	NOT-FOR-US: FileMaker Pro
-CVE-2014-5320
+CVE-2014-5320 (The Bump application for Android does not properly handle implicit int ...)
 	NOT-FOR-US: Bump application for Android
-CVE-2014-5319
+CVE-2014-5319 (Directory traversal vulnerability in the S-Link SLFileManager applicat ...)
 	NOT-FOR-US: S-Link SLFileManager application for Android
-CVE-2014-5318
+CVE-2014-5318 (The jigbrowser+ application 1.8.1 and earlier for iOS allows remote at ...)
 	NOT-FOR-US: jigbrowser+ application for iOS
-CVE-2014-5317
+CVE-2014-5317 (Cross-site scripting (XSS) vulnerability in php365.com 365 Links 3.11  ...)
 	NOT-FOR-US: php365.com components
-CVE-2014-5316
+CVE-2014-5316 (Cross-site scripting (XSS) vulnerability in Dotclear before 2.6.4 allo ...)
 	- dotclear 2.6.4+dfsg-1
-CVE-2014-5315
+CVE-2014-5315 (Cross-site scripting (XSS) vulnerability in the Help page in Adobe Acr ...)
 	NOT-FOR-US: Adobe
-CVE-2014-5314
+CVE-2014-5314 (Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 an ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2014-5313
+CVE-2014-5313 (Cross-site scripting (XSS) vulnerability in the management page in Six ...)
 	- movabletype-opensource <removed>
 	[wheezy] - movabletype-opensource <end-of-life> (Not supported in Wheezy)
-CVE-2014-5461
+CVE-2014-5461 (Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5. ...)
 	{DSA-3016-1 DSA-3015-1 DLA-47-1}
 	- lua5.1 5.1.5-7
 	- lua5.2 5.2.3-1
 	NOTE: http://www.lua.org/bugs.html#5.2.2-1
 	NOTE: fixed in 5.2.3, see https://bugzilla.redhat.com/show_bug.cgi?id=1132304#c7
-CVE-2014-5368
+CVE-2014-5368 (Directory traversal vulnerability in the file_get_contents function in ...)
 	NOT-FOR-US: WordPress plugin wp-source-control
-CVE-2014-5333
+CVE-2014-5333 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
 	NOTE: assignment not from Adobe, see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-5333
-CVE-2014-5356
+CVE-2014-5356 (OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4 ...)
 	- glance 2014.1.3-1
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: Versions: up to 2013.2.3 and 2014.1 to 2014.1.2
-CVE-2014-5336
+CVE-2014-5336 (Monkey HTTP Server before 1.5.3, when the File Descriptor Table (FDT)  ...)
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
 CVE-2014-5312
@@ -12203,9 +12203,9 @@ CVE-2014-5310
 	RESERVED
 CVE-2014-5309
 	RESERVED
-CVE-2014-5308
+CVE-2014-5308 (Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote ...)
 	NOT-FOR-US: TestLink
-CVE-2014-5307
+CVE-2014-5307 (Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Pan ...)
 	NOT-FOR-US: Panda Security
 CVE-2014-5306
 	RESERVED
@@ -12215,17 +12215,17 @@ CVE-2014-5304
 	RESERVED
 CVE-2014-5303
 	RESERVED
-CVE-2014-5302
+CVE-2014-5302 (Directory traversal vulnerability in ServiceDesk Plus and Plus MSP v5  ...)
 	NOT-FOR-US: ManageEngine components
-CVE-2014-5301
+CVE-2014-5301 (Directory traversal vulnerability in ServiceDesk Plus MSP v5 to v9.0 v ...)
 	NOT-FOR-US: ManageEngine components
-CVE-2014-5300
+CVE-2014-5300 (Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 allows remote  ...)
 	NOT-FOR-US: Adaptive Computing Moab
 CVE-2014-5299
 	RESERVED
-CVE-2014-5298
+CVE-2014-5298 (FileUploadsFilter.php in X2Engine 4.1.7 and earlier, when running on c ...)
 	NOT-FOR-US: X2Engine
-CVE-2014-5297
+CVE-2014-5297 (The actionSendErrorReport method in protected/controllers/SiteControll ...)
 	NOT-FOR-US: X2Engine
 CVE-2014-5296
 	RESERVED
@@ -12247,102 +12247,102 @@ CVE-2014-5288
 	RESERVED
 CVE-2014-5287
 	RESERVED
-CVE-2014-5286
+CVE-2014-5286 (The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveM ...)
 	NOT-FOR-US: TIBCO
-CVE-2014-5285
+CVE-2014-5285 (Unspecified vulnerability in the Authentication Module in TIBCO Spotfi ...)
 	NOT-FOR-US: TIBCO Spotfire Server
-CVE-2014-5284
+CVE-2014-5284 (host-deny.sh in OSSEC before 2.8.1 writes to temporary files with pred ...)
 	- ossec-hids <itp> (bug #361954)
 CVE-2014-5283
 	RESERVED
-CVE-2014-5282
+CVE-2014-5282 (Docker before 1.3 does not properly validate image IDs, which allows r ...)
 	- docker.io 1.3.0~dfsg1-1
 CVE-2014-5281
 	RESERVED
-CVE-2014-5280
+CVE-2014-5280 (boot2docker 1.2 and earlier allows attackers to conduct cross-site req ...)
 	NOT-FOR-US: boot2docker
-CVE-2014-5279
+CVE-2014-5279 (The Docker daemon managed by boot2docker 1.2 and earlier improperly en ...)
 	NOT-FOR-US: boot2docker
 CVE-2014-5278
 	RESERVED
-CVE-2014-5277
+CVE-2014-5277 (Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when  ...)
 	- docker.io 1.3.1~dfsg1-1
 	NOTE: https://groups.google.com/d/topic/docker-user/oYm0i3xShJU/discussion
-CVE-2014-5276
+CVE-2014-5276 (Multiple cross-site scripting (XSS) vulnerabilities in Pro Chat Rooms  ...)
 	NOT-FOR-US: Pro Chat Rooms
-CVE-2014-5275
+CVE-2014-5275 (Multiple SQL injection vulnerabilities in includes/functions.php in Pr ...)
 	NOT-FOR-US: Pro Chat Rooms
 CVE-2014-5264
 	RESERVED
-CVE-2014-5259
+CVE-2014-5259 (Cross-site scripting (XSS) vulnerability in cattranslate.php in the Ca ...)
 	NOT-FOR-US: BlackCat CMS
-CVE-2014-5258
+CVE-2014-5258 (Directory traversal vulnerability in showTempFile.php in webEdition CM ...)
 	NOT-FOR-US: webEdition CMS
-CVE-2014-5257
+CVE-2014-5257 (Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms befor ...)
 	NOT-FOR-US: Forma Lms
-CVE-2014-5248
+CVE-2014-5248 (Cross-site scripting (XSS) vulnerability in MyBB before 1.6.15 allows  ...)
 	NOT-FOR-US: MyBB
-CVE-2014-5246
+CVE-2014-5246 (The Shenzhen Tenda Technology Tenda A5s router with firmware 3.02.05_C ...)
 	NOT-FOR-US: Shenzhen Tenda Technology Tenda A5s router
 CVE-2014-5245
 	RESERVED
 CVE-2014-5244
 	RESERVED
-CVE-2014-5239
+CVE-2014-5239 (The Microsoft Outlook.com application before 7.8.2.12.49.7090 for Andr ...)
 	NOT-FOR-US: Microsoft
 CVE-2014-5238
 	RESERVED
 	NOT-FOR-US: Open-Xchange
-CVE-2014-5237
+CVE-2014-5237 (Server-side request forgery (SSRF) vulnerability in the documentconver ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2014-5236
 	RESERVED
 	NOT-FOR-US: Open-Xchange
-CVE-2014-5235
+CVE-2014-5235 (Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchan ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2014-5234
+CVE-2014-5234 (Cross-site scripting (XSS) vulnerability in the backend in Open-Xchang ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2014-5274
+CVE-2014-5274 (Cross-site scripting (XSS) vulnerability in the view operations page i ...)
 	- phpmyadmin 4:4.2.7.1-1 (low; bug #758536)
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php
 	NOTE: Version 3.x uses the browser-provided confirmation window and not custom HTML.
-CVE-2014-5273
+CVE-2014-5273 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...)
 	- phpmyadmin 4:4.2.7.1-1 (low; bug #758536)
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php
 	NOTE: Most of the affected Javascript files do not exist on version 3.3 and 3.4.
 	NOTE: Those that do do not contain the problematic code.
-CVE-2014-5268
+CVE-2014-5268 (The Fasttoggle module 7.x-1.3 and 7.x-1.4 for Drupal allows remote att ...)
 	NOT-FOR-US: Drupal addon
-CVE-2014-5250
+CVE-2014-5250 (Unspecified vulnerability in the AJAX autocompletion callback in the B ...)
 	NOT-FOR-US: Drupal addon
-CVE-2014-5249
+CVE-2014-5249 (SQL injection vulnerability in the "Biblio self autocomplete" submodul ...)
 	NOT-FOR-US: Drupal addon
-CVE-2014-5272
+CVE-2014-5272 (libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x be ...)
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3539d6c63a16e1b2874bb037a86f317449c58770
 	NOTE: <lu_zero> Does not apply to Libav at all.
-CVE-2014-5271
+CVE-2014-5271 (Heap-based buffer overflow in the encode_slice function in libavcodec/ ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:11-1
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=52b81ff4635c077b2bc8b8d3637d933b6629d803
 	NOTE: new ffmpeg now in experimental, CVE fixed in 7:2.4-1
 	NOTE: https://git.libav.org/?p=libav.git;a=commitdiff;h=45ce880a9b3e50cfa088f111dffaf8685bd7bc6b
-CVE-2014-5262
+CVE-2014-5262 (SQL injection vulnerability in the graph settings script (graph_settin ...)
 	{DSA-3007-1 DLA-40-1}
 	- cacti 0.8.8b+dfsg-8
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7454
-CVE-2014-5261
+CVE-2014-5261 (The graph settings script (graph_settings.php) in Cacti 0.8.8b and ear ...)
 	{DSA-3007-1 DLA-40-1}
 	- cacti 0.8.8b+dfsg-8
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7454
-CVE-2014-4274
+CVE-2014-4274 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier an ...)
 	{DSA-3054-1 DLA-75-1}
 	- mariadb-5.5 5.5.39-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
@@ -12351,17 +12351,17 @@ CVE-2014-4274
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: Fix MySQL: https://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/4638
 	NOTE: Fix MariaDB: https://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/4261?sort=date#storage/myisam/ha_myisam.cc
-CVE-2014-5270
+CVE-2014-5270 (Libgcrypt before 1.5.4, as used in GnuPG and other products, does not  ...)
 	{DSA-3073-1 DSA-3024-1 DLA-93-1 DLA-54-1}
 	- gnupg 1.4.16-1
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=cad8216f9a0b33c9dc84ecc4f385b00045e7b496
 	- libgcrypt11 1.5.4-1
 	- libgcrypt20 1.6.0-2
 	NOTE: http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000352.html
-CVE-2014-5267
+CVE-2014-5267 (modules/openid/xrds.inc in Drupal 6.x before 6.33 and 7.x before 7.31  ...)
 	{DSA-2999-1}
 	- drupal7 7.31-1
-CVE-2014-5266
+CVE-2014-5266 (The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 a ...)
 	{DSA-3001-1 DSA-2999-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29405/branches/3.9
@@ -12369,7 +12369,7 @@ CVE-2014-5266
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2014-004
-CVE-2014-5265
+CVE-2014-5265 (The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 a ...)
 	{DSA-3001-1 DSA-2999-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29405/branches/3.9
@@ -12377,28 +12377,28 @@ CVE-2014-5265
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2014-004
-CVE-2014-5253
+CVE-2014-5253 (OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno befo ...)
 	- keystone 2014.1.2.1-1
 	[wheezy] - keystone <not-affected> (Affects 2014.1 versions up to 2014.1.1)
 	NOTE: https://launchpad.net/bugs/1349597
 	NOTE: https://git.openstack.org/cgit/openstack/keystone/commit/?id=317f9d34b4da20c21edd5b851889298b67c843e1
-CVE-2014-5252
+CVE-2014-5252 (The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 ...)
 	- keystone 2014.1.2.1-1
 	[wheezy] - keystone <not-affected> (Affects 2014.1 versions up to 2014.1.1)
 	NOTE: https://launchpad.net/bugs/1348820
 	NOTE: https://git.openstack.org/cgit/openstack/keystone/commit/?id=bdb88c662ac2035f9b0d8a229a5db5f60f5f16ae
-CVE-2014-5251
+CVE-2014-5251 (The MySQL token driver in OpenStack Identity (Keystone) 2014.1.x befor ...)
 	- keystone 2014.1.2.1-1
 	[wheezy] - keystone <not-affected> (Affects 2014.1 versions up to 2014.1.1)
 	NOTE: https://launchpad.net/bugs/1347961
 	NOTE: https://git.openstack.org/cgit/openstack/keystone/commit/?id=6cbf835542d62e6e5db4b4aef7141b1731cad9dc
-CVE-2014-5263
+CVE-2014-5263 (vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not termina ...)
 	- qemu 2.1+dfsg-1
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced in v1.6.0)
 	[squeeze] - qemu <not-affected> (Vulnerable code introduced in v1.6.0)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: patch http://git.qemu.org/?p=qemu.git;a=commit;h=3afca1d6d413592c2b78cf28f52fa24a586d8f56
-CVE-2014-5269
+CVE-2014-5269 (Plack::App::File in Plack before 1.0031 removes trailing slash charact ...)
 	{DLA-61-1}
 	- libplack-perl 1.0031-1
 	[wheezy] - libplack-perl 0.9989-1+deb7u1
@@ -12418,34 +12418,34 @@ CVE-2014-XXXX [Enforce use of HTTPS for MathJax in IPython]
 	NOTE: https://github.com/ipython/ipython/issues/6246
 	NOTE: patch: https://github.com/ipython/ipython/commit/f58dabb277d0cdfb603d46cd01fcf29819ae7613
 	NOTE: in Debian patch to use mathjax from system was added right away in version 0.12
-CVE-2014-5260
+CVE-2014-5260 (The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow ...)
 	- libxml-dt-perl 0.66-1 (bug #756566)
 	[wheezy] - libxml-dt-perl <no-dsa> (Minor issue)
 	[squeeze] - libxml-dt-perl <not-affected> (Vulnerable code introduced later)
-CVE-2014-6060
+CVE-2014-6060 (The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allow ...)
 	- dhcpcd5 6.0.5-2 (low; bug #770043)
 	[wheezy] - dhcpcd5 5.5.6-1+deb7u1
 	- dhcpcd <not-affected> (Affects dhcpcd 4.0.0 to 6.4.2)
 	NOTE: http://roy.marples.name/projects/dhcpcd/ci/1d2b93aa5ce25a8a710082fe2d36a6bf7f5794d5?sbs=0
-CVE-2014-5243
+CVE-2014-5243 (MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.2 ...)
 	{DSA-3011-1}
 	- mediawiki 1:1.19.18+dfsg-0.1 (bug #758510)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=65778
-CVE-2014-5242
+CVE-2014-5242 (Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagin ...)
 	- mediawiki <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=66608
 	NOTE: Introduced in 1.22wmf14, https://bugzilla.wikimedia.org/show_bug.cgi?id=66608#c18
-CVE-2014-5241
+CVE-2014-5241 (The JSONP endpoint in includes/api/ApiFormatJson.php in MediaWiki befo ...)
 	{DSA-3011-1}
 	- mediawiki 1:1.19.18+dfsg-0.1 (bug #758510)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=68187
-CVE-2014-5233
+CVE-2014-5233 (The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows  ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC Sm@rtClient
-CVE-2014-5232
+CVE-2014-5232 (The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows  ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC Sm@rtClient
-CVE-2014-5231
+CVE-2014-5231 (The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows  ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC Sm@rtClient
 CVE-2014-5230
 	REJECTED
@@ -12467,7 +12467,7 @@ CVE-2014-5222
 	REJECTED
 CVE-2014-5221
 	REJECTED
-CVE-2014-5220
+CVE-2014-5220 (The mdcheck script of the mdadm package for openSUSE 13.2 prior to ver ...)
 	- mdadm 3.3.4-1 (unimportant)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=910500
 	NOTE: https://github.com/mapcollab/mdadm/commit/979b1feb093b1c2e0f8b58716329f2da092741d4
@@ -12476,89 +12476,89 @@ CVE-2014-5219
 	RESERVED
 CVE-2014-5218
 	RESERVED
-CVE-2014-5217
+CVE-2014-5217 (Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc  ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2014-5216
+CVE-2014-5216 (Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Ma ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2014-5215
+CVE-2014-5215 (NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenti ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2014-5214
+CVE-2014-5214 (nps/servlet/webacc in iManager in the Administration Console server in ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2014-5213
+CVE-2014-5213 (nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonito ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2014-5212
+CVE-2014-5212 (Cross-site scripting (XSS) vulnerability in nds/search/data in iMonito ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2014-5211
+CVE-2014-5211 (Stack-based buffer overflow in the Attachmate Reflection FTP Client be ...)
 	NOT-FOR-US: Attachmate Reflection FTP Client
-CVE-2014-5210
+CVE-2014-5210 (The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows re ...)
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2014-5209
 	RESERVED
-CVE-2014-5208
+CVE-2014-5208 (BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 30 ...)
 	NOT-FOR-US: Batch Management Packages in Yokogawa and Exaopc
-CVE-2014-5202
+CVE-2014-5202 (Cross-site scripting (XSS) vulnerability in compfight-search.php in th ...)
 	NOT-FOR-US: WordPress plugin compfight
-CVE-2014-5201
+CVE-2014-5201 (SQL injection vulnerability in the Gallery Objects plugin 0.4 for Word ...)
 	NOT-FOR-US: WordPress plugin gallery-objects
-CVE-2014-5200
+CVE-2014-5200 (SQL injection vulnerability in game_play.php in the FB Gorilla plugin  ...)
 	NOT-FOR-US: WordPress plugin fbgorilla
-CVE-2014-5199
+CVE-2014-5199 (Cross-site request forgery (CSRF) vulnerability in the WordPress File  ...)
 	NOT-FOR-US: WordPress plugin wp-file-upload
-CVE-2014-5198
+CVE-2014-5198 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enter ...)
 	NOT-FOR-US: Splunk
-CVE-2014-5197
+CVE-2014-5197 (Directory traversal vulnerability in (1) Splunk Web or the (2) Splunkd ...)
 	NOT-FOR-US: Splunk
-CVE-2014-5196
+CVE-2014-5196 (Cross-site request forgery (CSRF) vulnerability in improved-user-searc ...)
 	NOT-FOR-US: WordPress plugin improved-user-search-in-backend
-CVE-2014-5195
+CVE-2014-5195 (Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not ...)
 	- unity <itp> (bug #609278)
-CVE-2014-5194
+CVE-2014-5194 (Static code injection vulnerability in admin/admin.php in Sphider 1.3. ...)
 	NOT-FOR-US: Sphider
-CVE-2014-5193
+CVE-2014-5193 (Cross-site scripting (XSS) vulnerability in admin/admin.php in Sphider ...)
 	NOT-FOR-US: Sphider
-CVE-2014-5192
+CVE-2014-5192 (SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows ...)
 	NOT-FOR-US: Sphider
-CVE-2014-5191
+CVE-2014-5191 (Cross-site scripting (XSS) vulnerability in the Preview plugin before  ...)
 	- ckeditor 4.4.4+dfsg1-1 (bug #760736)
 	[wheezy] - ckeditor <not-affected> (Preview plugin not yet present)
 	[squeeze] - ckeditor <not-affected> (Preview plugin not yet present)
-CVE-2014-5190
+CVE-2014-5190 (Cross-site scripting (XSS) vulnerability in captcha-secureimage/test/i ...)
 	NOT-FOR-US: WordPress plugin SI CAPTCHA Anti-Spam
-CVE-2014-5189
+CVE-2014-5189 (SQL injection vulnerability in lib/optin/optin_page.php in the Lead Oc ...)
 	NOT-FOR-US: WordPress plugin Lead-Octopus-Power
-CVE-2014-5188
+CVE-2014-5188 (Cross-site scripting (XSS) vulnerability in doemailpassword.tml in Lyr ...)
 	NOT-FOR-US: Lyris ListManager
-CVE-2014-5187
+CVE-2014-5187 (Directory traversal vulnerability in the Tom M8te (tom-m8te) plugin 1. ...)
 	NOT-FOR-US: WordPress plugin tom-m8te
-CVE-2014-5186
+CVE-2014-5186 (SQL injection vulnerability in the All Video Gallery (all-video-galler ...)
 	NOT-FOR-US: WordPress plugin all-video-gallery
-CVE-2014-5185
+CVE-2014-5185 (SQL injection vulnerability in the Quartz plugin 1.01.1 for WordPress  ...)
 	NOT-FOR-US: WordPress plugin quartz
-CVE-2014-5184
+CVE-2014-5184 (SQL injection vulnerability in the stripshow-storylines page in the st ...)
 	NOT-FOR-US: WordPress plugin stripshow
-CVE-2014-5183
+CVE-2014-5183 (SQL injection vulnerability in includes/mode-edit.php in the Simple Re ...)
 	NOT-FOR-US: WordPress plugin simple-retail-menus
-CVE-2014-5182
+CVE-2014-5182 (Multiple SQL injection vulnerabilities in the yawpp plugin 1.2 for Wor ...)
 	NOT-FOR-US: WordPress plugin yawpp
-CVE-2014-5181
+CVE-2014-5181 (Directory traversal vulnerability in lastfm-proxy.php in the Last.fm R ...)
 	NOT-FOR-US: WordPress plugin lastfm-rotation
-CVE-2014-5180
+CVE-2014-5180 (SQL injection vulnerability in the videos page in the HDW Player Plugi ...)
 	NOT-FOR-US: WordPress plugin hdw-player-video-player-video-gallery
-CVE-2014-5178
+CVE-2014-5178 (Multiple cross-site scripting (XSS) vulnerabilities in Easy File Shari ...)
 	NOT-FOR-US: Easy File Sharing
-CVE-2014-5176
+CVE-2014-5176 (SAP FI Manager Self-Service has a hard-coded user name, which makes it ...)
 	NOT-FOR-US: SAP
-CVE-2014-5175
+CVE-2014-5175 (The License Measurement servlet in SAP Solution Manager 7.1 allows rem ...)
 	NOT-FOR-US: SAP
-CVE-2014-5174
+CVE-2014-5174 (The SAP Netweaver Business Warehouse component does not properly restr ...)
 	NOT-FOR-US: SAP
-CVE-2014-5173
+CVE-2014-5173 (SAP HANA Extend Application Services (XS) allows remote attackers to b ...)
 	NOT-FOR-US: SAP
-CVE-2014-5172
+CVE-2014-5172 (Multiple cross-site scripting (XSS) vulnerabilities in the XS Administ ...)
 	NOT-FOR-US: SAP
-CVE-2014-5171
+CVE-2014-5171 (SAP HANA Extend Application Services (XS) does not encrypt transmissio ...)
 	NOT-FOR-US: SAP
-CVE-2014-5207
+CVE-2014-5207 (fs/namespace.c in the Linux kernel through 3.16.1 does not properly re ...)
 	- linux 3.16.2-1
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <not-affected> (User namespaces only usable in later kernels)
@@ -12566,49 +12566,49 @@ CVE-2014-5207
 	NOTE: and: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ffbc6f0ead47fa5a1dc9642b0331cb75c20a640e (v3.17-rc1)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0c55cfc4166d9a0f38de779bd4d75a90afbe7734 (v3.8)
 	NOTE: Thread starting at http://www.openwall.com/lists/oss-security/2014/08/12/6
-CVE-2014-5206
+CVE-2014-5206 (The do_remount function in fs/namespace.c in the Linux kernel through  ...)
 	- linux 3.16.2-1
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <not-affected> (User namespaces only usable in later kernels)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=db181ce011e3c033328608299cd6fac06ea50130
 	NOTE: Thread starting at http://www.openwall.com/lists/oss-security/2014/08/12/6
-CVE-2014-5247
+CVE-2014-5247 (The _UpgradeBeforeConfigurationChange function in lib/client/gnt_clust ...)
 	- ganeti 2.11.5-1
 	[wheezy] - ganeti <not-affected> (Vulnerable code not present)
 	[squeeze] - ganeti <not-affected> (Vulnerable code not present)
 	NOTE: http://www.ocert.org/advisories/ocert-2014-006.html
-CVE-2014-5240
+CVE-2014-5240 (Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php  ...)
 	{DSA-3001-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29398
-CVE-2014-5205
+CVE-2014-5205 (wp-includes/pluggable.php in WordPress before 3.9.2 does not use delim ...)
 	{DSA-3001-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29408
-CVE-2014-5204
+CVE-2014-5204 (wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid CS ...)
 	{DSA-3001-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29384
-CVE-2014-5203
+CVE-2014-5203 (wp-includes/class-wp-customize-widgets.php in the widget implementatio ...)
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	[wheezy] - wordpress <not-affected> (Vulnerable code not present)
 	[squeeze] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: https://core.trac.wordpress.org/changeset/29389
-CVE-2014-3528
+CVE-2014-3528 (Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1 ...)
 	- subversion 1.8.10-1 (low)
 	[squeeze] - subversion <no-dsa> (Minor issue)
 	[wheezy] - subversion <no-dsa> (Minor issue)
 	NOTE: http://mail-archives.apache.org/mod_mbox/subversion-dev/201407.mbox/%3C53DAB4A7.8030004%40reser.org%3E
-CVE-2014-5179
+CVE-2014-5179 (The freelinking module for Drupal, as used in the Freelinking for Case ...)
 	NOT-FOR-US: drupal6-freelinking module
-CVE-2014-5177
+CVE-2014-5177 (libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access con ...)
 	- libvirt 1.2.4-1 (low)
 	[wheezy] - libvirt <not-affected> (Not exploitable in that version)
 	[squeeze] - libvirt <not-affected> (Not exploitable in that version)
 	NOTE: http://security.libvirt.org/2014/0003.html
-CVE-2014-5170
+CVE-2014-5170 (The Storage API module 7.x before 7.x-1.6 for Drupal might allow remot ...)
 	NOT-FOR-US: Storage API module for Drupal
-CVE-2014-5169
+CVE-2014-5169 (Cross-site scripting (XSS) vulnerability in the Date module before 7.x ...)
 	NOT-FOR-US: Drupal module Date
 CVE-2014-5168
 	RESERVED
@@ -12616,36 +12616,36 @@ CVE-2014-5167
 	RESERVED
 CVE-2014-5166
 	RESERVED
-CVE-2014-5165
+CVE-2014-5165 (The dissect_ber_constrained_bitstring function in epan/dissectors/pack ...)
 	{DSA-3002-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-11.html
-CVE-2014-5164
+CVE-2014-5164 (The rlc_decode_li function in epan/dissectors/packet-rlc.c in the RLC  ...)
 	{DSA-3002-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-10.html
-CVE-2014-5163
+CVE-2014-5163 (The APN decode functionality in (1) epan/dissectors/packet-gtp.c and ( ...)
 	{DSA-3002-1 DLA-38-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark 1.2.11-6+squeeze15
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-09.html
-CVE-2014-5162
+CVE-2014-5162 (The read_new_line function in wiretap/catapult_dct2000.c in the Catapu ...)
 	{DSA-3002-1 DLA-38-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark 1.2.11-6+squeeze15
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-08.html
-CVE-2014-5161
+CVE-2014-5161 (The dissect_log function in plugins/irda/packet-irda.c in the IrDA dis ...)
 	{DSA-3002-1 DLA-38-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark 1.2.11-6+squeeze15
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-08.html
-CVE-2014-5160
+CVE-2014-5160 (** DISPUTED ** Multiple directory traversal vulnerabilities in crs.exe ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2014-5159
+CVE-2014-5159 (SQL injection vulnerability in the ossim-framework service in AlienVau ...)
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-5158
+CVE-2014-5158 (The (1) av-centerd SOAP service and (2) backup command in the ossim-fr ...)
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2014-5157
 	REJECTED
@@ -12663,25 +12663,25 @@ CVE-2014-5151
 	RESERVED
 CVE-2014-5150
 	RESERVED
-CVE-2014-5149
+CVE-2014-5149 (Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when ...)
 	- xen 4.4.1-4 (low; bug #770230)
 	[wheezy] - xen <no-dsa> (Minor issue, too intrusive to backport)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-5148
+CVE-2014-5148 (Xen 4.4.x, when running on an ARM system and "handling an unknown syst ...)
 	- xen 4.4.1-1
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
-CVE-2014-5147
+CVE-2014-5147 (Xen 4.4.x, when running a 64-bit kernel on an ARM system, does not pro ...)
 	- xen 4.4.1-1
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
-CVE-2014-5146
+CVE-2014-5146 (Certain MMU virtualization operations in Xen 4.2.x through 4.4.x befor ...)
 	- xen 4.4.1-4 (low; bug #770230)
 	[wheezy] - xen <no-dsa> (Minor issue, too intrusive to backport)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2014-5145
 	RESERVED
-CVE-2014-5144
+CVE-2014-5144 (Cross-site scripting (XSS) vulnerability in Telescope before 0.9.3 all ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2014-5143
 	RESERVED
@@ -12691,16 +12691,16 @@ CVE-2014-5141
 	RESERVED
 CVE-2014-5140
 	RESERVED
-CVE-2014-5139
+CVE-2014-5139 (The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 befo ...)
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
 CVE-2014-5138
 	RESERVED
 	NOT-FOR-US: Sierra Library Services Platform
-CVE-2014-5137
+CVE-2014-5137 (Innovative Interfaces Sierra Library Services Platform 1.2_3 provides  ...)
 	NOT-FOR-US: Sierra Library Services Platform
-CVE-2014-5136
+CVE-2014-5136 (Cross-site scripting (XSS) vulnerability in Innovative Interfaces Sier ...)
 	NOT-FOR-US: Sierra Library Services Platform
 CVE-2014-5135
 	RESERVED
@@ -12708,17 +12708,17 @@ CVE-2014-5134
 	RESERVED
 CVE-2014-5133
 	RESERVED
-CVE-2014-5132
+CVE-2014-5132 (Avolve Software ProjectDox 8.1 allows remote attackers to enumerate us ...)
 	NOT-FOR-US: ProjectDox
-CVE-2014-5131
+CVE-2014-5131 (Avolve Software ProjectDox 8.1 makes it easier for remote authenticate ...)
 	NOT-FOR-US: ProjectDox
-CVE-2014-5130
+CVE-2014-5130 (Avolve Software ProjectDox 8.1 allows remote authenticated users to ob ...)
 	NOT-FOR-US: ProjectDox
-CVE-2014-5129
+CVE-2014-5129 (Cross-site scripting (XSS) vulnerability in Avolve Software ProjectDox ...)
 	NOT-FOR-US: ProjectDox
-CVE-2014-5128
+CVE-2014-5128 (Innovative Interfaces Encore Discovery Solution 4.3 places a session t ...)
 	NOT-FOR-US: Innovative Interfaces Encore Discovery Solution
-CVE-2014-5127
+CVE-2014-5127 (Open redirect vulnerability in Innovative Interfaces Encore Discovery  ...)
 	NOT-FOR-US: Innovative Interfaces Encore Discovery Solution
 CVE-2014-5126
 	RESERVED
@@ -12728,11 +12728,11 @@ CVE-2014-5124
 	RESERVED
 CVE-2014-5123
 	RESERVED
-CVE-2014-5122
+CVE-2014-5122 (Open redirect vulnerability in ESRI ArcGIS for Server 10.1.1 allows re ...)
 	NOT-FOR-US: ArcGIS
-CVE-2014-5121
+CVE-2014-5121 (Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for ...)
 	NOT-FOR-US: ArcGIS
-CVE-2014-5120
+CVE-2014-5120 (gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x befo ...)
 	- php5 5.4.0-1
 	[squeeze] - php5 <not-affected> (Introduced in 5.4)
 	- libgd2 <not-affected> (Specific to integration of gd in PHP)
@@ -12740,49 +12740,49 @@ CVE-2014-5120
 	NOTE: https://bugs.php.net/patch-display.php?bug_id=67730&patch=gd-null-injection&revision=latest
 	NOTE: For the PHP5 5.4 branch this issue is fixed in version 5.4.32
 	NOTE: fixed in Debian with the gdIOCtx.patch patch
-CVE-2014-5115
+CVE-2014-5115 (Absolute path traversal vulnerability in DirPHP 1.0 allows remote atta ...)
 	NOT-FOR-US: DirPHP
-CVE-2014-5114
+CVE-2014-5114 (WeBid 1.1.1 allows remote attackers to conduct an LDAP injection attac ...)
 	NOT-FOR-US: WeBid Auction Script
-CVE-2014-5113
+CVE-2014-5113 (Multiple cross-site scripting (XSS) vulnerabilities in test.php in Vis ...)
 	NOT-FOR-US: Visualwave MyConnection Server
-CVE-2014-5112
+CVE-2014-5112 (maint/modules/home/index.php in Fonality trixbox allows remote attacke ...)
 	NOT-FOR-US: Fonality trixbox
-CVE-2014-5111
+CVE-2014-5111 (Multiple directory traversal vulnerabilities in Fonality trixbox allow ...)
 	NOT-FOR-US: Fonality trixbox
-CVE-2014-5110
+CVE-2014-5110 (Cross-site scripting (XSS) vulnerability in user/help/html/index.php i ...)
 	NOT-FOR-US: Fonality trixbox
-CVE-2014-5109
+CVE-2014-5109 (SQL injection vulnerability in maint/modules/endpointcfg/endpoint_gene ...)
 	NOT-FOR-US: Fonality trixbox
-CVE-2014-5108
+CVE-2014-5108 (Cross-site scripting (XSS) vulnerability in single_pages\download_file ...)
 	NOT-FOR-US: concrete5
-CVE-2014-5107
+CVE-2014-5107 (concrete5 before 5.6.3 allows remote attackers to obtain the installat ...)
 	NOT-FOR-US: concrete5
-CVE-2014-5106
+CVE-2014-5106 (Cross-site scripting (XSS) vulnerability in Invision Power IP.Board (a ...)
 	NOT-FOR-US: Invision Power IP.Board
-CVE-2014-5105
+CVE-2014-5105 (Multiple cross-site scripting (XSS) vulnerabilities in ol-commerce 2.1 ...)
 	NOT-FOR-US: ol-commerce
-CVE-2014-5104
+CVE-2014-5104 (Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remo ...)
 	NOT-FOR-US: ol-commerce
-CVE-2014-5103
+CVE-2014-5103 (Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine EventLog ...)
 	NOT-FOR-US: ZOHO ManageEngine EventLog Analyzer
-CVE-2014-5102
+CVE-2014-5102 (SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 a ...)
 	NOT-FOR-US: vBulletin
-CVE-2014-5101
+CVE-2014-5101 (Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 all ...)
 	NOT-FOR-US: WeBid Auction Script
-CVE-2014-5100
+CVE-2014-5100 (Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka be ...)
 	NOT-FOR-US: Omeka
 CVE-2014-5099
 	RESERVED
-CVE-2014-5098
+CVE-2014-5098 (Cross-site scripting (XSS) vulnerability in the Search module before 1 ...)
 	NOT-FOR-US: Jamroom Search module
-CVE-2014-5097
+CVE-2014-5097 (Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR  ...)
 	NOT-FOR-US: ArticleFR
 CVE-2014-5096
 	RESERVED
 CVE-2014-5095
 	RESERVED
-CVE-2014-5094
+CVE-2014-5094 (Status2k allows remote attackers to obtain configuration information v ...)
 	NOT-FOR-US: Status2k
 CVE-2014-5093
 	RESERVED
@@ -12790,11 +12790,11 @@ CVE-2014-5092
 	RESERVED
 CVE-2014-5091
 	RESERVED
-CVE-2014-5090
+CVE-2014-5090 (admin/options/logs.php in Status2k allows remote authenticated adminis ...)
 	NOT-FOR-US: Status2k
-CVE-2014-5089
+CVE-2014-5089 (SQL injection vulnerability in admin/options/logs.php in Status2k allo ...)
 	NOT-FOR-US: Status2k
-CVE-2014-5088
+CVE-2014-5088 (Cross-site scripting (XSS) vulnerability in Status2k allows remote att ...)
 	NOT-FOR-US: Status2k
 CVE-2014-5087
 	RESERVED
@@ -12806,7 +12806,7 @@ CVE-2014-5084
 	RESERVED
 CVE-2014-5083
 	RESERVED
-CVE-2014-5082
+CVE-2014-5082 (Multiple SQL injection vulnerabilities in admin/admin.php in Sphider 1 ...)
 	NOT-FOR-US: Sphider
 CVE-2014-5081
 	RESERVED
@@ -12816,23 +12816,23 @@ CVE-2014-5079
 	RESERVED
 CVE-2014-5078
 	RESERVED
-CVE-2014-5076
+CVE-2014-5076 (The La Banque Postale application before 3.2.6 for Android does not pr ...)
 	NOT-FOR-US: La Banque Postale application
-CVE-2014-5075
+CVE-2014-5075 (The Ignite Realtime Smack XMPP API 4.x before 4.0.2, and 3.x and 2.x w ...)
 	- libsmack-java <itp> (bug #640873)
-CVE-2014-5074
+CVE-2014-5074 (Siemens SIMATIC S7-1500 CPU devices with firmware before 1.6 allow rem ...)
 	NOT-FOR-US: Siemens SIMATIC S7-1500 CPU devices
-CVE-2014-5073
+CVE-2014-5073 (vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allo ...)
 	NOT-FOR-US: VMTurbo Operations Manager
-CVE-2014-5072
+CVE-2014-5072 (Cross-site request forgery (CSRF) vulnerability in WP Security Audit L ...)
 	NOT-FOR-US: WP Security Audit Log plugin for WordPress
-CVE-2014-5071
+CVE-2014-5071 (SQL injection vulnerability in the checkPassword function in Symmetric ...)
 	NOT-FOR-US: Symmetricom
-CVE-2014-5070
+CVE-2014-5070 (Symmetricom s350i 2.70.15 allows remote authenticated users to gain pr ...)
 	NOT-FOR-US: Symmetricom
-CVE-2014-5069
+CVE-2014-5069 (Cross-site scripting (XSS) vulnerability in Symmetricom s350i 2.70.15  ...)
 	NOT-FOR-US: Symmetricom
-CVE-2014-5068
+CVE-2014-5068 (Directory traversal vulnerability in the web application in Symmetrico ...)
 	NOT-FOR-US: Symmetricom
 CVE-2014-5067
 	RESERVED
@@ -12881,13 +12881,13 @@ CVE-2014-5046
 CVE-2014-5118
 	RESERVED
 	NOT-FOR-US: tboot
-CVE-2014-5117
+CVE-2014-5117 (Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit ...)
 	{DSA-2993-1 DLA-17-1}
 	- tor 0.2.4.23-1
 	[squeeze] - tor 0.2.4.23-1~deb6u1
-CVE-2014-5116
+CVE-2014-5116 (The cairo_image_surface_get_data function in Cairo 1.10.2, as used in  ...)
 	NOTE: This is non-security bug in Wireshark, not in Cairo
-CVE-2014-5077
+CVE-2014-5077 (The sctp_assoc_update function in net/sctp/associola.c in the Linux ke ...)
 	{DLA-103-1}
 	- linux 3.14.15-1
 	[wheezy] - linux 3.2.63-1
@@ -12899,29 +12899,29 @@ CVE-2014-5042
 	RESERVED
 CVE-2014-5041
 	RESERVED
-CVE-2014-5040
+CVE-2014-5040 (HP Helion Eucalyptus 4.1.x before 4.1.2 and HPE Helion Eucalyptus 4.2. ...)
 	- eucalyptus <removed>
 CVE-2014-5039
 	RESERVED
-CVE-2014-5038
+CVE-2014-5038 (Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or  ...)
 	- eucalyptus <removed>
-CVE-2014-5037
+CVE-2014-5037 (Eucalyptus 4.0.0 through 4.0.1, when the log level is set to INFO, log ...)
 	- eucalyptus <removed>
-CVE-2014-5036
+CVE-2014-5036 (The Storage Controller (SC) component in Eucalyptus 3.4.2 through 4.0. ...)
 	- eucalyptus <removed>
-CVE-2014-5035
+CVE-2014-5035 (The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers  ...)
 	NOT-FOR-US: Opendaylight
-CVE-2014-5034
+CVE-2014-5034 (Cross-site request forgery (CSRF) vulnerability in the Brute Force Log ...)
 	NOT-FOR-US: Brute Force Login Protection module for WordPress
-CVE-2014-5023
+CVE-2014-5023 (Repository.php in Gitter, as used in Gitlist, allows remote attackers  ...)
 	- gitlist <itp> (bug #750368)
-CVE-2014-5018
+CVE-2014-5018 (Incomplete blacklist vulnerability in the autoEscape function in commo ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2014-5017
+CVE-2014-5017 (SQL injection vulnerability in CPDB in application/controllers/admin/p ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2014-5016
+CVE-2014-5016 (Multiple cross-site scripting (XSS) vulnerabilities in LimeSurvey 2.05 ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2014-5014
+CVE-2014-5014 (The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows  ...)
 	NOT-FOR-US: WordPress Flash Uploader plugin for WordPress
 CVE-2014-5013 [Remote Code Execution (complement of CVE-2014-2383)]
 	RESERVED
@@ -12942,16 +12942,16 @@ CVE-2014-5010
 	RESERVED
 CVE-2014-5007
 	RESERVED
-CVE-2014-5006
+CVE-2014-5006 (Directory traversal vulnerability in ZOHO ManageEngine Desktop Central ...)
 	NOT-FOR-US: ZOHO ManageEngine
-CVE-2014-5005
+CVE-2014-5005 (Directory traversal vulnerability in ZOHO ManageEngine Desktop Central ...)
 	NOT-FOR-US: ZOHO ManageEngine
-CVE-2014-5045
+CVE-2014-5045 (The mountpoint_last function in fs/namei.c in the Linux kernel before  ...)
 	- linux 3.14.15-1
 	[wheezy] - linux <not-affected> (Introduced in 3.12)
 	- linux-2.6 <not-affected> (Introduced in 3.12)
 	NOTE: https://lkml.org/lkml/2014/7/21/98
-CVE-2014-5044
+CVE-2014-5044 (Multiple integer overflows in libgfortran might allow remote attackers ...)
 	- gcc-4.9 4.9.1-4 (bug #756325)
 	- gcc-4.8 4.8.3-7 (bug #756325)
 	- gcc-4.7 <removed> (bug #756325)
@@ -12964,85 +12964,85 @@ CVE-2014-5044
 	- gcc-4.3 <removed>
 	[squeeze] - gcc-4.3 <no-dsa> (Minor issue, too intrusive to backport)
 	NOTE: https://gcc.gnu.org/viewcvs/gcc?limit_changes=0&view=revision&revision=211721
-CVE-2014-5033
+CVE-2014-5033 (KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-B ...)
 	{DSA-3004-1 DLA-76-1}
 	- kde4libs 4:4.13.3-2 (bug #755814)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=864716
 	NOTE: http://quickgit.kde.org/?p=kdelibs.git&a=commit&h=e4e7b53b71e2659adaf52691d4accc3594203b23
-CVE-2014-5032
+CVE-2014-5032 (GLPI before 0.84.7 does not properly restrict access to cost informati ...)
 	- glpi <removed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/07/22/6
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2014-5031
+CVE-2014-5031 (The web interface in CUPS before 2.0 does not check that files have wo ...)
 	{DSA-2990-1 DLA-0022-1}
 	- cups 1.7.4-2
 	[squeeze] - cups 1.4.4-7+squeeze6
 	NOTE: https://cups.org/str.php?L4455
-CVE-2014-5030
+CVE-2014-5030 (CUPS before 2.0 allows local users to read arbitrary files via a symli ...)
 	{DSA-2990-1 DLA-0022-1}
 	- cups 1.7.4-2
 	[squeeze] - cups 1.4.4-7+squeeze6
 	NOTE: https://cups.org/str.php?L4455
-CVE-2014-5029
+CVE-2014-5029 (The web interface in CUPS 1.7.4 allows local users in the lp group to  ...)
 	{DSA-2990-1 DLA-0022-1}
 	- cups 1.7.4-2
 	[squeeze] - cups 1.4.4-7+squeeze6
 	NOTE: https://cups.org/str.php?L4455
-CVE-2014-5028
+CVE-2014-5028 (The Original File and Patched File resources in Review Board 1.7.x bef ...)
 	- reviewboard <itp> (bug #653113)
-CVE-2014-5027
+CVE-2014-5027 (Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before  ...)
 	- reviewboard <itp> (bug #653113)
-CVE-2014-5026
+CVE-2014-5026 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b al ...)
 	{DSA-3007-1 DLA-40-1}
 	- cacti 0.8.8b+dfsg-7
 	NOTE: http://bugs.cacti.net/view.php?id=2456
-CVE-2014-5025
+CVE-2014-5025 (Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti  ...)
 	{DSA-3007-1 DLA-40-1}
 	- cacti 0.8.8b+dfsg-7
 	NOTE: http://bugs.cacti.net/view.php?id=2456
-CVE-2014-5024
+CVE-2014-5024 (Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell  ...)
 	NOT-FOR-US: DELL SonicWALL GMS
-CVE-2014-5015
+CVE-2014-5015 (bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD ...)
 	{DLA-490-1}
 	- bozohttpd <removed> (bug #755197)
 	[squeeze] - bozohttpd <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://cvsweb.netbsd.org/bsdweb.cgi/src/libexec/httpd/bozohttpd.c.diff?r1=1.52&r2=1.53&only_with_tag=MAIN
-CVE-2014-5009
+CVE-2014-5009 (Snoopy allows remote attackers to execute arbitrary commands.  NOTE: t ...)
 	- libphp-snoopy <not-affected> (Incorrect fix not applied)
 	NOTE: This issue exists because of an incorrect fix for CVE-2014-5008.
 	NOTE: https://github.com/cogdog/feed2js/pull/12#issuecomment-48283706
-CVE-2014-5008
+CVE-2014-5008 (Snoopy allows remote attackers to execute arbitrary commands. ...)
 	{DSA-3248-1 DLA-357-1}
 	- libphp-snoopy 2.0.0-1 (bug #778634)
 	NOTE: http://mstrokin.com/sec/feed2js-magpierss-0day-vulnerability-not-really-it-is-actually-cve-2005-3330-cve-2008-4796/
 	NOTE: This issue exists because of an incorrect fix for CVE-2008-4796 (i.e., use of escapeshellcmd where escapeshellarg was required).
-CVE-2014-5004
+CVE-2014-5004 (lib/brbackup.rb in the brbackup gem 0.1.1 for Ruby places the database ...)
 	NOT-FOR-US: Ruby Gem brbackup
-CVE-2014-5003
+CVE-2014-5003 (chef/travis-cookbooks/ci_environment/perlbrew/recipes/default.rb in th ...)
 	NOT-FOR-US: Ruby Gem ciborg
-CVE-2014-5002
+CVE-2014-5002 (The lynx gem before 1.0.0 for Ruby places the configured password on c ...)
 	NOT-FOR-US: Ruby Gem lynx
-CVE-2014-5001
+CVE-2014-5001 (lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database u ...)
 	NOT-FOR-US: Ruby Gem kcapifony
-CVE-2014-5000
+CVE-2014-5000 (The login function in lib/lawn.rb in the lawn-login gem 0.0.7 for Ruby ...)
 	NOT-FOR-US: Ruby Gem lawn-login
-CVE-2014-4999
+CVE-2014-4999 (vendor/plugins/dataset/lib/dataset/database/mysql.rb in the kajam gem  ...)
 	NOT-FOR-US: Ruby Gem kajam
-CVE-2014-4998
+CVE-2014-4998 (test/tc_database.rb in the lean-ruport gem 0.3.8 for Ruby places the m ...)
 	NOT-FOR-US: Ruby Gem lean-ruport
-CVE-2014-4997
+CVE-2014-4997 (lib/commands/setup.rb in the point-cli gem 0.0.1 for Ruby places crede ...)
 	NOT-FOR-US: Ruby Gem point-cli
-CVE-2014-4996
+CVE-2014-4996 (lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allo ...)
 	NOT-FOR-US: Ruby Gem VladTheEnterprising
-CVE-2014-4995
+CVE-2014-4995 (Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem ...)
 	NOT-FOR-US: Ruby Gem VladTheEnterprising
-CVE-2014-4994
+CVE-2014-4994 (lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users ...)
 	NOT-FOR-US: Ruby Gem gyazo
-CVE-2014-4993
+CVE-2014-4993 ((1) lib/backup/cli/utility.rb in the backup-agoddard gem 3.0.28 and (2 ...)
 	NOT-FOR-US: Ruby Gems backup-agoddard and backup_checksum
-CVE-2014-4992
+CVE-2014-4992 (lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places cr ...)
 	NOT-FOR-US: Ruby Gem cap-strap
-CVE-2014-4991
+CVE-2014-4991 ((1) lib/dataset/database/mysql.rb and (2) lib/dataset/database/postgre ...)
 	NOT-FOR-US: Ruby Gem codders-dataset
 CVE-2014-4990
 	RESERVED
@@ -13050,12 +13050,12 @@ CVE-2014-4989
 	RESERVED
 CVE-2014-4988
 	RESERVED
-CVE-2014-4987
+CVE-2014-4987 (server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x b ...)
 	- phpmyadmin 4:4.2.6-1 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php
-CVE-2014-4986
+CVE-2014-4986 (Multiple cross-site scripting (XSS) vulnerabilities in js/functions.js ...)
 	- phpmyadmin 4:4.2.6-1 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
@@ -13070,37 +13070,37 @@ CVE-2014-4982
 	RESERVED
 CVE-2014-4981
 	RESERVED
-CVE-2014-4980
+CVE-2014-4980 (The /server/properties resource in Tenable Web UI before 2.3.5 for Nes ...)
 	NOT-FOR-US: Tenable Web UI for Nessus
-CVE-2014-4979
+CVE-2014-4979 (Apple QuickTime allows remote attackers to execute arbitrary code or c ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-4977
+CVE-2014-4977 (Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 1 ...)
 	NOT-FOR-US: SonicWall
-CVE-2014-4976
+CVE-2014-4976 (Dell SonicWall Scrutinizer 11.0.1 allows remote authenticated users to ...)
 	NOT-FOR-US: SonicWall
-CVE-2014-5022
+CVE-2014-5022 (Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal  ...)
 	{DSA-2983-1}
 	- drupal6 <not-affected> (Only affects Drupal 7 core)
 	- drupal7 7.29-1 (bug #755038)
 	NOTE: https://www.drupal.org/SA-CORE-2014-003
-CVE-2014-5021
+CVE-2014-5021 (Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x ...)
 	{DSA-2983-1}
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	- drupal7 7.29-1 (bug #755038)
 	NOTE: https://www.drupal.org/SA-CORE-2014-003
-CVE-2014-5020
+CVE-2014-5020 (The File module in Drupal 7.x before 7.29 does not properly check perm ...)
 	{DSA-2983-1}
 	- drupal6 <not-affected> (Only affects Drupal 7 core)
 	- drupal7 7.29-1 (bug #755038)
 	NOTE: https://www.drupal.org/SA-CORE-2014-003
-CVE-2014-5019
+CVE-2014-5019 (The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 al ...)
 	{DSA-2983-1}
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	- drupal7 7.29-1 (bug #755038)
 	NOTE: https://www.drupal.org/SA-CORE-2014-003
-CVE-2014-4975
+CVE-2014-4975 (Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and e ...)
 	{DSA-3157-1 DLA-200-1}
 	- ruby1.8 <not-affected> (Vulnerable code not present in 1.8)
 	- ruby1.9.1 <removed> (low)
@@ -13108,13 +13108,13 @@ CVE-2014-4975
 	- ruby2.0 <removed> (low)
 	- ruby2.1 2.1.3-1 (low)
 	NOTE: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778
-CVE-2014-4974
+CVE-2014-4974 (The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driv ...)
 	NOT-FOR-US: ESET
-CVE-2014-4973
+CVE-2014-4973 (The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Fi ...)
 	NOT-FOR-US: ESET Personal Firewall
-CVE-2014-4972
+CVE-2014-4972 (Unrestricted file upload vulnerability in the Gravity Upload Ajax plug ...)
 	NOT-FOR-US: Gravity Upload Ajax plugin for WordPress
-CVE-2014-4971
+CVE-2014-4971 (Microsoft Windows XP SP3 does not validate addresses in certain IRP ha ...)
 	NOT-FOR-US: Microsoft Windows XP
 CVE-2014-4970
 	RESERVED
@@ -13130,21 +13130,21 @@ CVE-2014-4966
 	RESERVED
 	- ansible 1.6.8+dfsg-1
 	NOTE: https://github.com/ansible/ansible/commit/84759faa0950146a6bae8452580b4a4cede6d871
-CVE-2014-4965
+CVE-2014-4965 (Multiple cross-site scripting (XSS) vulnerabilities in Shopizer 1.1.5  ...)
 	NOT-FOR-US: Shopizer
-CVE-2014-4964
+CVE-2014-4964 (Multiple cross-site request forgery (CSRF) vulnerabilities in Shopizer ...)
 	NOT-FOR-US: Shopizer
-CVE-2014-4963
+CVE-2014-4963 (Shopizer 1.1.5 and earlier allows remote attackers to modify the accou ...)
 	NOT-FOR-US: Shopizer
-CVE-2014-4962
+CVE-2014-4962 (Shopizer 1.1.5 and earlier allows remote attackers to reduce the total ...)
 	NOT-FOR-US: Shopizer
 CVE-2014-4961
 	RESERVED
-CVE-2014-4960
+CVE-2014-4960 (Multiple SQL injection vulnerabilities in models\gallery.php in Youtub ...)
 	NOT-FOR-US: Joomla! component
-CVE-2014-4959
+CVE-2014-4959 (**DISPUTED** SQL injection vulnerability in SQLiteDatabase.java in the ...)
 	NOT-FOR-US: Disputed Android issue
-CVE-2014-4958
+CVE-2014-4958 (Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJA ...)
 	NOT-FOR-US: Telerik UI for ASP.NET AJAX RadEditor Control
 CVE-2014-4957
 	RESERVED
@@ -13154,11 +13154,11 @@ CVE-2014-4956
 	RESERVED
 	NOT-FOR-US: TR-069 Auto Configuration Servers
 	NOTE: http://mis.fortunecook.ie/misfortune-cookie-tr069-protection-whitepaper.pdf
-CVE-2014-4955
+CVE-2014-4955 (Cross-site scripting (XSS) vulnerability in the PMA_TRI_getRowForList  ...)
 	- phpmyadmin 4:4.2.6-1 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-4954
+CVE-2014-4954 (Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLi ...)
 	- phpmyadmin 4:4.2.6-1
 	[squeeze] - phpmyadmin <not-affected> (libraries/structure.lib.php not present)
 	[wheezy] - phpmyadmin <not-affected> (libraries/structure.lib.php not present)
@@ -13172,11 +13172,11 @@ CVE-2014-4950
 	REJECTED
 CVE-2014-4949
 	REJECTED
-CVE-2014-4948
+CVE-2014-4948 (Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and e ...)
 	NOT-FOR-US: Citrix XenServer
-CVE-2014-4947
+CVE-2014-4947 (Buffer overflow in the HVM graphics console support in Citrix XenServe ...)
 	NOT-FOR-US: Citrix XenServer
-CVE-2014-4946
+CVE-2014-4946 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet  ...)
 	- php-horde-imp 6.2.0-1
 	- horde3 <removed>
 	[squeeze] - horde3 <not-affected>
@@ -13184,32 +13184,32 @@ CVE-2014-4946
 	NOTE: https://github.com/horde/horde/commit/578ff073724d9c179663098d8ff0076e8b361cfb
 	NOTE: https://github.com/horde/horde/commit/2f1f4b10dec90fb67797ea80be0e029ead90f168
 	NOTE: The bugs are in javascript files that do not exist in the version in Squeeze.
-CVE-2014-4945
+CVE-2014-4945 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet  ...)
 	- php-horde-imp 6.2.0-1
 	- horde3 <removed>
 	[squeeze] - horde3 <not-affected>
 	NOTE: Upstream patch: https://github.com/horde/horde/commit/71633e649afc0704b72098a6e2530377dd67eb0c
 	NOTE: The bug is in PHP template file that does not exist in the version in Squeeze.
-CVE-2014-4944
+CVE-2014-4944 (Multiple SQL injection vulnerabilities in inc/bsk-pdf-dashboard.php in ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4943
+CVE-2014-4943 (The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel throug ...)
 	{DSA-2992-1 DLA-103-1}
 	- linux 3.14.13-1
 	- linux-2.6 <removed>
 	NOTE: upstream commit: https://git.kernel.org/linus/3cf521f7dc87c031617fd47e4b7aa2593c2f3daf
-CVE-2014-4942
+CVE-2014-4942 (The EasyCart (wp-easycart) plugin before 2.0.6 for WordPress allows re ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4941
+CVE-2014-4941 (Absolute path traversal vulnerability in Cross-RSS (wp-cross-rss) plug ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4940
+CVE-2014-4940 (Multiple directory traversal vulnerabilities in Tera Charts (tera-char ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4939
+CVE-2014-4939 (SQL injection vulnerability in the ENL Newsletter (enl-newsletter) plu ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4938
+CVE-2014-4938 (SQL injection vulnerability in the WP Rss Poster (wp-rss-poster) plugi ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4937
+CVE-2014-4937 (Directory traversal vulnerability in includes/bookx_export.php BookX p ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4936
+CVE-2014-4936 (The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer ...)
 	NOT-FOR-US: Malwarebytes
 CVE-2014-4935
 	RESERVED
@@ -13217,22 +13217,22 @@ CVE-2014-4934
 	RESERVED
 CVE-2014-4933
 	RESERVED
-CVE-2014-4932
+CVE-2014-4932 (Cross-site scripting (XSS) vulnerability in the Wordfence Security plu ...)
 	NOT-FOR-US: Wordfence Security plugin for WordPress
 CVE-2014-4931
 	RESERVED
-CVE-2014-4930
+CVE-2014-4930 (Multiple cross-site scripting (XSS) vulnerabilities in event/index2.do ...)
 	NOT-FOR-US: ManageEngine EventLog Analyzer
-CVE-2014-4929
+CVE-2014-4929 (Directory traversal vulnerability in the routing component in ownCloud ...)
 	- owncloud 6.0.4~beta1+dfsg-1
 	NOTE: https://github.com/owncloud/security-advisories/blob/master/server/oc-sa-2014-018.json
-CVE-2014-4928
+CVE-2014-4928 (SQL injection vulnerability in Invision Power Board (aka IPB or IP.Boa ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2014-4927
+CVE-2014-4927 (Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DS ...)
 	NOT-FOR-US: ACME micro_httpd
 CVE-2014-4926
 	RESERVED
-CVE-2014-4925
+CVE-2014-4925 (Cross-site scripting (XSS) vulnerability in Good for Enterprise for An ...)
 	NOT-FOR-US: Good for Enterprise for Android
 CVE-2014-4924
 	RESERVED
@@ -13244,7 +13244,7 @@ CVE-2014-4921
 	RESERVED
 CVE-2014-4920
 	RESERVED
-CVE-2014-4919
+CVE-2014-4919 (OXID eShop Professional Edition before 4.7.13 and 4.8.x before 4.8.7,  ...)
 	NOT-FOR-US: OXID eShop
 CVE-2014-4918
 	RESERVED
@@ -13260,102 +13260,102 @@ CVE-2014-4916
 	NOTE: http://mis.fortunecook.ie/misfortune-cookie-tr069-protection-whitepaper.pdf
 CVE-2014-4915
 	RESERVED
-CVE-2014-4912
+CVE-2014-4912 (An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to ...)
 	NOT-FOR-US: Frog CMS
-CVE-2014-4906
+CVE-2014-4906 (The Brisbane &amp; Queensland Alert (aka com.queensland.alert) applica ...)
 	NOT-FOR-US: Brisbane & Queensland Alert (aka com.queensland.alert) application for Android
-CVE-2014-4905
+CVE-2014-4905 (The Clean Internet Browser (aka com.cleantab.browsesecure) application ...)
 	NOT-FOR-US: Clean Internet Browser (aka com.cleantab.browsesecure) application for Android
-CVE-2014-4904
+CVE-2014-4904 (The Crossmo Calendar (aka com.crossmo.calendar) application 1.7.1 for  ...)
 	NOT-FOR-US: Crossmo Calendar (aka com.crossmo.calendar) application for Android
-CVE-2014-4903
+CVE-2014-4903 (The Kakao Bingo Garden (aka com.mocoga.bingogarden) application 1.0.14 ...)
 	NOT-FOR-US: Kakao Bingo Garden (aka com.mocoga.bingogarden) application for Android
 CVE-2014-4902
 	RESERVED
-CVE-2014-4901
+CVE-2014-4901 (The Bond Trading (aka com.appmakr.app613309) application 197705 for An ...)
 	NOT-FOR-US: Bond Trading (aka com.appmakr.app613309) application for Android
-CVE-2014-4900
+CVE-2014-4900 (The migme (aka com.projectgoth) application 4.03.002 for Android does  ...)
 	NOT-FOR-US: migme (aka com.projectgoth) application for Android
-CVE-2014-4899
+CVE-2014-4899 (The Indian Cement Review (aka com.magzter.indiancementreview) applicat ...)
 	NOT-FOR-US: Indian Cement Review (aka com.magzter.indiancementreview) application for Android
-CVE-2014-4898
+CVE-2014-4898 (The Harivijay (aka com.upasanhar.marathi.harivijay) application 4.0 fo ...)
 	NOT-FOR-US: Harivijay (aka com.upasanhar.marathi.harivijay) application for Android
-CVE-2014-4897
+CVE-2014-4897 (The Touriosity Travelmag (aka com.magzter.touriositytravelmag) applica ...)
 	NOT-FOR-US: Touriosity Travelmag (aka com.magzter.touriositytravelmag) application for Android
-CVE-2014-4896
+CVE-2014-4896 (The Parque Imperial (aka com.a792139893520606f84b2188a.a23428594a) app ...)
 	NOT-FOR-US: Parque Imperial (aka com.a792139893520606f84b2188a.a23428594a) application for Android
-CVE-2014-4895
+CVE-2014-4895 (The Herpin Time Radio (aka com.herpin.time.radio) application 2.0 for  ...)
 	NOT-FOR-US: Herpin Time Radio (aka com.herpin.time.radio) application for Android
-CVE-2014-4894
+CVE-2014-4894 (The MyMetro (aka com.myrippleapps.mymetro) application 2.4.7 for Andro ...)
 	NOT-FOR-US: MyMetro (aka com.myrippleapps.mymetro) application for Android
 CVE-2014-4893
 	RESERVED
-CVE-2014-4892
+CVE-2014-4892 (The uControl Smart Home Automation (aka de.ucontrol) application 1.2 f ...)
 	NOT-FOR-US: uControl Smart Home Automation (aka de.ucontrol) application for Android
-CVE-2014-4891
+CVE-2014-4891 (The CT iHub (aka com.concursive.ctihub) application 1 for Android does ...)
 	NOT-FOR-US: CT iHub (aka com.concursive.ctihub) application for Android
-CVE-2014-4890
+CVE-2014-4890 (The Nano Digest (aka com.magzter.nanodigest) application 3.0 for Andro ...)
 	NOT-FOR-US: Nano Digest (aka com.magzter.nanodigest) application for Android
-CVE-2014-4889
+CVE-2014-4889 (The Diabetic Diet Guide (aka com.wDiabeticDietGuide) application 2.1 f ...)
 	NOT-FOR-US: Diabetic Diet Guide (aka com.wDiabeticDietGuide) application for Android
-CVE-2014-4888
+CVE-2014-4888 (The BattleFriends at Sea GOLD (aka com.tequilamobile.warshipslivegold) ...)
 	NOT-FOR-US: BattleFriends at Sea GOLD (aka com.tequilamobile.warshipslivegold) application for Android
-CVE-2014-4887
+CVE-2014-4887 (The Joint Radio Blues (aka com.nobexinc.wls_69685189.rc) application 3 ...)
 	NOT-FOR-US: Joint Radio Blues (aka com.nobexinc.wls_69685189.rc) application for Android
 CVE-2014-4886
 	RESERVED
-CVE-2014-4885
+CVE-2014-4885 (The CPWORLD Close Protection World (aka com.tapatalk.closeprotectionwo ...)
 	NOT-FOR-US: CPWORLD Close Protection World (aka com.tapatalk.closeprotectionworldcom) application for Android
-CVE-2014-4884
+CVE-2014-4884 (The Conrad Hotel (aka com.wConradHotel) application 0.1 for Android do ...)
 	NOT-FOR-US: Conrad Hotel (aka com.wConradHotel) application for Android
-CVE-2014-4883
+CVE-2014-4883 (resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in  ...)
 	- xen <not-affected> (LWIP DNS code not present in Xen Debian packages)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1169008
-CVE-2014-4882
+CVE-2014-4882 (Aptexx Resident Anywhere does not require authentication, which allows ...)
 	NOT-FOR-US: Aptexx Resident Anywhere
-CVE-2014-4881
+CVE-2014-4881 (The PartyTrack library for Android does not verify X.509 certificates  ...)
 	NOT-FOR-US: PartyTrack library for Android
-CVE-2014-4880
+CVE-2014-4880 (Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, ...)
 	NOT-FOR-US: Hikvision DVR
 CVE-2014-4879
 	RESERVED
 CVE-2014-4878
 	RESERVED
-CVE-2014-4877
+CVE-2014-4877 (Absolute path traversal vulnerability in GNU Wget before 1.16, when re ...)
 	{DSA-3062-1 DLA-82-1}
 	- wget 1.16-1 (bug #766981)
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7
-CVE-2014-4876
+CVE-2014-4876 (Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical n ...)
 	NOT-FOR-US: Toshiba
-CVE-2014-4875
+CVE-2014-4875 (CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6. ...)
 	NOT-FOR-US: CreateBossCredentials.jar in Toshiba CHEC
-CVE-2014-4874
+CVE-2014-4874 (BMC Track-It! 11.3.0.355 allows remote authenticated users to read arb ...)
 	NOT-FOR-US: BMC Track-It!
-CVE-2014-4873
+CVE-2014-4873 (SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It ...)
 	NOT-FOR-US: BMC Track-It!
-CVE-2014-4872
+CVE-2014-4872 (BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9 ...)
 	NOT-FOR-US: BMC Track-It!
-CVE-2014-4871
+CVE-2014-4871 (Cross-site scripting (XSS) vulnerability in wlsecurity.html on NetComm ...)
 	NOT-FOR-US: NetCommWireless NB604N routers
-CVE-2014-4870
+CVE-2014-4870 (/opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade V ...)
 	NOT-FOR-US: Brocade Vyatta
-CVE-2014-4869
+CVE-2014-4869 (The Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows att ...)
 	NOT-FOR-US: Brocade Vyatta
-CVE-2014-4868
+CVE-2014-4868 (The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6 ...)
 	NOT-FOR-US: Brocade Vyatta
-CVE-2014-4867
+CVE-2014-4867 (Cryoserver Security Appliance 7.3.x uses weak permissions for /etc/ini ...)
 	NOT-FOR-US: Cryoserver
 CVE-2014-4866
 	RESERVED
-CVE-2014-4865
+CVE-2014-4865 (Cross-site request forgery (CSRF) vulnerability in gui/password-wadmin ...)
 	NOT-FOR-US: CacheGuard-OS
-CVE-2014-4864
+CVE-2014-4864 (The NETGEAR ProSafe Plus Configuration Utility creates configuration b ...)
 	NOT-FOR-US: NETGEAR ProSafe Plus Configuration Utility
-CVE-2014-4863
+CVE-2014-4863 (The Arris Touchstone DG950A cable modem with software 7.10.131 has an  ...)
 	NOT-FOR-US: Arris Touchstone DG950A cable modem
-CVE-2014-4862
+CVE-2014-4862 (The Netmaster CBW700N cable modem with software 81.447.392110.729.024  ...)
 	NOT-FOR-US: Netmaster CBW700N cable modem
-CVE-2014-4861
+CVE-2014-4861 (The Remote Desktop Launcher in Thycotic Secret Server before 8.6.00001 ...)
 	NOT-FOR-US: Remote Desktop Launcher in Thycotic Secret Server
 CVE-2014-4860
 	RESERVED
@@ -13365,121 +13365,121 @@ CVE-2014-4859
 	RESERVED
 	- edk2 <not-affected> (No support for updates of hypervisor-supplied firmware from guests)
 	NOTE: https://www.mitre.org/sites/default/files/publications/14-2221-extreme-escalation-presentation.pdf
-CVE-2014-4858
+CVE-2014-4858 (Multiple SQL injection vulnerabilities in CWPLogin.aspx in Sabre AirCe ...)
 	NOT-FOR-US: Sabre AirCenter Crew
-CVE-2014-4857
+CVE-2014-4857 (Cross-site scripting (XSS) vulnerability in Gurock TestRail before 3.1 ...)
 	NOT-FOR-US: Gurock TestRail
-CVE-2014-4856
+CVE-2014-4856 (Cross-site scripting (XSS) vulnerability in the Polldaddy Polls &amp;  ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4855
+CVE-2014-4855 (Cross-site scripting (XSS) vulnerability in the Polylang plugin before ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4854
+CVE-2014-4854 (Cross-site scripting (XSS) vulnerability in the WP Construction Mode p ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4853
+CVE-2014-4853 (Cross-site scripting (XSS) vulnerability in odm-init.php in OpenDocMan ...)
 	NOT-FOR-US: OpenDocMan
-CVE-2014-4852
+CVE-2014-4852 (SQL injection vulnerability in admin/uploads.php in The Digital Craft  ...)
 	NOT-FOR-US: AtomCMS
-CVE-2014-4851
+CVE-2014-4851 (Open redirect vulnerability in msg.php in FoeCMS allows remote attacke ...)
 	NOT-FOR-US: FoeCMS
-CVE-2014-4850
+CVE-2014-4850 (SQL injection vulnerability in index.php in FoeCMS allows remote attac ...)
 	NOT-FOR-US: FoeCMS
-CVE-2014-4849
+CVE-2014-4849 (Multiple cross-site scripting (XSS) vulnerabilities in msg.php in FoeC ...)
 	NOT-FOR-US: FoeCMS
-CVE-2014-4848
+CVE-2014-4848 (Cross-site scripting (XSS) vulnerability in the Blogstand Banner (blog ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4847
+CVE-2014-4847 (Cross-site scripting (XSS) vulnerability in the Random Banner plugin 1 ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4846
+CVE-2014-4846 (Cross-site scripting (XSS) vulnerability in the Meta Slider (ml-slider ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4845
+CVE-2014-4845 (Cross-site scripting (XSS) vulnerability in the BannerMan plugin 0.2.4 ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4844
+CVE-2014-4844 (The import/export functionality in IBM Business Process Manager (BPM)  ...)
 	NOT-FOR-US: IBM
-CVE-2014-4843
+CVE-2014-4843 (Curam Universal Access in IBM Curam Social Program Management (SPM) 6. ...)
 	NOT-FOR-US: IBM
 CVE-2014-4842
 	RESERVED
 CVE-2014-4841
 	RESERVED
-CVE-2014-4840
+CVE-2014-4840 (IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 bef ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2014-4839
+CVE-2014-4839 (Cross-site request forgery (CSRF) vulnerability in birtviewer.query in ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2014-4838
+CVE-2014-4838 (Cross-site scripting (XSS) vulnerability in GanttProjectSchedulerPopup ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2014-4837
+CVE-2014-4837 (Cross-site scripting (XSS) vulnerability in NewDocument.jsp in IBM TRI ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2014-4836
+CVE-2014-4836 (Cross-site scripting (XSS) vulnerability in breakOutWithName.jsp in IB ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2014-4835
+CVE-2014-4835 (IBM ServerGuide before 9.63, UpdateXpress System Packs Installer (UXSP ...)
 	NOT-FOR-US: IBM
-CVE-2014-4834
+CVE-2014-4834 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.8 do ...)
 	NOT-FOR-US: IBM
-CVE-2014-4833
+CVE-2014-4833 (IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4832
+CVE-2014-4832 (IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch  ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4831
+CVE-2014-4831 (IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch  ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4830
+CVE-2014-4830 (IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not incl ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4829
+CVE-2014-4829 (Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar ...)
 	NOT-FOR-US: IBM Security QRadar
-CVE-2014-4828
+CVE-2014-4828 (IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4827
+CVE-2014-4827 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM Q ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4826
+CVE-2014-4826 (IBM Security QRadar SIEM 7.2 before 7.2.3 Patch 1 does not properly ha ...)
 	NOT-FOR-US: IBM Security QRadar
-CVE-2014-4825
+CVE-2014-4825 (IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not prop ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-4824
+CVE-2014-4824 (SQL injection vulnerability in IBM Security QRadar SIEM 7.2 before 7.2 ...)
 	NOT-FOR-US: IBM Security QRadar
-CVE-2014-4823
+CVE-2014-4823 (The administration console in IBM Security Access Manager for Web 7.x  ...)
 	NOT-FOR-US: IBM Security Access Manager
-CVE-2014-4822
+CVE-2014-4822 (IBM WebSphere MQ classes for Java libraries 8.0 before 8.0.0.1 and Web ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2014-4821
+CVE-2014-4821 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-4820
+CVE-2014-4820 (Cross-site scripting (XSS) vulnerability in IBM Integration Bus Manufa ...)
 	NOT-FOR-US: IBM
-CVE-2014-4819
+CVE-2014-4819 (The web user interface in IBM WebSphere Message Broker 8.0 before 8.0. ...)
 	NOT-FOR-US: IBM
-CVE-2014-4818
+CVE-2014-4818 (dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4.x, 5.5.x, ...)
 	NOT-FOR-US: IBM
-CVE-2014-4817
+CVE-2014-4817 (The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3. ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2014-4816
+CVE-2014-4816 (Cross-site request forgery (CSRF) vulnerability in the Administrative  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-4815
+CVE-2014-4815 (Session fixation vulnerability in IBM Rational Lifecycle Integration A ...)
 	NOT-FOR-US: IBM
-CVE-2014-4814
+CVE-2014-4814 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-4813
+CVE-2014-4813 (Race condition in the client in IBM Tivoli Storage Manager (TSM) 5.4.0 ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
-CVE-2014-4812
+CVE-2014-4812 (The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 ...)
 	NOT-FOR-US: IBM Security AppScan Source
-CVE-2014-4811
+CVE-2014-4811 (IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Control ...)
 	NOT-FOR-US: IBM
-CVE-2014-4810
+CVE-2014-4810 (IBM Cognos Mobile 10.1.1 before FP3 IF1, 10.2.0 before FP2 IF1, and 10 ...)
 	NOT-FOR-US: IBM
-CVE-2014-4809
+CVE-2014-4809 (The WebSEAL component in IBM Security Access Manager for Web 7.x befor ...)
 	NOT-FOR-US: IBM Security Access Manager
-CVE-2014-4808
+CVE-2014-4808 (Unspecified vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0. ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-4807
+CVE-2014-4807 (Sterling Order Management in IBM Sterling Selling and Fulfillment Suit ...)
 	NOT-FOR-US: IBM Sterling Selling
-CVE-2014-4806
+CVE-2014-4806 (The installation process in IBM Security AppScan Enterprise 8.x before ...)
 	NOT-FOR-US: IBM
-CVE-2014-4805
+CVE-2014-4805 (IBM DB2 10.5 before FP4 on Linux and AIX creates temporary files durin ...)
 	NOT-FOR-US: IBM DB2
-CVE-2014-4804
+CVE-2014-4804 (Curam Universal Access in IBM Curam Social Program Management 5.2 befo ...)
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-4803
+CVE-2014-4803 (CRLF injection vulnerability in the Universal Access implementation in ...)
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-4802
+CVE-2014-4802 (The Saved Search Admin component in the Process Admin Console in IBM B ...)
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2014-4801
+CVE-2014-4801 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manag ...)
 	NOT-FOR-US: IBM
 CVE-2014-4800
 	RESERVED
@@ -13495,81 +13495,81 @@ CVE-2014-4795
 	RESERVED
 CVE-2014-4794
 	RESERVED
-CVE-2014-4793
+CVE-2014-4793 (IBM WebSphere MQ 8.x before 8.0.0.1 does not properly enforce CHLAUTH  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-4792
+CVE-2014-4792 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM
 CVE-2014-4791
 	RESERVED
-CVE-2014-4790
+CVE-2014-4790 (IBM Emptoris Sourcing Portfolio 9.5.x before 9.5.1.3, 10.0.0.x before  ...)
 	NOT-FOR-US: IBM Emptoris Sourcing Portfolio
-CVE-2014-4789
+CVE-2014-4789 (Session fixation vulnerability in IBM Initiate Master Data Service 9.5 ...)
 	NOT-FOR-US: IBM
-CVE-2014-4788
+CVE-2014-4788 (IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7 ...)
 	NOT-FOR-US: IBM
-CVE-2014-4787
+CVE-2014-4787 (Cross-site scripting (XSS) vulnerability in IBM Initiate Master Data S ...)
 	NOT-FOR-US: IBM
-CVE-2014-4786
+CVE-2014-4786 (IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7 ...)
 	NOT-FOR-US: IBM
-CVE-2014-4785
+CVE-2014-4785 (Cross-site request forgery (CSRF) vulnerability in IBM Initiate Master ...)
 	NOT-FOR-US: IBM
-CVE-2014-4784
+CVE-2014-4784 (IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7 ...)
 	NOT-FOR-US: IBM
-CVE-2014-4783
+CVE-2014-4783 (Cross-site request forgery (CSRF) vulnerability in IBM Initiate Master ...)
 	NOT-FOR-US: IBM
-CVE-2014-4782
+CVE-2014-4782 (IBM InfoSphere BigInsights 2.1.2 allows remote authenticated users to  ...)
 	NOT-FOR-US: IBM
-CVE-2014-4781
+CVE-2014-4781 (The alert module in IBM InfoSphere BigInsights 2.1.2 and 3.x before 3. ...)
 	NOT-FOR-US: IBM InfoSphere BigInsights
 CVE-2014-4780
 	RESERVED
 CVE-2014-4779
 	RESERVED
-CVE-2014-4778
+CVE-2014-4778 (IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Soft ...)
 	NOT-FOR-US: IBM
 CVE-2014-4777
 	RESERVED
-CVE-2014-4776
+CVE-2014-4776 (IBM License Metric Tool 9 before 9.1.0.2 does not have an off autocomp ...)
 	NOT-FOR-US: IBM
-CVE-2014-4775
+CVE-2014-4775 (IBM InfoSphere Master Data Management - Collaborative Edition 10.x bef ...)
 	NOT-FOR-US: IBM
-CVE-2014-4774
+CVE-2014-4774 (Cross-site request forgery (CSRF) vulnerability in the login page in I ...)
 	NOT-FOR-US: IBM
 CVE-2014-4773
 	RESERVED
 CVE-2014-4772
 	RESERVED
-CVE-2014-4771
+CVE-2014-4771 (IBM WebSphere MQ 7.0.1 before 7.0.1.13, 7.1 before 7.1.0.6, 7.5 before ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2014-4770
+CVE-2014-4770 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-4769
+CVE-2014-4769 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.8 al ...)
 	NOT-FOR-US: IBM
-CVE-2014-4768
+CVE-2014-4768 (IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X ...)
 	NOT-FOR-US: IBM
-CVE-2014-4767
+CVE-2014-4767 (IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before 8. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-4766
+CVE-2014-4766 (IBM Sametime Classic Meeting Server 8.0.x and 8.5.x allows remote atta ...)
 	NOT-FOR-US: IBM Sametime Classic Meeting Server
-CVE-2014-4765
+CVE-2014-4765 (IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5 through 7.5.0 ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-4764
+CVE-2014-4764 (IBM WebSphere Application Server (WAS) 8.0.x before 8.0.0.10 and 8.5.x ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-4763
+CVE-2014-4763 (Cross-site scripting (XSS) vulnerability in Content Navigator in Conte ...)
 	NOT-FOR-US: IBM
-CVE-2014-4762
+CVE-2014-4762 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
 	NOT-FOR-US: IBM
-CVE-2014-4761
+CVE-2014-4761 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-4760
+CVE-2014-4760 (Open redirect vulnerability in IBM WebSphere Portal 6.1.0.0 through 6. ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-4759
+CVE-2014-4759 (An unspecified Ajax service in the Content Management toolkit in IBM B ...)
 	NOT-FOR-US: IBM
-CVE-2014-4758
+CVE-2014-4758 (IBM Business Process Manager (BPM) 7.5.x through 8.5.5 and WebSphere L ...)
 	NOT-FOR-US: IBM
-CVE-2014-4757
+CVE-2014-4757 (The Outlook Extension in IBM Content Collector 4.0.0.x before 4.0.0.0- ...)
 	NOT-FOR-US: IBM Content Collector
-CVE-2014-4756
+CVE-2014-4756 (The Administration and Reporting Tool in IBM Rational License Key Serv ...)
 	NOT-FOR-US: IBM
 CVE-2014-4755
 	RESERVED
@@ -13577,47 +13577,47 @@ CVE-2014-4754
 	RESERVED
 CVE-2014-4753
 	RESERVED
-CVE-2014-4752
+CVE-2014-4752 (IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, a ...)
 	NOT-FOR-US: IBM
-CVE-2014-4751
+CVE-2014-4751 (Cross-site scripting (XSS) vulnerability in IBM Security Access Manage ...)
 	NOT-FOR-US: IBM Security Access Manager
-CVE-2014-4750
+CVE-2014-4750 (IBM PowerVC Express Edition 1.2.0 before FixPack3 establishes an FTP s ...)
 	NOT-FOR-US: IBM
-CVE-2014-4749
+CVE-2014-4749 (IBM PowerVC 1.2.0 before FixPack3 does not properly use the known_host ...)
 	NOT-FOR-US: IBM
-CVE-2014-4748
+CVE-2014-4748 (Cross-site scripting (XSS) vulnerability in the Classic Meeting Server ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2014-4747
+CVE-2014-4747 (The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows  ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2014-4746
+CVE-2014-4746 (IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF13 and 8.5.0 through CF01  ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2014-4745
 	RESERVED
-CVE-2014-4744
+CVE-2014-4744 (Multiple cross-site scripting (XSS) vulnerabilities in osTicket before ...)
 	NOT-FOR-US: osTicket
-CVE-2014-4743
+CVE-2014-4743 (Multiple cross-site scripting (XSS) vulnerabilities in (1) search_ajax ...)
 	NOT-FOR-US: Kajona module
-CVE-2014-4742
+CVE-2014-4742 (Cross-site scripting (XSS) vulnerability in system/class_link.php in t ...)
 	NOT-FOR-US: Kajona module
-CVE-2014-4741
+CVE-2014-4741 (SQL injection vulnerability in demo/ads.php in Artifectx xClassified 1 ...)
 	NOT-FOR-US: Artifectx xClassified
 CVE-2014-4740
 	REJECTED
 CVE-2014-4739
 	RESERVED
-CVE-2014-4738
+CVE-2014-4738 (Multiple cross-site scripting (XSS) vulnerabilities in FortiGuard Fort ...)
 	NOT-FOR-US: FortiGuard FortiWeb
-CVE-2014-4737
+CVE-2014-4737 (Cross-site scripting (XSS) vulnerability in Textpattern CMS before 4.5 ...)
 	- textpattern <removed>
 	[squeeze] - textpattern <no-dsa> (Vulnerability is in setup.php, which becomes inaccessible after installation)
 	NOTE: https://github.com/textpattern/textpattern/commit/1206c7d84949a58cd0a2bc4a91ee53a0c8d4daf6
 	NOTE: is likely the commit fixing the issue. But it does more than the
 	NOTE: strict minimum.
-CVE-2014-4736
+CVE-2014-4736 (SQL injection vulnerability in E2 before 2.4 (2845) allows remote atta ...)
 	NOT-FOR-US: E2
-CVE-2014-4735
+CVE-2014-4735 (Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier a ...)
 	NOT-FOR-US: MyWebSQL
-CVE-2014-4734
+CVE-2014-4734 (Cross-site scripting (XSS) vulnerability in e107_admin/db.php in e107  ...)
 	NOT-FOR-US: e107
 CVE-2014-4733
 	RESERVED
@@ -13629,38 +13629,38 @@ CVE-2014-4730
 	RESERVED
 CVE-2014-4729
 	RESERVED
-CVE-2014-4728
+CVE-2014-4728 (The web server in the TP-LINK N750 Wireless Dual Band Gigabit Router ( ...)
 	NOT-FOR-US: TP-Link
-CVE-2014-4727
+CVE-2014-4727 (Cross-site scripting (XSS) vulnerability in the DHCP clients page in t ...)
 	NOT-FOR-US: TP-Link
-CVE-2014-4726
+CVE-2014-4726 (Unspecified vulnerability in the MailPoet Newsletters (wysija-newslett ...)
 	NOT-FOR-US: wysija-newsletters
-CVE-2014-4725
+CVE-2014-4725 (The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for  ...)
 	NOT-FOR-US: wysija-newsletters
-CVE-2014-4978
+CVE-2014-4978 (The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio  ...)
 	- rawstudio <removed> (low; bug #754899)
 	[wheezy] - rawstudio <no-dsa> (Minor issue)
 	[squeeze] - rawstudio <not-affected> (Vulnerable code not present)
-CVE-2014-5119
+CVE-2014-5119 (Off-by-one error in the __gconv_translit_find function in gconv_trans. ...)
 	{DSA-3012-1 DLA-43-1}
 	- glibc 2.19-10 (medium)
 	- eglibc <removed> (medium)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/07/14/2
 	NOTE: http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html
-CVE-2014-4909
+CVE-2014-4909 (Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bit ...)
 	{DSA-2988-1}
 	- transmission 2.84-0.1 (bug #755985)
 	[squeeze] - transmission <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.transmissionbt.com/wiki/Changes#version-2.84
 	NOTE: PoC: http://web.archive.org/web/20140815000641/http://inertiawar.com:80/submission.go
-CVE-2014-4723
+CVE-2014-4723 (Cross-site scripting (XSS) vulnerability in the Easy Banners plugin 1. ...)
 	NOT-FOR-US: WordPress plugin Easy Banners
-CVE-2014-4724
+CVE-2014-4724 (Cross-site scripting (XSS) vulnerability in the Custom Banners plugin  ...)
 	NOT-FOR-US: WordPress plugin Custom Banners
-CVE-2014-4722
+CVE-2014-4722 (Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports ...)
 	- ocsinventory-server <unfixed> (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2014-4914
+CVE-2014-4914 (The Zend_Db_Select::order function in Zend Framework before 1.12.7 doe ...)
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.7-0.1 (bug #754201)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-04
@@ -13669,28 +13669,28 @@ CVE-2014-4913 [ZF2014-03: Potential XSS vector in multiple view helpers]
 	RESERVED
 	- zendframework <not-affected> (Vulnerable code not present, only affects ZF2)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-03
-CVE-2014-4911
+CVE-2014-4911 (The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1 ...)
 	{DSA-2981-1 DLA-36-1}
 	- polarssl 1.3.7-2.1 (bug #754655)
 	[squeeze] - polarssl 1.2.9-1~deb6u2
 	NOTE: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-02
 	NOTE: commit for 1.3.x branch: https://github.com/polarssl/polarssl/commit/0bcc4e1df78fff6d15c3ecb521e3bd0bbee86e1c
 	NOTE: commit for 1.2.x branch: https://github.com/polarssl/polarssl/commit/5bad6afd8c72b2c3a6574dff01ca5f8f2f04800a
-CVE-2014-4910
+CVE-2014-4910 (Directory traversal vulnerability in tools/backlight_helper.c in X.Org ...)
 	- xserver-xorg-video-intel <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.x.org/archives/xorg-commit/2014-July/036840.html
 	NOTE: only experimental, and xf86-video-intel-backlight-helper not installed setuid in Debian
-CVE-2014-4720
+CVE-2014-4720 (Email::Address module before 1.904 for Perl uses an inefficient regula ...)
 	{DSA-2969-1}
 	- libemail-address-perl 1.905-1
 	[squeeze] - libemail-address-perl 1.889-2+deb6u1
-CVE-2014-4719
+CVE-2014-4719 (Cross-site scripting (XSS) vulnerability in the login panel (svn/login ...)
 	NOT-FOR-US: User-Friendly SVN
-CVE-2014-4718
+CVE-2014-4718 (Multiple cross-site request forgery (CSRF) vulnerabilities in Lunar CM ...)
 	NOT-FOR-US: Lunar CMS
-CVE-2014-4717
+CVE-2014-4717 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Simp ...)
 	NOT-FOR-US: WordPress plugin simple-share-buttons-adder
-CVE-2014-4716
+CVE-2014-4716 (Cross-site request forgery (CSRF) vulnerability in Thomson TWG87OUIR a ...)
 	NOT-FOR-US: Thomson TWG87OUIR
 CVE-2014-4714
 	REJECTED
@@ -13700,17 +13700,17 @@ CVE-2014-4712
 	RESERVED
 CVE-2014-4711
 	RESERVED
-CVE-2014-4710
+CVE-2014-4710 (Cross-site scripting (XSS) vulnerability in zero_user_account.php in Z ...)
 	NOT-FOR-US: ZeroCMS
 CVE-2014-4709
 	RESERVED
 CVE-2014-4708
 	RESERVED
-CVE-2014-4707
+CVE-2014-4707 (Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100 ...)
 	NOT-FOR-US: Huawei
-CVE-2014-4706
+CVE-2014-4706 (Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 wi ...)
 	NOT-FOR-US: Huawei
-CVE-2014-4705
+CVE-2014-4705 (Multiple heap-based buffer overflows in the eSap software platform in  ...)
 	NOT-FOR-US: eSap
 CVE-2014-4704
 	RESERVED
@@ -13718,66 +13718,66 @@ CVE-2014-XXXX [Quassel: /var/lib/quassel/quasselCert.pem world-readable]
 	- quassel 0.10.0-2 (low)
 	[wheezy] - quassel 0.8.0-1+deb7u2
 	[squeeze] - quassel <no-dsa> (Minor issue)
-CVE-2014-4908
+CVE-2014-4908 (Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios thro ...)
 	- pnp4nagios 0.6.24+dfsg1-1 (low)
 	[wheezy] - pnp4nagios <no-dsa> (Minor issue)
 	NOTE: https://github.com/lingej/pnp4nagios/commit/cb925073edeeb97eb4ce61a86cdafccc9b87f9bb
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=516078
 	NOTE: https://github.com/lingej/pnp4nagios/commit/e4a19768a5c5e5b1276caf3dd5bb721a540ec014
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=516140
-CVE-2014-4907
+CVE-2014-4907 (Cross-site scripting (XSS) vulnerability in share/pnp/application/view ...)
 	- pnp4nagios 0.6.24+dfsg1-1 (low)
 	[wheezy] - pnp4nagios <no-dsa> (Minor issue)
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=51607
 	NOTE: http://sourceforge.net/p/pnp4nagios/code/ci/f846a6c9d007ca2bee05359af747619151195fc9/
-CVE-2014-4715
+CVE-2014-4715 (Yann Collet LZ4 before r119, when used on certain 32-bit platforms tha ...)
 	- lz4 0.0~r119-1
 	NOTE: https://code.google.com/p/lz4/issues/detail?id=134
 	NOTE: https://code.google.com/p/lz4/source/detail?r=119
-CVE-2014-4700
+CVE-2014-4700 (Citrix XenDesktop 7.x, 5.x, and 4.x, when pooled random desktop groups ...)
 	NOT-FOR-US: Citrix XenDesktop
-CVE-2014-4699
+CVE-2014-4699 (The Linux kernel before 3.15.4 on Intel processors does not properly r ...)
 	{DSA-2972-1 DLA-0015-1}
 	- linux 3.14.10-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a
-CVE-2014-4698
+CVE-2014-4698 (Use-after-free vulnerability in ext/spl/spl_array.c in the SPL compone ...)
 	- php5 5.6.0~rc3+dfsg-1 (unimportant)
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=22882a9d89712ff2b6ebc20a689a89452bba4dcd
 	NOTE: https://bugs.php.net/bug.php?id=67539
 	NOTE: exploitable by malicious scripts only
 CVE-2014-4697
 	RESERVED
-CVE-2014-4696
+CVE-2014-4696 (Multiple open redirect vulnerabilities in the Suricata package before  ...)
 	NOT-FOR-US: pfSense
-CVE-2014-4695
+CVE-2014-4695 (Multiple open redirect vulnerabilities in the Snort package before 3.0 ...)
 	NOT-FOR-US: pfSense
-CVE-2014-4694
+CVE-2014-4694 (Multiple cross-site scripting (XSS) vulnerabilities in suricata_select ...)
 	NOT-FOR-US: pfSense
-CVE-2014-4693
+CVE-2014-4693 (Multiple cross-site scripting (XSS) vulnerabilities in the Snort packa ...)
 	NOT-FOR-US: pfSense
-CVE-2014-4692
+CVE-2014-4692 (pfSense before 2.1.4, when HTTP is used, does not include the HTTPOnly ...)
 	NOT-FOR-US: pfSense
-CVE-2014-4691
+CVE-2014-4691 (Session fixation vulnerability in pfSense before 2.1.4 allows remote a ...)
 	NOT-FOR-US: pfSense
-CVE-2014-4690
+CVE-2014-4690 (Multiple directory traversal vulnerabilities in pfSense before 2.1.4 a ...)
 	NOT-FOR-US: pfSense
-CVE-2014-4689
+CVE-2014-4689 (Absolute path traversal vulnerability in pkg_edit.php in pfSense befor ...)
 	NOT-FOR-US: pfSense
-CVE-2014-4688
+CVE-2014-4688 (pfSense before 2.1.4 allows remote authenticated users to execute arbi ...)
 	NOT-FOR-US: pfSense
-CVE-2014-4687
+CVE-2014-4687 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense before  ...)
 	NOT-FOR-US: pfSense
-CVE-2014-4686
+CVE-2014-4686 (The Project administration application in Siemens SIMATIC WinCC before ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC
-CVE-2014-4685
+CVE-2014-4685 (Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products,  ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC
-CVE-2014-4684
+CVE-2014-4684 (The database server in Siemens SIMATIC WinCC before 7.3, as used in PC ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC
-CVE-2014-4683
+CVE-2014-4683 (The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used i ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC
-CVE-2014-4682
+CVE-2014-4682 (The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used i ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC
 CVE-2014-4681
 	RESERVED
@@ -13785,7 +13785,7 @@ CVE-2014-4680
 	RESERVED
 CVE-2014-4679
 	RESERVED
-CVE-2014-4677
+CVE-2014-4677 (The installPackage function in the installerHelper subcomponent in Lib ...)
 	NOT-FOR-US: Libmacgpg
 CVE-2014-4676
 	RESERVED
@@ -13795,80 +13795,80 @@ CVE-2014-4674
 	RESERVED
 CVE-2014-4673
 	RESERVED
-CVE-2014-4672
+CVE-2014-4672 (The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attac ...)
 	- yii-framework-php <itp> (bug #683810)
-CVE-2014-4671
+CVE-2014-4671 (Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-4670
+CVE-2014-4670 (Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL compon ...)
 	{DSA-3008-1}
 	- php5 5.6.0~rc3+dfsg-1 (unimportant)
 	NOTE: exploitable by malicious scripts only
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=df78c48354f376cf419d7a97f88ca07d572f00fb
 	NOTE: https://bugs.php.net/bug.php?id=67538
-CVE-2014-4669
+CVE-2014-4669 (HP Enterprise Maps 1.00 allows remote authenticated users to read arbi ...)
 	NOT-FOR-US: HP Enterprise Maps
 CVE-2014-4666
 	RESERVED
 CVE-2014-4665
 	RESERVED
-CVE-2014-4664
+CVE-2014-4664 (Cross-site scripting (XSS) vulnerability in the Wordfence Security plu ...)
 	NOT-FOR-US: Wordfence Security plugin for WordPress
-CVE-2014-4663
+CVE-2014-4663 (TimThumb 2.8.13 and WordThumb 1.07, when Webshot (aka Webshots) is ena ...)
 	NOT-FOR-US: WordPress timthumb
 CVE-2014-4662
 	RESERVED
-CVE-2014-4661
+CVE-2014-4661 (Cross-site scripting (XSS) vulnerability in HP Records Manager before  ...)
 	NOT-FOR-US: HP Records Manager
 CVE-2014-4651
 	RESERVED
 	NOT-FOR-US: JClouds
-CVE-2014-4647
+CVE-2014-4647 (Stack-based buffer overflow in the loadExtensionFactory method in the  ...)
 	NOT-FOR-US: Embarcadero ER/Studio Data Architect
-CVE-2014-4646
+CVE-2014-4646 (Buffer overflow in the FPDFBookmark_GetTitle method in Foxit PDF SDK D ...)
 	NOT-FOR-US: Foxit PDF SDK
-CVE-2014-4645
+CVE-2014-4645 (Cross-site scripting (XSS) vulnerability in dhcpinfo.html in D-link DS ...)
 	NOT-FOR-US: D-Link hardware
-CVE-2014-4644
+CVE-2014-4644 (SQL injection vulnerability in superlinks.php in the superlinks plugin ...)
 	NOT-FOR-US: Cacti plugin superlinks
-CVE-2014-4643
+CVE-2014-4643 (Multiple heap-based buffer overflows in the client in Core FTP LE 2.2  ...)
 	NOT-FOR-US: Core FTP client
-CVE-2014-4721
+CVE-2014-4721 (The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 ...)
 	{DSA-2974-1 DLA-0018-1}
 	- php5 5.6.0~rc1+dfsg-2 (low)
 	[squeeze] - php5 5.3.3-7+squeeze21
 	NOTE: https://bugs.php.net/bug.php?id=67498
 	NOTE: https://www.sektioneins.de/en/blog/14-07-04-phpinfo-infoleak.html
-CVE-2014-4668
+CVE-2014-4668 (The cherokee_validator_ldap_check function in validator_ldap.c in Cher ...)
 	- cherokee <removed> (low)
 	[squeeze] - cherokee <no-dsa> (Minor issue)
-CVE-2014-4667
+CVE-2014-4667 (The sctp_association_free function in net/sctp/associola.c in the Linu ...)
 	{DSA-2992-1 DLA-0015-1}
 	- linux 3.14.9-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d3217b15a19a4779c39b212358a5c71d725822ee (v3.16-rc1)
-CVE-2014-4656
+CVE-2014-4656 (Multiple integer overflows in sound/core/control.c in the ALSA control ...)
 	{DLA-0015-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
-CVE-2014-4655
+CVE-2014-4655 (The snd_ctl_elem_add function in sound/core/control.c in the ALSA cont ...)
 	{DLA-103-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
-CVE-2014-4654
+CVE-2014-4654 (The snd_ctl_elem_add function in sound/core/control.c in the ALSA cont ...)
 	{DLA-103-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
-CVE-2014-4653
+CVE-2014-4653 (sound/core/control.c in the ALSA control implementation in the Linux k ...)
 	{DLA-103-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
-CVE-2014-4652
+CVE-2014-4652 (Race condition in the tlv handler functionality in the snd_ctl_elem_us ...)
 	{DLA-0015-1}
 	- linux 3.14.9-1 (low)
 	[wheezy] - linux 3.2.60-1
@@ -13909,11 +13909,11 @@ CVE-2014-4650
 	- python3.3 <removed> (low)
 	- python3.4 3.4.1-8 (low)
 	NOTE: http://bugs.python.org/issue21766
-CVE-2014-4649
+CVE-2014-4649 (SQL injection vulnerability in the photo-edit subsystem in Piwigo 2.6. ...)
 	- piwigo <removed> (low)
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2014-4648
+CVE-2014-4648 (Unspecified vulnerability in Piwigo before 2.6.3 has unknown impact an ...)
 	- piwigo <removed> (low)
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
@@ -13923,53 +13923,53 @@ CVE-2014-4641
 	REJECTED
 CVE-2014-4640
 	REJECTED
-CVE-2014-4639
+CVE-2014-4639 (EMC Documentum Web Development Kit (WDK) before 6.8 does not properly  ...)
 	NOT-FOR-US: EMC Documentum Web Development
-CVE-2014-4638
+CVE-2014-4638 (EMC Documentum Web Development Kit (WDK) before 6.8 allows remote atta ...)
 	NOT-FOR-US: EMC Documentum Web Development
-CVE-2014-4637
+CVE-2014-4637 (Open redirect vulnerability in EMC Documentum Web Development Kit (WDK ...)
 	NOT-FOR-US: EMC Documentum Web Development
-CVE-2014-4636
+CVE-2014-4636 (Cross-site request forgery (CSRF) vulnerability in EMC Documentum Web  ...)
 	NOT-FOR-US: EMC Documentum Web Development
-CVE-2014-4635
+CVE-2014-4635 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum  ...)
 	NOT-FOR-US: EMC Documentum Web Development
-CVE-2014-4634
+CVE-2014-4634 (Unquoted Windows search path vulnerability in EMC Replication Manager  ...)
 	NOT-FOR-US: EMC Replication Manager and EMC AppSync
-CVE-2014-4633
+CVE-2014-4633 (Cross-site scripting (XSS) vulnerability in EMC RSA Archer GRC Platfor ...)
 	NOT-FOR-US: EMC RSA Archer GRC Platform
-CVE-2014-4632
+CVE-2014-4632 (VMware vSphere Data Protection (VDP) 5.1, 5.5 before 5.5.9, and 5.8 be ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2014-4631
+CVE-2014-4631 (RSA Adaptive Authentication (On-Premise) 6.0.2.1 through 7.1 P3, when  ...)
 	NOT-FOR-US: RSA Adaptive Authentication
-CVE-2014-4630
+CVE-2014-4630 (EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA BSA ...)
 	NOT-FOR-US: RSA BSAFE
-CVE-2014-4629
+CVE-2014-4629 (EMC Documentum Content Server 7.0, 7.1 before 7.1 P10, and 6.7 before  ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-4628
+CVE-2014-4628 (Cross-site scripting (XSS) vulnerability in EMC Isilon InsightIQ 2.x a ...)
 	NOT-FOR-US: EMC Isilon InsightIQ
-CVE-2014-4627
+CVE-2014-4627 (SQL injection vulnerability in EMC RSA Web Threat Detection 4.x before ...)
 	NOT-FOR-US: EMC RSA Web Threat Detection
-CVE-2014-4626
+CVE-2014-4626 (EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18,  ...)
 	NOT-FOR-US: EMC Documentum Content Server
 CVE-2014-4625
 	RESERVED
-CVE-2014-4624
+CVE-2014-4624 (EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7 ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2014-4623
+CVE-2014-4623 (EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S)  ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2014-4622
+CVE-2014-4622 (EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-4621
+CVE-2014-4621 (EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-4620
+CVE-2014-4620 (The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 throug ...)
 	NOT-FOR-US: EMC NetWorker
-CVE-2014-4619
+CVE-2014-4619 (EMC RSA Identity Management and Governance (IMG) 6.5.x before 6.5.1 P1 ...)
 	NOT-FOR-US: EMC RSA Identity Management and Governance
-CVE-2014-4618
+CVE-2014-4618 (EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P0 ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-4612
+CVE-2014-4612 (Cross-site scripting (XSS) vulnerability in the keywords manager (keyw ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2014-4611
+CVE-2014-4611 (Integer overflow in the LZ4 algorithm implementation, as used in Yann  ...)
 	- linux 3.14.9-1 (unimportant)
 	[wheezy] - linux <not-affected> (LZ4 support introduced in 3.11)
 	- linux-2.6 <not-affected> (LZ4 support introduced in 3.11)
@@ -13988,7 +13988,7 @@ CVE-2014-4609
 	{DSA-2977-1}
 	- libav 6:10.2-1
 	NOTE: http://git.libav.org/?p=libav.git;a=commit;h=ccda51b14c0fcae2fad73a24872dce75a7964996
-CVE-2014-4608
+CVE-2014-4608 (** DISPUTED ** Multiple integer overflows in the lzo1x_decompress_safe ...)
 	- linux 3.14.9-1 (unimportant)
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed> (unimportant)
@@ -14004,213 +14004,213 @@ CVE-2014-4607
 	[jessie] - busybox 1:1.22.0-9+deb8u1
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	[squeeze] - busybox <no-dsa> (Minor issue)
-CVE-2014-4606
+CVE-2014-4606 (Cross-site scripting (XSS) vulnerability in redirect_to_zeenshare.php  ...)
 	NOT-FOR-US: WordPress plugin ZeenShare
-CVE-2014-4605
+CVE-2014-4605 (Cross-site scripting (XSS) vulnerability in cal/test.php in the ZdStat ...)
 	NOT-FOR-US: WordPress plugin ZdStatistics
-CVE-2014-4604
+CVE-2014-4604 (Cross-site scripting (XSS) vulnerability in settings/pwsettings.php in ...)
 	NOT-FOR-US: WordPress plugin Your Text Manager
-CVE-2014-4603
+CVE-2014-4603 (Multiple cross-site scripting (XSS) vulnerabilities in yupdates_applic ...)
 	NOT-FOR-US: WordPress plugin Yahoo Updates
-CVE-2014-4602
+CVE-2014-4602 (Multiple cross-site scripting (XSS) vulnerabilities in xencarousel-adm ...)
 	NOT-FOR-US: WordPress plugin XEN Carousel
-CVE-2014-4601
+CVE-2014-4601 (Cross-site scripting (XSS) vulnerability in wu-ratepost.php in the Wu- ...)
 	NOT-FOR-US: WordPress plugin Wu-Rating
-CVE-2014-4600
+CVE-2014-4600 (Multiple cross-site scripting (XSS) vulnerabilities in contact/edit.ph ...)
 	NOT-FOR-US: WordPress plugin WP Ultimate Email Marketer
-CVE-2014-4599
+CVE-2014-4599 (Multiple cross-site scripting (XSS) vulnerabilities in forms/search.ph ...)
 	NOT-FOR-US: WordPress plugin WP-Business Directory
-CVE-2014-4598
+CVE-2014-4598 (Cross-site scripting (XSS) vulnerability in wp-tmkm-amazon-search.php  ...)
 	NOT-FOR-US: WordPress plugin wp-tmkm-amazon
-CVE-2014-4597
+CVE-2014-4597 (Cross-site scripting (XSS) vulnerability in test.php in the WP Social  ...)
 	NOT-FOR-US: WordPress plugin WP Social Invitations
-CVE-2014-4596
+CVE-2014-4596 (Multiple cross-site scripting (XSS) vulnerabilities in js/button-snapa ...)
 	NOT-FOR-US: WordPress plugin SnapApp
-CVE-2014-4595
+CVE-2014-4595 (Multiple cross-site scripting (XSS) vulnerabilities in the WP RESTful  ...)
 	NOT-FOR-US: WordPress plugin WP RESTful
-CVE-2014-4594
+CVE-2014-4594 (Cross-site scripting (XSS) vulnerability in index.php in the WordPress ...)
 	NOT-FOR-US: WordPress plugin Responsive Preview
-CVE-2014-4593
+CVE-2014-4593 (Cross-site scripting (XSS) vulnerability in wp-plugins-net/index.php i ...)
 	NOT-FOR-US: WordPress plugin WP Plugin Manager
 CVE-2014-4592
 	RESERVED
-CVE-2014-4591
+CVE-2014-4591 (Cross-site scripting (XSS) vulnerability in picasa_upload.php in the W ...)
 	NOT-FOR-US: WordPress plugin WP-Picasa-Image
-CVE-2014-4590
+CVE-2014-4590 (Cross-site scripting (XSS) vulnerability in get.php in the WP Microblo ...)
 	NOT-FOR-US: WordPress plugin WP Microblogs
-CVE-2014-4589
+CVE-2014-4589 (Cross-site scripting (XSS) vulnerability in uploader.php in the WP Sil ...)
 	NOT-FOR-US: WordPress plugin wp-media-player
-CVE-2014-4588
+CVE-2014-4588 (Cross-site scripting (XSS) vulnerability in tpls/editmedia.php in the  ...)
 	NOT-FOR-US: WordPress plugin wphotfiles
-CVE-2014-4587
+CVE-2014-4587 (Multiple cross-site scripting (XSS) vulnerabilities in the WP GuestMap ...)
 	NOT-FOR-US: WordPress plugin WP GuestMap
-CVE-2014-4586
+CVE-2014-4586 (Multiple cross-site scripting (XSS) vulnerabilities in the wp-football ...)
 	NOT-FOR-US: WordPress plugin wp-football
-CVE-2014-4585
+CVE-2014-4585 (Cross-site scripting (XSS) vulnerability in the WP-FaceThumb plugin po ...)
 	NOT-FOR-US: WordPress plugin WP-FaceThumb
-CVE-2014-4584
+CVE-2014-4584 (Cross-site scripting (XSS) vulnerability in admin/editFacility.php in  ...)
 	NOT-FOR-US: WordPress plugin wp-easybooking
-CVE-2014-4583
+CVE-2014-4583 (Multiple cross-site scripting (XSS) vulnerabilities in forms/messages. ...)
 	NOT-FOR-US: WordPress plugin WP-Contact
-CVE-2014-4582
+CVE-2014-4582 (Cross-site scripting (XSS) vulnerability in admin/admin_show_dialogs.p ...)
 	NOT-FOR-US: WordPress plugin WP Consultant
-CVE-2014-4581
+CVE-2014-4581 (Cross-site scripting (XSS) vulnerability in facture.php in the WPCB pl ...)
 	NOT-FOR-US: WordPress plugin WPCB
-CVE-2014-4580
+CVE-2014-4580 (Cross-site scripting (XSS) vulnerability in blipbot.ajax.php in the WP ...)
 	NOT-FOR-US: WordPress plugin WP BlipBot
-CVE-2014-4579
+CVE-2014-4579 (Cross-site scripting (XSS) vulnerability in js/test.php in the Appoint ...)
 	NOT-FOR-US: WordPress plugin Appointments Scheduler
-CVE-2014-4578
+CVE-2014-4578 (Cross-site scripting (XSS) vulnerability in asset-studio/icons-launche ...)
 	NOT-FOR-US: WordPress plugin WP App Maker
-CVE-2014-4577
+CVE-2014-4577 (Absolute path traversal vulnerability in reviews.php in the WP AmASIN  ...)
 	NOT-FOR-US: WordPress plugin WP AmASIN - The Amazon Affiliate Shop
-CVE-2014-4576
+CVE-2014-4576 (Cross-site scripting (XSS) vulnerability in services/diagnostics.php i ...)
 	NOT-FOR-US: WordPress plugin WordPress Social Login
-CVE-2014-4575
+CVE-2014-4575 (Cross-site scripting (XSS) vulnerability in js/window.php in the Wikip ...)
 	NOT-FOR-US: WordPress plugin Wikipop
-CVE-2014-4574
+CVE-2014-4574 (Cross-site scripting (XSS) vulnerability in resize.php in the WebEngag ...)
 	NOT-FOR-US: WordPress plugin WebEngage
-CVE-2014-4573
+CVE-2014-4573 (Multiple cross-site scripting (XSS) vulnerabilities in frame-maker.php ...)
 	NOT-FOR-US: WordPress plugin Walk Score
-CVE-2014-4572
+CVE-2014-4572 (Cross-site scripting (XSS) vulnerability in bvc.php in the Votecount f ...)
 	NOT-FOR-US: WordPress plugin Votecount for Balatarin
-CVE-2014-4571
+CVE-2014-4571 (Multiple cross-site scripting (XSS) vulnerabilities in vncal.js.php in ...)
 	NOT-FOR-US: WordPress plugin VN-Calendar
-CVE-2014-4570
+CVE-2014-4570 (Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhispe ...)
 	NOT-FOR-US: WordPress plugin VideoWhisper Video Presentation
-CVE-2014-4569
+CVE-2014-4569 (Cross-site scripting (XSS) vulnerability in ls/vv_login.php in the Vid ...)
 	NOT-FOR-US: WordPress plugin VideoWhisper Live Streaming Integration
-CVE-2014-4568
+CVE-2014-4568 (Cross-site scripting (XSS) vulnerability in posts/videowhisper/r_logou ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2014-4567
 	RESERVED
-CVE-2014-4566
+CVE-2014-4566 (Cross-site scripting (XSS) vulnerability in res/fake_twitter/frame.php ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4565
+CVE-2014-4565 (Multiple cross-site scripting (XSS) vulnerabilities in vcc.js.php in t ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4564
+CVE-2014-4564 (Cross-site scripting (XSS) vulnerability in check.php in the Validated ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2014-4563
+CVE-2014-4563 (Cross-site scripting (XSS) vulnerability in go.php in the URL Cloak &a ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2014-4562
 	RESERVED
 CVE-2014-4561
 	RESERVED
-CVE-2014-4560
+CVE-2014-4560 (Cross-site scripting (XSS) vulnerability in includes/getTipo.php in th ...)
 	NOT-FOR-US: WordPress plugin ToolPage
 CVE-2014-4559
 	RESERVED
 CVE-2014-4558
 	RESERVED
-CVE-2014-4557
+CVE-2014-4557 (Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swi ...)
 	NOT-FOR-US: WordPress plugin Swipe Checkout for Jigoshop
-CVE-2014-4556
+CVE-2014-4556 (Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swi ...)
 	NOT-FOR-US: WordPress plugin Switch Checkout for eShop
-CVE-2014-4555
+CVE-2014-4555 (Cross-site scripting (XSS) vulnerability in fonts/font-form.php in the ...)
 	NOT-FOR-US: WordPress plugin Style It
-CVE-2014-4554
+CVE-2014-4554 (Cross-site scripting (XSS) vulnerability in templates/download.php in  ...)
 	NOT-FOR-US: WordPress plugin SS Downloads
 CVE-2014-4553
 	RESERVED
-CVE-2014-4552
+CVE-2014-4552 (Cross-site scripting (XSS) vulnerability in library/includes/payment/p ...)
 	NOT-FOR-US: WordPress plugin Spotlight
-CVE-2014-4551
+CVE-2014-4551 (Cross-site scripting (XSS) vulnerability in diagnostics/test.php in th ...)
 	NOT-FOR-US: WordPress plugin Social Connect
 CVE-2014-4550
 	RESERVED
-CVE-2014-4549
+CVE-2014-4549 (Multiple cross-site scripting (XSS) vulnerabilities in pages/3DComplet ...)
 	NOT-FOR-US: WordPress plugin WooCommerce SagePay Direct Payment Gateway
 CVE-2014-4548
 	RESERVED
-CVE-2014-4547
+CVE-2014-4547 (Multiple cross-site scripting (XSS) vulnerabilities in templates/defau ...)
 	NOT-FOR-US: WordPress plugin Rezgo Online Booking
-CVE-2014-4546
+CVE-2014-4546 (Cross-site scripting (XSS) vulnerability in book_ajax.php in the Rezgo ...)
 	NOT-FOR-US: WordPress plugin Rezgo
-CVE-2014-4545
+CVE-2014-4545 (Multiple cross-site scripting (XSS) vulnerabilities in pq_dialog.php i ...)
 	NOT-FOR-US: WordPress plugin Pro Quoter
 CVE-2014-4544
 	RESERVED
-CVE-2014-4543
+CVE-2014-4543 (Multiple cross-site scripting (XSS) vulnerabilities in payper/payper.p ...)
 	NOT-FOR-US: WordPress plugin Pay Per Media Player
-CVE-2014-4542
+CVE-2014-4542 (Cross-site scripting (XSS) vulnerability in redirect.php in the Ooorl  ...)
 	NOT-FOR-US: WordPress plugin Ooorl
-CVE-2014-4541
+CVE-2014-4541 (Cross-site scripting (XSS) vulnerability in shortcode-generator/previe ...)
 	NOT-FOR-US: WordPress plugin OMFG Mobile Pro
-CVE-2014-4540
+CVE-2014-4540 (Cross-site scripting (XSS) vulnerability in oleggo-twitter/twitter_log ...)
 	NOT-FOR-US: WordPress plugin Oleggo LiveStream
 CVE-2014-4539
 	RESERVED
-CVE-2014-4538
+CVE-2014-4538 (Cross-site scripting (XSS) vulnerability in process.php in the Malware ...)
 	NOT-FOR-US: WordPress plugin Malware Finder
-CVE-2014-4537
+CVE-2014-4537 (Cross-site scripting (XSS) vulnerability in inpage.tpl.php in the Keyw ...)
 	NOT-FOR-US: WordPress plugin Keyword Strategy Internal Links
 CVE-2014-4536
 	RESERVED
 CVE-2014-4535
 	RESERVED
-CVE-2014-4534
+CVE-2014-4534 (Multiple cross-site scripting (XSS) vulnerabilities in videoplayer/aut ...)
 	NOT-FOR-US: WordPress plugin HTML5 Video Player with Playlist
-CVE-2014-4533
+CVE-2014-4533 (Cross-site scripting (XSS) vulnerability in ajax_functions.php in the  ...)
 	NOT-FOR-US: WordPress plugin GEO Redirector
-CVE-2014-4532
+CVE-2014-4532 (Cross-site scripting (XSS) vulnerability in templates/printAdminUsersL ...)
 	NOT-FOR-US: WordPress plugin GarageSale
-CVE-2014-4531
+CVE-2014-4531 (Cross-site scripting (XSS) vulnerability in main_page.php in the Game  ...)
 	NOT-FOR-US: WordPress plugin Game tabs
 CVE-2014-4530
 	RESERVED
-CVE-2014-4529
+CVE-2014-4529 (Cross-site scripting (XSS) vulnerability in fpg_preview.php in the Fla ...)
 	NOT-FOR-US: WordPress plugin Flash Photo Gallery
-CVE-2014-4528
+CVE-2014-4528 (Multiple cross-site scripting (XSS) vulnerabilities in admin/swarm-set ...)
 	NOT-FOR-US: WordPress plugin fbpromotions
-CVE-2014-4527
+CVE-2014-4527 (Multiple cross-site scripting (XSS) vulnerabilities in paginas/vista-p ...)
 	NOT-FOR-US: WordPress plugin envialosimple-email-marketing-y-newsletters-gratis
-CVE-2014-4526
+CVE-2014-4526 (Multiple cross-site scripting (XSS) vulnerabilities in callback.php in ...)
 	NOT-FOR-US: WordPress plugin efence
 CVE-2014-4525
 	RESERVED
-CVE-2014-4524
+CVE-2014-4524 (Cross-site scripting (XSS) vulnerability in classes/custom-image/media ...)
 	NOT-FOR-US: WordPress plugin WP Easy Post Types
 CVE-2014-4523
 	RESERVED
-CVE-2014-4522
+CVE-2014-4522 (Cross-site scripting (XSS) vulnerability in client-assist.php in the d ...)
 	NOT-FOR-US: WordPress plugin dsSearchAgent: WordPress Edition
-CVE-2014-4521
+CVE-2014-4521 (Cross-site scripting (XSS) vulnerability in client-assist.php in the d ...)
 	NOT-FOR-US: WordPress plugin dsIDXpress IDX
-CVE-2014-4520
+CVE-2014-4520 (Cross-site scripting (XSS) vulnerability in phprack.php in the DMCA Wa ...)
 	NOT-FOR-US: WordPress plugin DMCA WaterMarker
 CVE-2014-4519
 	RESERVED
-CVE-2014-4518
+CVE-2014-4518 (Cross-site scripting (XSS) vulnerability in xd_resize.php in the Conta ...)
 	NOT-FOR-US: WordPress plugin Contact Form by ContactMe.com
-CVE-2014-4517
+CVE-2014-4517 (Cross-site scripting (XSS) vulnerability in getNetworkSites.php in the ...)
 	NOT-FOR-US: WordPress plugin CBI Referral Manager
-CVE-2014-4516
+CVE-2014-4516 (Cross-site scripting (XSS) vulnerability in bicm-carousel-preview.php  ...)
 	NOT-FOR-US: WordPress plugin BIC Media Widget
-CVE-2014-4515
+CVE-2014-4515 (Cross-site scripting (XSS) vulnerability in mce_anyfont/dialog.php in  ...)
 	NOT-FOR-US: WordPress plugin AnyFont
-CVE-2014-4514
+CVE-2014-4514 (Cross-site scripting (XSS) vulnerability in includes/api_tenpay/inc.te ...)
 	NOT-FOR-US: WordPress plugin Alipay plugin
-CVE-2014-4513
+CVE-2014-4513 (Multiple cross-site scripting (XSS) vulnerabilities in server/offline. ...)
 	NOT-FOR-US: WordPress plugin ActiveHelper LiveHelp Live Chat
 CVE-2014-4512
 	RESERVED
-CVE-2014-4511
+CVE-2014-4511 (Gitlist before 0.5.0 allows remote attackers to execute arbitrary comm ...)
 	- gitlist <itp> (bug #750368)
-CVE-2014-4509
+CVE-2014-4509 (The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Pla ...)
 	NOT-FOR-US: Novell Identity Manager
-CVE-2014-4507
+CVE-2014-4507 (Directory traversal vulnerability in Smart-Proxy in Foreman before 1.4 ...)
 	- foreman <itp> (bug #663101)
-CVE-2014-4506
+CVE-2014-4506 (Cross-site scripting (XSS) vulnerability in the Custom Meta module 6.x ...)
 	NOT-FOR-US: Drupal module Custom Meta
-CVE-2014-4505
+CVE-2014-4505 (Cross-site scripting (XSS) vulnerability in the Easy Breadcrumb module ...)
 	NOT-FOR-US: Drupal module Easy Breadcrumb
-CVE-2014-4617
+CVE-2014-4617 (The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.1 ...)
 	{DSA-2968-1 DSA-2967-1 DLA-51-1 DLA-0012-1}
 	- gnupg 1.4.16-1.2 (bug #752497)
 	[squeeze] - gnupg 1.4.10-4+squeeze5
 	- gnupg2 2.0.24-1 (bug #752498)
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=11fdfcf82bd8
-CVE-2014-4616
+CVE-2014-4616 (Array index error in the scanstring function in the _json module in Py ...)
 	- python2.5 <removed>
 	[squeeze] - python2.5 <no-dsa> (minor issue)
 	- python2.6 <removed>
@@ -14223,7 +14223,7 @@ CVE-2014-4616
 	- python3.3 <removed>
 	- python3.4 3.4.0+20140417-1
 	NOTE: http://bugs.python.org/issue21529
-CVE-2014-4615
+CVE-2014-4615 (The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemet ...)
 	- neutron 2014.1.2-1
 	NOTE: upstream patch: https://git.openstack.org/cgit/openstack/neutron/commit/?id=0324965a0c2987e5cad6276f011682dec184205f (neutron)
 	- ceilometer 2014.1.2-1
@@ -14231,19 +14231,19 @@ CVE-2014-4615
 	NOTE: Upstream patch: https://git.openstack.org/cgit/openstack/ceilometer/commit/?id=264f3b0d9640edeac743f339786e0a3b22c0f6c2 (ceilometer)
 	- python-pycadf 0.5.1-1
 	NOTE: Upstream patch: https://git.openstack.org/cgit/openstack/pycadf/commit/?id=966d4410a1a69e0a3af678442a1a965dae80d720 (pycadf)
-CVE-2014-4614
+CVE-2014-4614 (Multiple cross-site request forgery (CSRF) vulnerabilities in Piwigo b ...)
 	- piwigo <removed> (low)
 	[squeeze] - piwigo <end-of-life> (Minor issue)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2014-4613
+CVE-2014-4613 (Cross-site request forgery (CSRF) vulnerability in the administration  ...)
 	- piwigo <removed> (low)
 	[squeeze] - piwigo <end-of-life> (Minor issue)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2014-4510
+CVE-2014-4510 (Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0. ...)
 	- apt-cacher-ng 0.7.26-2
 	[wheezy] - apt-cacher-ng <no-dsa> (Minor issue)
 	[squeeze] - apt-cacher-ng <no-dsa> (Minor issue)
-CVE-2014-4508
+CVE-2014-4508 (arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bi ...)
 	{DLA-103-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
@@ -14252,291 +14252,291 @@ CVE-2014-4508
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=554086d85e71f30abe46fc014fea31929a7c6a8a
 CVE-2014-4504
 	RESERVED
-CVE-2014-4503
+CVE-2014-4503 (The parse_notify function in util.c in sgminer before 4.2.2 and cgmine ...)
 	- cgminer 4.2.3-1
-CVE-2014-4502
+CVE-2014-4502 (Multiple heap-based buffer overflows in the parse_notify function in s ...)
 	- cgminer 4.4.2-1
-CVE-2014-4501
+CVE-2014-4501 (Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer ...)
 	- cgminer 4.4.2-1
 CVE-2014-4500
 	RESERVED
-CVE-2014-4499
+CVE-2014-4499 (The App Store process in CommerceKit Framework in Apple OS X before 10 ...)
 	NOT-FOR-US: Apple
-CVE-2014-4498
+CVE-2014-4498 (The CPU Software in Apple OS X before 10.10.2 allows physically proxim ...)
 	NOT-FOR-US: Apple
-CVE-2014-4497
+CVE-2014-4497 (Integer signedness error in IOBluetoothFamily in the Bluetooth impleme ...)
 	NOT-FOR-US: Apple
-CVE-2014-4496
+CVE-2014-4496 (The mach_port_kobject interface in the kernel in Apple iOS before 8.1. ...)
 	NOT-FOR-US: Apple
-CVE-2014-4495
+CVE-2014-4495 (The kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and A ...)
 	NOT-FOR-US: Apple
-CVE-2014-4494
+CVE-2014-4494 (Springboard in Apple iOS before 8.1.3 does not properly validate signa ...)
 	NOT-FOR-US: Apple
-CVE-2014-4493
+CVE-2014-4493 (The app-installation functionality in MobileInstallation in Apple iOS  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4492
+CVE-2014-4492 (libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and A ...)
 	NOT-FOR-US: Apple
-CVE-2014-4491
+CVE-2014-4491 (The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X ...)
 	NOT-FOR-US: Apple
 CVE-2014-4490
 	REJECTED
-CVE-2014-4489
+CVE-2014-4489 (IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4488
+CVE-2014-4488 (IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4487
+CVE-2014-4487 (Buffer overflow in IOHIDFamily in Apple iOS before 8.1.3, Apple OS X b ...)
 	NOT-FOR-US: Apple
-CVE-2014-4486
+CVE-2014-4486 (IOAcceleratorFamily in Apple iOS before 8.1.3, Apple OS X before 10.10 ...)
 	NOT-FOR-US: Apple
-CVE-2014-4485
+CVE-2014-4485 (Buffer overflow in the XML parser in Foundation in Apple iOS before 8. ...)
 	NOT-FOR-US: Apple
-CVE-2014-4484
+CVE-2014-4484 (FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and A ...)
 	NOT-FOR-US: Apple
-CVE-2014-4483
+CVE-2014-4483 (Buffer overflow in FontParser in Apple iOS before 8.1.3, Apple OS X be ...)
 	NOT-FOR-US: Apple
 CVE-2014-4482
 	REJECTED
-CVE-2014-4481
+CVE-2014-4481 (Integer overflow in CoreGraphics in Apple iOS before 8.1.3, Apple OS X ...)
 	NOT-FOR-US: Apple
-CVE-2014-4480
+CVE-2014-4480 (Directory traversal vulnerability in afc in AppleFileConduit in Apple  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4479
+CVE-2014-4479 (WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3,  ...)
 	NOT-FOR-US: Apple
 CVE-2014-4478
 	REJECTED
-CVE-2014-4477
+CVE-2014-4477 (WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3,  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4476
+CVE-2014-4476 (WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3,  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4475
+CVE-2014-4475 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4474
+CVE-2014-4474 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4473
+CVE-2014-4473 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4472
+CVE-2014-4472 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4471
+CVE-2014-4471 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4470
+CVE-2014-4470 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4469
+CVE-2014-4469 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4468
+CVE-2014-4468 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4467
+CVE-2014-4467 (WebKit, as used in Apple iOS before 8.1.3, does not properly determine ...)
 	NOT-FOR-US: Apple
-CVE-2014-4466
+CVE-2014-4466 (WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4465
+CVE-2014-4465 (WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2014-4464
 	REJECTED
-CVE-2014-4463
+CVE-2014-4463 (Apple iOS before 8.1.1 allows physically proximate attackers to bypass ...)
 	NOT-FOR-US: Apple
-CVE-2014-4462
+CVE-2014-4462 (WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, a ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4461
+CVE-2014-4461 (The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does no ...)
 	NOT-FOR-US: Apple
-CVE-2014-4460
+CVE-2014-4460 (CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not p ...)
 	NOT-FOR-US: Apple
-CVE-2014-4459
+CVE-2014-4459 (Use-after-free vulnerability in WebKit, as used in Apple OS X before 1 ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4458
+CVE-2014-4458 (The "System Profiler About This Mac" component in Apple OS X before 10 ...)
 	NOT-FOR-US: Apple
-CVE-2014-4457
+CVE-2014-4457 (The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not prop ...)
 	NOT-FOR-US: Apple
 CVE-2014-4456
 	REJECTED
-CVE-2014-4455
+CVE-2014-4455 (dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not prop ...)
 	NOT-FOR-US: Apple
 CVE-2014-4454
 	REJECTED
-CVE-2014-4453
+CVE-2014-4453 (Apple iOS before 8.1.1 and OS X before 10.10.1 include location data d ...)
 	NOT-FOR-US: Apple
-CVE-2014-4452
+CVE-2014-4452 (WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, a ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4451
+CVE-2014-4451 (Apple iOS before 8.1.1 does not properly enforce the failed-passcode l ...)
 	NOT-FOR-US: Apple
-CVE-2014-4450
+CVE-2014-4450 (The QuickType feature in the Keyboards subsystem in Apple iOS before 8 ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-4449
+CVE-2014-4449 (iCloud Data Access in Apple iOS before 8.1 does not verify X.509 certi ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-4448
+CVE-2014-4448 (House Arrest in Apple iOS before 8.1 relies on the hardware UID for it ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-4447
+CVE-2014-4447 (Profile Manager in Apple OS X Server before 4.0 allows local users to  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4446
+CVE-2014-4446 (Mail Service in Apple OS X Server before 4.0 does not enforce SACL cha ...)
 	NOT-FOR-US: Apple OS X
 CVE-2014-4445
 	REJECTED
-CVE-2014-4444
+CVE-2014-4444 (SecurityAgent in Apple OS X before 10.10 does not ensure that a Kerber ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4443
+CVE-2014-4443 (Apple OS X before 10.10 allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4442
+CVE-2014-4442 (The kernel in Apple OS X before 10.10 allows local users to cause a de ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4441
+CVE-2014-4441 (NetFS Client Framework in Apple OS X before 10.10 does not ensure that ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4440
+CVE-2014-4440 (The MCX Desktop Config Profiles implementation in Apple OS X before 10 ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4439
+CVE-2014-4439 (Mail in Apple OS X before 10.10 does not properly recognize the remova ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4438
+CVE-2014-4438 (Race condition in LoginWindow in Apple OS X before 10.10 allows physic ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4437
+CVE-2014-4437 (LaunchServices in Apple OS X before 10.10 allows attackers to bypass i ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4436
+CVE-2014-4436 (IOHIDFamily in Apple OS X before 10.10 allows attackers to cause denia ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4435
+CVE-2014-4435 (The "iCloud Find My Mac" feature in Apple OS X before 10.10 does not p ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4434
+CVE-2014-4434 (The kernel in Apple OS X before 10.10 allows physically proximate atta ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4433
+CVE-2014-4433 (Heap-based buffer overflow in the kernel in Apple OS X before 10.10 al ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4432
+CVE-2014-4432 (fdesetup in Apple OS X before 10.10 does not properly display the encr ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4431
+CVE-2014-4431 (Dock in Apple OS X before 10.10 does not properly manage the screen-lo ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4430
+CVE-2014-4430 (CoreStorage in Apple OS X before 10.10 retains a volume's encryption k ...)
 	NOT-FOR-US: Apple OS X
 CVE-2014-4429
 	REJECTED
-CVE-2014-4428
+CVE-2014-4428 (Bluetooth in Apple OS X before 10.10 does not require encryption for H ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4427
+CVE-2014-4427 (App Sandbox in Apple OS X before 10.10 allows attackers to bypass a sa ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4426
+CVE-2014-4426 (AFP File Server in Apple OS X before 10.10 allows remote attackers to  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4425
+CVE-2014-4425 (CFPreferences in Apple OS X before 10.10 does not properly enforce the ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-4424
+CVE-2014-4424 (SQL injection vulnerability in Wiki Server in CoreCollaboration in App ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4423
+CVE-2014-4423 (The Accounts subsystem in Apple iOS before 8 allows attackers to bypas ...)
 	NOT-FOR-US: Accounts subsystem in Apple iOS
-CVE-2014-4422
+CVE-2014-4422 (The kernel in Apple iOS before 8 and Apple TV before 7 uses a predicta ...)
 	NOT-FOR-US: Apple
-CVE-2014-4421
+CVE-2014-4421 (The network-statistics interface in the kernel in Apple iOS before 8 a ...)
 	NOT-FOR-US: Apple
-CVE-2014-4420
+CVE-2014-4420 (The network-statistics interface in the kernel in Apple iOS before 8 a ...)
 	NOT-FOR-US: Apple
-CVE-2014-4419
+CVE-2014-4419 (The network-statistics interface in the kernel in Apple iOS before 8 a ...)
 	NOT-FOR-US: Apple
-CVE-2014-4418
+CVE-2014-4418 (IOKit in Apple iOS before 8 and Apple TV before 7 does not properly va ...)
 	NOT-FOR-US: Apple
-CVE-2014-4417
+CVE-2014-4417 (Safari in Apple OS X before 10.10 allows remote attackers to cause a d ...)
 	NOT-FOR-US: Apple Safari
-CVE-2014-4416
+CVE-2014-4416 (An unspecified integrated graphics driver routine in the Intel Graphic ...)
 	NOT-FOR-US: Apples Mac OS X
-CVE-2014-4415
+CVE-2014-4415 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows re ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4414
+CVE-2014-4414 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows re ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4413
+CVE-2014-4413 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows re ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4412
+CVE-2014-4412 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows re ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4411
+CVE-2014-4411 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows re ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4410
+CVE-2014-4410 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows re ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4409
+CVE-2014-4409 (WebKit in Apple iOS before 8 makes it easier for remote attackers to t ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-4408
+CVE-2014-4408 (The rt_setgate function in the kernel in Apple iOS before 8 and Apple  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4407
+CVE-2014-4407 (IOKit in Apple iOS before 8 and Apple TV before 7 does not properly in ...)
 	NOT-FOR-US: Apple
-CVE-2014-4406
+CVE-2014-4406 (Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollab ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4405
+CVE-2014-4405 (IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attacke ...)
 	NOT-FOR-US: Apple
-CVE-2014-4404
+CVE-2014-4404 (Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Ap ...)
 	NOT-FOR-US: Apple
-CVE-2014-4403
+CVE-2014-4403 (The kernel in Apple OS X before 10.9.5 allows local users to obtain se ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4402
+CVE-2014-4402 (An unspecified IOAcceleratorFamily function in Apple OS X before 10.9. ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4401
+CVE-2014-4401 (An unspecified integrated graphics driver routine in the Intel Graphic ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4400
+CVE-2014-4400 (An unspecified integrated graphics driver routine in the Intel Graphic ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4399
+CVE-2014-4399 (An unspecified integrated graphics driver routine in the Intel Graphic ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4398
+CVE-2014-4398 (An unspecified integrated graphics driver routine in the Intel Graphic ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4397
+CVE-2014-4397 (An unspecified integrated graphics driver routine in the Intel Graphic ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4396
+CVE-2014-4396 (An unspecified integrated graphics driver routine in the Intel Graphic ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4395
+CVE-2014-4395 (An unspecified integrated graphics driver routine in the Intel Graphic ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4394
+CVE-2014-4394 (An unspecified integrated graphics driver routine in the Intel Graphic ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4393
+CVE-2014-4393 (Buffer overflow in the shader compiler in the Intel Graphics Driver su ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2014-4392
 	REJECTED
-CVE-2014-4391
+CVE-2014-4391 (The Code Signing feature in Apple OS X before 10.10 does not properly  ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4390
+CVE-2014-4390 (Bluetooth in Apple OS X before 10.9.5 does not properly validate API c ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4389
+CVE-2014-4389 (Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4388
+CVE-2014-4388 (IOKit in Apple iOS before 8 and Apple TV before 7 does not properly va ...)
 	NOT-FOR-US: Apple
 CVE-2014-4387
 	REJECTED
-CVE-2014-4386
+CVE-2014-4386 (Race condition in the App Installation feature in Apple iOS before 8 a ...)
 	NOT-FOR-US: Apple
 CVE-2014-4385
 	REJECTED
-CVE-2014-4384
+CVE-2014-4384 (Directory traversal vulnerability in the App Installation feature in A ...)
 	NOT-FOR-US: Apple
-CVE-2014-4383
+CVE-2014-4383 (The Assets subsystem in Apple iOS before 8 and Apple TV before 7 allow ...)
 	NOT-FOR-US: Apple
 CVE-2014-4382
 	REJECTED
-CVE-2014-4381
+CVE-2014-4381 (Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bou ...)
 	NOT-FOR-US: Apple
-CVE-2014-4380
+CVE-2014-4380 (The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV be ...)
 	NOT-FOR-US: Apple
-CVE-2014-4379
+CVE-2014-4379 (An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV ...)
 	NOT-FOR-US: Apple
-CVE-2014-4378
+CVE-2014-4378 (CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote ...)
 	NOT-FOR-US: Apple
-CVE-2014-4377
+CVE-2014-4377 (Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV be ...)
 	NOT-FOR-US: Apple
-CVE-2014-4376
+CVE-2014-4376 (IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attack ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2014-4375
+CVE-2014-4375 (Double free vulnerability in Apple iOS before 8 and Apple TV before 7  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4374
+CVE-2014-4374 (NSXMLParser in Foundation in Apple iOS before 8 allows attackers to re ...)
 	NOT-FOR-US: Apple
-CVE-2014-4373
+CVE-2014-4373 (The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Ap ...)
 	NOT-FOR-US: Apple
-CVE-2014-4372
+CVE-2014-4372 (syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV bef ...)
 	NOT-FOR-US: Apple
-CVE-2014-4371
+CVE-2014-4371 (The network-statistics interface in the kernel in Apple iOS before 8 a ...)
 	NOT-FOR-US: Apple
 CVE-2014-4370
 	REJECTED
-CVE-2014-4369
+CVE-2014-4369 (The IOAcceleratorFamily API implementation in Apple iOS before 8 and A ...)
 	NOT-FOR-US: Apple
-CVE-2014-4368
+CVE-2014-4368 (The Accessibility subsystem in Apple iOS before 8 allows attackers to  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4367
+CVE-2014-4367 (Apple iOS before 8 enables Voice Dial during all upgrade actions, whic ...)
 	NOT-FOR-US: Apple
-CVE-2014-4366
+CVE-2014-4366 (Mail in Apple iOS before 8 does not prevent sending a LOGIN command to ...)
 	NOT-FOR-US: Apple
 CVE-2014-4365
 	REJECTED
-CVE-2014-4364
+CVE-2014-4364 (The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4363
+CVE-2014-4363 (Safari in Apple iOS before 8 does not properly restrict the autofillin ...)
 	NOT-FOR-US: Safari in Apple iOS
-CVE-2014-4362
+CVE-2014-4362 (The Sandbox Profiles implementation in Apple iOS before 8 does not pro ...)
 	NOT-FOR-US: Apple
-CVE-2014-4361
+CVE-2014-4361 (The Home &amp; Lock Screen subsystem in Apple iOS before 8 does not pr ...)
 	NOT-FOR-US: Apple
 CVE-2014-4360
 	REJECTED
@@ -14544,56 +14544,56 @@ CVE-2014-4359
 	REJECTED
 CVE-2014-4358
 	REJECTED
-CVE-2014-4357
+CVE-2014-4357 (Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4356
+CVE-2014-4356 (Apple iOS before 8 does not follow the intended configuration setting  ...)
 	NOT-FOR-US: Apple
 CVE-2014-4355
 	REJECTED
-CVE-2014-4354
+CVE-2014-4354 (Apple iOS before 8 enables Bluetooth during all upgrade actions, which ...)
 	NOT-FOR-US: Apple
-CVE-2014-4353
+CVE-2014-4353 (Race condition in iMessage in Apple iOS before 8 allows attackers to o ...)
 	NOT-FOR-US: Apple
-CVE-2014-4352
+CVE-2014-4352 (Address Book in Apple iOS before 8 relies on the hardware UID for its  ...)
 	NOT-FOR-US: Apple
-CVE-2014-4351
+CVE-2014-4351 (Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote  ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-4350
+CVE-2014-4350 (Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 all ...)
 	NOT-FOR-US: QT Media Foundation in Apple OS X
-CVE-2014-4349
+CVE-2014-4349 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1. ...)
 	- phpmyadmin 4:4.2.5-1 (low)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-4348
+CVE-2014-4348 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2. ...)
 	- phpmyadmin 4:4.2.5-1 (low)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-4347
+CVE-2014-4347 (Citrix NetScaler Application Delivery Controller (ADC) and NetScaler G ...)
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2014-4346
+CVE-2014-4346 (Cross-site scripting (XSS) vulnerability in administration user interf ...)
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2014-4345
+CVE-2014-4345 (Off-by-one error in the krb5_encode_krbsecretkey function in plugins/k ...)
 	{DSA-3000-1 DLA-37-1}
 	- krb5 1.12.1+dfsg-7 (bug #757416)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/81c332e29f10887c6b9deb065f81ba259f4c7e03
 	NOTE: http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2014-001.txt
-CVE-2014-4344
+CVE-2014-4344 (The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/ ...)
 	{DSA-3000-1 DLA-37-1}
 	- krb5 1.12.1+dfsg-5 (bug #755521)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b
-CVE-2014-4343
+CVE-2014-4343 (Double free vulnerability in the init_ctx_reselect function in the SPN ...)
 	{DSA-3000-1 DLA-37-1}
 	- krb5 1.12.1+dfsg-5 (bug #755520)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f
-CVE-2014-4342
+CVE-2014-4342 (MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows re ...)
 	{DSA-3000-1 DLA-37-1}
 	- krb5 1.12.1+dfsg-4 (bug #753625)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/fb99962cbd063ac04c9a9d2cc7c75eab73f3533d
-CVE-2014-4341
+CVE-2014-4341 (MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cau ...)
 	{DSA-3000-1 DLA-37-1}
 	- krb5 1.12.1+dfsg-4 (bug #753624)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
@@ -14602,37 +14602,37 @@ CVE-2014-4340
 	RESERVED
 CVE-2014-4339
 	RESERVED
-CVE-2014-4335
+CVE-2014-4335 (Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive  ...)
 	NOT-FOR-US: BarracudaDrive
-CVE-2014-4334
+CVE-2014-4334 (Stack-based buffer overflow in Ubisoft Rayman Legends before 1.3.14038 ...)
 	NOT-FOR-US: Ubisoft Rayman Legends
-CVE-2014-4333
+CVE-2014-4333 (Cross-site request forgery (CSRF) vulnerability in administration/prof ...)
 	NOT-FOR-US: Dolphin (php thing)
 CVE-2014-4332
 	RESERVED
-CVE-2014-4331
+CVE-2014-4331 (Cross-site scripting (XSS) vulnerability in admin/viewer.php in Octavo ...)
 	NOT-FOR-US: OctavoCMS
-CVE-2014-4330
+CVE-2014-4330 (The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 ...)
 	- perl 5.20.1-1 (bug #762256)
 	[wheezy] - perl 5.14.2-21+deb7u2
 	[squeeze] - perl <no-dsa> (Minor issue)
 	NOTE: upstream commit: http://perl5.git.perl.org/perl.git/commitdiff/19be3be6968e2337bcdfe480693fff795ecd1304
-CVE-2014-4329
+CVE-2014-4329 (Cross-site scripting (XSS) vulnerability in lua/host_details.lua in nt ...)
 	- ntopng 1.2.0+dfsg1-1 (bug #760990)
 	NOTE: https://svn.ntop.org/bugzilla/show_bug.cgi?id=379
 CVE-2014-4328
 	RESERVED
 CVE-2014-4327
 	RESERVED
-CVE-2014-4326
+CVE-2014-4326 (Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote ...)
 	- logstash <itp> (bug #664841)
-CVE-2014-4325
+CVE-2014-4325 (The cmd_boot function in app/aboot/aboot.c in the Little Kernel (LK) b ...)
 	NOT-FOR-US: Little Kernel (bootloader)
 CVE-2014-4324
 	RESERVED
-CVE-2014-4323
+CVE-2014-4323 (The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP d ...)
 	- linux <not-affected> (Vulnerable code drivers/video/msm not present)
-CVE-2014-4322
+CVE-2014-4322 (drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, ...)
 	- linux <not-affected> (Vulnerable code drivers/misc/qseecom.c not present)
 CVE-2014-4321
 	RESERVED
@@ -14650,61 +14650,61 @@ CVE-2014-4315
 	REJECTED
 CVE-2014-4314
 	REJECTED
-CVE-2014-4313
+CVE-2014-4313 (SQL injection vulnerability in Epicor Procurement before 7.4 SP2 allow ...)
 	NOT-FOR-US: Epicor
-CVE-2014-4312
+CVE-2014-4312 (Multiple cross-site scripting (XSS) vulnerabilities in Epicor Enterpri ...)
 	NOT-FOR-US: Epicor
-CVE-2014-4311
+CVE-2014-4311 (Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allows attackers t ...)
 	NOT-FOR-US: Epicor
-CVE-2014-4310
+CVE-2014-4310 (Unspecified vulnerability in the JPublisher component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4309
+CVE-2014-4309 (Multiple cross-site scripting (XSS) vulnerabilities in Openfiler 2.99  ...)
 	NOT-FOR-US: Openfiler
-CVE-2014-4308
+CVE-2014-4308 (Multiple cross-site scripting (XSS) vulnerabilities in NICE Recording  ...)
 	NOT-FOR-US: NICE Recording eXpress
-CVE-2014-4307
+CVE-2014-4307 (SQL injection vulnerability in categories-x.php in WebTitan before 4.0 ...)
 	NOT-FOR-US: WebTitan
-CVE-2014-4306
+CVE-2014-4306 (Directory traversal vulnerability in logs-x.php in WebTitan before 4.0 ...)
 	NOT-FOR-US: WebTitan
-CVE-2014-4305
+CVE-2014-4305 (Multiple SQL injection vulnerabilities in NICE Recording eXpress (aka  ...)
 	NOT-FOR-US: NICE Recording eXpress
-CVE-2014-4304
+CVE-2014-4304 (Cross-site scripting (XSS) vulnerability in browse.php in SQL Buddy 1. ...)
 	NOT-FOR-US: SQL Buddy
-CVE-2014-4303
+CVE-2014-4303 (Multiple cross-site scripting (XSS) vulnerabilities in the Touch theme ...)
 	NOT-FOR-US: Drupal Touch theme
-CVE-2014-4302
+CVE-2014-4302 (Cross-site scripting (XSS) vulnerability in rating/rating.php in HAM3D ...)
 	NOT-FOR-US: HAM3D Shop Engine
-CVE-2014-4301
+CVE-2014-4301 (Multiple cross-site scripting (XSS) vulnerabilities in the respond_err ...)
 	NOT-FOR-US: Ajenti
-CVE-2014-4300
+CVE-2014-4300 (Unspecified vulnerability in the SQLJ component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4299
+CVE-2014-4299 (Unspecified vulnerability in the SQLJ component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4298
+CVE-2014-4298 (Unspecified vulnerability in the SQLJ component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4297
+CVE-2014-4297 (Unspecified vulnerability in the JPublisher component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4296
+CVE-2014-4296 (Unspecified vulnerability in the JPublisher component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4295
+CVE-2014-4295 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4294
+CVE-2014-4294 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4293
+CVE-2014-4293 (Unspecified vulnerability in the JPublisher component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4292
+CVE-2014-4292 (Unspecified vulnerability in the JPublisher component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4291
+CVE-2014-4291 (Unspecified vulnerability in the JPublisher component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4290
+CVE-2014-4290 (Unspecified vulnerability in the JPublisher component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4289
+CVE-2014-4289 (Unspecified vulnerability in the JDBC component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4288
+CVE-2014-4288 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allow ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4287
+CVE-2014-4287 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier an ...)
 	{DSA-3054-1}
 	- mysql-5.5 5.5.39-1
 	- mariadb-5.5 5.5.39-1
@@ -14712,119 +14712,119 @@ CVE-2014-4287
 	- percona-xtradb-cluster-5.5 <removed>
 CVE-2014-4286
 	REJECTED
-CVE-2014-4285
+CVE-2014-4285 (Unspecified vulnerability in the Oracle Applications Technology compon ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-4284
+CVE-2014-4284 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-4283
+CVE-2014-4283 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-4282
+CVE-2014-4282 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-4281
+CVE-2014-4281 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-4280
+CVE-2014-4280 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-4279
+CVE-2014-4279 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4278
+CVE-2014-4278 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-4277
+CVE-2014-4277 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-4276
+CVE-2014-4276 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attac ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
-CVE-2014-4275
+CVE-2014-4275 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris 11
 CVE-2014-4273
 	REJECTED
 CVE-2014-4272
 	REJECTED
-CVE-2014-4271
+CVE-2014-4271 (Unspecified vulnerability in the Hyperion Essbase component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4270
+CVE-2014-4270 (Unspecified vulnerability in the Hyperion Common Admin component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4269
+CVE-2014-4269 (Unspecified vulnerability in the Hyperion Common Admin component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4268
+CVE-2014-4268 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u ...)
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4267
+CVE-2014-4267 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4266
+CVE-2014-4266 (Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote ...)
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	NOTE: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/de40a32a44f5
 	- openjdk-7 7u65-2.5.1-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/c58a25d48388
-CVE-2014-4265
+CVE-2014-4265 (Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4264
+CVE-2014-4264 (Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote ...)
 	{DSA-2987-1}
 	- openjdk-6 <not-affected> (Vulnerable code not present)
 	- openjdk-7 7u65-2.5.1-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/c084492f9e3d
-CVE-2014-4263
+CVE-2014-4263 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u ...)
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4262
+CVE-2014-4262 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u ...)
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4261
+CVE-2014-4261 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox <not-affected> (Only applies if VBox is running on Windows)
 	- virtualbox-ose <not-affected> (Only applies if VBox is running on Windows)
-CVE-2014-4260
+CVE-2014-4260 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2985-1}
 	- mysql-5.5 5.5.39-1 (bug #754941)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
 	- mariadb-5.5 5.5.38-1 (bug #754940)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 5.5.39-25.11+dfsg-1
-CVE-2014-4259
+CVE-2014-4259 (Unspecified vulnerability in the Solaris Cluster component in Oracle S ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4258
+CVE-2014-4258 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2985-1}
 	- mysql-5.5 5.5.39-1 (bug #754941)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
 	- mariadb-5.5 5.5.38-1 (bug #754940)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 5.5.39-25.11+dfsg-1
-CVE-2014-4257
+CVE-2014-4257 (Unspecified vulnerability in the Oracle WebCenter Portal component in  ...)
 	NOT-FOR-US: Oracle WebCenter Portal
-CVE-2014-4256
+CVE-2014-4256 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4255
+CVE-2014-4255 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4254
+CVE-2014-4254 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4253
+CVE-2014-4253 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4252
+CVE-2014-4252 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u ...)
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4251
+CVE-2014-4251 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-4250
+CVE-2014-4250 (Unspecified vulnerability in the Siebel Core - Server OM Frwks compone ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2014-4249
+CVE-2014-4249 (Unspecified vulnerability in the BI Publisher component in Oracle Fusi ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-4248
+CVE-2014-4248 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4247
+CVE-2014-4247 (Unspecified vulnerability in Oracle Java SE 8u5 allows remote attacker ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2014-4246
+CVE-2014-4246 (Unspecified vulnerability in the Hyperion Analytic Provider Services c ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4245
+CVE-2014-4245 (Unspecified vulnerability in the RDBMS Core component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-4244
+CVE-2014-4244 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u ...)
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4243
+CVE-2014-4243 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 5.5.37-1
 	[wheezy] - mysql-5.5 5.5.37-0+wheezy1
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
@@ -14832,145 +14832,145 @@ CVE-2014-4243
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: Unspecified, but according to Oracle only for 5.5.35 and earlier
-CVE-2014-4242
+CVE-2014-4242 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4241
+CVE-2014-4241 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle WebLogic Server
-CVE-2014-4240
+CVE-2014-4240 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- mysql-5.1 <not-affected> (Only affects 5.6)
 	- mariadb-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-4239
+CVE-2014-4239 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 all ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2014-4238
+CVE-2014-4238 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- mysql-5.1 <not-affected> (Only affects 5.6)
 	- mariadb-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-4237
+CVE-2014-4237 (Unspecified vulnerability in the RDBMS Core component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4236
+CVE-2014-4236 (Unspecified vulnerability in the RDBMS Core component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4235
+CVE-2014-4235 (Unspecified vulnerability in the Oracle iStore component in Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4234
+CVE-2014-4234 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4233
+CVE-2014-4233 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- mysql-5.1 <not-affected> (Only affects 5.6)
 	- mariadb-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-4232
+CVE-2014-4232 (Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) co ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4231
+CVE-2014-4231 (Unspecified vulnerability in the Siebel Travel &amp; Transportation co ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4230
+CVE-2014-4230 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4229
+CVE-2014-4229 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4228
+CVE-2014-4228 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox 4.3.12-dfsg-1 (bug #754939)
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	- virtualbox-ose <not-affected> (Only affects 4.1 and later)
-CVE-2014-4227
+CVE-2014-4227 (Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4226
+CVE-2014-4226 (Unspecified vulnerability in the PeopleSoft Enterprise FIN Install com ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4225
+CVE-2014-4225 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2014-4224
+CVE-2014-4224 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 all ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2014-4223
+CVE-2014-4223 (Unspecified vulnerability in Oracle Java SE 7u60 allows remote attacke ...)
 	{DSA-2987-1}
 	- openjdk-6 <not-affected> (Vulnerable code not present)
 	- openjdk-7 7u65-2.5.1-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/84bce1b3d28a
-CVE-2014-4222
+CVE-2014-4222 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4221
+CVE-2014-4221 (Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote ...)
 	{DSA-2987-1}
 	- openjdk-6 <not-affected> (Vulnerable code not present)
 	- openjdk-7 7u65-2.5.1-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/bac16c82c14a
-CVE-2014-4220
+CVE-2014-4220 (Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4219
+CVE-2014-4219 (Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows ...)
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4218
+CVE-2014-4218 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u ...)
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4217
+CVE-2014-4217 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4216
+CVE-2014-4216 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u ...)
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4215
+CVE-2014-4215 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local u ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-4214
+CVE-2014-4214 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- mysql-5.1 <not-affected> (Only affects 5.6)
 	- mariadb-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-4213
+CVE-2014-4213 (Unspecified vulnerability in the Oracle Applications Manager component ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4212
+CVE-2014-4212 (Unspecified vulnerability in the Oracle Fusion Middleware component in ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4211
+CVE-2014-4211 (Unspecified vulnerability in the Oracle WebCenter Portal component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4210
+CVE-2014-4210 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4209
+CVE-2014-4209 (Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u ...)
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	- openjdk-7 7u65-2.5.1-1
-CVE-2014-4208
+CVE-2014-4208 (Unspecified vulnerability in the Java SE component in Oracle Java SE 7 ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-4207
+CVE-2014-4207 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2985-1}
 	- mysql-5.5 5.5.39-1 (bug #754941)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
 	- mariadb-5.5 5.5.38-1 (bug #754940)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 5.5.39-25.11+dfsg-1
-CVE-2014-4206
+CVE-2014-4206 (Unspecified vulnerability in the Hyperion Enterprise Performance Manag ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4205
+CVE-2014-4205 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4204
+CVE-2014-4204 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools  ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4203
+CVE-2014-4203 (Unspecified vulnerability in the Hyperion Enterprise Performance Manag ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4202
+CVE-2014-4202 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4201
+CVE-2014-4201 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2014-4200
+CVE-2014-4200 (vm-support 0.88 in VMware Tools, as distributed with VMware Workstatio ...)
 	- open-vm-tools 2:9.4.6-1770165-1 (low; bug #770809)
 	[squeeze] - open-vm-tools <no-dsa> (Minor issue)
 	[wheezy] - open-vm-tools <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2014/Aug/71
-CVE-2014-4199
+CVE-2014-4199 (vm-support 0.88 in VMware Tools, as distributed with VMware Workstatio ...)
 	- open-vm-tools 2:9.4.6-1770165-7 (low; bug #770809)
 	[squeeze] - open-vm-tools <no-dsa> (Minor issue)
 	[wheezy] - open-vm-tools <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2014/Aug/71
 CVE-2014-4198
 	RESERVED
-CVE-2014-4197
+CVE-2014-4197 (Multiple SQL injection vulnerabilities in Bank Soft Systems (BSS) RBS  ...)
 	NOT-FOR-US: Bank Soft Systems
 CVE-2014-4196
 	RESERVED
-CVE-2014-4195
+CVE-2014-4195 (Cross-site scripting (XSS) vulnerability in zero_view_article.php in Z ...)
 	NOT-FOR-US: ZeroCMS
-CVE-2014-4194
+CVE-2014-4194 (SQL injection vulnerability in zero_transact_article.php in ZeroCMS 1. ...)
 	NOT-FOR-US: ZeroCMS
 CVE-2014-XXXX [softhsm-keyconv creates security-sensibe file world-readable]
 	- softhsm 1.3.7-2 (low; bug #752092)
@@ -14979,19 +14979,19 @@ CVE-2014-XXXX [softhsm-keyconv creates security-sensibe file world-readable]
 	NOTE: Upstream fix: https://github.com/bellgrim/SoftHSMv2/commit/492447cd4a2be449e99fb9ad2519ea3277aaad28
 CVE-2014-XXXX [docker VMM breakout]
 	- docker.io 1.0.0~dfsg1-1
-CVE-2014-4193
+CVE-2014-4193 (The TLS implementation in EMC RSA BSAFE-Java Toolkits (aka Share for J ...)
 	NOT-FOR-US: EMC RSA BSAFE-Java Toolkits
-CVE-2014-4192
+CVE-2014-4192 (The Dual_EC_DRBG implementation in EMC RSA BSAFE-C Toolkits (aka Share ...)
 	NOT-FOR-US: EMC RSA BSAFE-Java Toolkits
-CVE-2014-4191
+CVE-2014-4191 (The TLS implementation in EMC RSA BSAFE-C Toolkits (aka Share for C an ...)
 	NOT-FOR-US: EMC RSA BSAFE-Java Toolkits
-CVE-2014-4190
+CVE-2014-4190 (Multiple heap-based buffer overflows in Huawei Campus Series Switches  ...)
 	NOT-FOR-US: Huawei Campus Series Switches
-CVE-2014-4189
+CVE-2014-4189 (Cross-site scripting (XSS) vulnerability in Hitachi Tuning Manager bef ...)
 	NOT-FOR-US: Hitachi Tuning Manager
-CVE-2014-4188
+CVE-2014-4188 (Cross-site request forgery (CSRF) vulnerability in Hitachi Tuning Mana ...)
 	NOT-FOR-US: Hitachi Tuning Manager
-CVE-2014-4187
+CVE-2014-4187 (Cross-site scripting (XSS) vulnerability in signup.php in ClipBucket a ...)
 	NOT-FOR-US: ClipBucket
 CVE-2014-4186
 	RESERVED
@@ -15017,7 +15017,7 @@ CVE-2014-4176
 	RESERVED
 CVE-2014-4175
 	RESERVED
-CVE-2014-4174
+CVE-2014-4174 (wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x befor ...)
 	- wireshark 1.10.4-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
@@ -15031,7 +15031,7 @@ CVE-2014-4172 [php-cas unencoded tickets]
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46766
-CVE-2014-4171
+CVE-2014-4171 (mm/shmem.c in the Linux kernel through 3.15.1 does not properly implem ...)
 	- linux 3.14.15-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <not-affected> (Vulnerable code introduced later)
@@ -15040,256 +15040,256 @@ CVE-2014-4170
 	RESERVED
 CVE-2014-4169
 	RESERVED
-CVE-2014-4166
+CVE-2014-4166 (Cross-site scripting (XSS) vulnerability in the song history in SHOUTc ...)
 	NOT-FOR-US: SHOUTcast DNAS
-CVE-2014-4165
+CVE-2014-4165 (Cross-site scripting (XSS) vulnerability in ntop allows remote attacke ...)
 	- ntop <removed> (bug #751946)
 	[jessie] - ntop <no-dsa> (Minor issue)
 	[wheezy] - ntop <no-dsa> (Minor issue)
-CVE-2014-4164
+CVE-2014-4164 (Cross-site scripting (XSS) vulnerability in AlgoSec FireFlow 6.3-b230  ...)
 	NOT-FOR-US: AlogoSec FireFlow
-CVE-2014-4163
+CVE-2014-4163 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Feat ...)
 	NOT-FOR-US: WordPress plugin Featured Comments
-CVE-2014-4162
+CVE-2014-4162 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Zyxe ...)
 	NOT-FOR-US: Zyxel P-660HW-T1 wireless
-CVE-2014-4161
+CVE-2014-4161 (Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP Su ...)
 	NOT-FOR-US: SAP Supplier Relationship Management
-CVE-2014-4160
+CVE-2014-4160 (Multiple cross-site scripting (XSS) vulnerabilities in the testcanvas  ...)
 	NOT-FOR-US: SAP NetWeaver Business Client
-CVE-2014-4159
+CVE-2014-4159 (Open redirect vulnerability in in la/umTestSSO.jsp in SAP Supplier  Re ...)
 	NOT-FOR-US: SAP Supplier Relationship Management
-CVE-2014-4158
+CVE-2014-4158 (Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to  ...)
 	NOT-FOR-US: Kolibri
 CVE-2014-4156
 	RESERVED
-CVE-2014-4155
+CVE-2014-4155 (Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300  ...)
 	NOT-FOR-US: ZTE router
-CVE-2014-4154
+CVE-2014-4154 (ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitiv ...)
 	NOT-FOR-US: ZTE router
-CVE-2014-4153
+CVE-2014-4153 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows re ...)
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-4152
+CVE-2014-4152 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows re ...)
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-4151
+CVE-2014-4151 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows re ...)
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-4149
+CVE-2014-4149 (Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4148
+CVE-2014-4148 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft
 CVE-2014-4147
 	REJECTED
 CVE-2014-4146
 	REJECTED
-CVE-2014-4145
+CVE-2014-4145 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-4144
 	REJECTED
-CVE-2014-4143
+CVE-2014-4143 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-4142
 	REJECTED
-CVE-2014-4141
+CVE-2014-4141 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4140
+CVE-2014-4140 (Microsoft Internet Explorer 8 through 11 allows remote attackers to by ...)
 	NOT-FOR-US: Microsoft
 CVE-2014-4139
 	REJECTED
-CVE-2014-4138
+CVE-2014-4138 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4137
+CVE-2014-4137 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft
 CVE-2014-4136
 	REJECTED
 CVE-2014-4135
 	REJECTED
-CVE-2014-4134
+CVE-2014-4134 (Microsoft Internet Explorer 6 through 8 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4133
+CVE-2014-4133 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4132
+CVE-2014-4132 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-4131
 	REJECTED
-CVE-2014-4130
+CVE-2014-4130 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4129
+CVE-2014-4129 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4128
+CVE-2014-4128 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4127
+CVE-2014-4127 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4126
+CVE-2014-4126 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-4125
 	REJECTED
-CVE-2014-4124
+CVE-2014-4124 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ga ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4123
+CVE-2014-4123 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ga ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4122
+CVE-2014-4122 (Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR protec ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4121
+CVE-2014-4121 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 ...)
 	NOT-FOR-US: Microsoft
 CVE-2014-4120
 	REJECTED
 CVE-2014-4119
 	REJECTED
-CVE-2014-4118
+CVE-2014-4118 (XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4117
+CVE-2014-4117 (Microsoft Office 2007 SP3, Word 2007 SP3, Office 2010 SP1 and SP2, Wor ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4116
+CVE-2014-4116 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Found ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4115
+CVE-2014-4115 (fastfat.sys (aka the FASTFAT driver) in the kernel-mode drivers in Mic ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4114
+CVE-2014-4114 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4113
+CVE-2014-4113 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4112
+CVE-2014-4112 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4111
+CVE-2014-4111 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4110
+CVE-2014-4110 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4109
+CVE-2014-4109 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4108
+CVE-2014-4108 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4107
+CVE-2014-4107 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4106
+CVE-2014-4106 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4105
+CVE-2014-4105 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4104
+CVE-2014-4104 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4103
+CVE-2014-4103 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4102
+CVE-2014-4102 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4101
+CVE-2014-4101 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4100
+CVE-2014-4100 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4099
+CVE-2014-4099 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4098
+CVE-2014-4098 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4097
+CVE-2014-4097 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4096
+CVE-2014-4096 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4095
+CVE-2014-4095 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4094
+CVE-2014-4094 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4093
+CVE-2014-4093 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4092
+CVE-2014-4092 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4091
+CVE-2014-4091 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4090
+CVE-2014-4090 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4089
+CVE-2014-4089 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4088
+CVE-2014-4088 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4087
+CVE-2014-4087 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4086
+CVE-2014-4086 (Microsoft Internet Explorer 6 through 8 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4085
+CVE-2014-4085 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4084
+CVE-2014-4084 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4083
+CVE-2014-4083 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4082
+CVE-2014-4082 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4081
+CVE-2014-4081 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4080
+CVE-2014-4080 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4079
+CVE-2014-4079 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4078
+CVE-2014-4078 (The IP Security feature in Microsoft Internet Information Services (II ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4077
+CVE-2014-4077 (Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4076
+CVE-2014-4076 (Microsoft Windows Server 2003 SP2 allows local users to gain privilege ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4075
+CVE-2014-4075 (Cross-site scripting (XSS) vulnerability in System.Web.Mvc.dll in Micr ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4074
+CVE-2014-4074 (The Task Scheduler in Microsoft Windows 8, Windows 8.1, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4073
+CVE-2014-4073 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4072
+CVE-2014-4072 (Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, 4.5 ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4071
+CVE-2014-4071 (The Server in Microsoft Lync Server 2013 allows remote attackers to ca ...)
 	NOT-FOR-US: Microsoft Lync Server
-CVE-2014-4070
+CVE-2014-4070 (Cross-site scripting (XSS) vulnerability in the Web Components Server  ...)
 	NOT-FOR-US: Microsoft Lync Server
 CVE-2014-4069
 	REJECTED
-CVE-2014-4068
+CVE-2014-4068 (The Response Group Service in Microsoft Lync Server 2010 and 2013 and  ...)
 	NOT-FOR-US: Microsoft Lync Server
-CVE-2014-4067
+CVE-2014-4067 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4066
+CVE-2014-4066 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4065
+CVE-2014-4065 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4064
+CVE-2014-4064 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4063
+CVE-2014-4063 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4062
+CVE-2014-4062 (Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, and 3.5.1 doe ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4061
+CVE-2014-4061 (Microsoft SQL Server 2008 SP3, 2008 R2 SP2, and 2012 SP1 does not prop ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4060
+CVE-2014-4060 (Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Medi ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-4059
+CVE-2014-4059 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4058
+CVE-2014-4058 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4057
+CVE-2014-4057 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4056
+CVE-2014-4056 (Microsoft Internet Explorer 7 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4055
+CVE-2014-4055 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-4054
 	REJECTED
 CVE-2014-4053
 	REJECTED
-CVE-2014-4052
+CVE-2014-4052 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4051
+CVE-2014-4051 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-4050
+CVE-2014-4050 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-4042
 	RESERVED
 CVE-2014-4041
 	RESERVED
-CVE-2014-4040
+CVE-2014-4040 (snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot ...)
 	- powerpc-utils 1.3.1-2 (unimportant)
 	NOTE: SuSE decided to put/display a warning about the possibility to of
 	NOTE: containing cleartext passwords in the produced archive containing fstab
 	NOTE: and yaboot.conf
 	NOTE: 1.3.1-2 upload removed /usr/sbin/snap from the installed binary package
-CVE-2014-4039
+CVE-2014-4039 (ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does no ...)
 	- ppc64-diag 2.7.1-5
 	NOTE: SuSE Patch: https://bugzilla.novell.com/attachment.cgi?id=599147
-CVE-2014-4038
+CVE-2014-4038 (ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a ...)
 	- ppc64-diag 2.7.1-5
 	NOTE: Issue partially fixed in 2.7.1-1, but not all parts fixed
 	NOTE: SuSE Patch: https://bugzilla.novell.com/attachment.cgi?id=599147
-CVE-2014-4037
+CVE-2014-4037 (Cross-site scripting (XSS) vulnerability in editor/dialog/fck_spellerp ...)
 	- fckeditor <removed> (low; bug #752873)
 	[wheezy] - fckeditor <no-dsa> (Minor issue)
 	[squeeze] - fckeditor <no-dsa> (Minor issue)
@@ -15298,19 +15298,19 @@ CVE-2014-4037
 	[squeeze] - docvert <no-dsa> (Minor issue)
 	- moin <not-affected> (unused emebdded copy)
 	- knowledgeroot <not-affected> (unused embedded copy)
-CVE-2014-4036
+CVE-2014-4036 (Cross-site scripting (XSS) vulnerability in modules/system/admin.php i ...)
 	NOT-FOR-US: ImpressCMS
-CVE-2014-4035
+CVE-2014-4035 (Cross-site scripting (XSS) vulnerability in booking_details.php in Bes ...)
 	NOT-FOR-US: Advance Hotel Booking System
-CVE-2014-4034
+CVE-2014-4034 (SQL injection vulnerability in zero_view_article.php in ZeroCMS 1.0 al ...)
 	NOT-FOR-US: ZeroCMS
-CVE-2014-4033
+CVE-2014-4033 (Cross-site scripting (XSS) vulnerability in libraries/includes/persona ...)
 	NOT-FOR-US: Epignosis eFront
-CVE-2014-4032
+CVE-2014-4032 (Cross-site scripting (XSS) vulnerability in apps/app_comment/form_comm ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2014-4031
+CVE-2014-4031 (The Policy Manager in Aruba Networks ClearPass 5.x, 6.0.x, 6.1.x throu ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-4030
+CVE-2014-4030 (Cross-site request forgery (CSRF) vulnerability in the JW Player plugi ...)
 	NOT-FOR-US: WordPress plugin JW Player
 CVE-2014-4029
 	RESERVED
@@ -15320,102 +15320,102 @@ CVE-2014-4026
 	RESERVED
 CVE-2014-4025
 	RESERVED
-CVE-2014-4024
+CVE-2014-4024 (SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2014-4023
+CVE-2014-4023 (Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2014-4022
+CVE-2014-4022 (The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, wh ...)
 	- xen <not-affected> (Only 32- and 64-bit ARM systems from Xen 4.4 onwards)
 CVE-2014-4019
 	RESERVED
-CVE-2014-4018
+CVE-2014-4018 (The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a defau ...)
 	NOT-FOR-US: ZTE router
-CVE-2014-4168
+CVE-2014-4168 ((1) iodined.c and (2) user.c in iodine before 0.7.0 allows remote atta ...)
 	{DSA-2964-1}
 	- iodine 0.6.0~rc1-19 (bug #751834)
 	[squeeze] - iodine 0.6.0~rc1-2+deb6u1
 	NOTE: https://github.com/yarrick/iodine/commit/b715be5cf3978fbe589b03b09c9398d0d791f850
-CVE-2014-4167
+CVE-2014-4167 (The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014. ...)
 	- neutron 2014.1.1-1 (bug #752021)
 	NOTE: https://launchpad.net/bugs/1309195
-CVE-2014-4157
+CVE-2014-4157 (arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8  ...)
 	{DLA-103-1}
 	- linux 3.14.7-1 (bug #751417)
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <not-affected> (squeeze-lts only covers x86)
-CVE-2014-4049
+CVE-2014-4049 (Heap-based buffer overflow in the php_parserr function in ext/standard ...)
 	{DSA-2961-1 DLA-0010-1}
 	- php5 5.6.0~beta4+dfsg-3 (bug #751364)
 	[squeeze] - php5 5.3.3-7+squeeze20
 	NOTE: https://github.com/php/php-src/commit/b34d7849ed90ced9345f8ea1c59bc8d101c18468
-CVE-2014-4048
+CVE-2014-4048 (The PJSIP Channel Driver in Asterisk Open Source before 12.3.1 allows  ...)
 	- asterisk <not-affected> (Only affects Asterisk 12.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-008.html
-CVE-2014-4047
+CVE-2014-4047 (Asterisk Open Source 1.8.x before 1.8.28.1, 11.x before 11.10.1, and 1 ...)
 	- asterisk 1:11.10.2~dfsg-1 (low)
 	[wheezy] - asterisk 1:1.8.13.1~dfsg1-3+deb7u4
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-007.html
-CVE-2014-4046
+CVE-2014-4046 (Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Ce ...)
 	{DLA-455-1}
 	- asterisk 1:11.10.2~dfsg-1 (low)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-006.html
-CVE-2014-4045
+CVE-2014-4045 (The Publish/Subscribe Framework in the PJSIP channel driver in Asteris ...)
 	- asterisk <not-affected> (Only affects Asterisk 12.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-005.html
-CVE-2014-4044
+CVE-2014-4044 (OpenAFS 1.6.8 does not properly clear the fields in the host structure ...)
 	- openafs 1.6.9-1
 	[wheezy] - openafs <not-affected> (Vulnerable code introduced in 1.6.8)
 	[squeeze] - openafs <not-affected> (Vulnerable code introduced in 1.6.8)
-CVE-2014-4043
+CVE-2014-4043 (The posix_spawn_file_actions_addopen function in glibc before 2.20 doe ...)
 	{DSA-3169-1 DLA-165-1}
 	- eglibc <removed>
 	- glibc 2.19-2 (low; bug #751774)
-CVE-2014-4021
+CVE-2014-4021 (Xen 3.2.x through 4.4.x does not properly clean memory pages recovered ...)
 	{DSA-3006-1}
 	- xen 4.4.1-1 (bug #751894)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-4020
+CVE-2014-4020 (The dissect_frame function in epan/dissectors/packet-frame.c in the fr ...)
 	- wireshark 1.10.8-1
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.0 to 1.10.7)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.0 to 1.10.7)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-07.html
-CVE-2014-4017
+CVE-2014-4017 (Cross-site scripting (XSS) vulnerability in the Conversion Ninja plugi ...)
 	NOT-FOR-US: WordPress plugin conversionninja
 CVE-2014-4016
 	RESERVED
 CVE-2014-4015
 	RESERVED
-CVE-2014-4013
+CVE-2014-4013 (SQL injection vulnerability in the Policy Manager in Aruba Networks Cl ...)
 	NOT-FOR-US: Aruba Networks ClearPass
-CVE-2014-4012
+CVE-2014-4012 (SAP Open Hub Service has hardcoded credentials, which makes it easier  ...)
 	NOT-FOR-US: SAP
-CVE-2014-4011
+CVE-2014-4011 (SAP Capacity Leveling has hardcoded credentials, which makes it easier ...)
 	NOT-FOR-US: SAP
-CVE-2014-4010
+CVE-2014-4010 (SAP Transaction Data Pool has hardcoded credentials, which makes it ea ...)
 	NOT-FOR-US: SAP
-CVE-2014-4009
+CVE-2014-4009 (SAP CCMS Monitoring (BC-CCM-MON) has hardcoded credentials, which make ...)
 	NOT-FOR-US: SAP
-CVE-2014-4008
+CVE-2014-4008 (SAP Web Services Tool (CA-WUI-WST) has hardcoded credentials, which ma ...)
 	NOT-FOR-US: SAP
-CVE-2014-4007
+CVE-2014-4007 (The SAP Upgrade tools for ABAP has hardcoded credentials, which makes  ...)
 	NOT-FOR-US: SAP
-CVE-2014-4006
+CVE-2014-4006 (The SAP Trader's and Scheduler's Workbench (TSW) for SAP Oil &amp; Gas ...)
 	NOT-FOR-US: SAP
-CVE-2014-4005
+CVE-2014-4005 (SAP Brazil add-on has hardcoded credentials, which makes it easier for ...)
 	NOT-FOR-US: SAP
-CVE-2014-4004
+CVE-2014-4004 (The (1) Structures and (2) Project-Oriented Procurement components in  ...)
 	NOT-FOR-US: SAP
-CVE-2014-4003
+CVE-2014-4003 (The System Landscape Directory (SLD) in SAP NetWeaver allows remote at ...)
 	NOT-FOR-US: SAP
-CVE-2014-4002
+CVE-2014-4002 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b al ...)
 	{DSA-2970-1}
 	- cacti 0.8.8b+dfsg-6 (bug #752573)
 	[squeeze] - cacti 0.8.7g-1+squeeze4 (bug #752573)
 CVE-2014-4001
 	RESERVED
-CVE-2014-4000
+CVE-2014-4000 (Cacti before 1.0.0 allows remote authenticated users to conduct PHP ob ...)
 	- cacti 0.8.8e+ds1-1 (low)
 	[jessie] - cacti 0.8.8b+dfsg-8+deb8u2
 	[wheezy] - cacti 0.8.8a+dfsg-5+deb7u6
@@ -15425,82 +15425,82 @@ CVE-2014-4000
 	NOTE: This CVE was fixed by introduction of the function sanitize_unserialize_selected_items
 	NOTE: in version 0.8.8e and calling it instead of unserialize(stripslashes()).
 	NOTE: Affected files require authenticated users.
-CVE-2014-3999
+CVE-2014-3999 (The Horde_Ldap library before 2.0.6 for Horde allows remote attackers  ...)
 	- php-horde-ldap 2.0.6-1
 CVE-2014-3998
 	RESERVED
-CVE-2014-3997
+CVE-2014-3997 (SQL injection vulnerability in the MetadataServlet servlet in ManageEn ...)
 	NOT-FOR-US: Password Manager Pro
-CVE-2014-3996
+CVE-2014-3996 (SQL injection vulnerability in the LinkViewFetchServlet servlet in Man ...)
 	NOT-FOR-US: Password Manager Pro
 CVE-2014-3993
 	RESERVED
-CVE-2014-3992
+CVE-2014-3992 (Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM 3.5.3 allow ...)
 	- dolibarr 3.5.4+dfsg2-1 (bug #755531)
-CVE-2014-3991
+CVE-2014-3991 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CR ...)
 	- dolibarr 3.5.5+dfsg1-1
-CVE-2014-3990
+CVE-2014-3990 (The Cart::getProducts method in system/library/cart.php in OpenCart 1. ...)
 	NOT-FOR-US: OpenCart
 CVE-2014-3989
 	RESERVED
-CVE-2014-3988
+CVE-2014-3988 (Cross-site scripting (XSS) vulnerability in index.php in SunHater KCFi ...)
 	NOT-FOR-US: SunHater KCFinder
 CVE-2014-3987
 	RESERVED
-CVE-2014-3984
+CVE-2014-3984 (Multiple unspecified vulnerabilities in Libav before 0.8.12 allow remo ...)
 	- libav 6:0.8.12-1
 	NOTE: Fairly pointless CVE assignment...
-CVE-2014-4150
+CVE-2014-4150 (The scheme48-send-definition function in cmuscheme48.el in Scheme 48 a ...)
 	{DLA-0006-1}
 	- scheme48 1.9-4 (bug #748766)
 	[wheezy] - scheme48 1.8+dfsg-1+deb7u1
 	[squeeze] - scheme48 1.8+dfsg-1+deb6u1
-CVE-2014-4027
+CVE-2014-4027 (The rd_build_device_space function in drivers/target/target_core_rd.c  ...)
 	- linux 3.14.2-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.38)
 	NOTE: upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc
-CVE-2014-4014
+CVE-2014-4014 (The capabilities implementation in the Linux kernel before 3.14.8 does ...)
 	- linux 3.14.7-1
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <not-affected> (User namespaces only usable in later kernels)
 	NOTE: fixing commit https://git.kernel.org/linus/23adbe12ef7d3d4195e80800ab36b37bee28cd03
-CVE-2014-3986
+CVE-2014-3986 (include/tests_webservers in Lynis before 1.5.5 allows local users to o ...)
 	- lynis 1.5.5-1 (bug #751083)
 	[squeeze] - lynis <no-dsa> (Minor issue)
 	[wheezy] - lynis <no-dsa> (Minor issue)
-CVE-2014-3995
+CVE-2014-3995 (Cross-site scripting (XSS) vulnerability in gravatars/templatetags/gra ...)
 	NOT-FOR-US: Djblets
-CVE-2014-3994
+CVE-2014-3994 (Cross-site scripting (XSS) vulnerability in util/templatetags/djblets_ ...)
 	NOT-FOR-US: Djblets
 CVE-2014-3983
 	RESERVED
-CVE-2014-3982
+CVE-2014-3982 (include/tests_webservers in Lynis before 1.5.5 on AIX allows local use ...)
 	- lynis <not-affected> (Specific to AIX)
-CVE-2014-3981
+CVE-2014-3981 (acinclude.m4, as used in the configure script in PHP 5.5.13 and earlie ...)
 	- php5 5.6.0~rc1+dfsg-1 (unimportant)
 	NOTE: Only exploitable during package build
 CVE-2014-3979
 	RESERVED
 	NOT-FOR-US: Bytemark Symbiosis
-CVE-2014-3978
+CVE-2014-3978 (SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote auth ...)
 	NOT-FOR-US: TomatoCart
-CVE-2014-3977
+CVE-2014-3977 (libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to ...)
 	NOT-FOR-US: IBM AIX
-CVE-2014-3976
+CVE-2014-3976 (Buffer overflow in A10 Networks Advanced Core Operating System (ACOS)  ...)
 	NOT-FOR-US: A10 Networks Advanced Core Operating System
-CVE-2014-3975
+CVE-2014-3975 (Absolute path traversal vulnerability in filemanager.php in AuraCMS 3. ...)
 	NOT-FOR-US: AuraCMS
-CVE-2014-3974
+CVE-2014-3974 (Cross-site scripting (XSS) vulnerability in filemanager.php in AuraCMS ...)
 	NOT-FOR-US: AuraCMS
-CVE-2014-3973
+CVE-2014-3973 (Multiple SQL injection vulnerabilities in FrontAccounting (FA) before  ...)
 	- frontaccounting 2.3.21-1 (bug #751867)
 	[squeeze] - frontaccounting <no-dsa> (Minor issue)
 	[wheezy] - frontaccounting <no-dsa> (Minor issue)
-CVE-2014-3972
+CVE-2014-3972 (Directory traversal vulnerability in Apexis APM-J601-WS cameras with f ...)
 	NOT-FOR-US: Apexis cameras
-CVE-2014-3971
+CVE-2014-3971 (The CmdAuthenticate::_authenticateX509 function in db/commands/authent ...)
 	- mongodb <not-affected> (X.509 certifictate authentication introduced in 2.6.x)
 	NOTE: https://jira.mongodb.org/browse/SERVER-13753
 	NOTE: https://github.com/mongodb/mongo/commit/c151e0660b9736fe66b224f1129a16871165251b
@@ -15508,203 +15508,203 @@ CVE-2014-3965
 	RESERVED
 CVE-2014-3964
 	RESERVED
-CVE-2014-3963
+CVE-2014-3963 (ownCloud Server before 6.0.1 does not properly check permissions, whic ...)
 	- owncloud 6.0.1+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-009/
-CVE-2014-3962
+CVE-2014-3962 (Multiple SQL injection vulnerabilities in Videos Tube 1.0 allow remote ...)
 	NOT-FOR-US: Videos Tube
-CVE-2014-3961
+CVE-2014-3961 (SQL injection vulnerability in the Export CSV page in the Participants ...)
 	NOT-FOR-US: WordPress plugin Participants Database
-CVE-2014-3960
+CVE-2014-3960 (Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before  ...)
 	NOT-FOR-US: OpenNMS
-CVE-2014-3980
+CVE-2014-3980 (libfep 0.0.5 before 0.1.0 does not properly use UNIX domain sockets in ...)
 	- libfep <itp> (bug #658575)
-CVE-2014-3959
+CVE-2014-3959 (Cross-site scripting (XSS) vulnerability in list.jsp in the Configurat ...)
 	NOT-FOR-US: F5
 CVE-2014-3958
 	RESERVED
 CVE-2014-3957
 	RESERVED
-CVE-2014-3955
+CVE-2014-3955 (routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to caus ...)
 	NOT-FOR-US: FreeBSD routed
-CVE-2014-3954
+CVE-2014-3954 (Stack-based buffer overflow in rtsold in FreeBSD 9.1 through 10.1-RC2  ...)
 	NOT-FOR-US: FreeBSD rtsold
-CVE-2014-3953
+CVE-2014-3953 (FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 befor ...)
 	{DSA-3070-1}
 	- kfreebsd-8 <removed>
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be fixed in a point update)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	- kfreebsd-9 <removed> (bug #754237)
 	- kfreebsd-10 10.1~svn272463-1
-CVE-2014-3952
+CVE-2014-3952 (FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 befor ...)
 	{DSA-3070-1}
 	- kfreebsd-8 <removed>
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be fixed in a point update)
 	- kfreebsd-9 <removed> (bug #754236)
 	- kfreebsd-10 10.1~svn272463-1
-CVE-2014-3951
+CVE-2014-3951 (The HZ module in the iconv implementation in FreeBSD 10.0 before p6 an ...)
 	NOT-FOR-US: iconv system library of FreeBSD and NetBSD
 CVE-2014-3950
 	RESERVED
-CVE-2014-3949
+CVE-2014-3949 (Cross-site scripting (XSS) vulnerability in the layout wizard in the G ...)
 	NOT-FOR-US: TYPO3 extension gridelements
-CVE-2014-3948
+CVE-2014-3948 (Cross-site scripting (XSS) vulnerability in the HTML export wizard in  ...)
 	NOT-FOR-US: TYPO3 extension powermail
-CVE-2014-3947
+CVE-2014-3947 (Unrestricted file upload vulnerability in the powermail extension befo ...)
 	NOT-FOR-US: TYPO3 extension powermail
-CVE-2014-3939
+CVE-2014-3939 (Heap-based buffer overflow in Autodesk SketchBook Pro before 6.2.6 all ...)
 	NOT-FOR-US: Autodesk SketchBook Pro
-CVE-2014-3938
+CVE-2014-3938 (Integer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote ...)
 	NOT-FOR-US: Autodesk Sketchbook Pro
-CVE-2014-3937
+CVE-2014-3937 (SQL injection vulnerability in the Contextual Related Posts plugin bef ...)
 	NOT-FOR-US: WordPress plugin contextual-related-posts
-CVE-2014-3936
+CVE-2014-3936 (Stack-based buffer overflow in the do_hnap function in www/my_cgi.cgi  ...)
 	NOT-FOR-US: D-Link
-CVE-2014-3935
+CVE-2014-3935 (SQL injection vulnerability in glossaire-aff.php in the Glossaire modu ...)
 	NOT-FOR-US: XOOPS module Glossaire
-CVE-2014-3934
+CVE-2014-3934 (SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 ...)
 	NOT-FOR-US: PHP-Nuke
-CVE-2014-3933
+CVE-2014-3933 (Cross-site scripting (XSS) vulnerability in the address components fie ...)
 	NOT-FOR-US: Drupal module AddressField Tokens
-CVE-2014-3932
+CVE-2014-3932 (SQL injection vulnerability in the device registration component in ws ...)
 	NOT-FOR-US: CoSoSys Endpoint Protector
-CVE-2014-3931
+CVE-2014-3931 (fastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 allow ...)
 	NOT-FOR-US: Multi-Router Looking Glass
-CVE-2014-3930
+CVE-2014-3930 (lg.pl in Cistron-LG 1.01 stores sensitive information under the web ro ...)
 	NOT-FOR-US: Cistron-LG
-CVE-2014-3929
+CVE-2014-3929 (The default configuration for Cougar-LG stores sensitive information u ...)
 	NOT-FOR-US: Cougar-LG
-CVE-2014-3928
+CVE-2014-3928 (Cougar-LG stores sensitive information under the web root with insuffi ...)
 	NOT-FOR-US: Cougar-LG
-CVE-2014-3927
+CVE-2014-3927 (mrlg-lib.php in mrlg4php before 1.0.8 allows remote attackers to execu ...)
 	NOT-FOR-US: mrlg4php
-CVE-2014-3926
+CVE-2014-3926 (Cross-site scripting (XSS) vulnerability in lg.cgi in Cougar LG 1.9 al ...)
 	NOT-FOR-US: Cougar LG
-CVE-2014-3924
+CVE-2014-3924 (Multiple cross-site scripting (XSS) vulnerabilities in Webmin before 1 ...)
 	NOT-FOR-US: Webmin
-CVE-2014-3923
+CVE-2014-3923 (Multiple cross-site scripting (XSS) vulnerabilities in the Digital Zoo ...)
 	NOT-FOR-US: WordPress plugin Digital Zoom Studio Video Gallery
-CVE-2014-3922
+CVE-2014-3922 (Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Mess ...)
 	NOT-FOR-US: Trend Micro InterScan
-CVE-2014-3921
+CVE-2014-3921 (Cross-site scripting (XSS) vulnerability in popup.php in the Simple Po ...)
 	NOT-FOR-US: WordPress plugin Simple Popup Images
-CVE-2014-3969
+CVE-2014-3969 (Xen 4.4.x, when running on an ARM system, does not properly check writ ...)
 	- xen <not-affected> (Only ARM systems are affected from Xen 4.4 onwards)
-CVE-2014-3970
+CVE-2014-3970 (The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv m ...)
 	- pulseaudio 5.0-3 (low)
 	[squeeze] - pulseaudio <no-dsa> (Minor issue)
 	[wheezy] - pulseaudio <no-dsa> (Minor issue)
 	NOTE: http://lists.freedesktop.org/archives/pulseaudio-discuss/2014-May/020740.html
-CVE-2014-3968
+CVE-2014-3968 (The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows lo ...)
 	- xen 4.4.1-1 (bug #757724)
 	[wheezy] - xen <not-affected> (Xen versions from 4.2 onwards are vulnerable)
 	[squeeze] - xen <not-affected> (Xen versions from 4.2 onwards are vulnerable)
-CVE-2014-3967
+CVE-2014-3967 (The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not  ...)
 	- xen 4.4.1-1 (bug #757724)
 	[wheezy] - xen <not-affected> (Xen versions from 4.2 onwards are vulnerable)
 	[squeeze] - xen <not-affected> (Xen versions from 4.2 onwards are vulnerable)
-CVE-2014-3966
+CVE-2014-3966 (Cross-site scripting (XSS) vulnerability in Special:PasswordReset in M ...)
 	{DSA-2957-1}
 	- mediawiki 1:1.19.16+dfsg-1 (low; bug #750527)
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=65501
-CVE-2014-3956
+CVE-2014-3956 (The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has  ...)
 	- sendmail 8.14.4-6 (low; bug #750562)
 	[wheezy] - sendmail 8.14.4-4+deb7u1
 	[squeeze] - sendmail <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/06/03/1
-CVE-2014-3940
+CVE-2014-3940 (The Linux kernel through 3.14.5 does not properly consider the presenc ...)
 	- linux 3.14.7-1 (low)
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <not-affected> (Only exploitable in 3.12 and later)
-CVE-2014-3925
+CVE-2014-3925 (sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux ( ...)
 	- sosreport <not-affected> (RedHat-specific issue)
-CVE-2014-3920
+CVE-2014-3920 (Cross-site request forgery (CSRF) vulnerability in Kanboard before 1.0 ...)
 	- kanboard <itp> (bug #790814)
 CVE-2014-3919
 	RESERVED
 CVE-2014-3918
 	RESERVED
-CVE-2014-3916
+CVE-2014-3916 (The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 all ...)
 	- ruby2.1 <removed> (unimportant)
 	- ruby2.0 <removed> (unimportant)
 	- ruby1.9.1 <removed> (unimportant)
 	- ruby1.8 <removed> (unimportant)
 	NOTE: Only exploitable on Windows
-CVE-2014-3915
+CVE-2014-3915 (The userRequest servlet in the Admin Center for Tivoli Storage Manager ...)
 	NOT-FOR-US: Rocket Servergraph
-CVE-2014-3914
+CVE-2014-3914 (Directory traversal vulnerability in the Admin Center for Tivoli Stora ...)
 	NOT-FOR-US: Rocket ServerGraph
-CVE-2014-3913
+CVE-2014-3913 (Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow  ...)
 	NOT-FOR-US: Ericom AccessNow Server
-CVE-2014-3912
+CVE-2014-3912 (Stack-based buffer overflow in the FindConfigChildeKeyList method in t ...)
 	NOT-FOR-US: Samsung iPOLiS Device Manager
-CVE-2014-3911
+CVE-2014-3911 (Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to e ...)
 	NOT-FOR-US: Samsung iPOLiS Device Manager
-CVE-2014-3910
+CVE-2014-3910 (Emurasoft EmFTP allows local users to gain privileges via a Trojan hor ...)
 	NOT-FOR-US: Emurasoft EmFTP
-CVE-2014-3909
+CVE-2014-3909 (Session fixation vulnerability in Falcon WisePoint 4.1.19.7 and earlie ...)
 	NOT-FOR-US: Falcon WisePoint
-CVE-2014-3908
+CVE-2014-3908 (The Amazon.com Kindle application before 4.5.0 for Android does not ve ...)
 	NOT-FOR-US: Amazon.com Kindle application
-CVE-2014-3907
+CVE-2014-3907 (Cross-site request forgery (CSRF) vulnerability in the MailPoet Newsle ...)
 	NOT-FOR-US: MailPoet Newsletters (wysija-newsletters) plugin for WordPress
-CVE-2014-3906
+CVE-2014-3906 (SQL injection vulnerability in OSK Advance-Flow 4.41 and earlier and A ...)
 	NOT-FOR-US: OSK Advance-Flow
-CVE-2014-3905
+CVE-2014-3905 (Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0.1.4  ...)
 	NOT-FOR-US: tenfourzero Shutter
-CVE-2014-3904
+CVE-2014-3904 (SQL injection vulnerability in lib/admin.php in tenfourzero Shutter 0. ...)
 	NOT-FOR-US: tenfourzero Shutter
-CVE-2014-3903
+CVE-2014-3903 (Cross-site scripting (XSS) vulnerability in the Cakifo theme 1.x befor ...)
 	NOT-FOR-US: Cakifo theme for WordPress
-CVE-2014-3902
+CVE-2014-3902 (The CyberAgent Ameba application 3.x and 4.x before 4.5.0 for Android  ...)
 	NOT-FOR-US: CyberAgent Ameba application
-CVE-2014-3901
+CVE-2014-3901 (Raritan Japan Dominion KX2-101 switches before 2 allow remote attacker ...)
 	NOT-FOR-US: Raritan Japan Dominion KX2-101 switches
-CVE-2014-3900
+CVE-2014-3900 (Cross-site scripting (XSS) vulnerability in admin/picture_modify.php i ...)
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2014-3899
+CVE-2014-3899 (Gretech GOM Player 2.2.51.5149 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: Gretech GOM Player
-CVE-2014-3898
+CVE-2014-3898 (Cross-site scripting (XSS) vulnerability in Fujitsu ServerView Operati ...)
 	NOT-FOR-US: Fujitsu ServerView Operations Manager
-CVE-2014-3897
+CVE-2014-3897 (Cross-site scripting (XSS) vulnerability in Homepage Decorator PerlMai ...)
 	NOT-FOR-US: Homepage Decorator PerlMailer
-CVE-2014-3896
+CVE-2014-3896 (Multiple cross-site request forgery (CSRF) vulnerabilities in CGI prog ...)
 	NOT-FOR-US: Seeds acmailer
-CVE-2014-3895
+CVE-2014-3895 (The I-O DATA TS-WLCAM camera with firmware 1.06 and earlier, TS-WLCAM/ ...)
 	NOT-FOR-US: I-O DATA camera firmware
-CVE-2014-3894
+CVE-2014-3894 (Cross-site scripting (XSS) vulnerability in PHP Kobo Multifunctional M ...)
 	NOT-FOR-US: PHP Kobo Multifunctional MailForm
 CVE-2014-3893
 	RESERVED
-CVE-2014-3892
+CVE-2014-3892 (Cross-site scripting (XSS) vulnerability in Nexa Meridian before 2014  ...)
 	NOT-FOR-US: Nexa Meridian
-CVE-2014-3891
+CVE-2014-3891 (Buffer overflow in RimArts Becky! Internet Mail before 2.68 allows rem ...)
 	NOT-FOR-US: RimArts Becky! Internet Mail
-CVE-2014-3890
+CVE-2014-3890 (silex SX-2000WG devices with firmware before 1.5.4 allow remote attack ...)
 	NOT-FOR-US: silex device
-CVE-2014-3889
+CVE-2014-3889 (silex SX-2000WG devices with firmware before 1.5.4 allow remote attack ...)
 	NOT-FOR-US: silex device
-CVE-2014-3888
+CVE-2014-3888 (Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS 1 ...)
 	NOT-FOR-US: Yokogawa
-CVE-2014-3887
+CVE-2014-3887 (Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk w ...)
 	NOT-FOR-US: I-O DATA DEVICE
-CVE-2014-3886
+CVE-2014-3886 (Cross-site scripting (XSS) vulnerability in Webmin before 1.690, when  ...)
 	NOT-FOR-US: Webmin
-CVE-2014-3885
+CVE-2014-3885 (Cross-site scripting (XSS) vulnerability in Webmin before 1.690 allows ...)
 	NOT-FOR-US: Webmin
-CVE-2014-3884
+CVE-2014-3884 (Cross-site scripting (XSS) vulnerability in Usermin before 1.600 allow ...)
 	NOT-FOR-US: Usermin
-CVE-2014-3883
+CVE-2014-3883 (Usermin before 1.600 allows remote attackers to execute arbitrary oper ...)
 	NOT-FOR-US: Usermin
-CVE-2014-3882
+CVE-2014-3882 (Cross-site request forgery (CSRF) vulnerability in the Login rebuilder ...)
 	NOT-FOR-US: WordPress plugin login-rebuilder
-CVE-2014-3881
+CVE-2014-3881 (Cross-site request forgery (CSRF) vulnerability in Intercom Web Kyukin ...)
 	NOT-FOR-US: Intercom Web Kyukincho
-CVE-2014-3880
+CVE-2014-3880 (The (1) execve and (2) fexecve system calls in the FreeBSD kernel 8.4  ...)
 	{DSA-2952-1}
 	- kfreebsd-8 <removed>
 	[wheezy] - kfreebsd-8 <no-dsa> (Will be fixed in a point update)
@@ -15713,14 +15713,14 @@ CVE-2014-3880
 	- kfreebsd-10 10.0-6
 CVE-2014-3879
 	RESERVED
-CVE-2014-3878
+CVE-2014-3878 (Multiple cross-site scripting (XSS) vulnerabilities in the web client  ...)
 	NOT-FOR-US: IPSwitch IMail
-CVE-2014-3877
+CVE-2014-3877 (Incomplete blacklist vulnerability in Frams' Fast File EXchange (F*EX, ...)
 	{DLA-68-1}
 	- fex 20140530-1
 	[wheezy] - fex <no-dsa> (non-free not supported)
 	NOTE: https://www.lsexperts.de/advisories/lse-2014-05-22.txt
-CVE-2014-3876
+CVE-2014-3876 (Multiple cross-site scripting (XSS) vulnerabilities in Frams' Fast Fil ...)
 	{DLA-68-1}
 	- fex 20140530-1
 	[wheezy] - fex <no-dsa> (non-free not supported)
@@ -15733,36 +15733,36 @@ CVE-2014-3875
 	NOTE: https://www.lsexperts.de/advisories/lse-2014-05-22.txt
 CVE-2014-3874
 	RESERVED
-CVE-2014-3873
+CVE-2014-3873 (The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p1 ...)
 	- kfreebsd-8 <removed>
 	- kfreebsd-9 <removed> (bug #750493)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-9 <not-affected> (introduced by the merge of r237663)
 	[wheezy] - kfreebsd-8 <no-dsa> (Non standard kernel, will be fixed in a point update)
-CVE-2014-3872
+CVE-2014-3872 (Multiple SQL injection vulnerabilities in the administration login pag ...)
 	NOT-FOR-US: D-Link firmware
-CVE-2014-3871
+CVE-2014-3871 (Multiple SQL injection vulnerabilities in register.php in Geodesic Sol ...)
 	NOT-FOR-US: GeodesicSolutions
 CVE-2014-3869
 	RESERVED
 CVE-2014-3868
 	RESERVED
-CVE-2014-3867
+CVE-2014-3867 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2014-3863
+CVE-2014-3863 (Cross-site scripting (XSS) vulnerability in the JChatSocial component  ...)
 	NOT-FOR-US: Joomla! component JChatSocial
-CVE-2014-3862
+CVE-2014-3862 (CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discov ...)
 	NOT-FOR-US: HL7 C-CDA
-CVE-2014-3861
+CVE-2014-3861 (Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 a ...)
 	NOT-FOR-US: HL7 C-CDA
 CVE-2014-3860
 	RESERVED
-CVE-2014-3859
+CVE-2014-3859 (libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS opti ...)
 	- bind9 <not-affected> (Only affects 9.10.0, 9.10.0-P1)
 	NOTE: https://kb.isc.org/article/AA-01166
 CVE-2014-3858
 	RESERVED
-CVE-2014-3857
+CVE-2014-3857 (Multiple SQL injection vulnerabilities in Kerio Control Statistics in  ...)
 	NOT-FOR-US: Kerio Control
 CVE-2014-3856
 	RESERVED
@@ -15770,213 +15770,213 @@ CVE-2014-3856
 	[squeeze] - fish <no-dsa> (Minor issue)
 	[wheezy] - fish <no-dsa> (Minor issue)
 	NOTE: https://github.com/fish-shell/fish-shell/issues/1437
-CVE-2014-3855
+CVE-2014-3855 (Directory traversal vulnerability in download.py in Pyplate 0.08 allow ...)
 	NOT-FOR-US: Pyplate
-CVE-2014-3854
+CVE-2014-3854 (Cross-site request forgery (CSRF) vulnerability in admin/addScript.py  ...)
 	NOT-FOR-US: Pyplate
-CVE-2014-3853
+CVE-2014-3853 (Pyplate 0.08 does not set the secure flag for the id cookie in an http ...)
 	NOT-FOR-US: Pyplate
-CVE-2014-3852
+CVE-2014-3852 (Pyplate 0.08 does not include the HTTPOnly flag in a Set-Cookie header ...)
 	NOT-FOR-US: Pyplate
-CVE-2014-3851
+CVE-2014-3851 (usr/lib/cgi-bin/create_passwd_file.py in Pyplate 0.08 uses world-reada ...)
 	NOT-FOR-US: Pyplate
-CVE-2014-3850
+CVE-2014-3850 (Cross-site request forgery (CSRF) vulnerability in the Member Approval ...)
 	NOT-FOR-US: WordPress plugin Member Approval 131109
-CVE-2014-3849
+CVE-2014-3849 (The iMember360 plugin 3.8.012 through 3.9.001 for WordPress does not p ...)
 	NOT-FOR-US: WordPress plugin iMember360
-CVE-2014-3848
+CVE-2014-3848 (The iMember360 plugin before 3.9.001 for WordPress does not properly r ...)
 	NOT-FOR-US: WordPress plugin iMember360
 CVE-2014-3847
 	RESERVED
-CVE-2014-3845
+CVE-2014-3845 (Cross-site request forgery (CSRF) vulnerability in the TinyMCE Color P ...)
 	NOT-FOR-US: WordPress plugin TinyMCE Color Picker
-CVE-2014-3844
+CVE-2014-3844 (The TinyMCE Color Picker plugin before 1.2 for WordPress does not prop ...)
 	NOT-FOR-US: WordPress plugin TinyMCE Color Picker
-CVE-2014-3843
+CVE-2014-3843 (Cross-site request forgery (CSRF) vulnerability in the Search Everythi ...)
 	NOT-FOR-US: WordPress plugin Search Everything
-CVE-2014-3842
+CVE-2014-3842 (Multiple cross-site scripting (XSS) vulnerabilities in the iMember360  ...)
 	NOT-FOR-US: WordPress plugin iMember360
-CVE-2014-3841
+CVE-2014-3841 (Cross-site scripting (XSS) vulnerability in the Contact Bank plugin be ...)
 	NOT-FOR-US: WordPress plugin Contact Bank
-CVE-2014-3946
+CVE-2014-3946 (The query caching functionality in the Extbase Framework component in  ...)
 	{DSA-2942-1}
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-3945
+CVE-2014-3945 (The Authentication component in TYPO3 before 6.2, when salting for pas ...)
 	{DSA-2942-1}
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-3944
+CVE-2014-3944 (The Authentication component in TYPO3 6.2.0 before 6.2.3 does not prop ...)
 	{DSA-2942-1}
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-3943
+CVE-2014-3943 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified bac ...)
 	{DSA-2942-1}
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-3942
+CVE-2014-3942 (The Color Picker Wizard component in TYPO3 4.5.0 before 4.5.34, 4.7.0  ...)
 	{DSA-2942-1}
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-3941
+CVE-2014-3941 (TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6 ...)
 	{DSA-2942-1}
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-3917
+CVE-2014-3917 (kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDIT ...)
 	{DLA-0015-1}
 	- linux 3.14.7-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: http://article.gmane.org/gmane.linux.kernel/1713179
-CVE-2014-3865
+CVE-2014-3865 (Multiple directory traversal vulnerabilities in dpkg-source in dpkg-de ...)
 	{DSA-2953-1}
 	- dpkg 1.17.10 (bug #749183)
-CVE-2014-3864
+CVE-2014-3864 (Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 all ...)
 	{DSA-2953-1}
 	- dpkg 1.17.10 (bug #746498)
-CVE-2014-3870
+CVE-2014-3870 (Cross-site scripting (XSS) vulnerability in the bib2html plugin 0.9.3  ...)
 	NOT-FOR-US: WordPress plugin bib2html
-CVE-2014-3866
+CVE-2014-3866 (Multiple cross-site request forgery (CSRF) vulnerabilities in user_set ...)
 	NOT-FOR-US: userCake
-CVE-2014-3846
+CVE-2014-3846 (Cross-site scripting (XSS) vulnerability in Flying Cart allows remote  ...)
 	NOT-FOR-US: Flying Cart
 CVE-2014-3839 [owncloud: Deserialization of Untrusted Data in core]
 	RESERVED
 	- owncloud 6.0.3+dfsg-1
-CVE-2014-3838
+CVE-2014-3838 (ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not properly ...)
 	- owncloud 6.0.3+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oc-sa-2014-016/
-CVE-2014-3837
+CVE-2014-3837 (The document application in ownCloud Server before 6.0.3 uses sequenti ...)
 	- owncloud 6.0.3+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oc-sa-2014-015/
-CVE-2014-3836
+CVE-2014-3836 (Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud ...)
 	- owncloud 6.0.3+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oc-sa-2014-014/
-CVE-2014-3835
+CVE-2014-3835 (ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not check pe ...)
 	- owncloud 6.0.3+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oc-sa-2014-012/
-CVE-2014-3834
+CVE-2014-3834 (ownCloud Server before 6.0.3 does not properly check permissions, whic ...)
 	- owncloud 6.0.3+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oc-sa-2014-011/
 	NOTE: http://owncloud.org/about/security/advisories/oc-sa-2014-013/
-CVE-2014-3833
+CVE-2014-3833 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Gallery ...)
 	- owncloud 6.0.3+dfsg-2
-CVE-2014-3832
+CVE-2014-3832 (Cross-site scripting (XSS) vulnerability in the Documents component in ...)
 	- owncloud 6.0.3+dfsg-2
 CVE-2014-3831
 	REJECTED
-CVE-2014-3830
+CVE-2014-3830 (Cross-site scripting (XSS) vulnerability in info.php in TomatoCart 1.1 ...)
 	NOT-FOR-US: TomatoCart
-CVE-2014-3829
+CVE-2014-3829 (displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Ser ...)
 	NOT-FOR-US: Centreon
-CVE-2014-3828
+CVE-2014-3828 (Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon  ...)
 	NOT-FOR-US: Centreon
 CVE-2014-3827
 	RESERVED
 CVE-2014-3826
 	RESERVED
-CVE-2014-3825
+CVE-2014-3825 (The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1 ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3824
+CVE-2014-3824 (Cross-site scripting (XSS) vulnerability in the web server in the Juni ...)
 	NOT-FOR-US: Juniper Junos Pulse Secure Access Service
-CVE-2014-3823
+CVE-2014-3823 (The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with I ...)
 	NOT-FOR-US: The Juniper Junos Pulse Secure Access Service
-CVE-2014-3822
+CVE-2014-3822 (Juniper Junos 11.4 before 11.4R8, 12.1 before 12.1R5, 12.1X44 before 1 ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3821
+CVE-2014-3821 (Cross-site scripting (XSS) vulnerability in SRX Web Authentication (we ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3820
+CVE-2014-3820 (Cross-site scripting (XSS) vulnerability in the SSL VPN/UAC web server ...)
 	NOT-FOR-US: Juniper Junos Pulse Secure Access Service
-CVE-2014-3819
+CVE-2014-3819 (Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R10, 12.1X44 before ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3818
+CVE-2014-3818 (Juniper Junos OS 9.1 through 11.4 before 11.4R11, 12.1 before R10, 12. ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3817
+CVE-2014-3817 (Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D32, 12.1X45 ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3816
+CVE-2014-3816 (Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R11, 12.1X44 before ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3815
+CVE-2014-3815 (Juniper Junos 12.1X46 before 12.1X46-D20 and 12.1X47 before 12.1X47-D1 ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-3814
+CVE-2014-3814 (The Juniper Networks NetScreen Firewall devices with ScreenOS before 6 ...)
 	NOT-FOR-US: Juniper Networks NetScreen Firewall
-CVE-2014-3813
+CVE-2014-3813 (Unspecified vulnerability in the Juniper Networks NetScreen Firewall p ...)
 	NOT-FOR-US: Juniper Networks NetScreen Firewall
-CVE-2014-3812
+CVE-2014-3812 (The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with I ...)
 	NOT-FOR-US: Juniper Junos Pulse Secure Access Service
-CVE-2014-3811
+CVE-2014-3811 (Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows an ...)
 	NOT-FOR-US: Junos Pulse Client
-CVE-2014-3810
+CVE-2014-3810 (SQL injection vulnerability in administration/profiles.php in BoonEx D ...)
 	NOT-FOR-US: Dolphin (php thingy)
 CVE-2014-3809
 	RESERVED
 	NOT-FOR-US: Alcatel Lucent
-CVE-2014-3808
+CVE-2014-3808 (Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive  ...)
 	NOT-FOR-US: BarracudaDrive
-CVE-2014-3807
+CVE-2014-3807 (Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive  ...)
 	NOT-FOR-US: BarracudaDrive
-CVE-2014-3806
+CVE-2014-3806 (Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo  ...)
 	NOT-FOR-US: VMTurbo Operations Manager
-CVE-2014-3805
+CVE-2014-3805 (The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows re ...)
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-3804
+CVE-2014-3804 (The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows re ...)
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2014-3803
+CVE-2014-3803 (The SpeechInput feature in Blink, as used in Google Chrome before 35.0 ...)
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3802
+CVE-2014-3802 (msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distribute ...)
 	NOT-FOR-US: Microsoft Visual Studio
 CVE-2014-3799
 	REJECTED
 CVE-2014-3798
 	RESERVED
-CVE-2014-3797
+CVE-2014-3797 (Cross-site scripting (XSS) vulnerability in VMware vCenter Server Appl ...)
 	NOT-FOR-US: VMware vSphere
-CVE-2014-3796
+CVE-2014-3796 (VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) ...)
 	NOT-FOR-US: VMware NSX and vCNS
 CVE-2014-3795
 	REJECTED
 CVE-2014-3794
 	REJECTED
-CVE-2014-3793
+CVE-2014-3793 (VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6 ...)
 	NOT-FOR-US: VMware
-CVE-2014-3792
+CVE-2014-3792 (Cross-site request forgery (CSRF) vulnerability in Beetel 450TC2 Route ...)
 	NOT-FOR-US: Beetel Router
-CVE-2014-3791
+CVE-2014-3791 (Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8  ...)
 	NOT-FOR-US: Easy File Sharing
-CVE-2014-3790
+CVE-2014-3790 (Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows r ...)
 	NOT-FOR-US: VMware vCenter Server Appliance
-CVE-2014-3789
+CVE-2014-3789 (GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before 7 ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2014-3788
+CVE-2014-3788 (Heap-based buffer overflow in the Web Server in Cogent Real-Time Syste ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2014-3787
+CVE-2014-3787 (SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitra ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-3840
+CVE-2014-3840 (Multiple cross-site scripting (XSS) vulnerabilities in apps/common/tem ...)
 	- mayan <itp> (bug #718580)
-CVE-2014-3801
+CVE-2014-3801 (OpenStack Orchestration API (Heat) 2013.2 through 2013.2.3 and 2014.1, ...)
 	- heat 2014.1-4 (bug #748824)
 	NOTE: https://launchpad.net/bugs/1311223
-CVE-2014-3786
+CVE-2014-3786 (Multiple cross-site scripting (XSS) vulnerabilities in the contact mod ...)
 	NOT-FOR-US: Pixie CMS
 CVE-2014-3785
 	RESERVED
 CVE-2014-3784
 	RESERVED
-CVE-2014-3783
+CVE-2014-3783 (SQL injection vulnerability in admin/categories.php in Dotclear before ...)
 	- dotclear 2.6.3+dfsg-1
-CVE-2014-3782
+CVE-2014-3782 (Multiple incomplete blacklist vulnerabilities in the filemanager::isFi ...)
 	- dotclear 2.6.3+dfsg-1
-CVE-2014-3781
+CVE-2014-3781 (The dcXmlRpc::setUser method in nc/core/class.dc.xmlrpc.php in Dotclea ...)
 	- dotclear 2.6.3+dfsg-1
-CVE-2014-3780
+CVE-2014-3780 (Unspecified vulnerability in Citrix VDI-In-A-Box 5.3.x before 5.3.8 an ...)
 	NOT-FOR-US: Citrix
-CVE-2014-3779
+CVE-2014-3779 (Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ADSelfSe ...)
 	NOT-FOR-US: ZOHO
-CVE-2014-3778
+CVE-2014-3778 (Multiple cross-site request forgery (CSRF) vulnerabilities in goform/R ...)
 	NOT-FOR-US: ARRIS modem
-CVE-2014-3777
+CVE-2014-3777 (Directory traversal vulnerability in Reportico PHP Report Designer bef ...)
 	NOT-FOR-US: Reportico PHP Report Designer
 CVE-2014-3770
 	RESERVED
@@ -15990,31 +15990,31 @@ CVE-2014-3766
 	RESERVED
 CVE-2014-3765
 	RESERVED
-CVE-2014-3764
+CVE-2014-3764 (Cross-site scripting (XSS) vulnerability in the web-based device manag ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2014-3763
 	RESERVED
 CVE-2014-3762
 	RESERVED
-CVE-2014-3761
+CVE-2014-3761 (Cross-site scripting (XSS) vulnerability in D-Link DAP 1150 with firmw ...)
 	NOT-FOR-US: D-Link DAP 1150
-CVE-2014-3760
+CVE-2014-3760 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link D ...)
 	NOT-FOR-US: D-Link DAP 1150
-CVE-2014-3759
+CVE-2014-3759 (Multiple SQL injection vulnerabilities in the BibTex Publications (si_ ...)
 	NOT-FOR-US: TYPO3 extension si_bibtex
-CVE-2014-3758
+CVE-2014-3758 (Cross-site scripting (XSS) vulnerability in the BibTex Publications (s ...)
 	NOT-FOR-US: TYPO3 extension si_bibtex
-CVE-2014-3757
+CVE-2014-3757 (SQL injection vulnerability in sorter.php in the phpManufaktur kitForm ...)
 	NOT-FOR-US: phpManufaktur extension
 CVE-2014-3754
 	RESERVED
 CVE-2014-3753
 	RESERVED
-CVE-2014-3752
+CVE-2014-3752 (The MiniIcpt.sys driver in G Data TotalProtection 2014 24.0.2.1 and ea ...)
 	NOT-FOR-US: G Data TotalProtection
 CVE-2014-3751
 	RESERVED
-CVE-2014-3750
+CVE-2014-3750 (The Bilyoner application before 2.3.1 for Android and before 4.6.2 for ...)
 	NOT-FOR-US: Bilyoner for Android
 CVE-2014-3748
 	RESERVED
@@ -16024,22 +16024,22 @@ CVE-2014-3746
 	RESERVED
 CVE-2014-3745
 	RESERVED
-CVE-2014-3744
+CVE-2014-3744 (Directory traversal vulnerability in the st module before 0.2.5 for No ...)
 	NOT-FOR-US: Node st module
 CVE-2014-3743
 	RESERVED
 	- node-marked 0.3.1+dfsg-1
-CVE-2014-3742
+CVE-2014-3742 (The hapi server framework 2.0.x and 2.1.x before 2.2.0 for Node.js all ...)
 	NOT-FOR-US: hapi framework for Node.js
-CVE-2014-3741
+CVE-2014-3741 (The printDirect function in lib/printer.js in the node-printer module  ...)
 	NOT-FOR-US: node-printer
-CVE-2014-3740
+CVE-2014-3740 (Cross-site scripting (XSS) vulnerability in SpiceWorks before 7.2.0019 ...)
 	NOT-FOR-US: SpiceWorks
-CVE-2014-3737
+CVE-2014-3737 (Cross-site scripting (XSS) vulnerability in templates/defaultheader.ph ...)
 	NOT-FOR-US: Storesprite
 CVE-2014-3736
 	RESERVED
-CVE-2014-3735
+CVE-2014-3735 (ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers ...)
 	NOT-FOR-US: Intel Ideo Video
 CVE-2014-3734
 	RESERVED
@@ -16073,42 +16073,42 @@ CVE-2014-3718
 	RESERVED
 CVE-2014-3713
 	RESERVED
-CVE-2014-3712
+CVE-2014-3712 (Katello allows remote attackers to cause a denial of service (memory c ...)
 	NOT-FOR-US: Katello
-CVE-2014-3711
+CVE-2014-3711 (namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause ...)
 	{DSA-3070-1}
 	- kfreebsd-9 <removed> (bug #766275)
 	- kfreebsd-10 10.1~svn273874-1 (bug #766278)
 	[experimental] - kfreebsd-11 11.0~svn284956-1 (bug #766279)
-CVE-2014-3710
+CVE-2014-3710 (The donote function in readelf.c in file through 5.20, as used in the  ...)
 	{DSA-3074-1 DSA-3072-1 DLA-94-1 DLA-86-1}
 	- file 1:5.20-2 (bug #768806)
 	NOTE: Upstream fix: https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0
 	- php5 5.6.3+dfsg-1 (bug #768807)
 	NOTE: https://bugs.php.net/bug.php?id=68283
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=1803228597e82218a8c105e67975bc50e6f5bf0d (PHP 5.4 branch)
-CVE-2014-3709
+CVE-2014-3709 (The org.keycloak.services.resources.SocialResource.callback method in  ...)
 	NOT-FOR-US: JBoss KeyCloak
-CVE-2014-3708
+CVE-2014-3708 (OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1  ...)
 	- nova 2014.1.3-6 (low)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: affected versions up to 2014.1.3, and 2014.2
-CVE-2014-3707
+CVE-2014-3707 (The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, whe ...)
 	{DSA-3069-1 DLA-84-1}
 	- curl 7.38.0-3
 	NOTE: http://curl.haxx.se/docs/adv_20141105.html
 	NOTE: Upstream commit: https://github.com/bagder/curl/commit/b3875606925536f82fc61f3114ac42f29eaf6945
-CVE-2014-3706
+CVE-2014-3706 (ovirt-engine, as used in Red Hat MRG 3, allows man-in-the-middle attac ...)
 	NOT-FOR-US: ovirt-engine
 CVE-2014-3705
 	RESERVED
-CVE-2014-3704
+CVE-2014-3704 (The expandArguments function in the database abstraction API in Drupal ...)
 	{DSA-3051-1}
 	- drupal7 7.32-1 (bug #765507)
 	- drupal6 <not-affected> (Only affects Drupal 7)
-CVE-2014-3703
+CVE-2014-3703 (OpenStack PackStack 2012.2.1, when the Open vSwitch (OVS) monolithic p ...)
 	NOT-FOR-US: Red Hat Openstack 4 Neutron
-CVE-2014-3702
+CVE-2014-3702 (Directory traversal vulnerability in eNovance eDeploy allows remote at ...)
 	- edeploy <itp> (bug #717664)
 CVE-2014-3701
 	RESERVED
@@ -16119,39 +16119,39 @@ CVE-2014-3700
 CVE-2014-3699
 	RESERVED
 	- edeploy <itp> (bug #717664)
-CVE-2014-3698
+CVE-2014-3698 (The jabber_idn_validate function in jutil.c in the Jabber protocol plu ...)
 	{DSA-3055-1}
 	- pidgin 2.10.10-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2014-3697
+CVE-2014-3697 (Absolute path traversal vulnerability in the untar_block function in w ...)
 	- pidgin <not-affected> (Windows specific)
-CVE-2014-3696
+CVE-2014-3696 (nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidg ...)
 	{DSA-3055-1}
 	- pidgin 2.10.10-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2014-3695
+CVE-2014-3695 (markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.1 ...)
 	{DSA-3055-1}
 	- pidgin 2.10.10-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2014-3694
+CVE-2014-3694 (The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/ ...)
 	{DSA-3055-1}
 	- pidgin 2.10.10-1
 	[squeeze] - pidgin <end-of-life> (Support in oldstable is limited to IRC, Jabber/XMPP, Sametime and SIMPLE)
-CVE-2014-3693
+CVE-2014-3693 (Use-after-free vulnerability in the socket manager of Impress Remote i ...)
 	- libreoffice 1:4.3.3~rc2~git20141011-1
 	[wheezy] - libreoffice <not-affected> (Introduced in 4.0.0)
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693/
-CVE-2014-3692
+CVE-2014-3692 (The customization template in Red Hat CloudForms 3.1 Management Engine ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-3691
+CVE-2014-3691 (Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before 1.5. ...)
 	NOT-FOR-US: Foreman Smart Proxy
-CVE-2014-3690
+CVE-2014-3690 (arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.1 ...)
 	{DSA-3060-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d974baa398f34393db76be45f7d4d04fbdbb4a0a (v3.18-rc1)
-CVE-2014-3689
+CVE-2014-3689 (The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local g ...)
 	{DSA-3067-1 DSA-3066-1}
 	- qemu 2.1+dfsg-6 (bug #765496)
 	- qemu-kvm <removed>
@@ -16159,17 +16159,17 @@ CVE-2014-3689
 	[squeeze] - qemu <end-of-life>
 	NOTE: Upstream's quick and easy stopgap for this issue: compile out the hardware acceleration functions which lack sanity checks.
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=83afa38eb20ca27e30683edc7729880e091387fc
-CVE-2014-3688
+CVE-2014-3688 (The SCTP implementation in the Linux kernel before 3.17.4 allows remot ...)
 	{DSA-3060-1 DLA-118-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=26b87c7881006311828bb0ab271a551a62dcceb4 (v3.18-rc1)
-CVE-2014-3687
+CVE-2014-3687 (The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in t ...)
 	{DSA-3060-1 DLA-118-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b69040d8e39f20d5215a03502a8e8b4c6ab78395 (v3.18-rc1)
-CVE-2014-3686
+CVE-2014-3686 (wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certai ...)
 	{DSA-3052-1 DLA-147-1}
 	- wpasupplicant <removed>
 	- hostapd <removed>
@@ -16177,43 +16177,43 @@ CVE-2014-3686
 	- wpa 2.3-1 (bug #765352; high)
 CVE-2014-3685
 	REJECTED
-CVE-2014-3684
+CVE-2014-3684 (The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source Reso ...)
 	{DSA-3058-1 DLA-78-1}
 	- torque 2.4.16+dfsg-1.5 (bug #763922)
 	NOTE: https://github.com/adaptivecomputing/torque/commit/967cdc80150690459a47a35a658abeee0ca6e5cb
 	NOTE: https://github.com/adaptivecomputing/torque/commit/f2f4c950f3d461a249111c8826da3beaafccace9
 	NOTE: 2.4 is end-of-life upstream thus no patches available for that branch.
-CVE-2014-3683
+CVE-2014-3683 (Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysk ...)
 	{DSA-3047-1 DLA-72-1}
 	- rsyslog 8.4.2-1
 	NOTE: http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/
-CVE-2014-3682
+CVE-2014-3682 (XML external entity (XXE) vulnerability in the JBPMBpmn2ResourceImpl f ...)
 	NOT-FOR-US: jBPM Designer
-CVE-2014-3681
+CVE-2014-3681 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and L ...)
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3680
+CVE-2014-3680 (Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticate ...)
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3679
+CVE-2014-3679 (The Monitoring plugin before 1.53.0 for Jenkins allows remote attacker ...)
 	NOT-FOR-US: Jenkins monitoring plugin
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
-CVE-2014-3678
+CVE-2014-3678 (Cross-site scripting (XSS) vulnerability in the Monitoring plugin befo ...)
 	NOT-FOR-US: Jenkins monitoring plugin
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
-CVE-2014-3677
+CVE-2014-3677 (Unspecified vulnerability in Shim might allow attackers to execute arb ...)
 	NOT-FOR-US: shim (the UEFI one, not the systemd)
-CVE-2014-3676
+CVE-2014-3676 (Heap-based buffer overflow in Shim allows remote attackers to execute  ...)
 	NOT-FOR-US: shim (the UEFI one, not the systemd)
-CVE-2014-3675
+CVE-2014-3675 (Shim allows remote attackers to cause a denial of service (out-of-boun ...)
 	NOT-FOR-US: shim (the UEFI one, not the systemd)
-CVE-2014-3674
+CVE-2014-3674 (Red Hat OpenShift Enterprise before 2.2 does not properly restrict acc ...)
 	NOT-FOR-US: OpenShift Enterprise
-CVE-2014-3673
+CVE-2014-3673 (The SCTP implementation in the Linux kernel through 3.17.2 allows remo ...)
 	{DSA-3060-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze9
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9de7922bc709eee2f609cd01d98aaedc4cf5ea74 (v3.18-rc1)
-CVE-2014-3672
+CVE-2014-3672 (The qemu implementation in libvirt before 1.3.0 and Xen allows local g ...)
 	{DLA-571-1}
 	- xen 4.4.0-1
 	NOTE: Xen switched to qemu-system in 4.4.0-1
@@ -16222,36 +16222,36 @@ CVE-2014-3672
 	NOTE: This is hardly a vulnerability in qemu per se, but rather a problem of integrating qemu
 CVE-2014-3671
 	REJECTED
-CVE-2014-3670
+CVE-2014-3670 (The exif_ifd_make_value function in exif.c in the EXIF extension in PH ...)
 	{DSA-3064-1 DLA-94-1}
 	- php5 5.6.2+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68113
-CVE-2014-3669
+CVE-2014-3669 (Integer overflow in the object_custom function in ext/standard/var_uns ...)
 	{DSA-3064-1 DLA-94-1}
 	- php5 5.6.2+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68044
-CVE-2014-3668
+CVE-2014-3668 (Buffer overflow in the date_from_ISO8601 function in the mkgmtime impl ...)
 	{DSA-3064-1 DLA-94-1}
 	- php5 5.6.2+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68027
-CVE-2014-3667
+CVE-2014-3667 (Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent  ...)
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3666
+CVE-2014-3666 (Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to ...)
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3665
+CVE-2014-3665 (Jenkins before 1.587 and LTS before 1.580.1 do not properly ensure tru ...)
 	- jenkins <removed> (bug #767541)
 	[jessie] - jenkins <no-dsa> (Backport not feasible, insecure feature is documented as such)
 	NOTE: For jessie, the backport is too intrusive and since it's a cornercase, it's only documented,
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-30
-CVE-2014-3664
+CVE-2014-3664 (Directory traversal vulnerability in Jenkins before 1.583 and LTS befo ...)
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3663
+CVE-2014-3663 (Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticate ...)
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3662
+CVE-2014-3662 (Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to ...)
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3661
+CVE-2014-3661 (Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to ...)
 	- jenkins 1.565.3-1 (bug #763899)
-CVE-2014-3660
+CVE-2014-3660 (parser.c in libxml2 before 2.9.2 does not properly prevent entity expa ...)
 	{DSA-2978-2 DSA-3057-1 DLA-151-1 DLA-80-1}
 	[jessie] - libxml2 2.9.1+dfsg1-5
 	- libxml2 2.9.2+dfsg1-1 (bug #765722)
@@ -16264,7 +16264,7 @@ CVE-2014-3659
 	REJECTED
 CVE-2014-3658
 	RESERVED
-CVE-2014-3657
+CVE-2014-3657 (The virDomainListPopulate function in conf/domain_conf.c in libvirt be ...)
 	- libvirt 1.2.9-1
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced later)
@@ -16276,16 +16276,16 @@ CVE-2014-3656
 CVE-2014-3655
 	RESERVED
 	NOT-FOR-US: JBoss KeyCloak
-CVE-2014-3654
+CVE-2014-3654 (Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java  ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2014-3653
+CVE-2014-3653 (Cross-site scripting (XSS) vulnerability in the template preview funct ...)
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/7483
 	NOTE: https://github.com/sodabrew/foreman/issues/1
 CVE-2014-3652
 	RESERVED
 	NOT-FOR-US: JBoss KeyCloak
-CVE-2014-3651
+CVE-2014-3651 (JBoss KeyCloak before 1.0.3.Final allows remote attackers to cause a d ...)
 	NOT-FOR-US: JBoss KeyCloak
 CVE-2014-3650
 	RESERVED
@@ -16295,19 +16295,19 @@ CVE-2014-3649
 	NOT-FOR-US: JBoss AeroGear
 CVE-2014-3648
 	RESERVED
-CVE-2014-3647
+CVE-2014-3647 (arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel throug ...)
 	{DSA-3060-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=234f3ce485d54017f15cf5e0699cff4100121601
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=d1442d85cc30ea75f7d399474ca738e0bc96f715
-CVE-2014-3646
+CVE-2014-3646 (arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3. ...)
 	{DSA-3060-1}
 	- linux 3.16.7-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=a642fc305053cc1c6e47e4f4df327895747ab485
-CVE-2014-3645
+CVE-2014-3645 (arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.1 ...)
 	{DSA-3060-1}
 	- linux 3.12.6-1
 	- linux-2.6 <removed>
@@ -16318,105 +16318,105 @@ CVE-2014-3644
 CVE-2014-3643
 	RESERVED
 	NOT-FOR-US: Jersey SAX parser
-CVE-2014-3642
+CVE-2014-3642 (vmdb/app/controllers/application_controller/performance.rb in Red Hat  ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2014-3641
+CVE-2014-3641 (The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder befo ...)
 	- cinder 2014.1.3-1
 	NOTE: Affects version up to 2014.1.2
-CVE-2014-3640
+CVE-2014-3640 (The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.1+dfsg-5 (bug #762532)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life>
 	[squeeze] - qemu <end-of-life>
 	NOTE: http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.html
-CVE-2014-3639
+CVE-2014-3639 (The dbus-daemon in D-Bus before 1.6.24 and 1.8.x before 1.8.8 does not ...)
 	{DSA-3026-1 DLA-87-1}
 	- dbus 1.8.8-1
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80919
-CVE-2014-3638
+CVE-2014-3638 (The bus_connections_check_reply function in config-parser.c in D-Bus b ...)
 	{DSA-3026-1 DLA-87-1}
 	- dbus 1.8.8-1
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=81053
-CVE-2014-3637
+CVE-2014-3637 (D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does no ...)
 	{DSA-3026-1}
 	- dbus 1.8.8-1
 	[squeeze] - dbus <not-affected> (Version in squeeze does not support FD passing with SCM_RIGHTS)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80559
-CVE-2014-3636
+CVE-2014-3636 (D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows  ...)
 	{DSA-3026-1}
 	- dbus 1.8.8-1
 	[squeeze] - dbus <not-affected> (Version in squeeze does not support FD passing with SCM_RIGHTS)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=82820
-CVE-2014-3635
+CVE-2014-3635 (Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x  ...)
 	{DSA-3026-1}
 	- dbus 1.8.8-1
 	[squeeze] - dbus <not-affected> (Version in Squeeze does not support FD passing with SCM_RIGHTS)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=83622
-CVE-2014-3634
+CVE-2014-3634 (rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier ...)
 	{DSA-3040-1 DLA-72-1}
 	- rsyslog 8.4.1-1
 	- inetutils 2:1.9.2.39.3a460-1
 	[wheezy] - inetutils <no-dsa> (Minor issue)
 	[squeeze] - inetutils <no-dsa> (Minor issue)
-CVE-2014-3633
+CVE-2014-3633 (The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt ...)
 	{DSA-3038-1}
 	- libvirt 1.2.8-2 (bug #762203)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced in v0.9.8)
 	NOTE: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e745e8f775dfe6f64f18b5c2fe4791b35d3546b
 	NOTE: Introduced in http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=eca96694a7f992be633d48d5ca03cedc9bbc3c9a (v0.9.8)
 	NOTE: Upstream advisory: http://security.libvirt.org/2014/0004.html
-CVE-2014-3632
+CVE-2014-3632 (The default configuration in a sudoers file in the Red Hat openstack-n ...)
 	- neutron <not-affected> (Red Hat-specific)
 	NOTE: Regression of fix for CVE-2013-6433, Red Hat specific in RedHat Enterprise Open Stack Platform 5.0
-CVE-2014-3631
+CVE-2014-3631 (The assoc_array_gc function in the associative-array implementation in ...)
 	- linux 3.16.3-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	- linux-2.6 <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b2a4df200d570b2c33a57e1ebfa5896e4bc81b69 (v3.13)
 	NOTE: Fixed by http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=95389b08d93d5c06ec63ab49bd732b0069b7c35e
-CVE-2014-3630
+CVE-2014-3630 (XML external entity (XXE) vulnerability in the Java XML processing fun ...)
 	NOT-FOR-US: Play framework
-CVE-2014-3629
+CVE-2014-3629 (XML external entity (XXE) vulnerability in the XML Exchange module in  ...)
 	- qpid-cpp <removed> (low; bug #772794)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/secure/attachment/12680198/QPID-6218.patch
-CVE-2014-3628
+CVE-2014-3628 (Cross-site scripting (XSS) vulnerability in the Admin UI Plugin / Stat ...)
 	- lucene-solr <not-affected> (Only affects later 4.x releases)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-6738
-CVE-2014-3627
+CVE-2014-3627 (The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 an ...)
 	NOT-FOR-US: Apache Hadoop
-CVE-2014-3626
+CVE-2014-3626 (The Grails Resource Plugin often has to exchange URIs for resources wi ...)
 	NOT-FOR-US: Grails Resource Plugin
-CVE-2014-3625
+CVE-2014-3625 (Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 th ...)
 	- libspring-java 3.2.13-1 (bug #769698)
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <no-dsa> (Minor issue)
 	NOTE: https://github.com/spring-projects/spring-framework/commit/3f68cd633f03370d33c2603a6496e81273782601 (3.2.x)
 	NOTE: https://jira.spring.io/browse/SPR-12354
 	NOTE: http://www.pivotal.io/security/cve-2014-3625
-CVE-2014-3624
+CVE-2014-3624 (Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to by ...)
 	- trafficserver 5.0.0-1
 	[wheezy] - trafficserver <not-affected> (Only affects 4.0.2 to 4.1.2)
 	NOTE: https://issues.apache.org/jira/browse/TS-2677
-CVE-2014-3623
+CVE-2014-3623 (Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF ...)
 	NOT-FOR-US: Apache CXF
 CVE-2014-3622 [Posthandler Potential Illegal efree() vulnerability]
 	RESERVED
 	- php5 5.6.1+dfsg-1 (unimportant)
 	NOTE: Not exploitable
 	NOTE: https://bugs.php.net/bug.php?id=68088
-CVE-2014-3621
+CVE-2014-3621 (The catalog url replacement in OpenStack Identity (Keystone) before 20 ...)
 	- keystone 2014.1.3-1
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
 	NOTE: up to 2013.2.3 and 2014.1 versions up to 2014.1.2.1
-CVE-2014-3620
+CVE-2014-3620 (cURL and libcurl before 7.38.0 allow remote attackers to bypass the Sa ...)
 	- curl 7.38.0-1
 	[wheezy] - curl <not-affected> (affects versions 7.31.0 and later)
 	[squeeze] - curl <not-affected> (affects versions 7.31.0 and later)
 	NOTE: http://curl.haxx.se/docs/adv_20140910B.html
 	NOTE: Introduced by https://github.com/bagder/curl/commit/85b9dc8023
-CVE-2014-3619
+CVE-2014-3619 (The __socket_proto_state_machine function in GlusterFS 3.5 allows remo ...)
 	[experimental] - glusterfs 3.6.2-1
 	- glusterfs 3.5.2-2 (bug #781018)
 	[wheezy] - glusterfs <not-affected> (Vulnerability introduced after 3.2 release)
@@ -16425,17 +16425,17 @@ CVE-2014-3619
 	NOTE: http://review.gluster.org/#/c/8662/4 (master)
 	NOTE: GlusterFS after version 3.2 got changes in the RPC handling which seem to
 	NOTE: introduce the vulnerability. With 3.2.x issue is not reproducible.
-CVE-2014-3617
+CVE-2014-3617 (The forum_print_latest_discussions function in mod/forum/lib.php in Mo ...)
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46619
-CVE-2014-3616
+CVE-2014-3616 (nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cach ...)
 	{DSA-3029-1 DLA-55-1}
 	- nginx 1.6.2-1 (bug #761940)
 	NOTE: http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html
 	NOTE: Upstream patch: http://trac.nginx.org/nginx/changeset/1ee1db30c9b96e9e43e85ab0bfba42140af24966/nginx (stable-1.6 branch)
 	NOTE: See follow up on: http://mailman.nginx.org/pipermail/nginx-devel/2014-September/005948.html
-CVE-2014-3615
+CVE-2014-3615 (The VGA emulator in QEMU allows local guest users to read host memory  ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.1+dfsg-5
 	- qemu-kvm <removed>
@@ -16443,25 +16443,25 @@ CVE-2014-3615
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=c1b886c45dc70f247300f549dce9833f3fa2def5
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ab9509cceabef28071e41bdfa073083859c949a7
-CVE-2014-3614
+CVE-2014-3614 (Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) 3.6 ...)
 	- pdns-recursor 3.6.1-1
 	[wheezy] - pdns-recursor <not-affected> (Only affects 3.6.0)
 	[squeeze] - pdns-recursor <not-affected> (Only affects 3.6.0)
-CVE-2014-3613
+CVE-2014-3613 (cURL and libcurl before 7.38.0 does not properly handle IP addresses i ...)
 	{DSA-3022-1 DLA-64-1}
 	- curl 7.38.0-1
 	NOTE: http://curl.haxx.se/docs/adv_20140910A.html
-CVE-2014-3612
+CVE-2014-3612 (The LDAPLoginModule implementation in the Java Authentication and Auth ...)
 	- activemq 5.6.0+dfsg1-4 (low; bug #777196)
 	[wheezy] - activemq 5.6.0+dfsg-1+deb7u1
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
-CVE-2014-3611
+CVE-2014-3611 (Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm ...)
 	{DSA-3060-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=2febc839133280d5a5e8e1179c94ea674489dae2
-CVE-2014-3610
+CVE-2014-3610 (The WRMSR processing functionality in the KVM subsystem in the Linux k ...)
 	{DSA-3060-1}
 	- linux 3.16.7-1
 	- linux-2.6 <removed>
@@ -16469,16 +16469,16 @@ CVE-2014-3610
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=854e8bb1aa06c578c2c9145fa6bfe3680ef63b23
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=8b3c3104c3f4f706e99365c3e0d2aa61b95f969f
 	NOTE: Enabling CONFIG_PARAVIRT when building the kernel mitigates this issue.
-CVE-2014-3609
+CVE-2014-3609 (HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allo ...)
 	{DSA-3139-1 DSA-3014-1 DLA-216-1 DLA-45-1}
 	- squid 2.7.STABLE9-5 (bug #776194)
 	- squid3 3.3.8-1.2 (bug #759509)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2014_2.txt
-CVE-2014-3608
+CVE-2014-3608 (The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows r ...)
 	- nova 2014.1.3-1
 	[wheezy] - nova <not-affected> (Vulnerable code in 2013.2 to 2013.2.2)
 	NOTE: Incomplete fix for CVE-2014-2573
-CVE-2014-3607
+CVE-2014-3607 (DefaultHostnameVerifier in Ldaptive (formerly vt-ldap) does not proper ...)
 	- libvt-ldap-java 3.3.8-1 (bug #763608)
 CVE-2014-3606
 	RESERVED
@@ -16487,7 +16487,7 @@ CVE-2014-3606
 	NOTE: not a security issue, see https://bugzilla.redhat.com/show_bug.cgi?id=1133306#c8
 CVE-2014-3605
 	REJECTED
-CVE-2014-3604
+CVE-2014-3604 (Certificates.java in Not Yet Commons SSL before 0.3.15 does not proper ...)
 	- not-yet-commons-ssl 0.3.15-1 (bug #759526)
 	NOTE: http://lists.juliusdavies.ca/pipermail/not-yet-commons-ssl-juliusdavies.ca/2014-August/000832.html
 CVE-2014-3603 [HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification]
@@ -16495,42 +16495,42 @@ CVE-2014-3603 [HTTPS Connections Via HTTP Resources Do Not Perform Hostname Veri
 	- libopensaml2-java 2.6.2-1 (bug #759470)
 	NOTE: http://shibboleth.net/community/advisories/secadv_20140813.txt
 	NOTE: http://svn.shibboleth.net/view/java-opensaml2/branches/REL_2/src/main/java/org/opensaml/DefaultBootstrap.java?r1=1622&r2=1666&pathrev=1666
-CVE-2014-3602
+CVE-2014-3602 (Red Hat OpenShift Enterprise before 2.2 allows local users to obtain I ...)
 	NOT-FOR-US: OpenShift
-CVE-2014-3601
+CVE-2014-3601 (The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kern ...)
 	- linux 3.16.2-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7
-CVE-2014-3600
+CVE-2014-3600 (XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before  ...)
 	- activemq 5.6.0+dfsg1-4 (low; bug #777196)
 	[wheezy] - activemq 5.6.0+dfsg-1+deb7u1
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2014-3600-announcement.txt
 CVE-2014-3599
 	RESERVED
 	NOT-FOR-US: HornetQ
-CVE-2014-3598
+CVE-2014-3598 (The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote atta ...)
 	- pillow 2.5.3-1
 	- python-imaging <not-affected> (Vulnerable code not present)
-CVE-2014-3597
+CVE-2014-3597 (Multiple buffer overflows in the php_parserr function in ext/standard/ ...)
 	{DSA-3008-1 DLA-67-1}
 	- php5 5.6.0+dfsg-1
 	NOTE: patch: https://github.com/php/php-src/commit/2fefae47716d501aec41c1102f3fd4531f070b05#diff-d41d8cd98f00b204e9800998ecf8427e
 	NOTE: https://bugs.php.net/bug.php?id=67717
 	NOTE: incomplete fix for CVE-2014-4049
-CVE-2014-3596
+CVE-2014-3596 (The getCN function in Apache Axis 1.4 and earlier does not properly ve ...)
 	{DLA-169-1}
 	- axis 1.4-21 (low; bug #762444)
 	[wheezy] - axis 1.4-16.2+deb7u1
 	[squeeze] - axis <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/secure/attachment/12662672/CVE-2014-3596.patch
-CVE-2014-3595
+CVE-2014-3595 (Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7 ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2014-3594
+CVE-2014-3594 (Cross-site scripting (XSS) vulnerability in the Host Aggregates interf ...)
 	- horizon 2014.1.2-3 (bug #758930)
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 	NOTE: up to 2013.2.3, and 2014.1 versions up to 2014.1.2
-CVE-2014-3593
+CVE-2014-3593 (Eval injection vulnerability in luci 0.26.0 allows remote authenticate ...)
 	NOT-FOR-US: Luci
 CVE-2014-3592
 	RESERVED
@@ -16546,7 +16546,7 @@ CVE-2014-3591 [sidechannel attack on Elgamal]
 CVE-2014-3590
 	RESERVED
 	- foreman <itp> (bug #663101)
-CVE-2014-3589
+CVE-2014-3589 (PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow befo ...)
 	{DSA-3009-1 DLA-41-1}
 	- pillow 2.5.3-1 (bug #758772)
 	- python-imaging <removed>
@@ -16554,43 +16554,43 @@ CVE-2014-3589
 	NOTE: https://github.com/python-pillow/Pillow/commit/205e056f8f9b06ed7b925cf8aa0874bc4aaf8a7d
 CVE-2014-3588
 	RESERVED
-CVE-2014-3587
+CVE-2014-3587 (Integer overflow in the cdf_read_property_info function in cdf.c in fi ...)
 	{DSA-3021-1 DSA-3008-1 DLA-67-1 DLA-50-1}
 	- php5 5.6.0+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=67716
 	NOTE: https://github.com/php/php-src/commit/7ba1409a1aee5925180de546057ddd84ff267947
 	- file 1:5.19-2
-CVE-2014-3586
+CVE-2014-3586 (The default configuration for the Command Line Interface in Red Hat En ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2014-3585
 	RESERVED
 	NOT-FOR-US: redhat-upgrade-tool
-CVE-2014-3584
+CVE-2014-3584 (The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7. ...)
 	NOT-FOR-US: Apache CXF
-CVE-2014-3583
+CVE-2014-3583 (The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi  ...)
 	- apache2 2.4.10-8 (low)
 	[wheezy] - apache2 <not-affected> (no mod_proxy_fcgi in 2.2)
 	[squeeze] - apache2 <not-affected> (no mod_proxy_fcgi in 2.2)
 	NOTE: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_fcgi.c?r1=1618401&r2=1638818
 	NOTE: Only exploitable by a malicious fcgi script.
-CVE-2014-3582
+CVE-2014-3582 (In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2014-3581
+CVE-2014-3581 (The cache_merge_headers_out function in modules/cache/cache_util.c in  ...)
 	{DLA-71-1}
 	- apache2 2.4.10-3
 	[wheezy] - apache2 <not-affected> (Only affects 2.4)
 	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=56924#c6
-CVE-2014-3580
+CVE-2014-3580 (The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x be ...)
 	{DSA-3107-1 DLA-119-1}
 	- subversion 1.8.10-5 (bug #773263)
 	NOTE: http://subversion.apache.org/security/CVE-2014-3580-advisory.txt
-CVE-2014-3579
+CVE-2014-3579 (XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x  ...)
 	NOT-FOR-US: Apache ActiveMQ Apollo
-CVE-2014-3578
+CVE-2014-3578 (Directory traversal vulnerability in Pivotal Spring Framework 3.x befo ...)
 	- libspring-java 3.2.13-1 (low; bug #760733)
 	[jessie] - libspring-java <no-dsa> (minor issue)
 	[wheezy] - libspring-java <no-dsa> (minor issue)
-CVE-2014-3577
+CVE-2014-3577 (org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents Htt ...)
 	{DLA-222-1}
 	- httpcomponents-client 4.3.5-1
 	[wheezy] - httpcomponents-client 4.1.1-2+deb7u1
@@ -16598,41 +16598,41 @@ CVE-2014-3577
 	- commons-httpclient 3.1-11 (bug #758086)
 	[wheezy] - commons-httpclient 3.1-10.2+deb7u1
 	NOTE: See https://bugs.debian.org/758086#59 for full details.
-CVE-2014-3576
+CVE-2014-3576 (The processControlCommand function in broker/TransportConnection.java  ...)
 	{DSA-3330-1}
 	- activemq 5.6.0+dfsg1-4+deb8u1 (bug #792857)
-CVE-2014-3575
+CVE-2014-3575 (The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenO ...)
 	NOT-FOR-US: OpenOffice on Windows
-CVE-2014-3574
+CVE-2014-3574 (Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote at ...)
 	- libapache-poi-java 3.10.1-1
 	[wheezy] - libapache-poi-java <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=54764
-CVE-2014-3573
+CVE-2014-3573 (The oVirt Engine backend module, as used in Red Hat Enterprise Virtual ...)
 	NOT-FOR-US: oVirt Engine
-CVE-2014-3572
+CVE-2014-3572 (The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9. ...)
 	{DSA-3125-1 DLA-132-1}
 	- openssl 1.0.1k-1
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ef28c6d6767a6a30df5add36171894c96628fe98
-CVE-2014-3571
+CVE-2014-3571 (OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k a ...)
 	{DSA-3125-1 DLA-132-1}
 	- openssl 1.0.1k-1
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=8d7aab986b499f34d9e1bc58fbfd77f05c38116e
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=45fe66b8ba026186aa5d8ef1e0e6010ea74d5c0b
-CVE-2014-3570
+CVE-2014-3570 (The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0. ...)
 	{DSA-3125-1 DLA-132-1}
 	- openssl 1.0.1k-1
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a7a44ba55cb4f884c6bc9ceac90072dea38e66d
-CVE-2014-3569
+CVE-2014-3569 (The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc,  ...)
 	{DSA-3125-1 DLA-81-1}
 	- openssl 1.0.1k-1
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6ce9687b5aba5391fc0de50e18779eb676d0e04d
-CVE-2014-3568
+CVE-2014-3568 (OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j d ...)
 	{DSA-3053-1 DLA-81-1}
 	- openssl 1.0.1j-1
-CVE-2014-3567
+CVE-2014-3567 (Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL  ...)
 	{DSA-3053-1 DLA-81-1}
 	- openssl 1.0.1j-1
-CVE-2014-3566
+CVE-2014-3566 (The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ...)
 	{DSA-3489-1 DSA-3253-1 DSA-3147-1 DSA-3144-1 DSA-3092-1 DLA-400-1 DLA-282-1 DLA-157-1}
 	- arora <unfixed> (unimportant)
 	- bouncycastle <not-affected> (SSLv3 needs to be explicitly enabled)
@@ -16693,29 +16693,29 @@ CVE-2014-3566
 	NOTE: This is only about the SSLv3 CBC padding, not about any downgrade attack or support for the fallback SCSV
 	NOTE: Fix is to disable SSLv3 in library or application configurations
 	NOTE: Browsers based on webkit (with the exception of Chromium) or khtml are not covered by security support
-CVE-2014-3565
+CVE-2014-3565 (snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is us ...)
 	- net-snmp 5.7.2.1~dfsg-7 (bug #760132)
 	[wheezy] - net-snmp 5.4.3~dfsg-2.8+deb7u1
 	[squeeze] - net-snmp <no-dsa> (Minor issue)
-CVE-2014-3564
+CVE-2014-3564 (Multiple heap-based buffer overflows in the status_handler function in ...)
 	{DSA-3005-1 DLA-39-1}
 	- gpgme1.0 1.5.1-1 (bug #756651)
 	[squeeze] - gpgme1.0 1.2.0-1.2+deb6u1
 	NOTE: patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f7911fc215845e89b50d6af5ff4a83dd77
-CVE-2014-3563
+CVE-2014-3563 (Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 20 ...)
 	- salt 2014.1.10+ds-1
 	NOTE: http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html
-CVE-2014-3562
+CVE-2014-3562 (Red Hat Directory Server 8 and 389 Directory Server, when debugging is ...)
 	- 389-ds-base 1.3.2.21-1 (bug #757437)
-CVE-2014-3561
+CVE-2014-3561 (The rhevm-log-collector package in Red Hat Enterprise Virtualization 3 ...)
 	NOT-FOR-US: rhevm-log-collector
-CVE-2014-3560
+CVE-2014-3560 (NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4 ...)
 	- samba 2:4.1.11+dfsg-1 (bug #756759)
 	[squeeze] - samba <not-affected> (Only affects 4.x)
 	[wheezy] - samba <not-affected> (Only affects 4.x)
-CVE-2014-3559
+CVE-2014-3559 (The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 doe ...)
 	NOT-FOR-US: ovirt-engine-backend
-CVE-2014-3558
+CVE-2014-3558 (ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) in Hi ...)
 	- libhibernate-validator-java 4.2.1-2 (low; bug #762690)
 	[jessie] - libhibernate-validator-java <no-dsa> (Only used as a build dependency for libhibernate3-java)
 	[wheezy] - libhibernate-validator-java <no-dsa> (Only used as a build dependency for libhibernate3-java)
@@ -16726,68 +16726,68 @@ CVE-2014-3558
 	NOTE: Upstream ticket: https://hibernate.atlassian.net/browse/HV-912
 CVE-2014-3557
 	RESERVED
-CVE-2014-3556
+CVE-2014-3556 (The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMT ...)
 	- nginx 1.6.1-1 (bug #757196)
 	[wheezy] - nginx <not-affected> (Affects 1.5.6 - 1.7.3)
 	[squeeze] - nginx <not-affected> (Affects 1.5.6 - 1.7.3)
 	NOTE: fixed in nginx 1.7.4, 1.6.1
-CVE-2014-3555
+CVE-2014-3555 (OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno be ...)
 	- neutron 2014.1.1-3 (bug #755134)
-CVE-2014-3554
+CVE-2014-3554 (Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp all ...)
 	- libndp 1.4-1 (bug #756389)
-CVE-2014-3553
+CVE-2014-3553 (mod/forum/classes/post_form.php in Moodle through 2.3.11, 2.4.x before ...)
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38990
-CVE-2014-3552
+CVE-2014-3552 (The Shibboleth authentication plugin in auth/shibboleth/index.php in M ...)
 	- moodle 2.6.1-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_25_STABLE&st=commit&s=MDL-45485
-CVE-2014-3551
+CVE-2014-3551 (Multiple cross-site scripting (XSS) vulnerabilities in the advanced-gr ...)
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46223
-CVE-2014-3550
+CVE-2014-3550 (Multiple cross-site scripting (XSS) vulnerabilities in admin/tool/task ...)
 	- moodle <not-affected> (Only affects 2.7.x)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46227
-CVE-2014-3549
+CVE-2014-3549 (Cross-site scripting (XSS) vulnerability in the get_description functi ...)
 	- moodle <not-affected> (Only affects 2.7.x)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46201
-CVE-2014-3548
+CVE-2014-3548 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle through  ...)
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45471
-CVE-2014-3547
+CVE-2014-3547 (Multiple cross-site scripting (XSS) vulnerabilities in badges/renderer ...)
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46042
-CVE-2014-3546
+CVE-2014-3546 (Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x  ...)
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45760
-CVE-2014-3545
+CVE-2014-3545 (Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x  ...)
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46148
-CVE-2014-3544
+CVE-2014-3544 (Cross-site scripting (XSS) vulnerability in user/profile.php in Moodle ...)
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45683
-CVE-2014-3543
+CVE-2014-3543 (mod/imscp/locallib.php in Moodle through 2.3.11, 2.4.x before 2.4.11,  ...)
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45417
-CVE-2014-3542
+CVE-2014-3542 (mod/lti/service.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5 ...)
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45463
-CVE-2014-3541
+CVE-2014-3541 (The Repositories component in Moodle through 2.3.11, 2.4.x before 2.4. ...)
 	- moodle 2.7.2-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45616
 CVE-2014-3540
 	REJECTED
-CVE-2014-3539
+CVE-2014-3539 (base/oi/doa.py in the Rope library in CPython (aka Python) allows remo ...)
 	- rope 0.10.3-1 (bug #777525)
 	[jessie] - rope <no-dsa> (Minor issue)
 	[squeeze] - rope <no-dsa> (Minor issue)
@@ -16797,13 +16797,13 @@ CVE-2014-3539
 	NOTE: 0.10.3-1 only adds a mitigation for the issue, so not completely fixed.
 	NOTE: Still mark it as fixed in this version because patch limits socket
 	NOTE: connections to localhost only
-CVE-2014-3538
+CVE-2014-3538 (file before 5.19 does not properly restrict the amount of data read du ...)
 	{DSA-3021-1 DSA-3008-1 DLA-67-1 DLA-50-1}
 	- file 1:5.19-1
 	NOTE: fix relies on the new feature that introduced regex/<length> syntax, might be too intrusive for backporting.
 	- php5 5.6.0~rc4+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=67705
-CVE-2014-3537
+CVE-2014-3537 (The web interface in CUPS before 1.7.4 allows local users in the lp gr ...)
 	{DSA-2990-1 DLA-0022-1}
 	- cups 1.7.4-1
 	[squeeze] - cups 1.4.4-7+squeeze6
@@ -16811,128 +16811,128 @@ CVE-2014-3537
 CVE-2014-3536
 	RESERVED
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2014-3535
+CVE-2014-3535 (include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectl ...)
 	- linux <not-affected> (RHEL-specific, incomplete backport)
 	- linux-2.6 <not-affected> (RHEL-specific, incomplete backport)
 	NOTE: Fix: https://git.kernel.org/linus/256df2f3879efdb2e9808bdb1b54b16fbb11fa38
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=896015#c8
-CVE-2014-3534
+CVE-2014-3534 (arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s39 ...)
 	{DSA-2992-1}
 	- linux 3.14.13-2 (bug #728705)
 	- linux-2.6 <not-affected> (Vulnerable code was introduced later)
-CVE-2014-3533
+CVE-2014-3533 (dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to  ...)
 	{DSA-2971-1}
 	- dbus 1.8.6-1
 	[squeeze] - dbus <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80469
-CVE-2014-3532
+CVE-2014-3532 (dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux ...)
 	{DSA-2971-1}
 	- dbus 1.8.6-1
 	[squeeze] - dbus <not-affected> (Fix for other kernel version)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80163
-CVE-2014-3531
+CVE-2014-3531 (Multiple cross-site scripting (XSS) vulnerabilities in Foreman before  ...)
 	- foreman <itp> (bug #663101)
-CVE-2014-3530
+CVE-2014-3530 (The org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory  ...)
 	NOT-FOR-US: PicketLink
-CVE-2014-3529
+CVE-2014-3529 (The OPC SAX setup in Apache POI before 3.10.1 allows remote attackers  ...)
 	- libapache-poi-java 3.10.1-1
 	[wheezy] - libapache-poi-java <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=56164
-CVE-2014-3527
+CVE-2014-3527 (When using the CAS Proxy ticket authentication from Spring Security 3. ...)
 	- libspring-security-java <itp> (bug #582181)
-CVE-2014-3526
+CVE-2014-3526 (Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before 7.0.0-M ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2014-3525
+CVE-2014-3525 (Unspecified vulnerability in Apache Traffic Server 3.x through 3.2.5,  ...)
 	- trafficserver 5.0.1-1 (low)
 	[wheezy] - trafficserver <no-dsa> (Minor issue)
-CVE-2014-3524
+CVE-2014-3524 (Apache OpenOffice before 4.1.1 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: OpenOffice for Windows
-CVE-2014-3523
+CVE-2014-3523 (Memory leak in the winnt_accept function in server/mpm/winnt/child.c i ...)
 	- apache2 <not-affected> (Affects only Windows systems)
-CVE-2014-3522
+CVE-2014-3522 (The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7. ...)
 	- subversion 1.8.10-1
 	[wheezy] - subversion <unfixed> (unimportant)
 	[squeeze] - subversion <unfixed> (unimportant)
 	NOTE: https://subversion.apache.org/security/CVE-2014-3522-advisory.txt
-CVE-2014-3521
+CVE-2014-3521 (The component in (1) /luci/homebase and (2) /luci/cluster menu in Red  ...)
 	NOT-FOR-US: luci as included in conga
-CVE-2014-3520
+CVE-2014-3520 (OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, ...)
 	- keystone 2014.1.1-3 (bug #753511)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
-CVE-2014-3519
+CVE-2014-3519 (The open_by_handle_at function in vzkernel before 042stab090.5 in the  ...)
 	- linux-2.6 <not-affected> (Vulnerable code not yet present)
 	- linux <not-affected> (Kernels after squeeze no longer contain the openvz flavour)
-CVE-2014-3518
+CVE-2014-3518 (jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterpris ...)
 	NOT-FOR-US: JBoss Application Server
-CVE-2014-3517
+CVE-2014-3517 (api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2 ...)
 	- nova 2014.1.1-8 (bug #755042)
 	[wheezy] - nova <not-affected> (Only exploitable when used with neutron, which is not in stable)
 CVE-2014-3516
 	RESERVED
-CVE-2014-3515
+CVE-2014-3515 (The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorre ...)
 	{DSA-2974-1 DLA-0018-1}
 	- php5 5.6.0~rc2+dfsg-1
 	[squeeze] - php5 5.3.3-7+squeeze21
 	NOTE: https://bugs.php.net/bug.php?id=67492
-CVE-2014-3514
+CVE-2014-3514 (activerecord/lib/active_record/relation/query_methods.rb in Active Rec ...)
 	- rails 2:4.1.5-1
 	[wheezy] - rails <not-affected> (Only affects 4.0.0 and all Later Versions)
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
 	- rails-3.2 <not-affected> (Only affects 4.0.0 and all Later Versions)
 	- ruby-activerecord-2.3 <not-affected> (Only affects 4.0.0 and all Later Versions)
 	- ruby-activerecord-3.2 <not-affected> (Only affects 4.0.0 and all Later Versions)
-CVE-2014-3513
+CVE-2014-3513 (Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 b ...)
 	{DSA-3053-1}
 	- openssl 1.0.1j-1
 	[squeeze] - openssl <not-affected> (DLTS SRTP introduced in 1.0.1)
-CVE-2014-3512
+CVE-2014-3512 (Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implement ...)
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
-CVE-2014-3511
+CVE-2014-3511 (The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 bef ...)
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (Doesn't support TLS higher than 1.0)
-CVE-2014-3510
+CVE-2014-3510 (The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9 ...)
 	{DSA-2998-1 DLA-33-1}
 	- openssl 1.0.1i-1
-CVE-2014-3509
+CVE-2014-3509 (Race condition in the ssl_parse_serverhello_tlsext function in t1_lib. ...)
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
-CVE-2014-3508
+CVE-2014-3508 (The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8  ...)
 	{DSA-2998-1 DLA-33-1}
 	- openssl 1.0.1i-1
-CVE-2014-3507
+CVE-2014-3507 (Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 b ...)
 	{DSA-2998-1 DLA-33-1}
 	- openssl 1.0.1i-1
-CVE-2014-3506
+CVE-2014-3506 (d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb,  ...)
 	{DSA-2998-1 DLA-33-1}
 	- openssl 1.0.1i-1
-CVE-2014-3505
+CVE-2014-3505 (Double free vulnerability in d1_both.c in the DTLS implementation in O ...)
 	{DSA-2998-1 DLA-33-1}
 	- openssl 1.0.1i-1
-CVE-2014-3504
+CVE-2014-3504 (The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ ...)
 	- serf 1.3.7-1 (bug #757965)
 	[wheezy] - serf <no-dsa> (Minor issue)
 	[squeeze] - serf <no-dsa> (Minor issue)
-CVE-2014-3503
+CVE-2014-3503 (Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate  ...)
 	NOT-FOR-US: Apache Syncope
-CVE-2014-3502
+CVE-2014-3502 (Apache Cordova Android before 3.5.1 allows remote attackers to open an ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2014-3501
+CVE-2014-3501 (Apache Cordova Android before 3.5.1 allows remote attackers to bypass  ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2014-3500
+CVE-2014-3500 (Apache Cordova Android before 3.5.1 allows remote attackers to change  ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2014-3499
+CVE-2014-3499 (Docker 1.0.0 uses world-readable and world-writable permissions on the ...)
 	- docker.io <not-affected> (RHEL specific, socket based activation not shipped)
-CVE-2014-3498
+CVE-2014-3498 (The user module in ansible before 1.6.6 allows remote authenticated us ...)
 	- ansible 1.7.0+dfsg-1
 	NOTE: https://github.com/ansible/ansible/commit/8ed6350e65c82292a631f08845dfaacffe7f07f5 (v1.7.0)
-CVE-2014-3497
+CVE-2014-3497 (Cross-site scripting (XSS) vulnerability in OpenStack Swift 1.11.0 thr ...)
 	- swift 1.13.1-1 (bug #752087)
 	[wheezy] - swift <not-affected> (Only affects 1.11.0 to 1.13.1)
-CVE-2014-3496
+CVE-2014-3496 (cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 throu ...)
 	NOT-FOR-US: OpenShift Origin
 CVE-2014-3495 [improper verification of SSL certificates]
 	RESERVED
@@ -16943,31 +16943,31 @@ CVE-2014-3495 [improper verification of SSL certificates]
 	NOTE: version outside of the packaged one in Debian. Mark 0.6.21-1 as fixing
 	NOTE: version since this is the first upload to unstable after python-boto
 	NOTE: 2.8.0-1 was uploaded.
-CVE-2014-3494
+CVE-2014-3494 (kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.9 ...)
 	- kde4libs 4:4.13.3-1 (bug #752052)
 	[wheezy] - kde4libs <not-affected> (Affects kdelibs 4.10.95 to 4.13.2)
 	[squeeze] - kde4libs <not-affected> (Affects kdelibs 4.10.95 to 4.13.2)
 	NOTE: http://quickgit.kde.org/?p=kdelibs.git&a=commitdiff&h=bbae87dc1be3ae063796a582774bd5642cacdd5d&hp=1ccdb43ed3b32a7798eec6d39bb3c83a6e40228f
-CVE-2014-3493
+CVE-2014-3493 (The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x be ...)
 	{DSA-2966-1}
 	- samba 2:4.1.9+dfsg-1
 	[squeeze] - samba <not-affected> (Only affects 3.6 and later)
 	- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: AD-related packages removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: https://www.samba.org/samba/security/CVE-2014-3493
-CVE-2014-3492
+CVE-2014-3492 (Multiple cross-site scripting (XSS) vulnerabilities in the host YAML v ...)
 	- foreman <itp> (bug #663101)
-CVE-2014-3491
+CVE-2014-3491 (Cross-site scripting (XSS) vulnerability in Foreman before 1.4.5 and 1 ...)
 	- foreman <itp> (bug #663101)
 	NOTE: Details not yet known as behind http://projects.theforeman.org/issues/5881
-CVE-2014-3490
+CVE-2014-3490 (RESTEasy 2.3.1 before 2.3.8.SP2 and 3.x before 3.0.9, as used in Red H ...)
 	NOT-FOR-US: RESTEasy framework for JBoss
-CVE-2014-3489
+CVE-2014-3489 (lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine ( ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2014-3488
+CVE-2014-3488 (The SslHandler in Netty before 3.9.2 allows remote attackers to cause  ...)
 	- netty <not-affected> (Introduced in 3.9.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1107983 says only affects 3.9.0 and 3.9.1
-CVE-2014-3487
+CVE-2014-3487 (The cdf_read_property_info function in file before 5.19, as used in th ...)
 	{DSA-3021-1 DSA-2974-1 DLA-27-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
@@ -16975,14 +16975,14 @@ CVE-2014-3487
 	- php5 5.6.0~rc1+dfsg-1
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced later)
 	NOTE: https://bugs.php.net/bug.php?id=67413
-CVE-2014-3486
+CVE-2014-3486 (The (1) shell_exec function in lib/util/MiqSshUtilV1.rb and (2) temp_c ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2014-3485
+CVE-2014-3485 (The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterpri ...)
 	NOT-FOR-US: ovirt-engine-api / RHEV
 CVE-2014-3484 [stack-based buffer overflow]
 	RESERVED
 	- musl 1.1.4-1 (bug #750815)
-CVE-2014-3483
+CVE-2014-3483 (SQL injection vulnerability in activerecord/lib/active_record/connecti ...)
 	{DSA-2982-1}
 	- ruby-activerecord-2.3 <removed>
 	[wheezy] - ruby-activerecord-2.3 <end-of-life>
@@ -16992,7 +16992,7 @@ CVE-2014-3483
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
 	- rails-3.2 3.2.19-1
 	- rails-4.0 <removed>
-CVE-2014-3482
+CVE-2014-3482 (SQL injection vulnerability in activerecord/lib/active_record/connecti ...)
 	{DSA-2982-1}
 	- ruby-activerecord-2.3 <removed>
 	[wheezy] - ruby-activerecord-2.3 <end-of-life>
@@ -17002,9 +17002,9 @@ CVE-2014-3482
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
 	- rails-3.2 3.2.19-1
 	- rails-4.0 <removed>
-CVE-2014-3481
+CVE-2014-3481 (org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBo ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2014-3480
+CVE-2014-3480 (The cdf_count_chain function in cdf.c in file before 5.19, as used in  ...)
 	{DSA-3021-1 DSA-2974-1 DLA-27-1 DLA-0018-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
@@ -17012,7 +17012,7 @@ CVE-2014-3480
 	- php5 5.6.0~rc1+dfsg-1
 	[squeeze] - php5 5.3.3-7+squeeze21
 	NOTE: http://bugs.php.net/bug.php?id=67412
-CVE-2014-3479
+CVE-2014-3479 (The cdf_check_stream_offset function in cdf.c in file before 5.19, as  ...)
 	{DSA-3021-1 DSA-2974-1 DLA-27-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
@@ -17020,7 +17020,7 @@ CVE-2014-3479
 	- php5 5.6.0~rc1+dfsg-1
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced later)
 	NOTE: https://bugs.php.net/bug.php?id=67411
-CVE-2014-3478
+CVE-2014-3478 (Buffer overflow in the mconvert function in softmagic.c in file before ...)
 	{DSA-3021-1 DSA-2974-1 DLA-27-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
@@ -17028,26 +17028,26 @@ CVE-2014-3478
 	- php5 5.6.0~rc1+dfsg-1
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced later)
 	NOTE: http://bugs.php.net/bug.php?id=67410
-CVE-2014-3477
+CVE-2014-3477 (The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and ...)
 	{DSA-2971-1 DLA-87-1}
 	- dbus 1.8.4-1 (low)
 	[squeeze] - dbus <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=78979
-CVE-2014-3476
+CVE-2014-3476 (OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, ...)
 	- keystone 2014.1.1-2 (bug #751454)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
-CVE-2014-3475
+CVE-2014-3475 (Cross-site scripting (XSS) vulnerability in the Users panel (admin/use ...)
 	- horizon 2014.1.1-3 (bug #754255)
 	[wheezy] - horizon <no-dsa> (Minor issue)
-CVE-2014-3474
+CVE-2014-3474 (Cross-site scripting (XSS) vulnerability in horizon/static/horizon/js/ ...)
 	- horizon 2014.1.1-3 (bug #754255)
 	[wheezy] - horizon <no-dsa> (Minor issue)
-CVE-2014-3473
+CVE-2014-3473 (Cross-site scripting (XSS) vulnerability in the Orchestration/Stack se ...)
 	- horizon 2014.1.1-3 (bug #754255)
 	[wheezy] - horizon <no-dsa> (Minor issue)
-CVE-2014-3472
+CVE-2014-3472 (The isCallerInRole function in SimpleSecurityManager in JBoss Applicat ...)
 	NOT-FOR-US: JBoss Enterprise Application Platform
-CVE-2014-3471
+CVE-2014-3471 (Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emula ...)
 	- qemu 2.1+dfsg-1
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present)
@@ -17057,70 +17057,70 @@ CVE-2014-3471
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-06/msg05283.html
 	NOTE: Upstream fix: http://git.qemu.org/?p=qemu.git;a=commit;h=554f802da3f8b09b16b9a84ad5847b2eb0e9ad2b (v2.1.0-rc0)
 	NOTE: PCIe support introduced in v1.3: http://wiki.qemu.org/ChangeLog/1.3
-CVE-2014-3470
+CVE-2014-3470 (The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL bef ...)
 	{DSA-2950-1 DLA-0003-1}
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
-CVE-2014-3469
+CVE-2014-3469 (The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU  ...)
 	{DSA-3056-1 DLA-77-1}
 	- libtasn1-3 <removed>
 	- libtasn1-6 3.6-1
-CVE-2014-3468
+CVE-2014-3468 (The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not prop ...)
 	{DSA-3056-1 DLA-77-1}
 	- libtasn1-3 <removed>
 	- libtasn1-6 3.6-1
-CVE-2014-3467
+CVE-2014-3467 (Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn ...)
 	{DSA-3056-1 DLA-77-1}
 	- libtasn1-3 <removed>
 	- libtasn1-6 3.6-1
-CVE-2014-3466
+CVE-2014-3466 (Buffer overflow in the read_server_hello function in lib/gnutls_handsh ...)
 	{DSA-2944-1 DLA-0001-1}
 	- gnutls26 2.12.23-16
 	- gnutls28 3.2.15-1
 	[squeeze] - gnutls26 2.8.6-1+squeeze4
 	NOTE: http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/
-CVE-2014-3465
+CVE-2014-3465 (The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3. ...)
 	- gnutls26 <not-affected> (Affected code was introduced in 3.0)
 	- gnutls28 3.2.10-1
-CVE-2014-3464
+CVE-2014-3464 (The EJB invocation handler implementation in Red Hat JBossWS, as used  ...)
 	NOT-FOR-US: JBoss WS
 CVE-2014-3463
 	REJECTED
-CVE-2014-3800
+CVE-2014-3800 (XBMC 13.0 uses world-readable permissions for .xbmc/userdata/sources.x ...)
 	NOTE: Starting with 2:13.2+dfsg1-5 xbmc is a transitional package
 	- xbmc 2:13.2+dfsg1-5 (low; bug #747428)
 	[jessie] - xbmc <no-dsa> (Minor issue)
 	[wheezy] - xbmc <no-dsa> (Minor issue)
 	NOTE: http://trac.xbmc.org/ticket/15198
-CVE-2014-3774
+CVE-2014-3774 (Multiple cross-site scripting (XSS) vulnerabilities in items.php in Te ...)
 	- teampass <itp> (bug #730180)
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/fd549b245c0f639a8d47bf4f74f92c37c053706f
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/8820c8934d9ba0508ac345e73ad0be29049ec6de
-CVE-2014-3773
+CVE-2014-3773 (Multiple SQL injection vulnerabilities in TeamPass before 2.1.20 allow ...)
 	- teampass <itp> (bug #730180)
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/7715512f2bd5659cc69e063a1c513c19e384340f
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/7715512f2bd5659cc69e063a1c513c19e384340f
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/8820c8934d9ba0508ac345e73ad0be29049ec6de
-CVE-2014-3772
+CVE-2014-3772 (TeamPass before 2.1.20 allows remote attackers to bypass access restri ...)
 	- teampass <itp> (bug #730180)
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/7715512f2bd5659cc69e063a1c513c19e384340f
-CVE-2014-3771
+CVE-2014-3771 (TeamPass before 2.1.20 allows remote attackers to bypass access restri ...)
 	- teampass <itp> (bug #730180)
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/fd549b245c0f639a8d47bf4f74f92c37c053706f
-CVE-2014-4703
+CVE-2014-4703 (lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain s ...)
 	- nagios-plugins <not-affected> (incomplete fix for CVE-2014-4701 not applied)
 	NOTE: check_dhcp is not installed with root suid permissions in Debian
 	NOTE: http://seclists.org/fulldisclosure/2014/Jun/141
 	NOTE: Introduced due to incomplete fix for CVE-2014-4701 in 2.0.2.
 	- monitoring-plugins <not-affected> (Vulnerable code not present, fix for CVE-2014-4701 adressed differently directly by dropping privileges)
-CVE-2014-4702
+CVE-2014-4702 (The check_icmp plugin in Nagios Plugins before 2.0.2 allows local user ...)
 	- nagios-plugins <removed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2014/May/74
 	NOTE: Fixed in nagios-plugins 2.0.2
 	NOTE: check_imcp is not installed with root suid permissions in Debian
 	- monitoring-plugins <not-affected> (Fixed with initial upload to Debian)
 	NOTE: https://github.com/monitoring-plugins/monitoring-plugins/commit/48025ff39c3a78b7805bf803ac96730cef53e15c
-CVE-2014-4701
+CVE-2014-4701 (The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local user ...)
 	- nagios-plugins <removed> (unimportant)
 	NOTE: check_dhcp is not installed with root suid permissions in Debian
 	NOTE: http://seclists.org/fulldisclosure/2014/May/74
@@ -17128,44 +17128,44 @@ CVE-2014-4701
 	NOTE: CVE-2014-4703) and thus include the fix from 2.0.3 upstream.
 	- monitoring-plugins <not-affected> (Fixed with initial upload to Debian)
 	NOTE: https://github.com/monitoring-plugins/monitoring-plugins/commit/48025ff39c3a78b7805bf803ac96730cef53e15c
-CVE-2014-3776
+CVE-2014-3776 (Buffer overflow in the "read-u8vector!" procedure in the srfi-4 unit i ...)
 	- chicken 4.9.0-1 (bug #748904)
 	[squeeze] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	NOTE: http://lists.gnu.org/archive/html/chicken-announce/2014-05/msg00001.html
 	NOTE: http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=1d06ce7e21c7e903ca5dca11fda6fcf2cc52de5e
-CVE-2014-3775
+CVE-2014-3775 (libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin  ...)
 	{DSA-2935-1}
 	- libgadu 1:1.12.0~rc3-1
 	[squeeze] - libgadu <not-affected> (Vulnerable code not present)
-CVE-2014-3749
+CVE-2014-3749 (SQL injection vulnerability in Construtiva CIS Manager allows remote a ...)
 	NOT-FOR-US: Construtiva CIS Manager CMS
 CVE-2014-3719
 	RESERVED
 	NOT-FOR-US: ALEPH500 Integrated library management system
-CVE-2014-3717
+CVE-2014-3717 (Xen 4.4.x does not properly validate the load address for 64-bit ARM g ...)
 	- xen <not-affected> (Only ARM systems are affected from Xen 4.4 onwards)
-CVE-2014-3716
+CVE-2014-3716 (Xen 4.4.x does not properly check alignment, which allows local users  ...)
 	- xen <not-affected> (Only ARM systems are affected from Xen 4.4 onwards)
-CVE-2014-3715
+CVE-2014-3715 (Buffer overflow in Xen 4.4.x allows local users to read system memory  ...)
 	- xen <not-affected> (Only ARM systems are affected from Xen 4.4 onwards)
-CVE-2014-3714
+CVE-2014-3714 (The ARM image loading functionality in Xen 4.4.x does not properly val ...)
 	- xen <not-affected> (Only ARM systems are affected from Xen 4.4 onwards)
-CVE-2014-3739
+CVE-2014-3739 (Open redirect vulnerability in zport/acl_users/cookieAuthHelper/login_ ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-3738
+CVE-2014-3738 (Cross-site scripting (XSS) vulnerability in Zenoss 4.2.5 allows remote ...)
 	- zenoss <itp> (bug #361253)
-CVE-2014-3756
+CVE-2014-3756 (The client in Mumble 1.2.x before 1.2.6 allows remote attackers to for ...)
 	- mumble 1.2.6-1 (bug #748189)
 	[squeeze] - mumble <no-dsa> (Minor issue)
 	[wheezy] - mumble 1.2.3-349-g315b5f5-2.2+deb7u2
 	NOTE: http://mumble.info/security/Mumble-SA-2014-006.txt
-CVE-2014-3755
+CVE-2014-3755 (The QSvg module in Qt, as used in the Mumble client 1.2.x before 1.2.6 ...)
 	- mumble 1.2.6-1 (bug #748189)
 	[squeeze] - mumble <no-dsa> (Minor issue)
 	[wheezy] - mumble 1.2.3-349-g315b5f5-2.2+deb7u2
 	NOTE: http://mumble.info/security/Mumble-SA-2014-005.txt
-CVE-2014-3461
+CVE-2014-3461 (hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrar ...)
 	- qemu 2.1+dfsg-1 (bug #739589)
 	- qemu-kvm <removed>
 	[wheezy] - qemu <no-dsa> (Too intrusive to backport, minor risk)
@@ -17173,25 +17173,25 @@ CVE-2014-3461
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://article.gmane.org/gmane.comp.emulators.qemu/272322
-CVE-2014-3460
+CVE-2014-3460 (Directory traversal vulnerability in the DumpToFile method in the NQMc ...)
 	NOT-FOR-US: NetIQ Sentinel
-CVE-2014-3459
+CVE-2014-3459 (Heap-based buffer overflow in SolarWinds Network Configuration Manager ...)
 	NOT-FOR-US: SolarWinds Network Configuration Manager
 CVE-2014-3458
 	RESERVED
 CVE-2014-3457
 	RESERVED
-CVE-2014-3456
+CVE-2014-3456 (Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition  ...)
 	NOT-FOR-US: GitLab Enterprise Edition
-CVE-2014-3455
+CVE-2014-3455 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1)  ...)
 	NOT-FOR-US: MediaWiki extension SemanticForms
-CVE-2014-3454
+CVE-2014-3454 (Cross-site request forgery (CSRF) vulnerability in Special:CreateCateg ...)
 	NOT-FOR-US: MediaWiki extension SemanticForms
-CVE-2014-3452
+CVE-2014-3452 (Filters\LAV\avfilter-lav-4.dll in K-lite Codec 10.4.5 and earlier allo ...)
 	NOT-FOR-US: K-lite Codec
-CVE-2014-3451
+CVE-2014-3451 (OpenFire XMPP Server before 3.10 accepts self-signed certificates, whi ...)
 	NOT-FOR-US: Openfire
-CVE-2014-3450
+CVE-2014-3450 (Unspecified vulnerability in Panda Gold Protection and Global Protecti ...)
 	NOT-FOR-US: Panda
 CVE-2014-3449
 	RESERVED
@@ -17202,18 +17202,18 @@ CVE-2014-3448
 CVE-2014-3447
 	RESERVED
 	NOT-FOR-US: BSS Continuity CMS
-CVE-2014-3446
+CVE-2014-3446 (SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in  ...)
 	NOT-FOR-US: BSS Continuity CMS
 CVE-2014-3445
 	RESERVED
-CVE-2014-3730
+CVE-2014-3730 (The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, ...)
 	{DSA-2934-1}
 	- python-django 1.6.5-1
 	NOTE: https://www.djangoproject.com/weblog/2014/may/14/security-releases-issued/
 CVE-2014-XXXX [data leak during restore]
 	- obnam 1.8-1 (low; bug #745112)
 	[wheezy] - obnam <no-dsa> (Minor issue)
-CVE-2014-3462
+CVE-2014-3462 (The ".encfs6.xml" configuration file in encfs before 1.7.5 allows remo ...)
 	- encfs 1.8.1-1 (low; bug #736066)
 	[jessie] - encfs <no-dsa> (Minor issue)
 	[squeeze] - encfs <no-dsa> (Minor issue)
@@ -17221,367 +17221,367 @@ CVE-2014-3462
 	NOTE: Shortcoming documented in 1.7.4-4
 	NOTE: https://defuse.ca/audits/encfs.htm
 	NOTE: Upstream issue: https://github.com/vgough/encfs/issues/14
-CVE-2014-3453
+CVE-2014-3453 (Eval injection vulnerability in the flag_import_form_validate function ...)
 	NOT-FOR-US: Drupal module
-CVE-2014-3444
+CVE-2014-3444 (The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16. ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2014-3443
+CVE-2014-3443 (JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to ca ...)
 	NOT-FOR-US: JetAudio
-CVE-2014-3442
+CVE-2014-3442 (Winamp 5.666 and earlier allows remote attackers to cause a denial of  ...)
 	NOT-FOR-US: Winamp
-CVE-2014-3441
+CVE-2014-3441 (codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remo ...)
 	- vlc <not-affected> (VLC in Debian uses the system version of libpng which handles the malformed file correctly as invalid)
 	NOTE: http://packetstormsecurity.com/files/126564/VLC-Player-2.1.3-Memory-Corruption.html
-CVE-2014-3440
+CVE-2014-3440 (The Agent Control Interface in the management server in Symantec Criti ...)
 	NOT-FOR-US: Symantec
-CVE-2014-3439
+CVE-2014-3439 (ConsoleServlet in Symantec Endpoint Protection Manager (SEPM) 12.1 bef ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2014-3438
+CVE-2014-3438 (Multiple cross-site scripting (XSS) vulnerabilities in console interfa ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2014-3437
+CVE-2014-3437 (The management console in Symantec Endpoint Protection Manager (SEPM)  ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2014-3436
+CVE-2014-3436 (Symantec Encryption Desktop 10.3.x before 10.3.2 MP3, and Symantec PGP ...)
 	NOT-FOR-US: Symantec
 CVE-2014-3435
 	REJECTED
-CVE-2014-3434
+CVE-2014-3434 (Buffer overflow in the sysplant driver in Symantec Endpoint Protection ...)
 	NOT-FOR-US: Symantec
-CVE-2014-3433
+CVE-2014-3433 (Cross-site scripting (XSS) vulnerability in the management console in  ...)
 	NOT-FOR-US: Symantec
-CVE-2014-3432
+CVE-2014-3432 (Cross-site scripting (XSS) vulnerability in the management console in  ...)
 	NOT-FOR-US: Symantec
-CVE-2014-3431
+CVE-2014-3431 (Symantec PGP Desktop 10.x, and Encryption Desktop Professional 10.3.x  ...)
 	NOT-FOR-US: Symantec PGP Desktop
-CVE-2014-3429
+CVE-2014-3429 (IPython Notebook 0.12 through 1.x before 1.2 does not validate the ori ...)
 	- ipython 1.2.0~rc1-1 (low)
 	[wheezy] - ipython 0.13.1-2+deb7u1
 	[squeeze] - ipython <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ipython/ipython/pull/4845
-CVE-2014-3428
+CVE-2014-3428 (Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with f ...)
 	NOT-FOR-US: Yealink VoIP Phones
-CVE-2014-3427
+CVE-2014-3427 (CRLF injection vulnerability in Yealink VoIP Phones with firmware 28.7 ...)
 	NOT-FOR-US: Yealink VoIP Phones
 CVE-2014-3420
 	RESERVED
-CVE-2014-3419
+CVE-2014-3419 (Infoblox NetMRI before 6.8.5 has a default password of admin for the " ...)
 	NOT-FOR-US: Infoblox NetMRI
-CVE-2014-3418
+CVE-2014-3418 (config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remo ...)
 	NOT-FOR-US: Infoblox NetMRI
-CVE-2014-3417
+CVE-2014-3417 (uPortal before 4.0.13.1 does not properly check the CONFIG permission, ...)
 	NOT-FOR-US: uPortal
-CVE-2014-3416
+CVE-2014-3416 (uPortal before 4.0.13.1 does not properly check the MANAGE permissions ...)
 	NOT-FOR-US: uPortal
-CVE-2014-3415
+CVE-2014-3415 (SQL injection vulnerability in Sharetronix before 3.4 allows remote au ...)
 	NOT-FOR-US: Sharetronix
-CVE-2014-3414
+CVE-2014-3414 (Cross-site request forgery (CSRF) vulnerability in Sharetronix before  ...)
 	NOT-FOR-US: Sharetronix
-CVE-2014-3413
+CVE-2014-3413 (The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has a ...)
 	NOT-FOR-US: Juniper
-CVE-2014-3412
+CVE-2014-3412 (Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when ...)
 	NOT-FOR-US: Juniper Junos Space
-CVE-2014-3411
+CVE-2014-3411 (Unspecified vulnerability in the NSM XDB service in Juniper NSM before ...)
 	NOT-FOR-US: Juniper NSM
-CVE-2014-3410
+CVE-2014-3410 (The syslog-management subsystem in Cisco Adaptive Security Appliance ( ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3409
+CVE-2014-3409 (The Ethernet Connectivity Fault Management (CFM) handling feature in C ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3408
+CVE-2014-3408 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
 	NOT-FOR-US: Cisco Prime Optical
-CVE-2014-3407
+CVE-2014-3407 (The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA)  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3406
+CVE-2014-3406 (Race condition in the IP logging feature in Cisco Intrusion Prevention ...)
 	NOT-FOR-US: Cisco Intrusion Prevention System
-CVE-2014-3405
+CVE-2014-3405 (Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3404
+CVE-2014-3404 (The Autonomic Networking Infrastructure (ANI) component in Cisco IOS X ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3403
+CVE-2014-3403 (The Autonomic Networking Infrastructure (ANI) component in Cisco IOS X ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3402
+CVE-2014-3402 (The authentication-manager process in the web framework in Cisco Intru ...)
 	NOT-FOR-US: Cisco Intrusion Prevention System
 CVE-2014-3401
 	RESERVED
-CVE-2014-3400
+CVE-2014-3400 (Cisco WebEx Meetings Server allows remote authenticated users to obtai ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-3399
+CVE-2014-3399 (The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-3398
+CVE-2014-3398 (The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-3397
+CVE-2014-3397 (The network stack in Cisco TelePresence MCU Software before 4.3(2.30)  ...)
 	NOT-FOR-US: TelePresence MCU
-CVE-2014-3396
+CVE-2014-3396 (Cisco IOS XR on ASR 9000 devices does not properly use compression for ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3395
+CVE-2014-3395 (Cisco WebEx Meetings Server (WMS) 2.5 allows remote attackers to trigg ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-3394
+CVE-2014-3394 (The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 bef ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3393
+CVE-2014-3393 (The Clientless SSL VPN portal customization framework in Cisco ASA Sof ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3392
+CVE-2014-3392 (The Clientless SSL VPN portal in Cisco ASA Software 8.2 before 8.2(5.5 ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3391
+CVE-2014-3391 (Untrusted search path vulnerability in Cisco ASA Software 8.x before 8 ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3390
+CVE-2014-3390 (The Virtual Network Management Center (VNMC) policy implementation in  ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3389
+CVE-2014-3389 (The VPN implementation in Cisco ASA Software 7.2 before 7.2(5.15), 8.2 ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3388
+CVE-2014-3388 (The DNS inspection engine in Cisco ASA Software 9.0 before 9.0(4.13),  ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3387
+CVE-2014-3387 (The SunRPC inspection engine in Cisco ASA Software 7.2 before 7.2(5.14 ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3386
+CVE-2014-3386 (The GPRS Tunneling Protocol (GTP) inspection engine in Cisco ASA Softw ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3385
+CVE-2014-3385 (Race condition in the Health and Performance Monitoring (HPM) for ASDM ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3384
+CVE-2014-3384 (The IKEv2 implementation in Cisco ASA Software 8.4 before 8.4(7.15), 8 ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3383
+CVE-2014-3383 (The IKE implementation in the VPN component in Cisco ASA Software 9.1  ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3382
+CVE-2014-3382 (The SQL*Net inspection engine in Cisco ASA Software 7.2 before 7.2(5.1 ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-3381
+CVE-2014-3381 (The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisc ...)
 	NOT-FOR-US: Cisco AsyncOS
-CVE-2014-3380
+CVE-2014-3380 (Cisco Unified Communications Domain Manager Platform Software 4.4(.3)  ...)
 	NOT-FOR-US: Cisco Unified Communications
-CVE-2014-3379
+CVE-2014-3379 (Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 device ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3378
+CVE-2014-3378 (tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to cau ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3377
+CVE-2014-3377 (snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated user ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3376
+CVE-2014-3376 (Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3375
+CVE-2014-3375 (Multiple cross-site scripting (XSS) vulnerabilities in the CCM Service ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3374
+CVE-2014-3374 (Multiple cross-site scripting (XSS) vulnerabilities in the CCM admin i ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3373
+CVE-2014-3373 (Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3372
+CVE-2014-3372 (Multiple cross-site scripting (XSS) vulnerabilities in the CCM reports ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2014-3371
 	REJECTED
-CVE-2014-3370
+CVE-2014-3370 (Cisco TelePresence Video Communication Server (VCS) and Expressway Sof ...)
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-3369
+CVE-2014-3369 (The SIP IX implementation in Cisco TelePresence Video Communication Se ...)
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-3368
+CVE-2014-3368 (Cisco TelePresence Video Communication Server (VCS) and Expressway Sof ...)
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-3367
+CVE-2014-3367 (Cross-site scripting (XSS) vulnerability in the vCloud Director compon ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3366
+CVE-2014-3366 (SQL injection vulnerability in the administrative web interface in Cis ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3365
+CVE-2014-3365 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Prime Sec ...)
 	NOT-FOR-US: Cisco Prime Security Manager
-CVE-2014-3364
+CVE-2014-3364 (Multiple cross-site scripting (XSS) vulnerabilities in the web framewo ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3363
+CVE-2014-3363 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3362
+CVE-2014-3362 (Memory leak in Cisco TelePresence System Edge MXP Series Software F9.3 ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3361
+CVE-2014-3361 (The ALG module in Cisco IOS 15.0 through 15.4 does not properly implem ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3360
+CVE-2014-3360 (Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3359
+CVE-2014-3359 (Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS,  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3358
+CVE-2014-3358 (Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3357
+CVE-2014-3357 (Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3356
+CVE-2014-3356 (The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3. ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3355
+CVE-2014-3355 (The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3. ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3354
+CVE-2014-3354 (Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3353
+CVE-2014-3353 (Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing Sys ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3352
+CVE-2014-3352 (Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3 ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3351
+CVE-2014-3351 (Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does n ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3350
+CVE-2014-3350 (Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does n ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3349
+CVE-2014-3349 (Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does n ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3348
+CVE-2014-3348 (The SSH module in the Integrated Management Controller (IMC) before 2. ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2014-3347
+CVE-2014-3347 (Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rat ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3346
+CVE-2014-3346 (The web framework in Cisco Transport Gateway for Smart Call Home (aka  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3345
+CVE-2014-3345 (The web framework in Cisco Transport Gateway for Smart Call Home (aka  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3344
+CVE-2014-3344 (Multiple cross-site scripting (XSS) vulnerabilities in the web framewo ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3343
+CVE-2014-3343 (Cisco IOS XR 5.1 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3342
+CVE-2014-3342 (The CLI in Cisco IOS XR allows remote authenticated users to obtain se ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3341
+CVE-2014-3341 (The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 a ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-3340
+CVE-2014-3340 (Directory traversal vulnerability in an unspecified PHP script in the  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3339
+CVE-2014-3339 (Multiple SQL injection vulnerabilities in the administrative web inter ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3338
+CVE-2014-3338 (The CTIManager module in Cisco Unified Communications Manager (CM) 10. ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3337
+CVE-2014-3337 (The SIP implementation in Cisco Unified Communications Manager (CM) 8. ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3336
+CVE-2014-3336 (SQL injection vulnerability in the web framework in Cisco Unity Connec ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3335
+CVE-2014-3335 (Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly ...)
 	NOT-FOR-US: Cisco
 CVE-2014-3334
 	REJECTED
-CVE-2014-3333
+CVE-2014-3333 (The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote a ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3332
+CVE-2014-3332 (Cisco Unified Communications Manager (CM) 8.6(.2) and earlier has an i ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3331
+CVE-2014-3331 (The Session Manager component in Packet Data Network Gateway (aka PGW) ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3330
+CVE-2014-3330 (Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly proce ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3329
+CVE-2014-3329 (Cross-site scripting (XSS) vulnerability in the web-server component i ...)
 	NOT-FOR-US: Cisco Prime Data Center Network Manager
-CVE-2014-3328
+CVE-2014-3328 (The Intercluster Sync Agent Service in Cisco Unified Presence Server a ...)
 	NOT-FOR-US: Cisco Unified Presence Server
-CVE-2014-3327
+CVE-2014-3327 (The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 an ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3326
+CVE-2014-3326 (SQL injection vulnerability in the web framework in Cisco Security Man ...)
 	NOT-FOR-US: Cisco Security Manager
-CVE-2014-3325
+CVE-2014-3325 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified C ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3324
+CVE-2014-3324 (Multiple cross-site scripting (XSS) vulnerabilities in the login page  ...)
 	NOT-FOR-US: Cisco TelePrecence Server
-CVE-2014-3323
+CVE-2014-3323 (Directory traversal vulnerability in Cisco Unified Contact Center Ente ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3322
+CVE-2014-3322 (Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3321
+CVE-2014-3321 (Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3320
+CVE-2014-3320 (Multiple open redirect vulnerabilities in the admin web interface in t ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3319
+CVE-2014-3319 (Directory traversal vulnerability in the Real-Time Monitoring Tool (RT ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3318
+CVE-2014-3318 (Directory traversal vulnerability in dna/viewfilecontents.do in the Di ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3317
+CVE-2014-3317 (Directory traversal vulnerability in the Multiple Analyzer in the Dial ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3316
+CVE-2014-3316 (The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3315
+CVE-2014-3315 (Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3314
+CVE-2014-3314 (Cisco AnyConnect on Android and OS X does not properly verify the host ...)
 	NOT-FOR-US: Cisco AnyConnect
-CVE-2014-3313
+CVE-2014-3313 (Cross-site scripting (XSS) vulnerability in the web user interface on  ...)
 	NOT-FOR-US: Cisco Small Business phones
-CVE-2014-3312
+CVE-2014-3312 (The debug console interface on Cisco Small Business SPA300 and SPA500  ...)
 	NOT-FOR-US: Cisco Small Business phones
-CVE-2014-3311
+CVE-2014-3311 (Heap-based buffer overflow in the file-sharing feature in WebEx Meetin ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-3310
+CVE-2014-3310 (The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meet ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-3309
+CVE-2014-3309 (The NTP implementation in Cisco IOS and IOS XE does not properly suppo ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-3308
+CVE-2014-3308 (Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static  ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2014-3307
+CVE-2014-3307 (The DHCP client implementation in Universal Small Cell firmware on Cis ...)
 	NOT-FOR-US: Cisco Small Cell
-CVE-2014-3306
+CVE-2014-3306 (The web server on Cisco DPC3010, DPC3212, DPC3825, DPC3925, DPQ3925, E ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3305
+CVE-2014-3305 (Cross-site request forgery (CSRF) vulnerability in the web framework i ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-3304
+CVE-2014-3304 (The OutlookAction Class in Cisco WebEx Meetings Server allows remote a ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-3303
+CVE-2014-3303 (The web framework in Cisco WebEx Meetings Server does not properly res ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-3302
+CVE-2014-3302 (user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does n ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3301
+CVE-2014-3301 (The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 1.5 ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-3300
+CVE-2014-3300 (The BVSMWeb portal in the web framework in Cisco Unified Communication ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3299
+CVE-2014-3299 (Cisco IOS allows remote authenticated users to cause a denial of servi ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3298
+CVE-2014-3298 (Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cl ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3297
+CVE-2014-3297 (Cisco Intelligent Automation for Cloud in Cisco Cloud Portal does not  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3296
+CVE-2014-3296 (The XML programmatic interface (XML PI) in Cisco WebEx Meeting Server  ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-3295
+CVE-2014-3295 (The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remo ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-3294
+CVE-2014-3294 (Cisco WebEx Meeting Server does not properly restrict the content of U ...)
 	NOT-FOR-US: Cisco WebEx Meeting Server
-CVE-2014-3293
+CVE-2014-3293 (Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to us ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3292
+CVE-2014-3292 (The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified C ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3291
+CVE-2014-3291 (Cisco Wireless LAN Controller (WLC) devices allow remote attackers to  ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2014-3290
+CVE-2014-3290 (The mDNS implementation in Cisco IOS XE 3.12S does not properly intera ...)
 	NOT-FOR-US: Cisco IOS XE
-CVE-2014-3289
+CVE-2014-3289 (Cross-site scripting (XSS) vulnerability in the web management interfa ...)
 	NOT-FOR-US: Cisco
 CVE-2014-3288
 	RESERVED
-CVE-2014-3287
+CVE-2014-3287 (SQL injection vulnerability in BulkViewFileContentsAction.java in the  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-3286
+CVE-2014-3286 (The web framework in Cisco WebEx Meeting Server does not properly rest ...)
 	NOT-FOR-US: Cisco WebEx Meeting Server
-CVE-2014-3285
+CVE-2014-3285 (Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when ...)
 	NOT-FOR-US: Cisco Wide Area Application Services
-CVE-2014-3284
+CVE-2014-3284 (Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, al ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3283
+CVE-2014-3283 (Open redirect vulnerability in Self-Care Client Portal applications in ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3282
+CVE-2014-3282 (The Administration GUI in the web framework in VOSS in Cisco Unified C ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3281
+CVE-2014-3281 (The web framework in VOSS in Cisco Unified Communications Domain Manag ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3280
+CVE-2014-3280 (The web framework in VOSS in Cisco Unified Communications Domain Manag ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3279
+CVE-2014-3279 (The Administration GUI in the web framework in VOSS in Cisco Unified C ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3278
+CVE-2014-3278 (The web framework in VOSS in Cisco Unified Communications Domain Manag ...)
 	NOT-FOR-US: Cisco Unified Communications
-CVE-2014-3277
+CVE-2014-3277 (The Administration GUI in the web framework in VOSS in Cisco Unified C ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-3276
+CVE-2014-3276 (Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier does  ...)
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2014-3275
+CVE-2014-3275 (SQL injection vulnerability in the web framework in Cisco Identity Ser ...)
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2014-3274
+CVE-2014-3274 (Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to H ...)
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-3273
+CVE-2014-3273 (The LLDP implementation in Cisco IOS allows remote attackers to cause  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3272
+CVE-2014-3272 (The Agent in Cisco Tidal Enterprise Scheduler (TES) 6.1 and earlier al ...)
 	NOT-FOR-US: Cisco
-CVE-2014-3271
+CVE-2014-3271 (The DHCPv6 implementation in Cisco IOS XR allows remote attackers to c ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2014-3270
+CVE-2014-3270 (The DHCPv6 implementation in Cisco IOS XR allows remote attackers to c ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2014-3269
+CVE-2014-3269 (The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users ...)
 	NOT-FOR-US: Cisco IOS XE
-CVE-2014-3268
+CVE-2014-3268 (Cisco IOS 15.2(4)M4 on Cisco Unified Border Element (CUBE) devices all ...)
 	NOT-FOR-US: Cisco Unified Border Element
-CVE-2014-3267
+CVE-2014-3267 (Cross-site request forgery (CSRF) vulnerability in the web framework i ...)
 	NOT-FOR-US: Cisco Security Manager
-CVE-2014-3266
+CVE-2014-3266 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
 	NOT-FOR-US: Cisco Security Manager
-CVE-2014-3265
+CVE-2014-3265 (Cross-site scripting (XSS) vulnerability in the Auto Update Server (AU ...)
 	NOT-FOR-US: Cisco Security Manager
-CVE-2014-3264
+CVE-2014-3264 (Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier a ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-3263
+CVE-2014-3263 (The ScanSafe module in Cisco IOS 15.3(3)M allows remote attackers to c ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3262
+CVE-2014-3262 (The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-3261
+CVE-2014-3261 (Buffer overflow in the Smart Call Home implementation in Cisco NX-OS o ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-3260
+CVE-2014-3260 (Pacom 1000 CCU and RTU GMS devices allow remote attackers to spoof the ...)
 	NOT-FOR-US: Pacom
 CVE-2014-3259
 	RESERVED
@@ -17599,20 +17599,20 @@ CVE-2014-3253
 	RESERVED
 CVE-2014-3252
 	RESERVED
-CVE-2014-3251
+CVE-2014-3251 (The MCollective aes_security plugin, as used in Puppet Enterprise befo ...)
 	- mcollective 2.6.0+dfsg-1 (low; bug #758701)
 	[wheezy] - mcollective <no-dsa> (Minor issue)
 	NOTE: Mcollective are not configured to use the plugin and are not vulnerable by default.
 	NOTE: http://puppetlabs.com/security/cve/cve-2014-3251
-CVE-2014-3250
+CVE-2014-3250 (The default vhost configuration file in Puppet before 3.6.2 does not i ...)
 	- puppet 3.7.0-1 (low)
 	[squeeze] - puppet <not-affected> (Only exploitable in combination with Apache 2.4)
 	[wheezy] - puppet <not-affected> (Only exploitable in combination with Apache 2.4)
 	NOTE: http://puppetlabs.com/security/cve/CVE-2014-3250
-CVE-2014-3249
+CVE-2014-3249 (Puppet Enterprise 2.8.x before 2.8.7 allows remote attackers to obtain ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
 	NOTE: http://puppetlabs.com/security/cve/cve-2014-3249
-CVE-2014-3248
+CVE-2014-3248 (Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2. ...)
 	- puppet 3.7.0-1 (low)
 	[wheezy] - puppet <no-dsa> (Minor issue)
 	[squeeze] - puppet <no-dsa> (Minor issue)
@@ -17626,15 +17626,15 @@ CVE-2014-3248
 	[wheezy] - mcollective <no-dsa> (Minor issue)
 	NOTE: http://puppetlabs.com/security/cve/cve-2014-3248
 	NOTE: problem in combination with ruby <= 1.9.1
-CVE-2014-3247
+CVE-2014-3247 (Cross-site scripting (XSS) vulnerability in Collabtive 1.2 allows remo ...)
 	- collabtive 2.0+dfsg-1 (bug #748828)
 	[wheezy] - collabtive <no-dsa> (Minor issue)
-CVE-2014-3246
+CVE-2014-3246 (SQL injection vulnerability in Collabtive 1.2 allows remote authentica ...)
 	- collabtive 1.2+dfsg-2 (bug #748828)
 	[wheezy] - collabtive <no-dsa> (Minor issue)
 CVE-2014-3245
 	RESERVED
-CVE-2014-3244
+CVE-2014-3244 (XML external entity (XXE) vulnerability in the RSSDashlet dashlet in S ...)
 	NOT-FOR-US: SugarCRM
 CVE-2014-3241
 	RESERVED
@@ -17662,22 +17662,22 @@ CVE-2014-3229
 	RESERVED
 CVE-2014-3228
 	RESERVED
-CVE-2014-3227
+CVE-2014-3227 (dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect th ...)
 	{DSA-2915-2}
 	- dpkg 1.17.9
 CVE-2014-3226
 	RESERVED
-CVE-2014-3224
+CVE-2014-3224 (Huawei Quidway S9700 V200R003C00SPC500, Quidway S9300 V200R003C00SPC50 ...)
 	NOT-FOR-US: Huawei
-CVE-2014-3223
+CVE-2014-3223 (Huawei S9300 with software before V100R006SPH013 and S2300,S3300,S5300 ...)
 	NOT-FOR-US: Huawei
-CVE-2014-3222
+CVE-2014-3222 (In Huawei eSpace Meeting with software V100R001C03SPC201 and the earli ...)
 	NOT-FOR-US: Huawei
-CVE-2014-3221
+CVE-2014-3221 (Huawei Eudemon8000E firewall with software V200R001C01SPC800 and earli ...)
 	NOT-FOR-US: Huawei
-CVE-2014-3220
+CVE-2014-3220 (F5 BIG-IQ Cloud and Security 4.0.0 through 4.1.0 allows remote authent ...)
 	NOT-FOR-US: F5 BIG-IQ
-CVE-2014-3145
+CVE-2014-3145 (The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filte ...)
 	{DSA-2949-1 DLA-0015-1}
 	- linux 3.14.4-1
 	- linux-2.6 <removed>
@@ -17685,7 +17685,7 @@ CVE-2014-3145
 	NOTE: Upstream fix https://git.kernel.org/linus/05ab8f2647e4221cbdb3856dd7d32bd5407316b3
 	NOTE: Introduced by https://git.kernel.org/linus/4738c1db1593687713869fa69e733eebc7b0d6d8
 	NOTE: https://git.kernel.org/linus/d214c7537bbf2f247991fb65b3420b0b3d712c67
-CVE-2014-3144
+CVE-2014-3144 (The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension imple ...)
 	{DSA-2949-1 DLA-0015-1}
 	- linux 3.14.4-1
 	- linux-2.6 <removed>
@@ -17693,60 +17693,60 @@ CVE-2014-3144
 	NOTE: Upstream fix https://git.kernel.org/linus/05ab8f2647e4221cbdb3856dd7d32bd5407316b3
 	NOTE: Introduced by https://git.kernel.org/linus/4738c1db1593687713869fa69e733eebc7b0d6d8
 	NOTE: https://git.kernel.org/linus/d214c7537bbf2f247991fb65b3420b0b3d712c67
-CVE-2014-3430
+CVE-2014-3430 (Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x befo ...)
 	{DSA-2954-1 DLA-0004-1}
 	- dovecot 1:2.2.13~rc1-1 (low; bug #747549)
 	[squeeze] - dovecot 1:1.2.15-7+deb6u1
 	NOTE: http://permalink.gmane.org/gmane.mail.imap.dovecot/77499
-CVE-2014-3426
+CVE-2014-3426 (NCSA Mosaic 2.1 through 2.7b5 allows local users to cause a denial of  ...)
 	NOT-FOR-US: NCSA Mosaic
-CVE-2014-3425
+CVE-2014-3425 (NCSA Mosaic 2.0 and earlier allows local users to cause a denial of se ...)
 	NOT-FOR-US: NCSA Mosaic
-CVE-2014-3424
+CVE-2014-3424 (lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users  ...)
 	- emacs23 <removed> (bug #747100)
 	[wheezy] - emacs23 <no-dsa> (Minor issue)
 	[squeeze] - emacs23 <no-dsa> (Minor issue)
 	- emacs24 24.3+1-4
 	- xemacs21-packages <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00060.html
-CVE-2014-3423
+CVE-2014-3423 (lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local user ...)
 	- emacs23 <removed> (bug #747100)
 	[wheezy] - emacs23 <no-dsa> (Minor issue)
 	[squeeze] - emacs23 <no-dsa> (Minor issue)
 	- emacs24 24.3+1-4
 	- xemacs21-packages <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00057.html
-CVE-2014-3422
+CVE-2014-3422 (lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local  ...)
 	- emacs23 <removed> (bug #747100)
 	[wheezy] - emacs23 <no-dsa> (Minor issue)
 	[squeeze] - emacs23 <no-dsa> (Minor issue)
 	- emacs24 24.3+1-4
 	- xemacs21-packages <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00056.html
-CVE-2014-3421
+CVE-2014-3421 (lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users ...)
 	- emacs23 <removed> (bug #747100)
 	[wheezy] - emacs23 <no-dsa> (Minor issue)
 	[squeeze] - emacs23 <no-dsa> (Minor issue)
 	- emacs24 24.3+1-4
 	NOTE: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00055.html
-CVE-2014-9091
+CVE-2014-9091 (Icecast before 2.4.0 does not change the supplementary group privilege ...)
 	- icecast2 2.4.0-1 (low)
 	[squeeze] - icecast2 <no-dsa> (Minor issue)
 	[wheezy] - icecast2 <no-dsa> (Minor issue)
 	NOTE: https://trac.xiph.org/changeset/19137/
-CVE-2014-3243
+CVE-2014-3243 (SOAPpy 0.12.5 does not properly detect recursion during entity expansi ...)
 	- python-soappy 0.12.22-1 (low; bug #747280)
 	[squeeze] - python-soappy <no-dsa> (Minor issue)
 	[wheezy] - python-soappy <no-dsa> (Minor issue)
 	NOTE: http://www.pnigos.com/?p=260
-CVE-2014-3242
+CVE-2014-3242 (SOAPpy 0.12.5 allows remote attackers to read arbitrary files via a SO ...)
 	- python-soappy 0.12.22-1 (low; bug #747280)
 	[squeeze] - python-soappy <no-dsa> (Minor issue)
 	[wheezy] - python-soappy <no-dsa> (Minor issue)
 	NOTE: http://www.pnigos.com/?p=260
-CVE-2014-3225
+CVE-2014-3225 (Absolute path traversal vulnerability in the web interface in Cobbler  ...)
 	- cobbler <not-affected> (Fixed before initial upload)
-CVE-2014-3219
+CVE-2014-3219 (fish before 2.1.1 allows local users to write to arbitrary files via a ...)
 	- fish 2.1.1-1 (low; bug #746259)
 	[squeeze] - fish <no-dsa> (Minor issue)
 	[wheezy] - fish <no-dsa> (Minor issue)
@@ -17754,11 +17754,11 @@ CVE-2014-3218
 	RESERVED
 CVE-2014-3217
 	RESERVED
-CVE-2014-3216
+CVE-2014-3216 (GOM Media Player 2.2.57.5189 and earlier allows remote attackers to ca ...)
 	NOT-FOR-US: Gretech GOM Media Player
-CVE-2014-3215
+CVE-2014-3215 (seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissi ...)
 	- policycoreutils <not-affected> (seunshare not enabled/built in Debian)
-CVE-2014-3214
+CVE-2014-3214 (The prefetch implementation in named in ISC BIND 9.10.0, when a recurs ...)
 	- bind9 <not-affected> (prefetch option introduced in BIND 9.10.0b1)
 	NOTE: https://kb.isc.org/article/AA-01161
 CVE-2014-3213
@@ -17767,29 +17767,29 @@ CVE-2014-3212
 	RESERVED
 CVE-2014-3211
 	RESERVED
-CVE-2014-3210
+CVE-2014-3210 (SQL injection vulnerability in dopbs-backend-forms.php in the Booking  ...)
 	NOT-FOR-US: WordPress plugin Booking System
 CVE-2014-3208
 	RESERVED
-CVE-2014-3206
+CVE-2014-3206 (Seagate BlackArmor NAS allows remote attackers to execute arbitrary co ...)
 	NOT-FOR-US: Seagate
-CVE-2014-3205
+CVE-2014-3205 (backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a h ...)
 	NOT-FOR-US: Seagate
-CVE-2014-3204
+CVE-2014-3204 (Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle  ...)
 	NOT-FOR-US: Unity
-CVE-2014-3203
+CVE-2014-3203 (Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restric ...)
 	NOT-FOR-US: Unity
-CVE-2014-3202
+CVE-2014-3202 (Unity before 7.2.1 does not properly handle entry activation, which al ...)
 	NOT-FOR-US: Unity
-CVE-2014-3201
+CVE-2014-3201 (core/rendering/compositing/RenderLayerCompositor.cpp in Blink, as used ...)
 	- chromium-browser 39.0.2171.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3200
+CVE-2014-3200 (Multiple unspecified vulnerabilities in Google Chrome before 38.0.2125 ...)
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3199
+CVE-2014-3199 (The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the  ...)
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
@@ -17798,17 +17798,17 @@ CVE-2014-3199
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: libv8 not covered by security support
-CVE-2014-3198
+CVE-2014-3198 (The Instance::HandleInputEvent function in pdf/instance.cc in the PDFi ...)
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3197
+CVE-2014-3197 (The NavigationScheduler::schedulePageBlock function in core/loader/Nav ...)
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3196
+CVE-2014-3196 (base/memory/shared_memory_win.cc in Google Chrome before 38.0.2125.101 ...)
 	- chromium-browser <not-affected> (Only affects Windows)
-CVE-2014-3195
+CVE-2014-3195 (Google V8, as used in Google Chrome before 38.0.2125.101, does not pro ...)
 	- libv8 <removed>
 	[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
@@ -17817,31 +17817,31 @@ CVE-2014-3195
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: libv8 not covered by security support
-CVE-2014-3194
+CVE-2014-3194 (Use-after-free vulnerability in the Web Workers implementation in Goog ...)
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3193
+CVE-2014-3193 (The SessionService::GetLastSession function in browser/sessions/sessio ...)
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3192
+CVE-2014-3192 (Use-after-free vulnerability in the ProcessingInstruction::setXSLStyle ...)
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3191
+CVE-2014-3191 (Use-after-free vulnerability in Blink, as used in Google Chrome before ...)
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3190
+CVE-2014-3190 (Use-after-free vulnerability in the Event::currentTarget function in c ...)
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3189
+CVE-2014-3189 (The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium  ...)
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3188
+CVE-2014-3188 (Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101  ...)
 	- chromium-browser 38.0.2125.101-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
@@ -17850,41 +17850,41 @@ CVE-2014-3188
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-3187
+CVE-2014-3187 (Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS  ...)
 	- chromium-browser <not-affected> (only affects versions supporting Apple's facetime)
-CVE-2014-3186
+CVE-2014-3186 (Buffer overflow in the picolcd_raw_event function in devices/hid/hid-p ...)
 	- linux 3.16.5-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=101
 	NOTE: Upstream fix: https://git.kernel.org/linus/844817e47eef14141cf59b8d5ac08dd11c0a9189 (v3.17-rc3)
-CVE-2014-3185
+CVE-2014-3185 (Multiple buffer overflows in the command_port_read_callback function i ...)
 	{DLA-118-1}
 	- linux 3.16.2-2
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=98
 	NOTE: Upstream fix: https://git.kernel.org/linus/6817ae225cd650fb1c3295d769298c38b1eba818 (v3.17-rc3)
-CVE-2014-3184
+CVE-2014-3184 (The report_fixup functions in the HID subsystem in the Linux kernel be ...)
 	{DLA-246-1}
 	- linux 3.16.2-2
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=91
 	NOTE: Upstream fix: https://git.kernel.org/linus/4ab25786c87eb20857bbb715c3ae34ec8fd6a214 (v3.17-rc2)
-CVE-2014-3183
+CVE-2014-3183 (Heap-based buffer overflow in the logi_dj_ll_raw_request function in d ...)
 	- linux 3.16.2-2
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=90
 	NOTE: Upstream fix: https://git.kernel.org/linus/51217e69697fba92a06e07e16f55c9a52d8e8945 (v3.17-rc2)
-CVE-2014-3182
+CVE-2014-3182 (Array index error in the logi_dj_raw_event function in drivers/hid/hid ...)
 	- linux 3.16.2-2
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <not-affected> (Vulnerable driver introduced later)
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=89
 	NOTE: Upstream fix: https://git.kernel.org/linus/ad3e14d7c5268c2e24477c6ef54bbdf88add5d36 (v3.17-rc2)
-CVE-2014-3181
+CVE-2014-3181 (Multiple stack-based buffer overflows in the magicmouse_raw_event func ...)
 	- linux 3.16.5-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
@@ -17892,111 +17892,111 @@ CVE-2014-3181
 	NOTE: Upstream fix: https://git.kernel.org/linus/c54def7bd64d7c0b6993336abcffb8444795bf38 (v3.17-rc3)
 CVE-2014-3180
 	RESERVED
-CVE-2014-3179
+CVE-2014-3179 (Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062 ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3178
+CVE-2014-3178 (Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3177
+CVE-2014-3177 (Google Chrome before 37.0.2062.94 does not properly handle the interac ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3176
+CVE-2014-3176 (Google Chrome before 37.0.2062.94 does not properly handle the interac ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3175
+CVE-2014-3175 (Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062 ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3174
+CVE-2014-3174 (modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementati ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3173
+CVE-2014-3173 (The WebGL implementation in Google Chrome before 37.0.2062.94 does not ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3172
+CVE-2014-3172 (The Debugger extension API in browser/extensions/api/debugger/debugger ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3171
+CVE-2014-3171 (Use-after-free vulnerability in the V8 bindings in Blink, as used in G ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3170
+CVE-2014-3170 (extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94  ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3169
+CVE-2014-3169 (Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM  ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3168
+CVE-2014-3168 (Use-after-free vulnerability in the SVG implementation in Blink, as us ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3167
+CVE-2014-3167 (Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985 ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3166
+CVE-2014-3166 (The Public Key Pinning (PKP) implementation in Google Chrome before 36 ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3165
+CVE-2014-3165 (Use-after-free vulnerability in modules/websockets/WorkerThreadableWeb ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3164
+CVE-2014-3164 (cmds/servicemanager/service_manager.c in Android before commit 7d42a3c ...)
 	NOT-FOR-US: Android
 CVE-2014-3163
 	RESERVED
-CVE-2014-3162
+CVE-2014-3162 (Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985 ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3161
+CVE-2014-3161 (The WebMediaPlayerAndroid::load function in content/renderer/media/and ...)
 	NOT-FOR-US: Android
-CVE-2014-3160
+CVE-2014-3160 (The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher ...)
 	{DSA-3039-1}
 	- chromium-browser 37.0.2062.120-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3159
+CVE-2014-3159 (The WebContentsDelegateAndroid::OpenURLFromTab function in components/ ...)
 	NOT-FOR-US: Android
-CVE-2014-3158
+CVE-2014-3158 (Integer overflow in the getword function in options.c in pppd in Paul' ...)
 	{DSA-3079-1 DLA-74-1}
 	- ppp 2.4.6-3 (medium; bug #762789)
 	NOTE: https://github.com/paulusmack/ppp/commit/7658e8257183f062dc01f87969c140707c7e52cb
 	NOTE: http://marc.info/?l=linux-ppp&m=140764978420764
 	NOTE: No known exploit yet but potential local privilege escalation to root for users in "dip" group
-CVE-2014-3157
+CVE-2014-3157 (Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer f ...)
 	{DSA-2959-1}
 	- chromium-browser 35.0.1916.153-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3156
+CVE-2014-3156 (Buffer overflow in the clipboard implementation in Google Chrome befor ...)
 	{DSA-2959-1}
 	- chromium-browser 35.0.1916.153-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3155
+CVE-2014-3155 (net/spdy/spdy_write_queue.cc in the SPDY implementation in Google Chro ...)
 	{DSA-2959-1}
 	- chromium-browser 35.0.1916.153-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3154
+CVE-2014-3154 (Use-after-free vulnerability in the ChildThread::Shutdown function in  ...)
 	{DSA-2959-1}
 	- chromium-browser 35.0.1916.153-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-3153
+CVE-2014-3153 (The futex_requeue function in kernel/futex.c in the Linux kernel throu ...)
 	{DSA-2949-1 DLA-0007-1}
 	- linux 3.14.5-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze7
 	NOTE: http://thread.gmane.org/gmane.linux.kernel.stable/92357
-CVE-2014-3152
+CVE-2014-3152 (Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm ...)
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -18007,15 +18007,15 @@ CVE-2014-3152
 	NOTE: libv8 not covered by security support
 CVE-2014-3151
 	RESERVED
-CVE-2014-3150
+CVE-2014-3150 (Livebox 1.1 allows remote authenticated users to upload arbitrary conf ...)
 	NOT-FOR-US: Livebox
-CVE-2014-3149
+CVE-2014-3149 (Cross-site scripting (XSS) vulnerability in Invision Power IP.Board (a ...)
 	NOT-FOR-US: Invision Power IP.Board
-CVE-2014-3148
+CVE-2014-3148 (Cross-site scripting (XSS) vulnerability in libahttp/err.c in OkCupid  ...)
 	NOT-FOR-US: OkCupid
-CVE-2014-3147
+CVE-2014-3147 (Cross-site scripting (XSS) vulnerability in the auto-complete feature  ...)
 	NOT-FOR-US: Splunk
-CVE-2014-3146
+CVE-2014-3146 (Incomplete blacklist vulnerability in the lxml.html.clean module in lx ...)
 	{DSA-2941-1 DLA-0009-1}
 	- lxml 3.3.5-1 (bug #746812)
 	[squeeze] - lxml 2.2.8-2+deb6u1
@@ -18030,27 +18030,27 @@ CVE-2014-3141
 	RESERVED
 CVE-2014-3140
 	REJECTED
-CVE-2014-3139
+CVE-2014-3139 (recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 all ...)
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2014-3138
+CVE-2014-3138 (SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 Hot ...)
 	NOT-FOR-US: Xerox DocuShare
 CVE-2014-3136
 	RESERVED
-CVE-2014-3135
+CVE-2014-3135 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 5.1.1 ...)
 	NOT-FOR-US: vBulletin
-CVE-2014-3134
+CVE-2014-3134 (Cross-site scripting (XSS) vulnerability in the InfoView application i ...)
 	NOT-FOR-US: SAP BusinessObjects
-CVE-2014-3133
+CVE-2014-3133 (SAP Netweaver Java Application Server does not properly restrict acces ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-3132
+CVE-2014-3132 (SAP Background Processing does not properly restrict access, which all ...)
 	NOT-FOR-US: SAP Background Processing
-CVE-2014-3131
+CVE-2014-3131 (SAP Profile Maintenance does not properly restrict access, which allow ...)
 	NOT-FOR-US: SAP Solution Manager
-CVE-2014-3130
+CVE-2014-3130 (The ABAP Help documentation and translation tools (BC-DOC-HLP) in Basi ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-3129
+CVE-2014-3129 (The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP N ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-3209
+CVE-2014-3209 (The ldns-keygen tool in ldns 1.6.x uses the current umask to set the p ...)
 	- ldns 1.6.17-4 (low; bug #746758)
 	[squeeze] - ldns <no-dsa> (Minor issue)
 	[wheezy] - ldns 1.6.13-1+deb7u1
@@ -18060,35 +18060,35 @@ CVE-2014-3230 [HTTPS_CA_DIR or HTTPS_CA_FILE disables peer certificate verificat
 	[wheezy] - liblwp-protocol-https-perl <not-affected> (Introduced by bcc46ce2dab53d2e2baa583f2243d6fc7d36dcc8 in 6.04)
 	NOTE: Introduced by https://github.com/dagolden/lwp-protocol-https/commit/bcc46ce2dab53d2e2baa583f2243d6fc7d36dcc8
 	NOTE: CVE assignment for https://github.com/libwww-perl/lwp-protocol-https/pull/14#issuecomment-42328818
-CVE-2014-3207
+CVE-2014-3207 (Cross-site scripting (XSS) vulnerability in wserver.ml in SKS Keyserve ...)
 	- sks 1.1.5-1 (low; bug #746626)
 	[squeeze] - sks <no-dsa> (Minor issue)
 	[wheezy] - sks 1.1.3-2+deb7u1
 	NOTE: https://bitbucket.org/skskeyserver/sks-keyserver/issue/26/unfiltered-xss
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=952077
-CVE-2014-3137
+CVE-2014-3137 (Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before  ...)
 	{DSA-2948-1}
 	- python-bottle 0.12.6-1 (bug #746322)
 	[squeeze] - python-bottle <not-affected> (bug affects versions 0.10.11-1 and 0.12.5-1)
 CVE-2014-3128
 	RESERVED
-CVE-2014-3127
+CVE-2014-3127 (dpkg 1.15.9 on Debian squeeze introduces support for the "C-style enco ...)
 	{DSA-2915-2}
 	- dpkg 1.17.9
 CVE-2014-3126
 	RESERVED
-CVE-2014-3125
+CVE-2014-3125 (Xen 4.4.x, when running on an ARM system, does not properly context sw ...)
 	- xen <not-affected> (Only 32- and 64-bit ARM systems are affected from Xen 4.4 onwards)
-CVE-2014-3124
+CVE-2014-3124 (The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local g ...)
 	{DSA-3006-1}
 	- xen 4.4.1-1 (bug #757724)
 	[squeeze] - xen <not-affected> (Xen versions from 4.1 onwards are vulnerable)
-CVE-2014-3123
+CVE-2014-3123 (Cross-site scripting (XSS) vulnerability in admin/manage-images.php in ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2014-3121
+CVE-2014-3121 (rxvt-unicode before 9.20 does not properly handle OSC escape sequences ...)
 	{DSA-2925-1}
 	- rxvt-unicode 9.20-1 (bug #746593)
-CVE-2014-3120
+CVE-2014-3120 (The default configuration in Elasticsearch before 1.2 enables dynamic  ...)
 	- elasticsearch 1.0.3+dfsg-3 (bug #759736)
 	NOTE: https://github.com/elasticsearch/elasticsearch/commit/81e83cca
 	NOTE: https://github.com/elasticsearch/elasticsearch/issues/5853
@@ -18100,15 +18100,15 @@ CVE-2014-3117
 	RESERVED
 CVE-2014-3116
 	RESERVED
-CVE-2014-3115
+CVE-2014-3115 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web  ...)
 	NOT-FOR-US: Fortinet Fortiweb
-CVE-2014-3114
+CVE-2014-3114 (The EZPZ One Click Backup (ezpz-one-click-backup) plugin 12.03.10 and  ...)
 	NOT-FOR-US: WordPress plugin ezpz-one-click-backup
-CVE-2014-3113
+CVE-2014-3113 (Multiple buffer overflows in RealNetworks RealPlayer before 17.0.10.8  ...)
 	NOT-FOR-US: RealPlayer
 CVE-2014-3112
 	RESERVED
-CVE-2014-3110
+CVE-2014-3110 (Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCO ...)
 	NOT-FOR-US: Honeywell FALCON XLWeb controllor
 CVE-2014-3109
 	RESERVED
@@ -18116,157 +18116,157 @@ CVE-2014-3108
 	RESERVED
 CVE-2014-3107
 	RESERVED
-CVE-2014-3106
+CVE-2014-3106 (IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, an ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3105
+CVE-2014-3105 (The OSLC integration feature in the Web component in IBM Rational Clea ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3104
+CVE-2014-3104 (IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, an ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3103
+CVE-2014-3103 (The Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0. ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3102
+CVE-2014-3102 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.0 ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3101
+CVE-2014-3101 (The login form in the Web component in IBM Rational ClearQuest 7.1 bef ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2014-3100
+CVE-2014-3100 (Stack-based buffer overflow in the encode_key function in /system/bin/ ...)
 	NOT-FOR-US: Android service KeyStore
-CVE-2014-3099
+CVE-2014-3099 (Unspecified vulnerability in the Security component in IBM Systems Dir ...)
 	NOT-FOR-US: IBM Systems Director
 CVE-2014-3098
 	RESERVED
-CVE-2014-3097
+CVE-2014-3097 (Open redirect vulnerability in IBM Tivoli Federated Identity Manager ( ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-3096
+CVE-2014-3096 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program M ...)
 	NOT-FOR-US: IBM Curam
-CVE-2014-3095
+CVE-2014-3095 (The SQL engine in IBM DB2 9.5 through FP10, 9.7 through FP9a, 9.8 thro ...)
 	NOT-FOR-US: IBM DB2
-CVE-2014-3094
+CVE-2014-3094 (Stack-based buffer overflow in IBM DB2 9.7 through FP9a, 9.8 through F ...)
 	NOT-FOR-US: IBM DB2
-CVE-2014-3093
+CVE-2014-3093 (IBM PowerVC 1.2.0 before FP3 and 1.2.1 before FP2 uses cleartext passw ...)
 	NOT-FOR-US: IBM
-CVE-2014-3092
+CVE-2014-3092 (IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Mana ...)
 	NOT-FOR-US: IBM
-CVE-2014-3091
+CVE-2014-3091 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7 ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-3090
+CVE-2014-3090 (IBM Rational ClearCase 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and ...)
 	NOT-FOR-US: IBM Rational ClearCase
-CVE-2014-3089
+CVE-2014-3089 (The RDS Java Client library in IBM Rational Directory Server (RDS) 5.1 ...)
 	NOT-FOR-US: IBM Rational Directory Server
-CVE-2014-3088
+CVE-2014-3088 (stconf.nsf in IBM Sametime Meeting Server 8.5.1 relies on the client t ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2014-3087
+CVE-2014-3087 (callService.do in IBM Business Process Manager (BPM) 7.5 through 8.5.5 ...)
 	NOT-FOR-US: IBM
-CVE-2014-3086
+CVE-2014-3086 (Unspecified vulnerability in the IBM Java Virtual Machine, as used in  ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3085
+CVE-2014-3085 (systest.php on IBM GCM16 and GCM32 Global Console Manager switches wit ...)
 	NOT-FOR-US: IBM
-CVE-2014-3084
+CVE-2014-3084 (IBM Maximo Asset Management 6.1 through 6.5, 7.1 through 7.1.1.13, and ...)
 	NOT-FOR-US: IBM
-CVE-2014-3083
+CVE-2014-3083 (IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.35, 8.0.x be ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2014-3082
 	RESERVED
-CVE-2014-3081
+CVE-2014-3081 (prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches wi ...)
 	NOT-FOR-US: IBM
-CVE-2014-3080
+CVE-2014-3080 (Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and G ...)
 	NOT-FOR-US: IBM
-CVE-2014-3079
+CVE-2014-3079 (The Administration and Reporting Tool in IBM Rational License Key Serv ...)
 	NOT-FOR-US: IBM
 CVE-2014-3078
 	RESERVED
-CVE-2014-3077
+CVE-2014-3077 (IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x ...)
 	NOT-FOR-US: IBM
-CVE-2014-3076
+CVE-2014-3076 (IBM Business Process Manager (BPM) 8.5 through 8.5.5 allows remote att ...)
 	NOT-FOR-US: IBM
-CVE-2014-3075
+CVE-2014-3075 (Cross-site scripting (XSS) vulnerability in IBM Business Process Manag ...)
 	NOT-FOR-US: IBM
-CVE-2014-3074
+CVE-2014-3074 (The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2014-3073
+CVE-2014-3073 (Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mo ...)
 	NOT-FOR-US: Novell Identity Manager
-CVE-2014-3072
+CVE-2014-3072 (Unspecified vulnerability in the Automation Server in IBM Security App ...)
 	NOT-FOR-US: IBM Security AppScan
-CVE-2014-3071
+CVE-2014-3071 (Cross-site scripting (XSS) vulnerability in the Data Quality Console i ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-3070
+CVE-2014-3070 (The addFileRegistryAccount Virtual Member Manager (VMM) SPI Admin Task ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-3069
+CVE-2014-3069 (Multiple CRLF injection vulnerabilities in the Universal Access compon ...)
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-3068
+CVE-2014-3068 (IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1 (7.1.1.1), 7 be ...)
 	NOT-FOR-US: IBM JDK
 CVE-2014-3067
 	RESERVED
-CVE-2014-3066
+CVE-2014-3066 (IBM Tivoli Endpoint Manager 9.1 before 9.1.1088.0 allows remote attack ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2014-3065
+CVE-2014-3065 (Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 b ...)
 	NOT-FOR-US: IBM JDK
-CVE-2014-3064
+CVE-2014-3064 (The GDS component in IBM InfoSphere Master Data Management - Collabora ...)
 	NOT-FOR-US: IBM
-CVE-2014-3063
+CVE-2014-3063 (IBM InfoSphere Master Data Management - Collaborative Edition 10.x bef ...)
 	NOT-FOR-US: IBM
-CVE-2014-3062
+CVE-2014-3062 (Unspecified vulnerability in IBM Security QRadar SIEM 7.1 MR2 and 7.2  ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-3061
+CVE-2014-3061 (Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Spend  ...)
 	NOT-FOR-US: IBM
-CVE-2014-3060
+CVE-2014-3060 (Unspecified vulnerability on the IBM WebSphere DataPower XC10 applianc ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3059
+CVE-2014-3059 (Unspecified vulnerability in the Administrative Console on the IBM Web ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3058
+CVE-2014-3058 (Cross-site request forgery (CSRF) vulnerability on the IBM WebSphere D ...)
 	NOT-FOR-US: IBM
-CVE-2014-3057
+CVE-2014-3057 (Cross-site scripting (XSS) vulnerability in the Unified Task List (UTL ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-3056
+CVE-2014-3056 (The Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-3055
+CVE-2014-3055 (SQL injection vulnerability in the Unified Task List (UTL) Portlet for ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-3054
+CVE-2014-3054 (Multiple open redirect vulnerabilities in the Unified Task List (UTL)  ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-3053
+CVE-2014-3053 (The Local Management Interface (LMI) in IBM Security Access Manager (I ...)
 	NOT-FOR-US: IBM ISAM
-CVE-2014-3052
+CVE-2014-3052 (The reverse-proxy feature in IBM Security Access Manager (ISAM) for We ...)
 	NOT-FOR-US: IBM ISAM
-CVE-2014-3051
+CVE-2014-3051 (The Internet Service Monitor (ISM) agent in IBM Tivoli Composite Appli ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-3050
+CVE-2014-3050 (IBM Rational Team Concert (RTC) 3.x before 3.0.1.6 IF3 and 4.x before  ...)
 	NOT-FOR-US: IBM Rational Team Concert
 CVE-2014-3049
 	RESERVED
-CVE-2014-3048
+CVE-2014-3048 (Unspecified vulnerability on the IBM System Storage Virtualization Eng ...)
 	NOT-FOR-US: IBM System Storage Virtualization Engine
 CVE-2014-3047
 	RESERVED
 CVE-2014-3046
 	RESERVED
-CVE-2014-3045
+CVE-2014-3045 (IBM Scale Out Network Attached Storage (SONAS) 1.3.x and 1.4.x before  ...)
 	NOT-FOR-US: IBM
 CVE-2014-3044
 	RESERVED
-CVE-2014-3043
+CVE-2014-3043 (IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.3.3 allows remot ...)
 	NOT-FOR-US: IBM
-CVE-2014-3042
+CVE-2014-3042 (IBM CICS Transaction Server 3.1, 3.2, 4.1, 4.2, and 5.1 on z/OS does n ...)
 	NOT-FOR-US: IBM CICS Transaction Serve
-CVE-2014-3041
+CVE-2014-3041 (SQL injection vulnerability in IBM Emptoris Contract Management 9.5.x  ...)
 	NOT-FOR-US: IBM
-CVE-2014-3040
+CVE-2014-3040 (Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contra ...)
 	NOT-FOR-US: IBM
 CVE-2014-3039
 	RESERVED
-CVE-2014-3038
+CVE-2014-3038 (IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop g ...)
 	NOT-FOR-US: IBM SPSS Modeler
-CVE-2014-3037
+CVE-2014-3037 (Cross-site request forgery (CSRF) vulnerability in IBM Configuration M ...)
 	NOT-FOR-US: IBM
-CVE-2014-3036
+CVE-2014-3036 (Unspecified vulnerability in IBM API Management 3.0.0.0, when basic au ...)
 	NOT-FOR-US: IBM API Management
-CVE-2014-3035
+CVE-2014-3035 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Spend Analysi ...)
 	NOT-FOR-US: IBM
-CVE-2014-3034
+CVE-2014-3034 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Contract Mana ...)
 	NOT-FOR-US: IBM
-CVE-2014-3033
+CVE-2014-3033 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Sourcing Port ...)
 	NOT-FOR-US: IBM Emptoris Sourcing Portfolio
-CVE-2014-3032
+CVE-2014-3032 (Cross-site scripting (XSS) vulnerability in the Web GUI in IBM Tivoli  ...)
 	NOT-FOR-US: IBM Tivoli
-CVE-2014-3031
+CVE-2014-3031 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Business Servic ...)
 	NOT-FOR-US: IBM Tivoli Business Service Manager
 CVE-2014-3030
 	RESERVED
@@ -18276,68 +18276,68 @@ CVE-2014-3028
 	RESERVED
 CVE-2014-3027
 	RESERVED
-CVE-2014-3026
+CVE-2014-3026 (CRLF injection vulnerability in IBM Maximo Asset Management 7.5 throug ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-3025
+CVE-2014-3025 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asse ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-3024
+CVE-2014-3024 (Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Ma ...)
 	NOT-FOR-US: IBM
 CVE-2014-3023
 	RESERVED
-CVE-2014-3022
+CVE-2014-3022 (IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x be ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-3021
+CVE-2014-3021 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.35, 8.0 before ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-3020
+CVE-2014-3020 (install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 bef ...)
 	NOT-FOR-US: IBM Tivoli Integrated Portal
-CVE-2014-3019
+CVE-2014-3019 (IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module ...)
 	NOT-FOR-US: IBM
-CVE-2014-3018
+CVE-2014-3018 (IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module ...)
 	NOT-FOR-US: IBM
 CVE-2014-3017
 	RESERVED
 CVE-2014-3016
 	RESERVED
-CVE-2014-3015
+CVE-2014-3015 (Cross-site request forgery (CSRF) vulnerability in the Web player in I ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2014-3014
+CVE-2014-3014 (Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM  ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2014-3013
+CVE-2014-3013 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Curam Socia ...)
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-3012
+CVE-2014-3012 (Multiple CRLF injection vulnerabilities in IBM Curam Social Program Ma ...)
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2014-3011
+CVE-2014-3011 (IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers  ...)
 	NOT-FOR-US: IBM OpenPages GRC Platform
-CVE-2014-3010
+CVE-2014-3010 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSpher ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2014-3009
+CVE-2014-3009 (The GDS component in IBM InfoSphere Master Data Management - Collabora ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-3008
+CVE-2014-3008 (Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to ...)
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2014-3007
+CVE-2014-3007 (Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allo ...)
 	- pillow 2.4.0-1 (bug #737059)
 	- python-imaging <removed>
 	[squeeze] - python-imaging <no-dsa> (Minor issue)
 	[wheezy] - python-imaging <no-dsa> (Minor issue)
 	NOTE: details what is covered exactly by this CVE relating to CVE-2014-1932 and CVE-2014-1933 is missing
-CVE-2014-3006
+CVE-2014-3006 (Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when up ...)
 	NOT-FOR-US: Sitepark Information Enterprise Server
-CVE-2014-3005
+CVE-2014-3005 (XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21r ...)
 	- zabbix 1:2.2.5+dfsg-1 (bug #751910)
 	[squeeze] - zabbix <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://seclists.org/fulldisclosure/2014/Jun/87
 	NOTE: Upstream issue tracking https://support.zabbix.com/browse/ZBX-8151
-CVE-2014-3004
+CVE-2014-3004 (The default configuration for the Xerces SAX Parser in Castor before 1 ...)
 	NOT-FOR-US: Castor
 CVE-2014-3003
 	REJECTED
 CVE-2014-3002
 	RESERVED
-CVE-2014-3001
+CVE-2014-3001 (The device file system (aka devfs) in FreeBSD 10.0 before p2 does not  ...)
 	- kfreebsd-10 <not-affected>
 	NOTE: it is called SA-14:07.devfs in the freebsd world
 	NOTE: the devfs rules file is loaded by /etc/init.d/freebsd-utils on boot, so debian never was vulnerable
-CVE-2014-3000
+CVE-2014-3000 (The TCP reassembly function in the inet module in FreeBSD 8.3 before p ...)
 	{DSA-2952-1}
 	- kfreebsd-10 10.0-5 (bug #746949)
 	- kfreebsd-9 <removed> (bug #746951)
@@ -18350,52 +18350,52 @@ CVE-2014-2998
 	RESERVED
 CVE-2014-2997
 	RESERVED
-CVE-2014-2996
+CVE-2014-2996 (XCloner Standalone 3.5 and earlier, when enable_db_backup and sql_mem  ...)
 	NOT-FOR-US: XCloner Standalone
-CVE-2014-2995
+CVE-2014-2995 (Multiple cross-site scripting (XSS) vulnerabilities in twitget.php in  ...)
 	NOT-FOR-US: WordPress plugin Twitget
-CVE-2014-2994
+CVE-2014-2994 (Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS ...)
 	NOT-FOR-US: Acunetix Web Vulnerability Scanner
-CVE-2014-2993
+CVE-2014-2993 (The Birebin.com application for Android does not verify X.509 certific ...)
 	NOT-FOR-US: Birebin.com application for Android
-CVE-2014-2992
+CVE-2014-2992 (The Misli.com application for Android does not verify X.509 certificat ...)
 	NOT-FOR-US: Misli.com application for Android
 CVE-2014-2991
 	RESERVED
 CVE-2014-2990
 	RESERVED
-CVE-2014-2989
+CVE-2014-2989 (Cross-site request forgery (CSRF) vulnerability in Open Assessment Tec ...)
 	NOT-FOR-US: Open Assessment Technologies TAO
-CVE-2014-2988
+CVE-2014-2988 (EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Commu ...)
 	NOT-FOR-US: EGroupware EPL
-CVE-2014-2987
+CVE-2014-2987 (Multiple cross-site request forgery (CSRF) vulnerabilities in EGroupwa ...)
 	NOT-FOR-US: EGroupware EPL
-CVE-2014-3122
+CVE-2014-3122 (The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel bef ...)
 	{DSA-2926-1 DLA-0015-1}
 	- linux 3.14.4-1 (bug #747326)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: Introduced by https://git.kernel.org/linus/b291f000393f5a0b679012b39d79fbc85c018233
 	NOTE: Fixed by https://git.kernel.org/linus/57e68e9cd65b4b8eb4045a1e0d0746458502554c (v3.15-rc1)
-CVE-2014-3985
+CVE-2014-3985 (The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remo ...)
 	- miniupnpc 1.6-4 (low; bug #748913)
 	[wheezy] - miniupnpc <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1085618
 	NOTE: https://github.com/miniupnp/miniupnp/commit/3a87aa2f10bd7f1408e1849bdb59c41dd63a9fe9
 	NOTE: http://www.openwall.com/lists/oss-security/2014/04/30/3
-CVE-2014-4338
+CVE-2014-4338 (cups-browsed in cups-filters before 1.0.53 allows remote attackers to  ...)
 	- cups-filters 1.0.53-1
 	[wheezy] - cups-filters <not-affected> (vulnerable code not present)
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7195
-CVE-2014-4337
+CVE-2014-4337 (The process_browse_data function in utils/cups-browsed.c in cups-brows ...)
 	- cups-filters 1.0.53-1
 	[wheezy] - cups-filters <not-affected> (vulnerable code not present)
-CVE-2014-4336
+CVE-2014-4336 (The generate_local_queue function in utils/cups-browsed.c in cups-brow ...)
 	- cups-filters 1.0.53-1
 	[wheezy] - cups-filters <not-affected> (vulnerable code not present)
 	NOTE: incomplete fix was applied
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7194
-CVE-2014-3111
+CVE-2014-3111 (Multiple cross-site scripting (XSS) vulnerabilities in FOG 0.27 throug ...)
 	NOT-FOR-US: fog cloning solution
 CVE-2014-2985
 	RESERVED
@@ -18407,59 +18407,59 @@ CVE-2014-2981
 	RESERVED
 CVE-2014-2979
 	RESERVED
-CVE-2014-2978
+CVE-2014-2978 (The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispa ...)
 	- directfb <not-affected> (Vulnerable code was introduced in 1.4.4)
-CVE-2014-2977
+CVE-2014-2977 (Multiple integer signedness errors in the Dispatch_Write function in p ...)
 	- directfb <not-affected> (Vulnerable code was introduced in 1.4.13)
-CVE-2014-2976
+CVE-2014-2976 (Directory traversal vulnerability in Sixnet SixView Manager 2.4.1 allo ...)
 	NOT-FOR-US: Sixnet SixView
-CVE-2014-2975
+CVE-2014-2975 (Cross-site scripting (XSS) vulnerability in php/user_account.php in Si ...)
 	NOT-FOR-US: Silver Peak VX
-CVE-2014-2974
+CVE-2014-2974 (Cross-site request forgery (CSRF) vulnerability in php/user_account.ph ...)
 	NOT-FOR-US: Silver Peak VX
 CVE-2014-2973
 	REJECTED
-CVE-2014-2972
+CVE-2014-2972 (expand.c in Exim before 4.83 expands mathematical comparisons twice, w ...)
 	- exim4 4.82.1-2 (low)
 	[squeeze] - exim4 <no-dsa> (Minor issue)
 	[wheezy] - exim4 4.80-7+deb7u1
-CVE-2014-2971
+CVE-2014-2971 (Cross-site scripting (XSS) vulnerability in AddStdLetter.jsp in MicroP ...)
 	NOT-FOR-US: MicroPact iComplaints
 CVE-2014-2970
 	REJECTED
-CVE-2014-2969
+CVE-2014-2969 (NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a har ...)
 	NOT-FOR-US: NETGEAR GS108PE Prosafe Plus switches
-CVE-2014-2968
+CVE-2014-2968 (Cross-site scripting (XSS) vulnerability in the web interface on the H ...)
 	NOT-FOR-US: Huawei E355 CH1E355SM firmware
-CVE-2014-2967
+CVE-2014-2967 (Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers ...)
 	NOT-FOR-US: Autodesk VRED Professional
-CVE-2014-2966
+CVE-2014-2966 (The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly pe ...)
 	NOT-FOR-US: Resin Pro
-CVE-2014-2965
+CVE-2014-2965 (Cross-site scripting (XSS) vulnerability in auth-settings-x.php in Spa ...)
 	NOT-FOR-US: SpamTitan
-CVE-2014-2964
+CVE-2014-2964 (Cobham Aviator 700D and 700E satellite terminals have hardcoded passwo ...)
 	NOT-FOR-US: Cobham Aviator 700D and 700E satellite terminals
-CVE-2014-2963
+CVE-2014-2963 (Multiple cross-site scripting (XSS) vulnerabilities in group/control_p ...)
 	NOT-FOR-US: Liferay Portal
-CVE-2014-2962
+CVE-2014-2962 (Absolute path traversal vulnerability in the webproc cgi module on the ...)
 	NOT-FOR-US: Belkin router
 CVE-2014-2961
 	RESERVED
-CVE-2014-2960
+CVE-2014-2960 (Vision Critical before 2014-05-30 allows attackers to read arbitrary f ...)
 	NOT-FOR-US: Vision Critical
-CVE-2014-2959
+CVE-2014-2959 (logViewer.htm on the Dell ML6000 tape backup system with firmware befo ...)
 	NOT-FOR-US: Quantum Scalar
 CVE-2014-2958
 	RESERVED
-CVE-2014-2957
+CVE-2014-2957 (The dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPE ...)
 	- exim4 4.82.1-1 (unimportant)
 	[squeeze] - exim4 <not-affected> (Vulnerable code introduced in 4.82)
 	[wheezy] - exim4 <not-affected> (Vulnerable code introduced in 4.82)
 	NOTE: https://lists.exim.org/lurker/message/20140528.122536.a31d60a4.en.html
 	NOTE: EXPERIMENTAL_DMARC not enabled
-CVE-2014-2956
+CVE-2014-2956 (ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelpe ...)
 	NOT-FOR-US: AVG Secure Search toolbar and AVG Safeguard
-CVE-2014-2955
+CVE-2014-2955 (Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers ...)
 	NOT-FOR-US: Raritan PX
 CVE-2014-2954
 	RESERVED
@@ -18469,17 +18469,17 @@ CVE-2014-2952 [Arbitrary File Deletion as Root in Webmin]
 	RESERVED
 	NOT-FOR-US: Webmin
 	NOTE: https://sites.utexas.edu/iso/2014/09/09/arbitrary-file-deletion-as-root-in-webmin/
-CVE-2014-2951
+CVE-2014-2951 (Datum Systems SnIP on PSM-500 and PSM-4500 devices has a hardcoded pas ...)
 	NOT-FOR-US: Datum Systems SnIP
-CVE-2014-2950
+CVE-2014-2950 (Datum Systems SnIP on PSM-500 and PSM-4500 devices does not require au ...)
 	NOT-FOR-US: Datum Systems SnIP
-CVE-2014-2949
+CVE-2014-2949 (SQL injection vulnerability in the web service in F5 ARX Data Manager  ...)
 	NOT-FOR-US: F5 ARX Data Manager
-CVE-2014-2948
+CVE-2014-2948 (SQL injection vulnerability in workflowenginesoa.asmx in Bizagi BPM Su ...)
 	NOT-FOR-US: Bizagi BPM
-CVE-2014-2947
+CVE-2014-2947 (Cross-site scripting (XSS) vulnerability in Login.aspx in Bizagi BPM S ...)
 	NOT-FOR-US: Bizagi BPM
-CVE-2014-2946
+CVE-2014-2946 (Cross-site request forgery (CSRF) vulnerability in api/sms/send-sms in ...)
 	NOT-FOR-US: Huawei device
 CVE-2014-2945
 	REJECTED
@@ -18487,25 +18487,25 @@ CVE-2014-2944
 	REJECTED
 CVE-2014-2943
 	REJECTED
-CVE-2014-2942
+CVE-2014-2942 (Cobham Aviator 700D and 700E satellite terminals use an improper algor ...)
 	NOT-FOR-US: Cobham Aviator
-CVE-2014-2941
+CVE-2014-2941 (** DISPUTED ** Cobham Sailor 6000 satellite terminals have hardcoded T ...)
 	NOT-FOR-US: Cobham Sailor 6000 satellite terminals
-CVE-2014-2940
+CVE-2014-2940 (Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF ...)
 	NOT-FOR-US: Cobham Sailor 900 and 6000 satellite terminals
-CVE-2014-2939
+CVE-2014-2939 (Multiple cross-site scripting (XSS) vulnerabilities in Alfresco Enterp ...)
 	NOT-FOR-US: Alfresco
-CVE-2014-2938
+CVE-2014-2938 (Hanvon FaceID before 1.007.110 does not require authentication, which  ...)
 	NOT-FOR-US: Hanvon FaceID
 CVE-2014-2937
 	REJECTED
-CVE-2014-2936
+CVE-2014-2936 (The directory manager in Caldera 9.20 allows remote attackers to condu ...)
 	NOT-FOR-US: Caldera
-CVE-2014-2935
+CVE-2014-2935 (costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows  ...)
 	NOT-FOR-US: Caldera
-CVE-2014-2934
+CVE-2014-2934 (Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote at ...)
 	NOT-FOR-US: Caldera
-CVE-2014-2933
+CVE-2014-2933 (Directory traversal vulnerability in dirmng/index.php in Caldera 9.20  ...)
 	NOT-FOR-US: Caldera
 CVE-2014-2932
 	RESERVED
@@ -18515,21 +18515,21 @@ CVE-2014-2930
 	RESERVED
 CVE-2014-2929
 	RESERVED
-CVE-2014-2928
+CVE-2014-2928 (The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2014-2927
+CVE-2014-2927 (The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 1 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2014-2926
+CVE-2014-2926 (kapfa.sys in Kaseya Virtual System Administrator (VSA) 6.5 before 6.5. ...)
 	NOT-FOR-US: Kaseya Virtual System Administrator
-CVE-2014-2925
+CVE-2014-2925 (Cross-site scripting (XSS) vulnerability in Advanced_Wireless_Content. ...)
 	NOT-FOR-US: ASUS RT series
 CVE-2014-2924
 	RESERVED
 CVE-2014-2923
 	RESERVED
-CVE-2014-2922
+CVE-2014-2922 (The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Ne ...)
 	NOT-FOR-US: pimcore
-CVE-2014-2921
+CVE-2014-2921 (The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Ne ...)
 	NOT-FOR-US: pimcore
 CVE-2014-2920
 	RESERVED
@@ -18539,7 +18539,7 @@ CVE-2014-2918
 	RESERVED
 CVE-2014-2917
 	RESERVED
-CVE-2014-2916
+CVE-2014-2916 (Cross-site request forgery (CSRF) vulnerability in the subscription pa ...)
 	NOT-FOR-US: subscription page editor
 CVE-2014-2914 [remote code execution]
 	RESERVED
@@ -18553,9 +18553,9 @@ CVE-2014-2911
 	RESERVED
 CVE-2014-2910
 	RESERVED
-CVE-2014-2909
+CVE-2014-2909 (CRLF injection vulnerability in the integrated web server on Siemens S ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2908
+CVE-2014-2908 (Cross-site scripting (XSS) vulnerability in the integrated web server  ...)
 	NOT-FOR-US: Siemens
 CVE-2014-2906 [unsafe temporary file creationg leading to privilege escalation]
 	RESERVED
@@ -18563,19 +18563,19 @@ CVE-2014-2906 [unsafe temporary file creationg leading to privilege escalation]
 	[squeeze] - fish <no-dsa> (Minor issue)
 	[wheezy] - fish <no-dsa> (Minor issue)
 	NOTE: https://github.com/fish-shell/fish-shell/issues/1437
-CVE-2014-2905
+CVE-2014-2905 (fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the  ...)
 	- fish 2.1.1-1 (low; bug #746259)
 	[squeeze] - fish <no-dsa> (Minor issue)
 	[wheezy] - fish <no-dsa> (Minor issue)
 	NOTE: https://github.com/fish-shell/fish-shell/issues/1436
 CVE-2014-2895
 	RESERVED
-CVE-2014-2891
+CVE-2014-2891 (strongSwan before 5.1.2 allows remote attackers to cause a denial of s ...)
 	{DSA-2922-1}
 	- strongswan 5.1.2-1
 CVE-2014-2887
 	RESERVED
-CVE-2014-2886
+CVE-2014-2886 (GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) chara ...)
 	- gksu <removed>
 	[stretch] - gksu <ignored> (Minor issue)
 	[jessie] - gksu <ignored> (Minor issue)
@@ -18587,13 +18587,13 @@ CVE-2014-2886
 	NOTE: enabled (in auto mode).
 CVE-2014-2883
 	RESERVED
-CVE-2014-2882
+CVE-2014-2882 (Unspecified vulnerability in the management GUI in Citrix NetScaler Ap ...)
 	NOT-FOR-US: Citrix Netscaler
-CVE-2014-2881
+CVE-2014-2881 (Unspecified vulnerability in the Diffie-Hellman key agreement implemen ...)
 	NOT-FOR-US: Citrix Netscaler
-CVE-2014-2880
+CVE-2014-2880 (Open redirect vulnerability in the Oracle Identity Manager component i ...)
 	NOT-FOR-US: Oracle Identity Manager
-CVE-2014-2879
+CVE-2014-2879 (Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL  ...)
 	NOT-FOR-US: SonicWALL
 CVE-2014-2878
 	RESERVED
@@ -18607,25 +18607,25 @@ CVE-2014-XXXX [Insecure default permissions for ~/.virtualenvs and scripts]
 	- virtualenvwrapper 4.3-1 (low; bug #745580)
 	[wheezy] - virtualenvwrapper <no-dsa> (Minor issue)
 	[squeeze] - virtualenvwrapper <no-dsa> (Minor issue)
-CVE-2014-2907
+CVE-2014-2907 (The srtp_add_address function in epan/dissectors/packet-rtp.c in the R ...)
 	- wireshark 1.10.7-1 (bug #745595)
 	[wheezy] - wireshark <not-affected> (Affects 1.10.x only)
 	[squeeze] - wireshark <not-affected> (Affects 1.10.x only)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9885
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-06.html
-CVE-2014-2986
+CVE-2014-2986 (The vgic_distr_mmio_write function in the virtual guest interrupt cont ...)
 	- xen <not-affected> (Only 32-bit and 64-bit ARM systems are vulnerable from Xen 4.4 onwards)
-CVE-2014-2980
+CVE-2014-2980 (Tools/gdomap.c in gdomap in GNUstep Base 1.24.6 and earlier, when run  ...)
 	- gnustep-base 1.24.6-1 (bug #745470)
 	[wheezy] - gnustep-base 1.22.1-4+deb7u1
 	[squeeze] - gnustep-base <no-dsa> (Minor issue)
 	NOTE: https://savannah.gnu.org/bugs/?41751
-CVE-2014-2915
+CVE-2014-2915 (Xen 4.4.x, when running on ARM systems, does not properly restrict acc ...)
 	- xen <not-affected> (Only 32-bit and 64-bit ARM systems are vulnerable from Xen 4.4 onwards)
-CVE-2014-2913
+CVE-2014-2913 (** DISPUTED ** Incomplete blacklist vulnerability in nrpe.c in Nagios  ...)
 	- nagios-nrpe 2.15-1 (unimportant; bug #745272)
 	NOTE: This in insecure by design anyway
-CVE-2014-2983
+CVE-2014-2983 (Drupal 6.x before 6.31 and 7.x before 7.27 does not properly isolate t ...)
 	{DSA-2914-1 DSA-2913-1}
 	- drupal7 7.27-1
 	- drupal6 <removed>
@@ -18636,7 +18636,7 @@ CVE-2014-2904
 	- wolfssl 3.4.8+dfsg-1 (bug #792646)
 	NOTE: wolfssl actually fixed with the initial upload to unstable after the rename
 	NOTE: according to maintainer addressed in 3.2.0 upstream
-CVE-2014-2903
+CVE-2014-2903 (CyaSSL does not check the key usage extension in leaf certificates, wh ...)
 	- cyassl <removed> (bug #770229)
 	- wolfssl 3.4.8+dfsg-1 (bug #792646)
 	NOTE: wolfssl actually fixed with the initial upload to unstable after the rename
@@ -18653,9 +18653,9 @@ CVE-2014-2901
 	- wolfssl 3.4.8+dfsg-1 (bug #792646)
 	NOTE: wolfssl actually fixed with the initial upload to unstable after the rename
 	NOTE: according to maintainer addressed in 3.2.0 upstream
-CVE-2014-2900
+CVE-2014-2900 (wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certifica ...)
 	- cyassl 2.9.4+dfsg-1
-CVE-2014-2899
+CVE-2014-2899 (wolfSSL CyaSSL before 2.9.4 allows remote attackers to cause a denial  ...)
 	- cyassl 2.9.4+dfsg-1
 CVE-2014-2898
 	RESERVED
@@ -18666,83 +18666,83 @@ CVE-2014-2897
 CVE-2014-2896
 	RESERVED
 	- cyassl 2.9.4+dfsg-1
-CVE-2014-2890
+CVE-2014-2890 (Cross-site scripting (XSS) vulnerability in the wrap_html function in  ...)
 	- phpmyid <itp> (bug #492325)
-CVE-2014-2888
+CVE-2014-2888 (lib/sfpagent/bsig.rb in the sfpagent gem before 0.4.15 for Ruby allows ...)
 	NOT-FOR-US: Ruby Gem sfpagent
-CVE-2014-2885
+CVE-2014-2885 (Multiple integer overflows in TrueCrypt 7.1a allow local users to (1)  ...)
 	- truecrypt <itp> (bug #364034)
-CVE-2014-2884
+CVE-2014-2884 (The ProcessVolumeDeviceControlIrp function in Ntdriver.c in TrueCrypt  ...)
 	- truecrypt <itp> (bug #364034)
-CVE-2014-2874
+CVE-2014-2874 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote a ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2873
+CVE-2014-2873 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not requir ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2872
+CVE-2014-2872 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote a ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2871
+CVE-2014-2871 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on an HT ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2870
+CVE-2014-2870 (The default configuration of PaperThin CommonSpot before 7.0.2 and 8.x ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2869
+CVE-2014-2869 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote a ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2868
+CVE-2014-2868 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote a ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2867
+CVE-2014-2867 (Unrestricted file upload vulnerability in PaperThin CommonSpot before  ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2866
+CVE-2014-2866 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on clien ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2865
+CVE-2014-2865 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote a ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2864
+CVE-2014-2864 (Multiple directory traversal vulnerabilities in PaperThin CommonSpot b ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2863
+CVE-2014-2863 (Multiple absolute path traversal vulnerabilities in PaperThin CommonSp ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2862
+CVE-2014-2862 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not check  ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2861
+CVE-2014-2861 (Incomplete blacklist vulnerability in PaperThin CommonSpot before 7.0. ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2860
+CVE-2014-2860 (Multiple cross-site scripting (XSS) vulnerabilities in PaperThin Commo ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2859
+CVE-2014-2859 (PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote a ...)
 	NOT-FOR-US: PaperThin CommonSpot
-CVE-2014-2858
+CVE-2014-2858 (Directory traversal vulnerability in the Resources plugin 1.0.0 before ...)
 	- grails <itp> (bug #473213)
-CVE-2014-2857
+CVE-2014-2857 (The default configuration of the Resources plugin 1.0.0 before 1.2.6 f ...)
 	- grails <itp> (bug #473213)
-CVE-2014-2892
+CVE-2014-2892 (Heap-based buffer overflow in the get_answer function in mmsh.c in lib ...)
 	{DSA-2916-1}
 	- libmms 0.6.2-4 (bug #745301)
 	- xine-lib <not-affected> (mmsh is libmms-specific)
 	NOTE: http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8
-CVE-2014-2893
+CVE-2014-2893 (The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and  ...)
 	- llvm-toolchain-snapshot 1:3.5~svn211669-1 (bug #744817)
 	- llvm-toolchain-3.3 <unfixed>
 	- llvm-toolchain-3.4 1:3.4.2-1
-CVE-2014-2854
+CVE-2014-2854 (Cross-site scripting (XSS) vulnerability in the SemanticTitle extensio ...)
 	NOT-FOR-US: MediaWiki extension SemanticTitle
-CVE-2014-2853
+CVE-2014-2853 (Cross-site scripting (XSS) vulnerability in includes/actions/InfoActio ...)
 	- mediawiki <not-affected> (Vulnerable code not present)
-CVE-2014-2852
+CVE-2014-2852 (OpenAFS before 1.6.7 delays the listen thread when an RXS_CheckRespons ...)
 	{DSA-2899-1}
 	- openafs 1.6.7-1
-CVE-2014-2850
+CVE-2014-2850 (The network interface configuration page (netinterface) in Sophos Web  ...)
 	NOT-FOR-US: Sophos Web Appliance
-CVE-2014-2849
+CVE-2014-2849 (The Change Password dialog box (change_password) in Sophos Web Applian ...)
 	NOT-FOR-US: Sophos Web Appliance
-CVE-2014-2848
+CVE-2014-2848 (A race condition in the wmi_malware_scan.nbin plugin before 2014022622 ...)
 	NOT-FOR-US: Nessus
-CVE-2014-2847
+CVE-2014-2847 (SQL injection vulnerability in default.asp in CIS Manager CMS allows r ...)
 	NOT-FOR-US: CIS Manager CMS
-CVE-2014-2846
+CVE-2014-2846 (Directory traversal vulnerability in opt/arkeia/wui/htdocs/index.php i ...)
 	NOT-FOR-US: Arkeia Server Backup
-CVE-2014-2845
+CVE-2014-2845 (Cyberduck before 4.4.4 on Windows does not properly validate X.509 cer ...)
 	NOT-FOR-US: Cyberduck on Windows
-CVE-2014-2844
+CVE-2014-2844 (Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure  ...)
 	NOT-FOR-US: F-Secure Messaging Secure Gateway
 CVE-2014-2843
 	RESERVED
-CVE-2014-2842
+CVE-2014-2842 (Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a de ...)
 	NOT-FOR-US: Juniper ScreenOS
 CVE-2014-2841
 	RESERVED
@@ -18750,9 +18750,9 @@ CVE-2014-2840
 	RESERVED
 	NOT-FOR-US: TR-069 Auto Configuration Servers
 	NOTE: http://mis.fortunecook.ie/misfortune-cookie-tr069-protection-whitepaper.pdf
-CVE-2014-2839
+CVE-2014-2839 (SQL injection vulnerability in the GD Star Rating plugin 19.22 for Wor ...)
 	NOT-FOR-US: GD Star Rating plugin for WordPress
-CVE-2014-2838
+CVE-2014-2838 (Multiple cross-site request forgery (CSRF) vulnerabilities in the GD S ...)
 	NOT-FOR-US: GD Star Rating plugin for WordPress
 CVE-2014-2837
 	RESERVED
@@ -18768,167 +18768,167 @@ CVE-2014-2832
 	RESERVED
 CVE-2014-2831
 	RESERVED
-CVE-2014-2829
+CVE-2014-2829 (Erlang Solutions MongooseIM through 1.3.1 rev. 2 does not properly res ...)
 	NOT-FOR-US: MongooseIM
-CVE-2014-2827
+CVE-2014-2827 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2826
+CVE-2014-2826 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2825
+CVE-2014-2825 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2824
+CVE-2014-2824 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2823
+CVE-2014-2823 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2822
+CVE-2014-2822 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2821
+CVE-2014-2821 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2820
+CVE-2014-2820 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2819
+CVE-2014-2819 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ga ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2818
+CVE-2014-2818 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2817
+CVE-2014-2817 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ga ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2816
+CVE-2014-2816 (Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundatio ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-2815
+CVE-2014-2815 (Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-2814
+CVE-2014-2814 (Microsoft Service Bus 1.1 on Microsoft Windows Server 2008 R2 SP1 and  ...)
 	NOT-FOR-US: Microsoft Server
-CVE-2014-2813
+CVE-2014-2813 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-2812
 	REJECTED
-CVE-2014-2811
+CVE-2014-2811 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2810
+CVE-2014-2810 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2809
+CVE-2014-2809 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2808
+CVE-2014-2808 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2807
+CVE-2014-2807 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2806
+CVE-2014-2806 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-2805
 	REJECTED
-CVE-2014-2804
+CVE-2014-2804 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2803
+CVE-2014-2803 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2802
+CVE-2014-2802 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2801
+CVE-2014-2801 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2800
+CVE-2014-2800 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2799
+CVE-2014-2799 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2798
+CVE-2014-2798 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2797
+CVE-2014-2797 (Microsoft Internet Explorer 6 through 8 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2796
+CVE-2014-2796 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2795
+CVE-2014-2795 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2794
+CVE-2014-2794 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-2793
 	REJECTED
-CVE-2014-2792
+CVE-2014-2792 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2791
+CVE-2014-2791 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2790
+CVE-2014-2790 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2789
+CVE-2014-2789 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2788
+CVE-2014-2788 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2787
+CVE-2014-2787 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2786
+CVE-2014-2786 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2785
+CVE-2014-2785 (Microsoft Internet Explorer 7 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2784
+CVE-2014-2784 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2783
+CVE-2014-2783 (Microsoft Internet Explorer 7 through 11 does not prevent use of wildc ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2782
+CVE-2014-2782 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2781
+CVE-2014-2781 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-2780
+CVE-2014-2780 (DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-2779
+CVE-2014-2779 (mpengine.dll in Microsoft Malware Protection Engine before 1.1.10701.0 ...)
 	NOT-FOR-US: Microsoft Malware Protection Engine
-CVE-2014-2778
+CVE-2014-2778 (Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2777
+CVE-2014-2777 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2776
+CVE-2014-2776 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2775
+CVE-2014-2775 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2774
+CVE-2014-2774 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2773
+CVE-2014-2773 (Microsoft Internet Explorer 6 through 8 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2772
+CVE-2014-2772 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2771
+CVE-2014-2771 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2770
+CVE-2014-2770 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2769
+CVE-2014-2769 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2768
+CVE-2014-2768 (Microsoft Internet Explorer 6 through 8 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2767
+CVE-2014-2767 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2766
+CVE-2014-2766 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2765
+CVE-2014-2765 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2764
+CVE-2014-2764 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2763
+CVE-2014-2763 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-2762
 	REJECTED
-CVE-2014-2761
+CVE-2014-2761 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2760
+CVE-2014-2760 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2759
+CVE-2014-2759 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2758
+CVE-2014-2758 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2757
+CVE-2014-2757 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2756
+CVE-2014-2756 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2755
+CVE-2014-2755 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2754
+CVE-2014-2754 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2753
+CVE-2014-2753 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-2752
+CVE-2014-2752 (SAP Business Object Processing Framework (BOPF) for ABAP has hardcoded ...)
 	NOT-FOR-US: SAP
-CVE-2014-2751
+CVE-2014-2751 (SAP Print and Output Management has hardcoded credentials, which makes ...)
 	NOT-FOR-US: SAP
 CVE-2014-2750
 	REJECTED
-CVE-2014-2749
+CVE-2014-2749 (The HANA ICM process in SAP HANA allows remote attackers to obtain the ...)
 	NOT-FOR-US: SAP
-CVE-2014-2748
+CVE-2014-2748 (The Security Audit Log facility in SAP Enhancement Package (EHP) 6 for ...)
 	NOT-FOR-US: SAP
 CVE-2014-2747
 	RESERVED
@@ -18936,28 +18936,28 @@ CVE-2014-2740
 	RESERVED
 CVE-2014-2738
 	RESERVED
-CVE-2014-2737
+CVE-2014-2737 (SQL injection vulnerability in the get_active_session function in the  ...)
 	NOT-FOR-US: KnowledgeTree
-CVE-2014-2736
+CVE-2014-2736 (Multiple SQL injection vulnerabilities in MODX Revolution before 2.2.1 ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2014-2735
+CVE-2014-2735 (WinSCP before 5.5.3, when FTP with TLS is used, does not verify that t ...)
 	NOT-FOR-US: WinSCP
-CVE-2014-2734
+CVE-2014-2734 (** DISPUTED ** The openssl extension in Ruby 2.x does not properly mai ...)
 	NOTE: considered invalid and should be rejected, see https://gist.github.com/emboss/91696b56cd227c8a0c13
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1091156#c1
-CVE-2014-2733
+CVE-2014-2733 (Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a ...)
 	NOT-FOR-US: Siemens SINEMA
-CVE-2014-2732
+CVE-2014-2732 (Multiple directory traversal vulnerabilities in the integrated web ser ...)
 	NOT-FOR-US: Siemens SINEMA
-CVE-2014-2731
+CVE-2014-2731 (Multiple unspecified vulnerabilities in the integrated web server in S ...)
 	NOT-FOR-US: Siemens SINEMA
-CVE-2014-2889
+CVE-2014-2889 (Off-by-one error in the bpf_jit_compile function in arch/x86/net/bpf_j ...)
 	- linux 3.2.1-1
 	- linux-2.6 3.2.1-1
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 3.0)
 	NOTE: introduced by https://git.kernel.org/linus/0a14842f5a3c0e88a1e59fac5c3025db39721f74
 	NOTE: Upstrem fix in https://git.kernel.org/linus/a03ffcf873fe0f2565386ca8ef832144c42e67fa
-CVE-2014-2894
+CVE-2014-2894 (Off-by-one error in the cmd_smart function in the smart self test in h ...)
 	{DSA-2933-1 DSA-2932-1}
 	- qemu 2.0.0+dfsg-1 (bug #745157)
 	[squeeze] - qemu <not-affected> (Vulnerable code not present)
@@ -18965,13 +18965,13 @@ CVE-2014-2894
 	[squeeze] - qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Upstream fix https://lists.nongnu.org/archive/html/qemu-devel/2014-04/msg02016.html
 	NOTE: Vulnerable code introduced in 0.11.50: http://git.qemu.org/?p=qemu.git;a=commit;h=e8b54394950f975c1b31d2359cf58ca4d9f51b00
-CVE-2014-2855
+CVE-2014-2855 (The check_secret function in authenticate.c in rsync 3.1.0 and earlier ...)
 	- rsync 3.1.0-3 (bug #744791)
 	[wheezy] - rsync <not-affected> (Introduced in 3.1.0)
 	[squeeze] - rsync <not-affected> (Introduced in 3.1.0)
 	NOTE: Introduced with https://git.samba.org/?p=rsync.git;a=commitdiff;h=5ebe9a46d7f3c846a6d665cb8c6ab8b79508a6df
 	NOTE: Fix: https://git.samba.org/?p=rsync.git;a=commitdiff;h=0dedfbce2c1b851684ba658861fe9d620636c56a
-CVE-2014-2856
+CVE-2014-2856 (Cross-site scripting (XSS) vulnerability in scheduler/client.c in Comm ...)
 	- cups 1.7.2-1
 	[squeeze] - cups 1.4.4-7+squeeze5
 	[wheezy] - cups 1.5.3-5+deb7u2
@@ -18979,30 +18979,30 @@ CVE-2014-2856
 CVE-2014-XXXX [node-marked: multiple content injection vulnerabilities]
 	- node-marked 0.3.1+dfsg-1
 	NOTE: https://nodesecurity.io/advisories/marked_multiple_content_injection_vulnerabilities
-CVE-2014-2851
+CVE-2014-2851 (Integer overflow in the ping_init_sock function in net/ipv4/ping.c in  ...)
 	{DSA-2926-1}
 	- linux 3.14.4-1 (low)
 	- linux-2.6 <not-affected> (Introduced in 3.0)
 	NOTE: https://lkml.org/lkml/2014/4/10/736
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=b04c46190219a4f845e46a459e3102137b7f6cac
-CVE-2014-2830
+CVE-2014-2830 (Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils  ...)
 	- cifs-utils <unfixed> (unimportant)
 	[squeeze] - cifs-utils <not-affected> (Vulnerable code not present)
 	[wheezy] - cifs-utils <not-affected> (pam_cifscreds introduced in 6.3)
 	NOTE: cifscreds PAM not built in unstable
-CVE-2014-2828
+CVE-2014-2828 (The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and ...)
 	- keystone 2014.1-1
 	[wheezy] - keystone <not-affected> (Only affects 2013.1 to 2013.2.3)
 	NOTE: https://launchpad.net/bugs/1300274
-CVE-2014-2746
+CVE-2014-2746 (net/IOService.java in Tigase before 5.2.1 does not properly restrict t ...)
 	NOT-FOR-US: Tigase XMPP Server
-CVE-2014-2745
+CVE-2014-2745 (Prosody before 0.9.4 does not properly restrict the processing of comp ...)
 	{DSA-2895-1}
 	- prosody 0.9.4-1
 	[squeeze] - prosody <no-dsa> (Minor issue)
 	NOTE: http://hg.prosody.im/0.9/rev/a97591d2e1ad
 	NOTE: http://hg.prosody.im/0.9/rev/1107d66d2ab2
-CVE-2014-2744
+CVE-2014-2744 (plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightw ...)
 	{DSA-2895-1}
 	- prosody 0.9.4-1
 	- lua-expat 1.3.0-1
@@ -19010,24 +19010,24 @@ CVE-2014-2744
 	[squeeze] - lua-expat <no-dsa> (Minor issue)
 	[squeeze] - prosody <no-dsa> (Minor issue)
 	NOTE: http://hg.prosody.im/0.9/rev/b3b1c9da38fb
-CVE-2014-2743
+CVE-2014-2743 (plugins/mod_compression.lua in Lightwitch Metronome through 3.4 does n ...)
 	NOT-FOR-US: Openfire
-CVE-2014-2742
+CVE-2014-2742 (Isode M-Link before 16.0v7 does not properly restrict the processing o ...)
 	NOT-FOR-US: Openfire
-CVE-2014-2741
+CVE-2014-2741 (nio/XMLLightweightParser.java in Ignite Realtime Openfire before 3.9.2 ...)
 	NOT-FOR-US: Openfire
-CVE-2014-2730
+CVE-2014-2730 (The XML parser in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 201 ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2014-2739
+CVE-2014-2739 (The cma_req_handler function in drivers/infiniband/core/cma.c in the L ...)
 	- linux <not-affected> (Introduced and fixed in 3.14)
 	- linux-2.6 <not-affected> ((Introduced and fixed in 3.14)
-CVE-2014-2729
+CVE-2014-2729 (Cross-site scripting (XSS) vulnerability in content.aspx in Ektron CMS ...)
 	NOT-FOR-US: Ektron Web Content Management System
 CVE-2014-2728
 	RESERVED
 CVE-2014-2727
 	RESERVED
-CVE-2014-1985
+CVE-2014-1985 (Open redirect vulnerability in the redirect_back_or_default function i ...)
 	- redmine 2.5.1-1 (bug #743828)
 	[squeeze] - redmine <end-of-life> (Redmine not supported because of rails)
 	[wheezy] - redmine <end-of-life> (Redmine not supported because of rails)
@@ -19045,27 +19045,27 @@ CVE-2014-2722
 	RESERVED
 CVE-2014-2721
 	RESERVED
-CVE-2014-2720
+CVE-2014-2720 (IZArc 4.1.8 displays a file's name on the basis of a ZIP archive's Cen ...)
 	NOT-FOR-US: IZArc Archiver
-CVE-2014-2719
+CVE-2014-2719 (Advanced_System_Content.asp in the ASUS RT series routers with firmwar ...)
 	NOT-FOR-US: ASUS RT series routers
-CVE-2014-2718
+CVE-2014-2718 (ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66 ...)
 	NOT-FOR-US: ASUS routers
-CVE-2014-2717
+CVE-2014-2717 (Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier an ...)
 	NOT-FOR-US: Honeywell FALCON XLWeb controller
-CVE-2014-2716
+CVE-2014-2716 (Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location ...)
 	NOT-FOR-US: Ekahau Real-Time Location Tracking System
-CVE-2014-2715
+CVE-2014-2715 (Multiple cross-site scripting (XSS) vulnerabilities in vwrooms\templat ...)
 	NOT-FOR-US: Drupal plugin
-CVE-2014-2714
+CVE-2014-2714 (The Enhanced Web Filtering (EWF) in Juniper Junos before 10.4R15, 11.4 ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-2713
+CVE-2014-2713 (Juniper Junos before 11.4R11, 12.1 before 12.1R9, 12.2 before 12.2R7,  ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-2712
+CVE-2014-2712 (Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos bef ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-2711
+CVE-2014-2711 (Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos bef ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-2710
+CVE-2014-2710 (Multiple cross-site scripting (XSS) vulnerabilities in Oliver (formerl ...)
 	NOT-FOR-US: Oliver (formerly Webshar)
 CVE-2014-2705
 	RESERVED
@@ -19097,9 +19097,9 @@ CVE-2014-2692
 	RESERVED
 CVE-2014-2691
 	RESERVED
-CVE-2014-2690
+CVE-2014-2690 (Citrix VDI-in-a-Box 5.3.x before 5.3.6 and 5.4.x before 5.4.3 allows l ...)
 	NOT-FOR-US: Citrix VDI-in-a-Box
-CVE-2014-2689
+CVE-2014-2689 (Cross-site scripting (XSS) vulnerability in Offiria 2.1.0 and earlier  ...)
 	NOT-FOR-US: Offiria
 CVE-2014-2688
 	RESERVED
@@ -19107,25 +19107,25 @@ CVE-2014-2687
 	RESERVED
 CVE-2014-5880
 	REJECTED
-CVE-2014-2709
+CVE-2014-2709 (lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attacke ...)
 	{DSA-2970-1}
 	- cacti 0.8.8b+dfsg-4 (bug #743565)
 	[squeeze] - cacti 0.8.7g-1+squeeze4 (bug #743565)
 	NOTE: http://bugs.cacti.net/view.php?id=2405 (not yet public)
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7439
 	NOTE: CVE for all changes to lib/rrd.php to add cacti_escapeshellarg calls
-CVE-2014-2708
+CVE-2014-2708 (Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8 ...)
 	{DSA-2970-1}
 	- cacti 0.8.8b+dfsg-4 (bug #743565)
 	[squeeze] - cacti 0.8.7g-1+squeeze4 (bug #743565)
 	NOTE: http://bugs.cacti.net/view.php?id=2405 (not yet public)
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7439
 	NOTE: CVE for all changes to graph_xport.php to ensure that data is numeric
-CVE-2014-2707
+CVE-2014-2707 (cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP pr ...)
 	- cups-filters 1.0.51-1 (bug #743470)
 	[wheezy] - cups-filters <not-affected> (vulnerable code not present)
 	NOTE: Introduced in at least 1.0.41
-CVE-2014-2706
+CVE-2014-2706 (Race condition in the mac80211 subsystem in the Linux kernel before 3. ...)
 	- linux 3.13.7-1 (low)
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed> (low)
@@ -19141,17 +19141,17 @@ CVE-2014-2677
 	RESERVED
 CVE-2014-2676
 	RESERVED
-CVE-2014-2675
+CVE-2014-2675 (Cross-site request forgery (CSRF) vulnerability in inc/AdminPage.php i ...)
 	NOT-FOR-US: WP HTML Sitemap plugin for WordPress
-CVE-2014-2674
+CVE-2014-2674 (Directory traversal vulnerability in the Ajax Pagination (twitter Styl ...)
 	NOT-FOR-US: Ajax Pagination (twitter Style) plugin for WordPress
-CVE-2014-2671
+CVE-2014-2671 (Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote atta ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2014-2670
+CVE-2014-2670 (Cross-site scripting (XSS) vulnerability in Properties.do in ZOHO Mana ...)
 	NOT-FOR-US: ZOHO ManageEngine OpStor
 CVE-2014-2666
 	RESERVED
-CVE-2014-2664
+CVE-2014-2664 (Unrestricted file upload vulnerability in the ProfileController::actio ...)
 	NOT-FOR-US: X2Engine X2CR
 CVE-2014-2663
 	RESERVED
@@ -19161,67 +19161,67 @@ CVE-2014-2661
 	RESERVED
 CVE-2014-2660
 	RESERVED
-CVE-2014-2659
+CVE-2014-2659 (Cross-site request forgery (CSRF) vulnerability in the admin UI in Pap ...)
 	NOT-FOR-US: Papercut MF/NG
 	NOTE: This is not the papercut NNTP server.
-CVE-2014-2658
+CVE-2014-2658 (Unspecified vulnerability in Papercut MF and NG before 14.1 (Build 269 ...)
 	NOT-FOR-US: PaperCut MF
-CVE-2014-2657
+CVE-2014-2657 (Unspecified vulnerability in the print release functionality in PaperC ...)
 	NOT-FOR-US: PaperCut MF
-CVE-2014-2654
+CVE-2014-2654 (Multiple SQL injection vulnerabilities in MobFox mAdserve 2.0 and earl ...)
 	NOT-FOR-US: MobFox mAdserve
-CVE-2014-2685
+CVE-2014-2685 (The GenericConsumer class in the Consumer component in ZendOpenId befo ...)
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.5-0.1 (bug #743175)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-02
-CVE-2014-2684
+CVE-2014-2684 (The GenericConsumer class in the Consumer component in ZendOpenId befo ...)
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.5-0.1 (bug #743175)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-02
-CVE-2014-2683
+CVE-2014-2683 (Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 an ...)
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.5-0.1 (bug #743175)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-01
-CVE-2014-2682
+CVE-2014-2682 (Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 an ...)
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.5-0.1 (bug #743175)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-01
-CVE-2014-2681
+CVE-2014-2681 (Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 an ...)
 	{DSA-3265-1 DLA-251-1}
 	- zendframework 1.12.5-0.1 (bug #743175)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-01
-CVE-2014-2678
+CVE-2014-2678 (The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel th ...)
 	{DLA-0015-1}
 	- linux 3.13.10-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: https://lkml.org/lkml/2014/3/29/188
-CVE-2014-2673
+CVE-2014-2673 (The arch_dup_task_struct function in the Transactional Memory (TM) imp ...)
 	- linux 3.13.7-1
 	[wheezy] - linux <not-affected> (Introduced in 3.4)
 	- linux-2.6 <not-affected> (Introduced in 3.4)
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=621b5060e823301d0cba4cb52a7ee3491922d291
 	NOTE: only affects powerpc architecture
-CVE-2014-2672
+CVE-2014-2672 (Race condition in the ath_tx_aggr_sleep function in drivers/net/wirele ...)
 	- linux 3.13.7-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Introduced in 3.0)
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=21f8aaee0c62708654988ce092838aa7df4d25d8
-CVE-2014-2669
+CVE-2014-2669 (Multiple integer overflows in contrib/hstore/hstore_io.c in PostgreSQL ...)
 	{DSA-2865-1}
 	- postgresql-9.1 9.1.12-1
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (9.x branch only)
 	[squeeze] - postgresql-8.4 <not-affected> (9.x branch only)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-2668
+CVE-2014-2668 (Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a de ...)
 	- couchdb <removed> (low; bug #788962)
 	[wheezy] - couchdb <no-dsa> (Minor issue)
 	[squeeze] - couchdb <no-dsa> (Minor issue)
 	NOTE: High resource usage in CPU and memory while query is active. No crash for deamon in 1.4.0-3+b1 and 1.2.0-5 versions.
 	NOTE: http://git-wip-us.apache.org/repos/asf?p=couchdb.git;a=commitdiff_plain;h=0fb5aa9e67bd291ca2638dba961f4ddd3f6ccb3e;hp=198bea3479dfecac13ab1a3e95f902b8eba02f7d
-CVE-2014-2667
+CVE-2014-2667 (Race condition in the _get_masked_mode function in Lib/os.py in Python ...)
 	- python3.1 <removed>
 	[squeeze] - python3.1 <no-dsa> (Minor issue)
 	- python3.2 <removed> (low)
@@ -19231,7 +19231,7 @@ CVE-2014-2667
 	- python2.5 <not-affected> (Only affects Python 3.x)
 	- python2.6 <not-affected> (Only affects Python 3.x)
 	- python2.7 <not-affected> (Only affects Python 3.x)
-CVE-2014-2665
+CVE-2014-2665 (includes/specials/SpecialChangePassword.php in MediaWiki before 1.19.1 ...)
 	{DSA-2891-1}
 	- mediawiki 1:1.19.14+dfsg-1 (bug #742857)
 	[squeeze] - mediawiki <end-of-life>
@@ -19239,122 +19239,122 @@ CVE-2014-2665
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-March/000145.html
 CVE-2014-2656
 	REJECTED
-CVE-2014-2655
+CVE-2014-2655 (SQL injection vulnerability in the gen_show_status function in functio ...)
 	{DSA-2889-1}
 	- postfixadmin 2.3.5-3
 	NOTE: http://sourceforge.net/p/postfixadmin/code/1650
-CVE-2014-2653
+CVE-2014-2653 (The verify_host_key function in sshconnect.c in the client in OpenSSH  ...)
 	{DSA-2894-1}
 	- openssh 1:6.6p1-1 (low; bug #742513)
-CVE-2014-2652
+CVE-2014-2652 (SQL injection vulnerability in OpenScape Deployment Service (DLS) befo ...)
 	NOT-FOR-US: OpenScape Deployment Service
 CVE-2014-2651
 	RESERVED
 CVE-2014-2650
 	RESERVED
-CVE-2014-2649
+CVE-2014-2649 (Unspecified vulnerability in HP Operations Manager 9.20 on UNIX allows ...)
 	NOT-FOR-US: HP Operations Manager
-CVE-2014-2648
+CVE-2014-2648 (Unspecified vulnerability in HP Operations Manager 9.10 and 9.11 on UN ...)
 	NOT-FOR-US: HP Operations Manager
-CVE-2014-2647
+CVE-2014-2647 (Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP  ...)
 	NOT-FOR-US: HP Operations Manager
-CVE-2014-2646
+CVE-2014-2646 (Unspecified vulnerability in HP Network Automation 9.10 and 9.20 allow ...)
 	NOT-FOR-US: HP Network Automation
-CVE-2014-2645
+CVE-2014-2645 (HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2014-2644
+CVE-2014-2644 (Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2014-2643
+CVE-2014-2643 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7 ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2014-2642
+CVE-2014-2642 (HP System Management Homepage (SMH) before 7.4 allows remote attackers ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2014-2641
+CVE-2014-2641 (Cross-site request forgery (CSRF) vulnerability in HP System Managemen ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2014-2640
+CVE-2014-2640 (Cross-site scripting (XSS) vulnerability in HP System Management Homep ...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2014-2639
+CVE-2014-2639 (Unspecified vulnerability in HP MPIO Device Specific Module Manager be ...)
 	NOT-FOR-US: HP MPIO Device
-CVE-2014-2638
+CVE-2014-2638 (Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers ...)
 	NOT-FOR-US: HP Sprinter
-CVE-2014-2637
+CVE-2014-2637 (Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers ...)
 	NOT-FOR-US: HP Sprinter
-CVE-2014-2636
+CVE-2014-2636 (Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers ...)
 	NOT-FOR-US: HP Sprinter
-CVE-2014-2635
+CVE-2014-2635 (Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers ...)
 	NOT-FOR-US: HP Sprinter
-CVE-2014-2634
+CVE-2014-2634 (Unspecified vulnerability in the server in HP Service Manager (SM) 7.2 ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2014-2633
+CVE-2014-2633 (Cross-site request forgery (CSRF) vulnerability in the server in HP Se ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2014-2632
+CVE-2014-2632 (Unspecified vulnerability in the WebTier component in HP Service Manag ...)
 	NOT-FOR-US: HP Service Manager
-CVE-2014-2631
+CVE-2014-2631 (Unspecified vulnerability in HP Application Lifecycle Management (aka  ...)
 	NOT-FOR-US: HP Application Lifecycle Management / Quality Center
-CVE-2014-2630
+CVE-2014-2630 (Unspecified vulnerability in HP Operations Agent 11.00, when Glance is ...)
 	NOT-FOR-US: HP Operations Agent
-CVE-2014-2629
+CVE-2014-2629 (HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, an ...)
 	NOT-FOR-US: HP NonStop Safeguard Security Software
-CVE-2014-2628
+CVE-2014-2628 (Unspecified vulnerability in HP Enterprise Maps 1 allows remote authen ...)
 	NOT-FOR-US: HP Enterprise Maps
-CVE-2014-2627
+CVE-2014-2627 (Unspecified vulnerability in HP NonStop NetBatch G06.14 through G06.32 ...)
 	NOT-FOR-US: HP NonStop NetBatch
-CVE-2014-2626
+CVE-2014-2626 (Directory traversal vulnerability in the toServerObject function in HP ...)
 	NOT-FOR-US: HP Network Virtualization
-CVE-2014-2625
+CVE-2014-2625 (Directory traversal vulnerability in the storedNtxFile function in HP  ...)
 	NOT-FOR-US: HP Network Virtualization
-CVE-2014-2624
+CVE-2014-2624 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9. ...)
 	NOT-FOR-US: HP Network Node Manager
-CVE-2014-2623
+CVE-2014-2623 (Unspecified vulnerability in HP Storage Data Protector 8.x allows remo ...)
 	NOT-FOR-US: HP Data Protector
-CVE-2014-2622
+CVE-2014-2622 (Unspecified vulnerability in HP Intelligent Management Center (iMC) be ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2014-2621
+CVE-2014-2621 (Unspecified vulnerability in HP Intelligent Management Center (iMC) be ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2014-2620
+CVE-2014-2620 (Unspecified vulnerability in HP Intelligent Management Center (iMC) be ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2014-2619
+CVE-2014-2619 (Unspecified vulnerability in HP Intelligent Management Center (iMC) be ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2014-2618
+CVE-2014-2618 (Unspecified vulnerability in HP Intelligent Management Center (iMC) be ...)
 	NOT-FOR-US: HP Intelligent Management Center
-CVE-2014-2617
+CVE-2014-2617 (Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows  ...)
 	NOT-FOR-US: HP Universal CMDB
-CVE-2014-2616
+CVE-2014-2616 (Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows  ...)
 	NOT-FOR-US: HP Universal CMDB
-CVE-2014-2615
+CVE-2014-2615 (Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows  ...)
 	NOT-FOR-US: HP Universal CMDB
-CVE-2014-2614
+CVE-2014-2614 (Unspecified vulnerability in HP SiteScope 11.1x through 11.13 and 11.2 ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2014-2613
+CVE-2014-2613 (Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and ...)
 	NOT-FOR-US: HP Release Control
-CVE-2014-2612
+CVE-2014-2612 (Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and ...)
 	NOT-FOR-US: HP Release Control
-CVE-2014-2611
+CVE-2014-2611 (Directory traversal vulnerability in the fndwar web application in HP  ...)
 	NOT-FOR-US: HP Software Executive Scorecard
-CVE-2014-2610
+CVE-2014-2610 (Directory traversal vulnerability in the Content Acceleration Pack (CA ...)
 	NOT-FOR-US: HP Software Executive Scorecard
-CVE-2014-2609
+CVE-2014-2609 (The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9. ...)
 	NOT-FOR-US: HP Software Executive Scorecard
-CVE-2014-2608
+CVE-2014-2608 (Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1  ...)
 	NOT-FOR-US: HP Smart Update Manager
-CVE-2014-2607
+CVE-2014-2607 (Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13  ...)
 	NOT-FOR-US: HP Operations Manager
-CVE-2014-2606
+CVE-2014-2606 (Unspecified vulnerability in HP StoreVirtual 4000 Storage and StoreVir ...)
 	NOT-FOR-US: HP StoreVirtual
-CVE-2014-2605
+CVE-2014-2605 (Unspecified vulnerability in HP StoreVirtual 4000 Storage and StoreVir ...)
 	NOT-FOR-US: HP StoreVirtual
-CVE-2014-2604
+CVE-2014-2604 (Unspecified vulnerability in HP IceWall SSO 10.0 Dfw and IceWall MCRP  ...)
 	NOT-FOR-US: HP IceWall
-CVE-2014-2603
+CVE-2014-2603 (Unspecified vulnerability on HP 8/20q switches, SN6000 switches, and 8 ...)
 	NOT-FOR-US: HP
-CVE-2014-2602
+CVE-2014-2602 (Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote aut ...)
 	NOT-FOR-US: HP OneView
-CVE-2014-2601
+CVE-2014-2601 (The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier  ...)
 	NOT-FOR-US: HP
-CVE-2014-2600
+CVE-2014-2600 (Unspecified vulnerability in HP IceWall Identity Manager 4.0 through S ...)
 	NOT-FOR-US: HP
-CVE-2014-2598
+CVE-2014-2598 (Cross-site request forgery (CSRF) vulnerability in the Quick Page/Post ...)
 	NOT-FOR-US: Quick Page/Post Redirect plugin for WordPress
-CVE-2014-2597
+CVE-2014-2597 (PCNetSoftware RAC Server 4.0.4 and 4.0.5 allows local users to cause a ...)
 	NOT-FOR-US: PCNetSoftware RAC Server
 CVE-2014-2596
 	RESERVED
@@ -19362,42 +19362,42 @@ CVE-2014-2595
 	RESERVED
 CVE-2014-2594
 	RESERVED
-CVE-2014-2593
+CVE-2014-2593 (The management console in Aruba Networks ClearPass Policy Manager 6.3. ...)
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2014-2592
+CVE-2014-2592 (Unrestricted file upload vulnerability in Aruba Web Management portal  ...)
 	NOT-FOR-US: Aruba Web Management portal
-CVE-2014-2591
+CVE-2014-2591 (Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allow ...)
 	NOT-FOR-US: AIX
-CVE-2014-2590
+CVE-2014-2590 (The web management interface in Siemens RuggedCom ROS before 3.11, ROS ...)
 	NOT-FOR-US: Siemens RuggedCom ROS
-CVE-2014-2589
+CVE-2014-2589 (Cross-site scripting (XSS) vulnerability in the Dashboard Backend serv ...)
 	NOT-FOR-US: SonicWall
-CVE-2014-2588
+CVE-2014-2588 (Directory traversal vulnerability in servlet/downloadReport in McAfee  ...)
 	NOT-FOR-US: McAfee
-CVE-2014-2587
+CVE-2014-2587 (SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee  ...)
 	NOT-FOR-US: McAfee
-CVE-2014-2586
+CVE-2014-2586 (Cross-site scripting (XSS) vulnerability in the login audit form in Mc ...)
 	NOT-FOR-US: McAfee
 CVE-2014-2584
 	RESERVED
-CVE-2014-2583
+CVE-2014-2583 (Multiple directory traversal vulnerabilities in pam_timestamp.c in the ...)
 	- pam 1.1.8-3.1 (low; bug #757555)
 	[wheezy] - pam <no-dsa> (Minor issue)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	NOTE: Fix: https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-1_1_8-32-g9dcead8
 CVE-2014-2582
 	RESERVED
-CVE-2014-2579
+CVE-2014-2579 (Multiple cross-site request forgery (CSRF) vulnerabilities in XCloner  ...)
 	NOT-FOR-US: WordPress plugin xcloner
-CVE-2014-2578
+CVE-2014-2578 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk befor ...)
 	NOT-FOR-US: Splunk Web
-CVE-2014-2577
+CVE-2014-2577 (Multiple cross-site scripting (XSS) vulnerabilities in the Transform C ...)
 	NOT-FOR-US: Transform Foundation server
-CVE-2014-2575
+CVE-2014-2575 (Directory traversal vulnerability in the File Manager component in Dev ...)
 	NOT-FOR-US: ASP.NET WebForms and MVC
 CVE-2014-2574
 	RESERVED
-CVE-2014-2570
+CVE-2014-2570 (Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP ...)
 	- php-font-lib <unfixed> (unimportant)
 	NOTE: make_subset.php installed to examples
 	NOTE: http://seclists.org/bugtraq/2014/Mar/128
@@ -19405,7 +19405,7 @@ CVE-2014-2569
 	RESERVED
 CVE-2014-2566
 	RESERVED
-CVE-2014-2565
+CVE-2014-2565 (The commandline interface in Blue Coat Content Analysis System (CAS) 1 ...)
 	NOT-FOR-US: Blue Coat Content Analysis System
 CVE-2014-2564
 	RESERVED
@@ -19417,9 +19417,9 @@ CVE-2014-2561
 	RESERVED
 CVE-2014-2560
 	RESERVED
-CVE-2014-2559
+CVE-2014-2559 (Multiple cross-site request forgery (CSRF) vulnerabilities in twitget. ...)
 	NOT-FOR-US: WordPress plugin Twitget
-CVE-2014-2558
+CVE-2014-2558 (The File Gallery plugin before 1.7.9.2 for WordPress does not properly ...)
 	NOT-FOR-US: WordPress plugin file-gallery
 CVE-2014-2557
 	RESERVED
@@ -19427,20 +19427,20 @@ CVE-2014-2556
 	RESERVED
 CVE-2014-2555
 	RESERVED
-CVE-2014-2554
+CVE-2014-2554 (OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6  ...)
 	{DLA-1119-1}
 	- otrs2 3.3.6-1
 	[squeeze] - otrs2 <no-dsa> (Minor issue)
 	NOTE: https://www.otrs.com/security-advisory-2014-05-clickjacking-issue/
-CVE-2014-2553
+CVE-2014-2553 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
 	{DLA-1119-1}
 	- otrs2 3.3.6-1
 	[squeeze] - otrs2 <no-dsa> (Minor issue)
-CVE-2014-2552
+CVE-2014-2552 (Brookins Consulting (BC) Collected Information Export extension for eZ ...)
 	NOT-FOR-US: Brookins Consulting (BC) Collected Information Export extension
 CVE-2014-2551
 	RESERVED
-CVE-2014-2550
+CVE-2014-2550 (Cross-site request forgery (CSRF) vulnerability in the Disable Comment ...)
 	NOT-FOR-US: Disable Comments plugin for WordPress
 CVE-2014-2549
 	RESERVED
@@ -19450,82 +19450,82 @@ CVE-2014-2547
 	RESERVED
 CVE-2014-2546
 	RESERVED
-CVE-2014-2545
+CVE-2014-2545 (TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File ...)
 	NOT-FOR-US: TIBCO
-CVE-2014-2544
+CVE-2014-2544 (Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desk ...)
 	NOT-FOR-US: Spotfire
-CVE-2014-2543
+CVE-2014-2543 (Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Dae ...)
 	NOT-FOR-US: TIBCO
-CVE-2014-2542
+CVE-2014-2542 (Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd ...)
 	NOT-FOR-US: TIBCO
-CVE-2014-2541
+CVE-2014-2541 (The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezv ...)
 	NOT-FOR-US: TIBCO
-CVE-2014-2540
+CVE-2014-2540 (SQL injection vulnerability in OrbitScripts Orbit Open Ad Server befor ...)
 	NOT-FOR-US: Orbit Open Ad Server
 CVE-2014-2539
 	RESERVED
-CVE-2014-2537
+CVE-2014-2537 (Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109  ...)
 	NOT-FOR-US: Sophos UTM
-CVE-2014-2536
+CVE-2014-2536 (Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0 ...)
 	NOT-FOR-US: McAfee Cloud Identity Manager
-CVE-2014-2535
+CVE-2014-2535 (Directory traversal vulnerability in McAfee Web Gateway (MWG) 7.4.x be ...)
 	NOT-FOR-US: McAfee Web Gateway
-CVE-2014-2534
+CVE-2014-2534 (/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows  ...)
 	NOT-FOR-US: BlackBerry
-CVE-2014-2533
+CVE-2014-2533 (/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows  ...)
 	NOT-FOR-US: BlackBerry
-CVE-2014-2531
+CVE-2014-2531 (SQL injection vulnerability in xhr.php in InterWorx Web Control Panel  ...)
 	NOT-FOR-US: InterWorx Control Panel
 CVE-2014-2530
 	RESERVED
 CVE-2014-2529
 	RESERVED
-CVE-2014-2526
+CVE-2014-2526 (Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive  ...)
 	NOT-FOR-US: BarracudaDrive
-CVE-2014-2525
+CVE-2014-2525 (Heap-based buffer overflow in the yaml_parser_scan_uri_escapes functio ...)
 	{DSA-2885-1 DSA-2884-1}
 	- libyaml 0.1.4-3.2 (bug #742732)
 	- libyaml-libyaml-perl 0.41-5
 	NOTE: http://www.ocert.org/advisories/ocert-2014-003.html
-CVE-2014-2521
+CVE-2014-2521 (EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P0 ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2520
+CVE-2014-2520 (EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P0 ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2519
+CVE-2014-2519 (The default configuration of EMC RecoverPoint Appliance (RPA) 4.1 befo ...)
 	NOT-FOR-US: EMC RecoverPoint Appliance
-CVE-2014-2518
+CVE-2014-2518 (Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Docu ...)
 	NOT-FOR-US: EMC Documentum
-CVE-2014-2517
+CVE-2014-2517 (Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before 5. ...)
 	NOT-FOR-US: EMC RSA Archer GRC Platform
-CVE-2014-2516
+CVE-2014-2516 (Open redirect vulnerability in EMC RSA Authentication Manager 8.x befo ...)
 	NOT-FOR-US: EMC RSA Authentication Manager
-CVE-2014-2515
+CVE-2014-2515 (EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, 4 ...)
 	NOT-FOR-US: EMC Documentum
-CVE-2014-2514
+CVE-2014-2514 (EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15,  ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2513
+CVE-2014-2513 (EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15,  ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2512
+CVE-2014-2512 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum  ...)
 	NOT-FOR-US: EMC Documentum eRoom
-CVE-2014-2511
+CVE-2014-2511 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum  ...)
 	NOT-FOR-US: EMC Documentum
-CVE-2014-2510
+CVE-2014-2510 (The JAXB XML parser in EMC Documentum Foundation Services (DFS) 6.6 be ...)
 	NOT-FOR-US: EMC Documentum Foundation Services
-CVE-2014-2509
+CVE-2014-2509 (Session fixation vulnerability in the Report Advisor (RA) component in ...)
 	NOT-FOR-US: EMC NCM
-CVE-2014-2508
+CVE-2014-2508 (EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14,  ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2507
+CVE-2014-2507 (EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14,  ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2506
+CVE-2014-2506 (EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14,  ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-2505
+CVE-2014-2505 (EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers ...)
 	NOT-FOR-US: EMC RSA Archer GRC Platform
-CVE-2014-2504
+CVE-2014-2504 (EMC Documentum D2 3.1 before P20, 3.1 SP1 before P02, 4.0 before P10,  ...)
 	NOT-FOR-US: EMC Documentum D2
-CVE-2014-2503
+CVE-2014-2503 (The thumbnail proxy server in EMC Documentum Digital Asset Manager (DA ...)
 	NOT-FOR-US: EMC Documentum Digital Asset Manager
-CVE-2014-2502
+CVE-2014-2502 (Cross-site scripting (XSS) vulnerability in rsa_fso.swf in EMC RSA Ada ...)
 	NOT-FOR-US: EMC RSA Adaptive Authentication
 CVE-2014-2501
 	RESERVED
@@ -19535,18 +19535,18 @@ CVE-2014-2499
 	RESERVED
 CVE-2014-2498
 	RESERVED
-CVE-2014-2599
+CVE-2014-2599 (The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bi ...)
 	{DSA-3006-1}
 	- xen 4.4.1-1 (bug #757724)
 	[squeeze] - xen <not-affected> (Only affects 4.1 and later)
-CVE-2014-2585
+CVE-2014-2585 (ownCloud before 5.0.15 and 6.x before 6.0.2, when the file_external ap ...)
 	- owncloud 6.0.2+dfsg-1
-CVE-2014-2580
+CVE-2014-2580 (The netback driver in Xen, when using certain Linux versions that do n ...)
 	- linux 3.13.10-1
 	[wheezy] - linux <not-affected> (Introduced in 3.12)
 	- linux-2.6 <not-affected> (Introduced in 3.12)
 	NOTE: upstream patch: https://git.kernel.org/cgit/linux/kernel/git/davem/net-next.git/commit/?id=e9d8b2c2968499c1f96563e6522c56958d5a1d0d (first included in v3.15-rc1).
-CVE-2014-2532
+CVE-2014-2532 (sshd in OpenSSH before 6.6 does not properly support wildcards on Acce ...)
 	{DSA-2894-1}
 	- openssh 1:6.6p1-1
 	NOTE: Default sshd_config in Debian has AcceptEnv LANG LC_*
@@ -19557,7 +19557,7 @@ CVE-2014-2581 [credentials cache leak]
 	[wheezy] - smb4k <no-dsa> (Minor issue)
 	[squeeze] - smb4k <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/projects/smb4k/files/Smb4K%20%28stable%20releases%29/1.1.1/
-CVE-2014-2576
+CVE-2014-2576 (plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_ ...)
 	- claws-mail 3.10.1-1 (bug #742695)
 	[wheezy] - claws-mail <not-affected> (rssyl plugin in separate source package)
 	[squeeze] - claws-mail <not-affected> (rssyl plugin in separate source package)
@@ -19565,205 +19565,205 @@ CVE-2014-2576
 	- claws-mail-extra-plugins <removed>
 	[squeeze] - claws-mail-extra-plugins <no-dsa> (Minor issue)
 	[wheezy] - claws-mail-extra-plugins <no-dsa> (Minor issue)
-CVE-2014-2573
+CVE-2014-2573 (The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2  ...)
 	- nova 2014.1-9 (bug #750144)
 	[wheezy] - nova <not-affected> (Vulnerable code in 2013.2 to 2013.2.2)
 	NOTE: https://bugs.launchpad.net/nova/+bug/1269418
-CVE-2014-2568
+CVE-2014-2568 (Use-after-free vulnerability in the nfqnl_zcopy function in net/netfil ...)
 	- linux 3.13.7-1
 	- linux-2.6 <not-affected> (Introduced in 3.10 commit ae08ce002108)
 	[wheezy] - linux <not-affected> (Introduced in 3.10 commit ae08ce002108)
 	NOTE: Upstream path: https://lkml.org/lkml/2014/3/20/421
-CVE-2014-2567
+CVE-2014-2567 (The OpenConnectionTask::handleStateHelper function in Imap/Tasks/OpenC ...)
 	NOT-FOR-US: Trojita
-CVE-2014-2538
+CVE-2014-2538 (Cross-site scripting (XSS) vulnerability in lib/rack/ssl.rb in the rac ...)
 	- ruby-rack-ssl 1.3.2-4 (low; bug #742186)
 	[wheezy] - ruby-rack-ssl <no-dsa> (Minor issue)
 	NOTE: https://github.com/josh/rack-ssl/commit/9d7d7300b907e496db68d89d07fbc2e0df0b487b
-CVE-2014-2528
+CVE-2014-2528 (kcleanup.cpp in KDirStat 2.7.3 does not properly quote strings when de ...)
 	- k4dirstat 2.7.5-1 (bug #741659)
 	[wheezy] - k4dirstat <no-dsa> (Minor issue)
 	- kdirstat <removed>
 	[squeeze] - kdirstat <no-dsa> (Minor issue)
-CVE-2014-2527
+CVE-2014-2527 (kcleanup.cpp in KDirStat 2.7.0 does not properly quote strings when de ...)
 	- k4dirstat <not-affected> (Uses single quotes for affected code)
 	- kdirstat <removed> (low)
 	[squeeze] - kdirstat <no-dsa> (Minor issue)
-CVE-2014-2571
+CVE-2014-2571 (Cross-site scripting (XSS) vulnerability in the quiz_question_tostring ...)
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2014-2572
+CVE-2014-2572 (mod/assign/externallib.php in Moodle 2.6.x before 2.6.2 does not prope ...)
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
-CVE-2014-2524
+CVE-2014-2524 (The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 a ...)
 	- readline6 6.3-7 (low; bug #741953)
 	[wheezy] - readline6 <no-dsa> (Minor issue)
 	[squeeze] - readline6 <no-dsa> (Minor issue)
-CVE-2014-2523
+CVE-2014-2523 (net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3. ...)
 	{DSA-2906-1}
 	- linux 3.13.10-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/nf_conntrack_proto_dccp.c?id=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92
-CVE-2014-2522
+CVE-2014-2522 (curl and libcurl 7.27.0 through 7.35.0, when running on Windows and us ...)
 	- curl <not-affected> (Only present in code only running on Windows)
-CVE-2014-2497
+CVE-2014-2497 (The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP  ...)
 	{DSA-3215-1 DLA-189-1}
 	- php5 5.6.0~rc4+dfsg-1
 	[wheezy] - php5 <not-affected> (imagecreatefromxpm function not in used gd extension)
 	[squeeze] - php5 <not-affected> (imagecreatefromxpm function not in used gd extension)
 	- libgd2 2.1.0-4 (low; bug #744719)
 	NOTE: http://web.archive.org/web/20150221193227/http://net-ninja-mr.me/2014/03/14/php-gd-v5-4-17-2-color-visual-null-pointer-dereference/
-CVE-2014-2496
+CVE-2014-2496 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools  ...)
 	NOT-FOR-US: Oracle
-CVE-2014-2495
+CVE-2014-2495 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing  ...)
 	NOT-FOR-US: Oracle
-CVE-2014-2494
+CVE-2014-2494 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2985-1}
 	- mysql-5.5 5.5.39-1 (bug #754941)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
 	- mariadb-5.5 5.5.38-1 (bug #754940)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- percona-xtradb-cluster-5.5 5.5.39-25.11+dfsg-1
-CVE-2014-2493
+CVE-2014-2493 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2014-2492
+CVE-2014-2492 (Unspecified vulnerability in the Oracle Agile Product Collaboration co ...)
 	NOT-FOR-US: Oracle
-CVE-2014-2491
+CVE-2014-2491 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2014-2490
+CVE-2014-2490 (Unspecified vulnerability in the Java SE component in Oracle Java SE 7 ...)
 	{DSA-2987-1 DSA-2980-1 DLA-96-1}
 	- openjdk-6 6b32-1.13.4-1
 	NOTE: http://hg.openjdk.java.net/jdk6/jdk6/hotspot/rev/dd7d490e72af
 	- openjdk-7 7u65-2.5.1-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/02f12a9d5aec
-CVE-2014-2489
+CVE-2014-2489 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DLA-313-1}
 	- virtualbox 4.3.12-dfsg-1 (bug #754939)
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <no-dsa> (Specific details withheld, but CVSS score indicates low impact)
-CVE-2014-2488
+CVE-2014-2488 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DLA-313-1}
 	- virtualbox 4.3.12-dfsg-1 (bug #754939)
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <no-dsa> (Specific details withheld, but CVSS score indicates low impact)
-CVE-2014-2487
+CVE-2014-2487 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox <not-affected> (Only applies if VBox is running on Windows)
 	- virtualbox-ose <not-affected> (Only applies if VBox is running on Windows)
-CVE-2014-2486
+CVE-2014-2486 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DLA-313-1}
 	- virtualbox 4.3.12-dfsg-1 (bug #754939)
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <no-dsa> (Specific details withheld, but CVSS score indicates low impact)
-CVE-2014-2485
+CVE-2014-2485 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2014-2484
+CVE-2014-2484 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- mysql-5.1 <not-affected> (Only affects 5.6)
 	- mariadb-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <not-affected> (Only affects 5.6)
-CVE-2014-2483
+CVE-2014-2483 (Unspecified vulnerability in the Java SE component in Oracle Java SE J ...)
 	{DSA-2987-1}
 	- openjdk-6 <not-affected> (vulnerable code not present)
 	- openjdk-7 7u65-2.5.1-1
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/848481af9003
-CVE-2014-2482
+CVE-2014-2482 (Unspecified vulnerability in the Oracle Concurrent Processing componen ...)
 	NOT-FOR-US: Oracle
-CVE-2014-2481
+CVE-2014-2481 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2014-2480
+CVE-2014-2480 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2014-2479
+CVE-2014-2479 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2014-2478
+CVE-2014-2478 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-2477
+CVE-2014-2477 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox 4.3.12-dfsg-1 (bug #754939)
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
 	- virtualbox-ose <not-affected> (Only affects 4.0 and later)
-CVE-2014-2476
+CVE-2014-2476 (Unspecified vulnerability in the Oracle Secure Global Desktop componen ...)
 	NOT-FOR-US: Oracle Virtualization
-CVE-2014-2475
+CVE-2014-2475 (Unspecified vulnerability in the Oracle Secure Global Desktop componen ...)
 	NOT-FOR-US: Oracle Virtualization
-CVE-2014-2474
+CVE-2014-2474 (Unspecified vulnerability in the Oracle Secure Global Desktop componen ...)
 	NOT-FOR-US: Oracle Virtualization
-CVE-2014-2473
+CVE-2014-2473 (Unspecified vulnerability in the Oracle Secure Global Desktop componen ...)
 	NOT-FOR-US: Oracle Virtualization
-CVE-2014-2472
+CVE-2014-2472 (Unspecified vulnerability in the Oracle Secure Global Desktop componen ...)
 	NOT-FOR-US: Oracle Virtualization
-CVE-2014-2471
+CVE-2014-2471 (Unspecified vulnerability in the Oracle iLearning component in Oracle  ...)
 	NOT-FOR-US: Oracle iLearning
-CVE-2014-2470
+CVE-2014-2470 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2469
+CVE-2014-2469 (Unspecified vulnerability in lighttpd in Oracle Solaris 11.1 allows at ...)
 	- lighttpd <not-affected> (Only affects lighttpd on Oracle Solaris)
-CVE-2014-2468
+CVE-2014-2468 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2014-2467
+CVE-2014-2467 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2466
+CVE-2014-2466 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2465
+CVE-2014-2465 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2464
+CVE-2014-2464 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2463
+CVE-2014-2463 (Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) co ...)
 	NOT-FOR-US: Oracle Secure Global Desktop (SGD)
 CVE-2014-2462
 	REJECTED
-CVE-2014-2461
+CVE-2014-2461 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2460
+CVE-2014-2460 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2459
+CVE-2014-2459 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2458
+CVE-2014-2458 (Unspecified vulnerability in the Oracle Agile Product Lifecycle compon ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2457
+CVE-2014-2457 (Unspecified vulnerability in the Oracle Agile Product Lifecycle compon ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2456
+CVE-2014-2456 (Unspecified vulnerability in the PeopleSoft Enterprise ELS Enterprise  ...)
 	NOT-FOR-US: Oracle
-CVE-2014-2455
+CVE-2014-2455 (Unspecified vulnerability in the Hyperion Common Admin component in Or ...)
 	NOT-FOR-US: Oracle Hyperion
-CVE-2014-2454
+CVE-2014-2454 (Unspecified vulnerability in the Hyperion Common Admin component in Or ...)
 	NOT-FOR-US: Oracle Hyperion
-CVE-2014-2453
+CVE-2014-2453 (Unspecified vulnerability in the Hyperion Common Admin component in Or ...)
 	NOT-FOR-US: Oracle Hyperion
-CVE-2014-2452
+CVE-2014-2452 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2451
+CVE-2014-2451 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-2450
+CVE-2014-2450 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-2449
+CVE-2014-2449 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS Talent Acq ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2448
+CVE-2014-2448 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2447
+CVE-2014-2447 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2446
+CVE-2014-2446 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2445
+CVE-2014-2445 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-2444
+CVE-2014-2444 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-2443
+CVE-2014-2443 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2442
+CVE-2014-2442 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-2441
+CVE-2014-2441 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox-guest-additions <not-affected> (Only affects 4.1 and later)
 	- virtualbox-guest-additions-iso 4.3.10-1
 	[wheezy] - virtualbox-guest-additions-iso <no-dsa> (Non-free not supported)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
-CVE-2014-2440
+CVE-2014-2440 (Unspecified vulnerability in the MySQL Client component in Oracle MySQ ...)
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
@@ -19771,149 +19771,149 @@ CVE-2014-2440
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
 	NOTE: this is the same issue as CVE-2014-0001, see http://www.openwall.com/lists/oss-security/2014/09/11/23
-CVE-2014-2439
+CVE-2014-2439 (Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) co ...)
 	NOT-FOR-US: Oracle Secure Global Desktop (SGD)
-CVE-2014-2438
+CVE-2014-2438 (Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier an ...)
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-2437
+CVE-2014-2437 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2436
+CVE-2014-2436 (Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier an ...)
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-2435
+CVE-2014-2435 (Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-2434
+CVE-2014-2434 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-2433
+CVE-2014-2433 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2432
+CVE-2014-2432 (Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and ...)
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-2431
+CVE-2014-2431 (Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier an ...)
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-2430
+CVE-2014-2430 (Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier an ...)
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-2429
+CVE-2014-2429 (Unspecified vulnerability in the PeopleSoft Enterprise CS Campus Self  ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2014-2428
+CVE-2014-2428 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Jav ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-2427
+CVE-2014-2427 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2426
+CVE-2014-2426 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fu ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2425
+CVE-2014-2425 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fu ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2424
+CVE-2014-2424 (Unspecified vulnerability in the Oracle Event Processing component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2423
+CVE-2014-2423 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Jav ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2422
+CVE-2014-2422 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and JavaFX 2.2 ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2014-2421
+CVE-2014-2421 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2420
+CVE-2014-2420 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Jav ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-2419
+CVE-2014-2419 (Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier an ...)
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-2418
+CVE-2014-2418 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2417
+CVE-2014-2417 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2416
+CVE-2014-2416 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2415
+CVE-2014-2415 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2414
+CVE-2014-2414 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Jav ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2413
+CVE-2014-2413 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Em ...)
 	{DSA-2923-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 <not-affected> (Only affects Java 7/8)
-CVE-2014-2412
+CVE-2014-2412 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2411
+CVE-2014-2411 (Unspecified vulnerability in the Oracle Identity Analytics component i ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2410
+CVE-2014-2410 (Unspecified vulnerability in Oracle Java SE 8 allows remote attackers  ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2014-2409
+CVE-2014-2409 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Jav ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-2408
+CVE-2014-2408 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-2407
+CVE-2014-2407 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2406
+CVE-2014-2406 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-2405
+CVE-2014-2405 (Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux ...)
 	{DSA-2912-1}
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2404
+CVE-2014-2404 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2403
+CVE-2014-2403 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Jav ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2402
+CVE-2014-2402 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Em ...)
 	{DSA-2923-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 <not-affected> (Only affects Java 7/8)
-CVE-2014-2401
+CVE-2014-2401 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2014-2400
+CVE-2014-2400 (Unspecified vulnerability in the Oracle Endeca Server component in Ora ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2399
+CVE-2014-2399 (Unspecified vulnerability in the Oracle Endeca Server component in Ora ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-2398
+CVE-2014-2398 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-2397
+CVE-2014-2397 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Em ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
@@ -19923,198 +19923,198 @@ CVE-2014-2395
 	RESERVED
 CVE-2014-2394
 	RESERVED
-CVE-2014-2393
+CVE-2014-2393 (Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite 7.4. ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2014-2392
+CVE-2014-2392 (The E-Mail autoconfiguration feature in Open-Xchange AppSuite before 7 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2014-2391
+CVE-2014-2391 (The password recovery service in Open-Xchange AppSuite before 7.2.2-re ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2014-2390
+CVE-2014-2390 (Cross-site request forgery (CSRF) vulnerability in the User Management ...)
 	NOT-FOR-US: McAfee Network Security Manager
-CVE-2014-2389
+CVE-2014-2389 (Stack-based buffer overflow in a certain decryption function in qconnD ...)
 	NOT-FOR-US: BlackBerry Z 10
-CVE-2014-2388
+CVE-2014-2388 (The Storage and Access service in BlackBerry OS 10.x before 10.2.1.192 ...)
 	NOT-FOR-US: BlackBerry OS
-CVE-2014-2385
+CVE-2014-2385 (Multiple cross-site scripting (XSS) vulnerabilities in the web UI in S ...)
 	NOT-FOR-US: Sophos Antivirus
-CVE-2014-2384
+CVE-2014-2384 (vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player ...)
 	NOT-FOR-US: VMware on Windows
-CVE-2014-2383
+CVE-2014-2383 (dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled,  ...)
 	- php-dompdf 0.6.1+dfsg-2 (unimportant; bug #745619)
 	NOTE: requires DOMPDF_ENABLE_REMOTE (disabled by default) to be enabled
-CVE-2014-2382
+CVE-2014-2382 (The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterpris ...)
 	NOT-FOR-US: Faronics
-CVE-2014-2381
+CVE-2014-2381 (Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1  ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-2380
+CVE-2014-2380 (Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1  ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-2379
+CVE-2014-2379 (Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and Tr ...)
 	NOT-FOR-US: Sensys Networks
-CVE-2014-2378
+CVE-2014-2378 (Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and Tr ...)
 	NOT-FOR-US: Sensys Networks
-CVE-2014-2377
+CVE-2014-2377 (Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1 ...)
 	NOT-FOR-US: Ecava IntegraXor SCADA Server
-CVE-2014-2376
+CVE-2014-2376 (SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4. ...)
 	NOT-FOR-US: Ecava IntegraXor SCADA Server
-CVE-2014-2375
+CVE-2014-2375 (Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1 ...)
 	NOT-FOR-US: Ecava IntegraXor SCADA Server
-CVE-2014-2374
+CVE-2014-2374 (The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim I ...)
 	NOT-FOR-US: Accuenergy
-CVE-2014-2373
+CVE-2014-2373 (The web server on the AXN-NET Ethernet module accessory 3.04 for the A ...)
 	NOT-FOR-US: Accuenergy
 CVE-2014-2372
 	RESERVED
 CVE-2014-2371
 	RESERVED
-CVE-2014-2370
+CVE-2014-2370 (Cross-site scripting (XSS) vulnerability in the web application on Omr ...)
 	NOT-FOR-US: Omron
-CVE-2014-2369
+CVE-2014-2369 (Cross-site request forgery (CSRF) vulnerability in the web application ...)
 	NOT-FOR-US: Omron
-CVE-2014-2368
+CVE-2014-2368 (The BrowseFolder method in the bwocxrun ActiveX control in Advantech W ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-2367
+CVE-2014-2367 (The ChkCookie subroutine in an ActiveX control in broadweb/include/gCh ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-2366
+CVE-2014-2366 (upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenti ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-2365
+CVE-2014-2365 (Unspecified vulnerability in Advantech WebAccess before 7.2 allows rem ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-2364
+CVE-2014-2364 (Multiple stack-based buffer overflows in Advantech WebAccess before 7. ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-2363
+CVE-2014-2363 (Morpho Itemiser 3 8.17 has hardcoded administrative credentials, which ...)
 	NOT-FOR-US: Morpho Itemiser
-CVE-2014-2362
+CVE-2014-2362 (OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rel ...)
 	NOT-FOR-US: OleumTech Wireless Gateway
-CVE-2014-2361
+CVE-2014-2361 (OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, wh ...)
 	NOT-FOR-US: OleumTech Wireless Gateway
-CVE-2014-2360
+CVE-2014-2360 (OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules all ...)
 	NOT-FOR-US: OleumTech Wireless Gateway
-CVE-2014-2359
+CVE-2014-2359 (OleumTech Wireless Sensor Network devices allow remote attackers to ob ...)
 	NOT-FOR-US: OleumTech Wireless Sensor Network devices
-CVE-2014-2358
+CVE-2014-2358 (Multiple cross-site request forgery (CSRF) vulnerabilities in the admi ...)
 	NOT-FOR-US: Fox-IT Fox DataDiode
-CVE-2014-2357
+CVE-2014-2357 (The GPT library in the Telegyr 8979 Master Protocol application in SUB ...)
 	NOT-FOR-US: SUBNET SubSTATION Server 2
-CVE-2014-2356
+CVE-2014-2356 (Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require a ...)
 	NOT-FOR-US: Innominate mGuard
-CVE-2014-2355
+CVE-2014-2355 (The (1) CimView and (2) CimEdit components in GE Proficy HMI/SCADA-CIM ...)
 	NOT-FOR-US: Systems Integrated GE Proficy HMI/SCADA-CIMPLICITY
-CVE-2014-2354
+CVE-2014-2354 (Cogent DataHub before 7.3.5 does not use a salt during password hashin ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2014-2353
+CVE-2014-2353 (Cross-site scripting (XSS) vulnerability in Cogent DataHub before 7.3. ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2014-2352
+CVE-2014-2352 (Directory traversal vulnerability in Cogent DataHub before 7.3.5 allow ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2014-2351
+CVE-2014-2351 (SQL injection vulnerability in the LiveData service in CSWorks before  ...)
 	NOT-FOR-US: CSWorks
-CVE-2014-2350
+CVE-2014-2350 (Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentia ...)
 	NOT-FOR-US: Emerson DeltaV
-CVE-2014-2349
+CVE-2014-2349 (Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to mo ...)
 	NOT-FOR-US: Emerson DeltaV
 CVE-2014-2348
 	RESERVED
-CVE-2014-2347
+CVE-2014-2347 (Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage sessio ...)
 	NOT-FOR-US: Amtelco miSecureMessages
-CVE-2014-2346
+CVE-2014-2346 (COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through 7.1 ...)
 	NOT-FOR-US: COPA-DATA
-CVE-2014-2345
+CVE-2014-2345 (COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through 7.1 ...)
 	NOT-FOR-US: COPA-DATA
 CVE-2014-2344
 	REJECTED
-CVE-2014-2343
+CVE-2014-2343 (Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physica ...)
 	NOT-FOR-US: Triangle MicroWorks SCADA
-CVE-2014-2342
+CVE-2014-2342 (Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote  ...)
 	NOT-FOR-US: Triangle MicroWorks SCADA
-CVE-2014-2341
+CVE-2014-2341 (Session fixation vulnerability in CubeCart before 5.2.9 allows remote  ...)
 	NOT-FOR-US: CubeCart
-CVE-2014-2340
+CVE-2014-2340 (Cross-site request forgery (CSRF) vulnerability in the XCloner plugin  ...)
 	NOT-FOR-US: WordPress plugin xcloner-backup-and-restore
-CVE-2014-2339
+CVE-2014-2339 (Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in GNU ...)
 	NOT-FOR-US: GnuBoard
-CVE-2014-2338
+CVE-2014-2338 (IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypa ...)
 	{DSA-2903-1}
 	- strongswan 5.1.2-4
 CVE-2014-2337
 	RESERVED
-CVE-2014-2336
+CVE-2014-2336 (Multiple cross-site scripting (XSS) vulnerabilities in the Web User In ...)
 	NOT-FOR-US: Fortinet FortiManager
-CVE-2014-2335
+CVE-2014-2335 (Multiple cross-site scripting (XSS) vulnerabilities in the Web User In ...)
 	NOT-FOR-US: Fortinet FortiManager
-CVE-2014-2334
+CVE-2014-2334 (Multiple cross-site scripting (XSS) vulnerabilities in the Web User In ...)
 	NOT-FOR-US: Fortinet FortiManager
-CVE-2014-2333
+CVE-2014-2333 (Cross-site scripting (XSS) vulnerability in the Lazyest Gallery plugin ...)
 	NOT-FOR-US: WordPress plugin Lazyest Gallery
-CVE-2014-2332
+CVE-2014-2332 (Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authen ...)
 	- check-mk 1.2.2p3-1 (bug #742689)
 	[wheezy] - check-mk <no-dsa> (Minor issue)
 	NOTE: http://packetstormsecurity.com/files/125850/DTC-A-20140324-002.txt
-CVE-2014-2331
+CVE-2014-2331 (Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated use ...)
 	- check-mk 1.2.6p4-1 (bug #742689)
 	[wheezy] - check-mk <no-dsa> (Minor issue)
 	NOTE: http://packetstormsecurity.com/files/125850/DTC-A-20140324-002.txt
-CVE-2014-2330
+CVE-2014-2330 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Mult ...)
 	- check-mk 1.2.6p4-1 (bug #742689)
 	[wheezy] - check-mk <no-dsa> (Minor issue)
 	NOTE: http://packetstormsecurity.com/files/125850/DTC-A-20140324-002.txt
-CVE-2014-2329
+CVE-2014-2329 (Multiple cross-site scripting (XSS) vulnerabilities in Check_MK before ...)
 	- check-mk 1.2.2p3-1 (bug #742689)
 	[wheezy] - check-mk <no-dsa> (Minor issue)
 	NOTE: http://packetstormsecurity.com/files/125850/DTC-A-20140324-002.txt
-CVE-2014-2328
+CVE-2014-2328 (lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remot ...)
 	{DSA-2970-1}
 	- cacti 0.8.8b+dfsg-4 (bug #742768)
 	[squeeze] - cacti 0.8.7g-1+squeeze4 (bug #742768)
 	NOTE: http://bugs.cacti.net/view.php?id=2433
-CVE-2014-2327
+CVE-2014-2327 (Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8 ...)
 	{DSA-2970-1}
 	- cacti 0.8.8b+dfsg-6 (bug #742768)
 	[squeeze] - cacti 0.8.7g-1+squeeze4 (bug #742768)
 	NOTE: http://bugs.cacti.net/view.php?id=2432
-CVE-2014-2326
+CVE-2014-2326 (Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g,  ...)
 	{DSA-2970-1}
 	- cacti 0.8.8b+dfsg-4 (bug #742768)
 	[squeeze] - cacti 0.8.7g-1+squeeze4 (bug #742768)
 	NOTE: http://bugs.cacti.net/view.php?id=2431
-CVE-2014-2318
+CVE-2014-2318 (SQL injection vulnerability in ATCOM Netvolution 3 allows remote attac ...)
 	NOT-FOR-US: ATCOM Netvolution
-CVE-2014-2317
+CVE-2014-2317 (SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7 ...)
 	NOT-FOR-US: OpenDocMan
-CVE-2014-2316
+CVE-2014-2316 (SQL injection vulnerability in se_search_default in the Search Everyth ...)
 	NOT-FOR-US: WP plugin search-everything
-CVE-2014-2315
+CVE-2014-2315 (Multiple cross-site scripting (XSS) vulnerabilities in the Thank You C ...)
 	NOT-FOR-US: WP plugin thankyoubutton
-CVE-2014-2314
+CVE-2014-2314 (Directory traversal vulnerability in the Issue Collector plugin in Atl ...)
 	NOT-FOR-US: Atlassian JIRA
-CVE-2014-2313
+CVE-2014-2313 (Directory traversal vulnerability in the Importers plugin in Atlassian ...)
 	NOT-FOR-US: Atlassian JIRA
 CVE-2014-2387 [pen: insecure temporary filename]
 	RESERVED
 	- pen 0.22.1-1 (low; bug #741370)
 	[squeeze] - pen <no-dsa> (Minor issue)
 	[wheezy] - pen <no-dsa> (Minor issue)
-CVE-2014-2386
+CVE-2014-2386 (Multiple off-by-one errors in Icinga, possibly 1.10.2 and earlier, all ...)
 	{DSA-2956-1}
 	- icinga 1.11.0-1
 	[squeeze] - icinga <not-affected> (Vulnerable code not present)
-CVE-2014-2325
+CVE-2014-2325 (Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Ga ...)
 	NOT-FOR-US: Proxmox Mail Gateway
-CVE-2014-2324
+CVE-2014-2324 (Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) ...)
 	{DSA-2877-1}
 	- lighttpd 1.4.33-1+nmu3 (bug #741493)
-CVE-2014-2323
+CVE-2014-2323 (SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1. ...)
 	{DSA-2877-1}
 	- lighttpd 1.4.33-1+nmu3 (bug #741493)
-CVE-2014-2322
+CVE-2014-2322 (lib/string_utf_support.rb in the Arabic Prawn 0.0.1 gem for Ruby allow ...)
 	NOT-FOR-US: Ruby Gem Arabic Prawn
-CVE-2014-2321
+CVE-2014-2321 (web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote atta ...)
 	NOT-FOR-US: ZTE F460 and F660 cable modems
 CVE-2014-2320
 	RESERVED
-CVE-2014-2319
+CVE-2014-2319 (The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 u ...)
 	NOTE: Non issue
 	NOTE: http://seclists.org/oss-sec/2014/q1/550
-CVE-2014-2312
+CVE-2014-2312 (The main function in android_main.cpp in thermald allows local users t ...)
 	- thermald <not-affected> (android_main.cpp not used for Debian build)
-CVE-2014-2311
+CVE-2014-2311 (SQL injection vulnerability in modx.class.php in MODX Revolution 2.0.0 ...)
 	NOT-FOR-US: MODx Revolution
 CVE-2014-2308
 	RESERVED
@@ -20126,164 +20126,164 @@ CVE-2014-2305
 	RESERVED
 CVE-2014-2304
 	RESERVED
-CVE-2014-2303
+CVE-2014-2303 (Multiple SQL injection vulnerabilities in the file browser component ( ...)
 	NOT-FOR-US: webEdition CMS
-CVE-2014-2302
+CVE-2014-2302 (The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x befor ...)
 	NOT-FOR-US: webEdition CMS
-CVE-2014-2301
+CVE-2014-2301 (OrbiTeam BSCW before 5.0.8 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: OrbiTeam BSCW
 CVE-2014-2300
 	RESERVED
-CVE-2014-2299
+CVE-2014-2299 (Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPE ...)
 	{DSA-2871-1}
 	- wireshark 1.10.6-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9843
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-04.html
 CVE-2014-2298
 	RESERVED
-CVE-2014-2297
+CVE-2014-2297 (Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhispe ...)
 	NOT-FOR-US: VideoWhisper Live Streaming Integration plugin for WordPress
-CVE-2014-2296
+CVE-2014-2296 (XML external entity (XXE) vulnerability in java/org/jasig/cas/util/Sam ...)
 	NOT-FOR-US: Jasig CAS
 CVE-2014-2295
 	RESERVED
-CVE-2014-2294
+CVE-2014-2294 (Open Web Analytics (OWA) before 1.5.7 allows remote attackers to condu ...)
 	NOT-FOR-US: Open Web Analytics
-CVE-2014-2293
+CVE-2014-2293 (Zikula Application Framework before 1.3.7 build 11 allows remote attac ...)
 	NOT-FOR-US: Zikula
-CVE-2014-2292
+CVE-2014-2292 (Unspecified vulnerability in the Linux Network Connect client in Junip ...)
 	NOT-FOR-US: Junos Pulse Secure Access Service
-CVE-2014-2291
+CVE-2014-2291 (Cross-site scripting (XSS) vulnerability in the Pulse Collaboration (S ...)
 	NOT-FOR-US: Junos
 CVE-2014-2290
 	RESERVED
-CVE-2014-2289
+CVE-2014-2289 (res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Op ...)
 	- asterisk <not-affected> (Only affects Asterisk 12.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-004.html
-CVE-2014-2288
+CVE-2014-2288 (The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, w ...)
 	- asterisk <not-affected> (Only affects Asterisk 12.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-003.html
-CVE-2014-2287
+CVE-2014-2287 (channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11. ...)
 	{DLA-781-1}
 	- asterisk 1:11.8.1~dfsg-1 (bug #741313)
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-002.html
-CVE-2014-2286
+CVE-2014-2286 (main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x befo ...)
 	{DLA-455-1}
 	- asterisk 1:11.8.1~dfsg-1 (bug #741313)
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-001.html
-CVE-2014-2283
+CVE-2014-2283 (epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x bef ...)
 	{DSA-2871-1}
 	- wireshark 1.10.6-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9730
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-03.html
-CVE-2014-2282
+CVE-2014-2282 (The dissect_protocol_data_parameter function in epan/dissectors/packet ...)
 	- wireshark 1.10.6-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9699
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-02.html
-CVE-2014-2281
+CVE-2014-2281 (The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c i ...)
 	{DSA-2871-1}
 	- wireshark 1.10.6-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9672
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-01.html
-CVE-2014-2309
+CVE-2014-2309 (The ip6_route_add function in net/ipv6/route.c in the Linux kernel thr ...)
 	- linux 3.13.6-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Introduced in v3.0)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=957c665f37007de93ccbe45902a23143724170d0
 	NOTE: Fix: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=c88507fbad8055297c1d1e21e599f46960cbee39
-CVE-2014-2310
+CVE-2014-2310 (The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers t ...)
 	- net-snmp 5.7.2~dfsg-3 (bug #684388)
 	[wheezy] - net-snmp 5.4.3~dfsg-2.8
 	[squeeze] - net-snmp <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/p/net-snmp/patches/1113/
-CVE-2014-2280
+CVE-2014-2280 (Cross-site scripting (XSS) vulnerability in the search feature in Seed ...)
 	NOT-FOR-US: SeedDMS
-CVE-2014-2279
+CVE-2014-2279 (Multiple directory traversal vulnerabilities in SeedDMS (formerly Leto ...)
 	NOT-FOR-US: SeedDMS
-CVE-2014-2278
+CVE-2014-2278 (Unrestricted file upload vulnerability in op/op.AddFile2.php in SeedDM ...)
 	NOT-FOR-US: SeedDMS
-CVE-2014-2277
+CVE-2014-2277 (The make_temporary_filename function in perltidy 20120701-1 and earlie ...)
 	- perltidy 20130922-1 (bug #740670)
 	[wheezy] - perltidy <no-dsa> (Minor issue)
 	[squeeze] - perltidy <no-dsa> (Minor issue)
-CVE-2014-2276
+CVE-2014-2276 (The FileUploadController servlet in EMC Connectrix Manager Converged N ...)
 	NOT-FOR-US: EMC
 CVE-2014-2275
 	RESERVED
-CVE-2014-2274
+CVE-2014-2274 (Cross-site request forgery (CSRF) vulnerability in the Subscribe To Co ...)
 	NOT-FOR-US: Subscribe To Comments Reloaded plugin for WordPress
-CVE-2014-2273
+CVE-2014-2273 (The hx170dec device driver in Huawei P2-6011 before V100R001C00B043 al ...)
 	NOT-FOR-US: Huawei Router
 CVE-2014-2272
 	RESERVED
 CVE-2014-2271
 	RESERVED
-CVE-2014-2269
+CVE-2014-2269 (modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 ...)
 	NOT-FOR-US: vTiger CRM
-CVE-2014-2268
+CVE-2014-2268 (views/Index.php in the Install module in vTiger 6.0 before Security Pa ...)
 	NOT-FOR-US: vTiger CRM
 CVE-2014-2267
 	RESERVED
 CVE-2014-2266
 	RESERVED
-CVE-2014-2265
+CVE-2014-2265 (Rock Lobster Contact Form 7 before 3.7.2 allows remote attackers to by ...)
 	NOT-FOR-US: Rock Lobster Contact Form
-CVE-2014-2264
+CVE-2014-2264 (The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 upda ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2014-2263
+CVE-2014-2263 (The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB)  ...)
 	{DSA-3003-1}
 	- ffmpeg 7:2.4.1-1
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
 	- libav 6:10.4-1
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=addbaf134836aea4e14f73add8c6d753a1373257
-CVE-2014-2262
+CVE-2014-2262 (Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS 9 ...)
 	NOT-FOR-US: Base SAS
 CVE-2014-2261
 	RESERVED
-CVE-2014-2260
+CVE-2014-2260 (Cross-site scripting (XSS) vulnerability in plugins/main/content/js/aj ...)
 	NOT-FOR-US: Ajenti
-CVE-2014-2259
+CVE-2014-2259 (Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 all ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2258
+CVE-2014-2258 (Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2257
+CVE-2014-2257 (Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 all ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2256
+CVE-2014-2256 (Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2255
+CVE-2014-2255 (Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 all ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2254
+CVE-2014-2254 (Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2253
+CVE-2014-2253 (Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 all ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2252
+CVE-2014-2252 (Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2251
+CVE-2014-2251 (The random-number generator on Siemens SIMATIC S7-1500 CPU PLC devices ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2250
+CVE-2014-2250 (The random-number generator on Siemens SIMATIC S7-1200 CPU PLC devices ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2249
+CVE-2014-2249 (Cross-site request forgery (CSRF) vulnerability on Siemens SIMATIC S7- ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2248
+CVE-2014-2248 (Open redirect vulnerability in the integrated web server on Siemens SI ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2247
+CVE-2014-2247 (The integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices w ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2246
+CVE-2014-2246 (Cross-site scripting (XSS) vulnerability in the integrated web server  ...)
 	NOT-FOR-US: Siemens
-CVE-2014-2241
+CVE-2014-2241 (The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer f ...)
 	- freetype 2.5.2-1.1 (bug #741299)
 	[wheezy] - freetype <not-affected> (vuln. code introduced around 2.5)
 	[squeeze] - freetype <not-affected> (vuln. code introduced around 2.5)
 	NOTE: http://sourceforge.net/projects/freetype/files/freetype2/2.5.3/
 	NOTE: https://savannah.nongnu.org/bugs/?41697#comment2 if I understood it right
-CVE-2014-2240
+CVE-2014-2240 (Stack-based buffer overflow in the cf2_hintmap_build function in cff/c ...)
 	- freetype 2.5.2-1.1 (bug #741299)
 	[wheezy] - freetype <not-affected> (vuln. code introduced around 2.5)
 	[squeeze] - freetype <not-affected> (vuln. code introduced around 2.5)
@@ -20291,30 +20291,30 @@ CVE-2014-2240
 	NOTE: https://savannah.nongnu.org/bugs/?41697#comment0
 CVE-2014-2239
 	RESERVED
-CVE-2014-2234
+CVE-2014-2234 (A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier use ...)
 	- openssl <not-affected> (Apple-specific patch)
-CVE-2014-2233
+CVE-2014-2233 (Server-side request forgery (SSRF) vulnerability in the MapAPI in Info ...)
 	NOT-FOR-US: Infoware MapSuite
-CVE-2014-2232
+CVE-2014-2232 (Absolute path traversal vulnerability in the MapAPI in Infoware MapSui ...)
 	NOT-FOR-US: Infoware MapSuite
-CVE-2014-2231
+CVE-2014-2231 (Cross-site scripting (XSS) vulnerability in the API in synetics i-doit ...)
 	NOT-FOR-US: synetics i-doit pro
-CVE-2014-2230
+CVE-2014-2230 (Open redirect vulnerability in the header function in adclick.php in O ...)
 	NOT-FOR-US: OpenX
 CVE-2014-2229
 	RESERVED
 CVE-2014-2228
 	RESERVED
-CVE-2014-2227
+CVE-2014-2227 (The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Ne ...)
 	NOT-FOR-US: Ubiquiti Networks
-CVE-2014-2226
+CVE-2014-2226 (Ubiquiti UniFi Controller before 3.2.1 logs the administrative passwor ...)
 	NOT-FOR-US: Ubiquiti Networks
 CVE-2014-2225
 	RESERVED
 	NOT-FOR-US: Ubiquiti Networks
-CVE-2014-2224
+CVE-2014-2224 (Plogger 1.0 RC1 and earlier, when the Lucid theme is used, does not as ...)
 	NOT-FOR-US: Plogger
-CVE-2014-2223
+CVE-2014-2223 (Unrestricted file upload vulnerability in plog-admin/plog-upload.php i ...)
 	NOT-FOR-US: Plogger
 CVE-2014-2222
 	RESERVED
@@ -20322,25 +20322,25 @@ CVE-2014-2221
 	RESERVED
 CVE-2014-2220
 	RESERVED
-CVE-2014-2219
+CVE-2014-2219 (Cross-site scripting (XSS) vulnerability in whizzywig/wb.php in CMSimp ...)
 	NOT-FOR-US: CMSimple
 CVE-2014-2218
 	RESERVED
-CVE-2014-2217
+CVE-2014-2217 (Absolute path traversal vulnerability in the RadAsyncUpload control in ...)
 	NOT-FOR-US: Telerik UI for ASP.NET AJAX
-CVE-2014-2216
+CVE-2014-2216 (The FortiManager protocol service in Fortinet FortiOS before 4.3.16 an ...)
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2014-2215
 	REJECTED
-CVE-2014-2210
+CVE-2014-2210 (Multiple directory traversal vulnerabilities in CA ERwin Web Portal 9. ...)
 	NOT-FOR-US: Erwin Web Portal
-CVE-2014-2209
+CVE-2014-2209 (Facebook HipHop Virtual Machine (HHVM) before 3.1.0 does not drop supp ...)
 	NOT-FOR-US: Facebook HipHop Virtual Machine
-CVE-2014-2208
+CVE-2014-2208 (CRLF injection vulnerability in the LightProcess protocol implementati ...)
 	NOT-FOR-US: Facebook HipHop Virtual Machine
 CVE-2014-2207
 	RESERVED
-CVE-2014-2205
+CVE-2014-2205 (The Import and Export Framework in McAfee ePolicy Orchestrator (ePO) b ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
 CVE-2014-2204
 	RESERVED
@@ -20348,29 +20348,29 @@ CVE-2014-2203
 	RESERVED
 CVE-2014-2202
 	RESERVED
-CVE-2014-2201
+CVE-2014-2201 (The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-2200
+CVE-2014-2200 (Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local authen ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2199
+CVE-2014-2199 (meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebE ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-2198
+CVE-2014-2198 (Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platf ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-2197
+CVE-2014-2197 (The Administration GUI in the web framework in Cisco Unified Communica ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-2196
+CVE-2014-2196 (Cisco Wide Area Application Services (WAAS) 5.1.1 before 5.1.1e, when  ...)
 	NOT-FOR-US: Cisco Wide Area Application Services
-CVE-2014-2195
+CVE-2014-2195 (Cisco AsyncOS on Email Security Appliance (ESA) and Content Security M ...)
 	NOT-FOR-US: Cisco AsyncOS
-CVE-2014-2194
+CVE-2014-2194 (system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interacti ...)
 	NOT-FOR-US: Cisco Unified Web and E-mail Interaction Manager
-CVE-2014-2193
+CVE-2014-2193 (Cisco Unified Web and E-Mail Interaction Manager places session identi ...)
 	NOT-FOR-US: Cisco Unified Web and E-Mail Interaction Manager
-CVE-2014-2192
+CVE-2014-2192 (Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-ma ...)
 	NOT-FOR-US: Cisco Unified Web and E-Mail Interaction Manager
-CVE-2014-2191
+CVE-2014-2191 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2190
+CVE-2014-2190 (Cross-site request forgery (CSRF) vulnerability in the web framework i ...)
 	NOT-FOR-US: Cisco
 CVE-2014-2189
 	REJECTED
@@ -20378,77 +20378,77 @@ CVE-2014-2188
 	REJECTED
 CVE-2014-2187
 	RESERVED
-CVE-2014-2186
+CVE-2014-2186 (Cross-site request forgery (CSRF) vulnerability in the web framework i ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-2185
+CVE-2014-2185 (The Call Detail Records (CDR) Management component in Cisco Unified Co ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-2184
+CVE-2014-2184 (The IP Manager Assistant (IPMA) component in Cisco Unified Communicati ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-2183
+CVE-2014-2183 (The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 rout ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2182
+CVE-2014-2182 (Cisco Adaptive Security Appliance (ASA) Software, when DHCPv6 replay i ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2181
+CVE-2014-2181 (Cisco Adaptive Security Appliance (ASA) Software allows remote authent ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2180
+CVE-2014-2180 (The Document Management component in Cisco Unified Contact Center Expr ...)
 	NOT-FOR-US: Cisco Unified Contact Center Express
-CVE-2014-2179
+CVE-2014-2179 (The Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV12 ...)
 	NOT-FOR-US: Cisco RV
-CVE-2014-2178
+CVE-2014-2178 (Cross-site request forgery (CSRF) vulnerability in the administrative  ...)
 	NOT-FOR-US: Cisco RV
-CVE-2014-2177
+CVE-2014-2177 (The network-diagnostics administration interface in the Cisco RV route ...)
 	NOT-FOR-US: Cisco RV
-CVE-2014-2176
+CVE-2014-2176 (Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-b ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-2175
+CVE-2014-2175 (Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2174
+CVE-2014-2174 (Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2173
+CVE-2014-2173 (Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2172
+CVE-2014-2172 (Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE S ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2171
+CVE-2014-2171 (Heap-based buffer overflow in Cisco TelePresence TC Software 4.x throu ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2170
+CVE-2014-2170 (Cisco TelePresence TC Software 4.x and 5.x before 5.1.7 and 6.x before ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2169
+CVE-2014-2169 (Cisco TelePresence TC Software 4.x through 6.x before 6.2.0 and TE Sof ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2168
+CVE-2014-2168 (Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE S ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2167
+CVE-2014-2167 (The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x a ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2166
+CVE-2014-2166 (The SIP implementation in Cisco TelePresence TC Software 4.x and TE So ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2165
+CVE-2014-2165 (The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x a ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2164
+CVE-2014-2164 (The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x a ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2163
+CVE-2014-2163 (The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x a ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2162
+CVE-2014-2162 (The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x a ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2161
+CVE-2014-2161 (The H.225 subsystem in Cisco TelePresence System MXP Series Software b ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2160
+CVE-2014-2160 (The H.225 subsystem in Cisco TelePresence System MXP Series Software b ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2159
+CVE-2014-2159 (The H.225 subsystem in Cisco TelePresence System MXP Series Software b ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2158
+CVE-2014-2158 (Cisco TelePresence System MXP Series Software before F9.3.1 allows rem ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2157
+CVE-2014-2157 (Cisco TelePresence System MXP Series Software before F9.3.1 allows rem ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2156
+CVE-2014-2156 (Cisco TelePresence System MXP Series Software before F9.3.1 allows rem ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2155
+CVE-2014-2155 (The DHCPv6 server module in Cisco CNS Network Registrar 7.1 allows rem ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2154
+CVE-2014-2154 (Memory leak in the SIP inspection engine in Cisco Adaptive Security Ap ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2153
+CVE-2014-2153 (Multiple cross-site scripting (XSS) vulnerabilities in INSERT pages in ...)
 	NOT-FOR-US: Cisco Prime Infrastructure
-CVE-2014-2152
+CVE-2014-2152 (Cross-site request forgery (CSRF) vulnerability in the INSERT page in  ...)
 	NOT-FOR-US: Cisco Prime Infrastructure
-CVE-2014-2151
+CVE-2014-2151 (The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2014-2150
 	REJECTED
@@ -20456,130 +20456,130 @@ CVE-2014-2149
 	REJECTED
 CVE-2014-2148
 	RESERVED
-CVE-2014-2147
+CVE-2014-2147 (The web interface in Cisco Prime Infrastructure 2.1 and earlier does n ...)
 	NOT-FOR-US: Cisco Prime Infrastructure
-CVE-2014-2146
+CVE-2014-2146 (The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15 ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2145
+CVE-2014-2145 (Directory traversal vulnerability in the messaging API in Cisco Unity  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2144
+CVE-2014-2144 (Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2143
+CVE-2014-2143 (The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE al ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2142
+CVE-2014-2142 (Cisco ONS 15454 controller cards with software 10.0 and earlier allow  ...)
 	NOT-FOR-US: Cisco ONS
-CVE-2014-2141
+CVE-2014-2141 (The session-termination functionality on Cisco ONS 15454 controller ca ...)
 	NOT-FOR-US: Cisco ONS
-CVE-2014-2140
+CVE-2014-2140 (Cisco ONS 15454 controller cards with software 9.6 and earlier allow r ...)
 	NOT-FOR-US: Cisco ONS
-CVE-2014-2139
+CVE-2014-2139 (Cisco ONS 15454 controller cards with software 9.6 and earlier allow r ...)
 	NOT-FOR-US: Cisco ONS
-CVE-2014-2138
+CVE-2014-2138 (CRLF injection vulnerability in the web framework in Cisco Security Ma ...)
 	NOT-FOR-US: Cisco Security Manager
-CVE-2014-2137
+CVE-2014-2137 (CRLF injection vulnerability in the web framework in Cisco Web Securit ...)
 	NOT-FOR-US: Cisco Web Security Appliance
-CVE-2014-2136
+CVE-2014-2136 (Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-2135
+CVE-2014-2135 (Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-2134
+CVE-2014-2134 (Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) playe ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-2133
+CVE-2014-2133 (Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-2132
+CVE-2014-2132 (Cisco WebEx Recording Format (WRF) player and Advanced Recording Forma ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2014-2131
+CVE-2014-2131 (The packet driver in Cisco IOS allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-2130
+CVE-2014-2130 (Cisco Secure Access Control Server (ACS) provides an unintentional adm ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2129
+CVE-2014-2129 (The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) S ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2128
+CVE-2014-2128 (The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA)  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2127
+CVE-2014-2127 (Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2126
+CVE-2014-2126 (Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47), ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2125
+CVE-2014-2125 (Cross-site scripting (XSS) vulnerability in the Web Inbox in Cisco Uni ...)
 	NOT-FOR-US: Cisco Unity Connection Server
-CVE-2014-2124
+CVE-2014-2124 (Cisco IOS 15.1(2)SY3 and earlier, when used with Supervisor Engine 2T  ...)
 	NOT-FOR-US: Cisco
 CVE-2014-2123
 	RESERVED
-CVE-2014-2122
+CVE-2014-2122 (Memory leak in the GUI in the Impact server in Cisco Hosted Collaborat ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2121
+CVE-2014-2121 (The Java-based software in Cisco Hosted Collaboration Solution (HCS) a ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2120
+CVE-2014-2120 (Cross-site scripting (XSS) vulnerability in the WebVPN login page in C ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-2119
+CVE-2014-2119 (The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS So ...)
 	NOT-FOR-US: Cisco AsyncOS
-CVE-2014-2118
+CVE-2014-2118 (Multiple cross-site scripting (XSS) vulnerabilities in dashboard-relat ...)
 	NOT-FOR-US: Cisco PRSM
-CVE-2014-2117
+CVE-2014-2117 (Multiple open redirect vulnerabilities in Cisco Emergency Responder (E ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2116
+CVE-2014-2116 (Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2115
+CVE-2014-2115 (Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserS ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2114
+CVE-2014-2114 (Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emerg ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2113
+CVE-2014-2113 (Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-2112
+CVE-2014-2112 (The SSL VPN (aka WebVPN) feature in Cisco IOS 15.1 through 15.4 allows ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-2111
+CVE-2014-2111 (The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 1 ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2014-2110
 	RESERVED
-CVE-2014-2109
+CVE-2014-2109 (The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 1 ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-2108
+CVE-2014-2108 (Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-2107
+CVE-2014-2107 (Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-2106
+CVE-2014-2106 (Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S all ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2014-2105
 	RESERVED
-CVE-2014-2104
+CVE-2014-2104 (Multiple cross-site scripting (XSS) vulnerabilities in the Business Vo ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2014-2103
+CVE-2014-2103 (Cisco Intrusion Prevention System (IPS) Software allows remote attacke ...)
 	NOT-FOR-US: Cisco Intrusion Prevention System
-CVE-2014-2102
+CVE-2014-2102 (Cisco Unified Contact Center Express (Unified CCX) does not properly r ...)
 	NOT-FOR-US: Cisco Unified Contact Center Express
 CVE-2014-2101
 	RESERVED
 CVE-2014-2100
 	RESERVED
-CVE-2014-2099
+CVE-2014-2099 (The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: [Anton] appears to not be present in any version of libav
-CVE-2014-2098
+CVE-2014-2098 (libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect d ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:10.4-1
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=849b9d34 (master)
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=6be5a3c0 (release/10)
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=36d8914f (release/9)
-CVE-2014-2097
+CVE-2014-2097 (The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before  ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: [Anton] appears to not be present in any version of libav
-CVE-2014-2092
+CVE-2014-2092 (Cross-site scripting (XSS) vulnerability in lib/filemanager/ImageManag ...)
 	- cmsms <itp> (bug #608888)
-CVE-2014-2091
+CVE-2014-2091 (Cross-site scripting (XSS) vulnerability in mods/_standard/forums/admi ...)
 	NOT-FOR-US: ATutor
-CVE-2014-2090
+CVE-2014-2090 (Multiple cross-site scripting (XSS) vulnerabilities in ilias.php in IL ...)
 	NOT-FOR-US: ILIAS
-CVE-2014-2089
+CVE-2014-2089 (ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via  ...)
 	NOT-FOR-US: ILIAS
-CVE-2014-2088
+CVE-2014-2088 (Unrestricted file upload vulnerability in ilias.php in ILIAS 4.4.1 all ...)
 	NOT-FOR-US: ILIAS
-CVE-2014-2087
+CVE-2014-2087 (Stack-based buffer overflow in the CDownloads_Deleted::UpdateDownload  ...)
 	NOT-FOR-US: Free Download Manager
-CVE-2014-2285
+CVE-2014-2285 (The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs i ...)
 	- net-snmp 5.7.2.1~dfsg-3 (unimportant)
 	[wheezy] - net-snmp 5.4.3~dfsg-2.8+deb7u1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1072044
@@ -20588,7 +20588,7 @@ CVE-2014-2285
 	NOTE: unimportant since it only segfaults with older Perl version
 	NOTE: http://www.nntp.perl.org/group/perl.perl5.porters/2006/09/msg116250.html
 	NOTE: http://perl5.git.perl.org/perl.git/commitdiff/ddfa59c
-CVE-2014-2284
+CVE-2014-2284 (The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2. ...)
 	- net-snmp 5.7.2.1~dfsg-3 (bug #742817)
 	[wheezy] - net-snmp <not-affected> (Only affects code from 5.5 through 5.7.2)
 	[squeeze] - net-snmp <not-affected> (Only affects code from 5.5 through 5.7.2)
@@ -20599,7 +20599,7 @@ CVE-2014-XXXX [buffer overflow]
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
 	[wheezy] - mp3gain <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/p/mp3gain/bugs/36/
-CVE-2014-2270
+CVE-2014-2270 (softmagic.c in file before 5.17 and libmagic allows context-dependent  ...)
 	{DSA-2943-1 DSA-2873-1 DLA-145-1}
 	- file 1:5.17-1
 	NOTE: http://bugs.gw.com/view.php?id=313
@@ -20608,34 +20608,34 @@ CVE-2014-2270
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
 CVE-2014-5795
 	REJECTED
-CVE-2014-2245
+CVE-2014-2245 (SQL injection vulnerability in the News module in CMS Made Simple (CMS ...)
 	- cmsms <itp> (bug #608888)
-CVE-2014-2244
+CVE-2014-2244 (Cross-site scripting (XSS) vulnerability in the formatHTML function in ...)
 	- mediawiki <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=61362
 	NOTE: https://gerrit.wikimedia.org/r/#/q/Idf985e4e69c2f11778a8a90503914678441cb3fb,n,z
-CVE-2014-2243
+CVE-2014-2243 (includes/User.php in MediaWiki before 1.19.12, 1.20.x and 1.21.x befor ...)
 	- mediawiki 1:1.19.12+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=61346
 	NOTE: https://gerrit.wikimedia.org/r/#/q/I2a9e89120f7092015495e638c6fa9f67adc9b84f,n,z
-CVE-2014-2242
+CVE-2014-2242 (includes/upload/UploadBase.php in MediaWiki before 1.19.12, 1.20.x and ...)
 	- mediawiki 1:1.19.12+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=60771
 	NOTE: https://gerrit.wikimedia.org/r/#/q/7d923a6b53f7fbcb0cbc3a19797d741bf6f440eb,n,z
-CVE-2014-2238
+CVE-2014-2238 (SQL injection vulnerability in the manage configuration page (adm_conf ...)
 	- mantis <removed>
 	[wheezy] - mantis <not-affected> (Introduced in 1.2.13)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17055
-CVE-2014-2237
+CVE-2014-2237 (The memcache token backend in OpenStack Identity (Keystone) 2013.1 thr ...)
 	- keystone 2013.2.3-1
 	[wheezy] - keystone <no-dsa> (Minor issue)
 	NOTE: https://launchpad.net/bugs/1260080
-CVE-2014-2236
+CVE-2014-2236 (Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0 ...)
 	- askbot <itp> (bug #687966)
-CVE-2014-2235
+CVE-2014-2235 (Cross-site scripting (XSS) vulnerability in Askbot before 0.7.49 allow ...)
 	- askbot <itp> (bug #687966)
 CVE-2014-2214
 	RESERVED
@@ -20643,25 +20643,25 @@ CVE-2014-2214
 CVE-2014-2213
 	RESERVED
 	NOT-FOR-US: POSH web app (different from src:posh)
-CVE-2014-2212
+CVE-2014-2212 (The remember me feature in portal/scr_authentif.php in POSH (aka Posh  ...)
 	NOT-FOR-US: POSH web app (different from src:posh)
-CVE-2014-2211
+CVE-2014-2211 (SQL injection vulnerability in portal/addtoapplication.php in POSH (ak ...)
 	NOT-FOR-US: POSH web app (different from src:posh)
-CVE-2014-2206
+CVE-2014-2206 (Stack-based buffer overflow in GetGo Download Manager 4.9.0.1982, 4.8. ...)
 	NOT-FOR-US: GetGo Download Manager
-CVE-2014-2096
+CVE-2014-2096 (Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0 all ...)
 	- catfish 1.0.1-1 (low; bug #739958)
 	[squeeze] - catfish 0.3.2-1+deb6u1
 	[wheezy] - catfish 0.3.2-2+deb7u1
-CVE-2014-2095
+CVE-2014-2095 (Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, wh ...)
 	- catfish 1.0.1-1 (low; bug #739958)
 	[squeeze] - catfish 0.3.2-1+deb6u1
 	[wheezy] - catfish 0.3.2-2+deb7u1
-CVE-2014-2094
+CVE-2014-2094 (Untrusted search path vulnerability in Catfish through 0.4.0.3, when a ...)
 	- catfish 1.0.1-1 (low; bug #739958)
 	[squeeze] - catfish 0.3.2-1+deb6u1
 	[wheezy] - catfish 0.3.2-2+deb7u1
-CVE-2014-2093
+CVE-2014-2093 (Untrusted search path vulnerability in Catfish through 0.4.0.3 allows  ...)
 	- catfish 1.0.1-1 (low; bug #739958)
 	[squeeze] - catfish 0.3.2-1+deb6u1
 	[wheezy] - catfish 0.3.2-2+deb7u1
@@ -20669,87 +20669,87 @@ CVE-2014-2086
 	RESERVED
 CVE-2014-2085
 	REJECTED
-CVE-2014-2084
+CVE-2014-2084 (Skybox View Appliances with ISO 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54, ...)
 	NOT-FOR-US: Skybox View Appliances
 CVE-2014-2083
 	RESERVED
 CVE-2014-2082
 	RESERVED
-CVE-2014-2081
+CVE-2014-2081 (Multiple SQL injection vulnerabilities in the login in web_reports/cgi ...)
 	NOT-FOR-US: Innovative vtls-Virtua
-CVE-2014-2080
+CVE-2014-2080 (Cross-site scripting (XSS) vulnerability in manager/templates/default/ ...)
 	NOT-FOR-US: MODx Revolution
-CVE-2014-2079
+CVE-2014-2079 (X File Explorer (aka xfe) might allow local users to bypass intended a ...)
 	- xfe 1.37-2 (bug #739536)
 	[wheezy] - xfe <no-dsa> (Minor issue)
 	[squeeze] - xfe <no-dsa> (Minor issue)
-CVE-2014-2078
+CVE-2014-2078 (The backend in Open-Xchange (OX) AppSuite 7.4.2 before 7.4.2-rev9 allo ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2014-2077
+CVE-2014-2077 (Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchan ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2014-2076
 	RESERVED
-CVE-2014-2075
+CVE-2014-2075 (TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK  ...)
 	NOT-FOR-US: TIBCO Enterprise Administrator
 CVE-2014-2074
 	RESERVED
-CVE-2014-2073
+CVE-2014-2073 (Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allow ...)
 	NOT-FOR-US: Dassault Systemes Catia
 CVE-2014-2072
 	RESERVED
 	NOT-FOR-US: Dassault Systemes Catia
-CVE-2014-2071
+CVE-2014-2071 (Aruba Networks ClearPass Policy Manager 6.1.x, 6.2.x before 6.2.5.6164 ...)
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
 CVE-2014-2070
 	RESERVED
-CVE-2014-2069
+CVE-2014-2069 (Absolute path traversal vulnerability in Eshtery CMS allows remote att ...)
 	NOT-FOR-US: Eshtery CMS
-CVE-2014-2068
+CVE-2014-2068 (The doIndex function in hudson/util/RemotingDiagnostics.java in CloudB ...)
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/0530a6645aac10fec005614211660e98db44b5eb
-CVE-2014-2067
+CVE-2014-2067 (Cross-site scripting (XSS) vulnerability in java/hudson/model/Cause.ja ...)
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/5d57c855f3147bfc5e7fda9252317b428a700014
-CVE-2014-2066
+CVE-2014-2066 (Session fixation vulnerability in Jenkins before 1.551 and LTS before  ...)
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/8ac74c350779921598f9d5edfed39dd35de8842a
-CVE-2014-2065
+CVE-2014-2065 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.551 and L ...)
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/a0b00508eeb74d7033dc4100eb382df4e8fa72e7
-CVE-2014-2064
+CVE-2014-2064 (The loadUserByUsername function in hudson/security/HudsonPrivateSecuri ...)
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/fbf96734470caba9364f04e0b77b0bae7293a1ec
-CVE-2014-2063
+CVE-2014-2063 (Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to ...)
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/16931bd7bf7560e26ef98328b8e95e803d0e90f6
-CVE-2014-2062
+CVE-2014-2062 (Jenkins before 1.551 and LTS before 1.532.2 does not invalidate the AP ...)
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/5548b5220cfd496831b5721124189ff18fbb12a3
-CVE-2014-2061
+CVE-2014-2061 (The input control in PasswordParameterDefinition in Jenkins before 1.5 ...)
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/bf539198564a1108b7b71a973bf7de963a6213ef
-CVE-2014-2060
+CVE-2014-2060 (The Winstone servlet container in Jenkins before 1.551 and LTS before  ...)
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/29351af4bd01f61715418916fc12c52be46bd9b0
-CVE-2014-2059
+CVE-2014-2059 (Directory traversal vulnerability in the CLI job creation (hudson/cli/ ...)
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/ad38d8480f20ce3cbf8fec3e2003bc83efda4f7d
-CVE-2014-2058
+CVE-2014-2058 (BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows rem ...)
 	- jenkins 1.565.2-1 (bug #739067)
 	NOTE: https://github.com/jenkinsci/jenkins/commit/b6b2a367a7976be80a799c6a49fa6c58d778b50e
-CVE-2014-2057
+CVE-2014-2057 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
 	- owncloud 6.0.2+dfsg-1
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-007/
-CVE-2014-2056
+CVE-2014-2056 (PHPDocX, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0 ...)
 	- owncloud 6.0.2+dfsg-1
 	- phpdocx 3.0+dfsg-2
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
-CVE-2014-2055
+CVE-2014-2055 (SabreDAV before 1.7.11, as used in ownCloud Server before 5.0.15 and 6 ...)
 	- owncloud 6.0.2+dfsg-1
 	- php-sabredav 1.7.11+dfsg-1
 	NOTE: https://github.com/fruux/sabre-dav/releases/tag/1.7.11
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
-CVE-2014-2054
+CVE-2014-2054 (PHPExcel before 1.8.0, as used in ownCloud Server before 5.0.15 and 6. ...)
 	- owncloud 6.0.2+dfsg-1
 	- dolibarr 3.5.3+dfsg1-1
 	- moodle 2.7.5+dfsg-3 (bug #775842)
@@ -20759,7 +20759,7 @@ CVE-2014-2054
 	NOTE: owncloud does not mention details
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
 	NOTE: https://github.com/PHPOffice/PHPExcel/blob/develop/changelog.txt
-CVE-2014-2053
+CVE-2014-2053 (getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6. ...)
 	{DSA-3001-1 DLA-56-1}
 	- owncloud 6.0.2+dfsg-1
 	- php-getid3 1.9.7-2
@@ -20775,31 +20775,31 @@ CVE-2014-2052
 	NOTE: owncloud advisory does not mention details for ZendFramework
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
 	NOTE: The reference wrt zendframework is for CVE-2012-6532
-CVE-2014-2051
+CVE-2014-2051 (ownCloud Server before 5.0.15 and 6.0.x before 6.0.2 allows remote att ...)
 	- owncloud 6.0.2+dfsg-1
 CVE-2014-2050
 	RESERVED
-CVE-2014-2049
+CVE-2014-2049 (The default Flash Cross Domain policies in ownCloud before 5.0.15 and  ...)
 	- owncloud 6.0.0+dfsg-1
-CVE-2014-2048
+CVE-2014-2048 (The user_openid app in ownCloud Server before 5.0.15 allows remote att ...)
 	- owncloud <removed>
-CVE-2014-2047
+CVE-2014-2047 (Session fixation vulnerability in ownCloud before 6.0.2, when PHP is c ...)
 	- owncloud 6.0.2+dfsg-1
-CVE-2014-2046
+CVE-2014-2046 (cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 r ...)
 	NOT-FOR-US: Broadcom Ltd PIPA C211
-CVE-2014-2045
+CVE-2014-2045 (Multiple cross-site scripting (XSS) vulnerabilities in the old and new ...)
 	NOT-FOR-US: Viprinet
-CVE-2014-2044
+CVE-2014-2044 (Incomplete blacklist vulnerability in ajax/upload.php in ownCloud befo ...)
 	- owncloud <not-affected> (Windows-specific)
-CVE-2014-2043
+CVE-2014-2043 (SQL injection vulnerability in Resources/System/Templates/Data.aspx in ...)
 	NOT-FOR-US: Procentia IntelliPen
-CVE-2014-2042
+CVE-2014-2042 (Unrestricted file upload vulnerability in the Manage Project functiona ...)
 	NOT-FOR-US: Livetecs Timelive
 CVE-2014-2041
 	RESERVED
-CVE-2014-2040
+CVE-2014-2040 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) callbac ...)
 	NOT-FOR-US: WordPress plugin MediaFileRenamer
-CVE-2014-2038
+CVE-2014-2038 (The nfs_can_extend_write function in fs/nfs/write.c in the Linux kerne ...)
 	- linux 3.13.4-1
 	[wheezy] - linux <not-affected> (Introduced in 3.11)
 	- linux-2.6 <not-affected> (Introduced in 3.11)
@@ -20807,39 +20807,39 @@ CVE-2014-2038
 	NOTE: Fixed by https://git.kernel.org/linus/263b4509ec4d47e0da3e753f85a39ea12d1eff24
 CVE-2014-2036
 	RESERVED
-CVE-2014-2035
+CVE-2014-2035 (Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web C ...)
 	NOT-FOR-US: InterWorx Web Control Panel
-CVE-2014-2034
+CVE-2014-2034 (Unspecified vulnerability in Sonatype Nexus OSS and Pro 2.4.0 through  ...)
 	NOT-FOR-US: Sonatype Nexus OSS
-CVE-2014-2033
+CVE-2014-2033 (The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, ...)
 	NOT-FOR-US: Blue Coat ProxySG
 CVE-2014-2028
 	RESERVED
-CVE-2014-2026
+CVE-2014-2026 (Cross-site scripting (XSS) vulnerability in the search functionality i ...)
 	NOT-FOR-US: Intrexx
 CVE-2014-2025
 	RESERVED
 	NOT-FOR-US: Intrexx
-CVE-2014-2024
+CVE-2014-2024 (Cross-site scripting (XSS) vulnerability in classes/controller/error.p ...)
 	NOT-FOR-US: Open Classifieds
-CVE-2014-2023
+CVE-2014-2023 (Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 an ...)
 	NOT-FOR-US: vBulletin
-CVE-2014-2022
+CVE-2014-2022 (SQL injection vulnerability in includes/api/4/breadcrumbs_create.php i ...)
 	NOT-FOR-US: vBulletin
-CVE-2014-2021
+CVE-2014-2021 (Cross-site scripting (XSS) vulnerability in admincp/apilog.php in vBul ...)
 	NOT-FOR-US: vBulletin
-CVE-2014-2020
+CVE-2014-2020 (ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which ...)
 	- php5 5.5.9+dfsg-1
 	[wheezy] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
-CVE-2014-2019
+CVE-2014-2019 (The iCloud subsystem in Apple iOS before 7.1 allows physically proxima ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-2018
+CVE-2014-2018 (Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x t ...)
 	- icedove 24.2.0-1
 	[squeeze] - icedove <end-of-life>
-CVE-2014-2017
+CVE-2014-2017 (CRLF injection vulnerability in OXID eShop Professional Edition before ...)
 	NOT-FOR-US: OXID eShop
-CVE-2014-2016
+CVE-2014-2016 (Multiple cross-site scripting (XSS) vulnerabilities in OXID eShop Prof ...)
 	NOT-FOR-US: OXID eShop
 CVE-2014-2012
 	RESERVED
@@ -20847,111 +20847,111 @@ CVE-2014-2011
 	RESERVED
 CVE-2014-2010
 	RESERVED
-CVE-2014-2009
+CVE-2014-2009 (The mPAY24 payment module before 1.6 for PrestaShop allows remote atta ...)
 	NOT-FOR-US: mPAY24 payment module for PrestaShop
-CVE-2014-2008
+CVE-2014-2008 (SQL injection vulnerability in confirm.php in the mPAY24 payment modul ...)
 	NOT-FOR-US: mPAY24 payment module for PrestaShop
 CVE-2014-2007
 	RESERVED
-CVE-2014-2006
+CVE-2014-2006 (Cross-site scripting (XSS) vulnerability in Intercom Web Kyukincho 3.x ...)
 	NOT-FOR-US: Intercom Web Kyukincho
-CVE-2014-2005
+CVE-2014-2005 (Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5. ...)
 	NOT-FOR-US: Sophos Enterprise Console
-CVE-2014-2004
+CVE-2014-2004 (The PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 routers 1.00 thro ...)
 	NOT-FOR-US: SEIL routers
-CVE-2014-2003
+CVE-2014-2003 (JustSystems JUST Online Update, as used in Ichitaro through 2014 and o ...)
 	NOT-FOR-US: JustSystems Ichitaro
-CVE-2014-2002
+CVE-2014-2002 (Cross-site scripting (XSS) vulnerability in C-BOARD Moyuku 1.01b6 and  ...)
 	NOT-FOR-US: C-BOARD Moyuku
-CVE-2014-2001
+CVE-2014-2001 (The East Japan Railway Company JR East Japan application before 1.2.0  ...)
 	NOT-FOR-US: Android application for East Japan Railway Company
-CVE-2014-2000
+CVE-2014-2000 (The NTT 050 plus application before 4.2.1 for Android allows attackers ...)
 	NOT-FOR-US: NTT application for Android
-CVE-2014-1999
+CVE-2014-1999 (The auto-format feature in the Request_Curl class in FuelPHP 1.1 throu ...)
 	NOT-FOR-US: FuelPHP
-CVE-2014-1998
+CVE-2014-1998 (Cross-site scripting (XSS) vulnerability in Nippon Institute of Agroin ...)
 	NOT-FOR-US: SOY CMS
-CVE-2014-1997
+CVE-2014-1997 (The ATEN CN8000 remote-access unit with firmware 1.6.154 and earlier a ...)
 	NOT-FOR-US: ATEN IP KVM Switch
-CVE-2014-1996
+CVE-2014-1996 (Cybozu Garoon 3.7 before SP4 allows remote authenticated users to bypa ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1995
+CVE-2014-1995 (Cross-site scripting (XSS) vulnerability in the Map search functionali ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1994
+CVE-2014-1994 (Cross-site scripting (XSS) vulnerability in the Notices portlet in Cyb ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1993
+CVE-2014-1993 (The Portlets subsystem in Cybozu Garoon 2.x and 3.x before 3.7 SP4 all ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1992
+CVE-2014-1992 (Cross-site scripting (XSS) vulnerability in the Messages functionality ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1991
+CVE-2014-1991 (Open redirect vulnerability in WebPlatform / AppFramework 6.0 through  ...)
 	NOT-FOR-US: NTT DATA INTRAMART
-CVE-2014-1990
+CVE-2014-1990 (Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the  ...)
 	NOT-FOR-US: TOSHIBA TEC e-Studio
-CVE-2014-1989
+CVE-2014-1989 (Cybozu Garoon 3.0 through 3.7 SP3 allows remote authenticated users to ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1988
+CVE-2014-1988 (The Phone Messages feature in Cybozu Garoon 2.0.0 through 3.7 SP2 allo ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1987
+CVE-2014-1987 (The CGI component in Cybozu Garoon 3.1.0 through 3.7 SP3 allows remote ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-1986
+CVE-2014-1986 (The Content Provider in the KOKUYO CamiApp application 1.21.1 and earl ...)
 	NOT-FOR-US: KOKUYO CamiApp application
-CVE-2014-1984
+CVE-2014-1984 (Session fixation vulnerability in the management screen in Cybozu Remo ...)
 	NOT-FOR-US: Cybozu Remote Service Manager
-CVE-2014-1983
+CVE-2014-1983 (Unspecified vulnerability in Cybozu Remote Service Manager through 2.3 ...)
 	NOT-FOR-US: Cybozu Remote Service Manager
-CVE-2014-1982
+CVE-2014-1982 (The administrative interface in Allied Telesis AT-RG634A ADSL Broadban ...)
 	NOT-FOR-US: Allied Telesis AT-RG634A ADSL Broadband router
 CVE-2014-1981
 	REJECTED
-CVE-2014-1980
+CVE-2014-1980 (Cross-site scripting (XSS) vulnerability in include/functions_metadata ...)
 	- piwigo <removed> (low)
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2014-1979
+CVE-2014-1979 (The NTT DOCOMO sp mode mail application 5900 through 6300 for Android  ...)
 	NOT-FOR-US: NTT DOCOMO mail app
-CVE-2014-1978
+CVE-2014-1978 (The application link interface in the NTT DOCOMO sp mode mail applicat ...)
 	NOT-FOR-US: NTT DOCOMO mail app
-CVE-2014-1977
+CVE-2014-1977 (The NTT DOCOMO sp mode mail application 6300 and earlier for Android 4 ...)
 	NOT-FOR-US: NTT DOCOMO mail app
-CVE-2014-1976
+CVE-2014-1976 (The Demaecan application 2.1.0 and earlier for Android does not verify ...)
 	NOT-FOR-US: Demaecan Android app
-CVE-2014-1975
+CVE-2014-1975 (Directory traversal vulnerability in the R-Company Unzipper applicatio ...)
 	NOT-FOR-US: Unzipper Android app
-CVE-2014-1974
+CVE-2014-1974 (Directory traversal vulnerability in the LYSESOFT AndExplorer applicat ...)
 	NOT-FOR-US: LYSESOFT
-CVE-2014-1973
+CVE-2014-1973 (Directory traversal vulnerability in the NextApp File Explorer applica ...)
 	NOT-FOR-US: NextApp File Explorer application for Android
-CVE-2014-1972
+CVE-2014-1972 (Apache Tapestry before 5.3.6 relies on client-side object storage with ...)
 	NOT-FOR-US: Apache Tapestry
-CVE-2014-1971
+CVE-2014-1971 (Cross-site scripting (XSS) vulnerability in Silex before 2.0.0 allows  ...)
 	NOT-FOR-US: Silex
-CVE-2014-1970
+CVE-2014-1970 (Directory traversal vulnerability in the ES File Explorer File Manager ...)
 	NOT-FOR-US: ES File Explorer File Manager for Android
-CVE-2014-1969
+CVE-2014-1969 (Directory traversal vulnerability in the apps4u@android SD Card Manage ...)
 	NOT-FOR-US: apps4u@android SD Card Manager application
-CVE-2014-1968
+CVE-2014-1968 (Cross-site scripting (XSS) vulnerability in the XooNIps module 3.47 an ...)
 	NOT-FOR-US: XooNIps module for XOOPS
-CVE-2014-1967
+CVE-2014-1967 (The Denny's application before 2.0.1 for Android does not verify X.509 ...)
 	NOT-FOR-US: Denny's application for Android
-CVE-2014-1966
+CVE-2014-1966 (The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 ...)
 	NOT-FOR-US: Siemens RuggedCom ROS
-CVE-2014-1965
+CVE-2014-1965 (Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integ ...)
 	NOT-FOR-US: SAP Exchange Infrastructure
-CVE-2014-1964
+CVE-2014-1964 (Cross-site scripting (XSS) vulnerability in the Integration Repository ...)
 	NOT-FOR-US: SAP Exchange Infrastructure
-CVE-2014-1963
+CVE-2014-1963 (Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allo ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-1962
+CVE-2014-1962 (Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: SAP CRM
-CVE-2014-1961
+CVE-2014-1961 (Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver all ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-1960
+CVE-2014-1960 (The Solution Manager in SAP NetWeaver does not properly restrict acces ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2014-1957
+CVE-2014-1957 (FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to  ...)
 	NOT-FOR-US: FortiGuard FortiWeb
-CVE-2014-1956
+CVE-2014-1956 (CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 allow ...)
 	NOT-FOR-US: FortiGuard FortiWeb
-CVE-2014-1955
+CVE-2014-1955 (Cross-site scripting (XSS) vulnerability in FortiGuard FortiWeb before ...)
 	NOT-FOR-US: FortiGuard FortiWeb
 CVE-2014-1954
 	RESERVED
@@ -20961,34 +20961,34 @@ CVE-2014-1952
 	RESERVED
 CVE-2014-1951
 	RESERVED
-CVE-2014-1946
+CVE-2014-1946 (OpenDocMan 1.2.7 and earlier does not properly validate allowed action ...)
 	NOT-FOR-US: OpenDocMan
-CVE-2014-1945
+CVE-2014-1945 (SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7 ...)
 	NOT-FOR-US: OpenDocMan
-CVE-2014-1944
+CVE-2014-1944 (Cross-site scripting (XSS) vulnerability in Ilch CMS 2.0 and earlier a ...)
 	NOT-FOR-US: Ilch CMS
-CVE-2014-1942
+CVE-2014-1942 (Cross-site scripting (XSS) vulnerability in aal/loginverification.aspx ...)
 	NOT-FOR-US: Pearson eSIS Enterprise Student Information System
 CVE-2014-1941
 	RESERVED
 CVE-2014-1940
 	RESERVED
-CVE-2014-1931
+CVE-2014-1931 (The user login page in Visibility Software Cyber Recruiter before 8.1. ...)
 	NOT-FOR-US: Visibility Software Cyber Recruiter
-CVE-2014-1930
+CVE-2014-1930 (Visibility Software Cyber Recruiter before 8.1.00 does not use the app ...)
 	NOT-FOR-US: Visibility Software Cyber Recruiter
-CVE-2014-2039
+CVE-2014-2039 (arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s39 ...)
 	{DSA-2906-1}
 	- linux 3.13.5-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/linus/8d7f6690cedb83456edd41c9bd583783f0703bf0
-CVE-2014-2037
+CVE-2014-2037 (Openswan 2.6.40 allows remote attackers to cause a denial of service ( ...)
 	- openswan <not-affected> (Incomplete fix was never applied)
-CVE-2014-2032
+CVE-2014-2032 (Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS befo ...)
 	- maradns <not-affected> (Deadwood resolver not enabled)
 	NOTE: https://github.com/samboy/MaraDNS/commit/2cfcd2397cb8168d4aa4594839fabe88420d03c3
-CVE-2014-2031
+CVE-2014-2031 (Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS befo ...)
 	- maradns <not-affected> (Deadwood resolver not enabled)
 	NOTE: https://github.com/samboy/MaraDNS/commit/f015495d221f1c2b2f10db38e87cecf3839d6093
 CVE-2014-2030
@@ -20997,21 +20997,21 @@ CVE-2014-2030
 	- imagemagick 8:6.7.7.10+dfsg-1 (bug #740250)
 	[squeeze] - imagemagick <not-affected> (CVE only for versions with r1448 applied)
 	NOTE: for the issue in newer imagemagick versions using "L%06ld" string.
-CVE-2014-2029
+CVE-2014-2029 (The automatic version check functionality in the tools in Percona Tool ...)
 	- percona-toolkit 2.2.7-1~dfsg1 (bug #740846)
 	[wheezy] - percona-toolkit <not-affected> (version-check introduced in 2.1.4)
 	- percona-xtrabackup 2.2.3-1 (bug #751377)
-CVE-2014-2027
+CVE-2014-2027 (eGroupware before 1.8.006.20140217 allows remote attackers to conduct  ...)
 	- egroupware <removed>
-CVE-2014-2015
+CVE-2014-2015 (Stack-based buffer overflow in the normify function in the rlm_pap mod ...)
 	{DLA-977-1}
 	- freeradius 2.2.5+dfsg-0.1 (low; bug #742820)
 	[squeeze] - freeradius <no-dsa> (Minor issue)
 	NOTE: http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/0d606cfc29a.patch
-CVE-2014-2014
+CVE-2014-2014 (imapsync before 1.584, when running with the --tls option, attempts a  ...)
 	- imapsync <removed>
-CVE-2014-1959
+CVE-2014-1959 (lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 trea ...)
 	{DSA-2866-1}
 	- gnutls26 2.12.23-12
 	[squeeze] - gnutls26 <not-affected> (does not allow X.509 v1 certificates by default)
@@ -21025,11 +21025,11 @@ CVE-2014-1958 [PSD Images Processing RLE Decoding Buffer Overflow Vulnerability]
 	[squeeze] - imagemagick <not-affected> (DecodePSDPixels function is not present)
 	NOTE: squeeze: DecodePSDPixels not present but there was a rewrite from DecodeImage?
 	NOTE: http://secunia.com/advisories/56844/
-CVE-2014-1950
+CVE-2014-1950 (Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen ...)
 	{DSA-3006-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <not-affected> (Xen 4.1 onwards affected)
-CVE-2014-1949
+CVE-2014-1949 (GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screen ...)
 	- gtk+3.0 3.11.8-1
 	[wheezy] - gtk+3.0 <not-affected> (Only affects GTK+ 3.10.9 and later)
 	- gtk+2.0 <not-affected> (Only affects GTK+ 3.10.9 and later)
@@ -21038,7 +21038,7 @@ CVE-2014-1949
 	NOTE: https://git.gnome.org/browse/gtk+/commit/?id=1691bb741d50c90ee938f0b73fe81b0ca9bfd6d4
 	NOTE: The CVE was originally assigned specifically for cinnamon-screensaver, but the underlying fix lies in gtk+3.0
 	NOTE: and later MITRE assigned the CVE to GTK+ 3.10.9 and later, see official MITRE CVE description.
-CVE-2014-1948
+CVE-2014-1948 (OpenStack Image Registry and Delivery Service (Glance) 2013.2 through  ...)
 	- glance 2013.2.2-1 (bug #738924)
 	[wheezy] - glance <not-affected> (Only affects Havana)
 	NOTE: https://launchpad.net/bugs/1275062
@@ -21050,14 +21050,14 @@ CVE-2014-1947 [Buffer overflow vulnerability]
 	- graphicsmagick 1.3.20-1 (unimportant)
 	NOTE: for graphicsmagick: https://bugzilla.redhat.com/show_bug.cgi?id=1064098#c13
 	NOTE: Rendered non-exploitable by fortified source for graphicsmagick
-CVE-2014-1943
+CVE-2014-1943 (Fine Free file before 5.17 allows context-dependent attackers to cause ...)
 	{DSA-2868-1 DSA-2861-1}
 	- file 1:5.17-0.1 (bug #738832)
 	NOTE: http://mx.gw.com/pipermail/file/2014/001337.html
 	NOTE: https://github.com/glensc/file/commit/3c081560c23f20b2985c285338b52c7aae9fdb0f
 	NOTE: https://github.com/glensc/file/commit/cc9e74dfeca5265ad725acc926ef0b8d2a18ee70
 	- php5 5.5.10+dfsg-1 (bug #739012)
-CVE-2014-1929
+CVE-2014-1929 (python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to hav ...)
 	{DSA-2946-1}
 	- python-gnupg 0.3.6-1 (bug #738509)
 CVE-2014-1926
@@ -21070,39 +21070,39 @@ CVE-2014-1918
 	RESERVED
 CVE-2014-1917
 	RESERVED
-CVE-2014-1916
+CVE-2014-1916 (The (1) opus_packet_get_nb_frames and (2) opus_packet_get_samples_per_ ...)
 	NOT-FOR-US: MumbleKit / Mumble for iOS
-CVE-2014-1915
+CVE-2014-1915 (Multiple cross-site request forgery (CSRF) vulnerabilities in Command  ...)
 	NOT-FOR-US: Command School Student Management System
-CVE-2014-1914
+CVE-2014-1914 (Multiple cross-site scripting (XSS) vulnerabilities in Command School  ...)
 	NOT-FOR-US: Command School Student Management System
 CVE-2014-1913
 	RESERVED
-CVE-2014-1911
+CVE-2014-1911 (The Foscam FI8910W camera with firmware before 11.37.2.55 allows remot ...)
 	NOT-FOR-US: Foscam camera
-CVE-2014-1910
+CVE-2014-1910 (Citrix ShareFile Mobile and ShareFile Mobile for Tablets before 2.4.4  ...)
 	NOT-FOR-US: Citrix ShareFile Mobile
-CVE-2014-1908
+CVE-2014-1908 (The error-handling feature in (1) bp.php, (2) videowhisper_streaming.p ...)
 	NOT-FOR-US: VideoWhisper Live Streaming Integration plugin for WordPress
-CVE-2014-1907
+CVE-2014-1907 (Multiple directory traversal vulnerabilities in the VideoWhisper Live  ...)
 	NOT-FOR-US: VideoWhisper Live Streaming Integration plugin for WordPress
-CVE-2014-1906
+CVE-2014-1906 (Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhispe ...)
 	NOT-FOR-US: VideoWhisper Live Streaming Integration plugin for WordPress
-CVE-2014-1905
+CVE-2014-1905 (Unrestricted file upload vulnerability in ls/vw_snapshots.php in the V ...)
 	NOT-FOR-US: VideoWhisper Live Streaming Integration plugin for WordPress
-CVE-2014-1904
+CVE-2014-1904 (Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/Form ...)
 	{DSA-2890-1}
 	- libspring-java 3.0.6.RELEASE-13 (bug #741604)
 	NOTE: http://www.gopivotal.com/security/cve-2014-1904
-CVE-2014-1903
+CVE-2014-1903 (admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.1 ...)
 	NOT-FOR-US: FreePBX
-CVE-2014-1902
+CVE-2014-1902 (Multiple cross-site scripting (XSS) vulnerabilities in Y-Cam camera mo ...)
 	NOT-FOR-US: Y-Cam cameras
-CVE-2014-1901
+CVE-2014-1901 (Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB00 ...)
 	NOT-FOR-US: Y-Cam cameras
-CVE-2014-1900
+CVE-2014-1900 (Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB00 ...)
 	NOT-FOR-US: Y-Cam cameras
-CVE-2014-1899
+CVE-2014-1899 (Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway ( ...)
 	NOT-FOR-US: Citrix NetScaler Gateway
 CVE-2014-1898
 	RESERVED
@@ -21110,17 +21110,17 @@ CVE-2014-1897
 	RESERVED
 CVE-2014-1890
 	RESERVED
-CVE-2014-1889
+CVE-2014-1889 (The Group creation process in the Buddypress plugin before 1.9.2 for W ...)
 	NOT-FOR-US: Buddypress plugin for WordPress
-CVE-2014-1888
+CVE-2014-1888 (Cross-site scripting (XSS) vulnerability in the BuddyPress plugin befo ...)
 	NOT-FOR-US: BuddyPress plugin for WordPress
 CVE-2014-1880
 	RESERVED
-CVE-2014-1879
+CVE-2014-1879 (Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin b ...)
 	{DSA-2975-1}
 	- phpmyadmin 4:4.1.7-1 (unimportant)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2014-1878
+CVE-2014-1878 (Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c i ...)
 	{DSA-2956-1 DLA-1615-1 DLA-461-1 DLA-60-1}
 	- icinga 1.10.3-1
 	- nagios3 <removed> (bug #823721)
@@ -21131,13 +21131,13 @@ CVE-2014-1872
 	RESERVED
 CVE-2014-1871
 	RESERVED
-CVE-2014-1870
+CVE-2014-1870 (Opera before 19 on Mac OS X allows user-assisted remote attackers to s ...)
 	NOT-FOR-US: Opera
-CVE-2014-1869
+CVE-2014-1869 (Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.s ...)
 	- db4o <unfixed> (unimportant)
 	- jenkins 1.565.3-1 (bug #763899)
 	NOTE: in -doc package
-CVE-2014-1939
+CVE-2014-1939 (java/android/webkit/BrowserFrame.java in Android before 4.4 uses the a ...)
 	NOT-FOR-US: Android Jelly Bean
 CVE-2014-1938 [insecure use of /tmp]
 	RESERVED
@@ -21159,26 +21159,26 @@ CVE-2014-1935 [insecure use of /tmp]
 	- 9base <unfixed> (unimportant; bug #737206)
 	[squeeze] - 9base <no-dsa> (Minor issue)
 	NOTE: Not exploitable with kernel hardening since wheezy
-CVE-2014-1934
+CVE-2014-1934 (tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for Pyth ...)
 	- eyed3 0.6.18-3 (unimportant; bug #737062)
 	[squeeze] - eyed3 <no-dsa> (Minor issue)
 	NOTE: Upstream patch: https://bitbucket.org/nicfit/eyed3/commits/372bbacb7a70
 	NOTE: https://bitbucket.org/nicfit/eyed3/issue/65/tagpy-in-eyed3-allows-local-users-to
 	NOTE: Neutralised by protected_symlinks kernel temp hardening
-CVE-2014-1933
+CVE-2014-1933 (The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python ...)
 	- pillow 2.4.0-1 (low; bug #737059)
 	- python-imaging <removed>
 	[squeeze] - python-imaging <no-dsa> (Minor issue)
 	[wheezy] - python-imaging <no-dsa> (Minor issue)
-CVE-2014-1932
+CVE-2014-1932 (The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript fun ...)
 	- pillow 2.4.0-1 (low; bug #737059)
 	- python-imaging <removed>
 	[squeeze] - python-imaging <no-dsa> (Minor issue)
 	[wheezy] - python-imaging <no-dsa> (Minor issue)
-CVE-2014-1928
+CVE-2014-1928 (The shell_quote function in python-gnupg 0.3.5 does not properly escap ...)
 	{DSA-2946-1}
 	- python-gnupg 0.3.6-1 (bug #738509)
-CVE-2014-1927
+CVE-2014-1927 (The shell_quote function in python-gnupg 0.3.5 does not properly quote ...)
 	{DSA-2946-1}
 	- python-gnupg 0.3.6-1 (bug #738509)
 CVE-2014-1925 [SQL injection]
@@ -21193,49 +21193,49 @@ CVE-2014-1923 [arbitrary file write trough edithelp.pl]
 CVE-2014-1922 [path traversal]
 	RESERVED
 	- koha <itp> (bug #702134)
-CVE-2014-1921
+CVE-2014-1921 (parcimonie before 0.8.1, when using a large keyring, sleeps for the sa ...)
 	{DSA-2860-1}
 	- parcimonie 0.8.1-1 (bug #738134)
-CVE-2014-1909
+CVE-2014-1909 (Integer signedness error in system/core/adb/adb_client.c in Android De ...)
 	- android-tools 4.2.2+git20130529-5.1 (bug #770513)
 	- android-platform-system-core 1:6.0.0+r26-1~stage1
 	[jessie] - android-platform-system-core <no-dsa> (Minor issue)
 	NOTE: http://www.droidsec.org/advisories/2014/02/04/two-security-issues-found-in-the-android-sdk-tools.html
-CVE-2014-1896
+CVE-2014-1896 (The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4 ...)
 	- xen 4.4.0-1
 	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
-CVE-2014-1895
+CVE-2014-1895 (Off-by-one error in the flask_security_avc_cachestats function in xsm/ ...)
 	- xen 4.4.0-1
 	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
-CVE-2014-1894
+CVE-2014-1894 (Multiple integer overflows in unspecified suboperations in the flask h ...)
 	- xen <not-affected> (XSM not enabled in build)
 	NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
-CVE-2014-1893
+CVE-2014-1893 (Multiple integer overflows in the (1) FLASK_GETBOOL and (2) FLASK_SETB ...)
 	- xen <not-affected> (XSM not enabled in build)
 	NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
-CVE-2014-1892
+CVE-2014-1892 (Xen 3.3 through 4.1, when XSM is enabled, allows local users to cause  ...)
 	- xen <not-affected> (XSM not enabled in build)
 	NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
-CVE-2014-1891
+CVE-2014-1891 (Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL ...)
 	- xen <not-affected> (XSM not enabled in build)
 	NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
-CVE-2014-1887
+CVE-2014-1887 (The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2 ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1886
+CVE-2014-1886 (The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9. ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1885
+CVE-2014-1885 (The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or  ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1884
+CVE-2014-1884 (Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier  ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1883
+CVE-2014-1883 (Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoadi ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1882
+CVE-2014-1882 (Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier  ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1881
+CVE-2014-1881 (Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier  ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2014-1868
+CVE-2014-1868 (Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when us ...)
 	- restlet <itp> (bug #596472)
 CVE-2014-1867
 	RESERVED
@@ -21252,14 +21252,14 @@ CVE-2014-1863
 	RESERVED
 CVE-2014-1862
 	RESERVED
-CVE-2014-1861
+CVE-2014-1861 (The client in Jetro COCKPIT Secure Browsing (JCSB) 4.3.1 and 4.3.3 doe ...)
 	NOT-FOR-US: Jetro COCKPIT Secure Browsing
-CVE-2014-1859
+CVE-2014-1859 ((1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3)  ...)
 	- python-numpy 1:1.8.1~rc1-1 (low; bug #737778)
 	[squeeze] - python-numpy <no-dsa> (Minor issue)
 	[wheezy] - python-numpy <no-dsa> (Minor issue)
 	NOTE: issue fixed by https://github.com/numpy/numpy/commit/0bb46c1448b0d3f5453d5182a17ea7ac5854ee15
-CVE-2014-1858
+CVE-2014-1858 (__init__.py in f2py in NumPy before 1.8.1 allows local users to write  ...)
 	- python-numpy 1:1.8.1~rc1-1 (low; bug #737778)
 	[squeeze] - python-numpy <no-dsa> (Minor issue)
 	[wheezy] - python-numpy <no-dsa> (Minor issue)
@@ -21267,9 +21267,9 @@ CVE-2014-1857
 	RESERVED
 CVE-2014-1856
 	RESERVED
-CVE-2014-1855
+CVE-2014-1855 (Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel befor ...)
 	NOT-FOR-US: Seo Panel
-CVE-2014-1854
+CVE-2014-1854 (SQL injection vulnerability in library/clicktracker.php in the AdRotat ...)
 	NOT-FOR-US: AdRotate plugin for WordPress
 CVE-2014-1853
 	RESERVED
@@ -21280,7 +21280,7 @@ CVE-2014-1851
 CVE-2014-1850
 	RESERVED
 	- node-marked 0.3.1+dfsg-1
-CVE-2014-1849
+CVE-2014-1849 (Foscam IP camera 11.37.2.49 and other versions, when using the Foscam  ...)
 	NOT-FOR-US: Foscam
 CVE-2014-1848
 	RESERVED
@@ -21288,23 +21288,23 @@ CVE-2014-1847
 	RESERVED
 CVE-2014-1844
 	RESERVED
-CVE-2014-1843
+CVE-2014-1843 (Directory traversal vulnerability in the web interface in Titan FTP Se ...)
 	NOT-FOR-US: Titan FTP Server
-CVE-2014-1842
+CVE-2014-1842 (Directory traversal vulnerability in the web interface in Titan FTP Se ...)
 	NOT-FOR-US: Titan FTP Server
-CVE-2014-1841
+CVE-2014-1841 (Directory traversal vulnerability in the web interface in Titan FTP Se ...)
 	NOT-FOR-US: Titan FTP Server
-CVE-2014-1840
+CVE-2014-1840 (Cross-site scripting (XSS) vulnerability in Upload/search.php in MyBB  ...)
 	NOT-FOR-US: MyBB
-CVE-2014-1830
+CVE-2014-1830 (Requests (aka python-requests) before 2.3.0 allows remote servers to o ...)
 	{DSA-3146-1}
 	- requests 2.3.0-1 (bug #733108)
 	NOTE: https://github.com/kennethreitz/requests/issues/1885
-CVE-2014-1829
+CVE-2014-1829 (Requests (aka python-requests) before 2.3.0 allows remote servers to o ...)
 	{DSA-3146-1}
 	- requests 2.3.0-1 (bug #733108)
 	NOTE: https://github.com/kennethreitz/requests/issues/1885
-CVE-2014-1912
+CVE-2014-1912 (Buffer overflow in the socket.recvfrom_into function in Modules/socket ...)
 	{DSA-2880-1 DLA-25-1}
 	- python2.5 <removed> (low)
 	[squeeze] - python2.5 <no-dsa> (Minor issue)
@@ -21319,17 +21319,17 @@ CVE-2014-1912
 	- python3.4 3.4.0-1 (low)
 	NOTE: http://bugs.python.org/issue20246
 	NOTE: https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/
-CVE-2014-1877
+CVE-2014-1877 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 2.1.1 al ...)
 	NOT-FOR-US: Dokeos
-CVE-2014-1876
+CVE-2014-1876 (The unpacker::redirect_stdio function in unpack.cpp in unpack200 in Op ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1 (low; bug #737562)
 	- openjdk-6 6b31-1.13.3-1 (low)
-CVE-2014-1875
+CVE-2014-1875 (The Capture::Tiny module before 0.24 for Perl allows local users to wr ...)
 	- libcapture-tiny-perl 0.24-1 (bug #737835)
 	[wheezy] - libcapture-tiny-perl <no-dsa> (Minor issue)
 	[squeeze] - libcapture-tiny-perl <no-dsa> (Minor issue)
-CVE-2014-1874
+CVE-2014-1874 (The security_context_to_sid_core function in security/selinux/ss/servi ...)
 	{DSA-2906-1}
 	- linux 3.13.4-1
 	[wheezy] - linux 3.2.57-1
@@ -21338,268 +21338,268 @@ CVE-2014-1874
 CVE-2014-1860 [PHP object insertion]
 	RESERVED
 	NOT-FOR-US: Contao CMS
-CVE-2014-1832
+CVE-2014-1832 (Phusion Passenger 4.0.37 allows local users to write to certain files  ...)
 	- ruby-passenger 4.0.37-2
 	[wheezy] - ruby-passenger <not-affected> (incomplete patch never applied)
 	- passenger <not-affected> (incomplete patch never applied)
-CVE-2014-1831
+CVE-2014-1831 (Phusion Passenger before 4.0.37 allows local users to write to certain ...)
 	- ruby-passenger 4.0.37-1 (low; bug #736958)
 	[wheezy] - ruby-passenger 3.0.13debian-1+deb7u2 (low; bug #736958)
 	- passenger 4.0.37-1
 	[squeeze] - passenger <no-dsa> (minor issue)
-CVE-2014-1845
+CVE-2014-1845 (An unspecified setuid root helper in Enlightenment before 0.17.6 allow ...)
 	- e17 0.17.3-3 (bug #737705)
 	NOTE: https://git.enlightenment.org/core/enlightenment.git/commit/?id=ea605237bb64ee09341121461b3d2c0f5dbe832d
 	NOTE: https://git.enlightenment.org/core/enlightenment.git/commit/?id=126afd0fda493deec8398088e6e928b4d2e5f463
 	NOTE: https://git.enlightenment.org/core/enlightenment.git/commit/?id=8cabf2708520539cf25ca0a876f9c044f6d56a77
-CVE-2014-1846
+CVE-2014-1846 (Enlightenment before 0.17.6 might allow local users to gain privileges ...)
 	- e17 0.17.3-3 (bug #737705)
 	NOTE: https://git.enlightenment.org/core/enlightenment.git/commit/?id=ea605237bb64ee09341121461b3d2c0f5dbe832d
 	NOTE: https://git.enlightenment.org/core/enlightenment.git/commit/?id=126afd0fda493deec8398088e6e928b4d2e5f463
 	NOTE: https://git.enlightenment.org/core/enlightenment.git/commit/?id=8cabf2708520539cf25ca0a876f9c044f6d56a77
-CVE-2014-1839
+CVE-2014-1839 (The Execute class in shellutils in logilab-commons before 0.61.0 uses  ...)
 	- logilab-common 0.61.0-1 (low; bug #737051)
 	[squeeze] - logilab-common <no-dsa> (Minor issue)
 	[wheezy] - logilab-common <no-dsa> (Minor issue)
-CVE-2014-1838
+CVE-2014-1838 (The (1) extract_keys_from_pdf and (2) fill_pdf functions in pdf_ext.py ...)
 	- logilab-common 0.61.0-1 (low; bug #737051)
 	[squeeze] - logilab-common <no-dsa> (Minor issue)
 	[wheezy] - logilab-common <no-dsa> (Minor issue)
-CVE-2014-1837
+CVE-2014-1837 (Cross-site scripting (XSS) vulnerability in the StackIdeas Komento (co ...)
 	NOT-FOR-US: Joomla com_komento
-CVE-2014-1836
+CVE-2014-1836 (Absolute path traversal vulnerability in htdocs/libraries/image-editor ...)
 	NOT-FOR-US: ImpressCMS
-CVE-2014-1835
+CVE-2014-1835 (The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 ...)
 	NOT-FOR-US: Echor Ruby Gem
-CVE-2014-1834
+CVE-2014-1834 (The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 ...)
 	NOT-FOR-US: Echor Ruby Gem
-CVE-2014-1833
+CVE-2014-1833 (Directory traversal vulnerability in uupdate in devscripts 2.14.1 allo ...)
 	- devscripts 2.14.8 (low; bug #737160)
 	[squeeze] - devscripts <no-dsa> (Minor issue)
 	[wheezy] - devscripts <no-dsa> (Minor issue)
 CVE-2014-XXXX [no input validation for search function]
 	- fookebox 0.7.2-1 (low; bug #736821)
 	[wheezy] - fookebox <no-dsa> (Minor issue)
-CVE-2014-2013
+CVE-2014-2013 (Stack-based buffer overflow in the xps_parse_color function in xps/xps ...)
 	{DSA-2951-1}
 	- mupdf 1.3-2 (bug #738857)
 	NOTE: http://www.hdwsec.fr/blog/mupdf.html
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=694957
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=60dabde18d7fe12b19da8b509bdfee9cc886aafc
-CVE-2014-1828
+CVE-2014-1828 (The iThoughts web server in the iThoughtsHD app 4.19 for iOS on iPad d ...)
 	NOT-FOR-US: iOS iThoughtsHD app
-CVE-2014-1827
+CVE-2014-1827 (The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transf ...)
 	NOT-FOR-US: iOS iThoughtsHD app
-CVE-2014-1826
+CVE-2014-1826 (Cross-site scripting (XSS) vulnerability in the iThoughtsHD app 4.19 f ...)
 	NOT-FOR-US: iOS iThoughtsHD app
 CVE-2014-1825
 	REJECTED
-CVE-2014-1824
+CVE-2014-1824 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-1823
+CVE-2014-1823 (Cross-site scripting (XSS) vulnerability in the Web Components Server  ...)
 	NOT-FOR-US: Microsoft Lync Server
 CVE-2014-1822
 	REJECTED
 CVE-2014-1821
 	REJECTED
-CVE-2014-1820
+CVE-2014-1820 (Cross-site scripting (XSS) vulnerability in Master Data Services (MDS) ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-1819
+CVE-2014-1819 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-1818
+CVE-2014-1818 (GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-1817
+CVE-2014-1817 (usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-1816
+CVE-2014-1816 (Microsoft XML Core Services (aka MSXML) 3.0 and 6.0 does not properly  ...)
 	NOT-FOR-US: Microsoft XML Core Services
-CVE-2014-1815
+CVE-2014-1815 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1814
+CVE-2014-1814 (The Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vi ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-1813
+CVE-2014-1813 (Microsoft Web Applications 2010 SP1 and SP2 allows remote authenticate ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-1812
+CVE-2014-1812 (The Group Policy implementation in Microsoft Windows Vista SP2, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-1811
+CVE-2014-1811 (The TCP implementation in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2014-1810
 	REJECTED
-CVE-2014-1809
+CVE-2014-1809 (The MSCOMCTL library in Microsoft Office 2007 SP3, 2010 SP1 and SP2, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-1808
+CVE-2014-1808 (Microsoft Office 2013 Gold, SP1, RT, and RT SP1 allows remote attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-1807
+CVE-2014-1807 (The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-1806
+CVE-2014-1806 (The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-1805
+CVE-2014-1805 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1804
+CVE-2014-1804 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1803
+CVE-2014-1803 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1802
+CVE-2014-1802 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-1801
 	REJECTED
-CVE-2014-1800
+CVE-2014-1800 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1799
+CVE-2014-1799 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-1798
 	REJECTED
-CVE-2014-1797
+CVE-2014-1797 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1796
+CVE-2014-1796 (Microsoft Internet Explorer 6 and 8 through 11 allows remote attackers ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1795
+CVE-2014-1795 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1794
+CVE-2014-1794 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-1793
 	REJECTED
-CVE-2014-1792
+CVE-2014-1792 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1791
+CVE-2014-1791 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1790
+CVE-2014-1790 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1789
+CVE-2014-1789 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1788
+CVE-2014-1788 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-1787
 	REJECTED
-CVE-2014-1786
+CVE-2014-1786 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1785
+CVE-2014-1785 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1784
+CVE-2014-1784 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1783
+CVE-2014-1783 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1782
+CVE-2014-1782 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1781
+CVE-2014-1781 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1780
+CVE-2014-1780 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1779
+CVE-2014-1779 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1778
+CVE-2014-1778 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1777
+CVE-2014-1777 (Microsoft Internet Explorer 10 and 11 allows remote attackers to read  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1776
+CVE-2014-1776 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1775
+CVE-2014-1775 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1774
+CVE-2014-1774 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1773
+CVE-2014-1773 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1772
+CVE-2014-1772 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1771
+CVE-2014-1771 (SChannel in Microsoft Internet Explorer 6 through 11 does not ensure t ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1770
+CVE-2014-1770 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1769
+CVE-2014-1769 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-1768
 	REJECTED
-CVE-2014-1767
+CVE-2014-1767 (Double free vulnerability in the Ancillary Function Driver (AFD) in af ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-1766
+CVE-2014-1766 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-1765
+CVE-2014-1765 (Multiple use-after-free vulnerabilities in Microsoft Internet Explorer ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1764
+CVE-2014-1764 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1763
+CVE-2014-1763 (Use-after-free vulnerability in Microsoft Internet Explorer 9 through  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1762
+CVE-2014-1762 (Unspecified vulnerability in Microsoft Internet Explorer 6 through 11  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1761
+CVE-2014-1761 (Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2014-1760
+CVE-2014-1760 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1759
+CVE-2014-1759 (pubconv.dll in Microsoft Publisher 2003 SP3 and 2007 SP3 allows remote ...)
 	NOT-FOR-US: Microsoft Publisher
-CVE-2014-1758
+CVE-2014-1758 (Stack-based buffer overflow in Microsoft Word 2003 SP3 allows remote a ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2014-1757
+CVE-2014-1757 (Microsoft Word 2007 SP3 and 2010 SP1 and SP2, and Office Compatibility ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2014-1756
+CVE-2014-1756 (Untrusted search path vulnerability in Microsoft Office 2007 SP3, 2010 ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-1755
+CVE-2014-1755 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1754
+CVE-2014-1754 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-1753
+CVE-2014-1753 (Microsoft Internet Explorer 6 through 9 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1752
+CVE-2014-1752 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1751
+CVE-2014-1751 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-1749
+CVE-2014-1749 (Multiple unspecified vulnerabilities in Google Chrome before 35.0.1916 ...)
 	{DSA-2939-1}
 	[squeeze] - chromium-browser <end-of-life>
 	- chromium-browser 35.0.1916.114-1
-CVE-2014-1748
+CVE-2014-1748 (The ScrollView::paint function in platform/scroll/ScrollView.cpp in Bl ...)
 	{DSA-2939-1}
 	[squeeze] - chromium-browser <end-of-life>
 	- chromium-browser 35.0.1916.114-1
-CVE-2014-1747
+CVE-2014-1747 (Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeC ...)
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1746
+CVE-2014-1746 (The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_ ...)
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1745
+CVE-2014-1745 (Use-after-free vulnerability in the SVG implementation in Blink, as us ...)
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1744
+CVE-2014-1744 (Integer overflow in the AudioInputRendererHost::OnCreateStream functio ...)
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1743
+CVE-2014-1743 (Use-after-free vulnerability in the StyleElement::removedFromDocument  ...)
 	{DSA-2939-1}
 	- chromium-browser 35.0.1916.114-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1742
+CVE-2014-1742 (Use-after-free vulnerability in the FrameSelection::updateAppearance f ...)
 	{DSA-2930-1}
 	- chromium-browser 34.0.1847.137-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1741
+CVE-2014-1741 (Multiple integer overflows in the replace-data functionality in the Ch ...)
 	{DSA-2930-1}
 	- chromium-browser 34.0.1847.137-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1740
+CVE-2014-1740 (Multiple use-after-free vulnerabilities in net/websockets/websocket_jo ...)
 	{DSA-2930-1}
 	- chromium-browser 34.0.1847.137-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1739
+CVE-2014-1739 (The media_device_enum_entities function in drivers/media/media-device. ...)
 	- linux 3.14.7-1 (unimportant)
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Vulnerability introduced in 2.6.38)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6a623460e5fc960ac3ee9f946d3106233fd28d8
 	NOTE: Not exploitable with any sane setup
-CVE-2014-1738
+CVE-2014-1738 (The raw_cmd_copyout function in drivers/block/floppy.c in the Linux ke ...)
 	{DSA-2928-1 DSA-2926-1}
 	- linux 3.14.4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2145e15e0557a01b9195d1c7199a1b92cb9be81f
-CVE-2014-1737
+CVE-2014-1737 (The raw_cmd_copyin function in drivers/block/floppy.c in the Linux ker ...)
 	{DSA-2928-1 DSA-2926-1}
 	- linux 3.14.4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ef87dbe7614341c2e7bfe8d32fcb7028cc97442c
-CVE-2014-1736
+CVE-2014-1736 (Integer overflow in api.cc in Google V8, as used in Google Chrome befo ...)
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21608,7 +21608,7 @@ CVE-2014-1736
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1735
+CVE-2014-1735 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, a ...)
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21617,23 +21617,23 @@ CVE-2014-1735
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1734
+CVE-2014-1734 (Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847 ...)
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1733
+CVE-2014-1733 (The PointerCompare function in codegen.cc in Seccomp-BPF, as used in G ...)
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1732
+CVE-2014-1732 (Use-after-free vulnerability in browser/ui/views/speech_recognition_bu ...)
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1731
+CVE-2014-1731 (core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as ...)
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1730
+CVE-2014-1730 (Google V8, as used in Google Chrome before 34.0.1847.131 on Windows an ...)
 	{DSA-2920-1}
 	- chromium-browser 34.0.1847.132-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21642,7 +21642,7 @@ CVE-2014-1730
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1729
+CVE-2014-1729 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, a ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21651,23 +21651,23 @@ CVE-2014-1729
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1728
+CVE-2014-1728 (Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847 ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1727
+CVE-2014-1727 (Use-after-free vulnerability in content/renderer/renderer_webcolorchoo ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1726
+CVE-2014-1726 (The drag implementation in Google Chrome before 34.0.1847.116 allows u ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1725
+CVE-2014-1725 (The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as  ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1724
+CVE-2014-1724 (Use-after-free vulnerability in Free(b)soft Laboratory Speech Dispatch ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21675,31 +21675,31 @@ CVE-2014-1724
 	[squeeze] - speech-dispatcher <no-dsa> (Minor issue)
 	[wheezy] - speech-dispatcher <no-dsa> (Minor issue)
 	NOTE: no specific information available (possibly already be fixed in 0.8), the fix in chromium was to disable speechd by default
-CVE-2014-1723
+CVE-2014-1723 (The UnescapeURLWithOffsetsImpl function in net/base/escape.cc in Googl ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1722
+CVE-2014-1722 (Use-after-free vulnerability in the RenderBlock::addChildIgnoringAnony ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1721
+CVE-2014-1721 (Google V8, as used in Google Chrome before 34.0.1847.116, does not pro ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1720
+CVE-2014-1720 (Use-after-free vulnerability in the HTMLBodyElement::insertedInto func ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1719
+CVE-2014-1719 (Use-after-free vulnerability in the WebSharedWorkerStub::OnTerminateWo ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1718
+CVE-2014-1718 (Integer overflow in the SoftwareFrameManager::SwapToNewFrame function  ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1717
+CVE-2014-1717 (Google V8, as used in Google Chrome before 34.0.1847.116, does not pro ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21708,7 +21708,7 @@ CVE-2014-1717
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1716
+CVE-2014-1716 (Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype f ...)
 	{DSA-2905-1}
 	- chromium-browser 34.0.1847.116-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21717,31 +21717,31 @@ CVE-2014-1716
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1715
+CVE-2014-1715 (Directory traversal vulnerability in Google Chrome before 33.0.1750.15 ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1714
+CVE-2014-1714 (The ScopedClipboardWriter::WritePickledData function in ui/base/clipbo ...)
 	- chromium-browser <not-affected> (Windows-specific)
-CVE-2014-1713
+CVE-2014-1713 (Use-after-free vulnerability in the AttributeSetter function in bindin ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2014-1712
 	RESERVED
-CVE-2014-1711
+CVE-2014-1711 (The GPU driver in the kernel in Google Chrome OS before 33.0.1750.152  ...)
 	NOT-FOR-US: Chrome OS
-CVE-2014-1710
+CVE-2014-1710 (The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buf ...)
 	NOT-FOR-US: Chrome OS
 CVE-2014-1709
 	RESERVED
-CVE-2014-1708
+CVE-2014-1708 (The boot implementation in Google Chrome OS before 33.0.1750.152 does  ...)
 	NOT-FOR-US: Chrome OS
-CVE-2014-1707
+CVE-2014-1707 (Directory traversal vulnerability in CrosDisks in Google Chrome OS bef ...)
 	NOT-FOR-US: Chrome OS
-CVE-2014-1706
+CVE-2014-1706 (crosh in Google Chrome OS before 33.0.1750.152 allows attackers to inj ...)
 	NOT-FOR-US: Chrome OS
-CVE-2014-1705
+CVE-2014-1705 (Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and L ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21750,7 +21750,7 @@ CVE-2014-1705
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1704
+CVE-2014-1704 (Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, a ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
@@ -21759,54 +21759,54 @@ CVE-2014-1704
 	[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2014-1703
+CVE-2014-1703 (Use-after-free vulnerability in the WebSocketDispatcherHost::SendOrDro ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1702
+CVE-2014-1702 (Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThr ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1701
+CVE-2014-1701 (The GenerateFunction function in bindings/scripts/code_generator_v8.pm ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1700
+CVE-2014-1700 (Use-after-free vulnerability in modules/speech/SpeechSynthesis.cpp in  ...)
 	{DSA-2883-1}
 	- chromium-browser 33.0.1750.152-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1699
+CVE-2014-1699 (Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attack ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2014-1698
+CVE-2014-1698 (Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3 ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC OA
-CVE-2014-1697
+CVE-2014-1697 (The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC OA
-CVE-2014-1696
+CVE-2014-1696 (Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash alg ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC OA
-CVE-2014-1695
+CVE-2014-1695 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
 	{DLA-1119-1}
 	- otrs2 3.3.5-1
 	[squeeze] - otrs2 <no-dsa> (Minor issue)
 	NOTE: https://www.otrs.com/security-advisory-2014-03-xss-issue/
-CVE-2014-1750
+CVE-2014-1750 (Open redirect vulnerability in nokia-mapsplaces.php in the Nokia Maps  ...)
 	NOT-FOR-US: WordPress plugin nokia-mapsplaces
-CVE-2014-1694
+CVE-2014-1694 (Multiple cross-site request forgery (CSRF) vulnerabilities in (1) Cust ...)
 	{DSA-2867-1}
 	- otrs2 3.3.4-1 (low)
 	NOTE: https://www.otrs.com/security-advisory-2014-01-csrf-issue-customer-web-interface/
-CVE-2014-1693
+CVE-2014-1693 (Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OT ...)
 	- erlang 1:16.b.3.1-dfsg-3 (low; bug #738132)
 	[squeeze] - erlang <no-dsa> (Minor issue)
 	[wheezy] - erlang 1:15.b.1-dfsg-4+deb7u1
-CVE-2014-1692
+CVE-2014-1692 (The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Mak ...)
 	- openssh <not-affected> (J-PAKE not activated)
-CVE-2014-1691
+CVE-2014-1691 (The framework/Util/lib/Horde/Variables.php script in the Util library  ...)
 	{DSA-2853-1}
 	- horde3 <removed> (medium; bug #737149)
 	- php-horde-util 2.3.0-1
 	NOTE: https://github.com/horde/horde/commit/da6afc7e9f4e290f782eca9dbca794f772caccb3
 	NOTE: https://github.com/horde/horde/commit/acf67ab4a633037849aca9e4a7592465b999ad93 is also required
-CVE-2014-1690
+CVE-2014-1690 (The help function in net/netfilter/nf_nat_irc.c in the Linux kernel be ...)
 	- linux 3.12.8-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 	- linux-2.6 <not-affected> (Introduced in 3.7)
@@ -21817,33 +21817,33 @@ CVE-2014-1688
 	RESERVED
 CVE-2014-1687
 	RESERVED
-CVE-2014-1686
+CVE-2014-1686 (MediaWiki 1.18.0 allows remote attackers to obtain the installation pa ...)
 	- mediawiki <removed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2014/Mar/102
 	NOTE: path disclosure not an issue
-CVE-2014-1685
+CVE-2014-1685 (The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2 ...)
 	- zabbix 1:2.2.2+dfsg-1
 	[squeeze] - zabbix <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-1684
+CVE-2014-1684 (The ASF_ReadObject_file_properties function in modules/demux/asf/libas ...)
 	- vlc 2.1.4-1 (unimportant; bug #743033)
 	NOTE: Crash in enduser application, no security impact
-CVE-2014-1683
+CVE-2014-1683 (The bashMail function in cms/data/skins/techjunkie/fragments/contacts/ ...)
 	NOT-FOR-US: SkyBlueCanvas CMS
-CVE-2014-1682
+CVE-2014-1682 (The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x  ...)
 	- zabbix 1:2.2.2+dfsg-1 (bug #737818)
 	[squeeze] - zabbix <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://support.zabbix.com/browse/ZBX-7703
-CVE-2014-1681
+CVE-2014-1681 (Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700 ...)
 	{DSA-2811-1}
 	- chromium-browser 31.0.1650.63-1
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-1680
+CVE-2014-1680 (Untrusted search path vulnerability in Bandisoft Bandizip before 3.10  ...)
 	NOT-FOR-US: Bandisoft Bandizip
-CVE-2014-1679
+CVE-2014-1679 (Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2014-1678
 	RESERVED
-CVE-2014-1677
+CVE-2014-1677 (Technicolor TC7200 with firmware STD6.01.12 could allow remote attacke ...)
 	NOT-FOR-US: Technicolor TC7200
 	NOTE: https://www.exploit-db.com/exploits/31894/
 CVE-2014-1676
@@ -21852,13 +21852,13 @@ CVE-2014-1675
 	RESERVED
 CVE-2014-1674
 	RESERVED
-CVE-2014-1673
+CVE-2014-1673 (Check Point Session Authentication Agent allows remote attackers to ob ...)
 	NOT-FOR-US: Check Point Session Authentication Agent
-CVE-2014-1672
+CVE-2014-1672 (Check Point R75.47 Security Gateway and Management Server does not pro ...)
 	NOT-FOR-US: Check Point R75.47 Security Gateway and Management Server
-CVE-2014-1671
+CVE-2014-1671 (Multiple SQL injection vulnerabilities in Dell KACE K1000 5.4.76847 an ...)
 	NOT-FOR-US: Dell KACE K1000
-CVE-2014-1670
+CVE-2014-1670 (The Microsoft Bing application before 4.2.1 for Android allows remote  ...)
 	NOT-FOR-US: Microsoft Bing application
 CVE-2014-1669
 	RESERVED
@@ -21866,9 +21866,9 @@ CVE-2014-1668
 	RESERVED
 CVE-2014-1667
 	RESERVED
-CVE-2014-1665
+CVE-2014-1665 (Cross-site scripting (XSS) vulnerability in ownCloud before 6.0.1 allo ...)
 	- owncloud <removed>
-CVE-2014-1663
+CVE-2014-1663 (Unspecified vulnerability in Citrix XenMobile Device Manager server (f ...)
 	NOT-FOR-US: Citrix XenMobile Device Manager server
 CVE-2014-1662
 	REJECTED
@@ -21890,47 +21890,47 @@ CVE-2014-1654
 	REJECTED
 CVE-2014-1653
 	REJECTED
-CVE-2014-1652
+CVE-2014-1652 (Multiple cross-site scripting (XSS) vulnerabilities in the management  ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2014-1651
+CVE-2014-1651 (SQL injection vulnerability in clientreport.php in the management cons ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2014-1650
+CVE-2014-1650 (SQL injection vulnerability in user.php in the management console in S ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2014-1649
+CVE-2014-1649 (The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allo ...)
 	NOT-FOR-US: Symantec Workspace Streaming
-CVE-2014-1648
+CVE-2014-1648 (Cross-site scripting (XSS) vulnerability in brightmail/setting/complia ...)
 	NOT-FOR-US: Symantec Messaging Gateway
-CVE-2014-1647
+CVE-2014-1647 (Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Prof ...)
 	NOT-FOR-US: Symantec
-CVE-2014-1646
+CVE-2014-1646 (Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Prof ...)
 	NOT-FOR-US: Symantec
-CVE-2014-1645
+CVE-2014-1645 (SQL injection vulnerability in forcepasswd.do in the management GUI in ...)
 	NOT-FOR-US: Symantec LiveUpdate Administrator
-CVE-2014-1644
+CVE-2014-1644 (The forgotten-password feature in forcepasswd.do in the management GUI ...)
 	NOT-FOR-US: Symantec LiveUpdate Administrator
-CVE-2014-1643
+CVE-2014-1643 (The Web Email Protection component in Symantec Encryption Management S ...)
 	NOT-FOR-US: Symantec PGP Universal Web Messenger
-CVE-2014-1666
+CVE-2014-1666 (The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, ...)
 	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
-CVE-2014-1664
+CVE-2014-1664 (The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP  ...)
 	NOT-FOR-US: GoToMeeting in Android
 CVE-2014-1641
 	RESERVED
-CVE-2014-1637
+CVE-2014-1637 (Command School Student Management System 1.06.01 does not properly res ...)
 	NOT-FOR-US: Command School Student Management System
-CVE-2014-1636
+CVE-2014-1636 (Multiple SQL injection vulnerabilities in Command School Student Manag ...)
 	NOT-FOR-US: Command School Student Management System
-CVE-2014-1635
+CVE-2014-1635 (Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with f ...)
 	NOT-FOR-US: Belkin router
 CVE-2014-1634
 	RESERVED
 CVE-2014-1633
 	RESERVED
-CVE-2014-1632
+CVE-2014-1632 (htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers ...)
 	NOT-FOR-US: Eventum
-CVE-2014-1631
+CVE-2014-1631 (Eventum before 2.3.5 allows remote attackers to reinstall the applicat ...)
 	NOT-FOR-US: Eventum
 CVE-2014-1630
 	RESERVED
@@ -21948,45 +21948,45 @@ CVE-2014-1622
 	RESERVED
 CVE-2014-1621
 	RESERVED
-CVE-2014-1620
+CVE-2014-1620 (Multiple cross-site scripting (XSS) vulnerabilities in add.php in HIOX ...)
 	NOT-FOR-US: HIOX Guest Book
-CVE-2014-1619
+CVE-2014-1619 (Multiple SQL injection vulnerabilities in Cubic CMS 5.1.1, 5.1.2, and  ...)
 	NOT-FOR-US: Cubic CMS
-CVE-2014-1618
+CVE-2014-1618 (Multiple SQL injection vulnerabilities in UAEPD Shopping Cart Script a ...)
 	NOT-FOR-US: UAEPD Shopping Cart Script
 CVE-2014-1617
 	RESERVED
 CVE-2014-1616
 	RESERVED
-CVE-2014-1615
+CVE-2014-1615 (Multiple cross-site request forgery (CSRF) vulnerabilities in Carbon B ...)
 	NOT-FOR-US: Carbon Black
 CVE-2014-1614
 	RESERVED
-CVE-2014-1613
+CVE-2014-1613 (Dotclear before 2.6.2 allows remote attackers to execute arbitrary PHP ...)
 	- dotclear 2.6.2+dfsg-1
-CVE-2014-1612
+CVE-2014-1612 (Cross-site scripting (XSS) vulnerability in login.esp in the Web Manag ...)
 	NOT-FOR-US: Mediatrix
-CVE-2014-1610
+CVE-2014-1610 (MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5, and 1.19.x befor ...)
 	{DSA-2891-1}
 	- mediawiki 1:1.19.11+dfsg-1
 	[squeeze] - mediawiki <end-of-life>
-CVE-2014-1609
+CVE-2014-1609 (Multiple SQL injection vulnerabilities in MantisBT before 1.2.16 allow ...)
 	{DSA-3030-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/7efe0175f0853e18ebfacedfd2374c4179028b3f
-CVE-2014-1608
+CVE-2014-1608 (SQL injection vulnerability in the mci_file_get function in api/soap/m ...)
 	{DSA-3030-1}
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/00b4c17088fa56594d85fe46b6c6057bb3421102
-CVE-2014-1607
+CVE-2014-1607 (** DISPUTED ** Cross-site scripting (XSS) vulnerability in the EventCa ...)
 	NOT-FOR-US: Drupal EventCalendar
 CVE-2014-1606
 	RESERVED
 CVE-2014-1605
 	RESERVED
-CVE-2014-1603
+CVE-2014-1603 (Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3 ...)
 	NOT-FOR-US: GetSimple CMS
 CVE-2014-1602
 	RESERVED
@@ -21994,96 +21994,96 @@ CVE-2014-1601
 	RESERVED
 CVE-2014-1600
 	RESERVED
-CVE-2014-1599
+CVE-2014-1599 (Multiple cross-site scripting (XSS) vulnerabilities in the SFR Box rou ...)
 	NOT-FOR-US: SFR Box router
 CVE-2014-1598
 	RESERVED
-CVE-2014-1597
+CVE-2014-1597 (SQL injection vulnerability in the CMDB web application in synetics i- ...)
 	NOT-FOR-US: i-doit
 CVE-2014-1596
 	REJECTED
-CVE-2014-1595
+CVE-2014-1595 (Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunder ...)
 	- iceweasel <not-affected> (Specific to MacOS X)
 	- icedove <not-affected> (Specific to MacOS X)
-CVE-2014-1594
+CVE-2014-1594 (Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird ...)
 	{DSA-3092-1 DSA-3090-1}
 	- iceweasel 31.3.0esr-1
 	- icedove 31.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1593
+CVE-2014-1593 (Stack-based buffer overflow in the mozilla::FileBlockCache::Read funct ...)
 	{DSA-3092-1 DSA-3090-1}
 	- iceweasel 31.3.0esr-1
 	- icedove 31.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1592
+CVE-2014-1592 (Use-after-free vulnerability in the nsHtml5TreeOperation function in x ...)
 	{DSA-3092-1 DSA-3090-1}
 	- iceweasel 31.3.0esr-1
 	- icedove 31.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1591
+CVE-2014-1591 (Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in ...)
 	- iceweasel <not-affected> (Only affects Firefox 33)
 	- icedove <not-affected> (Only affects Firefox 33)
-CVE-2014-1590
+CVE-2014-1590 (The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34. ...)
 	{DSA-3092-1 DSA-3090-1}
 	- iceweasel 31.3.0esr-1
 	- icedove 31.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1589
+CVE-2014-1589 (Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide styleshe ...)
 	- iceweasel <not-affected> (Only affects Firefox 33)
 	- icedove <not-affected> (Only affects Firefox 33)
-CVE-2014-1588
+CVE-2014-1588 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox 33)
 	- icedove <not-affected> (Only affects Firefox 33)
-CVE-2014-1587
+CVE-2014-1587 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3092-1 DSA-3090-1}
 	- iceweasel 31.3.0esr-1
 	- icedove 31.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1586
+CVE-2014-1586 (content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefo ...)
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1585
+CVE-2014-1585 (The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozi ...)
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1584
+CVE-2014-1584 (The Public Key Pinning (PKP) implementation in Mozilla Firefox before  ...)
 	- iceweasel <not-affected> (Only affects Firefox 32 and later)
 	- icedove <not-affected> (Only affects Firefox 32 and later)
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1583
+CVE-2014-1583 (The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x befo ...)
 	{DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
-CVE-2014-1582
+CVE-2014-1582 (The Public Key Pinning (PKP) implementation in Mozilla Firefox before  ...)
 	- iceweasel <not-affected> (Only affects Firefox 32 and later)
 	- icedove <not-affected> (Only affects Firefox 32 and later)
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1581
+CVE-2014-1581 (Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Fir ...)
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1580
+CVE-2014-1580 (Mozilla Firefox before 33.0 does not properly initialize memory for GI ...)
 	- iceweasel <not-affected> (Only affects Firefox 32 and later)
 	- icedove <not-affected> (Only affects Firefox 32 and later)
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 CVE-2014-1579
 	REJECTED
-CVE-2014-1578
+CVE-2014-1578 (The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x ...)
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
@@ -22094,50 +22094,50 @@ CVE-2014-1578
 	[squeeze] - libvpx <not-affected> (vp9 codec not yet present)
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-77.html
 	NOTE: https://hg.mozilla.org/releases/mozilla-esr31/rev/6023f0b4f8ba
-CVE-2014-1577
+CVE-2014-1577 (The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the  ...)
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1576
+CVE-2014-1576 (Heap-based buffer overflow in the nsTransformedTextRun function in Moz ...)
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1575
+CVE-2014-1575 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox 32 and later)
 	- icedove <not-affected> (Only affects Firefox 32 and later)
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1574
+CVE-2014-1574 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3061-1 DSA-3050-1}
 	- iceweasel 31.2.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1573
+CVE-2014-1573 (Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.1 ...)
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
 	[squeeze] - bugzilla <end-of-life>
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1075578
-CVE-2014-1572
+CVE-2014-1572 (The confirm_create_account function in the account-creation feature in ...)
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
 	[squeeze] - bugzilla <end-of-life>
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1074812
-CVE-2014-1571
+CVE-2014-1571 (Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.1 ...)
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
 	[squeeze] - bugzilla <end-of-life>
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1064140
 CVE-2014-1570
 	RESERVED
-CVE-2014-1569
+CVE-2014-1569 (The definite_length_decoder function in lib/util/quickder.c in Mozilla ...)
 	{DSA-3186-1 DLA-154-1}
 	- nss 2:3.17.2-1.1 (bug #773625)
-CVE-2014-1568
+CVE-2014-1568 (Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before ...)
 	{DSA-3037-1 DSA-3034-1 DSA-3033-1 DLA-62-1}
 	- nss 2:3.17.1-1
 	- iceweasel <not-affected> (uses system nss)
@@ -22146,47 +22146,47 @@ CVE-2014-1568
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
 	NOTE: http://www.intelsecurity.com/advanced-threat-research/#
-CVE-2014-1567
+CVE-2014-1567 (Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Fir ...)
 	{DSA-3028-1 DSA-3018-1}
 	- iceweasel 31.1.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1566
+CVE-2014-1566 (Mozilla Firefox before 31.1 on Android does not properly restrict copy ...)
 	- iceweasel <not-affected> (Specific to Android)
-CVE-2014-1565
+CVE-2014-1565 (The mozilla::dom::AudioEventTimeline function in the Web Audio API imp ...)
 	- iceweasel 31.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.2.0-1
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
-CVE-2014-1564
+CVE-2014-1564 (Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunder ...)
 	- iceweasel 31.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.2.0-1
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
-CVE-2014-1563
+CVE-2014-1563 (Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff  ...)
 	- iceweasel 31.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.2.0-1
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
-CVE-2014-1562
+CVE-2014-1562 (Unspecified vulnerability in the browser engine in Mozilla Firefox bef ...)
 	{DSA-3028-1 DSA-3018-1}
 	- iceweasel 31.1.0esr-1
 	- icedove 31.2.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1561
+CVE-2014-1561 (Mozilla Firefox before 31.0 does not properly restrict use of drag-and ...)
 	- iceweasel 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-60.html
-CVE-2014-1560
+CVE-2014-1560 (Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote a ...)
 	- iceweasel 31.0-1
 	- icedove 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
@@ -22194,7 +22194,7 @@ CVE-2014-1560
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
-CVE-2014-1559
+CVE-2014-1559 (Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote a ...)
 	- iceweasel 31.0-1
 	- icedove 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
@@ -22202,7 +22202,7 @@ CVE-2014-1559
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
-CVE-2014-1558
+CVE-2014-1558 (Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote a ...)
 	- iceweasel 31.0-1
 	- icedove 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
@@ -22210,42 +22210,42 @@ CVE-2014-1558
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
-CVE-2014-1557
+CVE-2014-1557 (The ConvolveHorizontally function in Skia, as used in Mozilla Firefox  ...)
 	{DSA-2996-1 DSA-2986-1}
 	- iceweasel 31.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2014/mfsa2014-64.html
-CVE-2014-1556
+CVE-2014-1556 (Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunder ...)
 	{DSA-2996-1 DSA-2986-1}
 	- iceweasel 31.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-62.html
-CVE-2014-1555
+CVE-2014-1555 (Use-after-free vulnerability in the nsDocLoader::OnProgress function i ...)
 	{DSA-2996-1 DSA-2986-1}
 	- iceweasel 31.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2014/mfsa2014-61.html
-CVE-2014-1554
+CVE-2014-1554 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel 31.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.2.0-1
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
-CVE-2014-1553
+CVE-2014-1553 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel 31.1.0esr-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.2.0-1
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
-CVE-2014-1552
+CVE-2014-1552 (Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properl ...)
 	- iceweasel 31.0-1
 	- icedove 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
@@ -22253,11 +22253,11 @@ CVE-2014-1552
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-66.html
-CVE-2014-1551
+CVE-2014-1551 (Use-after-free vulnerability in the FontTableRec destructor in Mozilla ...)
 	- iceweasel <not-affected> (Affects only Windows platform)
 	- icedove <not-affected> (Affects only Windows platform)
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-59.html
-CVE-2014-1550
+CVE-2014-1550 (Use-after-free vulnerability in the MediaInputPort class in Mozilla Fi ...)
 	- iceweasel 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
@@ -22265,7 +22265,7 @@ CVE-2014-1550
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-58.html
-CVE-2014-1549
+CVE-2014-1549 (The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer fun ...)
 	- iceweasel 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
@@ -22273,23 +22273,23 @@ CVE-2014-1549
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-57.html
-CVE-2014-1548
+CVE-2014-1548 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel 31.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
 	[squeeze] - iceweasel <end-of-life>
-CVE-2014-1547
+CVE-2014-1547 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2996-1 DSA-2986-1}
 	- iceweasel 31.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2014/mfsa2014-56.html
-CVE-2014-1546
+CVE-2014-1546 (The response function in the JSONP endpoint in WebService/Server/JSONR ...)
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
 	[squeeze] - bugzilla <end-of-life>
 	NOTE: bugzilla part for Adobe Flash's CVE-2014-4671.
-CVE-2014-1545
+CVE-2014-1545 (Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote a ...)
 	{DSA-2962-1 DSA-2960-1 DSA-2955-1 DLA-32-1}
 	- nspr 2:4.10.6-1
 	- iceweasel 30.0-1
@@ -22298,7 +22298,7 @@ CVE-2014-1545
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - nspr 4.8.6-1+squeeze2
 	NOTE: Only the Wheezy builds use the bundled nspr
-CVE-2014-1544
+CVE-2014-1544 (Use-after-free vulnerability in the CERT_DestroyCertificate function i ...)
 	{DSA-3071-1 DSA-2996-1 DSA-2986-1 DLA-89-1}
 	- nss 2:3.16.3-1
 	- iceweasel 31.0-1
@@ -22307,46 +22307,46 @@ CVE-2014-1544
 	[squeeze] - icedove <end-of-life>
 	NOTE: patch: https://hg.mozilla.org/projects/nss/rev/204f22c527f8
 	NOTE: http://www.mozilla.org/security/announce/2014/mfsa2014-63.html
-CVE-2014-1543
+CVE-2014-1543 (Multiple heap-based buffer overflows in the navigator.getGamepads func ...)
 	- iceweasel <not-affected> (Only affects Windows 8)
 	- icedove <not-affected> (Only affects Windows 8)
-CVE-2014-1542
+CVE-2014-1542 (Buffer overflow in the Speex resampler in the Web Audio subsystem in M ...)
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	[wheezy] - icedove <not-affected> (Doesn't affect ESR24)
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1541
+CVE-2014-1541 (Use-after-free vulnerability in the RefreshDriverTimer::TickDriver fun ...)
 	{DSA-2960-1 DSA-2955-1}
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1540
+CVE-2014-1540 (Use-after-free vulnerability in the nsEventListenerManager::CompileEve ...)
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	[wheezy] - icedove <not-affected> (Doesn't affect ESR24)
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1539
+CVE-2014-1539 (Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do no ...)
 	- iceweasel <not-affected> (Only affects Mac OS X)
 	- icedove <not-affected> (Only affects Mac OS X)
-CVE-2014-1538
+CVE-2014-1538 (Use-after-free vulnerability in the nsTextEditRules::CreateMozBR funct ...)
 	{DSA-2960-1 DSA-2955-1}
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1537
+CVE-2014-1537 (Use-after-free vulnerability in the mozilla::dom::workers::WorkerPriva ...)
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	[wheezy] - icedove <not-affected> (Doesn't affect ESR24)
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1536
+CVE-2014-1536 (The PropertyProvider::FindJustificationRange function in Mozilla Firef ...)
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR24)
@@ -22355,190 +22355,190 @@ CVE-2014-1536
 	[squeeze] - icedove <end-of-life>
 CVE-2014-1535
 	RESERVED
-CVE-2014-1534
+CVE-2014-1534 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR24)
 	[squeeze] - iceweasel <end-of-life>
 	[wheezy] - icedove <not-affected> (Doesn't affect ESR24)
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1533
+CVE-2014-1533 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2960-1 DSA-2955-1}
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1532
+CVE-2014-1532 (Use-after-free vulnerability in the nsHostResolver::ConditionallyRefre ...)
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1531
+CVE-2014-1531 (Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeig ...)
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1530
+CVE-2014-1530 (The docshell implementation in Mozilla Firefox before 29.0, Firefox ES ...)
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1529
+CVE-2014-1529 (The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 2 ...)
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1528
+CVE-2014-1528 (The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo  ...)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2014-1527
+CVE-2014-1527 (Mozilla Firefox before 29.0 on Android allows remote attackers to spoo ...)
 	- iceweasel <not-affected> (Only affects Firefox on Android)
 	- icedove <not-affected> (Only affects Firefox on Android)
-CVE-2014-1526
+CVE-2014-1526 (The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaM ...)
 	- iceweasel <not-affected> (Only affects Firefox 28)
 	- icedove <not-affected> (Only affects Firefox 28)
-CVE-2014-1525
+CVE-2014-1525 (The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before ...)
 	- iceweasel <not-affected> (Only affects Firefox 28)
 	- icedove <not-affected> (Only affects Firefox 28)
-CVE-2014-1524
+CVE-2014-1524 (The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox  ...)
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1523
+CVE-2014-1523 (Heap-based buffer overflow in the read_u32 function in Mozilla Firefox ...)
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1522
+CVE-2014-1522 (The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the  ...)
 	- iceweasel <not-affected> (Only affects Firefox 28)
 	- icedove <not-affected> (Only affects Firefox 28)
 CVE-2014-1521
 	REJECTED
-CVE-2014-1520
+CVE-2014-1520 (maintenservice_installer.exe in the Maintenance Service Installer in M ...)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2014-1519
+CVE-2014-1519 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox 28)
 	- icedove <not-affected> (Only affects Firefox 28)
-CVE-2014-1518
+CVE-2014-1518 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2924-1 DSA-2918-1}
 	- iceweasel 24.5.0esr-1
 	- icedove 24.5.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1517
+CVE-2014-1517 (The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x befor ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2014-1516
+CVE-2014-1516 (The saltProfileName function in base/GeckoProfileDirectories.java in M ...)
 	- iceweasel <not-affected> (Android-specific)
-CVE-2014-1515
+CVE-2014-1515 (Mozilla Firefox before 28.0.1 on Android processes a file: URL by copy ...)
 	- iceweasel <not-affected> (Android-specific)
-CVE-2014-1514
+CVE-2014-1514 (vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24. ...)
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1513
+CVE-2014-1513 (TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x  ...)
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1512
+CVE-2014-1512 (Use-after-free vulnerability in the TypeObject class in the JavaScript ...)
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1511
+CVE-2014-1511 (Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird ...)
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1510
+CVE-2014-1510 (The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR ...)
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1509
+CVE-2014-1509 (Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo ...)
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1508
+CVE-2014-1508 (The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 2 ...)
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1507
+CVE-2014-1507 (Directory traversal vulnerability in the DeviceStorage API in Mozilla  ...)
 	NOT-FOR-US: Firefox OS
-CVE-2014-1506
+CVE-2014-1506 (Directory traversal vulnerability in Android Crash Reporter in Mozilla ...)
 	- iceweasel <not-affected> (Android-specific)
 	- icedove <not-affected> (Android-specific)
-CVE-2014-1505
+CVE-2014-1505 (The SVG filter implementation in Mozilla Firefox before 28.0, Firefox  ...)
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1504
+CVE-2014-1504 (The session-restore feature in Mozilla Firefox before 28.0 and SeaMonk ...)
 	- iceweasel <not-affected> (Only affects Firefox 27)
 	- icedove <not-affected> (Only affects Firefox 27)
 CVE-2014-1503
 	RESERVED
-CVE-2014-1502
+CVE-2014-1502 (The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage ...)
 	- iceweasel <not-affected> (Only affects Firefox 27)
 	- icedove <not-affected> (Only affects Firefox 27)
-CVE-2014-1501
+CVE-2014-1501 (Mozilla Firefox before 28.0 on Android allows remote attackers to bypa ...)
 	- iceweasel <not-affected> (Android-specific)
 	- icedove <not-affected> (Android-specific)
-CVE-2014-1500
+CVE-2014-1500 (Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote att ...)
 	- iceweasel <not-affected> (Only affects Firefox 27)
 	- icedove <not-affected> (Only affects Firefox 27)
-CVE-2014-1499
+CVE-2014-1499 (Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote att ...)
 	- iceweasel <not-affected> (Only affects Firefox 27)
 	- icedove <not-affected> (Only affects Firefox 27)
-CVE-2014-1498
+CVE-2014-1498 (The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 a ...)
 	- iceweasel <not-affected> (Only affects Firefox 27)
 	- icedove <not-affected> (Only affects Firefox 27)
-CVE-2014-1497
+CVE-2014-1497 (The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox b ...)
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1496
+CVE-2014-1496 (Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird ...)
 	- iceweasel <not-affected> (Online update not used in Debian)
 	- icedove <not-affected> (Online update not used in Debian)
 CVE-2014-1495
 	RESERVED
-CVE-2014-1494
+CVE-2014-1494 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox 27)
 	- icedove <not-affected> (Only affects Firefox 27)
-CVE-2014-1493
+CVE-2014-1493 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2911-1 DSA-2881-1}
 	- iceweasel 24.4.0esr-1
 	- icedove 24.4.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1492
+CVE-2014-1492 (The cert_TestHostName function in lib/certdb/certdb.c in the certifica ...)
 	{DSA-2994-1 DLA-23-1}
 	- nss 2:3.16-1
 	[squeeze] - nss 3.12.8-1+squeeze8
 	- iceweasel <not-affected> (Only affects Firefox 28)
 	- icedove <not-affected> (Only affects Firefox 28)
-CVE-2014-1491
+CVE-2014-1491 (Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozi ...)
 	{DSA-2994-1 DSA-2858-1 DLA-23-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
@@ -22546,7 +22546,7 @@ CVE-2014-1491
 	[squeeze] - nss 3.12.8-1+squeeze8
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1490
+CVE-2014-1490 (Race condition in libssl in Mozilla Network Security Services (NSS) be ...)
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
@@ -22556,115 +22556,115 @@ CVE-2014-1490
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	NOTE: session tickets must be enabled by the client (mainly browsers)
-CVE-2014-1489
+CVE-2014-1489 (Mozilla Firefox before 27.0 does not properly restrict access to about ...)
 	- iceweasel <not-affected> (Only affects Firefox 26)
 	- icedove <not-affected> (Only affects Firefox 26)
-CVE-2014-1488
+CVE-2014-1488 (The Web workers implementation in Mozilla Firefox before 27.0 and SeaM ...)
 	- iceweasel <not-affected> (Only affects Firefox 26)
 	- icedove <not-affected> (Only affects Firefox 26)
-CVE-2014-1487
+CVE-2014-1487 (The Web workers implementation in Mozilla Firefox before 27.0, Firefox ...)
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1486
+CVE-2014-1486 (Use-after-free vulnerability in the imgRequestProxy function in Mozill ...)
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1485
+CVE-2014-1485 (The Content Security Policy (CSP) implementation in Mozilla Firefox be ...)
 	- iceweasel <not-affected> (Only affects Firefox 26)
 	- icedove <not-affected> (Only affects Firefox 26)
-CVE-2014-1484
+CVE-2014-1484 (Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system- ...)
 	- iceweasel <not-affected> (Only affects Firefox for Android)
 	- icedove <not-affected> (Only affects Firefox for Android)
-CVE-2014-1483
+CVE-2014-1483 (Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote att ...)
 	- iceweasel <not-affected> (Only affects Firefox 26)
 	- icedove <not-affected> (Only affects Firefox 26)
-CVE-2014-1482
+CVE-2014-1482 (RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x befor ...)
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1481
+CVE-2014-1481 (Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird ...)
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1480
+CVE-2014-1480 (The file-download implementation in Mozilla Firefox before 27.0 and Se ...)
 	- iceweasel <not-affected> (Only affects Firefox 26)
 	- icedove <not-affected> (Only affects Firefox 26)
-CVE-2014-1479
+CVE-2014-1479 (The System Only Wrapper (SOW) implementation in Mozilla Firefox before ...)
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1478
+CVE-2014-1478 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox 26)
 	- icedove <not-affected> (Only affects Firefox 26)
-CVE-2014-1477
+CVE-2014-1477 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
-CVE-2014-1474
+CVE-2014-1474 (Algorithmic complexity vulnerability in Email::Address::List before 0. ...)
 	- libemail-address-list-perl 0.03-1
 	NOTE: http://lists.bestpractical.com/pipermail/rt-announce/2014-January/000245.html
-CVE-2014-1642
+CVE-2014-1642 (The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough an ...)
 	- xen 4.4.0-1
 	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/01/23/2
-CVE-2014-1640
+CVE-2014-1640 (axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe tem ...)
 	- axiom 20120501-17 (low; bug #736358)
 	[squeeze] - axiom <no-dsa> (Minor issue)
 	[wheezy] - axiom <no-dsa> (Minor issue)
-CVE-2014-1639
+CVE-2014-1639 (syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mk ...)
 	- syncevolution 1.3.99.7-1 (unimportant; bug #736357)
 	NOTE: Only exploitable during build time
-CVE-2014-1638
+CVE-2014-1638 ((1) debian/postrm and (2) debian/localepurge.config in localepurge bef ...)
 	- localepurge 0.7.3.2 (bug #736359)
 	[squeeze] - localepurge 0.6.2+nmu1+squeeze1
 	[wheezy] - localepurge 0.6.3+deb7u1
-CVE-2014-1626
+CVE-2014-1626 (XML External Entity (XXE) vulnerability in MARC::File::XML module befo ...)
 	- libmarc-xml-perl 1.0.2-1 (bug #736275)
 	[wheezy] - libmarc-xml-perl <no-dsa> (Too intrusive to backport)
 	[squeeze] - libmarc-xml-perl <no-dsa> (Too intrusive to backport)
 	NOTE: http://sourceforge.net/p/marcpm/code/ci/cf2d36597a56eeeffd53b38182b8557c7bf569ac/
 	NOTE: older versions do not have the ability to set a user custom parser, trying to fix CVE-2014-1626 not clear yet
 	NOTE: upstream developer contacted and is looking into it; backport fix might be to intrusive due to change in used Module
-CVE-2014-1624
+CVE-2014-1624 (Race condition in the xdg.BaseDirectory.get_runtime_dir function in py ...)
 	- pyxdg 0.25-4 (low; bug #736247)
 	[squeeze] - pyxdg <not-affected> (get_runtime_dir introduced in later version)
 	[wheezy] - pyxdg <not-affected> (get_runtime_dir introduced in later version)
-CVE-2014-1611
+CVE-2014-1611 (Cross-site scripting (XSS) vulnerability in the Anonymous Posting modu ...)
 	NOT-FOR-US: Drupal contrib
-CVE-2014-1604
+CVE-2014-1604 (The parser cache functionality in parsergenerator.py in RPLY (aka pyth ...)
 	- python-rply 0.7.1-1
 	NOTE: https://github.com/alex/rply/commit/fc9bbcd25b0b4f09bbd6339f710ad24c129d5d7cand
-CVE-2014-1473
+CVE-2014-1473 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Ente ...)
 	NOT-FOR-US: McAfee Vulnerability Manager
-CVE-2014-1472
+CVE-2014-1472 (Multiple cross-site scripting (XSS) vulnerabilities in the Enterprise  ...)
 	NOT-FOR-US: McAfee Vulnerability Manager
-CVE-2014-1471
+CVE-2014-1471 (SQL injection vulnerability in the StateGetStatesByType function in Ke ...)
 	{DSA-2867-1}
 	- otrs2 3.3.4-1 (low)
 	NOTE: https://www.otrs.com/security-advisory-2014-02-sql-injection-issue/
 CVE-2014-1470
 	REJECTED
-CVE-2014-1469
+CVE-2014-1469 (BlackBerry Enterprise Server 5.x before 5.0.4 MR7 and Enterprise Servi ...)
 	NOT-FOR-US: BlackBerry Enterprise Server
 CVE-2014-1468
 	RESERVED
-CVE-2014-1467
+CVE-2014-1467 (BlackBerry Enterprise Service 10 before 10.2.1, Universal Device Servi ...)
 	NOT-FOR-US: IBM Domino
-CVE-2014-1466
+CVE-2014-1466 (SQL injection vulnerability in CSP MySQL User Manager 2.3 allows remot ...)
 	NOT-FOR-US: CSP MySQL User Manager
 CVE-2014-1465
 	RESERVED
@@ -22678,19 +22678,19 @@ CVE-2014-1461
 	RESERVED
 CVE-2014-1460
 	RESERVED
-CVE-2014-1459
+CVE-2014-1459 (SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2  ...)
 	NOT-FOR-US: doorGets CMS
-CVE-2014-1458
+CVE-2014-1458 (Cross-site scripting (XSS) vulnerability in the web administration int ...)
 	NOT-FOR-US: FortiGuard FortiWeb
-CVE-2014-1457
+CVE-2014-1457 (Open Web Analytics (OWA) before 1.5.6 improperly generates random nonc ...)
 	NOT-FOR-US: Open Web Analytics
-CVE-2014-1456
+CVE-2014-1456 (Cross-site scripting (XSS) vulnerability in the login page in Open Web ...)
 	NOT-FOR-US: Open Web Analytics
-CVE-2014-1455
+CVE-2014-1455 (SQL injection vulnerability in the password reset functionality in Pea ...)
 	NOT-FOR-US: Pearson eSIS Enterprise Student Information System
 CVE-2014-1454
 	RESERVED
-CVE-2014-1453
+CVE-2014-1453 (The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not acquir ...)
 	{DSA-2952-1}
 	- kfreebsd-8 <removed>
 	[wheezy] - kfreebsd-8 <no-dsa> (Non standard kernel, will be fixed in a point update)
@@ -22698,23 +22698,23 @@ CVE-2014-1453
 	- kfreebsd-9 <removed> (bug #743984)
 	- kfreebsd-10 10.0-4
 	NOTE: kfreebsd-8 might be affected but NFS implementation isn't the one used there by default
-CVE-2014-1452
+CVE-2014-1452 (Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in F ...)
 	NOT-FOR-US: bsnmpd
 CVE-2014-1451
 	RESERVED
 CVE-2014-1450
 	RESERVED
-CVE-2014-1449
+CVE-2014-1449 (The Maxthon Cloud Browser application before 4.1.6.2000 for Android al ...)
 	NOT-FOR-US: Maxthon Cloud Browser application for Android
-CVE-2014-1443
+CVE-2014-1443 (Core FTP Server 1.2 before build 515 allows remote authenticated users ...)
 	NOT-FOR-US: Core FTP Server
-CVE-2014-1442
+CVE-2014-1442 (Directory traversal vulnerability in Core FTP Server 1.2 before build  ...)
 	NOT-FOR-US: Core FTP Server
-CVE-2014-1441
+CVE-2014-1441 (Core FTP Server 1.2 before build 515 allows remote attackers to cause  ...)
 	NOT-FOR-US: Core FTP Server
 CVE-2014-1440
 	RESERVED
-CVE-2014-1439
+CVE-2014-1439 (The libxml_disable_entity_loader function in runtime/ext/ext_simplexml ...)
 	NOT-FOR-US: HipHop Virtual Machine for PHP
 CVE-2014-1437
 	REJECTED
@@ -22740,10 +22740,10 @@ CVE-2014-1427
 	RESERVED
 CVE-2014-1426
 	RESERVED
-CVE-2014-1425
+CVE-2014-1425 (cmanager 0.32 does not properly enforce nesting when modifying cgroup  ...)
 	- cgmanager 0.33-3
 	[jessie] - cgmanager 0.33-2+deb8u1
-CVE-2014-1424
+CVE-2014-1424 (apparmor_parser in the apparmor package before 2.8.95~2430-0ubuntu5.1  ...)
 	- apparmor <not-affected> (Vulnerable code only in Ubuntu-specific backport of patch)
 	NOTE: Caused by a patch that was added to the Ubuntu packaging before
 	NOTE: it was taken upstream. The one that was merged upstream (and part
@@ -22754,16 +22754,16 @@ CVE-2014-1423
 	RESERVED
 CVE-2014-1422
 	RESERVED
-CVE-2014-1421
+CVE-2014-1421 (mountall 1.54, as used in Ubuntu 14.10, does not properly handle the u ...)
 	- mountall <not-affected> (partman-efi in jessie uses secure umask, mount in older releases not affected)
 	NOTE: See https://bugs.launchpad.net/ubuntu/+source/partman-efi/+bug/1390183
 	NOTE: and http://www.ubuntu.com/usn/usn-2411-1
 CVE-2014-1420
 	RESERVED
-CVE-2014-1419
+CVE-2014-1419 (Race condition in the power policy functions in policy-funcs in acpi-s ...)
 	{DSA-2984-1 DLA-30-1}
 	- acpi-support 0.142-2
-CVE-2014-1418
+CVE-2014-1418 (Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7  ...)
 	{DSA-2934-1}
 	- python-django 1.6.5-1
 	NOTE: https://www.djangoproject.com/weblog/2014/may/14/security-releases-issued/
@@ -22783,33 +22783,33 @@ CVE-2014-1411
 	RESERVED
 CVE-2014-1410
 	RESERVED
-CVE-2014-1476
+CVE-2014-1476 (The Taxonomy module in Drupal 7.x before 7.26, when upgraded from an e ...)
 	{DSA-2847-1}
 	- drupal6 <not-affected> (Only occurs on Drupal 7 sites which upgraded from Drupal 6 or earlier)
 	- drupal7 7.26-1
-CVE-2014-1475
+CVE-2014-1475 (The OpenID module in Drupal 6.x before 6.30 and 7.x before 7.26 allows ...)
 	{DSA-2851-1 DSA-2847-1}
 	- drupal6 <removed>
 	- drupal7 7.26-1
-CVE-2014-1446
+CVE-2014-1446 (The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kern ...)
 	{DSA-2906-1}
 	- linux 3.12.8-1 (low)
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.54-1
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e3fbf870481eb53b2d3a322d1fc395ad8b367ed
-CVE-2014-1445
+CVE-2014-1445 (The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kerne ...)
 	{DSA-2906-1}
 	- linux 3.12.6-1 (low)
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2b13d06c9584b4eb773f1e80bbaedab9a1c344e1
-CVE-2014-1444
+CVE-2014-1444 (The fst_get_iface function in drivers/net/wan/farsync.c in the Linux k ...)
 	{DSA-2906-1}
 	- linux 3.12.6-1 (low)
 	- linux-2.6 <removed> (low)
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=96b340406724d87e4621284ebac5e059d67b2194
-CVE-2014-1438
+CVE-2014-1438 (The restore_fpu_checking function in arch/x86/include/asm/fpu-internal ...)
 	{DLA-0007-1}
 	- linux 3.12.8-1 (bug #733551)
 	- linux-2.6 <removed>
@@ -22819,7 +22819,7 @@ CVE-2014-1438
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/commit/?id=26bef1318adc1b3a530ecc807ef99346db2aa8b0
 CVE-2014-1448
 	REJECTED
-CVE-2014-1447
+CVE-2014-1447 (Race condition in the virNetServerClientStartKeepAlive function in lib ...)
 	{DSA-2846-1}
 	- libvirt 1.2.1-1 (bug #735676)
 	[squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts)
@@ -22830,7 +22830,7 @@ CVE-2014-1409
 	RESERVED
 CVE-2014-1404
 	RESERVED
-CVE-2014-1403
+CVE-2014-1403 (Cross-site scripting (XSS) vulnerability in name.html in easyXDM befor ...)
 	NOT-FOR-US: easyXDM
 CVE-2014-1397
 	RESERVED
@@ -22844,306 +22844,306 @@ CVE-2014-1393
 	RESERVED
 CVE-2014-1392
 	RESERVED
-CVE-2014-1391
+CVE-2014-1391 (QT Media Foundation in Apple OS X before 10.9.5 allows remote attacker ...)
 	NOT-FOR-US: Apple Quicktime
-CVE-2014-1390
+CVE-2014-1390 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, all ...)
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1389
+CVE-2014-1389 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, all ...)
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1388
+CVE-2014-1388 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, all ...)
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1387
+CVE-2014-1387 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, all ...)
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1386
+CVE-2014-1386 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, all ...)
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1385
+CVE-2014-1385 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, all ...)
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1384
+CVE-2014-1384 (WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, all ...)
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1383
+CVE-2014-1383 (Apple TV before 6.1.2 allows remote authenticated users to bypass an i ...)
 	NOT-FOR-US: Apple TV
-CVE-2014-1382
+CVE-2014-1382 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 a ...)
 	NOT-FOR-US: WebKit
-CVE-2014-1381
+CVE-2014-1381 (Thunderbolt in Apple OS X before 10.9.4 does not properly restrict IOT ...)
 	NOT-FOR-US: Apple OS X Thunderbolt
-CVE-2014-1380
+CVE-2014-1380 (The Security - Keychain component in Apple OS X before 10.9.4 does not ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-1379
+CVE-2014-1379 (Graphics Drivers in Apple OS X before 10.9.4 allows attackers to gain  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-1378
+CVE-2014-1378 (IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to byp ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-1377
+CVE-2014-1377 (Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 a ...)
 	NOT-FOR-US: Apple OS X
-CVE-2014-1376
+CVE-2014-1376 (Intel Compute in Apple OS X before 10.9.4 does not properly restrict a ...)
 	NOT-FOR-US: Apple OS X Intel Compute
-CVE-2014-1375
+CVE-2014-1375 (Intel Graphics Driver in Apple OS X before 10.9.4 allows local users t ...)
 	NOT-FOR-US: Apple OS X Intel Graphics Driver
 CVE-2014-1374
 	REJECTED
-CVE-2014-1373
+CVE-2014-1373 (Intel Graphics Driver in Apple OS X before 10.9.4 does not properly re ...)
 	NOT-FOR-US: Apple OS X Intel Graphics Driver
-CVE-2014-1372
+CVE-2014-1372 (Graphics Driver in Apple OS X before 10.9.4 does not properly restrict ...)
 	NOT-FOR-US: Apple OS X Graphics Driver
-CVE-2014-1371
+CVE-2014-1371 (Array index error in Dock in Apple OS X before 10.9.4 allows attackers ...)
 	NOT-FOR-US: Apple OS X Dock
-CVE-2014-1370
+CVE-2014-1370 (The byte-swapping implementation in copyfile in Apple OS X before 10.9 ...)
 	NOT-FOR-US: Apple
-CVE-2014-1369
+CVE-2014-1369 (WebKit in Apple Safari before 6.1.5 and 7.x before 7.0.5 allows user-a ...)
 	NOT-FOR-US: WebKit
-CVE-2014-1368
+CVE-2014-1368 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 a ...)
 	NOT-FOR-US: WebKit
-CVE-2014-1367
+CVE-2014-1367 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 a ...)
 	NOT-FOR-US: WebKit
-CVE-2014-1366
+CVE-2014-1366 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 a ...)
 	NOT-FOR-US: WebKit
-CVE-2014-1365
+CVE-2014-1365 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 a ...)
 	NOT-FOR-US: WebKit
-CVE-2014-1364
+CVE-2014-1364 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 a ...)
 	NOT-FOR-US: WebKit
-CVE-2014-1363
+CVE-2014-1363 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 a ...)
 	NOT-FOR-US: WebKit
-CVE-2014-1362
+CVE-2014-1362 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 a ...)
 	NOT-FOR-US: WebKit
-CVE-2014-1361
+CVE-2014-1361 (Secure Transport in Apple iOS before 7.1.2, Apple OS X before 10.9.4,  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1360
+CVE-2014-1360 (Lockdown in Apple iOS before 7.1.2 does not properly verify data from  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1359
+CVE-2014-1359 (Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X bef ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1358
+CVE-2014-1358 (Integer overflow in launchd in Apple iOS before 7.1.2, Apple OS X befo ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1357
+CVE-2014-1357 (Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1356
+CVE-2014-1356 (Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1355
+CVE-2014-1355 (The IOKit implementation in the kernel in Apple iOS before 7.1.2 and A ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1354
+CVE-2014-1354 (CoreGraphics in Apple iOS before 7.1.2 does not properly restrict allo ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1353
+CVE-2014-1353 (Lock Screen in Apple iOS before 7.1.2 does not properly manage the tel ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1352
+CVE-2014-1352 (Lock Screen in Apple iOS before 7.1.2 does not properly enforce the li ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1351
+CVE-2014-1351 (Siri in Apple iOS before 7.1.2 allows physically proximate attackers t ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1350
+CVE-2014-1350 (Settings in Apple iOS before 7.1.2 allows physically proximate attacke ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1349
+CVE-2014-1349 (Use-after-free vulnerability in Safari in Apple iOS before 7.1.2 allow ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1348
+CVE-2014-1348 (Mail in Apple iOS before 7.1.2 advertises the availability of data pro ...)
 	NOT-FOR-US: Apple iOS
-CVE-2014-1347
+CVE-2014-1347 (Apple iTunes before 11.2.1 on OS X sets world-writable permissions for ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2014-1346
+CVE-2014-1346 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, doe ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1345
+CVE-2014-1345 (WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x ...)
 	- webkitgtk 2.4.8-1 (unimportant)
-CVE-2014-1344
+CVE-2014-1344 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1343
+CVE-2014-1343 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1342
+CVE-2014-1342 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1341
+CVE-2014-1341 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1340
+CVE-2014-1340 (WebKit, as used in Apple Safari before 6.1.5 and 7.x before 7.0.5, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1339
+CVE-2014-1339 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1338
+CVE-2014-1338 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1337
+CVE-2014-1337 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1336
+CVE-2014-1336 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1335
+CVE-2014-1335 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1334
+CVE-2014-1334 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1333
+CVE-2014-1333 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2014-1332
 	REJECTED
-CVE-2014-1331
+CVE-2014-1331 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1330
+CVE-2014-1330 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1329
+CVE-2014-1329 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2014-1328
 	REJECTED
-CVE-2014-1327
+CVE-2014-1327 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1326
+CVE-2014-1326 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1325
+CVE-2014-1325 (WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 a ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1324
+CVE-2014-1324 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1323
+CVE-2014-1323 (WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, all ...)
 	NOT-FOR-US: Safari / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1322
+CVE-2014-1322 (The kernel in Apple OS X through 10.9.2 places a kernel pointer into a ...)
 	NOT-FOR-US: Apple
-CVE-2014-1321
+CVE-2014-1321 (Power Management in Apple OS X 10.9.x through 10.9.2 allows physically ...)
 	NOT-FOR-US: Apple
-CVE-2014-1320
+CVE-2014-1320 (IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple  ...)
 	NOT-FOR-US: Apple
-CVE-2014-1319
+CVE-2014-1319 (Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows  ...)
 	NOT-FOR-US: Apple
-CVE-2014-1318
+CVE-2014-1318 (The Intel Graphics Driver in Apple OS X through 10.9.2 does not proper ...)
 	NOT-FOR-US: Apple
-CVE-2014-1317
+CVE-2014-1317 (iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credential ...)
 	NOT-FOR-US: Apple
-CVE-2014-1316
+CVE-2014-1316 (Heimdal, as used in Apple OS X through 10.9.2, allows remote attackers ...)
 	NOT-FOR-US: Apple
-CVE-2014-1315
+CVE-2014-1315 (Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9. ...)
 	NOT-FOR-US: Apple
-CVE-2014-1314
+CVE-2014-1314 (WindowServer in Apple OS X through 10.9.2 does not prevent session cre ...)
 	NOT-FOR-US: Apple
-CVE-2014-1313
+CVE-2014-1313 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1312
+CVE-2014-1312 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1311
+CVE-2014-1311 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1310
+CVE-2014-1310 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1309
+CVE-2014-1309 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1308
+CVE-2014-1308 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1307
+CVE-2014-1307 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2014-1306
 	REJECTED
-CVE-2014-1305
+CVE-2014-1305 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1304
+CVE-2014-1304 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1303
+CVE-2014-1303 (Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attacke ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1302
+CVE-2014-1302 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1301
+CVE-2014-1301 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1300
+CVE-2014-1300 (Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1299
+CVE-2014-1299 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1298
+CVE-2014-1298 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1297
+CVE-2014-1297 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, doe ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1296
+CVE-2014-1296 (CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Ap ...)
 	NOT-FOR-US: Apple
-CVE-2014-1295
+CVE-2014-1295 (Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9 ...)
 	NOT-FOR-US: Apple
-CVE-2014-1294
+CVE-2014-1294 (WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allow ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1293
+CVE-2014-1293 (WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allow ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1292
+CVE-2014-1292 (WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allow ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1291
+CVE-2014-1291 (WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allow ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1290
+CVE-2014-1290 (WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allow ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1289
+CVE-2014-1289 (WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allow ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2014-1288
 	REJECTED
-CVE-2014-1287
+CVE-2014-1287 (USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physic ...)
 	NOT-FOR-US: Apple
-CVE-2014-1286
+CVE-2014-1286 (SpringBoard Lock Screen in Apple iOS before 7.1 allows remote attacker ...)
 	NOT-FOR-US: SpringBoard Lock Screen in Apple iOS
-CVE-2014-1285
+CVE-2014-1285 (Springboard in Apple iOS before 7.1 allows physically proximate attack ...)
 	NOT-FOR-US: Springboard in Apple iOS
 CVE-2014-1284
 	REJECTED
 CVE-2014-1283
 	REJECTED
-CVE-2014-1282
+CVE-2014-1282 (The Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 ...)
 	NOT-FOR-US: Apple
-CVE-2014-1281
+CVE-2014-1281 (Photos Backend in Apple iOS before 7.1 does not properly manage the as ...)
 	NOT-FOR-US: Photos Backend in Apple iOS
-CVE-2014-1280
+CVE-2014-1280 (Video Driver in Apple iOS before 7.1 and Apple TV before 6.1 allows re ...)
 	NOT-FOR-US: Apple
-CVE-2014-1279
+CVE-2014-1279 (Apple TV before 6.1 does not properly restrict logging, which allows l ...)
 	NOT-FOR-US: Apple TV
-CVE-2014-1278
+CVE-2014-1278 (The ptmx_get_ioctl function in the ARM kernel in Apple iOS before 7.1  ...)
 	NOT-FOR-US: Apple
 CVE-2014-1277
 	REJECTED
-CVE-2014-1276
+CVE-2014-1276 (IOKit HID Event in Apple iOS before 7.1 allows attackers to conduct us ...)
 	NOT-FOR-US: IOKit HID Event in Apple iOS
-CVE-2014-1275
+CVE-2014-1275 (Buffer overflow in ImageIO in Apple iOS before 7.1 and Apple TV before ...)
 	NOT-FOR-US: Apple
-CVE-2014-1274
+CVE-2014-1274 (FaceTime in Apple iOS before 7.1 allows physically proximate attackers ...)
 	NOT-FOR-US: FaceTime in Apple iOS
-CVE-2014-1273
+CVE-2014-1273 (dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers  ...)
 	NOT-FOR-US: Apple
-CVE-2014-1272
+CVE-2014-1272 (CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple ...)
 	NOT-FOR-US: Apple
-CVE-2014-1271
+CVE-2014-1271 (CoreCapture in Apple iOS before 7.1 and Apple TV before 6.1 does not p ...)
 	NOT-FOR-US: Apple
-CVE-2014-1270
+CVE-2014-1270 (WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1269
+CVE-2014-1269 (WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1268
+CVE-2014-1268 (WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, all ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2014-1267
+CVE-2014-1267 (The Configuration Profiles component in Apple iOS before 7.1 and Apple ...)
 	NOT-FOR-US: Apple
-CVE-2014-1266
+CVE-2014-1266 (The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/s ...)
 	NOT-FOR-US: Apple
-CVE-2014-1265
+CVE-2014-1265 (The systemsetup program in the Date and Time subsystem in Apple OS X b ...)
 	NOT-FOR-US: Apple
-CVE-2014-1264
+CVE-2014-1264 (Finder in Apple OS X before 10.9.2 does not ensure ACL integrity after ...)
 	NOT-FOR-US: Apple
-CVE-2014-1263
+CVE-2014-1263 (curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport ...)
 	- curl <not-affected> (Only applies to Curl on Mac OS or iOS)
 	NOTE: http://curl.haxx.se/docs/adv_20140326C.html
-CVE-2014-1262
+CVE-2014-1262 (Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers ...)
 	NOT-FOR-US: Apple
-CVE-2014-1261
+CVE-2014-1261 (Integer signedness error in CoreText in Apple OS X before 10.9.2 allow ...)
 	NOT-FOR-US: Apple
-CVE-2014-1260
+CVE-2014-1260 (QuickLook in Apple OS X through 10.8.5 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2014-1259
+CVE-2014-1259 (Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows at ...)
 	NOT-FOR-US: Apple
-CVE-2014-1258
+CVE-2014-1258 (Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9. ...)
 	NOT-FOR-US: Apple
-CVE-2014-1257
+CVE-2014-1257 (CFNetwork in Apple OS X through 10.8.5 does not remove session cookies ...)
 	NOT-FOR-US: Apple
-CVE-2014-1256
+CVE-2014-1256 (Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9 ...)
 	NOT-FOR-US: Apple
-CVE-2014-1255
+CVE-2014-1255 (Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properl ...)
 	NOT-FOR-US: Apple
-CVE-2014-1254
+CVE-2014-1254 (Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote at ...)
 	NOT-FOR-US: Apple
-CVE-2014-1253
+CVE-2014-1253 (AppleMNT.sys in Apple Boot Camp 5 before 5.1 allows local users to cau ...)
 	NOT-FOR-US: Apple Boot Camp
-CVE-2014-1252
+CVE-2014-1252 (Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before ...)
 	NOT-FOR-US: Apple Pages
-CVE-2014-1251
+CVE-2014-1251 (Buffer overflow in Apple QuickTime before 7.7.5 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1250
+CVE-2014-1250 (Apple QuickTime before 7.7.5 does not properly perform a byte-swapping ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1249
+CVE-2014-1249 (Buffer overflow in Apple QuickTime before 7.7.5 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1248
+CVE-2014-1248 (Buffer overflow in Apple QuickTime before 7.7.5 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1247
+CVE-2014-1247 (Apple QuickTime before 7.7.5 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1246
+CVE-2014-1246 (Buffer overflow in Apple QuickTime before 7.7.5 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1245
+CVE-2014-1245 (Integer signedness error in Apple QuickTime before 7.7.5 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1244
+CVE-2014-1244 (Buffer overflow in Apple QuickTime before 7.7.5 allows remote attacker ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1243
+CVE-2014-1243 (Apple QuickTime before 7.7.5 does not initialize an unspecified pointe ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2014-1242
+CVE-2014-1242 (Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials window,  ...)
 	NOT-FOR-US: Apple iTunes
 CVE-2014-1241
 	RESERVED
@@ -23154,9 +23154,9 @@ CVE-2014-1239
 CVE-2014-1238
 	RESERVED
 	NOT-FOR-US: Q-Pulse
-CVE-2014-1237
+CVE-2014-1237 (Cross-site scripting (XSS) vulnerability in synetics i-doit pro before ...)
 	NOT-FOR-US: i-doit
-CVE-2014-1232
+CVE-2014-1232 (Cross-site scripting (XSS) vulnerability in the Foliopress WYSIWYG plu ...)
 	NOT-FOR-US: Foliopress
 CVE-2014-1231
 	RESERVED
@@ -23168,18 +23168,18 @@ CVE-2014-1228
 	RESERVED
 CVE-2014-1227
 	RESERVED
-CVE-2014-1226
+CVE-2014-1226 (The pipe_init_terminal function in main.c in s3dvt allows local users  ...)
 	- s3d 0.2.2-13 (unimportant)
 	NOTE: http://hmarco.org/bugs/CVE-2014-1226-s3dvt_0.2.2-root-shell.html
 	NOTE: Additional patch hunk applied in 0.2.2-11 (experimental) only
 	NOTE: Not running with elevated privileges in Debian packaging
 CVE-2014-1225
 	RESERVED
-CVE-2014-1224
+CVE-2014-1224 (Incomplete blacklist vulnerability in the user registration feature in ...)
 	NOT-FOR-US: rexx Recruitment
-CVE-2014-1223
+CVE-2014-1223 (Cross-site scripting (XSS) vulnerability in controlpanel/loading.aspx  ...)
 	NOT-FOR-US: Telligent Evolution
-CVE-2014-1222
+CVE-2014-1222 (Directory traversal vulnerability in kcfinder/browse.php in Vtiger CRM ...)
 	NOT-FOR-US: vTiger CRM
 CVE-2014-1221
 	RESERVED
@@ -23187,217 +23187,217 @@ CVE-2014-1221
 CVE-2014-1220
 	RESERVED
 	NOT-FOR-US: IT2 Workstation
-CVE-2014-1219
+CVE-2014-1219 (CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID ...)
 	NOT-FOR-US: 2E Web Option
 CVE-2014-1218
 	RESERVED
-CVE-2014-1217
+CVE-2014-1217 (Livetecs Timelive before 6.2.8 does not properly restrict access to sy ...)
 	NOT-FOR-US: Livetecs Timelive
-CVE-2014-1216
+CVE-2014-1216 (FitNesse Wiki 20131110, 20140201, and earlier allows remote attackers  ...)
 	NOT-FOR-US: Fitnesse Wiki
-CVE-2014-1215
+CVE-2014-1215 (Multiple buffer overflows in Core FTP Server before 1.2 build 508 allo ...)
 	NOT-FOR-US: Core FTP Server
 CVE-2014-1214
 	RESERVED
 	NOT-FOR-US: Projoom NovaSFH Plugin
-CVE-2014-1213
+CVE-2014-1213 (Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9. ...)
 	NOT-FOR-US: Sophos Anti Virus
 CVE-2014-1212
 	RESERVED
-CVE-2014-1211
+CVE-2014-1211 (Cross-site request forgery (CSRF) vulnerability in VMware vCloud Direc ...)
 	NOT-FOR-US: VMWare
-CVE-2014-1210
+CVE-2014-1210 (VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does ...)
 	NOT-FOR-US: VMware vSphere Client
-CVE-2014-1209
+CVE-2014-1209 (VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Up ...)
 	NOT-FOR-US: VMware vSphere Client
-CVE-2014-1208
+CVE-2014-1208 (VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, V ...)
 	NOT-FOR-US: VMWare
-CVE-2014-1207
+CVE-2014-1207 (VMware ESXi 4.0 through 5.1 and ESX 4.0 and 4.1 allow remote attackers ...)
 	NOT-FOR-US: VMWare
-CVE-2014-1206
+CVE-2014-1206 (SQL injection vulnerability in the password reset page in Open Web Ana ...)
 	NOT-FOR-US: Open Web Analytics
 CVE-2014-1205
 	RESERVED
-CVE-2014-1204
+CVE-2014-1204 (SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8 ...)
 	NOT-FOR-US: Tableau Server
-CVE-2014-1202
+CVE-2014-1202 (The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remot ...)
 	NOT-FOR-US: SoapUI
-CVE-2014-1201
+CVE-2014-1201 (Buffer overflow in the INetViewX ActiveX control in the Lorex Edge LH3 ...)
 	NOT-FOR-US: Lorex
-CVE-2014-0999
+CVE-2014-0999 (Sendio before 7.2.4 includes the session identifier in URLs in emails, ...)
 	NOT-FOR-US: Sendio
-CVE-2014-0998
+CVE-2014-0998 (Integer signedness error in the vt console driver (formerly Newcons) i ...)
 	[experimental] - kfreebsd-11 11.0~svn284956-1
 	- kfreebsd-10 10.1~svn274115-3 (bug #779194)
 	- kfreebsd-9 <not-affected> (don't have newcons)
 	- kfreebsd-8 <not-affected> (don't have newcons)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-15:02.kmem.asc
-CVE-2014-0997
+CVE-2014-0997 (WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2 ...)
 	NOT-FOR-US: WiFiMonitor in Android
 CVE-2014-0996
 	RESERVED
-CVE-2014-0995
+CVE-2014-0995 (The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and earlier ...)
 	NOT-FOR-US: SAP Netweaver
-CVE-2014-0994
+CVE-2014-0994 (Heap-based buffer overflow in the ReadDIB function in the Vcl.Graphics ...)
 	NOT-FOR-US: Delphi
-CVE-2014-0993
+CVE-2014-0993 (Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in  ...)
 	NOT-FOR-US: Embarcadero
-CVE-2014-0992
+CVE-2014-0992 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0991
+CVE-2014-0991 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0990
+CVE-2014-0990 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0989
+CVE-2014-0989 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0988
+CVE-2014-0988 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0987
+CVE-2014-0987 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0986
+CVE-2014-0986 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0985
+CVE-2014-0985 (Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0984
+CVE-2014-0984 (The passwordCheck function in SAP Router 721 patch 117, 720 patch 411, ...)
 	NOT-FOR-US: SAP Router
-CVE-2014-0983
+CVE-2014-0983 (Multiple array index errors in programs that are automatically generat ...)
 	{DSA-2904-1}
 	- virtualbox 4.3.10-dfsg-1 (bug #741602)
 	- virtualbox-ose <removed> (bug #741602)
 	NOTE: http://www.coresecurity.com/advisories/oracle-virtualbox-3d-acceleration-multiple-memory-corruption-vulnerabilities
 CVE-2014-0982
 	REJECTED
-CVE-2014-0981
+CVE-2014-0981 (VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4 ...)
 	{DSA-2904-1}
 	- virtualbox 4.3.10-dfsg-1 (bug #741602)
 	- virtualbox-ose <removed> (bug #741602)
 	NOTE: http://www.coresecurity.com/advisories/oracle-virtualbox-3d-acceleration-multiple-memory-corruption-vulnerabilities
-CVE-2014-0980
+CVE-2014-0980 (Buffer overflow in Poster Software PUBLISH-iT 3.6d allows remote attac ...)
 	NOT-FOR-US: Publish-It
 CVE-2014-0976
 	RESERVED
 CVE-2014-0975
 	RESERVED
-CVE-2014-0974
+CVE-2014-0974 (The boot_linux_from_mmc function in app/aboot/aboot.c in the Little Ke ...)
 	NOT-FOR-US: Little Kernel (bootloader)
-CVE-2014-0973
+CVE-2014-0973 (The image_verify function in platform/msm_shared/image_verify.c in the ...)
 	NOT-FOR-US: Little Kernel (bootloader)
-CVE-2014-0972
+CVE-2014-0972 (The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm ...)
 	- linux <not-affected> (affects drivers/gpu/msm, not merged in mainline)
-CVE-2014-1408
+CVE-2014-1408 (The Conceptronic C54APM access point with runtime code 1.26 has a defa ...)
 	NOT-FOR-US: Conceptronic C54APM access point
-CVE-2014-1407
+CVE-2014-1407 (Multiple cross-site scripting (XSS) vulnerabilities on the Conceptroni ...)
 	NOT-FOR-US: Conceptronic C54APM access point
-CVE-2014-1406
+CVE-2014-1406 (CRLF injection vulnerability in goform/formWlSiteSurvey on the Concept ...)
 	NOT-FOR-US: Conceptronic C54APM access point
-CVE-2014-1405
+CVE-2014-1405 (Multiple open redirect vulnerabilities on the Conceptronic C54APM acce ...)
 	NOT-FOR-US: Conceptronic C54APM access point
-CVE-2014-1402
+CVE-2014-1402 (The default configuration for bccache.FileSystemBytecodeCache in Jinja ...)
 	- jinja2 2.7.2-1 (low; bug #734747)
 	[squeeze] - jinja2 <no-dsa> (Minor issue)
 	[wheezy] - jinja2 <no-dsa> (Minor issue)
 	NOTE: 2.7.2 does not create safely temporary files, new CVE-2014-0012 was assigned for this issue
-CVE-2014-1401
+CVE-2014-1401 (Multiple SQL injection vulnerabilities in AuraCMS 2.3 and earlier allo ...)
 	NOT-FOR-US: AuraCMS
-CVE-2014-1400
+CVE-2014-1400 (The entity_access API in the Entity API module 7.x-1.x before 7.x-1.3  ...)
 	NOT-FOR-US: Drupal 7 Entity module
-CVE-2014-1399
+CVE-2014-1399 (The entity wrapper access API in the Entity API module 7.x-1.x before  ...)
 	NOT-FOR-US: Drupal 7 Entity module
-CVE-2014-1398
+CVE-2014-1398 (The entity wrapper access API in the Entity API module 7.x-1.x before  ...)
 	NOT-FOR-US: Drupal 7 Entity module
-CVE-2014-1236
+CVE-2014-1236 (Stack-based buffer overflow in the chkNum function in lib/cgraph/scan. ...)
 	{DSA-2843-1}
 	- graphviz 2.26.3-16.1 (bug #734745)
 	NOTE: fix: https://github.com/ellson/graphviz/commit/1d1bdec6318746f6f19f245db589eddc887ae8ff
-CVE-2014-1235
+CVE-2014-1235 (Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34 ...)
 	- graphviz 2.26.3-16.1 (bug #734745)
 	[wheezy] - graphviz <not-affected> (CVE for additional buffer overflow introduced by 7aaddf52cd98589fb0c3ab72a393f8411838438a)
 	[squeeze] - graphviz <not-affected> (CVE for additional buffer overflow introduced by 7aaddf52cd98589fb0c3ab72a393f8411838438a)
 	NOTE: CVE is for buffer overflow introduced by applying only 7aaddf52cd98589fb0c3ab72a393f8411838438a
 	NOTE: fix: https://github.com/ellson/graphviz/commit/d266bb2b4154d11c27252b56d86963aef4434750
-CVE-2014-1234
+CVE-2014-1234 (The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obta ...)
 	NOT-FOR-US: Paratrooper Newrelic Ruby Gem
-CVE-2014-1233
+CVE-2014-1233 (The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtai ...)
 	NOT-FOR-US: Paratrooper Pingdom Ruby Gem
-CVE-2014-1203
+CVE-2014-1203 (The get_login_ip_config_file function in Eyou Mail System before 3.6 a ...)
 	NOT-FOR-US: Eyou Mail System
-CVE-2014-0979
+CVE-2014-0979 (The start_authentication function in lightdm-gtk-greeter.c in LightDM  ...)
 	- lightdm-gtk-greeter 1.6.1-5 (bug #734472)
 	NOTE: https://bugs.launchpad.net/lightdm-gtk-greeter/+bug/1266449
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=857303
 	[wheezy] - lightdm-gtk-greeter <not-affected> (in Wheezy, lightdm restarts when the greeter crashes, so there's no DoS)
-CVE-2014-0978
+CVE-2014-0978 (Stack-based buffer overflow in the yyerror function in lib/cgraph/scan ...)
 	{DSA-2843-1}
 	- graphviz 2.26.3-16 (bug #734745)
 	NOTE: https://github.com/ellson/graphviz/commit/7aaddf52cd98589fb0c3ab72a393f8411838438a
 	NOTE: additional commit required (new CVE-2014-1235): https://github.com/ellson/graphviz/commit/d266bb2b4154d11c27252b56d86963aef4434750
 	NOTE: see: https://bugzilla.redhat.com/show_bug.cgi?id=1049165#c6
-CVE-2014-0977
+CVE-2014-0977 (Cross-site scripting (XSS) vulnerability in the Rich Text Editor in Mo ...)
 	{DSA-2841-1}
 	- movabletype-opensource 5.2.9+dfsg-1 (bug #734304)
 CVE-2014-0971
 	RESERVED
-CVE-2014-0970
+CVE-2014-0970 (The GDS component in IBM InfoSphere Master Data Management - Collabora ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-0969
+CVE-2014-0969 (Cross-site request forgery (CSRF) vulnerability in the GDS component i ...)
 	NOT-FOR-US: IBM
-CVE-2014-0968
+CVE-2014-0968 (Cross-site scripting (XSS) vulnerability in the GDS component in IBM I ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-0967
+CVE-2014-0967 (Cross-site scripting (XSS) vulnerability in the GDS component in IBM I ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-0966
+CVE-2014-0966 (SQL injection vulnerability in the GDS component in IBM InfoSphere Mas ...)
 	NOT-FOR-US: IBM
-CVE-2014-0965
+CVE-2014-0965 (IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x be ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-0964
+CVE-2014-0964 (IBM WebSphere Application Server (WAS) 6.1.0.0 through 6.1.0.47 and 6. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-0963
+CVE-2014-0963 (The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IB ...)
 	NOT-FOR-US: IBM Global Security Kit
 CVE-2014-0962
 	RESERVED
-CVE-2014-0961
+CVE-2014-0961 (Cross-site request forgery (CSRF) vulnerability in IBM Tivoli Identity ...)
 	NOT-FOR-US: IBM Tivoli Identity Manager
-CVE-2014-0960
+CVE-2014-0960 (IBM PureApplication System 1.0 before 1.0.0.4 cfix8 and 1.1 before 1.1 ...)
 	NOT-FOR-US: IBM PureApplication System
-CVE-2014-0959
+CVE-2014-0959 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0958
+CVE-2014-0958 (Open redirect vulnerability in IBM WebSphere Portal 6.1.0 through 6.1. ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0957
+CVE-2014-0957 (Cross-site scripting (XSS) vulnerability in IBM Business Process Manag ...)
 	NOT-FOR-US: IBM
-CVE-2014-0956
+CVE-2014-0956 (Cross-site scripting (XSS) vulnerability in googlemap.jsp in IBM WebSp ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0955
+CVE-2014-0955 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0 b ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0954
+CVE-2014-0954 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0953
+CVE-2014-0953 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0952
+CVE-2014-0952 (Cross-site scripting (XSS) vulnerability in boot_config.jsp in IBM Web ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0951
+CVE-2014-0951 (Cross-site scripting (XSS) vulnerability in FilterForm.jsp in IBM WebS ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0950
+CVE-2014-0950 (Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM S ...)
 	NOT-FOR-US: IBM
-CVE-2014-0949
+CVE-2014-0949 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0948
+CVE-2014-0948 (Unspecified vulnerability in IBM Rational Software Architect Design Ma ...)
 	NOT-FOR-US: IBM Rational Software Architect Design
-CVE-2014-0947
+CVE-2014-0947 (Unspecified vulnerability in the server in IBM Rational Software Archi ...)
 	NOT-FOR-US: IBM Rational Software Architect Design
-CVE-2014-0946
+CVE-2014-0946 (The RES Console in Rule Execution Server in IBM Operational Decision M ...)
 	NOT-FOR-US: IBM
-CVE-2014-0945
+CVE-2014-0945 (Cross-site scripting (XSS) vulnerability in the RES Console in Rule Ex ...)
 	NOT-FOR-US: IBM
-CVE-2014-0944
+CVE-2014-0944 (Cross-site request forgery (CSRF) vulnerability in the RES Console in  ...)
 	NOT-FOR-US: IBM
-CVE-2014-0943
+CVE-2014-0943 (IBM WebSphere Commerce 6.0 Feature Pack 2 through Feature Pack 5, 7.0. ...)
 	NOT-FOR-US: IBM WebSphere Commerce
-CVE-2014-0942
+CVE-2014-0942 (Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventVi ...)
 	NOT-FOR-US: IBM Netcool
-CVE-2014-0941
+CVE-2014-0941 (Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventVi ...)
 	NOT-FOR-US: IBM Netcool
-CVE-2014-0940
+CVE-2014-0940 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Serv ...)
 	NOT-FOR-US: IBM Tivoli
 CVE-2014-0939
 	RESERVED
@@ -23405,275 +23405,275 @@ CVE-2014-0938
 	RESERVED
 CVE-2014-0937
 	RESERVED
-CVE-2014-0936
+CVE-2014-0936 (IBM Security AppScan Source 8.0 through 9.0, when the publish-assessme ...)
 	NOT-FOR-US: IBM Security AppScan
-CVE-2014-0935
+CVE-2014-0935 (Unspecified vulnerability in IBM Smart Analytics System 7700 before FP ...)
 	NOT-FOR-US: IBM Smart Analytics System
 CVE-2014-0934
 	RESERVED
-CVE-2014-0933
+CVE-2014-0933 (Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Info ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0932
+CVE-2014-0932 (Cross-site scripting (XSS) vulnerability in IBM Sterling Order Managem ...)
 	NOT-FOR-US: IBM
-CVE-2014-0931
+CVE-2014-0931 (Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN ...)
 	NOT-FOR-US: IBM
-CVE-2014-0930
+CVE-2014-0930 (The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, a ...)
 	NOT-FOR-US: IBM AIX
-CVE-2014-0929
+CVE-2014-0929 (Cross-site request forgery (CSRF) vulnerability in the Profiles compon ...)
 	NOT-FOR-US: IBM Connections
 CVE-2014-0928
 	RESERVED
-CVE-2014-0927
+CVE-2014-0927 (The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 a ...)
 	NOT-FOR-US: IBM
 CVE-2014-0926
 	RESERVED
-CVE-2014-0925
+CVE-2014-0925 (Open redirect vulnerability in IBM Sterling Control Center 5.4.0 befor ...)
 	NOT-FOR-US: IBM Sterling Control Center
-CVE-2014-0924
+CVE-2014-0924 (IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 does not verify th ...)
 	NOT-FOR-US: IBM MessageSight
-CVE-2014-0923
+CVE-2014-0923 (IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 allows remote atta ...)
 	NOT-FOR-US: IBM MessageSight
-CVE-2014-0922
+CVE-2014-0922 (IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 allows remote atta ...)
 	NOT-FOR-US: IBM MessageSight
-CVE-2014-0921
+CVE-2014-0921 (The server in IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 allo ...)
 	NOT-FOR-US: IBM MessageSight
-CVE-2014-0920
+CVE-2014-0920 (IBM SPSS Analytic Server 1.0 before IF002 and 1.0.1 before IF004 logs  ...)
 	NOT-FOR-US: IBM SPSS Analytic Server
-CVE-2014-0919
+CVE-2014-0919 (IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords  ...)
 	NOT-FOR-US: IBM DB2
-CVE-2014-0918
+CVE-2014-0918 (Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in ...)
 	NOT-FOR-US: IBM Eclipse Help System
-CVE-2014-0917
+CVE-2014-0917 (Cross-site scripting (XSS) vulnerability in IBM Eclipse Help System (I ...)
 	NOT-FOR-US: IBM Eclipse Help System
 CVE-2014-0916
 	RESERVED
-CVE-2014-0915
+CVE-2014-0915 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asse ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-0914
+CVE-2014-0914 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-0913
+CVE-2014-0913 (Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5. ...)
 	NOT-FOR-US: IBM iNotes
-CVE-2014-0912
+CVE-2014-0912 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1  ...)
 	NOT-FOR-US: IBM
-CVE-2014-0911
+CVE-2014-0911 (inetd in IBM WebSphere MQ 7.1.x before 7.1.0.5 and 7.5.x before 7.5.0. ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2014-0910
+CVE-2014-0910 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0909
+CVE-2014-0909 (The Administration and Reporting Tool in IBM Rational License Key Serv ...)
 	NOT-FOR-US: IBM
-CVE-2014-0908
+CVE-2014-0908 (The User Attribute implementation in IBM Business Process Manager (BPM ...)
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2014-0907
+CVE-2014-0907 (Multiple untrusted search path vulnerabilities in unspecified (1) setu ...)
 	NOT-FOR-US: IBM DB2
-CVE-2014-0906
+CVE-2014-0906 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2014-0905
+CVE-2014-0905 (IBM InfoSphere BigInsights 2.0 through 2.1.2 does not set the secure f ...)
 	NOT-FOR-US: IBM
-CVE-2014-0904
+CVE-2014-0904 (The update process in IBM Security AppScan Standard 7.9 through 8.8 do ...)
 	NOT-FOR-US: IBM Security AppScan Standard
 CVE-2014-0903
 	RESERVED
 CVE-2014-0902
 	RESERVED
-CVE-2014-0901
+CVE-2014-0901 (Cross-site scripting (XSS) vulnerability in the Social Rendering imple ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0900
+CVE-2014-0900 (The Device Administrator code in Android before 4.4.1_r1 might allow a ...)
 	NOT-FOR-US: Android
-CVE-2014-0899
+CVE-2014-0899 (ftpd in IBM AIX 7.1.1 before SP10 and 7.1.2 before SP5, when a Workloa ...)
 	NOT-FOR-US: IBM AIX
 CVE-2014-0898
 	RESERVED
-CVE-2014-0897
+CVE-2014-0897 (The Configuration Patterns component in IBM Flex System Manager (FSM)  ...)
 	NOT-FOR-US: IBM
-CVE-2014-0896
+CVE-2014-0896 (IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before 8. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-0895
+CVE-2014-0895 (Buffer overflow in the vsflex8l ActiveX control in IBM SPSS SamplePowe ...)
 	NOT-FOR-US: IBM SPSS
-CVE-2014-0894
+CVE-2014-0894 (RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before  ...)
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0893
+CVE-2014-0893 (Cross-site scripting (XSS) vulnerability in customreport.jsp in IBM Ma ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-0892
+CVE-2014-0892 (IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 F ...)
 	NOT-FOR-US: IBM
-CVE-2014-0891
+CVE-2014-0891 (IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x be ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-0890
+CVE-2014-0890 (The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5 ...)
 	NOT-FOR-US: IBM Sametime
-CVE-2014-0889
+CVE-2014-0889 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Atlas Suite ...)
 	NOT-FOR-US: IBM Atlas Suite
-CVE-2014-0888
+CVE-2014-0888 (IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in Workli ...)
 	NOT-FOR-US: IBM
-CVE-2014-0887
+CVE-2014-0887 (The Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before ...)
 	NOT-FOR-US: IBM Lotus Protector for Mail Security
-CVE-2014-0886
+CVE-2014-0886 (The Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before ...)
 	NOT-FOR-US: IBM Lotus Protector for Mail Security
-CVE-2014-0885
+CVE-2014-0885 (Cross-site request forgery (CSRF) vulnerability in the Admin Web UI in ...)
 	NOT-FOR-US: IBM Lotus Protector for Mail Security
-CVE-2014-0884
+CVE-2014-0884 (Cross-site scripting (XSS) vulnerability in the Admin Web UI in IBM Lo ...)
 	NOT-FOR-US: IBM Lotus Protector for Mail Security
-CVE-2014-0883
+CVE-2014-0883 (Cross-site scripting (XSS) vulnerability in IBM Power Hardware Managem ...)
 	NOT-FOR-US: IBM
-CVE-2014-0882
+CVE-2014-0882 (Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale,  ...)
 	NOT-FOR-US: IBM
-CVE-2014-0881
+CVE-2014-0881 (The TPM on Integrated Management Module II (IMM2) on IBM Flex System x ...)
 	NOT-FOR-US: IBM
-CVE-2014-0880
+CVE-2014-0880 (IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; an ...)
 	NOT-FOR-US: IBM SAN Volume Controller
-CVE-2014-0879
+CVE-2014-0879 (Stack-based buffer overflow in the Taskmaster Capture ActiveX control  ...)
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
-CVE-2014-0878
+CVE-2014-0878 (The IBMSecureRandom component in the IBMJCE and IBMSecureRandom crypto ...)
 	NOT-FOR-US: IBM JDK
-CVE-2014-0877
+CVE-2014-0877 (IBM Cognos TM1 10.2.0.2 before IF1 and 10.2.2.0 before IF1 allows remo ...)
 	NOT-FOR-US: IBM Cognos
-CVE-2014-0876
+CVE-2014-0876 (Buffer overflow in the Java GUI Configuration Wizard and Preferences E ...)
 	NOT-FOR-US: IBM
-CVE-2014-0875
+CVE-2014-0875 (Active Cloud Engine (ACE) in IBM Storwize V7000 Unified 1.3.0.0 throug ...)
 	NOT-FOR-US: IBM Storwize V7000 Unified
-CVE-2014-0874
+CVE-2014-0874 (Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x  ...)
 	NOT-FOR-US: IBM Content Navigator
-CVE-2014-0873
+CVE-2014-0873 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1)  ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-0872
+CVE-2014-0872 (The installation process in IBM Security Key Lifecycle Manager 2.5 sto ...)
 	NOT-FOR-US: IBM
-CVE-2014-0871
+CVE-2014-0871 (RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before  ...)
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0870
+CVE-2014-0870 (Multiple cross-site scripting (XSS) vulnerabilities in RICOS in IBM Al ...)
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0869
+CVE-2014-0869 (The decrypt function in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5 ...)
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0868
+CVE-2014-0868 (RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before  ...)
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0867
+CVE-2014-0867 (rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits (aka ACLM ...)
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0866
+CVE-2014-0866 (RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before  ...)
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0865
+CVE-2014-0865 (RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before  ...)
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0864
+CVE-2014-0864 (Multiple cross-site request forgery (CSRF) vulnerabilities in Executer ...)
 	NOT-FOR-US: IBM Algo Credit Limits
-CVE-2014-0863
+CVE-2014-0863 (The client in IBM Cognos TM1 9.5.2.3 before IF5, 10.1.1.2 before IF1,  ...)
 	NOT-FOR-US: IBM
-CVE-2014-0862
+CVE-2014-0862 (Unspecified vulnerability in Jazz Team Server in IBM Rational Collabor ...)
 	NOT-FOR-US: IBM Rational Collaborative Lifecycle Management
-CVE-2014-0861
+CVE-2014-0861 (Cross-site scripting (XSS) vulnerability in the server in IBM Cognos B ...)
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2014-0860
+CVE-2014-0860 (The firmware before 3.66E in IBM BladeCenter Advanced Management Modul ...)
 	NOT-FOR-US: IBM
-CVE-2014-0859
+CVE-2014-0859 (The web-server plugin in IBM WebSphere Application Server (WAS) 7.x be ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-0858
+CVE-2014-0858 (IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authe ...)
 	NOT-FOR-US: IBM Content Navigator
-CVE-2014-0857
+CVE-2014-0857 (The Administrative Console in IBM WebSphere Application Server (WAS) 8 ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2014-0856
 	RESERVED
-CVE-2014-0855
+CVE-2014-0855 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Connections ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0854
+CVE-2014-0854 (The server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1 before ...)
 	NOT-FOR-US: IBM Cognos Business Intelligence
-CVE-2014-0853
+CVE-2014-0853 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Forward ...)
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2014-0852
+CVE-2014-0852 (IBM WebSphere DataPower SOA appliances through 4.0.2.15, 5.x through 5 ...)
 	NOT-FOR-US: IBM
 CVE-2014-0851
 	RESERVED
-CVE-2014-0850
+CVE-2014-0850 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2014-0849
+CVE-2014-0849 (IBM Maximo Asset Management 7.x before 7.5.0.3 IFIX027 and SmartCloud  ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2014-0848
+CVE-2014-0848 (The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server co ...)
 	NOT-FOR-US: IBM Netezza Performance Portal
 CVE-2014-0847
 	RESERVED
-CVE-2014-0846
+CVE-2014-0846 (Cross-site scripting (XSS) vulnerability in IBM Rational Requirements  ...)
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2014-0845
+CVE-2014-0845 (Open redirect vulnerability in IBM Rational Requirements Composer 3.x  ...)
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2014-0844
+CVE-2014-0844 (Unspecified vulnerability in IBM Rational Requirements Composer 3.x be ...)
 	NOT-FOR-US: IBM Rational Requirements Composer
-CVE-2014-0843
+CVE-2014-0843 (Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6 ...)
 	NOT-FOR-US: IBM Rational Focal Point
-CVE-2014-0842
+CVE-2014-0842 (The account-creation functionality in IBM Rational Focal Point 6.4.x a ...)
 	NOT-FOR-US: IBM Rational Focal Point
-CVE-2014-0841
+CVE-2014-0841 (IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a w ...)
 	NOT-FOR-US: IBM
-CVE-2014-0840
+CVE-2014-0840 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational Fo ...)
 	NOT-FOR-US: IBM Rational Focal Point
-CVE-2014-0839
+CVE-2014-0839 (IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x befo ...)
 	NOT-FOR-US: IBM Rational Focal Point
-CVE-2014-0838
+CVE-2014-0838 (The AutoUpdate package before 6.4 for IBM Security QRadar SIEM 7.2 MR1 ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-0837
+CVE-2014-0837 (The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and earlier ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-0836
+CVE-2014-0836 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7 ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-0835
+CVE-2014-0835 (Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2014-0834
+CVE-2014-0834 (IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 t ...)
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2014-0833
+CVE-2014-0833 (The OAC component in IBM Financial Transaction Manager (FTM) 2.0 befor ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2014-0832
+CVE-2014-0832 (Multiple cross-site scripting (XSS) vulnerabilities in configuration-d ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2014-0831
+CVE-2014-0831 (Cross-site request forgery (CSRF) vulnerability in the OAC component i ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2014-0830
+CVE-2014-0830 (Directory traversal vulnerability in the table-export implementation i ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2014-0829
+CVE-2014-0829 (Multiple buffer overflows in IBM Rational ClearCase 7.x before 7.1.2.1 ...)
 	NOT-FOR-US: IBM Rational ClearCase
-CVE-2014-0828
+CVE-2014-0828 (Cross-site scripting (XSS) vulnerability in the WCM (Web Content Manag ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2014-0827
+CVE-2014-0827 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Workl ...)
 	NOT-FOR-US: IBM InfoSphere
 CVE-2014-0826
 	RESERVED
-CVE-2014-0825
+CVE-2014-0825 (Cross-site scripting (XSS) vulnerability in openreport.jsp in IBM Maxi ...)
 	NOT-FOR-US: IBM Maximo Asset Management and others
-CVE-2014-0824
+CVE-2014-0824 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM Maximo Asset Management and others
-CVE-2014-0823
+CVE-2014-0823 (IBM WebSphere Application Server (WAS) 8.x before 8.0.0.9 and 8.5.x be ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2014-0822
+CVE-2014-0822 (The IMAP server in IBM Domino 8.5.x before 8.5.3 FP6 IF1 and 9.0.x bef ...)
 	NOT-FOR-US: IBM Domino
-CVE-2014-0821
+CVE-2014-0821 (SQL injection vulnerability in the download feature in Cybozu Garoon 2 ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-0820
+CVE-2014-0820 (Directory traversal vulnerability in the download feature in Cybozu Ga ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-0819
+CVE-2014-0819 (Untrusted search path vulnerability in Autodesk AutoCAD before 2014 al ...)
 	NOT-FOR-US: Autodesk AutoCAD
-CVE-2014-0818
+CVE-2014-0818 (Untrusted search path vulnerability in Autodesk AutoCAD before 2014 al ...)
 	NOT-FOR-US: Autodesk AutoCAD
-CVE-2014-0817
+CVE-2014-0817 (Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 does not prope ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2014-0816
+CVE-2014-0816 (Unspecified vulnerability in Norman Security Suite 10.1 and earlier al ...)
 	NOT-FOR-US: Norman Security Suite
-CVE-2014-0815
+CVE-2014-0815 (The intent: URL implementation in Opera before 18 on Android allows at ...)
 	NOT-FOR-US: Opera
-CVE-2014-0814
+CVE-2014-0814 (Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.8.6 allo ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-0813
+CVE-2014-0813 (Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before 2.8 ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2014-0812
+CVE-2014-0812 (Cross-site scripting (XSS) vulnerability in KENT-WEB Joyful Note 2.8 a ...)
 	NOT-FOR-US: KENT-WEB Joyful Note
-CVE-2014-0811
+CVE-2014-0811 (Cross-site scripting (XSS) vulnerability in Blackboard Vista/CE 8.0 SP ...)
 	NOT-FOR-US: Blackboard Vista
-CVE-2014-0810
+CVE-2014-0810 (Unspecified vulnerability in JustSystems Sanshiro 2007 before update 3 ...)
 	NOT-FOR-US: JustSystems Sanshiro 2007
-CVE-2014-0809
+CVE-2014-0809 (Directory traversal vulnerability in the Gapless Player SimZip (aka Si ...)
 	NOT-FOR-US: Gapless Player SimZip
-CVE-2014-0808
+CVE-2014-0808 (The lfCheckError function in data/class/pages/shopping/LC_Page_Shoppin ...)
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2014-0807
+CVE-2014-0807 (data/class/pages/shopping/LC_Page_Shopping_Deliv.php in LOCKON EC-CUBE ...)
 	NOT-FOR-US: LOCKON EC-CUBE
-CVE-2014-0806
+CVE-2014-0806 (The Sleipnir Mobile application 2.12.1 and earlier and Sleipnir Mobile ...)
 	NOT-FOR-US: Sleipnir Mobile application
-CVE-2014-0805
+CVE-2014-0805 (Directory traversal vulnerability in the NeoFiler application 5.4.3 an ...)
 	NOT-FOR-US: NeoFiler
-CVE-2014-0804
+CVE-2014-0804 (Directory traversal vulnerability in the CGENE Security File Manager P ...)
 	NOT-FOR-US: CGENE Security File Manager
-CVE-2014-0803
+CVE-2014-0803 (Directory traversal vulnerability in the tetra filer application 2.3.1 ...)
 	NOT-FOR-US: tetra filer application
-CVE-2014-0802
+CVE-2014-0802 (Directory traversal vulnerability in the aokitaka ZIP with Pass applic ...)
 	NOT-FOR-US: aokitaka ZIP with Pass
 CVE-2014-0801
 	RESERVED
@@ -23689,163 +23689,163 @@ CVE-2014-0796
 	RESERVED
 CVE-2014-0795
 	RESERVED
-CVE-2014-0794
+CVE-2014-0794 (SQL injection vulnerability in the JV Comment (com_jvcomment) componen ...)
 	NOT-FOR-US: JV Comment Joomla Extension
-CVE-2014-0793
+CVE-2014-0793 (Multiple cross-site scripting (XSS) vulnerabilities in the StackIdeas  ...)
 	NOT-FOR-US: Komento Joomla Extension
-CVE-2014-0792
+CVE-2014-0792 (Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to cre ...)
 	NOT-FOR-US: Sonatype Nexus
 CVE-2014-0790
 	RESERVED
-CVE-2014-0791
+CVE-2014-0791 (Integer overflow in the license_read_scope_list function in libfreerdp ...)
 	- freerdp <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=998941
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/f1d6afca6ae620f9855a33280bdc6f3ad9153be0#diff-b6d68bbca6e0f5875c57ef225cd65c45
 	NOTE: A malicous license has simpler means to DoS a RDP client, e.g. by simply stating that no valid license exists etc.
-CVE-2014-0789
+CVE-2014-0789 (Multiple buffer overflows in the OPC Automation 2.0 Server Object Acti ...)
 	NOT-FOR-US: OPC Automation 2.0 Server
 CVE-2014-0788
 	REJECTED
-CVE-2014-0787
+CVE-2014-0787 (Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 al ...)
 	NOT-FOR-US: WellinTech KingSCADA
-CVE-2014-0786
+CVE-2014-0786 (Ecava IntegraXor before 4.1.4393 allows remote attackers to read clear ...)
 	NOT-FOR-US: Ecava IntegraXor
 CVE-2014-0785
 	REJECTED
-CVE-2014-0784
+CVE-2014-0784 (Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 ...)
 	NOT-FOR-US: Yokogawa CENTUM CS 3000
-CVE-2014-0783
+CVE-2014-0783 (Stack-based buffer overflow in BKHOdeq.exe in Yokogawa CENTUM CS 3000  ...)
 	NOT-FOR-US: Yokogawa CENTUM CS 3000
-CVE-2014-0782
+CVE-2014-0782 (Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Func ...)
 	NOT-FOR-US: Yokogawa CENTUM
-CVE-2014-0781
+CVE-2014-0781 (Heap-based buffer overflow in BKCLogSvr.exe in Yokogawa CENTUM CS 3000 ...)
 	NOT-FOR-US: Yokogawa CENTUM CS 3000
-CVE-2014-0780
+CVE-2014-0780 (Directory traversal vulnerability in NTWebServer in InduSoft Web Studi ...)
 	NOT-FOR-US: InduSoft Web Studio
-CVE-2014-0779
+CVE-2014-0779 (The PLC driver in ServerMain.exe in the Kepware KepServerEX 4 componen ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2014-0778
+CVE-2014-0778 (The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows  ...)
 	NOT-FOR-US: Progea Movicon
-CVE-2014-0777
+CVE-2014-0777 (The Modbus slave/outstation driver in the OPC Drivers 1.0.20 and earli ...)
 	NOT-FOR-US: IOServer OPC Server
 CVE-2014-0776
 	RESERVED
 CVE-2014-0775
 	REJECTED
-CVE-2014-0774
+CVE-2014-0774 (Stack-based buffer overflow in the C++ sample client in Schneider Elec ...)
 	NOT-FOR-US: Schneider Electric OPC Factory Server
-CVE-2014-0773
+CVE-2014-0773 (The CreateProcess method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX contro ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0772
+CVE-2014-0772 (The OpenUrlToBufferTimeout method in the BWOCXRUN.BwocxrunCtrl.1 Activ ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0771
+CVE-2014-0771 (The OpenUrlToBuffer method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX cont ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0770
+CVE-2014-0770 (Stack-based buffer overflow in Advantech WebAccess before 7.2 allows r ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0769
+CVE-2014-0769 (The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X- ...)
 	NOT-FOR-US: Festo controller
-CVE-2014-0768
+CVE-2014-0768 (Stack-based buffer overflow in Advantech WebAccess before 7.2 allows r ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0767
+CVE-2014-0767 (Stack-based buffer overflow in Advantech WebAccess before 7.2 allows r ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0766
+CVE-2014-0766 (Stack-based buffer overflow in Advantech WebAccess before 7.2 allows r ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0765
+CVE-2014-0765 (Stack-based buffer overflow in Advantech WebAccess before 7.2 allows r ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0764
+CVE-2014-0764 (Stack-based buffer overflow in Advantech WebAccess before 7.2 allows r ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0763
+CVE-2014-0763 (Multiple SQL injection vulnerabilities in DBVisitor.dll in Advantech W ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2014-0762
+CVE-2014-0762 (The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows p ...)
 	NOT-FOR-US: CG Automation ePAQ-9410 Substation Gateway
-CVE-2014-0761
+CVE-2014-0761 (The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows r ...)
 	NOT-FOR-US: CG Automation ePAQ-9410 Substation Gateway
-CVE-2014-0760
+CVE-2014-0760 (The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X- ...)
 	NOT-FOR-US: Festo controller
-CVE-2014-0759
+CVE-2014-0759 (Unquoted Windows search path vulnerability in Schneider Electric Float ...)
 	NOT-FOR-US: Schneider Electric Floating License Manager
-CVE-2014-0758
+CVE-2014-0758 (An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8. ...)
 	NOT-FOR-US: ICONICS
-CVE-2014-0757
+CVE-2014-0757 (Smart Software Solutions (3S) CoDeSys Runtime Toolkit before 2.4.7.44  ...)
 	NOT-FOR-US: Smart Software Solutions (3S) CoDeSys Runtime Toolkit
 CVE-2014-0756
 	REJECTED
-CVE-2014-0755
+CVE-2014-0755 (Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not p ...)
 	NOT-FOR-US: Rockwell Automation RSLogix
-CVE-2014-0754
+CVE-2014-0754 (Directory traversal vulnerability in SchneiderWEB on Schneider Electri ...)
 	NOT-FOR-US: SchneiderWEB
-CVE-2014-0753
+CVE-2014-0753 (Stack-based buffer overflow in the SCADA server in Ecava IntegraXor be ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2014-0752
+CVE-2014-0752 (The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote att ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2014-0751
+CVE-2014-0751 (Directory traversal vulnerability in CimWebServer.exe (aka the WebView ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy
-CVE-2014-0750
+CVE-2014-0750 (Directory traversal vulnerability in gefebt.exe in the WebView CimWeb  ...)
 	NOT-FOR-US: GE Intelligent Platforms Proficy
-CVE-2014-0749
+CVE-2014-0749 (Stack-based buffer overflow in lib/Libdis/disrsi_.c in Terascale Open- ...)
 	{DSA-2936-1}
 	- torque 2.4.16+dfsg-1.4 (bug #748827)
-CVE-2014-0748
+CVE-2014-0748 (apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP0 ...)
 	NOT-FOR-US: Aprun/apinit on Cray supercomputers
-CVE-2014-0747
+CVE-2014-0747 (The Certificate Authority Proxy Function (CAPF) CLI implementation in  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0746
+CVE-2014-0746 (The disaster recovery system (DRS) in Cisco Unified Contact Center Exp ...)
 	NOT-FOR-US: Cisco Unified Contact Center
-CVE-2014-0745
+CVE-2014-0745 (Cross-site request forgery (CSRF) vulnerability in the Unified Service ...)
 	NOT-FOR-US: Cisco Unified Contact Center Express
 CVE-2014-0744
 	REJECTED
-CVE-2014-0743
+CVE-2014-0743 (The Certificate Authority Proxy Function (CAPF) component in Cisco Uni ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0742
+CVE-2014-0742 (The Certificate Authority Proxy Function (CAPF) CLI implementation in  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0741
+CVE-2014-0741 (The certificate-import feature in the Certificate Authority Proxy Func ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0740
+CVE-2014-0740 (Cross-site request forgery (CSRF) vulnerability in the Call Detail Rec ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0739
+CVE-2014-0739 (Race condition in the Phone Proxy component in Cisco Adaptive Security ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-0738
+CVE-2014-0738 (The Phone Proxy component in Cisco Adaptive Security Appliance (ASA) S ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2014-0737
+CVE-2014-0737 (The Cisco Unified IP Phone 7960G 9.2(1) and earlier allows remote atta ...)
 	NOT-FOR-US: The Cisco Unified IP Phone
-CVE-2014-0736
+CVE-2014-0736 (Cross-site request forgery (CSRF) vulnerability in the Call Detail Rec ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0735
+CVE-2014-0735 (Cross-site scripting (XSS) vulnerability in the IP Manager Assistant ( ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0734
+CVE-2014-0734 (SQL injection vulnerability in the Certificate Authority Proxy Functio ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0733
+CVE-2014-0733 (The Enterprise License Manager (ELM) component in Cisco Unified Commun ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0732
+CVE-2014-0732 (The Real Time Monitoring Tool (RTMT) web application in Cisco Unified  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0731
+CVE-2014-0731 (The administration interface in Cisco Unified Communications Manager ( ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2014-0730
+CVE-2014-0730 (Cisco Unified Computing System (UCS) Central Software 1.1 and earlier  ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2014-0729
+CVE-2014-0729 (SQL injection vulnerability in the Enterprise Mobility Application (EM ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0728
+CVE-2014-0728 (SQL injection vulnerability in the Java database interface in Cisco Un ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0727
+CVE-2014-0727 (SQL injection vulnerability in the CallManager Interactive Voice Respo ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0726
+CVE-2014-0726 (SQL injection vulnerability in the IP Manager Assistant (IPMA) interfa ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0725
+CVE-2014-0725 (Cisco Unified Communications Manager (UCM) does not require authentica ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0724
+CVE-2014-0724 (The bulk administration interface in Cisco Unified Communications Mana ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0723
+CVE-2014-0723 (Cross-site scripting (XSS) vulnerability in the IP Manager Assistant ( ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0722
+CVE-2014-0722 (The log4jinit web application in Cisco Unified Communications Manager  ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0721
+CVE-2014-0721 (The Cisco Unified SIP Phone 3905 with firmware before 9.4(1) allows re ...)
 	NOT-FOR-US: Cisco Unified SIP Phone 3905
-CVE-2014-0720
+CVE-2014-0720 (Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows  ...)
 	NOT-FOR-US: Cisco IPS
-CVE-2014-0719
+CVE-2014-0719 (The control-plane access-list implementation in Cisco IPS Software bef ...)
 	NOT-FOR-US: Cisco IPS
-CVE-2014-0718
+CVE-2014-0718 (The produce-verbose-alert feature in Cisco IPS Software 7.1 before 7.1 ...)
 	NOT-FOR-US: Cisco IPS
 CVE-2014-0717
 	RESERVED
@@ -23861,25 +23861,25 @@ CVE-2014-0712
 	RESERVED
 CVE-2014-0711
 	RESERVED
-CVE-2014-0710
+CVE-2014-0710 (Race condition in the cut-through proxy feature in Cisco Firewall Serv ...)
 	NOT-FOR-US: Cisco Firewall Services Module
-CVE-2014-0709
+CVE-2014-0709 (Cisco UCS Director (formerly Cloupia) before 4.0.0.3 has a hardcoded p ...)
 	NOT-FOR-US: Cisco UCS Director
-CVE-2014-0708
+CVE-2014-0708 (WebEx Meeting Center in Cisco WebEx Business Suite does not properly c ...)
 	NOT-FOR-US: Cisco WebEx Business Suite
-CVE-2014-0707
+CVE-2014-0707 (Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, and 7.4 before 7 ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2014-0706
+CVE-2014-0706 (Cisco Wireless LAN Controller (WLC) devices 7.2 before 7.2.115.2, 7.3, ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2014-0705
+CVE-2014-0705 (The multicast listener discovery (MLD) service on Cisco Wireless LAN C ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2014-0704
+CVE-2014-0704 (The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2014-0703
+CVE-2014-0703 (Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distr ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
 CVE-2014-0702
 	RESERVED
-CVE-2014-0701
+CVE-2014-0701 (Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
 CVE-2014-0700
 	RESERVED
@@ -23893,13 +23893,13 @@ CVE-2014-0696
 	RESERVED
 CVE-2014-0695
 	RESERVED
-CVE-2014-0694
+CVE-2014-0694 (Intelligent Automation for Cloud (IAC) in Cisco Cloud Portal 9.4.1 and ...)
 	NOT-FOR-US: Cisco
 CVE-2014-0693
 	RESERVED
 CVE-2014-0692
 	RESERVED
-CVE-2014-0691
+CVE-2014-0691 (Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insuffici ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
 CVE-2014-0690
 	RESERVED
@@ -23909,473 +23909,473 @@ CVE-2014-0688
 	RESERVED
 CVE-2014-0687
 	RESERVED
-CVE-2014-0686
+CVE-2014-0686 (Cisco Unified Communications Manager (aka Unified CM) 9.1 (2.10000.28) ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0685
+CVE-2014-0685 (Cisco Nexus 1000V InterCloud 5.2(1)IC1(1.2) and earlier for VMware all ...)
 	NOT-FOR-US: Cisco
-CVE-2014-0684
+CVE-2014-0684 (Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause  ...)
 	NOT-FOR-US: Cisco
-CVE-2014-0683
+CVE-2014-0683 (The web management interface on the Cisco RV110W firewall with firmwar ...)
 	NOT-FOR-US: Cisco
-CVE-2014-0682
+CVE-2014-0682 (Cisco WebEx Meetings Server allows remote authenticated users to bypas ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
-CVE-2014-0681
+CVE-2014-0681 (Cross-site scripting (XSS) vulnerability in Cisco Identity Services En ...)
 	NOT-FOR-US: Cisco Identity Service Engine
-CVE-2014-0680
+CVE-2014-0680 (Cross-site scripting (XSS) vulnerability in the HTTP control interface ...)
 	NOT-FOR-US: Cisco Identity Service Engine
-CVE-2014-0679
+CVE-2014-0679 (Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before 1 ...)
 	NOT-FOR-US: Cisco Prime Infrastructure
-CVE-2014-0678
+CVE-2014-0678 (The portal interface in Cisco Secure Access Control System (ACS) does  ...)
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2014-0677
+CVE-2014-0677 (The Label Distribution Protocol (LDP) functionality in Cisco NX-OS all ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-0676
+CVE-2014-0676 (Cisco NX-OS allows local users to bypass intended TACACS+ command rest ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2014-0675
+CVE-2014-0675 (The Expressway component in Cisco TelePresence Video Communication Ser ...)
 	NOT-FOR-US: Cisco
-CVE-2014-0674
+CVE-2014-0674 (Cisco Video Surveillance Operations Manager (VSOM) does not require au ...)
 	NOT-FOR-US: Cisco Video Surveillance Operations Manager
-CVE-2014-0673
+CVE-2014-0673 (Multiple cross-site scripting (XSS) vulnerabilities in the web interfa ...)
 	NOT-FOR-US: Cisco Video Surveillance
-CVE-2014-0672
+CVE-2014-0672 (The Search and Play interface in Cisco MediaSense does not properly en ...)
 	NOT-FOR-US: Cisco MediaSense
-CVE-2014-0671
+CVE-2014-0671 (Open redirect vulnerability in Cisco MediaSense allows remote attacker ...)
 	NOT-FOR-US: Cisco MediaSense
-CVE-2014-0670
+CVE-2014-0670 (Cross-site scripting (XSS) vulnerability in the Search and Play interf ...)
 	NOT-FOR-US: Cisco MediaSense
-CVE-2014-0669
+CVE-2014-0669 (The Wireless Session Protocol (WSP) feature in the Gateway GPRS Suppor ...)
 	NOT-FOR-US: Cisco ASR 5000
-CVE-2014-0668
+CVE-2014-0668 (Cross-site scripting (XSS) vulnerability in the portal in Cisco Secure ...)
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2014-0667
+CVE-2014-0667 (The RMI interface in Cisco Secure Access Control System (ACS) does not ...)
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2014-0666
+CVE-2014-0666 (Directory traversal vulnerability in the Send Screen Capture implement ...)
 	NOT-FOR-US: Cisco Jabber
-CVE-2014-0665
+CVE-2014-0665 (The RBAC implementation in Cisco Identity Services Engine (ISE) Softwa ...)
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2014-0664
+CVE-2014-0664 (The server in Cisco Unity Connection allows remote authenticated users ...)
 	NOT-FOR-US: Cisco Unity Connection
-CVE-2014-0663
+CVE-2014-0663 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2014-0662
+CVE-2014-0662 (The SIP module in Cisco TelePresence Video Communication Server (VCS)  ...)
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-0661
+CVE-2014-0661 (The System Status Collection Daemon (SSCD) in Cisco TelePresence Syste ...)
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-0660
+CVE-2014-0660 (Cisco TelePresence ISDN Gateway with software before 2.2(1.92) allows  ...)
 	NOT-FOR-US: Cisco TelePresence
-CVE-2014-0659
+CVE-2014-0659 (The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS440 ...)
 	NOT-FOR-US: Cisco Small Business Devices
-CVE-2014-0658
+CVE-2014-0658 (Cisco 9900 Unified IP phones allow remote attackers to cause a denial  ...)
 	NOT-FOR-US: Cisco 9900 Unified IP phones
-CVE-2014-0657
+CVE-2014-0657 (The administration portal in Cisco Unified Communications Manager (Uni ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2014-0656
+CVE-2014-0656 (Cisco Context Directory Agent (CDA) allows remote authenticated users  ...)
 	NOT-FOR-US: Cisco Context Directory Agent
-CVE-2014-0655
+CVE-2014-0655 (The Identity Firewall (IDFW) functionality in Cisco Adaptive Security  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-0654
+CVE-2014-0654 (Cisco Context Directory Agent (CDA) allows remote attackers to modify  ...)
 	NOT-FOR-US: Cisco Context Directory Agent
-CVE-2014-0653
+CVE-2014-0653 (The Identity Firewall (IDFW) functionality in Cisco Adaptive Security  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2014-0652
+CVE-2014-0652 (Cross-site scripting (XSS) vulnerability in the Mappings page in Cisco ...)
 	NOT-FOR-US: Cisco Context Directory Agent
-CVE-2014-0651
+CVE-2014-0651 (The administrative interface in Cisco Context Directory Agent (CDA) do ...)
 	NOT-FOR-US: Cisco Context Directory Agent
-CVE-2014-0650
+CVE-2014-0650 (The web interface in Cisco Secure Access Control System (ACS) 5.x befo ...)
 	NOT-FOR-US: Cisco Secure ACS RMI
-CVE-2014-0649
+CVE-2014-0649 (The RMI interface in Cisco Secure Access Control System (ACS) 5.x befo ...)
 	NOT-FOR-US: Cisco Secure ACS RMI
-CVE-2014-0648
+CVE-2014-0648 (The RMI interface in Cisco Secure Access Control System (ACS) 5.x befo ...)
 	NOT-FOR-US: Cisco Secure ACS RMI
-CVE-2014-0647
+CVE-2014-0647 (The Starbucks 2.6.1 application for iOS stores sensitive information i ...)
 	NOT-FOR-US: Starbucks iOS application
-CVE-2014-0646
+CVE-2014-0646 (The runtime WS component in the server in EMC RSA Access Manager 6.1.3 ...)
 	NOT-FOR-US: EMC
-CVE-2014-0645
+CVE-2014-0645 (EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Manageme ...)
 	NOT-FOR-US: EMC
-CVE-2014-0644
+CVE-2014-0644 (EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote attacke ...)
 	NOT-FOR-US: EMC
-CVE-2014-0643
+CVE-2014-0643 (EMC RSA NetWitness before 9.8.5.19 and RSA Security Analytics before 1 ...)
 	NOT-FOR-US: EMC RSA NetWitness and RSA Security Analytics
-CVE-2014-0642
+CVE-2014-0642 (EMC Documentum Content Server before 6.7 SP1 P26, 6.7 SP2 before P13,  ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2014-0641
+CVE-2014-0641 (Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC  ...)
 	NOT-FOR-US: EMC RSA Archer GRC Platform
-CVE-2014-0640
+CVE-2014-0640 (EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authentic ...)
 	NOT-FOR-US: EMC RSA Archer GRC Platform
-CVE-2014-0639
+CVE-2014-0639 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer  ...)
 	NOT-FOR-US: RSA Archer
-CVE-2014-0638
+CVE-2014-0638 (Cross-site scripting (XSS) vulnerability in RSA Adaptive Authenticatio ...)
 	NOT-FOR-US: RSA Adaptive Authentication
-CVE-2014-0637
+CVE-2014-0637 (Cross-site scripting (XSS) vulnerability in the back-office case-manag ...)
 	NOT-FOR-US: RSA Adaptive Authentication
-CVE-2014-0636
+CVE-2014-0636 (EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x b ...)
 	NOT-FOR-US: EMC RSA BSAFE Micro Edition Suite
-CVE-2014-0635
+CVE-2014-0635 (Session fixation vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x b ...)
 	NOT-FOR-US: EMC VPLEX
-CVE-2014-0634
+CVE-2014-0634 (EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not include the HTT ...)
 	NOT-FOR-US: EMC VPLEX
-CVE-2014-0633
+CVE-2014-0633 (The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not prop ...)
 	NOT-FOR-US: EMC VPLEX
-CVE-2014-0632
+CVE-2014-0632 (Directory traversal vulnerability in EMC VPLEX GeoSynchrony 4.x and 5. ...)
 	NOT-FOR-US: EMC VPLEX
 CVE-2014-0631
 	REJECTED
-CVE-2014-0630
+CVE-2014-0630 (EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 ...)
 	NOT-FOR-US: EMC
-CVE-2014-0629
+CVE-2014-0629 (EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 ...)
 	NOT-FOR-US: EMC
-CVE-2014-0628
+CVE-2014-0628 (The server in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0 ...)
 	NOT-FOR-US: EMC
-CVE-2014-0627
+CVE-2014-0627 (The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1 ...)
 	NOT-FOR-US: EMC RSA
-CVE-2014-0626
+CVE-2014-0626 (The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1. ...)
 	NOT-FOR-US: EMC RSA
-CVE-2014-0625
+CVE-2014-0625 (The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC ...)
 	NOT-FOR-US: EMC RSA
-CVE-2014-0624
+CVE-2014-0624 (EMC RSA Data Loss Prevention (DLP) 9.x before 9.6-SP2 does not properl ...)
 	NOT-FOR-US: EMC RSA
-CVE-2014-0623
+CVE-2014-0623 (Cross-site scripting (XSS) vulnerability in the Self-Service Console i ...)
 	NOT-FOR-US: EMC RSA
-CVE-2014-0622
+CVE-2014-0622 (The web service in EMC Documentum Foundation Services (DFS) 6.5 throug ...)
 	NOT-FOR-US: EMC Documentum Foundation Services
-CVE-2014-0621
+CVE-2014-0621 (Multiple cross-site request forgery (CSRF) vulnerabilities in Technico ...)
 	NOT-FOR-US: Technicolor TC7200 STD6.01.12
-CVE-2014-0620
+CVE-2014-0620 (Multiple cross-site scripting (XSS) vulnerabilities in Technicolor (fo ...)
 	NOT-FOR-US: Technicolor TC7200 STD6.01.12
-CVE-2014-0619
+CVE-2014-0619 (Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1 ...)
 	NOT-FOR-US: Hamster Free ZIP Archiver
-CVE-2014-0618
+CVE-2014-0618 (Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R be ...)
 	NOT-FOR-US: SRX Services Gateways
-CVE-2014-0617
+CVE-2014-0617 (Juniper Junos 10.4S before 10.4S15, 10.4R before 10.4R16, 11.4 before  ...)
 	NOT-FOR-US: SRX Services Gateways
-CVE-2014-0616
+CVE-2014-0616 (Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 1 ...)
 	NOT-FOR-US: Juniper JunOS
-CVE-2014-0615
+CVE-2014-0615 (Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 1 ...)
 	NOT-FOR-US: JunOS CLI
-CVE-2014-0614
+CVE-2014-0614 (Juniper Junos 13.2 before 13.2R3 and 13.3 before 13.3R1, when PIM is e ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-0613
+CVE-2014-0613 (The XNM command processor in Juniper Junos 10.4 before 10.4R16, 11.4 b ...)
 	NOT-FOR-US: JunOS
-CVE-2014-0612
+CVE-2014-0612 (Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 1 ...)
 	NOT-FOR-US: Juniper Junos
-CVE-2014-0611
+CVE-2014-0611 (Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in No ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2014-0610
+CVE-2014-0610 (The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and  ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2014-0609
+CVE-2014-0609 (Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP ...)
 	NOT-FOR-US: Novell Open Enterprise Server
 CVE-2014-0608
 	RESERVED
-CVE-2014-0607
+CVE-2014-0607 (Unrestricted file upload vulnerability in Attachmate Verastream Proces ...)
 	NOT-FOR-US: Attachmate Verastream Process Designer
 CVE-2014-0606
 	REJECTED
-CVE-2014-0605
+CVE-2014-0605 (Directory traversal vulnerability in the rftpcom.dll ActiveX control i ...)
 	NOT-FOR-US: Attachmate Reflection FTP Client
-CVE-2014-0604
+CVE-2014-0604 (Directory traversal vulnerability in the rftpcom.dll ActiveX control i ...)
 	NOT-FOR-US: Attachmate Reflection FTP Client
-CVE-2014-0603
+CVE-2014-0603 (The rftpcom.dll ActiveX control in Attachmate Reflection FTP Client be ...)
 	NOT-FOR-US: Attachmate Reflection FTP Client
-CVE-2014-0602
+CVE-2014-0602 (Directory traversal vulnerability in the DumpToFile method in the NQMc ...)
 	NOT-FOR-US: NetIQ Security Manager
 CVE-2014-0601
 	RESERVED
-CVE-2014-0600
+CVE-2014-0600 (FileUploadServlet in the Administration service in Novell GroupWise 20 ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2014-0599
+CVE-2014-0599 (Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Ente ...)
 	NOT-FOR-US: Novell Open Enterprise Server
-CVE-2014-0598
+CVE-2014-0598 (Directory traversal vulnerability in iPrint in Novell Open Enterprise  ...)
 	NOT-FOR-US: Novell Open Enterprise Server
 CVE-2014-0597
 	RESERVED
 CVE-2014-0596
 	RESERVED
-CVE-2014-0595
+CVE-2014-0595 (/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open ...)
 	NOT-FOR-US: Novel OES
-CVE-2014-0594
+CVE-2014-0594 (In the Open Build Service (OBS) before version 2.4.6 the CSRF protecti ...)
 	- open-build-service <not-affected> (Fixed before initial release to Debian)
 	NOTE: https://github.com/openSUSE/open-build-service/commit/2188c059b67b82171d0e28ef59f77e62d22a09d8
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=870606
-CVE-2014-0593
+CVE-2014-0593 (The set_version script as shipped with obs-service-set_version is a so ...)
 	NOT-FOR-US: script for OBS
-CVE-2014-0592
+CVE-2014-0592 (Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used ...)
 	NOT-FOR-US: Crowbar
-CVE-2014-0591
+CVE-2014-0591 (The query_findclosestnsec3 function in query.c in named in ISC BIND 9. ...)
 	{DSA-3023-1 DLA-48-1}
 	- bind9 1:9.9.5.dfsg-2 (bug #735190)
 	NOTE: https://kb.isc.org/article/AA-01078
 	NOTE: https://kb.isc.org/article/AA-01085
-CVE-2014-0590
+CVE-2014-0590 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0589
+CVE-2014-0589 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0588
+CVE-2014-0588 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0587
+CVE-2014-0587 (Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0586
+CVE-2014-0586 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0585
+CVE-2014-0585 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0584
+CVE-2014-0584 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0583
+CVE-2014-0583 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0582
+CVE-2014-0582 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0581
+CVE-2014-0581 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0580
+CVE-2014-0580 (Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2014-0579
 	REJECTED
-CVE-2014-0578
+CVE-2014-0578 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0577
+CVE-2014-0577 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0576
+CVE-2014-0576 (Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2014-0575
 	REJECTED
-CVE-2014-0574
+CVE-2014-0574 (Double free vulnerability in Adobe Flash Player before 13.0.0.252 and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0573
+CVE-2014-0573 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0572
+CVE-2014-0572 (Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 b ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2014-0571
+CVE-2014-0571 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 befor ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2014-0570
+CVE-2014-0570 (Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 9. ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2014-0569
+CVE-2014-0569 (Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0568
+CVE-2014-0568 (The NtSetInformationFile system call hook feature in Adobe Reader and  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0567
+CVE-2014-0567 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0566
+CVE-2014-0566 (Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 o ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0565
+CVE-2014-0565 (Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 o ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0564
+CVE-2014-0564 (Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0563
+CVE-2014-0563 (Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 o ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0562
+CVE-2014-0562 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 1 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0561
+CVE-2014-0561 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10. ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0560
+CVE-2014-0560 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0559
+CVE-2014-0559 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0558
+CVE-2014-0558 (Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0557
+CVE-2014-0557 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0556
+CVE-2014-0556 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0555
+CVE-2014-0555 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0554
+CVE-2014-0554 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0553
+CVE-2014-0553 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0552
+CVE-2014-0552 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0551
+CVE-2014-0551 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0550
+CVE-2014-0550 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0549
+CVE-2014-0549 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0548
+CVE-2014-0548 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0547
+CVE-2014-0547 (Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.1 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0546
+CVE-2014-0546 (Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 o ...)
 	NOT-FOR-US: Adobe
-CVE-2014-0545
+CVE-2014-0545 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0544
+CVE-2014-0544 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0543
+CVE-2014-0543 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0542
+CVE-2014-0542 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0541
+CVE-2014-0541 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0540
+CVE-2014-0540 (Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0539
+CVE-2014-0539 (Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0538
+CVE-2014-0538 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.241 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0537
+CVE-2014-0537 (Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0536
+CVE-2014-0536 (Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0535
+CVE-2014-0535 (Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0534
+CVE-2014-0534 (Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0533
+CVE-2014-0533 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0532
+CVE-2014-0532 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0531
+CVE-2014-0531 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before  ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2014-0530
 	REJECTED
-CVE-2014-0529
+CVE-2014-0529 (Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0528
+CVE-2014-0528 (Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0527
+CVE-2014-0527 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0526
+CVE-2014-0526 (Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 o ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0525
+CVE-2014-0525 (The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x befor ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0524
+CVE-2014-0524 (Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 o ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0523
+CVE-2014-0523 (Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 o ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0522
+CVE-2014-0522 (Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 o ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0521
+CVE-2014-0521 (Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 o ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2014-0520
+CVE-2014-0520 (Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0519
+CVE-2014-0519 (Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0518
+CVE-2014-0518 (Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0517
+CVE-2014-0517 (Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0516
+CVE-2014-0516 (Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0515
+CVE-2014-0515 (Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x t ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0514
+CVE-2014-0514 (The Adobe Reader Mobile application before 11.2 for Android does not p ...)
 	NOT-FOR-US: Adobe Reader Mobile application
-CVE-2014-0513
+CVE-2014-0513 (Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and ...)
 	NOT-FOR-US: Adobe Illustrator CS6
-CVE-2014-0512
+CVE-2014-0512 (Adobe Reader 11.0.06 allows attackers to bypass a PDF sandbox protecti ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0511
+CVE-2014-0511 (Heap-based buffer overflow in Adobe Reader 11.0.06 allows remote attac ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0510
+CVE-2014-0510 (Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remo ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0509
+CVE-2014-0509 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player before  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0508
+CVE-2014-0508 (Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x befor ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0507
+CVE-2014-0507 (Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x t ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0506
+CVE-2014-0506 (Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2014-0505
+CVE-2014-0505 (Adobe Shockwave Player before 12.1.0.150 allows remote attackers to ex ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2014-0504
+CVE-2014-0504 (Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x befor ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0503
+CVE-2014-0503 (Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x befor ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0502
+CVE-2014-0502 (Double free vulnerability in Adobe Flash Player before 11.7.700.269 an ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0501
+CVE-2014-0501 (Adobe Shockwave Player before 12.0.9.149 allows remote attackers to ex ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2014-0500
+CVE-2014-0500 (Adobe Shockwave Player before 12.0.9.149 allows remote attackers to ex ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2014-0499
+CVE-2014-0499 (Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x befor ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0498
+CVE-2014-0498 (Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269  ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0497
+CVE-2014-0497 (Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0496
+CVE-2014-0496 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0495
+CVE-2014-0495 (Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0494
+CVE-2014-0494 (Adobe Digital Editions 2.0.1 allows attackers to execute arbitrary cod ...)
 	NOT-FOR-US: Adobe Digital Editions
-CVE-2014-0493
+CVE-2014-0493 (Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2014-0492
+CVE-2014-0492 (Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12 ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0491
+CVE-2014-0491 (Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12 ...)
 	NOT-FOR-US: Flash plugin
-CVE-2014-0490
+CVE-2014-0490 (The apt-get download command in APT before 1.0.9 does not properly val ...)
 	{DSA-3025-1}
 	- apt 0.9.12
 	NOTE: fixed with commit http://anonscm.debian.org/cgit/apt/apt.git/commit/?id=d57f6084aaa3972073114973d149ea2291b36682
 	[squeeze] - apt <not-affected> (apt download command and vulnerable code not present)
-CVE-2014-0489
+CVE-2014-0489 (APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, doe ...)
 	{DSA-3025-1 DLA-53-1}
 	- apt 1.0.9
-CVE-2014-0488
+CVE-2014-0488 (APT before 1.0.9 does not "invalidate repository data" when moving fro ...)
 	{DSA-3025-1 DLA-53-1}
 	- apt 1.0.9
-CVE-2014-0487
+CVE-2014-0487 (APT before 1.0.9 does not verify downloaded files if they have been mo ...)
 	{DSA-3025-1 DLA-53-1}
 	- apt 1.0.9
-CVE-2014-0486
+CVE-2014-0486 (Knot DNS before 1.5.2 allows remote attackers to cause a denial of ser ...)
 	- knot 1.5.2-1
-CVE-2014-0485
+CVE-2014-0485 (S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which  ...)
 	{DSA-3013-1}
 	- s3ql 2.10.1+dfsg-4 (high)
-CVE-2014-0484
+CVE-2014-0484 (The Debian acpi-support package before 0.140-5+deb7u3 allows local use ...)
 	{DSA-3020-1 DLA-49-1}
 	- acpi-support 0.142-4
-CVE-2014-0483
+CVE-2014-0483 (The administrative interface (contrib.admin) in Django before 1.4.14,  ...)
 	{DSA-3010-1 DLA-65-1}
 	- python-django 1.6.6-1
-CVE-2014-0482
+CVE-2014-0482 (The contrib.auth.middleware.RemoteUserMiddleware middleware in Django  ...)
 	{DSA-3010-1 DLA-65-1}
 	- python-django 1.6.6-1
-CVE-2014-0481
+CVE-2014-0481 (The default configuration for the file upload handling system in Djang ...)
 	{DSA-3010-1 DLA-65-1}
 	- python-django 1.6.6-1
-CVE-2014-0480
+CVE-2014-0480 (The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x  ...)
 	{DSA-3010-1 DLA-65-1}
 	- python-django 1.6.6-1
-CVE-2014-0479
+CVE-2014-0479 (reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remot ...)
 	{DSA-2997-1 DLA-31-1}
 	- reportbug 6.5.0+nmu1
 	[squeeze] - reportbug 4.12.6+deb6u1
-CVE-2014-0478
+CVE-2014-0478 (APT before 1.0.4 does not properly validate source packages, which all ...)
 	{DSA-2958-1 DLA-0005-1}
 	- apt 1.0.4 (bug #749795)
 	[squeeze] - apt 0.8.10.3+squeeze2
-CVE-2014-0477
+CVE-2014-0477 (The parse function in Email::Address module before 1.905 for Perl uses ...)
 	{DSA-2969-1 DLA-0011-1}
 	- libemail-address-perl 1.905-1
 	[squeeze] - libemail-address-perl 1.889-2+deb6u1
-CVE-2014-0476
+CVE-2014-0476 (The slapper function in chkrootkit before 0.50 does not properly quote ...)
 	{DSA-2945-1 DLA-0002-1}
 	- chkrootkit 0.49-5
 	[squeeze] - chkrootkit 0.49-4+deb6u1
-CVE-2014-0475
+CVE-2014-0475 (Multiple directory traversal vulnerabilities in GNU C Library (aka gli ...)
 	{DSA-2976-1 DLA-43-1}
 	- glibc 2.19-6
 	- eglibc <removed>
-CVE-2014-0474
+CVE-2014-0474 (The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressFie ...)
 	{DSA-2934-1}
 	- python-django 1.6.3-1
-CVE-2014-0473
+CVE-2014-0473 (The caching framework in Django before 1.4.11, 1.5.x before 1.5.6, 1.6 ...)
 	{DSA-2934-1}
 	- python-django 1.6.3-1
-CVE-2014-0472
+CVE-2014-0472 (The django.core.urlresolvers.reverse function in Django before 1.4.11, ...)
 	{DSA-2934-1}
 	- python-django 1.6.3-1
-CVE-2014-0471
+CVE-2014-0471 (Directory traversal vulnerability in the unpacking functionality in dp ...)
 	{DSA-2915-1}
 	- dpkg 1.17.8
-CVE-2014-0470
+CVE-2014-0470 (super.c in Super 3.30.0 does not check the return value of the setuid  ...)
 	{DSA-2917-1}
 	- super 3.30.0-7
-CVE-2014-0469
+CVE-2014-0469 (Stack-based buffer overflow in a certain Debian patch for xbuffy befor ...)
 	{DSA-2921-1}
 	- xbuffy 3.3.bl.3.dfsg-9
 CVE-2014-0468
@@ -24383,581 +24383,581 @@ CVE-2014-0468
 	- fusionforge 5.3+20140506-1
 	[squeeze] - fusionforge <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://lists.fusionforge.org/pipermail/fusionforge-general/2014-March/002645.html
-CVE-2014-0467
+CVE-2014-0467 (Buffer overflow in copy.c in Mutt before 1.5.23 allows remote attacker ...)
 	{DSA-2874-1}
 	- mutt 1.5.22-2 (bug #708731)
-CVE-2014-0466
+CVE-2014-0466 (The fixps script in a2ps 4.14 does not use the -dSAFER option when exe ...)
 	{DSA-2892-1}
 	- a2ps 1:4.14-1.3 (bug #742902)
-CVE-2014-0465
+CVE-2014-0465 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fu ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0464
+CVE-2014-0464 (Unspecified vulnerability in Oracle Java SE 8 allows remote attackers  ...)
 	- openjdk-7 <not-affected> (Only affects Java 8)
 	- openjdk-6 <not-affected> (Only affects Java 8)
-CVE-2014-0463
+CVE-2014-0463 (Unspecified vulnerability in Oracle Java SE 8 allows remote attackers  ...)
 	- openjdk-7 <not-affected> (Only affects Java 8)
 	- openjdk-6 <not-affected> (Only affects Java 8)
-CVE-2014-0462
+CVE-2014-0462 (Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux ...)
 	{DSA-2912-1}
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0461
+CVE-2014-0461 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Jav ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0460
+CVE-2014-0460 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0459
+CVE-2014-0459 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Em ...)
 	{DSA-2923-1 DSA-2912-1}
 	- lcms <unfixed>
 	[squeeze] - lcms <no-dsa> (Minor issue)
 	[wheezy] - lcms <no-dsa> (Minor issue)
 	- lcms2 2.6-1 (low; bug #745471)
 	[wheezy] - lcms2 <no-dsa> (Minor issue)
-CVE-2014-0458
+CVE-2014-0458 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Jav ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0457
+CVE-2014-0457 (Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0456
+CVE-2014-0456 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Jav ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0455
+CVE-2014-0455 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Em ...)
 	{DSA-2923-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 <not-affected> (Only affects Java 7/8)
-CVE-2014-0454
+CVE-2014-0454 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Em ...)
 	{DSA-2923-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 <not-affected> (Only affects Java 7/8)
-CVE-2014-0453
+CVE-2014-0453 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0452
+CVE-2014-0452 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Jav ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0451
+CVE-2014-0451 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0450
+CVE-2014-0450 (Unspecified vulnerability in the Oracle WebCenter Portal component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0449
+CVE-2014-0449 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Jav ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0448
+CVE-2014-0448 (Unspecified vulnerability in Oracle Java SE 7u51 and 8 allows remote a ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0447
+CVE-2014-0447 (Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local u ...)
 	NOT-FOR-US: Solaris
-CVE-2014-0446
+CVE-2014-0446 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0445
+CVE-2014-0445 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0444
+CVE-2014-0444 (Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Pro ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0443
+CVE-2014-0443 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0442
+CVE-2014-0442 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11.1 allows loc ...)
 	NOT-FOR-US: Solaris
-CVE-2014-0441
+CVE-2014-0441 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0440
+CVE-2014-0440 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0439
+CVE-2014-0439 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0438
+CVE-2014-0438 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0437
+CVE-2014-0437 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mysql-5.5 5.5.35+dfsg-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0436
+CVE-2014-0436 (Unspecified vulnerability in the Hyperion BI+ component in Oracle Hype ...)
 	NOT-FOR-US: Oracle
-CVE-2014-0435
+CVE-2014-0435 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0434
+CVE-2014-0434 (Unspecified vulnerability in the Oracle Agile Product Lifecycle Manage ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0433
+CVE-2014-0433 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-0432
+CVE-2014-0432 (Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Em ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2014-0431
+CVE-2014-0431 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-0430
+CVE-2014-0430 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-0429
+CVE-2014-0429 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
 	{DSA-2923-1 DSA-2912-1}
 	- openjdk-7 7u55-2.4.7-1
 	- openjdk-6 6b31-1.13.3-1
-CVE-2014-0428
+CVE-2014-0428 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Ja ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0427
+CVE-2014-0427 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
-CVE-2014-0426
+CVE-2014-0426 (Unspecified vulnerability in the Oracle Containers for J2EE component  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0425
+CVE-2014-0425 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Pr ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0424
+CVE-2014-0424 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remot ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0423
+CVE-2014-0423 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JR ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0422
+CVE-2014-0422 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Ja ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0421
+CVE-2014-0421 (Unspecified vulnerability in Oracle Solaris 10, when running on the SP ...)
 	NOT-FOR-US: Solaris
-CVE-2014-0420
+CVE-2014-0420 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2848-1}
 	- mariadb-5.5 5.5.35-1
 	- mysql-5.5 5.5.35+dfsg-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5 and 5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0419
+CVE-2014-0419 (Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) co ...)
 	NOT-FOR-US: Oracle Secure Global Desktop
-CVE-2014-0418
+CVE-2014-0418 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remot ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0417
+CVE-2014-0417 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Ja ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2014-0416
+CVE-2014-0416 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Ja ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0415
+CVE-2014-0415 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remot ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0414
+CVE-2014-0414 (Unspecified vulnerability in the Oracle Containers for J2EE component  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0413
+CVE-2014-0413 (Unspecified vulnerability in the Oracle Containers for J2EE component  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0412
+CVE-2014-0412 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mysql-5.5 5.5.35+dfsg-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0411
+CVE-2014-0411 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JR ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0410
+CVE-2014-0410 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remot ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2014-0409
 	REJECTED
-CVE-2014-0408
+CVE-2014-0408 (Unspecified vulnerability in Oracle Java SE 7u45, when running on OS X ...)
 	- openjdk-6 <not-affected> (Specific to MacOS X)
 	- openjdk-7 <not-affected> (Specific to MacOS X)
-CVE-2014-0407
+CVE-2014-0407 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DSA-2878-1}
 	- virtualbox-ose <removed> (low)
 	- virtualbox 4.3.6-dfsg-1 (low; bug #735410)
-CVE-2014-0406
+CVE-2014-0406 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DSA-2878-1}
 	- virtualbox-ose <removed> (low)
 	- virtualbox 4.3.6-dfsg-1 (low; bug #735410)
-CVE-2014-0405
+CVE-2014-0405 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox-guest-additions <removed> (bug #735410)
 	[squeeze] - virtualbox-guest-additions <no-dsa> (Non-free not supported)
 	- virtualbox-guest-additions-iso 4.3.10-1 (bug #735410)
 	[wheezy] - virtualbox-guest-additions-iso <no-dsa> (Non-free not supported)
-CVE-2014-0404
+CVE-2014-0404 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DSA-2878-1}
 	- virtualbox-ose <removed> (low)
 	- virtualbox 4.3.6-dfsg-1 (low; bug #735410)
-CVE-2014-0403
+CVE-2014-0403 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remot ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0402
+CVE-2014-0402 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.35+dfsg-1
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0401
+CVE-2014-0401 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.35+dfsg-1
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0400
+CVE-2014-0400 (Unspecified vulnerability in the Oracle Internet Directory component i ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0399
+CVE-2014-0399 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0398
+CVE-2014-0398 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2014-0397
+CVE-2014-0397 (Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10  ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-0396
+CVE-2014-0396 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0395
+CVE-2014-0395 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0394
+CVE-2014-0394 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0393
+CVE-2014-0393 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.35+dfsg-1
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0392
+CVE-2014-0392 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component  ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0391
+CVE-2014-0391 (Unspecified vulnerability in the Oracle Identity Manager component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0390
+CVE-2014-0390 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2014-0389
+CVE-2014-0389 (Unspecified vulnerability in Oracle iLearning 6.0 allows remote attack ...)
 	NOT-FOR-US: Oracle iLearning
-CVE-2014-0388
+CVE-2014-0388 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS Human Reso ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0387
+CVE-2014-0387 (Unspecified vulnerability in Oracle Java SE 6u65 and Java SE 7u45, whe ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0386
+CVE-2014-0386 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2848-1 DSA-2845-1}
 	- mariadb-5.5 5.5.35-1
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.5 5.5.35+dfsg-1
 	- mysql-5.1 <removed>
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0385
+CVE-2014-0385 (Unspecified vulnerability in Oracle Java SE 7u45, when installing on O ...)
 	- openjdk-6 <not-affected> (Specific to MacOS X)
 	- openjdk-7 <not-affected> (Specific to MacOS X)
-CVE-2014-0384
+CVE-2014-0384 (Unspecified vulnerability in the MySQL Server component in Oracle MySQ ...)
 	{DSA-2919-1}
 	- mysql-5.5 5.5.37-1 (bug #744910)
 	- mariadb-5.5 5.5.37-1 (bug #745330)
 	- mariadb-10.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
-CVE-2014-0383
+CVE-2014-0383 (Unspecified vulnerability in the Oracle Identity Manager component in  ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0382
+CVE-2014-0382 (Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 all ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2014-0381
+CVE-2014-0381 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0380
+CVE-2014-0380 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft Enterprise
-CVE-2014-0379
+CVE-2014-0379 (Unspecified vulnerability in the Oracle Demantra Demand Management com ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0378
+CVE-2014-0378 (Unspecified vulnerability in the Spatial component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-0377
+CVE-2014-0377 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2014-0376
+CVE-2014-0376 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Ja ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0375
+CVE-2014-0375 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remot ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2014-0374
+CVE-2014-0374 (Unspecified vulnerability in the Oracle Portal component in Oracle Fus ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2014-0373
+CVE-2014-0373 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, an ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0372
+CVE-2014-0372 (Unspecified vulnerability in the Oracle Demantra Demand Management com ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0371
+CVE-2014-0371 (Unspecified vulnerability in the Oracle Demantra Demand Management com ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2014-0370
+CVE-2014-0370 (Unspecified vulnerability in the Siebel Life Sciences component in Ora ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2014-0369
+CVE-2014-0369 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2014-0368
+CVE-2014-0368 (Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, an ...)
 	- openjdk-6 6b30-1.13.1-1
 	- openjdk-7 7u51-2.4.4-1
-CVE-2014-0367
+CVE-2014-0367 (Unspecified vulnerability in the Hyperion Essbase Administration Servi ...)
 	NOT-FOR-US: Oracle Hyperion
-CVE-2014-0366
+CVE-2014-0366 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2014-0365
 	RESERVED
-CVE-2014-0364
+CVE-2014-0364 (The ParseRoster component in the Ignite Realtime Smack XMPP API before ...)
 	NOT-FOR-US: smack userspace tools, was once ITPed, but closed (637964)
-CVE-2014-0363
+CVE-2014-0363 (The ServerTrustManager component in the Ignite Realtime Smack XMPP API ...)
 	NOT-FOR-US: smack userspace tools, was once ITPed, but closed (637964)
-CVE-2014-0362
+CVE-2014-0362 (Cross-site scripting (XSS) vulnerability on Google Search Appliance (G ...)
 	NOT-FOR-US: Google Search Appliance
-CVE-2014-0361
+CVE-2014-0361 (The default configuration of IBM 4690 OS, as used in Toshiba Global Co ...)
 	NOT-FOR-US: IBM
 CVE-2014-0360
 	REJECTED
-CVE-2014-0359
+CVE-2014-0359 (Xangati XSR before 11 and XNR before 7 allows remote attackers to exec ...)
 	NOT-FOR-US: Xangati
-CVE-2014-0358
+CVE-2014-0358 (Multiple directory traversal vulnerabilities in Xangati XSR before 11  ...)
 	NOT-FOR-US: Xangati
-CVE-2014-0357
+CVE-2014-0357 (Amtelco miSecureMessages allows remote attackers to read the messages  ...)
 	NOT-FOR-US: Amtelco miSecureMessages
-CVE-2014-0356
+CVE-2014-0356 (The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ. ...)
 	NOT-FOR-US: ZyXEL
-CVE-2014-0355
+CVE-2014-0355 (Multiple stack-based buffer overflows on the ZyXEL Wireless N300 NetUS ...)
 	NOT-FOR-US: ZyXEL
-CVE-2014-0354
+CVE-2014-0354 (The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ. ...)
 	NOT-FOR-US: ZyXEL
-CVE-2014-0353
+CVE-2014-0353 (The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ. ...)
 	NOT-FOR-US: ZyXEL
 CVE-2014-0352
 	REJECTED
-CVE-2014-0351
+CVE-2014-0351 (The FortiManager protocol service in Fortinet FortiOS before 4.3.16 an ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2014-0350
+CVE-2014-0350 (The Poco::Net::X509Certificate::verify method in the NetSSL library in ...)
 	{DLA-1239-1}
 	- poco 1.3.6p1-5 (low; bug #746637)
 	[squeeze] - poco <no-dsa> (Minor issue)
-CVE-2014-0349
+CVE-2014-0349 (Multiple unspecified vulnerabilities in J2k-Codec allow remote attacke ...)
 	NOT-FOR-US: J2k-Codec
-CVE-2014-0348
+CVE-2014-0348 (The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workst ...)
 	NOT-FOR-US: Artiva
-CVE-2014-0347
+CVE-2014-0347 (The Settings module in Websense Triton Unified Security Center 7.7.3 b ...)
 	NOT-FOR-US: Websense Triton Unified Security Center
 CVE-2014-0346
 	REJECTED
 CVE-2014-0345
 	RESERVED
-CVE-2014-0344
+CVE-2014-0344 (Properties.do in ZOHO ManageEngine OpStor before build 8500 does not p ...)
 	NOT-FOR-US: ZOHO ManageEngine OpStor
-CVE-2014-0343
+CVE-2014-0343 (The web interface on Virtual Access GW6110A routers with software 9.00 ...)
 	NOT-FOR-US: GW6110A routers
-CVE-2014-0342
+CVE-2014-0342 (Multiple unrestricted file upload vulnerabilities in fileupload.php in ...)
 	NOT-FOR-US: PivotX
-CVE-2014-0341
+CVE-2014-0341 (Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2 ...)
 	NOT-FOR-US: PivotX
 CVE-2014-0340
 	RESERVED
-CVE-2014-0339
+CVE-2014-0339 (Cross-site scripting (XSS) vulnerability in view.cgi in Webmin before  ...)
 	NOT-FOR-US: Webmin
-CVE-2014-0338
+CVE-2014-0338 (Multiple cross-site scripting (XSS) vulnerabilities in the firewall po ...)
 	NOT-FOR-US: WatchGuard Fireware XTM
-CVE-2014-0337
+CVE-2014-0337 (Cross-site scripting (XSS) vulnerability in the web interface on Huawe ...)
 	NOT-FOR-US: Huawei Echo Life HG8247
-CVE-2014-0336
+CVE-2014-0336 (Cross-site request forgery (CSRF) vulnerability in the web client in S ...)
 	NOT-FOR-US: Serena Dimensions CM
-CVE-2014-0335
+CVE-2014-0335 (Multiple cross-site scripting (XSS) vulnerabilities in the web client  ...)
 	NOT-FOR-US: Serena Dimensions CM
-CVE-2014-0334
+CVE-2014-0334 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2014-0333
+CVE-2014-0333 (The png_push_read_chunk function in pngpread.c in the progressive deco ...)
 	- libpng <not-affected> (Only affects libpng 1.6.0 through 1.6.9)
 	- libpng1.6 1.6.10-1
-CVE-2014-0332
+CVE-2014-0332 (Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL ...)
 	NOT-FOR-US: Dell SonicWALL GMS
-CVE-2014-0331
+CVE-2014-0331 (Cross-site scripting (XSS) vulnerability in the web administration int ...)
 	NOT-FOR-US: Fortinet NGFW
-CVE-2014-0330
+CVE-2014-0330 (Cross-site scripting (XSS) vulnerability in adminui/user_list.php on t ...)
 	NOT-FOR-US: Dell KACE K1000 management appliance
-CVE-2014-0329
+CVE-2014-0329 (The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded  ...)
 	NOT-FOR-US: TELNET service on the ZTE ZXV10 W300 router
-CVE-2014-0328
+CVE-2014-0328 (The thraneLINK protocol implementation on Cobham devices does not veri ...)
 	NOT-FOR-US: Cobham
-CVE-2014-0327
+CVE-2014-0327 (The Terminal Upgrade Tool in the Pilot Below Deck Equipment (BDE) and  ...)
 	NOT-FOR-US: Pilot Below Deck Equipment and OpenPort implementations on Iridium satellite terminals
-CVE-2014-0326
+CVE-2014-0326 (The Pilot Below Deck Equipment (BDE) and OpenPort implementations on I ...)
 	NOT-FOR-US: Pilot Below Deck Equipment and OpenPort implementations on Iridium satellite terminals
-CVE-2014-0325
+CVE-2014-0325 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0324
+CVE-2014-0324 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0323
+CVE-2014-0323 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-0322
+CVE-2014-0322 (Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 a ...)
 	NOT-FOR-US: Microsoft Internet Explorer 10
-CVE-2014-0321
+CVE-2014-0321 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-0320
 	REJECTED
-CVE-2014-0319
+CVE-2014-0319 (Microsoft Silverlight 5 before 5.1.30214.0 and Silverlight 5 Developer ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-0318
+CVE-2014-0318 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-0317
+CVE-2014-0317 (The Security Account Manager Remote (SAMR) protocol implementation in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-0316
+CVE-2014-0316 (Memory leak in the Local RPC (LRPC) server implementation in Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-0315
+CVE-2014-0315 (Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-0314
+CVE-2014-0314 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0313
+CVE-2014-0313 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0312
+CVE-2014-0312 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0311
+CVE-2014-0311 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0310
+CVE-2014-0310 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0309
+CVE-2014-0309 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0308
+CVE-2014-0308 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0307
+CVE-2014-0307 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows r ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0306
+CVE-2014-0306 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0305
+CVE-2014-0305 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0304
+CVE-2014-0304 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0303
+CVE-2014-0303 (Microsoft Internet Explorer 6 through 8 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0302
+CVE-2014-0302 (Microsoft Internet Explorer 6 through 8 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0301
+CVE-2014-0301 (Double free vulnerability in qedit.dll in DirectShow in Microsoft Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-0300
+CVE-2014-0300 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-0299
+CVE-2014-0299 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0298
+CVE-2014-0298 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0297
+CVE-2014-0297 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0296
+CVE-2014-0296 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-0295
+CVE-2014-0295 (VsaVb7rt.dll in Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not im ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2014-0294
+CVE-2014-0294 (Microsoft Forefront Protection 2010 for Exchange Server does not prope ...)
 	NOT-FOR-US: Microsoft Forefront Protection
-CVE-2014-0293
+CVE-2014-0293 (Microsoft Internet Explorer 9 through 11 allows remote attackers to re ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-0292
 	REJECTED
 CVE-2014-0291
 	REJECTED
-CVE-2014-0290
+CVE-2014-0290 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0289
+CVE-2014-0289 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0288
+CVE-2014-0288 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0287
+CVE-2014-0287 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0286
+CVE-2014-0286 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0285
+CVE-2014-0285 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0284
+CVE-2014-0284 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0283
+CVE-2014-0283 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0282
+CVE-2014-0282 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0281
+CVE-2014-0281 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0280
+CVE-2014-0280 (Microsoft Internet Explorer 6 through 8 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0279
+CVE-2014-0279 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0278
+CVE-2014-0278 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0277
+CVE-2014-0277 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0276
+CVE-2014-0276 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0275
+CVE-2014-0275 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0274
+CVE-2014-0274 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0273
+CVE-2014-0273 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0272
+CVE-2014-0272 (Microsoft Internet Explorer 8 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0271
+CVE-2014-0271 (The VBScript engine in Microsoft Internet Explorer 6 through 11, and V ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0270
+CVE-2014-0270 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0269
+CVE-2014-0269 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0268
+CVE-2014-0268 (Microsoft Internet Explorer 8 through 11 does not properly restrict fi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0267
+CVE-2014-0267 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2014-0266
+CVE-2014-0266 (The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Win ...)
 	NOT-FOR-US: Microsoft
 CVE-2014-0265
 	REJECTED
 CVE-2014-0264
 	REJECTED
-CVE-2014-0263
+CVE-2014-0263 (The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-0262
+CVE-2014-0262 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2014-0261
+CVE-2014-0261 (Microsoft Dynamics AX 4.0 SP2, 2009 SP1, 2012, and 2012 R2 allows remo ...)
 	NOT-FOR-US: Microsoft Dynamics
-CVE-2014-0260
+CVE-2014-0260 (Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2014-0259
+CVE-2014-0259 (Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2014-0258
+CVE-2014-0258 (Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, a ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2014-0257
+CVE-2014-0257 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5 ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2014-0256
+CVE-2014-0256 (Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold allo ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2014-0255
+CVE-2014-0255 (Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and  ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2014-0254
+CVE-2014-0254 (The IPv6 implementation in Microsoft Windows 8, Windows Server 2012, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2014-0253
+CVE-2014-0253 (Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5 ...)
 	NOT-FOR-US: Microsoft .NET Framework
 CVE-2014-0252
 	REJECTED
-CVE-2014-0251
+CVE-2014-0251 (Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007  ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2014-0250
+CVE-2014-0250 (Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allo ...)
 	- freerdp 1.1.0~git20140809.1.b07a5c1+dfsg-1 (unimportant; bug #749585)
 	NOTE: A malicious RDP server has many more ways to mess with an RDP client
-CVE-2014-0249
+CVE-2014-0249 (The System Security Services Daemon (SSSD) 1.11.6 does not properly id ...)
 	- sssd 1.11.7-1 (low; bug #749569)
 	[jessie] - sssd <no-dsa> (Minor issue)
 	[squeeze] - sssd <no-dsa> (Minor issue)
 	[wheezy] - sssd <no-dsa> (Minor issue)
-CVE-2014-0248
+CVE-2014-0248 (org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework ...)
 	NOT-FOR-US: JBoss Seam
-CVE-2014-0247
+CVE-2014-0247 (LibreOffice 4.2.4 executes unspecified VBA macros automatically, which ...)
 	- libreoffice 1:4.2.5-1
 	[wheezy] - libreoffice <not-affected> (vulnerable code not present)
-CVE-2014-0246
+CVE-2014-0246 (SOSreport stores the md5 hash of the GRUB bootloader password in an ar ...)
 	- sosreport <unfixed> (unimportant; bug #749568)
 	NOTE: Non-issue, see https://bugzilla.redhat.com/show_bug.cgi?id=1101393#c5
 CVE-2014-0245
 	RESERVED
 	NOT-FOR-US: GateIn
-CVE-2014-0244
+CVE-2014-0244 (The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x  ...)
 	{DSA-2966-1}
 	- samba 2:4.1.9+dfsg-1
 	[squeeze] - samba <not-affected> (Only affects 3.6 and later)
 	- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: AD-related packages removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: https://www.samba.org/samba/security/CVE-2014-0244
-CVE-2014-0243
+CVE-2014-0243 (Check_MK through 1.2.5i2p1 allows local users to read arbitrary files  ...)
 	- check-mk <not-affected> (Vulnerable code not present)
 	NOTE: https://www.lsexperts.de/advisories/lse-2014-05-21.txt
 CVE-2014-0242 [information disclosure via Content-Type response header]
@@ -24968,32 +24968,32 @@ CVE-2014-0242 [information disclosure via Content-Type response header]
 CVE-2014-0241
 	RESERVED
 	NOT-FOR-US: hammer_cli_foreman ruby gem
-CVE-2014-0240
+CVE-2014-0240 (The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled ...)
 	{DSA-2937-1}
 	- mod-wsgi 3.5-1 (bug #748910)
 	NOTE: https://github.com/GrahamDumpleton/mod_wsgi/commit/d9d5fea585b23991f76532a9b07de7fcd3b649f4
 	NOTE: only when running with linux >= 2.6.0 and < 3.1.0
-CVE-2014-0239
+CVE-2014-0239 (The internal DNS server in Samba 4.x before 4.0.18 does not check the  ...)
 	- samba 2:4.1.8+dfsg-1 (bug #749845)
 	- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
 	[squeeze] - samba <not-affected> (AD feature not present)
 	[wheezy] - samba <not-affected> (AD feature not present)
 	NOTE: AD-related packages removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
-CVE-2014-0238
+CVE-2014-0238 (The cdf_read_property_info function in cdf.c in the Fileinfo component ...)
 	{DSA-3021-1 DSA-2943-1 DLA-145-1 DLA-27-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
 	NOTE: https://github.com/file/file/commit/f97486ef5dc3e8735440edc4fc8808c63e1a3ef0
 	- php5 5.6.0~beta4+dfsg-1 (low)
 	NOTE: https://bugs.php.net/bug.php?id=67327
-CVE-2014-0237
+CVE-2014-0237 (The cdf_unpack_summary_info function in cdf.c in the Fileinfo componen ...)
 	{DSA-3021-1 DSA-2943-1 DLA-145-1 DLA-27-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
 	NOTE: https://github.com/file/file/commit/b8acc83781d5a24cc5101e525d15efe0482c280d
 	- php5 5.6.0~beta4+dfsg-1 (low)
 	NOTE: https://bugs.php.net/bug.php?id=67328
-CVE-2014-0236
+CVE-2014-0236 (file before 5.18, as used in the Fileinfo component in PHP before 5.6. ...)
 	- file 1:5.19-1
 	[wheezy] - file <not-affected> (Introduced in 5.18)
 	[squeeze] - file <not-affected> (Introduced in 5.18)
@@ -25006,14 +25006,14 @@ CVE-2014-0235
 CVE-2014-0234
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2014-0233
+CVE-2014-0233 (Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow re ...)
 	NOT-FOR-US: OpenShift
-CVE-2014-0232
+CVE-2014-0232 (Multiple cross-site scripting (XSS) vulnerabilities in framework/commo ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2014-0231
+CVE-2014-0231 (The mod_cgid module in the Apache HTTP Server before 2.4.10 does not h ...)
 	{DSA-2989-1 DLA-66-1}
 	- apache2 2.4.10-1
-CVE-2014-0230
+CVE-2014-0230 (Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0 ...)
 	{DSA-3530-1 DLA-232-1}
 	- tomcat6 6.0.41-3 (bug #785316)
 	- tomcat7 7.0.55-1
@@ -25022,11 +25022,11 @@ CVE-2014-0230
 	NOTE: tomcat6 in jessie only builds the servlet API classes
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1603781 (7.x)
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1659537 (6.x)
-CVE-2014-0229
+CVE-2014-0229 (Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in C ...)
 	NOT-FOR-US: Hadoop as packaged by Cloudera
-CVE-2014-0228
+CVE-2014-0228 (Apache Hive before 0.13.1, when in SQL standards based authorization m ...)
 	NOT-FOR-US: Apache Hive
-CVE-2014-0227
+CVE-2014-0227 (java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apach ...)
 	{DSA-3530-1 DLA-232-1}
 	- tomcat6 6.0.41-3 (bug #785312)
 	NOTE: Fixed in https://svn.apache.org/viewvc?view=revision&revision=1603628 (6.x)
@@ -25037,60 +25037,60 @@ CVE-2014-0227
 	- tomcat8 8.0.9-1
 	NOTE: Fixed in https://svn.apache.org/viewvc?view=revision&revision=1600984 (8.x)
 	NOTE: Fixed in https://svn.apache.org/viewvc?view=revision&revision=1601332 (8.x)
-CVE-2014-0226
+CVE-2014-0226 (Race condition in the mod_status module in the Apache HTTP Server befo ...)
 	{DSA-2989-1 DLA-66-1}
 	- apache2 2.4.10-1
-CVE-2014-0225
+CVE-2014-0225 (When processing user provided XML documents, the Spring Framework 4.0. ...)
 	- libspring-java 3.0.6.RELEASE-14 (low; bug #753470)
 	[squeeze] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <no-dsa> (Minor issue)
-CVE-2014-0224
+CVE-2014-0224 (OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h d ...)
 	{DSA-2950-1 DLA-0008-1 DLA-0003-1}
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
-CVE-2014-0223
+CVE-2014-0223 (Integer overflow in the qcow_open function in block/qcow.c in QEMU bef ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-6 (bug #742730)
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html
-CVE-2014-0222
+CVE-2014-0222 (Integer overflow in the qcow_open function in block/qcow.c in QEMU bef ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-6 (bug #742730)
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
-CVE-2014-0221
+CVE-2014-0221 (The dtls1_get_message_fragment function in d1_both.c in OpenSSL before ...)
 	{DSA-2950-1 DLA-0003-1}
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
-CVE-2014-0220
+CVE-2014-0220 (Cloudera Manager before 4.8.3 and 5.x before 5.0.1 allows remote authe ...)
 	NOT-FOR-US: Cloudera Manager
-CVE-2014-0219
+CVE-2014-0219 (Apache Karaf before 4.0.10 enables a shutdown port on the loopback int ...)
 	- apache-karaf <itp> (bug #881297)
-CVE-2014-0218
+CVE-2014-0218 (Cross-site scripting (XSS) vulnerability in the URL downloader reposit ...)
 	- moodle 2.6.3-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45332
-CVE-2014-0217
+CVE-2014-0217 (enrol/index.php in Moodle 2.6.x before 2.6.3 does not check for the mo ...)
 	- moodle 2.6.3-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45126
-CVE-2014-0216
+CVE-2014-0216 (The My Home implementation in the block_html_pluginfile function in bl ...)
 	- moodle 2.6.3-1
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43877
-CVE-2014-0215
+CVE-2014-0215 (The blind-marking implementation in Moodle through 2.3.11, 2.4.x befor ...)
 	- moodle 2.6.3-1
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44750
-CVE-2014-0214
+CVE-2014-0214 (login/token.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x b ...)
 	- moodle 2.6.3-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43119
-CVE-2014-0213
+CVE-2014-0213 (Multiple cross-site request forgery (CSRF) vulnerabilities in mod/assi ...)
 	- moodle 2.6.3-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44606
@@ -25100,20 +25100,20 @@ CVE-2014-0212 [on-demand ACL policy loading enables a denial of service by consu
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
 	NOTE: Upstream issue: https://issues.apache.org/jira/browse/QPID-4938
 	NOTE: Commit which does no longer build acl support only as plugin: https://svn.apache.org/viewvc?view=revision&revision=r1494697
-CVE-2014-0211
+CVE-2014-0211 (Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyph ...)
 	{DSA-2927-1}
 	- libxfont 1:1.4.7-2 (unimportant)
 	NOTE: unimportant, as source affected but libxfont has disabled support to connect to font server since 1:1.4.7-1
-CVE-2014-0210
+CVE-2014-0210 (Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x be ...)
 	{DSA-2927-1}
 	- libxfont 1:1.4.7-2 (unimportant)
 	NOTE: unimportant, as source affected but libxfont has disabled support to connect to font server since 1:1.4.7-1
-CVE-2014-0209
+CVE-2014-0209 (Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlia ...)
 	{DSA-2927-1}
 	- libxfont 1:1.4.7-2
-CVE-2014-0208
+CVE-2014-0208 (Cross-site scripting (XSS) vulnerability in the search auto-completion ...)
 	- foreman <itp> (bug #663101)
-CVE-2014-0207
+CVE-2014-0207 (The cdf_read_short_sector function in cdf.c in file before 5.19, as us ...)
 	{DSA-3021-1 DSA-2974-1 DLA-27-1 DLA-0018-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
@@ -25121,37 +25121,37 @@ CVE-2014-0207
 	- php5 5.6.0~beta4+dfsg-1
 	[squeeze] - php5 5.3.3-7+squeeze21
 	NOTE: https://bugs.php.net/bug.php?id=67326
-CVE-2014-0206
+CVE-2014-0206 (Array index error in the aio_read_events_ring function in fs/aio.c in  ...)
 	- linux 3.14.10-1
 	[wheezy] - linux <not-affected> (introduced by a31ad380bed817aa25f8830ad23e1a0480fef797)
 	- linux-2.6 <not-affected> (introduced by a31ad380bed817aa25f8830ad23e1a0480fef797)
 	NOTE: Introduced by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a31ad380bed817aa25f8830ad23e1a0480fef797 (v3.10)
 	NOTE: Upstream patches: https://lkml.org/lkml/2014/6/24/619 https://lkml.org/lkml/2014/6/24/623
-CVE-2014-0205
+CVE-2014-0205 (The futex_wait function in kernel/futex.c in the Linux kernel before 2 ...)
 	- linux 2.6.37
 	- linux-2.6 2.6.37-1
 	[squeeze] - linux-2.6 2.6.32-28
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7ada876a8703f23befbb20a7465a702ee39b1704 (v2.6.37)
 	NOTE: https://lkml.org/lkml/2010/9/16/99
 	NOTE: Introduced in f801073f87aa2 (around 2.6.31) according to SuSE Bugzilla
-CVE-2014-0204
+CVE-2014-0204 (OpenStack Identity (Keystone) before 2014.1.1 does not properly handle ...)
 	- keystone 2014.1-5 (bug #749026)
 	[wheezy] - keystone <not-affected>
-CVE-2014-0203
+CVE-2014-0203 (The __do_follow_link function in fs/namei.c in the Linux kernel before ...)
 	{DLA-0015-1}
 	- linux 2.6.33-1
 	- linux-2.6 2.6.37-1
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=86acdca1b63e6890540fa19495cfc708beff3d8b (v2.6.33)
-CVE-2014-0202
+CVE-2014-0202 (The setup script in ovirt-engine-dwh, as used in the Red Hat Enterpris ...)
 	NOT-FOR-US: ovirt / RHEV
-CVE-2014-0201
+CVE-2014-0201 (ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization ...)
 	NOT-FOR-US: ovirt / RHEV
-CVE-2014-0200
+CVE-2014-0200 (The Red Hat Enterprise Virtualization Manager reports (rhevm-reports)  ...)
 	NOT-FOR-US: ovirt / RHEV
-CVE-2014-0199
+CVE-2014-0199 (The setup script in ovirt-engine-reports, as used in the Red Hat Enter ...)
 	NOT-FOR-US: ovirt / RHEV
-CVE-2014-0198
+CVE-2014-0198 (The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g,  ...)
 	{DSA-2931-1}
 	- openssl 1.0.1g-4 (bug #747432)
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
@@ -25159,53 +25159,53 @@ CVE-2014-0198
 CVE-2014-0197
 	RESERVED
 	NOT-FOR-US: CloudForms Management Engine
-CVE-2014-0196
+CVE-2014-0196 (The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel th ...)
 	{DSA-2928-1 DSA-2926-1}
 	- linux 3.14.4-1 (bug #747166)
 	- linux-2.6 <removed>
 	NOTE: PoC: http://pastebin.com/yTSFUBgZ
-CVE-2014-0195
+CVE-2014-0195 (The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before  ...)
 	{DSA-2950-1 DLA-0003-1}
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
 CVE-2014-0194
 	REJECTED
-CVE-2014-0193
+CVE-2014-0193 (WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7. ...)
 	- netty <not-affected> (WebSocket08FrameDecoder function not present; bug #746639)
-CVE-2014-0192
+CVE-2014-0192 (Foreman 1.4.0 before 1.5.0 does not properly restrict access to provis ...)
 	- foreman <itp> (bug #663101)
-CVE-2014-0191
+CVE-2014-0191 (The xmlParserHandlePEReference function in parser.c in libxml2 before  ...)
 	{DSA-2978-2 DLA-151-1}
 	- libxml2 2.9.1+dfsg1-4 (bug #747309)
 	NOTE: The upstream patch we used in DSA-2978-1 and DLA-16-1 is only half of the fix. The other half is likely https://git.gnome.org/browse/libxml2/commit/?id=4629ee02ac649c27f9c0cf98ba017c6b5526070f which is only in libxml 2.9 and newer. This was found out with the test case given in https://github.com/sparklemotion/nokogiri/issues/693#issuecomment-8935085.
 	NOTE: First patches: https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df https://git.gnome.org/browse/libxml2/commit/?id=dd8367da17c2948981a51e52c8a6beb445edf825
-CVE-2014-0190
+CVE-2014-0190 (The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to c ...)
 	- qt4-x11 4:4.8.6+dfsg-1 (low)
 	[wheezy] - qt4-x11 <no-dsa> (Minor issue)
 	[squeeze] - qt4-x11 <no-dsa> (Minor issue)
 	NOTE: https://qt.gitorious.org/qt/qtbase/commit/eb1325047f2697d24e93ebaf924900affc876bc1
 	NOTE: Possible squeeze backport in http://lists.debian.org/54ca4d0c.4696420a.0f32.4d29@mx.google.com
-CVE-2014-0189
+CVE-2014-0189 (virt-who uses world-readable permissions for /etc/sysconfig/virt-who,  ...)
 	NOT-FOR-US: RedHat virt-who
-CVE-2014-0188
+CVE-2014-0188 (The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2 ...)
 	NOT-FOR-US: OpenShift
-CVE-2014-0187
+CVE-2014-0187 (The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013. ...)
 	- neutron 2014.1.2-1
 	NOTE: https://review.openstack.org/gitweb?p=openstack%2Fneutron.git;a=commitdiff;h=68a24e5f908412b83ca7c3f2d2d2014678e79570
 	NOTE: https://review.openstack.org/gitweb?p=openstack%2Fneutron.git;a=commitdiff;h=42a8539d497322716df0150c2123befd246d69d8
-CVE-2014-0186
+CVE-2014-0186 (A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Li ...)
 	- tomcat7 <not-affected> (RHEL-specific regression)
-CVE-2014-0185
+CVE-2014-0185 (sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP be ...)
 	{DSA-2943-1}
 	- php5 5.5.12+dfsg-1
 	[squeeze] - php5 <not-affected> (FPM SAPI only enabled in 5.3.5-1)
 	NOTE: https://bugs.php.net/bug.php?id=67060
-CVE-2014-0184
+CVE-2014-0184 (Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 logs th ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
 CVE-2014-0183
 	RESERVED
 	NOT-FOR-US: Katello
-CVE-2014-0182
+CVE-2014-0182 (Heap-based buffer overflow in the virtio_load function in hw/virtio/vi ...)
 	- qemu 2.1+dfsg-1 (bug #739589)
 	- qemu-kvm <removed>
 	[wheezy] - qemu <no-dsa> (Too intrusive to backport, minor risk)
@@ -25214,102 +25214,102 @@ CVE-2014-0182
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Fix: http://git.qemu.org/?p=qemu.git;a=commit;h=a890a2f9137ac3cf5b607649e66a6f3a5512d8dc
 	NOTE: Regression fix needed: http://git.qemu.org/?p=qemu.git;a=commit;h=2f5732e9648fcddc8759a8fd25c0b41a38352be6
-CVE-2014-0181
+CVE-2014-0181 (The Netlink implementation in the Linux kernel through 3.14.1 does not ...)
 	- linux 3.14.9-1 (bug #746738)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport to 2.6.32)
 	[wheezy] - linux <no-dsa> (Too intrusive to backport to 3.2)
-CVE-2014-0180
+CVE-2014-0180 (The wait_for_task function in app/controllers/application_controller.r ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0179
+CVE-2014-0179 (libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a ...)
 	{DSA-3038-1}
 	- libvirt 1.2.4-1 (unimportant)
 	NOTE: no ACL mechanism in squeeze and wheezy and all access is root-equivalent
 	NOTE: LSN-2014-0003: https://www.redhat.com/archives/libvir-list/2014-May/msg00209.html
-CVE-2014-0178
+CVE-2014-0178 (Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1. ...)
 	{DSA-2966-1}
 	- samba 2:4.1.8+dfsg-1 (low)
 	[squeeze] - samba <not-affected> (Vulnerable code not present)
 	- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: server packages removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
-CVE-2014-0177
+CVE-2014-0177 (The am function in lib/hub/commands.rb in hub before 1.12.1 allows loc ...)
 	NOT-FOR-US: Github client
-CVE-2014-0176
+CVE-2014-0176 (Cross-site scripting (XSS) vulnerability in application/panel_control  ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
 CVE-2014-0175 [default password set at install]
 	RESERVED
 	- mcollective <unfixed> (unimportant)
 	NOTE: Password rotation is documented in README.Debian
-CVE-2014-0174
+CVE-2014-0174 (Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG  ...)
 	NOT-FOR-US: Cumin
-CVE-2014-0173
+CVE-2014-0173 (The Jetpack plugin before 1.9 before 1.9.4, 2.0.x before 2.0.9, 2.1.x  ...)
 	NOT-FOR-US: WordPress plugin Jetpack
-CVE-2014-0172
+CVE-2014-0172 (Integer overflow in the check_section function in dwarf_begin_elf.c in ...)
 	- elfutils 0.158-1 (low; bug #744017)
 	[squeeze] - elfutils <not-affected> (Affected code introduced in 0.153)
 	[wheezy] - elfutils <not-affected> (Affected code introduced in 0.153)
-CVE-2014-0171
+CVE-2014-0171 (XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in  ...)
 	NOT-FOR-US: Odata4j
-CVE-2014-0170
+CVE-2014-0170 (Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualizatio ...)
 	NOT-FOR-US: Teiid
 CVE-2014-0169
 	RESERVED
 	NOT-FOR-US: JBoss EAP
-CVE-2014-0168
+CVE-2014-0168 (Cross-site request forgery (CSRF) vulnerability in Jolokia before 1.2. ...)
 	NOT-FOR-US: Jolokia
-CVE-2014-0167
+CVE-2014-0167 (The Nova EC2 API security group implementation in OpenStack Compute (N ...)
 	- nova 2013.2.3-1 (bug #744051)
 	[wheezy] - nova <not-affected> (Only affects 2013.1 to 2013.2.3)
-CVE-2014-0166
+CVE-2014-0166 (The wp_validate_auth_cookie function in wp-includes/pluggable.php in W ...)
 	{DSA-2901-1}
 	- wordpress 3.8.2+dfsg-1 (bug #744018)
-CVE-2014-0165
+CVE-2014-0165 (WordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authentica ...)
 	{DSA-2901-1}
 	- wordpress 3.8.2+dfsg-1 (bug #744018)
-CVE-2014-0164
+CVE-2014-0164 (openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise  ...)
 	- mcollective 1.2.1+dfsg-2
 CVE-2014-0163
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2014-0162
+CVE-2014-0162 (The Sheepdog backend in OpenStack Image Registry and Delivery Service  ...)
 	- glance 2014.1-1
 	[wheezy] - glance <not-affected> (Only affects 2013.2 to 2013.2.3)
 CVE-2014-0161
 	RESERVED
 	NOT-FOR-US: ovirt-engine-sdk-python
-CVE-2014-0160
+CVE-2014-0160 (The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1 ...)
 	{DSA-2896-1}
 	- openssl 1.0.1g-1 (bug #743883)
 	[squeeze] - openssl <not-affected> (vulnerable code introduced in upstream commit 4817504)
 	NOTE: fix: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=96db902
 	NOTE: http://www.openssl.org/news/secadv/20140407.txt
 	NOTE: system reboot is recommended after the upgrade
-CVE-2014-0159
+CVE-2014-0159 (Buffer overflow in the GetStatistics64 remote procedure call (RPC) in  ...)
 	{DSA-2899-1}
 	- openafs 1.6.7-1
-CVE-2014-0157
+CVE-2014-0157 (Cross-site scripting (XSS) vulnerability in the Horizon Orchestration  ...)
 	- horizon 2013.2.3-1 (bug #744019)
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 CVE-2014-0156
 	RESERVED
-CVE-2014-0155
+CVE-2014-0155 (The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel t ...)
 	- linux 3.14.4-1 (low)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: fix: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60
-CVE-2014-0154
+CVE-2014-0154 (oVirt Engine before 3.5.0 does not include the HTTPOnly flag in a Set- ...)
 	NOT-FOR-US: oVirt web admin interface
-CVE-2014-0153
+CVE-2014-0153 (The REST API in oVirt 3.4.0 and earlier stores session IDs in HTML5 lo ...)
 	NOT-FOR-US: oVirt REST API
-CVE-2014-0152
+CVE-2014-0152 (Session fixation vulnerability in the web admin interface in oVirt 3.4 ...)
 	NOT-FOR-US: oVirt web admin interface
-CVE-2014-0151
+CVE-2014-0151 (Cross-site request forgery (CSRF) vulnerability in oVirt Engine before ...)
 	NOT-FOR-US: ovirt
-CVE-2014-0150
+CVE-2014-0150 (Integer overflow in the virtio_net_handle_mac function in hw/net/virti ...)
 	{DSA-2910-1 DSA-2909-1}
 	- qemu 1.7.0+dfsg-8 (bug #744221)
 	- qemu-kvm <removed>
-CVE-2014-0149
+CVE-2014-0149 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss W ...)
 	NOT-FOR-US: JBoss Seam
 CVE-2014-0148
 	RESERVED
@@ -25324,14 +25324,14 @@ CVE-2014-0147
 	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-0146
+CVE-2014-0146 (The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 an ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-1 (bug #742730)
 	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commit;h=11b128f4062dd7f89b14abc8877ff20d41b28be9
-CVE-2014-0145
+CVE-2014-0145 (Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, a ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-1 (bug #742730)
 	- qemu-kvm <removed>
@@ -25344,117 +25344,117 @@ CVE-2014-0144
 	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-0143
+CVE-2014-0143 (Multiple integer overflows in the block drivers in QEMU, possibly befo ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-1 (bug #742730)
 	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-0142
+CVE-2014-0142 (QEMU, possibly before 2.0.0, allows local users to cause a denial of s ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-1 (bug #742730)
 	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-0141
+CVE-2014-0141 (Cross-site scripting (XSS) vulnerability in Red Hat Satellite 6.0.3. ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2014-0140
+CVE-2014-0140 (Red Hat CloudForms 3.1 Management Engine (CFME) before 5.3 allows remo ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2014-0139
+CVE-2014-0139 (cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qso ...)
 	{DSA-2902-1}
 	- curl 7.36.0-1 (bug #742728)
 	NOTE: http://curl.haxx.se/libcurl-reject-cert-ip-wildcards.patch
-CVE-2014-0138
+CVE-2014-0138 (The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re- ...)
 	{DSA-2902-1}
 	- curl 7.36.0-1 (bug #742728)
 	NOTE: http://curl.haxx.se/libcurl-bad-reuse.patch
-CVE-2014-0137
+CVE-2014-0137 (SQL injection vulnerability in the saved_report_delete action in the R ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0136
+CVE-2014-0136 (The (1) get and (2) log methods in the AgentController in Red Hat Clou ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0135
+CVE-2014-0135 (Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses wo ...)
 	NOT-FOR-US: Kafo
 	NOTE: Might be packaged after foreman (ITP bug #663101)
-CVE-2014-0134
+CVE-2014-0134 (The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 201 ...)
 	- nova 2013.2.2-4 (bug #742712)
 	[wheezy] - nova <not-affected> (Introduced in Grizzly)
 	NOTE: https://launchpad.net/bugs/1221190
-CVE-2014-0133
+CVE-2014-0133 (Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15  ...)
 	- nginx 1.4.7-1 (unimportant; bug #742059)
 	[wheezy] - nginx <not-affected> (Vulnerable code not present)
 	[squeeze] - nginx <not-affected> (Vulnerable code not present)
 	NOTE: ngx_http_spdy_module introduced in 1.3.15
 	NOTE: Debian compiles with --with-http_spdy_module, but also with --with-debug
-CVE-2014-0132
+CVE-2014-0132 (The SASL authentication functionality in 389 Directory Server before 1 ...)
 	- 389-ds-base 1.3.2.9-1.1 (bug #741600)
-CVE-2014-0131
+CVE-2014-0131 (Use-after-free vulnerability in the skb_segment function in net/core/s ...)
 	- linux 3.13.6-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Introduced in 3.1)
 	NOTE: http://marc.info/?l=linux-netdev&m=139446896921968&w=2
-CVE-2014-0130
+CVE-2014-0130 (Directory traversal vulnerability in actionpack/lib/abstract_controlle ...)
 	{DSA-2929-1}
 	- ruby-actionpack-2.3 <not-affected> (Vulnerable code not present)
 	- ruby-actionpack-3.2 <removed> (bug #747382)
 	- rails-3.2 3.2.18-1 (bug #747382)
 	- rails-4.0 <removed> (bug #747380)
-CVE-2014-0129
+CVE-2014-0129 (badges/mybadges.php in Moodle 2.5.x before 2.5.5 and 2.6.x before 2.6. ...)
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44140
-CVE-2014-0128
+CVE-2014-0128 (Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled ...)
 	- squid <not-affected> (All Squid-3.0 and older versions not vulnerable)
 	- squid3 3.4.8-1 (unimportant; bug #741312)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2014_1.txt
 	NOTE: only affects package rebuilds with --enable-ssl by users
-CVE-2014-0127
+CVE-2014-0127 (The time-validation implementation in (1) mod/feedback/complete.php an ...)
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43656
-CVE-2014-0126
+CVE-2014-0126 (Cross-site request forgery (CSRF) vulnerability in enrol/imsenterprise ...)
 	- moodle 2.6.2-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146
-CVE-2014-0125
+CVE-2014-0125 (repository/alfresco/lib.php in Moodle through 2.3.11, 2.4.x before 2.4 ...)
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29409
-CVE-2014-0124
+CVE-2014-0124 (The identity-reporting implementations in mod/forum/renderer.php and m ...)
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43916
-CVE-2014-0123
+CVE-2014-0123 (The wiki subsystem in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x ...)
 	- moodle 2.6.2-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-39990
 	NOTE: squeeze version unaffected due to lack of fine-grained access control?
-CVE-2014-0122
+CVE-2014-0122 (mod/chat/chat_ajax.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2 ...)
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082
-CVE-2014-0121
+CVE-2014-0121 (The admin terminal in Hawt.io does not require authentication, which a ...)
 	NOT-FOR-US: hawtio-karaf-terminal
-CVE-2014-0120
+CVE-2014-0120 (Cross-site request forgery (CSRF) vulnerability in the admin terminal  ...)
 	NOT-FOR-US: hawtio-karaf-terminal
-CVE-2014-0119
+CVE-2014-0119 (Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 d ...)
 	{DSA-3530-1}
 	- tomcat8 8.0.8-1
 	- tomcat7 7.0.54-1
 	- tomcat6 6.0.41-1
 	[wheezy] - tomcat7 7.0.28-4+deb7u4
-CVE-2014-0118
+CVE-2014-0118 (The deflate_in_filter function in mod_deflate.c in the mod_deflate mod ...)
 	{DSA-2989-1 DLA-66-1}
 	- apache2 2.4.10-1
-CVE-2014-0117
+CVE-2014-0117 (The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, wh ...)
 	- apache2 2.4.10-1
 	[squeeze] - apache2 <not-affected> (Affects 2.4.6 to 2.4.9)
 	[wheezy] - apache2 <not-affected> (Affects 2.4.6 to 2.4.9)
-CVE-2014-0116
+CVE-2014-0116 (CookieInterceptor in Apache Struts 2.x before 2.3.16.3, when a wildcar ...)
 	- libstruts1.2-java <not-affected> (Struts 2.0.0 through to Struts 2.3.16.2)
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-022
-CVE-2014-0115
+CVE-2014-0115 (Directory traversal vulnerability in the log viewer in Apache Storm 0. ...)
 	NOT-FOR-US: Apache Storm
-CVE-2014-0114
+CVE-2014-0114 (Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8. ...)
 	{DSA-2940-1 DLA-57-1}
 	- libstruts1.2-java 1.2.9-9 (bug #745897)
 	NOTE: http://mail-archives.apache.org/mod_mbox/struts-announcements/201404.mbox/%3C535F5F52.4040108%40apache.org%3E
@@ -25462,31 +25462,31 @@ CVE-2014-0114
 	[wheezy] - commons-beanutils <no-dsa> (Too intrusive to backport; might break existing apps)
 	[squeeze] - commons-beanutils <no-dsa> (Too intrusive to backport; might break existing apps)
 	NOTE: https://issues.apache.org/jira/browse/BEANUTILS-463
-CVE-2014-0113
+CVE-2014-0113 (CookieInterceptor in Apache Struts before 2.3.16.2, when a wildcard co ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.16)
 	NOTE: https://struts.apache.org/release/2.3.x/docs/s2-021.html
-CVE-2014-0112
+CVE-2014-0112 (ParametersInterceptor in Apache Struts before 2.3.16.2 does not proper ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.16)
 	NOTE: https://struts.apache.org/release/2.3.x/docs/s2-021.html
-CVE-2014-0111
+CVE-2014-0111 (Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote ...)
 	NOT-FOR-US: Apache Syncope
-CVE-2014-0110
+CVE-2014-0110 (Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attacke ...)
 	NOT-FOR-US: Apache CXF
-CVE-2014-0109
+CVE-2014-0109 (Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attacke ...)
 	NOT-FOR-US: Apache CXF
 CVE-2014-0108
 	REJECTED
-CVE-2014-0107
+CVE-2014-0107 (The TransformerFactory in Apache Xalan-Java before 2.7.2 does not prop ...)
 	{DSA-2886-1}
 	- libxalan2-java 2.7.1-9 (bug #742577)
 	NOTE: https://issues.apache.org/jira/browse/XALANJ-2435
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1581058
-CVE-2014-0106
+CVE-2014-0106 (Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly ...)
 	{DLA-160-1}
 	- sudo 1.8.5p2-1 (low)
 	[squeeze] - sudo <no-dsa> (environment sanitising is enabled by default and turning it off in insecure anyway)
 	NOTE: http://www.sudo.ws/sudo/alerts/env_add.html
-CVE-2014-0105
+CVE-2014-0105 (The auth_token middleware in the OpenStack Python client library for K ...)
 	- python-keystoneclient 1:0.6.0-4 (low; bug #742898)
 	[wheezy] - python-keystoneclient <not-affected> (Vulnerable code yet in src:keystone)
 	- keystone 2013.1.1-2
@@ -25497,54 +25497,54 @@ CVE-2014-0104
 	- fence-agents 4.0.17-1 (low; bug #764801)
 	[jessie] - fence-agents <no-dsa> (Minor issue)
 	[wheezy] - fence-agents <no-dsa> (Minor issue)
-CVE-2014-0103
+CVE-2014-0103 (WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credent ...)
 	- zarafa <itp> (bug #658433)
-CVE-2014-0102
+CVE-2014-0102 (The keyring_detect_cycle_iterator function in security/keys/keyring.c  ...)
 	- linux 3.13.6-1
 	[wheezy] - linux <not-affected> (Introduced in v3.13)
 	- linux-2.6 <not-affected> (Introduced in v3.13)
 	NOTE: Introduced by http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b2a4df200d570b2c33a57e1ebfa5896e4bc81b69
 	NOTE: patch: http://www.kernelhub.org/?msg=425013&p=2
-CVE-2014-0101
+CVE-2014-0101 (The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linu ...)
 	{DSA-2906-1}
 	- linux 3.13.6-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bbd0d59809f923ea2b540cbd781b32110e249f6e
 	NOTE: http://patchwork.ozlabs.org/patch/325898/
-CVE-2014-0100
+CVE-2014-0100 (Race condition in the inet_frag_intern function in net/ipv4/inet_fragm ...)
 	- linux 3.13.6-1
 	[wheezy] - linux <not-affected> (Introduced in v3.9)
 	- linux-2.6 <not-affected> (Introduced in v3.9)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ef0eb0db4bf92c6d2510fe5c4dc51852746f206
 	NOTE: http://patchwork.ozlabs.org/patch/325844/
-CVE-2014-0099
+CVE-2014-0099 (Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apac ...)
 	{DSA-3530-1}
 	- tomcat8 8.0.5-1
 	- tomcat7 7.0.53-1
 	[wheezy] - tomcat7 7.0.28-4+deb7u3
 	- tomcat6 6.0.41-1
 	NOTE: http://svn.apache.org/r1578814
-CVE-2014-0098
+CVE-2014-0098 (The log_cookie function in mod_log_config.c in the mod_log_config modu ...)
 	- apache2 2.4.9-1
 	[squeeze] - apache2 <not-affected> (Vulnerable code not present)
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: Looks like it was introduced in 2.2.23 which would mean that squeeze+wheezy are not affected. sf: waiting for confirmation.
-CVE-2014-0097
+CVE-2014-0097 (The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 ...)
 	- libspring-java <not-affected> (ActiveDirectoryLdapAuthenticator not yet present, introduced in 3.1)
-CVE-2014-0096
+CVE-2014-0096 (java/org/apache/catalina/servlets/DefaultServlet.java in the default s ...)
 	{DSA-3530-1}
 	- tomcat8 8.0.5-1
 	- tomcat7 7.0.53-1
 	- tomcat6 6.0.41-1
 	[wheezy] - tomcat7 7.0.28-4+deb7u4
-CVE-2014-0095
+CVE-2014-0095 (java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat  ...)
 	- tomcat8 8.0.5-1
-CVE-2014-0094
+CVE-2014-0094 (The ParametersInterceptor in Apache Struts before 2.3.16.1 allows remo ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.16)
-CVE-2014-0093
+CVE-2014-0093 (Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when usin ...)
 	NOT-FOR-US: JBoss EAP
-CVE-2014-0092
+CVE-2014-0092 (lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does ...)
 	{DSA-2869-1}
 	- gnutls26 2.12.23-13
 	- gnutls28 3.2.11-2
@@ -25552,19 +25552,19 @@ CVE-2014-0092
 CVE-2014-0091
 	RESERVED
 	- foreman <itp> (bug #663101)
-CVE-2014-0090
+CVE-2014-0090 (Session fixation vulnerability in Foreman before 1.4.2 allows remote a ...)
 	- foreman <itp> (bug #663101)
-CVE-2014-0089
+CVE-2014-0089 (Cross-site scripting (XSS) vulnerability in app/views/common/500.html. ...)
 	- foreman <itp> (bug #663101)
-CVE-2014-0088
+CVE-2014-0088 (The SPDY implementation in the ngx_http_spdy_module module in nginx 1. ...)
 	- nginx <not-affected> (Only affects 1.5.10)
-CVE-2014-0087
+CVE-2014-0087 (The check_privileges method in vmdb/app/controllers/application_contro ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0086
+CVE-2014-0086 (The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFa ...)
 	NOT-FOR-US: RichFaces
 	NOTE: https://github.com/richfaces/richfaces/commit/4115c103f74e7cb0af6d392e22866e52db2bc4e7
 	NOTE: https://issues.jboss.org/browse/RF-13250
-CVE-2014-0085
+CVE-2014-0085 (JBoss Fuse did not enable encrypted passwords by default in its usage  ...)
 	NOT-FOR-US: Fuse Fabric
 CVE-2014-0084
 	RESERVED
@@ -25573,7 +25573,7 @@ CVE-2014-0083 [SSHA passwords generated by the net-ldap Ruby gem use a weak salt
 	RESERVED
 	- ruby-net-ldap <not-affected> (SSHA support not present)
 	NOTE: SSHA support only from version v0.5.0, see #742706
-CVE-2014-0082
+CVE-2014-0082 (actionpack/lib/action_view/template/text.rb in Action View in Ruby on  ...)
 	{DSA-2929-1}
 	- rails-4.0 <not-affected> (only 3.2.x and earlier)
 	- rails-3.2 3.2.17-1
@@ -25583,7 +25583,7 @@ CVE-2014-0082
 	- rails 2.3.14.1
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2014-0081
+CVE-2014-0081 (Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/ ...)
 	{DSA-2929-1}
 	- rails-4.0 <removed>
 	- rails-3.2 3.2.17-1
@@ -25593,43 +25593,43 @@ CVE-2014-0081
 	- rails 2.3.14.1
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
-CVE-2014-0080
+CVE-2014-0080 (SQL injection vulnerability in activerecord/lib/active_record/connecti ...)
 	- rails-4.0 <removed>
 	- ruby-activerecord-3.2 <not-affected> (affects only rails 4.0.x)
 	- ruby-activerecord-2.3 <not-affected> (affects only rails 4.0.x)
 	- rails <not-affected> (affects only rails 4.0.x)
-CVE-2014-0079
+CVE-2014-0079 (The ValidateUserLogon function in provider/libserver/ECSession.cpp in  ...)
 	NOT-FOR-US: Zarafa Collaboration Platform
-CVE-2014-0078
+CVE-2014-0078 (The CatalogController in Red Hat CloudForms Management Engine (CFME) b ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0077
+CVE-2014-0077 (drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable ...)
 	- linux 3.13.10-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: seems introduced in https://github.com/torvalds/linux/commit/8dd014adfea6f173c1ef6378f7e5e7924866c923
 	NOTE: qemu is built with support for vhost_net, module loaded post-wheezy when linux < 3.4 but root:root 0600
-CVE-2014-0076
+CVE-2014-0076 (The Montgomery ladder implementation in OpenSSL through 1.0.0l does no ...)
 	{DSA-2908-1 DLA-0003-1}
 	- openssl 1.0.1g-1 (low; bug #742923)
 	[squeeze] - openssl 0.9.8o-4squeeze15
 	NOTE: http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=f9b6c0ba4c02497782f801e3c45688f3efaac55c
-CVE-2014-0075
+CVE-2014-0075 (Integer overflow in the parseChunkHeader function in java/org/apache/c ...)
 	{DSA-3530-1}
 	- tomcat8 8.0.5-1
 	- tomcat7 7.0.53-1
 	[wheezy] - tomcat7 7.0.28-4+deb7u3
 	- tomcat6 6.0.41-1
-CVE-2014-0074
+CVE-2014-0074 (Apache Shiro 1.x before 1.2.3, when using an LDAP server with unauthen ...)
 	- shiro 1.2.3-1
-CVE-2014-0073
+CVE-2014-0073 (The CDVInAppBrowser class in the Apache Cordova In-App-Browser standal ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2014-0072
+CVE-2014-0072 (ios/CDVFileTransfer.m in the Apache Cordova File-Transfer standalone p ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2014-0071
+CVE-2014-0071 (PackStack in Red Hat OpenStack 4.0 does not enforce the default securi ...)
 	- neutron 2014.1-1
 CVE-2014-0070
 	REJECTED
-CVE-2014-0069
+CVE-2014-0069 (The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel th ...)
 	- linux 3.13.6-1 (bug #741958)
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Only affects 2.6.38 and later)
@@ -25638,43 +25638,43 @@ CVE-2014-0069
 CVE-2014-0068
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2014-0067
+CVE-2014-0067 (The "make check" command for the test suites in PostgreSQL 9.3.3 and e ...)
 	{DSA-2865-1 DSA-2864-1 DLA-0019-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0066
+CVE-2014-0066 (The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16 ...)
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0065
+CVE-2014-0065 (Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9. ...)
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0064
+CVE-2014-0064 (Multiple integer overflows in the path_in and other unspecified functi ...)
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0063
+CVE-2014-0063 (Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0 ...)
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0062
+CVE-2014-0062 (Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE ...)
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0061
+CVE-2014-0061 (The validator functions for the procedural languages (PLs) in PostgreS ...)
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.12-1 (low)
 	- postgresql-8.4 <removed>
@@ -25683,43 +25683,43 @@ CVE-2014-0061
 	- postgresql-plsh 1.20140221-1
 	[wheezy] - postgresql-plsh <no-dsa> (Minor issue)
 	[squeeze] - postgresql-plsh <no-dsa> (Minor issue)
-CVE-2014-0060
+CVE-2014-0060 (PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9. ...)
 	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	- postgresql-9.3 9.3.3-1
-CVE-2014-0059
+CVE-2014-0059 (JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Applicatio ...)
 	NOT-FOR-US: JBossSX
-CVE-2014-0058
+CVE-2014-0058 (The security audit functionality in Red Hat JBoss Enterprise Applicati ...)
 	NOT-FOR-US: JBoss EAP
-CVE-2014-0057
+CVE-2014-0057 (The x_button method in the ServiceController (vmdb/app/controllers/ser ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0056
+CVE-2014-0056 (The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not chec ...)
 	- neutron 2013.2.2-4 (bug #742800)
-CVE-2014-0055
+CVE-2014-0055 (The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsy ...)
 	- linux 3.13.10-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: introduced in https://github.com/torvalds/linux/commit/8dd014adfea6f173c1ef6378f7e5e7924866c923
 	NOTE: qemu is built with support for vhost_net, module loaded post-wheezy when linux < 3.4 but root:root 0600
-CVE-2014-0054
+CVE-2014-0054 (The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Frame ...)
 	{DSA-2890-1}
 	- libspring-java 3.0.6.RELEASE-13 (bug #741604)
-CVE-2014-0053
+CVE-2014-0053 (The default configuration of the Resources plugin 1.0.0 before 1.2.6 f ...)
 	- grails <itp> (bug #473213)
 CVE-2014-0052
 	REJECTED
 CVE-2014-0051
 	REJECTED
-CVE-2014-0050
+CVE-2014-0050 (MultipartStream.java in Apache Commons FileUpload before 1.3.1, as use ...)
 	{DSA-2897-1 DSA-2856-1}
 	- libcommons-fileupload-java 1.3.1-1
 	- tomcat7 7.0.52-1
 	- tomcat6 <not-affected> (access to Manager application limited to authenticated administrators)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1565169
 	NOTE: CVE might be splitted
-CVE-2014-0049
+CVE-2014-0049 (Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm ...)
 	- linux 3.13.6-1
 	[wheezy] - linux <not-affected> (Introduced in 3.5)
 	- linux-2.6 <not-affected> (Introduced in 3.5)
@@ -25728,66 +25728,66 @@ CVE-2014-0048 [multiple files downloaded over HTTP and executed or used unsafely
 	RESERVED
 	- docker.io 1.6.0+dfsg1-1
 	NOTE: According to Red Hat bug no longer present in 1.5
-CVE-2014-0047
+CVE-2014-0047 (Docker before 1.5 allows local users to have unspecified impact via ve ...)
 	- docker.io 1.6.0+dfsg1-1
 	NOTE: According to Red Hat bug no longer present in 1.5
-CVE-2014-0046
+CVE-2014-0046 (Cross-site scripting (XSS) vulnerability in the link-to helper in Embe ...)
 	NOT-FOR-US: ember.js
-CVE-2014-0045
+CVE-2014-0045 (The needSamples method in AudioOutputSpeech.cpp in the client in Mumbl ...)
 	{DSA-2854-1}
 	- mumble 1.2.4-0.2 (bug #737739)
 	[squeeze] - mumble <not-affected> (Opus support not present)
-CVE-2014-0044
+CVE-2014-0044 (The opus_packet_get_samples_per_frame function in client in Mumble 1.2 ...)
 	{DSA-2854-1}
 	- mumble 1.2.4-0.2 (bug #737739)
 	[squeeze] - mumble <not-affected> (Opus support not present)
-CVE-2014-0043
+CVE-2014-0043 (In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2014-0042
+CVE-2014-0042 (OpenStack Heat Templates (heat-templates), as used in Red Hat Enterpri ...)
 	NOT-FOR-US: openstack-heat-templates
-CVE-2014-0041
+CVE-2014-0041 (OpenStack Heat Templates (heat-templates), as used in Red Hat Enterpri ...)
 	NOT-FOR-US: openstack-heat-templates
-CVE-2014-0040
+CVE-2014-0040 (OpenStack Heat Templates (heat-templates), as used in Red Hat Enterpri ...)
 	NOT-FOR-US: openstack-heat-templates
-CVE-2014-0039
+CVE-2014-0039 (Untrusted search path vulnerability in fwsnort before 1.6.4, when not  ...)
 	- fwsnort 1.6.4-1 (low; bug #737495)
 	[wheezy] - fwsnort <no-dsa> (Minor issue)
 	[squeeze] - fwsnort <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/mrash/fwsnort/commit/fa977453120cc48e1654f373311f9cac468d3348
-CVE-2014-0038
+CVE-2014-0038 (The compat_sys_recvmmsg function in net/compat.c in the Linux kernel b ...)
 	- linux 3.13.4-1 (unimportant)
 	[wheezy] - linux <not-affected> (Introduced in 3.4+)
 	- linux-2.6 <not-affected> (Introduced in 3.4+)
 	NOTE: introduced by http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/net/compat.c?id=ee4fa23c4bfcc635d077a9633d405610de45bc70
 	NOTE: Debian does not enable CONFIG_X86_X32, see #708070
-CVE-2014-0037
+CVE-2014-0037 (The ValidateUserLogon function in provider/libserver/ECSession.cpp in  ...)
 	NOT-FOR-US: Zarafa Collaboration Platform
-CVE-2014-0036
+CVE-2014-0036 (The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with S ...)
 	NOT-FOR-US: rbovirt
-CVE-2014-0035
+CVE-2014-0035 (The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7. ...)
 	NOT-FOR-US: Apache CFX
-CVE-2014-0034
+CVE-2014-0034 (The SecurityTokenService (STS) in Apache CXF before 2.6.12 and 2.7.x b ...)
 	NOT-FOR-US: Apache CFX
-CVE-2014-0033
+CVE-2014-0033 (org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0. ...)
 	{DSA-3530-1 DLA-91-1}
 	- tomcat6 6.0.39
-CVE-2014-0032
+CVE-2014-0032 (The get_resource function in repos.c in the mod_dav_svn module in Apac ...)
 	{DLA-207-1}
 	- subversion 1.8.8-1 (low; bug #737815)
 	[squeeze] - subversion <no-dsa> (Minor issue)
 	[wheezy] - subversion 1.6.17dfsg-4+deb7u5
-CVE-2014-0031
+CVE-2014-0031 (The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache Clou ...)
 	NOT-FOR-US: Apache CloudStack
-CVE-2014-0030
+CVE-2014-0030 (The XML-RPC protocol support in Apache Roller before 5.0.3 allows atta ...)
 	NOT-FOR-US: Apache Roller
-CVE-2014-0029
+CVE-2014-0029 (Multiple cross-site scripting (XSS) vulnerabilities in the SAM web app ...)
 	NOT-FOR-US: Katello
-CVE-2014-0028
+CVE-2014-0028 (libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypa ...)
 	- libvirt 1.2.1-1
 	[squeeze] - libvirt <not-affected> (Introduced in 1.1.1)
 	[wheezy] - libvirt <not-affected> (Introduced in 1.1.1)
 	NOTE: https://www.redhat.com/archives/libvir-list/2014-January/msg00684.html
-CVE-2014-0027
+CVE-2014-0027 (The play_wave_from_socket function in audio/auserver.c in Flite 1.4 al ...)
 	- flite 1.4-release-8 (low; bug #734746)
 	[wheezy] - flite <no-dsa> (Minor issue)
 	[squeeze] - flite <no-dsa> (Minor issue)
@@ -25801,37 +25801,37 @@ CVE-2014-0024
 CVE-2014-0023
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2014-0022
+CVE-2014-0022 (The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and e ...)
 	NOT-FOR-US: yum cron
 CVE-2014-0021 [traffic amplification in cmdmon protocol]
 	RESERVED
 	- chrony 1.29.1-1 (low; bug #737644)
 	[squeeze] - chrony <no-dsa> (Minor issue)
 	[wheezy] - chrony <no-dsa> (Minor issue)
-CVE-2014-0020
+CVE-2014-0020 (The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not  ...)
 	{DSA-2859-1}
 	- pidgin 2.10.8-1
 	[squeeze] - pidgin <no-dsa> (Not suitable for code injection)
-CVE-2014-0019
+CVE-2014-0019 (Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0 ...)
 	- socat 1.7.2.3-1 (low; bug #736993)
 	[squeeze] - socat <no-dsa> (Minor issue)
 	[wheezy] - socat <no-dsa> (Minor issue)
-CVE-2014-0018
+CVE-2014-0018 (Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss  ...)
 	NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
-CVE-2014-0017
+CVE-2014-0017 (The RAND_bytes function in libssh before 0.6.3, when forking is enable ...)
 	{DSA-2879-1}
 	- libssh 0.5.4-3
 	NOTE: http://git.libssh.org/projects/libssh.git/commit/?id=e99246246b4061f7e71463f8806b9dcad65affa0
-CVE-2014-0016
+CVE-2014-0016 (stunnel before 5.00, when using fork threading, does not properly upda ...)
 	- stunnel4 <not-affected> (Debian package compiled with --with-threads=pthread)
-CVE-2014-0015
+CVE-2014-0015 (cURL and libcurl 7.10.6 through 7.34.0, when more than one authenticat ...)
 	{DSA-2849-1}
 	- curl 7.35.0-1
-CVE-2014-0014
+CVE-2014-0014 (Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, 1 ...)
 	NOT-FOR-US: Ember.js
-CVE-2014-0013
+CVE-2014-0013 (Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, 1 ...)
 	NOT-FOR-US: Ember.js
-CVE-2014-0012
+CVE-2014-0012 (FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create tempo ...)
 	- jinja2 2.7.2-2 (bug #734956)
 	[squeeze] - jinja2 <not-affected> (introduced by fix in 2.7.2)
 	[wheezy] - jinja2 <not-affected> (introduced by fix in 2.7.2)
@@ -25843,34 +25843,34 @@ CVE-2014-0011 [ZRLE decoding bounds checking issue]
 	NOTE: may affect related *VNC implementations if built with NDEBUG
 	NOTE: e.g. vnc4 seems to have similar code in common/rfb/zrleDecode.h
 	NOTE: starting with 4.1.1+X4.3.0+t-1 it's a transitional package
-CVE-2014-0010
+CVE-2014-0010 (Multiple cross-site request forgery (CSRF) vulnerabilities in user/pro ...)
 	- moodle 2.5.4-1
 	[squeeze] - moodle <not-affected> (Code correctly checks session key)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42883
-CVE-2014-0009
+CVE-2014-0009 (course/loginas.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4. ...)
 	- moodle 2.5.4-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42643
-CVE-2014-0008
+CVE-2014-0008 (lib/adminlib.php in Moodle through 2.3.11, 2.4.x before 2.4.8, 2.5.x b ...)
 	- moodle 2.5.4-1 (low)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721
-CVE-2014-0007
+CVE-2014-0007 (The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows  ...)
 	- foreman <itp> (bug #663101)
-CVE-2014-0006
+CVE-2014-0006 (The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 throu ...)
 	- swift 1.11.0-2 (low; bug #735582)
 	[wheezy] - swift <no-dsa> (Minor issue)
-CVE-2014-0005
+CVE-2014-0005 (PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application ...)
 	NOT-FOR-US: PicketBox/JBossSX
-CVE-2014-0004
+CVE-2014-0004 (Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1. ...)
 	{DSA-2872-1}
 	- udisks2 2.1.3-1
 	- udisks 1.0.5-1
-CVE-2014-0003
+CVE-2014-0003 (The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before ...)
 	NOT-FOR-US: Apache Camel
-CVE-2014-0002
+CVE-2014-0002 (The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.1 ...)
 	NOT-FOR-US: Apache Camel
-CVE-2014-0001
+CVE-2014-0001 (Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before  ...)
 	{DSA-2919-1 DLA-75-1}
 	- mysql-5.1 <removed> (low)
 	[squeeze] - mysql-5.1 <no-dsa> (Minor issue, currently not fixed in MySQL, can be included once fixed in 5.1.x)
@@ -25879,7 +25879,7 @@ CVE-2014-0001
 	- percona-xtradb-cluster-5.5 5.5.37-25.10+dfsg-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1054592
 	NOTE: http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64
-CVE-2014-0158
+CVE-2014-0158 (Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJ ...)
 	- openjpeg 1.3+dfsg-4.7
 	NOTE: Not considering a duplicate of CVE-2013-1447 following
 	NOTE: http://www.openwall.com/lists/oss-security/2014/04/02/2 . A query
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index 548439c3e3..0939582b41 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -1,70 +1,70 @@
 CVE-2015-9283
 	RESERVED
-CVE-2015-9282
+CVE-2015-9282 (The Pie Chart Panel plugin through 2019-01-02 for Grafana is vulnerabl ...)
 	NOT-FOR-US: Grafana plugin
-CVE-2015-9281
+CVE-2015-9281 (Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows r ...)
 	NOT-FOR-US: SAS Web Infrastructure Platform
-CVE-2015-9280
+CVE-2015-9280 (MailEnable before 8.60 allows XXE via an XML document in the request.a ...)
 	NOT-FOR-US: MailEnable
-CVE-2015-9279
+CVE-2015-9279 (MailEnable before 8.60 allows Stored XSS via malformed use of "&lt;img ...)
 	NOT-FOR-US: MailEnable
-CVE-2015-9278
+CVE-2015-9278 (MailEnable before 8.60 allows Privilege Escalation because admin accou ...)
 	NOT-FOR-US: MailEnable
-CVE-2015-9277
+CVE-2015-9277 (MailEnable before 8.60 allows Directory Traversal for reading the mess ...)
 	NOT-FOR-US: MailEnable
-CVE-2015-9276
+CVE-2015-9276 (SmarterTools SmarterMail before 13.3.5535 was vulnerable to stored XSS ...)
 	NOT-FOR-US: SmarterTools SmarterMail
-CVE-2015-9274
+CVE-2015-9274 (HarfBuzz before 1.0.4 allows remote attackers to cause a denial of ser ...)
 	- harfbuzz 1.2.6-1
 	[jessie] - harfbuzz <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/harfbuzz/harfbuzz/commit/c917965b9e6fe2b21ed6c51559673288fa3af4b7
-CVE-2015-9273
+CVE-2015-9273 (The wp-slimstat (aka Slimstat Analytics) plugin before 4.1.6.1 for Wor ...)
 	NOT-FOR-US: WordPress plugin wp-slimstat
-CVE-2015-9272
+CVE-2015-9272 (The videowhisper-video-presentation plugin 3.31.17 for WordPress allow ...)
 	NOT-FOR-US: videowhisper-video-presentation plugin for WordPress
-CVE-2015-9271
+CVE-2015-9271 (The VideoWhisper videowhisper-video-conference-integration plugin 4.91 ...)
 	NOT-FOR-US: WordPress plugin videowhisper-video-conference-integration
-CVE-2015-9270
+CVE-2015-9270 (XSS exists in the the-holiday-calendar plugin before 1.11.3 for WordPr ...)
 	NOT-FOR-US: the-holiday-calendar plugin for WordPress
-CVE-2015-9269
+CVE-2015-9269 (The export/content.php exportarticle feature in the wordpress-mobile-p ...)
 	NOT-FOR-US: wordpress-mobile-pack plugin for WordPress
-CVE-2015-9268
+CVE-2015-9268 (Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe impli ...)
 	{DLA-1602-1}
 	- nsis 2.50-1
 	NOTE: https://sourceforge.net/p/nsis/bugs/1125/
-CVE-2015-9267
+CVE-2015-9267 (Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary f ...)
 	{DLA-1602-1}
 	- nsis 2.50-1
 	NOTE: https://sourceforge.net/p/nsis/bugs/1125/
-CVE-2015-9266
+CVE-2015-9266 (The web management interface of Ubiquiti airMAX, airFiber, airGateway  ...)
 	NOT-FOR-US: Ubiquiti
 CVE-2015-9265
 	REJECTED
-CVE-2015-9264
+CVE-2015-9264 (Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute ...)
 	NOT-FOR-US: Lansweeper
-CVE-2015-9263
+CVE-2015-9263 (An issue was discovered in post2file.php in Up.Time Monitoring Station ...)
 	NOT-FOR-US: Up.Time
-CVE-2015-9262
+CVE-2015-9262 (_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows  ...)
 	{DLA-1469-1}
 	- libxcursor 1:1.1.15-1 (low; bug #906012)
 	[stretch] - libxcursor 1:1.1.14-1+deb9u2
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=90857
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=897213f36baf6926daf6d192c709cf627aa5fd05
-CVE-2015-9260
+CVE-2015-9260 (An issue was discovered in BEdita before 3.7.0. A cross-site scripting ...)
 	NOT-FOR-US: BEdita
-CVE-2015-9259
+CVE-2015-9259 (In Docker Notary before 0.1, the checkRoot function in gotuf/client/cl ...)
 	- notary 0.1~ds1-1
-CVE-2015-9258
+CVE-2015-9258 (In Docker Notary before 0.1, gotuf/signed/verify.go has a Signature Al ...)
 	- notary 0.1~ds1-1
-CVE-2015-9257
+CVE-2015-9257 (BMC Remedy Action Request (AR) System 9.0 before 9.0.00 Service Pack 2 ...)
 	NOT-FOR-US: BMC Remedy Action Request (AR) System
-CVE-2015-9256
+CVE-2015-9256 (Datto ALTO and SIRIS devices allow remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: Datto ALTO and SIRIS devices
-CVE-2015-9255
+CVE-2015-9255 (Datto ALTO and SIRIS devices allow remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: Datto ALTO and SIRIS devices
-CVE-2015-9254
+CVE-2015-9254 (Datto ALTO and SIRIS devices have a default VNC password. ...)
 	NOT-FOR-US: Datto ALTO and SIRIS devices
-CVE-2015-9253
+CVE-2015-9253 (An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before  ...)
 	- php7.3 <not-affected> (Fixed with initial upload to unstable)
 	- php7.2 7.2.8-1 (unimportant)
 	- php7.1 7.1.20-1 (unimportant)
@@ -74,16 +74,16 @@ CVE-2015-9253
 	NOTE: https://bugs.php.net/bug.php?id=70185
 	NOTE: https://bugs.php.net/bug.php?id=75968
 	NOTE: Only exploitable with malicious script
-CVE-2015-9252
+CVE-2015-9252 (An issue was discovered in QPDF before 7.0.0. Endless recursion causes ...)
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/commit/701b518d5c56a1449825a3a37a716c58e05e1c3e
 	NOTE: https://github.com/qpdf/qpdf/issues/51
-CVE-2015-1142857
+CVE-2015-1142857 (On multiple SR-IOV cars it is possible for VF's assigned to guests to  ...)
 	NOT-FOR-US: SR-IOV cars
-CVE-2015-9251
+CVE-2015-9251 (jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attack ...)
 	- jquery 3.1.1-1
 	[jessie] - jquery <ignored> (Too intrusive to backport)
 	[wheezy] - jquery <ignored> (Too invasive to fix)
@@ -92,306 +92,306 @@ CVE-2015-9251
 	NOTE: https://github.com/jquery/jquery/pull/2588
 	NOTE: https://snyk.io/vuln/npm:jquery:20150627
 	NOTE: only 3.0 was fixed upstream, because fix considered too invasive: https://github.com/jquery/jquery/issues/2432#issuecomment-290983196
-CVE-2015-9250
+CVE-2015-9250 (An issue was discovered in Skybox Platform before 7.5.201. Directory T ...)
 	NOT-FOR-US: Skybox Platform
-CVE-2015-9249
+CVE-2015-9249 (An issue was discovered in Skybox Platform before 7.5.201. SQL Injecti ...)
 	NOT-FOR-US: Skybox Platform
-CVE-2015-9248
+CVE-2015-9248 (An issue was discovered in Skybox Platform before 7.5.201. Stored cros ...)
 	NOT-FOR-US: Skybox Platform
-CVE-2015-9247
+CVE-2015-9247 (An issue was discovered in Skybox Platform before 7.5.401. Reflected c ...)
 	NOT-FOR-US: Skybox Platform
-CVE-2015-9246
+CVE-2015-9246 (An issue was discovered in Skybox Platform before 7.5.201. Remote Unau ...)
 	NOT-FOR-US: Skybox Platform
-CVE-2015-9245
+CVE-2015-9245 (Insecure default configuration in Progress Software OpenEdge 10.2x and ...)
 	NOT-FOR-US: Progress Software OpenEdge
-CVE-2015-9243
+CVE-2015-9243 (When server level, connection level or route level CORS configurations ...)
 	NOT-FOR-US: hapi
-CVE-2015-9242
+CVE-2015-9242 (Certain input strings when passed to new Date() or Date.parse() in ecs ...)
 	NOT-FOR-US: ecstatic
-CVE-2015-9241
+CVE-2015-9241 (Certain input passed into the If-Modified-Since or Last-Modified heade ...)
 	NOT-FOR-US: hapi
-CVE-2015-9240
+CVE-2015-9240 (Due to a bug in the the default sign in functionality in the keystone  ...)
 	NOT-FOR-US: keystone node module
-CVE-2015-9239
+CVE-2015-9239 (ansi2html is vulnerable to regular expression denial of service (ReDoS ...)
 	NOT-FOR-US: ansi2html
-CVE-2015-9238
+CVE-2015-9238 (secure-compare 3.0.0 and below do not actually compare two strings pro ...)
 	NOT-FOR-US: secure-compare node module
 CVE-2015-9237
 	RESERVED
-CVE-2015-9236
+CVE-2015-9236 (Hapi versions less than 11.0.0 implement CORS incorrectly and allowed  ...)
 	NOT-FOR-US: hapi
-CVE-2015-9235
+CVE-2015-9235 (In jsonwebtoken node module before 4.2.2 it is possible for an attacke ...)
 	NOT-FOR-US: jsonwebtoken node module
-CVE-2015-9234
+CVE-2015-9234 (The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plug ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2015-9233
+CVE-2015-9233 (The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plug ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2015-9232
+CVE-2015-9232 (The Good for Enterprise application 3.0.0.415 for Android does not use ...)
 	NOT-FOR-US: Good for Enterprise application for Android
-CVE-2015-9231
+CVE-2015-9231 (iTerm2 3.x before 3.1.1 allows remote attackers to discover passwords  ...)
 	NOT-FOR-US: iTerm2
-CVE-2015-9230
+CVE-2015-9230 (In the admin/db-backup-security/db-backup-security.php page in the Bul ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2015-9229
+CVE-2015-9229 (In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery ...)
 	NOT-FOR-US: Photocrati NextGEN Gallery
-CVE-2015-9228
+CVE-2015-9228 (In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for Wo ...)
 	NOT-FOR-US: Photocrati NextGEN Gallery plugin for WordPress
-CVE-2015-9227
+CVE-2015-9227 (PHP remote file inclusion vulnerability in the get_file function in up ...)
 	NOT-FOR-US: AlegroCart
-CVE-2015-9226
+CVE-2015-9226 (Multiple SQL injection vulnerabilities in AlegroCart 1.2.8 allow remot ...)
 	NOT-FOR-US: AlegroCart
 CVE-2015-9225
 	RESERVED
-CVE-2015-9224
+CVE-2015-9224 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9223
+CVE-2015-9223 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9222
+CVE-2015-9222 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9221
+CVE-2015-9221 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9220
+CVE-2015-9220 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9219
+CVE-2015-9219 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9218
+CVE-2015-9218 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9217
+CVE-2015-9217 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9216
+CVE-2015-9216 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9215
+CVE-2015-9215 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9214
 	RESERVED
-CVE-2015-9213
+CVE-2015-9213 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9212
+CVE-2015-9212 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9211
+CVE-2015-9211 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9210
+CVE-2015-9210 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9209
+CVE-2015-9209 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9208
+CVE-2015-9208 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9207
+CVE-2015-9207 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9206
+CVE-2015-9206 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9205
+CVE-2015-9205 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9204
+CVE-2015-9204 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9203
+CVE-2015-9203 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9202
+CVE-2015-9202 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9201
+CVE-2015-9201 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9200
+CVE-2015-9200 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9199
+CVE-2015-9199 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9198
+CVE-2015-9198 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9197
+CVE-2015-9197 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9196
+CVE-2015-9196 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9195
+CVE-2015-9195 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9194
+CVE-2015-9194 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9193
+CVE-2015-9193 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9192
+CVE-2015-9192 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9191
+CVE-2015-9191 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9190
+CVE-2015-9190 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9189
+CVE-2015-9189 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9188
+CVE-2015-9188 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9187
+CVE-2015-9187 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9186
+CVE-2015-9186 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9185
+CVE-2015-9185 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9184
+CVE-2015-9184 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9183
+CVE-2015-9183 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9182
+CVE-2015-9182 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9181
+CVE-2015-9181 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9180
+CVE-2015-9180 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9179
+CVE-2015-9179 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9178
+CVE-2015-9178 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9177
+CVE-2015-9177 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9176
+CVE-2015-9176 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9175
+CVE-2015-9175 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9174
+CVE-2015-9174 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9173
+CVE-2015-9173 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9172
+CVE-2015-9172 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9171
+CVE-2015-9171 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9170
+CVE-2015-9170 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9169
+CVE-2015-9169 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9168
 	RESERVED
-CVE-2015-9167
+CVE-2015-9167 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9166
+CVE-2015-9166 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9165
+CVE-2015-9165 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9164
+CVE-2015-9164 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9163
+CVE-2015-9163 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9162
+CVE-2015-9162 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9161
+CVE-2015-9161 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9160
+CVE-2015-9160 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9159
+CVE-2015-9159 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9158
+CVE-2015-9158 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9157
+CVE-2015-9157 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9156
+CVE-2015-9156 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9155
 	RESERVED
 CVE-2015-9154
 	RESERVED
-CVE-2015-9153
+CVE-2015-9153 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9152
+CVE-2015-9152 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9151
+CVE-2015-9151 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9150
+CVE-2015-9150 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9149
+CVE-2015-9149 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9148
+CVE-2015-9148 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9147
+CVE-2015-9147 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9146
+CVE-2015-9146 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9145
+CVE-2015-9145 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9144
+CVE-2015-9144 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9143
+CVE-2015-9143 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9142
+CVE-2015-9142 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9141
+CVE-2015-9141 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9140
+CVE-2015-9140 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9139
+CVE-2015-9139 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9138
+CVE-2015-9138 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9137
+CVE-2015-9137 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9136
+CVE-2015-9136 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9135
+CVE-2015-9135 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9134
+CVE-2015-9134 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9133
+CVE-2015-9133 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9132
+CVE-2015-9132 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9131
+CVE-2015-9131 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9130
+CVE-2015-9130 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9129
+CVE-2015-9129 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9128
+CVE-2015-9128 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9127
+CVE-2015-9127 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9126
+CVE-2015-9126 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9125
 	RESERVED
-CVE-2015-9124
+CVE-2015-9124 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9123
+CVE-2015-9123 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9122
+CVE-2015-9122 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9121
 	RESERVED
-CVE-2015-9120
+CVE-2015-9120 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9119
+CVE-2015-9119 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9118
+CVE-2015-9118 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9117
 	RESERVED
-CVE-2015-9116
+CVE-2015-9116 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9115
+CVE-2015-9115 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9114
+CVE-2015-9114 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9113
+CVE-2015-9113 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9112
+CVE-2015-9112 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9111
+CVE-2015-9111 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9110
+CVE-2015-9110 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9109
+CVE-2015-9109 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9108
+CVE-2015-9108 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9107
+CVE-2015-9107 (Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption a ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2015-9106
 	RESERVED
 	NOT-FOR-US: WordPress plugin the-holiday-calendar
-CVE-2015-9105
+CVE-2015-9105 (Multiple cross-site scripting (XSS) vulnerabilities in Synology Video  ...)
 	NOT-FOR-US: Synology
-CVE-2015-9104
+CVE-2015-9104 (Cross-site scripting (XSS) vulnerabilities in Synology Audio Station 5 ...)
 	NOT-FOR-US: Synology
-CVE-2015-9103
+CVE-2015-9103 (Multiple cross-site scripting (XSS) vulnerabilities in Synology Note S ...)
 	NOT-FOR-US: Synology
-CVE-2015-9102
+CVE-2015-9102 (Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo  ...)
 	NOT-FOR-US: Synology
-CVE-2015-9098
+CVE-2015-9098 (In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attack ...)
 	NOT-FOR-US: Redgate SQL Monitor
-CVE-2015-9096
+CVE-2015-9096 (Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection ...)
 	{DSA-3966-1 DLA-1421-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #864860)
 	- ruby2.1 <removed>
@@ -445,118 +445,118 @@ CVE-2015-9075
 	RESERVED
 CVE-2015-9074
 	RESERVED
-CVE-2015-9073
+CVE-2015-9073 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9072
+CVE-2015-9072 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9071
+CVE-2015-9071 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9070
+CVE-2015-9070 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9069
+CVE-2015-9069 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9068
+CVE-2015-9068 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9067
+CVE-2015-9067 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9066
+CVE-2015-9066 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9065
+CVE-2015-9065 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9064
+CVE-2015-9064 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9063
+CVE-2015-9063 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9062
+CVE-2015-9062 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9061
+CVE-2015-9061 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9060
+CVE-2015-9060 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9059
+CVE-2015-9059 (picocom before 2.0 has a command injection vulnerability in the 'send  ...)
 	{DLA-974-1}
 	- picocom 1.7-2 (bug #863671)
 	[jessie] - picocom <no-dsa> (Minor issue)
 	NOTE: https://github.com/npat-efault/picocom/commit/1ebc60b20fbe9a02436d5cbbf8951714e749ddb1
-CVE-2015-9058
+CVE-2015-9058 (Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4. ...)
 	NOT-FOR-US: Proxmox Mail Gateway
-CVE-2015-9057
+CVE-2015-9057 (Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Ga ...)
 	NOT-FOR-US: Proxmox Mail Gateway
-CVE-2015-9056
+CVE-2015-9056 (Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a XSS attac ...)
 	- kibana <itp> (bug #700337)
-CVE-2015-9055
+CVE-2015-9055 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9054
+CVE-2015-9054 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9053
+CVE-2015-9053 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9052
+CVE-2015-9052 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9051
+CVE-2015-9051 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9050
+CVE-2015-9050 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9049
+CVE-2015-9049 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9048
+CVE-2015-9048 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9047
+CVE-2015-9047 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9046
+CVE-2015-9046 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9045
+CVE-2015-9045 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9044
+CVE-2015-9044 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9043
+CVE-2015-9043 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9042
+CVE-2015-9042 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9041
+CVE-2015-9041 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9040
+CVE-2015-9040 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9039
+CVE-2015-9039 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9038
+CVE-2015-9038 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9037
+CVE-2015-9037 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9036
+CVE-2015-9036 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9035
+CVE-2015-9035 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9034
+CVE-2015-9034 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-9033
+CVE-2015-9033 (In all Android releases from CAF using the Linux kernel, a QTEE system ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9032
+CVE-2015-9032 (In all Android releases from CAF using the Linux kernel, a DRM key was ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9031
+CVE-2015-9031 (In all Android releases from CAF using the Linux kernel, a TZ memory a ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9030
+CVE-2015-9030 (In all Android releases from CAF using the Linux kernel, the Hyperviso ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9029
+CVE-2015-9029 (In all Android releases from CAF using the Linux kernel, a vulnerabili ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9028
+CVE-2015-9028 (In all Android releases from CAF using the Linux kernel, a buffer over ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9027
+CVE-2015-9027 (In all Android releases from CAF using the Linux kernel, an untrusted  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9026
+CVE-2015-9026 (In all Android releases from CAF using the Linux kernel, an untrusted  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9025
+CVE-2015-9025 (In all Android releases from CAF using the Linux kernel, a buffer over ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9024
+CVE-2015-9024 (In all Android releases from CAF using the Linux kernel, some interfac ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9023
+CVE-2015-9023 (In all Android releases from CAF using the Linux kernel, a buffer over ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9022
+CVE-2015-9022 (In all Android releases from CAF using the Linux kernel, time-of-check ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9021
+CVE-2015-9021 (In all Android releases from CAF using the Linux kernel, access contro ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9020
+CVE-2015-9020 (In all Android releases from CAF using the Linux kernel, an untrusted  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2015-9019
+CVE-2015-9019 (In libxslt 1.1.29 and earlier, the EXSLT math.random function was not  ...)
 	- libxslt <unfixed> (unimportant; bug #859796)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758400
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=934119
@@ -567,55 +567,55 @@ CVE-2015-9018
 	RESERVED
 CVE-2015-9017
 	RESERVED
-CVE-2015-9016
+CVE-2015-9016 (In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a pos ...)
 	{DSA-4187-1}
 	- linux 4.2.3-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/0048b4837affd153897ed1222283492070027aa9 (4.3-rc1)
-CVE-2015-9015
+CVE-2015-9015 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9014
+CVE-2015-9014 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9013
+CVE-2015-9013 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9012
+CVE-2015-9012 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9011
+CVE-2015-9011 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9010
+CVE-2015-9010 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9009
+CVE-2015-9009 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9008
+CVE-2015-9008 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9007
+CVE-2015-9007 (In TrustZone in all Android releases from CAF using the Linux kernel,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9006
+CVE-2015-9006 (In Resource Power Manager (RPM) in all Android releases from CAF using ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9005
+CVE-2015-9005 (In TrustZone in all Android releases from CAF using the Linux kernel,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9004
+CVE-2015-9004 (kernel/events/core.c in the Linux kernel before 3.19 mishandles counte ...)
 	- linux 3.16.7-ckt7-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2015-9003
+CVE-2015-9003 (In TrustZone a cryptographic issue can potentially occur in all Androi ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9002
+CVE-2015-9002 (In TrustZone an out-of-range pointer offset vulnerability can potentia ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9001
+CVE-2015-9001 (In TrustZone an information exposure vulnerability can potentially occ ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-9000
+CVE-2015-9000 (In TrustZone an untrusted pointer dereference vulnerability can potent ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8999
+CVE-2015-8999 (In TrustZone a buffer overflow vulnerability can potentially occur in  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8998
+CVE-2015-8998 (In TrustZone an integer overflow vulnerability can potentially occur i ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8997
+CVE-2015-8997 (In TrustZone a time-of-check time-of-use race condition could potentia ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8996
+CVE-2015-8996 (In TrustZone a time-of-check time-of-use race condition could potentia ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8995
+CVE-2015-8995 (In TrustZone an integer overflow vulnerability can potentially occur i ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8994
+CVE-2015-8994 (An issue was discovered in PHP 5.x and 7.x, when the configuration use ...)
 	- php7.1 <not-affected> (Fixed before initial upload to Debian)
 	- php7.0 7.0.14-1
 	- php5 <removed>
@@ -623,23 +623,23 @@ CVE-2015-8994
 	[wheezy] - php5 <not-affected> (vulnerable code not present)
 	NOTE: Fixed in 7.1.0, 7.0.14, 5.6.29
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=69090
-CVE-2015-8993
+CVE-2015-8993 (Malicious file execution vulnerability in Intel Security CloudAV (Beta ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8992
+CVE-2015-8992 (Malicious file execution vulnerability in Intel Security WebAdvisor be ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8991
+CVE-2015-8991 (Malicious file execution vulnerability in Intel Security McAfee Securi ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8990
+CVE-2015-8990 (Detection bypass vulnerability in Intel Security Advanced Threat Defen ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8989
+CVE-2015-8989 (Unsalted password vulnerability in the Enterprise Manager (web portal) ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8988
+CVE-2015-8988 (Unquoted executable path vulnerability in Client Management and Gatewa ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8987
+CVE-2015-8987 (Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in  ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8986
+CVE-2015-8986 (Sandbox detection evasion vulnerability in hardware appliances in McAf ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2015-8981
+CVE-2015-8981 (Heap-based buffer overflow in the PdfParser::ReadXRefSubsection functi ...)
 	{DLA-929-1}
 	- libpodofo 0.9.4-1 (bug #854599)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -654,44 +654,44 @@ CVE-2015-8980 [Arbitrary code execution in select_string, ngettext and npgettext
 	NOTE: For phpmyadmin, unimportant, since embeds lib but does not use in exploitable way
 	NOTE: http://seclists.org/fulldisclosure/2016/Aug/76
 	NOTE: Upstream patch: https://bazaar.launchpad.net/~danilo/php-gettext/trunk/revision/61
-CVE-2015-8979
+CVE-2015-8979 (Stack-based buffer overflow in the parsePresentationContext function i ...)
 	{DSA-3749-1 DLA-755-1}
 	- dcmtk 3.6.1~20160216-2 (bug #848830)
 	NOTE: 3.6.1~20160216-2 is the first version in unstable containing the fix
 	NOTE: http://zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php
 	NOTE: Fixed by: https://github.com/commontk/DCMTK/commit/1b6bb76
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/17/2
-CVE-2015-8978
+CVE-2015-8978 (In Soap Lite (aka the SOAP::Lite extension for Perl) 1.14 and earlier, ...)
 	{DLA-723-1}
 	- libsoap-lite-perl 1.19-1
 	[jessie] - libsoap-lite-perl <no-dsa> (Minor issue)
 	NOTE: https://github.com/redhotpenguin/soaplite/pull/21
 	NOTE: https://github.com/redhotpenguin/soaplite/commit/6942fe0d281be1c32c5117605f9c4e8d44f51124
-CVE-2015-8977
+CVE-2015-8977 (MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and My ...)
 	NOT-FOR-US: MyBB
-CVE-2015-8976
+CVE-2015-8976 (Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) ...)
 	NOT-FOR-US: MyBB
-CVE-2015-8975
+CVE-2015-8975 (Cross-site scripting (XSS) vulnerability in the error handler in MyBB  ...)
 	NOT-FOR-US: MyBB
-CVE-2015-8974
+CVE-2015-8974 (SQL injection vulnerability in the Group Promotions module in the admi ...)
 	NOT-FOR-US: MyBB
-CVE-2015-8973
+CVE-2015-8973 (xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x befo ...)
 	NOT-FOR-US: MyBB
-CVE-2015-8972
+CVE-2015-8972 (Stack-based buffer overflow in the ValidateMove function in frontend/m ...)
 	- gnuchess 6.2.4-1 (unimportant)
 	NOTE: Built with hardening flags, no security impact
 	NOTE: http://lists.gnu.org/archive/html/bug-gnu-chess/2015-10/msg00002.html
 	NOTE: http://svn.savannah.gnu.org/viewvc?view=rev&root=chess&revision=134
-CVE-2015-8971
+CVE-2015-8971 (Terminology 0.7.0 allows remote attackers to execute arbitrary command ...)
 	{DSA-3712-1}
 	- terminology 0.7.0-2 (bug #843434)
 	NOTE: https://git.enlightenment.org/apps/terminology.git/commit/?id=b80bedc7c21ecffe99d8d142930db696eebdd6a5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/04/12
-CVE-2015-8969
+CVE-2015-8969 (git-fastclone before 1.0.5 passes user modifiable strings directly to  ...)
 	NOT-FOR-US: git-fastclone
-CVE-2015-8968
+CVE-2015-8968 (git-fastclone before 1.0.1 permits arbitrary shell command execution f ...)
 	NOT-FOR-US: git-fastclone
-CVE-2015-8970
+CVE-2015-8970 (crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not veri ...)
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux 3.2.78-1
@@ -701,75 +701,75 @@ CVE-2015-8970
 	NOTE: Followed by a complete set of related upstrema commits. See kernel-sec
 	NOTE: triage for details.
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/03/6
-CVE-2015-8967
+CVE-2015-8967 (arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local us ...)
 	- linux 4.0.2-1 (unimportant)
 	NOTE: Fixed by: https://git.kernel.org/linus/c623b33b4e9599c6ac5076f7db7369eb9869aa04 (v4.0-rc1)
 	NOTE: Missing security mitigation, not a vulnerability per se
-CVE-2015-8966
+CVE-2015-8966 (arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allow ...)
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/76cc404bfdc0d419c720de4daaf2584542734f42 (v4.4-rc8)
-CVE-2015-8965
+CVE-2015-8965 (Rogue Wave JViews before 8.8 patch 21 and 8.9 before patch 1 allows re ...)
 	NOT-FOR-US: Rogue Wave JViews
-CVE-2015-8964
+CVE-2015-8964 (The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the L ...)
 	{DLA-772-1}
 	- linux 4.5.1-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/dd42bf1197144ede075a9d4793123f7689e164bc (v4.5-rc1)
-CVE-2015-8963
+CVE-2015-8963 (Race condition in kernel/events/core.c in the Linux kernel before 4.4  ...)
 	{DLA-772-1}
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/12ca6ad2e3a896256f086497a7c7406a547ee373 (v4.4)
-CVE-2015-8962
+CVE-2015-8962 (Double free vulnerability in the sg_common_write function in drivers/s ...)
 	{DLA-772-1}
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f3951a3709ff50990bf3e188c27d346792103432 (v4.4-rc1)
-CVE-2015-8961
+CVE-2015-8961 (The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux k ...)
 	- linux 4.3.3-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/6934da9238da947628be83635e365df41064b09b (v4.4-rc5)
-CVE-2015-8960
+CVE-2015-8960 (The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_ ...)
 	NOTE: Vulnerability "in the TLS documentation", not assigned to a specific source/implentation
 	NOTE: https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf
-CVE-2015-8956
+CVE-2015-8956 (The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Li ...)
 	{DSA-3696-1 DLA-670-1}
 	- linux 4.2.1-1
 	NOTE: Fixed by: https://git.kernel.org/linus/951b6a0717db97ce420547222647bcc40bf1eacd (4.2-rc1)
-CVE-2015-8955
+CVE-2015-8955 (arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 ...)
 	- linux 4.1.3-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present; arm64 introduced in 3.7)
 	NOTE: Fixed by: https://git.kernel.org/linus/8fff105e13041e49b82f92eef034f363a6b1c071 (4.1-rc1)
-CVE-2015-8954
+CVE-2015-8954 (The MemcmpLowercase function in Suricata before 2.0.6 improperly exclu ...)
 	- suricata 2.0.6-1 (bug #777523)
 	[wheezy] - suricata <no-dsa> (Minor issue)
 	[squeeze] - suricata <no-dsa> (Minor issue)
 	NOTE: https://redmine.openinfosecfoundation.org/issues/1364
 	NOTE: https://github.com/OISF/suricata/commit/17dfd59bc31a21e103e2f1216443cd1418398aa9
-CVE-2015-8953
+CVE-2015-8953 (fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an incorr ...)
 	- linux 4.2.6-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/ab79efab0a0ba01a74df782eb7fa44b044dae8b5 (v4.3)
-CVE-2015-8952
+CVE-2015-8952 (The mbcache feature in the ext2 and ext4 filesystem implementations in ...)
 	- linux 4.6.1-1 (low)
 	[jessie] - linux <ignored> (Minor issue and too intrusive to backport, workaround exists with the no_mbcache mount flag)
 	[wheezy] - linux <no-dsa> (Minor issue and too intrusive to backport)
 	NOTE: https://git.kernel.org/linus/f9a61eb4e2471c56a63cd804c7474128138c38ac (v4.6-rc1)
 	NOTE: https://git.kernel.org/linus/82939d7999dfc1f1998c4b1c12e2f19edbdff272 (v4.6-rc1)
 	NOTE: https://git.kernel.org/linus/be0726d33cb8f411945884664924bed3cb8c70ee (v4.6-rc1)
-CVE-2015-8951
+CVE-2015-8951 (Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-l ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-8950
+CVE-2015-8950 (arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used  ...)
 	- linux 4.0.4-1
 	[jessie] - linux 3.16.7-ckt17-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present; arm64 introduced in 3.7)
 	NOTE: Fixed by: https://git.kernel.org/linus/6829e274a623187c24f7cfc0e3d35f25d087fcc5 (4.1-rc2)
-CVE-2015-8957
+CVE-2015-8957 (Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attac ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832464)
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838
@@ -777,7 +777,7 @@ CVE-2015-8957
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2015-8958
+CVE-2015-8958 (coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attacker ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832465)
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857
@@ -786,78 +786,78 @@ CVE-2015-8958
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2015-8959
+CVE-2015-8959 (coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attacker ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832944)
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2015-8949
+CVE-2015-8949 (Use-after-free vulnerability in the my_login function in DBD::mysql be ...)
 	{DSA-3635-1 DLA-576-1}
 	- libdbd-mysql-perl 4.035-1
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/pull/45
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/cf0aa7751f6ef8445e9310a64b14dc81460ca156
-CVE-2015-8948
+CVE-2015-8948 (idn in GNU libidn before 1.33 might allow remote attackers to obtain s ...)
 	{DSA-3658-1 DLA-582-1}
 	- libidn 1.33-1
 	NOTE: Fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=570e68886c41c2e765e6218cb317d9a9a447a041 (libidn-1-33)
 	NOTE: When fixing this issue, the followup fix http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=5e3cb9c7b5bf0ce665b9d68f5ddf095af5c9ba60
 	NOTE: is required to fix the problem. (Resultet in followup CVE, CVE-2016-6262
 	NOTE: if not applied completely).
-CVE-2015-8947
+CVE-2015-8947 (hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote atta ...)
 	- harfbuzz 1.2.6-1
 	[jessie] - harfbuzz <no-dsa> (Minor issue, can be fixed via a DSA)
 	NOTE: https://cgit.freedesktop.org/harfbuzz/commit/?id=f96664974774bfeb237a7274f512f64aaafb201e (1.0.5)
-CVE-2015-8946
+CVE-2015-8946 (ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencr ...)
 	- ecryptfs-utils 111-1
 	[jessie] - ecryptfs-utils <no-dsa> (Minor issue)
 	[wheezy] - ecryptfs-utils <no-dsa> (Only happens if using systemd v207 onward)
 	NOTE: https://launchpad.net/bugs/1447282
 	NOTE: Fixed by: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/2
-CVE-2015-8945
+CVE-2015-8945 (openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores ...)
 	NOT-FOR-US: OpenShift
-CVE-2015-8944
+CVE-2015-8944 (The ioresources_init function in kernel/resource.c in the Linux kernel ...)
 	- linux <not-affected> (Android-specific patch, /proc/iomem is root-restricted already)
-CVE-2015-8943
+CVE-2015-8943 (drivers/video/msm/mdss/mdss_mdp_util.c in the Qualcomm components in A ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8942
+CVE-2015-8942 (drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualco ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8941
+CVE-2015-8941 (drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qua ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8940
+CVE-2015-8940 (Integer overflow in sound/soc/msm/qdsp6v2/q6lsm.c in the Qualcomm comp ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8939
+CVE-2015-8939 (drivers/video/msm/mdp4_util.c in the Qualcomm components in Android be ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8938
+CVE-2015-8938 (The MSM camera driver in the Qualcomm components in Android before 201 ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8937
+CVE-2015-8937 (drivers/char/diag/diagchar_core.c in the Qualcomm components in Androi ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2015-8936
+CVE-2015-8936 (Cross-site scripting (XSS) vulnerability in squidGuard.cgi in squidGua ...)
 	{DLA-524-1}
 	- squidguard 1.5-5 (unimportant)
 	NOTE: Only affects an example script
 	NOTE: Fix applied: 16_XSS-security-bugfix.patch in 1.5-5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/06/20/2
-CVE-2015-8935
+CVE-2015-8935 (The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x ...)
 	- php5 5.6.6+dfsg-1
 	[wheezy] - php5 5.4.38-0+deb7u1
 	NOTE: https://bugs.php.net/bug.php?id=68978
 	NOTE: https://github.com/php/php-src/commit/996faf964bba1aec06b153b370a7f20d3dd2bb8b
 	NOTE: Fixed in 5.6.6, 5.5.22 and 5.4.38
-CVE-2015-8934
+CVE-2015-8934 (The copy_from_lzss_window function in archive_read_support_format_rar. ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.1-1
 	NOTE: https://github.com/libarchive/libarchive/issues/521
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/603454ec03040c29bd051fcc749e3c1433c11a8e (v3.2.1)
-CVE-2015-8933
+CVE-2015-8933 (Integer overflow in the archive_read_format_tar_skip function in archi ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/548
 	NOTE: https://github.com/libarchive/libarchive/issues/582
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/3c7a6dc6694d9b26400d2bd672e04d09ed8a4276 (v3.1.900a)
-CVE-2015-8932
+CVE-2015-8932 (The compress_bidder_init function in archive_read_support_filter_compr ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/547
@@ -866,94 +866,94 @@ CVE-2015-8932
 	NOTE: and https://github.com/libarchive/libarchive/commit/618618c8a6be453f79e0bdbdeab6e1dd8bf429b3 (v3.1.900a)
 	NOTE: Part of the problematic code was introduced with commit bf4f6ec64ef3edefbc41172692868fb8df514805
 	NOTE: to fix https://github.com/libarchive/libarchive/issues/356
-CVE-2015-8931
+CVE-2015-8931 (Multiple integer overflows in the (1) get_time_t_max and (2) get_time_ ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/539
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/b31744df71084a8734f97199e42418f55d08c6c5 (v3.1.900a)
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/c0c52e9aaafb0860c4151c5374372051e9354301 (v3.1.900a)
-CVE-2015-8930
+CVE-2015-8930 (bsdtar in libarchive before 3.2.0 allows remote attackers to cause a d ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/522
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/39fc59391b7cf2a007bffce280c1e3e66674258f (v3.1.900a)
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/01cfbca4fdae1492a8a09c001b61bbca46f869f2 (v3.1.900a)
-CVE-2015-8929
+CVE-2015-8929 (Memory leak in the __archive_read_get_extract function in archive_read ...)
 	- libarchive 3.2.0-2
 	[jessie] - libarchive <not-affected> (Introduced in 3.2.0)
 	[wheezy] - libarchive <not-affected> (Introduced in 3.2.0)
 	NOTE: https://github.com/libarchive/libarchive/issues/517
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/d24e79e8f9547ae475a3a0c9516e079a14010838
-CVE-2015-8928
+CVE-2015-8928 (The process_add_entry function in archive_read_support_format_mtree.c  ...)
 	{DSA-3657-1}
 	- libarchive 3.2.0-2
 	[wheezy] - libarchive <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/libarchive/libarchive/issues/550
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/64d5628
-CVE-2015-8927
+CVE-2015-8927 (The trad_enc_decrypt_update function in archive_read_support_format_zi ...)
 	- libarchive 3.2.0-2
 	[jessie] - libarchive <not-affected> (vulnerable code not present)
 	[wheezy] - libarchive <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/libarchive/libarchive/issues/523
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/eff35d4
-CVE-2015-8926
+CVE-2015-8926 (The archive_read_format_rar_read_data function in archive_read_support ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/518
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/aab73938
-CVE-2015-8925
+CVE-2015-8925 (The readline function in archive_read_support_format_mtree.c in libarc ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/516
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/1e18cbb71
-CVE-2015-8924
+CVE-2015-8924 (The archive_read_format_tar_read_header function in archive_read_suppo ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/515
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/bb9b157
-CVE-2015-8923
+CVE-2015-8923 (The process_extra function in libarchive before 3.2.0 uses the size fi ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/514
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/9e0689c
-CVE-2015-8922
+CVE-2015-8922 (The read_CodersInfo function in archive_read_support_format_7zip.c in  ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/513
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/d094dc
-CVE-2015-8921
+CVE-2015-8921 (The ae_strtofflags function in archive_entry.c in libarchive before 3. ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/512
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/1cbc76f
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/05a875fdb876e7a2f56a2937f756927cbed919e0
-CVE-2015-8920
+CVE-2015-8920 (The _ar_read_header function in archive_read_support_format_ar.c in li ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/511
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/97f964e
-CVE-2015-8919
+CVE-2015-8919 (The lha_read_file_extended_header function in archive_read_support_for ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/510
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/e8a2e4d
-CVE-2015-8918
+CVE-2015-8918 (The archive_string_append function in archive_string.c in libarchive b ...)
 	- libarchive <not-affected> (Vulnerable code not in a released version)
 	NOTE: Introduced in  https://github.com/libarchive/libarchive/commit/cf8e67ffc8a2227b63fc6d3d1569b0214f160f54
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/b6ba56037f0da44efebfa271cc4b1a736a74c62f
 	NOTE: https://github.com/libarchive/libarchive/issues/506
-CVE-2015-8917
+CVE-2015-8917 (bsdtar in libarchive before 3.2.0 allows remote attackers to cause a d ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/505
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/b2e2abb
-CVE-2015-8916
+CVE-2015-8916 (bsdtar in libarchive before 3.2.0 returns a success code without filli ...)
 	{DSA-3657-1}
 	- libarchive 3.2.0-2
 	[wheezy] - libarchive <not-affected> (no segfault, not reproducible with reproducer)
 	NOTE: https://github.com/libarchive/libarchive/issues/504
 	NOTE: Fixed by https://github.com/libarchive/libarchive/commit/b2e2abb
-CVE-2015-8915
+CVE-2015-8915 (bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a  ...)
 	{DLA-1600-1 DLA-617-1}
 	- libarchive 3.2.0-2 (low; bug #784213)
 	[squeeze] - libarchive <no-dsa> (Minor issue)
@@ -962,7 +962,7 @@ CVE-2015-8915
 	NOTE: 502 is a duplicate of https://github.com/libarchive/libarchive/issues/503
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e6c9668f3202215ddb71617b41c19b6f05acf008
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/3865cf2bcb0eebc1baef28a7841b1cadae6e0f7c
-CVE-2015-8914
+CVE-2015-8914 (The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 thro ...)
 	- neutron 2:8.1.2-1
 	[jessie] - neutron <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/bugs/1502933
@@ -986,35 +986,35 @@ CVE-2015-8905
 	REJECTED
 CVE-2015-8904
 	REJECTED
-CVE-2015-1000013
+CVE-2015-1000013 (Remote file upload vulnerability in wordpress plugin csv2wpec-coupon v ...)
 	NOT-FOR-US: WordPress plugin csv2wpec-coupon
-CVE-2015-1000012
+CVE-2015-1000012 (Local File Inclusion Vulnerability in mypixs v0.3 wordpress plugin ...)
 	NOT-FOR-US: WordPress plugin mypixs
-CVE-2015-1000011
+CVE-2015-1000011 (Blind SQL Injection in wordpress plugin dukapress v2.5.9 ...)
 	NOT-FOR-US: WordPress plugin dukapress
-CVE-2015-1000010
+CVE-2015-1000010 (Remote file download in simple-image-manipulator v1.0 wordpress plugin ...)
 	NOT-FOR-US: WordPress plugin simple-image-manipulator
-CVE-2015-1000009
+CVE-2015-1000009 (Open proxy in Wordpress plugin google-adsense-and-hotel-booking v1.05 ...)
 	NOT-FOR-US: WordPress plugin google-adsense-and-hotel-booking
-CVE-2015-1000008
+CVE-2015-1000008 (Path Disclosure Vulnerability in wordpress plugin MP3-jPlayer v2.3.2 ...)
 	NOT-FOR-US: WordPress plugin MP3-jPlayer
-CVE-2015-1000007
+CVE-2015-1000007 (Remote file download vulnerability in wptf-image-gallery v1.03 ...)
 	NOT-FOR-US: WordPress plugin wptf-image-gallery
-CVE-2015-1000006
+CVE-2015-1000006 (Remote file download vulnerability in recent-backups v0.7 wordpress pl ...)
 	NOT-FOR-US: WordPress plugin recent-backups
-CVE-2015-1000005
+CVE-2015-1000005 (Remote file download vulnerability in candidate-application-form v1.0  ...)
 	NOT-FOR-US: WordPress plugin candidate-application-form
-CVE-2015-1000004
+CVE-2015-1000004 (XSS in filedownload v1.4 wordpress plugin ...)
 	NOT-FOR-US: WordPress plugin filedownload
-CVE-2015-1000003
+CVE-2015-1000003 (Blind SQL Injection in filedownload v1.4 wordpress plugin ...)
 	NOT-FOR-US: WordPress plugin filedownload
-CVE-2015-1000002
+CVE-2015-1000002 (Open Proxy in filedownload v1.4 wordpress plugin ...)
 	NOT-FOR-US: WordPress plugin filedownload
-CVE-2015-1000001
+CVE-2015-1000001 (Remote file upload vulnerability in fast-image-adder v1.1 Wordpress pl ...)
 	NOT-FOR-US: WordPress plugin fast-image-adder
-CVE-2015-1000000
+CVE-2015-1000000 (Remote file upload vulnerability in mailcwp v1.99 wordpress plugin ...)
 	NOT-FOR-US: WordPress plugin mailcwp
-CVE-2015-8899
+CVE-2015-8899 (Dnsmasq before 2.76 allows remote servers to cause a denial of service ...)
 	- dnsmasq 2.76-1
 	[jessie] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	[wheezy] - dnsmasq <not-affected> (Vulnerable code introduced later)
@@ -1022,19 +1022,19 @@ CVE-2015-8899
 	NOTE: Fixed by: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=41a8d9e99be9f2cc8b02051dd322cb45e0faac87 (v2.76rc1)
 	NOTE: Introduced by: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=cbc652423403e3cef00e00240f6beef713142246 (v2.73rc1)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1581181
-CVE-2015-8898
+CVE-2015-8898 (The WriteImages function in magick/constitute.c in ImageMagick before  ...)
 	- imagemagick 8:6.8.9.9-7
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u4
 	NOTE: https://github.com/ImageMagick/ImageMagick/pull/34
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44
-CVE-2015-8897
+CVE-2015-8897 (The SpliceImage function in MagickCore/transform.c in ImageMagick befo ...)
 	- imagemagick 8:6.8.9.9-7
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28466
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231
-CVE-2015-8896
+CVE-2015-8896 (Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5- ...)
 	{DLA-353-1}
 	- imagemagick 8:6.8.9.9-7 (bug #806441)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
@@ -1043,7 +1043,7 @@ CVE-2015-8896
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/4
-CVE-2015-8895
+CVE-2015-8895 (Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later all ...)
 	{DLA-353-1}
 	- imagemagick 8:6.8.9.9-7 (bug #806441)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
@@ -1053,7 +1053,7 @@ CVE-2015-8895
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/4
 	NOTE: The issue is only exploitable on 32 bit architectures.
-CVE-2015-8894
+CVE-2015-8894 (Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and lat ...)
 	- imagemagick 8:6.8.9.9-6 (bug #806442; bug #799524)
 	[jessie] - imagemagick <not-affected> (Can't reproduce crash with file)
 	[wheezy] - imagemagick <not-affected> (Can't reproduce crash with file)
@@ -1063,17 +1063,17 @@ CVE-2015-8894
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/4
 	NOTE: The problem can only be triggered with recent versions of ImageMagick (8:6.9.1.2-1 in experimental is vulnerable, 8:6.8.9.9-6 in sid is not vulnerable, older versions are not vulnerable)
-CVE-2015-8893
+CVE-2015-8893 (app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-07 ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8892
+CVE-2015-8892 (platform/msm_shared/boot_verifier.c in the Qualcomm components in Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8891
+CVE-2015-8891 (Multiple integer overflows in app/aboot/aboot.c in the Qualcomm compon ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8890
+CVE-2015-8890 (platform/msm_shared/partition_parser.c in the Qualcomm components in A ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8889
+CVE-2015-8889 (The aboot implementation in the Qualcomm components in Android before  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2015-8888
+CVE-2015-8888 (Integer overflow in app/aboot/aboot.c in the Qualcomm components in An ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-8887
 	RESERVED
@@ -1089,22 +1089,22 @@ CVE-2015-8882
 	RESERVED
 CVE-2015-8881
 	RESERVED
-CVE-2015-8880
+CVE-2015-8880 (Double free vulnerability in the format printer in PHP 7.x before 7.0. ...)
 	- php7.0 7.0.1-1
-CVE-2015-8879
+CVE-2015-8879 (The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 ...)
 	{DLA-499-1}
 	- php5 5.6.12+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	- php7.0 7.0.0-1
 	NOTE: Fixed in PHP 5.6.12, 7.0.0
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=69975
-CVE-2015-8878
+CVE-2015-8878 (main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5 ...)
 	{DLA-499-1}
 	- php5 5.6.12+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	NOTE: Fixed in PHP 5.6.12, 5.5.28
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=70002
-CVE-2015-8877
+CVE-2015-8877 (The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graph ...)
 	{DSA-3587-1}
 	- libgd2 2.2.1-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -1116,14 +1116,14 @@ CVE-2015-8877
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=70064
 	NOTE: Fixed in PHP 5.6.12, 7.0.0
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
-CVE-2015-8876
+CVE-2015-8876 (Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and  ...)
 	- php5 5.6.12+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.44-0+deb7u1
 	- php7.0 7.0.0-1
 	NOTE: Fixed in PHP 7.0.0, 5.6.12, 5.5.28, 5.4.44
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=70121
-CVE-2015-8874
+CVE-2015-8874 (Stack consumption vulnerability in GD in PHP before 5.6.12 allows remo ...)
 	{DSA-3587-1 DLA-482-1}
 	- libgd2 2.2.1-1 (bug #824627)
 	NOTE: https://github.com/libgd/libgd/commit/38241013cc048af7c03daf6e9a75b4f42bffb200
@@ -1133,25 +1133,25 @@ CVE-2015-8874
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=66387
 	NOTE: Fixed in 5.6.12, 7.0.0
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
-CVE-2015-8873
+CVE-2015-8873 (Stack consumption vulnerability in Zend/zend_exceptions.c in PHP befor ...)
 	- php5 5.6.12+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.44-0+deb7u1
 	NOTE: Fixed in 5.6.12, 5.5.28, 5.4.44
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=69793
-CVE-2015-8872
+CVE-2015-8872 (The set_fat function in fat.c in dosfstools before 4.0 might allow att ...)
 	{DLA-474-1}
 	- dosfstools 4.0-1
 	[jessie] - dosfstools <no-dsa> (Minor issue)
 	NOTE: https://github.com/dosfstools/dosfstools/issues/12
 	NOTE: https://github.com/dosfstools/dosfstools/commit/07908124838afcc99c577d1d3e84cef2dbd39cb7
-CVE-2015-8870
+CVE-2015-8870 (Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows re ...)
 	- tiff 4.0.3-12
 	[wheezy] - tiff 4.0.2-6+deb7u4
 	NOTE: Fixed already with the patch applied in 4.0.3-12 in unstable for the
 	NOTE: CVE-2014-9330 issue.
 	- tiff3 <not-affected> (libtiff-tools not shipped in tiff3)
-CVE-2015-8869
+CVE-2015-8869 (OCaml before 4.03.0 does not properly handle sign extensions, which al ...)
 	{DLA-466-1}
 	- ocaml 4.02.3-9 (bug #824139)
 	[jessie] - ocaml <no-dsa> (Minor issue; can be fixed via point release and sheduling binNMUs there)
@@ -1159,7 +1159,7 @@ CVE-2015-8869
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/1
 	NOTE: Ocaml applications using the patched functions need to be recompiled with the
 	NOTE: fixed ocaml version.
-CVE-2015-8864
+CVE-2015-8864 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1 ...)
 	{DLA-537-1}
 	- roundcube 1.1.5+dfsg.1-1 (bug #822333)
 	NOTE: https://github.com/roundcube/roundcubemail/issues/4949
@@ -1168,31 +1168,31 @@ CVE-2015-8864
 	NOTE: https://github.com/roundcube/roundcubemail/commit/7bbefdb63b12e2344cf1cb87aeb6e3933b4063e0 (release-1.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/23/3
 	NOTE: https://lists.debian.org/debian-lts/2016/06/msg00159.html
-CVE-2015-8862
+CVE-2015-8862 (mustache package before 2.2.1 for Node.js allows remote attackers to c ...)
 	- mustache.js <unfixed> (unimportant)
 	NOTE: node-handlebars only in experimental for now, fixed in 4.0.0
 	NOTE: libv8 is not covered by security support
-CVE-2015-8861
+CVE-2015-8861 (The handlebars package before 4.0.0 for Node.js allows remote attacker ...)
 	- mustache.js <unfixed> (unimportant)
 	NOTE: node-handlebars only in experimental for now, fixed in 4.0.0
 	NOTE: libv8 is not covered by security support
-CVE-2015-8860
+CVE-2015-8860 (The tar package before 2.0.0 for Node.js allows remote attackers to wr ...)
 	- node-tar <unfixed> (unimportant)
 	NOTE: libv8 is not covered by security support
-CVE-2015-8859
+CVE-2015-8859 (The send package before 0.11.1 for Node.js allows attackers to obtain  ...)
 	- node-send <unfixed> (unimportant)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodesecurity.io/advisories/56
-CVE-2015-8858
+CVE-2015-8858 (The uglify-js package before 2.6.0 for Node.js allows attackers to cau ...)
 	- uglifyjs <unfixed> (unimportant)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodesecurity.io/advisories/48
-CVE-2015-8854
+CVE-2015-8854 (The marked package before 0.3.4 for Node.js allows attackers to cause  ...)
 	- node-marked 0.3.6+dfsg-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/marked_redos
 	NOTE: https://github.com/chjj/marked/issues/497
 	NOTE: libv8 is not covered by security support
-CVE-2015-8866
+CVE-2015-8866 (ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when  ...)
 	{DLA-499-1}
 	- php5 5.6.6+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=64938
@@ -1201,7 +1201,7 @@ CVE-2015-8866
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=de31324c221c1791b26350ba106cc26bad23ace9
 	NOTE: Fixed in 5.6.6, 5.5.22
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/21/8
-CVE-2015-8867
+CVE-2015-8867 (The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in P ...)
 	- php7.0 7.0.0-1
 	- php5 5.6.12+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
@@ -1211,14 +1211,14 @@ CVE-2015-8867
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=16023f3e3b9c06cf677c3c980e8d574e4c162827
 	NOTE: Fixed in 7.0.0, 5.6.12, 5.5.28, 5.5.44
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/21/8
-CVE-2015-8853
+CVE-2015-8853 (The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in  ...)
 	- perl 5.22.1-1 (bug #821848)
 	[jessie] - perl 5.20.2-3+deb8u5
 	[wheezy] - perl <no-dsa> (Minor issue)
 	NOTE: https://rt.perl.org/Public/Bug/Display.html?id=123562
 	NOTE: http://perl5.git.perl.org/perl.git/commitdiff/22b433eff9a1ffa2454e18405a56650f07b385b5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/20/5
-CVE-2015-8863
+CVE-2015-8863 (Off-by-one error in the tokenadd function in jv_parse.c in jq allows r ...)
 	- jq 1.5+dfsg-1.1 (low; bug #802231)
 	[jessie] - jq 1.4-2.1+deb8u1
 	NOTE: https://github.com/stedolan/jq/issues/995
@@ -1234,7 +1234,7 @@ CVE-2015-8847
 	RESERVED
 CVE-2015-8846
 	RESERVED
-CVE-2015-8843
+CVE-2015-8843 (The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Read ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2015-8851
 	RESERVED
@@ -1244,31 +1244,31 @@ CVE-2015-8851
 	NOTE: https://github.com/broofa/node-uuid/issues/122
 	NOTE: https://github.com/broofa/node-uuid/commit/672f3834ed02c798aa021c618d0a5666c8da000d
 	NOTE: nodejs not covered by security support
-CVE-2015-8844
+CVE-2015-8844 (The signal implementation in the Linux kernel before 4.3.5 on powerpc  ...)
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1326540
 	NOTE: Upstream commit: https://git.kernel.org/linus/d2b9d2a5ad5ef04ff978c9923d19730cb05efd55 (v4.4-rc3)
 	NOTE: Introduced by: https://git.kernel.org/linus/2b0a576d15e0e14751f00f9c87e46bad27f217e7 (v3.9-rc1)
-CVE-2015-8845
+CVE-2015-8845 (The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the ...)
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1326540
 	NOTE: Upstream commit: https://git.kernel.org/linus/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142 (v4.4-rc3)
 	NOTE: Introduced by: https://git.kernel.org/linus/fb09692e71f13af7298eb603a1975850b1c7a8d8 (v3.9-rc1)
-CVE-2015-8868
+CVE-2015-8868 (Heap-based buffer overflow in the ExponentialFunction::ExponentialFunc ...)
 	{DSA-3563-1 DLA-446-1}
 	- poppler 0.38.0-3 (bug #822578)
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=93476
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/12/1
-CVE-2015-8841
+CVE-2015-8841 (Heap-based buffer overflow in the Archive support module in ESET NOD32 ...)
 	NOT-FOR-US: ESET NOD32
-CVE-2015-8840
+CVE-2015-8840 (The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does ...)
 	NOT-FOR-US: SAP
-CVE-2015-8842
+CVE-2015-8842 (tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions fo ...)
 	- systemd 215-1 (bug #825059)
 	[wheezy] - systemd <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=972612
@@ -1277,7 +1277,7 @@ CVE-2015-8842
 	NOTE: Starting with 215 Debian no longer ships tmpfiles.d/systemd.conf, so the fixup upstream added as
 	NOTE: afae249efa4774c6676738ac5de6aeb4daf4889f for persistent journals is not needed for the packaged
 	NOTE: version. Anyone using a custom config needs to ensure proper permissions.
-CVE-2015-8865
+CVE-2015-8865 (The file_check_mem function in funcs.c in file before 5.23, as used in ...)
 	{DSA-3560-1 DLA-499-1 DLA-460-1}
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
@@ -1291,7 +1291,7 @@ CVE-2015-8865
 	NOTE: PHP fixed in 7.0.5, 5.6.20, 5.5.34
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
 	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/4e614ba041e24af8351afbb49c92444c0850f23b
-CVE-2015-8839
+CVE-2015-8839 (Multiple race conditions in the ext4 filesystem implementation in the  ...)
 	- linux 4.5.1-1
 	[wheezy] - linux <ignored> (Too much work to backport)
 	NOTE: https://git.kernel.org/linus/ea3d7209ca01da209cda6f0dea8be9cc4b7a933b (v4.5-rc1)
@@ -1299,13 +1299,13 @@ CVE-2015-8839
 	NOTE: https://git.kernel.org/linus/32ebffd3bbb4162da5ff88f9a35dd32d0a28ea70 (v4.5-rc1)
 	NOTE: https://git.kernel.org/linus/011278485ecc3cd2a3954b5d4c73101d919bf1fa (v4.5-rc1)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=972174
-CVE-2015-8838
+CVE-2015-8838 (ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5 ...)
 	- php5 5.6.11+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.44-0+deb7u1
 	NOTE: Fixed in 5.6.11, 5.5.27, 5.4.43
 	NOTE: https://bugs.php.net/bug.php?id=69669
-CVE-2015-8834
+CVE-2015-8834 (Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in W ...)
 	{DSA-3639-1 DLA-633-1}
 	- wordpress 4.2.2+dfsg-1
 	NOTE: https://wordpress.org/news/2015/05/wordpress-4-2-2/
@@ -1317,7 +1317,7 @@ CVE-2015-8834
 	NOTE: Wheezy: https://core.trac.wordpress.org/changeset/32395
 	NOTE: Wheezy: https://core.trac.wordpress.org/changeset/32423
 	NOTE: Wheezy: https://core.trac.wordpress.org/changeset/32435
-CVE-2015-8835
+CVE-2015-8835 (The make_http_soap_request function in ext/soap/php_http.c in PHP befo ...)
 	- php5 5.6.12+dfsg-1
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.44-0+deb7u1
@@ -1325,7 +1325,7 @@ CVE-2015-8835
 	NOTE: https://bugs.php.net/bug.php?id=70081
 	NOTE: Fixed in 5.6.12, 5.5.28, 5.4.44
 	NOTE: CVE assignment is for "The first problem" section of Bug 70081
-CVE-2015-8833
+CVE-2015-8833 (Use-after-free vulnerability in the create_smp_dialog function in gtk- ...)
 	{DSA-3528-1}
 	- pidgin-otr 4.0.2-1
 	[wheezy] - pidgin-otr <not-affected> (Vulnerable code not present)
@@ -1335,13 +1335,13 @@ CVE-2015-8833
 	NOTE: Fixed by: https://bugs.otr.im/projects/pidgin-otr/repository/revisions/aaf551b9dd5cbba8c4abaa3d4dc7ead860efef94
 	NOTE: Introduced by: https://bugs.otr.im/projects/pidgin-otr/repository/revisions/c276bfa786bef8a4572a37d5633cf40f480d3ae0
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/09/8
-CVE-2015-8832
+CVE-2015-8832 (Multiple incomplete blacklist vulnerabilities in inc/core/class.dc.cor ...)
 	- dotclear <removed> (bug #815979)
 	NOTE: https://hg.dotclear.org/dotclear/rev/198580bc3d80
 	NOTE: https://dotclear.org/blog/post/2015/10/25/Dotclear-2.8.2
 	NOTE: Fixed upstream in 2.8.2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/05/4
-CVE-2015-8831
+CVE-2015-8831 (Cross-site scripting (XSS) vulnerability in admin/comments.php in Dotc ...)
 	- dotclear <removed> (bug #815979)
 	NOTE: https://hg.dotclear.org/dotclear/rev/65e65154dadf
 	NOTE: https://dotclear.org/blog/post/2015/10/25/Dotclear-2.8.2
@@ -1359,17 +1359,17 @@ CVE-2015-8825
 	REJECTED
 CVE-2015-8824
 	REJECTED
-CVE-2015-8823
+CVE-2015-8823 (Use-after-free vulnerability in the TextField object implementation in ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8822
+CVE-2015-8822 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8821
+CVE-2015-8821 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8820
+CVE-2015-8820 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-8819
 	RESERVED
-CVE-2015-8818
+CVE-2015-8818 (The cpu_physical_memory_write_rom_internal function in exec.c in QEMU  ...)
 	- qemu 1:2.4+dfsg-1a
 	[jessie] - qemu <ignored> (Minor issue; too dangerous backport)
 	[wheezy] - qemu <not-affected> (Affects Qemu versions >= 1.6.0 and <= 2.3.1)
@@ -1379,7 +1379,7 @@ CVE-2015-8818
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=b242e0e0e2969c044a318e56f7988bbd84de1f63 (v2.4.0-rc0)
 	NOTE: same patchset than CVE-2015-8817
 	NOTE: https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00065.html
-CVE-2015-8817
+CVE-2015-8817 (QEMU (aka Quick Emulator) built to use 'address_space_translate' to ma ...)
 	- qemu 1:2.4+dfsg-1a
 	[jessie] - qemu <ignored> (Minor issue; too dangerous backport)
 	[wheezy] - qemu <not-affected> (Affects Qemu versions >= 1.6.0 and <= 2.3.1)
@@ -1390,13 +1390,13 @@ CVE-2015-8817
 	NOTE: https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00060.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=23820dbfc79d1c9dce090b4c555994f2bb6a69b3 (v2.4.0-rc0)
 	NOTE: https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00065.html
-CVE-2015-8852
+CVE-2015-8852 (Varnish 3.x before 3.0.7, when used in certain stacked installations,  ...)
 	{DSA-3553-1}
 	- varnish 4.0.0-1 (bug #783510)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/16/1
 	NOTE: fixed in 3.0.7 upstream, mark as fixed with first 4.x version in unstable
 	NOTE: 4.x not affected
-CVE-2015-8857
+CVE-2015-8857 (The uglify-js package before 2.4.24 for Node.js does not properly acco ...)
 	- uglifyjs <unfixed> (unimportant)
 	NOTE: fixed in 2.4.24
 	NOTE: https://zyan.scripts.mit.edu/blog/backdooring-js/
@@ -1424,28 +1424,28 @@ CVE-2015-XXXX [quoteless attributes in templates can lead to content injection]
 	NOTE: https://github.com/janl/mustache.js/commit/378bcca8a5cfe4058f294a3dbb78e8755e8e0da5
 	NOTE: https://nodesecurity.io/advisories/62
 	NOTE: Security hardening, not a vulnerability
-CVE-2015-9244
+CVE-2015-9244 (Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not ...)
 	- node-mysql 2.0.0~alpha8-1 (unimportant)
 	NOTE: https://github.com/felixge/node-mysql/issues/342
 	NOTE: https://nodesecurity.io/advisories/66
 	NOTE: nodejs not covered by security support
-CVE-2015-8830
+CVE-2015-8830 (Integer overflow in the aio_setup_single_vector function in fs/aio.c i ...)
 	- linux 4.1.3-1
 	[jessie] - linux 3.16.7-ckt20-1+deb8u4
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/4c185ce06dca14f5cea192f5a2c981ef50663f2b (v4.1-rc1)
-CVE-2015-8816
+CVE-2015-8816 (The hub_activate function in drivers/usb/core/hub.c in the Linux kerne ...)
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Fixed by: https://git.kernel.org/linus/e50293ef9775c5f1cf3fcc093037dd6a8c5684ea (v4.4-rc6)
-CVE-2015-8815
+CVE-2015-8815 (Multiple cross-site scripting (XSS) vulnerabilities in Umbraco before  ...)
 	NOT-FOR-US: Umbraco
-CVE-2015-8814
+CVE-2015-8814 (Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery se ...)
 	NOT-FOR-US: Umbraco
-CVE-2015-8813
+CVE-2015-8813 (The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/das ...)
 	NOT-FOR-US: Umbraco
-CVE-2015-8812
+CVE-2015-8812 (drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 d ...)
 	{DSA-3503-1 DLA-439-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
@@ -1459,68 +1459,68 @@ CVE-2015-8810
 	RESERVED
 CVE-2015-8809
 	RESERVED
-CVE-2015-8808
+CVE-2015-8808 (The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allo ...)
 	{DSA-3746-1 DLA-484-1}
 	- graphicsmagick 1.3.21-2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/06/1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=8e8fa353f53
 CVE-2015-8802
 	REJECTED
-CVE-2015-8801
+CVE-2015-8801 (Race condition in the client in Symantec Endpoint Protection (SEP) 12. ...)
 	NOT-FOR-US: Symantec
-CVE-2015-8800
+CVE-2015-8800 (Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x ...)
 	NOT-FOR-US: Symantec
-CVE-2015-8799
+CVE-2015-8799 (Directory traversal vulnerability in the Management Server in Symantec ...)
 	NOT-FOR-US: Symantec
-CVE-2015-8798
+CVE-2015-8798 (Directory traversal vulnerability in the Management Server in Symantec ...)
 	NOT-FOR-US: Symantec
-CVE-2015-8807
+CVE-2015-8807 (Cross-site scripting (XSS) vulnerability in the _renderVarInput_number ...)
 	{DSA-3496-1}
 	- php-horde-core 2.22.4+debian0-1 (bug #813590)
 	NOTE: https://github.com/horde/horde/commit/11d74fa5a22fe626c5e5a010b703cd46a136f253
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/06/4
-CVE-2015-8806
+CVE-2015-8806 (dict.c in libxml2 allows remote attackers to cause a denial of service ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1 (bug #813613)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=749115
 	NOTE: Same fix as CVE-2016-1839 seems to resolve the issue
-CVE-2015-8805
+CVE-2015-8805 (The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not p ...)
 	- nettle 3.2-1 (bug #813679)
 	[jessie] - nettle 2.7.1-5+deb8u1
 	[wheezy] - nettle <not-affected> (Vulnerable code not present)
 	[squeeze] - nettle <not-affected> (Vulnerable code not present)
 	NOTE: https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
-CVE-2015-8804
+CVE-2015-8804 (x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle  ...)
 	- nettle 3.2-1 (bug #813679)
 	[jessie] - nettle 2.7.1-5+deb8u1
 	[wheezy] - nettle <not-affected> (Vulnerable code not present)
 	[squeeze] - nettle <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003024.html
 	NOTE: https://git.lysator.liu.se/nettle/nettle/commit/fa269b6ad06dd13c901dbd84a12e52b918a09cd7
-CVE-2015-8803
+CVE-2015-8803 (The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not p ...)
 	- nettle 3.2-1 (bug #813679)
 	[jessie] - nettle 2.7.1-5+deb8u1
 	[wheezy] - nettle <not-affected> (Vulnerable code not present)
 	[squeeze] - nettle <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003028.html
 	NOTE: https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
-CVE-2015-8797
+CVE-2015-8797 (Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plug ...)
 	- lucene-solr <not-affected> (Vulnerable code not present)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-7949
-CVE-2015-8796
+CVE-2015-8796 (Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/sche ...)
 	- lucene-solr <not-affected> (Vulnerable code not present)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-7920
-CVE-2015-8795
+CVE-2015-8795 (Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in ...)
 	- lucene-solr <not-affected> (Vulnerable code not present)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-7346
-CVE-2015-8794
+CVE-2015-8794 (Absolute path traversal vulnerability in program/steps/addressbook/pho ...)
 	- roundcube 1.1.2+dfsg.1-1
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://www.scip.ch/en/?vuldb.80732
 	NOTE: http://web.archive.org/web/20160329044745/http://roundcube.net/news/2015/06/05/updates-1.1.2-and-1.0.6-released
 	NOTE: http://trac.roundcube.net/ticket/1490379
-CVE-2015-8793
+CVE-2015-8793 (Cross-site scripting (XSS) vulnerability in program/include/rcmail.php ...)
 	- roundcube 1.1.2+dfsg.1-1
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
@@ -1528,12 +1528,12 @@ CVE-2015-8793
 	NOTE: http://www.scip.ch/en/?vuldb.80731
 	NOTE: http://trac.roundcube.net/ticket/1490417 - mentions 1.0 not vulnerable, verified code not present in squeeze
 	NOTE: http://web.archive.org/web/20150627125240/http://trac.roundcube.net:80/changeset/b782815dac/github
-CVE-2015-8791
+CVE-2015-8791 (The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 a ...)
 	{DSA-3538-1 DLA-438-1}
 	- libebml 1.3.3-1
 	NOTE: https://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html
 	NOTE: https://github.com/Matroska-Org/libebml/commit/24e5cd7c666b1ddd85619d60486db0a5481c1b90
-CVE-2015-8790
+CVE-2015-8790 (The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 ...)
 	{DSA-3538-1 DLA-438-1}
 	- libebml 1.3.3-1
 	NOTE: https://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html
@@ -1562,12 +1562,12 @@ CVE-2015-XXXX [Use-after-free in WDDX Packet Deserialization]
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=366f9505a4aae98ef2f4ca39a838f628a324b746
 	NOTE: https://bugs.php.net/bug.php?id=70661
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/03/3
-CVE-2015-8792
+CVE-2015-8792 (The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 al ...)
 	{DSA-3526-1 DLA-420-1}
 	- libmatroska 1.4.4-1
 	NOTE: http://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html
 	NOTE: https://github.com/Matroska-Org/libmatroska/commit/0a2d3e3644a7453b6513db2f9bc270f77943573f
-CVE-2015-8789
+CVE-2015-8789 (Use-after-free vulnerability in the EbmlMaster::Read function in libEB ...)
 	{DSA-3538-1}
 	- libebml 1.3.3-1
 	[squeeze] - libebml <not-affected> (Vulnerable code not present)
@@ -1575,7 +1575,7 @@ CVE-2015-8789
 	NOTE: https://github.com/Matroska-Org/libebml/commit/88409e2a94dd3b40ff81d08bf6d92f486d036b24
 CVE-2015-8788
 	RESERVED
-CVE-2015-8787
+CVE-2015-8787 (The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c i ...)
 	- linux 4.3.5-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in v3.19-rc1)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in v3.19-rc1)
@@ -1585,35 +1585,35 @@ CVE-2015-8787
 	NOTE: Introduced by: https://git.kernel.org/linus/8b13eddfdf04cbfa561725cfc42d6868fe896f56 (v3.19-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/94f9cd81436c85d8c3a318ba92e236ede73752fc (v4.4-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/27/6
-CVE-2015-8786
+CVE-2015-8786 (The Management plugin in RabbitMQ before 3.6.1 allows remote authentic ...)
 	- rabbitmq-server 3.6.5-1
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	[wheezy] - rabbitmq-server <not-affected> (lengths_age or lengths_incr parameters are not present)
 	NOTE: https://github.com/rabbitmq/rabbitmq-management/issues/97
-CVE-2015-8780
+CVE-2015-8780 (Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a  ...)
 	NOT-FOR-US: Samsung
-CVE-2015-8783
+CVE-2015-8783 (tif_luv.c in libtiff allows attackers to cause a denial of service (ou ...)
 	{DSA-3467-1 DLA-880-1 DLA-405-1}
 	- tiff 4.0.6-1
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522
 	NOTE: Commit: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/3
-CVE-2015-8782
+CVE-2015-8782 (tif_luv.c in libtiff allows attackers to cause a denial of service (ou ...)
 	{DSA-3467-1 DLA-880-1 DLA-405-1}
 	- tiff 4.0.6-1
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522
 	NOTE: Commit: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/3
-CVE-2015-8781
+CVE-2015-8781 (tif_luv.c in libtiff allows attackers to cause a denial of service (ou ...)
 	{DSA-3467-1 DLA-880-1 DLA-405-1}
 	- tiff 4.0.6-1
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522#0
 	NOTE: Commit: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/3
-CVE-2015-8784
+CVE-2015-8784 (The NeXTDecode function in tif_next.c in LibTIFF allows remote attacke ...)
 	{DSA-3467-1 DLA-880-1 DLA-405-1}
 	- tiff 4.0.6-1
 	- tiff3 <removed>
@@ -1636,66 +1636,66 @@ CVE-2015-8775
 	RESERVED
 CVE-2015-8774
 	RESERVED
-CVE-2015-8773
+CVE-2015-8773 (Stack-based buffer overflow in McPvDrv.sys 4.6.111.0 in McAfee File Lo ...)
 	NOT-FOR-US: McAfee
-CVE-2015-8772
+CVE-2015-8772 (McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protecti ...)
 	NOT-FOR-US: McAfee
-CVE-2015-8779
+CVE-2015-8779 (Stack-based buffer overflow in the catopen function in the GNU C Libra ...)
 	{DSA-3481-1 DSA-3480-1 DLA-411-1}
 	- glibc 2.21-7 (bug #812455)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17905#c0
-CVE-2015-8778
+CVE-2015-8778 (Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 ...)
 	{DSA-3481-1 DSA-3480-1 DLA-411-1}
 	- glibc 2.21-8 (bug #812441)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18240
-CVE-2015-8776
+CVE-2015-8776 (The strftime function in the GNU C Library (aka glibc or libc6) before ...)
 	{DSA-3481-1 DSA-3480-1 DLA-411-1}
 	- glibc 2.21-7 (bug #812445)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18985
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d36c75fc0d44deec29635dd239b0fbd206ca49b7
-CVE-2015-8771
+CVE-2015-8771 (The generate_smb_nt_hash function in include/functions.inc in GOsa all ...)
 	{DLA-562-1 DLA-408-1}
 	- gosa 2.7.4+reloaded2-6
 	[jessie] - gosa 2.7.4+reloaded2-1+deb8u2
 	NOTE: https://github.com/gosa-project/gosa-core/commit/a67a047cba2cdae8bccb0f0e2bc6d3eb45cfcbc8
-CVE-2015-8770
+CVE-2015-8770 (Directory traversal vulnerability in the set_skin function in program/ ...)
 	{DSA-3541-1 DLA-392-1}
 	- roundcube 1.1.4+dfsg.1-1
 	NOTE: http://web.archive.org/web/20160329044421/http://roundcube.net/news/2015/12/26/updates-1.1.4-and-1.0.8-released
 	NOTE: https://github.com/roundcube/roundcubemail/commit/10e5192a2b1bc90ec137f5e69d0aa072c1210d6d
-CVE-2015-8769
+CVE-2015-8769 (SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attacke ...)
 	NOT-FOR-US: Joomla!
-CVE-2015-8768
+CVE-2015-8768 (click/install.py in click does not require files in package filesystem ...)
 	NOT-FOR-US: Click package manager
 	NOTE: http://www.ubuntu.com/usn/usn-2771-1/
-CVE-2015-8766
+CVE-2015-8766 (Multiple cross-site scripting (XSS) vulnerabilities in content/content ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2015-8765
+CVE-2015-8765 (Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1. ...)
 	NOT-FOR-US: McAfee
-CVE-2015-8761
+CVE-2015-8761 (The Values module 7.x-1.x before 7.x-1.2 for Drupal does not properly  ...)
 	NOT-FOR-US: Values module for Drupal
-CVE-2015-8760
+CVE-2015-8760 (The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote att ...)
 	NOT-FOR-US: Typo3
-CVE-2015-8759
+CVE-2015-8759 (Cross-site scripting (XSS) vulnerability in the typoLink function in T ...)
 	NOT-FOR-US: Typo3
-CVE-2015-8758
+CVE-2015-8758 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified fro ...)
 	NOT-FOR-US: Typo3
-CVE-2015-8757
+CVE-2015-8757 (Cross-site scripting (XSS) vulnerability in the Extension Manager in T ...)
 	NOT-FOR-US: Typo3
-CVE-2015-8756
+CVE-2015-8756 (Cross-site scripting (XSS) vulnerability in the search result view in  ...)
 	NOT-FOR-US: Typo3
-CVE-2015-8755
+CVE-2015-8755 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified bac ...)
 	NOT-FOR-US: Typo3
-CVE-2015-8754
+CVE-2015-8754 (The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote att ...)
 	NOT-FOR-US: Mollom module for Drupal
-CVE-2015-8753
+CVE-2015-8753 (SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization  ...)
 	NOT-FOR-US: SAP Afaria
 CVE-2015-8752
 	REJECTED
-CVE-2015-8767
+CVE-2015-8767 (net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not prope ...)
 	{DSA-3448-1 DLA-412-1}
 	- linux 4.3.1-1
 	[wheezy] - linux 3.2.73-2+deb7u3
@@ -1709,13 +1709,13 @@ CVE-2015-XXXX [use after free / double free]
 	[squeeze] - lighttpd <not-affected> (Regression introduced in 1.4.36)
 	NOTE: http://redmine.lighttpd.net/issues/2700
 	NOTE: Introduced in 1.4.36: http://web.archive.org/web/20150906061055/http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2976
-CVE-2015-8764
+CVE-2015-8764 (Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 ...)
 	- freeradius <not-affected> (Affects 3.0 up to 3.0.8)
 	NOTE: http://freeradius.org/security.html#eap-pwd-2015
-CVE-2015-8763
+CVE-2015-8763 (The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attac ...)
 	- freeradius <not-affected> (Affects 3.0 up to 3.0.8)
 	NOTE: http://freeradius.org/security.html#eap-pwd-2015
-CVE-2015-8762
+CVE-2015-8762 (The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attac ...)
 	- freeradius <not-affected> (Affects 3.0 up to 3.0.8)
 	NOTE: http://freeradius.org/security.html#eap-pwd-2015
 CVE-2015-8751
@@ -1724,25 +1724,25 @@ CVE-2015-8751
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1294039
 	NOTE: In 1.900.1-5.1 this issue was fixed as part of the patch for CVE-2008-3520
 	NOTE: like other distribution did.
-CVE-2015-8750
+CVE-2015-8750 (libdwarf 20151114 and earlier allows remote attackers to cause a denia ...)
 	{DLA-669-1 DLA-388-1}
 	- dwarfutils 20160507-1 (bug #813182)
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1294264
 	NOTE: https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697
-CVE-2015-8749
+CVE-2015-8749 (The volume_utils._parse_volume_info function in OpenStack Compute (Nov ...)
 	- nova 2:13.0.0~rc3-1
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: https://launchpad.net/bugs/1516765
 	NOTE: Affects: >= 2014.2 <= 2015.1.2, ==12.0.0
-CVE-2015-8748
+CVE-2015-8748 (Radicale before 1.1 allows remote authenticated users to bypass owner_ ...)
 	{DSA-3462-1 DLA-403-1}
 	- radicale 1.1.1-1 (bug #809920)
-CVE-2015-8747
+CVE-2015-8747 (The multifilesystem storage backend in Radicale before 1.1 allows remo ...)
 	{DSA-3462-1 DLA-403-1}
 	- radicale 1.1.1-1 (bug #809920)
-CVE-2015-8746
+CVE-2015-8746 (fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 d ...)
 	- linux 4.3.1-1
 	[jessie] - linux 3.16.7-ckt20-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -1751,12 +1751,12 @@ CVE-2015-8746
 	NOTE: Fixed by: https://git.kernel.org/linus/18e3b739fdc826481c6a1335ce0c5b19b3d415da (v4.3-rc1)
 	NOTE: Fixed as well in v3.16.7-ckt18 (commit: 6a64d8c4c07c176abee384803f28fa1507963369)
 	NOTE: Introduced by: https://git.kernel.org/linus/ec011fe847347b40c60fdb5085f65227762e2e08 (v3.13-rc1)
-CVE-2015-8604
+CVE-2015-8604 (SQL injection vulnerability in the host_new_graphs function in graphs_ ...)
 	{DSA-3494-1 DLA-386-1}
 	- cacti 0.8.8f+ds1-4
 	NOTE: http://bugs.cacti.net/view.php?id=2652
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/04/8
-CVE-2015-8742
+CVE-2015-8742 (The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c  ...)
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1764,7 +1764,7 @@ CVE-2015-8742
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-60.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11931
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d48b0eff28c995947ac3f8d842ddd9b50dd5798d
-CVE-2015-8741
+CVE-2015-8741 (The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI di ...)
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1772,7 +1772,7 @@ CVE-2015-8741
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2290eba5cb25f927f9142680193ac1158d35506e
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11876
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-59.html
-CVE-2015-8740
+CVE-2015-8740 (The dissect_tds7_colmetadata_token function in epan/dissectors/packet- ...)
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1780,7 +1780,7 @@ CVE-2015-8740
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e78093f69f1e95df919bbe644baa06c7e4e720c0
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11846
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-58.html
-CVE-2015-8739
+CVE-2015-8739 (The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the  ...)
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1788,7 +1788,7 @@ CVE-2015-8739
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=96bf82ced0b58c7a4c2a6c300efeebe4f05c0ff4
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11831
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-57.html
-CVE-2015-8738
+CVE-2015-8738 (The s7comm_decode_ud_cpu_szl_subfunc function in epan/dissectors/packe ...)
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1796,7 +1796,7 @@ CVE-2015-8738
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=858c3f0079f987833fb22eba2c361d1a88ba4103
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11823
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-56.html
-CVE-2015-8737
+CVE-2015-8737 (The mp2t_open function in wiretap/mp2t.c in the MP2T file parser in Wi ...)
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1804,7 +1804,7 @@ CVE-2015-8737
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e3fc691368af60bbbaec9e038ee6a6d3b7707955
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11821
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-55.html
-CVE-2015-8736
+CVE-2015-8736 (The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file par ...)
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1812,7 +1812,7 @@ CVE-2015-8736
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=baa3eab78b422616a92ee38551c1b1510dca4ccb
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11820
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-54.html
-CVE-2015-8735
+CVE-2015-8735 (The get_value function in epan/dissectors/packet-btatt.c in the Blueto ...)
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1820,7 +1820,7 @@ CVE-2015-8735
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=83bad0215dae54e77d34f8b187900125f672366e
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11817
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-53.html
-CVE-2015-8734
+CVE-2015-8734 (The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP di ...)
 	- wireshark 2.0.1+g59ea380-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -1828,7 +1828,7 @@ CVE-2015-8734
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9b2c889abe0219fc162659e106c5b95deb6268f3
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11726
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-52.html
-CVE-2015-8733
+CVE-2015-8733 (The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sn ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1836,7 +1836,7 @@ CVE-2015-8733
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=53a3e53fce30523d11ab3df319fba7b75d63076f
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-51.html
-CVE-2015-8732
+CVE-2015-8732 (The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/p ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1845,7 +1845,7 @@ CVE-2015-8732
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9352616ec9742f2ed3d2802d0c8c100d51ca410b
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11830
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-50.html
-CVE-2015-8731
+CVE-2015-8731 (The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c i ...)
 	{DSA-3516-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
@@ -1853,7 +1853,7 @@ CVE-2015-8731
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11829
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-49.html
 	NOTE: fix released in 2.0.1 is incomplete, but the rest is tracked under CVE-2016-2530
-CVE-2015-8730
+CVE-2015-8730 (epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12. ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1861,14 +1861,14 @@ CVE-2015-8730
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d2644aef369af0667220b5bd69996915b29d753d
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11815
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-48.html
-CVE-2015-8729
+CVE-2015-8729 (The ascend_seek function in wiretap/ascendtext.c in the Ascend file pa ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=338da1c0ea0b2f8595d3a7b6d6c9548f7da3e27b
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11794
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-47.html
-CVE-2015-8728
+CVE-2015-8728 (The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in t ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark 1.8.2-5wheezy18
@@ -1876,14 +1876,14 @@ CVE-2015-8728
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=15edc8d714b11dcff3a04e5d00b8db9adfdb81ed
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11797
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-46.html
-CVE-2015-8727
+CVE-2015-8727 (The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in t ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=56baca60271379cb97f6a4a6bf72eb526e8b52d0
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11793
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-45.html
-CVE-2015-8726
+CVE-2015-8726 (wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1 ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1893,7 +1893,7 @@ CVE-2015-8726
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11791
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-44.html
-CVE-2015-8725
+CVE-2015-8725 (The dissect_diameter_base_framed_ipv6_prefix function in epan/dissecto ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark 1.8.2-5wheezy18
@@ -1901,7 +1901,7 @@ CVE-2015-8725
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=aaa28a9d39158ca1033bbd3372cf423abbf4f202
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11792
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-43.html
-CVE-2015-8724
+CVE-2015-8724 (The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c i ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1 (unimportant)
 	[wheezy] - wireshark 1.8.2-5wheezy18
@@ -1910,7 +1910,7 @@ CVE-2015-8724
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11826
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-42.html
 	NOTE: Not suitable for code injection
-CVE-2015-8723
+CVE-2015-8723 (The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802 ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark 1.8.2-5wheezy18
@@ -1918,7 +1918,7 @@ CVE-2015-8723
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-42.html
-CVE-2015-8722
+CVE-2015-8722 (epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12. ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1927,20 +1927,20 @@ CVE-2015-8722
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1b32d505a59475d51d9b2bed5f0869d2d154e8b6
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11767
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-41.html
-CVE-2015-8721
+CVE-2015-8721 (Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c i ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cec0593ae6c3bca65eff65741c2a10f3de3e0afe
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11548
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-40.html
-CVE-2015-8720
+CVE-2015-8720 (The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=921bb07115fbffc081ec56a5022b4a9d58db6d39
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-39.html
-CVE-2015-8719
+CVE-2015-8719 (The dissect_dns_answer function in epan/dissectors/packet-dns.c in the ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1948,13 +1948,13 @@ CVE-2015-8719
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=30651ab18b42e666f57ea239e58f3ff3a5e9c4ad
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10988
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-38.html
-CVE-2015-8718
+CVE-2015-8718 (Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM d ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81dfe6d450ada42d12f20ac26a6d8ae2302df37e
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-37.html
-CVE-2015-8717
+CVE-2015-8717 (The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP di ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1962,14 +1962,14 @@ CVE-2015-8717
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ddd92b6f8f587325b9e14598658626f3a007c5c
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-36.html
-CVE-2015-8716
+CVE-2015-8716 (The init_t38_info_conv function in epan/dissectors/packet-t38.c in the ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=eb6ccb1b0c4ad02b828652c3fe6e8d51c30a315e
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-35.html
-CVE-2015-8715
+CVE-2015-8715 (epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1977,14 +1977,14 @@ CVE-2015-8715
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40caff2d1fb08262c84aaaa8ac584baa8866dd7c
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11607
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-34.html
-CVE-2015-8714
+CVE-2015-8714 (The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in t ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d34267d0503a67235bf259fd2f2f2d2bb8b18cf5
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11610
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-33.html
-CVE-2015-8713
+CVE-2015-8713 (epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -1992,7 +1992,7 @@ CVE-2015-8713
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=67b6d4f7e6f2117b40957fd51518aa2a3e659002
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11606
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-32.html
-CVE-2015-8712
+CVE-2015-8712 (The dissect_hsdsch_channel_info function in epan/dissectors/packet-umt ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -2000,7 +2000,7 @@ CVE-2015-8712
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ae329a47b7f0ac94089c23e79c6b8bc18ba80ea
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-32.html
-CVE-2015-8711
+CVE-2015-8711 (epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12. ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -2012,9 +2012,9 @@ CVE-2015-8711
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11835
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-31.html
-CVE-2015-8707
+CVE-2015-8707 (Password reset tokens in Magento CE before 1.9.2.2, and Magento EE bef ...)
 	NOT-FOR-US: Magento
-CVE-2015-8744
+CVE-2015-8744 (QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC  ...)
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-1
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -2022,7 +2022,7 @@ CVE-2015-8744
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=a7278b36fcab9af469563bd7b9dadebe2ae25e48 (v2.5.0-rc0)
 	NOTE: VMXNET3 device implementation introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=786fd2b0f87baded8c9e55307b99719eea3e016e (v1.5.0-rc0)
-CVE-2015-8745
+CVE-2015-8745 (QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC  ...)
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-1
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -2030,7 +2030,7 @@ CVE-2015-8745
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=c6048f849c7e3f009786df76206e895a69de032c (v2.5.0-rc0)
 	NOTE: VMXNET3 device implementation introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=786fd2b0f87baded8c9e55307b99719eea3e016e (v1.5.0-rc0)
-CVE-2015-8743
+CVE-2015-8743 (QEMU (aka Quick Emulator) built with the NE2000 device emulation suppo ...)
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-2 (bug #810519)
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
@@ -2042,21 +2042,21 @@ CVE-2015-8743
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/04/1
 CVE-2015-8706
 	RESERVED
-CVE-2015-8705
+CVE-2015-8705 (buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logg ...)
 	- bind9 <not-affected> (Only affects 9.10.0->9.10.3-P2)
 	NOTE: https://kb.isc.org/article/AA-01336
-CVE-2015-8704
+CVE-2015-8704 (apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.1 ...)
 	{DSA-3449-1 DLA-396-1}
 	- bind9 1:9.10.3.dfsg.P4-6 (bug #812077)
 	NOTE: https://kb.isc.org/article/AA-01335
-CVE-2015-8703
+CVE-2015-8703 (ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10  ...)
 	NOT-FOR-US: ZTE router
-CVE-2015-8702
+CVE-2015-8702 (The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allow ...)
 	{DSA-3527-1 DLA-384-1}
 	- inspircd 2.0.20-1
 	NOTE: https://github.com/inspircd/inspircd/commit/6058483d9fbc1b904d5ae7cfea47bfcde5c5b559
 	NOTE: http://www.inspircd.org/2015/04/16/v2019-released.html
-CVE-2015-8701
+CVE-2015-8701 (QEMU (aka Quick Emulator) built with the Rocker switch emulation suppo ...)
 	- qemu 1:2.5+dfsg-3 (bug #809313)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced after qemu 2.3)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced after qemu 2.3)
@@ -2065,9 +2065,9 @@ CVE-2015-8701
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/28/6
 CVE-2015-8700
 	RESERVED
-CVE-2015-8699
+CVE-2015-8699 (Multiple cross-site scripting (XSS) vulnerabilities in CA Release Auto ...)
 	NOT-FOR-US: CA Release Automation
-CVE-2015-8698
+CVE-2015-8698 (CA Release Automation (formerly LISA Release Automation) 5.0.2 before  ...)
 	NOT-FOR-US: CA Release Automation
 CVE-2015-8696
 	RESERVED
@@ -2085,151 +2085,151 @@ CVE-2015-8690
 	RESERVED
 CVE-2015-8689
 	RESERVED
-CVE-2015-8688
+CVE-2015-8688 (Gajim before 0.16.5 allows remote attackers to modify the roster and i ...)
 	{DSA-3492-1 DLA-413-1}
 	- gajim 0.16.5-0.1 (bug #809900)
 	NOTE: http://gultsch.de/gajim_roster_push_and_message_interception.html
 	NOTE: https://trac.gajim.org/changeset/af78b7c068904d78c5dfb802826aae99f26a8947/
-CVE-2015-8687
+CVE-2015-8687 (Multiple cross-site scripting (XSS) vulnerabilities in the Management  ...)
 	NOT-FOR-US: Alcatel
 CVE-2015-8686
 	RESERVED
-CVE-2015-8685
+CVE-2015-8685 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CR ...)
 	- dolibarr 3.5.8+dfsg1-1 (bug #812449)
 	[jessie] - dolibarr 3.5.5+dfsg1-1+deb8u1
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/4291
 	NOTE: https://github.com/GPCsolutions/dolibarr/commit/0d3181324c816bdf664ca5e1548dfe8eb05c54f8
-CVE-2015-8684
+CVE-2015-8684 (Exponent CMS before 2.3.7 does not properly restrict the types of file ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2015-8682
+CVE-2015-8682 (The Video0 driver in Huawei P8 smartphones with software GRA-UL00 befo ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8681
+CVE-2015-8681 (The ovisp driver in Huawei P8 smartphones with software GRA-TL00 befor ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8680
+CVE-2015-8680 (The Graphics driver in Huawei P8 smartphones with software GRA-TL00 be ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8679
+CVE-2015-8679 (The Maxim_smartpa_dev driver in Huawei P8 smartphones with software GR ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8678
+CVE-2015-8678 (The ION driver in Huawei P8 smartphones with software GRA-TL00 before  ...)
 	NOT-FOR-US: ION driver in Huawei P8 smartphones
-CVE-2015-8677
+CVE-2015-8677 (Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus se ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8676
+CVE-2015-8676 (Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8675
+CVE-2015-8675 (Huawei S5300 Campus Series switches with software before V200R005SPH00 ...)
 	NOT-FOR-US: Huawei
 CVE-2015-8674
 	REJECTED
-CVE-2015-8673
+CVE-2015-8673 (Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoi ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8672
+CVE-2015-8672 (The presentation transmission permission management mechanism in Huawe ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8671
+CVE-2015-8671 (Huawei LogCenter V100R001C10 could allow an authenticated attacker to  ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8670
+CVE-2015-8670 (Huawei LogCenter V100R001C10 could allow an authenticated attacker to  ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8667
+CVE-2015-8667 (Cross-site scripting (XSS) vulnerability in Reset Your Password module ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2015-8664
+CVE-2015-8664 (Integer overflow in the WebCursor::Deserialize function in content/com ...)
 	- chromium-browser 47.0.2526.111-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-8663
+CVE-2015-8663 (The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8. ...)
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.4-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=abee0a1c60612e8638640a8a3738fffb65e16dbf
 	NOTE: For libav in jessie the patch needs to applied in libavcodec/decode.c in line 1884.
-CVE-2015-8662
+CVE-2015-8662 (The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg befor ...)
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.4-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=75422280fbcdfbe9dc56bde5525b4d8b280f1bc5
-CVE-2015-8661
+CVE-2015-8661 (The h264_slice_header_init function in libavcodec/h264_slice.c in FFmp ...)
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.3-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4ea4d2f438c9a7eba37980c9a87be4b34943e4d5
-CVE-2015-8658
+CVE-2015-8658 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8657
+CVE-2015-8657 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8656
+CVE-2015-8656 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8655
+CVE-2015-8655 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8654
+CVE-2015-8654 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8653
+CVE-2015-8653 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8652
+CVE-2015-8652 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8651
+CVE-2015-8651 (Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8650
+CVE-2015-8650 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8649
+CVE-2015-8649 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8648
+CVE-2015-8648 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8647
+CVE-2015-8647 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8646
+CVE-2015-8646 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8645
+CVE-2015-8645 (Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8644
+CVE-2015-8644 (Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8643
+CVE-2015-8643 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8642
+CVE-2015-8642 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8641
+CVE-2015-8641 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8640
+CVE-2015-8640 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8639
+CVE-2015-8639 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8638
+CVE-2015-8638 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-8637
 	REJECTED
-CVE-2015-8636
+CVE-2015-8636 (Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8635
+CVE-2015-8635 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8634
+CVE-2015-8634 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 a ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-8633
 	RESERVED
 CVE-2015-8632
 	RESERVED
-CVE-2015-8631
+CVE-2015-8631 (Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MI ...)
 	{DSA-3466-1 DLA-423-1}
 	- krb5 1.13.2+dfsg-5 (bug #813126)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/83ed75feba32e46f736fcce0d96a0445f29b96c2
-CVE-2015-8630
+CVE-2015-8630 (The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functi ...)
 	- krb5 1.13.2+dfsg-5 (bug #813127)
 	[jessie] - krb5 1.12.1+dfsg-19+deb8u2
 	[wheezy] - krb5 <not-affected> (Vulnerability introduced in 1.12)
 	[squeeze] - krb5 <not-affected> (Vulnerability introduced in 1.12)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/b863de7fbf080b15e347a736fdda0a82d42f4f6b
 	NOTE: Introduced by: https://github.com/krb5/krb5/commit/0780e46fc13dbafa177525164997cd204cc50b51 (krb5-1.12-alpha1)
-CVE-2015-8629
+CVE-2015-8629 (The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in  ...)
 	{DSA-3466-1 DLA-423-1}
 	- krb5 1.13.2+dfsg-5 (bug #813296)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/df17a1224a3406f57477bcd372c61e04c0e5a5bb
-CVE-2015-8620
+CVE-2015-8620 (Heap-based buffer overflow in the Avast virtualization driver (aswSnx. ...)
 	NOT-FOR-US: Avast
-CVE-2015-8669
+CVE-2015-8669 (libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12 ...)
 	- phpmyadmin 4:4.5.3.1-1 (unimportant)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2015-6/
 	NOTE: non-issue for Debian-packaged version
-CVE-2015-8668
+CVE-2015-8668 (Heap-based buffer overflow in the PackBitsPreEncode function in tif_pa ...)
 	{DLA-693-1}
 	[jessie] - tiff 4.0.3-12.3+deb8u2
 	- tiff 4.0.6-3 (bug #842046)
@@ -2242,19 +2242,19 @@ CVE-2015-8668
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2563#c4
 	NOTE: Reproducer file here: http://bugzilla.maptools.org/attachment.cgi?id=677
 	NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2015-8683
+CVE-2015-8683 (The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 al ...)
 	{DSA-3467-1 DLA-610-1 DLA-402-1}
 	- tiff 4.0.6-1 (bug #809021)
 	- tiff3 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/25/1
 	NOTE: https://github.com/vadz/libtiff/commit/f94a29a822f5528d2334592760fbb7938f15eb55
-CVE-2015-8665
+CVE-2015-8665 (tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a den ...)
 	{DSA-3467-1 DLA-610-1 DLA-402-1}
 	- tiff 4.0.6-1 (bug #808968)
 	- tiff3 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/24/2
 	NOTE: https://github.com/vadz/libtiff/commit/f94a29a822f5528d2334592760fbb7938f15eb55
-CVE-2015-8666
+CVE-2015-8666 (Heap-based buffer overflow in QEMU, when built with the Q35-chipset-ba ...)
 	{DLA-1497-1}
 	- qemu 1:2.5+dfsg-1
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -2266,7 +2266,7 @@ CVE-2015-8666
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283722
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/24/1
 	NOTE: Vulnerable code introduced after 0.14.50: http://git.qemu.org/?p=qemu.git;a=commit;h=23910d3f669d46073b403876e30a7314599633af
-CVE-2015-8660
+CVE-2015-8660 (The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel t ...)
 	- linux 4.3.3-3
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -2274,70 +2274,70 @@ CVE-2015-8660
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=acff81ec2c79492b180fade3c2894425cd35a545 (v4.4-rc4)
 	NOTE: OverlayFS introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/23/5
-CVE-2015-8659
+CVE-2015-8659 (The idle stream handling in nghttp2 before 1.6.0 allows attackers to h ...)
 	- nghttp2 1.6.0-1
 	[jessie] - nghttp2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://nghttp2.org/blog/2015/12/23/nghttp2-v1-6-0/
 	NOTE: Fixed by: https://github.com/tatsuhiro-t/nghttp2/commit/f8c30d022982d089fb90543c0cd5628b161d065d
 	NOTE: Introduced at least after: https://github.com/tatsuhiro-t/nghttp2/commit/b2fb888363c08e98aae0638db62cdf7d164ea1d1
-CVE-2015-8628
+CVE-2015-8628 (The (1) Special:MyPage, (2) Special:MyTalk, (3) Special:MyContribution ...)
 	- mediawiki 1:1.25.5-1 (low)
 	[wheezy] - mediawiki <no-dsa> (Minor issue)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T109724
-CVE-2015-8627
+CVE-2015-8627 (MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4,  ...)
 	- mediawiki 1:1.25.5-1 (low)
 	[wheezy] - mediawiki <no-dsa> (Minor issue)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T97897
-CVE-2015-8626
+CVE-2015-8626 (The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x  ...)
 	- mediawiki 1:1.25.5-1 (low)
 	[wheezy] - mediawiki <no-dsa> (Minor issue)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T115522
-CVE-2015-8625
+CVE-2015-8625 (MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4,  ...)
 	- mediawiki <not-affected> (Vulnerable code not present)
 	NOTE: https://phabricator.wikimedia.org/T118032
-CVE-2015-8624
+CVE-2015-8624 (The User::matchEditToken function in includes/User.php in MediaWiki be ...)
 	- mediawiki 1:1.25.5-1 (low)
 	[wheezy] - mediawiki <no-dsa> (Minor issue)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T119309
-CVE-2015-8623
+CVE-2015-8623 (The User::matchEditToken function in includes/User.php in MediaWiki be ...)
 	- mediawiki 1:1.25.5-1 (low)
 	[wheezy] - mediawiki <no-dsa> (Minor issue)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://gerrit.wikimedia.org/r/#/c/156336/5/includes/User.php
-CVE-2015-8622
+CVE-2015-8622 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.23.12,  ...)
 	- mediawiki 1:1.25.5-1 (low)
 	[wheezy] - mediawiki <no-dsa> (Minor issue)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T117899
-CVE-2015-8621
+CVE-2015-8621 (t-coffee before 11.00.8cbe486-2 allows local users to write to ~/.t_co ...)
 	- t-coffee 11.00.8cbe486-2 (low; bug #751579)
 	[jessie] - t-coffee <no-dsa> (Minor issue)
 	[wheezy] - t-coffee <no-dsa> (Minor issue)
 	[squeeze] - t-coffee <not-affected> (version in Squeeze uses system() and umask is handled correctly by sh (as opposed to later versions that use mkdir()))
-CVE-2015-8617
+CVE-2015-8617 (Format string vulnerability in the zend_throw_or_error function in Zen ...)
 	- php7.0 7.0.1-1
 	NOTE: https://bugs.php.net/bug.php?id=71105
 	NOTE: https://github.com/php/php-src/commit/b101a6bbd4f2181c360bd38e7683df4a03cba83e (php-7.0.2RC1)
-CVE-2015-8616
+CVE-2015-8616 (Use-after-free vulnerability in the Collator::sortWithSortKeys functio ...)
 	- php7.0 7.0.1-1
 	NOTE: https://bugs.php.net/bug.php?id=71020
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/22/4
-CVE-2015-8697
+CVE-2015-8697 (stalin 0.11-5 allows local users to write to arbitrary files. ...)
 	- stalin <unfixed> (unimportant; bug #808730)
 	[squeeze] - stalin <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/27/1
 	NOTE: Not exploitable with kernel hardening since wheezy
-CVE-2015-8708
+CVE-2015-8708 (Stack-based buffer overflow in the conv_euctojis function in codeconv. ...)
 	- claws-mail 3.13.1-1.1 (bug #811048)
 	[jessie] - claws-mail <not-affected> (Incomplete fix for CVE-2015-8614 not applied)
 	[wheezy] - claws-mail <not-affected> (Incomplete fix for CVE-2015-8614 not applied)
 	[squeeze] - claws-mail <not-affected> (Incomplete fix for CVE-2015-8614 not applied; instead all fixed included in DLA-383-1)
 	- macopix <not-affected> (Incomplete fix not applied)
-CVE-2015-8614
+CVE-2015-8614 (Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (2) co ...)
 	{DSA-3452-1 DLA-383-1}
 	- claws-mail 3.13.1-1
 	- macopix 1.7.4-6
@@ -2350,9 +2350,9 @@ CVE-2015-8614
 	NOTE: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557
 	NOTE: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3584
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=569010
-CVE-2015-8611
+CVE-2015-8611 (BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and P ...)
 	NOT-FOR-US: BIG-IP
-CVE-2015-8613
+CVE-2015-8613 (Stack-based buffer overflow in the megasas_ctrl_get_info function in Q ...)
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-3 (bug #809232)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2362,21 +2362,21 @@ CVE-2015-8613
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1284008
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/21/7
 	NOTE: LSI Megaraid SAS HBA emulation introduced in http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
-CVE-2015-8618
+CVE-2015-8618 (The Int.Exp Montgomery code in the math/big library in Go 1.5.x before ...)
 	- golang 2:1.5.3-1 (bug #809168)
 	[jessie] - golang <not-affected> (Introduced in 1.5 release)
 	[wheezy] - golang <not-affected> (Introduced in 1.5 release)
 	NOTE: https://go-review.googlesource.com/#/c/17672/
 	NOTE: Introduced in 1.5 release. Fixed in 1.5.3 upstream.
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/21/6
-CVE-2015-8615
+CVE-2015-8615 (The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 doe ...)
 	{DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[jessie] - xen <not-affected> (Only affects 4.6)
 	[wheezy] - xen <not-affected> (Only affects 4.6)
 	[squeeze] - xen <not-affected> (Only affects 4.6)
 	NOTE: http://xenbits.xen.org/xsa/advisory-169.html
-CVE-2015-8619
+CVE-2015-8619 (The Human Monitor Interface support in QEMU allows remote attackers to ...)
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-5 (bug #809237)
 	[wheezy] - qemu <not-affected> (Issue introduced afer 1.2)
@@ -2390,10 +2390,10 @@ CVE-2015-8610
 	RESERVED
 CVE-2015-8609
 	RESERVED
-CVE-2015-8608
+CVE-2015-8608 (The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow rem ...)
 	- perl <not-affected> (Only affects Perl on Windows)
 	NOTE: https://rt.perl.org/Public/Bug/Display.html?id=126755
-CVE-2015-8607
+CVE-2015-8607 (The canonpath function in the File::Spec module in PathTools before 3. ...)
 	{DSA-3441-1}
 	- perl 5.22.1-4 (bug #810719)
 	[wheezy] - perl <not-affected> (Introduced in 5.20.0)
@@ -2403,44 +2403,44 @@ CVE-2015-8607
 	[squeeze] - libfile-spec-perl <not-affected> (Introduced in 3.47)
 	NOTE: http://perl5.git.perl.org/perl.git/commit/130509aa42a87eef258fab0182ee2c7ad16baa8b
 	NOTE: https://rt.perl.org/Public/Bug/Display.html?id=126862
-CVE-2015-8606
+CVE-2015-8606 (Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CM ...)
 	NOT-FOR-US: SilverStripe
-CVE-2015-8605
+CVE-2015-8605 (ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 a ...)
 	{DSA-3442-1 DLA-385-2 DLA-385-1}
 	- isc-dhcp 4.3.3-7 (bug #810875)
 	NOTE: https://kb.isc.org/article/AA-01334
-CVE-2015-8603
+CVE-2015-8603 (Cross-site scripting (XSS) vulnerability in Serendipity before 2.0.3 a ...)
 	- serendipity <removed>
-CVE-2015-8602
+CVE-2015-8602 (The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does  ...)
 	NOT-FOR-US: Token Insert Entity module for Drupal
-CVE-2015-8601
+CVE-2015-8601 (The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not proper ...)
 	NOT-FOR-US: Chat Room module for Drupal
-CVE-2015-8600
+CVE-2015-8600 (The SysAdminWebTool servlets in SAP Mobile Platform allow remote attac ...)
 	NOT-FOR-US: SAP
 CVE-2015-8599
 	RESERVED
 CVE-2015-8598
 	RESERVED
-CVE-2015-8597
+CVE-2015-8597 (Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 an ...)
 	NOT-FOR-US: Blue Coat
-CVE-2015-8596
+CVE-2015-8596 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-8595
+CVE-2015-8595 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-8594
+CVE-2015-8594 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-8593
+CVE-2015-8593 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-8592
+CVE-2015-8592 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-8612
+CVE-2015-8612 (The EnableNetwork method in the Network class in plugins/mechanism/Net ...)
 	{DSA-3427-1}
 	- blueman 2.0.3-1
 	[squeeze] - blueman <not-affected> (vulnerable code not present)
 	NOTE: https://twitter.com/thegrugq/status/677809527882813440
 	NOTE: https://github.com/blueman-project/blueman/commit/a3845bbed5fdddf14daec436b7e74f62719a71c1
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/18/6
-CVE-2015-8709
+CVE-2015-8709 (** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 misha ...)
 	- linux 4.3.3-3
 	[jessie] - linux 3.16.7-ckt20-1+deb8u2
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -2469,13 +2469,13 @@ CVE-2015-8582
 	REJECTED
 CVE-2015-8581
 	REJECTED
-CVE-2015-8580
+CVE-2015-8580 (Multiple use-after-free vulnerabilities in the (1) Print method and (2 ...)
 	NOT-FOR-US: Foxit
-CVE-2015-8579
+CVE-2015-8579 (Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, W ...)
 	NOT-FOR-US: Kaspersky
-CVE-2015-8578
+CVE-2015-8578 (AVG Internet Security 2015 allocates memory with Read, Write, Execute  ...)
 	NOT-FOR-US: AVG
-CVE-2015-8577
+CVE-2015-8577 (The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enter ...)
 	NOT-FOR-US: McAfee
 CVE-2015-8576
 	REJECTED
@@ -2489,40 +2489,40 @@ CVE-2015-XXXX [XSA-166: ioreq handling possibly susceptible to multiple read iss
 	[wheezy] - xen 4.1.6.lts1-1
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-166.html
-CVE-2015-8572
+CVE-2015-8572 (Multiple buffer overflows in Autodesk Design Review (ADR) before 2013  ...)
 	NOT-FOR-US: Autodesk
-CVE-2015-8571
+CVE-2015-8571 (Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2  ...)
 	NOT-FOR-US: Autodesk
-CVE-2015-8570
+CVE-2015-8570 (The password reset functionality in Lepide Active Directory Self Servi ...)
 	NOT-FOR-US: Lepide
-CVE-2015-8575
+CVE-2015-8575 (The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel  ...)
 	{DSA-3434-1 DLA-378-1}
 	- linux 4.3.3-3
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4 (v4.4-rc6)
-CVE-2015-8566
+CVE-2015-8566 (The Session package 1.x before 1.3.1 for Joomla! Framework allows remo ...)
 	NOT-FOR-US: Session package for Joomla
-CVE-2015-8565
+CVE-2015-8565 (Directory traversal vulnerability in Joomla! 3.2.0 through 3.3.x and 3 ...)
 	NOT-FOR-US: Joomla!
-CVE-2015-8564
+CVE-2015-8564 (Directory traversal vulnerability in Joomla! 3.4.x before 3.4.6 allows ...)
 	NOT-FOR-US: Joomla!
-CVE-2015-8563
+CVE-2015-8563 (Cross-site request forgery (CSRF) vulnerability in the com_templates c ...)
 	NOT-FOR-US: Joomla!
-CVE-2015-8562
+CVE-2015-8562 (Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to con ...)
 	NOT-FOR-US: Joomla!
-CVE-2015-8561
+CVE-2015-8561 (The F1BookView ActiveX control in F1 Bookview in Schneider Electric Pr ...)
 	NOT-FOR-US: F1BookView
-CVE-2015-8555
+CVE-2015-8555 (Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU  ...)
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-165.html
-CVE-2015-8554
+CVE-2015-8554 (Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using th ...)
 	{DLA-479-1}
 	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-164.html
-CVE-2015-8553
+CVE-2015-8553 (Xen allows guest OS users to obtain sensitive information from uniniti ...)
 	- linux <unfixed>
 	[stretch] - linux <ignored> (Intrusive; breaks qemu as used in Jessie; cf. kernel-sec for more details)
 	[jessie] - linux <ignored> (Intrusive; breaks qemu as used in Jessie; cf. kernel-sec for more details)
@@ -2535,7 +2535,7 @@ CVE-2015-8553
 	NOTE: http://xenbits.xen.org/xsa/advisory-120.html
 	NOTE: Patch is discussed in http://thread.gmane.org/gmane.comp.emulators.xen.devel/140440/focus=140441
 	NOTE: and http://thread.gmane.org/gmane.linux.kernel/1924087/focus=1924088
-CVE-2015-8552
+CVE-2015-8552 (The PCI backend driver in Xen, when running on an x86 system and using ...)
 	{DSA-3434-1}
 	[experimental] - linux 4.4~rc6-1~exp1
 	- linux 4.3.3-3
@@ -2547,7 +2547,7 @@ CVE-2015-8552
 	NOTE: https://git.kernel.org/linus/a396f3a210c3a61e94d6b87ec05a75d0be2a60d0
 	NOTE: https://git.kernel.org/linus/7cfb905b9638982862f0331b36ccaaca5d383b49
 	NOTE: https://git.kernel.org/linus/408fb0e5aa7fda0059db282ff58c3b2a4278baa0
-CVE-2015-8551
+CVE-2015-8551 (The PCI backend driver in Xen, when running on an x86 system and using ...)
 	{DSA-3434-1}
 	[experimental] - linux 4.4~rc6-1~exp1
 	- linux 4.3.3-3
@@ -2559,7 +2559,7 @@ CVE-2015-8551
 	NOTE: https://git.kernel.org/linus/a396f3a210c3a61e94d6b87ec05a75d0be2a60d0
 	NOTE: https://git.kernel.org/linus/7cfb905b9638982862f0331b36ccaaca5d383b49
 	NOTE: https://git.kernel.org/linus/408fb0e5aa7fda0059db282ff58c3b2a4278baa0
-CVE-2015-8550
+CVE-2015-8550 (Xen, when used on a system providing PV backends, allows local guest O ...)
 	{DSA-3519-1 DSA-3471-1 DSA-3434-1 DLA-479-1}
 	[experimental] - linux 4.4~rc6-1~exp1
 	- linux 4.3.3-3
@@ -2583,7 +2583,7 @@ CVE-2015-8550
 	NOTE: https://git.kernel.org/linus/8135cf8b092723dbfcc611fe6fdcb3a36c9951c5
 CVE-2015-8549
 	RESERVED
-CVE-2015-8569
+CVE-2015-8569 (The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pp ...)
 	{DSA-3434-1}
 	- linux 4.3.3-3
 	- linux-2.6 <removed>
@@ -2592,7 +2592,7 @@ CVE-2015-8569
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1 (v4.4-rc6)
 	NOTE: pptp_{connect,bind} introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=00959ade36acadc00e757f87060bf6e4501d545f (v2.6.37-rc1)
 	NOTE: https://lkml.org/lkml/2015/12/14/252
-CVE-2015-8568
+CVE-2015-8568 (Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC  ...)
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-3 (bug #808145)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2600,7 +2600,7 @@ CVE-2015-8568
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4
-CVE-2015-8567
+CVE-2015-8567 (Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause  ...)
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-3 (bug #808145)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2608,7 +2608,7 @@ CVE-2015-8567
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4
-CVE-2015-8559
+CVE-2015-8559 (The knife bootstrap command in chef leaks the validator.pem private RS ...)
 	- chef <unfixed> (bug #809670)
 	[stretch] - chef <ignored> (Minor issue; workaround using validatorless bootstrapping)
 	[jessie] - chef <ignored> (Minor issue; workaround using validatorless bootstrapping)
@@ -2616,7 +2616,7 @@ CVE-2015-8559
 	NOTE: https://github.com/chef/chef/issues/3871
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/10
 	NOTE: Workaround: use validatorless bootstrapping
-CVE-2015-8558
+CVE-2015-8558 (The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows loca ...)
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-2 (bug #808144)
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -2624,13 +2624,13 @@ CVE-2015-8558
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commit;h=156a2e4dbffa85997636a7a39ef12da6f1b40254
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/9
-CVE-2015-8557
+CVE-2015-8557 (The FontManager._get_nix_font_path function in formatters/img.py in Py ...)
 	{DSA-3445-1 DLA-369-1}
 	- pygments 2.0.1+dfsg-2 (bug #802828)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1276321
 	NOTE: https://bitbucket.org/birkenfeld/pygments-main/commits/0036ab1c99e256298094505e5e92f
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/6
-CVE-2015-8548
+CVE-2015-8548 (Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as ...)
 	{DSA-3418-1}
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -2639,14 +2639,14 @@ CVE-2015-8546
 	RESERVED
 CVE-2015-8545
 	RESERVED
-CVE-2015-8544
+CVE-2015-8544 (NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1 ...)
 	NOT-FOR-US: NetApp
-CVE-2015-8542
+CVE-2015-8542 (An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The " ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2015-8556
+CVE-2015-8556 (Local privilege escalation vulnerability in the Gentoo QEMU package be ...)
 	- qemu <not-affected> (Issue specific to virtfs-proxy-helper in Gentoo installed suid)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/5
-CVE-2015-8785
+CVE-2015-8785 (The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kern ...)
 	{DSA-3503-1 DLA-412-1}
 	- linux 4.3.5-1
 	- linux-2.6 <removed>
@@ -2660,21 +2660,21 @@ CVE-2015-XXXX [remotely triggerable crash]
 	[wheezy] - ruby-eventmachine 0.12.10-3+deb7u1
 	NOTE: Workaround entry for DLA-549-1 until CVE assigned
 	NOTE: https://github.com/eventmachine/eventmachine/issues/501#issuecomment-37307556
-CVE-2015-8560
+CVE-2015-8560 (Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-f ...)
 	{DSA-3429-1 DSA-3419-1 DLA-371-1}
 	- cups-filters 1.4.0-1 (bug #807930)
 	[wheezy] - cups-filters <not-affected> (Vulnerable code not present; introduced in 1.0.42)
 	- foomatic-filters 4.0.17-7 (bug #807993)
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/13/2
-CVE-2015-9097
+CVE-2015-9097 (The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is ...)
 	{DLA-489-1}
 	- ruby-mail 2.6.1+dfsg1-1
 	NOTE: https://github.com/mikel/mail/commit/72befdc4dab3e6e288ce226a7da2aa474cf5be83
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/12/11/3
 	NOTE: Fixed in 2.6.0
 	NOTE: "Note that, this patch might not be complete ..." https://bugzilla.redhat.com/show_bug.cgi?id=1293598
-CVE-2015-8547
+CVE-2015-8547 (The CoreUserInputHandler::doMode function in core/coreuserinputhandler ...)
 	- quassel 1:0.12.2-3 (bug #807801)
 	[jessie] - quassel 1:0.10.0-2.3+deb8u2
 	[wheezy] - quassel <not-affected> (Vulnerable code not present)
@@ -2691,14 +2691,14 @@ CVE-2015-8535
 	RESERVED
 CVE-2015-8534
 	RESERVED
-CVE-2015-8540
+CVE-2015-8540 (Integer underflow in the png_check_keyword function in pngwutil.c in l ...)
 	{DSA-3443-1 DLA-375-1}
 	- libpng <removed> (bug #807694)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/10/6
 	NOTE: https://sourceforge.net/p/libpng/bugs/244/
 	NOTE: http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/
 	NOTE: Fixed in 1.0.66, 1.2.56, 1.4.19, and 1.5.26
-CVE-2015-8543
+CVE-2015-8543 (The networking implementation in the Linux kernel through 4.3.3, as us ...)
 	{DLA-378-1}
 	- linux 4.3.3-1
 	[jessie] - linux 3.16.7-ckt20-1+deb8u1
@@ -2706,14 +2706,14 @@ CVE-2015-8543
 	- linux-2.6 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/09/3
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9 (v4.4-rc6)
-CVE-2015-8539
+CVE-2015-8539 (The KEYS subsystem in the Linux kernel before 4.4 allows local users t ...)
 	- linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd (v4.4-rc3)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=146aa8b1453bd8f1ff2304ffb71b4ee0eb9acdcc (v4.4-rc1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1284450
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/09/1
-CVE-2015-8538
+CVE-2015-8538 (dwarf_leb.c in libdwarf allows attackers to cause a denial of service  ...)
 	{DLA-669-1}
 	- dwarfutils 20160507-1 (bug #807817)
 	[jessie] - dwarfutils 20120410-2+deb8u1
@@ -2725,9 +2725,9 @@ CVE-2015-8533
 	REJECTED
 CVE-2015-8532
 	REJECTED
-CVE-2015-8531
+CVE-2015-8531 (Cross-site scripting (XSS) vulnerability in IBM Security Access Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-8530
+CVE-2015-8530 (Stack-based buffer overflow in the Initialize function in an ActiveX c ...)
 	NOT-FOR-US: IBM
 CVE-2015-8529
 	RESERVED
@@ -2739,17 +2739,17 @@ CVE-2015-8526
 	REJECTED
 CVE-2015-8525
 	REJECTED
-CVE-2015-8524
+CVE-2015-8524 (Cross-site scripting (XSS) vulnerability in Process Portal in IBM Busi ...)
 	NOT-FOR-US: IBM
-CVE-2015-8523
+CVE-2015-8523 (The server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before ...)
 	NOT-FOR-US: IBM
-CVE-2015-8522
+CVE-2015-8522 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5 ...)
 	NOT-FOR-US: IBM
-CVE-2015-8521
+CVE-2015-8521 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5 ...)
 	NOT-FOR-US: IBM
-CVE-2015-8520
+CVE-2015-8520 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5 ...)
 	NOT-FOR-US: IBM
-CVE-2015-8519
+CVE-2015-8519 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5 ...)
 	NOT-FOR-US: IBM
 CVE-2015-8518
 	RESERVED
@@ -2763,21 +2763,21 @@ CVE-2015-8514
 	REJECTED
 CVE-2015-8513
 	REJECTED
-CVE-2015-8512
+CVE-2015-8512 (The lockscreen feature in Mozilla Firefox OS before 2.5 does not prope ...)
 	NOT-FOR-US: Firefox OS
-CVE-2015-8511
+CVE-2015-8511 (Race condition in the lockscreen feature in Mozilla Firefox OS before  ...)
 	NOT-FOR-US: Firefox OS
-CVE-2015-8510
+CVE-2015-8510 (Cross-site scripting (XSS) vulnerability in the internationalization f ...)
 	NOT-FOR-US: Firefox OS
-CVE-2015-8509
+CVE-2015-8509 (Template.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4 ...)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2015-8508
+CVE-2015-8508 (Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in ...)
 	- bugzilla4 <itp> (bug #669643)
-CVE-2015-8507
+CVE-2015-8507 (mediaserver in Android 6.0 before 2015-12-01 allows remote attackers t ...)
 	- android <itp> (bug #459219)
-CVE-2015-8506
+CVE-2015-8506 (mediaserver in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 a ...)
 	- android <itp> (bug #459219)
-CVE-2015-8505
+CVE-2015-8505 (mediaserver in Android before 5.1.1 LMY48Z allows remote attackers to  ...)
 	- android <itp> (bug #459219)
 CVE-2015-8503
 	RESERVED
@@ -2807,25 +2807,25 @@ CVE-2015-8491
 	REJECTED
 CVE-2015-8490
 	REJECTED
-CVE-2015-8489
+CVE-2015-8489 (customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenti ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8488
+CVE-2015-8488 (Cybozu Office 10.3.0 allows remote attackers to read image files via a ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8487
+CVE-2015-8487 (Cybozu Office 9.0.0 through 10.3 allows remote attackers to discover C ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8486
+CVE-2015-8486 (Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users t ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8485
+CVE-2015-8485 (Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users t ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8484
+CVE-2015-8484 (Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users t ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8483
+CVE-2015-8483 (Open redirect vulnerability in Cybozu Office 10.2.0 through 10.3.0 all ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2015-8482
+CVE-2015-8482 (Blue Coat Unified Agent before 4.6.2 does not prevent modification of  ...)
 	NOT-FOR-US: Blue Coat Unified Agent
-CVE-2015-8481
+CVE-2015-8481 (Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA S ...)
 	NOT-FOR-US: Atlassian
-CVE-2015-8504
+CVE-2015-8504 (Qemu, when built with VNC display driver support, allows remote attack ...)
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-1 (bug #808130)
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -2834,15 +2834,15 @@ CVE-2015-8504
 	NOTE: Fixed by http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4c65fed8bdf96780735dbdb92a8bd0d6b6526cc3 (v2.5.0-rc3)
 	NOTE: Issue possibly introduced after http://git.qemu.org/?p=qemu.git;a=commitdiff;h=6cec5487990bf3f1f22b3fcb871978255e92ae0d (v0.10.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/08/4
-CVE-2015-8480
+CVE-2015-8480 (The VideoFramePool::PoolImpl::CreateFrame function in media/base/video ...)
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-8479
+CVE-2015-8479 (Use-after-free vulnerability in the AudioOutputDevice::OnDeviceAuthori ...)
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-8478
+CVE-2015-8478 (Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as ...)
 	- chromium-browser 47.0.2526-73-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
@@ -2853,25 +2853,25 @@ CVE-2015-8475
 CVE-2015-8471
 	RESERVED
 	NOT-FOR-US: ATutor
-CVE-2015-8470
+CVE-2015-8470 (The console in Puppet Enterprise 3.7.x, 3.8.x, and 2015.2.x does not s ...)
 	NOT-FOR-US: Puppet Enterprise
 CVE-2015-8469
 	RESERVED
 CVE-2015-8468
 	RESERVED
-CVE-2015-8467
+CVE-2015-8467 (The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_m ...)
 	{DSA-3433-1}
 	- samba 2:4.1.22+dfsg-1
 	[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
 	[squeeze] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
 	NOTE: https://www.samba.org/samba/security/CVE-2015-8467.html
-CVE-2015-8466
+CVE-2015-8466 (Swift3 before 1.9 allows remote attackers to conduct replay attacks vi ...)
 	{DSA-3583-1}
 	- swift-plugin-s3 1.9-1 (bug #822688)
 CVE-2015-XXXX [uses non-random tempdir /tmp/tmprepo.0/.git/]
 	- git-repair 1.20151215-1 (unimportant; bug #807341)
 	NOTE: Non-exploitable on release archs due to kernel hardening
-CVE-2015-8537
+CVE-2015-8537 (app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before ...)
 	{DSA-3529-1}
 	- redmine 3.2.0-1 (bug #807826)
 	[squeeze] - redmine <not-affected> (Vulnerable code not present in 1.0.1)
@@ -2881,11 +2881,11 @@ CVE-2015-8537
 	NOTE: https://github.com/redmine/redmine/commit/7e423fb4538247d59e01958c48b491f196a1de56
 	NOTE: upstream fixed in 2.6.9, 3.0.6 and 3.1.3
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/08/8
-CVE-2015-8476
+CVE-2015-8476 (Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 all ...)
 	{DSA-3416-1 DLA-363-1}
 	- libphp-phpmailer 5.2.14+dfsg-1 (bug #807265)
 	NOTE: https://github.com/PHPMailer/PHPMailer/commit/6687a96a18b8f12148881e4ddde795ae477284b0 (v5.2.14)
-CVE-2015-8474
+CVE-2015-8474 (Open redirect vulnerability in the valid_back_url function in app/cont ...)
 	{DSA-3529-1}
 	- redmine 3.2.0-1 (bug #807272)
 	[squeeze] - redmine <end-of-life> (Redmine not supported because of rails)
@@ -2896,7 +2896,7 @@ CVE-2015-8474
 	NOTE: upstream fixed in 2.6.7, 3.0.5 and 3.1.1
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/04/1
 	NOTE: depends on the CVE-2014-1985 fix first
-CVE-2015-8473
+CVE-2015-8473 (The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x  ...)
 	{DSA-3529-1}
 	- redmine 3.2.0-1 (bug #807345)
 	[squeeze] - redmine <not-affected> (code dates from the API changes introduced in 735a83c, part of 1.1)
@@ -2913,141 +2913,141 @@ CVE-2015-8463
 	RESERVED
 CVE-2015-8462
 	RESERVED
-CVE-2015-8461
+CVE-2015-8461 (Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P ...)
 	- bind9 <not-affected> (Only affects 9.9.8 -> 9.9.8-P1, 9.9.8-S1 -> 9.9.8-S2, 9.10.3 -> 9.10.3-P1)
 	NOTE: https://kb.isc.org/article/AA-01319
-CVE-2015-8460
+CVE-2015-8460 (Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8459
+CVE-2015-8459 (Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8458
+CVE-2015-8458 (Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x ...)
 	NOT-FOR-US: Adobe
-CVE-2015-8457
+CVE-2015-8457 (Stack-based buffer overflow in Adobe Flash Player before 18.0.0.268 an ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8456
+CVE-2015-8456 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8455
+CVE-2015-8455 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8454
+CVE-2015-8454 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8453
+CVE-2015-8453 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8452
+CVE-2015-8452 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8451
+CVE-2015-8451 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8450
+CVE-2015-8450 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8449
+CVE-2015-8449 (Use-after-free vulnerability in the MovieClip object implementation in ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8448
+CVE-2015-8448 (Use-after-free vulnerability in the DisplacementMapFilter object imple ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8447
+CVE-2015-8447 (Use-after-free vulnerability in the Color object implementation in Ado ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8446
+CVE-2015-8446 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8445
+CVE-2015-8445 (Integer overflow in the Shader filter implementation in Adobe Flash Pl ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8444
+CVE-2015-8444 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8443
+CVE-2015-8443 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8442
+CVE-2015-8442 (Use-after-free vulnerability in the MovieClip object implementation in ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8441
+CVE-2015-8441 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8440
+CVE-2015-8440 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8439
+CVE-2015-8439 (The SharedObject object implementation in Adobe Flash Player before 18 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8438
+CVE-2015-8438 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8437
+CVE-2015-8437 (Use-after-free vulnerability in the Selection object implementation in ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8436
+CVE-2015-8436 (Use-after-free vulnerability in the PrintJob object implementation in  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8435
+CVE-2015-8435 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8434
+CVE-2015-8434 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8433
+CVE-2015-8433 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8432
+CVE-2015-8432 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8431
+CVE-2015-8431 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8430
+CVE-2015-8430 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8429
+CVE-2015-8429 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8428
+CVE-2015-8428 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8427
+CVE-2015-8427 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8426
+CVE-2015-8426 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8425
+CVE-2015-8425 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8424
+CVE-2015-8424 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8423
+CVE-2015-8423 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8422
+CVE-2015-8422 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8421
+CVE-2015-8421 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8420
+CVE-2015-8420 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8419
+CVE-2015-8419 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8418
+CVE-2015-8418 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8417
+CVE-2015-8417 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8416
+CVE-2015-8416 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8415
+CVE-2015-8415 (Buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8414
+CVE-2015-8414 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8413
+CVE-2015-8413 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8412
+CVE-2015-8412 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8411
+CVE-2015-8411 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8410
+CVE-2015-8410 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8409
+CVE-2015-8409 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8408
+CVE-2015-8408 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8407
+CVE-2015-8407 (Stack-based buffer overflow in Adobe Flash Player before 18.0.0.268 an ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8406
+CVE-2015-8406 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8405
+CVE-2015-8405 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8404
+CVE-2015-8404 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8403
+CVE-2015-8403 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8402
+CVE-2015-8402 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8401
+CVE-2015-8401 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8399
+CVE-2015-8399 (Atlassian Confluence before 5.8.17 allows remote authenticated users t ...)
 	NOT-FOR-US: Atlassian Confluence
-CVE-2015-8398
+CVE-2015-8398 (Cross-site scripting (XSS) vulnerability in Atlassian Confluence befor ...)
 	NOT-FOR-US: Atlassian Confluence
-CVE-2015-8397
+CVE-2015-8397 (The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gd ...)
 	- gdcm 2.6.2-1
 	[jessie] - gdcm 2.4.4-3+deb8u1
 	[wheezy] - gdcm <not-affected> (Vulnerable code not present)
 	[squeeze] - gdcm <not-affected> (Vulnerable code not present)
 	NOTE: http://census-labs.com/news/2016/01/11/gdcm-out-bounds-read-jpeglscodec-decodeextent/
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/
-CVE-2015-8396
+CVE-2015-8396 (Integer overflow in the ImageRegionReader::ReadIntoBuffer function in  ...)
 	- gdcm 2.6.2-1
 	[jessie] - gdcm 2.4.4-3+deb8u1
 	[wheezy] - gdcm <no-dsa> (Minor issue)
@@ -3057,18 +3057,18 @@ CVE-2015-8396
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/92cd6d7fe0d01c61cf68ac4ef65ef388ee252415/
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/9cbca25ff7f20c432b61eb9f4cae43a946502b66/
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/e0dd1114c82d372dd905c029ddbee4e81ed01a89/
-CVE-2015-8379
+CVE-2015-8379 (CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypas ...)
 	- cakephp 2.8.0-1 (bug #832316)
 	[jessie] - cakephp <no-dsa> (Minor issue)
 	[wheezy] - cakephp <not-affected> (vulnerable code not present)
 	NOTE: http://karmainsecurity.com/KIS-2016-01
 	NOTE: https://github.com/cakephp/cakephp/commit/0f818a23a876c01429196bf7623e1e94a50230f0
-CVE-2015-8400
+CVE-2015-8400 (The HTTPS fallback implementation in Shell In A Box (aka shellinabox)  ...)
 	- shellinabox 2.19
 	[jessie] - shellinabox <no-dsa> (Minor issue)
 	[wheezy] - shellinabox <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/02/6
-CVE-2015-8377
+CVE-2015-8377 (SQL injection vulnerability in the host_new_graphs_save function in gr ...)
 	{DSA-3494-1 DLA-374-1}
 	- cacti 0.8.8f+ds1-4
 	NOTE: http://bugs.cacti.net/view.php?id=2655
@@ -3080,9 +3080,9 @@ CVE-2015-XXXX [Avoid unbounded SFTP extended attribute key/values]
 	[squeeze] - proftpd-dfsg <not-affected> (Vulnerable code not present)
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4210
 	NOTE: https://github.com/proftpd/proftpd/pull/171
-CVE-2015-8376
+CVE-2015-8376 (Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2. ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-8373
+CVE-2015-8373 (The kea-dhcp4 and kea-dhcp6 servers 0.9.2 and 1.0.0-beta in ISC Kea, w ...)
 	- isc-kea <not-affected> (Fixed before the initial version uploaded to Debian)
 CVE-2015-8372
 	RESERVED
@@ -3090,24 +3090,24 @@ CVE-2015-8371 [Composer Cache Injection vulnerability]
 	RESERVED
 	- composer 1.0.0~alpha11-3
 	NOTE: http://flyingmana.de/blog_en/2016/02/14/composer_cache_injection_vulnerability_cve_2015_8371.html
-CVE-2015-8370
+CVE-2015-8370 (Multiple integer underflows in Grub2 1.98 through 2.02 allow physicall ...)
 	{DSA-3421-1 DLA-368-1}
 	- grub2 2.02~beta2-33 (bug #807614)
 	NOTE: https://twitter.com/lostinsecurity/status/674925944524640257
 	NOTE: http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html
-CVE-2015-8369
+CVE-2015-8369 (SQL injection vulnerability in include/top_graph_header.php in Cacti 0 ...)
 	{DSA-3423-1 DLA-374-1}
 	- cacti 0.8.8f+ds1-3 (bug #807599)
 	NOTE: http://bugs.cacti.net/view.php?id=2646
-CVE-2015-8378
+CVE-2015-8378 (In KeePassX before 0.4.4, a cleartext copy of password data is created ...)
 	- keepassx 0.4.3+dfsg-1 (bug #791858)
 	[jessie] - keepassx 0.4.3+dfsg-0.1+deb8u1
 	[wheezy] - keepassx <no-dsa> (Minor issue)
 	[squeeze] - keepassx <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/30/4
-CVE-2015-8375
+CVE-2015-8375 (Cross-site scripting (XSS) vulnerability in PHP-Fusion 9. ...)
 	NOT-FOR-US: PHP-Fusion
-CVE-2015-8368
+CVE-2015-8368 (ntopng (aka ntop) before 2.2 allows remote authenticated users to chan ...)
 	- ntopng 2.2+dfsg1-1 (bug #816190)
 	[jessie] - ntopng <no-dsa> (Minor issue)
 	NOTE: fixed upstream in 2.2
@@ -3166,7 +3166,7 @@ CVE-2015-8366 [Index overflow in smal_decode_segment]
 	[jessie] - xbmc <not-affected> (Transitional dummy package)
 	[wheezy] - xbmc <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2
-CVE-2015-8365
+CVE-2015-8365 (The smka_decode_frame function in libavcodec/smacker.c in FFmpeg befor ...)
 	{DSA-4012-1 DLA-1142-1}
 	- ffmpeg 7:2.8.3-1 (bug #806519)
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -3174,46 +3174,46 @@ CVE-2015-8365
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4a9af07a49295e014b059c1ab624c40345af5892
 	NOTE: fix for the libav 11.9 branch: https://git.libav.org/?p=libav.git;a=commit;h=v11.9-5-g88762a0
 	NOTE: fix for the libav 0.8 branch: https://git.libav.org/?p=libav.git;a=commit;h=9fba59f471725e5235d5378e795ebf8b59472817
-CVE-2015-8364
+CVE-2015-8364 (Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi. ...)
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.3-1 (bug #806519)
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=df91aa034b82b77a3c4e01791f4a2b2ff6c82066
-CVE-2015-8363
+CVE-2015-8363 (The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in ...)
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.3-1 (bug #806519)
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=44a7f17d0b20e6f8d836b2957e3e357b639f19a2
-CVE-2015-8362
+CVE-2015-8362 (The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices b ...)
 	NOT-FOR-US: Harman AMX
-CVE-2015-8361
+CVE-2015-8361 (Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.1 ...)
 	NOT-FOR-US: Atlassian
-CVE-2015-8360
+CVE-2015-8360 (An unspecified resource in Atlassian Bamboo before 5.9.9 and 5.10.x be ...)
 	NOT-FOR-US: Atlassian
 CVE-2015-8359
 	RESERVED
-CVE-2015-8358
+CVE-2015-8358 (Directory traversal vulnerability in the bitrix.mpbuilder module befor ...)
 	NOT-FOR-US: Bitrix
-CVE-2015-8357
+CVE-2015-8357 (Directory traversal vulnerability in the bitrix.xscan module before 1. ...)
 	NOT-FOR-US: Bitrix
-CVE-2015-8356
+CVE-2015-8356 (Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 a ...)
 	NOT-FOR-US: Bitrix
-CVE-2015-8355
+CVE-2015-8355 (Multiple SQL injection vulnerabilities in the orion.extfeedbackform mo ...)
 	NOT-FOR-US: Bitrix
-CVE-2015-8354
+CVE-2015-8354 (Cross-site scripting (XSS) vulnerability in the Ultimate Member WordPr ...)
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2015-8353
+CVE-2015-8353 (Cross-site scripting (XSS) vulnerability in the Role Scoper plugin bef ...)
 	NOT-FOR-US: WordPress plugin role-scoper
-CVE-2015-8352
+CVE-2015-8352 (Directory traversal vulnerability in Zen Cart 1.5.4 allows remote atta ...)
 	NOT-FOR-US: Zen Cart
-CVE-2015-8351
+CVE-2015-8351 (PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin ...)
 	NOT-FOR-US: WordPress plugin gwolle-gb
-CVE-2015-8350
+CVE-2015-8350 (Multiple cross-site scripting (XSS) vulnerabilities in the Calls to Ac ...)
 	NOT-FOR-US: WordPress plugin cta
-CVE-2015-8349
+CVE-2015-8349 (Cross-site scripting (XSS) vulnerability in SourceBans before 2.0 pre- ...)
 	NOT-FOR-US: SourceBeans
 CVE-2015-8348
 	RESERVED
@@ -3225,29 +3225,29 @@ CVE-2015-8343
 	RESERVED
 CVE-2015-8342
 	REJECTED
-CVE-2015-8341
+CVE-2015-8341 (The libxl toolstack library in Xen 4.1.x through 4.6.x does not proper ...)
 	{DSA-3519-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[wheezy] - xen <no-dsa> (Minor issue, xl not used in wheezy)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-160.html
-CVE-2015-8340
+CVE-2015-8340 (The memory_exchange function in common/memory.c in Xen 3.2.x through 4 ...)
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-159.html
-CVE-2015-8339
+CVE-2015-8339 (The memory_exchange function in common/memory.c in Xen 3.2.x through 4 ...)
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-159.html
-CVE-2015-8338
+CVE-2015-8338 (Xen 4.6.x and earlier does not properly enforce limits on page order i ...)
 	{DSA-3633-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[wheezy] - xen <not-affected> (Only affects Xen on arm)
 	[squeeze] - xen <not-affected> (Only affects Xen on arm)
 	NOTE: http://xenbits.xen.org/xsa/advisory-158.html
-CVE-2015-8374
+CVE-2015-8374 (fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compresse ...)
 	- linux 4.2.6-2
 	[jessie] - linux 3.16.7-ckt20-1+deb8u1
 	[wheezy] - linux 3.2.78-1
@@ -3258,39 +3258,39 @@ CVE-2015-8374
 	NOTE: CVE assignment for the vulnerability with the impact of "User B now
 	NOTE: gets to see the 1000 bytes that user A truncated from its file before
 	NOTE: it made its file world readable"
-CVE-2015-8337
+CVE-2015-8337 (The HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA- ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8336
+CVE-2015-8336 (Huawei FusionCompute with software before V100R005C10SPC700 allows rem ...)
 	NOT-FOR-US: Huawei FusionCompute
-CVE-2015-8335
+CVE-2015-8335 (Huawei VCN500 with software before V100R002C00SPC201 logs passwords in ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8334
+CVE-2015-8334 (SQL injection vulnerability in the Operation and Maintenance Unit (OMU ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8333
+CVE-2015-8333 (The Operation and Maintenance Unit (OMU) in Huawei VCN500 with softwar ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8332
+CVE-2015-8332 (Huawei Video Content Management (VCM) before V100R001C10SPC001 does no ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8331
+CVE-2015-8331 (The Operation and Maintenance Unit (OMU) in Huawei VCN500 with softwar ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8330
+CVE-2015-8330 (The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers  ...)
 	NOT-FOR-US: SAP
-CVE-2015-8329
+CVE-2015-8329 (SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII ...)
 	NOT-FOR-US: SAP
-CVE-2015-8328
+CVE-2015-8328 (Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU ...)
 	- nvidia-graphics-drivers <not-affected> (Windows only)
-CVE-2015-8327
+CVE-2015-8327 (Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-f ...)
 	{DSA-3429-1 DSA-3411-1 DLA-365-1}
 	- cups-filters 1.2.0-1
 	[wheezy] - cups-filters <not-affected> (Vulnerable code not present; introduced in 1.0.42)
 	- foomatic-filters 4.0.17-7 (bug #806886)
-CVE-2015-8325
+CVE-2015-8325 (The do_setup_env function in session.c in sshd in OpenSSH through 7.2p ...)
 	{DSA-3550-1}
 	- openssh 1:7.2p2-3
 	NOTE: Upstream fix: https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755
 CVE-2015-XXXX [RCE in gitlab-shell 2.6.6-2.6.7]
 	- gitlab-shell <not-affected> (Only affects version 2.6.6-2.6.7)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/11/25/5
-CVE-2015-8345
+CVE-2015-8345 (The eepro100 emulator in QEMU qemu-kvm blank allows local guest users  ...)
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-1 (bug #806373)
 	[jessie] - qemu <no-dsa> (Minor issue, can be fixed along in a later DSA)
@@ -3302,7 +3302,7 @@ CVE-2015-8345
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/25/3
-CVE-2015-8346
+CVE-2015-8346 (app/views/timelog/_form.html.erb in Redmine before 2.6.8, 3.0.x before ...)
 	{DSA-3529-1 DLA-351-1}
 	- redmine 3.2.0-1 (bug #806376)
 	[wheezy] - redmine <end-of-life> (Redmine not supported because of rails)
@@ -3323,16 +3323,16 @@ CVE-2015-XXXX [Insecure permissions for backup directory]
 	NOTE: Workaround entry for DLA-390-1 (since no CVE for this issue)
 CVE-2015-8323
 	RESERVED
-CVE-2015-8322
+CVE-2015-8322 (NetApp OnCommand System Manager 8.3.x before 8.3.2 allows remote authe ...)
 	NOT-FOR-US: NetApp
-CVE-2015-8326
+CVE-2015-8326 (The IPTables-Parse module before 1.6 for Perl allows local users to wr ...)
 	- libiptables-parse-perl 1.6-1
 	[jessie] - libiptables-parse-perl 1.1-1+deb8u1
 	[wheezy] - libiptables-parse-perl 1.1-1+deb7u1
 	[squeeze] - libiptables-parse-perl <no-dsa> (Minor issue)
 	NOTE: https://github.com/mtrmac/IPTables-Parse/commit/b400b976d81140f6971132e94eb7657b5b0a2b87
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/24/6
-CVE-2015-8381
+CVE-2015-8381 (The compile_regex function in pcre_compile.c in PCRE before 8.38 and p ...)
 	- pcre3 2:8.38-1 (bug #796762; bug #795539)
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
@@ -3344,7 +3344,7 @@ CVE-2015-8381
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/05/3
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1585
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1250943
-CVE-2015-8380
+CVE-2015-8380 (The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a ...)
 	- pcre3 2:8.38-1 (bug #806467)
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -3359,11 +3359,11 @@ CVE-2015-8380
 	NOTE: https://blog.fuzzing-project.org/29-Heap-Overflow-in-PCRE.html
 CVE-2015-8321
 	RESERVED
-CVE-2015-8319
+CVE-2015-8319 (Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8318
+CVE-2015-8318 (Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8315
+CVE-2015-8315 (The ms package before 0.7.1 for Node.js allows attackers to cause a de ...)
 	- node-ms <not-affected> (Fixed before initial upload to Debian)
 CVE-2015-8314
 	RESERVED
@@ -3373,32 +3373,32 @@ CVE-2015-8313 [fail to check the first byte of the padding in CBC modes]
 	- gnutls28 <not-affected> (Vulnerable code not present)
 	- gnutls26 <removed>
 	NOTE: https://blog.hboeck.de/archives/877-A-little-POODLE-left-in-GnuTLS-old-versions.html
-CVE-2015-8312
+CVE-2015-8312 (Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow  ...)
 	{DSA-3569-1 DLA-493-1}
 	- openafs 1.6.17-1
 	NOTE: http://git.openafs.org/?p=openafs.git;a=commitdiff;h=2ef863720da4d9f368aaca0461c672a3008195ca
 	NOTE: http://rt.central.org/rt/Ticket/Display.html?id=132256
 CVE-2015-8311
 	RESERVED
-CVE-2015-8310
+CVE-2015-8310 (Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 ...)
 	NOT-FOR-US: Cherry Music
-CVE-2015-8309
+CVE-2015-8309 (Directory traversal vulnerability in Cherry Music before 0.36.0 allows ...)
 	NOT-FOR-US: Cherry Music
-CVE-2015-8307
+CVE-2015-8307 (The Graphics driver in Huawei P8 smartphones with software GRA-TL00 be ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8306
+CVE-2015-8306 (Buffer overflow in the HIFI driver in Huawei P8 phones with software G ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8305
+CVE-2015-8305 (Huawei Sophia-L10 smartphones with software before P7-L10C900B852 allo ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8304
+CVE-2015-8304 (Integer overflow in Huawei P7 phones with software before P7-L07 V100R ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8303
+CVE-2015-8303 (Huawei Document Security Management (DSM) with software before V100R00 ...)
 	NOT-FOR-US: Huawei
 CVE-2015-8302
 	RESERVED
 CVE-2015-8301
 	RESERVED
-CVE-2015-8324
+CVE-2015-8324 (The ext4 implementation in the Linux kernel before 2.6.34 does not pro ...)
 	{DLA-360-1}
 	- linux 2.6.37-1
 	- linux-2.6 <removed>
@@ -3406,9 +3406,9 @@ CVE-2015-8324
 	NOTE: https://bugs.openvz.org/browse/OVZ-6541
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1267261
 	NOTE: Commit fixing the issue: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=744692dc059845b2a3022119871846e74d4f6e11 (v2.6.34-rc1)
-CVE-2015-8320
+CVE-2015-8320 (Apache Cordova-Android before 3.7.0 improperly generates random values ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2015-8316
+CVE-2015-8316 (Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16. ...)
 	- lightdm 1.16.6-1
 	[jessie] - lightdm <not-affected> (Affects 1.14.x, 1.16.x and development 1.17.x)
 	[wheezy] - lightdm <not-affected> (Affects 1.14.x, 1.16.x and development 1.17.x)
@@ -3416,11 +3416,11 @@ CVE-2015-8316
 	NOTE: https://bugs.launchpad.net/lightdm/+bug/15168
 	NOTE: https://bazaar.launchpad.net/~lightdm-team/lightdm/1.14/revision/2166 (1.14.x)
 	NOTE: https://bazaar.launchpad.net/~lightdm-team/lightdm/1.16/revision/2207 (1.16.x)
-CVE-2015-8300
+CVE-2015-8300 (Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: F ...)
 	NOT-FOR-US: Polycom BToE Connector
-CVE-2015-8299
+CVE-2015-8299 (Buffer overflow in the Group messages monitor (Falcon) in KNX ETS 4.1. ...)
 	NOT-FOR-US: Falcon
-CVE-2015-8298
+CVE-2015-8298 (Multiple SQL injection vulnerabilities in the login page in RXTEC RXAd ...)
 	NOT-FOR-US: RXTEC
 CVE-2015-8297
 	REJECTED
@@ -3438,41 +3438,41 @@ CVE-2015-8291
 	REJECTED
 CVE-2015-8290
 	REJECTED
-CVE-2015-8289
+CVE-2015-8289 (The password-recovery feature on NETGEAR D3600 devices with firmware 1 ...)
 	NOT-FOR-US: Netgear routers
-CVE-2015-8288
+CVE-2015-8288 (NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with fi ...)
 	NOT-FOR-US: Netgear routers
-CVE-2015-8287
+CVE-2015-8287 (Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM ...)
 	NOT-FOR-US: Swann
-CVE-2015-8286
+CVE-2015-8286 (Zhuhai RaySharp firmware has a hardcoded root password, which makes it ...)
 	NOT-FOR-US: Zhuhai RaySharp
-CVE-2015-8285
+CVE-2015-8285 (The webssx.sys driver in QuickHeal 16.00 allows remote attackers to ca ...)
 	NOT-FOR-US: QuickHeal
-CVE-2015-8284
+CVE-2015-8284 (SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to p ...)
 	NOT-FOR-US: SeaWell Networks Spectrum
-CVE-2015-8283
+CVE-2015-8283 (Directory traversal vulnerability in configure_manage.php in SeaWell N ...)
 	NOT-FOR-US: SeaWell Networks Spectrum
-CVE-2015-8282
+CVE-2015-8282 (SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admi ...)
 	NOT-FOR-US: SeaWell Networks Spectrum
-CVE-2015-8281
+CVE-2015-8281 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to  ...)
 	NOT-FOR-US: Samsung
-CVE-2015-8280
+CVE-2015-8280 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attack ...)
 	NOT-FOR-US: Samsung
-CVE-2015-8279
+CVE-2015-8279 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attack ...)
 	NOT-FOR-US: Samsung
 CVE-2015-8278
 	RESERVED
-CVE-2015-8277
+CVE-2015-8277 (Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in Flexer ...)
 	NOT-FOR-US: Flexera FlexNet Publisher
-CVE-2015-8276
+CVE-2015-8276 (LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow atta ...)
 	NOT-FOR-US: LVRTC eParakstitajs
-CVE-2015-8275
+CVE-2015-8275 (LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow atta ...)
 	NOT-FOR-US: LVRTC eParakstitajs
 CVE-2015-8274
 	RESERVED
 CVE-2015-8273
 	RESERVED
-CVE-2015-8272
+CVE-2015-8272 (RTMPDump 2.4 allows remote attackers to trigger a denial of service (N ...)
 	{DSA-3850-1 DLA-917-1}
 	- rtmpdump 2.4+20151223.gitfa8646d.1-1
 	NOTE: http://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/4312322107a94c81d3ec5b98f91bc6b923551dc5
@@ -3480,7 +3480,7 @@ CVE-2015-8272
 	NOTE: Correct Debian version would have been 2.4+20151223.gitfa8646d-1 but due
 	NOTE: to missing upstream source import the fixes are really only present in
 	NOTE: 2.4+20151223.gitfa8646d.1-1
-CVE-2015-8271
+CVE-2015-8271 (The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTM ...)
 	{DSA-3850-1 DLA-917-1}
 	- rtmpdump 2.4+20151223.gitfa8646d.1-1
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0067/
@@ -3489,7 +3489,7 @@ CVE-2015-8271
 	NOTE: Correct Debian version would have been 2.4+20151223.gitfa8646d-1 but due
 	NOTE: to missing upstream source import the fixes are really only present in
 	NOTE: 2.4+20151223.gitfa8646d.1-1
-CVE-2015-8270
+CVE-2015-8270 (The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTM ...)
 	{DSA-3850-1 DLA-917-1}
 	- rtmpdump 2.4+20151223.gitfa8646d.1-1
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0066/
@@ -3497,51 +3497,51 @@ CVE-2015-8270
 	NOTE: Correct Debian version would have been 2.4+20151223.gitfa8646d-1 but due
 	NOTE: to missing upstream source import the fixes are really only present in
 	NOTE: 2.4+20151223.gitfa8646d.1-1
-CVE-2015-8269
+CVE-2015-8269 (The API on Fisher-Price Smart Toy Bear devices allows remote attackers ...)
 	NOT-FOR-US: Fisher-Price
-CVE-2015-8268
+CVE-2015-8268 (The up.time agent in Idera Uptime Infrastructure Monitor 7.5 and 7.6 o ...)
 	NOT-FOR-US: Idera Uptime Infrastructure Monitor
-CVE-2015-8267
+CVE-2015-8267 (The PasswordReset.Controllers.ResetController.ChangePasswordIndex meth ...)
 	NOT-FOR-US: Dovestones
 CVE-2015-8266
 	RESERVED
-CVE-2015-8265
+CVE-2015-8265 (Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V20 ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8264
+CVE-2015-8264 (Untrusted search path vulnerability in F-Secure Online Scanner allows  ...)
 	NOT-FOR-US: F-Secure Online Scanner
-CVE-2015-8263
+CVE-2015-8263 (NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source p ...)
 	NOT-FOR-US: NETGEAR
-CVE-2015-8262
+CVE-2015-8262 (Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an  ...)
 	NOT-FOR-US: BUFFALO
-CVE-2015-8261
+CVE-2015-8261 (The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold ...)
 	NOT-FOR-US: Ipswitch
 CVE-2015-8260
 	RESERVED
 CVE-2015-8259
 	RESERVED
-CVE-2015-8258
+CVE-2015-8258 (AXIS Communications products with firmware through 5.80.x allow remote ...)
 	NOT-FOR-US: AXIS Communications
-CVE-2015-8257
+CVE-2015-8257 (The devtools.sh script in AXIS network cameras allows remote authentic ...)
 	NOT-FOR-US: Axis network cameras
-CVE-2015-8256
+CVE-2015-8256 (Multiple cross-site scripting (XSS) vulnerabilities in Axis network ca ...)
 	NOT-FOR-US: Axis network cameras
-CVE-2015-8255
+CVE-2015-8255 (AXIS Communications products allow CSRF, as demonstrated by admin/pwdg ...)
 	NOT-FOR-US: AXIS Communications
-CVE-2015-8254
+CVE-2015-8254 (The Frontel protocol before 3 on RSI Video Technologies Videofied devi ...)
 	NOT-FOR-US: Frontel
-CVE-2015-8253
+CVE-2015-8253 (The Frontel protocol before 3 on RSI Video Technologies Videofied devi ...)
 	NOT-FOR-US: Frontel
-CVE-2015-8252
+CVE-2015-8252 (The Frontel protocol before 3 on RSI Video Technologies Videofied devi ...)
 	NOT-FOR-US: Frontel
-CVE-2015-8251
+CVE-2015-8251 (OpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, 20E ...)
 	NOT-FOR-US: OpenStage
 CVE-2015-8250
 	RESERVED
-CVE-2015-8249
+CVE-2015-8249 (The FileUploadServlet class in ManageEngine Desktop Central 9 before b ...)
 	NOT-FOR-US: ManageEngine Desktop Central
 CVE-2015-8248
 	REJECTED
-CVE-2015-8247
+CVE-2015-8247 (Cross-site scripting (XSS) vulnerability in synnefoclient in Synnefo I ...)
 	NOT-FOR-US: Synnefo
 CVE-2015-8246
 	RESERVED
@@ -3561,7 +3561,7 @@ CVE-2015-XXXX [Missing bounds checking and verification of data type causes segf
 	- libmaxminddb 1.1.5-1 (bug #805657)
 	NOTE: https://github.com/maxmind/libmaxminddb/commit/51255f113fe3c7b63ffe957636a7656a3ff9d1ff
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283919
-CVE-2015-8308
+CVE-2015-8308 (LXDM before 0.5.2 did not start X server with -auth, which allows loca ...)
 	- lxdm 0.5.3-1 (bug #805659)
 	NOTE: http://git.lxde.org/gitweb/?p=lxde/lxdm.git;a=commitdiff;h=e8f387089e241360bdc6955d3e479450722dcea3
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1268900
@@ -3569,47 +3569,47 @@ CVE-2015-8308
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/20/2
 CVE-2015-8243
 	RESERVED
-CVE-2015-8240
+CVE-2015-8240 (The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, A ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2015-8238
 	RESERVED
 CVE-2015-8237
 	RESERVED
-CVE-2015-8236
+CVE-2015-8236 (Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M,  ...)
 	NOT-FOR-US: Arista EOS
-CVE-2015-8235
+CVE-2015-8235 (Directory traversal vulnerability in Spiffy before 5.4. ...)
 	- chicken 4.10.0-1
 	[jessie] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
-CVE-2015-8233
+CVE-2015-8233 (Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x bef ...)
 	NOT-FOR-US: Drupal theme
-CVE-2015-8232
+CVE-2015-8232 (The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not prope ...)
 	NOT-FOR-US: Drupal theme
-CVE-2015-8231
+CVE-2015-8231 (Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00 ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8230
+CVE-2015-8230 (Memory leak in Huawei eSpace 8950 IP phones with software before V200R ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8229
+CVE-2015-8229 (Huawei eSpace U2980 unified gateway with software before V100R001C10 a ...)
 	NOT-FOR-US: Huawai
-CVE-2015-8228
+CVE-2015-8228 (Directory traversal vulnerability in the SFTP server in Huawei AR 120, ...)
 	NOT-FOR-US: Huawai
-CVE-2015-8227
+CVE-2015-8227 (The built-in web server in Huawei VP9660 multi-point control unit with ...)
 	NOT-FOR-US: Huawai
-CVE-2015-8226
+CVE-2015-8226 (The Joint Photographic Experts Group Processing Unit (JPU) driver in H ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8225
+CVE-2015-8225 (The Joint Photographic Experts Group Processing Unit (JPU) driver in H ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8224
+CVE-2015-8224 (Huawei P8 before GRA-CL00C92B210, before GRA-L09C432B200, before GRA-T ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8223
+CVE-2015-8223 (Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8222
+CVE-2015-8222 (The lxd-unix.socket systemd unit file in the Ubuntu lxd package before ...)
 	- lxd <itp> (bug #768073)
-CVE-2015-8221
+CVE-2015-8221 (Integer overflow in Google Picasa before 3.9.140 Build 259 allows remo ...)
 	NOT-FOR-US: Google Picasa
-CVE-2015-8220
+CVE-2015-8220 (Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWi ...)
 	NOT-FOR-US: SolarWinds remote control
-CVE-2015-8242
+CVE-2015-8242 (The xmlSAX2TextNode function in SAX2.c in the push interface in the HT ...)
 	- libxml2 2.9.3+dfsg1-1 (bug #805146)
 	[jessie] - libxml2 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - libxml2 <not-affected> (Vulnerable code introduced later)
@@ -3617,29 +3617,29 @@ CVE-2015-8242
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756372
 	NOTE: Introduced by: https://git.gnome.org/browse/libxml2/commit/?id=826bc320206f70fccd2941a77d363e95e8076898 (v2.9.2-rc1)
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2 (v2.9.3)
-CVE-2015-8241
+CVE-2015-8241 (The xmlNextChar function in libxml2 2.9.2 does not properly check the  ...)
 	{DSA-3430-1 DLA-355-1}
 	- libxml2 2.9.3+dfsg1-1 (bug #806384)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756263
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe
 	NOTE: Introduced/Uncovered by https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 (fix for CVE-2015-7941)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/17/5
-CVE-2015-8239
+CVE-2015-8239 (The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 all ...)
 	- sudo 1.8.17p1-1 (bug #805563)
 	[jessie] - sudo <no-dsa> (Minor issue)
 	[wheezy] - sudo <not-affected> (Command digests are only supported by version 1.8.7 or higher)
 	[squeeze] - sudo <not-affected> (Command digests are only supported by version 1.8.7 or higher)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/10/2
-CVE-2015-8234
+CVE-2015-8234 (The image signature algorithm in OpenStack Glance 11.0.0 allows remote ...)
 	- glance <unfixed> (unimportant)
-CVE-2015-8219
+CVE-2015-8219 (The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2. ...)
 	- ffmpeg 7:2.8.2-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=43492ff3ab68a343c1264801baa1d5a02de10167
-CVE-2015-8218
+CVE-2015-8218 (The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg be ...)
 	- ffmpeg 7:2.8.2-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable feature not present)
@@ -3647,7 +3647,7 @@ CVE-2015-8218
 	NOTE: Vulnerability affects G3{1, 2}D code extensions feature, which is not present
 	NOTE: in libav 0.8 and 9. branches: https://lists.debian.org/debian-lts/2017/12/msg00011.html
 	NOTE: 11.x features G3 support, but the vulnerable code was introduced later
-CVE-2015-8217
+CVE-2015-8217 (The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg befor ...)
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.2-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
@@ -3655,28 +3655,28 @@ CVE-2015-8217
 	[jessie] - libav <not-affected> (Contains a similar code block like the one referenced by the ffmpeg commit)
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=93f30f825c08477fe8f76be00539e96014cc83c8
-CVE-2015-8216
+CVE-2015-8216 (The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg  ...)
 	{DLA-1611-1}
 	- ffmpeg 7:2.8.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commit;h=d24888ef19ba38b787b11d1ee091a3d94920c76a
 	NOTE: patch does not apply cleanly in jessie's libav, possibly needs some brainwork
-CVE-2015-8215
+CVE-2015-8215 (net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 d ...)
 	{DSA-3364-1 DLA-310-1}
 	- linux 4.0.2-1
 	- linux-2.6 <removed>
 	NOTE: Patch for the kernel to harden against invalid MTUs: http://article.gmane.org/gmane.linux.network/351269
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77751427a1ff25b27d47a4c36b12c3c8667855ac (v4.0-rc3)
-CVE-2015-8214
+CVE-2015-8214 (Siemens SIMATIC CP 343-1 Advanced devices before 3.0.44, CP 343-1 Lean ...)
 	NOT-FOR-US: Siemens
-CVE-2015-8213
+CVE-2015-8213 (The get_format function in utils/formats.py in Django before 1.7.x bef ...)
 	{DSA-3404-1 DLA-349-1}
 	- python-django 1.8.7-1
 	NOTE: https://github.com/django/django/commit/316bc3fc9437c5960c24baceb93c73f1939711e4 (master)
 	NOTE: https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172 (1.7.x)
 	NOTE: https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/
-CVE-2015-8212
+CVE-2015-8212 (CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 throug ...)
 	{DLA-490-1}
 	- bozohttpd <removed>
 	NOTE: FIX http://cvsweb.netbsd.org/bsdweb.cgi/src/libexec/httpd/bozohttpd.c.diff?r1=1.79&r2=1.80&only_with_tag=MAIN
@@ -3787,30 +3787,30 @@ CVE-2015-8160
 	RESERVED
 CVE-2015-8159
 	RESERVED
-CVE-2015-8158
+CVE-2015-8158 (The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4. ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2948
-CVE-2015-8157
+CVE-2015-8157 (SQL injection vulnerability in the Management Server in Symantec Embed ...)
 	NOT-FOR-US: Symantec
-CVE-2015-8156
+CVE-2015-8156 (Unquoted Windows search path vulnerability in EEDService in Symantec E ...)
 	NOT-FOR-US: Symantec
 CVE-2015-8155
 	REJECTED
-CVE-2015-8154
+CVE-2015-8154 (The SysPlant.sys driver in the Application and Device Control (ADC) co ...)
 	NOT-FOR-US: Symantec
-CVE-2015-8153
+CVE-2015-8153 (SQL injection vulnerability in Symantec Endpoint Protection Manager (S ...)
 	NOT-FOR-US: Symantec
-CVE-2015-8152
+CVE-2015-8152 (Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint P ...)
 	NOT-FOR-US: Symantec
-CVE-2015-8151
+CVE-2015-8151 (Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows  ...)
 	NOT-FOR-US: Symantec
-CVE-2015-8150
+CVE-2015-8150 (Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows  ...)
 	NOT-FOR-US: Symantec
-CVE-2015-8149
+CVE-2015-8149 (The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 ...)
 	NOT-FOR-US: Symantec
-CVE-2015-8148
+CVE-2015-8148 (The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 ...)
 	NOT-FOR-US: Symantec
 CVE-2015-8145
 	RESERVED
@@ -3822,21 +3822,21 @@ CVE-2015-8142
 	RESERVED
 CVE-2015-8141
 	RESERVED
-CVE-2015-8140
+CVE-2015-8140 (The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to con ...)
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue, no code fix by upstream and mitigation exists)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2947
 	NOTE: Mitigated in 4.2.8p6
-CVE-2015-8139
+CVE-2015-8139 (ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin ti ...)
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue, no code fix by upstream and mitigation exists)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2946
 	NOTE: Mitigated in 4.2.8p6
-CVE-2015-8138
+CVE-2015-8138 (NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to  ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0077/
@@ -3857,7 +3857,7 @@ CVE-2015-8133
 	REJECTED
 CVE-2015-8132
 	REJECTED
-CVE-2015-8131
+CVE-2015-8131 (Cross-site request forgery (CSRF) vulnerability in Elasticsearch Kiban ...)
 	- kibana <itp> (bug #700337)
 CVE-2015-8130
 	RESERVED
@@ -3867,7 +3867,7 @@ CVE-2015-8128
 	RESERVED
 CVE-2015-8127
 	RESERVED
-CVE-2015-8317
+CVE-2015-8317 (The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allow ...)
 	{DSA-3430-1 DLA-355-1}
 	- libxml2 2.9.2+zdfsg1-4
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=751631
@@ -3879,12 +3879,12 @@ CVE-2015-XXXX [Kernel: Unprivileged user can freeze journald]
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/systemd/systemd/issues/1822
 	NOTE: Issue in Linux related to unprivileged CLONE_NEWUSER affecting systemd, but we disable unprivileged use by default
-CVE-2015-8125
+CVE-2015-8125 (Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7 ...)
 	{DSA-3402-1}
 	- symfony 2.7.7+dfsg-1
 	NOTE: http://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service
 	NOTE: https://github.com/symfony/symfony/pull/16630
-CVE-2015-8124
+CVE-2015-8124 (Session fixation vulnerability in the "Remember Me" login feature in S ...)
 	{DSA-3402-1}
 	- symfony 2.7.7+dfsg-1
 	NOTE: http://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature
@@ -3909,23 +3909,23 @@ CVE-2015-8115
 	REJECTED
 CVE-2015-8114
 	REJECTED
-CVE-2015-8113
+CVE-2015-8113 (Untrusted search path vulnerability in the client in Symantec Endpoint ...)
 	NOT-FOR-US: Symantec
 CVE-2015-8112
 	RESERVED
 CVE-2015-8111
 	RESERVED
-CVE-2015-8110
+CVE-2015-8110 (Lenovo System Update (formerly ThinkVantage System Update) before 5.07 ...)
 	NOT-FOR-US: Lenovo
-CVE-2015-8109
+CVE-2015-8109 (Lenovo System Update (formerly ThinkVantage System Update) before 5.07 ...)
 	NOT-FOR-US: Lenovo
-CVE-2015-8108
+CVE-2015-8108 (The management interface in LenovoEMC EZ Media &amp; Backup (hm3), ix2 ...)
 	NOT-FOR-US: LenovoEMC
-CVE-2015-8107
+CVE-2015-8107 (Format string vulnerability in GNU a2ps 4.14 allows remote attackers t ...)
 	- a2ps 1:4.14-1.2
 	[wheezy] - a2ps <no-dsa> (Minor issue)
 	[squeeze] - a2ps <no-dsa> (Minor issue)
-CVE-2015-8106
+CVE-2015-8106 (Format string vulnerability in the CmdKeywords function in funct1.c in ...)
 	- latex2rtf 2.3.10-1 (unimportant; bug #805398)
 	[wheezy] - latex2rtf <not-affected> (Vulnerable code introduced later)
 	[squeeze] - latex2rtf <not-affected> (Vulnerable code introduced later)
@@ -3933,7 +3933,7 @@ CVE-2015-8106
 	NOTE: http://sourceforge.net/p/latex2rtf/code/1152/tree//trunk/funct1.c?diff=50900fed34309d3c639c868f:1151
 	NOTE: latex2rtf compiled with -D_FORTIFY_SOURCE=2
 	NOTE: Rendered non-exploitable by toolchain hardening
-CVE-2015-8472
+CVE-2015-8472 (Buffer overflow in the png_set_PLTE function in libpng before 1.0.65,  ...)
 	{DSA-3443-1 DLA-410-1 DLA-375-1}
 	- libpng <removed> (bug #807112)
 	- libpng1.6 1.6.20-1 (bug #807112)
@@ -3941,7 +3941,7 @@ CVE-2015-8472
 	NOTE: https://github.com/glennrp/libpng/commit/7e1ca9ceba4e64259863efdd98bab9b55bdc0b9c
 	NOTE: https://github.com/glennrp/libpng/commit/4488a96126bbefda51d07835411d8e847a88b2b7
 	NOTE: https://github.com/glennrp/libpng/commit/ad224c6907e8a274f2679eae4c2e3085fdc7e8c8
-CVE-2015-8126
+CVE-2015-8126 (Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE ...)
 	{DSA-3507-1 DSA-3399-1 DLA-410-1 DLA-343-1}
 	- libpng 1.2.54-1 (bug #805113)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/12/2
@@ -3953,7 +3953,7 @@ CVE-2015-8126
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-8105
+CVE-2015-8105 (Cross-site scripting (XSS) vulnerability in program/js/app.js in Round ...)
 	- roundcube 1.1.3+dfsg.1-1
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
@@ -3968,17 +3968,17 @@ CVE-2015-8102
 	RESERVED
 CVE-2015-8101
 	RESERVED
-CVE-2015-8099
+CVE-2015-8099 (F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2015-8098
+CVE-2015-8098 (F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and 11.6 ...)
 	NOT-FOR-US: BIG-IP
 CVE-2015-8097
 	RESERVED
-CVE-2015-8096
+CVE-2015-8096 (Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allo ...)
 	NOT-FOR-US: Google Picasa
-CVE-2015-8095
+CVE-2015-8095 (The recycle bin feature in the Monster Menus module 7.x-1.21 before 7. ...)
 	NOT-FOR-US: Monster Menus module for Drupal
-CVE-2015-8094
+CVE-2015-8094 (Open redirect vulnerability in Cloudera HUE before 3.10.0 allows remot ...)
 	NOT-FOR-US: Cloudera HUE
 CVE-2015-8093
 	RESERVED
@@ -3986,9 +3986,9 @@ CVE-2015-8092
 	RESERVED
 CVE-2015-8091
 	REJECTED
-CVE-2015-8090
+CVE-2015-8090 (The Web Server component in TIBCO LogLogic Unity before 1.1.1 allows r ...)
 	NOT-FOR-US: TIBCO
-CVE-2015-8104
+CVE-2015-8104 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x thr ...)
 	{DSA-3454-1 DSA-3426-1 DSA-3414-1 DLA-479-1}
 	- linux 4.2.6-2
 	- linux-2.6 <removed>
@@ -4001,30 +4001,30 @@ CVE-2015-8104
 	- virtualbox 5.0.10-dfsg-1
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
-CVE-2015-8100
+CVE-2015-8100 (The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for  ...)
 	- net-snmp <not-affected> (Specific to packaging in OpenBSD)
-CVE-2015-8089
+CVE-2015-8089 (The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8088
+CVE-2015-8088 (Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones  ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8087
+CVE-2015-8087 (Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V80 ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8086
+CVE-2015-8086 (Huawei AR routers with software before V200R007C00SPC100; Quidway S930 ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8085
+CVE-2015-8085 (Huawei AR routers with software before V200R007C00SPC100; Quidway S930 ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8084
+CVE-2015-8084 (Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateway ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8083
+CVE-2015-8083 (An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U19 ...)
 	NOT-FOR-US: Huawei
-CVE-2015-8082
+CVE-2015-8082 (The Login Disable module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x ...)
 	NOT-FOR-US: Login Disable module for Drupal
-CVE-2015-8081
+CVE-2015-8081 (The Field as Block module 7.x-1.x before 7.x-1.4 for Drupal might allo ...)
 	NOT-FOR-US: Field as Block module for Drupal
-CVE-2015-8103
+CVE-2015-8103 (The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625 ...)
 	- jenkins <removed> (bug #804522)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-7501
+CVE-2015-7501 (Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data G ...)
 	- libcommons-collections3-java 3.2.2-1 (unimportant)
 	[jessie] - libcommons-collections3-java 3.2.1-7+deb8u1
 	[wheezy] - libcommons-collections3-java 3.2.1-5+deb7u1
@@ -4046,100 +4046,100 @@ CVE-2015-7501
 	NOTE: https://github.com/apache/commons-collections/commit/3eee44cf63b1ebb0da6925e98b3dcc6ef1e4d610
 	NOTE: https://github.com/apache/commons-collections/commit/78d47d4d098ab814a7a00a0b1c81646b27f050cf
 	NOTE: https://github.com/apache/commons-collections/commit/b2b8f4adc557e4ef1ee2fe5e0ab46866c06ec55b
-CVE-2015-8079
+CVE-2015-8079 (qt5-qtwebkit before 5.4 records private browsing URLs to its favicon d ...)
 	- qtwebkit <unfixed> (unimportant)
 	NOTE: qtwebkit not covered by security support
-CVE-2015-8080
+CVE-2015-8080 (Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x ...)
 	{DSA-3412-1}
 	- redis 2:3.0.5-4 (bug #804419)
 	[wheezy] - redis <not-affected> (Vulnerable code not present)
 	[squeeze] - redis <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/antirez/redis/issues/2855
-CVE-2015-8078
+CVE-2015-8078 (Integer overflow in the index_urlfetch function in imap/index.c in Cyr ...)
 	- cyrus-imapd-2.4 2.4.18-4 (bug #804182)
 	[jessie] - cyrus-imapd-2.4 <not-affected> (Incomplete patch for CVE-2015-8076 not applied)
 	[wheezy] - cyrus-imapd-2.4 <not-affected> (Incomplete patch for CVE-2015-8076 not applied)
 	NOTE: https://cyrus.foundation/cyrus-imapd/commit/?id=6fb6a272171f49c79ba6ab7c6403eb25b39ec1b2
-CVE-2015-8077
+CVE-2015-8077 (Integer overflow in the index_urlfetch function in imap/index.c in Cyr ...)
 	- cyrus-imapd-2.4 2.4.18-4 (bug #804182)
 	[jessie] - cyrus-imapd-2.4 <not-affected> (Incomplete patch for CVE-2015-8076 not applied)
 	[wheezy] - cyrus-imapd-2.4 <not-affected> (Incomplete patch for CVE-2015-8076 not applied)
 	NOTE: https://cyrus.foundation/cyrus-imapd/commit/?id=745e161c834f1eb6d62fc14477f51dae799e1e08
-CVE-2015-8074
+CVE-2015-8074 (mediaserver in Android before 5.1.1 LMY48X allows remote attackers to  ...)
 	NOT-FOR-US: Android
-CVE-2015-8073
+CVE-2015-8073 (mediaserver in Android 4.4 and 5.1 before 5.1.1 LMY48X allows remote a ...)
 	NOT-FOR-US: Android
-CVE-2015-8072
+CVE-2015-8072 (mediaserver in Android 4.4 through 5.x before 5.1.1 LMY48X and 6.0 bef ...)
 	NOT-FOR-US: Android
-CVE-2015-8071
+CVE-2015-8071 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8070
+CVE-2015-8070 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8069
+CVE-2015-8069 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8068
+CVE-2015-8068 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8067
+CVE-2015-8067 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8066
+CVE-2015-8066 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8065
+CVE-2015-8065 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8064
+CVE-2015-8064 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8063
+CVE-2015-8063 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8062
+CVE-2015-8062 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8061
+CVE-2015-8061 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8060
+CVE-2015-8060 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8059
+CVE-2015-8059 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8058
+CVE-2015-8058 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8057
+CVE-2015-8057 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8056
+CVE-2015-8056 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8055
+CVE-2015-8055 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-8054
 	REJECTED
-CVE-2015-8053
+CVE-2015-8053 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2015-8052
+CVE-2015-8052 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2015-8051
+CVE-2015-8051 (The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecifie ...)
 	NOT-FOR-US: Adobe Pemiere Clip
-CVE-2015-8050
+CVE-2015-8050 (Use-after-free vulnerability in the MovieClip object implementation in ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8049
+CVE-2015-8049 (Use-after-free vulnerability in the TextField object implementation in ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8048
+CVE-2015-8048 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8047
+CVE-2015-8047 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8046
+CVE-2015-8046 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8045
+CVE-2015-8045 (Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8044
+CVE-2015-8044 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8043
+CVE-2015-8043 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8042
+CVE-2015-8042 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-8040
+CVE-2015-8040 (The rtsp_getdlsendtime method in the CNC_Ctrl control in Samsung Smart ...)
 	NOT-FOR-US: Samsung SmartViewer
-CVE-2015-8039
+CVE-2015-8039 (Samsung SmartViewer allows remote attackers to execute arbitrary code  ...)
 	NOT-FOR-US: Samsung SmartViewer
-CVE-2015-8038
+CVE-2015-8038 (Multiple cross-site scripting (XSS) vulnerabilities in the Graphical U ...)
 	NOT-FOR-US: Fortinet
-CVE-2015-8037
+CVE-2015-8037 (Multiple cross-site scripting (XSS) vulnerabilities in the Graphical U ...)
 	NOT-FOR-US: Fortinet
-CVE-2015-8036
+CVE-2015-8036 (Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x b ...)
 	{DSA-3468-1}
 	- mbedtls <not-affected> (Fixed before the initial release to Debian)
 	[experimental] - polarssl 1.3.14-0.1
@@ -4148,7 +4148,7 @@ CVE-2015-8036
 	[squeeze] - polarssl <not-affected> (Vulnerable code introduced later)
 	NOTE: support for session tickets added in 1.3.0.
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01
-CVE-2015-8034
+CVE-2015-8034 (The state.sls function in Salt before 2015.8.3 uses weak permissions o ...)
 	- salt 2015.8.3+ds-1 (bug #807356)
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: For jessie: /var/cache/salt/minion is created with restricted permissions on
@@ -4162,7 +4162,7 @@ CVE-2015-8033
 	RESERVED
 CVE-2015-8032
 	RESERVED
-CVE-2015-8035
+CVE-2015-8035 (The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly d ...)
 	{DSA-3430-1}
 	- libxml2 2.9.3+dfsg1-1 (bug #803942)
 	[squeeze] - libxml2 <not-affected> (No LZMA/XZ support in version 2.7.8)
@@ -4173,7 +4173,7 @@ CVE-2015-8035
 	NOTE: '<' not found) even though it does not have the fix yet. The next upstream
 	NOTE: release will fix this issue and will restore XZ support.
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/02/2
-CVE-2015-7984
+CVE-2015-7984 (Multiple cross-site request forgery (CSRF) vulnerabilities in Horde be ...)
 	{DSA-3391-1}
 	- php-horde 5.2.8+debian0-1 (bug #803641)
 	NOTE: https://www.htbridge.com/advisory/HTB23272
@@ -4181,27 +4181,27 @@ CVE-2015-7984
 	NOTE: http://lists.horde.org/archives/dev/Week-of-Mon-20141201/028821.html
 CVE-2015-8031
 	RESERVED
-CVE-2015-8030
+CVE-2015-8030 (SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execu ...)
 	NOT-FOR-US: SAP
-CVE-2015-8029
+CVE-2015-8029 (SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execu ...)
 	NOT-FOR-US: SAP
-CVE-2015-8028
+CVE-2015-8028 (Multiple buffer overflows in SAP 3D Visual Enterprise Viewer (VEV) all ...)
 	NOT-FOR-US: SAP
-CVE-2015-8027
+CVE-2015-8027 (Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 d ...)
 	- nodejs 4.2.3~dfsg-1 (bug #806385)
 	[jessie] - nodejs <not-affected> (0.10 series not affected)
 	NOTE: https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/
-CVE-2015-8024
+CVE-2015-8024 (McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/ ...)
 	NOT-FOR-US: McAfee
-CVE-2015-8023
+CVE-2015-8023 (The server implementation of the EAP-MSCHAPv2 protocol in the eap-msch ...)
 	{DSA-3398-1 DLA-345-1}
 	- strongswan 5.3.3-3
 	NOTE: https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-%28cve-2015-8023%29.html
-CVE-2015-8022
+CVE-2015-8022 (The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM,  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2015-8021
+CVE-2015-8021 (Incomplete blacklist vulnerability in the Configuration utility in F5  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2015-8020
+CVE-2015-8020 (Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default  ...)
 	NOT-FOR-US: Clustered Data ONTAP
 CVE-2015-8018
 	RESERVED
@@ -4213,13 +4213,13 @@ CVE-2015-8015
 	RESERVED
 CVE-2015-8014
 	RESERVED
-CVE-2015-8009
+CVE-2015-8009 (The MWOAuthDataStore::lookup_token function in Extension:OAuth for Med ...)
 	NOT-FOR-US: Mediawiki extension OAuth
-CVE-2015-8008
+CVE-2015-8008 (The OAuth extension for MediaWiki improperly negotiates a new client t ...)
 	NOT-FOR-US: Mediawiki extension OAuth
-CVE-2015-8007
+CVE-2015-8007 (The Echo extension for MediWiki does not properly implement the hideus ...)
 	NOT-FOR-US: Mediawiki extension Echo
-CVE-2015-8006
+CVE-2015-8006 (Cross-site scripting (XSS) vulnerability in the PageTriage toolbar in  ...)
 	NOT-FOR-US: Mediawiki extension PageTriage
 CVE-2015-XXXX [iptables-persistent minor local info leak]
 	- iptables-persistent 1.0.4 (low; bug #764645)
@@ -4232,65 +4232,65 @@ CVE-2015-XXXX
 	[jessie] - cinnamon-settings-daemon 2.2.4.repack-7+deb8u1
 	NOTE: https://github.com/linuxmint/cinnamon-settings-daemon/commit/ac5e0be8c1817616dbdb056b6881cfc4660f57a8
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/28/3
-CVE-2015-8025
+CVE-2015-8025 (driver/subprocs.c in XScreenSaver before 5.34 does not properly perfor ...)
 	{DSA-3438-1 DLA-338-1}
 	- xscreensaver 5.34-1 (bug #802914)
 	NOTE: http://pkgs.fedoraproject.org/cgit/xscreensaver.git/plain/xscreensaver-5.33-0002-Modify-sigchld_hander-in_signal_hander_p-mechanism.patch?id=b57f59f3482fedf70ce7a3541094e2512290139f
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1274452
-CVE-2015-8005
+CVE-2015-8005 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25 ...)
 	- mediawiki 1:1.25.5-1
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T108616
-CVE-2015-8004
+CVE-2015-8004 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25 ...)
 	- mediawiki 1:1.25.5-1
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T95589
-CVE-2015-8003
+CVE-2015-8003 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25 ...)
 	- mediawiki 1:1.25.5-1
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T91850
-CVE-2015-8002
+CVE-2015-8002 (The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x ...)
 	- mediawiki 1:1.25.5-1
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T91205
-CVE-2015-8001
+CVE-2015-8001 (The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x ...)
 	- mediawiki 1:1.25.5-1
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T91203
-CVE-2015-8000
+CVE-2015-8000 (db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3 ...)
 	{DSA-3420-1 DLA-370-1}
 	- bind9 1:9.9.5.dfsg-12.1 (bug #808081)
 	NOTE: https://kb.isc.org/article/AA-01317
-CVE-2015-7999
+CVE-2015-7999 (Multiple SQL injection vulnerabilities in the Administration Web UI se ...)
 	NOT-FOR-US: Citrix
-CVE-2015-7998
+CVE-2015-7998 (The administration UI in Citrix NetScaler Application Delivery Control ...)
 	NOT-FOR-US: Citrix
-CVE-2015-7997
+CVE-2015-7997 (Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API i ...)
 	NOT-FOR-US: Citrix
-CVE-2015-7996
+CVE-2015-7996 (The Nitro API in Citrix NetScaler Application Delivery Controller (ADC ...)
 	NOT-FOR-US: Citrix
-CVE-2015-7994
+CVE-2015-7994 (The SQL interface in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allo ...)
 	NOT-FOR-US: SAP HANA
-CVE-2015-7993
+CVE-2015-7993 (The Extended Application Services (aka XS or XS Engine) in SAP HANA DB ...)
 	NOT-FOR-US: SAP HANA
-CVE-2015-7992
+CVE-2015-7992 (SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticat ...)
 	NOT-FOR-US: SAP HANA
-CVE-2015-7991
+CVE-2015-7991 (The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 (NewDB100_ ...)
 	NOT-FOR-US: SAP HANA
-CVE-2015-7988
+CVE-2015-7988 (The handle_regservice_request function in mDNSResponder before 625.41. ...)
 	NOT-FOR-US: mDNSResponder
-CVE-2015-7987
+CVE-2015-7987 (Multiple buffer overflows in mDNSResponder before 625.41.2 allow remot ...)
 	NOT-FOR-US: mDNSResponder
-CVE-2015-7986
+CVE-2015-7986 (The index server (hdbindexserver) in SAP HANA 1.00.095 allows remote a ...)
 	NOT-FOR-US: SAP
-CVE-2015-7985
+CVE-2015-7985 (Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) f ...)
 	- steam <not-affected> (specific to the steam installor on windows)
-CVE-2015-8019
+CVE-2015-8019 (The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c i ...)
 	- linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/27/11
@@ -4301,33 +4301,33 @@ CVE-2015-7983
 	RESERVED
 CVE-2015-7982
 	RESERVED
-CVE-2015-7980
+CVE-2015-7980 (Cross-site scripting (XSS) vulnerability in the Compass Rose module 6. ...)
 	NOT-FOR-US: Drupal addon Compass Rose
-CVE-2015-7990
+CVE-2015-7990 (Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the ...)
 	{DSA-3396-1 DLA-360-1}
 	- linux 4.2.6-1
 	- linux-2.6 <removed>
 	NOTE: https://lkml.org/lkml/2015/10/16/530
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/27/5
-CVE-2015-7979
+CVE-2015-7979 (NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to  ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2942
 	NOTE: https://github.com/ntp-project/ntp/commit/fe46889f7baa75fc8e6c0fcde87706d396ce1461
-CVE-2015-7978
+CVE-2015-7978 (NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers t ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2940
 	NOTE: https://github.com/ntp-project/ntp/commit/8a0c765f3c47633fa262356b0818788d1cf249b1
-CVE-2015-7977
+CVE-2015-7977 (ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attac ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2939
 	NOTE: https://github.com/ntp-project/ntp/commit/8a0c765f3c47633fa262356b0818788d1cf249b1
-CVE-2015-7976
+CVE-2015-7976 (The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4 ...)
 	- ntp 1:4.2.8p7+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue, mitigation exists)
 	[wheezy] - ntp <no-dsa> (Minor issue, can be fixed along in a future update)
@@ -4335,41 +4335,41 @@ CVE-2015-7976
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2938
 	NOTE: https://github.com/ntp-project/ntp/commit/3680c2e4d5f88905ce062c7b43305d610a2c9796
 	NOTE: https://github.com/ntp-project/ntp/commit/7fe04606062ed674db3b9553d32dedad29504d61
-CVE-2015-7975
+CVE-2015-7975 (The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 doe ...)
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <not-affected> (Introduced in 4.2.8)
 	[wheezy] - ntp <not-affected> (Introduced in 4.2.8)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2937
-CVE-2015-7974
+CVE-2015-7974 (NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer asso ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1 (low)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2936
-CVE-2015-7973
+CVE-2015-7973 (NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadca ...)
 	- ntp 1:4.2.8p7+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue, can be fixed along in a future update)
 	[wheezy] - ntp <no-dsa> (Minor issue, can be fixed along in a future update)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug2935
-CVE-2015-7972
+CVE-2015-7972 (The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2 ...)
 	{DSA-3414-1 DLA-479-1}
 	- xen 4.6.0-1
 	[wheezy] - xen <no-dsa> (Minor issue, xl not used in wheezy)
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-153.html
-CVE-2015-7971
+CVE-2015-7971 (Xen 3.2.x through 4.6.x does not limit the number of printk console me ...)
 	{DSA-3414-1 DLA-479-1}
 	- xen 4.6.0-1
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-152.html
-CVE-2015-7970
+CVE-2015-7970 (The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3 ...)
 	{DSA-3414-1 DLA-479-1}
 	- xen 4.6.0-1
 	[wheezy] - xen <no-dsa> (Minor issue, too intrusive to backport)
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-150.html
-CVE-2015-7969
+CVE-2015-7969 (Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest admin ...)
 	{DSA-3414-1 DLA-479-1}
 	- xen 4.6.0-1
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
@@ -4377,19 +4377,19 @@ CVE-2015-7969
 	NOTE: http://xenbits.xen.org/xsa/advisory-151.html
 CVE-2015-7968
 	RESERVED
-CVE-2015-7967
+CVE-2015-7967 (SafeNet Authentication Service for Citrix Web Interface Agent uses a w ...)
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7966
+CVE-2015-7966 (SafeNet Authentication Service Windows Logon Agent uses a weak ACL for ...)
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7965
+CVE-2015-7965 (SafeNet Authentication Service Windows Logon Agent uses a weak ACL for ...)
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7964
+CVE-2015-7964 (SafeNet Authentication Service for NPS Agent uses a weak ACL for unspe ...)
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7963
+CVE-2015-7963 (SafeNet Authentication Service for AD FS Agent uses a weak ACL for uns ...)
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7962
+CVE-2015-7962 (SafeNet Authentication Service for Outlook Web App Agent uses a weak A ...)
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7961
+CVE-2015-7961 (SafeNet Authentication Service Remote Web Workplace Agent uses a weak  ...)
 	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7960
 	REJECTED
@@ -4421,7 +4421,7 @@ CVE-2015-7947
 	REJECTED
 CVE-2015-7946
 	RESERVED
-CVE-2015-7945
+CVE-2015-7945 (The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti befo ...)
 	{DSA-3431-1}
 	- ganeti 2.15.2-1 (bug #809538)
 	[squeeze] - ganeti <end-of-life> (Depends on KVM/Xen, unsupported in Squeeze LTS)
@@ -4430,27 +4430,27 @@ CVE-2015-7945
 	NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=6e94ad76446904961744f9b0826414a5e4120693
 	NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=6d44be24c50944fc35de7a490bc836938a82e1df
 	NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=6f9ba80f8312d5607da70841f698c49000a31126
-CVE-2015-7944
+CVE-2015-7944 (The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti befo ...)
 	{DSA-3431-1}
 	- ganeti 2.15.2-1 (bug #809537)
 	[squeeze] - ganeti <end-of-life> (Depends on KVM/Xen, unsupported in Squeeze LTS)
 	NOTE: http://www.ocert.org/advisories/ocert-2015-012.html
 	NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=201fcb916b8164c78f4ed8e0c9cfc0227a78684c
-CVE-2015-9261
+CVE-2015-9261 (huft_build in archival/libarchive/decompress_gunzip.c in BusyBox befor ...)
 	{DLA-1445-1 DLA-337-1}
 	- busybox 1:1.27.2-1 (bug #803097)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/25/3
 	NOTE: http://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e
 	NOTE: https://git.busybox.net/busybox/commit/archival/libarchive/decompress_gunzip.c?id=6bd3fff51aa74e2ee2d87887b12182a3b09792ef
-CVE-2015-7995
+CVE-2015-7995 (The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does n ...)
 	{DSA-3605-1 DLA-514-1}
 	- libxslt 1.1.28-2.1 (bug #802971)
 	[squeeze] - libxslt <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1257962
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/27/10
 	NOTE: https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617 (v1.1.29-rc1)
-CVE-2015-8982
+CVE-2015-8982 (Integer overflow in the strxfrm function in the GNU C Library (aka gli ...)
 	- glibc 2.21-1 (bug #803927)
 	[jessie] - glibc 2.19-18+deb8u2
 	[wheezy] - eglibc 2.13-38+deb7u9
@@ -4460,7 +4460,7 @@ CVE-2015-8982
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=16009
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=0f9e585480ed
 	NOTE: http://openwall.com/lists/oss-security/2015/09/08/2
-CVE-2015-8026
+CVE-2015-8026 (Heap-based buffer overflow in the verify_vbr_checksum function in exfa ...)
 	- exfat-utils 1.2.1-1
 	[jessie] - exfat-utils 1.1.0-2+deb8u1
 	[wheezy] - exfat-utils 0.9.7-2+deb7u1
@@ -4481,7 +4481,7 @@ CVE-2015-XXXX [Endlees loop issue]
 	NOTE: https://crashes.fuzzing-project.org/exfatfsck-endless-loop
 	NOTE: https://github.com/relan/exfat/commit/35a1f77f9be2d8b21731f758baba4334935bf18b
 	NOTE: will possibly not get a CVE, cf. http://www.openwall.com/lists/oss-security/2015/10/29/13
-CVE-2015-8010
+CVE-2015-8010 (Cross-site scripting (XSS) vulnerability in the Classic-UI with the CS ...)
 	- icinga 1.13.3-3 (bug #803432)
 	[jessie] - icinga <no-dsa> (Minor issue)
 	[wheezy] - icinga <no-dsa> (Minor issue)
@@ -4490,172 +4490,172 @@ CVE-2015-8010
 	NOTE: Upstream issue: https://dev.icinga.org/issues/10453
 	NOTE: Upstream fix: https://dev.icinga.org/projects/icinga-core/repository/revisions/5c816f5d9352c373e9dadb95b63612a96cf96dff
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/23/15
-CVE-2015-7981
+CVE-2015-7981 (The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1. ...)
 	{DSA-3399-1 DLA-343-1}
 	- libpng 1.2.54-1 (bug #803078)
 	NOTE: http://sourceforge.net/p/libpng/bugs/241/
 	NOTE: http://sourceforge.net/p/libpng/code/ci/fbf0f024346ca0a4ffc64b082a95c6b6bb6d29c4/
-CVE-2015-7939
+CVE-2015-7939 (Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8 ...)
 	NOT-FOR-US: Unitronics
-CVE-2015-7938
+CVE-2015-7938 (Advantech EKI-132x devices with firmware before 2015-12-31 allow remot ...)
 	NOT-FOR-US: Advantech
-CVE-2015-7937
+CVE-2015-7937 (Stack-based buffer overflow in the GoAhead Web Server on Schneider Ele ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2015-7936
+CVE-2015-7936 (Cross-site request forgery (CSRF) vulnerability in Motorola Solutions  ...)
 	NOT-FOR-US: Motorola Solutions MOSCAD IP Gateway
-CVE-2015-7935
+CVE-2015-7935 (Motorola Solutions MOSCAD IP Gateway allows remote attackers to read a ...)
 	NOT-FOR-US: Motorola Solutions MOSCAD IP Gateway
-CVE-2015-7934
+CVE-2015-7934 (The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station ...)
 	NOT-FOR-US: Adcon
 CVE-2015-7933
 	RESERVED
-CVE-2015-7932
+CVE-2015-7932 (Adcon Telemetry A840 Telemetry Gateway Base Station allows remote atta ...)
 	NOT-FOR-US: Adcon
-CVE-2015-7931
+CVE-2015-7931 (The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station ...)
 	NOT-FOR-US: Adcon
-CVE-2015-7930
+CVE-2015-7930 (Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded cred ...)
 	NOT-FOR-US: Adcon
-CVE-2015-7929
+CVE-2015-7929 (eWON devices with firmware through 10.1s0 support unspecified GET requ ...)
 	NOT-FOR-US: eWON devices
-CVE-2015-7928
+CVE-2015-7928 (eWON devices with firmware before 10.1s0 do not have an off autocomple ...)
 	NOT-FOR-US: eWON devices
-CVE-2015-7927
+CVE-2015-7927 (Cross-site scripting (XSS) vulnerability on eWON devices with firmware ...)
 	NOT-FOR-US: eWON devices
-CVE-2015-7926
+CVE-2015-7926 (eWON devices with firmware before 10.1s0 omit RBAC for I/O server info ...)
 	NOT-FOR-US: eWON devices
-CVE-2015-7925
+CVE-2015-7925 (Cross-site request forgery (CSRF) vulnerability on eWON devices with f ...)
 	NOT-FOR-US: eWON devices
-CVE-2015-7924
+CVE-2015-7924 (eWON devices with firmware before 10.1s0 do not trigger the discarding ...)
 	NOT-FOR-US: eWON devices
-CVE-2015-7923
+CVE-2015-7923 (Westermo WeOS before 4.19.0 uses the same SSL private key across diffe ...)
 	NOT-FOR-US: Westermo
 CVE-2015-7922
 	REJECTED
-CVE-2015-7921
+CVE-2015-7921 (The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV b ...)
 	NOT-FOR-US: Pro-face GP-Pro EX EX-ED
 CVE-2015-7920
 	REJECTED
-CVE-2015-7919
+CVE-2015-7919 (SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the co ...)
 	NOT-FOR-US: SearchBlox
-CVE-2015-7918
+CVE-2015-7918 (Multiple buffer overflows in the F1BookView ActiveX control in F1 Book ...)
 	NOT-FOR-US: F1BookView
-CVE-2015-7917
+CVE-2015-7917 (Untrusted search path vulnerability in Open Automation OPC Systems.NET ...)
 	NOT-FOR-US: Open Automation OPC Systems.NET
-CVE-2015-7916
+CVE-2015-7916 (Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 moduWe ...)
 	NOT-FOR-US: Sauter
-CVE-2015-7915
+CVE-2015-7915 (Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext creden ...)
 	NOT-FOR-US: Sauter
-CVE-2015-7914
+CVE-2015-7914 (Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote attacker ...)
 	NOT-FOR-US: Sauter
-CVE-2015-7913
+CVE-2015-7913 (ag_server_service.exe in the AggreGate Server Service in Tibbo AggreGa ...)
 	NOT-FOR-US: AggreGate
-CVE-2015-7912
+CVE-2015-7912 (The Ice Faces servlet in ag_server_service.exe in the AggreGate Server ...)
 	NOT-FOR-US: AggreGate
-CVE-2015-7911
+CVE-2015-7911 (Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx ...)
 	NOT-FOR-US: Saia Burgess devices
-CVE-2015-7910
+CVE-2015-7910 (Exemys Telemetry Web Server relies on an HTTP Location header to indic ...)
 	NOT-FOR-US: Exemys
-CVE-2015-7909
+CVE-2015-7909 (Stack-based buffer overflow in Hospira Communication Engine (CE) befor ...)
 	NOT-FOR-US: Hospira
-CVE-2015-7908
+CVE-2015-7908 (Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detect ...)
 	NOT-FOR-US: Honeywell Midas gas detectors and Midas Black gas detectors
-CVE-2015-7907
+CVE-2015-7907 (Directory traversal vulnerability in the web server on Honeywell Midas ...)
 	NOT-FOR-US: Honeywell Midas gas detectors and Midas Black gas detectors
-CVE-2015-7906
+CVE-2015-7906 (LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices al ...)
 	NOT-FOR-US: LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices
-CVE-2015-7905
+CVE-2015-7905 (Unitronics VisiLogic OPLC IDE before 9.8.02 allows remote attackers to ...)
 	NOT-FOR-US: Unitronics
-CVE-2015-7904
+CVE-2015-7904 (Unrestricted file upload vulnerability in Infinite Automation Mango Au ...)
 	NOT-FOR-US: Mango Automation
-CVE-2015-7903
+CVE-2015-7903 (SQL injection vulnerability in Infinite Automation Mango Automation 2. ...)
 	NOT-FOR-US: Mango Automation
-CVE-2015-7902
+CVE-2015-7902 (Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 buil ...)
 	NOT-FOR-US: Mango Automation
-CVE-2015-7901
+CVE-2015-7901 (Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 bui ...)
 	NOT-FOR-US: Mango Automation
-CVE-2015-7900
+CVE-2015-7900 (Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 buil ...)
 	NOT-FOR-US: Mango Automation
-CVE-2015-7898
+CVE-2015-7898 (Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a ...)
 	NOT-FOR-US: Samsung
-CVE-2015-7897
+CVE-2015-7897 (The media scanning functionality in the face recognition library in an ...)
 	NOT-FOR-US: Samsung
-CVE-2015-7896
+CVE-2015-7896 (LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows re ...)
 	NOT-FOR-US: Samsung
-CVE-2015-7895
+CVE-2015-7895 (Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a ...)
 	NOT-FOR-US: Samsung
-CVE-2015-7894
+CVE-2015-7894 (The DCMProvider service in Samsung LibQjpeg on a Samsung SM-G925V devi ...)
 	NOT-FOR-US: Samsung
-CVE-2015-7893
+CVE-2015-7893 (SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content,  ...)
 	NOT-FOR-US: Samsung
 CVE-2015-7892
 	RESERVED
-CVE-2015-7891
+CVE-2015-7891 (Race condition in the ioctl implementation in the Samsung Graphics 2D  ...)
 	NOT-FOR-US: Samsung Graphics 2D driver on Samsung devices with Android
 CVE-2015-7890
 	RESERVED
-CVE-2015-7889
+CVE-2015-7889 (The SecEmailComposer/EmailComposer application in the Samsung S6 Edge  ...)
 	NOT-FOR-US: Samsung
-CVE-2015-7888
+CVE-2015-7888 (Directory traversal vulnerability in the WifiHs20UtilityService on the ...)
 	NOT-FOR-US: WifiHs20UtilityService on Samsung S6 Edge LRX22G.G925VVRU1AOE2
-CVE-2015-7887
+CVE-2015-7887 (NetApp SnapCenter Server 1.0 allows remote authenticated users to list ...)
 	NOT-FOR-US: NetApp SnapCenter Server
-CVE-2015-7886
+CVE-2015-7886 (NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are enab ...)
 	NOT-FOR-US: NetApp
-CVE-2015-7899
+CVE-2015-7899 (The com_content component in Joomla! 3.x before 3.4.5 does not properl ...)
 	NOT-FOR-US: Joomla!
 CVE-2015-7883
 	RESERVED
 CVE-2015-7882
 	RESERVED
-CVE-2015-7881
+CVE-2015-7881 (The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote a ...)
 	NOT-FOR-US: Colorbox module for Drupal
-CVE-2015-7880
+CVE-2015-7880 (The Entity Registration module 7.x-1.x before 7.x-1.5 for Drupal allow ...)
 	NOT-FOR-US: Entity Registration module for Drupal
-CVE-2015-7879
+CVE-2015-7879 (Cross-site scripting (XSS) vulnerability in the Stickynote module 7.x  ...)
 	NOT-FOR-US: Stickynote module for Drupal
-CVE-2015-7878
+CVE-2015-7878 (Cross-site scripting (XSS) vulnerability in the Taxonomy Find module 6 ...)
 	NOT-FOR-US: Taxonomy Find module for Drupal
-CVE-2015-7877
+CVE-2015-7877 (Multiple SQL injection vulnerabilities in the User Dashboard module 7. ...)
 	NOT-FOR-US: User Dashboard module for Drupal
-CVE-2015-7876
+CVE-2015-7876 (The escapeLike function in sqlsrv/database.inc in the Drupal 7 driver  ...)
 	NOT-FOR-US: Driver for SQL Server and SQL Azure module for Drupal
-CVE-2015-7875
+CVE-2015-7875 (ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal do ...)
 	NOT-FOR-US: Ctools module for Drupal
 CVE-2015-7874
 	RESERVED
-CVE-2015-7873
+CVE-2015-7873 (The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 ...)
 	{DSA-3382-1}
 	- phpmyadmin 4:4.5.1-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2015-7943
+CVE-2015-7943 (Open redirect vulnerability in the Overlay module in Drupal 7.x before ...)
 	{DLA-548-1}
 	- drupal7 7.41-1
 	[jessie] - drupal7 7.32-1+deb8u9
 	NOTE: https://www.drupal.org/SA-CORE-2015-004
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/21/6
 	NOTE: http://cgit.drupalcode.org/drupal/commit/?id=9f72251c9291b5613acb9ca4ea7a51b4739e3f93
-CVE-2015-7885
+CVE-2015-7885 (The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in th ...)
 	- linux 4.4.2-1 (unimportant)
 	NOTE: dgnc driver not built
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=4b6184336ebb5c8dc1eae7f7ab46ee608a748b05
-CVE-2015-7884
+CVE-2015-7884 (The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd. ...)
 	- linux 4.2.6-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c (v4.4-rc1)
-CVE-2015-7871
+CVE-2015-7871 (Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x befo ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/aa44b5835d69d8ee031736bb8ee2730a514edb7d
 CVE-2015-7870
 	RESERVED
-CVE-2015-7869
+CVE-2015-7869 (Multiple integer overflows in the kernel mode driver for the NVIDIA GP ...)
 	- nvidia-graphics-drivers 352.63-1 (bug #805917)
 	[jessie] - nvidia-graphics-drivers 340.96-1
 	[wheezy] - nvidia-graphics-drivers 304.131-1
@@ -4667,48 +4667,48 @@ CVE-2015-7868
 	RESERVED
 CVE-2015-7867
 	RESERVED
-CVE-2015-7866
+CVE-2015-7866 (Unquoted Windows search path vulnerability in the Smart Maximize Helpe ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2015-7865
+CVE-2015-7865 (nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GP ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
 CVE-2015-7864
 	RESERVED
-CVE-2015-7863
+CVE-2015-7863 (The default configuration of Persistent Accelerite Radia Client Automa ...)
 	NOT-FOR-US: Persistent Accelerite Radia
-CVE-2015-7862
+CVE-2015-7862 (Persistent Accelerite Radia Client Automation (formerly HP Client Auto ...)
 	NOT-FOR-US: Persistent Accelerite Radia
-CVE-2015-7861
+CVE-2015-7861 (Persistent Accelerite Radia Client Automation (formerly HP Client Auto ...)
 	NOT-FOR-US: Persistent Accelerite Radia
-CVE-2015-7860
+CVE-2015-7860 (Stack-based buffer overflow in the agent in Persistent Accelerite Radi ...)
 	NOT-FOR-US: Persistent Accelerite Radia
-CVE-2015-7859
+CVE-2015-7859 (The com_contenthistory component in Joomla! 3.2 before 3.4.5 does not  ...)
 	NOT-FOR-US: Joomla!
-CVE-2015-7858
+CVE-2015-7858 (SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote  ...)
 	NOT-FOR-US: Joomla!
-CVE-2015-7857
+CVE-2015-7857 (SQL injection vulnerability in the getListQuery function in administra ...)
 	NOT-FOR-US: Joomla!
-CVE-2015-7856
+CVE-2015-7856 (OpenNMS has a default password of rtc for the rtc account, which makes ...)
 	NOT-FOR-US: OpenNMS
-CVE-2015-7855
+CVE-2015-7855 (The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3 ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/ba716a464ecb20618560075f2e4e1051e5b6f24f
-CVE-2015-7854
+CVE-2015-7854 (Buffer overflow in the password management functionality in NTP 4.2.x  ...)
 	- ntp 1:4.2.8p4+dfsg-1
 	[jessie] - ntp <not-affected> (Bug introduced in 4.2.7p262)
 	[wheezy] - ntp <not-affected> (Bug introduced in 4.2.7p262)
 	[squeeze] - ntp <not-affected> (Bug introduced in 4.2.7p262)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/1bb401576f412532d8cdcca5509b85ad29605913
-CVE-2015-7853
+CVE-2015-7853 (The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8 ...)
 	- ntp 1:4.2.8p4+dfsg-1
 	[jessie] - ntp <not-affected> (Bug introduced in 4.2.8p1-beta3)
 	[wheezy] - ntp <not-affected> (Bug introduced in 4.2.8p1-beta3)
 	[squeeze] - ntp <not-affected> (Bug introduced in 4.2.8p1-beta3)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/8482b536f9494a5d45196ab5b7e13040f5940261
-CVE-2015-7852
+CVE-2015-7852 (ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remot ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
@@ -4722,40 +4722,40 @@ CVE-2015-7851
 	[squeeze] - ntp <no-dsa> (Vulnerability only affects VMS)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/184516e143ce4448ddb5b9876dd372008cc779f6
-CVE-2015-7850
+CVE-2015-7850 (ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remot ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/bb928ef08eec020ef6008f3a140702ccc0536b8e
-CVE-2015-7849
+CVE-2015-7849 (Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and  ...)
 	- ntp 1:4.2.8p4+dfsg-1
 	[jessie] - ntp <not-affected> (Bug introduced in 4.2.7p262)
 	[wheezy] - ntp <not-affected> (Bug introduced in 4.2.7p262)
 	[squeeze] - ntp <not-affected> (Bug introduced in 4.2.7p262)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/9c22e66c8f2be6aa0c846f0d9804db20f93c105d
-CVE-2015-7848
+CVE-2015-7848 (An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-b ...)
 	- ntp 1:4.2.8p4+dfsg-1
 	[jessie] - ntp <not-affected> (Bug introduced in 4.2.7p131)
 	[wheezy] - ntp <not-affected> (Bug introduced in 4.2.7p131)
 	[squeeze] - ntp <not-affected> (Bug introduced in 4.2.7p131)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/c04c3d3d940dfe1a53132925c4f51aef017d2e0f
-CVE-2015-7847
+CVE-2015-7847 (Huawei MBB (Mobile Broadband) product E3272s with software versions ea ...)
 	NOT-FOR-US: Huawei
-CVE-2015-7846
+CVE-2015-7846 (Huawei S7700, S9700, S9300 before V200R07C00SPC500, and AR200, AR1200, ...)
 	NOT-FOR-US: Huawei
-CVE-2015-7845
+CVE-2015-7845 (The exception handling mechanism in the CLI Module in Huawei eSpace U1 ...)
 	NOT-FOR-US: Huawei
-CVE-2015-7844
+CVE-2015-7844 (Huawei FusionAccess with software V100R005C10,V100R005C20 could allow  ...)
 	NOT-FOR-US: Huawei
-CVE-2015-7843
+CVE-2015-7843 (The management interface on Huawei FusionServer rack servers RH2288 V3 ...)
 	NOT-FOR-US: Huawei
-CVE-2015-7842
+CVE-2015-7842 (Huawei FusionServer rack servers RH2288 V3 with software before V100R0 ...)
 	NOT-FOR-US: Huawei
-CVE-2015-7841
+CVE-2015-7841 (The login page of the server on Huawei FusionServer rack servers RH228 ...)
 	NOT-FOR-US: Huawei
-CVE-2015-7872
+CVE-2015-7872 (The key_gc_unused_keys function in security/keys/gc.c in the Linux ker ...)
 	{DSA-3396-1}
 	- linux 4.2.5-1
 	- linux-2.6 <removed>
@@ -4765,34 +4765,34 @@ CVE-2015-7872
 	NOTE: Patches from Fedora: http://pkgs.fedoraproject.org/cgit/kernel.git/commit/?id=d76d5fe34b5c151ad83761160998b1075729b541
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61 (v4.3-rc7)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/20/5
-CVE-2015-8013
+CVE-2015-8013 (s2k.js in OpenPGP.js will decrypt arbitrary messages regardless of pas ...)
 	- libjs-openpgp <itp> (bug #787774)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/13/7
-CVE-2015-7840
+CVE-2015-7840 (The command line management console (CMC) in SolarWinds Log and Event  ...)
 	NOT-FOR-US: SolarWinds
-CVE-2015-7839
+CVE-2015-7839 (SolarWinds Log and Event Manager (LEM) allows remote attackers to exec ...)
 	NOT-FOR-US: SolarWinds
-CVE-2015-7838
+CVE-2015-7838 (ProcessFileUpload.jsp in SolarWinds Storage Manager before 6.2 allows  ...)
 	NOT-FOR-US: SolarWinds
-CVE-2015-7837
+CVE-2015-7837 (The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, an ...)
 	- linux 4.5.1-1 (unimportant)
 	NOTE: secureboot not yet supported in the Debian package in 4.3
 	NOTE: https://github.com/mjg59/linux/commit/4b2b64d5a6ebc84214755ebccd599baef7c1b798
 	NOTE: Fix is included in 4.5.1-1 with the patches/features/all/securelevel/kexec-uefi-copy-secure_boot-flag-in-boot-params-acro.patch
-CVE-2015-7836
+CVE-2015-7836 (Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain s ...)
 	NOT-FOR-US: Siemens
-CVE-2015-7835
+CVE-2015-7835 (The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x do ...)
 	{DSA-3390-1}
 	- xen 4.6.0-1
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-148.html
-CVE-2015-7834
+CVE-2015-7834 (Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as ...)
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-7833
+CVE-2015-7833 (The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 t ...)
 	{DSA-3426-1 DSA-3396-1 DLA-360-1}
 	- linux 4.2.6-2
 	- linux-2.6 <removed>
@@ -4803,58 +4803,58 @@ CVE-2015-7832
 	RESERVED
 CVE-2015-7831
 	RESERVED
-CVE-2015-7829
+CVE-2015-7829 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7828
+CVE-2015-7828 (SAP HANA Database 1.00 SPS10 and earlier do not require authentication ...)
 	NOT-FOR-US: SAP HANA
-CVE-2015-7827
+CVE-2015-7827 (Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remo ...)
 	{DSA-3565-1 DLA-449-1}
 	- botan1.10 1.10.13-1 (bug #817932)
 	NOTE: Fixed in 1.11.22 and 1.10.13. Affected all previous versions.
 	NOTE: http://botan.randombit.net/security.html
-CVE-2015-7826
+CVE-2015-7826 (botan 1.11.x before 1.11.22 improperly handles wildcard matching again ...)
 	- botan1.10 <not-affected> (Introduced in 1.11.0)
 	NOTE: Introduced in 1.11.0, fixed in 1.11.22
 	NOTE: http://botan.randombit.net/security.html
-CVE-2015-7825
+CVE-2015-7825 (botan before 1.11.22 improperly validates certificate paths, which all ...)
 	- botan1.10 <not-affected> (Introduced in 1.11.6)
 	NOTE: Introduced in 1.11.6, fixed in 1.11.22
 	NOTE: http://botan.randombit.net/security.html
-CVE-2015-7824
+CVE-2015-7824 (botan 1.11.x before 1.11.22 makes it easier for remote attackers to de ...)
 	- botan1.10 <not-affected> (Introduced in 1.11.0)
 	NOTE: Introduced in 1.11.0, fixed in 1.11.22
 	NOTE: http://botan.randombit.net/security.html
-CVE-2015-7823
+CVE-2015-7823 (Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS ...)
 	NOT-FOR-US: Kentico CMS
-CVE-2015-7822
+CVE-2015-7822 (Multiple cross-site scripting (XSS) vulnerabilities in Kentico CMS 8.2 ...)
 	NOT-FOR-US: Kentico CMS
 CVE-2015-7821
 	RESERVED
-CVE-2015-7820
+CVE-2015-7820 (Race condition in the administration-panel web service in IBM System N ...)
 	NOT-FOR-US: IBM
-CVE-2015-7819
+CVE-2015-7819 (The DB service in IBM System Networking Switch Center (SNSC) before 7. ...)
 	NOT-FOR-US: IBM
-CVE-2015-7818
+CVE-2015-7818 (The administration-panel web service in IBM System Networking Switch C ...)
 	NOT-FOR-US: IBM
-CVE-2015-7817
+CVE-2015-7817 (Race condition in the administration-panel web service in IBM System N ...)
 	NOT-FOR-US: IBM
-CVE-2015-7816
+CVE-2015-7816 (The DisplayTopKeywords function in plugins/Referrers/Controller.php in ...)
 	- piwik <itp> (bug #448532)
-CVE-2015-7815
+CVE-2015-7815 (Directory traversal vulnerability in core/ViewDataTable/Factory.php in ...)
 	- piwik <itp> (bug #448532)
-CVE-2015-7814
+CVE-2015-7814 (Race condition in the relinquish_memory function in arch/arm/domain.c  ...)
 	{DSA-3414-1}
 	- xen 4.6.0-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-147.html
 	[wheezy] - xen <not-affected> (arm not yet supported)
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
-CVE-2015-7813
+CVE-2015-7813 (Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk consol ...)
 	{DSA-3414-1}
 	- xen 4.6.0-1
 	[wheezy] - xen <not-affected> (arm not yet supported)
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-146.html
-CVE-2015-7812
+CVE-2015-7812 (The hypercall_create_continuation function in arch/arm/domain.c in Xen ...)
 	{DSA-3414-1}
 	- xen 4.6.0-1
 	[wheezy] - xen <not-affected> (arm not yet supported)
@@ -4884,7 +4884,7 @@ CVE-2015-XXXX [cakephp: XML class SSRF vulnerability]
 	NOTE: Workaround entry for DLA-333-1 and DLA-566-1 until/if CVE assigned
 	NOTE: http://seclists.org/fulldisclosure/2015/Oct/70
 	NOTE: https://github.com/cakephp/cakephp/releases/tag/2.6.6
-CVE-2015-7830
+CVE-2015-7830 (The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pca ...)
 	{DSA-3505-1}
 	- wireshark 1.12.8+g5b6e543-1
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
@@ -4902,28 +4902,28 @@ CVE-2015-7810
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/13/6
 	NOTE: No reply, so we'll just use the same ID
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=959434
-CVE-2015-7808
+CVE-2015-7808 (The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 t ...)
 	NOT-FOR-US: vBulletin
 CVE-2015-7807
 	RESERVED
-CVE-2015-7806
+CVE-2015-7806 (Eval injection vulnerability in the fm_saveHelperGatherItems function  ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2015-7805
+CVE-2015-7805 (Heap-based buffer overflow in libsndfile 1.0.25 allows remote attacker ...)
 	{DLA-928-1 DLA-356-1}
 	- libsndfile 1.0.25-10 (bug #804445)
 	[jessie] - libsndfile 1.0.25-9.1+deb8u1
 	NOTE: http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/
 	NOTE: https://www.exploit-db.com/exploits/38447/
-CVE-2015-7802
+CVE-2015-7802 (gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote a ...)
 	- optipng 0.7.6-1 (unimportant; bug #801700)
 	NOTE: Not a security flaw as the under-read does not depend on input
-CVE-2015-7801
+CVE-2015-7801 (Use-after-free vulnerability in OptiPNG 0.6.4 allows remote attackers  ...)
 	{DLA-332-1}
 	- optipng 0.7.5-1
 	[wheezy] - optipng 0.6.4-1+deb7u1
 CVE-2015-7800
 	RESERVED
-CVE-2015-7799
+CVE-2015-7799 (The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel  ...)
 	{DSA-3426-1 DLA-360-1}
 	- linux 4.2.6-2
 	- linux-2.6 <removed>
@@ -4931,127 +4931,127 @@ CVE-2015-7799
 	NOTE: DoS, requires access to /dev/ppp which is root-only by default
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0baa57d8dc32db78369d8b5176ef56c5e2e18ab3
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ab42d78e37a294ac7bc56901d563c642e03c4ae
-CVE-2015-7798
+CVE-2015-7798 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 throug ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2015-7797
+CVE-2015-7797 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 throug ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2015-7796
+CVE-2015-7796 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 throug ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2015-7795
+CVE-2015-7795 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 throug ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2015-7794
+CVE-2015-7794 (Corega CG-WLNCM4G devices provide an open DNS resolver, which allows r ...)
 	NOT-FOR-US: Corega
-CVE-2015-7793
+CVE-2015-7793 (Corega CG-WLBARAGM devices provide an open proxy service, which allows ...)
 	NOT-FOR-US: Corega
-CVE-2015-7792
+CVE-2015-7792 (Corega CG-WLBARGS devices allow remote attackers to perform administra ...)
 	NOT-FOR-US: Corega
-CVE-2015-7791
+CVE-2015-7791 (Multiple SQL injection vulnerabilities in admin.php in the Collne Welc ...)
 	NOT-FOR-US: Collne Welcart plugin for WordPress
-CVE-2015-7790
+CVE-2015-7790 (Cross-site scripting (XSS) vulnerability on ASUS Japan WL-330NUL devic ...)
 	NOT-FOR-US: ASUS
-CVE-2015-7789
+CVE-2015-7789 (ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remot ...)
 	NOT-FOR-US: ASUS
-CVE-2015-7788
+CVE-2015-7788 (ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remot ...)
 	NOT-FOR-US: ASUS
-CVE-2015-7787
+CVE-2015-7787 (ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remot ...)
 	NOT-FOR-US: ASUS
-CVE-2015-7786
+CVE-2015-7786 (Cross-site scripting (XSS) vulnerability in the NTT DATA Smart Sourcin ...)
 	NOT-FOR-US: NTT DATA
-CVE-2015-7785
+CVE-2015-7785 (GANMA! App for iOS does not verify SSL certificates. ...)
 	NOT-FOR-US: GANMA! App for iOS
-CVE-2015-7784
+CVE-2015-7784 (SQL injection vulnerability in the BOKUBLOCK (1) BbAdminViewsControl21 ...)
 	NOT-FOR-US: BOKUBLOCK
-CVE-2015-7783
+CVE-2015-7783 (Cross-site scripting (XSS) vulnerability in Let's PHP! p++BBS before 4 ...)
 	NOT-FOR-US: p++BBS
-CVE-2015-7782
+CVE-2015-7782 (Cross-site scripting (XSS) vulnerability in Let's PHP! Frame high-spee ...)
 	NOT-FOR-US: Let's PHP!
-CVE-2015-7781
+CVE-2015-7781 (ManageEngine Firewall Analyzer before 8.0 does not restrict access per ...)
 	NOT-FOR-US: ManageEngine Firewall Analyzer
-CVE-2015-7780
+CVE-2015-7780 (Directory traversal vulnerability in ManageEngine Firewall Analyzer be ...)
 	NOT-FOR-US: ManageEngine Firewall Analyzer
 CVE-2015-7779
 	REJECTED
-CVE-2015-7778
+CVE-2015-7778 (Gurunavi App for iOS before 6.0.0 does not verify SSL certificates whi ...)
 	NOT-FOR-US: Gurunavi App for iOS
-CVE-2015-7777
+CVE-2015-7777 (Cross-site scripting (XSS) vulnerability in index.php in JosephErnest  ...)
 	NOT-FOR-US: JosephErnest Void
-CVE-2015-7776
+CVE-2015-7776 (Cybozu Garoon 3.x and 4.x before 4.2.0 does not properly restrict load ...)
 	NOT-FOR-US: Cybozu
-CVE-2015-7775
+CVE-2015-7775 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.0.3 allows ...)
 	NOT-FOR-US: Cybozu
-CVE-2015-7774
+CVE-2015-7774 (PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows ...)
 	NOT-FOR-US: PC-EGG
-CVE-2015-7773
+CVE-2015-7773 (Unrestricted file upload vulnerability in the Panel component in Basti ...)
 	NOT-FOR-US: Bastian Allgeier Kirby
-CVE-2015-7772
+CVE-2015-7772 (Cross-site scripting (XSS) vulnerability in the runtime engine in the  ...)
 	NOT-FOR-US: Newphoria
-CVE-2015-7771
+CVE-2015-7771 (Cross-site scripting (XSS) vulnerability in the runtime engine in the  ...)
 	NOT-FOR-US: Newphoria
-CVE-2015-7770
+CVE-2015-7770 (Dell SonicWall TotalSecure TZ 100 devices with firmware before 5.9.1.0 ...)
 	NOT-FOR-US: Dell
-CVE-2015-7769
+CVE-2015-7769 (baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to exec ...)
 	NOT-FOR-US: baserCMS
-CVE-2015-7768
+CVE-2015-7768 (Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote attack ...)
 	NOT-FOR-US: Konica Minolta
-CVE-2015-7767
+CVE-2015-7767 (Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote attack ...)
 	NOT-FOR-US: Konica Minolta
-CVE-2015-7766
+CVE-2015-7766 (PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and ea ...)
 	NOT-FOR-US: ZOHO
-CVE-2015-7765
+CVE-2015-7765 (ZOHO ManageEngine OpManager 11.5 build 11600 and earlier uses a hardco ...)
 	NOT-FOR-US: ZOHO
-CVE-2015-7809
+CVE-2015-7809 (The displayBlock function Template.php in Sensio Labs Twig before 1.20 ...)
 	{DSA-3343-1}
 	- twig 1.20.0-1
 	NOTE: http://symfony.com/blog/security-release-twig-1-20-0
-CVE-2015-7804
+CVE-2015-7804 (Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c  ...)
 	{DSA-3380-1 DLA-341-1}
 	- php5 5.6.14+dfsg-1 (medium)
 	NOTE: https://bugs.php.net/bug.php?id=70433
-CVE-2015-7803
+CVE-2015-7803 (The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5. ...)
 	{DSA-3380-1 DLA-341-1}
 	- php5 5.6.14+dfsg-1 (low)
 	NOTE: https://bugs.php.net/bug.php?id=69720
-CVE-2015-7764
+CVE-2015-7764 (Lemur 0.1.4 does not use sufficient entropy in its IV when encrypting  ...)
 	- lemur <itp> (bug #809533)
-CVE-2015-7763
+CVE-2015-7763 (rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7 ...)
 	{DSA-3387-1 DLA-342-1}
 	- openafs 1.6.15-1
 	NOTE: https://www.openafs.org/security
-CVE-2015-7762
+CVE-2015-7762 (rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not prop ...)
 	{DSA-3387-1 DLA-342-1}
 	- openafs 1.6.15-1
 	NOTE: https://www.openafs.org/security
-CVE-2015-7761
+CVE-2015-7761 (Mail in Apple OS X before 10.11 does not properly recognize user prefe ...)
 	NOT-FOR-US: Apple
-CVE-2015-7760
+CVE-2015-7760 (libxpc in launchd in Apple OS X before 10.11 does not restrict the cre ...)
 	NOT-FOR-US: Apple
-CVE-2015-7759
+CVE-2015-7759 (BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12 ...)
 	NOT-FOR-US: BIG-IP
 CVE-2015-7757
 	REJECTED
-CVE-2015-7756
+CVE-2015-7756 (The encryption implementation in Juniper ScreenOS 6.2.0r15 through 6.2 ...)
 	NOT-FOR-US: Juniper ScreenOS
-CVE-2015-7755
+CVE-2015-7755 (Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, ...)
 	NOT-FOR-US: Juniper ScreenOS
-CVE-2015-7754
+CVE-2015-7754 (Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabl ...)
 	NOT-FOR-US: Juniper
 CVE-2015-7753
 	RESERVED
-CVE-2015-7752
+CVE-2015-7752 (The SSH server in Juniper Junos OS before 12.1X44-D50, 12.1X46 before  ...)
 	NOT-FOR-US: Juniper
-CVE-2015-7751
+CVE-2015-7751 (Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X ...)
 	NOT-FOR-US: Juniper
-CVE-2015-7750
+CVE-2015-7750 (The L2TP packet processing functionality in Juniper Netscreen and Scre ...)
 	NOT-FOR-US: Juniper
-CVE-2015-7749
+CVE-2015-7749 (The PFE daemon in Juniper vSRX virtual firewalls with Junos OS before  ...)
 	NOT-FOR-US: Juniper
-CVE-2015-7748
+CVE-2015-7748 (Juniper chassis with Trio (Trinity) chipset line cards and Junos OS 13 ...)
 	NOT-FOR-US: Juniper
-CVE-2015-7746
+CVE-2015-7746 (NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows remot ...)
 	NOT-FOR-US: NetApp
 CVE-2015-7745
 	RESERVED
-CVE-2015-7744
+CVE-2015-7744 (wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults ...)
 	- wolfssl 3.9.10+dfsg-1
 	- mysql-5.6 5.6.27-1
 	- mysql-5.5 5.5.46-0+deb8u1
@@ -5061,7 +5061,7 @@ CVE-2015-7744
 	- mariadb-10.0 10.0.22-1
 	[jessie] - mariadb-10.0 10.0.22-0+deb8u1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2015-7743
+CVE-2015-7743 (XML external entity vulnerability in PRTG Network Monitor before 16.2. ...)
 	NOT-FOR-US: PRTG Network Monitor
 CVE-2015-7742
 	RESERVED
@@ -5081,29 +5081,29 @@ CVE-2015-7734
 	RESERVED
 CVE-2015-7733
 	RESERVED
-CVE-2015-7732
+CVE-2015-7732 (The Avira Mobile Security app before 1.5.11 for iOS sends sensitive lo ...)
 	NOT-FOR-US: Avira Mobile Security app
 CVE-2015-7731
 	RESERVED
-CVE-2015-7730
+CVE-2015-7730 (SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and Bus ...)
 	NOT-FOR-US: SAP BusinessObjects
-CVE-2015-7729
+CVE-2015-7729 (Eval injection in test-net.xsjs in the Web-based Development Workbench ...)
 	NOT-FOR-US: SAP HANA
-CVE-2015-7728
+CVE-2015-7728 (Cross-site scripting (XSS) vulnerability in user creation in the Web-b ...)
 	NOT-FOR-US: SAP HANA
-CVE-2015-7727
+CVE-2015-7727 (Multiple SQL injection vulnerabilities in the Web-based Development Wo ...)
 	NOT-FOR-US: SAP HANA
-CVE-2015-7726
+CVE-2015-7726 (Cross-site scripting (XSS) vulnerability in role deletion in the Web-b ...)
 	NOT-FOR-US: SAP HANA
-CVE-2015-7725
+CVE-2015-7725 (Multiple SQL injection vulnerabilities in the Web-based Development Wo ...)
 	NOT-FOR-US: SAP HANA
-CVE-2015-7724
+CVE-2015-7724 (AMD fglrx-driver before 15.9 allows local users to gain privileges via ...)
 	- fglrx-driver 1:15.9-1 (bug #803517)
 	[jessie] - fglrx-driver <no-dsa> (Non-free not supported)
 	[wheezy] - fglrx-driver <no-dsa> (non-free not supported)
 	[squeeze] - fglrx-driver <no-dsa> (non-free not supported)
 	NOTE: http://seclists.org/fulldisclosure/2015/Oct/103
-CVE-2015-7723
+CVE-2015-7723 (AMD fglrx-driver before 15.7 allows local users to gain privileges via ...)
 	- fglrx-driver 1:15.7-1 (bug #803517)
 	[jessie] - fglrx-driver <no-dsa> (Non-free not supported)
 	[wheezy] - fglrx-driver <no-dsa> (non-free not supported)
@@ -5117,38 +5117,38 @@ CVE-2015-7720
 	RESERVED
 CVE-2015-7719
 	RESERVED
-CVE-2015-7718
+CVE-2015-7718 (mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10- ...)
 	NOT-FOR-US: mediaserver in Android
-CVE-2015-7717
+CVE-2015-7717 (mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10- ...)
 	NOT-FOR-US: mediaserver in Android
-CVE-2015-7716
+CVE-2015-7716 (libstagefright in Android 5.x before 5.1.1 LMY48T allows remote attack ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-7715
+CVE-2015-7715 (Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL (c ...)
 	NOT-FOR-US: Realtyna RPL for Joomla!
-CVE-2015-7714
+CVE-2015-7714 (Multiple SQL injection vulnerabilities in the Realtyna RPL (com_rpl) c ...)
 	NOT-FOR-US: Realtyna RPL for Joomla!
-CVE-2015-7712
+CVE-2015-7712 (Multiple eval injection vulnerabilities in mods/_standard/gradebook/ed ...)
 	NOT-FOR-US: ATutor
-CVE-2015-7711
+CVE-2015-7711 (Cross-site scripting (XSS) vulnerability in popuphelp.php in ATutor 2. ...)
 	NOT-FOR-US: ATutor
 CVE-2015-7710
 	RESERVED
-CVE-2015-7709
+CVE-2015-7709 (The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkei ...)
 	NOT-FOR-US: Western Digital
-CVE-2015-7708
+CVE-2015-7708 (Cross-site scripting (XSS) vulnerability in 4images 1.7.11 and earlier ...)
 	NOT-FOR-US: 4images
-CVE-2015-7707
+CVE-2015-7707 (Ignite Realtime Openfire 3.10.2 allows remote authenticated users to g ...)
 	NOT-FOR-US: Ignite Realtime Openfire
-CVE-2015-7706
+CVE-2015-7706 (Multiple cross-site scripting (XSS) vulnerabilities in Secure Data Spa ...)
 	NOT-FOR-US: Secure Data Space
-CVE-2015-7758
+CVE-2015-7758 (Gummi 0.6.5 allows local users to write to arbitrary files via a symli ...)
 	- gummi 0.6.5-6 (bug #756432)
 	[jessie] - gummi 0.6.5-3+deb8u1
 	[wheezy] - gummi 0.6.3-1.2+deb7u2
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/08/4
-CVE-2015-7740
+CVE-2015-7740 (Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P ...)
 	NOT-FOR-US: ARM Mali GPU driver
-CVE-2015-7545
+CVE-2015-7545 (The (1) git-remote-ext and (2) unspecified other remote helper program ...)
 	{DSA-3435-1}
 	- git 1:2.6.1-1
 	[squeeze] - git <not-affected> (git 1.7.2 did not have git-remote-ext yet)
@@ -5160,7 +5160,7 @@ CVE-2015-7747 [When changing both sample format and number of channels, data get
 	[wheezy] - audiofile <no-dsa> (Minor issue)
 	[squeeze] - audiofile <not-affected> (Vulnerable code introduced later)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/06/2
-CVE-2015-7705
+CVE-2015-7705 (The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4 ...)
 	- ntp 1:4.2.8p4+dfsg-3
 	[jessie] - ntp <no-dsa> (Default config not affected)
 	[wheezy] - ntp <no-dsa> (Default config not affected)
@@ -5170,42 +5170,42 @@ CVE-2015-7705
 	NOTE: https://github.com/ntp-project/ntp/commit/492758c3d0690d3ccf7130fabfcf670997f12f7b
 	NOTE: Original fix was reported broken, then fixed in http://bugs.ntp.org/show_bug.cgi?id=2952 (4.2.8p7)
 	NOTE: Original upsteam bug: http://support.ntp.org/bin/view/Main/NtpBug2901
-CVE-2015-7704
+CVE-2015-7704 (The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allo ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-3
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: Original ntp fix applied in 1:4.2.8p4+dfsg-1for CVE-2015-7704 is apparently broken
 	NOTE: http://lists.ntp.org/pipermail/pool/2015-October/007631.html
-CVE-2015-7703
+CVE-2015-7703 (The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8 ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/5dea6ff160c7e8f7cb038619ccccd28c3a8df637
 	NOTE: https://github.com/ntp-project/ntp/commit/cdae0f1369ade98dc7ae912a0f1953b6e533cb88
-CVE-2015-7702
+CVE-2015-7702 (The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3. ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/c4cd4aaf418f57f7225708a93bf48afb2bc9c1da
-CVE-2015-7701
+CVE-2015-7701 (Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4 ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: https://github.com/ntp-project/ntp/commit/d7cd5e186034340402f1393e0813c7d2b14ea6ca
 	NOTE: https://github.com/ntp-project/ntp/commit/79604d925e4477247eee202155215e7865293809
-CVE-2015-7700
+CVE-2015-7700 (Double-free vulnerability in the sPLT chunk structure and png.c in png ...)
 	- pngcrush 1.8.13-0.1 (bug #874109)
 	[stretch] - pngcrush <no-dsa> (Minor issue)
 	[jessie] - pngcrush <no-dsa> (Minor issue)
 	[wheezy] - pngcrush <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/p/pmt/code/ci/e8ae5a842e86324f0bee91f4d98245fddb8ea5dd (1.7.87)
-CVE-2015-7697
+CVE-2015-7697 (Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of servic ...)
 	{DSA-3386-1 DLA-330-1}
 	- unzip 6.0-19 (bug #802160)
-CVE-2015-7696
+CVE-2015-7696 (Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of servic ...)
 	{DSA-3386-1 DLA-330-1}
 	- unzip 6.0-19 (bug #802162)
-CVE-2015-7695
+CVE-2015-7695 (The PDO adapters in Zend Framework before 1.12.16 do not filer null by ...)
 	{DSA-3369-1 DLA-326-1}
 	- zendframework 1.12.16+dfsg-1
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-08
@@ -5214,12 +5214,12 @@ CVE-2015-7694
 	RESERVED
 CVE-2015-7693
 	RESERVED
-CVE-2015-7692
+CVE-2015-7692 (The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3. ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
 	NOTE: Fixed upstream together with CVE-2015-7702
-CVE-2015-7691
+CVE-2015-7691 (The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3. ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
@@ -5230,35 +5230,35 @@ CVE-2015-7689
 	RESERVED
 CVE-2015-7688
 	RESERVED
-CVE-2015-7685
+CVE-2015-7685 (GLPI before 0.85.3 allows remote authenticated users to create super-a ...)
 	- glpi <removed> (unimportant)
 	NOTE: https://forge.glpi-project.org/issues/5218
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2015-7684
+CVE-2015-7684 (Unrestricted file upload in GLPI before 0.85.3 allows remote authentic ...)
 	- glpi <removed> (unimportant)
 	NOTE: https://forge.glpi-project.org/issues/5217
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2015-7683
+CVE-2015-7683 (Absolute path traversal vulnerability in Font.php in the Font plugin b ...)
 	NOT-FOR-US: Font plugin for WordPress
-CVE-2015-7682
+CVE-2015-7682 (Multiple SQL injection vulnerabilities in pie-register/pie-register.ph ...)
 	NOT-FOR-US: Pie Register plugin for WordPress
 CVE-2015-7681
 	REJECTED
-CVE-2015-7680
+CVE-2015-7680 (Ipswitch MOVEit DMZ before 8.2 provides different error messages for a ...)
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
-CVE-2015-7679
+CVE-2015-7679 (Cross-site scripting (XSS) vulnerability in Ipswitch MOVEit Mobile bef ...)
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
-CVE-2015-7678
+CVE-2015-7678 (Multiple cross-site request forgery (CSRF) vulnerabilities in Ipswitch ...)
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
-CVE-2015-7677
+CVE-2015-7677 (The MOVEitISAPI service in Ipswitch MOVEit DMZ before 8.2 provides dif ...)
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
-CVE-2015-7676
+CVE-2015-7676 (Ipswitch MOVEit File Transfer (formerly DMZ) 8.1 and earlier, when con ...)
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
-CVE-2015-7675
+CVE-2015-7675 (The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and ...)
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
-CVE-2015-7672
+CVE-2015-7672 (Cross-site scripting (XSS) vulnerability in Centreon 2.6.1. ...)
 	NOT-FOR-US: Centreon
-CVE-2015-7713
+CVE-2015-7713 (OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 20 ...)
 	- nova 1:12.0.0-2
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
@@ -5268,9 +5268,9 @@ CVE-2015-XXXX [Remotely triggerable buffer overflow in OpenSMTPD]
 	- opensmtpd 5.7.3p1-1
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/04/2
 	NOTE: Fixed with 5.7.3 upstream release
-CVE-2015-7687
+CVE-2015-7687 (Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote a ...)
 	- opensmtpd 5.7.3p1-1 (bug #800787)
-CVE-2015-7686
+CVE-2015-7686 (Algorithmic complexity vulnerability in Address.pm in the Email-Addres ...)
 	- libemail-address-perl 1.912-1 (bug #868170; unimportant)
 	[stretch] - libemail-address-perl 1.908-1+deb9u1
 	[jessie] - libemail-address-perl <no-dsa> (Minor issue)
@@ -5281,129 +5281,129 @@ CVE-2015-7686
 	NOTE: Mitigation: https://github.com/Perl-Email-Project/Email-Address/commit/aeaf0d7f1b0897b54cb246b8ac15d3ef177e5cae
 CVE-2015-7671
 	RESERVED
-CVE-2015-7670
+CVE-2015-7670 (Multiple SQL injection vulnerabilities in includes/update.php in the S ...)
 	NOT-FOR-US: Support Ticket System plugin for WordPress
-CVE-2015-7669
+CVE-2015-7669 (Multiple directory traversal vulnerabilities in (1) includes/MapImport ...)
 	NOT-FOR-US: Easy2Map plugin for WordPress
-CVE-2015-7668
+CVE-2015-7668 (Cross-site scripting (XSS) vulnerability in includes/MapPinImageSave.p ...)
 	NOT-FOR-US: Easy2Map plugin for WordPress
-CVE-2015-7667
+CVE-2015-7667 (Multiple cross-site scripting (XSS) vulnerabilities in (1) templates/a ...)
 	NOT-FOR-US: ResAds plugin for WordPress
-CVE-2015-7666
+CVE-2015-7666 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) cp_upda ...)
 	NOT-FOR-US: Payment Form for PayPal Pro plugin for WordPress
 CVE-2015-7664
 	RESERVED
-CVE-2015-7663
+CVE-2015-7663 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7662
+CVE-2015-7662 (Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7661
+CVE-2015-7661 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7660
+CVE-2015-7660 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7659
+CVE-2015-7659 (Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7658
+CVE-2015-7658 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7657
+CVE-2015-7657 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7656
+CVE-2015-7656 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7655
+CVE-2015-7655 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7654
+CVE-2015-7654 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7653
+CVE-2015-7653 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7652
+CVE-2015-7652 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7651
+CVE-2015-7651 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7650
+CVE-2015-7650 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2015-7649
+CVE-2015-7649 (Adobe Shockwave Player before 12.2.1.171 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2015-7648
+CVE-2015-7648 (Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7647
+CVE-2015-7647 (Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-7646
 	REJECTED
-CVE-2015-7645
+CVE-2015-7645 (Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7644
+CVE-2015-7644 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7643
+CVE-2015-7643 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7642
+CVE-2015-7642 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7641
+CVE-2015-7641 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7640
+CVE-2015-7640 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7639
+CVE-2015-7639 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7638
+CVE-2015-7638 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7637
+CVE-2015-7637 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7636
+CVE-2015-7636 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7635
+CVE-2015-7635 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7634
+CVE-2015-7634 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7633
+CVE-2015-7633 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7632
+CVE-2015-7632 (Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x befor ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7631
+CVE-2015-7631 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7630
+CVE-2015-7630 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7629
+CVE-2015-7629 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7628
+CVE-2015-7628 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7627
+CVE-2015-7627 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7626
+CVE-2015-7626 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7625
+CVE-2015-7625 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-7624
+CVE-2015-7624 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7623
+CVE-2015-7623 (The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x bef ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7622
+CVE-2015-7622 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7621
+CVE-2015-7621 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7620
+CVE-2015-7620 (The ANSendForBrowserReview method in Adobe Reader and Acrobat 10.x bef ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7619
+CVE-2015-7619 (The ANShareFile2 method in Adobe Reader and Acrobat 10.x before 10.1.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7618
+CVE-2015-7618 (The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7617
+CVE-2015-7617 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7616
+CVE-2015-7616 (The ANVerifyComments method in Adobe Reader and Acrobat 10.x before 10 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7615
+CVE-2015-7615 (Use-after-free vulnerability in a SaveAs feature in Adobe Reader and A ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7614
+CVE-2015-7614 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7612
+CVE-2015-7612 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Orga ...)
 	NOT-FOR-US: McAfee
-CVE-2015-7665
+CVE-2015-7665 (Tails before 1.7 includes the wget program but does not prevent automa ...)
 	NOT-FOR-US: wget as used in Tails
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/01/10
-CVE-2015-7613
+CVE-2015-7613 (Race condition in the IPC object implementation in the Linux kernel th ...)
 	{DSA-3372-1 DLA-325-1}
 	- linux 4.2.3-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9a532277938798b53178d5a66af6e2915cb27cf (v4.3-rc4)
-CVE-2015-7610
+CVE-2015-7610 (Cross-site request forgery (CSRF) vulnerability in the login form in Z ...)
 	NOT-FOR-US: Zimbra
 CVE-2015-7609
 	RESERVED
@@ -5415,7 +5415,7 @@ CVE-2015-7606
 	RESERVED
 CVE-2015-7605
 	RESERVED
-CVE-2015-7673
+CVE-2015-7673 (io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its alloca ...)
 	{DSA-3378-1 DLA-434-1}
 	- gdk-pixbuf 2.32.0-1
 	- gtk+2.0 2.21.5-1
@@ -5424,12 +5424,12 @@ CVE-2015-7673
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=edf6fb8d856574bc3bb3a703037f56533229267c
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6ddca835100107e6b5841ce9d56074f6d98c387e
 	NOTE: gtk+2.0 2.21.5-1 removed the embedded copy of gdk-pixbuf and build-depends on external gdk-pixbuf
-CVE-2015-8875
+CVE-2015-8875 (Multiple integer overflows in the (1) pixops_composite_nearest, (2) pi ...)
 	{DSA-3589-1 DLA-450-1}
 	- gdk-pixbuf 2.34.0-1
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=dbfe8f70471864818bf458a39c8a99640895bd22 (2.33.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/12/3
-CVE-2015-7674
+CVE-2015-7674 (Integer overflow in the pixops_scale_nearest function in pixops/pixops ...)
 	{DSA-3378-1 DLA-450-1 DLA-434-1}
 	- gdk-pixbuf 2.32.1-1
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/01/4
@@ -5445,33 +5445,33 @@ CVE-2015-XXXX [trivial hash complexity DoS attack]
 	[squeeze] - php5 <no-dsa> (Too intrusive to backport)
 	NOTE: https://bugs.php.net/bug.php?id=70644
 	NOTE: https://github.com/bk2204/php-hash-dos
-CVE-2015-7698
+CVE-2015-7698 (icewind1991 SMB before 1.0.3 allows remote authenticated users to exec ...)
 	- php-smb 1.0.3a-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-017
-CVE-2015-7699
+CVE-2015-7699 (The files_external app in ownCloud Server before 7.0.9, 8.0.x before 8 ...)
 	{DSA-3373-1}
 	- owncloud 7.0.9~dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-018
 	NOTE: https://github.com/owncloud/core/commit/b05e178bbf884b120d1106e6a28f35aa50d6d06f
-CVE-2015-7611
+CVE-2015-7611 (Apache James Server 2.3.2, when configured with file-based user reposi ...)
 	NOT-FOR-US: Apache James
-CVE-2015-7604
+CVE-2015-7604 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enter ...)
 	NOT-FOR-US: Splunk
-CVE-2015-7603
+CVE-2015-7603 (Directory traversal vulnerability in Konica Minolta FTP Utility 1.0 al ...)
 	NOT-FOR-US: Konica Minolta FTP Utility
-CVE-2015-7602
+CVE-2015-7602 (Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows rem ...)
 	NOT-FOR-US: BisonWare BisonFTP
-CVE-2015-7601
+CVE-2015-7601 (Directory traversal vulnerability in PCMan's FTP Server 2.0.7 allows r ...)
 	NOT-FOR-US: PCMan's FTP Server
-CVE-2015-7600
+CVE-2015-7600 (Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions for vpn ...)
 	NOT-FOR-US: Cisco VPN Client
-CVE-2015-7599
+CVE-2015-7599 (Integer overflow in the _authenticate function in svc_auth.c in Wind R ...)
 	NOT-FOR-US: Wind River VxWorks
-CVE-2015-7598
+CVE-2015-7598 (SafeNet Authentication Service TokenValidator Proxy Agent uses a weak  ...)
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7597
+CVE-2015-7597 (SafeNet Authentication Service IIS Agent uses a weak ACL for unspecifi ...)
 	NOT-FOR-US: SafeNet Authentication Service
-CVE-2015-7596
+CVE-2015-7596 (SafeNet Authentication Service End User Software Tools for Windows use ...)
 	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7595
 	REJECTED
@@ -5501,7 +5501,7 @@ CVE-2015-7583
 	REJECTED
 CVE-2015-7582
 	REJECTED
-CVE-2015-7581
+CVE-2015-7581 (actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in  ...)
 	{DSA-3464-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -5510,13 +5510,13 @@ CVE-2015-7581
 	[wheezy] - ruby-actionpack-3.2 <not-affected> (Vulnerable code not present)
 	- ruby-actionpack-2.3 <removed>
 	[wheezy] - ruby-actionpack-2.3 <end-of-life>
-CVE-2015-7580
+CVE-2015-7580 (Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.r ...)
 	- ruby-rails-html-sanitizer 1.0.3-1 (bug #812814)
-CVE-2015-7579
+CVE-2015-7579 (Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer g ...)
 	- ruby-rails-html-sanitizer 1.0.3-1 (bug #812814)
-CVE-2015-7578
+CVE-2015-7578 (Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer g ...)
 	- ruby-rails-html-sanitizer 1.0.3-1 (bug #812814)
-CVE-2015-7577
+CVE-2015-7577 (activerecord/lib/active_record/nested_attributes.rb in Active Record i ...)
 	{DSA-3464-1 DLA-496-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -5524,7 +5524,7 @@ CVE-2015-7577
 	- ruby-activerecord-3.2 <removed>
 	- ruby-activerecord-2.3 <removed>
 	[wheezy] - ruby-activerecord-2.3 <end-of-life>
-CVE-2015-7576
+CVE-2015-7576 (The http_basic_authenticate_with method in actionpack/lib/action_contr ...)
 	{DSA-3464-1 DLA-604-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -5537,7 +5537,7 @@ CVE-2015-7576
 	- ruby-activesupport-2.3 <removed>
 	[wheezy] - ruby-activesupport-2.3 <end-of-life>
 	NOTE: https://github.com/rails/rails/commit/a6fa3960c3a149e83eb2ff057be4472a82958e3d
-CVE-2015-7575
+CVE-2015-7575 (Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozi ...)
 	{DSA-3688-1 DSA-3491-1 DSA-3465-1 DSA-3458-1 DSA-3457-1 DSA-3437-1 DSA-3436-1 DLA-410-1}
 	- iceweasel 43.0.2-1
 	[squeeze] - iceweasel <end-of-life>
@@ -5574,35 +5574,35 @@ CVE-2015-7573
 	REJECTED
 CVE-2015-7572
 	REJECTED
-CVE-2015-7571
+CVE-2015-7571 (Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remo ...)
 	NOT-FOR-US: Yeager CMS
-CVE-2015-7570
+CVE-2015-7570 (Multiple server-side request forgery (SSRF) vulnerabilities in Yeager  ...)
 	NOT-FOR-US: Yeager CMS
-CVE-2015-7569
+CVE-2015-7569 (SQL injection vulnerability in "yeager/y.php/tab_USERLIST" in Yeager C ...)
 	NOT-FOR-US: Yeager CMS
-CVE-2015-7568
+CVE-2015-7568 (SQL injection vulnerability in the password recovery feature in Yeager ...)
 	NOT-FOR-US: Yeager CMS
 CVE-2015-7567
 	RESERVED
 	NOT-FOR-US: Yeager CMS
-CVE-2015-7566
+CVE-2015-7566 (The clie_5_attach function in drivers/usb/serial/visor.c in the Linux  ...)
 	{DSA-3448-1 DLA-412-1}
 	- linux 4.3.3-6
 	[wheezy] - linux 3.2.73-2+deb7u3
 	- linux-2.6 <removed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283371 (not (yet) public)
 	NOTE: Proposed upstream patch: http://marc.info/?l=linux-usb&m=145260786729359&w=2
-CVE-2015-7565
+CVE-2015-7565 (Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.1 ...)
 	NOT-FOR-US: ember.js
-CVE-2015-7564
+CVE-2015-7564 (Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier  ...)
 	NOT-FOR-US: TeamPass
-CVE-2015-7563
+CVE-2015-7563 (Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and ...)
 	NOT-FOR-US: TeamPass
-CVE-2015-7562
+CVE-2015-7562 (Multiple cross-site scripting (XSS) vulnerabilities in TeamPass 2.1.24 ...)
 	NOT-FOR-US: TeamPass
-CVE-2015-7561
+CVE-2015-7561 (Kubernetes in OpenShift3 allows remote authenticated users to use the  ...)
 	NOT-FOR-US: OpenShift
-CVE-2015-7560
+CVE-2015-7560 (The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4. ...)
 	{DSA-3514-1}
 	- samba 2:4.3.6+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2015-7560.html
@@ -5613,13 +5613,13 @@ CVE-2015-7559 [DoS in client via shutdown command]
 	[jessie] - activemq 5.6.0+dfsg1-4+deb8u3
 	NOTE: Upstream commit: https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=b8fc78e
 	NOTE: https://issues.apache.org/jira/browse/AMQ-6470
-CVE-2015-7558
+CVE-2015-7558 (librsvg before 2.40.12 allows context-dependent attackers to cause a d ...)
 	{DSA-3584-1 DLA-477-1}
 	- librsvg 2.40.12-1
 	[squeeze] - librsvg <no-dsa> (Too intrusive to backport)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1268243
 	NOTE: https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61 (2.40.12)
-CVE-2015-7557
+CVE-2015-7557 (The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg be ...)
 	{DLA-395-1}
 	- librsvg 2.40.9-2
 	[jessie] - librsvg 2.40.5-1+deb8u1
@@ -5628,13 +5628,13 @@ CVE-2015-7557
 	NOTE: https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df (2.40.7)
 CVE-2015-7556
 	RESERVED
-CVE-2015-7555
+CVE-2015-7555 (Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allow ...)
 	{DLA-389-1}
 	- giflib 5.1.2-0.1 (bug #808704)
 	[jessie] - giflib 4.1.6-11+deb8u1
 	[wheezy] - giflib 4.1.6-10+deb7u1
 	NOTE: Upstream fix http://sourceforge.net/p/giflib/code/ci/179510be300bf11115e37528d79619b53c884a63
-CVE-2015-7554
+CVE-2015-7554 (The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attac ...)
 	{DLA-693-1 DLA-692-1}
 	- tiff 4.0.7-7 (bug #809066; bug #842043; bug #850316)
 	[jessie] - tiff 4.0.3-12.3+deb8u4
@@ -5647,17 +5647,17 @@ CVE-2015-7554
 	NOTE: --
 	NOTE: The problem is present in tiff3 3.9.6-11+deb7u1 on wheezy (the problematic code
 	NOTE: gets executed under gdb), however for some reason this does not lead to a segfault.
-CVE-2015-7553
+CVE-2015-7553 (Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt  ...)
 	- linux <not-affected> (RHEL-specific backport bug)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1288934
 	NOTE: Related to an incomplete RHEL backport of https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ac2bde2a4a05c38e2bd733bea94507cb1461e06
-CVE-2015-7552
+CVE-2015-7552 (Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixb ...)
 	{DSA-3589-1 DLA-501-1}
 	- gdk-pixbuf 2.32.0-1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=958963
 	NOTE: This was fixed by one of the commits between 2.31.6 and 2.32.0.
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f68cb78a5277f169b9531e6998c00c7976594e4 (2.31.7)
-CVE-2015-7551
+CVE-2015-7551 (The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby befor ...)
 	- ruby1.9.1 <removed>
 	[wheezy] - ruby1.9.1 <no-dsa> (Minor issue)
 	[squeeze] - ruby1.9.1 <not-affected> (DL already fixed with CVE-2009-5147, Fiddle does not have vulnerable code)
@@ -5666,12 +5666,12 @@ CVE-2015-7551
 	[jessie] - ruby2.1 2.1.5-2+deb8u3
 	- ruby2.2 2.2.4-1 (bug #796551)
 	NOTE: https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/
-CVE-2015-7550
+CVE-2015-7550 (The keyctl_read_key function in security/keys/keyctl.c in the Linux ke ...)
 	{DSA-3434-1 DLA-378-1}
 	- linux 4.3.3-3
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/linus/b4a1b4f5047e4f54e194681125c74c0aa64d637d (v4.4-rc8)
-CVE-2015-7549
+CVE-2015-7549 (The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) a ...)
 	{DSA-3471-1}
 	- qemu 1:2.5+dfsg-1 (bug #808131)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -5681,19 +5681,19 @@ CVE-2015-7549
 	[squeeze] - qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=43b11a91dd861a946b231b89b7542856ade23d1b (v2.5.0-rc0)
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d35e428c8400f9ddc07e5a15ff19622c869b9ba0 (v1.2.0-rc0)
-CVE-2015-7548
+CVE-2015-7548 (OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0 ...)
 	- nova 2:13.0.0~rc3-1
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: Affects: Nova: <=2015.1.2, ==12.0.0
 	NOTE: https://bugs.launchpad.net/bugs/1524274
-CVE-2015-7547
+CVE-2015-7547 (Multiple stack-based buffer overflows in the (1) send_dg and (2) send_ ...)
 	{DSA-3481-1 DSA-3480-1 DLA-416-1}
 	- glibc 2.21-8
 	- eglibc <removed>
 	NOTE: https://googleonlinesecurity.blogspot.cz/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
 	NOTE: https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
-CVE-2015-7546
+CVE-2015-7546 (The identity service in OpenStack Identity (Keystone) before 2015.1.3  ...)
 	- keystone 2:9.0.0~rc2-1
 	[jessie] - keystone <no-dsa> (Too intrusive to backport, needs to switch to different token provider)
 	[wheezy] - keystone <no-dsa> (Too intrusive to backport, needs to switch to different token provider)
@@ -5702,9 +5702,9 @@ CVE-2015-7546
 	NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0062
 	NOTE: Keystone: <= 2015.1.2, >= 8.0.0 <= 8.0.1
 	NOTE: Keystonemiddleware: >= 1.5.0 <= 1.5.3, >= 1.6.0 <= 2.3.2
-CVE-2015-7544
+CVE-2015-7544 (redhat-support-plugin-rhev in Red Hat Enterprise Virtualization Manage ...)
 	NOT-FOR-US: redhat-support-plugin-rhev
-CVE-2015-7543
+CVE-2015-7543 (aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create tem ...)
 	{DLA-367-1 DLA-366-1}
 	- kde4libs <not-affected> (Fixed before the first release in Debian)
 	- kdelibs <removed>
@@ -5716,21 +5716,21 @@ CVE-2015-7542 [libgwenhywfar uses outdated bundled CA certificates]
 	- libgwenhywfar 4.12.0beta-3 (bug #748955; medium)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1272503
 	NOTE: Debian packaging fix: http://source.lenk.info/git/pkg-libgwenhywfar.git/commitdiff/86dacaae3a233f6ca3b420e0bfdb12eb5ef40b91
-CVE-2015-7541
+CVE-2015-7541 (The initialize method in the Histogram class in lib/colorscore/histogr ...)
 	NOT-FOR-US: colorscore gem for Ruby
-CVE-2015-7540
+CVE-2015-7540 (The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 ...)
 	{DSA-3433-1}
 	- samba 2:4.1.22+dfsg-1
 	[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.1.21)
 	[squeeze] - samba <not-affected> (Only affects 4.0.0 to 4.1.21)
 	NOTE: https://www.samba.org/samba/security/CVE-2015-7540.html
-CVE-2015-7539
+CVE-2015-7539 (The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 doe ...)
 	- jenkins <removed>
-CVE-2015-7538
+CVE-2015-7538 (Jenkins before 1.640 and LTS before 1.625.2 allow remote attackers to  ...)
 	- jenkins <removed>
-CVE-2015-7537
+CVE-2015-7537 (Cross-site request forgery (CSRF) vulnerability in Jenkins before 1.64 ...)
 	- jenkins <removed>
-CVE-2015-7536
+CVE-2015-7536 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.640 and L ...)
 	- jenkins <removed>
 CVE-2015-7535
 	REJECTED
@@ -5744,13 +5744,13 @@ CVE-2015-7531
 	REJECTED
 CVE-2015-7530
 	REJECTED
-CVE-2015-7529
+CVE-2015-7529 (sosreport in SoS 3.x allows local users to obtain sensitive informatio ...)
 	- sosreport 3.2+git276-g7da50d6-3 (unimportant)
 	NOTE: Neutralised by kernel hardening
-CVE-2015-7528
+CVE-2015-7528 (Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitr ...)
 	- kubernetes <not-affected> (Fixed before initial release to archive)
 	NOTE: https://github.com/kubernetes/kubernetes/pull/17886
-CVE-2015-7527
+CVE-2015-7527 (lib/core.php in the Cool Video Gallery plugin 1.9 for WordPress allows ...)
 	NOT-FOR-US: WordPress plugin cool-video-gallery
 CVE-2015-7526
 	REJECTED
@@ -5762,11 +5762,11 @@ CVE-2015-7523
 	REJECTED
 CVE-2015-7522
 	REJECTED
-CVE-2015-7521
+CVE-2015-7521 (The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, ...)
 	NOT-FOR-US: Apache Hive
-CVE-2015-7520
+CVE-2015-7520 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) RadioGr ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2015-7519
+CVE-2015-7519 (agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0. ...)
 	{DLA-1399-1 DLA-394-1}
 	- passenger 5.0.22-1 (bug #807354)
 	- ruby-passenger <removed> (bug #864651)
@@ -5774,35 +5774,35 @@ CVE-2015-7519
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=956281
 	NOTE: https://github.com/phusion/passenger/commit/c04590871ca0878d4d3ac1220c5a554b049056b4 (4.x)
 	NOTE: https://github.com/phusion/passenger/commit/ddb8ecc4ebf260e4967f57f271d4f5761abeac3e (5.x)
-CVE-2015-7518
+CVE-2015-7518 (Multiple cross-site scripting (XSS) vulnerabilities in information pop ...)
 	- foreman <itp> (bug #663101)
-CVE-2015-7517
+CVE-2015-7517 (Multiple SQL injection vulnerabilities in the Double Opt-In for Downlo ...)
 	NOT-FOR-US: Double Opt-In for Download plugin for WordPress
-CVE-2015-7516
+CVE-2015-7516 (ONOS before 1.5.0 when using the ifwd app allows remote attackers to c ...)
 	NOT-FOR-US: Onos
-CVE-2015-7515
+CVE-2015-7515 (The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linu ...)
 	{DSA-3607-1}
 	- linux 4.4.2-1
 	[wheezy] - linux 3.2.81-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1285326
 	NOTE: https://os-s.net/advisories/OSS-2016-05_aiptek.pdf
 	NOTE: Upstream commit: https://git.kernel.org/linus/8e20cf2bce122ce9262d6034ee5d5b76fbb92f96 (v4.4-rc6)
-CVE-2015-7514
+CVE-2015-7514 (OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after u ...)
 	- ironic 1:4.2.2-1 (bug #807269)
-CVE-2015-7513
+CVE-2015-7513 (arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the P ...)
 	{DSA-3434-1}
 	- linux 4.3.3-3
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: https://git.kernel.org/linus/0185604c2d82c560dab2f2933a18f797e74ab5a8 (v4.4-rc7)
-CVE-2015-7512
+CVE-2015-7512 (Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEM ...)
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-1 (bug #806741)
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg06341.html
-CVE-2015-7511
+CVE-2015-7511 (Libgcrypt before 1.6.5 does not properly perform elliptic-point curve  ...)
 	{DSA-3478-1 DSA-3474-1}
 	- libgcrypt20 1.6.5-2
 	- libgcrypt11 <removed>
@@ -5812,13 +5812,13 @@ CVE-2015-7511
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=de7db12fa04016e12dffb2b678632f45eba15ec4 (libgcrypt-1.6.5)
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=28eb424e4427b320ec1c9c4ce56af25d495230bd (libgcrypt-1.6.5)
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=88e1358962e902ff1cbec8d53ba3eee46407851a (master)
-CVE-2015-7510
+CVE-2015-7510 (Stack-based buffer overflow in the getpwnam and getgrnam functions of  ...)
 	- systemd 229-1
 	[jessie] - systemd <not-affected> (Vulnerable code introduced later, v223)
 	[wheezy] - systemd <not-affected> (Vulnerable code introduced later, v223)
 	NOTE: https://github.com/systemd/systemd/commit/cb31827d62066a04b02111df3052949fda4b6888 (v229)
 	NOTE: https://github.com/systemd/systemd/issues/2002
-CVE-2015-7509
+CVE-2015-7509 (fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proxi ...)
 	- linux 3.8-1~experimental.1
 	[wheezy] - linux 3.2.68-1
 	- linux-2.6 <removed>
@@ -5858,7 +5858,7 @@ CVE-2015-7505 [stack overflow]
 	- netsurf 3.2+dfsg-3 (bug #810491)
 	[jessie] - netsurf <no-dsa> (netsurf already relies only entirely unsupported mozjs)
 	[wheezy] - netsurf <no-dsa> (netsurf already relies only entirely unsupported mozjs)
-CVE-2015-7504
+CVE-2015-7504 (Heap-based buffer overflow in the pcnet_receive function in hw/net/pcn ...)
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-1 (bug #806742)
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -5866,33 +5866,33 @@ CVE-2015-7504
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg06342.html
 	NOTE: Xen not affected in wheezy, CVE covered by XSA-162: https://marc.info/?l=oss-security&m=144888089404618&w=2
-CVE-2015-7503
+CVE-2015-7503 (Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2. ...)
 	NOT-FOR-US: php-zend-crypt
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-10
-CVE-2015-7502
+CVE-2015-7502 (Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 and CloudForms 4 ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2015-7500
+CVE-2015-7500 (The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows c ...)
 	{DSA-3430-1 DLA-373-1}
 	- libxml2 2.9.3+dfsg1-1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f (v2.9.3)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756525 (upstream bug not yet open)
-CVE-2015-7499
+CVE-2015-7499 (Heap-based buffer overflow in the xmlGROW function in parser.c in libx ...)
 	{DSA-3430-1 DLA-373-1}
 	- libxml2 2.9.3+dfsg1-1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc (v2.9.3)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da (v2.9.3)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756479 (upstream bug not yet open)
-CVE-2015-7498
+CVE-2015-7498 (Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c ...)
 	{DSA-3430-1 DLA-373-1}
 	- libxml2 2.9.3+dfsg1-1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43 (v2.9.3)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756527 (upstream bug not yet open)
-CVE-2015-7497
+CVE-2015-7497 (Heap-based buffer overflow in the xmlDictComputeFastQKey function in d ...)
 	{DSA-3430-1 DLA-373-1}
 	- libxml2 2.9.3+dfsg1-1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9 (v2.9.3)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756528 (upstream bug not yet open)
-CVE-2015-7496
+CVE-2015-7496 (GNOME Display Manager (gdm) before 3.18.2 allows physically proximate  ...)
 	- gdm3 3.18.2-1
 	[jessie] - gdm3  <not-affected> (Vulnerable code not present, unreproducible)
 	[wheezy] - gdm3  <not-affected> (Vulnerable code not present, unreproducible)
@@ -5902,27 +5902,27 @@ CVE-2015-7496
 	NOTE: https://git.gnome.org/browse/gdm/commit/?id=05e5fc2
 CVE-2015-7495
 	RESERVED
-CVE-2015-7494
+CVE-2015-7494 (A vulnerability has been identified in IBM Cloud Orchestrator services ...)
 	NOT-FOR-US: IBM
-CVE-2015-7493
+CVE-2015-7493 (IBM InfoSphere Information Server could allow a local user under speci ...)
 	NOT-FOR-US: IBM
-CVE-2015-7492
+CVE-2015-7492 (Cross-site scripting (XSS) vulnerability in Reference Data Management  ...)
 	NOT-FOR-US: IBM
-CVE-2015-7491
+CVE-2015-7491 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x ...)
 	NOT-FOR-US: IBM
-CVE-2015-7490
+CVE-2015-7490 (IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9. ...)
 	NOT-FOR-US: IBM
-CVE-2015-7489
+CVE-2015-7489 (IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses  ...)
 	NOT-FOR-US: IBM
-CVE-2015-7488
+CVE-2015-7488 (IBM Spectrum Scale 4.1.1.x before 4.1.1.4 and 4.2.x before 4.2.0.1, in ...)
 	NOT-FOR-US: IBM
-CVE-2015-7487
+CVE-2015-7487 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7486
+CVE-2015-7486 (Cross-site scripting (XSS) vulnerability in IBM Rational Engineering L ...)
 	NOT-FOR-US: IBM Rational Engineering Lifecycle Manager
-CVE-2015-7485
+CVE-2015-7485 (Cross-site scripting (XSS) vulnerability in IBM Rational Engineering L ...)
 	NOT-FOR-US: IBM Rational Engineering Lifecycle Manager
-CVE-2015-7484
+CVE-2015-7484 (IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 In ...)
 	NOT-FOR-US: IBM Rational Engineering Lifecycle Manager
 CVE-2015-7483
 	RESERVED
@@ -5942,244 +5942,244 @@ CVE-2015-7476
 	RESERVED
 CVE-2015-7475
 	RESERVED
-CVE-2015-7474
+CVE-2015-7474 (Cross-site scripting (XSS) vulnerability in Jazz Foundation in IBM Rat ...)
 	NOT-FOR-US: IBM Rational Engineering Lifecycle Manager
-CVE-2015-7473
+CVE-2015-7473 (runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to b ...)
 	NOT-FOR-US: IBM
-CVE-2015-7472
+CVE-2015-7472 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7471
+CVE-2015-7471 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
 	NOT-FOR-US: IBM
-CVE-2015-7470
+CVE-2015-7470 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Ra ...)
 	NOT-FOR-US: IBM
-CVE-2015-7469
+CVE-2015-7469 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Ra ...)
 	NOT-FOR-US: IBM
-CVE-2015-7468
+CVE-2015-7468 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Ra ...)
 	NOT-FOR-US: IBM
-CVE-2015-7467
+CVE-2015-7467 (Cross-site scripting (XSS) vulnerability in Report Builder in IBM Jazz ...)
 	NOT-FOR-US: IBM
-CVE-2015-7466
+CVE-2015-7466 (Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 b ...)
 	NOT-FOR-US: IBM
-CVE-2015-7465
+CVE-2015-7465 (Cross-site request forgery (CSRF) vulnerability in Lifecycle Query Eng ...)
 	NOT-FOR-US: IBM
-CVE-2015-7464
+CVE-2015-7464 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Ra ...)
 	NOT-FOR-US: IBM
-CVE-2015-7463
+CVE-2015-7463 (IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 t ...)
 	NOT-FOR-US: IBM
-CVE-2015-7462
+CVE-2015-7462 (IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to disc ...)
 	NOT-FOR-US: IBM
-CVE-2015-7461
+CVE-2015-7461 (XML external entity (XXE) vulnerability in IBM Connections 3.0.1.1 and ...)
 	NOT-FOR-US: IBM
-CVE-2015-7460
+CVE-2015-7460 (Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 an ...)
 	NOT-FOR-US: IBM
-CVE-2015-7459
+CVE-2015-7459 (Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 an ...)
 	NOT-FOR-US: IBM
-CVE-2015-7458
+CVE-2015-7458 (Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 an ...)
 	NOT-FOR-US: IBM
-CVE-2015-7457
+CVE-2015-7457 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x ...)
 	NOT-FOR-US: IBM
-CVE-2015-7456
+CVE-2015-7456 (IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote au ...)
 	NOT-FOR-US: IBM
-CVE-2015-7455
+CVE-2015-7455 (IBM WebSphere Portal 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF ...)
 	NOT-FOR-US: IBM
-CVE-2015-7454
+CVE-2015-7454 (Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7453
+CVE-2015-7453 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
 	NOT-FOR-US: IBM
-CVE-2015-7452
+CVE-2015-7452 (IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6. ...)
 	NOT-FOR-US: IBM
-CVE-2015-7451
+CVE-2015-7451 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM
-CVE-2015-7450
+CVE-2015-7450 (Serialized-object interfaces in certain IBM analytics, business soluti ...)
 	NOT-FOR-US: IBM
-CVE-2015-7449
+CVE-2015-7449 (IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7448
+CVE-2015-7448 (SQL injection vulnerability in IBM Maximo Asset Management 7.1 through ...)
 	NOT-FOR-US: IBM
-CVE-2015-7447
+CVE-2015-7447 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7446
+CVE-2015-7446 (Cross-site request forgery (CSRF) vulnerability in IBM Flash System V9 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7445
+CVE-2015-7445 (IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B A ...)
 	NOT-FOR-US: IBM
-CVE-2015-7444
+CVE-2015-7444 (The Update Installer in IBM WebSphere Commerce Enterprise 7.0.0.8 and  ...)
 	NOT-FOR-US: IBM
 CVE-2015-7443
 	RESERVED
-CVE-2015-7442
+CVE-2015-7442 (consoleinst.sh in IBM Installation Manager before 1.7.4.4 and 1.8.x be ...)
 	NOT-FOR-US: IBM
-CVE-2015-7441
+CVE-2015-7441 (Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and Bus ...)
 	NOT-FOR-US: IBM
-CVE-2015-7440
+CVE-2015-7440 (IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7439
+CVE-2015-7439 (Cross-site scripting (XSS) vulnerability in InfoSphere Data Architect  ...)
 	NOT-FOR-US: IBM
-CVE-2015-7438
+CVE-2015-7438 (IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive ...)
 	NOT-FOR-US: IBM
-CVE-2015-7437
+CVE-2015-7437 (Queue Watcher in IBM Sterling B2B Integrator 5.2 allows local users to ...)
 	NOT-FOR-US: IBM
-CVE-2015-7436
+CVE-2015-7436 (IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22,  ...)
 	NOT-FOR-US: IBM
-CVE-2015-7435
+CVE-2015-7435 (IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22,  ...)
 	NOT-FOR-US: IBM
-CVE-2015-7434
+CVE-2015-7434 (IBM Capacity Management Analytics 2.1.0.0 allows local users to discov ...)
 	NOT-FOR-US: IBM
-CVE-2015-7433
+CVE-2015-7433 (IBM Capacity Management Analytics 2.1.0.0 allows local users to discov ...)
 	NOT-FOR-US: IBM
-CVE-2015-7432
+CVE-2015-7432 (IBM Capacity Management Analytics 2.1.0.0 allows local users to decryp ...)
 	NOT-FOR-US: IBM
-CVE-2015-7431
+CVE-2015-7431 (Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM Sterl ...)
 	NOT-FOR-US: IBM
-CVE-2015-7430
+CVE-2015-7430 (The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for I ...)
 	NOT-FOR-US: IBM
-CVE-2015-7429
+CVE-2015-7429 (The Data Protection extension in the VMware GUI in IBM Tivoli Storage  ...)
 	NOT-FOR-US: IBM
-CVE-2015-7428
+CVE-2015-7428 (Open redirect vulnerability in IBM WebSphere Portal 8.0.x before 8.0.0 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7427
+CVE-2015-7427 (IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6. ...)
 	NOT-FOR-US: IBM
-CVE-2015-7426
+CVE-2015-7426 (The Data Protection extension in the VMware GUI in IBM Tivoli Storage  ...)
 	NOT-FOR-US: IBM
-CVE-2015-7425
+CVE-2015-7425 (The Data Protection component in the VMware vSphere GUI in IBM Tivoli  ...)
 	NOT-FOR-US: IBM
-CVE-2015-7424
+CVE-2015-7424 (IBM InfoSphere Master Data Management (MDM) - Collaborative Edition 9. ...)
 	NOT-FOR-US: IBM
-CVE-2015-7423
+CVE-2015-7423 (Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere  ...)
 	NOT-FOR-US: IBM
-CVE-2015-7422
+CVE-2015-7422 (Buffer overflow in IBM i Access 7.1 on Windows allows local users to c ...)
 	NOT-FOR-US: IBM i Access
-CVE-2015-7421
+CVE-2015-7421 (Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7420
+CVE-2015-7420 (Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7419
+CVE-2015-7419 (IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows  ...)
 	NOT-FOR-US: IBM
-CVE-2015-7418
+CVE-2015-7418 (IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance ...)
 	NOT-FOR-US: IBM
-CVE-2015-7417
+CVE-2015-7417 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2015-7416
+CVE-2015-7416 (AFP Workbench Viewer in IBM i Access 7.1 on Windows allows remote atta ...)
 	NOT-FOR-US: IBM
-CVE-2015-7415
+CVE-2015-7415 (Multiple cross-site scripting (XSS) vulnerabilities in IBM UrbanCode D ...)
 	NOT-FOR-US: IBM
-CVE-2015-7414
+CVE-2015-7414 (Cross-site scripting (XSS) vulnerability in the GDS component in IBM I ...)
 	NOT-FOR-US: IBM
-CVE-2015-7413
+CVE-2015-7413 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7412
+CVE-2015-7412 (The GatewayScript modules on IBM DataPower Gateways with software 7.2. ...)
 	NOT-FOR-US: IBM
-CVE-2015-7411
+CVE-2015-7411 (The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6. ...)
 	NOT-FOR-US: IBM
-CVE-2015-7410
+CVE-2015-7410 (The Health Check tool in IBM Sterling B2B Integrator 5.2 does not prop ...)
 	NOT-FOR-US: IBM
-CVE-2015-7409
+CVE-2015-7409 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7408
+CVE-2015-7408 (The server in IBM Spectrum Protect (aka Tivoli Storage Manager) 5.5 an ...)
 	NOT-FOR-US: IBM
-CVE-2015-7407
+CVE-2015-7407 (Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in IB ...)
 	NOT-FOR-US: IBM
 CVE-2015-7406
 	RESERVED
 CVE-2015-7405
 	RESERVED
-CVE-2015-7404
+CVE-2015-7404 (IBM Tivoli Storage Manager for Databases: Data Protection for Microsof ...)
 	NOT-FOR-US: IBM
-CVE-2015-7403
+CVE-2015-7403 (IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File Sy ...)
 	NOT-FOR-US: IBM
-CVE-2015-7402
+CVE-2015-7402 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program M ...)
 	NOT-FOR-US: IBM
-CVE-2015-7401
+CVE-2015-7401 (IBM Curam Social Program Management 6.1.x before 6.1.1.1 allows remote ...)
 	NOT-FOR-US: IBM
-CVE-2015-7400
+CVE-2015-7400 (The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote ...)
 	NOT-FOR-US: IBM
-CVE-2015-7399
+CVE-2015-7399 (IBM WebSphere Message Broker 7 before 7.0.0.8 and 8 before 8.0.0.6 and ...)
 	NOT-FOR-US: IBM
-CVE-2015-7398
+CVE-2015-7398 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Contract Mana ...)
 	NOT-FOR-US: IBM
-CVE-2015-7397
+CVE-2015-7397 (Multiple open redirect vulnerabilities in the Aurora starter store in  ...)
 	NOT-FOR-US: IBM
-CVE-2015-7396
+CVE-2015-7396 (The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 an ...)
 	NOT-FOR-US: IBM
-CVE-2015-7395
+CVE-2015-7395 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
 	NOT-FOR-US: IBM
-CVE-2015-7394
+CVE-2015-7394 (The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Cont ...)
 	NOT-FOR-US: BIG-IQ
-CVE-2015-7393
+CVE-2015-7393 (dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 t ...)
 	NOT-FOR-US: BIG-IP
-CVE-2015-7392
+CVE-2015-7392 (Heap-based buffer overflow in the parse_string function in libs/esl/sr ...)
 	- freeswitch <itp> (bug #389591)
-CVE-2015-7391
+CVE-2015-7391 (Multiple cross-site scripting (XSS) vulnerabilities in TestLink before ...)
 	NOT-FOR-US: TestLink
-CVE-2015-7390
+CVE-2015-7390 (SQL injection vulnerability in TestLink before 1.9.14 allows remote at ...)
 	NOT-FOR-US: TestLink
 CVE-2015-7389
 	RESERVED
 CVE-2015-7388
 	RESERVED
-CVE-2015-7387
+CVE-2015-7387 (ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and earlier allow ...)
 	NOT-FOR-US: ZOHO ManageEngine EventLog Analyzer
-CVE-2015-7386
+CVE-2015-7386 (Multiple cross-site scripting (XSS) vulnerabilities in includes/metabo ...)
 	NOT-FOR-US: Gallery - Photo Albums - Portfolio plugin for WordPress
-CVE-2015-7385
+CVE-2015-7385 (Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard befo ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2015-7384
+CVE-2015-7384 (Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a den ...)
 	- nodejs 4.1.1~dfsg-3 (bug #800580)
 	[jessie] - nodejs <not-affected> (Vulnerability not present)
 	NOTE: https://groups.google.com/forum/#!topic/nodejs-sec/fSNEQiuof6I
-CVE-2015-8076
+CVE-2015-8076 (The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3. ...)
 	- cyrus-imapd-2.4 2.4.17+nocaldav-2
 	[jessie] - cyrus-imapd-2.4 2.4.17+nocaldav-0~deb8u1
 	[wheezy] - cyrus-imapd-2.4 <no-dsa> (Minor issue; can be fixed alone in a future DLA)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/29/2
 	NOTE: https://cyrus.foundation/cyrus-imapd/commit/?id=07de4ff1bf2fa340b9d77b8e7de8d43d47a33921
 	NOTE: https://cyrus.foundation/cyrus-imapd/commit/?id=c21e179c1f6b968fe69bebe079176714e511587b
-CVE-2015-7383
+CVE-2015-7383 (Multiple cross-site scripting (XSS) vulnerabilities in Web Reference D ...)
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-7382
+CVE-2015-7382 (SQL injection vulnerability in install.php in Web Reference Database ( ...)
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-7381
+CVE-2015-7381 (Multiple PHP remote file inclusion vulnerabilities in install.php in W ...)
 	NOT-FOR-US: Web Reference Database (aka refbase)
 CVE-2015-7380
 	RESERVED
 CVE-2015-7379
 	RESERVED
-CVE-2015-7378
+CVE-2015-7378 (Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "P ...)
 	NOT-FOR-US: Panda Security
-CVE-2015-7377
+CVE-2015-7377 (Cross-site scripting (XSS) vulnerability in pie-register/pie-register. ...)
 	NOT-FOR-US: Pie Register plugin for WordPress
 CVE-2015-7376
 	RESERVED
-CVE-2015-7375
+CVE-2015-7375 (Schneider Electric InduSoft Web Studio before 8.0 allows remote attack ...)
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-7374
+CVE-2015-7374 (The Remote Agent component in Schneider Electric InduSoft Web Studio b ...)
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-7373
+CVE-2015-7373 (Cross-site scripting (XSS) vulnerability in the "magic-macros" feature ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7372
+CVE-2015-7372 (Directory traversal vulnerability in delivery-dev/al.php in Revive Ads ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7371
+CVE-2015-7371 (Revive Adserver before 3.2.2 does not restrict access to run-mpe.php,  ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7370
+CVE-2015-7370 (Multiple cross-site scripting (XSS) vulnerabilities in open-flash-char ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7369
+CVE-2015-7369 (The default Flash cross-domain policy (crossdomain.xml) in Revive Adse ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7368
+CVE-2015-7368 (Revive Adserver before 3.2.2 does not send the appropriate Cache-Contr ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7367
+CVE-2015-7367 (Revive Adserver before 3.2.2 allows remote attackers to perform unspec ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7366
+CVE-2015-7366 (Multiple cross-site request forgery (CSRF) vulnerabilities in Revive A ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7365
+CVE-2015-7365 (Cross-site scripting (XSS) vulnerability in the plugin upgrade form in ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7364
+CVE-2015-7364 (The HTML_Quickform library, as used in Revive Adserver before 3.2.2, a ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2015-7363
+CVE-2015-7363 (Cross-site scripting (XSS) vulnerability in the advanced settings page ...)
 	NOT-FOR-US: Fortinet
-CVE-2015-7362
+CVE-2015-7362 (Fortinet FortiClient Linux SSLVPN before build 2313, when installed on ...)
 	NOT-FOR-US: Fortinet
-CVE-2015-7361
+CVE-2015-7361 (FortiOS 5.2.3, when configured to use High Availability (HA) and the d ...)
 	NOT-FOR-US: FortiOS
-CVE-2015-7360
+CVE-2015-7360 (Multiple cross-site scripting (XSS) vulnerabilities in the Web User In ...)
 	NOT-FOR-US: Fortinet
 CVE-2015-XXXX [DoS]
 	- libemail-address-perl 1.908-1
@@ -6194,11 +6194,11 @@ CVE-2015-XXXX [DoS]
 	NOTE: See CVE-2015-7686 for the underlying CWE-407 ("Algorithmic Complexity")
 	NOTE: issue still present in 1.908
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/02/13
-CVE-2015-7359
+CVE-2015-7359 (The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in ...)
 	NOT-FOR-US: TrueCrypt
-CVE-2015-7358
+CVE-2015-7358 (The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7. ...)
 	NOT-FOR-US: TrueCrypt
-CVE-2015-7357
+CVE-2015-7357 (Cross-site scripting (XSS) vulnerability in the uDesign (aka U-Design) ...)
 	NOT-FOR-US: uDesign
 CVE-2015-7356
 	RESERVED
@@ -6214,13 +6214,13 @@ CVE-2015-7351
 	RESERVED
 CVE-2015-7350
 	RESERVED
-CVE-2015-7349
+CVE-2015-7349 (Cross-site scripting (XSS) vulnerability in the sample feedback.inc fi ...)
 	NOT-FOR-US: Citrix
-CVE-2015-7348
+CVE-2015-7348 (Cross-site scripting (XSS) vulnerability in zTree 3.5.19.1 and possibl ...)
 	NOT-FOR-US: zTree
-CVE-2015-7347
+CVE-2015-7347 (Cross-site scripting (XSS) vulnerability in ZCMS JavaServer Pages Cont ...)
 	NOT-FOR-US: ZCMS
-CVE-2015-7346
+CVE-2015-7346 (SQL injection vulnerability in ZCMS 1.1. ...)
 	NOT-FOR-US: ZCMS
 CVE-2015-7345
 	RESERVED
@@ -6248,59 +6248,59 @@ CVE-2015-7333
 	RESERVED
 CVE-2015-7332
 	RESERVED
-CVE-2015-7331
+CVE-2015-7331 (The mcollective-puppet-agent plugin before 1.11.1 for Puppet allows re ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
 	NOTE: https://puppet.com/security/cve/cve-2015-7331
-CVE-2015-7330
+CVE-2015-7330 (Puppet Enterprise 2015.3 before 2015.3.1 allows remote attackers to by ...)
 	NOT-FOR-US: Puppet Enterprise (Puppet Communications Protocol broker)
 CVE-2015-7329
 	RESERVED
-CVE-2015-7328
+CVE-2015-7328 (Puppet Server in Puppet Enterprise before 3.8.x before 3.8.3 and 2015. ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2015-7327
+CVE-2015-7327 (Mozilla Firefox before 41.0 does not properly restrict the availabilit ...)
 	- iceweasel <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-114/
-CVE-2015-7326
+CVE-2015-7326 (XML External Entity (XXE) vulnerability in Milton Webdav before 2.7.0. ...)
 	NOT-FOR-US: Milton Webdav
 CVE-2015-7325
 	RESERVED
-CVE-2015-7324
+CVE-2015-7324 (Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment ...)
 	NOT-FOR-US: StackIdeas Komento component for Joomla!
-CVE-2015-7323
+CVE-2015-7323 (The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (form ...)
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2015-7322
+CVE-2015-7322 (The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (form ...)
 	NOT-FOR-US: Pulse Connect Secure
 CVE-2015-7321
 	RESERVED
-CVE-2015-7320
+CVE-2015-7320 (Multiple cross-site scripting (XSS) vulnerabilities in cpabc_appointme ...)
 	NOT-FOR-US: Appointment Booking Calendar plugin for WordPress
-CVE-2015-7319
+CVE-2015-7319 (SQL injection vulnerability in cpabc_appointments_admin_int_calendar_l ...)
 	NOT-FOR-US: Appointment Booking Calendar plugin for WordPress
-CVE-2015-7318
+CVE-2015-7318 (Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers in ...)
 	NOT-FOR-US: Plone
-CVE-2015-7317
+CVE-2015-7317 (Kupu 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, a ...)
 	NOT-FOR-US: Plone
-CVE-2015-7316
+CVE-2015-7316 (Cross-site scripting (XSS) vulnerability in Plone 3.3.0 through 3.3.6, ...)
 	NOT-FOR-US: Plone
-CVE-2015-7315
+CVE-2015-7315 (Plone 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6,  ...)
 	NOT-FOR-US: Plone
-CVE-2015-7310
+CVE-2015-7310 (McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/ ...)
 	NOT-FOR-US: McAfee
-CVE-2015-7309
+CVE-2015-7309 (The theme editor in Bolt before 2.2.5 does not check the file extensio ...)
 	NOT-FOR-US: Bolt CMS
-CVE-2015-7314
+CVE-2015-7314 (The Precious module in gollum before 4.0.1 allows remote attackers to  ...)
 	NOT-FOR-US: Gollum wiki
 CVE-2015-7308
 	RESERVED
-CVE-2015-7307
+CVE-2015-7307 (Cross-site scripting (XSS) vulnerability in the CMS Updater module 7.x ...)
 	NOT-FOR-US: CMS Updater module for Drupal
-CVE-2015-7306
+CVE-2015-7306 (The CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal does not prop ...)
 	NOT-FOR-US: CMS Updater module for Drupal
-CVE-2015-7305
+CVE-2015-7305 (The Scald module 7.x-1.x before 7.x-1.5 for Drupal does not properly r ...)
 	NOT-FOR-US: Scald module for Drupal
-CVE-2015-7304
+CVE-2015-7304 (Cross-site scripting (XSS) vulnerability in the amoCRM module 7.x-1.x  ...)
 	NOT-FOR-US: amoCRM module for Drupal
-CVE-2015-7303
+CVE-2015-7303 (Use-after-free vulnerability in the Update Manager service in Avira Ma ...)
 	NOT-FOR-US: Avira
 CVE-2015-7302
 	RESERVED
@@ -6308,18 +6308,18 @@ CVE-2015-7301
 	RESERVED
 CVE-2015-7300
 	RESERVED
-CVE-2015-7299
+CVE-2015-7299 (SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 bla ...)
 	NOT-FOR-US: K2
-CVE-2015-7298
+CVE-2015-7298 (ownCloud Desktop Client before 2.0.1, when compiled with a Qt release  ...)
 	- owncloud-client 2.0.0+dfsg-1
 	[jessie] - owncloud-client <not-affected> (not compiled with a Qt release greater than 5.3.x)
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-016
-CVE-2015-7297
+CVE-2015-7297 (SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote  ...)
 	NOT-FOR-US: Joomla!
 CVE-2015-XXXX [Privilege escalation via core-gui]
 	- core-network <removed> (bug #799756)
 	NOTE: http://pf.itd.nrl.navy.mil/pipermail/core-users/2015-August/001837.html
-CVE-2015-7313
+CVE-2015-7313 (LibTIFF allows remote attackers to cause a denial of service (memory c ...)
 	- tiff 4.0.7-1 (bug #800124)
 	[jessie] - tiff <ignored> (Minor issue)
 	[wheezy] - tiff <not-affected> (Can't reproduce)
@@ -6329,158 +6329,158 @@ CVE-2015-7313
 	NOTE: Test file here: https://marc.info/?l=oss-security&m=144284777006804&q=p6
 	NOTE: Reproduce with "ltrace -e realloc tiffdither /tmp/oom.tif /dev/null"
 	NOTE: at the end you see "libtiff.so.5->realloc(0, 1636178024)"
-CVE-2015-7311
+CVE-2015-7311 (libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly ...)
 	{DSA-3414-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[wheezy] - xen <no-dsa> (Minor issue, xl not used in wheezy)
 	[squeeze] - xen <not-affected> (Only affects 4.1 and later)
 	NOTE: http://xenbits.xen.org/xsa/advisory-142.html
-CVE-2015-7296
+CVE-2015-7296 (Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 an ...)
 	NOT-FOR-US: Securifi Almond devices
-CVE-2015-7294
+CVE-2015-7294 (ldapauth-fork before 2.3.3 allows remote attackers to perform LDAP inj ...)
 	NOT-FOR-US: NodeJS ldapauth
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/18/4
 	NOTE: https://github.com/vesse/node-ldapauth-fork/issues/21
 	NOTE: https://github.com/vesse/node-ldapauth-fork/commit/3feea43e243698bcaeffa904a7324f4d96df60e4
 	NOTE: https://nodesecurity.io/advisories/19
-CVE-2015-7293
+CVE-2015-7293 (Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Man ...)
 	NOT-FOR-US: Zope Management Interface
-CVE-2015-7292
+CVE-2015-7292 (Stack-based buffer overflow in the havok_write function in drivers/sta ...)
 	NOT-FOR-US: Amazon Fire OS
-CVE-2015-7291
+CVE-2015-7291 (Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the  ...)
 	NOT-FOR-US: Arris
-CVE-2015-7290
+CVE-2015-7290 (Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web man ...)
 	NOT-FOR-US: Arris
-CVE-2015-7289
+CVE-2015-7289 (Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_10061 ...)
 	NOT-FOR-US: Arris
-CVE-2015-7288
+CVE-2015-7288 (CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allo ...)
 	NOT-FOR-US: CSL DualCom
-CVE-2015-7287
+CVE-2015-7287 (CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use  ...)
 	NOT-FOR-US: CSL DualCom
-CVE-2015-7286
+CVE-2015-7286 (CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely ...)
 	NOT-FOR-US: CSL DualCom
-CVE-2015-7285
+CVE-2015-7285 (CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do n ...)
 	NOT-FOR-US: CSL DualCom
-CVE-2015-7284
+CVE-2015-7284 (Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N devi ...)
 	NOT-FOR-US: ZyXEL
-CVE-2015-7283
+CVE-2015-7283 (The web administration interface on ZyXEL NBG-418N devices with firmwa ...)
 	NOT-FOR-US: ZyXEL
-CVE-2015-7282
+CVE-2015-7282 (ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source p ...)
 	NOT-FOR-US: ReadyNet
-CVE-2015-7281
+CVE-2015-7281 (Cross-site request forgery (CSRF) vulnerability on ReadyNet WRT300N-DD ...)
 	NOT-FOR-US: ReadyNet
-CVE-2015-7280
+CVE-2015-7280 (The web administration interface on ReadyNet WRT300N-DD devices with f ...)
 	NOT-FOR-US: ReadyNet
-CVE-2015-7279
+CVE-2015-7279 (Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper a ...)
 	NOT-FOR-US: Amped Wireless
-CVE-2015-7278
+CVE-2015-7278 (Cross-site request forgery (CSRF) vulnerability on Amped Wireless R100 ...)
 	NOT-FOR-US: Amped Wireless
-CVE-2015-7277
+CVE-2015-7277 (The web administration interface on Amped Wireless R10000 devices with ...)
 	NOT-FOR-US: Amped Wireless
 CVE-2015-7276
 	RESERVED
-CVE-2015-7275
+CVE-2015-7275 (Dell Integrated Remote Access Controller (iDRAC) 6 before 2.85 and 7/8 ...)
 	NOT-FOR-US: Dell iDRAC
-CVE-2015-7274
+CVE-2015-7274 (Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 allows  ...)
 	NOT-FOR-US: Dell iDRAC
-CVE-2015-7273
+CVE-2015-7273 (Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 ...)
 	NOT-FOR-US: Dell iDRAC
-CVE-2015-7272
+CVE-2015-7272 (Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 ...)
 	NOT-FOR-US: Dell iDRAC
-CVE-2015-7271
+CVE-2015-7271 (Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 ...)
 	NOT-FOR-US: Dell iDRAC
-CVE-2015-7270
+CVE-2015-7270 (Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 ...)
 	NOT-FOR-US: Dell iDRAC
-CVE-2015-7269
+CVE-2015-7269 (Seagate ST500LT015 hard disk drives, when operating in eDrive mode on  ...)
 	NOT-FOR-US: Seagate ST500LT015 hard disk drives
-CVE-2015-7268
+CVE-2015-7268 (Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 an ...)
 	NOT-FOR-US: Samsung
-CVE-2015-7267
+CVE-2015-7267 (Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 an ...)
 	NOT-FOR-US: Samsung
-CVE-2015-7266
+CVE-2015-7266 (The Interactive Advertising Bureau (IAB) OpenRTB 2.3 protocol implemen ...)
 	NOT-FOR-US: Interactive Advertising Bureau (IAB) OpenRTB
-CVE-2015-7265
+CVE-2015-7265 (Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request sta ...)
 	NOT-FOR-US: Facebook Proxygen
-CVE-2015-7264
+CVE-2015-7264 (The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a ce ...)
 	NOT-FOR-US: Facebook Proxygen
-CVE-2015-7263
+CVE-2015-7263 (The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote  ...)
 	NOT-FOR-US: Facebook Proxygen
-CVE-2015-7262
+CVE-2015-7262 (QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Stat ...)
 	NOT-FOR-US: QNAP
-CVE-2015-7261
+CVE-2015-7261 (The FTP service in QNAP iArtist Lite before 1.4.54, as distributed wit ...)
 	NOT-FOR-US: QNAP
-CVE-2015-7260
+CVE-2015-7260 (Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain ...)
 	NOT-FOR-US: Liebert MultiLink Automated Shutdown
-CVE-2015-7259
+CVE-2015-7259 (ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_ ...)
 	NOT-FOR-US: ZTE modems
-CVE-2015-7258
+CVE-2015-7258 (ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_ ...)
 	NOT-FOR-US: ZTE modems
-CVE-2015-7257
+CVE-2015-7257 (ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_ ...)
 	NOT-FOR-US: ZTE modems
-CVE-2015-7256
+CVE-2015-7256 (ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI ac ...)
 	NOT-FOR-US: ZyXEL
-CVE-2015-7255
+CVE-2015-7255 (ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, GAN9.8T101A-B ...)
 	NOT-FOR-US: ZTE
-CVE-2015-7254
+CVE-2015-7254 (Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s ...)
 	NOT-FOR-US: Huawei
-CVE-2015-7253
+CVE-2015-7253 (The Web Console in Commvault Edge Server 10 R2 allows remote attackers ...)
 	NOT-FOR-US: Commvault Edge Server
-CVE-2015-7252
+CVE-2015-7252 (Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ZXH ...)
 	NOT-FOR-US: ZTE router
-CVE-2015-7251
+CVE-2015-7251 (ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a har ...)
 	NOT-FOR-US: ZTE router
-CVE-2015-7250
+CVE-2015-7250 (Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H ...)
 	NOT-FOR-US: ZTE router
-CVE-2015-7249
+CVE-2015-7249 (ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remo ...)
 	NOT-FOR-US: ZTE router
-CVE-2015-7248
+CVE-2015-7248 (ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remo ...)
 	NOT-FOR-US: ZTE router
-CVE-2015-7247
+CVE-2015-7247 (D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 ...)
 	NOT-FOR-US: D-Link
-CVE-2015-7246
+CVE-2015-7246 (D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 ...)
 	NOT-FOR-US: D-Link
-CVE-2015-7245
+CVE-2015-7245 (Directory traversal vulnerability in D-Link DVG-N5402SP with firmware  ...)
 	NOT-FOR-US: D-Link
-CVE-2015-7244
+CVE-2015-7244 (The default configuration of the server in MobaXterm before 8.3 has a  ...)
 	NOT-FOR-US: MobaXterm
-CVE-2015-7243
+CVE-2015-7243 (Buffer overflow in Boxoft WAV to MP3 Converter allows remote attackers ...)
 	NOT-FOR-US: Boxoft
-CVE-2015-7242
+CVE-2015-7242 (Cross-site scripting (XSS) vulnerability in the Push-Service-Mails fea ...)
 	NOT-FOR-US: AVM
-CVE-2015-7241
+CVE-2015-7241 (XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01. ...)
 	NOT-FOR-US: SAP Netweaver
 CVE-2015-7240
 	RESERVED
-CVE-2015-7239
+CVE-2015-7239 (SQL injection vulnerability in the BP_FIND_JOBS_WITH_PROGRAM function  ...)
 	NOT-FOR-US: J2EE
-CVE-2015-7238
+CVE-2015-7238 (The Secondary server in Threat Intelligence Exchange (TIE) before 1.2. ...)
 	NOT-FOR-US: TIE
-CVE-2015-7237
+CVE-2015-7237 (Directory traversal vulnerability in the remote log viewing functional ...)
 	NOT-FOR-US: McAfee
-CVE-2015-7235
+CVE-2015-7235 (Multiple SQL injection vulnerabilities in dex_reservations.php in the  ...)
 	NOT-FOR-US: CP Reservation Calendar plugin for WordPress
-CVE-2015-7234
+CVE-2015-7234 (The OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontolog ...)
 	NOT-FOR-US: OSF module for Drupal
-CVE-2015-7233
+CVE-2015-7233 (Cross-site request forgery (CSRF) vulnerability in the OSF module 7.x- ...)
 	NOT-FOR-US: OSF module for Drupal
-CVE-2015-7232
+CVE-2015-7232 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
 	NOT-FOR-US: OSF module for Drupal
-CVE-2015-7231
+CVE-2015-7231 (The Commerce Commonwealth (CBA) module 7.x-1.x before 7.x-1.5 for Drup ...)
 	NOT-FOR-US: The Commerce Commonwealth module for Drupal
-CVE-2015-7230
+CVE-2015-7230 (The Workbench Email module 7.x-3.x before 7.x-3.4 for Drupal allows re ...)
 	NOT-FOR-US: Workbench Email module for Drupal
-CVE-2015-7229
+CVE-2015-7229 (The Twitter module 6.x-5.x before 6.x-5.2, 7.x-5.x before 7.x-5.9, and ...)
 	NOT-FOR-US: Twitter module for Drupal
-CVE-2015-7228
+CVE-2015-7228 (The RESTful module 7.x-1.x before 7.x-1.3 for Drupal does not properly ...)
 	NOT-FOR-US: RESTful module for Drupal
-CVE-2015-7227
+CVE-2015-7227 (The Fieldable Panels Panes module 7.x-1.x before 7.x-1.7 for Drupal do ...)
 	NOT-FOR-US: Fieldable Panels Panes module for Drupal
-CVE-2015-7226
+CVE-2015-7226 (The Administration Views module 7.x-1.x before 7.x-1.5 for Drupal chec ...)
 	NOT-FOR-US: Administration Views module for Drupal
-CVE-2015-7224
+CVE-2015-7224 (puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass  ...)
 	- puppet-module-puppetlabs-mysql 3.6.1-1
 	[jessie] - puppet-module-puppetlabs-mysql <not-affected> (Vulnerable code not present)
-CVE-2015-7295
+CVE-2015-7295 (hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support  ...)
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.4+dfsg-4 (bug #799452)
 	[jessie] - qemu <no-dsa> (Minor issue; can be fixed along in a later DSA)
@@ -6493,189 +6493,189 @@ CVE-2015-7295
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04729.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04730.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04731.html
-CVE-2015-7223
+CVE-2015-7223 (The WebExtension APIs in Mozilla Firefox before 43.0 allow remote atta ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-148/
-CVE-2015-7222
+CVE-2015-7222 (Integer underflow in the Metadata::setData function in MetaData.cpp in ...)
 	{DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-147/
 	NOTE: Probably specific to Android
-CVE-2015-7221
+CVE-2015-7221 (Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/ns ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-144/
-CVE-2015-7220
+CVE-2015-7220 (Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp i ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-144/
-CVE-2015-7219
+CVE-2015-7219 (The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-142/
-CVE-2015-7218
+CVE-2015-7218 (The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-142/
-CVE-2015-7217
+CVE-2015-7217 (The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux G ...)
 	- iceweasel <not-affected> (Iceweasel in Debian uses the system copy of gdk-pixbuf)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-143/
-CVE-2015-7216
+CVE-2015-7216 (The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux G ...)
 	- iceweasel <not-affected> (Iceweasel in Debian uses the system copy of gdk-pixbuf)
 	NOTE: Disabled in src:gdk-pixbuf in 2.31.7-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-143/
-CVE-2015-7215
+CVE-2015-7215 (The importScripts function in the Web Workers API implementation in Mo ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-140/
-CVE-2015-7214
+CVE-2015-7214 (Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow rem ...)
 	{DSA-3432-1 DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-149/
-CVE-2015-7213
+CVE-2015-7213 (Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4 ...)
 	{DSA-3432-1 DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-146/
-CVE-2015-7212
+CVE-2015-7212 (Integer overflow in the mozilla::layers::BufferTextureClient::Allocate ...)
 	{DSA-3432-1 DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-139/
-CVE-2015-7211
+CVE-2015-7211 (Mozilla Firefox before 43.0 mishandles the # (number sign) character i ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-141/
-CVE-2015-7210
+CVE-2015-7210 (Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefo ...)
 	{DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-138/
 CVE-2015-7209
 	REJECTED
-CVE-2015-7208
+CVE-2015-7208 (Mozilla Firefox before 43.0 stores cookies containing vertical tab cha ...)
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-04/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-137/
-CVE-2015-7207
+CVE-2015-7207 (Mozilla Firefox before 43.0 does not properly restrict the availabilit ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-136/
 CVE-2015-7206
 	REJECTED
-CVE-2015-7205
+CVE-2015-7205 (Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in  ...)
 	{DSA-3432-1 DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-145/
-CVE-2015-7204
+CVE-2015-7204 (Mozilla Firefox before 43.0 does not properly store the properties of  ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-135/
-CVE-2015-7203
+CVE-2015-7203 (Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData functio ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-144/
-CVE-2015-7202
+CVE-2015-7202 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-134/
-CVE-2015-7201
+CVE-2015-7201 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3432-1 DSA-3422-1}
 	- iceweasel 38.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-134/
-CVE-2015-7200
+CVE-2015-7200 (The CryptoKey interface implementation in Mozilla Firefox before 42.0  ...)
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/
-CVE-2015-7199
+CVE-2015-7199 (The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interp ...)
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/
-CVE-2015-7198
+CVE-2015-7198 (Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in ...)
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/
-CVE-2015-7197
+CVE-2015-7197 (Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperl ...)
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-132/
-CVE-2015-7196
+CVE-2015-7196 (Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a J ...)
 	{DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-130/
-CVE-2015-7195
+CVE-2015-7195 (The URL parsing implementation in Mozilla Firefox before 42.0 improper ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-129/
-CVE-2015-7194
+CVE-2015-7194 (Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox  ...)
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-128/
-CVE-2015-7193
+CVE-2015-7193 (Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperl ...)
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-127/
-CVE-2015-7192
+CVE-2015-7192 (The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X ...)
 	- iceweasel <not-affected> (Only affects Firefox on MacOS)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-126/
-CVE-2015-7191
+CVE-2015-7191 (Mozilla Firefox before 42.0 on Android improperly restricts URL string ...)
 	- iceweasel <not-affected> (Only affects Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-125/
-CVE-2015-7190
+CVE-2015-7190 (The Search feature in Mozilla Firefox before 42.0 on Android through 4 ...)
 	- iceweasel <not-affected> (Only affects Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-124/
-CVE-2015-7189
+CVE-2015-7189 (Race condition in the JPEGEncoder function in Mozilla Firefox before 4 ...)
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-123/
-CVE-2015-7188
+CVE-2015-7188 (Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow rem ...)
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-122/
-CVE-2015-7187
+CVE-2015-7187 (The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-121/
-CVE-2015-7186
+CVE-2015-7186 (Mozilla Firefox before 42.0 on Android allows user-assisted remote att ...)
 	- iceweasel <not-affected> (Only affects Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-120/
-CVE-2015-7185
+CVE-2015-7185 (Mozilla Firefox before 42.0 on Android does not ensure that the addres ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-119/
-CVE-2015-7184
+CVE-2015-7184 (The fetch API implementation in Mozilla Firefox before 41.0.2 does not ...)
 	- iceweasel <not-affected> (Affects only Firefox later than 38)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/
-CVE-2015-7183
+CVE-2015-7183 (Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape P ...)
 	{DSA-3406-1 DSA-3393-1 DLA-344-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -6694,7 +6694,7 @@ CVE-2015-7183
 	NOTE: Icedove, virtualbox(-ose)? have embedded copies of nspr.
 	NOTE: Fixes impact macros PL_ARENA_ALLOCATE and PL_ARENA_GROW, other packages need to be recompiled:
 	NOTE: jss (on wheezy/jessie) according to codesearch.debian.net
-CVE-2015-7182
+CVE-2015-7182 (Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Sec ...)
 	{DSA-3688-1 DSA-3410-1 DSA-3393-1 DLA-480-1 DLA-354-1}
 	- nss 2:3.20.1-1
 	NOTE: http://hg.mozilla.org/projects/nss/rev/4dc247276e58
@@ -6706,7 +6706,7 @@ CVE-2015-7182
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
 	NOTE: Patch for wheezy/jessie: https://lists.debian.org/debian-lts/2015/11/msg00098.html
-CVE-2015-7181
+CVE-2015-7181 (The sec_asn1d_parse_leaf function in Mozilla Network Security Services ...)
 	{DSA-3688-1 DSA-3410-1 DSA-3393-1 DLA-480-1 DLA-354-1}
 	- nss 2:3.20.1-1
 	NOTE: http://hg.mozilla.org/projects/nss/rev/8ac7f47eecbb
@@ -6717,33 +6717,33 @@ CVE-2015-7181
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
 	NOTE: Patch for wheezy/jessie: https://lists.debian.org/debian-lts/2015/11/msg00098.html
-CVE-2015-7180
+CVE-2015-7180 (The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before  ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-7179
+CVE-2015-7179 (The VertexBufferInterface::reserveVertexSpace function in libGLES in A ...)
 	- iceweasel <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-113/
-CVE-2015-7178
+CVE-2015-7178 (The ProgramBinary::linkAttributes function in libGLES in ANGLE, as use ...)
 	- iceweasel <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-113/
-CVE-2015-7177
+CVE-2015-7177 (The InitTextures function in Mozilla Firefox before 41.0 and Firefox E ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-7176
+CVE-2015-7176 (The AnimationThread function in Mozilla Firefox before 41.0 and Firefo ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-7175
+CVE-2015-7175 (The XULContentSinkImpl::AddText function in Mozilla Firefox before 41. ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-7174
+CVE-2015-7174 (The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41. ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -6860,183 +6860,183 @@ CVE-2015-7119
 	REJECTED
 CVE-2015-7118
 	RESERVED
-CVE-2015-7117
+CVE-2015-7117 (Apple QuickTime before 7.7.9 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7116
+CVE-2015-7116 (libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before  ...)
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
-CVE-2015-7115
+CVE-2015-7115 (libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before  ...)
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
 CVE-2015-7114
 	REJECTED
-CVE-2015-7113
+CVE-2015-7113 (The LaunchServices component in Apple iOS before 9.2 and watchOS befor ...)
 	NOT-FOR-US: Apple
-CVE-2015-7112
+CVE-2015-7112 (The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS ...)
 	NOT-FOR-US: Apple
-CVE-2015-7111
+CVE-2015-7111 (The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS ...)
 	NOT-FOR-US: Apple
-CVE-2015-7110
+CVE-2015-7110 (The Disk Images component in Apple OS X before 10.11.2 and tvOS before ...)
 	NOT-FOR-US: Apple
-CVE-2015-7109
+CVE-2015-7109 (IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 a ...)
 	NOT-FOR-US: Apple
-CVE-2015-7108
+CVE-2015-7108 (The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7107
+CVE-2015-7107 (QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remot ...)
 	NOT-FOR-US: Apple
-CVE-2015-7106
+CVE-2015-7106 (The Intel Graphics Driver component in Apple OS X before 10.11.2 allow ...)
 	NOT-FOR-US: Apple
-CVE-2015-7105
+CVE-2015-7105 (CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before ...)
 	NOT-FOR-US: Apple
-CVE-2015-7104
+CVE-2015-7104 (WebKit in Apple Safari before 9.0.2 and tvOS before 9.1 allows remote  ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2015-7103
+CVE-2015-7103 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7102
+CVE-2015-7102 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7101
+CVE-2015-7101 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7100
+CVE-2015-7100 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7099
+CVE-2015-7099 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7098
+CVE-2015-7098 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9 ...)
 	- webkit2gtk 2.10.5-1 (unimportant)
-CVE-2015-7097
+CVE-2015-7097 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7096
+CVE-2015-7096 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9 ...)
 	- webkit2gtk 2.10.5-1 (unimportant)
-CVE-2015-7095
+CVE-2015-7095 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7094
+CVE-2015-7094 (CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7093
+CVE-2015-7093 (Safari in Apple iOS before 9.2 allows remote attackers to spoof a URL  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7092
+CVE-2015-7092 (Apple QuickTime before 7.7.9 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7091
+CVE-2015-7091 (Apple QuickTime before 7.7.9 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7090
+CVE-2015-7090 (Apple QuickTime before 7.7.9 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7089
+CVE-2015-7089 (Apple QuickTime before 7.7.9 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7088
+CVE-2015-7088 (Apple QuickTime before 7.7.9 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7087
+CVE-2015-7087 (Apple QuickTime before 7.7.9 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7086
+CVE-2015-7086 (Apple QuickTime before 7.7.9 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7085
+CVE-2015-7085 (Apple QuickTime before 7.7.9 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-7084
+CVE-2015-7084 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7083
+CVE-2015-7083 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7082
+CVE-2015-7082 (Multiple unspecified vulnerabilities in Git before 2.5.4, as used in A ...)
 	NOT-FOR-US: Apple-specific git extension for Xcode
-CVE-2015-7081
+CVE-2015-7081 (iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote a ...)
 	NOT-FOR-US: Apple
-CVE-2015-7080
+CVE-2015-7080 (Siri in Apple iOS before 9.2 allows physically proximate attackers to  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7079
+CVE-2015-7079 (dyld in Apple iOS before 9.2 and tvOS before 9.1 mishandles segment va ...)
 	NOT-FOR-US: Apple
-CVE-2015-7078
+CVE-2015-7078 (Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11. ...)
 	NOT-FOR-US: Apple
-CVE-2015-7077
+CVE-2015-7077 (The Intel Graphics Driver component in Apple OS X before 10.11.2 allow ...)
 	NOT-FOR-US: Apple
-CVE-2015-7076
+CVE-2015-7076 (The Intel Graphics Driver component in Apple OS X before 10.11.2 allow ...)
 	NOT-FOR-US: Apple
-CVE-2015-7075
+CVE-2015-7075 (CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7074
+CVE-2015-7074 (CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and t ...)
 	NOT-FOR-US: Apple
-CVE-2015-7073
+CVE-2015-7073 (Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchO ...)
 	NOT-FOR-US: Apple
-CVE-2015-7072
+CVE-2015-7072 (dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7071
+CVE-2015-7071 (The File Bookmark component in Apple OS X before 10.11.2 allows attack ...)
 	NOT-FOR-US: Apple
-CVE-2015-7070
+CVE-2015-7070 (Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows a ...)
 	NOT-FOR-US: Apple
-CVE-2015-7069
+CVE-2015-7069 (Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows a ...)
 	NOT-FOR-US: Apple
-CVE-2015-7068
+CVE-2015-7068 (IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7067
+CVE-2015-7067 (IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to ...)
 	NOT-FOR-US: Apple
-CVE-2015-7066
+CVE-2015-7066 (OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1,  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7065
+CVE-2015-7065 (OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7064
+CVE-2015-7064 (OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1,  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7063
+CVE-2015-7063 (The kernel loader in EFI in Apple OS X before 10.11.2 allows local use ...)
 	NOT-FOR-US: Apple
-CVE-2015-7062
+CVE-2015-7062 (Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to byp ...)
 	NOT-FOR-US: Apple
-CVE-2015-7061
+CVE-2015-7061 (The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and w ...)
 	NOT-FOR-US: Apple
-CVE-2015-7060
+CVE-2015-7060 (The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and w ...)
 	NOT-FOR-US: Apple
-CVE-2015-7059
+CVE-2015-7059 (The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and w ...)
 	NOT-FOR-US: Apple
-CVE-2015-7058
+CVE-2015-7058 (Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 imprope ...)
 	NOT-FOR-US: Apple
-CVE-2015-7057
+CVE-2015-7057 (otools in Apple Xcode before 7.2 allows local users to gain privileges ...)
 	NOT-FOR-US: Apple
-CVE-2015-7056
+CVE-2015-7056 (IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, ...)
 	NOT-FOR-US: Apple
-CVE-2015-7055
+CVE-2015-7055 (AppleMobileFileIntegrity in Apple iOS before 9.2 and tvOS before 9.1 d ...)
 	NOT-FOR-US: Apple
-CVE-2015-7054
+CVE-2015-7054 (zlib in the Compression component in Apple iOS before 9.2, OS X before ...)
 	NOT-FOR-US: Apple
-CVE-2015-7053
+CVE-2015-7053 (ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, ...)
 	NOT-FOR-US: Apple
-CVE-2015-7052
+CVE-2015-7052 (kext tools in Apple OS X before 10.11.2 mishandles kernel-extension lo ...)
 	NOT-FOR-US: Apple
-CVE-2015-7051
+CVE-2015-7051 (MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 misha ...)
 	NOT-FOR-US: Apple
-CVE-2015-7050
+CVE-2015-7050 (WebKit in Apple iOS before 9.2 and Safari before 9.0.2 misparses conte ...)
 	NOT-FOR-US: Apple
-CVE-2015-7049
+CVE-2015-7049 (otools in Apple Xcode before 7.2 allows local users to gain privileges ...)
 	NOT-FOR-US: Apple
-CVE-2015-7048
+CVE-2015-7048 (WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7047
+CVE-2015-7047 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7046
+CVE-2015-7046 (The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11. ...)
 	NOT-FOR-US: Apple
-CVE-2015-7045
+CVE-2015-7045 (Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 impro ...)
 	NOT-FOR-US: Apple
-CVE-2015-7044
+CVE-2015-7044 (The System Integrity Protection feature in Apple OS X before 10.11.2 m ...)
 	NOT-FOR-US: Apple
-CVE-2015-7043
+CVE-2015-7043 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7042
+CVE-2015-7042 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7041
+CVE-2015-7041 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7040
+CVE-2015-7040 (The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7039
+CVE-2015-7039 (Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2,  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7038
+CVE-2015-7038 (Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2,  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7037
+CVE-2015-7037 (Directory traversal vulnerability in Mobile Backup in Photos in Apple  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7036
+CVE-2015-7036 (The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7035
+CVE-2015-7035 (Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and othe ...)
 	NOT-FOR-US: Apple
-CVE-2015-7034
+CVE-2015-7034 (The Apple iWork application before 2.6 for iOS and Apple Pages before  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7033
+CVE-2015-7033 (The Apple iWork application before 2.6 for iOS, Apple Keynote before 6 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7032
+CVE-2015-7032 (The Apple iWork application before 2.6 for iOS, Apple Keynote before 6 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7031
+CVE-2015-7031 (The Web Service component in Apple OS X Server before 5.0.15 omits an  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7030
+CVE-2015-7030 (The Swift implementation in Apple Xcode before 7.1 mishandles type con ...)
 	NOT-FOR-US: Apple
-CVE-2015-7029
+CVE-2015-7029 (Apple AirPort Base Station Firmware before 7.6.7 and 7.7.x before 7.7. ...)
 	NOT-FOR-US: Apple
 CVE-2015-7028
 	REJECTED
@@ -7046,139 +7046,139 @@ CVE-2015-7026
 	REJECTED
 CVE-2015-7025
 	REJECTED
-CVE-2015-7024
+CVE-2015-7024 (Untrusted search path vulnerability in Apple OS X before 10.11.1 allow ...)
 	NOT-FOR-US: Apple
-CVE-2015-7023
+CVE-2015-7023 (CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not pro ...)
 	NOT-FOR-US: Apple
-CVE-2015-7022
+CVE-2015-7022 (The Telephony subsystem in Apple iOS before 9.1 allows attackers to ob ...)
 	NOT-FOR-US: Apple
-CVE-2015-7021
+CVE-2015-7021 (The Graphics Drivers subsystem in Apple OS X before 10.11.1 allows loc ...)
 	NOT-FOR-US: Apple
-CVE-2015-7020
+CVE-2015-7020 (The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X befo ...)
 	NOT-FOR-US: Apple
-CVE-2015-7019
+CVE-2015-7019 (The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X befo ...)
 	NOT-FOR-US: Apple
-CVE-2015-7018
+CVE-2015-7018 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remo ...)
 	NOT-FOR-US: Apple
-CVE-2015-7017
+CVE-2015-7017 (CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes befo ...)
 	NOT-FOR-US: Apple
-CVE-2015-7016
+CVE-2015-7016 (The MCX Application Restrictions component in Apple OS X before 10.11. ...)
 	NOT-FOR-US: Apple
-CVE-2015-7015
+CVE-2015-7015 (Heap-based buffer overflow in the DNS client library in configd in App ...)
 	NOT-FOR-US: Apple
-CVE-2015-7014
+CVE-2015-7014 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTun ...)
 	NOT-FOR-US: Apple
-CVE-2015-7013
+CVE-2015-7013 (WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2015-7012
+CVE-2015-7012 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTun ...)
 	NOT-FOR-US: Apple
-CVE-2015-7011
+CVE-2015-7011 (WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2015-7010
+CVE-2015-7010 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remo ...)
 	NOT-FOR-US: Apple
-CVE-2015-7009
+CVE-2015-7009 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remo ...)
 	NOT-FOR-US: Apple
-CVE-2015-7008
+CVE-2015-7008 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remo ...)
 	NOT-FOR-US: Apple
-CVE-2015-7007
+CVE-2015-7007 (Script Editor in Apple OS X before 10.11.1 allows remote attackers to  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7006
+CVE-2015-7006 (Directory traversal vulnerability in the BOM (aka Bill of Materials) c ...)
 	NOT-FOR-US: Apple
-CVE-2015-7005
+CVE-2015-7005 (WebKit, as used in Apple iOS before 9.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Apple
-CVE-2015-7004
+CVE-2015-7004 (The kernel in Apple iOS before 9.1 allows attackers to cause a denial  ...)
 	NOT-FOR-US: Apple
-CVE-2015-7003
+CVE-2015-7003 (coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize a ...)
 	NOT-FOR-US: Apple
-CVE-2015-7002
+CVE-2015-7002 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTun ...)
 	NOT-FOR-US: Apple
-CVE-2015-7001
+CVE-2015-7001 (AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2015-7000
+CVE-2015-7000 (Notification Center in Apple iOS before 9.1 mishandles changes to "Sho ...)
 	NOT-FOR-US: Apple
-CVE-2015-6999
+CVE-2015-6999 (The OCSP client in Apple iOS before 9.1 does not check for certificate ...)
 	NOT-FOR-US: Apple
 CVE-2015-6998
 	REJECTED
-CVE-2015-6997
+CVE-2015-6997 (The X.509 certificate-trust implementation in Apple iOS before 9.1 doe ...)
 	NOT-FOR-US: Apple
-CVE-2015-6996
+CVE-2015-6996 (IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and  ...)
 	NOT-FOR-US: Apple
-CVE-2015-6995
+CVE-2015-6995 (The Disk Images component in Apple iOS before 9.1 and OS X before 10.1 ...)
 	NOT-FOR-US: Apple
-CVE-2015-6994
+CVE-2015-6994 (The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles  ...)
 	NOT-FOR-US: Apple
-CVE-2015-6993
+CVE-2015-6993 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remo ...)
 	NOT-FOR-US: Apple
-CVE-2015-6992
+CVE-2015-6992 (CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes befo ...)
 	NOT-FOR-US: Apple
-CVE-2015-6991
+CVE-2015-6991 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remo ...)
 	NOT-FOR-US: Apple
-CVE-2015-6990
+CVE-2015-6990 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remo ...)
 	NOT-FOR-US: Apple
-CVE-2015-6989
+CVE-2015-6989 (Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, a ...)
 	NOT-FOR-US: Apple
-CVE-2015-6988
+CVE-2015-6988 (The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not in ...)
 	NOT-FOR-US: Apple
-CVE-2015-6987
+CVE-2015-6987 (The File Bookmark component in Apple OS X before 10.11.1 allows local  ...)
 	NOT-FOR-US: Apple
-CVE-2015-6986
+CVE-2015-6986 (com.apple.driver.AppleVXD393 in the Graphics Driver subsystem in Apple ...)
 	NOT-FOR-US: Apple
-CVE-2015-6985
+CVE-2015-6985 (Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote a ...)
 	NOT-FOR-US: Apple
-CVE-2015-6984
+CVE-2015-6984 (libarchive in Apple OS X before 10.11.1 allows attackers to write to a ...)
 	NOT-FOR-US: Apple
-CVE-2015-6983
+CVE-2015-6983 (Double free vulnerability in Apple iOS before 9.1 and OS X before 10.1 ...)
 	NOT-FOR-US: Apple
-CVE-2015-6982
+CVE-2015-6982 (WebKit, as used in Apple iOS before 9.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Apple
-CVE-2015-6981
+CVE-2015-6981 (WebKit, as used in Apple iOS before 9.1, allows remote attackers to ex ...)
 	NOT-FOR-US: Apple
-CVE-2015-6980
+CVE-2015-6980 (Directory Utility in Apple OS X before 10.11.1 mishandles authenticati ...)
 	NOT-FOR-US: Apple
-CVE-2015-6979
+CVE-2015-6979 (GasGauge in Apple iOS before 9.1 allows attackers to execute arbitrary ...)
 	NOT-FOR-US: Apple
-CVE-2015-6978
+CVE-2015-6978 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remo ...)
 	NOT-FOR-US: Apple
-CVE-2015-6977
+CVE-2015-6977 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remo ...)
 	NOT-FOR-US: Apple
-CVE-2015-6976
+CVE-2015-6976 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remo ...)
 	NOT-FOR-US: Apple
-CVE-2015-6975
+CVE-2015-6975 (CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes befo ...)
 	NOT-FOR-US: Apple
-CVE-2015-6974
+CVE-2015-6974 (IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS  ...)
 	NOT-FOR-US: Apple
-CVE-2015-6973
+CVE-2015-6973 (Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite R ...)
 	NOT-FOR-US: Openfire
-CVE-2015-6972
+CVE-2015-6972 (Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime ...)
 	NOT-FOR-US: Openfire
-CVE-2015-6971
+CVE-2015-6971 (Lenovo System Update (formerly ThinkVantage System Update) before 5.07 ...)
 	NOT-FOR-US: Lenovo
 CVE-2015-6970
 	RESERVED
-CVE-2015-6969
+CVE-2015-6969 (Cross-site scripting (XSS) vulnerability in js/2k11.min.js in the 2k11 ...)
 	- serendipity <removed>
-CVE-2015-6968
+CVE-2015-6968 (Multiple incomplete blacklist vulnerabilities in the serendipity_isAct ...)
 	- serendipity <removed>
-CVE-2015-6967
+CVE-2015-6967 (Unrestricted file upload vulnerability in the My Image plugin in Nibbl ...)
 	NOT-FOR-US: Nibbleblog
-CVE-2015-6966
+CVE-2015-6966 (Multiple cross-site request forgery (CSRF) vulnerabilities in Nibblebl ...)
 	NOT-FOR-US: Nibbleblog
-CVE-2015-6965
+CVE-2015-6965 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Cont ...)
 	NOT-FOR-US: Contact Form Generator plugin for WordPress
 CVE-2015-6964
 	RESERVED
 CVE-2015-6963
 	REJECTED
-CVE-2015-6962
+CVE-2015-6962 (SQL injection vulnerability in the web application in Farol allows rem ...)
 	NOT-FOR-US: Farol
-CVE-2015-7236
+CVE-2015-7236 (Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in r ...)
 	{DSA-3366-1 DLA-311-1}
 	- rpcbind 0.2.1-6.1 (bug #799307)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=946204
 	NOTE: http://www.spinics.net/lists/linux-nfs/msg53045.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/17/1
-CVE-2015-6961
+CVE-2015-6961 (Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows  ...)
 	- web2py 2.12.3-1
 	[jessie] - web2py <ignored> (Minor issue)
 	[wheezy] - web2py <no-dsa> (Minor issue)
@@ -7186,7 +7186,7 @@ CVE-2015-6961
 	NOTE: https://github.com/web2py/web2py/issues/731
 CVE-2015-6960
 	RESERVED
-CVE-2015-6959
+CVE-2015-6959 (Cross-site scripting (XSS) vulnerability in Vindula 1.9. ...)
 	NOT-FOR-US: Vindula
 CVE-2015-6958
 	RESERVED
@@ -7206,59 +7206,59 @@ CVE-2015-6951
 	RESERVED
 CVE-2015-6950
 	RESERVED
-CVE-2015-6949
+CVE-2015-6949 (Stack-based buffer overflow in the ASUS TM-AC1900 router allows remote ...)
 	NOT-FOR-US: ASUS TM-AC1900 router
-CVE-2015-6948
+CVE-2015-6948 (Heap-based buffer overflow in the Microsoft Word document conversion f ...)
 	NOT-FOR-US: Corel WordPerfect
 CVE-2015-6947
 	REJECTED
-CVE-2015-6946
+CVE-2015-6946 (Multiple stack-based buffer overflows in the Reprise License Manager s ...)
 	NOT-FOR-US: Borland AccuRev
-CVE-2015-6945
+CVE-2015-6945 (Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador We ...)
 	NOT-FOR-US: JSP/MySQL Administrador Web 1
-CVE-2015-6944
+CVE-2015-6944 (Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administr ...)
 	NOT-FOR-US: JSP/MySQL Administrador Web 1
-CVE-2015-6943
+CVE-2015-6943 (SQL injection vulnerability in the serendipity_checkCommentToken funct ...)
 	- serendipity <removed>
-CVE-2015-6942
+CVE-2015-6942 (Cross-site scripting (XSS) vulnerability in Coremail XT3.0 allows remo ...)
 	NOT-FOR-US: Coremail
-CVE-2015-6941
+CVE-2015-6941 (win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before  ...)
 	- salt 2015.8.1+ds-1
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html
 	NOTE: https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710
-CVE-2015-6940
+CVE-2015-6940 (The GetResource servlet in Pentaho Business Analytics (BA) Suite 4.5.x ...)
 	NOT-FOR-US: Pentaho
-CVE-2015-7989
+CVE-2015-7989 (Cross-site scripting (XSS) vulnerability in the user list table in Wor ...)
 	{DSA-3383-1 DSA-3375-1 DLA-321-1}
 	- wordpress 4.3.1+dfsg-1 (bug #799140)
 	NOTE: https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/26/7
-CVE-2015-7337
+CVE-2015-7337 (The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x ...)
 	- ipython <not-affected> (Affects versions 3.0 to 3.2.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/16/3
-CVE-2015-7940
+CVE-2015-7940 (The Bouncy Castle Java library before 1.51 does not validate a point i ...)
 	{DSA-3417-1 DLA-361-1}
 	- bouncycastle 1.51-1 (bug #802671)
 	NOTE: https://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html
 	NOTE: Commits: https://github.com/bcgit/bc-java/commit/5cb2f05
 	NOTE: Possibly needed to include as well: https://github.com/bcgit/bc-java/commit/e25e94a
 	NOTE: Peter Dettman <peter.dettman@bouncycastle.org> offered to assist if backporting fails and to review the result.
-CVE-2015-6939
+CVE-2015-6939 (Cross-site scripting (XSS) vulnerability in the login module in Joomla ...)
 	NOT-FOR-US: Joomla!
 CVE-2015-6936
 	RESERVED
 CVE-2015-6935
 	REJECTED
-CVE-2015-6934
+CVE-2015-6934 (Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCen ...)
 	NOT-FOR-US: VMware
-CVE-2015-6933
+CVE-2015-6933 (The VMware Tools HGFS (aka Shared Folders) implementation in VMware Wo ...)
 	NOT-FOR-US: VMware
-CVE-2015-6932
+CVE-2015-6932 (VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify  ...)
 	NOT-FOR-US: VMware
-CVE-2015-6931
+CVE-2015-6931 (Cross-site scripting (XSS) vulnerability in the vSphere Web Client in  ...)
 	NOT-FOR-US: VMware
-CVE-2015-8871
+CVE-2015-8871 (Use-after-free vulnerability in the opj_j2k_write_mco function in j2k. ...)
 	{DSA-3665-1}
 	- openjpeg2 2.1.1-1 (bug #800149)
 	- openjpeg <not-affected> (Vulnerable code not present; opj_j2k_write_mco function)
@@ -7268,27 +7268,27 @@ CVE-2015-8871
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/15/4
 CVE-2015-6930
 	RESERVED
-CVE-2015-6929
+CVE-2015-6929 (Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks  ...)
 	NOT-FOR-US: Nokia
-CVE-2015-6928
+CVE-2015-6928 (classes/admin.class.php in CubeCart 5.2.12 through 5.2.16 and 6.x befo ...)
 	NOT-FOR-US: CubeCart
-CVE-2015-6926
+CVE-2015-6926 (The OpenID Single Sign-On authentication functionality in OXID eShop b ...)
 	NOT-FOR-US: OXID eShop
-CVE-2015-6925
+CVE-2015-6925 (wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to caus ...)
 	- wolfssl 3.9.10+dfsg-1 (bug #801120)
 CVE-2015-6924
 	RESERVED
-CVE-2015-6923
+CVE-2015-6923 (The ndvbs module in VBox Communications Satellite Express Protocol 2.3 ...)
 	NOT-FOR-US: VBox Communications Satellite Express Protocol
 CVE-2015-6922
 	RESERVED
-CVE-2015-6921
+CVE-2015-6921 (Cross-site scripting (XSS) vulnerability in the Zendesk Feedback Tab m ...)
 	NOT-FOR-US: Zendesk Feedback Tab for Drupal
-CVE-2015-6920
+CVE-2015-6920 (Cross-site scripting (XSS) vulnerability in js/window.php in the sourc ...)
 	NOT-FOR-US: sourceAFRICA plugin for WordPress
-CVE-2015-6919
+CVE-2015-6919 (Cross-site scripting (XSS) vulnerability in the googleSearch (CSE) (co ...)
 	NOT-FOR-US: googleSearch (CSE) component for Joomla!
-CVE-2015-6918
+CVE-2015-6918 (salt before 2015.5.5 leaks git usernames and passwords to the log. ...)
 	- salt 2015.8.1+ds-1 (bug #803182)
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: https://github.com/saltstack/salt/commit/28aa9b105804ff433d8f663b2f9b804f2b75495a
@@ -7298,19 +7298,19 @@ CVE-2015-6917
 	RESERVED
 CVE-2015-6916
 	RESERVED
-CVE-2015-6915
+CVE-2015-6915 (SQL injection vulnerability in Montala Limited ResourceSpace 7.3.7009  ...)
 	NOT-FOR-US: Montala Limited ResourceSpace
-CVE-2015-6914
+CVE-2015-6914 (Absolute path traversal vulnerability in SiteFactory CMS 5.5.9 allows  ...)
 	NOT-FOR-US: SiteFactory CMS
-CVE-2015-6913
+CVE-2015-6913 (Cross-site scripting (XSS) vulnerability in the "Create download task  ...)
 	NOT-FOR-US: Synology Download Station
-CVE-2015-6912
+CVE-2015-6912 (Synology Video Station before 1.5-0763 allows remote attackers to exec ...)
 	NOT-FOR-US: Synology Video Station
-CVE-2015-6911
+CVE-2015-6911 (SQL injection vulnerability in Synology Video Station before 1.5-0763  ...)
 	NOT-FOR-US: Synology Video Station
-CVE-2015-6910
+CVE-2015-6910 (SQL injection vulnerability in Synology Video Station before 1.5-0757  ...)
 	NOT-FOR-US: Synology Video Station
-CVE-2015-6909
+CVE-2015-6909 (Cross-site scripting (XSS) vulnerability in the "Create download task  ...)
 	NOT-FOR-US: Synology Download Station
 CVE-2015-6907
 	RESERVED
@@ -7392,53 +7392,53 @@ CVE-2015-6869
 	REJECTED
 CVE-2015-6868
 	REJECTED
-CVE-2015-6867
+CVE-2015-6867 (The vertica-udx-zygote process in HP Vertica 7.1.1 UDx does not requir ...)
 	NOT-FOR-US: HP Vertica
 CVE-2015-6866
 	REJECTED
 CVE-2015-6865
 	REJECTED
-CVE-2015-6864
+CVE-2015-6864 (HPE ArcSight Logger before 6.1P1 allows remote authenticated users to  ...)
 	NOT-FOR-US: HPE ArcSight Logger
-CVE-2015-6863
+CVE-2015-6863 (HPE ArcSight Logger before 6.1P1 allows remote attackers to execute ar ...)
 	NOT-FOR-US: HPE ArcSight Logger
-CVE-2015-6862
+CVE-2015-6862 (HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensit ...)
 	NOT-FOR-US: HPE UCMDB Browser
-CVE-2015-6861
+CVE-2015-6861 (HPE Helion Eucalyptus 3.4.0 through 4.2.0 allows remote authenticated  ...)
 	NOT-FOR-US: HPE Helion Eucalyptus
-CVE-2015-6860
+CVE-2015-6860 (HPE Network Switches with software 15.16.x and 15.17.x allow local use ...)
 	NOT-FOR-US: HPE Network Switches
-CVE-2015-6859
+CVE-2015-6859 (HPE Network Switches with software 15.16.x and 15.17.x allow local use ...)
 	NOT-FOR-US: HPE Network Switches
-CVE-2015-6858
+CVE-2015-6858 (HP Insight Control server provisioning before 7.5.0 RabbitMQ allows re ...)
 	NOT-FOR-US: HP Insight Control
-CVE-2015-6857
+CVE-2015-6857 (Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunn ...)
 	NOT-FOR-US: HP Performance Center
-CVE-2015-6856
+CVE-2015-6856 (Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local  ...)
 	NOT-FOR-US: Dell
-CVE-2015-6854
+CVE-2015-6854 (The non-Domino web agents in CA Single Sign-On (aka SSO, formerly Site ...)
 	NOT-FOR-US: CA Single Sign-On
-CVE-2015-6853
+CVE-2015-6853 (The Domino web agent in CA Single Sign-On (aka SSO, formerly SiteMinde ...)
 	NOT-FOR-US: CA Single Sign-On
-CVE-2015-6852
+CVE-2015-6852 (Directory traversal vulnerability in the API in EMC Secure Remote Serv ...)
 	NOT-FOR-US: EMC Secure Remote Services Virtual Edition
-CVE-2015-6851
+CVE-2015-6851 (EMC RSA SecurID Web Agent before 8.0 allows physically proximate attac ...)
 	NOT-FOR-US: RSA SecurID
-CVE-2015-6850
+CVE-2015-6850 (EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5.5 before Patch 1 has a  ...)
 	NOT-FOR-US: EMC VPLEX
-CVE-2015-6849
+CVE-2015-6849 (EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2 ...)
 	NOT-FOR-US: EMC
-CVE-2015-6848
+CVE-2015-6848 (EMC Isilon OneFS 7.1.x before 7.1.1.5, 7.2.0.x before 7.2.0.3, and 7.2 ...)
 	NOT-FOR-US: EMC
-CVE-2015-6847
+CVE-2015-6847 (The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3  ...)
 	NOT-FOR-US: EMC VPLEX
-CVE-2015-6846
+CVE-2015-6846 (EMC SourceOne Email Supervisor before 7.2 uses hardcoded encryption ke ...)
 	NOT-FOR-US: EMC SourceOne
-CVE-2015-6845
+CVE-2015-6845 (EMC SourceOne Email Supervisor before 7.2 does not properly employ ran ...)
 	NOT-FOR-US: EMC SourceOne
-CVE-2015-6844
+CVE-2015-6844 (Cross-site scripting (XSS) vulnerability in Reviewer in EMC SourceOne  ...)
 	NOT-FOR-US: EMC SourceOne
-CVE-2015-6843
+CVE-2015-6843 (Reviewer in EMC SourceOne Email Supervisor before 7.2 does not properl ...)
 	NOT-FOR-US: EMC SourceOne
 CVE-2015-6842
 	RESERVED
@@ -7446,18 +7446,18 @@ CVE-2015-6841
 	RESERVED
 CVE-2015-6840
 	RESERVED
-CVE-2015-6937
+CVE-2015-6937 (The __rds_conn_create function in net/rds/connection.c in the Linux ke ...)
 	{DSA-3364-1 DLA-310-1}
 	- linux 4.2.1-1
 	- linux-2.6 <removed>
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f (v4.3-rc1)
-CVE-2015-6908
+CVE-2015-6908 (The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 ...)
 	{DSA-3356-1 DLA-309-1}
 	- openldap 2.4.42+dfsg-2 (bug #798622)
 	NOTE: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629
 	NOTE: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240;selectid=8240
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/2
-CVE-2015-7312
+CVE-2015-7312 (Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3 ...)
 	- linux 4.2.1-1 (bug #796036)
 	[jessie] - linux 3.16.7-ckt11-1+deb8u4
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -7465,7 +7465,7 @@ CVE-2015-7312
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/10/3
 	NOTE: http://sourceforge.net/p/aufs/mailman/message/34449209/
 	NOTE: For Linux kernel with aufs aufs3-mmap.patch or aufs4-mmap.patch mmap patch
-CVE-2015-6855
+CVE-2015-6855 (hw/ide/core.c in QEMU does not properly restrict the commands accepted ...)
 	{DSA-3362-1 DSA-3361-1}
 	- qemu 1:2.4+dfsg-2
 	- qemu-kvm <removed>
@@ -7475,7 +7475,7 @@ CVE-2015-6855
 	NOTE: Fix commit: http://git.qemu.org/?p=qemu.git;a=commit;h=d9033e1d3aa666c5071580617a57bd853c5d794a
 	NOTE: exec_cmd introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=7cff87ff6ab117799e32e42c2e4dc4c0588e583a
 	NOTE: cmd_table introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=844505b12e722d9ba7060480e766351fc6313501
-CVE-2015-6927
+CVE-2015-6927 (vzctl before 4.9.4 determines the virtual environment (VE) layout base ...)
 	{DSA-3357-1}
 	- vzctl 4.9.4-1
 	[wheezy] - vzctl <not-affected> (Vulnerability not present)
@@ -7484,62 +7484,62 @@ CVE-2015-6927
 	NOTE: https://src.openvz.org/projects/OVZL/repos/vzctl/commits/9e98ea630ac0e88b44e3e23c878a5166aeb74e1c
 	NOTE: https://plus.google.com/+OpenVZorg/posts/gidyrouNi7D
 	NOTE: https://wiki.openvz.org/Download/vzctl/4.9.4
-CVE-2015-6839
+CVE-2015-6839 (The parse function in MSA vot.Ar 3.1 does not check whether a candidat ...)
 	NOT-FOR-US: MSA vot.Ar
-CVE-2015-6829
+CVE-2015-6829 (Multiple SQL injection vulnerabilities in the getip function in wp-lim ...)
 	NOT-FOR-US: getip function in wp-limit-login-attempts.php in the WP Limit Login Attempts plugin for WordPress
-CVE-2015-6828
+CVE-2015-6828 (The tweet_info function in class/__functions.php in the SecureMoz Secu ...)
 	NOT-FOR-US: SecureMoz plugin
-CVE-2015-6827
+CVE-2015-6827 (Cross-site request forgery (CSRF) vulnerability in Auto-Exchanger 5.1. ...)
 	NOT-FOR-US: Auto-Exchanger
-CVE-2015-6826
+CVE-2015-6826 (The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in F ...)
 	{DLA-1611-1}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a
-CVE-2015-6825
+CVE-2015-6825 (The ff_frame_thread_init function in libavcodec/pthread_frame.c in FFm ...)
 	{DLA-1611-1}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f1a38264f20382731cf2cc75fdd98f4c9a84a626
-CVE-2015-6824
+CVE-2015-6824 (The sws_init_context function in libswscale/utils.c in FFmpeg before 2 ...)
 	{DLA-1611-2}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a5d44d5c220e12ca0cb7a4eceb0f74759cb13111
-CVE-2015-6823
+CVE-2015-6823 (The allocate_buffers function in libavcodec/alac.c in FFmpeg before 2. ...)
 	{DLA-1611-2}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f7068bf277a37479aecde2832208d820682b35e6
-CVE-2015-6822
+CVE-2015-6822 (The destroy_buffers function in libavcodec/sanm.c in FFmpeg before 2.7 ...)
 	{DLA-1611-2 DLA-1611-1}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=39bbdebb1ed8eb9c9b0cd6db85afde6ba89d86e4
-CVE-2015-6821
+CVE-2015-6821 (The ff_mpv_common_init function in libavcodec/mpegvideo.c in FFmpeg be ...)
 	{DLA-1611-1}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b160fc290cf49b516c5b6ee0730fd9da7fc623b1
-CVE-2015-6820
+CVE-2015-6820 (The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7. ...)
 	{DLA-1611-1}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=79a98294da6cd85f8c86b34764c5e0c43b09eea3
-CVE-2015-6819
+CVE-2015-6819 (Multiple integer underflows in the ff_mjpeg_decode_frame function in l ...)
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <not-affected> (Vulnerable code not present in any Libav version)
-CVE-2015-6818
+CVE-2015-6818 (The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before ...)
 	{DLA-1611-1}
 	- ffmpeg 7:2.7.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -7550,21 +7550,21 @@ CVE-2015-6814
 	RESERVED
 CVE-2015-6813
 	RESERVED
-CVE-2015-6812
+CVE-2015-6812 (Invision Power Services IPS Community Suite (aka Invision Power Board, ...)
 	NOT-FOR-US: Invision Power Services IPS Community Suite
-CVE-2015-6811
+CVE-2015-6811 (SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewal ...)
 	NOT-FOR-US: Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS
-CVE-2015-6810
+CVE-2015-6810 (Cross-site scripting (XSS) vulnerability in Invision Power Services IP ...)
 	NOT-FOR-US: Invision Power Services IPS Community Suite
-CVE-2015-6809
+CVE-2015-6809 (Multiple cross-site scripting (XSS) vulnerabilities in BEdita before 3 ...)
 	NOT-FOR-US: BEdita
-CVE-2015-6808
+CVE-2015-6808 (Cross-site scripting (XSS) vulnerability in the Spotlight module 7.x-1 ...)
 	NOT-FOR-US: Spotlight module for Drupal
-CVE-2015-6807
+CVE-2015-6807 (Cross-site scripting (XSS) vulnerability in the Mass Contact module 6. ...)
 	NOT-FOR-US: Mass Contact module for Drupal
-CVE-2015-6805
+CVE-2015-6805 (Cross-site scripting (XSS) vulnerability in the MDC Private Message pl ...)
 	NOT-FOR-US: MDC Private Message plugin for WordPress
-CVE-2015-6830
+CVE-2015-6830 (libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4. ...)
 	{DSA-3382-1}
 	- phpmyadmin 4:4.4.14.1-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
@@ -7579,7 +7579,7 @@ CVE-2015-XXXX [hardening for RSA-CRT leak]
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=b85c8d6645039fc9d403791750510e439731d479
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/08/5
 	NOTE: Thread on oss-security to clarify if this should be CVE-2015-5738 or a new CVE
-CVE-2015-6838
+CVE-2015-6838 (The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP be ...)
 	{DSA-3358-1 DLA-341-1}
 	- php5 5.6.13+dfsg-1
 	- hhvm 3.12.1+dfsg-1
@@ -7587,26 +7587,26 @@ CVE-2015-6838
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
 	NOTE: https://github.com/facebook/hhvm/commit/f358ec0e905df41feaa9dc75f4dee814cfe5a60a
-CVE-2015-6837
+CVE-2015-6837 (The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP be ...)
 	{DSA-3358-1 DLA-341-1}
 	- php5 5.6.13+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69782
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-6836
+CVE-2015-6836 (The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45,  ...)
 	{DSA-3358-1 DLA-341-1}
 	- php5 5.6.13+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70388
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-6835
+CVE-2015-6835 (The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, an ...)
 	{DSA-3358-1}
 	- php5 5.6.13+dfsg-1
 	[squeeze] - php5 <no-dsa> (Too intrusive to backport)
 	NOTE: https://bugs.php.net/bug.php?id=70219
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-6834
+CVE-2015-6834 (Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x be ...)
 	{DSA-3358-1 DLA-341-1}
 	- php5 5.6.13+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70172
@@ -7614,10 +7614,10 @@ CVE-2015-6834
 	NOTE: https://bugs.php.net/bug.php?id=70366
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/07/5
 	NOTE: Fixed in 5.5.45 and 5.6.13
-CVE-2015-7225
+CVE-2015-7225 (Tinfoil Devise-two-factor before 2.0.0 does not strictly follow sectio ...)
 	- ruby-devise-two-factor 2.0.0-1 (bug #798466)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/06/2
-CVE-2015-8777
+CVE-2015-8777 (The process_envvars function in elf/rtld.c in the GNU C Library (aka g ...)
 	{DSA-3480-1 DLA-316-1}
 	- glibc 2.21-1 (bug #798316; bug #801691)
 	[jessie] - glibc 2.19-18+deb8u2
@@ -7635,7 +7635,7 @@ CVE-2015-6815 [Qemu: net: e1000 infinite loop issue]
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/04/4
 	NOTE: Upstream fix: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html
-CVE-2015-6816
+CVE-2015-6816 (ganglia-web before 3.7.1 allows remote attackers to bypass authenticat ...)
 	- ganglia-web <unfixed> (unimportant; bug #798213)
 	- ganglia 3.6.0-1 (unimportant)
 	[squeeze] - ganglia <not-affected> (affected code not present)
@@ -7643,7 +7643,7 @@ CVE-2015-6816
 	NOTE: starting with 3.6.0-1 the web front is no longer built from src:ganglia so marking this version as fixed
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/04/2
 	NOTE: https://github.com/ganglia/ganglia-web/issues/267
-CVE-2015-6817
+CVE-2015-6817 (PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows r ...)
 	- pgbouncer 1.6.1-1
 	[jessie] - pgbouncer <not-affected> (Introduced in 1.6)
 	[wheezy] - pgbouncer <not-affected> (Introduced in 1.6)
@@ -7664,7 +7664,7 @@ CVE-2015-XXXX [Memory corruption]
 	NOTE: https://github.com/LibVNC/libvncserver/commit/804335f9d296440bb708ca844f5d89b58b50b0c6
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/03/8
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=706087#c1 notes that the fix breaks ABI
-CVE-2015-6938
+CVE-2015-6938 (Cross-site scripting (XSS) vulnerability in the file browser in notebo ...)
 	- ipython 2.4.1-1 (low; bug #798886)
 	[jessie] - ipython <no-dsa> (Minor issue)
 	[wheezy] - ipython <no-dsa> (Minor issue)
@@ -7695,148 +7695,148 @@ CVE-2015-6794
 	RESERVED
 CVE-2015-6793
 	RESERVED
-CVE-2015-6792
+CVE-2015-6792 (The MIDI subsystem in Google Chrome before 47.0.2526.106 does not prop ...)
 	{DSA-3456-1}
 	- chromium-browser 47.0.2526.111-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://googlechromereleases.blogspot.de/2015/12/stable-channel-update_15.html
-CVE-2015-6791
+CVE-2015-6791 (Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526 ...)
 	{DSA-3418-1}
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6790
+CVE-2015-6790 (The WebPageSerializerImpl::openTagToString function in WebKit/Source/w ...)
 	{DSA-3418-1}
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6789
+CVE-2015-6789 (Race condition in the MutationObserver implementation in Blink, as use ...)
 	{DSA-3418-1}
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6788
+CVE-2015-6788 (The ObjectBackedNativeHandler class in extensions/renderer/object_back ...)
 	{DSA-3418-1}
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6787
+CVE-2015-6787 (Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526 ...)
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6786
+CVE-2015-6786 (The CSPSourceList::matches function in WebKit/Source/core/frame/csp/CS ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6785
+CVE-2015-6785 (The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CS ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6784
+CVE-2015-6784 (The page serializer in Google Chrome before 47.0.2526.73 mishandles Ma ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6783
+CVE-2015-6783 (The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in ...)
 	- chromium-browser <not-affected> (android only)
-CVE-2015-6782
+CVE-2015-6782 (The Document::open function in WebKit/Source/core/dom/Document.cpp in  ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6781
+CVE-2015-6781 (Integer overflow in the FontData::Bound function in data/font_data.cc  ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6780
+CVE-2015-6780 (Use-after-free vulnerability in the Infobars implementation in Google  ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6779
+CVE-2015-6779 (PDFium, as used in Google Chrome before 47.0.2526.73, does not properl ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6778
+CVE-2015-6778 (The CJBig2_SymbolDict class in fxcodec/jbig2/JBig2_SymbolDict.cpp in P ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6777
+CVE-2015-6777 (Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedI ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6776
+CVE-2015-6776 (The opj_dwt_decode_1* functions in dwt.c in OpenJPEG, as used in PDFiu ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6775
+CVE-2015-6775 (fpdfsdk/src/jsapi/fxjs_v8.cpp in PDFium, as used in Google Chrome befo ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6774
+CVE-2015-6774 (Use-after-free vulnerability in the GetLoadTimes function in renderer/ ...)
 	{DSA-3415-1}
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6773
+CVE-2015-6773 (The convolution implementation in Skia, as used in Google Chrome befor ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6772
+CVE-2015-6772 (The DOM implementation in Blink, as used in Google Chrome before 47.0. ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6771
+CVE-2015-6771 (js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73 ...)
 	{DSA-3415-1}
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6770
+CVE-2015-6770 (The DOM implementation in Google Chrome before 47.0.2526.73 allows rem ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6769
+CVE-2015-6769 (The provisional-load commit implementation in WebKit/Source/bindings/c ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6768
+CVE-2015-6768 (The DOM implementation in Google Chrome before 47.0.2526.73 allows rem ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6767
+CVE-2015-6767 (Use-after-free vulnerability in content/browser/appcache/appcache_disp ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6766
+CVE-2015-6766 (Use-after-free vulnerability in the AppCache implementation in Google  ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6765
+CVE-2015-6765 (Use-after-free vulnerability in content/browser/appcache/appcache_upda ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6764
+CVE-2015-6764 (The BasicJsonStringifier::SerializeJSArray function in json-stringifie ...)
 	{DSA-3415-1}
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
@@ -7846,17 +7846,17 @@ CVE-2015-6764
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6763
+CVE-2015-6763 (Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490 ...)
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6762
+CVE-2015-6762 (The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValu ...)
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6761
+CVE-2015-6761 (The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2 ...)
 	{DSA-3376-1 DLA-1611-1}
 	- ffmpeg 7:2.8.1-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -7870,66 +7870,66 @@ CVE-2015-6761
 	NOTE: Starting with 44.0.2403.157-1 chromium uses the ffmpeg system copy
 	NOTE: It looks like this relates to multithreaded decoding of VPx codecs, which is not implemented in the squeeze version. But I'm not sure as the second bug report is still private.
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=dabea74d0e82ea80cd344f630497cafcb3ef872c
-CVE-2015-6760
+CVE-2015-6760 (The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGL ...)
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6759
+CVE-2015-6759 (The shouldTreatAsUniqueOrigin function in platform/weborigin/SecurityO ...)
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6758
+CVE-2015-6758 (The CPDF_Document::GetPage function in fpdfapi/fpdf_parser/fpdf_parser ...)
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6757
+CVE-2015-6757 (Use-after-free vulnerability in content/browser/service_worker/embedde ...)
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6756
+CVE-2015-6756 (Use-after-free vulnerability in the CPDFSDK_PageView implementation in ...)
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6755
+CVE-2015-6755 (The ContainerNode::parserInsertBefore function in core/dom/ContainerNo ...)
 	{DSA-3376-1}
 	- chromium-browser 46.0.2490.71-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6754
+CVE-2015-6754 (Cross-site scripting (XSS) vulnerability in the administration interfa ...)
 	NOT-FOR-US: Drupal Path Breadcrumbs module
-CVE-2015-6753
+CVE-2015-6753 (Multiple cross-site scripting (XSS) vulnerabilities in the Quick Edit  ...)
 	NOT-FOR-US: Drupal Quick Edit module
-CVE-2015-6752
+CVE-2015-6752 (Cross-site scripting (XSS) vulnerability in the Search API Autocomplet ...)
 	NOT-FOR-US: Drupal Search API Autocomplete module
-CVE-2015-6751
+CVE-2015-6751 (Multiple cross-site scripting (XSS) vulnerabilities in the Time Tracke ...)
 	NOT-FOR-US: Drupal Time Tracker module
-CVE-2015-6750
+CVE-2015-6750 (Buffer overflow in Ricoh DL FTP Server 1.1.0.6 and earlier allows remo ...)
 	NOT-FOR-US: Ricoh DL FTP Server
-CVE-2015-6747
+CVE-2015-6747 (Basware Banking (Maksuliikenne) 8.90.07.X does not properly prevent ac ...)
 	NOT-FOR-US: Basware Banking
-CVE-2015-6746
+CVE-2015-6746 (Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys i ...)
 	NOT-FOR-US: Basware Banking
-CVE-2015-6745
+CVE-2015-6745 (Basware Banking (Maksuliikenne) 8.90.07.X relies on the client to enfo ...)
 	NOT-FOR-US: Basware Banking
-CVE-2015-6744
+CVE-2015-6744 (Basware Banking (Maksuliikenne) before 8.90.07.X relies on the client  ...)
 	NOT-FOR-US: Basware Banking
-CVE-2015-6743
+CVE-2015-6743 (Basware Banking (Maksuliikenne) 8.90.07.X uses a hardcoded password fo ...)
 	NOT-FOR-US: Basware Banking
-CVE-2015-6742
+CVE-2015-6742 (Basware Banking (Maksuliikenne) before 8.90.07.X uses a hardcoded pass ...)
 	NOT-FOR-US: Basware Banking
-CVE-2015-6723
+CVE-2015-6723 (The ANTrustPropagateAll method in Adobe Reader and Acrobat 10.x before ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6806
+CVE-2015-6806 (The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does n ...)
 	{DSA-3352-1 DLA-305-1}
 	- screen 4.3.1-2 (bug #797624)
 	NOTE: https://savannah.gnu.org/bugs/?45713
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/01/1
-CVE-2015-6749
+CVE-2015-6749 (Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis- ...)
 	{DLA-1010-1 DLA-317-1}
 	- vorbis-tools 1.4.0-7 (bug #797461)
 	[jessie] - vorbis-tools 1.4.0-6+deb8u1
@@ -7943,7 +7943,7 @@ CVE-2015-6739
 	RESERVED
 CVE-2015-6738
 	RESERVED
-CVE-2015-6748
+CVE-2015-6748 (Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3. ...)
 	- jsoup 1.8.3-1 (bug #797275)
 	[jessie] - jsoup <no-dsa> (Minor issue)
 	[wheezy] - jsoup <no-dsa> (Minor issue)
@@ -7953,11 +7953,11 @@ CVE-2015-6748
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/28/3
 CVE-2015-6726
 	RESERVED
-CVE-2015-6725
+CVE-2015-6725 (The ANSendForSharedReview method in Adobe Reader and Acrobat 10.x befo ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6724
+CVE-2015-6724 (The ANSendForApproval method in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-5723
+CVE-2015-5723 (Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before ...)
 	{DSA-3369-1}
 	- php-doctrine-annotations 1.2.7-1 (low)
 	[jessie] - php-doctrine-annotations 1.2.1-1+deb8u1
@@ -7980,107 +7980,107 @@ CVE-2015-5723
 	NOTE: http://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html
 	NOTE: https://github.com/aws/aws-sdk-php/releases/tag/3.2.1
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-07
-CVE-2015-6722
+CVE-2015-6722 (The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6721
+CVE-2015-6721 (The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6720
+CVE-2015-6720 (The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6719
+CVE-2015-6719 (The CBSharedReviewCloseDialog method in Adobe Reader and Acrobat 10.x  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6718
+CVE-2015-6718 (The CBSharedReviewIfOfflineDialog method in Adobe Reader and Acrobat 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6717
+CVE-2015-6717 (The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6716
+CVE-2015-6716 (The ANSendForFormDistribution method in Adobe Reader and Acrobat 10.x  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6715
+CVE-2015-6715 (The Function apply implementation in Adobe Reader and Acrobat 10.x bef ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6714
+CVE-2015-6714 (The Function bind implementation in Adobe Reader and Acrobat 10.x befo ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6713
+CVE-2015-6713 (The Function call implementation in Adobe Reader and Acrobat 10.x befo ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6712
+CVE-2015-6712 (The ANSendApprovalToAuthorEnabled method in Adobe Reader and Acrobat 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6711
+CVE-2015-6711 (The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before 10 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6710
+CVE-2015-6710 (The CBBBRInit method in Adobe Reader and Acrobat 10.x before 10.1.16 a ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6709
+CVE-2015-6709 (The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6708
+CVE-2015-6708 (The ANStartApproval method in Adobe Reader and Acrobat 10.x before 10. ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6707
+CVE-2015-6707 (The ANSendForReview method in Adobe Reader and Acrobat 10.x before 10. ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6706
+CVE-2015-6706 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6705
+CVE-2015-6705 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6704
+CVE-2015-6704 (The animations property implementation in Adobe Reader and Acrobat 10. ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6703
+CVE-2015-6703 (The loadFlashMovie function in Adobe Reader and Acrobat 10.x before 10 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6702
+CVE-2015-6702 (The createSquareMesh function in Adobe Reader and Acrobat 10.x before  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6701
+CVE-2015-6701 (The ambientIlluminationColor property implementation in Adobe Reader a ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6700
+CVE-2015-6700 (The setBackground function in Adobe Reader and Acrobat 10.x before 10. ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6699
+CVE-2015-6699 (The addForegroundSprite function in Adobe Reader and Acrobat 10.x befo ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6698
+CVE-2015-6698 (Heap-based buffer overflow in the AcroForm implementation in Adobe Rea ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6697
+CVE-2015-6697 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6696
+CVE-2015-6696 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10. ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6695
+CVE-2015-6695 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6694
+CVE-2015-6694 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6693
+CVE-2015-6693 (The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x befo ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6692
+CVE-2015-6692 (Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6691
+CVE-2015-6691 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6690
+CVE-2015-6690 (Use-after-free vulnerability in the popUpMenuEx method in Adobe Reader ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6689
+CVE-2015-6689 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6688
+CVE-2015-6688 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6687
+CVE-2015-6687 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6686
+CVE-2015-6686 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6685
+CVE-2015-6685 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6684
+CVE-2015-6684 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6683
+CVE-2015-6683 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-6682
+CVE-2015-6682 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6681
+CVE-2015-6681 (Adobe Shockwave Player before 12.2.0.162 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2015-6680
+CVE-2015-6680 (Adobe Shockwave Player before 12.2.0.162 allows attackers to execute a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2015-6679
+CVE-2015-6679 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6678
+CVE-2015-6678 (Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x befor ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6677
+CVE-2015-6677 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6676
+CVE-2015-6676 (Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x befor ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-6675
+CVE-2015-6675 (Siemens RUGGEDCOM ROS 3.8.0 through 4.1.x permanently enables the IP f ...)
 	NOT-FOR-US: Siemens RUGGEDCOM ROS
-CVE-2015-6672
+CVE-2015-6672 (Cross-site scripting (XSS) vulnerability in the Administrative Web Int ...)
 	NOT-FOR-US: Citrix
-CVE-2015-6671
+CVE-2015-6671 (Open edX edx-platform before 2015-08-25 requires use of the database f ...)
 	NOT-FOR-US: Open edX
-CVE-2015-6670
+CVE-2015-6670 (ownCloud Server before 7.0.8, 8.0.x before 8.0.6, and 8.1.x before 8.1 ...)
 	{DSA-3373-1}
 	- owncloud 7.0.8~dfsg-1
 	[experimental] - owncloud-calendar 0.7.3-1
@@ -8088,15 +8088,15 @@ CVE-2015-6670
 	NOTE: https://github.com/owncloud/calendar/commit/4e0306adb13b19919e90857eaf7681303cd45414
 CVE-2015-6669
 	RESERVED
-CVE-2015-6668
+CVE-2015-6668 (The Job Manager plugin before 0.7.25 allows remote attackers to read a ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2015-6667
 	RESERVED
-CVE-2015-6664
+CVE-2015-6664 (XML external entity (XXE) vulnerability in the application import func ...)
 	NOT-FOR-US: SAP Mobile Platform
-CVE-2015-6663
+CVE-2015-6663 (Cross-site scripting (XSS) vulnerability in the Client form in the Dev ...)
 	NOT-FOR-US: SAP Afaria
-CVE-2015-6662
+CVE-2015-6662 (XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 al ...)
 	NOT-FOR-US: SAP NetWeaver Portal
 CVE-2015-6657
 	RESERVED
@@ -8104,9 +8104,9 @@ CVE-2015-6656
 	RESERVED
 CVE-2015-6666
 	REJECTED
-CVE-2015-6655
+CVE-2015-6655 (Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 all ...)
 	NOT-FOR-US: Pligg CMS
-CVE-2015-6654
+CVE-2015-6654 (The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x,  ...)
 	{DSA-3414-1}
 	- xen 4.8.0~rc3-1 (bug #823620; bug #800128)
 	[wheezy] - xen <not-affected> (Xen on arm not yet supported)
@@ -8124,126 +8124,126 @@ CVE-2015-6649
 	REJECTED
 CVE-2015-6648
 	RESERVED
-CVE-2015-6647
+CVE-2015-6647 (The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LM ...)
 	NOT-FOR-US: Android
-CVE-2015-6646
+CVE-2015-6646 (The System V IPC implementation in the kernel in Android before 6.0 20 ...)
 	NOT-FOR-US: Android
 	NOTE: https://source.android.com/security/bulletin/2016-01-01.html
 	NOTE: This doesn't represent a specific kernel vulnerability. Android does not need and did not apply resource limits to System V IPC.
-CVE-2015-6645
+CVE-2015-6645 (SyncManager in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 a ...)
 	NOT-FOR-US: Android
-CVE-2015-6644
+CVE-2015-6644 (Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 ...)
 	{DSA-3829-1 DLA-893-1}
 	- bouncycastle 1.54-1
 	NOTE: https://source.android.com/security/bulletin/2016-01-01.html#information_disclosure_vulnerability_in_bouncy_castle
 	NOTE: https://android.googlesource.com/platform/external/bouncycastle/+/3e128c5fea3a0ca2d372aa09c4fd4bb0eadfbd3f
 	NOTE: Fixed differently upstream https://github.com/bcgit/bc-java/issues/177#issuecomment-290671336
-CVE-2015-6643
+CVE-2015-6643 (Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01 ...)
 	NOT-FOR-US: Android
-CVE-2015-6642
+CVE-2015-6642 (The kernel in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 al ...)
 	NOT-FOR-US: Qualcomm driver for Android
 	NOTE: https://www.codeaurora.org/projects/security-advisories/information-disclosure-vulnerability-kernel-ipc-router-module-cve-2015-6642
-CVE-2015-6641
+CVE-2015-6641 (Bluetooth in Android 6.0 before 2016-01-01 allows remote attackers to  ...)
 	NOT-FOR-US: Android
-CVE-2015-6640
+CVE-2015-6640 (The prctl_set_vma_anon_name function in kernel/sys.c in Android before ...)
 	NOT-FOR-US: Android kernel extension
 	NOTE: https://android.googlesource.com/kernel%2Fcommon/+/69bfe2d957d903521d32324190c2754cb073be15
-CVE-2015-6639
+CVE-2015-6639 (The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LM ...)
 	NOT-FOR-US: Android
-CVE-2015-6638
+CVE-2015-6638 (The Imagination Technologies driver in Android 5.x before 5.1.1 LMY49F ...)
 	NOT-FOR-US: Imagination driver for Android
-CVE-2015-6637
+CVE-2015-6637 (The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 bef ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2015-6636
+CVE-2015-6636 (mediaserver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01- ...)
 	NOT-FOR-US: Android Mediaserver
 CVE-2015-6635
 	RESERVED
-CVE-2015-6634
+CVE-2015-6634 (The display drivers in Android before 5.1.1 LMY48Z allow remote attack ...)
 	NOT-FOR-US: Android
-CVE-2015-6633
+CVE-2015-6633 (The display drivers in Android before 5.1.1 LMY48Z and 6.0 before 2015 ...)
 	NOT-FOR-US: Android
-CVE-2015-6632
+CVE-2015-6632 (libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-0 ...)
 	NOT-FOR-US: libstagefright
-CVE-2015-6631
+CVE-2015-6631 (libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-0 ...)
 	NOT-FOR-US: libstagefright
-CVE-2015-6630
+CVE-2015-6630 (SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01  ...)
 	NOT-FOR-US: Android
-CVE-2015-6629
+CVE-2015-6629 (Wi-Fi in Android 5.x before 5.1.1 LMY48Z allows attackers to obtain se ...)
 	NOT-FOR-US: Android
-CVE-2015-6628
+CVE-2015-6628 (Media Framework in Android before 5.1.1 LMY48Z and 6.0 before 2015-12- ...)
 	NOT-FOR-US: Android
-CVE-2015-6627
+CVE-2015-6627 (The Audio component in Android before 5.1.1 LMY48Z and 6.0 before 2015 ...)
 	NOT-FOR-US: Android
-CVE-2015-6626
+CVE-2015-6626 (libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-0 ...)
 	NOT-FOR-US: libstagefright
-CVE-2015-6625
+CVE-2015-6625 (System Server in Android 6.0 before 2015-12-01 allows attackers to obt ...)
 	NOT-FOR-US: Android
-CVE-2015-6624
+CVE-2015-6624 (System Server in Android 6.0 before 2015-12-01 allows attackers to obt ...)
 	NOT-FOR-US: Android
-CVE-2015-6623
+CVE-2015-6623 (Wi-Fi in Android 6.0 before 2015-12-01 allows attackers to gain privil ...)
 	NOT-FOR-US: Android
-CVE-2015-6622
+CVE-2015-6622 (The Native Frameworks Library in Android before 5.1.1 LMY48Z and 6.0 b ...)
 	NOT-FOR-US: Android
-CVE-2015-6621
+CVE-2015-6621 (SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01  ...)
 	NOT-FOR-US: Android
-CVE-2015-6620
+CVE-2015-6620 (libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-0 ...)
 	NOT-FOR-US: libstagefright
-CVE-2015-6619
+CVE-2015-6619 (The kernel in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 al ...)
 	- linux <not-affected> (Appears to be caused by a flawed backport of O_TMPFILE feature)
 	NOTE: https://android.googlesource.com/device%2Fhtc%2Fflounder-kernel/+/25d3e5d71865a7c0324423fad87aaabb70e82ee4
-CVE-2015-6618
+CVE-2015-6618 (Bluetooth in Android 4.4 and 5.x before 5.1.1 LMY48Z allows user-assis ...)
 	NOT-FOR-US: Android
-CVE-2015-6617
+CVE-2015-6617 (Skia, as used in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 ...)
 	- skia <itp> (bug #818180)
-CVE-2015-6616
+CVE-2015-6616 (mediaserver in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 a ...)
 	NOT-FOR-US: mediaserver in Android
 CVE-2015-6615
 	RESERVED
-CVE-2015-6614
+CVE-2015-6614 (Telephony in Android 5.x before 5.1.1 LMY48X allows attackers to gain  ...)
 	NOT-FOR-US: Android
-CVE-2015-6613
+CVE-2015-6613 (Bluetooth in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 all ...)
 	NOT-FOR-US: Android
-CVE-2015-6612
+CVE-2015-6612 (libmedia in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allo ...)
 	NOT-FOR-US: Android
-CVE-2015-6611
+CVE-2015-6611 (mediaserver in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 a ...)
 	NOT-FOR-US: mediaserver in Android
-CVE-2015-6610
+CVE-2015-6610 (libstagefright in Android before 5.1.1 LMY48X and 6.0 before 2015-11-0 ...)
 	NOT-FOR-US: libstagefright
-CVE-2015-6609
+CVE-2015-6609 (libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allo ...)
 	- android-platform-frameworks-native <unfixed> (unimportant; bug #806375)
-CVE-2015-6608
+CVE-2015-6608 (mediaserver in Android 5.x before 5.1.1 LMY48X and 6.0 before 2015-11- ...)
 	NOT-FOR-US: mediaserver in Android
-CVE-2015-6607
+CVE-2015-6607 (SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows at ...)
 	NOT-FOR-US: Android
 	NOTE: The change simply rebased sqlite to 3.8.9, which seems to have happened
 	NOTE: for CVE-2015-3414, CVE-2015-3415 and CVE-2015-3416, but no new sqlite issue
-CVE-2015-6606
+CVE-2015-6606 (The Secure Element Evaluation Kit (aka SEEK or SmartCard API) plugin i ...)
 	NOT-FOR-US: Android
-CVE-2015-6605
+CVE-2015-6605 (mediaserver in Android before 5.1.1 LMY48T allows attackers to cause a ...)
 	NOT-FOR-US: mediaserver in Android
-CVE-2015-6604
+CVE-2015-6604 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-6603
+CVE-2015-6603 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-6602
+CVE-2015-6602 (libutils in Android through 5.1.1 LMY48M allows remote attackers to ex ...)
 	- android-platform-frameworks-native <unfixed> (unimportant; bug #806375)
-CVE-2015-6601
+CVE-2015-6601 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-6600
+CVE-2015-6600 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-6599
+CVE-2015-6599 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-6598
+CVE-2015-6598 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
 CVE-2015-6597
 	RESERVED
-CVE-2015-6596
+CVE-2015-6596 (mediaserver in Android before 5.1.1 LMY48T allows attackers to gain pr ...)
 	NOT-FOR-US: mediaserver in Android
 CVE-2015-6595
 	RESERVED
 CVE-2015-6594
 	RESERVED
-CVE-2015-6592
+CVE-2015-6592 (Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require auth ...)
 	NOT-FOR-US: Huawei
 CVE-2015-6591
 	RESERVED
@@ -8251,34 +8251,34 @@ CVE-2015-6590
 	RESERVED
 CVE-2015-6589
 	RESERVED
-CVE-2015-6588
+CVE-2015-6588 (Cross-site scripting (XSS) vulnerability in login-fsp.html in MODX Rev ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2015-6587
+CVE-2015-6587 (The vlserver in OpenAFS before 1.6.13 allows remote authenticated user ...)
 	{DSA-3320-1 DLA-342-1}
 	- openafs 1.6.13-1
 	NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-006.txt
-CVE-2015-6586
+CVE-2015-6586 (The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with s ...)
 	NOT-FOR-US: Huawei
-CVE-2015-6585
+CVE-2015-6585 (hwpapp.dll in Hangul Word Processor allows remote attackers to execute ...)
 	NOT-FOR-US: Hangul Word Processor
-CVE-2015-6584
+CVE-2015-6584 (Cross-site scripting (XSS) vulnerability in the DataTables plugin 1.10 ...)
 	- datatables.js 1.10.9+dfsg-1
 	NOTE: http://www.securityfocus.com/archive/1/archive/1/536437/100/0/threaded
 	NOTE: https://www.netsparker.com/cve-2015-6384-xss-vulnerability-identified-in-datatables/
 	NOTE: https://github.com/DataTables/DataTables/issues/602
 	NOTE: https://github.com/DataTables/DataTablesSrc/commit/ccf86dc5982bd8e16d
 	NOTE: https://nodesecurity.io/advisories/5
-CVE-2015-6583
+CVE-2015-6583 (Google Chrome before 45.0.2454.85 does not display a location bar for  ...)
 	- chromium-browser 45.0.2454.85-1
 	[jessie] - chromium-browser 45.0.2454.85-1~deb8u1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6582
+CVE-2015-6582 (The decompose function in platform/transforms/TransformationMatrix.cpp ...)
 	- chromium-browser 45.0.2454.85-1
 	[jessie] - chromium-browser 45.0.2454.85-1~deb8u1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6581
+CVE-2015-6581 (Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_t ...)
 	{DSA-3665-1}
 	- openjpeg <not-affected> (Vulnerable code not present, function opj_j2k_copy_default_tcp_and_create_tcd)
 	- openjpeg2 2.1.1-1 (bug #800453)
@@ -8287,7 +8287,7 @@ CVE-2015-6581
 	[jessie] - chromium-browser 45.0.2454.85-1~deb8u1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-6580
+CVE-2015-6580 (Multiple unspecified vulnerabilities in Google V8 before 4.5.103.29, a ...)
 	- chromium-browser 45.0.2454.85-1
 	[jessie] - chromium-browser 45.0.2454.85-1~deb8u1
 	[wheezy] - chromium-browser <end-of-life>
@@ -8298,11 +8298,11 @@ CVE-2015-6578
 	RESERVED
 CVE-2015-6577
 	RESERVED
-CVE-2015-6576
+CVE-2015-6576 (Bamboo 2.2 before 5.8.5 and 5.9.x before 5.9.7 allows remote attackers ...)
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2015-6575
+CVE-2015-6575 (SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does  ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-6574
+CVE-2015-6574 (The SNAP Lite component in certain SISCO MMS-EASE and AX-S4 ICCP produ ...)
 	NOT-FOR-US: SISCO MMS-EASE
 CVE-2015-6573
 	RESERVED
@@ -8312,13 +8312,13 @@ CVE-2015-6571
 	RESERVED
 CVE-2015-6570
 	RESERVED
-CVE-2015-6569
+CVE-2015-6569 (Race condition in the LoadBalancer module in the Atlassian Floodlight  ...)
 	NOT-FOR-US: Atlassian
-CVE-2015-6568
+CVE-2015-6568 (Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code E ...)
 	NOT-FOR-US: Wolf CMS
-CVE-2015-6567
+CVE-2015-6567 (Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code E ...)
 	NOT-FOR-US: Wolf CMS
-CVE-2015-6566
+CVE-2015-6566 (zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 ...)
 	- zarafa <itp> (bug #658433)
 CVE-2015-6562
 	RESERVED
@@ -8330,51 +8330,51 @@ CVE-2015-6559
 	RESERVED
 CVE-2015-6558
 	RESERVED
-CVE-2015-6557
+CVE-2015-6557 (IBM Tivoli Storage Manager for Databases: Data Protection for Microsof ...)
 	NOT-FOR-US: IBM
-CVE-2015-6556
+CVE-2015-6556 (EACommunicatorSrv.exe in the Framework Service in the client in Symant ...)
 	NOT-FOR-US: Symantec
-CVE-2015-6555
+CVE-2015-6555 (Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 a ...)
 	NOT-FOR-US: Symantec
-CVE-2015-6554
+CVE-2015-6554 (Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 a ...)
 	NOT-FOR-US: Symantec
 CVE-2015-6553
 	REJECTED
-CVE-2015-6552
+CVE-2015-6552 (The management-services protocol implementation in Veritas NetBackup 7 ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2015-6551
+CVE-2015-6551 (Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and  ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2015-6550
+CVE-2015-6550 (bpcd in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4 ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2015-6549
+CVE-2015-6549 (Cross-site scripting (XSS) vulnerability in an application console in  ...)
 	NOT-FOR-US: Symantec NetBackup OpsCenter
-CVE-2015-6548
+CVE-2015-6548 (Multiple SQL injection vulnerabilities in a PHP script in the manageme ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2015-6547
+CVE-2015-6547 (The management console on Symantec Web Gateway (SWG) appliances with s ...)
 	NOT-FOR-US: Semantec Web Gateway
-CVE-2015-6546
+CVE-2015-6546 (The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller,  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2015-6545
+CVE-2015-6545 (Cross-site request forgery (CSRF) vulnerability in ajax.php in Cerb be ...)
 	NOT-FOR-US: Cerb
-CVE-2015-6544
+CVE-2015-6544 (Cross-site scripting (XSS) vulnerability in application/dashboard.clas ...)
 	NOT-FOR-US: Combodo
 CVE-2015-6543
 	RESERVED
 CVE-2015-6542
 	REJECTED
-CVE-2015-6541
+CVE-2015-6541 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail ...)
 	NOT-FOR-US: Zimbra
-CVE-2015-6540
+CVE-2015-6540 (Cross-site scripting (XSS) vulnerability in Intellect Design Arena Int ...)
 	NOT-FOR-US: Intellect Design Arena Intellect Core banking
 CVE-2015-6539
 	RESERVED
-CVE-2015-6538
+CVE-2015-6538 (The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles  ...)
 	NOT-FOR-US: Epiphany Cardio Server
-CVE-2015-6537
+CVE-2015-6537 (SQL injection vulnerability in the login page in Epiphany Cardio Serve ...)
 	NOT-FOR-US: Epiphany Cardio Server
 CVE-2015-6536
 	RESERVED
-CVE-2015-6535
+CVE-2015-6535 (Cross-site scripting (XSS) vulnerability in includes/options-profiles. ...)
 	NOT-FOR-US: YouTube Embed plugin for WordPress
 CVE-2015-6534
 	RESERVED
@@ -8382,104 +8382,104 @@ CVE-2015-6533
 	RESERVED
 CVE-2015-6532
 	RESERVED
-CVE-2015-6531
+CVE-2015-6531 (Palo Alto Networks Panorama VM Appliance with PAN-OS before 6.0.1 migh ...)
 	NOT-FOR-US: Palo Alto Networks Panorama VM Appliance
-CVE-2015-6530
+CVE-2015-6530 (Cross-site scripting (XSS) vulnerability in OpenText Secure MFT 2013 b ...)
 	NOT-FOR-US: OpenText Secure MFT 2013
-CVE-2015-6529
+CVE-2015-6529 (Multiple cross-site scripting (XSS) vulnerabilities in phpipam 1.1.010 ...)
 	- phpipam <itp> (bug #731713)
-CVE-2015-6528
+CVE-2015-6528 (Multiple cross-site scripting (XSS) vulnerabilities in install_classic ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2015-6525
+CVE-2015-6525 (Multiple integer overflows in the evbuffer API in Libevent 2.0.x befor ...)
 	{DSA-3119-1}
 	- libevent 2.0.21-stable-2
 	[squeeze] - libevent <not-affected> (Only for issues in 2.0.x and 2.1.x)
 	NOTE: Split from CVE-2014-6272
-CVE-2015-6524
+CVE-2015-6524 (The LDAPLoginModule implementation in the Java Authentication and Auth ...)
 	- activemq 5.6.0+dfsg1-4 (low)
 	[wheezy] - activemq 5.6.0+dfsg-1+deb7u1
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
-CVE-2015-6523
+CVE-2015-6523 (Cross-site request forgery (CSRF) vulnerability in the Portfolio plugi ...)
 	NOT-FOR-US: Portfolio plugin for WordPress
-CVE-2015-6522
+CVE-2015-6522 (SQL injection vulnerability in the WP Symposium plugin before 15.8 for ...)
 	NOT-FOR-US: WP Symposium plugin for WordPress
-CVE-2015-6661
+CVE-2015-6661 (Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to  ...)
 	{DSA-3346-1}
 	- drupal7 7.39-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-003
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/21/5
-CVE-2015-6660
+CVE-2015-6660 (The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not pr ...)
 	{DSA-3346-1}
 	- drupal7 7.39-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-003
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/21/5
-CVE-2015-6659
+CVE-2015-6659 (SQL injection vulnerability in the SQL comment filtering system in the ...)
 	{DSA-3346-1}
 	- drupal7 7.39-1
 	NOTE: https://www.drupal.org/SA-CORE-2015-003
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/21/5
-CVE-2015-6658
+CVE-2015-6658 (Cross-site scripting (XSS) vulnerability in the Autocomplete system in ...)
 	{DSA-3346-1}
 	- drupal7 7.39-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-003
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/21/5
-CVE-2015-6665
+CVE-2015-6665 (Cross-site scripting (XSS) vulnerability in the Ajax handler in Drupal ...)
 	{DSA-3346-1}
 	- drupal7 7.39-1
 	NOTE: https://www.drupal.org/SA-CORE-2015-003
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/21/5
-CVE-2015-6673
+CVE-2015-6673 (Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32. ...)
 	- libpgf 6.14.12-3.2 (bug #798032)
 	[jessie] - libpgf <no-dsa> (Minor issue, can be fixed via a point release)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/19/14
 	NOTE: Details on the CVE assignment: http://www.openwall.com/lists/oss-security/2015/08/25/9
 	NOTE: https://sourceforge.net/p/libpgf/code/147/
 	NOTE: https://sourceforge.net/p/libpgf/code/148/
-CVE-2015-6527
+CVE-2015-6527 (The php_str_replace_in_subject function in ext/standard/string.c in PH ...)
 	- php5 <not-affected> (Specific to PHP 7)
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5
 	NOTE: https://bugs.php.net/bug.php?id=70140
-CVE-2015-6521
+CVE-2015-6521 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor LMS vers ...)
 	NOT-FOR-US: ATutor
-CVE-2015-6519
+CVE-2015-6519 (SQL injection vulnerability in Arab Portal 3 allows remote attackers t ...)
 	NOT-FOR-US: Arab Portal 3
-CVE-2015-6518
+CVE-2015-6518 (Multiple cross-site scripting (XSS) vulnerabilities in phpLiteAdmin 1. ...)
 	- phpliteadmin <not-affected> (Fixed before initial upload)
-CVE-2015-6517
+CVE-2015-6517 (Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 al ...)
 	- phpliteadmin <not-affected> (Fixed before initial upload)
-CVE-2015-6516
+CVE-2015-6516 (SQL injection vulnerability in cygnux.org sysPass 1.0.9 and earlier al ...)
 	NOT-FOR-US: cygnux.org sysPass
-CVE-2015-6515
+CVE-2015-6515 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enter ...)
 	NOT-FOR-US: Splunk
-CVE-2015-6514
+CVE-2015-6514 (Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk En ...)
 	NOT-FOR-US: Splunk Enterprise
-CVE-2015-6513
+CVE-2015-6513 (Multiple SQL injection vulnerabilities in the J2Store (com_j2store) ex ...)
 	NOT-FOR-US: Joomla extension com_j2store
-CVE-2015-6512
+CVE-2015-6512 (SQL injection vulnerability in the get_messages function in server/plu ...)
 	NOT-FOR-US: FreiChat
-CVE-2015-6511
+CVE-2015-6511 (Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allow ...)
 	NOT-FOR-US: pfSense
-CVE-2015-6510
+CVE-2015-6510 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense before  ...)
 	NOT-FOR-US: pfSense
-CVE-2015-6509
+CVE-2015-6509 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense before  ...)
 	NOT-FOR-US: pfSense
-CVE-2015-6508
+CVE-2015-6508 (Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allow ...)
 	NOT-FOR-US: pfSense
-CVE-2015-6507
+CVE-2015-6507 (The hdbsql client 1.00.091.00 Build 1418659308-1530 in SAP HANA allows ...)
 	NOT-FOR-US: SAP
-CVE-2015-6833
+CVE-2015-6833 (Directory traversal vulnerability in the PharData class in PHP before  ...)
 	{DSA-3344-1 DLA-341-1}
 	- php5 5.6.12+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70019
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/19/3
 	NOTE: Fixed upstream in 5.4.44 and 5.6.12
-CVE-2015-6831
+CVE-2015-6831 (Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5 ...)
 	{DSA-3344-1 DLA-341-1}
 	- php5 5.6.12+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70169
@@ -8488,7 +8488,7 @@ CVE-2015-6831
 	NOTE: https://bugs.php.net/bug.php?id=70155
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/19/3
 	NOTE: Fixed upstream in 5.4.44 and 5.6.12
-CVE-2015-6832
+CVE-2015-6832 (Use-after-free vulnerability in the SPL unserialize implementation in  ...)
 	{DSA-3344-1 DLA-341-1}
 	- php5 5.6.12+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70068
@@ -8500,11 +8500,11 @@ CVE-2015-6504
 	RESERVED
 CVE-2015-6503
 	RESERVED
-CVE-2015-6502
+CVE-2015-6502 (Cross-site scripting (XSS) vulnerability in the console in Puppet Ente ...)
 	NOT-FOR-US: Puppet Enterprise
-CVE-2015-6501
+CVE-2015-6501 (Open redirect vulnerability in the Console in Puppet Enterprise before ...)
 	- puppet <not-affected> (Limited to Puppet Enterprise)
-CVE-2015-6500
+CVE-2015-6500 (Directory traversal vulnerability in ownCloud Server before 8.0.6 and  ...)
 	{DSA-3373-1}
 	- owncloud 7.0.10~dfsg-2 (bug #800126)
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-014
@@ -8512,93 +8512,93 @@ CVE-2015-6500
 	NOTE: https://github.com/owncloud/core/commit/9f8c0a3a8d14f1c127b2034faa14d8d309f962e9
 CVE-2015-6499
 	RESERVED
-CVE-2015-6498
+CVE-2015-6498 (Alcatel-Lucent Home Device Manager before 4.1.10, 4.2.x before 4.2.2 a ...)
 	NOT-FOR-US: Alcatel-Lucent Home Device Manager
 CVE-2015-6497
 	RESERVED
 CVE-2015-6495
 	RESERVED
-CVE-2015-6494
+CVE-2015-6494 (Cross-site scripting (XSS) vulnerability in Infinite Automation Mango  ...)
 	NOT-FOR-US: Infinite Automation Mango Automation
-CVE-2015-6493
+CVE-2015-6493 (Cross-site request forgery (CSRF) vulnerability in Infinite Automation ...)
 	NOT-FOR-US: Infinite Automation Mango Automation
-CVE-2015-6492
+CVE-2015-6492 (Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 dev ...)
 	NOT-FOR-US: Allen-Bradley MicroLogix
-CVE-2015-6491
+CVE-2015-6491 (Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 dev ...)
 	NOT-FOR-US: Allen-Bradley MicroLogix
-CVE-2015-6490
+CVE-2015-6490 (Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices b ...)
 	NOT-FOR-US: Allen-Bradley MicroLogix
 CVE-2015-6489
 	RESERVED
-CVE-2015-6488
+CVE-2015-6488 (Cross-site scripting (XSS) vulnerability in the web server on Allen-Br ...)
 	NOT-FOR-US: Allen-Bradley MicroLogix
 CVE-2015-6487
 	REJECTED
-CVE-2015-6486
+CVE-2015-6486 (SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices b ...)
 	NOT-FOR-US: Allen-Bradley MicroLogix
-CVE-2015-6485
+CVE-2015-6485 (Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-5 ...)
 	NOT-FOR-US: Schneider
-CVE-2015-6484
+CVE-2015-6484 (3S-Smart CODESYS Gateway Server before 2.3.9.48 allows remote attacker ...)
 	NOT-FOR-US: 3S-Smart CODESYS
 CVE-2015-6483
 	RESERVED
-CVE-2015-6482
+CVE-2015-6482 (Runtime Toolkit before 2.4.7.48 in 3S-Smart CODESYS before 2.3.9.48 al ...)
 	NOT-FOR-US: 3S-Smart CODESYS
-CVE-2015-6481
+CVE-2015-6481 (The login function in the RequestController class in Moxa OnCell Centr ...)
 	NOT-FOR-US: Moxa
-CVE-2015-6480
+CVE-2015-6480 (The MessageBrokerServlet servlet in Moxa OnCell Central Manager before ...)
 	NOT-FOR-US: Moxa
-CVE-2015-6479
+CVE-2015-6479 (ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, ...)
 	NOT-FOR-US: Sierra Wireless ALEOS
-CVE-2015-6478
+CVE-2015-6478 (Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict ...)
 	NOT-FOR-US: Unitronics VisiLogic OPLC IDE
-CVE-2015-6477
+CVE-2015-6477 (Multiple cross-site scripting (XSS) vulnerabilities in the Wind Farm P ...)
 	NOT-FOR-US: Nordex Control
-CVE-2015-6476
+CVE-2015-6476 (Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devi ...)
 	NOT-FOR-US: Advantech EKI-122x-BE devices
-CVE-2015-6475
+CVE-2015-6475 (Multiple cross-site scripting (XSS) vulnerabilities in IBC Solar Serve ...)
 	NOT-FOR-US: ServeMaster
-CVE-2015-6474
+CVE-2015-6474 (IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers ...)
 	NOT-FOR-US: ServeMaster
-CVE-2015-6473
+CVE-2015-6473 (WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain p ...)
 	NOT-FOR-US: WAGO IO
-CVE-2015-6472
+CVE-2015-6472 (WAGO IO 750-849 01.01.27 and 01.02.05, WAGO IO 750-881, and WAGO IO 75 ...)
 	NOT-FOR-US: WAGO IO
-CVE-2015-6471
+CVE-2015-6471 (Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 co ...)
 	NOT-FOR-US: Eaton Cooper Power Systems ProView
-CVE-2015-6470
+CVE-2015-6470 (Resource Data Management Data Manager before 2.2 allows remote authent ...)
 	NOT-FOR-US: Resource Data Manager
-CVE-2015-6469
+CVE-2015-6469 (The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ all ...)
 	NOT-FOR-US: ServerMaster
-CVE-2015-6468
+CVE-2015-6468 (Cross-site request forgery (CSRF) vulnerability in Resource Data Manag ...)
 	NOT-FOR-US: Resource Data Manager
-CVE-2015-6467
+CVE-2015-6467 (Advantech WebAccess before 8.1 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Advantech
-CVE-2015-6466
+CVE-2015-6466 (Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature ...)
 	NOT-FOR-US: Moxa switches
-CVE-2015-6465
+CVE-2015-6465 (The GoAhead web server on Moxa EDS-405A and EDS-408A switches with fir ...)
 	NOT-FOR-US: Moxa switches
-CVE-2015-6464
+CVE-2015-6464 (The administrative web interface on Moxa EDS-405A and EDS-408A switche ...)
 	NOT-FOR-US: Moxa switches
-CVE-2015-6463
+CVE-2015-6463 (CodeWrights HART Comm DTM components, as used with Endress+Hauser Fiel ...)
 	NOT-FOR-US: CodeWrights HART Comm DTM components
 CVE-2015-6462
 	RESERVED
 CVE-2015-6461
 	RESERVED
-CVE-2015-6460
+CVE-2015-6460 (Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Serve ...)
 	NOT-FOR-US: CODESYS Gateway Server
-CVE-2015-6459
+CVE-2015-6459 (Absolute path traversal vulnerability in the download feature in FileD ...)
 	NOT-FOR-US: FileDownloadServlet
 CVE-2015-6458
 	RESERVED
 CVE-2015-6457
 	RESERVED
-CVE-2015-6456
+CVE-2015-6456 (GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1. ...)
 	NOT-FOR-US: PulseNET
 CVE-2015-6455
 	REJECTED
-CVE-2015-6454
+CVE-2015-6454 (Everest PeakHMI before 8.7.0.2, when the video server is used, allows  ...)
 	NOT-FOR-US: PeakHMI
 CVE-2015-6453
 	REJECTED
@@ -8636,157 +8636,157 @@ CVE-2015-6437
 	REJECTED
 CVE-2015-6436
 	REJECTED
-CVE-2015-6435
+CVE-2015-6435 (An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 900 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6434
+CVE-2015-6434 (Cisco Prime Infrastructure does not properly restrict use of IFRAME el ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6433
+CVE-2015-6433 (SQL injection vulnerability in Cisco Unified Communications Manager 11 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6432
+CVE-2015-6432 (Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, a ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6431
+CVE-2015-6431 (Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: Cisco
 CVE-2015-6430
 	RESERVED
-CVE-2015-6429
+CVE-2015-6429 (The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6428
+CVE-2015-6428 (Cisco DPQ3925 devices with EDVA r1 Base allow remote attackers to obta ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6427
+CVE-2015-6427 (Cisco FireSIGHT Management Center allows remote attackers to bypass th ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6426
+CVE-2015-6426 (Cisco Prime Network Services Controller 3.0 allows local users to bypa ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6425
+CVE-2015-6425 (The WebApplications Identity Management subsystem in Cisco Unified Com ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6424
+CVE-2015-6424 (The boot manager in Cisco Application Policy Infrastructure Controller ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6423
+CVE-2015-6423 (The DCERPC Inspection implementation in Cisco Adaptive Security Applia ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6422
+CVE-2015-6422 (The self-service application in Cisco Unified Communications Domain Ma ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6421
+CVE-2015-6421 (cifs-ao in the CIFS optimization functionality on Cisco Wide Area Appl ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6420
+CVE-2015-6420 (Serialized-object interfaces in certain Cisco Collaboration and Social ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6419
+CVE-2015-6419 (Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0,  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6418
+CVE-2015-6418 (The random-number generator on Cisco Small Business RV routers 4.x and ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6417
+CVE-2015-6417 (Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6416
+CVE-2015-6416 (Cross-site scripting (XSS) vulnerability in Cisco Unified Email Intera ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6415
+CVE-2015-6415 (Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect 6 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6414
+CVE-2015-6414 (Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6413
+CVE-2015-6413 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 al ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6412
+CVE-2015-6412 (Cisco Modular Encoding Platform D9036 Software before 02.04.70 has har ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6411
+CVE-2015-6411 (Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides v ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6410
+CVE-2015-6410 (The Mobile and Remote Access (MRA) services implementation in Cisco Un ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6409
+CVE-2015-6409 (Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-m ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6408
+CVE-2015-6408 (Cross-site request forgery (CSRF) vulnerability in Cisco Unity Connect ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6407
+CVE-2015-6407 (Cisco Emergency Responder 10.5(3.10000.9) allows remote attackers to u ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6406
+CVE-2015-6406 (Directory traversal vulnerability in the Tools menu in Cisco Emergency ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6405
+CVE-2015-6405 (Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Res ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6404
+CVE-2015-6404 (Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does not use  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6403
+CVE-2015-6403 (The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6402
+CVE-2015-6402 (Cross-site scripting (XSS) vulnerability in the management interface o ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6401
+CVE-2015-6401 (Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6400
+CVE-2015-6400 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6399
+CVE-2015-6399 (The Supervisor 1.0.0.0 and 1.0.0.1 in Cisco Integrated Management Cont ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6398
+CVE-2015-6398 (Cisco Nexus 9000 Application Centric Infrastructure (ACI) Mode switche ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6397
+CVE-2015-6397 (Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC config ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6396
+CVE-2015-6396 (The CLI command parser on Cisco RV110W, RV130W, and RV215W devices all ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6395
+CVE-2015-6395 (Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not pr ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6394
+CVE-2015-6394 (The kernel in Cisco NX-OS 5.2(9)N1(1) on Nexus 5000 devices allows loc ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6393
+CVE-2015-6393 (Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 3000, ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6392
+CVE-2015-6392 (Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6391
+CVE-2015-6391 (Cisco Unified SIP 3905 phones allow remote attackers to cause a denial ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6390
+CVE-2015-6390 (Cross-site scripting (XSS) vulnerability in the management interface i ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6389
+CVE-2015-6389 (Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser ...)
 	NOT-FOR-US: Cisco Prime Collaboration Assurance
-CVE-2015-6388
+CVE-2015-6388 (Cisco Unified Computing System (UCS) Central software 1.3(0.1) allows  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6387
+CVE-2015-6387 (Cross-site scripting (XSS) vulnerability in Cisco Unified Computing Sy ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6386
+CVE-2015-6386 (The passthrough FTP feature on Cisco Web Security Appliance (WSA) devi ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6385
+CVE-2015-6385 (The publish-event event-manager feature in Cisco IOS 15.5(2)S and 15.5 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6384
+CVE-2015-6384 (The Cisco WebEx Meetings application before 8.5.1 for Android improper ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6383
+CVE-2015-6383 (Cisco IOS XE 15.4(3)S on ASR 1000 devices improperly loads software pa ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6382
+CVE-2015-6382 (Cisco ASR 5000 devices with software 16.0(900) allow remote attackers  ...)
 	NOT-FOR-US: Cisco
 CVE-2015-6381
 	RESERVED
-CVE-2015-6380
+CVE-2015-6380 (An unspecified script in the web interface in Cisco Firepower Extensib ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6379
+CVE-2015-6379 (The XML parser in the management interface in Cisco Adaptive Security  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6378
+CVE-2015-6378 (Cross-site request forgery (CSRF) vulnerability on Cisco DPQ3925 devic ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6377
+CVE-2015-6377 (Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote at ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6376
+CVE-2015-6376 (Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6375
+CVE-2015-6375 (The debug-logging (aka debug cns) feature in Cisco Networking Services ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6374
+CVE-2015-6374 (The web interface in Cisco Firepower Extensible Operating System 1.1(1 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6373
+CVE-2015-6373 (Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Ext ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6372
+CVE-2015-6372 (Cross-site scripting (XSS) vulnerability in the web-based management i ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6371
+CVE-2015-6371 (Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 90 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6370
+CVE-2015-6370 (The Management I/O (MIO) component in Cisco Firepower Extensible Opera ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6369
+CVE-2015-6369 (The USB driver in Cisco Firepower Extensible Operating System 1.1(1.16 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6368
+CVE-2015-6368 (Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 90 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6367
+CVE-2015-6367 (Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attac ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6366
+CVE-2015-6366 (Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs supers ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6365
+CVE-2015-6365 (Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs superse ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6364
+CVE-2015-6364 (Cisco Content Delivery System Manager Software 3.2 on Videoscape Distr ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6363
+CVE-2015-6363 (Multiple cross-site scripting (XSS) vulnerabilities in the web framewo ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6362
+CVE-2015-6362 (The web GUI in Cisco Connected Grid Network Management System (CG-NMS) ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6361
+CVE-2015-6361 (The administrative web interface on Cisco DPC3939 (XB3) devices with f ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6360
+CVE-2015-6360 (The encryption-processing feature in Cisco libSRTP before 1.5.3 allows ...)
 	{DSA-3539-1 DLA-393-1}
 	[experimental] - srtp 1.5.3~dfsg-1
 	- srtp 1.4.5~20130609~dfsg-1.2 (bug #807698)
@@ -8794,221 +8794,221 @@ CVE-2015-6360
 	NOTE: Fixup: https://github.com/cisco/libsrtp/commit/be95365fbb4788b688cab7af61c65b7989055fb4
 	NOTE: Fixup: https://github.com/cisco/libsrtp/commit/be06686c8e98cc7bd934e10abb6f5e971d03f8ee
 	NOTE: Fixup: https://github.com/cisco/libsrtp/commit/cdc69f2acde796a4152a250f869271298abc233f
-CVE-2015-6359
+CVE-2015-6359 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-6358
+CVE-2015-6358 (Multiple Cisco embedded devices use hardcoded X.509 certificates and S ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6357
+CVE-2015-6357 (The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2  ...)
 	NOT-FOR-US: Cisco FireSIGHT
-CVE-2015-6356
+CVE-2015-6356 (Cross-site scripting (XSS) vulnerability in the WeChat page in Cisco S ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6355
+CVE-2015-6355 (The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6354
+CVE-2015-6354 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6353
+CVE-2015-6353 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6352
+CVE-2015-6352 (Cisco Unified Communications Domain Manager before 10.6(1) provides di ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6351
+CVE-2015-6351 (Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices wit ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6350
+CVE-2015-6350 (SQL injection vulnerability in the web framework in Cisco Prime Servic ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6349
+CVE-2015-6349 (Cross-site scripting (XSS) vulnerability in the web interface in the S ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6348
+CVE-2015-6348 (The report-generation web interface in the Solution Engine in Cisco Se ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6347
+CVE-2015-6347 (The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0. ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6346
+CVE-2015-6346 (Cross-site scripting (XSS) vulnerability in Cisco Secure Access Contro ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6345
+CVE-2015-6345 (SQL injection vulnerability in the Solution Engine in Cisco Secure Acc ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6344
+CVE-2015-6344 (The web-based GUI in Cisco Adaptive Security Appliance (ASA) CX Contex ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2015-6343
+CVE-2015-6343 (The SIP implementation in Cisco IOS 15.5(3)M on Cisco Unified Border E ...)
 	NOT-FOR-US: Cisco
 CVE-2015-6342
 	REJECTED
-CVE-2015-6341
+CVE-2015-6341 (The Web Management GUI on Cisco Wireless LAN Controller (WLC) devices  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6340
+CVE-2015-6340 (The Proxy Mobile IPv6 (PMIPv6) component in the CDMA implementation on ...)
 	NOT-FOR-US: Cisco
 CVE-2015-6339
 	REJECTED
 CVE-2015-6338
 	REJECTED
-CVE-2015-6337
+CVE-2015-6337 (Cross-site scripting (XSS) vulnerability in Cisco Application Policy I ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6336
+CVE-2015-6336 (Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8. ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6335
+CVE-2015-6335 (The policy implementation in Cisco FireSIGHT Management Center 5.3.1.7 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6334
+CVE-2015-6334 (Cisco ASR 5000 and 5500 devices with software 18.0.0.57828 and 19.0.M0 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6333
+CVE-2015-6333 (Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6332
+CVE-2015-6332 (Cisco Prime Infrastructure 2.2 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6331
+CVE-2015-6331 (SQL injection vulnerability in the web framework in Cisco Prime Collab ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6330
+CVE-2015-6330 (Cross-site request forgery (CSRF) vulnerability in Cisco Prime Collabo ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6329
+CVE-2015-6329 (SQL injection vulnerability in Cisco Prime Collaboration Provisioning  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6328
+CVE-2015-6328 (The web framework in Cisco Prime Collaboration Assurance (PCA) 10.5(1) ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6327
+CVE-2015-6327 (The IKEv1 implementation in Cisco Adaptive Security Appliance (ASA) so ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6326
+CVE-2015-6326 (Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8. ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6325
+CVE-2015-6325 (Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8. ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6324
+CVE-2015-6324 (The DHCPv6 relay implementation in Cisco Adaptive Security Appliance ( ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6323
+CVE-2015-6323 (The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6322
+CVE-2015-6322 (The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 th ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6321
+CVE-2015-6321 (Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6320
+CVE-2015-6320 (The IP ingress packet handler on Cisco Aironet 1800 devices with softw ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6319
+CVE-2015-6319 (SQL injection vulnerability in the web-based management interface on C ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6318
+CVE-2015-6318 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6317
+CVE-2015-6317 (Cisco Identity Services Engine (ISE) before 2.0 allows remote authenti ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6316
+CVE-2015-6316 (The default configuration of sshd_config in Cisco Mobility Services En ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6315
+CVE-2015-6315 (Cisco Aironet 1850 access points with software 8.1(112.4) allow local  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6314
+CVE-2015-6314 (Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 b ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
-CVE-2015-6313
+CVE-2015-6313 (Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobilit ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6312
+CVE-2015-6312 (Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE)  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6311
+CVE-2015-6311 (Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0),  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6310
+CVE-2015-6310 (The REST interface in Cisco Unified Communications Manager IM and Pres ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6309
+CVE-2015-6309 (Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows re ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6308
+CVE-2015-6308 (Cisco NX-OS 6.0(2)U6(0.46) on N3K devices allows remote authenticated  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6307
+CVE-2015-6307 (Cisco FirePOWER (formerly Sourcefire) 7000 and 8000 devices with softw ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6306
+CVE-2015-6306 (Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6305
+CVE-2015-6305 (Untrusted search path vulnerability in the CMainThread::launchDownload ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6304
+CVE-2015-6304 (Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6303
+CVE-2015-6303 (The Cisco Spark application 2015-07-04 for mobile operating systems do ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6302
+CVE-2015-6302 (The RADIUS functionality on Cisco Wireless LAN Controller (WLC) device ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6301
+CVE-2015-6301 (The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6300
+CVE-2015-6300 (Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) all ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6299
+CVE-2015-6299 (SQL injection vulnerability in the web interface in Cisco Unity Connec ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6298
+CVE-2015-6298 (The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x a ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6297
+CVE-2015-6297 (The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6296
+CVE-2015-6296 (Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6295
+CVE-2015-6295 (Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices al ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6294
+CVE-2015-6294 (Cisco IOS 15.2(3)E and earlier and IOS XE 3.6(2)E and earlier allow re ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6293
+CVE-2015-6293 (Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051,  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6292
+CVE-2015-6292 (The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6291
+CVE-2015-6291 (Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and 9. ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6290
+CVE-2015-6290 (Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6289
+CVE-2015-6289 (Cisco IOS 15.5(3)M on Integrated Services Router (ISR) 800, 819, and 8 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6288
+CVE-2015-6288 (Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not p ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6287
+CVE-2015-6287 (Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remo ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6286
+CVE-2015-6286 (Cisco Application Visibility and Control (AVC) 15.3(3)JA, when FlexCon ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6285
+CVE-2015-6285 (Format string vulnerability in Cisco Email Security Appliance (ESA) 7. ...)
 	NOT-FOR-US: Cisco Email Security Appliance
-CVE-2015-6284
+CVE-2015-6284 (Buffer overflow in the Conference Control Protocol API implementation  ...)
 	NOT-FOR-US: Cisco TelePresence Server
 CVE-2015-6283
 	REJECTED
-CVE-2015-6282
+CVE-2015-6282 (Cisco IOS XE 2.x and 3.x before 3.10.6S, 3.11.xS through 3.13.xS befor ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2015-6281
 	RESERVED
-CVE-2015-6280
+CVE-2015-6280 (The SSHv2 functionality in Cisco IOS 15.2, 15.3, 15.4, and 15.5 and IO ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-6279
+CVE-2015-6279 (The IPv6 snooping functionality in the first-hop security subsystem in ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-6278
+CVE-2015-6278 (The IPv6 snooping functionality in the first-hop security subsystem in ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-6277
+CVE-2015-6277 (The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMwar ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6276
+CVE-2015-6276 (Cisco TelePresence IX5000 8.0.3 stores a private key associated with a ...)
 	NOT-FOR-US: Cisco TelePresence
 CVE-2015-6275
 	RESERVED
-CVE-2015-6274
+CVE-2015-6274 (The IPv4 implementation on Cisco ASR 1000 devices with software 15.5(3 ...)
 	NOT-FOR-US: Cisco ASR
-CVE-2015-6273
+CVE-2015-6273 (Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automati ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6272
+CVE-2015-6272 (Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when N ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6271
+CVE-2015-6271 (Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when N ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6270
+CVE-2015-6270 (Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6269
+CVE-2015-6269 (Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6268
+CVE-2015-6268 (Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6267
+CVE-2015-6267 (Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6266
+CVE-2015-6266 (The guest portal in Cisco Identity Services Engine (ISE) 3300 1.2(0.89 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6265
+CVE-2015-6265 (The CLI in Cisco Application Control Engine (ACE) 4700 A5 3.0 and earl ...)
 	NOT-FOR-US: Cisco
 CVE-2015-6264
 	REJECTED
-CVE-2015-6263
+CVE-2015-6263 (The RADIUS client implementation in Cisco IOS 15.4(3)M2.2, when a shar ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-6262
+CVE-2015-6262 (Cross-site request forgery (CSRF) vulnerability in Cisco Prime Infrast ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6261
+CVE-2015-6261 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6260
+CVE-2015-6260 (Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6259
+CVE-2015-6259 (The JavaServer Pages (JSP) component in Cisco Integrated Management Co ...)
 	NOT-FOR-US: Cisco
-CVE-2015-6258
+CVE-2015-6258 (The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN ...)
 	NOT-FOR-US: Cisco
 CVE-2015-6257
 	RESERVED
-CVE-2015-6256
+CVE-2015-6256 (Cisco ASR 5000 devices with software 19.0.M0.60828 allow remote attack ...)
 	NOT-FOR-US: Cisco Aggregation Services Router
-CVE-2015-6255
+CVE-2015-6255 (Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-Ma ...)
 	NOT-FOR-US: Cisco Unified Web and E-Mail Interaction Manager
-CVE-2015-6254
+CVE-2015-6254 (The (1) Service Provider (SP) and (2) Identity Provider (IdP) in Picke ...)
 	NOT-FOR-US: PicketLink
 CVE-2015-6253
 	RESERVED
-CVE-2015-6526
+CVE-2015-6526 (The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c i ...)
 	- linux 4.1.3-1
 	[jessie] - linux 3.16.7-ckt11-1
 	[wheezy] - linux 3.2.71-1
@@ -9016,7 +9016,7 @@ CVE-2015-6526
 	[squeeze] - linux-2.6 <not-affected> (powerpc not supported in Squeeze LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/18/4
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a5cbce421a283e6aea3c4007f141735bf9da8c3 (v4.1-rc1)
-CVE-2015-6252
+CVE-2015-6252 (The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux ker ...)
 	{DSA-3364-1}
 	- linux 4.1.5-1
 	- linux-2.6 <removed>
@@ -9025,9 +9025,9 @@ CVE-2015-6252
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5 (v4.2-rc5)
 CVE-2015-6239
 	RESERVED
-CVE-2015-6238
+CVE-2015-6238 (Multiple cross-site scripting (XSS) vulnerabilities in the Google Anal ...)
 	NOT-FOR-US: Google Analyticator plugin for WordPress
-CVE-2015-6237
+CVE-2015-6237 (The RPC service in Tripwire (formerly nCircle) IP360 VnE Manager 7.2.2 ...)
 	NOT-FOR-US: Tripwire IP360 VnE Manager
 CVE-2015-6236
 	REJECTED
@@ -9133,7 +9133,7 @@ CVE-2015-6186
 	REJECTED
 CVE-2015-6185
 	REJECTED
-CVE-2015-6184
+CVE-2015-6184 (The CAttrArray object implementation in Microsoft Internet Explorer 7  ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-6183
 	REJECTED
@@ -9147,117 +9147,117 @@ CVE-2015-6179
 	REJECTED
 CVE-2015-6178
 	REJECTED
-CVE-2015-6177
+CVE-2015-6177 (Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, and Excel Vie ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6176
+CVE-2015-6176 (Microsoft Edge mishandles HTML attributes in HTTP responses, which all ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6175
+CVE-2015-6175 (The kernel in Microsoft Windows 10 Gold allows local users to gain pri ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6174
+CVE-2015-6174 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6173
+CVE-2015-6173 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6172
+CVE-2015-6172 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6171
+CVE-2015-6171 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6170
+CVE-2015-6170 (Microsoft Edge allows remote attackers to gain privileges via a crafte ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6169
+CVE-2015-6169 (Microsoft Edge misparses HTTP responses, which allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6168
+CVE-2015-6168 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-6167
 	REJECTED
-CVE-2015-6166
+CVE-2015-6166 (Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6165
+CVE-2015-6165 (Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6164
+CVE-2015-6164 (Microsoft Internet Explorer 9 through 11 improperly implements a cross ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-6163
 	REJECTED
-CVE-2015-6162
+CVE-2015-6162 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6161
+CVE-2015-6161 (Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6160
+CVE-2015-6160 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6159
+CVE-2015-6159 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6158
+CVE-2015-6158 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6157
+CVE-2015-6157 (Microsoft Internet Explorer 11 allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6156
+CVE-2015-6156 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6155
+CVE-2015-6155 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6154
+CVE-2015-6154 (Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6153
+CVE-2015-6153 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6152
+CVE-2015-6152 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6151
+CVE-2015-6151 (Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6150
+CVE-2015-6150 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6149
+CVE-2015-6149 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6148
+CVE-2015-6148 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6147
+CVE-2015-6147 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6146
+CVE-2015-6146 (Microsoft Internet Explorer 7 and 8 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6145
+CVE-2015-6145 (Microsoft Internet Explorer 7 and 8 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6144
+CVE-2015-6144 (Microsoft Internet Explorer 8 through 11 and Microsoft Edge mishandle  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6143
+CVE-2015-6143 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6142
+CVE-2015-6142 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6141
+CVE-2015-6141 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6140
+CVE-2015-6140 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6139
+CVE-2015-6139 (Microsoft Internet Explorer 11 and Microsoft Edge mishandle content ty ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6138
+CVE-2015-6138 (Microsoft Internet Explorer 8 through 11 mishandles HTML attributes in ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-6137
 	REJECTED
-CVE-2015-6136
+CVE-2015-6136 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 eng ...)
 	NOT-FOR-US: Microsof
-CVE-2015-6135
+CVE-2015-6135 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 eng ...)
 	NOT-FOR-US: Microsof
-CVE-2015-6134
+CVE-2015-6134 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsof
-CVE-2015-6133
+CVE-2015-6133 (Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Win ...)
 	NOT-FOR-US: Microsof
-CVE-2015-6132
+CVE-2015-6132 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsof
-CVE-2015-6131
+CVE-2015-6131 (Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Wi ...)
 	NOT-FOR-US: Microsof
-CVE-2015-6130
+CVE-2015-6130 (Integer underflow in Uniscribe in Microsoft Windows 7 SP1 and Windows  ...)
 	NOT-FOR-US: Microsof
 CVE-2015-6129
 	REJECTED
-CVE-2015-6128
+CVE-2015-6128 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and W ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6127
+CVE-2015-6127 (Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Wi ...)
 	NOT-FOR-US: Windows Media Center
-CVE-2015-6126
+CVE-2015-6126 (Race condition in the Pragmatic General Multicast (PGM) protocol imple ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6125
+CVE-2015-6125 (Use-after-free vulnerability in the DNS server in Microsoft Windows Se ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6124
+CVE-2015-6124 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6123
+CVE-2015-6123 (Cross-site scripting (XSS) vulnerability in Microsoft Excel for Mac 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6122
+CVE-2015-6122 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Office C ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-6121
 	REJECTED
@@ -9265,240 +9265,240 @@ CVE-2015-6120
 	REJECTED
 CVE-2015-6119
 	REJECTED
-CVE-2015-6118
+CVE-2015-6118 (Microsoft Office 2007 SP3 and Office 2010 SP2 allow remote attackers t ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-6117
+CVE-2015-6117 (Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-6116
 	REJECTED
-CVE-2015-6115
+CVE-2015-6115 (Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote attacke ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-6114
+CVE-2015-6114 (Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft Silverlight
-CVE-2015-6113
+CVE-2015-6113 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6112
+CVE-2015-6112 (SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6111
+CVE-2015-6111 (IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold an ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-6110
 	REJECTED
-CVE-2015-6109
+CVE-2015-6109 (The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows R ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6108
+CVE-2015-6108 (The Windows font library in Microsoft Windows Vista SP2; Windows Serve ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6107
+CVE-2015-6107 (The Windows font library in Microsoft Windows Vista SP2, Windows Serve ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6106
+CVE-2015-6106 (The Windows font library in Microsoft Windows Vista SP2, Windows Serve ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-6105
 	REJECTED
-CVE-2015-6104
+CVE-2015-6104 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6103
+CVE-2015-6103 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6102
+CVE-2015-6102 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6101
+CVE-2015-6101 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6100
+CVE-2015-6100 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6099
+CVE-2015-6099 (Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET  ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2015-6098
+CVE-2015-6098 (Buffer overflow in the Network Driver Interface Standard (NDIS) implem ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6097
+CVE-2015-6097 (Heap-based buffer overflow in Windows Journal in Microsoft Windows Vis ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6096
+CVE-2015-6096 (The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2015-6095
+CVE-2015-6095 (Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-6094
+CVE-2015-6094 (Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 201 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6093
+CVE-2015-6093 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6092
+CVE-2015-6092 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6091
+CVE-2015-6091 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-6090
 	REJECTED
-CVE-2015-6089
+CVE-2015-6089 (The Microsoft (1) VBScript and (2) JScript engines, as used in Interne ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6088
+CVE-2015-6088 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6087
+CVE-2015-6087 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6086
+CVE-2015-6086 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ob ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6085
+CVE-2015-6085 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6084
+CVE-2015-6084 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6083
+CVE-2015-6083 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6082
+CVE-2015-6082 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6081
+CVE-2015-6081 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6080
+CVE-2015-6080 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6079
+CVE-2015-6079 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6078
+CVE-2015-6078 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6077
+CVE-2015-6077 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6076
+CVE-2015-6076 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6075
+CVE-2015-6075 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6074
+CVE-2015-6074 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6073
+CVE-2015-6073 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6072
+CVE-2015-6072 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6071
+CVE-2015-6071 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6070
+CVE-2015-6070 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6069
+CVE-2015-6069 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6068
+CVE-2015-6068 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-6067
 	REJECTED
-CVE-2015-6066
+CVE-2015-6066 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6065
+CVE-2015-6065 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6064
+CVE-2015-6064 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote  ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-6063
 	REJECTED
 CVE-2015-6062
 	REJECTED
-CVE-2015-6061
+CVE-2015-6061 (Cross-site scripting (XSS) vulnerability in Microsoft Skype for Busine ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-6060
 	REJECTED
-CVE-2015-6059
+CVE-2015-6059 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 eng ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6058
+CVE-2015-6058 (Microsoft Edge mishandles HTML attributes in HTTP responses, which all ...)
 	NOT-FOR-US: Microsoft Edge
-CVE-2015-6057
+CVE-2015-6057 (Microsoft Edge allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Microsoft Edge
-CVE-2015-6056
+CVE-2015-6056 (The (1) JScript and (2) VBScript engines in Microsoft Internet Explore ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6055
+CVE-2015-6055 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 eng ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-6054
 	REJECTED
-CVE-2015-6053
+CVE-2015-6053 (Microsoft Internet Explorer 11 allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6052
+CVE-2015-6052 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 eng ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6051
+CVE-2015-6051 (Microsoft Internet Explorer 10 and 11 allows remote attackers to gain  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6050
+CVE-2015-6050 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6049
+CVE-2015-6049 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6048
+CVE-2015-6048 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6047
+CVE-2015-6047 (The broker EditWith feature in Microsoft Internet Explorer 8 through 1 ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6046
+CVE-2015-6046 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ob ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6045
+CVE-2015-6045 (Use-after-free vulnerability in the CElement object implementation in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6044
+CVE-2015-6044 (Microsoft Internet Explorer 8 allows remote attackers to gain privileg ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-6043
 	REJECTED
-CVE-2015-6042
+CVE-2015-6042 (Use-after-free vulnerability in the CWindow object implementation in M ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-6041
 	REJECTED
-CVE-2015-6040
+CVE-2015-6040 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Excel 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6039
+CVE-2015-6039 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6038
+CVE-2015-6038 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6037
+CVE-2015-6037 (Cross-site scripting (XSS) vulnerability in Microsoft Excel Services o ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6036
+CVE-2015-6036 (QNAP Signage Station before 2.0.1 allows remote attackers to bypass au ...)
 	NOT-FOR-US: QNAP Signage Station
-CVE-2015-6035
+CVE-2015-6035 (Opsview before 2015-11-06 has XSS via SNMP. ...)
 	NOT-FOR-US: Opsview
-CVE-2015-6034
+CVE-2015-6034 (EPSON Network Utility 4.10 uses weak permissions (Everyone: Full Contr ...)
 	NOT-FOR-US: Epson
-CVE-2015-6033
+CVE-2015-6033 (Qolsys IQ Panel (aka QOL) before 1.5.1 does not verify the digital sig ...)
 	NOT-FOR-US: Qolsys IQ Panel
-CVE-2015-6032
+CVE-2015-6032 (Qolsys IQ Panel (aka QOL) before 1.5.1 has hardcoded cryptographic key ...)
 	NOT-FOR-US: Qolsys IQ Panel
-CVE-2015-6031
+CVE-2015-6031 (Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the ...)
 	{DSA-3379-1}
 	- miniupnpc 1.9.20140610-2.1 (bug #802650)
 	NOTE: http://talosintel.com/reports/TALOS-2015-0035/
 	NOTE: https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
-CVE-2015-6030
+CVE-2015-6030 (HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, ...)
 	NOT-FOR-US: HP Arcsight Logger
-CVE-2015-6029
+CVE-2015-6029 (HP ArcSight Logger before 6.0 P2 does not limit attempts to authentica ...)
 	NOT-FOR-US: HP Arcsight Logger
-CVE-2015-6028
+CVE-2015-6028 (Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via th ...)
 	NOT-FOR-US: Castle Rock Computing SNMPc
-CVE-2015-6027
+CVE-2015-6027 (Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP. ...)
 	NOT-FOR-US: Castle Rock Computing SNMPc
 CVE-2015-6026
 	RESERVED
 CVE-2015-6025
 	RESERVED
-CVE-2015-6024
+CVE-2015-6024 (ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmwar ...)
 	NOT-FOR-US: Qolsys NetCommWireless
-CVE-2015-6023
+CVE-2015-6023 (ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmwar ...)
 	NOT-FOR-US: Qolsys NetCommWireless
-CVE-2015-6022
+CVE-2015-6022 (Unrestricted file upload vulnerability in QNAP Signage Station before  ...)
 	NOT-FOR-US: QNAP Signage Station
-CVE-2015-6021
+CVE-2015-6021 (Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response. ...)
 	NOT-FOR-US: Spiceworks Desktop
-CVE-2015-6020
+CVE-2015-6020 (ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote auth ...)
 	NOT-FOR-US: ZyXEL
-CVE-2015-6019
+CVE-2015-6019 (The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00 ...)
 	NOT-FOR-US: ZyXEL
-CVE-2015-6018
+CVE-2015-6018 (The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with  ...)
 	NOT-FOR-US: ZyXEL
-CVE-2015-6017
+CVE-2015-6017 (Multiple cross-site scripting (XSS) vulnerabilities in Forms/rpAuth_1  ...)
 	NOT-FOR-US: ZyXEL
-CVE-2015-6016
+CVE-2015-6016 (ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B2 ...)
 	NOT-FOR-US: ZyXEL
-CVE-2015-6015
+CVE-2015-6015 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2015-6014
+CVE-2015-6014 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2015-6013
+CVE-2015-6013 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2015-6012
+CVE-2015-6012 (Multiple open redirect vulnerabilities in Web Reference Database (aka  ...)
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6011
+CVE-2015-6011 (Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge b ...)
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6010
+CVE-2015-6010 (Multiple cross-site scripting (XSS) vulnerabilities in Web Reference D ...)
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6009
+CVE-2015-6009 (Multiple SQL injection vulnerabilities in Web Reference Database (aka  ...)
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6008
+CVE-2015-6008 (install.php in Web Reference Database (aka refbase) through 0.9.6 allo ...)
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6007
+CVE-2015-6007 (Cross-site request forgery (CSRF) vulnerability in Web Reference Datab ...)
 	NOT-FOR-US: Web Reference Database (aka refbase)
-CVE-2015-6006
+CVE-2015-6006 (The AddUserFinding implementation in Medicomp MEDCIN Engine 2.22.20153 ...)
 	NOT-FOR-US: Medicomp
-CVE-2015-6005
+CVE-2015-6005 (Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsU ...)
 	NOT-FOR-US: IPSwitch
-CVE-2015-6004
+CVE-2015-6004 (Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before ...)
 	NOT-FOR-US: IPSwitch
-CVE-2015-6003
+CVE-2015-6003 (Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910  ...)
 	NOT-FOR-US: QNAP QTS
 CVE-2015-6002
 	RESERVED
@@ -9506,89 +9506,89 @@ CVE-2015-6001
 	RESERVED
 CVE-2015-6000
 	RESERVED
-CVE-2015-5999
+CVE-2015-5999 (Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Li ...)
 	NOT-FOR-US: D-Link DIR-816L Wireless Router
-CVE-2015-5998
+CVE-2015-5998 (Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASS ...)
 	NOT-FOR-US: Impero Education Pro
-CVE-2015-5997
+CVE-2015-5997 (Impero Education Pro before 5105 uses a hardcoded CBC key and initiali ...)
 	NOT-FOR-US: Impero Education Pro
-CVE-2015-5996
+CVE-2015-5996 (Cross-site request forgery (CSRF) vulnerability on Mediabridge Mediali ...)
 	NOT-FOR-US: Mediabridge Medialink devices
-CVE-2015-5995
+CVE-2015-5995 (Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 and T ...)
 	NOT-FOR-US: Mediabridge Medialink devices
-CVE-2015-5994
+CVE-2015-5994 (The web management interface on Mediabridge Medialink MWN-WAPR300N dev ...)
 	NOT-FOR-US: Mediabridge Medialink devices
-CVE-2015-5993
+CVE-2015-5993 (Buffer overflow in form2ping.cgi on Philippine Long Distance Telephone ...)
 	NOT-FOR-US: SpeedSurf
-CVE-2015-5992
+CVE-2015-5992 (Cross-site scripting (XSS) vulnerability in form2WlanSetup.cgi on Phil ...)
 	NOT-FOR-US: SpeedSurf
-CVE-2015-5991
+CVE-2015-5991 (Cross-site request forgery (CSRF) vulnerability in form2WlanSetup.cgi  ...)
 	NOT-FOR-US: SpeedSurf
-CVE-2015-5990
+CVE-2015-5990 (Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 de ...)
 	NOT-FOR-US: Belkin devices
-CVE-2015-5989
+CVE-2015-5989 (Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side Jav ...)
 	NOT-FOR-US: Belkin devices
-CVE-2015-5988
+CVE-2015-5988 (The web management interface on Belkin F9K1102 2 devices with firmware ...)
 	NOT-FOR-US: Belkin devices
-CVE-2015-5987
+CVE-2015-5987 (Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorit ...)
 	NOT-FOR-US: Belkin devices
-CVE-2015-6241
+CVE-2015-6241 (The proto_tree_add_bytes_item function in epan/proto.c in the protocol ...)
 	{DSA-3367-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-21.html
-CVE-2015-6242
+CVE-2015-6242 (The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_b ...)
 	{DSA-3367-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-22.html
-CVE-2015-6243
+CVE-2015-6243 (The dissector-table implementation in epan/packet.c in Wireshark 1.12. ...)
 	{DSA-3367-1 DLA-497-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-23.html
-CVE-2015-6244
+CVE-2015-6244 (The dissect_zbee_secure function in epan/dissectors/packet-zbee-securi ...)
 	{DSA-3367-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-24.html
-CVE-2015-6245
+CVE-2015-6245 (epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wi ...)
 	{DSA-3367-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-25.html
-CVE-2015-6246
+CVE-2015-6246 (The dissect_wa_payload function in epan/dissectors/packet-waveagent.c  ...)
 	{DSA-3367-1 DLA-497-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-26.html
-CVE-2015-6247
+CVE-2015-6247 (The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-op ...)
 	{DSA-3367-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-27.html
-CVE-2015-6248
+CVE-2015-6248 (The ptvcursor_add function in the ptvcursor implementation in epan/pro ...)
 	{DSA-3367-1 DLA-497-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-28.html
-CVE-2015-6249
+CVE-2015-6249 (The dissect_wccp2r1_address_table_info function in epan/dissectors/pac ...)
 	{DSA-3367-1}
 	- wireshark 1.12.7+g7fc8978-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-29.html
-CVE-2015-6250
+CVE-2015-6250 (simple-php-captcha before commit 9d65a945029c7be7bb6bc893759e74c5636be ...)
 	NOT-FOR-US: simple-php-captcha
-CVE-2015-5986
+CVE-2015-5986 (openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x  ...)
 	- bind9 <not-affected> (Vulnerable code present only since 9.9.7)
 	NOTE: https://kb.isc.org/article/AA-01291
-CVE-2015-6496
+CVE-2015-6496 (conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that t ...)
 	{DSA-3341-1 DLA-295-1}
 	- conntrack 1:1.4.2-3 (bug #796103)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/14/4
@@ -9624,103 +9624,103 @@ CVE-2015-5972
 	REJECTED
 CVE-2015-5971
 	REJECTED
-CVE-2015-5970
+CVE-2015-5970 (The ChangePassword RPC method in Novell ZENworks Configuration Managem ...)
 	NOT-FOR-US: Novell
-CVE-2015-5969
+CVE-2015-5969 (The mysql-systemd-helper script in the mysql-community-server package  ...)
 	NOT-FOR-US: SuSE-specific mysql packaging bug
-CVE-2015-5968
+CVE-2015-5968 (Cross-site scripting (XSS) vulnerability in Novell Filr 1.2 before Hot ...)
 	NOT-FOR-US: Novell
 CVE-2015-5967
 	REJECTED
 CVE-2015-5966
 	REJECTED
-CVE-2015-5965
+CVE-2015-5965 (The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the  ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2015-6506
+CVE-2015-6506 (Cross-site scripting (XSS) vulnerability in the cryptography interface ...)
 	{DSA-3335-1}
 	- request-tracker4 4.2.11-2
 	[jessie] - request-tracker4 4.2.8-3+deb8u1
 	[wheezy] - request-tracker4 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/bestpractical/rt/commit/36a461947b00b105336adb4997d1c7767d8484c4
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/13/8
-CVE-2015-6565
+CVE-2015-6565 (sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY de ...)
 	- openssh <not-affected> (Vulnerable code introduce in V_6_8_P1)
 	NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=6f941396b6835ad18018845f515b0c4fe20be21a
 	NOTE: Issue introduced with https://anongit.mindrot.org/openssh.git/commit/?id=a5883d4eccb94b16c355987f58f86a7dee17a0c2 (V_6_8_P1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/12/1
-CVE-2015-6563
+CVE-2015-6563 (The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD pla ...)
 	{DLA-1500-1}
 	- openssh 1:6.9p1-1 (bug #795711)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	[squeeze] - openssh <no-dsa> (Minor issue)
 	NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/11/9
-CVE-2015-6564
+CVE-2015-6564 (Use-after-free vulnerability in the mm_answer_pam_free_ctx function in ...)
 	{DLA-1500-1}
 	- openssh 1:6.9p1-1 (bug #795711)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	[squeeze] - openssh <no-dsa> (Minor issue)
 	NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=5e75f5198769056089fb06c4d738ab0e5abc66f7
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/11/9
-CVE-2015-6737
+CVE-2015-6737 (Cross-site scripting (XSS) vulnerability in the Widgets extension for  ...)
 	NOT-FOR-US: Widgets extension for MediaWiki
 	NOTE: https://phabricator.wikimedia.org/T88964
-CVE-2015-6736
+CVE-2015-6736 (The Quiz extension for MediaWiki allows remote attackers to cause a de ...)
 	NOT-FOR-US: Quiz extension for MediaWiki
 	NOTE: https://phabricator.wikimedia.org/T97083
-CVE-2015-6735
+CVE-2015-6735 (The reset functionality in the TimedMediaHandler extension for MediaWi ...)
 	NOT-FOR-US: TimedMediaHandler extension for MediaWiki
 	NOTE: https://phabricator.wikimedia.org/T100211
-CVE-2015-6734
+CVE-2015-6734 (Cross-site scripting (XSS) vulnerability in contrib/cssgen.php in the  ...)
 	- mediawiki-extensions <not-affected> (contrib directory not present)
 	NOTE: https://phabricator.wikimedia.org/T108198
-CVE-2015-6733
+CVE-2015-6733 (GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki be ...)
 	- mediawiki-extensions <not-affected> (contrib directory not present)
 	NOTE: https://phabricator.wikimedia.org/T108198
-CVE-2015-6732
+CVE-2015-6732 (Multiple cross-site scripting (XSS) vulnerabilities in the SemanticFor ...)
 	NOT-FOR-US: SemanticForms extension for MediaWiki
 	NOTE: https://phabricator.wikimedia.org/T103391
 	NOTE: https://phabricator.wikimedia.org/T103765
 	NOTE: https://phabricator.wikimedia.org/T103765
-CVE-2015-6731
+CVE-2015-6731 (Multiple cross-site scripting (XSS) vulnerabilities in the SemanticFor ...)
 	NOT-FOR-US: SemanticForms extension for MediaWiki
 	NOTE: https://phabricator.wikimedia.org/T103391
 	NOTE: https://phabricator.wikimedia.org/T103765
 	NOTE: https://phabricator.wikimedia.org/T103765
-CVE-2015-6730
+CVE-2015-6730 (Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki bef ...)
 	- mediawiki 1:1.25.5-1 (bug #799096)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T97391
-CVE-2015-6729
+CVE-2015-6729 (Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki bef ...)
 	- mediawiki <not-affected> (Introduced in 1.21)
 	NOTE: https://phabricator.wikimedia.org/T97391
-CVE-2015-6728
+CVE-2015-6728 (The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1. ...)
 	- mediawiki 1:1.25.5-1 (bug #799096)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T94116
-CVE-2015-6727
+CVE-2015-6727 (The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.2 ...)
 	- mediawiki 1:1.25.5-1 (bug #799096)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T106893
 	NOTE: https://github.com/wikimedia/mediawiki/commit/5faabfa1bbf65536ea36108887040198afcb3c82
-CVE-2015-5964
+CVE-2015-5964 (The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache ...)
 	{DSA-3338-1 DLA-301-1}
 	- python-django 1.7.10-1 (bug #796104)
 	NOTE: https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
-CVE-2015-5963
+CVE-2015-5963 (contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1 ...)
 	{DSA-3338-1 DLA-301-1}
 	- python-django 1.7.10-1 (bug #796104)
 	NOTE: https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
-CVE-2015-5962
+CVE-2015-5962 (Integer signedness error in the SharedBufferManagerParent::RecvAllocat ...)
 	NOT-FOR-US: Mozilla Firefox OS
-CVE-2015-5961
+CVE-2015-5961 (The COPPA error page in the Accounts setup dialog in Mozilla Firefox O ...)
 	NOT-FOR-US: Mozilla Firefox OS
-CVE-2015-5960
+CVE-2015-5960 (Mozilla Firefox OS before 2.2 allows physically proximate attackers to ...)
 	NOT-FOR-US: Mozilla Firefox OS
-CVE-2015-6520
+CVE-2015-6520 (IPPUSBXD before 1.22 listens on all interfaces, which allows remote at ...)
 	- ippusbxd 1.22-1 (bug #795162)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/11/1
 	NOTE: https://github.com/tillkamppeter/ippusbxd/commit/46844402bca7a38fc224483ba6f0a93c4613203f
@@ -9734,7 +9734,7 @@ CVE-2015-XXXX [net/http: broken trailers don't close a server connection]
 	NOTE: https://github.com/golang/go/issues/12027
 	NOTE: https://github.com/golang/go/commit/26049f6f9171d1190f3bbe05ec304845cfe6399f
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/06/2
-CVE-2015-6251
+CVE-2015-6251 (Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4 ...)
 	{DSA-3334-1}
 	- gnutls28 3.3.17-1 (bug #795068)
 	- gnutls26 <not-affected> (Vulnerable code not present)
@@ -9743,20 +9743,20 @@ CVE-2015-6251
 	NOTE: http://www.gnutls.org/security.html#GNUTLS-SA-2015-3
 	NOTE: _gnutls_x509_dn_to_string() introduced in 3.1.10 via:
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/6be35136333b5d6289f23209cf896e741462909a
-CVE-2015-5958
+CVE-2015-5958 (phpFileManager 0.9.8 allows remote attackers to execute arbitrary comm ...)
 	NOT-FOR-US: phpFileManager
-CVE-2015-5956
+CVE-2015-5956 (The sanitizeLocalUrl function in TYPO3 6.x before 6.2.15, 7.x before 7 ...)
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life> (See DSA 3314)
 	[squeeze] - typo3-src <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/
-CVE-2015-5955
+CVE-2015-5955 (ownCloud iOS app before 3.4.4 does not properly switch state between m ...)
 	NOT-FOR-US: ownCloud iOS app
-CVE-2015-5954
+CVE-2015-5954 (The virtual filesystem in ownCloud Server before 6.0.9, 7.0.x before 7 ...)
 	{DSA-3373-1}
 	- owncloud 7.0.7~dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-011
-CVE-2015-5953
+CVE-2015-5953 (Cross-site scripting (XSS) vulnerability in the activity application i ...)
 	{DSA-3373-1}
 	- owncloud 7.0.6+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-010
@@ -9764,437 +9764,437 @@ CVE-2015-5952
 	RESERVED
 CVE-2015-5951
 	RESERVED
-CVE-2015-5950
+CVE-2015-5950 (The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on ...)
 	- nvidia-graphics-drivers 340.93-1 (bug #800566)
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-304xx 304.128-5
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.128-1
-CVE-2015-5949
+CVE-2015-5949 (VideoLAN VLC media player 2.2.1 allows remote attackers to cause a den ...)
 	{DSA-3342-1}
 	- vlc 2.2.1-3 (bug #796255)
 	[wheezy] - vlc <not-affected> (Vulnerability introduced by later changes)
 	[squeeze] - vlc <not-affected> (Vulnerability introduced by later changes)
 	NOTE: https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=ce91452460a75d7424b165c4dc8db98114c3cbd9;hp=9e12195d3e4316278af1fa4bcb6a705ff27456fd
 	NOTE: http://www.ocert.org/advisories/ocert-2015-009.html
-CVE-2015-5948
+CVE-2015-5948 (Race condition in SuiteCRM before 7.2.3 allows remote attackers to exe ...)
 	NOT-FOR-US: SuiteCRM
-CVE-2015-5947
+CVE-2015-5947 (SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary cod ...)
 	NOT-FOR-US: SuiteCRM
-CVE-2015-5946
+CVE-2015-5946 (Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote aut ...)
 	NOT-FOR-US: SugarCRM
-CVE-2015-5945
+CVE-2015-5945 (The Sandbox subsystem in Apple OS X before 10.11.1 allows local users  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5944
+CVE-2015-5944 (CoreText in Apple OS X before 10.11.1 allows remote attackers to execu ...)
 	NOT-FOR-US: Apple
-CVE-2015-5943
+CVE-2015-5943 (SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5942
+CVE-2015-5942 (FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS b ...)
 	NOT-FOR-US: Apple
 CVE-2015-5941
 	REJECTED
-CVE-2015-5940
+CVE-2015-5940 (The Accelerate Framework component in Apple iOS before 9.1 and OS X be ...)
 	NOT-FOR-US: Apple
-CVE-2015-5939
+CVE-2015-5939 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS befo ...)
 	NOT-FOR-US: Apple
-CVE-2015-5938
+CVE-2015-5938 (ImageIO in Apple OS X before 10.11.1 allows remote attackers to execut ...)
 	NOT-FOR-US: Apple
-CVE-2015-5937
+CVE-2015-5937 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS befo ...)
 	NOT-FOR-US: Apple
-CVE-2015-5936
+CVE-2015-5936 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS befo ...)
 	NOT-FOR-US: Apple
-CVE-2015-5935
+CVE-2015-5935 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS befo ...)
 	NOT-FOR-US: Apple
-CVE-2015-5934
+CVE-2015-5934 (Audio in Apple OS X before 10.11.1 allows remote attackers to execute  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5933
+CVE-2015-5933 (Audio in Apple OS X before 10.11.1 allows remote attackers to execute  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5932
+CVE-2015-5932 (The kernel in Apple OS X before 10.11.1 allows local users to gain pri ...)
 	NOT-FOR-US: Apple
-CVE-2015-5931
+CVE-2015-5931 (WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2015-5930
+CVE-2015-5930 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTun ...)
 	NOT-FOR-US: Apple
-CVE-2015-5929
+CVE-2015-5929 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTun ...)
 	NOT-FOR-US: Apple
-CVE-2015-5928
+CVE-2015-5928 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTun ...)
 	NOT-FOR-US: Apple
-CVE-2015-5927
+CVE-2015-5927 (FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS b ...)
 	NOT-FOR-US: Apple
-CVE-2015-5926
+CVE-2015-5926 (The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11. ...)
 	NOT-FOR-US: Apple
-CVE-2015-5925
+CVE-2015-5925 (The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11. ...)
 	NOT-FOR-US: Apple
-CVE-2015-5924
+CVE-2015-5924 (The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.1 ...)
 	NOT-FOR-US: Apple
-CVE-2015-5923
+CVE-2015-5923 (Apple iOS before 9.0.2 does not properly restrict the options availabl ...)
 	NOT-FOR-US: Apple
-CVE-2015-5922
+CVE-2015-5922 (Unspecified vulnerability in International Components for Unicode (ICU ...)
 	NOT-FOR-US: Apple
-CVE-2015-5921
+CVE-2015-5921 (WebKit in Apple iOS before 9 mishandles "Content-Disposition: attachme ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5920
+CVE-2015-5920 (The Software Update component in Apple iTunes before 12.3 does not pro ...)
 	NOT-FOR-US: Apple
-CVE-2015-5919
+CVE-2015-5919 (GasGauge in Apple watchOS before 2 allows local users to gain privileg ...)
 	NOT-FOR-US: Apple watchOS
-CVE-2015-5918
+CVE-2015-5918 (GasGauge in Apple watchOS before 2 allows local users to gain privileg ...)
 	NOT-FOR-US: Apple watchOS
-CVE-2015-5917
+CVE-2015-5917 (The glob implementation in tnftpd (formerly lukemftpd), as used in App ...)
 	NOT-FOR-US: Apple
-CVE-2015-5916
+CVE-2015-5916 (The Apple Pay component in Apple iOS before 9 allows remote terminals  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5915
+CVE-2015-5915 (Apple OS X before 10.11 does not ensure that the keychain's lock state ...)
 	NOT-FOR-US: Apple
-CVE-2015-5914
+CVE-2015-5914 (The EFI component in Apple OS X before 10.11 allows physically proxima ...)
 	NOT-FOR-US: Apple
-CVE-2015-5913
+CVE-2015-5913 (Heimdal, as used in Apple OS X before 10.11, allows remote attackers t ...)
 	NOT-FOR-US: Apple
-CVE-2015-5912
+CVE-2015-5912 (The CFNetwork FTPProtocol component in Apple iOS before 9 allows remot ...)
 	NOT-FOR-US: Apple
-CVE-2015-5911
+CVE-2015-5911 (Multiple unspecified vulnerabilities in Twisted in Wiki Server in Appl ...)
 	NOT-FOR-US: Apple
-CVE-2015-5910
+CVE-2015-5910 (IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server ...)
 	NOT-FOR-US: Apple
-CVE-2015-5909
+CVE-2015-5909 (IDE Xcode Server in Apple Xcode before 7.0 does not properly restrict  ...)
 	NOT-FOR-US: Apple
 CVE-2015-5908
 	REJECTED
-CVE-2015-5907
+CVE-2015-5907 (WebKit in Apple iOS before 9 allows man-in-the-middle attackers to con ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5906
+CVE-2015-5906 (The HTML form implementation in WebKit in Apple iOS before 9 does not  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5905
+CVE-2015-5905 (Safari in Apple iOS before 9 allows remote attackers to spoof the rela ...)
 	NOT-FOR-US: Apple
-CVE-2015-5904
+CVE-2015-5904 (Safari in Apple iOS before 9 allows remote attackers to spoof the rela ...)
 	NOT-FOR-US: Apple
-CVE-2015-5903
+CVE-2015-5903 (The kernel in Apple iOS before 9 allows local users to gain privileges ...)
 	NOT-FOR-US: Apple
-CVE-2015-5902
+CVE-2015-5902 (The debugging feature in the kernel in Apple OS X before 10.11 mismana ...)
 	NOT-FOR-US: Apple
-CVE-2015-5901
+CVE-2015-5901 (The Secure Empty Trash feature in Finder in Apple OS X before 10.11 im ...)
 	NOT-FOR-US: Apple
-CVE-2015-5900
+CVE-2015-5900 (The protected range register in the EFI component in Apple OS X before ...)
 	NOT-FOR-US: Apple
-CVE-2015-5899
+CVE-2015-5899 (libpthread in the kernel in Apple iOS before 9 allows local users to g ...)
 	NOT-FOR-US: Apple
-CVE-2015-5898
+CVE-2015-5898 (CFNetwork in Apple iOS before 9 relies on the hardware UID for its cac ...)
 	NOT-FOR-US: Apple
-CVE-2015-5897
+CVE-2015-5897 (The Address Book framework in Apple OS X before 10.11 allows local use ...)
 	NOT-FOR-US: Apple
-CVE-2015-5896
+CVE-2015-5896 (The kernel in Apple iOS before 9 allows local users to gain privileges ...)
 	NOT-FOR-US: Apple
-CVE-2015-5895
+CVE-2015-5895 (Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as use ...)
 	NOT-FOR-US: Apple
-CVE-2015-5894
+CVE-2015-5894 (The X.509 certificate-trust implementation in Apple OS X before 10.11  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5893
+CVE-2015-5893 (SMBClient in SMB in Apple OS X before 10.11 allows local users to obta ...)
 	NOT-FOR-US: Apple
-CVE-2015-5892
+CVE-2015-5892 (Siri in Apple iOS before 9 allows physically proximate attackers to by ...)
 	NOT-FOR-US: Apple
-CVE-2015-5891
+CVE-2015-5891 (The SMB implementation in the kernel in Apple OS X before 10.11 allows ...)
 	NOT-FOR-US: Apple
-CVE-2015-5890
+CVE-2015-5890 (IOGraphics in Apple OS X before 10.11 allows local users to gain privi ...)
 	NOT-FOR-US: Apple
-CVE-2015-5889
+CVE-2015-5889 (rsh in the remote_cmds component in Apple OS X before 10.11 allows loc ...)
 	NOT-FOR-US: Apple
-CVE-2015-5888
+CVE-2015-5888 (The Install Framework Legacy component in Apple OS X before 10.11 allo ...)
 	NOT-FOR-US: Apple
-CVE-2015-5887
+CVE-2015-5887 (The TLS Handshake Protocol implementation in Secure Transport in Apple ...)
 	NOT-FOR-US: Apple
 CVE-2015-5886
 	REJECTED
-CVE-2015-5885
+CVE-2015-5885 (The CFNetwork Cookies component in Apple iOS before 9 allows remote at ...)
 	NOT-FOR-US: Apple
-CVE-2015-5884
+CVE-2015-5884 (The Mail Drop feature in Mail in Apple OS X before 10.11 mishandles en ...)
 	NOT-FOR-US: Apple
-CVE-2015-5883
+CVE-2015-5883 (The bidirectional text-display and text-selection implementations in T ...)
 	NOT-FOR-US: Apple
-CVE-2015-5882
+CVE-2015-5882 (The processor_set_tasks API implementation in Apple iOS before 9 allow ...)
 	NOT-FOR-US: Apple
 CVE-2015-5881
 	REJECTED
-CVE-2015-5880
+CVE-2015-5880 (CoreAnimation in Apple iOS before 9 allows attackers to bypass intende ...)
 	NOT-FOR-US: Apple
-CVE-2015-5879
+CVE-2015-5879 (XNU in the kernel in Apple iOS before 9 does not properly validate the ...)
 	NOT-FOR-US: Apple
-CVE-2015-5878
+CVE-2015-5878 (Notes in Apple OS X before 10.11 misparses links, which allows local u ...)
 	NOT-FOR-US: Apple
-CVE-2015-5877
+CVE-2015-5877 (The Intel Graphics Driver component in Apple OS X before 10.11 allows  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5876
+CVE-2015-5876 (dyld in Dev Tools in Apple iOS before 9 allows attackers to execute ar ...)
 	NOT-FOR-US: Apple
-CVE-2015-5875
+CVE-2015-5875 (Cross-site scripting (XSS) vulnerability in Notes in Apple OS X before ...)
 	NOT-FOR-US: Apple
-CVE-2015-5874
+CVE-2015-5874 (CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote at ...)
 	NOT-FOR-US: Apple
-CVE-2015-5873
+CVE-2015-5873 (IOGraphics in Apple OS X before 10.11 allows local users to gain privi ...)
 	NOT-FOR-US: Apple
-CVE-2015-5872
+CVE-2015-5872 (IOGraphics in Apple OS X before 10.11 allows local users to gain privi ...)
 	NOT-FOR-US: Apple
-CVE-2015-5871
+CVE-2015-5871 (IOGraphics in Apple OS X before 10.11 allows local users to gain privi ...)
 	NOT-FOR-US: Apple
-CVE-2015-5870
+CVE-2015-5870 (The debugging interfaces in the kernel in Apple OS X before 10.11 allo ...)
 	NOT-FOR-US: Apple
-CVE-2015-5869
+CVE-2015-5869 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5868
+CVE-2015-5868 (The kernel in Apple iOS before 9 allows local users to gain privileges ...)
 	NOT-FOR-US: Apple
-CVE-2015-5867
+CVE-2015-5867 (IOHIDFamily in Apple iOS before 9 allows attackers to execute arbitrar ...)
 	NOT-FOR-US: Apple
-CVE-2015-5866
+CVE-2015-5866 (IOHIDFamily in Apple OS X before 10.11 allows attackers to execute arb ...)
 	NOT-FOR-US: Apple
-CVE-2015-5865
+CVE-2015-5865 (IOGraphics in Apple OS X before 10.11 allows attackers to obtain sensi ...)
 	NOT-FOR-US: Apple
-CVE-2015-5864
+CVE-2015-5864 (IOAudioFamily in Apple OS X before 10.11 allows local users to obtain  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5863
+CVE-2015-5863 (IOStorageFamily in Apple iOS before 9 does not properly initialize an  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5862
+CVE-2015-5862 (The Audio component in Apple iOS before 9 allows remote attackers to c ...)
 	NOT-FOR-US: Apple
-CVE-2015-5861
+CVE-2015-5861 (SpringBoard in Apple iOS before 9 allows physically proximate attacker ...)
 	NOT-FOR-US: Apple
-CVE-2015-5860
+CVE-2015-5860 (The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5859
+CVE-2015-5859 (The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X be ...)
 	NOT-FOR-US: Apple
-CVE-2015-5858
+CVE-2015-5858 (The CFNetwork HTTPProtocol component in Apple iOS before 9 allows remo ...)
 	NOT-FOR-US: Apple
-CVE-2015-5857
+CVE-2015-5857 (Mail in Apple iOS before 9 allows remote attackers to use an address-b ...)
 	NOT-FOR-US: Apple
-CVE-2015-5856
+CVE-2015-5856 (The Application Store component in Apple iOS before 9 allows remote at ...)
 	NOT-FOR-US: Apple
-CVE-2015-5855
+CVE-2015-5855 (Apple iOS before 9 allows attackers to discover the e-mail address of  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5854
+CVE-2015-5854 (The backup implementation in Time Machine in Apple OS X before 10.11 a ...)
 	NOT-FOR-US: Apple
-CVE-2015-5853
+CVE-2015-5853 (AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers  ...)
 	NOT-FOR-US: Apple
 CVE-2015-5852
 	REJECTED
-CVE-2015-5851
+CVE-2015-5851 (The convenience initializer in the Multipeer Connectivity component in ...)
 	NOT-FOR-US: Apple
-CVE-2015-5850
+CVE-2015-5850 (AppleKeyStore in Apple iOS before 9 allows physically proximate attack ...)
 	NOT-FOR-US: Apple
-CVE-2015-5849
+CVE-2015-5849 (The filtering implementation in AppleEvents in Apple OS X before 10.11 ...)
 	NOT-FOR-US: Apple
-CVE-2015-5848
+CVE-2015-5848 (IOAcceleratorFamily in Apple iOS before 9 allows local users to gain p ...)
 	NOT-FOR-US: Apple
-CVE-2015-5847
+CVE-2015-5847 (The Disk Images component in Apple iOS before 9 allows local users to  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5846
+CVE-2015-5846 (IOKit in the kernel in Apple iOS before 9 allows attackers to execute  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5845
+CVE-2015-5845 (IOKit in the kernel in Apple iOS before 9 allows attackers to execute  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5844
+CVE-2015-5844 (IOKit in the kernel in Apple iOS before 9 allows attackers to execute  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5843
+CVE-2015-5843 (IOMobileFrameBuffer in Apple iOS before 9 allows local users to gain p ...)
 	NOT-FOR-US: Apple
-CVE-2015-5842
+CVE-2015-5842 (XNU in the kernel in Apple iOS before 9 does not properly initialize a ...)
 	NOT-FOR-US: Apple
-CVE-2015-5841
+CVE-2015-5841 (The CFNetwork Proxies component in Apple iOS before 9 does not properl ...)
 	NOT-FOR-US: Apple
-CVE-2015-5840
+CVE-2015-5840 (The checkint division routines in removefile in Apple iOS before 9 all ...)
 	NOT-FOR-US: Apple
-CVE-2015-5839
+CVE-2015-5839 (dyld in Apple iOS before 9 allows attackers to bypass a code-signing p ...)
 	NOT-FOR-US: Apple
-CVE-2015-5838
+CVE-2015-5838 (SpringBoard in Apple iOS before 9 does not properly restrict access to ...)
 	NOT-FOR-US: Apple
-CVE-2015-5837
+CVE-2015-5837 (PluginKit in Apple iOS before 9 allows attackers to bypass an intended ...)
 	NOT-FOR-US: Apple
-CVE-2015-5836
+CVE-2015-5836 (Apple Online Store Kit in Apple OS X before 10.11 improperly validates ...)
 	NOT-FOR-US: Apple
-CVE-2015-5835
+CVE-2015-5835 (Apple iOS before 9 allows attackers to obtain sensitive information ab ...)
 	NOT-FOR-US: Apple
-CVE-2015-5834
+CVE-2015-5834 (IOAcceleratorFamily in Apple iOS before 9 allows attackers to obtain s ...)
 	NOT-FOR-US: Apple
-CVE-2015-5833
+CVE-2015-5833 (The Login Window component in Apple OS X before 10.11 does not ensure  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5832
+CVE-2015-5832 (The iTunes Store component in Apple iOS before 9 does not properly del ...)
 	NOT-FOR-US: Apple
-CVE-2015-5831
+CVE-2015-5831 (NetworkExtension in the kernel in Apple iOS before 9 does not properly ...)
 	NOT-FOR-US: Apple
-CVE-2015-5830
+CVE-2015-5830 (The Intel Graphics Driver component in Apple OS X before 10.11 allows  ...)
 	NOT-FOR-US: Apple
-CVE-2015-5829
+CVE-2015-5829 (Data Detectors Engine in Apple iOS before 9 allows remote attackers to ...)
 	NOT-FOR-US: Apple
-CVE-2015-5828
+CVE-2015-5828 (The API in the WebKit Plug-ins component in Apple Safari before 9 does ...)
 	NOT-FOR-US: Apple Safari
-CVE-2015-5827
+CVE-2015-5827 (WebKit in Apple iOS before 9 allows remote attackers to bypass the Sam ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5826
+CVE-2015-5826 (WebKit in Apple iOS before 9 does not properly select the cases in whi ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5825
+CVE-2015-5825 (WebKit in Apple iOS before 9 does not properly restrict the availabili ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5824
+CVE-2015-5824 (The NSURL implementation in the CFNetwork SSL component in Apple iOS b ...)
 	NOT-FOR-US: Apple
-CVE-2015-5823
+CVE-2015-5823 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes bef ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5822
+CVE-2015-5822 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes bef ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5821
+CVE-2015-5821 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5820
+CVE-2015-5820 (WebKit in Apple iOS before 9 allows remote attackers to trigger a dial ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5819
+CVE-2015-5819 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5818
+CVE-2015-5818 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5817
+CVE-2015-5817 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5816
+CVE-2015-5816 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes bef ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5815
+CVE-2015-5815 (WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5814
+CVE-2015-5814 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes bef ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5813
+CVE-2015-5813 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5812
+CVE-2015-5812 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5811
+CVE-2015-5811 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5810
+CVE-2015-5810 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5809
+CVE-2015-5809 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5808
+CVE-2015-5808 (WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5807
+CVE-2015-5807 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5806
+CVE-2015-5806 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5805
+CVE-2015-5805 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5804
+CVE-2015-5804 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5803
+CVE-2015-5803 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5802
+CVE-2015-5802 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5801
+CVE-2015-5801 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5800
+CVE-2015-5800 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5799
+CVE-2015-5799 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5798
+CVE-2015-5798 (WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5797
+CVE-2015-5797 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5796
+CVE-2015-5796 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5795
+CVE-2015-5795 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5794
+CVE-2015-5794 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5793
+CVE-2015-5793 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes bef ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5792
+CVE-2015-5792 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5791
+CVE-2015-5791 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes bef ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5790
+CVE-2015-5790 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5789
+CVE-2015-5789 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows r ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5788
+CVE-2015-5788 (The WebKit Canvas implementation in Apple iOS before 9 allows remote a ...)
 	NOT-FOR-US: Apple
-CVE-2015-5787
+CVE-2015-5787 (The kernel in Apple iOS before 8.4.1 does not properly restrict debugg ...)
 	NOT-FOR-US: Apple
-CVE-2015-5786
+CVE-2015-5786 (Apple QuickTime before 7.7.8 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple
-CVE-2015-5785
+CVE-2015-5785 (Apple QuickTime before 7.7.8 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Apple
-CVE-2015-5784
+CVE-2015-5784 (runner in Install.framework in the Install Framework Legacy component  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5783
+CVE-2015-5783 (IOGraphics in Apple OS X before 10.10.5 allows attackers to execute ar ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5782
+CVE-2015-5782 (ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not pro ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5781
+CVE-2015-5781 (ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not pro ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5780
+CVE-2015-5780 (The Safari Extensions implementation in Apple Safari before 9 does not ...)
 	NOT-FOR-US: Apple
-CVE-2015-5779
+CVE-2015-5779 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ex ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5778
+CVE-2015-5778 (CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 a ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5777
+CVE-2015-5777 (CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 a ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5776
+CVE-2015-5776 (Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remot ...)
 	NOT-FOR-US: Apple
-CVE-2015-5775
+CVE-2015-5775 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows re ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5774
+CVE-2015-5774 (Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X befo ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5773
+CVE-2015-5773 (QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows rem ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5772
+CVE-2015-5772 (Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 al ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5771
+CVE-2015-5771 (Quartz Composer Framework in Apple OS X before 10.10.5 allows remote a ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5770
+CVE-2015-5770 (MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqu ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5769
+CVE-2015-5769 (The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5768
+CVE-2015-5768 (AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5767
+CVE-2015-5767 (The user interface in Safari in Apple iOS before 9 allows remote attac ...)
 	NOT-FOR-US: Apple
-CVE-2015-5766
+CVE-2015-5766 (Directory traversal vulnerability in Air Traffic in Apple iOS before 8 ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5765
+CVE-2015-5765 (The user interface in Safari in Apple iOS before 9 allows remote attac ...)
 	NOT-FOR-US: Apple
-CVE-2015-5764
+CVE-2015-5764 (The user interface in Safari in Apple iOS before 9 allows remote attac ...)
 	NOT-FOR-US: Apple
-CVE-2015-5763
+CVE-2015-5763 (ntfs in Apple OS X before 10.10.5 allows local users to gain privilege ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-5762
 	RESERVED
-CVE-2015-5761
+CVE-2015-5761 (CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remo ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-5760
 	REJECTED
-CVE-2015-5759
+CVE-2015-5759 (WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof clic ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-5758
+CVE-2015-5758 (ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remot ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5757
+CVE-2015-5757 (libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows at ...)
 	NOT-FOR-US: Apple
-CVE-2015-5756
+CVE-2015-5756 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows re ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5755
+CVE-2015-5755 (CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remo ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5754
+CVE-2015-5754 (Race condition in runner in Install.framework in the Install Framework ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5753
+CVE-2015-5753 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ex ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5752
+CVE-2015-5752 (Backup in Apple iOS before 8.4.1 allows attackers to bypass intended r ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5751
+CVE-2015-5751 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ex ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5750
+CVE-2015-5750 (Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5749
+CVE-2015-5749 (The Sandbox_profiles component in Apple iOS before 8.4.1 allows attack ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5748
+CVE-2015-5748 (The kernel in Apple OS X before 10.10.5 does not properly mount HFS vo ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5747
+CVE-2015-5747 (The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-5746
+CVE-2015-5746 (AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass  ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-5744
 	RESERVED
 CVE-2015-5743
 	RESERVED
-CVE-2015-5742
+CVE-2015-5742 (VeeamVixProxy in Veeam Backup &amp; Replication (B&amp;R) before 8.0 u ...)
 	NOT-FOR-US: Veeam
-CVE-2015-5738
+CVE-2015-5738 (The RSA-CRT implementation in the Cavium Software Development Kit (SDK ...)
 	- openssl <not-affected> (OpenSSL upstream is not affected)
-CVE-2015-5959
+CVE-2015-5959 (Froxlor before 0.9.33.2 with the default configuration/setup might all ...)
 	- froxlor <itp> (bug #581792)
-CVE-2015-5957
+CVE-2015-5957 (Buffer overflow in the DumpSysVar function in var.c in Remind before 3 ...)
 	{DLA-289-1}
 	- remind 03.01.15-1 (unimportant)
 	NOTE: Non-exploitable starting with Wheezy due to D_FORTIFY_SOURCE
@@ -10212,27 +10212,27 @@ CVE-2015-5745 [buffer overflow in virtio-serial]
 	NOTE: Patch for wheezy needs change since uses iov_from_buf:
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=dcf6f5e15ecee4f593eeacbe0591c1addc004d92
 	NOTE: iov_* function changed in http://git.qemu.org/?p=qemu.git;a=commitdiff;h=2278a69e7020d86a8c73a28474e7709d3e7d5081 (v1.2.0-rc0)
-CVE-2015-5737
+CVE-2015-5737 (The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) md ...)
 	NOT-FOR-US: Fortinet
-CVE-2015-5736
+CVE-2015-5736 (The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows ...)
 	NOT-FOR-US: Fortinet
-CVE-2015-5735
+CVE-2015-5735 (The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4 ...)
 	NOT-FOR-US: Fortinet
-CVE-2015-5729
+CVE-2015-5729 (The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14 ...)
 	NOT-FOR-US: Samsung
 CVE-2015-5728
 	RESERVED
-CVE-2015-5727
+CVE-2015-5727 (The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11. ...)
 	{DSA-3565-1 DLA-449-1}
 	- botan1.10 1.10.10-1
 	NOTE: Fixed in 1.11.19 and 1.10.10, affected all previous versions of 1.10 and 1.11
 	NOTE: http://botan.randombit.net/security.html
-CVE-2015-5726
+CVE-2015-5726 (The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11. ...)
 	{DSA-3565-1 DLA-449-1}
 	- botan1.10 1.10.10-1
 	NOTE: Fixed in 1.11.19 and 1.10.10, affected all previous versions of 1.10 and 1.11
 	NOTE: http://botan.randombit.net/security.html
-CVE-2015-5725
+CVE-2015-5725 (SQL injection vulnerability in the offset method in the Active Record  ...)
 	- codeigniter <itp> (bug #471583)
 CVE-2015-5741 [other discoveries of security-relevant RFC 7230 violations]
 	RESERVED
@@ -10241,36 +10241,36 @@ CVE-2015-5741 [other discoveries of security-relevant RFC 7230 violations]
 	[wheezy] - golang <no-dsa> (Minor issue)
 	NOTE: https://github.com/golang/go/commit/300d9a21583e7cf0149a778a0611e76ff7c6680f
 	NOTE: https://github.com/golang/go/commit/143822585e32449860e624cace9d2e521deee62e
-CVE-2015-5740
+CVE-2015-5740 (The net/http library in net/http/transfer.go in Go before 1.4.3 does n ...)
 	- golang 2:1.4.2-4 (bug #795106)
 	[jessie] - golang <no-dsa> (Minor issue)
 	[wheezy] - golang <no-dsa> (Minor issue)
 	NOTE: https://github.com/golang/go/commit/300d9a21583e7cf0149a778a0611e76ff7c6680f
 	NOTE: https://github.com/golang/go/commit/143822585e32449860e624cace9d2e521deee62e
-CVE-2015-5739
+CVE-2015-5739 (The net/http library in net/textproto/reader.go in Go before 1.4.3 doe ...)
 	- golang 2:1.4.2-4 (bug #795106)
 	[jessie] - golang <no-dsa> (Minor issue)
 	[wheezy] - golang <no-dsa> (Minor issue)
 	NOTE: https://github.com/golang/go/commit/117ddcb83d7f42d6aa72241240af99ded81118e9
 CVE-2015-5724
 	RESERVED
-CVE-2015-5722
+CVE-2015-5722 (buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9. ...)
 	{DSA-3350-1 DLA-308-1}
 	- bind9 1:9.9.5.dfsg-12
 	NOTE: https://kb.isc.org/article/AA-01287
-CVE-2015-5721
+CVE-2015-5721 (Malware Information Sharing Platform (MISP) before 2.3.90 allows remot ...)
 	NOT-FOR-US: Malware Information Sharing Platform
-CVE-2015-5720
+CVE-2015-5720 (Multiple cross-site scripting (XSS) vulnerabilities in the template-cr ...)
 	NOT-FOR-US: Malware Information Sharing Platform
-CVE-2015-5719
+CVE-2015-5719 (app/Controller/TemplatesController.php in Malware Information Sharing  ...)
 	NOT-FOR-US: Malware Information Sharing Platform
-CVE-2015-5718
+CVE-2015-5718 (Stack-based buffer overflow in the handle_debug_network function in th ...)
 	NOT-FOR-US: Websense Content Gateway
-CVE-2015-5734
+CVE-2015-5734 (Cross-site scripting (XSS) vulnerability in the legacy theme preview i ...)
 	{DSA-3383-1 DSA-3332-1 DLA-294-1}
 	- wordpress 4.2.4+dfsg-1 (bug #794560)
 	NOTE: https://core.trac.wordpress.org/changeset/33549
-CVE-2015-5733
+CVE-2015-5733 (Cross-site scripting (XSS) vulnerability in the refreshAdvancedAccessi ...)
 	- wordpress 4.2.4+dfsg-1 (bug #794560)
 	[jessie] - wordpress 4.1+dfsg-1+deb8u1
 	[wheezy] - wordpress 3.6.1+dfsg-1~deb7u6
@@ -10281,41 +10281,41 @@ CVE-2015-5733
 	NOTE: but the issue apparently later reintroduced
 	NOTE: https://core.trac.wordpress.org/changeset/33540
 	NOTE: https://core.trac.wordpress.org/changeset/33541
-CVE-2015-5732
+CVE-2015-5732 (Cross-site scripting (XSS) vulnerability in the form function in the W ...)
 	{DSA-3383-1 DSA-3332-1 DLA-294-1}
 	- wordpress 4.2.4+dfsg-1 (bug #794560)
 	NOTE: https://core.trac.wordpress.org/changeset/33529
-CVE-2015-5731
+CVE-2015-5731 (Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php i ...)
 	{DSA-3383-1 DSA-3332-1 DLA-294-1}
 	- wordpress 4.2.4+dfsg-1 (bug #794560)
 	NOTE: https://core.trac.wordpress.org/changeset/33542
 	NOTE: https://core.trac.wordpress.org/changeset/33543
-CVE-2015-5730
+CVE-2015-5730 (The sanitize_widget_instance function in wp-includes/class-wp-customiz ...)
 	{DSA-3332-1}
 	- wordpress 4.2.4+dfsg-1 (bug #794560)
 	[squeeze] - wordpress <not-affected> (Vulnerable code introduced later)
 	[wheezy] - wordpress <not-affected> (Vulnerable code introduced later)
 	NOTE: https://core.trac.wordpress.org/changeset/33535
 	NOTE: https://core.trac.wordpress.org/changeset/33536
-CVE-2015-5717
+CVE-2015-5717 (The Siemens COMPAS Mobile application before 1.6 for Android does not  ...)
 	NOT-FOR-US: Siemens
 CVE-2015-5716
 	RESERVED
-CVE-2015-5715
+CVE-2015-5715 (The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in  ...)
 	{DSA-3383-1 DSA-3375-1 DLA-321-1}
 	- wordpress 4.3.1+dfsg-1 (bug #799140)
 	NOTE: https://wordpress.org/news/2015/09/wordpress-4-3-1/
 	NOTE: https://github.com/WordPress/WordPress/commit/9c57f3a4291f2311ae05f22c10eedeb0f69337ab
-CVE-2015-5714
+CVE-2015-5714 (Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 all ...)
 	{DSA-3383-1 DSA-3375-1 DLA-321-1}
 	- wordpress 4.3.1+dfsg-1 (bug #799140)
 	NOTE: https://wordpress.org/news/2015/09/wordpress-4-3-1/
 	NOTE: https://github.com/WordPress/WordPress/commit/f72b21af23da6b6d54208e5c1d65ececdaa109c8
-CVE-2015-5713
+CVE-2015-5713 (Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfir ...)
 	NOT-FOR-US: TIBCO
-CVE-2015-5712
+CVE-2015-5712 (Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfir ...)
 	NOT-FOR-US: TIBCO
-CVE-2015-5711
+CVE-2015-5711 (TIBCO Managed File Transfer Internet Server before 7.2.5, Managed File ...)
 	NOT-FOR-US: TIBCO
 CVE-2015-5710
 	RESERVED
@@ -10323,9 +10323,9 @@ CVE-2015-5709
 	RESERVED
 CVE-2015-5708
 	RESERVED
-CVE-2015-5703
+CVE-2015-5703 (SQL injection vulnerability in the public key discovery API call in Op ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2015-8395
+CVE-2015-8395 (PCRE before 8.38 mishandles certain references, which allows remote at ...)
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
@@ -10334,21 +10334,21 @@ CVE-2015-8395
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1594
 	NOTE: related issue to CVE-2015-8384 and CVE-2015-8392
 	NOTE: Same fix as used for CVE-2015-8381
-CVE-2015-8394
+CVE-2015-8394 (PCRE before 8.38 mishandles the (?(&lt;digits&gt;) and (?(R&lt;digits& ...)
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
 	[squeeze] - pcre3 <no-dsa> (Minor issue)
 	NOTE: Fixed in 8.38
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1589
-CVE-2015-8393
+CVE-2015-8393 (pcregrep in PCRE before 8.38 mishandles the -q option for binary files ...)
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
 	[squeeze] - pcre3 <no-dsa> (Minor issue)
 	NOTE: Fixed in 8.38
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1586
-CVE-2015-8392
+CVE-2015-8392 (PCRE before 8.38 mishandles certain instances of the (?| substring, wh ...)
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
@@ -10356,7 +10356,7 @@ CVE-2015-8392
 	NOTE: Fixed in 8.38
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1585
 	NOTE: related issue to CVE-2015-8384 and CVE-2015-8395
-CVE-2015-8391
+CVE-2015-8391 (The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishan ...)
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
@@ -10364,14 +10364,14 @@ CVE-2015-8391
 	NOTE: Fixed in 8.38
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1579
 	NOTE: First bad commit: http://vcs.pcre.org/pcre?view=revision&revision=640
-CVE-2015-8390
+CVE-2015-8390 (PCRE before 8.38 mishandles the [: and \\ substrings in character clas ...)
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
 	[squeeze] - pcre3 <no-dsa> (Minor issue)
 	NOTE: Fixed in 8.38
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1578
-CVE-2015-8389
+CVE-2015-8389 (PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related pa ...)
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -10380,7 +10380,7 @@ CVE-2015-8389
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1577
 	NOTE: First bad commit: http://vcs.pcre.org/pcre?view=revision&revision=1440
 	NOTE: Only after r1577 looks like there is another new issue (stack-buffer-underflow, READ of size 4 when running PoC)
-CVE-2015-8388
+CVE-2015-8388 (PCRE before 8.38 mishandles the /(?=di(?&lt;=(?1))|(?=(.))))/ pattern  ...)
 	- pcre3 2:8.35-7
 	[jessie] - pcre3 2:8.35-3.3+deb8u1
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
@@ -10389,14 +10389,14 @@ CVE-2015-8388
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1571
 	NOTE: Fixed in 8.38
 	NOTE: Different issue than CVE-2015-5073 but same fixing commit
-CVE-2015-8387
+CVE-2015-8387 (PCRE before 8.38 mishandles (?123) subroutine calls and related subrou ...)
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
 	[squeeze] - pcre3 <no-dsa> (Minor issue)
 	NOTE: Fixed in 8.38
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1563
-CVE-2015-8386
+CVE-2015-8386 (PCRE before 8.38 mishandles the interaction of lookbehind assertions a ...)
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
@@ -10405,14 +10405,14 @@ CVE-2015-8386
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1560
 	NOTE: Reproducer fails starting from at least http://vcs.pcre.org/pcre?view=revision&revision=1379
 	NOTE: but the patched code is as well already present in wheezy at least.
-CVE-2015-8385
+CVE-2015-8385 (PCRE before 8.38 mishandles the /(?|(\k'Pm')|(?'Pm'))/ pattern and rel ...)
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
 	[squeeze] - pcre3 <no-dsa> (Minor issue)
 	NOTE: Fixed in 8.38
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1559
-CVE-2015-8384
+CVE-2015-8384 (PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and re ...)
 	- pcre3 2:8.35-7.2
 	[jessie] - pcre3 2:8.35-3.3+deb8u1
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
@@ -10422,7 +10422,7 @@ CVE-2015-8384
 	NOTE: Fixed in 8.38
 	NOTE: Fixed by http://vcs.pcre.org/pcre?view=revision&revision=1558
 	NOTE: Same fixing commit as CVE-2015-3210 but different issues
-CVE-2015-8383
+CVE-2015-8383 (PCRE before 8.38 mishandles certain repeated conditional groups, which ...)
 	- pcre3 2:8.38-1
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <not-affected> (vulnerable coded introduce in 8.34)
@@ -10431,7 +10431,7 @@ CVE-2015-8383
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/29/1
 	NOTE: Fixed by http://vcs.pcre.org/pcre?view=revision&revision=1557
 	NOTE: Introduced by/first bad commit: http://vcs.pcre.org/pcre?view=revision&revision=1365
-CVE-2015-8382
+CVE-2015-8382 (The match function in pcre_exec.c in PCRE before 8.37 mishandles the / ...)
 	- pcre3 2:8.35-7.2 (bug #794589)
 	[jessie] - pcre3 2:8.35-3.3+deb8u2
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
@@ -10473,7 +10473,7 @@ CVE-2015-XXXX [XSS via queue name in Sidekiq::Web]
 	NOTE: Fixed by https://github.com/mperham/sidekiq/commit/2178d66b6686fbf4430223c34c184a64c9906828
 	NOTE: Fix released in sidekiq 3.4.0
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/01/2
-CVE-2015-5707
+CVE-2015-5707 (Integer overflow in the sg_start_req function in drivers/scsi/sg.c in  ...)
 	{DSA-3329-1 DLA-310-1}
 	- linux 4.1.3-1
 	- linux-2.6 <removed>
@@ -10481,7 +10481,7 @@ CVE-2015-5707
 	NOTE: Probably introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=10db10d144c0248f285242f79daf6b9de6b00a62 (v2.6.28-rc1)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=451a2886b6bf90e2fb378f7c46c655450fb96e81 (v4.1-rc1)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdc81f45e9f57858da6351836507fbcf1b7583ee (v4.1-rc1)
-CVE-2015-5706
+CVE-2015-5706 (Use-after-free vulnerability in the path_openat function in fs/namei.c ...)
 	- linux 4.0.4-1
 	[jessie] - linux 3.16.7-ckt11-1+deb8u3
 	[wheezy] - linux <not-affected> (Introduced in v3.11-rc1)
@@ -10491,37 +10491,37 @@ CVE-2015-5706
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0 (v4.1-rc3)
 CVE-2015-5702
 	RESERVED
-CVE-2015-5705
+CVE-2015-5705 (Argument injection vulnerability in devscripts before 2.15.7 allows re ...)
 	- devscripts 2.15.8 (bug #794365)
 	[jessie] - devscripts <not-affected> (Vulnerable code not present)
 	[wheezy] - devscripts <not-affected> (Vulnerable code not present)
 	[squeeze] - devscripts <not-affected> (Vulnerable code not present)
 	NOTE: Introduced in https://anonscm.debian.org/cgit/collab-maint/devscripts.git/commit/?id=025ad4ea8ba92d32bd698a83149f782c17f78bf0 (v2.15.5)
-CVE-2015-5704
+CVE-2015-5704 (scripts/licensecheck.pl in devscripts before 2.15.7 allows local users ...)
 	- devscripts 2.15.7 (bug #794260)
 	[jessie] - devscripts <not-affected> (Vulnerable code not present)
 	[wheezy] - devscripts <not-affected> (Vulnerable code not present)
 	[squeeze] - devscripts <not-affected> (Vulnerable code not present)
 	NOTE: Introduced in https://anonscm.debian.org/cgit/collab-maint/devscripts.git/commit/?id=025ad4ea8ba92d32bd698a83149f782c17f78bf0 (v2.15.5)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/01/1
-CVE-2015-5699
+CVE-2015-5699 (The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux ...)
 	NOT-FOR-US: Cumulus Linux
 	NOTE: https://lists.cumulusnetworks.com/pipermail/cumulus-security-announce/2015-July/000002.html
-CVE-2015-5698
+CVE-2015-5698 (Cross-site request forgery (CSRF) vulnerability in the web server on S ...)
 	NOT-FOR-US: Siemens
-CVE-2015-5696
+CVE-2015-5696 (Dell Netvault Backup before 10.0.5 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Dell Netvault Backup
-CVE-2015-5693
+CVE-2015-5693 (The management console on Symantec Web Gateway (SWG) appliances with s ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2015-5692
+CVE-2015-5692 (admin_messages.php in the management console on Symantec Web Gateway ( ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2015-5691
+CVE-2015-5691 (Multiple cross-site scripting (XSS) vulnerabilities in PHP scripts in  ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2015-5690
+CVE-2015-5690 (The management console on Symantec Web Gateway (SWG) appliances with s ...)
 	NOT-FOR-US: Symantec Web Gateway
-CVE-2015-5689
+CVE-2015-5689 (ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Sui ...)
 	NOT-FOR-US: Symantec
-CVE-2015-5695
+CVE-2015-5695 (Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo doe ...)
 	[experimental] - designate 1:1.0.0~b2-1
 	- designate 2015.1.0+2015.08.26.git34.9fa07c5798-1 (bug #796108)
 	[jessie] - designate 2014.1-18+deb8u1
@@ -10530,16 +10530,16 @@ CVE-2015-5694 [does not enforce the DNS protocol limit concerning record set siz
 	[experimental] - designate 1:1.0.0~b2-1
 	- designate 2015.1.0+2015.08.26.git34.9fa07c5798-1 (bug #796108)
 	[jessie] - designate <not-affected> (Vulnerable code doesn't exist)
-CVE-2015-5688
+CVE-2015-5688 (Directory traversal vulnerability in lib/app/index.js in Geddy before  ...)
 	NOT-FOR-US: Geddy
 	NOTE: https://github.com/geddy/geddy/issues/697
 	NOTE: https://github.com/geddy/geddy/pull/699
 	NOTE: https://nodesecurity.io/advisories/10
-CVE-2015-5687
+CVE-2015-5687 (system/session/drivers/cookie.php in Anchor CMS 0.9.x allows remote at ...)
 	NOT-FOR-US: Anchor CMS
 CVE-2015-5686
 	RESERVED
-CVE-2015-5685
+CVE-2015-5685 (The lazy_bdecode function in BitTorrent DHT bootstrap server (bootstra ...)
 	{DLA-312-1}
 	- libtorrent-rasterbar 1.0.6-1 (bug #797046)
 	[jessie] - libtorrent-rasterbar <no-dsa> (Minor issue)
@@ -10550,9 +10550,9 @@ CVE-2015-5684
 	RESERVED
 CVE-2015-5683
 	RESERVED
-CVE-2015-5682
+CVE-2015-5682 (upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows re ...)
 	NOT-FOR-US: Powerplay Gallery plugin for WordPress
-CVE-2015-5681
+CVE-2015-5681 (Unrestricted file upload vulnerability in upload.php in the Powerplay  ...)
 	NOT-FOR-US: Powerplay Gallery plugin for WordPress
 CVE-2015-5680
 	RESERVED
@@ -10560,11 +10560,11 @@ CVE-2015-5679
 	RESERVED
 CVE-2015-5678
 	RESERVED
-CVE-2015-5677
+CVE-2015-5677 (bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable pe ...)
 	NOT-FOR-US: bsnmpd
 CVE-2015-5676
 	RESERVED
-CVE-2015-5675
+CVE-2015-5675 (The sys_amd64 IRET Handler in the kernel in FreeBSD 9.3 and 10.1 allow ...)
 	- kfreebsd-10 10.1~svn274115-10 (unimportant; bug #796996)
 	NOTE: kfreebsd not covered by security support in Jessie
 	- kfreebsd-9 <removed> (bug #796997)
@@ -10572,44 +10572,44 @@ CVE-2015-5675
 	- kfreebsd-8 <removed>
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, can be fixed in a point release)
 	[squeeze] - kfreebsd-8 <not-affected> (kfreebsd-i386/amd64 not supported in Squeeze LTS)
-CVE-2015-5674
+CVE-2015-5674 (The routed daemon in FreeBSD 9.3 before 9.3-RELEASE-p22, 10.2-RC2 befo ...)
 	NOT-FOR-US: routed daemon in FreeBSD
-CVE-2015-5673
+CVE-2015-5673 (eventapp/lib/gcloud.rb in the ISUCON5 qualifier portal (aka eventapp)  ...)
 	NOT-FOR-US: ISUCON5 qualifier portal
-CVE-2015-5672
+CVE-2015-5672 (TYPE-MOON Fate/stay night, Fate/hollow ataraxia, Witch on the Holy Nig ...)
 	NOT-FOR-US: TYPE-MOON
-CVE-2015-5671
+CVE-2015-5671 (Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to ...)
 	NOT-FOR-US: Techno Project Japan Enisys Gw
-CVE-2015-5670
+CVE-2015-5670 (Cross-site scripting (XSS) vulnerability in Techno Project Japan Enisy ...)
 	NOT-FOR-US: Techno Project Japan Enisys Gw
-CVE-2015-5669
+CVE-2015-5669 (Techno Project Japan Enisys Gw before 1.4.1 allows remote authenticate ...)
 	NOT-FOR-US: Techno Project Japan Enisys Gw
-CVE-2015-5668
+CVE-2015-5668 (SQL injection vulnerability in Techno Project Japan Enisys Gw before 1 ...)
 	NOT-FOR-US: Techno Project Japan Enisys Gw
-CVE-2015-5667
+CVE-2015-5667 (Cross-site scripting (XSS) vulnerability in the HTML-Scrubber module b ...)
 	{DLA-339-1}
 	- libhtml-scrubber-perl 0.15-1 (bug #803943)
 	[jessie] - libhtml-scrubber-perl 0.11-1+deb8u1
 	[wheezy] - libhtml-scrubber-perl 0.09-1+deb7u1
 	NOTE: Upstream fix: https://github.com/nigelm/html-scrubber/commit/e1978cc37867e85c06a84a4651745235010cd6cd
-CVE-2015-5666
+CVE-2015-5666 (ANA App for Android 3.1.1 and earlier, and ANA App for iOS 3.3.6 and e ...)
 	NOT-FOR-US: ANA App
-CVE-2015-5665
+CVE-2015-5665 (Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 2.11 ...)
 	NOT-FOR-US: LOCKON
-CVE-2015-5664
+CVE-2015-5664 (Cross-site scripting (XSS) vulnerability in File Station in QNAP QTS b ...)
 	NOT-FOR-US: QNAP
-CVE-2015-5663
+CVE-2015-5663 (The file-execution functionality in WinRAR before 5.30 beta 5 allows l ...)
 	NOT-FOR-US: WinRAR
-CVE-2015-5662
+CVE-2015-5662 (Directory traversal vulnerability in Avast before 150918-0 allows remo ...)
 	NOT-FOR-US: Avast
-CVE-2015-5661
+CVE-2015-5661 (The SAND STUDIO AirDroid application 1.1.0 and earlier for Android mis ...)
 	NOT-FOR-US: SAND STUDIO AirDroid
-CVE-2015-5660
+CVE-2015-5660 (Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2. ...)
 	{DLA-485-1}
 	- extplorer <removed>
 	NOTE: http://extplorer.net/news/18
 	NOTE: http://extplorer.net/projects/extplorer/repository/diff?utf8=%E2%9C%93&rev=242&rev_to=241
-CVE-2015-5659
+CVE-2015-5659 (SQL injection vulnerability in Network Applied Communication Laborator ...)
 	NOT-FOR-US: Network Applied Communication Laboratory Pref Shimane CMS
 CVE-2015-5658
 	REJECTED
@@ -10617,61 +10617,61 @@ CVE-2015-5657
 	REJECTED
 CVE-2015-5656
 	REJECTED
-CVE-2015-5655
+CVE-2015-5655 (The Adways Party Track SDK before 1.6.6 for iOS does not verify X.509  ...)
 	NOT-FOR-US: Adways Party Track SDK
-CVE-2015-5654
+CVE-2015-5654 (Cross-site scripting (XSS) vulnerability in Dojo Toolkit before 1.2 al ...)
 	- dojo <not-affected> (Fixed before the first version in Debian)
-CVE-2015-5653
+CVE-2015-5653 (Buffer overflow in Canary Labs Trend Web Server before 9.5.2 allows re ...)
 	NOT-FOR-US: Canary Labs Trend Web Server
-CVE-2015-5652
+CVE-2015-5652 (Untrusted search path vulnerability in python.exe in Python through 3. ...)
 	NOT-FOR-US: Python on Windows
-CVE-2015-5651
+CVE-2015-5651 (Cross-site scripting (XSS) vulnerability in Dotclear before 2.8.1 allo ...)
 	- dotclear <removed> (bug #815979)
 	NOTE: http://dotclear.org/blog/post/2015/09/23/Dotclear-2.8.1
-CVE-2015-5650
+CVE-2015-5650 (Directory traversal vulnerability in AjaXplorer 2.0 allows remote atta ...)
 	NOT-FOR-US: AjaXplorer
-CVE-2015-5649
+CVE-2015-5649 (Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authe ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2015-5648
+CVE-2015-5648 (SQL injection vulnerability in list.php in phpRechnung before 1.6.5 al ...)
 	NOT-FOR-US: phpRechnung
-CVE-2015-5647
+CVE-2015-5647 (The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x th ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2015-5646
+CVE-2015-5646 (Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote au ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2015-5645
+CVE-2015-5645 (ICZ MATCHA SNS before 1.3.7 allows remote authenticated users to obtai ...)
 	NOT-FOR-US: ICZ MATCHA
-CVE-2015-5644
+CVE-2015-5644 (The installer in ICZ MATCHA SNS before 1.3.7 does not properly configu ...)
 	NOT-FOR-US: ICZ MATCHA
-CVE-2015-5643
+CVE-2015-5643 (The installer in ICZ MATCHA INVOICE before 2.5.7 does not properly con ...)
 	NOT-FOR-US: ICZ MATCHA
-CVE-2015-5642
+CVE-2015-5642 (Multiple SQL injection vulnerabilities in ICZ MATCHA INVOICE before 2. ...)
 	NOT-FOR-US: ICZ MATCHA
-CVE-2015-5641
+CVE-2015-5641 (SQL injection vulnerability in baserCMS before 3.0.8 allows remote aut ...)
 	NOT-FOR-US: baserCMS
-CVE-2015-5640
+CVE-2015-5640 (baserCMS before 3.0.8 allows remote authenticated users to modify arbi ...)
 	NOT-FOR-US: baserCMS
-CVE-2015-5639
+CVE-2015-5639 (niconico App for iOS before 6.38 does not verify SSL certificates whic ...)
 	NOT-FOR-US: niconico App for iOS
-CVE-2015-5638
+CVE-2015-5638 (Directory traversal vulnerability in H2O before 1.4.5 and 1.5.x before ...)
 	- h2o <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/h2o/h2o/issues/921
-CVE-2015-5637
+CVE-2015-5637 (The Newphoria Photon application before 1.2 for Android allows attacke ...)
 	NOT-FOR-US: Newphoria
-CVE-2015-5636
+CVE-2015-5636 (The Newphoria Reversi application before 1.0.3 for Android and before  ...)
 	NOT-FOR-US: Newphoria
-CVE-2015-5635
+CVE-2015-5635 (The Newphoria Koritore application before 1.1 for Android and before 1 ...)
 	NOT-FOR-US: Newphoria
-CVE-2015-5634
+CVE-2015-5634 (The Newphoria MEGAPHONE MUSIC application before 1.1 for Android and b ...)
 	NOT-FOR-US: Newphoria
-CVE-2015-5633
+CVE-2015-5633 (The Newphoria Auction Camera application for iOS and before 1.2 for An ...)
 	NOT-FOR-US: Newphoria
-CVE-2015-5632
+CVE-2015-5632 (The runtime engine in the Newphoria applican framework before 1.12.3 f ...)
 	NOT-FOR-US: Newphoria
-CVE-2015-5631
+CVE-2015-5631 (Cross-site request forgery (CSRF) vulnerability in the Remote UI on Ca ...)
 	NOT-FOR-US: Canon
-CVE-2015-5630
+CVE-2015-5630 (Cross-site scripting (XSS) vulnerability in the NTT Broadband Platform ...)
 	NOT-FOR-US: NTT
-CVE-2015-5629
+CVE-2015-5629 (The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6. ...)
 	NOT-FOR-US: NTT
 CVE-2015-5628
 	RESERVED
@@ -10679,11 +10679,11 @@ CVE-2015-5627
 	RESERVED
 CVE-2015-5626
 	RESERVED
-CVE-2015-5625
+CVE-2015-5625 (Cross-site scripting (XSS) vulnerability in OpenDocMan before 1.3.4 al ...)
 	NOT-FOR-US: OpenDocMan
-CVE-2015-5624
+CVE-2015-5624 (Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ELP ...)
 	NOT-FOR-US: FreeBit
-CVE-2015-5697
+CVE-2015-5697 (The get_bitmap_file function in drivers/md/md.c in the Linux kernel be ...)
 	{DSA-3329-1 DLA-310-1}
 	- linux 4.1.3-1
 	- linux-2.6 <removed>
@@ -10691,9 +10691,9 @@ CVE-2015-5697
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/28/2
 CVE-2015-5620
 	RESERVED
-CVE-2015-5619
+CVE-2015-5619 (Logstash 1.4.x before 1.4.5 and 1.5.x before 1.5.4 with Lumberjack out ...)
 	- logstash <itp> (bug #664841)
-CVE-2015-5618
+CVE-2015-5618 (Chiyu BF-630 and BF-630W fingerprint access-control devices allow remo ...)
 	NOT-FOR-US: Chiyu BF-630 and BF-630W fingerprint access-control devices
 CVE-2015-5617
 	RESERVED
@@ -10703,38 +10703,38 @@ CVE-2015-5615
 	REJECTED
 CVE-2015-5614
 	REJECTED
-CVE-2015-5613
+CVE-2015-5613 (Cross-site scripting (XSS) vulnerability in October CMS build 271 and  ...)
 	NOT-FOR-US: October CMS
-CVE-2015-5612
+CVE-2015-5612 (Cross-site scripting (XSS) vulnerability in October CMS build 271 and  ...)
 	NOT-FOR-US: October CMS
-CVE-2015-5623
+CVE-2015-5623 (WordPress before 4.2.3 does not properly verify the edit_posts capabil ...)
 	{DSA-3328-1}
 	- wordpress 4.2.3+dfsg-1
 	[wheezy] - wordpress <not-affected> (Vulnerable code not present)
 	[squeeze] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: https://core.trac.wordpress.org/changeset/33357
-CVE-2015-5622
+CVE-2015-5622 (Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 all ...)
 	{DSA-3383-1 DSA-3332-1 DLA-294-1}
 	- wordpress 4.2.3+dfsg-1
 	NOTE: https://core.trac.wordpress.org/changeset/33359
-CVE-2015-5611
+CVE-2015-5611 (Unspecified vulnerability in Uconnect before 15.26.1, as used in certa ...)
 	NOT-FOR-US: Uconnect
-CVE-2015-5610
+CVE-2015-5610 (The RSM (aka RSMWinService) service in SolarWinds N-Able N-Central bef ...)
 	NOT-FOR-US: SolarWinds
-CVE-2015-5609
+CVE-2015-5609 (Absolute path traversal vulnerability in the Image Export plugin 1.1 f ...)
 	NOT-FOR-US: Image Export plugin for WordPress
-CVE-2015-5608
+CVE-2015-5608 (Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1. ...)
 	NOT-FOR-US: Joomla!
 CVE-2015-5606
 	RESERVED
-CVE-2015-5605
+CVE-2015-5605 (The regular-expression implementation in Google V8, as used in Google  ...)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
 CVE-2015-5604
 	RESERVED
-CVE-2015-5603
+CVE-2015-5603 (The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows re ...)
 	NOT-FOR-US: HipChat plugin
-CVE-2015-5602
+CVE-2015-5602 (sudoedit in Sudo before 1.8.15 allows local users to gain privileges v ...)
 	{DSA-3440-1 DLA-382-1}
 	- sudo 1.8.15-1.1 (bug #804149)
 	NOTE: http://bugzilla.sudo.ws/show_bug.cgi?id=707
@@ -10743,7 +10743,7 @@ CVE-2015-5602
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1512781
 CVE-2015-5601
 	RESERVED
-CVE-2015-5600
+CVE-2015-5600 (The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH th ...)
 	{DLA-1500-1 DLA-288-1}
 	- openssh 1:6.9p1-1 (bug #793616)
 	[wheezy] - openssh <no-dsa> (Minor issue; not in default configurations)
@@ -10752,7 +10752,7 @@ CVE-2015-5600
 	NOTE: to yes. Default for KbdInteractiveAuthentication is to use whatever
 	NOTE: value ChallengeResponseAuthentication is set to, which is 'no' in
 	NOTE: default configurations in Debian.
-CVE-2015-5599
+CVE-2015-5599 (Multiple SQL injection vulnerabilities in upload.php in the Powerplay  ...)
 	NOT-FOR-US: Powerplay Gallery plugin for WordPress
 CVE-2015-5598
 	RESERVED
@@ -10763,7 +10763,7 @@ CVE-2015-5596
 CVE-2015-5595
 	RESERVED
 	NOT-FOR-US: Zenphoto
-CVE-2015-5594
+CVE-2015-5594 (The sanitize_string function in ZenPhoto before 1.4.9 utilized the htm ...)
 	NOT-FOR-US: Zenphoto
 CVE-2015-5593
 	RESERVED
@@ -10774,109 +10774,109 @@ CVE-2015-5592
 CVE-2015-5591
 	RESERVED
 	NOT-FOR-US: Zenphoto
-CVE-2015-5588
+CVE-2015-5588 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5587
+CVE-2015-5587 (Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 an ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5586
+CVE-2015-5586 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
 CVE-2015-5585
 	REJECTED
-CVE-2015-5584
+CVE-2015-5584 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5583
+CVE-2015-5583 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-5582
+CVE-2015-5582 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5581
+CVE-2015-5581 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5580
+CVE-2015-5580 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5579
+CVE-2015-5579 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5578
+CVE-2015-5578 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5577
+CVE-2015-5577 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5576
+CVE-2015-5576 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5575
+CVE-2015-5575 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5574
+CVE-2015-5574 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5573
+CVE-2015-5573 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5572
+CVE-2015-5572 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5571
+CVE-2015-5571 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5570
+CVE-2015-5570 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5569
+CVE-2015-5569 (Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5568
+CVE-2015-5568 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5567
+CVE-2015-5567 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5566
+CVE-2015-5566 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5565
+CVE-2015-5565 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5564
+CVE-2015-5564 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5563
+CVE-2015-5563 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5562
+CVE-2015-5562 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5561
+CVE-2015-5561 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5560
+CVE-2015-5560 (Integer overflow in Adobe Flash Player before 18.0.0.232 on Windows an ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5559
+CVE-2015-5559 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5558
+CVE-2015-5558 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5557
+CVE-2015-5557 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5556
+CVE-2015-5556 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5555
+CVE-2015-5555 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5554
+CVE-2015-5554 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5553
+CVE-2015-5553 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5552
+CVE-2015-5552 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5551
+CVE-2015-5551 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5550
+CVE-2015-5550 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5549
+CVE-2015-5549 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5548
+CVE-2015-5548 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5547
+CVE-2015-5547 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5546
+CVE-2015-5546 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5545
+CVE-2015-5545 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5544
+CVE-2015-5544 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-5543
 	REJECTED
 CVE-2015-5542
 	REJECTED
-CVE-2015-5541
+CVE-2015-5541 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5540
+CVE-2015-5540 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5539
+CVE-2015-5539 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5538
+CVE-2015-5538 (Multiple unspecified vulnerabilities in Citrix NetScaler Application D ...)
 	NOT-FOR-US: Citrix
-CVE-2015-5537
+CVE-2015-5537 (The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2 ...)
 	NOT-FOR-US: Siemens
 CVE-2015-XXXX [integer overflow]
 	- freexl 1.0.2-1
@@ -10932,33 +10932,33 @@ CVE-2015-XXXX [SQL Injection Vulnerability in graph items and graph template ite
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/18/4
 	NOTE: http://bugs.cacti.net/view.php?id=2574
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7731
-CVE-2015-5590
+CVE-2015-5590 (Stack-based buffer overflow in the phar_fix_filepath function in ext/p ...)
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69923
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=6dedeb40db13971af45276f80b5375030aa7e76f
 	NOTE: Fixed in 5.6.11, 5.4.43
-CVE-2015-5589
+CVE-2015-5589 (The phar_convert_to_other function in ext/phar/phar_object.c in PHP be ...)
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69958
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=bf58162ddf970f63502837f366930e44d6a992cf
 	NOTE: Fixed in 5.6.11, 5.4.43
-CVE-2015-5536
+CVE-2015-5536 (Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.1 ...)
 	NOT-FOR-US: Belkin router
-CVE-2015-5535
+CVE-2015-5535 (Cross-site scripting (XSS) vulnerability in the qTranslate plugin 2.5. ...)
 	NOT-FOR-US: qTranslate plugin for wordpress
-CVE-2015-5534
+CVE-2015-5534 (Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall b ...)
 	NOT-FOR-US: Oxwall
-CVE-2015-5533
+CVE-2015-5533 (SQL injection vulnerability in counter-options.php in the Count Per Da ...)
 	NOT-FOR-US: WordPress plugin count-per-day
-CVE-2015-5532
+CVE-2015-5532 (Multiple cross-site scripting (XSS) vulnerabilities in the Paid Member ...)
 	NOT-FOR-US: WordPress plugin paid-memberships-pro
-CVE-2015-5530
+CVE-2015-5530 (Multiple cross-site request forgery (CSRF) vulnerabilities in Free Rep ...)
 	NOT-FOR-US: Free Reprintables
-CVE-2015-5529
+CVE-2015-5529 (Multiple cross-site scripting (XSS) vulnerabilities in Free Reprintabl ...)
 	NOT-FOR-US: Free Reprintables
-CVE-2015-5528
+CVE-2015-5528 (Cross-site scripting (XSS) vulnerability in the save_order function in ...)
 	NOT-FOR-US: save_order function in class-floating-social-bar.php in the Floating Social Bar plugin for WordPress
 CVE-2015-5527
 	RESERVED
@@ -10968,15 +10968,15 @@ CVE-2015-5525
 	RESERVED
 CVE-2015-5524
 	RESERVED
-CVE-2015-5531
+CVE-2015-5531 (Directory traversal vulnerability in Elasticsearch before 1.6.1 allows ...)
 	- elasticsearch 1.6.1+dfsg-1 (bug #792617)
 	[jessie] - elasticsearch <end-of-life> (No longer supported, see DSA 3389)
 	NOTE: https://www.elastic.co/blog/elasticsearch-1-7-0-and-1-6-1-released#security
-CVE-2015-5521
+CVE-2015-5521 (Cross-site scripting (XSS) vulnerability in BlackCat CMS 1.1.2 allows  ...)
 	NOT-FOR-US: BlackCat CMS
-CVE-2015-5520
+CVE-2015-5520 (Cross-site scripting (XSS) vulnerability in the Users module in Orchar ...)
 	NOT-FOR-US: Orchard CMS
-CVE-2015-5519
+CVE-2015-5519 (Cross-site scripting (XSS) vulnerability in the applyConvolution demo  ...)
 	NOT-FOR-US: WideImage
 CVE-2015-5518
 	RESERVED
@@ -10984,85 +10984,85 @@ CVE-2015-5517
 	RESERVED
 CVE-2015-8176
 	REJECTED
-CVE-2015-5516
+CVE-2015-5516 (Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and L ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2015-6240
+CVE-2015-6240 (The chroot, jail, and zone connection plugins in ansible before 1.9.2  ...)
 	- ansible 1.9.2+dfsg-1 (low)
 	[jessie] - ansible <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/14/3
-CVE-2015-5515
+CVE-2015-5515 (The Views Bulk Operations (VBO) module 6.x-1.x and 7.x-3.x before 7.x- ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5514
+CVE-2015-5514 (Cross-site scripting (XSS) vulnerability in the Migrate module 7.x-2.x ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5513
+CVE-2015-5513 (Cross-site scripting (XSS) vulnerability in the Shibboleth authenticat ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5512
+CVE-2015-5512 (The me aliases module 6.x-2.x before 6.x-2.10 and 7.x-1.x before 7.x-1 ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5511
+CVE-2015-5511 (The HybridAuth Social Login module 7.x-2.x before 7.x-2.13 for Drupal  ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5510
+CVE-2015-5510 (Open redirect vulnerability in the Content Construction Kit (CCK) 6.x- ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5509
+CVE-2015-5509 (The Administration Views module 7.x-1.x before 7.x-1.4 for Drupal, whe ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5508
+CVE-2015-5508 (Cross-site request forgery (CSRF) vulnerability in the XC NCIP Provide ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5507
+CVE-2015-5507 (Cross-site scripting (XSS) vulnerability in the Inline Entity Form mod ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5506
+CVE-2015-5506 (The Apache Solr Real-Time module 7.x-1.x before 7.x-1.2 for Drupal doe ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5505
+CVE-2015-5505 (The HTTP Strict Transport Security (HSTS) module 6.x-1.x before 6.x-1. ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5504
+CVE-2015-5504 (SQL injection vulnerability in the Novalnet Payment Module Ubercart mo ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5503
+CVE-2015-5503 (Open redirect vulnerability in the Chamilo integration module 7.x-1.x  ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5502
+CVE-2015-5502 (The Storage API module 7.x-1.x before 7.x-1.8 for Drupal does not prop ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5501
+CVE-2015-5501 (The Hostmaster (Aegir) module 6.x-2.x before 6.x-2.4 and 7.x-3.x befor ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5500
+CVE-2015-5500 (Cross-site scripting (XSS) vulnerability in the Navigate module for Dr ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5499
+CVE-2015-5499 (The Navigate module for Drupal does not properly check permissions, wh ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5498
+CVE-2015-5498 (The Shipwire API module 7.x-1.x before 7.x-1.03 for Drupal does not ch ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5497
+CVE-2015-5497 (Cross-site scripting (XSS) vulnerability in the Web Links module 6.x-2 ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5496
+CVE-2015-5496 (The pass2pdf module for Drupal does not restrict access to generated P ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5495
+CVE-2015-5495 (Cross-site scripting (XSS) vulnerability in the Mobile sliding menu mo ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5494
+CVE-2015-5494 (Cross-site scripting (XSS) vulnerability in the Webform Matrix Compone ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5493
+CVE-2015-5493 (The Entityform Block module 7.x-1.x before 7.x-1.3 for Drupal does not ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5492
+CVE-2015-5492 (Cross-site scripting (XSS) vulnerability in the Video Consultation mod ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5491
+CVE-2015-5491 (The Dynamic display block module 7.x-1.x before 7.x-1.1 for Drupal all ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5490
+CVE-2015-5490 (The _views_fetch_data method in includes/cache.inc in the Views module ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5489
+CVE-2015-5489 (Cross-site scripting (XSS) vulnerability in the Smart Trim module 7.x- ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5488
+CVE-2015-5488 (Cross-site scripting (XSS) vulnerability in the MailChimp Signup submo ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
-CVE-2015-5487
+CVE-2015-5487 (Cross-site scripting (XSS) vulnerability in the Camtasia Relay module  ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2015-5486
 	RESERVED
-CVE-2015-5485
+CVE-2015-5485 (Cross-site scripting (XSS) vulnerability in the Event Import page (imp ...)
 	NOT-FOR-US: Event Import page (import-eventbrite-events.php) in the Modern Tribe Eventbrite Tickets plugin for WordPress
 CVE-2015-5484
 	RESERVED
 CVE-2015-5483
 	RESERVED
-CVE-2015-5482
+CVE-2015-5482 (Directory traversal vulnerability in the GD bbPress Attachments plugin ...)
 	NOT-FOR-US: GD bbPress Attachments plugin for WordPress
-CVE-2015-5481
+CVE-2015-5481 (Cross-site scripting (XSS) vulnerability in forms/panels.php in the GD ...)
 	NOT-FOR-US: GD bbPress Attachments plugin for WordPress
 CVE-2015-5480
 	RESERVED
-CVE-2015-5479
+CVE-2015-5479 (The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav be ...)
 	{DLA-644-1}
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -11073,42 +11073,42 @@ CVE-2015-5479
 	NOTE: Fixed in libav 11.5
 CVE-2015-5478
 	RESERVED
-CVE-2015-5477
+CVE-2015-5477 (named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allo ...)
 	{DSA-3319-1 DLA-285-1}
 	- bind9 1:9.9.5.dfsg-11 (bug #793903)
 	NOTE: https://kb.isc.org/article/AA-01272/0
 CVE-2015-5476
 	RESERVED
-CVE-2015-5475
+CVE-2015-5475 (Multiple cross-site scripting (XSS) vulnerabilities in Request Tracker ...)
 	{DSA-3335-1}
 	- request-tracker4 4.2.11-2
 	NOTE: https://github.com/bestpractical/rt/commit/67d517ba3421ba462e349c73207a627d137ef8ac (4.2.x)
 	NOTE: https://github.com/bestpractical/rt/commit/4ec786bb4743f67a35a634c1bf43b13d3d3b39a9 (4.0.x)
-CVE-2015-5474
+CVE-2015-5474 (BitTorrent and uTorrent allow remote attackers to inject command line  ...)
 	NOT-FOR-US: uTorrent
-CVE-2015-5473
+CVE-2015-5473 (Multiple directory traversal vulnerabilities in Samsung SyncThru 6 bef ...)
 	NOT-FOR-US: Samsung
-CVE-2015-5472
+CVE-2015-5472 (Absolute path traversal vulnerability in lib/download.php in the IBS M ...)
 	NOT-FOR-US: IBS Mappro plugin for WordPress
-CVE-2015-5471
+CVE-2015-5471 (Absolute path traversal vulnerability in include/user/download.php in  ...)
 	NOT-FOR-US: Swim Team plugin for WordPress
-CVE-2015-5469
+CVE-2015-5469 (Absolute path traversal vulnerability in the MDC YouTube Downloader pl ...)
 	NOT-FOR-US: MDC YouTube Downloader plugin for WordPress
-CVE-2015-5468
+CVE-2015-5468 (Directory traversal vulnerability in the WP e-Commerce Shop Styling pl ...)
 	NOT-FOR-US: Commerce Shop Styling plugin for WordPress
 CVE-2015-5467
 	RESERVED
 CVE-2015-5466
 	RESERVED
-CVE-2015-5465
+CVE-2015-5465 (Silicon Integrated Systems WindowsXP Display Manager (aka VGA Driver M ...)
 	NOT-FOR-US: Silicon Integrated Systems
-CVE-2015-5464
+CVE-2015-5464 (The Gemalto SafeNet Luna HSM allows remote authenticated users to bypa ...)
 	NOT-FOR-US: Gemalto
 CVE-2015-5463
 	RESERVED
 CVE-2015-5462
 	RESERVED
-CVE-2015-5607
+CVE-2015-5607 (Cross-site request forgery in the REST API in IPython 2 and 3. ...)
 	- ipython 2.4.1-1 (bug #793123)
 	[jessie] - ipython <no-dsa> (Minor issue)
 	[wheezy] - ipython <no-dsa> (Minor issue)
@@ -11117,49 +11117,49 @@ CVE-2015-5607
 	NOTE: https://github.com/ipython/ipython/commit/1415a9710407e7c14900531813c15ba6165f0816 (3.x)
 	NOTE: Affected versions: 0.12 <= version <= 3.2.0
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/12/4
-CVE-2015-5461
+CVE-2015-5461 (Open redirect vulnerability in the Redirect function in stageshow_redi ...)
 	NOT-FOR-US: Redirect function in stageshow_redirect.php in the StageShow plugin for WordPress
-CVE-2015-5460
+CVE-2015-5460 (Cross-site scripting (XSS) vulnerability in app/views/events/_menu.htm ...)
 	NOT-FOR-US: Snorby
-CVE-2015-5459
+CVE-2015-5459 (SQL injection vulnerability in the AdvanceSearch.class in AdventNetPas ...)
 	NOT-FOR-US: Password Manager Pro
-CVE-2015-5458
+CVE-2015-5458 (Session fixation vulnerability in fileupload.php in PivotX before 2.3. ...)
 	NOT-FOR-US: PivotX
-CVE-2015-5457
+CVE-2015-5457 (PivotX before 2.3.11 does not validate the new file extension when ren ...)
 	NOT-FOR-US: PivotX
-CVE-2015-5456
+CVE-2015-5456 (Cross-site scripting (XSS) vulnerability in the form method in modules ...)
 	NOT-FOR-US: PivotX
-CVE-2015-5455
+CVE-2015-5455 (Cross-site scripting (XSS) vulnerability in X-Cart 4.5.0 and earlier a ...)
 	NOT-FOR-US: X-cart
-CVE-2015-5454
+CVE-2015-5454 (Cross-site scripting (XSS) vulnerability in Nucleus CMS allows remote  ...)
 	NOT-FOR-US: Nucleus CMS
-CVE-2015-5453
+CVE-2015-5453 (Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authentic ...)
 	NOT-FOR-US: Watchguard XCS
-CVE-2015-5452
+CVE-2015-5452 (SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before buil ...)
 	NOT-FOR-US: Watchguard XCS
-CVE-2015-5451
+CVE-2015-5451 (Cross-site request forgery (CSRF) vulnerability in HP Operations Orche ...)
 	NOT-FOR-US: HP Operations Orchestration Central
 CVE-2015-5450
 	REJECTED
 CVE-2015-5449
 	REJECTED
-CVE-2015-5448
+CVE-2015-5448 (HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 befo ...)
 	NOT-FOR-US: HP Asset Manager
-CVE-2015-5447
+CVE-2015-5447 (Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system ...)
 	NOT-FOR-US: HP StoreOnce Backup
-CVE-2015-5446
+CVE-2015-5446 (HP StoreOnce Backup system software before 3.13.1 allows remote attack ...)
 	NOT-FOR-US: HP StoreOnce Backup
-CVE-2015-5445
+CVE-2015-5445 (Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup ...)
 	NOT-FOR-US: HP StoreOnce Backup
-CVE-2015-5444
+CVE-2015-5444 (Multiple cross-site scripting (XSS) vulnerabilities in HP Smart Profil ...)
 	NOT-FOR-US: SPS DAL
-CVE-2015-5443
+CVE-2015-5443 (HP 3PAR Service Processor SP 4.2.0.GA-29 (GA) SPOCC, SP 4.3.0.GA-17 (G ...)
 	NOT-FOR-US: HP
-CVE-2015-5442
+CVE-2015-5442 (Unspecified vulnerability in HP Software Update before 5.005.002.002 a ...)
 	NOT-FOR-US: HP Software Update
-CVE-2015-5441
+CVE-2015-5441 (Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Man ...)
 	NOT-FOR-US: HP Arcsight
-CVE-2015-5440
+CVE-2015-5440 (HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10. ...)
 	NOT-FOR-US: HP UCMDB
 CVE-2015-5439
 	REJECTED
@@ -11169,81 +11169,81 @@ CVE-2015-5437
 	REJECTED
 CVE-2015-5436
 	REJECTED
-CVE-2015-5435
+CVE-2015-5435 (Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 ...)
 	NOT-FOR-US: HP
-CVE-2015-5434
+CVE-2015-5434 (HPE Networking Products, originally branded as Comware 5, Comware 7, H ...)
 	NOT-FOR-US: HP H3C
-CVE-2015-5433
+CVE-2015-5433 (HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used ...)
 	NOT-FOR-US: HP Virtual Connect Enterprise Manager
-CVE-2015-5432
+CVE-2015-5432 (HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used ...)
 	NOT-FOR-US: HP Virtual Connect Enterprise Manager
-CVE-2015-5431
+CVE-2015-5431 (HP Matrix Operating Environment before 7.5.0 allows remote authenticat ...)
 	NOT-FOR-US: HP Matrix Operating Environment
-CVE-2015-5430
+CVE-2015-5430 (HP Matrix Operating Environment before 7.5.0 allows remote attackers t ...)
 	NOT-FOR-US: HP Matrix Operating Environment
-CVE-2015-5429
+CVE-2015-5429 (HP Matrix Operating Environment before 7.5.0 allows remote attackers t ...)
 	NOT-FOR-US: HP Matrix Operating Environment
-CVE-2015-5428
+CVE-2015-5428 (HP Matrix Operating Environment before 7.5.0 allows remote attackers t ...)
 	NOT-FOR-US: HP Matrix Operating Environment
-CVE-2015-5427
+CVE-2015-5427 (HP Matrix Operating Environment before 7.5.0 allows remote attackers t ...)
 	NOT-FOR-US: HP Matrix Operating Environment
-CVE-2015-5426
+CVE-2015-5426 (Unspecified vulnerability in HP LoadRunner Controller before 12.50 all ...)
 	NOT-FOR-US: HP LoadRunner
 CVE-2015-5425
 	REJECTED
-CVE-2015-5424
+CVE-2015-5424 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x b ...)
 	NOT-FOR-US: HP KeyView
-CVE-2015-5423
+CVE-2015-5423 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x b ...)
 	NOT-FOR-US: HP KeyView
-CVE-2015-5422
+CVE-2015-5422 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x b ...)
 	NOT-FOR-US: HP KeyView
-CVE-2015-5421
+CVE-2015-5421 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x b ...)
 	NOT-FOR-US: HP KeyView
-CVE-2015-5420
+CVE-2015-5420 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x b ...)
 	NOT-FOR-US: HP KeyView
-CVE-2015-5419
+CVE-2015-5419 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x b ...)
 	NOT-FOR-US: HP KeyView
-CVE-2015-5418
+CVE-2015-5418 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x b ...)
 	NOT-FOR-US: HP KeyView
-CVE-2015-5417
+CVE-2015-5417 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x b ...)
 	NOT-FOR-US: HP KeyView
-CVE-2015-5416
+CVE-2015-5416 (Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x b ...)
 	NOT-FOR-US: HP KeyView
 CVE-2015-5415
 	REJECTED
 CVE-2015-5414
 	REJECTED
-CVE-2015-5413
+CVE-2015-5413 (HP Version Control Repository Manager (VCRM) before 7.5.0 allows remot ...)
 	NOT-FOR-US: HP Version Control Repository Manager
-CVE-2015-5412
+CVE-2015-5412 (Cross-site request forgery (CSRF) vulnerability in HP Version Control  ...)
 	NOT-FOR-US: HP Version Control Repository Manager
-CVE-2015-5411
+CVE-2015-5411 (HP Version Control Repository Manager (VCRM) before 7.5.0 allows remot ...)
 	NOT-FOR-US: HP Version Control Repository Manager
-CVE-2015-5410
+CVE-2015-5410 (HP Version Control Repository Manager (VCRM) before 7.5.0 allows remot ...)
 	NOT-FOR-US: HP Version Control Repository Manager
-CVE-2015-5409
+CVE-2015-5409 (Buffer overflow in HP Version Control Repository Manager (VCRM) before ...)
 	NOT-FOR-US: HP Version Control Repository Manager
-CVE-2015-5408
+CVE-2015-5408 (HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView ...)
 	NOT-FOR-US: HP CentralView Fraud Risk Management
-CVE-2015-5407
+CVE-2015-5407 (HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView ...)
 	NOT-FOR-US: HP CentralView Fraud Risk Management
-CVE-2015-5406
+CVE-2015-5406 (HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView ...)
 	NOT-FOR-US: HP CentralView Fraud Risk Management
-CVE-2015-5405
+CVE-2015-5405 (HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Op ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2015-5404
+CVE-2015-5404 (HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Op ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2015-5403
+CVE-2015-5403 (HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Op ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2015-5402
+CVE-2015-5402 (HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Op ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2015-5401
+CVE-2015-5401 (Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 ...)
 	NOT-FOR-US: Teradata
-CVE-2015-5399
+CVE-2015-5399 (Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows ...)
 	NOT-FOR-US: PHPVibe
 CVE-2015-5398
 	RESERVED
-CVE-2015-5397
+CVE-2015-5397 (Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 throu ...)
 	NOT-FOR-US: Joomla!
 CVE-2015-5396
 	RESERVED
@@ -11263,43 +11263,43 @@ CVE-2015-5388
 	RESERVED
 CVE-2015-5387
 	RESERVED
-CVE-2015-5386
+CVE-2015-5386 (Siemens SICAM MIC devices with firmware before 2404 allow remote attac ...)
 	NOT-FOR-US: Siemens
 CVE-2015-5385
 	RESERVED
 CVE-2015-5384
 	RESERVED
-CVE-2015-5379
+CVE-2015-5379 (Cross-site scripting (XSS) vulnerability in actions.hsp in the Ajax We ...)
 	NOT-FOR-US: Axigen
-CVE-2015-5378
+CVE-2015-5378 (Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attac ...)
 	- logstash <itp> (bug #664841)
-CVE-2015-5377
+CVE-2015-5377 (** DISPUTED ** Elasticsearch before 1.6.1 allows remote attackers to e ...)
 	- elasticsearch 1.6.1+dfsg-1 (bug #792617)
 	[jessie] - elasticsearch <end-of-life> (No longer supported, see DSA 3389)
 	NOTE: https://www.elastic.co/blog/elasticsearch-1-7-0-and-1-6-1-released#security
-CVE-2015-5376
+CVE-2015-5376 (SQL injection vulnerability in the login form in GSI WiNPAT Portal 3.2 ...)
 	NOT-FOR-US: GSI WiNPAT Portal
-CVE-2015-5375
+CVE-2015-5375 (Cross-site scripting (XSS) vulnerability in unspecified dialogs for pr ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2015-5374
+CVE-2015-5374 (A vulnerability has been identified in Firmware variant PROFINET IO fo ...)
 	NOT-FOR-US: Siemens
 CVE-2015-5373
 	RESERVED
-CVE-2015-5372
+CVE-2015-5372 (The SAML 2.0 implementation in AdNovum nevisAuth 4.13.0.0 before 4.18. ...)
 	NOT-FOR-US: AdNovum nevisAuth
-CVE-2015-5371
+CVE-2015-5371 (The AuthenticationFilter class in SolarWinds Storage Manager allows re ...)
 	NOT-FOR-US: SolarWinds
-CVE-2015-5370
+CVE-2015-5370 (Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before  ...)
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2015-5370.html
-CVE-2015-5369
+CVE-2015-5369 (Pulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, PCS65 ...)
 	NOT-FOR-US: Pulse Connect Secure / Juniper PCS
-CVE-2015-5368
+CVE-2015-5368 (The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00. ...)
 	NOT-FOR-US: HP
-CVE-2015-5367
+CVE-2015-5367 (The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00. ...)
 	NOT-FOR-US: HP
-CVE-2015-8041
+CVE-2015-8041 (Multiple integer overflows in the NDEF record parser in hostapd before ...)
 	{DSA-3397-1}
 	- wpa 2.3-2.2 (bug #795740)
 	- wpasupplicant <removed>
@@ -11308,14 +11308,14 @@ CVE-2015-8041
 	[squeeze] - hostapd <not-affected> (v0.7.0-v2.4 with CONFIG_WPS_NFC=y)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/08/3
 	NOTE: http://w1.fi/security/2015-5/
-CVE-2015-5395
+CVE-2015-5395 (Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0. ...)
 	- sogo 3.2.4-0.2 (bug #796197)
 	[wheezy] - sogo <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://lists.debian.org/debian-lts/2016/05/msg00197.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/07/10
 	NOTE: http://www.sogo.nu/bugs/view.php?id=3246
 	NOTE: https://github.com/inverse-inc/sogo/commit/582baf2960969c73f98643e46cfb49432c30b711 (SOGo-3.1.0)
-CVE-2015-5470
+CVE-2015-5470 (The label decompression functionality in PowerDNS Recursor before 3.6. ...)
 	{DSA-3307-1 DSA-3306-1}
 	- pdns 3.4.5-1
 	[wheezy] - pdns <not-affected> (3.2 and up affected)
@@ -11326,23 +11326,23 @@ CVE-2015-5470
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/07/6
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/
 	NOTE: Patch: http://downloads.powerdns.com/patches/2015-01/rec-3.7.2.patch
-CVE-2015-5383
+CVE-2015-5383 (Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain ...)
 	- roundcube <not-affected> (protection is done in apache config in binary package)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
 	NOTE: http://trac.roundcube.net/ticket/1490378
-CVE-2015-5382
+CVE-2015-5382 (program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6  ...)
 	- roundcube 1.1.2+dfsg.1-1 (bug #791643)
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
 	NOTE: http://trac.roundcube.net/ticket/1490379
-CVE-2015-5381
+CVE-2015-5381 (Cross-site scripting (XSS) vulnerability in program/include/rcmail.php ...)
 	- roundcube 1.1.2+dfsg.1-1 (bug #791643)
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
 	NOTE: http://trac.roundcube.net/ticket/1490417
-CVE-2015-5400
+CVE-2015-5400 (Squid before 3.5.6 does not properly handle CONNECT method peer respon ...)
 	{DSA-3327-1 DLA-286-1}
 	- squid 4.1-1
 	[wheezy] - squid <no-dsa> (Fix is hard to backport and default configuration is not affected)
@@ -11355,34 +11355,34 @@ CVE-2015-5400
 	NOTE: In squeeze's squid3 the code is structured differently but the bug still appears to be present.
 	NOTE: For squid 2.x all versions are affected, cf. comment by upstream in
 	NOTE: https://bugs.debian.org/793128#12
-CVE-2015-5380
+CVE-2015-5380 (The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in  ...)
 	- nodejs <not-affected> (Only affects 0.12.x)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/05/1
-CVE-2015-5365
+CVE-2015-5365 (Cross-site scripting (XSS) vulnerability in Zurmo CRM 3.0.2 allows rem ...)
 	NOT-FOR-US: Zurmo CRM
-CVE-2015-5363
+CVE-2015-5363 (The SRX Network Security Daemon (nsd) in Juniper SRX Series services g ...)
 	NOT-FOR-US: Juniper
-CVE-2015-5362
+CVE-2015-5362 (The BFD daemon in Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 ...)
 	NOT-FOR-US: Juniper
 CVE-2015-5361
 	RESERVED
-CVE-2015-5360
+CVE-2015-5360 (IPv6 sendd in Juniper Junos 12.1X44 before 12.1X44-D51, 12.1X46 before ...)
 	NOT-FOR-US: Juniper
-CVE-2015-5359
+CVE-2015-5359 (Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D3 ...)
 	NOT-FOR-US: Juniper
-CVE-2015-5358
+CVE-2015-5358 (Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D3 ...)
 	NOT-FOR-US: Juniper
-CVE-2015-5357
+CVE-2015-5357 (The Juniper EX4600, QFX3500, QFX3600, and QFX5100 switches with Junos  ...)
 	NOT-FOR-US: Juniper
-CVE-2015-5356
+CVE-2015-5356 (Cross-site scripting (XSS) vulnerability in admin/filebrowser.php in G ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2015-5355
+CVE-2015-5355 (Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS b ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2015-5354
+CVE-2015-5354 (Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote a ...)
 	NOT-FOR-US: Novius OS
-CVE-2015-5353
+CVE-2015-5353 (Directory traversal vulnerability in Novius OS 5.0.1 (Elche) allows re ...)
 	NOT-FOR-US: Novius OS
-CVE-2015-5351
+CVE-2015-5351 (The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x ...)
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1 DLA-435-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.32-1
@@ -11394,15 +11394,15 @@ CVE-2015-5351
 	NOTE: upstream patches reveals that this issue is fixed since 6.0.45
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1720661
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1720663
-CVE-2015-5350
+CVE-2015-5350 (In Garden versions 0.22.0-0.329.0, a vulnerability has been discovered ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2015-5349
+CVE-2015-5349 (The CSV export in Apache LDAP Studio and Apache Directory Studio befor ...)
 	NOT-FOR-US: Apache LDAP Studio and Apache Directory Studio
-CVE-2015-5348
+CVE-2015-5348 (Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x be ...)
 	NOT-FOR-US: Apache Camel
-CVE-2015-5347
+CVE-2015-5347 (Cross-site scripting (XSS) vulnerability in the getWindowOpenJavaScrip ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2015-5346
+CVE-2015-5346 (Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x ...)
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.30-1
@@ -11414,7 +11414,7 @@ CVE-2015-5346
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1713187
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1713185
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1723506
-CVE-2015-5345
+CVE-2015-5345 (The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7. ...)
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1 DLA-435-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.30-1
@@ -11422,36 +11422,36 @@ CVE-2015-5345
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: Fixed in 6.0.45, 7.0.67, 8.0.30, 9.0.0.M3
-CVE-2015-5344
+CVE-2015-5344 (The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x b ...)
 	NOT-FOR-US: Apache Camel
-CVE-2015-5343
+CVE-2015-5343 (Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x,  ...)
 	{DSA-3424-1}
 	- subversion 1.9.3-1
 	[wheezy] - subversion <not-affected> (Vulnerable code not present)
 	[squeeze] - subversion <not-affected> (Vulnerable code not present)
 	NOTE: https://subversion.apache.org/security/CVE-2015-5343-advisory.txt
-CVE-2015-5342
+CVE-2015-5342 (The choice module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x ...)
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5341
+CVE-2015-5341 (mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before  ...)
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5340
+CVE-2015-5340 (Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2. ...)
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5339
+CVE-2015-5339 (The core_enrol_get_enrolled_users web service in enrol/externallib.php ...)
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5338
+CVE-2015-5338 (Multiple cross-site request forgery (CSRF) vulnerabilities in the less ...)
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5337
+CVE-2015-5337 (Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2. ...)
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5336
+CVE-2015-5336 (Multiple cross-site scripting (XSS) vulnerabilities in the survey modu ...)
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
-CVE-2015-5335
+CVE-2015-5335 (Cross-site request forgery (CSRF) vulnerability in admin/registration/ ...)
 	- moodle 2.7.11+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 CVE-2015-5334
@@ -11460,11 +11460,11 @@ CVE-2015-5334
 CVE-2015-5333
 	RESERVED
 	- libressl <itp> (bug #754513)
-CVE-2015-5332
+CVE-2015-5332 (Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote ...)
 	- moodle <not-affected> (Only affects 2.8 and later)
-CVE-2015-5331
+CVE-2015-5331 (Moodle 2.9.x before 2.9.3 does not properly check the contact list bef ...)
 	- moodle <not-affected> (Only affects 2.9 and later)
-CVE-2015-5330
+CVE-2015-5330 (ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4 ...)
 	{DSA-3433-1}
 	- samba 2:4.1.22+dfsg-1
 	[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
@@ -11481,45 +11481,45 @@ CVE-2015-5330
 	NOTE: https://git.samba.org/?p=samba.git;a=commit;h=83f1d39cd9ab9b8b548602f9ee806a994fca9d0c (v4-1-stable)
 	NOTE: https://www.samba.org/samba/security/CVE-2015-5330.html
 	NOTE: Samba update needs as well fixed ldb
-CVE-2015-5329
+CVE-2015-5329 (The TripleO Heat templates (tripleo-heat-templates), as used in Red Ha ...)
 	- tripleo-heat-templates 5.2.0-1 (bug #851396)
 CVE-2015-5328
 	RESERVED
-CVE-2015-5327
+CVE-2015-5327 (Out-of-bounds memory read in the x509_decode_time function in x509_cer ...)
 	- linux <not-affected> (Only affected 4.3-rc1 onwards)
 	- linux-2.6 <not-affected> (Only affected 4.3-rc1 onwards)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cc25b994acfbc901429da682d0f73c190e960206 (v4.4-rc1)
-CVE-2015-5326
+CVE-2015-5326 (Cross-site scripting (XSS) vulnerability in the slave overview page in ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5325
+CVE-2015-5325 (Jenkins before 1.638 and LTS before 1.625.2 allow attackers to bypass  ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5324
+CVE-2015-5324 (Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to  ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5323
+CVE-2015-5323 (Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict a ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5322
+CVE-2015-5322 (Directory traversal vulnerability in Jenkins before 1.638 and LTS befo ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5321
+CVE-2015-5321 (The sidepanel widgets in the CLI command overview and help pages in Je ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5320
+CVE-2015-5320 (Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5319
+CVE-2015-5319 (XML external entity (XXE) vulnerability in the create-job CLI command  ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5318
+CVE-2015-5318 (Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5317
+CVE-2015-5317 (The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2  ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
-CVE-2015-5316
+CVE-2015-5316 (The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in ...)
 	{DSA-3397-1}
 	- wpa 2.3-2.3 (bug #804710)
 	[wheezy] - wpa <not-affected> (v2.3-v2.5 with CONFIG_EAP_PWD=y)
@@ -11528,7 +11528,7 @@ CVE-2015-5316
 	NOTE: http://w1.fi/security/2015-8/
 	NOTE: https://w1.fi/security/2015-8/eap-pwd-unexpected-confirm.txt
 	NOTE: https://w1.fi/security/2015-8/0001-EAP-pwd-peer-Fix-error-path-for-unexpected-Confirm-m.patch
-CVE-2015-5315
+CVE-2015-5315 (The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2 ...)
 	{DSA-3397-1}
 	- wpa 2.3-2.3 (bug #804708)
 	[wheezy] - wpa <not-affected> (v2.0-v2.5 with CONFIG_EAP_PWD=y)
@@ -11537,7 +11537,7 @@ CVE-2015-5315
 	NOTE: http://w1.fi/security/2015-7/
 	NOTE: https://w1.fi/security/2015-7/eap-pwd-missing-last-fragment-length-validation.txt
 	NOTE: https://w1.fi/security/2015-7/0001-EAP-pwd-peer-Fix-last-fragment-length-validation.patch
-CVE-2015-5314
+CVE-2015-5314 (The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd ...)
 	{DSA-3397-1}
 	- wpa 2.3-2.3 (bug #804708)
 	[wheezy] - wpa <not-affected> (v2.0-v2.5 with CONFIG_EAP_PWD=y)
@@ -11546,7 +11546,7 @@ CVE-2015-5314
 	NOTE: http://w1.fi/security/2015-7/
 	NOTE: https://w1.fi/security/2015-7/eap-pwd-missing-last-fragment-length-validation.txt
 	NOTE: https://w1.fi/security/2015-7/0001-EAP-pwd-server-Fix-last-fragment-length-validation.patch
-CVE-2015-5313
+CVE-2015-5313 (Directory traversal vulnerability in the virStorageBackendFileSystemVo ...)
 	- libvirt 1.3.0-1 (bug #808273)
 	[jessie] - libvirt 1.2.9-9+deb8u2
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
@@ -11554,19 +11554,19 @@ CVE-2015-5313
 	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=034e47c338b13a95cf02106a3af912c1c5f818d7
 	NOTE: Broken by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=c930410bebae0a45889b992a7932c663b06cbbcd (v1.1.0-rc1)
 	NOTE: http://security.libvirt.org/2015/0004.html
-CVE-2015-5312
+CVE-2015-5312 (The xmlStringLenDecodeEntities function in parser.c in libxml2 before  ...)
 	{DSA-3430-1 DLA-373-1}
 	- libxml2 2.9.3+dfsg1-1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e (v2.9.3)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756733 (upstream bug not yet open)
-CVE-2015-5311
+CVE-2015-5311 (PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows rem ...)
 	- pdns 3.4.7-1
 	[jessie] - pdns <not-affected> (Only 3.4.4 and later affected)
 	[wheezy] - pdns <not-affected> (Only 3.4.4 and later affected)
 	[squeeze] - pdns <not-affected> (Only 3.4.4 and later affected)
 	- pdns-recursor <not-affected> (recursor not affected)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/09/3
-CVE-2015-5310
+CVE-2015-5310 (The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not prop ...)
 	{DSA-3397-1}
 	- wpa 2.3-2.3 (bug #804707)
 	[wheezy] - wpa <not-affected> (v2.0-v2.5 with CONFIG_WNM=y)
@@ -11575,14 +11575,14 @@ CVE-2015-5310
 	NOTE: http://w1.fi/security/2015-6/
 	NOTE: https://w1.fi/security/2015-6/0001-WNM-Ignore-Key-Data-in-WNM-Sleep-Mode-Response-frame.patch
 	NOTE: https://w1.fi/security/2015-6/wpa_supplicant-unauthorized-wnm-sleep-mode-gtk-control.txt
-CVE-2015-5309
+CVE-2015-5309 (Integer overflow in the terminal emulator in PuTTY before 0.66 allows  ...)
 	{DSA-3409-1 DLA-347-1}
 	- putty 0.66-1
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html
 	NOTE: http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=6056396f77cafc7e40da4d09f1d6212408dcb065
-CVE-2015-5308
+CVE-2015-5308 (Multiple SQL injection vulnerabilities in cs_admin_users.php in the wp ...)
 	NOT-FOR-US: wp-championship plugin for WordPress
-CVE-2015-5307
+CVE-2015-5307 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x thr ...)
 	{DSA-3454-1 DSA-3414-1 DSA-3396-1 DLA-479-1}
 	- linux 4.2.6-1
 	- linux-2.6 <removed>
@@ -11593,26 +11593,26 @@ CVE-2015-5307
 	- virtualbox 5.0.10-dfsg-1
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
-CVE-2015-5306
+CVE-2015-5306 (OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), ...)
 	- ironic-inspector 3.2.0-1
 	NOTE: https://bugs.launchpad.net/ironic-inspector/+bug/1506419
-CVE-2015-5305
+CVE-2015-5305 (Directory traversal vulnerability in Kubernetes, as used in Red Hat Op ...)
 	- kubernetes <not-affected> (Fixed before the initial release in Debian, 1.2.0)
 	NOTE: https://github.com/kubernetes/kubernetes/pull/15975
-CVE-2015-5304
+CVE-2015-5304 (Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does  ...)
 	NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
-CVE-2015-5303
+CVE-2015-5303 (The TripleO Heat templates (tripleo-heat-templates), when deployed via ...)
 	- tripleo-heat-templates 5.2.0-1 (bug #851396)
-CVE-2015-5302
+CVE-2015-5302 (libreport 2.0.7 before 2.6.3 only saves changes to the first file when ...)
 	NOT-FOR-US: abrt/libreport
-CVE-2015-5301
+CVE-2015-5301 (providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsi ...)
 	- ipsilon <itp> (bug #826838)
-CVE-2015-5300
+CVE-2015-5300 (The panic_gate check in NTP before 4.2.8p5 is only re-enabled after th ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p4+dfsg-2
 	NOTE: https://www.cs.bu.edu/~goldbe/NTPattack.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1271076
-CVE-2015-5299
+CVE-2015-5299 (The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_c ...)
 	{DSA-3433-1 DLA-379-1}
 	- samba 2:4.1.22+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2015-5299.html
@@ -11626,19 +11626,19 @@ CVE-2015-5297 [general_composite_rect() integer overflow]
 	- pixman 0.33.4-1
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=92027
 	NOTE: Patch: https://cgit.freedesktop.org/pixman/patch/?id=204fcd24d9b7e3988b7496e723014f327828751a
-CVE-2015-5296
+CVE-2015-5296 (Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before  ...)
 	{DSA-3433-1 DLA-379-1}
 	- samba 2:4.1.22+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2015-5296.html
-CVE-2015-5295
+CVE-2015-5295 (The template-validate command in OpenStack Orchestration API (Heat) be ...)
 	- heat 1:6.0.0~rc3-1
 	[jessie] - heat <no-dsa> (Minor issue)
 	NOTE: Affects: <=2015.1.2, ==5.0.0
 CVE-2015-5294
 	REJECTED
-CVE-2015-5293
+CVE-2015-5293 (Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid  ...)
 	NOT-FOR-US: RHEV
-CVE-2015-5292
+CVE-2015-5292 (Memory leak in the Privilege Attribute Certificate (PAC) responder plu ...)
 	- sssd 1.13.1-1
 	[jessie] - sssd <no-dsa> (Minor issue; responder not built)
 	NOTE: binary package has the sssd_pac_plugin.so but the responder
@@ -11647,7 +11647,7 @@ CVE-2015-5292
 	[squeeze] - sssd <not-affected> (vulnerable code not present)
 	NOTE: https://fedorahosted.org/sssd/ticket/2803
 	NOTE: https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch
-CVE-2015-5291
+CVE-2015-5291 (Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed  ...)
 	{DSA-3468-1 DLA-331-1}
 	- mbedtls <not-affected> (Fixed before the initial release to Debian)
 	[experimental] - polarssl 1.3.14-0.1
@@ -11663,12 +11663,12 @@ CVE-2015-5290 [Remote denial of service using MONITOR command]
 	[wheezy] - ircd-ratbox <no-dsa> (Minor issue)
 	[squeeze] - ircd-ratbox <no-dsa> (Slow leak; workaround is available)
 	NOTE: http://elemental-ircd.com/security/e50b0d59-f3c5-4472-a3cd-e2e07731417c/
-CVE-2015-5289
+CVE-2015-5289 (Multiple stack-based buffer overflows in json parsing in PostgreSQL be ...)
 	{DSA-3374-1}
 	- postgresql-9.4 9.4.5-1
 	- postgresql-9.1 <not-affected> (no json datatype)
 	- postgresql-8.4 <not-affected> (no json datatype)
-CVE-2015-5288
+CVE-2015-5288 (The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9. ...)
 	{DSA-3475-1 DSA-3374-1 DLA-329-1}
 	- postgresql-9.4 9.4.5-1
 	- postgresql-9.1 <removed>
@@ -11676,35 +11676,35 @@ CVE-2015-5288
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl; EOL upstream)
 	[squeeze] - postgresql-8.4 <no-dsa> (minor issue)
-CVE-2015-5287
+CVE-2015-5287 (The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) ...)
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-5286
+CVE-2015-5286 (OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x b ...)
 	- glance 1:11.0.0-1 (bug #800741)
 	[jessie] - glance <not-affected> (Vulnerable code not present)
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: jessie: According to confirmation via upstream the fix for CVE-2014-9623
 	NOTE: was complete here so CVE-2015-5286 not affecting jessie.
 	NOTE: <=2014.2.3, >=2015.1.0, <=2015.1.1
-CVE-2015-5285
+CVE-2015-5285 (CRLF injection vulnerability in Kallithea before 0.3 allows remote att ...)
 	- kallithea <itp> (bug #689573)
-CVE-2015-5284
+CVE-2015-5284 (ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate  ...)
 	- freeipa <not-affected> (Introduced in 4.2)
 	NOTE: https://fedorahosted.org/freeipa/ticket/5347
 	NOTE: Upstream commit: https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=55a66ccba3e2181a50e7733b7476991975b7455f
-CVE-2015-5283
+CVE-2015-5283 (The sctp_init function in net/sctp/protocol.c in the Linux kernel befo ...)
 	- linux 4.2.1-2
 	[jessie] - linux 3.16.7-ckt11-1+deb8u5
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4 (v4.3-rc3)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4db67e808640e3934d82ce61ee8e2e89fd877ba8 (v3.7-rc1)
-CVE-2015-5282
+CVE-2015-5282 (Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after. ...)
 	- foreman <itp> (bug #663101)
-CVE-2015-5281
+CVE-2015-5281 (The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL)  ...)
 	- grub2 <not-affected> (SecureBoot not yet supported)
 CVE-2015-5280
 	REJECTED
-CVE-2015-5279
+CVE-2015-5279 (Heap-based buffer overflow in the ne2000_receive function in hw/net/ne ...)
 	{DSA-3362-1 DSA-3361-1}
 	- qemu 1:2.4+dfsg-3 (bug #799074)
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -11720,13 +11720,13 @@ CVE-2015-5278 [net: avoid infinite loop when receiving packets]
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Fix: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03985.html
 	NOTE: Possibly introduced around http://git.qemu.org/?p=qemu.git;a=commitdiff;h=0ae045ae439ad83692ad039a554f7d62acf9de5c (v0.9.1)
-CVE-2015-5277
+CVE-2015-5277 (The get_contents function in nss_files/files-XXX.c in the Name Service ...)
 	- glibc 2.21-1 (bug #799966)
 	[jessie] - glibc 2.19-18+deb8u2
 	- eglibc <removed>
 	[wheezy] - eglibc <not-affected> (Vulnerable code not present)
 	[squeeze] - eglibc <not-affected> (Vulnerable code not present)
-CVE-2015-5276
+CVE-2015-5276 (The std::random_device class in libstdc++ in the GNU Compiler Collecti ...)
 	- gcc-5 5.3.0-1
 	- gcc-4.9 4.9.3-5
 	[jessie] - gcc-4.9 <no-dsa> (Minor issue)
@@ -11734,48 +11734,48 @@ CVE-2015-5276
 	NOTE: Upstream commit: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=227687
 CVE-2015-5275
 	REJECTED
-CVE-2015-5274
+CVE-2015-5274 (rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remot ...)
 	NOT-FOR-US: OpenShift
-CVE-2015-5273
+CVE-2015-5273 (The abrt-action-install-debuginfo-to-abrt-cache help program in Automa ...)
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-5272
+CVE-2015-5272 (The Forum module in Moodle 2.7.x before 2.7.10 allows remote authentic ...)
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50576
-CVE-2015-5271
+CVE-2015-5271 (The TripleO Heat templates (tripleo-heat-templates) do not properly or ...)
 	- tripleo-heat-templates <not-affected> (Vulnerability introduced later)
 	NOTE: Fixed by: https://github.com/openstack/tripleo-heat-templates/commit/1730d95acdbee7c7bbcfe1eba8a48ef2b0cc1476
 	NOTE: Introduced by: https://github.com/openstack/tripleo-heat-templates/commit/65d64b6a52366f36955e5e48a29f4ef0ca2ff973 (0.8.2) [Puppet: Swift Overcloud Proxy/Storage support]
 	NOTE: https://bugs.launchpad.net/tripleo/+bug/1494896
 CVE-2015-5270
 	REJECTED
-CVE-2015-5269
+CVE-2015-5269 (Cross-site scripting (XSS) vulnerability in group/overview.php in Mood ...)
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50709
-CVE-2015-5268
+CVE-2015-5268 (The rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2. ...)
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50173
-CVE-2015-5267
+CVE-2015-5267 (lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x ...)
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50860
-CVE-2015-5266
+CVE-2015-5266 (The enrol_meta_sync function in enrol/meta/locallib.php in Moodle thro ...)
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50744
-CVE-2015-5265
+CVE-2015-5265 (The wiki component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8. ...)
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48371
-CVE-2015-5264
+CVE-2015-5264 (The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x ...)
 	- moodle 2.7.10+dfsg-1 (bug #799634)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50516
-CVE-2015-5263
+CVE-2015-5263 (pulp-consumer-client 2.4.0 through 2.6.3 does not check the server's T ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2015-5262
+CVE-2015-5262 (http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents ...)
 	{DLA-322-1}
 	- httpcomponents-client 4.3.6-1 (low)
 	[jessie] - httpcomponents-client <no-dsa> (Minor issue)
@@ -11789,30 +11789,30 @@ CVE-2015-5262
 	NOTE: Proposed patch for commons-httpclient: https://bugzilla.redhat.com/show_bug.cgi?id=1259892
 	NOTE: Checked that both 4.0.1 (in Squeeze) and 4.1.1 (in Wheezy) have the call to set the timout before the SSL connection is opened.
 	NOTE: Jessie's 4.3.5-2 is however missing the upstream patch: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.3.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java?r1=1560975&r2=1626784
-CVE-2015-5261
+CVE-2015-5261 (Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS user ...)
 	{DSA-3371-1}
 	- spice 0.12.5-1.3 (bug #801091)
-CVE-2015-5260
+CVE-2015-5260 (Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS user ...)
 	{DSA-3371-1}
 	- spice 0.12.5-1.3 (bug #801089)
-CVE-2015-5259
+CVE-2015-5259 (Integer overflow in the read_string function in libsvn_ra_svn/marshal. ...)
 	- subversion 1.9.3-1
 	[jessie] - subversion <not-affected> (Only affects 1.9.0 through 1.9.2 (inclusive))
 	[wheezy] - subversion <not-affected> (Only affects 1.9.0 through 1.9.2 (inclusive))
 	[squeeze] - subversion <not-affected> (Only affects 1.9.0 through 1.9.2 (inclusive))
 	NOTE: https://subversion.apache.org/security/CVE-2015-5259-advisory.txt
-CVE-2015-5258
+CVE-2015-5258 (Cross-site request forgery (CSRF) vulnerability in springframework-soc ...)
 	NOT-FOR-US: springframework-social
-CVE-2015-5257
+CVE-2015-5257 (drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows ...)
 	{DSA-3372-1 DLA-325-1}
 	- linux 4.2.1-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbb4be652d374f64661137756b8f357a1827d6a4 (v4.3-rc3)
-CVE-2015-5256
+CVE-2015-5256 (Apache Cordova-Android before 4.1.0, when an application relies on a r ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2015-5255
+CVE-2015-5255 (Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before ...)
 	NOT-FOR-US: Adobe
-CVE-2015-5254
+CVE-2015-5254 (Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that c ...)
 	{DSA-3524-1}
 	- activemq 5.13.2+dfsg-1 (bug #809733)
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt
@@ -11820,24 +11820,24 @@ CVE-2015-5254
 	NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=73a0caf758f9e4916783a205c7e422b4db27905c (5.11.x)
 	NOTE: Patch applied to Fedora (5.6.0 based version): http://pkgs.fedoraproject.org/cgit/activemq.git/diff/activemq-5.6.0-CVE-2015-5254.patch?id=e3ef8a1b62d10273a814090be9168aa3019ace72
 	NOTE: https://issues.apache.org/jira/browse/AMQ-6013
-CVE-2015-5253
+CVE-2015-5253 (The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0. ...)
 	NOT-FOR-US: Apache CXF
-CVE-2015-5252
+CVE-2015-5252 (vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7,  ...)
 	{DSA-3433-1 DLA-379-1}
 	- samba 2:4.1.22+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2015-5252.html
-CVE-2015-5251
+CVE-2015-5251 (OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x b ...)
 	- glance 1:11.0.0-1 (bug #799931)
 	[jessie] - glance 2014.1.3-12+deb8u1
 	[wheezy] - glance <no-dsa> (Minor issue)
 	NOTE: <=2014.2.3, >=2015.1.0, <=2015.1.1
-CVE-2015-5250
+CVE-2015-5250 (The API server in OpenShift Origin 1.0.5 allows remote attackers to ca ...)
 	NOT-FOR-US: OpenShift
 CVE-2015-5249
 	REJECTED
-CVE-2015-5248
+CVE-2015-5248 (Reflected file download vulnerability in Red Hat Feedhenry Enterprise  ...)
 	NOT-FOR-US: Red Hat Mobile
-CVE-2015-5247
+CVE-2015-5247 (The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows ...)
 	- libvirt 1.2.20-1 (bug #799132)
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced later)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
@@ -11845,27 +11845,27 @@ CVE-2015-5247
 	NOTE: http://security.libvirt.org/2015/0003.html
 	NOTE: Broken by https://libvirt.org/git/?p=libvirt.git;a=commit;h=155ca616eb231181f6978efc9e3a1eb0eb60af8a (v1.2.14-rc1)
 	NOTE: and by https://libvirt.org/git/?p=libvirt.git;a=commit;h=7c2d65dde2595c07d56aad1e043f7b1836592d89 (v1.2.16-rc1)
-CVE-2015-5246
+CVE-2015-5246 (The LDAP Authentication functionality in Foreman might allow remote at ...)
 	- foreman <itp> (bug #663101)
-CVE-2015-5245
+CVE-2015-5245 (CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw o ...)
 	[experimental] - ceph 0.94.3-1
 	- ceph 0.80.10-1 (bug #798567)
 	[jessie] - ceph 0.80.7-2+deb8u1
 	NOTE: http://tracker.ceph.com/issues/12537
 	NOTE: https://github.com/ceph/ceph/pull/5430
-CVE-2015-5244
+CVE-2015-5244 (The NSSCipherSuite option with ciphersuites enabled in mod_nss before  ...)
 	- libapache2-mod-nss 1.0.12-1 (bug #799464)
 	[jessie] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	[wheezy] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	NOTE: Introduced in https://git.fedorahosted.org/cgit/mod_nss.git/commit/?id=2d1650900f4d47dc43400d826c0f7e1a7c5229b8 (1.0.11)
 	NOTE: Fixed by https://git.fedorahosted.org/cgit/mod_nss.git/commit/?id=34e1ccecb4a7d5054dba2f92b403af9b6ae1e110 (1.0.12)
-CVE-2015-5243
+CVE-2015-5243 (phpWhois allows remote attackers to execute arbitrary code via a craft ...)
 	NOT-FOR-US: phpWhois
-CVE-2015-5242
+CVE-2015-5242 (OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict u ...)
 	NOT-FOR-US: swiftonfile
-CVE-2015-5241
+CVE-2015-5241 (After logging into the portal, the logout jsp page redirects the brows ...)
 	NOT-FOR-US: Apache jUDDI
-CVE-2015-5240
+CVE-2015-5240 (Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before  ...)
 	- neutron 1:7.0.0-1
 	[jessie] - neutron <no-dsa> (Minor issue)
 	NOTE: versions through 2014.2.3 and 2015.1 versions through 2015.1.1
@@ -11879,25 +11879,25 @@ CVE-2015-5239 [Integer overflow in vnc_client_read() and protocol_client_msg()]
 	NOTE: Upstream fix: http://git.qemu.org/?p=qemu.git;a=commit;h=f9a70e79391f6d7c2a912d785239ee8effc1922d (v2.1.0-rc0)
 CVE-2015-5238
 	RESERVED
-CVE-2015-5237
+CVE-2015-5237 (protobuf allows remote authenticated attackers to cause a heap-based b ...)
 	- protobuf <unfixed> (unimportant)
 	NOTE: https://github.com/google/protobuf/issues/760
 	NOTE: Upstream doesn't consider this a real issue in practice.
 CVE-2015-5236
 	RESERVED
-CVE-2015-5235
+CVE-2015-5235 (IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly dete ...)
 	- icedtea-web 1.6.1-1 (bug #798467)
 	[jessie] - icedtea-web 1.5.3-1
 	[wheezy] - icedtea-web <no-dsa> (Minor issue)
-CVE-2015-5234
+CVE-2015-5234 (IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sani ...)
 	- icedtea-web 1.6.1-1 (bug #798467)
 	[jessie] - icedtea-web 1.5.3-1
 	[wheezy] - icedtea-web <no-dsa> (Minor issue)
-CVE-2015-5233
+CVE-2015-5233 (Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply view ...)
 	- foreman <itp> (bug #663101)
-CVE-2015-5232
+CVE-2015-5232 (Race conditions in opa-fm before 10.4.0.0.196 and opa-ff before 10.4.0 ...)
 	NOT-FOR-US: OPA Fabric Manager and OPA tools and Fast Fabric
-CVE-2015-5231
+CVE-2015-5231 (The service daemon in CRIU does not properly restrict access to non-du ...)
 	- criu 1.8-2 (bug #797110)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1256728
 CVE-2015-5230
@@ -11907,17 +11907,17 @@ CVE-2015-5230
 	[wheezy] - pdns <not-affected> (Only affects 3.4.0-3.4.5)
 	[squeeze] - pdns <not-affected> (Only affects 3.4.0-3.4.5)
 	NOTE: https://downloads.powerdns.com/patches/2015-02/
-CVE-2015-5229
+CVE-2015-5229 (The calloc function in the glibc package in Red Hat Enterprise Linux ( ...)
 	- glibc <not-affected> (RHEL-specific backport)
 	- eglibc <not-affected> (RHEL-specific backport)
-CVE-2015-5228
+CVE-2015-5228 (The service daemon in CRIU creates log and dump files insecurely, whic ...)
 	- criu 1.8-2 (bug #797111)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1255782
-CVE-2015-5227
+CVE-2015-5227 (The Landing Pages plugin before 1.9.2 for WordPress allows remote atta ...)
 	NOT-FOR-US: Landing Pages plugin for WordPress
 CVE-2015-5226
 	REJECTED
-CVE-2015-5225
+CVE-2015-5225 (Buffer overflow in the vnc_refresh_server_surface function in the VNC  ...)
 	{DSA-3348-1}
 	- qemu 1:2.4+dfsg-1a (bug #796465)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced in 2.1.0)
@@ -11925,37 +11925,37 @@ CVE-2015-5225
 	- qemu-kvm <not-affected> (Vulnerable code introduced in 2.1.0)
 	NOTE: Fix: https://lists.gnu.org/archive/html/qemu-devel/2015-08/msg02495.html
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=bea60dd7679364493a0d7f5b (v2.1.0-rc0)
-CVE-2015-5224
+CVE-2015-5224 (The mkostemp function in login-utils in util-linux when used incorrect ...)
 	[experimental] - util-linux 2.27~rc2-2
 	- util-linux 2.27-1 (unimportant)
 	NOTE: chfn/chsh not built in util-linux in Debian (--disable-chfn-chsh)
 	NOTE: https://github.com/karelzak/util-linux/commit/bde91c85bdc77975155058276f99d2e0f5eab5a9 (v2.27-rc2)
-CVE-2015-5223
+CVE-2015-5223 (OpenStack Object Storage (Swift) before 2.4.0 allows attackers to obta ...)
 	- swift 2.4.0-1 (bug #797032)
 	[jessie] - swift 2.2.0-1+deb8u1
 	[wheezy] - swift <no-dsa> (Minor issue)
-CVE-2015-5222
+CVE-2015-5222 (Red Hat OpenShift Enterprise 3.0.0.0 does not properly check permissio ...)
 	NOT-FOR-US: OpenShift
-CVE-2015-5221
+CVE-2015-5221 (Use-after-free vulnerability in the mif_process_cmpt function in libja ...)
 	{DLA-1583-1}
 	- jasper <removed> (bug #796253)
 	[wheezy] - jasper <no-dsa> (Minor issue)
 	[squeeze] - jasper <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/20/4
 	NOTE: Fixed by https://github.com/mdadams/jasper/commit/df5d2867e8004e51e18b89865bc4aa69229227b3
-CVE-2015-5220
+CVE-2015-5220 (The Web Console in Red Hat Enterprise Application Platform (EAP) befor ...)
 	NOT-FOR-US: JBoss EAP
-CVE-2015-5219
+CVE-2015-5219 (The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not proper ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p3+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	[squeeze] - ntp <no-dsa> (Minor issue)
 	NOTE: https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8
-CVE-2015-5218
+CVE-2015-5218 (Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before  ...)
 	- util-linux 2.27-1 (unimportant; bug #798067)
 	NOTE: https://www.spinics.net/lists/util-linux-ng/msg11873.html
-CVE-2015-5217
+CVE-2015-5217 (providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsi ...)
 	- ipsilon <itp> (bug #826838)
 CVE-2015-5216
 	RESERVED
@@ -11963,19 +11963,19 @@ CVE-2015-5216
 CVE-2015-5215
 	RESERVED
 	- ipsilon <itp> (bug #826838)
-CVE-2015-5214
+CVE-2015-5214 (LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice be ...)
 	{DSA-3394-1}
 	- libreoffice 1:5.0.1~rc2-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/
-CVE-2015-5213
+CVE-2015-5213 (Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice bef ...)
 	{DSA-3394-1}
 	- libreoffice 1:5.0.1~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/
-CVE-2015-5212
+CVE-2015-5212 (Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice be ...)
 	{DSA-3394-1}
 	- libreoffice 1:5.0.1~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/
-CVE-2015-5211
+CVE-2015-5211 (Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4 ...)
 	- libspring-java 4.1.9-1
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <no-dsa> (Minor issue)
@@ -11984,45 +11984,45 @@ CVE-2015-5211
 	NOTE: https://github.com/spring-projects/spring-framework/commit/a95c3d
 	NOTE: https://github.com/spring-projects/spring-framework/commit/03f547
 	NOTE: https://pivotal.io/security/cve-2015-5211
-CVE-2015-5210
+CVE-2015-5210 (Open redirect vulnerability in Apache Ambari before 2.1.2 allows remot ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2015-5209
+CVE-2015-5209 (Apache Struts 2.x before 2.3.24.1 allows remote attackers to manipulat ...)
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <not-affected> (Only affects versions >= 2.x)
 	NOTE: https://struts.apache.org/docs/s2-026.html
-CVE-2015-5208
+CVE-2015-5208 (Apache Cordova iOS before 4.0.0 allows remote attackers to execute arb ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2015-5207
+CVE-2015-5207 (Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL  ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2015-5206
+CVE-2015-5206 (Unspecified vulnerability in the HTTP/2 experimental feature in Apache ...)
 	- trafficserver 6.0.0-1
 	[wheezy] - trafficserver <not-affected> (Vulnerable code not present)
 CVE-2015-5205
 	REJECTED
-CVE-2015-5204
+CVE-2015-5204 (CRLF injection vulnerability in the Apache Cordova File Transfer Plugi ...)
 	NOT-FOR-US: Apache Cordova Android File Transfer Plugin
-CVE-2015-5203
+CVE-2015-5203 (Double free vulnerability in the jasper_image_stop_load function in Ja ...)
 	{DLA-1583-1}
 	- jasper <removed> (bug #796107)
 	[wheezy] - jasper <no-dsa> (Minor issue)
 	[squeeze] - jasper <no-dsa> (Minor issue)
 	NOTE: Analysis/More information/Fixing commits: https://bugzilla.redhat.com/show_bug.cgi?id=1254242#c11
-CVE-2015-5202
+CVE-2015-5202 (Red Hat Satellite 6 allows remote authenticated users with privileged  ...)
 	NOT-FOR-US: Satellite6
 CVE-2015-5201
 	RESERVED
 	NOT-FOR-US: Red Hat vdms
-CVE-2015-5200
+CVE-2015-5200 (The trace functionality in libvdpau before 1.1.1, when used in a setui ...)
 	{DSA-3355-1 DLA-306-1}
 	- libvdpau 1.1.1-1 (bug #797895)
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-August/002630.html
 	NOTE: http://cgit.freedesktop.org/~aplattner/libvdpau/commit/?id=d1f9c16b1a8187110e501c9116d21ffee25c0ba4
-CVE-2015-5199
+CVE-2015-5199 (Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 a ...)
 	{DSA-3355-1 DLA-306-1}
 	- libvdpau 1.1.1-1 (bug #797895)
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-August/002630.html
 	NOTE: http://cgit.freedesktop.org/~aplattner/libvdpau/commit/?id=d1f9c16b1a8187110e501c9116d21ffee25c0ba4
-CVE-2015-5198
+CVE-2015-5198 (libvdpau before 1.1.1, when used in a setuid or setgid application, al ...)
 	{DSA-3355-1 DLA-306-1}
 	- libvdpau 1.1.1-1 (bug #797895)
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-August/002630.html
@@ -12031,14 +12031,14 @@ CVE-2015-5197
 	REJECTED
 CVE-2015-5196
 	REJECTED
-CVE-2015-5195
+CVE-2015-5195 (ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p3+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	[squeeze] - ntp <no-dsa> (Minor issue)
 	NOTE: https://github.com/ntp-project/ntp/commit/52e977d79a0c4ace997e5c74af429844da2f27be
-CVE-2015-5194
+CVE-2015-5194 (The log_config_command function in ntp_parser.y in ntpd in NTP before  ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p3+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue)
@@ -12050,7 +12050,7 @@ CVE-2015-5193
 	REJECTED
 CVE-2015-5192
 	REJECTED
-CVE-2015-5191
+CVE-2015-5191 (VMware Tools prior to 10.0.9 contains multiple file system races in li ...)
 	- open-vm-tools 2:10.1.5-5055683-5 (low; bug #869633)
 	[stretch] - open-vm-tools 2:10.1.5-5055683-4+deb9u1
 	[jessie] - open-vm-tools <not-affected> (Vulnerable code not present)
@@ -12058,32 +12058,32 @@ CVE-2015-5191
 	NOTE: 9.10.x: https://github.com/vmware/open-vm-tools/commit/c1304ce8bfd9c0c33999e496bf7049d5c3d45821
 	NOTE: 10.0.x: https://github.com/vmware/open-vm-tools/commit/b3068b04880eda4ca3e13f2d34fb8ce336ad1a4f
 	NOTE: 10.1.x: https://github.com/vmware/open-vm-tools/commit/22e58289f71232310d30cf162b83b5151a937bac
-CVE-2015-5190
+CVE-2015-5190 (The pcsd web UI in PCS 0.9.139 and earlier allows remote authenticated ...)
 	- pcs <not-affected> (Fixed before initial release to Debian)
 	NOTE: https://github.com/feist/pcs/commit/634f6d93e4091946441f366e29859ed64a2c977a (0.9.144)
-CVE-2015-5189
+CVE-2015-5189 (Race condition in pcsd in PCS 0.9.139 and earlier uses a global variab ...)
 	- pcs <not-affected> (Fixed before the initial release in Debian)
 	NOTE: Patch in Fedora: http://pkgs.fedoraproject.org/cgit/rpms/pcs.git/plain/fixed-session-and-cookies-processing.patch?h=f22&id=c4b5ad398cb011cdf31374d37943b6593411ae65
 	NOTE: Patch in CentOS 7 corresponding to RHSA-2015:1700: https://git.centos.org/blob/rpms!pcs/bafb6400d552c4d9e9cb46ddbe523e8f47e0de63/SOURCES!bz1253289-fixed-session-and-cookies-processing.patch
-CVE-2015-5188
+CVE-2015-5188 (Cross-site request forgery (CSRF) vulnerability in the Web Console (we ...)
 	NOT-FOR-US: JBoss EAP
-CVE-2015-5187
+CVE-2015-5187 (Candlepin allows remote attackers to obtain sensitive information by o ...)
 	NOT-FOR-US: candlepin / subscription-manager
-CVE-2015-5186
+CVE-2015-5186 (Audit before 2.4.4 in Linux does not sanitize escape characters in fil ...)
 	- audit 1:2.4.4-1 (unimportant; bug #795457)
 	NOTE: Hardening, not a vulnerability. This is treated as a vulnerability in terminal emulators
 	NOTE: https://fedorahosted.org/audit/changeset/1122
-CVE-2015-5185
+CVE-2015-5185 (The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and  ...)
 	- sblim-sfcb <itp> (bug #754493)
-CVE-2015-5184
+CVE-2015-5184 (The Hawtio console in A-MQ allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: A-MQ's Hawtio console
-CVE-2015-5183
+CVE-2015-5183 (The Hawtio console in A-MQ does not set HTTPOnly or Secure attributes  ...)
 	NOT-FOR-US: A-MQ's Hawtio console
-CVE-2015-5182
+CVE-2015-5182 (Cross-site request forgery (CSRF) vulnerability in the jolokia API in  ...)
 	NOT-FOR-US: A-MQ's Hawtio console
-CVE-2015-5181
+CVE-2015-5181 (The JBoss console in A-MQ allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: A-MQ's Hawtio console
-CVE-2015-5180
+CVE-2015-5180 (res_query in libresolv in glibc before 2.25 allows remote attackers to ...)
 	- glibc 2.24-9 (low; bug #796106)
 	[jessie] - glibc <no-dsa> (Minor issue, too intrusive to backport)
 	- eglibc <removed> (low)
@@ -12091,43 +12091,43 @@ CVE-2015-5180
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18784
 	NOTE: Originally proposed for jessie 8.8, but breaks the NSS ABI so was retracted
-CVE-2015-5179
+CVE-2015-5179 (FreeIPA might display user data improperly via vectors involving non-p ...)
 	- freeipa <unfixed> (unimportant; bug #795399)
 	NOTE: https://fedorahosted.org/freeipa/ticket/5153
 	NOTE: Negligible security impact
-CVE-2015-5178
+CVE-2015-5178 (The Management Console in Red Hat Enterprise Application Platform befo ...)
 	NOT-FOR-US: JBoss EAP
-CVE-2015-5177
+CVE-2015-5177 (Double free vulnerability in the SLPDKnownDAAdd function in slpd/slpd_ ...)
 	{DSA-3353-1 DLA-304-1}
 	- openslp-dfsg 1.2.1-11 (bug #795429)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5177
-CVE-2015-5176
+CVE-2015-5176 (The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBos ...)
 	NOT-FOR-US: PortletBridge component in JBoss Portal
-CVE-2015-5175
+CVE-2015-5175 (Application plugins in Apache CXF Fediz before 1.1.3 and 1.2.x before  ...)
 	NOT-FOR-US: Apache CXF Fediz
-CVE-2015-5174
+CVE-2015-5174 (Directory traversal vulnerability in RequestUtil.java in Apache Tomcat ...)
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1 DLA-435-1}
 	- tomcat8 8.0.28-1
 	- tomcat7 7.0.68-1
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: Fixed in 6.0.45, 7.0.65, 8.0.27
-CVE-2015-5173
+CVE-2015-5173 (Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Piv ...)
 	NOT-FOR-US: Cloud Foundry Runtime cf-release
-CVE-2015-5172
+CVE-2015-5172 (Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Piv ...)
 	NOT-FOR-US: Cloud Foundry Runtime cf-release
-CVE-2015-5171
+CVE-2015-5171 (The password change functionality in Cloud Foundry Runtime cf-release  ...)
 	NOT-FOR-US: Cloud Foundry Runtime cf-release
-CVE-2015-5170
+CVE-2015-5170 (Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Piv ...)
 	NOT-FOR-US: Cloud Foundry Runtime cf-release
-CVE-2015-5169
+CVE-2015-5169 (Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.2 ...)
 	- libstruts1.2-java <not-affected> (Affects 2.0.0 - 2.3.16.3)
-CVE-2015-5168
+CVE-2015-5168 (Unspecified vulnerability in the HTTP/2 experimental feature in Apache ...)
 	- trafficserver 6.0.0-1
 	[wheezy] - trafficserver <not-affected> (Vulnerable code not present)
-CVE-2015-5167
+CVE-2015-5167 (The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote auth ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2015-5166
+CVE-2015-5166 (Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not ...)
 	- qemu 1:2.4+dfsg-1a (bug #794611)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -12141,7 +12141,7 @@ CVE-2015-5166
 	NOTE: BlockDriverState converted to BlockBackend in http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4be746345f13e99e468c60acbd3a355e8183e3ce (v2.2.0-rc0)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=6cd387833d05e8ad31829d97e474dc420625aed9 (v2.4.0-rc4)
 	NOTE: http://xenbits.xen.org/xsa/advisory-139.html
-CVE-2015-5165
+CVE-2015-5165 (The C+ mode offload emulation in the RTL8139 network card device model ...)
 	{DSA-3349-1 DSA-3348-1 DLA-479-1}
 	- qemu 1:2.4+dfsg-1a (bug #794610)
 	[wheezy] - qemu 1.1.2+dfsg-6a+deb7u9
@@ -12160,13 +12160,13 @@ CVE-2015-5165
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=c6296ea88df040054ccd781f3945fe103f8c7c17
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4240be45632db7831129f124bcf53c1223825b0f
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=8357946b15f0a31f73dd691b7da95f29318ed310
-CVE-2015-5164
+CVE-2015-5164 (The Qpid server on Red Hat Satellite 6 does not properly restrict mess ...)
 	NOT-FOR-US: Qpid server on Satellite6
-CVE-2015-5163
+CVE-2015-5163 (The import task action in OpenStack Image Service (Glance) 2015.1.x be ...)
 	- glance 2015.1.0-4 (bug #795453)
 	[jessie] - glance <not-affected> (Affects Glance 2015.1 versions trough 2015.1.1)
 	[wheezy] - glance <not-affected> (Affects Glance 2015.1 versions trough 2015.1.1)
-CVE-2015-5162
+CVE-2015-5162 (The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Gl ...)
 	- cinder 2:8.0.0-1
 	[jessie] - cinder <no-dsa> (Minor issue)
 	- glance 2:12.0.0-1 (low)
@@ -12176,13 +12176,13 @@ CVE-2015-5162
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: Patches: http://www.openwall.com/lists/oss-security/2016/10/06/8
-CVE-2015-5161
+CVE-2015-5161 (The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework ...)
 	{DSA-3340-1 DLA-302-1}
 	- zendframework 1.12.14+dfsg-1
 	- php-zend-xml 1.0.1-1
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-06
 	NOTE: Root issue already fixed in PHP 5.6.6, so this one is not relevant starting with Jessie
-CVE-2015-5160
+CVE-2015-5160 (libvirt before 2.2 includes Ceph credentials on the qemu command line  ...)
 	- libvirt 2.2.0-1 (low; bug #796111)
 	[jessie] - libvirt <no-dsa> (Minor issue; needs changes first in QEMU)
 	[wheezy] - libvirt <no-dsa> (Minor issue; needs changes first in QEMU)
@@ -12193,9 +12193,9 @@ CVE-2015-5160
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1182074 (not yet opened)
 	NOTE: https://www.redhat.com/archives/libvir-list/2011-November/msg00853.html
 	NOTE: Needs changes in QEMU for passing passwords. Affects at least iSCSI and rbd/ceph.
-CVE-2015-5159
+CVE-2015-5159 (python-kdcproxy before 0.3.2 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: kdcproxy
-CVE-2015-5158
+CVE-2015-5158 (Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built  ...)
 	- qemu 1:2.4+dfsg-1a (bug #793388)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -12203,14 +12203,14 @@ CVE-2015-5158
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2015-07/msg04558.html
 	NOTE: Introduced in http://git.qemu.org/?p=qemu.git;a=commitdiff;h=1894df02811f6b79ea3ffbf1084599d96f316173 (v2.2.0-rc0)
-CVE-2015-5157
+CVE-2015-5157 (arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_ ...)
 	{DSA-3313-1}
 	- linux 4.0.8-2
 	[wheezy] - linux <not-affected> (Introduced in 3.3)
 	- linux-2.6 <not-affected> (Introduced in 3.3)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a
 	NOTE: Same fix as for CVE-2015-3290.
-CVE-2015-5156
+CVE-2015-5156 (The virtnet_probe function in drivers/net/virtio_net.c in the Linux ke ...)
 	{DSA-3364-1 DLA-310-1}
 	- linux 4.1.5-1
 	- linux-2.6 <removed>
@@ -12220,7 +12220,7 @@ CVE-2015-5155 [Packet with crafted "nextoffset" and "extid" values causes DoS]
 	- openslp-dfsg 1.2.1-8 (bug #623551)
 	[squeeze] - openslp-dfsg 1.2.1-7.8+deb6u1
 	NOTE: duplicate of CVE-2010-3609
-CVE-2015-5154
+CVE-2015-5154 (Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xe ...)
 	{DSA-3348-1}
 	- qemu 1:2.4+dfsg-1a (bug #793811)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced in 1.3)
@@ -12236,27 +12236,27 @@ CVE-2015-5154
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=cb72cba83021fa42719e73a5249c12096a4d1cfc
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=03441c3a4a42beb25460dd11592539030337d0f8
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ce560dcf20c14194db5ef3b9fc1ea592d4e68109 (v1.3.0-rc0)
-CVE-2015-5153
+CVE-2015-5153 (Pulp does not remove permissions for named objects upon deletion, whic ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2015-5152
+CVE-2015-5152 (Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests ...)
 	- foreman <itp> (bug #663101)
-CVE-2015-5151
+CVE-2015-5151 (Cross-site scripting (XSS) vulnerability in the Slider Revolution (rev ...)
 	NOT-FOR-US: Slider Revolution (revslider) plugin for WordPress
-CVE-2015-5150
+CVE-2015-5150 (Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngi ...)
 	NOT-FOR-US: Zoho ManageEngine SupportCenter Plus
-CVE-2015-5149
+CVE-2015-5149 (Directory traversal vulnerability in Zoho ManageEngine SupportCenter P ...)
 	NOT-FOR-US: Zoho ManageEngine SupportCenter Plus
-CVE-2015-5148
+CVE-2015-5148 (SQL injection vulnerability in LivelyCart 1.2.0 allows remote attacker ...)
 	NOT-FOR-US: LivelyCart
-CVE-2015-5145
+CVE-2015-5145 (validators.URLValidator in Django 1.8.x before 1.8.3 allows remote att ...)
 	- python-django <not-affected> (Vulnerable code not present)
 	NOTE: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
-CVE-2015-5144
+CVE-2015-5144 (Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8 ...)
 	{DSA-3305-1 DLA-272-1}
 	- python-django 1.7.9-1
 	NOTE: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5144 has split out patches
-CVE-2015-5143
+CVE-2015-5143 (The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7 ...)
 	{DSA-3305-1 DLA-272-1}
 	- python-django 1.7.9-1
 	NOTE: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
@@ -12276,150 +12276,150 @@ CVE-2015-5136
 	RESERVED
 CVE-2015-5135
 	RESERVED
-CVE-2015-5134
+CVE-2015-5134 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5133
+CVE-2015-5133 (Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5132
+CVE-2015-5132 (Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5131
+CVE-2015-5131 (Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5130
+CVE-2015-5130 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5129
+CVE-2015-5129 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on  ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-5128
 	REJECTED
-CVE-2015-5127
+CVE-2015-5127 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 o ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-5126
 	REJECTED
-CVE-2015-5125
+CVE-2015-5125 (Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5124
+CVE-2015-5124 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5123
+CVE-2015-5123 (Use-after-free vulnerability in the BitmapData class in the ActionScri ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5122
+CVE-2015-5122 (Use-after-free vulnerability in the DisplayObject class in the ActionS ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5121
+CVE-2015-5121 (Adobe Shockwave Player before 12.1.9.159 allows attackers to execute a ...)
 	NOT-FOR-US: Shockwave
-CVE-2015-5120
+CVE-2015-5120 (Adobe Shockwave Player before 12.1.9.159 allows attackers to execute a ...)
 	NOT-FOR-US: Shockwave
-CVE-2015-5119
+CVE-2015-5119 (Use-after-free vulnerability in the ByteArray class in the ActionScrip ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5118
+CVE-2015-5118 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5117
+CVE-2015-5117 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5116
+CVE-2015-5116 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-5115
+CVE-2015-5115 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5114
+CVE-2015-5114 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5113
+CVE-2015-5113 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2015-5112
 	REJECTED
-CVE-2015-5111
+CVE-2015-5111 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5110
+CVE-2015-5110 (Stack-based buffer overflow in Adobe Reader and Acrobat 10.x before 10 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5109
+CVE-2015-5109 (Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5108
+CVE-2015-5108 (Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5107
+CVE-2015-5107 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5106
+CVE-2015-5106 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5105
+CVE-2015-5105 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5104
+CVE-2015-5104 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5103
+CVE-2015-5103 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5102
+CVE-2015-5102 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5101
+CVE-2015-5101 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5100
+CVE-2015-5100 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5099
+CVE-2015-5099 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5098
+CVE-2015-5098 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5097
+CVE-2015-5097 (Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5096
+CVE-2015-5096 (Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10. ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5095
+CVE-2015-5095 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5094
+CVE-2015-5094 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5093
+CVE-2015-5093 (Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5092
+CVE-2015-5092 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5091
+CVE-2015-5091 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5090
+CVE-2015-5090 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5089
+CVE-2015-5089 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5088
+CVE-2015-5088 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5087
+CVE-2015-5087 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5086
+CVE-2015-5086 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5085
+CVE-2015-5085 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-5084
+CVE-2015-5084 (The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite application ...)
 	NOT-FOR-US: Siemens
 CVE-2015-5083
 	RESERVED
-CVE-2015-5082
+CVE-2015-5082 (Endian Firewall before 3.0 allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: Endian Firewall
-CVE-2015-5080
+CVE-2015-5080 (The Management Interface in Citrix NetScaler Application Delivery Cont ...)
 	NOT-FOR-US: Citrix
-CVE-2015-5079
+CVE-2015-5079 (Directory traversal vulnerability in widgets/logs.php in BlackCat CMS  ...)
 	NOT-FOR-US: BlackCat CMS
-CVE-2015-5078
+CVE-2015-5078 (SQL injection vulnerability in the insert function in application/cont ...)
 	- limesurvey <itp> (bug #472802)
 CVE-2015-5077
 	RESERVED
-CVE-2015-5076
+CVE-2015-5076 (Multiple cross-site scripting (XSS) vulnerabilities in X2Engine X2CRM  ...)
 	NOT-FOR-US: X2Engine
-CVE-2015-5075
+CVE-2015-5075 (Cross-site request forgery (CSRF) vulnerability in X2Engine X2CRM befo ...)
 	NOT-FOR-US: X2Engine
-CVE-2015-5074
+CVE-2015-5074 (Incomplete blacklist vulnerability in the FileUploadsFilter class in p ...)
 	NOT-FOR-US: X2Engine
 CVE-2015-5072
 	RESERVED
 CVE-2015-5071
 	RESERVED
-CVE-2015-5146
+CVE-2015-5146 (ntpd in ntp before 4.2.8p3 with remote configuration enabled allows re ...)
 	{DSA-3388-1 DLA-335-1}
 	- ntp 1:4.2.8p3+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	[squeeze] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi
-CVE-2015-5352
+CVE-2015-5352 (The x11_open_helper function in channels.c in ssh in OpenSSH before 6. ...)
 	{DLA-1500-1 DLA-288-1}
 	- openssh 1:6.9p1-1 (bug #790798)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/01/7
 	NOTE: https://anongit.mindrot.org/openssh.git/commit/?h=V_6_9&id=1bf477d3cdf1a864646d59820878783d42357a1d
-CVE-2015-5147
+CVE-2015-5147 (Stack-based buffer overflow in the header_anchor function in the HTML  ...)
 	- ruby-redcarpet <not-affected> (Affects v3.3.0 - v3.3.1)
 	NOTE: https://github.com/vmg/redcarpet/commit/2cee777c1e5babe8a1e2683d31ea75cc4afe55fb
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/29/3
-CVE-2015-5081
+CVE-2015-5081 (Cross-site request forgery (CSRF) vulnerability in django CMS before 3 ...)
 	- python-django-cms <itp> (bug #516183)
-CVE-2015-5073
+CVE-2015-5073 (Heap-based buffer overflow in the find_fixedlength function in pcre_co ...)
 	- pcre3 2:8.35-7 (bug #790000)
 	[jessie] - pcre3 2:8.35-3.3+deb8u1
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
@@ -12428,43 +12428,43 @@ CVE-2015-5073
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1571 (8.38)
 	NOTE: Introduced in http://vcs.pcre.org/pcre?view=revision&revision=454 (8.00)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/26/1
-CVE-2015-5068
+CVE-2015-5068 (XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allow ...)
 	NOT-FOR-US: SAP
-CVE-2015-5067
+CVE-2015-5067 (The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetW ...)
 	NOT-FOR-US: SAP
-CVE-2015-5066
+CVE-2015-5066 (Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix  ...)
 	NOT-FOR-US: MetalGenix GeniXCMS
-CVE-2015-5065
+CVE-2015-5065 (Absolute path traversal vulnerability in proxy.php in the google curre ...)
 	NOT-FOR-US: Paypal Currency Converter Basic For WooCommerce plugin for WordPress
-CVE-2015-5064
+CVE-2015-5064 (Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite Admi ...)
 	NOT-FOR-US: MySql Lite Administrator
-CVE-2015-5063
+CVE-2015-5063 (Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CM ...)
 	- silverstripe <itp> (bug #528461)
-CVE-2015-5062
+CVE-2015-5062 (Open redirect vulnerability in SilverStripe CMS &amp; Framework 3.1.13 ...)
 	- silverstripe <itp> (bug #528461)
-CVE-2015-5061
+CVE-2015-5061 (Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExp ...)
 	NOT-FOR-US: Zoho ManageEngine AssetExplorer
-CVE-2015-5060
+CVE-2015-5060 (Cross-site scripting (XSS) vulnerability in anchor-cms before 0.9-dev. ...)
 	NOT-FOR-US: anchor-cms
-CVE-2015-5058
+CVE-2015-5058 (Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2015-5056
 	RESERVED
 CVE-2015-5055
 	RESERVED
-CVE-2015-5054
+CVE-2015-5054 (Open redirect vulnerability in Ellucian (formerly SunGard) Banner Stud ...)
 	NOT-FOR-US: Ellucian (formerly SunGard) Banner Student
-CVE-2015-5053
+CVE-2015-5053 (The host memory mapping path feature in the NVIDIA GPU graphics driver ...)
 	- nvidia-graphics-drivers 352.41-1
 	[jessie] - nvidia-graphics-drivers <not-affected> (Only affects R352 and R346 Linux branches)
 	[wheezy] - nvidia-graphics-drivers <not-affected> (Only affects R352 and R346 Linux branches)
-CVE-2015-5052
+CVE-2015-5052 (SQL injection vulnerability in Sefrengo before 1.6.5 beta2. ...)
 	NOT-FOR-US: Sefrengo
-CVE-2015-5051
+CVE-2015-5051 (IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6. ...)
 	NOT-FOR-US: IBM
-CVE-2015-5050
+CVE-2015-5050 (Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contra ...)
 	NOT-FOR-US: IBM
-CVE-2015-5049
+CVE-2015-5049 (SQL injection vulnerability in the API in IBM OpenPages GRC Platform 7 ...)
 	NOT-FOR-US: IBM
 CVE-2015-5048
 	RESERVED
@@ -12472,27 +12472,27 @@ CVE-2015-5047
 	RESERVED
 CVE-2015-5046
 	RESERVED
-CVE-2015-5045
+CVE-2015-5045 (The Administration and Reporting tool in IBM Rational License Key Serv ...)
 	NOT-FOR-US: IBM
-CVE-2015-5044
+CVE-2015-5044 (The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 P ...)
 	NOT-FOR-US: IBM QRadar
-CVE-2015-5043
+CVE-2015-5043 (diag in IBM Security Guardium 8.2 before p6015, 9.0 before p6015, 9.1, ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2015-5042
+CVE-2015-5042 (IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0 ...)
 	NOT-FOR-US: IBM
-CVE-2015-5041
+CVE-2015-5041 (The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R ...)
 	NOT-FOR-US: IBM JDK
-CVE-2015-5040
+CVE-2015-5040 (Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF1 ...)
 	NOT-FOR-US: IBM Domino
-CVE-2015-5039
+CVE-2015-5039 (The Remote Client and change management integrations in IBM Rational C ...)
 	NOT-FOR-US: IBM
-CVE-2015-5038
+CVE-2015-5038 (IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5 ...)
 	NOT-FOR-US: IBM
-CVE-2015-5037
+CVE-2015-5037 (Cross-site request forgery (CSRF) vulnerability in IBM Connections 3.x ...)
 	NOT-FOR-US: IBM
-CVE-2015-5036
+CVE-2015-5036 (Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before ...)
 	NOT-FOR-US: IBM
-CVE-2015-5035
+CVE-2015-5035 (Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before ...)
 	NOT-FOR-US: IBM
 CVE-2015-5034
 	RESERVED
@@ -12514,81 +12514,81 @@ CVE-2015-5026
 	RESERVED
 CVE-2015-5025
 	RESERVED
-CVE-2015-5024
+CVE-2015-5024 (IBM Emptoris Sourcing 10.0.2.0 before iFix6, 10.0.2.2 before iFix11, 1 ...)
 	NOT-FOR-US: IBM
-CVE-2015-5023
+CVE-2015-5023 (SQL injection vulnerability in IBM Curam Social Program Management 6.1 ...)
 	NOT-FOR-US: IBM
-CVE-2015-5022
+CVE-2015-5022 (IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B A ...)
 	NOT-FOR-US: IBM
-CVE-2015-5021
+CVE-2015-5021 (IBM InfoSphere Information Server 11.3 and 11.5 allows remote authenti ...)
 	NOT-FOR-US: IBM
-CVE-2015-5020
+CVE-2015-5020 (The Big SQL component in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0. ...)
 	NOT-FOR-US: IBM
-CVE-2015-5019
+CVE-2015-5019 (IBM Sterling Integrator 5.1 before 5010004_8 and Sterling B2B Integrat ...)
 	NOT-FOR-US: IBM
-CVE-2015-5018
+CVE-2015-5018 (IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8 ...)
 	NOT-FOR-US: IBM
-CVE-2015-5017
+CVE-2015-5017 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
 	NOT-FOR-US: IBM
-CVE-2015-5016
+CVE-2015-5016 (IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2015-5015
+CVE-2015-5015 (IBM WebSphere Commerce Enterprise 7.0.0.9 and 8.x before Feature Pack  ...)
 	NOT-FOR-US: IBM
-CVE-2015-5014
+CVE-2015-5014 (IBM Cognos Disclosure Management (CDM) 10.1.x and 10.2.x before 10.2.4 ...)
 	NOT-FOR-US: IBM
-CVE-2015-5013
+CVE-2015-5013 (The IBM Security Access Manager appliance includes configuration files ...)
 	NOT-FOR-US: IBM
-CVE-2015-5012
+CVE-2015-5012 (The SSH implementation on IBM Security Access Manager for Web applianc ...)
 	NOT-FOR-US: IBM
-CVE-2015-5011
+CVE-2015-5011 (IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration Bus 9 be ...)
 	NOT-FOR-US: IBM
-CVE-2015-5010
+CVE-2015-5010 (IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before  ...)
 	NOT-FOR-US: IBM
-CVE-2015-5009
+CVE-2015-5009 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 ...)
 	NOT-FOR-US: IBM
-CVE-2015-5008
+CVE-2015-5008 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 ...)
 	NOT-FOR-US: IBM
-CVE-2015-5007
+CVE-2015-5007 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Comme ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-5006
+CVE-2015-5006 (IBM Java Security Components in IBM SDK, Java Technology Edition 8 bef ...)
 	NOT-FOR-US: IBM JDK
-CVE-2015-5005
+CVE-2015-5005 (CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote aut ...)
 	NOT-FOR-US: IBM
-CVE-2015-5004
+CVE-2015-5004 (The Edge Component Caching Proxy in IBM WebSphere Application Server ( ...)
 	NOT-FOR-US: IBM
-CVE-2015-5003
+CVE-2015-5003 (The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 thr ...)
 	NOT-FOR-US: IBM Tivoli Monitoring
-CVE-2015-5002
+CVE-2015-5002 (Cross-site scripting (XSS) vulnerability in IBM Host On-Demand 11.0 th ...)
 	NOT-FOR-US: IBM
-CVE-2015-5001
+CVE-2015-5001 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2015-5000
 	RESERVED
 CVE-2015-4999
 	RESERVED
-CVE-2015-4998
+CVE-2015-4998 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2015-4997
+CVE-2015-4997 (IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to bypa ...)
 	NOT-FOR-US: IBM
-CVE-2015-4996
+CVE-2015-4996 (IBM Rational ClearQuest 7.1.x and 8.0.0.x before 8.0.0.17 and 8.0.1.x  ...)
 	NOT-FOR-US: IBM Rational ClearQuest
 CVE-2015-4995
 	RESERVED
-CVE-2015-4994
+CVE-2015-4994 (Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF1 ...)
 	NOT-FOR-US: IBM
-CVE-2015-4993
+CVE-2015-4993 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-4992
+CVE-2015-4992 (IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authent ...)
 	NOT-FOR-US: IBM
-CVE-2015-4991
+CVE-2015-4991 (IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 thro ...)
 	NOT-FOR-US: IBM
-CVE-2015-4990
+CVE-2015-4990 (The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 b ...)
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2015-4989
+CVE-2015-4989 (The portal in IBM Tealeaf Customer Experience before 8.7.1.8814, 8.8 b ...)
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2015-4988
+CVE-2015-4988 (Directory traversal vulnerability in the replay server in IBM Tealeaf  ...)
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2015-4987
+CVE-2015-4987 (The search and replay servers in IBM Tealeaf Customer Experience 8.0 t ...)
 	NOT-FOR-US: IBM Tealeaf Customer Experience
 CVE-2015-4986
 	RESERVED
@@ -12600,9 +12600,9 @@ CVE-2015-4983
 	RESERVED
 CVE-2015-4982
 	RESERVED
-CVE-2015-4981
+CVE-2015-4981 (IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1. ...)
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2015-4980
+CVE-2015-4980 (Unspecified vulnerability in IBM WebSphere Commerce 7.0.0.6 through 7. ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2015-4979
 	RESERVED
@@ -12614,13 +12614,13 @@ CVE-2015-4976
 	RESERVED
 CVE-2015-4975
 	RESERVED
-CVE-2015-4974
+CVE-2015-4974 (IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1. ...)
 	NOT-FOR-US: IBM
-CVE-2015-4973
+CVE-2015-4973 (Cross-site scripting (XSS) vulnerability in IBM Multi-Enterprise Integ ...)
 	NOT-FOR-US: IBM
 CVE-2015-4972
 	RESERVED
-CVE-2015-4971
+CVE-2015-4971 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Strategic Sup ...)
 	NOT-FOR-US: IBM
 CVE-2015-4970
 	RESERVED
@@ -12628,301 +12628,301 @@ CVE-2015-4969
 	RESERVED
 CVE-2015-4968
 	REJECTED
-CVE-2015-4967
+CVE-2015-4967 (SQL injection vulnerability in IBM Maximo Asset Management 7.1 through ...)
 	NOT-FOR-US: IBM
-CVE-2015-4966
+CVE-2015-4966 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 ...)
 	NOT-FOR-US: IBM
-CVE-2015-4965
+CVE-2015-4965 (maximouiweb/webmodule/webclient/utility/merlin.jsp in IBM Maximo Asset ...)
 	NOT-FOR-US: IBM
-CVE-2015-4964
+CVE-2015-4964 (IBM UrbanCode Deploy 6.0 and 6.0.1.x before 6.0.1.10, 6.1.1.x before 6 ...)
 	NOT-FOR-US: IBM
-CVE-2015-4963
+CVE-2015-4963 (IBM Security Access Manager for Web 7.x before 7.0.0.16 and 8.x before ...)
 	NOT-FOR-US: IBM
-CVE-2015-4962
+CVE-2015-4962 (Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Life ...)
 	NOT-FOR-US: IBM
-CVE-2015-4961
+CVE-2015-4961 (IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x befo ...)
 	NOT-FOR-US: IBM
-CVE-2015-4960
+CVE-2015-4960 (IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10. ...)
 	NOT-FOR-US: IBM InfoSphere Master Data Management
-CVE-2015-4959
+CVE-2015-4959 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Ident ...)
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2015-4958
+CVE-2015-4958 (IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10. ...)
 	NOT-FOR-US: IBM InfoSphere Master Data Management
-CVE-2015-4957
+CVE-2015-4957 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Security ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2015-4956
+CVE-2015-4956 (The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 a ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2015-4955
+CVE-2015-4955 (Cross-site scripting (XSS) vulnerability in IBM Business Process Manag ...)
 	NOT-FOR-US: IBM
-CVE-2015-4954
+CVE-2015-4954 (IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF ...)
 	NOT-FOR-US: IBM
-CVE-2015-4953
+CVE-2015-4953 (IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF ...)
 	NOT-FOR-US: IBM
-CVE-2015-4952
+CVE-2015-4952 (The on-demand plugin in IBM Endpoint Manager for Remote Control 9.0.1  ...)
 	NOT-FOR-US: IBM
-CVE-2015-4951
+CVE-2015-4951 (Client Acceptor Daemon (CAD) in the client in IBM Spectrum Protect (fo ...)
 	NOT-FOR-US: IBM Spectrum Protect
-CVE-2015-4950
+CVE-2015-4950 (The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: Da ...)
 	NOT-FOR-US: IBM
-CVE-2015-4949
+CVE-2015-4949 (IBM Tivoli Storage Manager for Databases: Data Protection for Microsof ...)
 	NOT-FOR-US: IBM
-CVE-2015-4948
+CVE-2015-4948 (netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre chan ...)
 	NOT-FOR-US: IBM
-CVE-2015-4947
+CVE-2015-4947 (Stack-based buffer overflow in the Administration Server in IBM HTTP S ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-4946
+CVE-2015-4946 (Rational LifeCycle Project Administration in Jazz Team Server in IBM R ...)
 	NOT-FOR-US: IBM
-CVE-2015-4945
+CVE-2015-4945 (Unspecified vulnerability in the IBM Maximo Anywhere application 7.5.1 ...)
 	NOT-FOR-US: IBM
-CVE-2015-4944
+CVE-2015-4944 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM
-CVE-2015-4943
+CVE-2015-4943 (IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to cau ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-4942
+CVE-2015-4942 (IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to cau ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-4941
+CVE-2015-4941 (IBM WebSphere MQ Light 1.x before 1.0.2 mishandles abbreviated TLS han ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-4940
+CVE-2015-4940 (Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x be ...)
 	NOT-FOR-US: IBM
-CVE-2015-4939
+CVE-2015-4939 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Supplier Life ...)
 	NOT-FOR-US: IBM
-CVE-2015-4938
+CVE-2015-4938 (IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before 8.0 ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2015-4937
 	RESERVED
-CVE-2015-4936
+CVE-2015-4936 (Unspecified vulnerability in IBM WebSphere eXtreme Scale 8.6 through 8 ...)
 	NOT-FOR-US: IBM
-CVE-2015-4935
+CVE-2015-4935 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-4934
+CVE-2015-4934 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-4933
+CVE-2015-4933 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-4932
+CVE-2015-4932 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-4931
+CVE-2015-4931 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-4930
+CVE-2015-4930 (IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Pa ...)
 	NOT-FOR-US: IBM QRadar SIEM
-CVE-2015-4929
+CVE-2015-4929 (IBM License Metric Tool 9 before 9.2.1.0 and Endpoint Manager for Soft ...)
 	NOT-FOR-US: IBM
-CVE-2015-4928
+CVE-2015-4928 (Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x be ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2015-4927
+CVE-2015-4927 (The Reporting and Monitoring component in Tivoli Monitoring in IBM Tiv ...)
 	NOT-FOR-US: IBM
-CVE-2015-4926
+CVE-2015-4926 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4925
+CVE-2015-4925 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4924
+CVE-2015-4924 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4923
+CVE-2015-4923 (Unspecified vulnerability in the XML Developer's Kit for C component i ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4922
+CVE-2015-4922 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4921
+CVE-2015-4921 (Unspecified vulnerability in the Database Vault component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4920
+CVE-2015-4920 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4919
+CVE-2015-4919 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools compon ...)
 	NOT-FOR-US: Oracle
 CVE-2015-4918
 	REJECTED
-CVE-2015-4917
+CVE-2015-4917 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4916
+CVE-2015-4916 (Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 all ...)
 	- openjfx 8u91-b14-1 (bug #823622)
-CVE-2015-4915
+CVE-2015-4915 (Unspecified vulnerability in the Integrated Lights Out Manager (ILOM)  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4914
+CVE-2015-4914 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4913
+CVE-2015-4913 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier an ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4912
+CVE-2015-4912 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4911
+CVE-2015-4911 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Jav ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4910
+CVE-2015-4910 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier al ...)
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4909
+CVE-2015-4909 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4908
+CVE-2015-4908 (Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 all ...)
 	- openjfx 8u91-b14-1 (bug #823622)
-CVE-2015-4907
+CVE-2015-4907 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4906
+CVE-2015-4906 (Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 all ...)
 	- openjfx 8u91-b14-1 (bug #823622)
-CVE-2015-4905
+CVE-2015-4905 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4904
+CVE-2015-4904 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier al ...)
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4903
+CVE-2015-4903 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4902
+CVE-2015-4902 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allo ...)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-4901
+CVE-2015-4901 (Unspecified vulnerability in Oracle Java SE 8u60 allows remote attacke ...)
 	- openjfx 8u91-b14-1 (bug #823622)
-CVE-2015-4900
+CVE-2015-4900 (Unspecified vulnerability in the XDB - XML Database component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4899
+CVE-2015-4899 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2015-4898
+CVE-2015-4898 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle
 CVE-2015-4897
 	REJECTED
-CVE-2015-4896
+CVE-2015-4896 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DSA-3384-1}
 	- virtualbox 5.0.8-dfsg-1
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <end-of-life> (No longer supported in Squeeze LTS)
-CVE-2015-4895
+CVE-2015-4895 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier al ...)
 	{DSA-3385-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mariadb-10.0 10.0.21-3
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4894
+CVE-2015-4894 (Unspecified vulnerability in the Mobile Server component in Oracle Dat ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4893
+CVE-2015-4893 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Jav ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4892
+CVE-2015-4892 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4891
+CVE-2015-4891 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4890
+CVE-2015-4890 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier al ...)
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
 CVE-2015-4889
 	REJECTED
-CVE-2015-4888
+CVE-2015-4888 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4887
+CVE-2015-4887 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4886
+CVE-2015-4886 (Unspecified vulnerability in the Oracle Report Manager component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4885
+CVE-2015-4885 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4884
+CVE-2015-4884 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4883
+CVE-2015-4883 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4882
+CVE-2015-4882 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4881
+CVE-2015-4881 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4880
+CVE-2015-4880 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4879
+CVE-2015-4879 (Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, a ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.21-3
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4878
+CVE-2015-4878 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4877
+CVE-2015-4877 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4876
+CVE-2015-4876 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4875
+CVE-2015-4875 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4874
+CVE-2015-4874 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4873
+CVE-2015-4873 (Unspecified vulnerability in the Database Scheduler component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4872
+CVE-2015-4872 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Jav ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4871
+CVE-2015-4871 (Unspecified vulnerability in Oracle Java SE 7u85 allows remote attacke ...)
 	{DSA-3401-1}
 	- openjdk-7 7u91-2.6.3-1
-CVE-2015-4870
+CVE-2015-4870 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, a ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4869
+CVE-2015-4869 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows loc ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4868
+CVE-2015-4868 (Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded  ...)
 	- openjdk-8 8u66-b17-1
-CVE-2015-4867
+CVE-2015-4867 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4866
+CVE-2015-4866 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mariadb-10.0 10.0.19-1
 	[jessie] - mariadb-10.0 10.0.20-0+deb8u1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
 	NOTE: MariaDB: fixed in 10.0.18
-CVE-2015-4865
+CVE-2015-4865 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4864
+CVE-2015-4864 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier an ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed>
 	[jessie] - mysql-5.5 5.5.44-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.44-0+deb7u1
 	[squeeze] - mysql-5.5 5.5.46-0+deb6u1
-CVE-2015-4863
+CVE-2015-4863 (Unspecified vulnerability in the Portable Clusterware component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4862
+CVE-2015-4862 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier al ...)
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4861
+CVE-2015-4861 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, a ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4860
+CVE-2015-4860 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4859
+CVE-2015-4859 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4858
+CVE-2015-4858 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, a ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4857
+CVE-2015-4857 (Unspecified vulnerability in the RDBMS component in Oracle Database Se ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4856
+CVE-2015-4856 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox 5.0.0-dfsg-1
 	[jessie] - virtualbox 4.3.30-dfsg-1+deb8u1
 	[wheezy] - virtualbox 4.1.40-dfsg-1+deb7u1
@@ -12930,27 +12930,27 @@ CVE-2015-4856
 	[squeeze] - virtualbox-ose <end-of-life> (No longer supported in Squeeze LTS)
 CVE-2015-4855
 	REJECTED
-CVE-2015-4854
+CVE-2015-4854 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
 CVE-2015-4853
 	REJECTED
-CVE-2015-4852
+CVE-2015-4852 (The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2. ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4851
+CVE-2015-4851 (Unspecified vulnerability in the Oracle iSupplier Portal component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4850
+CVE-2015-4850 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4849
+CVE-2015-4849 (Unspecified vulnerability in the Oracle Payments component in Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4848
+CVE-2015-4848 (Unspecified vulnerability in the Oracle Configurator component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4847
+CVE-2015-4847 (Unspecified vulnerability in the Oracle Configurator component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4846
+CVE-2015-4846 (Unspecified vulnerability in the Oracle Applications Manager component ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4845
+CVE-2015-4845 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4844
+CVE-2015-4844 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	{DSA-3725-1 DSA-3465-1 DSA-3381-1 DLA-545-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
@@ -12963,50 +12963,50 @@ CVE-2015-4844
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1273318
 	NOTE: see also CVE-2016-0494, introduced in through the fix for this CVE.
 	NOTE: Upstream commit for OpenJDK: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/dbb4e2bdfa9e
-CVE-2015-4843
+CVE-2015-4843 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4842
+CVE-2015-4842 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4841
+CVE-2015-4841 (Unspecified vulnerability in the Siebel Core - Server Framework compon ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2015-4840
+CVE-2015-4840 (Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE ...)
 	{DSA-3381-1}
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4839
+CVE-2015-4839 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4838
+CVE-2015-4838 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4837
+CVE-2015-4837 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4836
+CVE-2015-4836 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, a ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4835
+CVE-2015-4835 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4834
+CVE-2015-4834 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4833
+CVE-2015-4833 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier al ...)
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4832
+CVE-2015-4832 (Unspecified vulnerability in the Oracle Identity Manager component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4831
+CVE-2015-4831 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4830
+CVE-2015-4830 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier an ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
@@ -13014,45 +13014,45 @@ CVE-2015-4830
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
 CVE-2015-4829
 	REJECTED
-CVE-2015-4828
+CVE-2015-4828 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4827
+CVE-2015-4827 (Unspecified vulnerability in the Oracle Retail Open Commerce Platform  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4826
+CVE-2015-4826 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier an ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4825
+CVE-2015-4825 (Unspecified vulnerability in the PeopleSoft Enterprise FIN Expenses co ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4824
+CVE-2015-4824 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4823
+CVE-2015-4823 (Unspecified vulnerability in the Hyperion Installation Technology comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4822
+CVE-2015-4822 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4821
+CVE-2015-4821 (Unspecified vulnerability in the Integrated Lights Out Manager (ILOM)  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4820
+CVE-2015-4820 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4819
+CVE-2015-4819 (Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, a ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.21-3
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4818
+CVE-2015-4818 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2015-4817
+CVE-2015-4817 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4816
+CVE-2015-4816 (Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier al ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.21-3
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4815
+CVE-2015-4815 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier an ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
@@ -13060,153 +13060,153 @@ CVE-2015-4815
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
 CVE-2015-4814
 	REJECTED
-CVE-2015-4813
+CVE-2015-4813 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DSA-3384-1}
 	- virtualbox 5.0.8-dfsg-1
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <end-of-life> (No longer supported in Squeeze LTS)
-CVE-2015-4812
+CVE-2015-4812 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2015-4811
+CVE-2015-4811 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2015-4810
+CVE-2015-4810 (Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local ...)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-4809
+CVE-2015-4809 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2015-4808
+CVE-2015-4808 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2015-4807
+CVE-2015-4807 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier an ...)
 	- mysql-5.6 <not-affected> (Only on Windows plattform)
 	- mysql-5.5 <not-affected> (Only on Windows plattform)
 	- mariadb-10.0 <not-affected> (Only on Windows plattform)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4806
+CVE-2015-4806 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4805
+CVE-2015-4805 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4804
+CVE-2015-4804 (Unspecified vulnerability in the PeopleSoft Enterprise HCM Talent Acqu ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2015-4803
+CVE-2015-4803 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Jav ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4802
+CVE-2015-4802 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier an ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4801
+CVE-2015-4801 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4800
+CVE-2015-4800 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier al ...)
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4799
+CVE-2015-4799 (Unspecified vulnerability in the Oracle WebCenter Sites component in O ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2015-4798
+CVE-2015-4798 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2015-4797
+CVE-2015-4797 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2015-4796
+CVE-2015-4796 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-4795
+CVE-2015-4795 (Unspecified vulnerability in the Oracle Utilities Work and Asset Manag ...)
 	NOT-FOR-US: Oracle Industry Applications
-CVE-2015-4794
+CVE-2015-4794 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-4793
+CVE-2015-4793 (Unspecified vulnerability in the Oracle Communications Convergence com ...)
 	NOT-FOR-US: Oracle Communications Applications
-CVE-2015-4792
+CVE-2015-4792 (Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier an ...)
 	{DSA-3385-1 DSA-3377-1 DLA-359-1}
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <removed> (bug #802564)
 	- mariadb-10.0 10.0.22-1 (bug #802874)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4791
+CVE-2015-4791 (Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier al ...)
 	- mysql-5.6 <not-affected> (Only on Windows plattform)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4790
+CVE-2015-4790 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4789
+CVE-2015-4789 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4788
+CVE-2015-4788 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4787
+CVE-2015-4787 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4786
+CVE-2015-4786 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4785
+CVE-2015-4785 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4784
+CVE-2015-4784 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4783
+CVE-2015-4783 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4782
+CVE-2015-4782 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4781
+CVE-2015-4781 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4780
+CVE-2015-4780 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4779
+CVE-2015-4779 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4778
+CVE-2015-4778 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4777
+CVE-2015-4777 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4776
+CVE-2015-4776 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4775
+CVE-2015-4775 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4774
+CVE-2015-4774 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4773
+CVE-2015-4773 (Unspecified vulnerability in the Hyperion Common Security component in ...)
 	NOT-FOR-US: Oracle Hyperion
-CVE-2015-4772
+CVE-2015-4772 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4771
+CVE-2015-4771 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4770
+CVE-2015-4770 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows loc ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-4769
+CVE-2015-4769 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4768
+CVE-2015-4768 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracal Supply Chain
-CVE-2015-4767
+CVE-2015-4767 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4766
+CVE-2015-4766 (Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier al ...)
 	- mysql-5.6 5.6.27-1 (bug #802563)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4765
+CVE-2015-4765 (Unspecified vulnerability in the Oracle Applications Manager component ...)
 	NOT-FOR-US: Oracle Applications Manager
-CVE-2015-4764
+CVE-2015-4764 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4763
+CVE-2015-4763 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-4762
+CVE-2015-4762 (Unspecified vulnerability in the Oracle Applications DBA component in  ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2015-4761
+CVE-2015-4761 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4760
+CVE-2015-4760 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allow ...)
 	{DSA-3339-1 DSA-3323-1 DSA-3316-1 DLA-303-1 DLA-283-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -13215,11 +13215,11 @@ CVE-2015-4760
 	- icu 52.1-10
 	NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/3f9845510b47
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-4759
+CVE-2015-4759 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-4758
+CVE-2015-4758 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-4757
+CVE-2015-4757 (Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier an ...)
 	{DSA-3311-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 5.5.43-0+deb8u1
@@ -13228,27 +13228,27 @@ CVE-2015-4757
 	[wheezy] - mysql-5.5 5.5.43-0+deb7u1
 	- mariadb-10.0 10.0.19-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4756
+CVE-2015-4756 (Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4755
+CVE-2015-4755 (Unspecified vulnerability in the RDBMS Security component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-4754
+CVE-2015-4754 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-4753
+CVE-2015-4753 (Unspecified vulnerability in the RDBMS Support Tools component in Orac ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-4752
+CVE-2015-4752 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier an ...)
 	{DSA-3311-1 DSA-3308-1 DLA-359-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed> (bug #792445)
 	- mariadb-10.0 10.0.20-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-4751
+CVE-2015-4751 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-4750
+CVE-2015-4750 (Unspecified vulnerability in the Oracle VM Server for SPARC component  ...)
 	NOT-FOR-US: Oracle VM Server
-CVE-2015-4749
+CVE-2015-4749 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRoc ...)
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -13256,7 +13256,7 @@ CVE-2015-4749
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client and server deployment of Java."
-CVE-2015-4748
+CVE-2015-4748 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRoc ...)
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -13264,27 +13264,27 @@ CVE-2015-4748
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client and server deployment of Java."
-CVE-2015-4747
+CVE-2015-4747 (Unspecified vulnerability in the Oracle Event Processing component in  ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-4746
+CVE-2015-4746 (Unspecified vulnerability in the Oracle Agile Product Lifecycle Manage ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-4745
+CVE-2015-4745 (Unspecified vulnerability in the Oracle Endeca Information Discovery S ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-4744
+CVE-2015-4744 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2015-4743
+CVE-2015-4743 (Unspecified vulnerability in the Oracle Applications DBA component in  ...)
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-4742
+CVE-2015-4742 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-4741
+CVE-2015-4741 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-4740
+CVE-2015-4740 (Unspecified vulnerability in the RDBMS Partitioning component in Oracl ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-4739
+CVE-2015-4739 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-4738
+CVE-2015-4738 (Unspecified vulnerability in the PeopleSoft Enterprise HCM Candidate G ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2015-4737
+CVE-2015-4737 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, a ...)
 	{DSA-3308-1 DLA-359-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed> (bug #792445)
@@ -13295,17 +13295,17 @@ CVE-2015-4737
 	NOTE: https://mariadb.atlassian.net/browse/MDEV-8269
 	NOTE: Marked as not-affected for MariaDB since Oracle has given no evidence of
 	NOTE: affecting MariaDB to their developers.
-CVE-2015-4736
+CVE-2015-4736 (Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remot ...)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-4735
+CVE-2015-4735 (Unspecified vulnerability in the Enterprise Manager for Oracle Databas ...)
 	NOT-FOR-US: Oracle Database
-CVE-2015-4734
+CVE-2015-4734 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and  ...)
 	{DSA-3465-1 DSA-3381-1 DLA-346-1}
 	- openjdk-6 <removed>
 	- openjdk-7 7u85-2.6.1-6
 	- openjdk-8 8u66-b17-1
-CVE-2015-4733
+CVE-2015-4733 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and  ...)
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -13313,7 +13313,7 @@ CVE-2015-4733
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-4732
+CVE-2015-4732 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and  ...)
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -13321,7 +13321,7 @@ CVE-2015-4732
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-4731
+CVE-2015-4731 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java ...)
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -13329,44 +13329,44 @@ CVE-2015-4731
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-4730
+CVE-2015-4730 (Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows re ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
-CVE-2015-4729
+CVE-2015-4729 (Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remot ...)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-4728
+CVE-2015-4728 (Unspecified vulnerability in the Oracle Sourcing component in Oracle E ...)
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-4727
+CVE-2015-4727 (Unspecified vulnerability in Oracle Virtualization Sun Ray Software be ...)
 	NOT-FOR-US: Oracle Virtulization
-CVE-2015-4726
+CVE-2015-4726 (PHP remote file inclusion vulnerability in ajax/myajaxphp.php in Audio ...)
 	NOT-FOR-US: AudioShare
-CVE-2015-4725
+CVE-2015-4725 (Cross-site scripting (XSS) vulnerability in forgot.php in AudioShare 2 ...)
 	NOT-FOR-US: AudioShare
-CVE-2015-4724
+CVE-2015-4724 (SQL injection vulnerability in Concrete5 5.7.3.1. ...)
 	NOT-FOR-US: Concrete5
 CVE-2015-4723
 	RESERVED
 CVE-2015-4722
 	RESERVED
-CVE-2015-4721
+CVE-2015-4721 (Multiple cross-site scripting (XSS) vulnerabilities in Concrete5 5.7.3 ...)
 	NOT-FOR-US: Concrete5
 CVE-2015-4720
 	REJECTED
 CVE-2015-4719
 	RESERVED
-CVE-2015-4718
+CVE-2015-4718 (The external SMB storage driver in ownCloud Server before 6.0.8, 7.0.x ...)
 	{DSA-3373-1}
 	- owncloud 7.0.6+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-008
 	NOTE: https://github.com/owncloud/core/commit/200e9d949783efbd57f39acedebc03924c1dfff4
-CVE-2015-4717
+CVE-2015-4717 (The filename sanitization component in ownCloud Server before 6.0.8, 7 ...)
 	{DSA-3373-1}
 	- owncloud 7.0.6+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-007
 	NOTE: https://github.com/owncloud/core/commit/5fa749cd9656ca6eab30bac0ef4e7625b8a8be2e
-CVE-2015-4716
+CVE-2015-4716 (Directory traversal vulnerability in the routing component in ownCloud ...)
 	{DSA-3373-1}
 	- owncloud 7.0.6+dfsg-1 (unimportant)
 	NOTE: Specific to installations on Windows
@@ -13377,9 +13377,9 @@ CVE-2015-4715 [Mounted Dropbox storage allows "Dropbox.com" to access any file]
 	[jessie] - php-dropbox 1.0.0-3+deb8u1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-005
 	NOTE: Only relevant if server runs PHP below 5.6.0
-CVE-2015-4714
+CVE-2015-4714 (Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S allow ...)
 	NOT-FOR-US: DreamBox DM500-S
-CVE-2015-4713
+CVE-2015-4713 (SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote ed ...)
 	NOT-FOR-US: ApPHP Hotel Site
 CVE-2015-4712
 	RESERVED
@@ -13397,13 +13397,13 @@ CVE-2015-4702
 	RESERVED
 CVE-2015-4701
 	RESERVED
-CVE-2015-4699
+CVE-2015-4699 (Cross-site scripting (XSS) vulnerability in the Splash Portal in Cloud ...)
 	NOT-FOR-US: Cloud4Wi
 CVE-2015-4698
 	RESERVED
-CVE-2015-4697
+CVE-2015-4697 (Cross-site request forgery (CSRF) vulnerability in Google Analyticator ...)
 	NOT-FOR-US: WordPress plugin google-analyticator
-CVE-2015-4694
+CVE-2015-4694 (Directory traversal vulnerability in download.php in the Zip Attachmen ...)
 	NOT-FOR-US: Zip Attachments plugin for WordPress
 CVE-2015-4693
 	RESERVED
@@ -13411,35 +13411,35 @@ CVE-2015-4691
 	RESERVED
 CVE-2015-4690
 	RESERVED
-CVE-2015-4689
+CVE-2015-4689 (Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows  ...)
 	NOT-FOR-US: Ellucian (formerly SunGard) Banner Student
-CVE-2015-4688
+CVE-2015-4688 (Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allow r ...)
 	NOT-FOR-US: Ellucian (formerly SunGard) Banner Student
-CVE-2015-4687
+CVE-2015-4687 (Cross-site scripting (XSS) vulnerability in Ellucian (formerly SunGard ...)
 	NOT-FOR-US: Ellucian (formerly SunGard) Banner Student
 CVE-2015-4686
 	RESERVED
-CVE-2015-4685
+CVE-2015-4685 (Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows loc ...)
 	NOT-FOR-US: Polycom RealPresence Resource Manager
-CVE-2015-4684
+CVE-2015-4684 (Multiple directory traversal vulnerabilities in Polycom RealPresence R ...)
 	NOT-FOR-US: Polycom RealPresence Resource Manager
-CVE-2015-4683
+CVE-2015-4683 (Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows att ...)
 	NOT-FOR-US: Polycom RealPresence Resource Manager
-CVE-2015-4682
+CVE-2015-4682 (Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows rem ...)
 	NOT-FOR-US: Polycom RealPresence Resource Manager
-CVE-2015-4681
+CVE-2015-4681 (Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows loc ...)
 	NOT-FOR-US: Polycom RealPresence Resource Manager
-CVE-2015-4679
+CVE-2015-4679 (Multiple cross-site scripting (XSS) vulnerabilities in the web interfa ...)
 	NOT-FOR-US: Airties RT-210
-CVE-2015-4678
+CVE-2015-4678 (SQL injection vulnerability in Persian Car CMS 1.0 allows remote attac ...)
 	NOT-FOR-US: Persian Car CMS
-CVE-2015-4677
+CVE-2015-4677 (Cross-site request forgery (CSRF) vulnerability in FiverrScript (aka F ...)
 	NOT-FOR-US: FiverrScript
-CVE-2015-4676
+CVE-2015-4676 (SQL injection vulnerability in ticket.php in TickFa 1.x allows remote  ...)
 	NOT-FOR-US: TickFa
-CVE-2015-4675
+CVE-2015-4675 (Buffer overflow in the Tiny SRP library (aka TinySRP) allows remote at ...)
 	NOT-FOR-US: Tiny SRP
-CVE-2015-5070
+CVE-2015-5070 (The (1) filesystem::get_wml_location function in filesystem.cpp and (2 ...)
 	{DLA-297-1}
 	[experimental] - wesnoth-1.13 1:1.13.1-1
 	- wesnoth-1.12 1:1.12.4-1
@@ -13448,7 +13448,7 @@ CVE-2015-5070
 	[wheezy] - wesnoth-1.10 1:1.10.3-3+deb7u2
 	- wesnoth-1.8 <removed>
 	NOTE: https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59
-CVE-2015-5069
+CVE-2015-5069 (The (1) filesystem::get_wml_location function in filesystem.cpp and (2 ...)
 	{DLA-297-1}
 	[experimental] - wesnoth-1.13 1:1.13.1-1
 	- wesnoth-1.12 1:1.12.4-1
@@ -13457,41 +13457,41 @@ CVE-2015-5069
 	[wheezy] - wesnoth-1.10 1:1.10.3-3+deb7u2
 	- wesnoth-1.8 <removed>
 	NOTE: https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d
-CVE-2015-5059
+CVE-2015-5059 (The "Project Documentation" feature in MantisBT 1.2.19 and earlier, wh ...)
 	- mantis <removed>
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/f39cf525 (1.2.x)
 	NOTE: https://mantisbt.org/bugs/view.php?id=19873
-CVE-2015-5057
+CVE-2015-5057 (Cross-site scripting (XSS) vulnerability exists in the Wordpress admin ...)
 	NOT-FOR-US: WordPress plugin broken-link-checker
-CVE-2015-4707
+CVE-2015-4707 (Cross-site scripting (XSS) vulnerability in IPython before 3.2 allows  ...)
 	- ipython 2.4.1-1 (bug #789824)
 	[jessie] - ipython <no-dsa> (Minor issue)
 	[wheezy] - ipython <not-affected> (Problematic code introduced in rel-2.0.0)
 	[squeeze] - ipython <not-affected> (Problematic code introduced in rel-2.0.0)
 	NOTE: https://github.com/ipython/ipython/commit/1fcc9943c000ab553ebc029db99ecbd0536960d6
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/22/4
-CVE-2015-4706
+CVE-2015-4706 (Cross-site scripting (XSS) vulnerability in IPython 3.x before 3.2 all ...)
 	- ipython <not-affected> (Only affects 3.x)
-CVE-2015-4704
+CVE-2015-4704 (Directory traversal vulnerability in the Download Zip Attachments plug ...)
 	NOT-FOR-US: WordPress plugin download-zip-attachments
-CVE-2015-4703
+CVE-2015-4703 (Absolute path traversal vulnerability in mysqldump_download.php in the ...)
 	NOT-FOR-US: WordPress plugin wp-instance-rename
-CVE-2015-4700
+CVE-2015-4700 (The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the ...)
 	{DSA-3329-1}
 	- linux 4.0.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in v3.0-rc1)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f7352bf21f8fd7ba3e2fcef9488756f188e12be (v4.1-rc6)
 	NOTE: Introduced in: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a14842f5a3c0e88a1e59fac5c3025db39721f74 (v3.0-rc1)
-CVE-2015-4696
+CVE-2015-4696 (Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers ...)
 	{DSA-3302-1 DLA-257-1}
 	- libwmf 0.2.8.4-10.4 (bug #784192)
-CVE-2015-4695
+CVE-2015-4695 (meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of  ...)
 	{DSA-3302-1 DLA-257-1}
 	- libwmf 0.2.8.4-10.4 (bug #784205)
-CVE-2015-4680
+CVE-2015-4680 (FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly ...)
 	{DLA-977-1}
 	- freeradius 2.2.8+dfsg-0.1 (bug #789623)
 	[jessie] - freeradius <no-dsa> (Minor issue)
@@ -13500,27 +13500,27 @@ CVE-2015-4680
 	NOTE: See raddb/certs/README
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/5e698b407dcac2bc45cf03484bac4398109d25c3 (v2.x.x branch)
 	NOTE: http://www.ocert.org/advisories/ocert-2015-008.html
-CVE-2015-4674
+CVE-2015-4674 (The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows re ...)
 	NOT-FOR-US: TimeDoctor Pro
-CVE-2015-4673
+CVE-2015-4673 (Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.7. ...)
 	NOT-FOR-US: ClipBucket
 CVE-2015-4672
 	RESERVED
-CVE-2015-4671
+CVE-2015-4671 (Cross-site scripting (XSS) vulnerability in OpenCart before 2.1.0.2 al ...)
 	NOT-FOR-US: OpenCart
-CVE-2015-4670
+CVE-2015-4670 (Directory traversal vulnerability in the AjaxFileUpload control in Dev ...)
 	NOT-FOR-US: AjaxControlToolkit
-CVE-2015-4669
+CVE-2015-4669 (The MySQL "root" user in Xsuite 2.x does not have a password set, whic ...)
 	NOT-FOR-US: Xsuite
-CVE-2015-4668
+CVE-2015-4668 (Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows remot ...)
 	NOT-FOR-US: Xsuite
-CVE-2015-4667
+CVE-2015-4667 (Multiple hardcoded credentials in Xsuite 2.x. ...)
 	NOT-FOR-US: Xsuite
-CVE-2015-4666
+CVE-2015-4666 (Directory traversal vulnerability in opm/read_sessionlog.php in Xceedi ...)
 	NOT-FOR-US: Xceedium Xsuite
-CVE-2015-4665
+CVE-2015-4665 (Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium X ...)
 	NOT-FOR-US: Xceedium Xsuite
-CVE-2015-4664
+CVE-2015-4664 (An improper input validation vulnerability in CA Privileged Access Man ...)
 	NOT-FOR-US: CA Privileged Access Manager
 CVE-2015-4663
 	RESERVED
@@ -13528,109 +13528,109 @@ CVE-2015-4663
 	NOTE: https://github.com/facebook/hhvm/commit/e282a459188a472e177b45ad2d2989289294df74
 CVE-2015-4662
 	RESERVED
-CVE-2015-4661
+CVE-2015-4661 (Cross-site scripting (XSS) vulnerability in Symphony CMS 2.6.2 allows  ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2015-4660
+CVE-2015-4660 (Cross-site scripting (XSS) vulnerability in Enhanced SQL Portal 5.0.79 ...)
 	NOT-FOR-US: Enhanced SQL Portal
-CVE-2015-4659
+CVE-2015-4659 (Cross-site request forgery (CSRF) vulnerability in ClickHeat 1.14 and  ...)
 	NOT-FOR-US: ClickHeat
-CVE-2015-4658
+CVE-2015-4658 (Multiple SQL injection vulnerabilities in admin/login.php in Milw0rm C ...)
 	NOT-FOR-US: Milw0rm Clone Script
-CVE-2015-4657
+CVE-2015-4657 (Cross-site scripting (XSS) vulnerability in Mailbird 2.0.16.0 and earl ...)
 	NOT-FOR-US: Mailbird
-CVE-2015-4656
+CVE-2015-4656 (Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo  ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2015-4655
+CVE-2015-4655 (Cross-site scripting (XSS) vulnerability in Synology DiskStation Manag ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2015-4654
+CVE-2015-4654 (SQL injection vulnerability in the EQ Event Calendar component for Joo ...)
 	NOT-FOR-US: EQ Event Calendar component for Joomla!
 CVE-2015-4653
 	RESERVED
-CVE-2015-4650
+CVE-2015-4650 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before  ...)
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2015-4649
+CVE-2015-4649 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before  ...)
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2015-4648
+CVE-2015-4648 (Stack-based buffer overflow in the Ipropsapi.ipropsapiCtrl.1 ActiveX c ...)
 	NOT-FOR-US: Pansonic Security API
-CVE-2015-4647
+CVE-2015-4647 (Multiple stack-based buffer overflows in Ipropsapi in Panasonic Securi ...)
 	NOT-FOR-US: Pansonic Security API
-CVE-2015-4641
+CVE-2015-4641 (Directory traversal vulnerability in the SwiftKey language-pack update ...)
 	NOT-FOR-US: SwiftKey language-pack update implementation on Samsung devices
-CVE-2015-4640
+CVE-2015-4640 (The SwiftKey language-pack update implementation on Samsung Galaxy S4, ...)
 	NOT-FOR-US: SwiftKey language-pack update implementation on Samsung devices
-CVE-2015-4652
+CVE-2015-4652 (epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wires ...)
 	{DSA-3294-1}
 	- wireshark 1.12.6+gee1fce6-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-20.html
-CVE-2015-4651
+CVE-2015-4651 (The dissect_wccp2r1_address_table_info function in epan/dissectors/pac ...)
 	{DSA-3294-1}
 	- wireshark 1.12.6+gee1fce6-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-19.html
-CVE-2015-4646
+CVE-2015-4646 ((1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash ...)
 	- squashfs-tools 1:4.3-2 (bug #793468)
 	[jessie] - squashfs-tools <no-dsa> (Minor issue)
 	[wheezy] - squashfs-tools <no-dsa> (Minor issue)
 	[squeeze] - squashfs-tools <no-dsa> (Minor issue)
-CVE-2015-4645
+CVE-2015-4645 (Integer overflow in the read_fragment_table_4 function in unsquash-4.c ...)
 	- squashfs-tools 1:4.3-2 (bug #793467)
 	[jessie] - squashfs-tools <no-dsa> (Minor issue)
 	[wheezy] - squashfs-tools <no-dsa> (Minor issue)
 	[squeeze] - squashfs-tools <no-dsa> (Minor issue)
-CVE-2015-4642
+CVE-2015-4642 (The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.4 ...)
 	- php5 <not-affected> (Windows specific)
 	NOTE: https://bugs.php.net/bug.php?id=69646
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=d2ac264ffea5ca2e85640b6736e0c7cd4ee9a4a9
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
-CVE-2015-4643
+CVE-2015-4643 (Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP b ...)
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: Fixed in 5.6.10 / 5.5.26 / 5.4.42
 	NOTE: https://bugs.php.net/bug.php?id=69545#1431550655
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=0765623d6991b62ffcd93ddb6be8a5203a2fa7e2
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
-CVE-2015-4644
+CVE-2015-4644 (The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgs ...)
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: Fixed in 5.6.10 / 5.5.26 / 5.4.42
 	NOTE: https://bugs.php.net/bug.php?id=69667
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/18/3
-CVE-2015-4639
+CVE-2015-4639 (Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl  ...)
 	NOT-FOR-US: Koha
-CVE-2015-4638
+CVE-2015-4638 (The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM,  ...)
 	NOT-FOR-US: FastL4
-CVE-2015-4637
+CVE-2015-4637 (The REST API in F5 BIG-IQ Cloud, Device, and Security 4.4.0 and 4.5.0  ...)
 	NOT-FOR-US: BIG-IQ
 CVE-2015-4636
 	RESERVED
 CVE-2015-4635
 	RESERVED
-CVE-2015-4634
+CVE-2015-4634 (SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allow ...)
 	{DSA-3312-1 DLA-278-1}
 	- cacti 0.8.8e+ds1-1
 	NOTE: http://bugs.cacti.net/view.php?id=2577
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7731
-CVE-2015-4633
+CVE-2015-4633 (Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16,  ...)
 	- koha <itp> (bug #389876)
-CVE-2015-4632
+CVE-2015-4632 (Multiple directory traversal vulnerabilities in Koha 3.14.x before 3.1 ...)
 	- koha <itp> (bug #389876)
-CVE-2015-4631
+CVE-2015-4631 (Multiple cross-site scripting (XSS) vulnerabilities in Koha 3.14.x bef ...)
 	- koha <itp> (bug #389876)
-CVE-2015-4630
+CVE-2015-4630 (Multiple cross-site request forgery (CSRF) vulnerabilities in Koha 3.1 ...)
 	- koha <itp> (bug #389876)
-CVE-2015-4629
+CVE-2015-4629 (Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to ...)
 	NOT-FOR-US: Huawei
-CVE-2015-4628
+CVE-2015-4628 (SQL injection vulnerability in application/controllers/admin/questiong ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2015-4627
+CVE-2015-4627 (SQL injection vulnerability in Pragyan CMS 3.0. ...)
 	NOT-FOR-US: Pragyan CMS
-CVE-2015-4626
+CVE-2015-4626 (B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, wh ...)
 	NOT-FOR-US: B.A.S C2Box
-CVE-2015-4624
+CVE-2015-4624 (Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens. ...)
 	NOT-FOR-US: Hak5 WiFi Pineapple
 CVE-2015-4623
 	RESERVED
@@ -13638,59 +13638,59 @@ CVE-2015-4622
 	RESERVED
 CVE-2015-4621
 	RESERVED
-CVE-2015-4620
+CVE-2015-4620 (name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9. ...)
 	{DSA-3304-1 DLA-270-1}
 	- bind9 1:9.9.5.dfsg-10 (bug #791715)
 	NOTE: https://kb.isc.org/article/AA-01267
-CVE-2015-4619
+CVE-2015-4619 (Cross-site request forgery (CSRF) vulnerability in Spina before commit ...)
 	NOT-FOR-US: Spina CMS
 CVE-2015-4618
 	RESERVED
-CVE-2015-4617
+CVE-2015-4617 (Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpl ...)
 	NOT-FOR-US: WordPress plugin easy2map-photos
-CVE-2015-4616
+CVE-2015-4616 (Directory traversal vulnerability in includes/MapPinImageSave.php in t ...)
 	NOT-FOR-US: Easy2Map plugin for WordPress
-CVE-2015-4615
+CVE-2015-4615 (Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Inj ...)
 	NOT-FOR-US: WordPress plugin easy2map-photos
-CVE-2015-4614
+CVE-2015-4614 (Multiple SQL injection vulnerabilities in includes/Function.php in the ...)
 	NOT-FOR-US: Easy2Map plugin for WordPress
-CVE-2015-4613
+CVE-2015-4613 (SQL injection vulnerability in the backend module in the Developer Log ...)
 	NOT-FOR-US: TYPO3 extension devlog
-CVE-2015-4612
+CVE-2015-4612 (SQL injection vulnerability in the "FAQ - Frequently Asked Questions"  ...)
 	NOT-FOR-US: TYPO3 extension js_faq
-CVE-2015-4611
+CVE-2015-4611 (SQL injection vulnerability in the Smoelenboek (ncgov_smoelenboek) ext ...)
 	NOT-FOR-US: TYPO3 extension ncgov_smoelenboek
-CVE-2015-4610
+CVE-2015-4610 (SQL injection vulnerability in the Store Locator (locator) extension b ...)
 	NOT-FOR-US: TYPO3 extension locator
-CVE-2015-4609
+CVE-2015-4609 (SQL injection vulnerability in the wt_directory extension before 1.4.2 ...)
 	NOT-FOR-US: TYPO3 extension wt_directory
-CVE-2015-4608
+CVE-2015-4608 (Cross-site scripting (XSS) vulnerability in the BE User Log (beko_beus ...)
 	NOT-FOR-US: TYPO3 extension beko_beuserlog
-CVE-2015-4607
+CVE-2015-4607 (Unrestricted file upload vulnerability in the Frontend User Upload (fe ...)
 	NOT-FOR-US: TYPO3 extension feupload
-CVE-2015-4606
+CVE-2015-4606 (Unrestricted file upload vulnerability in the Job Fair (jobfair) exten ...)
 	NOT-FOR-US: TYPO3 extension jobfair
 CVE-2015-4597
 	RESERVED
-CVE-2015-4596
+CVE-2015-4596 (Lenovo Mouse Suite before 6.73 allows local users to run arbitrary cod ...)
 	NOT-FOR-US: Lenovo
 CVE-2015-4595
 	RESERVED
-CVE-2015-4594
+CVE-2015-4594 (eClinicalWorks Population Health (CCMR) suffers from a session fixatio ...)
 	NOT-FOR-US: eClinicalWorks Population Health
-CVE-2015-4593
+CVE-2015-4593 (eClinicalWorks Population Health (CCMR) suffers from a cross-site requ ...)
 	NOT-FOR-US: eClinicalWorks Population Health
-CVE-2015-4592
+CVE-2015-4592 (eClinicalWorks Population Health (CCMR) suffers from an SQL injection  ...)
 	NOT-FOR-US: eClinicalWorks Population Health
-CVE-2015-4591
+CVE-2015-4591 (eClinicalWorks Population Health (CCMR) suffers from a cross site scri ...)
 	NOT-FOR-US: eClinicalWorks Population Health
-CVE-2015-4590
+CVE-2015-4590 (The extractFrom function in Internals/QuotedString.cpp in Arduino JSON ...)
 	NOT-FOR-US: Arduino JSON
 CVE-2015-4589
 	RESERVED
-CVE-2015-4587
+CVE-2015-4587 (Cross-site scripting (XSS) vulnerability in the Alcatel-Lucent CellPip ...)
 	NOT-FOR-US: Alcatel-Lucent CellPipe 7130 router
-CVE-2015-4586
+CVE-2015-4586 (Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent Cell ...)
 	NOT-FOR-US: Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL
 CVE-2015-4585
 	RESERVED
@@ -13744,147 +13744,147 @@ CVE-2015-4561
 	RESERVED
 CVE-2015-4560
 	RESERVED
-CVE-2015-4559
+CVE-2015-4559 (Cross-site scripting (XSS) vulnerability in the product deployment fea ...)
 	NOT-FOR-US: Intel McAfee ePolicy Orchestrator
 CVE-2015-4558
 	RESERVED
-CVE-2015-4557
+CVE-2015-4557 (Cross-site scripting (XSS) vulnerability in the new_Twitter_sign_butto ...)
 	NOT-FOR-US: WordPress plugin nextend-twitter-connect
-CVE-2015-4555
+CVE-2015-4555 (Buffer overflow in the HTTP administrative interface in TIBCO Rendezvo ...)
 	NOT-FOR-US: TIBCO
-CVE-2015-4554
+CVE-2015-4554 (Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spot ...)
 	NOT-FOR-US: TIBCO
 CVE-2015-4553
 	RESERVED
-CVE-2015-4552
+CVE-2015-4552 (Cross-site scripting (XSS) vulnerability in the quick edit function in ...)
 	NOT-FOR-US: MyBB
-CVE-2015-4551
+CVE-2015-4551 (LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the s ...)
 	{DSA-3394-1}
 	- libreoffice 1:5.0.1~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/
-CVE-2015-4550
+CVE-2015-4550 (The Cavium cryptographic-module firmware on Cisco Adaptive Security Ap ...)
 	NOT-FOR-US: Cisco
 CVE-2015-4549
 	RESERVED
-CVE-2015-4548
+CVE-2015-4548 (EMC RSA Web Threat Detection before 5.1 SP1 allows local users to obta ...)
 	NOT-FOR-US: EMC RSA Web Threat Detection
-CVE-2015-4547
+CVE-2015-4547 (EMC RSA Web Threat Detection before 5.1 SP1 stores a cleartext AnnoDB  ...)
 	NOT-FOR-US: EMC RSA Web Threat Detection
-CVE-2015-4546
+CVE-2015-4546 (Directory traversal vulnerability in EMC RSA OneStep 6.9 before build  ...)
 	NOT-FOR-US: EMC RSA OneStep
-CVE-2015-4545
+CVE-2015-4545 (EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 b ...)
 	NOT-FOR-US: EMC Isilon OneFS
-CVE-2015-4544
+CVE-2015-4544 (EMC Documentum Content Server before 7.1P20 and 7.2.x before 7.2P04 do ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4543
+CVE-2015-4543 (EMC RSA Archer GRC 5.x before 5.5.3 uses cleartext for stored password ...)
 	NOT-FOR-US: EMC RSA Archer GRC
-CVE-2015-4542
+CVE-2015-4542 (EMC RSA Archer GRC 5.x before 5.5.3 allows remote authenticated users  ...)
 	NOT-FOR-US: EMC RSA Archer GRC
-CVE-2015-4541
+CVE-2015-4541 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer  ...)
 	NOT-FOR-US: EMC RSA Archer GRC
-CVE-2015-4540
+CVE-2015-4540 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identit ...)
 	NOT-FOR-US: EMC RSA
-CVE-2015-4539
+CVE-2015-4539 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identit ...)
 	NOT-FOR-US: EMC RSA
-CVE-2015-4538
+CVE-2015-4538 (The XML parser in EMC Atmos before 2.2.3.426 and 2.3.x before 2.3.1.0  ...)
 	NOT-FOR-US: EMC Atmos
-CVE-2015-4537
+CVE-2015-4537 (Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase wh ...)
 	NOT-FOR-US: EMC Documentum D2
-CVE-2015-4536
+CVE-2015-4536 (EMC Documentum Content Server before 7.0 P20, 7.1 before P18, and 7.2  ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4535
+CVE-2015-4535 (Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4534
+CVE-2015-4534 (Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4533
+CVE-2015-4533 (EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7. ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4532
+CVE-2015-4532 (EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7. ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4531
+CVE-2015-4531 (EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7. ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4530
+CVE-2015-4530 (Cross-site request forgery (CSRF) vulnerability in EMC Documentum WebT ...)
 	NOT-FOR-US: EMC Documentum Content Server
-CVE-2015-4529
+CVE-2015-4529 (Open redirect vulnerability in EMC Documentum WebTop before 6.8P02, Do ...)
 	NOT-FOR-US: EMC Documentum WebTop
-CVE-2015-4528
+CVE-2015-4528 (Cross-site scripting (XSS) vulnerability in EMC Documentum CenterStage ...)
 	NOT-FOR-US: EMC Documentum CenterStage
-CVE-2015-4527
+CVE-2015-4527 (Directory traversal vulnerability in EMC Avamar Server 7.x before 7.1. ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2015-4526
+CVE-2015-4526 (EMC RecoverPoint for Virtual Machines (VMs) 4.2 allows local users to  ...)
 	NOT-FOR-US: EMC RecoverPoint
-CVE-2015-4525
+CVE-2015-4525 (The log-gather implementation in the web administration interface in E ...)
 	NOT-FOR-US: EMC Isilon OneFS
-CVE-2015-4524
+CVE-2015-4524 (Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 ...)
 	NOT-FOR-US: EMC Documentum WebTop Client
-CVE-2015-4523
+CVE-2015-4523 (Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware An ...)
 	NOT-FOR-US: Blue Coat
-CVE-2015-4522
+CVE-2015-4522 (The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 4 ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-4521
+CVE-2015-4521 (The ConvertDialogOptions function in Mozilla Firefox before 41.0 and F ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-4520
+CVE-2015-4520 (Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow rem ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-111/
-CVE-2015-4519
+CVE-2015-4519 (Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow use ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-110/
-CVE-2015-4518
+CVE-2015-4518 (The Reader View implementation in Mozilla Firefox before 42.0 has an i ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-118/
-CVE-2015-4517
+CVE-2015-4517 (NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x b ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
-CVE-2015-4516
+CVE-2015-4516 (Mozilla Firefox before 41.0 allows remote attackers to bypass certain  ...)
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-109/
-CVE-2015-4515
+CVE-2015-4515 (Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP authenti ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-117/
-CVE-2015-4514
+CVE-2015-4514 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (ESR38 series not affected)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-116/
-CVE-2015-4513
+CVE-2015-4513 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3410-1 DSA-3393-1}
 	- iceweasel 38.4.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.4.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-116/
-CVE-2015-4512
+CVE-2015-4512 (gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux  ...)
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-107/
-CVE-2015-4511
+CVE-2015-4511 (Heap-based buffer overflow in the nestegg_track_codec_data function in ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-105/
-CVE-2015-4510
+CVE-2015-4510 (Race condition in the WorkerPrivate::NotifyFeatures function in Mozill ...)
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-104/
-CVE-2015-4509
+CVE-2015-4509 (Use-after-free vulnerability in the HTMLVideoElement interface in Mozi ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-106/
-CVE-2015-4508
+CVE-2015-4508 (Mozilla Firefox before 41.0, when reader mode is enabled, allows remot ...)
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-103/
-CVE-2015-4507
+CVE-2015-4507 (The SavedStacks class in the JavaScript implementation in Mozilla Fire ...)
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-102/
-CVE-2015-4506
+CVE-2015-4506 (Buffer overflow in the vp9_init_context_buffers function in libvpx, as ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -13893,47 +13893,47 @@ CVE-2015-4506
 	[wheezy] - libvpx <not-affected> (no vp9 support in this version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-101/
 	NOTE: this is a duplicate of CVE-2015-1258, libvpx in google chrome
-CVE-2015-4505
+CVE-2015-4505 (updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before ...)
 	- iceweasel <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-100/
-CVE-2015-4504
+CVE-2015-4504 (The lut_inverse_interp16 function in the QCMS library in Mozilla Firef ...)
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-98/
-CVE-2015-4503
+CVE-2015-4503 (The TCP Socket API implementation in Mozilla Firefox before 41.0 misha ...)
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-97/
-CVE-2015-4502
+CVE-2015-4502 (js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certa ...)
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-108/
-CVE-2015-4501
+CVE-2015-4501 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Affects only 40.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-96/
-CVE-2015-4500
+CVE-2015-4500 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3365-1}
 	- iceweasel 38.3.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-96/
-CVE-2015-4499
+CVE-2015-4499 (Util.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.15, 4.3.x and 4.4.x b ...)
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
 	[squeeze] - bugzilla <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-4498
+CVE-2015-4498 (The add-on installation feature in Mozilla Firefox before 40.0.3 and F ...)
 	{DSA-3345-1}
 	- iceweasel 38.2.1esr-1
 	[squeeze] - iceweasel <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-95
-CVE-2015-4497
+CVE-2015-4497 (Use-after-free vulnerability in the CanvasRenderingContext2D implement ...)
 	{DSA-3345-1}
 	- iceweasel 38.2.1esr-1
 	[squeeze] - iceweasel <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-94/
-CVE-2015-4496
+CVE-2015-4496 (Multiple integer overflows in libstagefright in Mozilla Firefox before ...)
 	- iceweasel 38.0-1
 	[jessie] - iceweasel 38.2.0esr-1~deb8u1
 	[wheezy] - iceweasel 38.2.0esr-1~deb7u1
 	[squeeze] - iceweasel <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-93/
-CVE-2015-4495
+CVE-2015-4495 (The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x befo ...)
 	- iceweasel 38.1.1esr-1
 	[jessie] - iceweasel <not-affected> (Only affects 38.x ESR and 39)
 	[wheezy] - iceweasel <not-affected> (Only affects 38.x ESR and 39)
@@ -13944,19 +13944,19 @@ CVE-2015-4495
 	NOTE: for jessie: xul-ext-pdf.js binary package build was removed
 	NOTE: https://github.com/mozilla/pdf.js/commit/0b5330781c367fcbc997947adbf2bdcdf71f61bc
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1179262
-CVE-2015-4494
+CVE-2015-4494 (Mozilla Firefox OS before 2.2 does not require the wifi-manage privile ...)
 	NOT-FOR-US: Firefox OS
-CVE-2015-4493
+CVE-2015-4493 (Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor ...)
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-83/
-CVE-2015-4492
+CVE-2015-4492 (Use-after-free vulnerability in the XMLHttpRequest::Open implementatio ...)
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-92/
-CVE-2015-4491
+CVE-2015-4491 (Integer overflow in the make_filter_table function in pixops/pixops.c  ...)
 	{DSA-3337-2 DSA-3337-1 DLA-434-1}
 	- gdk-pixbuf 2.31.7-1
 	- gtk+2.0 2.21.5-1
@@ -13966,89 +13966,89 @@ CVE-2015-4491
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/17/17
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-88/
 	NOTE: gtk+2.0 2.21.5-1 removed the embedded copy of gdk-pixbuf and build-depends on external gdk-pixbuf
-CVE-2015-4490
+CVE-2015-4490 (The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in M ...)
 	- iceweasel <not-affected> (Only affects Firefox 39)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-91
-CVE-2015-4489
+CVE-2015-4489 (The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38 ...)
 	{DSA-3410-1 DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	- icedove 38.3.0-1
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-90/
-CVE-2015-4488
+CVE-2015-4488 (Use-after-free vulnerability in the StyleAnimationValue class in Mozil ...)
 	{DSA-3410-1 DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	- icedove 38.3.0-1
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-90/
-CVE-2015-4487
+CVE-2015-4487 (The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, ...)
 	{DSA-3410-1 DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	- icedove 38.3.0-1
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-90/
-CVE-2015-4486
+CVE-2015-4486 (The decrease_ref_count function in libvpx in Mozilla Firefox before 40 ...)
 	- libvpx 1.4.0-1
 	[jessie] - libvpx <not-affected> (Vulnerable code not present)
 	[wheezy] - libvpx <not-affected> (Vulnerable code not present)
 	[squeeze] - libvpx <not-affected> (Vulnerable code not present)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-89/
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1177948 is restricted
-CVE-2015-4485
+CVE-2015-4485 (Heap-based buffer overflow in the resize_context_buffers function in l ...)
 	- libvpx 1.4.0-1
 	[jessie] - libvpx <not-affected> (Vulnerable code not present)
 	[wheezy] - libvpx <not-affected> (Vulnerable code not present)
 	[squeeze] - libvpx <not-affected> (Vulnerable code not present)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-89/
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1178148 is restricted
-CVE-2015-4484
+CVE-2015-4484 (The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript  ...)
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-87/
-CVE-2015-4483
+CVE-2015-4483 (Mozilla Firefox before 40.0 allows man-in-the-middle attackers to bypa ...)
 	- iceweasel <not-affected> (Only affects Firefox 39)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-86/
-CVE-2015-4482
+CVE-2015-4482 (mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox E ...)
 	- iceweasel <not-affected> (Updater not used in Debian)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-85/
-CVE-2015-4481
+CVE-2015-4481 (Race condition in the Mozilla Maintenance Service in Mozilla Firefox b ...)
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-84/
-CVE-2015-4480
+CVE-2015-4480 (Integer overflow in the stagefright::SampleTable::isValid function in  ...)
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-83/
-CVE-2015-4479
+CVE-2015-4479 (Multiple integer overflows in libstagefright in Mozilla Firefox before ...)
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-83/
-CVE-2015-4478
+CVE-2015-4478 (Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not im ...)
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-82/
-CVE-2015-4477
+CVE-2015-4477 (Use-after-free vulnerability in the MediaStream playback feature in Mo ...)
 	- iceweasel <not-affected> (Only affects Firefox 39)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-81/
-CVE-2015-4476
+CVE-2015-4476 (Mozilla Firefox before 41.0 on Android allows user-assisted remote att ...)
 	- iceweasel <not-affected> (Affects only Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-99/
-CVE-2015-4475
+CVE-2015-4475 (The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Fir ...)
 	{DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-80/
-CVE-2015-4474
+CVE-2015-4474 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only affects Firefox 39)
 	- icedove <not-affected> (Only affects Firefox 39)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-79/
-CVE-2015-4473
+CVE-2015-4473 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3410-1 DSA-3333-1}
 	- iceweasel 38.2.0esr-1
 	- icedove 38.3.0-1
@@ -14057,70 +14057,70 @@ CVE-2015-4473
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-79/
 CVE-2015-4466
 	RESERVED
-CVE-2015-4465
+CVE-2015-4465 (Cross-site scripting (XSS) vulnerability in the zM Ajax Login &amp; Re ...)
 	NOT-FOR-US: WordPress plugin zM Ajax Login & Register
-CVE-2015-4464
+CVE-2015-4464 (Kguard Digital Video Recorder 104, 108, v2 does not have any authoriza ...)
 	NOT-FOR-US: Kguard Digital Video Recorder
-CVE-2015-4463
+CVE-2015-4463 (The file_manager component in eFront CMS before 3.6.15.5 allows remote ...)
 	NOT-FOR-US: eFront CMS
-CVE-2015-4462
+CVE-2015-4462 (Absolute path traversal vulnerability in the file_manager component of ...)
 	NOT-FOR-US: eFront CMS
-CVE-2015-4461
+CVE-2015-4461 (Absolute path traversal vulnerability in eFront CMS 3.6.15.4 and earli ...)
 	NOT-FOR-US: eFront CMS
-CVE-2015-4460
+CVE-2015-4460 (Cross-site request forgery (CSRF) vulnerability in SecuritySetting/Use ...)
 	NOT-FOR-US: C2Box
 CVE-2015-4459
 	RESERVED
-CVE-2015-4458
+CVE-2015-4458 (The TLS implementation in the Cavium cryptographic-module firmware, as ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4603
+CVE-2015-4603 (The exception::getTraceAsString function in Zend/zend_exceptions.c in  ...)
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
 	NOTE: https://bugs.php.net/bug.php?id=69152 [2015-03-03 04:30 UTC]
-CVE-2015-4602
+CVE-2015-4602 (The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c ...)
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=fb83c76deec58f1fab17c350f04c9f042e5977d1
 	NOTE: https://bugs.php.net/bug.php?id=69152
-CVE-2015-4601
+CVE-2015-4601 (PHP before 5.6.7 might allow remote attackers to cause a denial of ser ...)
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8
 	NOTE: https://bugs.php.net/bug.php?id=69152
-CVE-2015-4600
+CVE-2015-4600 (The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.2 ...)
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8
 	NOTE: https://bugs.php.net/bug.php?id=69152
-CVE-2015-4599
+CVE-2015-4599 (The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4. ...)
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
 	[wheezy] - php5 5.4.41-0+deb7u1
 	NOTE: https://bugs.php.net/bug.php?id=69152
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=51856a76f87ecb24fe1385342be43610fb6c86e4
-CVE-2015-4598
+CVE-2015-4598 (PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does n ...)
 	{DSA-3344-1 DLA-307-1}
 	- php5 5.6.11+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69719
 	NOTE: Fixed in 5.6.10 and 5.4.42 upstream
-CVE-2015-4588
+CVE-2015-4588 (Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8 ...)
 	{DSA-3302-1 DLA-253-1}
 	- libwmf 0.2.8.4-10.4 (bug #787644)
-CVE-2015-4556
+CVE-2015-4556 (The string-translate* procedure in the data-structures unit in CHICKEN ...)
 	- chicken 4.10.0-1 (bug #788833)
 	[jessie] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	[squeeze] - chicken <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/15/1
-CVE-2015-2967
+CVE-2015-2967 (Cross-site scripting (XSS) vulnerability in settings.php in Cacti befo ...)
 	{DSA-3295-1 DLA-255-1}
 	- cacti 0.8.8d+ds1-1
 	[squeeze] - cacti 0.8.7g-1+squeeze6
@@ -14129,105 +14129,105 @@ CVE-2015-2967
 	NOTE: Fixed upstream in 0.8.8d
 CVE-2015-4457
 	RESERVED
-CVE-2015-4456
+CVE-2015-4456 (ownCloud Desktop Client before 1.8.2 does not call QNetworkReply::igno ...)
 	{DSA-3363-1}
 	- owncloud-client 1.8.4+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-009
-CVE-2015-4455
+CVE-2015-4455 (Unrestricted file upload vulnerability in includes/upload.php in the A ...)
 	NOT-FOR-US: WordPress plugin aviary-image-editor-add-on-for-gravity-forms
-CVE-2015-4454
+CVE-2015-4454 (SQL injection vulnerability in the get_hash_graph_template function in ...)
 	{DSA-3295-1 DLA-255-1}
 	- cacti 0.8.8d+ds1-1
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7720
 	NOTE: http://bugs.cacti.net/view.php?id=2572
 	NOTE: Fixed upstream in 0.8.8d
-CVE-2015-4453
+CVE-2015-4453 (interface/globals.php in OpenEMR 2.x, 3.x, and 4.x before 4.2.0 patch  ...)
 	NOT-FOR-US: OpenEMR
-CVE-2015-4452
+CVE-2015-4452 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4451
+CVE-2015-4451 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4450
+CVE-2015-4450 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4449
+CVE-2015-4449 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4448
+CVE-2015-4448 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4447
+CVE-2015-4447 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4446
+CVE-2015-4446 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4445
+CVE-2015-4445 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4444
+CVE-2015-4444 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2015-4443
+CVE-2015-4443 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2015-4442
 	REJECTED
-CVE-2015-4441
+CVE-2015-4441 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2015-4440
 	REJECTED
 CVE-2015-4439
 	REJECTED
-CVE-2015-4438
+CVE-2015-4438 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2015-4437
 	REJECTED
 CVE-2015-4436
 	REJECTED
-CVE-2015-4435
+CVE-2015-4435 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2015-4434
 	REJECTED
-CVE-2015-4433
+CVE-2015-4433 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-4432
+CVE-2015-4432 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-4431
+CVE-2015-4431 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-4430
+CVE-2015-4430 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-4429
+CVE-2015-4429 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-4428
+CVE-2015-4428 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-4427
+CVE-2015-4427 (Multiple cross-site scripting (XSS) vulnerabilities in Test/WorkArea/w ...)
 	NOT-FOR-US: Ektron CMS
-CVE-2015-4426
+CVE-2015-4426 (SQL injection vulnerability in pimcore before build 3473 allows remote ...)
 	NOT-FOR-US: pimcore
-CVE-2015-4425
+CVE-2015-4425 (Directory traversal vulnerability in pimcore before build 3473 allows  ...)
 	NOT-FOR-US: pimcore
 CVE-2015-4424
 	RESERVED
 CVE-2015-4423
 	RESERVED
-CVE-2015-4422
+CVE-2015-4422 (The TEEOS module in Huawei Mate 7 (Mate7-TL10) smartphones before V100 ...)
 	NOT-FOR-US: TEEOS module in Huawei Mate 7
-CVE-2015-4421
+CVE-2015-4421 (The tzdriver module in Huawei Mate 7 (Mate7-TL10) smartphones before V ...)
 	NOT-FOR-US: tzdriver module in Huawei Mate 7
-CVE-2015-4420
+CVE-2015-4420 (Multiple cross-site scripting (XSS) vulnerabilities in Opsview 4.6.2 a ...)
 	NOT-FOR-US: Opsview
 CVE-2015-4419
 	RESERVED
-CVE-2015-4418
+CVE-2015-4418 (Zoho NetFlow Analyzer build 10250 and earlier does not have an off aut ...)
 	NOT-FOR-US: Zoho NetFlow Analyzer
 CVE-2015-4417
 	RESERVED
 CVE-2015-4416
 	RESERVED
-CVE-2015-4415
+CVE-2015-4415 (Multiple directory traversal vulnerabilities in func.php in Magnifica  ...)
 	NOT-FOR-US: Magnifica Webscripts Anima Gallery
-CVE-2015-4414
+CVE-2015-4414 (Directory traversal vulnerability in download_audio.php in the SE HTML ...)
 	NOT-FOR-US: WordPress plugin se-html5-album-audio-player
-CVE-2015-4413
+CVE-2015-4413 (Cross-site scripting (XSS) vulnerability in the new_fb_sign_button fun ...)
 	NOT-FOR-US: WordPress plugin nextend-facebook-connect
-CVE-2015-4409
+CVE-2015-4409 (Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devi ...)
 	NOT-FOR-US: Hikvision
-CVE-2015-4408
+CVE-2015-4408 (Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devi ...)
 	NOT-FOR-US: Hikvision
-CVE-2015-4407
+CVE-2015-4407 (Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devi ...)
 	NOT-FOR-US: Hikvision
 CVE-2015-4406
 	RESERVED
@@ -14241,123 +14241,123 @@ CVE-2015-4402
 	RESERVED
 CVE-2015-4401
 	RESERVED
-CVE-2015-4400
+CVE-2015-4400 (Ring (formerly DoorBot) video doorbells allow remote attackers to obta ...)
 	NOT-FOR-US: Ring video doorbells
 CVE-2015-4399
 	RESERVED
-CVE-2015-4398
+CVE-2015-4398 (Open redirect vulnerability in the Chaos tool suite (ctools) module be ...)
 	NOT-FOR-US: Drupal module Chaos tool suite
-CVE-2015-4397
+CVE-2015-4397 (Cross-site request forgery (CSRF) vulnerability in the Node Template m ...)
 	NOT-FOR-US: Drupal module Node Template
-CVE-2015-4396
+CVE-2015-4396 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Keyw ...)
 	NOT-FOR-US: Drupal module Keyword Research
-CVE-2015-4395
+CVE-2015-4395 (The HybridAuth Social Login module 7.x-2.x before 7.x-2.10 for Drupal  ...)
 	NOT-FOR-US: Drupal module HybridAuth Social Login
-CVE-2015-4394
+CVE-2015-4394 (The Services module 7.x-3.x before 7.x-3.12 for Drupal allows remote a ...)
 	NOT-FOR-US: Drupal module Services
-CVE-2015-4393
+CVE-2015-4393 (The resource/endpoint for uploading files in the Services module 7.x-3 ...)
 	NOT-FOR-US: Drupal module Services
-CVE-2015-4392
+CVE-2015-4392 (Cross-site scripting (XSS) vulnerability in the Display Suite module 7 ...)
 	NOT-FOR-US: Drupal module Display Suite
-CVE-2015-4391
+CVE-2015-4391 (Cross-site request forgery (CSRF) vulnerability in the CiviCRM private ...)
 	NOT-FOR-US: Drupal module CiviCRM
-CVE-2015-4390
+CVE-2015-4390 (Multiple cross-site request forgery (CSRF) vulnerabilities in the User ...)
 	NOT-FOR-US: Drupal module User Import
-CVE-2015-4389
+CVE-2015-4389 (The Open Graph Importer (og_tag_importer) 7.x-1.x for Drupal does not  ...)
 	NOT-FOR-US: Drupal module Open Graph Importer
-CVE-2015-4388
+CVE-2015-4388 (Cross-site scripting (XSS) vulnerability in the Current Search Links m ...)
 	NOT-FOR-US: Drupal module Current Search Links
-CVE-2015-4387
+CVE-2015-4387 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
 	NOT-FOR-US: Drupal module Password Policy
-CVE-2015-4386
+CVE-2015-4386 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified adm ...)
 	NOT-FOR-US: Drupal module EntityBulkDelete
-CVE-2015-4385
+CVE-2015-4385 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
 	NOT-FOR-US: Drupal module Imagefield Info
-CVE-2015-4384
+CVE-2015-4384 (Cross-site scripting (XSS) vulnerability in the Ubercart Webform Check ...)
 	NOT-FOR-US: Drupal module Ubercart Webform Checkout Pane
-CVE-2015-4383
+CVE-2015-4383 (Cross-site request forgery (CSRF) vulnerability in the Decisions modul ...)
 	NOT-FOR-US: Drupal module Decisions
-CVE-2015-4382
+CVE-2015-4382 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Invo ...)
 	NOT-FOR-US: Drupal module Invoice
-CVE-2015-4381
+CVE-2015-4381 (Cross-site scripting (XSS) vulnerability in the Invoice module 6.x-1.x ...)
 	NOT-FOR-US: Drupal module Invoice
-CVE-2015-4380
+CVE-2015-4380 (Cross-site scripting (XSS) vulnerability in the Linear Case module 6.x ...)
 	NOT-FOR-US: Drupal module Linear Case
-CVE-2015-4379
+CVE-2015-4379 (Cross-site request forgery (CSRF) vulnerability in the Webform Multipl ...)
 	NOT-FOR-US: Drupal module Webform Multiple File Upload
-CVE-2015-4378
+CVE-2015-4378 (Cross-site scripting (XSS) vulnerability in the Crumbs module 7.x-2.x  ...)
 	NOT-FOR-US: Drupal module Crumbs
-CVE-2015-4377
+CVE-2015-4377 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
 	NOT-FOR-US: Drupal module Petition
-CVE-2015-4376
+CVE-2015-4376 (Cross-site scripting (XSS) vulnerability in the Profile2 Privacy modul ...)
 	NOT-FOR-US: Drupal module Profile2 Privacy
-CVE-2015-4375
+CVE-2015-4375 (The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal ...)
 	NOT-FOR-US: Drupal module Chaos tool suite
-CVE-2015-4374
+CVE-2015-4374 (Cross-site scripting (XSS) vulnerability in the Webform module before  ...)
 	NOT-FOR-US: Webform module for Drupal
-CVE-2015-4373
+CVE-2015-4373 (Cross-site scripting (XSS) vulnerability in the OG tabs module before  ...)
 	NOT-FOR-US: Drupal module OG tabs
-CVE-2015-4372
+CVE-2015-4372 (Cross-site scripting (XSS) vulnerability in the Image Title module bef ...)
 	NOT-FOR-US: Drupal module Image Title
-CVE-2015-4371
+CVE-2015-4371 (Open redirect vulnerability in the Perfecto module before 7.x-1.2 for  ...)
 	NOT-FOR-US: Drupal module Perfecto
-CVE-2015-4370
+CVE-2015-4370 (Cross-site scripting (XSS) vulnerability in the Site Documentation mod ...)
 	NOT-FOR-US: Drupal module Site Documentation
-CVE-2015-4369
+CVE-2015-4369 (Cross-site scripting (XSS) vulnerability in the Trick Question module  ...)
 	NOT-FOR-US: Drupal module Trick Question
-CVE-2015-4368
+CVE-2015-4368 (The Commerce Ogone module 7.x-1.x before 7.x-1.5 for Drupal allows rem ...)
 	NOT-FOR-US: Drupal module Commerce Ogone
-CVE-2015-4367
+CVE-2015-4367 (Cross-site scripting (XSS) vulnerability in the Simple Subscription mo ...)
 	NOT-FOR-US: Drupal module Simple Subscription
-CVE-2015-4366
+CVE-2015-4366 (Cross-site scripting (XSS) vulnerability in the Mover module 6.x-1.0 f ...)
 	NOT-FOR-US: Drupal module Mover
-CVE-2015-4365
+CVE-2015-4365 (Cross-site scripting (XSS) vulnerability in the Taxonomy Accordion mod ...)
 	NOT-FOR-US: Drupal module Taxonomy Accordion
-CVE-2015-4364
+CVE-2015-4364 (Multiple cross-site request forgery (CSRF) vulnerabilities in includes ...)
 	NOT-FOR-US: Drupal module Campaign Monitor
-CVE-2015-4363
+CVE-2015-4363 (Open redirect vulnerability in the finder_form_goto function in the Fi ...)
 	NOT-FOR-US: Drupal module Finder
-CVE-2015-4362
+CVE-2015-4362 (Cross-site request forgery (CSRF) vulnerability in tracking_code.admin ...)
 	NOT-FOR-US: Drupal module Tracking Code
-CVE-2015-4361
+CVE-2015-4361 (Cross-site request forgery (CSRF) vulnerability in the Registration co ...)
 	NOT-FOR-US: Drupal Module Registration codes
-CVE-2015-4360
+CVE-2015-4360 (Cross-site request forgery (CSRF) vulnerability in the Registration co ...)
 	NOT-FOR-US: Drupal Module Registration codes
-CVE-2015-4359
+CVE-2015-4359 (Multiple cross-site scripting (XSS) vulnerabilities in the Registratio ...)
 	NOT-FOR-US: Drupal Module Registration codes
-CVE-2015-4358
+CVE-2015-4358 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
 	NOT-FOR-US: Drupal module Ubercart Display Coupons
-CVE-2015-4357
+CVE-2015-4357 (Cross-site scripting (XSS) vulnerability in the Webform module before  ...)
 	NOT-FOR-US: Drupal module Webform
-CVE-2015-4356
+CVE-2015-4356 (Cross-site scripting (XSS) vulnerability in the view-based webform res ...)
 	NOT-FOR-US: Drupal module Webform
-CVE-2015-4355
+CVE-2015-4355 (Cross-site request forgery (CSRF) vulnerability in the Watchdog Aggreg ...)
 	NOT-FOR-US: Drupal module Watchdog Aggregator
-CVE-2015-4354
+CVE-2015-4354 (Cross-site scripting (XSS) vulnerability in the Ubercart Webform Integ ...)
 	NOT-FOR-US: Drupal module Ubercart Webform Integration
-CVE-2015-4353
+CVE-2015-4353 (Cross-site request forgery (CSRF) vulnerability in the Custom Sitemap  ...)
 	NOT-FOR-US: Drupal module Custom Sitemap
-CVE-2015-4352
+CVE-2015-4352 (Cross-site request forgery (CSRF) vulnerability in the Spider Video Pl ...)
 	NOT-FOR-US: Drupal module Spider Video Player
-CVE-2015-4351
+CVE-2015-4351 (The Spider Video Player module for Drupal allows remote authenticated  ...)
 	NOT-FOR-US: Drupal module Spider Video Player
-CVE-2015-4350
+CVE-2015-4350 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Spid ...)
 	NOT-FOR-US: Drupal Module Spider Catalog
-CVE-2015-4349
+CVE-2015-4349 (Cross-site request forgery (CSRF) vulnerability in the Spider Contacts ...)
 	NOT-FOR-US: Drupal Module Spider Catalog
-CVE-2015-4348
+CVE-2015-4348 (SQL injection vulnerability in the Spider Contacts module for Drupal a ...)
 	NOT-FOR-US: Drupal module Spider Contacts
-CVE-2015-4347
+CVE-2015-4347 (Cross-site scripting (XSS) vulnerability in the inLinks Integration mo ...)
 	NOT-FOR-US: Drupal module inLinks Integration
-CVE-2015-4346
+CVE-2015-4346 (Cross-site scripting (XSS) vulnerability in the SMS Framework module 6 ...)
 	NOT-FOR-US: Drupal module SMS Framework
-CVE-2015-4345
+CVE-2015-4345 (The RESTWS Basic Auth submodule in the RESTful Web Services module 7.x ...)
 	NOT-FOR-US: Drupal module RESTful Web Services
-CVE-2015-4344
+CVE-2015-4344 (The Services Basic Authentication module 7.x-1.x through 7.x-1.3 for D ...)
 	NOT-FOR-US: Drupal module Services Basic Authentication
 CVE-2015-4343
 	RESERVED
-CVE-2015-4342
+CVE-2015-4342 (SQL injection vulnerability in Cacti before 0.8.8d allows remote attac ...)
 	{DSA-3295-1 DLA-255-1}
 	- cacti 0.8.8d+ds1-1
 	NOTE: Original report: http://seclists.org/fulldisclosure/2015/Jun/19
@@ -14370,47 +14370,47 @@ CVE-2015-4340
 	RESERVED
 CVE-2015-4339
 	RESERVED
-CVE-2015-4334
+CVE-2015-4334 (The default configuration of SGOS in Blue Coat ProxySG before 6.2.16.5 ...)
 	NOT-FOR-US: Blue Coat ProxySG
 CVE-2015-4333
 	RESERVED
 CVE-2015-4332
 	RESERVED
-CVE-2015-4331
+CVE-2015-4331 (Cisco Prime Infrastructure (PI) 1.4(0.45) and earlier, when AAA authen ...)
 	NOT-FOR-US: Cisco Prime Infrastructure
-CVE-2015-4330
+CVE-2015-4330 (A local file script in Cisco TelePresence Video Communication Server ( ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4329
+CVE-2015-4329 (The administrator web interface in Cisco TelePresence Video Communicat ...)
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
-CVE-2015-4328
+CVE-2015-4328 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2  ...)
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
-CVE-2015-4327
+CVE-2015-4327 (The CLI in Cisco TelePresence Video Communication Server (VCS) Express ...)
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
 CVE-2015-4326
 	RESERVED
-CVE-2015-4325
+CVE-2015-4325 (The process-management implementation in Cisco TelePresence Video Comm ...)
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
-CVE-2015-4324
+CVE-2015-4324 (Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphe ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4323
+CVE-2015-4323 (Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphe ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4322
+CVE-2015-4322 (Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4321
+CVE-2015-4321 (The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Ada ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4320
+CVE-2015-4320 (The Configuration Log File component in Cisco TelePresence Video Commu ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4319
+CVE-2015-4319 (The password-change feature in the administrative web interface in Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4318
+CVE-2015-4318 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4317
+CVE-2015-4317 (Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4316
+CVE-2015-4316 (The Mobile and Remote Access (MRA) endpoint-validation feature in Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4315
+CVE-2015-4315 (The Call Policy Configuration page in Cisco TelePresence Video Communi ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4314
+CVE-2015-4314 (The System Snapshot feature in Cisco TelePresence Video Communication  ...)
 	NOT-FOR-US: Cisco
 CVE-2015-4313
 	RESERVED
@@ -14418,123 +14418,123 @@ CVE-2015-4312
 	RESERVED
 CVE-2015-4311
 	RESERVED
-CVE-2015-4310
+CVE-2015-4310 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse 1 ...)
 	NOT-FOR-US: Cisco
 CVE-2015-4309
 	RESERVED
-CVE-2015-4308
+CVE-2015-4308 (The webGUI configuration-export feature in Cisco Edge Bluebird Operati ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4307
+CVE-2015-4307 (The web framework in Cisco Prime Collaboration Provisioning before 11. ...)
 	NOT-FOR-US: Cisco Prime Collaboration Provisioning
-CVE-2015-4306
+CVE-2015-4306 (The web framework in Cisco Prime Collaboration Assurance before 10.5.1 ...)
 	NOT-FOR-US: Cisco Prime Collaboration Assurance
-CVE-2015-4305
+CVE-2015-4305 (The web framework in Cisco Prime Collaboration Assurance before 10.5.1 ...)
 	NOT-FOR-US: Cisco Prime Collaboration Assurance
-CVE-2015-4304
+CVE-2015-4304 (The web framework in Cisco Prime Collaboration Assurance before 10.5.1 ...)
 	NOT-FOR-US: Cisco Prime Collaboration Assurance
-CVE-2015-4303
+CVE-2015-4303 (Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remo ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4302
+CVE-2015-4302 (The web interface in Cisco FireSIGHT Management Center 5.3.1.4 allows  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4301
+CVE-2015-4301 (Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated ...)
 	NOT-FOR-US: Cisco
 CVE-2015-4300
 	REJECTED
-CVE-2015-4299
+CVE-2015-4299 (Cisco Unified Web and E-Mail Interaction Manager 9.0(2) improperly per ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4298
+CVE-2015-4298 (Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) im ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4297
+CVE-2015-4297 (Open redirect vulnerability in Cisco WebEx Node for Media Convergence  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4296
+CVE-2015-4296 (Nexus Data Broker (NDB) on Cisco Nexus 3000 devices with software 6.0( ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4295
+CVE-2015-4295 (The Prime Collaboration Deployment component in Cisco Unified Communic ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4294
+CVE-2015-4294 (Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Serv ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4293
+CVE-2015-4293 (The packet-reassembly implementation in Cisco IOS XE 3.13S and earlier ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4292
+CVE-2015-4292 (Cross-site scripting (XSS) vulnerability in the management interface i ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4291
+CVE-2015-4291 (Cisco IOS XE 2.x before 2.4.3 and 2.5.x before 2.5.1 on ASR 1000 devic ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4290
+CVE-2015-4290 (The kernel extension in Cisco AnyConnect Secure Mobility Client 4.0(20 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4289
+CVE-2015-4289 (Directory traversal vulnerability in Cisco AnyConnect Secure Mobility  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4288
+CVE-2015-4288 (The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5. ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4287
+CVE-2015-4287 (Cisco Firepower Extensible Operating System 1.1(1.86) on Firepower 900 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4286
+CVE-2015-4286 (The web framework in Cisco UCS Central Software 1.3(0.99) allows remot ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4285
+CVE-2015-4285 (The Local Packet Transport Services (LPTS) implementation in Cisco IOS ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4284
+CVE-2015-4284 (The Concurrent Data Management Replication process in Cisco IOS XR 5.3 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4283
+CVE-2015-4283 (Cisco Videoscape Policy Resource Manager (PRM) 3.5.4 allows remote att ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4282
+CVE-2015-4282 (Cisco Mobility Services Engine (MSE) through 8.0.120.7 uses weak permi ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4281
+CVE-2015-4281 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meeting ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4280
+CVE-2015-4280 (Cisco Prime Collaboration Assurance 10.0 allows remote attackers to ca ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4279
+CVE-2015-4279 (The Manager component in Cisco Unified Computing System (UCS) 2.2(3b)  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4278
+CVE-2015-4278 (Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 a ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4277
+CVE-2015-4277 (The global-configuration implementation on Cisco ASR 9000 devices with ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4276
+CVE-2015-4276 (Cisco WebEx Meetings Server 2.5MR1 allows remote authenticated users t ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4275
+CVE-2015-4275 (The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4274
+CVE-2015-4274 (Cross-site request forgery (CSRF) vulnerability in the web framework i ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4273
+CVE-2015-4273 (The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4272
+CVE-2015-4272 (Multiple cross-site scripting (XSS) vulnerabilities in the ccmivr page ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4271
+CVE-2015-4271 (Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remo ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4270
+CVE-2015-4270 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4269
+CVE-2015-4269 (The Tomcat throttling feature in Cisco Unified Communications Manager  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4268
+CVE-2015-4268 (Multiple cross-site scripting (XSS) vulnerabilities in the Infra Admin ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4267
+CVE-2015-4267 (Cross-site request forgery (CSRF) vulnerability in the web framework i ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4266
+CVE-2015-4266 (The web interface in Cisco Identity Services Engine (ISE) 1.1(4.1), 1. ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4265
+CVE-2015-4265 (Cisco Unified Computing System (UCS) B Blade Server Software 2.2.x bef ...)
 	NOT-FOR-US: Cisco Unified Computing System
 CVE-2015-4264
 	RESERVED
-CVE-2015-4263
+CVE-2015-4263 (The Control and Provisioning functionality in Cisco Mobility Services  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4262
+CVE-2015-4262 (The password-change feature in Cisco Unified MeetingPlace Web Conferen ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
 CVE-2015-4261
 	REJECTED
-CVE-2015-4260
+CVE-2015-4260 (Cross-site scripting (XSS) vulnerability in Cisco Hosted Collaboration ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4259
+CVE-2015-4259 (The Integrated Management Controller on Cisco Unified Computing System ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4258
+CVE-2015-4258 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4257
+CVE-2015-4257 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4256
+CVE-2015-4256 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4255
+CVE-2015-4255 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4254
+CVE-2015-4254 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4253
+CVE-2015-4253 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4252
+CVE-2015-4252 (Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence  ...)
 	NOT-FOR-US: Cisco
 CVE-2015-4251
 	REJECTED
@@ -14550,150 +14550,150 @@ CVE-2015-4246
 	REJECTED
 CVE-2015-4245
 	REJECTED
-CVE-2015-4244
+CVE-2015-4244 (The boot implementation on Cisco ASR 5000 and 5500 devices with softwa ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4243
+CVE-2015-4243 (The PPPoE establishment implementation in Cisco IOS XE 3.5.0S on ASR 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4242
+CVE-2015-4242 (Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT Sys ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4241
+CVE-2015-4241 (Cisco Adaptive Security Appliance (ASA) Software 9.3(2) allows remote  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4240
+CVE-2015-4240 (Cisco IP Communicator 8.6(4) allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4239
+CVE-2015-4239 (Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13 ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2015-4238
+CVE-2015-4238 (The SNMP implementation in Cisco Adaptive Security Appliance (ASA) Sof ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2015-4237
+CVE-2015-4237 (The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-4236
+CVE-2015-4236 (Cisco AsyncOS on Email Security Appliance (ESA) devices with software  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4235
+CVE-2015-4235 (Cisco Application Policy Infrastructure Controller (APIC) devices with ...)
 	NOT-FOR-US: Cisco Application Policy Infrastructure Controller
-CVE-2015-4234
+CVE-2015-4234 (Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS conf ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-4233
+CVE-2015-4233 (SQL injection vulnerability in Cisco Unified MeetingPlace 8.6(1.2) all ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2015-4232
+CVE-2015-4232 (Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users t ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-4231
+CVE-2015-4231 (The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices al ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-4230
+CVE-2015-4230 (Memory leak in Cisco Headend System Release allows remote attackers to ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4229
+CVE-2015-4229 (The web framework in Cisco Unified Communications Domain Manager 8.1(4 ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2015-4228
+CVE-2015-4228 (Cisco Digital Content Manager (DCM) 15.0.0 might allow remote ad serve ...)
 	NOT-FOR-US: Cisco Digital Content Manager
-CVE-2015-4227
+CVE-2015-4227 (Memory leak in Cisco Headend System Release allows remote attackers to ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4226
+CVE-2015-4226 (The packet-storing feature on Cisco 9900 phones with firmware 9.3(2) d ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4225
+CVE-2015-4225 (Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a)  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4224
+CVE-2015-4224 (Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) a ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4223
+CVE-2015-4223 (Cisco IOS XR 5.1.3 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4222
+CVE-2015-4222 (SQL injection vulnerability in Cisco Unified Communications Manager IM ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4221
+CVE-2015-4221 (Cisco Unified Communications Manager IM and Presence Service 9.1(1) do ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4220
+CVE-2015-4220 (Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Ser ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4219
+CVE-2015-4219 (Cisco Secure Access Control System before 5.4(0.46.2) and 5.5 before 5 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4218
+CVE-2015-4218 (The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 th ...)
 	NOT-FOR-US: Cisco Jabber
-CVE-2015-4217
+CVE-2015-4217 (The remote-support feature on Cisco Web Security Virtual Appliance (WS ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4216
+CVE-2015-4216 (The remote-support feature on Cisco Web Security Virtual Appliance (WS ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4215
+CVE-2015-4215 (Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) a ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4214
+CVE-2015-4214 (Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) allows remote authent ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4213
+CVE-2015-4213 (Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4212
+CVE-2015-4212 (Cisco WebEx Meeting Center allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4211
+CVE-2015-4211 (Cisco AnyConnect Secure Mobility Client 3.1(60) on Windows does not pr ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4210
+CVE-2015-4210 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Meeting Center ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4209
+CVE-2015-4209 (Cisco WebEx Meeting Center does not properly determine authorization f ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4208
+CVE-2015-4208 (Cisco WebEx Meeting Center does not properly restrict the content of U ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4207
+CVE-2015-4207 (Cisco WebEx Meeting Center places a meeting's access number in a URL,  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4206
+CVE-2015-4206 (Cisco Unified Communications Manager (UCM) 8.0 through 8.6 allows remo ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4205
+CVE-2015-4205 (Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to caus ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4204
+CVE-2015-4204 (Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE)  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4203
+CVE-2015-4203 (Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4202
+CVE-2015-4202 (Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems ( ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4201
+CVE-2015-4201 (The Gateway General Packet Radio Service Support Node (GGSN) component ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4200
+CVE-2015-4200 (Memory leak in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in th ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-4199
+CVE-2015-4199 (Race condition in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4198
+CVE-2015-4198 (Cross-site scripting (XSS) vulnerability in the web framework on Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4197
+CVE-2015-4197 (Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to ca ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4196
+CVE-2015-4196 (Platform Software before 4.4.5 in Cisco Unified Communications Domain  ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2015-4195
+CVE-2015-4195 (Cisco IOS XR 5.1.1.K9SEC allows remote authenticated users to cause a  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4194
+CVE-2015-4194 (The web-based administrative interface in Cisco WebEx Meeting Center p ...)
 	NOT-FOR-US: Cisco
 CVE-2015-4193
 	RESERVED
 CVE-2015-4192
 	RESERVED
-CVE-2015-4191
+CVE-2015-4191 (Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4190
+CVE-2015-4190 (Cisco Cloud Portal in Cisco Prime Service Catalog 9.4.1_vortex on Clou ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4189
+CVE-2015-4189 (Cross-site request forgery (CSRF) vulnerability in Cisco Data Center A ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4188
+CVE-2015-4188 (SQL injection vulnerability in the Manager interface in Cisco Prime Co ...)
 	NOT-FOR-US: Cisco
 CVE-2015-4187
 	RESERVED
-CVE-2015-4186
+CVE-2015-4186 (The diagnostics subsystem in the administrative web interface on Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4185
+CVE-2015-4185 (The TCL interpreter in Cisco IOS 15.2 does not properly maintain the v ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-4184
+CVE-2015-4184 (The anti-spam scanner on Cisco Email Security Appliance (ESA) devices  ...)
 	NOT-FOR-US: Cisco Email Security Appliance
-CVE-2015-4183
+CVE-2015-4183 (Cisco UCS Central Software 1.2(1a) allows local users to gain privileg ...)
 	NOT-FOR-US: Cisco
-CVE-2015-4182
+CVE-2015-4182 (The administrative web interface in Cisco Identity Services Engine (IS ...)
 	NOT-FOR-US: Cisco Identity Services Engine
-CVE-2015-4181
+CVE-2015-4181 (Directory traversal vulnerability in get_file.php in phpMyBackupPro 2. ...)
 	NOT-FOR-US: phpMyBackupPro
-CVE-2015-4180
+CVE-2015-4180 (Directory traversal vulnerability in get_file.php in phpMyBackupPro 2. ...)
 	NOT-FOR-US: phpMyBackupPro
 CVE-2015-4175
 	RESERVED
-CVE-2015-4174
+CVE-2015-4174 (Cross-site scripting (XSS) vulnerability in the integrated web server  ...)
 	NOT-FOR-US: Siemens Climatix BACnet/IP communication module
-CVE-2015-4173
+CVE-2015-4173 (Unquoted Windows search path vulnerability in the autorun value in Del ...)
 	NOT-FOR-US: Dell SonicWall NetExtender
-CVE-2015-4692
+CVE-2015-4692 (The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux  ...)
 	- linux 4.0.8-1
 	[jessie] - linux 3.16.7-ckt11-1+deb8u3
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/10/6
 	NOTE: Vulnerable function introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=66450a21f99636af4fafac2afd33f1a40631bc3a (v3.10-rc1)
-CVE-2015-4625
+CVE-2015-4625 (Integer overflow in the authentication_agent_new_cookie function in Po ...)
 	[experimental] - policykit-1 0.113-1
 	- policykit-1 0.105-12 (low; bug #796134)
 	[jessie] - policykit-1 0.105-15~deb8u1
@@ -14707,7 +14707,7 @@ CVE-2015-4625
 	NOTE: http://cgit.freedesktop.org/polkit/commit/?id=ea544ffc18405237ccd95d28d7f45afef49aca17
 	NOTE: http://cgit.freedesktop.org/polkit/commit/?id=493aa5dc1d278ab9097110c1262f5229bbaf1766
 	NOTE: http://cgit.freedesktop.org/polkit/commit/?id=fb5076b7c05d01a532d593a4079a29cf2d63a228
-CVE-2015-4412
+CVE-2015-4412 (BSON injection vulnerability in the legal? function in BSON (bson-ruby ...)
 	- ruby-bson <not-affected> (corresponding change in ruby-bson not present)
 	NOTE: Originating from  https://github.com/mongodb/bson-ruby/commit/21141c78d99f23d5f34d32010557ef19d0f77203#diff-8c8558c185bbb548ccb5a6d6ac4bfee5L219
 CVE-2015-4411 [ruby-bson: DoS and possible injection, with bernerdschaefer 2012-04-17 commit]
@@ -14723,13 +14723,13 @@ CVE-2015-4410 [ruby-bson: DoS and possible injection]
 	NOTE: http://sakurity.com/blog/2015/06/04/mongo_ruby_regexp.html
 	NOTE: https://sources.debian.org/src/ruby-bson/1.10.0-1/lib/bson/types/object_id.rb/#L54
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/06/1
-CVE-2015-4338
+CVE-2015-4338 (Static code injection vulnerability in the XCloner plugin 3.1.2 for Wo ...)
 	NOT-FOR-US: WordPress plugin xclonerbackupandrestore
-CVE-2015-4337
+CVE-2015-4337 (Cross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 f ...)
 	NOT-FOR-US: WordPress plugin xclonerbackupandrestore
-CVE-2015-4336
+CVE-2015-4336 (cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows  ...)
 	NOT-FOR-US: WordPress plugin xclonerbackupandrestore
-CVE-2015-4335
+CVE-2015-4335 (Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to ex ...)
 	{DSA-3279-1}
 	- redis 2:3.0.2-1
 	[wheezy] - redis <not-affected> (Lua support introduced in version 2.6.0)
@@ -14743,28 +14743,28 @@ CVE-2015-XXXX [Null pointer access in inflatehd tool]
 	NOTE: Git commit: https://github.com/tatsuhiro-t/nghttp2/commit/3572e7c6343cb85fc21f5667a7ed0902cf5305cf
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/03/20
 	NOTE: inflatehd not installed into the Debian binary packages
-CVE-2015-5523
+CVE-2015-5523 (The ParseValue function in lexer.c in tidy before 4.9.31 allows remote ...)
 	{DSA-3309-1 DLA-273-1}
 	- tidy 20091223cvs-1.5 (bug #792571)
 	NOTE: https://github.com/htacg/tidy-html5/issues/217#issuecomment-108565501
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/04/2
-CVE-2015-5522
+CVE-2015-5522 (Heap-based buffer overflow in the ParseValue function in lexer.c in ti ...)
 	{DSA-3309-1 DLA-273-1}
 	- tidy 20091223cvs-1.5 (bug #792571)
 	NOTE: https://github.com/htacg/tidy-html5/issues/217
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/04/2
 CVE-2015-6593
 	REJECTED
-CVE-2015-4179
+CVE-2015-4179 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Code ...)
 	NOT-FOR-US: WordPress plugin codestyling-localization
-CVE-2015-4176
+CVE-2015-4176 (fs/namespace.c in the Linux kernel before 4.0.2 does not properly supp ...)
 	- linux <not-affected> (Introducing commit was applied to 4.0.2 but e0c9c0afd2fc958ffa34b697972721d81df8a56f as well backported into 4.0.2)
 	- linux-2.6 <not-affected> (Introduced and fixed in 4.1-rc1 upstream)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce07d891a0891d3c0d0c2d73d577490486b809e1 (v4.1-rc1)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e0c9c0afd2fc958ffa34b697972721d81df8a56f (v4.1-rc1)
 CVE-2015-4172
 	RESERVED
-CVE-2015-4171
+CVE-2015-4171 (strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client be ...)
 	{DSA-3282-1 DLA-244-1}
 	- strongswan 5.3.1-1
 	NOTE: https://www.strongswan.org/blog/2015/06/08/strongswan-vulnerability-(cve-2015-4171).html
@@ -14772,51 +14772,51 @@ CVE-2015-4169
 	RESERVED
 CVE-2015-4168
 	RESERVED
-CVE-2015-4166
+CVE-2015-4166 (Cloudera Key Trustee Server before 5.4.3 does not store keys synchrono ...)
 	NOT-FOR-US: Cloudera
-CVE-2015-4165
+CVE-2015-4165 (The snapshot API in Elasticsearch before 1.6.0 when another applicatio ...)
 	- elasticsearch 1.6.0+dfsg-1 (bug #788471)
 	[jessie] - elasticsearch <end-of-life> (No longer supported, see DSA 3389)
 	NOTE: https://github.com/elastic/elasticsearch/issues/11068
 	NOTE: https://github.com/elastic/elasticsearch/pull/11284
 	NOTE: https://github.com/imotov/elasticsearch/commit/f5cfb2a1869d1a52930cbd3138278a6e2c1b22e6
-CVE-2015-4164
+CVE-2015-4164 (The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way ...)
 	{DSA-3286-1}
 	- xen 4.6.0-1 (bug #795721)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-136.html
-CVE-2015-4163
+CVE-2015-4163 (GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the gran ...)
 	{DSA-3286-1}
 	- xen 4.6.0-1 (bug #795721)
 	[wheezy] - xen <not-affected> (Xen 4.2 onwards are vulnerable)
 	[squeeze] - xen <not-affected> (Xen 4.2 onwards are vulnerable)
 	NOTE: http://xenbits.xen.org/xsa/advisory-134.html
-CVE-2015-4162
+CVE-2015-4162 (XML external entity (XXE) vulnerability in the management interface in ...)
 	NOT-FOR-US: PAN-OS
-CVE-2015-4161
+CVE-2015-4161 (SAP Afaria does not properly restrict access to unspecified functional ...)
 	NOT-FOR-US: SAP Afaria
-CVE-2015-4160
+CVE-2015-4160 (SQL injection vulnerability in SAP ASE Database Platform allows remote ...)
 	NOT-FOR-US: SAP ASE Database Platform
-CVE-2015-4159
+CVE-2015-4159 (SQL injection vulnerability in SAP HANA Web-based Development Workbenc ...)
 	NOT-FOR-US: SAP HANA
-CVE-2015-4158
+CVE-2015-4158 (SAP ABAP &amp; Java Server allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: SAP ABAP & Java Server
-CVE-2015-4157
+CVE-2015-4157 (SAP Content Server allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: SAP Content Server
-CVE-2015-4156
+CVE-2015-4156 (GNU Parallel before 20150522 (Nepal), when using (1) --cat or (2) --fi ...)
 	- parallel 20161222-1 (unimportant; bug #787954)
 	NOTE: https://lists.gnu.org/archive/html/parallel/2015-04/msg00045.html
 	NOTE: https://lists.gnu.org/archive/html/parallel/2015-05/msg00024.html
 	NOTE: Not exploitable with kernel hardening since wheezy
-CVE-2015-4155
+CVE-2015-4155 (GNU Parallel before 20150422, when using (1) --pipe, (2) --tmux, (3) - ...)
 	- parallel 20161222-1 (unimportant; bug #787954)
 	NOTE: https://lists.gnu.org/archive/html/parallel/2015-04/msg00045.html
 	NOTE: Not exploitable with kernel hardening since wheezy
 CVE-2015-4154
 	RESERVED
-CVE-2015-4153
+CVE-2015-4153 (Directory traversal vulnerability in the zM Ajax Login &amp; Register  ...)
 	NOT-FOR-US: WordPress plugin zm-ajax-login-register
-CVE-2015-4152
+CVE-2015-4152 (Directory traversal vulnerability in the file output plugin in Elastic ...)
 	- logstash <itp> (bug #664841)
 CVE-2015-4151
 	RESERVED
@@ -14824,13 +14824,13 @@ CVE-2015-4150
 	RESERVED
 CVE-2015-4149
 	RESERVED
-CVE-2015-4138
+CVE-2015-4138 (The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV180 ...)
 	NOT-FOR-US: Blue Coat SSL Visibility Appliance
-CVE-2015-4137
+CVE-2015-4137 (SQL injection vulnerability in related.php in Milw0rm Clone Script 1.0 ...)
 	NOT-FOR-US: Milw0rm Clone Script
 CVE-2015-4136
 	RESERVED
-CVE-2015-5366
+CVE-2015-5366 (The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kerne ...)
 	{DSA-3313-1 DLA-310-1}
 	- linux 4.0.7-1
 	[wheezy] - linux 3.2.68-1+deb7u3
@@ -14838,7 +14838,7 @@ CVE-2015-5366
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0 (v4.1-rc7)
 	NOTE: http://web.archive.org/web/20160309082241/https://twitter.com/grsecurity/status/605854034260426753
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/30/13
-CVE-2015-5364
+CVE-2015-5364 (The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kerne ...)
 	{DSA-3313-1 DLA-310-1}
 	- linux 4.0.7-1
 	[wheezy] - linux 3.2.68-1+deb7u3
@@ -14850,23 +14850,23 @@ CVE-2015-XXXX [uudecode: stack out of bounds read access]
 	- sharutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/02/8
-CVE-2015-4167
+CVE-2015-4167 (The udf_read_inode function in fs/udf/inode.c in the Linux kernel befo ...)
 	{DSA-3313-1 DSA-3290-1 DLA-246-1}
 	- linux 4.0.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23b133bdc452aa441fcb9b82cbf6dd05cfd342d0 (v4.0-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/02/6
-CVE-2015-4140
+CVE-2015-4140 (Cross-site request forgery (CSRF) vulnerability in the WP Smiley plugi ...)
 	NOT-FOR-US: WordPress plugin wp-smiley
-CVE-2015-4139
+CVE-2015-4139 (Cross-site scripting (XSS) vulnerability in smilies4wp.php in the WP S ...)
 	NOT-FOR-US: WordPress plugin wp-smiley
-CVE-2015-4135
+CVE-2015-4135 (Cross-site scripting (XSS) vulnerability in goto.php in phpwind 8.7 al ...)
 	NOT-FOR-US: PHPWind
-CVE-2015-4134
+CVE-2015-4134 (Open redirect vulnerability in goto.php in phpwind 8.7 allows remote a ...)
 	NOT-FOR-US: PHPWind
-CVE-2015-4133
+CVE-2015-4133 (Unrestricted file upload vulnerability in admin/scripts/FileUploader/p ...)
 	NOT-FOR-US: ReFlex Gallery plugin for WordPress
-CVE-2015-4132
+CVE-2015-4132 (Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks  ...)
 	NOT-FOR-US: Aruba Networks CPPM
 CVE-2015-4131
 	RESERVED
@@ -14875,13 +14875,13 @@ CVE-2015-4130 [command-injection]
 	NOT-FOR-US: NodeJS ungit
 	NOTE: https://github.com/FredrikNoren/ungit/issues/486
 	NOTE: https://nodesecurity.io/advisories/40
-CVE-2015-4129
+CVE-2015-4129 (SQL injection vulnerability in Subrion CMS before 3.3.3 allows remote  ...)
 	NOT-FOR-US: Subrion CMS
 CVE-2015-4128
 	RESERVED
-CVE-2015-4127
+CVE-2015-4127 (Cross-site scripting (XSS) vulnerability in the church_admin plugin be ...)
 	NOT-FOR-US: church_admin plugin for WordPress
-CVE-2015-4178
+CVE-2015-4178 (The fs_pin implementation in the Linux kernel before 4.0.5 does not en ...)
 	- linux <not-affected> (Commit was applied to 4.0.2 as well but fixed in Debian by two subsequent commits)
 	NOTE: Debian both applies "mnt: Fail collect_mounts when applied to unmounted mounts"
 	NOTE: and "fs_pin: Allow for the possibility that m_list or s_list go unused." in
@@ -14890,7 +14890,7 @@ CVE-2015-4178
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce07d891a0891d3c0d0c2d73d577490486b809e1 (v4.1-rc1)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=820f9f147dcce2602eefd9b575bbbd9ea14f0953 (v4.1-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/29/5
-CVE-2015-4177
+CVE-2015-4177 (The collect_mounts function in fs/namespace.c in the Linux kernel befo ...)
 	- linux <not-affected> (Commit was applied to 4.0.2 as well but fixed in Debian by two subsequent commits)
 	NOTE: Debian both applies "mnt: Fail collect_mounts when applied to unmounted mounts"
 	NOTE: and "fs_pin: Allow for the possibility that m_list or s_list go unused." in
@@ -14913,13 +14913,13 @@ CVE-2015-4121
 	RESERVED
 CVE-2015-4120
 	RESERVED
-CVE-2015-4119
+CVE-2015-4119 (Multiple cross-site request forgery (CSRF) vulnerabilities in ISPConfi ...)
 	NOT-FOR-US: ISPConfig
-CVE-2015-4118
+CVE-2015-4118 (SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig ...)
 	NOT-FOR-US: ISPConfig
-CVE-2015-4117
+CVE-2015-4117 (Vesta Control Panel before 0.9.8-14 allows remote authenticated users  ...)
 	NOT-FOR-US: Vesta Control Panel
-CVE-2015-4116
+CVE-2015-4116 (Use-after-free vulnerability in the spl_ptr_heap_insert function in ex ...)
 	- php5 5.6.11+dfsg-1 (unimportant)
 	[jessie] - php5 5.6.12+dfsg-0+deb8u1
 	NOTE: https://bugs.php.net/bug.php?id=69737
@@ -14931,19 +14931,19 @@ CVE-2015-4114
 	RESERVED
 CVE-2015-4113
 	RESERVED
-CVE-2015-4112
+CVE-2015-4112 (The Management Console in BlackBerry Enterprise Server (BES) 12 before ...)
 	NOT-FOR-US: BlackBerry
-CVE-2015-4111
+CVE-2015-4111 (mc_demux_mp4_ds.ax in an unspecified third-party codec demux in BlackB ...)
 	NOT-FOR-US: BlackBerry
 CVE-2015-4110
 	RESERVED
-CVE-2015-4109
+CVE-2015-4109 (Multiple SQL injection vulnerabilities in the ratings module in the Us ...)
 	NOT-FOR-US: WordPress plugin users-ultra
-CVE-2015-4108
+CVE-2015-4108 (Multiple cross-site request forgery (CSRF) vulnerabilities in Wing FTP ...)
 	NOT-FOR-US: Wing FTP Server
 CVE-2015-4107
 	RESERVED
-CVE-2015-4106
+CVE-2015-4106 (QEMU does not properly restrict write access to the PCI config space f ...)
 	{DSA-3286-1 DSA-3284-1}
 	- qemu 1:2.3+dfsg-5 (bug #787547)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -14953,7 +14953,7 @@ CVE-2015-4106
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-131.html
-CVE-2015-4105
+CVE-2015-4105 (Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through err ...)
 	{DSA-3286-1 DSA-3284-1}
 	- qemu 1:2.3+dfsg-5 (bug #787547)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -14963,7 +14963,7 @@ CVE-2015-4105
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-130.html
-CVE-2015-4104
+CVE-2015-4104 (Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI m ...)
 	{DSA-3286-1 DSA-3284-1}
 	- qemu 1:2.3+dfsg-5 (bug #787547)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -14973,7 +14973,7 @@ CVE-2015-4104
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-129.html
-CVE-2015-4103
+CVE-2015-4103 (Xen 3.3.x through 4.5.x does not properly restrict write access to the ...)
 	{DSA-3286-1 DSA-3284-1}
 	- qemu 1:2.3+dfsg-5 (bug #787547)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -14987,7 +14987,7 @@ CVE-2015-4102
 	RESERVED
 CVE-2015-4101
 	RESERVED
-CVE-2015-4100
+CVE-2015-4100 (Puppet Enterprise 3.7.x and 3.8.0 might allow remote authenticated use ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
 	NOTE: https://puppet.com/security/cve/CVE-2015-4100
 CVE-2015-4099
@@ -15000,17 +15000,17 @@ CVE-2015-4096
 	RESERVED
 CVE-2015-4095
 	RESERVED
-CVE-2015-4094
+CVE-2015-4094 (The Thycotic Password Manager Secret Server application through 2.3 fo ...)
 	NOT-FOR-US: Thycotic Password Manager Secret Server application for iOS
-CVE-2015-4093
+CVE-2015-4093 (Cross-site scripting (XSS) vulnerability in Elasticsearch Kibana 4.x b ...)
 	- kibana <itp> (bug #700337)
-CVE-2015-4092
+CVE-2015-4092 (Buffer overflow in the XComms process in SAP Afaria 7.00.6620.2 SP5 al ...)
 	NOT-FOR-US: SAP Afaria
-CVE-2015-4091
+CVE-2015-4091 (XML external entity (XXE) vulnerability in SAP NetWeaver AS Java 7.4 a ...)
 	NOT-FOR-US: SAP NetWeaver AS Java
 CVE-2015-4090
 	RESERVED
-CVE-2015-4089
+CVE-2015-4089 (Multiple cross-site request forgery (CSRF) vulnerabilities in the opti ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2015-4088
 	RESERVED
@@ -15018,53 +15018,53 @@ CVE-2015-4087
 	RESERVED
 CVE-2015-4086
 	RESERVED
-CVE-2015-4084
+CVE-2015-4084 (Cross-site scripting (XSS) vulnerability in the Free Counter plugin 1. ...)
 	NOT-FOR-US: Free Counter plugin for WordPress
 CVE-2015-4083
 	RESERVED
 CVE-2015-4081
 	RESERVED
-CVE-2015-4080
+CVE-2015-4080 (The Kankun Smart Socket device and mobile application uses a hardcoded ...)
 	NOT-FOR-US: Kankun Smart Socket device and mobile application
 CVE-2015-4079
 	RESERVED
-CVE-2015-4078
+CVE-2015-4078 (Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3 include s ...)
 	NOT-FOR-US: Cloudera
-CVE-2015-4077
+CVE-2015-4077 (The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4 ...)
 	NOT-FOR-US: Fortinet
 CVE-2015-4076
 	RESERVED
-CVE-2015-4075
+CVE-2015-4075 (The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attacke ...)
 	NOT-FOR-US: Joomla! plugin
-CVE-2015-4074
+CVE-2015-4074 (Directory traversal vulnerability in the Helpdesk Pro plugin before 1. ...)
 	NOT-FOR-US: Joomla! plugin
-CVE-2015-4073
+CVE-2015-4073 (Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin befo ...)
 	NOT-FOR-US: Joomla! plugin
-CVE-2015-4072
+CVE-2015-4072 (Multiple cross-site scripting (XSS) vulnerabilities in the Helpdesk Pr ...)
 	NOT-FOR-US: Joomla! plugin
-CVE-2015-4071
+CVE-2015-4071 (The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attacke ...)
 	NOT-FOR-US: Helpdesk Pro Plugin for Joomla!
-CVE-2015-4070
+CVE-2015-4070 (Open redirect vulnerability in the proxyimages function in wowproxy.ph ...)
 	NOT-FOR-US: Wow Moodboard Lite
-CVE-2015-4069
+CVE-2015-4069 (The EdgeServiceImpl web service in Arcserve UDP before 5.0 Update 4 al ...)
 	NOT-FOR-US: EdgeServiceImpl web service in Arcserve UDP
-CVE-2015-4068
+CVE-2015-4068 (Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4  ...)
 	NOT-FOR-US: Arcserve UDP
-CVE-2015-4067
+CVE-2015-4067 (Integer overflow in the libnv6 module in Dell NetVault Backup before 1 ...)
 	NOT-FOR-US: Dell NetVault Backup
-CVE-2015-4066
+CVE-2015-4066 (Multiple SQL injection vulnerabilities in admin/handlers.php in the Gi ...)
 	NOT-FOR-US: GigPress plugin for WordPress
 CVE-2015-4061
 	RESERVED
-CVE-2015-4060
+CVE-2015-4060 (Heap-based buffer overflow in the TermProxy (WLTermProxyService.exe) s ...)
 	NOT-FOR-US: Wavelink ConnectPro
-CVE-2015-4059
+CVE-2015-4059 (Heap-based buffer overflow in the License Server (LicenseServer.exe) i ...)
 	NOT-FOR-US: Wavelink Terminal Emulation
 CVE-2015-4058
 	REJECTED
-CVE-2015-4057
+CVE-2015-4057 (The "Plug-in for VMware vCenter" in VCE Vision Intelligent Operations  ...)
 	NOT-FOR-US: VCE Vision Intelligent Operations
-CVE-2015-4056
+CVE-2015-4056 (The System Library in VCE Vision Intelligent Operations before 2.6.5 d ...)
 	NOT-FOR-US: VCE Vision Intelligent Operations
 CVE-2015-4055
 	RESERVED
@@ -15074,32 +15074,32 @@ CVE-2015-XXXX [hwclock(8) SUID privilege escalation]
 	NOTE: hwclock is not installed suid in Debian
 	NOTE: https://github.com/karelzak/util-linux/commit/687cc5d58942b24a9f4013c68876d8cbea907ab1
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/26/10
-CVE-2015-4082
+CVE-2015-4082 (attic before 0.15 does not confirm unencrypted backups with the user,  ...)
 	- attic 0.16-1 (bug #787435)
 	[jessie] - attic <no-dsa> (Minor issue)
 	NOTE: https://github.com/jborg/attic/issues/271
 	NOTE: https://github.com/jborg/attic/commit/78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/25/3
-CVE-2015-4170
+CVE-2015-4170 (Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem. ...)
 	- linux 3.13.4-1
 	[wheezy] - linux <not-affected> (commit 4898e640caf03fdbaf2122d5a33949bf3e4a5b34 not backported)
 	- linux-2.6 <not-affected> (commit 4898e640caf03fdbaf2122d5a33949bf3e4a5b34 not backported)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf872776fc84128bb779ce2b83a37c884c3203ae (v3.13-rc5)
 	NOTE: Affected code was introduced by the rewrite in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4898e640caf03fdbaf2122d5a33949bf3e4a5b34 (v3.11-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/26/1
-CVE-2015-4065
+CVE-2015-4065 (Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound- ...)
 	NOT-FOR-US: WordPress plugin landing-pages
-CVE-2015-4064
+CVE-2015-4064 (SQL injection vulnerability in modules/module.ab-testing.php in the La ...)
 	NOT-FOR-US: WordPress plugin landing-pages
-CVE-2015-4063
+CVE-2015-4063 (Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in ...)
 	NOT-FOR-US: WordPress plugin newstatpress
-CVE-2015-4062
+CVE-2015-4062 (SQL injection vulnerability in includes/nsp_search.php in the NewStatP ...)
 	NOT-FOR-US: WordPress plugin newstatpress
 CVE-2015-4052
 	RESERVED
-CVE-2015-4051
+CVE-2015-4051 (Beckhoff IPC Diagnostics before 1.8 does not properly restrict access  ...)
 	NOT-FOR-US: Beckhoff IPC Diagnostics
-CVE-2015-4050
+CVE-2015-4050 (FragmentListener in the HttpKernel component in Symfony 2.3.19 through ...)
 	{DSA-3276-1}
 	- symfony 2.7.0~beta2+dfsg-2
 	NOTE: https://github.com/fabpot/symfony/commit/d320d27699abcea12479cf608908fa91bcc133d4
@@ -15108,14 +15108,14 @@ CVE-2015-XXXX [XSS in group administration]
 	- php-horde 5.2.5+debian0-1 (bug #785364)
 	[jessie] - php-horde 5.2.1+debian0-2+deb8u1
 	NOTE: https://github.com/horde/horde/commit/dae5277746abe613de0cacc004e95e9ed9d78220
-CVE-2015-4053
+CVE-2015-4053 (The admin command in ceph-deploy before 1.5.25 uses world-readable per ...)
 	- ceph-deploy <not-affected> (Fixed with initial upload to Debian)
 	NOTE: http://tracker.ceph.com/issues/11694
-CVE-2015-4049
+CVE-2015-4049 (Unisys Libra 43xx, 63xx, and 83xx, and FS600 class systems with MCP-FI ...)
 	NOT-FOR-US: Unisys Libra
 CVE-2015-4048
 	RESERVED
-CVE-2015-4054
+CVE-2015-4054 (PgBouncer before 1.5.5 allows remote attackers to cause a denial of se ...)
 	- pgbouncer 1.5.5-1
 	[jessie] - pgbouncer 1.5.4-6+deb8u1
 	[wheezy] - pgbouncer 1.5.2-4+deb7u1
@@ -15128,22 +15128,22 @@ CVE-2015-8147
 	REJECTED
 CVE-2015-8146
 	REJECTED
-CVE-2015-4046
+CVE-2015-4046 (The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows re ...)
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2015-4045
+CVE-2015-4045 (The sudoers file in the asset discovery scanner in AlienVault OSSIM be ...)
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2015-4044
 	RESERVED
-CVE-2015-4043
+CVE-2015-4043 (SQL injection vulnerability in ConnX ESP HR Management 4.4.0 allows re ...)
 	NOT-FOR-US: ConnX ESP
-CVE-2015-4040
+CVE-2015-4040 (Directory traversal vulnerability in the configuration utility in F5 B ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2015-4039
 	RESERVED
 	NOT-FOR-US: WordPress plugin WP Membership
-CVE-2015-4038
+CVE-2015-4038 (The WP Membership plugin 1.2.3 for WordPress allows remote authenticat ...)
 	NOT-FOR-US: WordPress plugin WP Membership
-CVE-2015-4037
+CVE-2015-4037 (The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier create ...)
 	{DSA-3285-1 DSA-3284-1}
 	- qemu 1:2.3+dfsg-5
 	[wheezy] - qemu 1.1.2+dfsg-6a+deb7u8
@@ -15151,29 +15151,29 @@ CVE-2015-4037
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=8b8f1c7e9ddb2e88a144638f6527bf70e32343e3
-CVE-2015-4034
+CVE-2015-4034 (The createFromParcel method in the com.absolute.android.persistence.Me ...)
 	NOT-FOR-US: Samsung Galaxy S5
-CVE-2015-4033
+CVE-2015-4033 (Samsung SBeam allows remote attackers to read arbitrary images by leve ...)
 	NOT-FOR-US: Samsung SBeam
-CVE-2015-4032
+CVE-2015-4032 (projectContents.jsp in the Developer tools in Visual Mining NetCharts  ...)
 	NOT-FOR-US: Visual Mining NetCharts Server
-CVE-2015-4031
+CVE-2015-4031 (Directory traversal vulnerability in saveFile.jsp in the development i ...)
 	NOT-FOR-US: Visual Mining NetChart
 CVE-2015-4030
 	RESERVED
-CVE-2015-4029
+CVE-2015-4029 (Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense befo ...)
 	NOT-FOR-US: pfSense
 CVE-2015-4028
 	RESERVED
-CVE-2015-4027
+CVE-2015-4027 (The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner ( ...)
 	NOT-FOR-US: Acunetix Web Vulnerability Scanner
-CVE-2015-4047
+CVE-2015-4047 (racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause  ...)
 	{DSA-3272-1 DLA-234-1}
 	- ipsec-tools 1:0.8.2+20140711-3 (bug #785778)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/20/1
 CVE-2015-4023
 	RESERVED
-CVE-2015-4020
+CVE-2015-4020 (RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4 ...)
 	- rubygems <not-affected> (Affects versions between 2.0 and 2.4.6 and incomplete fix not applied)
 	- libgems-ruby <not-affected> (Affects versions between 2.0 and 2.4.6 and incomplete fix not applied)
 	- ruby1.8 <not-affected> (Vulnerable code not present)
@@ -15187,9 +15187,9 @@ CVE-2015-4020
 	NOTE: https://github.com/rubygems/rubygems/commit/5c7bfb5
 CVE-2015-4019
 	RESERVED
-CVE-2015-4018
+CVE-2015-4018 (SQL injection vulnerability in feedwordpresssyndicationpage.class.php  ...)
 	NOT-FOR-US: FeedWordPress plugin for WordPress
-CVE-2015-4016
+CVE-2015-4016 (The client detection protocol in Valve Steam allows remote attackers t ...)
 	NOT-FOR-US: Related to non-free steam package.
 	NOTE: The affected code is believed to be downloaded from Valve on startup.
 	NOTE: http://store.steampowered.com/news/16801/
@@ -15215,10 +15215,10 @@ CVE-2015-4041 [heap overflow; size calculation without properly considering the
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=928749
 	NOTE: https://github.com/pixelb/coreutils/commit/bea5e36cc876ed627bb5e0eca36fdfaa6465e940
 	NOTE: http://pkgs.fedoraproject.org/cgit/coreutils.git/plain/coreutils-i18n.patch
-CVE-2015-4035
+CVE-2015-4035 (scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not  ...)
 	- xz-utils <not-affected> (Affects 4.999.9beta)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/18/7
-CVE-2015-4010
+CVE-2015-4010 (Cross-site request forgery (CSRF) vulnerability in the Encrypted Conta ...)
 	NOT-FOR-US: Encrypted Contact Form plugin for WordPress
 CVE-2015-4009
 	RESERVED
@@ -15230,7 +15230,7 @@ CVE-2015-4006
 	RESERVED
 CVE-2015-4005
 	RESERVED
-CVE-2015-4004
+CVE-2015-4004 (The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untru ...)
 	- linux 4.3-1 (unimportant)
 	NOTE: ozwpan driver not built
 	[wheezy] - linux <not-affected> (ozwpan driver not present)
@@ -15238,7 +15238,7 @@ CVE-2015-4004
 	NOTE: https://lkml.org/lkml/2015/5/13/739
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
 	NOTE: Driver was removed in Linux 4.3
-CVE-2015-4003
+CVE-2015-4003 (The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1 ...)
 	- linux 4.1.3-1 (unimportant)
 	NOTE: ozwpan driver not built
 	[wheezy] - linux <not-affected> (ozwpan driver not present)
@@ -15246,7 +15246,7 @@ CVE-2015-4003
 	NOTE: https://lkml.org/lkml/2015/5/13/741
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04bf464a5dfd9ade0dda918e44366c2c61fce80b (v4.1-rc7)
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2015-4002
+CVE-2015-4002 (drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux k ...)
 	- linux 4.1.3-1 (unimportant)
 	NOTE: ozwpan driver not built
 	[wheezy] - linux <not-affected> (ozwpan driver not present)
@@ -15256,7 +15256,7 @@ CVE-2015-4002
 	NOTE: https://lkml.org/lkml/2015/5/13/742
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8 (v4.1-rc7)
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2015-4001
+CVE-2015-4001 (Integer signedness error in the oz_hcd_get_desc_cnf function in driver ...)
 	- linux 4.1.3-1 (unimportant)
 	NOTE: ozwpan driver not built
 	[wheezy] - linux <not-affected> (ozwpan driver not present)
@@ -15264,7 +15264,7 @@ CVE-2015-4001
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b1bb5b49373b61bf9d2c73a4d30058ba6f069e4c (v4.1-rc7)
 	NOTE: https://lkml.org/lkml/2015/5/13/744
 	NOTE: Not enabled in Debian kernels; staging drivers are not supported
-CVE-2015-4000
+CVE-2015-4000 (The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is ena ...)
 	{DSA-3688-1 DSA-3339-1 DSA-3324-1 DSA-3316-1 DSA-3300-1 DSA-3287-1 DLA-507-1 DLA-303-1 DLA-247-1}
 	- openssl 1.0.2b-1
 	- nss 2:3.19.1-1
@@ -15284,44 +15284,44 @@ CVE-2015-4000
 	NOTE: GNUTLS: http://lists.gnutls.org/pipermail/gnutls-devel/2015-May/007597.html
 	NOTE: NSS/iceweasel/icedove: https://www.mozilla.org/en-US/security/advisories/mfsa2015-70/
 	NOTE: NSS patch increasing limit to 1023 bits: https://hg.mozilla.org/projects/nss/rev/ae72d76f8d24
-CVE-2015-3999
+CVE-2015-3999 (Piriform CCleaner 3.26.0.1988 through 5.02.5101 writes the filenames t ...)
 	NOT-FOR-US: Piriform CCleaner
-CVE-2015-3998
+CVE-2015-3998 (Cross-site scripting (XSS) vulnerability in phpwhois 4.2.5, as used in ...)
 	NOT-FOR-US: phpwhois component of adsense-click-fraud-monitoring wordpress plugin
 CVE-2015-3997
 	RESERVED
-CVE-2015-3996
+CVE-2015-3996 (The default AFSecurityPolicy.validatesDomainName configuration for AFS ...)
 	- owncloud <not-affected> (iOS-specific)
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-012
-CVE-2015-3995
+CVE-2015-3995 (SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticat ...)
 	NOT-FOR-US: SAP HANA DB
-CVE-2015-3994
+CVE-2015-3994 (The grant.xsfunc application in testApps/grantAccess/ in the XS Engine ...)
 	NOT-FOR-US: SAP HANA DB
-CVE-2015-3993
+CVE-2015-3993 (Actian Matrix 5.1.x through 5.1.2.4 and 5.2.x through 5.2.0.1 allows r ...)
 	NOT-FOR-US: Actian Matrix
 CVE-2015-3992
 	RESERVED
-CVE-2015-3991
+CVE-2015-3991 (strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial o ...)
 	- strongswan 5.3.0-2
 	[jessie] - strongswan <not-affected> (only affects 5.2.2+ and 5.3.0+)
 	[wheezy] - strongswan <not-affected> (only affects 5.2.2+ and 5.3.0+)
 	[squeeze] - strongswan <not-affected> (only affects 5.2.2+ and 5.3.0+)
 	NOTE: http://www.strongswan.org/blog/2015/06/01/strongswan-vulnerability-(cve-2015-3991).html
-CVE-2015-3990
+CVE-2015-3990 (The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analy ...)
 	NOT-FOR-US: Dell
-CVE-2015-3989
+CVE-2015-3989 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 befor ...)
 	NOT-FOR-US: concrete5
-CVE-2015-4026
+CVE-2015-4026 (The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.2 ...)
 	{DSA-3280-1 DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68598
 	NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
-CVE-2015-4025
+CVE-2015-4025 (PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncat ...)
 	{DSA-3280-1 DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69418
 	NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
-CVE-2015-4024
+CVE-2015-4024 (Algorithmic complexity vulnerability in the multipart_buffer_headers f ...)
 	{DSA-3280-1}
 	- php5 5.6.9+dfsg-1
 	[squeeze] - php5 <no-dsa> (Too intrusive to backport)
@@ -15330,86 +15330,86 @@ CVE-2015-4024
 	NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
 	- hhvm 3.11.0+dfsg-1
 	NOTE: HHVM fix: https://github.com/facebook/hhvm/commit/6188457bd90ed2f3516e778dca8e91536d91802e
-CVE-2015-4022
+CVE-2015-4022 (Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP b ...)
 	{DSA-3280-1 DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69545
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/18/2
 	NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
-CVE-2015-4021
+CVE-2015-4021 (The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41 ...)
 	{DSA-3280-1 DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69453
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c27f012b7a447e59d4a704688971cbfa7dddaa74
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/17/2 and http://www.openwall.com/lists/oss-security/2015/05/18/2
 	NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
-CVE-2015-3987
+CVE-2015-3987 (Multiple unquoted Windows search path vulnerabilities in the (1) Clien ...)
 	NOT-FOR-US: McAfee
-CVE-2015-3986
+CVE-2015-3986 (Cross-site request forgery (CSRF) vulnerability in the TheCartPress eC ...)
 	NOT-FOR-US: TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress
 CVE-2015-3985
 	RESERVED
 CVE-2015-3984
 	RESERVED
-CVE-2015-3983
+CVE-2015-3983 (The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the  ...)
 	- pcs <not-affected> (Fixed before initial release to Debian)
 	NOTE: https://github.com/feist/pcs/commit/898204596a779673c88097bbdbe2d7ed6ed0cc8b (0.9.140)
-CVE-2015-3982
+CVE-2015-3982 (The session.flush function in the cached_db backend in Django 1.8.x be ...)
 	- python-django <not-affected> (Only affects 1.8 and development branch)
 	NOTE: https://www.djangoproject.com/weblog/2015/may/20/security-release/
-CVE-2015-3981
+CVE-2015-3981 (SAP NetWeaver RFC SDK allows attackers to obtain sensitive information ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2015-3980
+CVE-2015-3980 (SQL injection vulnerability in the Business Rules Framework (CRM-BF-BR ...)
 	NOT-FOR-US: SAP CRM
-CVE-2015-3979
+CVE-2015-3979 (Unspecified vulnerability in the Business Rules Framework (CRM-BF-BRF) ...)
 	NOT-FOR-US: SAP CRM
-CVE-2015-3978
+CVE-2015-3978 (SAP Sybase Unwired Platform Online Data Proxy allows local users to ob ...)
 	NOT-FOR-US: SAP Sybase Unwired Platform Online Data Proxy
-CVE-2015-3977
+CVE-2015-3977 (Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1 ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2015-3976
+CVE-2015-3976 (Cross-site scripting (XSS) vulnerability in GE Multilink ML810/3000/31 ...)
 	NOT-FOR-US: GE
 CVE-2015-3975
 	REJECTED
-CVE-2015-3974
+CVE-2015-3974 (EasyIO EasyIO-30P-SF controllers with firmware before 0.5.21 and 2.x b ...)
 	NOT-FOR-US: EasyIO EasyIO-30P-SF controllers
-CVE-2015-3973
+CVE-2015-3973 (Janitza UMG 508, 509, 511, 604, and 605 devices improperly generate se ...)
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3972
+CVE-2015-3972 (The web interface on Janitza UMG 508, 509, 511, 604, and 605 devices s ...)
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3971
+CVE-2015-3971 (The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices ...)
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3970
+CVE-2015-3970 (Multiple cross-site scripting (XSS) vulnerabilities in the web interfa ...)
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3969
+CVE-2015-3969 (Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers ...)
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3968
+CVE-2015-3968 (The FTP service on Janitza UMG 508, 509, 511, 604, and 605 devices has ...)
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3967
+CVE-2015-3967 (Cross-site request forgery (CSRF) vulnerability on Janitza UMG 508, 50 ...)
 	NOT-FOR-US: Janitza UMG devices
-CVE-2015-3966
+CVE-2015-3966 (The IPsec SA establishment process on Innominate mGuard devices with f ...)
 	NOT-FOR-US: Innominate mGuard
 CVE-2015-3965
 	RESERVED
-CVE-2015-3964
+CVE-2015-3964 (SMA Solar Sunny WebBox has hardcoded passwords, which makes it easier  ...)
 	NOT-FOR-US: SMA Solar Sunny WebBox
-CVE-2015-3963
+CVE-2015-3963 (Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6 ...)
 	NOT-FOR-US: Wind River VxWorks as used on Schneider Electric devices
-CVE-2015-3962
+CVE-2015-3962 (Schneider Electric StruxureWare Building Expert MPM before 2.15 does n ...)
 	NOT-FOR-US: Schneider Electric StruxureWare
-CVE-2015-3961
+CVE-2015-3961 (The web-server component in MNS before 4.5.6 on Belden GarrettCom Magn ...)
 	NOT-FOR-US: Belden GarrettCom switches
-CVE-2015-3960
+CVE-2015-3960 (The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Ma ...)
 	NOT-FOR-US: Belden GarrettCom switches
-CVE-2015-3959
+CVE-2015-3959 (The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Ma ...)
 	NOT-FOR-US: Belden GarrrettCom switches
-CVE-2015-3958
+CVE-2015-3958 (Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibly oth ...)
 	NOT-FOR-US: Hospira LifeCare
-CVE-2015-3957
+CVE-2015-3957 (Hospira LifeCare PCA Infusion System before 7.0 stores private keys an ...)
 	NOT-FOR-US: Hospira LifeCare
 CVE-2015-3956
 	RESERVED
-CVE-2015-3955
+CVE-2015-3955 (Stack-based buffer overflow in Hospira LifeCare PCA Infusion System 5. ...)
 	NOT-FOR-US: Hospira LifeCare
 CVE-2015-3954
 	RESERVED
@@ -15417,50 +15417,50 @@ CVE-2015-3953
 	RESERVED
 CVE-2015-3952
 	RESERVED
-CVE-2015-3951
+CVE-2015-3951 (RLE Nova-Wind Turbine HMI devices store cleartext credentials, which a ...)
 	NOT-FOR-US: RLE Nova-Wind Turbines
-CVE-2015-3950
+CVE-2015-3950 (Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on  ...)
 	NOT-FOR-US: XZERES 442SR (wind turbine)
-CVE-2015-3949
+CVE-2015-3949 (Sinapsi eSolar Light with firmware before 2.0.3970_schsl_2.2.85 allows ...)
 	NOT-FOR-US: Sinapsi eSolar Light
-CVE-2015-3948
+CVE-2015-3948 (Cross-site scripting (XSS) vulnerability in Advantech WebAccess before ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2015-3947
+CVE-2015-3947 (SQL injection vulnerability in Advantech WebAccess before 8.1 allows r ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2015-3946
+CVE-2015-3946 (Cross-site request forgery (CSRF) vulnerability in Advantech WebAccess ...)
 	NOT-FOR-US: Advantech WebAccess
 CVE-2015-3945
 	REJECTED
 CVE-2015-3944
 	REJECTED
-CVE-2015-3943
+CVE-2015-3943 (Advantech WebAccess before 8.1 allows remote attackers to read sensiti ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2015-3942
+CVE-2015-3942 (Multiple cross-site scripting (XSS) vulnerabilities in the web-server  ...)
 	NOT-FOR-US: Belden GarrettCom switches
 CVE-2015-3941
 	REJECTED
-CVE-2015-3940
+CVE-2015-3940 (Untrusted search path vulnerability in Schneider Electric Wonderware S ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2015-3939
+CVE-2015-3939 (Directory traversal vulnerability in the NC854 and NC856 modules for I ...)
 	NOT-FOR-US: IDS RTU 850C devices
-CVE-2015-3938
+CVE-2015-3938 (The HTTP application on Mitsubishi Electric MELSEC FX3G PLC devices be ...)
 	NOT-FOR-US: Mitsubishi Electric MELSEC devices
 CVE-2015-3937
 	RESERVED
 CVE-2015-3936
 	RESERVED
-CVE-2015-3935
+CVE-2015-3935 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CR ...)
 	- dolibarr 3.5.7+dfsg1-1 (bug #787762)
 	[jessie] - dolibarr 3.5.5+dfsg1-1+deb8u1
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/2857
 	NOTE: https://github.com/GPCsolutions/dolibarr/commit/a7f6bbd316e9b96216e9b2c7a065c9251c9a8907
-CVE-2015-3934
+CVE-2015-3934 (Multiple SQL injection vulnerabilities in Fiyo CMS 2.0_1.9.1 allow rem ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2015-3933
+CVE-2015-3933 (Multiple SQL injection vulnerabilities in inc/lib/User.class.php in Me ...)
 	NOT-FOR-US: MetalGenix GeniXCMS
-CVE-2015-3932
+CVE-2015-3932 (Netlock Mokka before 2.7.8.1204 allows remote attackers to perform XML ...)
 	NOT-FOR-US: Netlock Mokka
-CVE-2015-3931
+CVE-2015-3931 (Microsec e-Szigno before 3.2.7.12 allows remote attackers to perform X ...)
 	NOT-FOR-US: Microsec e-Szigno
 CVE-2015-3930
 	RESERVED
@@ -15476,11 +15476,11 @@ CVE-2015-3925
 	RESERVED
 CVE-2015-3924
 	RESERVED
-CVE-2015-3923
+CVE-2015-3923 (Coppermine Photo Gallery before 1.5.36 allows remote attackers to enum ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2015-3922
+CVE-2015-3922 (Open redirect vulnerability in mode.php in Coppermine Photo Gallery be ...)
 	NOT-FOR-US: Coppermine Photo Gallery
-CVE-2015-3921
+CVE-2015-3921 (Cross-site scripting (XSS) vulnerability in contact.php in Coppermine  ...)
 	NOT-FOR-US: Coppermine Photo Gallery
 CVE-2015-3920
 	RESERVED
@@ -15496,13 +15496,13 @@ CVE-2015-3915
 	RESERVED
 CVE-2015-3914
 	RESERVED
-CVE-2015-3913
+CVE-2015-3913 (The IP stack in multiple Huawei Campus series switch models allows rem ...)
 	NOT-FOR-US: Huawei
-CVE-2015-3912
+CVE-2015-3912 (Huawei E355s Mobile WiFi with firmware before 22.158.45.02.625 and WEB ...)
 	NOT-FOR-US: Huawei
-CVE-2015-3911
+CVE-2015-3911 (Huawei E587 Mobile WiFi with firmware before 11.203.30.00.00 allows re ...)
 	NOT-FOR-US: Huawei
-CVE-2015-3910
+CVE-2015-3910 (Multiple unspecified vulnerabilities in Google V8 before 4.3.61.21, as ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
@@ -15511,13 +15511,13 @@ CVE-2015-3910
 	NOTE: libv8 not covered by security support
 CVE-2015-3909
 	RESERVED
-CVE-2015-3908
+CVE-2015-3908 (Ansible before 1.9.2 does not verify that the server hostname matches  ...)
 	- ansible 1.9.2+dfsg-1 (low)
 	[jessie] - ansible <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/14/4
 CVE-2015-3907
 	RESERVED
-CVE-2015-3906
+CVE-2015-3906 (The logcat_dump_text function in wiretap/logcat.c in the Android Logca ...)
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -15525,11 +15525,11 @@ CVE-2015-3906
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-18.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11188
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b3b1f7c3aa2233a147294bad833b748d38fba84d
-CVE-2015-3904
+CVE-2015-3904 (Multiple cross-site scripting (XSS) vulnerabilities in roomcloud.php i ...)
 	NOT-FOR-US: Roomcloud plugin for WordPress
 CVE-2015-3901
 	RESERVED
-CVE-2015-3900
+CVE-2015-3900 (RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4 ...)
 	- rubygems <not-affected> (Affects versions between 2.0 and 2.4.6)
 	- libgems-ruby <not-affected> (Affects versions between 2.0 and 2.4.6)
 	- ruby1.8 <not-affected> (Vulnerable code not present)
@@ -15546,9 +15546,9 @@ CVE-2015-3900
 	NOTE: http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html
 CVE-2015-3899
 	RESERVED
-CVE-2015-3898
+CVE-2015-3898 (Multiple open redirect vulnerabilities in Bonita BPM Portal before 6.5 ...)
 	NOT-FOR-US: Bonita BPM Portal
-CVE-2015-3897
+CVE-2015-3897 (Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 al ...)
 	NOT-FOR-US: Bonita BPM Portal
 CVE-2015-3896
 	RESERVED
@@ -15562,66 +15562,66 @@ CVE-2015-3892
 	RESERVED
 CVE-2015-3891
 	RESERVED
-CVE-2015-3890
+CVE-2015-3890 (Use-after-free vulnerability in Open Litespeed before 1.3.10. ...)
 	NOT-FOR-US: Open Litespeed
 CVE-2015-3889
 	RESERVED
-CVE-2015-3888
+CVE-2015-3888 (Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof pho ...)
 	NOT-FOR-US: Jolla Sailfish OS
-CVE-2015-3887
+CVE-2015-3887 (Untrusted search path vulnerability in ProxyChains-NG before 4.9 allow ...)
 	NOT-FOR-US: proxychains-ng
 	NOTE: proxychains does not contain the vulnerable code
-CVE-2015-3884
+CVE-2015-3884 (Unrestricted file upload vulnerability in the (1) myAccount, (2) proje ...)
 	NOT-FOR-US: qdPM
-CVE-2015-3883
+CVE-2015-3883 (Multiple cross-site scripting (XSS) vulnerabilities in qdPM 8.3 allow  ...)
 	NOT-FOR-US: qdPM
-CVE-2015-3882
+CVE-2015-3882 (qdPM 8.3 allows remote attackers to obtain sensitive information via i ...)
 	NOT-FOR-US: qdPM
-CVE-2015-3881
+CVE-2015-3881 (Information disclosure issue in qdPM 8.3 allows remote attackers to ob ...)
 	NOT-FOR-US: qdPM
-CVE-2015-3879
+CVE-2015-3879 (Media Player Framework in Android before 5.1.1 LMY48T allows attackers ...)
 	NOT-FOR-US: Media Player Framework in Android
-CVE-2015-3878
+CVE-2015-3878 (Media Projection in Android 5.x before 5.1.1 LMY48T and 6.0 before 201 ...)
 	NOT-FOR-US: Media Projection in Android
-CVE-2015-3877
+CVE-2015-3877 (Skia, as used in Android before 5.1.1 LMY48T, allows remote attackers  ...)
 	NOT-FOR-US: Skia, as used in Android
-CVE-2015-3876
+CVE-2015-3876 (libstagefright in Android through 5.1.1 LMY48M allows remote attackers ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3875
+CVE-2015-3875 (libutils in Android before 5.1.1 LMY48T allows remote attackers to exe ...)
 	- android-platform-frameworks-native <unfixed> (unimportant; bug #806375)
-CVE-2015-3874
+CVE-2015-3874 (The Sonivox components in Android before 5.1.1 LMY48T allow remote att ...)
 	NOT-FOR-US: The Sonivox components in Android
-CVE-2015-3873
+CVE-2015-3873 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3872
+CVE-2015-3872 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3871
+CVE-2015-3871 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3870
+CVE-2015-3870 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3869
+CVE-2015-3869 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3868
+CVE-2015-3868 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3867
+CVE-2015-3867 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
 CVE-2015-3866
 	RESERVED
-CVE-2015-3865
+CVE-2015-3865 (The Runtime subsystem in Android before 5.1.1 LMY48T allows attackers  ...)
 	NOT-FOR-US: The Runtime subsystem in Android
-CVE-2015-3864
+CVE-2015-3864 (Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4E ...)
 	NOT-FOR-US: libstagefright in mediaserver in Android
-CVE-2015-3863
+CVE-2015-3863 (Multiple integer overflows in the Blob class in keystore/keystore.cpp  ...)
 	NOT-FOR-US: Keystore in Android
-CVE-2015-3862
+CVE-2015-3862 (mediaserver in Android before 5.1.1 LMY48T allows attackers to cause a ...)
 	NOT-FOR-US: mediaserver in Android
-CVE-2015-3861
+CVE-2015-3861 (Multiple integer overflows in the addVorbisCodecInfo function in matro ...)
 	NOT-FOR-US: libstagefright in mediaserver in Android
-CVE-2015-3860
+CVE-2015-3860 (packages/Keyguard/res/layout/keyguard_password_view.xml in Lockscreen  ...)
 	NOT-FOR-US: Lockscreen in Android
 CVE-2015-3859
 	RESERVED
-CVE-2015-3858
+CVE-2015-3858 (The checkDestination function in internal/telephony/SMSDispatcher.java ...)
 	NOT-FOR-US: Android
 CVE-2015-3857
 	RESERVED
@@ -15629,7 +15629,7 @@ CVE-2015-3856
 	RESERVED
 CVE-2015-3855
 	RESERVED
-CVE-2015-3854
+CVE-2015-3854 (packages/SystemUI/src/com/android/systemui/power/PowerNotificationWarn ...)
 	NOT-FOR-US: Android
 CVE-2015-3853
 	RESERVED
@@ -15639,59 +15639,59 @@ CVE-2015-3851
 	RESERVED
 CVE-2015-3850
 	RESERVED
-CVE-2015-3849
+CVE-2015-3849 (The Region_createFromParcel function in core/jni/android/graphics/Regi ...)
 	NOT-FOR-US: Region in Android
 CVE-2015-3848
 	RESERVED
-CVE-2015-3847
+CVE-2015-3847 (Bluetooth in Android before 5.1.1 LMY48T allows attackers to remove st ...)
 	NOT-FOR-US: Bluetooth in Android
 CVE-2015-3846
 	RESERVED
-CVE-2015-3845
+CVE-2015-3845 (The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in ...)
 	NOT-FOR-US: Binder in Android
-CVE-2015-3844
+CVE-2015-3844 (The getProcessRecordLocked method in services/core/java/com/android/se ...)
 	NOT-FOR-US: ActivityManager in Android
-CVE-2015-3843
+CVE-2015-3843 (The SIM Toolkit (STK) framework in Android before 5.1.1 LMY48I allows  ...)
 	NOT-FOR-US: SIM Toolkit (STK) framework in Android
-CVE-2015-3842
+CVE-2015-3842 (Multiple heap-based buffer overflows in libeffects in the Audio Policy ...)
 	NOT-FOR-US: Android
 CVE-2015-3841
 	RESERVED
-CVE-2015-3840
+CVE-2015-3840 (The MessageStatusReceiver service in the AndroidManifest.XML in Androi ...)
 	NOT-FOR-US: MessageStatusReceiver in Android
-CVE-2015-3839
+CVE-2015-3839 (The updateMessageStatus function in Android 5.1.1 and earlier allows l ...)
 	NOT-FOR-US: Android
 CVE-2015-3838
 	RESERVED
-CVE-2015-3837
+CVE-2015-3837 (The OpenSSLX509Certificate class in org/conscrypt/OpenSSLX509Certifica ...)
 	NOT-FOR-US: Android
-CVE-2015-3836
+CVE-2015-3836 (The Parse_wave function in arm-wt-22k/lib_src/eas_mdls.c in the Sonivo ...)
 	NOT-FOR-US: Sonivox DLS-to-EAS converter in Android
-CVE-2015-3835
+CVE-2015-3835 (Buffer overflow in the OMXNodeInstance::emptyBuffer function in omx/OM ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3834
+CVE-2015-3834 (Multiple integer overflows in the BnHDCP::onTransact function in media ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3833
+CVE-2015-3833 (The getRunningAppProcesses function in services/core/java/com/android/ ...)
 	NOT-FOR-US: Android
-CVE-2015-3832
+CVE-2015-3832 (Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in A ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3831
+CVE-2015-3831 (Buffer overflow in the readAt function in BpMediaHTTPConnection in med ...)
 	NOT-FOR-US: mediaserver service in Android
-CVE-2015-3830
+CVE-2015-3830 (The stock Android browser address bar in all Android operating systems ...)
 	NOT-FOR-US: Android
-CVE-2015-3829
+CVE-2015-3829 (Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Ex ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3828
+CVE-2015-3828 (The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp i ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3827
+CVE-2015-3827 (The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libst ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3826
+CVE-2015-3826 (The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp i ...)
 	NOT-FOR-US: libstagefright in Android
 CVE-2015-3825
 	REJECTED
-CVE-2015-3824
+CVE-2015-3824 (The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libst ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-3823
+CVE-2015-3823 (libstagefright in Android before 5.1.1 LMY48T allows remote attackers  ...)
 	NOT-FOR-US: libstagefright in Android
 CVE-2015-3822
 	RESERVED
@@ -15707,27 +15707,27 @@ CVE-2015-3817
 	RESERVED
 CVE-2015-3816
 	RESERVED
-CVE-2015-3903
+CVE-2015-3903 (libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x ...)
 	{DSA-3382-1}
 	- phpmyadmin 4:4.4.6.1-1 (unimportant)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2015-3902
+CVE-2015-3902 (Multiple cross-site request forgery (CSRF) vulnerabilities in the setu ...)
 	{DSA-3382-1 DLA-336-1}
 	- phpmyadmin 4:4.4.6.1-1 (unimportant)
-CVE-2015-4036
+CVE-2015-4036 (Array index error in the tcm_vhost_make_tpg function in drivers/vhost/ ...)
 	- linux 3.16.7-ckt9-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=59c816c1f24df0204e01851431d3bab3eb76719c (v4.0-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/13/4
-CVE-2015-3988
+CVE-2015-3988 (Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashb ...)
 	- horizon 2015.1.0-2 (bug #786741)
 	[jessie] - horizon <not-affected> (Vulnerable code not present)
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/12/9
-CVE-2015-3886
+CVE-2015-3886 (libinfinity before 0.6.6-1 does not validate expired SSL certificates, ...)
 	- libinfinity 0.6.6-1 (bug #783601)
 	[jessie] - libinfinity 0.6.6-1~deb8u1
 	[wheezy] - libinfinity <not-affected> (vulnerable code not present)
@@ -15735,31 +15735,31 @@ CVE-2015-3886
 	NOTE: https://github.com/gobby/libinfinity/commit/c97f870f5ae13112988d9f8ad464b4f679903706
 	NOTE: https://github.com/gobby/gobby/issues/61
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/12/1
-CVE-2015-3815
+CVE-2015-3815 (The detect_version function in wiretap/logcat.c in the Android Logcat  ...)
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-18.html
-CVE-2015-3814
+CVE-2015-3814 (The (1) dissect_tfs_request and (2) dissect_tfs_response functions in  ...)
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-17.html
-CVE-2015-3813
+CVE-2015-3813 (The fragment_add_work function in epan/reassemble.c in the packet-reas ...)
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-16.html
-CVE-2015-3812
+CVE-2015-3812 (Multiple memory leaks in the x11_init_protocol function in epan/dissec ...)
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-15.html
-CVE-2015-3811
+CVE-2015-3811 (epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x  ...)
 	{DSA-3277-1 DLA-241-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark 1.8.2-5wheezy16
@@ -15767,360 +15767,360 @@ CVE-2015-3811
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-14.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10978
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a6fc6aa0b4efc1a1c3d7a2e3b5189e888fb6ccc2
-CVE-2015-3810
+CVE-2015-3810 (epan/dissectors/packet-websocket.c in the WebSocket dissector in Wires ...)
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-13.html
-CVE-2015-3809
+CVE-2015-3809 (The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the ...)
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11036
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-12.html
-CVE-2015-3808
+CVE-2015-3808 (The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the ...)
 	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11036
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-12.html
-CVE-2015-3807
+CVE-2015-3807 (libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remot ...)
 	NOT-FOR-US: Apple
-CVE-2015-3806
+CVE-2015-3806 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to by ...)
 	NOT-FOR-US: Apple
-CVE-2015-3805
+CVE-2015-3805 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to by ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3804
+CVE-2015-3804 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows re ...)
 	NOT-FOR-US: Apple
-CVE-2015-3803
+CVE-2015-3803 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to by ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3802
+CVE-2015-3802 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to by ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3801
+CVE-2015-3801 (The document.cookie API implementation in the CFNetwork Cookies subsys ...)
 	NOT-FOR-US: Apple
-CVE-2015-3800
+CVE-2015-3800 (The DiskImages component in Apple iOS before 8.4.1 and OS X before 10. ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3799
+CVE-2015-3799 (The Apple ID OD plug-in in Apple OS X before 10.10.5 allows attackers  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3798
+CVE-2015-3798 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.1 ...)
 	NOT-FOR-US: Apple
-CVE-2015-3797
+CVE-2015-3797 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.1 ...)
 	NOT-FOR-US: Apple
-CVE-2015-3796
+CVE-2015-3796 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.1 ...)
 	NOT-FOR-US: Apple
-CVE-2015-3795
+CVE-2015-3795 (libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attack ...)
 	NOT-FOR-US: Apple
-CVE-2015-3794
+CVE-2015-3794 (The Speech UI in Apple OS X before 10.10.5, when speech alerts are ena ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3793
+CVE-2015-3793 (CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3792
+CVE-2015-3792 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ex ...)
 	NOT-FOR-US: QuickTime
-CVE-2015-3791
+CVE-2015-3791 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ex ...)
 	NOT-FOR-US: QuickTime
-CVE-2015-3790
+CVE-2015-3790 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ex ...)
 	NOT-FOR-US: QuickTime
-CVE-2015-3789
+CVE-2015-3789 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ex ...)
 	NOT-FOR-US: QuickTime
-CVE-2015-3788
+CVE-2015-3788 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ex ...)
 	NOT-FOR-US: QuickTime
-CVE-2015-3787
+CVE-2015-3787 (The Bluetooth subsystem in Apple OS X before 10.10.5 allows remote att ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3786
+CVE-2015-3786 (The Bluetooth subsystem in Apple OS X before 10.10.5 does not properly ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3785
+CVE-2015-3785 (The Telephony component in Apple OS X before 10.11, when the Continuit ...)
 	NOT-FOR-US: Apple
-CVE-2015-3784
+CVE-2015-3784 (Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3783
+CVE-2015-3783 (SceneKit in Apple OS X before 10.10.5 allows remote attackers to execu ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3782
+CVE-2015-3782 (CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows atta ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3781
+CVE-2015-3781 (Cross-site scripting (XSS) vulnerability in Quick Look in Apple OS X b ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3780
+CVE-2015-3780 (The Bluetooth subsystem in Apple OS X before 10.10.5 allows attackers  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3779
+CVE-2015-3779 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ex ...)
 	NOT-FOR-US: QuickTime
-CVE-2015-3778
+CVE-2015-3778 (bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote  ...)
 	NOT-FOR-US: Apple
-CVE-2015-3777
+CVE-2015-3777 (Multiple buffer overflows in blued in the Bluetooth subsystem in Apple ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3776
+CVE-2015-3776 (IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attacke ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3775
+CVE-2015-3775 (Apple OS X before 10.10.5 does not properly implement authentication,  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3774
+CVE-2015-3774 (The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, wh ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3773
+CVE-2015-3773 (The SMB client in Apple OS X before 10.10.5 allows remote attackers to ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3772
+CVE-2015-3772 (IOFireWireFamily in Apple OS X before 10.10.5 allows local users to ga ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3771
+CVE-2015-3771 (IOFireWireFamily in Apple OS X before 10.10.5 allows local users to ga ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3770
+CVE-2015-3770 (IOGraphics in Apple OS X before 10.10.5 allows attackers to execute ar ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3769
+CVE-2015-3769 (IOFireWireFamily in Apple OS X before 10.10.5 allows local users to ga ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3768
+CVE-2015-3768 (Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X befo ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3767
+CVE-2015-3767 (udf in Apple OS X before 10.10.5 allows local users to gain privileges ...)
 	NOT-FOR-US: Apple
-CVE-2015-3766
+CVE-2015-3766 (The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3765
+CVE-2015-3765 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ex ...)
 	NOT-FOR-US: Apple
-CVE-2015-3764
+CVE-2015-3764 (Notification Center in Apple OS X before 10.10.5 does not properly rem ...)
 	NOT-FOR-US: QuickTime
-CVE-2015-3763
+CVE-2015-3763 (Safari in Apple iOS before 8.4.1 does not limit the rate of JavaScript ...)
 	NOT-FOR-US: Safari
-CVE-2015-3762
+CVE-2015-3762 (The Text Formats component in Apple OS X before 10.10.5, as used in Te ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3761
+CVE-2015-3761 (The kernel in Apple OS X before 10.10.5 does not properly validate pat ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3760
+CVE-2015-3760 (dyld in Apple OS X before 10.10.5 does not properly validate pathnames ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3759
+CVE-2015-3759 (Location Framework in Apple iOS before 8.4.1 allows local users to byp ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3758
+CVE-2015-3758 (UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3757
+CVE-2015-3757 (Apple OS X before 10.10.5 does not properly restrict access to the Dat ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3756
+CVE-2015-3756 (The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 ce ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3755
+CVE-2015-3755 (WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before  ...)
 	NOT-FOR-US: Safari
-CVE-2015-3754
+CVE-2015-3754 (The private-browsing implementation in WebKit in Apple Safari before 6 ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3753
+CVE-2015-3753 (WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3752
+CVE-2015-3752 (The Content Security Policy implementation in WebKit in Apple Safari b ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3751
+CVE-2015-3751 (WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3750
+CVE-2015-3750 (WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3749
+CVE-2015-3749 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3748
+CVE-2015-3748 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3747
+CVE-2015-3747 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3746
+CVE-2015-3746 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3745
+CVE-2015-3745 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3744
+CVE-2015-3744 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3743
+CVE-2015-3743 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3742
+CVE-2015-3742 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3741
+CVE-2015-3741 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3740
+CVE-2015-3740 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3739
+CVE-2015-3739 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3738
+CVE-2015-3738 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3737
+CVE-2015-3737 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3736
+CVE-2015-3736 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3735
+CVE-2015-3735 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3734
+CVE-2015-3734 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3733
+CVE-2015-3733 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3732
+CVE-2015-3732 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3731
+CVE-2015-3731 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3730
+CVE-2015-3730 (WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-3729
+CVE-2015-3729 (Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as  ...)
 	NOT-FOR-US: Apple
-CVE-2015-3728
+CVE-2015-3728 (The WiFi Connectivity feature in Apple iOS before 8.4 allows remote Wi ...)
 	NOT-FOR-US: Apple iOS
-CVE-2015-3727
+CVE-2015-3727 (WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2015-3726
+CVE-2015-3726 (The Telephony subsystem in Apple iOS before 8.4 allows physically prox ...)
 	NOT-FOR-US: Apple iOS
-CVE-2015-3725
+CVE-2015-3725 (MobileInstallation in Apple iOS before 8.4 does not ensure the uniquen ...)
 	NOT-FOR-US: Apple iOS
-CVE-2015-3724
+CVE-2015-3724 (CoreGraphics in Apple iOS before 8.4 allows remote attackers to execut ...)
 	NOT-FOR-US: Apple iOS
-CVE-2015-3723
+CVE-2015-3723 (CoreGraphics in Apple iOS before 8.4 allows remote attackers to execut ...)
 	NOT-FOR-US: Apple iOS
-CVE-2015-3722
+CVE-2015-3722 (Application Store in Apple iOS before 8.4 does not ensure the uniquene ...)
 	NOT-FOR-US: Apple iOS
-CVE-2015-3721
+CVE-2015-3721 (The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not pr ...)
 	NOT-FOR-US: Apple iOS
-CVE-2015-3720
+CVE-2015-3720 (The kernel in Apple OS X before 10.10.4 does not properly manage memor ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3719
+CVE-2015-3719 (TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 1 ...)
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3718
+CVE-2015-3718 (systemstatsd in the System Stats subsystem in Apple OS X before 10.10. ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3717
+CVE-2015-3717 (Multiple buffer overflows in the printf functionality in SQLite, as us ...)
 	NOT-FOR-US: sqlite as shipped in iOS
 	NOTE: Fix for sqlite in iOS, upstream doesn't know whether it affects the standard
 	NOTE: code base, but Apple would probably have submitted a patch if that were the case
 	NOTE: sqlite-dev thread: https://groups.google.com/forum/#!topic/sqlite-dev/U7OjAbZO6LA
-CVE-2015-3716
+CVE-2015-3716 (Spotlight in Apple OS X before 10.10.4 allows attackers to execute arb ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3715
+CVE-2015-3715 (The code-signing implementation in Apple OS X before 10.10.4 does not  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3714
+CVE-2015-3714 (Apple OS X before 10.10.4 does not properly consider custom resource r ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3713
+CVE-2015-3713 (QuickTime in Apple OS X before 10.10.4 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3712
+CVE-2015-3712 (The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attacke ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3711
+CVE-2015-3711 (The NTFS implementation in Apple OS X before 10.10.4 allows attackers  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3710
+CVE-2015-3710 (Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote att ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3709
+CVE-2015-3709 (Race condition in kext tools in Apple OS X before 10.10.4 allows local ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3708
+CVE-2015-3708 (kextd in kext tools in Apple OS X before 10.10.4 allows attackers to w ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3707
+CVE-2015-3707 (The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 a ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3706
+CVE-2015-3706 (IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to e ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3705
+CVE-2015-3705 (IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to e ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3704
+CVE-2015-3704 (runner in Install.framework in the Install Framework Legacy subsystem  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3703
+CVE-2015-3703 (ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote  ...)
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3702
+CVE-2015-3702 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.1 ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3701
+CVE-2015-3701 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.1 ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3700
+CVE-2015-3700 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.1 ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3699
+CVE-2015-3699 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.1 ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3698
+CVE-2015-3698 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.1 ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3697
+CVE-2015-3697 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.1 ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3696
+CVE-2015-3696 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.1 ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3695
+CVE-2015-3695 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.1 ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3694
+CVE-2015-3694 (FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remo ...)
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3693
+CVE-2015-3693 (Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and othe ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3692
+CVE-2015-3692 (Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and othe ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3691
+CVE-2015-3691 (The Monitor Control Command Set kernel extension in the Display Driver ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3690
+CVE-2015-3690 (The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10 ...)
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3689
+CVE-2015-3689 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote ...)
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3688
+CVE-2015-3688 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote ...)
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3687
+CVE-2015-3687 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote ...)
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3686
+CVE-2015-3686 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote ...)
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3685
+CVE-2015-3685 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote ...)
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3684
+CVE-2015-3684 (The HTTPAuthentication implementation in CFNetwork in Apple iOS before ...)
 	NOT-FOR-US: Apple iOS and Apple OS X
-CVE-2015-3683
+CVE-2015-3683 (The Bluetooth HCI interface implementation in Apple OS X before 10.10. ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3682
+CVE-2015-3682 (Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote a ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3681
+CVE-2015-3681 (Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote a ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3680
+CVE-2015-3680 (Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote a ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3679
+CVE-2015-3679 (Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote a ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3678
+CVE-2015-3678 (AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local u ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3677
+CVE-2015-3677 (The LZVN compression feature in AppleFSCompression in Apple OS X befor ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3676
+CVE-2015-3676 (AppleGraphicsControl in Apple OS X before 10.10.4 allows attackers to  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3675
+CVE-2015-3675 (The default configuration of the Apache HTTP Server on Apple OS X befo ...)
 	- apache2 <not-affected> (default configuration on Apple OS X)
-CVE-2015-3674
+CVE-2015-3674 (afpserver in Apple OS X before 10.10.4 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3673
+CVE-2015-3673 (Admin Framework in Apple OS X before 10.10.4 does not properly restric ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3672
+CVE-2015-3672 (Admin Framework in Apple OS X before 10.10.4 does not properly handle  ...)
 	NOT-FOR-US: Apple OS X
-CVE-2015-3671
+CVE-2015-3671 (Admin Framework in Apple OS X before 10.10.4 does not properly verify  ...)
 	NOT-FOR-US: Apple OS X
 CVE-2015-3670
 	REJECTED
-CVE-2015-3669
+CVE-2015-3669 (QT Media Foundation in Apple QuickTime before 7.7.7 allows remote atta ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3668
+CVE-2015-3668 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X b ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3667
+CVE-2015-3667 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X b ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3666
+CVE-2015-3666 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X b ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3665
+CVE-2015-3665 (QT Media Foundation in Apple QuickTime before 7.7.7 allows remote atta ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3664
+CVE-2015-3664 (QT Media Foundation in Apple QuickTime before 7.7.7 allows remote atta ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3663
+CVE-2015-3663 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X b ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3662
+CVE-2015-3662 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X b ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3661
+CVE-2015-3661 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X b ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2015-3660
+CVE-2015-3660 (Cross-site scripting (XSS) vulnerability in the PDF functionality in W ...)
 	NOT-FOR-US: Apple WebKit
-CVE-2015-3659
+CVE-2015-3659 (The SQLite authorizer in the Storage functionality in WebKit in Apple  ...)
 	NOT-FOR-US: Apple WebKit
-CVE-2015-3658
+CVE-2015-3658 (The Page Loading functionality in WebKit in Apple Safari before 6.2.7, ...)
 	NOT-FOR-US: Apple WebKit
-CVE-2015-3657
+CVE-2015-3657 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before  ...)
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2015-3656
+CVE-2015-3656 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before  ...)
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2015-3655
+CVE-2015-3655 (Cross-site request forgery (CSRF) vulnerability in Aruba Networks Clea ...)
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2015-3654
+CVE-2015-3654 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before  ...)
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
-CVE-2015-3653
+CVE-2015-3653 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before  ...)
 	NOT-FOR-US: Aruba Networks ClearPass Policy Manager
 CVE-2015-3652
 	RESERVED
 CVE-2015-3651
 	RESERVED
-CVE-2015-3650
+CVE-2015-3650 (vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 an ...)
 	NOT-FOR-US: VMware
-CVE-2015-3649
+CVE-2015-3649 (The open-uri-cached rubygem allows local users to execute arbitrary Ru ...)
 	NOT-FOR-US: open-uri-cached rubygem
-CVE-2015-3648
+CVE-2015-3648 (Directory traversal vulnerability in pages/setup.php in Montala Limite ...)
 	NOT-FOR-US: ResourceSpace
-CVE-2015-3647
+CVE-2015-3647 (Multiple cross-site scripting (XSS) vulnerabilities in wppa-ajax-front ...)
 	NOT-FOR-US: WP Photo Album Plus (aka WPPA) plugin for WordPress
 CVE-2015-3645
 	RESERVED
-CVE-2015-3644
+CVE-2015-3644 (Stunnel 5.00 through 5.13, when using the redirect option, does not re ...)
 	{DSA-3299-1}
 	- stunnel4 3:5.18-1 (bug #785352)
 	[wheezy] - stunnel4 <not-affected> (Affects 5.00 through 5.13 with specfic configurations)
 	[squeeze] - stunnel4 <not-affected> (Affects 5.00 through 5.13 with specfic configurations)
 	NOTE: https://www.stunnel.org/CVE-2015-3644.html
-CVE-2015-3885
+CVE-2015-3885 (Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier ...)
 	{DSA-3692-1 DLA-243-1 DLA-228-1}
 	- dcraw 9.26-1 (bug #785019)
 	[jessie] - dcraw <no-dsa> (Minor issue)
@@ -16158,7 +16158,7 @@ CVE-2015-3885
 	NOTE: http://www.ocert.org/advisories/ocert-2015-006.html
 	NOTE: https://codesearch.debian.net/results/int%20CLASS%20ljpeg_start
 	NOTE: Starting with 2:13.2+dfsg1-5 xbmc is a transitional package
-CVE-2015-3880
+CVE-2015-3880 (Open redirect vulnerability in phpBB before 3.0.14 and 3.1.x before 3. ...)
 	- phpbb3 3.0.14-1
 	[jessie] - phpbb3 3.0.12-5+deb8u1
 	[wheezy] - phpbb3 3.0.10-4+deb7u3
@@ -16179,7 +16179,7 @@ CVE-2015-XXXX [didjvu: insecure use of /tmp when executing c44]
 	[wheezy] - didjvu 0.2.3-2+deb7u1
 	NOTE: https://bitbucket.org/jwilk/didjvu/issue/8
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/09/7
-CVE-2015-4146
+CVE-2015-4146 (The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 thro ...)
 	{DSA-3397-1}
 	- wpa 2.3-2.2 (bug #787371)
 	[wheezy] - wpa <not-affected> (Vulnerable code introduced later)
@@ -16190,7 +16190,7 @@ CVE-2015-4146
 	NOTE: http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt
 	NOTE: http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5
-CVE-2015-4145
+CVE-2015-4145 (The EAP-pwd server and peer implementation in hostapd and wpa_supplica ...)
 	{DSA-3397-1}
 	- wpa 2.3-2.2 (bug #787371)
 	[wheezy] - wpa <not-affected> (Vulnerable code introduced later)
@@ -16202,7 +16202,7 @@ CVE-2015-4145
 	NOTE: http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
 	NOTE: http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5
-CVE-2015-4144
+CVE-2015-4144 (The EAP-pwd server and peer implementation in hostapd and wpa_supplica ...)
 	{DSA-3397-1}
 	- wpa 2.3-2.2 (bug #787371)
 	[wheezy] - wpa <not-affected> (Vulnerable code introduced later)
@@ -16214,7 +16214,7 @@ CVE-2015-4144
 	NOTE: http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
 	NOTE: http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5
-CVE-2015-4143
+CVE-2015-4143 (The EAP-pwd server and peer implementation in hostapd and wpa_supplica ...)
 	{DSA-3397-1}
 	- wpa 2.3-2.2 (bug #787371)
 	- wpasupplicant <not-affected> (v1.0-v2.4 with CONFIG_EAP_PWD=y)
@@ -16224,7 +16224,7 @@ CVE-2015-4143
 	NOTE: http://w1.fi/security/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
 	NOTE: http://w1.fi/security/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5
-CVE-2015-4142
+CVE-2015-4142 (Integer underflow in the WMM Action frame parser in hostapd 0.5.5 thro ...)
 	{DSA-3397-1 DLA-260-1}
 	- wpa 2.3-2.2 (bug #787373)
 	- wpasupplicant <removed>
@@ -16233,7 +16233,7 @@ CVE-2015-4142
 	NOTE: http://w1.fi/security/2015-3/
 	NOTE: http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/09/5
-CVE-2015-4141
+CVE-2015-4141 (The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplican ...)
 	{DSA-3397-1}
 	- wpa 2.3-2.2 (bug #787372)
 	- wpasupplicant <removed> (unimportant)
@@ -16266,7 +16266,7 @@ CVE-2015-XXXX [incorrect substring matching when assigning pgp keys]
 	[jessie] - mew-beta 7.0.50~6.6+0.20140902-1+deb8u1
 	[wheezy] - mew-beta <no-dsa> (Minor issue)
 	[squeeze] - mew-beta <no-dsa> (Minor issue)
-CVE-2015-3429
+CVE-2015-3429 (Cross-site scripting (XSS) vulnerability in example.html in Genericons ...)
 	{DSA-3328-1}
 	- wordpress 4.2.2+dfsg-1 (bug #784603)
 	[wheezy] - wordpress <not-affected> (twentyfifteen theme not present)
@@ -16278,65 +16278,65 @@ CVE-2015-3429
 	NOTE: will enericons example.html files if present. As the file was included
 	NOTE: in other popular themes and plugins maybe it should as well be included
 	NOTE: in an update for wordpress for wheezy?
-CVE-2015-3643
+CVE-2015-3643 (usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.5 ...)
 	NOT-FOR-US: usb-creator
-CVE-2015-3642
+CVE-2015-3642 (The TLS and DTLS processing functionality in Citrix NetScaler Applicat ...)
 	NOT-FOR-US: Citrix
 CVE-2015-3641
 	RESERVED
-CVE-2015-3640
+CVE-2015-3640 (phpMyBackupPro 2.5 and earlier does not properly escape the "." charac ...)
 	NOT-FOR-US: phpMyBackupPro
-CVE-2015-3639
+CVE-2015-3639 (phpMyBackupPro 2.5 and earlier does not properly sanitize input string ...)
 	NOT-FOR-US: phpMyBackupPro
-CVE-2015-3638
+CVE-2015-3638 (phpMyBackupPro before 2.5 does not validate integer input, which allow ...)
 	NOT-FOR-US: phpMyBackupPro
-CVE-2015-3637
+CVE-2015-3637 (SQL injection vulnerability in phpMyBackupPro when run in multi-user m ...)
 	NOT-FOR-US: phpMyBackupPro
 CVE-2015-3635
 	RESERVED
-CVE-2015-3634
+CVE-2015-3634 (The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function  ...)
 	NOT-FOR-US: Slideshow plugin for Wordpress
-CVE-2015-3633
+CVE-2015-3633 (Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow rem ...)
 	NOT-FOR-US: Foxit Reader, Enterprise Reader, PhantomPDF
-CVE-2015-3632
+CVE-2015-3632 (Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow rem ...)
 	NOT-FOR-US: Foxit Reader, Enterprise Reader, PhantomPDF
-CVE-2015-3631
+CVE-2015-3631 (Docker Engine before 1.6.1 allows local users to set arbitrary Linux S ...)
 	- docker.io 1.6.1+dfsg1-1 (bug #784726)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
-CVE-2015-3630
+CVE-2015-3630 (Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, ...)
 	- docker.io 1.6.1+dfsg1-1 (bug #784726)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
-CVE-2015-3629
+CVE-2015-3629 (Libcontainer 1.6.0, as used in Docker Engine, allows local users to es ...)
 	- docker.io 1.6.1+dfsg1-1 (bug #784726)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
-CVE-2015-3628
+CVE-2015-3628 (The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Cont ...)
 	NOT-FOR-US: F5
-CVE-2015-3627
+CVE-2015-3627 (Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor  ...)
 	- docker.io 1.6.1+dfsg1-1 (bug #784726)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
-CVE-2015-3626
+CVE-2015-3626 (Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in t ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2015-3625
+CVE-2015-3625 (The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.7 ...)
 	- nvidia-graphics-drivers <not-affected> (FreeBSD drivers in separate blobs/source)
-CVE-2015-3624
+CVE-2015-3624 (Cross-site request forgery (CSRF) vulnerability in Test/WorkArea/DmsMe ...)
 	NOT-FOR-US: Ektron Content Management System
-CVE-2015-3623
+CVE-2015-3623 (XML external entity (XXE) vulnerability in QlikTech Qlikview before 11 ...)
 	NOT-FOR-US: QlikTech
-CVE-2015-3621
+CVE-2015-3621 (Untrusted search path vulnerability in SAP Enterprise Central Componen ...)
 	NOT-FOR-US: SAP ECC
-CVE-2015-3620
+CVE-2015-3620 (Cross-site scripting (XSS) vulnerability in the advanced dataset repor ...)
 	NOT-FOR-US: Fortinet FortiAnalyzer
-CVE-2015-3619
+CVE-2015-3619 (Cross-site scripting (XSS) vulnerability in assets/js/vm2admin.js in t ...)
 	NOT-FOR-US: Joomla addon
-CVE-2015-3618
+CVE-2015-3618 (Cross-site scripting (XSS) vulnerability in Nagios Business Process In ...)
 	NOT-FOR-US: Nagios Business Process Intelligence
-CVE-2015-3617
+CVE-2015-3617 (Fortinet FortiManager 5.0 before 5.0.11 and 5.2 before 5.2.2 allow loc ...)
 	NOT-FOR-US: Fortinet
-CVE-2015-3616
+CVE-2015-3616 (SQL injection vulnerability in Fortinet FortiManager 5.0.x before 5.0. ...)
 	NOT-FOR-US: Fortinet
-CVE-2015-3615
+CVE-2015-3615 (Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0. ...)
 	NOT-FOR-US: Fortinet
-CVE-2015-3614
+CVE-2015-3614 (Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows r ...)
 	NOT-FOR-US: Fortinet
 CVE-2015-3613
 	RESERVED
@@ -16344,7 +16344,7 @@ CVE-2015-3612
 	RESERVED
 CVE-2015-3611
 	RESERVED
-CVE-2015-3610
+CVE-2015-3610 (The Siemens HomeControl for Room Automation application before 2.0.1 f ...)
 	NOT-FOR-US: Siemens HomeControl for Room Automation application for Android
 CVE-2015-3609
 	RESERVED
@@ -16648,7 +16648,7 @@ CVE-2015-3461
 	RESERVED
 CVE-2015-3460
 	RESERVED
-CVE-2015-3905
+CVE-2015-3905 (Buffer overflow in the set_cs_start function in t1disasm.c in t1utils  ...)
 	{DLA-256-1}
 	- t1utils 1.38-4 (bug #779274)
 	[wheezy] - t1utils <no-dsa> (Minor issue)
@@ -16681,15 +16681,15 @@ CVE-2015-XXXX [BUG/MAJOR: http: prevent risk of reading past end with balance ur
 	[squeeze] - haproxy <not-affected> (Similar check was already present)
 	NOTE: Upstream fix: http://git.haproxy.org/?p=haproxy-1.5.git;a=commit;h=522aab39753e8ed13786bc57b03ef7ae4ffe6c87
 	NOTE: For squeeze, the above commit message implies that the fix does not need to be backported to version 1.4 and indeed, the code already contains a (different) check that limits the value of "len".
-CVE-2015-4017
+CVE-2015-4017 (Salt before 2014.7.6 does not verify certificates when connecting via  ...)
 	- salt <not-affected> (Vulnerable code not present in the version in Debian stable/unstable)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/02/1
-CVE-2015-3646
+CVE-2015-3646 (OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014 ...)
 	- keystone 2015.1.0-1
 	[jessie] - keystone <no-dsa> (Minor issue)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
 	NOTE: Affects: versions through 2014.1.4, and 2014.2 versions through 2014.2.3
-CVE-2015-3636
+CVE-2015-3636 (The ping_unhash function in net/ipv4/ping.c in the Linux kernel before ...)
 	{DSA-3290-1}
 	- linux 4.0.2-1
 	[jessie] - linux 3.16.7-ckt11-1
@@ -16697,13 +16697,13 @@ CVE-2015-3636
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a134f083e79fb4c3d0a925691e732c56911b4326 (v4.1-rc2)
 	NOTE: https://lkml.org/lkml/2011/5/13/382
-CVE-2015-3459
+CVE-2015-3459 (The communication module on the Hospira LifeCare PCA Infusion System b ...)
 	NOT-FOR-US: Hospira Lifecare PCA
-CVE-2015-3458
+CVE-2015-3458 (The fetchView function in the Mage_Core_Block_Template_Zend class in M ...)
 	NOT-FOR-US: Magento
-CVE-2015-3457
+CVE-2015-3457 (Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.1 ...)
 	NOT-FOR-US: Magento
-CVE-2015-3456
+CVE-2015-3456 (The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and ear ...)
 	{DSA-3274-1 DSA-3262-1 DSA-3259-1 DLA-268-1 DLA-249-1 DLA-248-1}
 	- qemu 1:2.3+dfsg-3
 	NOTE: qemu 1:2.3+dfsg-3 is  pending in the NEW queue
@@ -16720,25 +16720,25 @@ CVE-2015-3456
 	- virtualbox-ose <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/alert-cve-2015-3456-2542656.html
 	NOTE: http://venom.crowdstrike.com/
-CVE-2015-3454
+CVE-2015-3454 (TelescopeJS before 0.15 leaks user bcrypt password hashes in websocket ...)
 	NOT-FOR-US: TelescopeJS
 CVE-2015-3453
 	RESERVED
 CVE-2015-3452
 	RESERVED
-CVE-2015-3450
+CVE-2015-3450 (Heap-based buffer overflow in libaxl 0.6.9 allows attackers to cause a ...)
 	NOT-FOR-US: libaxl
-CVE-2015-3449
+CVE-2015-3449 (The Windows client in SAP Afaria 7.0.6398.0 uses weak permissions (Eve ...)
 	NOT-FOR-US: SAP Afaria
-CVE-2015-3448
+CVE-2015-3448 (REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and ...)
 	- ruby-rest-client 1.8.0-1
 	[jessie] - ruby-rest-client <no-dsa> (Minor issue, logging not enabled by default)
 	[wheezy] - ruby-rest-client <no-dsa> (Minor issue, logging not enabled by default)
 	- librestclient-ruby <removed>
 	[squeeze] - librestclient-ruby <no-dsa> (Minor issue, logging not enabled by default)
-CVE-2015-3447
+CVE-2015-3447 (Multiple cross-site scripting (XSS) vulnerabilities in macIpSpoofView. ...)
 	NOT-FOR-US: Dell SonicWALL SonicOS
-CVE-2015-3622
+CVE-2015-3622 (The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 ...)
 	{DSA-3256-1}
 	- libtasn1-6 4.4-3
 	- libtasn1-3 <not-affected> (Introduced with 3.6)
@@ -16746,36 +16746,36 @@ CVE-2015-3622
 	NOTE: http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435823a02f842c41d49cd41cc81f25b5d677
 	NOTE: Introduced by http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=609d5c1366fb424f6150c4eed358d246e61cf204 (libtasn1_3_6)
 	NOTE: DECR_LEN introduced in http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=154909136c12cfa5c60732b7210827dfb1ec6aee (libtasn1_3_6)
-CVE-2015-3455
+CVE-2015-3455 (Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, a ...)
 	- squid <removed> (unimportant)
 	- squid3 3.5.6-1 (unimportant)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2015_1.txt
 	NOTE: Only affects custom builds with --enable-ssl (disabled for license purposes in Debian)
-CVE-2015-3446
+CVE-2015-3446 (The Framework Daemon in AlienVault Unified Security Management before  ...)
 	NOT-FOR-US: AlienVault Unified Security Management
 CVE-2015-3445
 	RESERVED
 CVE-2015-3444
 	RESERVED
-CVE-2015-3443
+CVE-2015-3443 (Cross-site scripting (XSS) vulnerability in the basic dashboard in Thy ...)
 	NOT-FOR-US: Thycotic Secret Server
-CVE-2015-3442
+CVE-2015-3442 (Soreco Xpert.Line 3.0 allows local users to spoof users and consequent ...)
 	NOT-FOR-US: Soreco
-CVE-2015-3441
+CVE-2015-3441 (The Parental Control panel in Genexis devices with DRGOS before 1.14.1 ...)
 	NOT-FOR-US: Genexis devices
 CVE-2015-3437
 	RESERVED
-CVE-2015-3436
+CVE-2015-3436 (provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) be ...)
 	- zarafa <itp> (bug #658433)
-CVE-2015-3435
+CVE-2015-3435 (Samsung Security Manager (SSM) before 1.31 allows remote attackers to  ...)
 	NOT-FOR-US: Samsung Security Manager
 CVE-2015-3434
 	RESERVED
 CVE-2015-3433
 	RESERVED
-CVE-2015-3432
+CVE-2015-3432 (Multiple cross-site scripting (XSS) vulnerabilities in Pydio (formerly ...)
 	- ajaxplorer <itp> (bug #668381)
-CVE-2015-3431
+CVE-2015-3431 (Pydio (formerly AjaXplorer) before 6.0.7 allows remote attackers to ex ...)
 	- ajaxplorer <itp> (bug #668381)
 CVE-2015-3430
 	RESERVED
@@ -16789,17 +16789,17 @@ CVE-2015-3424
 	RESERVED
 CVE-2015-3423
 	RESERVED
-CVE-2015-3422
+CVE-2015-3422 (Cross-site scripting (XSS) vulnerability in SearchBlox before 8.2.1 al ...)
 	NOT-FOR-US: SearchBlox
-CVE-2015-3421
+CVE-2015-3421 (The eshop_checkout function in checkout.php in the Wordpress Eshop plu ...)
 	NOT-FOR-US: Wordpress Eshop
-CVE-2015-3419
+CVE-2015-3419 (vBulletin 5.x through 5.1.6 allows remote authenticated users to bypas ...)
 	NOT-FOR-US: vBulletin
 CVE-2015-3413
 	RESERVED
 	- hhvm 3.11.0+dfsg-1
 	NOTE: https://github.com/facebook/hhvm/commit/02a7a8f086c9181002fca0f0d9cef42963fdf46a
-CVE-2015-3412
+CVE-2015-3412 (PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does no ...)
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
@@ -16807,7 +16807,7 @@ CVE-2015-3412
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=52b93f0cfd3cba7ff98cc5198df6ca4f23865f80
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=4435b9142ff9813845d5c97ab29a5d637bedb257
 	NOTE: https://bugs.php.net/bug.php?id=69353
-CVE-2015-3411
+CVE-2015-3411 (PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does no ...)
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
@@ -16815,14 +16815,14 @@ CVE-2015-3411
 	NOTE: https://bugs.php.net/bug.php?id=69353
 CVE-2015-3410
 	RESERVED
-CVE-2015-3427
+CVE-2015-3427 (Quassel before 0.12.2 does not properly re-initialize the database ses ...)
 	{DSA-3258-1}
 	- quassel 1:0.10.0-2.4 (bug #783926)
 	[wheezy] - quassel <not-affected> (incomplete fix for CVE-2013-4422 not applied)
 	[squeeze] - quassel <not-affected> (incomplete fix for CVE-2013-4422 not applied)
 	NOTE: https://github.com/quassel/quassel/commit/6605882f41331c80f7ac3a6992650a702ec71283
 	NOTE: http://quassel-irc.org/node/120
-CVE-2015-3420
+CVE-2015-3420 (The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3  ...)
 	- dovecot 1:2.2.13-12 (bug #783649)
 	[jessie] - dovecot 1:2.2.13-12~deb8u1
 	[wheezy] - dovecot <not-affected> (Problematic patch introducing the issue not applied)
@@ -16835,7 +16835,7 @@ CVE-2015-3420
 	NOTE: returned error from dovecot, related to openssl bug:
 	NOTE: https://rt.openssl.org/Ticket/Display.html?id=3818&user=guest&pass=guest
 	NOTE: Possibly introduced due to http://web.archive.org/web/20150121182933/http://hg.dovecot.org:80/dovecot-2.2/rev/09d3c9c6f0ad
-CVE-2015-3440
+CVE-2015-3440 (Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in W ...)
 	{DSA-3250-1 DLA-236-1}
 	- wordpress 4.2.1+dfsg-1 (bug #783554)
 	NOTE: http://klikki.fi/adv/wordpress2.html
@@ -16859,36 +16859,36 @@ CVE-2015-XXXX [files with invalid or unsafe names could be uploaded]
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/26/2
 	NOTE: To be decided: http://www.openwall.com/lists/oss-security/2015/04/28/7
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/10/11
-CVE-2015-3439
+CVE-2015-3439 (Cross-site scripting (XSS) vulnerability in the Ephox (formerly Moxiec ...)
 	{DSA-3250-1 DLA-236-1}
 	- wordpress 4.2+dfsg-1 (bug #783347)
 	NOTE: http://codex.wordpress.org/Version_4.1.2
 	NOTE: https://wordpress.org/news/2015/04/wordpress-4-1-2/
-CVE-2015-3438
+CVE-2015-3438 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress befor ...)
 	{DSA-3250-1 DLA-236-1}
 	- wordpress 4.2+dfsg-1 (bug #783347)
 	NOTE: http://codex.wordpress.org/Version_4.1.2
 	NOTE: https://wordpress.org/news/2015/04/wordpress-4-1-2/
-CVE-2015-3451
+CVE-2015-3451 (The _clone function in XML::LibXML before 2.0119 does not properly set ...)
 	{DSA-3243-1 DLA-214-1}
 	- libxml-libxml-perl 2.0116+dfsg-2 (bug #783443)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/25/2
 	NOTE: https://bitbucket.org/shlomif/perl-xml-libxml/commits/5962fd067580767777e94640b129ae8930a68a30
 	NOTE: https://bitbucket.org/shlomif/perl-xml-libxml/commits/915f1dbaf21c5f3c21d7c519c70fd93859e47152
-CVE-2015-3418
+CVE-2015-3418 (The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserv ...)
 	{DLA-120-2}
 	- xorg-server 2:1.16.4-1 (bug #774308)
 	[wheezy] - xorg-server 2:1.12.4-6+deb7u6
 	NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=dc777c346d5d452a53b13b917c45f6a1bad2f20b
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=928520 (not public yet)
-CVE-2015-3417
+CVE-2015-3417 (Use-after-free vulnerability in the ff_h264_free_tables function in li ...)
 	{DSA-3288-1}
 	- ffmpeg 7:2.6.1-1
 	[squeeze] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav 6:11.4-1
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/e8714f6f93d1a32f4e4655209960afcf4c185214
-CVE-2015-3404
+CVE-2015-3404 (The Certify module before 6.x-2.3 for Drupal does not properly perform ...)
 	NOT-FOR-US: Certify module for Drupal
 CVE-2015-3403
 	RESERVED
@@ -16900,11 +16900,11 @@ CVE-2015-3399
 	RESERVED
 CVE-2015-3398
 	RESERVED
-CVE-2015-3397
+CVE-2015-3397 (Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.4 ...)
 	- yii <itp> (bug #597899)
 CVE-2015-3396
 	RESERVED
-CVE-2015-3395
+CVE-2015-3395 (The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and  ...)
 	{DSA-3288-1}
 	- ffmpeg 7:2.6.2-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -16915,150 +16915,150 @@ CVE-2015-3395
 	NOTE: Patch in libav: https://git.libav.org/?p=libav.git;a=commit;h=5ecabd3c54b7c802522dc338838c9a4c2dc42948
 CVE-2015-3394
 	RESERVED
-CVE-2015-3393
+CVE-2015-3393 (Open redirect vulnerability in the Commerce WeDeal module before 7.x-1 ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3392
+CVE-2015-3392 (Cross-site scripting (XSS) vulnerability in the Ajax Timeline module b ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3391
+CVE-2015-3391 (The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote at ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3390
+CVE-2015-3390 (Cross-site scripting (XSS) vulnerability in the Facebook Album Fetcher ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3389
+CVE-2015-3389 (Cross-site scripting (XSS) vulnerability in the Download counts report ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3388
+CVE-2015-3388 (Cross-site request forgery (CSRF) vulnerability in the Commerce Balanc ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3387
+CVE-2015-3387 (Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy To ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3386
+CVE-2015-3386 (Cross-site scripting (XSS) vulnerability in the Node Access Product mo ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3385
+CVE-2015-3385 (Cross-site scripting (XSS) vulnerability in the Taxonomy Path module b ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3384
+CVE-2015-3384 (Cross-site scripting (XSS) vulnerability in the Bank Account Listing P ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3383
+CVE-2015-3383 (Open redirect vulnerability in the Node basket module for Drupal allow ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3382
+CVE-2015-3382 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Node ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3381
+CVE-2015-3381 (Cross-site scripting (XSS) vulnerability in the Node basket module for ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3380
+CVE-2015-3380 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Feat ...)
 	NOT-FOR-US: Drupal addon
-CVE-2015-3379
+CVE-2015-3379 (The Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x  ...)
 	NOT-FOR-US: Drupal Views module
-CVE-2015-3378
+CVE-2015-3378 (Open redirect vulnerability in the Views module before 6.x-2.18, 6.x-3 ...)
 	NOT-FOR-US: Drupal Views module
 CVE-2015-3377
 	RESERVED
-CVE-2015-3376
+CVE-2015-3376 (Cross-site scripting (XSS) vulnerability in the Quizzler module before ...)
 	NOT-FOR-US: Quizzler module for Drupal
-CVE-2015-3375
+CVE-2015-3375 (Cross-site request forgery (CSRF) vulnerability in the Shibboleth Auth ...)
 	NOT-FOR-US: Shibboleth Authentication module for Drupal
-CVE-2015-3374
+CVE-2015-3374 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Corn ...)
 	NOT-FOR-US: Corner module fro Drupal
-CVE-2015-3373
+CVE-2015-3373 (The Amazon AWS module before 7.x-1.3 for Drupal uses the base URL and  ...)
 	NOT-FOR-US: Amazon AWS module for Drupal
-CVE-2015-3372
+CVE-2015-3372 (Cross-site scripting (XSS) vulnerability in the Node Invite module bef ...)
 	NOT-FOR-US: Node Invite module for Drupal
-CVE-2015-3371
+CVE-2015-3371 (Open redirect vulnerability in the Node Invite module before 6.x-2.5 f ...)
 	NOT-FOR-US: Node Invite module for Drupal
-CVE-2015-3370
+CVE-2015-3370 (Cross-site request forgery (CSRF) vulnerability in the Node Invite mod ...)
 	NOT-FOR-US: Node Invite module for Drupal
-CVE-2015-3369
+CVE-2015-3369 (Cross-site scripting (XSS) vulnerability in the Taxonews module before ...)
 	NOT-FOR-US: Taxonews module for Drupal
-CVE-2015-3368
+CVE-2015-3368 (Cross-site scripting (XSS) vulnerability in the administration user in ...)
 	NOT-FOR-US: Classified Ads module for Drupal
-CVE-2015-3367
+CVE-2015-3367 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Patt ...)
 	NOT-FOR-US: Ptterns module for Drupal
-CVE-2015-3366
+CVE-2015-3366 (Cross-site request forgery (CSRF) vulnerability in the Alfresco module ...)
 	NOT-FOR-US: Alfresco module for Drupal
-CVE-2015-3365
+CVE-2015-3365 (Cross-site scripting (XSS) vulnerability in the nodeauthor module for  ...)
 	NOT-FOR-US: nodeauthor module for Drupal
-CVE-2015-3364
+CVE-2015-3364 (Cross-site scripting (XSS) vulnerability in the Content Analysis modul ...)
 	NOT-FOR-US: Content Analysis module for Drupal
-CVE-2015-3363
+CVE-2015-3363 (Cross-site request forgery (CSRF) vulnerability in the Contact Form Fi ...)
 	NOT-FOR-US: Contact Forms Fields module for Drupal
-CVE-2015-3362
+CVE-2015-3362 (Cross-site scripting (XSS) vulnerability in the Video module before 7. ...)
 	NOT-FOR-US: Video module for Drupal
-CVE-2015-3361
+CVE-2015-3361 (Cross-site scripting (XSS) vulnerability in the Linkit module before 7 ...)
 	NOT-FOR-US: Linkit module for Drupal
-CVE-2015-3360
+CVE-2015-3360 (Cross-site scripting (XSS) vulnerability in the Term Merge module befo ...)
 	NOT-FOR-US: Term Merge module for Drupal
-CVE-2015-3359
+CVE-2015-3359 (Multiple cross-site scripting (XSS) vulnerabilities in the Room Reserv ...)
 	NOT-FOR-US: Room Reservations module for Drupal
-CVE-2015-3358
+CVE-2015-3358 (Multiple open redirect vulnerabilities in the Tadaa! module before 7.x ...)
 	NOT-FOR-US: Tadaa! module for Drupal
-CVE-2015-3357
+CVE-2015-3357 (Cross-site scripting (XSS) vulnerability in the Wishlist module before ...)
 	NOT-FOR-US: Wishlist module for Drupal
-CVE-2015-3356
+CVE-2015-3356 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Tada ...)
 	NOT-FOR-US: Tadaa! module for Drupal
-CVE-2015-3355
+CVE-2015-3355 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Batc ...)
 	NOT-FOR-US: Batch Jobs module for Drupal
-CVE-2015-3354
+CVE-2015-3354 (Cross-site request forgery (CSRF) vulnerability in the Wishlist module ...)
 	NOT-FOR-US: Drupal module Wishlist
-CVE-2015-3353
+CVE-2015-3353 (Cross-site scripting (XSS) vulnerability in the Field Display Label mo ...)
 	NOT-FOR-US: Field Display Label module for Drupal
-CVE-2015-3352
+CVE-2015-3352 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Jamm ...)
 	NOT-FOR-US: Drupal module Jammer
-CVE-2015-3351
+CVE-2015-3351 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Log  ...)
 	NOT-FOR-US: Log Watcher module for Drupal
-CVE-2015-3350
+CVE-2015-3350 (Cross-site request forgery (CSRF) vulnerability in the Todo Filter mod ...)
 	NOT-FOR-US: Drupal module Todo Filter
-CVE-2015-3349
+CVE-2015-3349 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Htac ...)
 	NOT-FOR-US: Htaccess module for Drupal
-CVE-2015-3348
+CVE-2015-3348 (Cross-site scripting (XSS) vulnerability in the Cloudwords for Multili ...)
 	NOT-FOR-US: Cloudwords for Multilingual Drupal module for Drupal
-CVE-2015-3347
+CVE-2015-3347 (Cross-site request forgery (CSRF) vulnerability in the Cloudwords for  ...)
 	NOT-FOR-US: Cloudwords for Multilingual Drupal module for Drupal
-CVE-2015-3346
+CVE-2015-3346 (SQL injection vulnerability in the WikiWiki module before 6.x-1.2 for  ...)
 	NOT-FOR-US: WikiWiki module for Drupal
-CVE-2015-3345
+CVE-2015-3345 (SQL injection vulnerability in the PHPlist Integration Module before 6 ...)
 	NOT-FOR-US: Drupal module PHPlist
-CVE-2015-3344
+CVE-2015-3344 (Cross-site scripting (XSS) vulnerability in the Course module 6.x-1.x  ...)
 	NOT-FOR-US: Drupal module Course
-CVE-2015-3343
+CVE-2015-3343 (Cross-site request forgery (CSRF) vulnerability in the OPAC module bef ...)
 	NOT-FOR-US: OPAC module for Drupal
-CVE-2015-3342
+CVE-2015-3342 (Open redirect vulnerability in the Ubercart Currency Conversion module ...)
 	NOT-FOR-US: Ubercart Currency Conversion module for Drupal
 CVE-2015-3341
 	RESERVED
-CVE-2015-3400
+CVE-2015-3400 (sharenfs 0.6.4, when built with commits bcdd594 and 7d08880 from the z ...)
 	- zfs-linux <not-affected> (Specific to packages on archive.zfsonlinux.org repositories)
 	NOTE: Issue with ZFS on Linux Debian packages specific as published in the archive.zfsonlinux.org repositories
 	NOTE: https://github.com/zfsonlinux/zfs/issues/3319
 CVE-2015-3338
 	RESERVED
-CVE-2015-3337
+CVE-2015-3337 (Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1. ...)
 	{DSA-3241-1}
 	- elasticsearch 1.0.3+dfsg-7
 	NOTE: https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released
-CVE-2015-3336
+CVE-2015-3336 (Google Chrome before 42.0.2311.90 does not always ask the user before  ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-3335
+CVE-2015-3335 (The NaClSandbox::InitializeLayerTwoSandbox function in components/nacl ...)
 	- chromium-browser <not-affected> (native client support not built)
-CVE-2015-3334
+CVE-2015-3334 (browser/ui/website_settings/website_settings.cc in Google Chrome befor ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-3333
+CVE-2015-3333 (Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-3340
+CVE-2015-3340 (Xen 4.2.x through 4.5.x does not initialize certain fields, which allo ...)
 	{DSA-3414-1}
 	- xen 4.6.0-1 (unimportant; bug #784011)
 	[wheezy] - xen 4.1.4-3+deb7u8
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-132.html
-CVE-2015-4605
+CVE-2015-4605 (The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo ...)
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1 (bug #783099)
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
@@ -17066,7 +17066,7 @@ CVE-2015-4605
 	- file <not-affected> (Not reproducible with file, see #783108)
 	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=f938112c495b0d26572435c0be73ac0bfe642ecd
 	NOTE: https://bugs.php.net/bug.php?id=68819
-CVE-2015-4604
+CVE-2015-4604 (The mget function in softmagic.c in file 5.x, as used in the Fileinfo  ...)
 	{DLA-307-1}
 	- php5 5.6.9+dfsg-1 (bug #783099)
 	[jessie] - php5 5.6.9+dfsg-0+deb8u1
@@ -17074,20 +17074,20 @@ CVE-2015-4604
 	- file <not-affected> (Not reproducible with file, see #783108)
 	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=f938112c495b0d26572435c0be73ac0bfe642ecd
 	NOTE: https://bugs.php.net/bug.php?id=68819
-CVE-2015-3339
+CVE-2015-3339 (Race condition in the prepare_binprm function in fs/exec.c in the Linu ...)
 	{DSA-3237-1 DLA-246-1}
 	- linux 3.16.7-ckt9-3
 	- linux-2.6 <removed>
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/20/1
-CVE-2015-7942
+CVE-2015-7942 (The xmlParseConditionalSections function in parser.c in libxml2 does n ...)
 	{DSA-3430-1 DLA-334-1}
 	- libxml2 2.9.3+dfsg1-1 (bug #802827)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=744980#c8
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756456#c0
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=bd0526e66a56e75a18da8c15c4750db8f801c52d
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=41ac9049a27f52e7a1f3b341f8714149fc88d450
-CVE-2015-7941
+CVE-2015-7941 (libxml2 2.9.2 does not properly stop parsing invalid input, which allo ...)
 	{DSA-3430-1 DLA-266-1}
 	- libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bug #783010)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=744980
@@ -17095,7 +17095,7 @@ CVE-2015-7941
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/22/5
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 (v2.9.3)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489 (v2.9.3)
-CVE-2015-8710
+CVE-2015-8710 (The htmlParseComment function in HTMLparser.c in libxml2 allows attack ...)
 	{DSA-3430-1 DLA-266-1}
 	- libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bug #782985)
 	NOTE: Added workaround item to reflect entry fixed status, remove once CVE assigned
@@ -17106,21 +17106,21 @@ CVE-2015-3328
 	RESERVED
 CVE-2015-3327
 	RESERVED
-CVE-2015-3326
+CVE-2015-3326 (Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix ...)
 	NOT-FOR-US: Trend Micro ScanMail for Exchange
-CVE-2015-3325
+CVE-2015-3325 (SQL injection vulnerability in forum.php in the WP Symposium plugin be ...)
 	NOT-FOR-US: WP Symposium plugin for WordPress
-CVE-2015-3324
+CVE-2015-3324 (The ThinkServer System Manager (TSM) Baseboard Management Controller b ...)
 	NOT-FOR-US: ThinkServer
-CVE-2015-3323
+CVE-2015-3323 (The ThinkServer System Manager (TSM) Baseboard Management Controller b ...)
 	NOT-FOR-US: ThinkServer
-CVE-2015-3322
+CVE-2015-3322 (Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers befor ...)
 	NOT-FOR-US: ThinkServer
-CVE-2015-3321
+CVE-2015-3321 (Services and files in Lenovo Fingerprint Manager before 8.01.42 have i ...)
 	NOT-FOR-US: Lenovo
-CVE-2015-3320
+CVE-2015-3320 (Lenovo USB Enhanced Performance Keyboard software before 2.0.2.2 inclu ...)
 	NOT-FOR-US: Lenovo USB Enhanced Performance Keyboard software
-CVE-2015-3330
+CVE-2015-3330 (The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP  ...)
 	{DSA-3198-1 DLA-212-1}
 	- php5 5.6.7+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69218
@@ -17128,40 +17128,40 @@ CVE-2015-3330
 	NOTE: Fixed by: http://git.php.net/?p=php-src.git;a=commit;h=809610f5ea38a83b284e1125d1fff129bdd615e7
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/17/3
 	NOTE: For details on scope of the CVE assignment: http://www.openwall.com/lists/oss-security/2015/04/17/7
-CVE-2015-3319
+CVE-2015-3319 (Hotspot Express hotEx Billing Manager 73 does not include the HTTPOnly ...)
 	NOT-FOR-US: Hotspot Express hotEx Billing Manager
-CVE-2015-3318
+CVE-2015-3318 (CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, ...)
 	NOT-FOR-US: CA Common Services in ca.com products
-CVE-2015-3317
+CVE-2015-3317 (CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, ...)
 	NOT-FOR-US: CA Common Services in ca.com products
-CVE-2015-3316
+CVE-2015-3316 (CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, ...)
 	NOT-FOR-US: CA Common Services in ca.com products
-CVE-2015-3314
+CVE-2015-3314 (SQL injection vulnerability in WordPress Tune Library plugin before 1. ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2015-3313
+CVE-2015-3313 (SQL injection vulnerability in WordPress Community Events plugin befor ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2015-3312
 	RESERVED
 CVE-2015-3311
 	RESERVED
-CVE-2015-3307
+CVE-2015-3307 (The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4. ...)
 	{DSA-3280-1 DLA-307-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69443
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=17cbd0b5b78a7500f185b3781a2149881bfff8ae
-CVE-2015-3329
+CVE-2015-3329 (Multiple stack-based buffer overflows in the phar_set_inode function i ...)
 	{DSA-3280-1 DLA-212-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c
 	NOTE: https://bugs.php.net/bug.php?id=69441
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/16/22
 	NOTE: Fixed in 5.6.8 and 5.4.40
-CVE-2015-3315
+CVE-2015-3315 (Automatic Bug Reporting Tool (ABRT) allows local users to read, change ...)
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
 CVE-2015-3309 [incomplete fix for CVE-2015-3297]
 	RESERVED
 	- etherpad-lite <itp> (bug #576998)
-CVE-2015-3308
+CVE-2015-3308 (Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3. ...)
 	[experimental] - gnutls28 3.3.14-1
 	- gnutls28 3.3.8-7 (bug #782776)
 	[jessie] - gnutls28 3.3.8-6+deb8u1
@@ -17174,30 +17174,30 @@ CVE-2015-3304
 	RESERVED
 CVE-2015-3303
 	RESERVED
-CVE-2015-3302
+CVE-2015-3302 (The TheCartPress eCommerce Shopping Cart (aka The Professional WordPre ...)
 	NOT-FOR-US: TheCartPress eCommerce Shopping Cart
-CVE-2015-3301
+CVE-2015-3301 (Directory traversal vulnerability in the TheCartPress eCommerce Shoppi ...)
 	NOT-FOR-US: TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress
-CVE-2015-3300
+CVE-2015-3300 (Multiple cross-site scripting (XSS) vulnerabilities in the TheCartPres ...)
 	NOT-FOR-US: TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress
-CVE-2015-3299
+CVE-2015-3299 (Cross-site scripting (XSS) vulnerability in the Floating Social Bar pl ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2015-3298
 	RESERVED
-CVE-2015-3296
+CVE-2015-3296 (Multiple cross-site scripting (XSS) vulnerabilities in NodeBB before 0 ...)
 	NOT-FOR-US: NodeBB
-CVE-2015-3295
+CVE-2015-3295 (markdown-it before 4.1.0 does not block data: URLs. ...)
 	- ruby-rails-assets-markdown-it 4.2.1-1
-CVE-2015-3294
+CVE-2015-3294 (The tcp_request function in Dnsmasq before 2.73rc4 does not properly h ...)
 	{DSA-3251-1 DLA-225-1}
 	- dnsmasq 2.72-3.1 (bug #783459)
 	NOTE: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=ad4a8ff7d9097008d7623df8543df435bfddeac8
-CVE-2015-3293
+CVE-2015-3293 (FortiMail 5.0.3 through 5.2.3 allows remote administrators to obtain c ...)
 	NOT-FOR-US: FortiMail
-CVE-2015-3292
+CVE-2015-3292 (The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 a ...)
 	NOT-FOR-US: NetApp OnCommand Workflow Automation
-CVE-2015-3291
+CVE-2015-3291 (arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_ ...)
 	{DSA-3313-1}
 	- linux 4.0.8-2
 	[wheezy] - linux <not-affected> (Present since 3.3)
@@ -17205,7 +17205,7 @@ CVE-2015-3291
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a27507ca2d796cfa8d907de31ad730359c8a6d06 (prerequisite)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=810bc075f78ff2c221536eb3008eac6a492dba2d
 	NOTE: Introduced around 3.3-rc1: (https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f3c8b8c4b2a34776c3470142a7c8baafcda6eb0)
-CVE-2015-3290
+CVE-2015-3290 (arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_ ...)
 	{DSA-3313-1}
 	- linux 4.0.8-2
 	[wheezy] - linux <not-affected> (Introduced in 3.13)
@@ -17213,89 +17213,89 @@ CVE-2015-3290
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9d05041679904b12c12421cbcf9cb5f4860a8d7b (prerequisite)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e181bb58143cb4a2e8f01c281b0816cd0e4798e (prerequisite)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a
-CVE-2015-3289
+CVE-2015-3289 (OpenStack Glance before 2015.1.1 (kilo) allows remote authenticated us ...)
 	- glance 2015.1.0-4 (bug #793896)
 	[jessie] - glance <not-affected> (Vulnerable code introduced later)
 	[wheezy] - glance <not-affected> (Vulnerable code introduced later)
-CVE-2015-3288
+CVE-2015-3288 (mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous page ...)
 	- linux 4.2-1
 	[jessie] - linux 3.16.7-ckt17-1
 	[wheezy] - linux 3.2.71-1
 	NOTE: https://git.kernel.org/linus/6b7339f4c31ad69c8e9c0b2859276e22cf72176d (v4.2-rc2)
 CVE-2015-3287
 	REJECTED
-CVE-2015-3286
+CVE-2015-3286 (Buffer overflow in the Solaris kernel extension in OpenAFS before 1.6. ...)
 	- openafs <not-affected> (The Solaris kernel extension in versions through 1.6.12)
 	NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-005.txt
-CVE-2015-3285
+CVE-2015-3285 (The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wr ...)
 	{DSA-3320-1 DLA-342-1}
 	- openafs 1.6.13-1
 	NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-004.txt
-CVE-2015-3284
+CVE-2015-3284 (pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kern ...)
 	{DSA-3320-1}
 	- openafs 1.6.13-1
 	[squeeze] - openafs <not-affected> (Only 1.6.0 trough 1.6.12)
 	NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-003.txt
-CVE-2015-3283
+CVE-2015-3283 (OpenAFS before 1.6.13 allows remote attackers to spoof bos commands vi ...)
 	{DSA-3320-1 DLA-342-1}
 	- openafs 1.6.13-1
 	NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-002.txt
-CVE-2015-3282
+CVE-2015-3282 (vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remot ...)
 	{DSA-3320-1 DLA-342-1}
 	- openafs 1.6.13-1
 	NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-001.txt
-CVE-2015-3281
+CVE-2015-3281 (The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1. ...)
 	{DSA-3301-1}
 	- haproxy 1.5.14-1
 	[squeeze] - haproxy <not-affected> (Affects 1.5.x and 1.6-dev only)
 	NOTE: http://git.haproxy.org/?p=haproxy-1.5.git;a=commitdiff;h=7ec765568883b2d4e5a2796adbeb492a22ec9bd4 (1.5.x)
-CVE-2015-3280
+CVE-2015-3280 (OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 20 ...)
 	- nova 1:12.0.0-2 (low; bug #798883)
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <not-affected> (Affected code introduced later)
 	NOTE: 2014.2 versions through 2014.2.3, and 2015.1 versions through 2015.1.1
-CVE-2015-3279
+CVE-2015-3279 (Integer overflow in filter/texttopdf.c in texttopdf in cups-filters be ...)
 	{DSA-3303-1 DLA-314-1}
 	- cups-filters 1.0.71-1
 	- cups 1.5.0-16
 	NOTE: cups moved filters to separate package in 1.5.0-16
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7365
-CVE-2015-3278
+CVE-2015-3278 (The cipherstring parsing code in nss_compat_ossl while in multi-keywor ...)
 	NOT-FOR-US: nss_compat_ossl (OpenSSL to NSS Porting Library)
-CVE-2015-3277
+CVE-2015-3277 (The mod_nss module before 1.0.11 in Fedora allows remote attackers to  ...)
 	- libapache2-mod-nss <removed> (bug #795657)
 	[stretch] - libapache2-mod-nss <no-dsa> (Minor issue)
 	[jessie] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	[wheezy] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	NOTE: Introduced by https://pagure.io/mod_nss/c/2d1650900f4d47dc43400d826c0f7e1a7c5229b8 (1.10.11)
-CVE-2015-3276
+CVE-2015-3276 (The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDA ...)
 	- openldap <unfixed> (unimportant)
 	NOTE: Debian builds with GNUTLS, not NSS
-CVE-2015-3275
+CVE-2015-3275 (Multiple cross-site scripting (XSS) vulnerabilities in the SCORM modul ...)
 	- moodle 2.7.9+dfsg-1 (bug #792242)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50614
-CVE-2015-3274
+CVE-2015-3274 (Cross-site scripting (XSS) vulnerability in the user_get_user_details  ...)
 	- moodle 2.7.9+dfsg-1 (bug #792242)
 	[squeeze] - moodle <not-affected> (Only similar function looks like the fixed version)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50130
-CVE-2015-3273
+CVE-2015-3273 (mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the  ...)
 	- moodle <not-affected> (Affects only 2.9)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50220
-CVE-2015-3272
+CVE-2015-3272 (Open redirect vulnerability in the clean_param function in lib/moodlel ...)
 	- moodle 2.7.9+dfsg-1 (bug #792242)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50688
-CVE-2015-3271
+CVE-2015-3271 (Apache Tika server (aka tika-server) in Apache Tika 1.9 might allow re ...)
 	- tika <not-affected> (The server isn't shipped in the Debian package)
 	NOTE: https://marc.info/?l=oss-security&m=143948566828051&w=2
-CVE-2015-3270
+CVE-2015-3270 (Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authent ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2015-3269
+CVE-2015-3269 (Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveC ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3268
+CVE-2015-3268 (Cross-site scripting (XSS) vulnerability in the DisplayEntityField.get ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2015-3267
+CVE-2015-3267 (Cross-site scripting (XSS) vulnerability in the 404 error page in Red  ...)
 	NOT-FOR-US: JBoss Operations Network
 CVE-2015-3266
 	RESERVED
@@ -17311,94 +17311,94 @@ CVE-2015-3261
 	RESERVED
 CVE-2015-3260
 	RESERVED
-CVE-2015-3259
+CVE-2015-3259 (Stack-based buffer overflow in the xl command line utility in Xen 4.1. ...)
 	{DSA-3414-1}
 	- xen 4.6.0-1 (low; bug #795721)
 	[wheezy] - xen <no-dsa> (Minor issue, xl not used in wheezy)
 	[squeeze] - xen <not-affected> (xl not shipped in Squeeze)
 	NOTE: http://xenbits.xen.org/xsa/advisory-137.html
-CVE-2015-3258
+CVE-2015-3258 (Heap-based buffer overflow in the WriteProlog function in filter/textt ...)
 	{DSA-3303-1 DLA-314-1}
 	- cups-filters 1.0.70-1
 	- cups 1.5.0-16
 	NOTE: cups moved filters to separate package in 1.5.0-16
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1235385
-CVE-2015-3257
+CVE-2015-3257 (Zend/Diactoros/Uri::filterPath in zend-diactoros before 1.0.4 does not ...)
 	NOT-FOR-US: zend-diactoros
 	NOTE: https://framework.zend.com/security/advisory/ZF2015-05
-CVE-2015-3256
+CVE-2015-3256 (PolicyKit (aka polkit) before 0.113 allows local users to cause a deni ...)
 	- policykit-1 <not-affected> (The Policykit versions which rely on Javascript/Spidermonkey haven't been uploaded to unstable)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=69501
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=910262#c75
-CVE-2015-3255
+CVE-2015-3255 (The polkit_backend_action_pool_init function in polkitbackend/polkitba ...)
 	[experimental] - policykit-1 0.113-1
 	- policykit-1 0.105-12 (bug #796134)
 	[jessie] - policykit-1 0.105-15~deb8u1
 	[wheezy] - policykit-1 <no-dsa> (Minor issue)
 	[squeeze] - policykit-1 <no-dsa> (Minor issue)
 	NOTE: http://cgit.freedesktop.org/polkit/commit/?id=9f5e0c731784003bd4d6fc75ab739ff8b2ea269f
-CVE-2015-3254
+CVE-2015-3254 (The client libraries in Apache Thrift before 0.9.3 might allow remote  ...)
 	- thrift-compiler <not-affected> (Vulnerable code not present)
 	NOTE: Affects src:thrift, which is only in experimental. The issue is fixed upstream in 0.9.3
 	NOTE: so any future upload of thrift to unstable can mark this item as <not-affected> (fixed
 	NOTE: before the initial upload to Debian unstable)
-CVE-2015-3253
+CVE-2015-3253 (The MethodClosure class in runtime/MethodClosure.java in Apache Groovy ...)
 	{DLA-274-1}
 	- groovy 2.4.6-1 (bug #793397)
 	[jessie] - groovy 1.8.6-4+deb8u1
 	[wheezy] - groovy 1.8.6-1+deb7u1
 	- groovy2 2.2.2+dfsg-5 (bug #793398)
 	[jessie] - groovy2 2.2.2+dfsg-3+deb8u1
-CVE-2015-3252
+CVE-2015-3252 (Apache CloudStack before 4.5.2 does not properly preserve VNC password ...)
 	NOT-FOR-US: Apache CloudStack
-CVE-2015-3251
+CVE-2015-3251 (Apache CloudStack before 4.5.2 might allow remote authenticated admini ...)
 	NOT-FOR-US: Apache CloudStack
-CVE-2015-3250
+CVE-2015-3250 (Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct ...)
 	- apache-directory-api 1.0.0~M20-3 (bug #791957)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/07/5
-CVE-2015-3249
+CVE-2015-3249 (The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before  ...)
 	- trafficserver 5.3.1-1
 	[wheezy] - trafficserver <not-affected> (HTTP2 support does not exist)
 	NOTE: http://mail-archives.us.apache.org/mod_mbox/www-announce/201507.mbox/%3CCABF6JR37mWzDmXDqRQwRUXiojBZrhidndnsY1ZgmcZv-o7-a+g@mail.gmail.com%3E
-CVE-2015-3248
+CVE-2015-3248 (openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable permis ...)
 	- openhpi <not-affected> (Only affects RPM packaging, in Debian directory is not world-writable, bug #789543)
-CVE-2015-3247
+CVE-2015-3247 (Race condition in the worker_update_monitors_config function in SPICE  ...)
 	{DSA-3354-1}
 	- spice 0.12.5-1.2 (bug #797976)
 	[wheezy] - spice <not-affected> (monitors_config support introduced in 0.11.3)
 	NOTE: Referenced Bug with Details from Red Hat is currently private
 	NOTE: Patch: https://git.centos.org/blob/rpms!spice.git/11e32f6dd156a3c4847da29d989837437e973ccc/SOURCES!0038-Avoid-race-conditions-reading-monitor-configs-from-g.patch
-CVE-2015-3246
+CVE-2015-3246 (libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhe ...)
 	{DLA-468-1}
 	- libuser 1:0.62~dfsg-0.1 (bug #793465)
 	[jessie] - libuser <no-dsa> (Minor issue)
-CVE-2015-3245
+CVE-2015-3245 (Incomplete blacklist vulnerability in the chfn function in libuser bef ...)
 	{DLA-468-1}
 	- libuser 1:0.62~dfsg-0.1 (bug #793465)
 	[jessie] - libuser <no-dsa> (Minor issue)
 	NOTE: initially attributed to usermode package, root-cause fixed in libuser instead
-CVE-2015-3244
+CVE-2015-3244 (The Portlet Bridge for JavaServer Faces in Red Hat JBoss Portal 6.2.0, ...)
 	NOT-FOR-US: PortletBridge component of Red Hat JBoss Portal
-CVE-2015-3243
+CVE-2015-3243 (rsyslog uses weak permissions for generating log files, which allows l ...)
 	- rsyslog <unfixed> (unimportant)
 	NOTE: The default for syslog is $FileCreateMode 0644 but the rsyslog.conf
 	NOTE: provided by the Debian package sets $FileCreateMode 0640
 CVE-2015-3242
 	REJECTED
-CVE-2015-3241
+CVE-2015-3241 (OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlie ...)
 	- nova 1:12.0.0-2 (bug #796109)
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: https://launchpad.net/bugs/1387543
 	NOTE: Affects: versions through 2014.1.4, and 2014.2 versions through 2014.2.3, and version 2015.1.0
 	NOTE: https://git.openstack.org/cgit/openstack/nova/commit/?id=7ab75d5b0b75fc3426323bef19bf436a258b9707
-CVE-2015-3240
+CVE-2015-3240 (The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6. ...)
 	- openswan <removed>
 	[squeeze] - openswan <end-of-life> (Not supported in Squeeze LTS)
 	[wheezy] - openswan <end-of-life> (Not supported in Wheezy LTS)
 	- libreswan <not-affected> (Fixed before the initial upload to Debian)
 	NOTE: https://libreswan.org/security/CVE-2015-3240/
-CVE-2015-3239
+CVE-2015-3239 (Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_ ...)
 	{DLA-271-1}
 	- libunwind 1.1-4 (low; bug #790830)
 	[jessie] - libunwind <no-dsa> (Minor issue)
@@ -17406,62 +17406,62 @@ CVE-2015-3239
 	- android-platform-external-libunwind 7.0.0+r1-4 (bug #849346)
 	NOTE: http://savannah.nongnu.org/bugs/?45276 (private bug)
 	NOTE: http://git.savannah.gnu.org/cgit/libunwind.git/commit/?id=396b6c7ab737e2bff244d640601c436a26260ca1
-CVE-2015-3238
+CVE-2015-3238 (The _unix_run_helper_binary function in the pam_unix module in Linux-P ...)
 	- pam 1.1.8-3.2 (bug #789986)
 	[jessie] - pam 1.1.8-3.1+deb8u1
 	[wheezy] - pam <no-dsa> (Minor issue e.g. in combination with enabled SELinux)
 	[squeeze] - pam <no-dsa> (Minor issue e.g. in combination with enabled SELinux)
 	NOTE: https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=e89d4c97385ff8180e6e81e84c5aa745daf28a79
 	NOTE: https://www.redhat.com/archives/pam-list/2015-June/msg00001.html
-CVE-2015-3237
+CVE-2015-3237 (The smb_request_state function in cURL and libcurl 7.40.0 through 7.42 ...)
 	- curl 7.43.0-1
 	[jessie] - curl <not-affected> (Vulnerable code not present)
 	[wheezy] - curl <not-affected> (Vulnerable code not present)
 	[squeeze] - curl <not-affected> (Vulnerable code not present)
 	NOTE: http://curl.haxx.se/docs/adv_20150617B.html
-CVE-2015-3236
+CVE-2015-3236 (cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authenticat ...)
 	- curl 7.43.0-1
 	[jessie] - curl <not-affected> (Vulnerable code not present)
 	[wheezy] - curl <not-affected> (Vulnerable code not present)
 	[squeeze] - curl <not-affected> (Vulnerable code not present)
 	NOTE: http://curl.haxx.se/docs/adv_20150617A.html
-CVE-2015-3235
+CVE-2015-3235 (Foreman before 1.9.0 allows remote authenticated users with the edit_u ...)
 	- foreman <itp> (bug #663101)
-CVE-2015-3234
+CVE-2015-3234 (The OpenID module in Drupal 6.x before 6.36 and 7.x before 7.38 allows ...)
 	{DSA-3291-1}
 	- drupal7 7.38-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-002
-CVE-2015-3233
+CVE-2015-3233 (Open redirect vulnerability in the Overlay module in Drupal 7.x before ...)
 	{DSA-3291-1}
 	- drupal7 7.38-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x)
 	NOTE: https://www.drupal.org/SA-CORE-2015-002
-CVE-2015-3232
+CVE-2015-3232 (Open redirect vulnerability in the Field UI module in Drupal 7.x befor ...)
 	{DSA-3291-1}
 	- drupal7 7.38-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x)
 	NOTE: https://www.drupal.org/SA-CORE-2015-002
-CVE-2015-3231
+CVE-2015-3231 (The Render cache system in Drupal 7.x before 7.38, when used to cache  ...)
 	{DSA-3291-1}
 	- drupal7 7.38-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x)
 	NOTE: https://www.drupal.org/SA-CORE-2015-002
-CVE-2015-3230
+CVE-2015-3230 (389 Directory Server (formerly Fedora Directory Server) before 1.3.3.1 ...)
 	- 389-ds-base 1.3.3.12-1 (bug #789202)
 	[jessie] - 389-ds-base <not-affected> (Vulnerable code not present, fix for 47838 not applied in Jessie)
 	NOTE: https://fedorahosted.org/389/ticket/48194
 	NOTE: Regression if https://fedorahosted.org/389/ticket/47838 applied
-CVE-2015-3229
+CVE-2015-3229 (fedora-cloud-atomic.ks in spin-kickstarts allows remote attackers to c ...)
 	NOT-FOR-US: Fedora Atomic
-CVE-2015-3228
+CVE-2015-3228 (Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc. ...)
 	{DSA-3326-1 DLA-280-1}
 	- ghostscript 9.15~dfsg-1 (bug #793489)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=696070
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0c0b0859
 	NOTE: File to reproduce segfault with ps2pdf: http://bugs.ghostscript.com/attachment.cgi?id=11776
-CVE-2015-3227
+CVE-2015-3227 (The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby  ...)
 	{DSA-3464-1 DLA-603-1}
 	- rails 2:4.2.4-2 (bug #790487)
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
@@ -17469,7 +17469,7 @@ CVE-2015-3227
 	- ruby-activesupport-3.2 <removed>
 	- ruby-activesupport-2.3 <removed>
 	[wheezy] - ruby-activesupport-2.3 <end-of-life> (https://lists.debian.org/debian-security-announce/2014/msg00164.html)
-CVE-2015-3226
+CVE-2015-3226 (Cross-site scripting (XSS) vulnerability in json/encoding.rb in Active ...)
 	{DSA-3464-1}
 	- rails 2:4.2.4-2 (bug #790486)
 	[squeeze] - rails <end-of-life> (Unsupported in squeeze-lts)
@@ -17478,15 +17478,15 @@ CVE-2015-3226
 	[wheezy] - ruby-activesupport-3.2 <not-affected> (Vulnerable code not present)
 	- ruby-activesupport-2.3 <removed>
 	[wheezy] - ruby-activesupport-2.3 <end-of-life> (https://lists.debian.org/debian-security-announce/2014/msg00164.html)
-CVE-2015-3225
+CVE-2015-3225 (lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used ...)
 	{DSA-3322-1 DLA-254-1}
 	- ruby-rack 1.5.2-4 (bug #789311)
 	- ruby-rack1.4 <removed>
 	- librack-ruby <removed>
 	NOTE: http://seclists.org/oss-sec/2015/q2/729 has patches for 1.5 and 1.6
-CVE-2015-3224
+CVE-2015-3224 (request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x ...)
 	NOT-FOR-US: Web Console Ruby Gem
-CVE-2015-3223
+CVE-2015-3223 (The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, ...)
 	{DSA-3433-1}
 	- samba 2:4.1.22+dfsg-1
 	[wheezy] - samba <not-affected> (Only affects 4.0.0 to 4.3.2)
@@ -17499,21 +17499,21 @@ CVE-2015-3223
 	NOTE: https://git.samba.org/?p=samba.git;a=commit;h=fb456954f332c07a645226d59b3b00ec252f8b26 (v4-1-stable)
 	NOTE: https://git.samba.org/?p=samba.git;a=commit;h=bb1b783ee9d7259cfc6a1fe882f22189747f8684 (v4-1-stable)
 	NOTE: Samba update needs as well fixed ldb
-CVE-2015-3222
+CVE-2015-3222 (syscheck/seechanges.c in OSSEC 2.7 through 2.8.1 on NIX systems allows ...)
 	- ossec-hids <itp> (bug #361954)
-CVE-2015-3221
+CVE-2015-3221 (OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1  ...)
 	- neutron 2015.1.0+2015.06.24.git61.bdf194a0e1-1 (bug #789713)
 	[jessie] - neutron <not-affected> (ipset code introduced in Juno)
 	NOTE: https://bugs.launchpad.net/neutron/+bug/1461054/comments/18
 	NOTE: 2014.2 versions through 2014.2.3 and 2015.1.0 version
-CVE-2015-3220
+CVE-2015-3220 (The tlslite library before 0.4.9 for Python allows remote attackers to ...)
 	- tlslite <removed>
-CVE-2015-3219
+CVE-2015-3219 (Cross-site scripting (XSS) vulnerability in the Orchestration/Stack se ...)
 	{DSA-3617-1}
 	- horizon 2015.1.0+2015.06.09.git15.e63af6c598-1 (bug #788306)
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 	NOTE: 2014.2 versions through 2014.2.3 and version 2015.1.0
-CVE-2015-3218
+CVE-2015-3218 (The authentication_agent_new function in polkitbackend/polkitbackendin ...)
 	[experimental] - policykit-1 0.113-1
 	- policykit-1 0.105-11 (bug #787932)
 	[jessie] - policykit-1 0.105-15~deb8u1
@@ -17522,7 +17522,7 @@ CVE-2015-3218
 	NOTE: http://lists.freedesktop.org/archives/polkit-devel/2015-May/000420.html
 	NOTE: Patch: http://cgit.freedesktop.org/polkit/commit/?id=48e646918efb2bf0b3b505747655726d7869f31c
 	NOTE: Introduced by: http://cgit.freedesktop.org/polkit/commit/?id=6eeb077bc90c9c7783360a526b2f04645b1b0848
-CVE-2015-3217
+CVE-2015-3217 (PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty  ...)
 	- pcre3 2:8.38-1 (bug #787641)
 	[jessie] - pcre3 <no-dsa> (Minor issue)
 	[wheezy] - pcre3 <no-dsa> (Minor issue)
@@ -17530,12 +17530,12 @@ CVE-2015-3217
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1638
 	NOTE: Upstream fix: http://vcs.pcre.org/pcre?view=revision&revision=1566
 	NOTE: More information: https://bugzilla.redhat.com/show_bug.cgi?id=1228283#c2
-CVE-2015-3216
+CVE-2015-3216 (Race condition in a certain Red Hat patch to the PRNG lock implementat ...)
 	- openssl <not-affected> (Affects Red Hat specific patch)
 	NOTE: More information in https://bugzilla.redhat.com/show_bug.cgi?id=1225994
-CVE-2015-3215
+CVE-2015-3215 (The NetKVM Windows Virtio driver allows remote attackers to cause a de ...)
 	NOT-FOR-US: virtio Windows drivers
-CVE-2015-3214
+CVE-2015-3214 (The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and Q ...)
 	{DSA-3348-1}
 	- qemu 1:2.4+dfsg-1a (bug #795461)
 	[wheezy] - qemu <not-affected> (Introduced in 1.3.0)
@@ -17550,22 +17550,22 @@ CVE-2015-3214
 	- linux-2.6 2.6.37-1
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee73f656a604d5aa9df86a97102e4e462dd79924 (v2.6.33-rc8)
-CVE-2015-3213
+CVE-2015-3213 (The gesture handling code in Clutter before 1.16.2 allows physically p ...)
 	- clutter-1.0 1.18.0-1
 	[wheezy] - clutter-1.0 <not-affected> (Vulnerable code introduced later)
 	[squeeze] - clutter-1.0 <not-affected> (Vulnerable code was introduced past 1.12.0)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=749847
 	NOTE: Introduced by: https://git.gnome.org/browse/clutter/commit/?id=abcf1d589f29ba7914d5648bb9814ad26c13cd83 (1.13.2)
 	NOTE: Fixed by: https://git.gnome.org/browse/clutter/commit/?id=97724939c8de004d7fa230f3ff64862d957f93a9 (1.17.2)
-CVE-2015-3212
+CVE-2015-3212 (Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 a ...)
 	{DSA-3329-1}
 	- linux 4.0.8-1
 	- linux-2.6 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://marc.info/?l=linux-netdev&m=143277436124732&w=2
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9f7d653b67aed2d92540fbb0a8adaf32fcf352ae (v3.1-rc1)
-CVE-2015-3211
+CVE-2015-3211 (php-fpm allows local users to write to or create arbitrary files via a ...)
 	- php5 <not-affected> (Red Hat specific problem in the rpm package)
-CVE-2015-3210
+CVE-2015-3210 (Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 a ...)
 	- pcre3 2:8.35-7.2 (bug #787433)
 	[jessie] - pcre3 2:8.35-3.3+deb8u1
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
@@ -17574,7 +17574,7 @@ CVE-2015-3210
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1558
 	NOTE: Affected code refactored in: http://vcs.pcre.org/pcre?view=revision&revision=1359 (8.34)
 	NOTE: Issue then introduced by: http://vcs.pcre.org/pcre?view=revision&revision=1361
-CVE-2015-3209
+CVE-2015-3209 (Heap-based buffer overflow in the PCNET controller in QEMU allows remo ...)
 	{DSA-3286-1 DSA-3285-1 DSA-3284-1}
 	- qemu 1:2.3+dfsg-6 (bug #788460)
 	[wheezy] - qemu 1.1.2+dfsg-6a+deb7u8
@@ -17586,11 +17586,11 @@ CVE-2015-3209
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-135.html
-CVE-2015-3208
+CVE-2015-3208 (XML external entity (XXE) vulnerability in the XPath selector componen ...)
 	NOT-FOR-US: HornetQ
 CVE-2015-3207
 	RESERVED
-CVE-2015-3206
+CVE-2015-3206 (The checkPassword function in python-kerberos does not authenticate th ...)
 	{DLA-265-2 DLA-265-1}
 	- pykerberos 1.1.5-1 (bug #796195)
 	[jessie] - pykerberos 1.1.5-0.1+deb8u1
@@ -17599,28 +17599,28 @@ CVE-2015-3206
 	NOTE: former.
 	NOTE: KDC verification support in pykerberos added in https://github.com/02strich/pykerberos/commit/02d13860b25fab58e739f0e000bed0067b7c6f9c
 	NOTE: Using the above code as is might break existing installations since a keytab is required to call krb5_verify_init_creds
-CVE-2015-3205
+CVE-2015-3205 (libmimedir allows remote attackers to execute arbitrary code via a VCF ...)
 	- libmimedir <removed> (bug #789197)
 	[jessie] - libmimedir <no-dsa> (Minor issue)
 	[wheezy] - libmimedir <no-dsa> (Minor issue)
 	[squeeze] - libmimedir <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1222251
-CVE-2015-3204
+CVE-2015-3204 (libreswan 3.9 through 3.12 allows remote attackers to cause a denial o ...)
 	- libreswan <not-affected> (Fixed before the initial upload to Debian)
 	NOTE: https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204.txt
 	NOTE: https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204-libreswan.patch
-CVE-2015-3203
+CVE-2015-3203 (Unrestricted file upload vulnerability in h5ai before 0.25.0 allows re ...)
 	NOT-FOR-US: h5ai
-CVE-2015-3202
+CVE-2015-3202 (fusermount in FUSE before 2.9.3-15 does not properly clear the environ ...)
 	{DSA-3268-2 DSA-3268-1 DSA-3266-1 DLA-238-1 DLA-226-2 DLA-226-1}
 	- fuse 2.9.3-16 (bug #786439)
 	NOTE: Upstream fix: http://web.archive.org/web/20150529051222/http://sourceforge.net:80/p/fuse/fuse/ci/fe2d96
 	- ntfs-3g 1:2014.2.15AR.3-3 (bug #786475)
 	NOTE: ntfs-3g source wise affected but wheezy version uses --with-fuse=external
 	NOTE: ntfs-3g is built with internal copy since 1:2013.1.13AR.3-2
-CVE-2015-3201
+CVE-2015-3201 (Thermostat before 2.0.0 uses world-readable permissions for the web.xm ...)
 	NOT-FOR-US: thermostat
-CVE-2015-3200
+CVE-2015-3200 (mod_auth in lighttpd before 1.4.36 allows remote attackers to inject a ...)
 	- lighttpd 1.4.37-1 (low; bug #787132)
 	[jessie] - lighttpd <no-dsa> (Minor issue)
 	[wheezy] - lighttpd <no-dsa> (Minor issue)
@@ -17629,53 +17629,53 @@ CVE-2015-3200
 	NOTE: http://redmine.lighttpd.net/issues/2646
 CVE-2015-3199
 	REJECTED
-CVE-2015-3198
+CVE-2015-3198 (The Undertow module of WildFly 9.x before 9.0.0.CR2 and 10.x before 10 ...)
 	NOT-FOR-US: Undertow module of WildFly / JBOSS
-CVE-2015-3197
+CVE-2015-3197 (ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f d ...)
 	{DLA-421-1}
 	- openssl 1.0.0c-2
 	NOTE: 1.0.0c-2 dropped SSLv2 support
 	NOTE: No MITM: https://bugzilla.redhat.com/show_bug.cgi?id=1301846#c3
-CVE-2015-3196
+CVE-2015-3196 (ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and ...)
 	{DSA-3413-1}
 	- openssl 1.0.2d-1
 	[squeeze] - openssl <not-affected> (Only affects 1.0.0 to 1.0.2)
-CVE-2015-3195
+CVE-2015-3195 (The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in Open ...)
 	{DSA-3413-1 DLA-358-1}
 	- openssl 1.0.2e-1
 	NOTE: https://www.openssl.org/news/secadv/20151203.txt
-CVE-2015-3194
+CVE-2015-3194 (crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before ...)
 	{DSA-3413-1}
 	- openssl 1.0.2e-1
 	[squeeze] - openssl <not-affected> (Only affects 1.0.1 and 1.0.2)
 	NOTE: https://www.openssl.org/news/secadv/20151203.txt
-CVE-2015-3193
+CVE-2015-3193 (The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.p ...)
 	- openssl 1.0.2e-1
 	[jessie] - openssl <not-affected> (Only affects 1.0.2)
 	[wheezy] - openssl <not-affected> (Only affects 1.0.2)
 	[squeeze] - openssl <not-affected> (Only affects 1.0.2)
 	NOTE: https://www.openssl.org/news/secadv/20151203.txt
-CVE-2015-3192
+CVE-2015-3192 (Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not pro ...)
 	- libspring-java 4.1.9-1 (low; bug #796137)
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <no-dsa> (Minor issue)
 	NOTE: https://pivotal.io/security/cve-2015-3192
 	NOTE: https://jira.spring.io/browse/SPR-13136
-CVE-2015-3191
+CVE-2015-3191 (With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA St ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2015-3190
+CVE-2015-3190 (With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA St ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2015-3189
+CVE-2015-3189 (With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA St ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2015-3188
+CVE-2015-3188 (The UI daemon in Apache Storm 0.10.0 before 0.10.0-beta1 allows remote ...)
 	NOT-FOR-US: Apache Storm
-CVE-2015-3187
+CVE-2015-3187 (The svn_repos_trace_node_locations function in Apache Subversion befor ...)
 	{DSA-3331-1 DLA-293-1}
 	- subversion 1.9.0-1
 	NOTE: https://subversion.apache.org/security/CVE-2015-3187-advisory.txt
-CVE-2015-3186
+CVE-2015-3186 (Cross-site scripting (XSS) vulnerability in Apache Ambari before 2.1.0 ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2015-3185
+CVE-2015-3185 (The ap_some_auth_required function in server/request.c in the Apache H ...)
 	{DSA-3325-1}
 	- apache2 2.4.16-1
 	[wheezy] - apache2 <not-affected> (Bug introduced during 2.4 development)
@@ -17684,14 +17684,14 @@ CVE-2015-3185
 	NOTE: http://web.archive.org/web/20150918024815/http://www.apache.org:80/dist/httpd/CHANGES_2.4.16
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1684525
 	NOTE: Behavior changed in 2.4.x refactoring, API no longer usable in 2.4.x
-CVE-2015-3184
+CVE-2015-3184 (mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x befor ...)
 	{DSA-3331-1}
 	- subversion 1.9.0-1
 	[wheezy] - subversion <not-affected> (1.6 does not build with apache 2.4)
 	[squeeze] - subversion <not-affected> (1.6 does not build with apache 2.4)
 	NOTE: https://subversion.apache.org/security/CVE-2015-3184-advisory.txt
 	NOTE: subversion needs to be built with a fixed apache version
-CVE-2015-3183
+CVE-2015-3183 (The chunked transfer coding implementation in the Apache HTTP Server b ...)
 	{DSA-3325-1 DLA-284-1}
 	- apache2 2.4.16-1
 	NOTE: https://www.apache.org/dist/httpd/Announcement2.4.txt
@@ -17699,47 +17699,47 @@ CVE-2015-3183
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1684515
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1687338 (2.2.x)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1687339 (2.2.x)
-CVE-2015-3182
+CVE-2015-3182 (epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in W ...)
 	- wireshark 1.12.0~rc1-1
 	[jessie] - wireshark <not-affected> (Only affected 1.10.x)
 	[wheezy] - wireshark <not-affected> (Only affected 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affected 1.10.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-01.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1219409
-CVE-2015-3181
+CVE-2015-3181 (files/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2. ...)
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-3180
+CVE-2015-3180 (lib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2. ...)
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-3179
+CVE-2015-3179 (login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x  ...)
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-3178
+CVE-2015-3178 (Cross-site scripting (XSS) vulnerability in the external_format_text f ...)
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-3177
+CVE-2015-3177 (Moodle 2.8.x before 2.8.6 does not consider the tool/monitor:subscribe ...)
 	- moodle <not-affected> (Only affects versions 2.8 to 2.8.5)
-CVE-2015-3176
+CVE-2015-3176 (The account-confirmation feature in login/confirm.php in Moodle throug ...)
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-3175
+CVE-2015-3175 (Multiple open redirect vulnerabilities in Moodle through 2.5.9, 2.6.x  ...)
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-3174
+CVE-2015-3174 (mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2 ...)
 	- moodle 2.7.8+dfsg-1 (bug #785591)
 	[squeeze] - moodle <end-of-life> (Not supported in Squeeze LTS)
 CVE-2015-3173
 	RESERVED
 CVE-2015-3172
 	RESERVED
-CVE-2015-3171
+CVE-2015-3171 (sosreport 3.2 uses weak permissions for generated sosreport archives,  ...)
 	- sosreport 3.2-2 (bug #769521)
 	NOTE: https://github.com/sosreport/sos/commit/d7759d3ddae5fe99a340c88a1d370d65cfa73fd6
 	NOTE: https://github.com/sosreport/sos/issues/425
-CVE-2015-3170
+CVE-2015-3170 (selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows  ...)
 	NOT-FOR-US: Red Hat specific issue with selinux-policy rpm package
-CVE-2015-3169
+CVE-2015-3169 (Cross-site scripting (XSS) vulnerability in askbot 0.7.51-4.el6.noarch ...)
 	- askbot <itp> (bug #687966)
 CVE-2015-3168
 	REJECTED
@@ -17758,14 +17758,14 @@ CVE-2015-3166
 	- postgresql-9.1 <removed>
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl; EOL upstream)
-CVE-2015-3165
+CVE-2015-3165 (Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9. ...)
 	{DSA-3270-1 DSA-3269-1 DLA-227-1}
 	- postgresql-9.4 9.4.2-1
 	- postgresql-9.1 <removed>
 	NOTE: Since 9.1.1-2 src:postgresql-9.1 builds only postgresql-plperl-9.1, source-wise fixed
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl; EOL upstream)
-CVE-2015-3164
+CVE-2015-3164 (The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 s ...)
 	- xorg-server 2:1.17.2-1 (bug #788410)
 	[jessie] - xorg-server 2:1.16.4-1+deb8u2
 	[wheezy] - xorg-server <not-affected> (XWayland not present)
@@ -17774,27 +17774,27 @@ CVE-2015-3164
 	NOTE: Patch 1/3: http://cgit.freedesktop.org/xorg/xserver/commit/?id=c4534a38b68aa07fb82318040dc8154fb48a9588
 	NOTE: Patch 2/3: http://cgit.freedesktop.org/xorg/xserver/commit/?id=4b4b9086d02b80549981d205fb1f495edc373538
 	NOTE: Patch 3/3: http://cgit.freedesktop.org/xorg/xserver/commit/?id=76636ac12f2d1dbdf7be08222f80e7505d53c451
-CVE-2015-3163
+CVE-2015-3163 (The admin pages for power types and key types in Beaker before 20.1 do ...)
 	NOT-FOR-US: Beaker (toolset for managing test labs, not src:beaker in Debian)
-CVE-2015-3162
+CVE-2015-3162 (Cross-site scripting (XSS) vulnerability in the edit comment dialog in ...)
 	NOT-FOR-US: Beaker (toolset for managing test labs, not src:beaker in Debian)
-CVE-2015-3161
+CVE-2015-3161 (The search bar code in bkr/server/widgets.py in Beaker before 20.1 doe ...)
 	NOT-FOR-US: Beaker (toolset for managing test labs, not src:beaker in Debian)
-CVE-2015-3160
+CVE-2015-3160 (XML external entity (XXE) vulnerability in bkr/server/jobs.py in Beake ...)
 	NOT-FOR-US: Beaker (toolset for managing test labs, not src:beaker in Debian)
 CVE-2015-3159
 	RESERVED
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-3158
+CVE-2015-3158 (The invokeNextValve function in identity/federation/bindings/tomcat/id ...)
 	NOT-FOR-US: PicketLink
 CVE-2015-3157
 	REJECTED
-CVE-2015-3156
+CVE-2015-3156 (The _write_config function in trove/guestagent/datastore/experimental/ ...)
 	- openstack-trove <unfixed> (unimportant; bug #787654)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1216073#c1
 	NOTE: partially fixed already in 2015.1~rc2-1, cf. #787654
 	NOTE: will be completed during kilo release
-CVE-2015-3155
+CVE-2015-3155 (Foreman before 1.8.1 does not set the secure flag for the _session_id  ...)
 	- foreman <itp> (bug #663101)
 CVE-2015-3154 [Potential CRLF injection attacks in mail and HTTP headers]
 	RESERVED
@@ -17802,13 +17802,13 @@ CVE-2015-3154 [Potential CRLF injection attacks in mail and HTTP headers]
 	- zendframework 1.12.12+dfsg-1
 	[jessie] - zendframework 1.12.9+dfsg-2+deb8u1
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-04
-CVE-2015-3153
+CVE-2015-3153 (The default configuration for cURL and libcurl before 7.42.1 sends cus ...)
 	{DSA-3240-1}
 	- curl 7.42.1-1
 	[wheezy] - curl <no-dsa> (Too intrusive to backport)
 	[squeeze] - curl <no-dsa> (Too intrusive to backport)
 	NOTE: http://curl.haxx.se/docs/adv_20150429.html
-CVE-2015-3152
+CVE-2015-3152 (Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclien ...)
 	{DSA-3311-1}
 	- mariadb-10.0 10.0.20-1
 	- percona-xtradb-cluster-5.5 <removed>
@@ -17823,256 +17823,256 @@ CVE-2015-3151 [abrt: directory traversals in several D-Bus methods implemented b
 CVE-2015-3150 [abrt: abrt-dbus does not guard against crafted problem directory path arguments]
 	RESERVED
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-3149
+CVE-2015-3149 (The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Li ...)
 	- openjdk-8 <not-affected> (defective patch not applied)
-CVE-2015-3148
+CVE-2015-3148 (cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenti ...)
 	{DSA-3232-1 DLA-211-1}
 	- curl 7.42.0-1
 	NOTE: http://curl.haxx.se/docs/adv_20150422B.html
 CVE-2015-3147
 	RESERVED
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-3146
+CVE-2015-3146 (The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in ...)
 	- libssh 0.6.3-4.2 (bug #784404)
 	[jessie] - libssh 0.6.3-4+deb8u1
 	[wheezy] - libssh 0.5.4-1+deb7u3
 	[squeeze] - libssh <not-affected> (Issue only present in versions > 0.5.1, squeeze has 0.4.5)
 	NOTE: https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/
-CVE-2015-3145
+CVE-2015-3145 (The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7 ...)
 	- curl 7.42.0-1
 	[jessie] - curl 7.38.0-4+deb8u1
 	[wheezy] - curl <not-affected> (Affects 7.31.0 to and including 7.41.0)
 	[squeeze] - curl <not-affected> (Affects 7.31.0 to and including 7.41.0)
 	NOTE: http://curl.haxx.se/docs/adv_20150422C.html
-CVE-2015-3144
+CVE-2015-3144 (The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 do ...)
 	- curl 7.42.0-1
 	[jessie] - curl 7.38.0-4+deb8u1
 	[wheezy] - curl <not-affected> (Affects 7.37.0 to and including 7.41.0)
 	[squeeze] - curl <not-affected> (Affects 7.37.0 to and including 7.41.0)
 	NOTE: http://curl.haxx.se/docs/adv_20150422D.html
-CVE-2015-3143
+CVE-2015-3143 (cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM c ...)
 	{DSA-3232-1 DLA-211-1}
 	- curl 7.42.0-1
 	NOTE: http://curl.haxx.se/docs/adv_20150422A.html
-CVE-2015-3142
+CVE-2015-3142 (The kernel-invoked coredump processor in Automatic Bug Reporting Tool  ...)
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-3141
+CVE-2015-3141 (Multiple cross-site request forgery (CSRF) vulnerabilities in Synametr ...)
 	NOT-FOR-US: Synametrics Technologies Xeams
 CVE-2015-3140
 	RESERVED
 CVE-2015-3139
 	RESERVED
-CVE-2015-3138
+CVE-2015-3138 (print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a  ...)
 	- tcpdump <not-affected> (Introduced in 4.7)
 	NOTE: https://github.com/the-tcpdump-group/tcpdump/issues/446
 	NOTE: Fixed by: https://github.com/the-tcpdump-group/tcpdump/commit/3ed82f4ed0095768529afc22b923c8f7171fff70
 	NOTE: Introduced by: https://github.com/the-tcpdump-group/tcpdump/commit/3a3ec26085461998074b827b112d38e8f3246a86
-CVE-2015-3137
+CVE-2015-3137 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3136
+CVE-2015-3136 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3135
+CVE-2015-3135 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3134
+CVE-2015-3134 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3133
+CVE-2015-3133 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3132
+CVE-2015-3132 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3131
+CVE-2015-3131 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3130
+CVE-2015-3130 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3129
+CVE-2015-3129 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3128
+CVE-2015-3128 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3127
+CVE-2015-3127 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3126
+CVE-2015-3126 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3125
+CVE-2015-3125 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3124
+CVE-2015-3124 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3123
+CVE-2015-3123 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3122
+CVE-2015-3122 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3121
+CVE-2015-3121 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3120
+CVE-2015-3120 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3119
+CVE-2015-3119 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3118
+CVE-2015-3118 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3117
+CVE-2015-3117 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3116
+CVE-2015-3116 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3115
+CVE-2015-3115 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3114
+CVE-2015-3114 (Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3113
+CVE-2015-3113 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and ...)
 	NOT-FOR-US: Adobe Flash Player
 	NOTE: https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
-CVE-2015-3112
+CVE-2015-3112 (Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC befo ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3111
+CVE-2015-3111 (Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka 2015 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3110
+CVE-2015-3110 (Integer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and  ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3109
+CVE-2015-3109 (Adobe Photoshop CC before 16.0 (aka 2015.0.0) allows attackers to exec ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3108
+CVE-2015-3108 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3107
+CVE-2015-3107 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3106
+CVE-2015-3106 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3105
+CVE-2015-3105 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3104
+CVE-2015-3104 (Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x thro ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3103
+CVE-2015-3103 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3102
+CVE-2015-3102 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3101
+CVE-2015-3101 (The Flash broker in Adobe Flash Player before 13.0.0.292 and 14.x thro ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3100
+CVE-2015-3100 (Stack-based buffer overflow in Adobe Flash Player before 13.0.0.292 an ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3099
+CVE-2015-3099 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3098
+CVE-2015-3098 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3097
+CVE-2015-3097 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3096
+CVE-2015-3096 (Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3095
+CVE-2015-3095 (Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2015-3094
 	REJECTED
-CVE-2015-3093
+CVE-2015-3093 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3092
+CVE-2015-3092 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3091
+CVE-2015-3091 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3090
+CVE-2015-3090 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3089
+CVE-2015-3089 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3088
+CVE-2015-3088 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.289 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3087
+CVE-2015-3087 (Integer overflow in Adobe Flash Player before 13.0.0.289 and 14.x thro ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3086
+CVE-2015-3086 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3085
+CVE-2015-3085 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3084
+CVE-2015-3084 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3083
+CVE-2015-3083 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3082
+CVE-2015-3082 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3081
+CVE-2015-3081 (Race condition in Adobe Flash Player before 13.0.0.289 and 14.x throug ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3080
+CVE-2015-3080 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.289 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3079
+CVE-2015-3079 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3078
+CVE-2015-3078 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3077
+CVE-2015-3077 (Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3076
+CVE-2015-3076 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3075
+CVE-2015-3075 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3074
+CVE-2015-3074 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3073
+CVE-2015-3073 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3072
+CVE-2015-3072 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3071
+CVE-2015-3071 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3070
+CVE-2015-3070 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3069
+CVE-2015-3069 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3068
+CVE-2015-3068 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3067
+CVE-2015-3067 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3066
+CVE-2015-3066 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3065
+CVE-2015-3065 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3064
+CVE-2015-3064 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3063
+CVE-2015-3063 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3062
+CVE-2015-3062 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3061
+CVE-2015-3061 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3060
+CVE-2015-3060 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3059
+CVE-2015-3059 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3058
+CVE-2015-3058 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3057
+CVE-2015-3057 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3056
+CVE-2015-3056 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3055
+CVE-2015-3055 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3054
+CVE-2015-3054 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3053
+CVE-2015-3053 (Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3052
+CVE-2015-3052 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3051
+CVE-2015-3051 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3050
+CVE-2015-3050 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3049
+CVE-2015-3049 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3048
+CVE-2015-3048 (Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.14 and 11 ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3047
+CVE-2015-3047 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
-CVE-2015-3046
+CVE-2015-3046 (Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 o ...)
 	NOT-FOR-US: Adobe
 CVE-2015-3045
 	REJECTED
-CVE-2015-3044
+CVE-2015-3044 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3043
+CVE-2015-3043 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3042
+CVE-2015-3042 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3041
+CVE-2015-3041 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3040
+CVE-2015-3040 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3039
+CVE-2015-3039 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-3038
+CVE-2015-3038 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-3037
 	RESERVED
-CVE-2015-3036
+CVE-2015-3036 (Stack-based buffer overflow in the run_init_sbus function in the KCode ...)
 	NOT-FOR-US: KCodes NetUSB module for the Linux kernel
-CVE-2015-3035
+CVE-2015-3035 (Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firm ...)
 	NOT-FOR-US: TP-LINK Router
 CVE-2015-3034
 	RESERVED
@@ -18082,7 +18082,7 @@ CVE-2015-3032
 	RESERVED
 CVE-2015-3031
 	RESERVED
-CVE-2015-3027
+CVE-2015-3027 (Clang in LLVM, as used in Apple Xcode before 6.3, performs incorrect r ...)
 	NOT-FOR-US: Clang in LLVM as used in Apple Xcode
 CVE-2015-3025
 	RESERVED
@@ -18110,28 +18110,28 @@ CVE-2015-3014
 	RESERVED
 CVE-2015-3009
 	RESERVED
-CVE-2015-3416
+CVE-2015-3416 (The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does n ...)
 	{DSA-3252-2 DSA-3252-1}
 	- sqlite3 3.8.9-1 (bug #783968)
 	[squeeze] - sqlite3 <not-affected> (Can't reproduce the issue)
 	NOTE: http://www.sqlite.org/src/info/c494171f77dc2e5e
 	NOTE: http://seclists.org/bugtraq/2015/Apr/97
 	NOTE: https://lists.debian.org/debian-lts/2015/06/msg00031.html
-CVE-2015-3415
+CVE-2015-3415 (The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not ...)
 	{DSA-3252-1}
 	- sqlite3 3.8.9-1 (bug #783968)
 	[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
 	[squeeze] - sqlite3 <not-affected> (Vulnerable code not present)
 	NOTE: https://www.sqlite.org/src/info/02e3c88fbf6abdcf
 	NOTE: http://seclists.org/bugtraq/2015/Apr/97
-CVE-2015-3414
+CVE-2015-3414 (SQLite before 3.8.9 does not properly implement the dequoting of colla ...)
 	{DSA-3252-1}
 	- sqlite3 3.8.9-1 (bug #783968)
 	[wheezy] - sqlite3 <not-affected> (Can't reproduce the issue)
 	[squeeze] - sqlite3 <not-affected> (Can't reproduce the issue)
 	NOTE: https://www.sqlite.org/src/info/eddc05e7bb31fae7
 	NOTE: http://seclists.org/bugtraq/2015/Apr/97
-CVE-2015-3306
+CVE-2015-3306 (The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read a ...)
 	{DSA-3263-1}
 	- proftpd-dfsg 1.3.5-2 (bug #782781)
 	[squeeze] - proftpd-dfsg <not-affected> (mod_copy not available in version 1.3.3)
@@ -18139,7 +18139,7 @@ CVE-2015-3306
 	NOTE: https://github.com/proftpd/proftpd/pull/109
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4169
 	NOTE: https://cxsecurity.com/issue/WLB-2015040075
-CVE-2015-3331
+CVE-2015-3331 (The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_g ...)
 	{DSA-3237-1}
 	- linux 3.16.7-ckt9-3 (bug #782561)
 	- linux-2.6 <removed>
@@ -18147,191 +18147,191 @@ CVE-2015-3331
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/14/16
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccfe8c3f7e52ae83155cb038753f4c75b774ca8a (v4.0-rc5)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0bd82f5f6355775fbaf7d3c664432ce1b862be1e (v2.6.38-rc1)
-CVE-2015-3332
+CVE-2015-3332 (A certain backport in the TCP Fast Open implementation for the Linux k ...)
 	- linux 3.16.7-ckt9-3 (bug #782515)
 	[jessie] - linux 3.16.7-ckt9-3~deb8u1
 	[wheezy] - linux <not-affected> (TCP Fast Open introduced in v3.6-rc1)
 	- linux-2.6 <not-affected> (TCP Fast Open introduced in v3.6-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/14/14
 	NOTE: http://thread.gmane.org/gmane.linux.network/359588
-CVE-2015-3310
+CVE-2015-3310 (Buffer overflow in the rc_mksid function in plugins/radius/util.c in P ...)
 	{DSA-3228-1 DLA-205-1}
 	- ppp 2.4.6-3.1 (bug #782450)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/4
 	NOTE: Patch: https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=17;filename=ppp_2.4.6-3.1-nmu.diff;att=1;bug=782450
-CVE-2015-5621
+CVE-2015-5621 (The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlie ...)
 	{DSA-4154-1 DLA-1317-1}
 	- net-snmp 5.7.3+dfsg-1.1 (bug #788964)
 	[squeeze] - net-snmp <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/1
 	NOTE: Upstream patch: https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/
 	NOTE: https://sourceforge.net/p/net-snmp/bugs/2615/ (currently not public)
-CVE-2015-4085
+CVE-2015-4085 (Directory traversal vulnerability in node/hooks/express/tests.js in Et ...)
 	- etherpad-lite <itp> (bug #576998)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/11/10
-CVE-2015-3297
+CVE-2015-3297 (Directory traversal vulnerability in node/utils/Minify.js in Etherpad  ...)
 	- etherpad-lite <itp> (bug #576998)
-CVE-2015-3010
+CVE-2015-3010 (ceph-deploy before 1.5.23 uses weak permissions (644) for ceph/ceph.cl ...)
 	- ceph-deploy <not-affected> (Fixed with initial upload to Debian)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/09/9
-CVE-2015-3405
+CVE-2015-3405 (ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 d ...)
 	{DSA-3223-1 DLA-192-1}
 	- ntp 1:4.2.6.p5+dfsg-7
 	NOTE: https://bugs.ntp.org/show_bug.cgi?id=2797
 	NOTE: Patch: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypygg
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/09/5
-CVE-2015-3008
+CVE-2015-3008 (Asterisk Open Source 1.8 before 1.8.32.3, 11.x before 11.17.1, 12.x be ...)
 	{DSA-3700-1 DLA-455-1}
 	- asterisk 1:13.7.2~dfsg-1 (bug #782411)
 	[squeeze] - asterisk <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2015-003.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24847
 	NOTE: Patch: https://issues.asterisk.org/jira/secure/attachment/52082/asterisk-null-in-cn.patch
-CVE-2015-3007
+CVE-2015-3007 (The Juniper SRX Series services gateways with Junos OS 12.1X46 before  ...)
 	NOT-FOR-US: Juniper
 CVE-2015-3006
 	RESERVED
-CVE-2015-3005
+CVE-2015-3005 (Cross-site scripting (XSS) vulnerability in the Dynamic VPN in Juniper ...)
 	NOT-FOR-US: Juniper
-CVE-2015-3004
+CVE-2015-3004 (J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D35 ...)
 	NOT-FOR-US: Juniper
-CVE-2015-3003
+CVE-2015-3003 (Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30,  ...)
 	NOT-FOR-US: Juniper
-CVE-2015-3002
+CVE-2015-3002 (Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30,  ...)
 	NOT-FOR-US: Juniper
-CVE-2015-3001
+CVE-2015-3001 (SysAid Help Desk before 15.2 uses a hardcoded password of Password1 fo ...)
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-3000
+CVE-2015-3000 (SysAid Help Desk before 15.2 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2999
+CVE-2015-2999 (Multiple SQL injection vulnerabilities in SysAid Help Desk before 15.2 ...)
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2998
+CVE-2015-2998 (SysAid Help Desk before 15.2 uses a hardcoded encryption key, which ma ...)
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2997
+CVE-2015-2997 (SysAid Help Desk before 15.2 allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2996
+CVE-2015-2996 (Multiple directory traversal vulnerabilities in SysAid Help Desk befor ...)
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2995
+CVE-2015-2995 (The RdsLogsEntry servlet in SysAid Help Desk before 15.2 does not prop ...)
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2994
+CVE-2015-2994 (Unrestricted file upload vulnerability in ChangePhoto.jsp in SysAid He ...)
 	NOT-FOR-US: SysAid Help Desk
-CVE-2015-2993
+CVE-2015-2993 (SysAid Help Desk before 15.2 does not properly restrict access to cert ...)
 	NOT-FOR-US: SysAid Help Desk
 CVE-2015-2992
 	RESERVED
 	- libstruts1.2-java <not-affected> (Affects 2.0.0 - 2.3.16.3)
-CVE-2015-2991
+CVE-2015-2991 (Buffer overflow in NScripter before 3.00 allows remote attackers to ex ...)
 	NOT-FOR-US: NScripter
-CVE-2015-2990
+CVE-2015-2990 (Directory traversal vulnerability in zhtml.cgi in NEOJAPAN desknet NEO ...)
 	NOT-FOR-US: desknet NEO
-CVE-2015-2989
+CVE-2015-2989 (Cross-site scripting (XSS) vulnerability in index.php in LEMON-S PHP T ...)
 	NOT-FOR-US: LEMON-S
-CVE-2015-2988
+CVE-2015-2988 (Rakuten card App for iOS 5.2.0 through 5.2.4 does not verify SSL certi ...)
 	NOT-FOR-US: Rakuten card App for iOS
-CVE-2015-2987
+CVE-2015-2987 (Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, w ...)
 	NOT-FOR-US: Type74 ED
-CVE-2015-2986
+CVE-2015-2986 (Cross-site scripting (XSS) vulnerability in rakuto.net hitSuji (rktSNS ...)
 	NOT-FOR-US: hitSuji
-CVE-2015-2985
+CVE-2015-2985 (Cross-site scripting (XSS) vulnerability in guide-park.com BBS X102 1. ...)
 	NOT-FOR-US: guide-park.com BBS
-CVE-2015-2984
+CVE-2015-2984 (I-O DATA DEVICE WN-G54/R2 routers with firmware before 1.03 and NP-BBR ...)
 	NOT-FOR-US: I-O DATA
-CVE-2015-2983
+CVE-2015-2983 (Cross-site request forgery (CSRF) vulnerability in admin.php in PHP Ko ...)
 	NOT-FOR-US: Kobo Photo Gallery CMS
-CVE-2015-2982
+CVE-2015-2982 (Cross-site scripting (XSS) vulnerability in jquery.lightbox-0.5.min.js ...)
 	NOT-FOR-US: Kobo Photo Gallery CMS
-CVE-2015-2981
+CVE-2015-2981 (The Yodobashi App for Android 1.2.1.0 and earlier does not verify X.50 ...)
 	NOT-FOR-US: Yodobashi App for Android
-CVE-2015-2980
+CVE-2015-2980 (The Yodobashi application 1.2.1.0 and earlier for Android allows remot ...)
 	NOT-FOR-US: Yodobashi application for Android
-CVE-2015-2979
+CVE-2015-2979 (Webservice-DIC yoyaku_v41 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: Webservice-DIC yoyaku_v41
-CVE-2015-2978
+CVE-2015-2978 (Webservice-DIC yoyaku_v41 allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: Webservice-DIC yoyaku_v41
-CVE-2015-2977
+CVE-2015-2977 (Webservice-DIC yoyaku_v41 allows remote attackers to create arbitrary  ...)
 	NOT-FOR-US: Webservice-DIC yoyaku_v41
-CVE-2015-2976
+CVE-2015-2976 (Multiple cross-site scripting (XSS) vulnerabilities in Research Artisa ...)
 	NOT-FOR-US: Research Artisan Lite
-CVE-2015-2975
+CVE-2015-2975 (Research Artisan Lite before 1.18 does not ensure that a user has auth ...)
 	NOT-FOR-US: Research Artisan Lite
-CVE-2015-2974
+CVE-2015-2974 (LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to uplo ...)
 	NOT-FOR-US: LEMON-S PHP Gazou BBS
-CVE-2015-2973
+CVE-2015-2973 (Multiple cross-site scripting (XSS) vulnerabilities in the Welcart plu ...)
 	NOT-FOR-US: Welcart plugin for WordPress
-CVE-2015-2972
+CVE-2015-2972 (Multiple SQL injection vulnerabilities in Sysphonic Thetis before 2.3. ...)
 	NOT-FOR-US: Syshonic Thetis
-CVE-2015-2971
+CVE-2015-2971 (Directory traversal vulnerability in Seeds acmailer before 3.8.18 and  ...)
 	NOT-FOR-US: Seeds acmailer
-CVE-2015-2970
+CVE-2015-2970 (index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote a ...)
 	NOT-FOR-US: Oekaki BBS
-CVE-2015-2969
+CVE-2015-2969 (Cross-site scripting (XSS) vulnerability in index.php in LEMON-S PHP S ...)
 	NOT-FOR-US: Oekaki BBS
 CVE-2015-2968
 	RESERVED
-CVE-2015-2966
+CVE-2015-2966 (Directory traversal vulnerability in the Droidware UK Explorer+ File M ...)
 	NOT-FOR-US: Droidware UK Explorer+ File Manager application for Android
-CVE-2015-2965
+CVE-2015-2965 (Directory traversal vulnerability in osCommerce Japanese 2.2ms1j-R8 an ...)
 	NOT-FOR-US: osCommerce Japanese
-CVE-2015-2964
+CVE-2015-2964 (NAMSHI | JOSE 5.0.0 and earlier allows remote attackers to bypass sign ...)
 	NOT-FOR-US: NAMSHI | JOSE
-CVE-2015-2963
+CVE-2015-2963 (The thoughtbot paperclip gem before 4.2.2 for Ruby does not consider t ...)
 	NOT-FOR-US: thoughtbot paperclip gem for ruby
-CVE-2015-2962
+CVE-2015-2962 (CGI RESCUE BloBee 1.20 and earlier allows remote attackers to write to ...)
 	NOT-FOR-US: CGI RESCUE BloBee
-CVE-2015-2961
+CVE-2015-2961 (Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow Analyz ...)
 	NOT-FOR-US: Zoho NetFlow Analyzer
-CVE-2015-2960
+CVE-2015-2960 (Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer buil ...)
 	NOT-FOR-US: Zoho NetFlow Analyzer
-CVE-2015-2959
+CVE-2015-2959 (Zoho NetFlow Analyzer build 10250 and earlier does not check for admin ...)
 	NOT-FOR-US: Zoho NetFlow Analyzer
-CVE-2015-2958
+CVE-2015-2958 (Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earl ...)
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2957
+CVE-2015-2957 (Cross-site scripting (XSS) vulnerability in Igreks MilkyStep Light 0.9 ...)
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2956
+CVE-2015-2956 (SQL injection vulnerability in Igreks MilkyStep Light 0.94 and earlier ...)
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2955
+CVE-2015-2955 (Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earl ...)
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2954
+CVE-2015-2954 (Cross-site request forgery (CSRF) vulnerability in Igreks MilkyStep Li ...)
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2953
+CVE-2015-2953 (Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earl ...)
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2952
+CVE-2015-2952 (The user-information management functionality in Igreks MilkyStep Ligh ...)
 	NOT-FOR-US: Igreks MilkyStep
-CVE-2015-2951
+CVE-2015-2951 (JWT.php in F21 JWT before 2.0 allows remote attackers to bypass signat ...)
 	NOT-FOR-US: PHP JWT aibrary
-CVE-2015-2950
+CVE-2015-2950 (Directory traversal vulnerability in the Brandon Bowles Open Explorer  ...)
 	NOT-FOR-US: Brandon Bowles Open Explorer application for Android
-CVE-2015-2949
+CVE-2015-2949 (Cross-site scripting (XSS) vulnerability in ZenPhoto20 1.1.3 and earli ...)
 	NOT-FOR-US: ZenPhoto20
-CVE-2015-2948
+CVE-2015-2948 (Cross-site scripting (XSS) vulnerability in the image processor in Zen ...)
 	NOT-FOR-US: Zenphoto
-CVE-2015-2947
+CVE-2015-2947 (KanColleViewer versions 3.8.1 and earlier operates as an open proxy wh ...)
 	NOT-FOR-US: KanColleViewer
-CVE-2015-2946
+CVE-2015-2946 (Stack-based buffer overflow in the Open CAD Format Council SXF common  ...)
 	NOT-FOR-US: Open CAD Format Council SXF common library
-CVE-2015-2945
+CVE-2015-2945 (mt-phpincgi.php in Hajime Fujimoto mt-phpincgi before 2015-05-15 does  ...)
 	NOT-FOR-US: Hajime Fujimoto mt-phpincgi
-CVE-2015-2944
+CVE-2015-2944 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Sling AP ...)
 	NOT-FOR-US: Apache Sling
-CVE-2015-2943
+CVE-2015-2943 (Honda Moto LINC 1.6.1 does not verify SSL certificates. ...)
 	NOT-FOR-US: Honda Moto LINC
-CVE-2015-3026
+CVE-2015-3026 (Icecast before 2.4.2, when a stream_auth handler is defined for URL au ...)
 	{DSA-3239-1}
 	- icecast2 2.4.2-1 (bug #782120)
 	[wheezy] - icecast2 <not-affected> (stream_auth introduced in 2.3.3)
 	[squeeze] - icecast2 <not-affected> (stream_auth introduced in 2.3.3)
 	NOTE: https://trac.xiph.org/ticket/2191
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/08/8
-CVE-2015-3030
+CVE-2015-3030 (The web interface in McAfee Advanced Threat Defense (MATD) before 3.4. ...)
 	NOT-FOR-US: McAfee Advanced Threat Defense
-CVE-2015-3029
+CVE-2015-3029 (The web interface in McAfee Advanced Threat Defense (MATD) before 3.4. ...)
 	NOT-FOR-US: McAfee Advanced Threat Defense
-CVE-2015-3028
+CVE-2015-3028 (McAfee Advanced Threat Defense (MATD) before 3.4.4.63 allows remote au ...)
 	NOT-FOR-US: McAfee Advanced Threat Defense
 CVE-2015-2930
 	RESERVED
-CVE-2015-2926
+CVE-2015-2926 (Cross-site scripting (XSS) vulnerability in Php/stats/statsRecent.inc. ...)
 	NOT-FOR-US: phpTrafficA
 CVE-2015-3406 [unsigned files interpreted as signed in some circumstances]
 	RESERVED
@@ -18340,19 +18340,19 @@ CVE-2015-3406 [unsigned files interpreted as signed in some circumstances]
 	NOTE: Upstream fix: https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/07/1
 	NOTE: Changes might needed in libtest-signature-perl, need further investigation
-CVE-2015-3407
+CVE-2015-3407 (Module::Signature before 0.74 allows remote attackers to bypass signat ...)
 	{DSA-3261-1 DLA-264-1}
 	- libmodule-signature-perl 0.78-1 (bug #783451)
 	NOTE: Upstream fix: https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/07/1
 	NOTE: libtest-signature-perl needed to be updated
-CVE-2015-3408
+CVE-2015-3408 (Module::Signature before 0.74 allows remote attackers to execute arbit ...)
 	{DSA-3261-1 DLA-264-1}
 	- libmodule-signature-perl 0.78-1 (bug #783451)
 	NOTE: Upstream fix: https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/07/1
 	NOTE: Changes might needed in libtest-signature-perl, need further investigation
-CVE-2015-3409
+CVE-2015-3409 (Untrusted search path vulnerability in Module::Signature before 0.75 a ...)
 	{DSA-3261-1 DLA-264-1}
 	- libmodule-signature-perl 0.78-1 (bug #783451)
 	NOTE: Upstream fix: https://github.com/audreyt/module-signature/commit/c41e8885b862b9fce2719449bc9336f0bea658ef
@@ -18364,19 +18364,19 @@ CVE-2015-2920
 	RESERVED
 CVE-2015-2919
 	RESERVED
-CVE-2015-2918
+CVE-2015-2918 (The Studio component in OrientDB Server Community Edition before 2.0.1 ...)
 	NOT-FOR-US: OrientDB
-CVE-2015-2917
+CVE-2015-2917 (Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 an ...)
 	NOT-FOR-US: Securifi Almond
-CVE-2015-2916
+CVE-2015-2916 (Cross-site request forgery (CSRF) vulnerability on Securifi Almond dev ...)
 	NOT-FOR-US: Securifi Almond
-CVE-2015-2915
+CVE-2015-2915 (Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 an ...)
 	NOT-FOR-US: Securifi Almond
-CVE-2015-2914
+CVE-2015-2914 (Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 an ...)
 	NOT-FOR-US: Securifi Almond
-CVE-2015-2913
+CVE-2015-2913 (server/network/protocol/http/OHttpSessionManager.java in the Studio co ...)
 	NOT-FOR-US: OrientDB
-CVE-2015-2912
+CVE-2015-2912 (The JSONP endpoint in the Studio component in OrientDB Server Communit ...)
 	NOT-FOR-US: OrientDB
 CVE-2015-2911
 	RESERVED
@@ -18384,35 +18384,35 @@ CVE-2015-2910
 	RESERVED
 CVE-2015-2909
 	RESERVED
-CVE-2015-2908
+CVE-2015-2908 (** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with firmwar ...)
 	NOT-FOR-US: Mobile Devices (aka MDI) C4 OBD-II dongles
-CVE-2015-2907
+CVE-2015-2907 (** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with firmwar ...)
 	NOT-FOR-US: Mobile Devices (aka MDI) C4 OBD-II dongles
-CVE-2015-2906
+CVE-2015-2906 (** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with firmwar ...)
 	NOT-FOR-US: Mobile Devices (aka MDI) C4 OBD-II dongles
-CVE-2015-2905
+CVE-2015-2905 (Cross-site request forgery (CSRF) vulnerability on Actiontec GT784WN m ...)
 	NOT-FOR-US: Actiontec
-CVE-2015-2904
+CVE-2015-2904 (Actiontec GT784WN modems with firmware before NCS01-1.0.13 have hardco ...)
 	NOT-FOR-US: Actiontec
-CVE-2015-2903
+CVE-2015-2903 (The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 ha ...)
 	NOT-FOR-US: HP ArcSight
-CVE-2015-2902
+CVE-2015-2902 (HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certifica ...)
 	NOT-FOR-US: HP ArcSight
-CVE-2015-2901
+CVE-2015-2901 (Multiple stack-based buffer overflows in Medicomp MEDCIN Engine 2.22.2 ...)
 	NOT-FOR-US: Medicomp
-CVE-2015-2900
+CVE-2015-2900 (The AddUserFinding add_userfinding2 function in Medicomp MEDCIN Engine ...)
 	NOT-FOR-US: Medicomp
-CVE-2015-2899
+CVE-2015-2899 (Heap-based buffer overflow in the QualifierList retrieve_qualifier_lis ...)
 	NOT-FOR-US: Medicomp
-CVE-2015-2898
+CVE-2015-2898 (Multiple stack-based buffer overflows in Medicomp MEDCIN Engine before ...)
 	NOT-FOR-US: Medicomp
-CVE-2015-2897
+CVE-2015-2897 (Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices h ...)
 	NOT-FOR-US: Sierra Wireless ALEOS
-CVE-2015-2896
+CVE-2015-2896 (The up.time client in Idera Uptime Infrastructure Monitor through 7.6  ...)
 	NOT-FOR-US: Idera Uptime Infrastructure Monitor
-CVE-2015-2895
+CVE-2015-2895 (Buffer overflow in the up.time client in Idera Uptime Infrastructure M ...)
 	NOT-FOR-US: Idera Uptime Infrastructure Monitor
-CVE-2015-2894
+CVE-2015-2894 (Format string vulnerability in the up.time client in Idera Uptime Infr ...)
 	NOT-FOR-US: Idera Uptime Infrastructure Monitor
 CVE-2015-2893
 	RESERVED
@@ -18420,115 +18420,115 @@ CVE-2015-2892
 	RESERVED
 CVE-2015-2891
 	RESERVED
-CVE-2015-2890
+CVE-2015-2890 (The BIOS implementation on Dell Latitude, OptiPlex, Precision Mobile W ...)
 	NOT-FOR-US: BIOS implementations on Dell hardware with model-dependent firmware
-CVE-2015-2889
+CVE-2015-2889 (Summer Baby Zoom Wifi Monitor &amp; Internet Viewing System allows rem ...)
 	NOT-FOR-US: Summer Baby Zoom Wifi Monitor and Internet Viewing System
-CVE-2015-2888
+CVE-2015-2888 (Summer Baby Zoom Wifi Monitor &amp; Internet Viewing System allows rem ...)
 	NOT-FOR-US: Summer Baby Zoom Wifi Monitor and Internet Viewing System
-CVE-2015-2887
+CVE-2015-2887 (iBaby M3S has a password of admin for the backdoor admin account. ...)
 	NOT-FOR-US: iBaby M3S
-CVE-2015-2886
+CVE-2015-2886 (iBaby M6 allows remote attackers to obtain sensitive information, rela ...)
 	NOT-FOR-US: iBaby M6
-CVE-2015-2885
+CVE-2015-2885 (Lens Peek-a-View has a password of 2601hx for the backdoor admin accou ...)
 	NOT-FOR-US: Lens Peek-a-View
-CVE-2015-2884
+CVE-2015-2884 (Philips In.Sight B120/37 allows remote attackers to obtain sensitive i ...)
 	NOT-FOR-US: Philips In.Sight B120/37
-CVE-2015-2883
+CVE-2015-2883 (Philips In.Sight B120/37 has XSS, related to the Weaved cloud web serv ...)
 	NOT-FOR-US: Philips In.Sight B120/37
-CVE-2015-2882
+CVE-2015-2882 (Philips In.Sight B120/37 has a password of b120root for the backdoor r ...)
 	NOT-FOR-US: Philips In.Sight B120/37
-CVE-2015-2881
+CVE-2015-2881 (Gynoii has a password of guest for the backdoor guest account and a pa ...)
 	NOT-FOR-US: Gynoii
-CVE-2015-2880
+CVE-2015-2880 (TRENDnet WiFi Baby Cam TV-IP743SIC has a password of admin for the bac ...)
 	NOT-FOR-US: TRENDnet WiFi Baby Cam TV-IP743SIC
 CVE-2015-2879
 	RESERVED
-CVE-2015-2878
+CVE-2015-2878 (Multiple cross-site request forgery (CSRF) vulnerabilities in Hexis Ha ...)
 	NOT-FOR-US: Hexis HawkEye
-CVE-2015-2877
+CVE-2015-2877 (** DISPUTED ** Kernel Samepage Merging (KSM) in the Linux kernel 2.6.3 ...)
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: https://www.usenix.org/conference/woot15/workshop-program/presentation/barresi
 	NOTE: http://www.antoniobarresi.com/security/cloud/2015/07/30/cain/
 	NOTE: Architectual limitation, workaround exists
-CVE-2015-2876
+CVE-2015-2876 (Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Se ...)
 	NOT-FOR-US: Seagate GoFlex
-CVE-2015-2875
+CVE-2015-2875 (Absolute path traversal vulnerability on Seagate GoFlex Satellite, Sea ...)
 	NOT-FOR-US: Seagate GoFlex
-CVE-2015-2874
+CVE-2015-2874 (Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wir ...)
 	NOT-FOR-US: Seagate GoFlex
-CVE-2015-2873
+CVE-2015-2873 (Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat ap ...)
 	NOT-FOR-US: Trend Micro
-CVE-2015-2872
+CVE-2015-2872 (Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro Dee ...)
 	NOT-FOR-US: Trend Micro
-CVE-2015-2871
+CVE-2015-2871 (Chiyu BF-660C fingerprint access-control devices allow remote attacker ...)
 	NOT-FOR-US: Chiyu BF-660C fingerprint access-control devices
-CVE-2015-2870
+CVE-2015-2870 (Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and ...)
 	NOT-FOR-US: Chiyu fingerprint access-control devices
-CVE-2015-2869
+CVE-2015-2869 (The FileInfo plugin before 2.22 for Ghisler Total Commander allows rem ...)
 	NOT-FOR-US: Ghisler Total Commander
-CVE-2015-2868
+CVE-2015-2868 (An exploitable remote code execution vulnerability exists in the Trane ...)
 	NOT-FOR-US: Trane
-CVE-2015-2867
+CVE-2015-2867 (A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 s ...)
 	NOT-FOR-US: Trane
-CVE-2015-2866
+CVE-2015-2866 (SQL injection vulnerability on the Grandstream GXV3611_HD camera with  ...)
 	NOT-FOR-US: Grandstream camera
 CVE-2015-2865
 	REJECTED
-CVE-2015-2864
+CVE-2015-2864 (Retrospect and Retrospect Client before 10.0.2.119 on Windows, before  ...)
 	NOT-FOR-US: Retrospect Client
-CVE-2015-2863
+CVE-2015-2863 (Open redirect vulnerability in Kaseya Virtual System Administrator (VS ...)
 	NOT-FOR-US: Kaseya VSA
-CVE-2015-2862
+CVE-2015-2862 (Directory traversal vulnerability in Kaseya Virtual System Administrat ...)
 	NOT-FOR-US: Kaseya VSA
-CVE-2015-2861
+CVE-2015-2861 (Cross-site request forgery (CSRF) vulnerability in Vesta Control Panel ...)
 	NOT-FOR-US: Vesta Control Panel
-CVE-2015-2860
+CVE-2015-2860 (Directory traversal vulnerability in Avigilon Control Center (ACC) 4 b ...)
 	NOT-FOR-US: Avigilon Control Center
-CVE-2015-2859
+CVE-2015-2859 (Intel McAfee ePolicy Orchestrator (ePO) 4.x through 4.6.9 and 5.x thro ...)
 	NOT-FOR-US: Intel McAfee ePolicy Orchestrator
-CVE-2015-2858
+CVE-2015-2858 (Datalex airline booking software before 2015-09-03 allows remote attac ...)
 	NOT-FOR-US: Datalex airline booking software
-CVE-2015-2857
+CVE-2015-2857 (Accellion File Transfer Appliance before FTA_9_11_210 allows remote at ...)
 	NOT-FOR-US: Accellion File Transfer Appliance
-CVE-2015-2856
+CVE-2015-2856 (Directory traversal vulnerability in the template function in function ...)
 	NOT-FOR-US: Accellion File Transfer Appliance
-CVE-2015-2855
+CVE-2015-2855 (The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV180 ...)
 	NOT-FOR-US: Blue Coat SSL Visibility Appliance
-CVE-2015-2854
+CVE-2015-2854 (The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV180 ...)
 	NOT-FOR-US: Blue Coat SSL Visibility Appliance
-CVE-2015-2853
+CVE-2015-2853 (Session fixation vulnerability in the WebUI component in Blue Coat SSL ...)
 	NOT-FOR-US: Blue Coat SSL Visibility Appliance
-CVE-2015-2852
+CVE-2015-2852 (Cross-site request forgery (CSRF) vulnerability in the WebUI component ...)
 	NOT-FOR-US: Blue Coat SSL Visibility Appliance
-CVE-2015-2851
+CVE-2015-2851 (client_chown in the sync client in Synology Cloud Station 1.1-2291 thr ...)
 	NOT-FOR-US: Synology Cloud Station
-CVE-2015-2850
+CVE-2015-2850 (Cross-site scripting (XSS) vulnerability in index-login.ant in the ANT ...)
 	NOT-FOR-US: ANTlabs
-CVE-2015-2849
+CVE-2015-2849 (SQL injection vulnerability in main.ant in the ANTlabs InnGate firmwar ...)
 	NOT-FOR-US: ANTlabs
-CVE-2015-2848
+CVE-2015-2848 (Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo To ...)
 	NOT-FOR-US: Honeywell Tuxedo Touch
-CVE-2015-2847
+CVE-2015-2847 (Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authen ...)
 	NOT-FOR-US: Honeywell Tuxedo Touch
-CVE-2015-2846
+CVE-2015-2846 (BitTorrent Sync allows remote attackers to execute arbitrary commands  ...)
 	- btsync <itp> (bug #706639)
-CVE-2015-2845
+CVE-2015-2845 (The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3 ...)
 	NOT-FOR-US: GoAutoDial GoAdmin CE
-CVE-2015-2844
+CVE-2015-2844 (The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3 ...)
 	NOT-FOR-US: GoAutoDial GoAdmin CE
-CVE-2015-2843
+CVE-2015-2843 (Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before ...)
 	NOT-FOR-US: GoAutoDial GoAdmin CE
-CVE-2015-2842
+CVE-2015-2842 (Unrestricted file upload vulnerability in go_audiostore.php in the aud ...)
 	NOT-FOR-US: GoAutoDial GoAdmin CE
-CVE-2015-2841
+CVE-2015-2841 (Citrix NetScaler AppFirewall, as used in NetScaler 10.5, allows remote ...)
 	NOT-FOR-US: Citrix NetScaler
-CVE-2015-2840
+CVE-2015-2840 (Cross-site scripting (XSS) vulnerability in help/rt/large_search.html  ...)
 	NOT-FOR-US: Citrix NetScaler
-CVE-2015-2839
+CVE-2015-2839 (The Nitro API in Citrix NetScaler before 10.5 build 52.3nc uses an inc ...)
 	NOT-FOR-US: Citrix NetScaler
-CVE-2015-2838
+CVE-2015-2838 (Cross-site request forgery (CSRF) vulnerability in Nitro API in Citrix ...)
 	NOT-FOR-US: Citrix NetScaler
 CVE-2015-2929 [Dos against tor client; client to crash with an assertion failure]
 	RESERVED
@@ -18554,7 +18554,7 @@ CVE-2015-2833
 	RESERVED
 CVE-2015-2832
 	RESERVED
-CVE-2015-2927
+CVE-2015-2927 (node 0.3.2 and URONode before 1.0.5r3 allows remote attackers to cause ...)
 	- node <removed> (bug #777013)
 	[jessie] - node <no-dsa> (Minor issue)
 	[squeeze] - node <no-dsa> (Minor issue)
@@ -18565,31 +18565,31 @@ CVE-2015-XXXX [caja automounts USB flash drives and CD/DVD drives while session
 	[jessie] - caja 1.8.2-3+deb8u1
 	NOTE: https://github.com/mate-desktop/caja/issues/398
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/03/12
-CVE-2015-3013
+CVE-2015-3013 (ownCloud Server before 5.0.19, 6.x before 6.0.7, and 7.x before 7.0.5  ...)
 	{DSA-3244-1}
 	[experimental] - owncloud 7.0.5+dfsg-1
 	- owncloud 7.0.4+dfsg-3
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-004
-CVE-2015-3012
+CVE-2015-3012 (Multiple cross-site scripting (XSS) vulnerabilities in WebODF before 0 ...)
 	{DSA-3244-1}
 	[experimental] - owncloud 7.0.5+dfsg-1
 	- owncloud 7.0.4+dfsg-3
 	- owncloud-documents <not-affected> (Fixed before initial release to Debian)
 	- webodf <itp> (bug #727529)
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-002
-CVE-2015-3011
+CVE-2015-3011 (Multiple cross-site scripting (XSS) vulnerabilities in the contacts ap ...)
 	{DSA-3244-1}
 	[experimental] - owncloud 7.0.5+dfsg-1
 	- owncloud 7.0.4+dfsg-3
 	- ownclound-contacts <itp> (bug #779055)
 	NOTE: owncloud-contacts fixed in 0.3.0.18+8.0.0+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-001
-CVE-2015-8855
+CVE-2015-8855 (The semver package before 4.3.2 for Node.js allows attackers to cause  ...)
 	- node-semver 5.3.0-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/semver_redos
 	NOTE: https://github.com/npm/npm/releases/tag/v2.7.5
 	NOTE: libv8 is not covered by security support
-CVE-2015-2925
+CVE-2015-2925 (The prepend_path function in fs/dcache.c in the Linux kernel before 4. ...)
 	{DLA-325-1}
 	- linux 4.2.1-1
 	[jessie] - linux 3.16.7-ckt11-1+deb8u4
@@ -18597,7 +18597,7 @@ CVE-2015-2925
 	- linux-2.6 <removed>
 	NOTE: http://permalink.gmane.org/gmane.linux.kernel.containers/29173
 	NOTE: http://permalink.gmane.org/gmane.linux.kernel.containers/29177
-CVE-2015-2924
+CVE-2015-2924 (The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Disco ...)
 	- network-manager 1.0.2-1 (bug #783295)
 	[jessie] - network-manager <no-dsa> (Minor issue)
 	[wheezy] - network-manager <no-dsa> (Minor issue)
@@ -18614,50 +18614,50 @@ CVE-2015-2923 [IPv6 Hop limit lowering via RA messages]
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be fixed in a point update)
 	[squeeze] - kfreebsd-8 <not-affected> (kfreebsd-i386/amd64 not supported in Squeeze LTS)
 	NOTE: https://lists.freebsd.org/pipermail/freebsd-net/2015-April/041934.html
-CVE-2015-2922
+CVE-2015-2922 (The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbo ...)
 	{DSA-3237-1 DLA-246-1}
 	- linux 3.16.7-ckt9-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a
-CVE-2015-2829
+CVE-2015-2829 (Citrix NetScaler Application Delivery Controller (ADC) and NetScaler G ...)
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
-CVE-2015-2828
+CVE-2015-2828 (CA Spectrum 9.2.x and 9.3.x before 9.3 H02 does not properly validate  ...)
 	NOT-FOR-US: CA Spectrum
-CVE-2015-2827
+CVE-2015-2827 (Cross-site scripting (XSS) vulnerability in CA Spectrum 9.2.x and 9.3. ...)
 	NOT-FOR-US: CA Spectrum
-CVE-2015-2826
+CVE-2015-2826 (WordPress Simple Ads Manager plugin 2.5.94 and 2.5.96 allows remote at ...)
 	NOT-FOR-US: WordPress plugin simple-ads-manager
-CVE-2015-2825
+CVE-2015-2825 (Unrestricted file upload vulnerability in sam-ajax-admin.php in the Si ...)
 	NOT-FOR-US: WordPress plugin simple-ads-manager
-CVE-2015-2824
+CVE-2015-2824 (Multiple SQL injection vulnerabilities in the Simple Ads Manager plugi ...)
 	NOT-FOR-US: WordPress plugin simple-ads-manager
-CVE-2015-2823
+CVE-2015-2823 (Siemens SIMATIC HMI Basic Panels 2nd Generation before WinCC (TIA Port ...)
 	NOT-FOR-US: Siemens
-CVE-2015-2822
+CVE-2015-2822 (Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Up ...)
 	NOT-FOR-US: Siemens
-CVE-2015-2821
+CVE-2015-2821 (TYPO3 Neos 1.1.x before 1.1.3 and 1.2.x before 1.2.3 allows remote edi ...)
 	NOT-FOR-US: TYPO3 Neos
-CVE-2015-2820
+CVE-2015-2820 (Buffer overflow in XcListener in SAP Afaria 7.0.6001.5 allows remote a ...)
 	NOT-FOR-US: SAP Afaria
-CVE-2015-2819
+CVE-2015-2819 (SAP Sybase SQL Anywhere 11 and 16 allows remote attackers to cause a d ...)
 	NOT-FOR-US: SAP Sybase SQL Anywhere
-CVE-2015-2818
+CVE-2015-2818 (XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allow ...)
 	NOT-FOR-US: SAP Mobile Platform
-CVE-2015-2817
+CVE-2015-2817 (The SAP Management Console in SAP NetWeaver 7.40 allows remote attacke ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2015-2816
+CVE-2015-2816 (The XcListener in SAP Afaria 7.0.6001.5 does not properly restrict acc ...)
 	NOT-FOR-US: SAP Afaria
-CVE-2015-2815
+CVE-2015-2815 (Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatche ...)
 	NOT-FOR-US: NetWeaver Dispatcher in SAP KERNEL
-CVE-2015-2814
+CVE-2015-2814 (SAP EMR Unwired (com.sap.mobile.healthcare.emr.v2) and Clinical Task T ...)
 	NOT-FOR-US: SAP EMR Unwired and Clinical Task Tracker
-CVE-2015-2813
+CVE-2015-2813 (XML external entity (XXE) vulnerability in SAP Mobile Platform allows  ...)
 	NOT-FOR-US: SAP Mobile Platform
-CVE-2015-2812
+CVE-2015-2812 (XML external entity (XXE) vulnerability in XMLValidationComponent in S ...)
 	NOT-FOR-US: SAP NetWeaver Portal
-CVE-2015-2811
+CVE-2015-2811 (XML external entity (XXE) vulnerability in ReportXmlViewer in SAP NetW ...)
 	NOT-FOR-US: SAP NetWeaver Portal
-CVE-2015-2830
+CVE-2015-2830 (arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not  ...)
 	{DSA-3237-1 DLA-246-1}
 	- linux 3.16.7-ckt9-1
 	- linux-2.6 <removed>
@@ -18670,11 +18670,11 @@ CVE-2015-XXXX [Signature Bypass in several JSON Web Token Libraries]
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/01/4
 	NOTE: https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
 	NOTE: ruby-jwt not directly affected, see https://github.com/jwt/ruby-jwt/issues/76
-CVE-2015-2810
+CVE-2015-2810 (Integer overflow in the HwpApp::CHncSDS_Manager function in Hancom Off ...)
 	NOT-FOR-US: Hancom Office Hwp
-CVE-2015-2809
+CVE-2015-2809 (The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DS ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2015-2808
+CVE-2015-2808 (The RC4 algorithm, as used in the TLS protocol and SSL protocol, does  ...)
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	NOTE: This CVE is specific to the design of the RC4 protocol and not to its
 	NOTE: implementations.
@@ -18684,172 +18684,172 @@ CVE-2015-2808
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client and server deployment of JSSE."
-CVE-2015-2807
+CVE-2015-2807 (Cross-site scripting (XSS) vulnerability in js/window.php in the Navis ...)
 	NOT-FOR-US: Navis DocumentCloud plugin for WordPress
-CVE-2015-2831
+CVE-2015-2831 (Buffer overflow in das_watchdog 0.9.0 allows local users to execute ar ...)
 	{DSA-3221-1 DLA-194-1}
 	- das-watchdog 0.9.0-3.1 (bug #781806)
 	NOTE: Upstream commit: https://github.com/kmatheussen/das_watchdog/commit/bd20bb02e75e2c
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/8
-CVE-2015-2805
+CVE-2015-2805 (Cross-site request forgery (CSRF) vulnerability in sec/content/sec_asa ...)
 	NOT-FOR-US: Alcatel-Lucent OmniSwitch
-CVE-2015-2804
+CVE-2015-2804 (The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250,  ...)
 	NOT-FOR-US: Alcatel-Lucent OmniSwitch
-CVE-2015-2803
+CVE-2015-2803 (SQL injection vulnerability in mod1/index.php in the Akronymmanager (s ...)
 	NOT-FOR-US: TYPO3 extension sb_akronymmanager
 CVE-2015-2802
 	RESERVED
 CVE-2015-2801
 	RESERVED
-CVE-2015-2800
+CVE-2015-2800 (The user authentication module in Huawei Campus switches S5700, S5300, ...)
 	NOT-FOR-US: Huawei
 CVE-2015-2799
 	RESERVED
-CVE-2015-2798
+CVE-2015-2798 (SQL injection vulnerability in Joomla! Component Contact Form Maker 1. ...)
 	NOT-FOR-US: Joomla! extension
-CVE-2015-2797
+CVE-2015-2797 (Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5 ...)
 	NOT-FOR-US: AirTies Air DSL modems
-CVE-2015-2796
+CVE-2015-2796 (Multiple cross-site scripting (XSS) vulnerabilities in Project-Pier Pr ...)
 	NOT-FOR-US: Project-Pier ProjectPier-Core
 CVE-2015-2795
 	RESERVED
-CVE-2015-2794
+CVE-2015-2794 (The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2015-2792
+CVE-2015-2792 (The WPML plugin before 3.1.9 for WordPress does not properly handle mu ...)
 	NOT-FOR-US: WPML plugin for WordPress
-CVE-2015-2791
+CVE-2015-2791 (The "menu sync" function in the WPML plugin before 3.1.9 for WordPress ...)
 	NOT-FOR-US: WPML plugin for WordPress
-CVE-2015-2790
+CVE-2015-2790 (Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remot ...)
 	NOT-FOR-US: Foxit Reader, Enterprise Reader, and PhantomPDF
-CVE-2015-2789
+CVE-2015-2789 (Unquoted Windows search path vulnerability in the Foxit Cloud Safe Upd ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2015-XXXX [xdeb: disables apt's signature checks]
 	- xdeb 0.6.7 (bug #781595)
 	[wheezy] - xdeb <no-dsa> (Minor issue)
-CVE-2015-2931
+CVE-2015-2931 (Incomplete blacklist vulnerability in includes/upload/UploadBase.php i ...)
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2932
+CVE-2015-2932 (Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x b ...)
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2933
+CVE-2015-2933 (Cross-site scripting (XSS) vulnerability in the Html class in MediaWik ...)
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2934
+CVE-2015-2934 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 ...)
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2935
+CVE-2015-2935 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 ...)
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2936
+CVE-2015-2936 (MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password hashing ...)
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2937
+CVE-2015-2937 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 ...)
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2938
+CVE-2015-2938 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24,  ...)
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2939
+CVE-2015-2939 (Cross-site scripting (XSS) vulnerability in the Scribunto extension fo ...)
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2940
+CVE-2015-2940 (Cross-site request forgery (CSRF) vulnerability in the CheckUser exten ...)
 	- mediawiki 1:1.19.20+dfsg-2.3
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2941
+CVE-2015-2941 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.24,  ...)
 	- mediawiki 1:1.19.20+dfsg-2.3 (unimportant)
 	NOTE: HHVM not packaged in Debian
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2942
+CVE-2015-2942 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 ...)
 	- mediawiki 1:1.19.20+dfsg-2.3 (unimportant)
 	NOTE: HHVM not packaged in Debian
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
-CVE-2015-2786
+CVE-2015-2786 (Unspecified vulnerability in MyBB (aka MyBulletinBoard) before 1.8.4 h ...)
 	NOT-FOR-US: MyBB
 CVE-2015-2784
 	RESERVED
-CVE-2015-2783
+CVE-2015-2783 (ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x b ...)
 	{DSA-3280-1 DLA-212-1}
 	- php5 5.6.9+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69324
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=17cbd0b5b78a7500f185b3781a2149881bfff8ae
 	NOTE: Fixed in 5.6.8 and 5.4.40
-CVE-2015-2781
+CVE-2015-2781 (Cross-site scripting (XSS) vulnerability in cgi-bin/hotspotlogin.cgi i ...)
 	NOT-FOR-US: Hotspot Express hotEx Billing Manager
-CVE-2015-2780
+CVE-2015-2780 (Unrestricted file upload vulnerability in Berta CMS allows remote atta ...)
 	NOT-FOR-US: Berta CMS
 CVE-2015-2777
 	RESERVED
-CVE-2015-2775
+CVE-2015-2775 (Directory traversal vulnerability in GNU Mailman before 2.1.20, when n ...)
 	{DSA-3214-1 DLA-186-1}
 	- mailman 1:2.1.18-2 (bug #781626)
 	NOTE: https://bugs.launchpad.net/mailman/+bug/1437145
 	NOTE: https://mail.python.org/pipermail/mailman-developers/2015-March/024875.html
-CVE-2015-2773
+CVE-2015-2773 (SVM in Websense TRITON V-Series appliances before 8.0.0 allows attacke ...)
 	NOT-FOR-US: Websense TRITON V-Series appliances
-CVE-2015-2772
+CVE-2015-2772 (SVM in Websense TRITON V-Series appliances before 8.0.0 allows attacke ...)
 	NOT-FOR-US: Websense TRITON V-Series appliances
-CVE-2015-2771
+CVE-2015-2771 (The Mail Server in Websense TRITON AP-EMAIL and V-Series appliances be ...)
 	NOT-FOR-US: Websense TRITON AP-EMAIL and V-Series appliances
-CVE-2015-2770
+CVE-2015-2770 (Cross-site request forgery (CSRF) vulnerability in the command line pa ...)
 	NOT-FOR-US: Websense TRITON V-Series appliances
-CVE-2015-2769
+CVE-2015-2769 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Pers ...)
 	NOT-FOR-US: Websense TRITON AP-EMAIL
-CVE-2015-2768
+CVE-2015-2768 (Cross-site scripting (XSS) vulnerability in Websense TRITON AP-EMAIL b ...)
 	NOT-FOR-US: Websense TRITON AP-EMAIL
-CVE-2015-2767
+CVE-2015-2767 (Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has ...)
 	NOT-FOR-US: Websense TRITON AP-EMAIL
-CVE-2015-2766
+CVE-2015-2766 (The Personal Email Manager (PEM) in Websense TRITON AP-EMAIL before 8. ...)
 	NOT-FOR-US: Websense TRITON AP-EMAIL
-CVE-2015-2765
+CVE-2015-2765 (The Email Security Gateway in Websense TRITON AP-EMAIL before 8.0.0 al ...)
 	NOT-FOR-US: Websense TRITON AP-EMAIL
-CVE-2015-2764
+CVE-2015-2764 (Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON ...)
 	NOT-FOR-US: Websense TRITON AP-DATA
-CVE-2015-2763
+CVE-2015-2763 (Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has ...)
 	NOT-FOR-US: Websense TRITON AP-EMAIL
-CVE-2015-2762
+CVE-2015-2762 (Websense TRITON AP-WEB before 8.0.0 allows remote attackers to enumera ...)
 	NOT-FOR-US: Websense TRITON AP-WEB
-CVE-2015-2761
+CVE-2015-2761 (Cross-site scripting (XSS) vulnerability in the Exceptions and Scannin ...)
 	NOT-FOR-US: Websense TRITON AP-WEB
-CVE-2015-2760
+CVE-2015-2760 (Cross-site scripting (XSS) vulnerability in the ePO extension in McAfe ...)
 	NOT-FOR-US: McAfee
-CVE-2015-2759
+CVE-2015-2759 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO  ...)
 	NOT-FOR-US: McAfee
-CVE-2015-2758
+CVE-2015-2758 (The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) befor ...)
 	NOT-FOR-US: McAfee
-CVE-2015-2757
+CVE-2015-2757 (The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) befor ...)
 	NOT-FOR-US: McAfee
 CVE-2015-XXXX [crashes found with afl]
 	- hp2xx 3.4.4-10 (low)
@@ -18861,7 +18861,7 @@ CVE-2015-2793 [cross-site scripting via openid_identifier]
 	[wheezy] - ikiwiki 3.20120629.2
 	[squeeze] - ikiwiki <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/30/5
-CVE-2015-2806
+CVE-2015-2806 (Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4. ...)
 	{DSA-3220-1 DLA-195-1}
 	[experimental] - libtasn1-6 4.4-1
 	- libtasn1-6 4.2-3
@@ -18870,15 +18870,15 @@ CVE-2015-2806
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/29/4
 	NOTE: Only in the asn1 definition parser, not in the asn1 parser itself
 	NOTE: https://lists.gnu.org/archive/html/help-libtasn1/2015-01/msg00000.html
-CVE-2015-2787
+CVE-2015-2787 (Use-after-free vulnerability in the process_nested_data function in ex ...)
 	{DSA-3198-1 DLA-212-1}
 	- php5 5.6.7+dfsg-1
 	NOTE: https://bugs.php.net/68976
-CVE-2015-2782
+CVE-2015-2782 (Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote atta ...)
 	{DSA-3213-1 DLA-188-1}
 	- arj 3.10.22-13 (bug #774015)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/28/5
-CVE-2015-2756
+CVE-2015-2756 (QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict a ...)
 	{DSA-3259-1 DLA-479-1}
 	- xen 4.2.0~rc2-1 (bug #781620)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
@@ -18887,44 +18887,44 @@ CVE-2015-2756
 	[squeeze] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: http://xenbits.xen.org/xsa/advisory-126.html
-CVE-2015-2755
+CVE-2015-2755 (Multiple cross-site request forgery (CSRF) vulnerabilities in the AB G ...)
 	NOT-FOR-US: AB Google Map Travel (AB-MAP) plugin for WordPress
-CVE-2015-2752
+CVE-2015-2752 (The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, wh ...)
 	{DLA-479-1}
 	- xen 4.4.1-9 (bug #781620)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-125.html
-CVE-2015-2751
+CVE-2015-2751 (Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allo ...)
 	- xen 4.4.1-9 (bug #781620)
 	[wheezy] - xen <not-affected> (Affected functionality introduced in 4.2)
 	[squeeze] - xen <not-affected> (Affected functionality introduced in 4.2)
 	NOTE: http://xenbits.xen.org/xsa/advisory-127.html
-CVE-2015-2748
+CVE-2015-2748 (Websense TRITON AP-WEB before 8.0.0 does not properly restrict access  ...)
 	NOT-FOR-US: Websense TRITON AP-WEB
-CVE-2015-2747
+CVE-2015-2747 (Multiple cross-site scripting (XSS) vulnerabilities in the data loss p ...)
 	NOT-FOR-US: Websense Triton
-CVE-2015-2746
+CVE-2015-2746 (The network diagnostics tool (CommandLineServlet) in the Appliance Man ...)
 	NOT-FOR-US: Websense TRITON
-CVE-2015-2774
+CVE-2015-2774 (Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes w ...)
 	- erlang 1:17.3-dfsg-4 (low; bug #781839)
 	[squeeze] - erlang <no-dsa> (Minor issue)
 	[wheezy] - erlang <no-dsa> (Minor issue)
 	NOTE: http://www.erlang.org/news/85
 	NOTE: CVE about "ssl: ... added padding check for TLS-1.0 due to the Poodle vulnerability."
 	NOTE: https://github.com/erlang/otp/commit/e53c55dd0ab69982bc511396ccf8655d27c6d38c
-CVE-2015-2745
+CVE-2015-2745 (Multiple cross-site scripting (XSS) vulnerabilities in the Search app  ...)
 	NOT-FOR-US: Mozilla Firefox OS
-CVE-2015-2744
+CVE-2015-2744 (Cross-site scripting (XSS) vulnerability in the Search app in Gaia in  ...)
 	NOT-FOR-US: Mozilla Firefox OS
-CVE-2015-2743
+CVE-2015-2743 (PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 ...)
 	{DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-69/
-CVE-2015-2742
+CVE-2015-2742 (Mozilla Firefox before 39.0 on OS X includes native key press informat ...)
 	- iceweasel <not-affected> (OS X specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-68/
-CVE-2015-2741
+CVE-2015-2741 (Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunder ...)
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
@@ -18934,56 +18934,56 @@ CVE-2015-2741
 	[jessie] - icedove <not-affected> (Only affects Thunderbird 38 and later)
 	[wheezy] - icedove <not-affected> (Only affects Thunderbird 38 and later)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-67/
-CVE-2015-2740
+CVE-2015-2740 (Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function ...)
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2739
+CVE-2015-2739 (The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0 ...)
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2738
+CVE-2015-2738 (The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YC ...)
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2737
+CVE-2015-2737 (The rx::d3d11::SetBufferData function in the Direct3D 11 implementatio ...)
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2736
+CVE-2015-2736 (The nsZipArchive::BuildFileList function in Mozilla Firefox before 39. ...)
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2735
+CVE-2015-2735 (nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x befo ...)
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2734
+CVE-2015-2734 (The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D  ...)
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2733
+CVE-2015-2733 (Use-after-free vulnerability in the CanonicalizeXPCOMParticipant funct ...)
 	- iceweasel 38.1.0esr-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
@@ -18991,7 +18991,7 @@ CVE-2015-2733
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-65/
 CVE-2015-2732
 	RESERVED
-CVE-2015-2731
+CVE-2015-2731 (Use-after-free vulnerability in the CSPService::ShouldLoad function in ...)
 	{DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -19000,7 +19000,7 @@ CVE-2015-2731
 	[wheezy] - icedove <not-affected> (Does not affect 31.x ESR Thunderbird)
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-63/
-CVE-2015-2730
+CVE-2015-2730 (Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozi ...)
 	{DSA-3336-1 DLA-315-1}
 	- nss 2:3.19.1-1
 	- iceweasel 38.1.0esr-1
@@ -19010,24 +19010,24 @@ CVE-2015-2730
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-64/
 	NOTE: https://hg.mozilla.org/projects/nss/rev/fc6870938172
 	NOTE: https://hg.mozilla.org/projects/nss/rev/2c05e861ce07
-CVE-2015-2729
+CVE-2015-2729 (The AudioParamTimeline::AudioNodeInputValue function in the Web Audio  ...)
 	- iceweasel 38.1.0esr-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-62/
-CVE-2015-2728
+CVE-2015-2728 (The IndexedDatabaseManager class in the IndexedDB implementation in Mo ...)
 	{DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-61/
-CVE-2015-2727
+CVE-2015-2727 (Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote a ...)
 	- iceweasel 38.1.0esr-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-60/
-CVE-2015-2726
+CVE-2015-2726 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 39)
@@ -19037,7 +19037,7 @@ CVE-2015-2726
 	[jessie] - icedove <not-affected> (Only affects Icedove 39)
 	[wheezy] - icedove <not-affected> (Only affects Icedove 39)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/
-CVE-2015-2725
+CVE-2015-2725 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
@@ -19047,7 +19047,7 @@ CVE-2015-2725
 	[jessie] - icedove <not-affected> (Only affects Icedove 38 and later)
 	[wheezy] - icedove <not-affected> (Only affects Icedove 38 and later)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/
-CVE-2015-2724
+CVE-2015-2724 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3324-1 DSA-3300-1}
 	- iceweasel 38.1.0esr-1
 	[squeeze] - iceweasel <end-of-life>
@@ -19056,13 +19056,13 @@ CVE-2015-2724
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/
 CVE-2015-2723
 	REJECTED
-CVE-2015-2722
+CVE-2015-2722 (Use-after-free vulnerability in the CanonicalizeXPCOMParticipant funct ...)
 	- iceweasel 38.1.0esr-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-65/
-CVE-2015-2721
+CVE-2015-2721 (Mozilla Network Security Services (NSS) before 3.19, as used in Mozill ...)
 	{DSA-3336-1 DSA-3324-1 DSA-3300-1 DLA-315-1}
 	- nss 2:3.19.1-1
 	NOTE: NSS patch: https://hg.mozilla.org/projects/nss/rev/6b4770c76bc8
@@ -19072,65 +19072,65 @@ CVE-2015-2721
 	- icedove 38.1.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-71/
-CVE-2015-2720
+CVE-2015-2720 (The update implementation in Mozilla Firefox before 38.0 on Windows do ...)
 	- iceweasel <not-affected> (Only affects Windows)
 CVE-2015-2719
 	RESERVED
-CVE-2015-2718
+CVE-2015-2718 (The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote ...)
 	- iceweasel 38.0-1
 	[jessie] - iceweasel <not-affected> (Only affects 37.x)
 	[wheezy] - iceweasel <not-affected> (Only affects 37.x)
 	[squeeze] - iceweasel <not-affected> (Only affects 37.x)
-CVE-2015-2717
+CVE-2015-2717 (Integer overflow in libstagefright in Mozilla Firefox before 38.0 allo ...)
 	- iceweasel 38.0-1
 	[jessie] - iceweasel <not-affected> (Only affects 37.x)
 	[wheezy] - iceweasel <not-affected> (Only affects 37.x)
 	[squeeze] - iceweasel <not-affected> (Only affects 37.x)
-CVE-2015-2716
+CVE-2015-2716 (Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Fire ...)
 	{DSA-3264-1 DSA-3260-1}
 	- iceweasel 38.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.7.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-54/
-CVE-2015-2715
+CVE-2015-2715 (Race condition in the nsThreadManager::RegisterCurrentThread function  ...)
 	- iceweasel 38.0-1
 	[jessie] - iceweasel <not-affected> (Only affects 37.x)
 	[wheezy] - iceweasel <not-affected> (Only affects 37.x)
 	[squeeze] - iceweasel <not-affected> (Only affects 37.x)
-CVE-2015-2714
+CVE-2015-2714 (Mozilla Firefox before 38.0 on Android does not properly restrict writ ...)
 	- iceweasel <not-affected> (Only affects Firefox on Android)
-CVE-2015-2713
+CVE-2015-2713 (Use-after-free vulnerability in the SetBreaks function in Mozilla Fire ...)
 	{DSA-3264-1 DSA-3260-1}
 	- iceweasel 38.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.7.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-51/
-CVE-2015-2712
+CVE-2015-2712 (The asm.js implementation in Mozilla Firefox before 38.0 does not prop ...)
 	- iceweasel 38.0-1
 	[jessie] - iceweasel <not-affected> (Only affects 37.x)
 	[wheezy] - iceweasel <not-affected> (Only affects 37.x)
 	[squeeze] - iceweasel <not-affected> (Only affects 37.x)
-CVE-2015-2711
+CVE-2015-2711 (Mozilla Firefox before 38.0 does not recognize a referrer policy deliv ...)
 	- iceweasel 38.0-1
 	[jessie] - iceweasel <not-affected> (Only affects 37.x)
 	[wheezy] - iceweasel <not-affected> (Only affects 37.x)
 	[squeeze] - iceweasel <not-affected> (Only affects 37.x)
-CVE-2015-2710
+CVE-2015-2710 (Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefo ...)
 	{DSA-3264-1 DSA-3260-1}
 	- iceweasel 38.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.7.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-48/
-CVE-2015-2709
+CVE-2015-2709 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel 38.0-1
 	[jessie] - iceweasel <not-affected> (Only affects 37.x)
 	[wheezy] - iceweasel <not-affected> (Only affects 37.x)
 	[squeeze] - iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-46/
-CVE-2015-2708
+CVE-2015-2708 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3264-1 DSA-3260-1}
 	- iceweasel 38.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -19139,46 +19139,46 @@ CVE-2015-2708
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-46/
 CVE-2015-2707
 	RESERVED
-CVE-2015-2706
+CVE-2015-2706 (Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent functio ...)
 	[experimental] - iceweasel 37.0.2-1
 	- iceweasel <not-affected> (Only affects 37.x series)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/
 CVE-2015-2705
 	RESERVED
-CVE-2015-2703
+CVE-2015-2703 (Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON ...)
 	NOT-FOR-US: Websense
-CVE-2015-2702
+CVE-2015-2702 (Cross-site scripting (XSS) vulnerability in the Message Log in the Ema ...)
 	NOT-FOR-US: Websense
-CVE-2015-2701
+CVE-2015-2701 (Cross-site request forgery (CSRF) vulnerability in CS-Cart 4.2.4 allow ...)
 	NOT-FOR-US: CS-Cart
 CVE-2015-2700
 	RESERVED
 CVE-2015-2699
 	RESERVED
-CVE-2015-2698
+CVE-2015-2698 (The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c ...)
 	- krb5 1.13.2+dfsg-4
 	[jessie] - krb5 <not-affected> (Only affected when applying original patch for CVE-2015-2696 only)
 	[wheezy] - krb5 <not-affected> (Only affected when applying original patch for CVE-2015-2696 only)
 	[squeeze] - krb5 <not-affected> (Vulnerable code not present)
 	NOTE: Upstream ticket: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8273
 	NOTE: https://github.com/krb5/krb5/commit/3db8dfec1ef50ddd78d6ba9503185995876a39fd
-CVE-2015-2697
+CVE-2015-2697 (The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Ker ...)
 	{DSA-3395-2 DSA-3395-1 DLA-340-1}
 	- krb5 1.13.2+dfsg-3 (bug #803088)
 	NOTE: https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789
 	NOTE: Upstream ticket: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252
-CVE-2015-2696
+CVE-2015-2696 (lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 reli ...)
 	{DSA-3395-1}
 	- krb5 1.13.2+dfsg-3 (bug #803084)
 	[squeeze] - krb5 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/krb5/krb5/commit/e04f0283516e80d2f93366e0d479d13c9b5c8c2a
 	NOTE: Upstream ticket: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244
-CVE-2015-2695
+CVE-2015-2695 (lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1. ...)
 	{DSA-3395-1 DLA-340-1}
 	- krb5 1.13.2+dfsg-3 (bug #803083)
 	NOTE: https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d
 	NOTE: Upstream ticket: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244
-CVE-2015-2694
+CVE-2015-2694 (The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x  ...)
 	- krb5 1.12.1+dfsg-20 (bug #783557)
 	[jessie] - krb5 1.12.1+dfsg-19+deb8u3
 	[wheezy] - krb5 <no-dsa> (Minor issue and can be fixed in a future DSA)
@@ -19190,48 +19190,48 @@ CVE-2015-2694
 	NOTE: has. Thus basicaly only krb5/1.12 is affected.
 CVE-2015-2693
 	RESERVED
-CVE-2015-2692
+CVE-2015-2692 (AdBlock before 2.21 allows remote attackers to block arbitrary resourc ...)
 	NOT-FOR-US: AdBlock
 CVE-2015-2691
 	RESERVED
-CVE-2015-2690
+CVE-2015-2690 (Multiple cross-site scripting (XSS) vulnerabilities in views/add-licen ...)
 	NOT-FOR-US: Digium Addons module for FreePBX
-CVE-2015-2704
+CVE-2015-2704 (realmd allows remote attackers to inject arbitrary configurations in t ...)
 	- realmd 0.16.0-1 (bug #781179)
 	[jessie] - realmd <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=89207
-CVE-2015-2776
+CVE-2015-2776 (The parse_SST function in FreeXL before 1.0.0i allows remote attackers ...)
 	{DSA-3208-1}
 	[experimental] - freexl 1.0.1-1~exp1
 	- freexl 1.0.0g-1+deb8u1 (bug #781228)
 	NOTE: Reproducer: https://www.dropbox.com/s/gh61gzaf8jj30hj/freexl_6889d18b?dl=0
-CVE-2015-2754
+CVE-2015-2754 (FreeXL before 1.0.0i allows remote attackers to cause a denial of serv ...)
 	{DSA-3208-1}
 	[experimental] - freexl 1.0.1-1~exp1
 	- freexl 1.0.0g-1+deb8u1 (bug #781228)
 	NOTE: Reproducer: https://www.dropbox.com/s/66srfory903w6cl/freexl_d7273f72?dl=0
-CVE-2015-2753
+CVE-2015-2753 (FreeXL before 1.0.0i allows remote attackers to cause a denial of serv ...)
 	{DSA-3208-1}
 	[experimental] - freexl 1.0.1-1~exp1
 	- freexl 1.0.0g-1+deb8u1 (bug #781228)
 	NOTE: Reproducer: https://www.dropbox.com/s/3htzndywvtmomlx/freexl_9f74b0e8?dl=0
 CVE-2015-2685
 	RESERVED
-CVE-2015-2683
+CVE-2015-2683 (Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7  ...)
 	NOT-FOR-US: Citrix Command Center
-CVE-2015-2682
+CVE-2015-2682 (Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7  ...)
 	NOT-FOR-US: Citrix Command Center
-CVE-2015-2681
+CVE-2015-2681 (Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 ...)
 	NOT-FOR-US: Asus
-CVE-2015-2680
+CVE-2015-2680 (Cross-site request forgery (CSRF) vulnerability in MetalGenix GeniXCMS ...)
 	NOT-FOR-US: MetalGenix GeniXCMS
-CVE-2015-2679
+CVE-2015-2679 (Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0 ...)
 	NOT-FOR-US: MetalGenix GeniXCMS
-CVE-2015-2678
+CVE-2015-2678 (Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix Geni ...)
 	NOT-FOR-US: MetalGenix GeniXCMS
-CVE-2015-2677
+CVE-2015-2677 (Multiple cross-site scripting (XSS) vulnerabilities in ocPortal before ...)
 	- ocportal <itp> (bug #625865)
-CVE-2015-2676
+CVE-2015-2676 (Cross-site request forgery (CSRF) vulnerability in the ASUS RT-G32 rou ...)
 	NOT-FOR-US: Asus
 CVE-2015-2689 [Assertion failure in dns.c, possibly connected to UDP DoS attack]
 	RESERVED
@@ -19243,12 +19243,12 @@ CVE-2015-2688 [relay could crash with an assertion]
 	{DSA-3203-1 DLA-178-1}
 	- tor 0.2.5.11-1
 	NOTE: https://trac.torproject.org/projects/tor/ticket/15083
-CVE-2015-2687
+CVE-2015-2687 (OpenStack Compute (nova) Icehouse, Juno and Havana when live migration ...)
 	- nova 2014.1-1
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: This is no longer a security issue starting with icehouse, so marking 2014.1 as fixed
 	NOTE: https://bugs.launchpad.net/nova/+bug/1419577
-CVE-2015-2673
+CVE-2015-2673 (The ec_ajax_update_option and ec_ajax_clear_all_taxrates functions in  ...)
 	NOT-FOR-US: WP EasyCart plugin for Wordpress
 CVE-2015-2671
 	RESERVED
@@ -19256,108 +19256,108 @@ CVE-2015-2670
 	REJECTED
 CVE-2015-2669
 	RESERVED
-CVE-2015-2668
+CVE-2015-2668 (ClamAV before 0.98.7 allows remote attackers to cause a denial of serv ...)
 	{DLA-233-1}
 	- clamav 0.98.7+dfsg-1
 	[jessie] - clamav 0.98.7+dfsg-0+deb8u1
 	[wheezy] - clamav 0.98.7+dfsg-0+deb7u1
-CVE-2015-2667
+CVE-2015-2667 (Untrusted search path vulnerability in GNS3 1.2.3 allows local users t ...)
 	- gns3 <not-affected> (Windows specific)
-CVE-2015-2665
+CVE-2015-2665 (Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows ...)
 	{DSA-3295-1 DLA-255-1}
 	- cacti 0.8.8d+ds1-1
 	NOTE: http://www.fortiguard.com/advisory/FG-VD-15-017/
 	NOTE: http://bugs.cacti.net/view.php?id=2542 (bug is not yet accessible)
 	NOTE: http://svn.cacti.net/viewvc/cacti/tags/0.8.8d/graphs.php?r1=7716&r2=7717&view=patch
-CVE-2015-2664
+CVE-2015-2664 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allow ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-2663
+CVE-2015-2663 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-2662
+CVE-2015-2662 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows loc ...)
 	NOT-FOR-US: Solaris DHCP (dhcpagent)
-CVE-2015-2661
+CVE-2015-2661 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2660
+CVE-2015-2660 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-2659
+CVE-2015-2659 (Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded  ...)
 	- openjdk-6 <not-affected> (Only affects Java 8)
 	- openjdk-7 <not-affected> (Only affects Java 8)
 	- openjdk-8 8u66-b01-1
-CVE-2015-2658
+CVE-2015-2658 (Unspecified vulnerability in the Web Cache component in Oracle Fusion  ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2657
+CVE-2015-2657 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-2656
+CVE-2015-2656 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-2655
+CVE-2015-2655 (Unspecified vulnerability in the Application Express component in Orac ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-2654
+CVE-2015-2654 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-2653
+CVE-2015-2653 (Unspecified vulnerability in the Oracle Commerce Guided Search / Oracl ...)
 	NOT-FOR-US: Oracle Commerce
-CVE-2015-2652
+CVE-2015-2652 (Unspecified vulnerability in the Oracle Marketing component in Oracle  ...)
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-2651
+CVE-2015-2651 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Solaris Virtualized NIC Driver
-CVE-2015-2650
+CVE-2015-2650 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2015-2649
+CVE-2015-2649 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Seibel CRM
-CVE-2015-2648
+CVE-2015-2648 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier an ...)
 	{DSA-3311-1 DSA-3308-1 DLA-359-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed> (bug #792445)
 	- mariadb-10.0 10.0.20-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2647
+CVE-2015-2647 (Unspecified vulnerability in the Enterprise Manager for Oracle Databas ...)
 	NOT-FOR-US: Oracle Database
-CVE-2015-2646
+CVE-2015-2646 (Unspecified vulnerability in the Enterprise Manager for Oracle Databas ...)
 	NOT-FOR-US: Oracle Database
-CVE-2015-2645
+CVE-2015-2645 (Unspecified vulnerability in the Oracle Web Applications Desktop Integ ...)
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-2644
+CVE-2015-2644 (Unspecified vulnerability in the Oracle Agile PLM Framework component  ...)
 	NOT-FOR-US: Oracle Supply Chain
-CVE-2015-2643
+CVE-2015-2643 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier an ...)
 	{DSA-3311-1 DSA-3308-1 DLA-359-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed> (bug #792445)
 	- mariadb-10.0 10.0.20-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2642
+CVE-2015-2642 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows loc ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-2641
+CVE-2015-2641 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2640
+CVE-2015-2640 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-2639
+CVE-2015-2639 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2638
+CVE-2015-2638 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
-CVE-2015-2637
+CVE-2015-2637 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
-CVE-2015-2636
+CVE-2015-2636 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2635
+CVE-2015-2635 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2634
+CVE-2015-2634 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2633
+CVE-2015-2633 (Unspecified vulnerability in the Enterprise Manager Ops Center compone ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
-CVE-2015-2632
+CVE-2015-2632 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allow ...)
 	{DSA-3725-1 DSA-3339-1 DSA-3316-1 DLA-545-1 DLA-381-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -19367,13 +19367,13 @@ CVE-2015-2632
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
 	- icu 55.1-7
 	NOTE: http://bugs.icu-project.org/trac/ticket/11865 (not yet public)
-CVE-2015-2631
+CVE-2015-2631 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows loc ...)
 	NOT-FOR-US: Solaris (rmformat)
-CVE-2015-2630
+CVE-2015-2630 (Unspecified vulnerability in the Technology stack component in Oracle  ...)
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-2629
+CVE-2015-2629 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-2628
+CVE-2015-2628 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and  ...)
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -19381,13 +19381,13 @@ CVE-2015-2628
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-2627
+CVE-2015-2627 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allow ...)
 	- openjdk-6 <not-affected> (Specific to Java client installer)
 	- openjdk-7 <not-affected> (Specific to Java client installer)
 	- openjdk-8 <not-affected> (Specific to Java client installer)
-CVE-2015-2626
+CVE-2015-2626 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-2625
+CVE-2015-2625 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRoc ...)
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -19395,13 +19395,13 @@ CVE-2015-2625
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client and server deployment of JSSE."
-CVE-2015-2624
+CVE-2015-2624 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-2623
+CVE-2015-2623 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2015-2622
+CVE-2015-2622 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2015-2621
+CVE-2015-2621 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and  ...)
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -19409,7 +19409,7 @@ CVE-2015-2621
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-2620
+CVE-2015-2620 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier an ...)
 	{DSA-3308-1 DLA-359-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed> (bug #792445)
@@ -19417,53 +19417,53 @@ CVE-2015-2620
 	[jessie] - mariadb-10.0 10.0.20-0+deb8u1
 	NOTE: Possibly related to https://github.com/mysql/mysql-server/commit/fdae90dd
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2619
+CVE-2015-2619 (Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2. ...)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
-CVE-2015-2618
+CVE-2015-2618 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-2617
+CVE-2015-2617 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2616
+CVE-2015-2616 (Unspecified vulnerability in Oracle Sun Solaris 3.3 and 4.2 allows loc ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-2615
+CVE-2015-2615 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-2614
+CVE-2015-2614 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Solaris (NVM Express Driver)
-CVE-2015-2613
+CVE-2015-2613 (Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE ...)
 	{DSA-3339-1 DSA-3316-1}
 	- openjdk-6 <not-affected> (Does not apply to OpenJDK 6.x, only 7.x and 8.x)
 	- openjdk-7 7u79-2.5.6-1
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client and server deployment of Java."
-CVE-2015-2612
+CVE-2015-2612 (Unspecified vulnerability in the Siebel Core - Server OM Svcs componen ...)
 	NOT-FOR-US: Oracle Seibel CMS
-CVE-2015-2611
+CVE-2015-2611 (Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier al ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only 5.6 series)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2610
+CVE-2015-2610 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business
-CVE-2015-2609
+CVE-2015-2609 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Solaris (performance counters)
-CVE-2015-2608
+CVE-2015-2608 (Unspecified vulnerability in (1) the Oracle Communications Diameter Si ...)
 	NOT-FOR-US: Oracle Communications Applications
-CVE-2015-2607
+CVE-2015-2607 (Unspecified vulnerability in the Oracle Commerce Guided Search / Oracl ...)
 	NOT-FOR-US: Oracle Commerce
-CVE-2015-2606
+CVE-2015-2606 (Unspecified vulnerability in the Oracle Endeca Information Discovery S ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2605
+CVE-2015-2605 (Unspecified vulnerability in the Oracle Endeca Information Discovery S ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2604
+CVE-2015-2604 (Unspecified vulnerability in the Oracle Endeca Information Discovery S ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2603
+CVE-2015-2603 (Unspecified vulnerability in the Oracle Endeca Information Discovery S ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2602
+CVE-2015-2602 (Unspecified vulnerability in the Oracle Endeca Information Discovery S ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2601
+CVE-2015-2601 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRoc ...)
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -19471,34 +19471,34 @@ CVE-2015-2601
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client and server deployment of Java."
-CVE-2015-2600
+CVE-2015-2600 (Unspecified vulnerability in the Siebel Core - Server OM Svcs componen ...)
 	NOT-FOR-US: Oracle Siebel CMS
-CVE-2015-2599
+CVE-2015-2599 (Unspecified vulnerability in the RDBMS Scheduler component in Oracle D ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-2598
+CVE-2015-2598 (Unspecified vulnerability in the mobile app in Oracle Business Intelli ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2597
+CVE-2015-2597 (Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local ...)
 	- openjdk-6 <not-affected> (Specific to MacOS X)
 	- openjdk-7 <not-affected> (Specific to MacOS X)
 	- openjdk-8 <not-affected> (Specific to MacOS X)
-CVE-2015-2596
+CVE-2015-2596 (Unspecified vulnerability in Oracle Java SE 7u80 allows remote attacke ...)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
-CVE-2015-2595
+CVE-2015-2595 (Unspecified vulnerability in the Oracle OLAP component in Oracle Datab ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-2594
+CVE-2015-2594 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DSA-3359-1 DLA-313-1}
 	- virtualbox 4.3.30-dfsg-1 (bug #792446)
 	- virtualbox-ose <removed>
 	[squeeze] - virtualbox-ose <no-dsa> (Bridged networking over wifi is unlikely to be used in production and vulnerability is not a remote one)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixOVIR
 	NOTE: "This issue affects Windows, Linux and Mac OS X hosts only when guests using bridged networking over Wifi."
-CVE-2015-2593
+CVE-2015-2593 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-2592
+CVE-2015-2592 (Unspecified vulnerability in the Hyperion Enterprise Performance Manag ...)
 	NOT-FOR-US: Oracle Hyperion
-CVE-2015-2591
+CVE-2015-2591 (Unspecified vulnerability in the PeopleSoft Enterprise Portal - Intera ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2015-2590
+CVE-2015-2590 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and  ...)
 	{DSA-3339-1 DSA-3316-1 DLA-303-1}
 	[experimental] - openjdk-6 6b36-1.13.8-1
 	- openjdk-6 <removed>
@@ -19506,123 +19506,123 @@ CVE-2015-2590
 	- openjdk-8 8u66-b01-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
 	NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
-CVE-2015-2589
+CVE-2015-2589 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows loc ...)
 	NOT-FOR-US: Solaris
-CVE-2015-2588
+CVE-2015-2588 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2015-2587
+CVE-2015-2587 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CMS
-CVE-2015-2586
+CVE-2015-2586 (Unspecified vulnerability in the Application Express component in Orac ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-2585
+CVE-2015-2585 (Unspecified vulnerability in the Application Express component in Orac ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-2584
+CVE-2015-2584 (Unspecified vulnerability in the Hyperion Enterprise Performance Manag ...)
 	NOT-FOR-US: Oracle Hyperion
-CVE-2015-2583
+CVE-2015-2583 (Unspecified vulnerability in the Data Store component in Oracle Berkel ...)
 	NOT-FOR-US: Oracle Berkeley DB (Unspecified vulnerability)
-CVE-2015-2582
+CVE-2015-2582 (Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier an ...)
 	{DSA-3311-1 DSA-3308-1 DLA-359-1}
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <removed> (bug #792445)
 	- mariadb-10.0 10.0.20-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
-CVE-2015-2581
+CVE-2015-2581 (Unspecified vulnerability in the Oracle Secure Global Desktop componen ...)
 	NOT-FOR-US: Oracle Virtualization
-CVE-2015-2580
+CVE-2015-2580 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows loc ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-2579
+CVE-2015-2579 (Unspecified vulnerability in the Oracle Health Sciences Argus Safety c ...)
 	NOT-FOR-US: Oracle
-CVE-2015-2578
+CVE-2015-2578 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows remote att ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-2577
+CVE-2015-2577 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-2576
+CVE-2015-2576 (Unspecified vulnerability in the MySQL Utilities component in Oracle M ...)
 	NOT-FOR-US: MySQL Utilities component of MySQL on Windows
-CVE-2015-2575
+CVE-2015-2575 (Unspecified vulnerability in the MySQL Connectors component in Oracle  ...)
 	{DSA-3621-1 DLA-526-1}
 	- mysql-connector-java 5.1.37-1
-CVE-2015-2574
+CVE-2015-2574 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-2573
+CVE-2015-2573 (Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, a ...)
 	{DSA-3311-1 DSA-3229-1 DLA-359-1}
 	- mysql-5.5 5.5.42-1
 	- mariadb-10.0 10.0.17-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-2572
+CVE-2015-2572 (Unspecified vulnerability in the Oracle Hyperion Smart View for Office ...)
 	NOT-FOR-US: Oracle
-CVE-2015-2571
+CVE-2015-2571 (Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, a ...)
 	{DSA-3311-1 DSA-3229-1 DLA-359-1}
 	- mysql-5.5 <removed> (bug #782645)
 	[jessie] - mysql-5.5 5.5.43-0+deb8u1
 	- mariadb-10.0 10.0.19-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-2570
+CVE-2015-2570 (Unspecified vulnerability in the Oracle Demand Planning component in O ...)
 	NOT-FOR-US: Oracle
 CVE-2015-2569
 	REJECTED
-CVE-2015-2568
+CVE-2015-2568 (Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, a ...)
 	{DSA-3311-1 DSA-3229-1 DLA-359-1}
 	- mysql-5.5 5.5.42-1
 	- mariadb-10.0 10.0.17-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-2567
+CVE-2015-2567 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-2566
+CVE-2015-2566 (Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-2565
+CVE-2015-2565 (Unspecified vulnerability in the Oracle Installed Base component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2015-2564
+CVE-2015-2564 (SQL injection vulnerability in client-edit.php in ProjectSend (formerl ...)
 	NOT-FOR-US: ProjectSend
-CVE-2015-2563
+CVE-2015-2563 (SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 0.9. ...)
 	NOT-FOR-US: Vastal I-Tech phpVID
-CVE-2015-2562
+CVE-2015-2562 (Multiple SQL injection vulnerabilities in the Web-Dorado ECommerce WD  ...)
 	NOT-FOR-US: Joomla component com_ecommercewd
 CVE-2015-2561
 	RESERVED
-CVE-2015-2560
+CVE-2015-2560 (Manage Engine Desktop Central 9 before build 90135 allows remote attac ...)
 	NOT-FOR-US: Manage Engine Desktop Central
-CVE-2015-2558
+CVE-2015-2558 (Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-2557
+CVE-2015-2557 (Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-2556
+CVE-2015-2556 (The InfoPath Forms Services component in Microsoft SharePoint Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-2555
+CVE-2015-2555 (Use-after-free vulnerability in Microsoft Excel 2010 SP2, Excel 2013 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-2554
+CVE-2015-2554 (The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Go ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2553
+CVE-2015-2553 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2552
+CVE-2015-2552 (The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Go ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-2551
 	REJECTED
-CVE-2015-2550
+CVE-2015-2550 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2549
+CVE-2015-2549 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2548
+CVE-2015-2548 (Use-after-free vulnerability in the Tablet Input Band in Windows Shell ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-2547
 	REJECTED
-CVE-2015-2546
+CVE-2015-2546 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2545
+CVE-2015-2545 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2544
+CVE-2015-2544 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) i ...)
 	NOT-FOR-US: Microsoft OWA
-CVE-2015-2543
+CVE-2015-2543 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) i ...)
 	NOT-FOR-US: Microsoft OWA
-CVE-2015-2542
+CVE-2015-2542 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2541
+CVE-2015-2541 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2540
 	REJECTED
@@ -19632,83 +19632,83 @@ CVE-2015-2538
 	REJECTED
 CVE-2015-2537
 	REJECTED
-CVE-2015-2536
+CVE-2015-2536 (Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 ...)
 	NOT-FOR-US: Microsoft Lync
-CVE-2015-2535
+CVE-2015-2535 (Active Directory in Microsoft Windows Server 2008 SP2 and R2 SP1 and S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2534
+CVE-2015-2534 (Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-2533
 	REJECTED
-CVE-2015-2532
+CVE-2015-2532 (Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 ...)
 	NOT-FOR-US: Microsoft Lync
-CVE-2015-2531
+CVE-2015-2531 (Cross-site scripting (XSS) vulnerability in the jQuery engine in Micro ...)
 	NOT-FOR-US: Microsoft Lync
-CVE-2015-2530
+CVE-2015-2530 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2529
+CVE-2015-2529 (The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows R ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2528
+CVE-2015-2528 (Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Win ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2527
+CVE-2015-2527 (The process-initialization implementation in win32k.sys in the kernel- ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2526
+CVE-2015-2526 (Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote atta ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2525
+CVE-2015-2525 (Task Scheduler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2524
+CVE-2015-2524 (Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Win ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2523
+CVE-2015-2523 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2522
+CVE-2015-2522 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Found ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2015-2521
+CVE-2015-2521 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2520
+CVE-2015-2520 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2519
+CVE-2015-2519 (Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Wi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2518
+CVE-2015-2518 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2517
+CVE-2015-2517 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2516
+CVE-2015-2516 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2515
+CVE-2015-2515 (Use-after-free vulnerability in Windows Shell in Microsoft Windows Vis ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2514
+CVE-2015-2514 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2513
+CVE-2015-2513 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2512
+CVE-2015-2512 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2511
+CVE-2015-2511 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2510
+CVE-2015-2510 (Buffer overflow in the Adobe Type Manager Library in Microsoft Windows ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2509
+CVE-2015-2509 (Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Wi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2508
+CVE-2015-2508 (The Adobe Type Manager Library in Microsoft Windows 10 allows local us ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2507
+CVE-2015-2507 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2506
+CVE-2015-2506 (atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2505
+CVE-2015-2505 (Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative  ...)
 	NOT-FOR-US: Microsoft Exchange
-CVE-2015-2504
+CVE-2015-2504 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, an ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2503
+CVE-2015-2503 (Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-2502
+CVE-2015-2502 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2501
+CVE-2015-2501 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2500
+CVE-2015-2500 (Microsoft Internet Explorer 7 and 8 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2499
+CVE-2015-2499 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2498
+CVE-2015-2498 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2497
 	REJECTED
@@ -19716,115 +19716,115 @@ CVE-2015-2496
 	REJECTED
 CVE-2015-2495
 	REJECTED
-CVE-2015-2494
+CVE-2015-2494 (Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2493
+CVE-2015-2493 (The (1) VBScript and (2) JScript engines in Microsoft Internet Explore ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2492
+CVE-2015-2492 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2491
+CVE-2015-2491 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2490
+CVE-2015-2490 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2489
+CVE-2015-2489 (Microsoft Internet Explorer 11 allows remote attackers to gain privile ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2488
 	REJECTED
-CVE-2015-2487
+CVE-2015-2487 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2486
+CVE-2015-2486 (Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2485
+CVE-2015-2485 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2484
+CVE-2015-2484 (Microsoft Internet Explorer 10 and 11 uses an incorrect flag during ce ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2483
+CVE-2015-2483 (Microsoft Internet Explorer 10 and 11 allows remote attackers to obtai ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2482
+CVE-2015-2482 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 eng ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2481
+CVE-2015-2481 (The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2480
+CVE-2015-2480 (The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2479
+CVE-2015-2479 (The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2478
+CVE-2015-2478 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2477
+CVE-2015-2477 (Microsoft Office 2007 SP3, Office for Mac 2011, Office for Mac 2016, a ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2476
+CVE-2015-2476 (The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2475
+CVE-2015-2475 (Cross-site scripting (XSS) vulnerability in uddi/search/frames.aspx in ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2474
+CVE-2015-2474 (Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote authentic ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2473
+CVE-2015-2473 (Untrusted search path vulnerability in the client in Remote Desktop Pr ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2472
+CVE-2015-2472 (Remote Desktop Session Host (RDSH) in Remote Desktop Protocol (RDP) th ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2471
+CVE-2015-2471 (Microsoft XML Core Services 3.0, 5.0, and 6.0 supports SSL 2.0, which  ...)
 	NOT-FOR-US: Microsoft XML Core Services
-CVE-2015-2470
+CVE-2015-2470 (Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, Offic ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2469
+CVE-2015-2469 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, and Office fo ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2468
+CVE-2015-2468 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2467
+CVE-2015-2467 (Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2466
+CVE-2015-2466 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2465
+CVE-2015-2465 (The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2464
+CVE-2015-2464 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2463
+CVE-2015-2463 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2462
+CVE-2015-2462 (ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2461
+CVE-2015-2461 (ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2460
+CVE-2015-2460 (ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2459
+CVE-2015-2459 (ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2458
+CVE-2015-2458 (ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windo ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-2457
 	REJECTED
-CVE-2015-2456
+CVE-2015-2456 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2455
+CVE-2015-2455 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2454
+CVE-2015-2454 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2453
+CVE-2015-2453 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vist ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2452
+CVE-2015-2452 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2451
+CVE-2015-2451 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2450
+CVE-2015-2450 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2449
+CVE-2015-2449 (Microsoft Internet Explorer 7 through 11 and Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2448
+CVE-2015-2448 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2447
+CVE-2015-2447 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2446
+CVE-2015-2446 (Microsoft Internet Explorer 11 and Edge allow remote attackers to exec ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2445
+CVE-2015-2445 (Microsoft Internet Explorer 10 allows remote attackers to bypass the A ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2444
+CVE-2015-2444 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2443
+CVE-2015-2443 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2442
+CVE-2015-2442 (Microsoft Internet Explorer 8 through 11 and Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2441
+CVE-2015-2441 (Microsoft Internet Explorer 7 through 11 and Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2440
+CVE-2015-2440 (Microsoft XML Core Services 3.0, 5.0, and 6.0 allows remote attackers  ...)
 	NOT-FOR-US: Mirosoft XML Core Services
 CVE-2015-2439
 	REJECTED
@@ -19834,83 +19834,83 @@ CVE-2015-2437
 	REJECTED
 CVE-2015-2436
 	REJECTED
-CVE-2015-2435
+CVE-2015-2435 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2434
+CVE-2015-2434 (Microsoft XML Core Services 3.0 and 5.0 supports SSL 2.0, which makes  ...)
 	NOT-FOR-US: Mirosoft XML Core Services
-CVE-2015-2433
+CVE-2015-2433 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2432
+CVE-2015-2432 (ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2431
+CVE-2015-2431 (Microsoft Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lyn ...)
 	NOT-FOR-US: Mirosoft Office
-CVE-2015-2430
+CVE-2015-2430 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2429
+CVE-2015-2429 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2428
+CVE-2015-2428 (Object Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2427
+CVE-2015-2427 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-2426
+CVE-2015-2426 (Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Librar ...)
 	NOT-FOR-US: Microsoft Adobe Type Manager Library
-CVE-2015-2425
+CVE-2015-2425 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2424
+CVE-2015-2424 (Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Wor ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-2423
+CVE-2015-2423 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2422
+CVE-2015-2422 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2421
+CVE-2015-2421 (Microsoft Internet Explorer 6 through 11 allows remote attackers to by ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2420
+CVE-2015-2420 (Cross-site scripting (XSS) vulnerability in Microsoft System Center 20 ...)
 	NOT-FOR-US: Microsoft System Center
-CVE-2015-2419
+CVE-2015-2419 (JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attac ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2418
+CVE-2015-2418 (Race condition in Microsoft Malicious Software Removal Tool (MSRT) bef ...)
 	NOT-FOR-US: Microsoft MSRT
-CVE-2015-2417
+CVE-2015-2417 (OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2416
+CVE-2015-2416 (OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2415
+CVE-2015-2415 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2414
+CVE-2015-2414 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ob ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2413
+CVE-2015-2413 (Microsoft Internet Explorer 6 through 11 allows remote attackers to de ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2412
+CVE-2015-2412 (Microsoft Internet Explorer 10 and 11 allows remote attackers to read  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2411
+CVE-2015-2411 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2410
+CVE-2015-2410 (Microsoft Internet Explorer 6 through 11 allows remote attackers to de ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2409
 	REJECTED
-CVE-2015-2408
+CVE-2015-2408 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2407
 	REJECTED
-CVE-2015-2406
+CVE-2015-2406 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2405
 	REJECTED
-CVE-2015-2404
+CVE-2015-2404 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2403
+CVE-2015-2403 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2402
+CVE-2015-2402 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ga ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2401
+CVE-2015-2401 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2400
 	REJECTED
 CVE-2015-2399
 	REJECTED
-CVE-2015-2398
+CVE-2015-2398 (Microsoft Internet Explorer 8 through 11 allows remote attackers to by ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2397
+CVE-2015-2397 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2396
 	REJECTED
@@ -19922,71 +19922,71 @@ CVE-2015-2393
 	REJECTED
 CVE-2015-2392
 	REJECTED
-CVE-2015-2391
+CVE-2015-2391 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2390
+CVE-2015-2390 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2389
+CVE-2015-2389 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2388
+CVE-2015-2388 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2387
+CVE-2015-2387 (ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows S ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-2386
 	REJECTED
-CVE-2015-2385
+CVE-2015-2385 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2384
+CVE-2015-2384 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2383
+CVE-2015-2383 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-2382
+CVE-2015-2382 (win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2381
+CVE-2015-2381 (win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2380
+CVE-2015-2380 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2379
+CVE-2015-2379 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-2378
+CVE-2015-2378 (Untrusted search path vulnerability in Microsoft Excel 2007 SP3, Excel ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2377
+CVE-2015-2377 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2376
+CVE-2015-2376 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2375
+CVE-2015-2375 (Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Vie ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2015-2374
+CVE-2015-2374 (The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2,  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2373
+CVE-2015-2373 (The Remote Desktop Protocol (RDP) server service in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2372
+CVE-2015-2372 (vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Inter ...)
 	NOT-FOR-US: Microsoft VBScript
-CVE-2015-2371
+CVE-2015-2371 (The Windows Installer service in Microsoft Windows Server 2003 SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2370
+CVE-2015-2370 (The authentication implementation in the RPC subsystem in Microsoft Wi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2369
+CVE-2015-2369 (Untrusted search path vulnerability in Windows Media Device Manager in ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2368
+CVE-2015-2368 (Untrusted search path vulnerability in Microsoft Windows 7 SP1, Window ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2367
+CVE-2015-2367 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2366
+CVE-2015-2366 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1, Wind ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2365
+CVE-2015-2365 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2364
+CVE-2015-2364 (The graphics component in Microsoft Windows Server 2003 SP2 and R2 SP2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2363
+CVE-2015-2363 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2362
+CVE-2015-2362 (Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Wi ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2361
+CVE-2015-2361 (Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not p ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2360
+CVE-2015-2360 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-2359
+CVE-2015-2359 (Cross-site scripting (XSS) vulnerability in the web applications in Mi ...)
 	NOT-FOR-US: Microsoft Exchange Server
 CVE-2015-2358
 	RESERVED
@@ -20000,15 +20000,15 @@ CVE-2015-2354
 	RESERVED
 CVE-2015-2353
 	RESERVED
-CVE-2015-2352
+CVE-2015-2352 (The cache handler in MyBB (aka MyBulletinBoard) before 1.8.4 does not  ...)
 	NOT-FOR-US: MyBB
-CVE-2015-2351
+CVE-2015-2351 (Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms ...)
 	NOT-FOR-US: Alkacon OpenCms
-CVE-2015-2350
+CVE-2015-2350 (Cross-site request forgery (CSRF) vulnerability in MikroTik RouterOS 5 ...)
 	NOT-FOR-US: MikroTik RouterOS
-CVE-2015-2349
+CVE-2015-2349 (Cross-site scripting (XSS) vulnerability in defaultnewsletter.php in S ...)
 	NOT-FOR-US: SuperWebMailer
-CVE-2015-2686
+CVE-2015-2686 (net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate  ...)
 	- linux <not-affected> (Introduced in 3.19, never uploaded to unstable)
 	- linux-2.6 <not-affected> (Introduced in 3.19, never uploaded to unstable)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4de930efc23b92ddf88ce91c405ee645fe6e27ea
@@ -20017,83 +20017,83 @@ CVE-2015-XXXX [Insufficient escaping in user manager allows XSS attack]
 	[jessie] - dokuwiki <no-dsa> (Minor issue)
 	[wheezy] - dokuwiki <no-dsa> (Minor issue)
 	[squeeze] - dokuwiki <no-dsa> (Minor issue)
-CVE-2015-6674
+CVE-2015-6674 (Buffer underflow vulnerability in the Debian inspircd package before 2 ...)
 	{DSA-3226-1 DLA-276-1}
 	- inspircd 2.0.16-1 (bug #780880)
 	NOTE: Correct fix: https://github.com/inspircd/inspircd/commit/ed28c1ba666b39581adb860bf51cdde43c84cc89
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/29/5
-CVE-2015-2788
+CVE-2015-2788 (Multiple stack-based buffer overflows in the ib_fill_isqlda function i ...)
 	{DSA-3219-1}
 	- libdbd-firebird-perl 1.18-2 (bug #780925)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/30/4
-CVE-2015-4148
+CVE-2015-4148 (The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5 ...)
 	{DLA-307-1}
 	- php5 5.6.7+dfsg-1
 	[wheezy] - php5 5.4.39-0+deb7u1
 	NOTE: https://bugs.php.net/bug.php?id=69085
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/20/14
-CVE-2015-4147
+CVE-2015-4147 (The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, ...)
 	{DLA-307-1}
 	- php5 5.6.7+dfsg-1
 	[wheezy] - php5 5.4.39-0+deb7u1
 	NOTE: https://bugs.php.net/bug.php?id=69085
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/20/14
-CVE-2015-2779
+CVE-2015-2779 (Stack consumption vulnerability in the message splitting functionality ...)
 	- quassel 1:0.10.0-2.3 (bug #781024)
 	[wheezy] - quassel <not-affected> (According to upstream issue isn't triggerable in 0.8)
 	[squeeze] - quassel <not-affected> (According to upstream issue isn't triggerable in 0.6)
 	NOTE: https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/20/12
-CVE-2015-2778
+CVE-2015-2778 (Quassel before 0.12-rc1 uses an incorrect data-type size when splittin ...)
 	- quassel 1:0.10.0-2.3 (bug #781024)
 	[wheezy] - quassel <not-affected> (According to upstream issue isn't triggerable in 0.8)
 	[squeeze] - quassel <not-affected> (According to upstream issue isn't triggerable in 0.6)
 	NOTE: https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/20/12
-CVE-2015-2348
+CVE-2015-2348 (The move_uploaded_file implementation in ext/standard/basic_functions. ...)
 	{DSA-3198-1 DLA-444-1}
 	- php5 5.6.7+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=69207
-CVE-2015-2347
+CVE-2015-2347 (Cross-site scripting (XSS) vulnerability in Huawei SEQ Analyst before  ...)
 	NOT-FOR-US: Huawei SEQ Analyst
-CVE-2015-2346
+CVE-2015-2346 (XML external entity (XXE) vulnerability in Huawei SEQ Analyst before V ...)
 	NOT-FOR-US: Huawei
 CVE-2015-2345
 	REJECTED
-CVE-2015-2344
+CVE-2015-2344 (Cross-site scripting (XSS) vulnerability in VMware vRealize Automation ...)
 	NOT-FOR-US: VMware vRealize Automation
 CVE-2015-2343
 	REJECTED
-CVE-2015-2342
+CVE-2015-2342 (The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 befor ...)
 	NOT-FOR-US: VMware
-CVE-2015-2341
+CVE-2015-2341 (VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, ...)
 	NOT-FOR-US: VMware
-CVE-2015-2340
+CVE-2015-2340 (TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11. ...)
 	NOT-FOR-US: VMware
-CVE-2015-2339
+CVE-2015-2339 (TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11 ...)
 	NOT-FOR-US: VMware
-CVE-2015-2338
+CVE-2015-2338 (TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11 ...)
 	NOT-FOR-US: VMware
-CVE-2015-2337
+CVE-2015-2337 (TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11. ...)
 	NOT-FOR-US: VMware
-CVE-2015-2336
+CVE-2015-2336 (TPView.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11 ...)
 	NOT-FOR-US: VMware
-CVE-2015-2335
+CVE-2015-2335 (A JSON library in MyBB (aka MyBulletinBoard) before 1.8.4 allows remot ...)
 	NOT-FOR-US: MyBB
-CVE-2015-2334
+CVE-2015-2334 (Cross-site request forgery (CSRF) vulnerability in the Admin Control P ...)
 	NOT-FOR-US: MyBB
-CVE-2015-2333
+CVE-2015-2333 (Cross-site scripting (XSS) vulnerability in the MyCode editor in MyBB  ...)
 	NOT-FOR-US: MyBB
-CVE-2015-2332
+CVE-2015-2332 (Cross-site scripting (XSS) vulnerability in member.php in MyBB (aka My ...)
 	NOT-FOR-US: MyBB
-CVE-2015-2559
+CVE-2015-2559 (Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated ...)
 	{DSA-3200-1}
 	- drupal7 7.32-1+deb8u2 (bug #780772)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-001
 	NOTE: http://cgit.drupalcode.org/drupal/commit/?id=8e54eca05a65c6231b02510e1917af0c9191e549
-CVE-2015-2750
+CVE-2015-2750 (Open redirect vulnerability in URL-related API functions in Drupal 6.x ...)
 	{DSA-3200-1}
 	- drupal7 7.32-1+deb8u2 (bug #780772)
 	- drupal6 <removed>
@@ -20101,16 +20101,16 @@ CVE-2015-2750
 	NOTE: https://www.drupal.org/SA-CORE-2015-001
 	NOTE: http://cgit.drupalcode.org/drupal/commit/includes/menu.inc?h=6.x&id=8ffc5db3c0ab926f3d4b2cf8bc51714c8c0f3c93
 	NOTE: http://cgit.drupalcode.org/drupal/commit/includes/common.inc?h=7.x&id=b44056d2f8e8c71d35c85ec5c2fb8f7c8a02d8a8
-CVE-2015-2749
+CVE-2015-2749 (Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7 ...)
 	{DSA-3200-1}
 	- drupal7 7.32-1+deb8u2 (bug #780772)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2015-001
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/19/5
-CVE-2015-2329
+CVE-2015-2329 (Cross-site scripting (XSS) vulnerability in the WooCommerce plugin bef ...)
 	NOT-FOR-US: WooCommerce plugin for WordPress
-CVE-2015-2328
+CVE-2015-2328 (PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related  ...)
 	- mongodb <unfixed> (unimportant)
 	NOTE: CVE for bundled version of pcre3 in mongodb
 	NOTE: https://jira.mongodb.org/browse/SERVER-17252
@@ -20122,7 +20122,7 @@ CVE-2015-2328
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1515
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1498
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/31/4
-CVE-2015-2327
+CVE-2015-2327 (PCRE before 8.36 mishandles the /(((a\2)|(a*)\g&lt;-1&gt;))*/ pattern  ...)
 	- mongodb <unfixed> (unimportant)
 	NOTE: CVE for bundled version of pcre3 in mongodb
 	NOTE: https://jira.mongodb.org/browse/SERVER-17252
@@ -20155,28 +20155,28 @@ CVE-2015-2325 [heap buffer overflow in compile_branch()]
 	NOTE: http://bugs.exim.org/show_bug.cgi?id=1591#c1
 	NOTE: Comment from upstream: Probably every version since the support for forward referencing
 	NOTE: was introduced is affected.
-CVE-2015-2324
+CVE-2015-2324 (Cross-site scripting (XSS) vulnerability in the filemanager in the Pho ...)
 	NOT-FOR-US: filemanager in the Photo Gallery plugin for WordPress
-CVE-2015-2323
+CVE-2015-2323 (FortiOS 5.0.x before 5.0.12 and 5.2.x before 5.2.4 supports anonymous, ...)
 	NOT-FOR-US: FortiOS
 CVE-2015-2322
 	RESERVED
-CVE-2015-2321
+CVE-2015-2321 (Cross-site scripting (XSS) vulnerability in the Job Manager plugin 0.7 ...)
 	NOT-FOR-US: WordPress plugin job-mnager
-CVE-2015-2317
+CVE-2015-2317 (The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1. ...)
 	{DSA-3204-1 DLA-272-1}
 	- python-django 1.7.7-1 (bug #780873)
 	[squeeze] - python-django <no-dsa> (Minor issue, can wait next security upload)
 	NOTE: https://github.com/django/django/commit/2342693b31f740a422abf7267c53b4e7bc487c1b (1.4.x)
 	NOTE: https://github.com/django/django/commit/2a4113dbd532ce952308992633d802dc169a75f1 (1.7.x)
-CVE-2015-2316
+CVE-2015-2316 (The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7. ...)
 	- python-django 1.7.7-1 (bug #780874)
 	[wheezy] - python-django <not-affected> (vulnerable code not present)
 	[squeeze] - python-django <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/django/django/commit/e63363f8e075fa8d66326ad6a1cc3391cc95cd97 (1.7.x)
-CVE-2015-2315
+CVE-2015-2315 (Cross-site scripting (XSS) vulnerability in the WPML plugin before 3.1 ...)
 	NOT-FOR-US: WordPress plugin wpml
-CVE-2015-2314
+CVE-2015-2314 (SQL injection vulnerability in the WPML plugin before 3.1.9 for WordPr ...)
 	NOT-FOR-US: WordPress plugin wpml
 CVE-2015-XXXX [nasal scripts can ready any file]
 	- flightgear-data 3.0.0-3 (bug #780716)
@@ -20184,24 +20184,24 @@ CVE-2015-XXXX [permissive file access allowed from nasal]
 	- flightgear 3.0.0-5 (bug #780712)
 	[squeeze] - flightgear 1.9.1-1.1+deb6u11
 	NOTE: workaround entry for DLA 318-1 until/if CVE assigned
-CVE-2015-2666
+CVE-2015-2666 (Stack-based buffer overflow in the get_matching_model_microcode functi ...)
 	- linux 3.16.7-ckt9-1
 	[wheezy] - linux <not-affected> (Introduced in 3.9)
 	- linux-2.6 <not-affected> (Introduced in 3.9)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ec400ddeff200b068ddc6c70f7321f49ecf32ed5 (v3.9-rc1)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4 (v4.0-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/18/7
-CVE-2015-2684
+CVE-2015-2684 (Shibboleth Service Provider (SP) before 2.5.4 allows remote authentica ...)
 	{DSA-3207-1 DLA-259-1}
 	- shibboleth-sp2 2.5.3+dfsg-2
 	NOTE: http://shibboleth.net/community/advisories/secadv_20150319.txt
-CVE-2015-2672
+CVE-2015-2672 (The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the ...)
 	- linux <not-affected>
 	- linux-2.6 <not-affected>
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f31a9f7c71691569359fa7fb8b0acaa44bce0324 (v3.17-rc1)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=06c8173eb92bbfc03a0fe8bb64315857d0badd06 (v4.0-rc3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/18/6
-CVE-2015-2331
+CVE-2015-2331 (Integer overflow in the _zip_cdir_new function in zip_dirent.c in libz ...)
 	{DSA-3198-1 DLA-212-1}
 	- php5 5.6.7+dfsg-1 (bug #780713)
 	- libzip 0.11.2-1.2 (bug #780756)
@@ -20211,29 +20211,29 @@ CVE-2015-2331
 	NOTE: https://github.com/php/php-src/commit/ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/18/1
 	NOTE: libzip patch: http://hg.nih.at/libzip/rev/9f11d54f692e
-CVE-2015-2330
+CVE-2015-2330 (Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows  ...)
 	- webkitgtk 2.4.9-1 (unimportant)
 	[jessie] - webkitgtk 2.4.9-1~deb8u1
 	NOTE: Not covered by security support
 CVE-2015-2309 [Unsafe methods in the Request class]
 	RESERVED
 	- symfony 2.3.21+dfsg-4
-CVE-2015-2308
+CVE-2015-2308 (Eval injection vulnerability in the HttpCache class in HttpKernel in S ...)
 	- symfony 2.3.21+dfsg-4
 CVE-2015-2307
 	RESERVED
 CVE-2015-2306
 	RESERVED
-CVE-2015-2320
+CVE-2015-2320 (The TLS stack in Mono before 3.12.1 allows remote attackers to have un ...)
 	{DSA-3202-1 DLA-176-1}
 	- mono 3.2.8+dfsg-10 (bug #780751)
 	NOTE: https://github.com/mono/mono/commit/b371da6b2d68b4cdd0f21d6342af6c42794f998b
-CVE-2015-2319
+CVE-2015-2319 (The TLS stack in Mono before 3.12.1 makes it easier for remote attacke ...)
 	{DSA-3202-1 DLA-176-1}
 	- mono 3.2.8+dfsg-10 (bug #780751)
 	NOTE: https://github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10
 	NOTE: Patch for versions earlier than 3.4: https://gist.github.com/directhex/728af6f96d1b8c976659
-CVE-2015-2318
+CVE-2015-2318 (The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers ...)
 	{DSA-3202-1 DLA-176-1}
 	- mono 3.2.8+dfsg-10 (bug #780751)
 	NOTE: https://github.com/mono/mono/commit/1509226c41d74194c146deb173e752b8d3cdeec4
@@ -20246,34 +20246,34 @@ CVE-2015-2300
 	RESERVED
 CVE-2015-2299
 	RESERVED
-CVE-2015-2295
+CVE-2015-2295 (Cross-site request forgery (CSRF) vulnerability in system_firmware_res ...)
 	NOT-FOR-US: pfSense
-CVE-2015-2294
+CVE-2015-2294 (Multiple cross-site scripting (XSS) vulnerabilities in the WebGUI in p ...)
 	NOT-FOR-US: pfSense
-CVE-2015-2293
+CVE-2015-2293 (Multiple cross-site request forgery (CSRF) vulnerabilities in admin/cl ...)
 	NOT-FOR-US: WordPress plugin wordpress-seo
-CVE-2015-2292
+CVE-2015-2292 (Multiple SQL injection vulnerabilities in admin/class-bulk-editor-list ...)
 	NOT-FOR-US: WordPress plugin wordpress-seo
-CVE-2015-2291
+CVE-2015-2291 ((1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the ...)
 	NOT-FOR-US: Intel Ethernet diagnostics driver for Windows
 CVE-2015-2290
 	RESERVED
 CVE-2015-2288
 	RESERVED
-CVE-2015-2313
+CVE-2015-2313 (Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an ...)
 	- capnproto 0.4.1-3 (bug #780568)
-CVE-2015-2312
+CVE-2015-2312 (Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows r ...)
 	- capnproto 0.4.1-3 (bug #780567)
-CVE-2015-2311
+CVE-2015-2311 (Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x be ...)
 	- capnproto 0.4.1-3 (bug #780566)
-CVE-2015-2310
+CVE-2015-2310 (Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 ...)
 	- capnproto 0.4.1-3 (bug #780565)
-CVE-2015-8856
+CVE-2015-8856 (Cross-site scripting (XSS) vulnerability in the serve-index package be ...)
 	- node-serve-index <unfixed> (unimportant)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodesecurity.io/advisories/serve-static-xss
 	NOTE: https://github.com/expressjs/serve-index/issues/28
-CVE-2015-8903
+CVE-2015-8903 (The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x befor ...)
 	{DLA-960-1}
 	[experimental] - imagemagick 8:6.9.1.2-1
 	- imagemagick 8:6.8.9.9-6 (low)
@@ -20282,7 +20282,7 @@ CVE-2015-8903
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/20/4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933
 	NOTE: http://web.archive.org/web/20150428140926/http://trac.imagemagick.org/changeset/17856
-CVE-2015-8902
+CVE-2015-8902 (The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6. ...)
 	{DLA-960-1}
 	[experimental] - imagemagick 8:6.9.1.2-1
 	- imagemagick 8:6.8.9.9-6 (low)
@@ -20291,7 +20291,7 @@ CVE-2015-8902
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/20/4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932
 	NOTE: http://web.archive.org/web/20150428145652/http://trac.imagemagick.org/changeset/17855
-CVE-2015-8901
+CVE-2015-8901 (ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a ...)
 	{DLA-960-1}
 	[experimental] - imagemagick 8:6.9.1.2-1
 	- imagemagick 8:6.8.9.9-6
@@ -20299,7 +20299,7 @@ CVE-2015-8901
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/20/4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931
-CVE-2015-8900
+CVE-2015-8900 (The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x a ...)
 	{DLA-960-1}
 	[experimental] - imagemagick 8:6.9.1.2-1
 	- imagemagick 8:6.8.9.9-6
@@ -20313,24 +20313,24 @@ CVE-2015-XXXX [Incomplete fix for CVE-2014-7940]
 	- icu 52.1-8 (bug #780503)
 	[wheezy] - icu <not-affected> (Incomplete patch was never applied)
 	[squeeze] - icu <not-affected> (Incomplete patch was never applied)
-CVE-2015-2298
+CVE-2015-2298 (node/utils/ExportEtherpad.js in Etherpad 1.5.x before 1.5.2 might allo ...)
 	- etherpad-lite <itp> (bug #576998)
 	NOTE: https://github.com/ether/etherpad-lite/commit/a0fb65205c7d7ff95f00eb9fd88e93b300f30c3d
-CVE-2015-2296
+CVE-2015-2296 (The resolve_redirects function in sessions.py in requests 2.1.0 throug ...)
 	- requests 2.4.3-6 (bug #780506)
 	[wheezy] - requests <not-affected> (Vulnerable code introduced in 2.1.0)
 	NOTE: https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc
-CVE-2015-2289
+CVE-2015-2289 (Cross-site scripting (XSS) vulnerability in templates/2k11/admin/entri ...)
 	- serendipity <removed>
 CVE-2015-2287
 	RESERVED
-CVE-2015-2286
+CVE-2015-2286 (lms/templates/footer-edx-new.html in Open edX edx-platform before 2015 ...)
 	NOT-FOR-US: Open edX
-CVE-2015-2285
+CVE-2015-2285 (The logrotation script (/etc/cron.daily/upstart) in the Ubuntu Upstart ...)
 	- upstart <not-affected> (Vulnerable cron.daily script not present)
-CVE-2015-2284
+CVE-2015-2284 (userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6 ...)
 	NOT-FOR-US: SolarWinds Firewall Security Manager
-CVE-2015-2674
+CVE-2015-2674 (Restkit allows man-in-the-middle attackers to spoof TLS servers by lev ...)
 	- python-restkit <removed> (bug #781813)
 	[stretch] - python-restkit <ignored> (Minor issue)
 	[jessie] - python-restkit <ignored> (Minor issue)
@@ -20340,59 +20340,59 @@ CVE-2015-2674
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/12/9
 CVE-2015-2283
 	RESERVED
-CVE-2015-2282
+CVE-2015-2282 (Stack-based buffer overflow in the LZC decompression implementation (C ...)
 	NOT-FOR-US: SAP
-CVE-2015-2281
+CVE-2015-2281 (Stack-based buffer overflow in collectoragent.exe in Fortinet Single S ...)
 	NOT-FOR-US: Fortinet Single Sign On
-CVE-2015-2280
+CVE-2015-2280 (snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network  ...)
 	NOT-FOR-US: AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera
-CVE-2015-2279
+CVE-2015-2279 (cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with fi ...)
 	NOT-FOR-US: AirLive
-CVE-2015-2278
+CVE-2015-2278 (The LZH decompression implementation (CsObjectInt::BuildHufTree functi ...)
 	NOT-FOR-US: SAP
 CVE-2015-2277
 	RESERVED
 CVE-2015-2276
 	RESERVED
-CVE-2015-2275
+CVE-2015-2275 (Cross-site scripting (XSS) vulnerability in WoltLab Community Gallery  ...)
 	NOT-FOR-US: WoltLab Community Gallery
 CVE-2015-2274
 	RESERVED
-CVE-2015-2273
+CVE-2015-2273 (Cross-site scripting (XSS) vulnerability in mod/quiz/report/statistics ...)
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49364
-CVE-2015-2272
+CVE-2015-2272 (login/token.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x bef ...)
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48691
-CVE-2015-2271
+CVE-2015-2271 (tag/user.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before ...)
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49084
-CVE-2015-2270
+CVE-2015-2270 (lib/moodlelib.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x b ...)
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48804
-CVE-2015-2269
+CVE-2015-2269 (Multiple cross-site scripting (XSS) vulnerabilities in lib/javascript- ...)
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49144
-CVE-2015-2268
+CVE-2015-2268 (filter/urltolink/filter.php in Moodle through 2.5.9, 2.6.x before 2.6. ...)
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38466
-CVE-2015-2267
+CVE-2015-2267 (mdeploy.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before  ...)
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49087
-CVE-2015-2266
+CVE-2015-2266 (message/index.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x b ...)
 	- moodle 2.7.7+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49204
-CVE-2015-2264
+CVE-2015-2264 (Multiple untrusted search path vulnerabilities in (1) EQATEC.Analytics ...)
 	NOT-FOR-US: Telerik Analytics Monitor Library
-CVE-2015-2263
+CVE-2015-2263 (Cloudera Manager 4.x, 5.0.x before 5.0.6, 5.1.x before 5.1.5, 5.2.x be ...)
 	NOT-FOR-US: Cloudera
 CVE-2015-2262
 	RESERVED
@@ -20408,75 +20408,75 @@ CVE-2015-2257
 	RESERVED
 CVE-2015-2256
 	RESERVED
-CVE-2015-2255
+CVE-2015-2255 (Huawei AR1220 routers with software before V200R005SPH006 allow remote ...)
 	NOT-FOR-US: Huawei
-CVE-2015-2254
+CVE-2015-2254 (Huawei OceanStor UDS devices with software before V100R002C01SPC102 mi ...)
 	NOT-FOR-US: Huawei OceanStor UDS devices
-CVE-2015-2253
+CVE-2015-2253 (The XML interface in Huawei OceanStor UDS devices with software before ...)
 	NOT-FOR-US: Huawei
-CVE-2015-2252
+CVE-2015-2252 (Huawei OceanStor UDS devices with software before V100R002C01SPC102 mi ...)
 	NOT-FOR-US: Huawei
-CVE-2015-2251
+CVE-2015-2251 (The DeviceManager in Huawei OceanStor UDS devices with software before ...)
 	NOT-FOR-US: Huawei
-CVE-2015-2250
+CVE-2015-2250 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 befor ...)
 	NOT-FOR-US: concrete5
 CVE-2015-2249
 	RESERVED
-CVE-2015-2248
+CVE-2015-2248 (Cross-site request forgery (CSRF) vulnerability in the user portal in  ...)
 	NOT-FOR-US: Dell SonicWALL
-CVE-2015-2247
+CVE-2015-2247 (Unspecified vulnerability in Boosted Boards skateboards allows physica ...)
 	NOT-FOR-US: Boosted Boards skateboards
-CVE-2015-2246
+CVE-2015-2246 (The MeWidget module on Huawei P7 smartphones with software P7-L10 V100 ...)
 	NOT-FOR-US: Huawei
-CVE-2015-2245
+CVE-2015-2245 (Huawei Ascend P7 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: Huawei
-CVE-2015-2244
+CVE-2015-2244 (Multiple cross-site scripting (XSS) vulnerabilities in Webshop hun 1.0 ...)
 	NOT-FOR-US: Webshop hun
-CVE-2015-2243
+CVE-2015-2243 (Directory traversal vulnerability in Webshop hun 1.062S allows remote  ...)
 	NOT-FOR-US: Webshop hun
-CVE-2015-2242
+CVE-2015-2242 (Multiple SQL injection vulnerabilities in Webshop hun 1.062S allow rem ...)
 	NOT-FOR-US: Webshop hun
 CVE-2015-XXXX [several security vulnerabilities and network packets can terminate the connection]
 	- armagetronad 0.2.8.3.2-4 (bug #780178)
 	[wheezy] - armagetronad <no-dsa> (Minor issue)
 	[squeeze] - armagetronad <no-dsa> (Minor issue)
-CVE-2015-2301
+CVE-2015-2301 (Use-after-free vulnerability in the phar_rename_archive function in ph ...)
 	{DSA-3198-1 DLA-212-1}
 	- php5 5.6.6+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68901
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=b2cf3f064b8f5efef89bb084521b61318c71781b
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/10/6
-CVE-2015-2265
+CVE-2015-2265 (The remove_bad_chars function in utils/cups-browsed.c in cups-filters  ...)
 	- cups-filters 1.0.61-5 (bug #780267)
 	[wheezy] - cups-filters <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.linuxfoundation.org/show_bug.cgi?id=1265
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/09/5
-CVE-2015-2241
+CVE-2015-2241 (Cross-site scripting (XSS) vulnerability in the contents function in a ...)
 	- python-django 1.7.6-1
 	[wheezy] - python-django <not-affected> (Only affects 1.7.x and 1.8.x)
 	[squeeze] - python-django <not-affected> (Only affects 1.7.x and 1.8.x)
 	NOTE: https://www.djangoproject.com/weblog/2015/mar/09/security-releases/
 CVE-2015-2240
 	RESERVED
-CVE-2015-2239
+CVE-2015-2239 (Google Chrome before 41.0.2272.76, when Instant Extended mode is used, ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-2238
+CVE-2015-2238 (Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as  ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-2237
+CVE-2015-2237 (Multiple SQL injection vulnerabilities in Betster (aka PHP Betoffice)  ...)
 	NOT-FOR-US: Betster
 CVE-2015-2236
 	RESERVED
 CVE-2015-2235
 	REJECTED
-CVE-2015-2234
+CVE-2015-2234 (Race condition in Lenovo System Update (formerly ThinkVantage System U ...)
 	NOT-FOR-US: Lenovo System Update
-CVE-2015-2233
+CVE-2015-2233 (Lenovo System Update (formerly ThinkVantage System Update) before 5.06 ...)
 	NOT-FOR-US: Lenovo System Update
 CVE-2015-2232
 	RESERVED
@@ -20496,36 +20496,36 @@ CVE-2015-2225
 	RESERVED
 CVE-2015-2224
 	RESERVED
-CVE-2015-2223
+CVE-2015-2223 (Multiple cross-site scripting (XSS) vulnerabilities in the web-based c ...)
 	NOT-FOR-US: Palo Alto Networks Traps
-CVE-2015-2222
+CVE-2015-2222 (ClamAV before 0.98.7 allows remote attackers to cause a denial of serv ...)
 	{DLA-233-1}
 	- clamav 0.98.7+dfsg-1
 	[jessie] - clamav 0.98.7+dfsg-0+deb8u1
 	[wheezy] - clamav 0.98.7+dfsg-0+deb7u1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/8aeedf3c4282bc916d6f6c290e1e530d125ec953
-CVE-2015-2221
+CVE-2015-2221 (ClamAV before 0.98.7 allows remote attackers to cause a denial of serv ...)
 	{DLA-233-1}
 	- clamav 0.98.7+dfsg-1
 	[jessie] - clamav 0.98.7+dfsg-0+deb8u1
 	[wheezy] - clamav 0.98.7+dfsg-0+deb7u1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/0844d0cfe118b4041ed8e2ee49ff18bfbca8eaa5
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/26b19809fb3b940cb0fda0422d685fff02a53b5f
-CVE-2015-2220
+CVE-2015-2220 (Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms ...)
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2015-2219
+CVE-2015-2219 (Lenovo System Update (formerly ThinkVantage System Update) before 5.06 ...)
 	NOT-FOR-US: Lenovo System Update
-CVE-2015-2218
+CVE-2015-2218 (Multiple cross-site scripting (XSS) vulnerabilities in the wp_ajax_sav ...)
 	NOT-FOR-US: wp_ajax_save_item function in wonderpluginaudio.php in the WonderPlugin Audio Player plugin for WordPress
-CVE-2015-2217
+CVE-2015-2217 (Multiple cross-site scripting (XSS) vulnerabilities in Ultimate PHP Bo ...)
 	NOT-FOR-US: myUPB
-CVE-2015-2216
+CVE-2015-2216 (SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme ...)
 	NOT-FOR-US: Photocrati theme for WordPress
-CVE-2015-2215
+CVE-2015-2215 (Open redirect vulnerability in the Services single sign-on server help ...)
 	NOT-FOR-US: Drupal module Services single sign-on server helper
-CVE-2015-2214
+CVE-2015-2214 (NetCat 5.01 and earlier allows remote attackers to obtain the installa ...)
 	NOT-FOR-US: NetCat CMS
-CVE-2015-2213
+CVE-2015-2213 (SQL injection vulnerability in the wp_untrash_post_comments function i ...)
 	{DSA-3383-1 DSA-3332-1 DLA-294-1}
 	- wordpress 4.2.4+dfsg-1 (bug #794560)
 	NOTE: https://core.trac.wordpress.org/changeset/33555
@@ -20538,15 +20538,15 @@ CVE-2015-XXXX [tcllib XSS]
 	- tcllib 1.16-dfsg-2 (low; bug #780100)
 	[wheezy] - tcllib 1.14-dfsg-3+deb7u1
 	[squeeze] - tcllib <no-dsa> (Minor issue)
-CVE-2015-2210
+CVE-2015-2210 (The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows ...)
 	NOT-FOR-US: Epicor CRS Retail Store
-CVE-2015-2209
+CVE-2015-2209 (DLGuard 4.5 allows remote attackers to obtain the installation path vi ...)
 	NOT-FOR-US: DLGuard
-CVE-2015-2208
+CVE-2015-2208 (The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remo ...)
 	NOT-FOR-US: phpMoAdmin
 CVE-2015-2207
 	RESERVED
-CVE-2015-2206
+CVE-2015-2206 (libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2 ...)
 	{DSA-3382-1 DLA-336-1}
 	- phpmyadmin 4:4.4.4-1 (unimportant)
 	NOTE: Hardening, not a concrete issue itself
@@ -20559,78 +20559,78 @@ CVE-2015-2201
 	RESERVED
 CVE-2015-2200
 	RESERVED
-CVE-2015-2199
+CVE-2015-2199 (Multiple SQL injection vulnerabilities in the WonderPlugin Audio Playe ...)
 	NOT-FOR-US: WonderPlugin Audio Player plugin for WordPress
-CVE-2015-2198
+CVE-2015-2198 (Multiple cross-site scripting (XSS) vulnerabilities in edit_prefs.php  ...)
 	NOT-FOR-US: Beehive Forum
-CVE-2015-2197
+CVE-2015-2197 (Cross-site scripting (XSS) vulnerability in the Entity API module befo ...)
 	NOT-FOR-US: Entity module for Drupal
-CVE-2015-2196
+CVE-2015-2196 (SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPre ...)
 	NOT-FOR-US: Spider Event Calender
-CVE-2015-2195
+CVE-2015-2195 (Multiple cross-site scripting (XSS) vulnerabilities in the WP Media Cl ...)
 	NOT-FOR-US: WP Media Cleaner plugin for WordPress
-CVE-2015-2194
+CVE-2015-2194 (Unrestricted file upload vulnerability in the fusion_options function  ...)
 	NOT-FOR-US: fusion_options function in functions.php in the Fusion theme for WordPress
 CVE-2015-2193
 	RESERVED
-CVE-2015-2675
+CVE-2015-2675 (The OAuth implementation in librest before 0.7.93 incorrectly truncate ...)
 	- librest 0.7.92-3 (bug #780101)
 	[wheezy] - librest <not-affected> (rest_proxy_call_get_url not yet used)
 	[squeeze] - librest <not-affected> (rest_proxy_call_get_url not yet used)
 	NOTE: Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=742644
 	NOTE: Commit: https://git.gnome.org/browse/librest/commit/?id=b50ace7738ea038
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/04/6
-CVE-2015-2204
+CVE-2015-2204 (Evergreen before 2.5.9, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 all ...)
 	NOT-FOR-US: Evergreen library
-CVE-2015-2203
+CVE-2015-2203 (Evergreen 2.5.9, 2.6.7, and 2.7.4 allows remote authenticated users wi ...)
 	NOT-FOR-US: Evergreen library
-CVE-2015-2192
+CVE-2015-2192 (Integer overflow in the dissect_osd2_cdb_continuation function in epan ...)
 	- wireshark 1.12.1+g01b65bf-4 (bug #780372)
 	[wheezy] - wireshark <not-affected> (Only affects 1.12.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.12.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11024
-CVE-2015-2191
+CVE-2015-2191 (Integer overflow in the dissect_tnef function in epan/dissectors/packe ...)
 	{DSA-3210-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-4 (bug #780372)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023
-CVE-2015-2190
+CVE-2015-2190 (epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handl ...)
 	- wireshark 1.12.1+g01b65bf-4 (bug #780372)
 	[wheezy] - wireshark <not-affected> (Only affects 1.12.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.12.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10983
-CVE-2015-2189
+CVE-2015-2189 (Off-by-one error in the pcapng_read function in wiretap/pcapng.c in th ...)
 	{DSA-3210-1}
 	- wireshark 1.12.1+g01b65bf-4 (bug #780372)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10895
-CVE-2015-2188
+CVE-2015-2188 (epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x  ...)
 	{DSA-3210-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-4 (bug #780372)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2015-07.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b204ff4846fe84b7789893c6b1d9afbdecac5b5d
-CVE-2015-2187
+CVE-2015-2187 (The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc ...)
 	- wireshark 1.12.1+g01b65bf-4 (bug #780372)
 	[wheezy] - wireshark <not-affected> (Only affects 1.12.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.12.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9952
-CVE-2015-2186
+CVE-2015-2186 (The Ansible edxapp role in the Configuration Repo in edX allows remote ...)
 	NOT-FOR-US: edX
 CVE-2015-2185
 	RESERVED
-CVE-2015-2184
+CVE-2015-2184 (ZeusCart 4 allows remote attackers to obtain configuration information ...)
 	NOT-FOR-US: ZeusCart
-CVE-2015-2183
+CVE-2015-2183 (Multiple SQL injection vulnerabilities in the administrative backend i ...)
 	NOT-FOR-US: ZeusCart
-CVE-2015-2182
+CVE-2015-2182 (Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allo ...)
 	NOT-FOR-US: ZeusCart
-CVE-2015-2181
+CVE-2015-2181 (Multiple buffer overflows in the DBMail driver in the Password plugin  ...)
 	- roundcube 1.1.1+dfsg.1-2
 	[wheezy] - roundcube <not-affected> (variable and chgdbmailusers.c does not exist)
 	NOTE: http://trac.roundcube.net/ticket/1490261
 	NOTE: http://advisories.mageia.org/MGASA-2015-0400.html
 	NOTE: http://lists.opensuse.org/opensuse-updates/2015-07/msg00032.html
-CVE-2015-2180
+CVE-2015-2180 (The DBMail driver in the Password plugin in Roundcube before 1.1.0 all ...)
 	- roundcube 1.1.1+dfsg.1-2
 	[wheezy] - roundcube <not-affected> (dbmail driver does not exist)
 	NOTE: http://trac.roundcube.net/ticket/1490261
@@ -20640,7 +20640,7 @@ CVE-2015-2179
 	RESERVED
 CVE-2015-2178
 	REJECTED
-CVE-2015-2177
+CVE-2015-2177 (Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a d ...)
 	NOT-FOR-US: Siemens
 CVE-2015-2176
 	RESERVED
@@ -20650,23 +20650,23 @@ CVE-2015-2174
 	RESERVED
 CVE-2015-2173
 	RESERVED
-CVE-2015-2171
+CVE-2015-2171 (Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attack ...)
 	NOT-FOR-US: Slim PHP Framework
-CVE-2015-2170
+CVE-2015-2170 (The upx decoder in ClamAV before 0.98.7 allows remote attackers to cau ...)
 	{DLA-233-1}
 	- clamav 0.98.7+dfsg-1
 	[jessie] - clamav 0.98.7+dfsg-0+deb8u1
 	[wheezy] - clamav 0.98.7+dfsg-0+deb7u1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/625f5a9b8f008b8714850e4aa064dee1de06e534
-CVE-2015-2169
+CVE-2015-2169 (Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExp ...)
 	NOT-FOR-US: Zoho ManageEngine AssetExplorer
 CVE-2015-2168
 	REJECTED
-CVE-2015-2167
+CVE-2015-2167 (Open redirect vulnerability in the 3PI Manager in Ericsson Drutt Mobil ...)
 	NOT-FOR-US: Ericsson
-CVE-2015-2166
+CVE-2015-2166 (Directory traversal vulnerability in the Instance Monitor in Ericsson  ...)
 	NOT-FOR-US: Ericsson
-CVE-2015-2165
+CVE-2015-2165 (Multiple cross-site scripting (XSS) vulnerabilities in the Report View ...)
 	NOT-FOR-US: Ericsson
 CVE-2015-2164
 	RESERVED
@@ -20680,7 +20680,7 @@ CVE-2015-2160
 	RESERVED
 CVE-2015-2159
 	RESERVED
-CVE-2015-2156
+CVE-2015-2156 (Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0 ...)
 	- netty3.1 <removed>
 	[wheezy] - netty3.1 <no-dsa> (Minor issue)
 	- netty 1:4.0.31-1 (bug #796114)
@@ -20694,72 +20694,72 @@ CVE-2015-2156
 	NOTE: https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass
 	NOTE: http://web.archive.org/web/20150925094949/http://engineering.linkedin.com/security/look-netty%E2%80%99s-recent-security-update-cve%C2%AD-2015%C2%AD-2156
 	NOTE: https://github.com/slandelle/netty/commit/800555417e77029dcf8a31d7de44f27b5a8f79b8
-CVE-2015-2155
+CVE-2015-2155 (The force printer in tcpdump before 4.7.2 allows remote attackers to c ...)
 	{DSA-3193-1 DLA-174-1}
 	- tcpdump 4.6.2-4
 	NOTE: http://www.ca.tcpdump.org/cve/0002-test-case-files-for-CVE-2015-2153-2154-2155.patch
-CVE-2015-2154
+CVE-2015-2154 (The osi_print_cksum function in print-isoclns.c in the ethernet printe ...)
 	{DSA-3193-1 DLA-174-1}
 	- tcpdump 4.6.2-4
 	NOTE: http://www.ca.tcpdump.org/cve/0002-test-case-files-for-CVE-2015-2153-2154-2155.patch
-CVE-2015-2153
+CVE-2015-2153 (The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer ...)
 	{DSA-3193-1}
 	- tcpdump 4.6.2-4
 	[squeeze] - tcpdump <not-affected> (Vulnerable code not present)
 	NOTE: http://www.ca.tcpdump.org/cve/0002-test-case-files-for-CVE-2015-2153-2154-2155.patch
-CVE-2015-2152
+CVE-2015-2152 (Xen 4.5.x and earlier enables certain default backends when emulating  ...)
 	- xen 4.4.1-9 (low; bug #780975)
 	[wheezy] - xen <no-dsa> (Minor issue, xl not used in wheezy)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-119.html
-CVE-2015-2151
+CVE-2015-2151 (The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore s ...)
 	{DSA-3181-1}
 	- xen 4.4.1-8 (bug #780227)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-123.html
-CVE-2015-2150
+CVE-2015-2150 (Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not pro ...)
 	{DSA-3237-1}
 	- linux 3.16.7-ckt9-1
 	- linux-2.6 <not-affected> (xen-pciback introduced in 3.1)
 	NOTE: http://xenbits.xen.org/xsa/advisory-120.html
-CVE-2015-2149
+CVE-2015-2149 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: MyBB
-CVE-2015-2148
+CVE-2015-2148 (Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker ph ...)
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2147
+CVE-2015-2147 (Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker b ...)
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2146
+CVE-2015-2146 (Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker b ...)
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2145
+CVE-2015-2145 (Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker ph ...)
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2144
+CVE-2015-2144 (Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker ph ...)
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2143
+CVE-2015-2143 (Multiple cross-site request forgery (CSRF) vulnerabilities in Issuetra ...)
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2142
+CVE-2015-2142 (Multiple cross-site request forgery (CSRF) vulnerabilities in Issuetra ...)
 	NOT-FOR-US: phpBugTracker
-CVE-2015-2141
+CVE-2015-2141 (The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcr ...)
 	{DSA-3296-1 DLA-262-1}
 	- libcrypto++ 5.6.1-7
 	NOTE: https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff
 	NOTE: https://eprint.iacr.org/2015/368
-CVE-2015-2140
+CVE-2015-2140 (HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Op ...)
 	NOT-FOR-US: HP Systems Insight Manager
-CVE-2015-2139
+CVE-2015-2139 (HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Op ...)
 	NOT-FOR-US: HP Systems Insight Manager
 CVE-2015-2138
 	REJECTED
-CVE-2015-2137
+CVE-2015-2137 (Unspecified vulnerability in HP Operations Manager i (OMi) 9.22, 9.23, ...)
 	NOT-FOR-US: HP Operations Manager i
-CVE-2015-2136
+CVE-2015-2136 (HP ArcSight Logger before 6.0 P2 allows remote authenticated users to  ...)
 	NOT-FOR-US: HP ArcSight
-CVE-2015-2135
+CVE-2015-2135 (Unspecified vulnerability in HP Intelligent Provisioning 1.00 through  ...)
 	NOT-FOR-US: HP Intelligent Provisioning
-CVE-2015-2134
+CVE-2015-2134 (Cross-site request forgery (CSRF) vulnerability in HP System Managemen ...)
 	NOT-FOR-US: Hewlett-Packard
 CVE-2015-2133
 	REJECTED
-CVE-2015-2132
+CVE-2015-2132 (Unspecified vulnerability in the execve system-call implementation in  ...)
 	NOT-FOR-US: HP HP-UX
 CVE-2015-2131
 	REJECTED
@@ -20771,57 +20771,57 @@ CVE-2015-2128
 	REJECTED
 CVE-2015-2127
 	REJECTED
-CVE-2015-2126
+CVE-2015-2126 (Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows ...)
 	NOT-FOR-US: HP-UX (pppoec)
-CVE-2015-2125
+CVE-2015-2125 (Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10. ...)
 	NOT-FOR-US: HP WebInspect
-CVE-2015-2124
+CVE-2015-2124 (Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 ...)
 	NOT-FOR-US: HP
-CVE-2015-2123
+CVE-2015-2123 (Unspecified vulnerability in HP NonStop Safeguard Security Software H0 ...)
 	NOT-FOR-US: HP NonStop Safeguard Security Software
-CVE-2015-2122
+CVE-2015-2122 (The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows ...)
 	NOT-FOR-US: HP
-CVE-2015-2121
+CVE-2015-2121 (HP Network Virtualization for LoadRunner and Performance Center 8.61 a ...)
 	NOT-FOR-US: HP
-CVE-2015-2120
+CVE-2015-2120 (Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x be ...)
 	NOT-FOR-US: HP SiteScope
 CVE-2015-2119
 	REJECTED
-CVE-2015-2118
+CVE-2015-2118 (Unspecified vulnerability in the Secure Pull Print and Security Pull P ...)
 	NOT-FOR-US: HP Access Control Software
-CVE-2015-2117
+CVE-2015-2117 (HP TippingPoint Security Management System (SMS) and TippingPoint Virt ...)
 	NOT-FOR-US: HP TippingPoint
-CVE-2015-2116
+CVE-2015-2116 (Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 ...)
 	NOT-FOR-US: HP
-CVE-2015-2115
+CVE-2015-2115 (Unspecified vulnerability in HP Capture and Route Software (HPCR) 1.3  ...)
 	NOT-FOR-US: HP Capture and Route
-CVE-2015-2114
+CVE-2015-2114 (HP Support Solution Framework before 11.51.0049 allows remote attacker ...)
 	NOT-FOR-US: HP Support Solution Framework
-CVE-2015-2113
+CVE-2015-2113 (Unspecified vulnerability in HP Easy Deploy, as distributed standalone ...)
 	NOT-FOR-US: HP Thin Clients
-CVE-2015-2112
+CVE-2015-2112 (Unspecified vulnerability in HP Easy Deploy, as distributed standalone ...)
 	NOT-FOR-US: HP Thin Clients
-CVE-2015-2111
+CVE-2015-2111 (Unspecified vulnerability in HP Intelligent Provisioning 1.40 through  ...)
 	NOT-FOR-US: HP Intelligent Provisioning
-CVE-2015-2110
+CVE-2015-2110 (Buffer overflow in HP LoadRunner 11.52 allows remote attackers to exec ...)
 	NOT-FOR-US: HP LoadRunner
-CVE-2015-2109
+CVE-2015-2109 (Unspecified vulnerability in HP Operations Orchestration 10.x allows r ...)
 	NOT-FOR-US: HP Operations Orchestration
-CVE-2015-2108
+CVE-2015-2108 (Unspecified vulnerability in Powershell Operations in HP Operations Or ...)
 	NOT-FOR-US: HP Operations Orchestration
-CVE-2015-2107
+CVE-2015-2107 (HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows ...)
 	NOT-FOR-US: HP Operations Manager
-CVE-2015-2106
+CVE-2015-2106 (Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 ...)
 	NOT-FOR-US: HP Integrated Lights-Out
 CVE-2015-2105
 	RESERVED
 CVE-2015-2104
 	RESERVED
-CVE-2015-2103
+CVE-2015-2103 (Cross-site scripting (XSS) vulnerability in the admin-login panel (adm ...)
 	NOT-FOR-US: Cosmoshop
-CVE-2015-2102
+CVE-2015-2102 (SQL injection vulnerability in view_item.php in ClipBucket 2.7 RC3 (2. ...)
 	NOT-FOR-US: ClipBucket
-CVE-2015-2101
+CVE-2015-2101 (Cross-site scripting (XSS) vulnerability in the Navigate bar in the Na ...)
 	NOT-FOR-US: Navigate module for Drupal
 CVE-2015-XXXX [heap buffer overflow]
 	- bibtool 2.57+ds-3 (bug #779573)
@@ -20851,7 +20851,7 @@ CVE-2015-XXXX [MATTA-2015-002: Enforce acceptable range for Diffie-Hellman serve
 	NOTE: temporary workaround until CVE assigned to explitly tag for wheezy+squeeze
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/27/4
 	NOTE: http://advisories.mageia.org/MGASA-2015-0098.html
-CVE-2015-2172
+CVE-2015-2172 (DokuWiki before 2014-05-05d and before 2014-09-29c does not properly c ...)
 	- dokuwiki 0.0.20140929.d-1 (bug #779547)
 	[jessie] - dokuwiki 0.0.20140505.a+dfsg-4
 	[squeeze] - dokuwiki <not-affected> (Vulnerable code not present)
@@ -20859,12 +20859,12 @@ CVE-2015-2172
 	NOTE: present since release_candidate_2013-10-28
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/1056
 	NOTE: https://github.com/splitbrain/dokuwiki/commit/4970ad24ce49ec76a0ee67bca7594f918ced2f5f
-CVE-2015-2158
+CVE-2015-2158 (Off-by-one error in the pngcrush_measure_idat function in pngcrush.c i ...)
 	- pngcrush <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by http://sourceforge.net/p/pmt/code/ci/e1a36a9639e2db16494d90459c7c2b78677a20bf/ (1.7.83)
 	NOTE: Fixed by: http://sourceforge.net/p/pmt/code/ci/a1ce646d00a400fd9ec321ab5cb522f40b7bdfe6/ (1.7.84)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/28/6
-CVE-2015-2157
+CVE-2015-2157 (The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY ...)
 	{DSA-3190-1 DLA-173-1}
 	- putty 0.63-10 (bug #779488)
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html
@@ -20874,44 +20874,44 @@ CVE-2015-2099
 	RESERVED
 CVE-2015-2098
 	RESERVED
-CVE-2015-2097
+CVE-2015-2097 (Multiple buffer overflows in WebGate Embedded Standard Protocol (WESP) ...)
 	NOT-FOR-US: WESP SDK
-CVE-2015-2096
+CVE-2015-2096 (Use-after-free vulnerability in the Connect function in the WESPMonito ...)
 	NOT-FOR-US: WebGate eDVR Manager
-CVE-2015-2095
+CVE-2015-2095 (Heap-based buffer overflow in the SetConnectInfo function in the WESPP ...)
 	NOT-FOR-US: WebGate eDVR Manager
-CVE-2015-2094
+CVE-2015-2094 (Stack-based buffer overflow in the WESPPlayback.WESPPlaybackCtrl.1 con ...)
 	NOT-FOR-US: WebGate WinRDS
-CVE-2015-2093
+CVE-2015-2093 (Stack-based buffer overflow in the Connect function in the WebGate Web ...)
 	NOT-FOR-US: WebGate WEbEyeAudio ActiveX control
-CVE-2015-2092
+CVE-2015-2092 (The AnnotationX.AnnList.1 ActiveX control in Agilent Technologies Feat ...)
 	NOT-FOR-US: Agilent Technologies Feature Extraction
-CVE-2015-2090
+CVE-2015-2090 (SQL injection vulnerability in the ajax_survey function in settings.ph ...)
 	NOT-FOR-US: ajax_survey function in settings.php in the WordPress Survey and Poll plugin for WordPress
-CVE-2015-2089
+CVE-2015-2089 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Cros ...)
 	NOT-FOR-US: CrossSlide jQuery (crossslide-jquery-plugin-for-wordpress) plugin for WordPress
-CVE-2015-2088
+CVE-2015-2088 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
 	NOT-FOR-US: Term Queue model for Drupal
-CVE-2015-2087
+CVE-2015-2087 (Unrestricted file upload vulnerability in the Avatar Uploader module b ...)
 	NOT-FOR-US: Avatar Uploader module for Drupal
-CVE-2015-2086
+CVE-2015-2086 (Cross-site scripting (XSS) vulnerability in the live preview in the Pa ...)
 	NOT-FOR-US: Panopoly Magic module for Drupal
 CVE-2015-2085
 	RESERVED
-CVE-2015-2084
+CVE-2015-2084 (Cross-site request forgery (CSRF) vulnerability in the Easy Social Ico ...)
 	NOT-FOR-US: Easy Social Icons plugin for WordPress
-CVE-2015-2083
+CVE-2015-2083 (Cross-site request forgery (CSRF) vulnerability in Ilch CMS allows rem ...)
 	NOT-FOR-US: Ilch CMS
-CVE-2015-2082
+CVE-2015-2082 (Cross-site scripting (XSS) vulnerability in Login.aspx in UNIT4 Prosof ...)
 	NOT-FOR-US: UNIT4 Prosoft HRMS
-CVE-2015-2081
+CVE-2015-2081 (Datto ALTO and SIRIS devices allow Remote Code Execution via unauthent ...)
 	NOT-FOR-US: Datto ALTO and SIRIS devices
-CVE-2015-8985
+CVE-2015-8985 (The pop_fail_stack function in the GNU C Library (aka glibc or libc6)  ...)
 	- glibc 2.28-1 (unimportant; bug #779392)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21163
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eb04c21373e2a2885f3d52ff192b0499afe3c672 (2.28)
 	NOTE: DoS via crafted regexps are not considered security issues by glibc upstream
-CVE-2015-8984
+CVE-2015-8984 (The fnmatch function in the GNU C Library (aka glibc or libc6) before  ...)
 	{DLA-316-1}
 	- glibc 2.21-1 (bug #779587)
 	[jessie] - glibc 2.19-18+deb8u2
@@ -20922,37 +20922,37 @@ CVE-2015-8984
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/26/5
 CVE-2015-2079
 	RESERVED
-CVE-2015-2078
+CVE-2015-2078 (The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft  ...)
 	NOT-FOR-US: Lavasoft Ad-Aware Web Companion
-CVE-2015-2077
+CVE-2015-2077 (The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft  ...)
 	NOT-FOR-US: Lavasoft Ad-Aware Web Companion
-CVE-2015-2076
+CVE-2015-2076 (The Auditing service in SAP BusinessObjects Edge 4.0 allows remote att ...)
 	NOT-FOR-US: SAP
-CVE-2015-2075
+CVE-2015-2075 (SAP BusinessObjects Edge 4.0 allows remote attackers to delete audit e ...)
 	NOT-FOR-US: SAP
 CVE-2015-2074
 	RESERVED
 CVE-2015-2073
 	RESERVED
-CVE-2015-2072
+CVE-2015-2072 (Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA 73 (1. ...)
 	NOT-FOR-US: SAP
-CVE-2015-2071
+CVE-2015-2071 (Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouc ...)
 	NOT-FOR-US: eTouch SamePage Enterprise Edition
-CVE-2015-2070
+CVE-2015-2070 (SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4. ...)
 	NOT-FOR-US: eTouch SamePage Enterprise Edition
-CVE-2015-2069
+CVE-2015-2069 (Cross-site scripting (XSS) vulnerability in the WooCommerce plugin bef ...)
 	NOT-FOR-US: WooCommerce plugin for WordPress
-CVE-2015-2068
+CVE-2015-2068 (Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka  ...)
 	NOT-FOR-US: Magento Server
-CVE-2015-2067
+CVE-2015-2067 (Directory traversal vulnerability in web/ajax_pluginconf.php in the MA ...)
 	NOT-FOR-US: Magento Server
-CVE-2015-2066
+CVE-2015-2066 (SQL injection vulnerability in DLGuard 4.5 allows remote attackers to  ...)
 	NOT-FOR-US: DLGuard
-CVE-2015-2065
+CVE-2015-2065 (SQL injection vulnerability in videogalleryrss.php in the Apptha WordP ...)
 	NOT-FOR-US: Apptha WordPress Video Gallery (contus-video-gallery) plugin for WordPress
-CVE-2015-2064
+CVE-2015-2064 (Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, ...)
 	NOT-FOR-US: DLGuard
-CVE-2015-2080
+CVE-2015-2080 (The exception handling code in Eclipse Jetty before 9.2.9.v20150224 al ...)
 	- jetty <not-affected> (Only affects 9.2.3.v20140905 through 9.2.8.v20150217)
 	- jetty8 <not-affected> (Only affects 9.2.3.v20140905 through 9.2.8.v20150217)
 	NOTE: http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00074.html
@@ -20960,45 +20960,45 @@ CVE-2015-2080
 	NOTE: http://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.html
 CVE-2015-2062
 	RESERVED
-CVE-2015-2061
+CVE-2015-2061 (Heap-based buffer overflow in the browser plugin for PTC Creo View all ...)
 	NOT-FOR-US: PTC Creo View
 CVE-2015-2057
 	RESERVED
 CVE-2015-2056
 	RESERVED
-CVE-2015-2055
+CVE-2015-2055 (Zhone GPON 2520 with firmware R4.0.2.566b allows remote attackers to c ...)
 	NOT-FOR-US: Zhone GPON 2520
-CVE-2015-2054
+CVE-2015-2054 (CRLF injection vulnerability in export.cfg in the web-based administra ...)
 	NOT-FOR-US: Sierra Wireless AirCard
-CVE-2015-2053
+CVE-2015-2053 (The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, wh ...)
 	NOT-FOR-US: McAfee
-CVE-2015-2052
+CVE-2015-2052 (Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev.  ...)
 	NOT-FOR-US: DIR-645 Wired/Wireless Router Rev. Ax
-CVE-2015-2051
+CVE-2015-2051 (The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 ...)
 	NOT-FOR-US: D-Link DIR-645 Wired/Wireless Router Rev. Ax
-CVE-2015-2050
+CVE-2015-2050 (D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers t ...)
 	NOT-FOR-US: D-Link DAP-1320 Rev Ax
-CVE-2015-2049
+CVE-2015-2049 (Unrestricted file upload vulnerability in D-Link DCS-931L with firmwar ...)
 	NOT-FOR-US: D-Link DCS-931L
-CVE-2015-2048
+CVE-2015-2048 (Cross-site request forgery (CSRF) vulnerability in D-Link DCS-931L wit ...)
 	NOT-FOR-US: D-Link DCS-931L
-CVE-2015-2045
+CVE-2015-2045 (The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does n ...)
 	{DSA-3181-1}
 	- xen 4.4.1-8
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-122.html
-CVE-2015-2044
+CVE-2015-2044 (The emulation routines for unspecified X86 devices in Xen 3.2.x throug ...)
 	{DSA-3181-1}
 	- xen 4.4.1-8
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-121.html
-CVE-2015-2043
+CVE-2015-2043 (Multiple cross-site scripting (XSS) vulnerabilities in Visualware MyCo ...)
 	NOT-FOR-US: Visualware
-CVE-2015-2040
+CVE-2015-2040 (Cross-site scripting (XSS) vulnerability in the Contact Form DB (aka C ...)
 	NOT-FOR-US: Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin for WordPress
-CVE-2015-2039
+CVE-2015-2039 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Acob ...)
 	NOT-FOR-US: Acobot Live Chat & Contact Form plugin for WordPress
-CVE-2015-8983
+CVE-2015-8983 (Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c  ...)
 	{DLA-316-1}
 	- eglibc <removed>
 	[wheezy] - eglibc 2.13-38+deb7u9
@@ -21008,7 +21008,7 @@ CVE-2015-8983
 	NOTE: Fixed upstream in 2.22
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bdf1ff052a8e23d637f2c838fa5642d78fcedc33
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/22/15
-CVE-2015-8477
+CVE-2015-8477 (Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allow ...)
 	- redmine 3.0~20140825-5 (low)
 	[squeeze] - redmine <end-of-life> (Redmine not supported because of rails)
 	[wheezy] - redmine <end-of-life> (Redmine not supported because of rails)
@@ -21016,7 +21016,7 @@ CVE-2015-8477
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/19117
 	NOTE: https://github.com/redmine/redmine/commit/a1f40686ba43d121cbc8c095d2f8cc4095e70352#diff-847ef9328e260b1b93fd165d072b072d
-CVE-2015-2047
+CVE-2015-2047 (The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through 4.4 ...)
 	{DSA-3164-1}
 	- typo3-src 4.5.40+dfsg1-1 (bug #778870)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
@@ -21027,348 +21027,348 @@ CVE-2015-2037
 	RESERVED
 CVE-2015-2036
 	RESERVED
-CVE-2015-2033
+CVE-2015-2033 (Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-234 ...)
 	NOT-FOR-US: Anyterm Daemon
 CVE-2015-2032
 	RESERVED
-CVE-2015-2031
+CVE-2015-2031 (Cross-site scripting (XSS) vulnerability in IBM WebSphere eXtreme Scal ...)
 	NOT-FOR-US: IBM
-CVE-2015-2030
+CVE-2015-2030 (IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1. ...)
 	NOT-FOR-US: IBM
-CVE-2015-2029
+CVE-2015-2029 (Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 be ...)
 	NOT-FOR-US: IBM
-CVE-2015-2028
+CVE-2015-2028 (CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 befo ...)
 	NOT-FOR-US: IBM
-CVE-2015-2027
+CVE-2015-2027 (IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1. ...)
 	NOT-FOR-US: IBM
-CVE-2015-2026
+CVE-2015-2026 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere eXtre ...)
 	NOT-FOR-US: IBM
-CVE-2015-2025
+CVE-2015-2025 (IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1. ...)
 	NOT-FOR-US: IBM
 CVE-2015-2024
 	RESERVED
-CVE-2015-2023
+CVE-2015-2023 (Buffer overflow in IBM i Access 7.1 on Windows allows local users to g ...)
 	NOT-FOR-US: IBM i Access 7.1 on Windows
 CVE-2015-2022
 	RESERVED
 CVE-2015-2021
 	RESERVED
-CVE-2015-2020
+CVE-2015-2020 (The MyScript SDK before 1.3 for Android might allow attackers to execu ...)
 	NOT-FOR-US: MyScript SDK
-CVE-2015-2019
+CVE-2015-2019 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iF ...)
 	NOT-FOR-US: IBM
-CVE-2015-2018
+CVE-2015-2018 (IBM Integration Bus 9 and 10 before 10.0.0.1 and WebSphere Message Bro ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-2017
+CVE-2015-2017 (CRLF injection vulnerability in IBM WebSphere Application Server (WAS) ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2015-2016
+CVE-2015-2016 (Unspecified vulnerability in IBM QRadar SIEM 7.1 MR2 before Patch 11 I ...)
 	NOT-FOR-US: IBM
-CVE-2015-2015
+CVE-2015-2015 (Cross-site scripting (XSS) vulnerability in pubnames.ntf (aka the Dire ...)
 	NOT-FOR-US: IBM Domino
-CVE-2015-2014
+CVE-2015-2014 (Open redirect vulnerability in the web server in IBM Domino 8.5 before ...)
 	NOT-FOR-US: IBM Domino
-CVE-2015-2013
+CVE-2015-2013 (IBM WebSphere MQ 7.0.1 before 7.0.1.13 allows remote attackers to caus ...)
 	NOT-FOR-US: IBM
-CVE-2015-2012
+CVE-2015-2012 (The MQXR service in WMQ Telemetry in IBM WebSphere MQ 7.1 before 7.1.0 ...)
 	NOT-FOR-US: IBM
-CVE-2015-2011
+CVE-2015-2011 (The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Patch 1 ...)
 	NOT-FOR-US: IBM
 CVE-2015-2010
 	REJECTED
-CVE-2015-2009
+CVE-2015-2009 (Cross-site request forgery (CSRF) vulnerability in the xmlrpc.cgi serv ...)
 	NOT-FOR-US: IBM
-CVE-2015-2008
+CVE-2015-2008 (IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x befor ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2015-2007
+CVE-2015-2007 (Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x be ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
 CVE-2015-2006
 	RESERVED
-CVE-2015-2005
+CVE-2015-2005 (IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x befor ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2015-2004
+CVE-2015-2004 (The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might a ...)
 	NOT-FOR-US: GraceNote GNSDK SDK
-CVE-2015-2003
+CVE-2015-2003 (The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allo ...)
 	NOT-FOR-US: PJSIP PJSUA2 SDK
-CVE-2015-2002
+CVE-2015-2002 (The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow at ...)
 	NOT-FOR-US: ESRI ArcGis Runtime SDK
-CVE-2015-2001
+CVE-2015-2001 (The MetaIO SDK before 6.0.2.1 for Android might allow attackers to exe ...)
 	NOT-FOR-US: MetaIO SDK
-CVE-2015-2000
+CVE-2015-2000 (The Jumio SDK before 1.5.0 for Android might allow attackers to execut ...)
 	NOT-FOR-US: Jumio SDK
-CVE-2015-1999
+CVE-2015-1999 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 plac ...)
 	NOT-FOR-US: IBM QRadar
 CVE-2015-1998
 	RESERVED
-CVE-2015-1997
+CVE-2015-1997 (Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar ...)
 	NOT-FOR-US: IBM QRadar
-CVE-2015-1996
+CVE-2015-1996 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does ...)
 	NOT-FOR-US: IBM QRadar
-CVE-2015-1995
+CVE-2015-1995 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QR ...)
 	NOT-FOR-US: IBM QRadar
-CVE-2015-1994
+CVE-2015-1994 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does ...)
 	NOT-FOR-US: IBM QRadar
-CVE-2015-1993
+CVE-2015-1993 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does ...)
 	NOT-FOR-US: IBM QRadar
-CVE-2015-1992
+CVE-2015-1992 (IBM Systems Director 5.2.x, 6.1.x, 6.2.0.x, 6.2.1.x, 6.3.0.0, 6.3.1.x, ...)
 	NOT-FOR-US: IBM Systems Director
 CVE-2015-1991
 	REJECTED
 CVE-2015-1990
 	REJECTED
-CVE-2015-1989
+CVE-2015-1989 (SQL injection vulnerability in IBM Security QRadar Incident Forensics  ...)
 	NOT-FOR-US: IBM QRadar
-CVE-2015-1988
+CVE-2015-1988 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger  ...)
 	NOT-FOR-US: IBM
-CVE-2015-1987
+CVE-2015-1987 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: IBM
-CVE-2015-1986
+CVE-2015-1986 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 al ...)
 	NOT-FOR-US: IBM
-CVE-2015-1985
+CVE-2015-1985 (The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows loc ...)
 	NOT-FOR-US: IBM MQ M2000 appliances
-CVE-2015-1984
+CVE-2015-1984 (IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, ...)
 	NOT-FOR-US: IBM
-CVE-2015-1983
+CVE-2015-1983 (Cross-site scripting (XSS) vulnerability in the Projects page in IBM U ...)
 	NOT-FOR-US: IBM
-CVE-2015-1982
+CVE-2015-1982 (IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, ...)
 	NOT-FOR-US: IBM
-CVE-2015-1981
+CVE-2015-1981 (Cross-site scripting (XSS) vulnerability in the web server in IBM Domi ...)
 	NOT-FOR-US: IBM
-CVE-2015-1980
+CVE-2015-1980 (IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, ...)
 	NOT-FOR-US: IBM
-CVE-2015-1979
+CVE-2015-1979 (Multiple cross-site scripting (XSS) vulnerabilities in the Error dialo ...)
 	NOT-FOR-US: IBM
-CVE-2015-1978
+CVE-2015-1978 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Security Direct ...)
 	NOT-FOR-US: IBM
-CVE-2015-1977
+CVE-2015-1977 (Directory traversal vulnerability in the Web Administration tool in IB ...)
 	NOT-FOR-US: IBM
-CVE-2015-1976
+CVE-2015-1976 (IBM Security Directory Server could allow an authenticated user to exe ...)
 	NOT-FOR-US: IBM
-CVE-2015-1975
+CVE-2015-1975 (The web administration tool in IBM Tivoli Security Directory Server 6. ...)
 	NOT-FOR-US: IBM
-CVE-2015-1974
+CVE-2015-1974 (The web administration tool in IBM Tivoli Security Directory Server 6. ...)
 	NOT-FOR-US: IBM
 CVE-2015-1973
 	RESERVED
-CVE-2015-1972
+CVE-2015-1972 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iF ...)
 	NOT-FOR-US: IBM
-CVE-2015-1971
+CVE-2015-1971 (Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IB ...)
 	NOT-FOR-US: IBM
-CVE-2015-1970
+CVE-2015-1970 (The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 ...)
 	NOT-FOR-US: IBM
-CVE-2015-1969
+CVE-2015-1969 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Common Reportin ...)
 	NOT-FOR-US: IBM
-CVE-2015-1968
+CVE-2015-1968 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data ...)
 	NOT-FOR-US: IBM
-CVE-2015-1967
+CVE-2015-1967 (MQ Explorer in IBM WebSphere MQ before 8.0.0.3 does not recognize the  ...)
 	NOT-FOR-US: IBM
-CVE-2015-1966
+CVE-2015-1966 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Fede ...)
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2015-1965
+CVE-2015-1965 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-1964
+CVE-2015-1964 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-1963
+CVE-2015-1963 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-1962
+CVE-2015-1962 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-1961
+CVE-2015-1961 (The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1 ...)
 	NOT-FOR-US: IBM
 CVE-2015-1960
 	RESERVED
-CVE-2015-1959
+CVE-2015-1959 (IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iF ...)
 	NOT-FOR-US: IBM
-CVE-2015-1958
+CVE-2015-1958 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: IBM
-CVE-2015-1957
+CVE-2015-1957 (IBM WebSphere MQ 7.5.x before 7.5.0.6 and 8.0.x before 8.0.0.3 allows  ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2015-1956
+CVE-2015-1956 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: IBM
-CVE-2015-1955
+CVE-2015-1955 (IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: IBM
-CVE-2015-1954
+CVE-2015-1954 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-1953
+CVE-2015-1953 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-1952
+CVE-2015-1952 (Cross-site scripting (XSS) vulnerability in IBM AppScan Enterprise Edi ...)
 	NOT-FOR-US: IBM
-CVE-2015-1951
+CVE-2015-1951 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
 	NOT-FOR-US: IBM
-CVE-2015-1950
+CVE-2015-1950 (IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require  ...)
 	NOT-FOR-US: IBM
-CVE-2015-1949
+CVE-2015-1949 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 al ...)
 	NOT-FOR-US: IBM
-CVE-2015-1948
+CVE-2015-1948 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-1947
+CVE-2015-1947 (Untrusted search path vulnerability in IBM InfoSphere BigInsights 3.0, ...)
 	NOT-FOR-US: IBM InfoSphere BigInsights
-CVE-2015-1946
+CVE-2015-1946 (IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6, and WebSphe ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-1945
+CVE-2015-1945 (Unspecified vulnerability in the Reference Data Management component i ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2015-1944
+CVE-2015-1944 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-1943
+CVE-2015-1943 (IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1 ...)
 	NOT-FOR-US: IBM
-CVE-2015-1942
+CVE-2015-1942 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 al ...)
 	NOT-FOR-US: IBM
-CVE-2015-1941
+CVE-2015-1941 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 al ...)
 	NOT-FOR-US: IBM
 CVE-2015-1940
 	RESERVED
 CVE-2015-1939
 	RESERVED
-CVE-2015-1938
+CVE-2015-1938 (The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 al ...)
 	NOT-FOR-US: IBM
-CVE-2015-1937
+CVE-2015-1937 (IBM PowerVC 1.2.0.x through 1.2.0.4, 1.2.1.x through 1.2.1.2, and 1.2. ...)
 	NOT-FOR-US: IBM PowerVC
-CVE-2015-1936
+CVE-2015-1936 (The administrative console in IBM WebSphere Application Server (WAS) 8 ...)
 	NOT-FOR-US: IBM WAS
-CVE-2015-1935
+CVE-2015-1935 (The scalar-function implementation in IBM DB2 9.7 through FP10, 9.8 th ...)
 	NOT-FOR-US: IBM DB2
-CVE-2015-1934
+CVE-2015-1934 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
 	NOT-FOR-US: IBM
-CVE-2015-1933
+CVE-2015-1933 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 ...)
 	NOT-FOR-US: IBM
-CVE-2015-1932
+CVE-2015-1932 (IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before 8.0 ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2015-1931
 	RESERVED
 	NOT-FOR-US: IBM JDK
-CVE-2015-1930
+CVE-2015-1930 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-1929
+CVE-2015-1929 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-1928
+CVE-2015-1928 (Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Life ...)
 	NOT-FOR-US: IBM
-CVE-2015-1927
+CVE-2015-1927 (The default configuration of IBM WebSphere Application Server (WAS) 7. ...)
 	NOT-FOR-US: IBM WAS
-CVE-2015-1926
+CVE-2015-1926 (Unspecified vulnerability in the Oracle WebCenter Portal component in  ...)
 	NOT-FOR-US: Oracle WebCenter Portal
-CVE-2015-1925
+CVE-2015-1925 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-1924
+CVE-2015-1924 (Stack-based buffer overflow in the server in IBM Tivoli Storage Manage ...)
 	NOT-FOR-US: IBM
-CVE-2015-1923
+CVE-2015-1923 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6 ...)
 	NOT-FOR-US: IBM
-CVE-2015-1922
+CVE-2015-1922 (The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 thro ...)
 	NOT-FOR-US: IBM DB2
-CVE-2015-1921
+CVE-2015-1921 (Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0 ...)
 	NOT-FOR-US: IBM
-CVE-2015-1920
+CVE-2015-1920 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 befor ...)
 	NOT-FOR-US: IBM
-CVE-2015-1919
+CVE-2015-1919 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incide ...)
 	NOT-FOR-US: IBM
 CVE-2015-1918
 	RESERVED
-CVE-2015-1917
+CVE-2015-1917 (Cross-site scripting (XSS) vulnerability in the Active Content Filteri ...)
 	NOT-FOR-US: IBM
-CVE-2015-1916
+CVE-2015-1916 (Unspecified vulnerability in IBM Java 8 before SR1 allows remote attac ...)
 	NOT-FOR-US: IBM JDK
-CVE-2015-1915
+CVE-2015-1915 (The Endpoint Manager for Remote Control component in IBM Tivoli Endpoi ...)
 	NOT-FOR-US: IBM
-CVE-2015-1914
+CVE-2015-1914 (IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before  ...)
 	NOT-FOR-US: IBM JDK
-CVE-2015-1913
+CVE-2015-1913 (Rational Test Control Panel in IBM Rational Test Workbench and Rationa ...)
 	NOT-FOR-US: IBM
 CVE-2015-1912
 	RESERVED
-CVE-2015-1911
+CVE-2015-1911 (Cross-site scripting (XSS) vulnerability in Sterling Order Management  ...)
 	NOT-FOR-US: Sterling Order Management
-CVE-2015-1910
+CVE-2015-1910 (Cross-site scripting (XSS) vulnerability in the Reference Data Managem ...)
 	NOT-FOR-US: IBM
-CVE-2015-1909
+CVE-2015-1909 (The XML parser in the Reference Data Management component in the serve ...)
 	NOT-FOR-US: IBM
-CVE-2015-1908
+CVE-2015-1908 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2015-1907
+CVE-2015-1907 (The Administration and Reporting Tool in IBM Rational License Key Serv ...)
 	NOT-FOR-US: IBM Rational License Key Server
-CVE-2015-1906
+CVE-2015-1906 (Cross-site scripting (XSS) vulnerability in the REST API in IBM Busine ...)
 	NOT-FOR-US: IBM BPM
-CVE-2015-1905
+CVE-2015-1905 (The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1 ...)
 	NOT-FOR-US: IBM BPM
-CVE-2015-1904
+CVE-2015-1904 (IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3, 8.5.0 throug ...)
 	NOT-FOR-US: IBM
-CVE-2015-1903
+CVE-2015-1903 (Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and ...)
 	NOT-FOR-US: IBM
-CVE-2015-1902
+CVE-2015-1902 (Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and ...)
 	NOT-FOR-US: IBM
-CVE-2015-1901
+CVE-2015-1901 (The installer in IBM InfoSphere Information Server 8.5 through 11.3 be ...)
 	NOT-FOR-US: IBM
-CVE-2015-1900
+CVE-2015-1900 (IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, and 11.3 through 11.3.1.2 ...)
 	NOT-FOR-US: IBM
-CVE-2015-1899
+CVE-2015-1899 (IBM WebSphere Portal 8.5 through CF05 allows remote attackers to cause ...)
 	NOT-FOR-US: IBM
-CVE-2015-1898
+CVE-2015-1898 (Stack-based buffer overflow in the FastBackMount process in IBM Tivoli ...)
 	NOT-FOR-US: IBM
-CVE-2015-1897
+CVE-2015-1897 (Stack-based buffer overflow in the FastBackMount process in IBM Tivoli ...)
 	NOT-FOR-US: IBM
-CVE-2015-1896
+CVE-2015-1896 (Stack-based buffer overflow in the FastBackMount process in IBM Tivoli ...)
 	NOT-FOR-US: IBM
-CVE-2015-1895
+CVE-2015-1895 (IBM InfoSphere Optim Workload Replay 2.x before 2.1.0.3 relies on clie ...)
 	NOT-FOR-US: IBM
-CVE-2015-1894
+CVE-2015-1894 (Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Opti ...)
 	NOT-FOR-US: IBM
-CVE-2015-1893
+CVE-2015-1893 (The IBM WebSphere DataPower XC10 appliance 2.1 before 2.1.0.3 allows r ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-1892
+CVE-2015-1892 (The Multicast DNS (mDNS) responder in IBM Security Access Manager for  ...)
 	NOT-FOR-US: IBM Security Access Manager
 CVE-2015-1891
 	RESERVED
-CVE-2015-1890
+CVE-2015-1890 (/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) ...)
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2015-1889
+CVE-2015-1889 (The Big SQL component in IBM InfoSphere BigInsights 3.0 through 3.0.0. ...)
 	NOT-FOR-US: IBM InfoSphere BigInsights
-CVE-2015-1888
+CVE-2015-1888 (Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0. ...)
 	NOT-FOR-US: IBM
-CVE-2015-1887
+CVE-2015-1887 (IBM WebSphere Portal 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1  ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2015-1886
+CVE-2015-1886 (The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 6 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2015-1885
+CVE-2015-1885 (WebSphereOauth20SP.ear in IBM WebSphere Application Server (WAS) 7.0 b ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2015-1884
+CVE-2015-1884 (Directory traversal vulnerability in IBM Business Process Manager (BPM ...)
 	NOT-FOR-US: IBM
-CVE-2015-1883
+CVE-2015-1883 (IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 t ...)
 	NOT-FOR-US: IBM DB2
-CVE-2015-1882
+CVE-2015-1882 (Multiple race conditions in IBM WebSphere Application Server (WAS) 8.5 ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2015-1880
+CVE-2015-1880 (Cross-site scripting (XSS) vulnerability in the sslvpn login page in F ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2015-1879
+CVE-2015-1879 (Cross-site scripting (XSS) vulnerability in the Google Doc Embedder pl ...)
 	NOT-FOR-US: Google Doc Embedder plugin for WordPress
-CVE-2015-2042
+CVE-2015-2042 (net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect dat ...)
 	{DSA-3237-1 DLA-246-1}
 	- linux 3.16.7-ckt9-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Minor issue)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=db27ebb111e9f69efece08e4cb6a34ff980f8896 (v3.19)
 	NOTE: (earliest) introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e5048495c8569bfdd552750e0315973c61e7c93 (v2.6.30-rc1)
-CVE-2015-2041
+CVE-2015-2041 (net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incor ...)
 	{DSA-3237-1 DLA-246-1}
 	- linux 3.16.7-ckt9-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Minor issue)
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49 (v3.19-rc7)
 	NOTE: (earliest) introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=590232a7150674b2036291eaefce085f3f9659c8 (v2.6.14-rc3)
-CVE-2015-2035
+CVE-2015-2035 (SQL injection vulnerability in the administrative backend in Piwigo be ...)
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2015-2034
+CVE-2015-2034 (Cross-site scripting (XSS) vulnerability in the administrative backend ...)
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2015-1878
+CVE-2015-1878 (Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, a ...)
 	NOT-FOR-US: nShield Connect hardware models
-CVE-2015-1876
+CVE-2015-1876 (Directory traversal vulnerability in ES File Explorer 3.2.4.1. ...)
 	NOT-FOR-US: ES File Explorer
-CVE-2015-1875
+CVE-2015-1875 (SQL injection vulnerability in a2billing/customer/iridium_threed.php i ...)
 	NOT-FOR-US: Elastix
-CVE-2015-1874
+CVE-2015-1874 (Cross-site request forgery (CSRF) vulnerability in the Contact Form DB ...)
 	NOT-FOR-US: Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin for WordPress
 CVE-2015-1873
 	RESERVED
-CVE-2015-1872
+CVE-2015-1872 (The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg be ...)
 	{DLA-644-1}
 	- ffmpeg 7:2.5.4-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
@@ -21378,12 +21378,12 @@ CVE-2015-1872
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=fabbfaa095660982cc0bc63242c459561fa37037
 CVE-2015-1871
 	RESERVED
-CVE-2015-1870
+CVE-2015-1870 (The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-re ...)
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
 CVE-2015-1869
 	RESERVED
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
-CVE-2015-1868
+CVE-2015-1868 (The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6. ...)
 	- pdns 3.4.4-1
 	[jessie] - pdns 3.4.1-4+deb8u1
 	[wheezy] - pdns <not-affected> (3.2 and up affected)
@@ -21393,20 +21393,20 @@ CVE-2015-1868
 	[wheezy] - pdns-recursor <not-affected> (3.5 and up affected)
 	[squeeze] - pdns-recursor <not-affected> (3.5 and up affected)
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/
-CVE-2015-1867
+CVE-2015-1867 (Pacemaker before 1.1.13 does not properly evaluate added nodes, which  ...)
 	- pacemaker <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by: https://github.com/ClusterLabs/pacemaker/commit/f242c1ef (Pacemaker-1.1.12-rc1)
 	NOTE: Fixed by: https://github.com/ClusterLabs/pacemaker/commit/84ac07c (Pacemaker-1.1.13-rc2)
-CVE-2015-1866
+CVE-2015-1866 (Cross-site scripting (XSS) vulnerability in Ember.js 1.10.x before 1.1 ...)
 	NOT-FOR-US: ember.js
-CVE-2015-1865
+CVE-2015-1865 (fts.c in coreutils 8.4 allows local users to delete arbitrary files. ...)
 	- coreutils 8.13-1 (low)
 	[squeeze] - coreutils <no-dsa> (Minor issue)
 	NOTE: relevant code changed between 8.5 and 8.13, see https://bugzilla.redhat.com/show_bug.cgi?id=1211300 for details
 	NOTE: Issue reproduced in with 8.5 and confirmed to not work with 8.13-3.5
-CVE-2015-1864
+CVE-2015-1864 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	- kallithea <itp> (bug #689573)
-CVE-2015-1863
+CVE-2015-1863 (Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows re ...)
 	{DSA-3233-1}
 	- wpa 2.3-2 (bug #783148)
 	- wpasupplicant <not-affected> (Vulnerable code present since v1.0)
@@ -21414,11 +21414,11 @@ CVE-2015-1863
 	NOTE: Vulnerable are v1.0-v2.4 with CONFIG_P2P build option enabled
 	NOTE: CONFIG_P2P enabled since 1.1-1 in debian/config/wpasupplicant/linux
 	NOTE: Binary packages built for wheezy are not affected since WiFi P2P is disabled
-CVE-2015-1862
+CVE-2015-1862 (The crash reporting feature in Abrt allows local users to gain privile ...)
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
 CVE-2015-1861
 	RESERVED
-CVE-2015-1860
+CVE-2015-1860 (Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase m ...)
 	{DLA-210-1}
 	- qt4-x11 4:4.8.6+git155-g716fbae+dfsg-2 (bug #783133)
 	[jessie] - qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
@@ -21426,7 +21426,7 @@ CVE-2015-1860
 	- qtbase-opensource-src 5.3.2+dfsg-5 (bug #783134)
 	[jessie] - qtbase-opensource-src 5.3.2+dfsg-4+deb8u1
 	NOTE: http://lists.qt-project.org/pipermail/announce/2015-April/000067.html
-CVE-2015-1859
+CVE-2015-1859 (Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp  ...)
 	{DLA-210-1}
 	- qt4-x11 4:4.8.6+git155-g716fbae+dfsg-2 (bug #783133)
 	[jessie] - qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
@@ -21434,7 +21434,7 @@ CVE-2015-1859
 	- qtbase-opensource-src 5.3.2+dfsg-5 (bug #783134)
 	[jessie] - qtbase-opensource-src 5.3.2+dfsg-4+deb8u1
 	NOTE: http://lists.qt-project.org/pipermail/announce/2015-April/000067.html
-CVE-2015-1858
+CVE-2015-1858 (Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase m ...)
 	{DLA-210-1}
 	- qt4-x11 4:4.8.6+git155-g716fbae+dfsg-2 (bug #783133)
 	[jessie] - qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
@@ -21442,9 +21442,9 @@ CVE-2015-1858
 	- qtbase-opensource-src 5.3.2+dfsg-5 (bug #783134)
 	[jessie] - qtbase-opensource-src 5.3.2+dfsg-4+deb8u1
 	NOTE: http://lists.qt-project.org/pipermail/announce/2015-April/000067.html
-CVE-2015-1857
+CVE-2015-1857 (The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote atta ...)
 	NOT-FOR-US: OpenDaylight
-CVE-2015-1856
+CVE-2015-1856 (OpenStack Object Storage (Swift) before 2.3.0, when allow_version is c ...)
 	- swift 2.2.0-2 (bug #783163)
 	[jessie] - swift 2.2.0-1+deb8u1
 	[wheezy] - swift <no-dsa> (Minor issue)
@@ -21459,7 +21459,7 @@ CVE-2015-1855 [OpenSSL extension hostname matching implementation violates RFC 6
 	- ruby2.2 2.2.2-1
 	NOTE: https://bugs.ruby-lang.org/issues/9644
 	NOTE: https://github.com/ruby/openssl/commit/e9a7bcb8bf2902f907c148a00bbcf21d3fa79596
-CVE-2015-1854
+CVE-2015-1854 (389 Directory Server before 1.3.3.10 allows attackers to bypass intend ...)
 	{DLA-1428-1}
 	- 389-ds-base 1.3.3.10-1 (bug #783923)
 	NOTE: Patch applied to CentOS package: https://git.centos.org/raw/rpms!389-ds-base.git!/309aa9ee631432d72c845f70df2ce6475055423b/SOURCES!0062-CVE-2015-1854-389ds-base-access-control-bypass-with-.patch
@@ -21468,7 +21468,7 @@ CVE-2015-1853 [authentication doesn't protect symmetric associations against DoS
 	{DSA-3222-1 DLA-193-1}
 	- chrony 1.30-2 (bug #782160)
 	NOTE: Fix: http://git.tuxfamily.org/chrony/chrony.git/commit/?h=1.31-security&id=d856bd34c4862398411d29200520e3a3b1d4569e
-CVE-2015-1852
+CVE-2015-1852 (The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 a ...)
 	- python-keystonemiddleware 1.5.0-2
 	[jessie] - python-keystonemiddleware 1.0.0-3+deb8u1
 	- python-keystoneclient 1:1.3.0-2 (bug #783164)
@@ -21476,7 +21476,7 @@ CVE-2015-1852
 	[jessie] - python-keystoneclient 1:0.10.1-2+deb8u1
 	[wheezy] - python-keystoneclient <not-affected> (s3_token middleware not present)
 	NOTE: https://launchpad.net/bugs/1411063
-CVE-2015-1851
+CVE-2015-1851 (OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4  ...)
 	{DSA-3292-1}
 	- cinder 2015.1.0+2015.06.16.git26.9634b76ba5-1 (bug #788996)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/06/13/1
@@ -21489,66 +21489,66 @@ CVE-2015-1850 [Host file disclosure through qcow2 backing file]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1231816
 	NOTE: According to https://bugs.launchpad.net/cinder/+bug/1415087 not exploitable
 	NOTE: in nova, cinder covered by separate CVE ID CVE-2015-1851
-CVE-2015-1849
+CVE-2015-1849 (AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platfo ...)
 	NOT-FOR-US: JBoss EAP
-CVE-2015-1848
+CVE-2015-1848 (The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secu ...)
 	- pcs <not-affected> (Fixed before initial release to Debian)
 	NOTE: https://github.com/feist/pcs/commit/898204596a779673c88097bbdbe2d7ed6ed0cc8b (0.9.140)
-CVE-2015-1847
+CVE-2015-1847 (Directory traversal vulnerability in the web request/response interfac ...)
 	NOT-FOR-US: Appserver.io
-CVE-2015-1846
+CVE-2015-1846 (unzoo allows remote attackers to cause a denial of service (infinite l ...)
 	- unzoo <removed>
-CVE-2015-1845
+CVE-2015-1845 (Buffer overflow in the EntrReadArch function in unzoo might allow remo ...)
 	- unzoo <removed>
-CVE-2015-1844
+CVE-2015-1844 (Foreman before 1.7.5 allows remote authenticated users to bypass organ ...)
 	- foreman <itp> (bug #663101)
-CVE-2015-1843
+CVE-2015-1843 (The Red Hat docker package before 1.5.0-28, when using the --add-regis ...)
 	- docker.io <not-affected> (RHEL specific problem)
-CVE-2015-1842
+CVE-2015-1842 (The puppet manifests in the Red Hat openstack-puppet-modules package b ...)
 	NOT-FOR-US: openstack-puppet-modules
-CVE-2015-1841
+CVE-2015-1841 (The Web Admin interface in Red Hat Enterprise Virtualization Manager ( ...)
 	NOT-FOR-US: RHEV
-CVE-2015-1840
+CVE-2015-1840 (jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and ra ...)
 	- ruby-jquery-rails 4.0.4-1 (bug #790395)
 	[jessie] - ruby-jquery-rails <no-dsa> (Minor issue)
 	[wheezy] - ruby-jquery-rails <no-dsa> (Minor issue)
 	NOTE: https://hackerone.com/reports/49935
 	NOTE: https://groups.google.com/forum/#!msg/rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J
 	NOTE: https://nodesecurity.io/advisories/15
-CVE-2015-1839
+CVE-2015-1839 (modules/chef.py in SaltStack before 2014.7.4 does not properly handle  ...)
 	- salt <not-affected> (Vulnerable code only present in experimental version; introduced in 2014.7.0)
 	NOTE: https://github.com/saltstack/salt/commit/22d2f7a1ec93300c34e8c42d14ec39d51e610b5c
 	NOTE: https://github.com/saltstack/salt/commit/b49d0d4b5ca5c6f31f03e2caf97cef1088eeed81
-CVE-2015-1838
+CVE-2015-1838 (modules/serverdensity_device.py in SaltStack before 2014.7.4 does not  ...)
 	- salt <not-affected> (Vulnerable code only present in experimental version; introduced in 2014.7.0)
 	NOTE: https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c
 CVE-2015-1837
 	RESERVED
-CVE-2015-1836
+CVE-2015-1836 (Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before ...)
 	NOT-FOR-US: Apache HBase
-CVE-2015-1835
+CVE-2015-1835 (Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an appl ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2015-1834
+CVE-2015-1834 (A path traversal vulnerability was identified in the Cloud Foundry com ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2015-1833
+CVE-2015-1833 (XML external entity (XXE) vulnerability in Apache Jackrabbit before 2. ...)
 	{DSA-3298-1}
 	- jackrabbit 2.10.1-1 (bug #787316)
 	NOTE: https://issues.apache.org/jira/browse/JCR-3883
-CVE-2015-1832
+CVE-2015-1832 (XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apac ...)
 	- derby 10.13.1.1-1
 	[jessie] - derby <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/browse/DERBY-6807
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1691461
 	NOTE: Fixed in 10.12.1.1
-CVE-2015-1831
+CVE-2015-1831 (The default exclude patterns (excludeParams) in Apache Struts 2.3.20 a ...)
 	- libstruts1.2-java <not-affected> (Affects only 2.3.20)
 	NOTE: https://struts.apache.org/docs/s2-024.html
-CVE-2015-1830
+CVE-2015-1830 (Directory traversal vulnerability in the fileserver upload/download fu ...)
 	- activemq <not-affected> (Only affects activemq on Windows)
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt
-CVE-2015-1829
+CVE-2015-1829 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle Fusion Middleware
-CVE-2015-1828
+CVE-2015-1828 (The Ruby http gem before 0.7.3 does not verify hostnames in SSL connec ...)
 	- ruby-http 1.0.2-2
 	[jessie] - ruby-http <no-dsa> (Minor issue)
 	NOTE: http.rb failed to call the `#post_connection_check` method on SSL connections.
@@ -21556,7 +21556,7 @@ CVE-2015-1828
 	NOTE: vulnerable to MitM attacks. The problem was corrected by calling
 	NOTE: `#post_connection_check`.
 	NOTE: Fixed by: https://github.com/httprb/http/commit/24626bfcdeda1084502575c3fbb6091c9e2815e0
-CVE-2015-1827
+CVE-2015-1827 (The get_user_grouplist function in the extdom plug-in in FreeIPA befor ...)
 	- freeipa <not-affected> (Only affects 4.1, see bug #781224)
 	NOTE: https://fedorahosted.org/freeipa/ticket/4908
 CVE-2015-1826
@@ -21567,15 +21567,15 @@ CVE-2015-1824
 	RESERVED
 CVE-2015-1823
 	RESERVED
-CVE-2015-1822
+CVE-2015-1822 (chrony before 1.31.1 does not initialize the last "next" pointer when  ...)
 	{DSA-3222-1 DLA-193-1}
 	- chrony 1.30-2 (bug #782160)
 	NOTE: Fix: http://git.tuxfamily.org/chrony/chrony.git/commit/?h=1.31-security&id=79eacdb7e694c7e6681b68006425df3faca51aec
-CVE-2015-1821
+CVE-2015-1821 (Heap-based buffer overflow in chrony before 1.31.1 allows remote authe ...)
 	{DSA-3222-1 DLA-193-1}
 	- chrony 1.30-2 (bug #782160)
 	NOTE: Fix: http://git.tuxfamily.org/chrony/chrony.git/commit/?h=1.31-security&id=cf19042ecb656b8afec0cc4906e7dd3ea9266ac8
-CVE-2015-1820
+CVE-2015-1820 (REST client for Ruby (aka rest-client) before 1.8.0 allows remote atta ...)
 	- ruby-rest-client 1.6.7-6 (bug #781238)
 	[wheezy] - ruby-rest-client <no-dsa> (The correction introduces a dependency on a package not available in wheezy)
 	- librestclient-ruby <removed>
@@ -21583,145 +21583,145 @@ CVE-2015-1820
 	[squeeze] - librestclient-ruby <not-affected> (Vulnerability introduced in 1.6.1, squeeze has 1.6.0)
 	NOTE: https://github.com/rest-client/rest-client/issues/369
 	NOTE: Patch: https://github.com/rest-client/rest-client/pull/365.patch (will need new dependency to ruby-http-cookie)
-CVE-2015-1819
+CVE-2015-1819 (The xmlreader in libxml allows remote attackers to cause a denial of s ...)
 	{DSA-3430-1 DLA-266-1}
 	- libxml2 2.9.2+really2.9.1+dfsg1-0.1 (low; bug #782782)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9
 	NOTE: Concerns by Florian Weimer: https://bugzilla.gnome.org/show_bug.cgi?id=748278
-CVE-2015-1818
+CVE-2015-1818 (XML external entity (XXE) vulnerability in the dashbuilder import faci ...)
 	NOT-FOR-US: JBoss dashbuilder
-CVE-2015-1817
+CVE-2015-1817 (Stack-based buffer overflow in the inet_pton function in network/inet_ ...)
 	- musl 1.1.5-2 (bug #781497)
-CVE-2015-1816
+CVE-2015-1816 (Forman before 1.7.4 does not verify SSL certificates for LDAP connecti ...)
 	- foreman <itp> (bug #663101)
-CVE-2015-1815
+CVE-2015-1815 (The get_rpm_nvr_by_file_path_temporary function in util.py in setroubl ...)
 	NOT-FOR-US: setroubleshoot
-CVE-2015-1814
+CVE-2015-1814 (The API token-issuing service in Jenkins before 1.606 and LTS before 1 ...)
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
-CVE-2015-1813
+CVE-2015-1813 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and L ...)
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
-CVE-2015-1812
+CVE-2015-1812 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and L ...)
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
 CVE-2015-1811 [External entity processing in XML can reveal sensitive local files (SECURITY-167)]
 	RESERVED
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
-CVE-2015-1810
+CVE-2015-1810 (The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS b ...)
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
 CVE-2015-1809 [external entity injection via XPath (SECURITY-165)]
 	RESERVED
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
-CVE-2015-1808
+CVE-2015-1808 (Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticate ...)
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
-CVE-2015-1807
+CVE-2015-1807 (Directory traversal vulnerability in Jenkins before 1.600 and LTS befo ...)
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
-CVE-2015-1806
+CVE-2015-1806 (The combination filter Groovy script in Jenkins before 1.600 and LTS b ...)
 	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
-CVE-2015-1805
+CVE-2015-1805 (The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in t ...)
 	{DSA-3290-1 DLA-246-1}
 	- linux 3.16.2-2
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045 (v3.16-rc1)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1 (v3.15-rc1)
-CVE-2015-1804
+CVE-2015-1804 (The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont b ...)
 	{DSA-3194-1 DLA-183-1}
 	- libxfont 1:1.5.1-1
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-March/002550.html
-CVE-2015-1803
+CVE-2015-1803 (The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont b ...)
 	{DSA-3194-1 DLA-183-1}
 	- libxfont 1:1.5.1-1
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-March/002550.html
-CVE-2015-1802
+CVE-2015-1802 (The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont b ...)
 	{DSA-3194-1 DLA-183-1}
 	- libxfont 1:1.5.1-1
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-March/002550.html
-CVE-2015-1801
+CVE-2015-1801 (The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 k ...)
 	NOT-FOR-US: Samsung
-CVE-2015-1800
+CVE-2015-1800 (The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 k ...)
 	NOT-FOR-US: Samsung
-CVE-2015-1799
+CVE-2015-1799 (The symmetric-key feature in the receive function in ntp_proto.c in nt ...)
 	{DSA-3223-1 DLA-192-1}
 	- ntp 1:4.2.6.p5+dfsg-6 (bug #782095)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2781
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#Authentication_doesn_t_protect_s
-CVE-2015-1798
+CVE-2015-1798 (The symmetric-key feature in the receive function in ntp_proto.c in nt ...)
 	{DSA-3223-1 DLA-192-1}
 	- ntp 1:4.2.6.p5+dfsg-6 (bug #782095)
 	NOTE: http://bugs.ntp.org/show_bug.cgi?id=2779
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#ntpd_accepts_unauthenticated_pac
 CVE-2015-1797
 	REJECTED
-CVE-2015-1796
+CVE-2015-1796 (The PKIX trust engines in Shibboleth Identity Provider before 2.4.4 an ...)
 	- libopensaml2-java <removed> (bug #780383)
 	[jessie] - libopensaml2-java <no-dsa> (Minor issue)
 	NOTE: Only change between 2.6.4 and 2.6.5 seems http://svn.shibboleth.net/view/java-opensaml2/branches/REL_2/src/main/java/org/opensaml/saml2/metadata/provider/AbstractReloadingMetadataProvider.java?r1=1656&r2=1680
 	NOTE: http://shibboleth.net/community/advisories/secadv_20150225.txt
-CVE-2015-1795
+CVE-2015-1795 (Red Hat Gluster Storage RPM Package 3.2 allows local users to gain pri ...)
 	- glusterfs <not-affected> (Vulnerable code specific to glusterfs.spec and not present in source in Debian)
-CVE-2015-1794
+CVE-2015-1794 (The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 b ...)
 	- openssl 1.0.2e-1
 	[jessie] - openssl <not-affected> (Vulnerable code not present)
 	[wheezy] - openssl <not-affected> (Vulnerable code not present)
 	[squeeze] - openssl <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openssl.org/news/secadv/20151203.txt
-CVE-2015-1793
+CVE-2015-1793 (The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0 ...)
 	- openssl 1.0.2d-1
 	[jessie] - openssl <not-affected> (Vulnerable code not present)
 	[wheezy] - openssl <not-affected> (Vulnerable code not present)
 	[squeeze] - openssl <not-affected> (Vulnerable code not present)
 	NOTE: http://openssl.org/news/secadv/20150709.txt
-CVE-2015-1792
+CVE-2015-1792 (The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before  ...)
 	{DSA-3287-1 DLA-247-1}
 	- openssl 1.0.2b-1
 	NOTE: http://openssl.org/news/secadv/20150611.txt
-CVE-2015-1791
+CVE-2015-1791 (Race condition in the ssl3_get_new_session_ticket function in ssl/s3_c ...)
 	{DSA-3287-1 DLA-247-1}
 	- openssl 1.0.2b-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=dcad51bc13c9b716d9a66248bcc4038c071ff158
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=708cf593587e2fda67dae9782991ff9fccc781eb
-CVE-2015-1790
+CVE-2015-1790 (The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL bef ...)
 	{DSA-3287-1 DLA-247-1}
 	- openssl 1.0.2b-1
 	NOTE: http://openssl.org/news/secadv/20150611.txt
-CVE-2015-1789
+CVE-2015-1789 (The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before ...)
 	{DSA-3287-1 DLA-247-1}
 	- openssl 1.0.2b-1
 	NOTE: http://openssl.org/news/secadv/20150611.txt
-CVE-2015-1788
+CVE-2015-1788 (The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before  ...)
 	{DSA-3287-1}
 	- openssl 1.0.2b-1
 	[squeeze] - openssl <not-affected> (Vulnerable code got introduced post 1.0.0)
 	NOTE: http://openssl.org/news/secadv/20150611.txt
-CVE-2015-1787
+CVE-2015-1787 (The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0. ...)
 	- openssl <not-affected> (Vulnerable version never in unstable)
 	NOTE: did affect 1.0.2 (only in experimental) and 1.0.2a was uploaded to unstable
-CVE-2015-1786
+CVE-2015-1786 (Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf ...)
 	- zendframework <not-affected> (the vulnerability was introduced specifically in the 2.3 series)
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-03
 CVE-2015-1785
 	RESERVED
 CVE-2015-1784
 	RESERVED
-CVE-2015-1783
+CVE-2015-1783 (The prefix variable in the get_or_define_ns function in Lasso before c ...)
 	- lasso 2.4.1-1
 	[wheezy] - lasso <not-affected> (Vulnerable code introduced later)
 	[squeeze] - lasso <not-affected> (Vulnerable code introduced later)
 	NOTE: Upstream fix: https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=6d854cef4211cdcdbc7446c978f23ab859847cdd (v2.4.1)
 	NOTE: Introduced by: https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=154812b401e3845977b3a4892dbc5e5a0b9d03cf (v2.4.0)
-CVE-2015-1782
+CVE-2015-1782 (The kex_agree_methods function in libssh2 before 1.5.0 allows remote s ...)
 	{DSA-3182-1 DLA-171-1}
 	- libssh2 1.4.3-4.1 (bug #780249)
 	NOTE: http://www.libssh2.org/adv_20150311.html
-CVE-2015-1781
+CVE-2015-1781 (Buffer overflow in the gethostbyname_r and other unspecified NSS funct ...)
 	{DSA-3480-1 DLA-230-1}
 	[experimental] - glibc 2.21-0experimental1
 	- glibc 2.19-20 (bug #796105)
@@ -21732,7 +21732,7 @@ CVE-2015-1781
 CVE-2015-1780
 	RESERVED
 	NOT-FOR-US: oVirt Engine backend
-CVE-2015-1779
+CVE-2015-1779 (The VNC websocket frame decoder in QEMU allows remote attackers to cau ...)
 	{DSA-3259-1}
 	- qemu 1:2.3+dfsg-1 (bug #781250)
 	[wheezy] - qemu <not-affected> (Websocket protocol support introduced in v1.4.0-rc0)
@@ -21742,252 +21742,252 @@ CVE-2015-1779
 	NOTE: Original patches have problem: https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04995.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a2bebfd6e09d
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=2cdb5e142fb93
-CVE-2015-1778
+CVE-2015-1778 (The custom authentication realm used by karaf-tomcat's "opendaylight"  ...)
 	NOT-FOR-US: OpenDaylight
-CVE-2015-1777
+CVE-2015-1777 (rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Re ...)
 	- rhn-client-tools <unfixed> (unimportant; bug #779817)
 	NOTE: No security impact, this tool performs a registration at Red Hat Network,
 	NOTE: which would fail, but no practical security impact
-CVE-2015-1776
+CVE-2015-1776 (Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduc ...)
 	- hadoop <itp> (bug #793644)
-CVE-2015-1775
+CVE-2015-1775 (Server-side request forgery (SSRF) vulnerability in the proxy endpoint ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2015-1774
+CVE-2015-1774 (The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and  ...)
 	{DSA-3236-1}
 	- libreoffice 1:4.4.2-1
-CVE-2015-1773
+CVE-2015-1773 (Cross-site scripting (XSS) vulnerability in asdoc/templates/index.html ...)
 	- flex-sdk <itp> (bug #602499)
-CVE-2015-1772
+CVE-2015-1772 (The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and ...)
 	NOT-FOR-US: Apache Hive
-CVE-2015-1771
+CVE-2015-1771 (Cross-site request forgery (CSRF) vulnerability in the web application ...)
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2015-1770
+CVE-2015-1770 (Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to e ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-1769
+CVE-2015-1769 (Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1768
+CVE-2015-1768 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1767
+CVE-2015-1767 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1766
+CVE-2015-1766 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1765
+CVE-2015-1765 (Microsoft Internet Explorer 9 through 11 allows remote attackers to re ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1764
+CVE-2015-1764 (The web applications in Microsoft Exchange Server 2013 SP1 and Cumulat ...)
 	NOT-FOR-US: Microsoft Exchange Server
-CVE-2015-1763
+CVE-2015-1763 (Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 a ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2015-1762
+CVE-2015-1762 (Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 a ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2015-1761
+CVE-2015-1761 (Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 a ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2015-1760
+CVE-2015-1760 (Microsoft Office Compatibility Pack SP3, Office 2010 SP2, Office 2013  ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-1759
+CVE-2015-1759 (Microsoft Office Compatibility Pack SP3 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-1758
+CVE-2015-1758 (Untrusted search path vulnerability in the LoadLibrary function in the ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1757
+CVE-2015-1757 (Cross-site scripting (XSS) vulnerability in adfs/ls in Active Director ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1756
+CVE-2015-1756 (Use-after-free vulnerability in Microsoft Common Controls in Microsoft ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1755
+CVE-2015-1755 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1754
+CVE-2015-1754 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1753
+CVE-2015-1753 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1752
+CVE-2015-1752 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1751
+CVE-2015-1751 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1750
+CVE-2015-1750 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1749
 	REJECTED
-CVE-2015-1748
+CVE-2015-1748 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ga ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1747
+CVE-2015-1747 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1746
 	REJECTED
-CVE-2015-1745
+CVE-2015-1745 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1744
+CVE-2015-1744 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1743
+CVE-2015-1743 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ga ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1742
+CVE-2015-1742 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1741
+CVE-2015-1741 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1740
+CVE-2015-1740 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1739
+CVE-2015-1739 (Microsoft Internet Explorer 10 and 11 allows remote attackers to gain  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1738
+CVE-2015-1738 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1737
+CVE-2015-1737 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1736
+CVE-2015-1736 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1735
+CVE-2015-1735 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1734
 	REJECTED
-CVE-2015-1733
+CVE-2015-1733 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1732
+CVE-2015-1732 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1731
+CVE-2015-1731 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1730
+CVE-2015-1730 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1729
+CVE-2015-1729 (Microsoft Internet Explorer 9 through 11 allows remote attackers to re ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1728
+CVE-2015-1728 (Microsoft Windows Media Player 10 through 12 allows remote attackers t ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1727
+CVE-2015-1727 (Buffer overflow in the kernel-mode drivers in Microsoft Windows Server ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1726
+CVE-2015-1726 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1725
+CVE-2015-1725 (Buffer overflow in the kernel-mode drivers in Microsoft Windows Server ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1724
+CVE-2015-1724 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1723
+CVE-2015-1723 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1722
+CVE-2015-1722 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1721
+CVE-2015-1721 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1720
+CVE-2015-1720 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft W ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1719
+CVE-2015-1719 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1718
+CVE-2015-1718 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1717
+CVE-2015-1717 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1716
+CVE-2015-1716 (Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Wind ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1715
+CVE-2015-1715 (Microsoft Silverlight 5 before 5.1.40416.00 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1714
+CVE-2015-1714 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1713
+CVE-2015-1713 (Microsoft Internet Explorer 11 allows remote attackers to gain privile ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1712
+CVE-2015-1712 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1711
+CVE-2015-1711 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1710
+CVE-2015-1710 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1709
+CVE-2015-1709 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1708
+CVE-2015-1708 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1707
 	REJECTED
-CVE-2015-1706
+CVE-2015-1706 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1705
+CVE-2015-1705 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1704
+CVE-2015-1704 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ga ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1703
+CVE-2015-1703 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ga ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1702
+CVE-2015-1702 (The Service Control Manager (SCM) in Microsoft Windows Server 2003 SP2 ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1701
+CVE-2015-1701 (Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1700
+CVE-2015-1700 (Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1699
+CVE-2015-1699 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1698
+CVE-2015-1698 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1697
+CVE-2015-1697 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1696
+CVE-2015-1696 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1695
+CVE-2015-1695 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1694
+CVE-2015-1694 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1693
 	REJECTED
-CVE-2015-1692
+CVE-2015-1692 (Microsoft Internet Explorer 7 through 11 allows user-assisted remote a ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1691
+CVE-2015-1691 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1690
 	REJECTED
-CVE-2015-1689
+CVE-2015-1689 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1688
+CVE-2015-1688 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ga ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1687
+CVE-2015-1687 (Microsoft Internet Explorer 6 through 9 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1686
+CVE-2015-1686 (The Microsoft (1) VBScript 5.6 through 5.8 and (2) JScript 5.6 through ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1685
+CVE-2015-1685 (Microsoft Internet Explorer 11 allows remote attackers to bypass the A ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1684
+CVE-2015-1684 (VBScript.dll in the Microsoft VBScript 5.6 through 5.8 engine, as used ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1683
+CVE-2015-1683 (Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1682
+CVE-2015-1682 (Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1681
+CVE-2015-1681 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1680
+CVE-2015-1680 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows  ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1679
+CVE-2015-1679 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows  ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1678
+CVE-2015-1678 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows  ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1677
+CVE-2015-1677 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows  ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1676
+CVE-2015-1676 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows  ...)
 	NOT-FOR-US: Microsoft Windows Server
-CVE-2015-1675
+CVE-2015-1675 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1674
+CVE-2015-1674 (The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Go ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1673
+CVE-2015-1673 (The Windows Forms (aka WinForms) libraries in Microsoft .NET Framework ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1672
+CVE-2015-1672 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1671
+CVE-2015-1671 (The Windows DirectWrite library, as used in Microsoft .NET Framework 3 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1670
+CVE-2015-1670 (The Windows DirectWrite library, as used in Microsoft .NET Framework 3 ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-1669
 	REJECTED
-CVE-2015-1668
+CVE-2015-1668 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1667
+CVE-2015-1667 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1666
+CVE-2015-1666 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1665
+CVE-2015-1665 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1664
 	REJECTED
 CVE-2015-1663
 	REJECTED
-CVE-2015-1662
+CVE-2015-1662 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1661
+CVE-2015-1661 (Microsoft Internet Explorer 6 through 11 allows remote attackers to by ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1660
+CVE-2015-1660 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1659
+CVE-2015-1659 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1658
+CVE-2015-1658 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1657
+CVE-2015-1657 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-1656
 	REJECTED
@@ -21995,117 +21995,117 @@ CVE-2015-1655
 	REJECTED
 CVE-2015-1654
 	REJECTED
-CVE-2015-1653
+CVE-2015-1653 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Found ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1652
+CVE-2015-1652 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1651
+CVE-2015-1651 (Use-after-free vulnerability in Microsoft Word 2007 SP3, Word Viewer,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1650
+CVE-2015-1650 (Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1649
+CVE-2015-1649 (Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1648
+CVE-2015-1648 (ASP.NET in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1647
+CVE-2015-1647 (Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1646
+CVE-2015-1646 (Microsoft XML Core Services (aka MSXML) 3.0 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1645
+CVE-2015-1645 (Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1644
+CVE-2015-1644 (Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1643
+CVE-2015-1643 (Microsoft Windows Server 2003 R2, Windows Vista SP2, Windows Server 20 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1642
+CVE-2015-1642 (Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attack ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2015-1641
+CVE-2015-1641 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1640
+CVE-2015-1640 (Cross-site scripting (XSS) vulnerability in Microsoft Project Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1639
+CVE-2015-1639 (Cross-site scripting (XSS) vulnerability in Microsoft Office for Mac 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1638
+CVE-2015-1638 (Microsoft Active Directory Federation Services (AD FS) 3.0 on Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1637
+CVE-2015-1637 (Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1636
+CVE-2015-1636 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Found ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1635
+CVE-2015-1635 (HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-1634
+CVE-2015-1634 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1633
+CVE-2015-1633 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Found ...)
 	NOT-FOR-US: Microsoft SharePoint
-CVE-2015-1632
+CVE-2015-1632 (Cross-site scripting (XSS) vulnerability in errorfe.aspx in Outlook We ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1631
+CVE-2015-1631 (Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1630
+CVE-2015-1630 (Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in M ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1629
+CVE-2015-1629 (Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in M ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1628
+CVE-2015-1628 (Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in M ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-1627
+CVE-2015-1627 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ga ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1626
+CVE-2015-1626 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1625
+CVE-2015-1625 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1624
+CVE-2015-1624 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1623
+CVE-2015-1623 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1622
+CVE-2015-1622 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-1621
+CVE-2015-1621 (Cross-site scripting (XSS) vulnerability in the Webform prepopulate bl ...)
 	NOT-FOR-US: Webform module for Drupal
 CVE-2015-1620
 	RESERVED
-CVE-2015-1619
+CVE-2015-1619 (Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client ...)
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2015-1618
+CVE-2015-1618 (The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) befor ...)
 	NOT-FOR-US: McAfee Data Loss Prevention Endpoint
-CVE-2015-1617
+CVE-2015-1617 (Cross-site scripting (XSS) vulnerability in the ePO extension in McAfe ...)
 	NOT-FOR-US: McAfee Data Loss Prevention Endpoint
-CVE-2015-1616
+CVE-2015-1616 (SQL injection vulnerability in the ePO extension in McAfee Data Loss P ...)
 	NOT-FOR-US: McAfee Data Loss Prevention Endpoint
 CVE-2015-1615
 	RESERVED
-CVE-2015-1613
+CVE-2015-1613 (RhodeCode before 2.2.7 allows remote authenticated users to obtain API ...)
 	NOT-FOR-US: RhodeCode
-CVE-2015-1612
+CVE-2015-1612 (OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attac ...)
 	NOT-FOR-US: OpenDaylight
-CVE-2015-1611
+CVE-2015-1611 (OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attac ...)
 	NOT-FOR-US: OpenDaylight
-CVE-2015-1610
+CVE-2015-1610 (hosttracker in OpenDaylight l2switch allows remote attackers to change ...)
 	NOT-FOR-US: OpenDaylight
-CVE-2015-1609
+CVE-2015-1609 (MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers t ...)
 	- mongodb 1:2.4.10-5 (bug #780129)
 	[wheezy] - mongodb <not-affected> (BSONElement::validate() checks length, problematic code introduced later)
 	[squeeze] - mongodb <not-affected> (BSONElement::validate() checks length (db/jsobj.cpp +589))
 	NOTE: https://jira.mongodb.org/browse/SERVER-17264
 	NOTE: Fast bson validate introduced with https://github.com/mongodb/mongo/commit/6889d1658136c753998b4a408dc8d1a3ec28e3b9 (r2.3.2)
-CVE-2015-1608
+CVE-2015-1608 (Topline Opportunity Form (aka XLS Opp form) before 2015-02-15 does not ...)
 	NOT-FOR-US: Topline Opportunity Form
-CVE-2015-1605
+CVE-2015-1605 (Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset Manag ...)
 	NOT-FOR-US: Dell ScriptLogic Asset Manager
-CVE-2015-1602
+CVE-2015-1602 (Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 impro ...)
 	NOT-FOR-US: Siemens
-CVE-2015-1601
+CVE-2015-1601 (Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 allow ...)
 	NOT-FOR-US: Siemens
-CVE-2015-1599
+CVE-2015-1599 (The Siemens SPCanywhere application for iOS allows physically proximat ...)
 	NOT-FOR-US: Siemens SPCanywhere application for iOS
-CVE-2015-1598
+CVE-2015-1598 (The Siemens SPCanywhere application for Android does not properly stor ...)
 	NOT-FOR-US: Siemens SPCanywhere application for Android
-CVE-2015-1597
+CVE-2015-1597 (The Siemens SPCanywhere application for Android does not use encryptio ...)
 	NOT-FOR-US: Siemens SPCanywhere application for Android
-CVE-2015-1596
+CVE-2015-1596 (The Siemens SPCanywhere application for Android and iOS does not prope ...)
 	NOT-FOR-US: Siemens SPCanywhere application for Android
-CVE-2015-1595
+CVE-2015-1595 (The Siemens SPCanywhere application for Android and iOS does not use e ...)
 	NOT-FOR-US: Siemens SPCanywhere application for Android
-CVE-2015-1594
+CVE-2015-1594 (Untrusted search path vulnerability in Siemens SIMATIC ProSave before  ...)
 	NOT-FOR-US: Siemens
 CVE-2015-XXXX [incorrect memory management in Gtk2::Gdk::Display::list_devices]
 	- libgtk2-perl 2:1.2492-4
@@ -22139,17 +22139,17 @@ CVE-2015-2060 [directory traversal; related to overlong utf-8 encoding for /]
 	NOTE: code does neither of the following: 1) checking for slashes after decoding
 	NOTE: 2) checking for ordinary slashes before decoding and prohibiting overlong
 	NOTE: encodings
-CVE-2015-2297
+CVE-2015-2297 (nanohttp in libcsoap allows remote attackers to cause a denial of serv ...)
 	- libcsoap <removed> (bug #778599)
 	[squeeze] - libcsoap <no-dsa> (Minor issue)
 	[wheezy] - libcsoap <no-dsa> (Minor issue)
 	NOTE: CVE assigned only for the null pointer dereference, not all issues in
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/17/2
-CVE-2015-2091
+CVE-2015-2091 (The authentication hook (mgs_hook_authz) in mod-gnutls 0.5.10 and earl ...)
 	{DSA-3177-1 DLA-170-1}
 	- mod-gnutls 0.6-1.3 (bug #578663)
 	NOTE: https://github.com/airtower-luna/mod_gnutls/commit/5a8a32bbfb8a83fe6358c5c31c443325a7775fc2
-CVE-2015-1614
+CVE-2015-1614 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Imag ...)
 	NOT-FOR-US: WordPress plugin image-metadata-cruncher
 CVE-2015-1607 [memcpy with overlapping ranges, resulting from incorrect bitwise left shifts]
 	RESERVED
@@ -22173,66 +22173,66 @@ CVE-2015-1606 [use after free resulting from failure to skip invalid packets]
 	[squeeze] - gnupg <no-dsa> (Minor issue)
 	NOTE: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=f0f71a721ccd7ab9e40b8b6b028b59632c0cc648
-CVE-2015-1604
+CVE-2015-1604 (Unrestricted file upload vulnerability in asys/site/files.php in Admin ...)
 	NOT-FOR-US: Landsknecht Adminsystems
-CVE-2015-1603
+CVE-2015-1603 (Multiple cross-site scripting (XSS) vulnerabilities in Adminsystems CM ...)
 	NOT-FOR-US: Landsknecht Adminsystems
-CVE-2015-1600
+CVE-2015-1600 (Information disclosure vulnerability in Netatmo Indoor Module firmware ...)
 	NOT-FOR-US: Netatmo Weather Station
-CVE-2015-1588
+CVE-2015-1588 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Se ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2015-1587
+CVE-2015-1587 (Unrestricted file upload vulnerability in file_to_index.php in Maarch  ...)
 	NOT-FOR-US: Maarch LetterBox
 CVE-2015-1586
 	RESERVED
-CVE-2015-1585
+CVE-2015-1585 (Fat Free CRM before 0.13.6 allows remote attackers to conduct cross-si ...)
 	NOT-FOR-US: Fat Free CRM
 CVE-2015-1584
 	RESERVED
 CVE-2015-1583
 	RESERVED
 	NOT-FOR-US: ATutor
-CVE-2015-1582
+CVE-2015-1582 (Multiple cross-site scripting (XSS) vulnerabilities in the Spider Face ...)
 	NOT-FOR-US: Spider Facebook plugin for WordPress
-CVE-2015-1581
+CVE-2015-1581 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Mobi ...)
 	NOT-FOR-US: Mobile Domain plugin for WordPress
-CVE-2015-1580
+CVE-2015-1580 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Redi ...)
 	NOT-FOR-US: Redirection Page plugin for WordPress
-CVE-2015-1579
+CVE-2015-1579 (Directory traversal vulnerability in the Elegant Themes Divi theme for ...)
 	NOT-FOR-US: Elegant Themes Divi theme for WordPress
-CVE-2015-1578
+CVE-2015-1578 (Multiple open redirect vulnerabilities in u5CMS before 3.9.4 allow rem ...)
 	NOT-FOR-US: u5CMS
-CVE-2015-1577
+CVE-2015-1577 (Directory traversal vulnerability in u5admin/deletefile.php in u5CMS b ...)
 	NOT-FOR-US: u5CMS
-CVE-2015-1576
+CVE-2015-1576 (Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow rem ...)
 	NOT-FOR-US: u5CMS
-CVE-2015-1575
+CVE-2015-1575 (Multiple cross-site scripting (XSS) vulnerabilities in u5CMS before 3. ...)
 	NOT-FOR-US: u5CMS
-CVE-2015-1574
+CVE-2015-1574 (The Google Email application 4.2.2.0200 for Android allows remote atta ...)
 	NOT-FOR-US: Google Email application for Android
-CVE-2015-1593
+CVE-2015-1593 (The stack randomization feature in the Linux kernel before 3.19.1 on 6 ...)
 	{DSA-3170-1 DLA-155-1}
 	- linux 3.16.7-ckt7-1
 	- linux-2.6 <removed>
 	NOTE: http://hmarco.org/bugs/linux-ASLR-integer-overflow.html
 	NOTE: https://lkml.org/lkml/2015/2/14/61
-CVE-2015-1592
+CVE-2015-1592 (Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and  ...)
 	{DSA-3183-1}
 	- movabletype-opensource <removed>
 	[squeeze] - movabletype-opensource <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://movabletype.org/news/2015/02/movable_type_607_and_5212_released_to_close_security_vulnera.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/12/2
-CVE-2015-1572
+CVE-2015-1572 (Heap-based buffer overflow in closefs.c in the libext2fs library in e2 ...)
 	{DSA-3166-1 DLA-162-1}
 	- e2fsprogs 1.42.12-1.1 (bug #778948)
 	NOTE: https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73
-CVE-2015-1571
+CVE-2015-1571 (** DISPUTED ** The CAPWAP DTLS protocol implementation in Fortinet For ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2015-1570
+CVE-2015-1570 (The Endpoint Control protocol implementation in Fortinet FortiClient 5 ...)
 	NOT-FOR-US: Fortinet FortiClient
-CVE-2015-1569
+CVE-2015-1569 (Fortinet FortiClient 5.2.028 for iOS does not validate certificates, w ...)
 	NOT-FOR-US: Fortinet FortiClient
-CVE-2015-2305
+CVE-2015-2305 (Integer overflow in the regcomp implementation in the Henry Spencer BS ...)
 	{DSA-3195-1 DLA-444-1 DLA-233-1}
 	- php5 5.6.6+dfsg-1 (low; bug #778389)
 	- olsrd <not-affected> (only when building on Android, see bug #778390)
@@ -22282,7 +22282,7 @@ CVE-2015-XXXX [insecure storage of password in the NUT-monitor app]
 	- nut 2.7.2-2 (low; bug #777706)
 	[wheezy] - nut <no-dsa> (Minor issue)
 	[squeeze] - nut <no-dsa> (Minor issue)
-CVE-2015-1881
+CVE-2015-1881 (OpenStack Image Registry and Delivery Service (Glance) 2014.2 through  ...)
 	- glance <not-affected> (Only affects 2014.2.x releases, only present in experimental)
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: https://review.openstack.org/#/c/156553
@@ -22290,42 +22290,42 @@ CVE-2015-1877 [command injection vulnerability]
 	RESERVED
 	{DSA-3165-1 DLA-217-1}
 	- xdg-utils 1.1.0~rc1+git20111210-7.4 (bug #777722)
-CVE-2015-1568
+CVE-2015-1568 (Cross-site request forgery (CSRF) vulnerability in the GD Infinite Scr ...)
 	NOT-FOR-US: Drupal module GD Infinite Scroll
-CVE-2015-1567
+CVE-2015-1567 (Cross-site scripting (XSS) vulnerability in the admin page in the GD I ...)
 	NOT-FOR-US: Drupal module GD Infinite Scroll
-CVE-2015-1566
+CVE-2015-1566 (Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 7. ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2015-1565
+CVE-2015-1565 (Cross-site scripting (XSS) vulnerability in the online help in Hitachi ...)
 	NOT-FOR-US: Hitachi
-CVE-2015-1564
+CVE-2015-1564 (Cross-site scripting (XSS) vulnerability in style-underground/search i ...)
 	NOT-FOR-US: Plain Black WebGUI
-CVE-2015-1562
+CVE-2015-1562 (Multiple cross-site scripting (XSS) vulnerabilities in Saurus CMS 4.7. ...)
 	NOT-FOR-US: Saurus CMS
-CVE-2015-1561
+CVE-2015-1561 (The escape_command function in include/Administration/corePerformance/ ...)
 	NOT-FOR-US: Centreon
-CVE-2015-1560
+CVE-2015-1560 (SQL injection vulnerability in the isUserAdmin function in include/com ...)
 	NOT-FOR-US: Centreon
-CVE-2015-1559
+CVE-2015-1559 (Multiple cross-site request forgery (CSRF) vulnerabilities in administ ...)
 	NOT-FOR-US: Epignosis eFront
 CVE-2015-1557
 	RESERVED
 CVE-2015-1556
 	RESERVED
-CVE-2015-1555
+CVE-2015-1555 (Zend/Session/SessionManager in Zend Framework 2.2.x before 2.2.9, 2.3. ...)
 	- zendframework <not-affected> (Vulnerable code not present)
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-01
 CVE-2015-1553
 	RESERVED
 CVE-2015-1552
 	RESERVED
-CVE-2015-1551
+CVE-2015-1551 (Directory traversal vulnerability in Aruba Networks ClearPass Policy M ...)
 	NOT-FOR-US: Aruba Networks CPPM
-CVE-2015-1550
+CVE-2015-1550 (Directory traversal vulnerability in Aruba Networks ClearPass Policy M ...)
 	NOT-FOR-US: Aruba Networks CPPM
 CVE-2015-1549
 	RESERVED
-CVE-2015-1548
+CVE-2015-1548 (mini_httpd 1.21 and earlier allows remote attackers to obtain sensitiv ...)
 	- mini-httpd 1.21-1 (bug #778925)
 	[squeeze] - mini-httpd <no-dsa> (Minor issue)
 	[wheezy] - mini-httpd <no-dsa> (Minor issue)
@@ -22335,17 +22335,17 @@ CVE-2015-1543
 	RESERVED
 CVE-2015-1542
 	RESERVED
-CVE-2015-1541
+CVE-2015-1541 (The AppWidgetServiceImpl implementation in com/android/server/appwidge ...)
 	NOT-FOR-US: Android
 CVE-2015-1540
 	RESERVED
-CVE-2015-1539
+CVE-2015-1539 (Multiple integer underflows in the ESDS::parseESDescriptor function in ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-1538
+CVE-2015-1538 (Integer overflow in the SampleTable::setSampleToChunkParams function i ...)
 	NOT-FOR-US: libstagefright in Android
-CVE-2015-1537
+CVE-2015-1537 (Integer overflow in IHDCP.cpp in the media_server component in Android ...)
 	NOT-FOR-US: Android
-CVE-2015-1536
+CVE-2015-1536 (Integer overflow in the Bitmap_createFromParcel function in core/jni/a ...)
 	NOT-FOR-US: Android
 CVE-2015-1535
 	RESERVED
@@ -22359,13 +22359,13 @@ CVE-2015-1531
 	RESERVED
 CVE-2015-1530
 	RESERVED
-CVE-2015-1529
+CVE-2015-1529 (Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android ...)
 	NOT-FOR-US: Android
-CVE-2015-1528
+CVE-2015-1528 (Integer overflow in the native_handle_create function in libcutils/nat ...)
 	NOT-FOR-US: Android
-CVE-2015-1527
+CVE-2015-1527 (Integer overflow in IAudioPolicyService.cpp in Android allows local us ...)
 	NOT-FOR-US: Android
-CVE-2015-1526
+CVE-2015-1526 (The media_server component in Android allows remote attackers to cause ...)
 	NOT-FOR-US: Android
 CVE-2015-1525
 	RESERVED
@@ -22373,29 +22373,29 @@ CVE-2015-1524
 	RESERVED
 CVE-2015-1523
 	RESERVED
-CVE-2015-1522
+CVE-2015-1522 (analyzer/protocol/dnp3/DNP3.cc in Bro before 2.3.2 does not reject cer ...)
 	- bro 2.3.2+dfsg-1
-CVE-2015-1521
+CVE-2015-1521 (analyzer/protocol/dnp3/DNP3.cc in Bro before 2.3.2 does not properly h ...)
 	- bro 2.3.2+dfsg-1
 CVE-2015-1520
 	RESERVED
 CVE-2015-1519
 	RESERVED
-CVE-2015-1518
+CVE-2015-1518 (SQL injection vulnerability in the search_post function in includes/se ...)
 	NOT-FOR-US: Redaxscript
-CVE-2015-1517
+CVE-2015-1517 (SQL injection vulnerability in Piwigo before 2.7.4, when all filters a ...)
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2015-1516
+CVE-2015-1516 (Cross-site scripting (XSS) vulnerability in Polycom RealPresence Cloud ...)
 	NOT-FOR-US: Polycom
-CVE-2015-1515
+CVE-2015-1515 (The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24  ...)
 	NOT-FOR-US: SoftSphere
-CVE-2015-1514
+CVE-2015-1514 (Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 ...)
 	NOT-FOR-US: FancyFon FAMOC
-CVE-2015-1513
+CVE-2015-1513 (SQL injection vulnerability in SIPhone Enterprise PBX allows remote at ...)
 	NOT-FOR-US: SIPhone Enterprise PBX
-CVE-2015-1512
+CVE-2015-1512 (Multiple cross-site scripting (XSS) vulnerabilities in FancyFon FAMOC  ...)
 	NOT-FOR-US: FancyFon FAMOC
 CVE-2015-1511
 	RESERVED
@@ -22413,52 +22413,52 @@ CVE-2015-1505
 	RESERVED
 CVE-2015-1504
 	RESERVED
-CVE-2015-1503
+CVE-2015-1503 (Multiple directory traversal vulnerabilities in IceWarp Mail Server be ...)
 	NOT-FOR-US: Icewarp mail server
 CVE-2015-1502
 	RESERVED
-CVE-2015-1501
+CVE-2015-1501 (The factory.loadExtensionFactory function in TSUnicodeGraphEditorContr ...)
 	NOT-FOR-US: SolarWinds
-CVE-2015-1500
+CVE-2015-1500 (Multiple stack-based buffer overflows in the TSUnicodeGraphEditorContr ...)
 	NOT-FOR-US: SolarWinds
-CVE-2015-1499
+CVE-2015-1499 (The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 allo ...)
 	NOT-FOR-US: Samsung Security Manager
-CVE-2015-1498
+CVE-2015-1498 (Persistent Systems Radia Client Automation does not properly restrict  ...)
 	NOT-FOR-US: Persistent Systems Radia Client Automation
-CVE-2015-1497
+CVE-2015-1497 (radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9,  ...)
 	NOT-FOR-US: Persistent Systems Radia Client Automation
-CVE-2015-1496
+CVE-2015-1496 (Motorola Scanner SDK uses weak permissions for (1) CoreScanner.exe, (2 ...)
 	NOT-FOR-US: Motorola Scanner SDK
-CVE-2015-1495
+CVE-2015-1495 (Multiple stack-based buffer overflows in Motorola Scanner SDK allow re ...)
 	NOT-FOR-US: Motorola Scanner SDK
-CVE-2015-1494
+CVE-2015-1494 (The FancyBox for WordPress plugin before 3.0.3 for WordPress does not  ...)
 	NOT-FOR-US: FancyBox plugin for WordPress
-CVE-2015-1492
+CVE-2015-1492 (Untrusted search path vulnerability in the client in Symantec Endpoint ...)
 	NOT-FOR-US: Symantec
-CVE-2015-1491
+CVE-2015-1491 (SQL injection vulnerability in the management console in Symantec Endp ...)
 	NOT-FOR-US: Symantec
-CVE-2015-1490
+CVE-2015-1490 (Directory traversal vulnerability in the management console in Symante ...)
 	NOT-FOR-US: Symantec
-CVE-2015-1489
+CVE-2015-1489 (The management console in Symantec Endpoint Protection Manager (SEPM)  ...)
 	NOT-FOR-US: Symantec
-CVE-2015-1488
+CVE-2015-1488 (An unspecified action handler in the management console in Symantec En ...)
 	NOT-FOR-US: Symantec
-CVE-2015-1487
+CVE-2015-1487 (The management console in Symantec Endpoint Protection Manager (SEPM)  ...)
 	NOT-FOR-US: Symantec
-CVE-2015-1486
+CVE-2015-1486 (The management console in Symantec Endpoint Protection Manager (SEPM)  ...)
 	NOT-FOR-US: Symantec
-CVE-2015-1485
+CVE-2015-1485 (Cross-site request forgery (CSRF) vulnerability in the administration  ...)
 	NOT-FOR-US: Enforce Server in Symantec Data Loss Prevention
-CVE-2015-1484
+CVE-2015-1484 (Unquoted Windows search path vulnerability in the agent in Symantec Wo ...)
 	NOT-FOR-US: Symantec Workspace Streaming
-CVE-2015-1483
+CVE-2015-1483 (Symantec NetBackup OpsCenter 7.6.0.2 through 7.6.1 on Linux and UNIX a ...)
 	NOT-FOR-US: Symantec NetBackup OpsCenter
-CVE-2015-1573
+CVE-2015-1573 (The nft_flush_table function in net/netfilter/nf_tables_api.c in the L ...)
 	- linux <not-affected> (Vulnerable code introduced in v3.18-rc1, never in the archive outside of experimental)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/pablo/nf.git/commit/?id=a2f18db0c68fec96631c10cad9384c196e9008ac (v3.19-rc5)
 	NOTE: Introduced by http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9ac12ef099707f405d7478009564302d7ed8393 (v3.18-rc1)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=91441
-CVE-2015-2046
+CVE-2015-2046 (Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later  ...)
 	- mantis <removed>
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
@@ -22471,17 +22471,17 @@ CVE-2015-XXXX [fails to detect silent driver failure to change MAC]
 	- macchanger 1.7.0-5.3 (bug #774898)
 	[wheezy] - macchanger <no-dsa> (Minor issue)
 	[squeeze] - macchanger <no-dsa> (Minor issue)
-CVE-2015-9101
+CVE-2015-9101 (The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3. ...)
 	- lame 3.99.5+repack1-6 (bug #777161)
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	[squeeze] - lame <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/12/8
-CVE-2015-9100
+CVE-2015-9100 (The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3. ...)
 	- lame 3.99.5+repack1-6 (bug #777160)
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	[squeeze] - lame <no-dsa> (minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/12/8
-CVE-2015-9099
+CVE-2015-9099 (The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 ...)
 	- lame 3.99.5+repack1-6 (bug #775959)
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	[squeeze] - lame <no-dsa> (Minor issue)
@@ -22491,11 +22491,11 @@ CVE-2015-XXXX [denial of service under memory stress]
 	[squeeze] - libhtp <no-dsa> (Minor issue)
 	[wheezy] - libhtp <no-dsa> (Minor issue)
 	NOTE: https://github.com/inliniac/libhtp/commit/c7c03843cd6b1cbf44eb435d160ba53aec948828
-CVE-2015-2058
+CVE-2015-2058 (c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates dat ...)
 	- jabberd2 2.3.3-1 (bug #779154)
 	NOTE: https://github.com/jabberd2/jabberd2/issues/85
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/09/13
-CVE-2015-2059
+CVE-2015-2059 (The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in  ...)
 	{DSA-3578-1 DLA-476-1 DLA-277-1}
 	- libidn 1.31-1 (medium)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/23/25
@@ -22503,37 +22503,37 @@ CVE-2015-2059
 	NOTE: This could be attributed to a misuse of a (poorly documented) API
 	NOTE: but since upstream provided a patch it makes more sense to fix
 	NOTE: only libidn instead of every application using it
-CVE-2015-1545
+CVE-2015-1545 (The deref_parseCtrl function in servers/slapd/overlays/deref.c in Open ...)
 	{DSA-3209-1 DLA-203-1}
 	- openldap 2.4.40-4 (bug #776988)
 	[wheezy] - openldap <no-dsa> (Minor issue)
 	[squeeze] - openldap <no-dsa> (Minor issue)
 	NOTE: http://www.openldap.org/its/?findid=8027
 	NOTE: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=c32e74763f77675b9e144126e375977ed6dc562c
-CVE-2015-1546
+CVE-2015-1546 (Double free vulnerability in the get_vrFilter function in servers/slap ...)
 	- openldap 2.4.40-4 (bug #776991)
 	[wheezy] - openldap <not-affected> (Regression introduced in 2.4.40)
 	[squeeze] - openldap <not-affected> (Regression introduced in 2.4.40)
 	NOTE: http://www.openldap.org/its/?findid=8046
 	NOTE: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=2f1a2dd329b91afe561cd06b872d09630d4edb6a
-CVE-2015-2785
+CVE-2015-2785 (The GIF encoder in Byzanz allows remote attackers to cause a denial of ...)
 	- byzanz <unfixed> (unimportant; bug #778261)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=852481
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/11
 	NOTE: Only applies to debug recordings, negligable security impact
-CVE-2015-8837
+CVE-2015-8837 (Stack-based buffer overflow in the isofs_real_readdir function in isof ...)
 	{DSA-3551-1 DLA-323-1}
 	- fuseiso 20070708-3.2 (bug #779047)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=863091
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=862211
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/7
-CVE-2015-8836
+CVE-2015-8836 (Integer overflow in the isofs_real_read_zf function in isofs.c in Fuse ...)
 	{DSA-3551-1 DLA-323-1}
 	- fuseiso 20070708-3.2 (bug #779047)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=863102
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=861358
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/7
-CVE-2015-1547
+CVE-2015-1547 (The NeXTDecode function in tif_next.c in LibTIFF allows remote attacke ...)
 	{DSA-3273-1 DLA-610-1 DLA-221-1}
 	- tiff 4.0.3-12.1 (bug #777390)
 	- tiff3 <removed>
@@ -22542,114 +22542,114 @@ CVE-2015-1547
 	NOTE: is applied in 4.0.3-13 (but please recheck this)
 	NOTE: Raphael Hertzog> I could not find a way to reliably use the above reproducer. No segfault. And valgrind on "xloadimage" spits lots of warnings about use of uninitialized values with a good file and with the reproducer.
 	NOTE: Still this CVE has been added to DLA-221-1 because the patch used for CVE-2014-9655 seems to include the fix for this CVE.
-CVE-2015-1482
+CVE-2015-1482 (Ansible Tower (aka Ansible UI) before 2.0.5 allows remote attackers to ...)
 	NOT-FOR-US: Ansible Tower
-CVE-2015-1481
+CVE-2015-1481 (Ansible Tower (aka Ansible UI) before 2.0.5 allows remote organization ...)
 	NOT-FOR-US: Ansible Tower
-CVE-2015-1480
+CVE-2015-1480 (ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows  ...)
 	NOT-FOR-US: ZOHO ManageEngine ServiceDesk Plus
-CVE-2015-1479
+CVE-2015-1479 (SQL injection vulnerability in reports/CreateReportTable.jsp in ZOHO M ...)
 	NOT-FOR-US: ZOHO ManageEngine ServiceDesk Plus
-CVE-2015-1478
+CVE-2015-1478 (Cross-site scripting (XSS) vulnerability in the CMSJunkie J-Classified ...)
 	NOT-FOR-US: Joomla! plugin CMSJunkie J-ClassifiedsManager
-CVE-2015-1477
+CVE-2015-1477 (SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager comp ...)
 	NOT-FOR-US: Joomla! plugin CMSJunkie J-ClassifiedsManager
-CVE-2015-1476
+CVE-2015-1476 (Multiple SQL injection vulnerabilities in xlinkerz ecommerceMajor allo ...)
 	NOT-FOR-US: xlinkerz ecommerceMajor
-CVE-2015-1475
+CVE-2015-1475 (Multiple cross-site scripting (XSS) vulnerabilities in my little forum ...)
 	NOT-FOR-US: My Little Forum
-CVE-2015-1474
+CVE-2015-1474 (Multiple integer overflows in the GraphicBuffer::unflatten function in ...)
 	NOT-FOR-US: Android
-CVE-2015-1471
+CVE-2015-1471 (SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0  ...)
 	NOT-FOR-US: Pragyan CMS
 CVE-2015-1470
 	RESERVED
-CVE-2015-1469
+CVE-2015-1469 (time.htm in the web interface on SerVision HVG Video Gateway devices w ...)
 	NOT-FOR-US: SerVision HVG Video Gateway
 CVE-2015-1468
 	RESERVED
-CVE-2015-1467
+CVE-2015-1467 (Multiple SQL injection vulnerabilities in Translations in Fork CMS bef ...)
 	NOT-FOR-US: Fork CMS
 CVE-2015-1466
 	RESERVED
-CVE-2015-1464
+CVE-2015-1464 (RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows  ...)
 	{DSA-3176-1 DLA-158-1}
 	- request-tracker4 4.2.8-3
 	- request-tracker3.8 <removed>
-CVE-2015-1463
+CVE-2015-1463 (ClamAV before 0.98.6 allows remote attackers to cause a denial of serv ...)
 	{DLA-233-1}
 	- clamav 0.98.6+dfsg-1
 	[wheezy] - clamav 0.98.6+dfsg-0+deb7u1
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/96ff19a19eba64bdf47f2f12ecdbc5ee331c09e2
-CVE-2015-1462
+CVE-2015-1462 (ClamAV before 0.98.6 allows remote attackers to have unspecified impac ...)
 	{DLA-233-1}
 	- clamav 0.98.6+dfsg-1
 	[wheezy] - clamav 0.98.6+dfsg-0+deb7u1
-CVE-2015-1461
+CVE-2015-1461 (ClamAV before 0.98.6 allows remote attackers to have unspecified impac ...)
 	{DLA-233-1}
 	- clamav 0.98.6+dfsg-1
 	[wheezy] - clamav 0.98.6+dfsg-0+deb7u1
-CVE-2015-1460
+CVE-2015-1460 (Huawei Quidway switches with firmware before V200R005C00SPC300 allows  ...)
 	NOT-FOR-US: Huawei Quidway switches
-CVE-2015-1459
+CVE-2015-1459 (Cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticato ...)
 	NOT-FOR-US: Fortinet FortiAuthenticator
-CVE-2015-1458
+CVE-2015-1458 (Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intende ...)
 	NOT-FOR-US: Fortinet FortiAuthenticator
-CVE-2015-1457
+CVE-2015-1457 (Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary ...)
 	NOT-FOR-US: Fortinet FortiAuthenticator
-CVE-2015-1456
+CVE-2015-1456 (Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and pa ...)
 	NOT-FOR-US: Fortinet FortiAuthenticator
-CVE-2015-1455
+CVE-2015-1455 (Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the  ...)
 	NOT-FOR-US: Fortinet FortiAuthenticator
-CVE-2015-1454
+CVE-2015-1454 (Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Uni ...)
 	NOT-FOR-US: Blue Coat ProxyClient and Unified Agent
-CVE-2015-1453
+CVE-2015-1453 (The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hard ...)
 	NOT-FOR-US: Fortinet FortiClient
-CVE-2015-1452
+CVE-2015-1452 (The Control and Provisioning of Wireless Access Points (CAPWAP) daemon ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2015-1451
+CVE-2015-1451 (Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiO ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2015-1450
+CVE-2015-1450 (SQL injection vulnerability in Restaurant Biller allows remote attacke ...)
 	NOT-FOR-US: Restaurant Biller
-CVE-2015-1449
+CVE-2015-1449 (Buffer overflow in the integrated web server on Siemens Ruggedcom WIN5 ...)
 	NOT-FOR-US: Siemens Ruggedcom
-CVE-2015-1448
+CVE-2015-1448 (The integrated management service on Siemens Ruggedcom WIN51xx devices ...)
 	NOT-FOR-US: Siemens Ruggedcom
 CVE-2015-1447
 	RESERVED
 CVE-2015-1446
 	RESERVED
-CVE-2015-1445
+CVE-2015-1445 (HTTP header injection in the httpd package in fli4l before 3.10.1 and  ...)
 	NOT-FOR-US: fli4l
-CVE-2015-1444
+CVE-2015-1444 (Multiple cross-site scripting (XSS) vulnerabilities in the web adminis ...)
 	NOT-FOR-US: fli4l
-CVE-2015-1443
+CVE-2015-1443 (The httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30 all ...)
 	NOT-FOR-US: fli4l
-CVE-2015-1442
+CVE-2015-1442 (SQL injection vulnerability in views/zero_transact_user.php in the adm ...)
 	NOT-FOR-US: ZeroCMS
 CVE-2015-1440
 	RESERVED
 CVE-2015-1439
 	RESERVED
-CVE-2015-1438
+CVE-2015-1438 (Heap-based buffer overflow in Panda Security Kernel Memory Access Driv ...)
 	NOT-FOR-US: Panda
-CVE-2015-1437
+CVE-2015-1437 (Multiple cross-site scripting (XSS) vulnerabilities in Asus RT-N10+ D1 ...)
 	NOT-FOR-US: Asus RT-N10+ D1 router
-CVE-2015-1436
+CVE-2015-1436 (Cross-site scripting (XSS) vulnerability in the Easing Slider plugin b ...)
 	NOT-FOR-US: Easing Slider plugin for WordPress
-CVE-2015-1435
+CVE-2015-1435 (Cross-site scripting (XSS) vulnerability in my little forum before 2.3 ...)
 	NOT-FOR-US: Little forum
-CVE-2015-1434
+CVE-2015-1434 (Multiple SQL injection vulnerabilities in my little forum before 2.3.4 ...)
 	NOT-FOR-US: Little forum
-CVE-2015-1429
+CVE-2015-1429 (Directory traversal vulnerability in Cybele Software Thinfinity Remote ...)
 	NOT-FOR-US: Cybele Software Thinfinity Remote Desktop Workstation
-CVE-2015-1428
+CVE-2015-1428 (Multiple SQL injection vulnerabilities in Sefrengo before 1.6.2 allow  ...)
 	NOT-FOR-US: Sefrengo
-CVE-2015-1427
+CVE-2015-1427 (The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x be ...)
 	- elasticsearch <not-affected> (Affects 1.3.0-1.3.7 and 1.4.0-1.4.2, vulnerable code not present)
 	NOTE: http://seclists.org/bugtraq/2015/Feb/92
 	NOTE: Problem in the Groovy scripting engine.
-CVE-2015-1426
+CVE-2015-1426 (Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains s ...)
 	- facter 2.4.4-1 (bug #778265)
 	[jessie] - facter <no-dsa> (Minor issue)
 	[squeeze] - facter <not-affected> (Uses version 2008-02-01 of the EC2 API which does not expose security credentials)
@@ -22657,7 +22657,7 @@ CVE-2015-1426
 	NOTE: http://puppetlabs.com/security/cve/cve-2015-1426
 	NOTE: https://tickets.puppetlabs.com/browse/FACT-800
 	NOTE: The assessment for Squeeze being unaffected is based on the fact that the code accesses http://169.254.169.254/2008-02-01/meta-data/ and that http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html mentions the iam/security-credentials/role key as being introduced in version 2012-01-12.
-CVE-2015-1493
+CVE-2015-1493 (Directory traversal vulnerability in the min_get_slash_argument functi ...)
 	- moodle 2.7.5+dfsg-1
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git;a=commit;h=af9a7937cc085f96bdbc4724cadec6eeae0242fc
@@ -22675,13 +22675,13 @@ CVE-2015-XXXX [Invalid read in create_output_name]
 	[squeeze] - cabextract <no-dsa> (Minor issue)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/03/12
 	NOTE: Starting with 1.4-5 cabextract uses the mspack system library
-CVE-2015-1465
+CVE-2015-1465 (The IPv4 implementation in the Linux kernel before 3.18.8 does not pro ...)
 	- linux 3.16.7-ckt7-1
 	[wheezy] - linux <not-affected> (Introduced in 3.16)
 	- linux-2.6 <not-affected> (Introduced in 3.16)
 	NOTE: Upstream patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df4d92549f23e1c037e83323aff58a21b3de7fe0 (v3.19-rc7)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/02/2
-CVE-2015-1473
+CVE-2015-1473 (The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka gli ...)
 	{DSA-3169-1 DLA-165-1}
 	- glibc 2.19-15 (bug #777197)
 	- eglibc <removed>
@@ -22690,7 +22690,7 @@ CVE-2015-1473
 	NOTE: Fix: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
 	NOTE: This was introduced by https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=3f8cc204fdd0 (2.15),
 	NOTE: the patch was backported into wheezy (patches/any/cvs-vfscanf.diff), but not squeeze
-CVE-2015-1472
+CVE-2015-1472 (The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka gli ...)
 	{DSA-3169-1 DLA-165-1}
 	- glibc 2.19-15 (bug #777197)
 	- eglibc <removed>
@@ -22704,27 +22704,27 @@ CVE-2015-XXXX [Infinite loop in patch]
 	[squeeze] - patch <no-dsa> (Minor issue)
 	[wheezy] - patch <no-dsa> (Minor issue)
 	NOTE: Different from CVE-2014-9637
-CVE-2015-1441
+CVE-2015-1441 (SQL injection vulnerability in Piwigo before 2.5.6, 2.6.x before 2.6.5 ...)
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
 	NOTE: http://piwigo.org/releases/2.7.3
-CVE-2015-1433
+CVE-2015-1433 (program/lib/Roundcube/rcube_washtml.php in Roundcube before 1.0.5 does ...)
 	{DLA-613-1}
 	- roundcube 0.9.5+dfsg1-4.2 (low; bug #776700)
 	[wheezy] - roundcube <no-dsa> (Minor issue)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
-CVE-2015-1432
+CVE-2015-1432 (The message_options function in includes/ucp/ucp_pm_options.php in php ...)
 	- phpbb3 3.0.12-4 (low; bug #776699)
 	[wheezy] - phpbb3 3.0.10-4+deb7u2
 	[squeeze] - phpbb3 <no-dsa> (Minor issue)
 	NOTE: https://tracker.phpbb.com/browse/PHPBB3-13526
-CVE-2015-1431
+CVE-2015-1431 (Cross-site scripting (XSS) vulnerability in includes/startup.php in ph ...)
 	- phpbb3 3.0.12-4 (low; bug #776699)
 	[wheezy] - phpbb3 3.0.10-4+deb7u2
 	[squeeze] - phpbb3 <no-dsa> (Minor issue)
 	NOTE: https://tracker.phpbb.com/browse/PHPBB3-13531
-CVE-2015-1430
+CVE-2015-1430 (Buffer overflow in xymon 4.3.17-1. ...)
 	- xymon 4.3.17-5 (low; bug #776007)
 	[squeeze] - xymon <not-affected> (Vulnerable code not present)
 	[wheezy] - xymon <not-affected> (Vulnerable code not present)
@@ -22732,38 +22732,38 @@ CVE-2015-1430
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/30/17
 CVE-2015-1425
 	RESERVED
-CVE-2015-1424
+CVE-2015-1424 (Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and 2 ...)
 	NOT-FOR-US: Gecko CMS
-CVE-2015-1423
+CVE-2015-1423 (Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow  ...)
 	NOT-FOR-US: Gecko CMS
-CVE-2015-1422
+CVE-2015-1422 (Multiple cross-site scripting (XSS) vulnerabilities in Gecko CMS 2.2 a ...)
 	NOT-FOR-US: Gecko CMS
 CVE-2015-XXXX [symlink directory traversal]
 	- unrar-nonfree 1:5.2.7-0.1 (bug #774171)
 	[wheezy] - unrar-nonfree 1:4.1.4-1+deb7u1
 	[squeeze] - unrar-nonfree <no-dsa> (Non-free not supported)
-CVE-2015-1589
+CVE-2015-1589 (Directory traversal vulnerability in arCHMage 0.2.4 allows remote atta ...)
 	- archmage 1:0.2.4-4 (bug #776164)
 	[squeeze] - archmage <no-dsa> (Minor issue)
 	[wheezy] - archmage <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/12/9
-CVE-2015-1419
+CVE-2015-1419 (Unspecified vulnerability in vsftpd 3.0.2 and earlier allows remote at ...)
 	- vsftpd 3.0.2-18 (unimportant; bug #776922)
 	[jessie] - vsftpd 3.0.2-17+deb8u1
 	NOTE: http://seclists.org/oss-sec/2015/q1/389
 	NOTE: Not a real security feature according the manpage and upstream
-CVE-2015-1418
+CVE-2015-1418 (The do_ed_script function in pch.c in GNU patch through 2.7.6, and pat ...)
 	NOT-FOR-US: patch as used in FreeBSD specifically
-CVE-2015-1417
+CVE-2015-1417 (The inet module in FreeBSD 10.2x before 10.2-PRERELEASE, 10.2-BETA2-p2 ...)
 	- kfreebsd-10 10.2-1 (unimportant)
 	NOTE: kfreebsd not covered by security support in Jessie
-CVE-2015-1416
+CVE-2015-1416 (Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 ...)
 	- patch 2.5-1
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/02/6
 	NOTE: CVE assignment applies as well to GNU patch before 2.3 and 2.2.5
-CVE-2015-1415
+CVE-2015-1415 (The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configur ...)
 	NOT-FOR-US: FreeBSD installer
-CVE-2015-1414
+CVE-2015-1414 (Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 b ...)
 	{DSA-3175-2 DSA-3175-1}
 	[experimental] - kfreebsd-11 11.0~svn284956-1
 	- kfreebsd-10 10.1~svn274115-4 (bug #779195)
@@ -22788,192 +22788,192 @@ CVE-2015-1407
 	RESERVED
 CVE-2015-1406
 	RESERVED
-CVE-2015-1400
+CVE-2015-1400 (SQL injection vulnerability in search.php in NPDS Revolution 13 allows ...)
 	NOT-FOR-US: NPDS Revolution
-CVE-2015-1399
+CVE-2015-1399 (PHP remote file inclusion vulnerability in the fetchView function in t ...)
 	NOT-FOR-US: Magento
-CVE-2015-1398
+CVE-2015-1398 (Multiple directory traversal vulnerabilities in Magento Community Edit ...)
 	NOT-FOR-US: Magento
-CVE-2015-1397
+CVE-2015-1397 (SQL injection vulnerability in the getCsvFile function in the Mage_Adm ...)
 	NOT-FOR-US: Magento
 CVE-2015-1394
 	RESERVED
 	NOT-FOR-US: WordPress plugin photo-gallery
-CVE-2015-1393
+CVE-2015-1393 (SQL injection vulnerability in the Photo Gallery plugin before 1.2.11  ...)
 	NOT-FOR-US: WordPress plugin photo-gallery
-CVE-2015-1392
+CVE-2015-1392 (Multiple SQL injection vulnerabilities in Aruba Networks ClearPass Pol ...)
 	NOT-FOR-US: Aruba Networks CPPM
 CVE-2015-1391
 	RESERVED
 CVE-2015-1390
 	RESERVED
-CVE-2015-1389
+CVE-2015-1389 (Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass P ...)
 	NOT-FOR-US: Aruba Networks CPPM
-CVE-2015-1388
+CVE-2015-1388 (The "RAP console" feature in ArubaOS 5.x through 6.2.x, 6.3.x before 6 ...)
 	NOT-FOR-US: ArubaOS
 CVE-2015-1387
 	RESERVED
-CVE-2015-1385
+CVE-2015-1385 (Cross-site scripting (XSS) vulnerability in the Blubrry PowerPress Pod ...)
 	NOT-FOR-US: WordPress plugin powerpress
-CVE-2015-1384
+CVE-2015-1384 (Cross-site scripting (XSS) vulnerability in the Banner Effect Header p ...)
 	NOT-FOR-US: Banner Effect Header plugin for WordPress
-CVE-2015-1383
+CVE-2015-1383 (Cross-site scripting (XSS) vulnerability in the geo search widget in t ...)
 	NOT-FOR-US: WordPress plugin geo-mashup
-CVE-2015-1376
+CVE-2015-1376 (pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPre ...)
 	NOT-FOR-US: WordPress plugin Pixabay Images
-CVE-2015-1375
+CVE-2015-1375 (pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPre ...)
 	NOT-FOR-US: WordPress plugin Pixabay Images
-CVE-2015-1374
+CVE-2015-1374 (Multiple cross-site request forgery (CSRF) vulnerabilities in admin.ph ...)
 	NOT-FOR-US: ferretCMS
-CVE-2015-1373
+CVE-2015-1373 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in fe ...)
 	NOT-FOR-US: ferretCMS
-CVE-2015-1372
+CVE-2015-1372 (SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote att ...)
 	NOT-FOR-US: ferretCMS
-CVE-2015-1371
+CVE-2015-1371 (Unrestricted file upload vulnerability in ferretCMS 1.0.4-alpha allows ...)
 	NOT-FOR-US: ferretCMS
-CVE-2015-1368
+CVE-2015-1368 (Multiple cross-site scripting (XSS) vulnerabilities in Ansible Tower ( ...)
 	NOT-FOR-US: Ansible Tower
-CVE-2015-1367
+CVE-2015-1367 (SQL injection vulnerability in index.php in CatBot 0.4.2 allows remote ...)
 	NOT-FOR-US: CatBot
-CVE-2015-1366
+CVE-2015-1366 (Cross-site scripting (XSS) vulnerability in pixabay-images.php in the  ...)
 	NOT-FOR-US: Wordpress plugin Pixabay Images
-CVE-2015-1365
+CVE-2015-1365 (Directory traversal vulnerability in pixabay-images.php in the Pixabay ...)
 	NOT-FOR-US: Wordpress plugin Pixabay Images
-CVE-2015-1364
+CVE-2015-1364 (SQL injection vulnerability in the getProfile function in system/profi ...)
 	NOT-FOR-US: Free Reprintables ArticleFR
-CVE-2015-1363
+CVE-2015-1363 (Cross-site scripting (XSS) vulnerability in Free Reprintables ArticleF ...)
 	NOT-FOR-US: ArticleFR
-CVE-2015-1362
+CVE-2015-1362 (Buffer overflow in the Customize 35mm tab in Two Pilots Exif Pilot 4.7 ...)
 	NOT-FOR-US: Exif Pilot
-CVE-2015-1361
+CVE-2015-1361 (platform/image-decoders/ImageFrame.h in Blink, as used in Google Chrom ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1360
+CVE-2015-1360 (Skia, as used in Google Chrome before 40.0.2214.91, allows remote atta ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1359
+CVE-2015-1359 (Multiple off-by-one errors in fpdfapi/fpdf_font/font_int.h in PDFium,  ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1358
+CVE-2015-1358 (The remote-management module in the (1) Multi Panels, (2) Comfort Pane ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2015-1357
+CVE-2015-1357 (Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35,  ...)
 	NOT-FOR-US: Siemens Ruggedcom
-CVE-2015-1356
+CVE-2015-1356 (Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's  ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2015-1355
+CVE-2015-1355 (Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2015-1563
+CVE-2015-1563 (The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows l ...)
 	- xen 4.4.1-7 (low; bug #776319)
 	[wheezy] - xen <not-affected> (Only affects 4.4 and later on arm)
 	[squeeze] - xen <not-affected> (Only affects 4.4 and later on arm)
-CVE-2015-1558
+CVE-2015-1558 (Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when u ...)
 	- asterisk 1:13.1.0~dfsg-1.1 (bug #780601)
 	[jessie] - asterisk <not-affected> (Only affects 12.x and 13.x)
 	[wheezy] - asterisk <not-affected> (Only affects 12.x and 13.x)
 	[squeeze] - asterisk <not-affected> (Only affects 12.x and 13.x)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24666
 	NOTE: http://downloads.digium.com/pub/security/AST-2015-001.html
-CVE-2015-1421
+CVE-2015-1421 (Use-after-free vulnerability in the sctp_assoc_update function in net/ ...)
 	{DSA-3170-1 DLA-155-1}
 	- linux 3.16.7-ckt4-3
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=600ddd6825543962fb807884169e57b580dba208
-CVE-2015-1420
+CVE-2015-1420 (Race condition in the handle_to_path function in fs/fhandle.c in the L ...)
 	{DSA-3170-1}
 	- linux 3.16.7-ckt7-1
 	- linux-2.6 <not-affected> (Introduced in 2.6.39)
 	NOTE: http://marc.info/?l=linux-kernel&m=142247707318982&w=2
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=161f873b89136eb1e69477c847d5a5033239d9ba (v4.1-rc7)
-CVE-2015-1405
+CVE-2015-1405 (SQL injection vulnerability in the Content Rating Extbase extension 2. ...)
 	NOT-FOR-US: typo3 extension
-CVE-2015-1404
+CVE-2015-1404 (Cross-site scripting (XSS) vulnerability in the Content Rating Extbase ...)
 	NOT-FOR-US: typo3 extension
-CVE-2015-1403
+CVE-2015-1403 (SQL injection vulnerability in the Content Rating extension 1.0.3 and  ...)
 	NOT-FOR-US: typo3 extension
-CVE-2015-1402
+CVE-2015-1402 (Cross-site scripting (XSS) vulnerability in the Content Rating extensi ...)
 	NOT-FOR-US: typo3 extension
-CVE-2015-1401
+CVE-2015-1401 (Improper Authentication vulnerability in the "LDAP / SSO Authenticatio ...)
 	NOT-FOR-US: typo3 extension
-CVE-2015-1554
+CVE-2015-1554 (kgb-bot 1.33-2 allows remote attackers to cause a denial of service (c ...)
 	- kgb-bot <undetermined> (low; bug #776424)
-CVE-2015-1369
+CVE-2015-1369 (SQL injection vulnerability in Sequelize before 2.0.0-rc7 for Node.js  ...)
 	NOT-FOR-US: sequelize
 CVE-2015-1354
 	RESERVED
-CVE-2015-1349
+CVE-2015-1349 (named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x befor ...)
 	{DSA-3162-1 DLA-163-1}
 	- bind9 1:9.9.5.dfsg-9 (low; bug #778733)
-CVE-2015-1348
+CVE-2015-1348 (Heap-based buffer overflow in Aruba Instant (IAP) with firmware before ...)
 	NOT-FOR-US: Aruba Instant
-CVE-2015-1347
+CVE-2015-1347 (Cross-site scripting (XSS) vulnerability in client.inc.php in osTicket ...)
 	NOT-FOR-US: osTicket
-CVE-2015-1344
+CVE-2015-1344 (The do_write_pids function in lxcfs.c in LXCFS before 0.12 does not pr ...)
 	- lxcfs <not-affected> (Fixed before initial upload to the archive)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1512854
 CVE-2015-1343
 	RESERVED
-CVE-2015-1342
+CVE-2015-1342 (LXCFS before 0.12 does not properly enforce directory escapes, which m ...)
 	- lxcfs <not-affected> (Fixed before initial upload to the archive)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1508481
 CVE-2015-1341
 	RESERVED
 CVE-2015-1340
 	RESERVED
-CVE-2015-1339
+CVE-2015-1339 (Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in  ...)
 	- linux 4.4.2-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in v4.2-rc1)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in v4.2-rc1)
 	NOTE: Introduced in: https://git.kernel.org/linus/cc080e9e9be16ccf26135d366d7d2b65209f1d56 (v4.2-rc1)
 	NOTE: Fixed in: https://git.kernel.org/linus/2c5816b4beccc8ba709144539f6fdd764f8fa49c (v4.4-rc5)
-CVE-2015-1338
+CVE-2015-1338 (kernel_crashdump in Apport before 2.19 allows local users to cause a d ...)
 	[experimental] - apport <unfixed>
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, as we have an explicit (bug) reference for apport
-CVE-2015-1337
+CVE-2015-1337 (Simple Streams (simplestreams) does not properly verify the GPG signat ...)
 	NOT-FOR-US: simplestreams
-CVE-2015-1336
+CVE-2015-1336 (The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in  ...)
 	- man-db 2.7.6-1 (bug #840357)
 	[jessie] - man-db <no-dsa> (Minor issue)
 	[wheezy] - man-db <no-dsa> (Minor issue)
 	[squeeze] - man-db <no-dsa> (Not exploitable in practice)
 	NOTE: http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/man-db/+bug/1482786
-CVE-2015-1335
+CVE-2015-1335 (lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local cont ...)
 	{DSA-3400-1 DLA-442-1}
 	- lxc 1:1.0.8-1 (bug #800471)
 	[wheezy] - lxc <no-dsa> (Minor issue)
 	NOTE: https://launchpad.net/bugs/1476662
 	NOTE: https://github.com/lxc/lxc/commit/592fd47a6245508b79fe6ac819fe6d3b2c1289be
 	NOTE: https://lists.linuxcontainers.org/pipermail/lxc-devel/2015-September/012434.html
-CVE-2015-1334
+CVE-2015-1334 (attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a contai ...)
 	{DSA-3317-1}
 	- lxc 1:1.0.7-4 (bug #793298)
 	[wheezy] - lxc <not-affected> (Affects 0.9.0 and higher)
 	[squeeze] - lxc <not-affected> (Affects 0.9.0 and higher)
-CVE-2015-1333
+CVE-2015-1333 (Memory leak in the __key_link_end function in security/keys/keyring.c  ...)
 	- linux 4.1.3-1
 	[jessie] - linux 3.16.7-ckt11-1+deb8u3
 	[wheezy] - linux <not-affected> (Introduced in 3.13)
 	- linux-2.6 <not-affected> (Introduced in 3.13)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=034faeb9ef390d58239e1dce748143f6b35a0d9b (v3.13-rc1)
-CVE-2015-1332
+CVE-2015-1332 (The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 a ...)
 	NOT-FOR-US: oxide-qt
 	NOTE: The JavaScriptDialogManager exists as well for chromium-browser, but this
 	NOTE: CVE seem specific assigned for an issue in oxide::JavaScriptDialogManager
-CVE-2015-1331
+CVE-2015-1331 (lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitr ...)
 	{DSA-3317-1}
 	- lxc 1:1.0.7-4 (bug #793298)
 	[wheezy] - lxc <not-affected> (Affects 1.0.0 and higher)
 	[squeeze] - lxc <not-affected> (Affects 1.0.0 and higher)
-CVE-2015-1330
+CVE-2015-1330 (unattended-upgrades before 0.86.1 does not properly authenticate packa ...)
 	{DSA-3297-1 DLA-267-1}
 	- unattended-upgrades 0.86.1
-CVE-2015-1329
+CVE-2015-1329 (Use-after-free vulnerability in oxide::qt::URLRequestDelegatedJob in o ...)
 	NOT-FOR-US: Oxide-QT
-CVE-2015-1328
+CVE-2015-1328 (The overlayfs implementation in the linux (aka Linux kernel) package b ...)
 	- linux <not-affected> (Ubuntu-specific flaw, overlayfs mounts restricted to privileged users in Debian)
 	- linux-2.6 <not-affected> (Ubuntu-specific flaw, overlayfs mounts restricted to privileged users in Debian)
 	NOTE: http://seclists.org/oss-sec/2015/q2/717
@@ -22986,93 +22986,93 @@ CVE-2015-1326 [arbitrary code execution or file overwrite when templates are loa
 	- python-dbusmock 0.15.1-1 (bug #786858)
 	[jessie] - python-dbusmock 0.11.4-1+deb8u1
 	NOTE: https://bugs.launchpad.net/python-dbusmock/+bug/1453815
-CVE-2015-1325
+CVE-2015-1325 (Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubunt ...)
 	[experimental] - apport 2.17.3-1
-CVE-2015-1324
+CVE-2015-1324 (Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2. ...)
 	[experimental] - apport 2.17.3-1
-CVE-2015-1323
+CVE-2015-1323 (The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 a ...)
 	{DLA-261-1}
 	- aptdaemon 1.1.1+bzr982-1 (bug #789162)
 	[jessie] - aptdaemon 1.1.1-4+deb8u1
 	[wheezy] - aptdaemon 0.45-2+deb7u1
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/1449587
-CVE-2015-1322
+CVE-2015-1322 (Directory traversal vulnerability in the Ubuntu network-manager packag ...)
 	- network-manager <not-affected> (Ubuntu specific patch)
 	NOTE: http://www.ubuntu.com/usn/usn-2581-1
 	NOTE: https://bazaar.launchpad.net/~phablet-team/network-manager/ofono-format-cleanup/view/head:/debian/patches/add_ofono_settings_support.patch
-CVE-2015-1321
+CVE-2015-1321 (Use-after-free vulnerability in the file picker implementation in Oxid ...)
 	NOT-FOR-US: Oxide
 CVE-2015-1320
 	RESERVED
-CVE-2015-1319
+CVE-2015-1319 (The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and 1 ...)
 	- unity <itp> (bug #609278)
-CVE-2015-1318
+CVE-2015-1318 (The crash reporting feature in Apport 2.13 through 2.17.x before 2.17. ...)
 	[experimental] - apport <unfixed>
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, as we have an explicit (bug) reference for apport
-CVE-2015-1317
+CVE-2015-1317 (Use-after-free vulnerability in Oxide before 1.5.6 and 1.6.x before 1. ...)
 	NOT-FOR-US: Oxide
 CVE-2015-1316
 	RESERVED
-CVE-2015-1315
+CVE-2015-1315 (Buffer overflow in the charset_to_intern function in unix/unix.c in In ...)
 	- unzip <not-affected> (*-unzip60-alt-iconv-utf8 patch not applied in Debian)
-CVE-2015-1314
+CVE-2015-1314 (The USAA Mobile Banking application before 7.10.1 for Android displays ...)
 	NOT-FOR-US: USAA Mobile Banking application for Android
 CVE-2015-1313
 	RESERVED
-CVE-2015-1312
+CVE-2015-1312 (The Dealer Portal in SAP ERP does not properly restrict access, which  ...)
 	NOT-FOR-US: SAP
-CVE-2015-1311
+CVE-2015-1311 (The Extended Application Services (XS) in SAP HANA allows remote attac ...)
 	NOT-FOR-US: SAP
-CVE-2015-1310
+CVE-2015-1310 (SQL injection vulnerability in SAP Adaptive Server Enterprise (Sybase  ...)
 	NOT-FOR-US: SAP
-CVE-2015-1309
+CVE-2015-1309 (XML external entity vulnerability in the Extended Computer Aided Test  ...)
 	NOT-FOR-US: SAP
-CVE-2015-1305
+CVE-2015-1305 (McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows loca ...)
 	NOT-FOR-US: McAfee Data Loss Prevention Endpoint
-CVE-2015-1386
+CVE-2015-1386 (Directory traversal vulnerability in unshield 1.0-1. ...)
 	- unshield 1.4-1 (low; bug #776193)
 	[jessie] - unshield <no-dsa> (Minor issue)
 	[wheezy] - unshield <no-dsa> (Minor issue)
 	[squeeze] - unshield <no-dsa> (Minor issue)
 	NOTE: https://github.com/twogood/unshield/issues/42
-CVE-2015-1382
+CVE-2015-1382 (parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a  ...)
 	{DSA-3145-1 DLA-142-1}
 	- privoxy 3.0.21-7 (bug #776490)
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.297&r2=1.298
-CVE-2015-1381
+CVE-2015-1381 (Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.2 ...)
 	{DSA-3145-1 DLA-142-1}
 	- privoxy 3.0.21-7 (bug #776490)
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/pcrs.c?r1=1.46&r2=1.47
-CVE-2015-1380
+CVE-2015-1380 (jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a deni ...)
 	- privoxy 3.0.21-7 (bug #776490)
 	[wheezy] - privoxy <not-affected> (Vulnerable code introduced in 3.0.20)
 	[squeeze] - privoxy <not-affected> (Vulnerable code introduced in 3.0.20)
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/jcc.c?r1=1.433&r2=1.434
-CVE-2015-1379
+CVE-2015-1379 (The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b ...)
 	- socat 1.7.2.4-2 (bug #776234)
 	[wheezy] - socat <no-dsa> (Minor issue)
 	[squeeze] - socat <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/24/6
 	NOTE: Upstream advisory: http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt
-CVE-2015-1378
+CVE-2015-1378 (cmdlineopts.clp in grml-debootstrap in Debian 0.54, 0.68.x before 0.68 ...)
 	- grml-debootstrap 0.68.1 (low; bug #776502)
 	[wheezy] - grml-debootstrap <no-dsa> (Minor issue)
 	NOTE: https://github.com/grml/grml-debootstrap/issues/59
-CVE-2015-1377
+CVE-2015-1377 (The Read Mail module in Webmin 1.720 allows local users to read arbitr ...)
 	NOT-FOR-US: Webmin
-CVE-2015-1395
+CVE-2015-1395 (Directory traversal vulnerability in GNU patch versions which support  ...)
 	- patch 2.7.3-1 (bug #775873)
 	[wheezy] - patch <not-affected> (Support for git-style patches added in 2.7)
 	[squeeze] - patch <not-affected> (Support for git-style patches added in 2.7)
 	NOTE: Upstream report: https://savannah.gnu.org/bugs/?44059
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/24/2
-CVE-2015-1370
+CVE-2015-1370 (Incomplete blacklist vulnerability in marked 0.3.2 and earlier for Nod ...)
 	- node-marked 0.3.6+dfsg-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/marked_vbscript_injection
 	NOTE: https://github.com/chjj/marked/issues/492
 	NOTE: libv8 is not covered by security support
-CVE-2015-1304
+CVE-2015-1304 (object-observe.js in Google V8, as used in Google Chrome before 45.0.2 ...)
 	{DSA-3376-1}
 	- chromium-browser 45.0.2454.101-1
 	[jessie] - chromium-browser <no-dsa> (minor issue)
@@ -23080,173 +23080,173 @@ CVE-2015-1304
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-1303
+CVE-2015-1303 (bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome bef ...)
 	{DSA-3376-1}
 	- chromium-browser 45.0.2454.101-1
 	[jessie] - chromium-browser <no-dsa> (minor issue)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1302
+CVE-2015-1302 (The PDF viewer in Google Chrome before 46.0.2490.86 does not properly  ...)
 	{DSA-3415-1}
 	- chromium-browser 47.0.2526.73-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://googlechromereleases.blogspot.de/2015/11/stable-channel-update.html
-CVE-2015-1301
+CVE-2015-1301 (Multiple unspecified vulnerabilities in Google Chrome before 45.0.2454 ...)
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1300
+CVE-2015-1300 (The FrameFetchContext::updateTimingInfoForIFrameNavigation function in ...)
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1299
+CVE-2015-1299 (Use-after-free vulnerability in the shared-timer implementation in Bli ...)
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1298
+CVE-2015-1298 (The RuntimeEventRouter::OnExtensionUninstalled function in extensions/ ...)
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1297
+CVE-2015-1297 (The WebRequest API implementation in extensions/browser/api/web_reques ...)
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1296
+CVE-2015-1296 (The UnescapeURLWithAdjustmentsImpl implementation in net/base/escape.c ...)
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1295
+CVE-2015-1295 (Multiple use-after-free vulnerabilities in the PrintWebViewHelper clas ...)
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1294
+CVE-2015-1294 (Use-after-free vulnerability in the SkMatrix::invertNonIdentity functi ...)
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1293
+CVE-2015-1293 (The DOM implementation in Blink, as used in Google Chrome before 45.0. ...)
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1292
+CVE-2015-1292 (The NavigatorServiceWorker::serviceWorker function in modules/servicew ...)
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1291
+CVE-2015-1291 (The ContainerNode::parserRemoveChild function in core/dom/ContainerNod ...)
 	{DSA-3351-1}
 	- chromium-browser 45.0.2454.85-1 (low)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1290
+CVE-2015-1290 (The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and ...)
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-1289
+CVE-2015-1289 (Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403 ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1288
+CVE-2015-1288 (The Spellcheck API implementation in Google Chrome before 44.0.2403.89 ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1287
+CVE-2015-1287 (Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks- ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1286
+CVE-2015-1286 (Cross-site scripting (XSS) vulnerability in the V8ContextNativeHandler ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1285
+CVE-2015-1285 (The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.c ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1284
+CVE-2015-1284 (The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in  ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1283
+CVE-2015-1283 (Multiple integer overflows in the XML_GetBuffer function in Expat thro ...)
 	{DSA-3318-1 DSA-3315-1 DLA-281-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- expat 2.1.0-7 (bug #793484)
 	NOTE: Patch: https://hg.mozilla.org/releases/mozilla-esr31/rev/2f3e78643f5c
-CVE-2015-1282
+CVE-2015-1282 (Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Docu ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1281
+CVE-2015-1281 (core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before  ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1280
+CVE-2015-1280 (SkPictureShader.cpp in Skia, as used in Google Chrome before 44.0.2403 ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1279
+CVE-2015-1279 (Integer overflow in the CJBig2_Image::expand function in fxcodec/jbig2 ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1278
+CVE-2015-1278 (content/browser/web_contents/web_contents_impl.cc in Google Chrome bef ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1277
+CVE-2015-1277 (Use-after-free vulnerability in the accessibility implementation in Go ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1276
+CVE-2015-1276 (Use-after-free vulnerability in content/browser/indexed_db/indexed_db_ ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1275
+CVE-2015-1275 (Cross-site scripting (XSS) vulnerability in org/chromium/chrome/browse ...)
 	- chromium-browser <not-affected> (Android-specific)
-CVE-2015-1274
+CVE-2015-1274 (Google Chrome before 44.0.2403.89 does not ensure that the auto-open l ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1273
+CVE-2015-1273 (Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used  ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1272
+CVE-2015-1272 (Use-after-free vulnerability in the GPU process implementation in Goog ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1271
+CVE-2015-1271 (PDFium, as used in Google Chrome before 44.0.2403.89, does not properl ...)
 	{DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1270
+CVE-2015-1270 (The ucnv_io_getConverterName function in common/ucnv_io.cpp in Interna ...)
 	{DSA-3360-1 DSA-3315-1}
 	- chromium-browser 44.0.2403.89-1
 	[wheezy] - chromium-browser <end-of-life>
@@ -23256,62 +23256,62 @@ CVE-2015-1270
 	[squeeze] - icu <not-affected> (code in ucnv_io_getConverterName not present, introduced in 49.x)
 	NOTE: http://bugs.icu-project.org/trac/ticket/11696
 	NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37486/
-CVE-2015-1269
+CVE-2015-1269 (The DecodeHSTSPreloadRaw function in net/http/transport_security_state ...)
 	{DSA-3315-1}
 	- chromium-browser 43.0.2357.130-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1268
+CVE-2015-1268 (bindings/scripts/v8_types.py in Blink, as used in Google Chrome before ...)
 	{DSA-3315-1}
 	- chromium-browser 43.0.2357.130-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1267
+CVE-2015-1267 (Blink, as used in Google Chrome before 43.0.2357.130, does not properl ...)
 	{DSA-3315-1}
 	- chromium-browser 43.0.2357.130-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1266
+CVE-2015-1266 (content/browser/webui/content_web_ui_controller_factory.cc in Google C ...)
 	{DSA-3315-1}
 	- chromium-browser 43.0.2357.130-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1265
+CVE-2015-1265 (Multiple unspecified vulnerabilities in Google Chrome before 43.0.2357 ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1264
+CVE-2015-1264 (Cross-site scripting (XSS) vulnerability in Google Chrome before 43.0. ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1263
+CVE-2015-1263 (The Spellcheck API implementation in Google Chrome before 43.0.2357.65 ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1262
+CVE-2015-1262 (platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google  ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1261
+CVE-2015-1261 (android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1260
+CVE-2015-1260 (Multiple use-after-free vulnerabilities in content/renderer/media/user ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1259
+CVE-2015-1259 (PDFium, as used in Google Chrome before 43.0.2357.65, does not properl ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1258
+CVE-2015-1258 (Google Chrome before 43.0.2357.65 relies on libvpx code that was not b ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
@@ -23322,99 +23322,99 @@ CVE-2015-1258
 	NOTE: That's not a vulnerability in libvpx per se
 	NOTE: 1.4.0-4 adds the workaround to configure with --size-limit=16384x16384
 	NOTE: https://github.com/webmproject/libvpx/commit/943e43273b0a7369d07714e7fd2e19fecfb11c7c
-CVE-2015-1257
+CVE-2015-1257 (platform/graphics/filters/FEColorMatrix.cpp in the SVG implementation  ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1256
+CVE-2015-1256 (Use-after-free vulnerability in the SVG implementation in Blink, as us ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1255
+CVE-2015-1255 (Use-after-free vulnerability in content/renderer/media/webaudio_captur ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1254
+CVE-2015-1254 (core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2 ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1253
+CVE-2015-1253 (core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1252
+CVE-2015-1252 (common/partial_circular_buffer.cc in Google Chrome before 43.0.2357.65 ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1251
+CVE-2015-1251 (Use-after-free vulnerability in the SpeechRecognitionClient implementa ...)
 	{DSA-3267-1}
 	- chromium-browser 43.0.2357.65-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1250
+CVE-2015-1250 (Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311 ...)
 	{DSA-3242-1}
 	- chromium-browser 42.0.2311.135-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_28.html
-CVE-2015-1249
+CVE-2015-1249 (Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311 ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1248
+CVE-2015-1248 (The FileSystem API in Google Chrome before 40.0.2214.91 allows remote  ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1247
+CVE-2015-1247 (The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/search ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1246
+CVE-2015-1246 (Blink, as used in Google Chrome before 42.0.2311.90, allows remote att ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1245
+CVE-2015-1245 (Use-after-free vulnerability in the OpenPDFInReaderView::Update functi ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1244
+CVE-2015-1244 (The URLRequest::GetHSTSRedirect function in url_request/url_request.cc ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1243
+CVE-2015-1243 (Use-after-free vulnerability in the MutationObserver::disconnect funct ...)
 	{DSA-3242-1}
 	- chromium-browser 42.0.2311.135-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_28.html
-CVE-2015-1242
+CVE-2015-1242 (The ReduceTransitionElementsKind function in hydrogen-check-eliminatio ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1241
+CVE-2015-1241 (Google Chrome before 42.0.2311.90 does not properly consider the inter ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1240
+CVE-2015-1240 (gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in  ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1239
+CVE-2015-1239 (Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG  ...)
 	{DLA-1433-1}
 	- openjpeg2 2.1.1-1
 	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=430891
@@ -23423,152 +23423,152 @@ CVE-2015-1239
 	NOTE: https://github.com/uclouvain/openjpeg/commit/2d24b6000d5611615e3e6d799e20d5fdbe4e2a1e
 	NOTE: which corresponds to the r2997 commit as mentioned in the merge which
 	NOTE: fixed the issue on Google/PDFium's side.
-CVE-2015-1238
+CVE-2015-1238 (Skia, as used in Google Chrome before 42.0.2311.90, allows remote atta ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1237
+CVE-2015-1237 (Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1236
+CVE-2015-1236 (The MediaElementAudioSourceNode::process function in modules/webaudio/ ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1235
+CVE-2015-1235 (The ContainerNode::parserRemoveChild function in core/dom/ContainerNod ...)
 	{DSA-3238-1}
 	- chromium-browser 42.0.2311.90-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1234
+CVE-2015-1234 (Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in G ...)
 	- chromium-browser 41.0.2272.118-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1233
+CVE-2015-1233 (Google Chrome before 41.0.2272.118 does not properly handle the intera ...)
 	- chromium-browser 41.0.2272.118-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1232
+CVE-2015-1232 (Array index error in the MidiManagerUsb::DispatchSendMidiData function ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1231
+CVE-2015-1231 (Multiple unspecified vulnerabilities in Google Chrome before 41.0.2272 ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1230
+CVE-2015-1230 (The getHiddenProperty function in bindings/core/v8/V8EventListenerList ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2015-1229
+CVE-2015-1229 (net/http/proxy_client_socket.cc in Google Chrome before 41.0.2272.76 d ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1228
+CVE-2015-1228 (The RenderCounter::updateCounter function in core/rendering/RenderCoun ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1227
+CVE-2015-1227 (The DragImage::create function in platform/DragImage.cpp in Blink, as  ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1226
+CVE-2015-1226 (The DebuggerFunction::InitAgentHost function in browser/extensions/api ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1225
+CVE-2015-1225 (PDFium, as used in Google Chrome before 41.0.2272.76, allows remote at ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1224
+CVE-2015-1224 (The VpxVideoDecoder::VpxDecode function in media/filters/vpx_video_dec ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1223
+CVE-2015-1223 (Multiple use-after-free vulnerabilities in core/html/HTMLInputElement. ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1222
+CVE-2015-1222 (Multiple use-after-free vulnerabilities in the ServiceWorkerScriptCach ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1221
+CVE-2015-1221 (Use-after-free vulnerability in Blink, as used in Google Chrome before ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1220
+CVE-2015-1220 (Use-after-free vulnerability in the GIFImageReader::parseData function ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1219
+CVE-2015-1219 (Integer overflow in the SkMallocPixelRef::NewAllocate function in core ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1218
+CVE-2015-1218 (Multiple use-after-free vulnerabilities in the DOM implementation in B ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1217
+CVE-2015-1217 (The V8LazyEventListener::prepareListenerObject function in bindings/co ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1216
+CVE-2015-1216 (Use-after-free vulnerability in the V8Window::namedPropertyGetterCusto ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1215
+CVE-2015-1215 (The filters implementation in Skia, as used in Google Chrome before 41 ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1214
+CVE-2015-1214 (Integer overflow in the SkAutoSTArray implementation in include/core/S ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1213
+CVE-2015-1213 (The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the filte ...)
 	- chromium-browser 41.0.2272.76-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1212
+CVE-2015-1212 (Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214 ...)
 	- chromium-browser 40.0.2214.111-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1211
+CVE-2015-1211 (The OriginCanAccessServiceWorkers function in content/browser/service_ ...)
 	- chromium-browser 40.0.2214.111-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1210
+CVE-2015-1210 (The V8ThrowException::createDOMException function in bindings/core/v8/ ...)
 	- chromium-browser 40.0.2214.111-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1209
+CVE-2015-1209 (Use-after-free vulnerability in the VisibleSelection::nonBoundaryShado ...)
 	- chromium-browser 40.0.2214.111-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1208
+CVE-2015-1208 (Integer underflow in the mov_read_default function in libavformat/mov. ...)
 	- ffmpeg 7:2.5.3-1
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3ebd76a9c57558e284e94da367dd23b435e6a6d0
-CVE-2015-1207
+CVE-2015-1207 (Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chr ...)
 	{DLA-1654-1}
 	- ffmpeg 7:2.6.1-1
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3859868c75313e318ebc5d0d33baada62d45dd75
-CVE-2015-1206
+CVE-2015-1206 (Heap-based buffer overflow in Google Chrome before M40 allows remote a ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
-CVE-2015-1204
+CVE-2015-1204 (Cross-site scripting (XSS) vulnerability in the Save Filters functiona ...)
 	NOT-FOR-US: Save Filters functionality in the WP Slimstat plugin for WordPress
 CVE-2015-1190
 	RESERVED
 CVE-2015-1189
 	RESERVED
-CVE-2015-1188
+CVE-2015-1188 (The certificate verification functions in the HNDS service in Swisscom ...)
 	NOT-FOR-US: Swisscom Centro Grande DSL router
-CVE-2015-1187
+CVE-2015-1187 (The ping tool in multiple D-Link and TRENDnet devices allow remote att ...)
 	NOT-FOR-US: D-Link
 CVE-2015-1186
 	RESERVED
@@ -23580,27 +23580,27 @@ CVE-2015-1183
 	RESERVED
 CVE-2015-1181
 	RESERVED
-CVE-2015-1180
+CVE-2015-1180 (Cross-site scripting (XSS) vulnerability in the Web Reports in EventSe ...)
 	NOT-FOR-US: EventSentry
-CVE-2015-1179
+CVE-2015-1179 (Multiple cross-site scripting (XSS) vulnerabilities in data_point_deta ...)
 	NOT-FOR-US: Mango Automation
-CVE-2015-1178
+CVE-2015-1178 (Multiple cross-site scripting (XSS) vulnerabilities in cart.php in X-C ...)
 	NOT-FOR-US: X-Cart
-CVE-2015-1177
+CVE-2015-1177 (Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.2. ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2015-1176
+CVE-2015-1176 (Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in  ...)
 	NOT-FOR-US: osTicket
-CVE-2015-1174
+CVE-2015-1174 (Session fixation vulnerability in Unit4 Polska TETA Web (formerly TETA ...)
 	NOT-FOR-US: Unit4 Polska TETA Web
-CVE-2015-1173
+CVE-2015-1173 (Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 does not pro ...)
 	NOT-FOR-US: Unit4 Polska TETA Web
-CVE-2015-1172
+CVE-2015-1172 (Unrestricted file upload vulnerability in admin/upload-file.php in the ...)
 	NOT-FOR-US: WordPress theme holding_pattern
-CVE-2015-1171
+CVE-2015-1171 (Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) 6 ...)
 	NOT-FOR-US: SIM Card Editor
-CVE-2015-1170
+CVE-2015-1170 (The NVIDIA Display Driver R304 before 309.08, R340 before 341.44, R343 ...)
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2015-1169
+CVE-2015-1169 (Apereo Central Authentication Service (CAS) Server before 3.5.3 allows ...)
 	NOT-FOR-US: Apereo Central Authentication Service
 CVE-2015-1168
 	RESERVED
@@ -23608,7 +23608,7 @@ CVE-2015-1167
 	RESERVED
 CVE-2015-1166
 	RESERVED
-CVE-2015-1165
+CVE-2015-1165 (RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x bef ...)
 	{DSA-3176-1 DLA-158-1}
 	- request-tracker4 4.2.8-3
 	- request-tracker3.8 <removed>
@@ -23626,19 +23626,19 @@ CVE-2015-1396 [(another) directory traversal via symlinks -- incomplete fix for
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/24/3
 CVE-2015-1353
 	REJECTED
-CVE-2015-4471
+CVE-2015-4471 (Off-by-one error in the lzxd_decompress function in lzxd.c in libmspac ...)
 	- libmspack 0.5-1 (bug #775499)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-4470
+CVE-2015-4470 (Off-by-one error in the inflate function in mszipd.c in libmspack befo ...)
 	- libmspack 0.5-1 (bug #775498)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-4472
+CVE-2015-4472 (Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack befor ...)
 	- libmspack 0.5-1 (bug #775687)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-1591
+CVE-2015-1591 (The kamailio build in kamailio before 4.2.0-2 process allows local use ...)
 	- kamailio 4.2.0-2 (bug #775681)
 	NOTE: https://github.com/kamailio/kamailio/issues/48
-CVE-2015-1590
+CVE-2015-1590 (The kamcmd administrative utility and default configuration in kamaili ...)
 	- kamailio 4.2.0-2 (bug #775681)
 	NOTE: https://github.com/kamailio/kamailio/issues/48
 CVE-2015-XXXX [insecure configuration permissions]
@@ -23653,249 +23653,249 @@ CVE-2015-XXXX [information leak in event device handling]
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7c4f56070fde2367766fa1fb04852599b5e1ad35 (v3.18-rc1)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=483180281f0ac60d1138710eb21f4b9961901294 (v3.11-rc1)
 	NOTE: CVE Request: http://article.gmane.org/gmane.comp.security.oss.general/15457
-CVE-2015-1346
+CVE-2015-1346 (Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, a ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	- libv8-3.14 <unfixed> (unimportant; bug #773671)
 	NOTE: libv8 not covered by security support
-CVE-2015-1345
+CVE-2015-1345 (The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows  ...)
 	- grep 2.20-4.1 (low; bug #776039)
 	[squeeze] - grep <not-affected> (Issue introduced with v2.18-90-g73893ff)
 	[wheezy] - grep <not-affected> (Issue introduced with v2.18-90-g73893ff)
 	NOTE: http://bugs.gnu.org/19563
 	NOTE: Upstream fix: http://git.sv.gnu.org/cgit/grep.git/commit/?id=83a95bd8c8561875b948cadd417c653dbe7ef2e2
-CVE-2015-1182
+CVE-2015-1182 (The asn1_get_sequence_of function in library/asn1parse.c in PolarSSL 1 ...)
 	{DSA-3136-1 DLA-144-1}
 	- polarssl 1.3.9-2.1 (bug #775776)
 	NOTE: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04
-CVE-2015-1175
+CVE-2015-1175 (Cross-site scripting (XSS) vulnerability in blocklayered-ajax.php in t ...)
 	NOT-FOR-US: PrestaShop
 CVE-2015-1160
 	RESERVED
-CVE-2015-1159
+CVE-2015-1159 (Cross-site scripting (XSS) vulnerability in the cgi_puts function in c ...)
 	{DSA-3283-1 DLA-239-1}
 	- cups 1.7.5-12
-CVE-2015-1158
+CVE-2015-1158 (The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3  ...)
 	{DSA-3283-1 DLA-239-1}
 	- cups 1.7.5-12
-CVE-2015-1157
+CVE-2015-1157 (CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause ...)
 	NOT-FOR-US: Apple iOS
-CVE-2015-1156
+CVE-2015-1156 (The page-loading implementation in WebKit, as used in Apple Safari bef ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1155
+CVE-2015-1155 (The history implementation in WebKit, as used in Apple Safari before 6 ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1154
+CVE-2015-1154 (WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1153
+CVE-2015-1153 (WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1152
+CVE-2015-1152 (WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1151
+CVE-2015-1151 (Wiki Server in Apple OS X Server before 4.1 allows remote attackers to ...)
 	NOT-FOR-US: Apple
-CVE-2015-1150
+CVE-2015-1150 (The Firewall component in Apple OS X Server before 4.1 uses an incorre ...)
 	NOT-FOR-US: Apple
-CVE-2015-1149
+CVE-2015-1149 (Integer overflow in the simulator in Swift in Apple Xcode before 6.3 a ...)
 	NOT-FOR-US: Apple Xcode
-CVE-2015-1148
+CVE-2015-1148 (Screen Sharing in Apple OS X before 10.10.3 stores the password of a u ...)
 	NOT-FOR-US: Apple
-CVE-2015-1147
+CVE-2015-1147 (Open Directory Client in Apple OS X before 10.10.3 sends unencrypted p ...)
 	NOT-FOR-US: Apple
-CVE-2015-1146
+CVE-2015-1146 (The Code Signing implementation in Apple OS X before 10.10.3 does not  ...)
 	NOT-FOR-US: Apple
-CVE-2015-1145
+CVE-2015-1145 (The Code Signing implementation in Apple OS X before 10.10.3 does not  ...)
 	NOT-FOR-US: Apple
-CVE-2015-1144
+CVE-2015-1144 (Buffer overflow in the UniformTypeIdentifiers component in Apple OS X  ...)
 	NOT-FOR-US: Apple
-CVE-2015-1143
+CVE-2015-1143 (LaunchServices in Apple OS X before 10.10.3 allows local users to gain ...)
 	NOT-FOR-US: Apple
-CVE-2015-1142
+CVE-2015-1142 (LaunchServices in Apple OS X before 10.10.3 allows local users to caus ...)
 	NOT-FOR-US: Apple
-CVE-2015-1141
+CVE-2015-1141 (The mach_vm_read functionality in the kernel in Apple OS X before 10.1 ...)
 	NOT-FOR-US: Apple
-CVE-2015-1140
+CVE-2015-1140 (Buffer overflow in IOHIDFamily in Apple OS X before 10.10.3 allows loc ...)
 	NOT-FOR-US: Apple
-CVE-2015-1139
+CVE-2015-1139 (ImageIO in Apple OS X before 10.10.3 allows remote attackers to execut ...)
 	NOT-FOR-US: Apple
-CVE-2015-1138
+CVE-2015-1138 (Hypervisor in Apple OS X before 10.10.3 allows local users to cause a  ...)
 	NOT-FOR-US: Apple
-CVE-2015-1137
+CVE-2015-1137 (The NVIDIA graphics driver in Apple OS X before 10.10.3 allows local u ...)
 	NOT-FOR-US: Apple
-CVE-2015-1136
+CVE-2015-1136 (Use-after-free vulnerability in CoreAnimation in Apple OS X before 10. ...)
 	NOT-FOR-US: Apple
-CVE-2015-1135
+CVE-2015-1135 (fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows ...)
 	NOT-FOR-US: Apple
-CVE-2015-1134
+CVE-2015-1134 (fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows ...)
 	NOT-FOR-US: Apple
-CVE-2015-1133
+CVE-2015-1133 (fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows ...)
 	NOT-FOR-US: Apple
-CVE-2015-1132
+CVE-2015-1132 (fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows ...)
 	NOT-FOR-US: Apple
-CVE-2015-1131
+CVE-2015-1131 (fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows ...)
 	NOT-FOR-US: Apple
-CVE-2015-1130
+CVE-2015-1130 (The XPC implementation in Admin Framework in Apple OS X before 10.10.3 ...)
 	NOT-FOR-US: Apple
-CVE-2015-1129
+CVE-2015-1129 (Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 does ...)
 	NOT-FOR-US: Apple Safari
-CVE-2015-1128
+CVE-2015-1128 (The private-browsing implementation in Apple Safari before 6.2.5, 7.x  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2015-1127
+CVE-2015-1127 (The private-browsing implementation in WebKit in Apple Safari before 6 ...)
 	NOT-FOR-US: Apple Safari
-CVE-2015-1126
+CVE-2015-1126 (WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1125
+CVE-2015-1125 (The touch-events implementation in WebKit in Apple iOS before 8.3 allo ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1124
+CVE-2015-1124 (WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Appl ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1123
+CVE-2015-1123 (WebKit, as used in Apple iOS before 8.3 and Apple TV before 7.2, allow ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1122
+CVE-2015-1122 (WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Appl ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1121
+CVE-2015-1121 (WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Appl ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1120
+CVE-2015-1120 (WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Appl ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1119
+CVE-2015-1119 (WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Appl ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1118
+CVE-2015-1118 (libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and App ...)
 	NOT-FOR-US: Apple
-CVE-2015-1117
+CVE-2015-1117 (The (1) setreuid and (2) setregid system-call implementations in the k ...)
 	NOT-FOR-US: iOS
-CVE-2015-1116
+CVE-2015-1116 (The UIKit View component in Apple iOS before 8.3 displays unblurred ap ...)
 	NOT-FOR-US: iOS
-CVE-2015-1115
+CVE-2015-1115 (The Telephony component in Apple iOS before 8.3 allows attackers to by ...)
 	NOT-FOR-US: iOS
-CVE-2015-1114
+CVE-2015-1114 (The Sandbox Profiles component in Apple iOS before 8.3 and Apple TV be ...)
 	NOT-FOR-US: iOS
-CVE-2015-1113
+CVE-2015-1113 (The Sandbox Profiles component in Apple iOS before 8.3 allows attacker ...)
 	NOT-FOR-US: iOS
-CVE-2015-1112
+CVE-2015-1112 (Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, as  ...)
 	NOT-FOR-US: iOS
-CVE-2015-1111
+CVE-2015-1111 (Safari in Apple iOS before 8.3 does not delete Recently Closed Tabs da ...)
 	NOT-FOR-US: iOS
-CVE-2015-1110
+CVE-2015-1110 (The Podcasts component in Apple iOS before 8.3 and Apple TV before 7.2 ...)
 	NOT-FOR-US: iOS
-CVE-2015-1109
+CVE-2015-1109 (NetworkExtension in Apple iOS before 8.3 stores credentials in VPN con ...)
 	NOT-FOR-US: iOS
-CVE-2015-1108
+CVE-2015-1108 (The Lock Screen component in Apple iOS before 8.3 does not properly en ...)
 	NOT-FOR-US: iOS
-CVE-2015-1107
+CVE-2015-1107 (The Lock Screen component in Apple iOS before 8.3 does not properly im ...)
 	NOT-FOR-US: iOS
-CVE-2015-1106
+CVE-2015-1106 (The QuickType feature in the Keyboards subsystem in Apple iOS before 8 ...)
 	NOT-FOR-US: iOS
-CVE-2015-1105
+CVE-2015-1105 (The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS ...)
 	NOT-FOR-US: iOS
-CVE-2015-1104
+CVE-2015-1104 (The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and App ...)
 	NOT-FOR-US: iOS
-CVE-2015-1103
+CVE-2015-1103 (The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and App ...)
 	NOT-FOR-US: iOS
-CVE-2015-1102
+CVE-2015-1102 (The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and App ...)
 	NOT-FOR-US: iOS
-CVE-2015-1101
+CVE-2015-1101 (The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and App ...)
 	NOT-FOR-US: iOS
-CVE-2015-1100
+CVE-2015-1100 (The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and App ...)
 	NOT-FOR-US: iOS
-CVE-2015-1099
+CVE-2015-1099 (Race condition in the setreuid system-call implementation in the kerne ...)
 	NOT-FOR-US: iOS
-CVE-2015-1098
+CVE-2015-1098 (iWork in Apple iOS before 8.3 and Apple OS X before 10.10.3 allows rem ...)
 	NOT-FOR-US: iOS
-CVE-2015-1097
+CVE-2015-1097 (IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 al ...)
 	NOT-FOR-US: iOS
-CVE-2015-1096
+CVE-2015-1096 (IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Ap ...)
 	NOT-FOR-US: iOS
-CVE-2015-1095
+CVE-2015-1095 (IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Ap ...)
 	NOT-FOR-US: iOS
-CVE-2015-1094
+CVE-2015-1094 (IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 al ...)
 	NOT-FOR-US: iOS
-CVE-2015-1093
+CVE-2015-1093 (FontParser in Apple iOS before 8.3 and Apple OS X before 10.10.3 allow ...)
 	NOT-FOR-US: iOS
-CVE-2015-1092
+CVE-2015-1092 (NSXMLParser in Foundation in Apple iOS before 8.3 and Apple TV before  ...)
 	NOT-FOR-US: iOS
-CVE-2015-1091
+CVE-2015-1091 (The CFNetwork Session component in Apple iOS before 8.3 and Apple OS X ...)
 	NOT-FOR-US: iOS
-CVE-2015-1090
+CVE-2015-1090 (CFNetwork in Apple iOS before 8.3 does not delete HTTP Strict Transpor ...)
 	NOT-FOR-US: iOS
-CVE-2015-1089
+CVE-2015-1089 (CFNetwork in Apple iOS before 8.3 and Apple OS X before 10.10.3 does n ...)
 	NOT-FOR-US: iOS
-CVE-2015-1088
+CVE-2015-1088 (CFURL in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not p ...)
 	NOT-FOR-US: iOS
-CVE-2015-1087
+CVE-2015-1087 (Directory traversal vulnerability in Backup in Apple iOS before 8.3 al ...)
 	NOT-FOR-US: iOS
-CVE-2015-1086
+CVE-2015-1086 (The Audio Drivers subsystem in Apple iOS before 8.3 and Apple TV befor ...)
 	NOT-FOR-US: iOS
-CVE-2015-1085
+CVE-2015-1085 (AppleKeyStore in Apple iOS before 8.3 does not properly restrict a cer ...)
 	NOT-FOR-US: iOS
-CVE-2015-1084
+CVE-2015-1084 (The user interface in WebKit, as used in Apple Safari before 6.2.4, 7. ...)
 	NOT-FOR-US: Safari
-CVE-2015-1083
+CVE-2015-1083 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1082
+CVE-2015-1082 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1081
+CVE-2015-1081 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1080
+CVE-2015-1080 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1079
+CVE-2015-1079 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1078
+CVE-2015-1078 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1077
+CVE-2015-1077 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1076
+CVE-2015-1076 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1075
+CVE-2015-1075 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1074
+CVE-2015-1074 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1073
+CVE-2015-1073 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1072
+CVE-2015-1072 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1071
+CVE-2015-1071 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1070
+CVE-2015-1070 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1069
+CVE-2015-1069 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1068
+CVE-2015-1068 (WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8. ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2015-1067
+CVE-2015-1067 (Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2,  ...)
 	NOT-FOR-US: Apple
-CVE-2015-1066
+CVE-2015-1066 (Off-by-one error in IOAcceleratorFamily in Apple OS X through 10.10.2  ...)
 	NOT-FOR-US: Apple
-CVE-2015-1065
+CVE-2015-1065 (Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 a ...)
 	NOT-FOR-US: Apple
-CVE-2015-1064
+CVE-2015-1064 (Springboard in Apple iOS before 8.2 allows physically proximate attack ...)
 	NOT-FOR-US: Apple
-CVE-2015-1063
+CVE-2015-1063 (CoreTelephony in Apple iOS before 8.2 allows remote attackers to cause ...)
 	NOT-FOR-US: Apple
-CVE-2015-1062
+CVE-2015-1062 (MobileStorageMounter in Apple iOS before 8.2 and Apple TV before 7.1 d ...)
 	NOT-FOR-US: Apple
-CVE-2015-1061
+CVE-2015-1061 (IOSurface in Apple iOS before 8.2, Apple OS X through 10.10.2, and App ...)
 	NOT-FOR-US: Apple
-CVE-2015-1060
+CVE-2015-1060 (Open redirect vulnerability in lib/Cake/Controller/Controller.php in A ...)
 	NOT-FOR-US: AdaptCMS
-CVE-2015-1059
+CVE-2015-1059 (Unrestricted file upload vulnerability in admin/files/add in AdaptCMS  ...)
 	NOT-FOR-US: AdaptCMS
-CVE-2015-1058
+CVE-2015-1058 (Multiple cross-site scripting (XSS) vulnerabilities in AdaptCMS 3.0.3  ...)
 	NOT-FOR-US: AdaptCMS
-CVE-2015-1057
+CVE-2015-1057 (Cross-site scripting (XSS) vulnerability in usersettings.php in e107 2 ...)
 	NOT-FOR-US: e107
-CVE-2015-1056
+CVE-2015-1056 (Cross-site scripting (XSS) vulnerability in Brother MFC-J4410DW printe ...)
 	NOT-FOR-US: Brother printer
-CVE-2015-1055
+CVE-2015-1055 (SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for Word ...)
 	NOT-FOR-US: WordPress plugin Photo Gallery
-CVE-2015-1054
+CVE-2015-1054 (Cross-site scripting (XSS) vulnerability in the Games feature in Crea8 ...)
 	NOT-FOR-US: Crea8Social
-CVE-2015-1053
+CVE-2015-1053 (Cross-site scripting (XSS) vulnerability in the administrative backend ...)
 	NOT-FOR-US: Croogo
-CVE-2015-1052
+CVE-2015-1052 (Cross-site scripting (XSS) vulnerability in the poll archive in PHPKIT ...)
 	NOT-FOR-US: PHPKIT
-CVE-2015-1050
+CVE-2015-1050 (Cross-site scripting (XSS) vulnerability in F5 BIG-IP Application Secu ...)
 	NOT-FOR-US: F5 BIG-IP Application Security Manager
-CVE-2015-1049
+CVE-2015-1049 (The web server on Siemens SCALANCE X-200IRT switches with firmware bef ...)
 	NOT-FOR-US: Siemens SCALANCE
-CVE-2015-1205
+CVE-2015-1205 (Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214 ...)
 	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
@@ -23906,64 +23906,64 @@ CVE-2015-1203 [stack allocation with an attacker-controlled size -- modules/acce
 CVE-2015-1202 [stack allocation with an attacker-controlled size -- modules/services_discovery/sap.c]
 	RESERVED
 	NOTE: VLC issue disputed by upstream, see bug #775866
-CVE-2015-1201
+CVE-2015-1201 (Privoxy before 3.0.22 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Bogus entry for Privoxy picked from Secunia
-CVE-2015-1308
+CVE-2015-1308 (kde-workspace 4.2.0 and plasma-workspace before 5.1.95 allows remote a ...)
 	- kde-workspace 4:5.1.95-1
 	[jessie] - kde-workspace <no-dsa> (Minor issue)
 	[wheezy] - kde-workspace <no-dsa> (Minor issue)
-CVE-2015-1307
+CVE-2015-1307 (plasma-workspace before 5.1.95 allows remote attackers to obtain passw ...)
 	NOT-FOR-US: KDE Plasma 5 desktop, not yet packaged
-CVE-2015-1306
+CVE-2015-1306 (The newsletter posting area in the web interface in Sympa 6.0.x before ...)
 	{DSA-3134-1 DLA-148-1}
 	- sympa 6.1.23~dfsg-2
 	NOTE: https://www.sympa.org/security_advisories#security_breaches_in_newsletter_posting
-CVE-2015-1051
+CVE-2015-1051 (Open redirect vulnerability in the Context UI module in the Context mo ...)
 	NOT-FOR-US: Drupal extension drupal7-context
-CVE-2015-2304
+CVE-2015-2304 (Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 a ...)
 	{DSA-3180-1 DLA-166-1}
 	- libarchive 3.1.2-11 (bug #778266)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/16/7
 	NOTE: Patch: https://github.com/libarchive/libarchive/commit/59357157706d47c365b2227739e17daba3607526
-CVE-2015-1200
+CVE-2015-1200 (Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for t ...)
 	- pxz 4.999.99~beta3+git659fc9b-3 (bug #775306)
-CVE-2015-1199
+CVE-2015-1199 (Directory traversal vulnerability in ppmd 10.1-5. ...)
 	- ppmd <removed> (low; bug #775218)
 	[jessie] - ppmd <no-dsa> (Minor issue)
 	[wheezy] - ppmd <no-dsa> (Minor issue)
 	[squeeze] - ppmd <no-dsa> (Minor issue)
-CVE-2015-1195
+CVE-2015-1195 (The V2 API in OpenStack Image Registry and Delivery Service (Glance) b ...)
 	- glance 2014.1.3-11 (bug #775926)
 	[wheezy] - glance <not-affected> (Vulnerable code not present)
 	NOTE: up to 2014.1.3 and 2014.2 versions up to 2014.2.1
-CVE-2015-1350
+CVE-2015-1350 (The VFS subsystem in the Linux kernel 3.x provides an incomplete set o ...)
 	{DLA-772-1}
 	- linux 4.8.11-1 (bug #770492)
 	[jessie] - linux 3.16.39-1
 	- linux-2.6 <removed>
 	NOTE: Fixed by: https://git.kernel.org/linus/030b533c4fd4d2ec3402363323de4bb2983c9cee
-CVE-2015-1164
+CVE-2015-1164 (Open redirect vulnerability in the serve-static plugin before 1.7.2 fo ...)
 	- node-serve-static 1.6.4-2 (unimportant; bug #775843)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodesecurity.io/advisories/serve-static-open-redirect
 	NOTE: https://github.com/expressjs/serve-static/issues/26
-CVE-2015-1048
+CVE-2015-1048 (Open redirect vulnerability in the integrated web server on Siemens SI ...)
 	NOT-FOR-US: Siemens
-CVE-2015-1047
+CVE-2015-1047 (vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 b ...)
 	NOT-FOR-US: VMware vCenter
 CVE-2015-1046
 	REJECTED
 CVE-2015-1045
 	REJECTED
-CVE-2015-1044
+CVE-2015-1044 (vmware-authd (aka the Authorization process) in VMware Workstation 10. ...)
 	NOT-FOR-US: VMware
-CVE-2015-1043
+CVE-2015-1043 (The Host Guest File System (HGFS) in VMware Workstation 10.x before 10 ...)
 	NOT-FOR-US: VMware
-CVE-2015-1041
+CVE-2015-1041 (Cross-site scripting (XSS) vulnerability in e107_admin/filemanager.php ...)
 	NOT-FOR-US: e107
-CVE-2015-1040
+CVE-2015-1040 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: BEdita
-CVE-2015-1039
+CVE-2015-1039 (Cross-site scripting (XSS) vulnerability in user/login.phtml in ZF-Com ...)
 	NOT-FOR-US: zfcUser
 CVE-2015-1037
 	RESERVED
@@ -23975,24 +23975,24 @@ CVE-2015-1034
 	RESERVED
 CVE-2015-1033
 	RESERVED
-CVE-2015-1032
+CVE-2015-1032 (Cross-site scripting (XSS) vulnerability in Kiwix before 0.9.1, when u ...)
 	- kiwix <removed>
 	NOTE: actually RFP again, but was removed from the archive on 2014-09-25
 	NOTE: See https://bugs.debian.org/763321
-CVE-2015-1029
+CVE-2015-1029 (The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x b ...)
 	- puppet-module-puppetlabs-stdlib 4.9.0-1 (bug #775535)
 	[jessie] - puppet-module-puppetlabs-stdlib <not-affected> (The jessie version of facter is recent enough)
 	NOTE: http://puppetlabs.com/security/cve/cve-2015-1029
 	NOTE: http://lists.alioth.debian.org/pipermail/pkg-puppet-devel/2015-January/009318.html
-CVE-2015-1028
+CVE-2015-1028 (Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2730 ...)
 	NOT-FOR-US: D-Link router
-CVE-2015-1027
+CVE-2015-1027 (The version checking subroutine in percona-toolkit before 2.2.13 and x ...)
 	- percona-toolkit 2.2.13-1 (unimportant)
 	[wheezy] - percona-toolkit <not-affected> (version-check introduced in 2.1.4)
 	- percona-xtrabackup <unfixed> (unimportant)
 	NOTE: Automatic version check is disabled and inherently insecure (CVE-2014-2029)
 	NOTE: Patch applied to OpenSUSE 13.1: https://build.opensuse.org/package/view_file/openSUSE:13.1:Update/xtrabackup/percona-xtrabackup-CVE-2015-1027.patch?expand=1
-CVE-2015-1026
+CVE-2015-1026 (Multiple cross-site scripting (XSS) vulnerabilities in ZOHO ManageEngi ...)
 	NOT-FOR-US: ZOHO ManageEngine
 CVE-2015-1025
 	RESERVED
@@ -24014,106 +24014,106 @@ CVE-2015-1017
 	RESERVED
 CVE-2015-1016
 	RESERVED
-CVE-2015-1015
+CVE-2015-1015 (Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, an ...)
 	NOT-FOR-US: Omron CX-One
 CVE-2015-1014
 	RESERVED
-CVE-2015-1013
+CVE-2015-1013 (OSIsoft PI AF 2.6 and 2.7 and PI SQL for AF 2.1.2.19 do not ensure tha ...)
 	NOT-FOR-US: OSIsoft PI AF and OSIsoft PI SQL for AF
 CVE-2015-1012
 	RESERVED
-CVE-2015-1011
+CVE-2015-1011 (Hospira LifeCare PCA Infusion System before 7.0 has hardcoded credenti ...)
 	NOT-FOR-US: Hospira LifeCare
-CVE-2015-1010
+CVE-2015-1010 (Rockwell Automation RSView32 7.60.00 (aka CPR9 SR4) and earlier does n ...)
 	NOT-FOR-US: Rockwell Automation RSView32
-CVE-2015-1009
+CVE-2015-1009 (Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wond ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2015-1008
+CVE-2015-1008 (SQL injection vulnerability in Emerson AMS Device Manager before 13 al ...)
 	NOT-FOR-US: Emerson AMS Device Manager
 CVE-2015-1007
 	RESERVED
 CVE-2015-1006
 	RESERVED
-CVE-2015-1005
+CVE-2015-1005 (IniNet embeddedWebServer (aka eWebServer) before 2.02 for Windows CE u ...)
 	NOT-FOR-US: IniNet
 CVE-2015-1004
 	REJECTED
-CVE-2015-1003
+CVE-2015-1003 (Directory traversal vulnerability in IniNet embeddedWebServer (aka eWe ...)
 	NOT-FOR-US: IniNet
-CVE-2015-1002
+CVE-2015-1002 (IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL e ...)
 	NOT-FOR-US: IniNet
-CVE-2015-1001
+CVE-2015-1001 (Multiple stack-based buffer overflows in IniNet embeddedWebServer (aka ...)
 	NOT-FOR-US: IniNet
-CVE-2015-1000
+CVE-2015-1000 (Stack-based buffer overflow in the OpenForIPCamTest method in the RTSP ...)
 	NOT-FOR-US: SStreamVideo ActiveX control
-CVE-2015-0999
+CVE-2015-0999 (Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and  ...)
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-0998
+CVE-2015-0998 (Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and  ...)
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-0997
+CVE-2015-0997 (Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and  ...)
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-0996
+CVE-2015-0996 (Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and  ...)
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
-CVE-2015-0995
+CVE-2015-0995 (Inductive Automation Ignition 7.7.2 uses MD5 password hashes, which ma ...)
 	NOT-FOR-US: Inductive Automation Ignition
-CVE-2015-0994
+CVE-2015-0994 (Inductive Automation Ignition 7.7.2 allows remote authenticated users  ...)
 	NOT-FOR-US: Inductive Automation Ignition
-CVE-2015-0993
+CVE-2015-0993 (Inductive Automation Ignition 7.7.2 does not terminate a session upon  ...)
 	NOT-FOR-US: Inductive Automation Ignition
-CVE-2015-0992
+CVE-2015-0992 (Inductive Automation Ignition 7.7.2 stores cleartext OPC Server creden ...)
 	NOT-FOR-US: Inductive Automation Ignition
-CVE-2015-0991
+CVE-2015-0991 (Inductive Automation Ignition 7.7.2 allows remote attackers to obtain  ...)
 	NOT-FOR-US: Inductive Automation Ignition
-CVE-2015-0990
+CVE-2015-0990 (Untrusted search path vulnerability in Ecava IntegraXor SCADA Server b ...)
 	NOT-FOR-US: Ecava IntegraXor SCADA Server
-CVE-2015-0989
+CVE-2015-0989 (PACTware 4.1 SP3 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: PACTware
-CVE-2015-0988
+CVE-2015-0988 (Omron CX-One CX-Programmer before 9.6 uses a reversible format for pas ...)
 	NOT-FOR-US: Omron CX-One
-CVE-2015-0987
+CVE-2015-0987 (Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, an ...)
 	NOT-FOR-US: Omron CX-One
-CVE-2015-0986
+CVE-2015-0986 (Multiple stack-based buffer overflows in Moxa VPort ActiveX SDK Plus b ...)
 	NOT-FOR-US: Moxa VPort ActiveX SDK Plus
-CVE-2015-0985
+CVE-2015-0985 (Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on  ...)
 	NOT-FOR-US: XZERES 442SR (wind turbine)
-CVE-2015-0984
+CVE-2015-0984 (Directory traversal vulnerability in the FTP server on Honeywell Excel ...)
 	NOT-FOR-US: Honeywell Excel Web
 CVE-2015-0983
 	REJECTED
-CVE-2015-0982
+CVE-2015-0982 (Buffer overflow in an unspecified DLL in Schneider Electric Pelco DS-N ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2015-0981
+CVE-2015-0981 (The SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.37 ...)
 	NOT-FOR-US: SCADA Engine BACnet
-CVE-2015-0980
+CVE-2015-0980 (Format string vulnerability in BACnOPCServer.exe in the SOAP web inter ...)
 	NOT-FOR-US: SCADA Engine BACnet
-CVE-2015-0979
+CVE-2015-0979 (Heap-based buffer overflow in the SOAP web interface in SCADA Engine B ...)
 	NOT-FOR-US: SCADA Engine BACnet
-CVE-2015-0978
+CVE-2015-0978 (Multiple untrusted search path vulnerabilities in (1) EQATEC.Analytics ...)
 	NOT-FOR-US: Elipse E3
-CVE-2015-0977
+CVE-2015-0977 (Network Vision IntraVue before 2.3.0a14 on Windows allows remote attac ...)
 	NOT-FOR-US: IntraVue
-CVE-2015-0976
+CVE-2015-0976 (Cross-site scripting (XSS) vulnerability in Inductive Automation Ignit ...)
 	NOT-FOR-US: Inductive Automation Ignition
 CVE-2015-0975
 	RESERVED
-CVE-2015-0974
+CVE-2015-0974 (Untrusted search path vulnerability in ZTE Datacard MF19 0V1.0.0B04 al ...)
 	NOT-FOR-US: ZTE Datacard MF19
-CVE-2015-0972
+CVE-2015-0972 (Pearson ProctorCache before 2015.1.17 uses the same hardcoded password ...)
 	NOT-FOR-US: Pearson ProctorCache
-CVE-2015-0971
+CVE-2015-0971 (The DER parser in Suricata before 2.0.8 allows remote attackers to cau ...)
 	{DSA-3254-1}
 	- suricata 2.0.8-1
 	[wheezy] - suricata <not-affected> (ASN.1 parser for X509 certificates in DER format introduced in 1.3)
 	[squeeze] - suricata <not-affected> (ASN.1 parser for X509 certificates in DER format introduced in 1.3)
 	NOTE: http://suricata-ids.org/2015/05/06/suricata-2-0-8-available/
 	NOTE: Patch: https://github.com/inliniac/suricata/commit/fa73a0bb8f312fd0a95cc70f6b3ee4e4997bdba7
-CVE-2015-0970
+CVE-2015-0970 (Cross-site request forgery (CSRF) vulnerability in SearchBlox before 8 ...)
 	NOT-FOR-US: SearchBlox
-CVE-2015-0969
+CVE-2015-0969 (SearchBlox before 8.2 allows remote attackers to obtain sensitive info ...)
 	NOT-FOR-US: SearchBlox
-CVE-2015-0968
+CVE-2015-0968 (Unrestricted file upload vulnerability in admin/uploadImage.html in Se ...)
 	NOT-FOR-US: SearchBlox
-CVE-2015-0967
+CVE-2015-0967 (Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox befo ...)
 	NOT-FOR-US: SearchBlox
 CVE-2015-0966
 	RESERVED
@@ -24123,9 +24123,9 @@ CVE-2015-0964
 	RESERVED
 CVE-2015-0963
 	RESERVED
-CVE-2015-0962
+CVE-2015-0962 (Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL Inspection ...)
 	NOT-FOR-US: Barracuda Web Filter
-CVE-2015-0961
+CVE-2015-0961 (Barracuda Web Filter before 8.1.0.005, when SSL Inspection is enabled, ...)
 	NOT-FOR-US: Barracuda Web Filter
 CVE-2015-0960
 	RESERVED
@@ -24145,9 +24145,9 @@ CVE-2015-0953
 	RESERVED
 CVE-2015-0952
 	RESERVED
-CVE-2015-0951
+CVE-2015-0951 (X-Cart before 5.1.11 allows remote authenticated users to read or dele ...)
 	NOT-FOR-US: X-Cart
-CVE-2015-0950
+CVE-2015-0950 (Cross-site scripting (XSS) vulnerability in admin.php in X-Cart 5.1.6  ...)
 	NOT-FOR-US: X-Cart
 CVE-2015-0949
 	RESERVED
@@ -24161,37 +24161,37 @@ CVE-2015-0945
 	RESERVED
 CVE-2015-0944
 	RESERVED
-CVE-2015-0943
+CVE-2015-0943 (Basware Banking (Maksuliikenne) before 9.10.0.0 does not encrypt commu ...)
 	NOT-FOR-US: Basware Banking
 CVE-2015-0942
 	REJECTED
-CVE-2015-0941
+CVE-2015-0941 (The Inetc plugin for Nullsoft Scriptable Install System (NSIS), as use ...)
 	NOT-FOR-US: Nullsoft Scriptable Install System plugin Inetc
 CVE-2015-0940
 	RESERVED
 CVE-2015-0939
 	RESERVED
-CVE-2015-0938
+CVE-2015-0938 (search.php on the Blue Coat Malware Analysis appliance with software b ...)
 	NOT-FOR-US: Blue Coat
-CVE-2015-0937
+CVE-2015-0937 (Cross-site scripting (XSS) vulnerability in search.php on the Blue Coa ...)
 	NOT-FOR-US: Blue Coat
-CVE-2015-0936
+CVE-2015-0936 (Ceragon FibeAir IP-10 have a default SSH public key in the authorized_ ...)
 	NOT-FOR-US: Ceragon FibeAir IP-10
-CVE-2015-0935
+CVE-2015-0935 (Bomgar Remote Support before 15.1.1 allows remote attackers to execute ...)
 	NOT-FOR-US: Bomgar Remote Support
-CVE-2015-0934
+CVE-2015-0934 (Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLa ...)
 	NOT-FOR-US: ShareLaTeX
-CVE-2015-0933
+CVE-2015-0933 (Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier, ...)
 	NOT-FOR-US: ShareLaTeX
-CVE-2015-0932
+CVE-2015-0932 (The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnG ...)
 	NOT-FOR-US: ANTlabs InnGate
-CVE-2015-0931
+CVE-2015-0931 (Ektron Content Management System (CMS) 8.5 and 8.7 before 8.7sp2 and 9 ...)
 	NOT-FOR-US: Ektron CMS
-CVE-2015-0930
+CVE-2015-0930 (The web interface on SerVision HVG Video Gateway devices with firmware ...)
 	NOT-FOR-US: SerVision HVG Video Gateway
-CVE-2015-0929
+CVE-2015-0929 (time.htm in the web interface on SerVision HVG Video Gateway devices w ...)
 	NOT-FOR-US: SerVision HVG Video Gateway
-CVE-2015-0928
+CVE-2015-0928 (libhtp 0.5.15 allows remote attackers to cause a denial of service (NU ...)
 	- suricata 2.0.7-1
 	[wheezy] - suricata <no-dsa> (Unusable in wheezy, planned for removal)
 	[squeeze] - suricata <no-dsa> (Minor issue)
@@ -24199,13 +24199,13 @@ CVE-2015-0928
 	NOTE: Commit: https://github.com/inliniac/suricata/commit/56196ace51395fcb2d8fc30d586e9ad782306d31
 CVE-2015-0927
 	RESERVED
-CVE-2015-0926
+CVE-2015-0926 (Labtech before 100.237 on Linux uses world-writable permissions for ro ...)
 	NOT-FOR-US: Labtech
-CVE-2015-0925
+CVE-2015-0925 (The client in iPass Open Mobile before 2.4.5 on Windows allows remote  ...)
 	NOT-FOR-US: iPass Open Mobile
-CVE-2015-0924
+CVE-2015-0924 (Ceragon FibeAir IP-10 bridges have a default password for the root acc ...)
 	NOT-FOR-US: Ceragon FiberAir IP-10 bridges
-CVE-2015-0923
+CVE-2015-0923 (The ContentBlockEx method in Workarea/ServerControlWS.asmx in Ektron C ...)
 	NOT-FOR-US: Ektron CMS
 CVE-2015-XXXX [smime_keys: insecure use of /tmp]
 	- mutt 1.5.24-1 (unimportant; bug #775199)
@@ -24217,41 +24217,41 @@ CVE-2015-XXXX [djvudigital: insecure use of /tmp]
 	NOTE: Originally was addressed in 3.5.27.1-1 but it was reintroduced
 	NOTE: with the 3.5.27.1-2 upload, cf. https://bugs.debian.org/775193#17
 	NOTE: Not exploitable with kernel hardening since wheezy
-CVE-2015-5701
+CVE-2015-5701 (mktexlsr revision 36855, and before revision 36626 as packaged in texl ...)
 	- texlive-bin <not-affected> (Vulnerable code not reintroduced, patch mktexlsr-use-mktemp still applied)
 	NOTE: https://www.tug.org/svn/texlive/trunk/Build/source/texk/kpathsea/mktexlsr?r1=36626&r2=36855
-CVE-2015-5700
+CVE-2015-5700 (mktexlsr revision 22855 through revision 36625 as packaged in texlive  ...)
 	- texlive-bin 2014.20140926.35254-5 (bug #775139)
 	[wheezy] - texlive-bin <no-dsa> (Minor issue)
 	[squeeze] - texlive-bin <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/23/22
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/28/5
 	NOTE: https://www.tug.org/svn/texlive/trunk/Build/source/texk/kpathsea/mktexlsr?r1=19613&r2=22885
-CVE-2015-1196
+CVE-2015-1196 (GNU patch 2.7.1 allows remote attackers to write to arbitrary files vi ...)
 	- patch 2.7.1-7 (bug #775227)
 	[wheezy] - patch <not-affected> (Support for git-style patches added in 2.7)
 	[squeeze] - patch <not-affected> (Support for git-style patches added in 2.7)
-CVE-2015-1194
+CVE-2015-1194 (pax 1:20140703 allows remote attackers to write to arbitrary files via ...)
 	- pax 1:20160306-1 (low; bug #774716)
 	[jessie] - pax <no-dsa> (Minor issue)
 	[squeeze] - pax <no-dsa> (Minor issue)
 	[wheezy] - pax <no-dsa> (Minor issue)
-CVE-2015-1193
+CVE-2015-1193 (Multiple directory traversal vulnerabilities in pax 1:20140703 allow r ...)
 	- pax 1:20160306-1 (low; bug #774716)
 	[jessie] - pax <no-dsa> (Minor issue)
 	[squeeze] - pax <no-dsa> (Minor issue)
 	[wheezy] - pax <no-dsa> (Minor issue)
-CVE-2015-1192
+CVE-2015-1192 (Absolute path traversal vulnerability in kgb 1.0b4 allows remote attac ...)
 	- kgb 1.0b4+ds-14 (bug #774989)
 	[jessie] - kgb <no-dsa> (meant to be used as a local archiver)
 	[wheezy] - kgb <no-dsa> (meant to be used as a local archiver)
 	[squeeze] - kgb <no-dsa> (meant to be used as a local archiver)
-CVE-2015-1191
+CVE-2015-1191 (Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remot ...)
 	- pigz 2.3.1-2 (bug #774978)
 	[squeeze] - pigz <no-dsa> (Minor issue)
 	[wheezy] - pigz <no-dsa> (Minor issue)
 	NOTE: https://github.com/madler/pigz/commit/fdad1406b3ec809f4954ff7cdf9e99eb18c2458f
-CVE-2015-0973
+CVE-2015-0973 (Buffer overflow in the png_read_IDAT_data function in pngrutil.c in li ...)
 	- libpng <not-affected> (Affects 1.5.x and 1.6.x series)
 	- libpng1.6 1.6.16-1 (bug #773823)
 	- iceweasel <not-affected> (squeeze used the system libpng, and later versions define their own limits)
@@ -24261,102 +24261,102 @@ CVE-2015-0973
 	[wheezy] - texlive-bin <not-affected> (uses system libpng)
 	NOTE: http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt
 	NOTE: http://mid.gmane.org/Pine.LNX.4.64.1501101510150.31425@beijing.mitre.org
-CVE-2015-0922
+CVE-2015-0922 (McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 us ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2015-0921
+CVE-2015-0921 (XML external entity (XXE) vulnerability in the Server Task Log in McAf ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
-CVE-2015-2063
+CVE-2015-2063 (Integer overflow in unace 1.2b allows remote attackers to cause a deni ...)
 	{DSA-3178-1 DLA-164-1}
 	- unace 1.2b-12 (bug #775003)
 	NOTE: http://git.hadrons.org/?p=debian/pkgs/unace.git;a=commitdiff;h=319446f
-CVE-2015-0920
+CVE-2015-0920 (Cross-site request forgery (CSRF) vulnerability in the Banner Effect H ...)
 	NOT-FOR-US: Banner Effect Header plugin for WordPress
-CVE-2015-0919
+CVE-2015-0919 (Multiple SQL injection vulnerabilities in the administrative backend i ...)
 	NOT-FOR-US: Sefrengo
-CVE-2015-0918
+CVE-2015-0918 (Cross-site scripting (XSS) vulnerability in the administrative backend ...)
 	NOT-FOR-US: Sefrengo
-CVE-2015-0917
+CVE-2015-0917 (Cross-site scripting (XSS) vulnerability in the backend in Kajona befo ...)
 	NOT-FOR-US: Kajona
-CVE-2015-0916
+CVE-2015-0916 (SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows ...)
 	- cacti 0.8.6f-1
-CVE-2015-0915
+CVE-2015-0915 (Cross-site scripting (XSS) vulnerability in RAKUS MailDealer 11.2.1 an ...)
 	NOT-FOR-US: RAKUS MailDealer
-CVE-2015-0914
+CVE-2015-0914 (EasyCTF before 1.4 does not validate the session ID, which allows remo ...)
 	NOT-FOR-US: EasyCTF
-CVE-2015-0913
+CVE-2015-0913 (Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows  ...)
 	NOT-FOR-US: EasyCTF
-CVE-2015-0912
+CVE-2015-0912 (EasyCTF before 1.4 allows remote authenticated users to write executab ...)
 	NOT-FOR-US: EasyCTF
-CVE-2015-0911
+CVE-2015-0911 (Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11  ...)
 	NOT-FOR-US: TAGAWA Takao TransmitMail
-CVE-2015-0910
+CVE-2015-0910 (Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail  ...)
 	NOT-FOR-US: TAGAWA Takao TransmitMail
 CVE-2015-0909
 	RESERVED
 CVE-2015-0908
 	RESERVED
-CVE-2015-0907
+CVE-2015-0907 (Buffer overflow in Lhaplus before 1.70 allows remote attackers to exec ...)
 	NOT-FOR-US: Lhaplus
-CVE-2015-0906
+CVE-2015-0906 (Directory traversal vulnerability in Lhaplus before 1.70 allows remote ...)
 	NOT-FOR-US: Lhaplus
-CVE-2015-0905
+CVE-2015-0905 (Cross-site request forgery (CSRF) vulnerability in bBlog allows remote ...)
 	NOT-FOR-US: bBlog
-CVE-2015-0904
+CVE-2015-0904 (The Restaurant Karaoke SHIDAX app 1.3.3 and earlier on Android does no ...)
 	NOT-FOR-US: Restaurant Karaoke SHIDAX app
-CVE-2015-0903
+CVE-2015-0903 (Buffer overflow in Saitoh Kikaku Maruo Editor 8.51 and earlier allows  ...)
 	NOT-FOR-US: Saitoh Kikaku Maruo Editor
-CVE-2015-0902
+CVE-2015-0902 (The Semper Fi All in One SEO Pack plugin before 2.2.6 for WordPress do ...)
 	NOT-FOR-US: WordPress plugin all-in-one-seo-pack
-CVE-2015-0901
+CVE-2015-0901 (Cross-site scripting (XSS) vulnerability in the duwasai flashy theme 1 ...)
 	NOT-FOR-US: WordPress duwasai flashy theme
-CVE-2015-0900
+CVE-2015-0900 (Cross-site scripting (XSS) vulnerability in schedule.cgi in Nishishi F ...)
 	NOT-FOR-US: Nishishi Factory
-CVE-2015-0899
+CVE-2015-0899 (The MultiPageValidator implementation in Apache Struts 1 1.1 through 1 ...)
 	{DSA-3536-1 DLA-292-1}
 	- libstruts1.2-java <removed>
 	NOTE: Patch in SuSE Bugzilla: https://bugzilla.novell.com/attachment.cgi?id=629559
 	NOTE: Patch appplies cleanly to the Wheezy and Squeeze versions
-CVE-2015-0898
+CVE-2015-0898 (futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows al ...)
 	NOT-FOR-US: futomi CGI Cafe MP Form Mail CGI eCommerce
 CVE-2015-0897
 	RESERVED
-CVE-2015-0896
+CVE-2015-0896 (Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer befor ...)
 	{DLA-453-1 DLA-296-1}
 	- extplorer <removed> (bug #783231)
 	NOTE: Upstream fixes: http://extplorer.net/projects/extplorer/repository/revisions/240
-CVE-2015-0895
+CVE-2015-0895 (Cross-site request forgery (CSRF) vulnerability in the All In One WP S ...)
 	NOT-FOR-US: All In One WP Security & Firewall plugin for WordPress
-CVE-2015-0894
+CVE-2015-0894 (SQL injection vulnerability in the All In One WP Security &amp; Firewa ...)
 	NOT-FOR-US: All In One WP Security & Firewall plugin for WordPress
-CVE-2015-0893
+CVE-2015-0893 (Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka Rela ...)
 	NOT-FOR-US: Maroyaka
-CVE-2015-0892
+CVE-2015-0892 (Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka Imag ...)
 	NOT-FOR-US: Maroyaka
-CVE-2015-0891
+CVE-2015-0891 (Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka Simp ...)
 	NOT-FOR-US: Maroyaka
-CVE-2015-0890
+CVE-2015-0890 (The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for  ...)
 	NOT-FOR-US: BestWebSoft plugin for WordPress
-CVE-2015-0889
+CVE-2015-0889 (KENT-WEB Joyful Note before 5.3 allows remote attackers to delete file ...)
 	NOT-FOR-US: KENT-WEB Joyful Note
-CVE-2015-0888
+CVE-2015-0888 (KENT-WEB Clip Board before 4.1 allows remote attackers to delete arbit ...)
 	NOT-FOR-US: KENT-WEB Clip Board
-CVE-2015-0887
+CVE-2015-0887 (npppd in the PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 Fuji rou ...)
 	NOT-FOR-US: SEIL routers
-CVE-2015-0886
+CVE-2015-0886 (Integer overflow in the crypt_raw method in the key-stretching impleme ...)
 	- libjbcrypt-java 0.4-1 (bug #780102)
 	[jessie] - libjbcrypt-java <no-dsa> (Minor issue)
 	[wheezy] - libjbcrypt-java <no-dsa> (Minor issue)
 	[squeeze] - libjbcrypt-java <no-dsa> (Minor issue)
-CVE-2015-0885
+CVE-2015-0885 (checkpw 1.02 and earlier allows remote attackers to cause a denial of  ...)
 	{DSA-3192-1 DLA-191-1}
 	- checkpw 1.02-1.1 (bug #780139)
-CVE-2015-0884
+CVE-2015-0884 (Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack  ...)
 	NOT-FOR-US: Toshiba Bluetooth Stack
-CVE-2015-0883
+CVE-2015-0883 (SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth mod ...)
 	NOT-FOR-US: Mailform Pro
-CVE-2015-0882
+CVE-2015-0882 (Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka ...)
 	NOT-FOR-US: Zen Cart
-CVE-2015-0881
+CVE-2015-0881 (CRLF injection vulnerability in Squid before 3.1.1 allows remote attac ...)
 	- squid 4.1-1 (low)
 	[squeeze] - squid <no-dsa> (Minor issue)
 	[wheezy] - squid <no-dsa> (Minor issue)
@@ -24364,66 +24364,66 @@ CVE-2015-0881
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/01/2
 	NOTE: Patch: http://www.squid-cache.org/Versions/v3/3.1/changesets/b9619.patch
 	NOTE: https://jvn.jp/en/jp/JVN64455813/index.html
-CVE-2015-0880
+CVE-2015-0880 (Buffer overflow in CREAR AL-Mail32 before 1.13d allows remote attacker ...)
 	NOT-FOR-US: CREAR AL-Mail32
-CVE-2015-0879
+CVE-2015-0879 (CREAR AL-Mail32 before 1.13d allows remote attackers to cause a denial ...)
 	NOT-FOR-US: CREAR AL-Mail32
-CVE-2015-0878
+CVE-2015-0878 (Directory traversal vulnerability in CREAR AL-Mail32 before 1.13d allo ...)
 	NOT-FOR-US: CREAR AL-Mail32
-CVE-2015-0877
+CVE-2015-0877 (Unrestricted file upload vulnerability in app/lib/mlf.pl in C-BOARD Mo ...)
 	NOT-FOR-US: C-BOARD Moyuku
-CVE-2015-0876
+CVE-2015-0876 (Multiple cross-site scripting (XSS) vulnerabilities in the print_langu ...)
 	NOT-FOR-US: Saurus CMS
-CVE-2015-0875
+CVE-2015-0875 (The Ogaki Kyoritsu Bank Smartphone Passbook application 1.0.0 for Andr ...)
 	NOT-FOR-US: Ogaki Kyoritsu Bank Smartphone Passbook application for Android
-CVE-2015-0874
+CVE-2015-0874 (Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL  ...)
 	NOT-FOR-US: Smartphone Passbook
-CVE-2015-0873
+CVE-2015-0873 (Cross-site scripting (XSS) vulnerability in Homepage Decorator PerlTre ...)
 	NOT-FOR-US: PerlTreeBBS
 CVE-2015-0872
 	REJECTED
-CVE-2015-0871
+CVE-2015-0871 (Cross-site scripting (XSS) vulnerability in Mrs. Shiromuku Perl CGI sh ...)
 	NOT-FOR-US: Mrs. Shiromuku Perl CGI shiromuku(u1)GUESTBOOK
-CVE-2015-0870
+CVE-2015-0870 (Cross-site scripting (XSS) vulnerability in hb.cgi in Nishishi Factory ...)
 	NOT-FOR-US: Nishishi Factory
-CVE-2015-0869
+CVE-2015-0869 (I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a deni ...)
 	NOT-FOR-US: I-O DATA DEVICE NP-BBRM routers
-CVE-2015-0868
+CVE-2015-0868 (Unrestricted file upload vulnerability in Mrs. Shiromuku Perl CGI shir ...)
 	NOT-FOR-US: Mrs. Shiromuku Perl CGI shiromuku(bu2)BBS
-CVE-2015-0867
+CVE-2015-0867 (Directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI 3 ...)
 	NOT-FOR-US: SYNCK GRAPHICA Download Log CGI
-CVE-2015-0866
+CVE-2015-0866 (Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngi ...)
 	NOT-FOR-US: ZOHO ManageEngine SupportCenter Plus
 CVE-2015-0865
 	RESERVED
-CVE-2015-0864
+CVE-2015-0864 (Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x befor ...)
 	NOT-FOR-US: Samsung
-CVE-2015-0863
+CVE-2015-0863 (GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app ...)
 	NOT-FOR-US: Samsung GALAXY Apps
-CVE-2015-0862
+CVE-2015-0862 (Multiple cross-site scripting (XSS) vulnerabilities in the management  ...)
 	- rabbitmq-server 3.4.3-1
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	[wheezy] - rabbitmq-server <no-dsa> (Minor issue)
 	[squeeze] - rabbitmq-server <not-affected> (Management web UI not available in version 1.8.1)
-CVE-2015-0861
+CVE-2015-0861 (model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4 ...)
 	{DSA-3425-1}
 	- tryton-server 3.8.1-1
 	[wheezy] - tryton-server <not-affected> (Version < 3.2)
 	[squeeze] - tryton-server <not-affected> (Version < 3.2)
 	NOTE: Mathias Behrle told us that affected versions are >= 3.2 and < 3.8.1
-CVE-2015-0860
+CVE-2015-0860 (Off-by-one error in the extracthalf function in dpkg-deb/extract.c in  ...)
 	{DSA-3407-1}
 	- dpkg 1.18.4
 	[squeeze] - dpkg <not-affected> (Vulnerable code not present)
-CVE-2015-0859
+CVE-2015-0859 (The Debian build procedure for the smokeping package in wheezy before  ...)
 	{DSA-3405-1}
 	- smokeping 2.6.11-2
 	[squeeze] - smokeping <not-affected> (Vulnerable code not present)
-CVE-2015-0858
+CVE-2015-0858 (Cool Projects TarDiff allows local users to write to arbitrary files v ...)
 	{DSA-3562-1 DLA-564-1}
 	- tardiff 0.1-3
 	NOTE: https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=9bd6a07bc204472ac27242cea16f89943b43003a
-CVE-2015-0857
+CVE-2015-0857 (Cool Projects TarDiff allows remote attackers to execute arbitrary com ...)
 	{DSA-3562-1 DLA-564-1}
 	- tardiff 0.1-5
 	NOTE: https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=9bd6a07bc204472ac27242cea16f89943b43003a
@@ -24431,32 +24431,32 @@ CVE-2015-0857
 	NOTE: First part was addressed in 0.1-3 but does not contain the fix for the tar
 	NOTE: file name itself.
 	NOTE: https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=a18e8df51511df276e61dbccdbe1714fc53af965
-CVE-2015-0856
+CVE-2015-0856 (daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the ...)
 	- sddm 0.12.0-5 (bug #803336; low)
 	NOTE: https://github.com/sddm/sddm/commit/4cfed6b0a625593
-CVE-2015-0855
+CVE-2015-0855 (The _mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.9 ...)
 	- pitivi 0.95-1
 	[jessie] - pitivi <no-dsa> (Minor issue)
 	[squeeze] - pitivi <not-affected> (Vulnerable code not present (no os.system()))
 	[wheezy] - pitivi <not-affected> (Vulnerable code not present (no os.system()))
 	NOTE: https://git.gnome.org/browse/pitivi/commit/?id=45a4c84edb3b4343f199bba1c65502e3f49f5bb2 (RELEASE-0_95_0)
-CVE-2015-0854
+CVE-2015-0854 (App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted  ...)
 	{DLA-769-1}
 	- shutter 0.93.1-1 (low; bug #798862)
 	[jessie] - shutter 0.92-0.1+deb8u1
 	[squeeze] - shutter <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/shutter/+bug/1495163
-CVE-2015-0853
+CVE-2015-0853 (svn-workbench 1.6.2 and earlier on a system with xeyes installed allow ...)
 	- svn-workbench 1.7.0-1 (low; bug #798863)
 	[jessie] - svn-workbench <no-dsa> (Minor issue)
 	[wheezy] - svn-workbench <no-dsa> (Minor issue)
 	[squeeze] - svn-workbench <no-dsa> (Minor issue)
-CVE-2015-0852
+CVE-2015-0852 (Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and e ...)
 	{DSA-3392-1 DLA-327-1}
 	- freeimage 3.15.4-5 (bug #797165)
 	NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginPCX.cpp?r1=1.17&r2=1.18&pathrev=MAIN
 	NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginPCX.cpp?r1=1.18&r2=1.19&pathrev=MAIN
-CVE-2015-0851
+CVE-2015-0851 (XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Servic ...)
 	{DSA-3321-1 DLA-290-1}
 	- xmltooling 1.5.6-1 (bug #793855)
 	NOTE: http://shibboleth.net/community/advisories/secadv_20150721.txt
@@ -24464,7 +24464,7 @@ CVE-2015-0851
 	NOTE: Initial advisory was listing the wrong CVE, updated later
 	NOTE: opensaml2 will need binNMUs/sourcefull upload (cf. #794851)
 	NOTE: [squeeze] partially affected (util/XMLHelper.cpp XMLHelper::getAttrInt method not present) (1.3.3.x)
-CVE-2015-0850
+CVE-2015-0850 (The Git plugin for FusionForge before 6.0rc4 allows remote attackers t ...)
 	{DSA-3275-1}
 	- fusionforge 6.0~rc4-1
 	[squeeze] - fusionforge <not-affected> (Affects 5.3 and later)
@@ -24474,23 +24474,23 @@ CVE-2015-0849 [predictable temporary file vulnerability]
 	RESERVED
 	- pycode-browser 1:1.0-1 (unimportant; bug #790365)
 	NOTE: Not exploitable with kernel hardening since wheezy
-CVE-2015-0848
+CVE-2015-0848 (Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers t ...)
 	{DSA-3302-1 DLA-253-1}
 	- libwmf 0.2.8.4-10.4 (bug #787644)
-CVE-2015-0847
+CVE-2015-0847 (nbd-server.c in Network Block Device (nbd-server) before 3.11 does not ...)
 	{DSA-3271-1 DLA-223-1}
 	- nbd 1:3.10-1 (bug #784657)
 	NOTE: http://sourceforge.net/p/nbd/mailman/message/34091218/
-CVE-2015-0846
+CVE-2015-0846 (django-markupfield before 1.3.2 uses the default docutils RESTRUCTURED ...)
 	{DSA-3230-1 DLA-206-1}
 	- django-markupfield 1.3.2-1
 	NOTE: https://github.com/jamesturk/django-markupfield/commit/b45734ea1d206abc1ed2a90bdc779708066d49f3
-CVE-2015-0845
+CVE-2015-0845 (Format string vulnerability in Movable Type Pro, Open Source, and Adva ...)
 	{DSA-3227-1}
 	- movabletype-opensource <removed>
 	[squeeze] - movabletype-opensource <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://movabletype.org/news/2015/04/movable_type_608_and_5213_released_to_close_security_vulnera.html
-CVE-2015-0844
+CVE-2015-0844 (The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x  ...)
 	{DSA-3218-1 DLA-202-1}
 	- wesnoth-1.12 1:1.12.2-1
 	- wesnoth-1.10 1:1.10.7-2
@@ -24511,18 +24511,18 @@ CVE-2015-0841 [off-by-one buffer overflow in Listener::checkActivity in libcapsi
 	[experimental] - monopd 0.9.8-1
 	- monopd <unfixed> (bug #781043; unimportant)
 	NOTE: Not exploitable with dlmalloc
-CVE-2015-0840
+CVE-2015-0840 (The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x befor ...)
 	{DSA-3217-1 DLA-220-1}
 	- dpkg 1.17.25
 	NOTE: Ubuntu fix for 1.15.x (version in squeeze): http://launchpadlibrarian.net/202647129/dpkg_1.15.5.6ubuntu4.9_1.15.5.6ubuntu4.10.diff.gz
-CVE-2015-0839
+CVE-2015-0839 (The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes i ...)
 	{DLA-775-1}
 	- hplip 3.15.11+repack0-1 (bug #787353; bug #796015)
 	[jessie] - hplip 3.14.6-1+deb8u1
 	[squeeze] - hplip <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/oss-sec/2015/q2/581
 	NOTE: https://bugs.launchpad.net/bugs/1432516
-CVE-2015-0838
+CVE-2015-0838 (Buffer overflow in the C implementation of the apply_delta function in ...)
 	{DSA-3206-1 DLA-231-1}
 	- dulwich 0.10.1-1 (bug #780958)
 	[jessie] - dulwich 0.9.7-3
@@ -24533,164 +24533,164 @@ CVE-2015-0837 [data-dependent timing variations in modular exponentiation]
 	- libgcrypt20 1.6.3-2
 	- gnupg 1.4.18-7
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=6cbc75e71295f23431c4ab95edc7573f2fc28476
-CVE-2015-0836
+CVE-2015-0836 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3179-1 DSA-3174-1}
 	- iceweasel 31.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-11/
-CVE-2015-0835
+CVE-2015-0835 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-11/
-CVE-2015-0834
+CVE-2015-0834 (The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns:  ...)
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-15/
-CVE-2015-0833
+CVE-2015-0833 (Multiple untrusted search path vulnerabilities in updater.exe in Mozil ...)
 	- iceweasel <not-affected> (Specific to Firefox on Windows)
 	- icedove <not-affected> (Specific to Thunderbird on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-12/
-CVE-2015-0832
+CVE-2015-0832 (Mozilla Firefox before 36.0 does not properly recognize the equivalenc ...)
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-13/
-CVE-2015-0831
+CVE-2015-0831 (Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObject ...)
 	{DSA-3179-1 DSA-3174-1}
 	- iceweasel 31.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-16/
-CVE-2015-0830
+CVE-2015-0830 (The WebGL implementation in Mozilla Firefox before 36.0 does not prope ...)
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-14/
-CVE-2015-0829
+CVE-2015-0829 (Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allow ...)
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-17/
-CVE-2015-0828
+CVE-2015-0828 (Double free vulnerability in the nsXMLHttpRequest::GetResponse functio ...)
 	- iceweasel <not-affected> (Doesn't affect the memory allocator used in the Debian builds)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-18/
-CVE-2015-0827
+CVE-2015-0827 (Heap-based buffer overflow in the mozilla::gfx::CopyRect function in M ...)
 	{DSA-3179-1 DSA-3174-1}
 	- iceweasel 31.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-19/
-CVE-2015-0826
+CVE-2015-0826 (The nsTransformedTextRun::SetCapitalization function in Mozilla Firefo ...)
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-20/
-CVE-2015-0825
+CVE-2015-0825 (Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuff ...)
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-21/
-CVE-2015-0824
+CVE-2015-0824 (The mozilla::layers::BufferTextureClient::AllocateForSurface function  ...)
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-22/
-CVE-2015-0823
+CVE-2015-0823 (Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used ...)
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-23/
-CVE-2015-0822
+CVE-2015-0822 (The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefo ...)
 	{DSA-3179-1 DSA-3174-1}
 	- iceweasel 31.5.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.5.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-24/
-CVE-2015-0821
+CVE-2015-0821 (Mozilla Firefox before 36.0 allows user-assisted remote attackers to r ...)
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-25/
-CVE-2015-0820
+CVE-2015-0820 (Mozilla Firefox before 36.0 does not properly restrict transitions of  ...)
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-27/
-CVE-2015-0819
+CVE-2015-0819 (The UITour::onPageEvent function in Mozilla Firefox before 36.0 does n ...)
 	- iceweasel <not-affected> (Does not affect ESR version)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-26/
-CVE-2015-0818
+CVE-2015-0818 (Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and Sea ...)
 	{DSA-3201-1}
 	- iceweasel 31.5.3esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/
-CVE-2015-0817
+CVE-2015-0817 (The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ES ...)
 	{DSA-3201-1}
 	- iceweasel 31.5.3esr-1
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/
-CVE-2015-0816
+CVE-2015-0816 (Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunder ...)
 	{DSA-3212-1 DSA-3211-1}
 	- iceweasel 31.6.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-33/
-CVE-2015-0815
+CVE-2015-0815 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3212-1 DSA-3211-1}
 	- iceweasel 31.6.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-30/
-CVE-2015-0814
+CVE-2015-0814 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (only affects Firefox 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-30/
-CVE-2015-0813
+CVE-2015-0813 (Use-after-free vulnerability in the AppendElements function in Mozilla ...)
 	{DSA-3212-1 DSA-3211-1}
 	- iceweasel 31.6.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-31/
-CVE-2015-0812
+CVE-2015-0812 (Mozilla Firefox before 37.0 does not require an HTTPS session for ligh ...)
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-32/
-CVE-2015-0811
+CVE-2015-0811 (The QCMS implementation in Mozilla Firefox before 37.0 allows remote a ...)
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-34/
-CVE-2015-0810
+CVE-2015-0810 (Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is ...)
 	- iceweasel <not-affected> (Only affects 37.x; only affects OS X systems)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-35/
 CVE-2015-0809
 	RESERVED
-CVE-2015-0808
+CVE-2015-0808 (The webrtc::VPMContentAnalysis::Release function in the WebRTC impleme ...)
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-36/
-CVE-2015-0807
+CVE-2015-0807 (The navigator.sendBeacon implementation in Mozilla Firefox before 37.0 ...)
 	{DSA-3212-1 DSA-3211-1}
 	- iceweasel 31.6.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-37/
-CVE-2015-0806
+CVE-2015-0806 (The Off Main Thread Compositing (OMTC) implementation in Mozilla Firef ...)
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-38/
-CVE-2015-0805
+CVE-2015-0805 (The Off Main Thread Compositing (OMTC) implementation in Mozilla Firef ...)
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-38/
-CVE-2015-0804
+CVE-2015-0804 (The HTMLSourceElement::BindToTree function in Mozilla Firefox before 3 ...)
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-39/
-CVE-2015-0803
+CVE-2015-0803 (The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before ...)
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-39/
-CVE-2015-0802
+CVE-2015-0802 (Mozilla Firefox before 37.0 relies on docshell type information instea ...)
 	- iceweasel <not-affected> (Only affects 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-42/
-CVE-2015-0801
+CVE-2015-0801 (Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunder ...)
 	{DSA-3212-1 DSA-3211-1}
 	- iceweasel 31.6.0esr-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 31.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-40/
-CVE-2015-0800
+CVE-2015-0800 (The PRNG implementation in the DNS resolver in Mozilla Firefox (aka Fe ...)
 	- iceweasel <not-affected> (Only affects 37.x; only on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-41/
-CVE-2015-0799
+CVE-2015-0799 (The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 ...)
 	- iceweasel <not-affected> (Only affects Firefox 37.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-44/
-CVE-2015-0798
+CVE-2015-0798 (The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, a ...)
 	- iceweasel <not-affected> (Only affects Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-43/
-CVE-2015-0797
+CVE-2015-0797 (GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefo ...)
 	{DSA-3264-1 DSA-3260-1 DSA-3225-1}
 	- gst-plugins-bad0.10 <removed> (bug #784220)
 	[jessie] - gst-plugins-bad0.10 <no-dsa> (Minor impact compared to wheezy, no browser attack vector)
@@ -24700,11 +24700,11 @@ CVE-2015-0797
 	- icedove 31.7.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-47/
-CVE-2015-0796
+CVE-2015-0796 (In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before ...)
 	- open-build-service <not-affected> (Fixed before initial upload)
-CVE-2015-0795
+CVE-2015-0795 (Multiple stack-based buffer overflows in the SafeShellExecute method i ...)
 	NOT-FOR-US: NetIQ
-CVE-2015-0794
+CVE-2015-0794 (modules.d/90crypt/module-setup.sh in the dracut package before 037-17. ...)
 	- dracut <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.opensuse.org/opensuse-updates/2015-11/msg00098.html
 	NOTE: http://lists.opensuse.org/opensuse-bugs/2015-06/msg02585.html
@@ -24723,450 +24723,450 @@ CVE-2015-0789
 	REJECTED
 CVE-2015-0788
 	REJECTED
-CVE-2015-0787
+CVE-2015-0787 (XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote  ...)
 	NOT-FOR-US: NetIQ Designer for Identity Manager
-CVE-2015-0786
+CVE-2015-0786 (Stack-based buffer overflow in the logging functionality in the Preboo ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0785
+CVE-2015-0785 (com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZE ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0784
+CVE-2015-0784 (Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows  ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0783
+CVE-2015-0783 (The FileViewer class in Novell ZENworks Configuration Management (ZCM) ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0782
+CVE-2015-0782 (SQL injection vulnerability in the ScheduleQuery method of the schedul ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0781
+CVE-2015-0781 (Directory traversal vulnerability in the doPost method of the Rtrlet c ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0780
+CVE-2015-0780 (SQL injection vulnerability in the GetReRequestData method of the GetS ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0779
+CVE-2015-0779 (Directory traversal vulnerability in UploadServlet in Novell ZENworks  ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2015-0778
+CVE-2015-0778 (osc before 0.151.0 allows remote attackers to execute arbitrary comman ...)
 	- osc 0.149.0-2 (low; bug #780410)
 	[wheezy] - osc 0.134.1-2+deb7u1
 	[squeeze] - osc <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=901643
-CVE-2015-0777
+CVE-2015-0777 (drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3 ...)
 	- linux <not-affected> (Addon Xen usbback patch not present)
 	- linux-2.6 <not-affected> (Addon Xen usbback patch not present)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=917830
-CVE-2015-0776
+CVE-2015-0776 (telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devic ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0775
+CVE-2015-0775 (The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Ne ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-0774
+CVE-2015-0774 (Cross-site scripting (XSS) vulnerability in Cisco Application and Cont ...)
 	NOT-FOR-US: Cisco Application and Content Networking System
-CVE-2015-0773
+CVE-2015-0773 (Cisco FireSIGHT System Software 5.3.1.3 and 6.0.0 allows remote authen ...)
 	NOT-FOR-US: Cisco FireSIGHT System Software
-CVE-2015-0772
+CVE-2015-0772 (Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows rem ...)
 	NOT-FOR-US: Cisco TelePresence Video Communication Server
-CVE-2015-0771
+CVE-2015-0771 (The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 1 ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0770
+CVE-2015-0770 (CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 ...)
 	NOT-FOR-US: Cisco TelePresence TC Software
-CVE-2015-0769
+CVE-2015-0769 (Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allo ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0768
+CVE-2015-0768 (The Device Work Center (DWC) component in Cisco Prime Network Control  ...)
 	NOT-FOR-US: Cisco Prime Network Control System
-CVE-2015-0767
+CVE-2015-0767 (Cisco Edge 300 software 1.0 and 1.1 on Edge 340 devices allows local u ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0766
+CVE-2015-0766 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0765
+CVE-2015-0765 (Cisco ONS 15454 System Software 10.30 and 10.301 allows remote attacke ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0764
+CVE-2015-0764 (Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read ar ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2015-0763
+CVE-2015-0763 (Cisco Unified MeetingPlace 8.6(1.2) does not properly validate session ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2015-0762
+CVE-2015-0762 (Cross-site scripting (XSS) vulnerability in the management interface i ...)
 	NOT-FOR-US: Cisco Unified MeetingPlace
-CVE-2015-0761
+CVE-2015-0761 (Cisco AnyConnect Secure Mobility Client before 3.1(8009) and 4.x befor ...)
 	NOT-FOR-US: Cisco AnyConnect Secure Mobility Client
-CVE-2015-0760
+CVE-2015-0760 (The IKEv1 implementation in Cisco ASA Software 7.x, 8.0.x, 8.1.x, and  ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2015-0759
+CVE-2015-0759 (Cross-site request forgery (CSRF) vulnerability in Cisco Headend Digit ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0758
+CVE-2015-0758 (The web-based user interface in Cisco Unified MeetingPlace 8.6(1.9) al ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0757
+CVE-2015-0757 (The web framework in Cisco Identity Services Engine (ISE) 1.2(1.901) a ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0756
+CVE-2015-0756 (Cisco Wireless LAN Controller (WLC) devices with software 7.4(1.1) all ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0755
+CVE-2015-0755 (The Posture module for Cisco Identity Services Engine (ISE), as distri ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0754
+CVE-2015-0754 (Cisco Finesse 10.5(1) allows remote authenticated users to obtain sens ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0753
+CVE-2015-0753 (SQL injection vulnerability in Cisco Unified Email Interaction Manager ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0752
+CVE-2015-0752 (Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video C ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0751
+CVE-2015-0751 (Cisco IP Phone 7861, when firmware from Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0750
+CVE-2015-0750 (The administrative web interface in Cisco Hosted Collaboration Solutio ...)
 	NOT-FOR-US: Cisco
 CVE-2015-0749
 	RESERVED
 CVE-2015-0748
 	RESERVED
-CVE-2015-0747
+CVE-2015-0747 (Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release al ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0746
+CVE-2015-0746 (The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows r ...)
 	NOT-FOR-US: Cisco Access Control Server
-CVE-2015-0745
+CVE-2015-0745 (Cisco Headend System Release allows remote attackers to read temporary ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0744
+CVE-2015-0744 (Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Rele ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0743
+CVE-2015-0743 (Cisco Headend System Release allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0742
+CVE-2015-0742 (The Protocol Independent Multicast (PIM) application in Cisco Adaptive ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0741
+CVE-2015-0741 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Pr ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0740
+CVE-2015-0740 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intel ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0739
+CVE-2015-0739 (The Lights-Out Management (LOM) implementation in Cisco FireSIGHT Syst ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0738
+CVE-2015-0738 (Cross-site scripting (XSS) vulnerability in the Web Tracking Report pa ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0737
+CVE-2015-0737 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT ...)
 	NOT-FOR-US: Cisco FireSIGHT System Software
-CVE-2015-0736
+CVE-2015-0736 (Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0735
+CVE-2015-0735 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified Custo ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0734
+CVE-2015-0734 (Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0733
+CVE-2015-0733 (CRLF injection vulnerability in the HTTP Header Handler in Digital Bro ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0732
+CVE-2015-0732 (Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web S ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0731
+CVE-2015-0731 (The ISDN implementation in Cisco IOS 15.3S allows remote attackers to  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0730
+CVE-2015-0730 (The SMB module in Cisco Wide Area Application Services (WAAS) 6.0(1) a ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0729
+CVE-2015-0729 (Cross-site scripting (XSS) vulnerability in Cisco Secure Access Contro ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0728
+CVE-2015-0728 (Cross-site scripting (XSS) vulnerability in Cisco Access Control Serve ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0727
+CVE-2015-0727 (Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco S ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0726
+CVE-2015-0726 (The web administration interface on Cisco Wireless LAN Controller (WLC ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0725
+CVE-2015-0725 (Cisco Videoscape Distribution Suite Service Broker (aka VDS-SB), when  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0724
+CVE-2015-0724 (Multiple cross-site scripting (XSS) vulnerabilities in dncs 7.0.0.12 i ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0723
+CVE-2015-0723 (The wireless web-authentication subsystem on Cisco Wireless LAN Contro ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0722
+CVE-2015-0722 (The network drivers in Cisco TelePresence T, Cisco TelePresence TE, an ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0721
+CVE-2015-0721 (Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 20 ...)
 	NOT-FOR-US: Cisco
 CVE-2015-0720
 	RESERVED
 CVE-2015-0719
 	RESERVED
-CVE-2015-0718
+CVE-2015-0718 (Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-0717
+CVE-2015-0717 (Cisco Unified Communications Manager 10.0(1.10000.12) allows local use ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0716
+CVE-2015-0716 (Cross-site request forgery (CSRF) vulnerability in the CUCReports page ...)
 	NOT-FOR-US: Cisco Unity Connection
-CVE-2015-0715
+CVE-2015-0715 (SQL injection vulnerability in the administrative web interface in Cis ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2015-0714
+CVE-2015-0714 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse S ...)
 	NOT-FOR-US: Cisco Finesse
-CVE-2015-0713
+CVE-2015-0713 (The web framework in Cisco TelePresence Advanced Media Gateway Series  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0712
+CVE-2015-0712 (The session-manager service in Cisco StarOS 12.0, 12.2(300), 14.0, and ...)
 	NOT-FOR-US: Cisco StarOS
-CVE-2015-0711
+CVE-2015-0711 (The hamgr service in the IPv6 Proxy Mobile (PM) implementation in Cisc ...)
 	NOT-FOR-US: Cisco StarOS
-CVE-2015-0710
+CVE-2015-0710 (The Overlay Transport Virtualization (OTV) implementation in Cisco IOS ...)
 	NOT-FOR-US: Cisco IOS XE
-CVE-2015-0709
+CVE-2015-0709 (Cisco IOS 15.5S and IOS XE allow remote authenticated users to cause a ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0708
+CVE-2015-0708 (Cisco IOS 15.4S, 15.4SN, and 15.5S and IOS XE 3.13S and 3.14S allow re ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0707
+CVE-2015-0707 (Cross-site scripting (XSS) vulnerability in Cisco FireSIGHT System Sof ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0706
+CVE-2015-0706 (Open redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0705
+CVE-2015-0705 (Cross-site request forgery (CSRF) vulnerability in the SOAP API endpoi ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0704
+CVE-2015-0704 (Multiple cross-site request forgery (CSRF) vulnerabilities in API feat ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0703
+CVE-2015-0703 (Cross-site scripting (XSS) vulnerability in the administrative web int ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0702
+CVE-2015-0702 (Unrestricted file upload vulnerability in the Custom Prompts upload im ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0701
+CVE-2015-0701 (Cisco UCS Central Software before 1.3(1a) allows remote attackers to e ...)
 	NOT-FOR-US: Cisco UCS
-CVE-2015-0700
+CVE-2015-0700 (Cross-site request forgery (CSRF) vulnerability in the Dashboard page  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0699
+CVE-2015-0699 (SQL injection vulnerability in the Interactive Voice Response (IVR) co ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0698
+CVE-2015-0698 (Multiple cross-site scripting (XSS) vulnerabilities in filter search f ...)
 	NOT-FOR-US: Cisco WSA
-CVE-2015-0697
+CVE-2015-0697 (Open redirect vulnerability in the login page in Cisco TC Software bef ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0696
+CVE-2015-0696 (Cross-site scripting (XSS) vulnerability in the login page in Cisco TC ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0695
+CVE-2015-0695 (Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR,  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0694
+CVE-2015-0694 (Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0693
+CVE-2015-0693 (Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 ...)
 	NOT-FOR-US: Cisco WSA
-CVE-2015-0692
+CVE-2015-0692 (Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 ...)
 	NOT-FOR-US: Cisco WSA
-CVE-2015-0691
+CVE-2015-0691 (A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Sec ...)
 	NOT-FOR-US: Cisco Secure Desktop Cache Cleaner
-CVE-2015-0690
+CVE-2015-0690 (Cross-site scripting (XSS) vulnerability in the HTML help system on Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0689
+CVE-2015-0689 (Cisco Cloud Web Security before 3.0.1.7 allows remote attackers to byp ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0688
+CVE-2015-0688 (Cisco IOS XE 3.10.2S on an ASR 1000 device with an Embedded Services P ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0687
+CVE-2015-0687 (The SNMP implementation in Cisco IOS 15.1(2)SG4 on Catalyst 4500 devic ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0686
+CVE-2015-0686 (The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devic ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0685
+CVE-2015-0685 (Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handl ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0684
+CVE-2015-0684 (SQL injection vulnerability in the Image Management component in Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0683
+CVE-2015-0683 (Cisco Unified Communications Domain Manager 8.1(4) allows remote authe ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0682
+CVE-2015-0682 (Cisco Unified Communications Domain Manager 8.1(4) allows remote authe ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0681
+CVE-2015-0681 (The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1,  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0680
+CVE-2015-0680 (Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restr ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0679
+CVE-2015-0679 (The web-authentication functionality on Cisco Wireless LAN Controller  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0678
+CVE-2015-0678 (The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1. ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2015-0677
+CVE-2015-0677 (The XML parser in Cisco Adaptive Security Appliance (ASA) Software 8.4 ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2015-0676
+CVE-2015-0676 (The DNS implementation in Cisco Adaptive Security Appliance (ASA) Soft ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2015-0675
+CVE-2015-0675 (The failover ipsec implementation in Cisco Adaptive Security Appliance ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2015-0674
+CVE-2015-0674 (Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0673
+CVE-2015-0673 (Cisco Mobility Services Engine (MSE) 8.0(110.0) allows remote authenti ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0672
+CVE-2015-0672 (The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows rem ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0671
+CVE-2015-0671 (The DNS implementation in Cisco Videoscape Distribution Suite for Inte ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0670
+CVE-2015-0670 (The default configuration of Cisco Small Business IP phones SPA 300 7. ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0669
+CVE-2015-0669 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0668
+CVE-2015-0668 (Cross-site scripting (XSS) vulnerability in the administration portal  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0667
+CVE-2015-0667 (The Management Interface on Cisco Content Services Switch (CSS) 11500  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0666
+CVE-2015-0666 (Directory traversal vulnerability in the fmserver servlet in Cisco Pri ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0665
+CVE-2015-0665 (The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0664
+CVE-2015-0664 (The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0663
+CVE-2015-0663 (Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does n ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0662
+CVE-2015-0662 (Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0661
+CVE-2015-0661 (The SNMPv2 implementation in Cisco IOS XR allows remote authenticated  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0660
+CVE-2015-0660 (Cisco Virtual TelePresence Server Software does not properly restrict  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0659
+CVE-2015-0659 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0658
+CVE-2015-0658 (The DHCP implementation in the PowerOn Auto Provisioning (POAP) featur ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0657
+CVE-2015-0657 (Cisco IOS XR allows remote attackers to cause a denial of service (RSV ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0656
+CVE-2015-0656 (Cross-site scripting (XSS) vulnerability in the login page in Cisco Ne ...)
 	NOT-FOR-US: Cisco NAM
-CVE-2015-0655
+CVE-2015-0655 (Cross-site scripting (XSS) vulnerability in Unified Web Interaction Ma ...)
 	NOT-FOR-US: Cisco Unified Web
-CVE-2015-0654
+CVE-2015-0654 (Race condition in the TLS implementation in MainApp in the management  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0653
+CVE-2015-0653 (The management interface in Cisco TelePresence Video Communication Ser ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0652
+CVE-2015-0652 (The Session Description Protocol (SDP) implementation in Cisco TelePre ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0651
+CVE-2015-0651 (Cross-site request forgery (CSRF) vulnerability in the web GUI in Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0650
+CVE-2015-0650 (The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0649
+CVE-2015-0649 (Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0648
+CVE-2015-0648 (Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remot ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0647
+CVE-2015-0647 (Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0646
+CVE-2015-0646 (Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15. ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0645
+CVE-2015-0645 (The Layer 4 Redirect (L4R) feature in Cisco IOS XE 2.x and 3.x before  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0644
+CVE-2015-0644 (AppNav in Cisco IOS XE 3.8 through 3.10 before 3.10.3S, 3.11 before 3. ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0643
+CVE-2015-0643 (Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5. ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0642
+CVE-2015-0642 (Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5. ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0641
+CVE-2015-0641 (Cisco IOS XE 2.x and 3.x before 3.9.0S, 3.10 before 3.10.0S, 3.11 befo ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0640
+CVE-2015-0640 (The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x befor ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0639
+CVE-2015-0639 (The Common Flow Table (CFT) feature in Cisco IOS XE 3.6 and 3.7 before ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0638
+CVE-2015-0638 (Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is co ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0637
+CVE-2015-0637 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0636
+CVE-2015-0636 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0635
+CVE-2015-0635 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0634
+CVE-2015-0634 (Cross-site scripting (XSS) vulnerability in the administrative interfa ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0633
+CVE-2015-0633 (The Integrated Management Controller (IMC) in Cisco Unified Computing  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0632
+CVE-2015-0632 (Race condition in the Neighbor Discovery (ND) protocol implementation  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0631
+CVE-2015-0631 (Race condition in the SSL implementation on Cisco Intrusion Prevention ...)
 	NOT-FOR-US: Cisco IPS
 CVE-2015-0630
 	RESERVED
 CVE-2015-0629
 	RESERVED
-CVE-2015-0628
+CVE-2015-0628 (The proxy engine on Cisco Web Security Appliance (WSA) devices allows  ...)
 	NOT-FOR-US: Cisco WSA
 CVE-2015-0627
 	RESERVED
-CVE-2015-0626
+CVE-2015-0626 (The SOAP interface in Cisco Hosted Collaboration Solution (HCS) allows ...)
 	NOT-FOR-US: Cisco HCS
 CVE-2015-0625
 	RESERVED
-CVE-2015-0624
+CVE-2015-0624 (The web framework in Cisco AsyncOS on Email Security Appliance (ESA),  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0623
+CVE-2015-0623 (Cross-site scripting (XSS) vulnerability in the Administrator report p ...)
 	NOT-FOR-US: Cisco WSA
-CVE-2015-0622
+CVE-2015-0622 (The Wireless Intrusion Detection (aka WIDS) functionality on Cisco Wir ...)
 	NOT-FOR-US: Cisco WLC
-CVE-2015-0621
+CVE-2015-0621 (Cisco TelePresence MCU devices with software 4.5(1.45) allow remote at ...)
 	NOT-FOR-US: Cisco TelePresence
-CVE-2015-0620
+CVE-2015-0620 (The XML parser in Cisco TelePresence Management Suite (TMS) 14.3(.2) a ...)
 	NOT-FOR-US: Cisco TelePresence
-CVE-2015-0619
+CVE-2015-0619 (Memory leak in the embedded web server in the WebVPN subsystem in Cisc ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2015-0618
+CVE-2015-0618 (Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2015-0617
+CVE-2015-0617 (Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices all ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0616
+CVE-2015-0616 (The Connection Conversation Manager (aka CuCsMgr) process in Cisco Uni ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0615
+CVE-2015-0615 (The call-handling implementation in Cisco Unity Connection 8.5 before  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0614
+CVE-2015-0614 (The Connection Conversation Manager (aka CuCsMgr) process in Cisco Uni ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0613
+CVE-2015-0613 (The Connection Conversation Manager (aka CuCsMgr) process in Cisco Uni ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0612
+CVE-2015-0612 (The Connection Conversation Manager (aka CuCsMgr) process in Cisco Uni ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0611
+CVE-2015-0611 (The administrative web-management portal in Cisco IX 8 (.0.1) and earl ...)
 	NOT-FOR-US: Cisco TelePresence
-CVE-2015-0610
+CVE-2015-0610 (Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T a ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0609
+CVE-2015-0609 (Race condition in the Common Classification Engine (CCE) in the Measur ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0608
+CVE-2015-0608 (Race condition in the Measurement, Aggregation, and Correlation Engine ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0607
+CVE-2015-0607 (The Authentication Proxy feature in Cisco IOS does not properly handle ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0606
+CVE-2015-0606 (The IOS Shell in Cisco IOS allows local users to cause a denial of ser ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0605
+CVE-2015-0605 (The uuencode inspection engine in Cisco AsyncOS on Cisco Email Securit ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0604
+CVE-2015-0604 (The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0603
+CVE-2015-0603 (Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use wea ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0602
+CVE-2015-0602 (The mobility extension on Cisco Unified IP 9900 phones with firmware 9 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0601
+CVE-2015-0601 (Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allow l ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0600
+CVE-2015-0600 (The mobility extension on Cisco Unified IP 9900 phones with firmware 9 ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0599
+CVE-2015-0599 (The web interface in Cisco Integrated Management Controller in Cisco U ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0598
+CVE-2015-0598 (The RADIUS implementation in Cisco IOS and IOS XE allows remote attack ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0597
+CVE-2015-0597 (The Forgot Password feature in Cisco WebEx Meetings Server 1.5(.1.131) ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0596
+CVE-2015-0596 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meeting ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0595
+CVE-2015-0595 (The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allo ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0594
+CVE-2015-0594 (Multiple cross-site scripting (XSS) vulnerabilities in the help pages  ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0593
+CVE-2015-0593 (The Zone-Based Firewall implementation in Cisco IOS 12.4(122)T and ear ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0592
+CVE-2015-0592 (The Zone-Based Firewall implementation in Cisco IOS 15.4(2)T3 and earl ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0591
+CVE-2015-0591 (Cisco Unified Communications Domain Manager (UCDM) 10 allows remote at ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
-CVE-2015-0590
+CVE-2015-0590 (Cisco WebEx Meeting Center allows remote attackers to activate disable ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2015-0589
+CVE-2015-0589 (The administrative web interface in Cisco WebEx Meetings Server 1.0 th ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0588
+CVE-2015-0588 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified Commu ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
 CVE-2015-0587
 	RESERVED
-CVE-2015-0586
+CVE-2015-0586 (The Network-Based Application Recognition (NBAR) protocol implementati ...)
 	NOT-FOR-US: Cisco
 CVE-2015-0585
 	RESERVED
-CVE-2015-0584
+CVE-2015-0584 (The image-upgrade implementation on Cisco Desktop Collaboration Experi ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0583
+CVE-2015-0583 (Cisco WebEx Meeting Center does not properly restrict the content of U ...)
 	NOT-FOR-US: Cisco WebEx Meeting Center
-CVE-2015-0582
+CVE-2015-0582 (The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 device ...)
 	NOT-FOR-US: Cisco NX-OS
-CVE-2015-0581
+CVE-2015-0581 (The XML parser in Cisco Prime Service Catalog before 10.1 allows remot ...)
 	NOT-FOR-US: Cisco
-CVE-2015-0580
+CVE-2015-0580 (Multiple SQL injection vulnerabilities in the ACS View reporting inter ...)
 	NOT-FOR-US: Cisco Secure Access Control System
-CVE-2015-0579
+CVE-2015-0579 (Cisco TelePresence Video Communication Server (VCS) and Cisco Expressw ...)
 	NOT-FOR-US: Cisco TelePrecence Video Communication Server
-CVE-2015-0578
+CVE-2015-0578 (Cisco Adaptive Security Appliance (ASA) Software, when a DHCPv6 relay  ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2015-0577
+CVE-2015-0577 (Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Sp ...)
 	NOT-FOR-US: Cisco AsyncOS
-CVE-2015-0576
+CVE-2015-0576 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0575
+CVE-2015-0575 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0574
+CVE-2015-0574 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0573
+CVE-2015-0573 (drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the L ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0572
+CVE-2015-0572 (Multiple race conditions in drivers/char/adsprpc.c and drivers/char/ad ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0571
+CVE-2015-0571 (The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0570
+CVE-2015-0570 (Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0569
+CVE-2015-0569 (Heap-based buffer overflow in the private wireless extensions IOCTL im ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2015-0568
+CVE-2015-0568 (Use-after-free vulnerability in the msm_set_crop function in drivers/m ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2015-0567
 	RESERVED
@@ -25174,17 +25174,17 @@ CVE-2015-0566
 	RESERVED
 CVE-2015-0565
 	RESERVED
-CVE-2015-1198
+CVE-2015-1198 (Multiple directory traversal vulnerabilities in ha 0.999p+dfsg-5. ...)
 	- ha <removed> (low; bug #774954)
 	[squeeze] - ha <no-dsa> (Minor issue)
 	[wheezy] - ha <no-dsa> (Minor issue)
-CVE-2015-1352
+CVE-2015-1352 (The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql)  ...)
 	{DSA-3195-1}
 	- php5 5.6.6+dfsg-2 (bug #777036)
 	[squeeze] - php5 <not-affected> (vulnerable code (build_tablename()) introduced later)
 	NOTE: https://bugs.php.net/bug.php?id=68741
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=124fb22a13fafa3648e4e15b4f207c7096d8155e
-CVE-2015-1351
+CVE-2015-1351 (Use-after-free vulnerability in the _zend_shared_memdup function in ze ...)
 	- php5 5.6.6+dfsg-2 (bug #777033)
 	[squeeze] - php5 <not-affected> (opcache introduced in 5.5)
 	[wheezy] - php5 <not-affected> (opcache introduced in 5.5)
@@ -25193,38 +25193,38 @@ CVE-2015-1351
 CVE-2015-XXXX [insecure keyring handling]
 	- weboob 1.0-3 (low; bug #774838)
 	[wheezy] - weboob <no-dsa> (Minor issue)
-CVE-2015-1042
+CVE-2015-1042 (The string_sanitize_url function in core/string_api.php in MantisBT 1. ...)
 	- mantis <removed> (bug #780875)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <not-affected> (Incomplete fix not applied)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=17997
 	NOTE: http://github.com/mantisbt/mantisbt/commit/d95f070d
-CVE-2015-1031
+CVE-2015-1031 (Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow ...)
 	{DSA-3133-1 DLA-142-1}
 	- privoxy 3.0.21-5 (bug #775167)
 	NOTE: http://www.privoxy.org/announce.txt
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/list.c?view=patch&r1=1.31&r2=1.32&pathrev=v_3_0_22
-CVE-2015-1030
+CVE-2015-1030 (Memory leak in the rfc2553_connect_to function in jbsocket.c in Privox ...)
 	- privoxy 3.0.21-5 (bug #775167)
 	[squeeze] - privoxy <not-affected> (Introduced in 3.0.21)
 	[wheezy] - privoxy <not-affected> (Introduced in 3.0.21)
 	NOTE: http://www.privoxy.org/announce.txt
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/cgisimple.c?view=patch&r1=1.130&r2=1.131&pathrev=v_3_0_22
-CVE-2015-1197
+CVE-2015-1197 (cpio 2.11, when using the --no-absolute-filenames option, allows local ...)
 	- cpio 2.11+dfsg-4.1 (low; bug #774669)
 	[wheezy] - cpio <no-dsa> (Minor issue)
 	[squeeze] - cpio <no-dsa> (Minor issue)
 	NOTE: Patch used in SUSE: https://bugzilla.suse.com/attachment.cgi?id=599460&action=diff
-CVE-2015-4469
+CVE-2015-4469 (The chmd_read_headers function in chmd.c in libmspack before 0.5 does  ...)
 	- libmspack 0.4-3 (bug #774726)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-4468
+CVE-2015-4468 (Multiple integer overflows in the search_chunk function in chmd.c in l ...)
 	- libmspack 0.4-3 (bug #774726)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-4467
+CVE-2015-4467 (The chmd_init_decomp function in chmd.c in libmspack before 0.5 does n ...)
 	- libmspack 0.4-3 (bug #774725)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/03/11
-CVE-2015-9275
+CVE-2015-9275 (ARC 5.21q allows directory traversal via a full pathname in an archive ...)
 	- arc 5.21q-6 (low; bug #774527)
 	[stretch] - arc 5.21q-4+deb9u1
 	[jessie] - arc <ignored> (Minor issue)
@@ -25236,48 +25236,48 @@ CVE-2015-XXXX [saves unknown host's fingerprint in known_hosts without any promp
 	[squeeze] - lftp <no-dsa> (Minor issue)
 	[wheezy] - lftp <no-dsa> (Minor issue)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/03/12/10
-CVE-2015-0564
+CVE-2015-0564 (Buffer underflow in the ssl_decrypt_record function in epan/dissectors ...)
 	{DSA-3141-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-3 (bug #776135)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-05.html
-CVE-2015-0563
+CVE-2015-0563 (epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10. ...)
 	{DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-3 (bug #776135)
 	[squeeze] - wireshark <not-affected> (Only affected 1.10)
 	[wheezy] - wireshark <not-affected> (Only affected 1.10)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-04.html
-CVE-2015-0562
+CVE-2015-0562 (Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec- ...)
 	{DSA-3141-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-3 (bug #776135)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-03.html
-CVE-2015-0561
+CVE-2015-0561 (asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10. ...)
 	- wireshark 1.12.1+g01b65bf-3 (bug #776135)
 	[squeeze] - wireshark <not-affected> (Only affected 1.8.9)
 	[wheezy] - wireshark <not-affected> (Only affected 1.8.9)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-02.html
-CVE-2015-0560
+CVE-2015-0560 (The dissect_wccp2r1_address_table_info function in epan/dissectors/pac ...)
 	- wireshark 1.12.1+g01b65bf-3 (bug #776135)
 	[squeeze] - wireshark <not-affected> (Only affected 1.10)
 	[wheezy] - wireshark <not-affected> (Only affected 1.10)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-01.html
-CVE-2015-0559
+CVE-2015-0559 (Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp ...)
 	- wireshark 1.12.1+g01b65bf-3 (bug #776135)
 	[squeeze] - wireshark <not-affected> (Only affected 1.10)
 	[wheezy] - wireshark <not-affected> (Only affected 1.10)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-01.html
 CVE-2015-0558
 	RESERVED
-CVE-2015-0555
+CVE-2015-0555 (Buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control in  ...)
 	NOT-FOR-US: Samsung
-CVE-2015-0554
+CVE-2015-0554 (The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with  ...)
 	NOT-FOR-US: ADB router
-CVE-2015-0553
+CVE-2015-0553 (Cross-site scripting (XSS) vulnerability in admin/pages/modify.php in  ...)
 	NOT-FOR-US: WebsiteBaker
-CVE-2015-1038
+CVE-2015-1038 (p7zip 9.20.1 allows remote attackers to write to arbitrary files via a ...)
 	{DSA-3289-1 DLA-245-1}
 	- p7zip 9.20.1~dfsg.1-4.2 (bug #774660)
 	NOTE: Upstream bug: http://sourceforge.net/p/p7zip/bugs/147/
-CVE-2015-0552
+CVE-2015-0552 (Directory traversal vulnerability in the gcab_folder_extract function  ...)
 	- gcab 0.4-2 (bug #774580)
 CVE-2015-XXXX [Zoo directory traversal]
 	- zoo <removed> (low; bug #774453)
@@ -25293,674 +25293,674 @@ CVE-2015-XXXX [buffer over-read]
 	[jessie] - arc <ignored> (Minor issue)
 	[wheezy] - arc <no-dsa> (Minor issue)
 	[squeeze] - arc <no-dsa> (Minor issue)
-CVE-2015-0557
+CVE-2015-0557 (Open-source ARJ archiver 3.10.22 does not properly remove leading slas ...)
 	{DSA-3213-1 DLA-188-1}
 	- arj 3.10.22-13 (low; bug #774435)
-CVE-2015-0556
+CVE-2015-0556 (Open-source ARJ archiver 3.10.22 allows remote attackers to conduct di ...)
 	{DSA-3213-1 DLA-188-1}
 	- arj 3.10.22-13 (low; bug #774434)
-CVE-2015-0551
+CVE-2015-0551 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum  ...)
 	NOT-FOR-US: EMC Documentum WebTop Client
-CVE-2015-0550
+CVE-2015-0550 (Directory traversal vulnerability in EMC Documentum Thumbnail Server 6 ...)
 	NOT-FOR-US: EMC Documentum Thumbnail Server
-CVE-2015-0549
+CVE-2015-0549 (Cross-site scripting (XSS) vulnerability in EMC Documentum D2 before 4 ...)
 	NOT-FOR-US: EMC Documentum D2
-CVE-2015-0548
+CVE-2015-0548 (The D2DownloadService.getDownloadUrls service method in EMC Documentum ...)
 	NOT-FOR-US: EMC Documentum D2
-CVE-2015-0547
+CVE-2015-0547 (The D2CenterstageService.getComments service method in EMC Documentum  ...)
 	NOT-FOR-US: EMC Documentum D2
-CVE-2015-0546
+CVE-2015-0546 (EMC Unified Infrastructure Manager/Provisioning (UIM/P) 4.1 allows rem ...)
 	NOT-FOR-US: EMC Unified Infrastructure Manager/Provisioning
-CVE-2015-0545
+CVE-2015-0545 (EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging W ...)
 	NOT-FOR-US: EMC Unisphere
-CVE-2015-0544
+CVE-2015-0544 (EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 d ...)
 	NOT-FOR-US: EMC Secure Remote Services Virtual Edition
-CVE-2015-0543
+CVE-2015-0543 (EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 d ...)
 	NOT-FOR-US: EMC Secure Remote Services Virtual Edition
-CVE-2015-0542
+CVE-2015-0542 (Multiple cross-site request forgery (CSRF) vulnerabilities in EMC RSA  ...)
 	NOT-FOR-US: EMC RSA
-CVE-2015-0541
+CVE-2015-0541 (Cross-site request forgery (CSRF) vulnerability in EMC RSA Web Threat  ...)
 	NOT-FOR-US: RSA Web Threat Detection
-CVE-2015-0540
+CVE-2015-0540 (SQL injection vulnerability in the xAdmin interface in EMC Document Sc ...)
 	NOT-FOR-US: EMC Document Sciences xPression
 CVE-2015-0539
 	REJECTED
-CVE-2015-0538
+CVE-2015-0538 (ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allo ...)
 	NOT-FOR-US: EMC AutoStart
-CVE-2015-0537
+CVE-2015-0537 (Integer underflow in the base64-decoding implementation in EMC RSA BSA ...)
 	NOT-FOR-US: EMC RSA
-CVE-2015-0536
+CVE-2015-0536 (EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x b ...)
 	NOT-FOR-US: EMC RSA
-CVE-2015-0535
+CVE-2015-0535 (EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x b ...)
 	NOT-FOR-US: EMC RSA
-CVE-2015-0534
+CVE-2015-0534 (EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x b ...)
 	NOT-FOR-US: EMC RSA
-CVE-2015-0533
+CVE-2015-0533 (EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x b ...)
 	NOT-FOR-US: EMC RSA
-CVE-2015-0532
+CVE-2015-0532 (EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and 6. ...)
 	NOT-FOR-US: EMC RSA Identity Management and Governance
-CVE-2015-0531
+CVE-2015-0531 (EMC SourceOne Email Management before 7.2 does not have a lockout mech ...)
 	NOT-FOR-US: EMC SourceOne Email Management
-CVE-2015-0530
+CVE-2015-0530 (Buffer overflow in an unspecified function in nsr_render_log in EMC Ne ...)
 	NOT-FOR-US: EMC NetWorker
-CVE-2015-0529
+CVE-2015-0529 (EMC PowerPath Virtual Appliance (aka vApp) before 2.0 has default pass ...)
 	NOT-FOR-US: EMC PowerPath Virtual Appliance
-CVE-2015-0528
+CVE-2015-0528 (The RPC daemon in EMC Isilon OneFS 6.5.x and 7.0.x before 7.0.2.13, 7. ...)
 	NOT-FOR-US: EMC Isilon OneFS
-CVE-2015-0527
+CVE-2015-0527 (EMC Documentum xCelerated Management System (xMS) 1.1 before P14 store ...)
 	NOT-FOR-US: EMC
-CVE-2015-0526
+CVE-2015-0526 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Validat ...)
 	NOT-FOR-US: EMC RSA Validation Manager
-CVE-2015-0525
+CVE-2015-0525 (The Gateway Provisioning service in EMC Secure Remote Services Virtual ...)
 	NOT-FOR-US: EMC
-CVE-2015-0524
+CVE-2015-0524 (SQL injection vulnerability in the Gateway Provisioning service in EMC ...)
 	NOT-FOR-US: EMC
-CVE-2015-0523
+CVE-2015-0523 (EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA Registr ...)
 	NOT-FOR-US: RSA
-CVE-2015-0522
+CVE-2015-0522 (Cross-site scripting (XSS) vulnerability in EMC RSA Certificate Manage ...)
 	NOT-FOR-US: RSA
-CVE-2015-0521
+CVE-2015-0521 (Cross-site scripting (XSS) vulnerability in EMC RSA Certificate Manage ...)
 	NOT-FOR-US: RSA
 CVE-2015-0520
 	REJECTED
-CVE-2015-0519
+CVE-2015-0519 (The InputAccel Database (IADB) installation process in EMC Captiva Cap ...)
 	NOT-FOR-US: EMC Captiva Capture
-CVE-2015-0518
+CVE-2015-0518 (The Properties service in the D2FS web-service component in EMC Docume ...)
 	NOT-FOR-US: EMC Documentum D2
-CVE-2015-0517
+CVE-2015-0517 (The D2-API component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 ...)
 	NOT-FOR-US: EMC Documentum D2
-CVE-2015-0516
+CVE-2015-0516 (Directory traversal vulnerability in EMC M&amp;R (aka Watch4Net) befor ...)
 	NOT-FOR-US: EMC
-CVE-2015-0515
+CVE-2015-0515 (Unrestricted file upload vulnerability in EMC M&amp;R (aka Watch4Net)  ...)
 	NOT-FOR-US: EMC
-CVE-2015-0514
+CVE-2015-0514 (EMC M&amp;R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 mig ...)
 	NOT-FOR-US: EMC
-CVE-2015-0513
+CVE-2015-0513 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: EMC
-CVE-2015-0512
+CVE-2015-0512 (Open redirect vulnerability in EMC Unisphere Central before 4.0 allows ...)
 	NOT-FOR-US: EMC
-CVE-2015-0511
+CVE-2015-0511 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0510
+CVE-2015-0510 (Unspecified vulnerability in the Oracle Commerce Platform component in ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0509
+CVE-2015-0509 (Unspecified vulnerability in the Oracle Hyperion BI+ component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0508
+CVE-2015-0508 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0507
+CVE-2015-0507 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0506
+CVE-2015-0506 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0505
+CVE-2015-0505 (Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, a ...)
 	{DSA-3311-1 DSA-3229-1 DLA-359-1}
 	- mysql-5.5 <removed> (bug #782645)
 	[jessie] - mysql-5.5 5.5.43-0+deb8u1
 	- mariadb-10.0 10.0.19-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0504
+CVE-2015-0504 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0503
+CVE-2015-0503 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0502
+CVE-2015-0502 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0501
+CVE-2015-0501 (Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, a ...)
 	{DSA-3311-1 DSA-3229-1 DLA-359-1}
 	- mysql-5.5 <removed> (bug #782645)
 	[jessie] - mysql-5.5 5.5.43-0+deb8u1
 	- mariadb-10.0 10.0.19-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0500
+CVE-2015-0500 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0499
+CVE-2015-0499 (Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, a ...)
 	{DSA-3311-1 DSA-3229-1 DLA-359-1}
 	- mysql-5.5 <removed> (bug #782645)
 	[jessie] - mysql-5.5 5.5.43-0+deb8u1
 	- mariadb-10.0 10.0.19-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0498
+CVE-2015-0498 (Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0497
+CVE-2015-0497 (Unspecified vulnerability in the PeopleSoft Enterprise Portal Interact ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0496
+CVE-2015-0496 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0495
+CVE-2015-0495 (Unspecified vulnerability in the Oracle Commerce Guided Search / Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0494
+CVE-2015-0494 (Unspecified vulnerability in the Oracle Retail Central Office componen ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0493
+CVE-2015-0493 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0492
+CVE-2015-0492 (Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX  ...)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-8 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2015-0491
+CVE-2015-0491 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown
-CVE-2015-0490
+CVE-2015-0490 (Unspecified vulnerability in the Oracle Agile Engineering Data Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0489
+CVE-2015-0489 (Unspecified vulnerability in the Application Management Pack for Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0488
+CVE-2015-0488 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u ...)
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-6 6b35-1.13.7-1
 	- openjdk-7 7u79-2.5.5-1
 	- openjdk-8 8u45-b14-1
 	NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/04cda5b7a3c1
-CVE-2015-0487
+CVE-2015-0487 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0486
+CVE-2015-0486 (Unspecified vulnerability in Oracle Java SE 8u40 allows remote attacke ...)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-0485
+CVE-2015-0485 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Strategic S ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0484
+CVE-2015-0484 (Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX ...)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-8 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2015-0483
+CVE-2015-0483 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0482
+CVE-2015-0482 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
 CVE-2015-0481
 	REJECTED
-CVE-2015-0480
+CVE-2015-0480 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u ...)
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-8 8u45-b14-1
 	- openjdk-7 7u79-2.5.5-1 (bug #774953)
 	- openjdk-6 6b35-1.13.7-1
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/16/2
-CVE-2015-0479
+CVE-2015-0479 (Unspecified vulnerability in the XDK and XDB - XML Database component  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0478
+CVE-2015-0478 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u ...)
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-6 6b35-1.13.7-1
 	- openjdk-7 7u79-2.5.5-1
 	- openjdk-8 8u45-b14-1
-CVE-2015-0477
+CVE-2015-0477 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u ...)
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-6 6b35-1.13.7-1
 	- openjdk-7 7u79-2.5.5-1
 	- openjdk-8 8u45-b14-1
-CVE-2015-0476
+CVE-2015-0476 (Unspecified vulnerability in the SQL Trace Analyzer component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0475
+CVE-2015-0475 (Unspecified vulnerability in the JD Edwards EnterpriseOne Technology c ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0474
+CVE-2015-0474 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0473
+CVE-2015-0473 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0472
+CVE-2015-0472 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0471
+CVE-2015-0471 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows loc ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0470
+CVE-2015-0470 (Unspecified vulnerability in Oracle Java SE 8u40 allows remote attacke ...)
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-6 6b35-1.13.7-1
 	- openjdk-7 7u79-2.5.5-1
 	- openjdk-8 8u45-b14-1
-CVE-2015-0469
+CVE-2015-0469 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u ...)
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-6 6b35-1.13.7-1
 	- openjdk-7 7u79-2.5.5-1
 	- openjdk-8 8u45-b14-1
-CVE-2015-0468
+CVE-2015-0468 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle Database Server
-CVE-2015-0467
+CVE-2015-0467 (Unspecified vulnerability in the PeopleSoft Enterprise HCM Talent Acqu ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2015-0466
+CVE-2015-0466 (Unspecified vulnerability in the Oracle Retail Back Office component i ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0465
+CVE-2015-0465 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0464
+CVE-2015-0464 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0463
+CVE-2015-0463 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0462
+CVE-2015-0462 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0461
+CVE-2015-0461 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0460
+CVE-2015-0460 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u ...)
 	{DSA-3316-1 DSA-3235-1 DSA-3234-1 DLA-213-1}
 	- openjdk-6 6b35-1.13.7-1
 	- openjdk-7 7u79-2.5.5-1
 	- openjdk-8 8u45-b14-1
-CVE-2015-0459
+CVE-2015-0459 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown
-CVE-2015-0458
+CVE-2015-0458 (Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 al ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-0457
+CVE-2015-0457 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0456
+CVE-2015-0456 (Unspecified vulnerability in the Oracle WebCenter Portal component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0455
+CVE-2015-0455 (Unspecified vulnerability in the XDB - XML Database component in Oracl ...)
 	NOT-FOR-US: Oracle
 CVE-2015-0454
 	REJECTED
-CVE-2015-0453
+CVE-2015-0453 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0452
+CVE-2015-0452 (Unspecified vulnerability in the Oracle VM Server for SPARC component  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0451
+CVE-2015-0451 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fu ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0450
+CVE-2015-0450 (Unspecified vulnerability in the Oracle WebCenter Portal component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0449
+CVE-2015-0449 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0448
+CVE-2015-0448 (Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local user ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0447
+CVE-2015-0447 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0446
+CVE-2015-0446 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-0445
+CVE-2015-0445 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-0444
+CVE-2015-0444 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2015-0443
+CVE-2015-0443 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle Fusion
 CVE-2015-0442
 	REJECTED
-CVE-2015-0441
+CVE-2015-0441 (Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, a ...)
 	{DSA-3311-1 DSA-3229-1}
 	- mysql-5.5 5.5.42-1
 	- mariadb-10.0 10.0.17-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0440
+CVE-2015-0440 (Unspecified vulnerability in the Oracle Knowledge component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0439
+CVE-2015-0439 (Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0438
+CVE-2015-0438 (Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0437
+CVE-2015-0437 (Unspecified vulnerability in Oracle Java SE 8u25 allows remote attacke ...)
 	- openjdk-8 8u40~b22-1
-CVE-2015-0436
+CVE-2015-0436 (Unspecified vulnerability in the Oracle iLearning component in Oracle  ...)
 	NOT-FOR-US: Oracle iLearning
-CVE-2015-0435
+CVE-2015-0435 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0434
+CVE-2015-0434 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0433
+CVE-2015-0433 (Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, a ...)
 	{DSA-3311-1 DSA-3229-1}
 	- mysql-5.5 5.5.42-1
 	- mariadb-10.0 10.0.17-1
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0432
+CVE-2015-0432 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier al ...)
 	{DSA-3135-1}
 	- mysql-5.5 5.5.42-1 (bug #775881)
 	- mariadb-10.0 10.0.16-1 (bug #775882)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2015-0431
+CVE-2015-0431 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0430
+CVE-2015-0430 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-0429
+CVE-2015-0429 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-0428
+CVE-2015-0428 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-0427
+CVE-2015-0427 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox 4.3.18-dfsg-2 (bug #775888)
 	[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
 	- virtualbox-ose <not-affected> (Introduced in 4.3)
-CVE-2015-0426
+CVE-2015-0426 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0425
+CVE-2015-0425 (Unspecified vulnerability in the Oracle Enterprise Asset Management co ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0424
+CVE-2015-0424 (Unspecified vulnerability in the Integrated Lights Out Manager (ILOM)  ...)
 	NOT-FOR-US: Oracle Sun Systems Products Suite ILOM
-CVE-2015-0423
+CVE-2015-0423 (Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0422
+CVE-2015-0422 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
-CVE-2015-0421
+CVE-2015-0421 (Unspecified vulnerability in Oracle Java SE 8u25 allows local users to ...)
 	- openjdk-8 8u40~b22-1
-CVE-2015-0420
+CVE-2015-0420 (Unspecified vulnerability in the Oracle Forms component in Oracle Fusi ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0419
+CVE-2015-0419 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0418
+CVE-2015-0418 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DSA-3143-1 DLA-268-1}
 	- virtualbox 4.3.2-dfsg-1 (low; bug #775888)
 	- virtualbox-ose <removed> (low)
 	NOTE: This only affects releases < 4.3, so marking the first 4.3 upload as the fixed version
 	NOTE: Upstream patches in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775888#30
-CVE-2015-0417
+CVE-2015-0417 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0416
+CVE-2015-0416 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0415
+CVE-2015-0415 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0414
+CVE-2015-0414 (Unspecified vulnerability in the Oracle SOA Suite component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0413
+CVE-2015-0413 (Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local ...)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown
-CVE-2015-0412
+CVE-2015-0412 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allow ...)
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2015-0411
+CVE-2015-0411 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, a ...)
 	{DSA-3135-1}
 	- mysql-5.5 5.5.42-1 (bug #775881)
 	- mariadb-10.0 10.0.16-1 (bug #775882)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2015-0410
+CVE-2015-0410 (Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit co ...)
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2015-0409
+CVE-2015-0409 (Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only MySQL 5.6)
 	- mariadb-10.0 <not-affected> (Vulnerable code not present, see https://bugs.debian.org/775882#39)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
 	NOTE: For mariadb-10.0 not clear if affected
-CVE-2015-0408
+CVE-2015-0408 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u ...)
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2015-0407
+CVE-2015-0407 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u ...)
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2015-0406
+CVE-2015-0406 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allow ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-0405
+CVE-2015-0405 (Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only affects 5.6)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
-CVE-2015-0404
+CVE-2015-0404 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0403
+CVE-2015-0403 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allow ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2015-0402
+CVE-2015-0402 (Unspecified vulnerability in the Siebel Core - Server BizLogic Script  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0401
+CVE-2015-0401 (Unspecified vulnerability in the Oracle Directory Server Enterprise Ed ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0400
+CVE-2015-0400 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allow ...)
 	- openjdk-6 <not-affected> (This only affects Java on Windows)
 	- openjdk-7 <not-affected> (This only affects Java on Windows)
 	- openjdk-8 <not-affected> (This only affects Java on Windows)
-CVE-2015-0399
+CVE-2015-0399 (Unspecified vulnerability in the Oracle Business Intelligence Enterpri ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0398
+CVE-2015-0398 (Unspecified vulnerability in the Siebel Life Sciences component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0397
+CVE-2015-0397 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-0396
+CVE-2015-0396 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2015-0395
+CVE-2015-0395 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u ...)
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
-CVE-2015-0394
+CVE-2015-0394 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0393
+CVE-2015-0393 (Unspecified vulnerability in the Oracle Applications DBA component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0392
+CVE-2015-0392 (Unspecified vulnerability in the Siebel Core - Server BizLogic Script  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0391
+CVE-2015-0391 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, a ...)
 	- mysql-5.5 5.5.39-1
 	[wheezy] - mysql-5.5 5.5.40-0+wheezy1
 	- mariadb-10.0 10.0.14-2
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2015-0390
+CVE-2015-0390 (Unspecified vulnerability in the MICROS Retail component in Oracle Ret ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0389
+CVE-2015-0389 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fu ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0388
+CVE-2015-0388 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0387
+CVE-2015-0387 (Unspecified vulnerability in the Siebel Core - Server OM Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0386
+CVE-2015-0386 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0385
+CVE-2015-0385 (Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier al ...)
 	- mysql-5.5 <not-affected> (Only MySQL 5.6)
 	- mariadb-10.0 <not-affected> (Vulnerable code not present, see https://bugs.debian.org/775882#39)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
 	NOTE: For mariadb-10.0 not clear if affected
-CVE-2015-0384
+CVE-2015-0384 (Unspecified vulnerability in the Siebel Public Sector component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0383
+CVE-2015-0383 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u ...)
 	{DSA-3147-1 DSA-3144-1 DLA-157-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1 (bug #761683)
 	- openjdk-8 8u40~b22-1
-CVE-2015-0382
+CVE-2015-0382 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier an ...)
 	{DSA-3135-1}
 	- mysql-5.5 5.5.42-1 (bug #775881)
 	- mariadb-10.0 10.0.16-1 (bug #775882)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2015-0381
+CVE-2015-0381 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier an ...)
 	{DSA-3135-1}
 	- mysql-5.5 5.5.42-1 (bug #775881)
 	- mariadb-10.0 10.0.16-1 (bug #775882)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2015-0380
+CVE-2015-0380 (Unspecified vulnerability in the Oracle Telecommunications Billing Int ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0379
+CVE-2015-0379 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0378
+CVE-2015-0378 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-0377
+CVE-2015-0377 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DSA-3143-1 DLA-268-1}
 	- virtualbox 4.3.2-dfsg-1 (bug #775888)
 	- virtualbox-ose <removed>
 	NOTE: According to http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html the 4.3
 	NOTE: series is not affected, so marking the first 4.3 upload as fixed
 	NOTE: Upstream patches in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775888#30
-CVE-2015-0376
+CVE-2015-0376 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0375
+CVE-2015-0375 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remot ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2015-0374
+CVE-2015-0374 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier an ...)
 	{DSA-3135-1}
 	- mysql-5.5 5.5.42-1 (bug #775881)
 	- mariadb-10.0 10.0.16-1 (bug #775882)
 	- percona-xtradb-cluster-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
-CVE-2015-0373
+CVE-2015-0373 (Unspecified vulnerability in the OJVM component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0372
+CVE-2015-0372 (Unspecified vulnerability in the Oracle Containers for J2EE component  ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0371
+CVE-2015-0371 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0370
+CVE-2015-0370 (Unspecified vulnerability in the Core RDBMS component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0369
+CVE-2015-0369 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0368
+CVE-2015-0368 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0367
+CVE-2015-0367 (Unspecified vulnerability in the Oracle Access Manager component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0366
+CVE-2015-0366 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0365
+CVE-2015-0365 (Unspecified vulnerability in the Siebel Core - Server Infrastructure c ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0364
+CVE-2015-0364 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0363
+CVE-2015-0363 (Unspecified vulnerability in the Siebel Core EAI component in Oracle S ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0362
+CVE-2015-0362 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
 	NOT-FOR-US: Oracle
-CVE-2015-0361
+CVE-2015-0361 (Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows rem ...)
 	- xen 4.4.1-7 (bug #776319)
 	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
 	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
-CVE-2015-0360
+CVE-2015-0360 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0359
+CVE-2015-0359 (Double free vulnerability in Adobe Flash Player before 13.0.0.281 and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0358
+CVE-2015-0358 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0357
+CVE-2015-0357 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0356
+CVE-2015-0356 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0355
+CVE-2015-0355 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0354
+CVE-2015-0354 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0353
+CVE-2015-0353 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0352
+CVE-2015-0352 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0351
+CVE-2015-0351 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0350
+CVE-2015-0350 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0349
+CVE-2015-0349 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0348
+CVE-2015-0348 (Buffer overflow in Adobe Flash Player before 13.0.0.281 and 14.x throu ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0347
+CVE-2015-0347 (Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0346
+CVE-2015-0346 (Double free vulnerability in Adobe Flash Player before 13.0.0.281 and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0345
+CVE-2015-0345 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2015-0344
+CVE-2015-0344 (Cross-site scripting (XSS) vulnerability in the web app in Adobe Conne ...)
 	NOT-FOR-US: Adobe
-CVE-2015-0343
+CVE-2015-0343 (Cross-site scripting (XSS) vulnerability in admin/home/homepage/search ...)
 	NOT-FOR-US: Adobe
-CVE-2015-0342
+CVE-2015-0342 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0341
+CVE-2015-0341 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0340
+CVE-2015-0340 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0339
+CVE-2015-0339 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0338
+CVE-2015-0338 (Integer overflow in Adobe Flash Player before 13.0.0.277 and 14.x thro ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0337
+CVE-2015-0337 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0336
+CVE-2015-0336 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0335
+CVE-2015-0335 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0334
+CVE-2015-0334 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0333
+CVE-2015-0333 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0332
+CVE-2015-0332 (Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0331
+CVE-2015-0331 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0330
+CVE-2015-0330 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0329
+CVE-2015-0329 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0328
+CVE-2015-0328 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0327
+CVE-2015-0327 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0326
+CVE-2015-0326 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0325
+CVE-2015-0325 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0324
+CVE-2015-0324 (Buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x throu ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0323
+CVE-2015-0323 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0322
+CVE-2015-0322 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0321
+CVE-2015-0321 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0320
+CVE-2015-0320 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0319
+CVE-2015-0319 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0318
+CVE-2015-0318 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0317
+CVE-2015-0317 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0316
+CVE-2015-0316 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0315
+CVE-2015-0315 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0314
+CVE-2015-0314 (Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0313
+CVE-2015-0313 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0312
+CVE-2015-0312 (Double free vulnerability in Adobe Flash Player before 13.0.0.264 and  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0311
+CVE-2015-0311 (Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0310
+CVE-2015-0310 (Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0309
+CVE-2015-0309 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0308
+CVE-2015-0308 (Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0307
+CVE-2015-0307 (Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0306
+CVE-2015-0306 (Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0305
+CVE-2015-0305 (Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0304
+CVE-2015-0304 (Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0303
+CVE-2015-0303 (Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0302
+CVE-2015-0302 (Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2015-0301
+CVE-2015-0301 (Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2015-0300
 	RESERVED
-CVE-2015-0299
+CVE-2015-0299 (Multiple cross-site scripting (XSS) vulnerabilities in Open Source Poi ...)
 	NOT-FOR-US: Open Source Point of Sale
-CVE-2015-0298
+CVE-2015-0298 (Cross-site scripting (XSS) vulnerability in the manager web interface  ...)
 	- libapache2-mod-cluster <itp> (bug #731410)
-CVE-2015-0297
+CVE-2015-0297 (Red Hat JBoss Operations Network 3.3.1 does not properly restrict acce ...)
 	NOT-FOR-US: RHQ
-CVE-2015-0296
+CVE-2015-0296 (The pre-install script in texlive 3.1.20140525_r34255.fc21 as packaged ...)
 	- texlive-base <not-affected> (Specific to Red Hat packaging/postinst)
-CVE-2015-0295
+CVE-2015-0295 (The BMP decoder in QtGui in QT before 5.5 does not properly calculate  ...)
 	{DLA-210-1}
 	- qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3 (bug #779550)
 	[wheezy] - qt4-x11 <no-dsa> (Minor issue)
@@ -25975,38 +25975,38 @@ CVE-2015-0294 [certificate algorithm consistency checking issue]
 	[experimental] - gnutls28 3.3.13-1
 	- gnutls28 3.3.8-6 (bug #779428)
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/6e76e9b9fa845b76b0b9a45f05f4b54a052578ff (gnutls_3_3_13)
-CVE-2015-0293
+CVE-2015-0293 (The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0 ...)
 	{DLA-177-1}
 	- openssl 1.0.0c-2
 	NOTE: 1.0.0c-2 dropped SSLv2 support
-CVE-2015-0292
+CVE-2015-0292 (Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encod ...)
 	{DSA-3197-1 DLA-177-1}
 	- openssl 1.0.1h-1
-CVE-2015-0291
+CVE-2015-0291 (The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before 1.0.2a  ...)
 	- openssl <not-affected> (Only affects 1.0.2, only in experimental)
-CVE-2015-0290
+CVE-2015-0290 (The multi-block feature in the ssl3_write_bytes function in s3_pkt.c i ...)
 	- openssl <not-affected> (Only affects 1.0.2, only in experimental)
-CVE-2015-0289
+CVE-2015-0289 (The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0. ...)
 	{DSA-3197-1 DLA-177-1}
 	- openssl 1.0.1k-2
-CVE-2015-0288
+CVE-2015-0288 (The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL bef ...)
 	{DSA-3197-1 DLA-177-1}
 	- openssl 1.0.1k-2
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9
-CVE-2015-0287
+CVE-2015-0287 (The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL bef ...)
 	{DSA-3197-1 DLA-177-1}
 	- openssl 1.0.1k-2
-CVE-2015-0286
+CVE-2015-0286 (The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0 ...)
 	{DSA-3197-1 DLA-177-1}
 	- openssl 1.0.1k-2
-CVE-2015-0285
+CVE-2015-0285 (The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1. ...)
 	- openssl <not-affected> (Only affects 1.0.2, only in experimental)
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e1b568dd2462f7cacf98f3d117936c34e2849a6b
-CVE-2015-0284
+CVE-2015-0284 (Cross-site scripting (XSS) vulnerability in spacewalk-java in Spacewal ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2015-0283
+CVE-2015-0283 (The slapi-nis plug-in before 0.54.2 does not properly reallocate memor ...)
 	- slapi-nis 0.54.2-1 (bug #781346)
-CVE-2015-0282
+CVE-2015-0282 (GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature alg ...)
 	{DSA-3191-1 DLA-180-1}
 	- gnutls26 <removed>
 	- gnutls28 <not-affected> (Fixed in 3.1.0)
@@ -26015,116 +26015,116 @@ CVE-2015-0281
 	RESERVED
 CVE-2015-0280
 	RESERVED
-CVE-2015-0279
+CVE-2015-0279 (JBoss RichFaces before 4.5.4 allows remote attackers to inject express ...)
 	NOT-FOR-US: RichFaces
-CVE-2015-0278
+CVE-2015-0278 (libuv before 0.10.34 does not properly drop group privileges, which al ...)
 	- libuv 0.10.28-6 (bug #779173)
 	NOTE: https://github.com/libuv/libuv/commit/66ab38918c911bcff025562cf06237d7fedaba0c
 	NOTE: https://github.com/libuv/libuv/pull/215
-CVE-2015-0277
+CVE-2015-0277 (The Service Provider (SP) in PicketLink before 2.7.0 does not ensure t ...)
 	NOT-FOR-US: PicketLink
-CVE-2015-0276
+CVE-2015-0276 (Cross-site request forgery (CSRF) vulnerability in Kallithea before 0. ...)
 	- kallithea <itp> (bug #689573)
-CVE-2015-0275
+CVE-2015-0275 (The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel  ...)
 	- linux 3.16.7-ckt9-1
 	[wheezy] - linux <not-affected> (Introduced in v3.15)
 	- linux-2.6 <not-affected> (Introduced in v3.15)
 	NOTE: Proposed upstream patch: http://www.spinics.net/lists/linux-ext4/msg47193.html
-CVE-2015-0274
+CVE-2015-0274 (The XFS implementation in the Linux kernel before 3.15 improperly uses ...)
 	- linux 3.11.5-1
 	[wheezy] - linux <not-affected> (Introduced in v3.11-rc1)
 	- linux-2.6 <not-affected> (Introduced in v3.11-rc1)
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8275cdd0e7ac550dcce2b3ef6d2fb3b808c1ae59 (v3.15-rc5)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e461fcb194172b3f709e0b478d2ac1bdac7ab9a3 (v3.11-rc1)
-CVE-2015-0273
+CVE-2015-0273 (Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP  ...)
 	{DSA-3195-1}
 	- php5 5.6.6+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=68942
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c377f1a715476934133f3254d1e0d4bf3743e2d2
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=71335e6ebabc1b12c057d8017fd811892ecdfd24
-CVE-2015-0272
+CVE-2015-0272 (GNOME NetworkManager allows remote attackers to cause a denial of serv ...)
 	- network-manager 1.0.4-1
 	[jessie] - network-manager <no-dsa> (Will be fixed on the kernel side)
 	[wheezy] - network-manager <not-affected> (code introduced in 0.9.10)
 	[squeeze] - network-manager <not-affected> (code introduced in 0.9.10)
 	NOTE: Commit for NetworkManager: http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=d5fc88e573fa58b93034b04d35a2454f5d28cad9 (1.2-beta1)
 	NOTE: Issue introduced in 0.9.10 with http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=7d5779300450bc2602ba4f7f472ebfa58bea3571
-CVE-2015-0271
+CVE-2015-0271 (The log-viewing function in the Red Hat redhat-access-plugin before 6. ...)
 	- horizon <not-affected> (RedHat-specific plugin)
 CVE-2015-0270 [Potential SQL injection in PostgreSQL Zend\Db adapter]
 	RESERVED
 	- zendframework <not-affected> (the vulnerability was introduced in the 2 series)
 	- php-zend-db <not-affected> (Fixed before initial upload to the archive)
 	NOTE: http://framework.zend.com/security/advisory/ZF2015-02
-CVE-2015-0269
+CVE-2015-0269 (Directory traversal vulnerability in Contao before 3.2.19, and 3.4.x b ...)
 	NOT-FOR-US: Contao
-CVE-2015-0268
+CVE-2015-0268 (The vgic_v2_to_sgi function in arch/arm/vgic-v2.c in Xen 4.5.x, when r ...)
 	- xen <not-affected> (Only affects 4.5)
 	NOTE: http://xenbits.xen.org/xsa/advisory-117.html
-CVE-2015-0267
+CVE-2015-0267 (The Red Hat module-setup.sh script for kexec-tools, as distributed in  ...)
 	- kexec-tools <not-affected> (Vulnerable script not present in the Debian package)
-CVE-2015-0266
+CVE-2015-0266 (The Policy Admin Tool in Apache Ranger before 0.5.0 allows remote auth ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2015-0265
+CVE-2015-0265 (Cross-site scripting (XSS) vulnerability in the Policy Admin Tool in A ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2015-0264
+CVE-2015-0264 (Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPat ...)
 	NOT-FOR-US: Apache Camel
-CVE-2015-0263
+CVE-2015-0263 (XML external entity (XXE) vulnerability in the XML converter setup in  ...)
 	NOT-FOR-US: Apache Camel
 CVE-2015-0262
 	REJECTED
-CVE-2015-0261
+CVE-2015-0261 (Integer signedness error in the mobility_opt_print function in the IPv ...)
 	{DSA-3193-1 DLA-174-1}
 	- tcpdump 4.6.2-4
 	NOTE: http://www.ca.tcpdump.org/cve/0003-test-case-for-cve2015-0261-corrupted-IPv6-mobility-h.patch
-CVE-2015-0260
+CVE-2015-0260 (RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated u ...)
 	- kallithea <itp> (bug #753975)
-CVE-2015-0259
+CVE-2015-0259 (OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, an ...)
 	- nova 2014.1.3-11 (bug #780250)
 	[wheezy] - nova <not-affected> (Vulnerable code not present)
 CVE-2015-0258
 	RESERVED
-CVE-2015-0257
+CVE-2015-0257 (Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses wea ...)
 	NOT-FOR-US: ovirt / RHEV
 CVE-2015-0256
 	RESERVED
-CVE-2015-0255
+CVE-2015-0255 (X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x be ...)
 	{DSA-3160-1 DLA-218-1}
 	- xorg-server 2:1.16.4-1
-CVE-2015-0254
+CVE-2015-0254 (Apache Standard Taglibs before 1.2.3 allows remote attackers to execut ...)
 	- jakarta-taglibs-standard 1.1.2-3 (bug #779621)
 	[wheezy] - jakarta-taglibs-standard <no-dsa> (Minor issue)
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=57560
-CVE-2015-0253
+CVE-2015-0253 (The read_request_line function in server/protocol.c in the Apache HTTP ...)
 	- apache2 <not-affected> (Vulnerable version 2.4.11 never in Debian)
-CVE-2015-0252
+CVE-2015-0252 (internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote a ...)
 	{DSA-3199-1 DLA-181-1}
 	- xerces-c 3.1.1-5.1 (bug #780827)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1667870
-CVE-2015-0251
+CVE-2015-0251 (The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 th ...)
 	{DSA-3231-1 DLA-207-1}
 	- subversion 1.8.10-6
 	NOTE: https://subversion.apache.org/security/CVE-2015-0251-advisory.txt
-CVE-2015-0250
+CVE-2015-0250 (XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2)  ...)
 	{DSA-3205-1 DLA-182-1}
 	- batik 1.7+dfsg-5 (bug #780897)
 	NOTE: https://issues.apache.org/jira/browse/BATIK-1018
 	NOTE: https://issues.apache.org/jira/browse/BATIK-1113
 	NOTE: Commit disabling external xml entities: https://svn.apache.org/viewvc/xmlgraphics/batik/trunk/sources/org/apache/batik/dom/util/SAXDocumentFactory.java?r1=662304&r2=1664335&diff_format=h
 	NOTE: PoC: https://www.ernw.de/download/xxe_batik.tar.xz
-CVE-2015-0249
+CVE-2015-0249 (The weblog page template in Apache Roller 5.1 through 5.1.1 allows rem ...)
 	NOT-FOR-US: Apache Roller
-CVE-2015-0248
+CVE-2015-0248 (The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 throu ...)
 	{DSA-3231-1 DLA-207-1}
 	- subversion 1.8.10-6
 	NOTE: https://subversion.apache.org/security/CVE-2015-0248-advisory.txt
-CVE-2015-0247
+CVE-2015-0247 (Heap-based buffer overflow in openfs.c in the libext2fs library in e2f ...)
 	{DSA-3166-1 DLA-153-1}
 	- e2fsprogs 1.42.12-1
 	NOTE: https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4
 CVE-2015-0246
 	REJECTED
-CVE-2015-0245
+CVE-2015-0245 (D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9. ...)
 	{DSA-3161-1}
 	- dbus 1.8.16-1 (bug #777545)
 	[squeeze] - dbus <not-affected> (affects 1.4 and above)
@@ -26153,13 +26153,13 @@ CVE-2015-0241
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
-CVE-2015-0240
+CVE-2015-0240 (The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x be ...)
 	{DSA-3171-1 DLA-156-1}
 	- samba 2:4.1.17+dfsg-1 (bug #779033)
 	- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: Server components removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
 	NOTE: https://www.samba.org/samba/security/CVE-2015-0240
-CVE-2015-0239
+CVE-2015-0239 (The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel ...)
 	{DSA-3170-1}
 	- linux 3.16.7-ckt4-2
 	- linux-2.6 <removed>
@@ -26167,11 +26167,11 @@ CVE-2015-0239
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c60435261deaefeb53ce3222d04d7d5bea81296
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3747379accba8e95d70cec0eae0582c8c182050
 	NOTE: http://permalink.gmane.org/gmane.linux.kernel.commits.head/502245
-CVE-2015-0238
+CVE-2015-0238 (selinux-policy as packaged in Red Hat OpenShift 2 allows attackers to  ...)
 	NOT-FOR-US: selinux-policy as shipped with Red Hat OpenShift 2
-CVE-2015-0237
+CVE-2015-0237 (Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores  ...)
 	NOT-FOR-US: Red Hat vdms
-CVE-2015-0236
+CVE-2015-0236 (libvirt before 1.2.12 allow remote authenticated users to obtain the V ...)
 	- libvirt 1.2.9-8 (bug #776065)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced in v1.1.0-rc1)
 	[squeeze] - libvirt <not-affected> (Vulnerable code introduced in v1.1.0-rc1)
@@ -26179,23 +26179,23 @@ CVE-2015-0236
 	NOTE: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=b347c0c2a321ec5c20aae214927949832a288c5a
 	NOTE: Introduced by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=e341435e5090677c67a0d3d4ca0393102054841f (v1.1.0-rc1)
 	NOTE: http://security.libvirt.org/2015/0001.html
-CVE-2015-0235
+CVE-2015-0235 (Heap-based buffer overflow in the __nss_hostname_digits_dots function  ...)
 	{DSA-3142-1 DLA-139-1}
 	- eglibc <removed> (high; bug #776391)
 	- glibc 2.18-1 (high)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=15014
-CVE-2015-0234
+CVE-2015-0234 (Multiple temporary file creation vulnerabilities in pki-core 10.2.0. ...)
 	- dogtag-pki <unfixed> (unimportant)
 	NOTE: Rendered unexploitable by /tmp hardening in Debian kernel
-CVE-2015-0233
+CVE-2015-0233 (Multiple insecure Temporary File vulnerabilities in 389 Administration ...)
 	- 389-admin 1.1.38-1 (unimportant)
 	NOTE: Rendered unexploitable by /tmp hardening in Debian kernel
-CVE-2015-0232
+CVE-2015-0232 (The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4 ...)
 	{DSA-3195-1 DLA-212-1}
 	- php5 5.6.5+dfsg-1
 	NOTE: https://bugs.php.net/patch-display.php?bug=68799&patch=bug68799fix&revision=1420966468
 	NOTE: https://bugs.php.net/bug.php?id=68799
-CVE-2015-0231
+CVE-2015-0231 (Use-after-free vulnerability in the process_nested_data function in ex ...)
 	{DSA-3195-1}
 	- php5 5.6.5+dfsg-1
 	[squeeze] - php5 <not-affected> (Broken patch for CVE-2014-8142 never applied)
@@ -26206,135 +26206,135 @@ CVE-2015-0230
 	REJECTED
 CVE-2015-0229
 	REJECTED
-CVE-2015-0228
+CVE-2015-0228 (The lua_websocket_read function in lua_request.c in the mod_lua module ...)
 	- apache2 2.4.10-10 (low)
 	[wheezy] - apache2 <not-affected> (no mod_lua in 2.2)
 	[squeeze] - apache2 <not-affected> (no mod_lua in 2.2)
 	NOTE: https://github.com/apache/httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef
-CVE-2015-0227
+CVE-2015-0227 (Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attacker ...)
 	- wss4j 1.6.15-2 (bug #777741)
 	[wheezy] - wss4j <not-affected> (Vulnerable code not present)
 	[squeeze] - wss4j <not-affected> (Vulnerable code not present)
-CVE-2015-0226
+CVE-2015-0226 (Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks inf ...)
 	- wss4j 1.6.15-2 (bug #777741)
 	[wheezy] - wss4j <not-affected> (Vulnerable code not present)
 	[squeeze] - wss4j <not-affected> (Vulnerable code not present)
-CVE-2015-0225
+CVE-2015-0225 (The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2. ...)
 	- cassandra <itp> (bug #585905)
-CVE-2015-0224
+CVE-2015-0224 (qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause ...)
 	- qpid-cpp <not-affected> (Incomplete fix for CVE-2015-0203 not applied)
 	NOTE: CVE is for incomplete fix for CVE-2015-0203, which is not fixed in Debian
 	NOTE: https://issues.apache.org/jira/browse/QPID-6310
-CVE-2015-0223
+CVE-2015-0223 (Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remot ...)
 	- qpid-cpp <removed> (bug #772794)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/browse/QPID-6325
-CVE-2015-0222
+CVE-2015-0222 (ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x befor ...)
 	- python-django 1.7.1-1.1 (bug #775375)
 	[wheezy] - python-django <not-affected> (1.4.x not affected)
 	[squeeze] - python-django <not-affected> (1.2.x not affected)
 	NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
-CVE-2015-0221
+CVE-2015-0221 (The django.views.static.serve view in Django before 1.4.18, 1.6.x befo ...)
 	{DSA-3151-1 DLA-143-1}
 	- python-django 1.7.1-1.1 (bug #775375)
 	NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
-CVE-2015-0220
+CVE-2015-0220 (The django.util.http.is_safe_url function in Django before 1.4.18, 1.6 ...)
 	{DSA-3151-1 DLA-143-1}
 	- python-django 1.7.1-1.1 (bug #775375)
 	NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
-CVE-2015-0219
+CVE-2015-0219 (Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allo ...)
 	{DSA-3151-1 DLA-143-1}
 	- python-django 1.7.1-1.1 (bug #775375)
 	NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
-CVE-2015-0218
+CVE-2015-0218 (Cross-site request forgery (CSRF) vulnerability in auth/shibboleth/log ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278618#p1196684
-CVE-2015-0217
+CVE-2015-0217 (filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2. ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278617#p1196683
-CVE-2015-0216
+CVE-2015-0216 (access.php in the Lesson module in Moodle 2.8.x before 2.8.2 does not  ...)
 	- moodle <not-affected> (Only affects 2.8.x)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278616#p1196682
-CVE-2015-0215
+CVE-2015-0215 (calendar/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7,  ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278615#p1196681
-CVE-2015-0214
+CVE-2015-0214 (message/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2 ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278614#p1196680
-CVE-2015-0213
+CVE-2015-0213 (Multiple cross-site request forgery (CSRF) vulnerabilities in (1) edit ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278613#p1196679
-CVE-2015-0212
+CVE-2015-0212 (Cross-site scripting (XSS) vulnerability in course/pending.php in Mood ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278612#p1196678
-CVE-2015-0211
+CVE-2015-0211 (mod/lti/ajax.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x be ...)
 	- moodle 2.7.5+dfsg-1 (bug #775842)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=278611#p1196676
-CVE-2015-0210
+CVE-2015-0210 (wpa_supplicant 2.0-16 does not properly check certificate subject name ...)
 	NOTE: likely to be REJECTed
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0210
-CVE-2015-0209
+CVE-2015-0209 (Use-after-free vulnerability in the d2i_ECPrivateKey function in crypt ...)
 	{DSA-3197-1 DLA-177-1}
 	- openssl 1.0.1k-2
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a
-CVE-2015-0208
+CVE-2015-0208 (The ASN.1 signature-verification implementation in the rsa_item_verify ...)
 	- openssl <not-affected> (Only affects 1.0.2, only in experimental)
-CVE-2015-0207
+CVE-2015-0207 (The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a d ...)
 	- openssl <not-affected> (Only affects 1.0.2, only in experimental)
-CVE-2015-0206
+CVE-2015-0206 (Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL ...)
 	{DSA-3125-1}
 	- openssl 1.0.1k-1
 	[squeeze] - openssl <not-affected> (Affects 1.0.1 and 1.0.0)
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=04685bc949e90a877656cf5020b6d4f90a9636a6
-CVE-2015-0205
+CVE-2015-0205 (The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before ...)
 	{DSA-3125-1}
 	- openssl 1.0.1k-1
 	[squeeze] - openssl <not-affected> (Only affects 1.0.1 and 1.0.0)
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=98a0f9660d374f58f79ee0efcc8c1672a805e8e8
-CVE-2015-0204
+CVE-2015-0204 (The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9. ...)
 	{DSA-3125-1 DLA-132-1}
 	- openssl 1.0.1k-1
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=37580f43b5a39f5f4e920d17273fab9713d3a744
-CVE-2015-0203
+CVE-2015-0203 (The qpidd broker in Apache Qpid 0.30 and earlier allows remote authent ...)
 	- qpid-cpp <removed> (bug #775359)
 	[wheezy] - qpid-cpp <no-dsa> (Minor issue)
-CVE-2015-0202
+CVE-2015-0202 (The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remot ...)
 	- subversion 1.8.10-6
 	[wheezy] - subversion <not-affected> (Vulnerability introduced with 1.8.0)
 	[squeeze] - subversion <not-affected> (Vulnerability introduced with 1.8.0)
 	NOTE: https://subversion.apache.org/security/CVE-2015-0202-advisory.txt
-CVE-2015-0201
+CVE-2015-0201 (The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5  ...)
 	- libspring-java <not-affected> (Only affects Spring Framework 4.1.0 to 4.1.4)
-CVE-2015-0200
+CVE-2015-0200 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x before 7.0.0.8 IF2 ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2015-0199
+CVE-2015-0199 (The mmfslinux kernel module in IBM General Parallel File System (GPFS) ...)
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2015-0198
+CVE-2015-0198 (IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 befor ...)
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2015-0197
+CVE-2015-0197 (IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 befor ...)
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2015-0196
+CVE-2015-0196 (CRLF injection vulnerability in IBM WebSphere Commerce 6.0 through 6.0 ...)
 	NOT-FOR-US: IBM
-CVE-2015-0195
+CVE-2015-0195 (Cross-site scripting (XSS) vulnerability in IBM Content Template Catal ...)
 	NOT-FOR-US: IBM
-CVE-2015-0194
+CVE-2015-0194 (XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator ...)
 	NOT-FOR-US: IBM
-CVE-2015-0193
+CVE-2015-0193 (Cross-site scripting (XSS) vulnerability in IBM Business Process Manag ...)
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2015-0192
+CVE-2015-0192 (Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP ...)
 	NOT-FOR-US: IBM JDK
 CVE-2015-0191
 	REJECTED
 CVE-2015-0190
 	RESERVED
-CVE-2015-0189
+CVE-2015-0189 (The cluster repository manager in IBM WebSphere MQ 7.5 before 7.5.0.5  ...)
 	NOT-FOR-US: IBM
 CVE-2015-0188
 	RESERVED
@@ -26352,33 +26352,33 @@ CVE-2015-0182
 	RESERVED
 CVE-2015-0181
 	RESERVED
-CVE-2015-0180
+CVE-2015-0180 (The Connector Migration Tool in IBM InfoSphere Information Server 8.1  ...)
 	NOT-FOR-US: IBM
-CVE-2015-0179
+CVE-2015-0179 (Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 ...)
 	NOT-FOR-US: IBM Domino
-CVE-2015-0178
+CVE-2015-0178 (The Java overlay feature in IBM Bluemix Liberty before 1.13-20150209-1 ...)
 	NOT-FOR-US: IBM Bluemix Liberty
-CVE-2015-0177
+CVE-2015-0177 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2015-0176
+CVE-2015-0176 (Cross-site scripting (XSS) vulnerability in MQ XR WebSockets Listener  ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2015-0175
+CVE-2015-0175 (IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5. ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2015-0174
+CVE-2015-0174 (The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2015-0173
+CVE-2015-0173 (The HTTP connection-management functionality in Internet Pass-Thru (IP ...)
 	NOT-FOR-US: IBM
-CVE-2015-0172
+CVE-2015-0172 (IBM Security SiteProtector System 3.0, 3.1.0 and 3.1.1 allows remote a ...)
 	NOT-FOR-US: IBM Security SiteProtector System
-CVE-2015-0171
+CVE-2015-0171 (Directory traversal vulnerability in IBM Security SiteProtector System ...)
 	NOT-FOR-US: IBM
-CVE-2015-0170
+CVE-2015-0170 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0 ...)
 	NOT-FOR-US: IBM
-CVE-2015-0169
+CVE-2015-0169 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0 ...)
 	NOT-FOR-US: IBM
-CVE-2015-0168
+CVE-2015-0168 (Cross-site scripting (XSS) vulnerability in IBM Security SiteProtector ...)
 	NOT-FOR-US: IBM
-CVE-2015-0167
+CVE-2015-0167 (Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in ...)
 	NOT-FOR-US: textAngular
 CVE-2015-0166
 	REJECTED
@@ -26388,327 +26388,327 @@ CVE-2015-0164
 	REJECTED
 CVE-2015-0163
 	REJECTED
-CVE-2015-0162
+CVE-2015-0162 (IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local use ...)
 	NOT-FOR-US: IBM
-CVE-2015-0161
+CVE-2015-0161 (SQL injection vulnerability in IBM Security SiteProtector System 3.0 b ...)
 	NOT-FOR-US: IBM
-CVE-2015-0160
+CVE-2015-0160 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0 ...)
 	NOT-FOR-US: IBM
 CVE-2015-0159
 	REJECTED
-CVE-2015-0158
+CVE-2015-0158 (Cross-site scripting (XSS) vulnerability in the Coach NG framework in  ...)
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2015-0157
+CVE-2015-0157 (IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 t ...)
 	NOT-FOR-US: IBM DB2
-CVE-2015-0156
+CVE-2015-0156 (Cross-site scripting (XSS) vulnerability in IBM Business Process Manag ...)
 	NOT-FOR-US: IBM
 CVE-2015-0155
 	REJECTED
 CVE-2015-0154
 	REJECTED
-CVE-2015-0153
+CVE-2015-0153 (D-Link DIR-815 devices with firmware before 2.07.B01 allow remote atta ...)
 	NOT-FOR-US: D-Link
-CVE-2015-0152
+CVE-2015-0152 (D-Link DIR-815 devices with firmware before 2.07.B01 allow remote atta ...)
 	NOT-FOR-US: D-Link
-CVE-2015-0151
+CVE-2015-0151 (Cross-site request forgery (CSRF) vulnerability in D-Link DIR-815 devi ...)
 	NOT-FOR-US: D-Link
-CVE-2015-0150
+CVE-2015-0150 (The remote administration UI in D-Link DIR-815 devices with firmware b ...)
 	NOT-FOR-US: D-Link
-CVE-2015-0149
+CVE-2015-0149 (The developer portal in IBM API Management 3.0 before 3.0.4.1 does not ...)
 	NOT-FOR-US: IBM API Management
 CVE-2015-0148
 	RESERVED
 CVE-2015-0147
 	RESERVED
-CVE-2015-0146
+CVE-2015-0146 (IBM Content Collector for Email 3.0 before 3.0.0.6-IBM-ICC-Server-IF00 ...)
 	NOT-FOR-US: IBM Content Collector
-CVE-2015-0145
+CVE-2015-0145 (Cross-site request forgery (CSRF) vulnerability in IBM OpenPages GRC P ...)
 	NOT-FOR-US: IBM
-CVE-2015-0144
+CVE-2015-0144 (Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform ...)
 	NOT-FOR-US: IBM
-CVE-2015-0143
+CVE-2015-0143 (IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7 ...)
 	NOT-FOR-US: IBM
-CVE-2015-0142
+CVE-2015-0142 (IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7 ...)
 	NOT-FOR-US: IBM
-CVE-2015-0141
+CVE-2015-0141 (IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7 ...)
 	NOT-FOR-US: IBM
-CVE-2015-0140
+CVE-2015-0140 (An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 ...)
 	NOT-FOR-US: IBM
-CVE-2015-0139
+CVE-2015-0139 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2015-0138
+CVE-2015-0138 (GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-IT ...)
 	NOT-FOR-US: IBM Tivoli Directory Server
-CVE-2015-0137
+CVE-2015-0137 (IBM PowerVC Standard 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 v ...)
 	NOT-FOR-US: IBM PowerVC
-CVE-2015-0136
+CVE-2015-0136 (powervc-iso-import in IBM PowerVC 1.2.0.x before 1.2.0.4 and 1.2.1.x b ...)
 	NOT-FOR-US: IBM PowerVC
-CVE-2015-0135
+CVE-2015-0135 (IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allow ...)
 	NOT-FOR-US: IBM Domino
-CVE-2015-0134
+CVE-2015-0134 (Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before ...)
 	NOT-FOR-US: IBM
-CVE-2015-0133
+CVE-2015-0133 (IBM WebSphere Commerce 7.0 Feature Pack 4 through 8 allows remote atta ...)
 	NOT-FOR-US: IBM
-CVE-2015-0132
+CVE-2015-0132 (The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7  ...)
 	NOT-FOR-US: IBM
-CVE-2015-0131
+CVE-2015-0131 (Cross-site scripting (XSS) vulnerability in IBM Leads 7.x, 8.1.0 befor ...)
 	NOT-FOR-US: IBM
-CVE-2015-0130
+CVE-2015-0130 (Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz F ...)
 	NOT-FOR-US: IBM
-CVE-2015-0129
+CVE-2015-0129 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manag ...)
 	NOT-FOR-US: IBM Rational Quality Manager
-CVE-2015-0128
+CVE-2015-0128 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manag ...)
 	NOT-FOR-US: IBM Rational Quality Manager
-CVE-2015-0127
+CVE-2015-0127 (IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6 ...)
 	NOT-FOR-US: IBM
-CVE-2015-0126
+CVE-2015-0126 (IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6 ...)
 	NOT-FOR-US: IBM
-CVE-2015-0125
+CVE-2015-0125 (Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Ge ...)
 	NOT-FOR-US: IBM Rational DOORS Next Generation
-CVE-2015-0124
+CVE-2015-0124 (Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manag ...)
 	NOT-FOR-US: IBM Rational Quality Manager
-CVE-2015-0123
+CVE-2015-0123 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert  ...)
 	NOT-FOR-US: IBM Rational Team Concert
-CVE-2015-0122
+CVE-2015-0122 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert  ...)
 	NOT-FOR-US: IBM Rational Team Concert
-CVE-2015-0121
+CVE-2015-0121 (IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through ...)
 	NOT-FOR-US: IBM
-CVE-2015-0120
+CVE-2015-0120 (Buffer overflow in the FastBackMount process in IBM Tivoli Storage Man ...)
 	NOT-FOR-US: IBM
-CVE-2015-0119
+CVE-2015-0119 (FastBack Mount in IBM Tivoli Storage Manager FastBack 6.1.x before 6.1 ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager FastBack
-CVE-2015-0118
+CVE-2015-0118 (IBM WebSphere Message Broker Toolkit 7 before 7007 IF2 and 8 before 80 ...)
 	NOT-FOR-US: IBM
-CVE-2015-0117
+CVE-2015-0117 (The LDAP Server in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x befor ...)
 	NOT-FOR-US: IBM Domino
-CVE-2015-0116
+CVE-2015-0116 (IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6 ...)
 	NOT-FOR-US: IBM
-CVE-2015-0115
+CVE-2015-0115 (Cross-site request forgery (CSRF) vulnerability in IBM Leads 7.x, 8.1. ...)
 	NOT-FOR-US: IBM
-CVE-2015-0114
+CVE-2015-0114 (Stack-based buffer overflow in IBM V5R4, and IBM i Access for Windows  ...)
 	NOT-FOR-US: IBM
-CVE-2015-0113
+CVE-2015-0113 (The Jazz help system in IBM Rational Collaborative Lifecycle Managemen ...)
 	NOT-FOR-US: IBM Rational Collaborative Lifecycle Management
-CVE-2015-0112
+CVE-2015-0112 (Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Life ...)
 	NOT-FOR-US: IBM Rational
 CVE-2015-0111
 	RESERVED
-CVE-2015-0110
+CVE-2015-0110 (IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and Web ...)
 	NOT-FOR-US: IBM
-CVE-2015-0109
+CVE-2015-0109 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM
-CVE-2015-0108
+CVE-2015-0108 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM
-CVE-2015-0107
+CVE-2015-0107 (IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, ...)
 	NOT-FOR-US: IBM
-CVE-2015-0106
+CVE-2015-0106 (Cross-site scripting (XSS) vulnerability in IBM Business Process Manag ...)
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2015-0105
+CVE-2015-0105 (Cross-site scripting (XSS) vulnerability in the Process Portal in IBM  ...)
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2015-0104
+CVE-2015-0104 (IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, ...)
 	NOT-FOR-US: IBM
-CVE-2015-0103
+CVE-2015-0103 (Multiple cross-site scripting (XSS) vulnerabilities in the Process Por ...)
 	NOT-FOR-US: IBM Business Process Manager
 CVE-2015-0102
 	RESERVED
-CVE-2015-0101
+CVE-2015-0101 (Cross-site scripting (XSS) vulnerability in IBM Business Process Manag ...)
 	NOT-FOR-US: IBM
-CVE-2015-0100
+CVE-2015-0100 (Microsoft Internet Explorer 8 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0099
+CVE-2015-0099 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0098
+CVE-2015-0098 (Task Scheduler in Microsoft Windows 7 SP1 and Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0097
+CVE-2015-0097 (Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0096
+CVE-2015-0096 (Untrusted search path vulnerability in Microsoft Windows Server 2003 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0095
+CVE-2015-0095 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0094
+CVE-2015-0094 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0093
+CVE-2015-0093 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0092
+CVE-2015-0092 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0091
+CVE-2015-0091 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0090
+CVE-2015-0090 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0089
+CVE-2015-0089 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0088
+CVE-2015-0088 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0087
+CVE-2015-0087 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0086
+CVE-2015-0086 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gol ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0085
+CVE-2015-0085 (Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0084
+CVE-2015-0084 (The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2  ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-0083
 	REJECTED
 CVE-2015-0082
 	REJECTED
-CVE-2015-0081
+CVE-2015-0081 (Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0080
+CVE-2015-0080 (Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0079
+CVE-2015-0079 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0078
+CVE-2015-0078 (win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0077
+CVE-2015-0077 (The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0076
+CVE-2015-0076 (The photo-decoder implementation in Microsoft Windows Vista SP2, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0075
+CVE-2015-0075 (The kernel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0074
+CVE-2015-0074 (Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0073
+CVE-2015-0073 (The Windows Registry Virtualization feature in the kernel in Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0072
+CVE-2015-0072 (Cross-site scripting (XSS) vulnerability in Microsoft Internet Explore ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0071
+CVE-2015-0071 (Microsoft Internet Explorer 9 through 11 allows remote attackers to by ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0070
+CVE-2015-0070 (Microsoft Internet Explorer 6 through 11 allows remote attackers to re ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0069
+CVE-2015-0069 (Microsoft Internet Explorer 10 and 11 allows remote attackers to bypas ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0068
+CVE-2015-0068 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0067
+CVE-2015-0067 (Microsoft Internet Explorer 6 through 9 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0066
+CVE-2015-0066 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0065
+CVE-2015-0065 (Microsoft Word 2007 SP3 allows remote attackers to execute arbitrary c ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2015-0064
+CVE-2015-0064 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automati ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0063
+CVE-2015-0063 (Microsoft Excel 2007 SP3; the proofing tools in Office 2010 SP2; Excel ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0062
+CVE-2015-0062 (Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0061
+CVE-2015-0061 (Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0060
+CVE-2015-0060 (The font mapper in win32k.sys in the kernel-mode drivers in Microsoft  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0059
+CVE-2015-0059 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0058
+CVE-2015-0058 (Double free vulnerability in win32k.sys in the kernel-mode drivers in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0057
+CVE-2015-0057 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0056
+CVE-2015-0056 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0055
+CVE-2015-0055 (Microsoft Internet Explorer 10 and 11 allows remote attackers to gain  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0054
+CVE-2015-0054 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ga ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0053
+CVE-2015-0053 (Microsoft Internet Explorer 6 through 8 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0052
+CVE-2015-0052 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0051
+CVE-2015-0051 (Microsoft Internet Explorer 8 allows remote attackers to bypass the AS ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0050
+CVE-2015-0050 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0049
+CVE-2015-0049 (Microsoft Internet Explorer 8 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0048
+CVE-2015-0048 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-0047
 	REJECTED
-CVE-2015-0046
+CVE-2015-0046 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0045
+CVE-2015-0045 (Microsoft Internet Explorer 6 through 8 allows remote attackers to exe ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0044
+CVE-2015-0044 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0043
+CVE-2015-0043 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0042
+CVE-2015-0042 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0041
+CVE-2015-0041 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0040
+CVE-2015-0040 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0039
+CVE-2015-0039 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0038
+CVE-2015-0038 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0037
+CVE-2015-0037 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0036
+CVE-2015-0036 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0035
+CVE-2015-0035 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-0034
 	REJECTED
 CVE-2015-0033
 	REJECTED
-CVE-2015-0032
+CVE-2015-0032 (vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Inter ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0031
+CVE-2015-0031 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0030
+CVE-2015-0030 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0029
+CVE-2015-0029 (Microsoft Internet Explorer 6 and 8 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0028
+CVE-2015-0028 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0027
+CVE-2015-0027 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0026
+CVE-2015-0026 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0025
+CVE-2015-0025 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-0024
 	REJECTED
-CVE-2015-0023
+CVE-2015-0023 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0022
+CVE-2015-0022 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0021
+CVE-2015-0021 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0020
+CVE-2015-0020 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0019
+CVE-2015-0019 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execut ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0018
+CVE-2015-0018 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0017
+CVE-2015-0017 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-0016
+CVE-2015-0016 (Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) co ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0015
+CVE-2015-0015 (Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and Ser ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0014
+CVE-2015-0014 (Buffer overflow in the Telnet service in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-0013
 	REJECTED
-CVE-2015-0012
+CVE-2015-0012 (Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update R ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0011
+CVE-2015-0011 (mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Micro ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0010
+CVE-2015-0010 (The CryptProtectMemory function in cng.sys (aka the Cryptography Next  ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0009
+CVE-2015-0009 (The Group Policy Security Configuration policy implementation in Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0008
+CVE-2015-0008 (The UNC implementation in Microsoft Windows Server 2003 SP2, Windows V ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-0007
 	REJECTED
-CVE-2015-0006
+CVE-2015-0006 (The Network Location Awareness (NLA) service in Microsoft Windows Serv ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0005
+CVE-2015-0005 (The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0004
+CVE-2015-0004 (The User Profile Service (aka ProfSvc) in Microsoft Windows Server 200 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0003
+CVE-2015-0003 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-0002
+CVE-2015-0002 (The AhcVerifyAdminContext function in ahcache.sys in the Application C ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-0001
+CVE-2015-0001 (The Windows Error Reporting (WER) component in Microsoft Windows 8, Wi ...)
 	NOT-FOR-US: Microsoft Windows
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index f7884ddf50..1eec347f29 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -1,21 +1,21 @@
-CVE-2016-10742
+CVE-2016-10742 (Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before  ...)
 	{DLA-1708-1}
 	- zabbix 1:3.0.17+dfsg-1 (low)
 	[stretch] - zabbix <no-dsa> (Minor issue)
 	NOTE: https://support.zabbix.com/browse/ZBX-10272
 	NOTE: https://support.zabbix.com/browse/ZBX-13133
-CVE-2016-1000282
+CVE-2016-1000282 (Haraka version 2.8.8 and earlier comes with a plugin for processing at ...)
 	NOT-FOR-US: Haraka
 CVE-2016-1000276
 	REJECTED
-CVE-2016-1000271
+CVE-2016-1000271 (Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8. ...)
 	NOT-FOR-US: Joomla extension
-CVE-2016-10741
+CVE-2016-10741 (In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users ...)
 	- linux 4.9.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/04197b341f23b908193308b8d63d17ff23232598
-CVE-2016-10740
+CVE-2016-10740 (Various resources in Atlassian Crowd before version 2.10.1 allow remot ...)
 	NOT-FOR-US: Atlassian Crowd
-CVE-2016-10739
+CVE-2016-10739 (In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinf ...)
 	- glibc 2.28-6 (bug #920047)
 	[stretch] - glibc <no-dsa> (Minor issue)
 	[jessie] - glibc <no-dsa> (Minor issue)
@@ -23,13 +23,13 @@ CVE-2016-10739
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1347549
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20018
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=108bc4049f8ae82710aec26a92ffdb4b439c83fd
-CVE-2016-10738
+CVE-2016-10738 (Zenbership v107 has CSRF via admin/cp-functions/event-add.php. ...)
 	NOT-FOR-US: Zenbership
-CVE-2016-10737
+CVE-2016-10737 (Serendipity 2.0.4 has XSS via the serendipity_admin.php serendipity[bo ...)
 	- serendipity <removed>
-CVE-2016-10736
+CVE-2016-10736 (The "Social Pug - Easy Social Share Buttons" plugin before 1.2.6 for W ...)
 	NOT-FOR-US: WordPress plugin social-pug
-CVE-2016-10735
+CVE-2016-10735 (In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is ...)
 	- twitter-bootstrap4 <not-affected> (Fixed before initial upload to Debian)
 	- twitter-bootstrap3 3.4.0+dfsg-1
 	[stretch] - twitter-bootstrap3 3.3.7+dfsg-2+deb9u1
@@ -42,88 +42,88 @@ CVE-2016-10735
 	NOTE: https://github.com/twbs/bootstrap/pull/23679
 	NOTE: https://github.com/twbs/bootstrap/pull/23687
 	NOTE: https://github.com/twbs/bootstrap/pull/26460
-CVE-2016-10734
+CVE-2016-10734 (ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Referen ...)
 	NOT-FOR-US: ProjectSend
-CVE-2016-10733
+CVE-2016-10733 (ProjectSend (formerly cFTP) r582 allows directory traversal via file=. ...)
 	NOT-FOR-US: ProjectSend
-CVE-2016-10732
+CVE-2016-10732 (ProjectSend (formerly cFTP) r582 allows authentication bypass via a di ...)
 	NOT-FOR-US: ProjectSend
-CVE-2016-10731
+CVE-2016-10731 (ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files ...)
 	NOT-FOR-US: ProjectSend
-CVE-2016-10730
+CVE-2016-10730 (An issue was discovered in Amanda 3.3.1. A user with backup privileges ...)
 	- amanda <unfixed> (unimportant)
 	NOTE: https://www.exploit-db.com/exploits/39244/
 	NOTE: /usr/lib/amanda/application/amstar can only be run by members of the backup
 	NOTE: group (which is root-equivalent due to being able to perform restores e.g.)
-CVE-2016-10729
+CVE-2016-10729 (An issue was discovered in Amanda 3.3.1. A user with backup privileges ...)
 	- amanda <unfixed> (unimportant)
 	NOTE: https://www.exploit-db.com/exploits/39217/
 	NOTE: /usr/lib/amanda/runtar can only be run by members of the backup
 	NOTE: group (which is root-equivalent due to being able to perform restores e.g.)
-CVE-2016-10728
+CVE-2016-10728 (An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error p ...)
 	{DLA-1508-1}
 	- suricata 3.1.2-1
 	NOTE: https://redmine.openinfosecfoundation.org/issues/1880
 	NOTE: https://github.com/OISF/suricata/pull/2210
-CVE-2016-10727
+CVE-2016-10727 (camel/providers/imapx/camel-imapx-server.c in the IMAPx component in G ...)
 	{DLA-1443-1}
 	- evolution-data-server 3.22.0-2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1334842
 	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/f26a6f67
-CVE-2016-10726
+CVE-2016-10726 (The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before ...)
 	NOT-FOR-US: DSpave
-CVE-2016-10725
+CVE-2016-10725 (In Bitcoin Core before v0.13.0, a non-final alert is able to block the ...)
 	- bitcoin 0.13.0-0.1
-CVE-2016-10724
+CVE-2016-10724 (Bitcoin Core before v0.13.0 allows denial of service (memory exhaustio ...)
 	- bitcoin 0.13.0-0.1
-CVE-2016-1000352
+CVE-2016-1000352 (In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES i ...)
 	- bouncycastle 1.56-1
 	[jessie] - bouncycastle <ignored> (Intrusive changes, can be mitigated by using a different mode than ECB)
 	NOTE: https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
-CVE-2016-1000346
+CVE-2016-1000346 (In the Bouncy Castle JCE Provider version 1.55 and earlier the other p ...)
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937
-CVE-2016-1000345
+CVE-2016-1000345 (In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/E ...)
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098
-CVE-2016-1000344
+CVE-2016-1000344 (In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES i ...)
 	- bouncycastle 1.56-1
 	[jessie] - bouncycastle <ignored> (Intrusive changes, can be mitigated by using a different mode than ECB)
 	NOTE: https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
-CVE-2016-1000343
+CVE-2016-1000343 (In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key ...)
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389#diff-5578e61500abb2b87b300d3114bdfd7d
-CVE-2016-1000342
+CVE-2016-1000342 (In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does  ...)
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647#diff-25c3c78db788365f36839b3f2d3016b9
-CVE-2016-1000341
+CVE-2016-1000341 (In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signatu ...)
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa#diff-e75226a9ca49217a7276b29242ec59ce
-CVE-2016-1000340
+CVE-2016-1000340 (In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propa ...)
 	- bouncycastle 1.56-1
 	[jessie] - bouncycastle <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00#diff-e5934feac8203ca0104ab291a3560a31
-CVE-2016-1000339
+CVE-2016-1000339 (In the Bouncy Castle JCE Provider version 1.55 and earlier the primary ...)
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b#diff-54656f860db94b867ba7542430cd2ef0
 	NOTE: https://github.com/bcgit/bc-java/commit/8a73f08931450c17c749af067b6a8185abdfd2c0#diff-494fb066bed02aeb76b6c005632943f2
-CVE-2016-10723
+CVE-2016-10723 (** DISPUTED ** An issue was discovered in the Linux kernel through 4.1 ...)
 	- linux <unfixed>
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://patchwork.kernel.org/patch/10395909/
-CVE-2016-10722
+CVE-2016-10722 (partclone.fat in Partclone before 0.2.88 is prone to a heap-based buff ...)
 	- partclone 0.2.88-1
 	[jessie] - partclone <no-dsa> (Minor issue)
 	[wheezy] - partclone <no-dsa> (Minor issue)
 	NOTE: https://david.gnedt.at/blog/2016/11/14/advisory-partclone-fat-bitmap-heap-overflow/
 	NOTE: https://github.com/Thomas-Tsai/partclone/issues/71
-CVE-2016-10721
+CVE-2016-10721 (partclone.restore in Partclone 0.2.87 is prone to a heap-based buffer  ...)
 	- partclone 0.2.88-1
 	[jessie] - partclone <no-dsa> (Minor issue)
 	[wheezy] - partclone <no-dsa> (Minor issue)
@@ -132,24 +132,24 @@ CVE-2016-10720
 	RESERVED
 CVE-2016-10719
 	RESERVED
-CVE-2016-10718
+CVE-2016-10718 (Brave Browser before 0.13.0 allows a tab to close itself even if the t ...)
 	- brave-browser <itp> (bug #864795)
-CVE-2016-10717
+CVE-2016-10717 (A vulnerability in the encryption and permission implementation of Mal ...)
 	NOT-FOR-US: Malwarebytes Anti-Malware
-CVE-2016-10716
+CVE-2016-10716 (The Mail.ru Calendar plugin before 2.5.0.61 for Atlassian Jira has XSS ...)
 	NOT-FOR-US: Atlassian Jira plugin
-CVE-2016-10715
+CVE-2016-10715 (The Artezio Kanban Board plugin 1.4 revision 1914 for Atlassian Jira h ...)
 	NOT-FOR-US: Atlassian Jira plugin
-CVE-2016-10714
+CVE-2016-10714 (In zsh before 5.3, an off-by-one error resulted in undersized buffers  ...)
 	{DLA-1304-1}
 	- zsh 5.3-1
 	[jessie] - zsh <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/a62e1640bcafbb82d86ea8d8ce057a83c4683d60
-CVE-2016-10713
+CVE-2016-10713 (An issue was discovered in GNU patch before 2.7.6. Out-of-bounds acces ...)
 	- patch 2.7.6-1 (unimportant)
 	NOTE: https://git.savannah.gnu.org/cgit/patch.git/commit/src/pch.c?id=a0d7fe4589651c64bd16ddaaa634030bb0455866
 	NOTE: Crash in CLI tool, no security impact
-CVE-2016-10711
+CVE-2016-10711 (Apsis Pound before 2.8a allows request smuggling via crafted headers,  ...)
 	{DLA-1280-1}
 	- pound <removed> (bug #888786)
 	[stretch] - pound <no-dsa> (Minor issue)
@@ -159,468 +159,468 @@ CVE-2016-10711
 	NOTE: Fixed by https://build.opensuse.org/request/show/571084
 	NOTE: Confirmed that the SUSE patch is the security relevant diff between
 	NOTE: version 2.7 and 2.8a
-CVE-2016-10710
+CVE-2016-10710 (Biscom Secure File Transfer (SFT) 5.0.1000 through 5.0.1048 does not v ...)
 	NOT-FOR-US: Biscom Secure File Transfer
-CVE-2016-10709
+CVE-2016-10709 (pfSense before 2.3 allows remote authenticated users to execute arbitr ...)
 	NOT-FOR-US: pfSense
-CVE-2016-10708
+CVE-2016-10708 (sshd in OpenSSH before 7.4 allows remote attackers to cause a denial o ...)
 	{DLA-1500-1 DLA-1257-1}
 	- openssh 1:7.4p1-1
 	NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=28652bca29046f62c7045e933e6b931de1d16737
 	NOTE: http://blog.swiecki.net/2018/01/fuzzing-tcp-servers.html
 	NOTE: Flaw is not crashing the whole sshd daemon, rather the privsep process
-CVE-2016-10707
+CVE-2016-10707 (jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to remo ...)
 	- jquery <not-affected> (Vulnerable code never in unstable; only experimental)
 	NOTE: https://github.com/jquery/jquery/issues/3133
 	NOTE: https://github.com/jquery/jquery/pull/3134
 	NOTE: https://snyk.io/vuln/npm:jquery:20160529
 	NOTE: Only 3.0.0-rc1 affected: https://github.com/jquery/jquery/issues/3133#issuecomment-358978489
-CVE-2016-10706
+CVE-2016-10706 (The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vi ...)
 	NOT-FOR-US: WordPress plugin jetpack
-CVE-2016-10705
+CVE-2016-10705 (The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes mo ...)
 	NOT-FOR-US: WordPress plugin jetpack
-CVE-2016-10704
+CVE-2016-10704 (Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1 ...)
 	NOT-FOR-US: Magento
-CVE-2016-10703
+CVE-2016-10703 (A regular expression Denial of Service (DoS) vulnerability in the file ...)
 	NOT-FOR-US: ecstatic npm
-CVE-2016-10702
+CVE-2016-10702 (Pebble Smartwatch devices through 4.3 mishandle UUID storage, which al ...)
 	NOT-FOR-US: Pebble
-CVE-2016-10701
+CVE-2016-10701 (In Hitachi Vantara Pentaho BA Platform through 8.0, a CSRF issue exist ...)
 	NOT-FOR-US: Hitachi Vantara Pentaho BA Platform
-CVE-2016-10700
+CVE-2016-10700 (auth_login.php in Cacti before 1.0.0 allows remote authenticated users ...)
 	- cacti 0.8.8h+ds1-5 (bug #833420)
 	[jessie] - cacti 0.8.8b+dfsg-8+deb8u6
 	[wheezy] - cacti 0.8.8a+dfsg-5+deb7u9
 	NOTE: https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697
 	NOTE: https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846
 	NOTE: Fix for the incomplete fix for CVE-2016-2313
-CVE-2016-10699
+CVE-2016-10699 (D-Link DSL-2740E 1.00_BG_20150720 devices are prone to persistent XSS  ...)
 	NOT-FOR-US: D-Link devices
-CVE-2016-10698
+CVE-2016-10698 (mystem-fix is a node.js wrapper for MyStem morphology text analyzer by ...)
 	NOT-FOR-US: mystem-fix
-CVE-2016-10697
+CVE-2016-10697 (react-native-baidu-voice-synthesizer is a baidu voice speech synthesiz ...)
 	NOT-FOR-US: react-native-baidu-voice-synthesizer
-CVE-2016-10696
+CVE-2016-10696 (windows-latestchromedriver downloads the latest version of chromedrive ...)
 	NOT-FOR-US: windows-latestchromedriver
-CVE-2016-10695
+CVE-2016-10695 (The npm-test-sqlite3-trunk module provides asynchronous, non-blocking  ...)
 	NOT-FOR-US: npm-test-sqlite3-trunk
-CVE-2016-10694
+CVE-2016-10694 (alto-saxophone is a module to install and launch Chromedriver for Mac, ...)
 	NOT-FOR-US: alto-saxophone
-CVE-2016-10693
+CVE-2016-10693 (pm2-kafka is a PM2 module that installs and runs a kafka server pm2-ka ...)
 	NOT-FOR-US: pm2-kafka
-CVE-2016-10692
+CVE-2016-10692 (haxeshim haxe shim to deal with coexisting versions. haxeshim download ...)
 	NOT-FOR-US: haxeshim
-CVE-2016-10691
+CVE-2016-10691 (windows-seleniumjar is a module that downloads the Selenium Jar file w ...)
 	NOT-FOR-US: windows-seleniumjar
-CVE-2016-10690
+CVE-2016-10690 (openframe-ascii-image module is an openframe plugin which adds support ...)
 	NOT-FOR-US: openframe-ascii-image
-CVE-2016-10689
+CVE-2016-10689 (The windows-iedriver module downloads fixed version of iedriverserver. ...)
 	NOT-FOR-US: The windows-iedriver
-CVE-2016-10688
+CVE-2016-10688 (Haxe 3 : The Cross-Platform Toolkit (a fork from David Mouton's damoeb ...)
 	NOT-FOR-US: Haxe node module, different from src:haxe
-CVE-2016-10687
+CVE-2016-10687 (windows-selenium-chromedriver is a module that downloads the Selenium  ...)
 	NOT-FOR-US: windows-selenium-chromedriver
-CVE-2016-10686
+CVE-2016-10686 (fis-sass-all is another libsass wrapper for node. fis-sass-all downloa ...)
 	NOT-FOR-US: fis-sass-all
-CVE-2016-10685
+CVE-2016-10685 (pk-app-wonderbox is an integration with wonderbox pk-app-wonderbox dow ...)
 	NOT-FOR-US: pk-app-wonderbox
-CVE-2016-10684
+CVE-2016-10684 (healthcenter - IBM Monitoring and Diagnostic Tools health Center agent ...)
 	NOT-FOR-US: IBM
-CVE-2016-10683
+CVE-2016-10683 (arcanist downloads resources over HTTP, which leaves it vulnerable to  ...)
 	NOT-FOR-US: arcanist node module, different from src:arcanist
-CVE-2016-10682
+CVE-2016-10682 (massif is a Phantomjs fork massif downloads resources over HTTP, which ...)
 	NOT-FOR-US: massif
-CVE-2016-10681
+CVE-2016-10681 (roslib-socketio - The standard ROS Javascript Library fork for add sup ...)
 	NOT-FOR-US: roslib-socketio
-CVE-2016-10680
+CVE-2016-10680 (adamvr-geoip-lite is a light weight native JavaScript implementation o ...)
 	NOT-FOR-US: adamvr-geoip-lite
-CVE-2016-10679
+CVE-2016-10679 (selenium-standalone-painful installs a start-selenium command line to  ...)
 	NOT-FOR-US: selenium-standalone-painful
-CVE-2016-10678
+CVE-2016-10678 (serc.js is a Selenium RC process wrapper serc.js downloads binary reso ...)
 	NOT-FOR-US: serc.js
-CVE-2016-10677
+CVE-2016-10677 (google-closure-tools-latest is a Node.js module wrapper for downloadin ...)
 	NOT-FOR-US: google-closure-tools-latest
-CVE-2016-10676
+CVE-2016-10676 (rs-brightcove is a wrapper around brightcove's web api rs-brightcove d ...)
 	NOT-FOR-US: rs-brightcove
-CVE-2016-10675
+CVE-2016-10675 (libsbmlsim is a module that installs linux binaries for libsbmlsim lib ...)
 	NOT-FOR-US: libsbmlsim
-CVE-2016-10674
+CVE-2016-10674 (limbus-buildgen is a "build anywhere" build system. limbus-buildgen ve ...)
 	NOT-FOR-US: limbus-buildgen
-CVE-2016-10673
+CVE-2016-10673 (ipip-coffee queries geolocation information from IP ipip-coffee downlo ...)
 	NOT-FOR-US: ipip-coffee
-CVE-2016-10672
+CVE-2016-10672 (cloudpub-redis is a module for CloudPub: Redis Backend cloudpub-redis  ...)
 	NOT-FOR-US: cloudpub-redis
-CVE-2016-10671
+CVE-2016-10671 (mystem-wrapper is a Yandex mystem app wrapper module. mystem-wrapper d ...)
 	NOT-FOR-US: mystem-wrapper
-CVE-2016-10670
+CVE-2016-10670 (windows-seleniumjar-mirror downloads the Selenium Jar file windows-sel ...)
 	NOT-FOR-US: windows-seleniumjar-mirror
-CVE-2016-10669
+CVE-2016-10669 (soci downloads binary resources over HTTP, which leaves it vulnerable  ...)
 	NOT-FOR-US: soci
-CVE-2016-10668
+CVE-2016-10668 (libsbml is a module that installs Linux binaries for libSBML libsbml d ...)
 	NOT-FOR-US: libsbml node integration, different from src:libsml
-CVE-2016-10667
+CVE-2016-10667 (selenium-portal is a Selenium Testing Framework selenium-portal downlo ...)
 	NOT-FOR-US: selenium-portal
-CVE-2016-10666
+CVE-2016-10666 (tomita-parser is a Node wrapper for Yandex Tomita Parser tomita-parser ...)
 	NOT-FOR-US: tomita-parser
-CVE-2016-10665
+CVE-2016-10665 (herbivore is a packet sniffing and crafting library. Built on libtins  ...)
 	NOT-FOR-US: herbivore
-CVE-2016-10664
+CVE-2016-10664 (mystem is a Node.js wrapper for MyStem morphology text analyzer by Yan ...)
 	NOT-FOR-US: mystem
-CVE-2016-10663
+CVE-2016-10663 (wixtoolset is a Node module wrapper around the wixtoolset binaries wix ...)
 	NOT-FOR-US: wixtoolset
-CVE-2016-10662
+CVE-2016-10662 (tomita is a node wrapper for Yandex Tomita Parser tomita downloads bin ...)
 	NOT-FOR-US: tomita
-CVE-2016-10661
+CVE-2016-10661 (phantomjs-cheniu is a Headless WebKit with JS API phantomjs-cheniu dow ...)
 	NOT-FOR-US: phantomjs-cheniu
-CVE-2016-10660
+CVE-2016-10660 (fis-parser-sass-bin a plugin for fis to compile sass using node-sass-b ...)
 	NOT-FOR-US: fis-parser-sass-bin
-CVE-2016-10659
+CVE-2016-10659 (poco - The POCO libraries, downloads source file resources used for co ...)
 	NOT-FOR-US: nodejs poco module
-CVE-2016-10658
+CVE-2016-10658 (native-opencv is the OpenCV library installed via npm native-opencv do ...)
 	NOT-FOR-US: native-opencv binding for node, different from src:opencv
-CVE-2016-10657
+CVE-2016-10657 (co-cli-installer downloads the co-cli module as part of the install pr ...)
 	NOT-FOR-US: co-cli-installer
-CVE-2016-10656
+CVE-2016-10656 (qbs is a build tool that helps simplify the build process for developi ...)
 	NOT-FOR-US: npm qbs (different from src:qbs)
-CVE-2016-10655
+CVE-2016-10655 (The clang-extra module installs LLVM's clang-extra tools. clang-extra  ...)
 	NOT-FOR-US: npm clang-extra
-CVE-2016-10654
+CVE-2016-10654 (sfml downloads resources over HTTP, which leaves it vulnerable to MITM ...)
 	NOT-FOR-US: node-sfml
-CVE-2016-10653
+CVE-2016-10653 (xd-testing is a testing library for cross-device (XD) web applications ...)
 	NOT-FOR-US: node xp-testing
-CVE-2016-10652
+CVE-2016-10652 (prebuild-lwip is a module for comprehensive, fast, and simple image pr ...)
 	NOT-FOR-US: node prebuild-lwip
-CVE-2016-10651
+CVE-2016-10651 (webdriver-launcher is a Node.js Selenium Webdriver Launcher. webdriver ...)
 	NOT-FOR-US: webdriver-launcher
-CVE-2016-10650
+CVE-2016-10650 (ntfserver is a Network Testing Framework Server. ntfserver downloads b ...)
 	NOT-FOR-US: ntfserver
-CVE-2016-10649
+CVE-2016-10649 (frames-compiler downloads binary resources over HTTP, which leaves it  ...)
 	NOT-FOR-US: frames-compiler
-CVE-2016-10648
+CVE-2016-10648 (marionette-socket-host is a marionette-js-runner host for sending acti ...)
 	NOT-FOR-US: marionette-socket-host
-CVE-2016-10647
+CVE-2016-10647 (node-air-sdk is an AIR SDK for nodejs. node-air-sdk downloads binary r ...)
 	NOT-FOR-US: node-air-sdk
-CVE-2016-10646
+CVE-2016-10646 (resourcehacker is a Node wrapper of Resource Hacker (windows executabl ...)
 	NOT-FOR-US: resourcehacker
-CVE-2016-10645
+CVE-2016-10645 (grunt-images is a grunt plugin for processing images. grunt-images dow ...)
 	NOT-FOR-US: grunt-images
-CVE-2016-10644
+CVE-2016-10644 (slimerjs-edge is a npm wrapper for installing the bleeding edge versio ...)
 	NOT-FOR-US: slimerjs-edge
-CVE-2016-10643
+CVE-2016-10643 (jstestdriver is a wrapper for Google's jstestdriver. jstestdriver down ...)
 	NOT-FOR-US: jstestdriver
-CVE-2016-10642
+CVE-2016-10642 (cmake installs the cmake x86 linux binaries. cmake downloads binary re ...)
 	NOT-FOR-US: cmake node intregration
-CVE-2016-10641
+CVE-2016-10641 (node-bsdiff-android downloads resources over HTTP, which leaves it vul ...)
 	NOT-FOR-US: node-bsdiff-android
-CVE-2016-10640
+CVE-2016-10640 (node-thulac is a node binding for thulac. node-thulac downloads binary ...)
 	NOT-FOR-US: node-thulac
-CVE-2016-10639
+CVE-2016-10639 (redis-srvr is a npm wrapper for redis-server. redis-srvr downloads bin ...)
 	NOT-FOR-US: redis-srvr
-CVE-2016-10638
+CVE-2016-10638 (js-given is a JavaScript frontend to jgiven. js-given downloads binary ...)
 	NOT-FOR-US: js-given
-CVE-2016-10637
+CVE-2016-10637 (haxe-dev is a cross-platform toolkit. haxe-dev downloads binary resour ...)
 	NOT-FOR-US: haxe-dev, different from src:haxe
-CVE-2016-10636
+CVE-2016-10636 (grunt-ccompiler is a Closure Compiler Grunt Plugin. grunt-ccompiler do ...)
 	NOT-FOR-US: grunt-ccompiler
-CVE-2016-10635
+CVE-2016-10635 (broccoli-closure is a Closure compiler plugin for Broccoli. broccoli-c ...)
 	NOT-FOR-US: broccoli-closure
-CVE-2016-10634
+CVE-2016-10634 (scala-standalone-bin is a Binary wrapper for ScalaJS. scala-standalone ...)
 	NOT-FOR-US: scala-standalone-bin
-CVE-2016-10633
+CVE-2016-10633 (dwebp-bin is a dwebp node.js wrapper that convert WebP into PNG. dwebp ...)
 	NOT-FOR-US: dwebp-bin
-CVE-2016-10632
+CVE-2016-10632 (apk-parser2 is a module which extracts Android Manifest info from an A ...)
 	NOT-FOR-US: apk-parser2
-CVE-2016-10631
+CVE-2016-10631 (jvminstall is a module for downloading and unpacking jvm to local syst ...)
 	NOT-FOR-US: jvminstall
-CVE-2016-10630
+CVE-2016-10630 (install-g-test downloads resources over HTTP, which leaves it vulnerab ...)
 	NOT-FOR-US: install-g-test
-CVE-2016-10629
+CVE-2016-10629 (nw-with-arm is a NW Installer including ARM-Build. nw-with-arm downloa ...)
 	NOT-FOR-US: nw-with-arm
-CVE-2016-10628
+CVE-2016-10628 (selenium-wrapper is a selenium server wrapper, including installation  ...)
 	NOT-FOR-US: selenium-wrapper
-CVE-2016-10627
+CVE-2016-10627 (scala-bin is a binary wrapper for Scala. scala-bin downloads binary re ...)
 	NOT-FOR-US: scala-bin
-CVE-2016-10626
+CVE-2016-10626 (mystem3 is a NodeJS wrapper for the Yandex MyStem 3. mystem3 downloads ...)
 	NOT-FOR-US: mystem3
-CVE-2016-10625
+CVE-2016-10625 (headless-browser-lite is a minimal npm installer for phantomjs and sli ...)
 	NOT-FOR-US: headless-browser-lite
-CVE-2016-10624
+CVE-2016-10624 (selenium-chromedriver is a simple utility for downloading the Selenium ...)
 	NOT-FOR-US: selenium-chromedriver
-CVE-2016-10623
+CVE-2016-10623 (macaca-chromedriver-zxa is a Node.js wrapper for the selenium chromedr ...)
 	NOT-FOR-US: macaca-chromedriver-zxa
-CVE-2016-10622
+CVE-2016-10622 (nodeschnaps is a NodeJS compatibility layer for Java (Rhino). nodeschn ...)
 	NOT-FOR-US: nodeschnaps
-CVE-2016-10621
+CVE-2016-10621 (fibjs is a runtime for javascript applictions built on google v8 JS. f ...)
 	NOT-FOR-US: fibjs
-CVE-2016-10620
+CVE-2016-10620 (atom-node-module-installer installs node modules for atom-shell applic ...)
 	NOT-FOR-US: atom-node-module-installer
-CVE-2016-10619
+CVE-2016-10619 (pennyworth is a natural language templating engine. pennyworth downloa ...)
 	NOT-FOR-US: pennyworth
-CVE-2016-10618
+CVE-2016-10618 (node-browser is a wrapper webdriver by nodejs. node-browser downloads  ...)
 	NOT-FOR-US: node-browser
-CVE-2016-10617
+CVE-2016-10617 (box2d-native downloads binary resources over HTTP, which leaves it vul ...)
 	NOT-FOR-US: box2d-native (different from src:box2d)
-CVE-2016-10616
+CVE-2016-10616 (openframe-image is an Openframe extension which adds support for image ...)
 	NOT-FOR-US: openframe-image
-CVE-2016-10615
+CVE-2016-10615 (curses is bindings for the native curses library, a full featured cons ...)
 	NOT-FOR-US: curses node module
-CVE-2016-10614
+CVE-2016-10614 (httpsync is a port of libcurl to node.js. httpsync downloads binary re ...)
 	NOT-FOR-US: httpsync node module
-CVE-2016-10613
+CVE-2016-10613 (bionode-sra is a Node.js wrapper for SRA Toolkit. bionode-sra download ...)
 	NOT-FOR-US: bionode-sra
-CVE-2016-10612
+CVE-2016-10612 (dalek-browser-ie-canary is Internet Explorer bindings for DalekJS. dal ...)
 	NOT-FOR-US: dalek-browser-ie-canary
-CVE-2016-10611
+CVE-2016-10611 (strider-sauce is Sauce Labs / Selenium support for Strider. strider-sa ...)
 	NOT-FOR-US: strider-sauce
-CVE-2016-10610
+CVE-2016-10610 (unicode-json is a unicode lookup table. unicode-json before 2.0.0 down ...)
 	NOT-FOR-US: unicode-json
-CVE-2016-10609
+CVE-2016-10609 (chromedriver126 is chromedriver version 1.26 for linux OS. chromedrive ...)
 	NOT-FOR-US: chromedriver126
-CVE-2016-10608
+CVE-2016-10608 (robot-js is a module for native system automation for node.js. robot-j ...)
 	NOT-FOR-US: robot-js
-CVE-2016-10607
+CVE-2016-10607 (openframe-glsviewer is a Openframe extension which adds support for sh ...)
 	NOT-FOR-US: openframe-glsviewer
-CVE-2016-10606
+CVE-2016-10606 (grunt-webdriver-qunit is a grunt plugin to run qunit with webdriver in ...)
 	NOT-FOR-US: grunt-webdriver-qunit
-CVE-2016-10605
+CVE-2016-10605 (dalek-browser-ie is Internet Explorer bindings for DalekJS. dalek-brow ...)
 	NOT-FOR-US: dalek-browser-ie
-CVE-2016-10604
+CVE-2016-10604 (dalek-browser-chrome is Google Chrome bindings for DalekJS. dalek-brow ...)
 	NOT-FOR-US: dalek-browser-chrome
-CVE-2016-10603
+CVE-2016-10603 (air-sdk is a NPM wrapper for the Adobe AIR SDK. air-sdk downloads bina ...)
 	NOT-FOR-US: air-sdk
-CVE-2016-10602
+CVE-2016-10602 (haxe is a cross-platform toolkit haxe downloads zipped resources over  ...)
 	NOT-FOR-US: Haxe node module, different from src:haxe
-CVE-2016-10601
+CVE-2016-10601 (webdrvr is a npm wrapper for Selenium Webdriver including Chromedriver ...)
 	NOT-FOR-US: webdrvr
-CVE-2016-10600
+CVE-2016-10600 (webrtc-native uses WebRTC from chromium project. webrtc-native downloa ...)
 	NOT-FOR-US: webrtc-native
-CVE-2016-10599
+CVE-2016-10599 (sauce-connect is a Node.js wrapper over the SauceLabs SauceConnect.jar ...)
 	NOT-FOR-US: sauce-connect
-CVE-2016-10598
+CVE-2016-10598 (arrayfire-js is a module for ArrayFire for the Node.js platform. array ...)
 	NOT-FOR-US: arrayfire-js
-CVE-2016-10597
+CVE-2016-10597 (cobalt-cli downloads resources over HTTP, which leaves it vulnerable t ...)
 	NOT-FOR-US: cobalt-cli
-CVE-2016-10596
+CVE-2016-10596 (imageoptim is a Node.js wrapper for some images compression algorithms ...)
 	NOT-FOR-US: imageoptim
-CVE-2016-10595
+CVE-2016-10595 (jdf-sass is a fork from node-sass, jdf use only. jdf-sass downloads ex ...)
 	NOT-FOR-US: jdf-sass
-CVE-2016-10594
+CVE-2016-10594 (ipip is a Node.js module to query geolocation information for an IP or ...)
 	NOT-FOR-US: ibip
-CVE-2016-10593
+CVE-2016-10593 (ibapi is an Interactive Brokers API addon for NodeJS. ibapi downloads  ...)
 	NOT-FOR-US: ibapi
-CVE-2016-10592
+CVE-2016-10592 (jser-stat is a JSer.info stat library. jser-stat downloads data resour ...)
 	NOT-FOR-US: jser-stat
-CVE-2016-10591
+CVE-2016-10591 (Prince is a Node API for executing XML/HTML to PDF renderer PrinceXML  ...)
 	NOT-FOR-US: Prince Node API
-CVE-2016-10590
+CVE-2016-10590 (cue-sdk-node is a Corsair Cue SDK wrapper for node.js. cue-sdk-node do ...)
 	NOT-FOR-US: cue-sdk-node
-CVE-2016-10589
+CVE-2016-10589 (selenium-binaries downloads Selenium related binaries for your OS. sel ...)
 	NOT-FOR-US: selenium-binaries
-CVE-2016-10588
+CVE-2016-10588 (nw is an installer for nw.js. nw downloads zipped resources over HTTP, ...)
 	NOT-FOR-US: nw
-CVE-2016-10587
+CVE-2016-10587 (wasdk is a toolkit for creating WebAssembly modules. wasdk downloads b ...)
 	NOT-FOR-US: wasdk
-CVE-2016-10586
+CVE-2016-10586 (macaca-chromedriver is a Node.js wrapper for the selenium chromedriver ...)
 	NOT-FOR-US: macaca-chromedriver
-CVE-2016-10585
+CVE-2016-10585 (libxl provides Node bindings for the libxl library for reading and wri ...)
 	NOT-FOR-US: libxl node bindings
-CVE-2016-10584
+CVE-2016-10584 (dalek-browser-chrome-canary provides Google Chrome bindings for DalekJ ...)
 	NOT-FOR-US: dalek-browser-chrome-canary
-CVE-2016-10583
+CVE-2016-10583 (closure-utils is Utilities for Closure Library based projects. closure ...)
 	NOT-FOR-US: closure-utils
-CVE-2016-10582
+CVE-2016-10582 (closurecompiler is a Closure Compiler for node.js. closurecompiler dow ...)
 	NOT-FOR-US: closurecompiler
-CVE-2016-10581
+CVE-2016-10581 (Steroids is PhoneGap on Steroids, providing native UI elements, multip ...)
 	NOT-FOR-US: PhoneGap on Steroids
-CVE-2016-10580
+CVE-2016-10580 (nodewebkit is an installer for node-webkit. nodewebkit downloads zippe ...)
 	NOT-FOR-US: nodewebkit
-CVE-2016-10579
+CVE-2016-10579 (Chromedriver is an NPM wrapper for selenium ChromeDriver. Chromedriver ...)
 	NOT-FOR-US: Chromedriver
-CVE-2016-10578
+CVE-2016-10578 (unicode loads unicode data downloaded from unicode.org into nodejs. Un ...)
 	NOT-FOR-US: nodejs unicode module
-CVE-2016-10577
+CVE-2016-10577 (ibm_db is an asynchronous/synchronous interface for node.js to IBM DB2 ...)
 	NOT-FOR-US: ibm_db node.js module
-CVE-2016-10576
+CVE-2016-10576 (Fuseki server wrapper and management API in fuseki before 1.0.1 downlo ...)
 	NOT-FOR-US: Fuseki
-CVE-2016-10575
+CVE-2016-10575 (Kindlegen is a simple Node.js wrapper of the official kindlegen progra ...)
 	NOT-FOR-US: Kindlegen
-CVE-2016-10574
+CVE-2016-10574 (apk-parser3 is a module to extract Android Manifest info from an APK f ...)
 	NOT-FOR-US: apk-parser3
-CVE-2016-10573
+CVE-2016-10573 (baryton-saxophone is a module to install and launch Selenium Server fo ...)
 	NOT-FOR-US: baryton-saxophone
-CVE-2016-10572
+CVE-2016-10572 (mongodb-instance before 0.0.3 installs mongodb locally. mongodb-instan ...)
 	NOT-FOR-US: mongodb-instance
-CVE-2016-10571
+CVE-2016-10571 (bkjs-wand is imagemagick wand support for node.js and backendjs bkjs-w ...)
 	NOT-FOR-US: bkjs-wand
-CVE-2016-10570
+CVE-2016-10570 (pngcrush-installer is an installer for Pngcrush. pngcrush-installer ve ...)
 	NOT-FOR-US: pngcrush-installer
-CVE-2016-10569
+CVE-2016-10569 (embedza is a module to create HTML snippets/embeds from URLs using inf ...)
 	NOT-FOR-US: embedza
-CVE-2016-10568
+CVE-2016-10568 (geoip-lite-country is a stripped down version of geoip-lite, supportin ...)
 	NOT-FOR-US: geoip-lite-country
-CVE-2016-10567
+CVE-2016-10567 (product-monitor is a HTML/JavaScript template for monitoring a product ...)
 	NOT-FOR-US: product-monitor
-CVE-2016-10566
+CVE-2016-10566 (install-nw is a module which quickly and robustly installs and caches  ...)
 	NOT-FOR-US: install-nw
-CVE-2016-10565
+CVE-2016-10565 (operadriver is a Opera Driver for Selenium. operadriver versions below ...)
 	NOT-FOR-US: operadriver
-CVE-2016-10564
+CVE-2016-10564 (apk-parser is a tool to extract Android Manifest info from an APK file ...)
 	NOT-FOR-US: apk-parser
-CVE-2016-10563
+CVE-2016-10563 (During the installation process, the go-ipfs-deps module before 0.4.4  ...)
 	NOT-FOR-US: go-ipfs-deps
-CVE-2016-10562
+CVE-2016-10562 (iedriver is an NPM wrapper for Selenium IEDriver. iedriver versions be ...)
 	NOT-FOR-US: iedriver
-CVE-2016-10561
+CVE-2016-10561 (Bitty is a development web server tool that functions similar to `pyth ...)
 	NOT-FOR-US: Bitty
-CVE-2016-10560
+CVE-2016-10560 (galenframework-cli is the node wrapper for the Galen Framework. galenf ...)
 	NOT-FOR-US: galenframework-cli
-CVE-2016-10559
+CVE-2016-10559 (selenium-download downloads the latest versions of the selenium standa ...)
 	NOT-FOR-US: selenium-download
-CVE-2016-10558
+CVE-2016-10558 (aerospike is an Aerospike add-on module for Node.js. aerospike version ...)
 	NOT-FOR-US: aerospike
-CVE-2016-10557
+CVE-2016-10557 (appium-chromedriver is a Node.js wrapper around Chromedriver. Versions ...)
 	NOT-FOR-US: appium-chromedriver
-CVE-2016-10556
+CVE-2016-10556 (sequelize is an Object-relational mapping, or a middleman to convert t ...)
 	NOT-FOR-US: sequelize
-CVE-2016-10555
+CVE-2016-10555 (Since "algorithm" isn't enforced in jwt.decode()in jwt-simple 0.3.0 an ...)
 	NOT-FOR-US: nodejs-jwt-simple
-CVE-2016-10554
+CVE-2016-10554 (sequelize is an Object-relational mapping, or a middleman to convert t ...)
 	NOT-FOR-US: sequelize
-CVE-2016-10553
+CVE-2016-10553 (sequelize is an Object-relational mapping, or a middleman to convert t ...)
 	NOT-FOR-US: sequelize
-CVE-2016-10552
+CVE-2016-10552 (igniteui 0.0.5 and earlier downloads JavaScript and CSS resources over ...)
 	NOT-FOR-US: igniteui
-CVE-2016-10551
+CVE-2016-10551 (waterline-sequel is a module that helps generate SQL statements for Wa ...)
 	NOT-FOR-US: waterline-sequel
-CVE-2016-10550
+CVE-2016-10550 (sequelize is an Object-relational mapping, or a middleman to convert t ...)
 	NOT-FOR-US: sequelize
-CVE-2016-10549
+CVE-2016-10549 (Sails is an MVC style framework for building realtime web applications ...)
 	NOT-FOR-US: Sails
-CVE-2016-10548
+CVE-2016-10548 (Arbitrary code execution is possible in reduce-css-calc node module &l ...)
 	NOT-FOR-US: reduce-css-calc
-CVE-2016-10547
+CVE-2016-10547 (Nunjucks is a full featured templating engine for JavaScript. Versions ...)
 	NOT-FOR-US: Nunjucks
-CVE-2016-10546
+CVE-2016-10546 (An arbitrary code injection vector was found in PouchDB 6.0.4 and less ...)
 	NOT-FOR-US: PouchDB
 CVE-2016-10545
 	REJECTED
-CVE-2016-10544
+CVE-2016-10544 (uws is a WebSocket server library. By sending a 256mb websocket messag ...)
 	NOT-FOR-US: uws
-CVE-2016-10543
+CVE-2016-10543 (call is an HTTP router that is primarily used by the hapi framework. T ...)
 	NOT-FOR-US: call HTTP router
-CVE-2016-10542
+CVE-2016-10542 (ws is a "simple to use, blazing fast and thoroughly tested websocket c ...)
 	- node-ws <unfixed> (unimportant)
 	NOTE: https://nodesecurity.io/advisories/120
 	NOTE: https://github.com/nodejs/node/issues/7388
 	NOTE: nodejs not covered by security support
-CVE-2016-10541
+CVE-2016-10541 (The npm module "shell-quote" 1.6.0 and earlier cannot correctly escape ...)
 	- node-shell-quote <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://nodesecurity.io/advisories/117
 	NOTE: nodejs not covered by security support
-CVE-2016-10540
+CVE-2016-10540 (Minimatch is a minimal matching utility that works by converting glob  ...)
 	- node-minimatch <unfixed> (unimportant)
 	NOTE: https://nodesecurity.io/advisories/118
 	NOTE: https://github.com/isaacs/minimatch/commit/6944abf9e0694bd22fd9dad293faa40c2bc8a955
 	NOTE: libv8 is not covered by security support
-CVE-2016-10539
+CVE-2016-10539 (negotiator is an HTTP content negotiator for Node.js and is used by ma ...)
 	- node-negotiator 0.6.1-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/106
 	NOTE: nodejs not covered by security support
-CVE-2016-10538
+CVE-2016-10538 (The package `node-cli` before 1.0.0 insecurely uses the lock_file and  ...)
 	- node-cli <removed> (unimportant; bug #809252)
 	NOTE: https://github.com/node-js-libs/cli/issues/81
 	NOTE: https://nodesecurity.io/advisories/95
-CVE-2016-10537
+CVE-2016-10537 (backbone is a module that adds in structure to a JavaScript heavy appl ...)
 	- backbone 0.5.3-1
 	NOTE: https://nodesecurity.io/advisories/108
-CVE-2016-10536
+CVE-2016-10536 (engine.io-client is the client for engine.io, the implementation of a  ...)
 	NOT-FOR-US: engine.io-client
-CVE-2016-10535
+CVE-2016-10535 (csrf-lite is a cross-site request forgery protection library for frame ...)
 	NOT-FOR-US: csrf-lite
-CVE-2016-10534
+CVE-2016-10534 (electron-packager is a command line tool that packages Electron source ...)
 	NOT-FOR-US: electron-packager
-CVE-2016-10533
+CVE-2016-10533 (express-restify-mongoose is a module to easily create a flexible REST  ...)
 	NOT-FOR-US: express-restify-mongoose
-CVE-2016-10532
+CVE-2016-10532 (console-io is a module that allows users to implement a web console in ...)
 	NOT-FOR-US: console-io
-CVE-2016-10531
+CVE-2016-10531 (marked is an application that is meant to parse and compile markdown.  ...)
 	- node-marked 0.3.6+dfsg-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/101
 	NOTE: nodejs not covered by security support
-CVE-2016-10530
+CVE-2016-10530 (The airbrake module 0.3.8 and earlier defaults to sending environment  ...)
 	NOT-FOR-US: airbrake
-CVE-2016-10529
+CVE-2016-10529 (Droppy versions &lt;3.5.0 does not perform any verification for cross- ...)
 	NOT-FOR-US: Droppy
-CVE-2016-10528
+CVE-2016-10528 (restafary is a REpresentful State Transfer API for Creating, Reading,  ...)
 	NOT-FOR-US: restafary
-CVE-2016-10527
+CVE-2016-10527 (The riot-compiler version version 2.3.21 has an issue in a regex (Cata ...)
 	NOT-FOR-US: riot-compiler
-CVE-2016-10526
+CVE-2016-10526 (A common setup to deploy to gh-pages on every commit via a CI system i ...)
 	NOT-FOR-US: gh-pages
-CVE-2016-10525
+CVE-2016-10525 (When attempting to allow authentication mode `try` in hapi, hapi-auth- ...)
 	NOT-FOR-US: hapi
-CVE-2016-10524
+CVE-2016-10524 (i18n-node-angular is a module used to interact between i18n and angula ...)
 	NOT-FOR-US: i18n-node-angular
-CVE-2016-10523
+CVE-2016-10523 (MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted M ...)
 	- node-mqtt-packet <not-affected> (Fixed before initial upload to the archive)
 	NOTE: https://nodesecurity.io/advisories/75
-CVE-2016-10522
+CVE-2016-10522 (rails_admin ruby gem &lt;v1.1.1 is vulnerable to cross-site request fo ...)
 	- ruby-rails-admin <removed> (bug #903855)
 	NOTE: https://github.com/sferik/rails_admin/commit/b13e879eb93b661204e9fb5e55f7afa4f397537a
-CVE-2016-10521
+CVE-2016-10521 (jshamcrest is vulnerable to regular expression denial of service (ReDo ...)
 	NOT-FOR-US: jshamcrest
-CVE-2016-10520
+CVE-2016-10520 (jadedown is vulnerable to regular expression denial of service (ReDoS) ...)
 	NOT-FOR-US: jadedown
-CVE-2016-10519
+CVE-2016-10519 (A security issue was found in bittorrent-dht before 5.1.3 that allows  ...)
 	NOT-FOR-US: bittorrent-dht
-CVE-2016-10518
+CVE-2016-10518 (A vulnerability was found in the ping functionality of the ws module b ...)
 	- node-ws 1.0.1+ds1.e6ddaae4-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/67
 	NOTE: Nodefs not covered by security support
-CVE-2016-10517
+CVE-2016-10517 (networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" b ...)
 	{DLA-1161-1}
 	- redis 3:3.2.7-1
 	[stretch] - redis <no-dsa> (Minor issue)
 	[jessie] - redis <no-dsa> (Minor issue)
 	NOTE: https://github.com/antirez/redis/commit/874804da0c014a7d704b3d285aa500098a931f50
-CVE-2016-10516
+CVE-2016-10516 (Cross-site scripting (XSS) vulnerability in the render_full function i ...)
 	{DLA-1191-1}
 	- python-werkzeug 0.11.11+dfsg1-1
 	[jessie] - python-werkzeug <no-dsa> (Minor issue)
 	NOTE: http://blog.neargle.com/2016/09/21/flask-src-review-get-a-xss-from-debuger/
 	NOTE: https://github.com/pallets/werkzeug/pull/1001
 	NOTE: https://github.com/pallets/werkzeug/commit/1034edc7f901dd645ec6e462754111b39002bd65
-CVE-2016-10515
+CVE-2016-10515 (In Redmine before 3.2.3, there are stored XSS vulnerabilities affectin ...)
 	- redmine 3.2.3-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
 	[wheezy] - redmine <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: upstream fixed in 3.2.3
-CVE-2016-10514
+CVE-2016-10514 (url_check_format in include/functions.inc.php in Piwigo before 2.8.3 a ...)
 	- piwigo <removed>
-CVE-2016-10513
+CVE-2016-10513 (Cross Site Scripting (XSS) exists in Piwigo before 2.8.3 via a crafted ...)
 	- piwigo <removed>
-CVE-2016-10512
+CVE-2016-10512 (MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for main ...)
 	NOT-FOR-US: MultiTech FaxFinder
-CVE-2016-10511
+CVE-2016-10511 (The Twitter iOS client versions 6.62 and 6.62.1 fail to validate Twitt ...)
 	NOT-FOR-US: Twitter iOS client
-CVE-2016-10510
+CVE-2016-10510 (Cross-site scripting (XSS) vulnerability in the Security component of  ...)
 	{DLA-1241-1}
 	- libkohana2-php <removed>
 	[jessie] - libkohana2-php <ignored> (Minor issue)
 	NOTE: https://github.com/kohana/kohana/issues/107
 	NOTE: Fixed by https://github.com/kohana/core/pull/697
-CVE-2016-10509
+CVE-2016-10509 (SQL injection vulnerability in the updateAmazonOrderTracking function  ...)
 	NOT-FOR-US: OpenCart
-CVE-2016-10508
+CVE-2016-10508 (Multiple cross-site scripting (XSS) vulnerabilities in phpThumb() befo ...)
 	NOT-FOR-US: phpThumb
-CVE-2016-10507
+CVE-2016-10507 (Integer overflow vulnerability in the bmp24toimage function in convert ...)
 	- openjpeg2 2.1.2-1
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://github.com/uclouvain/openjpeg/commit/33a0e66eb129c4e91b555a6b8dd9eab512fbfeb8 (v2.1.1)
 	NOTE: Fixed by: https://github.com/uclouvain/openjpeg/commit/da940424816e11d624362ce080bc026adffa26e8 (v2.1.2)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/833
-CVE-2016-10506
+CVE-2016-10506 (Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, op ...)
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/d27ccf01c68a31ad62b33d2dc1ba2bb1eeaafe7b
 	NOTE: https://github.com/uclouvain/openjpeg/issues/731
@@ -629,236 +629,236 @@ CVE-2016-10506
 	NOTE: https://github.com/uclouvain/openjpeg/issues/778
 	NOTE: https://github.com/uclouvain/openjpeg/issues/779
 	NOTE: https://github.com/uclouvain/openjpeg/issues/780
-CVE-2016-10505
+CVE-2016-10505 (NULL pointer dereference vulnerabilities in the imagetopnm function in ...)
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/776
 	NOTE: https://github.com/uclouvain/openjpeg/issues/784
 	NOTE: https://github.com/uclouvain/openjpeg/issues/785
 	NOTE: https://github.com/uclouvain/openjpeg/issues/792
-CVE-2016-10504
+CVE-2016-10504 (Heap-based buffer overflow vulnerability in the opj_mqc_byteout functi ...)
 	- openjpeg2 2.2.0-1 (bug #874113)
 	[stretch] - openjpeg2 2.1.2-1.1+deb9u2
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later, see #874113)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/397f62c0a838e15d667ef50e27d5d011d2c79c04
 	NOTE: https://github.com/uclouvain/openjpeg/issues/835
-CVE-2016-10503
+CVE-2016-10503 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated ...)
 	NOT-FOR-US: IBM
 CVE-2016-1000245
 	RESERVED
-CVE-2016-10502
+CVE-2016-10502 (While generating trusted application id, An integer overflow can occur ...)
 	NOT-FOR-US: Snapdragon
-CVE-2016-10501
+CVE-2016-10501 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10500
 	RESERVED
-CVE-2016-10499
+CVE-2016-10499 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10498
+CVE-2016-10498 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10497
+CVE-2016-10497 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10496
+CVE-2016-10496 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10495
+CVE-2016-10495 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10494
+CVE-2016-10494 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10493
+CVE-2016-10493 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10492
+CVE-2016-10492 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10491
+CVE-2016-10491 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10490
+CVE-2016-10490 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10489
+CVE-2016-10489 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10488
 	RESERVED
-CVE-2016-10487
+CVE-2016-10487 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10486
+CVE-2016-10486 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10485
+CVE-2016-10485 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10484
+CVE-2016-10484 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10483
+CVE-2016-10483 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10482
+CVE-2016-10482 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10481
+CVE-2016-10481 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10480
+CVE-2016-10480 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10479
+CVE-2016-10479 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10478
+CVE-2016-10478 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10477
+CVE-2016-10477 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10476
+CVE-2016-10476 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10475
+CVE-2016-10475 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10474
+CVE-2016-10474 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10473
+CVE-2016-10473 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10472
+CVE-2016-10472 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10471
+CVE-2016-10471 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10470
 	RESERVED
-CVE-2016-10469
+CVE-2016-10469 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10468
 	RESERVED
-CVE-2016-10467
+CVE-2016-10467 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10466
+CVE-2016-10466 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10465
 	RESERVED
-CVE-2016-10464
+CVE-2016-10464 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10463
 	RESERVED
-CVE-2016-10462
+CVE-2016-10462 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10461
+CVE-2016-10461 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10460
+CVE-2016-10460 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10459
+CVE-2016-10459 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10458
+CVE-2016-10458 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10457
+CVE-2016-10457 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10456
+CVE-2016-10456 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10455
+CVE-2016-10455 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10454
+CVE-2016-10454 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10453
 	RESERVED
-CVE-2016-10452
+CVE-2016-10452 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10451
+CVE-2016-10451 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10450
+CVE-2016-10450 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10449
+CVE-2016-10449 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10448
+CVE-2016-10448 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10447
+CVE-2016-10447 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10446
+CVE-2016-10446 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10445
+CVE-2016-10445 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10444
+CVE-2016-10444 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10443
+CVE-2016-10443 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10442
+CVE-2016-10442 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10441
+CVE-2016-10441 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10440
+CVE-2016-10440 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10439
+CVE-2016-10439 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10438
+CVE-2016-10438 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10437
+CVE-2016-10437 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10436
+CVE-2016-10436 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10435
+CVE-2016-10435 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10434
+CVE-2016-10434 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10433
+CVE-2016-10433 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10432
+CVE-2016-10432 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10431
+CVE-2016-10431 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10430
+CVE-2016-10430 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10429
+CVE-2016-10429 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10428
+CVE-2016-10428 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10427
+CVE-2016-10427 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10426
+CVE-2016-10426 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10425
+CVE-2016-10425 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10424
+CVE-2016-10424 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10423
+CVE-2016-10423 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10422
+CVE-2016-10422 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10421
+CVE-2016-10421 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10420
+CVE-2016-10420 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10419
+CVE-2016-10419 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10418
+CVE-2016-10418 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10417
+CVE-2016-10417 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10416
+CVE-2016-10416 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10415
+CVE-2016-10415 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10414
+CVE-2016-10414 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10413
 	RESERVED
-CVE-2016-10412
+CVE-2016-10412 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10411
+CVE-2016-10411 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10410
+CVE-2016-10410 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10409
+CVE-2016-10409 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2016-10408
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10407
+CVE-2016-10407 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10406
+CVE-2016-10406 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10405
+CVE-2016-10405 (Session fixation vulnerability in D-Link DIR-600L routers (rev. Ax) wi ...)
 	NOT-FOR-US: D-Link
-CVE-2016-10404
+CVE-2016-10404 (XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted redirect  ...)
 	NOT-FOR-US: Liferay Portal
-CVE-2016-10403
+CVE-2016-10403 (Insufficient data validation on image data in PDFium in Google Chrome  ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-10402
+CVE-2016-10402 (Avira Antivirus engine versions before 8.3.36.60 allow remote code exe ...)
 	NOT-FOR-US: Avira
-CVE-2016-10401
+CVE-2016-10401 (ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it ...)
 	NOT-FOR-US: ZyXEL
-CVE-2016-10400
+CVE-2016-10400 (Directory Traversal exists in ATutor before 2.2.2 via the icon paramet ...)
 	NOT-FOR-US: ATutor
-CVE-2016-10399
+CVE-2016-10399 (Sendio versions before 8.2.1 were affected by a Local File Inclusion v ...)
 	NOT-FOR-US: Sendio
-CVE-2016-10398
+CVE-2016-10398 (Android 6.0 has an authentication bypass for attackers with root and p ...)
 	NOT-FOR-US: Android
-CVE-2016-10397
+CVE-2016-10397 (In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of vari ...)
 	{DLA-1034-1}
 	- php7.1 <not-affected> (Fixed with initial upload to unstable)
 	- php7.0 7.0.13-1
@@ -868,7 +868,7 @@ CVE-2016-10397
 	NOTE: Fixed in 7.1.0, 7.0.13, 5.6.28
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=b061fa909de77085d3822a89ab901b934d0362c4
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
-CVE-2016-10396
+CVE-2016-10396 (The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable ...)
 	{DLA-1044-1}
 	- ipsec-tools 1:0.8.2+20140711-9 (bug #867986)
 	[stretch] - ipsec-tools 1:0.8.2+20140711-8+deb9u1
@@ -877,54 +877,54 @@ CVE-2016-10396
 	NOTE: NetBSD Problem report: https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=51682
 	NOTE: Patch disputed, cf. https://bugzilla.novell.com/show_bug.cgi?id=1047443#c1
 	NOTE: Updated patch: https://anonscm.debian.org/cgit/pkg-ipsec-tools/pkg-ipsec-tools.git/plain/debian/patches/CVE-2016-10396.patch?id=62ac12648a4eb7c5ba5dba0f81998d1acf310d8b
-CVE-2016-10395
+CVE-2016-10395 (In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running Fle ...)
 	NOT-FOR-US: FlexNet Publisher
 CVE-2016-10394
 	RESERVED
 	NOT-FOR-US: Android Qualcomm closed-source components
-CVE-2016-10393
+CVE-2016-10393 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Android Qualcomm closed-source components
-CVE-2016-10392
+CVE-2016-10392 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10391
+CVE-2016-10391 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10390
+CVE-2016-10390 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10389
+CVE-2016-10389 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10388
+CVE-2016-10388 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10387
+CVE-2016-10387 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10386
+CVE-2016-10386 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10385
+CVE-2016-10385 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10384
+CVE-2016-10384 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10383
+CVE-2016-10383 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10382
+CVE-2016-10382 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10381
+CVE-2016-10381 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10380
+CVE-2016-10380 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10379
+CVE-2016-10379 (The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL  ...)
 	NOT-FOR-US: Joomla addon
-CVE-2016-10378
+CVE-2016-10378 (e107 2.1.1 allows SQL injection by remote authenticated administrators ...)
 	NOT-FOR-US: e107
-CVE-2016-10377
+CVE-2016-10377 (In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switc ...)
 	- openvswitch 2.6.1+git20161123-1
 	[jessie] - openvswitch <not-affected> (Vulnerable code using tot_len introduced later)
 	[wheezy] - openvswitch <not-affected> (Vulnerable code using tot_len introduced later)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2016-July/319503.html
-CVE-2016-10376
+CVE-2016-10376 (Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote  ...)
 	{DSA-3943-1 DLA-967-1}
 	- gajim 0.16.6-1.1 (bug #863445)
 	NOTE: https://dev.gajim.org/gajim/gajim/commit/cb65cfc5aed9efe05208ebbb7fb2d41fcf7253cc
 	NOTE: https://dev.gajim.org/gajim/gajim/issues/8378
-CVE-2016-10375
+CVE-2016-10375 (Yodl before 3.07.01 has a Buffer Over-read in the queue_push function  ...)
 	{DLA-976-1}
 	- yodl 3.07.01-1
 	[jessie] - yodl <no-dsa> (Minor issue)
@@ -932,13 +932,13 @@ CVE-2016-10375
 	NOTE: https://github.com/fbb-git/yodl/commit/fd85f8c94182558ff1480d06a236d6fb927979a3
 CVE-2016-10373
 	REJECTED
-CVE-2016-10372
+CVE-2016-10372 (The Eir D1000 modem does not properly restrict the TR-064 protocol, wh ...)
 	NOT-FOR-US: Eir D1000 modem
-CVE-2016-10374
+CVE-2016-10374 (perltidy through 20160302, as used by perlcritic, check-all-the-things ...)
 	- perltidy 20140328-2 (bug #862667)
 	[jessie] - perltidy <no-dsa> (Minor issue; can be fixed via point release)
 	[wheezy] - perltidy <no-dsa> (Minor issue)
-CVE-2016-10371
+CVE-2016-10371 (The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in ...)
 	{DLA-969-1}
 	- tiff 4.0.7-7 (low; bug #862929)
 	[jessie] - tiff 4.0.3-12.3+deb8u5
@@ -947,9 +947,9 @@ CVE-2016-10371
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2535
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2612
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/0abd094b6e5079c4d8be733829240491cb230f3d
-CVE-2016-10370
+CVE-2016-10370 (An issue was discovered on OnePlus devices such as the 3T. The OnePlus ...)
 	NOT-FOR-US: OnePlus
-CVE-2016-10369
+CVE-2016-10369 (unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a so ...)
 	{DLA-935-1}
 	- lxterminal 0.3.0-2 (low; bug #862098)
 	[jessie] - lxterminal 0.2.0-1+deb8u1
@@ -984,23 +984,23 @@ CVE-2016-1000361
 	REJECTED
 CVE-2016-1000360
 	REJECTED
-CVE-2016-1000338
+CVE-2016-1000338 (In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does no ...)
 	{DLA-1418-1}
 	- bouncycastle 1.56-1
 	NOTE: https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0
-CVE-2016-10368
+CVE-2016-10368 (Open redirect vulnerability in Opsview Monitor Pro (Prior to 5.1.0.162 ...)
 	NOT-FOR-US: Opsview Monitor Pro
-CVE-2016-10367
+CVE-2016-10367 (In Opsview Monitor Pro (Prior to 5.1.0.162300841, prior to 5.0.2.27475 ...)
 	NOT-FOR-US: Opsview Monitor Pro
-CVE-2016-10366
+CVE-2016-10366 (Kibana versions after and including 4.3 and before 4.6.2 are vulnerabl ...)
 	- kibana <itp> (bug #700337)
-CVE-2016-10365
+CVE-2016-10365 (Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerabi ...)
 	- kibana <itp> (bug #700337)
-CVE-2016-10364
+CVE-2016-10364 (With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not proper ...)
 	NOT-FOR-US: Kibana addon
-CVE-2016-10363
+CVE-2016-10363 (Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, ...)
 	- logstash <itp> (bug #664841)
-CVE-2016-10362
+CVE-2016-10362 (Prior to Logstash version 5.0.1, Elasticsearch Output plugin when upda ...)
 	- logstash <itp> (bug #664841)
 CVE-2016-10361
 	REJECTED
@@ -1022,110 +1022,110 @@ CVE-2016-10353
 	REJECTED
 CVE-2016-10352
 	REJECTED
-CVE-2016-10351
+CVE-2016-10351 (Telegram Desktop 0.10.19 uses 0755 permissions for $HOME/.TelegramDesk ...)
 	- telegram-desktop 1.1.19-2
 	NOTE: https://github.com/telegramdesktop/tdesktop/issues/2666
-CVE-2016-10350
+CVE-2016-10350 (The archive_read_format_cab_read_header function in archive_read_suppo ...)
 	{DSA-4360-1 DLA-1600-1 DLA-1006-1}
 	- libarchive 3.2.2-3.1 (bug #861609)
 	NOTE: https://github.com/libarchive/libarchive/issues/835
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3 (v3.3.0)
-CVE-2016-10349
+CVE-2016-10349 (The archive_le32dec function in archive_endian.h in libarchive 3.2.2 a ...)
 	{DSA-4360-1 DLA-1600-1 DLA-1006-1}
 	- libarchive 3.2.2-3.1 (bug #861609)
 	NOTE: https://github.com/libarchive/libarchive/issues/834
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3 (v3.3.0)
 CVE-2016-10348
 	RESERVED
-CVE-2016-10347
+CVE-2016-10347 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10346
+CVE-2016-10346 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10345
+CVE-2016-10345 (In Phusion Passenger before 5.1.0, a known /tmp filename was used duri ...)
 	- passenger <unfixed> (unimportant)
 	NOTE: https://github.com/phusion/passenger/commit/e5b4b0824d6b648525b4bf63d9fa37e5beeae441
 	NOTE: Source present, but passenger-install-nginx-module not installed
-CVE-2016-10344
+CVE-2016-10344 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10343
+CVE-2016-10343 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10342
+CVE-2016-10342 (In all Android releases from CAF using the Linux kernel, a buffer over ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10341
+CVE-2016-10341 (In all Android releases from CAF using the Linux kernel, 3rd party TEE ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10340
+CVE-2016-10340 (In all Android releases from CAF using the Linux kernel, an integer un ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10339
+CVE-2016-10339 (In all Android releases from CAF using the Linux kernel, HLOS can over ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10338
+CVE-2016-10338 (In all Android releases from CAF using the Linux kernel, there was an  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10337
+CVE-2016-10337 (In all Android releases from CAF using the Linux kernel, some validati ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10336
+CVE-2016-10336 (In all Android releases from CAF using the Linux kernel, some regions  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10335
+CVE-2016-10335 (In all Android releases from CAF using the Linux kernel, libtomcrypt w ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10334
+CVE-2016-10334 (In all Android releases from CAF using the Linux kernel, a dynamically ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10333
+CVE-2016-10333 (In all Android releases from CAF using the Linux kernel, a sensitive s ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10332
+CVE-2016-10332 (In all Android releases from CAF using the Linux kernel, stack protect ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10331
+CVE-2016-10331 (Directory traversal vulnerability in download.php in Synology Photo St ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2016-10330
+CVE-2016-10330 (Directory traversal vulnerability in synophoto_dsm_user, a SUID progra ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2016-10329
+CVE-2016-10329 (Command injection vulnerability in login.php in Synology Photo Station ...)
 	NOT-FOR-US: Synology Photo Station
 CVE-2016-1000259
 	REJECTED
 CVE-2016-1000258
 	REJECTED
-CVE-2016-10328
+CVE-2016-10328 (FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a he ...)
 	- freetype <not-affected> (Only affected head for about a day, see bug #860303)
 	NOTE: Introduced with: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=010e0614f2effe058855aacfc3e61c71e1cb5739
 	NOTE: Fixed with http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8
 	NOTE: http://savannah.nongnu.org/bugs/?func=detailitem&item_id=49858
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289
-CVE-2016-10327
+CVE-2016-10327 (LibreOffice before 2016-12-22 has an out-of-bounds write caused by a h ...)
 	- libreoffice 1:5.2.5-1
 	[jessie] - libreoffice <not-affected> (Vulnerable code not present)
 	[wheezy] - libreoffice <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416
-CVE-2016-10326
+CVE-2016-10326 (In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a h ...)
 	{DSA-3879-1 DLA-898-1}
 	- libosip2 4.1.0-2.1 (bug #860287)
 	NOTE: https://savannah.gnu.org/support/index.php?109132
 	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/osip.git/commit/?id=b9dd097b5b24f5ee54b0a8739e59641cd51b6ead
-CVE-2016-10325
+CVE-2016-10325 (In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a h ...)
 	{DSA-3879-1 DLA-898-1}
 	- libosip2 4.1.0-2.1 (bug #860287)
 	NOTE: https://savannah.gnu.org/support/index.php?109131
 	NOTE: https://git.savannah.gnu.org/cgit/osip.git/commit/?id=1d9fb1d3a71cc85ef95352e549b140c706cf8696
-CVE-2016-10324
+CVE-2016-10324 (In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a h ...)
 	{DSA-3879-1 DLA-898-1}
 	- libosip2 4.1.0-2.1 (bug #860287)
 	NOTE: https://savannah.gnu.org/support/index.php?109133
 	NOTE: https://git.savannah.gnu.org/cgit/osip.git/commit/?id=7e0793e15e21f68337e130c67b031ca38edf055f
-CVE-2016-10323
+CVE-2016-10323 (Synology Photo Station before 6.3-2958 allows local users to gain priv ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2016-10322
+CVE-2016-10322 (Synology Photo Station before 6.3-2958 allows remote authenticated gue ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2016-10320
+CVE-2016-10320 (textract before 1.5.0 allows OS Command Injection attacks via a filena ...)
 	NOT-FOR-US: textract
-CVE-2016-10319
+CVE-2016-10319 (In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC c ...)
 	NOT-FOR-US: ARM
-CVE-2016-1000307
+CVE-2016-1000307 (Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8 ...)
 	NOT-FOR-US: ClipBucket
 CVE-2016-1000306
 	REJECTED
-CVE-2016-7443
+CVE-2016-7443 (Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspe ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-10318
+CVE-2016-10318 (A missing authorization check in the fscrypt_process_policy function i ...)
 	- linux 4.7.4-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2016-10317
+CVE-2016-10317 (The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex S ...)
 	- ghostscript 9.22~dfsg-2.1 (bug #860869)
 	[stretch] - ghostscript 9.20~dfsg-3.2+deb9u2
 	[jessie] - ghostscript 9.06~dfsg-2+deb8u7
@@ -1137,15 +1137,15 @@ CVE-2016-10317
 	NOTE: affected, it even segfaults. But with wheezy 9.05~dfsg-6.3+deb7u2
 	NOTE: and jessie 9.06~dfsg-2+deb8u4, we have no segfault and valgrind
 	NOTE: reports no buffer overrun. -- Raphael Hertzog
-CVE-2016-10316
+CVE-2016-10316 (Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Ai ...)
 	NOT-FOR-US: Jensen of Scandinavia AS Air:Link 3G
-CVE-2016-10315
+CVE-2016-10315 (Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Ai ...)
 	NOT-FOR-US: Jensen of Scandinavia AS Air:Link 3G
-CVE-2016-10314
+CVE-2016-10314 (Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Ai ...)
 	NOT-FOR-US: Jensen of Scandinavia AS Air:Link 3G
-CVE-2016-10313
+CVE-2016-10313 (Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Ai ...)
 	NOT-FOR-US: Jensen of Scandinavia AS Air:Link 3G
-CVE-2016-10312
+CVE-2016-10312 (Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Ai ...)
 	NOT-FOR-US: Jensen of Scandinavia AS Air:Link 3G
 CVE-2016-1000351
 	REJECTED
@@ -1157,21 +1157,21 @@ CVE-2016-1000348
 	REJECTED
 CVE-2016-1000268
 	REJECTED
-CVE-2016-10311
+CVE-2016-10311 (Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows re ...)
 	NOT-FOR-US: SAP
-CVE-2016-10310
+CVE-2016-10310 (Buffer overflow in the MobiLink Synchronization Server component in SA ...)
 	NOT-FOR-US: MobiLink Synchronization Server
-CVE-2016-10309
+CVE-2016-10309 (In the GUI of Ceragon FibeAir IP-10 (before 7.2.0) devices, a remote a ...)
 	NOT-FOR-US: Ceragon FibeAir
-CVE-2016-10308
+CVE-2016-10308 (Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built- ...)
 	NOT-FOR-US: Siklu EtherHaul
-CVE-2016-10307
+CVE-2016-10307 (Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and S ...)
 	NOT-FOR-US: Trango
-CVE-2016-10306
+CVE-2016-10306 (Trango Altum AC600 devices have a built-in, hidden root account, with  ...)
 	NOT-FOR-US: Trango
-CVE-2016-10305
+CVE-2016-10305 (Trango Apex &lt;= 2.1.1, ApexLynx &lt; 2.0, ApexOrion &lt; 2.0, ApexPl ...)
 	NOT-FOR-US: Trango
-CVE-2016-10304
+CVE-2016-10304 (The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remot ...)
 	NOT-FOR-US: SAP
 CVE-2016-10303
 	RESERVED
@@ -1181,45 +1181,45 @@ CVE-2016-10301
 	RESERVED
 CVE-2016-10300
 	RESERVED
-CVE-2016-10299
+CVE-2016-10299 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10298
+CVE-2016-10298 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10297
+CVE-2016-10297 (In TrustZone in all Android releases from CAF using the Linux kernel,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10296
+CVE-2016-10296 (An information disclosure vulnerability in the Qualcomm shared memory  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10295
+CVE-2016-10295 (An information disclosure vulnerability in the Qualcomm LED driver cou ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10294
+CVE-2016-10294 (An information disclosure vulnerability in the Qualcomm power driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10293
+CVE-2016-10293 (An information disclosure vulnerability in the Qualcomm video driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10292
+CVE-2016-10292 (A denial of service vulnerability in the Qualcomm Wi-Fi driver could e ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10291
+CVE-2016-10291 (An elevation of privilege vulnerability in the Qualcomm Slimbus driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10290
+CVE-2016-10290 (An elevation of privilege vulnerability in the Qualcomm shared memory  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10289
+CVE-2016-10289 (An elevation of privilege vulnerability in the Qualcomm crypto driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10288
+CVE-2016-10288 (An elevation of privilege vulnerability in the Qualcomm LED driver cou ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10287
+CVE-2016-10287 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10286
+CVE-2016-10286 (An elevation of privilege vulnerability in the Qualcomm video driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10285
+CVE-2016-10285 (An elevation of privilege vulnerability in the Qualcomm video driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10284
+CVE-2016-10284 (An elevation of privilege vulnerability in the Qualcomm video driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10283
+CVE-2016-10283 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10282
+CVE-2016-10282 (An elevation of privilege vulnerability in the MediaTek thermal driver ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-10281
+CVE-2016-10281 (An elevation of privilege vulnerability in the MediaTek thermal driver ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-10280
+CVE-2016-10280 (An elevation of privilege vulnerability in the MediaTek thermal driver ...)
 	NOT-FOR-US: Mediatek driver for Android
 CVE-2016-10279
 	RESERVED
@@ -1227,17 +1227,17 @@ CVE-2016-10279
 CVE-2016-10278
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10277
+CVE-2016-10277 (An elevation of privilege vulnerability in the Motorola bootloader cou ...)
 	NOT-FOR-US: Motorola component for Android
-CVE-2016-10276
+CVE-2016-10276 (An elevation of privilege vulnerability in the Qualcomm bootloader cou ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10275
+CVE-2016-10275 (An elevation of privilege vulnerability in the Qualcomm bootloader cou ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-10274
+CVE-2016-10274 (An elevation of privilege vulnerability in the MediaTek touchscreen dr ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-10273
+CVE-2016-10273 (Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavi ...)
 	NOT-FOR-US: Jensen of Scandinavia Air:Link Routers
-CVE-2016-10272
+CVE-2016-10272 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service (he ...)
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
@@ -1245,7 +1245,7 @@ CVE-2016-10272
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/
 	NOTE: https://github.com/vadz/libtiff/commit/9657bbe3cdce4aaa90e07d50c1c70ae52da0ba6a
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2620
-CVE-2016-10271
+CVE-2016-10271 (tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a d ...)
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
@@ -1253,7 +1253,7 @@ CVE-2016-10271
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/
 	NOTE: https://github.com/vadz/libtiff/commit/9657bbe3cdce4aaa90e07d50c1c70ae52da0ba6a
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2620
-CVE-2016-10270
+CVE-2016-10270 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service (he ...)
 	{DSA-3844-1}
 	- tiff 4.0.7-2 (bug #846837)
 	[wheezy] - tiff 4.0.2-6+deb7u9
@@ -1262,7 +1262,7 @@ CVE-2016-10270
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/
 	NOTE: https://github.com/vadz/libtiff/commit/9a72a69e035ee70ff5c41541c8c61cd97990d018
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2608
-CVE-2016-10269
+CVE-2016-10269 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service (he ...)
 	{DSA-3844-1 DLA-877-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
@@ -1270,7 +1270,7 @@ CVE-2016-10269
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/
 	NOTE: https://github.com/vadz/libtiff/commit/1044b43637fa7f70fb19b93593777b78bd20da86
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2604
-CVE-2016-10268
+CVE-2016-10268 (tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a den ...)
 	{DLA-877-1}
 	- tiff 4.0.7-2 (unimportant)
 	- tiff3 <removed> (unimportant)
@@ -1279,7 +1279,7 @@ CVE-2016-10268
 	NOTE: https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2598
 	NOTE: Crash in CLI tool not treated as a security issue
-CVE-2016-10267
+CVE-2016-10267 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service (di ...)
 	{DSA-3844-1 DLA-877-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
@@ -1287,7 +1287,7 @@ CVE-2016-10267
 	NOTE: https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-divide-by-zero/
 	NOTE: https://github.com/vadz/libtiff/commit/43bc256d8ae44b92d2734a3c5bc73957a4d7c1ec
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2611
-CVE-2016-10266
+CVE-2016-10266 (LibTIFF 4.0.7 allows remote attackers to cause a denial of service (di ...)
 	{DSA-3844-1 DLA-877-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
@@ -1307,56 +1307,56 @@ CVE-2016-10261
 	RESERVED
 CVE-2016-10260
 	RESERVED
-CVE-2016-10259
+CVE-2016-10259 (Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and ...)
 	NOT-FOR-US: Blue Coat
-CVE-2016-10258
+CVE-2016-10258 (Unrestricted file upload vulnerability in the Symantec Advanced Secure ...)
 	NOT-FOR-US: Symantec
-CVE-2016-10257
+CVE-2016-10257 (The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 6.7. ...)
 	NOT-FOR-US: Symantec
-CVE-2016-10256
+CVE-2016-10256 (The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6 ...)
 	NOT-FOR-US: Symantec
-CVE-2016-10255
+CVE-2016-10255 (The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils  ...)
 	- elfutils 0.168-0.2 (low)
 	[jessie] - elfutils <no-dsa> (Minor issue)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: 0.168-0.2 first version uploaded to unstable
 	NOTE: https://blogs.gentoo.org/ago/2016/11/04/elfutils-memory-allocation-failure-in-__libelf_set_rawdata_wrlock-elf_getdata-c/
 	NOTE: https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=09ec02ec7f7e6913d10943148e2a898264345b07
-CVE-2016-10254
+CVE-2016-10254 (The allocate_elf function in common.h in elfutils before 0.168 allows  ...)
 	- elfutils 0.168-0.2 (low)
 	[jessie] - elfutils <no-dsa> (Minor issue)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: 0.168-0.2 first version uploaded to unstable
 	NOTE: https://blogs.gentoo.org/ago/2016/11/04/elfutils-memory-allocation-failure-in-allocate_elf-common-h/
 	NOTE: https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=191000fdedba3fafe4d5b8cddad3f3318b49c3fb
-CVE-2016-10253
+CVE-2016-10253 (An issue was discovered in Erlang/OTP 18.x. Erlang's generation of com ...)
 	- erlang 1:19.2.1+dfsg-2 (bug #858313)
 	[jessie] - erlang 1:17.3-dfsg-4+deb8u1
 	[wheezy] - erlang <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/erlang/otp/pull/1108
-CVE-2016-10252
+CVE-2016-10252 (Memory leak in the IsOptionMember function in MagickCore/option.c in I ...)
 	{DSA-3808-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #857426)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b
-CVE-2016-10251
+CVE-2016-10251 (Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in Jas ...)
 	{DSA-3827-1 DLA-920-1}
 	- jasper <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/04/11
 	NOTE: https://github.com/mdadams/jasper/commit/1f0dfe5a42911b6880a1445f13f6d615ddb55387
 	NOTE: https://github.com/asarubbo/poc/blob/master/00029-jasper-uninitvalue-jpc_pi_nextcprl
-CVE-2016-10248
+CVE-2016-10248 (The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900. ...)
 	- jasper <removed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/20/5
 	NOTE: Not suitable for code injection, hardly denial of service
 	NOTE: https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd
-CVE-2016-10247
+CVE-2016-10247 (Buffer overflow in the my_getline function in jstest_main.c in Mujstes ...)
 	- mupdf <unfixed> (unimportant)
 	[wheezy] - mupdf <not-affected> (Vulnerable code not present)
 	NOTE: Although jstest_main.c compiled during build and mujstest is created
 	NOTE: it is not included in the produced binary packages
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/16/19
-CVE-2016-10246
+CVE-2016-10246 (Buffer overflow in the main function in jstest_main.c in Mujstest in A ...)
 	- mupdf <unfixed> (unimportant)
 	[wheezy] - mupdf <not-affected> (Vulnerable code not present)
 	NOTE: Although jstest_main.c compiled during build and mujstest is created
@@ -1364,20 +1364,20 @@ CVE-2016-10246
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/16/20
 CVE-2016-10245
 	RESERVED
-CVE-2016-10244
+CVE-2016-10244 (The parse_charstrings function in type1/t1load.c in FreeType 2 before  ...)
 	{DSA-3839-1 DLA-848-1}
 	[experimental] - freetype 2.7.1-0.1
 	- freetype 2.6.3-3.1 (bug #856971)
 	NOTE: Fixed in 2.7: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a660e3de422731b94d4a134d27555430cbb6fb39 (VER-2-7)
-CVE-2016-10243
+CVE-2016-10243 (TeX Live allows remote attackers to execute arbitrary commands by leve ...)
 	{DSA-3803-1 DLA-847-1}
 	- texlive-bin <unfixed> (unimportant)
 	- texlive-base 2016.20161130-1
 	NOTE: https://scumjr.github.io/2016/11/28/pwning-coworkers-thanks-to-latex/
 	NOTE: http://www.tug.org/svn/texlive?view=revision&revision=42605
-CVE-2016-10242
+CVE-2016-10242 (A time-of-check time-of-use race condition could potentially exist in  ...)
 	NOT-FOR-US: Qualcomm component/driver for Android
 CVE-2016-10241
 	RESERVED
@@ -1385,32 +1385,32 @@ CVE-2016-10241
 CVE-2016-10240
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10239
+CVE-2016-10239 (In TrustZone access control policy may potentially be bypassed in all  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10238
+CVE-2016-10238 (In QSEE in all Android releases from CAF using the Linux kernel access ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10237
+CVE-2016-10237 (If shared content protection memory were passed as the secure camera m ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-10236
+CVE-2016-10236 (An information disclosure vulnerability in the Qualcomm USB driver. Pr ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10235
+CVE-2016-10235 (A denial of service vulnerability in the Qualcomm WiFi driver. Product ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10234
+CVE-2016-10234 (An information disclosure vulnerability in the Qualcomm IPA driver. Pr ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10233
+CVE-2016-10233 (An elevation of privilege vulnerability in the Qualcomm video driver.  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10232
+CVE-2016-10232 (An elevation of privilege vulnerability in the Qualcomm video driver.  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10231
+CVE-2016-10231 (An elevation of privilege vulnerability in the Qualcomm sound codec dr ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10230
+CVE-2016-10230 (A remote code execution vulnerability in the Qualcomm crypto driver. P ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-10229
+CVE-2016-10229 (udp.c in the Linux kernel before 4.5 allows remote attackers to execut ...)
 	- linux 4.5.1-1 (bug #808293)
 	[jessie] - linux 3.16.7-ckt20-1+deb8u2
 	[wheezy] - linux 3.2.73-2+deb7u2
 	NOTE: Fixed by: https://git.kernel.org/linus/197c949e7798fbf28cfadc69d9ca0c2abbf93191 (v4.5-rc1)
-CVE-2016-10228
+CVE-2016-10228 (The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and e ...)
 	- glibc <unfixed> (low; bug #856503)
 	[buster] - glibc <no-dsa> (Minor issue)
 	[stretch] - glibc <no-dsa> (Minor issue)
@@ -1418,130 +1418,130 @@ CVE-2016-10228
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19519
-CVE-2016-10227
+CVE-2016-10227 (Zyxel USG50 Security Appliance and NWA3560-N Access Point allow remote ...)
 	NOT-FOR-US: Zyxel
-CVE-2016-10226
+CVE-2016-10226 (JavaScriptCore in WebKit, as distributed in Safari Technology Preview  ...)
 	- webkitgtk <removed> (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-10225
+CVE-2016-10225 (The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and ...)
 	NOT-FOR-US: sunxi-debug driver in Allwinner kernel
-CVE-2016-10224
+CVE-2016-10224 (An issue was discovered in Sauter NovaWeb web HMI. The application use ...)
 	NOT-FOR-US: Sauter NovaWeb
-CVE-2016-10223
+CVE-2016-10223 (An issue was discovered in BigTree CMS before 4.2.15. The vulnerabilit ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2016-10222
+CVE-2016-10222 (runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in  ...)
 	- webkitgtk <removed> (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-10221
+CVE-2016-10221 (The count_entries function in pdf-layer.c in Artifex Software, Inc. Mu ...)
 	- mupdf <not-affected> (Vulnerable code not yet present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697400
-CVE-2016-10220
+CVE-2016-10220 (The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Soft ...)
 	{DSA-3838-1 DLA-905-1}
 	- ghostscript 9.20~dfsg-3.1 (bug #859694)
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?daf85701dab05f17e924a48a81edc9195b4a04e8
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697450
-CVE-2016-10219
+CVE-2016-10219 (The intersect function in base/gxfill.c in Artifex Software, Inc. Ghos ...)
 	{DSA-3838-1 DLA-905-1}
 	- ghostscript 9.20~dfsg-3.1 (bug #859666)
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?4bef1a1d32e29b68855616020dbff574b9cda08f
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697453
-CVE-2016-10218
+CVE-2016-10218 (The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF ...)
 	- ghostscript <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d621292fb2c8157d9899dcd83fd04dd250e30fe4
 	NOTE: Introduced by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=47294ff5b168d25bfc7db64f51572d64b8ebde91
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697444
-CVE-2016-10217
+CVE-2016-10217 (The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Gh ...)
 	- ghostscript 9.20~dfsg-3.1 (bug #859662)
 	[jessie] - ghostscript <not-affected> (pdf14_cleanup_parent_color_profiles not yet present)
 	[wheezy] - ghostscript <not-affected> (pdf14_cleanup_parent_color_profiles not yet present)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=90fd0c7ca3efc1ddff64a86f4104b13b3ac969eb
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697456
-CVE-2016-10216
+CVE-2016-10216 (An issue was discovered in IT ITems DataBase (ITDB) through 1.23. The  ...)
 	NOT-FOR-US: IT ITems DataBase
-CVE-2016-10215
+CVE-2016-10215 (An issue was discovered in Fastspot BigTree bigtree-form-builder befor ...)
 	NOT-FOR-US: Fastspot BigTree bigtree-form-builder
-CVE-2016-10214
+CVE-2016-10214 (Memory leak in the virgl_resource_attach_backing function in virglrend ...)
 	- virglrenderer 0.6.0-1 (bug #854728)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=40b0e7813325b08077b6f541b3989edb2d86d837 (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1420266
-CVE-2016-10213
+CVE-2016-10213 (A10 AX1030 and possibly other devices with software before 2.7.2-P8 us ...)
 	NOT-FOR-US: A10
-CVE-2016-10212
+CVE-2016-10212 (Radware devices use the same value for the first two GCM nonces, which ...)
 	NOT-FOR-US: Radware devices
-CVE-2016-10211
+CVE-2016-10211 (libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a den ...)
 	- yara 3.5.0+dfsg-9 (bug #859821)
 	[jessie] - yara 3.1.0-2+deb8u1
 	NOTE: https://github.com/VirusTotal/yara/issues/575
-CVE-2016-10210
+CVE-2016-10210 (libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denia ...)
 	- yara 3.5.0+dfsg-9 (bug #859821)
 	[jessie] - yara 3.1.0-2+deb8u1
 	NOTE: https://github.com/VirusTotal/yara/issues/576
-CVE-2016-10209
+CVE-2016-10209 (The archive_wstring_append_from_mbs function in archive_string.c in li ...)
 	{DSA-4360-1 DLA-1600-1 DLA-1006-1}
 	- libarchive 3.2.2-3.1 (low; bug #859456)
 	NOTE: https://github.com/libarchive/libarchive/issues/842
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/42a3408ac7df1e69bea9ea12b72e14f59f7400c0 (v3.3.0)
-CVE-2016-10207
+CVE-2016-10207 (The Xvnc server in TigerVNC allows remote attackers to cause a denial  ...)
 	- tigervnc 1.7.0-1
 	NOTE: https://github.com/TigerVNC/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1023012
-CVE-2016-10200
+CVE-2016-10200 (Race condition in the L2TPv3 IP Encapsulation feature in the Linux ker ...)
 	{DLA-922-1}
 	- linux 4.8.15-1
 	[jessie] - linux 3.16.43-1
 	NOTE: Fixed by: https://git.kernel.org/linus/32c231164b762dddefa13af5a0101032c70b50ef (v4.9-rc7)
-CVE-2016-10206
+CVE-2016-10206 (Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and ...)
 	- zoneminder 1.30.4+dfsg-1 (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10205
+CVE-2016-10205 (Session fixation vulnerability in Zoneminder 1.30 and earlier allows r ...)
 	- zoneminder 1.30.4+dfsg-1 (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10204
+CVE-2016-10204 (SQL injection vulnerability in Zoneminder 1.30 and earlier allows remo ...)
 	- zoneminder 1.30.4+dfsg-1 (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10203
+CVE-2016-10203 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlie ...)
 	- zoneminder 1.30.4+dfsg-1 (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10202
+CVE-2016-10202 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlie ...)
 	- zoneminder 1.30.4+dfsg-1 (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10201
+CVE-2016-10201 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlie ...)
 	- zoneminder 1.30.4+dfsg-1 (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10208
+CVE-2016-10208 (The ext4_fill_super function in fs/ext4/super.c in the Linux kernel th ...)
 	{DLA-1200-1}
 	- linux 4.9.10-1
 	[jessie] - linux 3.16.43-1
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/3a4b77cd47bb837b8557595ec7425f281f2ca1fe (4.10-rc1)
 	NOTE: Introduced by: https://github.com/torvalds/linux/commit/952fc18ef9ec707ebdc16c0786ec360295e5ff15 (3.6-rc1)
-CVE-2016-10197
+CVE-2016-10197 (The search_make_new function in evdns.c in libevent before 2.1.6-beta  ...)
 	{DSA-3789-1 DLA-824-1}
 	- libevent 2.0.21-stable-3 (bug #854092)
 	NOTE: https://github.com/libevent/libevent/issues/332
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/17
-CVE-2016-10196
+CVE-2016-10196 (Stack-based buffer overflow in the evutil_parse_sockaddr_port function ...)
 	{DSA-3789-1 DLA-824-1}
 	- libevent 2.0.21-stable-3 (bug #854092)
 	NOTE: https://github.com/libevent/libevent/issues/318
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/17
-CVE-2016-10195
+CVE-2016-10195 (The name_parse function in evdns.c in libevent before 2.1.6-beta allow ...)
 	{DSA-3789-1 DLA-824-1}
 	- libevent 2.0.21-stable-3 (bug #854092)
 	NOTE: https://github.com/libevent/libevent/issues/317
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/17
-CVE-2016-10199
+CVE-2016-10199 (The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-p ...)
 	{DSA-3820-1}
 	- gst-plugins-good1.0 1.10.3-1 (low)
 	- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775451
-CVE-2016-10198
+CVE-2016-10198 (The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacpars ...)
 	{DSA-3820-1 DLA-828-1}
 	- gst-plugins-good1.0 1.10.3-1 (low)
 	- gst-plugins-good0.10 <unfixed> (low)
@@ -1550,54 +1550,54 @@ CVE-2016-10198
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775450
 CVE-2016-XXXX [iio-sensor-proxy: insecure dbus policy]
 	- iio-sensor-proxy 2.0-4 (bug #853951)
-CVE-2016-10192
+CVE-2016-10192 (Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0. ...)
 	- ffmpeg 7:3.2.2-1
 	- libav <not-affected> (Vulnerable code not present in libav, only in ffmpeg)
 	NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/12
-CVE-2016-10191
+CVE-2016-10191 (Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2 ...)
 	{DLA-1611-1}
 	- ffmpeg 7:3.2.2-1
 	- libav <removed>
 	NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/7d57ca4d9a75562fa32e40766211de150f8b3ee7
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/12
-CVE-2016-10190
+CVE-2016-10190 (Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8. ...)
 	{DLA-1611-1}
 	- ffmpeg 7:3.2.2-1
 	- libav <removed>
 	NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/12
-CVE-2016-10193
+CVE-2016-10193 (The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to e ...)
 	NOT-FOR-US: espeak-ruby Ruby gem
-CVE-2016-10194
+CVE-2016-10194 (The festivaltts4r gem for Ruby allows remote attackers to execute arbi ...)
 	NOT-FOR-US: festivaltts4r
-CVE-2016-10186
+CVE-2016-10186 (An issue was discovered on the D-Link DWR-932B router. /var/miniupnpd. ...)
 	NOT-FOR-US: D-Link
-CVE-2016-10185
+CVE-2016-10185 (An issue was discovered on the D-Link DWR-932B router. A secure_mode=n ...)
 	NOT-FOR-US: D-Link
-CVE-2016-10184
+CVE-2016-10184 (An issue was discovered on the D-Link DWR-932B router. qmiweb allows f ...)
 	NOT-FOR-US: D-Link
-CVE-2016-10183
+CVE-2016-10183 (An issue was discovered on the D-Link DWR-932B router. qmiweb allows d ...)
 	NOT-FOR-US: D-Link
-CVE-2016-10182
+CVE-2016-10182 (An issue was discovered on the D-Link DWR-932B router. qmiweb allows c ...)
 	NOT-FOR-US: D-Link
-CVE-2016-10181
+CVE-2016-10181 (An issue was discovered on the D-Link DWR-932B router. qmiweb provides ...)
 	NOT-FOR-US: D-Link
-CVE-2016-10180
+CVE-2016-10180 (An issue was discovered on the D-Link DWR-932B router. WPS PIN generat ...)
 	NOT-FOR-US: D-Link
-CVE-2016-10179
+CVE-2016-10179 (An issue was discovered on the D-Link DWR-932B router. There is a hard ...)
 	NOT-FOR-US: D-Link
-CVE-2016-10178
+CVE-2016-10178 (An issue was discovered on the D-Link DWR-932B router. HELODBG on port ...)
 	NOT-FOR-US: D-Link
-CVE-2016-10177
+CVE-2016-10177 (An issue was discovered on the D-Link DWR-932B router. Undocumented TE ...)
 	NOT-FOR-US: D-Link
-CVE-2016-10176
+CVE-2016-10176 (The NETGEAR WNR2000v5 router allows an administrator to perform sensit ...)
 	NOT-FOR-US: Netgear
-CVE-2016-10175
+CVE-2016-10175 (The NETGEAR WNR2000v5 router leaks its serial number when performing a ...)
 	NOT-FOR-US: Netgear
-CVE-2016-10174
+CVE-2016-10174 (The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_ ...)
 	NOT-FOR-US: Netgear
-CVE-2016-10189
+CVE-2016-10189 (BitlBee before 3.5 allows remote attackers to cause a denial of servic ...)
 	{DSA-3853-1 DLA-832-1}
 	- bitlbee 3.5-1
 	NOTE: https://bugs.bitlbee.org/ticket/1282
@@ -1606,57 +1606,57 @@ CVE-2016-10189
 	NOTE: When fixing this CVE make sure to apply as well
 	NOTE: https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441
 	NOTE: to not open CVE-2017-5668
-CVE-2016-10188
+CVE-2016-10188 (Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows re ...)
 	{DSA-3853-1 DLA-832-1}
 	- bitlbee 3.5-1
 	NOTE: https://bugs.bitlbee.org/ticket/1281
 	NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/ea902752503fc5b356d6513911081ec932d804f2 (3.5)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4
-CVE-2016-10187
+CVE-2016-10187 (The E-book viewer in calibre before 2.75 allows remote attackers to re ...)
 	{DLA-859-1}
 	- calibre 2.75.1+dfsg-1 (low; bug #853004)
 	[jessie] - calibre <no-dsa> (Minor issue)
 	NOTE: Upstream report: https://launchpad.net/bugs/1651728
 	NOTE: Upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8cce0449d1758eee585ed0d0433c
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/29/8
-CVE-2016-10173
+CVE-2016-10173 (Directory traversal vulnerability in the minitar before 0.6 and archiv ...)
 	{DSA-3778-1 DLA-808-1}
 	- ruby-minitar 0.5.4-3.1 (bug #853075)
 	- ruby-archive-tar-minitar <removed> (bug #853249)
 	NOTE: https://github.com/halostatue/minitar/issues/16
 	NOTE: https://github.com/halostatue/minitar/commit/e25205ecbb6277ae8a3df1e6a306d7ed4458b6e4
 	NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1021740
-CVE-2016-10172
+CVE-2016-10172 (The read_new_config_info function in open_utils.c in Wavpack before 5. ...)
 	- wavpack 5.0.0-2 (bug #853076)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561951/
 	NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0)
-CVE-2016-10171
+CVE-2016-10171 (The unreorder_channels function in cli/wvunpack.c in Wavpack before 5. ...)
 	- wavpack 5.0.0-2 (bug #853076)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561939/
 	NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0)
-CVE-2016-10170
+CVE-2016-10170 (The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1.0 all ...)
 	- wavpack 5.0.0-2 (bug #853076)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561921/
 	NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0)
-CVE-2016-10169
+CVE-2016-10169 (The read_code function in read_words.c in Wavpack before 5.1.0 allows  ...)
 	- wavpack 5.0.0-2 (bug #853076)
 	[jessie] - wavpack <no-dsa> (Minor issue)
 	[wheezy] - wavpack <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/wavpack/mailman/message/35557889/
 	NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0)
-CVE-2016-10166
+CVE-2016-10166 (Integer underflow in the _gdContributionsAlloc function in gd_interpol ...)
 	{DSA-3777-1}
 	- libgd2 2.2.4-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/libgd/libgd/commit/60bfb401ad5a4a8ae995dcd36372fe15c71e1a35
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
-CVE-2016-10167
+CVE-2016-10167 (The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Li ...)
 	{DSA-3777-1 DLA-804-1}
 	- php7.1 7.1.1-1 (unimportant)
 	- php7.0 7.0.15-1 (unimportant)
@@ -1667,7 +1667,7 @@ CVE-2016-10167
 	- libgd2 2.2.4-1
 	NOTE: https://github.com/libgd/libgd/commit/fe9ed49dafa993e3af96b6a5a589efeea9bfb36f
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
-CVE-2016-10168
+CVE-2016-10168 (Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) bef ...)
 	{DSA-3777-1 DLA-804-1}
 	- php7.1 7.1.1-1 (unimportant)
 	- php7.0 7.0.15-1 (unimportant)
@@ -1678,63 +1678,63 @@ CVE-2016-10168
 	- libgd2 2.2.4-1
 	NOTE: https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
-CVE-2016-10165
+CVE-2016-10165 (The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) all ...)
 	{DSA-3774-1 DLA-803-1}
 	- lcms2 2.8-4 (bug #852627)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1367357
 	NOTE: https://github.com/mm2/Little-CMS/commit/5ca71a7bc18b6897ab21d815d15e218e204581e2
-CVE-2016-10164
+CVE-2016-10164 (Multiple integer overflows in libXpm before 3.5.12, when a program req ...)
 	{DSA-3772-1 DLA-801-1}
 	- libxpm 1:3.5.12-1
 	NOTE: Fixed by: https://cgit.freedesktop.org/xorg/lib/libXpm/commit/?id=d1167418f0fd02a27f617ec5afd6db053afbe185
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/22/2
-CVE-2016-10163
+CVE-2016-10163 (Memory leak in the vrend_renderer_context_create_internal function in  ...)
 	- virglrenderer 0.6.0-1 (bug #852603)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=747a293ff6055203e529f083896b823e22523fe7 (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415944
-CVE-2016-10162
+CVE-2016-10162 (The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x befo ...)
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
 	NOTE: PHP Bug: http://bugs.php.net/73831
 	NOTE: Fixed in 7.0.15, 7.1.1
-CVE-2016-10161
+CVE-2016-10161 (The object_common1 function in ext/standard/var_unserializer.c in PHP  ...)
 	{DSA-3783-1 DLA-818-1}
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
 	- php5 <removed>
 	NOTE: PHP Bug: http://bugs.php.net/73825
 	NOTE: Fixed in 5.6.30, 7.0.15, 7.1.1
-CVE-2016-10160
+CVE-2016-10160 (Off-by-one error in the phar_parse_pharfile function in ext/phar/phar. ...)
 	{DSA-3783-1 DLA-818-1}
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
 	- php5 <removed>
 	NOTE: PHP Bug: http://bugs.php.net/73768
 	NOTE: Fixed in 5.6.30, 7.0.15, 7.1.1
-CVE-2016-10159
+CVE-2016-10159 (Integer overflow in the phar_parse_pharfile function in ext/phar/phar. ...)
 	{DSA-3783-1 DLA-818-1}
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
 	- php5 <removed>
 	NOTE: PHP Bug: http://bugs.php.net/73764
 	NOTE: Fixed in 5.6.30, 7.0.15, 7.1.1
-CVE-2016-10158
+CVE-2016-10158 (The exif_convert_any_to_int function in ext/exif/exif.c in PHP before  ...)
 	{DSA-3783-1 DLA-818-1}
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
 	- php5 <removed>
 	NOTE: PHP Bug: http://bugs.php.net/73737
 	NOTE: Fixed in 5.6.30, 7.0.15, 7.1.1
-CVE-2016-10157
+CVE-2016-10157 (Akamai NetSession 1.9.3.1 is vulnerable to DLL Hijacking: it tries to  ...)
 	NOT-FOR-US: Akamai NetSession
-CVE-2016-10156
+CVE-2016-10156 (A flaw in systemd v228 in /src/basic/fs-util.c caused world writable s ...)
 	- systemd 229-1
 	[jessie] - systemd <not-affected> (Vulnerability introduced in v228)
 	[wheezy] - systemd <not-affected> (Vulnerability introduced in v228)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1020601
 	NOTE: Fixed by: https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e (v229)
 	NOTE: Introduced by: https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f (v228)
-CVE-2016-10155
+CVE-2016-10155 (Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-2 (low; bug #852232)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -1743,117 +1743,117 @@ CVE-2016-10155
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2016-12/msg03104.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415199
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=eb7a20a3616085d46aa6b4b4224e15587ec67e6e
-CVE-2016-10154
+CVE-2016-10154 (The smbhash function in fs/cifs/smbencrypt.c in the Linux kernel 4.9.x ...)
 	- linux 4.9.2-1
 	[jessie] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/06deeec77a5a689cc94b21a8a91a76e42176685d (v4.10-rc1)
-CVE-2016-10153
+CVE-2016-10153 (The crypto scatterlist API in the Linux kernel 4.9.x before 4.9.6 inte ...)
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/a45f795c65b479b4ba107b6ccde29b896d51ee98 (v4.10-rc1)
-CVE-2016-10152
+CVE-2016-10152 (The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls ba ...)
 	{DLA-796-1}
 	- hesiod 3.2.1-3.1 (low; bug #852093)
 	[stretch] - hesiod <no-dsa> (Minor issue)
 	[jessie] - hesiod <no-dsa> (Minor issue)
 	NOTE: https://github.com/achernya/hesiod/pull/10
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1332493
-CVE-2016-10151
+CVE-2016-10151 (The hesiod_init function in lib/hesiod.c in Hesiod 3.2.1 compares EUID ...)
 	{DLA-796-1}
 	- hesiod 3.2.1-3.1 (low; bug #852094)
 	[stretch] - hesiod <no-dsa> (Minor issue)
 	[jessie] - hesiod <no-dsa> (Minor issue)
 	NOTE: https://github.com/achernya/hesiod/pull/9
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1332508
-CVE-2016-10150
+CVE-2016-10150 (Use-after-free vulnerability in the kvm_ioctl_create_device function i ...)
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/a0f1d21c1ccb1da66629627a74059dd7f5ac9c61 (v4.9-rc8)
 	NOTE: Introduced by: https://git.kernel.org/linus/a28ebea2adc4a2bef5989a5a181ec238f59fbcad (v4.8-rc2)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1414506
-CVE-2016-10148
+CVE-2016-10148 (The wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.p ...)
 	- wordpress 4.6.1+dfsg-1
 	[jessie] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2)
 	[wheezy] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2)
 	NOTE: https://core.trac.wordpress.org/ticket/37490
 	NOTE: https://core.trac.wordpress.org/changeset/38168
-CVE-2016-10147
+CVE-2016-10147 (crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users  ...)
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/48a992727d82cb7db076fa15d372178743b1f4cd (v4.9)
-CVE-2016-10143
+CVE-2016-10143 (A vulnerability in Tiki Wiki CMS 15.2 could allow a remote attacker to ...)
 	- tikiwiki <removed>
-CVE-2016-10142
+CVE-2016-10142 (An issue was discovered in the IPv6 protocol specification, related to ...)
 	NOTE: Generic IPv6 issue
-CVE-2016-10139
+CVE-2016-10139 (An issue was discovered on BLU R1 HD devices with Shanghai Adups softw ...)
 	NOT-FOR-US: BLU
-CVE-2016-10138
+CVE-2016-10138 (An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with  ...)
 	NOT-FOR-US: BLU
-CVE-2016-10137
+CVE-2016-10137 (An issue was discovered on BLU R1 HD devices with Shanghai Adups softw ...)
 	NOT-FOR-US: BLU
-CVE-2016-10136
+CVE-2016-10136 (An issue was discovered on BLU R1 HD devices with Shanghai Adups softw ...)
 	NOT-FOR-US: BLU
-CVE-2016-10135
+CVE-2016-10135 (An issue was discovered on LG devices using the MTK chipset with L(5.0 ...)
 	NOT-FOR-US: LG
-CVE-2016-10146
+CVE-2016-10146 (Multiple memory leaks in the caption and label handling code in ImageM ...)
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.0+dfsg-2 (bug #851380)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
-CVE-2016-10140
+CVE-2016-10140 (Information disclosure and authentication bypass vulnerability exists  ...)
 	{DLA-806-1}
 	- zoneminder 1.30.4+dfsg-1 (bug #851710)
 	NOTE: https://github.com/ZoneMinder/ZoneMinder/pull/1697
 	NOTE: https://github.com/ZoneMinder/ZoneMinder/commit/6361f143878ce00659f64ce42593951d773e4e63
 	NOTE: https://github.com/ZoneMinder/ZoneMinder/commit/aa0a4d1f5ad2c493f2bed175991e92c466ac3dc4
-CVE-2016-10144
+CVE-2016-10144 (coders/ipl.c in ImageMagick allows remote attackers to have unspecific ...)
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851485)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
-CVE-2016-10145
+CVE-2016-10145 (Off-by-one error in coders/wpg.c in ImageMagick allows remote attacker ...)
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851483)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
-CVE-2016-10141
+CVE-2016-10141 (An integer overflow vulnerability was observed in the regemit function ...)
 	NOT-FOR-US: MuJS
-CVE-2016-10133
+CVE-2016-10133 (Heap-based buffer overflow in the js_stackoverflow function in jsrun.c ...)
 	NOT-FOR-US: MuJS
-CVE-2016-10132
+CVE-2016-10132 (regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a de ...)
 	NOT-FOR-US: MuJS
-CVE-2016-10131
+CVE-2016-10131 (system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote a ...)
 	- codeigniter <itp> (bug #471583)
-CVE-2016-10130
+CVE-2016-10130 (The http_connect function in transports/http.c in libgit2 before 0.24. ...)
 	- libgit2 0.25.1+really0.24.6-1 (bug #851406)
 	[jessie] - libgit2 <not-affected> (Vulnerable code not present)
 	[experimental] - cargo 0.17.0-1~exp1
 	- cargo 0.17.0-1 (bug #860990)
 	NOTE: https://github.com/libgit2/libgit2/commit/9a64e62f0f20c9cf9b2e1609f037060eb2d8eb22 (v0.25.1)
 	NOTE: https://github.com/libgit2/libgit2/commit/b5c6a1b407b7f8b952bded2789593b68b1876211 (v0.24.6)
-CVE-2016-10129
+CVE-2016-10129 (The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x bef ...)
 	- libgit2 0.25.1+really0.24.6-1 (bug #851406)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
 	[experimental] - cargo 0.17.0-1~exp1
 	- cargo 0.17.0-1 (bug #860990)
 	NOTE: https://github.com/libgit2/libgit2/commit/2fdef641fd0dd2828bd948234ae86de75221a11a (v0.25.1)
 	NOTE: https://github.com/libgit2/libgit2/commit/84d30d569ada986f3eef527cbdb932643c2dd037 (v0.24.6)
-CVE-2016-10128
+CVE-2016-10128 (Buffer overflow in the git_pkt_parse_line function in transports/smart ...)
 	- libgit2 0.25.1+really0.24.6-1 (bug #851406)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
 	[experimental] - cargo 0.17.0-1~exp1
 	- cargo 0.17.0-1 (bug #860990)
 	NOTE: https://github.com/libgit2/libgit2/commit/66e3774d279672ee51c3b54545a79d20d1ada834 (v0.25.1)
 	NOTE: https://github.com/libgit2/libgit2/commit/4ac39c76c0153d1ee6889a0984c39e97731684b2 (v0.24.6)
-CVE-2016-10126
+CVE-2016-10126 (Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0. ...)
 	NOT-FOR-US: Splunk
-CVE-2016-10125
+CVE-2016-10125 (D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded  ...)
 	NOT-FOR-US: D-Link
-CVE-2016-10127
+CVE-2016-10127 (PySAML2 allows remote attackers to conduct XML external entity (XXE) a ...)
 	- python-pysaml2 <unfixed> (low; bug #859135)
 	[buster] - python-pysaml2 <no-dsa> (Minor issue)
 	[stretch] - python-pysaml2 <no-dsa> (Minor issue)
@@ -1862,107 +1862,107 @@ CVE-2016-10127
 	NOTE: A proper fix for this issue would be to fix the underlying issue in src:libxml2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1411794#c12
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/19/5 (for the scope of the CVE)
-CVE-2016-10149
+CVE-2016-10149 (XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier a ...)
 	{DSA-3759-1}
 	- python-pysaml2 3.0.0-5 (bug #850716)
 	NOTE: https://github.com/rohe/pysaml2/pull/379
 	NOTE: https://github.com/rohe/pysaml2/commit/6e09a25d9b4b7aa7a506853210a9a14100b8bc9b
-CVE-2016-10134
+CVE-2016-10134 (SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0 ...)
 	{DSA-3802-1}
 	- zabbix 1:3.0.4+dfsg-1 (bug #850936)
 	NOTE: https://support.zabbix.com/browse/ZBX-11023
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/12/4
-CVE-2016-10124
+CVE-2016-10124 (An issue was discovered in Linux Containers (LXC) before 2016-02-22. W ...)
 	- lxc 1:2.0.0-1
 	[jessie] - lxc <no-dsa> (Minor issue)
 	[wheezy] - lxc <no-dsa> (Minor issue)
 	NOTE: https://github.com/lxc/lxc/commit/e986ea3dfa4a2957f71ae9bfaed406dd6e1ffff6
 	NOTE: https://github.com/lxc/lxc/commit/5eacdc3dbd0e45abf3cc90cf0216a7f8ee560abf (lxc-2.0.0.rc2)
-CVE-2016-10123
+CVE-2016-10123 (Firejail allows --chroot when seccomp is not supported, which might al ...)
 	- firejail 0.9.38-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/a23ac1bf390fa4c3db4ea31e6ee6100a9c511d59 (0.9.38-rc1)
-CVE-2016-10122
+CVE-2016-10122 (Firejail does not properly clean environment variables, which allows l ...)
 	- firejail 0.9.44.2-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/3b81e1f2c331644ced87d26a943b22eed6242b8f
 	NOTE: https://github.com/netblue30/firejail/commit/72bc0e145c67da24e555d868086953148c52b5fc
 	NOTE: In 0.9.44-bugfixes: https://github.com/netblue30/firejail/commit/e847207df28e181a8f590ade825b5f06d4fadf17 (0.9.44.2)
 	NOTE: In 0.9.44-bugfixes: https://github.com/netblue30/firejail/commit/18f6e9dc9b304f7aca291c3edce5122562b1e36c (0.9.44.2)
-CVE-2016-10121
+CVE-2016-10121 (Firejail uses weak permissions for /dev/shm/firejail and possibly othe ...)
 	- firejail 0.9.38-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/1cab02f5ae3c90c01fae4d1c16381820b757a3a6 (0.9.38)
-CVE-2016-10120
+CVE-2016-10120 (Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, ( ...)
 	- firejail 0.9.38-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/cd0ecfc7a7b30abde20db6dea505cd8c58e7c046 (0.9.38-rc1)
-CVE-2016-10119
+CVE-2016-10119 (Firejail uses 0777 permissions when mounting /tmp, which allows local  ...)
 	- firejail 0.9.38-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/aa28ac9e09557b833f194f594e2940919d940d1f (0.9.38)
-CVE-2016-10118
+CVE-2016-10118 (Firejail allows local users to truncate /etc/resolv.conf via a chroot  ...)
 	- firejail 0.9.44.2-1 (low)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/6144229605177764b7f3f3450c1a47f56595dc9e
 	NOTE: In 0.9.44-bugfixes: https://github.com/netblue30/firejail/commit/8b5b444c766b8d0592346decc6ed4a6d345e4f67 (0.9.44.2)
-CVE-2016-10117
+CVE-2016-10117 (Firejail does not restrict access to --tmpfs, which allows local users ...)
 	- firejail 0.9.38-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
 	NOTE: https://github.com/netblue30/firejail/commit/678cd1495457318dad39178bb646ba1b96332ddb (0.9.38-rc1)
-CVE-2016-10116
+CVE-2016-10116 (NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo  ...)
 	NOT-FOR-US: NETGEAR
-CVE-2016-10115
+CVE-2016-10115 (NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo  ...)
 	NOT-FOR-US: NETGEAR
-CVE-2016-10114
+CVE-2016-10114 (SQL injection vulnerability in the "aWeb Cart Watching System for Virt ...)
 	NOT-FOR-US: Joomla extension
 CVE-2016-10113
 	RESERVED
-CVE-2016-10112
+CVE-2016-10112 (Cross-site scripting (XSS) vulnerability in the WooCommerce plugin bef ...)
 	NOT-FOR-US: WordPress plugin woocommerce
 CVE-2016-10111
 	RESERVED
 CVE-2016-10110
 	RESERVED
-CVE-2016-10108
+CVE-2016-10108 (Unauthenticated Remote Command injection as root occurs in the Western ...)
 	NOT-FOR-US: Western Digital MyCloud NAS
-CVE-2016-10107
+CVE-2016-10107 (Unauthenticated Remote Command injection as root occurs in the Western ...)
 	NOT-FOR-US: Western Digital MyCloud NAS
-CVE-2016-10106
+CVE-2016-10106 (Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR  ...)
 	NOT-FOR-US: NETGEAR devices
-CVE-2016-10105
+CVE-2016-10105 (admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections ...)
 	- piwigo <removed>
-CVE-2016-10104
+CVE-2016-10104 (Information Disclosure can occur in sshProfiles.jsd in Hitek Software' ...)
 	NOT-FOR-US: Hitek
-CVE-2016-10103
+CVE-2016-10103 (Information Disclosure can occur in encryptionProfiles.jsd in Hitek So ...)
 	NOT-FOR-US: Hitek
-CVE-2016-10102
+CVE-2016-10102 (hitek.jar in Hitek Software's Automize uses weak encryption when encry ...)
 	NOT-FOR-US: Hitek
-CVE-2016-10101
+CVE-2016-10101 (Information Disclosure can occur in Hitek Software's Automize 10.x and ...)
 	NOT-FOR-US: Hitek
-CVE-2016-10100
+CVE-2016-10100 (Borg (aka BorgBackup) before 1.0.9 has a flaw in the way duplicate arc ...)
 	- borgbackup 1.0.9-1
 	NOTE: https://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability
-CVE-2016-10099
+CVE-2016-10099 (Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic pro ...)
 	- borgbackup 1.0.9-1
 	NOTE: https://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability
-CVE-2016-10109
+CVE-2016-10109 (Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remot ...)
 	{DSA-3752-1 DLA-778-1}
 	- pcsc-lite 1.8.20-1
 	NOTE: https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=697fe05967af7ea215bcd5d5774be587780c9e22
 	NOTE: https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=3aaab9d998b5deb16a246cc7517e44144d281d3b
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/03/2
-CVE-2016-10098
+CVE-2016-10098 (An issue was discovered on SendQuick Entera and Avera devices before 2 ...)
 	NOT-FOR-US: SendQuick Entera and Avera devices
-CVE-2016-10097
+CVE-2016-10097 (XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/ ...)
 	NOT-FOR-US: OpenAM
-CVE-2016-10096
+CVE-2016-10096 (SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 a ...)
 	NOT-FOR-US: GenixCMS
 CVE-2016-10090
 	RESERVED
-CVE-2016-10086
+CVE-2016-10086 (RESTful web services in CA Service Desk Manager 12.9 and CA Service De ...)
 	NOT-FOR-US: CA Service Desk Manager
-CVE-2016-10095
+CVE-2016-10095 (Stack-based buffer overflow in the _TIFFVGetField function in tif_dir. ...)
 	{DLA-984-1 DLA-983-1}
 	- tiff 4.0.8-2 (bug #850316)
 	[jessie] - tiff 4.0.3-12.3+deb8u4
@@ -1973,48 +1973,48 @@ CVE-2016-10095
 	NOTE: tiffsplit tool
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2625
 	NOTE: Fixes as per http://bugzilla.maptools.org/show_bug.cgi?id=2580
-CVE-2016-10094
+CVE-2016-10094 (Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools ...)
 	{DSA-3762-1}
 	- tiff 4.0.7-4
 	[wheezy] - tiff <not-affected> (vulnerable code introduced later)
 	- tiff3 <not-affected> (vulnerable code introduced later)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2640
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/c7153361a4041260719b340f73f2f76b0969235c
-CVE-2016-10093
+CVE-2016-10093 (Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7 allows remote atta ...)
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (libtiff-tools not shipped by this source package)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2610
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/787c0ee906430b772f33ca50b97b8b5ca070faec
-CVE-2016-10092
+CVE-2016-10092 (Heap-based buffer overflow in the readContigStripsIntoBuffer function  ...)
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-2
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (libtiff-tools not shipped by this source package)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2620
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/9657bbe3cdce4aaa90e07d50c1c70ae52da0ba6a
-CVE-2016-10091
+CVE-2016-10091 (Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote att ...)
 	- unrtf 0.21.9-clean-3 (bug #849705)
 	[jessie] - unrtf 0.21.5-3+deb8u1
 	[wheezy] - unrtf <no-dsa> (Minor issue)
 	NOTE: http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406
-CVE-2016-10085
+CVE-2016-10085 (admin/languages.php in Piwigo through 2.8.3 allows remote authenticate ...)
 	- piwigo <removed>
-CVE-2016-10084
+CVE-2016-10084 (admin/batch_manager.php in Piwigo through 2.8.3 allows remote authenti ...)
 	- piwigo <removed>
-CVE-2016-10083
+CVE-2016-10083 (Cross-site scripting (XSS) vulnerability in admin/plugin.php in Piwigo ...)
 	- piwigo <removed>
-CVE-2016-10082
+CVE-2016-10082 (include/functions_installer.inc.php in Serendipity through 2.0.5 is vu ...)
 	- serendipity <removed>
-CVE-2016-10081
+CVE-2016-10081 (/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote ...)
 	- shutter 0.93.1-1.3 (bug #849777)
 	[jessie] - shutter 0.92-0.1+deb8u2
 	[wheezy] - shutter <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/shutter/+bug/1652600
 CVE-2016-10080
 	RESERVED
-CVE-2016-10079
+CVE-2016-10079 (SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of ...)
 	NOT-FOR-US: SAPlpd
 CVE-2016-10078
 	RESERVED
@@ -2022,7 +2022,7 @@ CVE-2016-10077
 	RESERVED
 CVE-2016-10076
 	RESERVED
-CVE-2016-10087
+CVE-2016-10087 (The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before ...)
 	- libpng1.6 1.6.27-1 (bug #849799)
 	- libpng <removed>
 	[jessie] - libpng 1.2.50-2+deb8u3
@@ -2031,30 +2031,30 @@ CVE-2016-10087
 	NOTE: https://sourceforge.net/p/libpng/code/ci/243d4e5f3fe71740d52a53cf3dd77cc83a3430ba
 	NOTE: https://sourceforge.net/p/libpng/code/ci/812768d7a9c973452222d454634496b25ed415eb (libpng16)
 	NOTE: https://sourceforge.net/p/libpng/code/ci/794a15fad6add4d636369d0b46f603a02995b2e2/ (libpng12)
-CVE-2016-10075
+CVE-2016-10075 (The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local  ...)
 	- tqdm 4.11.2-1 (bug #849632)
 	NOTE: https://github.com/tqdm/tqdm/issues/328
-CVE-2016-10074
+CVE-2016-10074 (The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer ...)
 	{DSA-3769-1 DLA-792-1}
 	- libphp-swiftmailer 5.4.2-1.1 (bug #849626)
 	NOTE: https://legalhackers.com/advisories/SwiftMailer-Exploit-Remote-Code-Exec-CVE-2016-10074-Vuln.html
 	NOTE: https://github.com/swiftmailer/swiftmailer/issues/844
 	NOTE: Fixed by https://github.com/swiftmailer/swiftmailer/commit/e6ccf40d856af9598b76eb313b215eed25ae9e86
-CVE-2016-10073
+CVE-2016-10073 (The from method in library/core/class.email.php in Vanilla Forums befo ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2016-10072
+CVE-2016-10072 (** DISPUTED ** WampServer 3.0.6 has two files called 'wampmanager.exe' ...)
 	NOT-FOR-US: WampServer
-CVE-2016-10044
+CVE-2016-10044 (The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 do ...)
 	- linux 4.7.8-1
 	[jessie] - linux 3.16.43-1
 	[wheezy] - linux <no-dsa> (Changes required are too invasive)
-CVE-2016-10043
+CVE-2016-10043 (An issue was discovered in Radisys MRF Web Panel (SWMS) 9.0.1. The MSM ...)
 	NOT-FOR-US: Radisys MRF Web Panel
-CVE-2016-10042
+CVE-2016-10042 (Authorization Bypass in the Web interface of Arcadyan SLT-00 Star* (ak ...)
 	NOT-FOR-US: Arcadyan SLT-00 Star* devices
-CVE-2016-10041
+CVE-2016-10041 (An issue was discovered in Sprecher Automation SPRECON-E Service Progr ...)
 	NOT-FOR-US: Sprecher Automation SPRECON-E Service
-CVE-2016-10040
+CVE-2016-10040 (Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows rem ...)
 	- qt4-x11 4:4.8.7+dfsg-1 (low; bug #851058)
 	[jessie] - qt4-x11 <ignored> (Minor issue)
 	[wheezy] - qt4-x11 <ignored> (Minor issue)
@@ -2062,25 +2062,25 @@ CVE-2016-10040
 	NOTE: CVE assignment specific to http://www.openwall.com/lists/oss-security/2016/12/24/2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/24/1
 	NOTE: https://github.com/qt/qtbase/commit/f1053d94f59f053ce4acad9320df14f1fbe4faac
-CVE-2016-10039
+CVE-2016-10039 (Directory traversal in /connectors/index.php in MODX Revolution before ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2016-10038
+CVE-2016-10038 (Directory traversal in /connectors/index.php in MODX Revolution before ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2016-10037
+CVE-2016-10037 (Directory traversal in /connectors/index.php in MODX Revolution before ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2016-10036
+CVE-2016-10036 (Unrestricted file upload vulnerability in ui/artifact/upload in JFrog  ...)
 	NOT-FOR-US: JFrog Artifactory
 CVE-2016-10035
 	RESERVED
-CVE-2016-10034
+CVE-2016-10034 (The setFrom function in the Sendmail adapter in the zend-mail componen ...)
 	- zendframework <not-affected> (Vulnerable code not present in ZF1, cf. #850215)
 	NOTE: https://framework.zend.com/security/advisory/ZF2016-04
 	NOTE: https://github.com/zendframework/zendframework/commit/7c1e89815f5a9c016f4b8088e59b07cb2bf99dc0
 	NOTE: http://legalhackers.com/advisories/ZendFramework-Exploit-ZendMail-Remote-Code-Exec-CVE-2016-10034-Vuln.html
-CVE-2016-10045
+CVE-2016-10045 (The isMail transport in PHPMailer before 5.2.20 might allow remote att ...)
 	- libphp-phpmailer <not-affected> (Incomplete fix not applied)
 	NOTE: https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10045-Vuln-Patch-Bypass.html
-CVE-2016-10033
+CVE-2016-10033 (The mailSend function in the isMail transport in PHPMailer before 5.2. ...)
 	{DSA-3750-1 DLA-770-1}
 	- libphp-phpmailer 5.2.14+dfsg-2.1 (bug #849365)
 	NOTE: https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
@@ -2093,9 +2093,9 @@ CVE-2016-10033
 	NOTE: Another followup: https://github.com/PHPMailer/PHPMailer/commit/833c35fe39715c3d01934508987e97af1fbc1ba0
 CVE-2016-10032
 	RESERVED
-CVE-2016-10031
+CVE-2016-10031 (** DISPUTED ** WampServer 3.0.6 installs two services called 'wampapac ...)
 	NOT-FOR-US: WampServer
-CVE-2016-10030
+CVE-2016-10030 (The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 1 ...)
 	{DLA-921-1}
 	- slurm-llnl 16.05.8-1 (bug #850491)
 	[jessie] - slurm-llnl 14.03.9-5+deb8u1
@@ -2103,7 +2103,7 @@ CVE-2016-10030
 	NOTE: https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120ee
 CVE-2016-5103
 	REJECTED
-CVE-2016-10027
+CVE-2016-10027 (Race condition in the XMPP library in Smack before 4.1.9, when the Sec ...)
 	- libsmack-java <itp> (bug #640873)
 CVE-2016-10023
 	REJECTED
@@ -2125,12 +2125,12 @@ CVE-2016-10015
 	REJECTED
 CVE-2016-10014
 	REJECTED
-CVE-2016-9645
+CVE-2016-9645 (The fix for ikiwiki for CVE-2016-10026 was incomplete resulting in edi ...)
 	- ikiwiki 3.20161229
 	[jessie] - ikiwiki <not-affected> (Incomplete fix for CVE-2016-10026 not applied)
 	[wheezy] - ikiwiki <not-affected> (Incomplete fix for CVE-2016-10026 not applied)
 	NOTE: https://ikiwiki.info/security/#cve-2016-9645
-CVE-2016-10026
+CVE-2016-10026 (ikiwiki 3.20161219 does not properly check if a revision changes the a ...)
 	{DSA-3760-1 DLA-812-1}
 	- ikiwiki 3.20161219
 	NOTE: http://ikiwiki.info/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed/
@@ -2138,16 +2138,16 @@ CVE-2016-10026
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/7
 	NOTE: When fixing this issue make sure to apply the complete correct fix to
 	NOTE: not open ikiwiki to be vulnerable for CVE-2016-9645.
-CVE-2016-10025
+CVE-2016-10025 (VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD v ...)
 	- xen 4.8.0-1
 	[jessie] - xen <not-affected> (Vulnerable code introduced later)
 	[wheezy] - xen <not-affected> (Vulnerable code introduced later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-203.html
-CVE-2016-10024
+CVE-2016-10024 (Xen through 4.8.x allows local x86 PV guest OS kernel administrators t ...)
 	{DSA-3847-1 DLA-783-1}
 	- xen 4.8.0-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-202.html
-CVE-2016-10028
+CVE-2016-10028 (The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEM ...)
 	- qemu 1:2.10.0-1 (bug #849798; unimportant)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2158,7 +2158,7 @@ CVE-2016-10028
 	NOTE: virtio gpu (virglrenderer) and opengl, but the affected code is
 	NOTE: still present.
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=abd7f08b2353f43274b785db8c7224f082ef4d31 (v2.9.0-rc0)
-CVE-2016-10029
+CVE-2016-10029 (The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built ...)
 	- qemu 1:2.7+dfsg-1
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2172,51 +2172,51 @@ CVE-2016-9996
 	REJECTED
 CVE-2016-9995
 	REJECTED
-CVE-2016-9994
+CVE-2016-9994 (IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9993
+CVE-2016-9993 (IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9992
+CVE-2016-9992 (IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9991
+CVE-2016-9991 (IBM Sterling Order Management 9.2 through 9.5 is vulnerable to cross-s ...)
 	NOT-FOR-US: IBM
-CVE-2016-9990
+CVE-2016-9990 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vul ...)
 	NOT-FOR-US: IBM
-CVE-2016-9989
+CVE-2016-9989 (IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9988
+CVE-2016-9988 (IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9987
+CVE-2016-9987 (IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9986
+CVE-2016-9986 (IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9985
+CVE-2016-9985 (IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9984
+CVE-2016-9984 (IBM Maximo Asset Management 7.5 and 7.6 could allow a remote authentic ...)
 	NOT-FOR-US: IBM
-CVE-2016-9983
+CVE-2016-9983 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authen ...)
 	NOT-FOR-US: IBM
-CVE-2016-9982
+CVE-2016-9982 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authen ...)
 	NOT-FOR-US: IBM
-CVE-2016-9981
+CVE-2016-9981 (IBM AppScan Enterprise Edition 9.0 contains an unspecified vulnerabili ...)
 	NOT-FOR-US: IBM
-CVE-2016-9980
+CVE-2016-9980 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to ...)
 	NOT-FOR-US: IBM
-CVE-2016-9979
+CVE-2016-9979 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to ...)
 	NOT-FOR-US: IBM
-CVE-2016-9978
+CVE-2016-9978 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 could allow an a ...)
 	NOT-FOR-US: IBM
-CVE-2016-9977
+CVE-2016-9977 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote att ...)
 	NOT-FOR-US: IBM
-CVE-2016-9976
+CVE-2016-9976 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote att ...)
 	NOT-FOR-US: IBM
-CVE-2016-9975
+CVE-2016-9975 (IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cro ...)
 	NOT-FOR-US: IBM
 CVE-2016-9974
 	RESERVED
-CVE-2016-9973
+CVE-2016-9973 (IBM Jazz Foundation is vulnerable to cross-site scripting. This vulner ...)
 	NOT-FOR-US: IBM
-CVE-2016-9972
+CVE-2016-9972 (IBM QRadar 7.2 and 7.3 could allow a remote attacker to obtain sensiti ...)
 	NOT-FOR-US: IBM
 CVE-2016-9971
 	RESERVED
@@ -2226,19 +2226,19 @@ CVE-2016-9969
 	RESERVED
 CVE-2016-9968
 	RESERVED
-CVE-2016-9967
+CVE-2016-9967 (Lack of appropriate exception handling in some receivers of the Teleco ...)
 	NOT-FOR-US: Samsung
-CVE-2016-9966
+CVE-2016-9966 (Lack of appropriate exception handling in some receivers of the Teleco ...)
 	NOT-FOR-US: Samsung
-CVE-2016-9965
+CVE-2016-9965 (Lack of appropriate exception handling in some receivers of the Teleco ...)
 	NOT-FOR-US: Samsung
-CVE-2016-9962
+CVE-2016-9962 (RunC allowed additional container processes via 'runc exec' to be ptra ...)
 	- docker.io 1.13.1~ds1-2 (bug #850952)
 	- runc 0.1.1+dfsg1-2 (bug #850951)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1012568
 	NOTE: https://github.com/docker/docker/compare/v1.12.5...v1.12.6
 	NOTE: https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5
-CVE-2016-9954
+CVE-2016-9954 (The backtrack compilation code in the Irregex package (aka IrRegular E ...)
 	- chicken 4.12.0-0.2 (low; bug #851278)
 	[stretch] - chicken <no-dsa> (Minor issue)
 	[jessie] - chicken <no-dsa> (Minor issue)
@@ -2246,19 +2246,19 @@ CVE-2016-9954
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/14/18
 	NOTE: https://github.com/ashinn/irregex/commit/a16ffc86eca15fca9e40607d41de3cea9cf868f1
 	NOTE: For chicken vulnerable code in ./irregex-core.scm
-CVE-2016-9953
+CVE-2016-9953 (The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30 ...)
 	- curl <not-affected> (Windows CE specific issue)
 	NOTE: https://curl.haxx.se/docs/adv_20161221C.html
-CVE-2016-9952
+CVE-2016-9952 (The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30 ...)
 	- curl <not-affected> (Windows CE specific issue)
 	NOTE: https://curl.haxx.se/docs/adv_20161221B.html
-CVE-2016-10008
+CVE-2016-10008 (SQL injection vulnerability in the "Content Types &gt; Content Types"  ...)
 	NOT-FOR-US: dotCMS
-CVE-2016-10007
+CVE-2016-10007 (SQL injection vulnerability in the "Marketing &gt; Forms" screen in do ...)
 	NOT-FOR-US: dotCMS
-CVE-2016-10006
+CVE-2016-10006 (In OWASP AntiSamy before 1.5.5, by submitting a specially crafted inpu ...)
 	NOT-FOR-US: OWASP AntiSamy
-CVE-2016-10005
+CVE-2016-10005 (Webdynpro in SAP Solman 7.1 through 7.31 allows remote attackers to ob ...)
 	NOT-FOR-US: SAP
 CVE-2016-10004
 	RESERVED
@@ -2266,45 +2266,45 @@ CVE-2016-10001
 	RESERVED
 CVE-2016-10000
 	RESERVED
-CVE-2016-10013
+CVE-2016-10013 (Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain p ...)
 	{DSA-3847-1 DLA-783-1}
 	- xen 4.8.0-1 (bug #848713)
 	NOTE: https://xenbits.xen.org/xsa/advisory-204.html
-CVE-2016-10012
+CVE-2016-10012 (The shared memory manager (associated with pre-authentication compress ...)
 	{DLA-1500-1}
 	- openssh 1:7.4p1-1 (low; bug #848717)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	NOTE: Fixed in upstream 7.4: https://www.openssh.com/txt/release-7.4
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor.c.diff?r1=1.165&r2=1.166
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor.h.diff?r1=1.19&r2=1.20
-CVE-2016-10011
+CVE-2016-10011 (authfile.c in sshd in OpenSSH before 7.4 does not properly consider th ...)
 	{DLA-1500-1}
 	- openssh 1:7.4p1-1 (low; bug #848716)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	NOTE: Fixed in upstream 7.4: https://www.openssh.com/txt/release-7.4
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/authfile.c.diff?r1=1.121&r2=1.122
-CVE-2016-10010
+CVE-2016-10010 (sshd in OpenSSH before 7.4, when privilege separation is not used, cre ...)
 	- openssh 1:7.4p1-1 (unimportant; bug #848715)
 	NOTE: Fixed in upstream 7.4: https://www.openssh.com/txt/release-7.4
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/serverloop.c.diff?r1=1.188&r2=1.189
 	NOTE: Privilege separation is enabled in the Debian package
-CVE-2016-10009
+CVE-2016-10009 (Untrusted search path vulnerability in ssh-agent.c in ssh-agent in Ope ...)
 	{DLA-1500-1}
 	- openssh 1:7.4p1-1 (low; bug #848714)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	NOTE: Fixed in upstream 7.4: https://www.openssh.com/txt/release-7.4
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh-agent.c.diff?r1=1.214&r2=1.215
-CVE-2016-9998
+CVE-2016-9998 (SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability  ...)
 	{DLA-760-1}
 	- spip 3.1.4-2 (bug #848641)
 	[jessie] - spip 3.0.17-2+deb8u3
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23288
-CVE-2016-9997
+CVE-2016-9997 (SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability ...)
 	{DLA-760-1}
 	- spip 3.1.4-2 (bug #848641)
 	[jessie] - spip 3.0.17-2+deb8u3
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23288
-CVE-2016-10003
+CVE-2016-10003 (Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 t ...)
 	- squid3 3.5.23-1 (bug #848491)
 	[jessie] - squid3 <not-affected> (Does not affect Squid versions before 3.5.0.1)
 	[wheezy] - squid3 <not-affected> (Does not affect Squid versions before 3.5.0.1)
@@ -2318,7 +2318,7 @@ CVE-2016-10003
 	NOTE: 3.5.0.1 up to and including 3.5.22
 	NOTE: 4.0.1 up to and including 4.0.16
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/17/1
-CVE-2016-10002
+CVE-2016-10002 (Incorrect processing of responses to If-None-Modified HTTP conditional ...)
 	{DSA-3745-1 DLA-763-1}
 	- squid3 3.5.23-1 (bug #848493)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_11.txt
@@ -2336,59 +2336,59 @@ CVE-2016-10002
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/17/1
 CVE-2016-582384
 	REJECTED
-CVE-2016-9964
+CVE-2016-9964 (redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequ ...)
 	{DSA-3743-1 DLA-761-1}
 	- python-bottle 0.12.11-1 (bug #848392)
 	NOTE: Upstream bug: https://github.com/bottlepy/bottle/issues/913
 	NOTE: Upstream patch: https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54
-CVE-2016-9963
+CVE-2016-9963 (Exim before 4.87.1 might allow remote attackers to obtain the private  ...)
 	{DSA-3747-1 DLA-762-1}
 	- exim4 4.88~RC6-2
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1996
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/16/1
 	NOTE: https://exim.org/static/doc/CVE-2016-9963.txt
-CVE-2016-9961
+CVE-2016-9961 (game-music-emu before 0.6.1 mishandles unspecified integer values. ...)
 	{DSA-3735-1 DLA-750-1}
 	- game-music-emu 0.6.0-4 (bug #848071)
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1
-CVE-2016-9960
+CVE-2016-9960 (game-music-emu before 0.6.1 allows local users to cause a denial of se ...)
 	{DSA-3735-1 DLA-750-1}
 	- game-music-emu 0.6.0-4 (bug #848071)
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1
-CVE-2016-9959
+CVE-2016-9959 (game-music-emu before 0.6.1 allows remote attackers to generate out of ...)
 	{DSA-3735-1 DLA-750-1}
 	- game-music-emu 0.6.0-4 (bug #848071)
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1
-CVE-2016-9958
+CVE-2016-9958 (game-music-emu before 0.6.1 allows remote attackers to write to arbitr ...)
 	{DSA-3735-1 DLA-750-1}
 	- game-music-emu 0.6.0-4 (bug #848071)
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1
-CVE-2016-9957
+CVE-2016-9957 (Stack-based buffer overflow in game-music-emu before 0.6.1. ...)
 	{DSA-3735-1 DLA-750-1}
 	- game-music-emu 0.6.0-4 (bug #848071)
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/1
-CVE-2016-9956
+CVE-2016-9956 (The route manager in FlightGear before 2016.4.4 allows remote attacker ...)
 	{DSA-3742-1}
 	- flightgear 1:2016.4.3+dfsg-1 (bug #848114)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/14/11
-CVE-2016-9951
+CVE-2016-9951 (An issue was discovered in Apport before 2.20.4. A malicious Apport cr ...)
 	[experimental] - apport 2.20.4-1 (bug #848213)
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, as we have an explicit (bug) reference for apport
 	NOTE: https://bugs.launchpad.net/apport/+bug/1648806
 	NOTE: https://donncha.is/2016/12/compromising-ubuntu-desktop/
-CVE-2016-9950
+CVE-2016-9950 (An issue was discovered in Apport before 2.20.4. There is a path trave ...)
 	[experimental] - apport 2.20.4-1 (bug #848213)
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, as we have an explicit (bug) reference for apport
 	NOTE: https://bugs.launchpad.net/apport/+bug/1648806
 	NOTE: https://donncha.is/2016/12/compromising-ubuntu-desktop/
-CVE-2016-9949
+CVE-2016-9949 (An issue was discovered in Apport before 2.20.4. In apport/ui.py, Appo ...)
 	[experimental] - apport 2.20.4-1 (bug #848213)
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, as we have an explicit (bug) reference for apport
@@ -2406,30 +2406,30 @@ CVE-2016-9944
 	RESERVED
 CVE-2016-9943
 	RESERVED
-CVE-2016-9942
+CVE-2016-9942 (Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer  ...)
 	{DSA-3753-1 DLA-777-1}
 	- libvncserver 0.9.11+dfsg-1 (bug #850008)
 	NOTE: https://github.com/LibVNC/libvncserver/pull/137
 	NOTE: https://github.com/LibVNC/libvncserver/pull/137/commits/5fff4353f66427b467eb29e5fdc1da4f2be028bb
-CVE-2016-9941
+CVE-2016-9941 (Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServ ...)
 	{DSA-3753-1 DLA-777-1}
 	- libvncserver 0.9.11+dfsg-1 (bug #850007)
 	NOTE: https://github.com/LibVNC/libvncserver/pull/137
 	NOTE: https://github.com/LibVNC/libvncserver/pull/137/commits/5418e8007c248bf9668d22a8c1fa9528149b69f2
 CVE-2016-9940
 	RESERVED
-CVE-2016-9955
+CVE-2016-9955 (The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before ...)
 	{DLA-1298-1}
 	- simplesamlphp 1.14.11-1 (low)
 	[jessie] - simplesamlphp <no-dsa> (Minor issue)
 	NOTE: https://simplesamlphp.org/security/201612-02
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/a2326d75dd14accaac162dd2cb30aaefcc1f9205
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/14/7
-CVE-2016-9939
+CVE-2016-9939 (Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its A ...)
 	{DSA-3748-1 DLA-766-1}
 	- libcrypto++ 5.6.4-5 (bug #848009)
 	NOTE: https://github.com/weidai11/cryptopp/issues/346
-CVE-2016-9932
+CVE-2016-9932 (CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows l ...)
 	{DSA-3847-1 DLA-964-1}
 	- xen 4.8.0~rc3-1 (bug #848081)
 	NOTE: https://xenbits.xen.org/xsa/advisory-200.html
@@ -2445,15 +2445,15 @@ CVE-2016-9926
 	RESERVED
 CVE-2016-9925
 	RESERVED
-CVE-2016-9924
+CVE-2016-9924 (Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers  ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-9936
+CVE-2016-9936 (The unserialize implementation in ext/standard/var.c in PHP 7.x before ...)
 	- php7.0 7.0.14-1
 	NOTE: Fixed in PHP 7.0.14 and 7.1.0
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72978
 	NOTE: Fixed by: https://github.com/php/php-src/commit/b2af4e8868726a040234de113436c6e4f6372d17
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-9935
+CVE-2016-9935 (The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5. ...)
 	{DSA-3737-1 DLA-818-1}
 	- php7.0 7.0.14-1
 	- php5 <removed>
@@ -2461,7 +2461,7 @@ CVE-2016-9935
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73631
 	NOTE: Fixed by: https://github.com/php/php-src/commit/66fd44209d5ffcb9b3d1bc1b9fd8e35b485040c0
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-9934
+CVE-2016-9934 (ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remo ...)
 	{DSA-3732-1 DLA-818-1}
 	- php7.0 7.0.13-1
 	- php5 <removed>
@@ -2469,7 +2469,7 @@ CVE-2016-9934
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73331
 	NOTE: Fixed by: https://github.com/php/php-src/commit/6045de69c7dedcba3eadf7c4bba424b19c81d00d
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-9933
+CVE-2016-9933 (Stack consumption vulnerability in the gdImageFillToBorder function in ...)
 	{DSA-3751-1 DSA-3732-1 DLA-758-1}
 	- libgd2 2.2.2-29-g3c2b605-1 (bug #849038)
 	NOTE: This problem could be seen as a programmer fault but the fix is easy and
@@ -2484,20 +2484,20 @@ CVE-2016-9933
 	NOTE: Fixed by: https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-9937
+CVE-2016-9937 (An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x be ...)
 	- asterisk <not-affected> (Introduced in 13.12.0 but fixed with first version to unstable based on 13.12.1)
 	NOTE: Vulnerability introduced in 13.12.0, but the first upload to unstable
 	NOTE: versioned as 1:13.12.1~dfsg-1 via opus.patch removed the offending
 	NOTE: function. Thus Debian was never vulnerable.
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2016-008.html
 	NOTE: Cf. https://bugs.debian.org/847666
-CVE-2016-9938
+CVE-2016-9938 (An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 1 ...)
 	- asterisk 1:13.13.1~dfsg-1 (bug #847668)
 	[jessie] - asterisk 1:11.13.1~dfsg-2+deb8u2
 	[wheezy] - asterisk <no-dsa> (Minor issue)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2016-009.html
 	NOTE: Only applicable if a proxy is in use.
-CVE-2016-9923
+CVE-2016-9923 (Quick Emulator (Qemu) built with the 'chardev' backend support is vuln ...)
 	- qemu 1:2.8+dfsg-1 (bug #847957)
 	[jessie] - qemu <ignored> (Minor issue; too complex to backport)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -2505,7 +2505,7 @@ CVE-2016-9923
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05597.html
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=a4afa548fc6dd9842ed86639b4d37d4d1c4ad480 (v2.8.0-rc0)
-CVE-2016-9922
+CVE-2016-9922 (The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Qu ...)
 	{DLA-1497-1 DLA-765-1 DLA-764-1}
 	- qemu 1:2.8+dfsg-1 (bug #847960)
 	- qemu-kvm <removed>
@@ -2514,7 +2514,7 @@ CVE-2016-9922
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70 (v2.8.0-rc3)
 	NOTE: CVE for the "blit pitch values" issue.
 	NOTE: Should be fixed along with CVE-2014-8106
-CVE-2016-9921
+CVE-2016-9921 (Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator sup ...)
 	{DLA-1497-1 DLA-765-1 DLA-764-1}
 	- qemu 1:2.8+dfsg-1 (bug #847960)
 	- qemu-kvm <removed>
@@ -2522,13 +2522,13 @@ CVE-2016-9921
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1334398
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70 (v2.8.0-rc3)
 	NOTE: CVE for the "'cirrus_get_bpp' returns zero(0), which could lead to a divide by zero" issue.
-CVE-2016-9918
+CVE-2016-9918 (In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump ...)
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
-CVE-2016-9917
+CVE-2016-9917 (In BlueZ 5.42, a buffer overflow was observed in "read_n" function in  ...)
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
@@ -2536,93 +2536,93 @@ CVE-2016-9917
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
 CVE-2016-9906
 	REJECTED
-CVE-2016-9905
+CVE-2016-9905 (A potentially exploitable crash in "EnumerateSubDocuments" while addin ...)
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox <not-affected> (Only affects Firefox 45 ESR series)
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9905
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9905
-CVE-2016-9904
+CVE-2016-9904 (An attacker could use a JavaScript Map/Set timing attack to determine  ...)
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9904
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9904
-CVE-2016-9903
+CVE-2016-9903 (Mozilla's add-ons SDK had a world-accessible resource with an HTML inj ...)
 	- firefox 50.1.0-1
 	- firefox-esr <not-affected> (Only affects Firefox 50.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/#CVE-2016-9903
-CVE-2016-9902
+CVE-2016-9902 (The Pocket toolbar button, once activated, listens for events fired fr ...)
 	{DSA-3734-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9902
-CVE-2016-9901
+CVE-2016-9901 (HTML tags received from the Pocket server will be processed without sa ...)
 	{DSA-3734-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9901
-CVE-2016-9900
+CVE-2016-9900 (External resources that should be blocked when loaded by SVG images ca ...)
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9900
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9900
-CVE-2016-9899
+CVE-2016-9899 (Use-after-free while manipulating DOM events and removing audio elemen ...)
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9899
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9899
-CVE-2016-9898
+CVE-2016-9898 (Use-after-free resulting in potentially exploitable crash when manipul ...)
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9898
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9898
-CVE-2016-9897
+CVE-2016-9897 (Memory corruption resulting in a potentially exploitable crash during  ...)
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9897
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9897
-CVE-2016-9896
+CVE-2016-9896 (Use-after-free while manipulating the "navigator" object within WebVR. ...)
 	- firefox 50.1.0-1
 	- firefox-esr <not-affected> (Only affects Firefox 50.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/#CVE-2016-9896
-CVE-2016-9895
+CVE-2016-9895 (Event handlers on "marquee" elements were executed despite a strict Co ...)
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9895
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9895
-CVE-2016-9894
+CVE-2016-9894 (A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated duri ...)
 	- firefox 50.1.0-1
 	- firefox-esr <not-affected> (Only affects Firefox 50.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/#CVE-2016-9894
-CVE-2016-9893
+CVE-2016-9893 (Memory safety bugs were reported in Thunderbird 45.5. Some of these bu ...)
 	{DSA-3757-1 DSA-3734-1 DLA-782-1 DLA-743-1}
 	- firefox 50.1.0-1
 	- firefox-esr 45.6.0esr-1
 	- icedove 1:45.6.0-2
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9893
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9893
-CVE-2016-9892
+CVE-2016-9892 (The esets_daemon service in ESET Endpoint Antivirus for macOS before 6 ...)
 	NOT-FOR-US: ESET
-CVE-2016-9891
+CVE-2016-9891 (Cross-site scripting (XSS) vulnerability in admin/media.php and admin/ ...)
 	- dotclear <removed>
 CVE-2016-9890
 	RESERVED
-CVE-2016-9889
+CVE-2016-9889 (Some forms with the parameter geo_zoomlevel_to_found_location in Tiki  ...)
 	NOT-FOR-US: Tiki Wiki
-CVE-2016-9888
+CVE-2016-9888 (An error within the "tar_directory_for_file()" function (gsf-infile-ta ...)
 	{DLA-740-1}
 	- libgsf 1.14.41-1
 	[jessie] - libgsf <no-dsa> (Minor issue)
@@ -2631,22 +2631,22 @@ CVE-2016-9887
 	RESERVED
 CVE-2016-9886
 	REJECTED
-CVE-2016-9885
+CVE-2016-9885 (An issue was discovered in Pivotal GemFire for PCF 1.6.x versions prio ...)
 	NOT-FOR-US: Pivotal GemFire for PCF
 CVE-2016-9884
 	REJECTED
 CVE-2016-9883
 	REJECTED
-CVE-2016-9882
+CVE-2016-9882 (An issue was discovered in Cloud Foundry Foundation cf-release version ...)
 	NOT-FOR-US: Cloud Foundry Foundation cf-release
 CVE-2016-9881
 	REJECTED
-CVE-2016-9880
+CVE-2016-9880 (The GemFire broker for Cloud Foundry 1.6.x before 1.6.5 and 1.7.x befo ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-9879
+CVE-2016-9879 (An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1. ...)
 	- libspring-security-java <itp> (bug #582181)
 	NOTE: https://pivotal.io/security/cve-2016-9879
-CVE-2016-9878
+CVE-2016-9878 (An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2 ...)
 	- libspring-java 4.3.5-1 (bug #849167)
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <no-dsa> (Minor issue)
@@ -2655,7 +2655,7 @@ CVE-2016-9878
 	NOTE: Fixed by: https://github.com/spring-projects/spring-framework/commit/43bf008fbcd0d7945e2fcd5e30039bc4d74c7a98 (4.2.x branch)
 	NOTE: Fixed by: https://github.com/spring-projects/spring-framework/commit/a7dc48534ea501525f11369d369178a60c2f47d0 (3.2.x branch)
 	NOTE: https://jira.spring.io/browse/SPR-14946
-CVE-2016-9877
+CVE-2016-9877 (An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x ...)
 	{DSA-3761-1}
 	- rabbitmq-server 3.6.6-1 (bug #849849)
 	[wheezy] - rabbitmq-server <not-affected> (Vulnerable code introduced later)
@@ -2668,34 +2668,34 @@ CVE-2016-9875
 	REJECTED
 CVE-2016-9874
 	REJECTED
-CVE-2016-9873
+CVE-2016-9873 (EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a  ...)
 	NOT-FOR-US: EMC Documentum
-CVE-2016-9872
+CVE-2016-9872 (EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has Re ...)
 	NOT-FOR-US: EMC Documentum
-CVE-2016-9871
+CVE-2016-9871 (EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isil ...)
 	NOT-FOR-US: EMC Isilon
-CVE-2016-9870
+CVE-2016-9870 (EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isil ...)
 	NOT-FOR-US: EMC
-CVE-2016-9869
+CVE-2016-9869 (An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorr ...)
 	NOT-FOR-US: EMC ScaleIO
-CVE-2016-9868
+CVE-2016-9868 (An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low- ...)
 	NOT-FOR-US: EMC ScaleIO
-CVE-2016-9867
+CVE-2016-9867 (An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low- ...)
 	NOT-FOR-US: EMC ScaleIO
-CVE-2016-9919
+CVE-2016-9919 (The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through ...)
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=189851
 	NOTE: Fixed by: https://git.kernel.org/linus/79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2 (v4.9-rc8)
-CVE-2016-9912
+CVE-2016-9912 (Quick Emulator (Qemu) built with the Virtio GPU Device emulator suppor ...)
 	- qemu 1:2.8+dfsg-1 (bug #847391)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg05043.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/12
-CVE-2016-9916
+CVE-2016-9916 (Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows  ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-1 (bug #847496)
 	[wheezy] - qemu <no-dsa> (Minor issue, virtfs-proxy-helper not present)
@@ -2705,7 +2705,7 @@ CVE-2016-9916
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=898ae90a44551d25b8e956fd87372d303c82fe68 (v2.8.0-rc2)
 	NOTE: Proxy filesystem driver introduced in: http://git.qemu.org/?p=qemu.git;a=commit;h=4c793dda22213a7aba8e4d9a814e8f368a5f8bf7 (v1.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
-CVE-2016-9915
+CVE-2016-9915 (Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-1 (bug #847496)
 	[wheezy] - qemu <no-dsa> (handle driver not included during compilation)
@@ -2716,7 +2716,7 @@ CVE-2016-9915
 	NOTE: handle based fs driver introduced in: http://git.qemu.org/?p=qemu.git;a=commit;h=5f5422258e1f50f871bafcc5bfb2b498f414a310 (v1.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
 	NOTE: proxy driver not included during compilation in wheezy, see debian-lts ML: https://lists.debian.org/debian-lts/2016/12/msg00136.html
-CVE-2016-9914
+CVE-2016-9914 (Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local  ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-1 (bug #847496)
 	[wheezy] - qemu <no-dsa> (proxy and handle drivers not included during compilation)
@@ -2727,7 +2727,7 @@ CVE-2016-9914
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
 	NOTE: proxy and handle drivers not included during compilation in wheezy, so the cleanup function is never implemented:
 	NOTE: see debian-lts ML: https://lists.debian.org/debian-lts/2016/12/msg00136.html
-CVE-2016-9913
+CVE-2016-9913 (Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p ...)
 	- qemu 1:2.8+dfsg-1 (bug #847496)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2735,13 +2735,13 @@ CVE-2016-9913
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4774718e5c194026ba5ee7a28d9be49be3080e42 (v2.8.0-rc2)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
-CVE-2016-9911
+CVE-2016-9911 (Quick Emulator (Qemu) built with the USB EHCI Emulation support is vul ...)
 	{DLA-1497-1 DLA-765-1 DLA-764-1}
 	- qemu 1:2.8+dfsg-1 (bug #847951)
 	- qemu-kvm <removed>
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=791f97758e223de3290592d169f (v2.8.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/10
-CVE-2016-9907
+CVE-2016-9907 (Quick Emulator (Qemu) built with the USB redirector usb-guest support  ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-1 (bug #847953)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -2751,59 +2751,59 @@ CVE-2016-9907
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=07b026fd82d6cf11baf7d7c603c4f5f6070b35bf
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/3
 	NOTE: Leakage introduced after 1.2.50: http://git.qemu.org/?p=qemu.git;a=commit;h=fc3f6e1b106abcf6b8cf487ac8f8e5fc2fd86776
-CVE-2016-9908
+CVE-2016-9908 (Quick Emulator (Qemu) built with the Virtio GPU Device emulator suppor ...)
 	- qemu 1:2.8+dfsg-1 (bug #847400)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.gnu.org/archive/html/qemu-devel/2016-11/msg00059.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/2
-CVE-2016-9920
+CVE-2016-9920 (steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2 ...)
 	{DLA-737-1}
 	- roundcube 1.2.3+dfsg.1-1 (bug #847287)
 	NOTE: https://blog.ripstech.com/2016/roundcube-command-execution-via-email/
 	NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/f84233785ddeed01445fc855f3ae1e8a62f167e1
 	NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/aa6bf38843f51a0fc7205acc98a7b84f3c4c9c4f
-CVE-2016-9910
+CVE-2016-9910 (The serializer in html5lib before 0.99999999 might allow remote attack ...)
 	- html5lib 0.999999999-1
 	[jessie] - html5lib <no-dsa> (Minor issue)
 	[wheezy] - html5lib <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/html5lib/html5lib-python/commit/9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7
 	NOTE: https://www.sourceclear.com/registry/security/cross-site-scripting-xss-/python/sid-3068
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/5
-CVE-2016-9909
+CVE-2016-9909 (The serializer in html5lib before 0.99999999 might allow remote attack ...)
 	- html5lib 0.999999999-1
 	[jessie] - html5lib <no-dsa> (Minor issue)
 	[wheezy] - html5lib <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/html5lib/html5lib-python/commit/9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7
 	NOTE: https://www.sourceclear.com/registry/security/cross-site-scripting-xss-/python/sid-3068
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/5
-CVE-2016-9839
+CVE-2016-9839 (In MapServer before 7.0.3, OGR driver error messages are too verbose a ...)
 	{DLA-734-1}
 	- mapserver 7.0.3-1
 	[jessie] - mapserver 6.4.1-5+deb8u1
 	NOTE: https://lists.osgeo.org/pipermail/mapserver-dev/2016-December/014979.html
 	NOTE: https://github.com/mapserver/mapserver/pull/4928
 	NOTE: https://github.com/mapserver/mapserver/pull/5356
-CVE-2016-9838
+CVE-2016-9838 (An issue was discovered in components/com_users/models/registration.ph ...)
 	NOT-FOR-US: Joomla!
-CVE-2016-9837
+CVE-2016-9837 (An issue was discovered in templates/beez3/html/com_content/article/de ...)
 	NOT-FOR-US: Joomla!
-CVE-2016-9836
+CVE-2016-9836 (The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! C ...)
 	NOT-FOR-US: Joomla!
-CVE-2016-9835
+CVE-2016-9835 (Directory traversal vulnerability in file "jcss.php" in Zikula 1.3.x b ...)
 	NOT-FOR-US: Zikula
-CVE-2016-9834
+CVE-2016-9834 (An XSS vulnerability allows remote attackers to execute arbitrary clie ...)
 	NOT-FOR-US: Sophos
 CVE-2016-9833
 	RESERVED
-CVE-2016-9832
+CVE-2016-9832 (PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows ...)
 	NOT-FOR-US: ACE-ABAP
 CVE-2016-9805
 	RESERVED
-CVE-2016-9796
+CVE-2016-9796 (Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs i ...)
 	NOT-FOR-US: Alcatel-Lucent OmniVista
-CVE-2016-9795
+CVE-2016-9795 (The casrvc program in CA Common Services, as used in CA Client Automat ...)
 	NOT-FOR-US: CA Common Services
 CVE-2016-9792
 	REJECTED
@@ -2833,7 +2833,7 @@ CVE-2016-9780
 	REJECTED
 CVE-2016-9779
 	REJECTED
-CVE-2016-9778
+CVE-2016-9778 (An error in handling certain queries can cause an assertion failure wh ...)
 	- bind9 <not-affected> (Only Supported Preview Edition/Subscription Edition and 9.11.x)
 	NOTE: https://kb.isc.org/article/AA-01442/0
 CVE-2016-9771
@@ -2864,21 +2864,21 @@ CVE-2016-9759
 	REJECTED
 CVE-2016-9758
 	REJECTED
-CVE-2016-9757
+CVE-2016-9757 (In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user inte ...)
 	NOT-FOR-US: Rapid7 Nexpose
-CVE-2016-9846
+CVE-2016-9846 (QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator su ...)
 	- qemu 1:2.8+dfsg-1 (bug #847382)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg00029.html
-CVE-2016-9845
+CVE-2016-9845 (QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator su ...)
 	- qemu 1:2.8+dfsg-1 (bug #847381)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2016-11/msg00019.html
-CVE-2016-9843
+CVE-2016-9843 (The crc32_big function in crc32.c in zlib 1.2.8 might allow context-de ...)
 	- zlib 1:1.2.8.dfsg-3 (bug #847275)
 	[jessie] - zlib <no-dsa> (Minor issue)
 	[wheezy] - zlib <no-dsa> (Minor issue)
@@ -2886,7 +2886,7 @@ CVE-2016-9843
 	[stretch] - rsync <no-dsa> (Minor issue)
 	NOTE: https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811
 	NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
-CVE-2016-9842
+CVE-2016-9842 (The inflateMark function in inflate.c in zlib 1.2.8 might allow contex ...)
 	- zlib 1:1.2.8.dfsg-3 (bug #847274)
 	[jessie] - zlib <no-dsa> (Minor issue)
 	[wheezy] - zlib <no-dsa> (Minor issue)
@@ -2894,7 +2894,7 @@ CVE-2016-9842
 	[stretch] - rsync <no-dsa> (Minor issue)
 	NOTE: https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958
 	NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
-CVE-2016-9841
+CVE-2016-9841 (inffast.c in zlib 1.2.8 might allow context-dependent attackers to hav ...)
 	- zlib 1:1.2.8.dfsg-4 (bug #847270)
 	[jessie] - zlib <no-dsa> (Minor issue)
 	[wheezy] - zlib <no-dsa> (Minor issue)
@@ -2902,7 +2902,7 @@ CVE-2016-9841
 	[stretch] - rsync <no-dsa> (Minor issue)
 	NOTE: https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb
 	NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
-CVE-2016-9840
+CVE-2016-9840 (inftrees.c in zlib 1.2.8 might allow context-dependent attackers to ha ...)
 	- zlib 1:1.2.8.dfsg-3 (bug #847270)
 	[jessie] - zlib <no-dsa> (Minor issue)
 	[wheezy] - zlib <no-dsa> (Minor issue)
@@ -2910,7 +2910,7 @@ CVE-2016-9840
 	[stretch] - rsync <no-dsa> (Minor issue)
 	NOTE: https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0
 	NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
-CVE-2016-9844
+CVE-2016-9844 (Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZi ...)
 	{DLA-741-1}
 	- unzip 6.0-21 (bug #847486)
 	[jessie] - unzip 6.0-16+deb8u3
@@ -2920,54 +2920,54 @@ CVE-2016-9844
 CVE-2016-XXXX [tiffcrop: divide-by-zero in readSeparateStripsIntoBuffer when BitsPerSample is missing]
 	- tiff 4.0.7-2 (unimportant; bug #846838)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2619
-CVE-2016-9831
+CVE-2016-9831 (Heap-based buffer overflow in the parseSWF_RGBA function in parser.c i ...)
 	{DLA-799-1}
 	- ming <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libming-listswf-heap-based-buffer-overflow-in-parseswf_rgba-parser-c
-CVE-2016-9830
+CVE-2016-9830 (The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows ...)
 	{DSA-3746-1}
 	- graphicsmagick 1.3.25-6 (bug #847055)
 	[wheezy] - graphicsmagick <no-dsa> (fix too intrusive, depends on jan 15th magickresources changes)
 	NOTE: upstream patch requires major refactor from jan 2015, see https://lists.debian.org/87inpe4wgu.fsf@curie.anarc.at
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/graphicsmagick-memory-allocation-failure-in-magickrealloc-memory-c
 	NOTE: POC: https://github.com/asarubbo/poc/blob/master/00096-graphicsmagick-memalloc-MagickRealloc
-CVE-2016-9829
+CVE-2016-9829 (Heap-based buffer overflow in the parseSWF_DEFINEFONT function in pars ...)
 	{DLA-799-1}
 	- ming <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libming-listswf-heap-based-buffer-overflow-in-parseswf_definefont-parser-c
-CVE-2016-9828
+CVE-2016-9828 (The dumpBuffer function in read.c in the listswf tool in libming 0.4.7 ...)
 	{DLA-799-1}
 	- ming <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libming-listswf-null-pointer-dereference-in-dumpbuffer-read-c
-CVE-2016-9827
+CVE-2016-9827 (The _iprintf function in outputtxt.c in the listswf tool in libming 0. ...)
 	{DLA-799-1}
 	- ming <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libming-listswf-heap-based-buffer-overflow-in-_iprintf-outputtxt-c
-CVE-2016-9826
+CVE-2016-9826 (libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause ...)
 	- libav <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
 	NOTE: https://github.com/asarubbo/poc/blob/master/00041-libav-leftshift-ituh263dec_c
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=985
-CVE-2016-9825
+CVE-2016-9825 (libswscale/utils.c in libav 11.8 allows remote attackers to cause a de ...)
 	- libav <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
 	NOTE: https://github.com/asarubbo/poc/blob/master/00040-libav-leftshift-utils_c
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=984
-CVE-2016-9824
+CVE-2016-9824 (Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remo ...)
 	- libav <removed>
 	[jessie] - libav <no-dsa> (Minor issue)
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
 	NOTE: https://github.com/asarubbo/poc/blob/master/00039-libav-signedintoverflow-swscale_c
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=983
-CVE-2016-9823
+CVE-2016-9823 (libavcodec/x86/mpegvideo.c in libav 11.8 allows remote attackers to ca ...)
 	- libav <removed>
 	[jessie] - libav <no-dsa> (Minor issue)
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
 	NOTE: https://github.com/asarubbo/poc/blob/master/00038-libav-uint8_t64-outofbounds-mpegvideo
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=982
-CVE-2016-9822
+CVE-2016-9822 (Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote ...)
 	{DSA-3833-1 DLA-791-1}
 	- libav <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
@@ -2975,7 +2975,7 @@ CVE-2016-9822
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=981
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=9f0193c778175cea3fb43f17acf9b90b4d862d33 (pre 11.9)
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=15e1af0006354d6bbf0e433c5d1e8ef13c93d6d0 (pre 11.9)
-CVE-2016-9821
+CVE-2016-9821 (Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows ...)
 	{DSA-3833-1 DLA-791-1}
 	- libav <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
@@ -2983,7 +2983,7 @@ CVE-2016-9821
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=981
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=9f0193c778175cea3fb43f17acf9b90b4d862d33 (pre 11.9)
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=15e1af0006354d6bbf0e433c5d1e8ef13c93d6d0 (pre 11.9)
-CVE-2016-9820
+CVE-2016-9820 (libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to ...)
 	{DLA-791-1}
 	- libav <removed> (unimportant)
 	[jessie] - libav <not-affected> (The fixing patches are included in the upstream version)
@@ -2992,7 +2992,7 @@ CVE-2016-9820
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=980
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=e17bcfbecc268ba00cb55025095d70b1025e6c7d (pre 11.9)
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=f106f74206e69e9056130da8bddffc39f3878ac3 (pre 11.9)
-CVE-2016-9819
+CVE-2016-9819 (libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause  ...)
 	{DLA-791-1}
 	- libav <removed> (unimportant)
 	[jessie] - libav <not-affected> (The fixing patches are included in the upstream version)
@@ -3001,32 +3001,32 @@ CVE-2016-9819
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=980
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=e17bcfbecc268ba00cb55025095d70b1025e6c7d (pre 11.9)
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=f106f74206e69e9056130da8bddffc39f3878ac3 (pre 11.9)
-CVE-2016-9818
+CVE-2016-9818 (Xen through 4.7.x allows local ARM guest OS users to cause a denial of ...)
 	- xen 4.8.0-1
 	[jessie] - xen <ignored> (Minor issue)
 	[wheezy] - xen <not-affected> (ARM support introduced in 4.4)
 	NOTE: https://xenbits.xen.org/xsa/advisory-201.html
 	NOTE: CVE for fix via patch https://xenbits.xen.org/xsa/xsa201-4.patch
-CVE-2016-9817
+CVE-2016-9817 (Xen through 4.7.x allows local ARM guest OS users to cause a denial of ...)
 	- xen 4.8.0-1
 	[jessie] - xen <ignored> (Minor issue)
 	[wheezy] - xen <not-affected> (ARM support introduced in 4.4)
 	NOTE: https://xenbits.xen.org/xsa/advisory-201.html
 	NOTE: CVE for fix via patch https://xenbits.xen.org/xsa/xsa201-3.patch
 	NOTE: or https://xenbits.xen.org/xsa/xsa201-3-4.7.patch
-CVE-2016-9816
+CVE-2016-9816 (Xen through 4.7.x allows local ARM guest OS users to cause a denial of ...)
 	- xen 4.8.0-1
 	[jessie] - xen <ignored> (Minor issue)
 	[wheezy] - xen <not-affected> (ARM support introduced in 4.4)
 	NOTE: https://xenbits.xen.org/xsa/advisory-201.html
 	NOTE: CVE for fix via patch https://xenbits.xen.org/xsa/xsa201-2.patch
-CVE-2016-9815
+CVE-2016-9815 (Xen through 4.7.x allows local ARM guest OS users to cause a denial of ...)
 	- xen 4.8.0-1
 	[jessie] - xen <ignored> (Minor issue)
 	[wheezy] - xen <not-affected> (ARM support introduced in 4.4)
 	NOTE: https://xenbits.xen.org/xsa/advisory-201.html
 	NOTE: CVE for fix via patch https://xenbits.xen.org/xsa/xsa201-1.patch
-CVE-2016-9814
+CVE-2016-9814 (The validateSignature method in the SAML2\Utils class in SimpleSAMLphp ...)
 	{DLA-1298-1}
 	- simplesamlphp 1.14.10-1 (low)
 	[jessie] - simplesamlphp <no-dsa> (Minor issue)
@@ -3035,28 +3035,28 @@ CVE-2016-9814
 	NOTE: https://github.com/simplesamlphp/saml2/commit/7008b0916426212c1cc2fc238b38ab9ebff0748c
 	NOTE: only exploitable in hard to achieve conditions
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/03/5
-CVE-2016-9754
+CVE-2016-9754 (The ring_buffer_resize function in kernel/trace/ring_buffer.c in the p ...)
 	- linux 4.6.1-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/59643d1535eb220668692a5359de22545af579f6 (v4.7-rc1)
 CVE-2016-9753
 	RESERVED
-CVE-2016-9752
+CVE-2016-9752 (In Serendipity before 2.0.5, an attacker can bypass SSRF protection by ...)
 	- serendipity <removed>
-CVE-2016-9751
+CVE-2016-9751 (Cross-site scripting (XSS) vulnerability in the search results front e ...)
 	- piwigo <removed>
 	[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: Request to mark the package as unsupported in #779104
-CVE-2016-9750
+CVE-2016-9750 (IBM QRadar 7.2 and 7.3 stores user credentials in plain in clear text  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9749
+CVE-2016-9749 (IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated ...)
 	NOT-FOR-US: IBM
-CVE-2016-9748
+CVE-2016-9748 (IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive inf ...)
 	NOT-FOR-US: IBM
-CVE-2016-9747
+CVE-2016-9747 (IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9746
+CVE-2016-9746 (IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site sc ...)
 	NOT-FOR-US: IBM
 CVE-2016-9745
 	RESERVED
@@ -3068,105 +3068,105 @@ CVE-2016-9742
 	RESERVED
 CVE-2016-9741
 	RESERVED
-CVE-2016-9740
+CVE-2016-9740 (IBM QRadar 7.2 could allow a remote attacker to consume all resources  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9739
+CVE-2016-9739 (IBM Security Identity Manager Virtual Appliance stores user credential ...)
 	NOT-FOR-US: IBM
-CVE-2016-9738
+CVE-2016-9738 (IBM QRadar 7.2 and 7.3 does not require that users should have strong  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9737
+CVE-2016-9737 (IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. T ...)
 	NOT-FOR-US: IBM
-CVE-2016-9736
+CVE-2016-9736 (IBM WebSphere Application Server using malformed SOAP requests could a ...)
 	NOT-FOR-US: IBM
-CVE-2016-9735
+CVE-2016-9735 (IBM Jazz Foundation could allow an authenticated user to obtain sensit ...)
 	NOT-FOR-US: IBM
 CVE-2016-9734
 	RESERVED
-CVE-2016-9733
+CVE-2016-9733 (IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site sc ...)
 	NOT-FOR-US: IBM
-CVE-2016-9732
+CVE-2016-9732 (IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerabl ...)
 	NOT-FOR-US: IBM
-CVE-2016-9731
+CVE-2016-9731 (IBM Business Process Manager is vulnerable to cross-site scripting. Th ...)
 	NOT-FOR-US: IBM
-CVE-2016-9730
+CVE-2016-9730 (IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9729
+CVE-2016-9729 (IBM QRadar 7.2 does not perform an authentication check for a critical ...)
 	NOT-FOR-US: IBM
-CVE-2016-9728
+CVE-2016-9728 (IBM Qradar 7.2 is vulnerable to SQL injection. A remote attacker could ...)
 	NOT-FOR-US: IBM
-CVE-2016-9727
+CVE-2016-9727 (IBM QRadar 7.2 could allow a remote authenticated attacker to execute  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9726
+CVE-2016-9726 (IBM QRadar Incident Forensics 7.2 could allow a remote authenticated a ...)
 	NOT-FOR-US: IBM
-CVE-2016-9725
+CVE-2016-9725 (IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource Sha ...)
 	NOT-FOR-US: IBM
-CVE-2016-9724
+CVE-2016-9724 (IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9723
+CVE-2016-9723 (IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerabili ...)
 	NOT-FOR-US: IBM
-CVE-2016-9722
+CVE-2016-9722 (IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical r ...)
 	NOT-FOR-US: IBM QRadar
 CVE-2016-9721
 	RESERVED
-CVE-2016-9720
+CVE-2016-9720 (IBM QRadar 7.2 discloses sensitive information to unauthorized users.  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9719
+CVE-2016-9719 (IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, 1 ...)
 	NOT-FOR-US: IBM
-CVE-2016-9718
+CVE-2016-9718 (IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, 1 ...)
 	NOT-FOR-US: IBM
-CVE-2016-9717
+CVE-2016-9717 (HTTP Parameter Override is identified in the IBM Infosphere Master Dat ...)
 	NOT-FOR-US: IBM
-CVE-2016-9716
+CVE-2016-9716 (IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, a ...)
 	NOT-FOR-US: IBM
-CVE-2016-9715
+CVE-2016-9715 (IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, a ...)
 	NOT-FOR-US: IBM
-CVE-2016-9714
+CVE-2016-9714 (IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 1 ...)
 	NOT-FOR-US: IBM
 CVE-2016-9713
 	RESERVED
 CVE-2016-9712
 	RESERVED
-CVE-2016-9711
+CVE-2016-9711 (IBM Predictive Solutions Foundation (IBM Cognos Analytics 11.0) reveal ...)
 	NOT-FOR-US: IBM
-CVE-2016-9710
+CVE-2016-9710 (IBM Predictive Solutions Foundation (formerly PMQ) could allow a remot ...)
 	NOT-FOR-US: IBM
 CVE-2016-9709
 	RESERVED
 CVE-2016-9708
 	RESERVED
-CVE-2016-9707
+CVE-2016-9707 (IBM Jazz Foundation is vulnerable to a denial of service, caused by an ...)
 	NOT-FOR-US: IBM
-CVE-2016-9706
+CVE-2016-9706 (IBM Integration Bus 9.0 and 10.0 and WebSphere Message Broker SOAP FLO ...)
 	NOT-FOR-US: IBM
 CVE-2016-9705
 	RESERVED
-CVE-2016-9704
+CVE-2016-9704 (IBM Security Identity Manager Virtual Appliance is vulnerable to cross ...)
 	NOT-FOR-US: IBM
-CVE-2016-9703
+CVE-2016-9703 (IBM Security Identity Manager Virtual Appliance does not invalidate se ...)
 	NOT-FOR-US: IBM
 CVE-2016-9702
 	RESERVED
-CVE-2016-9701
+CVE-2016-9701 (IBM Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scriptin ...)
 	NOT-FOR-US: IBM
-CVE-2016-9700
+CVE-2016-9700 (IBM Jazz Foundation could allow an authenticated attacker to obtain se ...)
 	NOT-FOR-US: IBM
 CVE-2016-9699
 	RESERVED
-CVE-2016-9698
+CVE-2016-9698 (IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service ...)
 	NOT-FOR-US: IBM
-CVE-2016-9697
+CVE-2016-9697 (An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 coul ...)
 	NOT-FOR-US: IBM
-CVE-2016-9696
+CVE-2016-9696 (IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to HTML injection. A r ...)
 	NOT-FOR-US: IBM
 CVE-2016-9695
 	RESERVED
-CVE-2016-9694
+CVE-2016-9694 (IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to cross-site scriptin ...)
 	NOT-FOR-US: IBM
-CVE-2016-9693
+CVE-2016-9693 (IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download cap ...)
 	NOT-FOR-US: IBM
-CVE-2016-9692
+CVE-2016-9692 (IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to Ex ...)
 	NOT-FOR-US: IBM
-CVE-2016-9691
+CVE-2016-9691 (IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a  ...)
 	NOT-FOR-US: IBM
 CVE-2016-9690
 	REJECTED
@@ -3176,69 +3176,69 @@ CVE-2016-9688
 	REJECTED
 CVE-2016-9687
 	REJECTED
-CVE-2016-9686
+CVE-2016-9686 (The Puppet Communications Protocol (PCP) Broker incorrectly validates  ...)
 	- puppet <not-affected> (Only affects Puppet Enterprise)
-CVE-2016-9804
+CVE-2016-9804 (In BlueZ 5.42, a buffer overflow was observed in "commands_dump" funct ...)
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
-CVE-2016-9803
+CVE-2016-9803 (In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" ...)
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
-CVE-2016-9802
+CVE-2016-9802 (In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" fun ...)
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
-CVE-2016-9801
+CVE-2016-9801 (In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" functi ...)
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
-CVE-2016-9800
+CVE-2016-9800 (In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" ...)
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
-CVE-2016-9799
+CVE-2016-9799 (In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" funct ...)
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
-CVE-2016-9798
+CVE-2016-9798 (In BlueZ 5.42, a use-after-free was identified in "conf_opt" function  ...)
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
-CVE-2016-9797
+CVE-2016-9797 (In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" functio ...)
 	- bluez <unfixed> (bug #847837)
 	[stretch] - bluez <no-dsa> (Minor issue)
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
-CVE-2016-9794
+CVE-2016-9794 (Race condition in the snd_pcm_period_elapsed function in sound/core/pc ...)
 	{DLA-772-1}
 	- linux 4.7.2-1
 	[jessie] - linux 3.16.39-1
 	NOTE: https://patchwork.kernel.org/patch/8752621/
 	NOTE: Fixed by: https://git.kernel.org/linus/3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4 (v4.7-rc1)
 	NOTE: http://seclists.org/oss-sec/2016/q4/576
-CVE-2016-9793
+CVE-2016-9793 (The sock_setsockopt function in net/core/sock.c in the Linux kernel be ...)
 	{DLA-772-1}
 	- linux 4.8.15-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290
-CVE-2016-9775
+CVE-2016-9775 (The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 o ...)
 	{DSA-3739-1 DSA-3738-1 DLA-729-1 DLA-728-1}
 	- tomcat8 8.5.8-2 (bug #845385)
 	- tomcat7 7.0.72-3
@@ -3246,7 +3246,7 @@ CVE-2016-9775
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/02/5
-CVE-2016-9774
+CVE-2016-9774 (The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 ...)
 	{DSA-3739-1 DSA-3738-1 DLA-753-1 DLA-746-1}
 	- tomcat8 8.5.8-2 (bug #845393)
 	- tomcat7 7.0.72-3
@@ -3254,7 +3254,7 @@ CVE-2016-9774
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/02/5
-CVE-2016-9777
+CVE-2016-9777 (KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does  ...)
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -3262,7 +3262,7 @@ CVE-2016-9777
 	NOTE: Fixed by: https://git.kernel.org/linus/81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755 (v4.9-rc7)
 	NOTE: Introduced in: https://git.kernel.org/linus/af1bae5497b98cb99d6b0492e6981f060420a00c (v4.8-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/02/2
-CVE-2016-9776
+CVE-2016-9776 (QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Contro ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-1 (bug #846797)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -3270,35 +3270,35 @@ CVE-2016-9776
 	[wheezy] - qemu-kvm <not-affected> (Coldfire is not emulated by kvm)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg05324.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1400829
-CVE-2016-9756
+CVE-2016-9756 (arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not prop ...)
 	{DLA-772-1}
 	- linux 4.8.15-1
 	[jessie] - linux 3.16.39-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1400468
 	NOTE: Fixed by: https://git.kernel.org/linus/2117d5398c81554fbf803f5fd1dc55eb78216c0c
-CVE-2016-9755
+CVE-2016-9755 (The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 ...)
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b57da0630c9fd36ed7a20fc0f98dc82cc0777fa (v4.9-rc8)
 	NOTE: https://groups.google.com/forum/#!topic/syzkaller/GFbGpX7nTEo
-CVE-2016-9684
+CVE-2016-9684 (The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vu ...)
 	NOT-FOR-US: SonicWall
-CVE-2016-9683
+CVE-2016-9683 (The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vu ...)
 	NOT-FOR-US: SonicWall
-CVE-2016-9682
+CVE-2016-9682 (The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vu ...)
 	NOT-FOR-US: SonicWall
-CVE-2016-9681
+CVE-2016-9681 (Multiple cross-site scripting (XSS) vulnerabilities in Serendipity bef ...)
 	- serendipity <removed>
-CVE-2016-9680
+CVE-2016-9680 (Citrix Provisioning Services before 7.12 allows attackers to obtain se ...)
 	NOT-FOR-US: Citrix
-CVE-2016-9679
+CVE-2016-9679 (Citrix Provisioning Services before 7.12 allows attackers to execute a ...)
 	NOT-FOR-US: Citrix
-CVE-2016-9678
+CVE-2016-9678 (Use-after-free vulnerability in Citrix Provisioning Services before 7. ...)
 	NOT-FOR-US: Citrix
-CVE-2016-9677
+CVE-2016-9677 (Citrix Provisioning Services before 7.12 allows attackers to obtain se ...)
 	NOT-FOR-US: Citrix
-CVE-2016-9676
+CVE-2016-9676 (Buffer overflow in Citrix Provisioning Services before 7.12 allows att ...)
 	NOT-FOR-US: Citrix
 CVE-2016-9674
 	REJECTED
@@ -3349,17 +3349,17 @@ CVE-2016-9652
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-9651
+CVE-2016-9651 (A missing check for whether a property of a JS object is private in V8 ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-9650
+CVE-2016-9650 (Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linu ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-9772
+CVE-2016-9772 (OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive ...)
 	{DLA-733-1}
 	- openafs 1.6.20-1 (bug #846922)
 	[jessie] - openafs 1.6.9-2+deb8u6
@@ -3367,7 +3367,7 @@ CVE-2016-9772
 	NOTE: Upstream patch: https://www.openafs.org/pages/security/openafs-sa-2016-003-master.patch (master)
 	NOTE: Upstream patch: https://www.openafs.org/pages/security/openafs-sa-2016-003.patch
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/01/12
-CVE-2016-9685
+CVE-2016-9685 (Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the  ...)
 	- linux 4.5.1-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux 3.2.81-1
@@ -3378,24 +3378,24 @@ CVE-2016-9648
 	REJECTED
 CVE-2016-9647
 	REJECTED
-CVE-2016-9646
+CVE-2016-9646 (ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder-&gt; ...)
 	{DSA-3760-1 DLA-812-1}
 	- ikiwiki 3.20161229
 	NOTE: https://ikiwiki.info/security/#cve-2016-9646
-CVE-2016-9643
+CVE-2016-9643 (The regex code in Webkit 2.4.11 allows remote attackers to cause a den ...)
 	- webkitgtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/26/2
-CVE-2016-9642
+CVE-2016-9642 (JavaScriptCore in WebKit allows attackers to cause a denial of service ...)
 	- webkitgtk <removed> (unimportant)
 	NOTE: Not covered by security support
 CVE-2016-9641
 	RESERVED
 CVE-2016-9640
 	RESERVED
-CVE-2016-9638
+CVE-2016-9638 (In BMC Patrol before 9.13.10.02, the binary "listguests64" is configur ...)
 	NOT-FOR-US: BMC Patrol
-CVE-2016-9637
+CVE-2016-9637 (The (1) ioport_read and (2) ioport_write functions in Xen, when qemu i ...)
 	{DLA-1270-1}
 	- qemu <not-affected> (Vulnerability specific to Xen)
 	- qemu-kvm <not-affected> (Vulnerability specific to Xen)
@@ -3430,21 +3430,21 @@ CVE-2016-9608
 	REJECTED
 CVE-2016-9607
 	REJECTED
-CVE-2016-9606
+CVE-2016-9606 (JBoss RESTEasy before version 3.1.2 could be forced into parsing a req ...)
 	- resteasy 3.1.4-1 (bug #851430)
 	[jessie] - resteasy <no-dsa> (Minor issue)
 	- resteasy3.0 <unfixed>
 	NOTE: See CVE-2018-1051 to address original incomplete fix for CVE-2016-9606
-CVE-2016-9605
+CVE-2016-9605 (A flaw was found in cobbler software component version 2.6.11-1. It su ...)
 	- cobbler <removed> (bug #858844)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1433950
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1399333
-CVE-2016-9604
+CVE-2016-9604 (It was discovered in the Linux kernel before 4.11-rc8 that root can ga ...)
 	{DLA-922-1}
 	- linux 4.9.25-1
 	[jessie] - linux 3.16.43-1
 	NOTE: Fixed by: https://git.kernel.org/linus/ee8f844e3c5a73b999edf733df1c529d6503ec2f
-CVE-2016-9603
+CVE-2016-9603 (A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA e ...)
 	{DLA-1497-1 DLA-1270-1 DLA-1035-1 DLA-939-1}
 	- qemu 1:2.8+dfsg-4 (bug #857744)
 	- qemu-kvm <removed>
@@ -3453,7 +3453,7 @@ CVE-2016-9603
 	NOTE: https://xenbits.xen.org/xsa/advisory-211.html
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/14/2
 	NOTE: Upstream patch http://git.qemu-project.org/?p=qemu.git;a=commit;h=50628d3479e4f9aa97e323506856e394fe7ad7a6
-CVE-2016-9602
+CVE-2016-9602 (Qemu before version 2.9 is vulnerable to an improper link following wh ...)
 	{DLA-1497-1 DLA-1035-1 DLA-965-1}
 	- qemu 1:2.8+dfsg-3 (bug #853006)
 	- qemu-kvm <removed>
@@ -3465,65 +3465,65 @@ CVE-2016-9602
 	NOTE: If fixing this issue for older suites, then make sure not to open the
 	NOTE: CVE-2017-7471 vulnerability and apply as well 9c6b899f7a46893ab3b671e341a2234e9c0c060e
 	NOTE: See further details in the CVE-2017-7471 tracker entry.
-CVE-2016-9601
+CVE-2016-9601 (ghostscript before version 9.21 is vulnerable to a heap based buffer o ...)
 	{DSA-3817-1 DLA-874-1}
 	- jbig2dec 0.13-4 (bug #850497)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697457
 	NOTE: Patch: http://git.ghostscript.com/?p=jbig2dec.git;a=commitdiff;h=e698d5c11d27212aa1098bc5b1673a3378563092
-CVE-2016-9600
+CVE-2016-9600 (JasPer before version 2.0.10 is vulnerable to a null pointer dereferen ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/109
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/a632c6b54bd4ffc3bebab420e00b7e7688aa3846
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2016-9599
+CVE-2016-9599 (puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access ...)
 	NOT-FOR-US: puppet-tripleo
-CVE-2016-9598
+CVE-2016-9598 (libxml2, as used in Red Hat JBoss Core Services, allows context-depend ...)
 	- libxml2 <not-affected> (Red Hat specific security regressions)
-CVE-2016-9597
+CVE-2016-9597 (It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 f ...)
 	- libxml2 <not-affected> (Red Hat specific security regressions)
-CVE-2016-9596
+CVE-2016-9596 (libxml2, as used in Red Hat JBoss Core Services and when in recovery m ...)
 	- libxml2 <not-affected> (Red Hat specific security regressions)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=769658
-CVE-2016-9595
+CVE-2016-9595 (A flaw was found in katello-debug before 3.4.0 where certain scripts a ...)
 	NOT-FOR-US: Katello
-CVE-2016-9594
+CVE-2016-9594 (curl before version 7.52.1 is vulnerable to an uninitialized random in ...)
 	- curl <not-affected> (Only affects 7.52.0)
 	NOTE: https://curl.haxx.se/docs/adv_20161223.html
-CVE-2016-9593
+CVE-2016-9593 (foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman ...)
 	- foreman <itp> (bug #663101)
-CVE-2016-9592
+CVE-2016-9592 (openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a f ...)
 	NOT-FOR-US: OpenShift
-CVE-2016-9591
+CVE-2016-9591 (JasPer before version 2.0.12 is vulnerable to a use-after-free in the  ...)
 	{DSA-3827-1 DLA-920-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/105
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/03fe49ab96bf65fea784cdc256507ea88267fc7c
-CVE-2016-9590
+CVE-2016-9590 (puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an informat ...)
 	- puppet-module-swift 9.4.4-1 (bug #851293)
-CVE-2016-9589
+CVE-2016-9589 (Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable  ...)
 	NOT-FOR-US: Red Hat specific use of undertow in Wildfly
-CVE-2016-9588
+CVE-2016-9588 (arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP  ...)
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.8.15-2
 	NOTE: https://www.spinics.net/lists/kvm/msg142495.html
 	NOTE: Fixed by: https://git.kernel.org/linus/ef85b67385436ddc1998f45f1d6a210f935b3388
-CVE-2016-9587
+CVE-2016-9587 (Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper inpu ...)
 	- ansible 2.2.0.0-3 (bug #850846)
 	[jessie] - ansible <not-affected> (Vulnerable code not present, way ssh commands was reworked in 2.x branch)
 	NOTE: Fixed by: https://github.com/ansible/ansible/commit/ec84ff6de6eca9224bf3f22b752bb8da806611ed (v2.2.1.0-0.3.rc3)
 	NOTE: Fixed by: https://github.com/ansible/ansible/commit/eb8c26c105e8457b86324b64a13fac37d8862d47 (v2.2.1.0-0.4.rc4)
 	NOTE: Fixed by: https://github.com/ansible/ansible/commit/cc4634a5e73c06c6b4581f11171289ca9228391e (v2.2.1.0-0.4.rc4)
 	NOTE: Fix in 2.2.0.0-2 only partially addressed the issues, and needed a follow-up, 2.2.0.0-3
-CVE-2016-9586
+CVE-2016-9586 (curl before version 7.52.0 is vulnerable to a buffer overflow when doi ...)
 	{DLA-1568-1 DLA-767-1}
 	- curl 7.52.1-1 (bug #848958)
 	NOTE: https://curl.haxx.se/docs/adv_20161221A.html
 	NOTE: Fixed by: https://github.com/curl/curl/commit/3ab3c16db6a5674f53cf23d56512a405fde0b2c9
 	NOTE: There are no known vulnerable applications but as this is a
 	NOTE: library it should be fixed as we do not know the full impact.
-CVE-2016-9585
+CVE-2016-9585 (Red Hat JBoss EAP version 5 is vulnerable to a deserialization of untr ...)
 	NOT-FOR-US: JMX endpoint of Red Hat JBoss EAP 5
-CVE-2016-9584
+CVE-2016-9584 (libical allows remote attackers to cause a denial of service (use-afte ...)
 	{DLA-959-1}
 	- libical3 3.0.1-1
 	- libical <unfixed> (bug #852034)
@@ -3531,7 +3531,7 @@ CVE-2016-9584
 	[jessie] - libical <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/15/5
 	NOTE: Upstream ticket: https://github.com/libical/libical/issues/253
-CVE-2016-9583
+CVE-2016-9583 (An out-of-bounds heap read vulnerability was found in the jpc_pi_nextp ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/103
 	NOTE: Fixed by https://github.com/mdadams/jasper/commit/99a50593254d1b53002719bbecfc946c84b23d27
@@ -3541,73 +3541,73 @@ CVE-2016-9583
 	NOTE: Not suitable for code injection, hardly denial of service
 CVE-2016-9582
 	REJECTED
-CVE-2016-9581
+CVE-2016-9581 (An infinite loop vulnerability in tiftoimage that results in heap buff ...)
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/872
 	NOTE: Fixed by: https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255
 	NOTE: not built into the binary packages
-CVE-2016-9580
+CVE-2016-9580 (An integer overflow vulnerability was found in tiftoimage function in  ...)
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/871
 	NOTE: Fixed by: https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255
 	NOTE: not built into the binary packages
-CVE-2016-9579
+CVE-2016-9579 (A flaw was found in the way Ceph Object Gateway would process cross-or ...)
 	- ceph 10.2.5-2 (bug #849048)
 	[jessie] - ceph 0.80.7-2+deb8u2
 	NOTE: http://tracker.ceph.com/issues/18187
-CVE-2016-9578
+CVE-2016-9578 (A vulnerability was discovered in SPICE before 0.13.90 in the server's ...)
 	{DSA-3790-1 DLA-825-1}
 	- spice 0.12.8-2.1 (bug #854336)
 	NOTE: Fixed by: https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=1c6517973095a67c8cb57f3550fc1298404ab556 (0.12.x)
 	NOTE: Fixed by: https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=f66dc643635518e53dfbe5262f814a64eec54e4a (0.12.x)
-CVE-2016-9577
+CVE-2016-9577 (A vulnerability was discovered in SPICE before 0.13.90 in the server's ...)
 	{DSA-3790-1 DLA-825-1}
 	- spice 0.12.8-2.1 (bug #854336)
 	NOTE: Fixed by: https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=5f96b596353d73bdf4bb3cd2de61e48a7fd5b4c3 (0.12.x)
-CVE-2016-10088
+CVE-2016-10088 (The sg implementation in the Linux kernel through 4.9 does not properl ...)
 	{DLA-772-1}
 	- linux 4.8.15-2
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/128394eff343fc6d2f32172f03e24829539c5835 (v4.10-rc1)
-CVE-2016-9576
+CVE-2016-9576 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux kerne ...)
 	{DLA-772-1}
 	- linux 4.8.15-1
 	[jessie] - linux 3.16.39-1
 	NOTE: https://marc.info/?l=linux-scsi&m=148010092224801&w=2
 	NOTE: https://gist.githubusercontent.com/dvyukov/80cd94b4e4c288f16ee4c787d404118b/raw/10536069562444da51b758bb39655b514ff93b45/gistfile1.txt
 	NOTE: Fixed by: https://git.kernel.org/linus/a0ac402cfcdc904f9772e1762b3fda112dcc56a0 (v4.9)
-CVE-2016-9575
+CVE-2016-9575 (Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not  ...)
 	- freeipa 4.4.4-1 (bug #849950)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1395311
 	NOTE: https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=fec4c32ff15
 	NOTE: https://fedorahosted.org/freeipa/ticket/6560
-CVE-2016-9574
+CVE-2016-9574 (nss before version 3.30 is vulnerable to a remote denial of service du ...)
 	- nss 2:3.25-1
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1320695
 	NOTE: The CVE is specific to the segfault resulting from the reproducing steps
 	NOTE: as per buzilla entry, and https://bugzilla.redhat.com/show_bug.cgi?id=1397482
 	NOTE: https://hg.mozilla.org/projects/nss/rev/7385cd821735
-CVE-2016-9573
+CVE-2016-9573 (An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in th ...)
 	{DSA-3768-1}
 	- openjpeg2 2.1.2-1.1 (bug #851422)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/863
 	NOTE: https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d
-CVE-2016-9572
+CVE-2016-9572 (A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 de ...)
 	{DSA-3768-1}
 	- openjpeg2 2.1.2-1.1 (bug #851422)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/863
 	NOTE: https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d
 CVE-2016-9571
 	REJECTED
-CVE-2016-9570
+CVE-2016-9570 (cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial  ...)
 	NOT-FOR-US: Carbon Black
-CVE-2016-9569
+CVE-2016-9569 (The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users ...)
 	NOT-FOR-US: Carbon Black
-CVE-2016-9568
+CVE-2016-9568 (A security design issue can allow an unprivileged user to interact wit ...)
 	NOT-FOR-US: Carbon Black
-CVE-2016-9567
+CVE-2016-9567 (The mDNIe system service on Samsung Mobile S7 devices with M(6.0) soft ...)
 	NOT-FOR-US: Samsung
-CVE-2016-9566
+CVE-2016-9566 (base/logging.c in Nagios Core before 4.2.4 allows local users with acc ...)
 	{DLA-1615-1 DLA-751-1}
 	- nagios3 <removed>
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
@@ -3620,7 +3620,7 @@ CVE-2016-9566
 	NOTE: https://dev.icinga.com/issues/13709
 	NOTE: https://github.com/Icinga/icinga-core/commit/a0eb8471673b6b1e9b37e1b7b91151aa00bedb65
 	NOTE: https://github.com/Icinga/icinga-core/commit/e0f55bc9b17ef1db9aed7393fc34576a5b9501f0
-CVE-2016-9565
+CVE-2016-9565 (MagpieRSS, as used in the front-end component in Nagios Core before 4. ...)
 	{DLA-751-1}
 	- nagios3 3.5.1-1
 	NOTE: https://legalhackers.com/advisories/Nagios-Exploit-Command-Injection-CVE-2016-9565-2008-4796.html
@@ -3628,21 +3628,21 @@ CVE-2016-9565
 	NOTE: function was removed.
 	NOTE: The scope of the CVE is specific to Nagios.
 	NOTE: impact lessened by the hardened permissions in Debian: files can be extracted, but no backdoor can be installed as the web root is not writable
-CVE-2016-9564
+CVE-2016-9564 (Buffer overflow in send_redirect() in Boa Webserver 0.92r allows remot ...)
 	- boa <not-affected> (the vuln was removed in 0.93.14)
 	NOTE: http://www.ljcusack.io/cve-2016-9564-stack-based-buffer-overflow-in-boa-0-dot-92r
-CVE-2016-9563
+CVE-2016-9563 (BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticate ...)
 	NOT-FOR-US: SAP
-CVE-2016-9562
+CVE-2016-9562 (SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of ...)
 	NOT-FOR-US: SAP
-CVE-2016-9561
+CVE-2016-9561 (The che_configure function in libavcodec/aacdec_template.c in FFmpeg b ...)
 	- ffmpeg 7:3.2.4-1 (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/08/1
 	NOTE: non-issue, legitimate media file. If a server application uses libav* on untrusted media
 	NOTE: files, it needs to set resource limits
-CVE-2016-9554
+CVE-2016-9554 (The Sophos Web Appliance Remote / Secure Web Gateway server (version 4 ...)
 	NOT-FOR-US: Sophos
-CVE-2016-9553
+CVE-2016-9553 (The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote ...)
 	NOT-FOR-US: Sophos
 CVE-2016-9552
 	RESERVED
@@ -3730,167 +3730,167 @@ CVE-2016-9502
 	REJECTED
 CVE-2016-9501
 	REJECTED
-CVE-2016-9500
+CVE-2016-9500 (Accellion FTP server prior to version FTA_9_12_220 uses the Accusoft P ...)
 	NOT-FOR-US: Accellion
-CVE-2016-9499
+CVE-2016-9499 (Accellion FTP server prior to version FTA_9_12_220 only returns the us ...)
 	NOT-FOR-US: Accellion
-CVE-2016-9498
+CVE-2016-9498 (ManageEngine Applications Manager 12 and 13 before build 13200, allows ...)
 	NOT-FOR-US: ManageEngine
-CVE-2016-9497
+CVE-2016-9497 (Hughes high-performance broadband satellite modems, models HN7740S DW7 ...)
 	NOT-FOR-US: Hughes
-CVE-2016-9496
+CVE-2016-9496 (Hughes high-performance broadband satellite modems, models HN7740S DW7 ...)
 	NOT-FOR-US: Hughes
-CVE-2016-9495
+CVE-2016-9495 (Hughes high-performance broadband satellite modems, models HN7740S DW7 ...)
 	NOT-FOR-US: Hughes
-CVE-2016-9494
+CVE-2016-9494 (Hughes high-performance broadband satellite modems, models HN7740S DW7 ...)
 	NOT-FOR-US: Hughes
-CVE-2016-9493
+CVE-2016-9493 (The code generated by PHP FormMail Generator prior to 17 December 2016 ...)
 	NOT-FOR-US: PHP FormMail Generator
-CVE-2016-9492
+CVE-2016-9492 (The code generated by PHP FormMail Generator prior to 17 December 2016 ...)
 	NOT-FOR-US: PHP FormMail Generator
-CVE-2016-9491
+CVE-2016-9491 (ManageEngine Applications Manager 12 and 13 before build 13690 allows  ...)
 	NOT-FOR-US: ManageEngine
-CVE-2016-9490
+CVE-2016-9490 (ManageEngine Applications Manager versions 12 and 13 before build 1320 ...)
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2016-9489
+CVE-2016-9489 (In ManageEngine Applications Manager 12 and 13 before build 13200, an  ...)
 	NOT-FOR-US: ManageEngine
-CVE-2016-9488
+CVE-2016-9488 (ManageEngine Applications Manager versions 12 and 13 before build 1320 ...)
 	NOT-FOR-US: ManageEngine Applications Manager
-CVE-2016-9487
+CVE-2016-9487 (EpubCheck 4.0.1 does not properly restrict resolving external entities ...)
 	NOT-FOR-US: EpubCheck
-CVE-2016-9486
+CVE-2016-9486 (On Windows endpoints, the SecureConnector agent must run under the loc ...)
 	NOT-FOR-US: SecureConnector agent
-CVE-2016-9485
+CVE-2016-9485 (On Windows endpoints, the SecureConnector agent must run under the loc ...)
 	NOT-FOR-US: SecureConnector agent
-CVE-2016-9484
+CVE-2016-9484 (The generated PHP form code does not properly validate user input fold ...)
 	NOT-FOR-US: PHP FormMail Generator
-CVE-2016-9483
+CVE-2016-9483 (The PHP form code generated by PHP FormMail Generator deserializes unt ...)
 	NOT-FOR-US: PHP FormMail Generator
-CVE-2016-9482
+CVE-2016-9482 (Code generated by PHP FormMail Generator may allow a remote unauthenti ...)
 	NOT-FOR-US: PHP FormMail Generator
-CVE-2016-4412
+CVE-2016-4412 (An issue was discovered in phpMyAdmin. A user can be tricked into foll ...)
 	{DLA-757-1}
 	- phpmyadmin 4:4.1.7-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-57/
 	NOTE: may affect wheezy only.
-CVE-2016-9847
+CVE-2016-9847 (An issue was discovered in phpMyAdmin. When the user does not specify  ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-58/
 	NOTE: Debian packaging generates blowfish secret
-CVE-2016-9848
+CVE-2016-9848 (An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-59/
 	NOTE: disabled by default, debugging setting required
-CVE-2016-9849
+CVE-2016-9849 (An issue was discovered in phpMyAdmin. It is possible to bypass AllowR ...)
 	{DLA-757-1}
 	- phpmyadmin 4:4.6.5.1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-60/
-CVE-2016-9850
+CVE-2016-9850 (An issue was discovered in phpMyAdmin. Username matching for the allow ...)
 	{DLA-757-1}
 	- phpmyadmin 4:4.6.5.1-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-61/
-CVE-2016-9851
+CVE-2016-9851 (An issue was discovered in phpMyAdmin. With a crafted request paramete ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-62/
-CVE-2016-9852
+CVE-2016-9852 (An issue was discovered in phpMyAdmin. By calling some scripts that ar ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-63/
 	NOTE: path disclosure not relevant in Debian
-CVE-2016-9853
+CVE-2016-9853 (An issue was discovered in phpMyAdmin. By calling some scripts that ar ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-63/
 	NOTE: path disclosure not relevant in Debian
-CVE-2016-9854
+CVE-2016-9854 (An issue was discovered in phpMyAdmin. By calling some scripts that ar ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-63/
 	NOTE: path disclosure not relevant in Debian
-CVE-2016-9855
+CVE-2016-9855 (An issue was discovered in phpMyAdmin. By calling some scripts that ar ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-63/
 	NOTE: path disclosure not relevant in Debian
-CVE-2016-9856
+CVE-2016-9856 (An XSS issue was discovered in phpMyAdmin because of an improper fix f ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-64/
-CVE-2016-9857
+CVE-2016-9857 (An issue was discovered in phpMyAdmin. XSS is possible because of a we ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-64/
-CVE-2016-9858
+CVE-2016-9858 (An issue was discovered in phpMyAdmin. With a crafted request paramete ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-65/
-CVE-2016-9859
+CVE-2016-9859 (An issue was discovered in phpMyAdmin. With a crafted request paramete ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-65/
-CVE-2016-9860
+CVE-2016-9860 (An issue was discovered in phpMyAdmin. An unauthenticated user can exe ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-65/
-CVE-2016-9861
+CVE-2016-9861 (An issue was discovered in phpMyAdmin. Due to the limitation in URL ma ...)
 	{DLA-757-1}
 	- phpmyadmin 4:4.6.5.1-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-66/
-CVE-2016-9862
+CVE-2016-9862 (An issue was discovered in phpMyAdmin. With a crafted login request it ...)
 	- phpmyadmin 4:4.6.5.1-1
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-67/
-CVE-2016-9863
+CVE-2016-9863 (An issue was discovered in phpMyAdmin. With a very large request to ta ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-68/
-CVE-2016-9864
+CVE-2016-9864 (An issue was discovered in phpMyAdmin. With a crafted username or a ta ...)
 	{DLA-757-1}
 	- phpmyadmin 4:4.6.5.1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-69/
-CVE-2016-9865
+CVE-2016-9865 (An issue was discovered in phpMyAdmin. Due to a bug in serialized stri ...)
 	{DLA-1415-1 DLA-757-1}
 	- phpmyadmin 4:4.6.5.1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-70/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/17b34be (RELEASE_4_6_5)
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/1fc004d (MAINT_4_4_15)
-CVE-2016-9866
+CVE-2016-9866 (An issue was discovered in phpMyAdmin. When the arg_separator is diffe ...)
 	- phpmyadmin 4:4.6.5.1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-71/
 	NOTE: unlikely PHP configuration required, unclear impact
-CVE-2016-9639
+CVE-2016-9639 (Salt before 2015.8.11 allows deleted minions to read or write to minio ...)
 	- salt 2016.3.0+ds-1
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/25/2
-CVE-2016-9813
+CVE-2016-9813 (The _parse_pat function in the mpegts parser in GStreamer before 1.10. ...)
 	{DSA-3818-1}
 	- gst-plugins-bad1.0 1.10.2-1 (low)
 	- gst-plugins-bad0.10 <not-affected> (Vulnerable code introduced in 1.1.1 of 1.0 series)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775120
-CVE-2016-9812
+CVE-2016-9812 (The gst_mpegts_section_new function in the mpegts decoder in GStreamer ...)
 	{DSA-3818-1}
 	- gst-plugins-bad1.0 1.10.2-1 (low)
 	- gst-plugins-bad0.10 <not-affected> (Vulnerable code introduced in 1.1.1 of 1.0 series)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775048
-CVE-2016-9811
+CVE-2016-9811 (The windows_icon_typefind function in gst-plugins-base in GStreamer be ...)
 	{DSA-3819-1 DLA-735-1}
 	- gst-plugins-base1.0 1.10.2-1
 	- gst-plugins-base0.10 <removed>
 	[jessie] - gst-plugins-base0.10 <no-dsa> (Minor issue, can be fixed via point release)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774902
-CVE-2016-9810
+CVE-2016-9810 (The gst_decode_chain_free_internal function in the flxdex decoder in g ...)
 	- gst-plugins-good1.0 1.10.1-2
 	[jessie] - gst-plugins-good1.0 1.4.4-2+deb8u2
 	- gst-plugins-good0.10 <removed>
 	[jessie] - gst-plugins-good0.10 0.10.31-3+nmu4+deb8u2
 	[wheezy] - gst-plugins-good0.10 0.10.31-3+nmu1+deb7u1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774897
-CVE-2016-9809
+CVE-2016-9809 (Off-by-one error in the gst_h264_parse_set_caps function in GStreamer  ...)
 	{DSA-3818-1 DLA-736-1}
 	- gst-plugins-bad1.0 1.10.2-1
 	- gst-plugins-bad0.10 <removed>
 	[jessie] - gst-plugins-bad0.10 <no-dsa> (Minor issue, can be fixed via point release)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774896
-CVE-2016-9808
+CVE-2016-9808 (The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to ...)
 	- gst-plugins-good1.0 1.10.1-2
 	[jessie] - gst-plugins-good1.0 1.4.4-2+deb8u2
 	- gst-plugins-good0.10 <removed>
@@ -3899,7 +3899,7 @@ CVE-2016-9808
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774859
 	NOTE: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff
 	NOTE: https://scarybeastsecurity.blogspot.dk/2016/11/0day-poc-incorrect-fix-for-gstreamer.html
-CVE-2016-9807
+CVE-2016-9807 (The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer bef ...)
 	- gst-plugins-good1.0 1.10.1-2
 	[jessie] - gst-plugins-good1.0 1.4.4-2+deb8u2
 	- gst-plugins-good0.10 <removed>
@@ -3907,12 +3907,12 @@ CVE-2016-9807
 	[wheezy] - gst-plugins-good0.10 0.10.31-3+nmu1+deb7u1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=774859
 	NOTE: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff
-CVE-2016-9806
+CVE-2016-9806 (Race condition in the netlink_dump function in net/netlink/af_netlink. ...)
 	- linux 4.6.3-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Introduced in 3.12)
 	NOTE: Fixed by: https://git.kernel.org/linus/92964c79b357efd980812c4de5c1fd2ec8bb5520 (v4.7-rc1)
-CVE-2016-9636
+CVE-2016-9636 (Heap-based buffer overflow in the flx_decode_delta_fli function in gst ...)
 	{DSA-3724-1 DSA-3723-1 DLA-727-1}
 	- gst-plugins-good1.0 1.10.1-2 (bug #845375)
 	- gst-plugins-good0.10 <removed>
@@ -3922,7 +3922,7 @@ CVE-2016-9636
 	NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=fec77de8cbb0c8192b77aff2e563705ba421f2f2
 	NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=45dcd0b9ccf33ed85cdafeb871a3781f5be57fd9
 	NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff
-CVE-2016-9635
+CVE-2016-9635 (Heap-based buffer overflow in the flx_decode_delta_fli function in gst ...)
 	{DSA-3724-1 DSA-3723-1 DLA-727-1}
 	- gst-plugins-good1.0 1.10.1-2 (bug #845375)
 	- gst-plugins-good0.10 <removed>
@@ -3932,7 +3932,7 @@ CVE-2016-9635
 	NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=fec77de8cbb0c8192b77aff2e563705ba421f2f2
 	NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=45dcd0b9ccf33ed85cdafeb871a3781f5be57fd9
 	NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff
-CVE-2016-9634
+CVE-2016-9634 (Heap-based buffer overflow in the flx_decode_delta_fli function in gst ...)
 	{DSA-3724-1 DSA-3723-1 DLA-727-1}
 	- gst-plugins-good1.0 1.10.1-2 (bug #845375)
 	- gst-plugins-good0.10 <removed>
@@ -3942,94 +3942,94 @@ CVE-2016-9634
 	NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=fec77de8cbb0c8192b77aff2e563705ba421f2f2
 	NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=45dcd0b9ccf33ed85cdafeb871a3781f5be57fd9
 	NOTE: Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff
-CVE-2016-9633
+CVE-2016-9633 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/23
-CVE-2016-9632
+CVE-2016-9632 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/43
-CVE-2016-9631
+CVE-2016-9631 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/42
-CVE-2016-9630
+CVE-2016-9630 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/41
-CVE-2016-9629
+CVE-2016-9629 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/40
-CVE-2016-9628
+CVE-2016-9628 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/39
-CVE-2016-9627
+CVE-2016-9627 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/38
 	NOTE: https://github.com/tats/w3m/commit/0c3f5d0e0d9269ad47b8f4b061d7818993913189
-CVE-2016-9626
+CVE-2016-9626 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/37
-CVE-2016-9625
+CVE-2016-9625 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/36
-CVE-2016-9624
+CVE-2016-9624 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/35
-CVE-2016-9623
+CVE-2016-9623 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/33
-CVE-2016-9622
+CVE-2016-9622 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/32
 CVE-2016-9621
 	REJECTED
-CVE-2016-9560
+CVE-2016-9560 (Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_ ...)
 	{DSA-3785-1 DLA-739-1}
 	- jasper <removed>
 	NOTE: https://blogs.gentoo.org/ago/2016/11/20/jasper-stack-based-buffer-overflow-in-jpc_tsfb_getbands2-jpc_tsfb-c
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/1abc2e5a401a4bf1d5ca4df91358ce5df111f495
-CVE-2016-9558
+CVE-2016-9558 ((1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf  ...)
 	- dwarfutils 20161124-1 (bug #845408)
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2016/11/19/libdwarf-negation-overflow-in-dwarf_leb-c
 	NOTE: Fixed by: https://sourceforge.net/p/libdwarf/code/ci/4f19e1050cd8e9ddf2cb6caa061ff2fec4c9b5f9/#diff-5
-CVE-2016-9557
+CVE-2016-9557 (Integer overflow in jas_image.c in JasPer before 1.900.25 allows remot ...)
 	- jasper <removed>
 	[jessie] - jasper <no-dsa> (There is no application crash unless jasper is built with ASAN)
 	[wheezy] - jasper <no-dsa> (the fix is too invasive)
 	NOTE: https://blogs.gentoo.org/ago/2016/11/19/jasper-signed-integer-overflow-in-jas_image-c
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/d42b2388f7f8e0332c846675133acea151fc557a
-CVE-2016-9555
+CVE-2016-9555 (The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kern ...)
 	{DLA-772-1}
 	- linux 4.8.11-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6 (4.9-rc4)
-CVE-2016-9481
+CVE-2016-9481 (In framework/modules/core/controllers/expCommentController.php of Expo ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9480
+CVE-2016-9480 (libdwarf 2016-10-21 allows context-dependent attackers to obtain sensi ...)
 	- dwarfutils 20161124-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
@@ -4039,7 +4039,7 @@ CVE-2016-9480
 	NOTE: The code has substantially changed in libdwarf/dwarf_util.c from older
 	NOTE: versions, but there  seem to be still back then an unchecked dereference
 	NOTE: of val_ptr.
-CVE-2016-9479
+CVE-2016-9479 (The "lost password" functionality in b2evolution before 6.7.9 allows r ...)
 	- b2evolution <removed>
 CVE-2016-9478
 	REJECTED
@@ -4051,49 +4051,49 @@ CVE-2016-9475
 	REJECTED
 CVE-2016-9474
 	REJECTED
-CVE-2016-9473
+CVE-2016-9473 (Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and e ...)
 	- brave-browser <itp> (bug #864795)
-CVE-2016-9472
+CVE-2016-9472 (Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected XSS. The ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9471
+CVE-2016-9471 (Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element In ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9470
+CVE-2016-9470 (Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File Dow ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9469
+CVE-2016-9469 (Multiple versions of GitLab expose a dangerous method to any authentic ...)
 	- gitlab 8.13.6+dfsg2-2 (bug #847157)
 	NOTE: https://about.gitlab.com/2016/12/05/cve-2016-9469/
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/25064
-CVE-2016-9468
+CVE-2016-9468 (Nextcloud Server before 9.0.54 and 10.0.1 &amp; ownCloud Server before ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9467
+CVE-2016-9467 (Nextcloud Server before 9.0.54 and 10.0.1 &amp; ownCloud Server before ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9466
+CVE-2016-9466 (Nextcloud Server before 10.0.1 &amp; ownCloud Server before 9.0.6 and  ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9465
+CVE-2016-9465 (Nextcloud Server before 10.0.1 &amp; ownCloud Server before 9.0.6 and  ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9464
+CVE-2016-9464 (Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper aut ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9463
+CVE-2016-9463 (Nextcloud Server before 9.0.54 and 10.0.1 &amp; ownCloud Server before ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9462
+CVE-2016-9462 (Nextcloud Server before 9.0.52 &amp; ownCloud Server before 9.0.4 are  ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9461
+CVE-2016-9461 (Nextcloud Server before 9.0.52 &amp; ownCloud Server before 9.0.4 are  ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9460
+CVE-2016-9460 (Nextcloud Server before 9.0.52 &amp; ownCloud Server before 9.0.4 are  ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2016-9459
+CVE-2016-9459 (Nextcloud Server before 9.0.52 &amp; ownCloud Server before 9.0.4 are  ...)
 	- nextcloud <itp> (bug #835086)
 CVE-2016-9458
 	REJECTED
-CVE-2016-9457
+CVE-2016-9457 (Revive Adserver before 3.2.3 suffers from Reflected XSS. `www/admin/st ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9456
+CVE-2016-9456 (Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery ( ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9455
+CVE-2016-9455 (Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery ( ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9454
+CVE-2016-9454 (Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9444
+CVE-2016-9444 (named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9. ...)
 	{DSA-3758-1 DLA-805-1}
 	[experimental] - bind9 1:9.10.4-P5-1
 	- bind9 1:9.10.3.dfsg.P4-11 (bug #851062)
@@ -4120,83 +4120,83 @@ CVE-2016-XXXX [TOCTOU race condition in initscript on chown'ing JVM_TMP temporar
 	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
-CVE-2016-10071
+CVE-2016-10071 (coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to  ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845246)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/131
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10070
+CVE-2016-10070 (Heap-based buffer overflow in the CalcMinMax function in coders/mat.c  ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845246)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/131
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10069
+CVE-2016-10069 (coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to  ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845244)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-9559
+CVE-2016-9559 (coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #845243)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1c795ce9fe1d6feac8bc36c2e6c5ba7110b671b1
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b61d35eaccc0a7ddeff8a1c3abfcd0a43ccf210b (master)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/298
-CVE-2016-9773
+CVE-2016-9773 (Heap-based buffer overflow in the IsPixelGray function in MagickCore/p ...)
 	- imagemagick <not-affected> (Affects only the ImageMagick-7 branch, cf. NOTE)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/4e8c2ed53fcb54a34b3a6185b2584f26cf6874a3
 	NOTE: https://blogs.gentoo.org/ago/2016/12/01/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h-incomplete-fix-for-cve-2016-9556/
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/312
 	NOTE: Upstream statement: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31045
-CVE-2016-9556
+CVE-2016-9556 (The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #845242)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/301
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/174de08d7c81ce147689f3b1c73fadd6bf1c023c
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99 (master)
-CVE-2016-10068
+CVE-2016-10068 (The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attack ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #845241)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30797
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/56d6e20de489113617cbbddaf41e92600a34db22
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10058
+CVE-2016-10058 (Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagi ...)
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #845239)
 	[jessie] - imagemagick <not-affected> (Vulnerable code using layer_info[i].info introduced later)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code using layer_info[i].info introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4ec444f4eab88cf4bec664fafcf9cab50bc5ff6a
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10067
+CVE-2016-10067 (magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers  ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845213)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10066
+CVE-2016-10066 (Buffer overflow in the ReadVIFFImage function in coders/viff.c in Imag ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845213)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10065
+CVE-2016-10065 (The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0. ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845212)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/129
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/134463b926fa965571aa4febd61b810be5e7da05
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545183
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10064
+CVE-2016-10064 (Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows  ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845202)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10063
+CVE-2016-10063 (Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows  ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845198)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2bb6941a2d557f26a2f2049ade466e118eeaab91
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10062
+CVE-2016-10062 (The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not  ...)
 	{DSA-3799-1 DLA-868-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #849439)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/196
@@ -4208,170 +4208,170 @@ CVE-2016-10062
 	NOTE: 4e914bbe371433f0590cefdf3bd5f3a5710069f9 upstream. It is not the same
 	NOTE: as the fputc issue in ReadGROUP4Image.
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/41e955984b034777903cfa61e500a0b922eb9cbd
-CVE-2016-10061
+CVE-2016-10061 (The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7. ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845196)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/196
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10060
+CVE-2016-10060 (The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagi ...)
 	{DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845196)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/196
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10059
+CVE-2016-10059 (Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows  ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845195)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/58cf5bf4fade82e3b510e8f3463a967278a3e410
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-9448
+CVE-2016-9448 (The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attacke ...)
 	- tiff <not-affected> (Vulnerable code introduced by fix for CVE-2016-9297)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2593
 	NOTE: Regression introduced by previous fix done on 2016-11-11 for CVE-2016-9297
-CVE-2016-9421
+CVE-2016-9421 (Cross-site scripting (XSS) vulnerability in the Users module in the Ad ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9420
+CVE-2016-9420 (MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1 ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9419
+CVE-2016-9419 (Cross-site scripting (XSS) vulnerability in the Admin control panel in ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9418
+CVE-2016-9418 (MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge Syst ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9417
+CVE-2016-9417 (The fetch_remote_file function in MyBB (aka MyBulletinBoard) before 1. ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9416
+CVE-2016-9416 (SQL injection vulnerability in the users data handler in MyBB (aka MyB ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9415
+CVE-2016-9415 (MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge Syst ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9414
+CVE-2016-9414 (MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1 ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9413
+CVE-2016-9413 (The Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9412
+CVE-2016-9412 (MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1 ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9411
+CVE-2016-9411 (The Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9410
+CVE-2016-9410 (MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1 ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9409
+CVE-2016-9409 (Cross-site scripting (XSS) vulnerability in the Admin control panel in ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9408
+CVE-2016-9408 (Cross-site scripting (XSS) vulnerability in the Mod control panel in M ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9407
+CVE-2016-9407 (Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9406
+CVE-2016-9406 (Cross-site scripting (XSS) vulnerability in the User control panel in  ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9405
+CVE-2016-9405 (Cross-site scripting (XSS) vulnerability in member validation in MyBB  ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9404
+CVE-2016-9404 (Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9403
+CVE-2016-9403 (newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9402
+CVE-2016-9402 (SQL injection vulnerability in the moderation tool in MyBB (aka MyBull ...)
 	NOT-FOR-US: MyBB
-CVE-2016-9386
+CVE-2016-9386 (The x86 emulator in Xen does not properly treat x86 NULL segments as u ...)
 	{DSA-3729-1 DLA-720-1}
 	- xen 4.8.0-1 (bug #845663)
 	NOTE: https://xenbits.xen.org/xsa/advisory-191.html
-CVE-2016-9385
+CVE-2016-9385 (The x86 segment base write emulation functionality in Xen 4.4.x throug ...)
 	{DSA-3729-1}
 	- xen 4.8.0-1 (bug #845665)
 	[wheezy] - xen <not-affected> (Only affects Xen >= 4.4)
 	NOTE: https://xenbits.xen.org/xsa/advisory-193.html
-CVE-2016-9384
+CVE-2016-9384 (Xen 4.7 allows local guest OS users to obtain sensitive host informati ...)
 	- xen 4.8.0-1 (bug #845667)
 	[jessie] - xen <not-affected> (Only affects Xen >= 4.7)
 	[wheezy] - xen <not-affected> (Only affects Xen >= 4.7)
 	NOTE: https://xenbits.xen.org/xsa/advisory-194.html
-CVE-2016-9383
+CVE-2016-9383 (Xen, when running on a 64-bit hypervisor, allows local x86 guest OS us ...)
 	{DSA-3729-1 DLA-720-1}
 	- xen 4.8.0-1 (bug #845668)
 	NOTE: https://xenbits.xen.org/xsa/advisory-195.html
-CVE-2016-9382
+CVE-2016-9382 (Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, whic ...)
 	{DSA-3729-1 DLA-720-1}
 	- xen 4.8.0-1 (bug #845664)
 	NOTE: https://xenbits.xen.org/xsa/advisory-192.html
-CVE-2016-9381
+CVE-2016-9381 (Race condition in QEMU in Xen allows local x86 HVM guest OS administra ...)
 	{DLA-720-1}
 	- xen 4.4.0-1
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-197.html
-CVE-2016-9380
+CVE-2016-9380 (The pygrub boot loader emulator in Xen, when nul-delimited output form ...)
 	{DSA-3729-1 DLA-720-1}
 	- xen 4.8.0-1 (bug #845670)
 	NOTE: https://xenbits.xen.org/xsa/advisory-198.html
-CVE-2016-9379
+CVE-2016-9379 (The pygrub boot loader emulator in Xen, when S-expression output forma ...)
 	{DSA-3729-1 DLA-720-1}
 	- xen 4.8.0-1 (bug #845670)
 	NOTE: https://xenbits.xen.org/xsa/advisory-198.html
-CVE-2016-9378
+CVE-2016-9378 (Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when  ...)
 	- xen 4.8.0-1 (bug #845669)
 	[jessie] - xen <not-affected> (Only 4.5 onwards vulnerable)
 	[wheezy] - xen <not-affected> (Only 4.5 onwards vulnerable)
 	NOTE: https://xenbits.xen.org/xsa/advisory-196.html
-CVE-2016-9377
+CVE-2016-9377 (Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when  ...)
 	- xen 4.8.0-1 (bug #845669)
 	[jessie] - xen <not-affected> (Only 4.5 onwards vulnerable)
 	[wheezy] - xen <not-affected> (Only 4.5 onwards vulnerable)
 	NOTE: https://xenbits.xen.org/xsa/advisory-196.html
-CVE-2016-9371
+CVE-2016-9371 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPor ...)
 	NOT-FOR-US: Moxa
 CVE-2016-9370
 	REJECTED
-CVE-2016-9369
+CVE-2016-9369 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPor ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9368
+CVE-2016-9368 (An issue was discovered in Eaton xComfort Ethernet Communication Inter ...)
 	NOT-FOR-US: Eaton xComfort Ethernet Communication Interface
-CVE-2016-9367
+CVE-2016-9367 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPor ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9366
+CVE-2016-9366 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPor ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9365
+CVE-2016-9365 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPor ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9364
+CVE-2016-9364 (An issue was discovered in Fidelix FX-20 series controllers, versions  ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9363
+CVE-2016-9363 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPor ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9362
+CVE-2016-9362 (An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (release ...)
 	NOT-FOR-US: WAGO
-CVE-2016-9361
+CVE-2016-9361 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPor ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9360
+CVE-2016-9360 (An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFI ...)
 	NOT-FOR-US: General Electric
 CVE-2016-9359
 	REJECTED
-CVE-2016-9358
+CVE-2016-9358 (A Hard-Coded Passwords issue was discovered in Marel Food Processing S ...)
 	NOT-FOR-US: Marel
-CVE-2016-9357
+CVE-2016-9357 (An issue was discovered in certain legacy Eaton ePDUs -- the affected  ...)
 	NOT-FOR-US: legacy Eaton ePDUs
-CVE-2016-9356
+CVE-2016-9356 (An issue was discovered in Moxa DACenter Versions 1.4 and older. The a ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9355
+CVE-2016-9355 (An issue was discovered in Becton, Dickinson and Company (BD) Alaris 8 ...)
 	NOT-FOR-US: Alaris 8015 Point of Care
-CVE-2016-9354
+CVE-2016-9354 (An issue was discovered in Moxa DACenter Versions 1.4 and older. A spe ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9353
+CVE-2016-9353 (An issue was discovered in Advantech SUISAccess Server Version 3.0 and ...)
 	NOT-FOR-US: Advantech SUISAccess Server
 CVE-2016-9352
 	REJECTED
-CVE-2016-9351
+CVE-2016-9351 (An issue was discovered in Advantech SUISAccess Server Version 3.0 and ...)
 	NOT-FOR-US: Advantech SUISAccess Server
 CVE-2016-9350
 	REJECTED
-CVE-2016-9349
+CVE-2016-9349 (An issue was discovered in Advantech SUISAccess Server Version 3.0 and ...)
 	NOT-FOR-US: Advantech SUISAccess Server
-CVE-2016-9348
+CVE-2016-9348 (An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPor ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9347
+CVE-2016-9347 (An issue was discovered in Emerson SE4801T0X Redundant Wireless I/O Ca ...)
 	NOT-FOR-US: Emerson
-CVE-2016-9346
+CVE-2016-9346 (An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9345
+CVE-2016-9345 (An issue was discovered in Emerson DeltaV Easy Security Management Del ...)
 	NOT-FOR-US: Emerson
-CVE-2016-9344
+CVE-2016-9344 (An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9343
+CVE-2016-9343 (An issue was discovered in Rockwell Automation Logix5000 Programmable  ...)
 	NOT-FOR-US: Rockwell
 CVE-2016-9342
 	REJECTED
@@ -4379,23 +4379,23 @@ CVE-2016-9341
 	REJECTED
 CVE-2016-9340
 	REJECTED
-CVE-2016-9339
+CVE-2016-9339 (An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versio ...)
 	NOT-FOR-US: INTERSCHALT Maritime Systems
-CVE-2016-9338
+CVE-2016-9338 (An issue was discovered in Rockwell Automation Allen-Bradley MicroLogi ...)
 	NOT-FOR-US: Rockwell
-CVE-2016-9337
+CVE-2016-9337 (An issue was discovered in Tesla Motors Model S automobile, all firmwa ...)
 	NOT-FOR-US: Tesla car
 CVE-2016-9336
 	REJECTED
-CVE-2016-9335
+CVE-2016-9335 (A hard-coded cryptographic key vulnerability was identified in Red Lio ...)
 	NOT-FOR-US: Red Lion Controls Sixnet-Managed Industrial Switches
-CVE-2016-9334
+CVE-2016-9334 (An issue was discovered in Rockwell Automation Allen-Bradley MicroLogi ...)
 	NOT-FOR-US: Rockwell
-CVE-2016-9333
+CVE-2016-9333 (An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9332
+CVE-2016-9332 (An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. ...)
 	NOT-FOR-US: Moxa
-CVE-2016-9453
+CVE-2016-9453 (The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote att ...)
 	{DSA-3762-1}
 	- tiff 4.0.6-3
 	[wheezy] - tiff 4.0.2-6+deb7u7
@@ -4412,124 +4412,124 @@ CVE-2016-9453
 	NOTE: TIFFReadDirectory: Warning, Unknown field with tag 3 (0x3) encountered.
 	NOTE: TIFFReadDirectory: IO error during reading of "BitsPerSample".
 	NOTE: tiff2pdf: Can't open input file ./CVE-2016-9453.tiff for reading.
-CVE-2016-9446
+CVE-2016-9446 (The vmnc decoder in the gstreamer does not initialize the render canva ...)
 	{DSA-3717-1 DLA-712-1}
 	- gst-plugins-bad0.10 <removed>
 	- gst-plugins-bad1.0 1.10.1-1
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
 	NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=774533
 	NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/?id=4cb1bcf1422bbcd79c0f683edb7ee85e3f7a31fe
-CVE-2016-9445
+CVE-2016-9445 (Integer overflow in the vmnc decoder in the gstreamer allows remote at ...)
 	{DSA-3717-1 DLA-712-1}
 	- gst-plugins-bad0.10 <removed>
 	- gst-plugins-bad1.0 1.10.1-1
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
 	NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=774533
 	NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/?id=4cb1bcf1422bbcd79c0f683edb7ee85e3f7a31fe
-CVE-2016-9452
+CVE-2016-9452 (The transliterate mechanism in Drupal 8.x before 8.2.3 allows remote a ...)
 	- drupal8 <itp> (bug #756305)
 	- drupal7 <not-affected> (Only affects Drupal 8)
 	NOTE: https://www.drupal.org/SA-CORE-2016-005
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
-CVE-2016-9451
+CVE-2016-9451 (Confirmation forms in Drupal 7.x before 7.52 make it easier for remote ...)
 	{DSA-3718-1 DLA-715-1}
 	- drupal7 7.52-1
 	NOTE: https://www.drupal.org/SA-CORE-2016-005
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
-CVE-2016-9450
+CVE-2016-9450 (The user password reset form in Drupal 8.x before 8.2.3 allows remote  ...)
 	- drupal8 <itp> (bug #756305)
 	- drupal7 <not-affected> (Only affects Drupal 8)
 	NOTE: https://www.drupal.org/SA-CORE-2016-005
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
-CVE-2016-9449
+CVE-2016-9449 (The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 mig ...)
 	{DSA-3718-1 DLA-715-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.52-1
 	NOTE: https://www.drupal.org/SA-CORE-2016-005
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
-CVE-2016-9443
+CVE-2016-9443 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/28
-CVE-2016-9442
+CVE-2016-9442 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/commit/d43527cfa0dbb3ccefec4a6f7b32c1434739aa29
-CVE-2016-9441
+CVE-2016-9441 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/24
-CVE-2016-9440
+CVE-2016-9440 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/22
-CVE-2016-9439
+CVE-2016-9439 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-33 (bug #844726)
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/20
-CVE-2016-9438
+CVE-2016-9438 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/18
-CVE-2016-9437
+CVE-2016-9437 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/17
-CVE-2016-9436
+CVE-2016-9436 (parsetagx.c in w3m before 0.5.3+git20161009 does not properly initiali ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/16
 	NOTE: Fixed by: https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd
-CVE-2016-9435
+CVE-2016-9435 (The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 do ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/16
 	NOTE: Fixed by: https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd
-CVE-2016-9434
+CVE-2016-9434 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/15
-CVE-2016-9433
+CVE-2016-9433 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/14
-CVE-2016-9432
+CVE-2016-9432 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/13
-CVE-2016-9431
+CVE-2016-9431 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/10
-CVE-2016-9430
+CVE-2016-9430 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/7
-CVE-2016-9429
+CVE-2016-9429 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/29
-CVE-2016-9428
+CVE-2016-9428 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/26
-CVE-2016-9427
+CVE-2016-9427 (Integer overflow vulnerability in bdwgc before 2016-09-27 allows attac ...)
 	{DLA-721-1}
 	[experimental] - libgc 1:7.4.4-1
 	- libgc 1:7.6.4-0.3 (bug #844771)
@@ -4539,122 +4539,122 @@ CVE-2016-9427
 	NOTE: Fixed by https://github.com/ivmai/bdwgc/commit/4e1a6f9d8f2a49403bbd00b8c8e5324048fb84d4
 	NOTE: Fixed by https://github.com/ivmai/bdwgc/commit/7292c02fac2066d39dd1bcc37d1a7054fd1e32ee
 	NOTE: Fixed by https://github.com/ivmai/bdwgc/commit/552ad0834672fed86ada6430150ef9ebdd3f54d7
-CVE-2016-9426
+CVE-2016-9426 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/25
-CVE-2016-9425
+CVE-2016-9425 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/21
-CVE-2016-9424
+CVE-2016-9424 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/12
-CVE-2016-9423
+CVE-2016-9423 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/9
-CVE-2016-9422
+CVE-2016-9422 (An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...)
 	- w3m 0.5.3-30
 	[jessie] - w3m 0.5.3-19+deb8u1
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/8
-CVE-2016-9401
+CVE-2016-9401 (popd in bash might allow local users to bypass the restricted shell an ...)
 	- bash 4.4-3 (bug #844727)
 	[jessie] - bash <no-dsa> (Minor issue)
 	[wheezy] - bash <no-dsa> (Minor issue)
 	NOTE: Upstream bash considers this issue only to be a bug.
 	NOTE: Proposed patch: https://lists.gnu.org/archive/html/bug-bash/2016-11/msg00116.html
 	NOTE: Fixed by (4.4): https://ftp.gnu.org/pub/gnu/bash/bash-4.4-patches/bash44-006
-CVE-2016-9399
+CVE-2016-9399 (The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remo ...)
 	- jasper <removed> (unimportant)
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00044-jasper-assert-calcstepsizes
 	NOTE: Negligible security impact
-CVE-2016-9398
+CVE-2016-9398 (The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 all ...)
 	- jasper <removed> (unimportant)
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00023-jasper-assert-jpc_floorlog2
 	NOTE: Negligible security impact
-CVE-2016-9397
+CVE-2016-9397 (The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows rem ...)
 	- jasper <removed> (unimportant)
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00010-jasper-assert-jpc_dequantize
 	NOTE: Negligible security impact
-CVE-2016-9396
+CVE-2016-9396 (The JPC_NOMINALGAIN function in jpc/jpc_t1cod.c in JasPer through 2.0. ...)
 	- jasper <removed> (unimportant)
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00004-jasper-assert-JPC_NOMINALGAIN
 	NOTE: Negligible security impact
-CVE-2016-9395
+CVE-2016-9395 (The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 a ...)
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/d42b2388f7f8e0332c846675133acea151fc557a
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00043-jasper-assert-jas_matrix_t
 	NOTE: Negligible security impact
-CVE-2016-9394
+CVE-2016-9394 (The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 a ...)
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00016-jasper-assert-jas_matrix_t
 	NOTE: Negligible security impact
-CVE-2016-9393
+CVE-2016-9393 (The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17  ...)
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00013-jasper-assert-jpc_pi_nextrpcl
 	NOTE: Negligible security impact
-CVE-2016-9392
+CVE-2016-9392 (The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allo ...)
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00012-jasper-assert-calcstepsizes
 	NOTE: Negligible security impact
-CVE-2016-9391
+CVE-2016-9391 (The jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 ...)
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/1e84674d95353c64e5c4c0e7232ae86fd6ea813b
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00014-jasper-assert-jpc_bitstream_getbits
 	NOTE: Negligible security impact
-CVE-2016-9390
+CVE-2016-9390 (The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 a ...)
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/ba2b9d000660313af7b692542afbd374c5685865
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00007-jasper-assert-jas_matrix_t
 	NOTE: Negligible security impact
-CVE-2016-9389
+CVE-2016-9389 (The jpc_irct and jpc_iict functions in jpc_mct.c in JasPer before 1.90 ...)
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/dee11ec440d7908d1daf69f40a3324b27cf213ba
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00006-jasper-assert-jpc_irct
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00008-jasper-assert-jpc_iict
 	NOTE: Negligible security impact
-CVE-2016-9388
+CVE-2016-9388 (The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows ...)
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/411a4068f8c464e883358bf403a3e25158863823
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00005-jasper-assert-ras_getcmap
 	NOTE: Negligible security impact
-CVE-2016-9387
+CVE-2016-9387 (Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/ ...)
 	- jasper <removed> (unimportant)
 	NOTE: Fix: https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf
 	NOTE: Testcase: https://github.com/asarubbo/poc/blob/master/00003-jasper-assert-jas_matrix_t
 	NOTE: Negligible security impact
-CVE-2016-9372
+CVE-2016-9372 (In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop exc ...)
 	- wireshark 2.2.2+g9c5aae3-1
 	[jessie] - wireshark <not-affected> (Only affects 2.2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.2.x)
 	NOTE: https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-58.html
-CVE-2016-9373
+CVE-2016-9373 (In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector c ...)
 	{DSA-3719-1 DLA-714-1}
 	- wireshark 2.2.2+g9c5aae3-1
 	NOTE: https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-61.html
-CVE-2016-9374
+CVE-2016-9374 (In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector  ...)
 	{DSA-3719-1 DLA-714-1}
 	- wireshark 2.2.2+g9c5aae3-1
 	NOTE: https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-59.html
-CVE-2016-9375
+CVE-2016-9375 (In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector coul ...)
 	{DSA-3719-1 DLA-714-1}
 	- wireshark 2.2.2+g9c5aae3-1
 	NOTE: https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-62.html
-CVE-2016-9376
+CVE-2016-9376 (In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector ...)
 	{DSA-3719-1 DLA-714-1}
 	- wireshark 2.2.2+g9c5aae3-1
 	NOTE: https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
@@ -4679,7 +4679,7 @@ CVE-2016-9323
 	REJECTED
 CVE-2016-9322
 	REJECTED
-CVE-2016-9400
+CVE-2016-9400 (The CClient::ProcessServerPacket method in engine/client/client.cpp in ...)
 	- teeworlds 0.6.4+dfsg-1 (bug #844546)
 	[jessie] - teeworlds <no-dsa> (Minor issue; can be fixed via point release)
 	[wheezy] - teeworlds <end-of-life> (Games are not supported in Wheezy)
@@ -4690,9 +4690,9 @@ CVE-2016-9321
 	RESERVED
 CVE-2016-9320
 	RESERVED
-CVE-2016-9319
+CVE-2016-9319 (There is Missing SSL Certificate Validation in the Trend Micro Enterpr ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-9318
+CVE-2016-9318 (libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and ot ...)
 	- libxml2 <unfixed> (bug #844581)
 	[stretch] - libxml2 <ignored> (Minor issue; intrusive to backport)
 	[jessie] - libxml2 <ignored> (Minor issue; intrusive to backport)
@@ -4703,35 +4703,35 @@ CVE-2016-9318
 	NOTE: behaviour is wanted. Not enforced by default.
 	NOTE: The option though was reverted in https://git.gnome.org/browse/libxml2/commit/?id=030b1f7a27c22f9237eddca49ec5e620b6258d7d
 	NOTE: New proposed/commited fix: https://git.gnome.org/browse/libxml2/commit/?id=ad88b54f1a28a8565964a370b5d387927b633c0d
-CVE-2016-9317
+CVE-2016-9317 (The gdImageCreate function in the GD Graphics Library (aka libgd) befo ...)
 	{DSA-3777-1 DLA-804-1}
 	- libgd2 2.2.4-1
 	NOTE: https://github.com/libgd/libgd/commit/6944ea10cb730d5071620439c6c2e823e6caeff1
 	NOTE: https://github.com/libgd/libgd/issues/340
-CVE-2016-9316
+CVE-2016-9316 (Multiple stored Cross-Site-Scripting (XSS) vulnerabilities in com.tren ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-9315
+CVE-2016-9315 (Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updat ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-9314
+CVE-2016-9314 (Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigB ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-9313
+CVE-2016-9313 (security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles un ...)
 	- linux 4.8.7-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/7df3e59c3d1df4f87fe874c7956ef7a3d2f4d5fb (v4.9-rc3)
 	NOTE: Introduced by: https://git.kernel.org/linus/13100a72f40f5748a04017e0ab3df4cf27c809ef (v4.7-rc1)
-CVE-2016-9312
+CVE-2016-9312 (ntpd in NTP before 4.2.8p9, when running on Windows, allows remote att ...)
 	- ntp <not-affected> (Only ntpd on Windows)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3110
 	NOTE: Only relevant for ntpd on Windows, but fixed source-wise in 1:4.2.8p9+dfsg-1
-CVE-2016-9311
+CVE-2016-9311 (ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows r ...)
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue, not vulnerable by default)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3119
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0204/
 	NOTE: Only affects configurations that do not have "restrict noquery", Debian's default config does have that restriction.
-CVE-2016-9310
+CVE-2016-9310 (The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9  ...)
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue, not vulnerable by default)
@@ -4742,15 +4742,15 @@ CVE-2016-9309
 	RESERVED
 CVE-2016-9308
 	RESERVED
-CVE-2016-9307
+CVE-2016-9307 (Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can al ...)
 	NOT-FOR-US: Autodesk
-CVE-2016-9306
+CVE-2016-9306 (Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can al ...)
 	NOT-FOR-US: Autodesk
-CVE-2016-9305
+CVE-2016-9305 (Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismat ...)
 	NOT-FOR-US: Autodesk
-CVE-2016-9304
+CVE-2016-9304 (Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can al ...)
 	NOT-FOR-US: Autodesk
-CVE-2016-9303
+CVE-2016-9303 (Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can al ...)
 	NOT-FOR-US: Autodesk
 CVE-2016-9295
 	RESERVED
@@ -4764,55 +4764,55 @@ CVE-2016-9290
 	RESERVED
 CVE-2016-9289
 	RESERVED
-CVE-2016-9288
+CVE-2016-9288 (In framework/modules/navigation/controllers/navigationController.php i ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9287
+CVE-2016-9287 (In /framework/modules/notfound/controllers/notfoundController.php of E ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9286
+CVE-2016-9286 (framework/modules/users/controllers/usersController.php in Exponent CM ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9285
+CVE-2016-9285 (framework/modules/addressbook/controllers/addressController.php in Exp ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9284
+CVE-2016-9284 (getUsersByJSON in framework/modules/users/controllers/usersController. ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9283
+CVE-2016-9283 (SQL Injection in framework/core/subsystems/expRouter.php in Exponent C ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9282
+CVE-2016-9282 (SQL Injection in framework/modules/search/controllers/searchController ...)
 	NOT-FOR-US: Exponent CMS
 CVE-2016-9281
 	RESERVED
 CVE-2016-9280
 	RESERVED
-CVE-2016-9277
+CVE-2016-9277 (Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note ...)
 	NOT-FOR-US: Samsung
-CVE-2016-9274
+CVE-2016-9274 (Untrusted search path vulnerability in Git 1.x for Windows allows loca ...)
 	NOT-FOR-US: Git-for-Windows (Git fork containing Windows-specific patches)
-CVE-2016-9272
+CVE-2016-9272 (A Blind SQL Injection Vulnerability in Exponent CMS through 2.4.0, wit ...)
 	NOT-FOR-US: Exponent CMS
 CVE-2016-9271
 	RESERVED
 CVE-2016-9270
 	RESERVED
-CVE-2016-9269
+CVE-2016-9269 (Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches i ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-9268
+CVE-2016-9268 (Unrestricted file upload vulnerability in the Blog appearance in the " ...)
 	- dotclear <removed>
 	NOTE: http://dev.dotclear.org/2.0/changeset/445e9ff79a1fa81033591761d6a340e219d159b2
 	NOTE: http://dev.dotclear.org/2.0/ticket/2214
 CVE-2016-9267
 	RESERVED
-CVE-2016-9263
+CVE-2016-9263 (WordPress through 4.8.2, when domain-based flashmediaelement.swf sandb ...)
 	{DLA-1151-1}
 	- wordpress 4.1+dfsg-1
 	NOTE: https://opnsec.com/2017/10/cve-2016-9263-unpatched-xsf-vulnerability-in-wordpress/
 	NOTE: flashmediaelement.swf removed from source tree starting in 4.1+dfsg-1
-CVE-2016-9447
+CVE-2016-9447 (The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote a ...)
 	{DSA-3713-1 DLA-712-1}
 	- gst-plugins-bad0.10 <removed>
 	NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html
-CVE-2016-9299
+CVE-2016-9299 (The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allow ...)
 	- jenkins <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/12/4
-CVE-2016-9298
+CVE-2016-9298 (Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c i ...)
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #844211)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
@@ -4824,7 +4824,7 @@ CVE-2016-9301
 	REJECTED
 CVE-2016-9302
 	REJECTED
-CVE-2016-9297
+CVE-2016-9297 (The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attacke ...)
 	{DSA-3762-1 DLA-716-1}
 	- tiff 4.0.7-1 (bug #844226)
 	- tiff3 <removed>
@@ -4838,48 +4838,48 @@ CVE-2016-9297
 	NOTE: introduce CVE-2016-9448 / http://bugzilla.maptools.org/show_bug.cgi?id=2593
 	NOTE: Fix in 4.0.7 is complete.
 	NOTE: Patch CVE-2016-9448: https://github.com/vadz/libtiff/commit/89406285f318ffad27af4b200204394b2ee6ba5e
-CVE-2016-9540
+CVE-2016-9540 (tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled im ...)
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <not-affected> (tiff3 not shipping tools)
 	NOTE: https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3
-CVE-2016-9539
+CVE-2016-9539 (tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readCon ...)
 	- tiff 4.0.7-1 (unimportant)
 	- tiff3 <not-affected> (tiff3 not shipping tools)
 	NOTE: https://github.com/vadz/libtiff/commit/ae9365db1b271b62b35ce018eac8799b1d5e8a53
 	NOTE: Crash in CLI tool, no security impact
-CVE-2016-9538
+CVE-2016-9538 (tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readCon ...)
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <not-affected> (tiff3 not shipping tools)
 	NOTE: https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f
-CVE-2016-9537
+CVE-2016-9537 (tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilit ...)
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <not-affected> (tiff3 not shipping tools)
 	NOTE: https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-c8b4b355f9b5c06d585b23138e1c185f
-CVE-2016-9536
+CVE-2016-9536 (tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilit ...)
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <not-affected> (tiff3 not shipping tools)
 	NOTE: https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-5173a9b3b48146e4fd86d7b9b346115e
-CVE-2016-9535
+CVE-2016-9535 (tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that  ...)
 	{DSA-3844-1 DLA-880-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1
 	NOTE: https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33
-CVE-2016-9534
+CVE-2016-9534 (tif_write.c in libtiff 4.0.6 has an issue in the error code path of TI ...)
 	{DSA-3762-1 DLA-880-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-5be5ce02d0dea67050d5b2a10102d1ba
-CVE-2016-9533
+CVE-2016-9533 (tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilitie ...)
 	{DSA-3762-1 DLA-880-1 DLA-795-1}
 	- tiff 4.0.7-1
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-bdc795f6afeb9558c1012b3cfae729ef
-CVE-2016-9532
+CVE-2016-9532 (Integer overflow in the writeBufferToSeparateStrips function in tiffcr ...)
 	{DSA-3762-1 DLA-716-1}
 	- tiff 4.0.7-1 (bug #844057)
 	- tiff3 <removed>
@@ -4887,33 +4887,33 @@ CVE-2016-9532
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2592
 	NOTE: Patch: https://github.com/vadz/libtiff/commit/21d39de1002a5e69caa0574b2cc05d795d6fbfad
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/11/14
-CVE-2016-9296
+CVE-2016-9296 (A null pointer dereference bug affects the 16.02 and many old versions ...)
 	- p7zip 16.02+dfsg-2 (unimportant; bug #844344)
 	[jessie] - p7zip <not-affected> (Vulnerable code with potential NULL pointer dereference introduced later)
 	[wheezy] - p7zip <not-affected> (Vulnerable code with potential NULL pointer dereference introduced later)
 	NOTE: https://sourceforge.net/p/p7zip/bugs/185/
 	NOTE: no security impact
-CVE-2016-9294
+CVE-2016-9294 (Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225 ...)
 	NOT-FOR-US: MuJS
-CVE-2016-9279
+CVE-2016-9279 (Use-after-free vulnerability in the Samsung Exynos fimg2d driver for A ...)
 	NOT-FOR-US: Samsung Exynos fimg2d driver for Android
-CVE-2016-9278
+CVE-2016-9278 (The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, o ...)
 	NOT-FOR-US: Samsung Exynos fimg2d driver for Android
-CVE-2016-9276
+CVE-2016-9276 (The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf bef ...)
 	- dwarfutils 20161124-1 (bug #844011)
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/
 	NOTE: https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-dwarf_get_aranges_list-dwarf_arange-c
 	NOTE: Same commit as for CVE-2016-9275. Needs the dwarf_arange.c part of the commit.
-CVE-2016-9275
+CVE-2016-9275 (Heap-based buffer overflow in the _dwarf_skim_forms function in libdwa ...)
 	- dwarfutils 20161124-1 (bug #844012)
 	[jessie] - dwarfutils <not-affected> (Vulnerable code not present)
 	[wheezy] - dwarfutils <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/
 	NOTE: https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-_dwarf_skim_forms-dwarf_macro5-c
 	NOTE: Same commit as for CVE-2016-9276. Needs the dwarf_macro5.c part of the commit.
-CVE-2016-9273
+CVE-2016-9273 (tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial o ...)
 	{DSA-3762-1 DLA-716-1}
 	- tiff 4.0.7-1 (bug #844013)
 	- tiff3 <removed>
@@ -4922,28 +4922,28 @@ CVE-2016-9273
 	NOTE: Patch: https://github.com/vadz/libtiff/commit/d651abc097d91fac57f33b5f9447d0a9183f58e7
 	NOTE: Can be reproduced with valgrind in wheezy with libtiff 4.0.2-6+deb7u7
 	NOTE: Can be reproduced with valgrind in jessie with libtiff 4.0.3-12.3+deb8u1
-CVE-2016-9261
+CVE-2016-9261 (Cross-site scripting (XSS) vulnerability in Tenable Log Correlation En ...)
 	NOT-FOR-US: Tenable Log Correlation Engine
-CVE-2016-9260
+CVE-2016-9260 (Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9  ...)
 	NOT-FOR-US: Nessus
-CVE-2016-9259
+CVE-2016-9259 (Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9. ...)
 	NOT-FOR-US: Nessus
-CVE-2016-9266
+CVE-2016-9266 (listmp3.c in libming 0.4.7 allows remote attackers to unspecified impa ...)
 	{DLA-799-1}
 	- ming <removed> (bug #843928)
 	NOTE: https://blogs.gentoo.org/ago/2016/11/09/libming-listmp3-left-shift-in-listmp3-c
 	NOTE: https://github.com/libming/libming/issues/53
-CVE-2016-9265
+CVE-2016-9265 (The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remo ...)
 	{DLA-799-1}
 	- ming <removed> (bug #843928)
 	NOTE: https://blogs.gentoo.org/ago/2016/11/09/libming-listmp3-divide-by-zero-in-printmp3headers-list
 	NOTE: https://github.com/libming/libming/issues/52
-CVE-2016-9264
+CVE-2016-9264 (Buffer overflow in the printMP3Headers function in listmp3.c in Libmin ...)
 	{DLA-799-1}
 	- ming <removed> (bug #843928)
 	NOTE: https://blogs.gentoo.org/ago/2016/11/07/libming-listmp3-global-buffer-overflow-in-printmp3headers-listmp3-c
 	NOTE: https://github.com/libming/libming/issues/51
-CVE-2016-9262
+CVE-2016-9262 (Multiple integer overflows in the (1) jas_realloc function in base/jas ...)
 	- jasper <removed>
 	[jessie] - jasper <not-affected> (Vulnerable code introduced later)
 	[wheezy] - jasper <not-affected> (Vulnerable code introduced later)
@@ -4954,42 +4954,42 @@ CVE-2016-9262
 	NOTE: https://blogs.gentoo.org/ago/2016/11/07/jasper-use-after-free-in-jas_realloc-jas_malloc-c
 CVE-2016-9258
 	REJECTED
-CVE-2016-9257
+CVE-2016-9257 (In F5 BIG-IP APM 12.0.0 through 12.1.2, non-authenticated users may be ...)
 	NOT-FOR-US: F5
-CVE-2016-9256
+CVE-2016-9256 (In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl c ...)
 	NOT-FOR-US: F5
 CVE-2016-9255
 	REJECTED
 CVE-2016-9254
 	REJECTED
-CVE-2016-9253
+CVE-2016-9253 (In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic pattern ...)
 	NOT-FOR-US: F5
-CVE-2016-9252
+CVE-2016-9252 (The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-9251
+CVE-2016-9251 (In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be a ...)
 	NOT-FOR-US: F5
-CVE-2016-9250
+CVE-2016-9250 (In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, ...)
 	NOT-FOR-US: F5
-CVE-2016-9249
+CVE-2016-9249 (An undisclosed traffic pattern received by a BIG-IP Virtual Server wit ...)
 	NOT-FOR-US: F5
 CVE-2016-9248
 	REJECTED
-CVE-2016-9247
+CVE-2016-9247 (Under certain conditions for BIG-IP systems using a virtual server wit ...)
 	NOT-FOR-US: F5
 CVE-2016-9246
 	REJECTED
-CVE-2016-9245
+CVE-2016-9245 (In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtu ...)
 	NOT-FOR-US: F5
-CVE-2016-9244
+CVE-2016-9244 (A BIG-IP virtual server configured with a Client SSL profile that has  ...)
 	NOT-FOR-US: F5 TLS stack
 	NOTE: https://ticketbleed.com/
-CVE-2016-9243
+CVE-2016-9243 (HKDF in cryptography before 1.5.2 returns an empty byte-string if used ...)
 	- python-cryptography 1.5.3-1
 	[jessie] - python-cryptography 0.6.1-1+deb8u1
 	NOTE: Upstream bug: https://github.com/pyca/cryptography/issues/3211
 	NOTE: Upstream commit: https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/08/6
-CVE-2016-9242
+CVE-2016-9242 (Multiple SQL injection vulnerabilities in the update method in framewo ...)
 	NOT-FOR-US: Exponent CMS
 CVE-2016-9241
 	REJECTED
@@ -5023,114 +5023,114 @@ CVE-2016-9227
 	REJECTED
 CVE-2016-9226
 	REJECTED
-CVE-2016-9225
+CVE-2016-9225 (A vulnerability in the data plane IP fragment handler of the Cisco Ada ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2016-9224
+CVE-2016-9224 (A vulnerability in the Cisco Jabber Guest Server could allow an unauth ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9223
+CVE-2016-9223 (A vulnerability in the Docker Engine configuration of Cisco CloudCente ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9222
+CVE-2016-9222 (A vulnerability in the web-based management interface of Cisco NetFlow ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9221
+CVE-2016-9221 (A Denial of Service Vulnerability in 802.11 ingress connection authent ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9220
+CVE-2016-9220 (A Denial of Service Vulnerability in 802.11 ingress packet processing  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9219
+CVE-2016-9219 (A vulnerability with IPv6 UDP ingress packet processing in Cisco Wirel ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9218
+CVE-2016-9218 (A vulnerability in Cisco Hybrid Meeting Server could allow an unauthen ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9217
+CVE-2016-9217 (A vulnerability in Cisco Intercloud Fabric for Business and Cisco Inte ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9216
+CVE-2016-9216 (An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr  ...)
 	NOT-FOR-US: Cisco ASR 5000
-CVE-2016-9215
+CVE-2016-9215 (A vulnerability in Cisco IOS XR Software could allow an authenticated, ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9214
+CVE-2016-9214 (Cisco Identity Services Engine (ISE) contains a vulnerability that cou ...)
 	NOT-FOR-US: Cisco
 CVE-2016-9213
 	REJECTED
-CVE-2016-9212
+CVE-2016-9212 (A vulnerability in the Decrypt for End-User Notification configuration ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9211
+CVE-2016-9211 (A vulnerability in TCP port management in Cisco ONS 15454 Series Multi ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9210
+CVE-2016-9210 (A vulnerability in the Cisco Unified Reporting upload tool accessed vi ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9209
+CVE-2016-9209 (A vulnerability in TCP processing in Cisco FirePOWER system software c ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9208
+CVE-2016-9208 (A vulnerability in the File Management Utility, the Download File form ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9207
+CVE-2016-9207 (A vulnerability in the HTTP traffic server component of Cisco Expressw ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9206
+CVE-2016-9206 (A vulnerability in the ccmadmin page of Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9205
+CVE-2016-9205 (A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9204
+CVE-2016-9204 (A vulnerability in the Cisco Intercloud Fabric (ICF) Director could al ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9203
+CVE-2016-9203 (A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9202
+CVE-2016-9202 (A vulnerability in the web-based management interface of Cisco Email S ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9201
+CVE-2016-9201 (A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9200
+CVE-2016-9200 (A vulnerability in the web framework code of Cisco Prime Collaboration ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9199
+CVE-2016-9199 (A vulnerability in the Cisco application-hosting framework (CAF) of Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9198
+CVE-2016-9198 (A vulnerability in the Active Directory integration component of Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9197
+CVE-2016-9197 (A vulnerability in the CLI command parser of the Cisco Mobility Expres ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9196
+CVE-2016-9196 (A vulnerability in login authentication management in Cisco Aironet 18 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9195
+CVE-2016-9195 (A vulnerability in RADIUS Change of Authorization (CoA) request proces ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9194
+CVE-2016-9194 (A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9193
+CVE-2016-9193 (A vulnerability in the malicious file detection and blocking features  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9192
+CVE-2016-9192 (A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows ...)
 	NOT-FOR-US: Cisco
-CVE-2016-9191
+CVE-2016-9191 (The cgroup offline implementation in the Linux kernel through 4.8.11 m ...)
 	{DSA-3791-1}
 	- linux 4.9.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.11-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/93362fa47fe98b62e4a34ab408c4a418432e7939 (v4.10-rc4)
 	NOTE: Introduced by: https://git.kernel.org/linus/f0c3b5093addc8bfe9fe3a5b01acb7ec7969eafa (v3.11-rc1)
-CVE-2016-9190
+CVE-2016-9190 (Pillow before 3.3.2 allows context-dependent attackers to execute arbi ...)
 	{DSA-3710-1 DLA-705-1}
 	- pillow 3.4.2-1
 	- python-imaging <removed>
 	NOTE: https://github.com/python-pillow/Pillow/issues/2105
 	NOTE: https://github.com/python-pillow/Pillow/pull/2146/commits/5d8a0be45aad78c5a22c8d099118ee26ef8144af
-CVE-2016-9189
+CVE-2016-9189 (Pillow before 3.3.2 allows context-dependent attackers to obtain sensi ...)
 	{DSA-3710-1 DLA-705-1}
 	- pillow 3.4.2-1
 	- python-imaging <removed>
 	NOTE: https://github.com/python-pillow/Pillow/issues/2105
 	NOTE: https://github.com/python-pillow/Pillow/pull/2146/commits/c50ebe6459a131a1ea8ca531f10da616d3ceaa0f
-CVE-2016-9188
+CVE-2016-9188 (Cross-site scripting (XSS) vulnerabilities in Moodle CMS on or before  ...)
 	NOTE: Moodle upstream does not believe it is a security vulnerability and the reporter
 	NOTE: did not followed up on requests from upstream to provide clarification, cf. #851405
-CVE-2016-9187
+CVE-2016-9187 (Unrestricted file upload vulnerability in the double extension support ...)
 	NOTE: Moodle upstream does not believe it is a security vulnerability and the reporter
 	NOTE: did not followed up on requests from upstream to provide clarification, cf. #851405
-CVE-2016-9186
+CVE-2016-9186 (Unrestricted file upload vulnerability in the "legacy course files" an ...)
 	NOTE: Moodle upstream does not believe it is a security vulnerability and the reporter
 	NOTE: did not followed up on requests from upstream to provide clarification, cf. #851405
-CVE-2016-9185
+CVE-2016-9185 (In OpenStack Heat, by launching a new Heat stack with a local URL an a ...)
 	- heat 1:7.0.0-2 (bug #843232)
 	[jessie] - heat <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/ossa/+bug/1606500
-CVE-2016-9184
+CVE-2016-9184 (In /framework/modules/core/controllers/expHTMLEditorController.php of  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9183
+CVE-2016-9183 (In /framework/modules/ecommerce/controllers/orderController.php of Exp ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9182
+CVE-2016-9182 (Exponent CMS 2.4 uses PHP reflection to call a method of a controller  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9177
+CVE-2016-9177 (Directory traversal vulnerability in Spark 2.5 allows remote attackers ...)
 	NOT-FOR-US: Spark (sparkjava)
-CVE-2016-9176
+CVE-2016-9176 (Stack buffer overflow in the send.exe and receive.exe components of Mi ...)
 	NOT-FOR-US: Micro Focus Rumba
 CVE-2016-9175
 	REJECTED
@@ -5144,17 +5144,17 @@ CVE-2016-9171
 	REJECTED
 CVE-2016-9170
 	REJECTED
-CVE-2016-9169
+CVE-2016-9169 (A reflected XSS vulnerability exists in the web console of the Documen ...)
 	NOT-FOR-US: Novell
-CVE-2016-9168
+CVE-2016-9168 (A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in ...)
 	NOT-FOR-US: Novell
-CVE-2016-9167
+CVE-2016-9167 (NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP  ...)
 	NOT-FOR-US: Novell
-CVE-2016-9166
+CVE-2016-9166 (NetIQ eDirectory versions prior to 9.0.2, under some circumstances, co ...)
 	TODO: check
-CVE-2016-9165
+CVE-2016-9165 (The get_sessions servlet in CA Unified Infrastructure Management (form ...)
 	NOT-FOR-US: CA Unified Infrastructure Management
-CVE-2016-9164
+CVE-2016-9164 (Directory traversal vulnerability in diag.jsp file in CA Unified Infra ...)
 	NOT-FOR-US: CA Unified Infrastructure Management
 CVE-2016-9163
 	REJECTED
@@ -5162,41 +5162,41 @@ CVE-2016-9162
 	REJECTED
 CVE-2016-9161
 	REJECTED
-CVE-2016-9160
+CVE-2016-9160 (A vulnerability in SIEMENS SIMATIC WinCC (All versions &lt; SIMATIC Wi ...)
 	NOT-FOR-US: Siemens SIMATIC WinCC
-CVE-2016-9159
+CVE-2016-9159 (A vulnerability has been identified in SIMATIC S7-300 CPU family, SIMA ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2016-9158
+CVE-2016-9158 (A vulnerability has been identified in SIMATIC S7-300 CPU family, SIMA ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2016-9157
+CVE-2016-9157 (A vulnerability in Siemens SICAM PAS (all versions before V8.09) could ...)
 	NOT-FOR-US: Siemens SICAM PAS
-CVE-2016-9156
+CVE-2016-9156 (A vulnerability in Siemens SICAM PAS (all versions before V8.09) could ...)
 	NOT-FOR-US: Siemens SICAM PAS
-CVE-2016-9155
+CVE-2016-9155 (The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR,  ...)
 	NOT-FOR-US: Siemens
-CVE-2016-9154
+CVE-2016-9154 (Siemens Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 for Desigo  ...)
 	NOT-FOR-US: Siemens Desigo PX
 CVE-2016-9153
 	RESERVED
-CVE-2016-9152
+CVE-2016-9152 (Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in ...)
 	{DLA-738-1}
 	- spip 3.1.4-2 (bug #847156)
 	[jessie] - spip 3.0.17-2+deb8u3
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23290
-CVE-2016-9151
+CVE-2016-9151 (Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x be ...)
 	NOT-FOR-US: PAN-OS
-CVE-2016-9150
+CVE-2016-9150 (Buffer overflow in the management web interface in Palo Alto Networks  ...)
 	NOT-FOR-US: PAN-OS
-CVE-2016-9149
+CVE-2016-9149 (The Addresses Object parser in Palo Alto Networks PAN-OS before 5.0.20 ...)
 	NOT-FOR-US: PAN-OS
-CVE-2016-9148
+CVE-2016-9148 (Cross-site scripting (XSS) vulnerability in CA Service Desk Manager (f ...)
 	NOT-FOR-US: CA Service Desk Manager
-CVE-2016-9147
+CVE-2016-9147 (named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows  ...)
 	{DSA-3758-1 DLA-805-1}
 	[experimental] - bind9 1:9.10.4-P5-1
 	- bind9 1:9.10.3.dfsg.P4-11 (bug #851063)
 	NOTE: https://kb.isc.org/article/AA-01440/0
-CVE-2016-9179
+CVE-2016-9179 (lynx: It was found that Lynx doesn't parse the authority component of  ...)
 	{DLA-719-1}
 	- lynx 2.8.9dev11-1 (bug #843258)
 	- lynx-cur <removed>
@@ -5204,7 +5204,7 @@ CVE-2016-9179
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/03/4
 	NOTE: Slight mitigation and documentation improvement was done in 2.8.9dev.10 upstream
 	NOTE: the uplaod to unstable as 2.8.9dev10-1
-CVE-2016-9644
+CVE-2016-9644 (The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the L ...)
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: No incorrect backport of CVE-2016-9178 done in Debian
 	NOTE: This is only an issue if 1c109fabbd51863475cd12ac206bdd249aee35af
@@ -5213,7 +5213,7 @@ CVE-2016-9644
 	NOTE: src:linux was never affected. 1c109fabbd5 also wasn't backported to
 	NOTE: the 3.2 and 3.16 LTS series
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/03/2
-CVE-2016-9178
+CVE-2016-9178 (The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the L ...)
 	{DLA-772-1}
 	- linux 4.7.5-1
 	[jessie] - linux 3.16.39-1
@@ -5231,7 +5231,7 @@ CVE-2016-9142
 	REJECTED
 CVE-2016-9141
 	REJECTED
-CVE-2016-9181
+CVE-2016-9181 (perl-Image-Info: When parsing an SVG file, external entity expansion ( ...)
 	- libimage-info-perl 1.39-1 (bug #842891)
 	[jessie] - libimage-info-perl <no-dsa> (Minor issue)
 	[wheezy] - libimage-info-perl <no-dsa> (Minor issue)
@@ -5245,7 +5245,7 @@ CVE-2016-9181
 	NOTE: so as a workaround the underlying SAX parser is fixed to
 	NOTE: XML::SAX::PurePerl which is uncapable of processing external entities
 	NOTE: but unfortunately it is also a slow parser.
-CVE-2016-9180
+CVE-2016-9180 (perl-XML-Twig: The option to `expand_external_ents`, documented as con ...)
 	- libxml-twig-perl <unfixed> (low; bug #842893)
 	[stretch] - libxml-twig-perl <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - libxml-twig-perl <no-dsa> (Minor issue; can be fixed via point release)
@@ -5255,158 +5255,158 @@ CVE-2016-9180
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/02/1
 	NOTE: Release 3.50 adds a no_xxe flag which will fail to parse files with external entities.
 	NOTE: 2016-12-13: The corresponding changes is not in the public git repository yet: https://github.com/mirod/xmltwig/commits/master
-CVE-2016-9136
+CVE-2016-9136 (Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8 ...)
 	NOT-FOR-US: MuJS
-CVE-2016-9135
+CVE-2016-9135 (Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/fra ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9134
+CVE-2016-9134 (Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/exp ...)
 	NOT-FOR-US: Exponent CMS
 CVE-2016-9133
 	RESERVED
-CVE-2016-9132
+CVE-2016-9132 (In Botan 1.8.0 through 1.11.33, when decoding BER data an integer over ...)
 	{DLA-786-1}
 	- botan1.10 1.10.14-1
 	[jessie] - botan1.10 <ignored> (Minor issue, not believed to be exploitable in practice)
 	NOTE: Fixed in 1.10.14 and 1.11.34, all prior versions affected.
 	NOTE: Fixed by: https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f
-CVE-2016-9131
+CVE-2016-9131 (named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9. ...)
 	{DSA-3758-1 DLA-805-1}
 	[experimental] - bind9 1:9.10.4-P5-1
 	- bind9 1:9.10.3.dfsg.P4-11 (bug #851065)
 	NOTE: https://kb.isc.org/article/AA-01439/0
-CVE-2016-9130
+CVE-2016-9130 (Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9129
+CVE-2016-9129 (Revive Adserver before 3.2.3 suffers from Information Exposure Through ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9128
+CVE-2016-9128 (Revive Adserver before 3.2.3 suffers from reflected XSS. The affiliate ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9127
+CVE-2016-9127 (Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery ( ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9126
+CVE-2016-9126 (Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames ar ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9125
+CVE-2016-9125 (Revive Adserver before 3.2.3 suffers from session fixation, by allowin ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9124
+CVE-2016-9124 (Revive Adserver before 3.2.3 suffers from Improper Restriction of Exce ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2016-9123
+CVE-2016-9123 (go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bi ...)
 	- golang-gopkg-square-go-jose.v1 1.0.5-1
-CVE-2016-9122
+CVE-2016-9122 (go-jose before 1.0.4 suffers from multiple signatures exploitation. Th ...)
 	- golang-gopkg-square-go-jose.v1 1.0.5-1
-CVE-2016-9121
+CVE-2016-9121 (go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH ...)
 	- golang-gopkg-square-go-jose.v1 1.0.5-1
 CVE-2016-9140
 	REJECTED
-CVE-2016-9139
+CVE-2016-9139 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
 	{DLA-787-1}
 	- otrs2 5.0.14-1 (bug #843091)
 	[jessie] - otrs2 3.3.18-1+deb8u1
 	NOTE: https://community.otrs.com/security-advisory-2016-02-security-update-otrs
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/01/5
 	NOTE: upstream fix likely https://github.com/OTRS/otrs/commit/6578a8bcf82529461302291ab3fcb500363b005a
-CVE-2016-9120
+CVE-2016-9120 (Race condition in the ion_ioctl function in drivers/staging/android/io ...)
 	- linux 4.6.1-1 (unimportant)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/9590232bb4f4cc824f3425a6e1349afbe6d6d2b7 (v4.6-rc1)
-CVE-2016-9119
+CVE-2016-9119 (Cross-site scripting (XSS) vulnerability in the link dialogue in GUI e ...)
 	{DSA-3715-1 DLA-717-1}
 	- moin 1.9.9-1 (bug #844338)
 	NOTE: Fixed by: http://hg.moinmo.in/moin/1.9/rev/3bddf075fdbd
-CVE-2016-9118
+CVE-2016-9118 (Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of conve ...)
 	{DSA-4013-1}
 	- openjpeg2 2.1.2-1.2 (bug #844557)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/861
 	NOTE: https://github.com/uclouvain/openjpeg/commit/c22cbd8bdf8ff2ae372f94391a4be2d322b36b41
-CVE-2016-9117
+CVE-2016-9117 (NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in O ...)
 	- openjpeg2 <unfixed> (unimportant; bug #844556)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/860
 	NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-9116
+CVE-2016-9116 (NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in O ...)
 	- openjpeg2 <unfixed> (unimportant; bug #844555)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/859
 	NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-9115
+CVE-2016-9115 (Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in  ...)
 	- openjpeg2 <unfixed> (unimportant; bug #844554)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/858
 	NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-9114
+CVE-2016-9114 (There is a NULL Pointer Access in function imagetopnm of convert.c:194 ...)
 	- openjpeg2 <unfixed> (unimportant; bug #844553)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/857
 	NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-9113
+CVE-2016-9113 (There is a NULL pointer dereference in function imagetobmp of convertb ...)
 	- openjpeg2 <unfixed> (unimportant; bug #844552)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/856
 	NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-9112
+CVE-2016-9112 (Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cp ...)
 	- openjpeg2 2.1.2-1.2 (bug #844551)
 	[stretch] - openjpeg2 <no-dsa> (Minor issue)
 	[jessie] - openjpeg2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/d27ccf01c68a31ad62b33d2dc1ba2bb1eeaafe7b
 	NOTE: https://github.com/uclouvain/openjpeg/issues/855
-CVE-2016-9111
+CVE-2016-9111 (Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4. ...)
 	NOT-FOR-US: Citrix
 CVE-2016-9110
 	RESERVED
-CVE-2016-9100
+CVE-2016-9100 (Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7  ...)
 	NOT-FOR-US: Symantec
-CVE-2016-9099
+CVE-2016-9099 (Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1,  ...)
 	NOT-FOR-US: Symantec
 CVE-2016-9098
 	REJECTED
-CVE-2016-9097
+CVE-2016-9097 (The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, Proxy ...)
 	NOT-FOR-US: Symantec
 CVE-2016-9096
 	REJECTED
 CVE-2016-9095
 	REJECTED
-CVE-2016-9094
+CVE-2016-9094 (Symantec Endpoint Protection clients place detected malware in quarant ...)
 	NOT-FOR-US: Symantec
-CVE-2016-9093
+CVE-2016-9093 (A version of the SymEvent Driver that shipped with Symantec Endpoint P ...)
 	NOT-FOR-US: Symantec
-CVE-2016-9092
+CVE-2016-9092 (The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail ...)
 	NOT-FOR-US: Symantec
-CVE-2016-9091
+CVE-2016-9091 (Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content ...)
 	NOT-FOR-US: Blue Coat Advanced Secure Gateway
 CVE-2016-9090
 	RESERVED
 CVE-2016-9089
 	RESERVED
-CVE-2016-9109
+CVE-2016-9109 (Artifex Software MuJS allows attackers to cause a denial of service (c ...)
 	NOT-FOR-US: MuJS
-CVE-2016-9108
+CVE-2016-9108 (Integer overflow in the js_regcomp function in regexp.c in Artifex Sof ...)
 	NOT-FOR-US: MuJS
-CVE-2016-9107
+CVE-2016-9107 (The OTR plugin for Gajim sends information in cleartext when using XHT ...)
 	- gajim-otr <itp> (bug #722130)
 	NOTE: Upstream bug: https://trac-plugins.gajim.org/ticket/145
 	NOTE: Upstream fix: https://trac-plugins.gajim.org/changeset/c7c2e519ed63377bc943dd01c4661b0fe49321ae
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/30/2
-CVE-2016-9106
+CVE-2016-9106 (Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Qu ...)
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #842463)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02623.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/4
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=fdfcc9aeea1492f4b819a24c94dfb678145b1bf9
-CVE-2016-9105
+CVE-2016-9105 (Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Qui ...)
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #842463)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02608.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/3
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=4c1586787ff43c9acd18a56c12d720e3e6be9f7c
-CVE-2016-9104
+CVE-2016-9104 (Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xat ...)
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #842463)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02942.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/2
-CVE-2016-9103
+CVE-2016-9103 (The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emula ...)
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #842463)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01790.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/28/1
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=eb687602853b4ae656e9236ee4222609f3a6887d
-CVE-2016-9102
+CVE-2016-9102 (Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU ( ...)
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #842463)
 	- qemu-kvm <removed>
@@ -5414,7 +5414,7 @@ CVE-2016-9102
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1389550
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/27/15
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ff55e94d23ae94c8628b0115320157c763eb3e06
-CVE-2016-9101
+CVE-2016-9101 (Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows l ...)
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #842455)
 	- qemu-kvm <removed>
@@ -5424,38 +5424,38 @@ CVE-2016-9101
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=2634ab7fe29b3f75d0865b719caf8f310d634aae (v2.8.0-rc0)
 CVE-2016-9088
 	RESERVED
-CVE-2016-9087
+CVE-2016-9087 (SQL injection vulnerability in framework/modules/filedownloads/control ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9086
+CVE-2016-9086 (GitLab versions 8.9.x and above contain a critical security flaw in th ...)
 	- gitlab 8.13.3+dfsg1-2 (bug #843519)
 	NOTE: https://hackerone.com/reports/178152
 	NOTE: https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/
-CVE-2016-9081
+CVE-2016-9081 (Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, passwo ...)
 	NOT-FOR-US: Joomla!
-CVE-2016-9080
+CVE-2016-9080 (Memory safety bugs were reported in Firefox 50.0.2. Some of these bugs ...)
 	- firefox 50.1.0-1
 	- firefox-esr <not-affected> (Only affects Firefox 50.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/#CVE-2016-9080
-CVE-2016-9079
+CVE-2016-9079 (A use-after-free vulnerability in SVG Animation has been discovered. A ...)
 	{DSA-3730-1 DSA-3728-1 DLA-752-1 DLA-730-1}
 	- firefox 50.0.2-1
 	- firefox-esr 45.5.1esr-1
 	- icedove 1:45.5.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/#CVE-2016-9079
-CVE-2016-9078
+CVE-2016-9078 (Redirection from an HTTP connection to a "data:" URL assigns the refer ...)
 	- firefox 50.0.2-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-91/
-CVE-2016-9077
+CVE-2016-9077 (Canvas allows the use of the "feDisplacementMap" filter on images load ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9076
+CVE-2016-9076 (An issue where a "&lt;select&gt;" dropdown menu can be used to cover l ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9075
+CVE-2016-9075 (An issue where WebExtensions can use the mozAddonManager API to elevat ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9074
+CVE-2016-9074 (An existing mitigation of timing side-channel attacks is insufficient  ...)
 	{DSA-3730-1 DSA-3716-1 DLA-759-1 DLA-752-1}
 	- nss 2:3.26.2-1
 	[jessie] - nss <no-dsa> (Minor issue, can be fixed in point release or future DSA)
@@ -5463,47 +5463,47 @@ CVE-2016-9074
 	- firefox-esr 45.5.0esr-1
 	- icedove 1:45.5.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-90/#CVE-2016-9074
-CVE-2016-9073
+CVE-2016-9073 (WebExtensions can bypass security checks to load privileged URLs and p ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9072
+CVE-2016-9072 (When a new Firefox profile is created on 64-bit Windows installations, ...)
 	- firefox <not-affected> (Only affects Firefox on Windows 64bit)
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9071
+CVE-2016-9071 (Content Security Policy combined with HTTP to HTTPS redirection can be ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9070
+CVE-2016-9070 (A maliciously crafted page loaded to the sidebar through a bookmark ca ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9069
+CVE-2016-9069 (A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operatio ...)
 	- firefox 50.0-1
-CVE-2016-9068
+CVE-2016-9068 (A use-after-free during web animations when working with timelines res ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9067
+CVE-2016-9067 (Two use-after-free errors during DOM operations resulting in potential ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-9066
+CVE-2016-9066 (A buffer overflow resulting in a potentially exploitable crash due to  ...)
 	{DSA-3730-1 DSA-3716-1 DLA-752-1 DLA-730-1}
 	- firefox 50.0-1
 	- firefox-esr 45.5.0esr-1
 	- icedove 1:45.5.0-1
-CVE-2016-9065
+CVE-2016-9065 (The location bar in Firefox for Android can be spoofed by forcing a us ...)
 	- firefox <not-affected> (Only affects Firefox on Android)
-CVE-2016-9064
+CVE-2016-9064 (Add-on updates failed to verify that the add-on ID inside the signed p ...)
 	{DSA-3716-1 DLA-730-1}
 	- firefox 50.0-1
 	- firefox-esr 45.5.0esr-1
-CVE-2016-9063
+CVE-2016-9063 (An integer overflow during the parsing of XML using the Expat library. ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
 	- expat 2.2.0-2
 	[jessie] - expat 2.1.0-6+deb8u4
 	[wheezy] - expat <no-dsa> (Minor issue)
 	NOTE: Expat upstream fix: https://github.com/libexpat/libexpat/commit/d4f735b88d9932bd5039df2335eefdd0723dbe20
-CVE-2016-9062
+CVE-2016-9062 (Private browsing mode leaves metadata information, such as URLs, for s ...)
 	- firefox <not-affected> (Only affects Firefox on Android)
-CVE-2016-9061
+CVE-2016-9061 (A previously installed malicious Android application which defines a s ...)
 	- firefox <not-affected> (Only affects Firefox on Android)
 CVE-2016-9060
 	REJECTED
@@ -5517,31 +5517,31 @@ CVE-2016-9056
 	REJECTED
 CVE-2016-9055
 	REJECTED
-CVE-2016-9054
+CVE-2016-9054 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Aerospike Database
-CVE-2016-9053
+CVE-2016-9053 (An exploitable out-of-bounds indexing vulnerability exists within the  ...)
 	NOT-FOR-US: Aerospike Database
-CVE-2016-9052
+CVE-2016-9052 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Aerospike Database
-CVE-2016-9051
+CVE-2016-9051 (An exploitable out-of-bounds write vulnerability exists in the batch t ...)
 	NOT-FOR-US: Aerospike Database
-CVE-2016-9050
+CVE-2016-9050 (An exploitable out-of-bounds read vulnerability exists in the client m ...)
 	NOT-FOR-US: Aerospike Database
-CVE-2016-9049
+CVE-2016-9049 (An exploitable denial-of-service vulnerability exists in the fabric-wo ...)
 	NOT-FOR-US: Aerospike Database
-CVE-2016-9048
+CVE-2016-9048 (Multiple exploitable SQL Injection vulnerabilities exists in ProcessMa ...)
 	NOT-FOR-US: ProcessMaker Enterprise Core
 CVE-2016-9047
 	RESERVED
 CVE-2016-9046
 	RESERVED
-CVE-2016-9045
+CVE-2016-9045 (A code execution vulnerability exists in ProcessMaker Enterprise Core  ...)
 	NOT-FOR-US: ProcessMaker Enterprise Core
-CVE-2016-9044
+CVE-2016-9044 (An exploitable command execution vulnerability exists in Information B ...)
 	NOT-FOR-US: Information Builders WebFOCUS Business Intelligence Porta
-CVE-2016-9043
+CVE-2016-9043 (An out of bound write vulnerability exists in the EMF parsing function ...)
 	NOT-FOR-US: CorelDRAW X8
-CVE-2016-9042
+CVE-2016-9042 (An exploitable denial of service vulnerability exists in the origin ti ...)
 	- ntp 1:4.2.8p10+dfsg-1
 	[jessie] - ntp <not-affected> (Doesn't use the affected upstream patch)
 	[wheezy] - ntp <not-affected> (Doesn't use the affected upstream patch)
@@ -5553,19 +5553,19 @@ CVE-2016-9042
 	NOTE: http://pkgs.fedoraproject.org/cgit/rpms/ntp.git/tree/ntp-4.2.6p5-cve-2015-8138.patch?h=f24
 CVE-2016-9041
 	REJECTED
-CVE-2016-9040
+CVE-2016-9040 (An exploitable denial of service exists in the the Joyent SmartOS OS 2 ...)
 	NOT-FOR-US: Joyent
-CVE-2016-9039
+CVE-2016-9039 (An exploitable denial of service exists in the Joyent SmartOS 20161110 ...)
 	NOT-FOR-US: Joyent
-CVE-2016-9038
+CVE-2016-9038 (An exploitable double fetch vulnerability exists in the SboxDrv.sys dr ...)
 	NOT-FOR-US: Invincea-X
-CVE-2016-9037
+CVE-2016-9037 (An exploitable out-of-bounds array access vulnerability exists in the  ...)
 	- tarantool 1.7.2.385.g952d79e-1
 	[jessie] - tarantool <not-affected> (Vulnerable code not present)
 	[wheezy] - tarantool <not-affected> (Not vulnerable)
 	NOTE: https://github.com/tarantool/tarantool/issues/1992
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0255/
-CVE-2016-9036
+CVE-2016-9036 (An exploitable incorrect return value vulnerability exists in the mp_c ...)
 	- msgpuck 1.0.3-1.1 (bug #849212)
 	NOTE: https://github.com/rtsisyk/msgpuck/issues/12
 	- tarantool 1.7.2.385.g952d79e-1
@@ -5573,17 +5573,17 @@ CVE-2016-9036
 	[wheezy] - tarantool <not-affected> (Not vulnerable)
 	NOTE: https://github.com/tarantool/tarantool/issues/1991
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0254/
-CVE-2016-9035
+CVE-2016-9035 (An exploitable buffer overflow exists in the Joyent SmartOS 20161110T0 ...)
 	NOT-FOR-US: Joyent SmartOS
-CVE-2016-9034
+CVE-2016-9034 (An exploitable buffer overflow exists in the Joyent SmartOS 20161110T0 ...)
 	NOT-FOR-US: Joyent SmartOS
-CVE-2016-9033
+CVE-2016-9033 (An exploitable buffer overflow exists in the Joyent SmartOS 20161110T0 ...)
 	NOT-FOR-US: Joyent SmartOS
-CVE-2016-9032
+CVE-2016-9032 (An exploitable buffer overflow exists in the Joyent SmartOS 20161110T0 ...)
 	NOT-FOR-US: Joyent SmartOS
-CVE-2016-9031
+CVE-2016-9031 (An exploitable integer overflow exists in the Joyent SmartOS 20161110T ...)
 	NOT-FOR-US: Joyent SmartOS
-CVE-2016-9085
+CVE-2016-9085 (Multiple integer overflows in libwebp allows attackers to have unspeci ...)
 	- libwebp <unfixed> (unimportant; bug #842714)
 	[wheezy] - libwebp <not-affected> (vulnerable code not present)
 	NOTE: https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83
@@ -5592,19 +5592,19 @@ CVE-2016-9085
 	NOTE: Origin of the file seems to be from libav
 	NOTE: 0.5.1-3 claims the upload fixed CVE-2016-8888 and CVE-2016-9085 but the taken patches
 	NOTE: look different, needs further investigation before marking as fixed
-CVE-2016-9084
+CVE-2016-9084 (drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 m ...)
 	- linux 4.8.11-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://patchwork.kernel.org/patch/9373631/
 	NOTE: Fixed by: https://git.kernel.org/linus/05692d7005a364add85c6e25a6c4447ce08f913a (v4.9-rc4)
-CVE-2016-9083
+CVE-2016-9083 (drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows  ...)
 	- linux 4.8.11-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://patchwork.kernel.org/patch/9373631/
 	NOTE: Fixed by: https://git.kernel.org/linus/05692d7005a364add85c6e25a6c4447ce08f913a (v4.9-rc4)
-CVE-2016-9082
+CVE-2016-9082 (Integer overflow in the write_png function in cairo 1.14.6 allows remo ...)
 	{DLA-688-1}
 	- cairo 1.14.6-1.1 (bug #842289)
 	[jessie] - cairo 1.14.0-2.1+deb8u2
@@ -5614,7 +5614,7 @@ CVE-2016-9030
 	RESERVED
 CVE-2016-9029
 	RESERVED
-CVE-2016-9028
+CVE-2016-9028 (Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10. ...)
 	NOT-FOR-US: Citrix
 CVE-2016-9027
 	RESERVED
@@ -5630,40 +5630,40 @@ CVE-2016-9022
 	RESERVED
 CVE-2016-9021
 	RESERVED
-CVE-2016-9020
+CVE-2016-9020 (SQL injection vulnerability in framework/modules/help/controllers/help ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9019
+CVE-2016-9019 (SQL injection vulnerability in the activate_address function in framew ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-9018
+CVE-2016-9018 (Improper handling of a repeating VRAT chunk in qcpfformat.dll allows a ...)
 	NOT-FOR-US: RealPlayer
-CVE-2016-9017
+CVE-2016-9017 (Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf ...)
 	NOT-FOR-US: MuJS
-CVE-2016-9015
+CVE-2016-9015 (Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vul ...)
 	- python-urllib3 <not-affected> (Issue only present in 1.17 and 1.18 releases)
-CVE-2016-9014
+CVE-2016-9014 (Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x bef ...)
 	{DSA-3835-1 DLA-706-1}
 	- python-django 1:1.10.3-1 (bug #842856)
 	NOTE: https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
 	NOTE: https://github.com/django/django/commit/7fe2d8d940fdddd1a02c4754008a27060c4a03e9
-CVE-2016-9013
+CVE-2016-9013 (Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.1 ...)
 	{DSA-3835-1}
 	- python-django 1:1.10.3-1 (bug #842856)
 	[wheezy] - python-django <no-dsa> (Minor issue; specific to Oracle)
 	NOTE: https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
 	NOTE: https://github.com/django/django/commit/da7910d4834726eca596af0a830762fa5fb2dfd9
-CVE-2016-9012
+CVE-2016-9012 (CloudVision Portal (CVP) before 2016.1.2.1 allows remote authenticated ...)
 	NOT-FOR-US: CloudVision Portal
-CVE-2016-9010
+CVE-2016-9010 (IBM WebSphere Message Broker 9.0 and 10.0 could allow a remote attacke ...)
 	NOT-FOR-US: IBM
-CVE-2016-9009
+CVE-2016-9009 (IBM WebSphere MQ 8.0 could allow an authenticated user with authority  ...)
 	NOT-FOR-US: IBM
-CVE-2016-9008
+CVE-2016-9008 (IBM UrbanCode Deploy could allow a malicious user to access the Agent  ...)
 	NOT-FOR-US: IBM
 CVE-2016-9007
 	RESERVED
-CVE-2016-9006
+CVE-2016-9006 (IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2016-9005
+CVE-2016-9005 (IBM System Storage TS3100-TS3200 Tape Library could allow an unauthent ...)
 	NOT-FOR-US: IBM
 CVE-2016-9004
 	RESERVED
@@ -5673,11 +5673,11 @@ CVE-2016-9002
 	RESERVED
 CVE-2016-9001
 	RESERVED
-CVE-2016-9000
+CVE-2016-9000 (IBM InfoSphere DataStage is vulnerable to cross-frame scripting, cause ...)
 	NOT-FOR-US: IBM
-CVE-2016-8999
+CVE-2016-8999 (IBM InfoSphere Information Server contains a Path-relative stylesheet  ...)
 	NOT-FOR-US: IBM
-CVE-2016-8998
+CVE-2016-8998 (IBM Tivoli Storage Manager Server 7.1 could allow an authenticated use ...)
 	NOT-FOR-US: IBM
 CVE-2016-8997
 	RESERVED
@@ -5699,9 +5699,9 @@ CVE-2016-8989
 	RESERVED
 CVE-2016-8988
 	RESERVED
-CVE-2016-8987
+CVE-2016-8987 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow an authentic ...)
 	NOT-FOR-US: IBM
-CVE-2016-8986
+CVE-2016-8986 (IBM WebSphere MQ 8.0 could allow an authenticated user with access to  ...)
 	NOT-FOR-US: IBM
 CVE-2016-8985
 	RESERVED
@@ -5709,51 +5709,51 @@ CVE-2016-8984
 	RESERVED
 CVE-2016-8983
 	RESERVED
-CVE-2016-8982
+CVE-2016-8982 (IBM InfoSphere Information Server stores sensitive information in URL  ...)
 	NOT-FOR-US: IBM
-CVE-2016-8981
+CVE-2016-8981 (IBM BigFix Inventory v9 allows web pages to be stored locally which ca ...)
 	NOT-FOR-US: IBM
-CVE-2016-8980
+CVE-2016-8980 (IBM BigFix Inventory v9 is vulnerable to a denial of service, caused b ...)
 	NOT-FOR-US: IBM
 CVE-2016-8979
 	RESERVED
 CVE-2016-8978
 	RESERVED
-CVE-2016-8977
+CVE-2016-8977 (IBM BigFix Inventory v9 could disclose sensitive information to an una ...)
 	NOT-FOR-US: IBM
 CVE-2016-8976
 	RESERVED
-CVE-2016-8975
+CVE-2016-8975 (IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. Thi ...)
 	NOT-FOR-US: IBM
-CVE-2016-8974
+CVE-2016-8974 (IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, ...)
 	NOT-FOR-US: IBM
-CVE-2016-8973
+CVE-2016-8973 (IBM Rhapsody DM 4.0, 5.0 and 6.0 contains an undisclosed vulnerability ...)
 	NOT-FOR-US: IBM
-CVE-2016-8972
+CVE-2016-8972 (IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privil ...)
 	NOT-FOR-US: IBM
-CVE-2016-8971
+CVE-2016-8971 (IBM WebSphere MQ 8.0 could allow an authenticated user with queue mana ...)
 	NOT-FOR-US: IBM
 CVE-2016-8970
 	RESERVED
 CVE-2016-8969
 	RESERVED
-CVE-2016-8968
+CVE-2016-8968 (IBM Jazz Foundation is vulnerable to cross-site scripting. This vulner ...)
 	NOT-FOR-US: IBM
-CVE-2016-8967
+CVE-2016-8967 (IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear  ...)
 	NOT-FOR-US: IBM
-CVE-2016-8966
+CVE-2016-8966 (IBM BigFix Inventory v9 could allow a remote attacker to obtain sensit ...)
 	NOT-FOR-US: IBM
 CVE-2016-8965
 	RESERVED
-CVE-2016-8964
+CVE-2016-8964 (IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting ...)
 	NOT-FOR-US: IBM
-CVE-2016-8963
+CVE-2016-8963 (IBM BigFix Inventory v9 stores potentially sensitive information in lo ...)
 	NOT-FOR-US: IBM
-CVE-2016-8962
+CVE-2016-8962 (IBM BigFix Inventory 9.2 does not require that users should have stron ...)
 	NOT-FOR-US: IBM
-CVE-2016-8961
+CVE-2016-8961 (IBM BigFix Inventory v9 could allow a remote attacker to conduct phish ...)
 	NOT-FOR-US: IBM
-CVE-2016-8960
+CVE-2016-8960 (IBM Cognos Business Intelligence 10.2 could allow a user with lower pr ...)
 	NOT-FOR-US: IBM Cognos Business Intelligence
 CVE-2016-8959
 	RESERVED
@@ -5765,99 +5765,99 @@ CVE-2016-8956
 	RESERVED
 CVE-2016-8955
 	RESERVED
-CVE-2016-8954
+CVE-2016-8954 (IBM dashDB Local uses hard-coded credentials that could allow a remote ...)
 	NOT-FOR-US: IBM
-CVE-2016-8953
+CVE-2016-8953 (IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attack ...)
 	NOT-FOR-US: IBM
-CVE-2016-8952
+CVE-2016-8952 (IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10. ...)
 	NOT-FOR-US: IBM
-CVE-2016-8951
+CVE-2016-8951 (IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10. ...)
 	NOT-FOR-US: IBM
-CVE-2016-8950
+CVE-2016-8950 (IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
-CVE-2016-8949
+CVE-2016-8949 (IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could all ...)
 	NOT-FOR-US: IBM
-CVE-2016-8948
+CVE-2016-8948 (IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
-CVE-2016-8947
+CVE-2016-8947 (IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attack ...)
 	NOT-FOR-US: IBM
-CVE-2016-8946
+CVE-2016-8946 (IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
 CVE-2016-8945
 	RESERVED
-CVE-2016-8944
+CVE-2016-8944 (IBM AIX 7.1 and 7.2 allows a local user to open a file with a speciall ...)
 	NOT-FOR-US: IBM
-CVE-2016-8943
+CVE-2016-8943 (IBM Tivoli Storage Productivity Center is vulnerable to cross-site scr ...)
 	NOT-FOR-US: IBM
-CVE-2016-8942
+CVE-2016-8942 (IBM Tivoli Storage Productivity Center could allow an authenticated us ...)
 	NOT-FOR-US: IBM
-CVE-2016-8941
+CVE-2016-8941 (IBM Tivoli Storage Productivity Center is vulnerable to cross-site req ...)
 	NOT-FOR-US: IBM
-CVE-2016-8940
+CVE-2016-8940 (IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7 ...)
 	NOT-FOR-US: IBM
-CVE-2016-8939
+CVE-2016-8939 (IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) clients/ ...)
 	NOT-FOR-US: IBM
-CVE-2016-8938
+CVE-2016-8938 (IBM UrbanCode Deploy could allow a user to execute code using a specia ...)
 	NOT-FOR-US: IBM
-CVE-2016-8937
+CVE-2016-8937 (The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) defa ...)
 	NOT-FOR-US: IBM
-CVE-2016-8936
+CVE-2016-8936 (IBM Social Rendering Templates for Digital Data Connector is vulnerabl ...)
 	NOT-FOR-US: IBM
-CVE-2016-8935
+CVE-2016-8935 (IBM Kenexa LMS on Cloud 13.1, 13.2, 13.2.2, 13.2.3, 13.2.4 and 14.0.0  ...)
 	NOT-FOR-US: IBM
-CVE-2016-8934
+CVE-2016-8934 (IBM WebSphere Application Server is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2016-8933
+CVE-2016-8933 (IBM Kenexa LMS on Cloud could allow a remote attacker to traverse dire ...)
 	NOT-FOR-US: IBM
-CVE-2016-8932
+CVE-2016-8932 (IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitr ...)
 	NOT-FOR-US: IBM
-CVE-2016-8931
+CVE-2016-8931 (IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitr ...)
 	NOT-FOR-US: IBM
-CVE-2016-8930
+CVE-2016-8930 (IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attac ...)
 	NOT-FOR-US: IBM
-CVE-2016-8929
+CVE-2016-8929 (IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attac ...)
 	NOT-FOR-US: IBM
-CVE-2016-8928
+CVE-2016-8928 (IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attac ...)
 	NOT-FOR-US: IBM
-CVE-2016-8927
+CVE-2016-8927 (IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is v ...)
 	NOT-FOR-US: IBM
-CVE-2016-8926
+CVE-2016-8926 (IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 coul ...)
 	NOT-FOR-US: IBM
-CVE-2016-8925
+CVE-2016-8925 (IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 coul ...)
 	NOT-FOR-US: IBM
-CVE-2016-8924
+CVE-2016-8924 (IBM Maximo Asset Management 7.1, 7.5 and 7.6 could allow a remote atta ...)
 	NOT-FOR-US: IBM
-CVE-2016-8923
+CVE-2016-8923 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 contains a vulne ...)
 	NOT-FOR-US: IBM
-CVE-2016-8922
+CVE-2016-8922 (Exphox WebRadar is vulnerable to cross-site scripting. This vulnerabil ...)
 	NOT-FOR-US: Exphox WebRadar
-CVE-2016-8921
+CVE-2016-8921 (IBM FileNet WorkPlace XT could allow a remote attacker to upload arbit ...)
 	NOT-FOR-US: IBM
-CVE-2016-8920
+CVE-2016-8920 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
-CVE-2016-8919
+CVE-2016-8919 (IBM WebSphere Application Server may be vulnerable to a denial of serv ...)
 	NOT-FOR-US: IBM
-CVE-2016-8918
+CVE-2016-8918 (IBM Integration Bus, under non default configurations, could allow a r ...)
 	NOT-FOR-US: IBM
-CVE-2016-8917
+CVE-2016-8917 (IBM Sterling Order Management 9.2 - 9.5 is vulnerable to cross-site re ...)
 	NOT-FOR-US: IBM
-CVE-2016-8916
+CVE-2016-8916 (IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password infor ...)
 	NOT-FOR-US: IBM
-CVE-2016-8915
+CVE-2016-8915 (IBM WebSphere MQ 8.0 could allow an authenticated user with access to  ...)
 	NOT-FOR-US: IBM
 CVE-2016-8914
 	RESERVED
-CVE-2016-8913
+CVE-2016-8913 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote at ...)
 	NOT-FOR-US: IBM
-CVE-2016-8912
+CVE-2016-8912 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sens ...)
 	NOT-FOR-US: IBM
-CVE-2016-8911
+CVE-2016-8911 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote at ...)
 	NOT-FOR-US: IBM
-CVE-2016-9016
+CVE-2016-9016 (Firejail 0.9.38.4 allows local users to execute arbitrary commands out ...)
 	- firejail 0.9.44-1
 	NOTE: https://github.com/netblue30/firejail/commit/46dc2b34f1fbbc4597b4ff9f6a3cb28b2d500d1b
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/25/3
-CVE-2016-9011
+CVE-2016-9011 (The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attac ...)
 	{DLA-694-1}
 	- libwmf 0.2.8.4-10.6 (bug #842090)
 	[jessie] - libwmf 0.2.8.4-10.3+deb8u2
@@ -5865,19 +5865,19 @@ CVE-2016-9011
 	NOTE: https://blogs.gentoo.org/ago/2016/10/18/libwmf-memory-allocation-failure-in-wmf_malloc-api-c
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00015-libwmf-memalloc-wmf_malloc
 	NOTE: Proposed patch: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=842090;filename=libwmf-0.2.8.4-CVE-2016-9011-debian.patch;msg=10
-CVE-2016-8908
+CVE-2016-8908 (SQL injection vulnerability in the "Site Browser &gt; HTML pages" scre ...)
 	NOT-FOR-US: dotCMS
-CVE-2016-8907
+CVE-2016-8907 (SQL injection vulnerability in the "Content Types &gt; Content Types"  ...)
 	NOT-FOR-US: dotCMS
-CVE-2016-8906
+CVE-2016-8906 (SQL injection vulnerability in the "Site Browser &gt; Links pages" scr ...)
 	NOT-FOR-US: dotCMS
-CVE-2016-8905
+CVE-2016-8905 (SQL injection vulnerability in the JSONTags servlet in dotCMS before 3 ...)
 	NOT-FOR-US: dotCMS
-CVE-2016-8904
+CVE-2016-8904 (SQL injection vulnerability in the "Site Browser &gt; Containers pages ...)
 	NOT-FOR-US: dotCMS
-CVE-2016-8903
+CVE-2016-8903 (SQL injection vulnerability in the "Site Browser &gt; Templates pages" ...)
 	NOT-FOR-US: dotCMS
-CVE-2016-8902
+CVE-2016-8902 (SQL injection vulnerability in the categoriesServlet servlet in dotCMS ...)
 	NOT-FOR-US: dotCMS
 CVE-2016-8901
 	RESERVED
@@ -5903,19 +5903,19 @@ CVE-2016-8891
 	RESERVED
 CVE-2016-8890
 	RESERVED
-CVE-2016-8889
+CVE-2016-8889 (In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fi ...)
 	NOT-FOR-US: Bitcoin Knots
 CVE-2016-8888
 	RESERVED
-CVE-2016-8879
+CVE-2016-8879 (The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in  ...)
 	NOT-FOR-US: Foxit
-CVE-2016-8878
+CVE-2016-8878 (Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before ...)
 	NOT-FOR-US: Foxit
-CVE-2016-8877
+CVE-2016-8877 (Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit Read ...)
 	NOT-FOR-US: Foxit
-CVE-2016-8876
+CVE-2016-8876 (Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before ...)
 	NOT-FOR-US: Foxit
-CVE-2016-8875
+CVE-2016-8875 (The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on W ...)
 	NOT-FOR-US: Foxit
 CVE-2016-8874
 	RESERVED
@@ -5923,15 +5923,15 @@ CVE-2016-8873
 	RESERVED
 CVE-2016-8872
 	RESERVED
-CVE-2016-8871
+CVE-2016-8871 (In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding  ...)
 	- botan1.10 <not-affected> (Only affects 1.11.29 through 1.11.32)
-CVE-2016-8870
+CVE-2016-8870 (The register method in the UsersModelRegistration class in controllers ...)
 	NOT-FOR-US: Joomla!
-CVE-2016-8869
+CVE-2016-8869 (The register method in the UsersModelRegistration class in controllers ...)
 	NOT-FOR-US: Joomla!
 CVE-2016-8868
 	RESERVED
-CVE-2016-8867
+CVE-2016-8867 (Docker Engine 1.12.2 enabled ambient capabilities with misconfigured c ...)
 	- docker.io <not-affected> (Not built from/with a runc with "ambient capabilities")
 	- runc <not-affected> ("ambient capabilities" introduced later, cf bug #853240)
 	NOTE: https://github.com/docker/docker/issues/27590
@@ -5944,13 +5944,13 @@ CVE-2016-8867
 	NOTE: in runc.
 CVE-2016-8865
 	RESERVED
-CVE-2016-8864
+CVE-2016-8864 (named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9. ...)
 	{DSA-3703-1 DLA-696-1}
 	[experimental] - bind9 1:9.10.4-P5-1
 	- bind9 1:9.10.3.dfsg.P4-11 (bug #842858)
 	NOTE: https://kb.isc.org/article/AA-01434
 	NOTE: upstream fix https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=8bd0c12d53bea6f299e92d20ee0a23b16a7f65bc
-CVE-2016-8863
+CVE-2016-8863 (Heap-based buffer overflow in the create_url_list function in gena/gen ...)
 	{DSA-3736-1 DLA-748-1 DLA-747-1}
 	- libupnp 1:1.6.19+git20160116-1.2 (bug #842093)
 	- libupnp4 <removed>
@@ -5960,9 +5960,9 @@ CVE-2016-8861
 	RESERVED
 CVE-2016-8857
 	RESERVED
-CVE-2016-8856
+CVE-2016-8856 (Foxit Reader for Mac 2.1.0.0804 and earlier and Foxit Reader for Linux ...)
 	NOT-FOR-US: Foxit
-CVE-2016-8855
+CVE-2016-8855 (Cross-Site Scripting (XSS) in "/sitecore/client/Applications/List Mana ...)
 	NOT-FOR-US: Sitecore Experience Platform
 CVE-2016-8854
 	REJECTED
@@ -6018,9 +6018,9 @@ CVE-2016-8829
 	REJECTED
 CVE-2016-8828
 	REJECTED
-CVE-2016-8827
+CVE-2016-8827 (NVIDIA GeForce Experience 3.x before GFE 3.1.0.52 contains a vulnerabi ...)
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2016-8826
+CVE-2016-8826 (All versions of NVIDIA GPU Display Driver contain a vulnerability in t ...)
 	- nvidia-graphics-drivers 375.26-1 (bug #848195)
 	[jessie] - nvidia-graphics-drivers 340.101-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -6028,111 +6028,111 @@ CVE-2016-8826
 	- nvidia-graphics-drivers-legacy-304xx 304.134-1 (bug #848197)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.134-0~deb8u1
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/4278
-CVE-2016-8825
+CVE-2016-8825 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8824
+CVE-2016-8824 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8823
+CVE-2016-8823 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8822
+CVE-2016-8822 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8821
+CVE-2016-8821 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8820
+CVE-2016-8820 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8819
+CVE-2016-8819 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8818
+CVE-2016-8818 (All versions of NVIDIA Windows GPU Display contain a vulnerability in  ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8817
+CVE-2016-8817 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8816
+CVE-2016-8816 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8815
+CVE-2016-8815 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8814
+CVE-2016-8814 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8813
+CVE-2016-8813 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8812
+CVE-2016-8812 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Exper ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8811
+CVE-2016-8811 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8810
+CVE-2016-8810 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8809
+CVE-2016-8809 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8808
+CVE-2016-8808 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8807
+CVE-2016-8807 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8806
+CVE-2016-8806 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-8805
+CVE-2016-8805 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
 CVE-2016-8804
 	RESERVED
-CVE-2016-8803
+CVE-2016-8803 (The maintenance module in Huawei FusionStorage V100R003C30U1 allows at ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8802
+CVE-2016-8802 (The security policy processing module in Huawei Secospace USG6300 with ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8801
+CVE-2016-8801 (Huawei OceanStor 5600 V3 with V300R003C00C10 and earlier versions allo ...)
 	NOT-FOR-US: Huawei
 CVE-2016-8800
 	REJECTED
 CVE-2016-8799
 	REJECTED
-CVE-2016-8798
+CVE-2016-8798 (Huawei USG5500 with software V300R001C00 and V300R001C00 allows attack ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8797
+CVE-2016-8797 (Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8796
+CVE-2016-8796 (Huawei USG9520 V300R001C01, USG9560 V300R001C01, and USG9580 V300R001C ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8795
+CVE-2016-8795 (Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8794
+CVE-2016-8794 (Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Ve ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8793
+CVE-2016-8793 (Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Ve ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8792
+CVE-2016-8792 (Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Ve ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8791
+CVE-2016-8791 (Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Ve ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8790
+CVE-2016-8790 (Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudE ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8789
+CVE-2016-8789 (Huawei eSpace Integrated Access Device (IAD) with software V300R001C03 ...)
 	NOT-FOR-US: Huawei
 CVE-2016-8788
 	REJECTED
 CVE-2016-8787
 	REJECTED
-CVE-2016-8786
+CVE-2016-8786 (Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S570 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8785
+CVE-2016-8785 (Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8784
+CVE-2016-8784 (Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R0 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8783
+CVE-2016-8783 (Touchscreen drive in Huawei H60 (Honor 6) Versions earlier than H60-L0 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8782
+CVE-2016-8782 (Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R0 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8781
+CVE-2016-8781 (Huawei Secospace USG6300 with software V500R001C20 and V500R001C20SPC2 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8780
+CVE-2016-8780 (Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, Clo ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8779
+CVE-2016-8779 (Huawei FusionAccess with software V100R005C10 and V100R005C20 could al ...)
 	NOT-FOR-US: Huawei
 CVE-2016-8778
 	REJECTED
 CVE-2016-8777
 	REJECTED
-CVE-2016-8776
+CVE-2016-8776 (Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8775
+CVE-2016-8775 (Touch Panel (TP) driver in Huawei NEM phones with software Versions be ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8774
+CVE-2016-8774 (The HIFI driver in Huawei Mate 8 phones with software versions before  ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8773
+CVE-2016-8773 (Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200 ...)
 	NOT-FOR-US: Huawei
 CVE-2016-8772
 	REJECTED
@@ -6140,9 +6140,9 @@ CVE-2016-8771
 	REJECTED
 CVE-2016-8770
 	REJECTED
-CVE-2016-8769
+CVE-2016-8769 (Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8768
+CVE-2016-8768 (Huawei Honor 6, Honor 6 Plus, Honor 7 phones with software versions ea ...)
 	NOT-FOR-US: Huawei
 CVE-2016-8767
 	REJECTED
@@ -6150,47 +6150,47 @@ CVE-2016-8766
 	REJECTED
 CVE-2016-8765
 	REJECTED
-CVE-2016-8764
+CVE-2016-8764 (The TrustZone driver in Huawei P9 phones with software Versions earlie ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8763
+CVE-2016-8763 (The TrustZone driver in Huawei P9 phones with software Versions earlie ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8762
+CVE-2016-8762 (The TrustZone driver in Huawei P9 phones with software Versions earlie ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8761
+CVE-2016-8761 (Video driver in Huawei P9 phones with software versions before EVA-AL1 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8760
+CVE-2016-8760 (Touchscreen driver in Huawei P9 phones with software versions before E ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8759
+CVE-2016-8759 (Video driver in Huawei P9 phones with software versions before EVA-AL1 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8758
+CVE-2016-8758 (ION memory management module in Huawei Mate8 phones with software NXT- ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8757
+CVE-2016-8757 (ION memory management module in Huawei P9 phones with software EVA-AL1 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8756
+CVE-2016-8756 (ION memory management module in Huawei Mate 8 phones with software NXT ...)
 	NOT-FOR-US: Huawei
 CVE-2016-8755
 	REJECTED
-CVE-2016-8754
+CVE-2016-8754 (Huawei OceanStor 5600 V3 V300R003C00 has a hardcoded SSH key vulnerabi ...)
 	NOT-FOR-US: Huawei
 CVE-2016-8753
 	REJECTED
-CVE-2016-8752
+CVE-2016-8752 (Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7. ...)
 	NOT-FOR-US: Apache Atlas
-CVE-2016-8751
+CVE-2016-8751 (Apache Ranger before 0.6.3 is vulnerable to a Stored Cross-Site Script ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2016-8750
+CVE-2016-8750 (Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate u ...)
 	- apache-karaf <itp> (bug #881297)
-CVE-2016-8749
+CVE-2016-8749 (Apache Camel's Jackson and JacksonXML unmarshalling operation are vuln ...)
 	NOT-FOR-US: Apache Camel
-CVE-2016-8748
+CVE-2016-8748 (In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a cross-s ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2016-8747
+CVE-2016-8747 (An information disclosure issue was discovered in Apache Tomcat 8.5.7  ...)
 	- tomcat8 8.5.9-1
 	[jessie] - tomcat8 <not-affected> (Only affects 8.5.7 to 8.5.9)
 	NOTE: http://svn.apache.org/r1774166
-CVE-2016-8746
+CVE-2016-8746 (Apache Ranger before 0.6.3 policy engine incorrectly matches paths in  ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2016-8745
+CVE-2016-8745 (A bug in the error handling of the send file code for the NIO HTTP con ...)
 	{DSA-3755-1 DSA-3754-1 DLA-779-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.9-1
@@ -6202,9 +6202,9 @@ CVE-2016-8745
 	NOTE: Fixed by: http://svn.apache.org/r1777469 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1777471 (7.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1777472 (6.0.x)
-CVE-2016-8744
+CVE-2016-8744 (Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs. Sn ...)
 	NOT-FOR-US: Apache Brooklyn
-CVE-2016-8743
+CVE-2016-8743 (Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was li ...)
 	{DSA-3796-1 DLA-841-2 DLA-841-1}
 	- apache2 2.4.25-1
 	NOTE: https://lists.apache.org/thread.html/139862b41c0dfd5e6e00ad89c00119f9faf0dd41a2f927da9c9a4076@%3Cannounce.httpd.apache.org%3E
@@ -6217,26 +6217,26 @@ CVE-2016-8743
 	NOTE: Affects: 2.2.0 to 2.4.23.
 	NOTE: Fixed in 2.4.25.
 	NOTE: For 2.2 preparation is done in http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x-merge-http-strict/
-CVE-2016-8742
+CVE-2016-8742 (The Windows installer that the Apache CouchDB team provides was vulner ...)
 	NOT-FOR-US: Windows installer for Apache CouchDB
-CVE-2016-8741
+CVE-2016-8741 (The Apache Qpid Broker for Java can be configured to use different so  ...)
 	- qpid-java <itp> (bug #840131)
-CVE-2016-8740
+CVE-2016-8740 (The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23,  ...)
 	- apache2 2.4.25-1 (bug #847124)
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: HTTP/2 support introduced in 2.4.17
-CVE-2016-8739
+CVE-2016-8739 (The JAX-RS module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1 ...)
 	NOT-FOR-US: Apache CXF
-CVE-2016-8738
+CVE-2016-8738 (In Apache Struts 2.5 through 2.5.5, if an application allows entering  ...)
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <end-of-life> (no longer supported)
 	NOTE: https://struts.apache.org/docs/s2-044.html
-CVE-2016-8737
+CVE-2016-8737 (In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cro ...)
 	NOT-FOR-US: Apache Brooklyn
-CVE-2016-8736
+CVE-2016-8736 (Apache OpenMeetings before 3.1.2 is vulnerable to Remote Code Executio ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2016-8735
+CVE-2016-8735 (Remote code execution is possible with Apache Tomcat before 6.0.48, 7. ...)
 	{DSA-3739-1 DSA-3738-1 DLA-729-1 DLA-728-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.39-1
@@ -6247,7 +6247,7 @@ CVE-2016-8735
 	NOTE: Fixed by: http://svn.apache.org/r1767656 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1767676 (7.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1767684 (6.0.x)
-CVE-2016-8734
+CVE-2016-8734 (Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 throu ...)
 	- subversion 1.9.5-1 (low)
 	[jessie] - subversion 1.8.10-6+deb8u5
 	[wheezy] - subversion <no-dsa> (Minor issue, binary packages not affected since built against Neon as HTTP library)
@@ -6255,86 +6255,86 @@ CVE-2016-8734
 	NOTE: library), though source is. (unimporant) for individual lines is not supported, thus workaround by marking
 	NOTE: as no-dsa.
 	NOTE: https://subversion.apache.org/security/CVE-2016-8734-advisory.txt
-CVE-2016-8733
+CVE-2016-8733 (An exploitable integer overflow exists in the Joyent SmartOS 20161110T ...)
 	NOT-FOR-US: Joyent SmartOS
-CVE-2016-8732
+CVE-2016-8732 (Multiple security flaws exists in InvProtectDrv.sys which is a part of ...)
 	NOT-FOR-US: Invincea Dell Protected Workspace
-CVE-2016-8731
+CVE-2016-8731 (Hard-coded FTP credentials (r:r) are included in the Foscam C1 running ...)
 	NOT-FOR-US: Foscam C1
-CVE-2016-8730
+CVE-2016-8730 (An of bound write / memory corruption vulnerability exists in the GIF  ...)
 	NOT-FOR-US: Core PHOTO-PAINT X8
-CVE-2016-8729
+CVE-2016-8729 (An exploitable memory corruption vulnerability exists in the JBIG2 par ...)
 	{DSA-3817-1 DLA-874-1}
 	- jbig2dec 0.13-4 (bug #863886)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0243
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698438
 	NOTE: http://git.ghostscript.com/?p=jbig2dec.git;h=e698d5c11d27212aa1098bc5b1673a3378563092
-CVE-2016-8728
+CVE-2016-8728 (An exploitable heap out of bounds write vulnerability exists in the Fi ...)
 	- mupdf <not-affected> (Vulnerable code introduced in 1.10, cf. #863545)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0242%20
-CVE-2016-8727
+CVE-2016-8727 (An exploitable information disclosure vulnerability exists in the Web  ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8726
+CVE-2016-8726 (An exploitable null pointer dereference vulnerability exists in the We ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8725
+CVE-2016-8725 (An exploitable information disclosure vulnerability exists in the Web  ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8724
+CVE-2016-8724 (An exploitable information disclosure vulnerability exists in the serv ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8723
+CVE-2016-8723 (An exploitable null pointer dereference exists in the Web Application  ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8722
+CVE-2016-8722 (An exploitable Information Disclosure vulnerability exists in the Web  ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8721
+CVE-2016-8721 (An exploitable OS Command Injection vulnerability exists in the web ap ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8720
+CVE-2016-8720 (An exploitable HTTP Header Injection vulnerability exists in the Web A ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8719
+CVE-2016-8719 (An exploitable reflected Cross-Site Scripting vulnerability exists in  ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8718
+CVE-2016-8718 (An exploitable Cross-Site Request Forgery vulnerability exists in the  ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8717
+CVE-2016-8717 (An exploitable Use of Hard-coded Credentials vulnerability exists in t ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8716
+CVE-2016-8716 (An exploitable Cleartext Transmission of Password vulnerability exists ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8715
+CVE-2016-8715 (An exploitable heap corruption vulnerability exists in the loadTrailer ...)
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8714
+CVE-2016-8714 (An exploitable buffer overflow vulnerability exists in the LoadEncodin ...)
 	{DSA-3813-1 DLA-861-1}
 	- r-base 3.3.3-1 (bug #857466)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0227/
-CVE-2016-8713
+CVE-2016-8713 (A remote out of bound write / memory corruption vulnerability exists i ...)
 	NOT-FOR-US: Nitro Pro
-CVE-2016-8712
+CVE-2016-8712 (An exploitable nonce reuse vulnerability exists in the Web Application ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8711
+CVE-2016-8711 (A potential remote code execution vulnerability exists in the PDF pars ...)
 	NOT-FOR-US: Nitro Pro
-CVE-2016-8710
+CVE-2016-8710 (An exploitable heap write out of bounds vulnerability exists in the de ...)
 	- ffmpeg <not-affected> (Vulnerable code wasn't part of ffmpeg according to upstream)
 	NOTE: The libbpg library is not packaged in Debian but seem embedded in ffmpeg
 	NOTE: http://blog.talosintel.com/2017/01/vulnerability-spotlight-libbpg-image.html
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0223/
-CVE-2016-8709
+CVE-2016-8709 (A remote out of bound write / memory corruption vulnerability exists i ...)
 	NOT-FOR-US: Nitro Pro
 CVE-2016-8708
 	REJECTED
-CVE-2016-8707
+CVE-2016-8707 (An exploitable out of bounds write exists in the handling of compresse ...)
 	{DSA-3799-1 DLA-756-1}
 	- imagemagick 8:6.9.7.0+dfsg-2 (bug #848139)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0216/
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/e5fd9ab1b70b2edd06de8efb606e04482cb9a2f0 (7.0.3-9)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/fde5f55af94f189f16958535a9c22b439d71ac93 (6.9.6-7)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/e5dc6d628a1c6049dc95adcea5e49aaa7ef2c778 (6.9.6-7)
-CVE-2016-8706
+CVE-2016-8706 (An integer overflow in process_bin_sasl_auth function in Memcached, wh ...)
 	{DSA-3704-1 DLA-701-1}
 	- memcached 1.4.33-1 (bug #842814)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0221/
 	NOTE: upstream fix https://github.com/memcached/memcached/commit/bd578fc34b96abe0f8d99c1409814a09f51ee71c
-CVE-2016-8705
+CVE-2016-8705 (Multiple integer overflows in process_bin_update function in Memcached ...)
 	{DSA-3704-1 DLA-701-1}
 	- memcached 1.4.33-1 (bug #842812)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0220/
 	NOTE: upstream fix https://github.com/memcached/memcached/commit/bd578fc34b96abe0f8d99c1409814a09f51ee71c
-CVE-2016-8704
+CVE-2016-8704 (An integer overflow in the process_bin_append_prepend function in Memc ...)
 	{DSA-3704-1 DLA-701-1}
 	- memcached 1.4.33-1 (bug #842811)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0219/
@@ -6345,15 +6345,15 @@ CVE-2016-1000035
 	RESERVED
 CVE-2016-1000034
 	RESERVED
-CVE-2016-1000032
+CVE-2016-1000032 (TGCaptcha2 version 0.3.0 is vulnerable to a replay attack due to a mis ...)
 	NOT-FOR-US: TGCaptcha2
-CVE-2016-8910
+CVE-2016-8910 (The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Q ...)
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #841955)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/24/2
-CVE-2016-8909
+CVE-2016-8909 (The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick ...)
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #841950)
 	- qemu-kvm <removed>
@@ -6364,18 +6364,18 @@ CVE-2016-XXXX [Privilege escalation possible to other user than root]
 	NOTE: This is strongly related to the problem described in CVE-2016-7543 and the correction
 	NOTE: is very similar.
 	NOTE: https://lists.gnu.org/archive/html/bug-bash/2015-12/msg00112.html
-CVE-2016-10249
+CVE-2016-10249 (Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in Ja ...)
 	{DSA-3827-1 DLA-739-1}
 	- jasper <removed>
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568 (version-1.900.12)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/23/jasper-heap-based-buffer-overflow-in-jpc_dec_tiledecode-jpc_dec-c/
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00001-jasper-heapoverflow-jpc_dec_tiledecode
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/23/7
-CVE-2016-10250
+CVE-2016-10250 (The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 a ...)
 	- jasper <not-affected> (Incomplete fix for CVE-206-8887 not applied)
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00002-jasper-NULLptr-jp2_colr_destroy
 	NOTE: https://blogs.gentoo.org/ago/2016/10/23/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c-incomplete-fix-for-cve-2016-8887
-CVE-2016-8887
+CVE-2016-8887 (The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer bef ...)
 	{DLA-739-1}
 	- jasper <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/18/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c
@@ -6384,7 +6384,7 @@ CVE-2016-8887
 	NOTE: https://blogs.gentoo.org/ago/2016/10/23/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c-incomplete-fix-for-cve-2016-8887
 	NOTE: and include the fix to not make jasper vulnerable to the incomplete fix.
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2016-8886
+CVE-2016-8886 (The jas_malloc function in libjasper/base/jas_malloc.c in JasPer befor ...)
 	- jasper <removed> (low)
 	[jessie] - jasper <no-dsa> (Minor issue)
 	[wheezy] - jasper <no-dsa> (Minor issue)
@@ -6397,21 +6397,21 @@ CVE-2016-XXXX [sendmail: Privilege escalation from group smmsp to root]
 	[jessie] - sendmail 8.14.4-8+deb8u2
 	[wheezy] - sendmail <no-dsa> (Minor issue)
 	NOTE: no unprivileged user should be in smmsp group and there is no known vulnerability to gain smmsp group membership
-CVE-2016-8885
+CVE-2016-8885 (The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1 ...)
 	- jasper <not-affected> (Incomplete fix for CVE-2016-8690 not applied)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690
 	NOTE: Fixed by https://github.com/mdadams/jasper/commit/5d66894d2313e3f3469f19066e149e08ff076698
-CVE-2016-8884
+CVE-2016-8884 (The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5  ...)
 	- jasper <not-affected> (Incomplete fix for CVE-2016-8690 not applied)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690
 	NOTE: Fixed by https://github.com/mdadams/jasper/commit/5d66894d2313e3f3469f19066e149e08ff076698
-CVE-2016-8883
+CVE-2016-8883 (The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8  ...)
 	{DLA-739-1}
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/32
 	NOTE: https://github.com/mdadams/jasper/commit/33cc2cfa51a8d0fc3116d16cc1d8fc581b3f9e8d
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2016-8882
+CVE-2016-8882 (The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer bef ...)
 	{DSA-3785-1 DLA-739-1}
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/30
@@ -6421,14 +6421,14 @@ CVE-2016-8881
 	REJECTED
 CVE-2016-8880
 	REJECTED
-CVE-2016-8866
+CVE-2016-8866 (The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick ...)
 	{DLA-756-1}
 	- imagemagick <not-affected>
 	NOTE: For incomplete fix of CVE-2016-8862
 	NOTE: https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/
 	NOTE: This is not a real problem in imagemagick but caused by the "observer" (the address sanitizer), cf.
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30908#p140255 .
-CVE-2016-8859
+CVE-2016-8859 (Multiple integer overflows in the TRE library and musl libc allow atta ...)
 	{DLA-687-1}
 	- tre 0.8.0-5 (bug #842169)
 	[jessie] - tre 0.8.0-4+deb8u1
@@ -6437,13 +6437,13 @@ CVE-2016-8859
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/19/1
 	NOTE: other issues may still be present in tre after this: https://github.com/laurikari/tre/issues/37
 	NOTE: musl patch: http://git.musl-libc.org/cgit/musl/commit/?id=c3edc06d1e1360f3570db9155d6b318ae0d0f0f7, not released yet
-CVE-2016-8858
+CVE-2016-8858 (** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x  ...)
 	- openssh 1:7.3p1-2 (bug #841884)
 	[jessie] - openssh <ignored> (Minor issue)
 	[wheezy] - openssh <no-dsa> (Minor issue)
 	NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup
 	NOTE: Only thing the attacker could do here is self-dos own connection
-CVE-2016-8862
+CVE-2016-8862 (The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.6+dfsg-1 (bug #845634)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/
@@ -6452,21 +6452,21 @@ CVE-2016-8862
 	NOTE: this CVE make sure to fix it completely to not open up CVE-2016-8866.
 	NOTE: The "incomplete fix" though is not a real problem, cf. https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30908#p140255
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/17/4
-CVE-2016-8860
+CVE-2016-8860 (Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal funct ...)
 	{DSA-3694-1 DLA-663-1}
 	- tor 0.2.8.9-1
 	NOTE: https://trac.torproject.org/projects/tor/ticket/20384
 	NOTE: https://blog.torproject.org/blog/tor-0289-released-important-fixes
 	NOTE: https://gitweb.torproject.org/tor.git/commit/?id=3cea86eb2fbb65949673eb4ba8ebb695c87a57ce
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/18/11
-CVE-2016-9138
+CVE-2016-9138 (PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modifica ...)
 	{DSA-3732-1}
 	- php7.0 7.0.12-1
 	- php5 <removed>
 	[wheezy] - php5 <not-affected> (Vulnerable code not present in version 5.4.45)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73147
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/01/7
-CVE-2016-9137
+CVE-2016-9137 (Use-after-free vulnerability in the CURLFile implementation in ext/cur ...)
 	{DSA-3698-1}
 	- php7.0 7.0.12-1
 	- php5 <removed>
@@ -6475,83 +6475,83 @@ CVE-2016-9137
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=0e6fe3a4c96be2d3e88389a5776f878021b4c59f
 	NOTE: Fixed in 7.0.12, 5.6.27
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/18/1
-CVE-2016-8673
+CVE-2016-8673 (Cross-site request forgery (CSRF) vulnerability in the integrated web  ...)
 	NOT-FOR-US: Siemens SIMATIC CP
-CVE-2016-8672
+CVE-2016-8672 (The integrated web server on Siemens SIMATIC CP 343-1 Advanced prior t ...)
 	NOT-FOR-US: Siemens SIMATIC CP
-CVE-2016-6911
+CVE-2016-6911 (The dynamicGetbuf function in the GD Graphics Library (aka libgd) befo ...)
 	{DSA-3693-1 DLA-665-1}
 	- libgd2 2.2.3-87-gd0fec80-2 (bug #840806)
 	NOTE: Corresponds to the 0020-Fix-invalid-read-in-gdImageCreateFromTiffPtr.patch patch
 	NOTE: https://github.com/libgd/libgd/commit/4859d69e07504d4b0a4bdf9bcb4d9e3769ca35ae
-CVE-2016-8703
+CVE-2016-8703 (Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_i ...)
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8702
+CVE-2016-8702 (Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_i ...)
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8701
+CVE-2016-8701 (Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_i ...)
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8700
+CVE-2016-8700 (Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_i ...)
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8699
+CVE-2016-8699 (Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_i ...)
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8698
+CVE-2016-8698 (Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_i ...)
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8697
+CVE-2016-8697 (The bm_new function in bitmap.h in potrace before 1.13 allows remote a ...)
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-divide-by-zero-in-bm_new-bitmap-h/
-CVE-2016-8696
+CVE-2016-8696 (The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 all ...)
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8695
+CVE-2016-8695 (The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 all ...)
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8694
+CVE-2016-8694 (The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 all ...)
 	{DLA-675-1}
 	- potrace 1.13-1
 	[jessie] - potrace 1.12-1+deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/
-CVE-2016-8693
+CVE-2016-8693 (Double free vulnerability in the mem_close function in jas_stream.c in ...)
 	{DSA-3785-1 DLA-739-1}
 	- jasper <removed> (bug #841110)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-double-free-in-mem_close-jas_stream-c/
 	NOTE: https://github.com/mdadams/jasper/commit/44a524e367597af58d6265ae2014468b334d0309
-CVE-2016-8692
+CVE-2016-8692 (The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer  ...)
 	{DSA-3785-1 DLA-739-1}
 	- jasper <removed> (unimportant; bug #841111)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-divide-by-zero-in-jpc_dec_process_siz-jpc_dec-c/
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/d8c2604cd438c41ec72aff52c16ebd8183068020 (version-1.900.4)
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2016-8691
+CVE-2016-8691 (The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer  ...)
 	{DSA-3785-1 DLA-739-1}
 	- jasper <removed> (unimportant; bug #841111)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-divide-by-zero-in-jpc_dec_process_siz-jpc_dec-c/
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/d8c2604cd438c41ec72aff52c16ebd8183068020 (version-1.900.4)
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2016-8690
+CVE-2016-8690 (The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1 ...)
 	{DLA-1583-1}
 	- jasper <removed> (low; bug #841112)
 	[wheezy] - jasper <no-dsa> (Minor issue)
@@ -6559,13 +6559,13 @@ CVE-2016-8690
 	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c/
 	NOTE: The original fix is incomplete resulting in two follow ups CVE-2016-8884 and
 	NOTE: CVE-2016-8885.
-CVE-2016-8689
+CVE-2016-8689 (The read_Header function in archive_read_support_format_7zip.c in liba ...)
 	{DLA-1600-1 DLA-661-1}
 	- libarchive 3.2.1-5 (bug #840934)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c/
 	NOTE: https://github.com/libarchive/libarchive/issues/761
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126
-CVE-2016-8688
+CVE-2016-8688 (The mtree bidder in libarchive 3.2.1 does not keep track of line sizes ...)
 	{DLA-1600-1 DLA-661-1}
 	- libarchive 3.2.1-5 (bug #840935)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c/
@@ -6574,61 +6574,61 @@ CVE-2016-8688
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-use-after-free-in-bid_entry-archive_read_support_format_mtree-c/
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-use-after-free-in-detect_form-archive_read_support_format_mtree-c/
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/eec077f52bfa2d3f7103b4b74d52572ba8a15aca
-CVE-2016-8687
+CVE-2016-8687 (Stack-based buffer overflow in the safe_fprintf function in tar/util.c ...)
 	{DLA-1600-1 DLA-661-1}
 	- libarchive 3.2.1-5 (bug #840936)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c/
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a
 	NOTE: https://github.com/libarchive/libarchive/issues/767
-CVE-2016-8678
+CVE-2016-8678 (The IsPixelMonochrome function in MagickCore/pixel-accessor.h in Image ...)
 	- imagemagick <unfixed> (unimportant; bug #845204)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/07/imagemagick-heap-based-buffer-overflow-in-ispixelmonochrome-pixel-accessor-h/
 	NOTE: unimportant: Only an issue with a QuantumDepth=64 build, thus not affecting the binary packages
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/272
-CVE-2016-8677
+CVE-2016-8677 (The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagi ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-1 (bug #845206)
 	NOTE: https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c/
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/6e48aa92ff4e6e95424300ecd52a9ea453c19c60
-CVE-2016-8676
+CVE-2016-8676 (The get_vlc2 function in get_bits.h in Libav 11.9 allows remote attack ...)
 	- libav <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/07/libav-null-pointer-dereference-in-get_vlc2_get_bits_h/
-CVE-2016-8675
+CVE-2016-8675 (The get_vlc2 function in get_bits.h in Libav before 11.9 allows remote ...)
 	- libav <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/07/libav-null-pointer-dereference-in-get_vlc2_get_bits_h/
 	NOTE: Fixed by: https://github.com/libav/libav/commit/e5b019725f53b79159931d3a7317107cbbfd0860
 	NOTE: Cf. CVE-2016-8676 as well which remain unfixed after e5b019725f53b79159931d3a7317107cbbfd0860
-CVE-2016-8674
+CVE-2016-8674 (The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows re ...)
 	{DSA-3797-1}
 	- mupdf 1.9a+ds1-2 (bug #840957)
 	[wheezy] - mupdf <not-affected> (Crash is not reproducible with reprocuder. Needs clarification from upstream.)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697015
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697019
-CVE-2016-8670
+CVE-2016-8670 (Integer signedness error in the dynamicGetbuf function in gd_io_dp.c i ...)
 	{DSA-3693-1 DLA-665-1}
 	- libgd2 2.2.3-87-gd0fec80-1 (bug #840805)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73280
 	NOTE: https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/15/1
-CVE-2016-8671
+CVE-2016-8671 (The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not prop ...)
 	- matrixssl <not-affected> (Incomplete fix for CVE-2016-6887 not applied)
 	NOTE: https://blog.fuzzing-project.org/54-Update-on-MatrixSSL-miscalculation-incomplete-fix-for-CVE-2016-6887.html
-CVE-2016-8669
+CVE-2016-8669 (The serial_update_parameters function in hw/char/serial.c in QEMU (aka ...)
 	{DLA-1497-1 DLA-679-1 DLA-678-1}
 	- qemu 1:2.8+dfsg-1 (bug #840945)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02461.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1384909
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=3592fe0c919cf27a81d8e9f9b4f269553418bb01
-CVE-2016-8668
+CVE-2016-8668 (The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Q ...)
 	- qemu 1:2.8+dfsg-1 (bug #840948)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced after v2.4.0-rc0)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced after v2.4.0-rc0)
 	- qemu-kvm <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02501.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1384896
-CVE-2016-8667
+CVE-2016-8667 (The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulat ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-4 (bug #840950)
 	[wheezy] - qemu <no-dsa> (minor issue)
@@ -6643,13 +6643,13 @@ CVE-2016-8663
 	REJECTED
 CVE-2016-8662
 	REJECTED
-CVE-2016-8661
+CVE-2016-8661 (Little Snitch version 3.0 through 3.6.1 suffer from a buffer overflow  ...)
 	NOT-FOR-US: Little Snitch
-CVE-2016-8657
+CVE-2016-8657 (It was discovered that EAP packages in certain versions of Red Hat Ent ...)
 	NOT-FOR-US: Red Hat JBoss; jbossas Red Hat configuration file permissions and init script
-CVE-2016-8656
+CVE-2016-8656 (Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to ...)
 	NOT-FOR-US: Red Hat JBoss; jbossas init script
-CVE-2016-8655
+CVE-2016-8655 (Race condition in net/packet/af_packet.c in the Linux kernel through 4 ...)
 	{DLA-772-1}
 	- linux 4.8.15-1
 	[jessie] - linux 3.16.39-1
@@ -6657,21 +6657,21 @@ CVE-2016-8655
 	NOTE: Introduced by: https://git.kernel.org/linus/f6fb8f100b807378fda19e83e5ac6828b638603a (v3.2-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/84ac7260236a49c79eede91617700174c2c19b0c (v4.9-rc8)
 	NOTE: Non-privileged user namespaces disabled by default, only exploitable by arbitrary user if sysctl kernel.unprivileged_userns_clone=1
-CVE-2016-8654
+CVE-2016-8654 (A heap-buffer overflow vulnerability was found in QMFB code in JPC cod ...)
 	{DSA-3785-1 DLA-739-1}
 	- jasper <removed>
 	NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/93
 	NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/94
 	NOTE: https://github.com/mdadams/jasper/commit/4a59cfaf9ab3d48fca4a15c0d2674bf7138e3d1a
-CVE-2016-8653
+CVE-2016-8653 (It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Ha ...)
 	NOT-FOR-US: JMX endpoint of Red Hat JBoss Fuse 6 and Red Hat A-MQ 6
-CVE-2016-8652
+CVE-2016-8652 (The auth component in Dovecot before 2.2.27, when auth-policy is confi ...)
 	- dovecot 1:2.2.27-1 (bug #846605)
 	[jessie] - dovecot <not-affected> (Only affects 2.2.25 up and including 2.2.26.1)
 	[wheezy] - dovecot <not-affected> (Only affects 2.2.25 up and including 2.2.26.1)
-CVE-2016-8651
+CVE-2016-8651 (An input validation flaw was found in the way OpenShift 3 handles requ ...)
 	NOT-FOR-US: OpenShift Enterprise
-CVE-2016-8650
+CVE-2016-8650 (The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through ...)
 	- linux 4.8.11-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -6680,204 +6680,204 @@ CVE-2016-8650
 	NOTE: Fixed by: https://git.kernel.org/linus/f5527fffff3f002b0a6b376163613b82f69de073
 	NOTE: Introduced by https://git.kernel.org/linus/cdec9cb5167ab1113ba9c58e395f664d9d3f9acb (v3.3-rc1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1343162 (not yet opened)
-CVE-2016-8649
+CVE-2016-8649 (lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker ...)
 	- lxc 1:2.0.6-1 (bug #845465)
 	[jessie] - lxc 1:1.0.6-6+deb8u5
 	[wheezy] - lxc <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/lxc/lxc/commit/81f466d05f2a89cb4f122ef7f593ff3f279b165c
 	NOTE: Details: https://launchpad.net/bugs/1639345
 	NOTE: To be complete this needs as well changes to src:linux
-CVE-2016-8648
+CVE-2016-8648 (It was found that the Karaf container used by Red Hat JBoss Fuse 6.x,  ...)
 	NOT-FOR-US: Karaf container uses by Red Hat products
-CVE-2016-8647
+CVE-2016-8647 (An input validation vulnerability was found in Ansible's mysql_user mo ...)
 	- ansible 2.2.0.0-4 (bug #844691)
 	[jessie] - ansible <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ansible/ansible-modules-core/pull/5388
-CVE-2016-8646
+CVE-2016-8646 (The hash_accept function in crypto/algif_hash.c in the Linux kernel be ...)
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux 3.2.78-1
 	NOTE: https://lkml.org/lkml/2016/10/12/198
 	NOTE: Fixed by: https://git.kernel.org/linus/4afa5f9617927453ac04b24b584f6c718dfb4f45 (v4.4-rc2)
-CVE-2016-8645
+CVE-2016-8645 (The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncat ...)
 	{DLA-772-1}
 	- linux 4.8.11-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/ac6e780070e30e4c35bd395acfe9191e6268bdd3 (v4.9-rc6)
-CVE-2016-8644
+CVE-2016-8644 (In Moodle 2.x and 3.x, the capability to view course notes is checked  ...)
 	- moodle 2.7.17+dfsg-1
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=343277
-CVE-2016-8643
+CVE-2016-8643 (In Moodle 2.x and 3.x, non-admin site managers may accidentally edit a ...)
 	- moodle 2.7.17+dfsg-1
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=343276
-CVE-2016-8642
+CVE-2016-8642 (In Moodle 2.x and 3.x, the question engine allows access to files that ...)
 	- moodle 2.7.17+dfsg-1
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=343275
-CVE-2016-10089
+CVE-2016-10089 (Nagios 4.3.2 and earlier allows local users to gain root privileges vi ...)
 	- nagios3 <not-affected> (Vulnerable code not present)
 	NOTE: Flaw in upstream damon-init.in. Debian package installs an own init-skript.
-CVE-2016-8641
+CVE-2016-8641 (A privilege escalation vulnerability was found in nagios 4.2.x that oc ...)
 	- nagios3 <not-affected> (Vulnerable code not present)
 	NOTE: Flaw in upstream damon-init.in. Debian package installs an own init-skript.
-CVE-2016-8640
+CVE-2016-8640 (A SQL injection vulnerability in pycsw all versions before 2.0.2, 1.10 ...)
 	- pycsw 2.0.2+dfsg-1
 	NOTE: https://github.com/geopython/pycsw/pull/474/files
 	NOTE: https://patch-diff.githubusercontent.com/raw/geopython/pycsw/pull/474.patch
-CVE-2016-8639
+CVE-2016-8639 (It was found that foreman before 1.13.0 is vulnerable to a stored XSS  ...)
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/15037
 	NOTE: https://github.com/theforeman/foreman/pull/3523
-CVE-2016-8638
+CVE-2016-8638 (A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 bef ...)
 	- ipsilon <itp> (bug #826838)
 	NOTE: https://ipsilon-project.org/advisory/CVE-2016-8638.txt
 	NOTE: https://pagure.io/ipsilon/c/511fa8b7001c2f9a42301aa1d4b85aaf170a461c
-CVE-2016-8637
+CVE-2016-8637 (A local information disclosure issue was found in dracut before 045 wh ...)
 	- dracut 044+189-1 (low; bug #843697)
 	[jessie] - dracut <no-dsa> (Minor issue)
 	[wheezy] - dracut <not-affected> (Introduced in 030 upstream)
 	NOTE: Fixed by: http://git.kernel.org/cgit/boot/dracut/dracut.git/commit/?id=0db98910a11c12a454eac4c8e86dc7a7bbc764a4
 	NOTE: Introduced by: http://git.kernel.org/cgit/boot/dracut/dracut.git/commit/?id=5f2c30d9bcd614d546d5c55c6897e33f88b9ab90 (030)
-CVE-2016-8636
+CVE-2016-8636 (Integer overflow in the mem_check_range function in drivers/infiniband ...)
 	- linux 4.9.10-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fix https://github.com/torvalds/linux/commit/647bf3d8a8e5777319da92af672289b2a6c4dc66
-CVE-2016-8635
+CVE-2016-8635 (It was found that Diffie Hellman Client key exchange handling in NSS 3 ...)
 	- nss 2:3.25-1
 	NOTE: Patch as applied in CentOS (but contains other changes):
 	NOTE: https://git.centos.org/blob/rpms!nss!/aada6b10b73091276397404059605d13e7548462/SOURCES!moz-1314604.patch
 	NOTE: Further info: https://bugzilla.redhat.com/show_bug.cgi?id=1391818
 	NOTE: Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1314604
-CVE-2016-8634
+CVE-2016-8634 (A vulnerability was found in foreman 1.14.0. When creating an organiza ...)
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/17195
-CVE-2016-8633
+CVE-2016-8633 (drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain un ...)
 	{DLA-772-1}
 	- linux 4.8.7-1
 	[jessie] - linux 3.16.39-1
 	NOTE: https://git.kernel.org/linus/667121ace9dbafb368618dbabcf07901c962ddac
 	NOTE: https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/
-CVE-2016-8632
+CVE-2016-8632 (The tipc_msg_build function in net/tipc/msg.c in the Linux kernel thro ...)
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in 3.17-rc1)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.17-rc1)
 	NOTE: https://www.mail-archive.com/netdev@vger.kernel.org/msg133205.html
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3de81b758853f0b29c61e246679d20b513c4cfec (v4.9-rc8)
-CVE-2016-8631
+CVE-2016-8631 (The OpenShift Enterprise 3 router does not properly sort routes when p ...)
 	NOT-FOR-US: OpenShift Enterprise
-CVE-2016-8630
+CVE-2016-8630 (The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux ke ...)
 	- linux 4.8.7-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/d9092f52d7e61dd1557f2db2400ddb430e85937e (v4.9-rc4)
 	NOTE: Introduced by: https://git.kernel.org/linus/41061cdb98a0bec464278b4db8e894a3121671f5 (v3.17-rc1)
-CVE-2016-8629
+CVE-2016-8629 (Red Hat Keycloak before version 2.4.0 did not correctly check permissi ...)
 	NOT-FOR-US: Keycloak
-CVE-2016-8628
+CVE-2016-8628 (Ansible before version 2.2.0 fails to properly sanitize fact variables ...)
 	- ansible 2.2.0.0-1 (bug #842985)
 	[jessie] - ansible <not-affected> (Vulnerable code not present)
 	NOTE: Fixed upstream in v2.2.0.0-1
 	NOTE: Needs an attacker to compromise a controlled server.
-CVE-2016-8627
+CVE-2016-8627 (admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an ...)
 	NOT-FOR-US: Red Hat JBoss EAP
-CVE-2016-8626
+CVE-2016-8626 (A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object  ...)
 	- ceph 10.2.5-1 (bug #844200)
 	[jessie] - ceph 0.80.7-2+deb8u2
 	NOTE: http://tracker.ceph.com/issues/17635
-CVE-2016-8625
+CVE-2016-8625 (curl before version 7.51.0 uses outdated IDNA 2003 standard to handle  ...)
 	- curl 7.51.0-1
 	[jessie] - curl <no-dsa> (the fix is too invasive)
 	[wheezy] - curl <no-dsa> (the fix is too invasive)
 	NOTE: https://github.com/curl/curl/commit/9c91ec778104ae3b744b39444d544e82d5ee9ece
 	NOTE: https://curl.haxx.se/docs/adv_20161102K.html
 	NOTE: https://curl.haxx.se/CVE-2016-8625.patch
-CVE-2016-8624
+CVE-2016-8624 (curl before version 7.51.0 doesn't parse the authority component of th ...)
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/3bb273db7e40ebc284cff45f3ce3f0475c8339c2
 	NOTE: https://curl.haxx.se/docs/adv_20161102J.html
 	NOTE: https://curl.haxx.se/CVE-2016-8624.patch
-CVE-2016-8623
+CVE-2016-8623 (A flaw was found in curl before version 7.51.0. The way curl handles c ...)
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/c5be3d7267c725dbd093ff3a883e07ee8cf2a1d5
 	NOTE: https://curl.haxx.se/docs/adv_20161102I.html
 	NOTE: https://curl.haxx.se/CVE-2016-8623.patch
-CVE-2016-8622
+CVE-2016-8622 (The URL percent-encoding decode function in libcurl before 7.51.0 is c ...)
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/53e71e47d6b81650d26ec33a58d0dca24c7ffb2c
 	NOTE: https://curl.haxx.se/docs/adv_20161102H.html
 	NOTE: https://curl.haxx.se/CVE-2016-8622.patch
-CVE-2016-8621
+CVE-2016-8621 (The `curl_getdate` function in curl before version 7.51.0 is vulnerabl ...)
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/96a80b5a262fb6dd2ddcea7987296f3b9a405618
 	NOTE: https://curl.haxx.se/docs/adv_20161102G.html
 	NOTE: https://curl.haxx.se/CVE-2016-8621.patch
-CVE-2016-8620
+CVE-2016-8620 (The 'globbing' feature in curl before version 7.51.0 has a flaw that l ...)
 	{DSA-3705-1}
 	- curl 7.51.0-1
 	[wheezy] - curl <not-affected> (Vulnerable code introduced in 7.34.0)
 	NOTE: https://github.com/curl/curl/commit/fbb5f1aa0326d485d5a7ac643b48481897ca667f
 	NOTE: https://curl.haxx.se/docs/adv_20161102F.html
 	NOTE: https://curl.haxx.se/CVE-2016-8620.patch
-CVE-2016-8619
+CVE-2016-8619 (The function `read_data()` in security.c in curl before version 7.51.0 ...)
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/3d6460edeee21d7d790ec570d0887bed1f4366dd
 	NOTE: https://curl.haxx.se/docs/adv_20161102E.html
 	NOTE: https://curl.haxx.se/CVE-2016-8619.patch
-CVE-2016-8618
+CVE-2016-8618 (The libcurl API function called `curl_maprintf()` before version 7.51. ...)
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/8732ec40db652c53fa58cd13e2acb8eab6e40874
 	NOTE: https://curl.haxx.se/docs/adv_20161102D.html
 	NOTE: https://curl.haxx.se/CVE-2016-8618.patch
-CVE-2016-8617
+CVE-2016-8617 (The base64 encode function in curl before version 7.51.0 is prone to a ...)
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/efd24d57426bd77c9b5860e6b297904703750412
 	NOTE: https://curl.haxx.se/docs/adv_20161102C.html
 	NOTE: https://curl.haxx.se/CVE-2016-8617.patch
-CVE-2016-8616
+CVE-2016-8616 (A flaw was found in curl before version 7.51.0 When re-using a connect ...)
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/b3ee26c5df75d97f6895e6ec4538894ebaf76e48
 	NOTE: https://curl.haxx.se/docs/adv_20161102B.html
 	NOTE: https://curl.haxx.se/CVE-2016-8616.patch
-CVE-2016-8615
+CVE-2016-8615 (A flaw was found in curl before version 7.51. If cookie state is writt ...)
 	{DSA-3705-1 DLA-711-1}
 	- curl 7.51.0-1
 	NOTE: https://github.com/curl/curl/commit/cff89bc088b7884098ea0c5378bbda3d49c437bc
 	NOTE: https://curl.haxx.se/docs/adv_20161102A.html
 	NOTE: https://curl.haxx.se/CVE-2016-8615.patch
-CVE-2016-8614
+CVE-2016-8614 (A flaw was found in Ansible before version 2.2.0. The apt_key module d ...)
 	- ansible 2.2.0.0-1 (bug #842984)
 	[jessie] - ansible <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed upstream in v2.2.0.0-1
 	NOTE: https://github.com/ansible/ansible-modules-core/issues/5237
 	NOTE: https://github.com/ansible/ansible-modules-core/pull/5353
 	NOTE: https://github.com/ansible/ansible-modules-core/pull/5357
-CVE-2016-8613
+CVE-2016-8613 (A flaw was found in foreman 1.5.1. The remote execution plugin runs co ...)
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/17066/
 	NOTE: https://github.com/theforeman/foreman_remote_execution/pull/208
-CVE-2016-8612
+CVE-2016-8612 (Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerab ...)
 	- libapache2-mod-cluster <itp> (bug #731410)
-CVE-2016-8611
+CVE-2016-8611 (A vulnerability was found in Openstack Glance. No limits are enforced  ...)
 	- glance <unfixed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/27/16
-CVE-2016-8610
+CVE-2016-8610 (A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 thro ...)
 	{DSA-3773-1 DLA-814-1}
 	- openssl 1.0.2j-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/24/3
 	NOTE: Fixed by: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=af58be768ebb690f78530f796e92b8ae5c9a4401
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1384743 mentions countermeasures in gnutls
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/1ffb827e45721ef56982d0ffd5c5de52376c428e
-CVE-2016-8609
+CVE-2016-8609 (It was found that the keycloak before 2.3.0 did not implement authenti ...)
 	NOT-FOR-US: Keycloak
-CVE-2016-8608
+CVE-2016-8608 (JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via busine ...)
 	NOT-FOR-US: JBoss BPMS
 CVE-2016-8607
 	RESERVED
@@ -6885,52 +6885,52 @@ CVE-2016-8604
 	RESERVED
 CVE-2016-8603
 	RESERVED
-CVE-2016-8600
+CVE-2016-8600 (In dotCMS 3.2.1, attacker can load captcha once, fill it with correct  ...)
 	NOT-FOR-US: dotCMS
 CVE-2016-8599
 	RESERVED
-CVE-2016-8598
+CVE-2016-8598 (Buffer overflow in the zmq interface in csp_if_zmqhub.c in the libcsp  ...)
 	- libcsp <removed> (bug #843012)
 	NOTE: https://github.com/GomSpace/libcsp/pull/81/commits/4435fbed4090ff3cd090a61517430fe8a3924cd8
-CVE-2016-8597
+CVE-2016-8597 (Buffer overflow in the csp_sfp_recv_fp in csp_sfp.c in the libcsp libr ...)
 	- libcsp <removed> (bug #843012)
 	NOTE: https://github.com/GomSpace/libcsp/pull/81/commits/4435fbed4090ff3cd090a61517430fe8a3924cd8
-CVE-2016-8596
+CVE-2016-8596 (Buffer overflow in the csp_can_process_frame in csp_if_can.c in the li ...)
 	- libcsp <removed> (bug #843012)
 	NOTE: https://github.com/GomSpace/libcsp/pull/81/commits/4435fbed4090ff3cd090a61517430fe8a3924cd8
-CVE-2016-8595
+CVE-2016-8595 (The gsm_parse function in libavcodec/gsm_parser.c in FFmpeg before 3.1 ...)
 	- ffmpeg 7:3.1.5-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/08/2
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/987690799dd86433bf98b897aaa4c8d93ade646d
 CVE-2016-8594
 	RESERVED
-CVE-2016-8666
+CVE-2016-8666 (The IP stack in the Linux kernel before 4.6 allows remote attackers to ...)
 	- linux 4.6.1-1
 	[jessie] - linux 3.6.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/fac8e0f579695a3ecbc4d3cac369139d7f819971
 	NOTE: Introduced by: htttps://git.kernel.org/linus/bf5a755f5e9186406bbf50f4087100af5bd68e40
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/13/11
-CVE-2016-8660
+CVE-2016-8660 (The XFS subsystem in the Linux kernel through 4.8.2 allows local users ...)
 	- linux <unfixed> (low)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux-4.9 <unfixed> (low)
-CVE-2016-8659
+CVE-2016-8659 (Bubblewrap before 0.1.3 sets the PR_SET_DUMPABLE flag, which might all ...)
 	- bubblewrap 0.1.2-2 (bug #840605)
 	NOTE: https://github.com/projectatomic/bubblewrap/issues/107
-CVE-2016-8658
+CVE-2016-8658 (Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in ...)
 	- linux 4.7.5-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later in 3.7)
 	NOTE: Fixed by: https://git.kernel.org/linus/ded89912156b1a47d940a0c954c43afbabd0c42c (v4.8-rc8)
-CVE-2016-8606
+CVE-2016-8606 (The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to e ...)
 	{DLA-666-1}
 	- guile-2.0 2.0.13+1-1 (low; bug #840555)
 	[jessie] - guile-2.0 2.0.11+1-9+deb8u1
 	- guile-1.8 <not-affected> (repl server introduced in 2.0)
 	NOTE: Patch: http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=08c021916dbd3a235a9f9cc33df4c418c0724e03
-CVE-2016-8605
+CVE-2016-8605 (The mkdir procedure of GNU Guile temporarily changed the process' umas ...)
 	{DLA-666-1}
 	- guile-2.0 2.0.13+1-1 (low; bug #840556)
 	[jessie] - guile-2.0 2.0.11+1-9+deb8u1
@@ -6939,42 +6939,42 @@ CVE-2016-8605
 	[wheezy] - guile-1.8 <no-dsa> (Minor issue)
 	NOTE: http://bugs.gnu.org/24659
 	NOTE: Patch: http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=245608911698adb3472803856019bdd5670b6614
-CVE-2016-8593
+CVE-2016-8593 (Directory traversal vulnerability in upload.cgi in Trend Micro Threat  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-8592
+CVE-2016-8592 (log_query_system.cgi in Trend Micro Threat Discovery Appliance 2.6.106 ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-8591
+CVE-2016-8591 (log_query.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-8590
+CVE-2016-8590 (log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-8589
+CVE-2016-8589 (log_query_dae.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-8588
+CVE-2016-8588 (The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.10 ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-8587
+CVE-2016-8587 (dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.10 ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-8586
+CVE-2016-8586 (detected_potential_files.cgi in Trend Micro Threat Discovery Appliance ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-8585
+CVE-2016-8585 (admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-8584
+CVE-2016-8584 (Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses pre ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-8583
+CVE-2016-8583 (Multiple GET parameters in the vulnerability scan scheduler of AlienVa ...)
 	NOT-FOR-US: AlienVault
-CVE-2016-8582
+CVE-2016-8582 (A vulnerability exists in gauge.php of AlienVault OSSIM and USM before ...)
 	NOT-FOR-US: AlienVault
-CVE-2016-8581
+CVE-2016-8581 (A persistent XSS vulnerability exists in the User-Agent header of the  ...)
 	NOT-FOR-US: AlienVault
-CVE-2016-8580
+CVE-2016-8580 (PHP object injection vulnerabilities exist in multiple widget files in ...)
 	NOT-FOR-US: AlienVault
-CVE-2016-8579
+CVE-2016-8579 (docker2aci &lt;= 0.12.3 has an infinite loop when handling local image ...)
 	- golang-github-appc-docker2aci 0.12.3+dfsg-2 (bug #840711)
 	NOTE: https://github.com/appc/docker2aci/issues/203
 	NOTE: https://github.com/lucab/docker2aci/commit/54331ec7020e102935c31096f336d31f6400064f
-CVE-2016-8575
+CVE-2016-8575 (The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in prin ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-8574
+CVE-2016-8574 (The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in pri ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-8573
@@ -6985,19 +6985,19 @@ CVE-2016-8571
 	RESERVED
 CVE-2016-8570
 	RESERVED
-CVE-2016-8567
+CVE-2016-8567 (An issue was discovered in Siemens SICAM PAS before 8.00. A factory ac ...)
 	NOT-FOR-US: Siemens
-CVE-2016-8566
+CVE-2016-8566 (An issue was discovered in Siemens SICAM PAS before 8.00. Because of S ...)
 	NOT-FOR-US: Siemens
-CVE-2016-8565
+CVE-2016-8565 (Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote  ...)
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2016-8564
+CVE-2016-8564 (SQL injection vulnerability in Siemens Automation License Manager (ALM ...)
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2016-8563
+CVE-2016-8563 (Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allow ...)
 	NOT-FOR-US: Siemens Automation License Manager
-CVE-2016-8562
+CVE-2016-8562 (Siemens SIMATIC CP 1543-1 before 2.0.28, when SNMPv3 write access or S ...)
 	NOT-FOR-US: Siemens SIMATIC CP
-CVE-2016-8561
+CVE-2016-8561 (Siemens SIMATIC CP 1543-1 before 2.0.28 allows remote authenticated us ...)
 	NOT-FOR-US: Siemens SIMATIC CP
 CVE-2016-8560
 	REJECTED
@@ -7049,75 +7049,75 @@ CVE-2016-8537
 	REJECTED
 CVE-2016-8536
 	REJECTED
-CVE-2016-8535
+CVE-2016-8535 (A remote HTTP parameter Pollution vulnerability in HPE Matrix Operatin ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-8534
+CVE-2016-8534 (A remote privilege elevation vulnerability in HPE Matrix Operating Env ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-8533
+CVE-2016-8533 (A remote priviledge escalation vulnerability in HPE Matrix Operating E ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-8532
+CVE-2016-8532 (A cross site scripting vulnerability in HPE Matrix Operating Environme ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-8531
+CVE-2016-8531 (A remote information disclosure vulnerability in HPE Matrix Operating  ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-8530
+CVE-2016-8530 (A remote denial of service vulnerability in HPE iMC PLAT version v7.2  ...)
 	NOT-FOR-US: HPE iMC PLAT
-CVE-2016-8529
+CVE-2016-8529 (A Remote Arbitrary Command Execution vulnerability in HPE StoreVirtual ...)
 	NOT-FOR-US: HPE StoreVirtual
-CVE-2016-8528
+CVE-2016-8528 (A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptu ...)
 	NOT-FOR-US: HPE Helion Eucalyptus
-CVE-2016-8527
+CVE-2016-8527 (Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulner ...)
 	NOT-FOR-US: Aruba
-CVE-2016-8526
+CVE-2016-8526 (Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulner ...)
 	NOT-FOR-US: Aruba
-CVE-2016-8525
+CVE-2016-8525 (A Remote Disclosure of Information vulnerability in HPE iMC PLAT versi ...)
 	NOT-FOR-US: HPE iMC PLAT
 CVE-2016-8524
 	REJECTED
-CVE-2016-8523
+CVE-2016-8523 (A Remote Arbitrary Code Execution vulnerability in HPE Smart Storage A ...)
 	NOT-FOR-US: HP Smart Storage Administrator
-CVE-2016-8522
+CVE-2016-8522 (A cross-site scripting vulnerability in HPE Diagnostics version 9.24 I ...)
 	NOT-FOR-US: HPE Diagnostics
-CVE-2016-8521
+CVE-2016-8521 (A Remote click jacking vulnerability in HPE Diagnostics version 9.24 I ...)
 	NOT-FOR-US: HPE Diagnostics
-CVE-2016-8520
+CVE-2016-8520 (HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM  ...)
 	- eucalyptus <removed>
-CVE-2016-8519
+CVE-2016-8519 (A remote code execution vulnerability in HPE Operations Orchestration  ...)
 	NOT-FOR-US: HPE Operations Orchestration
-CVE-2016-8518
+CVE-2016-8518 (A remote denial of service vulnerability in HPE Systems Insight Manage ...)
 	NOT-FOR-US: HPE
-CVE-2016-8517
+CVE-2016-8517 (A cross site scripting vulnerability in HPE Systems Insight Manager in ...)
 	NOT-FOR-US: HPE
-CVE-2016-8516
+CVE-2016-8516 (A remote denial of service vulnerability in HPE Systems Insight Manage ...)
 	NOT-FOR-US: HPE
-CVE-2016-8515
+CVE-2016-8515 (A remote malicious file upload vulnerability in HPE Version Control Re ...)
 	NOT-FOR-US: HPE Version Control Repository Manager
-CVE-2016-8514
+CVE-2016-8514 (A remote information disclosure in HPE Version Control Repository Mana ...)
 	NOT-FOR-US: HPE Version Control Repository Manager
-CVE-2016-8513
+CVE-2016-8513 (A Cross-Site Request Forgery (CSRF) vulnerability in HPE Version Contr ...)
 	NOT-FOR-US: HPE Version Control Repository Manager
-CVE-2016-8512
+CVE-2016-8512 (A Remote Code Execution vulnerability in all versions of HPE LoadRunne ...)
 	NOT-FOR-US: HPE
-CVE-2016-8511
+CVE-2016-8511 (A Remote Code Execution vulnerability in HPE Network Automation using  ...)
 	NOT-FOR-US: HPE
 CVE-2016-8510
 	REJECTED
 CVE-2016-8509
 	REJECTED
-CVE-2016-8508
+CVE-2016-8508 (Yandex Browser for desktop before 17.1.1.227 does not show Protect (si ...)
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8507
+CVE-2016-8507 (Yandex Browser for iOS before 16.10.0.2357 does not properly restrict  ...)
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8506
+CVE-2016-8506 (XSS in Yandex Browser Translator in Yandex browser for desktop for ver ...)
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8505
+CVE-2016-8505 (XSS in Yandex Browser BookReader in Yandex browser for desktop for ver ...)
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8504
+CVE-2016-8504 (CSRF of synchronization form in Yandex Browser for desktop before vers ...)
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8503
+CVE-2016-8503 (Yandex Protect Anti-phishing warning in Yandex Browser for desktop fro ...)
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8502
+CVE-2016-8502 (Yandex Protect Anti-phishing warning in Yandex Browser for desktop fro ...)
 	NOT-FOR-US: Yandex Browser
-CVE-2016-8501
+CVE-2016-8501 (Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 all ...)
 	NOT-FOR-US: Yandex Browser
 CVE-2016-8500
 	REJECTED
@@ -7129,15 +7129,15 @@ CVE-2016-8497
 	REJECTED
 CVE-2016-8496
 	REJECTED
-CVE-2016-8495
+CVE-2016-8495 (An improper certificate validation vulnerability in Fortinet FortiMana ...)
 	NOT-FOR-US: FortiManager
-CVE-2016-8494
+CVE-2016-8494 (Insufficient verification of uploaded files allows attackers with webu ...)
 	NOT-FOR-US: Fortiguard
-CVE-2016-8493
+CVE-2016-8493 (In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privil ...)
 	NOT-FOR-US: Fortiguard
-CVE-2016-8492
+CVE-2016-8492 (The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows a ...)
 	NOT-FOR-US: Fortinet FortiWLC
-CVE-2016-8491
+CVE-2016-8491 (The presence of a hardcoded account named 'core' in Fortinet FortiWLC  ...)
 	NOT-FOR-US: Fortinet FortiWLC
 CVE-2016-XXXX [dbus format string vulnerability]
 	- dbus 1.10.12-1
@@ -7155,7 +7155,7 @@ CVE-2016-XXXX [dbus format string vulnerability]
 	NOTE: and no mechanism is currently known by which an attacker who does not
 	NOTE: already have root privileges could induce systemd to send messages
 	NOTE: that would trigger the format string vulnerability.
-CVE-2016-8686
+CVE-2016-8686 (The bm_new function in bitmap.h in potrace 1.13 allows remote attacker ...)
 	- potrace 1.14-1 (low; bug #850595)
 	[stretch] - potrace <no-dsa> (Minor issue)
 	[jessie] - potrace <no-dsa> (Minor issue)
@@ -7163,27 +7163,27 @@ CVE-2016-8686
 	NOTE: https://blogs.gentoo.org/ago/2016/08/29/potrace-memory-allocation-failure
 	NOTE: http://potrace.sourceforge.net/ChangeLog claims that it's fixed in 1.14
 	NOTE: but see https://lists.debian.org/debian-lts/2017/05/msg00032.html
-CVE-2016-8685
+CVE-2016-8685 (The findnext function in decompose.c in potrace 1.13 allows remote att ...)
 	{DLA-889-1}
 	- potrace 1.13-3 (bug #843861)
 	[jessie] - potrace <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2016/08/29/potrace-invalid-memory-access-in-findnext-decompose-c/
-CVE-2016-8684
+CVE-2016-8684 (The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25  ...)
 	{DSA-3746-1 DLA-683-1}
 	- graphicsmagick 1.3.25-5
 	NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-memory-allocation-failure-in-magickmalloc-memory-c/
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/c53725cb5449
-CVE-2016-8683
+CVE-2016-8683 (The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 all ...)
 	{DSA-3746-1 DLA-683-1}
 	- graphicsmagick 1.3.25-5
 	NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-memory-allocation-failure-in-readpcximage-pcx-c/
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/b9edafd479b9
-CVE-2016-8682
+CVE-2016-8682 (The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 all ...)
 	{DSA-3746-1 DLA-683-1}
 	- graphicsmagick 1.3.25-5
 	NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-stack-based-buffer-overflow-in-readsctimage-sct-c/
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/0a0dfa81906d
-CVE-2016-8679
+CVE-2016-8679 (The _dwarf_get_size_of_val function in libdwarf/dwarf_util.c in Libdwa ...)
 	- dwarfutils 20161001-2 (bug #840958)
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
@@ -7191,51 +7191,51 @@ CVE-2016-8679
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/2d14a7792889e33bc542c28d0f3792964c46214f/#diff-13
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/efe48cad0693d6994d9a7b561e1c3833b073a624/#diff-2
 	NOTE: Same fix as CVE-2016-8681 but different issue
-CVE-2016-8680
+CVE-2016-8680 (The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20 ...)
 	- dwarfutils 20161001-2 (bug #840960)
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/12
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/268c1f18d1d28612af3b72d7c670076b1b88e51c/tree/libdwarf/dwarf_util.c?diff=0b28b923c3bd9827d1d904feed2abadde4fa5de2
-CVE-2016-8681
+CVE-2016-8681 (The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20 ...)
 	- dwarfutils 20161001-2 (bug #840961)
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/2d14a7792889e33bc542c28d0f3792964c46214f/#diff-13
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/efe48cad0693d6994d9a7b561e1c3833b073a624/#diff-2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/13
-CVE-2016-8602
+CVE-2016-8602 (The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 al ...)
 	{DSA-3691-1 DLA-674-1}
 	- ghostscript 9.19~dfsg-3.1 (bug #840451)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697203
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78
 CVE-2016-8601
 	REJECTED
-CVE-2016-8578
+CVE-2016-8578 (The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU (ak ...)
 	{DLA-1599-1 DLA-679-1 DLA-678-1}
 	- qemu 1:2.8+dfsg-1 (bug #840340)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07143.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ba42ebb863ab7d40adc79298422ed9596df8f73a
-CVE-2016-8577
+CVE-2016-8577 (Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Qui ...)
 	{DLA-1599-1 DLA-679-1 DLA-678-1}
 	- qemu 1:2.8+dfsg-1 (bug #840341)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07127.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=e95c9a493a5a8d6f969e86c9f19f80ffe6587e19
-CVE-2016-8576
+CVE-2016-8576 (The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick E ...)
 	{DLA-1497-1 DLA-679-1 DLA-678-1}
 	- qemu 1:2.8+dfsg-1 (bug #840343)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01265.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=05f43d44e4bc26611ce25fd7d726e483f73363ce
-CVE-2016-8569
+CVE-2016-8569 (The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows  ...)
 	- libgit2 0.24.2-2 (bug #840227)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
 	[experimental] - cargo 0.17.0-1~exp1
 	- cargo 0.17.0-1 (bug #860989)
 	NOTE: https://github.com/libgit2/libgit2/issues/3937
-CVE-2016-8568
+CVE-2016-8568 (The git_commit_message function in oid.c in libgit2 before 0.24.3 allo ...)
 	- libgit2 0.24.5-1 (bug #840227)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
 	[experimental] - cargo 0.17.0-1~exp1
@@ -7245,210 +7245,210 @@ CVE-2016-8490
 	RESERVED
 CVE-2016-8489
 	REJECTED
-CVE-2016-8488
+CVE-2016-8488 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-8487
+CVE-2016-8487 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-8486
+CVE-2016-8486 (An information disclosure vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-8485
+CVE-2016-8485 (An information disclosure vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-8484
+CVE-2016-8484 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-8483
+CVE-2016-8483 (An information disclosure vulnerability in the Qualcomm power driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8482
+CVE-2016-8482 (An elevation of privilege vulnerability in the NVIDIA GPU driver. Prod ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-8481
+CVE-2016-8481 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8480
+CVE-2016-8480 (An elevation of privilege vulnerability in the Qualcomm Secure Executi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8479
+CVE-2016-8479 (An elevation of privilege vulnerability in the Qualcomm GPU driver cou ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8478
+CVE-2016-8478 (An information disclosure vulnerability in the Qualcomm video driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8477
+CVE-2016-8477 (An information disclosure vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8476
+CVE-2016-8476 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8475
+CVE-2016-8475 (An information disclosure vulnerability in the HTC input driver could  ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2016-8474
+CVE-2016-8474 (An information disclosure vulnerability in the STMicroelectronics driv ...)
 	NOT-FOR-US: STMicroelectronics driver for Android
-CVE-2016-8473
+CVE-2016-8473 (An information disclosure vulnerability in the STMicroelectronics driv ...)
 	NOT-FOR-US: STMicroelectronics driver for Android
-CVE-2016-8472
+CVE-2016-8472 (An information disclosure vulnerability in the MediaTek driver could e ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-8471
+CVE-2016-8471 (An information disclosure vulnerability in the MediaTek driver could e ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-8470
+CVE-2016-8470 (An information disclosure vulnerability in the MediaTek driver could e ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-8469
+CVE-2016-8469 (An information disclosure vulnerability in the camera driver could ena ...)
 	NOT-FOR-US: camera driver for Android
-CVE-2016-8468
+CVE-2016-8468 (An elevation of privilege vulnerability in Binder could enable a local ...)
 	NOT-FOR-US: Android Binder
-CVE-2016-8467
+CVE-2016-8467 (An elevation of privilege vulnerability in the bootloader could enable ...)
 	NOT-FOR-US: Android bootloader
-CVE-2016-8466
+CVE-2016-8466 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8465
+CVE-2016-8465 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8464
+CVE-2016-8464 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8463
+CVE-2016-8463 (A denial of service vulnerability in the Qualcomm FUSE file system cou ...)
 	NOT-FOR-US: Qualcomm file system for Android
-CVE-2016-8462
+CVE-2016-8462 (An information disclosure vulnerability in the bootloader could enable ...)
 	NOT-FOR-US: Android bootloader
-CVE-2016-8461
+CVE-2016-8461 (An information disclosure vulnerability in the bootloader could enable ...)
 	NOT-FOR-US: Android bootloader
-CVE-2016-8460
+CVE-2016-8460 (An information disclosure vulnerability in the NVIDIA video driver cou ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8459
+CVE-2016-8459 (Possible buffer overflow in storage subsystem. Bad parameters as part  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8458
+CVE-2016-8458 (An elevation of privilege vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-8457
+CVE-2016-8457 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8456
+CVE-2016-8456 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8455
+CVE-2016-8455 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8454
+CVE-2016-8454 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8453
+CVE-2016-8453 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-8452
+CVE-2016-8452 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8451
+CVE-2016-8451 (An elevation of privilege vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-8450
+CVE-2016-8450 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8449
+CVE-2016-8449 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8448
+CVE-2016-8448 (An elevation of privilege vulnerability in MediaTek components, includ ...)
 	NOT-FOR-US: MediaTek component for Android
-CVE-2016-8447
+CVE-2016-8447 (An elevation of privilege vulnerability in MediaTek components, includ ...)
 	NOT-FOR-US: MediaTek component for Android
-CVE-2016-8446
+CVE-2016-8446 (An elevation of privilege vulnerability in MediaTek components, includ ...)
 	NOT-FOR-US: MediaTek component for Android
-CVE-2016-8445
+CVE-2016-8445 (An elevation of privilege vulnerability in MediaTek components, includ ...)
 	NOT-FOR-US: MediaTek component for Android
-CVE-2016-8444
+CVE-2016-8444 (An elevation of privilege vulnerability in the Qualcomm camera could e ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8443
+CVE-2016-8443 (Possible unauthorized memory access in the hypervisor. Incorrect confi ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8442
+CVE-2016-8442 (Possible unauthorized memory access in the hypervisor. Lack of input v ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8441
+CVE-2016-8441 (Possible buffer overflow in the hypervisor. Inappropriate usage of a s ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8440
+CVE-2016-8440 (Possible buffer overflow in SMMU system call. Improper input validatio ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8439
+CVE-2016-8439 (Possible buffer overflow in trust zone access control API. Buffer over ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8438
+CVE-2016-8438 (Integer overflow leading to a TOCTOU condition in hypervisor PIL. An i ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8437
+CVE-2016-8437 (Improper input validation in Access Control APIs. Access control API m ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8436
+CVE-2016-8436 (An elevation of privilege vulnerability in the Qualcomm video driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8435
+CVE-2016-8435 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8434
+CVE-2016-8434 (An elevation of privilege vulnerability in the Qualcomm GPU driver cou ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8433
+CVE-2016-8433 (An elevation of privilege vulnerability in the MediaTek driver could e ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-8432
+CVE-2016-8432 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8431
+CVE-2016-8431 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8430
+CVE-2016-8430 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8429
+CVE-2016-8429 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8428
+CVE-2016-8428 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8427
+CVE-2016-8427 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8426
+CVE-2016-8426 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8425
+CVE-2016-8425 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8424
+CVE-2016-8424 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-8423
+CVE-2016-8423 (An elevation of privilege vulnerability in the Qualcomm bootloader cou ...)
 	NOT-FOR-US: Qualcomm bootloader for Android
-CVE-2016-8422
+CVE-2016-8422 (An elevation of privilege vulnerability in the Qualcomm bootloader cou ...)
 	NOT-FOR-US: Qualcomm bootloader for Android
-CVE-2016-8421
+CVE-2016-8421 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8420
+CVE-2016-8420 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8419
+CVE-2016-8419 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8418
+CVE-2016-8418 (A remote code execution vulnerability in the Qualcomm crypto driver co ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8417
+CVE-2016-8417 (An elevation of privilege vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8416
+CVE-2016-8416 (An information disclosure vulnerability in the Qualcomm video driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8415
+CVE-2016-8415 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8414
+CVE-2016-8414 (An information disclosure vulnerability in the Qualcomm Secure Executi ...)
 	NOT-FOR-US: Qualcomm Secure Execution Environment Communicator
-CVE-2016-8413
+CVE-2016-8413 (An information disclosure vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8412
+CVE-2016-8412 (An elevation of privilege vulnerability in the Qualcomm camera could e ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8411
+CVE-2016-8411 (Buffer overflow vulnerability while processing QMI QOS TLVs. Product:  ...)
 	NOT-FOR-US: Android
-CVE-2016-8410
+CVE-2016-8410 (An information disclosure vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8409
+CVE-2016-8409 (An information disclosure vulnerability in the NVIDIA video driver cou ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-8408
+CVE-2016-8408 (An information disclosure vulnerability in the NVIDIA video driver cou ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-8407
+CVE-2016-8407 (An information disclosure vulnerability in kernel components including ...)
 	- linux <not-affected> (Android-specific Linux components)
-CVE-2016-8406
+CVE-2016-8406 (An information disclosure vulnerability in kernel components including ...)
 	- linux <not-affected> (Android-specific Linux components)
-CVE-2016-8405
+CVE-2016-8405 (An information disclosure vulnerability in kernel components including ...)
 	{DSA-3791-1 DLA-833-1}
 	- linux 4.9.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/2dc705a9930b4806250fbf5a76e55266e59389f2
-CVE-2016-8404
+CVE-2016-8404 (An information disclosure vulnerability in kernel components including ...)
 	- linux <not-affected> (Android-specific Linux components)
-CVE-2016-8403
+CVE-2016-8403 (An information disclosure vulnerability in kernel components including ...)
 	- linux <not-affected> (Android-specific Linux components)
-CVE-2016-8402
+CVE-2016-8402 (An information disclosure vulnerability in kernel components including ...)
 	- linux <not-affected> (Android-specific Linux components)
-CVE-2016-8401
+CVE-2016-8401 (An information disclosure vulnerability in kernel components including ...)
 	- linux <not-affected> (Android-specific Linux components)
-CVE-2016-8400
+CVE-2016-8400 (An information disclosure vulnerability in the NVIDIA librm library (l ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-8399
+CVE-2016-8399 (An elevation of privilege vulnerability in the kernel networking subsy ...)
 	{DLA-772-1}
 	- linux 4.8.15-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/0eab121ef8750a5c8637d51534d5e9143fb0633f
-CVE-2016-8398
+CVE-2016-8398 (Unauthenticated messages processed by the UE. Certain NAS messages are ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2016-8397
+CVE-2016-8397 (An information disclosure vulnerability in the NVIDIA video driver cou ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-8396
+CVE-2016-8396 (An information disclosure vulnerability in the MediaTek video driver c ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2016-8395
+CVE-2016-8395 (A denial of service vulnerability in the NVIDIA camera driver could en ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-8394
+CVE-2016-8394 (An elevation of privilege vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-8393
+CVE-2016-8393 (An elevation of privilege vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-8392
+CVE-2016-8392 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-8391
+CVE-2016-8391 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-1000246
 	RESERVED
-CVE-2016-7979
+CVE-2016-7979 (Ghostscript before 9.21 might allow remote attackers to bypass the SAF ...)
 	{DSA-3691-1 DLA-674-1}
 	- ghostscript 9.19~dfsg-3.1 (bug #839846)
 	NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697190
@@ -7456,21 +7456,21 @@ CVE-2016-7979
 	NOTE: Patch: http://git.ghostscript.com/?p=ghostpdl.git;h=875a0095f37626a721c7ff57d606a0f95af03913
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/19
-CVE-2016-7978
+CVE-2016-7978 (Use-after-free vulnerability in Ghostscript 9.20 might allow remote at ...)
 	{DSA-3691-1 DLA-674-1}
 	- ghostscript 9.19~dfsg-3.1 (bug #839845)
 	NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697179
 	NOTE: Reproducer: http://bugs.ghostscript.com/show_bug.cgi?id=697179#c0
 	NOTE: Patch: http://git.ghostscript.com/?p=ghostpdl.git;h=6f749c0c44e7b9e09737b9f29edf29925a34f0cf
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7
-CVE-2016-7977
+CVE-2016-7977 (Ghostscript before 9.21 might allow remote attackers to bypass the SAF ...)
 	{DSA-3691-1 DLA-674-1}
 	- ghostscript 9.19~dfsg-3.1 (high; bug #839841)
 	NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697169
 	NOTE: Reproducer: http://www.openwall.com/lists/oss-security/2016/09/29/28
 	NOTE: Patch: http://git.ghostscript.com/?p=ghostpdl.git;h=8abd22010eb4db0fb1b10e430d5f5d83e015ef70
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7
-CVE-2016-7976
+CVE-2016-7976 (The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attacker ...)
 	{DSA-3691-1 DLA-674-1}
 	- ghostscript 9.19~dfsg-3.1 (high; bug #839260)
 	NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697178
@@ -7493,109 +7493,109 @@ CVE-2016-XXXX [nspr, nss: unprotected environment variables]
 	NOTE: Workaround entry for DSA-3688-1/DLA-677-1 until CVE is assigned
 	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.22.1_release_notes
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/02/4
-CVE-2016-8390
+CVE-2016-8390 (An exploitable out of bounds write vulnerability exists in the parsing ...)
 	NOT-FOR-US: Hopper Disassembler
-CVE-2016-8389
+CVE-2016-8389 (An exploitable integer-overflow vulnerability exists within Iceni Argu ...)
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8388
+CVE-2016-8388 (An exploitable arbitrary heap-overwrite vulnerability exists within Ic ...)
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8387
+CVE-2016-8387 (An exploitable heap-based buffer overflow exists in Iceni Argus. When  ...)
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8386
+CVE-2016-8386 (An exploitable heap-based buffer overflow exists in Iceni Argus. When  ...)
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8385
+CVE-2016-8385 (An exploitable uninitialized variable vulnerability which leads to a s ...)
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8384
+CVE-2016-8384 (An exploitable heap corruption vulnerability exists in the DHFSummary  ...)
 	NOT-FOR-US: AntennaHouse
-CVE-2016-8383
+CVE-2016-8383 (An exploitable heap corruption vulnerability exists in the Doc_GetFont ...)
 	NOT-FOR-US: AntennaHouse
-CVE-2016-8382
+CVE-2016-8382 (An exploitable heap corruption vulnerability exists in the Doc_SetSumm ...)
 	NOT-FOR-US: AntennaHouse
 CVE-2016-8381
 	RESERVED
-CVE-2016-8380
+CVE-2016-8380 (The web server in Phoenix Contact ILC PLCs allows access to read and w ...)
 	NOT-FOR-US: web server in Phoenix Contact ILC PLCs
-CVE-2016-8379
+CVE-2016-8379 (An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 a ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8378
+CVE-2016-8378 (An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1. ...)
 	NOT-FOR-US: Lynxspring
-CVE-2016-8377
+CVE-2016-8377 (An issue was discovered in Fatek Automation PLC WinProladder Version 3 ...)
 	NOT-FOR-US: Fatek
-CVE-2016-8376
+CVE-2016-8376 (An issue was discovered in Kabona AB WebDatorCentral (WDC) application ...)
 	NOT-FOR-US: Kabona AB WebDatorCentral
-CVE-2016-8375
+CVE-2016-8375 (An issue was discovered in Becton, Dickinson and Company (BD) Alaris 8 ...)
 	NOT-FOR-US: Alaris 8015 Point of Care
-CVE-2016-8374
+CVE-2016-8374 (An issue was discovered in Schneider Electric Magelis HMI Magelis GTO  ...)
 	NOT-FOR-US: Schneider
 CVE-2016-8373
 	RESERVED
-CVE-2016-8372
+CVE-2016-8372 (An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 a ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8371
+CVE-2016-8371 (The web server in Phoenix Contact ILC PLCs can be accessed without aut ...)
 	NOT-FOR-US: web server in Phoenix Contact ILC PLCs
-CVE-2016-8370
+CVE-2016-8370 (An issue was discovered in Mitsubishi Electric Automation MELSEC-Q ser ...)
 	NOT-FOR-US: Mitsubishi
-CVE-2016-8369
+CVE-2016-8369 (An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1. ...)
 	NOT-FOR-US: Lynxspring
-CVE-2016-8368
+CVE-2016-8368 (An issue was discovered in Mitsubishi Electric Automation MELSEC-Q ser ...)
 	NOT-FOR-US: Mitsubishi
-CVE-2016-8367
+CVE-2016-8367 (An issue was discovered in Schneider Electric Magelis HMI Magelis GTO  ...)
 	NOT-FOR-US: Schneider
-CVE-2016-8366
+CVE-2016-8366 (Webvisit in Phoenix Contact ILC PLCs offers a password macro to protec ...)
 	NOT-FOR-US: Phoenix Contact ILC PLCs
-CVE-2016-8365
+CVE-2016-8365 (OSIsoft PI System software (Applications using PI Asset Framework (AF) ...)
 	NOT-FOR-US: OSIsoft PI
-CVE-2016-8364
+CVE-2016-8364 (An issue was discovered in IBHsoftec S7-SoftPLC prior to 4.12b. Object ...)
 	NOT-FOR-US: IBHsoftec
-CVE-2016-8363
+CVE-2016-8363 (An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/313 ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8362
+CVE-2016-8362 (An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/313 ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8361
+CVE-2016-8361 (An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1. ...)
 	NOT-FOR-US: Lynxspring
-CVE-2016-8360
+CVE-2016-8360 (An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8359
+CVE-2016-8359 (An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 a ...)
 	NOT-FOR-US: Moxa
-CVE-2016-8358
+CVE-2016-8358 (An issue was discovered in Smiths-Medical CADD-Solis Medication Safety ...)
 	NOT-FOR-US: Smiths-Medical
-CVE-2016-8357
+CVE-2016-8357 (An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1. ...)
 	NOT-FOR-US: Lynxspring
-CVE-2016-8356
+CVE-2016-8356 (An issue was discovered in Kabona AB WebDatorCentral (WDC) application ...)
 	NOT-FOR-US: Kabona
-CVE-2016-8355
+CVE-2016-8355 (An issue was discovered in Smiths-Medical CADD-Solis Medication Safety ...)
 	NOT-FOR-US: Smiths-Medical
-CVE-2016-8354
+CVE-2016-8354 (An issue was discovered in Schneider Electric Unity PRO prior to V11.1 ...)
 	NOT-FOR-US: Schneider
-CVE-2016-8353
+CVE-2016-8353 (An issue was discovered in OSIsoft PI Web API 2015 R2 (Version 1.5.1). ...)
 	NOT-FOR-US: OSISoft PI Web API
-CVE-2016-8352
+CVE-2016-8352 (An issue was discovered in Schneider Electric ConneXium firewalls TCSE ...)
 	NOT-FOR-US: Schneider
 CVE-2016-8351
 	RESERVED
-CVE-2016-8350
+CVE-2016-8350 (An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 a ...)
 	NOT-FOR-US: Moxa
 CVE-2016-8349
 	REJECTED
-CVE-2016-8348
+CVE-2016-8348 (An XML External Entity (XXE) issue was discovered in Emerson Liebert S ...)
 	NOT-FOR-US: Emerson
-CVE-2016-8347
+CVE-2016-8347 (An issue was discovered in Kabona AB WebDatorCentral (WDC) application ...)
 	NOT-FOR-US: Kabona
-CVE-2016-8346
+CVE-2016-8346 (An issue was discovered in Moxa EDR-810 Industrial Secure Router. By a ...)
 	NOT-FOR-US: Moxa
 CVE-2016-8345
 	REJECTED
-CVE-2016-8344
+CVE-2016-8344 (An issue was discovered in Honeywell Experion Process Knowledge System ...)
 	NOT-FOR-US: Honeywell
-CVE-2016-8343
+CVE-2016-8343 (Directory traversal vulnerability in INDAS Web SCADA before 3 allows r ...)
 	NOT-FOR-US: INDAS Web SCADA
 CVE-2016-8342
 	REJECTED
-CVE-2016-8341
+CVE-2016-8341 (An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Eca ...)
 	NOT-FOR-US: Ecava
 CVE-2016-8340
 	RESERVED
-CVE-2016-8339
+CVE-2016-8339 (A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code  ...)
 	- redis 3:3.2.4-1
 	[jessie] - redis <not-affected> (Vulnerable code introduced later)
 	[wheezy] - redis <not-affected> (Vulnerable code not present)
@@ -7608,18 +7608,18 @@ CVE-2016-8337
 	RESERVED
 CVE-2016-8336
 	RESERVED
-CVE-2016-8335
+CVE-2016-8335 (An exploitable stack based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8334
+CVE-2016-8334 (A large out-of-bounds read on the heap vulnerability in Foxit PDF Read ...)
 	NOT-FOR-US: Foxit PDF
-CVE-2016-8333
+CVE-2016-8333 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Iceni Argus
-CVE-2016-8332
+CVE-2016-8332 (A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution wh ...)
 	{DSA-3768-1}
 	- openjpeg2 2.1.2-1
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0193/
 	NOTE: https://github.com/uclouvain/openjpeg/pull/820
-CVE-2016-8331
+CVE-2016-8331 (An exploitable remote code execution vulnerability exists in the handl ...)
 	{DLA-693-1}
 	- tiff 4.0.6-3
 	- tiff3 <removed>
@@ -7628,117 +7628,117 @@ CVE-2016-8331
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0190/
 	NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
 	NOTE: From the backtrace shared in the report, we can see that the crash is triggered though the thumbnail tool which has been dropped upstream.
-CVE-2016-8330
+CVE-2016-8330 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2016-8329
+CVE-2016-8329 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2016-8328
+CVE-2016-8328 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-8 <not-affected> (specific to Oracle Java)
-CVE-2016-8327
+CVE-2016-8327 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 CVE-2016-8326
 	RESERVED
-CVE-2016-8325
+CVE-2016-8325 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2016-8324
+CVE-2016-8324 (Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle  ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8323
+CVE-2016-8323 (Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle  ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8322
+CVE-2016-8322 (Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle  ...)
 	NOT-FOR-US: Oracle FLEXCUBE
 CVE-2016-8321
 	REJECTED
-CVE-2016-8320
+CVE-2016-8320 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8319
+CVE-2016-8319 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8318
+CVE-2016-8318 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-8317
+CVE-2016-8317 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8316
+CVE-2016-8316 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8315
+CVE-2016-8315 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8314
+CVE-2016-8314 (Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle  ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8313
+CVE-2016-8313 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8312
+CVE-2016-8312 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8311
+CVE-2016-8311 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8310
+CVE-2016-8310 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8309
+CVE-2016-8309 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8308
+CVE-2016-8308 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8307
+CVE-2016-8307 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8306
+CVE-2016-8306 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8305
+CVE-2016-8305 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8304
+CVE-2016-8304 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8303
+CVE-2016-8303 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8302
+CVE-2016-8302 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8301
+CVE-2016-8301 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8300
+CVE-2016-8300 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8299
+CVE-2016-8299 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8298
+CVE-2016-8298 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8297
+CVE-2016-8297 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8296
+CVE-2016-8296 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-8295
+CVE-2016-8295 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-8294
+CVE-2016-8294 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-8293
+CVE-2016-8293 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-8292
+CVE-2016-8292 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-8291
+CVE-2016-8291 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-8290
+CVE-2016-8290 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows re ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-8289
+CVE-2016-8289 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows lo ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-8288
+CVE-2016-8288 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.1 ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 5.6.34-1
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-8287
+CVE-2016-8287 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows re ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-8286
+CVE-2016-8286 (Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows re ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-8285
+CVE-2016-8285 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: Oracle
-CVE-2016-8284
+CVE-2016-8284 (Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.1 ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 5.6.34-1 (bug #841049)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-8283
+CVE-2016-8283 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 a ...)
 	{DSA-3711-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.15-1
@@ -7747,15 +7747,15 @@ CVE-2016-8283
 	[jessie] - mysql-5.5 5.5.52-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.52-0+deb7u1
 	NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
-CVE-2016-8282
+CVE-2016-8282 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-8281
+CVE-2016-8281 (Unspecified vulnerability in the Oracle Platform Security for Java com ...)
 	NOT-FOR-US: Oracle
 CVE-2016-1000244
 	RESERVED
 CVE-2016-1000243
 	RESERVED
-CVE-2016-7553
+CVE-2016-7553 (The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permiss ...)
 	{DLA-722-1}
 	- irssi 0.8.20-2 (bug #838762)
 	[jessie] - irssi 0.8.17-1+deb8u2
@@ -7786,7 +7786,7 @@ CVE-2016-1000234
 	RESERVED
 CVE-2016-1000233
 	RESERVED
-CVE-2016-1000232
+CVE-2016-1000232 (NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsin ...)
 	NOT-FOR-US: nodejs tough-cookie
 	NOTE: https://nodesecurity.io/advisories/130
 CVE-2016-1000231
@@ -7809,14 +7809,14 @@ CVE-2016-1000224
 	RESERVED
 CVE-2016-1000223
 	RESERVED
-CVE-2016-1000031
+CVE-2016-1000031 (Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation  ...)
 	- libcommons-fileupload-java <unfixed> (unimportant)
 	NOTE: https://www.tenable.com/security/research/tra-2016-12
 	NOTE: Marked as unimportant since even though the CVE is assigned for Apache Commons FileUpload
 	NOTE: Apache say that issue needs to be fixed in any vendor/product using Apache Commons FileUpload
 	NOTE: DiskFileItem as described in the given advisory.
 	NOTE: Thus we are not going to diverge from Apache upstream here.
-CVE-2016-7466
+CVE-2016-7466 (Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU ...)
 	- qemu 1:2.7+dfsg-1 (bug #838687)
 	[jessie] - qemu <not-affected> (Vulnerable code not present. Introduced in 2.2.x)
 	[wheezy] - qemu <no-dsa> (Minor issue, needs qemu monitor access to unplug nec-xhci controller)
@@ -7827,25 +7827,25 @@ CVE-2016-7466
 	NOTE: The usb_xhci_exit and thus the patched code was introduced in:
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=53c30545fb34c43c84d62ea1c2b0dc6b53303c34 (v2.2.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/19/8
-CVE-2016-8280
+CVE-2016-8280 (Directory traversal vulnerability in Huawei eSight before V300R003C20S ...)
 	NOT-FOR-US: Huawei eSight UMS
-CVE-2016-8279
+CVE-2016-8279 (The video driver in Huawei Mate S smartphones with software CRR-TL00 b ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8278
+CVE-2016-8278 (Huawei USG9520, USG9560, and USG9580 unified security gateways with so ...)
 	NOT-FOR-US: Huawei Firewalls
-CVE-2016-8277
+CVE-2016-8277 (Huawei USG9520, USG9560, and USG9580 unified security gateways with so ...)
 	NOT-FOR-US: Huawei Firewalls
-CVE-2016-8276
+CVE-2016-8276 (Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) m ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8275
+CVE-2016-8275 (Huawei AnyOffice V200R006C00 could allow an authenticated, remote atta ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8274
+CVE-2016-8274 (Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link lib ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8273
+CVE-2016-8273 (Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8272
+CVE-2016-8272 (Huawei PC client software HiSuite 4.0.5.300_OVE has an information lea ...)
 	NOT-FOR-US: Huawei
-CVE-2016-8271
+CVE-2016-8271 (Huawei eSpace IAD V300R002C01SPC100 and earlier versions have an infor ...)
 	NOT-FOR-US: Huawei
 CVE-2016-8270
 	REJECTED
@@ -7913,41 +7913,41 @@ CVE-2016-8239
 	REJECTED
 CVE-2016-8238
 	REJECTED
-CVE-2016-8237
+CVE-2016-8237 (Remote code execution in Lenovo Updates (not Lenovo System Update) all ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8236
+CVE-2016-8236 (Reset to default settings may occur in Lenovo ThinkServer TSM RD350, R ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8235
+CVE-2016-8235 (Privilege escalation in Lenovo Customer Care Software Development Kit  ...)
 	NOT-FOR-US: Lenovo
 CVE-2016-8234
 	REJECTED
-CVE-2016-8233
+CVE-2016-8233 (Log files generated by Lenovo XClarity Administrator (LXCA) versions e ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8232
+CVE-2016-8232 (Document Object Model-(DOM) based cross-site scripting vulnerability i ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8231
+CVE-2016-8231 (In Lenovo Service Bridge before version 4, a bug found in the signatur ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8230
+CVE-2016-8230 (In Lenovo Service Bridge before version 4, an insecure HTTP connection ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8229
+CVE-2016-8229 (A cross-site request forgery vulnerability in Lenovo Service Bridge be ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8228
+CVE-2016-8228 (In Lenovo Service Bridge before version 4, a user with local privilege ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8227
+CVE-2016-8227 (Privilege escalation vulnerability in Lenovo Transition application us ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8226
+CVE-2016-8226 (The BIOS in Lenovo System X M5, M6, and X6 systems allows administrato ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8225
+CVE-2016-8225 (Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8224
+CVE-2016-8224 (A vulnerability has been identified in some Lenovo Notebook and ThinkS ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8223
+CVE-2016-8223 (During an internal security review, Lenovo identified a local privileg ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8222
+CVE-2016-8222 (A vulnerability has been identified in a signed kernel driver for the  ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-8221
+CVE-2016-8221 (Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2 ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-7423
+CVE-2016-7423 (The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulato ...)
 	- qemu 1:2.7+dfsg-1 (bug #838145)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -7958,7 +7958,7 @@ CVE-2016-7423
 	NOTE: LSI SAS1068 (mptsas) device support added in
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=e351b82611293683c4cabe4b69b7552bde5d4e2a (v2.6.0-rc0)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=670e56d3ed2918b3861d9216f2c0540d9e9ae0d5
-CVE-2016-7422
+CVE-2016-7422 (The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Qui ...)
 	- qemu 1:2.7+dfsg-1 (bug #838146)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -7967,7 +7967,7 @@ CVE-2016-7422
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1376755
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=3b3b0628217e2726069990ff9942a5d6d9816bd7 (v2.6.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/4
-CVE-2016-7421
+CVE-2016-7421 (The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU ...)
 	{DLA-1599-1}
 	- qemu 1:2.7+dfsg-1 (bug #838147)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after 1.5)
@@ -7976,47 +7976,47 @@ CVE-2016-7421
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1376731
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/3
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=d251157ac1928191af851d199a9ff255d330bec9
-CVE-2016-8220
+CVE-2016-8220 (Pivotal Gemfire for PCF, versions 1.6.x prior to 1.6.5.0 and 1.7.x pri ...)
 	NOT-FOR-US: Pivotal
-CVE-2016-8219
+CVE-2016-8219 (An issue was discovered in Cloud Foundry Foundation cf-release version ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-8218
+CVE-2016-8218 (An issue was discovered in Cloud Foundry Foundation routing-release ve ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-8217
+CVE-2016-8217 (EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing At ...)
 	NOT-FOR-US: EMC RSA
-CVE-2016-8216
+CVE-2016-8216 (EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS ...)
 	NOT-FOR-US: EMC
-CVE-2016-8215
+CVE-2016-8215 (EMC RSA Security Analytics 10.5.3 and 10.6.2 contains fixes for a Refl ...)
 	NOT-FOR-US: RSA Security Analytics
-CVE-2016-8214
+CVE-2016-8214 (EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions  ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2016-8213
+CVE-2016-8213 (EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, pri ...)
 	NOT-FOR-US: EMC Documentum
-CVE-2016-8212
+CVE-2016-8212 (An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to 6. ...)
 	NOT-FOR-US: EMC RSA
-CVE-2016-8211
+CVE-2016-8211 (EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EM ...)
 	NOT-FOR-US: EMC Data Protection Advisor
 CVE-2016-8210
 	RESERVED
-CVE-2016-8209
+CVE-2016-8209 (Improper checks for unusual or exceptional conditions in Brocade NetIr ...)
 	NOT-FOR-US: Brocade
 CVE-2016-8208
 	RESERVED
-CVE-2016-8207
+CVE-2016-8207 (A Directory Traversal vulnerability in CliMonitorReportServlet in the  ...)
 	NOT-FOR-US: Brocade Network Advisor
-CVE-2016-8206
+CVE-2016-8206 (A Directory Traversal vulnerability in servlet SoftwareImageUpload in  ...)
 	NOT-FOR-US: Brocade Network Advisor
-CVE-2016-8205
+CVE-2016-8205 (A Directory Traversal vulnerability in DashboardFileReceiveServlet in  ...)
 	NOT-FOR-US: Brocade Network Advisor
-CVE-2016-8204
+CVE-2016-8204 (A Directory Traversal vulnerability in FileReceiveServlet in the Broca ...)
 	NOT-FOR-US: Brocade Network Advisor
-CVE-2016-8203
+CVE-2016-8203 (A memory corruption in the IPsec code path of Brocade NetIron OS on Br ...)
 	NOT-FOR-US: Brocade
-CVE-2016-8202
+CVE-2016-8202 (A privilege escalation vulnerability in Brocade Fibre Channel SAN prod ...)
 	NOT-FOR-US: Brocade
-CVE-2016-8201
+CVE-2016-8201 (A CSRF vulnerability in Brocade Virtual Traffic Manager versions relea ...)
 	NOT-FOR-US: Brocade
-CVE-2016-7444
+CVE-2016-7444 (The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS b ...)
 	- gnutls28 3.5.3-4
 	[jessie] - gnutls28 3.3.8-6+deb8u4
 	NOTE: https://gnutls.org/security.html#GNUTLS-SA-2016-3
@@ -8212,19 +8212,19 @@ CVE-2016-8108
 	RESERVED
 CVE-2016-8107
 	RESERVED
-CVE-2016-8106
+CVE-2016-8106 (A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non ...)
 	NOT-FOR-US: Intel driver
-CVE-2016-8105
+CVE-2016-8105 (Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Cont ...)
 	NOT-FOR-US: Intel driver
-CVE-2016-8104
+CVE-2016-8104 (Buffer overflow in Intel PROSet/Wireless Software and Drivers in versi ...)
 	NOT-FOR-US: Intel driver
-CVE-2016-8103
+CVE-2016-8103 (SMM call out in all Intel Branded NUC Kits allows a local privileged u ...)
 	NOT-FOR-US: Intel driver
-CVE-2016-8102
+CVE-2016-8102 (Unquoted service path vulnerability in Intel Wireless Bluetooth Driver ...)
 	NOT-FOR-US: Intel driver
-CVE-2016-8101
+CVE-2016-8101 (The updater subsystem in Intel SSD Toolbox before 3.3.7 allows local u ...)
 	NOT-FOR-US: Intel SSD Toolbox
-CVE-2016-8100
+CVE-2016-8100 (Intel Integrated Performance Primitives (aka IPP) Cryptography before  ...)
 	NOT-FOR-US: Intel
 CVE-2016-8099
 	REJECTED
@@ -8360,39 +8360,39 @@ CVE-2016-8034
 	REJECTED
 CVE-2016-8033
 	REJECTED
-CVE-2016-8032
+CVE-2016-8032 (Software Integrity Attacks vulnerability in Intel Security Anti-Virus  ...)
 	NOT-FOR-US: Intel Security Anti-Virus
-CVE-2016-8031
+CVE-2016-8031 (Software Integrity Attacks vulnerability in Intel Security Anti-Virus  ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8030
+CVE-2016-8030 (A memory corruption vulnerability in Scriptscan COM Object in McAfee V ...)
 	NOT-FOR-US: Intel antivirus
 CVE-2016-8029
 	REJECTED
 CVE-2016-8028
 	RESERVED
-CVE-2016-8027
+CVE-2016-8027 (SQL injection vulnerability in core services in Intel Security McAfee  ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8026
+CVE-2016-8026 (Arbitrary command execution vulnerability in Intel Security McAfee Sec ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8025
+CVE-2016-8025 (SQL injection vulnerability in Intel Security VirusScan Enterprise Lin ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8024
+CVE-2016-8024 (Improper neutralization of CRLF sequences in HTTP headers vulnerabilit ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8023
+CVE-2016-8023 (Authentication bypass by assumed-immutable data vulnerability in Intel ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8022
+CVE-2016-8022 (Authentication bypass by spoofing vulnerability in Intel Security Viru ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8021
+CVE-2016-8021 (Improper verification of cryptographic signature vulnerability in Inte ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8020
+CVE-2016-8020 (Improper control of generation of code vulnerability in Intel Security ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8019
+CVE-2016-8019 (Cross-site scripting (XSS) vulnerability in attributes in Intel Securi ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8018
+CVE-2016-8018 (Cross-site request forgery (CSRF) vulnerability in Intel Security Viru ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8017
+CVE-2016-8017 (Special element injection vulnerability in Intel Security VirusScan En ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8016
+CVE-2016-8016 (Information exposure in Intel Security VirusScan Enterprise Linux (VSE ...)
 	NOT-FOR-US: Intel antivirus
 CVE-2016-8015
 	RESERVED
@@ -8400,21 +8400,21 @@ CVE-2016-8014
 	RESERVED
 CVE-2016-8013
 	RESERVED
-CVE-2016-8012
+CVE-2016-8012 (Access control vulnerability in Intel Security Data Loss Prevention En ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8011
+CVE-2016-8011 (Cross-site scripting vulnerability in Intel Security McAfee Endpoint S ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8010
+CVE-2016-8010 (Application protections bypass vulnerability in Intel Security McAfee  ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8009
+CVE-2016-8009 (Privilege escalation vulnerability in Intel Security McAfee Applicatio ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8008
+CVE-2016-8008 (Privilege escalation vulnerability in Windows 7 and Windows 10 in McAf ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8007
+CVE-2016-8007 (Authentication bypass vulnerability in McAfee Host Intrusion Preventio ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2016-8006
+CVE-2016-8006 (Authentication bypass vulnerability in Enterprise Security Manager (ES ...)
 	NOT-FOR-US: Intel Security McAfee Security Information and Event Management
-CVE-2016-8005
+CVE-2016-8005 (File extension filtering vulnerability in Intel Security McAfee Email  ...)
 	NOT-FOR-US: Intel antivirus
 CVE-2016-8004
 	RESERVED
@@ -8424,7 +8424,7 @@ CVE-2016-8002
 	REJECTED
 CVE-2016-8001
 	RESERVED
-CVE-2016-7999
+CVE-2016-7999 (ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote at ...)
 	{DLA-695-1}
 	- spip 3.1.3-1
 	[jessie] - spip 3.0.17-2+deb8u3
@@ -8433,7 +8433,7 @@ CVE-2016-7999
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23182 (3.1)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23184 (3.0)
 	NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
-CVE-2016-7998
+CVE-2016-7998 (The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows r ...)
 	{DLA-695-1}
 	- spip 3.1.3-1
 	[jessie] - spip 3.0.17-2+deb8u3
@@ -8442,11 +8442,11 @@ CVE-2016-7998
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23189 (3.1)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23192 (3.0)
 	NOTE: reproducible in Jessie (3.0.17-2+deb8u2)
-CVE-2016-7997
+CVE-2016-7997 (The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remo ...)
 	{DSA-3746-1 DLA-683-1}
 	- graphicsmagick 1.3.25-4
 	NOTE: patch for this and CVE-2016-7996 at: http://openwall.com/lists/oss-security/2016/10/07/4
-CVE-2016-7996
+CVE-2016-7996 (Heap-based buffer overflow in the WPG format reader in GraphicsMagick  ...)
 	{DSA-3746-1 DLA-683-1}
 	- graphicsmagick 1.3.21-2
 	NOTE: The patch addressing CVE-2016-7996 applied is in 1.3.25-4, but in
@@ -8454,7 +8454,7 @@ CVE-2016-7996
 	NOTE: 1.3.21-2 the build is done with --with-quantum-depth=16 switching
 	NOTE: away from the default with QuantumDepth=8
 	NOTE: patch for this and CVE-2016-7997 at: http://openwall.com/lists/oss-security/2016/10/07/4
-CVE-2016-7995
+CVE-2016-7995 (Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in Q ...)
 	- qemu 1:2.8+dfsg-1 (bug #840236)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced in v2.6.0-rc0)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced in v2.6.0-rc0)
@@ -8464,41 +8464,41 @@ CVE-2016-7995
 	NOTE: Vulnerable code introduced in 49d925ce50383a286278143c05511d30ec41a36e
 	NOTE: Though this commit fixed an OOB read access issue which might need
 	NOTE: potentially a new separate CVE id if it does not have one yet.
-CVE-2016-7994
+CVE-2016-7994 (Memory leak in the virtio_gpu_resource_create_2d function in hw/displa ...)
 	- qemu 1:2.8+dfsg-1 (bug #840228)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced in 2.4.0-rc0)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced in 2.4.0-rc0)
 	- qemu-kvm <not-affected> (Vulnerable code introduced in 2.4.0-rc0)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg04129.html
-CVE-2016-7993
+CVE-2016-7993 (A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could caus ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7992
+CVE-2016-7992 (The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer  ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7991
+CVE-2016-7991 (On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores secur ...)
 	NOT-FOR-US: Samsung
-CVE-2016-7990
+CVE-2016-7990 (On Samsung Galaxy S4 through S7 devices, an integer overflow condition ...)
 	NOT-FOR-US: Samsung
-CVE-2016-7989
+CVE-2016-7989 (On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS  ...)
 	NOT-FOR-US: Samsung
-CVE-2016-7988
+CVE-2016-7988 (On Samsung Galaxy S4 through S7 devices, absence of permissions on the ...)
 	NOT-FOR-US: Samsung
-CVE-2016-7987
+CVE-2016-7987 (An issue was discovered in Siemens ETA4 firmware (all versions prior t ...)
 	NOT-FOR-US: Siemens
-CVE-2016-7986
+CVE-2016-7986 (The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7985
+CVE-2016-7985 (The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in  ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7984
+CVE-2016-7984 (The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7983
+CVE-2016-7983 (The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in prin ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7982
+CVE-2016-7982 (Directory traversal vulnerability in ecrire/exec/valider_xml.php in SP ...)
 	{DLA-695-1}
 	- spip 3.1.3-1
 	[jessie] - spip 3.0.17-2+deb8u3
@@ -8519,7 +8519,7 @@ CVE-2016-7982
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23207 (3.1)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23208 (3.0)
 	NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
-CVE-2016-7981
+CVE-2016-7981 (Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP 3. ...)
 	{DLA-695-1}
 	- spip 3.1.3-1
 	[jessie] - spip 3.0.17-2+deb8u3
@@ -8528,7 +8528,7 @@ CVE-2016-7981
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23201 (3.1.x)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23202 (3.0.x)
 	NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
-CVE-2016-7980
+CVE-2016-7980 (Cross-site request forgery (CSRF) vulnerability in ecrire/exec/valider ...)
 	{DLA-695-1}
 	- spip 3.1.3-1
 	[jessie] - spip 3.0.17-2+deb8u3
@@ -8537,34 +8537,34 @@ CVE-2016-7980
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23201 (3.1)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23202 (3.0)
 	NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
-CVE-2016-7975
+CVE-2016-7975 (The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print- ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7974
+CVE-2016-7974 (The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-i ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7973
+CVE-2016-7973 (The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in  ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7972
+CVE-2016-7972 (The check_allocations function in libass/ass_shaper.c in libass before ...)
 	{DLA-668-1}
 	- libass 0.13.4-1
 	[jessie] - libass <no-dsa> (Minor issue)
 	NOTE: https://github.com/libass/libass/pull/240/commits/aa54e0b59200a994d50a346b5d7ac818ebcf2d4b
 CVE-2016-7971
 	REJECTED
-CVE-2016-7970
+CVE-2016-7970 (Buffer overflow in the calc_coeff function in libass/ass_blur.c in lib ...)
 	- libass 0.13.4-1
 	[jessie] - libass <not-affected> (Vulnerable code introduced later)
 	[wheezy] - libass <not-affected> (Vulnerable code first introduced in July 2015)
 	NOTE: Fixed by: https://github.com/libass/libass/pull/240/commits/08e754612019ed84d1db0d1fc4f5798248decd75
 	NOTE: Vulnerable function calc_coeff introduced in: https://github.com/libass/libass/commit/d787615845d78d8f8e6d1a4ffc3dc3eecd8a92f6 (0.13.0)
-CVE-2016-7969
+CVE-2016-7969 (The wrap_lines_smart function in ass_render.c in libass before 0.13.4  ...)
 	{DLA-668-1}
 	- libass 0.13.4-1
 	[jessie] - libass <no-dsa> (Minor issue)
 	NOTE: https://github.com/libass/libass/pull/240/commits/b72b283b936a600c730e00875d7d067bded3fc26
-CVE-2016-7968
+CVE-2016-7968 (KMail since version 5.3.0 used a QWebEngine based viewer that had Java ...)
 	- kf5-messagelib <not-affected> (Doesn't use qtwebengine, see bug #853241)
 	NOTE: https://www.kde.org/info/security/advisory-20161006-3.txt
 	NOTE: Would by fixed by: https://cgit.kde.org/messagelib.git/commit/?id=f601f9ffb706f7d3a5893b04f067a1f75da62c99
@@ -8577,23 +8577,23 @@ CVE-2016-7968
 	NOTE: https://cgit.kde.org/messagelib.git/commit/?id=0402c17a8ead92188971cb604d905b3072d56a73 (v16.08.2)
 	NOTE: The issue is mitigated with the fixes applied for CVE-2016-7966, and a
 	NOTE: user protected from this CVE by only viewing plain text mails.
-CVE-2016-7967
+CVE-2016-7967 (KMail since version 5.3.0 used a QWebEngine based viewer that had Java ...)
 	- kf5-messagelib <not-affected> (Doesn't use qtwebengine, see bug #853241)
 	NOTE: https://www.kde.org/info/security/advisory-20161006-2.txt
 	NOTE: Fixed by: https://cgit.kde.org/messagelib.git/commit/?id=dfc6a86f1b25f1da04b8f1df5320fcdd7085bcc1 (16.11.80)
 	NOTE: The issue is mitigated with the fixes applied for CVE-2016-7966, and a
 	NOTE: user protected from this CVE by only viewing plain text mails.
-CVE-2016-7966
+CVE-2016-7966 (Through a malicious URL that contained a quote character it was possib ...)
 	{DSA-3697-1 DLA-673-1}
 	- kdepimlibs 4:4.14.10-7 (bug #840546)
 	- kcoreaddons 5.26.0-3 (bug #840547)
 	NOTE: https://www.kde.org/info/security/advisory-20161006-1.txt
-CVE-2016-7965
+CVE-2016-7965 (DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the ...)
 	- dokuwiki <unfixed> (bug #844732; unimportant)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/1709
 	NOTE: Can be adresesd by properly configure dokuwiki as per
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/1709#issuecomment-262337572
-CVE-2016-7964
+CVE-2016-7964 (The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php ...)
 	- dokuwiki <unfixed> (low; bug #844731)
 	[buster] - dokuwiki <ignored> (Minor issue)
 	[jessie] - dokuwiki <no-dsa> (Minor issue)
@@ -8605,18 +8605,18 @@ CVE-2016-7962
 	RESERVED
 CVE-2016-7961
 	RESERVED
-CVE-2016-7960
+CVE-2016-7960 (Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format  ...)
 	NOT-FOR-US: Siemens
-CVE-2016-7959
+CVE-2016-7959 (Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-sh ...)
 	NOT-FOR-US: Siemens
-CVE-2016-7958
+CVE-2016-7958 (In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet ...)
 	- wireshark 2.2.1+ga6fbd27-1
 	[jessie] - wireshark <not-affected> (Introduced with "Add checkAPI calls to CMake")
 	[wheezy] - wireshark <not-affected> (Introduced with "Add checkAPI calls to CMake")
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12945
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=67597cb2457fb843fa97d3f2c87b82dad6f0de07
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-57.html
-CVE-2016-7957
+CVE-2016-7957 (In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, trigger ...)
 	- wireshark 2.2.1+ga6fbd27-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -8625,9 +8625,9 @@ CVE-2016-7957
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-56.html
 CVE-2016-7956
 	RESERVED
-CVE-2016-7955
+CVE-2016-7955 (The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, ...)
 	NOT-FOR-US: AlienVault OSSIM
-CVE-2016-7954
+CVE-2016-7954 (Bundler 1.x might allow remote attackers to inject arbitrary Ruby code ...)
 	- bundler <unfixed> (bug #842504)
 	[buster] - bundler <ignored> (Minor issue, too intrusive to backport)
 	[stretch] - bundler <ignored> (Minor issue, too intrusive to backport)
@@ -8636,185 +8636,185 @@ CVE-2016-7954
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/04/5
 	NOTE: There is no plan (yet) from upstream to address this for bundler 1.x
 	NOTE: due to lockfile format.
-CVE-2016-7953
+CVE-2016-7953 (Buffer underflow in X.org libXvMC before 1.0.10 allows remote X server ...)
 	{DLA-671-1}
 	- libxvmc 2:1.0.10-1 (low; bug #840445)
 	[jessie] - libxvmc 2:1.0.8-2+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb
-CVE-2016-7952
+CVE-2016-7952 (X.org libXtst before 1.2.3 allows remote X servers to cause a denial o ...)
 	{DLA-686-1}
 	- libxtst 2:1.2.3-1 (low; bug #840444)
 	[jessie] - libxtst 2:1.2.2-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3
-CVE-2016-7951
+CVE-2016-7951 (Multiple integer overflows in X.org libXtst before 1.2.3 allow remote  ...)
 	{DLA-686-1}
 	- libxtst 2:1.2.3-1 (low; bug #840444)
 	[jessie] - libxtst 2:1.2.2-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3
-CVE-2016-7950
+CVE-2016-7950 (The XRenderQueryFilters function in X.org libXrender before 0.9.10 all ...)
 	{DLA-664-1}
 	- libxrender 1:0.9.10-1 (low; bug #840443)
 	[jessie] - libxrender <no-dsa> (Minor issue, will be fixed in a point release)
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=8fad00b0b647ee662ce4737ca15be033b7a21714
-CVE-2016-7949
+CVE-2016-7949 (Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEn ...)
 	{DLA-664-1}
 	- libxrender 1:0.9.10-1 (low; bug #840443)
 	[jessie] - libxrender <no-dsa> (Minor issue, will be fixed in a point release)
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=9362c7ddd1af3b168953d0737877bc52d79c94f4
-CVE-2016-7948
+CVE-2016-7948 (X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of ...)
 	{DLA-660-1}
 	- libxrandr 2:1.5.1-1 (low; bug #840441)
 	[jessie] - libxrandr 2:1.4.2-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6
-CVE-2016-7947
+CVE-2016-7947 (Multiple integer overflows in X.org libXrandr before 1.5.1 allow remot ...)
 	{DLA-660-1}
 	- libxrandr 2:1.5.1-1 (low; bug #840441)
 	[jessie] - libxrandr 2:1.4.2-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6
-CVE-2016-7946
+CVE-2016-7946 (X.org libXi before 1.7.7 allows remote X servers to cause a denial of  ...)
 	{DLA-685-1}
 	- libxi 2:1.7.8-1 (low; bug #840440)
 	[jessie] - libxi 2:1.7.4-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5
 	NOTE: Regression: https://bugs.freedesktop.org/98204
-CVE-2016-7945
+CVE-2016-7945 (Multiple integer overflows in X.org libXi before 1.7.7 allow remote X  ...)
 	{DLA-685-1}
 	- libxi 2:1.7.8-1 (low; bug #840440)
 	[jessie] - libxi 2:1.7.4-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5
 	NOTE: Regression: https://bugs.freedesktop.org/98204
-CVE-2016-7944
+CVE-2016-7944 (Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms m ...)
 	{DLA-654-1}
 	- libxfixes 1:5.0.3-1 (low; bug #840442)
 	[jessie] - libxfixes 1:5.0.1-2+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e
-CVE-2016-7943
+CVE-2016-7943 (The XListFonts function in X.org libX11 before 1.6.4 might allow remot ...)
 	{DLA-684-1}
 	- libx11 2:1.6.4-1 (low; bug #840439)
 	[jessie] - libx11 2:1.6.2-3+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8c29f1607a31dac0911e45a0dd3d74173822b3c9
-CVE-2016-7942
+CVE-2016-7942 (The XGetImage function in X.org libX11 before 1.6.4 might allow remote ...)
 	{DLA-684-1}
 	- libx11 2:1.6.4-1 (low; bug #840439)
 	[jessie] - libx11 2:1.6.2-3+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17
 CVE-2016-7941
 	RESERVED
-CVE-2016-7940
+CVE-2016-7940 (The STP parser in tcpdump before 4.9.0 has a buffer overflow in print- ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7939
+CVE-2016-7939 (The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print- ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7938
+CVE-2016-7938 (The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in p ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7937
+CVE-2016-7937 (The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print- ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7936
+CVE-2016-7936 (The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print- ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7935
+CVE-2016-7935 (The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print- ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7934
+CVE-2016-7934 (The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7933
+CVE-2016-7933 (The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print- ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7932
+CVE-2016-7932 (The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print- ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7931
+CVE-2016-7931 (The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7930
+CVE-2016-7930 (The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in p ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7929
+CVE-2016-7929 (The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer over ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7928
+CVE-2016-7928 (The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in pri ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7927
+CVE-2016-7927 (The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow i ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7926
+CVE-2016-7926 (The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in p ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7925
+CVE-2016-7925 (The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overfl ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7924
+CVE-2016-7924 (The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print- ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7923
+CVE-2016-7923 (The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print- ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2016-7922
+CVE-2016-7922 (The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-a ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
 CVE-2016-7920
 	RESERVED
-CVE-2016-7919
+CVE-2016-7919 (** DISPUTED ** Moodle 3.1.2 allows remote attackers to obtain sensitiv ...)
 	NOTE: Disputed moodle non-issue
 CVE-2016-7918
 	RESERVED
-CVE-2016-7917
+CVE-2016-7917 (The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the L ...)
 	- linux 4.5.1-1 (low)
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/c58d6c93680f28ac58984af61d0a7ebf4319c241 (v4.5-rc6)
-CVE-2016-7916
+CVE-2016-7916 (Race condition in the environ_read function in fs/proc/base.c in the L ...)
 	- linux 4.5.4-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux 3.2.81-1
 	NOTE: Fixed by: https://git.kernel.org/linus/8148a73c9901a8794a50f950083c00ccf97d43b3 (v4.6-rc7)
-CVE-2016-7915
+CVE-2016-7915 (The hid_input_field function in drivers/hid/hid-core.c in the Linux ke ...)
 	{DLA-772-1}
 	- linux 4.6.1-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/50220dead1650609206efe91f0cc116132d59b3f (v4.6-rc1)
-CVE-2016-7914
+CVE-2016-7914 (The assoc_array_insert_into_terminal_node function in lib/assoc_array. ...)
 	- linux 4.5.3-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/8d4a2ec1e0b41b0cf9a0c5cd4511da7f8e4f3de2 (v4.6-rc4)
-CVE-2016-7913
+CVE-2016-7913 (The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c  ...)
 	- linux 4.6.1-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/8dfbcc4351a0b6d2f2d77f367552f48ffefafe18 (v4.6-rc1)
-CVE-2016-7912
+CVE-2016-7912 (Use-after-free vulnerability in the ffs_user_copy_worker function in d ...)
 	- linux 4.5.3-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/38740a5b87d53ceb89eb2c970150f6e94e00373a (v4.6-rc5)
-CVE-2016-7911
+CVE-2016-7911 (Race condition in the get_task_ioprio function in block/ioprio.c in th ...)
 	{DLA-772-1}
 	- linux 4.7.2-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/8ba8682107ee2ca3347354e018865d8e1967c5f4 (v4.7-rc7)
-CVE-2016-7910
+CVE-2016-7910 (Use-after-free vulnerability in the disk_seqf_stop function in block/g ...)
 	{DLA-772-1}
 	- linux 4.7.2-1
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/77da160530dd1dc94f6ae15a981f24e5f0021e84 (v4.8-rc1)
-CVE-2016-7909
+CVE-2016-7909 (The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emul ...)
 	{DLA-1599-1 DLA-698-1 DLA-689-1}
 	- qemu 1:2.8+dfsg-1 (bug #839834)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07942.html
-CVE-2016-7908
+CVE-2016-7908 (The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emul ...)
 	{DLA-1599-1 DLA-653-1 DLA-652-1}
 	- qemu 1:2.8+dfsg-1 (bug #839835)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05557.html
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=070c4b92b8cd5390889716677a0b92444d6e087a
-CVE-2016-7907
+CVE-2016-7907 (The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emul ...)
 	- qemu 1:2.8+dfsg-3 (bug #839986)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced after v2.5.0-rc0)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced after v2.5.0-rc0)
@@ -8822,21 +8822,21 @@ CVE-2016-7907
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05556.html
 	NOTE: i.MX Fast Ethernet Controller emulation introduced in v2.5.0-rc0 with
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=fcbd8018e645f3ab1ef9af94dc88a0d3272926d3 (v2.5.0-rc0)
-CVE-2016-7906
+CVE-2016-7906 (magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to c ...)
 	{DSA-3726-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #840435)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/281
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d63a3c5729df59f183e9e110d5d8385d17caaad0
-CVE-2016-7905
+CVE-2016-7905 (The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3. ...)
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/622ccbd8ab894e3ac6cdf607e3d4f39e406786e9 (n3.1.4)
-CVE-2016-7904
+CVE-2016-7904 (Cross-site request forgery (CSRF) vulnerability in CMS Made Simple bef ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2016-7903
+CVE-2016-7903 (Dotclear before 2.10.3, when the Host header is not part of the web se ...)
 	- dotclear <removed>
 	NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/bb06343f4247
-CVE-2016-7902
+CVE-2016-7902 (Unrestricted file upload vulnerability in the fileUnzip-&gt;unzip meth ...)
 	- dotclear <removed>
 	NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/a9db771a5a70
 CVE-2016-7901
@@ -8857,89 +8857,89 @@ CVE-2016-7894
 	REJECTED
 CVE-2016-7893
 	REJECTED
-CVE-2016-7892
+CVE-2016-7892 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7891
+CVE-2016-7891 (Adobe RoboHelp version 2015.0.3 and earlier, RoboHelp 11 and earlier h ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7890
+CVE-2016-7890 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7889
+CVE-2016-7889 (Adobe Digital Editions versions 4.5.2 and earlier has an issue with pa ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7888
+CVE-2016-7888 (Adobe Digital Editions versions 4.5.2 and earlier has an important vul ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7887
+CVE-2016-7887 (Adobe ColdFusion Builder versions 2016 update 2 and earlier, 3.0.3 and ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7886
+CVE-2016-7886 (Adobe InDesign version 11.4.1 and earlier, Adobe InDesign Server 11.0. ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7885
+CVE-2016-7885 (Adobe Experience Manager versions 6.2 and earlier have a vulnerability ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7884
+CVE-2016-7884 (Adobe Experience Manager versions 6.1 and earlier have an input valida ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7883
+CVE-2016-7883 (Adobe Experience Manager version 6.2 has an input validation issue in  ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7882
+CVE-2016-7882 (Adobe Experience Manager versions 6.2 and earlier have an input valida ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7881
+CVE-2016-7881 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7880
+CVE-2016-7880 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7879
+CVE-2016-7879 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7878
+CVE-2016-7878 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7877
+CVE-2016-7877 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7876
+CVE-2016-7876 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7875
+CVE-2016-7875 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7874
+CVE-2016-7874 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7873
+CVE-2016-7873 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7872
+CVE-2016-7872 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7871
+CVE-2016-7871 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7870
+CVE-2016-7870 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7869
+CVE-2016-7869 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7868
+CVE-2016-7868 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7867
+CVE-2016-7867 (Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7866
+CVE-2016-7866 (Adobe Animate versions 15.2.1.95 and earlier have an exploitable memor ...)
 	NOT-FOR-US: Adobe Animate
-CVE-2016-7865
+CVE-2016-7865 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7864
+CVE-2016-7864 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7863
+CVE-2016-7863 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7862
+CVE-2016-7862 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7861
+CVE-2016-7861 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7860
+CVE-2016-7860 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7859
+CVE-2016-7859 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7858
+CVE-2016-7858 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7857
+CVE-2016-7857 (Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7856
+CVE-2016-7856 (Adobe DNG Converter versions 9.7 and earlier have an exploitable memor ...)
 	NOT-FOR-US: Adobe DNG Converter
-CVE-2016-7855
+CVE-2016-7855 (Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 o ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7854
+CVE-2016-7854 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7853
+CVE-2016-7853 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7852
+CVE-2016-7852 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7851
+CVE-2016-7851 (Adobe Connect version 9.5.6 and earlier does not adequately validate i ...)
 	NOT-FOR-US: Adobe
 CVE-2016-7850
 	REJECTED
@@ -8951,41 +8951,41 @@ CVE-2016-7847
 	REJECTED
 CVE-2016-7846
 	REJECTED
-CVE-2016-7845
+CVE-2016-7845 (GigaCC OFFICE ver.2.3 and earlier allows remote attackers to upload ar ...)
 	NOT-FOR-US: GigaCC OFFICE
-CVE-2016-7844
+CVE-2016-7844 (GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute a ...)
 	NOT-FOR-US: GigaCC OFFICE
-CVE-2016-7843
+CVE-2016-7843 (Directory traversal vulnerability in AttacheCase for Java 0.60 and ear ...)
 	NOT-FOR-US: AttacheCase
-CVE-2016-7842
+CVE-2016-7842 (Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier a ...)
 	NOT-FOR-US: AttacheCase
-CVE-2016-7841
+CVE-2016-7841 (Cross-site scripting vulnerability in Olive Diary DX allows remote att ...)
 	NOT-FOR-US: Olive Diary DX
-CVE-2016-7840
+CVE-2016-7840 (Cross-site scripting vulnerability in WEB SCHEDULE allows remote attac ...)
 	NOT-FOR-US: WEB SCHEDULE
-CVE-2016-7839
+CVE-2016-7839 (Cross-site scripting vulnerability in Olive Blog allows remote attacke ...)
 	NOT-FOR-US: Olive Blog
-CVE-2016-7838
+CVE-2016-7838 (Untrusted search path vulnerability in WinSparkle versions prior to 0. ...)
 	NOT-FOR-US: WinSparkle
-CVE-2016-7837
+CVE-2016-7837 (Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execut ...)
 	- bluez 5.43-1
 	[jessie] - bluez <no-dsa> (Minor issue)
 	[wheezy] - bluez <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://git.kernel.org/cgit/bluetooth/bluez.git/commit/?id=8514068150759c1d6a46d4605d2351babfde1601 (5.42)
-CVE-2016-7836
+CVE-2016-7836 (SKYSEA Client View Ver.11.221.03 and earlier allows remote code execut ...)
 	NOT-FOR-US: SKYSEA Client View
-CVE-2016-7835
+CVE-2016-7835 (Use-after-free vulnerability in H2O allows remote attackers to cause a ...)
 	- h2o <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/h2o/h2o/issues/1144
-CVE-2016-7834
+CVE-2016-7834 (SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, ...)
 	NOT-FOR-US: SONY
-CVE-2016-7833
+CVE-2016-7833 (Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access r ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-7832
+CVE-2016-7832 (Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access r ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-7831
+CVE-2016-7831 (Sleipnir 4 Black Edition for Mac 4.5.3 and earlier and Sleipnir 4 for  ...)
 	NOT-FOR-US: Sleipnir
-CVE-2016-7830
+CVE-2016-7830 (Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C ...)
 	NOT-FOR-US: Sony
 CVE-2016-7829
 	REJECTED
@@ -8993,68 +8993,68 @@ CVE-2016-7828
 	REJECTED
 CVE-2016-7827
 	REJECTED
-CVE-2016-7826
+CVE-2016-7826 (Directory traversal vulnerability in Buffalo WNC01WH devices with firm ...)
 	NOT-FOR-US: Buffalo
-CVE-2016-7825
+CVE-2016-7825 (Directory traversal vulnerability in Buffalo WNC01WH devices with firm ...)
 	NOT-FOR-US: Buffalo
-CVE-2016-7824
+CVE-2016-7824 (Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allow ...)
 	NOT-FOR-US: Buffalo
-CVE-2016-7823
+CVE-2016-7823 (Cross-site scripting vulnerability in Buffalo WNC01WH devices with fir ...)
 	NOT-FOR-US: Buffalo
-CVE-2016-7822
+CVE-2016-7822 (Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH dev ...)
 	NOT-FOR-US: Buffalo
-CVE-2016-7821
+CVE-2016-7821 (Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allo ...)
 	NOT-FOR-US: Buffalo
-CVE-2016-7820
+CVE-2016-7820 (Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 an ...)
 	NOT-FOR-US: I-O DATA DEVICE
-CVE-2016-7819
+CVE-2016-7819 (I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WR ...)
 	NOT-FOR-US: I-O DATA DEVICE
-CVE-2016-7818
+CVE-2016-7818 (Untrusted search path vulnerability in Installers for Specification ch ...)
 	NOT-FOR-US: Untrusted search path vulnerability in various installers
-CVE-2016-7817
+CVE-2016-7817 (Cross-site scripting vulnerability in Simple keitai chat 2.0 and earli ...)
 	NOT-FOR-US: Simple keitai chat
-CVE-2016-7816
+CVE-2016-7816 (The Cybozu kintone mobile for Android 1.0.6 and earlier does not verif ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-7815
+CVE-2016-7815 (Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certifica ...)
 	NOT-FOR-US: Remote Service Manager provided by Cybozu
-CVE-2016-7814
+CVE-2016-7814 (I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and TS-WR ...)
 	NOT-FOR-US: I-O DATA DEVICE
-CVE-2016-7813
+CVE-2016-7813 (Cross-site scripting vulnerability in DERAEMON-CMS version 0.8.9 and e ...)
 	NOT-FOR-US: DERAEMON-CMS
-CVE-2016-7812
+CVE-2016-7812 (The Bank of Tokyo-Mitsubishi UFJ, Ltd. App for Android ver5.3.1, ver5. ...)
 	NOT-FOR-US: Bank of Tokyo-Mitsubishi UFJ, Ltd. App
-CVE-2016-7811
+CVE-2016-7811 (Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker o ...)
 	NOT-FOR-US: Corega
-CVE-2016-7810
+CVE-2016-7810 (Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. ...)
 	NOT-FOR-US: Corega
-CVE-2016-7809
+CVE-2016-7809 (Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX  ...)
 	NOT-FOR-US: Corega
-CVE-2016-7808
+CVE-2016-7808 (Cross-site scripting vulnerability in Corega CG-WLBARGMH and CG-WLBARG ...)
 	NOT-FOR-US: Corega
-CVE-2016-7807
+CVE-2016-7807 (I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remot ...)
 	NOT-FOR-US: I-O DATA DEVICE
-CVE-2016-7806
+CVE-2016-7806 (I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remot ...)
 	NOT-FOR-US: I-O DATA DEVICE
-CVE-2016-7805
+CVE-2016-7805 (The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate  ...)
 	NOT-FOR-US: mobiGate App
-CVE-2016-7804
+CVE-2016-7804 (Untrusted search path vulnerability in 7 Zip for Windows 16.02 and ear ...)
 	NOT-FOR-US: 7 Zip for Windows
-CVE-2016-7803
+CVE-2016-7803 (SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-7802
+CVE-2016-7802 (Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allo ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-7801
+CVE-2016-7801 (Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access  ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-7800
+CVE-2016-7800 (Integer underflow in the parse8BIM function in coders/meta.c in Graphi ...)
 	{DSA-3746-1 DLA-651-1}
 	- graphicsmagick 1.3.25-3
 	NOTE: https://sourceforge.net/p/graphicsmagick/code/ci/5c7b6d6094a25e99c57f8b18343914ebfd8213ef/
-CVE-2016-7799
+CVE-2016-7799 (MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attac ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #840437)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/280
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa
-CVE-2016-7798
+CVE-2016-7798 (The openssl gem for Ruby uses the same initialization vector (IV) in G ...)
 	{DSA-3966-1 DLA-1421-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #842432)
 	- ruby2.1 <removed> (bug #842544)
@@ -9064,19 +9064,19 @@ CVE-2016-7798
 	NOTE: https://github.com/attr-encrypted/attr_encrypted/issues/203
 	- ruby-encryptor 3.0.0-1
 	NOTE: https://github.com/attr-encrypted/encryptor/pull/22
-CVE-2016-7797
+CVE-2016-7797 (Pacemaker before 1.1.15, when using pacemaker remote, might allow remo ...)
 	- pacemaker 1.1.15~rc3-1
 	[wheezy] - pacemaker <not-affected> (Vulnerable code introduced after 1.1.10)
 	NOTE: http://bugs.clusterlabs.org/show_bug.cgi?id=5269
 	NOTE: Fixed by: https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410 (Pacemaker-1.1.15-rc1)
 	NOTE: Vulnerable code introduced in: https://github.com/ClusterLabs/pacemaker/commit/87f40917feb5109f827d83765c924acbbd824379 (Pacemaker-1.1.12-rc1)
-CVE-2016-7796
+CVE-2016-7796 (The manager_dispatch_notify_fd function in systemd allows local users  ...)
 	{DLA-659-1}
 	- systemd 231-9 (bug #839607)
 	[jessie] - systemd 215-17+deb8u6
 	NOTE: https://github.com/systemd/systemd/issues/4234#issuecomment-250441246
 	NOTE: Fixed by: https://github.com/systemd/systemd/pull/4240
-CVE-2016-7795
+CVE-2016-7795 (The manager_invoke_notify_message function in systemd 231 and earlier  ...)
 	- systemd 231-9 (bug #839171)
 	[jessie] - systemd <not-affected> (Introduced in 219)
 	[wheezy] - systemd <not-affected> (Introduced in 219)
@@ -9084,21 +9084,21 @@ CVE-2016-7795
 	NOTE: https://github.com/systemd/systemd/commit/531ac2b2349da02acc9c382849758e07eb92b020
 	NOTE: Originally fixed in 231-8 but caused a regression fixed in 231-9
 	NOTE: https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet
-CVE-2016-7794
+CVE-2016-7794 (sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to e ...)
 	- git-hub 0.10.2-2 (bug #839284)
-CVE-2016-7793
+CVE-2016-7793 (sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to e ...)
 	- git-hub 0.10.2-2 (bug #839284)
-CVE-2016-7792
+CVE-2016-7792 (Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database ...)
 	NOT-FOR-US: Ubiquiti Networks UniFi
-CVE-2016-7791
+CVE-2016-7791 (Exponent CMS 2.3.9 suffers from a remote code execution vulnerability  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7790
+CVE-2016-7790 (Exponent CMS 2.3.9 suffers from a remote code execution vulnerability  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7789
+CVE-2016-7789 (SQL injection vulnerability in framework/core/models/expConfig.php in  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7788
+CVE-2016-7788 (SQL injection vulnerability in framework/modules/users/models/user.php ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7787
+CVE-2016-7787 (A maliciously crafted command line for kdesu can result in the user on ...)
 	- kde-cli-tools 4:5.8.0-1 (bug #839865)
 	- kde-runtime 4:16.08.3-2 (bug #842498)
 	[jessie] - kde-runtime <no-dsa> (Minor issue)
@@ -9112,26 +9112,26 @@ CVE-2016-7787
 	NOTE: For kde-cli-tools fixed in 5.7.5 upstream
 	NOTE: kde-runtime's affected binary is /usr/lib/kde4/libexec/kdesu-distrib/kdesu
 	NOTE: kdesudo's affected binary is /usr/bin/kdesudo
-CVE-2016-7786
+CVE-2016-7786 (Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated us ...)
 	NOT-FOR-US: Sophos
-CVE-2016-7785
+CVE-2016-7785 (The avi_read_seek function in libavformat/avidec.c in FFmpeg before 3. ...)
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/c8c5f66b42edc37474baa5cb51460cbf6f33075b (n3.1.4)
-CVE-2016-7784
+CVE-2016-7784 (SQL injection vulnerability in the getSection function in framework/co ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7783
+CVE-2016-7783 (SQL injection vulnerability in framework/core/models/expRecord.php in  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7782
+CVE-2016-7782 (SQL injection vulnerability in framework/core/models/expConfig.php in  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7781
+CVE-2016-7781 (SQL injection vulnerability in framework/modules/blog/controllers/blog ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7780
+CVE-2016-7780 (SQL injection vulnerability in cron/find_help.php in Exponent CMS 2.3. ...)
 	NOT-FOR-US: Exponent CMS
 CVE-2016-7779
 	RESERVED
 CVE-2016-7778
 	RESERVED
-CVE-2016-7777
+CVE-2016-7777 (Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which ...)
 	{DSA-3729-1 DLA-699-1}
 	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-190.html
@@ -9157,19 +9157,19 @@ CVE-2016-7767
 	REJECTED
 CVE-2016-7766
 	REJECTED
-CVE-2016-7765
+CVE-2016-7765 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
 CVE-2016-7764
 	REJECTED
 CVE-2016-7763
 	REJECTED
-CVE-2016-7762
+CVE-2016-7762 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7761
+CVE-2016-7761 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
 CVE-2016-7760
 	REJECTED
-CVE-2016-7759
+CVE-2016-7759 (An issue was discovered in certain Apple products. iOS before 10 is af ...)
 	NOT-FOR-US: Apple
 CVE-2016-7758
 	REJECTED
@@ -9203,7 +9203,7 @@ CVE-2016-7744
 	REJECTED
 CVE-2016-7743
 	REJECTED
-CVE-2016-7742
+CVE-2016-7742 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
 CVE-2016-7741
 	REJECTED
@@ -9259,7 +9259,7 @@ CVE-2016-7716
 	REJECTED
 CVE-2016-7715
 	REJECTED
-CVE-2016-7714
+CVE-2016-7714 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
 CVE-2016-7713
 	REJECTED
@@ -9353,226 +9353,226 @@ CVE-2016-7669
 	REJECTED
 CVE-2016-7668
 	REJECTED
-CVE-2016-7667
+CVE-2016-7667 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7666
+CVE-2016-7666 (An issue was discovered in certain Apple products. Transporter before  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7665
+CVE-2016-7665 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7664
+CVE-2016-7664 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7663
+CVE-2016-7663 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7662
+CVE-2016-7662 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7661
+CVE-2016-7661 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7660
+CVE-2016-7660 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7659
+CVE-2016-7659 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7658
+CVE-2016-7658 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7657
+CVE-2016-7657 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7656
+CVE-2016-7656 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7655
+CVE-2016-7655 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7654
+CVE-2016-7654 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7653
+CVE-2016-7653 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7652
+CVE-2016-7652 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7651
+CVE-2016-7651 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7650
+CVE-2016-7650 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7649
+CVE-2016-7649 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7648
+CVE-2016-7648 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
 CVE-2016-7647
 	REJECTED
-CVE-2016-7646
+CVE-2016-7646 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7645
+CVE-2016-7645 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7644
+CVE-2016-7644 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7643
+CVE-2016-7643 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7642
+CVE-2016-7642 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7641
+CVE-2016-7641 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7640
+CVE-2016-7640 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7639
+CVE-2016-7639 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7638
+CVE-2016-7638 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7637
+CVE-2016-7637 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7636
+CVE-2016-7636 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7635
+CVE-2016-7635 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7634
+CVE-2016-7634 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7633
+CVE-2016-7633 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7632
+CVE-2016-7632 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
 CVE-2016-7631
 	REJECTED
-CVE-2016-7630
+CVE-2016-7630 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7629
+CVE-2016-7629 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7628
+CVE-2016-7628 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7627
+CVE-2016-7627 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7626
+CVE-2016-7626 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7625
+CVE-2016-7625 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7624
+CVE-2016-7624 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7623
+CVE-2016-7623 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7622
+CVE-2016-7622 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7621
+CVE-2016-7621 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7620
+CVE-2016-7620 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7619
+CVE-2016-7619 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7618
+CVE-2016-7618 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7617
+CVE-2016-7617 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7616
+CVE-2016-7616 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7615
+CVE-2016-7615 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7614
+CVE-2016-7614 (An issue was discovered in certain Apple products. iCloud before 6.1 i ...)
 	NOT-FOR-US: Apple
-CVE-2016-7613
+CVE-2016-7613 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7612
+CVE-2016-7612 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7611
+CVE-2016-7611 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7610
+CVE-2016-7610 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7609
+CVE-2016-7609 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7608
+CVE-2016-7608 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7607
+CVE-2016-7607 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7606
+CVE-2016-7606 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7605
+CVE-2016-7605 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7604
+CVE-2016-7604 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7603
+CVE-2016-7603 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7602
+CVE-2016-7602 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7601
+CVE-2016-7601 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7600
+CVE-2016-7600 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7599
+CVE-2016-7599 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7598
+CVE-2016-7598 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7597
+CVE-2016-7597 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7596
+CVE-2016-7596 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7595
+CVE-2016-7595 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7594
+CVE-2016-7594 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
 CVE-2016-7593
 	REJECTED
-CVE-2016-7592
+CVE-2016-7592 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7591
+CVE-2016-7591 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
 CVE-2016-7590
 	REJECTED
-CVE-2016-7589
+CVE-2016-7589 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7588
+CVE-2016-7588 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7587
+CVE-2016-7587 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7586
+CVE-2016-7586 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-7585
+CVE-2016-7585 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-7584
+CVE-2016-7584 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7583
+CVE-2016-7583 (An issue was discovered in certain Apple products. iCloud before 6.0.1 ...)
 	NOT-FOR-US: Apple
-CVE-2016-7582
+CVE-2016-7582 (An issue was discovered in certain Apple products. macOS before 10.12  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7581
+CVE-2016-7581 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7580
+CVE-2016-7580 (An issue was discovered in certain Apple products. macOS before 10.12  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7579
+CVE-2016-7579 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7578
+CVE-2016-7578 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7577
+CVE-2016-7577 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-7576
+CVE-2016-7576 (In iOS before 9.3.3, a memory corruption issue existed in the kernel.  ...)
 	NOT-FOR-US: Apple
 CVE-2016-7574
 	RESERVED
 CVE-2016-7573
 	RESERVED
-CVE-2016-7572
+CVE-2016-7572 (The system.temporary route in Drupal 8.x before 8.1.10 does not proper ...)
 	- drupal7 <not-affected> (Only affects Drupal 8)
-CVE-2016-7571
+CVE-2016-7571 (Cross-site scripting (XSS) vulnerability in Drupal 8.x before 8.1.10 a ...)
 	- drupal7 <not-affected> (Only affects Drupal 8)
-CVE-2016-7570
+CVE-2016-7570 (Drupal 8.x before 8.1.10 does not properly check for "Administer comme ...)
 	- drupal7 <not-affected> (Only affects Drupal 8)
-CVE-2016-7569
+CVE-2016-7569 (Directory traversal vulnerability in docker2aci before 0.13.0 allows r ...)
 	- golang-github-appc-docker2aci 0.14.0+dfsg-1 (bug #839282)
 	NOTE: https://github.com/appc/docker2aci/issues/201
-CVE-2016-7568
+CVE-2016-7568 (Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD ...)
 	{DSA-3693-1}
 	- libgd2 2.2.3-87-gd0fec80-1 (bug #839659)
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -9583,23 +9583,23 @@ CVE-2016-7568
 	[jessie] - php5 5.6.27+dfsg-0+deb8u1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73003
 	NOTE: https://github.com/php/php-src/commit/c18263e0e0769faee96a5d0ee04b750c442783c6
-CVE-2016-7567
+CVE-2016-7567 (Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compar ...)
 	- openslp-dfsg <not-affected> (Only affects openslp 2)
 	NOTE: https://sourceforge.net/p/openslp/mercurial/ci/34fb3aa5e6b4997fa21cb614e480de36da5dbc9a/
 CVE-2016-7566
 	RESERVED
-CVE-2016-7565
+CVE-2016-7565 (install/index.php in Exponent CMS 2.3.9 allows remote attackers to exe ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7564
+CVE-2016-7564 (Heap-based buffer overflow in the Fp_toString function in jsfunction.c ...)
 	NOT-FOR-US: MuJS
-CVE-2016-7563
+CVE-2016-7563 (The chartorune function in Artifex Software MuJS allows attackers to c ...)
 	NOT-FOR-US: MuJS
-CVE-2016-7562
+CVE-2016-7562 (The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before ...)
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/496267f8e9ec218351e4359e1fde48722d4fc804 (n3.1.4)
-CVE-2016-7561
+CVE-2016-7561 (Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8. ...)
 	NOT-FOR-US: Fortinet FortiWLC
-CVE-2016-7560
+CVE-2016-7560 (The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1,  ...)
 	NOT-FOR-US: Fortinet FortiWLC
 CVE-2016-7559
 	RESERVED
@@ -9609,24 +9609,24 @@ CVE-2016-7557
 	RESERVED
 CVE-2016-7556
 	RESERVED
-CVE-2016-7555
+CVE-2016-7555 (The avi_read_header function in libavformat/avidec.c in FFmpeg before  ...)
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/8834e080c20d3d23c3ffe779371359f9b9b835ec (n3.1.4)
 CVE-2016-7554
 	REJECTED
-CVE-2016-7552
+CVE-2016-7552 (On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory tr ...)
 	NOT-FOR-US: Trend Micro Threat Discovery Appliance
-CVE-2016-7549
+CVE-2016-7549 (Google Chrome before 53.0.2785.113 does not ensure that the recipient  ...)
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2016-7548
 	RESERVED
-CVE-2016-7547
+CVE-2016-7547 (A command execution flaw on the Trend Micro Threat Discovery Appliance ...)
 	NOT-FOR-US: Trend Micro Threat Discovery Appliance
 CVE-2016-7546
 	RESERVED
-CVE-2016-7545
+CVE-2016-7545 (SELinux policycoreutils allows local users to execute arbitrary comman ...)
 	{DLA-638-1}
 	- policycoreutils 2.5-3 (bug #838599)
 	[jessie] - policycoreutils <not-affected> ("sandbox" executable not packaged in this version)
@@ -9636,9 +9636,9 @@ CVE-2016-7545
 	NOTE: Marked as exception as not-affected, although the source is affected but the built
 	NOTE: binary packages do not contain the sandbox binary. We cannot use 'unimportant'
 	NOTE: severity here since the unstable version builts a binary package which contains it.
-CVE-2016-7544
+CVE-2016-7544 (Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and _ ...)
 	- libcrypto++ <not-affected> (Vulnerable code intorduced in 5.6.4, only affects Windows and Microsoft compilers)
-CVE-2016-7543
+CVE-2016-7543 (Bash before 4.4 allows local users to execute arbitrary commands with  ...)
 	{DLA-680-1}
 	- bash 4.4-1
 	[jessie] - bash 4.3-11+deb8u1
@@ -9646,13 +9646,13 @@ CVE-2016-7543
 	NOTE: Default shell is dash which is not vulnerable, but bash in Jessie and
 	NOTE: Wheezy are affected.
 	NOTE: Fixed by (4.3): https://ftp.gnu.org/pub/gnu/bash/bash-4.3-patches/bash43-048
-CVE-2016-7542
+CVE-2016-7542 (A read-only administrator on Fortinet devices with FortiOS 5.2.x befor ...)
 	NOT-FOR-US: FortiOS
-CVE-2016-7541
+CVE-2016-7541 (Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x bef ...)
 	NOT-FOR-US: FortiOS
 CVE-2016-7512
 	RESERVED
-CVE-2016-7511
+CVE-2016-7511 (Integer overflow in the dwarf_die_deliv.c in libdwarf 20160613 allows  ...)
 	{DLA-635-1}
 	- dwarfutils 20160923-1 (bug #838757)
 	[jessie] - dwarfutils <no-dsa> (Minor issue, can be fixed in point release)
@@ -9662,7 +9662,7 @@ CVE-2016-7511
 	NOTE: See though notes for CVE-2016-7410, the 3767305debcba8bd7e1c483ae48c509d25399252
 	NOTE: seem to be the ultimate fix upstream, introducing commit should as well still be
 	NOTE: found.
-CVE-2016-7510
+CVE-2016-7510 (The read_line_table_program function in dwarf_line_table_reader_common ...)
 	{DLA-635-1}
 	- dwarfutils 20160923-1 (bug #838756)
 	[jessie] - dwarfutils <no-dsa> (Minor issue, can be fixed in point release)
@@ -9673,25 +9673,25 @@ CVE-2016-7510
 	NOTE: See though notes for CVE-2016-7410, the 3767305debcba8bd7e1c483ae48c509d25399252
 	NOTE: seem to be the ultimate fix upstream, introducing commit should as well still be
 	NOTE: found.
-CVE-2016-7509
+CVE-2016-7509 (Cross-site scripting (XSS) vulnerability in GLPI 0.90.4 allows remote  ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2016-7508
+CVE-2016-7508 (Multiple SQL injection vulnerabilities in GLPI 0.90.4 allow an authent ...)
 	- glpi <removed> (unimportant)
 	NOTE: https://github.com/glpi-project/glpi/issues/1047
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2016-7507
+CVE-2016-7507 (Cross-Site Request Forgery (CSRF) vulnerability in GLPI 0.90.4 allows  ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2016-7506
+CVE-2016-7506 (An out-of-bounds read vulnerability was observed in Sp_replace_regexp  ...)
 	NOT-FOR-US: MuJS
-CVE-2016-7505
+CVE-2016-7505 (A buffer overflow vulnerability was observed in divby function of Arti ...)
 	NOT-FOR-US: MuJS
-CVE-2016-7504
+CVE-2016-7504 (A use-after-free vulnerability was observed in Rp_toString function of ...)
 	NOT-FOR-US: MuJS
 CVE-2016-7503
 	RESERVED
-CVE-2016-7502
+CVE-2016-7502 (The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before ...)
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/9d738e6968757d4e70c8e07e0b720ac0004accc4 (n3.1.4)
 CVE-2016-7501
@@ -9699,10 +9699,10 @@ CVE-2016-7501
 	NOT-FOR-US: Oracle
 CVE-2016-7500
 	RESERVED
-CVE-2016-7499
+CVE-2016-7499 (The sbr_make_f_master function in aacsbr.c in Libav 11.7 allows remote ...)
 	- libav <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/21/libav-divide-by-zero-in-sbr_make_f_master-aacsbr-c/
-CVE-2016-7498
+CVE-2016-7498 (OpenStack Compute (nova) 13.0.0 does not properly delete instances fro ...)
 	- nova 2:13.1.0-1
 	[jessie] - nova <not-affected> (Vulnerable code (re)introduced later)
 	[wheezy] - nova <not-affected> (Vulnerable code (re)introduced later)
@@ -9722,11 +9722,11 @@ CVE-2016-7492
 	REJECTED
 CVE-2016-7491
 	REJECTED
-CVE-2016-7490
+CVE-2016-7490 (The installation script studioexpressinstall for Teradata Studio Expre ...)
 	NOT-FOR-US: Teradata Studio Express
-CVE-2016-7489
+CVE-2016-7489 (Teradata Virtual Machine Community Edition v15.10's perl script /opt/t ...)
 	NOT-FOR-US: Teradata Virtual Machine Community Edition
-CVE-2016-7488
+CVE-2016-7488 (Teradata Virtual Machine Community Edition v15.10 has insecure file pe ...)
 	NOT-FOR-US: Teradata Virtual Machine Community Edition
 CVE-2016-7487
 	REJECTED
@@ -9742,11 +9742,11 @@ CVE-2016-7482
 	REJECTED
 CVE-2016-7481
 	REJECTED
-CVE-2016-7480
+CVE-2016-7480 (The SplObjectStorage unserialize implementation in ext/spl/spl_observe ...)
 	- php7.0 7.0.12-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73257
 	NOTE: Fixed in 7.0.12
-CVE-2016-7479
+CVE-2016-7479 (In all versions of PHP 7, during the unserialization process, resizing ...)
 	{DSA-3783-1 DLA-875-1}
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
@@ -9759,7 +9759,7 @@ CVE-2016-7479
 	NOTE: The change is in 5.6+, even though the property table issue only affects
 	NOTE: PHP 7, because this also prevents a wide range of other __wakeup() based
 	NOTE: attacks.
-CVE-2016-7478
+CVE-2016-7478 (Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x befo ...)
 	{DSA-3732-1 DLA-875-1}
 	- php7.1 <not-affected> (Fixed before initial upload to Debian)
 	- php7.0 7.0.13-1
@@ -9767,63 +9767,63 @@ CVE-2016-7478
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73093
 	NOTE: Patch for 5.6.x: http://git.php.net/?p=php-src.git;a=commit;h=40e7baab3c90001beee4c8f0ed0ef79ad18ee0d6 (5.6.28)
 	NOTE: backported patch for 5.4: https://lists.debian.org/87efysy07p.fsf@curie.anarc.at
-CVE-2016-7477
+CVE-2016-7477 (The ff_put_pixels8_xy2_mmx function in rnd_template.c in Libav 11.7 al ...)
 	- libav <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/20/libav-null-pointer-dereference-in-ff_put_pixels8_xy2_mmx-rnd_template-c/
-CVE-2016-7476
+CVE-2016-7476 (The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, A ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-7475
+CVE-2016-7475 (Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-7474
+CVE-2016-7474 (In some cases the MCPD binary cache in F5 BIG-IP devices may allow a u ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2016-7473
 	REJECTED
-CVE-2016-7472
+CVE-2016-7472 (F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to ca ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2016-7471
 	REJECTED
 CVE-2016-7470
 	REJECTED
-CVE-2016-7469
+CVE-2016-7469 (A stored cross-site scripting (XSS) vulnerability in the Configuration ...)
 	NOT-FOR-US: BIG-IP
-CVE-2016-7468
+CVE-2016-7468 (An unauthenticated remote attacker may be able to disrupt services on  ...)
 	NOT-FOR-US: F5
-CVE-2016-7467
+CVE-2016-7467 (The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 H ...)
 	NOT-FOR-US: F5
 CVE-2016-7465
 	REJECTED
 CVE-2016-7464
 	REJECTED
-CVE-2016-7463
+CVE-2016-7463 (Cross-site scripting (XSS) vulnerability in the Host Client in VMware  ...)
 	NOT-FOR-US: VMware
-CVE-2016-7462
+CVE-2016-7462 (The Suite REST API in VMware vRealize Operations (aka vROps) 6.x befor ...)
 	NOT-FOR-US: VMware
-CVE-2016-7461
+CVE-2016-7461 (The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x be ...)
 	NOT-FOR-US: VMware
-CVE-2016-7460
+CVE-2016-7460 (The Single Sign-On feature in VMware vCenter Server 5.5 before U3e and ...)
 	NOT-FOR-US: VMware
-CVE-2016-7459
+CVE-2016-7459 (VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote  ...)
 	NOT-FOR-US: VMware
-CVE-2016-7458
+CVE-2016-7458 (VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote  ...)
 	NOT-FOR-US: VMware
-CVE-2016-7457
+CVE-2016-7457 (VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote  ...)
 	NOT-FOR-US: VMware
-CVE-2016-7456
+CVE-2016-7456 (VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH pri ...)
 	NOT-FOR-US: VMware
 CVE-2016-7455
 	RESERVED
-CVE-2016-7454
+CVE-2016-7454 (CSRF vulnerability on Technicolor TC dpc3941T (formerly Cisco dpc3941T ...)
 	NOT-FOR-US: Technicolor TC dpc3941T
-CVE-2016-7453
+CVE-2016-7453 (The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7452
+CVE-2016-7452 (The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could ...)
 	NOT-FOR-US: Exponent CMS
 CVE-2016-7451
 	RESERVED
-CVE-2016-7450
+CVE-2016-7450 (The ff_log2_16bit_c function in libavutil/intmath.h in FFmpeg before 3 ...)
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/ac8ac46641adef208485baebc3734463bf0bd266 (n3.1.4)
-CVE-2016-7449
+CVE-2016-7449 (The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 al ...)
 	{DLA-1401-1 DLA-651-1}
 	- graphicsmagick 1.3.25-1
 	NOTE: The scope of the CVE is for all of these reported TIFF problems.
@@ -9835,31 +9835,31 @@ CVE-2016-7449
 	NOTE: https://blogs.gentoo.org/ago/2016/08/23/graphicsmagick-two-heap-based-buffer-overflow-in-readtiffimage-tiff-c/
 	NOTE: https://blogs.gentoo.org/ago/2016/09/07/graphicsmagick-null-pointer-dereference-in-magickstrlcpy-utility-c/
 	NOTE: Fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/eb58028dacf5
-CVE-2016-7448
+CVE-2016-7448 (The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote atta ...)
 	{DLA-1401-1 DLA-683-1}
 	- graphicsmagick 1.3.25-1
 	NOTE: Fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/30043afadb10
 	NOTE: Fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d972c761b55d
-CVE-2016-7447
+CVE-2016-7447 (Heap-based buffer overflow in the EscapeParenthesis function in Graphi ...)
 	{DLA-1401-1 DLA-651-1}
 	- graphicsmagick 1.3.25-1
 	NOTE: Fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d580e3c3c034
-CVE-2016-7446
+CVE-2016-7446 (Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1. ...)
 	{DLA-1401-1 DLA-651-1}
 	- graphicsmagick 1.3.25-1
 	NOTE: For the http://www.graphicsmagick.org/NEWS.html#september-5-2016 case
 	NOTE: which remained present in the 1.3.24 release (and was not fixed until 1.3.25)
 	NOTE: Fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/6071b5820215
-CVE-2016-7445
+CVE-2016-7445 (convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a  ...)
 	- openjpeg2 2.1.2-1 (unimportant; bug #838690)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/843
 	NOTE: PoC: https://github.com/STARLABSEC/pocs/raw/master/openjpeg-nullptr-github-issue-842.ppm
 	NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-7442
+CVE-2016-7442 (The Frontend component in Sophos UTM with firmware 9.405-5 and earlier ...)
 	NOT-FOR-US: Sophos UTM
 CVE-2016-7441
 	RESERVED
-CVE-2016-7440
+CVE-2016-7440 (The C software implementation of AES Encryption and Decryption in wolf ...)
 	{DSA-3711-1 DSA-3706-1 DLA-708-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.16-1 (bug #841163)
@@ -9867,23 +9867,23 @@ CVE-2016-7440
 	- mysql-5.5 <removed> (bug #841050)
 	NOTE: Fixed in MariaDB 5.5.53, MariaDB 10.0.28
 	- wolfssl 3.9.10+dfsg-1
-CVE-2016-7439
+CVE-2016-7439 (The C software implementation of RSA in wolfSSL (formerly CyaSSL) befo ...)
 	- wolfssl 3.9.10+dfsg-1
-CVE-2016-7438
+CVE-2016-7438 (The C software implementation of ECC in wolfSSL (formerly CyaSSL) befo ...)
 	- wolfssl 3.9.10+dfsg-1
-CVE-2016-7437
+CVE-2016-7437 (SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the S ...)
 	NOT-FOR-US: SAP Netweaver
 CVE-2016-7436
 	RESERVED
-CVE-2016-7435
+CVE-2016-7435 (The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and  ...)
 	NOT-FOR-US: SAP Netweaver
-CVE-2016-7434
+CVE-2016-7434 (The read_mru_list function in NTP before 4.2.8p9 allows remote attacke ...)
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <not-affected> (mrulist introduced in ntp-4.2.7p22, vulnerable code not present)
 	[wheezy] - ntp <not-affected> (mrulist introduced in ntp-4.2.7p22, vulnerable code not present)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3082
 	NOTE: Only possible to trigger from hosts in allow mrulist query.
-CVE-2016-7433
+CVE-2016-7433 (NTP before 4.2.8p9 does not properly perform the initial sync calculat ...)
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <not-affected> (Vulnerable code introduced in ntp-4.2.7p385)
 	[wheezy] - ntp <not-affected> (Vulnerable code introduced in ntp-4.2.7p385)
@@ -9893,19 +9893,19 @@ CVE-2016-7433
 	NOTE: itself in general is incorrect in all version of ntp-4 until ntp-4.2.8p9
 CVE-2016-7432
 	RESERVED
-CVE-2016-7431
+CVE-2016-7431 (NTP before 4.2.8p9 allows remote attackers to bypass the origin timest ...)
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <not-affected> (Vulnerable code not present)
 	[wheezy] - ntp <not-affected> (Vulnerable code introduced later)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3102
 CVE-2016-7430
 	RESERVED
-CVE-2016-7429
+CVE-2016-7429 (NTP before 4.2.8p9 changes the peer structure to the interface it rece ...)
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue, only possible if rp_filter is 0)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3072
-CVE-2016-7428
+CVE-2016-7428 (ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial o ...)
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <not-affected> (Vulnerable code not present)
 	[wheezy] - ntp <not-affected> (Vulnerable code not present)
@@ -9914,7 +9914,7 @@ CVE-2016-7428
 	NOTE: The fixes for CVE-2015-7973 have added several new integrity checks on incoming
 	NOTE: broadcast mode packets and issue got introduced with code changes to fix that
 	NOTE: issue.
-CVE-2016-7427
+CVE-2016-7427 (The broadcast mode replay prevention functionality in ntpd in NTP befo ...)
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <not-affected> (Vulnerable code not present)
 	[wheezy] - ntp <not-affected> (Vulnerable code not present)
@@ -9923,29 +9923,29 @@ CVE-2016-7427
 	NOTE: The fixes for CVE-2015-7973 have added several new integrity checks on incoming
 	NOTE: broadcast mode packets and issue got introduced with code changes to fix that
 	NOTE: issue.
-CVE-2016-7426
+CVE-2016-7426 (NTP before 4.2.8p9 rate limits responses received from the configured  ...)
 	- ntp 1:4.2.8p9+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3071
-CVE-2016-7425
+CVE-2016-7425 (The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba ...)
 	{DSA-3696-1 DLA-670-1}
 	- linux 4.7.8-1
 	NOTE: http://marc.info/?l=linux-scsi&m=147394713328707&w=2
 	NOTE: Upstream commit: https://git.kernel.org/linus/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167
-CVE-2016-7424
+CVE-2016-7424 (The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav ...)
 	{DSA-3685-1 DLA-780-1}
 	- libav <removed>
 	- ffmpeg <not-affected> (Fixed before introduction into the archive)
 	NOTE: Fixed by: https://git.libav.org/?p=libav.git;a=commit;h=136f55207521f0b03194ef5b55ba70f1635d6aee
 	NOTE: https://blogs.gentoo.org/ago/2016/09/17/libav-null-pointer-dereference-in-put_no_rnd_pixels8_xy2_mmx-rnd_template-c/
-CVE-2016-7420
+CVE-2016-7420 (Crypto++ (aka cryptopp) through 5.6.4 does not document the requiremen ...)
 	- libcrypto++ <unfixed> (unimportant)
 	NOTE: https://github.com/weidai11/cryptopp/issues/277
 	NOTE: The scope of this CVE is the documentation bug, lacking treatment of
 	NOTE: -DNDEBUG and Static Initialization
 	NOTE: Documentation added in https://github.com/weidai11/cryptopp/commit/553049ba297d89d9e8fbf2204acb40a8a53f5cd6
-CVE-2016-7419
+CVE-2016-7419 (Cross-site scripting (XSS) vulnerability in share.js in the gallery ap ...)
 	- nextcloud <itp> (bug #835086)
 	- owncloud <not-affected> (Vulnerable code introduced later)
 	NOTE: up to version which was removed, not included, as the vulnerable code was
@@ -9955,7 +9955,7 @@ CVE-2016-7419
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-011
 	NOTE: https://github.com/owncloud/gallery/commit/6933d27afe518967bd1b60e6a7eacd88288929fc
 	NOTE: https://hackerone.com/reports/145355
-CVE-2016-7418
+CVE-2016-7418 (The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5. ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.11-1
 	- php5 5.6.26+dfsg-1
@@ -9964,21 +9964,21 @@ CVE-2016-7418
 	NOTE: https://github.com/php/php-src/commit/c4cca4c20e75359c9a13a1f9a36cb7b4e9601d29?w=1
 	NOTE: The scope of this CVE also includes all of the "other four similar issues"
 	NOTE: in the "[2016-09-12 06:44 UTC]" comment.
-CVE-2016-7417
+CVE-2016-7417 (ext/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceed ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.11-1
 	- php5 5.6.26+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73029
 	NOTE: Fixed in 7.0.11, 5.6.26
 	NOTE: https://github.com/php/php-src/commit/ecb7f58a069be0dec4a6131b6351a761f808f22e?w=1
-CVE-2016-7416
+CVE-2016-7416 (ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x bef ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.11-1
 	- php5 5.6.26+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73007
 	NOTE: Fixed in 7.0.11, 5.6.26
 	NOTE: https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1
-CVE-2016-7415
+CVE-2016-7415 (Stack-based buffer overflow in the Locale class in common/locid.cpp in ...)
 	{DSA-3725-1 DLA-744-1}
 	[experimental] - icu 58.1-1
 	- icu 57.1-5 (bug #838694)
@@ -9986,35 +9986,35 @@ CVE-2016-7415
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73007
 	NOTE: PHP fix: https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1
 	NOTE: Upstream bug: http://bugs.icu-project.org/trac/ticket/12745
-CVE-2016-7414
+CVE-2016-7414 (The ZIP signature-verification feature in PHP before 5.6.26 and 7.x be ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.11-1
 	- php5 5.6.26+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72928
 	NOTE: Fixed in 7.0.11, 5.6.26
 	NOTE: https://github.com/php/php-src/commit/0bfb970f43acd1e81d11be1154805f86655f15d5?w=1
-CVE-2016-7413
+CVE-2016-7413 (Use-after-free vulnerability in the wddx_stack_destroy function in ext ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.11-1
 	- php5 5.6.26+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72860
 	NOTE: Fixed in 7.0.11, 5.6.26
 	NOTE: https://github.com/php/php-src/commit/b88393f08a558eec14964a55d3c680fe67407712?w=1
-CVE-2016-7412
+CVE-2016-7412 (ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.11-1
 	- php5 5.6.26+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72293
 	NOTE: Fixed in 7.0.11, 5.6.26
 	NOTE: https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1
-CVE-2016-7411
+CVE-2016-7411 (ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles objec ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 <not-affected> (Only affects 5.x)
 	- php5 5.6.26+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73052
 	NOTE: Fixed in 5.6.26
 	NOTE: https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1
-CVE-2016-7410
+CVE-2016-7410 (The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 201606 ...)
 	- dwarfutils 20160923-1 (bug #838019)
 	[jessie] - dwarfutils <not-affected> (Vulnerable code introduced in later version)
 	[wheezy] - dwarfutils <not-affected> (Vulnerable code introduced in later version)
@@ -10024,22 +10024,22 @@ CVE-2016-7410
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/e12f6c0b69c20f58dccc4505309cf7f974c34dc2
 	NOTE: with final fix/follow up: https://sourceforge.net/p/libdwarf/code/ci/3767305debcba8bd7e1c483ae48c509d25399252
 	NOTE: Introduced by (as confirmed by upstream): https://sourceforge.net/p/libdwarf/code/ci/b446e23dc21704ccd3b76d8945aaf39e4aca8c27
-CVE-2016-7409
+CVE-2016-7409 (The dbclient and server in Dropbear SSH before 2016.74, when compiled  ...)
 	- dropbear 2016.74-1 (unimportant)
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/6a14b1f6dc04
 	NOTE: Not an issue for the the Debian binary package since we do not
 	NOTE: compile with DEBUG_TRACE.
-CVE-2016-7408
+CVE-2016-7408 (The dbclient in Dropbear SSH before 2016.74 allows remote attackers to ...)
 	- dropbear 2016.74-1
 	[jessie] - dropbear 2014.65-1+deb8u1
 	[wheezy] - dropbear <not-affected> (Vulnerable code not present)
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/eed9376a4ad6
-CVE-2016-7407
+CVE-2016-7407 (The dropbearconvert command in Dropbear SSH before 2016.74 allows atta ...)
 	{DLA-634-1}
 	- dropbear 2016.74-1
 	[jessie] - dropbear 2014.65-1+deb8u1
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/34e6127ef02e
-CVE-2016-7406
+CVE-2016-7406 (Format string vulnerability in Dropbear SSH before 2016.74 allows remo ...)
 	{DLA-634-1}
 	- dropbear 2016.74-1
 	[jessie] - dropbear 2014.65-1+deb8u1
@@ -10050,34 +10050,34 @@ CVE-2016-7404 [Magnum created instances have full API access to creating user's
 	NOTE: https://git.openstack.org/cgit/openstack/magnum/commit/?id=0bb0d6486d6771ee21bbf897a091b1aa59e01b22
 CVE-2016-7403
 	RESERVED
-CVE-2016-7402
+CVE-2016-7402 (SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own Sour ...)
 	NOT-FOR-US: SAP ASE
-CVE-2016-7401
+CVE-2016-7401 (The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.1 ...)
 	{DSA-3678-1 DLA-649-1}
 	- python-django 1:1.10-1 (low)
 	NOTE: https://www.djangoproject.com/weblog/2016/sep/26/security-releases/
-CVE-2016-7400
+CVE-2016-7400 (Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 al ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7399
+CVE-2016-7399 (scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6. ...)
 	NOT-FOR-US: Veritas NetBackup Applianc
 CVE-2016-7398
 	RESERVED
-CVE-2016-7397
+CVE-2016-7397 (The Frontend component in Sophos UTM with firmware 9.405-5 and earlier ...)
 	NOT-FOR-US: Sophos UTM
 CVE-2016-7396
 	RESERVED
-CVE-2016-7395
+CVE-2016-7395 (SkPath.cpp in Skia, as used in Google Chrome before 53.0.2785.89 on Wi ...)
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.92-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-7394
+CVE-2016-7394 (tiki wiki cms groupware &lt;=15.2 has a xss vulnerability, allow attac ...)
 	- tikiwiki <removed>
 	NOTE: https://sourceforge.net/p/tikiwiki/code/59653/
-CVE-2016-7391
+CVE-2016-7391 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7390
+CVE-2016-7390 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7389
+CVE-2016-7389 (For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Di ...)
 	- nvidia-graphics-drivers 367.57-1 (bug #846331)
 	[jessie] - nvidia-graphics-drivers 340.101-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -10085,19 +10085,19 @@ CVE-2016-7389
 	- nvidia-graphics-drivers-legacy-304xx 304.132-1 (bug #846333)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.134-0~deb8u1
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/4246
-CVE-2016-7388
+CVE-2016-7388 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7387
+CVE-2016-7387 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7386
+CVE-2016-7386 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7385
+CVE-2016-7385 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7384
+CVE-2016-7384 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7383
+CVE-2016-7383 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
-CVE-2016-7382
+CVE-2016-7382 (For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Di ...)
 	- nvidia-graphics-drivers 367.57-1 (bug #846331)
 	[jessie] - nvidia-graphics-drivers 340.101-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -10105,7 +10105,7 @@ CVE-2016-7382
 	- nvidia-graphics-drivers-legacy-304xx 304.132-1 (bug #846333)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.134-0~deb8u1
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/4246
-CVE-2016-7381
+CVE-2016-7381 (For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU D ...)
 	NOT-FOR-US: Nvidia Windows driver
 CVE-2016-7380
 	RESERVED
@@ -10267,259 +10267,259 @@ CVE-2016-7302
 	REJECTED
 CVE-2016-7301
 	REJECTED
-CVE-2016-7300
+CVE-2016-7300 (Untrusted search path vulnerability in Microsoft Auto Updater for Mac  ...)
 	NOT-FOR-US: Microsoft Auto Updater for Mac
 CVE-2016-7299
 	REJECTED
-CVE-2016-7298
+CVE-2016-7298 (Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for Ma ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7297
+CVE-2016-7297 (The scripting engines in Microsoft Edge allow remote attackers to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7296
+CVE-2016-7296 (The scripting engines in Microsoft Edge allow remote attackers to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7295
+CVE-2016-7295 (The Common Log File System (CLFS) driver in Microsoft Windows Vista SP ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-7294
 	REJECTED
 CVE-2016-7293
 	REJECTED
-CVE-2016-7292
+CVE-2016-7292 (The Installer in Microsoft Windows Vista SP2, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-7291
+CVE-2016-7291 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compat ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7290
+CVE-2016-7290 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compat ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7289
+CVE-2016-7289 (Microsoft Publisher 2010 SP2 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7288
+CVE-2016-7288 (The scripting engines in Microsoft Edge allow remote attackers to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7287
+CVE-2016-7287 (The scripting engines in Microsoft Internet Explorer 11 and Microsoft  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7286
+CVE-2016-7286 (The scripting engines in Microsoft Edge allow remote attackers to exec ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-7285
 	REJECTED
-CVE-2016-7284
+CVE-2016-7284 (Microsoft Internet Explorer 10 and 11 allows remote attackers to obtai ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7283
+CVE-2016-7283 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7282
+CVE-2016-7282 (Cross-site scripting (XSS) vulnerability in Microsoft Internet Explore ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7281
+CVE-2016-7281 (The Web Workers implementation in Microsoft Internet Explorer 10 and 1 ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2016-7280
+CVE-2016-7280 (Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7279
+CVE-2016-7279 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7278
+CVE-2016-7278 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ob ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7277
+CVE-2016-7277 (Microsoft Office 2016 allows remote attackers to execute arbitrary cod ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7276
+CVE-2016-7276 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office fo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7275
+CVE-2016-7275 (Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7274
+CVE-2016-7274 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7273
+CVE-2016-7273 (The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 an ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7272
+CVE-2016-7272 (The Graphics component in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7271
+CVE-2016-7271 (The Secure Kernel Mode implementation in Microsoft Windows 10 Gold, 15 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-7270
+CVE-2016-7270 (The Data Provider for SQL Server in Microsoft .NET Framework 4.6.2 mis ...)
 	NOT-FOR-US: Microsoft .NET Framework
 CVE-2016-7269
 	REJECTED
-CVE-2016-7268
+CVE-2016-7268 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compat ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7267
+CVE-2016-7267 (Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 misparses fi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7266
+CVE-2016-7266 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7265
+CVE-2016-7265 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7264
+CVE-2016-7264 (Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7263
+CVE-2016-7263 (Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote attac ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7262
+CVE-2016-7262 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-7261
 	REJECTED
-CVE-2016-7260
+CVE-2016-7260 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-7259
+CVE-2016-7259 (The Graphics Component in the kernel-mode drivers in Microsoft Windows ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-7258
+CVE-2016-7258 (The kernel in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Se ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-7257
+CVE-2016-7257 (The GDI component in Microsoft Windows Vista SP2, Windows Server 2008  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-7256
+CVE-2016-7256 (atmfd.dll in the Windows font library in Microsoft Windows Vista SP2,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7255
+CVE-2016-7255 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7254
+CVE-2016-7254 (Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7253
+CVE-2016-7253 (The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7252
+CVE-2016-7252 (Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7251
+CVE-2016-7251 (Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft S ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7250
+CVE-2016-7250 (Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly pe ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7249
+CVE-2016-7249 (Microsoft SQL Server 2016 does not properly perform a cast of an unspe ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7248
+CVE-2016-7248 (Microsoft Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7247
+CVE-2016-7247 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7246
+CVE-2016-7246 (The kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7245
+CVE-2016-7245 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7244
+CVE-2016-7244 (Microsoft Office 2007 SP3 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7243
+CVE-2016-7243 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7242
+CVE-2016-7242 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7241
+CVE-2016-7241 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7240
+CVE-2016-7240 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7239
+CVE-2016-7239 (The RegEx class in the XSS filter in Microsoft Internet Explorer 9 thr ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7238
+CVE-2016-7238 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7237
+CVE-2016-7237 (Local Security Authority Subsystem Service (LSASS) in Microsoft Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7236
+CVE-2016-7236 (Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7235
+CVE-2016-7235 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7234
+CVE-2016-7234 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Wo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7233
+CVE-2016-7233 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7232
+CVE-2016-7232 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7231
+CVE-2016-7231 (Microsoft Excel 2007 SP3, Excel for Mac 2011, Office Compatibility Pac ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7230
+CVE-2016-7230 (Microsoft PowerPoint 2010 SP2, PowerPoint Viewer, and Office Web Apps  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7229
+CVE-2016-7229 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7228
+CVE-2016-7228 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7227
+CVE-2016-7227 (The scripting engines in Microsoft Internet Explorer 9 through 11 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7226
+CVE-2016-7226 (Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7225
+CVE-2016-7225 (Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7224
+CVE-2016-7224 (Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7223
+CVE-2016-7223 (Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7222
+CVE-2016-7222 (Task Scheduler in Microsoft Windows 10 Gold, 1511, and 1607 and Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7221
+CVE-2016-7221 (Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7220
+CVE-2016-7220 (Virtual Secure Mode in Microsoft Windows 10 allows local users to obta ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7219
+CVE-2016-7219 (The Crypto driver in Microsoft Windows Vista SP2, Windows Server 2008  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7218
+CVE-2016-7218 (Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7217
+CVE-2016-7217 (Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold an ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7216
+CVE-2016-7216 (The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7215
+CVE-2016-7215 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7214
+CVE-2016-7214 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7213
+CVE-2016-7213 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7212
+CVE-2016-7212 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7211
+CVE-2016-7211 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7210
+CVE-2016-7210 (atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7209
+CVE-2016-7209 (Microsoft Edge allows remote attackers to spoof web content via a craf ...)
 	NOT-FOR-US: Mircosoft
-CVE-2016-7208
+CVE-2016-7208 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-7207
 	REJECTED
-CVE-2016-7206
+CVE-2016-7206 (Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7205
+CVE-2016-7205 (Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7204
+CVE-2016-7204 (Microsoft Edge allows remote attackers to access arbitrary "My Documen ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7203
+CVE-2016-7203 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7202
+CVE-2016-7202 (The scripting engines in Microsoft Internet Explorer 9 through 11 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7201
+CVE-2016-7201 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7200
+CVE-2016-7200 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7199
+CVE-2016-7199 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7198
+CVE-2016-7198 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-7197
 	REJECTED
-CVE-2016-7196
+CVE-2016-7196 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7195
+CVE-2016-7195 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7194
+CVE-2016-7194 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7193
+CVE-2016-7193 (Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT  ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-7192
 	REJECTED
-CVE-2016-7191
+CVE-2016-7191 (The Microsoft Azure Active Directory Passport (aka Passport-Azure-AD)  ...)
 	NOT-FOR-US: Microsoft Azure Active Directory Passport
-CVE-2016-7190
+CVE-2016-7190 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7189
+CVE-2016-7189 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7188
+CVE-2016-7188 (The Standard Collector Service in Windows Diagnostics Hub in Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-7187
 	REJECTED
 CVE-2016-7186
 	REJECTED
-CVE-2016-7185
+CVE-2016-7185 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7184
+CVE-2016-7184 (The Common Log File System (CLFS) driver in Microsoft Windows Vista SP ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-7183
 	REJECTED
-CVE-2016-7182
+CVE-2016-7182 (The Graphics component in Microsoft Windows Vista SP2; Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7181
+CVE-2016-7181 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7393
+CVE-2016-7393 (Stack-based buffer overflow in the aac_sync function in aac_parser.c i ...)
 	{DLA-644-1}
 	- ffmpeg 7:2.4-1
 	- libav <removed>
 	[jessie] - libav 6:11.6-1~deb8u1
 	NOTE: https://blogs.gentoo.org/ago/2016/08/20/libav-stack-based-buffer-overflow-in-aac_sync-aac_parser-c/
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=fb1473080223a634b8ac2cca48a632d037a0a69d
-CVE-2016-7392
+CVE-2016-7392 (Heap-based buffer overflow in the pstoedit_suffix_table_init function  ...)
 	{DLA-621-1}
 	- autotrace 0.31.1-17 (bug #837599)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/10/autotrace-heap-based-buffer-overflow-in-pstoedit_suffix_table_init-output-pstoedit-c/
 	NOTE: Also reproducible with valgrind
-CVE-2016-7180
+CVE-2016-7180 (epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wir ...)
 	{DSA-3671-1 DLA-632-1}
 	- wireshark 2.2.0~rc1+g438c022-1
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5213496250aceff086404c568e3718ebc0060934
@@ -10527,7 +10527,7 @@ CVE-2016-7180
 	NOTE: https://code.wireshark.org/review/17289
 	NOTE: Affected versions: 2.0.0 to 2.0.5
 	NOTE: Fixed versions: 2.0.6
-CVE-2016-7179
+CVE-2016-7179 (Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000 ...)
 	{DSA-3671-1 DLA-632-1}
 	- wireshark 2.2.0~rc1+g438c022-1
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3b97fbddc23c065727b0147aab52a27c4aadffe7
@@ -10535,7 +10535,7 @@ CVE-2016-7179
 	NOTE: https://code.wireshark.org/review/17095
 	NOTE: Affected versions: 2.0.0 to 2.0.5
 	NOTE: Fixed versions: 2.0.6
-CVE-2016-7178
+CVE-2016-7178 (epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark ...)
 	{DSA-3671-1 DLA-632-1}
 	- wireshark 2.2.0~rc1+g438c022-1
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=315bba7c645b75af24215c6303d187b188610bba
@@ -10543,7 +10543,7 @@ CVE-2016-7178
 	NOTE: https://code.wireshark.org/review/17094
 	NOTE: Affected versions: 2.0.0 to 2.0.5
 	NOTE: Fixed versions: 2.0.6
-CVE-2016-7177
+CVE-2016-7177 (epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 diss ...)
 	{DSA-3671-1 DLA-632-1}
 	- wireshark 2.2.0~rc1+g438c022-1
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2e37b271c473e1cbd01d62ebe1f3b011fc9fe638
@@ -10551,7 +10551,7 @@ CVE-2016-7177
 	NOTE: https://code.wireshark.org/review/17096
 	NOTE: Affected versions: 2.0.0 to 2.0.5
 	NOTE: Fixed versions: 2.0.6
-CVE-2016-7176
+CVE-2016-7176 (epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x  ...)
 	{DSA-3671-1 DLA-632-1}
 	- wireshark 2.2.0~rc1+g438c022-1
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6d8261994bb928b7e80e3a2478a3d939ea1ef373
@@ -10559,7 +10559,7 @@ CVE-2016-7176
 	NOTE: https://code.wireshark.org/review/16852
 	NOTE: Affected versions: 2.0.0 to 2.0.5
 	NOTE: Fixed versions: 2.0.6
-CVE-2016-7175
+CVE-2016-7175 (epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark ...)
 	- wireshark 2.2.0~rc1+g438c022-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -10568,25 +10568,25 @@ CVE-2016-7175
 	NOTE: https://code.wireshark.org/review/16965
 	NOTE: Affected versions: 2.0.0 to 2.0.5
 	NOTE: Fixed versions: 2.0.6
-CVE-2016-1000222
+CVE-2016-1000222 (Logstash prior to version 2.1.2, the CSV output can be attacked via en ...)
 	- logstash <itp> (bug #664841)
-CVE-2016-1000221
+CVE-2016-1000221 (Logstash prior to version 2.3.4, Elasticsearch Output plugin would log ...)
 	- logstash <itp> (bug #664841)
-CVE-2016-1000220
+CVE-2016-1000220 (Kibana before 4.5.4 and 4.1.11 are vulnerable to an XSS attack that wo ...)
 	- kibana <itp> (bug #700337)
-CVE-2016-1000219
+CVE-2016-1000219 (Kibana before 4.5.4 and 4.1.11 when a custom output is configured for  ...)
 	- kibana <itp> (bug #700337)
-CVE-2016-1000217
+CVE-2016-1000217 (Zotpress plugin for WordPress SQLi in zp_get_account() ...)
 	NOT-FOR-US: WordPress plugin zotpress
-CVE-2016-1000216
+CVE-2016-1000216 (Ruckus Wireless H500 web management interface authenticated command in ...)
 	NOT-FOR-US: Ruckus Wireless H500
-CVE-2016-1000215
+CVE-2016-1000215 (Ruckus Wireless H500 web management interface denial of service ...)
 	NOT-FOR-US: Ruckus Wireless H500
-CVE-2016-1000214
+CVE-2016-1000214 (Ruckus Wireless H500 web management interface authentication bypass ...)
 	NOT-FOR-US: Ruckus Wireless H500
-CVE-2016-1000213
+CVE-2016-1000213 (Ruckus Wireless H500 web management interface CSRF ...)
 	NOT-FOR-US: Ruckus Wireless H500
-CVE-2016-7551
+CVE-2016-7551 (chain_sip in Asterisk Open Source 11.x before 11.23.1 and 13.x 13.11.1 ...)
 	{DSA-3700-1 DLA-781-1}
 	- asterisk 1:13.11.2~dfsg-1 (bug #838832)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2016-007.html
@@ -10600,38 +10600,38 @@ CVE-2016-7174
 	RESERVED
 CVE-2016-7173
 	RESERVED
-CVE-2016-7172
+CVE-2016-7172 (NetApp Snap Creator Framework before 4.3.1 discloses sensitive informa ...)
 	NOT-FOR-US: NetApp
-CVE-2016-7171
+CVE-2016-7171 (NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use ...)
 	NOT-FOR-US: NetApp
-CVE-2016-7170
+CVE-2016-7170 (The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Q ...)
 	{DLA-1599-1 DLA-653-1 DLA-652-1}
 	- qemu 1:2.8+dfsg-1 (bug #837316)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01764.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=167d97a3def77ee2dbf6e908b0ecbfe2103977db
-CVE-2016-7169
+CVE-2016-7169 (Directory traversal vulnerability in the File_Upload_Upgrader class in ...)
 	{DSA-3681-1 DLA-633-1}
 	- wordpress 4.6.1+dfsg-1
 	NOTE: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
 	NOTE: Fixed in 4.6.1 release upstream
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/38524
-CVE-2016-7168
+CVE-2016-7168 (Cross-site scripting (XSS) vulnerability in the media_handle_upload fu ...)
 	{DSA-3681-1 DLA-633-1}
 	- wordpress 4.6.1+dfsg-1
 	NOTE: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
 	NOTE: Fixed in 4.6.1 release upstream
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/38538
-CVE-2016-7167
+CVE-2016-7167 (Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escap ...)
 	{DLA-1568-1 DLA-625-1}
 	- curl 7.51.0-1 (bug #837945)
 	NOTE: Upstream advisory: https://curl.haxx.se/docs/adv_20160914.html
 	NOTE: Upstream patch: https://curl.haxx.se/CVE-2016-7167.patch
 	NOTE: Affected versions: libcurl 7.11.1 to and including 7.50.2
 	NOTE: Not affected versions: libcurl < 7.11.1 and libcurl >= 7.50.3
-CVE-2016-7165
+CVE-2016-7165 (A vulnerability has been identified in Primary Setup Tool (PST) (All v ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-7162
+CVE-2016-7162 (The _g_file_remove_directory function in file-utils.c in File Roller 3 ...)
 	- file-roller 3.20.3-1
 	[jessie] - file-roller <no-dsa> (Minor issue)
 	[wheezy] - file-roller <not-affected> (Vulnerable code introduced in 3.5.4)
@@ -10639,19 +10639,19 @@ CVE-2016-7162
 	NOTE: Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=698554
 	NOTE: Introduced by: https://git.gnome.org/browse/file-roller/commit/?id=34b64f3a897c4b4e8e180c028f326bc921eb08ec (3.5.4)
 	NOTE: Fixed by: https://git.gnome.org/browse/file-roller/commit/?id=f70be1f41688859ec8dbe266df35a1839ceb96c5 (3.20.3)
-CVE-2016-7161
+CVE-2016-7161 (Heap-based buffer overflow in the .receive callback of xlnx.xps-ethern ...)
 	{DLA-1599-1 DLA-653-1 DLA-652-1}
 	- qemu 1:2.7+dfsg-1 (bug #838850)
 	- qemu-kvm <removed>
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a0d1cbdacff5df4ded16b753b38fdd9da6092968 (2.7.0-rc3)
 	NOTE: http://patchwork.ozlabs.org/patch/657076/
-CVE-2016-7160
+CVE-2016-7160 (A vulnerability on Samsung Mobile M(6.0) devices exists because extern ...)
 	NOT-FOR-US: Samsumg
 CVE-2016-7159
 	RESERVED
 CVE-2016-7158
 	RESERVED
-CVE-2016-7405
+CVE-2016-7405 (The qstr method in the PDO driver in the ADOdb Library for PHP before  ...)
 	{DLA-620-1}
 	- libphp-adodb 5.20.6-1 (bug #837211)
 	[jessie] - libphp-adodb 5.15-1+deb8u1
@@ -10660,21 +10660,21 @@ CVE-2016-7405
 	NOTE: Issue only with the PDO driver and only if queries built by inlining
 	NOTE: the quoted string (not recommended).
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/07/8
-CVE-2016-7154
+CVE-2016-7154 (Use-after-free vulnerability in the FIFO event channel code in Xen 4.4 ...)
 	{DSA-3663-1}
 	- xen 4.6.0-1
 	[wheezy] - xen <not-affected> (Versions 4.3 and earlier are not vulnerable)
 	NOTE: http://xenbits.xen.org/xsa/advisory-188.html
 	NOTE: Only affects Xen 4.4, as workaround it is marked as fixed in the first xen version entering unstable
 	NOTE: after the 4.4 series.
-CVE-2016-7166
+CVE-2016-7166 (libarchive before 3.2.0 does not limit the number of recursive decompr ...)
 	{DSA-3677-1 DLA-617-1}
 	- libarchive 3.2.0-2
 	NOTE: https://github.com/libarchive/libarchive/issues/660
 	NOTE: (with reproducer) https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/6e06b1c89dd0d16f74894eac4cfc1327a06ee4a0
 	NOTE: Fix improved by: https://github.com/libarchive/libarchive/commit/37649d274867edd2dd25d8a3057c3b6cd81ce83e
-CVE-2016-7164
+CVE-2016-7164 (The construct function in puff.cpp in Libtorrent 1.1.0 allows remote t ...)
 	- libtorrent-rasterbar 1.1.1-1 (bug #837338)
 	[jessie] - libtorrent-rasterbar <no-dsa> (Minor issue)
 	[wheezy] - libtorrent-rasterbar <not-affected> (Vulnerable code not present, reproducer does not crash)
@@ -10682,40 +10682,40 @@ CVE-2016-7164
 	NOTE: https://github.com/arvidn/libtorrent/pull/1022
 	NOTE: https://github.com/arvidn/libtorrent/commit/debf3c6e3688aab8394fe5c47737625faffe6f9e
 	NOTE: Fixed upstream in 1.1.1.
-CVE-2016-7163
+CVE-2016-7163 (Integer overflow in the opj_pi_create_decode function in pi.c in OpenJ ...)
 	{DSA-3665-1}
 	- openjpeg2 2.1.2-1 (bug #837604)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/c16bc057ba3f125051c9966cf1f5b68a05681de4
 	NOTE: https://github.com/uclouvain/openjpeg/commit/ef01f18dfc6780b776d0674ed3e7415c6ef54d24
-CVE-2016-7153
+CVE-2016-7153 (The HTTP/2 protocol does not consider the role of the TCP congestion w ...)
 	NOTE: CVE assigned for the HTTP/2 protocol issue
-CVE-2016-7152
+CVE-2016-7152 (The HTTPS protocol does not consider the role of the TCP congestion wi ...)
 	NOTE: CVE assigned for the HTTP/2 protocol issue
 CVE-2016-7151
 	RESERVED
-CVE-2016-7150
+CVE-2016-7150 (Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earl ...)
 	NOT-FOR-US: b2evolution
-CVE-2016-7149
+CVE-2016-7149 (Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earl ...)
 	NOT-FOR-US: b2evolution
-CVE-2016-7148
+CVE-2016-7148 (MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injectio ...)
 	{DSA-3715-1}
 	- moin 1.9.9-1 (bug #844341)
 	[wheezy] - moin <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: http://hg.moinmo.in/moin/1.9/rev/eceb70c41ecc
 	NOTE: https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html
-CVE-2016-7147
+CVE-2016-7147 (Cross-site scripting (XSS) vulnerability in the manage_findResult comp ...)
 	NOT-FOR-US: Plone
-CVE-2016-7146
+CVE-2016-7146 (MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injectio ...)
 	{DSA-3715-1 DLA-717-1}
 	- moin 1.9.9-1 (bug #844340)
 	NOTE: Fixed by: http://hg.moinmo.in/moin/1.9/rev/1563d6db198c
 	NOTE: https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html
-CVE-2016-7122
+CVE-2016-7122 (The avi_read_nikon function in libavformat/avidec.c in FFmpeg before 3 ...)
 	- ffmpeg 7:3.1.4-1 (bug #840434)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/ed38046c5c2e3b310980be32287179895c83e0d8 (n3.1.4)
 CVE-2016-7121
 	RESERVED
-CVE-2016-7155
+CVE-2016-7155 (hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest O ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #837174)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after v1.5)
@@ -10725,7 +10725,7 @@ CVE-2016-7155
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373462
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/2
 	NOTE: Vulnerable code introduced after version 1.5: http://wiki.qemu.org/ChangeLog/1.5
-CVE-2016-7156
+CVE-2016-7156 (The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (ak ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #837339)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after v1.5)
@@ -10735,7 +10735,7 @@ CVE-2016-7156
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373478
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/3
 	NOTE: Vulnerable code introduced after version 1.5: http://wiki.qemu.org/ChangeLog/1.5
-CVE-2016-7157
+CVE-2016-7157 (The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 func ...)
 	- qemu 1:2.6+dfsg-3.1 (bug #837603)
 	[jessie] - qemu <not-affected> (Vulnerable code not present, introduced after v2.6)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after v2.6)
@@ -10745,37 +10745,37 @@ CVE-2016-7157
 	NOTE: Upstream patches: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg04296.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/4
 	NOTE: Vulnerable code introduced after version 2.6: http://wiki.qemu.org/ChangeLog/2.6
-CVE-2016-7140
+CVE-2016-7140 (Multiple cross-site scripting (XSS) vulnerabilities in the ZMI page in ...)
 	NOT-FOR-US: Plone
-CVE-2016-7139
+CVE-2016-7139 (Cross-site scripting (XSS) vulnerability in an unspecified page templa ...)
 	NOT-FOR-US: Plone
-CVE-2016-7138
+CVE-2016-7138 (Cross-site scripting (XSS) vulnerability in the URL checking infrastru ...)
 	NOT-FOR-US: Plone
-CVE-2016-7137
+CVE-2016-7137 (Multiple open redirect vulnerabilities in Plone CMS 5.x through 5.0.6, ...)
 	NOT-FOR-US: Plone
-CVE-2016-7136
+CVE-2016-7136 (z3c.form in Plone CMS 5.x through 5.0.6 and 4.x through 4.3.11 allows  ...)
 	NOT-FOR-US: Plone
-CVE-2016-7135
+CVE-2016-7135 (Directory traversal vulnerability in Plone CMS 5.x through 5.0.6 and 4 ...)
 	NOT-FOR-US: Plone
-CVE-2016-7141
+CVE-2016-7141 (curl and libcurl before 7.50.2, when built with NSS and the libnsspem. ...)
 	{DLA-1568-1 DLA-616-1}
 	- curl 7.51.0-1 (bug #836918)
 	NOTE: Only affects libcurl3-nss
 	NOTE: http://seclists.org/oss-sec/2016/q3/419
 	NOTE: https://curl.haxx.se/docs/adv_20160907.html
-CVE-2016-7145
+CVE-2016-7145 (The m_authenticate function in ircd/m_authenticate.c in nefarious2 all ...)
 	NOT-FOR-US: Nefarious 2
-CVE-2016-7144
+CVE-2016-7144 (The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3 ...)
 	- unrealircd <itp> (bug #515130)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3
 	NOTE: unrealircd reportedly vulnerable, and ircd-seven reportedly not vulnerable
-CVE-2016-7143
+CVE-2016-7143 (The m_authenticate function in modules/m_sasl.c in Charybdis before 3. ...)
 	{DSA-3661-1}
 	- charybdis 3.5.3-1 (bug #836714)
 	[wheezy] - charybdis <no-dsa> (unsupported)
 	NOTE: charybdis patch: https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3
-CVE-2016-7142
+CVE-2016-7142 (The m_sasl module in InspIRCd before 2.0.23, when used with a service  ...)
 	{DSA-3662-1}
 	- inspircd 2.0.23-1 (bug #836706)
 	[wheezy] - inspircd <end-of-life> (not supported in Wheezy)
@@ -10783,21 +10783,21 @@ CVE-2016-7142
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/04/3
 CVE-2016-7120
 	RESERVED
-CVE-2016-7134
+CVE-2016-7134 (ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a l ...)
 	- php7.0 7.0.10-1
 	- php5 <not-affected> (Only affects PHP 7)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72674
 	NOTE: Fixed in 7.0.10
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/72dbb7f416160f490c4e9987040989a10ad431c7?w=1
-CVE-2016-7133
+CVE-2016-7133 (Zend/zend_alloc.c in PHP 7.x before 7.0.10, when open_basedir is enabl ...)
 	- php7.0 7.0.10-1
 	- php5 <not-affected> (Only affects PHP 7)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72742
 	NOTE: Fixed in 7.0.10
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/c2a13ced4272f2e65d2773e2ea6ca11c1ce4a911?w=1
-CVE-2016-7132
+CVE-2016-7132 (ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remo ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10807,7 +10807,7 @@ CVE-2016-7132
 	NOTE: https://github.com/php/php-src/commit/a14fdb9746262549bbbb96abb87338bacd147e1b?w=1
 	NOTE: 72790 and 72799 are associated with the same commit. Not all of the
 	NOTE: commit is about the pop issue in 72799.
-CVE-2016-7131
+CVE-2016-7131 (ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remo ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10818,7 +10818,7 @@ CVE-2016-7131
 	NOTE: Cf. as well https://bugs.php.net/bug.php?id=72799
 	NOTE: 72790 and 72799 are associated with the same commit. Not all of the
 	NOTE: commit is about the pop issue in 72799.
-CVE-2016-7130
+CVE-2016-7130 (The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6 ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10826,7 +10826,7 @@ CVE-2016-7130
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/698a691724c0a949295991e5df091ce16f899e02?w=1
-CVE-2016-7129
+CVE-2016-7129 (The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5. ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10834,7 +10834,7 @@ CVE-2016-7129
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/426aeb2808955ee3d3f52e0cfb102834cdb836a5?w=1
-CVE-2016-7128
+CVE-2016-7128 (The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10842,7 +10842,7 @@ CVE-2016-7128
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/6dbb1ee46b5f4725cc6519abf91e512a2a10dfed?w=1
-CVE-2016-7127
+CVE-2016-7127 (The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and ...)
 	{DSA-3689-1}
 	- libgd2 <not-affected> (gamma correction is only implemented in PHP)
 	- php7.0 7.0.10-1 (unimportant)
@@ -10851,7 +10851,7 @@ CVE-2016-7127
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/1bd103df00f49cf4d4ade2cfe3f456ac058a4eae?w=1
-CVE-2016-7126
+CVE-2016-7126 (The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6. ...)
 	{DSA-3689-1}
 	- libgd2 <not-affected> (libgd upstream not affected, overflow2 function check prevents the issue)
 	- php7.0 7.0.10-1 (unimportant)
@@ -10860,7 +10860,7 @@ CVE-2016-7126
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/b6f13a5ef9d6280cf984826a5de012a32c396cd4?w=1
-CVE-2016-7125
+CVE-2016-7125 (ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips ...)
 	{DSA-3689-1 DLA-628-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10870,7 +10870,7 @@ CVE-2016-7125
 	NOTE: https://github.com/php/php-src/commit/8763c6090d627d8bb0ee1d030c30e58f406be9ce?w=1
 	NOTE: Scope of CVE also includes the "The similar issue also exist in session php_binary
 	NOTE: handler" part of 72681.
-CVE-2016-7124
+CVE-2016-7124 (ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7. ...)
 	{DSA-3689-1 DLA-749-1}
 	- php7.0 7.0.10-1
 	- php5 5.6.26+dfsg-1
@@ -10878,73 +10878,73 @@ CVE-2016-7124
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/20ce2fe8e3c211a42fee05a461a5881be9a8790e?w=1
-CVE-2016-7123
+CVE-2016-7123 (Cross-site request forgery (CSRF) vulnerability in the admin web inter ...)
 	- mailman 2.1.15-1
 	NOTE: https://bugs.launchpad.net/mailman/+bug/1614841/comments/8
 	NOTE: https://bugs.launchpad.net/mailman/+bug/775294
-CVE-2016-7119
+CVE-2016-7119 (Cross-site scripting (XSS) vulnerability in the user-profile biography ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2016-7117
+CVE-2016-7117 (Use-after-free vulnerability in the __sys_recvmmsg function in net/soc ...)
 	- linux 4.5.2-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux 3.2.81-1
 	NOTE: Fixed by: https://git.kernel.org/linus/34b88a68f26a75e4fded796f1a49c40f82234b7d (4.6-rc1)
-CVE-2016-7115
+CVE-2016-7115 (Buffer overflow in the handle_packet function in mactelnet.c in the cl ...)
 	{DLA-639-1}
 	- mactelnet 0.4.4-4 (bug #836320)
 	[jessie] - mactelnet 0.4.0-1+deb8u1
 	NOTE: https://github.com/haakonnessjoen/MAC-Telnet/commit/b69d11727d4f0f8cf719c79e3fb700f55ca03e9a
-CVE-2016-7114
+CVE-2016-7114 (A vulnerability has been identified in Firmware variant PROFINET IO fo ...)
 	NOT-FOR-US: Siemens
-CVE-2016-7113
+CVE-2016-7113 (A vulnerability has been identified in Firmware variant PROFINET IO fo ...)
 	NOT-FOR-US: Siemens
-CVE-2016-7112
+CVE-2016-7112 (A vulnerability has been identified in Firmware variant PROFINET IO fo ...)
 	NOT-FOR-US: Siemens
-CVE-2016-10057
+CVE-2016-10057 (Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in I ...)
 	{DSA-3675-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10056
+CVE-2016-10056 (Buffer overflow in the sixel_decode function in coders/sixel.c in Imag ...)
 	{DSA-3675-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10055
+CVE-2016-10055 (Buffer overflow in the WritePDBImage function in coders/pdb.c in Image ...)
 	{DSA-3675-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10054
+CVE-2016-10054 (Buffer overflow in the WriteMAPImage function in coders/map.c in Image ...)
 	{DSA-3675-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #836172)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10053
+CVE-2016-10053 (The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9 ...)
 	{DSA-3675-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #836171)
 	[wheezy] - imagemagick <not-affected> (Vulnerability likely introduced in a version after 6.7.7.10)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f983dcdf9c178e0cbc49608a78713c5669aa1bb5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-7118
+CVE-2016-7118 (fs/fcntl.c in the "aufs 3.2.x+setfl-debian" patch in the linux-image p ...)
 	{DLA-609-1}
 	- linux <not-affected>
 	NOTE: Bit of complicated tracking information. For jessie the affected version is not in any yet
 	NOTE: released version, thus should be n/a. wheezy OTOH, has already the issue in a released version. Issue then was fixed in 3.2.81-2 in DLA-609-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/31/1
-CVE-2016-7116
+CVE-2016-7116 (Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick E ...)
 	{DLA-1599-1 DLA-619-1 DLA-618-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #836502)
 	- qemu-kvm <removed>
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=56f101ecce0eafd09e2daf1c4eeb1377d6959261
 	NOTE: May as well need: http://git.qemu.org/?p=qemu.git;a=commit;h=fff39a7ad09da07ef490de05c92c91f22f8002f2
-CVE-2016-7110
+CVE-2016-7110 (Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows ...)
 	NOT-FOR-US: Huawei UMA
-CVE-2016-7109
+CVE-2016-7109 (Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows ...)
 	NOT-FOR-US: Huawei UMA
-CVE-2016-7108
+CVE-2016-7108 (Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 ...)
 	NOT-FOR-US: Huawei UMA
-CVE-2016-7107
+CVE-2016-7107 (Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 ...)
 	NOT-FOR-US: Huawei UMA
 CVE-2016-7106
 	RESERVED
@@ -10952,28 +10952,28 @@ CVE-2016-7105
 	RESERVED
 CVE-2016-7104
 	RESERVED
-CVE-2016-7102
+CVE-2016-7102 (ownCloud Desktop before 2.2.3 allows local users to execute arbitrary  ...)
 	NOT-FOR-US: ownCloud Desktop
-CVE-2016-7101
+CVE-2016-7101 (The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers t ...)
 	{DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #836776)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u5
 CVE-2016-7100
 	RESERVED
-CVE-2016-7099
+CVE-2016-7099 (The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, ...)
 	- nodejs 4.6.0~dfsg-1 (bug #839714; unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/
 	NOTE: 0.10.x: https://github.com/nodejs/node/commit/0d7e21ee7bcc79046f898f8c202d2ec87d23d711
 	NOTE: 4.x: https://github.com/nodejs/node/commit/3ff82deb2c3bd580d64be75dbafe460393c952fb
 CVE-2016-7096
 	RESERVED
-CVE-2016-7095
+CVE-2016-7095 (Exponent CMS before 2.3.9 is vulnerable to an attacker uploading a mal ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2016-7111
+CVE-2016-7111 (MantisBT before 1.3.1 and 2.x before 2.0.0-beta.2 uses a weak Content  ...)
 	- mantis <not-affected> (Vulnerable code introduced in 1.3.0-rc.2)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/b3511d2feb47eaee41feb5f69cf3c8a2c9acd229
 	NOTE: https://mantisbt.org/bugs/view.php?id=21263
-CVE-2016-7103
+CVE-2016-7103 (Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 mi ...)
 	- jqueryui 1.12.1+dfsg-1
 	[jessie] - jqueryui <no-dsa> (Minor issue)
 	[wheezy] - jqueryui <no-dsa> (Minor issue)
@@ -10981,26 +10981,26 @@ CVE-2016-7103
 	NOTE: https://github.com/jquery/jquery-ui/pull/1622
 	NOTE: https://github.com/jquery/jquery-ui/pull/1632
 	NOTE: https://github.com/jquery/api.jqueryui.com/issues/281
-CVE-2016-7094
+CVE-2016-7094 (Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS ...)
 	{DSA-3663-1 DLA-614-1}
 	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-187.html
-CVE-2016-7093
+CVE-2016-7093 (Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to ...)
 	- xen <not-affected> (Affects only 4.7.0 and later; 4.6.3 and 4.5.3)
 	NOTE: http://xenbits.xen.org/xsa/advisory-186.html
-CVE-2016-7092
+CVE-2016-7092 (The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32 ...)
 	{DSA-3663-1 DLA-614-1}
 	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-185.html
-CVE-2016-7090
+CVE-2016-7090 (The integrated web server on Siemens SCALANCE M-800 and S615 modules w ...)
 	NOT-FOR-US: Siemens
-CVE-2016-7098
+CVE-2016-7098 (Race condition in wget 1.17 and earlier, when used in recursive or mir ...)
 	- wget 1.18-4 (low; bug #836503)
 	[jessie] - wget <no-dsa> (Minor issue)
 	[wheezy] - wget <no-dsa> (Minor issue)
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=9ffb64ba6a8121909b01e984deddce8d096c498d
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=690c47e3b18c099843cdf557a0425d701fca4957
-CVE-2016-7097
+CVE-2016-7097 (The filesystem implementation in the Linux kernel through 4.8.2 preser ...)
 	{DLA-772-1}
 	- linux 4.7.8-1
 	[jessie] - linux 3.16.39-1
@@ -11008,7 +11008,7 @@ CVE-2016-7097
 	NOTE: http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1368938
 	NOTE: Fixed by: https://git.kernel.org/linus/073931017b49d9458aa351605b43a7e34598caef
-CVE-2016-7091
+CVE-2016-7091 (sudo: It was discovered that the default sudo configuration on Red Hat ...)
 	- sudo <not-affected> (Debian not including INPUTRC in /etc/sudoers)
 	NOTE: Cf. https://bugzilla.redhat.com/show_bug.cgi?id=1339935
 	NOTE: The scope of this CVE is the entire 'INPUTRC should
@@ -11016,35 +11016,35 @@ CVE-2016-7091
 	NOTE: problem, which has both the information disclosure and segmentation
 	NOTE: fault outcomes.
 	NOTE: Debian does not include INPUTRC by default in /etc/sudoers
-CVE-2016-7089
+CVE-2016-7089 (WatchGuard RapidStream appliances allow local users to gain privileges ...)
 	NOT-FOR-US: WatchGuard
 CVE-2016-7088
 	RESERVED
-CVE-2016-7087
+CVE-2016-7087 (Directory traversal vulnerability in the Connection Server in VMware H ...)
 	NOT-FOR-US: VMware
-CVE-2016-7086
+CVE-2016-7086 (The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware  ...)
 	NOT-FOR-US: VMware
-CVE-2016-7085
+CVE-2016-7085 (Untrusted search path vulnerability in the installer in VMware Worksta ...)
 	NOT-FOR-US: VMware
-CVE-2016-7084
+CVE-2016-7084 (tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Wor ...)
 	NOT-FOR-US: VMware
-CVE-2016-7083
+CVE-2016-7083 (VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Playe ...)
 	NOT-FOR-US: VMware
-CVE-2016-7082
+CVE-2016-7082 (VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Playe ...)
 	NOT-FOR-US: VMware
-CVE-2016-7081
+CVE-2016-7081 (Multiple heap-based buffer overflows in VMware Workstation Pro 12.x be ...)
 	NOT-FOR-US: VMware
-CVE-2016-7080
+CVE-2016-7080 (The graphic acceleration functions in VMware Tools 9.x and 10.x before ...)
 	NOT-FOR-US: VMware
-CVE-2016-7079
+CVE-2016-7079 (The graphic acceleration functions in VMware Tools 9.x and 10.x before ...)
 	NOT-FOR-US: VMware
-CVE-2016-7078
+CVE-2016-7078 (foreman before version 1.15.0 is vulnerable to an information leak thr ...)
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/16982
-CVE-2016-7077
+CVE-2016-7077 (foreman before 1.14.0 is vulnerable to an information leak. It was fou ...)
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/16971
-CVE-2016-7076
+CVE-2016-7076 (sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noe ...)
 	{DLA-707-1}
 	- sudo 1.8.18p1-1 (bug #842507)
 	[jessie] - sudo <no-dsa> (Minor issue)
@@ -11053,61 +11053,61 @@ CVE-2016-7076
 	NOTE: https://www.sudo.ws/repos/sudo/rev/7b8357b0a358
 	NOTE: https://www.sudo.ws/repos/sudo/rev/167a518d8129
 	NOTE: Might need as well: https://bugzilla.sudo.ws/show_bug.cgi?id=761
-CVE-2016-7075
+CVE-2016-7075 (It was found that Kubernetes as used by Openshift Enterprise 3 did not ...)
 	- kubernetes 1.5.5+dfsg-1 (bug #795652)
 	NOTE: https://github.com/kubernetes/kubernetes/issues/34517
-CVE-2016-7074
+CVE-2016-7074 (An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and Power ...)
 	{DSA-3764-1 DLA-798-1}
 	- pdns 4.0.2-1
 	- pdns-recursor 4.0.4-1
 	[jessie] - pdns-recursor <not-affected> (Only >= 4.0.0 affected)
 	[wheezy] - pdns-recursor <not-affected> (Only >= 4.0.0 affected)
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-04/
-CVE-2016-7073
+CVE-2016-7073 (An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and Power ...)
 	{DSA-3764-1 DLA-798-1}
 	- pdns 4.0.2-1
 	- pdns-recursor 4.0.4-1
 	[jessie] - pdns-recursor <not-affected> (Only >= 4.0.0 affected)
 	[wheezy] - pdns-recursor <not-affected> (Only >= 4.0.0 affected)
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-04/
-CVE-2016-7072
+CVE-2016-7072 (An issue has been found in PowerDNS Authoritative Server before 3.4.11 ...)
 	{DSA-3764-1 DLA-798-1}
 	- pdns 4.0.2-1
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-03/
-CVE-2016-7071
+CVE-2016-7071 (It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not p ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2016-7070
+CVE-2016-7070 (A privilege escalation flaw was found in the Ansible Tower. When Tower ...)
 	NOT-FOR-US: Ansible Tower
-CVE-2016-7069
+CVE-2016-7069 (An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT r ...)
 	- dnsdist 1.2.0-1 (low; bug #872854)
 	[stretch] - dnsdist 1.1.0-2+deb9u1
 	NOTE: https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2017-01.html
 	NOTE: https://downloads.powerdns.com/patches/2017-01
-CVE-2016-7068
+CVE-2016-7068 (An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and Power ...)
 	{DSA-3764-1 DSA-3763-1 DLA-798-1 DLA-788-1}
 	- pdns 4.0.2-1
 	- pdns-recursor 4.0.4-1
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-02/
-CVE-2016-7067
+CVE-2016-7067 (Monit before version 5.20.0 is vulnerable to a cross site request forg ...)
 	{DLA-732-1}
 	- monit 1:5.20.0-1
 	[jessie] - monit <no-dsa> (Minor issue)
 	NOTE: https://bitbucket.org/tildeslash/monit/commits/c6ec3820e627f85417053e6336de2987f2d863e3?at=master
 	NOTE: Although configured only on localhost, the httpd service is started by
 	NOTE: default and accessible.
-CVE-2016-7066
+CVE-2016-7066 (It was found that the improper default permissions on /tmp/auth direct ...)
 	NOT-FOR-US: admin-cli / jboss-cli in Red Hat
-CVE-2016-7065
+CVE-2016-7065 (The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) ...)
 	NOT-FOR-US: Red Hat JBoss EAP
 CVE-2016-7064
 	RESERVED
 CVE-2016-7063
 	RESERVED
-CVE-2016-7062
+CVE-2016-7062 (rhscon-ceph in Red Hat Storage Console 2 x86_64 and Red Hat Storage Co ...)
 	NOT-FOR-US: Red Hat rhscon-core
-CVE-2016-7061
+CVE-2016-7061 (An information disclosure vulnerability was found in JBoss Enterprise  ...)
 	NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
-CVE-2016-7060
+CVE-2016-7060 (The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does ...)
 	NOT-FOR-US: Red Hat QCI
 CVE-2016-7059
 	REJECTED
@@ -11115,43 +11115,43 @@ CVE-2016-7058
 	REJECTED
 CVE-2016-7057
 	REJECTED
-CVE-2016-7056
+CVE-2016-7056 (A timing attack flaw was found in OpenSSL 1.0.1u and before that could ...)
 	{DSA-3773-1 DLA-814-1}
 	- openssl 1.0.2a-1
 	- openssl1.0 <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://eprint.iacr.org/2016/1195.pdf
 	NOTE: Fixed by: https://git.openssl.org/?p=openssl.git;a=commit;h=f54be179aa4cbbd944728771d7d59ed588158a12
 	NOTE: Fixed by: https://git.openssl.org/?p=openssl.git;a=commit;h=8aed2a7548362e88e84a7feb795a3a97e8395008 (OpenSSL_1_0_2-beta3)
-CVE-2016-7055
+CVE-2016-7055 (There is a carry propagating bug in the Broadwell-specific Montgomery  ...)
 	- openssl 1.1.0c-1 (low)
 	[jessie] - openssl <not-affected> (Only affects 1.0.2 and 1.1.0)
 	[wheezy] - openssl <not-affected> (Only affects 1.0.2 and 1.1.0)
 	- openssl1.0 1.0.2k-1 (low)
 	NOTE: https://www.openssl.org/news/secadv/20161110.txt
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=2fac86d9abeaa643677d1ffd0a139239fdf9406a
-CVE-2016-7054
+CVE-2016-7054 (In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1 ...)
 	- openssl 1.1.0c-1
 	[jessie] - openssl <not-affected> (Only affects 1.1.0)
 	[wheezy] - openssl <not-affected> (Only affects 1.1.0)
 	- openssl1.0 <not-affected> (Only affects 1.1.0)
 	NOTE: https://www.openssl.org/news/secadv/20161110.txt
-CVE-2016-7053
+CVE-2016-7053 (In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS struc ...)
 	- openssl 1.1.0c-1
 	[jessie] - openssl <not-affected> (Only affects 1.1.0)
 	[wheezy] - openssl <not-affected> (Only affects 1.1.0)
 	- openssl1.0 <not-affected> (Only affects 1.1.0)
 	NOTE: https://www.openssl.org/news/secadv/20161110.txt
-CVE-2016-7052
+CVE-2016-7052 (crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to ca ...)
 	- openssl 1.0.2j-1
 	[jessie] - openssl <not-affected> (Introduced in 1.0.2i)
 	[wheezy] - openssl <not-affected> (Introduced in 1.0.2i)
 	NOTE: https://www.openssl.org/news/secadv/20160926.txt
-CVE-2016-7051
+CVE-2016-7051 (XmlMapper in the Jackson XML dataformat component (aka jackson-datafor ...)
 	- jackson-dataformat-xml 2.8.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1378673#c7
 	NOTE: https://github.com/FasterXML/jackson-dataformat-xml/issues/211
 	NOTE: https://github.com/FasterXML/jackson-dataformat-xml/commit/eeff2c312e9d4caa8c9f27b8f740c7529d00524a (2.7.8)
-CVE-2016-7050
+CVE-2016-7050 (SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7 ...)
 	- resteasy 3.0.18-1
 	[jessie] - resteasy <no-dsa> (Minor issue)
 	- resteasy3.0 <not-affected> (Fixed before initial release to Debian)
@@ -11159,57 +11159,57 @@ CVE-2016-7050
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1378613
 CVE-2016-7049
 	RESERVED
-CVE-2016-7048
+CVE-2016-7048 (The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9. ...)
 	NOT-FOR-US: interactive installer used in EnterpriseDB-supplied PostgreSQL packages
-CVE-2016-7047
+CVE-2016-7047 (A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and 5.8 ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2016-7046
+CVE-2016-7046 (Red Hat JBoss Enterprise Application Platform (EAP) 7, when operating  ...)
 	- undertow 1.4.3-1 (bug #838600)
 	NOTE: https://github.com/undertow-io/undertow/commit/c518b5a1784061d807efedcef0a03fcd35a53de2
-CVE-2016-7045
+CVE-2016-7045 (The format_send_to_gui function in the format parsing code in Irssi be ...)
 	{DSA-3672-1}
 	- irssi 0.8.20-1
 	[wheezy] - irssi <not-affected> (Introduced in 0.8.17-beta)
 	NOTE: http://irssi.org/security/irssi_sa_2016.txt
-CVE-2016-7044
+CVE-2016-7044 (The unformat_24bit_color function in the format parsing code in Irssi  ...)
 	{DSA-3672-1}
 	- irssi 0.8.20-1
 	[wheezy] - irssi <not-affected> (Introduced in 0.8.17-beta)
 	NOTE: http://irssi.org/security/irssi_sa_2016.txt
 CVE-2016-7043
 	RESERVED
-CVE-2016-7042
+CVE-2016-7042 (The proc_keys_show function in security/keys/proc.c in the Linux kerne ...)
 	{DSA-3696-1 DLA-670-1}
 	- linux 4.7.8-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373966
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373499
 	NOTE: https://git.kernel.org/linus/03dab869b7b239c4e013ec82aea22e181e441cfc
-CVE-2016-7041
+CVE-2016-7041 (Drools Workbench contains a path traversal vulnerability. The vulnerab ...)
 	NOT-FOR-US: JBoss Drolls Workbench
-CVE-2016-7040
+CVE-2016-7040 (Red Hat CloudForms Management Engine 4.1 does not properly handle regu ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2016-7039
+CVE-2016-7039 (The IP stack in the Linux kernel through 4.8.2 allows remote attackers ...)
 	- linux 4.7.8-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fcd91dd449867c6bfe56a81cabba76b829fd05cd
 	NOTE: Introduced by: https://git.kernel.org/linus/9b174d88c257150562b0101fcc6cb6c3cb74275c (v4.0-rc1)
 	NOTE: Intorduced by: https://git.kernel.org/linus/66e5133f19e901a044fa5eaeeb6ecff4545839e5 (v4.2-rc1)
-CVE-2016-7038
+CVE-2016-7038 (In Moodle 2.x and 3.x, web service tokens are not invalidated when the ...)
 	- moodle 2.7.16+dfsg-1
-CVE-2016-7037
+CVE-2016-7037 (The verify function in Encryption/Symmetric.php in Malcolm Fell jwt be ...)
 	NOT-FOR-US: Malcolm Fell jwt
-CVE-2016-7036
+CVE-2016-7036 (python-jose before 1.3.2 allows attackers to have unspecified impact b ...)
 	NOT-FOR-US: Python jose
-CVE-2016-7035
+CVE-2016-7035 (An authorization flaw was found in Pacemaker before 1.1.16, where it d ...)
 	- pacemaker 1.1.15-3 (bug #843041)
 	[wheezy] - pacemaker <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/ClusterLabs/pacemaker/pull/1166/commits/5a20855d6054ebaae590c09262b328d957cc1fc2
-CVE-2016-7034
+CVE-2016-7034 (The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly han ...)
 	NOT-FOR-US: JBoss BPMS
-CVE-2016-7033
+CVE-2016-7033 (Multiple cross-site scripting (XSS) vulnerabilities in the admin pages ...)
 	NOT-FOR-US: JBoss BPMS
-CVE-2016-7032
+CVE-2016-7032 (sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users  ...)
 	{DLA-707-1}
 	- sudo 1.8.15-1
 	[jessie] - sudo <no-dsa> (Minor issue)
@@ -11219,13 +11219,13 @@ CVE-2016-7032
 	NOTE: https://www.sudo.ws/devel.html#1.8.15rc1
 	NOTE: https://www.sudo.ws/repos/sudo/rev/58a5c06b5257
 	NOTE: https://www.sudo.ws/repos/sudo/rev/a826cd7787e9
-CVE-2016-7031
+CVE-2016-7031 (The RGW code in Ceph before 10.0.1, when authenticated-read ACL is app ...)
 	- ceph 10.2.5-1 (bug #838026)
 	[jessie] - ceph 0.80.7-2+deb8u2
 	NOTE: http://tracker.ceph.com/issues/13207
 	NOTE: https://github.com/ceph/ceph/pull/6057
 	NOTE: https://github.com/ceph/ceph/pull/11045
-CVE-2016-7030
+CVE-2016-7030 (FreeIPA uses a default password policy that locks an account after 5 u ...)
 	- freeipa 4.4.4-1 (bug #849970)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1370493
 	NOTE: https://fedorahosted.org/freeipa/ticket/6561
@@ -11247,207 +11247,207 @@ CVE-2016-7022
 	REJECTED
 CVE-2016-7021
 	REJECTED
-CVE-2016-7020
+CVE-2016-7020 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-7019
+CVE-2016-7019 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7018
+CVE-2016-7018 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7017
+CVE-2016-7017 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7016
+CVE-2016-7016 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7015
+CVE-2016-7015 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7014
+CVE-2016-7014 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7013
+CVE-2016-7013 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7012
+CVE-2016-7012 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7011
+CVE-2016-7011 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7010
+CVE-2016-7010 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7009
+CVE-2016-7009 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7008
+CVE-2016-7008 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7007
+CVE-2016-7007 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7006
+CVE-2016-7006 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7005
+CVE-2016-7005 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7004
+CVE-2016-7004 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7003
+CVE-2016-7003 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7002
+CVE-2016-7002 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7001
+CVE-2016-7001 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-7000
+CVE-2016-7000 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6999
+CVE-2016-6999 (Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6998
+CVE-2016-6998 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6997
+CVE-2016-6997 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6996
+CVE-2016-6996 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6995
+CVE-2016-6995 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6994
+CVE-2016-6994 (Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6993
+CVE-2016-6993 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6992
+CVE-2016-6992 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe
 CVE-2016-6991
 	REJECTED
-CVE-2016-6990
+CVE-2016-6990 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6989
+CVE-2016-6989 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6988
+CVE-2016-6988 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6987
+CVE-2016-6987 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6986
+CVE-2016-6986 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6985
+CVE-2016-6985 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6984
+CVE-2016-6984 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6983
+CVE-2016-6983 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6982
+CVE-2016-6982 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6981
+CVE-2016-6981 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6980
+CVE-2016-6980 (Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 al ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6979
+CVE-2016-6979 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6978
+CVE-2016-6978 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6977
+CVE-2016-6977 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6976
+CVE-2016-6976 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6975
+CVE-2016-6975 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6974
+CVE-2016-6974 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6973
+CVE-2016-6973 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6972
+CVE-2016-6972 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6971
+CVE-2016-6971 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6970
+CVE-2016-6970 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6969
+CVE-2016-6969 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6968
+CVE-2016-6968 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6967
+CVE-2016-6967 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6966
+CVE-2016-6966 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6965
+CVE-2016-6965 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6964
+CVE-2016-6964 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6963
+CVE-2016-6963 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6962
+CVE-2016-6962 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6961
+CVE-2016-6961 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6960
+CVE-2016-6960 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6959
+CVE-2016-6959 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6958
+CVE-2016-6958 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6957
+CVE-2016-6957 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6956
+CVE-2016-6956 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6955
+CVE-2016-6955 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6954
+CVE-2016-6954 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6953
+CVE-2016-6953 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6952
+CVE-2016-6952 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6951
+CVE-2016-6951 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6950
+CVE-2016-6950 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6949
+CVE-2016-6949 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6948
+CVE-2016-6948 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6947
+CVE-2016-6947 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6946
+CVE-2016-6946 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6945
+CVE-2016-6945 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6944
+CVE-2016-6944 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6943
+CVE-2016-6943 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6942
+CVE-2016-6942 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6941
+CVE-2016-6941 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6940
+CVE-2016-6940 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6939
+CVE-2016-6939 (Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6938
+CVE-2016-6938 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6937
+CVE-2016-6937 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6936
+CVE-2016-6936 (Adobe AIR SDK &amp; Compiler before 23.0.0.257 on Windows does not sup ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6935
+CVE-2016-6935 (Unquoted Windows search path vulnerability in Adobe Creative Cloud Des ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6934
+CVE-2016-6934 (Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11. ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6933
+CVE-2016-6933 (Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11. ...)
 	NOT-FOR-US: Adobe
-CVE-2016-6932
+CVE-2016-6932 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6931
+CVE-2016-6931 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6930
+CVE-2016-6930 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6929
+CVE-2016-6929 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 a ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2016-6928
 	REJECTED
-CVE-2016-6927
+CVE-2016-6927 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6926
+CVE-2016-6926 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6925
+CVE-2016-6925 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6924
+CVE-2016-6924 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6923
+CVE-2016-6923 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6922
+CVE-2016-6922 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6921
+CVE-2016-6921 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-6920
+CVE-2016-6920 (Heap-based buffer overflow in the decode_block function in libavcodec/ ...)
 	- ffmpeg 7:3.1.3-1
 	- libav <not-affected>
 	NOTE: Vulnerable code not present in any Libav version.
@@ -11455,70 +11455,70 @@ CVE-2016-6919
 	RESERVED
 CVE-2016-6918
 	RESERVED
-CVE-2016-6917
+CVE-2016-6917 (Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6916
+CVE-2016-6916 (Integer overflow in nvhost_job.c in the NVIDIA video driver for Androi ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6915
+CVE-2016-6915 (Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6914
+CVE-2016-6914 (Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions fo ...)
 	NOT-FOR-US: Ubiquiti UniFi Video
-CVE-2016-6913
+CVE-2016-6913 (Cross-site scripting (XSS) vulnerability in AlienVault OSSIM before 5. ...)
 	NOT-FOR-US: OSSIM
-CVE-2016-6912
+CVE-2016-6912 (Double free vulnerability in the gdImageWebPtr function in the GD Grap ...)
 	{DSA-3777-1}
 	- libgd2 2.2.4-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/libgd/libgd/commit/a49feeae76d41959d85ee733925a4cf40bac61b2
-CVE-2016-6910
+CVE-2016-6910 (The non-existent notification listener vulnerability was introduced in ...)
 	NOT-FOR-US: Android build by Samsung
-CVE-2016-6909
+CVE-2016-6909 (Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4. ...)
 	NOT-FOR-US: Fortinet
-CVE-2016-6908
+CVE-2016-6908 (Characters from languages are such as Arabic, Hebrew are displayed fro ...)
 	NOT-FOR-US: Opera
 CVE-2016-6907
 	RESERVED
-CVE-2016-6906
+CVE-2016-6906 (The read_image_tga function in gd_tga.c in the GD Graphics Library (ak ...)
 	{DSA-3777-1}
 	- libgd2 2.2.4-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415
 	NOTE: Fixed by: https://github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558
-CVE-2016-6904
+CVE-2016-6904 (Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 cont ...)
 	NOT-FOR-US: NetAPP
-CVE-2016-6901
+CVE-2016-6901 (Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR50 ...)
 	NOT-FOR-US: Huawei Routers
-CVE-2016-6900
+CVE-2016-6900 (The Intelligent Baseboard Management Controller (iBMC) in Huawei RH128 ...)
 	NOT-FOR-US: Huawei FusionServer
-CVE-2016-6899
+CVE-2016-6899 (The Intelligent Baseboard Management Controller (iBMC) in Huawei RH128 ...)
 	NOT-FOR-US: Huawei FusionServer
-CVE-2016-6898
+CVE-2016-6898 (XML external entity (XXE) vulnerability in the Hyper Management Module ...)
 	NOT-FOR-US: Huawei FusionServer
 CVE-2016-6895
 	REJECTED
-CVE-2016-6894
+CVE-2016-6894 (Arista EOS 4.15 before 4.15.8M, 4.16 before 4.16.7M, and 4.17 before 4 ...)
 	NOT-FOR-US: Arista EOS
-CVE-2016-6892
+CVE-2016-6892 (The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remot ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.kb.cert.org/vuls/id/396440
-CVE-2016-6891
+CVE-2016-6891 (MatrixSSL before 3.8.6 allows remote attackers to cause a denial of se ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.kb.cert.org/vuls/id/396440
-CVE-2016-6890
+CVE-2016-6890 (Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote att ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.kb.cert.org/vuls/id/396440
 CVE-2016-6889
 	RESERVED
-CVE-2016-6881
+CVE-2016-6881 (The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1. ...)
 	- ffmpeg 7:3.1.3-1 (unimportant)
 	- libav <not-affected>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/26/6
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/4770eac6
 	NOTE: Vulnerable code not present in any Libav version.
-CVE-2016-6902
+CVE-2016-6902 (lshell 0.9.16 allows remote authenticated users to break out of a limi ...)
 	- lshell <removed> (bug #834949)
 	[wheezy] - lshell <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ghantoos/lshell/issues/147
@@ -11526,26 +11526,26 @@ CVE-2016-6902
 	NOTE: As for 2016-08-23 https://github.com/ghantoos/lshell/issues/147#issuecomment-241366750 ist still
 	NOTE: as well under the scope of CVE-2016-6902, until "there is further vendor followup
 	NOTE: about issues/147" and possibly a new/additional CVE assignment.
-CVE-2016-6903
+CVE-2016-6903 (lshell 0.9.16 allows remote authenticated users to break out of a limi ...)
 	- lshell <removed> (bug #834946)
 	[wheezy] - lshell <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ghantoos/lshell/issues/149
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/22/15
-CVE-2016-6897
+CVE-2016-6897 (Cross-site request forgery (CSRF) vulnerability in the wp_ajax_update_ ...)
 	- wordpress 4.6.1+dfsg-1 (bug #837090)
 	[jessie] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2)
 	[wheezy] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2)
 	NOTE: http://seclists.org/oss-sec/2016/q3/347
 	NOTE: https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html
 	NOTE: https://core.trac.wordpress.org/changeset/38168
-CVE-2016-6896
+CVE-2016-6896 (Directory traversal vulnerability in the wp_ajax_update_plugin functio ...)
 	- wordpress 4.6.1+dfsg-1 (bug #837090)
 	[jessie] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2)
 	[wheezy] - wordpress <not-affected> (wp_ajax_update_plugin function introduced in 4.2)
 	NOTE: http://seclists.org/oss-sec/2016/q3/347
 	NOTE: https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html
 	NOTE: https://core.trac.wordpress.org/changeset/38168
-CVE-2016-6893
+CVE-2016-6893 (Cross-site request forgery (CSRF) vulnerability in the user options pa ...)
 	{DSA-3668-1 DLA-608-1}
 	- mailman 1:2.1.23-1 (bug #835970)
 	NOTE: https://mail.python.org/pipermail/mailman-announce/2016-August/000225.html
@@ -11553,15 +11553,15 @@ CVE-2016-6893
 	NOTE: https://mail.python.org/pipermail/mailman-announce/2016-August/000226.html
 CVE-2016-6880
 	RESERVED
-CVE-2016-6879
+CVE-2016-6879 (The X509_Certificate::allowed_usage function in botan 1.11.x before 1. ...)
 	- botan1.10 <not-affected> (Introduced in 1.11.0)
 	NOTE: Introduced in 1.11.0, fixed in 1.11.31
-CVE-2016-6878
+CVE-2016-6878 (The Curve25519 code in botan before 1.11.31, on systems without a nati ...)
 	- botan1.10 <not-affected> (Introduced in 1.11.12)
 	NOTE: Introduced in 1.11.12, fixed in 1.11.31
-CVE-2016-6877
+CVE-2016-6877 (** DISPUTED ** Citrix XenMobile Server before 10.5.0.24 allows man-in- ...)
 	NOT-FOR-US: Citrix
-CVE-2016-6876
+CVE-2016-6876 (The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link  ...)
 	NOT-FOR-US: F5
 CVE-2016-6869
 	RESERVED
@@ -11581,65 +11581,65 @@ CVE-2016-6861
 	RESERVED
 CVE-2016-6860
 	RESERVED
-CVE-2016-6859
+CVE-2016-6859 (Hybris Management Console (HMC) in SAP Hybris before 6.0 allows remote ...)
 	NOT-FOR-US: SAP Hybris
-CVE-2016-6858
+CVE-2016-6858 (Cross-site scripting (XSS) vulnerability in the Create Employee featur ...)
 	NOT-FOR-US: SAP Hybris
-CVE-2016-6857
+CVE-2016-6857 (Cross-site scripting (XSS) vulnerability in the Create Catalogue featu ...)
 	NOT-FOR-US: SAP Hybris
-CVE-2016-6856
+CVE-2016-6856 (Cross-site scripting (XSS) vulnerability in the Inbox Search feature i ...)
 	NOT-FOR-US: SAP Hybris
-CVE-2016-6855
+CVE-2016-6855 (Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, a ...)
 	{DLA-605-1}
 	- eog 3.20.4-1
 	[jessie] - eog <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=770143
 	NOTE: https://git.gnome.org/browse/eog/commit/?id=e99a8c00f959652fe7c10e2fa5a3a7a5c25e6af4
-CVE-2016-6854
+CVE-2016-6854 (An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Sc ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6853
+CVE-2016-6853 (An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Sc ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6852
+CVE-2016-6852 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6851
+CVE-2016-6851 (An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Sc ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6850
+CVE-2016-6850 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8 ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2016-6849
 	RESERVED
-CVE-2016-6848
+CVE-2016-6848 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6847
+CVE-2016-6847 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6846
+CVE-2016-6846 (Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6845
+CVE-2016-6845 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6844
+CVE-2016-6844 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6843
+CVE-2016-6843 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-6842
+CVE-2016-6842 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8 ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2016-6841
 	RESERVED
-CVE-2016-6840
+CVE-2016-6840 (Cross-site scripting (XSS) vulnerability in the management interface i ...)
 	NOT-FOR-US: Huawei
-CVE-2016-6839
+CVE-2016-6839 (CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 ...)
 	NOT-FOR-US: Huawei FusionAccess
-CVE-2016-6838
+CVE-2016-6838 (Huawei X6800 and XH620 V3 servers with software before V100R003C00SPC6 ...)
 	NOT-FOR-US: Huawei FusionServer
-CVE-2016-6829
+CVE-2016-6829 (The trove service user in (1) Openstack deployment (aka crowbar-openst ...)
 	NOT-FOR-US: Crowbar Framework
-CVE-2016-6827
+CVE-2016-6827 (Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES key ...)
 	NOT-FOR-US: Huawei FusionCompute
-CVE-2016-6826
+CVE-2016-6826 (Huawei AnyMail before 2.6.0301.0060 allows remote attackers to cause a ...)
 	NOT-FOR-US: Huawei AnyMail
-CVE-2016-6825
+CVE-2016-6825 (Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V ...)
 	NOT-FOR-US: Huawei FusionServer Node
-CVE-2016-6824
+CVE-2016-6824 (Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with softwa ...)
 	NOT-FOR-US: Huawei Campus Switch
-CVE-2016-6888
+CVE-2016-6888 (Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt. ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #834902)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
@@ -11647,25 +11647,25 @@ CVE-2016-6888
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg03176.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=47882fa4975bf0b58dd74474329fdd7154e8f04c
-CVE-2016-6875
+CVE-2016-6875 (Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attac ...)
 	- hhvm 3.12.11+dfsg-1 (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/1888810e77b446a79a7674784d5f139fcfa605e2
-CVE-2016-6874
+CVE-2016-6874 (The array_*_recursive functions in Facebook HHVM before 3.15.0 allows  ...)
 	- hhvm 3.12.11+dfsg-1 (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/05e706d98f748f609b19d8697e490eaab5007d69
-CVE-2016-6873
+CVE-2016-6873 (Self recursion in compact in Facebook HHVM before 3.15.0 allows attack ...)
 	- hhvm 3.12.11+dfsg-1 (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/e264f04ae825a5d97758130cf8eec99862517e7e
-CVE-2016-6872
+CVE-2016-6872 (Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 ...)
 	- hhvm 3.12.11+dfsg-1 (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/2c9a8fcc73a151608634d3e712973d192027c271
-CVE-2016-6871
+CVE-2016-6871 (Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attac ...)
 	- hhvm 3.12.11+dfsg-1 (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/c00fc9d3003eb06226b58b6a48555f1456ee2475
-CVE-2016-6870
+CVE-2016-6870 (Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, a ...)
 	- hhvm 3.12.11+dfsg-1 (bug #835032)
 	NOTE: https://github.com/facebook/hhvm/commit/365abe807cab2d60dc9ec307292a06181f77a9c2
-CVE-2016-6866
+CVE-2016-6866 (slock allows attackers to bypass the screen lock via vectors involving ...)
 	{DLA-598-1}
 	- suckless-tools 41-1
 	[jessie] - suckless-tools 40-1+deb8u2
@@ -11675,24 +11675,24 @@ CVE-2016-6866
 	NOTE: and with the patch readpw(dpy, pws) is not called anymore, and
 	NOTE: thus in readpw, not calling crypt(passwd, pws) with a possibly
 	NOTE: empty pws.
-CVE-2016-6837
+CVE-2016-6837 (Cross-site scripting (XSS) vulnerability in MantisBT Filter API in Man ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (unsupported)
 	NOTE: https://mantisbt.org/bugs/view.php?id=21611
 	NOTE: https://github.com/mantisbt/mantisbt/commit/7086c2d8b4b20ac14013b36761ac04f0abf21a4e
-CVE-2016-6832
+CVE-2016-6832 (Heap-based buffer overflow in the ff_audio_resample function in resamp ...)
 	- libav 6:11.4-1
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://blogs.gentoo.org/ago/2016/08/07/libav-heap-based-buffer-overflow-in-ff_audio_resample-resample-c/
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=0ac8ff618c5e6d878c547a8877e714ed728950ce
 	NOTE: Claimed to not affect ffmpeg
-CVE-2016-6831
+CVE-2016-6831 (The "process-execute" and "process-spawn" procedures did not free memo ...)
 	{DLA-643-1}
 	- chicken 4.12.0-0.2 (bug #834845)
 	[stretch] - chicken <no-dsa> (Minor issue)
 	[jessie] - chicken <no-dsa> (Minor issue)
 	NOTE: Fixed in the same upstream patch which is provided for CVE-2016-6830
-CVE-2016-6830
+CVE-2016-6830 (The "process-execute" and "process-spawn" procedures in CHICKEN Scheme ...)
 	{DLA-643-1}
 	- chicken 4.12.0-0.2 (bug #834845)
 	[stretch] - chicken <no-dsa> (Minor issue)
@@ -11700,7 +11700,7 @@ CVE-2016-6830
 	NOTE: http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html
 	NOTE: https://lists.nongnu.org/archive/html/chicken-hackers/2016-07/txtSWHYeFeG0R.txt
 	NOTE: http://bugs.call-cc.org/ticket/1308
-CVE-2016-6828
+CVE-2016-6828 (The tcp_check_send_head function in include/net/tcp.h in the Linux ker ...)
 	{DSA-3659-1 DLA-609-1}
 	- linux 4.7.2-1
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/bb1fceca22492109be12640d49f5ea5a544c6bb4
@@ -11708,18 +11708,18 @@ CVE-2016-6822
 	RESERVED
 CVE-2016-6821
 	RESERVED
-CVE-2016-6820
+CVE-2016-6820 (MetroCluster Tiebreaker for clustered Data ONTAP in versions before 1. ...)
 	NOT-FOR-US: MetroCluster Tiebreaker
 CVE-2016-6819
 	RESERVED
-CVE-2016-6818
+CVE-2016-6818 (SQL injection vulnerability in SAP Business Intelligence platform befo ...)
 	NOT-FOR-US: SAP
-CVE-2016-6817
+CVE-2016-6817 (The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8. ...)
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 <not-affected> (Only affects 9.x and 8.5.x)
 	- tomcat7 <not-affected> (Only affects 9.x and 8.5.x)
 	- tomcat6 <not-affected> (Only affects 9.x and 8.5.x)
-CVE-2016-6816
+CVE-2016-6816 (The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0 ...)
 	{DSA-3739-1 DSA-3738-1 DLA-729-1 DLA-728-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.39-1
@@ -11730,62 +11730,62 @@ CVE-2016-6816
 	NOTE: Fixed by: http://svn.apache.org/r1767653 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1767675 (7.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1767683 (6.0.x)
-CVE-2016-6815
+CVE-2016-6815 (In Apache Ranger before 0.6.2, users with "keyadmin" role should not b ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2016-6814
+CVE-2016-6814 (When an application with unsupported Codehaus versions of Groovy from  ...)
 	{DLA-794-1}
 	- groovy 2.4.8-1 (bug #851408)
 	[jessie] - groovy 1.8.6-4+deb8u2
 	- groovy2 <removed>
 	[jessie] - groovy2 2.2.2+dfsg-3+deb8u2
-CVE-2016-6813
+CVE-2016-6813 (Apache CloudStack 4.1 to 4.8.1.0 and 4.9.0.0 contain an API call desig ...)
 	NOT-FOR-US: Apache CloudStack
-CVE-2016-6812
+CVE-2016-6812 (The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x prio ...)
 	NOT-FOR-US: Apache CXF
-CVE-2016-6811
+CVE-2016-6811 (In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn use ...)
 	- hadoop <itp> (bug #793644)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/01/2
-CVE-2016-6810
+CVE-2016-6810 (In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scri ...)
 	- activemq 5.14.2+dfsg-1 (unimportant)
 	NOTE: Admin console not enabled in the Debian package, see #702670
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2016-6810-announcement.txt
 	NOTE: http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000245.html
 	NOTE: https://jvn.jp/en/jp/JVN78980598/index.html
-CVE-2016-6809
+CVE-2016-6809 (Apache Tika before 1.14 allows Java code execution for serialized obje ...)
 	- tika 1.18-1
 	[jessie] - tika <not-affected> (Matlab file parser introduced in 1.6)
 	NOTE: http://seclists.org/bugtraq/2016/Nov/40
-CVE-2016-6808
+CVE-2016-6808 (Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42. ...)
 	- libapache-mod-jk <not-affected> (Windows/IIS vhost handling specific issue)
 	NOTE: Fixed by: http://svn.apache.org/r1762057
 	NOTE: https://tomcat.apache.org/security-jk.html#Fixed_in_Apache_Tomcat_JK_Connector_1.2.42
 	NOTE: This is though only Windows/IIS specific, thus marked as not-affected, cf. #840000
-CVE-2016-6807
+CVE-2016-6807 (Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2)  ...)
 	NOT-FOR-US: Ambari Agent
-CVE-2016-6806
+CVE-2016-6806 (Apache Wicket 6.x before 6.25.0, 7.x before 7.5.0, and 8.0.0-M1 provid ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2016-6805
+CVE-2016-6805 (Apache Ignite before 1.9 allows man-in-the-middle attackers to read ar ...)
 	NOT-FOR-US: Apache Ignite
-CVE-2016-6804
+CVE-2016-6804 (The Apache OpenOffice installer (versions prior to 4.1.3, including so ...)
 	NOT-FOR-US: Apache OpenOffice installer for Windows
-CVE-2016-6803
+CVE-2016-6803 (An installer defect known as an "unquoted Windows search path vulnerab ...)
 	NOT-FOR-US: Apache OpenOffice installer for Windows
-CVE-2016-6802
+CVE-2016-6802 (Apache Shiro before 1.3.2 allows attackers to bypass intended servlet  ...)
 	- shiro 1.3.2-1
 	[jessie] - shiro <no-dsa> (Minor issue)
-CVE-2016-6801
+CVE-2016-6801 (Cross-site request forgery (CSRF) vulnerability in the CSRF content-ty ...)
 	{DSA-3679-1 DLA-629-1}
 	- jackrabbit 2.12.4-1 (bug #838204)
 	NOTE: http://svn.apache.org/r1758791 (2.4.x)
 	NOTE: http://svn.apache.org/r1758771 (2.6.x)
 	NOTE: http://svn.apache.org/r1758764 (2.8.x)
-CVE-2016-6800
+CVE-2016-6800 (The default configuration of the Apache OFBiz framework offers a blog  ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2016-6799
+CVE-2016-6799 (Product: Apache Cordova Android 5.2.2 and earlier. The application cal ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2016-6798
+CVE-2016-6798 (In the XSS Protection API module before 1.0.12 in Apache Sling, the me ...)
 	NOT-FOR-US: Apache Sling
-CVE-2016-6797
+CVE-2016-6797 (The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9. ...)
 	{DSA-3721-1 DSA-3720-1 DLA-729-1 DLA-728-1}
 	- tomcat8 8.0.37-1 (low)
 	- tomcat7 7.0.72-1 (low; bug #842666)
@@ -11795,7 +11795,7 @@ CVE-2016-6797
 	NOTE: Fixed by: http://svn.apache.org/r1757273 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1757275 (7.0.x)
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1757285 (6.0.x)
-CVE-2016-6796
+CVE-2016-6796 (A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0 ...)
 	{DSA-3721-1 DSA-3720-1 DLA-729-1 DLA-728-1}
 	- tomcat8 8.0.37-1 (low)
 	- tomcat7 7.0.72-1 (low; bug #842665)
@@ -11805,11 +11805,11 @@ CVE-2016-6796
 	NOTE: Fixed by: http://svn.apache.org/r1758494 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1758495 (7.0.x)
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1758496 (6.0.x)
-CVE-2016-6795
+CVE-2016-6795 (In the Convention plugin in Apache Struts 2.3.20 through 2.3.30, it is ...)
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <end-of-life> (no longer supported)
 	NOTE: https://struts.apache.org/docs/s2-042.html
-CVE-2016-6794
+CVE-2016-6794 (When a SecurityManager is configured, a web application's ability to r ...)
 	{DSA-3721-1 DSA-3720-1 DLA-729-1 DLA-728-1}
 	- tomcat8 8.0.37-1 (low)
 	- tomcat7 7.0.72-1 (low; bug #842664)
@@ -11819,282 +11819,282 @@ CVE-2016-6794
 	NOTE: Fixed by: http://svn.apache.org/r1754727 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1754728 (7.0.x)
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1754733 (6.0.x)
-CVE-2016-6793
+CVE-2016-6793 (The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x be ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2016-6823
+CVE-2016-6823 (Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allow ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #834504)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323
-CVE-2016-10052
+CVE-2016-10052 (Buffer overflow in the WriteProfile function in coders/jpeg.c in Image ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #834501)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
 CVE-2016-6792
 	RESERVED
-CVE-2016-6791
+CVE-2016-6791 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6790
+CVE-2016-6790 (An elevation of privilege vulnerability in the NVIDIA libomx library ( ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6789
+CVE-2016-6789 (An elevation of privilege vulnerability in the NVIDIA libomx library ( ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6788
+CVE-2016-6788 (An elevation of privilege vulnerability in the MediaTek I2C driver cou ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-6787
+CVE-2016-6787 (kernel/events/core.c in the performance subsystem in the Linux kernel  ...)
 	{DSA-3791-1 DLA-833-1}
 	- linux 4.0.2-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f63a8daa5812afef4f06c962351687e1ff9ccb2b (v4.0-rc1)
-CVE-2016-6786
+CVE-2016-6786 (kernel/events/core.c in the performance subsystem in the Linux kernel  ...)
 	{DSA-3791-1 DLA-833-1}
 	- linux 4.0.2-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f63a8daa5812afef4f06c962351687e1ff9ccb2b (v4.0-rc1)
-CVE-2016-6785
+CVE-2016-6785 (An elevation of privilege vulnerability in the MediaTek driver could e ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-6784
+CVE-2016-6784 (An elevation of privilege vulnerability in the MediaTek driver could e ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-6783
+CVE-2016-6783 (An elevation of privilege vulnerability in the MediaTek driver could e ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-6782
+CVE-2016-6782 (An elevation of privilege vulnerability in the MediaTek driver could e ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-6781
+CVE-2016-6781 (An elevation of privilege vulnerability in the MediaTek driver could e ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-6780
+CVE-2016-6780 (An elevation of privilege vulnerability in the HTC sound codec driver  ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2016-6779
+CVE-2016-6779 (An elevation of privilege vulnerability in the HTC sound codec driver  ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2016-6778
+CVE-2016-6778 (An elevation of privilege vulnerability in the HTC sound codec driver  ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2016-6777
+CVE-2016-6777 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6776
+CVE-2016-6776 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6775
+CVE-2016-6775 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6774
+CVE-2016-6774 (An information disclosure vulnerability in Package Manager could enabl ...)
 	NOT-FOR-US: Android
-CVE-2016-6773
+CVE-2016-6773 (An information disclosure vulnerability in the ih264d decoder in Media ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6772
+CVE-2016-6772 (An elevation of privilege vulnerability in Wi-Fi could enable a local  ...)
 	NOT-FOR-US: Android
-CVE-2016-6771
+CVE-2016-6771 (An elevation of privilege vulnerability in Telephony could enable a lo ...)
 	NOT-FOR-US: Android
-CVE-2016-6770
+CVE-2016-6770 (An elevation of privilege vulnerability in the Framework API could ena ...)
 	NOT-FOR-US: Android
-CVE-2016-6769
+CVE-2016-6769 (An elevation of privilege vulnerability in Smart Lock could enable a l ...)
 	NOT-FOR-US: Android
-CVE-2016-6768
+CVE-2016-6768 (A remote code execution vulnerability in the Framesequence library cou ...)
 	NOT-FOR-US: Android
-CVE-2016-6767
+CVE-2016-6767 (A denial of service vulnerability in Mediaserver could enable an attac ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6766
+CVE-2016-6766 (A denial of service vulnerability in libmedia and libstagefright in Me ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-6765
+CVE-2016-6765 (A denial of service vulnerability in libstagefright in Mediaserver cou ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-6764
+CVE-2016-6764 (A denial of service vulnerability in Mediaserver could enable an attac ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6763
+CVE-2016-6763 (A denial of service vulnerability in Telephony could enable a local ma ...)
 	NOT-FOR-US: Android
-CVE-2016-6762
+CVE-2016-6762 (An elevation of privilege vulnerability in the libziparchive library c ...)
 	- android-platform-system-core 1:7.0.0+r1-1
 	[jessie] - android-platform-system-core <not-affected> (Vulnerable code not present)
-CVE-2016-6761
+CVE-2016-6761 (An elevation of privilege vulnerability in Qualcomm media codecs could ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6760
+CVE-2016-6760 (An elevation of privilege vulnerability in Qualcomm media codecs could ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6759
+CVE-2016-6759 (An elevation of privilege vulnerability in Qualcomm media codecs could ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6758
+CVE-2016-6758 (An elevation of privilege vulnerability in Qualcomm media codecs could ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6757
+CVE-2016-6757 (An information disclosure vulnerability in Qualcomm components includi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6756
+CVE-2016-6756 (An information disclosure vulnerability in Qualcomm components includi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6755
+CVE-2016-6755 (An elevation of privilege vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6754
+CVE-2016-6754 (A remote code execution vulnerability in Webview in Android 5.0.x befo ...)
 	NOT-FOR-US: Webview for Android
-CVE-2016-6753
+CVE-2016-6753 (An information disclosure vulnerability in kernel components, includin ...)
 	NOT-FOR-US: Android kernel
 	NOTE: https://source.android.com/security/bulletin/2016-11-01.html
-CVE-2016-6752
+CVE-2016-6752 (An information disclosure vulnerability in Qualcomm components includi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6751
+CVE-2016-6751 (An information disclosure vulnerability in Qualcomm components includi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6750
+CVE-2016-6750 (An information disclosure vulnerability in Qualcomm components includi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6749
+CVE-2016-6749 (An information disclosure vulnerability in Qualcomm components includi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6748
+CVE-2016-6748 (An information disclosure vulnerability in Qualcomm components includi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6747
+CVE-2016-6747 (A denial of service vulnerability in Mediaserver in Android before 201 ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6746
+CVE-2016-6746 (An information disclosure vulnerability in the NVIDIA GPU driver in An ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6745
+CVE-2016-6745 (An elevation of privilege vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-6744
+CVE-2016-6744 (An elevation of privilege vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-6743
+CVE-2016-6743 (An elevation of privilege vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-6742
+CVE-2016-6742 (An elevation of privilege vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-6741
+CVE-2016-6741 (An elevation of privilege vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6740
+CVE-2016-6740 (An elevation of privilege vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6739
+CVE-2016-6739 (An elevation of privilege vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6738
+CVE-2016-6738 (An elevation of privilege vulnerability in the Qualcomm crypto engine  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6737
+CVE-2016-6737 (An elevation of privilege vulnerability in the kernel ION subsystem in ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6736
+CVE-2016-6736 (An elevation of privilege vulnerability in the NVIDIA GPU driver in An ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6735
+CVE-2016-6735 (An elevation of privilege vulnerability in the NVIDIA GPU driver in An ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6734
+CVE-2016-6734 (An elevation of privilege vulnerability in the NVIDIA GPU driver in An ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6733
+CVE-2016-6733 (An elevation of privilege vulnerability in the NVIDIA GPU driver in An ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6732
+CVE-2016-6732 (An elevation of privilege vulnerability in the NVIDIA GPU driver in An ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6731
+CVE-2016-6731 (An elevation of privilege vulnerability in the NVIDIA GPU driver in An ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6730
+CVE-2016-6730 (An elevation of privilege vulnerability in the NVIDIA GPU driver in An ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6729
+CVE-2016-6729 (An elevation of privilege vulnerability in the Qualcomm bootloader in  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6728
+CVE-2016-6728 (An elevation of privilege vulnerability in the kernel ION subsystem in ...)
 	NOT-FOR-US: Rowhammer hardware vulnerability on Android devices
 	NOTE: https://www.vusec.net/projects/drammer/
-CVE-2016-6727
+CVE-2016-6727 (The Qualcomm GPS subsystem in Android on Android One devices allows re ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6726
+CVE-2016-6726 (Unspecified vulnerability in Qualcomm components in Android on Nexus 6 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6725
+CVE-2016-6725 (A remote code execution vulnerability in the Qualcomm crypto driver in ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6724
+CVE-2016-6724 (A denial of service vulnerability in the Input Manager Service in Andr ...)
 	NOT-FOR-US: Android
-CVE-2016-6723
+CVE-2016-6723 (A denial of service vulnerability in Proxy Auto Config in Android 4.x  ...)
 	NOT-FOR-US: Android
-CVE-2016-6722
+CVE-2016-6722 (An information disclosure vulnerability in libstagefright in Mediaserv ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-6721
+CVE-2016-6721 (An information disclosure vulnerability in Mediaserver in Android 6.x  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6720
+CVE-2016-6720 (An information disclosure vulnerability in libstagefright in Mediaserv ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-6719
+CVE-2016-6719 (An elevation of privilege vulnerability in the Bluetooth component in  ...)
 	NOT-FOR-US: Android
-CVE-2016-6718
+CVE-2016-6718 (An elevation of privilege vulnerability in the Account Manager Service ...)
 	NOT-FOR-US: Android
-CVE-2016-6717
+CVE-2016-6717 (An elevation of privilege vulnerability in Mediaserver in Android 4.x  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6716
+CVE-2016-6716 (An elevation of privilege vulnerability in the AOSP Launcher in Androi ...)
 	NOT-FOR-US: Android
-CVE-2016-6715
+CVE-2016-6715 (An elevation of privilege vulnerability in the Framework APIs in Andro ...)
 	NOT-FOR-US: Android
-CVE-2016-6714
+CVE-2016-6714 (A remote denial of service vulnerability in Mediaserver in Android 6.x ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6713
+CVE-2016-6713 (A remote denial of service vulnerability in Mediaserver in Android 6.x ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6712
+CVE-2016-6712 (A remote denial of service vulnerability in libvpx in Mediaserver in A ...)
 	- libvpx 1.6.1-1
 	[jessie] - libvpx <ignored> (Minpr issue)
 	[wheezy] - libvpx <not-affected> (Vulnerable code not present)
 	NOTE: probably fixed earlier, but this was the version checked
 	NOTE: https://android.googlesource.com/platform/external/libvpx/+/fdb1b40e7bb147c07bda988c9501ad223795d12d
-CVE-2016-6711
+CVE-2016-6711 (A remote denial of service vulnerability in libvpx in Mediaserver in A ...)
 	- libvpx 1.6.1-1
 	[jessie] - libvpx <ignored> (Minpr issue)
 	[wheezy] - libvpx <no-dsa> (Minor issue)
 	NOTE: probably fixed earlier, but this was the version checked
 	NOTE: Wheezy is confirmed (by code inspection) to have vulnerable source.
 	NOTE: https://android.googlesource.com/platform/external/libvpx/+/063be1485e0099bc81ace3a08b0ec9186dcad693
-CVE-2016-6710
+CVE-2016-6710 (An information disclosure vulnerability in the download manager in And ...)
 	NOT-FOR-US: Android
-CVE-2016-6709
+CVE-2016-6709 (An information disclosure vulnerability in Conscrypt and BoringSSL in  ...)
 	NOT-FOR-US: Android
-CVE-2016-6708
+CVE-2016-6708 (An elevation of privilege in the System UI in Android 7.0 before 2016- ...)
 	NOT-FOR-US: Android
-CVE-2016-6707
+CVE-2016-6707 (An elevation of privilege vulnerability in System Server in Android 6. ...)
 	NOT-FOR-US: Android
-CVE-2016-6706
+CVE-2016-6706 (An elevation of privilege vulnerability in libstagefright in Mediaserv ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-6705
+CVE-2016-6705 (An elevation of privilege vulnerability in Mediaserver in Android 5.0. ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6704
+CVE-2016-6704 (An elevation of privilege vulnerability in Mediaserver in Android 4.x  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-6703
+CVE-2016-6703 (A remote code execution vulnerability in an Android runtime library in ...)
 	NOT-FOR-US: Android
-CVE-2016-6702
+CVE-2016-6702 (A remote code execution vulnerability in libjpeg in Android 4.x before ...)
 	- libjpeg-turbo <not-affected> (Android-specific patch, jpeg_open_backing_store in standard releases is just a stub)
-CVE-2016-6701
+CVE-2016-6701 (A remote code execution vulnerability in libskia in Android 7.0 before ...)
 	- skia <itp> (bug #818180)
-CVE-2016-6700
+CVE-2016-6700 (An elevation of privilege vulnerability in libzipfile in Android 4.x b ...)
 	NOT-FOR-US: Android
-CVE-2016-6699
+CVE-2016-6699 (A remote code execution vulnerability in libstagefright in Mediaserver ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-6698
+CVE-2016-6698 (An information disclosure vulnerability in Qualcomm components includi ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-6697
 	RESERVED
-CVE-2016-6696
+CVE-2016-6696 (sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 drive ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6695
+CVE-2016-6695 (sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 drive ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6694
+CVE-2016-6694 (sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 drive ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6693
+CVE-2016-6693 (sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 drive ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6692
+CVE-2016-6692 (drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in An ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6691
+CVE-2016-6691 (service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6690
+CVE-2016-6690 (The sound driver in the kernel in Android before 2016-10-05 on Nexus 5 ...)
 	NOT-FOR-US: Sound driver for Android
-CVE-2016-6689
+CVE-2016-6689 (Binder in the kernel in Android before 2016-10-05 on Nexus devices all ...)
 	NOT-FOR-US: Android Binder
-CVE-2016-6688
+CVE-2016-6688 (The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices al ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6687
+CVE-2016-6687 (The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices al ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6686
+CVE-2016-6686 (The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices al ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6685
+CVE-2016-6685 (The kernel in Android before 2016-10-05 on Nexus 6P devices allows att ...)
 	NOT-FOR-US: Android kernel for Nexus devices
-CVE-2016-6684
+CVE-2016-6684 (The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, ...)
 	NOT-FOR-US: Android kernel for Nexus devices
-CVE-2016-6683
+CVE-2016-6683 (The kernel in Android before 2016-10-05 on Nexus devices allows attack ...)
 	NOT-FOR-US: Android kernel for Nexus devices
-CVE-2016-6682
+CVE-2016-6682 (drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver i ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6681
+CVE-2016-6681 (drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver i ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6680
+CVE-2016-6680 (CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android b ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6679
+CVE-2016-6679 (CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Androi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6678
+CVE-2016-6678 (The Motorola USBNet driver in Android before 2016-10-05 on Nexus 6 dev ...)
 	NOT-FOR-US: Motorola driver for Android
-CVE-2016-6677
+CVE-2016-6677 (The NVIDIA GPU driver in Android before 2016-10-05 on Nexus 9 devices  ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6676
+CVE-2016-6676 (Off-by-one error in CORE/HDD/src/wlan_hdd_cfg.c in the Qualcomm Wi-Fi  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6675
+CVE-2016-6675 (Off-by-one error in CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-6674
+CVE-2016-6674 (system_server in Android before 2016-10-05 on Nexus devices allows att ...)
 	- android <itp> (bug #459219)
-CVE-2016-6673
+CVE-2016-6673 (The NVIDIA camera driver in Android before 2016-10-05 on Nexus 9 devic ...)
 	NOT-FOR-US: Nvidia driver for Android
-CVE-2016-6672
+CVE-2016-6672 (The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-10051
+CVE-2016-10051 (Use-after-free vulnerability in the ReadPWPImage function in coders/pw ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #834183)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30245
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ecc03a2518c2b7dd375fde3a040fdae0bdf6a521
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-6833
+CVE-2016-6833 (Use-after-free vulnerability in the vmxnet3_io_bar0_write function in  ...)
 	{DLA-1497-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #834904)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
@@ -12103,7 +12103,7 @@ CVE-2016-6833
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=6c352ca9b4ee3e1e286ea9e8434bd8e69ac7d0d8
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01602.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/12/1
-CVE-2016-6834
+CVE-2016-6834 (The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in  ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #834905)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, packet abstraction introduced in 1.5)
@@ -12112,7 +12112,7 @@ CVE-2016-6834
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ead315e43ea0c2ca3491209c6c8db8ce3f2bbe05
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01601.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/8
-CVE-2016-6835
+CVE-2016-6835 (The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in  ...)
 	{DLA-1497-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #835031)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
@@ -12120,7 +12120,7 @@ CVE-2016-6835
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-stable/2016-08/msg00077.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/7
-CVE-2016-6836
+CVE-2016-6836 (The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka  ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #834944)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
@@ -12129,21 +12129,21 @@ CVE-2016-6836
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg02108.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1366369
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/11/5
-CVE-2016-6671
+CVE-2016-6671 (The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2  ...)
 	- ffmpeg 7:3.1.2-1
-CVE-2016-6670
+CVE-2016-6670 (Huawei S7700, S9300, S9700, and S12700 devices with software before V2 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-6669
+CVE-2016-6669 (Buffer overflow in the Authentication, Authorization and Accounting (A ...)
 	NOT-FOR-US: Huawei
-CVE-2016-6668
+CVE-2016-6668 (The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 b ...)
 	NOT-FOR-US: Atlassian Hipchat Integration Plugin for Bitbucket Server
-CVE-2016-6667
+CVE-2016-6667 (NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through  ...)
 	NOT-FOR-US: NetApp
 CVE-2016-6666
 	RESERVED
 CVE-2016-6665
 	RESERVED
-CVE-2016-6664
+CVE-2016-6664 (mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and  ...)
 	{DSA-3770-1}
 	- mariadb-10.1 10.1.21-1 (bug #849435; bug #851759)
 	- mariadb-10.0 <removed> (bug #842895; bug #851755)
@@ -12155,7 +12155,7 @@ CVE-2016-6664
 	NOTE: http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html
 	NOTE: Possible fixed by: https://github.com/MariaDB/server/commit/684a165f28b3718160a3e4c5ebd18a465d85e97c
 	NOTE: https://mariadb.com/blog/update-security-vulnerabilities-cve-2016-6663-and-cve-2016-6664-related-mariadb-server
-CVE-2016-6663
+CVE-2016-6663 (Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7 ...)
 	{DSA-3711-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.15-1
@@ -12168,7 +12168,7 @@ CVE-2016-6663
 	NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
 	NOTE: Fixed in Oracle MySQL: 5.5.52, 5.6.33, and 5.7.15.
 	NOTE: http://legalhackers.com/advisories/MySQL-MariaDB-PerconaDB-PrivEsc-Race-CVE-2016-6663-OCVE-2016-5616-Exploit.html
-CVE-2016-6662
+CVE-2016-6662 (Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5 ...)
 	{DSA-3666-1 DLA-624-1}
 	- mariadb-10.0 10.0.27-1
 	[jessie] - mariadb-10.0 10.0.27-0+deb8u1
@@ -12192,156 +12192,156 @@ CVE-2016-6661
 	RESERVED
 CVE-2016-6660
 	REJECTED
-CVE-2016-6659
+CVE-2016-6659 (Cloud Foundry before 248; UAA 2.x before 2.7.4.12, 3.x before 3.6.5, a ...)
 	NOT-FOR-US: Pivotal
-CVE-2016-6658
+CVE-2016-6658 (Applications in cf-release before 245 can be configured and pushed wit ...)
 	NOT-FOR-US: cf-release
-CVE-2016-6657
+CVE-2016-6657 (An open redirect vulnerability has been detected with some Pivotal Clo ...)
 	NOT-FOR-US: Pivotal
-CVE-2016-6656
+CVE-2016-6656 (An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation ...)
 	NOT-FOR-US: Pivotal
-CVE-2016-6655
+CVE-2016-6655 (An issue was discovered in Cloud Foundry Foundation Cloud Foundry rele ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2016-6654
 	REJECTED
-CVE-2016-6653
+CVE-2016-6653 (The MariaDB audit_plugin component in Pivotal Cloud Foundry (PCF) cf-m ...)
 	NOT-FOR-US: Pivotal
-CVE-2016-6652
+CVE-2016-6652 (SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 (G ...)
 	NOT-FOR-US: Pivotal Spring Data
-CVE-2016-6651
+CVE-2016-6651 (The UAA /oauth/token endpoint in Pivotal Cloud Foundry (PCF) before 24 ...)
 	NOT-FOR-US: Pivotal
-CVE-2016-6650
+CVE-2016-6650 (EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtua ...)
 	NOT-FOR-US: EMC
-CVE-2016-6649
+CVE-2016-6649 (EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virt ...)
 	NOT-FOR-US: EMC
-CVE-2016-6648
+CVE-2016-6648 (EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virt ...)
 	NOT-FOR-US: EMC
-CVE-2016-6647
+CVE-2016-6647 (Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 4.0.1  ...)
 	NOT-FOR-US: EMC
-CVE-2016-6646
+CVE-2016-6646 (The vApp Managers web application in EMC Unisphere for VMAX Virtual Ap ...)
 	NOT-FOR-US: VMAX
-CVE-2016-6645
+CVE-2016-6645 (The vApp Managers web application in EMC Unisphere for VMAX Virtual Ap ...)
 	NOT-FOR-US: VMAX
-CVE-2016-6644
+CVE-2016-6644 (EMC Documentum D2 4.5 before patch 15 and 4.6 before patch 03 allows r ...)
 	NOT-FOR-US: EMC
-CVE-2016-6643
+CVE-2016-6643 (Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2  ...)
 	NOT-FOR-US: EMC
-CVE-2016-6642
+CVE-2016-6642 (Cross-site request forgery (CSRF) vulnerability in EMC ViPR SRM before ...)
 	NOT-FOR-US: EMC
-CVE-2016-6641
+CVE-2016-6641 (Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2  ...)
 	NOT-FOR-US: EMC
 CVE-2016-6640
 	REJECTED
-CVE-2016-6639
+CVE-2016-6639 (Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP  ...)
 	NOT-FOR-US: Pivotal
 CVE-2016-6638
 	REJECTED
-CVE-2016-6637
+CVE-2016-6637 (Multiple cross-site request forgery (CSRF) vulnerabilities in Pivotal  ...)
 	NOT-FOR-US: Pivotal
-CVE-2016-6636
+CVE-2016-6636 (The OAuth authorization implementation in Pivotal Cloud Foundry (PCF)  ...)
 	NOT-FOR-US: Pivotal
 CVE-2016-1000038
 	RESERVED
-CVE-2016-10050
+CVE-2016-10050 (Heap-based buffer overflow in the ReadRLEImage function in coders/rle. ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833744)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/73fb0aac5b958521e1511e179ecc0ad49f70ebaf
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10049
+CVE-2016-10049 (Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageM ...)
 	{DSA-3652-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833743)
 	[wheezy] - imagemagick <not-affected> (Vulnerability likely introduced in a version after 6.7.7.10)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10048
+CVE-2016-10048 (Directory traversal vulnerability in magick/module.c in ImageMagick 6. ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.5.7+dfsg-1 (bug #833735)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10047
+CVE-2016-10047 (Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMa ...)
 	{DSA-3652-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833732)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present in version 6.7.7.10)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10046
+CVE-2016-10046 (Heap-based buffer overflow in the DrawImage function in magick/draw.c  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833730)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/989f9f88ea6db09b99d25586e912c921c0da8d3f
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-6887
+CVE-2016-6887 (The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not prop ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6886
+CVE-2016-6886 (The pstm_reverse function in MatrixSSL before 3.8.4 allows remote atta ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6885
+CVE-2016-6885 (The pstm_exptmod function in MatrixSSL before 3.8.4 allows remote atta ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6884
+CVE-2016-6884 (TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL before ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6883
+CVE-2016-6883 (MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: Fixed in 3.8.3 https://github.com/matrixssl/matrixssl/blob/master/doc/CHANGES.md#changes-in-383
 	NOTE: https://robotattack.org/
-CVE-2016-6882
+CVE-2016-6882 (MatrixSSL before 3.8.7, when the DHE_RSA based cipher suite is support ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6635
+CVE-2016-6635 (Cross-site request forgery (CSRF) vulnerability in the wp_ajax_wp_comp ...)
 	{DSA-3681-1 DLA-633-1}
 	- wordpress 4.5+dfsg-1
 	NOTE: https://github.com/WordPress/WordPress/commit/9b7a7754133c50b82bd9d976fb5b24094f658aab
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37143
-CVE-2016-6634
+CVE-2016-6634 (Cross-site scripting (XSS) vulnerability in the network settings page  ...)
 	{DSA-3681-1 DLA-633-1}
 	- wordpress 4.5+dfsg-1
 	NOTE: http://codex.wordpress.org/Version_4.5
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37124
 	NOTE: Fixed by: https://github.com/WordPress/WordPress/commit/cb2b3ed3c7d68f6505bfb5c90257e6aaa3e5fcb9
-CVE-2016-6633
+CVE-2016-6633 (An issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigg ...)
 	- phpmyadmin 4:4.6.4+dfsg1-1 (unimportant)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: dbase extension not available in Debian
-CVE-2016-6632
+CVE-2016-6632 (An issue was discovered in phpMyAdmin where, under certain conditions, ...)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-55/
-CVE-2016-6631
+CVE-2016-6631 (An issue was discovered in phpMyAdmin. A user can execute a remote cod ...)
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-54/
-CVE-2016-6630
+CVE-2016-6630 (An issue was discovered in phpMyAdmin. An authenticated user can trigg ...)
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-53/
-CVE-2016-6629
+CVE-2016-6629 (An issue was discovered in phpMyAdmin involving the $cfg['ArbitrarySer ...)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-52/
-CVE-2016-6628
+CVE-2016-6628 (An issue was discovered in phpMyAdmin. An attacker may be able to trig ...)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-51/
-CVE-2016-6627
+CVE-2016-6627 (An issue was discovered in phpMyAdmin. An attacker can determine the p ...)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <no-dsa> (Not critical enough)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-50/
-CVE-2016-6626
+CVE-2016-6626 (An issue was discovered in phpMyAdmin. An attacker could redirect a us ...)
 	{DLA-757-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-49/
-CVE-2016-6625
+CVE-2016-6625 (An issue was discovered in phpMyAdmin. An attacker can determine wheth ...)
 	- phpmyadmin 4:4.6.4+dfsg1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-48/
 	NOTE: The solution is to remove a configuration option. This option
@@ -12350,105 +12350,105 @@ CVE-2016-6625
 	NOTE: printing can show more information than what should be used in
 	NOTE: a production environment. This is the motivation that it is not
 	NOTE: solved for wheezy.
-CVE-2016-6624
+CVE-2016-6624 (An issue was discovered in phpMyAdmin involving improper enforcement o ...)
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-47/
-CVE-2016-6623
+CVE-2016-6623 (An issue was discovered in phpMyAdmin. An authorized user can cause a  ...)
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-46/
-CVE-2016-6622
+CVE-2016-6622 (An issue was discovered in phpMyAdmin. An unauthenticated user is able ...)
 	{DLA-1415-1 DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-45/
-CVE-2016-6621
+CVE-2016-6621 (The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15. ...)
 	{DLA-1415-1 DLA-834-1}
 	- phpmyadmin 4:4.6.6-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-44/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/issues/12481
-CVE-2016-6620
+CVE-2016-6620 (An issue was discovered in phpMyAdmin. Some data is passed to the PHP  ...)
 	{DLA-1415-1 DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-43/
-CVE-2016-6619
+CVE-2016-6619 (An issue was discovered in phpMyAdmin. In the user interface preferenc ...)
 	{DLA-1415-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-42/
-CVE-2016-6618
+CVE-2016-6618 (An issue was discovered in phpMyAdmin. The transformation feature allo ...)
 	{DLA-1415-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-41/
-CVE-2016-6617
+CVE-2016-6617 (An issue was discovered in phpMyAdmin. A specially crafted database an ...)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <not-affected> (Only affects 4.6.x)
 	[wheezy] - phpmyadmin <not-affected> (Only affects 4.6.x)
-CVE-2016-6616
+CVE-2016-6616 (An issue was discovered in phpMyAdmin. In the "User group" and "Design ...)
 	{DLA-1415-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[wheezy] - phpmyadmin <not-affected> (Only affects 4.4.x onward)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-39/
-CVE-2016-6615
+CVE-2016-6615 (XSS issues were discovered in phpMyAdmin. This affects navigation pane ...)
 	{DLA-1415-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-38/
-CVE-2016-6614
+CVE-2016-6614 (An issue was discovered in phpMyAdmin involving the %u username replac ...)
 	{DLA-1415-1 DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-37/
-CVE-2016-6613
+CVE-2016-6613 (An issue was discovered in phpMyAdmin. A user can specially craft a sy ...)
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-36/
-CVE-2016-6612
+CVE-2016-6612 (An issue was discovered in phpMyAdmin. A user can exploit the LOAD LOC ...)
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-35/
-CVE-2016-6611
+CVE-2016-6611 (An issue was discovered in phpMyAdmin. A specially crafted database an ...)
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-34/
-CVE-2016-6610
+CVE-2016-6610 (A full path disclosure vulnerability was discovered in phpMyAdmin wher ...)
 	- phpmyadmin 4:4.6.4+dfsg1-1 (unimportant)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-33/
 	NOTE: Not relevant to packaged version in Debian
-CVE-2016-6609
+CVE-2016-6609 (An issue was discovered in phpMyAdmin. A specially crafted database na ...)
 	{DLA-1415-1 DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-32/
-CVE-2016-6608
+CVE-2016-6608 (XSS issues were discovered in phpMyAdmin. This affects the database pr ...)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <not-affected> (Only affects 4.6.x)
 	[wheezy] - phpmyadmin <not-affected> (Only affects 4.6.x)
-CVE-2016-6607
+CVE-2016-6607 (XSS issues were discovered in phpMyAdmin. This affects Zoom search (sp ...)
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-30/
-CVE-2016-6606
+CVE-2016-6606 (An issue was discovered in cookie encryption in phpMyAdmin. The decryp ...)
 	{DLA-626-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-29/
-CVE-2016-6605
+CVE-2016-6605 (Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to ...)
 	NOT-FOR-US: Impala
-CVE-2016-6604
+CVE-2016-6604 (NULL pointer dereference in Samsung Exynos fimg2d driver for Android L ...)
 	NOT-FOR-US: Samsung
-CVE-2016-7513
+CVE-2016-7513 (Off-by-one error in magick/cache.c in ImageMagick allows remote attack ...)
 	{DSA-3652-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832455)
 	[wheezy] - imagemagick <not-affected> (Affected code does not exist in version 6.7.7.10)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a54fe0e8600eaf3dc6fe717d3c0398001507f723
-CVE-2016-7514
+CVE-2016-7514 (The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allow ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832457)
 	NOTE: https://bugs.launchpad.net/bugs/1533442
@@ -12458,52 +12458,52 @@ CVE-2016-7514
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7515
+CVE-2016-7515 (The ReadRLEImage function in coders/rle.c in ImageMagick allows remote ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832461)
 	NOTE: https://bugs.launchpad.net/bugs/1533445
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/82
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7516
+CVE-2016-7516 (The ReadVIFFImage function in coders/viff.c in ImageMagick allows remo ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832467)
 	NOTE: https://bugs.launchpad.net/bugs/1533452
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/77
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7517
+CVE-2016-7517 (The EncodeImage function in coders/pict.c in ImageMagick allows remote ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832467)
 	NOTE: https://bugs.launchpad.net/bugs/1533449
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/80
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7518
+CVE-2016-7518 (The ReadSUNImage function in coders/sun.c in ImageMagick allows remote ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832467)
 	NOTE: https://bugs.launchpad.net/bugs/1533447
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/81
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7519
+CVE-2016-7519 (The ReadRLEImage function in coders/rle.c in ImageMagick allows remote ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832467)
 	NOTE: https://bugs.launchpad.net/bugs/1533445
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/82
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7520
+CVE-2016-7520 (Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remot ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832469)
 	NOTE: https://bugs.launchpad.net/bugs/1537213
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/90
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7521
+CVE-2016-7521 (Heap-based buffer overflow in coders/psd.c in ImageMagick allows remot ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832474)
 	NOTE: https://bugs.launchpad.net/bugs/1537418
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/92
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7522
+CVE-2016-7522 (The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832475)
 	NOTE: https://bugs.launchpad.net/bugs/1537419
@@ -12523,7 +12523,7 @@ CVE-2016-7524
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832478)
 	NOTE: https://bugs.launchpad.net/bugs/1537422
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/96
-CVE-2016-7525
+CVE-2016-7525 (Heap-based buffer overflow in coders/psd.c in ImageMagick allows remot ...)
 	{DSA-3652-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832480)
 	[wheezy] - imagemagick <not-affected> (The affected function, GetPSDRowSize, does not exist in version 6.7.7.10)
@@ -12531,7 +12531,7 @@ CVE-2016-7525
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/98
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5f16640725b1225e6337c62526e6577f0f88edb8
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7526
+CVE-2016-7526 (coders/wpg.c in ImageMagick allows remote attackers to cause a denial  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832482)
 	NOTE: https://bugs.launchpad.net/bugs/1539050
@@ -12539,21 +12539,21 @@ CVE-2016-7526
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b6ae2f9e0ab13343c0281732d479757a8e8979c7
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d9b2209a69ee90d8df81fb124eb66f593eb9f599
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7527
+CVE-2016-7527 (coders/wpg.c in ImageMagick allows remote attackers to cause a denial  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832482)
 	NOTE: https://bugs.launchpad.net/bugs/1542115
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/122
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7528
+CVE-2016-7528 (The ReadVIFFImage function in coders/viff.c in ImageMagick allows remo ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832483)
 	NOTE: https://bugs.launchpad.net/bugs/1537425
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/99
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7529
+CVE-2016-7529 (coders/xcf.c in ImageMagick allows remote attackers to cause a denial  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832504)
 	NOTE: https://bugs.launchpad.net/bugs/1539051
@@ -12562,7 +12562,7 @@ CVE-2016-7529
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/103
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7530
+CVE-2016-7530 (The quantum handling code in ImageMagick allows remote attackers to ca ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832506)
 	NOTE: https://bugs.launchpad.net/bugs/1539067
@@ -12573,91 +12573,91 @@ CVE-2016-7530
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/110
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b5ed738f8060266bf4ae521f7e3ed145aa4498a3
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7531
+CVE-2016-7531 (MagickCore/memory.c in ImageMagick allows remote attackers to cause a  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832633)
 	NOTE: https://bugs.launchpad.net/bugs/1539061
 	NOTE: https://bugs.launchpad.net/bugs/1542112
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/107
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7532
+CVE-2016-7532 (coders/psd.c in ImageMagick allows remote attackers to cause a denial  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832776)
 	NOTE: https://bugs.launchpad.net/bugs/1539066
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/109
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7533
+CVE-2016-7533 (The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832780)
 	NOTE: https://bugs.launchpad.net/bugs/1542114
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/120
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/bef1e4f637d8f665bc133a9c6d30df08d983bc3a
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7534
+CVE-2016-7534 (The generic decoder in ImageMagick allows remote attackers to cause a  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832785)
 	NOTE: https://bugs.launchpad.net/bugs/1542785
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/126
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/430403b0029b37decf216d57f810899cab2317dd
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7535
+CVE-2016-7535 (coders/psd.c in ImageMagick allows remote attackers to cause a denial  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832787)
 	NOTE: https://bugs.launchpad.net/bugs/1545180
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/128
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7536
+CVE-2016-7536 (magick/profile.c in ImageMagick allows remote attackers to cause a den ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832789)
 	NOTE: https://bugs.launchpad.net/bugs/1545367
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/130
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/478cce544fdf1de882d78381768458f397964453
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7537
+CVE-2016-7537 (MagickCore/memory.c in ImageMagick allows remote attackers to cause a  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832791)
 	NOTE: https://bugs.launchpad.net/bugs/1553366
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/143
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7538
+CVE-2016-7538 (coders/psd.c in ImageMagick allows remote attackers to cause a denial  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832793)
 	NOTE: https://bugs.launchpad.net/bugs/1556273
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/148
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/53c1dcd34bed85181b901bfce1a2322f85a59472
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7539
+CVE-2016-7539 (Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows rem ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833101)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=28946
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-7540
+CVE-2016-7540 (coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to ...)
 	{DSA-3652-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #827643)
 	[wheezy] - imagemagick <not-affected> (RGF coder is not present in version 6.7.7.10)
 	NOTE: https://bugs.launchpad.net/bugs/1594060
 	NOTE: https://github.com/ImageMagick/ImageMagick/pull/223
 	NOTE: http://www.openwall.com/lists/oss-security/2016/08/07/1
-CVE-2016-6603
+CVE-2016-6603 (ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypas ...)
 	NOT-FOR-US: ZOHO WebNMS
-CVE-2016-6602
+CVE-2016-6602 (ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm ...)
 	NOT-FOR-US: ZOHO WebNMS
-CVE-2016-6601
+CVE-2016-6601 (Directory traversal vulnerability in the file download functionality i ...)
 	NOT-FOR-US: ZOHO WebNMS
-CVE-2016-6600
+CVE-2016-6600 (Directory traversal vulnerability in the file upload functionality in  ...)
 	NOT-FOR-US: ZOHO WebNMS
-CVE-2016-6599
+CVE-2016-6599 (BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET rem ...)
 	NOT-FOR-US: BMC Track-It!
-CVE-2016-6598
+CVE-2016-6598 (BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET rem ...)
 	NOT-FOR-US: BMC Track-It!
-CVE-2016-6597
+CVE-2016-6597 (Sophos EAS Proxy before 6.2.0 for Sophos Mobile Control, when Lotus Tr ...)
 	NOT-FOR-US: Sophos EAS Proxy
 	NOTE: https://www.pallas.com/advisories/sophos_eas_open_reverse_proxy_vulnerability
 CVE-2016-6596
 	RESERVED
-CVE-2016-6594
+CVE-2016-6594 (Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and  ...)
 	NOT-FOR-US: Blue Coat
 CVE-2016-6593
 	RESERVED
@@ -12682,13 +12682,13 @@ CVE-2016-6584
 	RESERVED
 CVE-2016-6583
 	RESERVED
-CVE-2016-6582
+CVE-2016-6582 (The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers  ...)
 	- ruby-doorkeeper 4.2.0-3 (bug #834843)
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/commit/fb938051777a3c9cb071e96fc66458f8f615bd53
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/issues/875
 CVE-2016-6579
 	REJECTED
-CVE-2016-6578
+CVE-2016-6578 (CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains a glob ...)
 	NOT-FOR-US: CodeLathe FileCloud
 CVE-2016-6577
 	RESERVED
@@ -12710,81 +12710,81 @@ CVE-2016-6569
 	RESERVED
 CVE-2016-6568
 	RESERVED
-CVE-2016-6567
+CVE-2016-6567 (SHDesigns' Resident Download Manager provides firmware update capabili ...)
 	NOT-FOR-US: SHDesigns
-CVE-2016-6566
+CVE-2016-6566 (The valueAsString parameter inside the JSON payload contained by the u ...)
 	NOT-FOR-US: Sungard
-CVE-2016-6565
+CVE-2016-6565 (The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1. ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2016-6564
+CVE-2016-6564 (Android devices with code from Ragentek contain a privileged binary th ...)
 	NOT-FOR-US: Ragentek
-CVE-2016-6563
+CVE-2016-6563 (Processing malformed SOAP messages when performing the HNAP Login acti ...)
 	NOT-FOR-US: HNAP
-CVE-2016-6562
+CVE-2016-6562 (On iOS and Android devices, the ShoreTel Mobility Client app version 9 ...)
 	NOT-FOR-US: ShoreTel Mobility Client
-CVE-2016-6561
+CVE-2016-6561 (illumos smbsrv NULL pointer dereference allows system crash. ...)
 	NOT-FOR-US: illumos
-CVE-2016-6560
+CVE-2016-6560 (illumos osnet-incorporation bcopy() and bzero() implementations make s ...)
 	NOT-FOR-US: illumos
-CVE-2016-6559
+CVE-2016-6559 (Improper bounds checking of the obuf variable in the link_ntoa() funct ...)
 	NOT-FOR-US: freebsd libc
-CVE-2016-6558
+CVE-2016-6558 (A command injection vulnerability exists in apply.cgi on the ASUS RP-A ...)
 	NOT-FOR-US: ASUS
-CVE-2016-6557
+CVE-2016-6557 (In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possi ...)
 	NOT-FOR-US: ASUS RP-AC52 access points
 CVE-2016-6556
 	RESERVED
 CVE-2016-6555
 	RESERVED
-CVE-2016-6554
+CVE-2016-6554 (Synology NAS servers DS107, firmware version 3.1-1639 and prior, and D ...)
 	NOT-FOR-US: Synology
-CVE-2016-6553
+CVE-2016-6553 (Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses non-ra ...)
 	NOT-FOR-US: Nuuo NT-4040 Titan
-CVE-2016-6552
+CVE-2016-6552 (Green Packet DX-350 uses non-random default credentials of: root:wimax ...)
 	NOT-FOR-US: Green Packet DX-350
-CVE-2016-6551
+CVE-2016-6551 (Intellian Satellite TV antennas t-Series and v-Series, firmware versio ...)
 	NOT-FOR-US: Intellian
-CVE-2016-6550
+CVE-2016-6550 (The U by BB&amp;T app 1.5.4 and earlier for iOS does not properly veri ...)
 	NOT-FOR-US: BB&T
-CVE-2016-6549
+CVE-2016-6549 (The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, wh ...)
 	NOT-FOR-US: Zizai Tech Nut device
-CVE-2016-6548
+CVE-2016-6548 (The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS ...)
 	NOT-FOR-US: Zizai Tech Nut mobile app
-CVE-2016-6547
+CVE-2016-6547 (The Zizai Tech Nut mobile app stores the account password used to auth ...)
 	NOT-FOR-US: Zizai Tech Nut mobile app
-CVE-2016-6546
+CVE-2016-6546 (The iTrack Easy mobile application stores the account password used to ...)
 	NOT-FOR-US: iTrack
-CVE-2016-6545
+CVE-2016-6545 (Session cookies are not used for maintaining valid sessions in iTrack  ...)
 	NOT-FOR-US: iTrack
-CVE-2016-6544
+CVE-2016-6544 (getgps data in iTrack Easy can be modified without authentication by s ...)
 	NOT-FOR-US: iTrack
-CVE-2016-6543
+CVE-2016-6543 (A captured MAC/device ID of an iTrack Easy can be registered under mul ...)
 	NOT-FOR-US: iTrack
-CVE-2016-6542
+CVE-2016-6542 (The iTrack device tracking ID number, also called "LosserID" in the we ...)
 	NOT-FOR-US: iTrack
-CVE-2016-6541
+CVE-2016-6541 (TrackR Bravo device allows unauthenticated pairing, which enables unau ...)
 	NOT-FOR-US: TrackR
-CVE-2016-6540
+CVE-2016-6540 (Unauthenticated access to the cloud-based service maintained by TrackR ...)
 	NOT-FOR-US: TrackR
-CVE-2016-6539
+CVE-2016-6539 (The Trackr device ID is constructed of a manufacturer identifier of fo ...)
 	NOT-FOR-US: TrackR
-CVE-2016-6538
+CVE-2016-6538 (The TrackR Bravo mobile app stores the account password used to authen ...)
 	NOT-FOR-US: TrackR
-CVE-2016-6537
+CVE-2016-6537 (AVer Information EH6108H+ devices with firmware X9.03.24.00.07l store  ...)
 	NOT-FOR-US: AVer
-CVE-2016-6536
+CVE-2016-6536 (The /setup URI on AVer Information EH6108H+ devices with firmware X9.0 ...)
 	NOT-FOR-US: AVer
-CVE-2016-6535
+CVE-2016-6535 (AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have h ...)
 	NOT-FOR-US: AVer
-CVE-2016-6534
+CVE-2016-6534 (Opmantek NMIS before 4.3.7c has command injection via man, finger, pin ...)
 	NOT-FOR-US: Opmantek NMIS
 CVE-2016-6533
 	RESERVED
-CVE-2016-6532
+CVE-2016-6532 (DEXIS Imaging Suite 10 has a hardcoded password for the sa account, wh ...)
 	NOT-FOR-US: DEXIS
-CVE-2016-6531
+CVE-2016-6531 (** DISPUTED ** Open Dental 16.1 and earlier has a hardcoded MySQL root ...)
 	NOT-FOR-US: Open Dental
-CVE-2016-6530
+CVE-2016-6530 (Dentsply Sirona (formerly Schick) CDR Dicom 5 and earlier has default  ...)
 	NOT-FOR-US: Dentsply Sirona
 CVE-2016-6529
 	RESERVED
@@ -12792,28 +12792,28 @@ CVE-2016-6528
 	RESERVED
 CVE-2016-6524
 	RESERVED
-CVE-2016-6527
+CVE-2016-6527 (The SmartCall Activity component in Telecom application on Samsung Not ...)
 	NOT-FOR-US: Samsung
 	NOTE: http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016
-CVE-2016-6526
+CVE-2016-6526 (The SpamCall Activity component in Telecom application on Samsung Note ...)
 	NOT-FOR-US: Samsung
 	NOTE: http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016
-CVE-2016-6595
+CVE-2016-6595 (** DISPUTED ** The SwarmKit toolkit 1.12.0 for Docker allows remote au ...)
 	- docker.io <not-affected> (Only affects Docker 1.12)
 	NOTE: http://seclists.org/oss-sec/2016/q3/198
-CVE-2016-6581
+CVE-2016-6581 (A HTTP/2 implementation built using any version of the Python HPACK li ...)
 	- python-hpack 2.3.0-1 (bug #833467)
 	NOTE: https://github.com/python-hyper/hpack/pull/56
-CVE-2016-6580
+CVE-2016-6580 (A HTTP/2 implementation built using any version of the Python priority ...)
 	NOT-FOR-US: Python Priority
 	NOTE: https://github.com/python-hyper/priority/pull/23
-CVE-2016-6519
+CVE-2016-6519 (Cross-site scripting (XSS) vulnerability in the "Shares" overview in O ...)
 	- manila-ui 2.5.1-0 (bug #838017)
-CVE-2016-6518
+CVE-2016-6518 (Memory leak in Huawei S9300, S5300, S5700, S6700, S7700, S9700, and S1 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-6517
+CVE-2016-6517 (Directory traversal vulnerability in Liferay 5.1.0 allows remote attac ...)
 	NOT-FOR-US: Liferay
-CVE-2016-6515
+CVE-2016-6515 (The auth_password function in auth-passwd.c in sshd in OpenSSH before  ...)
 	{DLA-1500-1 DLA-594-1}
 	- openssh 1:7.3p1-1 (bug #833823)
 	NOTE: Fixed by: https://anongit.mindrot.org/openssh.git/commit/?id=fcd135c9df440bcd2d5870405ad3311743d78d97
@@ -12821,43 +12821,43 @@ CVE-2016-6514
 	RESERVED
 CVE-2016-6502
 	RESERVED
-CVE-2016-6501
+CVE-2016-6501 (JFrog Artifactory before 4.11 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: JFrog Artifactory
-CVE-2016-6500
+CVE-2016-6500 (Unspecified methods in the RACF Connector component before 1.1.1.0 in  ...)
 	NOT-FOR-US: ForgeRock
 CVE-2016-6499
 	RESERVED
 CVE-2016-6498
 	RESERVED
-CVE-2016-6497
+CVE-2016-6497 (main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP ...)
 	NOT-FOR-US: Groovy LDAP extension
-CVE-2016-6496
+CVE-2016-6496 (The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x ...)
 	NOT-FOR-US: Atlassian Crowd
-CVE-2016-6525
+CVE-2016-6525 (Heap-based buffer overflow in the pdf_load_mesh_params function in pdf ...)
 	{DSA-3655-1 DLA-589-1}
 	- mupdf 1.9a+ds1-1.2 (bug #833417)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=696954
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e
-CVE-2016-6523
+CVE-2016-6523 (Multiple cross-site scripting (XSS) vulnerabilities in the media manag ...)
 	- dotclear <removed>
 	NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/40d0207e520d
-CVE-2016-6522
+CVE-2016-6522 (Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in O ...)
 	NOT-FOR-US: OpenBSD
-CVE-2016-6521
+CVE-2016-6521 (Cross-site request forgery (CSRF) vulnerability in Grails console (aka ...)
 	- grails <itp> (bug #473213)
-CVE-2016-6520
+CVE-2016-6520 (Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7  ...)
 	- imagemagick <not-affected> (Only affects imagemagick 7, which isn't packaged yet, bug #833485)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30259&p=136359#p136359
-CVE-2016-6516
+CVE-2016-6516 (Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c i ...)
 	- linux 4.7.2-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://git.kernel.org/linus/54dbc15172375641ef03399e8f911d7165eb90fb (v4.5-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/10eec60ce79187686e052092e5383c99b4420a20
-CVE-2016-6495
+CVE-2016-6495 (NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows rem ...)
 	NOT-FOR-US: NetApp
-CVE-2016-6493
+CVE-2016-6493 (Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDe ...)
 	NOT-FOR-US: Citrix
 CVE-2016-XXXX [bruteforcable challenge responses in unprotected logfile]
 	- mongodb 1:2.6.12-1 (bug #833087)
@@ -12866,25 +12866,25 @@ CVE-2016-XXXX [bruteforcable challenge responses in unprotected logfile]
 	NOTE: Fixed in experimental 1:2.6.11-1, first version in unstable 1:2.6.12-1
 	NOTE: https://jira.mongodb.org/browse/SERVER-9476
 	NOTE: Fixed by: https://github.com/mongodb/mongo/commit/f85ceb17b37210eef71e8113162c41368bfd5c12
-CVE-2016-6492
+CVE-2016-6492 (The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driv ...)
 	NOT-FOR-US: Out of tree driver from https://github.com/jawad6233/MT6795.kernel
 CVE-2016-6488
 	RESERVED
 CVE-2016-6487
 	RESERVED
-CVE-2016-6486
+CVE-2016-6486 (Siemens SINEMA Server uses weak permissions for the application folder ...)
 	NOT-FOR-US: Siemens Sinema Server
 	NOTE: http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-321174.pdf
-CVE-2016-6494
+CVE-2016-6494 (The client in MongoDB uses world-readable permissions on .dbshell hist ...)
 	{DLA-588-1}
 	- mongodb 1:2.6.12-3 (bug #832908)
 	[jessie] - mongodb 1:2.4.10-5+deb8u1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/29/4
-CVE-2016-6491
+CVE-2016-6491 (Buffer overflow in the Get8BIMProperty function in MagickCore/property ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833099)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/dd84447b63a71fa8c3f47071b09454efc667767b
-CVE-2016-6489
+CVE-2016-6489 (The RSA and DSA decryption code in Nettle makes it easier for attacker ...)
 	{DLA-593-1}
 	- nettle 3.3-1 (bug #832983)
 	[jessie] - nettle 2.7.1-5+deb8u2
@@ -12895,11 +12895,11 @@ CVE-2016-6489
 	NOTE: Additionally needed: https://git.lysator.liu.se/nettle/nettle/commit/52b9223126b3f997c00d399166c006ae28669068
 	NOTE: GnuTLS needs an update when/before src:nettle is fixed to continue working with patched src:nettle for CVE-2016-6489
 	NOTE: but not a vulnerability in GnuTLS. Needs https://gitlab.com/gnutls/gnutls/commit/186dc9c2012003587a38d7f4d03edd8da5fe989f
-CVE-2016-6485
+CVE-2016-6485 (The __construct function in Framework/Encryption/Crypt.php in Magento  ...)
 	NOT-FOR-US: Magento
-CVE-2016-6484
+CVE-2016-6484 (CRLF injection vulnerability in Infoblox Network Automation NetMRI bef ...)
 	NOT-FOR-US: Infoblox Network Automation NetMR
-CVE-2016-6513
+CVE-2016-6513 (epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x ...)
 	- wireshark 2.0.5+ga3be9c6-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -12908,7 +12908,7 @@ CVE-2016-6513
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12663
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=347f071f1b9180563c28b0f3d0627b91eb456c72
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6512
+CVE-2016-6512 (epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an ov ...)
 	- wireshark 2.0.5+ga3be9c6-1
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
@@ -12917,7 +12917,7 @@ CVE-2016-6512
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12661
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2193bea3212d74e2a907152055e27d409b59485e
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6511
+CVE-2016-6511 (epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 a ...)
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0.5+ga3be9c6-1
 	NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
@@ -12925,7 +12925,7 @@ CVE-2016-6511
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12659
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=56706427f53cc64793870bf072c2c06248ae88f3
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6510
+CVE-2016-6510 (Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector  ...)
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0.5+ga3be9c6-1
 	NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
@@ -12933,7 +12933,7 @@ CVE-2016-6510
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12664
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=47a5fa850b388fcf4ea762073806f01b459820fe
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6509
+CVE-2016-6509 (epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12. ...)
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0.5+ga3be9c6-1
 	NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
@@ -12941,7 +12941,7 @@ CVE-2016-6509
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12662
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5a469ddc893f7c1912d0e15cc73bd3011e6cc2fb
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6508
+CVE-2016-6508 (epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x  ...)
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0.5+ga3be9c6-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-44.html
@@ -12949,7 +12949,7 @@ CVE-2016-6508
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6cf9616df68a4db7e436bb77392586ff9ad84feb
 	NOTE: Affects  2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6507
+CVE-2016-6507 (epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12. ...)
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0
 	NOTE: Only affects 1.12, marking 2.0 as fixed
@@ -12958,7 +12958,7 @@ CVE-2016-6507
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b5a10743258bd016c07ebf6479137fda3d172a0f
 	NOTE: Affects 1.12.0 to 1.12.12, fixed 1.12.13
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6506
+CVE-2016-6506 (epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x  ...)
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0.5+ga3be9c6-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-42.html
@@ -12966,7 +12966,7 @@ CVE-2016-6506
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a9d5256890c9189c7461bfce6ed6edce5d861499
 	NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 , fixed in 2.0.5, 1.12.13
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6505
+CVE-2016-6505 (epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wiresha ...)
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0.5+ga3be9c6-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-41.html
@@ -12974,7 +12974,7 @@ CVE-2016-6505
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=94e97e45cf614c7bb8fe90c23df52910246b2c95
 	NOTE: Affects 2.0.0 to 2.0.4, 1.12.0 to 1.12.12, fixed in 2.0.5, 1.12.13.
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6504
+CVE-2016-6504 (epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1 ...)
 	{DSA-3648-1 DLA-595-1}
 	- wireshark 2.0
 	NOTE: Only affects 1.12, marking 2.0 as fixed
@@ -12983,13 +12983,13 @@ CVE-2016-6504
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9eacbb4d48df647648127b9258f9e5aeeb0c7d99
 	NOTE: Affects 1.12.0 to 1.12.12, fixed in 1.12.13.
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6503
+CVE-2016-6503 (The CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windo ...)
 	- wireshark <not-affected> (Only affects Wireshark on Windows)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-39.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12495
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=581a17af40b84ef0c9e7f41ed0795af345b61ce1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/28/3
-CVE-2016-6490
+CVE-2016-6490 (The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Qui ...)
 	- qemu 1:2.6+dfsg-3.1 (bug #832767)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Issue introduced later)
@@ -12997,13 +12997,13 @@ CVE-2016-6490
 	[wheezy] - qemu-kvm <not-affected> (Issue introduced later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-07/msg06246.html
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=3b3b0628217e2726069990ff9942a5d6d9816bd7 (v2.6.0-rc0)
-CVE-2016-6483
+CVE-2016-6483 (The media-file upload feature in vBulletin before 3.8.7 Patch Level 6, ...)
 	NOT-FOR-US: vBulletin
 CVE-2016-6482
 	RESERVED
 CVE-2016-6481
 	RESERVED
-CVE-2016-6480
+CVE-2016-6480 (Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/ ...)
 	{DSA-3659-1 DLA-609-1}
 	- linux 4.7.2-1
 	NOTE: Fixed by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fa00c437eef8dc2e7b25f8cd868cfa405fcc2bb3
@@ -13015,173 +13015,173 @@ CVE-2016-6476
 	RESERVED
 CVE-2016-6475
 	RESERVED
-CVE-2016-6474
+CVE-2016-6474 (A vulnerability in the implementation of X.509 Version 3 for SSH authe ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6473
+CVE-2016-6473 (A vulnerability in Cisco IOS on Catalyst Switches and Nexus 9300 Serie ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6472
+CVE-2016-6472 (A vulnerability in several parameters of the ccmivr page of Cisco Unif ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6471
+CVE-2016-6471 (A vulnerability in the web-based management interface of Cisco Firepow ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6470
+CVE-2016-6470 (A vulnerability in the installation procedure of the Cisco Hybrid Medi ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6469
+CVE-2016-6469 (A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Sec ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6468
+CVE-2016-6468 (A vulnerability in the web-based management interface of Cisco Emergen ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6467
+CVE-2016-6467 (A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6466
+CVE-2016-6466 (A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Se ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6465
+CVE-2016-6465 (A vulnerability in the content filtering functionality of Cisco AsyncO ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6464
+CVE-2016-6464 (A vulnerability in the web management interface of the Cisco Unified C ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6463
+CVE-2016-6463 (A vulnerability in the email filtering functionality of Cisco AsyncOS  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6462
+CVE-2016-6462 (A vulnerability in the email filtering functionality of Cisco AsyncOS  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6461
+CVE-2016-6461 (A vulnerability in the HTTP web-based management interface of the Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6460
+CVE-2016-6460 (A vulnerability in the FTP Representational State Transfer Application ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6459
+CVE-2016-6459 (Cisco TelePresence endpoints running either CE or TC software contain  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6458
+CVE-2016-6458 (A vulnerability in the content filtering functionality of Cisco AsyncO ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6457
+CVE-2016-6457 (A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches  ...)
 	NOT-FOR-US: Cisco
 CVE-2016-6456
 	RESERVED
-CVE-2016-6455
+CVE-2016-6455 (A vulnerability in the Slowpath of StarOS for Cisco ASR 5500 Series ro ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6454
+CVE-2016-6454 (A cross-site request forgery (CSRF) vulnerability in the web interface ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6453
+CVE-2016-6453 (A vulnerability in the web framework code of Cisco Identity Services E ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6452
+CVE-2016-6452 (A vulnerability in the web-based graphical user interface (GUI) of Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6451
+CVE-2016-6451 (Multiple vulnerabilities in the web framework code of the Cisco Prime  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6450
+CVE-2016-6450 (A vulnerability in the package unbundle utility of Cisco IOS XE Softwa ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6449
+CVE-2016-6449 (A vulnerability in the system management of certain FireAMP system pro ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6448
+CVE-2016-6448 (A vulnerability in the Session Description Protocol (SDP) parser of Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6447
+CVE-2016-6447 (A vulnerability in Cisco Meeting Server and Meeting App could allow an ...)
 	NOT-FOR-US: Cisco Meeting Server and Meeting App
-CVE-2016-6446
+CVE-2016-6446 (A vulnerability in Web Bridge for Cisco Meeting Server could allow an  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6445
+CVE-2016-6445 (A vulnerability in the Extensible Messaging and Presence Protocol (XMP ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6444
+CVE-2016-6444 (A vulnerability in Cisco Meeting Server could allow an unauthenticated ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6443
+CVE-2016-6443 (A vulnerability in the Cisco Prime Infrastructure and Evolved Programm ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6442
+CVE-2016-6442 (A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6441
+CVE-2016-6441 (A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR  ...)
 	NOT-FOR-US: Cisco ASR 900 Series Aggregation Services Routers
-CVE-2016-6440
+CVE-2016-6440 (The Cisco Unified Communications Manager (CUCM) may be vulnerable to d ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6439
+CVE-2016-6439 (A vulnerability in the detection engine reassembly of HTTP packets for ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6438
+CVE-2016-6438 (A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Conver ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6437
+CVE-2016-6437 (A vulnerability in the SSL session cache management of Cisco Wide Area ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6436
+CVE-2016-6436 (Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6435
+CVE-2016-6435 (The web console in Cisco Firepower Management Center 6.0.1 allows remo ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6434
+CVE-2016-6434 (Cisco Firepower Management Center 6.0.1 has hardcoded database credent ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6433
+CVE-2016-6433 (The Threat Management Console in Cisco Firepower Management Center 5.2 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6432
+CVE-2016-6432 (A vulnerability in the Identity Firewall feature of Cisco ASA Software ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6431
+CVE-2016-6431 (A vulnerability in the local Certificate Authority (CA) feature of Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6430
+CVE-2016-6430 (A vulnerability in the command-line interface of the Cisco IP Interope ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6429
+CVE-2016-6429 (A vulnerability in the web framework code of the Cisco IP Interoperabi ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6428
+CVE-2016-6428 (Cisco IOS XR 6.1.1 allows local users to execute arbitrary OS commands ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6427
+CVE-2016-6427 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intel ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6426
+CVE-2016-6426 (The j_spring_security_switch_user function in Cisco Unified Intelligen ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6425
+CVE-2016-6425 (Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6424
+CVE-2016-6424 (The DHCP Relay implementation in Cisco Adaptive Security Appliance (AS ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6423
+CVE-2016-6423 (The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M a ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6422
+CVE-2016-6422 (Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for 650 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6421
+CVE-2016-6421 (Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6420
+CVE-2016-6420 (Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Mana ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6419
+CVE-2016-6419 (SQL injection vulnerability in Cisco Firepower Management Center 4.10. ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6418
+CVE-2016-6418 (Cross-site scripting (XSS) vulnerability in Cisco Videoscape Distribut ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6417
+CVE-2016-6417 (Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT Sys ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6416
+CVE-2016-6416 (The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) dev ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6415
+CVE-2016-6415 (The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15. ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6414
+CVE-2016-6414 (iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6413
+CVE-2016-6413 (The installation procedure on Cisco Application Policy Infrastructure  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6412
+CVE-2016-6412 (The Cisco Application-hosting Framework (CAF) component in Cisco IOS 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6411
+CVE-2016-6411 (Cisco Firepower Management Center and FireSIGHT System Software 6.0.1  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6410
+CVE-2016-6410 (The Cisco Application-hosting Framework (CAF) component in Cisco IOS 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6409
+CVE-2016-6409 (The Data in Motion (DMo) component in Cisco IOS 15.6(1)T and IOS XE, w ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6408
+CVE-2016-6408 (Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6407
+CVE-2016-6407 (Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) device ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6406
+CVE-2016-6406 (Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6405
+CVE-2016-6405 (Cisco Fog Director 1.0(0) for IOx allows remote authenticated users to ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6404
+CVE-2016-6404 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6403
+CVE-2016-6403 (The Data in Motion (DMo) application in Cisco IOS 15.6(1)T and IOS XE, ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6402
+CVE-2016-6402 (UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computi ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6401
+CVE-2016-6401 (Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carri ...)
 	NOT-FOR-US: Cisco
 CVE-2016-6400
 	RESERVED
-CVE-2016-6399
+CVE-2016-6399 (Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6398
+CVE-2016-6398 (The PPTP server in Cisco IOS 15.5(3)M does not properly initialize pac ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6397
+CVE-2016-6397 (A vulnerability in the interdevice communications interface of the Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6396
+CVE-2016-6396 (Cisco Firepower Management Center before 6.1 and FireSIGHT System Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6395
+CVE-2016-6395 (Cross-site scripting (XSS) vulnerability in the web-based management i ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6394
+CVE-2016-6394 (Session fixation vulnerability in Cisco Firepower Management Center an ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6393
+CVE-2016-6393 (The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 a ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6392
+CVE-2016-6392 (Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.1 through 3.9 allow  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6391
+CVE-2016-6391 (Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause  ...)
 	NOT-FOR-US: Cisco
 CVE-2016-6390
 	REJECTED
@@ -13191,146 +13191,146 @@ CVE-2016-6388
 	REJECTED
 CVE-2016-6387
 	REJECTED
-CVE-2016-6386
+CVE-2016-6386 (Cisco IOS XE 3.1 through 3.17 and 16.1 on 64-bit platforms allows remo ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6385
+CVE-2016-6385 (Memory leak in the Smart Install client implementation in Cisco IOS 12 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6384
+CVE-2016-6384 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 throu ...)
 	NOT-FOR-US: Cisco
 CVE-2016-6383
 	REJECTED
-CVE-2016-6382
+CVE-2016-6382 (Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through 3.17 and 16.1 allow ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6381
+CVE-2016-6381 (Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6380
+CVE-2016-6380 (The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6379
+CVE-2016-6379 (Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote atta ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6378
+CVE-2016-6378 (Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote atta ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6377
+CVE-2016-6377 (Media Origination System Suite Software 2.6 and earlier in Cisco Virtu ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6376
+CVE-2016-6376 (The Adaptive Wireless Intrusion Prevention System (wIPS) feature on Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6375
+CVE-2016-6375 (Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x an ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6374
+CVE-2016-6374 (Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote attackers t ...)
 	NOT-FOR-US: Cisco Cloud Services Platform 2100
-CVE-2016-6373
+CVE-2016-6373 (The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 allo ...)
 	NOT-FOR-US: Cisco Cloud Services Platform 2100
-CVE-2016-6372
+CVE-2016-6372 (A vulnerability in the email message and content filtering for malform ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6371
+CVE-2016-6371 (Directory traversal vulnerability in the web interface in Cisco Hosted ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6370
+CVE-2016-6370 (Directory traversal vulnerability in the web interface in Cisco Hosted ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6369
+CVE-2016-6369 (Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x bef ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6368
+CVE-2016-6368 (A vulnerability in the detection engine parsing of Pragmatic General M ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6367
+CVE-2016-6367 (Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6366
+CVE-2016-6366 (Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software th ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6365
+CVE-2016-6365 (Cross-site scripting (XSS) vulnerability in Cisco Firepower Management ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6364
+CVE-2016-6364 (The User Data Services (UDS) API implementation in Cisco Unified Commu ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6363
+CVE-2016-6363 (The rate-limit feature in the 802.11 protocol implementation on Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6362
+CVE-2016-6362 (Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.11 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6361
+CVE-2016-6361 (The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6360
+CVE-2016-6360 (A vulnerability in Advanced Malware Protection (AMP) for Cisco Email S ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6359
+CVE-2016-6359 (Cross-site scripting (XSS) vulnerability in Cisco Transport Gateway In ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6358
+CVE-2016-6358 (A vulnerability in local FTP to the Cisco Email Security Appliance (ES ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6357
+CVE-2016-6357 (A vulnerability in the configured security policies, including drop em ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6356
+CVE-2016-6356 (A vulnerability in the email message filtering feature of Cisco AsyncO ...)
 	NOT-FOR-US: Cisco
-CVE-2016-6355
+CVE-2016-6355 (Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5,  ...)
 	NOT-FOR-US: Cisco
 CVE-2016-6353
 	RESERVED
-CVE-2016-6348
+CVE-2016-6348 (JacksonJsonpInterceptor in RESTEasy might allow remote attackers to co ...)
 	- resteasy <unfixed> (low; bug #837170)
 	[jessie] - resteasy <no-dsa> (Minor issue)
 	- resteasy3.0 <undetermined>
-CVE-2016-6347
+CVE-2016-6347 (Cross-site scripting (XSS) vulnerability in the default exception hand ...)
 	- resteasy <unfixed> (low; bug #837170)
 	[jessie] - resteasy <no-dsa> (Minor issue)
 	- resteasy3.0 <undetermined>
-CVE-2016-6346
+CVE-2016-6346 (RESTEasy enables GZIPInterceptor, which allows remote attackers to cau ...)
 	- resteasy <unfixed> (low; bug #837170)
 	[jessie] - resteasy <no-dsa> (Minor issue)
 	- resteasy3.0 <undetermined>
-CVE-2016-6345
+CVE-2016-6345 (RESTEasy allows remote authenticated users to obtain sensitive informa ...)
 	- resteasy <unfixed> (low; bug #837170)
 	[jessie] - resteasy <no-dsa> (Minor issue)
 	- resteasy3.0 <undetermined>
-CVE-2016-6344
+CVE-2016-6344 (Red Hat JBoss BPM Suite 6.3.x does not include the HTTPOnly flag in a  ...)
 	NOT-FOR-US: Red Hat JBoss bpm Suite
-CVE-2016-6343
+CVE-2016-6343 (JBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. Re ...)
 	NOT-FOR-US: JBoss BPMS
-CVE-2016-6342
+CVE-2016-6342 (elog 3.1.1 allows remote attackers to post data as any username in the ...)
 	- elog 3.1.2-1-1 (bug #836505)
 	[jessie] - elog 2.9.2+2014.05.11git44800a7-2+deb8u1
 	NOTE: https://bitbucket.org/ritt/elog/commits/2f6a300572bd6048351af8c45394ae62230c83d9
 	NOTE: https://bitbucket.org/ritt/elog/commits/9ca611aca2b1860efac15f806bf907cc2e6f870a/
-CVE-2016-6341
+CVE-2016-6341 (oVirt Engine before 4.0.3 does not include DWH_DB_PASSWORD in the list ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2016-6340
+CVE-2016-6340 (The kickstart file in Red Hat QuickStart Cloud Installer (QCI) forces  ...)
 	NOT-FOR-US: Red Hat QCI
 CVE-2016-6339
 	REJECTED
-CVE-2016-6338
+CVE-2016-6338 (ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Ma ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2016-6337
+CVE-2016-6337 (MediaWiki 1.27.x before 1.27.1 might allow remote attackers to bypass  ...)
 	- mediawiki 1:1.27.1-1
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6336
+CVE-2016-6336 (MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27 ...)
 	- mediawiki 1:1.27.1-1
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6335
+CVE-2016-6335 (MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27 ...)
 	- mediawiki 1:1.27.1-1
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6334
+CVE-2016-6334 (Cross-site scripting (XSS) vulnerability in the Parser::replaceInterna ...)
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	- mediawiki 1:1.27.1-1
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6333
+CVE-2016-6333 (Cross-site scripting (XSS) vulnerability in the CSS user subpage previ ...)
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	- mediawiki 1:1.27.1-1
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6332
+CVE-2016-6332 (MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27 ...)
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	- mediawiki 1:1.27.1-1
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6331
+CVE-2016-6331 (ApiParse in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x ...)
 	- mediawiki 1:1.27.1-1
 	[wheezy] - mediawiki <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2016-August/086342.html
-CVE-2016-6330
+CVE-2016-6330 (The server in Red Hat JBoss Operations Network (JON), when SSL authent ...)
 	NOT-FOR-US: Red Hat / JBoss Operations Network server
-CVE-2016-6329
+CVE-2016-6329 (OpenVPN, when using a 64-bit block cipher, makes it easier for remote  ...)
 	- openvpn <unfixed> (unimportant)
 	NOTE: https://community.openvpn.net/openvpn/wiki/SWEET32
 	NOTE: This is a generic cryptographic weakness, not a vulnerability in OpenVPN per se
-CVE-2016-6328
+CVE-2016-6328 (A vulnerability was found in libexif. An integer overflow when parsing ...)
 	- libexif 0.6.21-2.1 (bug #873022)
 	[stretch] - libexif <no-dsa> (Minor issue)
 	[jessie] - libexif <no-dsa> (Minor issue)
 	[wheezy] - libexif <no-dsa> (Minor issue)
 	NOTE: http://libexif.cvs.sourceforge.net/viewvc/libexif/libexif/libexif/pentax/mnote-pentax-entry.c?r1=1.26&r2=1.27
-CVE-2016-6327
+CVE-2016-6327 (drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 ...)
 	- linux 4.6.1-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -13338,44 +13338,44 @@ CVE-2016-6327
 	NOTE: Introduced by: https://git.kernel.org/linus/3e4f574857eebce60bb56d7524f3f9eaa2a126d0 (v3.8-rc1)
 CVE-2016-6326
 	RESERVED
-CVE-2016-6325
+CVE-2016-6325 (The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBo ...)
 	- tomcat8 <not-affected> (Red Hat and derivatives packaging specific)
 	- tomcat7 <not-affected> (Red Hat and derivatives packaging specific)
 	- tomcat6 <not-affected> (Red Hat and derivatives packaging specific)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1367447
 CVE-2016-6324
 	RESERVED
-CVE-2016-6323
+CVE-2016-6323 (The makecontext function in the GNU C Library (aka glibc or libc6) bef ...)
 	- glibc 2.24-1 (bug #834752)
 	[jessie] - glibc 2.19-18+deb8u6
 	- eglibc <removed>
 	[wheezy] - eglibc <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20435
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617
-CVE-2016-6322
+CVE-2016-6322 (Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissio ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2016-6321
+CVE-2016-6321 (Directory traversal vulnerability in the safer_name_suffix function in ...)
 	{DSA-3702-1 DLA-690-1}
 	- tar 1.29b-1.1 (bug #842339)
 	NOTE: https://sintonen.fi/advisories/tar-extract-pathname-bypass.txt
 	NOTE: POC in https://sintonen.fi/advisories/tar-poc.tar (etc/shadow should not be extracted when asking for etc/motd)
 	NOTE: Proposed patch by Antoine Beaupre: https://lists.debian.org/debian-lts/2016/10/msg00206.html
 	NOTE: Proposed patch upstream: http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f67165d
-CVE-2016-6320
+CVE-2016-6320 (Cross-site scripting (XSS) vulnerability in app/assets/javascripts/hos ...)
 	- foreman <itp> (bug #663101)
-CVE-2016-6319
+CVE-2016-6319 (Cross-site scripting (XSS) vulnerability in app/helpers/form_helper.rb ...)
 	- foreman <itp> (bug #663101)
-CVE-2016-6318
+CVE-2016-6318 (Stack-based buffer overflow in the FascistGecosUser function in lib/fa ...)
 	{DLA-599-1}
 	- cracklib2 2.9.2-2 (bug #834502)
 	[jessie] - cracklib2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/attachment.cgi?id=1188599
 	NOTE: In Debian compiled with CPPFLAGS="-D_FORTIFY_SOURCE=2" so, at most application crash
-CVE-2016-6317
+CVE-2016-6317 (Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly  ...)
 	- rails 2:4.2.7.1-1 (bug #834154)
 	[jessie] - rails <not-affected> (Vulnerable code not present, introduced in 4.2)
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package and introduced in 4.2 anyway)
-CVE-2016-6316
+CVE-2016-6316 (Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rai ...)
 	{DSA-3651-1 DLA-604-1}
 	- rails 2:4.2.7.1-1 (low; bug #834155)
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -13385,7 +13385,7 @@ CVE-2016-6315
 	RESERVED
 CVE-2016-6314
 	RESERVED
-CVE-2016-6313
+CVE-2016-6313 (The mixing functions in the random number generator in Libgcrypt befor ...)
 	{DSA-3650-1 DSA-3649-1 DLA-602-1 DLA-600-1}
 	- gnupg2 <not-affected> (Uses system libgcrypt)
 	- gnupg1 1.4.21-1 (bug #834894)
@@ -13401,79 +13401,79 @@ CVE-2016-6313
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=98980e2fd29ad62903c78fa6521489fce651cdda
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=6199cd963d1fba86e0b7b9e2de4b6c00b945193a
 	NOTE: https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
-CVE-2016-6312
+CVE-2016-6312 (The mod_dontdothat component of the mod_dav_svn Apache module in Subve ...)
 	- apr-util <not-affected> (RHEL-5.11 specific regression)
-CVE-2016-6311
+CVE-2016-6311 (Get requests in JBoss Enterprise Application Platform (EAP) 7 disclose ...)
 	NOT-FOR-US: WildFly / Red Hat JBoss EAP
-CVE-2016-6310
+CVE-2016-6310 (oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /v ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2016-6309
+CVE-2016-6309 (statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movem ...)
 	[experimental] - openssl 1.1.0b-1
 	- openssl <not-affected> (Only affects 1.1)
 	NOTE: https://www.openssl.org/news/secadv/20160926.txt
-CVE-2016-6308
+CVE-2016-6308 (statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 befor ...)
 	[experimental] - openssl 1.1.0a-1
 	- openssl <not-affected> (Only affects 1.1)
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=48c054fec3506417b2598837b8062aae7114c200
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
-CVE-2016-6307
+CVE-2016-6307 (The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a alloca ...)
 	[experimental] - openssl 1.1.0a-1
 	- openssl <not-affected> (Only affects 1.1)
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=c1ef7c971d0bbf117c3c80f65b5875e2e7b024b1
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
-CVE-2016-6306
+CVE-2016-6306 (The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2 ...)
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=ff553f837172ecb2b5c8eca257ec3c5619a4b299
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-6305
+CVE-2016-6305 (The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 ...)
 	[experimental] - openssl 1.1.0a-1
 	- openssl <not-affected> (Only affects 1.1)
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.1.0a
-CVE-2016-6304
+CVE-2016-6304 (Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 befo ...)
 	{DSA-3673-1 DLA-637-1}
 	[experimental] - openssl 1.1.0a-1
 	- openssl 1.0.2i-1
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.1.0a, 1.0.2i, 1.0.1u
-CVE-2016-6303
+CVE-2016-6303 (Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c ...)
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=55d83bf7c10c7b205fffa23fa7c3977491e56c07
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-6302
+CVE-2016-6302 (The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1. ...)
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=e97763c92c655dcf4af2860b3abd2bc4c8a267f9
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-6301
+CVE-2016-6301 (The recv_and_process_client_pkt function in networking/ntpd.c in busyb ...)
 	- busybox 1:1.27.2-1 (unimportant; bug #833442)
 	NOTE: NTP server not enabled by default in debian/config/pkg/* via CONFIG_NTPD
 	NOTE: Fixed by: https://git.busybox.net/busybox/commit/?id=150dc7a2b483b8338a3e185c478b4b23ee884e71
 CVE-2016-6300
 	REJECTED
-CVE-2016-6299
+CVE-2016-6299 (The scm plug-in in mock might allow attackers to bypass the intended c ...)
 	- mock 1.3.2-1 (bug #850320)
 	[jessie] - mock <not-affected> (Parsing is done before, after temporarily dropping super-user privileges at startup)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1375490
 	NOTE: https://github.com/rpm-software-management/mock/commit/8b02f43beadacf6911200b48d94e39e891a41da9 (mock-1.2.21)
-CVE-2016-6298
+CVE-2016-6298 (The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in  ...)
 	- python-jwcrypto 0.3.2-1
 	NOTE: https://github.com/latchset/jwcrypto/issues/65
 	NOTE: https://github.com/latchset/jwcrypto/pull/66
 	NOTE: https://github.com/latchset/jwcrypto/commit/eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba
 	NOTE: Code moved around in git, for 0.3.2 it is in jwe.py
-CVE-2016-6354
+CVE-2016-6354 (Heap-based buffer overflow in the yy_get_next_buffer function in Flex  ...)
 	{DSA-3653-2 DSA-3653-1}
 	- flex 2.6.1-1 (bug #832768)
 	[wheezy] - flex <not-affected> (Issue introduced with 2.5.36)
 	NOTE: Intorduced by: https://github.com/westes/flex/commit/9ba3187a537d6a58d345f2874d06087fd4050399 (flex-2-5-36)
 	NOTE: Fixed by: https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466 (v2.6.1)
-CVE-2016-6351
+CVE-2016-6351 (The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), ...)
 	{DLA-1599-1 DLA-574-1 DLA-573-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #832621)
 	- qemu-kvm <removed>
@@ -13481,9 +13481,9 @@ CVE-2016-6351
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=cc96677469388bad3d66479379735cf75db069e3 (v2.7.0-rc0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/25/14
 	NOTE: According to maintainer the fix relies on the fix for CVE-2016-4439
-CVE-2016-6350
+CVE-2016-6350 (OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (N ...)
 	NOT-FOR-US: OpenBSD
-CVE-2016-6349
+CVE-2016-6349 (The machinectl command in oci-register-machine allows local users to l ...)
 	NOT-FOR-US: oci-register-machine
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/26/5
 	NOTE: Requirement is that docker containers would register themselves to
@@ -13493,15 +13493,15 @@ CVE-2016-6349
 	NOTE: https://github.com/systemd/systemd/issues/3815
 	NOTE: The problem as well only arises with docker fork in RedHat, not with upstream docker
 	NOTE: https://github.com/projectatomic/oci-register-machine/pull/22
-CVE-2016-6287
+CVE-2016-6287 (The "http-client" egg always used a HTTP_PROXY environment variable to ...)
 	NOT-FOR-US: Addons for Chicken
-CVE-2016-6286
+CVE-2016-6286 (The "spiffy-cgi-handlers" egg would convert a nonexistent "Proxy" head ...)
 	NOT-FOR-US: Addons for Chicken
-CVE-2016-6285
+CVE-2016-6285 (Cross-site scripting (XSS) vulnerability in includes/decorators/global ...)
 	NOT-FOR-US: Atlassian JIRA
 CVE-2016-6284
 	RESERVED
-CVE-2016-6283
+CVE-2016-6283 (Cross-site scripting (XSS) vulnerability in Atlassian Confluence befor ...)
 	NOT-FOR-US: Atlassian Confluence
 CVE-2016-6282
 	RESERVED
@@ -13513,26 +13513,26 @@ CVE-2016-6279
 	RESERVED
 CVE-2016-6278
 	RESERVED
-CVE-2016-6277
+CVE-2016-6277 (NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 b ...)
 	NOT-FOR-US: Netgear routers
-CVE-2016-6276
+CVE-2016-6276 (Citrix Linux Virtual Delivery Agent (aka VDA, formerly Linux Virtual D ...)
 	NOT-FOR-US: Citrix
 CVE-2016-6275
 	RESERVED
 CVE-2016-6274
 	RESERVED
-CVE-2016-6273
+CVE-2016-6273 (The lmadmin component in Flexera FlexNet Publisher (aka Flex License M ...)
 	NOT-FOR-US: Flexera
-CVE-2016-6272
+CVE-2016-6272 (XPath injection vulnerability in Epic MyChart allows remote attackers  ...)
 	NOT-FOR-US: EPIC MyChart
-CVE-2016-6297
+CVE-2016-6297 (Integer overflow in the php_stream_zip_opener function in ext/zip/zip_ ...)
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72520
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=81406c0c1d45f75fcc7972ed974d2597abb0b9e9
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6296
+CVE-2016-6296 (Integer signedness error in the simplestring_addn function in simplest ...)
 	{DSA-3631-1 DLA-628-1 DLA-569-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
@@ -13542,91 +13542,91 @@ CVE-2016-6296
 	- xmlrpc-epi 0.54.2-1.2 (bug #832959)
 	[jessie] - xmlrpc-epi <no-dsa> (Can be fixed via point release, nothing depending on it in stable)
 	NOTE: In stretch/sid php7.0 is using the system library not the embedded one.
-CVE-2016-6295
+CVE-2016-6295 (ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x bef ...)
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72479
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=cab1c3b3708eead315e033359d07049b23b147a3
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6294
+CVE-2016-6294 (The locale_accept_from_http function in ext/intl/locale/locale_methods ...)
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72533
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6293
+CVE-2016-6293 (The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in Interna ...)
 	{DSA-3725-1 DLA-615-1}
 	- icu 57.1-4
 	NOTE: http://bugs.icu-project.org/trac/changeset/39109
 	NOTE: http://bugs.icu-project.org/trac/ticket/12652
 	NOTE: And possibly needs some more follow-up fixes, cf. with upstream changes
 	NOTE: around/later than changeset 39109.
-CVE-2016-6292
+CVE-2016-6292 (The exif_process_user_comment function in ext/exif/exif.c in PHP befor ...)
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72618
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=41131cd41d2fd2e0c2f332a27988df75659c42e4
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6291
+CVE-2016-6291 (The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP b ...)
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72603
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=eebcbd5de38a0f1c2876035402cb770e37476519
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6290
+CVE-2016-6290 (ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7 ...)
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72562
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=3798eb6fd5dddb211b01d41495072fd9858d4e32
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6289
+CVE-2016-6289 (Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_ ...)
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/72513
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=0218acb7e756a469099c4ccfb22bce6c2bd1ef87
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-6271
+CVE-2016-6271 (The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the- ...)
 	- bzrtp 1.0.2-1.2 (bug #859277)
 	NOTE: Fixed by: https://github.com/BelledonneCommunications/bzrtp/commit/bbb1e6e2f467ee4bd7b9a8c800e4f07343d7d99b
-CVE-2016-6270
+CVE-2016-6270 (The handle_certificate function in /vmi/manager/engine/management/comm ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-6269
+CVE-2016-6269 (Multiple directory traversal vulnerabilities in Trend Micro Smart Prot ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-6268
+CVE-2016-6268 (Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-6267
+CVE-2016-6267 (SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200 ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-6266
+CVE-2016-6266 (ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before ...)
 	NOT-FOR-US: Trend Micro
 CVE-2016-6260
 	RESERVED
-CVE-2016-6259
+CVE-2016-6259 (Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Preven ...)
 	- xen 4.8.0~rc3-1
 	[jessie] - xen <not-affected> (Only affects 4.5 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.5 and later)
 	NOTE: http://xenbits.xen.org/xsa/advisory-183.html
-CVE-2016-6258
+CVE-2016-6258 (The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows ...)
 	{DSA-3633-1 DLA-571-1}
 	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-182.html
-CVE-2016-6257
+CVE-2016-6257 (The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon S ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-6256
+CVE-2016-6256 (SAP Business One for Android 1.2.3 allows remote attackers to conduct  ...)
 	NOT-FOR-US: SAP
-CVE-2016-6254
+CVE-2016-6254 (Heap-based buffer overflow in the parse_packet function in network.c i ...)
 	{DSA-3636-1 DLA-575-1}
 	- collectd 5.5.2-1 (bug #832507)
 	NOTE: https://github.com/collectd/collectd/commit/b589096f907052b3a4da2b9ccc9b0e2e888dfc18
 	NOTE: https://github.com/collectd/collectd/commit/8b4fed9940e02138b7e273e56863df03d1a39ef7
-CVE-2016-6253
+CVE-2016-6253 (mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, an ...)
 	NOT-FOR-US: mail.local in NetBSD
-CVE-2016-1000218
+CVE-2016-1000218 (Kibana Reporting plugin version 2.4.0 is vulnerable to a CSRF vulnerab ...)
 	- kibana <itp> (bug #700337)
 CVE-2016-1000212 [Mitigation for HTTPoxy vulnerability]
 	{DSA-3642-1 DLA-583-1}
@@ -13743,97 +13743,97 @@ CVE-2016-1000158
 	RESERVED
 CVE-2016-1000157
 	RESERVED
-CVE-2016-1000156
+CVE-2016-1000156 (Mailcwp remote file upload vulnerability incomplete fix v1.100 ...)
 	NOT-FOR-US: WordPress plugin mailcwp
-CVE-2016-1000155
+CVE-2016-1000155 (Reflected XSS in wordpress plugin wpsolr-search-engine v7.6 ...)
 	NOT-FOR-US: Wordpress plugin wpsolr-search-engine
-CVE-2016-1000154
+CVE-2016-1000154 (Reflected XSS in wordpress plugin whizz v1.0.7 ...)
 	NOT-FOR-US: Wordpress plugin whizz
-CVE-2016-1000153
+CVE-2016-1000153 (Reflected XSS in wordpress plugin tidio-gallery v1.1 ...)
 	NOT-FOR-US: Wordpress plugin tidio-gallery
-CVE-2016-1000152
+CVE-2016-1000152 (Reflected XSS in wordpress plugin tidio-form v1.0 ...)
 	NOT-FOR-US: Wordpress plugin tidio-form
-CVE-2016-1000151
+CVE-2016-1000151 (Reflected XSS in wordpress plugin tera-charts v1.0 ...)
 	NOT-FOR-US: Wordpress plugin tera-charts
-CVE-2016-1000150
+CVE-2016-1000150 (Reflected XSS in wordpress plugin simplified-content v1.0.0 ...)
 	NOT-FOR-US: Wordpress plugin simplified-content
-CVE-2016-1000149
+CVE-2016-1000149 (Reflected XSS in wordpress plugin simpel-reserveren v3.5.2 ...)
 	NOT-FOR-US: Wordpress plugin simpel-reserveren
-CVE-2016-1000148
+CVE-2016-1000148 (Reflected XSS in wordpress plugin s3-video v0.983 ...)
 	NOT-FOR-US: Wordpress plugin s3-video
-CVE-2016-1000147
+CVE-2016-1000147 (Reflected XSS in wordpress plugin recipes-writer v1.0.4 ...)
 	NOT-FOR-US: Wordpress plugin recipes-writer
-CVE-2016-1000146
+CVE-2016-1000146 (Reflected XSS in wordpress plugin pondol-formmail v1.1 ...)
 	NOT-FOR-US: Wordpress plugin pondol-formmail
-CVE-2016-1000145
+CVE-2016-1000145 (Reflected XSS in wordpress plugin pondol-carousel v1.0 ...)
 	NOT-FOR-US: Wordpress plugin pondol-carousel
-CVE-2016-1000144
+CVE-2016-1000144 (Reflected XSS in wordpress plugin photoxhibit v2.1.8 ...)
 	NOT-FOR-US: Wordpress plugin photoxhibit
-CVE-2016-1000143
+CVE-2016-1000143 (Reflected XSS in wordpress plugin photoxhibit v2.1.8 ...)
 	NOT-FOR-US: Wordpress plugin photoxhibit
-CVE-2016-1000142
+CVE-2016-1000142 (Reflected XSS in wordpress plugin parsi-font v4.2.5 ...)
 	NOT-FOR-US: Wordpress plugin parsi-font
-CVE-2016-1000141
+CVE-2016-1000141 (Reflected XSS in wordpress plugin page-layout-builder v1.9.3 ...)
 	NOT-FOR-US: Wordpress plugin page-layout-builder
-CVE-2016-1000140
+CVE-2016-1000140 (Reflected XSS in wordpress plugin new-year-firework v1.1.9 ...)
 	NOT-FOR-US: Wordpress plugin new-year-firework
-CVE-2016-1000139
+CVE-2016-1000139 (Reflected XSS in wordpress plugin infusionsoft v1.5.11 ...)
 	NOT-FOR-US: Wordpress plugin infusionsoft
-CVE-2016-1000138
+CVE-2016-1000138 (Reflected XSS in wordpress plugin indexisto v1.0.5 ...)
 	NOT-FOR-US: Wordpress plugin indexisto
-CVE-2016-1000137
+CVE-2016-1000137 (Reflected XSS in wordpress plugin hero-maps-pro v2.1.0 ...)
 	NOT-FOR-US: Wordpress plugin hero-maps-pro
-CVE-2016-1000136
+CVE-2016-1000136 (Reflected XSS in wordpress plugin heat-trackr v1.0 ...)
 	NOT-FOR-US: Wordpress plugin heat-trackr
-CVE-2016-1000135
+CVE-2016-1000135 (Reflected XSS in wordpress plugin hdw-tube v1.2 ...)
 	NOT-FOR-US: Wordpress plugin hdw-tube
-CVE-2016-1000134
+CVE-2016-1000134 (Reflected XSS in wordpress plugin hdw-tube v1.2 ...)
 	NOT-FOR-US: Wordpress plugin hdw-tube
-CVE-2016-1000133
+CVE-2016-1000133 (Reflected XSS in wordpress plugin forget-about-shortcode-buttons v1.1. ...)
 	NOT-FOR-US: Wordpress plugin forget-about-shortcode-buttons
-CVE-2016-1000132
+CVE-2016-1000132 (Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8 ...)
 	NOT-FOR-US: Wordpress plugin enhanced-tooltipglossary
-CVE-2016-1000131
+CVE-2016-1000131 (Reflected XSS in wordpress plugin e-search v1.0 ...)
 	NOT-FOR-US: Wordpress plugin e-search
-CVE-2016-1000130
+CVE-2016-1000130 (Reflected XSS in wordpress plugin e-search v1.0 ...)
 	NOT-FOR-US: Wordpress plugin e-search
-CVE-2016-1000129
+CVE-2016-1000129 (Reflected XSS in wordpress plugin defa-online-image-protector v3.3 ...)
 	NOT-FOR-US: Wordpress plugin defa-online-image-protector
-CVE-2016-1000128
+CVE-2016-1000128 (Reflected XSS in wordpress plugin anti-plagiarism v3.60 ...)
 	NOT-FOR-US: Wordpress plugin anti-plagiarism
-CVE-2016-1000127
+CVE-2016-1000127 (Reflected XSS in wordpress plugin ajax-random-post v2.00 ...)
 	NOT-FOR-US: Wordpress plugin ajax-random-post
-CVE-2016-1000126
+CVE-2016-1000126 (Reflected XSS in wordpress plugin admin-font-editor v1.8 ...)
 	NOT-FOR-US: Wordpress plugin admin-font-editor
-CVE-2016-1000125
+CVE-2016-1000125 (Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla ...)
 	NOT-FOR-US: Joomla component Huge-IT Catalog
-CVE-2016-1000124
+CVE-2016-1000124 (Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0 ...)
 	NOT-FOR-US: Joomla component Huge-IT Portfolio Gallery
-CVE-2016-1000123
+CVE-2016-1000123 (Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joom ...)
 	NOT-FOR-US: Joomla component Huge-IT Video Gallery
-CVE-2016-1000122
+CVE-2016-1000122 (XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension ...)
 	NOT-FOR-US: Joomla extension Huge IT Joomla Slider
-CVE-2016-1000121
+CVE-2016-1000121 (XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension ...)
 	NOT-FOR-US: Joomla extension Huge IT Joomla Slider
-CVE-2016-1000120
+CVE-2016-1000120 (SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla ...)
 	NOT-FOR-US: Joomla extension Huge IT catalog
-CVE-2016-1000119
+CVE-2016-1000119 (SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla ...)
 	NOT-FOR-US: Joomla extension Huge IT catalog
-CVE-2016-1000118
+CVE-2016-1000118 (XSS &amp; SQLi in HugeIT slideshow v1.0.4 ...)
 	NOT-FOR-US: Joomla extension HugeIT slideshow
-CVE-2016-1000117
+CVE-2016-1000117 (XSS &amp; SQLi in HugeIT slideshow v1.0.4 ...)
 	NOT-FOR-US: Joomla extension HugeIT slideshow
-CVE-2016-1000116
+CVE-2016-1000116 (Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS ...)
 	NOT-FOR-US: Joomla extension Huge-IT Portfolio Gallery manager
-CVE-2016-1000115
+CVE-2016-1000115 (Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS ...)
 	NOT-FOR-US: Joomla extension Huge-IT Portfolio Gallery manager
-CVE-2016-1000114
+CVE-2016-1000114 (XSS in huge IT gallery v1.1.5 for Joomla ...)
 	NOT-FOR-US: Joomla extension huge IT gallery
-CVE-2016-1000113
+CVE-2016-1000113 (XSS and SQLi in huge IT gallery v1.1.5 for Joomla ...)
 	NOT-FOR-US: Joomla extension huge IT gallery
-CVE-2016-1000112
+CVE-2016-1000112 (Unauthenticated remote .jpg file upload in contus-video-comments v1.0  ...)
 	NOT-FOR-US: WordPress plugin contus-video-comments
-CVE-2016-6265
+CVE-2016-6265 (Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf- ...)
 	{DSA-3655-1}
 	- mupdf 1.9a+ds1-1.1 (bug #832031)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present, no segfault)
@@ -13845,7 +13845,7 @@ CVE-2016-6265
 	NOTE: thus the issue could possibly be presend already before. The code in 1.5-1 looks
 	NOTE: quite similar, although the reproducer does not lead to a heap-use-after-free in
 	NOTE: the 1.5-1 case.
-CVE-2016-6264
+CVE-2016-6264 (Integer signedness error in libc/string/arm/memset.S in uClibc and uCl ...)
 	{DLA-561-1}
 	- uclibc-ng <itp> (bug #811275)
 	- uclibc <unfixed> (unimportant)
@@ -13853,17 +13853,17 @@ CVE-2016-6264
 	NOTE: http://repo.or.cz/uclibc-ng.git/commit/e3848e3dd64a8d6437531488fe341354bc02eaed
 	NOTE: http://mailman.uclibc-ng.org/pipermail/devel/2016-July/001067.html
 	NOTE: Fixed in 1.0.16 of uClibc-ng
-CVE-2016-6263
+CVE-2016-6263 (The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn be ...)
 	{DSA-3658-1 DLA-582-1}
 	- libidn 1.33-1
 	NOTE: https://lists.gnu.org/archive/html/help-libidn/2016-07/msg00009.html
 	NOTE: Test / Fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=1fbee57ef3c72db2206dd87e4162108b2f425555 (libidn-1-33)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/6
-CVE-2016-6262
+CVE-2016-6262 (idn in libidn before 1.33 might allow remote attackers to obtain sensi ...)
 	- libidn <not-affected> (Incomplete fix for CVE-2015-8948 not applied)
 	NOTE: Follow-up fix for CVE-2015-8948: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=5e3cb9c7b5bf0ce665b9d68f5ddf095af5c9ba60 (libidn-1-33)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/6
-CVE-2016-6261
+CVE-2016-6261 (The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allo ...)
 	{DSA-3658-1 DLA-582-1}
 	- libidn 1.33-1
 	NOTE: https://lists.gnu.org/archive/html/help-libidn/2016-07/msg00009.html
@@ -13871,12 +13871,12 @@ CVE-2016-6261
 	NOTE: Fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=f20ce1128fb7f4d33297eee307dddaf0f92ac72d (libidn-1-33)
 	NOTE: Follow-up memory leak fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=11abd0e02c16f9e0b6944aea4ef0f2df44b42dd4 (libidn-1-33)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/6
-CVE-2016-6249
+CVE-2016-6249 (F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout durin ...)
 	NOT-FOR-US: F5
 CVE-2016-1000037
 	RESERVED
 	- pagure <itp> (bug #829046)
-CVE-2016-1000030
+CVE-2016-1000030 (Pidgin version &lt;2.11.0 contains a vulnerability in X.509 Certificat ...)
 	- pidgin 2.11.0-1 (unimportant)
 	[jessie] - pidgin 2.11.0-0+deb8u1
 	NOTE: http://www.pidgin.im/news/security/?id=91
@@ -13890,13 +13890,13 @@ CVE-2016-XXXX [insecure default PATH]
 	NOTE: Following reverse dependencies need to be recompiled: minit (wheezy, jessie),
 	NOTE: util-vserver (jessie, sid), mksh (sid, experimental)
 	NOTE: http://news.gmane.org/find-root.php?message_id=alpine.DEB.2.20.1607181048300.24083%40tglase.lan.tarent.de
-CVE-2016-6250
+CVE-2016-6250 (Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allo ...)
 	{DSA-3677-1 DLA-554-1}
 	- libarchive 3.2.1-1 (low)
 	NOTE: https://github.com/libarchive/libarchive/issues/711
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/3014e19820ea53c15c90f9d447ca3e668a0b76c6 (v3.2.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/1
-CVE-2016-6252
+CVE-2016-6252 (Integer overflow in shadow 4.2.1 allows local users to gain privileges ...)
 	{DSA-3793-1}
 	- shadow 1:4.4-1 (bug #832170)
 	[wheezy] - shadow <not-affected> (Vulnerable code not present)
@@ -13910,35 +13910,35 @@ CVE-2016-1000029
 	RESERVED
 CVE-2016-1000028
 	RESERVED
-CVE-2016-6247
+CVE-2016-6247 (OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of se ...)
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6246
+CVE-2016-6246 (OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount pri ...)
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6245
+CVE-2016-6245 (OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (k ...)
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6244
+CVE-2016-6244 (The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel ...)
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6243
+CVE-2016-6243 (thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local user ...)
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6242
+CVE-2016-6242 (OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (a ...)
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6241
+CVE-2016-6241 (Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 al ...)
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6240
+CVE-2016-6240 (Integer truncation error in the amap_alloc function in OpenBSD 5.8 and ...)
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6239
+CVE-2016-6239 (The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attacke ...)
 	NOT-FOR-US: OpenBSD kernel
-CVE-2016-6238
+CVE-2016-6238 (The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 al ...)
 	- lepton 1.2.1-1 (bug #831814)
-CVE-2016-6237
+CVE-2016-6237 (The build_huffcodes function in lepton/jpgcoder.cc in Dropbox lepton 1 ...)
 	- lepton 1.2.1-1 (bug #831814)
-CVE-2016-6236
+CVE-2016-6236 (The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton ...)
 	- lepton 1.2.1-1 (bug #831814)
-CVE-2016-6235
+CVE-2016-6235 (The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton ...)
 	- lepton 1.2.1-1 (bug #831814)
-CVE-2016-6234
+CVE-2016-6234 (The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0  ...)
 	- lepton 1.2.1-1 (bug #831814)
-CVE-2016-6231
+CVE-2016-6231 (Kaspersky Safe Browser iOS before 1.7.0 does not verify X.509 certific ...)
 	NOT-FOR-US: Kaspersky
 CVE-2016-6230
 	RESERVED
@@ -13950,7 +13950,7 @@ CVE-2016-6227
 	RESERVED
 CVE-2016-6226
 	RESERVED
-CVE-2016-6225
+CVE-2016-6225 (xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does ...)
 	- percona-xtrabackup <unfixed> (bug #851244)
 	[jessie] - percona-xtrabackup <no-dsa> (Minor issue)
 	NOTE: https://www.percona.com/blog/2017/01/12/cve-2016-6225-percona-xtrabackup-encryption-iv-not-set-properly
@@ -13960,7 +13960,7 @@ CVE-2016-6222
 	RESERVED
 CVE-2016-6221
 	RESERVED
-CVE-2016-6220
+CVE-2016-6220 (Information Disclosure vulnerability in the Dashboard and Error Pages  ...)
 	NOT-FOR-US: Trend Micro Control Manager
 CVE-2016-6219
 	RESERVED
@@ -13999,34 +13999,34 @@ CVE-2016-1000027
 	- libspring-java 4.2.7-1 (unimportant)
 	NOTE: https://www.tenable.com/security/research/tra-2016-20
 	NOTE: This is not a vulnerability in Spring itself, just how applications are using it
-CVE-2016-6255
+CVE-2016-6255 (Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers  ...)
 	{DSA-3736-1 DLA-597-1}
 	- libupnp 1:1.6.19+git20160116-1.1 (bug #831857)
 	NOTE: https://twitter.com/mjg59/status/755062278513319936
 	NOTE: Proposed fix: https://github.com/mjg59/pupnp-code/commit/be0a01bdb83395d9f3a5ea09c1308a4f1a972cbd
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/18/13
-CVE-2016-6233
+CVE-2016-6233 (The (1) order and (2) group methods in Zend_Db_Select in the Zend Fram ...)
 	- zendframework 1.12.19+dfsg-1
 	[jessie] - zendframework <not-affected> (introduced after 1.12.9)
 	[wheezy] - zendframework <not-affected> (introduced after 1.12.9)
 	NOTE: http://framework.zend.com/security/advisory/ZF2016-02
 	NOTE: https://github.com/zendframework/zf1/commit/bf3f40605be3d8f136a07ae991079a7dcb34d967
-CVE-2016-6232
+CVE-2016-6232 (Directory traversal vulnerability in KArchive before 5.24, as used in  ...)
 	{DSA-3643-1 DLA-570-1}
 	- karchive 5.24.0-1
 	- kde4libs 4:4.14.22-2 (bug #832620)
 	NOTE: The fix for 4:4.14.22-1 was incomplete, cf.
 	NOTE: https://lists.debian.org/debian-lts/2016/07/msg00144.html
 	NOTE: Fix: https://git.reviewboard.kde.org/r/128185/
-CVE-2016-6217
+CVE-2016-6217 (Cross-site scripting (XSS) vulnerability in Sophos PureMessage for UNI ...)
 	NOT-FOR-US: Sophos
 CVE-2016-6216
 	RESERVED
 CVE-2016-6215
 	RESERVED
-CVE-2016-6212
+CVE-2016-6212 (The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views m ...)
 	- drupal8 <itp> (bug #756305)
-CVE-2016-6210
+CVE-2016-6210 (sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user pa ...)
 	{DSA-3626-1 DLA-578-1}
 	- openssh 1:7.2p2-6 (bug #831902)
 	NOTE: http://seclists.org/fulldisclosure/2016/Jul/51
@@ -14036,7 +14036,7 @@ CVE-2016-6210
 	NOTE: otherwise the mitigiation isn't very effective for systems with a locked root account.
 CVE-2016-6208
 	RESERVED
-CVE-2016-6207
+CVE-2016-6207 (Integer overflow in the _gdContributionsAlloc function in gd_interpola ...)
 	{DSA-3630-1}
 	- libgd2 2.2.2-43-g22cba39-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -14052,7 +14052,7 @@ CVE-2016-6207
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72558
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
-CVE-2016-6209
+CVE-2016-6209 (Cross-site scripting (XSS) vulnerability in Nagios. ...)
 	- nagios3 <removed> (bug #831698)
 	[jessie] - nagios3 <no-dsa> (Minor issue)
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
@@ -14060,21 +14060,21 @@ CVE-2016-6209
 	NOTE: http://seclists.org/fulldisclosure/2016/Jun/20
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/issues/297
 	NOTE: Fixed by https://github.com/NagiosEnterprises/nagioscore/commit/78b7bdde3ab4dec265879ff1b4d49a398bf3ba9c
-CVE-2016-6206
+CVE-2016-6206 (Huawei AR3200 routers with software before V200R007C00SPC600 allow rem ...)
 	NOT-FOR-US: Huawei
 CVE-2016-6205
 	RESERVED
-CVE-2016-6204
+CVE-2016-6204 (Cross-site scripting (XSS) vulnerability in the integrated web server  ...)
 	NOT-FOR-US: Siemens
 CVE-2016-6203
 	RESERVED
 CVE-2016-6202
 	RESERVED
-CVE-2016-6201
+CVE-2016-6201 (Cross-site scripting (XSS) vulnerability in Ektron Content Management  ...)
 	NOT-FOR-US: Ektron Content Management System
 CVE-2016-6200
 	RESERVED
-CVE-2016-6199
+CVE-2016-6199 (ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to exe ...)
 	- gradle 2.13-1
 	[jessie] - gradle <ignored> (Minor issue)
 	NOTE: Starting from 2.13-1 it uses commons-collections:commons-collections:3.2.2
@@ -14083,13 +14083,13 @@ CVE-2016-6199
 	NOTE: ObjectSocketWrapper only used by Gradle UI, which was removed in current releases (4.x)
 CVE-2016-6196
 	RESERVED
-CVE-2016-6195
+CVE-2016-6195 (SQL injection vulnerability in forumrunner/includes/moderation.php in  ...)
 	NOT-FOR-US: vBulletin
 CVE-2016-6194
 	RESERVED
-CVE-2016-6193
+CVE-2016-6193 (Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with soft ...)
 	NOT-FOR-US: Huawei
-CVE-2016-6192
+CVE-2016-6192 (Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with soft ...)
 	NOT-FOR-US: Huawei
 CVE-2016-1000026
 	RESERVED
@@ -14130,7 +14130,7 @@ CVE-2016-1000011
 	RESERVED
 CVE-2016-1000010
 	RESERVED
-CVE-2016-6905
+CVE-2016-6905 (The read_image_tga function in gd_tga.c in the GD Graphics Library (ak ...)
 	{DSA-3619-1}
 	- libgd2 2.2.2-29-g3c2b605-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -14140,20 +14140,20 @@ CVE-2016-6905
 	NOTE: Fixed by: https://github.com/libgd/libgd/commit/3c2b605d72e8b080dace1d98a6e50b46c1d12186
 	NOTE: followed by: https://github.com/libgd/libgd/commit/01c61f8ab110a77ae64b5ca67c244c728c506f03
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/12/4
-CVE-2016-6352
+CVE-2016-6352 (The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows  ...)
 	- gdk-pixbuf 2.35.4-1 (bug #832496)
 	[jessie] - gdk-pixbuf <no-dsa> (Minor issue, can be fixed along in a future DSA)
 	[wheezy] - gdk-pixbuf <not-affected> (Fails with ENOMEM, no crash)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/11
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=769170
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=88af50a864195da1a4f7bda5f02539704fbda599
-CVE-2016-6224
+CVE-2016-6224 (ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap  ...)
 	- ecryptfs-utils <not-affected> (Broken code not present; incomplete fix for CVE-2015-8946 not applied)
 	NOTE: Actually due to an incomplete fix of LP#1447282
 	NOTE: https://launchpad.net/bugs/1597154
 	NOTE: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/882
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/2
-CVE-2016-6214
+CVE-2016-6214 (gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows re ...)
 	{DSA-3619-1}
 	- libgd2 2.2.2-29-g3c2b605-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -14161,7 +14161,7 @@ CVE-2016-6214
 	NOTE: https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7
 	NOTE: Different issue than CVE-2016-6132
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/5
-CVE-2016-6223
+CVE-2016-6223 (The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in  ...)
 	{DSA-3762-1 DLA-693-1 DLA-610-1}
 	- tiff 4.0.6-2 (bug #842270)
 	- tiff3 <removed>
@@ -14169,55 +14169,55 @@ CVE-2016-6223
 	NOTE: Upstream patch: https://github.com/vadz/libtiff/commit/0ba5d8814a17a64bdb8d9035f4c533f3f3f4b496
 CVE-2016-1000023
 	REJECTED
-CVE-2016-6213
+CVE-2016-6213 (fs/namespace.c in the Linux kernel before 4.9 does not restrict how ma ...)
 	- linux 4.8.11-1
 	[jessie] - linux 3.16.43-1
 	[wheezy] - linux <no-dsa> (Only exploitable by privileged user; too many changes to backport)
 	NOTE: https://lkml.org/lkml/2016/8/28/269
 	NOTE: Fixed by: https://git.kernel.org/linus/d29216842a85c7970c536108e093963f02714498 (v4.9-rc1)
-CVE-2016-6186
+CVE-2016-6186 (Cross-site scripting (XSS) vulnerability in the dismissChangeRelatedOb ...)
 	{DSA-3622-1 DLA-555-1}
 	- python-django 1:1.9.8-1 (bug #831799)
 	NOTE: https://www.djangoproject.com/weblog/2016/jul/18/security-releases/
-CVE-2016-1000009
+CVE-2016-1000009 (TP-LINK lost control of two domains, www.tplinklogin.net and tplinkext ...)
 	NOT-FOR-US: TP-LINK
 CVE-2016-XXXX [Insecure use of /tmp]
 	- leptonlib 1.73-5 (unimportant; bug #830660)
 	NOTE: Neutralised by kernel hardening
-CVE-2016-6198
+CVE-2016-6198 (The filesystem layer in the Linux kernel before 4.5.5 proceeds with po ...)
 	- linux 4.5.5-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/54d5ca871e72f2bb172ec9323497f01cd5091ec7 (v4.6)
 	NOTE: https://git.kernel.org/linus/9409e22acdfc9153f88d9b1ed2bd2a5b34d2d3ca (v4.6)
-CVE-2016-6197
+CVE-2016-6197 (fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the L ...)
 	- linux 4.6.1-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/11f3710417d026ea2f4fcf362d866342c5274185 (v4.6-rc1)
-CVE-2016-6191
+CVE-2016-6191 (Multiple cross-site scripting (XSS) vulnerabilities in the View Raw So ...)
 	- sogo 3.2.4-0.2
 	[wheezy] - sogo <end-of-life> (not supported in Wheezy LTS)
 	NOTE: https://sogo.nu/bugs/view.php?id=3718
 	NOTE: http://github.com/inverse-inc/sogo/commit/64ce3c9c22fd9a28caabf11e76216cd53d0245aa (SOGo-3.1.3)
-CVE-2016-6190
+CVE-2016-6190 (SOGo before 2.3.12 and 3.x before 3.1.1 does not restrict access to th ...)
 	- sogo 3.2.4-0.2
 	[wheezy] - sogo <end-of-life> (not supported in Wheezy LTS)
 	NOTE: Fix SOGo v2: https://github.com/inverse-inc/sogo/commit/717f45f640a2866b76a8984139391fae64339225 (SOGo-2.3.12)
 	NOTE: Fix SOGo v3: https://github.com/inverse-inc/sogo/commit/875a4aca3218340fd4d3141950c82c2ff45b343d (SOGo-3.1.1)
 	NOTE: https://sogo.nu/bugs/view.php?id=3696
-CVE-2016-6189
+CVE-2016-6189 (Incomplete blacklist in SOGo before 2.3.12 and 3.x before 3.1.1 allows ...)
 	- sogo 3.2.4-0.2
 	[wheezy] - sogo <end-of-life> (not supported in Wheezy LTS)
 	NOTE: Fix SOGo v2: https://github.com/inverse-inc/sogo/commit/717f45f640a2866b76a8984139391fae64339225 (SOGo-2.3.12)
 	NOTE: Fix SOGo v3: https://github.com/inverse-inc/sogo/commit/875a4aca3218340fd4d3141950c82c2ff45b343d (SOGo-3.1.1)
 	NOTE: https://sogo.nu/bugs/view.php?id=3695
-CVE-2016-6188
+CVE-2016-6188 (Memory leak in SOGo 2.3.7 allows remote attackers to cause a denial of ...)
 	- sogo 3.2.4-0.2
 	[wheezy] - sogo <end-of-life> (not supported in Wheezy LTS)
 	NOTE: http://github.com/inverse-inc/sogo/commit/32bb1456e23a32c7f45079c3985bf732dd0d276d (SOGo-2.3.9)
 	NOTE: https://sogo.nu/bugs/view.php?id=3510
-CVE-2016-6187
+CVE-2016-6187 (The apparmor_setprocattr function in security/apparmor/lsm.c in the Li ...)
 	- linux 4.6.4-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -14229,28 +14229,28 @@ CVE-2016-XXXX [GNUTLS-SA-2016-2: certificate verification issue]
 	NOTE: http://gnutls.org/security.html#GNUTLS-SA-2016-2
 	NOTE: Unimportant since Debian's binary packages are not built
 	NOTE: with --with-default-trust-store-pkcs11=
-CVE-2016-6184
+CVE-2016-6184 (The Camera driver in Huawei Honor 4C smartphones with software CHM-UL0 ...)
 	NOT-FOR-US: Huawei Honor
-CVE-2016-6183
+CVE-2016-6183 (The Camera driver in Huawei Honor 4C smartphones with software CHM-UL0 ...)
 	NOT-FOR-US: Huawei Honor
-CVE-2016-6182
+CVE-2016-6182 (The Camera driver in Huawei Honor 4C smartphones with software CHM-UL0 ...)
 	NOT-FOR-US: Huawei Honor
-CVE-2016-6181
+CVE-2016-6181 (The Camera driver in Huawei Honor 4C smartphones with software CHM-UL0 ...)
 	NOT-FOR-US: Huawei Honor
-CVE-2016-6180
+CVE-2016-6180 (The Camera driver in Huawei Honor 4C smartphones with software CHM-UL0 ...)
 	NOT-FOR-US: Huawei Honor
-CVE-2016-6179
+CVE-2016-6179 (The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 be ...)
 	NOT-FOR-US: Huawei Honor
-CVE-2016-6178
+CVE-2016-6178 (Huawei NE40E and CX600 devices with software before V800R007SPH017; PT ...)
 	NOT-FOR-US: Huawei
-CVE-2016-6177
+CVE-2016-6177 (The Huawei OceanStor 5800 V300R003C00 has an integer overflow vulnerab ...)
 	NOT-FOR-US: Huawei
 CVE-2016-6176
 	RESERVED
-CVE-2016-6185
+CVE-2016-6185 (The XSLoader::load method in XSLoader in Perl does not properly locate ...)
 	{DSA-3628-1 DLA-565-1}
 	- perl 5.22.2-2 (bug #829578)
-CVE-2016-6175
+CVE-2016-6175 (Eval injection vulnerability in php-gettext 1.0.12 and earlier allows  ...)
 	- php-gettext <unfixed> (bug #851771)
 	[buster] - php-gettext <no-dsa> (Minor issue)
 	[stretch] - php-gettext <no-dsa> (Minor issue)
@@ -14258,19 +14258,19 @@ CVE-2016-6175
 	[wheezy] - php-gettext <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/php-gettext/+bug/1606184
 	NOTE: https://kmkz-web-blog.blogspot.cz/2016/07/advisory-cve-2016-6175.html
-CVE-2016-6174
+CVE-2016-6174 (applications/core/modules/front/system/content.php in Invision Power S ...)
 	NOT-FOR-US: Inivision
-CVE-2016-6169
+CVE-2016-6169 (Heap-based buffer overflow in Foxit Reader and PhantomPDF 7.3.4.311 an ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2016-6168
+CVE-2016-6168 (Use-after-free vulnerability in Foxit Reader and PhantomPDF 7.3.4.311  ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2016-6167
+CVE-2016-6167 (Multiple untrusted search path vulnerabilities in Putty beta 0.67 allo ...)
 	- putty <not-affected> (Windows-specific)
 CVE-2016-6166
 	RESERVED
 CVE-2016-6165
 	RESERVED
-CVE-2016-6164
+CVE-2016-6164 (Integer overflow in the mov_build_index function in libavformat/mov.c  ...)
 	- ffmpeg 7:3.1.1-1
 	NOTE: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8a3221cc67a516dfc1700bdae3566ec52c7ee823
 CVE-2016-1000101
@@ -14288,47 +14288,47 @@ CVE-2016-1000005
 CVE-2016-1000004
 	RESERVED
 	- hhvm 3.12.11+dfsg-1
-CVE-2016-6173
+CVE-2016-6173 (NSD before 4.1.11 allows remote DNS master servers to cause a denial o ...)
 	- nsd 4.1.11-1 (unimportant; bug #830806)
 	NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=790
 	NOTE: Not considered a security issue due to trust relationship, see #830806
-CVE-2016-6172
+CVE-2016-6172 (PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote pr ...)
 	{DSA-3664-1 DLA-627-1}
 	- pdns 4.0.1-1 (bug #830808)
 	NOTE: https://github.com/PowerDNS/pdns/issues/4128
 	NOTE: Master: https://github.com/PowerDNS/pdns/pull/4133
 	NOTE: 3.4.x: https://github.com/PowerDNS/pdns/pull/4134
-CVE-2016-6171
+CVE-2016-6171 (Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of s ...)
 	- knot 2.3.0-1 (bug #830809)
 	[jessie] - knot <no-dsa> (Minor issue)
 	NOTE: https://gitlab.labs.nic.cz/labs/knot/merge_requests/541
 	NOTE: https://gitlab.labs.nic.cz/labs/knot/issues/464
-CVE-2016-6170
+CVE-2016-6170 (ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x throug ...)
 	- bind9 1:9.10.6+dfsg-1 (unimportant; bug #830810)
 	NOTE: Not fixed upstream, proposed patches below are unofficial:
 	NOTE: Fixed by https://github.com/sischkg/xfer-limit/blob/master/bind-9.10.3-xfer-limit-0.0.1.patch
 	NOTE: Fixed by https://github.com/sischkg/xfer-limit/blob/master/bind-9.9.9-P1-xfer-limit-0.0.1.patch
 	NOTE: Negligible security impact
-CVE-2016-6163
+CVE-2016-6163 (The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librs ...)
 	- librsvg 2.40.9-2
 	[jessie] - librsvg <no-dsa> (Minor issue)
 	[wheezy] - librsvg <not-affected> (vulnerable code not present, no segfault)
 	NOTE: Fixed by: https://git.gnome.org/browse/librsvg/commit/?id=0035e95118a60c0cd3949c2300472d805e16a022 (2.40.7)
 	NOTE: Reproducer attached in http://seclists.org/oss-sec/2016/q3/7
-CVE-2016-6162
+CVE-2016-6162 (net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to ca ...)
 	- linux <not-affected> (Vulnerable code introduced in 4.7-rc1)
-CVE-2016-6161
+CVE-2016-6161 (The output function in gd_gif_out.c in the GD Graphics Library (aka li ...)
 	{DSA-3619-1 DLA-563-1}
 	- libgd2 2.2.1-1
 	NOTE: https://github.com/libgd/libgd/issues/209
 	NOTE: https://github.com/libgd/libgd/commit/82b80dcb70a7ca8986125ff412bceddafc896842 (gd-2.2.0)
-CVE-2016-6159
+CVE-2016-6159 (The management interface of Huawei WS331a routers with software before ...)
 	NOT-FOR-US: Huawei
-CVE-2016-6158
+CVE-2016-6158 (Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei W ...)
 	NOT-FOR-US: Huawei
 CVE-2016-6157
 	RESERVED
-CVE-2016-6156
+CVE-2016-6156 (Race condition in the ec_device_ioctl_xcmd function in drivers/platfor ...)
 	- linux 4.7.2-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -14338,39 +14338,39 @@ CVE-2016-6155
 	RESERVED
 CVE-2016-6154
 	RESERVED
-CVE-2016-6152
+CVE-2016-6152 (CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated ...)
 	NOT-FOR-US: eHealth
-CVE-2016-6151
+CVE-2016-6151 (CA eHealth 6.2.x allows remote authenticated users to cause a denial o ...)
 	NOT-FOR-US: eHealth
-CVE-2016-6150
+CVE-2016-6150 (The multi-tenant database container feature in SAP HANA does not prope ...)
 	NOT-FOR-US: SAP HANA
-CVE-2016-6149
+CVE-2016-6149 (SAP HANA SPS09 1.00.091.00.14186593 allows local users to obtain sensi ...)
 	NOT-FOR-US: SAP HANA
-CVE-2016-6148
+CVE-2016-6148 (SAP HANA DB 1.00.73.00.389160 allows remote attackers to cause a denia ...)
 	NOT-FOR-US: SAP HANA
-CVE-2016-6147
+CVE-2016-6147 (An unspecified interface in SAP TREX 7.10 Revision 63 allows remote at ...)
 	NOT-FOR-US: SAP TREX
-CVE-2016-6146
+CVE-2016-6146 (The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to ...)
 	NOT-FOR-US: SAP
-CVE-2016-6145
+CVE-2016-6145 (The SQL interface in SAP HANA DB 1.00.091.00.1418659308 provides diffe ...)
 	NOT-FOR-US: SAP HANA
-CVE-2016-6144
+CVE-2016-6144 (The SQL interface in SAP HANA before Revision 102 does not limit the n ...)
 	NOT-FOR-US: SAP HANA
-CVE-2016-6143
+CVE-2016-6143 (SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: SAP HANA
-CVE-2016-6142
+CVE-2016-6142 (SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers t ...)
 	NOT-FOR-US: SAP
 CVE-2016-6141
 	RESERVED
-CVE-2016-6140
+CVE-2016-6140 (SAP TREX 7.10 Revision 63 allows remote attackers to write to arbitrar ...)
 	NOT-FOR-US: SAP TREX
-CVE-2016-6139
+CVE-2016-6139 (SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary fi ...)
 	NOT-FOR-US: SAP TREX
-CVE-2016-6138
+CVE-2016-6138 (Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows  ...)
 	NOT-FOR-US: SAP TREX
-CVE-2016-6137
+CVE-2016-6137 (An unspecified function in SAP TREX 7.10 Revision 63 allows remote att ...)
 	NOT-FOR-US: SAP
-CVE-2016-6136
+CVE-2016-6136 (Race condition in the audit_log_single_execve_arg function in kernel/a ...)
 	{DSA-3659-1 DLA-609-1}
 	- linux 4.7.2-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=120681
@@ -14380,16 +14380,16 @@ CVE-2016-6135
 	RESERVED
 CVE-2016-6134
 	RESERVED
-CVE-2016-1000007
+CVE-2016-1000007 (Pagure 2.2.1 XSS in raw file endpoint ...)
 	- pagure <itp> (bug #829046)
 	NOTE: https://pagure.io/pagure/c/070d63983fe5daef92005ea33d3b8c693c224c77
-CVE-2016-6160
+CVE-2016-6160 (tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause  ...)
 	{DLA-544-1}
 	- tcpreplay 3.4.4-3 (bug #829350)
 	[jessie] - tcpreplay 3.4.4-2+deb8u1
-CVE-2016-6133
+CVE-2016-6133 (Cross-site scripting (XSS) vulnerability in Ektron Content Management  ...)
 	NOT-FOR-US: Ektron
-CVE-2016-6153
+CVE-2016-6153 (os_unix.c in SQLite before 3.13.0 improperly implements the temporary  ...)
 	{DLA-543-1}
 	- sqlite3 3.13.0-1
 	[jessie] - sqlite3 3.8.7.1-1+deb8u2
@@ -14397,7 +14397,7 @@ CVE-2016-6153
 	NOTE: http://www.sqlite.org/cgi/src/info/b38fe522cfc971b3
 	NOTE: and possibly http://www.sqlite.org/cgi/src/info/614bb709d34e1148
 	NOTE: https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt
-CVE-2016-6129
+CVE-2016-6129 (The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, a ...)
 	{DLA-612-1}
 	- libtomcrypt 1.17-8 (bug #837042)
 	[jessie] - libtomcrypt <no-dsa> (Minor issue)
@@ -14406,42 +14406,42 @@ CVE-2016-6129
 	NOTE: https://github.com/libtom/libtomcrypt/commit/5eb9743410ce4657e9d54fef26a2ee31a1b5dd09
 	NOTE: The CVE is originally assigend to OP-TEE, but the underlying issue seems to be in
 	NOTE: libtomcrypt, thus keep that source package as well for now associated.
-CVE-2016-6127
+CVE-2016-6127 (Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 4.x b ...)
 	{DSA-3882-1 DLA-987-1}
 	- request-tracker4 4.4.1-4
-CVE-2016-6126
+CVE-2016-6126 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote at ...)
 	NOT-FOR-US: IBM
-CVE-2016-6125
+CVE-2016-6125 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
-CVE-2016-6124
+CVE-2016-6124 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote at ...)
 	NOT-FOR-US: IBM
-CVE-2016-6123
+CVE-2016-6123 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
-CVE-2016-6122
+CVE-2016-6122 (IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 discloses answers to se ...)
 	NOT-FOR-US: IBM
-CVE-2016-6121
+CVE-2016-6121 (IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x is vulner ...)
 	NOT-FOR-US: IBM
 CVE-2016-6120
 	RESERVED
 CVE-2016-6119
 	RESERVED
-CVE-2016-6118
+CVE-2016-6118 (IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to c ...)
 	NOT-FOR-US: IBM
-CVE-2016-6117
+CVE-2016-6117 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 can be deployed with acti ...)
 	NOT-FOR-US: IBM
-CVE-2016-6116
+CVE-2016-6116 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 could allow a remote atta ...)
 	NOT-FOR-US: IBM
-CVE-2016-6115
+CVE-2016-6115 (IBM General Parallel File System is vulnerable to a buffer overflow. A ...)
 	NOT-FOR-US: IBM
-CVE-2016-6114
+CVE-2016-6114 (IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
-CVE-2016-6113
+CVE-2016-6113 (IBM Verse is vulnerable to cross-site scripting. This vulnerability al ...)
 	NOT-FOR-US: IBM
-CVE-2016-6112
+CVE-2016-6112 (IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10 ...)
 	NOT-FOR-US: IBM
-CVE-2016-6111
+CVE-2016-6111 (IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a de ...)
 	NOT-FOR-US: IBM
-CVE-2016-6110
+CVE-2016-6110 (IBM Tivoli Storage Manager discloses unencrypted login credentials to  ...)
 	NOT-FOR-US: IBM
 CVE-2016-6109
 	RESERVED
@@ -14451,63 +14451,63 @@ CVE-2016-6107
 	RESERVED
 CVE-2016-6106
 	RESERVED
-CVE-2016-6105
+CVE-2016-6105 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 do not perform an authent ...)
 	NOT-FOR-US: IBM
-CVE-2016-6104
+CVE-2016-6104 (IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote att ...)
 	NOT-FOR-US: IBM
-CVE-2016-6103
+CVE-2016-6103 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 is vulnerable to cross-si ...)
 	NOT-FOR-US: IBM
-CVE-2016-6102
+CVE-2016-6102 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 stores sensitive informat ...)
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
 CVE-2016-6101
 	RESERVED
-CVE-2016-6100
+CVE-2016-6100 (IBM Disposal and Governance Management for IT and IBM Global Retention ...)
 	NOT-FOR-US: IBM
-CVE-2016-6099
+CVE-2016-6099 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 discloses sensitive infor ...)
 	NOT-FOR-US: IBM
-CVE-2016-6098
+CVE-2016-6098 (IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permiss ...)
 	NOT-FOR-US: IBM
-CVE-2016-6097
+CVE-2016-6097 (IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 allows web pages  ...)
 	NOT-FOR-US: IBM
-CVE-2016-6096
+CVE-2016-6096 (IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 is vulnerable to  ...)
 	NOT-FOR-US: IBM
-CVE-2016-6095
+CVE-2016-6095 (IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 uses an inadequate accoun ...)
 	NOT-FOR-US: IBM
-CVE-2016-6094
+CVE-2016-6094 (IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 generates an erro ...)
 	NOT-FOR-US: IBM
-CVE-2016-6093
+CVE-2016-6093 (IBM Tivoli Key Lifecycle Manager does not require that users should ha ...)
 	NOT-FOR-US: IBM
-CVE-2016-6092
+CVE-2016-6092 (IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 stores user crede ...)
 	NOT-FOR-US: IBM
 CVE-2016-6091
 	REJECTED
-CVE-2016-6090
+CVE-2016-6090 (IBM WebSphere Commerce contains an unspecified vulnerability that coul ...)
 	NOT-FOR-US: IBM
-CVE-2016-6089
+CVE-2016-6089 (IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write t ...)
 	NOT-FOR-US: IBM
 CVE-2016-6088
 	RESERVED
-CVE-2016-6087
+CVE-2016-6087 (IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials us ...)
 	NOT-FOR-US: IBM
 CVE-2016-6086
 	RESERVED
-CVE-2016-6085
+CVE-2016-6085 (IBM BigFix Platform could allow an attacker on the local network to cr ...)
 	NOT-FOR-US: IBM
-CVE-2016-6084
+CVE-2016-6084 (IBM BigFix Platform could allow an attacker on the local network to cr ...)
 	NOT-FOR-US: IBM
-CVE-2016-6083
+CVE-2016-6083 (IBM Tivoli Monitoring V6 could allow an unauthenticated user to access ...)
 	NOT-FOR-US: IBM
-CVE-2016-6082
+CVE-2016-6082 (IBM BigFix Platform could allow a remote attacker to execute arbitrary ...)
 	NOT-FOR-US: IBM
 CVE-2016-6081
 	RESERVED
-CVE-2016-6080
+CVE-2016-6080 (The WebAdmin context for WebSphere Message Broker allows directory lis ...)
 	NOT-FOR-US: IBM
-CVE-2016-6079
+CVE-2016-6079 (IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability t ...)
 	NOT-FOR-US: IBM
 CVE-2016-6078
 	RESERVED
-CVE-2016-6077
+CVE-2016-6077 (IBM Cognos Disclosure Management 10.2 could allow a malicious attacker ...)
 	NOT-FOR-US: IBM
 CVE-2016-6076
 	RESERVED
@@ -14517,7 +14517,7 @@ CVE-2016-6074
 	RESERVED
 CVE-2016-6073
 	RESERVED
-CVE-2016-6072
+CVE-2016-6072 (IBM Maximo Asset Management is vulnerable to cross-site scripting. Thi ...)
 	NOT-FOR-US: IBM
 CVE-2016-6071
 	RESERVED
@@ -14525,35 +14525,35 @@ CVE-2016-6070
 	RESERVED
 CVE-2016-6069
 	RESERVED
-CVE-2016-6068
+CVE-2016-6068 (IBM UrbanCode Deploy could allow an authenticated user with access to  ...)
 	NOT-FOR-US: IBM
 CVE-2016-6067
 	RESERVED
 CVE-2016-6066
 	RESERVED
-CVE-2016-6065
+CVE-2016-6065 (IBM Security Guardium Database Activity Monitor appliance could allow  ...)
 	NOT-FOR-US: IBM
 CVE-2016-6064
 	RESERVED
 CVE-2016-6063
 	RESERVED
-CVE-2016-6062
+CVE-2016-6062 (IBM Resilient v26.0, v26.1, and v26.2 is vulnerable to cross-site scri ...)
 	NOT-FOR-US: IBM
-CVE-2016-6061
+CVE-2016-6061 (IBM Jazz Foundation is vulnerable to cross-site scripting. This vulner ...)
 	NOT-FOR-US: IBM
-CVE-2016-6060
+CVE-2016-6060 (An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-6059
+CVE-2016-6059 (IBM InfoSphere Information Server is vulnerable to a denial of service ...)
 	NOT-FOR-US: IBM
 CVE-2016-6058
 	RESERVED
 CVE-2016-6057
 	RESERVED
-CVE-2016-6056
+CVE-2016-6056 (IBM Call Center for Commerce 9.3 and 9.4 is vulnerable to cross-site s ...)
 	NOT-FOR-US: IBM Call Center for Commerce
-CVE-2016-6055
+CVE-2016-6055 (IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to  ...)
 	NOT-FOR-US: IBM
-CVE-2016-6054
+CVE-2016-6054 (IBM Jazz Foundation is vulnerable to cross-site scripting. This vulner ...)
 	NOT-FOR-US: IBM
 CVE-2016-6053
 	RESERVED
@@ -14567,65 +14567,65 @@ CVE-2016-6049
 	RESERVED
 CVE-2016-6048
 	RESERVED
-CVE-2016-6047
+CVE-2016-6047 (IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2016-6046
+CVE-2016-6046 (IBM Tivoli Storage Manager Operations Center is vulnerable to cross-si ...)
 	NOT-FOR-US: IBM
-CVE-2016-6045
+CVE-2016-6045 (IBM Tivoli Storage Manager Operations Center is vulnerable to cross-si ...)
 	NOT-FOR-US: IBM
-CVE-2016-6044
+CVE-2016-6044 (IBM Tivoli Storage Manager Operations Center could allow an authentica ...)
 	NOT-FOR-US: IBM
-CVE-2016-6043
+CVE-2016-6043 (Tivoli Storage Manager Operations Center could allow a local user to t ...)
 	NOT-FOR-US: IBM
-CVE-2016-6042
+CVE-2016-6042 (IBM AppScan Enterprise Edition could allow a remote attacker to execut ...)
 	NOT-FOR-US: IBM
 CVE-2016-6041
 	RESERVED
-CVE-2016-6040
+CVE-2016-6040 (IBM Jazz Foundation could allow an authenticated user to take over a p ...)
 	NOT-FOR-US: IBM
-CVE-2016-6039
+CVE-2016-6039 (IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2016-6038
+CVE-2016-6038 (Directory traversal vulnerability in Eclipse Help in IBM Tivoli Lightw ...)
 	NOT-FOR-US: Tivoli
-CVE-2016-6037
+CVE-2016-6037 (IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A rem ...)
 	NOT-FOR-US: IBM
-CVE-2016-6036
+CVE-2016-6036 (IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to ...)
 	NOT-FOR-US: IBM
-CVE-2016-6035
+CVE-2016-6035 (IBM Rational Quality Manager is vulnerable to cross-site scripting. Th ...)
 	NOT-FOR-US: IBM
-CVE-2016-6034
+CVE-2016-6034 (IBM Tivoli Storage Manager for Virtual Environments (VMware) could dis ...)
 	NOT-FOR-US: IBM
-CVE-2016-6033
+CVE-2016-6033 (IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vu ...)
 	NOT-FOR-US: IBM
-CVE-2016-6032
+CVE-2016-6032 (IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
-CVE-2016-6031
+CVE-2016-6031 (IBM Rational Quality Manager 4.0, 5.0, and 6.0 are vulnerable to cross ...)
 	NOT-FOR-US: IBM
-CVE-2016-6030
+CVE-2016-6030 (IBM Jazz Foundation is vulnerable to cross-site scripting. This vulner ...)
 	NOT-FOR-US: IBM
-CVE-2016-6029
+CVE-2016-6029 (IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 could  ...)
 	NOT-FOR-US: IBM
-CVE-2016-6028
+CVE-2016-6028 (IBM Jazz technology based products might allow an attacker to view wor ...)
 	NOT-FOR-US: IBM
-CVE-2016-6027
+CVE-2016-6027 (The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 bef ...)
 	NOT-FOR-US: IBM
-CVE-2016-6026
+CVE-2016-6026 (The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 bef ...)
 	NOT-FOR-US: IBM
-CVE-2016-6025
+CVE-2016-6025 (The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 bef ...)
 	NOT-FOR-US: IBM
-CVE-2016-6024
+CVE-2016-6024 (IBM Jazz technology based products might divulge information that migh ...)
 	NOT-FOR-US: IBM
-CVE-2016-6023
+CVE-2016-6023 (Directory traversal vulnerability in the Configuration Manager in IBM  ...)
 	NOT-FOR-US: IBM
-CVE-2016-6022
+CVE-2016-6022 (IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-si ...)
 	NOT-FOR-US: IBM
-CVE-2016-6021
+CVE-2016-6021 (IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vul ...)
 	NOT-FOR-US: IBM
-CVE-2016-6020
+CVE-2016-6020 (IBM Sterling B2B Integrator Standard Edition could allow a remote atta ...)
 	NOT-FOR-US: IBM
-CVE-2016-6019
+CVE-2016-6019 (IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10. ...)
 	NOT-FOR-US: IBM
-CVE-2016-6018
+CVE-2016-6018 (IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error  ...)
 	NOT-FOR-US: IBM
 CVE-2016-6017
 	RESERVED
@@ -14659,145 +14659,145 @@ CVE-2016-6003
 	RESERVED
 CVE-2016-6002
 	RESERVED
-CVE-2016-6001
+CVE-2016-6001 (IBM Forms Experience Builder could be susceptible to a server-side req ...)
 	NOT-FOR-US: IBM
-CVE-2016-6000
+CVE-2016-6000 (IBM TRIRIGA Application Platform is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
 CVE-2016-5999
 	RESERVED
 CVE-2016-5998
 	RESERVED
-CVE-2016-5997
+CVE-2016-5997 (The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP ...)
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2016-5996
+CVE-2016-5996 (The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP ...)
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2016-5995
+CVE-2016-5995 (Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1  ...)
 	NOT-FOR-US: IBM
-CVE-2016-5994
+CVE-2016-5994 (IBM InfoSphere Information Server contains a vulnerability that would  ...)
 	NOT-FOR-US: IBM
 CVE-2016-5993
 	RESERVED
-CVE-2016-5992
+CVE-2016-5992 (IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-5991
+CVE-2016-5991 (IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-5990
+CVE-2016-5990 (IBM Security Privileged Identity Manager Virtual Appliance allows an a ...)
 	NOT-FOR-US: IBM
 CVE-2016-5989
 	RESERVED
-CVE-2016-5988
+CVE-2016-5988 (IBM Security Privileged Identity Manager Virtual Appliance could discl ...)
 	NOT-FOR-US: IBM
-CVE-2016-5987
+CVE-2016-5987 (IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.10  ...)
 	NOT-FOR-US: IBM
-CVE-2016-5986
+CVE-2016-5986 (IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x befo ...)
 	NOT-FOR-US: IBM
-CVE-2016-5985
+CVE-2016-5985 (The IBM Tivoli Storage Manager (IBM Spectrum Protect) AIX client is vu ...)
 	NOT-FOR-US: IBM
-CVE-2016-5984
+CVE-2016-5984 (IBM InfoSphere Information Server is vulnerable to cross-frame scripti ...)
 	NOT-FOR-US: IBM
-CVE-2016-5983
+CVE-2016-5983 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before ...)
 	NOT-FOR-US: IBM
 CVE-2016-5982
 	RESERVED
-CVE-2016-5981
+CVE-2016-5981 (Cross-site scripting (XSS) vulnerability in IBM FileNet Workplace XT t ...)
 	NOT-FOR-US: IBM
-CVE-2016-5980
+CVE-2016-5980 (IBM TRIRIGA Application Platform is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2016-5979
+CVE-2016-5979 (IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged  ...)
 	NOT-FOR-US: IBM
-CVE-2016-5978
+CVE-2016-5978 (Cross-site scripting (XSS) vulnerability in the Web UI in the web port ...)
 	NOT-FOR-US: IBM
-CVE-2016-5977
+CVE-2016-5977 (Open redirect vulnerability in the web portal in IBM Tealeaf Customer  ...)
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2016-5976
+CVE-2016-5976 (The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP ...)
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2016-5975
+CVE-2016-5975 (Cross-site scripting (XSS) vulnerability in the Web UI in the web port ...)
 	NOT-FOR-US: IBM
-CVE-2016-5974
+CVE-2016-5974 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Security ...)
 	NOT-FOR-US: IBM
 CVE-2016-5973
 	RESERVED
-CVE-2016-5972
+CVE-2016-5972 (IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x ...)
 	NOT-FOR-US: IBM Security Privileged Identity Manager
-CVE-2016-5971
+CVE-2016-5971 (IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x ...)
 	NOT-FOR-US: IBM Security Privileged Identity Manager
-CVE-2016-5970
+CVE-2016-5970 (Directory traversal vulnerability in IBM Security Privileged Identity  ...)
 	NOT-FOR-US: IBM Security Privileged Identity Manager
 CVE-2016-5969
 	RESERVED
-CVE-2016-5968
+CVE-2016-5968 (The Replay Server in IBM Tealeaf Customer Experience 8.x before 8.7.1. ...)
 	NOT-FOR-US: IBM
-CVE-2016-5967
+CVE-2016-5967 (The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0  ...)
 	NOT-FOR-US: IBM
-CVE-2016-5966
+CVE-2016-5966 (IBM Security Privileged Identity Manager Virtual Appliance could allow ...)
 	NOT-FOR-US: IBM
 CVE-2016-5965
 	RESERVED
-CVE-2016-5964
+CVE-2016-5964 (IBM Security Privileged Identity Manager Virtual Appliance version 2.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-5963
+CVE-2016-5963 (IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x ...)
 	NOT-FOR-US: IBM
 CVE-2016-5962
 	RESERVED
 CVE-2016-5961
 	RESERVED
-CVE-2016-5960
+CVE-2016-5960 (IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores user c ...)
 	NOT-FOR-US: IBM
-CVE-2016-5959
+CVE-2016-5959 (IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores sensit ...)
 	NOT-FOR-US: IBM
-CVE-2016-5958
+CVE-2016-5958 (IBM Security Privileged Identity Manager could allow a remote attacker ...)
 	NOT-FOR-US: IBM
-CVE-2016-5957
+CVE-2016-5957 (IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x ...)
 	NOT-FOR-US: IBM
 CVE-2016-5956
 	RESERVED
-CVE-2016-5955
+CVE-2016-5955 (Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Ge ...)
 	NOT-FOR-US: IBM
-CVE-2016-5954
+CVE-2016-5954 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM
-CVE-2016-5953
+CVE-2016-5953 (IBM Sterling Order Management transmits the session identifier within  ...)
 	NOT-FOR-US: IBM
-CVE-2016-5952
+CVE-2016-5952 (IBM Kenexa LCMS Premier on Cloud is vulnerable to SQL injection. A rem ...)
 	NOT-FOR-US: IBM
-CVE-2016-5951
+CVE-2016-5951 (IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2016-5950
+CVE-2016-5950 (IBM Kenexa LCMS Premier on Cloud stores user credentials in plain in c ...)
 	NOT-FOR-US: IBM
-CVE-2016-5949
+CVE-2016-5949 (IBM Kenexa LCMS Premier on Cloud could allow an authenticated user to  ...)
 	NOT-FOR-US: IBM
-CVE-2016-5948
+CVE-2016-5948 (IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2016-5947
+CVE-2016-5947 (IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2 ...)
 	NOT-FOR-US: IBM
-CVE-2016-5946
+CVE-2016-5946 (Directory traversal vulnerability in IBM Spectrum Control (formerly Ti ...)
 	NOT-FOR-US: IBM
-CVE-2016-5945
+CVE-2016-5945 (IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2 ...)
 	NOT-FOR-US: IBM
-CVE-2016-5944
+CVE-2016-5944 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Spectrum ...)
 	NOT-FOR-US: IBM
-CVE-2016-5943
+CVE-2016-5943 (IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2 ...)
 	NOT-FOR-US: IBM
-CVE-2016-5942
+CVE-2016-5942 (IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This vu ...)
 	NOT-FOR-US: IBM
-CVE-2016-5941
+CVE-2016-5941 (IBM Kenexa LMS on Cloud could allow a remote attacker to traverse dire ...)
 	NOT-FOR-US: IBM
-CVE-2016-5940
+CVE-2016-5940 (IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This vu ...)
 	NOT-FOR-US: IBM
-CVE-2016-5939
+CVE-2016-5939 (IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attac ...)
 	NOT-FOR-US: IBM
-CVE-2016-5938
+CVE-2016-5938 (IBM Kenexa LMS on Cloud allows web pages to be stored locally which ca ...)
 	NOT-FOR-US: IBM
-CVE-2016-5937
+CVE-2016-5937 (IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site request f ...)
 	NOT-FOR-US: IBM
 CVE-2016-5936
 	RESERVED
-CVE-2016-5935
+CVE-2016-5935 (IBM Jazz for Service Management could allow a remote attacker to obtai ...)
 	NOT-FOR-US: IBM
-CVE-2016-5934
+CVE-2016-5934 (IBM Tivoli Storage Manager FastBack installer could allow a remote att ...)
 	NOT-FOR-US: IBM
-CVE-2016-5933
+CVE-2016-5933 (IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host heade ...)
 	NOT-FOR-US: IBM
-CVE-2016-5932
+CVE-2016-5932 (IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site scr ...)
 	NOT-FOR-US: IBM
 CVE-2016-5931
 	RESERVED
@@ -14807,7 +14807,7 @@ CVE-2016-5929
 	RESERVED
 CVE-2016-5928
 	RESERVED
-CVE-2016-5927
+CVE-2016-5927 (IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect  ...)
 	NOT-FOR-US: IBM
 CVE-2016-5926
 	RESERVED
@@ -14821,11 +14821,11 @@ CVE-2016-5922
 	RESERVED
 CVE-2016-5921
 	RESERVED
-CVE-2016-5920
+CVE-2016-5920 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financia ...)
 	NOT-FOR-US: IBM
-CVE-2016-5919
+CVE-2016-5919 (IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weake ...)
 	NOT-FOR-US: IBM
-CVE-2016-5918
+CVE-2016-5918 (IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivo ...)
 	NOT-FOR-US: IBM
 CVE-2016-5917
 	RESERVED
@@ -14851,41 +14851,41 @@ CVE-2016-5907
 	RESERVED
 CVE-2016-5906
 	RESERVED
-CVE-2016-5905
+CVE-2016-5905 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM
 CVE-2016-5904
 	RESERVED
 CVE-2016-5903
 	RESERVED
-CVE-2016-5902
+CVE-2016-5902 (IBM Maximo Asset Management is vulnerable to cross-site scripting. Thi ...)
 	NOT-FOR-US: IBM
-CVE-2016-5901
+CVE-2016-5901 (Cross-site scripting (XSS) vulnerability in a test page in IBM Busines ...)
 	NOT-FOR-US: IBM
-CVE-2016-5900
+CVE-2016-5900 (IBM Tealeaf Customer Experience on Cloud Network Capture Add-On could  ...)
 	NOT-FOR-US: IBM
-CVE-2016-5899
+CVE-2016-5899 (IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2016-5898
+CVE-2016-5898 (IBM Jazz Reporting Service (JRS) could allow a remote attacker to obta ...)
 	NOT-FOR-US: IBM
-CVE-2016-5897
+CVE-2016-5897 (IBM Jazz Reporting Service (JRS) is vulnerable to HTML injection. A re ...)
 	NOT-FOR-US: IBM
-CVE-2016-5896
+CVE-2016-5896 (IBM Maximo Asset Management could disclose sensitive information from  ...)
 	NOT-FOR-US: IBM
 CVE-2016-5895
 	RESERVED
-CVE-2016-5894
+CVE-2016-5894 (IBM WebSphere Commerce Enterprise, Professional, Express, and Develope ...)
 	NOT-FOR-US: IBM
-CVE-2016-5893
+CVE-2016-5893 (IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to b ...)
 	NOT-FOR-US: IBM
-CVE-2016-5892
+CVE-2016-5892 (Cross-site scripting (XSS) vulnerability in IBM 10x, as used in Multi- ...)
 	NOT-FOR-US: IBM
 CVE-2016-5891
 	RESERVED
-CVE-2016-5890
+CVE-2016-5890 (IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 50 ...)
 	NOT-FOR-US: IBM
-CVE-2016-5889
+CVE-2016-5889 (IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site reque ...)
 	NOT-FOR-US: IBM
-CVE-2016-5888
+CVE-2016-5888 (IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scrip ...)
 	NOT-FOR-US: IBM
 CVE-2016-5887
 	RESERVED
@@ -14893,29 +14893,29 @@ CVE-2016-5886
 	RESERVED
 CVE-2016-5885
 	RESERVED
-CVE-2016-5884
+CVE-2016-5884 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability a ...)
 	NOT-FOR-US: IBM
-CVE-2016-5883
+CVE-2016-5883 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vul ...)
 	NOT-FOR-US: IBM
-CVE-2016-5882
+CVE-2016-5882 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability a ...)
 	NOT-FOR-US: IBM
-CVE-2016-5881
+CVE-2016-5881 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability a ...)
 	NOT-FOR-US: IBM
-CVE-2016-5880
+CVE-2016-5880 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability a ...)
 	NOT-FOR-US: IBM
-CVE-2016-5879
+CVE-2016-5879 (MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users t ...)
 	NOT-FOR-US: IBM
-CVE-2016-5878
+CVE-2016-5878 (Open redirect vulnerability in IBM FileNet Workplace 4.0.2 before 4.0. ...)
 	NOT-FOR-US: IBM
 CVE-2016-5877
 	RESERVED
-CVE-2016-6132
+CVE-2016-6132 (The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka l ...)
 	{DSA-3619-1}
 	- libgd2 2.2.2-29-g3c2b605-1 (bug #829694)
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/libgd/libgd/issues/247
 	NOTE: https://github.com/libgd/libgd/commit/ead349e99868303b37f5e6e9d9d680c9dc71ff8d
-CVE-2016-6131
+CVE-2016-6131 (The demangler in GNU Libiberty allows remote attackers to cause a deni ...)
 	{DLA-552-1}
 	- libiberty 20161017-1 (low; bug #840889)
 	[jessie] - libiberty <no-dsa> (Minor issue)
@@ -14926,12 +14926,12 @@ CVE-2016-6131
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71696
 	NOTE: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=239143
-CVE-2016-6130
+CVE-2016-6130 (Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/cha ...)
 	{DSA-3616-1}
 	- linux 4.6.1-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/532c34b5fbf1687df63b3fcd5b2846312ac943c6
-CVE-2016-6128
+CVE-2016-6128 (The gdImageCropThreshold function in gd_crop.c in the GD Graphics Libr ...)
 	{DSA-3619-1}
 	- libgd2 2.2.2-29-g3c2b605-1 (bug #829062)
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -14943,155 +14943,155 @@ CVE-2016-6128
 	[wheezy] - php5 <not-affected> (Vulnerable code not present)
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72494
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
-CVE-2016-5876
+CVE-2016-5876 (ownCloud server before 8.2.6 and 9.x before 9.0.3, when the gallery ap ...)
 	- owncloud <removed>
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-010
 CVE-2016-5875
 	REJECTED
-CVE-2016-5874
+CVE-2016-5874 (Siemens SIMATIC NET PC-Software before 13 SP2 allows remote attackers  ...)
 	NOT-FOR-US: Siemens
-CVE-2016-5872
+CVE-2016-5872 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5871
+CVE-2016-5871 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5870
+CVE-2016-5870 (The msm_ipc_router_close function in net/ipc_router/ipc_router_socket. ...)
 	- linux <not-affected> (Qualcomm-specific kernel patch)
 CVE-2016-5869
 	RESERVED
-CVE-2016-5868
+CVE-2016-5868 (drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5867
+CVE-2016-5867 (In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-5866
 	RESERVED
 CVE-2016-5865
 	RESERVED
-CVE-2016-5864
+CVE-2016-5864 (In an audio driver function in all Qualcomm products with Android for  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5863
+CVE-2016-5863 (In an ioctl handler in all Qualcomm products with Android for MSM, Fir ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5862
+CVE-2016-5862 (When a control related to codec is issued from userspace in all Qualco ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5861
+CVE-2016-5861 (In a display driver in all Qualcomm products with Android for MSM, Fir ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5860
+CVE-2016-5860 (In an audio driver in all Qualcomm products with Android for MSM, Fire ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5859
+CVE-2016-5859 (In a sound driver in all Qualcomm products with Android for MSM, Firef ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5858
+CVE-2016-5858 (In an ioctl handler in all Qualcomm products with Android for MSM, Fir ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5857
+CVE-2016-5857 (The Qualcomm SPCom driver in Android before 7.0 allows local users to  ...)
 	NOTE: Red Hat seem to have typoed the CVE, which should be CVE-2016-5875, asked to confirm
-CVE-2016-5856
+CVE-2016-5856 (Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android k ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5855
+CVE-2016-5855 (In a driver in all Qualcomm products with Android for MSM, Firefox OS  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5854
+CVE-2016-5854 (In a driver in all Qualcomm products with Android for MSM, Firefox OS  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5853
+CVE-2016-5853 (In an audio driver in all Qualcomm products with Android releases from ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5852
+CVE-2016-5852 (For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and N ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2016-5850
+CVE-2016-5850 (Cross-site scripting (XSS) vulnerability in the volume backup service  ...)
 	NOT-FOR-US: Huawei
-CVE-2016-5873
+CVE-2016-5873 (Buffer overflow in the HTTP URL parsing functions in pecl_http before  ...)
 	- php-pecl-http 3.0.1-0.1
 	[jessie] - php-pecl-http <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.php.net/bug.php?id=71719
 	NOTE: https://github.com/m6w6/ext-http/commit/3724cd76a28be1d6049b5537232e97ac567ae1f5/def
-CVE-2016-5851
+CVE-2016-5851 (python-docx before 0.8.6 allows context-dependent attackers to conduct ...)
 	NOT-FOR-US: python-docx
-CVE-2016-5849
+CVE-2016-5849 (Siemens SICAM PAS through 8.07 allows local users to obtain sensitive  ...)
 	NOT-FOR-US: Siemens SICAM PAS
-CVE-2016-5848
+CVE-2016-5848 (Siemens SICAM PAS before 8.07 does not properly restrict password data ...)
 	NOT-FOR-US: Siemens SICAM PAS
-CVE-2016-5847
+CVE-2016-5847 (SAP SAPCAR allows local users to change the permissions of arbitrary f ...)
 	NOT-FOR-US: SAP SAPCAR
 CVE-2016-5846
 	RESERVED
-CVE-2016-5845
+CVE-2016-5845 (SAP SAPCAR does not check the return value of file operations when ext ...)
 	NOT-FOR-US: SAP SAPCAR
-CVE-2016-5843
+CVE-2016-5843 (Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2 ...)
 	NOT-FOR-US: OTRS addon
-CVE-2016-5840
+CVE-2016-5840 (hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3 ...)
 	NOT-FOR-US: Trend Micro Deep Discovery Inspector
 CVE-2016-5831
 	RESERVED
 CVE-2016-5830
 	RESERVED
-CVE-2016-5822
+CVE-2016-5822 (Huawei Oceanstor 5800 before V300R002C10SPC100 allows remote attackers ...)
 	NOT-FOR-US: Huawei
-CVE-2016-5821
+CVE-2016-5821 (Huawei HiSuite before 4.0.4.204_ove (Out of China) and before 4.0.4.30 ...)
 	NOT-FOR-US: Huawei HiSuite
 CVE-2016-5820
 	REJECTED
 CVE-2016-5819
 	RESERVED
-CVE-2016-5818
+CVE-2016-5818 (An issue was discovered in Schneider Electric PowerLogic PM8ECC device ...)
 	NOT-FOR-US: Schneider
-CVE-2016-5817
+CVE-2016-5817 (SQL injection vulnerability in news pages in Cargotec Navis WebAccess  ...)
 	NOT-FOR-US: Cargotec
-CVE-2016-5816
+CVE-2016-5816 (A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305- ...)
 	NOT-FOR-US: Westermo
-CVE-2016-5815
+CVE-2016-5815 (An issue was discovered on Schneider Electric IONXXXX series power met ...)
 	NOT-FOR-US: Schneider
-CVE-2016-5814
+CVE-2016-5814 (Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSL ...)
 	NOT-FOR-US: Rockwell
-CVE-2016-5813
+CVE-2016-5813 (An issue was discovered in Visonic PowerLink2, all versions prior to O ...)
 	NOT-FOR-US: Visonic PowerLink
-CVE-2016-5812
+CVE-2016-5812 (Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3 ...)
 	NOT-FOR-US: Moxa
-CVE-2016-5811
+CVE-2016-5811 (An issue was discovered in Visonic PowerLink2, all versions prior to O ...)
 	NOT-FOR-US: Visonic PowerLink
-CVE-2016-5810
+CVE-2016-5810 (upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2016-5809
+CVE-2016-5809 (An issue was discovered on Schneider Electric IONXXXX series power met ...)
 	NOT-FOR-US: Schneider
 CVE-2016-5808
 	REJECTED
-CVE-2016-5807
+CVE-2016-5807 (Tollgrade LightHouse SMS before 5.1 patch 3 allows remote authenticate ...)
 	NOT-FOR-US: Tollgrade
 CVE-2016-5806
 	REJECTED
-CVE-2016-5805
+CVE-2016-5805 (An issue was discovered in Delta Electronics WPLSoft, Versions prior t ...)
 	NOT-FOR-US: Delta Electronics WPLSoft
-CVE-2016-5804
+CVE-2016-5804 (Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 be ...)
 	NOT-FOR-US: Moxa
-CVE-2016-5803
+CVE-2016-5803 (An issue was discovered in CA Unified Infrastructure Management Versio ...)
 	NOT-FOR-US: CA Unified Infrastructure Management
-CVE-2016-5802
+CVE-2016-5802 (An issue was discovered in Delta Electronics WPLSoft, Versions prior t ...)
 	NOT-FOR-US: Delta Electronics WPLSoft
-CVE-2016-5801
+CVE-2016-5801 (An issue was discovered in OmniMetrix OmniView, Version 1.2. Insuffici ...)
 	NOT-FOR-US: OmniMetrix OmniView
 CVE-2016-5800
 	RESERVED
-CVE-2016-5799
+CVE-2016-5799 (Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3 ...)
 	NOT-FOR-US: Moxa
-CVE-2016-5798
+CVE-2016-5798 (An issue was discovered in Fatek Automation PM Designer V3 Version 2.1 ...)
 	NOT-FOR-US: Fatek Automation PM Designer
-CVE-2016-5797
+CVE-2016-5797 (Tollgrade LightHouse SMS before 5.1 patch 3 provides different error m ...)
 	NOT-FOR-US: Tollgrade
-CVE-2016-5796
+CVE-2016-5796 (An issue was discovered in Fatek Automation PM Designer V3 Version 2.1 ...)
 	NOT-FOR-US: Fatek Automation PM Designer
-CVE-2016-5795
+CVE-2016-5795 (An XXE issue was discovered in Automated Logic Corporation (ALC) Liebe ...)
 	NOT-FOR-US: Automated Logic Corporation (ALC)
 CVE-2016-5794
 	REJECTED
-CVE-2016-5793
+CVE-2016-5793 (Unquoted Windows search path vulnerability in Moxa Active OPC Server b ...)
 	NOT-FOR-US: Moxa
-CVE-2016-5792
+CVE-2016-5792 (SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote a ...)
 	NOT-FOR-US: Moxa
-CVE-2016-5791
+CVE-2016-5791 (An Improper Authentication issue was discovered in JanTek JTC-200, all ...)
 	NOT-FOR-US: JanTek JTC-200
-CVE-2016-5790
+CVE-2016-5790 (Tollgrade LightHouse SMS before 5.1 patch 3 allows remote attackers to ...)
 	NOT-FOR-US: Tollgrade
-CVE-2016-5789
+CVE-2016-5789 (A Cross-site Request Forgery issue was discovered in JanTek JTC-200, a ...)
 	NOT-FOR-US: JanTek JTC-200
-CVE-2016-5788
+CVE-2016-5788 (General Electric (GE) Bently Nevada 3500/22M USB with firmware before  ...)
 	NOT-FOR-US: General Electric (GE) Bently Nevada
-CVE-2016-5787
+CVE-2016-5787 (General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8. ...)
 	NOT-FOR-US: CIMPLICITY
-CVE-2016-5786
+CVE-2016-5786 (An issue was discovered in OmniMetrix OmniView, Version 1.2. The OmniV ...)
 	NOT-FOR-US: OmniMetrix OmniView
 CVE-2016-5785
 	RESERVED
@@ -15099,9 +15099,9 @@ CVE-2016-5784
 	RESERVED
 CVE-2016-5783
 	RESERVED
-CVE-2016-5782
+CVE-2016-5782 (An issue was discovered in Locus Energy LGate prior to 1.05H, LGate 50 ...)
 	NOT-FOR-US: Locus Energy LGate
-CVE-2016-5781
+CVE-2016-5781 (Stack-based buffer overflow in WECON LeviStudio allows remote attacker ...)
 	NOT-FOR-US: LeviStudio
 CVE-2016-5780
 	RESERVED
@@ -15115,78 +15115,78 @@ CVE-2016-5776
 	RESERVED
 CVE-2016-5775
 	RESERVED
-CVE-2016-5774
+CVE-2016-5774 (The HTTPS server in Blue Coat PacketShaper S-Series 11.5.x before 11.5 ...)
 	NOT-FOR-US: Blue Coat
-CVE-2016-5765
+CVE-2016-5765 (Administrative Server in Micro Focus Host Access Management and Securi ...)
 	NOT-FOR-US: Micro Focus
-CVE-2016-5764
+CVE-2016-5764 (Micro Focus Rumba FTP 4.X client buffer overflow makes it possible to  ...)
 	NOT-FOR-US: Micro Focus Rumba
-CVE-2016-5763
+CVE-2016-5763 (Vulnerability in Novell Open Enterprise Server (OES2015 SP1 before Sch ...)
 	NOT-FOR-US: Novell Open Enterprise Server
-CVE-2016-5762
+CVE-2016-5762 (Integer overflow in the Post Office Agent in Novell GroupWise before 2 ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2016-5761
+CVE-2016-5761 (Cross-site scripting (XSS) vulnerability in Novell GroupWise before 20 ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2016-5760
+CVE-2016-5760 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2016-5759
+CVE-2016-5759 (The mkdumprd script called "dracut" in the current working directory " ...)
 	NOT-FOR-US: SuSE-specific Dracut script mkdumprd
-CVE-2016-5758
+CVE-2016-5758 (A cross site request forgery protection mechanism in NetIQ Access Mana ...)
 	NOT-FOR-US: NetIQ
-CVE-2016-5757
+CVE-2016-5757 (iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fi ...)
 	NOT-FOR-US: NetIQ
-CVE-2016-5756
+CVE-2016-5756 (Multiple components of the web tools in NetIQ Access Manager 4.1 befor ...)
 	NOT-FOR-US: NetIQ
-CVE-2016-5755
+CVE-2016-5755 (NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 w ...)
 	NOT-FOR-US: NetIQ
-CVE-2016-5754
+CVE-2016-5754 (Presence of a .htaccess file could leak information in NetIQ Access Ma ...)
 	NOT-FOR-US: NetIQ
 CVE-2016-5753
 	RESERVED
-CVE-2016-5752
+CVE-2016-5752 (The SAML2 implementation in Identity Server in NetIQ Access Manager 4. ...)
 	NOT-FOR-US: NetIQ
-CVE-2016-5751
+CVE-2016-5751 (An unfiltered finalizer target URL in the SAML processing feature in I ...)
 	NOT-FOR-US: NetIQ
-CVE-2016-5750
+CVE-2016-5750 (The certificate upload feature in iManager in NetIQ Access Manager 4.1 ...)
 	NOT-FOR-US: NetIQ
-CVE-2016-5749
+CVE-2016-5749 (NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was pa ...)
 	NOT-FOR-US: NetIQ
-CVE-2016-5748
+CVE-2016-5748 (External Entity Processing (XXE) vulnerability in the "risk score" app ...)
 	NOT-FOR-US: NetIQ
-CVE-2016-5747
+CVE-2016-5747 (A security vulnerability in cookie handling in the http stack implemen ...)
 	NOT-FOR-US: Novell
-CVE-2016-5746
+CVE-2016-5746 (libstorage, libstorage-ng, and yast-storage improperly store passphras ...)
 	NOT-FOR-US: libstorage
-CVE-2016-5745
+CVE-2016-5745 (F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 1 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-5844
+CVE-2016-5844 (Integer overflow in the ISO parser in libarchive before 3.2.1 allows r ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.1-1
 	NOTE: Upstream ticket: https://github.com/libarchive/libarchive/issues/717
 	NOTE: Upstream fix: https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22 (v3.2.1)
-CVE-2016-5842
+CVE-2016-5842 (MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote atta ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #831034)
 	NOTE: Details: http://www.openwall.com/lists/oss-security/2016/06/23/1
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b
 	NOTE: Reproducer http://bugs.fi/media/afl/imagemagick/CVE-2016-5842.jpg
-CVE-2016-5841
+CVE-2016-5841 (Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #831034)
 	NOTE: Details: http://www.openwall.com/lists/oss-security/2016/06/23/1
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b
 	NOTE: Reproducer http://bugs.fi/media/afl/imagemagick/CVE-2016-5841.jpg
-CVE-2016-5829
+CVE-2016-5829 (Multiple heap-based buffer overflows in the hiddev_ioctl_usage functio ...)
 	{DSA-3616-1 DLA-609-1}
 	- linux 4.6.3-1
 	NOTE: Fixed by: https://git.kernel.org/linus/93a2001bdfd5376c3dc2158653034c20392d15c5
-CVE-2016-5828
+CVE-2016-5828 (The start_thread function in arch/powerpc/kernel/process.c in the Linu ...)
 	{DSA-3616-1}
 	- linux 4.6.3-1
 	[wheezy] - linux <not-affected> (Introduced in v3.10-rc1)
 	NOTE: https://patchwork.ozlabs.org/patch/636776/
 	NOTE: Introduced in https://git.kernel.org/linus/bc2a9408fa65195288b41751016c36fd00a75a85 (v3.10-rc1)
-CVE-2016-5827
+CVE-2016-5827 (The icaltime_from_string function in libical 0.47 and 1.0 allows remot ...)
 	- libical <unfixed>
 	[stretch] - libical <no-dsa> (Minor issue)
 	[jessie] - libical <no-dsa> (Minor issue)
@@ -15196,19 +15196,19 @@ CVE-2016-5827
 	NOTE: https://github.com/libical/libical/commit/38757abb495ea6cb40faa5418052278bf75040f7
 	NOTE: https://github.com/libical/libical/commit/04d84749e53db08c71ed0ce8b6ba5c11082743cd
 	NOTE: https://github.com/libical/libical/commit/830d9530817516377c2bc3b532798ce2c6b4765a
-CVE-2016-5826
+CVE-2016-5826 (The parser_get_next_char function in libical 0.47 and 1.0 allows remot ...)
 	- libical <unfixed>
 	[stretch] - libical <no-dsa> (Minor issue)
 	[jessie] - libical <no-dsa> (Minor issue)
 	[wheezy] - libical <no-dsa> (Low prio according to upstream)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1281041
-CVE-2016-5825
+CVE-2016-5825 (The icalparser_parse_string function in libical 0.47 and 1.0 allows re ...)
 	- libical <unfixed>
 	[stretch] - libical <no-dsa> (Minor issue)
 	[jessie] - libical <no-dsa> (Minor issue)
 	[wheezy] - libical <no-dsa> (Low prio according to upstream)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1280832
-CVE-2016-5824
+CVE-2016-5824 (libical 1.0 allows remote attackers to cause a denial of service (use- ...)
 	{DLA-959-1}
 	- libical <unfixed> (bug #860451)
 	[stretch] - libical <no-dsa> (Minor issue)
@@ -15224,102 +15224,102 @@ CVE-2016-5824
 	NOTE: in http://www.openwall.com/lists/oss-security/2016/06/25/4
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2016-5824
 	NOTE: thunderbird uses embedded libical copy
-CVE-2016-5823
+CVE-2016-5823 (The icalproperty_new_clone function in libical 0.47 and 1.0 allows rem ...)
 	- libical 1.0-1
 	[wheezy] - libical <no-dsa> (Only possible denial of service, not severe enough to solve)
 	NOTE: possibly correct upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1275787
 	NOTE: Exact fixing commit unfortunately not bisected, need more investigation
-CVE-2016-5744
+CVE-2016-5744 (Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers  ...)
 	NOT-FOR-US: Siemens
-CVE-2016-5743
+CVE-2016-5743 (Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SI ...)
 	NOT-FOR-US: Siemens
-CVE-2016-5839
+CVE-2016-5839 (WordPress before 4.5.3 allows remote attackers to bypass the sanitize_ ...)
 	{DSA-3639-1 DLA-568-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 	NOTE: https://core.trac.wordpress.org/ticket/37111
 	NOTE: https://core.trac.wordpress.org/changeset/37818
-CVE-2016-5838
+CVE-2016-5838 (WordPress before 4.5.3 allows remote attackers to bypass intended pass ...)
 	{DSA-3639-1 DLA-568-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://core.trac.wordpress.org/changeset/37762/
 	NOTE: https://core.trac.wordpress.org/ticket/37047
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
-CVE-2016-5837
+CVE-2016-5837 (WordPress before 4.5.3 allows remote attackers to bypass intended acce ...)
 	{DSA-3639-1 DLA-568-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 	NOTE: Upstream bug: https://core.trac.wordpress.org/ticket/36379
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37781
-CVE-2016-5836
+CVE-2016-5836 (The oEmbed protocol implementation in WordPress before 4.5.3 allows re ...)
 	{DLA-1452-1 DLA-633-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 	NOTE: Upstream ticket: https://core.trac.wordpress.org/ticket/36767
 	NOTE: Fixed by (Branch 4.4): https://core.trac.wordpress.org/changeset/37798
-CVE-2016-5835
+CVE-2016-5835 (WordPress before 4.5.3 allows remote attackers to obtain sensitive rev ...)
 	{DSA-3639-1 DLA-568-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 	NOTE: https://core.trac.wordpress.org/changeset/37800
-CVE-2016-5834
+CVE-2016-5834 (Cross-site scripting (XSS) vulnerability in the wp_get_attachment_link ...)
 	{DSA-3639-1 DLA-568-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 	NOTE: https://core.trac.wordpress.org/changeset/37790/
-CVE-2016-5833
+CVE-2016-5833 (Cross-site scripting (XSS) vulnerability in the column_title function  ...)
 	- wordpress 4.5.3+dfsg-1
 	[jessie] - wordpress <not-affected> (vulnerable code not present)
 	[wheezy] - wordpress <not-affected> (vulnerable code not present)
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
-CVE-2016-5832
+CVE-2016-5832 (The customizer in WordPress before 4.5.3 allows remote attackers to by ...)
 	{DSA-3639-1 DLA-568-1}
 	- wordpress 4.5.3+dfsg-1
 	NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37773/
-CVE-2016-5773
+CVE-2016-5773 (php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6. ...)
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72434
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=f6aef68089221c5ea047d4a74224ee3deead99a6
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
-CVE-2016-5772
+CVE-2016-5772 (Double free vulnerability in the php_wddx_process_data function in wdd ...)
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72340
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=a44c89e8af7c2410f4bfc5e097be2a5d0639a60c
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
-CVE-2016-5771
+CVE-2016-5771 (spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before ...)
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 <not-affected> (Does not affect PHP 7.x)
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72433
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=a44c89e8af7c2410f4bfc5e097be2a5d0639a60c
 	NOTE: Fixed in 5.5.37, 5.6.23
-CVE-2016-5770
+CVE-2016-5770 (Integer overflow in the SplFileObject::fread function in spl_directory ...)
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72262
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=7245bff300d3fa8bacbef7897ff080a6f1c23eba
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
-CVE-2016-5769
+CVE-2016-5769 (Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP  ...)
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72455
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=6c5211a0cef0cc2854eaa387e0eb036e012904d0
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
-CVE-2016-5768
+CVE-2016-5768 (Double free vulnerability in the _php_mb_regex_ereg_replace_exec funct ...)
 	{DSA-3618-1 DLA-628-1}
 	- php7.0 7.0.8-1
 	- php5 5.6.23+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72402
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=5b597a2e5b28e2d5a52fc1be13f425f08f47cb62
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
-CVE-2016-5767
+CVE-2016-5767 (Integer overflow in the gdImageCreate function in gd.c in the GD Graph ...)
 	- php7.0 7.0.8-1 (unimportant)
 	- php5 5.6.23+dfsg-1 (unimportant)
 	[jessie] - php5 5.6.23+dfsg-0+deb8u1
@@ -15329,7 +15329,7 @@ CVE-2016-5767
 	NOTE: Fixed in 5.5.37, 5.6.23, 7.0.8
 	- libgd2 2.0.34~rc1-1
 	NOTE: Fixed by: https://github.com/libgd/libgd/commit/cfee163a5e848fc3e3fb1d05a30d7557cdd36457 (GD_2_0_34RC1)
-CVE-2016-5766
+CVE-2016-5766 (Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD G ...)
 	{DSA-3619-1 DLA-534-1}
 	- php7.0 7.0.8-1 (unimportant)
 	- php5 5.6.23+dfsg-1 (unimportant)
@@ -15343,67 +15343,67 @@ CVE-2016-5766
 	NOTE: https://github.com/libgd/libgd/commit/aba3db8ba159465ecec1089027a24835a6da9cc0
 CVE-2016-5741
 	RESERVED
-CVE-2016-5740
+CVE-2016-5740 (An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev5 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-5739
+CVE-2016-5739 (The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16 ...)
 	{DSA-3627-1 DLA-551-1}
 	- phpmyadmin 4:4.6.3-1
 CVE-2016-5738
 	RESERVED
-CVE-2016-5736
+CVE-2016-5736 (The default configuration of the IPsec IKE peer listener in F5 BIG-IP  ...)
 	NOT-FOR-US: BIG-IP
-CVE-2016-5735
+CVE-2016-5735 (Integer overflow in the rwpng_read_image24_libpng function in rwpng.c  ...)
 	{DLA-966-1}
 	- pngquant 2.5.0-2 (bug #863469)
 	[jessie] - pngquant <no-dsa> (Minor issue)
 	NOTE: https://github.com/pornel/pngquant/commit/b7c217680cda02dddced245d237ebe8c383be285
-CVE-2016-5734
+CVE-2016-5734 (phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x be ...)
 	- phpmyadmin 4:4.6.3-1
 	[jessie] - phpmyadmin <no-dsa> (Vulnerable only with a php version earlier than the one in jessie)
 	[wheezy] - phpmyadmin <no-dsa> (Vulnerable only with a php version earlier than the one in wheezy)
-CVE-2016-5733
+CVE-2016-5733 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...)
 	{DSA-3627-1 DLA-551-1}
 	- phpmyadmin 4:4.6.3-1
-CVE-2016-5732
+CVE-2016-5732 (Multiple cross-site scripting (XSS) vulnerabilities in the partition-r ...)
 	- phpmyadmin 4:4.6.3-1
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2016-5731
+CVE-2016-5731 (Cross-site scripting (XSS) vulnerability in examples/openid.php in php ...)
 	{DSA-3627-1 DLA-551-1}
 	- phpmyadmin 4:4.6.3-1 (low)
-CVE-2016-5730
+CVE-2016-5730 (phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x be ...)
 	- phpmyadmin 4:4.6.3-1 (unimportant)
 	NOTE: path disclosure irrelevant in Debian
-CVE-2016-5742
+CVE-2016-5742 (SQL injection vulnerability in the XML-RPC interface in Movable Type P ...)
 	{DLA-532-1}
 	- movabletype-opensource <removed>
 	NOTE: https://movabletype.org/news/2016/06/movable_type_626_and_613_released.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/06/22/3
 	NOTE: https://github.com/movabletype/movabletype/commit/42113544e7d8ebf6064b7b01b921734b667a1682
-CVE-2016-5737
+CVE-2016-5737 (The Gerrit configuration in the Openstack Puppet module for Gerrit (ak ...)
 	NOT-FOR-US: Openstack-infra puppet-gerrit module
-CVE-2016-5729
+CVE-2016-5729 (Lenovo BIOS EFI Driver allows local administrators to execute arbitrar ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-5728
+CVE-2016-5728 (Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_v ...)
 	{DSA-3616-1}
 	- linux 4.6.1-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Upstream fix: https://git.kernel.org/linus/9bf292bfca94694a721449e3fd752493856710f6 (v4.7-rc1)
 	NOTE: Introduced in: https://git.kernel.org/linus/f69bcbf3b4c4b333dcd7a48eaf868bf0c88edab5 (v3.13-rc1)
-CVE-2016-5725
+CVE-2016-5725 (Directory traversal vulnerability in JCraft JSch before 0.1.54 on Wind ...)
 	{DLA-611-1}
 	- jsch 0.1.54-1 (low)
 	[jessie] - jsch <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/jsch/mailman/message/35318093/
 CVE-2016-5724
 	RESERVED
-CVE-2016-5723
+CVE-2016-5723 (Huawei FusionInsight HD before V100R002C60SPC200 allows local users to ...)
 	NOT-FOR-US: Huawei
-CVE-2016-5722
+CVE-2016-5722 (Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3 ...)
 	NOT-FOR-US: OceanStor
-CVE-2016-5721
+CVE-2016-5721 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collabor ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-5720
+CVE-2016-5720 (Multiple untrusted search path vulnerabilities in Microsoft Skype allo ...)
 	NOT-FOR-US: Skype
 CVE-2016-5719
 	RESERVED
@@ -15411,11 +15411,11 @@ CVE-2016-5718
 	RESERVED
 CVE-2016-5717
 	RESERVED
-CVE-2016-5716
+CVE-2016-5716 (The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 i ...)
 	- puppet <not-affected> (Limited to Puppet Enterprise)
-CVE-2016-5715
+CVE-2016-5715 (Open redirect vulnerability in the Console in Puppet Enterprise 2015.x ...)
 	- puppet <not-affected> (Limited to Puppet Enterprise)
-CVE-2016-5714
+CVE-2016-5714 (Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agen ...)
 	- puppet 4.8.0-1
 	[jessie] - puppet <not-affected> (Vulnerable code introduced later)
 	[wheezy] - puppet <not-affected> (Vulnerable code introduced later)
@@ -15423,7 +15423,7 @@ CVE-2016-5714
 	NOTE: triaged away in Ubuntu: "Default configurations of FOSS Puppet Agent are not vulnerable."
 	NOTE: gentoo released a fix: https://security.gentoo.org/glsa/201710-12
 	NOTE: rosetta stone for puppet version numbers: https://puppet.com/docs/puppet/4.10/about_agent.html
-CVE-2016-5713
+CVE-2016-5713 (Versions of Puppet Agent prior to 1.6.0 included a version of the Pupp ...)
 	- puppet 4.7.0-1
 	[jessie] - puppet <not-affected> (Vulnerable code introduced later)
 	[wheezy] - puppet <not-affected> (Vulnerable code introduced later)
@@ -15432,45 +15432,45 @@ CVE-2016-5713
 	NOTE: https://puppet.com/security/cve/cve-2016-5713
 CVE-2016-5712
 	RESERVED
-CVE-2016-5711
+CVE-2016-5711 (NetApp Virtual Storage Console for VMware vSphere before 6.2.1 uses a  ...)
 	NOT-FOR-US: NetApp
 CVE-2016-5710
 	RESERVED
-CVE-2016-5709
+CVE-2016-5709 (SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encrypti ...)
 	NOT-FOR-US: SolarWinds
 CVE-2016-5708
 	RESERVED
 CVE-2016-5707
 	RESERVED
-CVE-2016-5706
+CVE-2016-5706 (js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x befo ...)
 	{DSA-3627-1}
 	- phpmyadmin 4:4.6.3-1 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2016-5705
+CVE-2016-5705 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4. ...)
 	{DSA-3627-1}
 	- phpmyadmin 4:4.6.3-1
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2016-5704
+CVE-2016-5704 (Cross-site scripting (XSS) vulnerability in the table-structure page i ...)
 	- phpmyadmin 4:4.6.3-1
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2016-5703
+CVE-2016-5703 (SQL injection vulnerability in libraries/central_columns.lib.php in ph ...)
 	- phpmyadmin 4:4.6.3-1
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2016-5702
+CVE-2016-5702 (phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF v ...)
 	- phpmyadmin 4:4.6.3-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <no-dsa> (Minor issue)
-CVE-2016-5701
+CVE-2016-5701 (setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4. ...)
 	{DSA-3627-1}
 	- phpmyadmin 4:4.6.3-1
 	[wheezy] - phpmyadmin <no-dsa> (Minor issue)
-CVE-2016-5700
+CVE-2016-5700 (Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5. ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2016-5698
 	RESERVED
-CVE-2016-5697
+CVE-2016-5697 (Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapp ...)
 	- ruby-saml 1.3.0-1 (bug #828076)
 	NOTE: https://github.com/onelogin/ruby-saml/commit/a571f52171e6bfd87db59822d1d9e8c38fb3b995
 CVE-2016-5695
@@ -15481,63 +15481,63 @@ CVE-2016-5693
 	RESERVED
 CVE-2016-5692
 	RESERVED
-CVE-2016-5686
+CVE-2016-5686 (Johnson &amp; Johnson Animas OneTouch Ping devices mishandle acknowled ...)
 	NOT-FOR-US: Animas OneTouch Ping
-CVE-2016-5685
+CVE-2016-5685 (Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow a ...)
 	NOT-FOR-US: Dell
-CVE-2016-5684
+CVE-2016-5684 (An exploitable out-of-bounds write vulnerability exists in the XMP ima ...)
 	{DSA-3692-1 DLA-647-1}
 	- freeimage 3.17.0+ds1-3 (bug #839827)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0189/
 	NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginXPM.cpp?r1=1.17&r2=1.18
 	NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginXPM.cpp?r1=1.18&r2=1.19
-CVE-2016-5683
+CVE-2016-5683 (ReadyDesk 9.1 allows local users to determine cleartext SQL Server cre ...)
 	NOT-FOR-US: ReadyDesk
-CVE-2016-5682
+CVE-2016-5682 (Swagger-UI before 2.2.1 has XSS via the Default field in the Definitio ...)
 	NOT-FOR-US: Swagger-UI
-CVE-2016-5681
+CVE-2016-5681 (Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.0 ...)
 	NOT-FOR-US: D-Link
-CVE-2016-5680
+CVE-2016-5680 (Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 1.7. ...)
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5679
+CVE-2016-5679 (cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR Rea ...)
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5678
+CVE-2016-5678 (NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0. ...)
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5677
+CVE-2016-5677 (NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0,  ...)
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5676
+CVE-2016-5676 (cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1 ...)
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5675
+CVE-2016-5675 (handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO  ...)
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5674
+CVE-2016-5674 (__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, ...)
 	NOT-FOR-US: NUUO and NETGEAR NAS devices
-CVE-2016-5673
+CVE-2016-5673 (UltraVNC Repeater before 1300 does not restrict destination IP address ...)
 	NOT-FOR-US: UltraVNC
-CVE-2016-5672
+CVE-2016-5672 (Intel Crosswalk before 19.49.514.5, 20.x before 20.50.533.11, 21.x bef ...)
 	- crosswalk <itp> (bug #775876)
-CVE-2016-5671
+CVE-2016-5671 (Multiple cross-site request forgery (CSRF) vulnerabilities on Crestron ...)
 	NOT-FOR-US: Creston
-CVE-2016-5670
+CVE-2016-5670 (Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.30 ...)
 	NOT-FOR-US: Creston
-CVE-2016-5669
+CVE-2016-5669 (Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.30 ...)
 	NOT-FOR-US: Creston
-CVE-2016-5668
+CVE-2016-5668 (Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.30 ...)
 	NOT-FOR-US: Creston
-CVE-2016-5667
+CVE-2016-5667 (Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.30 ...)
 	NOT-FOR-US: Creston
-CVE-2016-5666
+CVE-2016-5666 (Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.30 ...)
 	NOT-FOR-US: Creston
 CVE-2016-5665
 	RESERVED
-CVE-2016-5664
+CVE-2016-5664 (Directory traversal vulnerability on Accellion Kiteworks appliances be ...)
 	NOT-FOR-US: Accellion Kiteworks
-CVE-2016-5663
+CVE-2016-5663 (Multiple cross-site scripting (XSS) vulnerabilities in oauth_callback. ...)
 	NOT-FOR-US: Accellion Kiteworks
-CVE-2016-5662
+CVE-2016-5662 (Accellion Kiteworks appliances before kw2016.03.00 use setuid-root per ...)
 	NOT-FOR-US: Accellion Kiteworks
-CVE-2016-5661
+CVE-2016-5661 (Accela Civic Platform Citizen Access portal relies on the client to re ...)
 	NOT-FOR-US: Accela
-CVE-2016-5660
+CVE-2016-5660 (Cross-site scripting (XSS) vulnerability in AttachmentsList.aspx in Ac ...)
 	NOT-FOR-US: Accela
 CVE-2016-5659
 	RESERVED
@@ -15548,13 +15548,13 @@ CVE-2016-5657
 	NOT-FOR-US: Apache Archiva
 CVE-2016-5656
 	RESERVED
-CVE-2016-5655
+CVE-2016-5655 (Misys FusionCapital Opics Plus does not verify X.509 certificates from ...)
 	NOT-FOR-US: Misys
-CVE-2016-5654
+CVE-2016-5654 (Misys FusionCapital Opics Plus allows remote authenticated users to ga ...)
 	NOT-FOR-US: Misys
-CVE-2016-5653
+CVE-2016-5653 (Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Pl ...)
 	NOT-FOR-US: Misys
-CVE-2016-5652
+CVE-2016-5652 (An exploitable heap-based buffer overflow exists in the handling of TI ...)
 	{DSA-3762-1 DLA-693-1}
 	- tiff 4.0.6-3 (bug #842361)
 	- tiff3 <removed>
@@ -15563,65 +15563,65 @@ CVE-2016-5652
 	NOTE: https://github.com/vadz/libtiff/commit/b5d6803f0898e931cf772d3d0755704ab8488e63
 CVE-2016-5651
 	RESERVED
-CVE-2016-5650
+CVE-2016-5650 (ZModo ZP-NE14-S and ZP-IBH-13W devices do not enforce a WPA2 configura ...)
 	NOT-FOR-US: ZModo
-CVE-2016-5649
+CVE-2016-5649 (A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN22 ...)
 	NOT-FOR-US: Netgear
-CVE-2016-5648
+CVE-2016-5648 (Acer Portal app before 3.9.4.2000 for Android does not properly valida ...)
 	NOT-FOR-US: Acer Portal Android application
-CVE-2016-5647
+CVE-2016-5647 (The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, ...)
 	NOT-FOR-US: Intel Windows drivers
-CVE-2016-5646
+CVE-2016-5646 (An exploitable heap overflow vulnerability exists in the Compound Bina ...)
 	NOT-FOR-US: Lexmark
-CVE-2016-5645
+CVE-2016-5645 (Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766 ...)
 	NOT-FOR-US: Rockwell
 CVE-2016-5644
 	RESERVED
 CVE-2016-5643
 	RESERVED
-CVE-2016-5642
+CVE-2016-5642 (Opmantek NMIS before 8.5.12G has XSS via SNMP. ...)
 	NOT-FOR-US: Opmantek NMIS
 CVE-2016-5641
 	RESERVED
-CVE-2016-5640
+CVE-2016-5640 (Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron Ai ...)
 	NOT-FOR-US: Creston
-CVE-2016-5639
+CVE-2016-5639 (Directory traversal vulnerability in cgi-bin/login.cgi on Crestron Air ...)
 	NOT-FOR-US: Creston
-CVE-2016-5638
+CVE-2016-5638 (There are few web pages associated with the genie app on the Netgear W ...)
 	NOT-FOR-US: Netgear
-CVE-2016-5637
+CVE-2016-5637 (The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 mishandl ...)
 	NOTE: https://www.kb.cert.org/vuls/id/123799
 	NOTE: No further information provided, but this is very likely a dupe of CVE-2016-8710
-CVE-2016-1000003
+CVE-2016-1000003 (Mirror Manager version 0.7.2 and older is vulnerable to remote code ex ...)
 	NOT-FOR-US: Fedora Mirror Manager
-CVE-2016-5727
+CVE-2016-5727 (LogInOut.php in Simple Machines Forum (SMF) 2.1 allows remote attacker ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2016-5726
+CVE-2016-5726 (Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attacker ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2016-5691
+CVE-2016-5691 (The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 al ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833044)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
-CVE-2016-5690
+CVE-2016-5690 (The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833043)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
-CVE-2016-5689
+CVE-2016-5689 (The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 al ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833042)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d
 	NOTE: Will be fixed in a 6.9.4-3 based version
-CVE-2016-5688
+CVE-2016-5688 (The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, w ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #833003)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/fc43974d34318c834fbf78570ca1a3764ed8c7d7
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/aecd0ada163a4d6c769cec178955d5f3e9316f2f
-CVE-2016-5687
+CVE-2016-5687 (The VerticalFilter function in the DDS coder in ImageMagick before 6.9 ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832890)
 	NOTE: https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0b7172f2ba2c9e664d4df148e7d6e14a50edb57a
-CVE-2016-5699
+CVE-2016-5699 (CRLF injection vulnerability in the HTTPConnection.putheader function  ...)
 	{DLA-1663-1 DLA-522-1}
 	- python3.5 <not-affected> (Fixed with initial upload to Debian)
 	- python3.4 3.4.4~rc1-1
@@ -15630,33 +15630,33 @@ CVE-2016-5699
 	NOTE: https://bugs.python.org/issue22928
 	NOTE: Fixed in 3.4 / 3.5: revision 94952: https://hg.python.org/cpython/rev/bf3e1c9b80e9
 	NOTE: Fixed in 2.7: revision 94951: https://hg.python.org/cpython/rev/1c45047c5102
-CVE-2016-5635
+CVE-2016-5635 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows re ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5634
+CVE-2016-5634 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows re ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5633
+CVE-2016-5633 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows re ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5632
+CVE-2016-5632 (Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows re ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5631
+CVE-2016-5631 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows re ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5630
+CVE-2016-5630 (Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.1 ...)
 	- mariadb-10.0 10.0.27-1
 	[jessie] - mariadb-10.0 10.0.27-0+deb8u1
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 5.6.34-1 (bug #841049)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-5629
+CVE-2016-5629 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 a ...)
 	{DSA-3711-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.15-1
@@ -15665,15 +15665,15 @@ CVE-2016-5629
 	[jessie] - mysql-5.5 5.5.52-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.52-0+deb7u1
 	NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
-CVE-2016-5628
+CVE-2016-5628 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows re ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5627
+CVE-2016-5627 (Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.1 ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 5.6.34-1 (bug #841049)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-5626
+CVE-2016-5626 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 a ...)
 	{DSA-3711-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.15-1
@@ -15682,11 +15682,11 @@ CVE-2016-5626
 	[jessie] - mysql-5.5 5.5.52-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.52-0+deb7u1
 	NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
-CVE-2016-5625
+CVE-2016-5625 (Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows lo ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-5624
+CVE-2016-5624 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows re ...)
 	{DSA-3711-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 <not-affected> (Only affects MySQL 5.5)
@@ -15695,31 +15695,31 @@ CVE-2016-5624
 	[jessie] - mysql-5.5 5.5.52-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.52-0+deb7u1
 	NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
-CVE-2016-5623
+CVE-2016-5623 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5622
+CVE-2016-5622 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5621
+CVE-2016-5621 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5620
+CVE-2016-5620 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5619
+CVE-2016-5619 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5618
+CVE-2016-5618 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle
 CVE-2016-5617
 	REJECTED
 CVE-2016-5616
 	REJECTED
-CVE-2016-5615
+CVE-2016-5615 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local user ...)
 	NOT-FOR-US: Solaris
-CVE-2016-5614
+CVE-2016-5614 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5613
+CVE-2016-5613 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
 	- virtualbox 5.1.8-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5612
+CVE-2016-5612 (Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 a ...)
 	- mariadb-10.0 10.0.27-1
 	[jessie] - mariadb-10.0 10.0.27-0+deb8u1
 	- mysql-5.7 5.7.15-1
@@ -15727,48 +15727,48 @@ CVE-2016-5612
 	- mysql-5.5 <removed>
 	[jessie] - mysql-5.5 5.5.52-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.52-0+deb7u1
-CVE-2016-5611
+CVE-2016-5611 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
 	- virtualbox 5.1.8-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5610
+CVE-2016-5610 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
 	- virtualbox 5.1.8-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5609
+CVE-2016-5609 (Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.1 ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 5.6.34-1 (bug #841049)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-5608
+CVE-2016-5608 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
 	- virtualbox 5.1.8-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5607
+CVE-2016-5607 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5606
+CVE-2016-5606 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local user ...)
 	NOT-FOR-US: Solaris
-CVE-2016-5605
+CVE-2016-5605 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
 	- virtualbox 5.1.4-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5604
+CVE-2016-5604 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5603
+CVE-2016-5603 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5602
+CVE-2016-5602 (Unspecified vulnerability in the Oracle Data Integrator component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5601
+CVE-2016-5601 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5600
+CVE-2016-5600 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Pr ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5599
+CVE-2016-5599 (Unspecified vulnerability in the Oracle Advanced Supply Chain Planning ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5598
+CVE-2016-5598 (Unspecified vulnerability in the MySQL Connector component 2.1.3 and e ...)
 	- mysql-connector-python 2.1.5-1 (bug #841677)
 	[jessie] - mysql-connector-python <not-affected> (Vulnerable code not present)
 	[wheezy] - mysql-connector-python <not-affected> (Only the Python 3 code is affected which is not shipped in binary package)
 	NOTE: https://blog.qualys.com/laws-of-vulnerabilities/2016/10/18/oracle-october-2016-critical-patch-update
-CVE-2016-5597
+CVE-2016-5597 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and J ...)
 	{DSA-3707-1 DLA-704-1}
 	- openjdk-8 8u111-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-2
@@ -15776,40 +15776,40 @@ CVE-2016-5597
 	NOTE: #841692 tracks openjdk-7
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5596
+CVE-2016-5596 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5595
+CVE-2016-5595 (Unspecified vulnerability in the Oracle Customer Interaction History c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5594
+CVE-2016-5594 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5593
+CVE-2016-5593 (Unspecified vulnerability in the Oracle Customer Interaction History c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5592
+CVE-2016-5592 (Unspecified vulnerability in the Oracle Customer Interaction History c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5591
+CVE-2016-5591 (Unspecified vulnerability in the Oracle Customer Interaction History c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5590
+CVE-2016-5590 (Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQ ...)
 	NOT-FOR-US: MySQL Enterprise Monitor
-CVE-2016-5589
+CVE-2016-5589 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5588
+CVE-2016-5588 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5587
+CVE-2016-5587 (Unspecified vulnerability in the Oracle Customer Interaction History c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5586
+CVE-2016-5586 (Unspecified vulnerability in the Oracle Email Center component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5585
+CVE-2016-5585 (Unspecified vulnerability in the Oracle Interaction Center Intelligenc ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5584
+CVE-2016-5584 (Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 a ...)
 	{DSA-3711-1 DSA-3706-1 DLA-708-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.16-1 (bug #841163)
 	- mysql-5.6 5.6.34-1 (bug #841049)
 	- mysql-5.5 <removed> (bug #841050)
 	NOTE: Fixed in MariaDB 5.5.53, MariaDB 10.0.28
-CVE-2016-5583
+CVE-2016-5583 (Unspecified vulnerability in the Oracle One-to-One Fulfillment compone ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5582
+CVE-2016-5582 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and J ...)
 	{DSA-3707-1 DLA-704-1}
 	- openjdk-8 8u111-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-2
@@ -15817,23 +15817,23 @@ CVE-2016-5582
 	NOTE: #841692 tracks openjdk-7
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5581
+CVE-2016-5581 (Unspecified vulnerability in the Oracle iRecruitment component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5580
+CVE-2016-5580 (Unspecified vulnerability in the Secure Global Desktop component in Or ...)
 	NOT-FOR-US: Secure Global Desktop
-CVE-2016-5579
+CVE-2016-5579 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5578
+CVE-2016-5578 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5577
+CVE-2016-5577 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5576
+CVE-2016-5576 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local user ...)
 	NOT-FOR-US: Solaris
-CVE-2016-5575
+CVE-2016-5575 (Unspecified vulnerability in the Oracle Common Applications Calendar c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5574
+CVE-2016-5574 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5573
+CVE-2016-5573 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and J ...)
 	{DSA-3707-1 DLA-704-1}
 	- openjdk-8 8u111-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-2
@@ -15841,47 +15841,47 @@ CVE-2016-5573
 	NOTE: #841692 tracks openjdk-7
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5572
+CVE-2016-5572 (Unspecified vulnerability in the Kernel PDB component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5571
+CVE-2016-5571 (Unspecified vulnerability in the Oracle Applications DBA component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5570
+CVE-2016-5570 (Unspecified vulnerability in the Oracle Applications DBA component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5569
+CVE-2016-5569 (Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5568
+CVE-2016-5568 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 al ...)
 	- openjdk-8 <not-affected> (Only affects Windows)
 	- openjdk-7 <not-affected> (Only affects Windows)
 	- openjdk-6 <not-affected> (Only affects Windows)
-CVE-2016-5567
+CVE-2016-5567 (Unspecified vulnerability in the Oracle Applications DBA component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5566
+CVE-2016-5566 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote att ...)
 	NOT-FOR-US: Solaris
-CVE-2016-5565
+CVE-2016-5565 (Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property S ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5564
+CVE-2016-5564 (Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property S ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5563
+CVE-2016-5563 (Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property S ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5562
+CVE-2016-5562 (Unspecified vulnerability in the Oracle iProcurement component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5561
+CVE-2016-5561 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote att ...)
 	NOT-FOR-US: Solaris
-CVE-2016-5560
+CVE-2016-5560 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2016-5559
+CVE-2016-5559 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows loc ...)
 	NOT-FOR-US: Solaris
-CVE-2016-5558
+CVE-2016-5558 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5557
+CVE-2016-5557 (Unspecified vulnerability in the Oracle Advanced Pricing component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5556
+CVE-2016-5556 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 al ...)
 	- openjdk-6 <not-affected> (specific to Oracle Java)
 	- openjdk-7 <not-affected> (specific to Oracle Java)
 	- openjdk-8 <not-affected> (specific to Oracle Java)
-CVE-2016-5555
+CVE-2016-5555 (Unspecified vulnerability in the OJVM component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5554
+CVE-2016-5554 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and J ...)
 	{DSA-3707-1 DLA-704-1}
 	- openjdk-8 8u111-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-2
@@ -15889,50 +15889,50 @@ CVE-2016-5554
 	NOTE: #841692 tracks openjdk-7
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5553
+CVE-2016-5553 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows loc ...)
 	NOT-FOR-US: Solaris
-CVE-2016-5552
+CVE-2016-5552 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5551
+CVE-2016-5551 (Vulnerability in the Solaris Cluster component of Oracle Sun Systems P ...)
 	NOT-FOR-US: Solaris
 CVE-2016-5550
 	REJECTED
-CVE-2016-5549
+CVE-2016-5549 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	- openjdk-8 8u121-b13-1
 	- openjdk-7 <not-affected> (In the Debian package, the code is removed during build time)
-CVE-2016-5548
+CVE-2016-5548 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5547
+CVE-2016-5547 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
-CVE-2016-5546
+CVE-2016-5546 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5545
+CVE-2016-5545 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.14-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5544
+CVE-2016-5544 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows loc ...)
 	NOT-FOR-US: Solaris
-CVE-2016-5543
+CVE-2016-5543 (Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5542
+CVE-2016-5542 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and J ...)
 	{DSA-3707-1 DLA-704-1}
 	- openjdk-8 8u111-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-2
@@ -15940,126 +15940,126 @@ CVE-2016-5542
 	NOTE: #841692 tracks openjdk-7
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2016-5541
+CVE-2016-5541 (Vulnerability in the MySQL Cluster component of Oracle MySQL (subcompo ...)
 	NOT-FOR-US: MySQL Cluster
-CVE-2016-5540
+CVE-2016-5540 (Unspecified vulnerability in the Oracle Retail Xstore Payment componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5539
+CVE-2016-5539 (Unspecified vulnerability in the Oracle Retail Xstore Payment componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5538
+CVE-2016-5538 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
 	- virtualbox 5.1.8-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5537
+CVE-2016-5537 (Unspecified vulnerability in the NetBeans component in Oracle Fusion M ...)
 	[experimental] - netbeans 8.2+dfsg1-1
 	- netbeans 10.0-1 (bug #852029)
 	[stretch] - netbeans <ignored> (No details about affected code, backport of Netbeans 8.2 too intrusive)
 	[wheezy] - netbeans <ignored> (No details about affected code, backport of Netbeans 8.2 too intrusive)
-CVE-2016-5536
+CVE-2016-5536 (Unspecified vulnerability in the Oracle Platform Security for Java com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5535
+CVE-2016-5535 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5534
+CVE-2016-5534 (Unspecified vulnerability in the Siebel Apps - Customer Order Manageme ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2016-5533
+CVE-2016-5533 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5532
+CVE-2016-5532 (Unspecified vulnerability in the Oracle Shipping Execution component i ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5531
+CVE-2016-5531 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5530
+CVE-2016-5530 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2016-5529
+CVE-2016-5529 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2016-5528
+CVE-2016-5528 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2016-5527
+CVE-2016-5527 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5526
+CVE-2016-5526 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5525
+CVE-2016-5525 (Unspecified vulnerability in the Solaris Cluster component in Oracle S ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5524
+CVE-2016-5524 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5523
+CVE-2016-5523 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5522
+CVE-2016-5522 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5521
+CVE-2016-5521 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
 CVE-2016-5520
 	REJECTED
-CVE-2016-5519
+CVE-2016-5519 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2016-5518
+CVE-2016-5518 (Unspecified vulnerability in the Oracle Agile Engineering Data Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5517
+CVE-2016-5517 (Unspecified vulnerability in the Oracle Applications DBA component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5516
+CVE-2016-5516 (Unspecified vulnerability in the Kernel PDB component in Oracle Databa ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5515
+CVE-2016-5515 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5514
+CVE-2016-5514 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5513
+CVE-2016-5513 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5512
+CVE-2016-5512 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5511
+CVE-2016-5511 (Unspecified vulnerability in the Oracle WebCenter Sites component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5510
+CVE-2016-5510 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5509
+CVE-2016-5509 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-5508
+CVE-2016-5508 (Unspecified vulnerability in the Solaris Cluster component in Oracle S ...)
 	NOT-FOR-US: Solaris
-CVE-2016-5507
+CVE-2016-5507 (Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.1 ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 5.6.34-1 (bug #841049)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2016-5506
+CVE-2016-5506 (Unspecified vulnerability in the Oracle Identity Manager component in  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5505
+CVE-2016-5505 (Unspecified vulnerability in the RDBMS Programmable Interface componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5504
+CVE-2016-5504 (Unspecified vulnerability in the Oracle Agile Product Lifecycle Manage ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5503
+CVE-2016-5503 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) co ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5502
+CVE-2016-5502 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5501
+CVE-2016-5501 (Unspecified vulnerability in the Oracle VM VirtualBox component before ...)
 	- virtualbox 5.1.8-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-5500
+CVE-2016-5500 (Unspecified vulnerability in the Oracle Discoverer component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5499
+CVE-2016-5499 (Unspecified vulnerability in the RDBMS Security component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5498
+CVE-2016-5498 (Unspecified vulnerability in the RDBMS Security component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5497
+CVE-2016-5497 (Unspecified vulnerability in the RDBMS Security component in Oracle Da ...)
 	NOT-FOR-US: Oracle
 CVE-2016-5496
 	REJECTED
-CVE-2016-5495
+CVE-2016-5495 (Unspecified vulnerability in the Oracle Discoverer component in Oracle ...)
 	NOT-FOR-US: Oracle
 CVE-2016-5494
 	REJECTED
-CVE-2016-5493
+CVE-2016-5493 (Unspecified vulnerability in the Oracle FLEXCUBE Private Banking compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5492
+CVE-2016-5492 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) co ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5491
+CVE-2016-5491 (Unspecified vulnerability in the Oracle Commerce Service Center compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5490
+CVE-2016-5490 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5489
+CVE-2016-5489 (Unspecified vulnerability in the Oracle iStore component in Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5488
+CVE-2016-5488 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5487
+CVE-2016-5487 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local user ...)
 	NOT-FOR-US: Solaris
-CVE-2016-5486
+CVE-2016-5486 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) co ...)
 	NOT-FOR-US: Oracle
 CVE-2016-5485
 	REJECTED
@@ -16067,83 +16067,83 @@ CVE-2016-5484
 	REJECTED
 CVE-2016-5483
 	REJECTED
-CVE-2016-5482
+CVE-2016-5482 (Unspecified vulnerability in the Oracle Commerce Guided Search compone ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5481
+CVE-2016-5481 (Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) co ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5480
+CVE-2016-5480 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Solaris
-CVE-2016-5479
+CVE-2016-5479 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking com ...)
 	NOT-FOR-US: Oracle
 CVE-2016-5478
 	REJECTED
-CVE-2016-5477
+CVE-2016-5477 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2016-5476
+CVE-2016-5476 (Unspecified vulnerability in the Oracle Retail Integration Bus compone ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5475
+CVE-2016-5475 (Unspecified vulnerability in the Oracle Retail Service Backbone compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5474
+CVE-2016-5474 (Unspecified vulnerability in the Oracle Retail Service Backbone compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5473
+CVE-2016-5473 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5472
+CVE-2016-5472 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5471
+CVE-2016-5471 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local user ...)
 	NOT-FOR-US: Solaris
-CVE-2016-5470
+CVE-2016-5470 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5469
+CVE-2016-5469 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local user ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5468
+CVE-2016-5468 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5467
+CVE-2016-5467 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5466
+CVE-2016-5466 (Unspecified vulnerability in the Siebel Core - Server Framework compon ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5465
+CVE-2016-5465 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5464
+CVE-2016-5464 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5463
+CVE-2016-5463 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5462
+CVE-2016-5462 (Unspecified vulnerability in the Siebel Core - Server Framework compon ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5461
+CVE-2016-5461 (Unspecified vulnerability in the Siebel Core - Server Framework compon ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5460
+CVE-2016-5460 (Unspecified vulnerability in the Siebel Core - Server Framework compon ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5459
+CVE-2016-5459 (Unspecified vulnerability in the Siebel Core - Common Components compo ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5458
+CVE-2016-5458 (Unspecified vulnerability in the Oracle Communications EAGLE Applicati ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5457
+CVE-2016-5457 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5456
+CVE-2016-5456 (Unspecified vulnerability in the Siebel Core - Server Framework compon ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5455
+CVE-2016-5455 (Unspecified vulnerability in the Oracle Communications Messaging Serve ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5454
+CVE-2016-5454 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local user ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5453
+CVE-2016-5453 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5452
+CVE-2016-5452 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local user ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5451
+CVE-2016-5451 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5450
+CVE-2016-5450 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-5449
+CVE-2016-5449 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5448
+CVE-2016-5448 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5447
+CVE-2016-5447 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5446
+CVE-2016-5446 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5445
+CVE-2016-5445 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-5444
+CVE-2016-5444 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 a ...)
 	- mariadb-10.0 10.0.25-1
 	[jessie] - mariadb-10.0 10.0.25-0+deb8u1
 	- mysql-5.6 5.6.30-1
@@ -16151,48 +16151,48 @@ CVE-2016-5444
 	[jessie] - mysql-5.5 5.5.49-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.49-0+deb7u1
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5443
+CVE-2016-5443 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows lo ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5442
+CVE-2016-5442 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows re ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5441
+CVE-2016-5441 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows re ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5440
+CVE-2016-5440 (Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 a ...)
 	{DSA-3632-1 DSA-3624-1 DLA-567-1}
 	- mariadb-10.0 10.0.26-1
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5439
+CVE-2016-5439 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.1 ...)
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
 CVE-2016-5438
 	REJECTED
-CVE-2016-5437
+CVE-2016-5437 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows re ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5436
+CVE-2016-5436 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows re ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-5435
+CVE-2016-5435 (Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and S ...)
 	NOT-FOR-US: Huawei
-CVE-2016-6211
+CVE-2016-6211 (The User module in Drupal 7.x before 7.44 allows remote authenticated  ...)
 	{DSA-3604-1 DLA-550-1}
 	- drupal7 7.44-1
 	NOTE: https://www.drupal.org/SA-CORE-2016-002
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/4
 	NOTE: https://gist.github.com/lamby/4697fea399f3f01ca6de3ce9ed79fce7 tarball diff
 	NOTE: https://gist.github.com/lamby/dbeda4d49f48a32aa0dd4b3ed7f06a13 filtered diff
-CVE-2016-5636
+CVE-2016-5636 (Integer overflow in the get_data function in zipimport.c in CPython (a ...)
 	{DLA-1663-1 DLA-522-1}
 	- python3.5 3.5.2~rc1-1
 	- python3.4 <removed>
@@ -16201,40 +16201,40 @@ CVE-2016-5636
 	NOTE: https://bugs.python.org/issue26171
 	NOTE: 2.7: https://hg.python.org/cpython/rev/985fc64c60d6
 	NOTE: 3.5: https://hg.python.org/cpython/rev/2df462852464
-CVE-2016-5433
+CVE-2016-5433 (Citrix iOS Receiver before 7.0 allows attackers to cause TLS certifica ...)
 	NOT-FOR-US: Citrix
-CVE-2016-5434
+CVE-2016-5434 (libalpm, as used in pacman 5.0.1, allows remote attackers to cause a d ...)
 	NOT-FOR-US: libalpm (Arch Linux Package Management (ALPM) library)
-CVE-2016-5432
+CVE-2016-5432 (The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualizat ...)
 	NOT-FOR-US: ovirt-engine
 CVE-2016-5431
 	RESERVED
-CVE-2016-5430
+CVE-2016-5430 (The RSA 1.5 algorithm implementation in the JOSE_JWE class in JWE.php  ...)
 	NOT-FOR-US: jose-php
-CVE-2016-5429
+CVE-2016-5429 (jose-php before 2.2.1 does not use constant-time operations for HMAC c ...)
 	NOT-FOR-US: jose-php
 CVE-2016-5428
 	RESERVED
-CVE-2016-5427
+CVE-2016-5427 (PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not proper ...)
 	{DSA-3664-1 DLA-627-1}
 	- pdns 4.0.0~alpha1-1
 	NOTE: Only affects PowerDNS Authoritative Server up to and including 3.4.9, 4.x not affected
 	NOTE: Added workaround to mark first 4.x version in unstable as fixed.
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/
 	NOTE: https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3
-CVE-2016-5426
+CVE-2016-5426 (PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote a ...)
 	{DSA-3664-1 DLA-627-1}
 	- pdns 4.0.0~alpha1-1
 	NOTE: Only affects PowerDNS Authoritative Server up to and including 3.4.9, 4.x not affected
 	NOTE: Added workaround to mark first 4.x version in unstable as fixed.
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/
 	NOTE: https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3
-CVE-2016-5425
+CVE-2016-5425 (The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentO ...)
 	- tomcat8 <not-affected> (Red Hat and derivatives packaging specific)
 	- tomcat7 <not-affected> (Red Hat and derivatives packaging specific)
 	- tomcat6 <not-affected> (Red Hat and derivatives packaging specific)
 	NOTE: http://legalhackers.com/advisories/Tomcat-RedHat-Pkgs-Root-PrivEsc-Exploit-CVE-2016-5425.html
-CVE-2016-5424
+CVE-2016-5424 (PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9. ...)
 	{DSA-3646-1 DLA-592-1}
 	- postgresql-9.5 9.5.4-1
 	- postgresql-9.4 <removed>
@@ -16242,7 +16242,7 @@ CVE-2016-5424
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=fcd15f13581f6d75c63d213220d5a94889206c1b
 	NOTE: https://www.postgresql.org/about/news/1688/
-CVE-2016-5423
+CVE-2016-5423 (PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9. ...)
 	{DSA-3646-1 DLA-592-1}
 	- postgresql-9.5 9.5.4-1
 	- postgresql-9.4 <removed>
@@ -16250,27 +16250,27 @@ CVE-2016-5423
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=f0c7b789ab12fbc8248b671c7882dd96ac932ef4
 	NOTE: https://www.postgresql.org/about/news/1688/
-CVE-2016-5422
+CVE-2016-5422 (The web console in Red Hat JBoss Operations Network (JON) before 3.3.7 ...)
 	NOT-FOR-US: Red Hat JBoss Operations Network
-CVE-2016-5421
+CVE-2016-5421 (Use-after-free vulnerability in libcurl before 7.50.1 allows attackers ...)
 	{DSA-3638-1}
 	- curl 7.50.1-1
 	[wheezy] - curl <not-affected> (introduced in 7.32.0)
 	NOTE: https://curl.haxx.se/docs/adv_20160803C.html
 	NOTE: Fixed by https://curl.haxx.se/CVE-2016-5421.patch
-CVE-2016-5420
+CVE-2016-5420 (curl and libcurl before 7.50.1 do not check the client certificate whe ...)
 	{DSA-3638-1 DLA-586-1}
 	- curl 7.50.1-1
 	NOTE: https://curl.haxx.se/docs/adv_20160803B.html
 	NOTE: Fixed by https://curl.haxx.se/CVE-2016-5420.patch
 	NOTE: Wheezy: vulnerable code is in lib/sslgen.c
-CVE-2016-5419
+CVE-2016-5419 (curl and libcurl before 7.50.1 do not prevent TLS session resumption w ...)
 	{DSA-3638-1 DLA-586-1}
 	- curl 7.50.1-1
 	NOTE: https://curl.haxx.se/docs/adv_20160803A.html
 	NOTE: Fixed by https://curl.haxx.se/CVE-2016-5419.patch
 	NOTE: Wheezy: vulnerable code is in lib/sslgen.c
-CVE-2016-5418
+CVE-2016-5418 (The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlin ...)
 	{DSA-3677-1 DLA-657-1}
 	- libarchive 3.2.1-4 (bug #837714)
 	NOTE: Centos patch: https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418.patch;jsessionid=1dexz8h9qdewibih5aonbu3
@@ -16284,14 +16284,14 @@ CVE-2016-5418
 	NOTE: https://github.com/libarchive/libarchive/issues/746
 	NOTE: Testcase: https://github.com/libarchive/libarchive/commit/063ea3ea3fcb569a380b2ebe9c9ddd8bd6ce0d49
 	NOTE: Fix for testcase: https://github.com/libarchive/libarchive/commit/50952acd22df3326c49771f5e5ba48630899468c
-CVE-2016-5417
+CVE-2016-5417 (Memory leak in the __res_vinit function in the IPv6 name server manage ...)
 	- glibc 2.22-4 (bug #833302)
 	[jessie] - glibc <not-affected> (Introduced in 2.22)
 	- eglibc <not-affected> (Introduced in 2.22)
 	NOTE: Introduced by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2212c1420c92a33b0e0bd9a34938c9814a56c0f7 (glibc-2.22)
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5e7fdabd7df1fc6c56d104e61390bf5a6b526c38 (glibc-2.24)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19257
-CVE-2016-5416
+CVE-2016-5416 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7,  ...)
 	- 389-ds-base <unfixed> (bug #834233)
 	[buster] - 389-ds-base <no-dsa> (Minor issue)
 	[stretch] - 389-ds-base <no-dsa> (Minor issue)
@@ -16300,64 +16300,64 @@ CVE-2016-5416
 	NOTE: Potentially related: https://fedorahosted.org/389/ticket/48354
 CVE-2016-5415
 	RESERVED
-CVE-2016-5414
+CVE-2016-5414 (FreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN name ...)
 	- freeipa <not-affected> (Vulnerable code introduced in the 4.4.0 release)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1360757
 	NOTE: https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=25ed36fda14b30d6a50746a536939e3b428993cb
 CVE-2016-5413
 	RESERVED
-CVE-2016-5412
+CVE-2016-5412 (arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4. ...)
 	- linux 4.7.2-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Transactional memory not supported)
 	NOTE: https://marc.info/?l=kvm&m=146968629127349&w=2
 	NOTE: https://git.kernel.org/linus/93d17397e4e2182fdaad503e2f9da46202c0f1c3 (v4.8-rc1)
-CVE-2016-5411
+CVE-2016-5411 (/var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart  ...)
 	NOT-FOR-US: ovirt engine
-CVE-2016-5410
+CVE-2016-5410 (firewalld.py in firewalld before 0.4.3.3 allows local users to bypass  ...)
 	- firewalld 0.4.3.3-1 (bug #834529)
 	[jessie] - firewalld <ignored> (Minor issue)
 	NOTE: Introduced by: https://github.com/t-woerner/firewalld/commit/6b9867cd5c5e2c83adeec42666521a420e59ef11
-CVE-2016-5409
+CVE-2016-5409 (Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a ...)
 	NOT-FOR-US: OpenShift Enterprise
-CVE-2016-5408
+CVE-2016-5408 (Stack-based buffer overflow in the munge_other_line function in cachem ...)
 	{DLA-556-1}
 	- squid3 <not-affected> (Incomplete fix for CVE-2016-4051 not applied)
 	NOTE: CVE is specific for the incomplete fix of CVE-2016-4051 as applied
 	NOTE: by some vendors.
-CVE-2016-5407
+CVE-2016-5407 (The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org li ...)
 	{DLA-667-1}
 	- libxv 2:1.0.11-1 (low; bug #840438)
 	[jessie] - libxv 2:1.0.10-1+deb8u1
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXv/commit/?id=d9da580b46a28ab497de2e94fdc7b9ff953dab17
-CVE-2016-5406
+CVE-2016-5406 (The domain controller in Red Hat JBoss Enterprise Application Platform ...)
 	NOT-FOR-US: JBoss EAP
-CVE-2016-5405
+CVE-2016-5405 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7,  ...)
 	- 389-ds-base 1.3.5.15-1 (bug #842121)
 	[jessie] - 389-ds-base <no-dsa> (minor issue)
 	NOTE: This affects systems storing passwords in plain text.
 	NOTE: Systems using unsalted hashes might be unsafe as well if using weak
 	NOTE: hash algorithms, however the attack would be very time-consuming.
 	NOTE: the patch for this CVE causes CVE-2017-15135
-CVE-2016-5404
+CVE-2016-5404 (The cert_revoke command in FreeIPA does not check for the "revoke cert ...)
 	- freeipa 4.3.2-5 (bug #835131)
 	NOTE: https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=cf74584d0f772f3f5eccc1d30c001e4212a104fd (master)
 	NOTE: https://fedorahosted.org/freeipa/ticket/6232
-CVE-2016-5403
+CVE-2016-5403 (The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local  ...)
 	{DLA-574-1 DLA-573-1}
 	- qemu 1:2.6+dfsg-3.1 (bug #832619)
 	[jessie] - qemu <no-dsa> (Minor issue; can be fixed in future DSA or point release)
 	- qemu-kvm <removed>
-CVE-2016-5402
+CVE-2016-5402 (A code injection flaw was found in the way capacity and utilization im ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2016-5401
+CVE-2016-5401 (Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS  ...)
 	NOT-FOR-US: JBoss BPMS business-central
-CVE-2016-5400
+CVE-2016-5400 (Memory leak in the airspy_probe function in drivers/media/usb/airspy/a ...)
 	- linux 4.7.2-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/aa93d1fee85c890a34f2510a310e55ee76a27848 (4.7)
-CVE-2016-5399
+CVE-2016-5399 (The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x befor ...)
 	{DSA-3631-1 DLA-628-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
@@ -16366,9 +16366,9 @@ CVE-2016-5399
 	NOTE: CVE is assigned for the issue in PHP in adequate error handling in the
 	NOTE: bzread() function. Disputed by PHP upstream, which considers that the
 	NOTE: underlying bzip2 library is at fault.
-CVE-2016-5398
+CVE-2016-5398 (Cross-site scripting (XSS) vulnerability in Business Process Editor in ...)
 	NOT-FOR-US: JBoss BPMS
-CVE-2016-5397
+CVE-2016-5397 (The Apache Thrift Go client library exposed the potential during code  ...)
 	- thrift-compiler <unfixed> (unimportant; bug #894577)
 	[experimental] - thrift 0.10.0-1 (unimportant)
 	- thrift 0.11.0-3 (unimportant)
@@ -16380,31 +16380,31 @@ CVE-2016-5397
 	NOTE: Only ever affected src:thrift in experimental, and fixed in src:thrift/0.10.0-1
 	NOTE: so any future upload of thrift to unstable can mark this item as <not-affected>
 	NOTE: (fixed before the initial upload to Debian unstable)
-CVE-2016-5396
+CVE-2016-5396 (Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Att ...)
 	- trafficserver 7.0.0-1
 	[wheezy] - trafficserver <not-affected> (Vulnerable code not present)
 	NOTE: https://issues.apache.org/jira/browse/TS-5019
-CVE-2016-5395
+CVE-2016-5395 (Cross-site scripting (XSS) vulnerability in the create user functional ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2016-5394
+CVE-2016-5394 (In the XSS Protection API module before 1.0.12 in Apache Sling, the en ...)
 	NOT-FOR-US: Apache Sling
-CVE-2016-5393
+CVE-2016-5393 (In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote u ...)
 	- hadoop <itp> (bug #793644)
-CVE-2016-5392
+CVE-2016-5392 (The API server in Kubernetes, as used in Red Hat OpenShift Enterprise  ...)
 	NOT-FOR-US: OpenShift
-CVE-2016-5391
+CVE-2016-5391 (libreswan before 3.18 allows remote attackers to cause a denial of ser ...)
 	- libreswan <not-affected> (Fixed before the initial upload to Debian)
 	NOTE: https://libreswan.org/security/CVE-2016-5391/CVE-2016-5391.txt
-CVE-2016-5390
+CVE-2016-5390 (Foreman before 1.11.4 and 1.12.x before 1.12.1 allow remote authentica ...)
 	- foreman <itp> (bug #663101)
-CVE-2016-5696
+CVE-2016-5696 (net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly  ...)
 	{DSA-3659-1 DLA-609-1}
 	- linux 4.7.2-1
 	NOTE: Introduced by: https://github.com/torvalds/linux/commit/282f23c6ee343126156dd41218b22ece96d747e3
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/75ff39ccc1bd5d3c455b6822ab09e533c551f758
 CVE-2016-5389
 	REJECTED
-CVE-2016-5388
+CVE-2016-5388 (Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI S ...)
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.37-1 (unimportant)
 	- tomcat7 7.0.72-1 (unimportant)
@@ -16439,27 +16439,27 @@ CVE-2016-1000104
 	NOTE: libapache2-mod-fcgid does not set HTTP_PROXY based on Proxy: header unless
 	NOTE: explicitly configured so and mitigations for Apache in CVE-2016-5387 prevent
 	NOTE: exploitation anyway
-CVE-2016-5387
+CVE-2016-5387 (The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18  ...)
 	{DSA-3623-1 DLA-553-1}
 	- apache2 2.4.23-2
 	NOTE: https://www.apache.org/security/asf-httpoxy-response.txt
 	NOTE: https://httpoxy.org
-CVE-2016-5386
+CVE-2016-5386 (The net/http package in Go through 1.6 does not attempt to address RFC ...)
 	- golang <unfixed> (unimportant)
 	NOTE: No part of Go does set HTTP_PROXY based on a Proxy: header, 1.6.3 and 1.7
 	NOTE: provide hardening to discard HTTP_PROXY
-CVE-2016-5385
+CVE-2016-5385 (PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18  ...)
 	{DSA-3631-1 DLA-749-1}
 	- php7.0 7.0.9-1
 	- php5 5.6.24+dfsg-1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72573
 	NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
-CVE-2016-5384
+CVE-2016-5384 (fontconfig before 2.12.1 does not validate offsets, which allows local ...)
 	{DSA-3644-1 DLA-587-1}
 	- fontconfig 2.11.0-6.5 (bug #833570)
 	NOTE: https://lists.freedesktop.org/archives/fontconfig/2016-August/005792.html
 	NOTE: Fixed by: https://cgit.freedesktop.org/fontconfig/commit/?id=7a4a5bd7897d216f0794ca9dbce0a4a5c9d14940 (2.12.1)
-CVE-2016-5383
+CVE-2016-5383 (The web UI in Red Hat CloudForms 4.1 allows remote authenticated users ...)
 	NOT-FOR-US: Red Hat CloudForms
 CVE-2016-5382
 	RESERVED
@@ -16477,11 +16477,11 @@ CVE-2016-5376
 	RESERVED
 CVE-2016-5375
 	RESERVED
-CVE-2016-5374
+CVE-2016-5374 (NetApp Data ONTAP 9.0 and 9.1 before 9.1P1 allows remote authenticated ...)
 	NOT-FOR-US: NetApp
 CVE-2016-5373
 	RESERVED
-CVE-2016-5372
+CVE-2016-5372 (Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator ...)
 	NOT-FOR-US: NetApp
 CVE-2016-5371
 	RESERVED
@@ -16489,61 +16489,61 @@ CVE-2016-5370
 	RESERVED
 CVE-2016-5369
 	RESERVED
-CVE-2016-5368
+CVE-2016-5368 (Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote at ...)
 	NOT-FOR-US: Huawei
-CVE-2016-5367
+CVE-2016-5367 (Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow re ...)
 	NOT-FOR-US: Huawei
-CVE-2016-5366
+CVE-2016-5366 (Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow re ...)
 	NOT-FOR-US: Huawei
-CVE-2016-5365
+CVE-2016-5365 (Stack-based buffer overflow in Huawei Honor WS851 routers with softwar ...)
 	NOT-FOR-US: Huawei
-CVE-2016-5364
+CVE-2016-5364 (Cross-site scripting (XSS) vulnerability in manage_custom_field_edit_p ...)
 	{DLA-512-1}
 	- mantis <removed>
 	NOTE: http://github.com/mantisbt/mantisbt/commit/5068df2d (1.2.x)
 	NOTE: https://mantisbt.org/bugs/view.php?id=20956
-CVE-2016-5363
+CVE-2016-5363 (The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 thro ...)
 	- neutron 2:8.1.2-1
 	[jessie] - neutron <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/bugs/1558658
-CVE-2016-5362
+CVE-2016-5362 (The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 thro ...)
 	- neutron 2:8.1.2-1
 	[jessie] - neutron <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/bugs/1558658
-CVE-2016-5349
+CVE-2016-5349 (The high level operating systems (HLOS) was not providing sufficient m ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5348
+CVE-2016-5348 (The GPS component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1 ...)
 	NOT-FOR-US: Android
-CVE-2016-5347
+CVE-2016-5347 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-5346
 	RESERVED
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5345
+CVE-2016-5345 (Buffer overflow in the Qualcomm radio driver in Android before 2017-01 ...)
 	NOT-FOR-US: Qualcomm radio driver for Android
-CVE-2016-5344
+CVE-2016-5344 (Multiple integer overflows in the MDSS driver for the Linux kernel 3.x ...)
 	- linux <not-affected> (Android-specific kernel patch)
-CVE-2016-5343
+CVE-2016-5343 (drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driv ...)
 	- linux <not-affected> (Android-specific kernel patch)
-CVE-2016-5342
+CVE-2016-5342 (Heap-based buffer overflow in the wcnss_wlan_write function in drivers ...)
 	- linux <not-affected> (Android-specific kernel patch)
-CVE-2016-5341
+CVE-2016-5341 (The GPS component in Android before 2016-12-05 allows man-in-the-middl ...)
 	NOT-FOR-US: Android
-CVE-2016-5340
+CVE-2016-5340 (The is_ashmem_file function in drivers/staging/android/ashmem.c in a c ...)
 	- linux <not-affected> (Android-specific kernel patch, is_ashmem_file/put_ashmem_file not present in mainline kernel)
 CVE-2016-5339
 	RESERVED
-CVE-2016-5361
+CVE-2016-5361 (programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial ...)
 	- libreswan <not-affected> (Fixed before initial upload to Debian)
 	NOTE: Possibly the CVE should be rejected: http://www.openwall.com/lists/oss-security/2016/06/13/1
 	NOTE: MITRE has not assigned the CVE to the protocol flaw, but specific to libreswan, but as
 	NOTE: Huzaifa Sidhpurwala <huzaifas@redhat.com> pointed out that is not a libreswan issue, rather
 	NOTE: the protocol is flawed.
-CVE-2016-5360
+CVE-2016-5360 (HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, all ...)
 	- haproxy 1.6.5-2 (bug #826869)
 	[jessie] - haproxy <not-affected> (Issue introduced in 1.6.0)
 	NOTE: Fixed by: http://git.haproxy.org/?p=haproxy-1.6.git;a=commit;h=60f01f8c89e4fb2723d5a9f2046286e699567e0b
-CVE-2016-5338
+CVE-2016-5338 (The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c  ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #827024)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -16552,7 +16552,7 @@ CVE-2016-5338
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1343323
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01507.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=ff589551c8e8e9e95e211b9d8daafb4ed39f1aec
-CVE-2016-5337
+CVE-2016-5337 (The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #827026)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -16561,100 +16561,100 @@ CVE-2016-5337
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1343909
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01969.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=844864fbae66935951529408831c2f22367a57b6
-CVE-2016-5336
+CVE-2016-5336 (VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to ...)
 	NOT-FOR-US: VMware
-CVE-2016-5335
+CVE-2016-5335 (VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x b ...)
 	NOT-FOR-US: VMware
-CVE-2016-5334
+CVE-2016-5334 (VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x b ...)
 	NOT-FOR-US: VMware
-CVE-2016-5333
+CVE-2016-5333 (VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public ke ...)
 	NOT-FOR-US: VMware
-CVE-2016-5332
+CVE-2016-5332 (Directory traversal vulnerability in VMware vRealize Log Insight 2.x a ...)
 	NOT-FOR-US: vRealize Log Insight
-CVE-2016-5331
+CVE-2016-5331 (CRLF injection vulnerability in VMware vCenter Server 6.0 before U2 an ...)
 	NOT-FOR-US: VMware
-CVE-2016-5330
+CVE-2016-5330 (Untrusted search path vulnerability in the HGFS (aka Shared Folders) f ...)
 	NOT-FOR-US: VMware
-CVE-2016-5329
+CVE-2016-5329 (VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection ...)
 	NOT-FOR-US: VMware
-CVE-2016-5328
+CVE-2016-5328 (VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity ...)
 	NOT-FOR-US: VMware
 CVE-2016-5327
 	RESERVED
 CVE-2016-5326
 	RESERVED
-CVE-2016-5325
+CVE-2016-5325 (CRLF injection vulnerability in the ServerResponse#writeHead function  ...)
 	- nodejs 4.6.0~dfsg-1 (bug #839714; unimportant)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodejs.org/en/blog/vulnerability/june-2016-security-releases/
-CVE-2016-5359
+CVE-2016-5359 (epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 1.1 ...)
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0
 	NOTE: Only affects 1.12, marking 2.0 as fixed
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-38.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12408
 	NOTE: https://github.com/wireshark/wireshark/commit/b8e0d416898bb975a02c1b55883342edc5b4c9c0
-CVE-2016-5358
+CVE-2016-5358 (epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark  ...)
 	- wireshark 2.0.4+gdd7746e-1
 	[jessie] - wireshark <not-affected> (Only affects 2.0)
 	[wheezy] - wireshark <not-affected> (Only affects 2.0)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-37.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12440
 	NOTE: https://github.com/wireshark/wireshark/commit/2c13e97d656c1c0ac4d76eb9d307664aae0e0cf7
-CVE-2016-5357
+CVE-2016-5357 (wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x b ...)
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-36.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12396
 	NOTE: https://github.com/wireshark/wireshark/commit/11edc83b98a61e890d7bb01855389d40e984ea82
 	NOTE: https://github.com/wireshark/wireshark/commit/6a140eca7b78b230f1f90a739a32257476513c78
-CVE-2016-5356
+CVE-2016-5356 (wiretap/cosine.c in the CoSine file parser in Wireshark 1.12.x before  ...)
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-35.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12395
 	NOTE: https://github.com/wireshark/wireshark/commit/a66628e425db725df1ac52a3c573a03357060ddd
 	NOTE: https://github.com/wireshark/wireshark/commit/f5ec0afb766f19519ea9623152cca3bbe2229500
-CVE-2016-5355
+CVE-2016-5355 (wiretap/toshiba.c in the Toshiba file parser in Wireshark 1.12.x befor ...)
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-34.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12394
 	NOTE: https://github.com/wireshark/wireshark/commit/3270dfac43da861c714df76513456b46765ff47f
 	NOTE: https://github.com/wireshark/wireshark/commit/5efb45231671baa2db2011d8f67f9d6e72bc455b
-CVE-2016-5354
+CVE-2016-5354 (The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2. ...)
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-33.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12356
 	NOTE: https://github.com/wireshark/wireshark/commit/2cb5985bf47bdc8bea78d28483ed224abdd33dc6
-CVE-2016-5353
+CVE-2016-5353 (epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark ...)
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-32.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12191
 	NOTE: https://github.com/wireshark/wireshark/commit/7d7190695ce2ff269fdffb04e87139995cde21f4
-CVE-2016-5352
+CVE-2016-5352 (epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 2.x be ...)
 	- wireshark 2.0.4+gdd7746e-1
 	[jessie] - wireshark <not-affected> (Only affects 2.0)
 	[wheezy] - wireshark <not-affected> (Only affects 2.0)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-31.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12175
 	NOTE: https://github.com/wireshark/wireshark/commit/b6d838eebf4456192360654092e5587c5207f185
-CVE-2016-5351
+CVE-2016-5351 (epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x ...)
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-30.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11585
 	NOTE: https://github.com/wireshark/wireshark/commit/9b0b20b8d5f8c9f7839d58ff6c5900f7e19283b4
-CVE-2016-5350
+CVE-2016-5350 (epan/dissectors/packet-dcerpc-spoolss.c in the SPOOLS component in Wir ...)
 	{DSA-3615-1 DLA-538-1}
 	- wireshark 2.0.4+gdd7746e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-29.html
 	NOTE: https://github.com/wireshark/wireshark/commit/b4d16b4495b732888e12baf5b8a7e9bf2665e22b
 CVE-2016-5324
 	RESERVED
-CVE-2016-5323
+CVE-2016-5323 (The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote a ...)
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.6-2 (unimportant)
 	- tiff3 <removed> (unimportant)
@@ -16662,14 +16662,14 @@ CVE-2016-5323
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2559
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=659
 	NOTE: No security impact, just a crash in a CLI tool
-CVE-2016-5322
+CVE-2016-5322 (The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier al ...)
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.7-1
 	- tiff3 <removed> (unimportant)
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2560
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=658
-CVE-2016-5321
+CVE-2016-5321 (The DumpModeDecode function in libtiff 4.0.6 and earlier allows attack ...)
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.6-2
 	- tiff3 <removed>
@@ -16678,21 +16678,21 @@ CVE-2016-5321
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=657
 CVE-2016-5320
 	REJECTED
-CVE-2016-5317
+CVE-2016-5317 (Buffer overflow in the PixarLogDecode function in libtiff.so in the Pi ...)
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.6-2 (bug #830700)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2557
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=653
 	NOTE: Upstream marked this duplicate of bug http://bugzilla.maptools.org/show_bug.cgi?id=2554
-CVE-2016-5316
+CVE-2016-5316 (Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c i ...)
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.6-2 (bug #830700)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2556
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=656
 	NOTE: Upstream marked this duplicate of bug http://bugzilla.maptools.org/show_bug.cgi?id=2554
-CVE-2016-5315
+CVE-2016-5315 (The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier al ...)
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.6-2 (bug #830700)
 	- tiff3 <removed>
@@ -16701,82 +16701,82 @@ CVE-2016-5315
 	NOTE: Possible duplicate with PixarLogDecode() issue
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2555#c2
 	NOTE: Upstream marked this duplicate of http://bugzilla.maptools.org/show_bug.cgi?id=2554
-CVE-2016-5314
+CVE-2016-5314 (Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in Li ...)
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.6-2 (bug #830700)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2554
 	NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=654
 	NOTE: Upstream fix https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2
-CVE-2016-5313
+CVE-2016-5313 (Symantec Web Gateway (SWG) before 5.2.5 allows remote authenticated us ...)
 	NOT-FOR-US: Symantec
-CVE-2016-5312
+CVE-2016-5312 (Directory traversal vulnerability in the charting component in Symante ...)
 	NOT-FOR-US: Symantec
 CVE-2016-5311
 	RESERVED
-CVE-2016-5310
+CVE-2016-5310 (The RAR file parser component in the AntiVirus Decomposer engine in Sy ...)
 	NOT-FOR-US: Symantec
-CVE-2016-5309
+CVE-2016-5309 (The RAR file parser component in the AntiVirus Decomposer engine in Sy ...)
 	NOT-FOR-US: Symantec
-CVE-2016-5308
+CVE-2016-5308 (The Client Intrusion Detection System (CIDS) driver before 15.0.6 in S ...)
 	NOT-FOR-US: Norton
-CVE-2016-5307
+CVE-2016-5307 (Directory traversal vulnerability in Symantec Endpoint Protection Mana ...)
 	NOT-FOR-US: Symantec
-CVE-2016-5306
+CVE-2016-5306 (Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does n ...)
 	NOT-FOR-US: Symantec
-CVE-2016-5305
+CVE-2016-5305 (Multiple cross-site scripting (XSS) vulnerabilities in management scri ...)
 	NOT-FOR-US: Symantec
-CVE-2016-5304
+CVE-2016-5304 (Open redirect vulnerability in a report-routing component in Symantec  ...)
 	NOT-FOR-US: Symantec
-CVE-2016-5303
+CVE-2016-5303 (Cross-site scripting (XSS) vulnerability in the Horde Text Filter API  ...)
 	- php-horde-text-filter 2.3.5-1 (bug #837150)
 	[jessie] - php-horde-text-filter <no-dsa> (Minor issue)
-CVE-2016-5302
+CVE-2016-5302 (Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has bee ...)
 	NOT-FOR-US: Citrix
-CVE-2016-5299
+CVE-2016-5299 (A previously installed malicious Android application with same signatu ...)
 	- firefox <not-affected> (Only affects Firefox on Android)
-CVE-2016-5298
+CVE-2016-5298 (A mechanism where disruption of the loading of a new web page can caus ...)
 	- firefox <not-affected> (Only affects Firefox on Android)
-CVE-2016-5297
+CVE-2016-5297 (An error in argument length checking in JavaScript, leading to potenti ...)
 	{DSA-3730-1 DSA-3716-1 DLA-752-1 DLA-730-1}
 	- firefox 50.0-1
 	- firefox-esr 45.5.0esr-1
 	- icedove 1:45.5.0-1
-CVE-2016-5296
+CVE-2016-5296 (A heap-buffer-overflow in Cairo when processing SVG content caused by  ...)
 	{DSA-3730-1 DSA-3716-1 DLA-752-1 DLA-730-1}
 	- firefox 50.0-1
 	- firefox-esr 45.5.0esr-1
 	- icedove 1:45.5.0-1
-CVE-2016-5295
+CVE-2016-5295 (This vulnerability allows an attacker to use the Mozilla Maintenance S ...)
 	- firefox <not-affected> (Only affects Firefox on Windows)
-CVE-2016-5294
+CVE-2016-5294 (The Mozilla Updater can be made to choose an arbitrary target working  ...)
 	- firefox <not-affected> (Only affects Firefox on Windows)
 	- firefox-esr <not-affected> (Only affects Firefox on Windows)
 	- icedove <not-affected> (Only affects Thunderbird on Windows)
-CVE-2016-5293
+CVE-2016-5293 (When the Mozilla Updater is run, if the Updater's log file in the work ...)
 	- firefox <not-affected> (Only affects Firefox on Windows)
 	- firefox-esr <not-affected> (Only affects Firefox on Windows)
-CVE-2016-5292
+CVE-2016-5292 (During URL parsing, a maliciously crafted URL can cause a potentially  ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-5291
+CVE-2016-5291 (A same-origin policy bypass with local shortcut files to load arbitrar ...)
 	{DSA-3730-1 DSA-3716-1 DLA-752-1 DLA-730-1}
 	- firefox 50.0-1
 	- firefox-esr 45.5.0esr-1
 	- icedove 1:45.5.0-1
-CVE-2016-5290
+CVE-2016-5290 (Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. S ...)
 	{DSA-3730-1 DSA-3716-1 DLA-752-1 DLA-730-1}
 	- firefox 50.0-1
 	- firefox-esr 45.5.0esr-1
 	- icedove 1:45.5.0-1
-CVE-2016-5289
+CVE-2016-5289 (Memory safety bugs were reported in Firefox 49. Some of these bugs sho ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox 45 ESR release)
-CVE-2016-5288
+CVE-2016-5288 (Web content could access information in the HTTP cache if e10s is disa ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox releases < 48)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1310183 (not yet public)
-CVE-2016-5287
+CVE-2016-5287 (A potentially exploitable use-after-free crash during actor destructio ...)
 	- firefox 50.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox releases < 49)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1309823
@@ -16787,85 +16787,85 @@ CVE-2016-5285
 	- nss 2:3.25-1
 	NOTE: Fixed by https://hg.mozilla.org/projects/nss/rev/45c047d18ac4
 	NOTE: Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1306103
-CVE-2016-5284
+CVE-2016-5284 (Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunder ...)
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5283
+CVE-2016-5283 (Mozilla Firefox before 49.0 allows remote attackers to bypass the Same ...)
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5282
+CVE-2016-5282 (Mozilla Firefox before 49.0 does not properly restrict the scheme in f ...)
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5281
+CVE-2016-5281 (Use-after-free vulnerability in the DOMSVGLength class in Mozilla Fire ...)
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5280
+CVE-2016-5280 (Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityM ...)
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5279
+CVE-2016-5279 (Mozilla Firefox before 49.0 allows user-assisted remote attackers to o ...)
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5278
+CVE-2016-5278 (Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function ...)
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5277
+CVE-2016-5277 (Use-after-free vulnerability in the nsRefreshDriver::Tick function in  ...)
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5276
+CVE-2016-5276 (Use-after-free vulnerability in the mozilla::a11y::DocAccessible::Proc ...)
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5275
+CVE-2016-5275 (Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeede ...)
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5274
+CVE-2016-5274 (Use-after-free vulnerability in the nsFrameManager::CaptureFrameState  ...)
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5273
+CVE-2016-5273 (The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the ...)
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5272
+CVE-2016-5272 (The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ...)
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5271
+CVE-2016-5271 (The PropertyProvider::GetSpacingInternal function in Mozilla Firefox b ...)
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-5270
+CVE-2016-5270 (Heap-based buffer overflow in the nsCaseTransformTextRunFactory::Trans ...)
 	{DSA-3674-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
@@ -16873,107 +16873,107 @@ CVE-2016-5270
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
 CVE-2016-5269
 	RESERVED
-CVE-2016-5268
+CVE-2016-5268 (Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-83/
-CVE-2016-5267
+CVE-2016-5267 (Mozilla Firefox before 48.0 on Android allows remote attackers to spoo ...)
 	- firefox <not-affected> (Android-specific)
 	- firefox-esr <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-82/
-CVE-2016-5266
+CVE-2016-5266 (Mozilla Firefox before 48.0 does not properly restrict drag-and-drop ( ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-81/
-CVE-2016-5265
+CVE-2016-5265 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow use ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-80/
-CVE-2016-5264
+CVE-2016-5264 (Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildL ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-79/
-CVE-2016-5263
+CVE-2016-5263 (The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-78/
-CVE-2016-5262
+CVE-2016-5262 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process J ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-76/
-CVE-2016-5261
+CVE-2016-5261 (Integer overflow in the WebSocketChannel class in the WebSockets subsy ...)
 	{DSA-3674-1 DLA-636-1}
 	- firefox 48.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: For Firefox: https://www.mozilla.org/en-US/security/advisories/mfsa2016-75/
 	NOTE: For Firefox https://www.mozilla.org/security/advisories/mfsa2016-86/
-CVE-2016-5260
+CVE-2016-5260 (Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="passw ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-74/
-CVE-2016-5259
+CVE-2016-5259 (Use-after-free vulnerability in the CanonicalizeXPCOMParticipant funct ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-73/
-CVE-2016-5258
+CVE-2016-5258 (Use-after-free vulnerability in the WebRTC socket thread in Mozilla Fi ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-72/
-CVE-2016-5257
+CVE-2016-5257 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3690-1 DSA-3674-1 DLA-658-1 DLA-636-1}
 	- firefox 49.0-1
 	- firefox-esr 45.4.0esr-1
 	- icedove 1:45.4.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-85/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
-CVE-2016-5256
+CVE-2016-5256 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
-CVE-2016-5255
+CVE-2016-5255 (Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep  ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-71/
-CVE-2016-5254
+CVE-2016-5254 (Use-after-free vulnerability in the nsXULPopupManager::KeyDown functio ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-70/
-CVE-2016-5253
+CVE-2016-5253 (The Updater in Mozilla Firefox before 48.0 on Windows allows local use ...)
 	- firefox <not-affected> (Only affects Windows)
 	- firefox-esr <not-affected> (Only affects Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-69/
-CVE-2016-5252
+CVE-2016-5252 (Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-67/
-CVE-2016-5251
+CVE-2016-5251 (Mozilla Firefox before 48.0 allows remote attackers to spoof the locat ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-66/
-CVE-2016-5250
+CVE-2016-5250 (Mozilla Firefox before 48.0, Firefox ESR &lt; 45.4 and Thunderbird &lt ...)
 	{DSA-3674-1 DLA-636-1}
 	- firefox 48.0-1
 	- firefox-esr 45.4.0esr-1
 	NOTE: For Firefox: https://www.mozilla.org/en-US/security/advisories/mfsa2016-84/
 	NOTE: For Firefox ESR: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
-CVE-2016-5249
+CVE-2016-5249 (Lenovo Solution Center (LSC) before 3.3.003 allows local users to exec ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-5248
+CVE-2016-5248 (The StopProxy command in LSC.Services.SystemService in Lenovo Solution ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-5247
+CVE-2016-5247 (The BIOS for Lenovo ThinkCentre E93, M6500t/s, M6600, M6600q, M6600t/s ...)
 	NOT-FOR-US: Lenovo
 CVE-2016-5246
 	RESERVED
 CVE-2016-5245
 	RESERVED
-CVE-2016-4456
+CVE-2016-4456 (The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows r ...)
 	- gnutls28 3.4.13-1
 	[jessie] - gnutls28 <not-affected> (Introduced in 3.4.12)
 	NOTE: http://gnutls.org/security.html#GNUTLS-SA-2016-1
@@ -16988,7 +16988,7 @@ CVE-2016-1000002
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1391126
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=753678
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=776051
-CVE-2016-5319
+CVE-2016-5319 (Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earl ...)
 	{DLA-693-1}
 	- tiff 4.0.6-3 (bug #842046)
 	- tiff3 <removed>
@@ -16999,7 +16999,7 @@ CVE-2016-5319
 	NOTE: Utility bmp2tiff has been removed from upstream LibTIFF
 	NOTE: No patch available. Marked as wontfix by upstream.
 	NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-5318
+CVE-2016-5318 (Stack-based buffer overflow in the _TIFFVGetField function in libtiff  ...)
 	{DLA-693-1 DLA-692-1}
 	- tiff 4.0.6-3
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -17013,38 +17013,38 @@ CVE-2016-5318
 	NOTE: With 4.0.6-2 (sid), I get a segfault.
 	NOTE: With 4.0.3-12.3+deb8u1 (jessie), I get a segfault.
 	NOTE: With 3.9.6-11+deb7u1 (wheezy), I get a failure: MissingRequired: ../CVE-2016-5318.tiff: TIFF directory is missing required "StripOffsets" field.
-CVE-2016-5301
+CVE-2016-5301 (The parse_chunk_header function in libtorrent before 1.1.1 allows remo ...)
 	{DLA-511-1}
 	- libtorrent-rasterbar 1.1.0-1 (bug #826380)
 	[jessie] - libtorrent-rasterbar <no-dsa> (Minor issue)
 	NOTE: https://github.com/arvidn/libtorrent/issues/780
 	NOTE: https://github.com/arvidn/libtorrent/pull/782
-CVE-2016-5300
+CVE-2016-5300 (The XML parser in Expat does not use sufficient entropy for hash initi ...)
 	{DSA-3597-1 DLA-508-1}
 	- expat 2.1.1-3
-CVE-2016-5244
+CVE-2016-5244 (The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel t ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.6.2-1
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb
-CVE-2016-5243
+CVE-2016-5243 (The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in  ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.6.2-1
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/5d2be1422e02ccd697ccfcd45c85b4a26e6178e2
-CVE-2016-5242
+CVE-2016-5242 (The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x ...)
 	{DSA-3633-1}
 	- xen 4.8.0~rc3-1
 	[wheezy] - xen <not-affected> (arm not supported)
 	NOTE: http://xenbits.xen.org/xsa/advisory-181.html
-CVE-2016-5241
+CVE-2016-5241 (magick/render.c in GraphicsMagick before 1.3.24 allows remote attacker ...)
 	{DLA-1401-1 DLA-547-1}
 	- graphicsmagick 1.3.24-1
 	NOTE: Fixed by: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/8d175c4edfe7
-CVE-2016-5240
+CVE-2016-5240 (The DrawDashPolygon function in magick/render.c in GraphicsMagick befo ...)
 	{DSA-3746-1 DLA-547-1}
 	- graphicsmagick 1.3.24-1
 	NOTE: Fixed by: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ddc999ec896c
 	NOTE: DLA-547-1 didn't fix this properly
-CVE-2016-5237
+CVE-2016-5237 (Valve Steam 3.42.16.13 uses weak permissions for the files in the Stea ...)
 	NOT-FOR-US: Valve Steam
 CVE-2016-5236
 	RESERVED
@@ -17058,13 +17058,13 @@ CVE-2016-XXXX [doesn't remove metadata in embedded images in PDFs]
 	NOTE: https://0xacab.org/mat/mat/issues/11067
 	NOTE: Patch in 0.6.1-3 disabled PDF support
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/06/02/5
-CVE-2016-5239
+CVE-2016-5239 (The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and G ...)
 	{DSA-3580-1 DLA-1456-1 DLA-486-1 DLA-484-1}
 	- graphicsmagick 1.3.24-1
 	- imagemagick 8:6.9.6.2+dfsg-2
 	NOTE: http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/e38b4f74ca19
-CVE-2016-5238
+CVE-2016-5238 (The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest  ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3 (bug #826152)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -17072,119 +17072,119 @@ CVE-2016-5238
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1341931
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg00150.html
-CVE-2016-5234
+CVE-2016-5234 (Buffer overflow in Huawei VP9660, VP9650, and VP9630 multipoint contro ...)
 	NOT-FOR-US: Huawei
-CVE-2016-5233
+CVE-2016-5233 (Huawei Mate 8 smartphones with software NXT-AL10 before NXT-AL10C00B18 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-5232
+CVE-2016-5232 (Buffer overflow in Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL  ...)
 	NOT-FOR-US: Huawei
-CVE-2016-5231
+CVE-2016-5231 (Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B ...)
 	NOT-FOR-US: Huawei
-CVE-2016-5230
+CVE-2016-5230 (Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B ...)
 	NOT-FOR-US: Huawei
-CVE-2016-5229
+CVE-2016-5229 (Atlassian Bamboo before 5.11.4.1 and 5.12.x before 5.12.3.1 does not p ...)
 	NOT-FOR-US: Atlassian
-CVE-2016-5228
+CVE-2016-5228 (Stack-based buffer overflow in the PlayMacro function in ObjectXMacro. ...)
 	NOT-FOR-US: Rumba
 CVE-2016-5227
 	RESERVED
-CVE-2016-5226
+CVE-2016-5226 (Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Ma ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5225
+CVE-2016-5225 (Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linu ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5224
+CVE-2016-5224 (A timing attack on denormalized floating point arithmetic in SVG filte ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5223
+CVE-2016-5223 (Integer overflow in PDFium in Google Chrome prior to 55.0.2883.75 for  ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5222
+CVE-2016-5222 (Incorrect handling of invalid URLs in Google Chrome prior to 55.0.2883 ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5221
+CVE-2016-5221 (Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.28 ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5220
+CVE-2016-5220 (PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Lin ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5219
+CVE-2016-5219 (A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-5218
+CVE-2016-5218 (The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Win ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5217
+CVE-2016-5217 (The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Win ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5216
+CVE-2016-5216 (A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for  ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5215
+CVE-2016-5215 (A use after free in webaudio in Google Chrome prior to 55.0.2883.75 fo ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5214
+CVE-2016-5214 (Google Chrome prior to 55.0.2883.75 for Windows mishandled downloaded  ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5213
+CVE-2016-5213 (A use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-5212
+CVE-2016-5212 (Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55 ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5211
+CVE-2016-5211 (A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for  ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5210
+CVE-2016-5210 (Heap buffer overflow during TIFF image parsing in PDFium in Google Chr ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5209
+CVE-2016-5209 (Bad casting in bitmap manipulation in Blink in Google Chrome prior to  ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5208
+CVE-2016-5208 (Blink in Google Chrome prior to 55.0.2883.75 for Linux and Windows, an ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5207
+CVE-2016-5207 (In Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and L ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5206
+CVE-2016-5206 (The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5205
+CVE-2016-5205 (Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Ma ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5204
+CVE-2016-5204 (Leaking of an SVG shadow tree leading to corruption of the DOM tree in ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5203
+CVE-2016-5203 (A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for  ...)
 	{DSA-3731-1}
 	- chromium-browser 55.0.2883.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -17193,17 +17193,17 @@ CVE-2016-5202 [various fixes from internal audits]
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5201
+CVE-2016-5201 (A leak of privateClass in the extensions API in Google Chrome prior to ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5200
+CVE-2016-5200 (V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 fo ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-5199
+CVE-2016-5199 (An off by one error resulting in an allocation of zero size in FFmpeg  ...)
 	{DSA-3731-1}
 	- chromium-browser 44.0.2403.157-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -17212,17 +17212,17 @@ CVE-2016-5199
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://chromium-review.googlesource.com/383956
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/347cb14b7cba7560e53f4434b419b9d8800253e7
-CVE-2016-5198
+CVE-2016-5198 (V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85  ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-5197
+CVE-2016-5197 (The content view client in Google Chrome prior to 54.0.2840.85 for And ...)
 	- chromium-browser <not-affected> (Only affects Chrome on Android)
-CVE-2016-5196
+CVE-2016-5196 (The content renderer client in Google Chrome prior to 54.0.2840.85 for ...)
 	- chromium-browser <not-affected> (Only affects Chrome on Android)
-CVE-2016-5195
+CVE-2016-5195 (Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before  ...)
 	{DSA-3696-1 DLA-670-1}
 	- linux 4.7.8-1
 	NOTE: https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
@@ -17232,153 +17232,153 @@ CVE-2016-5194
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5193
+CVE-2016-5193 (Google Chrome prior to 54.0 for iOS had insufficient validation of URL ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5192
+CVE-2016-5192 (Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5191
+CVE-2016-5191 (Bookmark handling in Google Chrome prior to 54.0.2840.59 for Windows,  ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5190
+CVE-2016-5190 (Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0. ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5189
+CVE-2016-5189 (Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0. ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5188
+CVE-2016-5188 (Multiple issues in Blink in Google Chrome prior to 54.0.2840.59 for Wi ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5187
+CVE-2016-5187 (Google Chrome prior to 54.0.2840.85 for Android incorrectly handled ra ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5186
+CVE-2016-5186 (Devtools in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and  ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5185
+CVE-2016-5185 (Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Lin ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5184
+CVE-2016-5184 (PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Li ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5183
+CVE-2016-5183 (A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5182
+CVE-2016-5182 (Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Lin ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5181
+CVE-2016-5181 (Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Lin ...)
 	{DSA-3731-1}
 	- chromium-browser 54.0.2840.101-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5180
+CVE-2016-5180 (Heap-based buffer overflow in the ares_create_query function in c-ares ...)
 	{DSA-3682-1 DLA-648-1}
 	- c-ares 1.12.0-1 (medium; bug #839151)
 	NOTE: https://c-ares.haxx.se/adv_20160929.html
 	NOTE: https://c-ares.haxx.se/CVE-2016-5180.patch
-CVE-2016-5179
+CVE-2016-5179 (Chrome OS before 53.0.2785.144 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Chrome OS
-CVE-2016-5178
+CVE-2016-5178 (Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785 ...)
 	{DSA-3683-1}
 	- chromium-browser 53.0.2785.143-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5177
+CVE-2016-5177 (Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.1 ...)
 	{DSA-3683-1}
 	- chromium-browser 53.0.2785.143-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5176
+CVE-2016-5176 (Google Chrome before 53.0.2785.113 allows remote attackers to bypass t ...)
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5175
+CVE-2016-5175 (Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785 ...)
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5174
+CVE-2016-5174 (browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome ...)
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5173
+CVE-2016-5173 (The extensions subsystem in Google Chrome before 53.0.2785.113 does no ...)
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5172
+CVE-2016-5172 (The parser in Google V8, as used in Google Chrome before 53.0.2785.113 ...)
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5171
+CVE-2016-5171 (WebKit/Source/bindings/templates/interface.cpp in Blink, as used in Go ...)
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5170
+CVE-2016-5170 (WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as ...)
 	{DSA-3667-1}
 	- chromium-browser 53.0.2785.113-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5169
+CVE-2016-5169 (Format string vulnerability in Google Chrome OS before 53.0.2785.103 a ...)
 	NOT-FOR-US: Google Chrome OS
-CVE-2016-5168
+CVE-2016-5168 (Skia, as used in Google Chrome before 50.0.2661.94, allows remote atta ...)
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- skia <itp> (bug #818180)
-CVE-2016-5167
+CVE-2016-5167 (Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785 ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5166
+CVE-2016-5166 (The download implementation in Google Chrome before 53.0.2785.89 on Wi ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5165
+CVE-2016-5165 (Cross-site scripting (XSS) vulnerability in the Developer Tools (aka D ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5164
+CVE-2016-5164 (Cross-site scripting (XSS) vulnerability in WebKit/Source/platform/v8_ ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5163
+CVE-2016-5163 (The bidirectional-text implementation in Google Chrome before 53.0.278 ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5162
+CVE-2016-5162 (The AllowCrossRendererResourceLoad function in extensions/browser/url_ ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5161
+CVE-2016-5161 (The EditingStyle::mergeStyle function in WebKit/Source/core/editing/Ed ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5160
+CVE-2016-5160 (The AllowCrossRendererResourceLoad function in extensions/browser/url_ ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5159
+CVE-2016-5159 (Multiple integer overflows in OpenJPEG, as used in PDFium in Google Ch ...)
 	{DSA-3768-1 DSA-3660-1}
 	- openjpeg2 2.1.2-1
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/9a07ccb3d0f076388e4da684a3bfd4327125c721
-CVE-2016-5158
+CVE-2016-5158 (Multiple integer overflows in the opj_tcd_init_tile function in tcd.c  ...)
 	{DSA-3768-1 DSA-3660-1}
 	- openjpeg2 2.1.2-1
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/9a07ccb3d0f076388e4da684a3bfd4327125c721
 	NOTE: https://github.com/uclouvain/openjpeg/issues/854
-CVE-2016-5157
+CVE-2016-5157 (Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt ...)
 	{DSA-3660-1}
 	- openjpeg2 2.1.2-1
 	[jessie] - openjpeg2 2.1.0-2+deb8u3
@@ -17386,111 +17386,111 @@ CVE-2016-5157
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/08/8
 	NOTE: https://github.com/uclouvain/openjpeg/pull/823
-CVE-2016-5156
+CVE-2016-5156 (extensions/renderer/event_bindings.cc in the event bindings in Google  ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5155
+CVE-2016-5155 (Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0. ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5154
+CVE-2016-5154 (Multiple heap-based buffer overflows in PDFium, as used in Google Chro ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5153
+CVE-2016-5153 (The Web Animations implementation in Blink, as used in Google Chrome b ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5152
+CVE-2016-5152 (Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd. ...)
 	{DSA-4013-1 DSA-3660-1}
 	- openjpeg2 2.1.2-1.2
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/3fbe71369019df0b47c7a2be4fab8c05768f2f32
 	NOTE: https://github.com/uclouvain/openjpeg/issues/854
-CVE-2016-5151
+CVE-2016-5151 (PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and be ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5150
+CVE-2016-5150 (WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5149
+CVE-2016-5149 (The extensions subsystem in Google Chrome before 53.0.2785.89 on Windo ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5148
+CVE-2016-5148 (Cross-site scripting (XSS) vulnerability in Blink, as used in Google C ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5147
+CVE-2016-5147 (Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS  ...)
 	{DSA-3660-1}
 	- chromium-browser 53.0.2785.89-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5146
+CVE-2016-5146 (Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743 ...)
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5145
+CVE-2016-5145 (Blink, as used in Google Chrome before 52.0.2743.116, does not ensure  ...)
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5144
+CVE-2016-5144 (The Developer Tools (aka DevTools) subsystem in Blink, as used in Goog ...)
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5143
+CVE-2016-5143 (The Developer Tools (aka DevTools) subsystem in Blink, as used in Goog ...)
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5142
+CVE-2016-5142 (The Web Cryptography API (aka WebCrypto) implementation in Blink, as u ...)
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5141
+CVE-2016-5141 (Blink, as used in Google Chrome before 52.0.2743.116, allows remote at ...)
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5140
+CVE-2016-5140 (Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in j ...)
 	{DSA-3645-1}
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5139
+CVE-2016-5139 (Multiple integer overflows in the opj_tcd_init_tile function in tcd.c  ...)
 	{DSA-3645-1 DLA-1433-1}
 	- openjpeg2 2.1.2-1
 	- chromium-browser 52.0.2743.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: Fixed in Google with: https://pdfium.googlesource.com/pdfium.git/+/2f6d1480a1be2b1f82c94219c2d99e67d7e0660d
 	NOTE: https://github.com/uclouvain/openjpeg/pull/819
-CVE-2016-5138
+CVE-2016-5138 (Integer overflow in the kbasep_vinstr_attach_client function in midgar ...)
 	- chromium-browser <not-affected> (Chrome on Chrome OS)
-CVE-2016-5137
+CVE-2016-5137 (The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/ ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5136
+CVE-2016-5136 (Use-after-free vulnerability in extensions/renderer/user_script_inject ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5135
+CVE-2016-5135 (WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as use ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5134
+CVE-2016-5134 (net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in G ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5133
+CVE-2016-5133 (Google Chrome before 52.0.2743.82 mishandles origin information during ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5132
+CVE-2016-5132 (The Service Workers subsystem in Google Chrome before 52.0.2743.82 doe ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5131
+CVE-2016-5131 (Use-after-free vulnerability in libxml2 through 2.9.4, as used in Goog ...)
 	{DSA-3744-1 DSA-3637-1 DLA-691-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -17498,27 +17498,27 @@ CVE-2016-5131
 	NOTE: Google fix: https://codereview.chromium.org/2127493002
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e
 	NOTE: Requisite for the test: https://git.gnome.org/browse/libxml2/commit/?id=a005199330b86dada19d162cae15ef9bdcb6baa8
-CVE-2016-5130
+CVE-2016-5130 (content/renderer/history_controller.cc in Google Chrome before 52.0.27 ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5129
+CVE-2016-5129 (Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743 ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-5128
+CVE-2016-5128 (objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome be ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-5127
+CVE-2016-5127 (Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnit ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2016-5125
 	REJECTED
-CVE-2016-5124
+CVE-2016-5124 (An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev1 ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2016-5123
 	RESERVED
@@ -17528,7 +17528,7 @@ CVE-2016-5121
 	RESERVED
 CVE-2016-5120
 	RESERVED
-CVE-2016-5119
+CVE-2016-5119 (The automatic update feature in KeePass 2.33 and earlier allows man-in ...)
 	- keepass2 2.18+dfsg-1
 	NOTE: autoupdate dialog disabled in Debian via patch, but basically not-affected
 CVE-2016-5113
@@ -17539,9 +17539,9 @@ CVE-2016-5111
 	RESERVED
 CVE-2016-5110
 	RESERVED
-CVE-2016-5109
+CVE-2016-5109 (Citrix Worx Home for iOS before 10.3.6 and XenMobile MDX Toolkit for i ...)
 	NOT-FOR-US: Citrix
-CVE-2016-5126
+CVE-2016-5126 (Heap-based buffer overflow in the iscsi_aio_ioctl function in block/is ...)
 	- qemu 1:2.6+dfsg-2 (bug #826151)
 	[jessie] - qemu <no-dsa> (Minor issue, can be fixed along in a future update)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -17558,13 +17558,13 @@ CVE-2016-XXXX [CSRF protection for POST requests]
 	NOTE: http://seclists.org/fulldisclosure/2016/May/59
 	NOTE: https://sourceforge.net/p/postfixadmin/bugs/372/
 	NOTE: Fixed by: https://sourceforge.net/p/postfixadmin/code/1842
-CVE-2016-5118
+CVE-2016-5118 (The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and Im ...)
 	{DSA-3746-1 DSA-3591-1 DLA-502-1 DLA-500-1}
 	- imagemagick 8:6.8.9.9-7.1 (bug #825799)
 	- graphicsmagick 1.3.24-1 (bug #825800)
 	NOTE: fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ae3928faa858
 	NOTE: patch available at http://www.openwall.com/lists/oss-security/2016/05/29/7
-CVE-2016-5116
+CVE-2016-5116 (gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used  ...)
 	{DSA-3619-1}
 	- libgd2 2.2.1-1
 	[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
@@ -17575,13 +17575,13 @@ CVE-2016-5116
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72115
 	NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/29/3
-CVE-2016-5115
+CVE-2016-5115 (The avcodec_decode_audio4 function in libavcodec in libavformat 57.34. ...)
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: This is an issue in ffmpeg/libav, which is fixed in stretch's ffmpeg, but it's unclear when it was fixed exactly
 	NOTE: https://trac.mplayerhq.hu/ticket/2298
-CVE-2016-5102
+CVE-2016-5102 (Buffer overflow in the readgifimage function in gif2tiff.c in the gif2 ...)
 	{DLA-693-1}
 	- tiff 4.0.6-3
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -17594,28 +17594,28 @@ CVE-2016-5102
 	NOTE: No patch available. Marked as wontfix by upstream
 	NOTE: Reproducer http://bugs.fi/media/afl/libtiff/CVE-2016-5102.gif
 	NOTE: gif2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-5101
+CVE-2016-5101 (Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows a ...)
 	NOT-FOR-US: Opera
-CVE-2016-5100
+CVE-2016-5100 (Froxlor before 0.9.35 uses the PHP rand function for random number gen ...)
 	NOT-FOR-US: Froxlor
-CVE-2016-5099
+CVE-2016-5099 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4. ...)
 	{DSA-3627-1}
 	- phpmyadmin 4:4.6.2-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-16/
-CVE-2016-5098
+CVE-2016-5098 (Directory traversal vulnerability in libraries/error_report.lib.php in ...)
 	- phpmyadmin <not-affected> (Only affected git versions but not released versions, cf. PMASA-2016-15)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-15/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8
-CVE-2016-5097
+CVE-2016-5097 (phpMyAdmin before 4.6.2 places tokens in query strings and does not ar ...)
 	- phpmyadmin 4:4.6.2-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <no-dsa> (Minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-14/
-CVE-2016-5092
+CVE-2016-5092 (Directory traversal vulnerability in Fortinet FortiWeb before 5.5.3 al ...)
 	NOT-FOR-US: Fortinet
-CVE-2016-5108
+CVE-2016-5108 (Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpc ...)
 	{DSA-3598-1}
 	- vlc 2.2.3-2 (bug #825728)
 	[wheezy] - vlc <end-of-life> (Unsupported in wheezy-lts)
@@ -17627,108 +17627,108 @@ CVE-2016-5089
 	RESERVED
 CVE-2016-5088
 	RESERVED
-CVE-2016-5087
+CVE-2016-5087 (Alertus Desktop Notification before 2.9.31.1710 on OS X uses weak perm ...)
 	NOT-FOR-US: Alertus
-CVE-2016-5086
+CVE-2016-5086 (Johnson &amp; Johnson Animas OneTouch Ping devices allow remote attack ...)
 	NOT-FOR-US: Animas OneTouch Ping
-CVE-2016-5085
+CVE-2016-5085 (Johnson &amp; Johnson Animas OneTouch Ping devices do not properly gen ...)
 	NOT-FOR-US: Animas OneTouch Ping
-CVE-2016-5084
+CVE-2016-5084 (Johnson &amp; Johnson Animas OneTouch Ping devices do not use encrypti ...)
 	NOT-FOR-US: Animas OneTouch Ping
 CVE-2016-5083
 	RESERVED
 CVE-2016-5082
 	RESERVED
-CVE-2016-5081
+CVE-2016-5081 (ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, ...)
 	NOT-FOR-US: ZModo
-CVE-2016-5080
+CVE-2016-5080 (Integer overflow in the rtxMemHeapAlloc function in asn1rt_a.lib in Ob ...)
 	NOT-FOR-US: Objective Systems Inc. ASN1C compiler
 	NOTE: https://github.com/programa-stic/security-advisories/tree/master/ObjSys/CVE-2016-5080
 CVE-2016-5079
 	RESERVED
-CVE-2016-5078
+CVE-2016-5078 (Paessler PRTG before 16.2.24.4045 has XSS via SNMP. ...)
 	NOT-FOR-US: Paessler PRTG
-CVE-2016-5077
+CVE-2016-5077 (Netikus EventSentry before 3.2.1.44 has XSS via SNMP. ...)
 	NOT-FOR-US: Netikus EventSentry
-CVE-2016-5076
+CVE-2016-5076 (CloudView NMS before 2.10a allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: CloudView NMS
-CVE-2016-5075
+CVE-2016-5075 (CloudView NMS before 2.10a has XSS via a TELNET login. ...)
 	NOT-FOR-US: CloudView NMS
-CVE-2016-5074
+CVE-2016-5074 (CloudView NMS before 2.10a has a format string issue exploitable over  ...)
 	NOT-FOR-US: CloudView NMS
-CVE-2016-5073
+CVE-2016-5073 (CloudView NMS before 2.10a has XSS via SNMP. ...)
 	NOT-FOR-US: CloudView NMS
-CVE-2016-5072
+CVE-2016-5072 (OXID eShop before 2016-06-13 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: OXID eShop
-CVE-2016-5071
+CVE-2016-5071 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the m ...)
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
-CVE-2016-5070
+CVE-2016-5070 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwor ...)
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
-CVE-2016-5069
+CVE-2016-5069 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable ...)
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
-CVE-2016-5068
+CVE-2016-5068 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not requir ...)
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
-CVE-2016-5067
+CVE-2016-5067 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes A ...)
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
-CVE-2016-5066
+CVE-2016-5066 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak pas ...)
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
-CVE-2016-5065
+CVE-2016-5065 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedde ...)
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
 CVE-2016-5064
 	RESERVED
-CVE-2016-5063
+CVE-2016-5063 (The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 ...)
 	NOT-FOR-US: BMC Server Automation
-CVE-2016-5062
+CVE-2016-5062 (The web server in Aternity before 9.0.1 does not require authenticatio ...)
 	NOT-FOR-US: Aternity
-CVE-2016-5061
+CVE-2016-5061 (Multiple cross-site scripting (XSS) vulnerabilities in the web server  ...)
 	NOT-FOR-US: Aternity
-CVE-2016-5060
+CVE-2016-5060 (Multiple cross-site scripting (XSS) vulnerabilities in nGrinder before ...)
 	NOT-FOR-US: nGrinder
-CVE-2016-5059
+CVE-2016-5059 (OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers t ...)
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Pro
-CVE-2016-5058
+CVE-2016-5058 (OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee rep ...)
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Pro
-CVE-2016-5057
+CVE-2016-5057 (OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL  ...)
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Pro
-CVE-2016-5056
+CVE-2016-5056 (OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex di ...)
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Pro
-CVE-2016-5055
+CVE-2016-5055 (OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the use ...)
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Pro
-CVE-2016-5054
+CVE-2016-5054 (OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee re ...)
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Home
-CVE-2016-5053
+CVE-2016-5053 (OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote att ...)
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Home
-CVE-2016-5052
+CVE-2016-5052 (OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL ...)
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Home
-CVE-2016-5051
+CVE-2016-5051 (OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in c ...)
 	NOT-FOR-US: OSRAM SYLVANIA Osram Lightify Home
-CVE-2016-5050
+CVE-2016-5050 (Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyD ...)
 	NOT-FOR-US: ReadyDesk
-CVE-2016-5049
+CVE-2016-5049 (Directory traversal vulnerability in chat/openattach.aspx in ReadyDesk ...)
 	NOT-FOR-US: ReadyDesk
-CVE-2016-5048
+CVE-2016-5048 (SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9. ...)
 	NOT-FOR-US: ReadyDesk
-CVE-2016-5047
+CVE-2016-5047 (NetApp OnCommand System Manager 8.3.x before 8.3.2P5 allows remote aut ...)
 	NOT-FOR-US: NetApp OnCommand System Manager
 CVE-2016-5046
 	RESERVED
-CVE-2016-5045
+CVE-2016-5045 (NetApp OnCommand System Manager before 9.0 allows remote attackers to  ...)
 	NOT-FOR-US: NetApp OnCommand System Manager
-CVE-2016-5025
+CVE-2016-5025 (For the NVIDIA Quadro, NVS, and GeForce products, improper sanitizatio ...)
 	NOT-FOR-US: NVIDIA Quadro, NVS, and GeForce product
-CVE-2016-5024
+CVE-2016-5024 (Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1 ...)
 	NOT-FOR-US: BIG-IP
-CVE-2016-5023
+CVE-2016-5023 (Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1  ...)
 	NOT-FOR-US: BIG-IP
-CVE-2016-5022
+CVE-2016-5022 (F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-5021
+CVE-2016-5021 (The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM,  ...)
 	NOT-FOR-US: BIG-IP
-CVE-2016-5020
+CVE-2016-5020 (F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modif ...)
 	NOT-FOR-US: BIG-IP
-CVE-2016-5019
+CVE-2016-5019 (CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0. ...)
 	NOT-FOR-US: Apache MyFaces Trinidad
-CVE-2016-5018
+CVE-2016-5018 (In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8. ...)
 	{DSA-3721-1 DSA-3720-1 DLA-729-1 DLA-728-1}
 	- tomcat8 8.0.37-1 (low)
 	- tomcat7 7.0.72-1 (low; bug #842663)
@@ -17738,7 +17738,7 @@ CVE-2016-5018
 	NOTE: Fixed by: http://svn.apache.org/r1754901 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1754902 (7.0.x)
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1754904
-CVE-2016-5017
+CVE-2016-5017 (Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 an ...)
 	{DLA-630-1}
 	- zookeeper 3.4.9-1
 	[jessie] - zookeeper 3.4.5+dfsg-2+deb8u1
@@ -17746,42 +17746,42 @@ CVE-2016-5017
 	NOTE: client interface, not as a production tool
 	NOTE: https://zookeeper.apache.org/security.html#CVE-2016-5017
 	NOTE: Fixed by https://git-wip-us.apache.org/repos/asf?p=zookeeper.git;a=commitdiff;h=27ecf981a15554dc8e64a28630af7a5c9e2bdf4f
-CVE-2016-5016
+CVE-2016-5016 (Pivotal Cloud Foundry 239 and earlier, UAA (aka User Account and Authe ...)
 	NOT-FOR-US: Pivotal Cloud Foundry
 CVE-2016-5015
 	REJECTED
-CVE-2016-5014
+CVE-2016-5014 (In Moodle 2.x and 3.x, an unenrolled user still receives event monitor ...)
 	- moodle <not-affected> (Only affects 2.8 and later)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=336699
-CVE-2016-5013
+CVE-2016-5013 (In Moodle 2.x and 3.x, text injection can occur in email headers, pote ...)
 	- moodle 2.7.15+dfsg-1
-CVE-2016-5012
+CVE-2016-5012 (In Moodle 3.x, glossary search displays entries without checking user  ...)
 	- moodle <not-affected> (Only affects 3.1)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=336697
-CVE-2016-5011
+CVE-2016-5011 (The parse_dos_extended function in partitions/dos.c in the libblkid li ...)
 	- util-linux 2.28.1-1 (bug #830802)
 	[jessie] - util-linux <no-dsa> (Minor issue)
 	[wheezy] - util-linux <no-dsa> (Minor issue)
 	NOTE: https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=7164a1c34d18831ac61c6744ad14ce916d389b3f
 	NOTE: https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=50d1594c2e6142a3b51d2143c74027480df082e0
-CVE-2016-5010
+CVE-2016-5010 (coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832968)
 	NOTE: Fixed by: http://git.imagemagick.org/repos/ImageMagick/commit/c20de102cc57f3739a8870f79e728e3b0bea18c0
-CVE-2016-5009
+CVE-2016-5009 (The handle_command function in mon/Monitor.cc in Ceph allows remote au ...)
 	- ceph 10.2.5-1 (bug #829661)
 	[jessie] - ceph 0.80.7-2+deb8u2
 	NOTE: http://tracker.ceph.com/issues/16297
 	NOTE: https://github.com/ceph/ceph/pull/9700
 	NOTE: https://github.com/ceph/ceph/commit/957ece7e95d8f8746191fd9629622d4457d690d6
-CVE-2016-5008
+CVE-2016-5008 (libvirt before 2.0.0 improperly disables password checking when the pa ...)
 	{DSA-3613-1 DLA-541-1}
 	- libvirt 2.0.0-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1180092
 	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=bb848feec0f3f10e92dd8e5231ae7aa89b5598f3 (v2.0.0)
 	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=f32441c69bf450d6ac593c3acd621c37e120cdaf (v1.2.9-maint)
 	NOTE: http://security.libvirt.org/2016/0001.html
-CVE-2016-5007
+CVE-2016-5007 (Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2. ...)
 	- libspring-java 4.3.2-1
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <not-affected> (Vulnerable code not present)
@@ -17791,46 +17791,46 @@ CVE-2016-5007
 	NOTE: Upstream bug: https://github.com/spring-projects/spring-security/issues/3964
 	NOTE: Mitigations exists in https://pivotal.io/security/cve-2016-5007
 	NOTE: Other (already unsupported) versions are affected as well by the issue
-CVE-2016-5006
+CVE-2016-5006 (The Cloud Controller in Cloud Foundry before 239 logs user-provided se ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-5005
+CVE-2016-5005 (Cross-site scripting (XSS) vulnerability in Apache Archiva 1.3.9 and e ...)
 	NOT-FOR-US: Apache Archiva
-CVE-2016-5004
+CVE-2016-5004 (The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in ...)
 	NOT-FOR-US: Apache Archiva
-CVE-2016-5003
+CVE-2016-5003 (The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Ar ...)
 	NOT-FOR-US: Apache Archiva
-CVE-2016-5002
+CVE-2016-5002 (XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ws- ...)
 	NOT-FOR-US: Apache Archiva
-CVE-2016-5001
+CVE-2016-5001 (This is an information disclosure vulnerability in Apache Hadoop befor ...)
 	- hadoop <itp> (bug #793644)
-CVE-2016-5000
+CVE-2016-5000 (The XLSX2CSV example in Apache POI before 3.14 allows remote attackers ...)
 	- libapache-poi-java <unfixed> (unimportant)
 	NOTE: Versions affected: POI 3.5-3.13; Fixed in 3.14
 	NOTE: XLSX2CSV example is not installed
-CVE-2016-4999
+CVE-2016-4999 (SQL injection vulnerability in the getStringParameterSQL method in mai ...)
 	NOT-FOR-US: JBoss dashbuilder
-CVE-2016-4998
+CVE-2016-4998 (The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subs ...)
 	{DSA-3607-1}
 	- linux 4.6.2-2
 	[wheezy] - linux <no-dsa> (Only exploitable by privileged user; too many changes to backport)
 	NOTE: Non-privileged user namespaces disabled by default, only vulnerable with sysctl kernel.unprivileged_userns_clone=1
-CVE-2016-4997
+CVE-2016-4997 (The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt imple ...)
 	{DSA-3607-1}
 	- linux 4.6.2-2
 	[wheezy] - linux <no-dsa> (Only exploitable by privileged user; too many changes to backport)
 	NOTE: Non-privileged user namespaces disabled by default, only vulnerable with sysctl kernel.unprivileged_userns_clone=1
-CVE-2016-4996
+CVE-2016-4996 (discovery-debug in Foreman before 6.2 when the ssh service has been en ...)
 	- foreman <itp> (bug #663101)
-CVE-2016-4995
+CVE-2016-4995 (Foreman before 1.11.4 and 1.12.x before 1.12.1 does not properly restr ...)
 	- foreman <itp> (bug #663101)
-CVE-2016-4994
+CVE-2016-4994 (Use-after-free vulnerability in the xcf_load_image function in app/xcf ...)
 	{DSA-3612-1 DLA-525-1}
 	- gimp 2.8.16-2.2 (bug #828179)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=767873
-CVE-2016-4993
+CVE-2016-4993 (CRLF injection vulnerability in the Undertow web server in WildFly 10. ...)
 	- undertow 1.4.3-1
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-827
-CVE-2016-4992
+CVE-2016-4992 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7,  ...)
 	- 389-ds-base 1.3.5.13-1
 	[jessie] - 389-ds-base <no-dsa> (Minor issue)
 	NOTE: http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-5-13.html
@@ -17838,52 +17838,52 @@ CVE-2016-4991
 	RESERVED
 CVE-2016-4990
 	REJECTED
-CVE-2016-4989
+CVE-2016-4989 (setroubleshoot allows local users to bypass an intended container prot ...)
 	NOT-FOR-US: setroubleshoot
-CVE-2016-4988
+CVE-2016-4988 (Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer ...)
 	NOT-FOR-US: Jenkins plugin
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20
-CVE-2016-4987
+CVE-2016-4987 (Directory traversal vulnerability in the Image Gallery plugin before 1 ...)
 	NOT-FOR-US: Jenkins plugin
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20
-CVE-2016-4986
+CVE-2016-4986 (Directory traversal vulnerability in the TAP plugin before 1.25 in Jen ...)
 	NOT-FOR-US: Jenkins plugin
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20
-CVE-2016-4985
+CVE-2016-4985 (The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and  ...)
 	- ironic 1:5.1.2-1 (bug #827886)
 	NOTE: Affects >=2014.2, >=4.0.0 <=4.2.4, >=4.3.0 <=5.1.1
-CVE-2016-4984
+CVE-2016-4984 (/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets ...)
 	- openldap <not-affected> (Red Hat-specific)
 CVE-2016-4983
 	RESERVED
 	- dovecot <not-affected> (Specific to Red Hat packaging)
-CVE-2016-4982
+CVE-2016-4982 (authd sets weak permissions for /etc/ident.key, which allows local use ...)
 	NOT-FOR-US: authd
 CVE-2016-4981
 	RESERVED
 CVE-2016-4980
 	RESERVED
 	NOT-FOR-US: Red Hat xguest kiosk mode
-CVE-2016-4979
+CVE-2016-4979 (The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_s ...)
 	- apache2 2.4.23-1
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: Upstream fix: https://svn.apache.org/r1750779
-CVE-2016-4978
+CVE-2016-4978 (The getObject method of the javax.jms.ObjectMessage class in the (1) J ...)
 	NOT-FOR-US: ApacheMQ Artemis
-CVE-2016-4977
+CVE-2016-4977 (When processing authorization requests using the whitelabel views in S ...)
 	NOT-FOR-US: Spring Security OAuth
-CVE-2016-4976
+CVE-2016-4976 (Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2016-4975
+CVE-2016-4975 (Possible CRLF injection allowing HTTP response splitting attacks for s ...)
 	- apache2 2.4.25-1 (low)
 	[jessie] - apache2 2.4.10-10+deb8u8
 	NOTE: https://svn.apache.org/r1772678
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-4975
-CVE-2016-4974
+CVE-2016-4974 (Apache Qpid AMQP 0-x JMS client before 6.0.4 and JMS (AMQP 1.0) before ...)
 	- qpid-java <itp> (bug #840131)
-CVE-2016-4973
+CVE-2016-4973 (Binaries compiled against targets that use the libssp library in GCC f ...)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1324759
 	- gcc-6 <not-affected> (Uses glibc-internal SSP)
 	- gcc-5 <not-affected> (Uses glibc-internal SSP)
@@ -17892,40 +17892,40 @@ CVE-2016-4973
 	- mingw32 <removed>
 	[wheezy] - mingw32 <no-dsa> (Minor issue)
 	NOTE: Missing security feature, not a direct vulnerability
-CVE-2016-4972
+CVE-2016-4972 (OpenStack Murano before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), ...)
 	- murano 1:2.0.1-1 (bug #828062)
 	NOTE: Affects: Murano: <=2015.1.1; <=1.0.2; ==2.0.0
 	- murano-dashboard 1:2.0.0-5 (bug #828064)
 	NOTE: Affects: Murano-dashboard: <=2015.1.1; <=1.0.2; ==2.0.0
 	- python-muranoclient 0.8.3-4 (bug #828063)
 	NOTE: Affects: Python-muranoclient: <=0.7.2; >=0.8.0<=0.8.4
-CVE-2016-4971
+CVE-2016-4971 (GNU wget before 1.18 allows remote servers to write to arbitrary files ...)
 	{DLA-536-1}
 	- wget 1.18-1 (bug #827003)
 	[jessie] - wget 1.16-1+deb8u1
 	NOTE: http://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.html
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=e996e322ffd42aaa051602da182d03178d0f13e1 (v1.18)
-CVE-2016-4970
+CVE-2016-4970 (handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and  ...)
 	- netty 1:4.0.37-1 (bug #827620)
 	[jessie] - netty <not-affected> (Vulnerable code not present)
 	[wheezy] - netty <not-affected> (Vulnerable code not present)
 	NOTE: Versions affected: Netty 4.0.0.Final - 4.0.36.Final and 4.1.0.Final
-CVE-2016-4969
+CVE-2016-4969 (Cross-site scripting (XSS) vulnerability in Fortinet FortiWan (formerl ...)
 	NOT-FOR-US: Fortinet
-CVE-2016-4968
+CVE-2016-4968 (The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly As ...)
 	NOT-FOR-US: Fortinet
-CVE-2016-4967
+CVE-2016-4967 (Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote aut ...)
 	NOT-FOR-US: Fortinet
-CVE-2016-4966
+CVE-2016-4966 (The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLi ...)
 	NOT-FOR-US: Fortinet
-CVE-2016-4965
+CVE-2016-4965 (Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote aut ...)
 	NOT-FOR-US: Fortinet
 CVE-2016-XXXX [AST-2016-005]
 	- asterisk 1:13.8.2~dfsg-1
 	[jessie] - asterisk <not-affected> (Only affects 13.x)
 	[wheezy] - asterisk <not-affected> (Only affects 13.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2016-005.html
-CVE-2016-5107
+CVE-2016-5107 (The megasas_lookup_frame function in QEMU, when built with MegaRAID SA ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #825616)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -17933,14 +17933,14 @@ CVE-2016-5107
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04424.html
 	NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336461
-CVE-2016-5106
+CVE-2016-5106 (The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #825615)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html
-CVE-2016-5105
+CVE-2016-5105 (The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when  ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #825614)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -17948,7 +17948,7 @@ CVE-2016-5105
 	NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04419.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1339583
-CVE-2016-5104
+CVE-2016-5104 (The socket_create function in common/socket.c in libimobiledevice and  ...)
 	- libimobiledevice 1.2.0+dfsg-3 (bug #825553)
 	[jessie] - libimobiledevice <no-dsa> (Minor issue)
 	[wheezy] - libimobiledevice <not-affected> (Vulnerable code not present)
@@ -17956,221 +17956,221 @@ CVE-2016-5104
 	- libusbmuxd 1.0.10-3 (bug #825554)
 	[jessie] - libusbmuxd <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196
-CVE-2016-4552
+CVE-2016-4552 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1 ...)
 	- roundcube 1.2.0+dfsg.1-1
 	[wheezy] - roundcube <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/roundcube/roundcubemail/issues/5240
 	NOTE: https://github.com/roundcube/roundcubemail/pull/5241
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/8
-CVE-2016-5096
+CVE-2016-5096 (Integer overflow in the fread function in ext/standard/file.c in PHP b ...)
 	{DSA-3602-1 DLA-533-1}
 	- php5 5.6.22+dfsg-1
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72114
 	NOTE: Fixed in 5.6.22, 5.5.36
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3
-CVE-2016-5095
+CVE-2016-5095 (Integer overflow in the php_escape_html_entities_ex function in ext/st ...)
 	{DSA-3602-1 DLA-533-1}
 	- php5 5.6.22+dfsg-1
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72135
 	NOTE: Fixed in 5.6.22, 5.5.36
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3
 	NOTE: For the additional issue reported in the "[2016-05-17 12:55 UTC]" comment
-CVE-2016-5094
+CVE-2016-5094 (Integer overflow in the php_html_entities function in ext/standard/htm ...)
 	{DSA-3602-1 DLA-533-1}
 	- php5 5.6.22+dfsg-1
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72135
 	NOTE: Fixed in 5.6.22, 5.5.36
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3
-CVE-2016-5093
+CVE-2016-5093 (The get_icu_value_internal function in ext/intl/locale/locale_methods. ...)
 	{DSA-3602-1 DLA-533-1}
 	- php7.0 7.0.7-1
 	- php5 5.6.22+dfsg-1
 	NOTE: PHP bug: https://bugs.php.net/bug.php?id=72241
 	NOTE: Fixed in 7.0.7, 5.6.22, 5.5.36
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/25/3
-CVE-2016-5091
+CVE-2016-5091 (Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allo ...)
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-5044
+CVE-2016-5044 (The WRITE_UNALIGNED function in dwarf_elf_access.c in libdwarf before  ...)
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/
-CVE-2016-5043
+CVE-2016-5043 (The dwarf_dealloc function in libdwarf before 20160923 allows remote a ...)
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/
-CVE-2016-5042
+CVE-2016-5042 (The dwarf_get_aranges_list function in libdwarf before 20160923 allows ...)
 	{DLA-669-1}
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/
-CVE-2016-5041
+CVE-2016-5041 (dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to  ...)
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/
-CVE-2016-5040
+CVE-2016-5040 (libdwarf before 20160923 allows remote attackers to cause a denial of  ...)
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/
-CVE-2016-5039
+CVE-2016-5039 (The get_attr_value function in libdwarf before 20160923 allows remote  ...)
 	{DLA-669-1}
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/eb1472afac95031d0c9dd8c11d527b865fe7deb8/
-CVE-2016-5038
+CVE-2016-5038 (The dwarf_get_macro_startend_file function in dwarf_macro5.c in libdwa ...)
 	{DLA-669-1}
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/82d8e007851805af0dcaaff41f49a2d48473334b/
-CVE-2016-5037
+CVE-2016-5037 (The _dwarf_load_section function in libdwarf before 20160923 allows re ...)
 	- dwarfutils 20160507-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/b6ec2dfd850929821626ea63fb0a752076a3c08a/
-CVE-2016-5036
+CVE-2016-5036 (The dump_block function in print_sections.c in libdwarf before 2016092 ...)
 	{DLA-669-1}
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/82d8e007851805af0dcaaff41f49a2d48473334b/
-CVE-2016-5035
+CVE-2016-5035 (The _dwarf_read_line_table_header function in dwarf_line_table_reader. ...)
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/82d8e007851805af0dcaaff41f49a2d48473334b/
-CVE-2016-5034
+CVE-2016-5034 (dwarf_elf_access.c in libdwarf before 20160923 allows remote attackers ...)
 	{DLA-669-1}
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/10ca310f64368dc083efacac87732c02ef560a92/
-CVE-2016-5033
+CVE-2016-5033 (The print_exprloc_content function in libdwarf before 20160923 allows  ...)
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/ac6673e32f3443a5d36c2217cb814000930b2c54/
-CVE-2016-5032
+CVE-2016-5032 (The dwarf_get_xu_hash_entry function in libdwarf before 20160923 allow ...)
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/ac6673e32f3443a5d36c2217cb814000930b2c54/
-CVE-2016-5031
+CVE-2016-5031 (The print_frame_inst_bytes function in libdwarf before 20160923 allows ...)
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/ac6673e32f3443a5d36c2217cb814000930b2c54/
-CVE-2016-5030
+CVE-2016-5030 (The _dwarf_calculate_info_section_end_ptr function in libdwarf before  ...)
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/6fa3f710ee6f21bba7966b963033a91d77c952bd/
-CVE-2016-5029
+CVE-2016-5029 (The create_fullest_file_path function in libdwarf before 20160923 allo ...)
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/acae971371daa23a19358bc62204007d258fbc5e/
-CVE-2016-5028
+CVE-2016-5028 (The print_frame_inst_bytes function in libdwarf before 20160923 allows ...)
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libdwarf/code/ci/a55b958926cc67f89a512ed30bb5a22b0adb10f4/
-CVE-2016-5027
+CVE-2016-5027 (dwarf_form.c in libdwarf 20160115 allows remote attackers to cause a d ...)
 	- dwarfutils 20160507+git20160523.9086738-1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1330237
-CVE-2016-5026
+CVE-2016-5026 (hs.py in OnionShare before 0.9.1 allows local users to modify the hidd ...)
 	- onionshare 0.8.1-2 (unimportant)
 	[jessie] - onionshare <not-affected> (Vulnerable code not present)
 	NOTE: Neutralised by kernel hardening (also contrib and non-free not supported)
-CVE-2016-4963
+CVE-2016-4963 (The libxl device-handling in Xen through 4.6.x allows local guest OS u ...)
 	{DLA-1493-1}
 	- xen 4.8.0~rc3-1
 	[wheezy] - xen <no-dsa> (Minor issue, too intrusive to backport, libvirt doesn't have libxl driver enabled)
 	NOTE: http://xenbits.xen.org/xsa/advisory-178.html
-CVE-2016-4962
+CVE-2016-4962 (The libxl device-handling in Xen 4.6.x and earlier allows local OS gue ...)
 	{DSA-3633-1}
 	- xen 4.8.0~rc3-1
 	[wheezy] - xen <no-dsa> (Too intrusive to backport, libvirt doesn't have libxl driver enabled)
 	NOTE: http://xenbits.xen.org/xsa/advisory-175.html
-CVE-2016-4961
+CVE-2016-4961 (For the NVIDIA Quadro, NVS, and GeForce products, improper sanitizatio ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2016-4960
+CVE-2016-4960 (For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamK ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2016-4959
+CVE-2016-4959 (For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote De ...)
 	NOT-FOR-US: NVIDIA Windows drivers
 CVE-2016-4958
 	RESERVED
-CVE-2016-4957
+CVE-2016-4957 (ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial o ...)
 	- ntp 1:4.2.8p8+dfsg-1
 	[jessie] - ntp <not-affected> (Fix for CVE-2016-1547 wasn't backported)
 	[wheezy] - ntp <not-affected> (Fix for CVE-2016-1547 wasn't backported)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3046
-CVE-2016-4956
+CVE-2016-4956 (ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a deni ...)
 	- ntp 1:4.2.8p8+dfsg-1
 	[jessie] - ntp <not-affected> (Fix for CVE-2016-1548 wasn't backported)
 	[wheezy] - ntp <not-affected> (Fix for CVE-2016-1548 wasn't backported)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3042
-CVE-2016-4955
+CVE-2016-4955 (ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote ...)
 	- ntp 1:4.2.8p8+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3043
-CVE-2016-4954
+CVE-2016-4954 (The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4 ...)
 	- ntp 1:4.2.8p8+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3044
-CVE-2016-4953
+CVE-2016-4953 (ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a deni ...)
 	- ntp 1:4.2.8p8+dfsg-1
 	[jessie] - ntp <not-affected> (Upstream fix for CVE-2016-1547 or CVE-2015-7979 wasn't backported)
 	[wheezy] - ntp <not-affected> (Fix for CVE-2016-1547 or CVE-2015-7979 wasn't backported)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3045
-CVE-2016-5117
+CVE-2016-5117 (OpenNTPD before 6.0p1 does not validate the CN for HTTPS constraint re ...)
 	- openntpd 1:6.0p1-1 (bug #825856; unimportant)
 	[jessie] - openntpd <not-affected> (Vulnerable code introduced later)
 	[wheezy] - openntpd <not-affected> (Vulnerable code introduced later)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/23/2
 	NOTE: Authenticated TLS "contraints" introduced in 2015-03-24 OpenNTPD 5.7p4
 	NOTE: Option is not enabled at buildtime.
-CVE-2016-4964
+CVE-2016-4964 (The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Qu ...)
 	- qemu 1:2.6+dfsg-2 (bug #825207)
 	[jessie] - qemu <not-affected> (LSI SAS1068 (mptsas) device support added later)
 	[wheezy] - qemu <not-affected> (LSI SAS1068 (mptsas) device support added later)
 	- qemu-kvm <not-affected> (LSI SAS1068 (mptsas) device support added later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04027.html
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=e351b82611293683c4cabe4b69b7552bde5d4e2a (v2.6.0-rc0)
-CVE-2016-4950
+CVE-2016-4950 (Cloudera Manager 5.5 and earlier allows remote attackers to enumerate  ...)
 	NOT-FOR-US: Cloudera Manager
-CVE-2016-4949
+CVE-2016-4949 (Cloudera Manager 5.5 and earlier allows remote attackers to obtain sen ...)
 	NOT-FOR-US: Cloudera Manager
-CVE-2016-4948
+CVE-2016-4948 (Multiple cross-site scripting (XSS) vulnerabilities in Cloudera Manage ...)
 	NOT-FOR-US: Cloudera Manager
-CVE-2016-4947
+CVE-2016-4947 (Cloudera HUE 3.9.0 and earlier allows remote attackers to enumerate us ...)
 	NOT-FOR-US: Cloudera HUE
-CVE-2016-4946
+CVE-2016-4946 (Multiple cross-site scripting (XSS) vulnerabilities in Cloudera HUE 3. ...)
 	NOT-FOR-US: Cloudera HUE
-CVE-2016-4945
+CVE-2016-4945 (Cross-site scripting (XSS) vulnerability in vpn/js/gateway_login_form_ ...)
 	NOT-FOR-US: Citrix NetScaler Gateway
 CVE-2016-XXXX [mediawiki issues from 1.26.3, 1.25.6 and 1.23.14]
 	- mediawiki 1:1.27.0-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-May/000188.html
-CVE-2016-4952
+CVE-2016-4952 (QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual S ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #825210)
 	[wheezy] - qemu <not-affected> (VMWare PVSCSI paravirtual device implementation introduced later)
 	- qemu-kvm <not-affected> (VMWare PVSCSI paravirtual device implementation introduced later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03774.html
 	NOTE: Introduced in: http://git.qemu.org/?p=qemu.git;a=commit;h=881d588a98bf0dce98ddb65c15aa0854c0ac41ed (v1.5.0-rc0)
-CVE-2016-4951
+CVE-2016-4951 (The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kerne ...)
 	- linux 4.5.5-1
 	[jessie] - linux <not-affected> (Introduced in 3.19)
 	[wheezy] - linux <not-affected> (Introduced in 3.19)
@@ -18203,27 +18203,27 @@ CVE-2016-4933
 	REJECTED
 CVE-2016-4932
 	REJECTED
-CVE-2016-4931
+CVE-2016-4931 (XML entity injection in Junos Space before 15.2R2 allows attackers to  ...)
 	NOT-FOR-US: Juniper
-CVE-2016-4930
+CVE-2016-4930 (Cross-site scripting (XSS) vulnerability in Junos Space before 15.2R2  ...)
 	NOT-FOR-US: Juniper
-CVE-2016-4929
+CVE-2016-4929 (Command injection vulnerability in Junos Space before 15.2R2 allows at ...)
 	NOT-FOR-US: Juniper
-CVE-2016-4928
+CVE-2016-4928 (Cross site request forgery vulnerability in Junos Space before 15.2R2  ...)
 	NOT-FOR-US: Juniper
-CVE-2016-4927
+CVE-2016-4927 (Insufficient validation of SSH keys in Junos Space before 15.2R2 allow ...)
 	NOT-FOR-US: Juniper
-CVE-2016-4926
+CVE-2016-4926 (Insufficient authentication vulnerability in Junos Space before 15.2R2 ...)
 	NOT-FOR-US: Juniper
-CVE-2016-4925
+CVE-2016-4925 (Receipt of a specifically malformed IPv6 packet processed by the route ...)
 	NOT-FOR-US: Juniper
-CVE-2016-4924
+CVE-2016-4924 (An incorrect permissions vulnerability in Juniper Networks Junos OS on ...)
 	NOT-FOR-US: Juniper
-CVE-2016-4923
+CVE-2016-4923 (Insufficient cross site scripting protection in J-Web component in Jun ...)
 	NOT-FOR-US: Juniper
-CVE-2016-4922
+CVE-2016-4922 (Certain combinations of Junos OS CLI commands and arguments have been  ...)
 	NOT-FOR-US: Juniper
-CVE-2016-4921
+CVE-2016-4921 (By flooding a Juniper Networks router running Junos OS with specially  ...)
 	NOT-FOR-US: Juniper
 CVE-2016-4920
 	RESERVED
@@ -18239,127 +18239,127 @@ CVE-2016-4915
 	RESERVED
 CVE-2016-4914
 	RESERVED
-CVE-2016-1000001
+CVE-2016-1000001 (flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect ...)
 	NOT-FOR-US: flask-oidc
-CVE-2016-1000000
+CVE-2016-1000000 (Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Bl ...)
 	NOT-FOR-US: Ipswitch
-CVE-2016-4910
+CVE-2016-4910 (Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to  ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4909
+CVE-2016-4909 (Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4908
+CVE-2016-4908 (Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to  ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4907
+CVE-2016-4907 (Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tok ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4906
+CVE-2016-4906 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 all ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4905
+CVE-2016-4905 (SQL injection vulnerability in the WP-OliveCart versions prior to 3.1. ...)
 	NOT-FOR-US: WP-OliveCart
-CVE-2016-4904
+CVE-2016-4904 (Cross-site request forgery (CSRF) vulnerability in WP-OliveCart versio ...)
 	NOT-FOR-US: WP-OliveCart
-CVE-2016-4903
+CVE-2016-4903 (Cross-site scripting vulnerability in WP-OliveCart versions prior to 3 ...)
 	NOT-FOR-US: WP-OliveCart
-CVE-2016-4902
+CVE-2016-4902 (Untrusted search path vulnerability in The Public Certification Servic ...)
 	NOT-FOR-US: Public Certification Service for Individuals
-CVE-2016-4901
+CVE-2016-4901 (Untrusted search path vulnerability in The installer of e-Tax Software ...)
 	NOT-FOR-US: e-Tax
-CVE-2016-4900
+CVE-2016-4900 (Untrusted search path vulnerability in Evernote for Windows versions p ...)
 	NOT-FOR-US: Evernote
-CVE-2016-4899
+CVE-2016-4899 (The datamover module in the Linux version of NovaBACKUP DataCenter bef ...)
 	NOT-FOR-US: NovaBACKUP
-CVE-2016-4898
+CVE-2016-4898 (The datamover module in the Linux version of NovaBACKUP DataCenter bef ...)
 	NOT-FOR-US: NovaBACKUP
-CVE-2016-4897
+CVE-2016-4897 (Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save ...)
 	NOT-FOR-US: Usermin
-CVE-2016-4896
+CVE-2016-4896 (SetsucoCMS all versions does not properly manage sessions, which allow ...)
 	NOT-FOR-US: SetucoCMS
-CVE-2016-4895
+CVE-2016-4895 (SetsucoCMS all versions allows remote authenticated attackers to condu ...)
 	NOT-FOR-US: SetucoCMS
-CVE-2016-4894
+CVE-2016-4894 (SetsucoCMS all versions allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: SetucoCMS
-CVE-2016-4893
+CVE-2016-4893 (SQL injection vulnerability in the SetsucoCMS all versions allows remo ...)
 	NOT-FOR-US: SetucoCMS
-CVE-2016-4892
+CVE-2016-4892 (Cross-site scripting vulnerability in SetsucoCMS all versions allows r ...)
 	NOT-FOR-US: SetucoCMS
-CVE-2016-4891
+CVE-2016-4891 (Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all vers ...)
 	NOT-FOR-US: SetucoCMS
-CVE-2016-4890
+CVE-2016-4890 (ZOHO ManageEngine ServiceDesk Plus before 9.2 uses an insecure method  ...)
 	NOT-FOR-US: ZOHO ManageEngine ServiceDesk Plus
-CVE-2016-4889
+CVE-2016-4889 (ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authentica ...)
 	NOT-FOR-US: ZOHO ManageEngine ServiceDesk Plus
-CVE-2016-4888
+CVE-2016-4888 (Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ServiceD ...)
 	NOT-FOR-US: ZOHO ManageEngine ServiceDesk Plus
-CVE-2016-4887
+CVE-2016-4887 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Upl ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-4886
+CVE-2016-4886 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mai ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-4885
+CVE-2016-4885 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Fee ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-4884
+CVE-2016-4884 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blo ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-4883
+CVE-2016-4883 (Cross-site scripting vulnerability in baserCMS version 3.0.10 and earl ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-4882
+CVE-2016-4882 (Cross-site request forgery (CSRF) vulnerability in baserCMS version 3. ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-4881
+CVE-2016-4881 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blo ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-4880
+CVE-2016-4880 (Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0 ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-4879
+CVE-2016-4879 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mai ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-4878
+CVE-2016-4878 (Cross-site request forgery (CSRF) vulnerability in baserCMS version 3. ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-4877
+CVE-2016-4877 (Cross-site scripting vulnerability in baserCMS plugin Mail version 3.0 ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-4876
+CVE-2016-4876 (Cross-site request forgery (CSRF) vulnerability in baserCMS version 3. ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-4875
+CVE-2016-4875 (Multiple cross-site scripting (XSS) vulnerabilities in the IVYWE (1) A ...)
 	NOT-FOR-US: IVYWE
-CVE-2016-4874
+CVE-2016-4874 (Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct  ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4873
+CVE-2016-4873 (Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4872
+CVE-2016-4872 (Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4871
+CVE-2016-4871 (Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4870
+CVE-2016-4870 (Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 al ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4869
+CVE-2016-4869 (Cybozu Office 9.0.0 to 10.4.0 allow remote attackers to obtain session ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4868
+CVE-2016-4868 (Email header injection vulnerability in Cybozu Office 9.0.0 to 10.4.0  ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4867
+CVE-2016-4867 (Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4866
+CVE-2016-4866 (Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 al ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4865
+CVE-2016-4865 (Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 al ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4864
+CVE-2016-4864 (H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remo ...)
 	- h2o <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/h2o/h2o/issues/1077
-CVE-2016-4863
+CVE-2016-4863 (The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware versi ...)
 	NOT-FOR-US: Toshiba FlashAir
-CVE-2016-4862
+CVE-2016-4862 (Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with  ...)
 	NOT-FOR-US: Twigmo
-CVE-2016-4861
+CVE-2016-4861 (The (1) order and (2) group methods in Zend_Db_Select in the Zend Fram ...)
 	{DLA-1403-1 DLA-646-1}
 	- zendframework 1.12.20+dfsg-1
 	NOTE: http://framework.zend.com/security/advisory/ZF2016-03
 	NOTE: This security fix can be considered an improvement of the previous ZF2016-02
 	NOTE: and ZF2014-04 advisories.
 	NOTE: Fixed by: https://github.com/zendframework/zf1/commit/b1c71dd94296d9000127720c85a7ea9e3b35af4b (1.12.20)
-CVE-2016-4860
+CVE-2016-4860 (Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not requi ...)
 	NOT-FOR-US: Yokogawa STARDOM
-CVE-2016-4859
+CVE-2016-4859 (Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.3, ...)
 	NOT-FOR-US: Splunk
-CVE-2016-4858
+CVE-2016-4858 (Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to ...)
 	NOT-FOR-US: Splunk
-CVE-2016-4857
+CVE-2016-4857 (Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, ...)
 	NOT-FOR-US: Splunk
-CVE-2016-4856
+CVE-2016-4856 (Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to ...)
 	NOT-FOR-US: Splunk
-CVE-2016-4855
+CVE-2016-4855 (Cross-site scripting vulnerability in ADOdb versions prior to 5.20.6 a ...)
 	{DLA-620-1}
 	- libphp-adodb 5.20.6-1 (unimportant; bug #837418)
 	[jessie] - libphp-adodb 5.15-1+deb8u1
@@ -18367,158 +18367,158 @@ CVE-2016-4855
 	NOTE: https://jvn.jp/en/jp/JVN48237713/
 	NOTE: https://github.com/ADOdb/ADOdb/commit/ecb93d8c1
 	NOTE: Vulnerable file is shipped as an example only
-CVE-2016-4854
+CVE-2016-4854 (Cross-site request forgery (CSRF) vulnerability in L-04D firmware vers ...)
 	NOT-FOR-US: L-04D firmware
-CVE-2016-4853
+CVE-2016-4853 (AKABEi SOFT2 games allow remote attackers to execute arbitrary OS comm ...)
 	NOT-FOR-US: AKABEi SOFT2
-CVE-2016-4852
+CVE-2016-4852 (YoruFukurou (NightOwl) before 2.85 relies on support for emoji skin-to ...)
 	NOT-FOR-US: YoruFukurou
-CVE-2016-4851
+CVE-2016-4851 (Cross-site scripting (XSS) vulnerability in Let's PHP! simple chat bef ...)
 	NOT-FOR-US: Let's PHP! simple chat
-CVE-2016-4850
+CVE-2016-4850 (LINE for Windows before 4.8.3 allows man-in-the-middle attackers to ex ...)
 	NOT-FOR-US: LINE for Windows
-CVE-2016-4849
+CVE-2016-4849 (Multiple cross-site scripting (XSS) vulnerabilities in Geeklog IVYWE e ...)
 	NOT-FOR-US: Geeklog
-CVE-2016-4848
+CVE-2016-4848 (Cross-site scripting (XSS) vulnerability in ClipBucket before 2.8.1 RC ...)
 	NOT-FOR-US: ClipBucket
-CVE-2016-4847
+CVE-2016-4847 (Cross-site scripting (XSS) vulnerability in site/search.php in OSSEC W ...)
 	NOT-FOR-US: OSSEC Web UI
-CVE-2016-4846
+CVE-2016-4846 (Untrusted search path vulnerability in the installer of PhishWall Clie ...)
 	NOT-FOR-US: PhishWall Client Internet Explorer
-CVE-2016-4845
+CVE-2016-4845 (Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL ...)
 	NOT-FOR-US: I-O DATA
-CVE-2016-4844
+CVE-2016-4844 (Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickj ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4843
+CVE-2016-4843 (Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensiti ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4842
+CVE-2016-4842 (Cybozu Mailwise before 5.4.0 allows remote attackers to obtain informa ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4841
+CVE-2016-4841 (Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitra ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-4840
+CVE-2016-4840 (Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus  ...)
 	NOT-FOR-US: Coordinate Plus App for Android
-CVE-2016-4839
+CVE-2016-4839 (The Android Apps Money Forward (prior to v7.18.0), Money Forward for T ...)
 	NOT-FOR-US: Money Forward
-CVE-2016-4838
+CVE-2016-4838 (The Android Apps Money Forward (prior to v7.18.0), Money Forward for T ...)
 	NOT-FOR-US: Money Forward
-CVE-2016-4837
+CVE-2016-4837 (SQL injection vulnerability in the Seed Coupon plugin before 1.6 for E ...)
 	NOT-FOR-US: EC-CUBE
 CVE-2016-4836
 	REJECTED
 CVE-2016-4835
 	REJECTED
-CVE-2016-4834
+CVE-2016-4834 (modules/Users/actions/Save.php in Vtiger CRM 6.4.0 and earlier does no ...)
 	NOT-FOR-US: Vtiger
-CVE-2016-4833
+CVE-2016-4833 (Cross-site scripting (XSS) vulnerability in the Nofollow Links plugin  ...)
 	NOT-FOR-US: Nofollow Links plugin for WordPress
-CVE-2016-4832
+CVE-2016-4832 (WAON "Service Application" for Android 1.4.1 and earlier does not veri ...)
 	NOT-FOR-US: WAON "Service Application" for Android
-CVE-2016-4831
+CVE-2016-4831 (Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 a ...)
 	NOT-FOR-US: LINE
-CVE-2016-4830
+CVE-2016-4830 (Sushiro App for iOS 2.1.16 and earlier and Sushiro App for Android 2.1 ...)
 	NOT-FOR-US: Sushiro App
-CVE-2016-4829
+CVE-2016-4829 (DMM Movie Player App for Android before 1.2.1, and DMM Movie Player Ap ...)
 	NOT-FOR-US: DMM Movie Player App
-CVE-2016-4828
+CVE-2016-4828 (The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress mishan ...)
 	NOT-FOR-US: Collne Welcart e-Commerce plugin for WordPress
-CVE-2016-4827
+CVE-2016-4827 (Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Comme ...)
 	NOT-FOR-US: Collne Welcart e-Commerce plugin for WordPress
-CVE-2016-4826
+CVE-2016-4826 (Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Comme ...)
 	NOT-FOR-US: Collne Welcart e-Commerce plugin for WordPress
-CVE-2016-4825
+CVE-2016-4825 (The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows ...)
 	NOT-FOR-US: Collne Welcart e-Commerce plugin for WordPress
-CVE-2016-4824
+CVE-2016-4824 (The Wi-Fi Protected Setup (WPS) implementation on Corega CG-WLR300GNV  ...)
 	NOT-FOR-US: Corega
-CVE-2016-4823
+CVE-2016-4823 (Corega CG-WLBARAGM devices allow remote attackers to cause a denial of ...)
 	NOT-FOR-US: Corega
-CVE-2016-4822
+CVE-2016-4822 (Corega CG-WLBARGL devices allow remote authenticated users to execute  ...)
 	NOT-FOR-US: Corega
-CVE-2016-4821
+CVE-2016-4821 (I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial ...)
 	NOT-FOR-US: I-O DATA
-CVE-2016-4820
+CVE-2016-4820 (Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ETX ...)
 	NOT-FOR-US: I-O DATA
-CVE-2016-4819
+CVE-2016-4819 (The printfDx function in Takumi Yamada DX Library for Borland C++ 3.13 ...)
 	NOT-FOR-US: Borland
-CVE-2016-4818
+CVE-2016-4818 (DMMFX Trade for Android 1.5.0 and earlier, DMMFX DEMO Trade for Androi ...)
 	NOT-FOR-US: DMMFX
-CVE-2016-4817
+CVE-2016-4817 (lib/http2/connection.c in H2O before 1.7.3 and 2.x before 2.0.0-beta5  ...)
 	- h2o <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/h2o/h2o/pull/920
 	NOTE: https://github.com/h2o/h2o/commit/1c0808d580da09fdec5a9a74ff09e103ea058dd4
-CVE-2016-4816
+CVE-2016-4816 (BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S60 ...)
 	NOT-FOR-US: BUFFALO
-CVE-2016-4815
+CVE-2016-4815 (Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with  ...)
 	NOT-FOR-US: BUFFALO
-CVE-2016-4814
+CVE-2016-4814 (Directory traversal vulnerability in kml2jsonp.php in Geospatial Infor ...)
 	NOT-FOR-US: Old_GSI_Maps
-CVE-2016-4813
+CVE-2016-4813 (NetCommons 2.4.2.1 and earlier allows remote authenticated secretariat ...)
 	NOT-FOR-US: NetCommons
-CVE-2016-4812
+CVE-2016-4812 (Cross-site scripting (XSS) vulnerability in the Markdown on Save Impro ...)
 	NOT-FOR-US: Markdown on Save Improved plugin for WordPress
-CVE-2016-4811
+CVE-2016-4811 (The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.15 ...)
 	NOT-FOR-US: NTT
-CVE-2016-4810
+CVE-2016-4810 (Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR C ...)
 	NOT-FOR-US: Citrix
-CVE-2016-4913
+CVE-2016-4913 (The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux k ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.4-1
 	NOTE: Fixed by: https://git.kernel.org/linus/99d825822eade8d827a1817357cbf3f889a552d6 (v4.6)
-CVE-2016-4912
+CVE-2016-4912 (The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remot ...)
 	- openslp-dfsg <not-affected> (Vulnerable code not present)
 	NOTE: Issue present only in OpenSLP 2.x where the return from malloc isn't checked.
-CVE-2016-4911
+CVE-2016-4911 (The Fernet Token Provider in OpenStack Identity (Keystone) 9.0.x befor ...)
 	- keystone 2:9.0.0-2 (bug #824683)
 	[jessie] - keystone <not-affected> (affects only 9.0.0)
 	[wheezy] - keystone <not-affected> (affects only 9.0.0)
 	NOTE: https://launchpad.net/bugs/1577558
-CVE-2016-4809
+CVE-2016-4809 (The archive_read_format_cpio_read_header function in archive_read_supp ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.1-1
 	NOTE: https://github.com/libarchive/libarchive/issues/705
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/fd7e0c02e272913a0a8b6d492c7260dfca0b1408 (v3.2.1)
-CVE-2016-10321
+CVE-2016-10321 (web2py before 2.14.6 does not properly check if a host is denied befor ...)
 	- web2py <removed> (bug #860038)
 	[jessie] - web2py <ignored> (Minor issue; issue in web admin interface which has no need to be used in production)
 	[wheezy] - web2py <no-dsa> (Minor issue; issue in web admin interface which has no need to be used in production)
 	NOTE: https://github.com/web2py/web2py/issues/1585#issuecomment-284317919
 	NOTE: https://github.com/web2py/web2py/commit/944d8bd8f3c5cf8ae296fc03d149056c65358426
-CVE-2016-4808
+CVE-2016-4808 (Web2py versions 2.14.5 and below was affected by CSRF (Cross Site Requ ...)
 	- web2py <removed> (bug #856127)
 	[jessie] - web2py <ignored> (Minor issue; issue in web admin interface which has no need to be used in production)
 	[wheezy] - web2py <no-dsa> (Minor issue; issue in web admin interface which has no need to be used in production)
 	NOTE: https://github.com/web2py/web2py/issues/1585
 	NOTE: https://github.com/web2py/web2py/commit/4bd002aee978813bc664cf186ef38ff4e8bbe1cd
-CVE-2016-4807
+CVE-2016-4807 (Web2py versions 2.14.5 and below was affected by Reflected XSS vulnera ...)
 	- web2py <removed> (bug #856127)
 	[jessie] - web2py <ignored> (Minor issue; issue in web admin interface which has no need to be used in production)
 	[wheezy] - web2py <no-dsa> (Minor issue; issue in web admin interface which has no need to be used in production)
 	NOTE: https://github.com/web2py/web2py/issues/1585
 	NOTE: https://github.com/web2py/web2py/commit/51c3b633fe7ad647bc3013e899c1e3a910362dd1
-CVE-2016-4806
+CVE-2016-4806 (Web2py versions 2.14.5 and below was affected by Local File Inclusion  ...)
 	- web2py <removed> (bug #856127)
 	[jessie] - web2py <ignored> (Minor issue; issue in web admin interface which has no need to be used in production)
 	[wheezy] - web2py <no-dsa> (Minor issue; issue in web admin interface which has no need to be used in production)
 	NOTE: https://github.com/web2py/web2py/issues/1585
 	NOTE: https://github.com/web2py/web2py/issues/1316
 	NOTE: https://github.com/web2py/web2py/commit/1b42fe65472930668435007cfcb077207051ba34
-CVE-2016-4803
+CVE-2016-4803 (CRLF injection vulnerability in the send email functionality in dotCMS ...)
 	NOT-FOR-US: dotCMS
-CVE-2016-4802
+CVE-2016-4802 (Multiple untrusted search path vulnerabilities in cURL and libcurl bef ...)
 	- curl <not-affected> (Windows only)
 CVE-2016-4801
 	RESERVED
-CVE-2016-4800
+CVE-2016-4800 (The path normalization mechanism in PathResource class in Eclipse Jett ...)
 	- jetty9 <not-affected> (Only affects Jetty >= 9.3.0, Jetty <= 9.3.8)
 	- jetty8 <not-affected> (Only affects 9.3.x)
 	- jetty <not-affected> (Only affects 9.3.x)
 	NOTE: http://www.ocert.org/advisories/ocert-2016-001.html
-CVE-2016-4805
+CVE-2016-4805 (Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the L ...)
 	{DSA-3607-1}
 	- linux 4.5.2-1
 	[wheezy] - linux 3.2.81-1
 	NOTE: Fixed by: https://git.kernel.org/linus/1f461dcdd296eecedaffffc6bae2bfa90bd7eb89 (v4.6-rc1)
 	NOTE: Introduced by: https://git.kernel.org/linus/273ec51dd7ceaa76e038875d85061ec856d8905e (v2.6.30)
-CVE-2016-4804
+CVE-2016-4804 (The read_boot function in boot.c in dosfstools before 4.0 allows attac ...)
 	{DLA-474-1}
 	- dosfstools 4.0-1
 	[jessie] - dosfstools <no-dsa> (Minor issue)
@@ -18531,552 +18531,552 @@ CVE-2016-4798
 	RESERVED
 CVE-2016-4795
 	RESERVED
-CVE-2016-4793
+CVE-2016-4793 (The clientIp function in CakePHP 3.2.4 and earlier allows remote attac ...)
 	{DLA-835-1}
 	- cakephp 2.8.3-1
 	[jessie] - cakephp <no-dsa> (Minor issue)
 	NOTE: http://legalhackers.com/advisories/CakePHP-IP-Spoofing-Vulnerability.txt
 	NOTE: https://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112_325_released.html
 	NOTE: Fixed by https://github.com/cakephp/cakephp/commit/48af49ddde16c8b99edb701f1c31283455b2b0b6
-CVE-2016-4792
+CVE-2016-4792 (Pulse Connect Secure (PCS) 8.2 before 8.2r1 allows remote attackers to ...)
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4791
+CVE-2016-4791 (The administrative user interface in Pulse Connect Secure (PCS) 8.2 be ...)
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4790
+CVE-2016-4790 (Cross-site scripting (XSS) vulnerability in the administrative user in ...)
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4789
+CVE-2016-4789 (Cross-site scripting (XSS) vulnerability in the system configuration s ...)
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4788
+CVE-2016-4788 (Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 bef ...)
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4787
+CVE-2016-4787 (Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 bef ...)
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4786
+CVE-2016-4786 (Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r3, 8.0 bef ...)
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-4785
+CVE-2016-4785 (A vulnerability has been identified in Firmware variant PROFINET IO fo ...)
 	NOT-FOR-US: Siemens
-CVE-2016-4784
+CVE-2016-4784 (A vulnerability has been identified in firmware variant PROFINET IO fo ...)
 	NOT-FOR-US: Siemens
-CVE-2016-4783
+CVE-2016-4783 (Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5. ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-4782
+CVE-2016-4782 (Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote at ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-4781
+CVE-2016-4781 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4780
+CVE-2016-4780 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-4779
+CVE-2016-4779 (Apple Type Services (ATS) in Apple OS X before 10.12 allows remote att ...)
 	NOT-FOR-US: Apple
-CVE-2016-4778
+CVE-2016-4778 (The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10,  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4777
+CVE-2016-4777 (The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10,  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4776
+CVE-2016-4776 (The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10,  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4775
+CVE-2016-4775 (The kernel in Apple OS X before 10.12, tvOS before 10, and watchOS bef ...)
 	NOT-FOR-US: Apple
-CVE-2016-4774
+CVE-2016-4774 (The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10,  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4773
+CVE-2016-4773 (The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10,  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4772
+CVE-2016-4772 (The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10,  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4771
+CVE-2016-4771 (The kernel in Apple iOS before 10 and OS X before 10.12 allows local u ...)
 	NOT-FOR-US: Apple
 CVE-2016-4770
 	REJECTED
-CVE-2016-4769
+CVE-2016-4769 (WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 a ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4768
+CVE-2016-4768 (WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4767
+CVE-2016-4767 (WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4766
+CVE-2016-4766 (WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4765
+CVE-2016-4765 (WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4764
+CVE-2016-4764 (An issue was discovered in certain Apple products. iOS before 10 is af ...)
 	NOT-FOR-US: Apple
-CVE-2016-4763
+CVE-2016-4763 (WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Wi ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4762
+CVE-2016-4762 (WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, iCloud ...)
 	NOT-FOR-US: Webkit as used by Apple
 CVE-2016-4761
 	RESERVED
-CVE-2016-4760
+CVE-2016-4760 (WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Sa ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4759
+CVE-2016-4759 (WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4758
+CVE-2016-4758 (WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Sa ...)
 	NOT-FOR-US: Webkit as used by Apple
 CVE-2016-4757
 	REJECTED
 CVE-2016-4756
 	REJECTED
-CVE-2016-4755
+CVE-2016-4755 (Terminal in Apple OS X before 10.12 uses weak permissions for the .bas ...)
 	NOT-FOR-US: Apple
-CVE-2016-4754
+CVE-2016-4754 (ServerDocs Server in Apple OS X Server before 5.2 supports the RC4 cip ...)
 	NOT-FOR-US: Apple
-CVE-2016-4753
+CVE-2016-4753 (Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS be ...)
 	NOT-FOR-US: Apple
-CVE-2016-4752
+CVE-2016-4752 (The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4751
+CVE-2016-4751 (The Safari Tabs component in Apple Safari before 10 allows remote atta ...)
 	NOT-FOR-US: Apple
-CVE-2016-4750
+CVE-2016-4750 (S2 Camera in Apple iOS before 10 and OS X before 10.12 allows attacker ...)
 	NOT-FOR-US: Apple
-CVE-2016-4749
+CVE-2016-4749 (Printing UIKit in Apple iOS before 10 mishandles environment variables ...)
 	NOT-FOR-US: Apple
-CVE-2016-4748
+CVE-2016-4748 (Perl in Apple OS X before 10.12 allows local users to bypass the taint ...)
 	NOT-FOR-US: Apple
-CVE-2016-4747
+CVE-2016-4747 (Mail in Apple iOS before 10 mishandles certificates, which makes it ea ...)
 	NOT-FOR-US: Apple
-CVE-2016-4746
+CVE-2016-4746 (The Keyboards component in Apple iOS before 10 does not properly use a ...)
 	NOT-FOR-US: Apple
-CVE-2016-4745
+CVE-2016-4745 (The Kerberos 5 (aka krb5) PAM module in Apple OS X before 10.12 does n ...)
 	NOT-FOR-US: Apple
 CVE-2016-4744
 	REJECTED
-CVE-2016-4743
+CVE-2016-4743 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-4742
+CVE-2016-4742 (NSSecureTextField in Apple OS X before 10.12 does not enable Secure In ...)
 	NOT-FOR-US: Apple
-CVE-2016-4741
+CVE-2016-4741 (The Assets component in Apple iOS before 10 allows man-in-the-middle a ...)
 	NOT-FOR-US: Apple
-CVE-2016-4740
+CVE-2016-4740 (Apple iOS before 10, when Handoff for Messages is used, does not ensur ...)
 	NOT-FOR-US: Apple
-CVE-2016-4739
+CVE-2016-4739 (mDNSResponder in Apple OS X before 10.12, when VMnet.framework is used ...)
 	NOT-FOR-US: Apple
-CVE-2016-4738
+CVE-2016-4738 (libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and ...)
 	{DSA-3709-1 DLA-700-1}
 	- libxslt 1.1.29-2 (bug #842570)
 	NOTE: https://git.gnome.org/browse/libxslt/commit/?id=eb1030de31165b68487f288308f9d1810fed6880
 	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=619006
-CVE-2016-4737
+CVE-2016-4737 (WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and w ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4736
+CVE-2016-4736 (libarchive in Apple OS X before 10.12 allows remote attackers to cause ...)
 	NOT-FOR-US: Apple / libarchive
 	NOTE: Possibly Apple-specific, but noone really knows and Apple doesn't cooperate
-CVE-2016-4735
+CVE-2016-4735 (WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 al ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4734
+CVE-2016-4734 (WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 al ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4733
+CVE-2016-4733 (WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 al ...)
 	NOT-FOR-US: Webkit as used by Apple
 CVE-2016-4732
 	REJECTED
-CVE-2016-4731
+CVE-2016-4731 (WebKit in Apple iOS before 10 and Safari before 10 allows remote attac ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4730
+CVE-2016-4730 (WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 al ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4729
+CVE-2016-4729 (WebKit in Apple iOS before 10 and Safari before 10 allows remote attac ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4728
+CVE-2016-4728 (WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4727
+CVE-2016-4727 (IOThunderboltFamily in Apple OS X before 10.12 allows attackers to exe ...)
 	NOT-FOR-US: Apple
-CVE-2016-4726
+CVE-2016-4726 (IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS be ...)
 	NOT-FOR-US: Apple
-CVE-2016-4725
+CVE-2016-4725 (IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS be ...)
 	NOT-FOR-US: Apple
-CVE-2016-4724
+CVE-2016-4724 (IOAcceleratorFamily in Apple iOS before 10 and OS X before 10.12 allow ...)
 	NOT-FOR-US: Apple
-CVE-2016-4723
+CVE-2016-4723 (Intel Graphics Driver in Apple OS X before 10.12 allows attackers to e ...)
 	NOT-FOR-US: Intel driver for OS X
-CVE-2016-4722
+CVE-2016-4722 (The IDS - Connectivity component in Apple iOS before 10 and OS X befor ...)
 	NOT-FOR-US: Apple
-CVE-2016-4721
+CVE-2016-4721 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
 CVE-2016-4720
 	REJECTED
-CVE-2016-4719
+CVE-2016-4719 (The GeoServices component in Apple iOS before 10 and watchOS before 3  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4718
+CVE-2016-4718 (Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.1 ...)
 	NOT-FOR-US: Apple
-CVE-2016-4717
+CVE-2016-4717 (The File Bookmark component in Apple OS X before 10.12 mishandles scop ...)
 	NOT-FOR-US: Apple
-CVE-2016-4716
+CVE-2016-4716 (diskutil in DiskArbitration in Apple OS X before 10.12 allows local us ...)
 	NOT-FOR-US: Apple
-CVE-2016-4715
+CVE-2016-4715 (The Date &amp; Time Pref Pane component in Apple OS X before 10.12 mis ...)
 	NOT-FOR-US: Apple
 CVE-2016-4714
 	REJECTED
-CVE-2016-4713
+CVE-2016-4713 (CoreDisplay in Apple OS X before 10.12 allows attackers to view arbitr ...)
 	NOT-FOR-US: Apple
-CVE-2016-4712
+CVE-2016-4712 (CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10,  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4711
+CVE-2016-4711 (CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X b ...)
 	NOT-FOR-US: Apple
-CVE-2016-4710
+CVE-2016-4710 (WindowServer in Apple OS X before 10.12 allows local users to obtain r ...)
 	NOT-FOR-US: Apple
-CVE-2016-4709
+CVE-2016-4709 (WindowServer in Apple OS X before 10.12 allows local users to obtain r ...)
 	NOT-FOR-US: Apple
-CVE-2016-4708
+CVE-2016-4708 (CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, a ...)
 	NOT-FOR-US: Apple
-CVE-2016-4707
+CVE-2016-4707 (CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Loca ...)
 	NOT-FOR-US: Apple
-CVE-2016-4706
+CVE-2016-4706 (cd9660 in Apple OS X before 10.12 allows local users to cause a denial ...)
 	NOT-FOR-US: Apple
-CVE-2016-4705
+CVE-2016-4705 (otool in Apple Xcode before 8 allows local users to gain privileges or ...)
 	NOT-FOR-US: Apple
-CVE-2016-4704
+CVE-2016-4704 (otool in Apple Xcode before 8 allows local users to gain privileges or ...)
 	NOT-FOR-US: Apple
-CVE-2016-4703
+CVE-2016-4703 (Bluetooth in Apple OS X before 10.12 allows attackers to execute arbit ...)
 	NOT-FOR-US: Apple
-CVE-2016-4702
+CVE-2016-4702 (Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and w ...)
 	NOT-FOR-US: Apple
-CVE-2016-4701
+CVE-2016-4701 (Application Firewall in Apple OS X before 10.12 allows local users to  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4700
+CVE-2016-4700 (AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitr ...)
 	NOT-FOR-US: Apple
-CVE-2016-4699
+CVE-2016-4699 (AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitr ...)
 	NOT-FOR-US: Apple
-CVE-2016-4698
+CVE-2016-4698 (AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4697
+CVE-2016-4697 (Apple HSSPI Support in Apple OS X before 10.12 allows attackers to exe ...)
 	NOT-FOR-US: Apple
-CVE-2016-4696
+CVE-2016-4696 (AppleEFIRuntime in Apple OS X before 10.12 allows attackers to execute ...)
 	NOT-FOR-US: Apple
 CVE-2016-4695
 	REJECTED
-CVE-2016-4694
+CVE-2016-4694 (The Apache HTTP Server in Apple OS X before 10.12 and OS X Server befo ...)
 	NOT-FOR-US: Apple CVE assignment to the equivalent of CVE-2016-5387
-CVE-2016-4693
+CVE-2016-4693 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4692
+CVE-2016-4692 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	- webkit2gtk 2.14.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-4691
+CVE-2016-4691 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4690
+CVE-2016-4690 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4689
+CVE-2016-4689 (An issue was discovered in certain Apple products. iOS before 10.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4688
+CVE-2016-4688 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
 CVE-2016-4687
 	REJECTED
-CVE-2016-4686
+CVE-2016-4686 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4685
+CVE-2016-4685 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
 CVE-2016-4684
 	REJECTED
-CVE-2016-4683
+CVE-2016-4683 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-4682
+CVE-2016-4682 (An issue was discovered in certain Apple products. macOS before 10.12  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4681
+CVE-2016-4681 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-4680
+CVE-2016-4680 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4679
+CVE-2016-4679 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4678
+CVE-2016-4678 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-4677
+CVE-2016-4677 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
 CVE-2016-4676
 	RESERVED
-CVE-2016-4675
+CVE-2016-4675 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4674
+CVE-2016-4674 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-4673
+CVE-2016-4673 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
 CVE-2016-4672
 	REJECTED
-CVE-2016-4671
+CVE-2016-4671 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-4670
+CVE-2016-4670 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4669
+CVE-2016-4669 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
 CVE-2016-4668
 	REJECTED
-CVE-2016-4667
+CVE-2016-4667 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-4666
+CVE-2016-4666 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4665
+CVE-2016-4665 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4664
+CVE-2016-4664 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4663
+CVE-2016-4663 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-4662
+CVE-2016-4662 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-4661
+CVE-2016-4661 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2016-4660
+CVE-2016-4660 (An issue was discovered in certain Apple products. iOS before 10.1 is  ...)
 	NOT-FOR-US: Apple
 CVE-2016-4659
 	REJECTED
-CVE-2016-4658
+CVE-2016-4658 (xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS ...)
 	{DSA-3744-1 DLA-691-1}
 	- libxml2 2.9.4+dfsg1-2.1 (bug #840553)
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b
-CVE-2016-4657
+CVE-2016-4657 (WebKit in Apple iOS before 9.3.5 allows remote attackers to execute ar ...)
 	- webkitgtk <removed> (unimportant)
 	NOTE: https://www.youtube.com/watch?v=xkdPjbaLngE
 	NOTE: Not covered by security support
-CVE-2016-4656
+CVE-2016-4656 (The kernel in Apple iOS before 9.3.5 allows attackers to execute arbit ...)
 	NOT-FOR-US: Apple
-CVE-2016-4655
+CVE-2016-4655 (The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensit ...)
 	NOT-FOR-US: Apple
-CVE-2016-4654
+CVE-2016-4654 (IOMobileFrameBuffer in Apple iOS before 9.3.4 allows attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-4653
+CVE-2016-4653 (The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before ...)
 	NOT-FOR-US: Apple
-CVE-2016-4652
+CVE-2016-4652 (CoreGraphics in Apple OS X before 10.11.6 allows local users to obtain ...)
 	NOT-FOR-US: Apple
-CVE-2016-4651
+CVE-2016-4651 (Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bind ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4650
+CVE-2016-4650 (Heap-based buffer overflow in IOHIDFamily in Apple iOS before 9.3.2, O ...)
 	NOT-FOR-US: Apple
-CVE-2016-4649
+CVE-2016-4649 (Audio in Apple OS X before 10.11.6 allows local users to cause a denia ...)
 	NOT-FOR-US: Apple
-CVE-2016-4648
+CVE-2016-4648 (Audio in Apple OS X before 10.11.6 allows local users to obtain sensit ...)
 	NOT-FOR-US: Apple
-CVE-2016-4647
+CVE-2016-4647 (Audio in Apple OS X before 10.11.6 allows local users to gain privileg ...)
 	NOT-FOR-US: Apple
-CVE-2016-4646
+CVE-2016-4646 (Audio in Apple OS X before 10.11.6 mishandles a size value, which allo ...)
 	NOT-FOR-US: Apple
-CVE-2016-4645
+CVE-2016-4645 (CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-b ...)
 	NOT-FOR-US: Apple
-CVE-2016-4644
+CVE-2016-4644 (In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10 ...)
 	NOT-FOR-US: Apple
-CVE-2016-4643
+CVE-2016-4643 (In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10 ...)
 	NOT-FOR-US: Apple
-CVE-2016-4642
+CVE-2016-4642 (In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10 ...)
 	NOT-FOR-US: Apple
-CVE-2016-4641
+CVE-2016-4641 (Login Window in Apple OS X before 10.11.6 allows attackers to execute  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4640
+CVE-2016-4640 (Login Window in Apple OS X before 10.11.6 allows attackers to execute  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4639
+CVE-2016-4639 (Login Window in Apple OS X before 10.11.6 does not properly initialize ...)
 	NOT-FOR-US: Apple
-CVE-2016-4638
+CVE-2016-4638 (Login Window in Apple OS X before 10.11.6 allows attackers to gain pri ...)
 	NOT-FOR-US: Apple
-CVE-2016-4637
+CVE-2016-4637 (CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS befo ...)
 	NOT-FOR-US: Apple
 CVE-2016-4636
 	REJECTED
-CVE-2016-4635
+CVE-2016-4635 (FaceTime in Apple iOS before 9.3.3 and OS X before 10.11.6 allows man- ...)
 	NOT-FOR-US: Apple
-CVE-2016-4634
+CVE-2016-4634 (The Graphics Drivers subsystem in Apple OS X before 10.11.6 allows loc ...)
 	NOT-FOR-US: Apple
-CVE-2016-4633
+CVE-2016-4633 (Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to ...)
 	NOT-FOR-US: Apple
-CVE-2016-4632
+CVE-2016-4632 (ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9. ...)
 	NOT-FOR-US: Apple
-CVE-2016-4631
+CVE-2016-4631 (ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9. ...)
 	NOT-FOR-US: Apple
-CVE-2016-4630
+CVE-2016-4630 (ImageIO in Apple OS X before 10.11.6 allows remote attackers to execut ...)
 	NOT-FOR-US: Apple
-CVE-2016-4629
+CVE-2016-4629 (ImageIO in Apple OS X before 10.11.6 allows remote attackers to execut ...)
 	NOT-FOR-US: Apple
-CVE-2016-4628
+CVE-2016-4628 (IOAcceleratorFamily in Apple iOS before 9.3.3 and watchOS before 2.2.2 ...)
 	NOT-FOR-US: Apple
-CVE-2016-4627
+CVE-2016-4627 (IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4626
+CVE-2016-4626 (IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS befor ...)
 	NOT-FOR-US: Apple
-CVE-2016-4625
+CVE-2016-4625 (Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 ...)
 	NOT-FOR-US: Apple
-CVE-2016-4624
+CVE-2016-4624 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
 	- webkit2gtk 2.12.4-1 (unimportant)
-CVE-2016-4623
+CVE-2016-4623 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4622
+CVE-2016-4622 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
 	- webkit2gtk 2.12.4-1 (unimportant)
-CVE-2016-4621
+CVE-2016-4621 (libc++abi in Apple OS X before 10.11.6 allows attackers to execute arb ...)
 	NOT-FOR-US: Apple
-CVE-2016-4620
+CVE-2016-4620 (The Sandbox Profiles component in Apple iOS before 10 does not properl ...)
 	NOT-FOR-US: Apple
 CVE-2016-4619
 	REJECTED
-CVE-2016-4618
+CVE-2016-4618 (Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS ...)
 	NOT-FOR-US: Apple
-CVE-2016-4617
+CVE-2016-4617 (An issue was discovered in certain Apple products. macOS before 10.12  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4616
+CVE-2016-4616 (libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before  ...)
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2016-4615
+CVE-2016-4615 (libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before  ...)
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2016-4614
+CVE-2016-4614 (libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before  ...)
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2016-4613
+CVE-2016-4613 (An issue was discovered in certain Apple products. Safari before 10.0. ...)
 	NOT-FOR-US: Apple
 CVE-2016-4612
 	REJECTED
-CVE-2016-4611
+CVE-2016-4611 (WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 al ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4610
+CVE-2016-4610 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before  ...)
 	- libxslt <undetermined>
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2016-4609
+CVE-2016-4609 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before  ...)
 	- libxslt <undetermined>
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2016-4608
+CVE-2016-4608 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before  ...)
 	- libxslt <undetermined>
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2016-4607
+CVE-2016-4607 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before  ...)
 	- libxslt <undetermined>
 	NOTE: contacted Apple for more information, but no reply for quite a while
 CVE-2016-4606
 	RESERVED
-CVE-2016-4605
+CVE-2016-4605 (Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4604
+CVE-2016-4604 (Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4603
+CVE-2016-4603 (Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Pri ...)
 	NOT-FOR-US: Apple
-CVE-2016-4602
+CVE-2016-4602 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-4601
+CVE-2016-4601 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-4600
+CVE-2016-4600 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-4599
+CVE-2016-4599 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-4598
+CVE-2016-4598 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-4597
+CVE-2016-4597 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-4596
+CVE-2016-4596 (QuickTime in Apple OS X before 10.11.6 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-4595
+CVE-2016-4595 (Safari Login AutoFill in Apple OS X before 10.11.6 allows physically p ...)
 	NOT-FOR-US: Apple
-CVE-2016-4594
+CVE-2016-4594 (The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before  ...)
 	NOT-FOR-US: Apple
-CVE-2016-4593
+CVE-2016-4593 (The Siri Contacts component in Apple iOS before 9.3.3 allows physicall ...)
 	NOT-FOR-US: Apple
-CVE-2016-4592
+CVE-2016-4592 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4591
+CVE-2016-4591 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
 	- webkit2gtk 2.12.4-1 (unimportant)
-CVE-2016-4590
+CVE-2016-4590 (WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles ab ...)
 	- webkit2gtk 2.12.4-1 (unimportant)
-CVE-2016-4589
+CVE-2016-4589 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4588
+CVE-2016-4588 (WebKit in Apple tvOS before 9.2.2 allows remote attackers to execute a ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4587
+CVE-2016-4587 (WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote a ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4586
+CVE-2016-4586 (WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remot ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4585
+CVE-2016-4585 (Cross-site scripting (XSS) vulnerability in the WebKit Page Loading im ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4584
+CVE-2016-4584 (The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safa ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4583
+CVE-2016-4583 (WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-4582
+CVE-2016-4582 (The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before ...)
 	NOT-FOR-US: Apple
-CVE-2016-4580
+CVE-2016-4580 (The x25_negotiate_facilities function in net/x25/x25_facilities.c in t ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.5-1
 	NOTE: Fixed by: https://git.kernel.org/linus/79e48650320e6fba48369fccf13fd045315b19b8 (v4.6)
-CVE-2016-4577
+CVE-2016-4577 (Buffer overflow in the Smart DNS functionality in the Huawei NGFW Modu ...)
 	NOT-FOR-US: Huawei
-CVE-2016-4576
+CVE-2016-4576 (Buffer overflow in the Application Specific Packet Filtering (ASPF) fu ...)
 	NOT-FOR-US: Huawei
-CVE-2016-4575
+CVE-2016-4575 (Cross-site scripting (XSS) vulnerability in the email APP in Huawei PL ...)
 	NOT-FOR-US: Huawei
-CVE-2016-4796
+CVE-2016-4796 (Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c  ...)
 	- openjpeg2 2.1.1-1
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	- openjpeg <removed>
 	[jessie] - openjpeg <not-affected> (Vulnerable code not present)
 	[wheezy] - openjpeg <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91
-CVE-2016-4797
+CVE-2016-4797 (Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd. ...)
 	- openjpeg2 2.1.1-1
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c
 	NOTE: CVE-2016-4797 exists because of an incorrect fix for CVE-2014-7947
-CVE-2016-4794
+CVE-2016-4794 (Use-after-free vulnerability in mm/percpu.c in the Linux kernel throug ...)
 	- linux 4.6.2-2
 	[jessie] - linux <not-affected> (Introduced in v3.18-rc1)
 	[wheezy] - linux <not-affected> (Introduced in v3.18-rc1)
 	NOTE: https://git.kernel.org/linus/4f996e234dad488e5d9ba0858bc1bae12eff82c3
 	NOTE: https://git.kernel.org/linus/6710e594f71ccaad8101bc64321152af7cd9ea28
-CVE-2016-4573
+CVE-2016-4573 (Fortinet FortiSwitch FSW-108D-POE, FSW-124D, FSW-124D-POE, FSW-224D-PO ...)
 	NOT-FOR-US: Fortinet
-CVE-2016-4581
+CVE-2016-4581 (fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse ...)
 	{DSA-3607-1}
 	- linux 4.5.4-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/5ec0811d30378ae104f250bfc9b3640242d81e3f (v4.6-rc7)
 	NOTE: Introduced by: https://git.kernel.org/linus/f2ebb3a921c1ca1e2ddd9242e95a1989a50c4c68 (v3.15-rc1)
-CVE-2016-4579
+CVE-2016-4579 (Libksba before 1.3.4 allows remote attackers to cause a denial of serv ...)
 	{DLA-470-1}
 	- libksba 1.3.4-3
 	[jessie] - libksba 1.3.2-1+deb8u1
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=a7eed17a0b2a1c09ef986f3b4b323cd31cea2b64
 CVE-2016-4572
 	RESERVED
-CVE-2016-4574
+CVE-2016-4574 (Off-by-one error in the append_utf8_value function in the DN decoder ( ...)
 	- libksba 1.3.4-3
 	[jessie] - libksba <not-affected> (Incomplete fix not applied)
 	[wheezy] - libksba <not-affected> (Incomplete fix not applied)
 	NOTE: Fixed by: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=6be61daac047d8e6aa941eb103f8e71a1d4e3c75
 	NOTE: Introduced by: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=243d12fdec66a4360fbb3e307a046b39b5b4ffc3
-CVE-2016-4578
+CVE-2016-4578 (sound/core/timer.c in the Linux kernel through 4.6 does not initialize ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.5-1
 	NOTE: https://github.com/torvalds/linux/commit/9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6
 	NOTE: https://github.com/torvalds/linux/commit/e4ec8cc8039a7063e24204299b462bd1383184a5
-CVE-2016-4569
+CVE-2016-4569 (The snd_timer_user_params function in sound/core/timer.c in the Linux  ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.5-1
 	NOTE: http://comments.gmane.org/gmane.linux.kernel/2214250
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cec8f96e49d9be372fdb0c3836dcf31ec71e457e
-CVE-2016-4564
+CVE-2016-4564 (The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9. ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832888)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950
-CVE-2016-4563
+CVE-2016-4563 (The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick be ...)
 	{DSA-3652-1 DLA-517-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832887)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950
-CVE-2016-4562
+CVE-2016-4562 (The DrawDashPolygon function in MagickCore/draw.c in ImageMagick befor ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832885)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950
-CVE-2016-4560
+CVE-2016-4560 (Untrusted search path vulnerability in Flexera InstallAnywhere allows  ...)
 	NOT-FOR-US: Flexera
 CVE-2016-4559
 	RESERVED
-CVE-2016-4567
+CVE-2016-4567 (Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as ...)
 	- mediaelement <unfixed> (unimportant; bug #823649)
 	NOTE: https://core.trac.wordpress.org/changeset/37370
 	NOTE: Fixed by: https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e
 	NOTE: Vulnerable code present, but Flash Player disabled in Debian
 	NOTE: See 0004-Deactivate-Flash-and-Silverlight.patch
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/2
-CVE-2016-4566
+CVE-2016-4566 (Cross-site scripting (XSS) vulnerability in plupload.flash.swf in Plup ...)
 	- wordpress 4.5.2+dfsg-1 (bug #823640)
 	[jessie] - wordpress <not-affected> (Vulnerable code not present)
 	[wheezy] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: https://wordpress.org/news/2016/05/wordpress-4-5-2/
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37382
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/2
-CVE-2016-4568
+CVE-2016-4568 (drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4. ...)
 	- linux 4.5.3-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in 4.4)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 4.4)
 	NOTE: Fixed by: https://git.kernel.org/linus/2c1f6951a8a82e6de0d82b1158b5e493fc6c54ab (v4.6-rc6)
 	NOTE: Introduced by: https://git.kernel.org/linus/b0e0e1f83de31aa0428c38b692c590cc0ecd3f03 (v4.4-rc1)
-CVE-2016-4565
+CVE-2016-4565 (The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorre ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.3-1
 	NOTE: Fixed by: https://git.kernel.org/linus/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3 (v4.6-rc6)
-CVE-2016-4551
+CVE-2016-4551 (The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP ...)
 	NOT-FOR-US: SAP
 CVE-2016-4550
 	RESERVED
@@ -19084,37 +19084,37 @@ CVE-2016-4549
 	RESERVED
 CVE-2016-4548
 	RESERVED
-CVE-2016-4545
+CVE-2016-4545 (Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, al ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-4561
+CVE-2016-4561 (Cross-site scripting (XSS) vulnerability in the cgierror function in C ...)
 	{DSA-3571-1 DLA-463-1}
 	- ikiwiki 3.20160506
 	NOTE: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=32ef584dc5abb6ddb9f794f94ea0b2934967bba7
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/06/8
-CVE-2016-4547
+CVE-2016-4547 (Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow atta ...)
 	NOT-FOR-US: Samsung Android component
-CVE-2016-4546
+CVE-2016-4546 (Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users t ...)
 	NOT-FOR-US: Samsung Android component
-CVE-2016-4570
+CVE-2016-4570 (The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly  ...)
 	{DLA-1641-1}
 	- mxml 2.9-1 (bug #825855)
 	[wheezy] - mxml <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/8
 	NOTE: https://github.com/michaelrsweet/mxml/commit/d8c0ba900728d47523d76ba4acf33176cd04647c
-CVE-2016-4571
+CVE-2016-4571 (The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and poss ...)
 	{DLA-1641-1}
 	- mxml 2.9-2 (bug #825855)
 	[wheezy] - mxml <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/8
 	NOTE: https://github.com/michaelrsweet/mxml/commit/5f74dc212497332d05882660db130a37d2f458eb
-CVE-2016-4558
+CVE-2016-4558 (The BPF subsystem in the Linux kernel before 4.5.5 mishandles referenc ...)
 	- linux 4.5.3-1
 	[jessie] - linux <not-affected> (Issue introduced later)
 	[wheezy] - linux <not-affected> (Issue introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/92117d8443bc5afacc8d5ba82e541946310f106e
 	NOTE: Introduced by: https://git.kernel.org/linus/1be7f75d1668d6296b80bf35dcf6762393530afc(v4.4-rc1)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=809
-CVE-2016-4557
+CVE-2016-4557 (The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in t ...)
 	- linux 4.5.3-1 (bug #823603)
 	[jessie] - linux <not-affected> (Issue introduced later)
 	[wheezy] - linux <not-affected> (Issue introduced later)
@@ -19123,14 +19123,14 @@ CVE-2016-4557
 	NOTE: Introduced by: https://git.kernel.org/linus/0246e64d9a5fcd4805198de59b9b5cf1f974eb41 (v3.18-rc1)
 	NOTE: Exploitable since: https://git.kernel.org/linus/1be7f75d1668d6296b80bf35dcf6762393530afc (v4.4-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/06/4
-CVE-2016-4556
+CVE-2016-4556 (Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x ...)
 	{DSA-3625-1 DLA-478-1}
 	- squid3 3.5.19-1 (bug #823968)
 	- squid <not-affected> (Does not affect 2.x)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_9.txt
 	NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch
-CVE-2016-4555
+CVE-2016-4555 (client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.1 ...)
 	{DSA-3625-1 DLA-478-1}
 	- squid3 3.5.19-1 (bug #823968)
 	[wheezy] - squid3 <not-affected> (3.1 not vulnerable)
@@ -19138,7 +19138,7 @@ CVE-2016-4555
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_9.txt
 	NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch
-CVE-2016-4554
+CVE-2016-4554 (mime_header.cc in Squid before 3.5.18 allows remote attackers to bypas ...)
 	{DSA-3625-1 DLA-558-1 DLA-478-1}
 	- squid3 3.5.19-1 (bug #823968)
 	- squid 4.1-1
@@ -19150,7 +19150,7 @@ CVE-2016-4554
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14038.patch
 	NOTE: Regression and fix: http://bugs.squid-cache.org/show_bug.cgi?id=4515
 	NOTE: Complete patch for 3.4 branch: http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_8.patch
-CVE-2016-4553
+CVE-2016-4553 (client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not p ...)
 	{DSA-3625-1}
 	- squid3 3.5.19-1 (bug #823968)
 	[wheezy] - squid3 <not-affected> (issue introduced by CVE-2009-0801 fix, not applied in wheezy)
@@ -19159,91 +19159,91 @@ CVE-2016-4553
 	NOTE: Fix for 3.5.x: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14039.patch
 	NOTE: Fix for 3.5 relies on SBuf.
 	NOTE: Fix for 3.4.x: http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13240.patch
-CVE-2016-4535
+CVE-2016-4535 (Integer signedness error in the AV engine before DAT 8145, as used in  ...)
 	NOT-FOR-US: McAfee / AV engine
-CVE-2016-4534
+CVE-2016-4534 (The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterp ...)
 	NOT-FOR-US: McAfee VirusScan Console
-CVE-2016-4533
+CVE-2016-4533 (Heap-based buffer overflow in WECON LeviStudio allows remote attackers ...)
 	NOT-FOR-US: LeviStudio
-CVE-2016-4532
+CVE-2016-4532 (Directory traversal vulnerability in the WAP interface in Trihedral VT ...)
 	NOT-FOR-US: Trihedral
-CVE-2016-4531
+CVE-2016-4531 (Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not i ...)
 	NOT-FOR-US: Rockwell
-CVE-2016-4530
+CVE-2016-4530 (OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote  ...)
 	NOT-FOR-US: OSISoft
-CVE-2016-4529
+CVE-2016-4529 (An unspecified ActiveX control in Schneider Electric SoMachine HVAC Pr ...)
 	NOT-FOR-US: Schneider
-CVE-2016-4528
+CVE-2016-4528 (Buffer overflow in Advantech WebAccess before 8.1_20160519 allows loca ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2016-4527
+CVE-2016-4527 (ABB PCM600 before 2.7 improperly stores PCM600 authentication credenti ...)
 	NOT-FOR-US: ABB PCM600
-CVE-2016-4526
+CVE-2016-4526 (ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privile ...)
 	NOT-FOR-US: ABB DataManagerPro
-CVE-2016-4525
+CVE-2016-4525 (Unspecified ActiveX controls in Advantech WebAccess before 8.1_2016051 ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2016-4524
+CVE-2016-4524 (ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords  ...)
 	NOT-FOR-US: ABB PCM600
-CVE-2016-4523
+CVE-2016-4523 (The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x ...)
 	NOT-FOR-US: Trihedral
-CVE-2016-4522
+CVE-2016-4522 (SQL injection vulnerability in Rockwell Automation FactoryTalk EnergyM ...)
 	NOT-FOR-US: Rockwell
-CVE-2016-4521
+CVE-2016-4521 (Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before  ...)
 	NOT-FOR-US: Sixnet
-CVE-2016-4520
+CVE-2016-4520 (Schneider Electric Pelco Digital Sentry Video Management System with f ...)
 	NOT-FOR-US: Schneider
-CVE-2016-4519
+CVE-2016-4519 (Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9. ...)
 	NOT-FOR-US: Unitronics VisiLogic
-CVE-2016-4518
+CVE-2016-4518 (OSIsoft PI AF Server before 2016 2.8.0 allows remote authenticated use ...)
 	NOT-FOR-US: OSIsoft PI AF Server
 CVE-2016-4517
 	RESERVED
-CVE-2016-4516
+CVE-2016-4516 (ABB PCM600 before 2.7 improperly stores the main application password  ...)
 	NOT-FOR-US: ABB PCM600
 CVE-2016-4515
 	REJECTED
-CVE-2016-4514
+CVE-2016-4514 (Moxa PT-7728 devices with software 3.4 build 15081113 allow remote aut ...)
 	NOT-FOR-US: Moxa
-CVE-2016-4513
+CVE-2016-4513 (Cross-site scripting (XSS) vulnerability in the Schneider Electric Pow ...)
 	NOT-FOR-US: Schneider
-CVE-2016-4512
+CVE-2016-4512 (Stack-based buffer overflow in ELCSimulator in Eaton ELCSoft 2.4.01 an ...)
 	NOT-FOR-US: Eaton ELCSoft
-CVE-2016-4511
+CVE-2016-4511 (ABB PCM600 before 2.7 uses an improper hash algorithm for the main app ...)
 	NOT-FOR-US: ABB PCM600
-CVE-2016-4510
+CVE-2016-4510 (The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x ...)
 	NOT-FOR-US: Trihedral VTScada
-CVE-2016-4509
+CVE-2016-4509 (Heap-based buffer overflow in elcsoft.exe in Eaton ELCSoft 2.4.01 and  ...)
 	NOT-FOR-US: Eaton ELCSoft
-CVE-2016-4508
+CVE-2016-4508 (Cross-site scripting (XSS) vulnerability in Rexroth Bosch BLADEcontrol ...)
 	NOT-FOR-US: Rexroth Bosch
-CVE-2016-4507
+CVE-2016-4507 (SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 ...)
 	NOT-FOR-US: Rexroth Bosch
-CVE-2016-4506
+CVE-2016-4506 (Cross-site request forgery (CSRF) vulnerability on Resource Data Manag ...)
 	NOT-FOR-US: Resource Data Management
-CVE-2016-4505
+CVE-2016-4505 (Resource Data Management (RDM) Intuitive 650 TDB Controller devices be ...)
 	NOT-FOR-US: Resource Data Management
-CVE-2016-4504
+CVE-2016-4504 (A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB' ...)
 	NOT-FOR-US: Meteocontrol WEB'log
-CVE-2016-4503
+CVE-2016-4503 (Moxa Device Server Web Console 5232-N allows remote attackers to bypas ...)
 	NOT-FOR-US: Moxa
-CVE-2016-4502
+CVE-2016-4502 (Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and  ...)
 	NOT-FOR-US: Environmental Systems Corporation
-CVE-2016-4501
+CVE-2016-4501 (Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and  ...)
 	NOT-FOR-US: Environmental Systems Corporation
-CVE-2016-4500
+CVE-2016-4500 (Moxa UC-7408 LX-Plus devices allow remote authenticated users to write ...)
 	NOT-FOR-US: Moxa
-CVE-2016-4499
+CVE-2016-4499 (Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x befo ...)
 	NOT-FOR-US: Panasonic FPWIN Pro
-CVE-2016-4498
+CVE-2016-4498 (Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitial ...)
 	NOT-FOR-US: Panasonic FPWIN Pro
-CVE-2016-4497
+CVE-2016-4497 (Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to ...)
 	NOT-FOR-US: Panasonic FPWIN Pro
-CVE-2016-4496
+CVE-2016-4496 (Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to ...)
 	NOT-FOR-US: Panasonic FPWIN Pro
-CVE-2016-4495
+CVE-2016-4495 (KMC Controls BAC-5051E devices with firmware before E0.2.0.2 allow rem ...)
 	NOT-FOR-US: KMC
-CVE-2016-4494
+CVE-2016-4494 (Cross-site request forgery (CSRF) vulnerability on KMC Controls BAC-50 ...)
 	NOT-FOR-US: KMC
-CVE-2016-4493
+CVE-2016-4493 (The demangle_template_value_parm and do_hpacc_template_literal functio ...)
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -19255,7 +19255,7 @@ CVE-2016-4493
 	[wheezy] - libiberty <no-dsa> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70926
 	NOTE: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=238313
-CVE-2016-4492
+CVE-2016-4492 (Buffer overflow in the do_type function in cplus-dem.c in libiberty al ...)
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -19267,7 +19267,7 @@ CVE-2016-4492
 	[wheezy] - libiberty <no-dsa> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70926
 	NOTE: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=238313
-CVE-2016-4491
+CVE-2016-4491 (The d_print_comp function in cp-demangle.c in libiberty allows remote  ...)
 	- binutils 2.28-3 (low)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
@@ -19278,7 +19278,7 @@ CVE-2016-4491
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70909
 	NOTE: https://gcc.gnu.org/ml/gcc-patches/2016-05/msg00105.html
 	NOTE: https://gcc.gnu.org/viewcvs?rev=247056&root=gcc&view=rev
-CVE-2016-4490
+CVE-2016-4490 (Integer overflow in cp-demangle.c in libiberty allows remote attackers ...)
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -19290,7 +19290,7 @@ CVE-2016-4490
 	[wheezy] - libiberty <no-dsa> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70498
 	NOTE: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=235767
-CVE-2016-4489
+CVE-2016-4489 (Integer overflow in the gnu_special function in libiberty allows remot ...)
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -19302,7 +19302,7 @@ CVE-2016-4489
 	[wheezy] - libiberty <no-dsa> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70492
 	NOTE: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=234828
-CVE-2016-4488
+CVE-2016-4488 (Use-after-free vulnerability in libiberty allows remote attackers to c ...)
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -19314,7 +19314,7 @@ CVE-2016-4488
 	[wheezy] - libiberty <no-dsa> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70481
 	NOTE: https://gcc.gnu.org/ml/gcc-patches/2016-03/msg01687.html
-CVE-2016-4487
+CVE-2016-4487 (Use-after-free vulnerability in libiberty allows remote attackers to c ...)
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -19326,7 +19326,7 @@ CVE-2016-4487
 	[wheezy] - libiberty <no-dsa> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70481
 	NOTE: https://gcc.gnu.org/ml/gcc-patches/2016-03/msg01687.html
-CVE-2016-4539
+CVE-2016-4539 (The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5. ...)
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19336,7 +19336,7 @@ CVE-2016-4539
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
 	NOTE: HHVM fix: https://github.com/facebook/hhvm/commit/7290b3bbcaa1e10a8d807fab3242204e9ec3a015
-CVE-2016-4537
+CVE-2016-4537 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6 ...)
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19344,7 +19344,7 @@ CVE-2016-4537
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=d650063a0457aec56364e4005a636dc6c401f9cd
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4538
+CVE-2016-4538 (The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6 ...)
 	{DSA-3602-1 DLA-628-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19352,7 +19352,7 @@ CVE-2016-4538
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=d650063a0457aec56364e4005a636dc6c401f9cd
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4540
+CVE-2016-4540 (The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c i ...)
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19360,7 +19360,7 @@ CVE-2016-4540
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=fd9689745c44341b1bd6af4756f324be8abba2fb
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4541
+CVE-2016-4541 (The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in ...)
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19368,7 +19368,7 @@ CVE-2016-4541
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=fd9689745c44341b1bd6af4756f324be8abba2fb
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4542
+CVE-2016-4542 (The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5 ...)
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19376,7 +19376,7 @@ CVE-2016-4542
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4543
+CVE-2016-4543 (The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before ...)
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19384,7 +19384,7 @@ CVE-2016-4543
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4544
+CVE-2016-4544 (The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP befor ...)
 	{DSA-3602-1 DLA-499-1}
 	- php7.0 7.0.6-1
 	- php5 5.6.21+dfsg-1
@@ -19392,37 +19392,37 @@ CVE-2016-4544
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92
 	NOTE: Fixed in 7.0.6, 5.6.21, 5.5.35
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/21
-CVE-2016-4536
+CVE-2016-4536 (The client in OpenAFS before 1.6.17 does not properly initialize the ( ...)
 	{DLA-493-1}
 	- openafs 1.6.17-1
 	[jessie] - openafs 1.6.9-2+deb8u6
 	NOTE: https://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt
-CVE-2016-4486
+CVE-2016-4486 (The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.4-1
 	NOTE: https://git.kernel.org/linus/5f8e44741f9f216e33736ea4ec65ca9ac03036e6
-CVE-2016-4485
+CVE-2016-4485 (The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel befo ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.4-1
 	NOTE: https://git.kernel.org/linus/b8670c09f37bdf2847cc44f36511a53afc6161fd
-CVE-2016-4484
+CVE-2016-4484 (The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earl ...)
 	- cryptsetup 2:1.7.3-2 (unimportant)
 	NOTE: http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html
 	NOTE: Negligible security impact
 	NOTE: in #860981 claimed to still be unresolved as per 2:1.7.3-3
 CVE-2016-4481
 	RESERVED
-CVE-2016-4480
+CVE-2016-4480 (The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6. ...)
 	{DSA-3633-1 DLA-571-1}
 	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-176.html
 CVE-2016-4479
 	RESERVED
-CVE-2016-4475
+CVE-2016-4475 (The (1) Organization and (2) Locations APIs and UIs in Foreman before  ...)
 	- foreman <itp> (bug #663101)
-CVE-2016-4474
+CVE-2016-4474 (The image build process for the overcloud images in Red Hat OpenStack  ...)
 	NOT-FOR-US: Red Hat OpenStack Overcloud image
-CVE-2016-4473
+CVE-2016-4473 (/ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers ...)
 	{DLA-628-1}
 	- php5 5.6.23+dfsg-1
 	[jessie] - php5 5.6.23+dfsg-0+deb8u1
@@ -19431,48 +19431,48 @@ CVE-2016-4473
 	NOTE: https://bugs.php.net/bug.php?id=72321
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=d144590d38fa321b46b8e199c754006318985c84
 	NOTE: Fixed in 5.6.23
-CVE-2016-4472
+CVE-2016-4472 (The overflow protection in Expat is removed by compilers with certain  ...)
 	{DSA-3582-1 DLA-483-1}
 	- expat 2.1.1-2
 	NOTE: https://sourceforge.net/p/expat/code_git/ci/f0bec73b018caa07d3e75ec8dd967f3785d71bde/tree/expat/lib/xmlparse.c?diff=a238d7ea7a715ef3850c4cbdd86aeda7077b6bbc
-CVE-2016-4471
+CVE-2016-4471 (ManageIQ in CloudForms before 4.1 allows remote authenticated users to ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2016-4470
+CVE-2016-4470 (The key_reject_and_link function in security/keys/key.c in the Linux k ...)
 	{DSA-3607-1 DLA-609-1}
 	- linux 4.6.2-2
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a
-CVE-2016-4469
+CVE-2016-4469 (Multiple cross-site request forgery (CSRF) vulnerabilities in Apache A ...)
 	NOT-FOR-US: Apache Archiva
-CVE-2016-4468
+CVE-2016-4468 (SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; ...)
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-4467
+CVE-2016-4467 (The C client and C-based client bindings in the Apache Qpid Proton lib ...)
 	- qpid-proton <not-affected> (Windows-specific)
 CVE-2016-4466
 	REJECTED
-CVE-2016-4465
+CVE-2016-4465 (The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and  ...)
 	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1 and 2.5)
 	NOTE: https://struts.apache.org/docs/s2-041.html
-CVE-2016-4464
+CVE-2016-4464 (The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3 ...)
 	NOT-FOR-US: Apache CXF
-CVE-2016-4463
+CVE-2016-4463 (Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows c ...)
 	{DSA-3610-1 DLA-535-1}
 	- xerces-c 3.1.3+debian-2.1 (bug #828990)
 	NOTE: http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt
-CVE-2016-4462
+CVE-2016-4462 (By manipulating the URL parameter externalLoginKey, a malicious, logge ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2016-4461
+CVE-2016-4461 (Apache Struts 2.x before 2.3.29 allows remote attackers to execute arb ...)
 	- libstruts1.2-java <not-affected> (Vulnerable code not present, CVE for incomplete fix for CVE-2016-0785)
-CVE-2016-4460
+CVE-2016-4460 (Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass a ...)
 	NOT-FOR-US: Apache Pony Mail
-CVE-2016-4459
+CVE-2016-4459 (Stack-based buffer overflow in native/mod_manager/node.c in mod_cluste ...)
 	- libapache2-mod-cluster <itp> (bug #731410)
 CVE-2016-4458
 	RESERVED
-CVE-2016-4457
+CVE-2016-4457 (CloudForms Management Engine before 5.8 includes a default SSL/TLS cer ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2016-4455
+CVE-2016-4455 (The Subscription Manager package (aka subscription-manager) before 1.1 ...)
 	NOT-FOR-US: Red Hat Subscription Manager
-CVE-2016-4454
+CVE-2016-4454 (The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU a ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -19480,7 +19480,7 @@ CVE-2016-4454
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05271.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336429
-CVE-2016-4453
+CVE-2016-4453 (The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-3
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -19490,40 +19490,40 @@ CVE-2016-4453
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336650
 CVE-2016-4452
 	RESERVED
-CVE-2016-4451
+CVE-2016-4451 (The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 a ...)
 	- foreman <itp> (bug #663101)
-CVE-2016-4450
+CVE-2016-4450 (os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 al ...)
 	{DSA-3592-1}
 	- nginx 1.10.1-1 (bug #825960)
 	[wheezy] - nginx <not-affected> (Introduced in 1.3.9)
-CVE-2016-4449
+CVE-2016-4449 (XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntit ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=761430
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5 (v2.9.4)
-CVE-2016-4448
+CVE-2016-4448 (Format string vulnerability in libxml2 before 2.9.4 allows attackers t ...)
 	- libxml2 2.9.4+dfsg1-1 (bug #829718)
 	[jessie] - libxml2 <ignored> (Minor impact; too intrusive to backport)
 	[wheezy] - libxml2 <no-dsa> (Minor impact; too intrusive to backport)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=761029
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9 (v2.9.4)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b (v2.9.4)
-CVE-2016-4447
+CVE-2016-4447 (The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 a ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759573
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83 (v2.9.4)
-CVE-2016-4446
+CVE-2016-4446 (The allow_execstack plugin for setroubleshoot allows local users to ex ...)
 	NOT-FOR-US: setroubleshoot
-CVE-2016-4445
+CVE-2016-4445 (The fix_lookup_id function in sealert in setroubleshoot before 3.2.23  ...)
 	NOT-FOR-US: setroubleshoot
-CVE-2016-4444
+CVE-2016-4444 (The allow_execmod plugin for setroubleshoot before 3.2.23 allows local ...)
 	NOT-FOR-US: setroubleshoot
-CVE-2016-4443
+CVE-2016-4443 (Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local user ...)
 	NOT-FOR-US: org.ovirt.engine-root / engine-setup (Red Hat)
-CVE-2016-4442
+CVE-2016-4442 (The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attack ...)
 	NOT-FOR-US: rack-mini-profiler gem
-CVE-2016-4441
+CVE-2016-4441 (The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controlle ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #824856)
 	[wheezy] - qemu <no-dsa> (Minor issue; can be fixed along with a future DSA)
@@ -19531,45 +19531,45 @@ CVE-2016-4441
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue; can be fixed along with a future DSA)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03274.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1337505
-CVE-2016-4440
+CVE-2016-4440 (arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the AP ...)
 	- linux 4.5.5-1
 	[jessie] - linux <not-affected> (Introduced in 4.5)
 	[wheezy] - linux <not-affected> (Introduced in 4.5)
 	NOTE: Upstream patch: https://github.com/torvalds/linux/commit/3ce424e45411cf5a13105e0386b6ecf6eeb4f66f
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1337806
 	NOTE: http://comments.gmane.org/gmane.comp.emulators.kvm.devel/152100
-CVE-2016-4439
+CVE-2016-4439 (The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Con ...)
 	{DLA-1599-1 DLA-574-1 DLA-573-1}
 	- qemu 1:2.6+dfsg-2 (bug #824856)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03273.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1337502
-CVE-2016-4438
+CVE-2016-4438 (The REST plugin in Apache Struts 2 2.3.20 through 2.3.28.1 allows remo ...)
 	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-037.html
-CVE-2016-4437
+CVE-2016-4437 (Apache Shiro before 1.2.5, when a cipher key has not been configured f ...)
 	- shiro 1.2.5-1 (bug #826653)
 	[jessie] - shiro <no-dsa> (Minor issue)
-CVE-2016-4436
+CVE-2016-4436 (Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers t ...)
 	- libstruts1.2-java <not-affected> (Only affects 2.0.0 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-035.html
-CVE-2016-4435
+CVE-2016-4435 (An endpoint of the Agent running on the BOSH Director VM with stemcell ...)
 	NOT-FOR-US: BOSH
-CVE-2016-4434
+CVE-2016-4434 (Apache Tika before 1.13 does not properly initialize the XML parser or ...)
 	- tika 1.18-1 (bug #825501)
 	[jessie] - tika <no-dsa> (Minor issue, no standard alone package, just a reverse dependency of jmeter)
-CVE-2016-4433
+CVE-2016-4433 (Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to byp ...)
 	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-039.html
-CVE-2016-4432
+CVE-2016-4432 (The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid J ...)
 	- qpid-java <itp> (bug #840131)
-CVE-2016-4431
+CVE-2016-4431 (Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to byp ...)
 	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-040.html
-CVE-2016-4430
+CVE-2016-4430 (Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, w ...)
 	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-038.html
-CVE-2016-4429
+CVE-2016-4429 (Stack-based buffer overflow in the clntudp_call function in sunrpc/cln ...)
 	- glibc 2.22-10
 	[jessie] - glibc 2.19-18+deb8u5
 	- eglibc <removed>
@@ -19578,7 +19578,7 @@ CVE-2016-4429
 	- libtirpc 0.2.5-1.1 (bug #840347)
 	[jessie] - libtirpc <no-dsa> (Minor issue)
 	[wheezy] - libtirpc <no-dsa> (Minor issue)
-CVE-2016-4428
+CVE-2016-4428 (Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horiz ...)
 	{DSA-3617-1 DLA-520-1}
 	- horizon 3:9.0.1-2 (bug #828967)
 	NOTE: https://bugs.launchpad.net/bugs/1567673
@@ -19588,7 +19588,7 @@ CVE-2016-4426
 	RESERVED
 CVE-2016-4424
 	RESERVED
-CVE-2016-4423
+CVE-2016-4423 (The attemptAuthentication function in Component/Security/Http/Firewall ...)
 	{DSA-3588-1}
 	- symfony 2.8.6+dfsg-1
 	NOTE: https://github.com/symfony/symfony/pull/18733
@@ -19596,24 +19596,24 @@ CVE-2016-4423
 CVE-2016-XXXX [XSS]
 	- dotclear <removed>
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/04/9
-CVE-2016-4482
+CVE-2016-4482 (The proc_connectinfo function in drivers/usb/core/devio.c in the Linux ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.5-1
 	NOTE: http://www.spinics.net/lists/linux-usb/msg140243.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/04/2
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/681fef8380eb818c0b845fca5d2ab1dcbab114ee
-CVE-2016-4483
+CVE-2016-4483 (The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 all ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1 (bug #823405)
 	NOTE: Minor issue, only when using libxml2 using recovery mode
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=c97750d11bb8b6f3303e7131fe526a61ac65bcfd (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=766414
-CVE-2016-4477
+CVE-2016-4477 (wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters  ...)
 	{DLA-473-1}
 	- wpa 2.3-2.4 (bug #823411)
 	[jessie] - wpa 2.3-1+deb8u4
 	NOTE: http://w1.fi/security/2016-1/
-CVE-2016-4476
+CVE-2016-4476 (hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not  ...)
 	{DLA-473-1}
 	- wpa 2.3-2.4 (bug #823411)
 	[jessie] - wpa 2.3-1+deb8u4
@@ -19628,133 +19628,133 @@ CVE-2016-4409
 	RESERVED
 CVE-2016-4408
 	RESERVED
-CVE-2016-4407
+CVE-2016-4407 (The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not ...)
 	NOT-FOR-US: SAP
-CVE-2016-4406
+CVE-2016-4406 (A remote cross site scripting vulnerability was identified in HPE iLO  ...)
 	NOT-FOR-US: HPE iLO
-CVE-2016-4405
+CVE-2016-4405 (A remote code execution vulnerability was identified in HP Business Se ...)
 	NOT-FOR-US: HP
-CVE-2016-4404
+CVE-2016-4404 (A security vulnerability was identified in the Filter SDK component of ...)
 	NOT-FOR-US: HPE KeyView using Filter SDK
-CVE-2016-4403
+CVE-2016-4403 (A security vulnerability was identified in the Filter SDK component of ...)
 	NOT-FOR-US: HPE KeyView using Filter SDK
-CVE-2016-4402
+CVE-2016-4402 (A security vulnerability was identified in the Filter SDK component of ...)
 	NOT-FOR-US: HPE KeyView using Filter SDK
 CVE-2016-4401
 	RESERVED
-CVE-2016-4400
+CVE-2016-4400 (A security vulnerability was identified in HP Network Node Manager i ( ...)
 	NOT-FOR-US: HP Network Node Manager i
-CVE-2016-4399
+CVE-2016-4399 (A security vulnerability was identified in HP Network Node Manager i ( ...)
 	NOT-FOR-US: HP Network Node Manager i
-CVE-2016-4398
+CVE-2016-4398 (A remote arbitrary code execution vulnerability was identified in HP N ...)
 	NOT-FOR-US: HP Network Node Manager i
-CVE-2016-4397
+CVE-2016-4397 (A local code execution security vulnerability was identified in HP Net ...)
 	NOT-FOR-US: HP Network Node Manager i
-CVE-2016-4396
+CVE-2016-4396 (HPE System Management Homepage before v7.6 allows remote attackers to  ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-4395
+CVE-2016-4395 (HPE System Management Homepage before v7.6 allows remote attackers to  ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-4394
+CVE-2016-4394 (HPE System Management Homepage before v7.6 allows remote attackers to  ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-4393
+CVE-2016-4393 (HPE System Management Homepage before v7.6 allows "remote authenticate ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-4392
+CVE-2016-4392 (A remote cross site scripting vulnerability has been identified in HP  ...)
 	NOT-FOR-US: HP Business Service Management
-CVE-2016-4391
+CVE-2016-4391 (A remote code execution security vulnerability has been identified in  ...)
 	NOT-FOR-US: HP ArcSight WINC Connector
-CVE-2016-4390
+CVE-2016-4390 (The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attack ...)
 	NOT-FOR-US: HPE KeyView
-CVE-2016-4389
+CVE-2016-4389 (The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attack ...)
 	NOT-FOR-US: HPE KeyView
-CVE-2016-4388
+CVE-2016-4388 (The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attack ...)
 	NOT-FOR-US: HPE KeyView
-CVE-2016-4387
+CVE-2016-4387 (The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attack ...)
 	NOT-FOR-US: HPE KeyView
-CVE-2016-4386
+CVE-2016-4386 (HPE Network Automation Software 10.10 allows local users to write to a ...)
 	NOT-FOR-US: HPE Network Automation
-CVE-2016-4385
+CVE-2016-4385 (The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x be ...)
 	NOT-FOR-US: HPE Network Automation
-CVE-2016-4384
+CVE-2016-4384 (HPE Performance Center before 12.50 and LoadRunner before 12.50 allow  ...)
 	NOT-FOR-US: HPE Performance Center
-CVE-2016-4383
+CVE-2016-4383 (The glance-manage db in all versions of HPE Helion Openstack Glance al ...)
 	- glance <unfixed> (unimportant; bug #868185)
 	NOTE: https://bugs.launchpad.net/glance/+bug/1593799/
 	NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0075
 	NOTE: No code fix, documented shortcoming
-CVE-2016-4382
+CVE-2016-4382 (HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows re ...)
 	NOT-FOR-US: HPE Performance Center
-CVE-2016-4381
+CVE-2016-4381 (HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x bef ...)
 	NOT-FOR-US: HPE
-CVE-2016-4380
+CVE-2016-4380 (Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operati ...)
 	NOT-FOR-US: HPE
-CVE-2016-4379
+CVE-2016-4379 (The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmw ...)
 	NOT-FOR-US: HPE
-CVE-2016-4378
+CVE-2016-4378 (The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Ma ...)
 	NOT-FOR-US: HPE
-CVE-2016-4377
+CVE-2016-4377 (HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrast ...)
 	NOT-FOR-US: HPE
-CVE-2016-4376
+CVE-2016-4376 (HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches a ...)
 	NOT-FOR-US: HPE
-CVE-2016-4375
+CVE-2016-4375 (Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (a ...)
 	NOT-FOR-US: HPE
-CVE-2016-4374
+CVE-2016-4374 (HPE Release Control (RC) 9.13, 9.20, and 9.21 before 9.21.0005 p4 allo ...)
 	NOT-FOR-US: HPE
-CVE-2016-4373
+CVE-2016-4373 (The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, U ...)
 	NOT-FOR-US: HPE
-CVE-2016-4372
+CVE-2016-4372 (HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM ...)
 	NOT-FOR-US: HPE
-CVE-2016-4371
+CVE-2016-4371 (HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, ...)
 	NOT-FOR-US: HPE Service Manager
-CVE-2016-4370
+CVE-2016-4370 (HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before ...)
 	NOT-FOR-US: HPE Project and Portfolio Management Center
-CVE-2016-4369
+CVE-2016-4369 (HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32 ...)
 	NOT-FOR-US: HPE Discovery and Dependency Mapping Inventory
-CVE-2016-4368
+CVE-2016-4368 (HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Ma ...)
 	NOT-FOR-US: HPE Universal CMDB
-CVE-2016-4367
+CVE-2016-4367 (The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 1 ...)
 	NOT-FOR-US: HPE Universal CMDB
-CVE-2016-4366
+CVE-2016-4366 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers ...)
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-4365
+CVE-2016-4365 (HPE Insight Control server deployment allows remote attackers to obtai ...)
 	NOT-FOR-US: HPE Insight Control
-CVE-2016-4364
+CVE-2016-4364 (HPE Insight Control server deployment allows local users to gain privi ...)
 	NOT-FOR-US: HPE Insight Control
-CVE-2016-4363
+CVE-2016-4363 (HPE Insight Control server deployment allows remote attackers to modif ...)
 	NOT-FOR-US: HPE Insight Control
-CVE-2016-4362
+CVE-2016-4362 (HPE Insight Control server deployment allows remote authenticated user ...)
 	NOT-FOR-US: HPE Insight Control
-CVE-2016-4361
+CVE-2016-4361 (HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 thr ...)
 	NOT-FOR-US: HPE LoadRunner
-CVE-2016-4360
+CVE-2016-4360 (web/admin/data.js in the Performance Center Virtual Table Server (VTS) ...)
 	NOT-FOR-US: HPE LoadRunner
-CVE-2016-4359
+CVE-2016-4359 (Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunne ...)
 	NOT-FOR-US: HPE LoadRunner
-CVE-2016-4358
+CVE-2016-4358 (HPE Matrix Operating Environment before 7.5.1 allows remote attackers  ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-4357
+CVE-2016-4357 (HPE Matrix Operating Environment before 7.5.1 allows remote authentica ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-4351
+CVE-2016-4351 (SQL injection vulnerability in the authentication functionality in Tre ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-4350
+CVE-2016-4350 (Multiple SQL injection vulnerabilities in the Web Services web server  ...)
 	NOT-FOR-US: SolarWinds Storage Resource Monitor
-CVE-2016-4478
+CVE-2016-4478 (Buffer overflow in the xmlrpc_char_encode function in modules/transpor ...)
 	{DSA-3586-1}
 	- atheme-services 7.0.7-2
 	NOTE: https://github.com/atheme/atheme/commit/87580d767868360d2fed503980129504da84b63e
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2
-CVE-2016-4425
+CVE-2016-4425 (Jansson 2.7 and earlier allows context-dependent attackers to cause a  ...)
 	{DSA-3577-1 DLA-471-1}
 	- jansson 2.7-5 (bug #823238)
 	NOTE: https://github.com/akheron/jansson/issues/282
 	NOTE: https://github.com/akheron/jansson/pull/284
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/01/5
-CVE-2016-4422
+CVE-2016-4422 (The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth mi ...)
 	{DSA-3567-1}
 	- libpam-sshauth 0.4.1-2
 	NOTE: Introduced in: https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/93/src/pam_sshauth.c
 	NOTE: Fixed in: https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/114
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/01/2
-CVE-2016-4414
+CVE-2016-4414 (The onReadyRead function in core/coreauthhandler.cpp in Quassel before ...)
 	- quassel 1:0.12.4-2 (bug #826402)
 	[jessie] - quassel 1:0.10.0-2.3+deb8u3
 	[wheezy] - quassel <not-affected> (Vulnerable code introduced with 0.10.0)
@@ -19762,9 +19762,9 @@ CVE-2016-4414
 	NOTE: Introduced by: https://github.com/quassel/quassel/commit/d1bf207 (0.10.0)
 	NOTE: Fixed by: https://github.com/quassel/quassel/commit/e67887343c433cc35bc26ad6a9392588f427e746 (0.12.4)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/30/2
-CVE-2016-4349
+CVE-2016-4349 (Untrusted search path vulnerability in Cisco WebEx Productivity Tools  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-4352
+CVE-2016-4352 (Integer overflow in the demuxer function in libmpdemux/demux_gif.c in  ...)
 	{DLA-458-1 DLA-457-1}
 	- mplayer 2:1.3.0-2 (bug #823723)
 	- mplayer2 <removed> (low)
@@ -19772,117 +19772,117 @@ CVE-2016-4352
 	NOTE: https://trac.mplayerhq.hu/ticket/2295
 	NOTE: Fixed in Revision r37857 upstream
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/3
-CVE-2016-4341
+CVE-2016-4341 (NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to  ...)
 	NOT-FOR-US: NetApp
 CVE-2016-4339
 	RESERVED
-CVE-2016-4338
+CVE-2016-4338 (The mysql user parameter configuration script (userparameter_mysql.con ...)
 	- zabbix 1:3.0.3+dfsg-1 (bug #823329)
 	[jessie] - zabbix 1:2.2.7+dfsg-2+deb8u1
 	NOTE: http://seclists.org/bugtraq/2016/May/11
 	NOTE: https://support.zabbix.com/browse/ZBX-10741
-CVE-2016-4337
+CVE-2016-4337 (SQL injection vulnerability in the mgr.login.php file in Ktools.net Ph ...)
 	NOT-FOR-US: Photostore
-CVE-2016-4336
+CVE-2016-4336 (An exploitable out-of-bounds write exists in the Bzip2 parsing of the  ...)
 	NOT-FOR-US: Lexmark Document Filters
-CVE-2016-4335
+CVE-2016-4335 (An exploitable buffer overflow exists in the XLS parsing of the Lexmar ...)
 	NOT-FOR-US: Lexmark Document Filters
-CVE-2016-4334
+CVE-2016-4334 (Jive before 2016.3.1 has an open redirect from the external-link.jspa  ...)
 	NOT-FOR-US: Jive
-CVE-2016-4333
+CVE-2016-4333 (The HDF5 1.8.16 library allocating space for the array using a value f ...)
 	{DSA-3727-1 DLA-771-1}
 	- hdf5 1.10.0-patch1+docs-1 (bug #845301)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0179/
 	NOTE: Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/73640612aad91d3f04e4d8f1ea71d42acbc85f6e
-CVE-2016-4332
+CVE-2016-4332 (The library's failure to check if certain message types support a part ...)
 	{DSA-3727-1 DLA-771-1}
 	- hdf5 1.10.0-patch1+docs-1 (bug #845301)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0178/
 	NOTE: Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/e1d50d498a0affbbd6e088b524fd495ea95dea88
-CVE-2016-4331
+CVE-2016-4331 (When decoding data out of a dataset encoded with the H5Z_NBIT decoding ...)
 	{DSA-3727-1 DLA-771-1}
 	- hdf5 1.10.0-patch1+docs-1 (bug #845301)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0177/
 	NOTE: Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/e1c4ec3d541eecda78b3afcb1a0fa071c4b52afa
 	NOTE: Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/43ec23616697ce0ea3f99e40900fec55fe9107ef
-CVE-2016-4330
+CVE-2016-4330 (In the HDF5 1.8.16 library's failure to check if the number of dimensi ...)
 	{DSA-3727-1 DLA-771-1}
 	- hdf5 1.10.0-patch1+docs-1 (bug #845301)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0176/
 	NOTE: Fixed by: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/2e7e1899d3d7131bcbad65233ba713f6b79e2d69
-CVE-2016-4329
+CVE-2016-4329 (A local denial of service vulnerability exists in window broadcast mes ...)
 	NOT-FOR-US: Kaspersky
-CVE-2016-4328
+CVE-2016-4328 (MEDHOST Perioperative Information Management System (aka PIMS or VPIMS ...)
 	NOT-FOR-US: MEDHOST Perioperative Information Management System
-CVE-2016-4327
+CVE-2016-4327 (Cross-site scripting (XSS) vulnerability in WSO2 SOA Enablement Server ...)
 	NOT-FOR-US: WSO2 SOA Enablement Server
-CVE-2016-4326
+CVE-2016-4326 (The Chef Manage (formerly opscode-manage) add-on before 1.12.0 for Che ...)
 	NOT-FOR-US: Chef Manage addon
-CVE-2016-4325
+CVE-2016-4325 (Lantronix xPrintServer devices with firmware before 5.0.1-65 have hard ...)
 	NOT-FOR-US: Lantronix xPrintServer
-CVE-2016-4324
+CVE-2016-4324 (Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote ...)
 	{DSA-3608-1 DLA-581-1}
 	- libreoffice 1:5.1.4~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0126/
-CVE-2016-4323
+CVE-2016-4323 (A directory traversal exists in the handling of the MXIT protocol in P ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0128/
 	NOTE: http://www.pidgin.im/news/security/?id=97
-CVE-2016-4322
+CVE-2016-4322 (BMC BladeLogic Server Automation (BSA) before 8.7 Patch 3 allows remot ...)
 	NOT-FOR-US: BMC
 CVE-2016-4321
 	RESERVED
-CVE-2016-4320
+CVE-2016-4320 (Atlassian Bitbucket Server before 4.7.1 allows remote attackers to rea ...)
 	NOT-FOR-US: Atlassian Bitbucket Server
-CVE-2016-4319
+CVE-2016-4319 (Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings. ...)
 	NOT-FOR-US: Atlassian JIRA Server
-CVE-2016-4318
+CVE-2016-4318 (Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProje ...)
 	NOT-FOR-US: Atlassian JIRA Server
-CVE-2016-4317
+CVE-2016-4317 (Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile ...)
 	NOT-FOR-US: Atlassian Confluence
-CVE-2016-4316
+CVE-2016-4316 (Multiple cross-site scripting (XSS) vulnerabilities in WSO2 Carbon 4.4 ...)
 	NOT-FOR-US: WSO2 Carbon
-CVE-2016-4315
+CVE-2016-4315 (Cross-site request forgery (CSRF) vulnerability in WSO2 Carbon 4.4.5 a ...)
 	NOT-FOR-US: WSO2 Carbon
-CVE-2016-4314
+CVE-2016-4314 (Directory traversal vulnerability in the LogViewer Admin Service in WS ...)
 	NOT-FOR-US: WSO2 Carbon
-CVE-2016-4313
+CVE-2016-4313 (Directory traversal vulnerability in unzip/extract feature in eXtplore ...)
 	{DLA-596-1}
 	- extplorer <removed>
-CVE-2016-4312
+CVE-2016-4312 (XML external entity (XXE) vulnerability in the XACML flow feature in W ...)
 	NOT-FOR-US: WSO2 Identity Server
-CVE-2016-4311
+CVE-2016-4311 (Cross-site request forgery (CSRF) vulnerability in the XACML flow feat ...)
 	NOT-FOR-US: WSO2 Identity Server
 CVE-2016-4310
 	RESERVED
-CVE-2016-4309
+CVE-2016-4309 (Session fixation vulnerability in Symphony CMS 2.6.7, when session.use ...)
 	NOT-FOR-US: Symphony CMS
 CVE-2016-4308
 	RESERVED
-CVE-2016-4307
+CVE-2016-4307 (A denial of service vulnerability exists in the IOCTL handling functio ...)
 	NOT-FOR-US: Kaspersky Internet Security KL1 driver
-CVE-2016-4306
+CVE-2016-4306 (Multiple information leaks exist in various IOCTL handlers of the Kasp ...)
 	NOT-FOR-US: Kaspersky Internet Security KLDISK driver
-CVE-2016-4305
+CVE-2016-4305 (A denial of service vulnerability exists in the syscall filtering func ...)
 	NOT-FOR-US: Kaspersky Internet Security KLIF driver
-CVE-2016-4304
+CVE-2016-4304 (A denial of service vulnerability exists in the syscall filtering func ...)
 	NOT-FOR-US: Kaspersky Internet Security KLIF driver
-CVE-2016-4303
+CVE-2016-4303 (The parse_string function in cjson.c in the cJSON library mishandles U ...)
 	- iperf3 3.1.3-1 (bug #827116)
 	[jessie] - iperf3 <no-dsa> (Minor issue)
 	NOTE: https://raw.githubusercontent.com/esnet/security/master/cve-2016-4303/esnet-secadv-2016-0001.txt.asc
 	NOTE: https://github.com/esnet/iperf/commit/f01a9ca8f7e878e438a53687dabe30b7f7222912 (3.1.x)
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0164/
-CVE-2016-4302
+CVE-2016-4302 (Heap-based buffer overflow in the parse_codes function in archive_read ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.1-1
 	NOTE: http://blog.talosintel.com/2016/06/the-poisoned-archives.html
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0154/
 	NOTE: https://github.com/libarchive/libarchive/issues/719
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700 (v3.2.1)
-CVE-2016-4301
+CVE-2016-4301 (Stack-based buffer overflow in the parse_device function in archive_re ...)
 	- libarchive 3.2.1-1
 	[jessie] - libarchive <not-affected> (Introduced in 3.2.0)
 	[wheezy] - libarchive <not-affected> (Introduced in 3.2.0)
@@ -19890,7 +19890,7 @@ CVE-2016-4301
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0153/
 	NOTE: https://github.com/libarchive/libarchive/pull/715
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/ecdac4d50db0cf5a0c630ba077729aaa6c5a2dd2
-CVE-2016-4300
+CVE-2016-4300 (Integer overflow in the read_SubStreamsInfo function in archive_read_s ...)
 	{DSA-3657-1 DLA-554-1}
 	- libarchive 3.2.1-1
 	NOTE: http://blog.talosintel.com/2016/06/the-poisoned-archives.html
@@ -19904,461 +19904,461 @@ CVE-2016-4300
 	NOTE: 1000000, making exploitation more difficult but not impossible.
 CVE-2016-4299
 	RESERVED
-CVE-2016-4298
+CVE-2016-4298 (When opening a Hangul HShow Document (.hpt) and processing a structure ...)
 	NOT-FOR-US: Hancom Office
 CVE-2016-4297
 	RESERVED
-CVE-2016-4296
+CVE-2016-4296 (When opening a Hangul Hcell Document (.cell) and processing a record t ...)
 	NOT-FOR-US: Hancom Office
-CVE-2016-4295
+CVE-2016-4295 (When opening a Hangul Hcell Document (.cell) and processing a particul ...)
 	NOT-FOR-US: Hancom Office
-CVE-2016-4294
+CVE-2016-4294 (When opening a Hangul Hcell Document (.cell) and processing a property ...)
 	NOT-FOR-US: Hancom Office
-CVE-2016-4293
+CVE-2016-4293 (Multiple heap-based buffer overflows in the (1) CBookBase::SetDefTable ...)
 	NOT-FOR-US: Hancom Office
-CVE-2016-4292
+CVE-2016-4292 (When opening a Hangul HShow Document (.hpt) and processing a structure ...)
 	NOT-FOR-US: Hancom Office
-CVE-2016-4291
+CVE-2016-4291 (When opening a Hangul HShow Document (.hpt) and processing a structure ...)
 	NOT-FOR-US: Hancom Office
-CVE-2016-4290
+CVE-2016-4290 (When opening a Hangul HShow Document (.hpt) and processing a structure ...)
 	NOT-FOR-US: Hancom Office
 CVE-2016-4289
 	RESERVED
-CVE-2016-4288
+CVE-2016-4288 (A local privilege escalation vulnerability exists in BlueStacks App Pl ...)
 	NOT-FOR-US: BlueStacks
-CVE-2016-4287
+CVE-2016-4287 (Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x thro ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4286
+CVE-2016-4286 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4285
+CVE-2016-4285 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4284
+CVE-2016-4284 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4283
+CVE-2016-4283 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4282
+CVE-2016-4282 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4281
+CVE-2016-4281 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4280
+CVE-2016-4280 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4279
+CVE-2016-4279 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4278
+CVE-2016-4278 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4277
+CVE-2016-4277 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4276
+CVE-2016-4276 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4275
+CVE-2016-4275 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4274
+CVE-2016-4274 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4273
+CVE-2016-4273 (Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4272
+CVE-2016-4272 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4271
+CVE-2016-4271 (Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4270
+CVE-2016-4270 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4269
+CVE-2016-4269 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4268
+CVE-2016-4268 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4267
+CVE-2016-4267 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4266
+CVE-2016-4266 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4265
+CVE-2016-4265 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4264
+CVE-2016-4264 (The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before Upda ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4263
+CVE-2016-4263 (Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 al ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4262
+CVE-2016-4262 (Adobe Digital Editions before 4.5.2 allows attackers to execute arbitr ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4261
+CVE-2016-4261 (Adobe Digital Editions before 4.5.2 allows attackers to execute arbitr ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4260
+CVE-2016-4260 (Adobe Digital Editions before 4.5.2 allows attackers to execute arbitr ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4259
+CVE-2016-4259 (Adobe Digital Editions before 4.5.2 allows attackers to execute arbitr ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4258
+CVE-2016-4258 (Adobe Digital Editions before 4.5.2 allows attackers to execute arbitr ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4257
+CVE-2016-4257 (Adobe Digital Editions before 4.5.2 allows attackers to execute arbitr ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4256
+CVE-2016-4256 (Adobe Digital Editions before 4.5.2 allows attackers to execute arbitr ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4255
+CVE-2016-4255 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4254
+CVE-2016-4254 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4253
+CVE-2016-4253 (The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1,  ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4252
+CVE-2016-4252 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4251
+CVE-2016-4251 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4250
+CVE-2016-4250 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4249
+CVE-2016-4249 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.366 and ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4248
+CVE-2016-4248 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4247
+CVE-2016-4247 (Race condition in Adobe Flash Player before 18.0.0.366 and 19.x throug ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4246
+CVE-2016-4246 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4245
+CVE-2016-4245 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4244
+CVE-2016-4244 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4243
+CVE-2016-4243 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4242
+CVE-2016-4242 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4241
+CVE-2016-4241 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4240
+CVE-2016-4240 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4239
+CVE-2016-4239 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4238
+CVE-2016-4238 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4237
+CVE-2016-4237 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4236
+CVE-2016-4236 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4235
+CVE-2016-4235 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4234
+CVE-2016-4234 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4233
+CVE-2016-4233 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4232
+CVE-2016-4232 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4231
+CVE-2016-4231 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4230
+CVE-2016-4230 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4229
+CVE-2016-4229 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4228
+CVE-2016-4228 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4227
+CVE-2016-4227 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4226
+CVE-2016-4226 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4225
+CVE-2016-4225 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4224
+CVE-2016-4224 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4223
+CVE-2016-4223 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4222
+CVE-2016-4222 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4221
+CVE-2016-4221 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4220
+CVE-2016-4220 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4219
+CVE-2016-4219 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4218
+CVE-2016-4218 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4217
+CVE-2016-4217 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4216
+CVE-2016-4216 (XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote attac ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4215
+CVE-2016-4215 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4214
+CVE-2016-4214 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4213
+CVE-2016-4213 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4212
+CVE-2016-4212 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4211
+CVE-2016-4211 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4210
+CVE-2016-4210 (Integer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4209
+CVE-2016-4209 (Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4208
+CVE-2016-4208 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4207
+CVE-2016-4207 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4206
+CVE-2016-4206 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4205
+CVE-2016-4205 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4204
+CVE-2016-4204 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4203
+CVE-2016-4203 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4202
+CVE-2016-4202 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4201
+CVE-2016-4201 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4200
+CVE-2016-4200 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4199
+CVE-2016-4199 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4198
+CVE-2016-4198 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4197
+CVE-2016-4197 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4196
+CVE-2016-4196 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4195
+CVE-2016-4195 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4194
+CVE-2016-4194 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4193
+CVE-2016-4193 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4192
+CVE-2016-4192 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4191
+CVE-2016-4191 (Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4190
+CVE-2016-4190 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4189
+CVE-2016-4189 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4188
+CVE-2016-4188 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4187
+CVE-2016-4187 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4186
+CVE-2016-4186 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4185
+CVE-2016-4185 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4184
+CVE-2016-4184 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4183
+CVE-2016-4183 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4182
+CVE-2016-4182 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4181
+CVE-2016-4181 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4180
+CVE-2016-4180 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4179
+CVE-2016-4179 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4178
+CVE-2016-4178 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4177
+CVE-2016-4177 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4176
+CVE-2016-4176 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4175
+CVE-2016-4175 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4174
+CVE-2016-4174 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4173
+CVE-2016-4173 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4172
+CVE-2016-4172 (Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4171
+CVE-2016-4171 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4170
+CVE-2016-4170 (Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4169
+CVE-2016-4169 (Adobe Experience Manager 6.0, 6.1, and 6.2 allow attackers to obtain s ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4168
+CVE-2016-4168 (Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4167
+CVE-2016-4167 (Adobe DNG Software Development Kit (SDK) before 1.4 2016 allows attack ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4166
+CVE-2016-4166 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4165
+CVE-2016-4165 (The extension manager in Adobe Brackets before 1.7 allows attackers to ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4164
+CVE-2016-4164 (Cross-site scripting (XSS) vulnerability in Adobe Brackets before 1.7  ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4163
+CVE-2016-4163 (Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4162
+CVE-2016-4162 (Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4161
+CVE-2016-4161 (Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4160
+CVE-2016-4160 (Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4159
+CVE-2016-4159 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4158
+CVE-2016-4158 (Unquoted Windows search path vulnerability in Adobe Creative Cloud Des ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4157
+CVE-2016-4157 (Untrusted search path vulnerability in the installer in Adobe Creative ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4156
+CVE-2016-4156 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4155
+CVE-2016-4155 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4154
+CVE-2016-4154 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4153
+CVE-2016-4153 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4152
+CVE-2016-4152 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4151
+CVE-2016-4151 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4150
+CVE-2016-4150 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4149
+CVE-2016-4149 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4148
+CVE-2016-4148 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4147
+CVE-2016-4147 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4146
+CVE-2016-4146 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4145
+CVE-2016-4145 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4144
+CVE-2016-4144 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4143
+CVE-2016-4143 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4142
+CVE-2016-4142 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4141
+CVE-2016-4141 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4140
+CVE-2016-4140 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4139
+CVE-2016-4139 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4138
+CVE-2016-4138 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4137
+CVE-2016-4137 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4136
+CVE-2016-4136 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4135
+CVE-2016-4135 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4134
+CVE-2016-4134 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4133
+CVE-2016-4133 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4132
+CVE-2016-4132 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4131
+CVE-2016-4131 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4130
+CVE-2016-4130 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4129
+CVE-2016-4129 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4128
+CVE-2016-4128 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4127
+CVE-2016-4127 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4126
+CVE-2016-4126 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4125
+CVE-2016-4125 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4124
+CVE-2016-4124 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4123
+CVE-2016-4123 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4122
+CVE-2016-4122 (Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4121
+CVE-2016-4121 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4120
+CVE-2016-4120 (Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4119
+CVE-2016-4119 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4118
+CVE-2016-4118 (Untrusted search path vulnerability in the installer in Adobe Connect  ...)
 	NOT-FOR-US: Adobe
-CVE-2016-4117
+CVE-2016-4117 (Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to e ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4116
+CVE-2016-4116 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4115
+CVE-2016-4115 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4114
+CVE-2016-4114 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4113
+CVE-2016-4113 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4112
+CVE-2016-4112 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4111
+CVE-2016-4111 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4110
+CVE-2016-4110 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4109
+CVE-2016-4109 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4108
+CVE-2016-4108 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-4107
+CVE-2016-4107 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4106
+CVE-2016-4106 (Untrusted search path vulnerability in Adobe Reader and Acrobat before ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4105
+CVE-2016-4105 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4104
+CVE-2016-4104 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4103
+CVE-2016-4103 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4102
+CVE-2016-4102 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4101
+CVE-2016-4101 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4100
+CVE-2016-4100 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4099
+CVE-2016-4099 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4098
+CVE-2016-4098 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4097
+CVE-2016-4097 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4096
+CVE-2016-4096 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4095
+CVE-2016-4095 (Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4094
+CVE-2016-4094 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4093
+CVE-2016-4093 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4092
+CVE-2016-4092 (Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4091
+CVE-2016-4091 (Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4090
+CVE-2016-4090 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4089
+CVE-2016-4089 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4088
+CVE-2016-4088 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-4340
+CVE-2016-4340 (The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0 th ...)
 	- gitlab 8.8.2+dfsg-1 (bug #823290)
 	NOTE: https://about.gitlab.com/2016/05/02/cve-2016-4340-patches/
-CVE-2016-4087
+CVE-2016-4087 (Huawei S12700 switches with software before V200R008C00SPC500 and S570 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-4086
+CVE-2016-4086 (Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before 4 ...)
 	NOT-FOR-US: Huawei HiSuite Device Manager
-CVE-2016-4075
+CVE-2016-4075 (Opera Mini 13 and Opera Stable 36 allow remote attackers to spoof the  ...)
 	NOT-FOR-US: Opera
 CVE-2016-4067
 	RESERVED
-CVE-2016-4066
+CVE-2016-4066 (Cross-site request forgery (CSRF) vulnerability in Fortinet FortiWeb b ...)
 	NOT-FOR-US: Fortinet
-CVE-2016-4065
+CVE-2016-4065 (The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on ...)
 	NOT-FOR-US: Foxit
-CVE-2016-4064
+CVE-2016-4064 (Use-after-free vulnerability in the XFA forms handling functionality i ...)
 	NOT-FOR-US: Foxit
-CVE-2016-4063
+CVE-2016-4063 (Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3 ...)
 	NOT-FOR-US: Foxit
-CVE-2016-4062
+CVE-2016-4062 (Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report  ...)
 	NOT-FOR-US: Foxit
-CVE-2016-4061
+CVE-2016-4061 (Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote attac ...)
 	NOT-FOR-US: Foxit
-CVE-2016-4060
+CVE-2016-4060 (Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3 ...)
 	NOT-FOR-US: Foxit
-CVE-2016-4059
+CVE-2016-4059 (Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3 ...)
 	NOT-FOR-US: Foxit
-CVE-2016-4074
+CVE-2016-4074 (The jv_dump_term function in jq 1.5 allows remote attackers to cause a ...)
 	- jq 1.5+dfsg-1.1 (low; bug #822456)
 	[jessie] - jq 1.4-2.1+deb8u1
 	NOTE: https://github.com/stedolan/jq/issues/1136
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/24/3
-CVE-2016-4069
+CVE-2016-4069 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail b ...)
 	{DLA-613-1}
 	- roundcube 1.1.5+dfsg.1-1 (bug #822333)
 	NOTE: https://github.com/roundcube/roundcubemail/issues/4957
@@ -20366,94 +20366,94 @@ CVE-2016-4069
 	NOTE: https://github.com/roundcube/roundcubemail/commit/4a408843b0ef816daf70a472a02b78cd6073a4d5
 	NOTE: https://github.com/roundcube/roundcubemail/commit/699af1e5206ed9114322adaa3c25c1c969640a53 (release-1.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/23/3
-CVE-2016-4068
+CVE-2016-4068 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1 ...)
 	{DLA-537-1}
 	- roundcube 1.2.1+dfsg.1-1
 	NOTE: https://github.com/roundcube/roundcubemail/issues/5398
 	NOTE: https://github.com/roundcube/roundcubemail/commit/a1fdb205f824dee7fd42dda739f207abc85ce158
-CVE-2016-4085
+CVE-2016-4085 (Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in t ...)
 	{DSA-3585-1 DLA-497-1}
 	- wireshark 2.0.0~rc2+g74e5b56-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-28.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12293
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12293
 	NOTE: Doesn't affect 2.x series
-CVE-2016-4084
+CVE-2016-4084 (Integer signedness error in epan/dissectors/packet-mswsp.c in the MS-W ...)
 	- wireshark 2.0.3+geed34f0-1 (low)
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-27.html
-CVE-2016-4083
+CVE-2016-4083 (epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2. ...)
 	- wireshark 2.0.3+geed34f0-1 (low)
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-27.html
-CVE-2016-4082
+CVE-2016-4082 (epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wiresha ...)
 	{DSA-3585-1 DLA-497-1}
 	- wireshark 2.0.3+geed34f0-1 (low)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-26.html
-CVE-2016-4006
+CVE-2016-4006 (epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 ...)
 	{DSA-3585-1 DLA-497-1}
 	- wireshark 2.0.3+geed34f0-1 (low)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-25.html
-CVE-2016-4081
+CVE-2016-4081 (epan/dissectors/packet-iax2.c in the IAX2 dissector in Wireshark 1.12. ...)
 	{DSA-3585-1 DLA-497-1}
 	- wireshark 2.0.3+geed34f0-1 (low)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-24.html
-CVE-2016-4080
+CVE-2016-4080 (epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12. ...)
 	{DSA-3585-1 DLA-497-1}
 	- wireshark 2.0.3+geed34f0-1 (low)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-23.html
-CVE-2016-4079
+CVE-2016-4079 (epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12. ...)
 	{DSA-3585-1 DLA-497-1}
 	- wireshark 2.0.3+geed34f0-1 (low)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-22.html
-CVE-2016-4078
+CVE-2016-4078 (The IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x ...)
 	- wireshark 2.0.3+geed34f0-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-21.html
 	NOTE: Upstream lists 1.12.x affected, I have contacted them for clarification
-CVE-2016-4077
+CVE-2016-4077 (epan/reassemble.c in TShark in Wireshark 2.0.x before 2.0.3 relies on  ...)
 	- wireshark 2.0.3+geed34f0-1 (low)
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-20.html
-CVE-2016-4076
+CVE-2016-4076 (epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2 ...)
 	- wireshark 2.0.3+geed34f0-1 (low)
 	[jessie] - wireshark <not-affected> (Only affects 2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-19.html
-CVE-2016-4058
+CVE-2016-4058 (Cross-site scripting (XSS) vulnerability in Huawei Policy Center befor ...)
 	NOT-FOR-US: Huawei
-CVE-2016-4057
+CVE-2016-4057 (Huawei FusionCompute before V100R005C10SPC700 allows remote authentica ...)
 	NOT-FOR-US: Huawei FusionCompute
 CVE-2016-6479
 	REJECTED
-CVE-2016-4055
+CVE-2016-4055 (The duration function in the moment package before 2.11.2 for Node.js  ...)
 	- node-moment 2.13.0+ds-1 (unimportant)
 	NOTE: https://github.com/moment/moment/pull/2939
 	NOTE: https://nodesecurity.io/advisories/55
 	NOTE: nodejs not covered by security support
 CVE-2016-4050
 	REJECTED
-CVE-2016-4049
+CVE-2016-4049 (The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does no ...)
 	{DSA-3654-1 DLA-601-1}
 	- quagga 1.0.20160315-2 (bug #822787)
 	NOTE: https://lists.quagga.net/pipermail/quagga-dev/2016-January/014699.html
 	NOTE: https://lists.quagga.net/pipermail/quagga-dev/2016-April/015241.html
-CVE-2016-4048
+CVE-2016-4048 (An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev1 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4047
+CVE-2016-4047 (An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev8 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4046
+CVE-2016-4046 (An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev1 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4045
+CVE-2016-4045 (An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev1 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4056
+CVE-2016-4056 (Cross-site scripting (XSS) vulnerability in the Backend component in T ...)
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life> (See DSA 3314)
-CVE-2016-4054
+CVE-2016-4054 (Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows ...)
 	{DSA-3625-1 DLA-478-1}
 	- squid3 3.5.17-1
 	- squid <not-affected> (Squid 2.x are not vulnerable)
@@ -20462,7 +20462,7 @@ CVE-2016-4054
 	NOTE: http://www.squid-cache.org/Versions/v3/3.3/changesets/squid-3.3-12697.patch (Squid 3.3)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13235.patch (Squid 3.4)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14034.patch (Squid 3.5)
-CVE-2016-4053
+CVE-2016-4053 (Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to ...)
 	{DSA-3625-1 DLA-478-1}
 	- squid3 3.5.17-1
 	- squid <not-affected> (Squid 2.x are not vulnerable)
@@ -20471,7 +20471,7 @@ CVE-2016-4053
 	NOTE: http://www.squid-cache.org/Versions/v3/3.3/changesets/squid-3.3-12697.patch (Squid 3.3)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13235.patch (Squid 3.4)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14034.patch (Squid 3.5)
-CVE-2016-4052
+CVE-2016-4052 (Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4 ...)
 	{DSA-3625-1 DLA-478-1}
 	- squid3 3.5.17-1
 	- squid <not-affected> (Squid 2.x are not vulnerable)
@@ -20480,7 +20480,7 @@ CVE-2016-4052
 	NOTE: http://www.squid-cache.org/Versions/v3/3.3/changesets/squid-3.3-12697.patch (Squid 3.3)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13235.patch (Squid 3.4)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14034.patch (Squid 3.5)
-CVE-2016-4051
+CVE-2016-4051 (Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4 ...)
 	{DSA-3625-1 DLA-478-1}
 	- squid3 3.5.17-1
 	- squid 4.1-1
@@ -20493,27 +20493,27 @@ CVE-2016-4051
 	NOTE: Fixed in wheezy by DLA-556-1, c.f. CVE-2016-5408
 CVE-2016-4044
 	RESERVED
-CVE-2016-4043
+CVE-2016-4043 (Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote authen ...)
 	NOT-FOR-US: Plone
-CVE-2016-4042
+CVE-2016-4042 (Plone 3.3 through 5.1a1 allows remote attackers to obtain information  ...)
 	NOT-FOR-US: Plone
-CVE-2016-4041
+CVE-2016-4041 (Plone 4.0 through 5.1a1 does not have security declarations for Dexter ...)
 	NOT-FOR-US: Plone
-CVE-2016-4040
+CVE-2016-4040 (SQL injection vulnerability in the Workflow Screen in dotCMS before 3. ...)
 	NOT-FOR-US: dotCMS
 CVE-2016-4039
 	RESERVED
-CVE-2016-4036
+CVE-2016-4036 (The quagga package before 0.99.23-2.6.1 in openSUSE and SUSE Linux Ent ...)
 	{DSA-3654-1 DLA-601-1}
 	- quagga 1.0.20160315-2 (bug #835223)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=770619
 	NOTE: World readable files in /etc/quagga as well in Debian
-CVE-2016-3955
+CVE-2016-3955 (The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in t ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.2-1
 	NOTE: Upstream commit: https://git.kernel.org/linus/b348d7dddb6c4fbfc810b7a0626e8ec9e29f7cbb (v4.6-rc3)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/19/1
-CVE-2016-4038
+CVE-2016-4038 (Array index error in the msm_sensor_config function in kernel/SM-G9008 ...)
 	NOT-FOR-US: Samsung Android driver
 CVE-2016-4035
 	RESERVED
@@ -20521,11 +20521,11 @@ CVE-2016-4034
 	RESERVED
 CVE-2016-4033
 	RESERVED
-CVE-2016-4032
+CVE-2016-4032 (Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005 ...)
 	NOT-FOR-US: Samsung
-CVE-2016-4031
+CVE-2016-4031 (Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005 ...)
 	NOT-FOR-US: Samsung
-CVE-2016-4037
+CVE-2016-4037 (The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows lo ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #822344)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -20536,43 +20536,43 @@ CVE-2016-4037
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/18/3
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=1ae3f2f178087711f9591350abad133525ba93f2 (v2.6.0-rc3)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a49923d2837d20510d645d3758f1ad87c32d0730 (v2.6.0-rc3)
-CVE-2016-4030
+CVE-2016-4030 (Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005 ...)
 	NOT-FOR-US: Samsung
-CVE-2016-4029
+CVE-2016-4029 (WordPress before 4.5 does not consider octal and hexadecimal IP addres ...)
 	{DSA-3681-1 DLA-633-1}
 	- wordpress 4.5+dfsg-1
 	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/37115
 	NOTE: Fixed by: https://github.com/WordPress/WordPress/commit/af9f0520875eda686fd13a427fd3914d7aded049
 	NOTE: Release notes: https://codex.wordpress.org/Version_4.5
-CVE-2016-4028
+CVE-2016-4028 (An issue was discovered in Open-Xchange OX Guard before 2.4.0-rev8. OX ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4027
+CVE-2016-4027 (An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev1 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4026
+CVE-2016-4026 (An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev1 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-4025
+CVE-2016-4025 (Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x. ...)
 	NOT-FOR-US: Avast
 CVE-2016-4023
 	RESERVED
 CVE-2016-4022
 	RESERVED
-CVE-2016-4021
+CVE-2016-4021 (The read_binary function in buffer.c in pgpdump before 0.30 allows con ...)
 	{DLA-768-1}
 	- pgpdump 0.31-0.1 (bug #773747)
 	[jessie] - pgpdump 0.28-1+deb8u1
 	NOTE: https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt
 	NOTE: https://github.com/kazu-yamamoto/pgpdump/pull/16
-CVE-2016-4019
+CVE-2016-4019 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows  ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-4018
+CVE-2016-4018 (The Data Provisioning Agent (aka DP Agent) in SAP HANA does not proper ...)
 	NOT-FOR-US: SAP
-CVE-2016-4017
+CVE-2016-4017 (The Data Provisioning Agent (aka DP Agent) in SAP HANA allows remote a ...)
 	NOT-FOR-US: SAP
-CVE-2016-4016
+CVE-2016-4016 (Cross-site scripting (XSS) vulnerability in SAP Manufacturing Integrat ...)
 	NOT-FOR-US: SAP
-CVE-2016-4015
+CVE-2016-4015 (The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows rem ...)
 	NOT-FOR-US: SAP
-CVE-2016-4014
+CVE-2016-4014 (XML external entity (XXE) vulnerability in the UDDI component in SAP N ...)
 	NOT-FOR-US: SAP
 CVE-2016-XXXX [ZF2016-01: Potential Insufficient Entropy Vulnerability in ZF1]
 	- zendframework 1.12.18+dfsg-1
@@ -20585,41 +20585,41 @@ CVE-2016-4012
 	RESERVED
 CVE-2016-4011
 	RESERVED
-CVE-2016-4010
+CVE-2016-4010 (Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP  ...)
 	NOT-FOR-US: Magento
 	NOTE: https://magento.com/security/patches/magento-206-security-update
 	NOTE: http://www.netanelrub.in/2016/05/17/magento-unauthenticated-remote-code-execution/
-CVE-2016-4007
+CVE-2016-4007 (Multiple unspecified vulnerabilities in the obs-service-extract_file p ...)
 	NOT-FOR-US: obs-service-extract_file
-CVE-2016-4024
+CVE-2016-4024 (Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows rem ...)
 	{DSA-3555-1}
 	- imlib2 1.4.8-1 (bug #821732)
 	NOTE: Upstream fix: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/14/5
-CVE-2016-4005
+CVE-2016-4005 (The Huawei Hilink App application before 3.19.2 for Android does not v ...)
 	NOT-FOR-US: Huawei
-CVE-2016-4004
+CVE-2016-4004 (Directory traversal vulnerability in Dell OpenManage Server Administra ...)
 	NOT-FOR-US: Dell
-CVE-2016-4003
+CVE-2016-4003 (Cross-site scripting (XSS) vulnerability in the URLDecoder function in ...)
 	- libstruts1.2-java <not-affected> (Only affects 2.x)
 	NOTE: http://struts.apache.org/docs/s2-028.html
-CVE-2016-4020
+CVE-2016-4020 (The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not  ...)
 	{DLA-1599-1 DLA-574-1 DLA-573-1}
 	- qemu 1:2.6+dfsg-2 (bug #821062)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01118.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1313686
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/13/6
-CVE-2016-4000
+CVE-2016-4000 (Jython before 2.7.1rc1 allows attackers to execute arbitrary code via  ...)
 	{DSA-3893-1 DLA-989-1}
 	- jython 2.5.3-17 (bug #864859)
 	NOTE: http://bugs.jython.org/issue2454
 	NOTE: https://hg.python.org/jython/rev/d06e29d100c0
-CVE-2016-3999
+CVE-2016-3999 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collabor ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3998
+CVE-2016-3998 (NetApp AltaVault 4.1 and earlier allows man-in-the-middle attackers to ...)
 	NOT-FOR-US: NetApp AltaVault
-CVE-2016-3997
+CVE-2016-3997 (NetApp Clustered Data ONTAP allows man-in-the-middle attackers to obta ...)
 	NOT-FOR-US: NetApp Clustered Data ONTAP
 CVE-2016-XXXX [auth bypass]
 	- brltty <not-affected> (Vulnerable code introduced later)
@@ -20627,42 +20627,42 @@ CVE-2016-XXXX [auth bypass]
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/04/12/4
 	NOTE: Introduced in: https://github.com/brltty/brltty/commit/e62b3c925d03239a372d425fb87b2cac65d8ef19
 	NOTE: Fixed by: https://github.com/brltty/brltty/commit/74affe7d1401f2b43ad32e18cb78704d22604ad7
-CVE-2016-3996
+CVE-2016-3996 (ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly che ...)
 	NOT-FOR-US: Samsung
-CVE-2016-3991
+CVE-2016-3991 (Heap-based buffer overflow in the loadImage function in the tiffcrop t ...)
 	{DSA-3762-1 DLA-610-1 DLA-606-1}
 	- tiff 4.0.7-1
 	- tiff3 <removed> (unimportant)
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2543
 	NOTE: Reproducer http://bugs.fi/media/afl/libtiff/CVE-2016-3991.tif
-CVE-2016-3990
+CVE-2016-3990 (Heap-based buffer overflow in the horizontalDifference8 function in ti ...)
 	{DSA-3762-1 DLA-795-1 DLA-610-1}
 	- tiff 4.0.7-1 (bug #836570)
 	- tiff3 <removed> (unimportant)
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2544
-CVE-2016-3989
+CVE-2016-3989 (The NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTI ...)
 	NOT-FOR-US: Meinberg
-CVE-2016-3988
+CVE-2016-3988 (Multiple stack-based buffer overflows in the NTP time-server interface ...)
 	NOT-FOR-US: Meinberg
-CVE-2016-3987
+CVE-2016-3987 (The HTTP server in Trend Micro Password Manager allows remote web serv ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-3986
+CVE-2016-3986 (Avast allows remote attackers to cause a denial of service (memory cor ...)
 	NOT-FOR-US: Avast
-CVE-2016-3985
+CVE-2016-3985 (The Terminal Services Remote Desktop Protocol (RDP) client session res ...)
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2016-3984
+CVE-2016-3984 (The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response  ...)
 	NOT-FOR-US: McAfee
-CVE-2016-3983
+CVE-2016-3983 (McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remo ...)
 	NOT-FOR-US: McAfee
-CVE-2016-3980
+CVE-2016-3980 (The Java Startup Framework (aka jstart) in SAP JAVA AS 7.2 through 7.4 ...)
 	NOT-FOR-US: SAP
-CVE-2016-3979
+CVE-2016-3979 (Internet Communication Manager (aka ICMAN or ICM) in SAP JAVA AS 7.2 t ...)
 	NOT-FOR-US: SAP
-CVE-2016-3978
+CVE-2016-3978 (The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x b ...)
 	NOT-FOR-US: FortiOS
-CVE-2016-4002
+CVE-2016-4002 (Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-2 (bug #821061)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -20671,7 +20671,7 @@ CVE-2016-4002
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1326082
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01131.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/6
-CVE-2016-4001
+CVE-2016-4001 (Buffer overflow in the stellaris_enet_receive function in hw/net/stell ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #821038)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -20681,26 +20681,26 @@ CVE-2016-4001
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01334.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=3a15cc0e1ee7168db0782133d2607a6bfa422d66 (v2.6.0-rc2)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/4
-CVE-2016-4008
+CVE-2016-4008 (The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 ...)
 	{DSA-3568-1 DLA-495-1}
 	- libtasn1-6 4.8-1
 	- libtasn1-3 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/3
 	NOTE: http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=f435825c0f527a8e52e6ffbc3ad0bc60531d537e
 	NOTE: http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=a6e0a0b58f5cdaf4e9beca5bce69c09808cbb625
-CVE-2016-3995
+CVE-2016-3995 (The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and  ...)
 	- libcrypto++ 5.6.3-6
 	[jessie] - libcrypto++ 5.6.1-6+deb8u2
 	[wheezy] - libcrypto++ 5.6.1-6+deb7u2
 	NOTE: https://github.com/weidai11/cryptopp/issues/146
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/10/6
 	NOTE: Initial upload in 5.6.3-5 was incomplete
-CVE-2016-3994
+CVE-2016-3994 (The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause ...)
 	{DSA-3555-1}
 	- imlib2 1.4.8-1 (bug #785369)
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/6
-CVE-2016-4070
+CVE-2016-4070 (** DISPUTED ** Integer overflow in the php_raw_url_encode function in  ...)
 	{DSA-3560-1 DLA-499-1}
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
@@ -20710,7 +20710,7 @@ CVE-2016-4070
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=95433e8e339dbb6b5d5541473c1661db6ba2c451
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
 	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/ea6ff01f6c31f1615a935ef96622d623a6277d37
-CVE-2016-4071
+CVE-2016-4071 (Format string vulnerability in the php_snmp_error function in ext/snmp ...)
 	{DSA-3560-1 DLA-499-1}
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
@@ -20718,7 +20718,7 @@ CVE-2016-4071
 	NOTE: https://bugs.php.net/bug.php?id=71704
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=6e25966544fb1d2f3d7596e060ce9c9269bbdcf8
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
-CVE-2016-4072
+CVE-2016-4072 (The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x  ...)
 	{DSA-3560-1 DLA-499-1}
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
@@ -20727,7 +20727,7 @@ CVE-2016-4072
 	NOTE: https://gist.github.com/smalyshev/80b5c2909832872f2ba2
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=1e9b175204e3286d64dfd6c9f09151c31b5e099a
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
-CVE-2016-4073
+CVE-2016-4073 (Multiple integer overflows in the mbfl_strcut function in ext/mbstring ...)
 	{DSA-3560-1 DLA-499-1}
 	- php7.0 7.0.5-1
 	- php5 5.6.20+dfsg-1
@@ -20736,31 +20736,31 @@ CVE-2016-4073
 	NOTE: https://gist.github.com/smalyshev/d8355c96a657cc5dba70
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=64f42c73efc58e88671ad76b6b6bc8e2b62713e1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/11/7
-CVE-2016-3976
+CVE-2016-3976 (Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through ...)
 	NOT-FOR-US: SAP
-CVE-2016-3975
+CVE-2016-3975 (Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1  ...)
 	NOT-FOR-US: SAP
-CVE-2016-3974
+CVE-2016-3974 (XML external entity (XXE) vulnerability in the Configuration Wizard in ...)
 	NOT-FOR-US: SAP
-CVE-2016-3973
+CVE-2016-3973 (The chat feature in the Real-Time Collaboration (RTC) services 7.3 and ...)
 	NOT-FOR-US: SAP
-CVE-2016-3972
+CVE-2016-3972 (Directory traversal vulnerability in the dotTailLogServlet in dotCMS b ...)
 	NOT-FOR-US: dotCMS
-CVE-2016-3971
+CVE-2016-3971 (Cross-site scripting (XSS) vulnerability in lucene_search.jsp in dotCM ...)
 	NOT-FOR-US: dotCMS
 CVE-2016-3970
 	RESERVED
 CVE-2016-7921
 	REJECTED
-CVE-2016-3982
+CVE-2016-3982 (Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiP ...)
 	{DSA-3546-1}
 	- optipng 0.7.6-1
 	NOTE: https://sourceforge.net/p/optipng/bugs/57/
-CVE-2016-3981
+CVE-2016-3981 (Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c ...)
 	{DSA-3546-1}
 	- optipng 0.7.6-1
 	NOTE: https://sourceforge.net/p/optipng/bugs/56/
-CVE-2016-3977
+CVE-2016-3977 (Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1. ...)
 	- giflib 5.1.4-3 (bug #820526)
 	[stretch] - giflib <no-dsa> (Minor issue)
 	[jessie] - giflib <no-dsa> (Minor issue)
@@ -20770,9 +20770,9 @@ CVE-2016-3977
 	NOTE: The issue was originally fixed in 5.1.4-0.3 but then the NMU upload
 	NOTE: 5.1.4-0.4 just dropped the patch claiming the patch was already present
 	NOTE: which is untrue and reopening the issue.
-CVE-2016-3969
+CVE-2016-3969 (Cross-site scripting (XSS) vulnerability in McAfee Email Gateway (MEG) ...)
 	NOT-FOR-US: McAfee Email Gateway
-CVE-2016-3968
+CVE-2016-3968 (Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam ...)
 	NOT-FOR-US: Sophos
 CVE-2016-3967
 	RESERVED
@@ -20782,76 +20782,76 @@ CVE-2016-3965
 	RESERVED
 CVE-2016-3964
 	RESERVED
-CVE-2016-3963
+CVE-2016-3963 (Siemens SCALANCE S613 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: Siemens
-CVE-2016-3992
+CVE-2016-3992 (cronic before 3 allows local users to write to arbitrary files via a s ...)
 	- cronic 3-1 (bug #820331)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/4
-CVE-2016-3962
+CVE-2016-3962 (Stack-based buffer overflow in the NTP time-server interface on Meinbe ...)
 	NOT-FOR-US: Meinberg
-CVE-2016-3961
+CVE-2016-3961 (Xen and the Linux kernel through 4.5.x do not properly suppress hugetl ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.2-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-174.html
 	NOTE: Fixed by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=103f6112f253017d7062cd74d17f4a514ed4485c
-CVE-2016-3960
+CVE-2016-3960 (Integer overflow in the x86 shadow pagetable code in Xen allows local  ...)
 	{DSA-3554-1 DLA-571-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	NOTE: http://xenbits.xen.org/xsa/advisory-173.html
-CVE-2016-3957
+CVE-2016-3957 (The secure_load function in gluon/utils.py in web2py before 2.14.2 use ...)
 	- web2py <removed> (bug #891220)
 	[jessie] - web2py <not-affected> (Vulnerable code not present)
 	[wheezy] - web2py <not-affected> (Vulnerable code not present)
-CVE-2016-3956
+CVE-2016-3956 (The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js  ...)
 	- npm 5.8.0+ds-2 (bug #850322)
 	[jessie] - npm <no-dsa> (Minor issue)
 	NOTE: https://github.com/npm/npm/issues/8380
 	NOTE: https://github.com/npm/npm/commit/fea8cc92cee02c720b58f95f14d315507ccad401 (2.15.1)
 	NOTE: https://github.com/npm/npm/commit/f67ecad59e99a03e5aad8e93cd1a086ae087cb29 (3.8.3)
-CVE-2016-3954
+CVE-2016-3954 (web2py before 2.14.2 allows remote attackers to obtain the session_coo ...)
 	- web2py <removed> (bug #891220)
 	[jessie] - web2py <not-affected> (Vulnerable code not present)
 	[wheezy] - web2py <not-affected> (Vulnerable code not present)
-CVE-2016-3953
+CVE-2016-3953 (The sample web application in web2py before 2.14.2 might allow remote  ...)
 	- web2py <removed> (bug #891220)
 	[jessie] - web2py <not-affected> (Vulnerable code not present)
 	[wheezy] - web2py <not-affected> (Vulnerable code not present)
-CVE-2016-3952
+CVE-2016-3952 (web2py before 2.14.1, when using the standalone version, allows remote ...)
 	- web2py <removed> (bug #891220)
 	[jessie] - web2py <not-affected> (Vulnerable code not present)
 	[wheezy] - web2py <not-affected> (Vulnerable code not present)
-CVE-2016-3951
+CVE-2016-3951 (Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux ke ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1
 	NOTE: https://git.kernel.org/linus/4d06dd537f95683aba3651098ae288b7cbff8274 (v4.5)
 	NOTE: https://git.kernel.org/linus/1666984c8625b3db19a9abc298931d35ab7bc64b (v4.5)
 	NOTE: https://www.spinics.net/lists/netdev/msg367669.html
-CVE-2016-3950
+CVE-2016-3950 (Huawei AR3200 routers with software before V200R006C10SPC300 allow rem ...)
 	NOT-FOR-US: Huawei AR3200 routers
-CVE-2016-3949
+CVE-2016-3949 (Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware befo ...)
 	NOT-FOR-US: Siemens
-CVE-2016-3959
+CVE-2016-3959 (The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x  ...)
 	- golang 2:1.6.1-1 (bug #820369)
 	[jessie] - golang <no-dsa> (Minor issue)
 	[wheezy] - golang <no-dsa> (Minor issue)
 	NOTE: https://golang.org/cl/21533
-CVE-2016-3958
+CVE-2016-3958 (Untrusted search path vulnerability in Go before 1.5.4 and 1.6.x befor ...)
 	- golang <not-affected> (Only affects Go on Windows)
 	NOTE: https://golang.org/cl/21428
-CVE-2016-3946
+CVE-2016-3946 (SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP S ...)
 	NOT-FOR-US: SAP
-CVE-2016-3945
+CVE-2016-3945 (Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile ...)
 	{DSA-3762-1 DLA-795-1 DLA-610-1}
 	- tiff 4.0.7-1
 	- tiff3 <removed> (unimportant)
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2545
-CVE-2016-3993
+CVE-2016-3993 (Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c  ...)
 	{DSA-3555-1}
 	- imlib2 1.4.8-1 (bug #819818)
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/5
-CVE-2016-3948
+CVE-2016-3948 (Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds ...)
 	{DSA-3625-1}
 	- squid3 3.5.16-1 (bug #819784)
 	[wheezy] - squid3 <no-dsa> (Minor issue; needs substantial backporting; too intrusive to backport)
@@ -20859,7 +20859,7 @@ CVE-2016-3948
 	[wheezy] - squid <no-dsa> (Minor issue; needs substantial backporting; too intrusive to backport)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14016.patch
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_4.txt
-CVE-2016-3947
+CVE-2016-3947 (Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.c ...)
 	- squid3 3.5.16-1 (bug #819783)
 	[jessie] - squid3 <no-dsa> (Minor issue)
 	[wheezy] - squid3 <no-dsa> (Minor issue)
@@ -20867,326 +20867,326 @@ CVE-2016-3947
 	[wheezy] - squid <no-dsa> (Minor issue)
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14015.patch
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_3.txt
-CVE-2016-3944
+CVE-2016-3944 (UpdateAgent in Lenovo Accelerator Application allows man-in-the-middle ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-3943
+CVE-2016-3943 (Panda Endpoint Administration Agent before 7.50.00, as used in Panda S ...)
 	NOT-FOR-US: Panda
 CVE-2016-3942
 	RESERVED
-CVE-2016-3940
+CVE-2016-3940 (The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-3939
+CVE-2016-3939 (drivers/video/msm/mdss/mdss_debug.c in the Qualcomm video driver in An ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3938
+CVE-2016-3938 (drivers/video/msm/mdss/mdss_mdp_overlay.c in the Qualcomm video driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3937
+CVE-2016-3937 (The MediaTek video driver in Android before 2016-10-05 allows attacker ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3936
+CVE-2016-3936 (The MediaTek video driver in Android before 2016-10-05 allows attacker ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3935
+CVE-2016-3935 (Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualc ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3934
+CVE-2016-3934 (drivers/media/platform/msm/camera_v2/sensor/io/msm_camera_cci_i2c.c in ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3933
+CVE-2016-3933 (mediaserver in Android before 2016-10-05 on Nexus 9 and Pixel C device ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3932
+CVE-2016-3932 (mediaserver in Android before 2016-10-05 allows attackers to gain priv ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3931
+CVE-2016-3931 (drivers/misc/qseecom.c in the Qualcomm QSEE Communicator driver in And ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3930
+CVE-2016-3930 (The NVIDIA MMC test driver in Android before 2016-10-05 on Nexus 9 dev ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3929
+CVE-2016-3929 (Unspecified vulnerability in a Qualcomm component in Android before 20 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3928
+CVE-2016-3928 (The MediaTek video driver in Android before 2016-10-05 allows attacker ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3927
+CVE-2016-3927 (Unspecified vulnerability in a Qualcomm component in Android before 20 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3926
+CVE-2016-3926 (Unspecified vulnerability in a Qualcomm component in Android before 20 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3925
+CVE-2016-3925 (server/wifi/anqp/ANQPFactory.java in Android 6.x before 2016-10-01 and ...)
 	NOT-FOR-US: Android
-CVE-2016-3924
+CVE-2016-3924 (services/audioflinger/Effects.cpp in mediaserver in Android 4.x before ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3923
+CVE-2016-3923 (The Accessibility services in Android 7.0 before 2016-10-01 mishandle  ...)
 	NOT-FOR-US: Android
-CVE-2016-3922
+CVE-2016-3922 (libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01  ...)
 	NOT-FOR-US: Android Telephony
-CVE-2016-3921
+CVE-2016-3921 (libsysutils/src/FrameworkListener.cpp in Framework Listener in Android ...)
 	- android-platform-system-core <not-affected> (libsysutils not included, bug #858177)
-CVE-2016-3920
+CVE-2016-3920 (id3/ID3.cpp in libstagefright in mediaserver in Android 5.0.x before 5 ...)
 	NOT-FOR-US: libstagefright
 CVE-2016-3919
 	REJECTED
-CVE-2016-3918
+CVE-2016-3918 (email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x bef ...)
 	NOT-FOR-US: Android
-CVE-2016-3917
+CVE-2016-3917 (The fingerprint login feature in Android 6.0.1 before 2016-10-01 and 7 ...)
 	NOT-FOR-US: Android
-CVE-2016-3916
+CVE-2016-3916 (camera/src/camera_metadata.c in the Camera service in Android 4.x befo ...)
 	NOT-FOR-US: Android
-CVE-2016-3915
+CVE-2016-3915 (camera/src/camera_metadata.c in the Camera service in Android 4.x befo ...)
 	NOT-FOR-US: Android
-CVE-2016-3914
+CVE-2016-3914 (Race condition in providers/telephony/MmsProvider.java in Telephony in ...)
 	NOT-FOR-US: Android Telephony
-CVE-2016-3913
+CVE-2016-3913 (media/libmediaplayerservice/MediaPlayerService.cpp in mediaserver in A ...)
 	NOT-FOR-US: Android
-CVE-2016-3912
+CVE-2016-3912 (The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5. ...)
 	NOT-FOR-US: Android
-CVE-2016-3911
+CVE-2016-3911 (core/java/android/os/Process.java in Zygote in Android 4.x before 4.4. ...)
 	NOT-FOR-US: Android
-CVE-2016-3910
+CVE-2016-3910 (services/soundtrigger/SoundTriggerHwService.cpp in mediaserver in Andr ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3909
+CVE-2016-3909 (The SoftMPEG4 component in libstagefright in mediaserver in Android 4. ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3908
+CVE-2016-3908 (The Lock Settings Service in Android 6.x before 2016-10-01 and 7.0 bef ...)
 	NOT-FOR-US: Android
-CVE-2016-3907
+CVE-2016-3907 (An information disclosure vulnerability in Qualcomm components includi ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-3906
+CVE-2016-3906 (An information disclosure vulnerability in Qualcomm components includi ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2016-3905
+CVE-2016-3905 (CORE/HDD/src/wlan_hdd_main.c in the Qualcomm Wi-Fi driver in Android b ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3904
+CVE-2016-3904 (An elevation of privilege vulnerability in the Qualcomm bus driver in  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3903
+CVE-2016-3903 (drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qua ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3902
+CVE-2016-3902 (drivers/platform/msm/ipa/ipa_qmi_service.c in the Qualcomm IPA driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3901
+CVE-2016-3901 (Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualc ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3900
+CVE-2016-3900 (cmds/servicemanager/service_manager.c in ServiceManager in Android 5.0 ...)
 	NOT-FOR-US: Android
-CVE-2016-3899
+CVE-2016-3899 (OMXCodec.cpp in libstagefright in mediaserver in Android 4.x before 4. ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3898
+CVE-2016-3898 (Telephony in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x befor ...)
 	NOT-FOR-US: Android
-CVE-2016-3897
+CVE-2016-3897 (The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java i ...)
 	NOT-FOR-US: Android
-CVE-2016-3896
+CVE-2016-3896 (AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x befor ...)
 	NOT-FOR-US: Android
-CVE-2016-3895
+CVE-2016-3895 (Integer overflow in the Region::unflatten function in libs/ui/Region.c ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3894
+CVE-2016-3894 (The Qualcomm DMA component in Android before 2016-09-05 on Nexus 6 dev ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3893
+CVE-2016-3893 (The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwde ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3892
+CVE-2016-3892 (The Qualcomm SPMI driver in Android before 2016-09-05 on Nexus 5, 5X,  ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-3891
 	RESERVED
-CVE-2016-3890
+CVE-2016-3890 (The Java Debug Wire Protocol (JDWP) implementation in adb/sockets.cpp  ...)
 	- android-platform-system-core 1:6.0.1+r43-1
 	[jessie] - android-platform-system-core <no-dsa> (Minor issue)
-CVE-2016-3889
+CVE-2016-3889 (Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows physica ...)
 	NOT-FOR-US: Android
-CVE-2016-3888
+CVE-2016-3888 (internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0 ...)
 	NOT-FOR-US: Android
-CVE-2016-3887
+CVE-2016-3887 (providers/settings/SettingsProvider.java in Android 7.0 before 2016-09 ...)
 	NOT-FOR-US: Android
-CVE-2016-3886
+CVE-2016-3886 (systemui/statusbar/phone/QuickStatusBarHeader.java in the System UI Tu ...)
 	NOT-FOR-US: Android
-CVE-2016-3885
+CVE-2016-3885 (debuggerd/debuggerd.cpp in Debuggerd in Android 5.0.x before 5.0.2, 5. ...)
 	- android-platform-system-core <not-affected> (debugged not provided, see bug #858177)
-CVE-2016-3884
+CVE-2016-3884 (server/notification/NotificationManagerService.java in the Notificatio ...)
 	NOT-FOR-US: Android
-CVE-2016-3883
+CVE-2016-3883 (internal/telephony/SMSDispatcher.java in Telephony in Android 4.x befo ...)
 	NOT-FOR-US: Android
-CVE-2016-3882
+CVE-2016-3882 (Off-by-one error in server/wifi/anqp/VenueNameElement.java in Wi-Fi in ...)
 	NOT-FOR-US: Android
-CVE-2016-3881
+CVE-2016-3881 (The decoder_peek_si_internal function in vp9/vp9_dx_iface.c in libvpx  ...)
 	- libvpx 1.6.1-1
 	[jessie] - libvpx <ignored> (Minor issue)
 	[wheezy] - libvpx <not-affected> (Vulnerable source not present)
 	NOTE: probably fixed earlier, but this was the version checked
 	NOTE: https://android.googlesource.com/platform/external/libvpx/+/4974dcbd0289a2530df2ee2a25b5f92775df80da
-CVE-2016-3880
+CVE-2016-3880 (Multiple buffer overflows in rtsp/ASessionDescription.cpp in libstagef ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3879
+CVE-2016-3879 (arm-wt-22k/lib_src/eas_mdls.c in mediaserver in Android 4.x before 4.4 ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3878
+CVE-2016-3878 (decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-09-01 m ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3877
+CVE-2016-3877 (Unspecified vulnerability in Android before 2016-09-01 has unknown imp ...)
 	NOT-FOR-US: Android
-CVE-2016-3876
+CVE-2016-3876 (providers/settings/SettingsProvider.java in Android 6.x before 2016-09 ...)
 	NOT-FOR-US: Android
-CVE-2016-3875
+CVE-2016-3875 (server/wm/WindowManagerService.java in Android 6.x before 2016-09-01 d ...)
 	NOT-FOR-US: Android
-CVE-2016-3874
+CVE-2016-3874 (CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android b ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3873
+CVE-2016-3873 (The NVIDIA kernel in Android before 2016-09-05 on Nexus 9 devices allo ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3872
+CVE-2016-3872 (Buffer overflow in codecs/on2/dec/SoftVPX.cpp in libstagefright in med ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3871
+CVE-2016-3871 (Multiple buffer overflows in codecs/mp3dec/SoftMP3.cpp in libstagefrig ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3870
+CVE-2016-3870 (omx/SimpleSoftOMXComponent.cpp in libstagefright in mediaserver in And ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3869
+CVE-2016-3869 (The Broadcom Wi-Fi driver in Android before 2016-09-05 on Nexus 5, Nex ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2016-3868
+CVE-2016-3868 (The Qualcomm power driver in Android before 2016-09-05 on Nexus 5X and ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3867
+CVE-2016-3867 (The Qualcomm IPA driver in Android before 2016-09-05 on Nexus 5X and 6 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3866
+CVE-2016-3866 (The Qualcomm sound driver in Android before 2016-09-05 on Nexus 5X, 6, ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3865
+CVE-2016-3865 (The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2016-3864
+CVE-2016-3864 (The Qualcomm radio interface layer in Android before 2016-09-05 on Nex ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3863
+CVE-2016-3863 (Multiple stack-based buffer overflows in the AVCC reassembly implement ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3862
+CVE-2016-3862 (media/ExifInterface.java in mediaserver in Android 4.x before 4.4.4, 5 ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3861
+CVE-2016-3861 (LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before ...)
 	- android-platform-system-core 1:7.0.0+r1-4  (unimportant; bug #858177)
 	NOTE: Not running as a privileged process in SDK
-CVE-2016-3860
+CVE-2016-3860 (sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3859
+CVE-2016-3859 (The Qualcomm camera driver in Android before 2016-09-05 on Nexus 5, 5X ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3858
+CVE-2016-3858 (Buffer overflow in drivers/soc/qcom/subsystem_restart.c in the Qualcom ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3857
+CVE-2016-3857 (The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allo ...)
 	{DLA-609-1}
 	- linux 4.7.2-1 (unimportant)
 	NOTE: Fixed by: https://git.kernel.org/linus/7de249964f5578e67b99699c5f0b405738d820a2 (v4.8-rc2)
 	NOTE: CONFIG_OABI_COMPAT disabled in 3.13.4-1, cf. #728975
-CVE-2016-3856
+CVE-2016-3856 (netd in Android before 2016-08-05 mishandles tethering and stdio strea ...)
 	NOT-FOR-US: Android
-CVE-2016-3855
+CVE-2016-3855 (drivers/thermal/supply_lm_core.c in the Qualcomm components in Android ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3854
+CVE-2016-3854 (drivers/media/video/msm/msm_mctl_buf.c in the Qualcomm components in A ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3853
+CVE-2016-3853 (Google Play services in Android before 2016-08-05 on Nexus devices all ...)
 	NOT-FOR-US: Android
-CVE-2016-3852
+CVE-2016-3852 (The MediaTek Wi-Fi driver in Android before 2016-08-05 on Android One  ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3851
+CVE-2016-3851 (The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X de ...)
 	NOT-FOR-US: LG bootloader for Android
-CVE-2016-3850
+CVE-2016-3850 (Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in An ...)
 	NOT-FOR-US: Qualcomm bootloader for Android
-CVE-2016-3849
+CVE-2016-3849 (The ION driver in Android before 2016-08-05 on Pixel C devices allows  ...)
 	NOT-FOR-US: ION driver for Android
-CVE-2016-3848
+CVE-2016-3848 (The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 device ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3847
+CVE-2016-3847 (The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 device ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3846
+CVE-2016-3846 (The Serial Peripheral Interface driver in Android before 2016-08-05 on ...)
 	NOT-FOR-US: Android
-CVE-2016-3845
+CVE-2016-3845 (The video driver in the kernel in Android before 2016-08-05 on Nexus 5 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3844
+CVE-2016-3844 (mediaserver in Android before 2016-08-05 on Nexus 9 and Pixel C device ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3843
+CVE-2016-3843 (Android before 2016-08-05 does not properly restrict code execution in ...)
 	NOT-FOR-US: Android
-CVE-2016-3842
+CVE-2016-3842 (The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5X, 6, a ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3841
+CVE-2016-3841 (The IPv6 stack in the Linux kernel before 4.3.3 mishandles options dat ...)
 	- linux 4.3.3-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux 3.2.78-1
 	NOTE: Fixed by: https://git.kernel.org/linus/45f6fad84cc305103b28d73482b344d7f5b76f39 (v4.4-rc4)
-CVE-2016-3840
+CVE-2016-3840 (Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x befor ...)
 	NOT-FOR-US: Android
-CVE-2016-3839
+CVE-2016-3839 (Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x befor ...)
 	NOT-FOR-US: Android
-CVE-2016-3838
+CVE-2016-3838 (Android 6.x before 2016-08-01 allows attackers to cause a denial of se ...)
 	NOT-FOR-US: Android
-CVE-2016-3837
+CVE-2016-3837 (service/jni/com_android_server_wifi_WifiNative.cpp in Wi-Fi in Android ...)
 	NOT-FOR-US: Android
-CVE-2016-3836
+CVE-2016-3836 (The SurfaceFlinger service in Android 5.0.x before 5.0.2, 5.1.x before ...)
 	NOT-FOR-US: Android
-CVE-2016-3835
+CVE-2016-3835 (The secure-session feature in the mm-video-v4l2 venc component in medi ...)
 	NOT-FOR-US: Android
-CVE-2016-3834
+CVE-2016-3834 (The camera APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x ...)
 	NOT-FOR-US: Android
-CVE-2016-3833
+CVE-2016-3833 (The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, ...)
 	NOT-FOR-US: Android
-CVE-2016-3832
+CVE-2016-3832 (The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5. ...)
 	NOT-FOR-US: Android
-CVE-2016-3831
+CVE-2016-3831 (The telephony component in Android 4.x before 4.4.4, 5.0.x before 5.0. ...)
 	NOT-FOR-US: Android
-CVE-2016-3830
+CVE-2016-3830 (codecs/aacdec/SoftAAC2.cpp in libstagefright in mediaserver in Android ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3829
+CVE-2016-3829 (The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 doe ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3828
+CVE-2016-3828 (decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-08-01 m ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3827
+CVE-2016-3827 (codecs/hevcdec/SoftHEVC.cpp in libstagefright in mediaserver in Androi ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3826
+CVE-2016-3826 (services/audioflinger/Effects.cpp in mediaserver in Android 4.x before ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3825
+CVE-2016-3825 (mm-video-v4l2/vidc/venc/src/omx_video_base.cpp in mediaserver in Andro ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3824
+CVE-2016-3824 (omx/OMXNodeInstance.cpp in libstagefright in mediaserver in Android 4. ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3823
+CVE-2016-3823 (The secure-session feature in the mm-video-v4l2 venc component in medi ...)
 	NOT-FOR-US: Android
-CVE-2016-3822
+CVE-2016-3822 (exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4 ...)
 	{DSA-3825-1 DLA-864-1}
 	- jhead 1:3.00-4 (bug #858213)
-CVE-2016-3821
+CVE-2016-3821 (libmedia in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0. ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3820
+CVE-2016-3820 (The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 mis ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3819
+CVE-2016-3819 (Integer overflow in codecs/on2/h264dec/source/h264bsd_dpb.c in libstag ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3818
+CVE-2016-3818 (libc in Android 4.x before 4.4.4 allows remote attackers to cause a de ...)
 	NOT-FOR-US: Android libc
 CVE-2016-3817
 	REJECTED
-CVE-2016-3816
+CVE-2016-3816 (The MediaTek display driver in Android before 2016-07-05 on Android On ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3815
+CVE-2016-3815 (The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devic ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3814
+CVE-2016-3814 (The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devic ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3813
+CVE-2016-3813 (The Qualcomm USB driver in Android before 2016-07-05 on Nexus 5, 5X, 6 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3812
+CVE-2016-3812 (The MediaTek video codec driver in Android before 2016-07-05 on Androi ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3811
+CVE-2016-3811 (The kernel video driver in Android before 2016-07-05 on Nexus 9 device ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3810
+CVE-2016-3810 (The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One  ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3809
+CVE-2016-3809 (The networking component in Android before 2016-07-05 on Android One,  ...)
 	NOT-FOR-US: Android
-CVE-2016-3808
+CVE-2016-3808 (The serial peripheral interface driver in Android before 2016-07-05 on ...)
 	NOT-FOR-US: Android
-CVE-2016-3807
+CVE-2016-3807 (The serial peripheral interface driver in Android before 2016-07-05 on ...)
 	NOT-FOR-US: Android
-CVE-2016-3806
+CVE-2016-3806 (The MediaTek display driver in Android before 2016-07-05 on Android On ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3805
+CVE-2016-3805 (The MediaTek power management driver in Android before 2016-07-05 on A ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3804
+CVE-2016-3804 (The MediaTek power management driver in Android before 2016-07-05 on A ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3803
+CVE-2016-3803 (The kernel filesystem implementation in Android before 2016-07-05 on N ...)
 	NOT-FOR-US: Android kernel
 	NOTE: https://source.android.com/security/bulletin/2016-07-01.html
 	NOTE: No source patch available, so may relate to Apache-licensed sdcardfs.
-CVE-2016-3802
+CVE-2016-3802 (The kernel filesystem implementation in Android before 2016-07-05 on N ...)
 	NOT-FOR-US: Android kernel
 	NOTE: https://source.android.com/security/bulletin/2016-07-01.html
 	NOTE: No source patch available, so may relate to Apache-licensed sdcardfs.
-CVE-2016-3801
+CVE-2016-3801 (The MediaTek GPS driver in Android before 2016-07-05 on Android One de ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3800
+CVE-2016-3800 (The MediaTek video driver in Android before 2016-07-05 on Android One  ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3799
+CVE-2016-3799 (The MediaTek video driver in Android before 2016-07-05 on Android One  ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3798
+CVE-2016-3798 (The MediaTek hardware sensor driver in Android before 2016-07-05 on An ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3797
+CVE-2016-3797 (The Qualcomm Wi-Fi driver in Android before 2016-07-05 on Nexus 5X dev ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-3796
+CVE-2016-3796 (The MediaTek power driver in Android before 2016-07-05 on Android One  ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-3795
+CVE-2016-3795 (The MediaTek power driver in Android before 2016-07-05 on Android One  ...)
 	NOT-FOR-US: MediaTek driver for Android
 CVE-2016-3794
 	REJECTED
-CVE-2016-3793
+CVE-2016-3793 (The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devic ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-3792
+CVE-2016-3792 (CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Androi ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-3791
 	REJECTED
@@ -21220,158 +21220,158 @@ CVE-2016-3777
 	REJECTED
 CVE-2016-3776
 	REJECTED
-CVE-2016-3775
+CVE-2016-3775 (The kernel filesystem implementation in Android before 2016-07-05 on N ...)
 	NOT-FOR-US: Android kernel
 	NOTE: https://source.android.com/security/bulletin/2016-07-01.html
 	NOTE: No source patch available, so may relate to Apache-licensed sdcardfs.
-CVE-2016-3774
+CVE-2016-3774 (The MediaTek drivers in Android before 2016-07-05 on Android One devic ...)
 	NOT-FOR-US: MediaTek drivers for Android
-CVE-2016-3773
+CVE-2016-3773 (The MediaTek drivers in Android before 2016-07-05 on Android One devic ...)
 	NOT-FOR-US: MediaTek drivers for Android
-CVE-2016-3772
+CVE-2016-3772 (The MediaTek drivers in Android before 2016-07-05 on Android One devic ...)
 	NOT-FOR-US: MediaTek drivers for Android
-CVE-2016-3771
+CVE-2016-3771 (The MediaTek drivers in Android before 2016-07-05 on Android One devic ...)
 	NOT-FOR-US: MediaTek drivers for Android
-CVE-2016-3770
+CVE-2016-3770 (The MediaTek drivers in Android before 2016-07-05 on Android One devic ...)
 	NOT-FOR-US: MediaTek drivers for Android
-CVE-2016-3769
+CVE-2016-3769 (The NVIDIA video driver in Android before 2016-07-05 on Nexus 9 device ...)
 	NOT-FOR-US: NVIDIA drivers for Android
-CVE-2016-3768
+CVE-2016-3768 (The Qualcomm performance component in Android before 2016-07-05 on Nex ...)
 	NOT-FOR-US: Qualcomm drivers for Android
-CVE-2016-3767
+CVE-2016-3767 (The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One  ...)
 	NOT-FOR-US: MediaTek drivers for Android
-CVE-2016-3766
+CVE-2016-3766 (MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x bef ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-3765
+CVE-2016-3765 (decoder/impeg2d_bitstream.c in mediaserver in Android 6.x before 2016- ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3764
+CVE-2016-3764 (media/libmediaplayerservice/MetadataRetrieverClient.cpp in mediaserver ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3763
+CVE-2016-3763 (net/PacProxySelector.java in the Proxy Auto-Config (PAC) feature in An ...)
 	NOT-FOR-US: Android
-CVE-2016-3762
+CVE-2016-3762 (The sockets subsystem in Android 5.0.x before 5.0.2, 5.1.x before 5.1. ...)
 	NOT-FOR-US: Android SELinux policy
-CVE-2016-3761
+CVE-2016-3761 (NfcService.java in NFC in Android 4.x before 4.4.4, 5.0.x before 5.0.2 ...)
 	NOT-FOR-US: Android
-CVE-2016-3760
+CVE-2016-3760 (Bluetooth in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x b ...)
 	NOT-FOR-US: Android
-CVE-2016-3759
+CVE-2016-3759 (The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1,  ...)
 	NOT-FOR-US: Android
-CVE-2016-3758
+CVE-2016-3758 (Multiple buffer overflows in libdex/OptInvocation.cpp in DexClassLoade ...)
 	- android-platform-dalvik 6.0.1+r55-1
-CVE-2016-3757
+CVE-2016-3757 (The print_maps function in toolbox/lsof.c in Android 4.x before 4.4.4, ...)
 	NOT-FOR-US: toolbox
-CVE-2016-3756
+CVE-2016-3756 (Tremolo/res012.c in mediaserver in Android 4.x before 4.4.4, 5.0.x bef ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3755
+CVE-2016-3755 (decoder/ih264d_parse_pslice.c in mediaserver in Android 6.x before 201 ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3754
+CVE-2016-3754 (mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x bef ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3753
+CVE-2016-3753 (mediaserver in Android 4.x before 4.4.4 allows remote attackers to obt ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3752
+CVE-2016-3752 (internal/app/ChooserActivity.java in the ChooserTarget service in Andr ...)
 	NOT-FOR-US: Android
-CVE-2016-3751
+CVE-2016-3751 (Unspecified vulnerability in libpng before 1.6.20, as used in Android  ...)
 	NOT-FOR-US: Specific CVE assignment for libpng "fork" used on Android
-CVE-2016-3750
+CVE-2016-3750 (libs/binder/Parcel.cpp in the Parcels Framework APIs in Android 4.x be ...)
 	NOT-FOR-US: Android
-CVE-2016-3749
+CVE-2016-3749 (server/LockSettingsService.java in LockSettingsService in Android 6.x  ...)
 	NOT-FOR-US: Android
-CVE-2016-3748
+CVE-2016-3748 (The sockets subsystem in Android 6.x before 2016-07-01 allows attacker ...)
 	NOT-FOR-US: Android SELinux policy
-CVE-2016-3747
+CVE-2016-3747 (Use-after-free vulnerability in the mm-video-v4l2 venc component in me ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3746
+CVE-2016-3746 (Use-after-free vulnerability in the mm-video-v4l2 vdec component in me ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3745
+CVE-2016-3745 (Multiple buffer overflows in mediaserver in Android 4.x before 4.4.4,  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3744
+CVE-2016-3744 (Buffer overflow in the create_pbuf function in btif/src/btif_hh.c in B ...)
 	NOT-FOR-US: Android
-CVE-2016-3743
+CVE-2016-3743 (decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-07-01 d ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3742
+CVE-2016-3742 (decoder/ih264d_process_intra_mb.c in mediaserver in Android 6.x before ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3741
+CVE-2016-3741 (The H.264 decoder in mediaserver in Android 6.x before 2016-07-01 does ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-3740
+CVE-2016-3740 (Heap-based buffer overflow in the CreateFXPDFConvertor function in Con ...)
 	NOT-FOR-US: Foxit
-CVE-2016-3739
+CVE-2016-3739 (The (1) mbed_connect_step1 function in lib/vtls/mbedtls.c and (2) pola ...)
 	- curl 7.50.1-1 (unimportant)
 	NOTE: only relevant when built with mbedTLS/PolarSSL
 	NOTE: Source-wise fixed in 7.49.0
-CVE-2016-3738
+CVE-2016-3738 (Red Hat OpenShift Enterprise 3.2 does not properly restrict access to  ...)
 	NOT-FOR-US: OpenShift Enterprise
-CVE-2016-3737
+CVE-2016-3737 (The server in Red Hat JBoss Operations Network (JON) before 3.3.6 allo ...)
 	NOT-FOR-US: Red Hat / JBoss Operations Network server
 CVE-2016-3736
 	RESERVED
 CVE-2016-3735
 	RESERVED
-CVE-2016-3734
+CVE-2016-3734 (Cross-site request forgery (CSRF) vulnerability in markposts.php in Mo ...)
 	- moodle 2.7.14+dfsg-1
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53755
-CVE-2016-3733
+CVE-2016-3733 (The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through ...)
 	- moodle 2.7.14+dfsg-1
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51369
-CVE-2016-3732
+CVE-2016-3732 (The capability check to access other badges in Moodle 3.0 through 3.0. ...)
 	- moodle <not-affected> (Does only affect 2.8 and newer)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53589
-CVE-2016-3731
+CVE-2016-3731 (Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, and 2.8 through 2.8.11 al ...)
 	- moodle <not-affected> (Does only affect 2.8 and newer)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53696
 CVE-2016-3730
 	RESERVED
-CVE-2016-3729
+CVE-2016-3729 (The user editing form in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5,  ...)
 	- moodle 2.7.14+dfsg-1
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53954
-CVE-2016-3728
+CVE-2016-3728 (Eval injection vulnerability in tftp_api.rb in the TFTP module in the  ...)
 	- foreman <itp> (bug #663101)
-CVE-2016-3727
+CVE-2016-3727 (The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS be ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3726
+CVE-2016-3726 (Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS b ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3725
+CVE-2016-3725 (Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated  ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3724
+CVE-2016-3724 (Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated u ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3723
+CVE-2016-3723 (Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated u ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3722
+CVE-2016-3722 (Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated u ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3721
+CVE-2016-3721 (Jenkins before 2.3 and LTS before 1.651.2 might allow remote authentic ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
-CVE-2016-3720
+CVE-2016-3720 (XML external entity (XXE) vulnerability in XmlMapper in the Data forma ...)
 	- jackson-dataformat-xml 2.7.4-1 (bug #823703)
 	NOTE: https://github.com/FasterXML/jackson-dataformat-xml/commit/f0f19a4c924d9db9a1e2830434061c8640092cc0 (2.7.4)
 CVE-2016-3719
 	REJECTED
-CVE-2016-3718
+CVE-2016-3718 (The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x ...)
 	{DSA-3580-1 DLA-1401-1 DLA-486-1 DLA-484-1}
 	- imagemagick 8:6.9.6.2+dfsg-2
 	- graphicsmagick 1.3.24-1
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
-CVE-2016-3717
+CVE-2016-3717 (The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1  ...)
 	{DSA-3580-1 DLA-1401-1 DLA-486-1 DLA-484-1}
 	- imagemagick 8:6.9.6.2+dfsg-2
 	- graphicsmagick 1.3.24-1
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
-CVE-2016-3716
+CVE-2016-3716 (The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 al ...)
 	{DSA-3580-1 DLA-1401-1 DLA-486-1 DLA-484-1}
 	- imagemagick 8:6.9.6.2+dfsg-2
 	- graphicsmagick 1.3.24-1
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
-CVE-2016-3715
+CVE-2016-3715 (The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0. ...)
 	{DSA-3746-1 DSA-3580-1 DLA-486-1 DLA-484-1}
 	- imagemagick 8:6.9.6.2+dfsg-2
 	- graphicsmagick 1.3.24-1
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
-CVE-2016-3714
+CVE-2016-3714 (The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7 ...)
 	{DSA-3746-1 DSA-3580-1 DLA-486-1 DLA-484-1}
 	- imagemagick 8:6.9.6.2+dfsg-2
 	NOTE: Workaround: https://bugzilla.redhat.com/show_bug.cgi?id=1332492#c3
@@ -21383,13 +21383,13 @@ CVE-2016-3714
 	- graphicsmagick 1.3.24-1
 	NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/
 	NOTE: https://sourceforge.net/p/graphicsmagick/code/ci/45998a25992d1142df201d8cf024b6c948b40748/
-CVE-2016-3713
+CVE-2016-3713 (The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel ...)
 	- linux 4.5.4-1
 	[jessie] - linux <not-affected> (Introduced in v4.2-rc1)
 	[wheezy] - linux <not-affected> (Introduced in v4.2-rc1)
 	NOTE: Introduced by: https://git.kernel.org/linus/910a6aae4e2e45855efc4a268e43eed2d8445575 (v4.2-rc1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1332139
-CVE-2016-3712
+CVE-2016-3712 (Integer overflow in the VGA module in QEMU allows local guest OS users ...)
 	{DSA-3573-1 DLA-571-1 DLA-540-1 DLA-539-1}
 	- qemu 1:2.6+dfsg-1 (bug #823830)
 	- qemu-kvm <removed>
@@ -21398,9 +21398,9 @@ CVE-2016-3712
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-179.html
 	NOTE: mitigation: run HVM in stubdomains, PV, default video card not vulnerable, i386-only
-CVE-2016-3711
+CVE-2016-3711 (HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow ...)
 	NOT-FOR-US: OpenShift
-CVE-2016-3710
+CVE-2016-3710 (The VGA module in QEMU improperly performs bounds checking on banked a ...)
 	{DSA-3573-1 DLA-571-1 DLA-540-1 DLA-539-1}
 	- qemu 1:2.6+dfsg-1 (bug #823830)
 	- qemu-kvm <removed>
@@ -21411,84 +21411,84 @@ CVE-2016-3710
 	NOTE: mitigation: run HVM in stubdomains, PV, default video card not vulnerable, i386-only
 CVE-2016-3709
 	RESERVED
-CVE-2016-3708
+CVE-2016-3708 (Red Hat OpenShift Enterprise 3.2, when multi-tenant SDN is enabled and ...)
 	NOT-FOR-US: OpenShiftEnterprise / Red Hat
-CVE-2016-3707
+CVE-2016-3707 (The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org pro ...)
 	- linux 3.15~rc5-1~exp1 (unimportant)
 	NOTE: This is not really fixed in 3.15, but depends on the rt feature set patches applied
 	NOTE: more details in kernel-sec repository.
 	NOTE: https://lwn.net/Articles/448790/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1327484
-CVE-2016-3706
+CVE-2016-3706 (Stack-based buffer overflow in the getaddrinfo function in sysdeps/pos ...)
 	{DLA-494-1}
 	- glibc 2.22-8
 	[jessie] - glibc 2.19-18+deb8u5
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20010
-CVE-2016-3705
+CVE-2016-3705 (The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1 (bug #823414)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=8f30bdff69edac9075f4663ce3b56b0c52d48ce6 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=765207
-CVE-2016-3704
+CVE-2016-3704 (Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate pas ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3703
+CVE-2016-3703 (Red Hat OpenShift Enterprise 3.2 and 3.1 do not properly validate the  ...)
 	NOT-FOR-US: OpenShift
-CVE-2016-3702
+CVE-2016-3702 (Padding oracle flaw in CloudForms Management Engine (aka CFME) 5 allow ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
 CVE-2016-3701
 	RESERVED
 CVE-2016-3700
 	RESERVED
-CVE-2016-3699
+CVE-2016-3699 (The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat  ...)
 	- linux <not-affected> (Fixed before we first included the securelevel patchset)
 	NOTE: https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76
 	NOTE: securelevel patchset added in 4.5.1-1
-CVE-2016-3698
+CVE-2016-3698 (libndp before 1.6, as used in NetworkManager, does not properly valida ...)
 	{DSA-3581-1}
 	- libndp 1.6-1 (bug #824545)
 	NOTE: https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f
 	NOTE: https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839
-CVE-2016-3697
+CVE-2016-3697 (libcontainer/user/user.go in runC before 0.1.0, as used in Docker befo ...)
 	- docker.io <not-affected> (Vulnerable code not present)
 	NOTE: Affected file not present, but docker.io probably needs to be rebuild with fixed runc
 	- runc 0.1.0+dfsg-1
 	NOTE: https://github.com/opencontainers/runc/commit/69af385de62ea68e2e608335cffbb0f4aa3db091 (runc, v0.1.0)
 	NOTE: https://github.com/docker/docker/commit/da38ac6c79fe902ed0687afc73d731c95c6d491a (docker)
-CVE-2016-3696
+CVE-2016-3696 (The pulp-qpid-ssl-cfg script in Pulp before 2.8.5 allows local users t ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3695
+CVE-2016-3695 (The einj_error_inject function in drivers/acpi/apei/einj.c in the Linu ...)
 	- linux 4.5.1-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2016-3694
+CVE-2016-3694 (Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftw ...)
 	NOT-FOR-US: eCommerce Shopsoftware
-CVE-2016-3693
+CVE-2016-3693 (The Safemode gem before 1.2.4 for Ruby, when initialized with a delega ...)
 	- foreman <itp> (bug #663101)
 CVE-2016-3692
 	RESERVED
-CVE-2016-3691
+CVE-2016-3691 (Routes in Kallithea before 0.3.2 allows remote attackers to bypass the ...)
 	- kallithea <itp> (bug #689573)
-CVE-2016-3690
+CVE-2016-3690 (The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote attack ...)
 	NOT-FOR-US: PooledInvokerServlet
-CVE-2016-3941
+CVE-2016-3941 (Buffer overflow in the AStreamPeekStream function in input/stream.c in ...)
 	- vlc 2.2.0-1
 	[wheezy] - vlc <end-of-life> (Unsupported in -lts)
 	NOTE: https://bugs.launchpad.net/bugs/1533633
 	NOTE: It is unclear when this was fixed exactly, marking the version in jessie as fixed for now
-CVE-2016-3688
+CVE-2016-3688 (SQL injection vulnerability in dotCMS before 3.5 allows remote adminis ...)
 	NOT-FOR-US: dotCMS
-CVE-2016-3687
+CVE-2016-3687 (Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, a ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-3686
+CVE-2016-3686 (The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x before 11.6.0 H ...)
 	NOT-FOR-US: F5 BIG-IP APM
-CVE-2016-3685
+CVE-2016-3685 (SAP Download Manager 2.1.142 and earlier generates an encryption key f ...)
 	NOT-FOR-US: SAP Download Manager
-CVE-2016-3684
+CVE-2016-3684 (SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption k ...)
 	NOT-FOR-US: SAP Download Manager
 CVE-2016-3683
 	RESERVED
-CVE-2016-3689
+CVE-2016-3689 (The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in ...)
 	- linux 4.5.1-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -21497,35 +21497,35 @@ CVE-2016-3689
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1320060
 CVE-2016-3682
 	REJECTED
-CVE-2016-3681
+CVE-2016-3681 (Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT ...)
 	NOT-FOR-US: Huawei
-CVE-2016-3680
+CVE-2016-3680 (Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT ...)
 	NOT-FOR-US: Huawei
-CVE-2016-3679
+CVE-2016-3679 (Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, a ...)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-3678
+CVE-2016-3678 (Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with sof ...)
 	NOT-FOR-US: Huawei
-CVE-2016-3677
+CVE-2016-3677 (The Huawei Wear App application before 15.0.0.307 for Android does not ...)
 	NOT-FOR-US: Huawei
-CVE-2016-3676
+CVE-2016-3676 (Huawei E3276s USB modems with software before E3276s-150TCPU-V200R002B ...)
 	NOT-FOR-US: Huawei
-CVE-2016-3675
+CVE-2016-3675 (SQL injection vulnerability in Huawei Policy Center with software befo ...)
 	NOT-FOR-US: Huawei
 CVE-2016-3673
 	REJECTED
-CVE-2016-3672
+CVE-2016-3672 (The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux  ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1
 	NOTE: http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html
 	NOTE: Upstream fix: https://git.kernel.org/linus/8b8addf891de8a00e4d39fc32f93f7c5eb8feceb (v4.6-rc1)
-CVE-2016-3674
+CVE-2016-3674 (Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDri ...)
 	{DSA-3575-1 DLA-504-1}
 	- libxstream-java 1.4.9-1 (bug #819455)
 	NOTE: http://x-stream.github.io/changes.html#1.4.9
 CVE-2016-3671
 	RESERVED
-CVE-2016-3670
+CVE-2016-3670 (Cross-site scripting (XSS) vulnerability in users.jsp in the Profile S ...)
 	NOT-FOR-US: Liferay
 CVE-2016-3669
 	RESERVED
@@ -21537,7 +21537,7 @@ CVE-2016-3666
 	RESERVED
 CVE-2016-3665
 	RESERVED
-CVE-2016-3664
+CVE-2016-3664 (Trend Micro Mobile Security for iOS before 3.2.1188 does not verify th ...)
 	NOT-FOR-US: Trend Micro
 CVE-2016-3663
 	RESERVED
@@ -21547,66 +21547,66 @@ CVE-2016-3661
 	RESERVED
 CVE-2016-3660
 	RESERVED
-CVE-2016-3659
+CVE-2016-3659 (SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows  ...)
 	{DLA-560-1}
 	- cacti 0.8.8h+ds1-1 (bug #820521)
 	[jessie] - cacti 0.8.8b+dfsg-8+deb8u5
 	NOTE: http://bugs.cacti.net/view.php?id=2673
 	NOTE: Requires authenticated user
-CVE-2016-3658
+CVE-2016-3658 (The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in  ...)
 	{DSA-3844-1 DLA-969-1}
 	- tiff 4.0.6-3 (low)
 	- tiff3 <removed> (low)
 	[wheezy] - tiff3 <not-affected> (Does not ship libtiff tools)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2546
 	NOTE: Duplicate of http://bugzilla.maptools.org/show_bug.cgi?id=2500
-CVE-2016-3657
+CVE-2016-3657 (Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN- ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2016-3656
+CVE-2016-3656 (The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6 ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2016-3655
+CVE-2016-3655 (The management web interface in Palo Alto Networks PAN-OS before 5.0.1 ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2016-3654
+CVE-2016-3654 (The device management command line interface (CLI) in Palo Alto Networ ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2016-3653
+CVE-2016-3653 (Multiple cross-site request forgery (CSRF) vulnerabilities in manageme ...)
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3652
+CVE-2016-3652 (Multiple cross-site scripting (XSS) vulnerabilities in management scri ...)
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3651
+CVE-2016-3651 (Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows ...)
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3650
+CVE-2016-3650 (Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows ...)
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3649
+CVE-2016-3649 (Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows ...)
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3648
+CVE-2016-3648 (Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows ...)
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3647
+CVE-2016-3647 (Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows ...)
 	NOT-FOR-US: Symantec Endpoint Protection Manager
-CVE-2016-3646
+CVE-2016-3646 (The AntiVirus Decomposer engine in Symantec Advanced Threat Protection ...)
 	NOT-FOR-US: Symantec
-CVE-2016-3645
+CVE-2016-3645 (Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engi ...)
 	NOT-FOR-US: Symantec
-CVE-2016-3644
+CVE-2016-3644 (The AntiVirus Decomposer engine in Symantec Advanced Threat Protection ...)
 	NOT-FOR-US: Symantec
-CVE-2016-3643
+CVE-2016-3643 (SolarWinds Virtualization Manager 6.3.1 and earlier allow local users  ...)
 	NOT-FOR-US: SolarWinds Virtualization Manager
-CVE-2016-3642
+CVE-2016-3642 (The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier ...)
 	NOT-FOR-US: SolarWinds Virtualization Manager
 CVE-2016-3641
 	RESERVED
-CVE-2016-3640
+CVE-2016-3640 (The Extended Application Services (aka XS or XS Engine) in SAP HANA DB ...)
 	NOT-FOR-US: SAP HANA
-CVE-2016-3639
+CVE-2016-3639 (SAP HANA DB 1.00.091.00.1418659308 allows remote attackers to obtain s ...)
 	NOT-FOR-US: SAP HANA
-CVE-2016-3638
+CVE-2016-3638 (SAP SLD Registration Program (aka SLDREG) allows local users to cause  ...)
 	NOT-FOR-US: SAP SLD
 CVE-2016-3637
 	RESERVED
 CVE-2016-3636
 	RESERVED
-CVE-2016-3635
+CVE-2016-3635 (SAP Netweaver 7.4 allows remote authenticated users to bypass an inten ...)
 	NOT-FOR-US: SAP Netweaver
-CVE-2016-3634
+CVE-2016-3634 (The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibT ...)
 	{DLA-693-1}
 	- tiff 4.0.6-3
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21617,7 +21617,7 @@ CVE-2016-3634
 	NOTE: Upstream will remove thumbnail from 4.0.7 release
 	NOTE: No patch available. Issue marked as wontfix by upstream.
 	NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3633
+CVE-2016-3633 (The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier ...)
 	{DLA-693-1}
 	- tiff 4.0.6-3 (bug #842046)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21628,7 +21628,7 @@ CVE-2016-3633
 	NOTE: Upstream will remove thumbnail from 4.0.7 release
 	NOTE: No patch available. Issue marked as wontfix by upstream.
 	NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3632
+CVE-2016-3632 (The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earl ...)
 	{DLA-693-1}
 	- tiff 4.0.6-3
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21639,7 +21639,7 @@ CVE-2016-3632
 	NOTE: Upstream will remove thumbnail from 4.0.7 release
 	NOTE: No patch available. Issue marked as wontfix by upstream.
 	NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3631
+CVE-2016-3631 (The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in Li ...)
 	{DLA-693-1}
 	- tiff 4.0.6-3 (bug #820366)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21648,7 +21648,7 @@ CVE-2016-3631
 	NOTE: src:tiff3: built binary packages do not contain the TIFF tools
 	NOTE: No patch available. Issue marked as wontfix by upstream.
 	NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3630
+CVE-2016-3630 (The binary delta decoder in Mercurial before 3.7.3 allows remote attac ...)
 	{DSA-3542-1}
 	- mercurial 3.7.3-1 (bug #819504)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29
@@ -21656,11 +21656,11 @@ CVE-2016-3630
 	NOTE: https://selenic.com/repo/hg-stable/rev/b9714d958e89 (2/2)
 CVE-2016-3629
 	REJECTED
-CVE-2016-3628
+CVE-2016-3628 (Buffer overflow in tibemsd in the server in TIBCO Enterprise Message S ...)
 	NOT-FOR-US: TIBCO
 CVE-2016-3626
 	RESERVED
-CVE-2016-3625
+CVE-2016-3625 (tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows rem ...)
 	- tiff 4.0.3-1
 	[wheezy] - tiff <not-affected> (Can't reproduce)
 	- tiff3 <removed>
@@ -21669,25 +21669,25 @@ CVE-2016-3625
 	NOTE: Not reproducible with jessie and above, marking the version in jessie as fixed
 	NOTE: CVE probably should/needs to be rejected, since upstream is as well unable to
 	NOTE: reproduce the issue. Might have been a problem on reporter from id=2566
-CVE-2016-3624
+CVE-2016-3624 (The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earli ...)
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.6-3
 	- tiff3 <not-affected> (tiff tools not built)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2568
 	NOTE: Upstream marked this duplicate of bug 2569
-CVE-2016-3623
+CVE-2016-3623 (The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attacker ...)
 	{DSA-3762-1 DLA-795-1 DLA-610-1}
 	- tiff 4.0.6-3 (unimportant)
 	- tiff3 <removed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2569
 	NOTE: No security impact, just triggers a crash in a CLI tool
-CVE-2016-3622
+CVE-2016-3622 (The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4 ...)
 	{DSA-3762-1 DLA-795-1}
 	- tiff 4.0.7-1 (low; bug #820365)
 	- tiff3 <not-affected> (tiff tools not built)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/4
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/92d966a5fcfbdca67957c8c5c47b467aa650b286
-CVE-2016-3621
+CVE-2016-3621 (The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4. ...)
 	{DLA-693-1}
 	- tiff 4.0.6-3 (low; bug #820364)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21696,7 +21696,7 @@ CVE-2016-3621
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/3
 	NOTE: Utility bmp2tiff has been removed from upstream LibTIFF
 	NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3620
+CVE-2016-3620 (The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4. ...)
 	{DLA-693-1}
 	- tiff 4.0.6-3 (low; bug #820363)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21705,7 +21705,7 @@ CVE-2016-3620
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/07/2
 	NOTE: Utility bmp2tiff has been removed from upstream LibTIFF
 	NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3619
+CVE-2016-3619 (The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in  ...)
 	{DLA-693-1}
 	- tiff 4.0.6-3 (low; bug #820362)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -21718,7 +21718,7 @@ CVE-2016-3618
 	RESERVED
 CVE-2016-3617
 	RESERVED
-CVE-2016-3616
+CVE-2016-3616 (The cjpeg utility in libjpeg allows remote attackers to cause a denial ...)
 	{DLA-1638-1}
 	- libjpeg-turbo 1:1.4.2-1
 	NOTE: libjpeg-turbo: Fixed by: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91 (1.4.2)
@@ -21730,42 +21730,42 @@ CVE-2016-3616
 	- libjpeg9 1:9b-2 (bug #819969)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1319661
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1318509
-CVE-2016-3627
+CVE-2016-3627 (The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earli ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1 (bug #819006)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=bdd66182ef53fe1f7209ab6535fda56366bd7ac9 (v2.9.4)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/21/3
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=762100
-CVE-2016-3615
+CVE-2016-3615 (Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 a ...)
 	{DSA-3632-1 DSA-3624-1 DLA-567-1}
 	- mariadb-10.0 10.0.26-1
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3614
+CVE-2016-3614 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.1 ...)
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3613
+CVE-2016-3613 (Unspecified vulnerability in the Oracle Secure Global Desktop componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3612
+CVE-2016-3612 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox 5.0.22-dfsg-1
 	[jessie] - virtualbox <not-affected> (Only affects 5.x)
 	[wheezy] - virtualbox <not-affected> (Only affects 5.x)
-CVE-2016-3611
+CVE-2016-3611 (Unspecified vulnerability in the Oracle Retail Order Broker component  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3610
+CVE-2016-3610 (Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded  ...)
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
 	- openjdk-7 <removed>
-CVE-2016-3609
+CVE-2016-3609 (Unspecified vulnerability in the OJVM component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database
-CVE-2016-3608
+CVE-2016-3608 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2016-3607
+CVE-2016-3607 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2016-3606
+CVE-2016-3606 (Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE ...)
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
@@ -21784,256 +21784,256 @@ CVE-2016-3600
 	REJECTED
 CVE-2016-3599
 	REJECTED
-CVE-2016-3598
+CVE-2016-3598 (Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded  ...)
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
 	- openjdk-7 <removed>
-CVE-2016-3597
+CVE-2016-3597 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox 5.1.4-dfsg-1
 	[jessie] - virtualbox <not-affected> (Only affects 5.x)
 	[wheezy] - virtualbox <not-affected> (Only affects 5.x)
-CVE-2016-3596
+CVE-2016-3596 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3595
+CVE-2016-3595 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3594
+CVE-2016-3594 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3593
+CVE-2016-3593 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3592
+CVE-2016-3592 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3591
+CVE-2016-3591 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3590
+CVE-2016-3590 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3589
+CVE-2016-3589 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3588
+CVE-2016-3588 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows re ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3587
+CVE-2016-3587 (Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded  ...)
 	- openjdk-8 8u102-b14-1
-CVE-2016-3586
+CVE-2016-3586 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3585
+CVE-2016-3585 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3584
+CVE-2016-3584 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local user ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3583
+CVE-2016-3583 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3582
+CVE-2016-3582 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3581
+CVE-2016-3581 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3580
+CVE-2016-3580 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3579
+CVE-2016-3579 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3578
+CVE-2016-3578 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3577
+CVE-2016-3577 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3576
+CVE-2016-3576 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3575
+CVE-2016-3575 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3574
+CVE-2016-3574 (Unspecified vulnerability in the Outside In Technology component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3573
+CVE-2016-3573 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3572
+CVE-2016-3572 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3571
+CVE-2016-3571 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3570
+CVE-2016-3570 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle
 	NOT-FOR-US: Oracle
-CVE-2016-3569
+CVE-2016-3569 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3568
+CVE-2016-3568 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3567
+CVE-2016-3567 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3566
+CVE-2016-3566 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portf ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3565
+CVE-2016-3565 (Unspecified vulnerability in the Oracle Retail Order Broker component  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3564
+CVE-2016-3564 (Unspecified vulnerability in the Oracle TopLink component in Oracle Fu ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3563
+CVE-2016-3563 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3562
+CVE-2016-3562 (Unspecified vulnerability in the RDBMS Security and SQL*Plus component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3561
+CVE-2016-3561 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3560
+CVE-2016-3560 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3559
+CVE-2016-3559 (Unspecified vulnerability in the Oracle Email Center component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3558
+CVE-2016-3558 (Unspecified vulnerability in the Oracle Email Center component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3557
+CVE-2016-3557 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3556
+CVE-2016-3556 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3555
+CVE-2016-3555 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3554
+CVE-2016-3554 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3553
+CVE-2016-3553 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3552
+CVE-2016-3552 (Unspecified vulnerability in Oracle Java SE 8u92 allows local users to ...)
 	- openjdk-8 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
-CVE-2016-3551
+CVE-2016-3551 (Unspecified vulnerability in the Oracle Web Services component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3550
+CVE-2016-3550 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and ...)
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy)
-CVE-2016-3549
+CVE-2016-3549 (Unspecified vulnerability in the Oracle E-Business Suite Secure Enterp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3548
+CVE-2016-3548 (Unspecified vulnerability in the Oracle Marketing component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3547
+CVE-2016-3547 (Unspecified vulnerability in the Oracle One-to-One Fulfillment compone ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3546
+CVE-2016-3546 (Unspecified vulnerability in the Oracle Advanced Collections component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3545
+CVE-2016-3545 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3544
+CVE-2016-3544 (Unspecified vulnerability in the Oracle Business Intelligence Enterpri ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3543
+CVE-2016-3543 (Unspecified vulnerability in the Oracle Common Applications Calendar c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3542
+CVE-2016-3542 (Unspecified vulnerability in the Oracle Knowledge Management component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3541
+CVE-2016-3541 (Unspecified vulnerability in the Oracle Common Applications Calendar c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3540
+CVE-2016-3540 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3539
+CVE-2016-3539 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3538
+CVE-2016-3538 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3537
+CVE-2016-3537 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3536
+CVE-2016-3536 (Unspecified vulnerability in the Oracle Marketing component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3535
+CVE-2016-3535 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3534
+CVE-2016-3534 (Unspecified vulnerability in the Oracle Installed Base component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3533
+CVE-2016-3533 (Unspecified vulnerability in the Oracle Knowledge Management component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3532
+CVE-2016-3532 (Unspecified vulnerability in the Oracle Advanced Inbound Telephony com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3531
+CVE-2016-3531 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3530
+CVE-2016-3530 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3529
+CVE-2016-3529 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3528
+CVE-2016-3528 (Unspecified vulnerability in the Oracle Internet Expenses component in ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3527
+CVE-2016-3527 (Unspecified vulnerability in the Oracle Demand Planning component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3526
+CVE-2016-3526 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3525
+CVE-2016-3525 (Unspecified vulnerability in the Oracle Applications Manager component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3524
+CVE-2016-3524 (Unspecified vulnerability in the Oracle Applications Technology Stack  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3523
+CVE-2016-3523 (Unspecified vulnerability in the Oracle Web Applications Desktop Integ ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3522
+CVE-2016-3522 (Unspecified vulnerability in the Oracle Web Applications Desktop Integ ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3521
+CVE-2016-3521 (Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 a ...)
 	{DSA-3632-1 DSA-3624-1 DLA-567-1}
 	- mariadb-10.0 10.0.26-1
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3520
+CVE-2016-3520 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3519
+CVE-2016-3519 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3518
+CVE-2016-3518 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows re ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3517
+CVE-2016-3517 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3516
+CVE-2016-3516 (Unspecified vulnerability in the Oracle Enterprise Communications Brok ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3515
+CVE-2016-3515 (Unspecified vulnerability in the Oracle Enterprise Communications Brok ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3514
+CVE-2016-3514 (Unspecified vulnerability in the Oracle Enterprise Communications Brok ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3513
+CVE-2016-3513 (Unspecified vulnerability in the Oracle Communications Operations Moni ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3512
+CVE-2016-3512 (Unspecified vulnerability in the Oracle Customer Interaction History c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3511
+CVE-2016-3511 (Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows loca ...)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2016-3510
+CVE-2016-3510 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3509
+CVE-2016-3509 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3508
+CVE-2016-3508 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Ja ...)
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy)
-CVE-2016-3507
+CVE-2016-3507 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3506
+CVE-2016-3506 (Unspecified vulnerability in the JDBC component in Oracle Database Ser ...)
 	NOT-FOR-US: Oracle Database
-CVE-2016-3505
+CVE-2016-3505 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3504
+CVE-2016-3504 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3503
+CVE-2016-3503 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 all ...)
 	- openjdk-8 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
 	- openjdk-7 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
 	- openjdk-6 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
-CVE-2016-3502
+CVE-2016-3502 (Unspecified vulnerability in the Oracle WebCenter Sites component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3501
+CVE-2016-3501 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.1 ...)
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3500
+CVE-2016-3500 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Ja ...)
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy)
-CVE-2016-3499
+CVE-2016-3499 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3498
+CVE-2016-3498 (Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remo ...)
 	- openjfx 8u102-b14-1 (bug #832419)
-CVE-2016-3497
+CVE-2016-3497 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local user ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3496
+CVE-2016-3496 (Unspecified vulnerability in the Enterprise Manager for Fusion Middlew ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3495
+CVE-2016-3495 (Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows re ...)
 	- mysql-5.7 5.7.15-1
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2016-3494
+CVE-2016-3494 (Unspecified vulnerability in the Enterprise Manager Ops Center compone ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3493
+CVE-2016-3493 (Unspecified vulnerability in the Hyperion Financial Reporting componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3492
+CVE-2016-3492 (Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 a ...)
 	{DSA-3711-1}
 	- mariadb-10.0 10.0.28-1
 	- mysql-5.7 5.7.15-1
@@ -22042,55 +22042,55 @@ CVE-2016-3492
 	[jessie] - mysql-5.5 5.5.52-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.52-0+deb7u1
 	NOTE: Fixed in MariaDB 5.5.52, MariaDB 10.1.18, MariaDB 10.0.28
-CVE-2016-3491
+CVE-2016-3491 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3490
+CVE-2016-3490 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3489
+CVE-2016-3489 (Unspecified vulnerability in the Data Pump Import component in Oracle  ...)
 	NOT-FOR-US: Oracle Database
-CVE-2016-3488
+CVE-2016-3488 (Unspecified vulnerability in the DB Sharding component in Oracle Datab ...)
 	NOT-FOR-US: Oracle Database
-CVE-2016-3487
+CVE-2016-3487 (Unspecified vulnerability in the Oracle WebCenter Sites component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3486
+CVE-2016-3486 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.1 ...)
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3485
+CVE-2016-3485 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Ja ...)
 	- openjdk-8 <not-affected> (Windows-specific)
 	- openjdk-7 <not-affected> (Windows-specific)
 	- openjdk-6 <not-affected> (Windows-specific)
-CVE-2016-3484
+CVE-2016-3484 (Unspecified vulnerability in the Database Vault component in Oracle Da ...)
 	NOT-FOR-US: Oracle Database
-CVE-2016-3483
+CVE-2016-3483 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3482
+CVE-2016-3482 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3481
+CVE-2016-3481 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3480
+CVE-2016-3480 (Unspecified vulnerability in the Solaris Cluster component in Oracle S ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3479
+CVE-2016-3479 (Unspecified vulnerability in the Portable Clusterware component in Ora ...)
 	NOT-FOR-US: Oracle Database
-CVE-2016-3478
+CVE-2016-3478 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3477
+CVE-2016-3477 (Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 a ...)
 	{DSA-3632-1 DSA-3624-1 DLA-567-1}
 	- mariadb-10.0 10.0.26-1
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3476
+CVE-2016-3476 (Unspecified vulnerability in the Oracle Knowledge component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3475
+CVE-2016-3475 (Unspecified vulnerability in the Oracle Knowledge component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3474
+CVE-2016-3474 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3473
+CVE-2016-3473 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3472
+CVE-2016-3472 (Unspecified vulnerability in the Siebel Engineering - Installer and De ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-3471
+CVE-2016-3471 (Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.2 ...)
 	- mariadb-10.0 10.0.22-1
 	[jessie] - mariadb-10.0 10.0.22-0+deb8u1
 	- mysql-5.6 5.6.28-1
@@ -22098,52 +22098,52 @@ CVE-2016-3471
 	[jessie] - mysql-5.5 5.5.46-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.46-0+deb7u1
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3470
+CVE-2016-3470 (Unspecified vulnerability in the Oracle Transportation Management comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3469
+CVE-2016-3469 (Unspecified vulnerability in the Siebel Core - Server Framework compon ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-3468
+CVE-2016-3468 (Unspecified vulnerability in the Oracle Agile Engineering Data Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3467
+CVE-2016-3467 (Unspecified vulnerability in the Application Express component in Orac ...)
 	NOT-FOR-US: Oracle Database
-CVE-2016-3466
+CVE-2016-3466 (Unspecified vulnerability in the Oracle Field Service component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3465
+CVE-2016-3465 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows loc ...)
 	NOT-FOR-US: Solaris
-CVE-2016-3464
+CVE-2016-3464 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3463
+CVE-2016-3463 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3462
+CVE-2016-3462 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local user ...)
 	NOT-FOR-US: Solaris
-CVE-2016-3461
+CVE-2016-3461 (Unspecified vulnerability in the MySQL Enterprise Monitor component in ...)
 	NOT-FOR-US: MySQL Enterprise Monitor
-CVE-2016-3460
+CVE-2016-3460 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3459
+CVE-2016-3459 (Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.1 ...)
 	- mariadb-10.0 10.0.25-1
 	[jessie] - mariadb-10.0 10.0.25-0+deb8u1
 	- mysql-5.6 5.6.34-1 (bug #831844)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3458
+CVE-2016-3458 (Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; an ...)
 	{DSA-3641-1 DLA-579-1}
 	- openjdk-8 8u102-b14-1
 	[experimental] - openjdk-7 7u111-2.6.7-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy)
-CVE-2016-3457
+CVE-2016-3457 (Unspecified vulnerability in the PeopleSoft Enterprise HCM ePerformanc ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3456
+CVE-2016-3456 (Unspecified vulnerability in the Oracle Complex Maintenance, Repair, a ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3455
+CVE-2016-3455 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3454
+CVE-2016-3454 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3453
+CVE-2016-3453 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3452
+CVE-2016-3452 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 a ...)
 	- mariadb-10.0 10.0.25-1
 	[jessie] - mariadb-10.0 10.0.25-0+deb8u1
 	- mysql-5.6 5.6.30-1
@@ -22151,131 +22151,131 @@ CVE-2016-3452
 	[jessie] - mysql-5.5 5.5.49-0+deb8u1
 	[wheezy] - mysql-5.5 5.5.49-0+deb7u1
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3451
+CVE-2016-3451 (Unspecified vulnerability in the ILOM component in Oracle Sun Systems  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3450
+CVE-2016-3450 (Unspecified vulnerability in the Siebel Core - Server Framework compon ...)
 	NOT-FOR-US: Oracle Siebel CRM
-CVE-2016-3449
+CVE-2016-3449 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allo ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2016-3448
+CVE-2016-3448 (Unspecified vulnerability in the Application Express component in Orac ...)
 	NOT-FOR-US: Oracle Database
-CVE-2016-3447
+CVE-2016-3447 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3446
+CVE-2016-3446 (Unspecified vulnerability in the Oracle Business Intelligence Enterpri ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3445
+CVE-2016-3445 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3444
+CVE-2016-3444 (Unspecified vulnerability in the Oracle Retail Integration Bus compone ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3443
+CVE-2016-3443 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allo ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
-CVE-2016-3442
+CVE-2016-3442 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3441
+CVE-2016-3441 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows loc ...)
 	NOT-FOR-US: Solaris
-CVE-2016-3440
+CVE-2016-3440 (Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows re ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3439
+CVE-2016-3439 (Unspecified vulnerability in the Oracle CRM Wireless component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3438
+CVE-2016-3438 (Unspecified vulnerability in the Oracle Configurator component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3437
+CVE-2016-3437 (Unspecified vulnerability in the Oracle CRM Wireless component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3436
+CVE-2016-3436 (Unspecified vulnerability in the Oracle Common Applications Calendar c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3435
+CVE-2016-3435 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3434
+CVE-2016-3434 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3433
+CVE-2016-3433 (Unspecified vulnerability in the Oracle Business Intelligence Enterpri ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3432
+CVE-2016-3432 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3431
+CVE-2016-3431 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
 CVE-2016-3430
 	RESERVED
-CVE-2016-3429
+CVE-2016-3429 (Unspecified vulnerability in the Oracle Retail Xstore Point of Service ...)
 	NOT-FOR-US: Oracle Retail
-CVE-2016-3428
+CVE-2016-3428 (Unspecified vulnerability in the Oracle Agile Engineering Data Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3427
+CVE-2016-3427 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Jav ...)
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u91-b14-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-3426
+CVE-2016-3426 (Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded  ...)
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u91-b14-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-3425
+CVE-2016-3425 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Jav ...)
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u91-b14-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-3424
+CVE-2016-3424 (Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows re ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
-CVE-2016-3423
+CVE-2016-3423 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3422
+CVE-2016-3422 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allo ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
-CVE-2016-3421
+CVE-2016-3421 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3420
+CVE-2016-3420 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3419
+CVE-2016-3419 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows loc ...)
 	NOT-FOR-US: Solaris
-CVE-2016-3418
+CVE-2016-3418 (Unspecified vulnerability in the DataStore component in Oracle Berkele ...)
 	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
-CVE-2016-3417
+CVE-2016-3417 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-3416
+CVE-2016-3416 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-3415
+CVE-2016-3415 (Zimbra Collaboration before 8.7.0 allows remote attackers to conduct d ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3414
+CVE-2016-3414 (Unspecified vulnerability in Zimbra Collaboration before 8.6.0 Patch 7 ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3413
+CVE-2016-3413 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows  ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3412
+CVE-2016-3412 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collabor ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3411
+CVE-2016-3411 (Cross-site scripting (XSS) vulnerability in Zimbra Collaboration befor ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3410
+CVE-2016-3410 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collabor ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3409
+CVE-2016-3409 (Cross-site scripting (XSS) vulnerability in Zimbra Collaboration befor ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3408
+CVE-2016-3408 (Cross-site scripting (XSS) vulnerability in Zimbra Collaboration befor ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3407
+CVE-2016-3407 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collabor ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3406
+CVE-2016-3406 (Multiple cross-site request forgery (CSRF) vulnerabilities in Zimbra C ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3405
+CVE-2016-3405 (Multiple unspecified vulnerabilities in Zimbra Collaboration before 8. ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3404
+CVE-2016-3404 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows  ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3403
+CVE-2016-3403 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Admi ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3402
+CVE-2016-3402 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows  ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3401
+CVE-2016-3401 (Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows  ...)
 	NOT-FOR-US: Zimbra
-CVE-2016-3400
+CVE-2016-3400 (NetApp Data ONTAP 8.1 and 8.2, when operating in 7-Mode, allows man-in ...)
 	NOT-FOR-US: NetApp Data ONTAP
 CVE-2016-3399
 	RESERVED
@@ -22283,428 +22283,428 @@ CVE-2016-3398
 	RESERVED
 CVE-2016-3397
 	REJECTED
-CVE-2016-3396
+CVE-2016-3396 (Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3395
 	REJECTED
 CVE-2016-3394
 	REJECTED
-CVE-2016-3393
+CVE-2016-3393 (Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3392
+CVE-2016-3392 (The Edge Content Security Policy feature in Microsoft Edge does not pr ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3391
+CVE-2016-3391 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3390
+CVE-2016-3390 (The scripting engines in Microsoft Internet Explorer 11 and Microsoft  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3389
+CVE-2016-3389 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3388
+CVE-2016-3388 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not proper ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3387
+CVE-2016-3387 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not proper ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3386
+CVE-2016-3386 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3385
+CVE-2016-3385 (The scripting engine in Microsoft Internet Explorer 9 through 11 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3384
+CVE-2016-3384 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3383
+CVE-2016-3383 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3382
+CVE-2016-3382 (The scripting engines in Microsoft Internet Explorer 9 through 11 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3381
+CVE-2016-3381 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3380
 	REJECTED
-CVE-2016-3379
+CVE-2016-3379 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3378
+CVE-2016-3378 (Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 201 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3377
+CVE-2016-3377 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3376
+CVE-2016-3376 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3375
+CVE-2016-3375 (The OLE Automation mechanism and VBScript scripting engine in Microsof ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3374
+CVE-2016-3374 (The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Go ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3373
+CVE-2016-3373 (The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3372
+CVE-2016-3372 (The kernel API in Microsoft Windows Vista SP2 and Windows Server 2008  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3371
+CVE-2016-3371 (The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3370
+CVE-2016-3370 (The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Go ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3369
+CVE-2016-3369 (Microsoft Windows 10 Gold and 1511 allows attackers to cause a denial  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3368
+CVE-2016-3368 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3367
+CVE-2016-3367 (StringBuilder in Microsoft Silverlight 5 before 5.1.50709.0 does not p ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3366
+CVE-2016-3366 (Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outloo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3365
+CVE-2016-3365 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3364
+CVE-2016-3364 (Microsoft Visio 2016 allows remote attackers to execute arbitrary code ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3363
+CVE-2016-3363 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3362
+CVE-2016-3362 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3361
+CVE-2016-3361 (Microsoft Excel 2010 SP2 allows remote attackers to execute arbitrary  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3360
+CVE-2016-3360 (Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3359
+CVE-2016-3359 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3358
+CVE-2016-3358 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3357
+CVE-2016-3357 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3356
+CVE-2016-3356 (The Graphics Device Interface (GDI) in Microsoft Windows 10 1607 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3355
+CVE-2016-3355 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3354
+CVE-2016-3354 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3353
+CVE-2016-3353 (Microsoft Internet Explorer 9 through 11 mishandles .url files from th ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3352
+CVE-2016-3352 (Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3351
+CVE-2016-3351 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3350
+CVE-2016-3350 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3349
+CVE-2016-3349 (The kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3348
+CVE-2016-3348 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3347
 	REJECTED
-CVE-2016-3346
+CVE-2016-3346 (Microsoft Windows 10 Gold, 1511, and 1607 does not properly enforce pe ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3345
+CVE-2016-3345 (The SMBv1 server in Microsoft Windows Vista SP2, Windows Server 2008 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3344
+CVE-2016-3344 (The Secure Kernel Mode feature in Microsoft Windows 10 Gold and 1511 a ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3343
+CVE-2016-3343 (The Common Log File System (CLFS) driver in Microsoft Windows Vista SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3342
+CVE-2016-3342 (The Common Log File System (CLFS) driver in Microsoft Windows Vista SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3341
+CVE-2016-3341 (The kernel-mode drivers in Transaction Manager in Microsoft Windows 8. ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3340
+CVE-2016-3340 (The Common Log File System (CLFS) driver in Microsoft Windows Vista SP ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3339
 	REJECTED
-CVE-2016-3338
+CVE-2016-3338 (The Common Log File System (CLFS) driver in Microsoft Windows Vista SP ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3337
 	REJECTED
 CVE-2016-3336
 	REJECTED
-CVE-2016-3335
+CVE-2016-3335 (The Common Log File System (CLFS) driver in Microsoft Windows Vista SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3334
+CVE-2016-3334 (The Common Log File System (CLFS) driver in Microsoft Windows Vista SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3333
+CVE-2016-3333 (The Common Log File System (CLFS) driver in Microsoft Windows Vista SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3332
+CVE-2016-3332 (The Common Log File System (CLFS) driver in Microsoft Windows Vista SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3331
+CVE-2016-3331 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3330
+CVE-2016-3330 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3329
+CVE-2016-3329 (Microsoft Internet Explorer 9 through 11 and Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3328
 	REJECTED
-CVE-2016-3327
+CVE-2016-3327 (Microsoft Internet Explorer 9 through 11 and Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3326
+CVE-2016-3326 (Microsoft Internet Explorer 9 through 11 and Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3325
+CVE-2016-3325 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3324
+CVE-2016-3324 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3323
 	REJECTED
-CVE-2016-3322
+CVE-2016-3322 (Microsoft Internet Explorer 11 and Edge allow remote attackers to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3321
+CVE-2016-3321 (Microsoft Internet Explorer 10 and 11 load different files for attempt ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3320
+CVE-2016-3320 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3319
+CVE-2016-3319 (The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3318
+CVE-2016-3318 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allow r ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3317
+CVE-2016-3317 (Microsoft Office 2010 SP2, Word 2007 SP3, Word 2010 SP2, Word for Mac  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3316
+CVE-2016-3316 (Microsoft Word 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow rem ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3315
+CVE-2016-3315 (Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3314
 	REJECTED
-CVE-2016-3313
+CVE-2016-3313 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3312
+CVE-2016-3312 (ActiveSyncProvider in Microsoft Windows 10 Gold and 1511 allows attack ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3311
+CVE-2016-3311 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3310
+CVE-2016-3310 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3309
+CVE-2016-3309 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3308
+CVE-2016-3308 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3307
 	REJECTED
-CVE-2016-3306
+CVE-2016-3306 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3305
+CVE-2016-3305 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3304
+CVE-2016-3304 (The Windows font library in Microsoft Windows Vista SP2, Windows Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3303
+CVE-2016-3303 (The Windows font library in Microsoft Windows Vista SP2, Windows Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3302
+CVE-2016-3302 (Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3301
+CVE-2016-3301 (The Windows font library in Microsoft Windows Vista SP2; Windows Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3300
+CVE-2016-3300 (The Netlogon service in Microsoft Windows 8.1, Windows Server 2012 Gol ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3299
+CVE-2016-3299 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3298
+CVE-2016-3298 (Microsoft Internet Explorer 9 through 11 and the Internet Messaging AP ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3297
+CVE-2016-3297 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3296
+CVE-2016-3296 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3295
+CVE-2016-3295 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3294
+CVE-2016-3294 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3293
+CVE-2016-3293 (Microsoft Internet Explorer 9 through 11 and Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3292
+CVE-2016-3292 (Microsoft Internet Explorer 10 and 11 mishandles integrity settings an ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3291
+CVE-2016-3291 (Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-orig ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3290
+CVE-2016-3290 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3289
+CVE-2016-3289 (Microsoft Internet Explorer 11 and Edge allow remote attackers to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3288
+CVE-2016-3288 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3287
+CVE-2016-3287 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3286
+CVE-2016-3286 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3285
 	REJECTED
-CVE-2016-3284
+CVE-2016-3284 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3283
+CVE-2016-3283 (Microsoft Word Viewer allows remote attackers to execute arbitrary cod ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3282
+CVE-2016-3282 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3281
+CVE-2016-3281 (Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3280
+CVE-2016-3280 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3279
+CVE-2016-3279 (Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3278
+CVE-2016-3278 (Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows rem ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3277
+CVE-2016-3277 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3276
+CVE-2016-3276 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3275
 	REJECTED
-CVE-2016-3274
+CVE-2016-3274 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3273
+CVE-2016-3273 (The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microso ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3272
+CVE-2016-3272 (The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3271
+CVE-2016-3271 (The VBScript engine in Microsoft Edge allows remote attackers to obtai ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3270
+CVE-2016-3270 (The Graphics component in the kernel in Microsoft Windows Vista SP2; W ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3269
+CVE-2016-3269 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3268
 	REJECTED
-CVE-2016-3267
+CVE-2016-3267 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3266
+CVE-2016-3266 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3265
+CVE-2016-3265 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3264
+CVE-2016-3264 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3263
+CVE-2016-3263 (Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3262
+CVE-2016-3262 (Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3261
+CVE-2016-3261 (Microsoft Internet Explorer 11 allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3260
+CVE-2016-3260 (The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript e ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3259
+CVE-2016-3259 (The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript e ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3258
+CVE-2016-3258 (Race condition in the kernel in Microsoft Windows 8.1, Windows Server  ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3257
 	REJECTED
-CVE-2016-3256
+CVE-2016-3256 (Microsoft Windows 10 Gold and 1511 allows local users to bypass the Se ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3255
+CVE-2016-3255 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 al ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3254
+CVE-2016-3254 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3253
 	REJECTED
-CVE-2016-3252
+CVE-2016-3252 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3251
+CVE-2016-3251 (The GDI component in the kernel-mode drivers in Microsoft Windows Vist ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3250
+CVE-2016-3250 (The kernel-mode drivers in Microsoft Windows Server 2012 and Windows 1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3249
+CVE-2016-3249 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3248
+CVE-2016-3248 (The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript e ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3247
+CVE-2016-3247 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3246
+CVE-2016-3246 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3245
+CVE-2016-3245 (Microsoft Internet Explorer 9 through 11 allows remote attackers to tr ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3244
+CVE-2016-3244 (Microsoft Edge allows remote attackers to bypass the ASLR protection m ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3243
+CVE-2016-3243 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3242
+CVE-2016-3242 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3241
+CVE-2016-3241 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3240
+CVE-2016-3240 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3239
+CVE-2016-3239 (The Print Spooler service in Microsoft Windows Vista SP2, Windows Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3238
+CVE-2016-3238 (The Print Spooler service in Microsoft Windows Vista SP2, Windows Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3237
+CVE-2016-3237 (Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3236
+CVE-2016-3236 (The Web Proxy Auto Discovery (WPAD) protocol implementation in Microso ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3235
+CVE-2016-3235 (Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3234
+CVE-2016-3234 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compat ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3233
+CVE-2016-3233 (Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pac ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3232
+CVE-2016-3232 (The Virtual PCI (VPCI) virtual service provider in Microsoft Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3231
+CVE-2016-3231 (The Standard Collector service in Windows Diagnostics Hub mishandles l ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3230
+CVE-2016-3230 (The Search component in Microsoft Windows 7, Windows Server 2008 R2 SP ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3229
 	REJECTED
-CVE-2016-3228
+CVE-2016-3228 (Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 G ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3227
+CVE-2016-3227 (Use-after-free vulnerability in the DNS Server component in Microsoft  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3226
+CVE-2016-3226 (Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3225
+CVE-2016-3225 (The SMB server component in Microsoft Windows Vista SP2, Windows Serve ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3224
 	REJECTED
-CVE-2016-3223
+CVE-2016-3223 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3222
+CVE-2016-3222 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3221
+CVE-2016-3221 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3220
+CVE-2016-3220 (atmfd.dll in the Adobe Type Manager Font Driver in Microsoft Windows V ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3219
+CVE-2016-3219 (The kernel-mode driver in Microsoft Windows 10 Gold and 1511 allows lo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3218
+CVE-2016-3218 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3217
 	REJECTED
-CVE-2016-3216
+CVE-2016-3216 (GDI32.dll in the Graphics component in Microsoft Windows Vista SP2, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3215
+CVE-2016-3215 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 151 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3214
+CVE-2016-3214 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3213
+CVE-2016-3213 (The Web Proxy Auto Discovery (WPAD) protocol implementation in Microso ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3212
+CVE-2016-3212 (The XSS Filter in Microsoft Internet Explorer 9 through 11 does not pr ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3211
+CVE-2016-3211 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3210
+CVE-2016-3210 (The Microsoft (1) JScript and (2) VBScript engines, as used in Interne ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3209
+CVE-2016-3209 (Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3208
 	REJECTED
-CVE-2016-3207
+CVE-2016-3207 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3206
+CVE-2016-3206 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3205
+CVE-2016-3205 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3204
+CVE-2016-3204 (The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engin ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3203
+CVE-2016-3203 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gol ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3202
+CVE-2016-3202 (The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript eng ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3201
+CVE-2016-3201 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gol ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-3200
 	REJECTED
-CVE-2016-3199
+CVE-2016-3199 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3198
+CVE-2016-3198 (Microsoft Edge allows remote attackers to bypass the Content Security  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-3196
+CVE-2016-3196 (Cross-site scripting (XSS) vulnerability in Fortinet FortiAnalyzer 5.x ...)
 	NOT-FOR-US: Fortinet
-CVE-2016-3195
+CVE-2016-3195 (Cross-site scripting (XSS) vulnerability in the Web-UI in Fortinet For ...)
 	NOT-FOR-US: Fortinet
-CVE-2016-3194
+CVE-2016-3194 (Cross-site scripting (XSS) vulnerability in the address added page in  ...)
 	NOT-FOR-US: Fortinet
-CVE-2016-3193
+CVE-2016-3193 (Cross-site scripting (XSS) vulnerability in the appliance web-applicat ...)
 	NOT-FOR-US: Fortinet
 CVE-2016-3192
 	RESERVED
-CVE-2016-3190
+CVE-2016-3190 (The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c ...)
 	- cairo 1.14.2-2
 	[jessie] - cairo 1.14.0-2.1+deb8u1
 	[wheezy] - cairo <no-dsa> (Minor issue)
 	NOTE: https://cgit.freedesktop.org/cairo/patch/src/cairo-image-compositor.c?id=5c82d91a5e15d29b1489dcb413b24ee7fdf59934
-CVE-2016-3189
+CVE-2016-3189 (Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows rem ...)
 	- bzip2 1.0.6-8.1 (low; bug #827744)
 	[jessie] - bzip2 <no-dsa> (Minor issue)
 	[wheezy] - bzip2 <no-dsa> (Minor issue)
-CVE-2016-3188
+CVE-2016-3188 (The _prepopulate_request_walk function in the Prepopulate module 7.x-2 ...)
 	NOT-FOR-US: Prepopulate module for Drupal
-CVE-2016-3187
+CVE-2016-3187 (The Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote ...)
 	NOT-FOR-US: Prepopulate module for Drupal
-CVE-2016-3186
+CVE-2016-3186 (Buffer overflow in the readextension function in gif2tiff.c in LibTIFF ...)
 	{DLA-693-1 DLA-610-1}
 	- tiff 4.0.6-3 (bug #819972)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
@@ -22714,7 +22714,7 @@ CVE-2016-3186
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2536
 	NOTE: Proposed patch from Red Hat: https://bugzilla.redhat.com/attachment.cgi?id=1144235&action=diff
 	NOTE: gif2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
-CVE-2016-3185
+CVE-2016-3185 (The make_http_soap_request function in ext/soap/php_http.c in PHP befo ...)
 	- php7.0 7.0.4-1
 	NOTE: https://bugs.php.net/bug.php?id=71610
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=eaf4e77190d402ea014207e9a7d5da1a4f3727ba
@@ -22727,15 +22727,15 @@ CVE-2016-3185
 	NOTE: Fixed in 5.6.12, 5.5.28, 5.4.44
 CVE-2016-3184
 	RESERVED
-CVE-2016-3180
+CVE-2016-3180 (Tor Browser Launcher (aka torbrowser-launcher) before 0.2.4, during th ...)
 	- torbrowser-launcher 0.2.4-1
 	[jessie] - torbrowser-launcher 0.1.9-1+deb8u3
 	NOTE: https://github.com/micahflee/torbrowser-launcher/issues/229
-CVE-2016-3177
+CVE-2016-3177 (Multiple use-after-free and double-free vulnerabilities in gifcolor.c  ...)
 	- giflib <unfixed> (unimportant)
 	NOTE: https://sourceforge.net/p/giflib/bugs/83/
 	NOTE: Issue only in gifcolor utility, not installed into giflib-tools
-CVE-2016-3176
+CVE-2016-3176 (Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external  ...)
 	- salt 2015.8.8+ds-1 (bug #819184)
 	[jessie] - salt <no-dsa> (Minor issue; external_auth not by default usable)
 	NOTE: external_auth seems not usable by default under Jessie due to the
@@ -22746,15 +22746,15 @@ CVE-2016-3176
 	NOTE: Fixed in 2015.5.10/2015.8.8 upstream
 CVE-2016-3175
 	RESERVED
-CVE-2016-3174
+CVE-2016-3174 (An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-3173
+CVE-2016-3173 (An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-3161
+CVE-2016-3161 (For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and N ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
 CVE-2016-3160
 	RESERVED
-CVE-2016-3159
+CVE-2016-3159 (The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not proper ...)
 	{DSA-3554-1 DLA-571-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	NOTE: http://xenbits.xen.org/xsa/advisory-172.html
@@ -22762,7 +22762,7 @@ CVE-2016-3159
 	NOTE: versions only, but which must always be combined with the code change
 	NOTE: for CVE-2016-3158.  Ie for the first hunk in xsa172.patch, which
 	NOTE: patches the function fpu_fxrstor.
-CVE-2016-3158
+CVE-2016-3158 (The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly  ...)
 	{DSA-3554-1 DLA-571-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	NOTE: http://xenbits.xen.org/xsa/advisory-172.html
@@ -22770,65 +22770,65 @@ CVE-2016-3158
 	NOTE: versions (but which is sufficient only on Xen 4.3.x, and insufficient
 	NOTE: on later versions).  Ie for the second hunk in xsa172.patch (the only
 	NOTE: hunk in xsa172-4.3.patch), which patches the function xrstor.
-CVE-2016-3157
+CVE-2016-3157 (The __switch_to function in arch/x86/kernel/process_64.c in the Linux  ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-171.html
 	NOTE: https://git.kernel.org/linus/b7a584598aea7ca73140cb87b40319944dd3393f
-CVE-2016-3155
+CVE-2016-3155 (Siemens APOGEE Insight uses weak permissions for the application folde ...)
 	NOT-FOR-US: Siemens APOGEE Insight
 CVE-2016-XXXX [use-after-free in unserialisation]
 	- hhvm 3.12.1+dfsg-1
 	NOTE: https://github.com/facebook/hhvm/commit/fd456ffad5d164c1563dc8bd97bcc2f200ff6f69
-CVE-2016-6288
+CVE-2016-6288 (The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5. ...)
 	{DLA-533-1}
 	- hhvm 3.12.1+dfsg-1
 	- php5 5.6.15+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=70480
 	NOTE: https://github.com/facebook/hhvm/commit/3fa7e73055855c409d48e8aa1dc416a76d3dd764
 	NOTE: https://git.php.net/?p=php-src.git;a=commitdiff;h=629e4da7cc8b174acdeab84969cbfc606a019b31
-CVE-2016-3152
+CVE-2016-3152 (Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow rem ...)
 	NOT-FOR-US: Barco ClickShare
-CVE-2016-3151
+CVE-2016-3151 (Directory traversal vulnerability in the wallpaper parsing functionali ...)
 	NOT-FOR-US: Barco ClickShare
-CVE-2016-3150
+CVE-2016-3150 (Cross-site scripting (XSS) vulnerability in wallpaper.php in the Base  ...)
 	NOT-FOR-US: Barco ClickShare
-CVE-2016-3149
+CVE-2016-3149 (Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 ...)
 	NOT-FOR-US: Barco ClickShare
 CVE-2016-3148
 	RESERVED
-CVE-2016-3147
+CVE-2016-3147 (Buffer overflow in the collector.exe listener of the Landesk Managemen ...)
 	NOT-FOR-US: Landesk Management Suite
 CVE-2016-3146
 	RESERVED
-CVE-2016-3145
+CVE-2016-3145 (Lexmark printers with firmware ATL before ATL.021.063, CB before CB.02 ...)
 	NOT-FOR-US: Lexmark printers
-CVE-2016-3144
+CVE-2016-3144 (Cross-site scripting (XSS) vulnerability in the Block Class module 7.x ...)
 	NOT-FOR-US: Drupal Block Class module
 CVE-2016-3143
 	RESERVED
-CVE-2016-3156
+CVE-2016-3156 (The IPv4 implementation in the Linux kernel before 4.5.2 mishandles de ...)
 	{DSA-3607-1}
 	- linux 4.5.1-1
 	[wheezy] - linux <not-affected> (Not a security issue since containers are not supported)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/3
 CVE-2016-3133
 	RESERVED
-CVE-2016-3132
+CVE-2016-3132 (Double free vulnerability in the SplDoublyLinkedList::offsetSet functi ...)
 	- php7.0 7.0.6-1
 	NOTE: https://bugs.php.net/bug.php?id=71735
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=28a6ed9f9a36b9c517e4a8a429baf4dd382fc5d5
 CVE-2016-3131
 	RESERVED
-CVE-2016-3130
+CVE-2016-3130 (An information disclosure vulnerability in the Core and Management Con ...)
 	NOT-FOR-US: BlackBerry
-CVE-2016-3129
+CVE-2016-3129 (A remote shell execution vulnerability in the BlackBerry Good Enterpri ...)
 	NOT-FOR-US: BlackBerry
-CVE-2016-3128
+CVE-2016-3128 (A spoofing vulnerability in the Core of BlackBerry Enterprise Server ( ...)
 	NOT-FOR-US: BlackBerry
-CVE-2016-3127
+CVE-2016-3127 (An information disclosure vulnerability in the logging implementation  ...)
 	NOT-FOR-US: BlackBerry
-CVE-2016-3126
+CVE-2016-3126 (Cross-site scripting (XSS) vulnerability in the Management Console in  ...)
 	NOT-FOR-US: BlackBerry
 CVE-2016-3123
 	RESERVED
@@ -22836,44 +22836,44 @@ CVE-2016-3122
 	RESERVED
 CVE-2016-3121
 	RESERVED
-CVE-2016-3120
+CVE-2016-3120 (The validate_as_request function in kdc_util.c in the Key Distribution ...)
 	{DLA-1265-1}
 	- krb5 1.14.3+dfsg-1 (bug #832572)
 	[jessie] - krb5 1.12.1+dfsg-19+deb8u3
 	NOTE: https://github.com/krb5/krb5/commit/93b4a6306a0026cf1cc31ac4bd8a49ba5d034ba7
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8458
-CVE-2016-3119
+CVE-2016-3119 (The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_prin ...)
 	{DLA-1265-1}
 	- krb5 1.14.2+dfsg-1 (bug #819468)
 	[jessie] - krb5 1.12.1+dfsg-19+deb8u3
 	NOTE: https://github.com/krb5/krb5/commit/08c642c09c38a9c6454ab43a9b53b2a89b9eef99
-CVE-2016-3118
+CVE-2016-3118 (CRLF injection vulnerability in CA API Gateway (formerly Layer7 API Ga ...)
 	NOT-FOR-US: CA API Gateway
 CVE-2016-3117
 	RESERVED
-CVE-2016-3114
+CVE-2016-3114 (Kallithea before 0.3.2 allows remote authenticated users to edit or de ...)
 	- kallithea <itp> (bug #689573)
-CVE-2016-3113
+CVE-2016-3113 (Cross-site scripting (XSS) vulnerability in ovirt-engine allows remote ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2016-3112
+CVE-2016-3112 (client/consumer/cli.py in Pulp before 2.8.3 writes consumer private ke ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3111
+CVE-2016-3111 (pulp.spec in the installation process for Pulp 2.8.3 generates the RSA ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3110
+CVE-2016-3110 (mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote at ...)
 	- libapache2-mod-cluster <itp> (bug #731410)
-CVE-2016-3109
+CVE-2016-3109 (The backend/Login/load/ script in Shopware before 5.1.5 allows remote  ...)
 	NOT-FOR-US: Shopware
-CVE-2016-3108
+CVE-2016-3108 (The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows loca ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3107
+CVE-2016-3107 (The Node certificate in Pulp before 2.8.3 contains the private key, an ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3106
+CVE-2016-3106 (Pulp before 2.8.3 creates a temporary directory during CA key generati ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3105
+CVE-2016-3105 (The convert extension in Mercurial before 3.8 might allow context-depe ...)
 	{DSA-3570-1 DLA-459-1}
 	- mercurial 3.8.1-1
 	NOTE: https://selenic.com/hg/rev/a56296f55a5e
-CVE-2016-3104
+CVE-2016-3104 (mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remot ...)
 	- mongodb 1:3.2.11-1
 	[jessie] - mongodb <no-dsa> (Minor issue)
 	[wheezy] - mongodb <no-dsa> (Minor issue)
@@ -22885,38 +22885,38 @@ CVE-2016-3104
 	NOTE: to 2.6, and did not complete a full upgrade
 CVE-2016-3103
 	RESERVED
-CVE-2016-3102
+CVE-2016-3102 (The Script Security plugin before 1.18.1 in Jenkins might allow remote ...)
 	- jenkins <removed>
-CVE-2016-3101
+CVE-2016-3101 (Cross-site scripting (XSS) vulnerability in the Extra Columns plugin b ...)
 	- jenkins <removed>
-CVE-2016-3100
+CVE-2016-3100 (kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for  ...)
 	- kinit 5.23.0-1 (bug #827476)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=358593
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=363140
 	NOTE: https://quickgit.kde.org/?p=kinit.git&a=commitdiff&h=dece8fd89979cd1a86c03bcaceef6e9221e8d8cd
 	NOTE: https://quickgit.kde.org/?p=kinit.git&a=commitdiff&h=72f3702dbe6cf15c06dc13da2c99c864e9022a58
-CVE-2016-3099
+CVE-2016-3099 (mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux ...)
 	- libapache2-mod-nss 1.0.14-1 (bug #822461)
 	[jessie] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	[wheezy] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	NOTE: Introduced in https://git.fedorahosted.org/cgit/mod_nss.git/commit/?id=2d1650900f4d47dc43400d826c0f7e1a7c5229b8 (1.10.11)
 CVE-2016-3098
 	RESERVED
-CVE-2016-3097
+CVE-2016-3097 (Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat  ...)
 	NOT-FOR-US: spacewalk-java
-CVE-2016-3096
+CVE-2016-3096 (The create_script function in the lxc_container module in Ansible befo ...)
 	- ansible 2.0.1.0-2 (bug #819676)
 	[jessie] - ansible <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1322925
 	NOTE: https://sources.debian.org/src/ansible/2.0.1.0-1/lib/ansible/modules/extras/cloud/lxc/lxc_container.py/?hl=523#L523
-CVE-2016-3095
+CVE-2016-3095 (server/bin/pulp-gen-ca-certificate in Pulp before 2.8.2 allows local u ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2016-3094
+CVE-2016-3094 (PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker ...)
 	- qpid-java <itp> (bug #840131)
-CVE-2016-3093
+CVE-2016-3093 (Apache Struts 2.0.0 through 2.3.24.1 does not properly cache method re ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2.x)
 	NOTE: https://struts.apache.org/docs/s2-034.html
-CVE-2016-3092
+CVE-2016-3092 (The MultipartStream class in Apache Commons Fileupload before 1.3.2, a ...)
 	{DSA-3614-1 DSA-3611-1 DSA-3609-1 DLA-529-1 DLA-528-1}
 	- libcommons-fileupload-java 1.3.2-1
 	- tomcat7 7.0.70-1
@@ -22925,61 +22925,61 @@ CVE-2016-3092
 	NOTE: Fixed by https://svn.apache.org/r1743480
 	NOTE: Upstream advisory http://markmail.org/message/oyxfv73jb2g7rjg3
 	NOTE: https://mail-archives.us.apache.org/mod_mbox/www-announce/201606.mbox/%3C6223ece6-2b41-ef4f-22f9-d3481e492832@apache.org%3E
-CVE-2016-3091
+CVE-2016-3091 (Cloud Foundry Diego 0.1468.0 through 0.1470.0 allows remote attackers  ...)
 	NOT-FOR-US: Cloud Foundry Diego
-CVE-2016-3090
+CVE-2016-3090 (The TextParseUtil.translateVariables method in Apache Struts 2.x befor ...)
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <end-of-life>
 	NOTE: https://struts.apache.org/docs/s2-027.html
-CVE-2016-3089
+CVE-2016-3089 (Cross-site scripting (XSS) vulnerability in the SWF panel in Apache Op ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2016-3088
+CVE-2016-3088 (The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 al ...)
 	- activemq 5.14.0+dfsg-1
 	[jessie] - activemq <not-affected> (file server was only enabled in 5.13.2+dfsg-2)
 	[wheezy] - activemq <not-affected> (file server was only enabled in 5.13.2+dfsg-2)
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2016-3088-announcement.txt
-CVE-2016-3087
+CVE-2016-3087 (Apache Struts 2.3.20.x before 2.3.20.3, 2.3.24.x before 2.3.24.3, and  ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2.x)
 	NOTE: https://struts.apache.org/docs/s2-033.html
-CVE-2016-3086
+CVE-2016-3086 (The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x bef ...)
 	- hadoop <itp> (bug #793644)
-CVE-2016-3085
+CVE-2016-3085 (Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x be ...)
 	NOT-FOR-US: Apache CloudStack
-CVE-2016-3084
+CVE-2016-3084 (The UAA reset password flow in Cloud Foundry release v236 and earlier  ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-3083
+CVE-2016-3083 (Apache Hive (JDBC + HiveServer2) implements SSL for plain TCP and HTTP ...)
 	NOT-FOR-US: Apache Hive
-CVE-2016-3082
+CVE-2016-3082 (XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.2 ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2.x)
 	NOTE: https://struts.apache.org/docs/s2-031.html
-CVE-2016-3081
+CVE-2016-3081 (Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.2 ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2.x)
 	NOTE: https://struts.apache.org/docs/s2-032.html
-CVE-2016-3080
+CVE-2016-3080 (Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat  ...)
 	NOT-FOR-US: Red Hat Satellite / Spacewalk / spacewalk-monitoring
-CVE-2016-3079
+CVE-2016-3079 (Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in S ...)
 	NOT-FOR-US: Red Hat Satellite / Spacewalk
-CVE-2016-3078
+CVE-2016-3078 (Multiple integer overflows in php_zip.c in the zip extension in PHP be ...)
 	- php7.0 7.0.6-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/28/1
 	NOTE: Fixed in 7.0.6
 	NOTE: https://bugs.php.net/bug.php?id=71923
-CVE-2016-3077
+CVE-2016-3077 (The VersionMapper.fromKernelVersionString method in oVirt Engine allow ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2016-3076
+CVE-2016-3076 (Heap-based buffer overflow in the j2k_encode_entry function in Pillow  ...)
 	- pillow <unfixed> (unimportant)
 	- python-imaging <removed> (unimportant)
 	NOTE: https://github.com/python-pillow/Pillow/commit/a1f244343df389cf15cdfff80327594821097295 (3.1.2)
 	NOTE: Marked as unimportant since source vulnerable but in Debian we do
 	NOTE: not built against openjpeg by default
-CVE-2016-3075
+CVE-2016-3075 (Stack-based buffer overflow in the nss_dns implementation of the getne ...)
 	{DLA-494-1}
 	- glibc 2.22-6
 	[jessie] - glibc 2.19-18+deb8u5
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Minor issue, can be fixed via point release)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19879
-CVE-2016-3074
+CVE-2016-3074 (Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or li ...)
 	{DSA-3602-1 DSA-3556-1}
 	- libgd2 2.1.1-4.1 (bug #822242)
 	- php5 5.6.21+dfsg-1 (unimportant)
@@ -22993,18 +22993,18 @@ CVE-2016-3074
 	NOTE: HHVM fix: https://github.com/facebook/hhvm/commit/29a6487d648d1593e1e2fa615d9b3a844756ddc3
 CVE-2016-3073
 	REJECTED
-CVE-2016-3072
+CVE-2016-3072 (Multiple SQL injection vulnerabilities in the scoped_search function i ...)
 	NOT-FOR-US: Katello
-CVE-2016-3071
+CVE-2016-3071 (Libreswan 3.16 might allow remote attackers to cause a denial of servi ...)
 	- libreswan <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://lists.libreswan.org/pipermail/swan-announce/2016/000019.html
-CVE-2016-3070
+CVE-2016-3070 (The trace_writeback_dirty_page implementation in include/trace/events/ ...)
 	{DSA-3607-1}
 	- linux 4.4.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1306851
 	NOTE: https://git.kernel.org/linus/42cb14b110a5698ccf26ce59c4441722605a3743 (v4.4-rc1)
-CVE-2016-3069
+CVE-2016-3069 (Mercurial before 3.7.3 allows remote attackers to execute arbitrary co ...)
 	{DSA-3542-1}
 	- mercurial 3.7.3-1 (bug #819504)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29
@@ -23013,19 +23013,19 @@ CVE-2016-3069
 	NOTE: https://selenic.com/repo/hg-stable/rev/b732e7f2aba4 (3/5)
 	NOTE: https://selenic.com/repo/hg-stable/rev/80cac1de6aea (4/5)
 	NOTE: https://selenic.com/repo/hg-stable/rev/ae279d4a19e9 (5/5)
-CVE-2016-3068
+CVE-2016-3068 (Mercurial before 3.7.3 allows remote attackers to execute arbitrary co ...)
 	{DSA-3542-1}
 	- mercurial 3.7.3-1 (bug #819504)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29
 	NOTE: https://selenic.com/repo/hg-stable/rev/34d43cb85de8
-CVE-2016-3067
+CVE-2016-3067 (Cygwin before 2.5.0 does not properly handle updating permissions when ...)
 	NOT-FOR-US: Cygwin
-CVE-2016-3066
+CVE-2016-3066 (The spice-gtk widget allows remote authenticated users to obtain infor ...)
 	- spice-gtk <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1320263
 	NOTE: Hardly a security issue per se, but a design limitation/risky feature
 	NOTE: It's up to applications using spice-gtk to use it as appropriate
-CVE-2016-3065
+CVE-2016-3065 (The (1) brin_page_type and (2) brin_metapage_info functions in the pag ...)
 	- postgresql-9.5 9.5.2-1
 	- postgresql-9.4 <not-affected> (Only affects 9.5.x)
 	- postgresql-9.1 <not-affected> (Only affects 9.5.x)
@@ -23037,7 +23037,7 @@ CVE-2016-XXXX [fscanf format string security bug in flashrom layout code]
 	[wheezy] - flashrom <no-dsa> (Minor issue)
 	NOTE: https://www.flashrom.org/pipermail/flashrom/2016-March/014523.html
 	NOTE: Neutralised by hardening
-CVE-2016-3183
+CVE-2016-3183 (The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1  ...)
 	- openjpeg2 2.1.1-1 (low; bug #818399)
 	[jessie] - openjpeg2 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/14/14
@@ -23054,46 +23054,46 @@ CVE-2016-3181 [Out-Of-Bounds Read in opj_tcd_free_tile function]
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/14/12
 	NOTE: https://github.com/uclouvain/openjpeg/issues/724
-CVE-2016-3140
+CVE-2016-3140 (The digi_port_init function in drivers/usb/serial/digi_acceleport.c in ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: http://seclists.org/bugtraq/2016/Mar/61
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283378
 	NOTE: https://marc.info/?l=linux-usb&m=145796765030590&w=2
-CVE-2016-3139
+CVE-2016-3139 (The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Li ...)
 	- linux 4.0.2-1 (low)
 	[jessie] - linux <ignored> (Minor issue)
 	[wheezy] - linux <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/bugtraq/2016/Mar/60
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283375
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283377
-CVE-2016-3138
+CVE-2016-3138 (The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux ker ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: http://seclists.org/bugtraq/2016/Mar/54
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283366
 	NOTE: http://marc.info/?l=linux-usb&m=145803342320160&w=2
-CVE-2016-3137
+CVE-2016-3137 (drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allow ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: http://seclists.org/bugtraq/2016/Mar/55
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283368
-CVE-2016-3136
+CVE-2016-3136 (The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: http://seclists.org/bugtraq/2016/Mar/57
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283370
-CVE-2016-3125
+CVE-2016-3125 (The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2  ...)
 	- proftpd-dfsg 1.3.5b-1 (bug #818492)
 	[jessie] - proftpd-dfsg 1.3.5-1.1+deb8u2
 	[wheezy] - proftpd-dfsg <no-dsa> (Minor issue; can be fixed in point release)
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4230
 	NOTE: Fixed in 1.3.6rc2, 1.3.5b.
-CVE-2016-3064
+CVE-2016-3064 (NetApp Clustered Data ONTAP before 8.2.4P4 and 8.3.x before 8.3.2P2 al ...)
 	NOT-FOR-US: NetApp
-CVE-2016-3063
+CVE-2016-3063 (Multiple functions in NetApp OnCommand System Manager before 8.3.2 do  ...)
 	NOT-FOR-US: NetApp
-CVE-2016-3062
+CVE-2016-3062 (The mov_read_dref function in libavformat/mov.c in Libav before 11.7 a ...)
 	{DSA-3603-1 DLA-515-1}
 	- libav <removed>
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=7e01d48cfd168c3dfc663f03a3b6a98e0ecba328
@@ -23103,287 +23103,287 @@ CVE-2016-3062
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/689e59b7ffed34eba6159dcc78e87133862e3746 (n0.11)
 CVE-2016-3061
 	RESERVED
-CVE-2016-3060
+CVE-2016-3060 (Payments Director in IBM Financial Transaction Manager (FTM) for ACH S ...)
 	NOT-FOR-US: IBM
-CVE-2016-3059
+CVE-2016-3059 (IBM Tivoli Storage Manager for Databases: Data Protection for Microsof ...)
 	NOT-FOR-US: IBM
 CVE-2016-3058
 	RESERVED
-CVE-2016-3057
+CVE-2016-3057 (Cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrato ...)
 	NOT-FOR-US: IBM
-CVE-2016-3056
+CVE-2016-3056 (Cross-site scripting (XSS) vulnerability in Business Space in IBM Busi ...)
 	NOT-FOR-US: IBM
-CVE-2016-3055
+CVE-2016-3055 (IBM FileNet Workplace 4.0.2 before 4.0.2.14 LA012 allows remote authen ...)
 	NOT-FOR-US: IBM
-CVE-2016-3054
+CVE-2016-3054 (Cross-site scripting (XSS) vulnerability in IBM FileNet Workplace 4.0. ...)
 	NOT-FOR-US: IBM
-CVE-2016-3053
+CVE-2016-3053 (IBM AIX contains an unspecified vulnerability that would allow a local ...)
 	NOT-FOR-US: IBM
-CVE-2016-3052
+CVE-2016-3052 (Under non-standard configurations, IBM WebSphere MQ might send passwor ...)
 	NOT-FOR-US: IBM
-CVE-2016-3051
+CVE-2016-3051 (IBM Security Access Manager for Web 9.0.0 could allow an authenticated ...)
 	NOT-FOR-US: IBM
 CVE-2016-3050
 	RESERVED
-CVE-2016-3049
+CVE-2016-3049 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to HTML inj ...)
 	NOT-FOR-US: IBM
-CVE-2016-3048
+CVE-2016-3048 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-si ...)
 	NOT-FOR-US: IBM
-CVE-2016-3047
+CVE-2016-3047 (Open redirect vulnerability in IBM FileNet Workplace 4.0.2 through 4.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-3046
+CVE-2016-3046 (IBM Security Access Manager for Web is vulnerable to SQL injection. A  ...)
 	NOT-FOR-US: IBM
-CVE-2016-3045
+CVE-2016-3045 (IBM Security Access Manager for Web stores sensitive information in UR ...)
 	NOT-FOR-US: IBM
-CVE-2016-3044
+CVE-2016-3044 (The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 an ...)
 	- linux 4.4.6-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www-01.ibm.com/support/docview.wss?uid=isg3T1023969
 	NOTE: http://www.securityfocus.com/bid/92123/info
-CVE-2016-3043
+CVE-2016-3043 (IBM Security Access Manager for Web could allow a remote attacker to o ...)
 	NOT-FOR-US: IBM
-CVE-2016-3042
+CVE-2016-3042 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSpher ...)
 	NOT-FOR-US: IBM
 CVE-2016-3041
 	RESERVED
-CVE-2016-3040
+CVE-2016-3040 (IBM WebSphere Application Server (WAS) Liberty, as used in IBM Securit ...)
 	NOT-FOR-US: IBM
-CVE-2016-3039
+CVE-2016-3039 (IBM Traveler 8.x and 9.x before 9.0.1.12 allows remote authenticated u ...)
 	NOT-FOR-US: IBM
-CVE-2016-3038
+CVE-2016-3038 (IBM Cognos TM1 10.1 and 10.2 is vulnerable to cross-site scripting. Th ...)
 	NOT-FOR-US: IBM
-CVE-2016-3037
+CVE-2016-3037 (IBM Cognos TM1 10.1 and 10.2 provides a service to return the victim's ...)
 	NOT-FOR-US: IBM
-CVE-2016-3036
+CVE-2016-3036 (IBM Cognos TM1 10.1 and 10.2 is vulnerable to a denial of service, cau ...)
 	NOT-FOR-US: IBM
-CVE-2016-3035
+CVE-2016-3035 (IBM AppScan Source could reveal some sensitive information through the ...)
 	NOT-FOR-US: IBM
-CVE-2016-3034
+CVE-2016-3034 (IBM AppScan Source uses a one-way hash without salt to encrypt highly  ...)
 	NOT-FOR-US: IBM
-CVE-2016-3033
+CVE-2016-3033 (IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated use ...)
 	NOT-FOR-US: IBM
-CVE-2016-3032
+CVE-2016-3032 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This  ...)
 	NOT-FOR-US: IBM
-CVE-2016-3031
+CVE-2016-3031 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This  ...)
 	NOT-FOR-US: IBM
 CVE-2016-3030
 	RESERVED
-CVE-2016-3029
+CVE-2016-3029 (IBM Security Access Manager for Web is vulnerable to cross-site reques ...)
 	NOT-FOR-US: IBM
-CVE-2016-3028
+CVE-2016-3028 (IBM Security Access Manager for Web 7.0 before IF2 and 8.0 before 8.0. ...)
 	NOT-FOR-US: IBM
-CVE-2016-3027
+CVE-2016-3027 (IBM Security Access Manager for Web is vulnerable to a denial of servi ...)
 	NOT-FOR-US: IBM
 CVE-2016-3026
 	RESERVED
-CVE-2016-3025
+CVE-2016-3025 (IBM Security Access Manager for Mobile 8.x before 8.0.1.4 IF3 and Secu ...)
 	NOT-FOR-US: IBM
-CVE-2016-3024
+CVE-2016-3024 (IBM Security Access Manager for Web allows web pages to be stored loca ...)
 	NOT-FOR-US: IBM
-CVE-2016-3023
+CVE-2016-3023 (IBM Security Access Manager for Web could allow an unauthenticated use ...)
 	NOT-FOR-US: IBM
-CVE-2016-3022
+CVE-2016-3022 (IBM Security Access Manager for Web could allow an authenticated user  ...)
 	NOT-FOR-US: IBM
-CVE-2016-3021
+CVE-2016-3021 (IBM Security Access Manager for Web could allow an authenticated attac ...)
 	NOT-FOR-US: IBM
-CVE-2016-3020
+CVE-2016-3020 (IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allo ...)
 	NOT-FOR-US: IBM
-CVE-2016-3019
+CVE-2016-3019 (IBM Security Access Manager for Web 9.0.0 uses weaker than expected cr ...)
 	NOT-FOR-US: IBM
-CVE-2016-3018
+CVE-2016-3018 (IBM Security Access Manager for Web is vulnerable to cross-site script ...)
 	NOT-FOR-US: IBM
-CVE-2016-3017
+CVE-2016-3017 (IBM Security Access Manager for Web could allow a remote attacker to o ...)
 	NOT-FOR-US: IBM
-CVE-2016-3016
+CVE-2016-3016 (IBM Security Access Manager for Web processes patches, image backups a ...)
 	NOT-FOR-US: IBM
-CVE-2016-3015
+CVE-2016-3015 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This  ...)
 	NOT-FOR-US: IBM
-CVE-2016-3014
+CVE-2016-3014 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
 	NOT-FOR-US: IBM
-CVE-2016-3013
+CVE-2016-3013 (IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ ...)
 	NOT-FOR-US: IBM
-CVE-2016-3012
+CVE-2016-3012 (IBM API Connect (aka APIConnect) before 5.0.3.0 with NPM before 2.2.8  ...)
 	NOT-FOR-US: IBM
 CVE-2016-3011
 	RESERVED
-CVE-2016-3010
+CVE-2016-3010 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connecti ...)
 	NOT-FOR-US: IBM
-CVE-2016-3009
+CVE-2016-3009 (Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-3008
+CVE-2016-3008 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connecti ...)
 	NOT-FOR-US: IBM
-CVE-2016-3007
+CVE-2016-3007 (Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.x ...)
 	NOT-FOR-US: IBM
-CVE-2016-3006
+CVE-2016-3006 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connecti ...)
 	NOT-FOR-US: IBM
-CVE-2016-3005
+CVE-2016-3005 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connecti ...)
 	NOT-FOR-US: IBM
-CVE-2016-3004
+CVE-2016-3004 (Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-3003
+CVE-2016-3003 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connecti ...)
 	NOT-FOR-US: IBM
-CVE-2016-3002
+CVE-2016-3002 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 a ...)
 	NOT-FOR-US: IBM
-CVE-2016-3001
+CVE-2016-3001 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connecti ...)
 	NOT-FOR-US: IBM
-CVE-2016-3000
+CVE-2016-3000 (The help service in IBM Connections 4.x through 4.5 CR5, 5.0 before CR ...)
 	NOT-FOR-US: IBM
-CVE-2016-2999
+CVE-2016-2999 (IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR ...)
 	NOT-FOR-US: IBM
-CVE-2016-2998
+CVE-2016-2998 (Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-2997
+CVE-2016-2997 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connecti ...)
 	NOT-FOR-US: IBM
-CVE-2016-2996
+CVE-2016-2996 (IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when Vi ...)
 	NOT-FOR-US: IBM
-CVE-2016-2995
+CVE-2016-2995 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connecti ...)
 	NOT-FOR-US: IBM
-CVE-2016-2994
+CVE-2016-2994 (Cross-site scripting (XSS) vulnerability in IBM UrbanCode Deploy 6.2.x ...)
 	NOT-FOR-US: IBM
 CVE-2016-2993
 	RESERVED
-CVE-2016-2992
+CVE-2016-2992 (IBM Infosphere BigInsights is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
-CVE-2016-2991
+CVE-2016-2991 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Prote ...)
 	NOT-FOR-US: IBM
 CVE-2016-2990
 	RESERVED
-CVE-2016-2989
+CVE-2016-2989 (Open redirect vulnerability in the Connections Portlets component 5.x  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2988
+CVE-2016-2988 (IBM Tivoli Storage Manger for Virtual Environments: Data Protection fo ...)
 	NOT-FOR-US: IBM
-CVE-2016-2987
+CVE-2016-2987 (An undisclosed vulnerability in CLM applications may result in some ad ...)
 	NOT-FOR-US: IBM
-CVE-2016-2986
+CVE-2016-2986 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
 	NOT-FOR-US: IBM
-CVE-2016-2985
+CVE-2016-2985 (IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and ...)
 	NOT-FOR-US: IBM
-CVE-2016-2984
+CVE-2016-2984 (IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and ...)
 	NOT-FOR-US: IBM
-CVE-2016-2983
+CVE-2016-2983 (IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remo ...)
 	NOT-FOR-US: IBM Tealeaf Customer Experience
 CVE-2016-2982
 	RESERVED
-CVE-2016-2981
+CVE-2016-2981 (An undisclosed vulnerability in the CLM applications in IBM Jazz Team  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2980
+CVE-2016-2980 (The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injecti ...)
 	NOT-FOR-US: IBM
-CVE-2016-2979
+CVE-2016-2979 (IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2978
+CVE-2016-2978 (IBM Sametime 8.5.2 and 9.0 could store potentially sensitive informati ...)
 	NOT-FOR-US: IBM
-CVE-2016-2977
+CVE-2016-2977 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user ...)
 	NOT-FOR-US: IBM
-CVE-2016-2976
+CVE-2016-2976 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invite ...)
 	NOT-FOR-US: IBM
-CVE-2016-2975
+CVE-2016-2975 (IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
-CVE-2016-2974
+CVE-2016-2974 (IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Ri ...)
 	NOT-FOR-US: IBM
-CVE-2016-2973
+CVE-2016-2973 (IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2972
+CVE-2016-2972 (IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of t ...)
 	NOT-FOR-US: IBM
-CVE-2016-2971
+CVE-2016-2971 (IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive infor ...)
 	NOT-FOR-US: IBM
-CVE-2016-2970
+CVE-2016-2970 (IBM Sametime 8.5 and 9.0 meetings server may provide detailed informat ...)
 	NOT-FOR-US: IBM
-CVE-2016-2969
+CVE-2016-2969 (IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that contai ...)
 	NOT-FOR-US: IBM
-CVE-2016-2968
+CVE-2016-2968 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remot ...)
 	NOT-FOR-US: IBM
-CVE-2016-2967
+CVE-2016-2967 (IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
-CVE-2016-2966
+CVE-2016-2966 (IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumer ...)
 	NOT-FOR-US: IBM
-CVE-2016-2965
+CVE-2016-2965 (IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2964
+CVE-2016-2964 (IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2963
+CVE-2016-2963 (Cross-site request forgery (CSRF) vulnerability in IBM BigFix Remote C ...)
 	NOT-FOR-US: IBM
 CVE-2016-2962
 	RESERVED
-CVE-2016-2961
+CVE-2016-2961 (The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2960
+CVE-2016-2960 (IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.0.x be ...)
 	NOT-FOR-US: IBM
-CVE-2016-2959
+CVE-2016-2959 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room m ...)
 	NOT-FOR-US: IBM
-CVE-2016-2958
+CVE-2016-2958 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 a ...)
 	NOT-FOR-US: IBM
-CVE-2016-2957
+CVE-2016-2957 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 a ...)
 	NOT-FOR-US: IBM
-CVE-2016-2956
+CVE-2016-2956 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connecti ...)
 	NOT-FOR-US: IBM
-CVE-2016-2955
+CVE-2016-2955 (Cross-site scripting (XSS) vulnerability in IBM Connections 5.0 before ...)
 	NOT-FOR-US: IBM
-CVE-2016-2954
+CVE-2016-2954 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connecti ...)
 	NOT-FOR-US: IBM
-CVE-2016-2953
+CVE-2016-2953 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 d ...)
 	NOT-FOR-US: IBM
-CVE-2016-2952
+CVE-2016-2952 (IBM BigFix Remote Control before 9.1.3 does not enable the HSTS protec ...)
 	NOT-FOR-US: IBM
-CVE-2016-2951
+CVE-2016-2951 (IBM BigFix Remote Control before 9.1.3 does not properly set the defau ...)
 	NOT-FOR-US: IBM
-CVE-2016-2950
+CVE-2016-2950 (SQL injection vulnerability in IBM BigFix Remote Control before 9.1.3  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2949
+CVE-2016-2949 (IBM BigFix Remote Control before 9.1.3 allows local users to obtain se ...)
 	NOT-FOR-US: IBM
-CVE-2016-2948
+CVE-2016-2948 (IBM BigFix Remote Control before 9.1.3 allows local users to discover  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2947
+CVE-2016-2947 (IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix1 ...)
 	NOT-FOR-US: IBM
-CVE-2016-2946
+CVE-2016-2946 (Stack-based buffer overflow in the ax Shared Libraries in the Agent in ...)
 	NOT-FOR-US: IBM
-CVE-2016-2945
+CVE-2016-2945 (The API Discovery implementation in IBM WebSphere Application Server ( ...)
 	NOT-FOR-US: IBM
-CVE-2016-2944
+CVE-2016-2944 (IBM BigFix Remote Control before 9.1.3 does not properly restrict fail ...)
 	NOT-FOR-US: IBM
-CVE-2016-2943
+CVE-2016-2943 (IBM BigFix Remote Control before 9.1.3 allows local users to obtain se ...)
 	NOT-FOR-US: IBM
-CVE-2016-2942
+CVE-2016-2942 (IBM UrbanCode Deploy could allow an authenticated attacker with specia ...)
 	NOT-FOR-US: IBM
-CVE-2016-2941
+CVE-2016-2941 (IBM UrbanCode Deploy creates temporary files during step execution tha ...)
 	NOT-FOR-US: IBM
-CVE-2016-2940
+CVE-2016-2940 (Multiple unspecified vulnerabilities in IBM BigFix Remote Control befo ...)
 	NOT-FOR-US: IBM
-CVE-2016-2939
+CVE-2016-2939 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability a ...)
 	NOT-FOR-US: IBM
-CVE-2016-2938
+CVE-2016-2938 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability a ...)
 	NOT-FOR-US: IBM
-CVE-2016-2937
+CVE-2016-2937 (IBM BigFix Remote Control before 9.1.3 allows remote attackers to obta ...)
 	NOT-FOR-US: IBM
-CVE-2016-2936
+CVE-2016-2936 (IBM BigFix Remote Control before 9.1.3 uses cleartext storage for unsp ...)
 	NOT-FOR-US: IBM
-CVE-2016-2935
+CVE-2016-2935 (The broker application in IBM BigFix Remote Control before 9.1.3 allow ...)
 	NOT-FOR-US: IBM
-CVE-2016-2934
+CVE-2016-2934 (Cross-site scripting (XSS) vulnerability in IBM BigFix Remote Control  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2933
+CVE-2016-2933 (Directory traversal vulnerability in IBM BigFix Remote Control before  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2932
+CVE-2016-2932 (IBM BigFix Remote Control before 9.1.3 allows remote attackers to cond ...)
 	NOT-FOR-US: IBM
-CVE-2016-2931
+CVE-2016-2931 (IBM BigFix Remote Control before 9.1.3 allows remote attackers to obta ...)
 	NOT-FOR-US: IBM
-CVE-2016-2930
+CVE-2016-2930 (IBM BigFix Remote Control 9.1.3 could allow a remote attacker to perfo ...)
 	NOT-FOR-US: IBM
-CVE-2016-2929
+CVE-2016-2929 (IBM BigFix Remote Control before 9.1.3 does not properly restrict pass ...)
 	NOT-FOR-US: IBM
-CVE-2016-2928
+CVE-2016-2928 (IBM BigFix Remote Control before 9.1.3 allows remote authenticated use ...)
 	NOT-FOR-US: IBM
-CVE-2016-2927
+CVE-2016-2927 (IBM BigFix Remote Control before 9.1.3 does not properly restrict the  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2926
+CVE-2016-2926 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
 	NOT-FOR-US: IBM
-CVE-2016-2925
+CVE-2016-2925 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-2924
+CVE-2016-2924 (IBM Infosphere BigInsights is vulnerable to cross-site scripting, caus ...)
 	NOT-FOR-US: IBM
-CVE-2016-2923
+CVE-2016-2923 (IBM WebSphere Application Server (WAS) 8.5 through 8.5.5.9 Liberty bef ...)
 	NOT-FOR-US: IBM
-CVE-2016-2922
+CVE-2016-2922 (IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (C ...)
 	NOT-FOR-US: IBM Rational ClearQuest
 CVE-2016-2921
 	RESERVED
@@ -23393,17 +23393,17 @@ CVE-2016-2919
 	RESERVED
 CVE-2016-2918
 	RESERVED
-CVE-2016-2917
+CVE-2016-2917 (The notifications component in IBM TRIRIGA Applications 10.4 and 10.5  ...)
 	NOT-FOR-US: IBM
 CVE-2016-2916
 	RESERVED
 CVE-2016-2915
 	RESERVED
-CVE-2016-2914
+CVE-2016-2914 (Unrestricted file upload vulnerability in the Document Builder in IBM  ...)
 	NOT-FOR-US: IBM
 CVE-2016-2913
 	RESERVED
-CVE-2016-2912
+CVE-2016-2912 (Cross-site scripting (XSS) vulnerability in the Document Builder in IB ...)
 	NOT-FOR-US: IBM
 CVE-2016-2911
 	RESERVED
@@ -23411,7 +23411,7 @@ CVE-2016-2910
 	RESERVED
 CVE-2016-2909
 	RESERVED
-CVE-2016-2908
+CVE-2016-2908 (IBM Single Sign On for Bluemix could allow a remote attacker to obtain ...)
 	NOT-FOR-US: IBM
 CVE-2016-2907
 	RESERVED
@@ -23425,7 +23425,7 @@ CVE-2016-2903
 	RESERVED
 CVE-2016-2902
 	RESERVED
-CVE-2016-2901
+CVE-2016-2901 (Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creato ...)
 	NOT-FOR-US: IBM
 CVE-2016-2900
 	RESERVED
@@ -23439,7 +23439,7 @@ CVE-2016-2896
 	RESERVED
 CVE-2016-2895
 	RESERVED
-CVE-2016-2894
+CVE-2016-2894 (IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 ...)
 	NOT-FOR-US: IBM
 CVE-2016-2893
 	RESERVED
@@ -23449,75 +23449,75 @@ CVE-2016-2891
 	RESERVED
 CVE-2016-2890
 	RESERVED
-CVE-2016-2889
+CVE-2016-2889 (Cross-site request forgery (CSRF) vulnerability in the Report Builder  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2888
+CVE-2016-2888 (Cross-site scripting (XSS) vulnerability in the Report Builder and Dat ...)
 	NOT-FOR-US: IBM
-CVE-2016-2887
+CVE-2016-2887 (IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for Microsoft .N ...)
 	NOT-FOR-US: IBM
 CVE-2016-2886
 	RESERVED
 CVE-2016-2885
 	RESERVED
-CVE-2016-2884
+CVE-2016-2884 (Cross-site request forgery (CSRF) vulnerability in IBM Forms Experienc ...)
 	NOT-FOR-US: IBM
-CVE-2016-2883
+CVE-2016-2883 (Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Pl ...)
 	NOT-FOR-US: IBM
-CVE-2016-2882
+CVE-2016-2882 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2. ...)
 	NOT-FOR-US: IBM
-CVE-2016-2881
+CVE-2016-2881 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 and QRada ...)
 	NOT-FOR-US: IBM
-CVE-2016-2880
+CVE-2016-2880 (IBM QRadar 7.2 stores the encryption key used to encrypt the service a ...)
 	NOT-FOR-US: IBM
-CVE-2016-2879
+CVE-2016-2879 (IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwo ...)
 	NOT-FOR-US: IBM
-CVE-2016-2878
+CVE-2016-2878 (Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRad ...)
 	NOT-FOR-US: IBM
-CVE-2016-2877
+CVE-2016-2877 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak ...)
 	NOT-FOR-US: IBM
-CVE-2016-2876
+CVE-2016-2876 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2875
+CVE-2016-2875 (IBM Security QRadar SIEM 7.1.x and 7.2.x before 7.2.7 allows remote au ...)
 	NOT-FOR-US: IBM
-CVE-2016-2874
+CVE-2016-2874 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandle ...)
 	NOT-FOR-US: IBM
-CVE-2016-2873
+CVE-2016-2873 (SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 ...)
 	NOT-FOR-US: IBM
-CVE-2016-2872
+CVE-2016-2872 (Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x be ...)
 	NOT-FOR-US: IBM
-CVE-2016-2871
+CVE-2016-2871 (IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses clea ...)
 	NOT-FOR-US: IBM
-CVE-2016-2870
+CVE-2016-2870 (Buffer overflow in the CLI on IBM WebSphere DataPower XC10 appliances  ...)
 	NOT-FOR-US: IBM
-CVE-2016-2869
+CVE-2016-2869 (Multiple cross-site scripting (XSS) vulnerabilities in the UI in IBM Q ...)
 	NOT-FOR-US: IBM
-CVE-2016-2868
+CVE-2016-2868 (IBM Security QRadar SIEM 7.2.x before 7.2.7 allows remote authenticate ...)
 	NOT-FOR-US: IBM
-CVE-2016-2867
+CVE-2016-2867 (IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 d ...)
 	NOT-FOR-US: IBM
-CVE-2016-2866
+CVE-2016-2866 (An unspecified vulnerability in IBM Jazz Team Server may disclose some ...)
 	NOT-FOR-US: IBM
-CVE-2016-2865
+CVE-2016-2865 (The GIT Integration component in IBM Rational Team Concert (RTC) 5.x b ...)
 	NOT-FOR-US: IBM
-CVE-2016-2864
+CVE-2016-2864 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
 	NOT-FOR-US: IBM
-CVE-2016-2863
+CVE-2016-2863 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Comme ...)
 	NOT-FOR-US: IBM
-CVE-2016-2862
+CVE-2016-2862 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-2861
+CVE-2016-2861 (IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1 ...)
 	NOT-FOR-US: IBM
-CVE-2016-2860
+CVE-2016-2860 (The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 a ...)
 	{DSA-3569-1 DLA-493-1}
 	- openafs 1.6.17-1
 	NOTE: http://git.openafs.org/?p=openafs.git;a=commitdiff;h=396240cf070a806b91fea81131d034e1399af1e0
 	NOTE: http://rt.central.org/rt/Ticket/Display.html?id=132822 (currently not public)
-CVE-2016-3154
+CVE-2016-3154 (The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2 ...)
 	{DSA-3518-1}
 	- spip 3.0.22-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/2
 	NOTE: patch https://core.spip.net/projects/spip/repository/revisions/22903
-CVE-2016-3153
+CVE-2016-3153 (SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 al ...)
 	{DSA-3518-1}
 	- spip 3.0.22-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/2
@@ -23527,20 +23527,20 @@ CVE-2016-XXXX [Cross-site scripting (XSS) vulnerability in cgit's "txt2html" fil
 	[jessie] - cgit 0.10.2.git2.0.1-3+deb8u1
 	NOTE: https://git.zx2c4.com/cgit/commit/filters/html-converters/txt2html?id=13c2d3df0440ce04273de3149631a9bd97490c6e
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/05/8
-CVE-2016-3172
+CVE-2016-3172 (SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier al ...)
 	{DLA-560-1}
 	- cacti 0.8.8g+ds1-2 (bug #818647)
 	[jessie] - cacti 0.8.8b+dfsg-8+deb8u5
 	NOTE: http://bugs.cacti.net/view.php?id=2667
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/13
 	NOTE: Requires authenticated user
-CVE-2016-3116
+CVE-2016-3116 (CRLF injection vulnerability in Dropbear SSH before 2016.72 allows rem ...)
 	- dropbear 2016.72-1
 	[jessie] - dropbear 2014.65-1+deb8u1
 	[wheezy] - dropbear <no-dsa> (Minor issue)
 	NOTE: https://matt.ucc.asn.au/dropbear/CHANGES
 	NOTE: Fixed in 2016.72 upstream
-CVE-2016-3115
+CVE-2016-3115 (Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSS ...)
 	{DLA-1500-1}
 	- openssh 1:7.2p2-1
 	[wheezy] - openssh <no-dsa> (Minor issue)
@@ -23548,7 +23548,7 @@ CVE-2016-3115
 	NOTE: Portable OpenSSH 7.2p2 contains a fix for this vulnerability.
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/8
 	NOTE: Upstream fix: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c.diff?r1=1.281&r2=1.282&sortby=date&f=h
-CVE-2016-3134
+CVE-2016-3134 (The netfilter subsystem in the Linux kernel through 4.5.2 does not val ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1
 	[wheezy] - linux <no-dsa> (Minor issue)
@@ -23558,7 +23558,7 @@ CVE-2016-3134
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/4
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/7
 	NOTE: Non-privileged user namespaces disabled by default, only vulnerable with sysctl kernel.unprivileged_userns_clone=1
-CVE-2016-3135
+CVE-2016-3135 (Integer overflow in the xt_alloc_table_info function in net/netfilter/ ...)
 	- linux 4.4.6-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -23567,70 +23567,70 @@ CVE-2016-3135
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/7
 CVE-2016-2859
 	REJECTED
-CVE-2016-3124
+CVE-2016-3124 (The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote at ...)
 	- simplesamlphp 1.14.1-1 (unimportant; bug #817162)
 	NOTE: https://simplesamlphp.org/security/201603-01
 	NOTE: Fixed upstream in 1.14.1
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/952027dd7f794ff4b2d4f5eddf549c5b5070fa38
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/08/4
 	NOTE: Not treated as a security issue, many components in Debian reveal the release in use
-CVE-2016-2855
+CVE-2016-2855 (The Huawei Mobile Broadband HL Service 22.001.25.00.03 and earlier use ...)
 	NOT-FOR-US: Huawei
 CVE-2016-2852
 	RESERVED
-CVE-2016-2851
+CVE-2016-2851 (Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms ...)
 	{DSA-3512-1}
 	- libotr 4.1.1-1 (bug #817799)
 	NOTE: https://lists.cypherpunks.ca/pipermail/otr-announce/2016-March/000062.html
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2016-001-libotr/
-CVE-2016-2850
+CVE-2016-2850 (Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signat ...)
 	- botan1.10 <not-affected> (Introduced in 1.11.0)
 	NOTE: Introduced in 1.11.0, fixed in 1.11.29
-CVE-2016-2849
+CVE-2016-2849 (Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-t ...)
 	{DSA-3565-1 DLA-449-1}
 	- botan1.10 1.10.13-1 (bug #822698)
 	NOTE: http://botan.randombit.net/security.html
 	NOTE: Introduced in 1.7.15, fixed in 1.10.13 and 1.11.29
 	NOTE: FIX https://github.com/randombit/botan/commit/bcf13fa153a11b3e0ad54e2af6962441cea3adf1
-CVE-2016-2848
+CVE-2016-2848 (ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remo ...)
 	{DLA-672-1}
 	- bind9 1:9.9.3.dfsg.P2-1 (bug #839051)
 	NOTE: https://kb.isc.org/article/AA-01433
 	NOTE: Fixed by https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=4adf97c32fcca7d00e5756607fd045f2aab9c3d4
-CVE-2016-2846
+CVE-2016-2846 (Siemens SIMATIC S7-1200 CPU devices before 4.0 allow remote attackers  ...)
 	NOT-FOR-US: Siemens SIMATIC S7-1200 CPU devices
-CVE-2016-2845
+CVE-2016-2845 (The Content Security Policy (CSP) implementation in Blink, as used in  ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-2844
+CVE-2016-2844 (WebKit/Source/core/layout/LayoutBlock.cpp in Blink, as used in Google  ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-2843
+CVE-2016-2843 (Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, a ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-3178
+CVE-2016-3178 (The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 ...)
 	{DLA-454-1}
 	- minissdpd 1.2.20130907-3.2 (bug #816759)
 	[jessie] - minissdpd 1.2.20130907-3+deb8u1
 	NOTE: https://speirofr.appspot.com/files/advisory/SPADV-2016-02.md
 	NOTE: https://github.com/miniupnp/miniupnp/commit/b238cade9a173c6f751a34acf8ccff838a62aa47
-CVE-2016-3179
+CVE-2016-3179 (The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 ...)
 	{DLA-454-1}
 	- minissdpd 1.2.20130907-3.2 (bug #816759)
 	[jessie] - minissdpd 1.2.20130907-3+deb8u1
 	NOTE: https://speirofr.appspot.com/files/advisory/SPADV-2016-02.md
 	NOTE: https://github.com/miniupnp/miniupnp/commit/140ee8d2204b383279f854802b27bdb41c1d5d1a
-CVE-2016-2842
+CVE-2016-2842 (The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 befo ...)
 	{DSA-3500-1}
 	- openssl 1.0.2g-1
 	NOTE: split from CVE-2016-0799
-CVE-2016-3142
+CVE-2016-3142 (The phar_parse_zipfile function in zip.c in the PHAR extension in PHP  ...)
 	{DLA-818-1}
 	- php5 5.6.19+dfsg-1
 	[jessie] - php5 5.6.19+dfsg-0+deb8u1
@@ -23640,7 +23640,7 @@ CVE-2016-3142
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/13/2
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=a6fdc5bb27b20d889de0cd29318b3968aabb57bd
-CVE-2016-3141
+CVE-2016-3141 (Use-after-free vulnerability in wddx.c in the WDDX extension in PHP be ...)
 	{DLA-818-1}
 	- php5 5.6.19+dfsg-1
 	[jessie] - php5 5.6.19+dfsg-0+deb8u1
@@ -23649,7 +23649,7 @@ CVE-2016-3141
 	NOTE: Fixed in 5.5.33, 5.6.19
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/13/1
-CVE-2016-2858
+CVE-2016-2858 (QEMU, when built with the Pseudo Random Number Generator (PRNG) back-e ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #817183)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -23661,16 +23661,16 @@ CVE-2016-2858
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/04/1
 CVE-2016-8000
 	REJECTED
-CVE-2016-2840
+CVE-2016-2840 (An issue was discovered in Open-Xchange Server 6 / OX AppSuite before  ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2016-2857
+CVE-2016-2857 (The net_checksum_calculate function in net/checksum.c in QEMU allows l ...)
 	{DLA-1599-1 DLA-574-1 DLA-573-1}
 	- qemu 1:2.6+dfsg-1 (bug #817182)
 	- qemu-kvm <removed>
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=362786f14a753d8a5256ef97d7c10ed576d6572b (v2.6.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1296567
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/03/9
-CVE-2016-2854
+CVE-2016-2854 (The aufs module for the Linux kernel 3.x and 4.x does not properly mai ...)
 	- linux 3.18-1~exp1
 	[jessie] - linux <ignored> (Not exploitable in default configuration)
 	[wheezy] - linux <not-affected> (Vulnerable code is not present)
@@ -23679,7 +23679,7 @@ CVE-2016-2854
 	NOTE: This depends on a user namespace creator being able to mount aufs.
 	NOTE: jessie: Unprivileged users are not allowed to create user namespaces by default; aufs is not allowed to be mounted from a new user namespace by default.
 	NOTE: wheezy: User namespaces are non-functional.
-CVE-2016-2853
+CVE-2016-2853 (The aufs module for the Linux kernel 3.x and 4.x does not properly res ...)
 	- linux 3.18-1~exp1
 	[jessie] - linux <ignored> (Not exploitable in default configuration)
 	[wheezy] - linux <not-affected> (Vulnerable code is not present)
@@ -23688,179 +23688,179 @@ CVE-2016-2853
 	NOTE: This depends on a user namespace creator being able to mount aufs.
 	NOTE: jessie: Unprivileged users are not allowed to create user namespaces by default; aufs is not allowed to be mounted from a new user namespace by default.
 	NOTE: wheezy: User namespaces are non-functional.
-CVE-2016-2839
+CVE-2016-2839 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux  ...)
 	- firefox <not-affected> (Uses gstreamer-ffmpeg/libav 1.0)
 	- firefox-esr <not-affected> (Uses gstreamer-ffmpeg/libav 1.0)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-65/
 	NOTE: Related patches https://hg.mozilla.org/mozilla-central/log?rev=Bug+1275339
-CVE-2016-2838
+CVE-2016-2838 (Heap-based buffer overflow in the nsBidi::BracketData::AddOpening func ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-64/
-CVE-2016-2837
+CVE-2016-2837 (Heap-based buffer overflow in the ClearKey Content Decryption Module ( ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-77/
-CVE-2016-2836
+CVE-2016-2836 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3686-1 DSA-3640-1 DLA-640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	- icedove 1:45.3.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/
-CVE-2016-2835
+CVE-2016-2835 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- icedove <not-affected> (Doesn't apply to Thunderbird ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/
-CVE-2016-2834
+CVE-2016-2834 (Mozilla Network Security Services (NSS) before 3.23, as used in Mozill ...)
 	{DSA-3688-1 DLA-527-1}
 	- nss 2:3.23-1
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- firefox 47.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-61/
-CVE-2016-2833
+CVE-2016-2833 (Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) dire ...)
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- firefox 47.0-1
-CVE-2016-2832
+CVE-2016-2832 (Mozilla Firefox before 47.0 allows remote attackers to discover the li ...)
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- firefox 47.0-1
-CVE-2016-2831
+CVE-2016-2831 (Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not en ...)
 	{DSA-3600-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
-CVE-2016-2830
+CVE-2016-2830 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve  ...)
 	{DSA-3640-1 DLA-585-1}
 	- firefox 48.0-1
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-63/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1342897
-CVE-2016-2829
+CVE-2016-2829 (Mozilla Firefox before 47.0 allows remote attackers to spoof permissio ...)
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- firefox 47.0-1
-CVE-2016-2828
+CVE-2016-2828 (Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefo ...)
 	{DSA-3600-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
-CVE-2016-2827
+CVE-2016-2827 (The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox be ...)
 	- firefox 49.0-1
 	- firefox-esr <not-affected> (Doesn't affect ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
-CVE-2016-2826
+CVE-2016-2826 (The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR ...)
 	- firefox-esr <not-affected> (Only affects Windows)
 	- firefox <not-affected> (Only affects Windows)
-CVE-2016-2825
+CVE-2016-2825 (Mozilla Firefox before 47.0 allows remote attackers to bypass the Same ...)
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- firefox 47.0-1
-CVE-2016-2824
+CVE-2016-2824 (The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox befor ...)
 	- firefox-esr <not-affected> (Only affects Windows)
 	- firefox <not-affected> (Only affects Windows)
 CVE-2016-2823
 	RESERVED
-CVE-2016-2822
+CVE-2016-2822 (Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow rem ...)
 	{DSA-3600-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
-CVE-2016-2821
+CVE-2016-2821 (Use-after-free vulnerability in the mozilla::dom::Element class in Moz ...)
 	{DSA-3600-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
-CVE-2016-2820
+CVE-2016-2820 (The Firefox Health Reports (aka FHR or about:healthreport) feature in  ...)
 	- iceweasel <not-affected> (Only Firefox 46)
 	- firefox-esr <not-affected> (Only Firefox 46)
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-48/
-CVE-2016-2819
+CVE-2016-2819 (Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox  ...)
 	{DSA-3600-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
-CVE-2016-2818
+CVE-2016-2818 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3647-1 DSA-3600-1 DLA-572-1 DLA-521-1}
 	- firefox-esr 45.2.0esr-1
 	- firefox 47.0-1
 	- icedove 1:45.2.0-1
-CVE-2016-2817
+CVE-2016-2817 (The WebExtension sandbox feature in browser/components/extensions/ext- ...)
 	- iceweasel <not-affected> (Only Firefox 46)
 	- firefox-esr <not-affected> (Only Firefox 46)
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-46/
-CVE-2016-2816
+CVE-2016-2816 (Mozilla Firefox before 46.0 allows remote attackers to bypass the Cont ...)
 	- iceweasel <not-affected> (Only Firefox 46)
 	- firefox-esr <not-affected> (Only Firefox 46)
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-45/
-CVE-2016-2815
+CVE-2016-2815 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
 	- firefox 47.0-1
-CVE-2016-2814
+CVE-2016-2814 (Heap-based buffer overflow in the stagefright::SampleTable::parseSampl ...)
 	{DSA-3559-1}
 	- iceweasel <removed>
 	- firefox-esr 45.1.0esr-1
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-44/
-CVE-2016-2813
+CVE-2016-2813 (Mozilla Firefox before 46.0 on Android does not properly restrict Java ...)
 	- iceweasel <not-affected> (Only Firefox on Android)
 	- firefox-esr <not-affected> (Only Firefox on Android)
 	- firefox <not-affected> (Only Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-43/
-CVE-2016-2812
+CVE-2016-2812 (Race condition in the get implementation in the ServiceWorkerManager c ...)
 	- iceweasel <not-affected> (Only Firefox 46)
 	- firefox-esr <not-affected> (Only Firefox 46)
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-42/
-CVE-2016-2811
+CVE-2016-2811 (Use-after-free vulnerability in the ServiceWorkerInfo class in the Ser ...)
 	- iceweasel <not-affected> (Only Firefox 46)
 	- firefox-esr <not-affected> (Only Firefox 46)
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-42/
-CVE-2016-2810
+CVE-2016-2810 (Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to  ...)
 	- iceweasel <not-affected> (Only Firefox on Android)
 	- firefox-esr <not-affected> (Only Firefox on Android)
 	- firefox <not-affected> (Only Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-41/
-CVE-2016-2809
+CVE-2016-2809 (The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 ...)
 	- iceweasel <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox on Windows)
 	- firefox <not-affected> (Only Firefox on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-40/
-CVE-2016-2808
+CVE-2016-2808 (The watch implementation in the JavaScript engine in Mozilla Firefox b ...)
 	{DSA-3559-1}
 	- iceweasel <removed>
 	- firefox-esr 45.1.0esr-1
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-47/
-CVE-2016-2807
+CVE-2016-2807 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3576-1 DSA-3559-1 DLA-472-1}
 	- iceweasel <removed>
 	- firefox-esr 45.1.0esr-1
 	- firefox 46.0-1
 	- icedove 1:45.1.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
-CVE-2016-2806
+CVE-2016-2806 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3601-1 DLA-519-1}
 	- iceweasel <not-affected> (Only Firefox 45.x)
 	- firefox-esr 45.1.0esr-1
 	- firefox 46.0-1
 	- icedove 1:45.1.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
-CVE-2016-2805
+CVE-2016-2805 (Unspecified vulnerability in the browser engine in Mozilla Firefox ESR ...)
 	{DSA-3576-1 DSA-3559-1 DLA-472-1}
 	- iceweasel <removed>
 	- firefox-esr <not-affected> (Only affects Firefox ESR 38.x)
 	- firefox <not-affected> (Only affects Firefox ESR 38.x)
 	- icedove 1:45.1.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
-CVE-2016-2804
+CVE-2016-2804 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <not-affected> (Only Firefox 46)
 	- firefox-esr <not-affected> (Only Firefox 46)
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
-CVE-2016-2803
+CVE-2016-2803 (Cross-site scripting (XSS) vulnerability in the dependency graphs in B ...)
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
-CVE-2016-2802
+CVE-2016-2802 (The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphit ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23868,7 +23868,7 @@ CVE-2016-2802
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2801
+CVE-2016-2801 (The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp i ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23876,7 +23876,7 @@ CVE-2016-2801
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2800
+CVE-2016-2800 (The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23884,7 +23884,7 @@ CVE-2016-2800
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2799
+CVE-2016-2799 (Heap-based buffer overflow in the graphite2::Slot::setAttr function in ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23892,7 +23892,7 @@ CVE-2016-2799
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2798
+CVE-2016-2798 (The graphite2::GlyphCache::Loader::Loader function in Graphite 2 befor ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23900,7 +23900,7 @@ CVE-2016-2798
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2797
+CVE-2016-2797 (The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 be ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23908,7 +23908,7 @@ CVE-2016-2797
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2796
+CVE-2016-2796 (Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code f ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23916,7 +23916,7 @@ CVE-2016-2796
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2795
+CVE-2016-2795 (The graphite2::FileFace::get_table_fn function in Graphite 2 before 1. ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23924,7 +23924,7 @@ CVE-2016-2795
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2794
+CVE-2016-2794 (The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphi ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23932,7 +23932,7 @@ CVE-2016-2794
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2793
+CVE-2016-2793 (CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox  ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23940,7 +23940,7 @@ CVE-2016-2793
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2792
+CVE-2016-2792 (The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23948,7 +23948,7 @@ CVE-2016-2792
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2791
+CVE-2016-2791 (The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6,  ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23956,7 +23956,7 @@ CVE-2016-2791
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2790
+CVE-2016-2790 (The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3 ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -23964,9 +23964,9 @@ CVE-2016-2790
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-2789
+CVE-2016-2789 (Cross-site scripting (XSS) vulnerability in the Web User Interface in  ...)
 	NOT-FOR-US: Citrix
-CVE-2016-2841
+CVE-2016-2841 (The ne2000_receive function in the NE2000 NIC emulation support (hw/ne ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #817181)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -23975,42 +23975,42 @@ CVE-2016-2841
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=415ab35a441eca767d033a2702223e785b9d5190 (v2.6.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1303106
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/02/8
-CVE-2016-2788
+CVE-2016-2788 (MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise ...)
 	- mcollective 2.12.0+dfsg-1 (bug #850968)
 	[jessie] - mcollective <no-dsa> (Minor issue)
 	[wheezy] - mcollective <no-dsa> (Minor issue)
 	NOTE: https://puppet.com/security/cve/cve-2016-2788
 	NOTE: https://github.com/puppetlabs/marionette-collective/commit/4918a0f136aea04452b48a1ba29eb9aabcf5c97d
-CVE-2016-2787
+CVE-2016-2787 (The Puppet Communications Protocol in Puppet Enterprise 2015.3.x befor ...)
 	- puppet <not-affected> (Specific to Puppet Enterprise)
-CVE-2016-2786
+CVE-2016-2786 (The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3  ...)
 	- puppet <not-affected> (pxp-agent not packaged in Debian)
 	NOTE: https://puppet.com/security/cve/cve-2016-2786
-CVE-2016-2785
+CVE-2016-2785 (Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before  ...)
 	- puppet <not-affected> (Vulnerable code only in 4.x)
 	NOTE: https://puppet.com/security/cve/cve-2016-2785
 	NOTE: https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2
-CVE-2016-2784
+CVE-2016-2784 (CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty Ca ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2016-2783
+CVE-2016-2783 (Avaya Fabric Connect Virtual Services Platform (VSP) Operating System  ...)
 	NOT-FOR-US: Avaya
-CVE-2016-2780
+CVE-2016-2780 (Untrusted search path vulnerability in Huawei UTPS before UTPS-V200R00 ...)
 	NOT-FOR-US: Huawei UTPS
 CVE-2016-2778
 	RESERVED
 CVE-2016-2777
 	REJECTED
-CVE-2016-2776
+CVE-2016-2776 (buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4- ...)
 	{DSA-3680-1 DLA-645-1}
 	[experimental] - bind9 1:9.10.4-P5-1
 	- bind9 1:9.10.3.dfsg.P4-11 (bug #839010)
 	NOTE: https://kb.isc.org/article/AA-01419
-CVE-2016-2775
+CVE-2016-2775 (ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x befo ...)
 	{DSA-3680-1 DLA-645-1}
 	[experimental] - bind9 1:9.10.4-P5-1
 	- bind9 1:9.10.3.dfsg.P4-11 (bug #831796)
 	NOTE: https://kb.isc.org/article/AA-01393/74/CVE-2016-2775
-CVE-2016-2774
+CVE-2016-2774 (ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 doe ...)
 	- isc-dhcp 4.3.4-1 (bug #817158)
 	[jessie] - isc-dhcp <no-dsa> (Minor issue)
 	[wheezy] - isc-dhcp <no-dsa> (Minor issue)
@@ -24425,13 +24425,13 @@ CVE-2016-XXXX [remote memory disclosure]
 	NOTE: fixed in 1.0.1
 	NOTE: https://nodesecurity.io/advisories/67
 	NOTE: nodejs not covered by security support
-CVE-2016-2782
+CVE-2016-2782 (The treo_attach function in drivers/usb/serial/visor.c in the Linux ke ...)
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux 3.2.78-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cac9b50b0d75a1d50d6c056ff65c005f3224c8e0 (v4.5-rc2)
-CVE-2016-2781
+CVE-2016-2781 (chroot in GNU coreutils, when used with --userspec, allows local users ...)
 	- coreutils <unfixed> (low; bug #816320)
 	[buster] - coreutils <ignored> (Minor issue)
 	[stretch] - coreutils <ignored> (Minor issue)
@@ -24440,7 +24440,7 @@ CVE-2016-2781
 	NOTE: Restricting ioctl on the kernel side seems the better approach, but rejected by Linux upstream
 	NOTE: Fixing this issue via setsid() would introduce regressions:
 	NOTE: https://www.kernel.org/pub/linux/utils/util-linux/v2.28/v2.28-ReleaseNotes
-CVE-2016-2779
+CVE-2016-2779 (runuser in util-linux allows local users to escape to the parent sessi ...)
 	- util-linux 2.31.1-0.1 (bug #815922)
 	[stretch] - util-linux <no-dsa> (Minor issue)
 	[jessie] - util-linux <no-dsa> (Minor issue)
@@ -24463,47 +24463,47 @@ CVE-2016-7575
 	REJECTED
 CVE-2016-2573
 	RESERVED
-CVE-2016-2567
+CVE-2016-2567 (secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXU ...)
 	NOT-FOR-US: Samsung
-CVE-2016-2566
+CVE-2016-2566 (Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devic ...)
 	NOT-FOR-US: Samsung
-CVE-2016-2565
+CVE-2016-2565 (Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devic ...)
 	NOT-FOR-US: Samsung
-CVE-2016-2564
+CVE-2016-2564 (Invision Power Services (IPS) Community Suite before 4.1.9 makes sessi ...)
 	NOT-FOR-US: Invision Power Services
-CVE-2016-2563
+CVE-2016-2563 (Stack-based buffer overflow in the SCP command-line utility in PuTTY b ...)
 	- putty 0.67-1 (bug #816921)
 	[jessie] - putty <no-dsa> (Minor issue)
 	[wheezy] - putty <no-dsa> (Minor issue)
 	NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html
 	NOTE: http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=bc6c15ab5f636e05b7e91883f0031a7e06117947
 	NOTE: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563
-CVE-2016-2562
+CVE-2016-2562 (The checkHTTP function in libraries/Config.class.php in phpMyAdmin 4.5 ...)
 	- phpmyadmin 4:4.5.5.1-1 (unimportant)
 	[jessie] - phpmyadmin <not-affected>
 	[wheezy] - phpmyadmin <not-affected>
 	NOTE: vulnerabilty is only in the test suite
-CVE-2016-2561
+CVE-2016-2561 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4. ...)
 	{DSA-3627-1}
 	- phpmyadmin 4:4.5.5.1-1
 	[wheezy] - phpmyadmin <not-affected>
-CVE-2016-2560
+CVE-2016-2560 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...)
 	{DSA-3627-1 DLA-481-1}
 	- phpmyadmin 4:4.5.5.1-1 (low)
 	NOTE: 7ddce5e39a4e12cd351732955394bc7055c280eb: file not present, vulnerability not found in wheezy
 	NOTE: 0667ea8ac7519d7e642eade2686dc393d5faeae3: vulnerability present in 3.4.3.1, but code mysteriously not found in wheezy
 	NOTE: fe3be9f4b9edd54dc39919e7dfeaaf4a67c1cf83: vulnerability introduced in 052fd61f (3.5.1)
 	NOTE: b8f1e0f325f8f32bd82af64111d8c2e9055a363c and 73c8245a3d1893a710447957e28dcfb18d9b47ad present in wheezy and later, patch in lists.debian.org/87lh4fpyap.fsf@angela.anarcat.ath.cx
-CVE-2016-2559
+CVE-2016-2559 (Cross-site scripting (XSS) vulnerability in the format function in lib ...)
 	- phpmyadmin 4:4.5.5.1-1 (low)
 	[jessie] - phpmyadmin <not-affected>
 	[wheezy] - phpmyadmin <not-affected>
-CVE-2016-2572
+CVE-2016-2572 (http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after ...)
 	- squid3 <not-affected> (Only affects 4.x)
 	- squid <not-affected> (Only affects 4.x)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
 	NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-14548.patch
-CVE-2016-2571
+CVE-2016-2571 (http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with  ...)
 	{DSA-3522-1 DLA-445-1}
 	- squid3 3.5.15-1 (bug #816011)
 	- squid <not-affected> (Vulnerable code not present)
@@ -24511,7 +24511,7 @@ CVE-2016-2571
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13990.patch
 	NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-14548.patch
 	NOTE: Upstream confirmed it does not affect squid 2.7.x
-CVE-2016-2570
+CVE-2016-2570 (The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x ...)
 	- squid3 3.5.15-1 (bug #816011)
 	[jessie] - squid3 <no-dsa> (Minor issue, needs substantial backporting; too intrusive to backport)
 	[wheezy] - squid3 <no-dsa> (Minor issue, needs substantial backporting; too intrusive to backport)
@@ -24522,7 +24522,7 @@ CVE-2016-2570
 	NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-14549.patch
 	NOTE: Upstream confirmed it does not affect squid 2.7.x
 	NOTE: It's maybe too instrusive to fix in 3.1 (squeeze and wheezy).
-CVE-2016-2569
+CVE-2016-2569 (Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append  ...)
 	- squid3 3.5.15-1 (bug #816011)
 	[jessie] - squid3 <no-dsa> (Minor issue; needs substantial backporting; too intrusive to backport)
 	[wheezy] - squid3 <no-dsa> (Minor issue; needs substantial backporting; too intrusive to backport)
@@ -24533,7 +24533,7 @@ CVE-2016-2569
 	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13999.patch
 	NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-14552.patch
 	NOTE: Upstream confirmed it does not affect squid 2.7.x
-CVE-2016-2568
+CVE-2016-2568 (pkexec, when used with --user nonpriv, allows local users to escape to ...)
 	- policykit-1 <unfixed> (low; bug #816062; bug #812512)
 	[buster] - policykit-1 <ignored> (Minor issue)
 	[stretch] - policykit-1 <ignored> (Minor issue)
@@ -24541,13 +24541,13 @@ CVE-2016-2568
 	[wheezy] - policykit-1 <ignored> (Minor issue)
 	NOTE: Restricting ioctl on the kernel side seems the better approach
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1300746
-CVE-2016-2558
+CVE-2016-2558 (The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2016-2557
+CVE-2016-2557 (The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2016-2556
+CVE-2016-2556 (The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2016-2555
+CVE-2016-2555 (SQL injection vulnerability in include/lib/mysql_connect.inc.php in AT ...)
 	NOT-FOR-US: ATutor
 CVE-2016-2553
 	REJECTED
@@ -24555,7 +24555,7 @@ CVE-2016-2552
 	RESERVED
 CVE-2016-2551
 	RESERVED
-CVE-2016-3191
+CVE-2016-3191 (The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39  ...)
 	{DLA-441-1}
 	- pcre3 2:8.38-2 (bug #815921)
 	[jessie] - pcre3 2:8.35-3.3+deb8u3
@@ -24565,21 +24565,21 @@ CVE-2016-3191
 	NOTE: pcre2: http://vcs.pcre.org/pcre2?view=revision&revision=489
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1791
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1311503
-CVE-2016-3162
+CVE-2016-3162 (The File module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allows  ...)
 	{DSA-3498-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.43-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x and Drupal 8.x)
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3163
+CVE-2016-3163 (The XML-RPC system in Drupal 6.x before 6.38 and 7.x before 7.43 might ...)
 	{DSA-3498-1}
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3164
+CVE-2016-3164 (Drupal 6.x before 6.38, 7.x before 7.43, and 8.x before 8.0.4 might al ...)
 	{DSA-3498-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.43-1
@@ -24587,68 +24587,68 @@ CVE-2016-3164
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3165
+CVE-2016-3165 (The Form API in Drupal 6.x before 6.38 ignores access restrictions on  ...)
 	- drupal7 <not-affected> (Only affects Drupal 6)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3166
+CVE-2016-3166 (CRLF injection vulnerability in the drupal_set_header function in Drup ...)
 	- drupal7 <not-affected> (Only affects Drupal 6)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3167
+CVE-2016-3167 (Open redirect vulnerability in the drupal_goto function in Drupal 6.x  ...)
 	- drupal7 <not-affected> (Only affects Drupal 6)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3168
+CVE-2016-3168 (The System module in Drupal 6.x before 6.38 and 7.x before 7.43 might  ...)
 	{DSA-3498-1}
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3169
+CVE-2016-3169 (The User module in Drupal 6.x before 6.38 and 7.x before 7.43 allows r ...)
 	{DSA-3498-1}
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3170
+CVE-2016-3170 (The "have you forgotten your password" links in the User module in Dru ...)
 	{DSA-3498-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.43-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x and Drupal 8.x)
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-3171
+CVE-2016-3171 (Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before ...)
 	- drupal7 <not-affected> (Only affects Drupal 6)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
-CVE-2016-2541
+CVE-2016-2541 (Audacity before 2.1.2 allows remote attackers to cause a denial of ser ...)
 	- audacity 2.1.2-1 (unimportant)
 	[jessie] - audacity <not-affected> (Vulnerable code not present)
 	[wheezy] - audacity <not-affected> (vulnerable code not present)
 	NOTE: http://wiki.audacityteam.org/wiki/Release_Notes_2.1.2
 	NOTE: https://github.com/audacity/audacity/commit/85026f98958a8dcc09188be24a8db0385988e23f
 	NOTE: Crash in desktop application, no security impact
-CVE-2016-2540
+CVE-2016-2540 (Audacity before 2.1.2 allows remote attackers to cause a denial of ser ...)
 	{DLA-1277-1}
 	- audacity 2.1.2-1 (unimportant)
 	NOTE: http://wiki.audacityteam.org/wiki/Release_Notes_2.1.2
 	NOTE: https://github.com/audacity/audacity/commit/407c1dc4b209111e4dbb3eec88f333aa8f69094c
 	NOTE: https://github.com/audacity/audacity/commit/b5f2046286b266b10f87b764faa1586aee9c23ea
 	NOTE: Crash in desktop application, no security impact
-CVE-2016-2539
+CVE-2016-2539 (Cross-site request forgery (CSRF) vulnerability in install_modules.php ...)
 	NOT-FOR-US: ATutor
-CVE-2016-2550
+CVE-2016-2550 (The Linux kernel before 4.5 allows local users to bypass file-descript ...)
 	{DSA-3503-1}
 	- linux 4.4.4-1
 	- linux-2.6 <removed>
@@ -24656,152 +24656,152 @@ CVE-2016-2550
 	NOTE: Introduced by: https://git.kernel.org/linus/712f4aad406bb1ed67f3f98d04c044191f0ff593 (v4.5-rc1)
 	NOTE: Technically wheezy-security and squeeze-lts are not affected by this CVE since the fix for
 	NOTE: addressing CVE-2013-4312 was not applied.
-CVE-2016-2549
+CVE-2016-2549 (sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent ...)
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2ba1fe7a06d3624f9a7586d672b55f08f7c670f3 (v4.5-rc1)
-CVE-2016-2548
+CVE-2016-2548 (sound/core/timer.c in the Linux kernel before 4.4.1 retains certain li ...)
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d (v4.5-rc1)
-CVE-2016-2547
+CVE-2016-2547 (sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking  ...)
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d (v4.5-rc1)
-CVE-2016-2546
+CVE-2016-2546 (sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect  ...)
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af368027a49a751d6ff4ee9e3f9961f35bb4fede (v4.5-rc1)
-CVE-2016-2545
+CVE-2016-2545 (The snd_timer_interrupt function in sound/core/timer.c in the Linux ke ...)
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee8413b01045c74340aa13ad5bdf905de32be736 (v4.5-rc1)
-CVE-2016-2544
+CVE-2016-2544 (Race condition in the queue_delete function in sound/core/seq/seq_queu ...)
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3567eb6af614dac436c4b16a8d426f9faed639b3 (v4.5-rc1)
-CVE-2016-2543
+CVE-2016-2543 (The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientm ...)
 	{DSA-3503-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=030e2c78d3a91dd0d27fef37e91950dde333eba1 (v4.5-rc1)
-CVE-2016-2542
+CVE-2016-2542 (Untrusted search path vulnerability in Flexera InstallShield through 2 ...)
 	NOT-FOR-US: Flexera InstallShield
-CVE-2016-2537
+CVE-2016-2537 (The is-my-json-valid package before 2.12.4 for Node.js has an incorrec ...)
 	NOT-FOR-US: is-my-json-valid package for Node.js
-CVE-2016-2536
+CVE-2016-2536 (Multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise Vi ...)
 	NOT-FOR-US: SAP
 CVE-2016-2535
 	RESERVED
 CVE-2016-2534
 	RESERVED
-CVE-2016-4421
+CVE-2016-4421 (epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1 ...)
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-18.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-4420
+CVE-2016-4420 (The NFS dissector in Wireshark 2.x before 2.0.2 allows remote attacker ...)
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-17.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-4419
+CVE-2016-4419 (epan/dissectors/packet-spice.c in the SPICE dissector in Wireshark 2.x ...)
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-16.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-4418
+CVE-2016-4418 (epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1 ...)
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-15.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-4417
+CVE-2016-4417 (Off-by-one error in epan/dissectors/packet-gsm_abis_oml.c in the GSM A ...)
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-14.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-4416
+CVE-2016-4416 (epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wir ...)
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-13.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-4415
+CVE-2016-4415 (wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 2.x befo ...)
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-12.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2532
+CVE-2016-2532 (The dissect_llrp_parameters function in epan/dissectors/packet-llrp.c  ...)
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-11.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-2531
+CVE-2016-2531 (Off-by-one error in epan/dissectors/packet-rsl.c in the RSL dissector  ...)
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-10.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-2530
+CVE-2016-2530 (The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c i ...)
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-10.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-2529
+CVE-2016-2529 (The iseries_check_file_type function in wiretap/iseries.c in the iSeri ...)
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-09.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2528
+CVE-2016-2528 (The dissect_nhdr_extopt function in epan/dissectors/packet-lbmc.c in t ...)
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-08.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2527
+CVE-2016-2527 (wiretap/nettrace_3gpp_32_423.c in the 3GPP TS 32.423 Trace file parser ...)
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-07.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2526
+CVE-2016-2526 (epan/dissectors/packet-hiqnet.c in the HiQnet dissector in Wireshark 2 ...)
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-06.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2525
+CVE-2016-2525 (epan/dissectors/packet-http2.c in the HTTP/2 dissector in Wireshark 2. ...)
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-05.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2524
+CVE-2016-2524 (epan/dissectors/packet-x509af.c in the X.509AF dissector in Wireshark  ...)
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Only affects 2.0.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.0.x)
@@ -24809,13 +24809,13 @@ CVE-2016-2524
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-04.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2523
+CVE-2016-2523 (The dnp3_al_process_object function in epan/dissectors/packet-dnp.c in ...)
 	{DSA-3516-1}
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-03.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
-CVE-2016-2522
+CVE-2016-2522 (The dissect_ber_constrained_bitstring function in epan/dissectors/pack ...)
 	- wireshark 2.0.2+ga16e22e-1
 	[jessie] - wireshark <not-affected> (Only affects 2.0.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.0.x)
@@ -24823,42 +24823,42 @@ CVE-2016-2522
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-02.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
-CVE-2016-2521
+CVE-2016-2521 (Untrusted search path vulnerability in the WiresharkApplication class  ...)
 	- wireshark <not-affected> (Windows-specific)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-01.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
 CVE-2016-2520
 	RESERVED
-CVE-2016-2519
+CVE-2016-2519 (ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attac ...)
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-2518
+CVE-2016-2518 (The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x befor ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-2517
+CVE-2016-2517 (NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to  ...)
 	- ntp 1:4.2.8p7+dfsg-1 (unimportant)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	NOTE: not a security issue, anyone with the privileges for remote configuration can
 	NOTE: cause trouble anyway
-CVE-2016-2516
+CVE-2016-2516 (NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, all ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 CVE-2016-2514
 	RESERVED
-CVE-2016-2513
+CVE-2016-2513 (The password hasher in contrib/auth/hashers.py in Django before 1.8.10 ...)
 	{DSA-3544-1}
 	- python-django 1.9.4-1 (bug #816434)
 	NOTE: https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
-CVE-2016-2512
+CVE-2016-2512 (The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x  ...)
 	{DSA-3544-1}
 	- python-django 1.9.4-1 (bug #816434)
 	NOTE: https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
-CVE-2016-2538
+CVE-2016-2538 (Multiple integer overflows in the USB Net device emulator (hw/usb/dev- ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #815680)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -24871,227 +24871,227 @@ CVE-2016-2538
 	NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commit;h=fe3c546c5ff2a6210f9a4d8561cc64051ca8603e (v2.6.0-rc0)
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=6c9f886ceae5b998dc2b9af2bf77666941689bce (v0.10.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/3
-CVE-2016-2515
+CVE-2016-2515 (Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause ...)
 	NOT-FOR-US: NodeJS Hawk
-CVE-2016-2511
+CVE-2016-2511 (Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and earlier a ...)
 	{DSA-3490-1 DLA-428-1}
 	- websvn <removed>
-CVE-2016-2509
+CVE-2016-2509 (The password-sync feature on Belden Hirschmann Classic Platform switch ...)
 	NOT-FOR-US: Belden Hirschmann Classic Platform switches
-CVE-2016-2508
+CVE-2016-2508 (media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2507
+CVE-2016-2507 (Integer overflow in codecs/on2/h264dec/source/h264bsd_storage.c in lib ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-2506
+CVE-2016-2506 (DRMExtractor.cpp in libstagefright in mediaserver in Android 4.x befor ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-2505
+CVE-2016-2505 (mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x  ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-2504
+CVE-2016-2504 (The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5, 5X, 6 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2503
+CVE-2016-2503 (The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2502
+CVE-2016-2502 (drivers/usb/gadget/f_serial.c in the Qualcomm USB driver in Android be ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2501
+CVE-2016-2501 (The Qualcomm camera driver in Android before 2016-07-05 on Nexus 5X, 6 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2500
+CVE-2016-2500 (Activity Manager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, an ...)
 	NOT-FOR-US: Android
-CVE-2016-2499
+CVE-2016-2499 (AudioSource.cpp in libstagefright in mediaserver in Android 4.x before ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-2498
+CVE-2016-2498 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (201 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2497
+CVE-2016-2497 (services/core/java/com/android/server/pm/PackageManagerService.java in ...)
 	NOT-FOR-US: Android
-CVE-2016-2496
+CVE-2016-2496 (The Framework UI permission-dialog implementation in Android 6.x befor ...)
 	NOT-FOR-US: Android
-CVE-2016-2495
+CVE-2016-2495 (SampleTable.cpp in libstagefright in mediaserver in Android 4.x before ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-2494
+CVE-2016-2494 (Off-by-one error in sdcard/sdcard.c in Android 4.x before 4.4.4, 5.0.x ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-2493
+CVE-2016-2493 (The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nex ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2016-2492
+CVE-2016-2492 (The MediaTek power-management driver in Android before 2016-06-01 on A ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-2491
+CVE-2016-2491 (The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devic ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-2490
+CVE-2016-2490 (The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devic ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2016-2489
+CVE-2016-2489 (The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2488
+CVE-2016-2488 (The Qualcomm camera driver in Android before 2016-06-01 on Nexus 5, 5X ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2487
+CVE-2016-2487 (libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x befor ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-2486
+CVE-2016-2486 (mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x bef ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-2485
+CVE-2016-2485 (libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x befor ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-2484
+CVE-2016-2484 (libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x befor ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-2483
+CVE-2016-2483 (The mm-video-v4l2 venc component in mediaserver in Android 4.x before  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2482
+CVE-2016-2482 (The mm-video-v4l2 vdec component in mediaserver in Android 4.x before  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2481
+CVE-2016-2481 (The mm-video-v4l2 venc component in mediaserver in Android 4.x before  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2480
+CVE-2016-2480 (The mm-video-v4l2 vidc component in mediaserver in Android 4.x before  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2479
+CVE-2016-2479 (The mm-video-v4l2 vdec component in mediaserver in Android 4.x before  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2478
+CVE-2016-2478 (mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in And ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2477
+CVE-2016-2477 (mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in And ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2476
+CVE-2016-2476 (mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x bef ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-2475
+CVE-2016-2475 (The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nex ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2016-2474
+CVE-2016-2474 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X dev ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2473
+CVE-2016-2473 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (201 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2472
+CVE-2016-2472 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (201 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2471
+CVE-2016-2471 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (201 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2470
+CVE-2016-2470 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (201 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2469
+CVE-2016-2469 (The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6,  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2468
+CVE-2016-2468 (The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6 ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2467
+CVE-2016-2467 (The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2466
+CVE-2016-2466 (The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 devi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2465
+CVE-2016-2465 (The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2464
+CVE-2016-2464 (libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x be ...)
 	- libvpx 1.6.1-1
 	[jessie] - libvpx <not-affected> (libwebm not yet present)
 	[wheezy] - libvpx <not-affected> (libwebm not yet present)
 	NOTE: probably fixed earlier, but this was the version checked
-CVE-2016-2463
+CVE-2016-2463 (Multiple integer overflows in the h264dec component in libstagefright  ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-2462
+CVE-2016-2462 (OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 misha ...)
 	NOT-FOR-US: Android
-CVE-2016-2461
+CVE-2016-2461 (OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 misha ...)
 	NOT-FOR-US: Android
-CVE-2016-2460
+CVE-2016-2460 (mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x bef ...)
 	NOT-FOR-US: Android
-CVE-2016-2459
+CVE-2016-2459 (mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x bef ...)
 	NOT-FOR-US: Android
-CVE-2016-2458
+CVE-2016-2458 (The compose functionality in AOSP Mail in Android 5.0.x before 5.0.2,  ...)
 	NOT-FOR-US: Android
-CVE-2016-2457
+CVE-2016-2457 (server/pm/UserManagerService.java in Wi-Fi in Android 5.0.x before 5.0 ...)
 	NOT-FOR-US: Android
-CVE-2016-2456
+CVE-2016-2456 (The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One  ...)
 	NOT-FOR-US: Android
 CVE-2016-2455
 	REJECTED
-CVE-2016-2454
+CVE-2016-2454 (The Qualcomm hardware video codec in Android before 2016-05-01 on Nexu ...)
 	NOT-FOR-US: Android
-CVE-2016-2453
+CVE-2016-2453 (The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One  ...)
 	NOT-FOR-US: Android
-CVE-2016-2452
+CVE-2016-2452 (codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in Andro ...)
 	NOT-FOR-US: Android
-CVE-2016-2451
+CVE-2016-2451 (codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android ...)
 	NOT-FOR-US: Android
-CVE-2016-2450
+CVE-2016-2450 (codecs/on2/enc/SoftVPXEncoder.cpp in libstagefright in mediaserver in  ...)
 	NOT-FOR-US: Android
-CVE-2016-2449
+CVE-2016-2449 (services/camera/libcameraservice/device3/Camera3Device.cpp in mediaser ...)
 	NOT-FOR-US: Android
-CVE-2016-2448
+CVE-2016-2448 (media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in med ...)
 	NOT-FOR-US: Android
 CVE-2016-2447
 	REJECTED
-CVE-2016-2446
+CVE-2016-2446 (The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 device ...)
 	NOT-FOR-US: Android
-CVE-2016-2445
+CVE-2016-2445 (The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 device ...)
 	NOT-FOR-US: Android
-CVE-2016-2444
+CVE-2016-2444 (The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 device ...)
 	NOT-FOR-US: Android
-CVE-2016-2443
+CVE-2016-2443 (The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Ne ...)
 	NOT-FOR-US: Android
-CVE-2016-2442
+CVE-2016-2442 (The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, ...)
 	NOT-FOR-US: Android
-CVE-2016-2441
+CVE-2016-2441 (The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, ...)
 	NOT-FOR-US: Android
-CVE-2016-2440
+CVE-2016-2440 (libs/binder/IPCThreadState.cpp in Binder in Android 4.x before 4.4.4,  ...)
 	NOT-FOR-US: Android
-CVE-2016-2439
+CVE-2016-2439 (Buffer overflow in btif/src/btif_dm.c in Bluetooth in Android 4.x befo ...)
 	NOT-FOR-US: Android
 CVE-2016-2438
 	REJECTED
-CVE-2016-2437
+CVE-2016-2437 (The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 device ...)
 	NOT-FOR-US: Android
-CVE-2016-2436
+CVE-2016-2436 (The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 device ...)
 	NOT-FOR-US: Android
-CVE-2016-2435
+CVE-2016-2435 (The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 device ...)
 	NOT-FOR-US: Android
-CVE-2016-2434
+CVE-2016-2434 (The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 device ...)
 	NOT-FOR-US: Android
-CVE-2016-2433
+CVE-2016-2433 (The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphon ...)
 	NOT-FOR-US: Broadcom Wi-Fi driver for Android
-CVE-2016-2432
+CVE-2016-2432 (The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus ...)
 	NOT-FOR-US: Android
-CVE-2016-2431
+CVE-2016-2431 (The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus ...)
 	NOT-FOR-US: Android
-CVE-2016-2430
+CVE-2016-2430 (libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5 ...)
 	NOT-FOR-US: Android
-CVE-2016-2429
+CVE-2016-2429 (libFLAC/stream_decoder.c in mediaserver in Android 4.x before 4.4.4, 5 ...)
 	NOT-FOR-US: Android
-CVE-2016-2428
+CVE-2016-2428 (libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x before 4.4. ...)
 	NOT-FOR-US: Android
-CVE-2016-2427
+CVE-2016-2427 (** DISPUTED ** The AES-GCM specification in RFC 5084, as used in Andro ...)
 	NOT-FOR-US: Android
-CVE-2016-2426
+CVE-2016-2426 (server/content/ContentService.java in the Framework component in Andro ...)
 	NOT-FOR-US: Android
-CVE-2016-2425
+CVE-2016-2425 (mail/compose/ComposeActivity.java in AOSP Mail in Android 4.x before 4 ...)
 	NOT-FOR-US: Android
-CVE-2016-2424
+CVE-2016-2424 (server/content/SyncStorageEngine.java in SyncStorageEngine in Android  ...)
 	NOT-FOR-US: Android
-CVE-2016-2423
+CVE-2016-2423 (server/telecom/CallsManager.java in Telephony in Android 4.x before 4. ...)
 	NOT-FOR-US: Android
-CVE-2016-2422
+CVE-2016-2422 (Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5. ...)
 	NOT-FOR-US: Android
-CVE-2016-2421
+CVE-2016-2421 (Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 a ...)
 	NOT-FOR-US: Android
-CVE-2016-2420
+CVE-2016-2420 (rootdir/init.rc in Android 4.x before 4.4.4 does not ensure that the / ...)
 	NOT-FOR-US: Android
-CVE-2016-2419
+CVE-2016-2419 (media/libmedia/IDrm.cpp in mediaserver in Android 6.x before 2016-04-0 ...)
 	NOT-FOR-US: Android
-CVE-2016-2418
+CVE-2016-2418 (media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-0 ...)
 	NOT-FOR-US: Android
-CVE-2016-2417
+CVE-2016-2417 (media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, 5. ...)
 	NOT-FOR-US: Android
-CVE-2016-2416
+CVE-2016-2416 (libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before  ...)
 	NOT-FOR-US: Android
-CVE-2016-2415
+CVE-2016-2415 (exchange/eas/EasAutoDiscover.java in the Autodiscover implementation i ...)
 	NOT-FOR-US: Android
-CVE-2016-2414
+CVE-2016-2414 (The Minikin library in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, ...)
 	NOT-FOR-US: Android
-CVE-2016-2413
+CVE-2016-2413 (media/libmedia/IOMX.cpp in mediaserver in Android 5.0.x before 5.0.2,  ...)
 	NOT-FOR-US: Android
-CVE-2016-2412
+CVE-2016-2412 (include/core/SkPostConfig.h in Skia, as used in System_server in Andro ...)
 	NOT-FOR-US: Android
-CVE-2016-2411
+CVE-2016-2411 (A Qualcomm Power Management kernel driver in Android 6.x before 2016-0 ...)
 	NOT-FOR-US: Android
-CVE-2016-2410
+CVE-2016-2410 (A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows ...)
 	NOT-FOR-US: Android
-CVE-2016-2409
+CVE-2016-2409 (A Texas Instruments (TI) haptic kernel driver in Android 6.x before 20 ...)
 	NOT-FOR-US: Android
-CVE-2016-2408
+CVE-2016-2408 (An unspecified client-side component in Pulse Secure Desktop Client be ...)
 	NOT-FOR-US: Pulse Secure Desktop Client
 CVE-2016-2407
 	REJECTED
-CVE-2016-2406
+CVE-2016-2406 (The permission control module in Huawei Document Security Management ( ...)
 	NOT-FOR-US: Huawei
-CVE-2016-2405
+CVE-2016-2405 (Huawei Policy Center with software before V100R003C10SPC020 allows rem ...)
 	NOT-FOR-US: Huawei
-CVE-2016-2404
+CVE-2016-2404 (Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SP ...)
 	NOT-FOR-US: Huawei
-CVE-2016-2403
+CVE-2016-2403 (Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to b ...)
 	{DSA-4262-1}
 	- symfony 2.8.6+dfsg-1
 	[jessie] - symfony <not-affected> (Vulnerable code not present)
@@ -25100,43 +25100,43 @@ CVE-2016-2403
 	NOTE: CVE-2018-11407. Complete fix as per
 	NOTE: https://github.com/symfony/symfony/pull/26589
 	NOTE: https://github.com/symfony/symfony/commit/2f5bd18d82f4a8911d549d14c72bf935602834a9
-CVE-2016-2510
+CVE-2016-2510 (BeanShell (bsh) before 2.0b6, when included on the classpath by an app ...)
 	{DSA-3504-1 DLA-443-1}
 	- bsh 2.0b4-16
 	NOTE: https://github.com/beanshell/beanshell/releases/tag/2.0b6
 	NOTE: https://github.com/beanshell/beanshell/commit/7c68fde2d6fc65e362f20863d868c112a90a9b49
 	NOTE: https://github.com/beanshell/beanshell/commit/1ccc66bb693d4e46a34a904db8eeff07808d2ced
-CVE-2016-2402
+CVE-2016-2402 (OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle atta ...)
 	NOT-FOR-US: OkHttp
 CVE-2016-2401
 	RESERVED
 CVE-2016-2400
 	RESERVED
-CVE-2016-2399
+CVE-2016-2399 (Integer overflow in the quicktime_read_pascal function in libquicktime ...)
 	{DSA-3800-1 DLA-844-1}
 	- libquicktime 2:1.2.4-10 (bug #855099)
 	NOTE: PoC: http://www.nemux.org/2016/02/23/libquicktime-1-2-4/
-CVE-2016-2398
+CVE-2016-2398 (Comcast XFINITY Home Security System does not properly maintain base-s ...)
 	NOT-FOR-US: XFINITY
-CVE-2016-2397
+CVE-2016-2397 (The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA  ...)
 	NOT-FOR-US: Dell
-CVE-2016-2396
+CVE-2016-2396 (The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analy ...)
 	NOT-FOR-US: Dell
 CVE-2016-2395
 	RESERVED
 CVE-2016-2394
 	RESERVED
-CVE-2016-2393
+CVE-2016-2393 (Lenovo Fingerprint Manager before 8.01.57 and Touch Fingerprint before ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-2389
+CVE-2016-2389 (Directory traversal vulnerability in the GetFileList function in the S ...)
 	NOT-FOR-US: SAP
-CVE-2016-2388
+CVE-2016-2388 (The Universal Worklist Configuration in SAP NetWeaver 7.4 allows remot ...)
 	NOT-FOR-US: SAP
-CVE-2016-2387
+CVE-2016-2387 (Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy  ...)
 	NOT-FOR-US: SAP
-CVE-2016-2386
+CVE-2016-2386 (SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE E ...)
 	NOT-FOR-US: SAP
-CVE-2016-2392
+CVE-2016-2392 (The is_rndis function in the USB Net device emulator (hw/usb/dev-netwo ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #815008)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -25146,7 +25146,7 @@ CVE-2016-2392
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=80eecda8e5d09c442c24307f340840a5b70ea3b9 (v2.6.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1302299
-CVE-2016-2391
+CVE-2016-2391 (The ohci_bus_start function in the USB OHCI emulation support (hw/usb/ ...)
 	{DLA-1599-1}
 	- qemu 1:2.6+dfsg-1 (bug #815009)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -25157,62 +25157,62 @@ CVE-2016-2391
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=fa1298c2d623522eda7b4f1f721fcb935abb7360 (v2.6.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1304794
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/16/2
-CVE-2016-2390
+CVE-2016-2390 (The FwdState::connectedToPeer method in FwdState.cc in Squid before 3. ...)
 	- squid <removed> (unimportant)
 	- squid3 3.5.14-1 (unimportant)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_1.txt
 	NOTE: Only affects custom builds with --enable-ssl (disabled for license purposes in Debian)
 CVE-2016-2382
 	RESERVED
-CVE-2016-2381
+CVE-2016-2381 (Perl might allow context-dependent attackers to bypass the taint prote ...)
 	{DSA-3501-1}
 	- perl 5.22.1-8
 	NOTE: http://perl5.git.perl.org/perl.git/commitdiff/ae37b791a73a9e78dedb89fb2429d2628cf58076
-CVE-2016-2380
+CVE-2016-2380 (An information leak exists in the handling of the MXIT protocol in Pid ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0123/
 	NOTE: http://www.pidgin.im/news/security/?id=96
 	NOTE: https://bitbucket.org/pidgin/main/commits/8172584fd640
-CVE-2016-2379
+CVE-2016-2379 (The Mxit protocol uses weak encryption when encrypting user passwords, ...)
 	NOTE: Mentioned at http://www.pidgin.im/news/security/?id=96 without further details
-CVE-2016-2378
+CVE-2016-2378 (A buffer overflow vulnerability exists in the handling of the MXIT pro ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0120/
 	NOTE: http://www.pidgin.im/news/security/?id=94
 	NOTE: https://bitbucket.org/pidgin/main/commits/06278419c703
-CVE-2016-2377
+CVE-2016-2377 (A buffer overflow vulnerability exists in the handling of the MXIT pro ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0119/
 	NOTE: http://www.pidgin.im/news/security/?id=93
 	NOTE: https://bitbucket.org/pidgin/main/commits/0f94ef13ab37
-CVE-2016-2376
+CVE-2016-2376 (A buffer overflow vulnerability exists in the handling of the MXIT pro ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0118/
 	NOTE: http://www.pidgin.im/news/security/?id=92
 	NOTE: https://bitbucket.org/pidgin/main/commits/19f89eda8587
-CVE-2016-2375
+CVE-2016-2375 (An exploitable out-of-bounds read exists in the handling of the MXIT p ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0143/
 	NOTE: http://www.pidgin.im/news/security/?id=108
 	NOTE: https://bitbucket.org/pidgin/main/commits/b786e9814536
-CVE-2016-2374
+CVE-2016-2374 (An exploitable memory corruption vulnerability exists in the handling  ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0142/
 	NOTE: http://www.pidgin.im/news/security/?id=107
 	NOTE: https://bitbucket.org/pidgin/main/commits/f6c08d962618
-CVE-2016-2373
+CVE-2016-2373 (A denial of service vulnerability exists in the handling of the MXIT p ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0141/
 	NOTE: http://www.pidgin.im/news/security/?id=106
 	NOTE: https://bitbucket.org/pidgin/main/commits/e6159ad42c4c
-CVE-2016-2372
+CVE-2016-2372 (An information leak exists in the handling of the MXIT protocol in Pid ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0140/
@@ -25220,13 +25220,13 @@ CVE-2016-2372
 	NOTE: https://bitbucket.org/pidgin/main/commits/5e3601f8bde4
 	NOTE: https://bitbucket.org/pidgin/main/commits/1c5197a66760
 	NOTE: https://bitbucket.org/pidgin/main/commits/648f667a679c
-CVE-2016-2371
+CVE-2016-2371 (An out-of-bounds write vulnerability exists in the handling of the MXI ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0139/
 	NOTE: http://www.pidgin.im/news/security/?id=104
 	NOTE: https://bitbucket.org/pidgin/main/commits/f0287378203fbf496a9890bf273d96adefb93b74
-CVE-2016-2370
+CVE-2016-2370 (A denial of service vulnerability exists in the handling of the MXIT p ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0138/
@@ -25234,19 +25234,19 @@ CVE-2016-2370
 	NOTE: https://bitbucket.org/pidgin/main/commits/5e3601f8bde4
 	NOTE: https://bitbucket.org/pidgin/main/commits/1c5197a66760
 	NOTE: https://bitbucket.org/pidgin/main/commits/648f667a679c
-CVE-2016-2369
+CVE-2016-2369 (A NULL pointer dereference vulnerability exists in the handling of the ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0137/
 	NOTE: http://www.pidgin.im/news/security/?id=102
-CVE-2016-2368
+CVE-2016-2368 (Multiple memory corruption vulnerabilities exist in the handling of th ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0136/
 	NOTE: http://www.pidgin.im/news/security/?id=101
 	NOTE: https://bitbucket.org/pidgin/main/commits/60f95045db42
 	NOTE: https://bitbucket.org/pidgin/main/commits/f6efc254e947
-CVE-2016-2367
+CVE-2016-2367 (An information leak exists in the handling of the MXIT protocol in Pid ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0135/
@@ -25254,23 +25254,23 @@ CVE-2016-2367
 	NOTE: https://bitbucket.org/pidgin/main/commits/5e3601f8bde4
 	NOTE: https://bitbucket.org/pidgin/main/commits/1c5197a66760
 	NOTE: https://bitbucket.org/pidgin/main/commits/648f667a679c
-CVE-2016-2366
+CVE-2016-2366 (A denial of service vulnerability exists in the handling of the MXIT p ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0134/
 	NOTE: http://www.pidgin.im/news/security/?id=99
 	NOTE: https://bitbucket.org/pidgin/main/commits/abdc3025f6b8
-CVE-2016-2365
+CVE-2016-2365 (A denial of service vulnerability exists in the handling of the MXIT p ...)
 	{DSA-3620-1 DLA-542-1}
 	- pidgin 2.11.0-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0133/
 	NOTE: http://www.pidgin.im/news/security/?id=98
 	NOTE: https://bitbucket.org/pidgin/main/commits/1c4acc6977a8686ad980e5b820327c9c47dbeaca
-CVE-2016-2364
+CVE-2016-2364 (The Chrome HUDweb plugin before 2016-05-05 for Fonality (previously tr ...)
 	NOT-FOR-US: Fonality
-CVE-2016-2363
+CVE-2016-2363 (Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 ...)
 	NOT-FOR-US: Fonality
-CVE-2016-2362
+CVE-2016-2362 (Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 ...)
 	NOT-FOR-US: Fonality
 CVE-2016-2361
 	RESERVED
@@ -25284,44 +25284,44 @@ CVE-2016-2357
 	RESERVED
 CVE-2016-2356
 	RESERVED
-CVE-2016-2355
+CVE-2016-2355 (SQL injection vulnerability in the REST API in dotCMS before 3.3.2 all ...)
 	NOT-FOR-US: dotCMS
-CVE-2016-2354
+CVE-2016-2354 (The Bluetooth functionality in Lemur Vehicle Monitors BlueDriver befor ...)
 	NOT-FOR-US: Lemur Vehicle Monitors BlueDriver
-CVE-2016-2353
+CVE-2016-2353 (The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows  ...)
 	NOT-FOR-US: Accellion
-CVE-2016-2352
+CVE-2016-2352 (The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows  ...)
 	NOT-FOR-US: Accellion
-CVE-2016-2351
+CVE-2016-2351 (SQL injection vulnerability in home/seos/courier/security_key2.api on  ...)
 	NOT-FOR-US: Accellion
-CVE-2016-2350
+CVE-2016-2350 (Multiple cross-site scripting (XSS) vulnerabilities on the Accellion F ...)
 	NOT-FOR-US: Accellion
-CVE-2016-2349
+CVE-2016-2349 (Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 ...)
 	NOT-FOR-US: BMC
 CVE-2016-2348
 	RESERVED
-CVE-2016-2347
+CVE-2016-2347 (Integer underflow in the decode_level3_header function in lib/lha_file ...)
 	{DSA-3540-1}
 	- lhasa 0.3.1-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0095/
-CVE-2016-2346
+CVE-2016-2346 (Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unver ...)
 	NOT-FOR-US: Allround Automations
-CVE-2016-2345
+CVE-2016-2345 (Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in Solar ...)
 	NOT-FOR-US: SolarWinds DameWare Mini Remote Control
-CVE-2016-2344
+CVE-2016-2344 (Stack-based buffer overflow in manager.exe in Backburner Manager in Au ...)
 	NOT-FOR-US: Autodesk Backburner
-CVE-2016-2343
+CVE-2016-2343 (Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the  ...)
 	NOT-FOR-US: Patterson Dental Eaglesoft 17
-CVE-2016-2342
+CVE-2016-2342 (The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI p ...)
 	{DSA-3532-1}
 	- quagga 1.0.20160315-1 (bug #819179)
 	NOTE: http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=a3bc7e9400b214a0f078fdb19596ba54214a1442
 	NOTE: https://www.kb.cert.org/vuls/id/270232
 CVE-2016-2341
 	RESERVED
-CVE-2016-2340
+CVE-2016-2340 (The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows remot ...)
 	NOT-FOR-US: Granite
-CVE-2016-2339
+CVE-2016-2339 (An exploitable heap overflow vulnerability exists in the Fiddle::Funct ...)
 	{DLA-1421-1}
 	- ruby2.3 2.3.0-1
 	- ruby2.1 <removed> (bug #851161)
@@ -25331,46 +25331,46 @@ CVE-2016-2339
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/4977af3c3d54d27167bfc237f1b2802c40bddc10
 CVE-2016-2338
 	RESERVED
-CVE-2016-2337
+CVE-2016-2337 (Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Att ...)
 	{DLA-1480-1}
 	- ruby2.3 2.3.0-1
 	- ruby2.1 <removed> (bug #851161)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0031/
 	NOTE: https://github.com/ruby/ruby/commit/a2b8925a94a672235ca6a16e584bf09026a957ab
-CVE-2016-2336
+CVE-2016-2336 (Type confusion exists in two methods of Ruby's WIN32OLE class, ole_inv ...)
 	- ruby2.3 <not-affected> (Windows-specific)
 	- ruby2.1 <not-affected> (Windows-specific)
 	NOTE: Vulnerable win32ole ruby extension not included in binary packages, specific to Windows
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0029/
-CVE-2016-2335
+CVE-2016-2335 (The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9 ...)
 	{DSA-3599-1 DLA-510-1}
 	- p7zip 15.14.1+dfsg-2 (bug #824160)
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0094/
-CVE-2016-2334
+CVE-2016-2334 (Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZli ...)
 	- p7zip 15.14.1+dfsg-2 (bug #824160)
 	[jessie] - p7zip <not-affected> (Introduced in 9.32)
 	[wheezy] - p7zip <not-affected> (Introduced in 9.32)
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0093/
 	NOTE: https://twitter.com/_Icewall/status/739731922998448129
-CVE-2016-2333
+CVE-2016-2333 (SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with  ...)
 	NOT-FOR-US: SysLINK
-CVE-2016-2332
+CVE-2016-2332 (flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine (M2 ...)
 	NOT-FOR-US: SysLINK
-CVE-2016-2331
+CVE-2016-2331 (The web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular  ...)
 	NOT-FOR-US: SysLINK
-CVE-2016-2385
+CVE-2016-2385 (Heap-based buffer overflow in the encode_msg function in encode_msg.c  ...)
 	{DSA-3535-1}
 	- kamailio 4.3.4-2 (bug #815178)
 	NOTE: https://github.com/kamailio/kamailio/commit/f50c9c853e7809810099c970780c30b0765b0643
 	NOTE: https://census-labs.com/news/2016/03/30/kamailio-seas-heap-overflow/
-CVE-2016-2384
+CVE-2016-2384 (Double free vulnerability in the snd_usbmidi_create function in sound/ ...)
 	{DSA-3503-1 DLA-439-1}
 	- linux 4.4.2-1
 	- linux-2.6 <removed>
 	NOTE: Fixed by: https://git.kernel.org/linus/07d86ca93db7e5cdf4743564d98292042ec21af7 (v4.5-rc4)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/14/2
 	NOTE: https://xairy.github.io/blog/2016/cve-2016-2384
-CVE-2016-2383
+CVE-2016-2383 (The adjust_branches function in kernel/bpf/verifier.c in the Linux ker ...)
 	- linux 4.4.2-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -25390,7 +25390,7 @@ CVE-2016-XXXX [exec functions ignore length but look for NULL termination]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305494
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=c527549e899bf211aac7d8ab5ceb1bdfedf07f14
 	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
-CVE-2016-10712
+CVE-2016-10712 (In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all o ...)
 	{DLA-818-1}
 	- php5 5.6.18+dfsg-1
 	[jessie] - php5 5.6.19+dfsg-0+deb8u1
@@ -25414,36 +25414,36 @@ CVE-2016-XXXX [Integer overflow in iptcembed()]
 	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
 	- hhvm 3.12.1+dfsg-1
 	NOTE: https://github.com/facebook/hhvm/commit/381702ffbfdae170ba3fff97d6cc1b9c69666854
-CVE-2016-4348
+CVE-2016-4348 (The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows co ...)
 	{DSA-3584-1 DLA-477-1}
 	- librsvg 2.40.12-1
 	NOTE: https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2 (2.40.12)
 CVE-2016-4347
 	REJECTED
-CVE-2016-4346
+CVE-2016-4346 (Integer overflow in the str_pad function in ext/standard/string.c in P ...)
 	- php7.0 7.0.4-1
 	- php5 <not-affected> (Only affects PHP7.x)
 	NOTE: https://bugs.php.net/bug.php?id=71637
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=57b997ebf99e0eb9a073e0dafd2ab100bd4a112d
 	NOTE: Reproducer: second test script 2.php in upstream bugreport
-CVE-2016-4345
+CVE-2016-4345 (Integer overflow in the php_filter_encode_url function in ext/filter/s ...)
 	- php7.0 7.0.4-1
 	- php5 <not-affected> (Only affects PHP7.x)
 	NOTE: https://bugs.php.net/bug.php?id=71637
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=57b997ebf99e0eb9a073e0dafd2ab100bd4a112d
-CVE-2016-4344
+CVE-2016-4344 (Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in P ...)
 	- php7.0 7.0.4-1
 	- php5 <not-affected> (Only affects PHP7.x)
 	NOTE: https://bugs.php.net/bug.php?id=71637
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=57b997ebf99e0eb9a073e0dafd2ab100bd4a112d
-CVE-2016-4343
+CVE-2016-4343 (The phar_make_dirstream function in ext/phar/dirstream.c in PHP before ...)
 	{DLA-499-1}
 	- php7.0 7.0.3-1
 	- php5 5.6.18+dfsg-1
 	[jessie] - php5 5.6.18+dfsg-0+deb8u1
 	NOTE: https://bugs.php.net/bug.php?id=71331
 	NOTE: Fixed in 7.0.3, 5.6.18
-CVE-2016-4342
+CVE-2016-4342 (ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and  ...)
 	{DLA-818-1}
 	- php5 5.6.18+dfsg-1
 	[jessie] - php5 5.6.19+dfsg-0+deb8u1
@@ -25467,7 +25467,7 @@ CVE-2016-XXXX [NULL Pointer Dereference in phar_tar_setupmetadata()]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305540
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=1c1b8b69982375700d4b011eb89ea48b66dbd5aa
 	NOTE: Fixed in 5.6.18, 5.5.32, 7.0.3
-CVE-2016-2554
+CVE-2016-2554 (Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5. ...)
 	{DLA-818-1}
 	- php5 5.6.18+dfsg-1
 	[jessie] - php5 5.6.19+dfsg-0+deb8u1
@@ -25501,32 +25501,32 @@ CVE-2016-XXXX [Crash on bad SOAP request]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305551
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=4308c868f94df1f2b99e80038ba5ea1076d919a7
 	NOTE: Fixed in 5.6.18, 7.0.3
-CVE-2016-2330
+CVE-2016-2330 (libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a  ...)
 	- ffmpeg 2.8.6-1
 	- libav <not-affected> (Libav not affected according to upstream)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=03d83ba34b2070878909eae18dfac0f519503777
-CVE-2016-2329
+CVE-2016-2329 (libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate Ro ...)
 	- ffmpeg 2.8.6-1
 	- libav <not-affected> (Vulnerable code not present in any Libav version)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=89f464e9c229006e16f6bb5403c5529fdd0a9edd
-CVE-2016-2328
+CVE-2016-2328 (libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate ...)
 	- ffmpeg 2.8.6-1
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=ad3b6fa7d83db7de951ed891649af93a47e74be5
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=757248ea3cd917a7755cb15f817a9b1f15578718
-CVE-2016-2327
+CVE-2016-2327 (libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes i ...)
 	- ffmpeg 2.8.5-1
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f4c3e4b92212d98f5b9ca2dee13e076effe9589
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ec9c5ce8a753175244da971fed9f1e25aef7971
-CVE-2016-2326
+CVE-2016-2326 (Integer overflow in the asf_write_packet function in libavformat/asfen ...)
 	{DSA-3506-1}
 	- ffmpeg 2.8.5-1
 	- libav <removed>
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7c0b84d89911b2035161f5ef51aafbfcc84aa9e2
 CVE-2016-2325
 	RESERVED
-CVE-2016-2324
+CVE-2016-2324 (Integer overflow in Git before 2.7.4 allows remote attackers to execut ...)
 	{DSA-3521-1}
 	- git 1:2.8.0~rc3-1 (bug #818318)
 	NOTE: Removal of path_name: https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d (v2.8.0-rc0)
@@ -25543,117 +25543,117 @@ CVE-2016-2320
 	RESERVED
 CVE-2016-2319
 	RESERVED
-CVE-2016-2315
+CVE-2016-2315 (revision.c in git before 2.7.4 uses an incorrect integer data type, wh ...)
 	{DSA-3521-1}
 	- git 1:2.7.0-1 (bug #818318)
 	NOTE: https://github.com/git/git/commit/34fa79a6cde56d6d428ab0d3160cb094ebad3305 (v2.7.0-rc0)
 	- cgit <not-affected> (path_name function from embedded git is not called)
-CVE-2016-2314
+CVE-2016-2314 (GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200 ...)
 	NOT-FOR-US: Huawei
-CVE-2016-2318
+CVE-2016-2318 (GraphicsMagick 1.3.23 allows remote attackers to cause a denial of ser ...)
 	{DSA-3746-1 DLA-484-1}
 	- graphicsmagick 1.3.24-1 (bug #814732)
 	NOTE: Fixed by: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/e797bb0aec31
-CVE-2016-2317
+CVE-2016-2317 (Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attack ...)
 	{DSA-3746-1 DLA-484-1}
 	- graphicsmagick 1.3.24-1 (bug #814732)
 	NOTE: FIX http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/98394eb235a6
 	NOTE: FIX http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/52b59d2ef4a1
 	NOTE: FIX http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/44ed8318ba6a
-CVE-2016-2311
+CVE-2016-2311 (Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ...)
 	NOT-FOR-US: AlertWerks
-CVE-2016-2310
+CVE-2016-2310 (General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 swit ...)
 	NOT-FOR-US: GE Multilink devices
-CVE-2016-2309
+CVE-2016-2309 (iRZ RUH2 before 2b does not validate firmware patches, which allows re ...)
 	NOT-FOR-US: iRZ RUH2
-CVE-2016-2308
+CVE-2016-2308 (American Auto-Matrix Aspect-Nexus Building Automation Front-End Soluti ...)
 	NOT-FOR-US: American Auto-Matrix
-CVE-2016-2307
+CVE-2016-2307 (American Auto-Matrix Aspect-Nexus Building Automation Front-End Soluti ...)
 	NOT-FOR-US: American Auto-Matrix
-CVE-2016-2306
+CVE-2016-2306 (The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows re ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2305
+CVE-2016-2305 (Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5. ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2304
+CVE-2016-2304 (Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly f ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2303
+CVE-2016-2303 (CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2302
+CVE-2016-2302 (Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obta ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2301
+CVE-2016-2301 (SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522  ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2300
+CVE-2016-2300 (Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypa ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2299
+CVE-2016-2299 (SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522  ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2016-2298
+CVE-2016-2298 (Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows r ...)
 	NOT-FOR-US: Meteocontrol
-CVE-2016-2297
+CVE-2016-2297 (Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows r ...)
 	NOT-FOR-US: Meteocontrol
-CVE-2016-2296
+CVE-2016-2296 (Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not ...)
 	NOT-FOR-US: Meteocontrol
-CVE-2016-2295
+CVE-2016-2295 (Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, Mi ...)
 	NOT-FOR-US: Moxa
-CVE-2016-2294
+CVE-2016-2294 (The AXM-NET module in Accuenergy Acuvim II NET Firmware 3.08 and Acuvi ...)
 	NOT-FOR-US: Acuvim
-CVE-2016-2293
+CVE-2016-2293 (The AXM-NET module in Accuenergy Acuvim II NET Firmware 3.08 and Acuvi ...)
 	NOT-FOR-US: Acuvim
-CVE-2016-2292
+CVE-2016-2292 (Stack-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.00 ...)
 	NOT-FOR-US: Pro-face
-CVE-2016-2291
+CVE-2016-2291 (Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PF ...)
 	NOT-FOR-US: Pro-face
-CVE-2016-2290
+CVE-2016-2290 (Heap-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000 ...)
 	NOT-FOR-US: Pro-face
-CVE-2016-2289
+CVE-2016-2289 (Directory traversal vulnerability in ICONICS WebHMI 9 and earlier allo ...)
 	NOT-FOR-US: ICONICS WebHMI
 	NOT-FOR-US: ICONICS
-CVE-2016-2288
+CVE-2016-2288 (Cogent DataHub before 7.3.10 allows local users to gain privileges by  ...)
 	NOT-FOR-US: Cogent DataHub
-CVE-2016-2287
+CVE-2016-2287 (Cross-site scripting (XSS) vulnerability in XZERES 442SR OS on 442SR w ...)
 	NOT-FOR-US: XZERES
-CVE-2016-2286
+CVE-2016-2286 (Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, Mi ...)
 	NOT-FOR-US: Moxa
-CVE-2016-2285
+CVE-2016-2285 (Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4 ...)
 	NOT-FOR-US: Moxa
 CVE-2016-2284
 	REJECTED
-CVE-2016-2283
+CVE-2016-2283 (Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utili ...)
 	NOT-FOR-US: Moxa ioLogik E2200 devices
-CVE-2016-2282
+CVE-2016-2282 (Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utili ...)
 	NOT-FOR-US: Moxa ioLogik E2200 devices
-CVE-2016-2281
+CVE-2016-2281 (Untrusted search path vulnerability in ABB Panel Builder 800 5.1 allow ...)
 	NOT-FOR-US: ABB Panel Builder
-CVE-2016-2280
+CVE-2016-2280 (Buffer overflow in RDISERVER in Honeywell Uniformance Process History  ...)
 	NOT-FOR-US: Honeywell
-CVE-2016-2279
+CVE-2016-2279 (Cross-site scripting (XSS) vulnerability in the web server in Rockwell ...)
 	NOT-FOR-US: CompactLogix
-CVE-2016-2278
+CVE-2016-2278 (Schneider Electric Struxureware Building Operations Automation Server  ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2016-2277
+CVE-2016-2277 (IAB.exe in Rockwell Automation Integrated Architecture Builder (IAB) b ...)
 	NOT-FOR-US: Rockwell
 CVE-2016-2276
 	REJECTED
-CVE-2016-2275
+CVE-2016-2275 (The web interface on Advantech/B+B SmartWorx VESP211-EU devices with f ...)
 	NOT-FOR-US: SmartWorx
-CVE-2016-2274
+CVE-2016-2274 (An issue was discovered in Adcon Telemetry A850 Telemetry Gateway Base ...)
 	NOT-FOR-US: Adcon
 CVE-2016-2273
 	REJECTED
-CVE-2016-2272
+CVE-2016-2272 (Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attacke ...)
 	NOT-FOR-US: Eaton Lighting
-CVE-2016-2271
+CVE-2016-2271 (VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows ...)
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-170.html
-CVE-2016-2270
+CVE-2016-2270 (Xen 4.6.x and earlier allows local guest administrators to cause a den ...)
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-154.html
 CVE-2016-2269
 	RESERVED
-CVE-2016-2268
+CVE-2016-2268 (Dell SecureWorks app before 2.1 for iOS does not validate SSL certific ...)
 	NOT-FOR-US: Dell
 CVE-2016-2267
 	REJECTED
@@ -25697,15 +25697,15 @@ CVE-2016-2248
 	REJECTED
 CVE-2016-2247
 	REJECTED
-CVE-2016-2246
+CVE-2016-2246 (HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control pane ...)
 	NOT-FOR-US: HP ThinPro
-CVE-2016-2245
+CVE-2016-2245 (HP Support Assistant before 8.1.52.1 allows remote attackers to bypass ...)
 	NOT-FOR-US: HP Support Assistant
-CVE-2016-2244
+CVE-2016-2244 (HP LaserJet printers and MFPs and OfficeJet Enterprise printers with f ...)
 	NOT-FOR-US: HP LaserJet Printers
-CVE-2016-2243
+CVE-2016-2243 (Sure Start on HP Commercial PCs 2015 allows local users to cause a den ...)
 	NOT-FOR-US: HP Commercial PCs with Sure Start
-CVE-2016-2313
+CVE-2016-2313 (auth_login.php in Cacti before 0.8.8g allows remote authenticated user ...)
 	{DLA-560-1}
 	- cacti 0.8.8g+ds1-1 (bug #814353)
 	[jessie] - cacti 0.8.8b+dfsg-8+deb8u5
@@ -25715,7 +25715,7 @@ CVE-2016-2313
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=965930
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/09/3
 	NOTE: Only exploitable in non default setup
-CVE-2016-2312
+CVE-2016-2312 (Turning all screens off in Plasma-workspace and kscreenlocker while th ...)
 	- plasma-workspace 4:5.4.3-2 (bug #814355)
 	NOTE: Affects plasma-workspace < 5.5.0, kscreenlocker < 5.5.5
 	NOTE: kscreenlocker is only in experimental
@@ -25731,7 +25731,7 @@ CVE-2016-XXXX [Stack corruption from crafted pattern]
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1780
 	NOTE: Possibly introduced after http://vcs.pcre.org/pcre?view=revision&revision=1266
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1638 (8.39)
-CVE-2016-2242
+CVE-2016-2242 (Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers to execu ...)
 	NOT-FOR-US: Exponent CMS
 CVE-2016-2241
 	RESERVED
@@ -25749,21 +25749,21 @@ CVE-2016-2235
 	RESERVED
 CVE-2016-2234
 	RESERVED
-CVE-2016-2233
+CVE-2016-2233 (Stack-based buffer overflow in the inbound_cap_ls function in common/i ...)
 	- hexchat 2.12.0-1 (low)
 	[jessie] - hexchat <no-dsa> (Minor issue, requires connection to a malicious server)
 	NOTE: https://www.exploit-db.com/exploits/39657/
 	NOTE: https://github.com/hexchat/hexchat/issues/1934
 	NOTE: https://github.com/hexchat/hexchat/commit/4e061a43b3453a9856d34250c3913175c45afe9d
-CVE-2016-2231
+CVE-2016-2231 (The Windows-based Host Interface Program (WHIP) service on Huawei Smar ...)
 	NOT-FOR-US: Huawei
-CVE-2016-2230
+CVE-2016-2230 (OpenELEC and RasPlex devices have a hardcoded password for the root ac ...)
 	NOT-FOR-US: OpenELEC/ResPlex
 CVE-2016-2229
 	RESERVED
 CVE-2016-2227
 	RESERVED
-CVE-2016-2226
+CVE-2016-2226 (Integer overflow in the string_appends function in cplus-dem.c in libi ...)
 	{DLA-552-1}
 	- ht 2.1.0+repack1-1 (low; bug #840358)
 	[jessie] - ht <no-dsa> (Minor issue)
@@ -25779,57 +25779,57 @@ CVE-2016-2223
 	RESERVED
 CVE-2016-2220
 	RESERVED
-CVE-2016-2219
+CVE-2016-2219 (Cross-site scripting (XSS) vulnerability in the management interface i ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2016-2218
 	RESERVED
-CVE-2016-2224
+CVE-2016-2224 (The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before ...)
 	{DLA-561-1}
 	- uclibc <unfixed> (unimportant)
 	NOTE: Just for cross-compiling, not used for actual packages
 	NOTE: http://repo.or.cz/uclibc-ng.git/commit/d9c3a16dcab57d6b56225b9a67e9119cc9e2e4ac
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/05/2
-CVE-2016-2225
+CVE-2016-2225 (The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng bef ...)
 	{DLA-561-1}
 	- uclibc <unfixed> (unimportant)
 	NOTE: Just for cross-compiling, not used for actual packages
 	NOTE: http://repo.or.cz/uclibc-ng.git/commit/6932f2282ba0578d6ca2f21eead920d6b78bc93c
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/05/2
-CVE-2016-2216
+CVE-2016-2216 (The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6  ...)
 	- nodejs 4.3.0~dfsg-1 (unimportant)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/
 CVE-2016-2215
 	RESERVED
-CVE-2016-2214
+CVE-2016-2214 (Cross-site scripting (XSS) vulnerability in an unspecified portal auth ...)
 	NOT-FOR-US: Huawei
-CVE-2016-2212
+CVE-2016-2212 (The getOrderByStatusUrlKey function in the Mage_Rss_Helper_Order class ...)
 	NOT-FOR-US: Magento
-CVE-2016-2211
+CVE-2016-2211 (The AntiVirus Decomposer engine in Symantec Advanced Threat Protection ...)
 	NOT-FOR-US: Symantec
-CVE-2016-2210
+CVE-2016-2210 (Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in S ...)
 	NOT-FOR-US: Symantec
-CVE-2016-2209
+CVE-2016-2209 (Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Sy ...)
 	NOT-FOR-US: Symantec
-CVE-2016-2208
+CVE-2016-2208 (The kernel component in Symantec Anti-Virus Engine (AVE) 20151.1 befor ...)
 	NOT-FOR-US: Symantec
-CVE-2016-2207
+CVE-2016-2207 (The AntiVirus Decomposer engine in Symantec Advanced Threat Protection ...)
 	NOT-FOR-US: Symantec
-CVE-2016-2206
+CVE-2016-2206 (The management console in Symantec Workspace Streaming (SWS) 7.5.x bef ...)
 	NOT-FOR-US: Symantec
-CVE-2016-2205
+CVE-2016-2205 (Directory traversal vulnerability in the file-download configuration f ...)
 	NOT-FOR-US: Symantec
-CVE-2016-2204
+CVE-2016-2204 (The management console on Symantec Messaging Gateway (SMG) Appliance d ...)
 	NOT-FOR-US: Symantec
-CVE-2016-2203
+CVE-2016-2203 (The management console on Symantec Messaging Gateway (SMG) Appliance d ...)
 	NOT-FOR-US: Symantec
-CVE-2016-2202
+CVE-2016-2202 (The Inventory Solution component in the Management Agent in the client ...)
 	NOT-FOR-US: Symantec
-CVE-2016-2201
+CVE-2016-2201 (Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attacker ...)
 	NOTE: Siemens SIMATIC
-CVE-2016-2200
+CVE-2016-2200 (Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attacker ...)
 	NOTE: Siemens SIMATIC
-CVE-2016-4009
+CVE-2016-4009 (Integer overflow in the ImagingResampleHorizontal function in libImagi ...)
 	- pillow 3.1.1-1
 	[jessie] - pillow <not-affected>
 	- python-imaging <removed>
@@ -25839,7 +25839,7 @@ CVE-2016-4009
 	NOTE: Upstream confirmed that versions prior 2.7 are not vulnerable.
 	NOTE: https://github.com/python-pillow/Pillow/pull/1714
 	NOTE: https://github.com/python-pillow/Pillow/issues/1737
-CVE-2016-2232
+CVE-2016-2232 (Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before ...)
 	{DSA-3700-1}
 	- asterisk 1:13.7.2~dfsg-1
 	[wheezy] - asterisk <no-dsa> (Minor issue)
@@ -25849,7 +25849,7 @@ CVE-2016-2232
 	NOTE: issue was introduced in 2006 with commit 0f5e4e47, so squeeze and previous also vulnerable
 	NOTE: patch for 11 / jessie: https://code.asterisk.org/code/changelog/asterisk?cs=da2573a3779425654543d6ac4c4dd6871ce16720
 	NOTE: all versions vulnerable, backport required for wheezy
-CVE-2016-2316
+CVE-2016-2316 (chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and ...)
 	{DSA-3700-1}
 	- asterisk 1:13.7.2~dfsg-1
 	[wheezy] - asterisk <no-dsa> (Minor issue)
@@ -25859,7 +25859,7 @@ CVE-2016-2316
 	NOTE: issue introduced in ~2008 with the SIP timer support implementation (https://issues.asterisk.org/jira/browse/ASTERISK-4257 https://issues.asterisk.org/jira/browse/ASTERISK-5187), so squeeze also vulnerable
 	NOTE: patch for jessie / 11: https://code.asterisk.org/code/changelog/asterisk?cs=882e85388295eac8eebd0b82e71a9af0a769b41f
 	NOTE: all versions vulnerable, backport required for wheezy
-CVE-2016-2228
+CVE-2016-2228 (Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_me ...)
 	{DSA-3497-1}
 	- php-horde 5.2.9+debian0-1 (bug #813573)
 	NOTE: https://bugs.horde.org/ticket/14213
@@ -25869,47 +25869,47 @@ CVE-2016-2228
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/06/4
 CVE-2016-7028
 	REJECTED
-CVE-2016-2199
+CVE-2016-2199 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Orga ...)
 	NOT-FOR-US: Enterprise Manager in McAfee Vulnerability Manager
-CVE-2016-2213
+CVE-2016-2213 (The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpe ...)
 	- ffmpeg 7:2.8.6-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=0aada30510d809bccfd539a90ea37b61188f2cb4
-CVE-2016-2196
+CVE-2016-2196 (Heap-based buffer overflow in the P-521 reduction function in Botan 1. ...)
 	- botan1.10 <not-affected> (Introduced in 1.11.10)
 	NOTE: Introduced in 1.11.10, fixed in 1.11.27
 	NOTE: http://botan.randombit.net/security.html
-CVE-2016-2195
+CVE-2016-2195 (Integer overflow in the PointGFp constructor in Botan before 1.10.11 a ...)
 	{DSA-3565-1 DLA-449-1}
 	- botan1.10 1.10.12-1
 	NOTE: Introduced in 1.9.18, fixed in 1.11.27 and 1.10.11
 	NOTE: http://botan.randombit.net/security.html
-CVE-2016-2194
+CVE-2016-2194 (The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27  ...)
 	{DSA-3565-1 DLA-449-1}
 	- botan1.10 1.10.12-1
 	NOTE: Introduced in 1.7.15, fixed in 1.11.27 and 1.10.11
 	NOTE: http://botan.randombit.net/security.html
-CVE-2016-2193
+CVE-2016-2193 (PostgreSQL before 9.5.x before 9.5.2 does not properly maintain row-se ...)
 	- postgresql-9.5 9.5.2-1
 	- postgresql-9.4 <not-affected> (Only affects 9.5.x)
 	- postgresql-9.1 <not-affected> (Only affects 9.5.x)
 	- postgresql-8.4 <not-affected> (Only affects 9.5.x)
 	NOTE: http://www.postgresql.org/about/news/1656/
 	NOTE: http://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=db69e58a0642ef7fa46d62f6c4cf2460c3a1b41b
-CVE-2016-2192
+CVE-2016-2192 (PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to a ...)
 	- postgresql-pljava <removed>
 	[wheezy] - postgresql-pljava <no-dsa> (Minor issue)
-CVE-2016-2191
+CVE-2016-2191 (The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0. ...)
 	{DSA-3546-1}
 	- optipng 0.7.6-1 (bug #820068)
 	NOTE: https://sourceforge.net/p/optipng/bugs/59/
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/04/2
-CVE-2016-2190
+CVE-2016-2190 (Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x ...)
 	- moodle 2.7.13+dfsg-1
 CVE-2016-2189
 	REJECTED
-CVE-2016-2188
+CVE-2016-2188 (The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Li ...)
 	{DLA-922-1}
 	- linux 4.9.16-1
 	[jessie] - linux 3.16.43-1
@@ -25921,117 +25921,117 @@ CVE-2016-2188
 	NOTE: From kernel-sec triaging: the above commits only handles the case where there
 	NOTE: are zero endpoints, but not the case where there are some endpoints but none of the expected type.
 	NOTE: Fixed by: https://git.kernel.org/linus/b7321e81fc369abe353cf094d4f0dc2fe11ab95f (v4.11-rc2)
-CVE-2016-2187
+CVE-2016-2187 (The gtco_probe function in drivers/input/tablet/gtco.c in the Linux ke ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.2-1
 	NOTE: Upstream commit: https://git.kernel.org/linus/162f98dea487206d9ab79fc12ed64700667a894d (v4.6-rc5)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1317017
-CVE-2016-2186
+CVE-2016-2186 (The powermate_probe function in drivers/input/misc/powermate.c in the  ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1317015
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283384
 	NOTE: http://seclists.org/bugtraq/2016/Mar/85
 	NOTE: http://marc.info/?l=linux-usb&m=145796479528669&w=2
-CVE-2016-2185
+CVE-2016-2185 (The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in  ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1317014
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283362
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283363
-CVE-2016-2184
+CVE-2016-2184 (The create_fixed_stream_quirk function in sound/usb/quirks.c in the sn ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.5.1-1 (low)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1317012
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283355
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283358
-CVE-2016-2183
+CVE-2016-2183 (The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec pro ...)
 	NOTE: Generic protocol issue
 	NOTE: The CVE is assigned for the protocol flaw in the DES/3DES cipher, used as a part of the SSL/TLS protocol.
 	NOTE: What was done in OpenSSL: https://www.openssl.org/blog/blog/2016/08/24/sweet32/
 	NOTE: Python issue: https://bugs.python.org/issue27850
-CVE-2016-2182
+CVE-2016-2182 (The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 ...)
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=07bed46f332fce8c1d157689a2cdf915a982ae34
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=099e2968ed3c7d256cda048995626664082b1b30
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-2181
+CVE-2016-2181 (The Anti-Replay feature in the DTLS implementation in OpenSSL before 1 ...)
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=1fb9fdc3027b27d8eb6a1e6a846435b070980770
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-2180
+CVE-2016-2180 (The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Publi ...)
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=0ed26acce328ec16a3aa635f1ca37365e8c7403a
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-2179
+CVE-2016-2179 (The DTLS implementation in OpenSSL before 1.1.0 does not properly rest ...)
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=f5c7f5dfbaf0d2f7d946d0fe86f08e6bcb36ed0d
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-2178
+CVE-2016-2178 (The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL throug ...)
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1 (low)
 	NOTE: Fixed in master branch in https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-2177
+CVE-2016-2177 (OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-bu ...)
 	{DSA-3673-1 DLA-637-1}
 	- openssl 1.0.2i-1 (low)
 	NOTE: Fixed in 1.0.2 branch in https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7
 	NOTE: https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/
 	NOTE: https://www.openssl.org/news/secadv/20160922.txt
 	NOTE: Fixed in 1.0.2i, 1.0.1u
-CVE-2016-2176
+CVE-2016-2176 (The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL be ...)
 	- openssl <not-affected> (Only applies to EBCDIC systems)
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ea96ad5a206b7b5f25dad230333e8ff032df3219
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2175
+CVE-2016-2175 (Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly ini ...)
 	{DSA-3606-1 DLA-505-1}
 	- libpdfbox-java 1:1.8.12-1
 	NOTE: Fixed on upstream 1.8 branch in https://svn.apache.org/viewvc?view=revision&revision=1739564
 	NOTE: Fixed on upstream 2.0 branch in https://svn.apache.org/viewvc?view=revision&revision=1739565
-CVE-2016-2174
+CVE-2016-2174 (SQL injection vulnerability in the policy admin tool in Apache Ranger  ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2016-2173
+CVE-2016-2173 (org.springframework.core.serializer.DefaultDeserializer in Spring AMQP ...)
 	NOT-FOR-US: Spring AMQP
 CVE-2016-2172
 	REJECTED
-CVE-2016-2171
+CVE-2016-2171 (The User Manager service in Apache Jetspeed before 2.3.1 does not prop ...)
 	NOT-FOR-US: Apache Jetspeed
-CVE-2016-2170
+CVE-2016-2170 (Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2016-2169
+CVE-2016-2169 (Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 a ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-2168
+CVE-2016-2168 (The req_check_access function in the mod_authz_svn module in the httpd ...)
 	{DSA-3561-1 DLA-448-1}
 	- subversion 1.9.4-1
 	NOTE: https://subversion.apache.org/security/CVE-2016-2168-advisory.txt
-CVE-2016-2167
+CVE-2016-2167 (The canonicalize_username function in svnserve/cyrus_auth.c in Apache  ...)
 	{DSA-3561-1 DLA-448-1}
 	- subversion 1.9.4-1
 	NOTE: https://subversion.apache.org/security/CVE-2016-2167-advisory.txt
-CVE-2016-2166
+CVE-2016-2166 (The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3 ...)
 	- qpid-proton <not-affected> (Vulnerable code not present)
 	NOTE: https://issues.apache.org/jira/browse/PROTON-1157
 	NOTE: http://qpid.apache.org/releases/qpid-proton-0.12.1/
 	NOTE: Affects Qpid Proton python API starting at 0.9 up to and including 0.12.0
-CVE-2016-2165
+CVE-2016-2165 (The Loggregator Traffic Controller endpoints in cf-release v231 and lo ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-2164
+CVE-2016-2164 (The (1) FileService.importFileByInternalUserId and (2) FileService.imp ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2016-2163
+CVE-2016-2163 (Cross-site scripting (XSS) vulnerability in Apache OpenMeetings before ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2016-2162
+CVE-2016-2162 (Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale o ...)
 	- libstruts1.2-java <not-affected> (Only affects 2.0.0 to 2.3.24.1)
 	NOTE: http://struts.apache.org/docs/s2-030.html
-CVE-2016-2161
+CVE-2016-2161 (In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod ...)
 	{DSA-3796-1}
 	- apache2 2.4.25-1
 	[wheezy] - apache2 <not-affected> (Vulnerable code introduced in 2.4.x)
@@ -26039,66 +26039,66 @@ CVE-2016-2161
 	NOTE: Fixed by: https://svn.apache.org/r1772919
 	NOTE: Affects: 2.4.1 to 2.4.23
 	NOTE: Fixed in 2.4.25
-CVE-2016-2160
+CVE-2016-2160 (Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote aut ...)
 	NOT-FOR-US: OpenShift
-CVE-2016-2159
+CVE-2016-2159 (The save_submission function in mod/assign/externallib.php in Moodle t ...)
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2158
+CVE-2016-2158 (lib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before 2.7.1 ...)
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2157
+CVE-2016-2157 (Cross-site request forgery (CSRF) vulnerability in mod/assign/adminman ...)
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2156
+CVE-2016-2156 (calendar/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13 ...)
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2155
+CVE-2016-2155 (The grade-reporting feature in Singleview (aka Single View) in Moodle  ...)
 	- moodle <not-affected> (Only affects 2.8 and later)
-CVE-2016-2154
+CVE-2016-2154 (admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8 ...)
 	- moodle <not-affected> (Only affects 2.8 and later)
-CVE-2016-2153
+CVE-2016-2153 (Cross-site scripting (XSS) vulnerability in the advanced-search featur ...)
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2152
+CVE-2016-2152 (Multiple cross-site scripting (XSS) vulnerabilities in auth/db/auth.ph ...)
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2151
+CVE-2016-2151 (user/index.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x be ...)
 	- moodle 2.7.13+dfsg-1
-CVE-2016-2150
+CVE-2016-2150 (SPICE allows local guest OS users to read from or write to arbitrary h ...)
 	{DSA-3596-1 DLA-531-1}
 	- spice 0.12.6-4.1 (bug #826584)
-CVE-2016-2149
+CVE-2016-2149 (Red Hat OpenShift Enterprise 3.2 allows remote authenticated users to  ...)
 	NOT-FOR-US: OpenShift
-CVE-2016-2148
+CVE-2016-2148 (Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox befo ...)
 	{DLA-1445-1}
 	- busybox 1:1.27.2-1 (bug #818497)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	NOTE: https://git.busybox.net/busybox/commit/?id=352f79acbd759c14399e39baef21fc4ffe180ac2
-CVE-2016-2147
+CVE-2016-2147 (Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0  ...)
 	{DLA-1445-1}
 	- busybox 1:1.27.2-1 (bug #818499)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	NOTE: https://git.busybox.net/busybox/commit/?id=d474ffc68290e0a83651c4432eeabfa62cd51e87
-CVE-2016-2146
+CVE-2016-2146 (The am_read_post_data function in mod_auth_mellon before 0.11.1 does n ...)
 	- libapache2-mod-auth-mellon 0.12.0-1
 	[jessie] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
-CVE-2016-2145
+CVE-2016-2145 (The am_read_post_data function in mod_auth_mellon before 0.11.1 does n ...)
 	- libapache2-mod-auth-mellon 0.12.0-1
 	[jessie] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
 CVE-2016-2144
 	REJECTED
-CVE-2016-2143
+CVE-2016-2143 (The fork implementation in the Linux kernel before 4.5 on s390 platfor ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.4.6-1
 	[wheezy] - linux <no-dsa> (Architecture not supported in Wheezy LTS)
 	NOTE: Fixed by: https://git.kernel.org/linus/3446c13b268af86391d06611327006b059b8bab1 (v4.5)
 	NOTE: Introduced in: https://git.kernel.org/linus/6252d702c5311ce916caf75ed82e5c8245171c92 (v2.6.25-rc1)
-CVE-2016-2142
+CVE-2016-2142 (Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on th ...)
 	NOT-FOR-US: OpenShift
-CVE-2016-2141
+CVE-2016-2141 (JGroups before 4.0 does not require the proper headers for the ENCRYPT ...)
 	- libjgroups-java <unfixed> (low; bug #867493)
 	[buster] - libjgroups-java <ignored> (Minor issue, only used as build dep)
 	[stretch] - libjgroups-java <ignored> (Minor issue, only used as build dep)
 	[jessie] - libjgroups-java <no-dsa> (Minor issue)
 	[wheezy] - libjgroups-java <no-dsa> (Minor issue, only used as build dependency)
-CVE-2016-2140
+CVE-2016-2140 (The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo)  ...)
 	- nova 2:13.0.0-1
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
@@ -26129,120 +26129,120 @@ CVE-2016-2128
 	REJECTED
 CVE-2016-2127
 	REJECTED
-CVE-2016-2126
+CVE-2016-2126 (Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation d ...)
 	{DSA-3740-1}
 	- samba 2:4.5.2+dfsg-2
 	[wheezy] - samba <not-affected> (Affects only Samba 4.0.0 to 4.5.2)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2126.html
-CVE-2016-2125
+CVE-2016-2125 (It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always re ...)
 	{DSA-3740-1 DLA-776-1}
 	- samba 2:4.5.2+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2125.html
 	NOTE: Patch (with some more) here: https://download.samba.org/pub/samba/patches/security/samba-4.3.12-security-20016-12-19.patch
 CVE-2016-2124
 	RESERVED
-CVE-2016-2123
+CVE-2016-2123 (A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine n ...)
 	{DSA-3740-1}
 	- samba 2:4.5.2+dfsg-2
 	[wheezy] - samba <not-affected> (Affects only Samba 4.0.0 to 4.5.2)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2123.html
 CVE-2016-2122
 	RESERVED
-CVE-2016-2121
+CVE-2016-2121 (A permissions flaw was found in redis, which sets weak permissions on  ...)
 	- redis 3:3.2.5-2 (bug #842987)
 	[jessie] - redis <no-dsa> (Minor issue)
 	[wheezy] - redis <no-dsa> (minor issue, details see #842987)
 	NOTE: Might be Red Hat-specific, needs investigation
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1374700
-CVE-2016-2120
+CVE-2016-2120 (An issue has been found in PowerDNS Authoritative Server versions up t ...)
 	{DSA-3764-1 DLA-798-1}
 	- pdns 4.0.2-1
 	NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2016-05/
-CVE-2016-2119
+CVE-2016-2119 (libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3 ...)
 	{DSA-3740-1}
 	- samba 2:4.4.5+dfsg-1 (bug #830195)
 	[wheezy] - samba <not-affected> (Affects Samba 4.0.0 to 4.4.0)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2119.html
 	NOTE: Affects Samba 4.0.0 to 4.4.4
-CVE-2016-2118
+CVE-2016-2118 (The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x  ...)
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2118.html
 	NOTE: http://badlock.org/
-CVE-2016-2117
+CVE-2016-2117 (The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in ...)
 	{DSA-3607-1}
 	- linux 4.5.2-1
 	[wheezy] - linux <not-affected> (Issue introduced with v3.10-rc1)
 	NOTE: Introduced in https://git.kernel.org/linus/ec5f061564238892005257c83565a0b58ec79295 (v3.10-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/16/7
-CVE-2016-2116
+CVE-2016-2116 (Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900. ...)
 	{DSA-3508-1}
 	- jasper <removed> (bug #816626)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/03/12
-CVE-2016-2115
+CVE-2016-2115 (Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before  ...)
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2115.html
-CVE-2016-2114
+CVE-2016-2114 (The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x bef ...)
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	[wheezy] - samba <not-affected> (Affects Samba 4.0.0 to 4.4.0)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2114.html
-CVE-2016-2113
+CVE-2016-2113 (Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 do ...)
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	[wheezy] - samba <not-affected> (Affects Samba 4.0.0 to 4.4.0)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2113.html
-CVE-2016-2112
+CVE-2016-2112 (The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4. ...)
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2112.html
-CVE-2016-2111
+CVE-2016-2111 (The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before  ...)
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2111.html
-CVE-2016-2110
+CVE-2016-2110 (The NTLMSSP authentication implementation in Samba 3.x and 4.x before  ...)
 	{DSA-3548-1}
 	- samba 2:4.3.7+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2110.html
-CVE-2016-2109
+CVE-2016-2109 (The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1  ...)
 	{DSA-3566-1 DLA-456-1}
 	- openssl 1.0.2h-1
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=c62981390d6cf9e3d612c489b8b77c2913b25807
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2108
+CVE-2016-2108 (The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0 ...)
 	{DSA-3566-1 DLA-456-1}
 	- openssl 1.0.2c-1
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2107
+CVE-2016-2107 (The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1. ...)
 	{DSA-3566-1 DLA-456-1}
 	- openssl 1.0.2h-1
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2106
+CVE-2016-2106 (Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_e ...)
 	{DSA-3566-1 DLA-456-1}
 	- openssl 1.0.2h-1
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=3f3582139fbb259a1c3cbb0a25236500a409bf26
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2105
+CVE-2016-2105 (Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode ...)
 	{DSA-3566-1 DLA-456-1}
 	- openssl 1.0.2h-1
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ee1e3cac2e83abc77bcc8ff98729ca1e10fcc920
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2104
+CVE-2016-2104 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satelli ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2016-2103
+CVE-2016-2103 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satelli ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2016-2102
+CVE-2016-2102 (HAProxy statistics in openstack-tripleo-image-elements are non-authent ...)
 	- tripleo-image-elements <not-affected> (Configuration not found in Debian's version)
 CVE-2016-2101
 	RESERVED
-CVE-2016-2100
+CVE-2016-2100 (Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authen ...)
 	- foreman <itp> (bug #663101)
-CVE-2016-2099
+CVE-2016-2099 (Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apach ...)
 	{DSA-3579-1 DLA-467-1}
 	- xerces-c 3.1.3+debian-2 (bug #823863)
 	NOTE: https://issues.apache.org/jira/browse/XERCESC-2066
-CVE-2016-2098
+CVE-2016-2098 (Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and ...)
 	{DSA-3509-1 DLA-604-1}
 	- rails 2:4.2.5.2-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -26252,7 +26252,7 @@ CVE-2016-2098
 	[wheezy] - ruby-actionpack-2.3 <end-of-life>
 	NOTE: Versions Affected: 3.2.x, 4.0.x, 4.1.x, 4.2.x
 	NOTE: Fixed Versions: 3.2.22.2, 4.1.14.2, 4.2.5.2
-CVE-2016-2097
+CVE-2016-2097 (Directory traversal vulnerability in Action View in Ruby on Rails befo ...)
 	{DSA-3509-1 DLA-604-1}
 	- rails 2:4.2.5.2-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -26267,11 +26267,11 @@ CVE-2016-2096
 	RESERVED
 CVE-2016-2095
 	RESERVED
-CVE-2016-2094
+CVE-2016-2094 (The HTTPS NIO Connector allows remote attackers to cause a denial of s ...)
 	NOT-FOR-US: JBoss EAP
 CVE-2016-2093
 	RESERVED
-CVE-2016-2533
+CVE-2016-2533 (Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pil ...)
 	{DSA-3499-1 DLA-422-1}
 	- pillow 3.1.1-1
 	- python-imaging <removed>
@@ -26279,19 +26279,19 @@ CVE-2016-2533
 	NOTE: https://github.com/python-pillow/Pillow/pull/1706
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/02/5
 	NOTE: https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4
-CVE-2016-2221
+CVE-2016-2221 (Open redirect vulnerability in the wp_validate_redirect function in wp ...)
 	{DSA-3472-1 DLA-418-1}
 	- wordpress 4.4.2+dfsg-1 (bug #813697)
 	NOTE: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
 	NOTE: https://core.trac.wordpress.org/changeset/36444
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/04/4
-CVE-2016-2222
+CVE-2016-2222 (The wp_http_validate_url function in wp-includes/http.php in WordPress ...)
 	{DSA-3472-1 DLA-418-1}
 	- wordpress 4.4.2+dfsg-1 (bug #813697)
 	NOTE: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
 	NOTE: https://core.trac.wordpress.org/changeset/36435
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/04/4
-CVE-2016-2217
+CVE-2016-2217 (The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does  ...)
 	- socat 1.7.3.1-1 (bug #813536)
 	[jessie] - socat <not-affected> (Broken 1024bit DH parameter generated in 1.7.3.0)
 	[wheezy] - socat <not-affected> (Broken 1024bit DH parameter generated in 1.7.3.0)
@@ -26301,7 +26301,7 @@ CVE-2016-2217
 	NOTE: bit long.
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/01/4
 	NOTE: http://www.dest-unreach.org/socat/contrib/socat-secadv7.html
-CVE-2016-5114
+CVE-2016-5114 (sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and  ...)
 	{DLA-628-1}
 	- php5 5.6.17+dfsg-1
 	[jessie] - php5 5.6.17+dfsg-0+deb8u1
@@ -26314,7 +26314,7 @@ CVE-2016-3197
 	REJECTED
 CVE-2016-2092
 	RESERVED
-CVE-2016-2198
+CVE-2016-2198 (QEMU (aka Quick Emulator) built with the USB EHCI emulation support is ...)
 	{DLA-1497-1}
 	- qemu 1:2.6+dfsg-1 (bug #813193)
 	[wheezy] - qemu <not-affected> (Introduced after v1.2.0)
@@ -26322,7 +26322,7 @@ CVE-2016-2198
 	- qemu-kvm <not-affected> (Introduced after v1.2.0)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=dff0367cf66f489aa772320fa2937a8cac1ca30d (v2.6.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1301643
-CVE-2016-2197
+CVE-2016-2197 (QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is  ...)
 	- qemu 1:2.6+dfsg-1 (bug #813194)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -26332,10 +26332,10 @@ CVE-2016-2197
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1302057
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/29/2
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=fc3d8e1138cd0c843d6fd75272633a31be6554ef (v2.3.0-rc2)
-CVE-2016-2088
+CVE-2016-2088 (resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cook ...)
 	- bind9 <not-affected> (Introduced in Bind 9.10)
 	NOTE: https://kb.isc.org/article/AA-01351
-CVE-2016-2087
+CVE-2016-2087 (Directory traversal vulnerability in the client in HexChat 2.11.0 allo ...)
 	{DLA-1050-1}
 	- xchat 2.8.8-10
 	[jessie] - xchat <no-dsa> (Minor issue)
@@ -26348,17 +26348,17 @@ CVE-2016-2087
 	NOTE: Would be included in upstream source since the upload 2.12.3-0.1 to unstable but the
 	NOTE: Debian packaging reverts the 15600f405f2d5bda6ccf0dd73957395716e0d4d3 commit
 	NOTE: The Debian packagging drops the revert in 2.12.4-4 to not diverge from upstream.
-CVE-2016-2086
+CVE-2016-2086 (Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0 ...)
 	- nodejs 4.3.0~dfsg-1 (unimportant)
 	NOTE: libv8 is not covered by security support
 	NOTE: https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/
-CVE-2016-2091
+CVE-2016-2091 (The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 2 ...)
 	{DLA-669-1}
 	- dwarfutils 20160507-1 (bug #813148)
 	[jessie] - dwarfutils 20120410-2+deb8u1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/3
 	NOTE: Fixed by http://sourceforge.net/p/libdwarf/code/ci/9565964f26966d8391fe2cfa8e6e8e59278c5f91
-CVE-2016-2090
+CVE-2016-2090 (Off-by-one vulnerability in the fgetwln function in libbsd before 0.8. ...)
 	- libbsd 0.8.2-1
 	[jessie] - libbsd <no-dsa> (Minor issue)
 	[wheezy] - libbsd <not-affected> (Vulnerable code not present)
@@ -26368,45 +26368,45 @@ CVE-2016-2090
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=93881
 	NOTE: Fixed by: http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7 (0.8.2)
 	NOTE: Introduced by: http://cgit.freedesktop.org/libbsd/commit/?id=a97ce513e031b29a47965b740be14fb9a84277fc (0.5.0)
-CVE-2016-2089
+CVE-2016-2089 (The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows rem ...)
 	{DSA-3508-1}
 	- jasper <removed> (bug #812978)
 	[squeeze] - jasper <no-dsa> (Minor issue)
 	NOTE: https://github.com/mdadams/jasper/commit/c87ad330a8b8d6e5eb0065675601fdfae08ebaab
-CVE-2016-2085
+CVE-2016-2085 (The evm_verify_hmac function in security/integrity/evm/evm_main.c in t ...)
 	- linux 4.4.2-1 (unimportant)
 	[jessie] - linux 3.16.7-ckt25-1
 	- linux-2.6 <removed> (unimportant)
 	NOTE: EVM is not enabled
 	NOTE: https://git.kernel.org/linus/613317bd212c585c20796c10afe5daaa95d4b0a1 (v4.5-rc4)
-CVE-2016-2084
+CVE-2016-2084 (F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3 ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2016-2083
 	REJECTED
-CVE-2016-2082
+CVE-2016-2082 (Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log ...)
 	NOT-FOR-US: VMware
-CVE-2016-2081
+CVE-2016-2081 (Cross-site scripting (XSS) vulnerability in VMware vRealize Log Insigh ...)
 	NOT-FOR-US: VMware
 CVE-2016-2080
 	REJECTED
-CVE-2016-2079
+CVE-2016-2079 (VMware NSX Edge 6.1 before 6.1.7 and 6.2 before 6.2.3 and vCNS Edge 5. ...)
 	NOT-FOR-US: VMware
-CVE-2016-2078
+CVE-2016-2078 (Cross-site scripting (XSS) vulnerability in the Web Client in VMware v ...)
 	NOT-FOR-US: VMware
-CVE-2016-2077
+CVE-2016-2077 (VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1 ...)
 	NOT-FOR-US: VMware
-CVE-2016-2076
+CVE-2016-2076 (Client Integration Plugin (CIP) in VMware vCenter Server 5.5 U3a, U3b, ...)
 	NOT-FOR-US: VMware
-CVE-2016-2075
+CVE-2016-2075 (Cross-site scripting (XSS) vulnerability in VMware vRealize Business A ...)
 	NOT-FOR-US: VMware vRealize Business Advanced and Enterprise
-CVE-2016-2074
+CVE-2016-2074 (Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x an ...)
 	{DSA-3533-1}
 	- openvswitch 2.3.0+git20140819-4
 	[wheezy] - openvswitch <not-affected> (Affects only 2.2.x and later)
 	NOTE: http://openvswitch.org/pipermail/announce/2016-March/000082.html
-CVE-2016-2072
+CVE-2016-2072 (The Administrative Web Interface in Citrix NetScaler Application Deliv ...)
 	NOT-FOR-US: Citrix
-CVE-2016-2071
+CVE-2016-2071 (Citrix NetScaler Application Delivery Controller (ADC) and NetScaler G ...)
 	NOT-FOR-US: Citrix
 CVE-2016-XXXX [out of bound read and write issues]
 	- giflib 5.1.4-0.1 (bug #820594)
@@ -26416,139 +26416,139 @@ CVE-2016-XXXX [out of bound read and write issues]
 	NOTE: http://sourceforge.net/p/giflib/bugs/82/
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/26/5
 	NOTE: http://sourceforge.net/p/giflib/code/ci/4cc68b315ff9a378aef6664e1be6b2144ad4a5e6/
-CVE-2016-2073
+CVE-2016-2073 (The htmlParseNameComplex function in HTMLparser.c in libxml2 allows at ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1 (bug #812807)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/25/6
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/26/8 has details
 	NOTE: Same fix as CVE-2016-1839 and CVE-2015-8806
-CVE-2016-2070
+CVE-2016-2070 (The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux k ...)
 	- linux 4.3.5-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	- linux-2.6 <not-affected> (Vulnerable code introduced later)
 	NOTE: Upstream commit: https://git.kernel.org/linus/8b8a321ff72c785ed5e8b4cf6eda20b35d427390 (v4.4)
 	NOTE: Introduced by: https://git.kernel.org/linus/3759824da87b30ce7a35b4873b62b0ba38905ef5 (v4.3-rc1)
-CVE-2016-2068
+CVE-2016-2068 (The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2067
+CVE-2016-2067 (drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2066
+CVE-2016-2066 (Integer signedness error in the MSM QDSP6 audio driver for the Linux k ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2065
+CVE-2016-2065 (sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2064
+CVE-2016-2064 (sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2063
+CVE-2016-2063 (Stack-based buffer overflow in the supply_lm_input_write function in d ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2062
+CVE-2016-2062 (The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_ ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2061
+CVE-2016-2061 (Integer signedness error in the MSM V4L2 video driver for the Linux ke ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-2060
+CVE-2016-2060 (server/TetherController.cpp in the tethering controller in netd, as di ...)
 	NOT-FOR-US: Android
-CVE-2016-2059
+CVE-2016-2059 (The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_ro ...)
 	NOT-FOR-US: Android drivers
-CVE-2016-2058
+CVE-2016-2058 (Multiple cross-site scripting (XSS) vulnerabilities in Xymon 4.1.x, 4. ...)
 	{DSA-3495-1 DLA-488-1}
 	- xymon 4.3.25-1
 	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
-CVE-2016-2057
+CVE-2016-2057 (lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use we ...)
 	{DSA-3495-1}
 	- xymon 4.3.25-1
 	[wheezy] - xymon <not-affected> (vulnerable code not present)
 	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
-CVE-2016-2056
+CVE-2016-2056 (xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote aut ...)
 	{DSA-3495-1 DLA-488-1}
 	- xymon 4.3.25-1
 	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
-CVE-2016-2055
+CVE-2016-2055 (xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3. ...)
 	{DSA-3495-1 DLA-488-1}
 	- xymon 4.3.25-1
 	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
-CVE-2016-2054
+CVE-2016-2054 (Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, ...)
 	{DSA-3495-1 DLA-488-1}
 	- xymon 4.3.25-1
 	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
-CVE-2016-2052
+CVE-2016-2052 (Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used ...)
 	- harfbuzz 1.2.6-1
 	[jessie] - harfbuzz <not-affected> (Vulnerable code not present)
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=544270
 	NOTE: https://github.com/behdad/harfbuzz/commit/63ef0b41dc48d6112d1918c1b1de9de8ea90adb5
-CVE-2016-2051
+CVE-2016-2051 (Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, a ...)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-2048
+CVE-2016-2048 (Django 1.9.x before 1.9.2, when ModelAdmin.save_as is set to True, all ...)
 	- python-django 1.9.2-1 (bug #813448)
 	[jessie] - python-django <not-affected> (Only affects 1.9)
 	[wheezy] - python-django <not-affected> (Only affects 1.9)
 	[squeeze] - python-django <not-affected> (Only affects 1.9)
 	NOTE: https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/
-CVE-2016-2046
+CVE-2016-2046 (Cross-site scripting (XSS) vulnerability in the UserPortal page in SOP ...)
 	NOT-FOR-US: SOPHOS
-CVE-2016-2045
+CVE-2016-2045 (Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdm ...)
 	{DLA-481-1}
 	- phpmyadmin 4:4.5.4-1 (low)
 	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-9/
-CVE-2016-2044
+CVE-2016-2044 (libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5. ...)
 	- phpmyadmin 4:4.5.4-1
 	[jessie] - phpmyadmin <not-affected> (vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-8/
 	NOTE: vulnerability introduced in 4.5.0.1 / 718ef31
-CVE-2016-2043
+CVE-2016-2043 (Cross-site scripting (XSS) vulnerability in the goToFinish1NF function ...)
 	- phpmyadmin 4:4.5.4-1
 	[jessie] - phpmyadmin <not-affected> (vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-7/
 	NOTE: vulnerability introduced in 4.3.3 / 1e971f3
-CVE-2016-2042
+CVE-2016-2042 (phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote  ...)
 	- phpmyadmin 4:4.5.4-1 (unimportant)
 	[squeeze] - phpmyadmin <not-affected> (vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: introduced as part of the CVE-2016-2039 fix
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-6/
 	NOTE: path disclosure not relevant on Debian
-CVE-2016-2041
+CVE-2016-2041 (libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x b ...)
 	{DSA-3627-1 DLA-481-1 DLA-406-1}
 	- phpmyadmin 4:4.5.4-1
 	NOTE: squeeze patch backport trivial to wheezy
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-5/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/fe62b69a5b032de8e1d9d0a04456c1cecf46428c
-CVE-2016-2040
+CVE-2016-2040 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...)
 	{DSA-3627-1 DLA-481-1}
 	- phpmyadmin 4:4.5.4-1
 	[squeeze] - phpmyadmin <no-dsa> (minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-3/
-CVE-2016-2039
+CVE-2016-2039 (libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x  ...)
 	{DSA-3627-1 DLA-481-1 DLA-406-1}
 	- phpmyadmin 4:4.5.4-1
 	NOTE: squeeze patch was actually incorrect and probably not functional: libraries/phpseclib/Crypt/Random.php needs some engine (e.g. AES) to work
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-2/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6fe54dfa000dd6f43f237e859781fad7111ac1bd is not sufficient: one needs 29b297f to import more bits from phpseclib or simply import all of phpseclib.
 	NOTE: such a fix needs to avoid introducing a new vulnerability as well, upstream introduced CVE-2016-2042 as part of this
-CVE-2016-2038
+CVE-2016-2038 (phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x be ...)
 	{DLA-481-1}
 	- phpmyadmin 4:4.5.4-1 (unimportant)
 	[squeeze] - phpmyadmin <no-dsa> (minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-1/
 	NOTE: path disclosure not relevant on Debian
-CVE-2016-2036
+CVE-2016-2036 (The getURL function in drivers/secfilter/urlparser.c in secfilter in t ...)
 	NOT-FOR-US: Samsung
-CVE-2016-2069
+CVE-2016-2069 (Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 a ...)
 	{DSA-3503-1 DLA-412-1}
 	- linux 4.3.5-1
 	- linux-2.6 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/25/1
 	NOTE: https://git.kernel.org/linus/71b3c126e61177eb693423f2e18a1914205b165e (v4.5-rc1)
 	NOTE: https://git.kernel.org/linus/4eaffdd5a5fe6ff9f95e1ab4de1ac904d5e0fa8b (v4.5-rc1)
-CVE-2016-2053
+CVE-2016-2053 (The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kerne ...)
 	- linux 4.3.1-1
 	[jessie] - linux 3.16.7-ckt25-2
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -26556,12 +26556,12 @@ CVE-2016-2053
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1300237
 	NOTE: Introduced in https://git.kernel.org/linus/3d167d68e3805ee45ed2e8412fc03ed919c54c24 (v3.13-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/0d62e9dd6da45bbf0f33a8617afc5fe774c8f45f (v4.3-rc1)
-CVE-2016-2049
+CVE-2016-2049 (examples/consumer/common.php in JanRain PHP OpenID library (aka php-op ...)
 	- php-openid <unfixed> (unimportant)
 	NOTE: sample code only, actual vulnerable code not shipped in package
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/2
 	NOTE: https://github.com/openid/php-openid/issues/128
-CVE-2016-2047
+CVE-2016-2047 (The ssl_verify_server_cert function in sql-common/client.c in MariaDB  ...)
 	{DSA-3557-1 DSA-3453-1 DLA-447-1}
 	- mariadb-10.0 10.0.23-1
 	NOTE: https://mariadb.atlassian.net/browse/MDEV-9212
@@ -26572,7 +26572,7 @@ CVE-2016-2047
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
 CVE-2016-2035
 	REJECTED
-CVE-2016-2034
+CVE-2016-2034 (SQL injection vulnerability in ClearPass Policy Manager 6.5.x through  ...)
 	NOT-FOR-US: ClearPass Policy Manager
 CVE-2016-2033
 	RESERVED
@@ -26580,103 +26580,103 @@ CVE-2016-2032
 	RESERVED
 CVE-2016-2031
 	RESERVED
-CVE-2016-2030
+CVE-2016-2030 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authentic ...)
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2029
+CVE-2016-2029 (HPE Matrix Operating Environment before 7.5.1 allows remote attackers  ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-2028
+CVE-2016-2028 (HPE Matrix Operating Environment before 7.5.1 allows remote authentica ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-2027
+CVE-2016-2027 (HPE Matrix Operating Environment before 7.5.1 allows remote attackers  ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-2026
+CVE-2016-2026 (HPE Matrix Operating Environment before 7.5.1 allows remote attackers  ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2016-2025
+CVE-2016-2025 (HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 ...)
 	NOT-FOR-US: HPE
-CVE-2016-2024
+CVE-2016-2024 (HPE Insight Control before 7.5.1 allow remote attackers to obtain sens ...)
 	NOT-FOR-US: HPE Insight Control
-CVE-2016-2023
+CVE-2016-2023 (HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive ...)
 	NOT-FOR-US: HPE
-CVE-2016-2022
+CVE-2016-2022 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authentic ...)
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2021
+CVE-2016-2021 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authentic ...)
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2020
+CVE-2016-2020 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authentic ...)
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2019
+CVE-2016-2019 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authentic ...)
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2018
+CVE-2016-2018 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers ...)
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2017
+CVE-2016-2017 (HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authentic ...)
 	NOT-FOR-US: HPE Systems Insight Manager
-CVE-2016-2016
+CVE-2016-2016 (Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 th ...)
 	NOT-FOR-US: HPE
-CVE-2016-2015
+CVE-2016-2015 (HPE System Management Homepage before 7.5.5 allows local users to obta ...)
 	NOT-FOR-US: HPE
-CVE-2016-2014
+CVE-2016-2014 (HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 1 ...)
 	NOT-FOR-US: HPE
-CVE-2016-2013
+CVE-2016-2013 (HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 1 ...)
 	NOT-FOR-US: HPE
-CVE-2016-2012
+CVE-2016-2012 (HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 1 ...)
 	NOT-FOR-US: HPE
-CVE-2016-2011
+CVE-2016-2011 (Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i ...)
 	NOT-FOR-US: HPE
-CVE-2016-2010
+CVE-2016-2010 (Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i ...)
 	NOT-FOR-US: HPE
-CVE-2016-2009
+CVE-2016-2009 (HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 1 ...)
 	NOT-FOR-US: HPE
-CVE-2016-2008
+CVE-2016-2008 (HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9. ...)
 	NOT-FOR-US: HPE Data Protector
-CVE-2016-2007
+CVE-2016-2007 (HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9. ...)
 	NOT-FOR-US: HPE Data Protector
-CVE-2016-2006
+CVE-2016-2006 (HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9. ...)
 	NOT-FOR-US: HPE Data Protector
-CVE-2016-2005
+CVE-2016-2005 (HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9. ...)
 	NOT-FOR-US: HPE Data Protector
-CVE-2016-2004
+CVE-2016-2004 (HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9. ...)
 	NOT-FOR-US: HPE Data Protector
-CVE-2016-2003
+CVE-2016-2003 (HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x be ...)
 	NOT-FOR-US: HPE P9000 Command View Advanced Edition Software
-CVE-2016-2002
+CVE-2016-2002 (The validateAdminConfig handler in the Analytics Management Console in ...)
 	NOT-FOR-US: HPE Vertica
-CVE-2016-2001
+CVE-2016-2001 (HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 all ...)
 	NOT-FOR-US: HPE Universal CMDB
-CVE-2016-2000
+CVE-2016-2000 (HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem C ...)
 	NOT-FOR-US: HPE Asset Manager
-CVE-2016-1999
+CVE-2016-1999 (The server in HP Release Control 9.13, 9.20, and 9.21 allows remote at ...)
 	NOT-FOR-US: HP Release Control
-CVE-2016-1998
+CVE-2016-1998 (HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 a ...)
 	NOT-FOR-US: HPE Service Manager
-CVE-2016-1997
+CVE-2016-1997 (HPE Operations Orchestration 10.x before 10.51 and Operations Orchestr ...)
 	NOT-FOR-US: HP Operations Orchestration
-CVE-2016-1996
+CVE-2016-1996 (HPE System Management Homepage before 7.5.4 allows local users to obta ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-1995
+CVE-2016-1995 (HPE System Management Homepage before 7.5.4 allows remote attackers to ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-1994
+CVE-2016-1994 (HPE System Management Homepage before 7.5.4 allows remote authenticate ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-1993
+CVE-2016-1993 (HPE System Management Homepage before 7.5.4 allows remote authenticate ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2016-1992
+CVE-2016-1992 (HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, a ...)
 	NOT-FOR-US: HPE ArcSight ESM
-CVE-2016-1991
+CVE-2016-1991 (HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, a ...)
 	NOT-FOR-US: HPE ArcSight ESM
-CVE-2016-1990
+CVE-2016-1990 (HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, a ...)
 	NOT-FOR-US: HPE ArcSight ESM
-CVE-2016-1989
+CVE-2016-1989 (HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 a ...)
 	NOT-FOR-US: HPE Network Automation
-CVE-2016-1988
+CVE-2016-1988 (HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 a ...)
 	NOT-FOR-US: HPE Network Automation
-CVE-2016-1987
+CVE-2016-1987 (HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configu ...)
 	NOT-FOR-US: HP-UX IPFilter
-CVE-2016-1986
+CVE-2016-1986 (HP Continuous Delivery Automation (CDA) 1.30 allows remote attackers t ...)
 	NOT-FOR-US: HP CDA
-CVE-2016-1985
+CVE-2016-1985 (HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers  ...)
 	NOT-FOR-US: HPE Operations Manager
-CVE-2016-1984
+CVE-2016-1984 (The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices b ...)
 	NOT-FOR-US: Harman AMX devices
 CVE-2016-1980
 	RESERVED
-CVE-2016-1979
+CVE-2016-1979 (Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndRet ...)
 	{DSA-3688-1 DSA-3576-1 DLA-480-1 DLA-472-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -26686,7 +26686,7 @@ CVE-2016-1979
 	- icedove 38.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/
 	- nss 2:3.21-1
-CVE-2016-1978
+CVE-2016-1978 (Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange f ...)
 	{DSA-3688-1 DLA-480-1}
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
@@ -26696,7 +26696,7 @@ CVE-2016-1978
 	NOTE: unstable though used the system library.
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-15/
 	- nss 2:3.21-1
-CVE-2016-1977
+CVE-2016-1977 (The Machine::Code::decoder::analysis::set_ref function in Graphite 2 b ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -26704,39 +26704,39 @@ CVE-2016-1977
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
 	- graphite2 1.3.6-1
-CVE-2016-1976
+CVE-2016-1976 (Use-after-free vulnerability in the DesktopDisplayDevice class in the  ...)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2016-1975
+CVE-2016-1975 (Multiple race conditions in dom/media/systemservices/CamerasChild.cpp  ...)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2016-1974
+CVE-2016-1974 (The nsScannerString::AppendUnicodeTo function in Mozilla Firefox befor ...)
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/
-CVE-2016-1973
+CVE-2016-1973 (Race condition in the GetStaticInstance function in the WebRTC impleme ...)
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/
-CVE-2016-1972
+CVE-2016-1972 (Race condition in libvpx in Mozilla Firefox before 45.0 on Windows mig ...)
 	- iceweasel <not-affected> (Windows-specific)
 	- libvpx <not-affected> (Windows-specific)
-CVE-2016-1971
+CVE-2016-1971 (The I420VideoFrame::CreateFrame function in the WebRTC implementation  ...)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2016-1970
+CVE-2016-1970 (Integer underflow in the srtp_unprotect function in the WebRTC impleme ...)
 	- iceweasel <not-affected> (Windows-specific)
-CVE-2016-1969
+CVE-2016-1969 (The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Fi ...)
 	{DSA-3515-1 DSA-3477-1}
 	- graphite2 1.3.6-1
 	- iceweasel <removed>
 	- firefox 45.0-1
 	- firefox-esr 45.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-38/
-CVE-2016-1968
+CVE-2016-1968 (Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, a ...)
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
@@ -26745,116 +26745,116 @@ CVE-2016-1968
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/
 	- brotli 0.3.0+dfsg-3 (bug #817233)
 	NOTE: https://github.com/google/brotli/commit/37a320dd81db8d546cd24a45b4c61d87b45dcade
-CVE-2016-1967
+CVE-2016-1967 (Mozilla Firefox before 45.0 does not properly restrict the availabilit ...)
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/
-CVE-2016-1966
+CVE-2016-1966 (The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRu ...)
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/
-CVE-2016-1965
+CVE-2016-1965 (Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle ...)
 	{DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/
-CVE-2016-1964
+CVE-2016-1964 (Use-after-free vulnerability in the AtomicBaseIncDec function in Mozil ...)
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/
-CVE-2016-1963
+CVE-2016-1963 (The FileReader class in Mozilla Firefox before 45.0 allows local users ...)
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/
-CVE-2016-1962
+CVE-2016-1962 (Use-after-free vulnerability in the mozilla::DataChannelConnection::Cl ...)
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/
-CVE-2016-1961
+CVE-2016-1961 (Use-after-free vulnerability in the nsHTMLDocument::SetBody function i ...)
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/
-CVE-2016-1960
+CVE-2016-1960 (Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string  ...)
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/
-CVE-2016-1959
+CVE-2016-1959 (The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows r ...)
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- iceweasel <removed>
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-22/
-CVE-2016-1958
+CVE-2016-1958 (browser/base/content/browser.js in Mozilla Firefox before 45.0 and Fir ...)
 	{DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/
-CVE-2016-1957
+CVE-2016-1957 (Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firef ...)
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/
-CVE-2016-1956
+CVE-2016-1956 (Mozilla Firefox before 45.0 on Linux, when an Intel video driver is us ...)
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/
-CVE-2016-1955
+CVE-2016-1955 (Mozilla Firefox before 45.0 allows remote attackers to bypass the Same ...)
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/
-CVE-2016-1954
+CVE-2016-1954 (The nsCSPContext::SendReports function in dom/security/nsCSPContext.cp ...)
 	{DSA-3520-1 DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/
-CVE-2016-1953
+CVE-2016-1953 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
-CVE-2016-1952
+CVE-2016-1952 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3510-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
-CVE-2016-1951
+CVE-2016-1951 (Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable  ...)
 	{DSA-3687-1 DLA-513-1}
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
@@ -26863,7 +26863,7 @@ CVE-2016-1951
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1174015
 	NOTE: https://groups.google.com/forum/#!topic/mozilla.dev.tech.nspr/dV4MyMsg6jw
 	NOTE: Upstream commit: https://hg.mozilla.org/projects/nspr/rev/96381e3aaae2
-CVE-2016-1950
+CVE-2016-1950 (Heap-based buffer overflow in Mozilla Network Security Services (NSS)  ...)
 	{DSA-3688-1 DSA-3520-1 DSA-3510-1 DLA-480-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
@@ -26872,7 +26872,7 @@ CVE-2016-1950
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/
 	- nss 2:3.23-1
 	NOTE: NSS fixed in 3.21.1
-CVE-2016-1949
+CVE-2016-1949 (Mozilla Firefox before 44.0.2 does not properly restrict the interacti ...)
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
@@ -26880,58 +26880,58 @@ CVE-2016-1949
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/
-CVE-2016-1948
+CVE-2016-1948 (Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is u ...)
 	- iceweasel <not-affected> (Only affects Firefox for Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-12/
-CVE-2016-1947
+CVE-2016-1947 (Mozilla Firefox 43.x mishandles attempts to connect to the Application ...)
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-11/
-CVE-2016-1946
+CVE-2016-1946 (The MoofParser::Metadata function in binding/MoofParser.cpp in libstag ...)
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-10/
-CVE-2016-1945
+CVE-2016-1945 (The nsZipArchive function in Mozilla Firefox before 44.0 might allow r ...)
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-10/
-CVE-2016-1944
+CVE-2016-1944 (The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozill ...)
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-10/
-CVE-2016-1943
+CVE-2016-1943 (Mozilla Firefox before 44.0 on Android allows remote attackers to spoo ...)
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-09/
-CVE-2016-1942
+CVE-2016-1942 (Mozilla Firefox before 44.0 allows user-assisted remote attackers to s ...)
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-09/
-CVE-2016-1941
+CVE-2016-1941 (The file-download dialog in Mozilla Firefox before 44.0 on OS X enable ...)
 	- iceweasel <not-affected> (Affects only Firefox on OS X)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-08/
-CVE-2016-1940
+CVE-2016-1940 (Mozilla Firefox before 44.0 on Android allows remote attackers to spoo ...)
 	- iceweasel <not-affected> (Affects Firefox for Android only)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-05/
-CVE-2016-1939
+CVE-2016-1939 (Mozilla Firefox before 44.0 stores cookies with names containing verti ...)
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-04/
-CVE-2016-1938
+CVE-2016-1938 (The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Secur ...)
 	{DSA-3688-1 DLA-480-1 DLA-427-1}
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
@@ -26946,7 +26946,7 @@ CVE-2016-1938
 	NOTE: https://hg.mozilla.org/projects/nss/rev/608645309ab9
 	NOTE: https://hg.mozilla.org/projects/nss/rev/cfd0ad4726cb
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1190248 (not yet public)
-CVE-2016-1937
+CVE-2016-1937 (The protocol-handler dialog in Mozilla Firefox before 44.0 allows remo ...)
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
@@ -26954,7 +26954,7 @@ CVE-2016-1937
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-06/
 CVE-2016-1936
 	RESERVED
-CVE-2016-1935
+CVE-2016-1935 (Buffer overflow in the BufferSubData function in Mozilla Firefox befor ...)
 	{DSA-3491-1 DSA-3457-1}
 	- iceweasel 44.0-1
 	[squeeze] - iceweasel <end-of-life>
@@ -26963,7 +26963,7 @@ CVE-2016-1935
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-03/
 CVE-2016-1934
 	RESERVED
-CVE-2016-1933
+CVE-2016-1933 (Integer overflow in the image-deinterlacing functionality in Mozilla F ...)
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
@@ -26971,66 +26971,66 @@ CVE-2016-1933
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-02/
 CVE-2016-1932
 	RESERVED
-CVE-2016-1931
+CVE-2016-1931 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	- iceweasel 44.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
-CVE-2016-1930
+CVE-2016-1930 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
 	{DSA-3491-1 DSA-3457-1}
 	- iceweasel 44.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove 38.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
-CVE-2016-1929
+CVE-2016-1929 (The XS engine in SAP HANA allows remote attackers to spoof log entries ...)
 	NOT-FOR-US: SAP
-CVE-2016-1928
+CVE-2016-1928 (Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows remo ...)
 	NOT-FOR-US: SAP
-CVE-2016-1927
+CVE-2016-1927 (The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x be ...)
 	{DSA-3627-1 DLA-481-1}
 	- phpmyadmin 4:4.5.4-1
 	[squeeze] - phpmyadmin <no-dsa> (minor issue)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-4/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6a96e67487f2faecb4de4204fee9b96b94020720
-CVE-2016-1983
+CVE-2016-1983 (The client_host function in parsers.c in Privoxy before 3.0.24 allows  ...)
 	{DSA-3460-1 DLA-398-1}
 	- privoxy 3.0.24-1
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.302&r2=1.303
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/21/4
-CVE-2016-1982
+CVE-2016-1982 (The remove_chunked_transfer_coding function in filters.c in Privoxy be ...)
 	{DSA-3460-1 DLA-398-1}
 	- privoxy 3.0.24-1
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/filters.c?r1=1.196&r2=1.197
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/21/4
-CVE-2016-1926
+CVE-2016-1926 (Cross-site scripting (XSS) vulnerability in the charts module in Green ...)
 	NOT-FOR-US: Greenbone Security Assistant
 CVE-2016-1921
 	RESERVED
-CVE-2016-1918
+CVE-2016-1918 (Cross-site scripting (XSS) vulnerability in the Management Console in  ...)
 	NOT-FOR-US: BlackBerry
-CVE-2016-1917
+CVE-2016-1917 (Cross-site scripting (XSS) vulnerability in the Management Console in  ...)
 	NOT-FOR-US: BlackBerry
-CVE-2016-1916
+CVE-2016-1916 (Cross-site scripting (XSS) vulnerability in the Management Console in  ...)
 	NOT-FOR-US: BlackBerry
-CVE-2016-1915
+CVE-2016-1915 (Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Ente ...)
 	NOT-FOR-US: BlackBerry
-CVE-2016-1914
+CVE-2016-1914 (Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.Im ...)
 	NOT-FOR-US: BlackBerry
-CVE-2016-1913
+CVE-2016-1913 (Multiple cross-site scripting (XSS) vulnerabilities in the Redhen modu ...)
 	NOT-FOR-US: Redhen module for Drupal
-CVE-2016-1912
+CVE-2016-1912 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CR ...)
 	- dolibarr 3.5.8+dfsg1-1 (bug #812496)
 	[jessie] - dolibarr 3.5.5+dfsg1-1+deb8u1
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/4341
-CVE-2016-1911
+CVE-2016-1911 (Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7 ...)
 	NOT-FOR-US: SAP
-CVE-2016-1910
+CVE-2016-1910 (The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers ...)
 	NOT-FOR-US: SAP
-CVE-2016-1909
+CVE-2016-1909 (Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwit ...)
 	NOT-FOR-US: FortiOS
-CVE-2016-1981
+CVE-2016-1981 (QEMU (aka Quick Emulator) built with the e1000 NIC emulation support i ...)
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-5 (bug #812307)
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -27040,14 +27040,14 @@ CVE-2016-1981
 	NOTE: Introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=7c23b8920329180f48b8a147b629d8837709d201 (v0.10.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298570
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/10
-CVE-2016-2037
+CVE-2016-2037 (The cpio_safer_name_suffix function in util.c in cpio 2.11 allows remo ...)
 	{DSA-3483-1 DLA-415-1}
 	- cpio 2.11+dfsg-5 (bug #812401)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/4
 	NOTE: To reproduce and uncover the issue with unstable version compile with ASAN
 	NOTE: Patch: https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00005.html
 	NOTE: https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=d36ec5f4e93130efb24fb9678aafd88e8070095b
-CVE-2016-2050
+CVE-2016-2050 (The get_abbrev_array_info function in libdwarf-20151114 allows remote  ...)
 	{DLA-669-1}
 	- dwarfutils 20160507+git20160523.9086738-1 (unimportant)
 	[jessie] - dwarfutils 20120410-2+deb8u1
@@ -27062,41 +27062,41 @@ CVE-2016-XXXX [Multiple minor security issues]
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u1
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u4
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/22/4
-CVE-2016-1925
+CVE-2016-1925 (Integer underflow in header.c in lha allows remote attackers to have u ...)
 	- lha <removed> (unimportant)
 	NOTE: Non-free not supported
-CVE-2016-1924
+CVE-2016-1924 (The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attacke ...)
 	{DSA-3665-1}
 	- openjpeg2 2.1.1-1 (bug #818399)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/1a8318f6c24623189ecb65e049267c6f2e005c0e
-CVE-2016-1923
+CVE-2016-1923 (Heap-based buffer overflow in the opj_j2k_update_image_data function i ...)
 	- openjpeg2 2.1.1-1 (bug #818399)
 	[jessie] - openjpeg2 <no-dsa> (Minor issue, too intrusive to backport)
-CVE-2016-1920
+CVE-2016-1920 (Samsung KNOX 1.0.0 uses the shared certificate on Android, which allow ...)
 	NOT-FOR-US: KNOX 1.0 / Android 4.3
-CVE-2016-1919
+CVE-2016-1919 (Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which  ...)
 	NOT-FOR-US: KNOX 1.0 / Android 4.3
-CVE-2016-1902
+CVE-2016-1902 (The nextBytes function in the SecureRandom class in Symfony before 2.3 ...)
 	{DSA-3588-1}
 	- symfony 2.7.9+dfsg-1
 	NOTE: http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails
 	NOTE: https://github.com/symfony/symfony/pull/17359
-CVE-2016-1906
+CVE-2016-1906 (Openshift allows remote attackers to gain privileges by updating a bui ...)
 	- kubernetes <not-affected> (Openshift Specific)
 	NOTE: https://github.com/openshift/origin/issues/6556
 	NOTE: https://github.com/openshift/origin/pull/6576
-CVE-2016-1905
+CVE-2016-1905 (The API server in Kubernetes does not properly check admission control ...)
 	- kubernetes <not-affected> (Fixed before the initial release in Debian, 1.2.0)
 	NOTE: https://github.com/kubernetes/kubernetes/issues/19479
 	NOTE: https://github.com/kubernetes/kubernetes/pull/19481
-CVE-2016-1904
+CVE-2016-1904 (Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7. ...)
 	- php5 <not-affected> (Vulnerable code not present)
 	- php5.6 <not-affected> (Vulnerable code not present)
 	NOTE: Already using safe_emalloc() in php_escape_shell_cmd()
 	- php7.0 7.0.2-1
 	NOTE: https://bugs.php.net/bug.php?id=71270
 	NOTE: https://github.com/php/php-src/commit/2871c70efaaaa0f102557a17c727fd4d5204dd4b
-CVE-2016-1903
+CVE-2016-1903 (The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolatio ...)
 	- php5 5.6.17+dfsg-1
 	[jessie] - php5 5.6.14+dfsg-0+deb8u1
 	[wheezy] - php5 <not-affected> (Vulnerable code not present)
@@ -27107,23 +27107,23 @@ CVE-2016-1903
 	NOTE: https://bugs.php.net/bug.php?id=70976
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=4b8394dd78571826ac66a69dc240c623f31d78f8
 	NOTE: Fix in HHVM: https://github.com/facebook/hhvm/commit/f91abcc3b156823688c54158fc4fa36d87570afe
-CVE-2016-1901
+CVE-2016-1901 (Integer overflow in the authenticate_post function in CGit before 0.12 ...)
 	{DSA-3545-1}
 	- cgit 0.11.2.git2.3.2-1.1 (bug #812411)
 	NOTE: http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763 (v0.12)
-CVE-2016-1900
+CVE-2016-1900 (CRLF injection vulnerability in the cgit_print_http_headers function i ...)
 	{DSA-3545-1}
 	- cgit 0.11.2.git2.3.2-1.1 (bug #812411)
 	NOTE: http://git.zx2c4.com/cgit/commit/?id=513b3863d999f91b47d7e9f26710390db55f9463 (v0.12)
-CVE-2016-1899
+CVE-2016-1899 (CRLF injection vulnerability in the ui-blob handler in CGit before 0.1 ...)
 	{DSA-3545-1}
 	- cgit 0.11.2.git2.3.2-1.1 (bug #812411)
 	NOTE: http://git.zx2c4.com/cgit/commit/?id=1c581a072651524f3b0d91f33e22a42c4166dd96 (v0.12)
-CVE-2016-1896
+CVE-2016-1896 (Race condition in the initialization process on Lexmark printers with  ...)
 	NOT-FOR-US: Firmware in Lexmark printers
-CVE-2016-1895
+CVE-2016-1895 (NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote  ...)
 	NOT-FOR-US: NetApp
-CVE-2016-1894
+CVE-2016-1894 (NetApp OnCommand Workflow Automation before 3.1P2 allows remote attack ...)
 	NOT-FOR-US: NetApp
 CVE-2016-1893
 	RESERVED
@@ -27133,43 +27133,43 @@ CVE-2016-1891
 	RESERVED
 CVE-2016-1890
 	RESERVED
-CVE-2016-1889
+CVE-2016-1889 (Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3,  ...)
 	NOT-FOR-US: bhyve hypervisor for FreeBSD
-CVE-2016-1888
+CVE-2016-1888 (The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows  ...)
 	NOT-FOR-US: telnetd in FreeBSD
-CVE-2016-1887
+CVE-2016-1887 (Integer signedness error in the sockargs function in sys/kern/uipc_sys ...)
 	- kfreebsd-10 10.3~svn300087-1 (unimportant; bug #824605)
 	NOTE: kfreebsd not covered by security support in Jessie
-CVE-2016-1886
+CVE-2016-1886 (Integer signedness error in the genkbd_commonioctl function in sys/dev ...)
 	- kfreebsd-10 10.3~svn300087-1 (unimportant; bug #824604)
 	NOTE: kfreebsd not covered by security support in Jessie
-CVE-2016-1885
+CVE-2016-1885 (Integer signedness error in the amd64_set_ldt function in sys/amd64/am ...)
 	- kfreebsd-10 10.3~svn300087-1 (unimportant; bug #818426)
 	NOTE: kfreebsd not covered by security support in Jessie
 	- kfreebsd-9 <removed>
 	[wheezy] - kfreebsd-9 <end-of-life> (Unsupported in wheezy-lts)
 CVE-2016-1884
 	RESERVED
-CVE-2016-1883
+CVE-2016-1883 (The issetugid system call in the Linux compatibility layer in FreeBSD  ...)
 	- kfreebsd-10 10.3~svn300087-1 (unimportant)
 	- kfreebsd-9 <removed> (unimportant)
 	NOTE: kfreebsd not covered by security support in Jessie
-CVE-2016-1882
+CVE-2016-1882 (FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9 allow remo ...)
 	- kfreebsd-10 10.3~svn296373-1 (unimportant; bug #811280)
 	NOTE: kfreebsd not covered by security support in Jessie
 	- kfreebsd-9 <removed>
 	[wheezy] - kfreebsd-9 <end-of-life> (Unsupported in wheezy-lts)
-CVE-2016-1881
+CVE-2016-1881 (The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause  ...)
 	- kfreebsd-10 10.3~svn296373-1 (unimportant; bug #811279)
 	NOTE: kfreebsd not covered by security support in Jessie
 	- kfreebsd-9 <removed>
 	[wheezy] - kfreebsd-9 <end-of-life> (Unsupported in wheezy-lts)
-CVE-2016-1880
+CVE-2016-1880 (The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and  ...)
 	- kfreebsd-10 10.3~svn296373-1 (unimportant; bug #811278)
 	NOTE: kfreebsd not covered by security support in Jessie
 	- kfreebsd-9 <removed>
 	[wheezy] - kfreebsd-9 <end-of-life> (Unsupported in wheezy-lts)
-CVE-2016-1879
+CVE-2016-1879 (The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3  ...)
 	- kfreebsd-10 <unfixed> (unimportant; bug #811277)
 	NOTE: kfreebsd not covered by security support in Jessie
 	- kfreebsd-9 <removed>
@@ -27178,7 +27178,7 @@ CVE-2016-1878
 	RESERVED
 CVE-2016-1877
 	RESERVED
-CVE-2016-1876
+CVE-2016-1876 (The backend service process in Lenovo Solution Center (aka LSC) before ...)
 	NOT-FOR-US: Lenovo
 CVE-2016-1875
 	RESERVED
@@ -27196,89 +27196,89 @@ CVE-2016-1869
 	RESERVED
 CVE-2016-1868
 	RESERVED
-CVE-2016-1866
+CVE-2016-1866 (Salt 2015.8.x before 2015.8.4 does not properly handle clear messages  ...)
 	- salt 2015.8.5+ds-1
 	[jessie] - salt <not-affected> (affects only the 2015.8.x releases of Salt)
 	NOTE: https://docs.saltstack.com/en/latest/topics/releases/2015.8.5.html
-CVE-2016-1865
+CVE-2016-1865 (The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before ...)
 	NOT-FOR-US: Apple
-CVE-2016-1864
+CVE-2016-1864 (The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari  ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1863
+CVE-2016-1863 (The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before ...)
 	NOT-FOR-US: Apple
-CVE-2016-1862
+CVE-2016-1862 (Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to ...)
 	NOT-FOR-US: Apple
-CVE-2016-1861
+CVE-2016-1861 (The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 all ...)
 	NOT-FOR-US: Apple
-CVE-2016-1860
+CVE-2016-1860 (Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to ...)
 	NOT-FOR-US: Apple
-CVE-2016-1859
+CVE-2016-1859 (The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari bef ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1858
+CVE-2016-1858 (WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tv ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1857
+CVE-2016-1857 (WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tv ...)
 	- webkitgtk 2.12.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-1856
+CVE-2016-1856 (WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tv ...)
 	- webkitgtk 2.12.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2016-1855
+CVE-2016-1855 (WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tv ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1854
+CVE-2016-1854 (WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tv ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1853
+CVE-2016-1853 (Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sen ...)
 	NOT-FOR-US: Apple
-CVE-2016-1852
+CVE-2016-1852 (Siri in Apple iOS before 9.3.2 does not block data detectors within re ...)
 	NOT-FOR-US: Apple
-CVE-2016-1851
+CVE-2016-1851 (The Screen Lock feature in Apple OS X before 10.11.5 mishandles passwo ...)
 	NOT-FOR-US: Apple
-CVE-2016-1850
+CVE-2016-1850 (SceneKit in Apple OS X before 10.11.5 allows remote attackers to execu ...)
 	NOT-FOR-US: Apple
-CVE-2016-1849
+CVE-2016-1849 (The "Clear History and Website Data" feature in Apple Safari before 9. ...)
 	NOT-FOR-US: Apple
-CVE-2016-1848
+CVE-2016-1848 (QuickTime in Apple OS X before 10.11.5 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-1847
+CVE-2016-1847 (OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS b ...)
 	NOT-FOR-US: Apple
-CVE-2016-1846
+CVE-2016-1846 (The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drive ...)
 	NOT-FOR-US: Apple
 CVE-2016-1845
 	REJECTED
-CVE-2016-1844
+CVE-2016-1844 (The Messages component in Apple OS X before 10.11.5 mishandles roster  ...)
 	NOT-FOR-US: Apple
-CVE-2016-1843
+CVE-2016-1843 (The Messages component in Apple OS X before 10.11.5 mishandles filenam ...)
 	NOT-FOR-US: Apple
-CVE-2016-1842
+CVE-2016-1842 (MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS bef ...)
 	NOT-FOR-US: Apple
-CVE-2016-1841
+CVE-2016-1841 (libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS  ...)
 	- libxslt 1.1.29-1
 	[jessie] - libxslt 1.1.28-2+deb8u1
 	[wheezy] - libxslt 1.1.26-14.1+deb7u1
 	NOTE: upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=758291
 	NOTE: upstream commit: https://git.gnome.org/browse/libxslt/commit/?id=fc1ff481fd01e9a65a921c542fed68d8c965e8a3
-CVE-2016-1840
+CVE-2016-1840 (Heap-based buffer overflow in the xmlFAParsePosCharGroup function in l ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=cbb271655cadeb8dbb258a64701d9a3a0c4835b4 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=757711
-CVE-2016-1839
+CVE-2016-1839 (The xmlDictAddString function in libxml2 before 2.9.4, as used in Appl ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758605
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=637
-CVE-2016-1838
+CVE-2016-1838 (The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4 ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=db07dd613e461df93dde7902c6505629bf0734e9 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758588
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=639
-CVE-2016-1837
+CVE-2016-1837 (Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiter ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=11ed4a7a90d5ce156a18980a4ad4e53e77384852 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=760263
-CVE-2016-1836
+CVE-2016-1836 (Use-after-free vulnerability in the xmlDictComputeFastKey function in  ...)
 	{DSA-3593-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	[wheezy] - libxml2 <not-affected> (Vulnerable code not present)
@@ -27286,261 +27286,261 @@ CVE-2016-1836
 	NOTE: Introduced by: https://git.gnome.org/browse/libxml2/commit/?id=dcc19503193c71596278a252064a8ce66331b3cd (v2.9.2)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759398
 	NOTE: Regression applies to Jessie, since fix backported as 0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch
-CVE-2016-1835
+CVE-2016-1835 (Use-after-free vulnerability in the xmlSAX2AttributeNs function in lib ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=38eae571111db3b43ffdeb05487c9f60551906fb (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759020
-CVE-2016-1834
+CVE-2016-1834 (Heap-based buffer overflow in the xmlStrncat function in libxml2 befor ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=763071
-CVE-2016-1833
+CVE-2016-1833 (The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=0bcd05c5cd83dec3406c8f68b769b1d610c72f76 (v2.9.4)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758606
-CVE-2016-1832
+CVE-2016-1832 (libc in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1 ...)
 	NOT-FOR-US: Apple
-CVE-2016-1831
+CVE-2016-1831 (The kernel in Apple iOS before 9.3.2 and OS X before 10.11.5 allows at ...)
 	NOT-FOR-US: Apple
-CVE-2016-1830
+CVE-2016-1830 (The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before ...)
 	NOT-FOR-US: Apple
-CVE-2016-1829
+CVE-2016-1829 (The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before ...)
 	NOT-FOR-US: Apple
-CVE-2016-1828
+CVE-2016-1828 (The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before ...)
 	NOT-FOR-US: Apple
-CVE-2016-1827
+CVE-2016-1827 (The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before ...)
 	NOT-FOR-US: Apple
-CVE-2016-1826
+CVE-2016-1826 (Integer overflow in the dtrace implementation in the kernel in Apple O ...)
 	NOT-FOR-US: Apple
-CVE-2016-1825
+CVE-2016-1825 (IOHIDFamily in Apple OS X before 10.11.5 allows attackers to execute a ...)
 	NOT-FOR-US: Apple
-CVE-2016-1824
+CVE-2016-1824 (IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS befor ...)
 	NOT-FOR-US: Apple
-CVE-2016-1823
+CVE-2016-1823 (The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3 ...)
 	NOT-FOR-US: Apple
-CVE-2016-1822
+CVE-2016-1822 (IOFireWireFamily in Apple OS X before 10.11.5 allows attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-1821
+CVE-2016-1821 (IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute ...)
 	NOT-FOR-US: Apple
-CVE-2016-1820
+CVE-2016-1820 (Buffer overflow in IOAudioFamily in Apple OS X before 10.11.5 allows a ...)
 	NOT-FOR-US: Apple
-CVE-2016-1819
+CVE-2016-1819 (Use-after-free vulnerability in the IOAccelContext2::clientMemoryForTy ...)
 	NOT-FOR-US: Apple
-CVE-2016-1818
+CVE-2016-1818 (IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tv ...)
 	NOT-FOR-US: Apple
-CVE-2016-1817
+CVE-2016-1817 (IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tv ...)
 	NOT-FOR-US: Apple
-CVE-2016-1816
+CVE-2016-1816 (IOAcceleratorFamily in Apple OS X before 10.11.5 allows attackers to e ...)
 	NOT-FOR-US: Apple
-CVE-2016-1815
+CVE-2016-1815 (IOAcceleratorFamily in Apple OS X before 10.11.5 allows attackers to e ...)
 	NOT-FOR-US: Apple
-CVE-2016-1814
+CVE-2016-1814 (IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, an ...)
 	NOT-FOR-US: Apple
-CVE-2016-1813
+CVE-2016-1813 (The IOAccelSharedUserClient2::page_off_resource method in Apple iOS be ...)
 	NOT-FOR-US: Apple
-CVE-2016-1812
+CVE-2016-1812 (Buffer overflow in Intel Graphics Driver in Apple OS X before 10.11.5  ...)
 	NOT-FOR-US: Apple
-CVE-2016-1811
+CVE-2016-1811 (ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9. ...)
 	NOT-FOR-US: Apple
-CVE-2016-1810
+CVE-2016-1810 (The Graphics Drivers subsystem in Apple OS X before 10.11.5 allows att ...)
 	NOT-FOR-US: Apple
-CVE-2016-1809
+CVE-2016-1809 (Disk Utility in Apple OS X before 10.11.5 uses incorrect encryption ke ...)
 	NOT-FOR-US: Apple
-CVE-2016-1808
+CVE-2016-1808 (The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11 ...)
 	NOT-FOR-US: Apple
-CVE-2016-1807
+CVE-2016-1807 (Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, ...)
 	NOT-FOR-US: Apple
-CVE-2016-1806
+CVE-2016-1806 (Crash Reporter in Apple OS X before 10.11.5 allows attackers to execut ...)
 	NOT-FOR-US: Apple
-CVE-2016-1805
+CVE-2016-1805 (CoreStorage in Apple OS X before 10.11.5 allows attackers to execute a ...)
 	NOT-FOR-US: Apple
-CVE-2016-1804
+CVE-2016-1804 (The Multi-Touch subsystem in Apple OS X before 10.11.5 allows attacker ...)
 	NOT-FOR-US: Apple
-CVE-2016-1803
+CVE-2016-1803 (CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS befor ...)
 	NOT-FOR-US: Apple
-CVE-2016-1802
+CVE-2016-1802 (CCCrypt in CommonCrypto in Apple iOS before 9.3.2, OS X before 10.11.5 ...)
 	NOT-FOR-US: Apple
-CVE-2016-1801
+CVE-2016-1801 (The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before ...)
 	NOT-FOR-US: Apple
-CVE-2016-1800
+CVE-2016-1800 (Captive Network Assistant in Apple OS X before 10.11.5 mishandles a cu ...)
 	NOT-FOR-US: Apple
-CVE-2016-1799
+CVE-2016-1799 (Audio in Apple OS X before 10.11.5 allows attackers to execute arbitra ...)
 	NOT-FOR-US: Apple
-CVE-2016-1798
+CVE-2016-1798 (Audio in Apple OS X before 10.11.5 allows attackers to cause a denial  ...)
 	NOT-FOR-US: Apple
-CVE-2016-1797
+CVE-2016-1797 (Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attacker ...)
 	NOT-FOR-US: Apple
-CVE-2016-1796
+CVE-2016-1796 (Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attacker ...)
 	NOT-FOR-US: Apple
-CVE-2016-1795
+CVE-2016-1795 (AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attac ...)
 	NOT-FOR-US: Apple
-CVE-2016-1794
+CVE-2016-1794 (The AppleGraphicsControlClient::checkArguments method in AppleGraphics ...)
 	NOT-FOR-US: Apple
-CVE-2016-1793
+CVE-2016-1793 (AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows a ...)
 	NOT-FOR-US: Apple
-CVE-2016-1792
+CVE-2016-1792 (The AMD subsystem in Apple OS X before 10.11.5 allows attackers to exe ...)
 	NOT-FOR-US: Apple
-CVE-2016-1791
+CVE-2016-1791 (The AMD subsystem in Apple OS X before 10.11.5 allows attackers to obt ...)
 	NOT-FOR-US: Apple
-CVE-2016-1790
+CVE-2016-1790 (Buffer overflow in the Accessibility component in Apple iOS before 9.3 ...)
 	NOT-FOR-US: Apple
-CVE-2016-1789
+CVE-2016-1789 (Apple iBooks Author before 2.4.1 allows remote attackers to read arbit ...)
 	NOT-FOR-US: Apple
-CVE-2016-1788
+CVE-2016-1788 (Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS bef ...)
 	NOT-FOR-US: Apple
-CVE-2016-1787
+CVE-2016-1787 (Wiki Server in Apple OS X Server before 5.1 allows remote attackers to ...)
 	NOT-FOR-US: Apple
-CVE-2016-1786
+CVE-2016-1786 (The Page Loading implementation in WebKit in Apple iOS before 9.3 and  ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1785
+CVE-2016-1785 (The Page Loading implementation in WebKit in Apple iOS before 9.3 and  ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1784
+CVE-2016-1784 (The History implementation in WebKit in Apple iOS before 9.3, Safari b ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1783
+CVE-2016-1783 (WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1782
+CVE-2016-1782 (WebKit in Apple iOS before 9.3 and Safari before 9.1 does not properly ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1781
+CVE-2016-1781 (WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles attach ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1780
+CVE-2016-1780 (WebKit in Apple iOS before 9.3 does not prevent hidden web views from  ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1779
+CVE-2016-1779 (WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote att ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1778
+CVE-2016-1778 (WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote att ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1777
+CVE-2016-1777 (Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1776
+CVE-2016-1776 (Web Server in Apple OS X Server before 5.1 does not properly restrict  ...)
 	NOT-FOR-US: Webkit as used by Apple
-CVE-2016-1775
+CVE-2016-1775 (TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS befo ...)
 	NOT-FOR-US: Apple
-CVE-2016-1774
+CVE-2016-1774 (The Time Machine server in Server App in Apple OS X Server before 5.1  ...)
 	NOT-FOR-US: Apple
-CVE-2016-1773
+CVE-2016-1773 (The code-signing subsystem in Apple OS X before 10.11.4 does not prope ...)
 	NOT-FOR-US: Apple
-CVE-2016-1772
+CVE-2016-1772 (The Top Sites feature in Apple Safari before 9.1 mishandles cookie sto ...)
 	NOT-FOR-US: Apple
-CVE-2016-1771
+CVE-2016-1771 (The Downloads feature in Apple Safari before 9.1 mishandles file expan ...)
 	NOT-FOR-US: Apple
-CVE-2016-1770
+CVE-2016-1770 (The Reminders component in Apple OS X before 10.11.4 allows attackers  ...)
 	NOT-FOR-US: Apple
-CVE-2016-1769
+CVE-2016-1769 (QuickTime in Apple OS X before 10.11.4 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-1768
+CVE-2016-1768 (QuickTime in Apple OS X before 10.11.4 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-1767
+CVE-2016-1767 (QuickTime in Apple OS X before 10.11.4 allows remote attackers to exec ...)
 	NOT-FOR-US: Apple
-CVE-2016-1766
+CVE-2016-1766 (The Profiles component in Apple iOS before 9.3 does not properly valid ...)
 	NOT-FOR-US: Apple
-CVE-2016-1765
+CVE-2016-1765 (otool in Apple Xcode before 7.3 allows local users to gain privileges  ...)
 	NOT-FOR-US: Apple
-CVE-2016-1764
+CVE-2016-1764 (The Content Security Policy (CSP) implementation in Messages in Apple  ...)
 	NOT-FOR-US: Apple
-CVE-2016-1763
+CVE-2016-1763 (Messages in Apple iOS before 9.3 does not ensure that an auto-fill act ...)
 	NOT-FOR-US: Apple
-CVE-2016-1762
+CVE-2016-1762 (The xmlNextChar function in libxml2 before 2.9.4 allows remote attacke ...)
 	{DSA-3593-1 DLA-503-1}
 	- libxml2 2.9.3+dfsg1-1.1
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759671
-CVE-2016-1761
+CVE-2016-1761 (libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS befo ...)
 	NOT-FOR-US: No public details available, probably Apple specific libxml2 changes
 	NOTE: Marking as NFU since a regular libxml2 security issue would have trickled down
 	NOTE: via libxml upstream
-CVE-2016-1760
+CVE-2016-1760 (The XPC Services API in LaunchServices in Apple iOS before 9.3 allows  ...)
 	NOT-FOR-US: Apple
-CVE-2016-1759
+CVE-2016-1759 (The kernel in Apple OS X before 10.11.4 allows attackers to execute ar ...)
 	NOT-FOR-US: Apple
-CVE-2016-1758
+CVE-2016-1758 (The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows atta ...)
 	NOT-FOR-US: Apple
-CVE-2016-1757
+CVE-2016-1757 (Race condition in the kernel in Apple iOS before 9.3 and OS X before 1 ...)
 	NOT-FOR-US: Apple
-CVE-2016-1756
+CVE-2016-1756 (The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows atta ...)
 	NOT-FOR-US: Apple
-CVE-2016-1755
+CVE-2016-1755 (The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2016-1754
+CVE-2016-1754 (The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2016-1753
+CVE-2016-1753 (Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X ...)
 	NOT-FOR-US: Apple
-CVE-2016-1752
+CVE-2016-1752 (The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9 ...)
 	NOT-FOR-US: Apple
-CVE-2016-1751
+CVE-2016-1751 (The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS befor ...)
 	NOT-FOR-US: Apple
-CVE-2016-1750
+CVE-2016-1750 (Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS ...)
 	NOT-FOR-US: Apple
-CVE-2016-1749
+CVE-2016-1749 (IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute a ...)
 	NOT-FOR-US: Apple
-CVE-2016-1748
+CVE-2016-1748 (IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before  ...)
 	NOT-FOR-US: Apple
-CVE-2016-1747
+CVE-2016-1747 (IOGraphics in Apple OS X before 10.11.4 allows attackers to execute ar ...)
 	NOT-FOR-US: Apple
-CVE-2016-1746
+CVE-2016-1746 (IOGraphics in Apple OS X before 10.11.4 allows attackers to execute ar ...)
 	NOT-FOR-US: Apple
-CVE-2016-1745
+CVE-2016-1745 (IOFireWireFamily in Apple OS X before 10.11.4 allows local users to ca ...)
 	NOT-FOR-US: Apple
-CVE-2016-1744
+CVE-2016-1744 (The Intel driver in the Graphics Drivers subsystem in Apple OS X befor ...)
 	NOT-FOR-US: Apple
-CVE-2016-1743
+CVE-2016-1743 (The Intel driver in the Graphics Drivers subsystem in Apple OS X befor ...)
 	NOT-FOR-US: Apple
-CVE-2016-1742
+CVE-2016-1742 (Untrusted search path vulnerability in the installer in Apple iTunes b ...)
 	NOT-FOR-US: Apple
-CVE-2016-1741
+CVE-2016-1741 (The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X befo ...)
 	NOT-FOR-US: Apple / NVIDIA
-CVE-2016-1740
+CVE-2016-1740 (FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9 ...)
 	NOT-FOR-US: Apple
 CVE-2016-1739
 	REJECTED
-CVE-2016-1738
+CVE-2016-1738 (dyld in Apple OS X before 10.11.4 allows attackers to bypass a code-si ...)
 	NOT-FOR-US: Apple
-CVE-2016-1737
+CVE-2016-1737 (Carbon in Apple OS X before 10.11.4 allows remote attackers to execute ...)
 	NOT-FOR-US: Apple
-CVE-2016-1736
+CVE-2016-1736 (Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arb ...)
 	NOT-FOR-US: Apple
-CVE-2016-1735
+CVE-2016-1735 (Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arb ...)
 	NOT-FOR-US: Apple
-CVE-2016-1734
+CVE-2016-1734 (AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 all ...)
 	NOT-FOR-US: Apple
-CVE-2016-1733
+CVE-2016-1733 (AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arb ...)
 	NOT-FOR-US: Apple
-CVE-2016-1732
+CVE-2016-1732 (AppleRAID in Apple OS X before 10.11.4 allows local users to obtain se ...)
 	NOT-FOR-US: Apple
-CVE-2016-1731
+CVE-2016-1731 (Apple Software Update before 2.2 on Windows does not use HTTPS, which  ...)
 	NOT-FOR-US: Apple
-CVE-2016-1730
+CVE-2016-1730 (WebSheet in Apple iOS before 9.2.1 allows remote attackers to read or  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2016-1729
+CVE-2016-1729 (Untrusted search path vulnerability in OSA Scripts in Apple OS X befor ...)
 	NOT-FOR-US: Apple
-CVE-2016-1728
+CVE-2016-1728 (The Cascading Style Sheets (CSS) implementation in Apple iOS before 9. ...)
 	NOT-FOR-US: Apple iOS
-CVE-2016-1727
+CVE-2016-1727 (WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tv ...)
 	NOT-FOR-US: Apple iOS
-CVE-2016-1726
+CVE-2016-1726 (WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, all ...)
 	NOT-FOR-US: Apple iOS
-CVE-2016-1725
+CVE-2016-1725 (WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, all ...)
 	NOT-FOR-US: Apple iOS
-CVE-2016-1724
+CVE-2016-1724 (WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tv ...)
 	NOT-FOR-US: Apple iOS
-CVE-2016-1723
+CVE-2016-1723 (WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, all ...)
 	NOT-FOR-US: Apple iOS
-CVE-2016-1722
+CVE-2016-1722 (syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before ...)
 	NOT-FOR-US: Apple iOS
-CVE-2016-1721
+CVE-2016-1721 (The kernel in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS be ...)
 	NOT-FOR-US: Apple iOS
-CVE-2016-1720
+CVE-2016-1720 (IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2016-1719
+CVE-2016-1719 (The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, an ...)
 	NOT-FOR-US: Apple iOS
-CVE-2016-1718
+CVE-2016-1718 (The IOAcceleratorFamily2 interface in IOAcceleratorFamily in Apple OS  ...)
 	NOT-FOR-US: Apple iOS
-CVE-2016-1717
+CVE-2016-1717 (The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11 ...)
 	NOT-FOR-US: Apple
-CVE-2016-1716
+CVE-2016-1716 (AppleGraphicsPowerManagement in Apple OS X before 10.11.3 allows local ...)
 	NOT-FOR-US: Apple
-CVE-2016-1908
+CVE-2016-1908 (The client in OpenSSH before 7.2 mishandles failed cookie generation f ...)
 	{DLA-1500-1}
 	- openssh 1:7.2p1-1
 	[wheezy] - openssh <no-dsa> (Minor issue)
@@ -27553,403 +27553,403 @@ CVE-2016-1908
 	NOTE: vulnerability is partly due to /etc/X11/Xsession.d/35x11-common_xhost-local introduced in x11-common in 1:7.6+9 (wheezy and up)
 	NOTE: https://lists.debian.org/debian-lts/2016/01/msg00029.html
 	NOTE: Upstream announce: http://www.openssh.com/txt/release-7.2
-CVE-2016-1907
+CVE-2016-1907 (The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 ...)
 	- openssh 1:7.1p2-1
 	[jessie] - openssh <not-affected> (Vulnerable code not present; Introduced in OpenSSH 6.8)
 	[wheezy] - openssh <not-affected> (Vulnerable code not present; Introduced in OpenSSH 6.8)
 	[squeeze] - openssh <not-affected> (Issue introduced in OpenSSH 6.8)
 	NOTE: Fixed by: https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0
 	NOTE: Introduced by: https://anongit.mindrot.org/openssh.git/commit/packet.c?id=091c302829210c41e7f57c3f094c7b9c054306f0 (V_6_8_P1)
-CVE-2016-1898
+CVE-2016-1898 (FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and ...)
 	{DSA-3506-1}
 	- ffmpeg 7:2.8.5-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://habrahabr.ru/company/mailru/blog/274855
 	NOTE: Fixed in 2.8.5 upstream
-CVE-2016-1897
+CVE-2016-1897 (FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and ...)
 	{DSA-3506-1}
 	- ffmpeg 7:2.8.5-1
 	[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
 	- libav <removed>
 	NOTE: http://habrahabr.ru/company/mailru/blog/274855
 	NOTE: Fixed in 2.8.5 upstream
-CVE-2016-1867
+CVE-2016-1867 (The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers ...)
 	{DSA-3785-1}
 	- jasper <removed> (bug #811023)
 	[jessie] - jasper <no-dsa> (Minor issue)
 	[wheezy] - jasper <no-dsa> (Minor issue)
 	[squeeze] - jasper <no-dsa> (Minor issue)
-CVE-2016-1715
+CVE-2016-1715 (The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 b ...)
 	NOT-FOR-US: swin.sys kernel driver in McAfee Application Control
-CVE-2016-1713
+CVE-2016-1713 (Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyD ...)
 	NOT-FOR-US: vTiger
-CVE-2016-1712
+CVE-2016-1712 (Palo Alto Networks PAN-OS before 5.0.19, 5.1.x before 5.1.12, 6.0.x be ...)
 	NOT-FOR-US: Palo Alto Networks
-CVE-2016-1711
+CVE-2016-1711 (WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google  ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1710
+CVE-2016-1710 (The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeC ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1709
+CVE-2016-1709 (Heap-based buffer overflow in the ByteArray::Get method in data/byte_a ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1708
+CVE-2016-1708 (The Chrome Web Store inline-installation implementation in the Extensi ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1707
+CVE-2016-1707 (ios/web/web_state/ui/crw_web_controller.mm in Google Chrome before 52. ...)
 	{DSA-3637-1}
 	- chromium-browser <not-affected> (Only affects chromium-browser on iOS)
-CVE-2016-1706
+CVE-2016-1706 (The PPAPI implementation in Google Chrome before 52.0.2743.82 does not ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1705
+CVE-2016-1705 (Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743 ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1704
+CVE-2016-1704 (Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704 ...)
 	{DSA-3637-1}
 	- chromium-browser 52.0.2743.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1703
+CVE-2016-1703 (Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704 ...)
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1702
+CVE-2016-1702 (The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as ...)
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1701
+CVE-2016-1701 (The Autofill implementation in Google Chrome before 51.0.2704.79 misha ...)
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1700
+CVE-2016-1700 (extensions/renderer/runtime_custom_bindings.cc in Google Chrome before ...)
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1699
+CVE-2016-1699 (WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (a ...)
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1698
+CVE-2016-1698 (The createCustomType function in extensions/renderer/resources/binding ...)
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1697
+CVE-2016-1697 (The FrameLoader::startLoad function in WebKit/Source/core/loader/Frame ...)
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1696
+CVE-2016-1696 (The extensions subsystem in Google Chrome before 51.0.2704.79 does not ...)
 	{DSA-3594-1}
 	- chromium-browser 51.0.2704.79-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1695
+CVE-2016-1695 (Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704 ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1694
+CVE-2016-1694 (browser/browsing_data/browsing_data_remover.cc in Google Chrome before ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1693
+CVE-2016-1693 (browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 5 ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1692
+CVE-2016-1692 (WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Goo ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1691
+CVE-2016-1691 (Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincid ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1690
+CVE-2016-1690 (The Autofill implementation in Google Chrome before 51.0.2704.63 misha ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1689
+CVE-2016-1689 (Heap-based buffer overflow in content/renderer/media/canvas_capture_ha ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1688
+CVE-2016-1688 (The regexp (aka regular expression) implementation in Google V8 before ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1687
+CVE-2016-1687 (The renderer implementation in Google Chrome before 51.0.2704.63 does  ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1686
+CVE-2016-1686 (The CPDF_DIBSource::CreateDecoder function in core/fpdfapi/fpdf_render ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1685
+CVE-2016-1685 (core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1684
+CVE-2016-1684 (numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51 ...)
 	{DSA-3605-1 DSA-3590-1 DLA-514-1}
 	- libxslt 1.1.29-1
 	NOTE: https://git.gnome.org/browse/libxslt/commit/?id=91d0540ac9beaa86719a05b749219a69baa0dd8d (v1.1.29-rc1)
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: Chromium bug report: https://code.google.com/p/chromium/issues/detail?id=583171
-CVE-2016-1683
+CVE-2016-1683 (numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51 ...)
 	{DSA-3605-1 DSA-3590-1 DLA-514-1}
 	- libxslt 1.1.29-1
 	NOTE: https://git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242 (v1.1.29-rc1)
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: Chromium bug report: https://code.google.com/p/chromium/issues/detail?id=583156
-CVE-2016-1682
+CVE-2016-1682 (The ServiceWorkerContainer::registerServiceWorkerImpl function in WebK ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1681
+CVE-2016-1681 (Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: http://blog.talosintel.com/2016/06/pdfium.html
-CVE-2016-1680
+CVE-2016-1680 (Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1679
+CVE-2016-1679 (The ToV8Value function in content/child/v8_value_converter_impl.cc in  ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1678
+CVE-2016-1678 (objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome bef ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1677
+CVE-2016-1677 (uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1676
+CVE-2016-1676 (extensions/renderer/resources/binding.js in the extension bindings in  ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1675
+CVE-2016-1675 (Blink, as used in Google Chrome before 51.0.2704.63, allows remote att ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1674
+CVE-2016-1674 (The extensions subsystem in Google Chrome before 51.0.2704.63 allows r ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1673
+CVE-2016-1673 (Blink, as used in Google Chrome before 51.0.2704.63, allows remote att ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1672
+CVE-2016-1672 (The ModuleSystem::RequireForJsInner function in extensions/renderer/mo ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1671
+CVE-2016-1671 (Google Chrome before 50.0.2661.102 on Android mishandles / (slash) and ...)
 	- chromium-browser <not-affected> (Android-specific)
-CVE-2016-1670
+CVE-2016-1670 (Race condition in the ResourceDispatcherHostImpl::BeginRequest functio ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1669
+CVE-2016-1669 (The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as us ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	- nodejs 4.4.6~dfsg-1 (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1668
+CVE-2016-1668 (The forEachForBinding function in WebKit/Source/bindings/core/v8/Itera ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1667
+CVE-2016-1667 (The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeSc ...)
 	{DSA-3590-1}
 	- chromium-browser 51.0.2704.63-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1666
+CVE-2016-1666 (Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661 ...)
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1665
+CVE-2016-1665 (The JSGenericLowering class in compiler/js-generic-lowering.cc in Goog ...)
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1664
+CVE-2016-1664 (The HistoryController::UpdateForCommit function in content/renderer/hi ...)
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1663
+CVE-2016-1663 (The SerializedScriptValue::transferArrayBuffers function in WebKit/Sou ...)
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1662
+CVE-2016-1662 (extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.9 ...)
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1661
+CVE-2016-1661 (Blink, as used in Google Chrome before 50.0.2661.94, does not ensure t ...)
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1660
+CVE-2016-1660 (Blink, as used in Google Chrome before 50.0.2661.94, mishandles assert ...)
 	{DSA-3564-1}
 	- chromium-browser 50.0.2661.94-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1659
+CVE-2016-1659 (Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661 ...)
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1658
+CVE-2016-1658 (The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrec ...)
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1657
+CVE-2016-1657 (The WebContentsImpl::FocusLocationBarByDefault function in content/bro ...)
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1656
+CVE-2016-1656 (The download implementation in Google Chrome before 50.0.2661.75 on An ...)
 	- chromium-browser <not-affected> (Android-specific)
-CVE-2016-1655
+CVE-2016-1655 (Google Chrome before 50.0.2661.75 does not properly consider that fram ...)
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1654
+CVE-2016-1654 (The media subsystem in Google Chrome before 50.0.2661.75 does not init ...)
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1653
+CVE-2016-1653 (The LoadBuffer implementation in Google V8, as used in Google Chrome b ...)
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1652
+CVE-2016-1652 (Cross-site scripting (XSS) vulnerability in the ModuleSystem::RequireF ...)
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1651
+CVE-2016-1651 (fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome ...)
 	{DSA-3549-1}
 	- chromium-browser 50.0.2661.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1650
+CVE-2016-1650 (The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/ ...)
 	{DSA-3531-1}
 	- chromium-browser 49.0.2623.108-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1649
+CVE-2016-1649 (The Program::getUniformInternal function in Program.cpp in libANGLE, a ...)
 	{DSA-3531-1}
 	- chromium-browser 49.0.2623.108-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1648
+CVE-2016-1648 (Use-after-free vulnerability in the GetLoadTimes function in renderer/ ...)
 	{DSA-3531-1}
 	- chromium-browser 49.0.2623.108-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1647
+CVE-2016-1647 (Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy func ...)
 	{DSA-3531-1}
 	- chromium-browser 49.0.2623.108-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1646
+CVE-2016-1646 (The Array.prototype.concat implementation in builtins.cc in Google V8, ...)
 	{DSA-3531-1}
 	- chromium-browser 49.0.2623.108-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2016-1645
+CVE-2016-1645 (Multiple integer signedness errors in the opj_j2k_update_image_data fu ...)
 	{DSA-3513-1}
 	- chromium-browser 49.0.2623.87-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1644
+CVE-2016-1644 (WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google ...)
 	{DSA-3513-1}
 	- chromium-browser 49.0.2623.87-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1643
+CVE-2016-1643 (The ImageInputType::ensurePrimaryContent function in WebKit/Source/cor ...)
 	{DSA-3513-1}
 	- chromium-browser 49.0.2623.87-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2016-1642
+CVE-2016-1642 (Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623 ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1641
+CVE-2016-1641 (Use-after-free vulnerability in content/browser/web_contents/web_conte ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1640
+CVE-2016-1640 (The Web Store inline-installer implementation in the Extensions UI in  ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1639
+CVE-2016-1639 (Use-after-free vulnerability in browser/extensions/api/webrtc_audio_pr ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1638
+CVE-2016-1638 (extensions/renderer/resources/platform_app.js in the Extensions subsys ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1637
+CVE-2016-1637 (The SkATan2_255 function in effects/gradients/SkSweepGradient.cpp in S ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1636
+CVE-2016-1636 (The PendingScript::notifyFinished function in WebKit/Source/core/dom/P ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1635
+CVE-2016-1635 (extensions/renderer/render_frame_observer_natives.cc in Google Chrome  ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1634
+CVE-2016-1634 (Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1633
+CVE-2016-1633 (Use-after-free vulnerability in Blink, as used in Google Chrome before ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1632
+CVE-2016-1632 (The Extensions subsystem in Google Chrome before 49.0.2623.75 does not ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1631
+CVE-2016-1631 (The PPB_Flash_MessageLoop_Impl::InternalRun function in content/render ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1630
+CVE-2016-1630 (The ContainerNode::parserRemoveChild function in WebKit/Source/core/do ...)
 	{DSA-3507-1}
 	- chromium-browser 49.0.2623.75-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1629
+CVE-2016-1629 (Google Chrome before 48.0.2564.116 allows remote attackers to bypass t ...)
 	{DSA-3486-1}
 	- chromium-browser 48.0.2564.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1628
+CVE-2016-1628 (pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564. ...)
 	{DSA-4013-1 DSA-3486-1}
 	- openjpeg <removed>
 	[jessie] - openjpeg <not-affected> (Vulnerable code introduced later)
@@ -27961,12 +27961,12 @@ CVE-2016-1628
 	NOTE: openjpeg2 fixed in google by https://pdfium.googlesource.com/pdfium.git/+/76c995796f95fd4c54c5f11d2a04392f16478619%5E%21/#F2
 	NOTE: https://github.com/uclouvain/openjpeg/issues/850
 	NOTE: https://github.com/uclouvain/openjpeg/commit/11445eddad7e7fa5b273d1c83c91011c44e5d586
-CVE-2016-1627
+CVE-2016-1627 (The Developer Tools (aka DevTools) subsystem in Google Chrome before 4 ...)
 	{DSA-3486-1}
 	- chromium-browser 48.0.2564.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1626
+CVE-2016-1626 (The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in  ...)
 	{DSA-4013-1 DSA-3486-1}
 	- openjpeg <removed>
 	[jessie] - openjpeg <not-affected> (Vulnerable code introduced later)
@@ -27978,12 +27978,12 @@ CVE-2016-1626
 	NOTE: openjpeg2 fixed in google by https://pdfium.googlesource.com/pdfium.git/+/76c995796f95fd4c54c5f11d2a04392f16478619%5E%21/#F2
 	NOTE: https://github.com/uclouvain/openjpeg/issues/850
 	NOTE: https://github.com/uclouvain/openjpeg/commit/11445eddad7e7fa5b273d1c83c91011c44e5d586
-CVE-2016-1625
+CVE-2016-1625 (The Chrome Instant feature in Google Chrome before 48.0.2564.109 does  ...)
 	{DSA-3486-1}
 	- chromium-browser 48.0.2564.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1624
+CVE-2016-1624 (Integer underflow in the ProcessCommandsInternal function in dec/decod ...)
 	{DSA-3486-1}
 	- chromium-browser 48.0.2564.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -27992,106 +27992,106 @@ CVE-2016-1624
 	NOTE: https://codereview.chromium.org/1662313002
 	NOTE: https://codereview.chromium.org/1662313002/diff/1/third_party/brotli/dec/decode.c
 	NOTE: Same fix/change as for CVE-2016-1968
-CVE-2016-1623
+CVE-2016-1623 (The DOM implementation in Google Chrome before 48.0.2564.109 does not  ...)
 	{DSA-3486-1}
 	- chromium-browser 48.0.2564.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1622
+CVE-2016-1622 (The Extensions subsystem in Google Chrome before 48.0.2564.109 does no ...)
 	{DSA-3486-1}
 	- chromium-browser 48.0.2564.116-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1621
+CVE-2016-1621 (libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LM ...)
 	- libvpx 1.6.1-1
 	[jessie] - libvpx <not-affected> (Vulnerable code not present, libwebm not yet included)
 	[wheezy] - libvpx <not-affected> (Vulnerable code not present, libwebm not yet included)
 	NOTE: https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d%5E!/#F1
 	NOTE: probably fixed earlier than this version, but this was the version checked
-CVE-2016-1620
+CVE-2016-1620 (Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564 ...)
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1619
+CVE-2016-1619 (Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_t ...)
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1618
+CVE-2016-1618 (Blink, as used in Google Chrome before 48.0.2564.82, does not ensure t ...)
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1617
+CVE-2016-1617 (The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/ ...)
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1616
+CVE-2016-1616 (The CustomButton::AcceleratorPressed function in ui/views/controls/but ...)
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1615
+CVE-2016-1615 (The Omnibox implementation in Google Chrome before 48.0.2564.82 allows ...)
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1614
+CVE-2016-1614 (The UnacceleratedImageBufferSurface class in WebKit/Source/platform/gr ...)
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1613
+CVE-2016-1613 (Multiple use-after-free vulnerabilities in the formfiller implementati ...)
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1612
+CVE-2016-1612 (The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in ...)
 	{DSA-3456-1}
 	- chromium-browser 48.0.2564.82-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2016-1611
+CVE-2016-1611 (Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses wor ...)
 	NOT-FOR-US: Novell Filr
-CVE-2016-1610
+CVE-2016-1610 (Directory traversal vulnerability in the email-template feature in Nov ...)
 	NOT-FOR-US: Novell Filr
-CVE-2016-1609
+CVE-2016-1609 (Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr bef ...)
 	NOT-FOR-US: Novell Filr
-CVE-2016-1608
+CVE-2016-1608 (vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 befo ...)
 	NOT-FOR-US: Novell Filr
-CVE-2016-1607
+CVE-2016-1607 (Multiple cross-site request forgery (CSRF) vulnerabilities in the admi ...)
 	NOT-FOR-US: Novell Filr
-CVE-2016-1606
+CVE-2016-1606 (Multiple stack-based buffer overflows in COM objects in Micro Focus Ru ...)
 	NOT-FOR-US: Micro Focus Rumba
-CVE-2016-1605
+CVE-2016-1605 (Directory traversal vulnerability in the ReportViewServlet servlet in  ...)
 	NOT-FOR-US: NetIQ Sentinel
 CVE-2016-1604
 	RESERVED
-CVE-2016-1603
+CVE-2016-1603 (An information leak in the NetIQ IDM ServiceNow Driver before 1.0.0.1  ...)
 	NOT-FOR-US: NetIQ
-CVE-2016-1602
+CVE-2016-1602 (A code injection in the supportconfig data collection tool in supportu ...)
 	NOT-FOR-US: SLES support tool
-CVE-2016-1601
+CVE-2016-1601 (yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, do ...)
 	NOT-FOR-US: yast2-users / SuSE YAST
 CVE-2016-1600
 	RESERVED
-CVE-2016-1599
+CVE-2016-1599 (Cross-site scripting (XSS) vulnerability in NetIQ Self Service Passwor ...)
 	NOT-FOR-US: NetIQ Self Service Password Reset
-CVE-2016-1598
+CVE-2016-1598 (XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attacke ...)
 	NOT-FOR-US: NetIQ IDM
-CVE-2016-1597
+CVE-2016-1597 (A logged-in user in NetIQ Access Governance Suite 6.0 through 6.4 coul ...)
 	NOT-FOR-US: NetIQ
-CVE-2016-1596
+CVE-2016-1596 (Multiple cross-site scripting (XSS) vulnerabilities in Micro Focus Nov ...)
 	NOT-FOR-US: Micro Focus
-CVE-2016-1595
+CVE-2016-1595 (LiveTime/WebObjects/LiveTime.woa/wa/DownloadAction/downloadFile in Mic ...)
 	NOT-FOR-US: Micro Focus
-CVE-2016-1594
+CVE-2016-1594 (Micro Focus Novell Service Desk before 7.2 allows remote authenticated ...)
 	NOT-FOR-US: Micro Focus
-CVE-2016-1593
+CVE-2016-1593 (Directory traversal vulnerability in the import users feature in Micro ...)
 	NOT-FOR-US: Micro Focus
-CVE-2016-1592
+CVE-2016-1592 (XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote  ...)
 	NOT-FOR-US: NetIQ Designer
 CVE-2016-1591
 	REJECTED
@@ -28109,24 +28109,24 @@ CVE-2016-1585
 	RESERVED
 CVE-2016-1584
 	RESERVED
-CVE-2016-1583
+CVE-2016-1583 (The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the  ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.6.2-1
-CVE-2016-1582
+CVE-2016-1582 (LXD before 2.0.2 does not properly set permissions when switching an u ...)
 	- lxd <itp> (bug #768073)
-CVE-2016-1581
+CVE-2016-1581 (LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs. ...)
 	- lxd <itp> (bug #768073)
-CVE-2016-1580
+CVE-2016-1580 (The setup_snappy_os_mounts function in the ubuntu-core-launcher packag ...)
 	NOT-FOR-US: ubuntu-core-launcher
 CVE-2016-1579
 	RESERVED
-CVE-2016-1578
+CVE-2016-1578 (Use-after-free vulnerability in Oxide allows remote attackers to cause ...)
 	NOT-FOR-US: Oxide
-CVE-2016-1577
+CVE-2016-1577 (Double free vulnerability in the jas_iccattrval_destroy function in Ja ...)
 	{DSA-3508-1}
 	- jasper <removed> (bug #816625)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/03/12
-CVE-2016-1576
+CVE-2016-1576 (The overlayfs implementation in the Linux kernel through 4.5.2 does no ...)
 	- linux 4.5.1-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -28134,7 +28134,7 @@ CVE-2016-1576
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1535150
 	NOTE: http://www.halfdog.net/Security/2016/OverlayfsOverFusePrivilegeEscalation/
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9f57ebcba563e0cd532926cab83c92bb4d79360
-CVE-2016-1575
+CVE-2016-1575 (The overlayfs implementation in the Linux kernel through 4.5.2 does no ...)
 	- linux 4.5.1-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -28146,22 +28146,22 @@ CVE-2016-1574
 	REJECTED
 CVE-2016-1573
 	RESERVED
-CVE-2016-1572
+CVE-2016-1572 (mount.ecryptfs_private.c in eCryptfs-utils does not validate mount des ...)
 	{DSA-3450-1 DLA-397-1}
 	- ecryptfs-utils 106-2
 	NOTE: https://bugs.launchpad.net/ecryptfs/+bug/1530566
 	NOTE: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/870
-CVE-2016-1571
+CVE-2016-1571 (The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x th ...)
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-168.html
-CVE-2016-1570
+CVE-2016-1570 (The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, a ...)
 	{DSA-3519-1 DLA-479-1}
 	- xen 4.8.0~rc3-1 (bug #823620)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-167.html
-CVE-2016-1567
+CVE-2016-1567 (chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associati ...)
 	{DLA-742-1 DLA-414-1}
 	- chrony 2.2.1-1 (low; bug #812923)
 	[jessie] - chrony 1.30-2+deb8u2
@@ -28169,15 +28169,15 @@ CVE-2016-1567
 	NOTE: http://chrony.tuxfamily.org/news.html#_20_jan_2016_chrony_2_2_1_and_chrony_1_31_2_released
 	NOTE: Fix for 2.x http://git.tuxfamily.org/chrony/chrony.git/commit/?id=a78bf9725a7b481ebff0e0c321294ba767f2c1d8
 	NOTE: Fix for 1.x http://git.tuxfamily.org/chrony/chrony.git/commit/?h=1.31-security&id=df46e5ca5d70be1c0ae037f96b4b038362703832
-CVE-2016-1566
+CVE-2016-1566 (Cross-site scripting (XSS) vulnerability in the file browser in Guacam ...)
 	- guacamole-client <unfixed> (bug #859136)
 	[stretch] - guacamole-client <no-dsa> (Minor issue)
 	[jessie] - guacamole-client <not-affected> (Vulnerable code not present)
 	- guacamole <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://github.com/glyptodon/guacamole-client/commit/7da13129c432d1c0a577342a9bf23ca2bde9c367
-CVE-2016-1565
+CVE-2016-1565 (Cross-site scripting (XSS) vulnerability in the Field Group module 7.x ...)
 	NOT-FOR-US: Field Group module for Drupal
-CVE-2016-1714
+CVE-2016-1714 (The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg. ...)
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-4
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
@@ -28189,14 +28189,14 @@ CVE-2016-1714
 	NOTE: fw_cfg support for guest-side data writes removed in 2.4 (1:2.4+dfsg-1a)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=023e3148567ac898c7258138f8e86c3c2bb40d07 (v2.4.0-rc0)
 	NOTE: fw_cfg_read removed in: http://git.qemu.org/?p=qemu.git;a=commit;h=6c8d56a2e95712a6206a2671d2b04b2e59cabc0b
-CVE-2016-1569
+CVE-2016-1569 (FireBird 2.5.5 allows remote authenticated users to cause a denial of  ...)
 	- firebird2.5 2.5.5.26952.ds4-3 (bug #810599)
 	[jessie] - firebird2.5 <not-affected> (Issue introduced in 2.5.5)
 	[wheezy] - firebird2.5 <not-affected> (Issue introduced in 2.5.5)
 	[squeeze] - firebird2.5 <not-affected> (Issue introduced in 2.5.5)
 	NOTE: http://tracker.firebirdsql.org/browse/CORE-5068
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/10/2
-CVE-2016-1568
+CVE-2016-1568 (Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with ...)
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-2 (bug #810527)
 	[squeeze] - qemu <not-affected> (Vulnerable code introduced later)
@@ -28206,23 +28206,23 @@ CVE-2016-1568
 	NOTE: ahci emulation added in: http://git.qemu.org/?p=qemu.git;a=commit;h=f6ad2e32f8d833c7f1c75dc084a84a8f02704d64 (v0.14.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1288532
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/09/1
-CVE-2016-1563
+CVE-2016-1563 (NetApp Clustered Data ONTAP 8.3.1 does not properly verify X.509 certi ...)
 	NOT-FOR-US: NetApp
-CVE-2016-1562
+CVE-2016-1562 (The REST API in the DTE Energy Insight application before 1.7.8 for An ...)
 	NOT-FOR-US: DTE Energy Insight
-CVE-2016-1561
+CVE-2016-1561 (ExaGrid appliances with firmware before 4.8 P26 have a default SSH pub ...)
 	NOT-FOR-US: ExaGrid appliances
-CVE-2016-1560
+CVE-2016-1560 (ExaGrid appliances with firmware before 4.8 P26 have a default passwor ...)
 	NOT-FOR-US: ExaGrid appliances
-CVE-2016-1559
+CVE-2016-1559 (D-Link DAP-1353 H/W vers. B1 3.15 and earlier, D-Link DAP-2553 H/W ver ...)
 	NOT-FOR-US: D-Link
-CVE-2016-1558
+CVE-2016-1558 (Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and ...)
 	NOT-FOR-US: D-Link
-CVE-2016-1557
+CVE-2016-1557 (Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless ...)
 	NOT-FOR-US: Netgear
-CVE-2016-1556
+CVE-2016-1556 (Information disclosure in Netgear WN604 before 3.3.3; WNAP210, WNAP320 ...)
 	NOT-FOR-US: Netgear
-CVE-2016-1555
+CVE-2016-1555 ((1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) b ...)
 	NOT-FOR-US: Netgear
 CVE-2016-1554
 	RESERVED
@@ -28234,29 +28234,29 @@ CVE-2016-1552
 	NOTE: https://github.com/facebook/hhvm/commit/979b5b312ffbd56126c52f3dcb6cf8fcab89664f
 	NOTE: https://github.com/facebook/hhvm/commit/604689e1565ea6361f9d81f839cd56bdda3b45ed
 	NOTE: https://github.com/facebook/hhvm/commit/f21dccdde582c61d5a9b52dd821bcb1f08169d28
-CVE-2016-1551
+CVE-2016-1551 (ntpd in NTP 4.2.8p3 and NTPsec a5fb34b9cc89b92a8fef2f459004865c93bb7f9 ...)
 	- ntp <not-affected> (Does not affect Linux or FreeBSD)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-1550
+CVE-2016-1550 (An exploitable vulnerability exists in the message authentication func ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-1549
+CVE-2016-1549 (A malicious authenticated peer can create arbitrarily-many ephemeral a ...)
 	- ntp 1:4.2.8p7+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
 	NOTE: additional significant protection went into ntp-4.2.8p11.
-CVE-2016-1548
+CVE-2016-1548 (An attacker can spoof a packet from a legitimate ntpd server with an o ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-1547
+CVE-2016-1547 (An off-path attacker can cause a preemptible client association to be  ...)
 	{DSA-3629-1 DLA-559-1}
 	- ntp 1:4.2.8p7+dfsg-1
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
-CVE-2016-1546
+CVE-2016-1546 (The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, d ...)
 	- apache2 2.4.20-1
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
@@ -28272,11 +28272,11 @@ CVE-2016-1544 [out of memory error due to unlimited incoming HTTP header fields]
 	NOTE: Fix spread across multiple commits: https://github.com/tatsuhiro-t/nghttp2/compare/v1.7.0...v1.7.1
 	NOTE: Commits between 1.7.0 and 1.7.1 seem almost limited to this issue, cf.
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1308461#c3
-CVE-2016-1543
+CVE-2016-1543 (The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA ...)
 	NOT-FOR-US: BMC
-CVE-2016-1542
+CVE-2016-1542 (The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8. ...)
 	NOT-FOR-US: BMC
-CVE-2016-1541
+CVE-2016-1541 (Heap-based buffer overflow in the zip_read_mac_metadata function in ar ...)
 	{DSA-3574-1}
 	[experimental] - libarchive 3.2.0-1
 	- libarchive 3.1.2-11.1 (bug #823893)
@@ -28304,7 +28304,7 @@ CVE-2016-1533
 	RESERVED
 CVE-2016-1532
 	RESERVED
-CVE-2016-1531
+CVE-2016-1531 (Exim before 4.86.2, when installed setuid root, allows local users to  ...)
 	{DSA-3517-1}
 	- exim4 4.86.2-1
 	NOTE: https://lists.exim.org/lurker/message/20160302.191005.a72d8433.en.html
@@ -28316,7 +28316,7 @@ CVE-2016-1528
 	RESERVED
 CVE-2016-1527
 	RESERVED
-CVE-2016-1526
+CVE-2016-1526 (The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graph ...)
 	{DSA-3491-1 DSA-3479-1 DSA-3477-1}
 	- graphite2 1.3.5-1
 	NOTE: http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
@@ -28327,11 +28327,11 @@ CVE-2016-1526
 	- icedove 38.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/
-CVE-2016-1525
+CVE-2016-1525 (Directory traversal vulnerability in data/config/image.do in NETGEAR M ...)
 	NOT-FOR-US: NETGEAR Management System NMS300
-CVE-2016-1524
+CVE-2016-1524 (Multiple unrestricted file upload vulnerabilities in NETGEAR Managemen ...)
 	NOT-FOR-US: NETGEAR Management System NMS300
-CVE-2016-1523
+CVE-2016-1523 (The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Gra ...)
 	{DSA-3491-1 DSA-3479-1 DSA-3477-1}
 	- graphite2 1.3.5-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0059/
@@ -28341,25 +28341,25 @@ CVE-2016-1523
 	- icedove 38.6.0-1
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/
-CVE-2016-1522
+CVE-2016-1522 (Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefo ...)
 	{DSA-3479-1}
 	- graphite2 1.3.5-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0057/
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0060/
 	NOTE: http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
-CVE-2016-1521
+CVE-2016-1521 (The directrun function in directmachine.cpp in Libgraphite in Graphite ...)
 	{DSA-3479-1}
 	- graphite2 1.3.5-1
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0058/
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0061/
 	NOTE: http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
-CVE-2016-1520
+CVE-2016-1520 (The Grandstream Wave app 1.0.1.26 and earlier for Android does not use ...)
 	NOT-FOR-US: Grandstream Wave app
-CVE-2016-1519
+CVE-2016-1519 (The com.softphone.common package in the Grandstream Wave app 1.0.1.26  ...)
 	NOT-FOR-US: Grandstream Wave app
-CVE-2016-1518
+CVE-2016-1518 (The auto-provisioning mechanism in the Grandstream Wave app 1.0.1.26 a ...)
 	NOT-FOR-US: Grandstream Wave app
-CVE-2016-1517
+CVE-2016-1517 (OpenCV 3.0.0 allows remote attackers to cause a denial of service (seg ...)
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872043)
 	[stretch] - opencv <ignored> (Minor issue)
@@ -28367,7 +28367,7 @@ CVE-2016-1517
 	[wheezy] - opencv <no-dsa> (Minor issue)
 	NOTE: https://arxiv.org/pdf/1701.04739.pdf
 	NOTE: https://github.com/opencv/opencv/issues/5956
-CVE-2016-1516
+CVE-2016-1516 (OpenCV 3.0.0 has a double free issue that allows attackers to execute  ...)
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872043)
@@ -28378,7 +28378,7 @@ CVE-2016-1515
 	REJECTED
 CVE-2016-1514
 	REJECTED
-CVE-2016-1513
+CVE-2016-1513 (The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote  ...)
 	{DLA-591-1}
 	- libreoffice 1:4.3.3-1
 	NOTE: http://www.openoffice.org/security/cves/CVE-2016-1513.html
@@ -28400,15 +28400,15 @@ CVE-2016-1507
 	RESERVED
 CVE-2016-1506
 	RESERVED
-CVE-2016-1502
+CVE-2016-1502 (NetApp SnapCenter Server 1.0 and 1.0P1 allows remote attackers to part ...)
 	NOT-FOR-US: NetApp
-CVE-2016-1497
+CVE-2016-1497 (The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2016-1496
+CVE-2016-1496 (The graphics driver in Huawei P8 smartphones with software GRA-TL00 be ...)
 	NOT-FOR-US: Huawei
-CVE-2016-1495
+CVE-2016-1495 (Integer overflow in the graphics drivers in Huawei Mate S smartphones  ...)
 	NOT-FOR-US: Huawei
-CVE-2016-1564
+CVE-2016-1564 (Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/cla ...)
 	{DSA-3444-1}
 	- wordpress 4.4.1+dfsg-1 (bug #810325)
 	[squeeze] - wordpress <not-affected> (Vulnerable code not present)
@@ -28417,7 +28417,7 @@ CVE-2016-1564
 	NOTE: https://wpvulndb.com/vulnerabilities/8358
 	NOTE: https://twitter.com/brutelogic/status/685105483397619713
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/08/3
-CVE-2016-1503
+CVE-2016-1503 (dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x befor ...)
 	- dhcpcd5 6.10.1-1 (bug #810621)
 	[jessie] - dhcpcd5 <not-affected> (Vulnerable code not present)
 	[wheezy] - dhcpcd5 <not-affected> (Vulnerable code not present)
@@ -28425,7 +28425,7 @@ CVE-2016-1503
 	NOTE: https://dev.marples.name/rDHC1475a702df74b120db847991bc011e3441a045b8
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/07/3
 	NOTE: dhcpcd 3.2.3-<rev> in squeeze and wheezy differ very much from dhcpcd5 in later Debian versions.
-CVE-2016-1504
+CVE-2016-1504 (dhcpcd before 6.10.0 allows remote attackers to cause a denial of serv ...)
 	- dhcpcd5 6.10.1-1 (bug #810620)
 	[jessie] - dhcpcd5 <not-affected> (Vulnerable code not present)
 	[wheezy] - dhcpcd5 <not-affected> (Vulnerable code not present)
@@ -28438,470 +28438,470 @@ CVE-2016-XXXX [Missing normalization]
 	- ruby-rack-attack 4.3.1-1
 	NOTE: https://github.com/kickstarter/rack-attack/commit/76c2e3143099d938883ae5654527b47e9e6a8977
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/07/1
-CVE-2016-1501
+CVE-2016-1501 (ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authe ...)
 	- owncloud 7.0.12~dfsg-2
 	[jessie] - owncloud 7.0.4+dfsg-4~deb8u4
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-004
-CVE-2016-1500
+CVE-2016-1500 (ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5 ...)
 	[experimental] - owncloud 8.2.2~dfsg-1
 	- owncloud 7.0.12~dfsg-1
 	[jessie] - owncloud 7.0.4+dfsg-4~deb8u4
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-003
-CVE-2016-1499
+CVE-2016-1499 (ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8. ...)
 	[experimental] - owncloud 8.2.2~dfsg-1
 	- owncloud 7.0.12~dfsg-2
 	[jessie] - owncloud 7.0.4+dfsg-4~deb8u4
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-002
-CVE-2016-1498
+CVE-2016-1498 (Cross-site scripting (XSS) vulnerability in the OCS discovery provider ...)
 	[experimental] - owncloud 8.2.2~dfsg-1
 	- owncloud 7.0.12~dfsg-1
 	[jessie] - owncloud 7.0.4+dfsg-4~deb8u4
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-001
-CVE-2016-1493
+CVE-2016-1493 (Intel Driver Update Utility before 2.4 retrieves driver updates in cle ...)
 	NOT-FOR-US: Intel Driver Update Utility
-CVE-2016-1492
+CVE-2016-1492 (The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when  ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-1491
+CVE-2016-1491 (The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when conf ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-1490
+CVE-2016-1490 (The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows rem ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-1489
+CVE-2016-1489 (Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww f ...)
 	NOT-FOR-US: Lenovo
-CVE-2016-1488
+CVE-2016-1488 (Cross-site scripting (XSS) vulnerability in the login form in the inte ...)
 	NOT-FOR-US: Siemens
 CVE-2016-1487
 	RESERVED
-CVE-2016-1486
+CVE-2016-1486 (A vulnerability in the email attachment scanning functionality of the  ...)
 	NOT-FOR-US: Siemens OZW OZW672
-CVE-2016-1485
+CVE-2016-1485 (Cross-site scripting (XSS) vulnerability in Cisco Identity Services En ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1484
+CVE-2016-1484 (Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass inte ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1483
+CVE-2016-1483 (Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a den ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1482
+CVE-2016-1482 (Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arb ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1481
+CVE-2016-1481 (A vulnerability in the email message filtering feature of Cisco AsyncO ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1480
+CVE-2016-1480 (A vulnerability in the Multipurpose Internet Mail Extensions (MIME) sc ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1479
+CVE-2016-1479 (Cisco IP Phone 8800 devices with software 11.0(1) allow remote attacke ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1478
+CVE-2016-1478 (Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not prop ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1477
+CVE-2016-1477 (Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1476
+CVE-2016-1476 (Cross-site scripting (XSS) vulnerability on Cisco IP Phone 8800 device ...)
 	NOT-FOR-US: Cisco
 CVE-2016-1475
 	RESERVED
-CVE-2016-1474
+CVE-2016-1474 (Cisco Prime Infrastructure 2.2(2) does not properly restrict use of IF ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1473
+CVE-2016-1473 (Cisco Small Business 220 devices with firmware before 1.0.1.1 have a h ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1472
+CVE-2016-1472 (The web-based management interface on Cisco Small Business 220 devices ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1471
+CVE-2016-1471 (Cross-site scripting (XSS) vulnerability in the web-based management i ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1470
+CVE-2016-1470 (Cross-site request forgery (CSRF) vulnerability in the web-based manag ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1469
+CVE-2016-1469 (The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1468
+CVE-2016-1468 (The administrative web interface in Cisco TelePresence Video Communica ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1467
+CVE-2016-1467 (Cisco Videoscape Session Resource Manager (VSRM) allows remote attacke ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1466
+CVE-2016-1466 (Cisco Unified Communications Manager IM and Presence Service 9.1(1) SU ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1465
+CVE-2016-1465 (Cisco Nexus 1000v Application Virtual Switch (AVS) devices before 5.2( ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1464
+CVE-2016-1464 (Cisco WebEx Meetings Player T29.10, when WRF file support is enabled,  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1463
+CVE-2016-1463 (Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 al ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1462
+CVE-2016-1462 (Cross-site scripting (XSS) vulnerability in the web-based management i ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1461
+CVE-2016-1461 (Cisco AsyncOS on Email Security Appliance (ESA) devices through 9.7.0- ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1460
+CVE-2016-1460 (Cisco Wireless LAN Controller (WLC) devices 7.4(121.0) and 8.0(0.30220 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1459
+CVE-2016-1459 (Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 allo ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1458
+CVE-2016-1458 (The web-based GUI in Cisco Firepower Management Center 4.x and 5.x bef ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1457
+CVE-2016-1457 (The web-based GUI in Cisco Firepower Management Center 4.x and 5.x bef ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1456
+CVE-2016-1456 (The CLI in Cisco IOS XR 6.x through 6.0.1 allows local users to execut ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1455
+CVE-2016-1455 (Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1454
+CVE-2016-1454 (Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1453
+CVE-2016-1453 (Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feat ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1452
+CVE-2016-1452 (Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1451
+CVE-2016-1451 (Cross-site scripting (XSS) vulnerability in the web-based management i ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1450
+CVE-2016-1450 (Cisco WebEx Meetings Server 2.6 allows remote authenticated users to c ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2016-1449
+CVE-2016-1449 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Serve ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2016-1448
+CVE-2016-1448 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meeting ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2016-1447
+CVE-2016-1447 (Cross-site scripting (XSS) vulnerability in the administrator interfac ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2016-1446
+CVE-2016-1446 (SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows  ...)
 	NOT-FOR-US: Cisco WebEx
-CVE-2016-1445
+CVE-2016-1445 (Cisco Adaptive Security Appliance (ASA) Software 8.2 through 9.4.3.3 a ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2016-1444
+CVE-2016-1444 (The Mobile and Remote Access (MRA) component in Cisco TelePresence Vid ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1443
+CVE-2016-1443 (The virtual network stack on Cisco AMP Threat Grid Appliance devices b ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1442
+CVE-2016-1442 (The administrative web interface in Cisco Prime Infrastructure (PI) be ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1441
+CVE-2016-1441 (Cisco Cloud Network Automation Provisioner (CNAP) 1.0(0) in Cisco Conf ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1440
+CVE-2016-1440 (The proxy process on Cisco Web Security Appliance (WSA) devices throug ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1439
+CVE-2016-1439 (Cross-site scripting (XSS) vulnerability in the management interface i ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1438
+CVE-2016-1438 (Cisco AsyncOS 9.7.0-125 on Email Security Appliance (ESA) devices allo ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1437
+CVE-2016-1437 (SQL injection vulnerability in the SQL database in Cisco Prime Collabo ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1436
+CVE-2016-1436 (The General Packet Radio Switching Tunneling Protocol 1 (aka GTPv1) im ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1435
+CVE-2016-1435 (Cisco 8800 phones with software 11.0(1) do not properly enforce mounte ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1434
+CVE-2016-1434 (The license-certificate upload functionality on Cisco 8800 phones with ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1433
+CVE-2016-1433 (Cisco IOS XR 6.0 and 6.0.1 on NCS 6000 devices allows remote attackers ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1432
+CVE-2016-1432 (Cisco IOS XE 3.15S and 3.16S on cBR-8 Converged Broadband Router devic ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1431
+CVE-2016-1431 (Cross-site scripting (XSS) vulnerability in Cisco Firepower Management ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1430
+CVE-2016-1430 (Cisco RV180 and RV180W devices allow remote authenticated users to exe ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1429
+CVE-2016-1429 (Directory traversal vulnerability in the web interface on Cisco RV180  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1428
+CVE-2016-1428 (Double free vulnerability in Cisco IOS XE 3.15S, 3.16S, and 3.17S allo ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1427
+CVE-2016-1427 (The System Configuration Protocol (SCP) core messaging interface in Ci ...)
 	NOT-FOR-US: Cisco Prime Network Registrar
-CVE-2016-1426
+CVE-2016-1426 (Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attac ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1425
+CVE-2016-1425 (Cisco IOS 15.0(2)SG5, 15.1(2)SG3, 15.2(1)E, 15.3(3)S, and 15.4(1.13)S  ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1424
+CVE-2016-1424 (Cisco IOS 15.2(1)T1.11 and 15.2(2)TST allows remote attackers to cause ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1423
+CVE-2016-1423 (A vulnerability in the display of email messages in the Messages in Qu ...)
 	NOT-FOR-US: Cisco ESA
 CVE-2016-1422
 	RESERVED
-CVE-2016-1421
+CVE-2016-1421 (The web application on Cisco IP 8800 devices allows remote attackers t ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1420
+CVE-2016-1420 (The installation component on Cisco Application Policy Infrastructure  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1419
+CVE-2016-1419 (Cisco Access Point devices with software 8.2(102.43) allow remote atta ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1418
+CVE-2016-1418 (Cisco Aironet Access Point Software 8.2(100.0) on 1830e, 1830i, 1850e, ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1417
+CVE-2016-1417 (Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remo ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1416
+CVE-2016-1416 (Cisco Prime Collaboration Provisioning 10.6 SP2 (aka 10.6.0.10602) mis ...)
 	NOT-FOR-US: Cisco Prime
-CVE-2016-1415
+CVE-2016-1415 (Cisco WebEx Meetings Player T29.10, when WRF file support is enabled,  ...)
 	NOT-FOR-US: Cisco
 CVE-2016-1414
 	RESERVED
-CVE-2016-1413
+CVE-2016-1413 (The web interface in Cisco Firepower Management Center 5.4.0 through 6 ...)
 	NOT-FOR-US: Cisco
 CVE-2016-1412
 	RESERVED
-CVE-2016-1411
+CVE-2016-1411 (A vulnerability in the update functionality of Cisco AsyncOS Software  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1410
+CVE-2016-1410 (Cisco WebEx Meeting Center Original Release Base allows remote attacke ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1409
+CVE-2016-1409 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1408
+CVE-2016-1408 (Cisco Prime Infrastructure 1.2 through 3.1 and Evolved Programmable Ne ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1407
+CVE-2016-1407 (Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1406
+CVE-2016-1406 (The API web interface in Cisco Prime Infrastructure before 3.1 and Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1405
+CVE-2016-1405 (libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware  ...)
 	- clamav 0.99+dfsg-1
-CVE-2016-1404
+CVE-2016-1404 (Cisco UCS Invicta 4.3, 4.5, and 5.0.1 on Invicta appliances and Invict ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1403
+CVE-2016-1403 (CISCO IP 8800 phones with software 11.0.1 and earlier allow local user ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1402
+CVE-2016-1402 (The Active Directory (AD) integration component in Cisco Identity Serv ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1401
+CVE-2016-1401 (Cross-site scripting (XSS) vulnerability in the management interface i ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1400
+CVE-2016-1400 (Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7. ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1399
+CVE-2016-1399 (The packet-processing microcode in Cisco IOS 15.2(2)EA, 15.2(2)EA1, 15 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1398
+CVE-2016-1398 (Buffer overflow in the web-based management interface on Cisco RV110W  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1397
+CVE-2016-1397 (Buffer overflow in the web-based management interface on Cisco RV110W  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1396
+CVE-2016-1396 (Cross-site scripting (XSS) vulnerability in the web-based management i ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1395
+CVE-2016-1395 (The web-based management interface on Cisco RV110W devices with firmwa ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1394
+CVE-2016-1394 (Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded ac ...)
 	NOT-FOR-US: Cisco Firepower System Software
-CVE-2016-1393
+CVE-2016-1393 (SQL injection vulnerability in Cisco Cloud Network Automation Provisio ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1392
+CVE-2016-1392 (Open redirect vulnerability in Cisco Prime Collaboration Assurance Sof ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1391
+CVE-2016-1391 (Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-fi ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1390
+CVE-2016-1390 (Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-fi ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1389
+CVE-2016-1389 (Open redirect vulnerability in Cisco WebEx Meetings Server (CWMS) 2.6  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1388
+CVE-2016-1388 (Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-fi ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1387
+CVE-2016-1387 (The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1386
+CVE-2016-1386 (The API in Cisco Application Policy Infrastructure Controller Enterpri ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1385
+CVE-2016-1385 (The XML parser in Cisco Adaptive Security Appliance (ASA) Software thr ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2016-1384
+CVE-2016-1384 (The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 throu ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1383
+CVE-2016-1383 (Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WS ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1382
+CVE-2016-1382 (Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security App ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1381
+CVE-2016-1381 (Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web S ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1380
+CVE-2016-1380 (Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) dev ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1379
+CVE-2016-1379 (Cisco Adaptive Security Appliance (ASA) Software 9.0 through 9.5.1 mis ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2016-1378
+CVE-2016-1378 (Cisco IOS before 15.2(2)E1 on Catalyst switches allows remote attacker ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1377
+CVE-2016-1377 (Cross-site scripting (XSS) vulnerability in Cisco Unity Connection thr ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1376
+CVE-2016-1376 (Cisco IOS XR 4.2.3, 4.3.0, 4.3.4, and 5.3.1 on ASR 9000 devices allows ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1375
+CVE-2016-1375 (Cross-site scripting (XSS) vulnerability in Cisco IP Interoperability  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1374
+CVE-2016-1374 (The web framework in Cisco Unified Computing System (UCS) Performance  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1373
+CVE-2016-1373 (The gadgets-integration API in Cisco Finesse 8.5(1) through 8.5(5), 8. ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1372
+CVE-2016-1372 (ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to c ...)
 	{DLA-546-1}
 	- clamav 0.99.2+dfsg-1
 	[jessie] - clamav 0.99.2+dfsg-0+deb8u1
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11514
 	NOTE: https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/
-CVE-2016-1371
+CVE-2016-1371 (ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to c ...)
 	{DLA-546-1}
 	- clamav 0.99.2+dfsg-1
 	[jessie] - clamav 0.99.2+dfsg-0+deb8u1
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11514
 	NOTE: https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/
-CVE-2016-1370
+CVE-2016-1370 (Cisco Prime Network Analysis Module (NAM) before 6.2(1-b) miscalculate ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1369
+CVE-2016-1369 (The Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Servic ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2016-1368
+CVE-2016-1368 (Cisco FirePOWER System Software 5.3.x through 5.3.0.6 and 5.4.x throug ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1367
+CVE-2016-1367 (The DHCPv6 relay implementation in Cisco Adaptive Security Appliance ( ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1366
+CVE-2016-1366 (The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Networ ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2016-1365
+CVE-2016-1365 (The Grapevine update process in Cisco Application Policy Infrastructur ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1364
+CVE-2016-1364 (Cisco Wireless LAN Controller (WLC) Software 7.4 before 7.4.130.0(MD)  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1363
+CVE-2016-1363 (Buffer overflow in the redirection functionality in Cisco Wireless LAN ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1362
+CVE-2016-1362 (Cisco AireOS 4.1 through 7.4.120.0, 7.5.x, and 7.6.100.0 on Wireless L ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1361
+CVE-2016-1361 (Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 device ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1360
+CVE-2016-1360 (Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1359
+CVE-2016-1359 (Cisco Prime Infrastructure 3.0 allows remote authenticated users to ex ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1358
+CVE-2016-1358 (Cisco Prime Infrastructure 2.2, 3.0, and 3.1(0.0) allows remote authen ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1357
+CVE-2016-1357 (The password-management administration component in Cisco Policy Suite ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1356
+CVE-2016-1356 (Cisco FireSIGHT System Software 6.1.0 does not use a constant-time alg ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1355
+CVE-2016-1355 (Cross-site scripting (XSS) vulnerability in the Device Management UI i ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1354
+CVE-2016-1354 (Cross-site scripting (XSS) vulnerability in Cisco Unified Communicatio ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1353
+CVE-2016-1353 (The TCP implementation in Cisco Videoscape Distribution Suite for Inte ...)
 	NOT-FOR-US: Cisco Videoscape Distribution Suite
-CVE-2016-1352
+CVE-2016-1352 (Cisco Unified Computing System (UCS) Central Software 1.3(1b) and earl ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1351
+CVE-2016-1351 (The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1350
+CVE-2016-1350 (Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unif ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1349
+CVE-2016-1349 (The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1348
+CVE-2016-1348 (Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote a ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1347
+CVE-2016-1347 (The Wide Area Application Services (WAAS) Express implementation in Ci ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1346
+CVE-2016-1346 (The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobil ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1345
+CVE-2016-1345 (Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FireP ...)
 	NOT-FOR-US: Cisco Firepower
-CVE-2016-1344
+CVE-2016-1344 (The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1343
+CVE-2016-1343 (The XML parser in Cisco Information Server (CIS) 6.2 allows remote att ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1342
+CVE-2016-1342 (The device login page in Cisco FirePOWER Management Center 5.3 through ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1341
+CVE-2016-1341 (Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 Fa ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1340
+CVE-2016-1340 (Heap-based buffer overflow in Cisco Unified Computing System (UCS) Pla ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1339
+CVE-2016-1339 (Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0( ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1338
+CVE-2016-1338 (Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1337
+CVE-2016-1337 (Cisco EPC3928 devices allow remote attackers to obtain sensitive confi ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1336
+CVE-2016-1336 (goform/Docsis_system on Cisco EPC3928 devices allows remote attackers  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1335
+CVE-2016-1335 (The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x b ...)
 	NOT-FOR-US: Cisco StarOS
-CVE-2016-1334
+CVE-2016-1334 (Cisco Small Business 500 Wireless Access Point devices with firmware 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1333
+CVE-2016-1333 (Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2016-1332
 	REJECTED
-CVE-2016-1331
+CVE-2016-1331 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency ...)
 	NOT-FOR-US: Cisco Emergency Responder
-CVE-2016-1330
+CVE-2016-1330 (Cisco IOS 15.2(4)E on Industrial Ethernet 2000 devices allows remote a ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2016-1329
+CVE-2016-1329 (Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and  ...)
 	NOT-FOR-US: Cisco Nexus
-CVE-2016-1328
+CVE-2016-1328 (goform/WClientMACList on Cisco EPC3928 devices allows remote attackers ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1327
+CVE-2016-1327 (Buffer overflow in the web server on Cisco DPC2203 and EPC2203 devices ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1326
+CVE-2016-1326 (The administration interface on Cisco DPQ3925 devices with firmware r1 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1325
+CVE-2016-1325 (The administration interface on Cisco DPC3939B and DPC3941 devices all ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1324
+CVE-2016-1324 (The REST interface in Cisco Spark 2015-06 allows remote attackers to c ...)
 	NOT-FOR-US: Cisco Spark
-CVE-2016-1323
+CVE-2016-1323 (The REST interface in Cisco Spark 2015-06 allows remote authenticated  ...)
 	NOT-FOR-US: Cisco Spark
-CVE-2016-1322
+CVE-2016-1322 (The REST interface in Cisco Spark 2015-07-04 allows remote attackers t ...)
 	NOT-FOR-US: Cisco Spark
-CVE-2016-1321
+CVE-2016-1321 (Cisco Universal Small Cell devices with firmware R2.12 through R3.5 co ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1320
+CVE-2016-1320 (The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users t ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1319
+CVE-2016-1319 (Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28) ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1318
+CVE-2016-1318 (Cross-site scripting (XSS) vulnerability in Cisco Application Policy I ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1317
+CVE-2016-1317 (Cisco Unified Communications Manager 11.5(0.98000.480) allows remote a ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1316
+CVE-2016-1316 (Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1315
+CVE-2016-1315 (The proxy engine in Cisco Advanced Malware Protection (AMP), when used ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1314
+CVE-2016-1314 (Cross-site scripting (XSS) vulnerability in Cisco Unified Communicatio ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1313
+CVE-2016-1313 (Cisco UCS Invicta C3124SA Appliance 4.3.1 through 5.0.1, UCS Invicta S ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1312
+CVE-2016-1312 (The HTTPS inspection engine in the Content Security and Control Securi ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1311
+CVE-2016-1311 (Cross-site scripting (XSS) vulnerability in the management interface i ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1310
+CVE-2016-1310 (Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11. ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1309
+CVE-2016-1309 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Mee ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1308
+CVE-2016-1308 (SQL injection vulnerability in Cisco Unified Communications Manager 10 ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1307
+CVE-2016-1307 (The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and U ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1306
+CVE-2016-1306 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Fog Direc ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1305
+CVE-2016-1305 (Cross-site scripting (XSS) vulnerability in Cisco Application Policy I ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1304
+CVE-2016-1304 (Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 10. ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1303
+CVE-2016-1303 (The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1302
+CVE-2016-1302 (Cisco Application Policy Infrastructure Controller (APIC) devices with ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1301
+CVE-2016-1301 (The RBAC implementation in Cisco ASA-CX Content-Aware Security softwar ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1300
+CVE-2016-1300 (Cross-site scripting (XSS) vulnerability in Cisco Unity Connection (UC ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1299
+CVE-2016-1299 (The web-management GUI implementation on Cisco Small Business SG300 de ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1298
+CVE-2016-1298 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified C ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1297
+CVE-2016-1297 (The Device Manager GUI in Cisco Application Control Engine (ACE) 4710  ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1296
+CVE-2016-1296 (The proxy engine on Cisco Web Security Appliance (WSA) devices with so ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1295
+CVE-2016-1295 (Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote att ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1294
+CVE-2016-1294 (Cross-site scripting (XSS) vulnerability in the Management Center in C ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1293
+CVE-2016-1293 (Multiple cross-site scripting (XSS) vulnerabilities in the Management  ...)
 	NOT-FOR-US: Cisco
 CVE-2016-1292
 	RESERVED
-CVE-2016-1291
+CVE-2016-1291 (Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Prog ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1290
+CVE-2016-1290 (The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2016-1289
+CVE-2016-1289 (The API in Cisco Prime Infrastructure 1.2 through 3.0 and Evolved Prog ...)
 	NOT-FOR-US: Cisco Prime
-CVE-2016-1288
+CVE-2016-1288 (The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x befo ...)
 	NOT-FOR-US: Cisco Web Security Appliance
-CVE-2016-1287
+CVE-2016-1287 (Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA So ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2016-1286
+CVE-2016-1286 (named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allo ...)
 	{DSA-3511-1}
 	- bind9 1:9.10.3.dfsg.P4-6
 	NOTE: https://kb.isc.org/article/AA-01353
-CVE-2016-1285
+CVE-2016-1285 (named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does ...)
 	{DSA-3511-1}
 	- bind9 1:9.10.3.dfsg.P4-6
 	NOTE: https://kb.isc.org/article/AA-01352
-CVE-2016-1284
+CVE-2016-1284 (rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before 9.9. ...)
 	- bind9 <not-affected> (Only Supported Preview Edition/Subscription Edition)
 	NOTE: https://kb.isc.org/article/AA-01348
-CVE-2016-1505
+CVE-2016-1505 (The filesystem storage backend in Radicale before 1.1 on Windows allow ...)
 	- radicale <not-affected> (Only an issue on MS Windows)
-CVE-2016-1494
+CVE-2016-1494 (The verify function in the RSA package for Python (Python-RSA) before  ...)
 	- python-rsa 3.2.3-1.1 (bug #809980)
 	[jessie] - python-rsa 3.1.4-1+deb8u1
 	NOTE: proposed fix: https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff
 	NOTE: https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/
 CVE-2016-1282
 	RESERVED
-CVE-2016-1281
+CVE-2016-1281 (Untrusted search path vulnerability in the installer for TrueCrypt 7.2 ...)
 	NOT-FOR-US: Truecrypt
-CVE-2016-1283
+CVE-2016-1283 (The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles t ...)
 	- pcre3 2:8.38-3.1 (bug #809706)
 	[jessie] - pcre3 2:8.35-3.3+deb8u3
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -28910,77 +28910,77 @@ CVE-2016-1283
 	- pcre2 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1767
 	NOTE: Upstream fix: http://vcs.pcre.org/pcre?view=revision&revision=1636
-CVE-2016-1280
+CVE-2016-1280 (PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D3 ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1279
+CVE-2016-1279 (J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 bef ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1278
+CVE-2016-1278 (Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to " ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1277
+CVE-2016-1277 (Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D40, 12.3X ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1276
+CVE-2016-1276 (Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D23, 12.3X ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1275
+CVE-2016-1275 (Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 befo ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1274
+CVE-2016-1274 (Juniper Junos OS 14.1X53 before 14.1X53-D30 on QFX Series switches all ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1273
+CVE-2016-1273 (Juniper Junos OS before 13.2X51-D40, 14.x before 14.1X53-D30, and 15.x ...)
 	NOT-FOR-US: Juniper Junos OS
 CVE-2016-1272
 	RESERVED
-CVE-2016-1271
+CVE-2016-1271 (Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3  ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1270
+CVE-2016-1270 (The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before  ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1269
+CVE-2016-1269 (Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D40, 12.1X ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1268
+CVE-2016-1268 (The administrative web services interface in Juniper ScreenOS before 6 ...)
 	NOT-FOR-US: Juniper ScreenOS
-CVE-2016-1267
+CVE-2016-1267 (Race condition in the RPC functionality in Juniper Junos OS before 12. ...)
 	NOT-FOR-US: Juniper Junos OS
 CVE-2016-1266
 	RESERVED
-CVE-2016-1265
+CVE-2016-1265 (A remote unauthenticated network based attacker with access to Junos S ...)
 	NOT-FOR-US: Juniper
-CVE-2016-1264
+CVE-2016-1264 (Race condition in the Op command in Juniper Junos OS before 12.1X44-D5 ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1263
+CVE-2016-1263 (Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X ...)
 	NOT-FOR-US: Juniper Junos OS
-CVE-2016-1262
+CVE-2016-1262 (Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X ...)
 	NOT-FOR-US: Juniper
-CVE-2016-1261
+CVE-2016-1261 (J-Web does not validate certain input that may lead to cross-site requ ...)
 	NOT-FOR-US: Juniper
-CVE-2016-1260
+CVE-2016-1260 (Juniper Junos OS before 13.2X51-D36, 14.1X53 before 14.1X53-D25, and 1 ...)
 	NOT-FOR-US: Juniper
 CVE-2016-1259
 	RESERVED
-CVE-2016-1258
+CVE-2016-1258 (Embedthis Appweb, as used in J-Web in Juniper Junos OS before 12.1X44- ...)
 	NOT-FOR-US: Juniper
-CVE-2016-1257
+CVE-2016-1257 (The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 b ...)
 	NOT-FOR-US: Juniper
-CVE-2016-1256
+CVE-2016-1256 (Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X ...)
 	NOT-FOR-US: Juniper
-CVE-2016-1255
+CVE-2016-1255 (The pg_ctlcluster script in postgresql-common package in Debian wheezy ...)
 	{DLA-774-1}
 	- postgresql-common 178
 	[jessie] - postgresql-common 165+deb8u2
 	NOTE: Fix: https://anonscm.debian.org/cgit/pkg-postgresql/postgresql-common.git/commit/?id=c8989206ec360f199400c74f129f7b4cb878c1ee
 	NOTE: Testsuite update: https://anonscm.debian.org/cgit/pkg-postgresql/postgresql-common.git/commit/?id=30f0e4200cfc358b4536bf5d1f6c48abb779d438
-CVE-2016-1254
+CVE-2016-1254 (Tor before 0.2.8.12 might allow remote attackers to cause a denial of  ...)
 	{DSA-3741-1 DLA-754-1}
 	- tor 0.2.9.8-2 (bug #848847)
 	NOTE: https://blog.torproject.org/blog/tor-02812-released
 	NOTE: https://trac.torproject.org/projects/tor/ticket/21018
-CVE-2016-1253
+CVE-2016-1253 (The most package in Debian wheezy before 5.0.0a-2.2, in Debian jessie  ...)
 	{DLA-745-1}
 	- most 5.0.0a-3 (bug #848132)
 	[jessie] - most 5.0.0a-2.3+deb8u1
-CVE-2016-1252
+CVE-2016-1252 (The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable  ...)
 	{DSA-3733-1}
 	- apt 1.4~beta2
 	[wheezy] - apt <not-affected> (Issue introduced in apt >= 0.9.8)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1647467
-CVE-2016-1251
+CVE-2016-1251 (There is a vulnerability of type use-after-free affecting DBD::mysql ( ...)
 	- libdbd-mysql-perl 4.041-1
 	[jessie] - libdbd-mysql-perl <no-dsa> (Minor issue)
 	[wheezy] - libdbd-mysql-perl <no-dsa> (Minor issue)
@@ -28988,47 +28988,47 @@ CVE-2016-1251
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1 (4.041)
 CVE-2016-1250
 	REJECTED
-CVE-2016-1249
+CVE-2016-1249 (The DBD::mysql module before 4.039 for Perl, when using server-side pr ...)
 	- libdbd-mysql-perl 4.039-1 (bug #844475)
 	[jessie] - libdbd-mysql-perl <no-dsa> (Minor issue)
 	[wheezy] - libdbd-mysql-perl <no-dsa> (Minor issue)
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/793b72b1a0baa5070adacaac0e12fd995a6fbabe (4.039)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/16/1
-CVE-2016-1248
+CVE-2016-1248 (vim before patch 8.0.0056 does not properly validate values for the 'f ...)
 	{DSA-3722-1 DLA-718-1}
 	- vim 2:8.0.0095-1
 	- neovim 0.1.6-4
 	NOTE: Fixed by: https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a
 	NOTE: Fixed by (neovim): https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040
-CVE-2016-1247
+CVE-2016-1247 (The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx pa ...)
 	{DSA-3701-1}
 	- nginx 1.10.2-1 (bug #842295)
 	[wheezy] - nginx <not-affected> (Introduced by the fix for CVE-2013-0337, not applied)
 	NOTE: Issue introduced with the Debian specific fix for CVE-2013-0337 / #701112
 	NOTE: http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
-CVE-2016-1246
+CVE-2016-1246 (Buffer overflow in the DBD::mysql module before 4.037 for Perl allows  ...)
 	{DSA-3684-1 DLA-656-1}
 	- libdbd-mysql-perl 4.037-1 (low)
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/7c164a0c86cec6ee95df1d141e67b0e85dfdefd2 (4.037)
-CVE-2016-1245
+CVE-2016-1245 (It was discovered that the zebra daemon in Quagga before 1.0.20161017  ...)
 	{DSA-3695-1 DLA-662-1}
 	- quagga 1.0.20160315-3 (bug #841162)
 	NOTE: Fixed by: https://github.com/Quagga/quagga/commit/cfb1fae25f8c092e0d17073eaf7bd428ce1cd546
 	NOTE: https://lists.quagga.net/pipermail/quagga-users/2016-October/014478.html
-CVE-2016-1244
+CVE-2016-1244 (The extractTree function in unADF allows remote attackers to execute a ...)
 	{DSA-3676-1 DLA-631-1}
 	- unadf 0.7.11a-4 (bug #838248)
-CVE-2016-1243
+CVE-2016-1243 (Stack-based buffer overflow in the extractTree function in unADF allow ...)
 	{DSA-3676-1 DLA-631-1}
 	- unadf 0.7.11a-4 (bug #838248)
-CVE-2016-1242
+CVE-2016-1242 (file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3 ...)
 	{DSA-3656-1 DLA-607-1}
 	- tryton-server 4.0.4-1
-CVE-2016-1241
+CVE-2016-1241 (Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3. ...)
 	{DSA-3656-1}
 	- tryton-server 4.0.4-1
 	[wheezy] - tryton-server <not-affected> (password_hash field introduced in 3.2 series)
-CVE-2016-1240
+CVE-2016-1240 (The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 a ...)
 	{DSA-3670-1 DSA-3669-1 DLA-623-1 DLA-622-1}
 	- tomcat8 8.0.36-3
 	- tomcat7 7.0.70-3
@@ -29039,7 +29039,7 @@ CVE-2016-1239 [loads arbitrary code from the current untrusted directory]
 	- duck 0.10
 	[jessie] - duck 0.7+deb8u1
 	NOTE: https://anonscm.debian.org/cgit/collab-maint/duck.git/commit/?id=b43b5bbf07973c54b8f1c581a941f4facc97177a (0.10)
-CVE-2016-1238
+CVE-2016-1238 ((1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3)  ...)
 	{DSA-3628-1 DLA-1578-1 DLA-584-1 DLA-565-1}
 	- perl 5.22.2-3
 	- libsys-syslog-perl <removed>
@@ -29048,139 +29048,139 @@ CVE-2016-1238
 	NOTE: Although more modules and scripts are affected by similar issue and mentioned
 	NOTE: in the DSA/DLA, the CVE is for src:perl (and libsys-syslog-perl beeing dual-lived)
 	NOTE: and thus not adding more source packages here.
-CVE-2016-1237
+CVE-2016-1237 (nfsd in the Linux kernel through 4.6.3 allows local users to bypass in ...)
 	{DSA-3607-1}
 	- linux 4.6.2-2
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://git.kernel.org/linus/4ac7249ea5a0ceef9f8269f63f33cc873c3fac61 (v3.14-rc1)
 	NOTE: Prerequisite: https://git.kernel.org/linus/485e71e8fb6356c08c7fc6bcce4bf02c9a9a663f
 	NOTE: Fixed by: https://git.kernel.org/linus/999653786df6954a31044528ac3f7a5dadca08f4
-CVE-2016-1236
+CVE-2016-1236 (Multiple cross-site scripting (XSS) vulnerabilities in (1) revision.ph ...)
 	{DSA-3572-1 DLA-462-1}
 	- websvn <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/05/22
-CVE-2016-1235
+CVE-2016-1235 (The oarsh script in OAR before 2.5.7 allows remote authenticated users ...)
 	{DSA-3543-1}
 	- oar 2.5.7-1 (bug #819952)
 	NOTE: https://raw.githubusercontent.com/oar-team/oar/ce77ffed620fdce94881c9b35064507777c24a1c/debian/patches/004-fix-oarsh-security-issue
-CVE-2016-1234
+CVE-2016-1234 (Stack-based buffer overflow in the glob implementation in GNU C Librar ...)
 	{DLA-494-1}
 	- glibc 2.22-8
 	[jessie] - glibc 2.19-18+deb8u5
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Minor issue, can be fixed in a point update)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19779
-CVE-2016-1233
+CVE-2016-1233 (An unspecified udev rule in the Debian fuse package in jessie before 2 ...)
 	{DSA-3451-1}
 	- fuse 2.9.5-1
 	[wheezy] - fuse <not-affected> (Problematic permissions via udev rule not set)
 	[squeeze] - fuse <not-affected> (Problematic permissions via udev rule not set)
-CVE-2016-1232
+CVE-2016-1232 (The mod_dialback module in Prosody before 0.9.9 does not properly gene ...)
 	{DSA-3439-1 DLA-391-1}
 	- prosody 0.9.9-1
 	NOTE: https://prosody.im/security/advisory_20160108-2/
-CVE-2016-1231
+CVE-2016-1231 (Directory traversal vulnerability in the HTTP file-serving module (mod ...)
 	{DSA-3439-1}
 	- prosody 0.9.9-1
 	[squeeze] - prosody <not-affected> (Vulnerable code not present)
 	NOTE: https://prosody.im/security/advisory_20160108-1/
-CVE-2016-1230
+CVE-2016-1230 (Cross-site scripting (XSS) vulnerability in NTT PC Communications WebA ...)
 	NOT-FOR-US: NTT
-CVE-2016-1229
+CVE-2016-1229 (Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 throu ...)
 	NOT-FOR-US: HumHub
-CVE-2016-1228
+CVE-2016-1228 (Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari Den ...)
 	NOT-FOR-US: NTT
-CVE-2016-1227
+CVE-2016-1227 (NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV ...)
 	NOT-FOR-US: NTT
-CVE-2016-1226
+CVE-2016-1226 (Cross-site scripting (XSS) vulnerability in Trend Micro Internet Secur ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-1225
+CVE-2016-1225 (Trend Micro Internet Security 8 and 10 allows remote attackers to read ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-1224
+CVE-2016-1224 (CRLF injection vulnerability in Trend Micro Worry-Free Business Securi ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-1223
+CVE-2016-1223 (Directory traversal vulnerability in Trend Micro Office Scan 11.0, Wor ...)
 	NOT-FOR-US: Trend Micro
-CVE-2016-1222
+CVE-2016-1222 (Cross-site scripting (XSS) vulnerability in Kobe Beauty php-contact-fo ...)
 	NOT-FOR-US: Kobe Beauty
-CVE-2016-1221
+CVE-2016-1221 (Jetstar App for iOS before 3.0.0 does not verify X.509 certificates fr ...)
 	NOT-FOR-US: Jetstar App
-CVE-2016-1220
+CVE-2016-1220 (Cybozu Garoon before 4.2.2 does not properly restrict access. ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1219
+CVE-2016-1219 (Cybozu Garoon before 4.2.2 allows remote attackers to bypass login aut ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1218
+CVE-2016-1218 (SQL injection vulnerability in Cybozu Garoon before 4.2.2. ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1217
+CVE-2016-1217 (Cross-site scripting (XSS) vulnerability in the "Check available times ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1216
+CVE-2016-1216 (Cross-site scripting (XSS) vulnerability in the "New appointment" func ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1215
+CVE-2016-1215 (Cross-site scripting (XSS) vulnerability in the "User details" functio ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1214
+CVE-2016-1214 (Cross-site scripting (XSS) vulnerability in the "Response request" fun ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1213
+CVE-2016-1213 (The "Scheduler" function in Cybozu Garoon before 4.2.2 allows remote a ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1212
+CVE-2016-1212 (Directory traversal vulnerability in futomi MP Form Mail CGI Professio ...)
 	NOT-FOR-US: futomi MP Form Mail CGI Professional Edition
-CVE-2016-1211
+CVE-2016-1211 (Cross-site scripting (XSS) vulnerability in Epoch Web Mailing List 0.3 ...)
 	NOT-FOR-US: Epoch Web Mailing List
-CVE-2016-1210
+CVE-2016-1210 (The 105 BANK app 1.0 and 1.1 for Android and 1.0 for iOS does not veri ...)
 	NOT-FOR-US: 105 BANK app
-CVE-2016-1209
+CVE-2016-1209 (The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote att ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2016-1208
+CVE-2016-1208 (The server in Apple FileMaker before 14.0.4 on OS X allows remote atta ...)
 	NOT-FOR-US: Apple FileMaker
-CVE-2016-1207
+CVE-2016-1207 (Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R d ...)
 	NOT-FOR-US: I-O DATA
-CVE-2016-1206
+CVE-2016-1206 (The WPS implementation on I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, WN-G ...)
 	NOT-FOR-US: I-O DATA
-CVE-2016-1205
+CVE-2016-1205 (Cross-site scripting (XSS) vulnerability in the shiro8 (1) category_fr ...)
 	NOT-FOR-US: EC-CUBE plugin
 CVE-2016-1204
 	RESERVED
 CVE-2016-1203
 	RESERVED
-CVE-2016-1202
+CVE-2016-1202 (Untrusted search path vulnerability in Atom Electron before 0.33.5 all ...)
 	NOT-FOR-US: Atom Electron
-CVE-2016-1201
+CVE-2016-1201 (Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 3.0. ...)
 	NOT-FOR-US: LOCKON
-CVE-2016-1200
+CVE-2016-1200 (The management screen in LOCKON EC-CUBE 3.0.7 through 3.0.9 allows rem ...)
 	NOT-FOR-US: LOCKON
-CVE-2016-1199
+CVE-2016-1199 (The login page in the management screen in LOCKON EC-CUBE 3.0.0 throug ...)
 	NOT-FOR-US: LOCKON
-CVE-2016-1198
+CVE-2016-1198 (Photopt for Android before 2.0.1 does not verify SSL certificates. ...)
 	NOT-FOR-US: Photopt for Android
-CVE-2016-1197
+CVE-2016-1197 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before 4 ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1196
+CVE-2016-1196 (Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated use ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1195
+CVE-2016-1195 (Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1  ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1194
+CVE-2016-1194 (Cybozu Garoon before 4.2.1 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1193
+CVE-2016-1193 (Cybozu Garoon 3.7 through 4.2 allows remote attackers to obtain sensit ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1192
+CVE-2016-1192 (Directory traversal vulnerability in the logging implementation in Cyb ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1191
+CVE-2016-1191 (Directory traversal vulnerability in the Files function in Cybozu Garo ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1190
+CVE-2016-1190 (Cybozu Garoon 3.1 through 4.2 allows remote authenticated users to byp ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1189
+CVE-2016-1189 (Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated use ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1188
+CVE-2016-1188 (Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated use ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1187
+CVE-2016-1187 (Cybozu KUNAI for iPhone 2.0.3 through 3.1.5 and for Android 2.1.2 thro ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1186
+CVE-2016-1186 (Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL ser ...)
 	NOT-FOR-US: Kintone mobile for Android
-CVE-2016-1185
+CVE-2016-1185 (The Cybozu kintone mobile application 1.x before 1.0.6 for Android all ...)
 	NOT-FOR-US: Cybozu
-CVE-2016-1184
+CVE-2016-1184 (Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for ...)
 	NOT-FOR-US: Tokyo Star bank App for Android
-CVE-2016-1183
+CVE-2016-1183 (NTT Data TERASOLUNA Server Framework for Java(WEB) 2.0.0.1 through 2.0 ...)
 	NOT-FOR-US: NTT
-CVE-2016-1182
+CVE-2016-1182 (ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not prop ...)
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <no-dsa> (basically fixed in CVE-2015-0899)
 	NOTE: https://jvn.jp/en/jp/JVN65044642/
@@ -29189,7 +29189,7 @@ CVE-2016-1182
 	NOTE: condition two can be fixed by the following patch:
 	NOTE: https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8
 	NOTE: but as this completely deactivates multipart requests, this should not be generally applied
-CVE-2016-1181
+CVE-2016-1181 (ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles mu ...)
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <no-dsa> (basically fixed in CVE-2015-0899)
 	NOTE: https://jvn.jp/en/jp/JVN03188560/
@@ -29198,33 +29198,33 @@ CVE-2016-1181
 	NOTE: condition two can be fixed by the following patch:
 	NOTE: https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8
 	NOTE: but as this completely deactivates multipart requests, this should not be generally applied
-CVE-2016-1180
+CVE-2016-1180 (Cross-site scripting (XSS) vulnerability in the Cyber-Will Social-butt ...)
 	NOT-FOR-US: Cyber-Will Social-button Premium plugin
-CVE-2016-1179
+CVE-2016-1179 (Cross-site scripting (XSS) vulnerability in the standard template of t ...)
 	NOT-FOR-US: appleple a-blog cms
-CVE-2016-1178
+CVE-2016-1178 (The session management of the comment functionality in appleple a-blog ...)
 	NOT-FOR-US: appleple a-blog cms
-CVE-2016-1177
+CVE-2016-1177 (The management screen in Falcon WisePoint 4.3.1 and earlier and WisePo ...)
 	NOT-FOR-US: Falcon WisePoint
-CVE-2016-1176
+CVE-2016-1176 (Buffer overflow in the ActiveX control in Sharp EVA Animeter allows re ...)
 	NOT-FOR-US: Sharp EVA Animeter
-CVE-2016-1175
+CVE-2016-1175 (Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player  ...)
 	NOT-FOR-US: AQUOS Photo Player
-CVE-2016-1174
+CVE-2016-1174 (Cross-site request forgery (CSRF) vulnerability in the Menubook plugin ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-1173
+CVE-2016-1173 (Cross-site scripting (XSS) vulnerability in the Menubook plugin before ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-1172
+CVE-2016-1172 (Cross-site request forgery (CSRF) vulnerability in the Recruit plugin  ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-1171
+CVE-2016-1171 (Cross-site scripting (XSS) vulnerability in the Recruit plugin before  ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-1170
+CVE-2016-1170 (Cross-site request forgery (CSRF) vulnerability in the Casebook plugin ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-1169
+CVE-2016-1169 (Cross-site scripting (XSS) vulnerability in the Casebook plugin before ...)
 	NOT-FOR-US: baserCMS
-CVE-2016-1168
+CVE-2016-1168 (Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP d ...)
 	NOT-FOR-US: NEC
-CVE-2016-1167
+CVE-2016-1167 (Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP d ...)
 	NOT-FOR-US: NEC
 CVE-2016-1166
 	REJECTED
@@ -29236,472 +29236,472 @@ CVE-2016-1163
 	REJECTED
 CVE-2016-1162
 	REJECTED
-CVE-2016-1161
+CVE-2016-1161 (Cross-site request forgery (CSRF) vulnerability in ManageEngine Passwo ...)
 	NOT-FOR-US: ManageEngine Password Manager Pro
-CVE-2016-1160
+CVE-2016-1160 (Cross-site scripting (XSS) vulnerability in the WP Favorite Posts plug ...)
 	NOT-FOR-US: WP Favorite Posts plugin for WordPress
 CVE-2016-1159
 	RESERVED
-CVE-2016-1158
+CVE-2016-1158 (Cross-site request forgery (CSRF) vulnerability on Corega CG-WLBARGMH  ...)
 	NOT-FOR-US: Corega
-CVE-2016-1157
+CVE-2016-1157 (Cross-site scripting (XSS) vulnerability in log_chat.cgi in Script* Lo ...)
 	NOT-FOR-US: Log-Chat
-CVE-2016-1156
+CVE-2016-1156 (LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X al ...)
 	NOT-FOR-US: LINE
-CVE-2016-1155
+CVE-2016-1155 (HTTP header injection vulnerability in the URLConnection class in Andr ...)
 	NOT-FOR-US: Android
-CVE-2016-1154
+CVE-2016-1154 (SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in C ...)
 	NOT-FOR-US: Cuore EC-CUBE
-CVE-2016-1153
+CVE-2016-1153 (customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenti ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2016-1152
+CVE-2016-1152 (Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users t ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2016-1151
+CVE-2016-1151 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cybozu O ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2016-1150
+CVE-2016-1150 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 throug ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2016-1149
+CVE-2016-1149 (Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 throug ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2016-1148
+CVE-2016-1148 (Akerun - Smart Lock Robot App for iOS before 1.2.4 does not verify SSL ...)
 	NOT-FOR-US: Akerun
 CVE-2016-1147
 	REJECTED
 CVE-2016-1146
 	REJECTED
-CVE-2016-1145
+CVE-2016-1145 (Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER  ...)
 	NOT-FOR-US: NEC EXPRESSCLUSTER
-CVE-2016-1144
+CVE-2016-1144 (Cross-site scripting (XSS) vulnerability in JOB-CUBE -JOB WEB SYSTEM b ...)
 	NOT-FOR-US: High Income
-CVE-2016-1143
+CVE-2016-1143 (Cross-site scripting (XSS) vulnerability in main.rb in Vine MV before  ...)
 	NOT-FOR-US: Vine MV
-CVE-2016-1142
+CVE-2016-1142 (Seeds acmailer before 3.8.21 and 3.9.x before 3.9.15 Beta allows remot ...)
 	NOT-FOR-US: Seeds acmailer
-CVE-2016-1141
+CVE-2016-1141 (KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users  ...)
 	NOT-FOR-US: KDDI HOME SPOT CUBE
-CVE-2016-1140
+CVE-2016-1140 (KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct ...)
 	NOT-FOR-US: KDDI HOME SPOT CUBE
-CVE-2016-1139
+CVE-2016-1139 (Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE ...)
 	NOT-FOR-US: KDDI HOME SPOT CUBE
-CVE-2016-1138
+CVE-2016-1138 (CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 a ...)
 	NOT-FOR-US: KDDI HOME SPOT CUBE
-CVE-2016-1137
+CVE-2016-1137 (Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 al ...)
 	NOT-FOR-US: KDDI HOME SPOT CUBE
-CVE-2016-1136
+CVE-2016-1136 (Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE device ...)
 	NOT-FOR-US: KDDI HOME SPOT CUBE
-CVE-2016-1135
+CVE-2016-1135 (Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 devices  ...)
 	NOT-FOR-US: BUFFALO
-CVE-2016-1134
+CVE-2016-1134 (Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 d ...)
 	NOT-FOR-US: BUFFALO
-CVE-2016-1133
+CVE-2016-1133 (CRLF injection vulnerability in the on_req function in lib/handler/red ...)
 	- h2o <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/h2o/h2o/issues/682
 	NOTE: https://github.com/h2o/h2o/issues/684
 	NOTE: https://github.com/h2o/h2o/pull/684
-CVE-2016-1132
+CVE-2016-1132 (Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify S ...)
 	NOT-FOR-US: Shoplat App
-CVE-2016-1131
+CVE-2016-1131 (Buffer overflow in the CL_vsprintf function in Takumi Yamada DX Librar ...)
 	NOT-FOR-US: Takumi Yamada
-CVE-2016-1130
+CVE-2016-1130 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1129
+CVE-2016-1129 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1128
+CVE-2016-1128 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1127
+CVE-2016-1127 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1126
+CVE-2016-1126 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1125
+CVE-2016-1125 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1124
+CVE-2016-1124 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1123
+CVE-2016-1123 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1122
+CVE-2016-1122 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1121
+CVE-2016-1121 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1120
+CVE-2016-1120 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1119
+CVE-2016-1119 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1118
+CVE-2016-1118 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1117
+CVE-2016-1117 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1116
+CVE-2016-1116 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1115
+CVE-2016-1115 (Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 bef ...)
 	NOT-FOR-US: Adobe
-CVE-2016-1114
+CVE-2016-1114 (Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 bef ...)
 	NOT-FOR-US: Adobe
-CVE-2016-1113
+CVE-2016-1113 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before ...)
 	NOT-FOR-US: Adobe
-CVE-2016-1112
+CVE-2016-1112 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1111
+CVE-2016-1111 (Double free vulnerability in Adobe Reader and Acrobat before 11.0.14,  ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1110
+CVE-2016-1110 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1109
+CVE-2016-1109 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1108
+CVE-2016-1108 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1107
+CVE-2016-1107 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1106
+CVE-2016-1106 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1105
+CVE-2016-1105 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1104
+CVE-2016-1104 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1103
+CVE-2016-1103 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1102
+CVE-2016-1102 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1101
+CVE-2016-1101 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1100
+CVE-2016-1100 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1099
+CVE-2016-1099 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1098
+CVE-2016-1098 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1097
+CVE-2016-1097 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1096
+CVE-2016-1096 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1095
+CVE-2016-1095 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1094
+CVE-2016-1094 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1093
+CVE-2016-1093 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1092
+CVE-2016-1092 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1091
+CVE-2016-1091 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-1090
+CVE-2016-1090 (Untrusted search path vulnerability in Adobe Reader and Acrobat before ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1089
+CVE-2016-1089 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-1088
+CVE-2016-1088 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1087
+CVE-2016-1087 (Untrusted search path vulnerability in Adobe Reader and Acrobat before ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1086
+CVE-2016-1086 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1085
+CVE-2016-1085 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1084
+CVE-2016-1084 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1083
+CVE-2016-1083 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1082
+CVE-2016-1082 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1081
+CVE-2016-1081 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1080
+CVE-2016-1080 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1079
+CVE-2016-1079 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1078
+CVE-2016-1078 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1077
+CVE-2016-1077 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1076
+CVE-2016-1076 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1075
+CVE-2016-1075 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1074
+CVE-2016-1074 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1073
+CVE-2016-1073 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1072
+CVE-2016-1072 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1071
+CVE-2016-1071 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1070
+CVE-2016-1070 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1069
+CVE-2016-1069 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1068
+CVE-2016-1068 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1067
+CVE-2016-1067 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1066
+CVE-2016-1066 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1065
+CVE-2016-1065 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1064
+CVE-2016-1064 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1063
+CVE-2016-1063 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1062
+CVE-2016-1062 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1061
+CVE-2016-1061 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1060
+CVE-2016-1060 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1059
+CVE-2016-1059 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1058
+CVE-2016-1058 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1057
+CVE-2016-1057 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1056
+CVE-2016-1056 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1055
+CVE-2016-1055 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1054
+CVE-2016-1054 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1053
+CVE-2016-1053 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1052
+CVE-2016-1052 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1051
+CVE-2016-1051 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1050
+CVE-2016-1050 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1049
+CVE-2016-1049 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1048
+CVE-2016-1048 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1047
+CVE-2016-1047 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1046
+CVE-2016-1046 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1045
+CVE-2016-1045 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1044
+CVE-2016-1044 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1043
+CVE-2016-1043 (Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat a ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1042
+CVE-2016-1042 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1041
+CVE-2016-1041 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1040
+CVE-2016-1040 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1039
+CVE-2016-1039 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1038
+CVE-2016-1038 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1037
+CVE-2016-1037 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2016-1036
+CVE-2016-1036 (Cross-site scripting (XSS) vulnerability in Adobe Analytics AppMeasure ...)
 	NOT-FOR-US: Adobe
-CVE-2016-1035
+CVE-2016-1035 (Adobe RoboHelp Server 9 before 9.0.1 mishandles SQL queries, which all ...)
 	NOT-FOR-US: Adobe
-CVE-2016-1034
+CVE-2016-1034 (The Sync Process in the JavaScript API for Creative Cloud Libraries in ...)
 	NOT-FOR-US: Adobe
-CVE-2016-1033
+CVE-2016-1033 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1032
+CVE-2016-1032 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1031
+CVE-2016-1031 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1030
+CVE-2016-1030 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1029
+CVE-2016-1029 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1028
+CVE-2016-1028 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1027
+CVE-2016-1027 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1026
+CVE-2016-1026 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1025
+CVE-2016-1025 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1024
+CVE-2016-1024 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1023
+CVE-2016-1023 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1022
+CVE-2016-1022 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1021
+CVE-2016-1021 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1020
+CVE-2016-1020 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1019
+CVE-2016-1019 (Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to c ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1018
+CVE-2016-1018 (Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 an ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1017
+CVE-2016-1017 (Use-after-free vulnerability in the LoadVars.decode function in Adobe  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1016
+CVE-2016-1016 (Use-after-free vulnerability in the Transform object implementation in ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1015
+CVE-2016-1015 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1014
+CVE-2016-1014 (Untrusted search path vulnerability in Adobe Flash Player before 18.0. ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1013
+CVE-2016-1013 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1012
+CVE-2016-1012 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1011
+CVE-2016-1011 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1010
+CVE-2016-1010 (Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x thro ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1009
+CVE-2016-1009 (Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-1008
+CVE-2016-1008 (Untrusted search path vulnerability in Adobe Reader and Acrobat before ...)
 	NOT-FOR-US: Adobe
-CVE-2016-1007
+CVE-2016-1007 (Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-1006
+CVE-2016-1006 (Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1005
+CVE-2016-1005 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2016-1004
 	REJECTED
 CVE-2016-1003
 	REJECTED
-CVE-2016-1002
+CVE-2016-1002 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1001
+CVE-2016-1001 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-1000
+CVE-2016-1000 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0999
+CVE-2016-0999 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0998
+CVE-2016-0998 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0997
+CVE-2016-0997 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0996
+CVE-2016-0996 (Use-after-free vulnerability in the setInterval method in Adobe Flash  ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0995
+CVE-2016-0995 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0994
+CVE-2016-0994 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0993
+CVE-2016-0993 (Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x thro ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0992
+CVE-2016-0992 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0991
+CVE-2016-0991 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0990
+CVE-2016-0990 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0989
+CVE-2016-0989 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0988
+CVE-2016-0988 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0987
+CVE-2016-0987 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 a ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0986
+CVE-2016-0986 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0985
+CVE-2016-0985 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0984
+CVE-2016-0984 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0983
+CVE-2016-0983 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0982
+CVE-2016-0982 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0981
+CVE-2016-0981 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0980
+CVE-2016-0980 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0979
+CVE-2016-0979 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0978
+CVE-2016-0978 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0977
+CVE-2016-0977 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0976
+CVE-2016-0976 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0975
+CVE-2016-0975 (Use-after-free vulnerability in the instanceof function in Adobe Flash ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0974
+CVE-2016-0974 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 a ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0973
+CVE-2016-0973 (Use-after-free vulnerability in the URLRequest object implementation i ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0972
+CVE-2016-0972 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0971
+CVE-2016-0971 (Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0970
+CVE-2016-0970 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0969
+CVE-2016-0969 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0968
+CVE-2016-0968 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0967
+CVE-2016-0967 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0966
+CVE-2016-0966 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0965
+CVE-2016-0965 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0964
+CVE-2016-0964 (Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0963
+CVE-2016-0963 (Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x thro ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0962
+CVE-2016-0962 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0961
+CVE-2016-0961 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0960
+CVE-2016-0960 (Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0 ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0959
+CVE-2016-0959 (Use after free vulnerability in Adobe Flash Player Desktop Runtime bef ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2016-0958
+CVE-2016-0958 (Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote at ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0957
+CVE-2016-0957 (Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and  ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0956
+CVE-2016-0956 (The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Ex ...)
 	NOT-FOR-US: Apache Sling
-CVE-2016-0955
+CVE-2016-0955 (Cross-site scripting (XSS) vulnerability in Adobe Experience Manager ( ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0954
+CVE-2016-0954 (Adobe Digital Editions before 4.5.1 allows attackers to execute arbitr ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0953
+CVE-2016-0953 (Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0952
+CVE-2016-0952 (Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0951
+CVE-2016-0951 (Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0950
+CVE-2016-0950 (Adobe Connect before 9.5.2 allows remote attackers to spoof the user i ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0949
+CVE-2016-0949 (Adobe Connect before 9.5.2 allows remote attackers to have an unspecif ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0948
+CVE-2016-0948 (Cross-site request forgery (CSRF) vulnerability in Adobe Connect befor ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0947
+CVE-2016-0947 (Untrusted search path vulnerability in Adobe Download Manager, as used ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0946
+CVE-2016-0946 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0945
+CVE-2016-0945 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0944
+CVE-2016-0944 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0943
+CVE-2016-0943 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0942
+CVE-2016-0942 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0941
+CVE-2016-0941 (Use-after-free vulnerability in the Search object implementation in Ad ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0940
+CVE-2016-0940 (Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0939
+CVE-2016-0939 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0938
+CVE-2016-0938 (The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acroba ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0937
+CVE-2016-0937 (Use-after-free vulnerability in the OCG object implementation in Adobe ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0936
+CVE-2016-0936 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0935
+CVE-2016-0935 (Double free vulnerability in Adobe Reader and Acrobat before 11.0.14,  ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0934
+CVE-2016-0934 (Use-after-free vulnerability in AGM.dll in Adobe Reader and Acrobat be ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0933
+CVE-2016-0933 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0932
+CVE-2016-0932 (Use-after-free vulnerability in the Doc object implementation in Adobe ...)
 	NOT-FOR-US: Adobe
-CVE-2016-0931
+CVE-2016-0931 (Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC ...)
 	NOT-FOR-US: Adobe
-CVE-2016-1922
+CVE-2016-1922 (QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit W ...)
 	{DSA-3471-1 DSA-3470-1 DSA-3469-1}
 	- qemu 1:2.5+dfsg-4 (bug #811201)
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
@@ -29712,277 +29712,277 @@ CVE-2016-1922
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/16/1
 	NOTE: Possibly introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=4917cf44326a1bda2fd7f27303aff7a25ad86518 (v1.6.0-rc0)
 	NOTE: kvmapic introduced after 1.0.50 (http://git.qemu.org/?p=qemu.git;a=commit;h=e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b)
-CVE-2016-0930
+CVE-2016-0930 (Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before ...)
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0929
+CVE-2016-0929 (The metrics-collection component in RabbitMQ for Pivotal Cloud Foundry ...)
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0928
+CVE-2016-0928 (Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF)  ...)
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0927
+CVE-2016-0927 (Cross-site scripting (XSS) vulnerability in Pivotal Cloud Foundry (PCF ...)
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0926
+CVE-2016-0926 (Cross-site scripting (XSS) vulnerability in Apps Manager in Pivotal Cl ...)
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0925
+CVE-2016-0925 (Cross-site scripting (XSS) vulnerability in the Case Management applic ...)
 	NOT-FOR-US: EMC RSA Adaptive Authentication
 CVE-2016-0924
 	REJECTED
-CVE-2016-0923
+CVE-2016-0923 (The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0 ...)
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2016-0922
+CVE-2016-0922 (EMC ViPR SRM before 3.7.2 does not restrict the number of password-aut ...)
 	NOT-FOR-US: EMC ViPR SRM
-CVE-2016-0921
+CVE-2016-0921 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2016-0920
+CVE-2016-0920 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2016-0919
+CVE-2016-0919 (EMC RSA Web Threat Detection version 5.0, RSA Web Threat Detection ver ...)
 	NOT-FOR-US: RSA Web Threat Detection
-CVE-2016-0918
+CVE-2016-0918 (EMC RSA Identity Management and Governance before 6.8.1 P25 and 6.9.x  ...)
 	NOT-FOR-US: EMC RSA Identity Governance and Lifecycle
-CVE-2016-0917
+CVE-2016-0917 (The SMB service in EMC VNXe (VNXe3200 Operating Environment prior to 3 ...)
 	NOT-FOR-US: EMC VNX
-CVE-2016-0916
+CVE-2016-0916 (EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0. ...)
 	NOT-FOR-US: EMC NetWorker
-CVE-2016-0915
+CVE-2016-0915 (The Self-Service Portal in EMC RSA Authentication Manager (AM) Prime S ...)
 	NOT-FOR-US: EMC RSA Authentication Manager
-CVE-2016-0914
+CVE-2016-0914 (EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, D ...)
 	NOT-FOR-US: EMC Documentum WebTop and WebTop Clients
-CVE-2016-0913
+CVE-2016-0913 (The client in EMC Replication Manager (RM) before 5.5.3.0_01-PatchHotf ...)
 	NOT-FOR-US: EMC
-CVE-2016-0912
+CVE-2016-0912 (EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authen ...)
 	NOT-FOR-US: EMC Data Domain OS
-CVE-2016-0911
+CVE-2016-0911 (EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 has a default no_roo ...)
 	NOT-FOR-US: EMC Data Domain OS
-CVE-2016-0910
+CVE-2016-0910 (EMC Data Domain OS 5.5 before 5.5.4.0, 5.6 before 5.6.1.004, and 5.7 b ...)
 	NOT-FOR-US: EMC Data Domain OS
-CVE-2016-0909
+CVE-2016-0909 (EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions  ...)
 	NOT-FOR-US: EMC
-CVE-2016-0908
+CVE-2016-0908 (EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows  ...)
 	NOT-FOR-US: EMC Isilon
-CVE-2016-0907
+CVE-2016-0907 (EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0 ...)
 	NOT-FOR-US: EMC Isilon
-CVE-2016-0906
+CVE-2016-0906 (The web-restore interface in Avamar Data Store (ADS) and Avamar Virtua ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2016-0905
+CVE-2016-0905 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2016-0904
+CVE-2016-0904 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2016-0903
+CVE-2016-0903 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...)
 	NOT-FOR-US: EMC Avamar
-CVE-2016-0902
+CVE-2016-0902 (CRLF injection vulnerability in EMC RSA Authentication Manager before  ...)
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2016-0901
+CVE-2016-0901 (Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Man ...)
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2016-0900
+CVE-2016-0900 (Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Man ...)
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2016-0899
+CVE-2016-0899 (EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated us ...)
 	NOT-FOR-US: RSA Archer GRC Platform
-CVE-2016-0898
+CVE-2016-0898 (MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS ...)
 	NOT-FOR-US: MySQL for PCF tiles
-CVE-2016-0897
+CVE-2016-0897 (Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before ...)
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0896
+CVE-2016-0896 (Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.34 and 1.7.x be ...)
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0895
+CVE-2016-0895 (EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers ...)
 	NOT-FOR-US: EMC
-CVE-2016-0894
+CVE-2016-0894 (EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authentic ...)
 	NOT-FOR-US: EMC
-CVE-2016-0893
+CVE-2016-0893 (EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authentic ...)
 	NOT-FOR-US: EMC
-CVE-2016-0892
+CVE-2016-0892 (Cross-site scripting (XSS) vulnerability in EMC RSA Data Loss Preventi ...)
 	NOT-FOR-US: EMC
-CVE-2016-0891
+CVE-2016-0891 (Multiple cross-site request forgery (CSRF) vulnerabilities in administ ...)
 	NOT-FOR-US: EMC ViPR SRM
-CVE-2016-0890
+CVE-2016-0890 (EMC PowerPath Virtual (Management) Appliance 2.0, EMC PowerPath Virtua ...)
 	NOT-FOR-US: EMC
-CVE-2016-0889
+CVE-2016-0889 (An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appl ...)
 	NOT-FOR-US: EMC
-CVE-2016-0888
+CVE-2016-0888 (EMC Documentum D2 before 4.6 lacks intended ACLs for configuration obj ...)
 	NOT-FOR-US: EMC Documentum D2
-CVE-2016-0887
+CVE-2016-0887 (EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5,  ...)
 	NOT-FOR-US: EMC
-CVE-2016-0886
+CVE-2016-0886 (EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows  ...)
 	NOT-FOR-US: EMC Documentum
 CVE-2016-0885
 	REJECTED
 CVE-2016-0884
 	REJECTED
-CVE-2016-0883
+CVE-2016-0883 (Pivotal Cloud Foundry (PCF) Ops Manager before 1.5.14 and 1.6.x before ...)
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0882
+CVE-2016-0882 (EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows  ...)
 	NOT-FOR-US: EMC Documentum
-CVE-2016-0881
+CVE-2016-0881 (EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows  ...)
 	NOT-FOR-US: EMC Documentum
 CVE-2016-0880
 	REJECTED
-CVE-2016-0879
+CVE-2016-0879 (Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies ...)
 	NOT-FOR-US: Moxa
-CVE-2016-0878
+CVE-2016-0878 (Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attacke ...)
 	NOT-FOR-US: Moxa
-CVE-2016-0877
+CVE-2016-0877 (Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allow ...)
 	NOT-FOR-US: Moxa
-CVE-2016-0876
+CVE-2016-0876 (Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attacke ...)
 	NOT-FOR-US: Moxa
-CVE-2016-0875
+CVE-2016-0875 (Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attacke ...)
 	NOT-FOR-US: Moxa
 CVE-2016-0874
 	RESERVED
 CVE-2016-0873
 	RESERVED
-CVE-2016-0872
+CVE-2016-0872 (A Plaintext Storage of a Password issue was discovered in Kabona AB We ...)
 	NOT-FOR-US: Kabona AB WebDatorCentral
-CVE-2016-0871
+CVE-2016-0871 (Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attacke ...)
 	NOT-FOR-US: Eaton Lighting EG2 Web Control
-CVE-2016-0870
+CVE-2016-0870 (The web server in Trane Tracer SC 4.2.1134 and earlier allows remote a ...)
 	NOT-FOR-US: Trane Tracer
-CVE-2016-0869
+CVE-2016-0869 (Heap-based buffer overflow in MICROSYS PROMOTIC before 8.3.11 allows r ...)
 	NOT-FOR-US: MICROSYS PROMOTIC
-CVE-2016-0868
+CVE-2016-0868 (Stack-based buffer overflow on Rockwell Automation Allen-Bradley Micro ...)
 	NOT-FOR-US: MicroLogix
-CVE-2016-0867
+CVE-2016-0867 (CAREL PlantVisorEnhanced allows remote attackers to bypass intended ac ...)
 	NOT-FOR-US: CAREL
-CVE-2016-0866
+CVE-2016-0866 (Cross-site scripting (XSS) vulnerability in Tollgrade SmartGrid LightH ...)
 	NOT-FOR-US: Tollgrade
-CVE-2016-0865
+CVE-2016-0865 (Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software ...)
 	NOT-FOR-US: Tollgrade
-CVE-2016-0864
+CVE-2016-0864 (Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software ...)
 	NOT-FOR-US: Tollgrade
-CVE-2016-0863
+CVE-2016-0863 (Cross-site request forgery (CSRF) vulnerability in Tollgrade SmartGrid ...)
 	NOT-FOR-US: Tollgrade
-CVE-2016-0862
+CVE-2016-0862 (General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter device ...)
 	NOT-FOR-US: General Electric devices
-CVE-2016-0861
+CVE-2016-0861 (General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter device ...)
 	NOT-FOR-US: General Electric devices
-CVE-2016-0860
+CVE-2016-0860 (Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess befor ...)
 	NOT-FOR-US: BwpAlarm
-CVE-2016-0859
+CVE-2016-0859 (Integer overflow in the Kernel service in Advantech WebAccess before 8 ...)
 	NOT-FOR-US: Advantech
-CVE-2016-0858
+CVE-2016-0858 (Race condition in Advantech WebAccess before 8.1 allows remote attacke ...)
 	NOT-FOR-US: Advantech
-CVE-2016-0857
+CVE-2016-0857 (Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 ...)
 	NOT-FOR-US: Advantech
-CVE-2016-0856
+CVE-2016-0856 (Multiple stack-based buffer overflows in Advantech WebAccess before 8. ...)
 	NOT-FOR-US: Advantech
-CVE-2016-0855
+CVE-2016-0855 (Directory traversal vulnerability in Advantech WebAccess before 8.1 al ...)
 	NOT-FOR-US: Advantech
-CVE-2016-0854
+CVE-2016-0854 (Unrestricted file upload vulnerability in the uploadImageCommon functi ...)
 	NOT-FOR-US: Advantech
-CVE-2016-0853
+CVE-2016-0853 (Advantech WebAccess before 8.1 allows remote attackers to obtain sensi ...)
 	NOT-FOR-US: Advantech
-CVE-2016-0852
+CVE-2016-0852 (Advantech WebAccess before 8.1 allows remote attackers to bypass an in ...)
 	NOT-FOR-US: Advantech
-CVE-2016-0851
+CVE-2016-0851 (Advantech WebAccess before 8.1 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Advantech
-CVE-2016-0850
+CVE-2016-0850 (The PORCHE_PAIRING_CONFLICT feature in Bluetooth in Android 4.x before ...)
 	NOT-FOR-US: Android
-CVE-2016-0849
+CVE-2016-0849 (Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedu ...)
 	NOT-FOR-US: Android
-CVE-2016-0848
+CVE-2016-0848 (Race condition in Download Manager in Android 4.x before 4.4.4, 5.0.x  ...)
 	NOT-FOR-US: Android
-CVE-2016-0847
+CVE-2016-0847 (The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before 5.1. ...)
 	NOT-FOR-US: Android
-CVE-2016-0846
+CVE-2016-0846 (libs/binder/IMemory.cpp in the IMemory Native Interface in Android 4.x ...)
 	NOT-FOR-US: Android
 CVE-2016-0845
 	REJECTED
-CVE-2016-0844
+CVE-2016-0844 (The Qualcomm RF driver in Android 6.x before 2016-04-01 does not prope ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-0843
+CVE-2016-0843 (The Qualcomm ARM processor performance-event manager in Android 4.x be ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-0842
+CVE-2016-0842 (The H.264 decoder in libstagefright in Android 6.x before 2016-04-01 m ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-0841
+CVE-2016-0841 (media/libmedia/mediametadataretriever.cpp in mediaserver in Android 4. ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0840
+CVE-2016-0840 (Multiple stack-based buffer underflows in decoder/ih264d_parse_cavlc.c ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0839
+CVE-2016-0839 (post_proc/volume_listener.c in mediaserver in Android 6.x before 2016- ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0838
+CVE-2016-0838 (Sonivox in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2 ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0837
+CVE-2016-0837 (MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x bef ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-0836
+CVE-2016-0836 (Stack-based buffer overflow in decoder/impeg2d_vld.c in mediaserver in ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0835
+CVE-2016-0835 (decoder/impeg2d_dec_hdr.c in mediaserver in Android 6.x before 2016-04 ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0834
+CVE-2016-0834 (An unspecified media codec in mediaserver in Android 6.x before 2016-0 ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0833
+CVE-2016-0833 (Android allows users to cause a denial of service. ...)
 	NOT-FOR-US: Android
-CVE-2016-0832
+CVE-2016-0832 (Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01  ...)
 	NOT-FOR-US: Android
-CVE-2016-0831
+CVE-2016-0831 (The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoCon ...)
 	NOT-FOR-US: Android
-CVE-2016-0830
+CVE-2016-0830 (btif_config.c in Bluetooth in Android 6.x before 2016-03-01 allows rem ...)
 	NOT-FOR-US: Android
-CVE-2016-0829
+CVE-2016-0829 (The BnGraphicBufferProducer::onTransact function in libs/gui/IGraphicB ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0828
+CVE-2016-0828 (The BnGraphicBufferConsumer::onTransact function in libs/gui/IGraphicB ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0827
+CVE-2016-0827 (Multiple integer overflows in libeffects in mediaserver in Android 4.x ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0826
+CVE-2016-0826 (libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x befor ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0825
+CVE-2016-0825 (The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 al ...)
 	NOT-FOR-US: Android
-CVE-2016-0824
+CVE-2016-0824 (libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows att ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-0823
+CVE-2016-0823 (The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel be ...)
 	- linux 4.0.2-1
 	[jessie] - linux 3.16.7-ckt11-1
 	[wheezy] - linux 3.2.71-1
 	NOTE: Upstream patch: https://git.kernel.org/linus/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce (v4.0-rc5)
 	NOTE: https://googleprojectzero.blogspot.cz/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
-CVE-2016-0822
+CVE-2016-0822 (The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-0 ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-0821
+CVE-2016-0821 (The LIST_POISON feature in include/linux/poison.h in the Linux kernel  ...)
 	{DSA-3607-1 DLA-516-1}
 	- linux 4.3.1-1
 	NOTE: Upstream patch: https://git.kernel.org/linus/8a5e5e02fc83aaf67053ab53b359af08c6c49aaf (v4.3-rc1)
-CVE-2016-0820
+CVE-2016-0820 (The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 al ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2016-0819
+CVE-2016-0819 (The Qualcomm performance component in Android 4.x before 4.4.4, 5.x be ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-0818
+CVE-2016-0818 (The caching functionality in the TrustManagerImpl class in TrustManage ...)
 	NOT-FOR-US: Android
 CVE-2016-0817
 	RESERVED
-CVE-2016-0816
+CVE-2016-0816 (mediaserver in Android 6.x before 2016-03-01 allows remote attackers t ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0815
+CVE-2016-0815 (The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libs ...)
 	NOT-FOR-US: libstagefright
 CVE-2016-0814
 	RESERVED
-CVE-2016-0813
+CVE-2016-0813 (packages/SystemUI/src/com/android/systemui/recents/AlternateRecentsCom ...)
 	NOT-FOR-US: Android
-CVE-2016-0812
+CVE-2016-0812 (The interceptKeyBeforeDispatching function in policy/src/com/android/i ...)
 	NOT-FOR-US: Android
-CVE-2016-0811
+CVE-2016-0811 (Integer overflow in the BnCrypto::onTransact function in media/libmedi ...)
 	NOT-FOR-US: Android
-CVE-2016-0810
+CVE-2016-0810 (media/libmedia/SoundPool.cpp in mediaserver in Android 4.x before 4.4. ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2016-0809
+CVE-2016-0809 (Use-after-free vulnerability in the wifi_cleanup function in bcmdhd/wi ...)
 	NOT-FOR-US: Android
-CVE-2016-0808
+CVE-2016-0808 (Integer overflow in the getCoverageFormat12 function in CmapCoverage.c ...)
 	NOT-FOR-US: Android
-CVE-2016-0807
+CVE-2016-0807 (The get_build_id function in elf_utils.cpp in Debuggerd in Android 6.x ...)
 	- android-platform-system-core 1:7.0.0+r1-1 (unimportant)
 	NOTE: debuggerd not included, see bug #858177
-CVE-2016-0806
+CVE-2016-0806 (The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5 ...)
 	NOT-FOR-US: Android drivers
-CVE-2016-0805
+CVE-2016-0805 (The performance event manager for Qualcomm ARM processors in Android 4 ...)
 	NOT-FOR-US: Android drivers
-CVE-2016-0804
+CVE-2016-0804 (The NuPlayer::GenericSource::notifyPreparedAndCleanup function in medi ...)
 	NOT-FOR-US: Android
-CVE-2016-0803
+CVE-2016-0803 (libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before  ...)
 	NOT-FOR-US: libstagefright
-CVE-2016-0802
+CVE-2016-0802 (The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5 ...)
 	NOT-FOR-US: Android drivers
-CVE-2016-0801
+CVE-2016-0801 (The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5 ...)
 	{DLA-1573-1}
 	- firmware-nonfree 20180518-1 (bug #869639)
 	[stretch] - firmware-nonfree 20161130-4
 	[jessie] - firmware-nonfree <no-dsa> (non-free not supported)
-CVE-2016-0800
+CVE-2016-0800 (The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before  ...)
 	- openssl 1.0.0c-2
 	- nss 3.13
 	NOTE: openssl 1.0.0c-2 dropped SSLv2 support
@@ -29991,104 +29991,104 @@ CVE-2016-0800
 	NOTE: https://www.drownattack.com/
 	NOTE: GNUTLS never implemented SSLv2
 	NOTE: http://blog.cryptographyengineering.com/2016/03/attack-of-week-drown.html
-CVE-2016-0799
+CVE-2016-0799 (The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1. ...)
 	{DSA-3500-1}
 	- openssl 1.0.2g-1
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=a801bf263849a2ef773e5bc0c86438cbba720835
 	NOTE: https://guidovranken.wordpress.com/2016/02/27/openssl-cve-2016-0799-heap-corruption-via-bio_printf/
-CVE-2016-0798
+CVE-2016-0798 (Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0 ...)
 	{DSA-3500-1}
 	- openssl 1.0.2g-1
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=59a908f1e8380412a81392c468b83bf6071beb2a
-CVE-2016-0797
+CVE-2016-0797 (Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 be ...)
 	{DSA-3500-1}
 	- openssl 1.0.2g-1
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=99ba9fd02fd481eb971023a3a0a251a37eb87e4c
 CVE-2016-0796
 	RESERVED
-CVE-2016-0795
+CVE-2016-0795 (LibreOffice before 5.0.5 allows remote attackers to cause a denial of  ...)
 	{DSA-3482-1}
 	- libreoffice 1:5.0.5~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2016-0795/
-CVE-2016-0794
+CVE-2016-0794 (The lwp filter in LibreOffice before 5.0.4 allows remote attackers to  ...)
 	{DSA-3482-1}
 	- libreoffice 1:5.0.5~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2016-0794/
-CVE-2016-0793
+CVE-2016-0793 (Incomplete blacklist vulnerability in the servlet filter restriction m ...)
 	NOT-FOR-US: WildFly / Red Hat JBoss EAP
-CVE-2016-0792
+CVE-2016-0792 (Multiple unspecified API endpoints in Jenkins before 1.650 and LTS bef ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
-CVE-2016-0791
+CVE-2016-0791 (Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
-CVE-2016-0790
+CVE-2016-0790 (Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
-CVE-2016-0789
+CVE-2016-0789 (CRLF injection vulnerability in the CLI command documentation in Jenki ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
-CVE-2016-0788
+CVE-2016-0788 (The remoting module in Jenkins before 1.650 and LTS before 1.642.2 all ...)
 	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
-CVE-2016-0787
+CVE-2016-0787 (The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 im ...)
 	{DSA-3487-1 DLA-426-1}
 	- libssh2 1.5.0-2.1 (bug #815662)
 	NOTE: Upstream fix: https://github.com/libssh2/libssh2/commit/ca5222ea819cc5ed797860070b4c6c1aeeb28420
 	NOTE: Upstream patch only fixes DH SHA-256 key exchange type, not DH SHA-1
 CVE-2016-0786
 	RESERVED
-CVE-2016-0785
+CVE-2016-0785 (Apache Struts 2.x before 2.3.28 allows remote attackers to execute arb ...)
 	- libstruts1.2-java <not-affected> (Only 2.0.0 to 2.3.28.1)
 	NOTE: http://struts.apache.org/docs/s2-029.html
-CVE-2016-0784
+CVE-2016-0784 (Directory traversal vulnerability in the Import/Export System Backups  ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2016-0783
+CVE-2016-0783 (The sendHashByUser function in Apache OpenMeetings before 3.1.1 genera ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2016-0782
+CVE-2016-0782 (The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5 ...)
 	- activemq 5.13.2+dfsg-1 (unimportant)
 	NOTE: Admin console not enabled in the Debian package, see #702670
 	NOTE: https://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt
-CVE-2016-0781
+CVE-2016-0781 (The UAA OAuth approval pages in Cloud Foundry v208 to v231, Login-serv ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-0780
+CVE-2016-0780 (It was discovered that cf-release v231 and lower, Pivotal Cloud Foundr ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-0779
+CVE-2016-0779 (The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x be ...)
 	NOT-FOR-US: Apache TomEE
-CVE-2016-0778
+CVE-2016-0778 (The (1) roaming_read and (2) roaming_write functions in roaming_common ...)
 	{DSA-3446-1 DLA-387-1}
 	- openssh 1:7.1p2-1
 	NOTE: https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt
-CVE-2016-0777
+CVE-2016-0777 (The resend_bytes function in roaming_common.c in the client in OpenSSH ...)
 	{DSA-3446-1 DLA-387-1}
 	- openssh 1:7.1p2-1 (bug #810984)
 	NOTE: https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt
 CVE-2016-0776
 	REJECTED
-CVE-2016-0775
+CVE-2016-0775 (Buffer overflow in the ImagingFliDecode function in libImaging/FliDeco ...)
 	{DSA-3499-1 DLA-422-1}
 	- pillow 3.1.1-1 (bug #813909)
 	- python-imaging <removed>
 	[wheezy] - python-imaging 1.1.7-4+deb7u2
 	NOTE: https://github.com/python-pillow/Pillow/commit/bcaaf97f4ff25b3b5b9e8efeda364e17e80858ec (3.1.1)
-CVE-2016-0774
+CVE-2016-0774 (The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a ...)
 	{DLA-439-1}
 	- linux 3.16.2-2
 	[wheezy] - linux 3.2.73-2+deb7u3
 	- linux-2.6 <removed>
 	NOTE: https://rhn.redhat.com/errata/RHSA-2016-0103.html
 	NOTE: The upstream fix for 3.16 was correct, but wheezy had a incomplete backport
-CVE-2016-0773
+CVE-2016-0773 (PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9. ...)
 	{DSA-3476-1 DSA-3475-1 DLA-432-1}
 	- postgresql-9.5 9.5.1-1
 	- postgresql-9.4 <unfixed>
 	- postgresql-9.1 <removed>
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	NOTE: http://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=3bb3f42f3749d40b8d4de65871e8d828b18d4a45
-CVE-2016-0772
+CVE-2016-0772 (The smtplib library in CPython (aka Python) before 2.7.12, 3.x before  ...)
 	{DLA-1663-1 DLA-871-1 DLA-522-1}
 	- python3.5 3.5.2~rc1-1
 	- python3.4 <removed>
@@ -30097,37 +30097,37 @@ CVE-2016-0772
 	[jessie] - python2.7 2.7.9-2+deb8u1
 	NOTE: 3.4 branch: https://hg.python.org/cpython/rev/d590114c2394
 	NOTE: 2.7 branch: https://hg.python.org/cpython/rev/b3ce713fb9be
-CVE-2016-0771
+CVE-2016-0771 (The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9 ...)
 	{DSA-3514-1}
 	- samba 2:4.3.6+dfsg-1
 	[wheezy] - samba <not-affected> (Vulnerable code not present)
 	[squeeze] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2016-0771.html
-CVE-2016-0770
+CVE-2016-0770 (Cross-site scripting (XSS) vulnerability in includes/admin/pages/manag ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2016-0769
+CVE-2016-0769 (Multiple SQL injection vulnerabilities in eshop-orders.php in the eSho ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2016-0768
+CVE-2016-0768 (PostgreSQL PL/Java after 9.0 does not honor access controls on large o ...)
 	- postgresql-pljava <removed>
 	[wheezy] - postgresql-pljava <no-dsa> (Minor issue on undocumented API that got later removed)
-CVE-2016-0767
+CVE-2016-0767 (PostgreSQL PL/Java before 1.5.0 allows remote authenticated users with ...)
 	- postgresql-pljava <removed>
 	[wheezy] - postgresql-pljava <no-dsa> (Minor issue)
-CVE-2016-0766
+CVE-2016-0766 (PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9. ...)
 	{DSA-3476-1 DSA-3475-1}
 	- postgresql-9.5 9.5.1
 	- postgresql-9.4 <unfixed>
 	- postgresql-9.1 <removed>
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
-CVE-2016-0765
+CVE-2016-0765 (Multiple cross-site scripting (XSS) vulnerabilities in eshop-orders.ph ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2016-0764
+CVE-2016-0764 (Race condition in Network Manager before 1.0.12 as packaged in Red Hat ...)
 	- network-manager 1.1.91-1 (bug #820354)
 	[jessie] - network-manager <no-dsa> (Minor issue)
 	[wheezy] - network-manager <no-dsa> (Minor issue)
 	NOTE: Upstream fix: https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=60b7ed3bdc3941a3b7c56824fba4b7291e79041f (1.2-beta2)
 	NOTE: Fixed in 1.0.12 for the 1.0.x branch: https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/NEWS?h=1.0.12
-CVE-2016-0763
+CVE-2016-0763 (The setGlobalContext method in org/apache/naming/factory/ResourceLinkF ...)
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1 DLA-435-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.32-1
@@ -30135,7 +30135,7 @@ CVE-2016-0763
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: Fixed in 6.0.45, 7.0.68, 8.0.32, 9.0.0.M3
-CVE-2016-0762
+CVE-2016-0762 (The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0. ...)
 	{DSA-3721-1 DSA-3720-1 DLA-729-1 DLA-728-1}
 	- tomcat8 8.0.37-1 (low)
 	- tomcat7 7.0.72-1 (low; bug #842662)
@@ -30145,13 +30145,13 @@ CVE-2016-0762
 	NOTE: Fixed by: http://svn.apache.org/r1758501 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1758502 (7.0.x)
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1758506 (6.0.x)
-CVE-2016-0761
+CVE-2016-0761 (Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runt ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-0760
+CVE-2016-0760 (Multiple incomplete blacklist vulnerabilities in Apache Sentry before  ...)
 	NOT-FOR-US: Apache Hive
 CVE-2016-0759
 	REJECTED
-CVE-2016-0758
+CVE-2016-0758 (Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6  ...)
 	- linux 4.5.4-1
 	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in v3.10-rc1)
@@ -30159,27 +30159,27 @@ CVE-2016-0758
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1300257
 	NOTE: Fixed by: https://git.kernel.org/linus/23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa
 	NOTE: Introduced by: https://git.kernel.org/linus/42d5ec27f873c654a68f7f865dcd7737513e9508 (v3.10-rc1)
-CVE-2016-0757
+CVE-2016-0757 (OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x bef ...)
 	- glance 2:12.0.0-1
 	[jessie] - glance <no-dsa> (Minor issue)
 	[wheezy] - glance <no-dsa> (Minor issue)
 	NOTE: <=2015.1.2, >=11.0.0 <= 11.0.1
 	NOTE: https://bugs.launchpad.net/bugs/1525915
-CVE-2016-0756
+CVE-2016-0756 (The generate_dialback function in the mod_dialback module in Prosody b ...)
 	{DSA-3463-1 DLA-407-1}
 	- prosody 0.9.10-1
 	NOTE: http://blog.prosody.im/prosody-0-9-10-released/
 	NOTE: https://prosody.im/security/advisory_20160127/
 	NOTE: Upstream fix https://github.com/bjc/prosody/commit/8708def4f55e61acdd5b2c762d420ab40da0d015
-CVE-2016-0755
+CVE-2016-0755 (The ConnectionExists function in lib/url.c in libcurl before 7.47.0 do ...)
 	{DSA-3455-1}
 	- curl 7.47.0-1
 	[wheezy] - curl <no-dsa> (Too intrusive to backport)
 	NOTE: http://curl.haxx.se/docs/adv_20160127A.html
-CVE-2016-0754
+CVE-2016-0754 (cURL before 7.47.0 on Windows allows attackers to write to arbitrary f ...)
 	- curl <not-affected> (Windows only)
 	NOTE: http://curl.haxx.se/docs/adv_20160127B.html
-CVE-2016-0753
+CVE-2016-0753 (Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2. ...)
 	{DSA-3464-1 DLA-642-1 DLA-641-1 DLA-498-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -30191,7 +30191,7 @@ CVE-2016-0753
 	- ruby-activesupport-2.3 <removed>
 	[wheezy] - ruby-activesupport-2.3 <end-of-life>
 	- ruby-activemodel-3.2 <removed>
-CVE-2016-0752
+CVE-2016-0752 (Directory traversal vulnerability in Action View in Ruby on Rails befo ...)
 	{DSA-3464-1 DLA-604-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -30199,7 +30199,7 @@ CVE-2016-0752
 	- ruby-actionpack-3.2 <removed>
 	- ruby-actionpack-2.3 <removed>
 	[wheezy] - ruby-actionpack-2.3 <end-of-life>
-CVE-2016-0751
+CVE-2016-0751 (actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Rub ...)
 	{DSA-3464-1 DLA-604-1}
 	- rails 2:4.2.5.1-1
 	[wheezy] - rails <not-affected> (Vulnerable code not present, is only a transitional package)
@@ -30207,22 +30207,22 @@ CVE-2016-0751
 	- ruby-actionpack-3.2 <removed>
 	- ruby-actionpack-2.3 <removed>
 	[wheezy] - ruby-actionpack-2.3 <end-of-life>
-CVE-2016-0750
+CVE-2016-0750 (The hotrod java client in infinispan before 9.1.0.Final automatically  ...)
 	NOT-FOR-US: Infinispan
-CVE-2016-0749
+CVE-2016-0749 (The smartcard interaction in SPICE allows remote attackers to cause a  ...)
 	{DSA-3596-1}
 	- spice 0.12.6-4.1 (bug #826585)
 	[wheezy] - spice <not-affected> (Vulnerable code not present. Configured with --disable-smartcard)
 CVE-2016-0748
 	RESERVED
-CVE-2016-0747
+CVE-2016-0747 (The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not pr ...)
 	{DSA-3473-1}
 	- nginx 1.9.10-1 (bug #812806)
 	[squeeze] - nginx <not-affected> (Vulnerable code not present)
 	NOTE: http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
 	NOTE: https://github.com/nginx/nginx/commit/4016e6b1da4fbf9c45963211791be124cd7ffb8f (release-1.9.10)
 	NOTE: https://github.com/nginx/nginx/commit/fe89d99796d42b86816e17d9c87ab16964768024 (release-1.9.10)
-CVE-2016-0746
+CVE-2016-0746 (Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1 ...)
 	{DSA-3473-1}
 	- nginx 1.9.10-1 (bug #812806)
 	[squeeze] - nginx <not-affected> (Vulnerable code not present)
@@ -30235,37 +30235,37 @@ CVE-2016-0744
 	RESERVED
 CVE-2016-0743
 	RESERVED
-CVE-2016-0742
+CVE-2016-0742 (The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remo ...)
 	{DSA-3473-1 DLA-404-1}
 	- nginx 1.9.10-1 (bug #812806)
 	NOTE: http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
 	NOTE: https://github.com/nginx/nginx/commit/c44fd4e837f979912749a5a19490ccb9b46398d3 (release-1.9.10)
-CVE-2016-0741
+CVE-2016-0741 (slapd/connection.c in 389 Directory Server (formerly Fedora Directory  ...)
 	- 389-ds-base 1.3.4.8-1
 	[jessie] - 389-ds-base <not-affected> (Only affects 1.3.4 and up)
 	NOTE: https://fedorahosted.org/389/ticket/48412
-CVE-2016-0740
+CVE-2016-0740 (Buffer overflow in the ImagingLibTiffDecode function in libImaging/Tif ...)
 	{DSA-3499-1}
 	- pillow 3.1.1-1 (bug #813905)
 	- python-imaging <not-affected> (Vulnerable code introduce in 2.0.0)
 	NOTE: Issue when linked against libtiff >= 4.0.0
 	NOTE: Fixed by: https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e (3.1.1)
 	NOTE: Introduced by: https://github.com/python-pillow/Pillow/commit/e782fe721e0156de9636e78cd881d9f9e7e6ce50 (2.0.0)
-CVE-2016-0739
+CVE-2016-0739 (libssh before 0.7.3 improperly truncates ephemeral secrets generated f ...)
 	{DSA-3488-1 DLA-425-1}
 	- libssh 0.6.3-4.3 (bug #815663)
 	NOTE: Upstream fix: https://git.libssh.org/projects/libssh.git/commit/?h=v0-7&id=f8d0026c65fc8a55748ae481758e2cf376c26c86
-CVE-2016-0738
+CVE-2016-0738 (OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x ...)
 	- swift 2.5.0-3 (bug #812984)
 	[jessie] - swift <not-affected> (Vulnerable code not present)
 	[wheezy] - swift <not-affected> (Vulnerable code not present)
 	NOTE: Swift: >=2.2.1 <= 2.3.0, >= 2.4.0 <= 2.5.0
-CVE-2016-0737
+CVE-2016-0737 (OpenStack Object Storage (Swift) before 2.4.0 does not properly close  ...)
 	- swift 2.4.0-1
 	[jessie] - swift <not-affected> (Vulnerable code not present)
 	[wheezy] - swift <not-affected> (Vulnerable code not present)
 	NOTE: Swift: >=2.2.1 <= 2.3.0
-CVE-2016-0736
+CVE-2016-0736 (In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was ...)
 	{DSA-3796-1}
 	- apache2 2.4.25-1
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
@@ -30273,25 +30273,25 @@ CVE-2016-0736
 	NOTE: Fixed by: https://svn.apache.org/r1772812
 	NOTE: Affects: 2.4.1 to 2.4.23
 	NOTE: Fixed in 2.4.25
-CVE-2016-0735
+CVE-2016-0735 (Apache Ranger 0.5.x before 0.5.2 allows remote authenticated users to  ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2016-0734
+CVE-2016-0734 (The web-based administration console in Apache ActiveMQ 5.x before 5.1 ...)
 	- activemq <not-affected> (Admin console not enabled in the Debian package, see #702670)
 	NOTE: https://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt
-CVE-2016-0733
+CVE-2016-0733 (The Admin UI in Apache Ranger before 0.5.1 does not properly handle au ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2016-0732
+CVE-2016-0732 (The identity zones feature in Pivotal Cloud Foundry 208 through 229; U ...)
 	NOT-FOR-US: Pivotal Cloud Foundry
-CVE-2016-0731
+CVE-2016-0731 (The File Browser View in Apache Ambari before 2.2.1 allows remote auth ...)
 	NOT-FOR-US: Apache Ambari
 CVE-2016-0730
 	REJECTED
-CVE-2016-0729
+CVE-2016-0729 (Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLU ...)
 	{DSA-3493-1 DLA-433-1}
 	- xerces-c 3.1.3+debian-1 (bug #815907)
 	NOTE: http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1727978
-CVE-2016-0728
+CVE-2016-0728 (The join_session_keyring function in security/keys/process_keys.c in t ...)
 	{DSA-3448-1}
 	- linux 4.3.3-6
 	[wheezy] - linux <not-affected> (Introduced in v3.8-rc1)
@@ -30299,24 +30299,24 @@ CVE-2016-0728
 	NOTE: Upstream commit: https://git.kernel.org/linus/23567fd052a9abb6d67fe8e7a9ccdd9800a540f2
 	NOTE: Introduced in https://git.kernel.org/linus/3a50597de8635cd05133bd12c95681c82fe7b878 (v3.8-rc1)
 	NOTE: http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
-CVE-2016-0727
+CVE-2016-0727 (The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3. ...)
 	- ntp 1:4.2.8p9+dfsg-2 (low; bug #839998)
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1528050
 	NOTE: http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/
 	NOTE: Originally addressed in 1:4.2.8p8+dfsg-1.1, then refixed in 1:4.2.8p9+dfsg-2
-CVE-2016-0726
+CVE-2016-0726 (The Fedora Nagios package uses "nagiosadmin" as the default password f ...)
 	- nagios3 <not-affected> (Specific to Fedora installation)
-CVE-2016-0725
+CVE-2016-0725 (Cross-site scripting (XSS) vulnerability in the search_pagination func ...)
 	- moodle <not-affected> (Only affects 3.0 to 3.0.1, 2.9 to 2.9.3 and 2.8 to 2.8.9)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52552
-CVE-2016-0724
+CVE-2016-0724 (The (1) core_enrol_get_course_enrolment_methods and (2) enrol_self_get ...)
 	- moodle 2.7.12+dfsg-1 (bug #811344)
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52072
-CVE-2016-0723
+CVE-2016-0723 (Race condition in the tty_ioctl function in drivers/tty/tty_io.c in th ...)
 	{DSA-3448-1 DLA-412-1}
 	- linux 4.3.3-6
 	[wheezy] - linux 3.2.73-2+deb7u3
@@ -30325,19 +30325,19 @@ CVE-2016-0723
 	NOTE: https://git.kernel.org/linus/5c17c861a357e9458001f021a7afa7aab9937439 (v4.5-rc2)
 CVE-2016-0722
 	REJECTED
-CVE-2016-0721
+CVE-2016-0721 (Session fixation vulnerability in pcsd in pcs before 0.9.157. ...)
 	- pcs 0.9.149-1
 	NOTE: https://github.com/feist/pcs/commit/bc6ad9086857559db57f4e3e6de66762291c0774 (0.9.149)
 	NOTE: https://github.com/feist/pcs/commit/e9b28833d54a47ec441f6dbad0db96e1fc662a5b (0.9.149)
 	NOTE: https://github.com/feist/pcs/commit/acdbbe8307e6f4a36b2c7754765e732e43fe8d17 (0.9.149)
-CVE-2016-0720
+CVE-2016-0720 (Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs  ...)
 	- pcs 0.9.149-1
 	NOTE: https://github.com/feist/pcs/commit/3360ecd318f7631bf5826d99a20bf4b29d86dc9c (0.9.149)
 	NOTE: https://github.com/feist/pcs/commit/d49435de20f71bd0816c42b445ed484dd21fbe96 (0.9.149)
 	NOTE: https://github.com/feist/pcs/commit/b9e7f061788c3b86a0c67d2d4158f067ec5eb625 (0.9.149)
 CVE-2016-0719
 	REJECTED
-CVE-2016-0718
+CVE-2016-0718 (Expat allows context-dependent attackers to cause a denial of service  ...)
 	{DSA-3582-1 DLA-483-1}
 	- expat 2.1.1-2
 	- firefox 48.0-1 (unimportant)
@@ -30348,9 +30348,9 @@ CVE-2016-0717
 	REJECTED
 CVE-2016-0716
 	REJECTED
-CVE-2016-0715
+CVE-2016-0715 (Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5 ...)
 	NOT-FOR-US: Pivotal Cloud Foundry Elastic Runtime
-CVE-2016-0714
+CVE-2016-0714 (The session-persistence implementation in Apache Tomcat 6.x before 6.0 ...)
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1 DLA-435-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.32-1
@@ -30358,21 +30358,21 @@ CVE-2016-0714
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: Fixed in 6.0.45, 7.0.68, 8.0.32, 9.0.0.M3
-CVE-2016-0713
+CVE-2016-0713 (Gorouter in Cloud Foundry cf-release v141 through v228 allows man-in-t ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-0712
+CVE-2016-0712 (Cross-site scripting (XSS) vulnerability in Apache Jetspeed before 2.3 ...)
 	NOT-FOR-US: Apache Jetspeed
-CVE-2016-0711
+CVE-2016-0711 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Jetspeed ...)
 	NOT-FOR-US: Apache Jetspeed
-CVE-2016-0710
+CVE-2016-0710 (Multiple SQL injection vulnerabilities in the User Manager service in  ...)
 	NOT-FOR-US: Apache Jetspeed
-CVE-2016-0709
+CVE-2016-0709 (Directory traversal vulnerability in the Import/Export function in the ...)
 	NOT-FOR-US: Apache Jetspeed
-CVE-2016-0708
+CVE-2016-0708 (Applications deployed to Cloud Foundry, versions v166 through v227, ma ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2016-0707
+CVE-2016-0707 (The agent in Apache Ambari before 2.1.2 uses weak permissions for the  ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2016-0706
+CVE-2016-0706 (Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, ...)
 	{DSA-3609-1 DSA-3552-1 DSA-3530-1 DLA-435-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.0.32-1
@@ -30380,119 +30380,119 @@ CVE-2016-0706
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: Fixed in 6.0.45, 7.0.68, 8.0.32, 9.0.0.M3
-CVE-2016-0705
+CVE-2016-0705 (Double free vulnerability in the dsa_priv_decode function in crypto/ds ...)
 	{DSA-3500-1}
 	- openssl 1.0.2g-1
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ab4a81f69ec88d06c9d8de15326b9296d7f498ed
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
-CVE-2016-0704
+CVE-2016-0704 (An oracle protection mechanism in the get_client_master_key function i ...)
 	- openssl 1.0.0c-2
 	NOTE: 1.0.0c-2 dropped SSLv2 support
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
-CVE-2016-0703
+CVE-2016-0703 (The get_client_master_key function in s2_srvr.c in the SSLv2 implement ...)
 	- openssl 1.0.0c-2
 	NOTE: 1.0.0c-2 dropped SSLv2 support
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
-CVE-2016-0702
+CVE-2016-0702 (The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in O ...)
 	{DSA-3500-1}
 	- openssl 1.0.2g-1
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
 	NOTE: https://cachebleed.info
-CVE-2016-0701
+CVE-2016-0701 (The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 ...)
 	- openssl 1.0.2f-2
 	[jessie] - openssl <not-affected> (Only affects 1.0.2)
 	[wheezy] - openssl <not-affected> (Only affects 1.0.2)
 	[squeeze] - openssl <not-affected> (Only affects 1.0.2)
-CVE-2016-0700
+CVE-2016-0700 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0699
+CVE-2016-0699 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-0698
+CVE-2016-0698 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0697
+CVE-2016-0697 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0696
+CVE-2016-0696 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0695
+CVE-2016-0695 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Jav ...)
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u91-b14-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-0694
+CVE-2016-0694 (Unspecified vulnerability in the DataStore component in Oracle Berkele ...)
 	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
-CVE-2016-0693
+CVE-2016-0693 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows rem ...)
 	NOT-FOR-US: Solaris
-CVE-2016-0692
+CVE-2016-0692 (Unspecified vulnerability in the DataStore component in Oracle Berkele ...)
 	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
-CVE-2016-0691
+CVE-2016-0691 (Unspecified vulnerability in the RDBMS Security component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0690
+CVE-2016-0690 (Unspecified vulnerability in the RDBMS Security component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0689
+CVE-2016-0689 (Unspecified vulnerability in the DataStore component in Oracle Berkele ...)
 	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
-CVE-2016-0688
+CVE-2016-0688 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0687
+CVE-2016-0687 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and  ...)
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u91-b14-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-0686
+CVE-2016-0686 (Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and  ...)
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u91-b14-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life> (Not supported in Wheezy LTS)
-CVE-2016-0685
+CVE-2016-0685 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0684
+CVE-2016-0684 (Unspecified vulnerability in the Oracle Retail MICROS ARS POS componen ...)
 	NOT-FOR-US: Oracle Retail
-CVE-2016-0683
+CVE-2016-0683 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0682
+CVE-2016-0682 (Unspecified vulnerability in the DataStore component in Oracle Berkele ...)
 	NOT-FOR-US: Oracle Berkeley DB (later closed source releases)
-CVE-2016-0681
+CVE-2016-0681 (Unspecified vulnerability in the Oracle OLAP component in Oracle Datab ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0680
+CVE-2016-0680 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component i ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0679
+CVE-2016-0679 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0678
+CVE-2016-0678 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox 5.0.18-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2016-0677
+CVE-2016-0677 (Unspecified vulnerability in the RDBMS Security component in Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0676
+CVE-2016-0676 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users  ...)
 	NOT-FOR-US: Solaris
-CVE-2016-0675
+CVE-2016-0675 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0674
+CVE-2016-0674 (Unspecified vulnerability in the Siebel Core - Common Components compo ...)
 	NOT-FOR-US: Siebel
-CVE-2016-0673
+CVE-2016-0673 (Unspecified vulnerability in the Siebel UI Framework component in Orac ...)
 	NOT-FOR-US: Siebel
-CVE-2016-0672
+CVE-2016-0672 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking compon ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2016-0671
+CVE-2016-0671 (Unspecified vulnerability in the Oracle HTTP Server component in Oracl ...)
 	NOT-FOR-US: Oracle
 CVE-2016-0670
 	REJECTED
-CVE-2016-0669
+CVE-2016-0669 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local user ...)
 	NOT-FOR-US: Solaris
-CVE-2016-0668
+CVE-2016-0668 (Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.1 ...)
 	{DSA-3595-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and MySQL 5.7)
 	- mariadb-10.0 10.0.24-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0667
+CVE-2016-0667 (Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows lo ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0666
+CVE-2016-0666 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 a ...)
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
@@ -30500,43 +30500,43 @@ CVE-2016-0666
 	NOTE: Fixed in MariaDB 10.0.25
 	NOTE: https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0665
+CVE-2016-0665 (Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.1 ...)
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
 CVE-2016-0664
 	REJECTED
-CVE-2016-0663
+CVE-2016-0663 (Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows lo ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0662
+CVE-2016-0662 (Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows lo ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0661
+CVE-2016-0661 (Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.1 ...)
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
 CVE-2016-0660
 	REJECTED
-CVE-2016-0659
+CVE-2016-0659 (Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows lo ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0658
+CVE-2016-0658 (Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows lo ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0657
+CVE-2016-0657 (Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows lo ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0656
+CVE-2016-0656 (Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows lo ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0655
+CVE-2016-0655 (Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.1 ...)
 	{DSA-3595-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and MySQL 5.7)
@@ -30544,19 +30544,19 @@ CVE-2016-0655
 	NOTE: Fixed in MariaDB 10.0.25
 	NOTE: https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0654
+CVE-2016-0654 (Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows lo ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0653
+CVE-2016-0653 (Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows lo ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0652
+CVE-2016-0652 (Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows lo ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0651
+CVE-2016-0651 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows lo ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.5 <removed>
 	[jessie] - mysql-5.5 5.5.47-0+deb8u1
@@ -30564,19 +30564,19 @@ CVE-2016-0651
 	- mariadb-10.0 10.0.23-1
 	[jessie] - mariadb-10.0 10.0.23-0+deb8u1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0650
+CVE-2016-0650 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 a ...)
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
 	- mariadb-10.0 10.0.24-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0649
+CVE-2016-0649 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 a ...)
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
 	- mariadb-10.0 10.0.24-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0648
+CVE-2016-0648 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 a ...)
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
@@ -30584,7 +30584,7 @@ CVE-2016-0648
 	NOTE: Fixed in MariaDB 10.0.25
 	NOTE: https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0647
+CVE-2016-0647 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 a ...)
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
@@ -30592,7 +30592,7 @@ CVE-2016-0647
 	NOTE: Fixed in MariaDB 10.0.25
 	NOTE: https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0646
+CVE-2016-0646 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 a ...)
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
@@ -30600,13 +30600,13 @@ CVE-2016-0646
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
 CVE-2016-0645
 	REJECTED
-CVE-2016-0644
+CVE-2016-0644 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 a ...)
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
 	- mariadb-10.0 10.0.24-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0643
+CVE-2016-0643 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 a ...)
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
@@ -30614,34 +30614,34 @@ CVE-2016-0643
 	NOTE: Fixed in MariaDB 10.0.25
 	NOTE: https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0642
+CVE-2016-0642 (Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 a ...)
 	{DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
 	- mariadb-10.0 10.0.23-1
 	[jessie] - mariadb-10.0 10.0.23-0+deb8u1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0641
+CVE-2016-0641 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 a ...)
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
 	- mariadb-10.0 10.0.24-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0640
+CVE-2016-0640 (Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 a ...)
 	{DSA-3595-1 DSA-3557-1 DLA-447-1}
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <removed> (bug #821100)
 	- mariadb-10.0 10.0.24-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0639
+CVE-2016-0639 (Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.1 ...)
 	- mysql-5.6 5.6.30-1 (bug #821094)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
-CVE-2016-0638
+CVE-2016-0638 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
 CVE-2016-0637
 	REJECTED
-CVE-2016-0636
+CVE-2016-0636 (Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allow ...)
 	{DSA-3558-1 DLA-451-1}
 	- openjdk-8 8u77-b03-1
 	[experimental] - openjdk-7 7u95-2.6.4-3
@@ -30651,9 +30651,9 @@ CVE-2016-0636
 	NOTE: http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html
 	NOTE: https://blogs.oracle.com/security/entry/security_alert_cve_2016_0636
 	NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/c44179bce874
-CVE-2016-0635
+CVE-2016-0635 (Unspecified vulnerability in the Enterprise Manager Ops Center compone ...)
 	NOT-FOR-US: MySQL Enterprise Monitor
-CVE-2016-0634
+CVE-2016-0634 (The expansion of '\h' in the prompt string in bash 4.3 allows remote a ...)
 	- bash 4.4-1 (unimportant)
 	[jessie] - bash 4.3-11+deb8u1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/8
@@ -30683,7 +30683,7 @@ CVE-2016-0625
 	REJECTED
 CVE-2016-0624
 	REJECTED
-CVE-2016-0623
+CVE-2016-0623 (Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote att ...)
 	NOT-FOR-US: Solaris
 CVE-2016-0622
 	REJECTED
@@ -30693,16 +30693,16 @@ CVE-2016-0620
 	REJECTED
 CVE-2016-0619
 	REJECTED
-CVE-2016-0618
+CVE-2016-0618 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle Sun Solaris
-CVE-2016-0617
+CVE-2016-0617 (Unspecified vulnerability in the kernel-uek component in Oracle Linux  ...)
 	- linux 4.4.2-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	- linux-2.6 <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://git.kernel.org/linus/1bfad99ab42569807d0ca1698449cae5e8c0334a (v4.3-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/9aacdd354d197ad64685941b36d28ea20ab88757 (v4.5-rc1)
-CVE-2016-0616
+CVE-2016-0616 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and Maria ...)
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.5 <removed> (bug #811428)
@@ -30710,317 +30710,317 @@ CVE-2016-0616
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0615
 	REJECTED
-CVE-2016-0614
+CVE-2016-0614 (Unspecified vulnerability in the Oracle BI Publisher component in Orac ...)
 	NOT-FOR-US: Oracle
 CVE-2016-0613
 	REJECTED
 CVE-2016-0612
 	REJECTED
-CVE-2016-0611
+CVE-2016-0611 (Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 ...)
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0610
+CVE-2016-0610 (Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and Maria ...)
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mariadb-10.0 10.0.22-1
 	[jessie] - mariadb-10.0 10.0.22-0+deb8u1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0609
+CVE-2016-0609 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 a ...)
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0608
+CVE-2016-0608 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 a ...)
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0607
+CVE-2016-0607 (Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 ...)
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0606
+CVE-2016-0606 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 a ...)
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0605
+CVE-2016-0605 (Unspecified vulnerability in Oracle MySQL 5.6.26 and earlier allows re ...)
 	- mysql-5.6 5.6.27-1
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0604
 	REJECTED
-CVE-2016-0603
+CVE-2016-0603 (Unspecified vulnerability in the Java SE component in Oracle Java SE 6 ...)
 	- openjdk-8 <not-affected> (Java on Windows)
 	- openjdk-7 <not-affected> (Java on Windows)
 	- openjdk-6 <not-affected> (Java on Windows)
-CVE-2016-0602
+CVE-2016-0602 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox <not-affected> (VirtualBox Windows Installer component)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
-CVE-2016-0601
+CVE-2016-0601 (Unspecified vulnerability in Oracle MySQL 5.7.9 allows remote authenti ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0600
+CVE-2016-0600 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 a ...)
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0599
+CVE-2016-0599 (Unspecified vulnerability in Oracle MySQL 5.7.9 allows remote authenti ...)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0598
+CVE-2016-0598 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 a ...)
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0597
+CVE-2016-0597 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 a ...)
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0596
+CVE-2016-0596 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.2 ...)
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0595
+CVE-2016-0595 (Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier allows re ...)
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0594
+CVE-2016-0594 (Unspecified vulnerability in Oracle MySQL 5.6.21 and earlier allows re ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0593
 	REJECTED
-CVE-2016-0592
+CVE-2016-0592 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DSA-3454-1}
 	- virtualbox 5.0.14-dfsg-1
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
-CVE-2016-0591
+CVE-2016-0591 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing  ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-0590
+CVE-2016-0590 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Order Manag ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0589
+CVE-2016-0589 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0588
+CVE-2016-0588 (Unspecified vulnerability in the Oracle General Ledger component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0587
+CVE-2016-0587 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2016-0586
+CVE-2016-0586 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0585
+CVE-2016-0585 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0584
+CVE-2016-0584 (Unspecified vulnerability in the Oracle CRM Technology Foundation comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0583
+CVE-2016-0583 (Unspecified vulnerability in the Oracle CRM Technology Foundation comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0582
+CVE-2016-0582 (Unspecified vulnerability in the Oracle CRM Technology Foundation comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0581
+CVE-2016-0581 (Unspecified vulnerability in the Oracle Approvals Management component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0580
+CVE-2016-0580 (Unspecified vulnerability in the Oracle Report Manager component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0579
+CVE-2016-0579 (Unspecified vulnerability in the Oracle CRM Technology Foundation comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0578
+CVE-2016-0578 (Unspecified vulnerability in the Oracle CRM Technology Foundation comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0577
+CVE-2016-0577 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0576
+CVE-2016-0576 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0575
+CVE-2016-0575 (Unspecified vulnerability in the Oracle Learning Management component  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0574
+CVE-2016-0574 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0573
+CVE-2016-0573 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0572
+CVE-2016-0572 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0571
+CVE-2016-0571 (Unspecified vulnerability in the Oracle Balanced Scorecard component i ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0570
+CVE-2016-0570 (Unspecified vulnerability in the Oracle HCM Configuration Workbench co ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0569
+CVE-2016-0569 (Unspecified vulnerability in the Oracle E-Business Intelligence compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0568
+CVE-2016-0568 (Unspecified vulnerability in the Oracle Email Center component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0567
+CVE-2016-0567 (Unspecified vulnerability in the Oracle E-Business Intelligence compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0566
+CVE-2016-0566 (Unspecified vulnerability in the Oracle Marketing component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0565
+CVE-2016-0565 (Unspecified vulnerability in the Oracle Marketing component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0564
+CVE-2016-0564 (Unspecified vulnerability in the Oracle E-Business Intelligence compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0563
+CVE-2016-0563 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0562
+CVE-2016-0562 (Unspecified vulnerability in the Oracle Common Applications component  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0561
+CVE-2016-0561 (Unspecified vulnerability in the Oracle E-Business Intelligence compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0560
+CVE-2016-0560 (Unspecified vulnerability in the Oracle Customer Intelligence componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0559
+CVE-2016-0559 (Unspecified vulnerability in the Oracle Customer Intelligence componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0558
+CVE-2016-0558 (Unspecified vulnerability in the Oracle Service Contracts component in ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0557
+CVE-2016-0557 (Unspecified vulnerability in the Oracle Advanced Collections component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0556
+CVE-2016-0556 (Unspecified vulnerability in the Oracle Advanced Collections component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0555
+CVE-2016-0555 (Unspecified vulnerability in the Oracle CADView-3D component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0554
+CVE-2016-0554 (Unspecified vulnerability in the Oracle Interaction Center Intelligenc ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0553
+CVE-2016-0553 (Unspecified vulnerability in the Oracle E-Business Intelligence compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0552
+CVE-2016-0552 (Unspecified vulnerability in the Oracle Customer Intelligence componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0551
+CVE-2016-0551 (Unspecified vulnerability in the Oracle Customer Intelligence componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0550
+CVE-2016-0550 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0549
+CVE-2016-0549 (Unspecified vulnerability in the Oracle E-Business Intelligence compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0548
+CVE-2016-0548 (Unspecified vulnerability in the Oracle E-Business Intelligence compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0547
+CVE-2016-0547 (Unspecified vulnerability in the Oracle E-Business Intelligence compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0546
+CVE-2016-0546 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 a ...)
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0545
+CVE-2016-0545 (Unspecified vulnerability in the Oracle Customer Intelligence componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0544
+CVE-2016-0544 (Unspecified vulnerability in the Oracle Marketing component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0543
+CVE-2016-0543 (Unspecified vulnerability in the Oracle Marketing component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0542
+CVE-2016-0542 (Unspecified vulnerability in the Oracle Field Service component in Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0541
+CVE-2016-0541 (Unspecified vulnerability in the Oracle Configurator component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0540
+CVE-2016-0540 (Unspecified vulnerability in the Oracle Configurator component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0539
+CVE-2016-0539 (Unspecified vulnerability in the Oracle Report Manager component in Or ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0538
+CVE-2016-0538 (Unspecified vulnerability in the Oracle Financial Consolidation Hub co ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0537
+CVE-2016-0537 (Unspecified vulnerability in the Oracle Human Resources component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0536
+CVE-2016-0536 (Unspecified vulnerability in the Oracle Universal Work Queue component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0535
+CVE-2016-0535 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remot ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0534
+CVE-2016-0534 (Unspecified vulnerability in the Oracle Project Contracts component in ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0533
+CVE-2016-0533 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0532
+CVE-2016-0532 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0531
+CVE-2016-0531 (Unspecified vulnerability in the Oracle Applications Manager component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0530
+CVE-2016-0530 (Unspecified vulnerability in the Oracle Customer Interaction History c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0529
+CVE-2016-0529 (Unspecified vulnerability in the Oracle Customer Interaction History c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0528
+CVE-2016-0528 (Unspecified vulnerability in the Oracle Customer Interaction History c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0527
+CVE-2016-0527 (Unspecified vulnerability in the Oracle Customer Interaction History c ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0526
+CVE-2016-0526 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0525
+CVE-2016-0525 (Unspecified vulnerability in the Oracle Universal Work Queue component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0524
+CVE-2016-0524 (Unspecified vulnerability in the Oracle Universal Work Queue component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0523
+CVE-2016-0523 (Unspecified vulnerability in the Oracle Interaction Blending component ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0522
+CVE-2016-0522 (Unspecified vulnerability in the Oracle Retail Open Commerce Platform  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0521
+CVE-2016-0521 (Unspecified vulnerability in the Oracle iProcurement component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0520
+CVE-2016-0520 (Unspecified vulnerability in the Oracle Application Object Library com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0519
+CVE-2016-0519 (Unspecified vulnerability in the Oracle iReceivables component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0518
+CVE-2016-0518 (Unspecified vulnerability in the Oracle Human Resources component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0517
+CVE-2016-0517 (Unspecified vulnerability in the Oracle Human Resources component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0516
+CVE-2016-0516 (Unspecified vulnerability in the Oracle Quality component in Oracle E- ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0515
+CVE-2016-0515 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0514
+CVE-2016-0514 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0513
+CVE-2016-0513 (Unspecified vulnerability in the Oracle CRM Technical Foundation compo ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0512
+CVE-2016-0512 (Unspecified vulnerability in the Oracle Human Resources component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0511
+CVE-2016-0511 (Unspecified vulnerability in the Oracle E-Business Intelligence compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0510
+CVE-2016-0510 (Unspecified vulnerability in the Oracle E-Business Intelligence compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0509
+CVE-2016-0509 (Unspecified vulnerability in the Oracle Internet Expenses component in ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0508
+CVE-2016-0508 (Unspecified vulnerability in the Oracle iLearning component in Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0507
+CVE-2016-0507 (Unspecified vulnerability in the Oracle iReceivables component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0506
+CVE-2016-0506 (Unspecified vulnerability in the Oracle Retail Order Management System ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0505
+CVE-2016-0505 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 a ...)
 	{DSA-3459-1 DSA-3453-1 DLA-409-1}
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <removed> (bug #811428)
 	- mariadb-10.0 10.0.23-1
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0504
+CVE-2016-0504 (Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 ...)
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0503
+CVE-2016-0503 (Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 ...)
 	- mysql-5.6 5.6.28-1 (bug #811443)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0502
+CVE-2016-0502 (Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.1 ...)
 	- mysql-5.6 5.6.25-2
 	- mysql-5.5 5.5.33+dfsg-1
 	- mariadb-10.0 <not-affected> (Fixed before the initial release in Debian, 10.0.4)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
-CVE-2016-0501
+CVE-2016-0501 (Unspecified vulnerability in the Oracle Secure Global Desktop componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0500
+CVE-2016-0500 (Unspecified vulnerability in the Oracle Retail Order Broker Cloud Serv ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0499
+CVE-2016-0499 (Unspecified vulnerability in the Java VM component in Oracle Database  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0498
+CVE-2016-0498 (Unspecified vulnerability in the Oracle Agile Engineering Data Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0497
+CVE-2016-0497 (Unspecified vulnerability in the Oracle Agile Engineering Data Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0496
+CVE-2016-0496 (Unspecified vulnerability in the MICROS CWDirect component in Oracle R ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0495
+CVE-2016-0495 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	{DSA-3454-1}
 	- virtualbox 5.0.14-dfsg-1
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
-CVE-2016-0494
+CVE-2016-0494 (Unspecified vulnerability in the Java SE and Java SE Embedded componen ...)
 	{DSA-3725-1 DSA-3465-1 DSA-3458-1 DLA-545-1 DLA-410-1}
 	- openjdk-8 8u72-b15-1
 	- openjdk-7 7u95-2.6.4-1
@@ -31033,492 +31033,492 @@ CVE-2016-0494
 	NOTE: the CVE-2015-4844 fix. To avoid confusion with the DSA text in DSA-3725-1
 	NOTE: threat this CVE separately as affected src:icu despite beeing for the
 	NOTE: incomplete fix for CVE-2015-4844
-CVE-2016-0493
+CVE-2016-0493 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0492
+CVE-2016-0492 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0491
+CVE-2016-0491 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0490
+CVE-2016-0490 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0489
+CVE-2016-0489 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0488
+CVE-2016-0488 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0487
+CVE-2016-0487 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0486
+CVE-2016-0486 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0485
+CVE-2016-0485 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0484
+CVE-2016-0484 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0483
+CVE-2016-0483 (Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Jav ...)
 	{DSA-3465-1 DSA-3458-1 DLA-410-1}
 	- openjdk-8 8u72-b15-1
 	- openjdk-7 7u95-2.6.4-1
 	- openjdk-6 <removed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1299441#c2
-CVE-2016-0482
+CVE-2016-0482 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0481
+CVE-2016-0481 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0480
+CVE-2016-0480 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0479
+CVE-2016-0479 (Unspecified vulnerability in the Oracle Business Intelligence Enterpri ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0478
+CVE-2016-0478 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0477
+CVE-2016-0477 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0476
+CVE-2016-0476 (Unspecified vulnerability in the Oracle Application Testing Suite comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0475
+CVE-2016-0475 (Unspecified vulnerability in the Java SE, Java SE Embedded, and JRocki ...)
 	- openjdk-8 8u72-b15-1
-CVE-2016-0474
+CVE-2016-0474 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0473
+CVE-2016-0473 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0472
+CVE-2016-0472 (Unspecified vulnerability in the XDB - XML Database component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0471
+CVE-2016-0471 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0470
+CVE-2016-0470 (Unspecified vulnerability in the Oracle BI Publisher component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0469
+CVE-2016-0469 (Unspecified vulnerability in the Oracle Retail MICROS C2 component in  ...)
 	NOT-FOR-US: Oracle Retail
-CVE-2016-0468
+CVE-2016-0468 (Unspecified vulnerability in the Oracle Business Intelligence Enterpri ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0467
+CVE-2016-0467 (Unspecified vulnerability in the Security component in Oracle Database ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0466
+CVE-2016-0466 (Unspecified vulnerability in the Java SE, Java SE Embedded, and JRocki ...)
 	{DSA-3465-1 DSA-3458-1 DLA-410-1}
 	- openjdk-8 8u72-b15-1
 	- openjdk-7 7u95-2.6.4-1
 	- openjdk-6 <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1299385#c4
-CVE-2016-0465
+CVE-2016-0465 (Unspecified vulnerability in the Solaris Cluster component in Oracle S ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0464
+CVE-2016-0464 (Unspecified vulnerability in the Oracle WebLogic Server component in O ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0463
+CVE-2016-0463 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0462
+CVE-2016-0462 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0461
+CVE-2016-0461 (Unspecified vulnerability in the XDB - XML Database component in Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0460
+CVE-2016-0460 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0459
+CVE-2016-0459 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0458
+CVE-2016-0458 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0457
+CVE-2016-0457 (Unspecified vulnerability in the Application Mgmt Pack for E-Business  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0456
+CVE-2016-0456 (Unspecified vulnerability in the Application Mgmt Pack for E-Business  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0455
+CVE-2016-0455 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0454
+CVE-2016-0454 (Unspecified vulnerability in the Oracle Mobile Application Servlet com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0453
+CVE-2016-0453 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2016-0452
+CVE-2016-0452 (Unspecified vulnerability in the Oracle GoldenGate component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0451
+CVE-2016-0451 (Unspecified vulnerability in the Oracle GoldenGate component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0450
+CVE-2016-0450 (Unspecified vulnerability in the Oracle GoldenGate component in Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0449
+CVE-2016-0449 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0448
+CVE-2016-0448 (Unspecified vulnerability in the Java SE and Java SE Embedded componen ...)
 	{DSA-3465-1 DSA-3458-1 DLA-410-1}
 	- openjdk-8 8u72-b15-1
 	- openjdk-7 7u95-2.6.4-1
 	- openjdk-6 <removed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1299385#c4
-CVE-2016-0447
+CVE-2016-0447 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0446
+CVE-2016-0446 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0445
+CVE-2016-0445 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0444
+CVE-2016-0444 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0443
+CVE-2016-0443 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0442
+CVE-2016-0442 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0441
+CVE-2016-0441 (Unspecified vulnerability in the Oracle GlassFish Server component in  ...)
 	- glassfish <not-affected> (Full application server not packaged)
-CVE-2016-0440
+CVE-2016-0440 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0439
+CVE-2016-0439 (Unspecified vulnerability in the Web Cache component in Oracle Fusion  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0438
+CVE-2016-0438 (Unspecified vulnerability in the Oracle Retail Point-of-Service compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0437
+CVE-2016-0437 (Unspecified vulnerability in the Oracle Retail Point-of-Service compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0436
+CVE-2016-0436 (Unspecified vulnerability in the Oracle Retail Point-of-Service compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0435
+CVE-2016-0435 (Unspecified vulnerability in the Oracle Retail Point-of-Service compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0434
+CVE-2016-0434 (Unspecified vulnerability in the Oracle Retail Point-of-Service compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0433
+CVE-2016-0433 (Unspecified vulnerability in the Web Cache component in Oracle Fusion  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0432
+CVE-2016-0432 (Unspecified vulnerability in the Oracle Outside In Technology componen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0431
+CVE-2016-0431 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0430
+CVE-2016-0430 (Unspecified vulnerability in the Web Cache component in Oracle Fusion  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0429
+CVE-2016-0429 (Unspecified vulnerability in the Oracle BI Publisher component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0428
+CVE-2016-0428 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0427
+CVE-2016-0427 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0426
+CVE-2016-0426 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0425
+CVE-2016-0425 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0424
+CVE-2016-0424 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0423
+CVE-2016-0423 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0422
+CVE-2016-0422 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0421
+CVE-2016-0421 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0420
+CVE-2016-0420 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools compon ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0419
+CVE-2016-0419 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0418
+CVE-2016-0418 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0417
+CVE-2016-0417 (Unspecified vulnerability in the Solaris Cluster component in Oracle S ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0416
+CVE-2016-0416 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0415
+CVE-2016-0415 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0414
+CVE-2016-0414 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0413
+CVE-2016-0413 (Unspecified vulnerability in the Oracle Identity Federation component  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0412
+CVE-2016-0412 (Unspecified vulnerability in the PeopleSoft Enterprise SCM eProcuremen ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0411
+CVE-2016-0411 (Unspecified vulnerability in the Enterprise Manager Base Platform comp ...)
 	NOT-FOR-US: Oracle
 CVE-2016-0410
 	REJECTED
-CVE-2016-0409
+CVE-2016-0409 (Unspecified vulnerability in the PeopleSoft Enterprise HCM Global Payr ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0408
+CVE-2016-0408 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools com ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0407
+CVE-2016-0407 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component i ...)
 	NOT-FOR-US: Oracle
 	NOT-FOR-US: PeopleSoft
-CVE-2016-0406
+CVE-2016-0406 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0405
+CVE-2016-0405 (Unspecified vulnerability in the Solaris Cluster component in Oracle S ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0404
+CVE-2016-0404 (Unspecified vulnerability in the Oracle Identity Federation component  ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0403
+CVE-2016-0403 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0402
+CVE-2016-0402 (Unspecified vulnerability in the Java SE and Java SE Embedded componen ...)
 	{DSA-3465-1 DSA-3458-1 DLA-410-1}
 	- openjdk-8 8u72-b15-1
 	- openjdk-7 7u95-2.6.4-1
 	- openjdk-6 <removed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298957#c2
-CVE-2016-0401
+CVE-2016-0401 (Unspecified vulnerability in the Oracle BI Publisher component in Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2016-0400
+CVE-2016-0400 (CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 befo ...)
 	NOT-FOR-US: IBM
-CVE-2016-0399
+CVE-2016-0399 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM
-CVE-2016-0398
+CVE-2016-0398 (IBM Cognos Analytics (CA) 11.0 before 11.0.2 allows remote attackers t ...)
 	NOT-FOR-US: IBM
-CVE-2016-0397
+CVE-2016-0397 (WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0396
+CVE-2016-0396 (IBM Tivoli Endpoint Manager could allow a user under special circumsta ...)
 	NOT-FOR-US: IBM
 CVE-2016-0395
 	RESERVED
-CVE-2016-0394
+CVE-2016-0394 (IBM Integration Bus and WebSphere Message broker sets incorrect permis ...)
 	NOT-FOR-US: IBM
-CVE-2016-0393
+CVE-2016-0393 (IBM Maximo Asset Management 7.5 before 7.5.0.10-TIV-MBS-IFIX002 and 7. ...)
 	NOT-FOR-US: IBM
-CVE-2016-0392
+CVE-2016-0392 (IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 t ...)
 	NOT-FOR-US: IBM
-CVE-2016-0391
+CVE-2016-0391 (The IBM Watson Developer Cloud services on Bluemix platforms do not pr ...)
 	NOT-FOR-US: IBM
-CVE-2016-0390
+CVE-2016-0390 (Cross-site scripting (XSS) vulnerability in IBM Algorithmics Algo One  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0389
+CVE-2016-0389 (Admin Center in IBM WebSphere Application Server (WAS) 8.5.5.2 through ...)
 	NOT-FOR-US: IBM
 CVE-2016-0388
 	RESERVED
-CVE-2016-0387
+CVE-2016-0387 (Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Pl ...)
 	NOT-FOR-US: IBM
-CVE-2016-0386
+CVE-2016-0386 (Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Applica ...)
 	NOT-FOR-US: IBM
-CVE-2016-0385
+CVE-2016-0385 (Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7 ...)
 	NOT-FOR-US: IBM
 CVE-2016-0384
 	RESERVED
 CVE-2016-0383
 	RESERVED
-CVE-2016-0382
+CVE-2016-0382 (The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes s ...)
 	NOT-FOR-US: IBM
-CVE-2016-0381
+CVE-2016-0381 (IBM Cognos TM1 10.2.2 before FP5, when the host/pmhub/pm/admin AdminGr ...)
 	NOT-FOR-US: IBM
-CVE-2016-0380
+CVE-2016-0380 (IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0379
+CVE-2016-0379 (IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0378
+CVE-2016-0378 (IBM WebSphere Application Server (WAS) Liberty before 16.0.0.3, when t ...)
 	NOT-FOR-US: IBM
-CVE-2016-0377
+CVE-2016-0377 (The Administrative Console in IBM WebSphere Application Server (WAS) 7 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0376
+CVE-2016-0376 (The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Techn ...)
 	NOT-FOR-US: IBM
-CVE-2016-0375
+CVE-2016-0375 (JMS Client in IBM MessageSight 1.1.x through 1.1.0.1, 1.2.x through 1. ...)
 	NOT-FOR-US: IBM
-CVE-2016-0374
+CVE-2016-0374 (The builder tools in IBM TRIRIGA Application Platform 3.3 before 3.3.2 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0373
+CVE-2016-0373 (IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0372
+CVE-2016-0372 (IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8,  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0371
+CVE-2016-0371 (The Tivoli Storage Manager (TSM) password may be displayed in plain te ...)
 	NOT-FOR-US: IBM
-CVE-2016-0370
+CVE-2016-0370 (Cross-site scripting (XSS) vulnerability in IBM Forms Experience Build ...)
 	NOT-FOR-US: IBM
-CVE-2016-0369
+CVE-2016-0369 (XML external entity (XXE) vulnerability in IBM Forms Experience Builde ...)
 	NOT-FOR-US: IBM Forms Experience Builder
 CVE-2016-0368
 	RESERVED
-CVE-2016-0367
+CVE-2016-0367 (IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-I ...)
 	NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
-CVE-2016-0366
+CVE-2016-0366 (IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-I ...)
 	NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
-CVE-2016-0365
+CVE-2016-0365 (IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0364
+CVE-2016-0364 (IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0363
+CVE-2016-0363 (The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technolog ...)
 	NOT-FOR-US: IBM JDK
-CVE-2016-0362
+CVE-2016-0362 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2. ...)
 	NOT-FOR-US: IBM
-CVE-2016-0361
+CVE-2016-0361 (IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and ...)
 	NOT-FOR-US: IBM General Parallel File System
-CVE-2016-0360
+CVE-2016-0360 (IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides cla ...)
 	NOT-FOR-US: IBM
-CVE-2016-0359
+CVE-2016-0359 (CRLF injection vulnerability in IBM WebSphere Application Server (WAS) ...)
 	NOT-FOR-US: IBM
-CVE-2016-0358
+CVE-2016-0358 (IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated u ...)
 	NOT-FOR-US: IBM
-CVE-2016-0357
+CVE-2016-0357 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
 	NOT-FOR-US: IBM
-CVE-2016-0356
+CVE-2016-0356 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an au ...)
 	NOT-FOR-US: IBM
-CVE-2016-0355
+CVE-2016-0355 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an au ...)
 	NOT-FOR-US: IBM
-CVE-2016-0354
+CVE-2016-0354 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an au ...)
 	NOT-FOR-US: IBM
-CVE-2016-0353
+CVE-2016-0353 (IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when Vi ...)
 	NOT-FOR-US: IBM
 CVE-2016-0352
 	RESERVED
-CVE-2016-0351
+CVE-2016-0351 (IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-I ...)
 	NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
-CVE-2016-0350
+CVE-2016-0350 (Cross-site scripting (XSS) vulnerability in the Report Builder and Dat ...)
 	NOT-FOR-US: IBM
-CVE-2016-0349
+CVE-2016-0349 (IBM Business Process Manager 8.5.6 through 8.5.6.2 and 8.5.7 before 8. ...)
 	NOT-FOR-US: IBM
-CVE-2016-0348
+CVE-2016-0348 (Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Applica ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
 CVE-2016-0347
 	RESERVED
-CVE-2016-0346
+CVE-2016-0346 (Cross-site scripting (XSS) vulnerability in IBM Cognos Business Intell ...)
 	NOT-FOR-US: IBM
-CVE-2016-0345
+CVE-2016-0345 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2. ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2016-0344
+CVE-2016-0344 (Cross-site scripting (XSS) vulnerability in the My Reports component i ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2016-0343
+CVE-2016-0343 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2. ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2016-0342
+CVE-2016-0342 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2. ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2016-0341
+CVE-2016-0341 (IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B A ...)
 	NOT-FOR-US: IBM
-CVE-2016-0340
+CVE-2016-0340 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
 	NOT-FOR-US: IBM
-CVE-2016-0339
+CVE-2016-0339 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
 	NOT-FOR-US: IBM
-CVE-2016-0338
+CVE-2016-0338 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
 	NOT-FOR-US: IBM
 CVE-2016-0337
 	RESERVED
-CVE-2016-0336
+CVE-2016-0336 (Cross-site scripting (XSS) vulnerability in IBM Security Identity Mana ...)
 	NOT-FOR-US: IBM Security Identity Manager
-CVE-2016-0335
+CVE-2016-0335 (Cross-site request forgery (CSRF) vulnerability in IBM Security Identi ...)
 	NOT-FOR-US: IBM Security Identity Manager
 CVE-2016-0334
 	RESERVED
 CVE-2016-0333
 	RESERVED
-CVE-2016-0332
+CVE-2016-0332 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
 	NOT-FOR-US: IBM Security Identity Manager
-CVE-2016-0331
+CVE-2016-0331 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0330
+CVE-2016-0330 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
 	NOT-FOR-US: IBM
-CVE-2016-0329
+CVE-2016-0329 (Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x before 1 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0328
+CVE-2016-0328 (IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x t ...)
 	NOT-FOR-US: IBM
-CVE-2016-0327
+CVE-2016-0327 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
 	NOT-FOR-US: IBM Security Identity Manager
-CVE-2016-0326
+CVE-2016-0326 (IBM Rational Quality Manager (RQM) and Rational Collaborative Lifecycl ...)
 	NOT-FOR-US: IBM
-CVE-2016-0325
+CVE-2016-0325 (IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8,  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0324
+CVE-2016-0324 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
 	NOT-FOR-US: IBM Security Identity Manager
-CVE-2016-0323
+CVE-2016-0323 (The Auto-Scaling agent in Liberty for Java in IBM Bluemix before 2.7-2 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0322
+CVE-2016-0322 (Cross-site scripting (XSS) vulnerability in IBM Connections 4.0 throug ...)
 	NOT-FOR-US: IBM
-CVE-2016-0321
+CVE-2016-0321 (IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x bef ...)
 	NOT-FOR-US: IBM
-CVE-2016-0320
+CVE-2016-0320 (IBM UrbanCode Deploy could allow an authenticated user to modify Ucd o ...)
 	NOT-FOR-US: IBM
-CVE-2016-0319
+CVE-2016-0319 (The XML parser in Lifecycle Query Engine (LQE) in IBM Jazz Reporting S ...)
 	NOT-FOR-US: IBM
-CVE-2016-0318
+CVE-2016-0318 (Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0317
+CVE-2016-0317 (Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0316
+CVE-2016-0316 (Cross-site scripting (XSS) vulnerability in Lifecycle Query Engine (LQ ...)
 	NOT-FOR-US: IBM
-CVE-2016-0315
+CVE-2016-0315 (The Report Builder and Data Collection Component (DCC) in IBM Jazz Rep ...)
 	NOT-FOR-US: IBM
-CVE-2016-0314
+CVE-2016-0314 (The Report Builder and Data Collection Component (DCC) in IBM Jazz Rep ...)
 	NOT-FOR-US: IBM
-CVE-2016-0313
+CVE-2016-0313 (Cross-site scripting (XSS) vulnerability in the Report Builder and Dat ...)
 	NOT-FOR-US: IBM
-CVE-2016-0312
+CVE-2016-0312 (IBM TRIRIGA Application Platform before 3.3.2 allows remote attackers  ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2016-0311
+CVE-2016-0311 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Business Servic ...)
 	NOT-FOR-US: IBM Tivoli Business Service Manager
-CVE-2016-0310
+CVE-2016-0310 (IBM Connections 5.5 and earlier is vulnerable to possible host header  ...)
 	NOT-FOR-US: IBM
 CVE-2016-0309
 	RESERVED
-CVE-2016-0308
+CVE-2016-0308 (IBM Connections 5.5 and earlier is vulnerable to possible link manipul ...)
 	NOT-FOR-US: IBM
-CVE-2016-0307
+CVE-2016-0307 (IBM Connections 5.5 and earlier allows remote attackers to obtain sens ...)
 	NOT-FOR-US: IBM
-CVE-2016-0306
+CVE-2016-0306 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.41, 8.0 before ...)
 	NOT-FOR-US: IBM
-CVE-2016-0305
+CVE-2016-0305 (IBM Connections is vulnerable to cross-site scripting, caused by impro ...)
 	NOT-FOR-US: IBM
-CVE-2016-0304
+CVE-2016-0304 (The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x bef ...)
 	NOT-FOR-US: IBM
-CVE-2016-0303
+CVE-2016-0303 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Port ...)
 	NOT-FOR-US: IBM Tivoli Integrated Portal
 CVE-2016-0302
 	RESERVED
-CVE-2016-0301
+CVE-2016-0301 (Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0300
+CVE-2016-0300 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2. ...)
 	NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2016-0299
+CVE-2016-0299 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2. ...)
 	NOT-FOR-US: IBM
-CVE-2016-0298
+CVE-2016-0298 (Directory traversal vulnerability in IBM Security Guardium Database Ac ...)
 	NOT-FOR-US: IBM
-CVE-2016-0297
+CVE-2016-0297 (IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could all ...)
 	NOT-FOR-US: IBM
-CVE-2016-0296
+CVE-2016-0296 (IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores po ...)
 	NOT-FOR-US: IBM
-CVE-2016-0295
+CVE-2016-0295 (Cross-site request forgery (CSRF) vulnerability in the IBM BigFix Plat ...)
 	NOT-FOR-US: IBM
 CVE-2016-0294
 	RESERVED
-CVE-2016-0293
+CVE-2016-0293 (Cross-site scripting (XSS) vulnerability in IBM BigFix Platform (forme ...)
 	NOT-FOR-US: IBM
-CVE-2016-0292
+CVE-2016-0292 (WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0291
+CVE-2016-0291 (IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow  ...)
 	NOT-FOR-US: IBM
 CVE-2016-0290
 	RESERVED
-CVE-2016-0289
+CVE-2016-0289 (shiprec.xml in the SHIPREC application in IBM Maximo Asset Management  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0288
+CVE-2016-0288 (IBM Security AppScan Standard 8.7.x, 8.8.x, and 9.x before 9.0.3.2 and ...)
 	NOT-FOR-US: IBM
-CVE-2016-0287
+CVE-2016-0287 (IBM i Access 7.1 on Windows allows local users to discover registry pa ...)
 	NOT-FOR-US: IBM
-CVE-2016-0286
+CVE-2016-0286 (IBM Tivoli Business Service Manager 6.1.0 before 6.1.0-TIV-BSM-FP0004  ...)
 	NOT-FOR-US: IBM Tivoli Business Service Manager
-CVE-2016-0285
+CVE-2016-0285 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
 	NOT-FOR-US: IBM
-CVE-2016-0284
+CVE-2016-0284 (The XML parser in IBM Rational Collaborative Lifecycle Management 3.0. ...)
 	NOT-FOR-US: IBM
-CVE-2016-0283
+CVE-2016-0283 (Cross-site scripting (XSS) vulnerability in the OpenID Connect (OIDC)  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0282
+CVE-2016-0282 (Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 FP ...)
 	NOT-FOR-US: IBM
-CVE-2016-0281
+CVE-2016-0281 (The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x,  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0280
+CVE-2016-0280 (Cross-site scripting (XSS) vulnerability in IBM Information Server Fra ...)
 	NOT-FOR-US: IBM
-CVE-2016-0279
+CVE-2016-0279 (Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0278
+CVE-2016-0278 (Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0277
+CVE-2016-0277 (Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0276
+CVE-2016-0276 (IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Pla ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2016-0275
+CVE-2016-0275 (IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Pla ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2016-0274
+CVE-2016-0274 (IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Pla ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2016-0273
+CVE-2016-0273 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
 	NOT-FOR-US: IBM
-CVE-2016-0272
+CVE-2016-0272 (Cross-site request forgery (CSRF) vulnerability in IBM Financial Trans ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2016-0271
+CVE-2016-0271 (The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x before 6 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0270
+CVE-2016-0270 (IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Int ...)
 	NOT-FOR-US: IBM
-CVE-2016-0269
+CVE-2016-0269 (Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x be ...)
 	NOT-FOR-US: IBM
-CVE-2016-0268
+CVE-2016-0268 (XML external entity (XXE) vulnerability in IBM Financial Transaction M ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2016-0267
+CVE-2016-0267 (IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0266
+CVE-2016-0266 (IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the la ...)
 	NOT-FOR-US: IBM
-CVE-2016-0265
+CVE-2016-0265 (IBM Campaign is vulnerable to cross-site scripting, caused by improper ...)
 	NOT-FOR-US: IBM
-CVE-2016-0264
+CVE-2016-0264 (Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Tec ...)
 	NOT-FOR-US: IBM JDK
-CVE-2016-0263
+CVE-2016-0263 (IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and Gener ...)
 	NOT-FOR-US: IBM
-CVE-2016-0262
+CVE-2016-0262 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Managemen ...)
 	NOT-FOR-US: IBM
-CVE-2016-0261
+CVE-2016-0261 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program M ...)
 	NOT-FOR-US: IBM
-CVE-2016-0260
+CVE-2016-0260 (Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before 8.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0259
+CVE-2016-0259 (runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to b ...)
 	NOT-FOR-US: IBM
 CVE-2016-0258
 	RESERVED
@@ -31526,349 +31526,349 @@ CVE-2016-0257
 	RESERVED
 CVE-2016-0256
 	RESERVED
-CVE-2016-0255
+CVE-2016-0255 (IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site ...)
 	NOT-FOR-US: IBM
-CVE-2016-0254
+CVE-2016-0254 (IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a deni ...)
 	NOT-FOR-US: IBM
-CVE-2016-0253
+CVE-2016-0253 (Cross-site scripting (XSS) vulnerability in IBM Financial Transaction  ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2016-0252
+CVE-2016-0252 (IBM Control Center 6.x before 6.0.0.1 iFix06 and Sterling Control Cent ...)
 	NOT-FOR-US: IBM
 CVE-2016-0251
 	RESERVED
-CVE-2016-0250
+CVE-2016-0250 (XML external entity (XXE) vulnerability in IBM InfoSphere Information  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0249
+CVE-2016-0249 (SQL injection vulnerability in IBM Security Guardium Database Activity ...)
 	NOT-FOR-US: IBM
-CVE-2016-0248
+CVE-2016-0248 (IBM Security Guardium 9.0 before p700 and 10.0 before p100 allows man- ...)
 	NOT-FOR-US: IBM
-CVE-2016-0247
+CVE-2016-0247 (IBM Security Guardium 8.2 before p310, 9.x through 9.5 before p700, an ...)
 	NOT-FOR-US: IBM
-CVE-2016-0246
+CVE-2016-0246 (Cross-site scripting (XSS) vulnerability in IBM Security Guardium 8.2  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0245
+CVE-2016-0245 (The XML parser in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0244
+CVE-2016-0244 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0243
+CVE-2016-0243 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0242
+CVE-2016-0242 (IBM Security Guardium 10.x through 10.1 before p100 allows remote auth ...)
 	NOT-FOR-US: IBM
-CVE-2016-0241
+CVE-2016-0241 (IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x t ...)
 	NOT-FOR-US: IBM
-CVE-2016-0240
+CVE-2016-0240 (IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x t ...)
 	NOT-FOR-US: IBM
-CVE-2016-0239
+CVE-2016-0239 (IBM Security Guardium Database Activity Monitor 9.x through 9.5 before ...)
 	NOT-FOR-US: IBM
-CVE-2016-0238
+CVE-2016-0238 (IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitiv ...)
 	NOT-FOR-US: IBM
-CVE-2016-0237
+CVE-2016-0237 (IBM Security Guardium Database Activity Monitor 10 allows local users  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0236
+CVE-2016-0236 (IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x t ...)
 	NOT-FOR-US: IBM
-CVE-2016-0235
+CVE-2016-0235 (IBM Security Guardium Database Activity Monitor 10 allows local users  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0234
+CVE-2016-0234 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0233
+CVE-2016-0233 (SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, an ...)
 	NOT-FOR-US: IBM
-CVE-2016-0232
+CVE-2016-0232 (IBM Financial Transaction Manager (FTM) for ACH Services, Check Servic ...)
 	NOT-FOR-US: IBM
-CVE-2016-0231
+CVE-2016-0231 (IBM Financial Transaction Manager (FTM) for ACH Services, Check Servic ...)
 	NOT-FOR-US: IBM
-CVE-2016-0230
+CVE-2016-0230 (IBM Power Hardware Management Console (HMC) 7.3 through 7.3.0 SP7, 7.9 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0229
+CVE-2016-0229 (Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8.6 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0228
+CVE-2016-0228 (IBM Marketing Platform 10.0 could allow a remote attacker to conduct p ...)
 	NOT-FOR-US: IBM
-CVE-2016-0227
+CVE-2016-0227 (Cross-site scripting (XSS) vulnerability in the document-list control  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0226
+CVE-2016-0226 (The client implementation in IBM Informix Dynamic Server 11.70.xCn on  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0225
+CVE-2016-0225 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.9 al ...)
 	NOT-FOR-US: IBM
-CVE-2016-0224
+CVE-2016-0224 (SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, an ...)
 	NOT-FOR-US: IBM
-CVE-2016-0223
+CVE-2016-0223 (Cross-site scripting (XSS) vulnerability in the Webform Framework API  ...)
 	NOT-FOR-US: IBM Forms Server
-CVE-2016-0222
+CVE-2016-0222 (IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote a ...)
 	NOT-FOR-US: IBM
-CVE-2016-0221
+CVE-2016-0221 (Cross-site scripting (XSS) vulnerability in IBM Cognos TM1, as used in ...)
 	NOT-FOR-US: IBM
 CVE-2016-0220
 	RESERVED
-CVE-2016-0219
+CVE-2016-0219 (XML external entity (XXE) vulnerability in IBM Rational Team Concert 3 ...)
 	NOT-FOR-US: IBM Rational Team Concert
-CVE-2016-0218
+CVE-2016-0218 (IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerab ...)
 	NOT-FOR-US: IBM
-CVE-2016-0217
+CVE-2016-0217 (IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerab ...)
 	NOT-FOR-US: IBM
-CVE-2016-0216
+CVE-2016-0216 (Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0215
+CVE-2016-0215 (IBM DB2 9.7, 10.1 before FP6, and 10.5 before FP8 on AIX, Linux, HP, S ...)
 	NOT-FOR-US: IBM DB2
-CVE-2016-0214
+CVE-2016-0214 (IBM Tivoli Endpoint Manager could allow a remote attacker to upload ar ...)
 	NOT-FOR-US: IBM
-CVE-2016-0213
+CVE-2016-0213 (Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0212
+CVE-2016-0212 (Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0211
+CVE-2016-0211 (IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0210
+CVE-2016-0210 (IBM Sterling B2B Integrator Standard Edition could allow a remote atta ...)
 	NOT-FOR-US: IBM
-CVE-2016-0209
+CVE-2016-0209 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0208
+CVE-2016-0208 (IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and  ...)
 	NOT-FOR-US: IBM
-CVE-2016-0207
+CVE-2016-0207 (IBM Algorithmics One-Algo Risk Application (ARA) 4.9.1 through 5.1.0 a ...)
 	NOT-FOR-US: IBM Algorithmics One-Algo Risk Application
-CVE-2016-0206
+CVE-2016-0206 (IBM Cloud Orchestrator could allow a local authenticated attacker to c ...)
 	NOT-FOR-US: IBM
-CVE-2016-0205
+CVE-2016-0205 (A vulnerability has been identified in IBM Cloud Orchestrator 2.3, 2.3 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0204
+CVE-2016-0204 (Open redirect vulnerability in IBM Cloud Orchestrator 2.4.x before 2.4 ...)
 	NOT-FOR-US: IBM
-CVE-2016-0203
+CVE-2016-0203 (A vulnerability has been identified in the IBM Cloud Orchestrator task ...)
 	NOT-FOR-US: IBM
-CVE-2016-0202
+CVE-2016-0202 (A vulnerability has been identified in tasks, backend object generated ...)
 	NOT-FOR-US: IBM
-CVE-2016-0201
+CVE-2016-0201 (GSKit in IBM Security Network Protection 5.3.1 before 5.3.1.7 and 5.3. ...)
 	NOT-FOR-US: IBM
-CVE-2016-0200
+CVE-2016-0200 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0199
+CVE-2016-0199 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0198
+CVE-2016-0198 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0197
+CVE-2016-0197 (dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mod ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0196
+CVE-2016-0196 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0195
+CVE-2016-0195 (The Imaging Component in Microsoft Windows Vista SP2, Windows Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0194
+CVE-2016-0194 (Microsoft Internet Explorer 10 and 11 allows remote attackers to bypas ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0193
+CVE-2016-0193 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0192
+CVE-2016-0192 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0191
+CVE-2016-0191 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0190
+CVE-2016-0190 (Volume Manager Driver in Microsoft Windows 8.1, Windows Server 2012 Go ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0189
+CVE-2016-0189 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0188
+CVE-2016-0188 (The User Mode Code Integrity (UMCI) implementation in Device Guard in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0187
+CVE-2016-0187 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.8 engines, as used in ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0186
+CVE-2016-0186 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0185
+CVE-2016-0185 (Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0184
+CVE-2016-0184 (Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0183
+CVE-2016-0183 (The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0182
+CVE-2016-0182 (Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0181
+CVE-2016-0181 (Microsoft Windows 10 Gold and 1511 allows local users to bypass the Vi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0180
+CVE-2016-0180 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0179
+CVE-2016-0179 (Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0178
+CVE-2016-0178 (The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0177
 	REJECTED
-CVE-2016-0176
+CVE-2016-0176 (dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mod ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0175
+CVE-2016-0175 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0174
+CVE-2016-0174 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0173
+CVE-2016-0173 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0172
 	REJECTED
-CVE-2016-0171
+CVE-2016-0171 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0170
+CVE-2016-0170 (GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0169
+CVE-2016-0169 (GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0168
+CVE-2016-0168 (GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0167
+CVE-2016-0167 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0166
+CVE-2016-0166 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2016-0165
+CVE-2016-0165 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0164
+CVE-2016-0164 (Microsoft Internet Explorer 10 and 11 allows remote attackers to execu ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2016-0163
 	REJECTED
-CVE-2016-0162
+CVE-2016-0162 (Microsoft Internet Explorer 9 through 11 allows remote attackers to de ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2016-0161
+CVE-2016-0161 (Microsoft Edge allows remote attackers to bypass the Same Origin Polic ...)
 	NOT-FOR-US: Microsoft Edge
-CVE-2016-0160
+CVE-2016-0160 (Microsoft Internet Explorer 11 mishandles DLL loading, which allows lo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2016-0159
+CVE-2016-0159 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2016-0158
+CVE-2016-0158 (Microsoft Edge allows remote attackers to bypass the Same Origin Polic ...)
 	NOT-FOR-US: Microsoft Edge
-CVE-2016-0157
+CVE-2016-0157 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft Edge
-CVE-2016-0156
+CVE-2016-0156 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft Edge
-CVE-2016-0155
+CVE-2016-0155 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft Edge
-CVE-2016-0154
+CVE-2016-0154 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2016-0153
+CVE-2016-0153 (OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0152
+CVE-2016-0152 (Internet Information Services (IIS) in Microsoft Windows Vista SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0151
+CVE-2016-0151 (The Client-Server Run-time Subsystem (CSRSS) in Microsoft Windows 8.1, ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0150
+CVE-2016-0150 (HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0149
+CVE-2016-0149 (Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0148
+CVE-2016-0148 (Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, whi ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2016-0147
+CVE-2016-0147 (Microsoft XML Core Services 3.0 allows remote attackers to execute arb ...)
 	NOT-FOR-US: Microsoft XML Core Services
 CVE-2016-0146
 	REJECTED
-CVE-2016-0145
+CVE-2016-0145 (The font library in Microsoft Windows Vista SP2; Windows Server 2008 S ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2016-0144
 	REJECTED
-CVE-2016-0143
+CVE-2016-0143 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0142
+CVE-2016-0142 (Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0141
+CVE-2016-0141 (The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0140
+CVE-2016-0140 (Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services o ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0139
+CVE-2016-0139 (Microsoft Excel 2010 SP2, Word for Mac 2011, and Excel Viewer allow re ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2016-0138
+CVE-2016-0138 (Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulativ ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0137
+CVE-2016-0137 (The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0136
+CVE-2016-0136 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2016-0135
+CVE-2016-0135 (The Secondary Logon Service in Microsoft Windows 10 Gold and 1511 allo ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0134
+CVE-2016-0134 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0133
+CVE-2016-0133 (The USB Mass Storage Class driver in Microsoft Windows Vista SP2, Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0132
+CVE-2016-0132 (Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0131
 	REJECTED
-CVE-2016-0130
+CVE-2016-0130 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0129
+CVE-2016-0129 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0128
+CVE-2016-0128 (The SAM and LSAD protocol implementations in Microsoft Windows Vista S ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2016-0127
+CVE-2016-0127 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft Word
-CVE-2016-0126
+CVE-2016-0126 (Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 allows remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0125
+CVE-2016-0125 (Microsoft Edge mishandles the Referer policy, which allows remote atta ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0124
+CVE-2016-0124 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0123
+CVE-2016-0123 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0122
+CVE-2016-0122 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0121
+CVE-2016-0121 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0120
+CVE-2016-0120 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0119
 	REJECTED
-CVE-2016-0118
+CVE-2016-0118 (The PDF library in Microsoft Windows 10 Gold and 1511 allows remote at ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0117
+CVE-2016-0117 (The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0116
+CVE-2016-0116 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0115
 	REJECTED
-CVE-2016-0114
+CVE-2016-0114 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0113
+CVE-2016-0113 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0112
+CVE-2016-0112 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0111
+CVE-2016-0111 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0110
+CVE-2016-0110 (Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow rem ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0109
+CVE-2016-0109 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0108
+CVE-2016-0108 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0107
+CVE-2016-0107 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0106
+CVE-2016-0106 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0105
+CVE-2016-0105 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0104
+CVE-2016-0104 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0103
+CVE-2016-0103 (Microsoft Internet Explorer 11 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0102
+CVE-2016-0102 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0101
+CVE-2016-0101 (Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0100
+CVE-2016-0100 (Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library load ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0099
+CVE-2016-0099 (The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Se ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0098
+CVE-2016-0098 (Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Wind ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0097
 	REJECTED
-CVE-2016-0096
+CVE-2016-0096 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0095
+CVE-2016-0095 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0094
+CVE-2016-0094 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0093
+CVE-2016-0093 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0092
+CVE-2016-0092 (OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0091
+CVE-2016-0091 (OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0090
+CVE-2016-0090 (Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0089
+CVE-2016-0089 (Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0088
+CVE-2016-0088 (Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0087
+CVE-2016-0087 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and W ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0086
 	REJECTED
 CVE-2016-0085
 	REJECTED
-CVE-2016-0084
+CVE-2016-0084 (Microsoft Edge allows remote attackers to execute arbitrary code or ca ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0083
 	REJECTED
@@ -31876,174 +31876,174 @@ CVE-2016-0082
 	REJECTED
 CVE-2016-0081
 	REJECTED
-CVE-2016-0080
+CVE-2016-0080 (Microsoft Edge mishandles exceptions during window-message dispatch op ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0079
+CVE-2016-0079 (The kernel in Microsoft Windows 10 Gold, 1511, and 1607 allows local u ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0078
 	REJECTED
-CVE-2016-0077
+CVE-2016-0077 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse H ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0076
 	REJECTED
-CVE-2016-0075
+CVE-2016-0075 (The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2,  ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0074
 	REJECTED
-CVE-2016-0073
+CVE-2016-0073 (The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0072
+CVE-2016-0072 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0071
+CVE-2016-0071 (Microsoft Internet Explorer 9 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0070
+CVE-2016-0070 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0069
+CVE-2016-0069 (Microsoft Internet Explorer 9 through 11 allows remote attackers to by ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0068
+CVE-2016-0068 (Microsoft Internet Explorer 9 through 11 allows remote attackers to by ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0067
+CVE-2016-0067 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0066
 	REJECTED
 CVE-2016-0065
 	REJECTED
-CVE-2016-0064
+CVE-2016-0064 (Microsoft Internet Explorer 10 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0063
+CVE-2016-0063 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0062
+CVE-2016-0062 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0061
+CVE-2016-0061 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0060
+CVE-2016-0060 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0059
+CVE-2016-0059 (The Hyperlink Object Library in Microsoft Internet Explorer 9 through  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0058
+CVE-2016-0058 (Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0057
+CVE-2016-0057 (Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 does not prope ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0056
+CVE-2016-0056 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0055
+CVE-2016-0055 (Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0054
+CVE-2016-0054 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0053
+CVE-2016-0053 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0052
+CVE-2016-0052 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0051
+CVE-2016-0051 (The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0050
+CVE-2016-0050 (Network Policy Server (NPS) in Microsoft Windows Server 2008 SP2 and R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0049
+CVE-2016-0049 (Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0048
+CVE-2016-0048 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0047
+CVE-2016-0047 (WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0046
+CVE-2016-0046 (Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and  ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0045
 	REJECTED
-CVE-2016-0044
+CVE-2016-0044 (Sync Framework in Microsoft Windows 8.1, Windows Server 2012 R2, and W ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0043
 	REJECTED
-CVE-2016-0042
+CVE-2016-0042 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0041
+CVE-2016-0041 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0040
+CVE-2016-0040 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0039
+CVE-2016-0039 (Cross-site scripting (XSS) vulnerability in SharePoint Server in Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0038
+CVE-2016-0038 (Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0037
+CVE-2016-0037 (The forms-based authentication implementation in Active Directory Fede ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0036
+CVE-2016-0036 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0035
+CVE-2016-0035 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 R ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0034
+CVE-2016-0034 (Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0033
+CVE-2016-0033 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 do ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0032
+CVE-2016-0032 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) i ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0031
+CVE-2016-0031 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) i ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0030
+CVE-2016-0030 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) i ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0029
+CVE-2016-0029 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) i ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0028
+CVE-2016-0028 (Outlook Web Access (OWA) in Microsoft Exchange Server 2013 SP1, Cumula ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0027
 	REJECTED
-CVE-2016-0026
+CVE-2016-0026 (The Common Log File System (CLFS) driver in Microsoft Windows Vista SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0025
+CVE-2016-0025 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0024
+CVE-2016-0024 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0023
 	REJECTED
-CVE-2016-0022
+CVE-2016-0022 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0021
+CVE-2016-0021 (Microsoft InfoPath 2007 SP3, 2010 SP2, and 2013 SP1 allows remote atta ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0020
+CVE-2016-0020 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and W ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0019
+CVE-2016-0019 (The Remote Desktop Protocol (RDP) service implementation in Microsoft  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0018
+CVE-2016-0018 (Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0017
 	REJECTED
-CVE-2016-0016
+CVE-2016-0016 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0015
+CVE-2016-0015 (DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0014
+CVE-2016-0014 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0013
 	REJECTED
-CVE-2016-0012
+CVE-2016-0012 (Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0011
+CVE-2016-0011 (Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0010
+CVE-2016-0010 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0009
+CVE-2016-0009 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0008
+CVE-2016-0008 (The graphics device interface in Microsoft Windows Vista SP2, Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0007
+CVE-2016-0007 (The sandbox implementation in Microsoft Windows Vista SP2, Windows Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0006
+CVE-2016-0006 (The sandbox implementation in Microsoft Windows Vista SP2, Windows Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0005
+CVE-2016-0005 (Microsoft Internet Explorer 9 through 11 allows remote attackers to by ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0004
 	REJECTED
-CVE-2016-0003
+CVE-2016-0003 (Microsoft Edge allows remote attackers to execute arbitrary code via u ...)
 	NOT-FOR-US: Microsoft
-CVE-2016-0002
+CVE-2016-0002 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 eng ...)
 	NOT-FOR-US: Microsoft
 CVE-2016-0001
 	REJECTED
-CVE-2016-1000033
+CVE-2016-1000033 (Shotwell version 0.22.0 (and possibly other versions) is vulnerable to ...)
 	- shotwell 0.22.0-3 (low; bug #807110)
 	[jessie] - shotwell <no-dsa> (Minor issue)
 	[wheezy] - shotwell <no-dsa> (Minor issue)
 	[squeeze] - shotwell <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/04/4
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=754488
-CVE-2016-4353
+CVE-2016-4353 (ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder ...)
 	- libksba 1.3.3-1 (low)
 	[jessie] - libksba 1.3.2-1+deb8u1
 	[wheezy] - libksba <no-dsa> (Minor issue)
@@ -32051,7 +32051,7 @@ CVE-2016-4353
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/5
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=07116a314f4dcd4d96990bbd74db95a03a9f650a
-CVE-2016-4355
+CVE-2016-4355 (Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 al ...)
 	- libksba 1.3.3-1 (low)
 	[jessie] - libksba 1.3.2-1+deb8u1
 	[wheezy] - libksba <no-dsa> (Minor issue)
@@ -32059,7 +32059,7 @@ CVE-2016-4355
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/5
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=aea7b6032865740478ca4b706850a5217f1c3887
-CVE-2016-4354
+CVE-2016-4354 (ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data t ...)
 	- libksba 1.3.3-1 (low)
 	[jessie] - libksba 1.3.2-1+deb8u1
 	[wheezy] - libksba <no-dsa> (Minor issue)
@@ -32067,7 +32067,7 @@ CVE-2016-4354
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/5
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=aea7b6032865740478ca4b706850a5217f1c3887
-CVE-2016-4356
+CVE-2016-4356 (The append_utf8_value function in the DN decoder (dn.c) in Libksba bef ...)
 	- libksba 1.3.3-1 (low)
 	[jessie] - libksba 1.3.2-1+deb8u1
 	[wheezy] - libksba <no-dsa> (Minor issue)
@@ -32075,16 +32075,16 @@ CVE-2016-4356
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/13/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/5
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=243d12fdec66a4360fbb3e307a046b39b5b4ffc3
-CVE-2016-9675
+CVE-2016-9675 (openjpeg: A heap-based buffer overflow flaw was found in the patch for ...)
 	- openjpeg 1.5.2-1
 	[wheezy] - openjpeg 1.3+dfsg-4.8
 	[squeeze] - openjpeg 1.3+dfsg-4+squeeze3
 	NOTE: Introduced as well a regression, cf. https://bugs.debian.org/734238
-CVE-2016-2847
+CVE-2016-2847 (fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of  ...)
 	{DSA-3503-1}
 	- linux 4.3.5-1
 	NOTE: https://git.kernel.org/linus/759c01142a5d0f364a462346168a56de28a80f52 (v4.5-rc1)
-CVE-2016-2856
+CVE-2016-2856 (pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie;  ...)
 	- eglibc <removed>
 	[squeeze] - eglibc <no-dsa> (Minor issue)
 	[wheezy] - eglibc <no-dsa> (Minor issue)
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index ffb6fc65d5..7b93554e56 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -2,70 +2,70 @@ CVE-2017-18363
 	RESERVED
 CVE-2017-1000000
 	REJECTED
-CVE-2017-18362
+CVE-2017-18362 (ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is v ...)
 	NOT-FOR-US: ConnectWise ManagedITSync
-CVE-2017-18361
+CVE-2017-18361 (In Pylons Colander through 1.6, the URL validator allows an attacker t ...)
 	- python-colander <removed>
 	[stretch] - python-colander <no-dsa> (Minor issue)
 	[jessie] - python-colander <no-dsa> (Minor issue)
 	NOTE: https://github.com/Pylons/colander/issues/290
 	NOTE: https://github.com/Pylons/colander/pull/323
-CVE-2017-18360
+CVE-2017-18360 (In change_port_settings in drivers/usb/serial/io_ti.c in the Linux ker ...)
 	- linux 4.9.30-1
 	[jessie] - linux 3.16.48-1
 	NOTE: Fixed by: https://git.kernel.org/linus/6aeb75e6adfaed16e58780309613a578fe1ee90b
-CVE-2017-18359
+CVE-2017-18359 (PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attac ...)
 	{DLA-1653-1}
 	- postgis 2.3.3+dfsg-1 (low)
 	[stretch] - postgis <no-dsa> (Minor issue)
 	NOTE: https://trac.osgeo.org/postgis/ticket/3704
 	NOTE: https://trac.osgeo.org/postgis/changeset/15444
 	NOTE: https://trac.osgeo.org/postgis/changeset/15445
-CVE-2017-18358
+CVE-2017-18358 (LimeSurvey before 2.72.4 has Stored XSS by using the Continue Later (a ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2017-18357
+CVE-2017-18357 (Shopware before 5.3.4 has a PHP Object Instantiation issue via the sor ...)
 	NOT-FOR-US: Shopware
-CVE-2017-18356
+CVE-2017-18356 (In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an at ...)
 	NOT-FOR-US: Automattic WooCommerce plugin for WordPress
-CVE-2017-1002157
+CVE-2017-1002157 (modulemd 1.3.1 and earlier uses an unsafe function for processing exte ...)
 	NOT-FOR-US: modulemd
-CVE-2017-1002152
+CVE-2017-1002152 (Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting  ...)
 	NOT-FOR-US: Bodhi
-CVE-2017-18355
+CVE-2017-18355 (Installed packages are exposed by node_modules in Rendertron 1.0.0, al ...)
 	NOT-FOR-US: Rendertron
-CVE-2017-18354
+CVE-2017-18354 (Rendertron 1.0.0 allows for alternative protocols such as 'file://' in ...)
 	NOT-FOR-US: Rendertron
-CVE-2017-18353
+CVE-2017-18353 (Rendertron 1.0.0 includes an _ah/stop route to shutdown the Chrome ins ...)
 	NOT-FOR-US: Rendertron
-CVE-2017-18352
+CVE-2017-18352 (Error reporting within Rendertron 1.0.0 allows reflected Cross Site Sc ...)
 	NOT-FOR-US: Rendertron
 CVE-2017-18351
 	RESERVED
 CVE-2017-18350
 	RESERVED
-CVE-2017-18349
+CVE-2017-18349 (parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pi ...)
 	NOT-FOR-US: FastjsonEngine
-CVE-2017-18348
+CVE-2017-18348 (Splunk Enterprise 6.6.x, when configured to run as root but drop privi ...)
 	NOT-FOR-US: Splunk
-CVE-2017-18347
+CVE-2017-18347 (Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0  ...)
 	NOT-FOR-US: STMicroelectronics STM32F0 series devices
-CVE-2017-1000600
+CVE-2017-1000600 (WordPress version &lt;4.9 contains a CWE-20 Input Validation vulnerabi ...)
 	- wordpress <undetermined>
 CVE-2017-18346
 	RESERVED
-CVE-2017-18345
+CVE-2017-18345 (The Joomanager component through 2.0.0 for Joomla! has an arbitrary fi ...)
 	NOT-FOR-US: Joomla addon
-CVE-2017-18344
+CVE-2017-18344 (The timer_create syscall implementation in kernel/time/posix-timers.c  ...)
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.82-1+deb9u1
 	[jessie] - linux 3.16.56-1
 	NOTE: Fixed by: https://git.kernel.org/linus/cef31d9af908243421258f1df35a4a644604efbe
-CVE-2017-18343
+CVE-2017-18343 (** DISPUTED ** The debug handler in Symfony before v2.7.33, 2.8.x befo ...)
 	- symfony 3.4.0+dfsg-1 (unimportant)
 	NOTE: https://github.com/symfony/debug/pull/7/commits/e48bda29143bd1a83001780b4a78e483822d985c
 	NOTE: https://github.com/symfony/symfony/issues/27987
 	NOTE: https://github.com/symfony/symfony/pull/23684
-CVE-2017-18342
+CVE-2017-18342 (In PyYAML before 4.1, the yaml.load() API could execute arbitrary code ...)
 	- pyyaml <unfixed> (unimportant; bug #902878)
 	NOTE: This is a well-known design deficiency in pyyaml, various CVE IDs have been assigned
 	NOTE: to applications misusing the API over the years. The CVE ID was assigned to raise
@@ -89,115 +89,115 @@ CVE-2017-18334
 	RESERVED
 CVE-2017-18333
 	RESERVED
-CVE-2017-18332
+CVE-2017-18332 (Security keys are logged when any WCDMA call is configured or reconfig ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18331
+CVE-2017-18331 (Improper access control on secure display buffers in snapdragon automo ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18330
+CVE-2017-18330 (Buffer overflow in AES-CCM and AES-GCM encryption via initialization v ...)
 	NOT-FOR-US: snapdragon
-CVE-2017-18329
+CVE-2017-18329 (Possible Buffer overflow when transmitting an RTP packet in snapdragon ...)
 	NOT-FOR-US: snapdragon
-CVE-2017-18328
+CVE-2017-18328 (Use after free in QSH client rule processing in snapdragon mobile and  ...)
 	NOT-FOR-US: snapdragon
-CVE-2017-18327
+CVE-2017-18327 (Security keys are logged when any WCDMA call is configured or reconfig ...)
 	NOT-FOR-US: snapdragon
-CVE-2017-18326
+CVE-2017-18326 (Cryptographic keys are printed in modem debug messages in snapdragon m ...)
 	NOT-FOR-US: snapdragon
 CVE-2017-18325
 	RESERVED
-CVE-2017-18324
+CVE-2017-18324 (Cryptographic key material leaked in debug messages - GERAN in snapdra ...)
 	NOT-FOR-US: snapdragon
-CVE-2017-18323
+CVE-2017-18323 (Cryptographic key material leaked in TDSCDMA RRC debug messages in sna ...)
 	NOT-FOR-US: snapdragon
-CVE-2017-18322
+CVE-2017-18322 (Cryptographic key material leaked in WCDMA debug messages in snapdrago ...)
 	NOT-FOR-US: snapdragon
-CVE-2017-18321
+CVE-2017-18321 (Security keys used by the terminal and NW for a session could be leake ...)
 	NOT-FOR-US: snapdragon
-CVE-2017-18320
+CVE-2017-18320 (QSEE unload attempt on a 3rd party TEE without previously loading resu ...)
 	NOT-FOR-US: snapdragon
-CVE-2017-18319
+CVE-2017-18319 (Information leak in UIM API debug messages in snapdragon mobile and sn ...)
 	NOT-FOR-US: snapdragon
-CVE-2017-18318
+CVE-2017-18318 (Missing validation check on CRL issuer name in Snapdragon Automobile,  ...)
 	NOT-FOR-US: Snapdragon
-CVE-2017-18317
+CVE-2017-18317 (Restrictions related to the modem (sim lock, sim kill) can be bypassed ...)
 	NOT-FOR-US: Snapdragon
-CVE-2017-18316
+CVE-2017-18316 (Secure application can access QSEE kernel memory through Ontario kerne ...)
 	NOT-FOR-US: Snapdragon
-CVE-2017-18315
+CVE-2017-18315 (Buffer over-read vulnerabilities in an older version of ASN.1 parser i ...)
 	NOT-FOR-US: Snapdragon
-CVE-2017-18314
+CVE-2017-18314 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18313
+CVE-2017-18313 (Under certain mode of operations, HLOS may be able get direct or indir ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18312
+CVE-2017-18312 (While accessing SafeSwitch services, third party can manipulate a give ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18311
+CVE-2017-18311 (XPU Master privilege escalation is possible due to improper access con ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18310
+CVE-2017-18310 (ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snap ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18309
+CVE-2017-18309 (A micro-core of QMP transportation may cause a macro-core to read from ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18308
+CVE-2017-18308 (Modem segments are unlocked after authentication, leaving modem segmen ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18307
 	RESERVED
 CVE-2017-18306
 	RESERVED
-CVE-2017-18305
+CVE-2017-18305 (XBL sec mem dump system call allows complete control of EL3 by unlocki ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18304
+CVE-2017-18304 (Insufficient memory allocation in boot due to incorrect size being pas ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18303
+CVE-2017-18303 (While processing the sensors registry configuration file, if inputs ar ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18302
+CVE-2017-18302 (In Snapdragon (Automobile ,Mobile) in version MSM8996AU, SD 425, SD 42 ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18301
+CVE-2017-18301 (In Small Cell SoC and Snapdragon (Automobile, Mobile, Wear) in version ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18300
+CVE-2017-18300 (Secure display content could be accessed by third party trusted applic ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18299
+CVE-2017-18299 (Improper translation table consolidation logic leads to resource exhau ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18298
+CVE-2017-18298 (Lack of Input Validation in SDMX API can lead to NULL pointer access i ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18297
+CVE-2017-18297 (Double memory free while closing TEE SE API Session management in Snap ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18296
+CVE-2017-18296 (Access control on applications is not applied while accessing SafeSwit ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18295
+CVE-2017-18295 (Possible buffer overflow if input is not null terminated in DSP Servic ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18294
+CVE-2017-18294 (While reading file class type from ELF header, a buffer overread may h ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18293
+CVE-2017-18293 (When a particular GPIO is protected by blocking access to the correspo ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18292
+CVE-2017-18292 (Secure app running in non secure space can restart TZ by calling Widev ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18291
+CVE-2017-18291 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in  ...)
 	NOT-FOR-US: PvPGN Stats (relates to pvpgn, but the PHP utilities allowing integration with a PvPGN game server)
-CVE-2017-18290
+CVE-2017-18290 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in  ...)
 	NOT-FOR-US: PvPGN Stats (relates to pvpgn, but the PHP utilities allowing integration with a PvPGN game server)
-CVE-2017-18289
+CVE-2017-18289 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in l ...)
 	NOT-FOR-US: PvPGN Stats (relates to pvpgn, but the PHP utilities allowing integration with a PvPGN game server)
-CVE-2017-18288
+CVE-2017-18288 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in  ...)
 	NOT-FOR-US: PvPGN Stats (relates to pvpgn, but the PHP utilities allowing integration with a PvPGN game server)
-CVE-2017-18287
+CVE-2017-18287 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in  ...)
 	NOT-FOR-US: PvPGN Stats (relates to pvpgn, but the PHP utilities allowing integration with a PvPGN game server)
-CVE-2017-18286
+CVE-2017-18286 (nZEDb v0.7.3.3 has XSS in the 404 error page. ...)
 	NOT-FOR-US: nZEDb
-CVE-2017-18285
+CVE-2017-18285 (The Gentoo app-backup/burp package before 2.1.32 has incorrect group o ...)
 	- burp <not-affected> (/etc/burp is owned by root:root in Debian)
-CVE-2017-18284
+CVE-2017-18284 (The Gentoo app-backup/burp package before 2.1.32 sets the ownership of ...)
 	- burp <not-affected> (Debian package uses /var/run for the PID file)
-CVE-2017-0921
+CVE-2017-0921 (GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10 ...)
 	[experimental] - gitlab 10.7.5+dfsg-1
 	- gitlab 10.7.7+dfsg-2 (bug #900522)
 	NOTE: https://about.gitlab.com/2018/05/29/security-release-gitlab-10-dot-8-dot-2-released/
-CVE-2017-18283
+CVE-2017-18283 (Possible memory corruption when Read Val Blob Req is received with inv ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18282
+CVE-2017-18282 (Non-secure SW can cause SDCC to generate secure bus accesses, which ma ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18281
+CVE-2017-18281 (A bool variable in Video function, which gets typecasted to int before ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18280
+CVE-2017-18280 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18279
 	RESERVED
@@ -205,7 +205,7 @@ CVE-2017-18279
 CVE-2017-18278
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18277
+CVE-2017-18277 (When dynamic memory allocation fails, currently the process sleeps for ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18276
 	RESERVED
@@ -216,43 +216,43 @@ CVE-2017-18275
 CVE-2017-18274
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18273
+CVE-2017-18273 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulner ...)
 	{DLA-1381-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/910
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b8fcb59e9e1d1189caf2e0f5e39346944dcd6b9d
-CVE-2017-18272
+CVE-2017-18272 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-fr ...)
 	- imagemagick 8:6.9.9.34+dfsg-3
 	[stretch] - imagemagick <not-affected> (Vulnerable code not present)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/918
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/93d029b70ac766ce0b5d7261a2dd334535f48038
-CVE-2017-18271
+CVE-2017-18271 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulner ...)
 	{DLA-1381-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/911
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7523250e2664028aa1d8f02d2d7ae49c769a851e
-CVE-2017-18269
+CVE-2017-18269 (An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686 ...)
 	- glibc 2.27-3
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <not-affected> (Vulnerable code not present)
 	- eglibc <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22644
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cd66c0e584c6d692bc8347b5e72723d02b8a8ada
-CVE-2017-18270
+CVE-2017-18270 (In the Linux kernel before 4.13.5, a local user could create keyrings  ...)
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.56-1
 	[wheezy] - linux 3.2.101-1
 	NOTE: Fixed by: https://git.kernel.org/linus/237bbd29f7a049d310d907f4b2716a7feef9abf3 (4.14-rc3)
-CVE-2017-18268
+CVE-2017-18268 (Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the Ble ...)
 	NOT-FOR-US: Symantec
-CVE-2017-18267
+CVE-2017-18267 (The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler thr ...)
 	{DLA-1562-1}
 	[experimental] - poppler 0.65.0-1
 	- poppler 0.69.0-2 (bug #898357)
@@ -261,46 +261,46 @@ CVE-2017-18267
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=104942
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103238
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=60b4fe65bc9dc9b82bbadf0be2e3781be796a13d
-CVE-2017-18266
+CVE-2017-18266 (The open_envvar function in xdg-open in xdg-utils before 1.1.3 does no ...)
 	{DSA-4211-1 DLA-1384-1}
 	- xdg-utils 1.1.3-1 (bug #898317)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103807
 	NOTE: Upstream bug discussed possible other approach to fix the issue.
 	NOTE: Fixed by: https://cgit.freedesktop.org/xdg/xdg-utils/commit/?id=ce802d71c3466d1dbb24f2fe9b6db82a1f899bcb
-CVE-2017-18265
+CVE-2017-18265 (Prosody before 0.10.0 allows remote attackers to cause a denial of ser ...)
 	{DSA-4198-1}
 	- prosody 0.10.0-1 (bug #875829)
 	[jessie] - prosody <not-affected> (Only exploitable with a LuaSocket version not in jessie)
 	[wheezy] - prosody <not-affected> (Vulnerable code not present)
 	NOTE: https://prosody.im/issues/issue/987
-CVE-2017-18264
+CVE-2017-18264 (An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0  ...)
 	{DLA-1415-1}
 	- phpmyadmin 4:4.6.6-2
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-8/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/7232271a379396ca1d4b083af051262057003c41 (4.7-branch)
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/b6ca92cc75c8a16001425be7881e73430bcc35b8 (4.0-branch)
 	NOTE: If the issue is triggerable depends as well on the used PHP version.
-CVE-2017-18263
+CVE-2017-18263 (Seagate Media Server in Seagate Personal Cloud before 4.3.18.4 has dir ...)
 	NOT-FOR-US: Seagate
-CVE-2017-18262
+CVE-2017-18262 (Blackboard Learn (Since at least 17th of October 2017) has allowed Unv ...)
 	NOT-FOR-US: Blackboard Learn
-CVE-2017-18261
+CVE-2017-18261 (The arch_timer_reg_read_stable macro in arch/arm64/include/asm/arch_ti ...)
 	- linux 4.13.4-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/adb4f11e0a8f4e29900adb2b7af28b6bbd5c1fa4 (4.13-rc6)
-CVE-2017-18260
+CVE-2017-18260 (Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities ...)
 	- dolibarr <removed>
-CVE-2017-18259
+CVE-2017-18259 (Dolibarr ERP/CRM is affected by stored Cross-Site Scripting (XSS) in v ...)
 	- dolibarr <removed>
-CVE-2017-18257
+CVE-2017-18257 (The __get_data_block function in fs/f2fs/data.c in the Linux kernel be ...)
 	{DSA-4188-1}
 	- linux 4.11.6-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/b86e33075ed1909d8002745b56ecf73b833db143
-CVE-2017-18258
+CVE-2017-18258 (The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote  ...)
 	{DLA-1524-1}
 	- libxml2 <unfixed> (bug #895245)
 	[stretch] - libxml2 <postponed> (Minor issue; wait for upstream fix for upstream bug 794914)
@@ -309,23 +309,23 @@ CVE-2017-18258
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb
 	NOTE: When fixing this issue make sure to not open CVE-2018-9251 and apply
 	NOTE: the fix for CVE-2018-9251 / https://bugzilla.gnome.org/show_bug.cgi?id=794914
-CVE-2017-18256
+CVE-2017-18256 (Brave Browser before 0.13.0 allows remote attackers to cause a denial  ...)
 	- brave-browser <itp> (bug #864795)
-CVE-2017-18255
+CVE-2017-18255 (The perf_cpu_time_max_percent_handler function in kernel/events/core.c ...)
 	{DLA-1423-1}
 	- linux 4.11.6-1 (unimportant)
 	[stretch] - linux 4.9.107-1
 	NOTE: https://git.kernel.org/linus/1572e45a924f254d9570093abde46430c3172e3d
-CVE-2017-18254
+CVE-2017-18254 (An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerabil ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/24d5699753170c141b46816284430516c2d48fed
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/53ea13989003cdb4955024f95b4a0158a2e871c6
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/808
-CVE-2017-18253
+CVE-2017-18253 (An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereferen ...)
 	- imagemagick <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/794
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/de5deab202c340162b65f65bafbbe17b1eda2c1a
-CVE-2017-18252
+CVE-2017-18252 (An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList fun ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -333,182 +333,182 @@ CVE-2017-18252
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/802
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/12f34b60564de1cbec08e23e2413dab5b64daeb7
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bb04ccb34fd45e9c3020786857fb79b09f44d7db
-CVE-2017-18251
+CVE-2017-18251 (An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerabil ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/809
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/12a43437fec6f9245327636dc2730863bb9fdd8b
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/99718b41102f26f802311045e882aa947ef2941b
-CVE-2017-18250
+CVE-2017-18250 (An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereferen ...)
 	- imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/793
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2f368e74a51ec7541b6595af712d17d6d1376534
-CVE-2017-18249
+CVE-2017-18249 (The add_free_nid function in fs/f2fs/node.c in the Linux kernel before ...)
 	{DLA-1715-1}
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.144-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/30a61ddf8117c26ac5b295e1233eaa9629a94ca3
-CVE-2017-18248
+CVE-2017-18248 (The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-B ...)
 	{DLA-1412-1 DLA-1387-1}
 	- cups 2.2.6-1
 	[stretch] - cups 2.2.1-8+deb9u3
 	NOTE: https://github.com/apple/cups/commit/49fa4983f25b64ec29d548ffa3b9782426007df3
 	NOTE: https://github.com/apple/cups/issues/5143
-CVE-2017-18247
+CVE-2017-18247 (The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12. ...)
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1089
-CVE-2017-18246
+CVE-2017-18246 (The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows ...)
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1095
-CVE-2017-18245
+CVE-2017-18245 (The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows rem ...)
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1094
-CVE-2017-18244
+CVE-2017-18244 (The stereo_processing function in libavcodec/aacps.c in Libav 12.2 all ...)
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1105
-CVE-2017-18243
+CVE-2017-18243 (The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 1 ...)
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1088
-CVE-2017-18242
+CVE-2017-18242 (The apply_dependent_coupling function in libavcodec/aacdec.c in Libav  ...)
 	- libav <removed> (low)
 	[jessie] - libav <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1093
-CVE-2017-18241
+CVE-2017-18241 (fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users t ...)
 	{DSA-4188-1 DSA-4187-1}
 	- linux 4.13.4-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/d4fdf8ba0e5808ba9ad6b44337783bd9935e0982
-CVE-2017-18240
+CVE-2017-18240 (The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownersh ...)
 	TODO: check
-CVE-2017-18239
+CVE-2017-18239 (A time-sensitive equality check on the JWT signature in the JsonWebTok ...)
 	NOT-FOR-US: authentikat-jwt
-CVE-2017-18238
+CVE-2017-18238 (An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::Pa ...)
 	{DLA-1310-1}
 	- exempi 2.4.4-1 (low)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102483
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=886cd1d2314755adb1f4cdb99c16ff00830f0331
-CVE-2017-18237
+CVE-2017-18237 (An issue was discovered in Exempi before 2.4.3. The PostScript_Support ...)
 	- exempi 2.4.3-1 (low)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	[wheezy] - exempi <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101914
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=f19d0107fbae1fb41836cd110d4425e407e64048
-CVE-2017-18236
+CVE-2017-18236 (An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadH ...)
 	{DLA-1310-1}
 	- exempi 2.4.4-1 (low)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102484
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=fe59605d3520bf2ca4e0a963d194f10e9fee5806
-CVE-2017-18235
+CVE-2017-18235 (An issue was discovered in Exempi before 2.4.3. The VPXChunk class in  ...)
 	- exempi 2.4.3-1 (low)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	[wheezy] - exempi <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101913
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=9e76a7782a54a242f18d609e7ba32bf1c430a5e4
-CVE-2017-18234
+CVE-2017-18234 (An issue was discovered in Exempi before 2.4.3. It allows remote attac ...)
 	{DLA-1310-1}
 	- exempi 2.4.3-1 (low)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100397
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=c26d5beb60a5a85f76259f50ed3e08c8169b0a0c
-CVE-2017-18233
+CVE-2017-18233 (An issue was discovered in Exempi before 2.4.4. Integer overflow in th ...)
 	{DLA-1310-1}
 	- exempi 2.4.4-1 (low)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102151
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=65a8492832b7335ffabd01f5f64d89dec757c260
-CVE-2017-18232
+CVE-2017-18232 (The Serial Attached SCSI (SAS) implementation in the Linux kernel thro ...)
 	{DSA-4187-1}
 	- linux 4.15.17-1
 	[wheezy] - linux <not-affected> (Vulnerability introduced later)
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/0558f33c06bb910e2879e355192227a8e8f0219d
-CVE-2017-18231
+CVE-2017-18231 (An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer deref ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1322-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ea074081678b
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/475/
-CVE-2017-18230
+CVE-2017-18230 (An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer deref ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1322-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/53a4d841e90f
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/473/
-CVE-2017-18229
+CVE-2017-18229 (An issue was discovered in GraphicsMagick 1.3.26. An allocation failur ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1322-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/752c0b41fa32
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/461/
-CVE-2017-18228
+CVE-2017-18228 (Remedy Mid Tier in BMC Remedy AR System 9.1 allows XSS via the ATTKey  ...)
 	NOT-FOR-US: Remedy Mid Tier in BMC Remedy AR System
-CVE-2017-18227
+CVE-2017-18227 (TitanHQ WebTitan Gateway has incorrect certificate validation for the  ...)
 	NOT-FOR-US: TitanHQ WebTitan Gateway
-CVE-2017-18226
+CVE-2017-18226 (The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of ...)
 	- jabberd2 <unfixed> (low; bug #902783)
 	[buster] - jabberd2 <no-dsa> (Minor issue, default init system not affected)
 	[stretch] - jabberd2 <no-dsa> (Minor issue, default init system not affected)
 	NOTE: https://bugs.gentoo.org/631068
-CVE-2017-18225
+CVE-2017-18225 (The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jab ...)
 	- jabberd2 <not-affected> (Installed with correct permissions in Debian)
 	NOTE: https://bugs.gentoo.org/629412
-CVE-2017-18224
+CVE-2017-18224 (In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaph ...)
 	{DSA-4188-1}
 	- linux 4.15.4-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/3e4c56d41eef5595035872a2ec5a483f42e8917f
-CVE-2017-18223
+CVE-2017-18223 (BMC Remedy AR System before 9.1 SP3, when Remedy AR Authentication is  ...)
 	NOT-FOR-US: BMC Remedy AR System
-CVE-2017-18222
+CVE-2017-18222 (In the Linux kernel before 4.12, Hisilicon Network Subsystem (HNS) doe ...)
 	{DSA-4188-1}
 	- linux 4.15.17-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-18221
+CVE-2017-18221 (The __munlock_pagevec function in mm/mlock.c in the Linux kernel befor ...)
 	- linux 4.11.6-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.48-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduce later)
-CVE-2017-18220
+CVE-2017-18220 (The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in Grap ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1322-1}
 	- graphicsmagick 1.3.26-8
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/98721124e51f
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/438/
 	NOTE: Issue is related to CVE-2017-11403 but not the same issue.
-CVE-2017-18219
+CVE-2017-18219 (An issue was discovered in GraphicsMagick 1.3.26. An allocation failur ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1322-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/cadd4b0522fa
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/459/
-CVE-2017-18218
+CVE-2017-18218 (In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel b ...)
 	{DSA-4188-1}
 	- linux 4.13.4-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/27463ad99f738ed93c7c8b3e2e5bc8c4853a2ff2
-CVE-2017-18217
+CVE-2017-18217 (An issue was discovered in InvoicePlane before 1.5.5. It was observed  ...)
 	NOT-FOR-US: InvoicePlane
-CVE-2017-18216
+CVE-2017-18216 (In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, loc ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.4-1
 	NOTE: Fixed by: https://git.kernel.org/linus/853bc26a7ea39e354b9f8889ae7ad1492ffa28d2
-CVE-2017-18215
+CVE-2017-18215 (xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when d ...)
 	- xv <removed>
-CVE-2017-18213
+CVE-2017-18213 (In Exponent CMS before 2.4.1 Patch #6, certain admin users can elevate ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2017-18214
+CVE-2017-18214 (The moment module before 2.19.3 for Node.js is prone to a regular expr ...)
 	- node-moment 2.19.3+ds-1 (unimportant)
 	NOTE: fixed in 2.19.3 upstream
 	NOTE: https://github.com/moment/moment/commit/69ed9d44957fa6ab12b73d2ae29d286a857b80eb
@@ -516,9 +516,9 @@ CVE-2017-18214
 	NOTE: https://github.com/moment/moment/issues/4163
 	NOTE: https://nodesecurity.io/advisories/532
 	NOTE: nodejs not covered by security support
-CVE-2017-18212
+CVE-2017-18212 (An issue was discovered in JerryScript 1.0. There is a heap-based buff ...)
 	NOT-FOR-US: JerryScript
-CVE-2017-18211
+CVE-2017-18211 (In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was fou ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -526,13 +526,13 @@ CVE-2017-18211
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/792
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/96c2fab85e1699c87080271254c5a01387805564
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/22eec833cd72b5abab2627fcacc27d2dfb6aa6e7
-CVE-2017-18210
+CVE-2017-18210 (In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was fou ...)
 	- imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/791
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d2b87b403059af21db3002db95f4603f32b492ef
 	NOTE: The commit referenced the wrong issue in the upstream issue tracker, but
 	NOTE: as noted in https://github.com/ImageMagick/ImageMagick/issues/791#issuecomment-334050314
-CVE-2017-18209
+CVE-2017-18209 (In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in Im ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -540,146 +540,146 @@ CVE-2017-18209
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/790
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6ac2858a87df6d645813e43928b4f01a3169ad3f
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cca91aa1861818342e3d072bb0fad7dc4ffac24a
-CVE-2017-18208
+CVE-2017-18208 (The madvise_willneed function in mm/madvise.c in the Linux kernel befo ...)
 	- linux 4.14.7-1
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux 3.16.57-1
 	[wheezy] - linux <ignored> (Only affects ARM with XIP enabled)
 	NOTE: Fixed by: https://git.kernel.org/linus/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91
-CVE-2017-18207
+CVE-2017-18207 (** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py i ...)
 	NOTE: Nonsense report for Python
-CVE-2017-18206
+CVE-2017-18206 (In utils.c in zsh before 5.4, symlink expansion had a buffer overflow. ...)
 	{DLA-1304-1}
 	- zsh 5.4.1-1
 	[stretch] - zsh <no-dsa> (Minor issue)
 	[jessie] - zsh <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/c7a9cf465dd620ef48d586026944d9bd7a0d5d6d
-CVE-2017-18205
+CVE-2017-18205 (In builtin.c in zsh before 5.4, when sh compatibility mode is used, th ...)
 	- zsh 5.4.1-1 (unimportant)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/eb783754bdb74377f3cea4ceca9c23a02ea1bf58
 	NOTE: no security impact
-CVE-2017-18204
+CVE-2017-18204 (The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel befo ...)
 	- linux 4.14.2-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/28f5a8a7c033cbf3e32277f4cc9c6afd74f05300
-CVE-2017-18203
+CVE-2017-18203 (The dm_get_from_kobject function in drivers/md/dm.c in the Linux kerne ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.7-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/b9a41d21dceadf8104812626ef85dc56ee8a60ed
-CVE-2017-18202
+CVE-2017-18202 (The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel b ...)
 	- linux 4.14.7-1
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/687cb0884a714ff484d038e9190edc874edcf146
-CVE-2017-18201
+CVE-2017-18201 (An issue was discovered in GNU libcdio before 2.0.0. There is a double ...)
 	- libcdio 2.0.0-2 (bug #891638)
 	[stretch] - libcdio <not-affected> (Vulnerable code introduced post 0.92)
 	[jessie] - libcdio <not-affected> (Vulnerable code introduced post 0.92)
 	[wheezy] - libcdio <not-affected> (Vulnerable code introduced post 0.92)
 	NOTE: Fixed by https://git.savannah.gnu.org/cgit/libcdio.git/commit/?id=f6f9c48fb40b8a1e8218799724b0b61a7161eb1d
 	NOTE: with https://git.savannah.gnu.org/cgit/libcdio.git/commit/?id=dec2f876c2d7162da213429bce1a7140cdbdd734
-CVE-2017-18200
+CVE-2017-18200 (The f2fs implementation in the Linux kernel before 4.14 mishandles ref ...)
 	- linux <not-affected> (Vulnerable code not present)
-CVE-2017-18199
+CVE-2017-18199 (realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote at ...)
 	- libcdio 1.0.0-1 (low)
 	[stretch] - libcdio <no-dsa> (Minor issue)
 	[jessie] - libcdio <no-dsa> (Minor issue)
 	[wheezy] - libcdio <no-dsa> (Minor issue)
 	NOTE: https://savannah.gnu.org/bugs/?52264
-CVE-2017-18198
+CVE-2017-18198 (print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows ...)
 	- libcdio 1.0.0-1 (low)
 	[stretch] - libcdio <no-dsa> (Minor issue)
 	[jessie] - libcdio <no-dsa> (Minor issue)
 	[wheezy] - libcdio <no-dsa> (Minor issue)
 	NOTE: https://savannah.gnu.org/bugs/?52265
-CVE-2017-18197
+CVE-2017-18197 (In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserF ...)
 	{DLA-1299-1}
 	- libjgraphx-java 2.1.0.7-2 (low; bug #891796)
 	[stretch] - libjgraphx-java <no-dsa> (Minor issue)
 	[jessie] - libjgraphx-java <no-dsa> (Minor issue)
 	NOTE: https://github.com/jgraph/mxgraph/issues/124
 	NOTE: https://bitbucket.org/jgraph/mxgraph2/commits/7d159ca3259b961cbb1c51b4ea42cb408c624ff1
-CVE-2017-18195
+CVE-2017-18195 (An issue was discovered in tools/conversations/view_ajax.php in Concre ...)
 	NOT-FOR-US: Concrete5
-CVE-2017-18194
+CVE-2017-18194 (SQL injection vulnerability in users/signup.php in the "signup" compon ...)
 	NOT-FOR-US: HamayeshNegar CMS
-CVE-2017-18193
+CVE-2017-18193 (fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles exte ...)
 	{DSA-4188-1}
 	- linux 4.13.4-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/dad48e73127ba10279ea33e6dbc8d3905c4d31c0
-CVE-2017-6932
+CVE-2017-6932 (Drupal core 7.x versions before 7.57 has an external link injection vu ...)
 	{DSA-4123-1 DLA-1295-1}
 	- drupal7 7.57-1 (bug #891154)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-6929
+CVE-2017-6929 (A jQuery cross site scripting vulnerability is present when making Aja ...)
 	{DSA-4123-1 DLA-1295-1}
 	- drupal7 7.57-1 (bug #891153)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-6928
+CVE-2017-6928 (Drupal core 7.x versions before 7.57 when using Drupal's private file  ...)
 	{DSA-4123-1 DLA-1295-1}
 	- drupal7 7.57-1 (bug #891152)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-6927
+CVE-2017-6927 (Drupal 8.4.x versions before 8.4.5 and Drupal 7.x versions before 7.57 ...)
 	{DSA-4123-1 DLA-1295-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.57-1 (bug #891150)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-18192
+CVE-2017-18192 (smart/calculator/gallerylock/CalculatorActivity.java in the "Photo,Vid ...)
 	NOT-FOR-US: "Photo,Video Locker-Calculator" application for Android
-CVE-2017-18191
+CVE-2017-18191 (An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x ...)
 	- nova 2:17.0.0-1
 	[stretch] - nova <no-dsa> (Minor issue)
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <end-of-life> (Not supported in Wheezy)
 	NOTE: https://launchpad.net/bugs/1739593
 	NOTE: https://review.openstack.org/539893
-CVE-2017-18190
+CVE-2017-18190 (A localhost.localdomain whitelist entry in valid_host() in scheduler/c ...)
 	{DLA-1412-1 DLA-1288-1}
 	- cups 2.2.3-2
 	[stretch] - cups 2.2.1-8+deb9u1
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1048
 	NOTE: https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41 (v2.2.2)
-CVE-2017-18189
+CVE-2017-18189 (In the startread function in xa.c in Sound eXchange (SoX) through 14.4 ...)
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #881121)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: https://github.com/mansr/sox/commit/7a8ceb86212b28243bbb6d0de636f0dfbe833e53
-CVE-2017-18188
+CVE-2017-18188 (OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sys ...)
 	NOT-FOR-US: opentmpfiles
-CVE-2017-18187
+CVE-2017-18187 (In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through a ...)
 	{DSA-4147-1 DSA-4138-1}
 	- mbedtls 2.7.0-2
 	- polarssl <removed>
 	[wheezy] - polarssl <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/83c9f495ffe70c7dd280b41fdfd4881485a3bc28
-CVE-2017-18186
+CVE-2017-18186 (An issue was discovered in QPDF before 7.0.0. There is an infinite loo ...)
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/commit/85f05cc57ffa0a863d9d9b23e73acea9410b2937
 	NOTE: https://github.com/qpdf/qpdf/issues/149
-CVE-2017-18185
+CVE-2017-18185 (An issue was discovered in QPDF before 7.0.0. There is a large heap-ba ...)
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/commit/ec7d74a386c0b2f38990079c3b0d2a2b30be0e71
 	NOTE: https://github.com/qpdf/qpdf/issues/150
-CVE-2017-18184
+CVE-2017-18184 (An issue was discovered in QPDF before 7.0.0. There is a stack-based o ...)
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/commit/dea704f0ab7f625e1e7b3f9a1110b45b63157317
 	NOTE: https://github.com/qpdf/qpdf/issues/147
-CVE-2017-18183
+CVE-2017-18183 (An issue was discovered in QPDF before 7.0.0. There is an infinite loo ...)
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
@@ -692,29 +692,29 @@ CVE-2017-18181
 	RESERVED
 CVE-2017-18180
 	RESERVED
-CVE-2017-18179
+CVE-2017-18179 (Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring authe ...)
 	NOT-FOR-US: Progress Sitefinity
-CVE-2017-18178
+CVE-2017-18178 (Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue ...)
 	NOT-FOR-US: Progress Sitefinity
-CVE-2017-18177
+CVE-2017-18177 (Progress Sitefinity 9.1 has XSS via the Last name, First name, and Abo ...)
 	NOT-FOR-US: Progress Sitefinity
-CVE-2017-18176
+CVE-2017-18176 (Progress Sitefinity 9.1 has XSS via file upload, because JavaScript co ...)
 	NOT-FOR-US: Progress Sitefinity
-CVE-2017-18175
+CVE-2017-18175 (Progress Sitefinity 9.1 has XSS via the Content Management Template Co ...)
 	NOT-FOR-US: Progress Sitefinity
-CVE-2017-18174
+CVE-2017-18174 (In the Linux kernel before 4.7, the amd_gpio_remove function in driver ...)
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: double-free introduced and fixed in the 4.11 release cycle
 CVE-2017-18173
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18172
+CVE-2017-18172 (In a device, with screen size 1440x2560, the check of contiguous buffe ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18171
+CVE-2017-18171 (Improper input validation for GATT data packet received in Bluetooth C ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18170
+CVE-2017-18170 (Improper input validation in Bluetooth Controller function can lead to ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18169
+CVE-2017-18169 (User process can perform the kernel DOS in ashmem when doing cache mai ...)
 	- linux <not-affected> (Android-specific)
 CVE-2017-18168
 	RESERVED
@@ -732,19 +732,19 @@ CVE-2017-18162
 	RESERVED
 CVE-2017-18161
 	RESERVED
-CVE-2017-18160
+CVE-2017-18160 (AGPS session failure in GNSS module due to cyphersuites are hardcoded  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18159
+CVE-2017-18159 (In Android releases from CAF using the linux kernel (Android for MSM,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18158
+CVE-2017-18158 (Possible buffer overflows and array out of bounds accesses in Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18157
 	RESERVED
 CVE-2017-18156
 	RESERVED
-CVE-2017-18155
+CVE-2017-18155 (While playing HEVC content using HD DMB in Snapdragon Automobile and S ...)
 	NOT-FOR-US: Snapdragon
-CVE-2017-18154
+CVE-2017-18154 (A crafted binder request can cause an arbitrary unmap in MediaServer i ...)
 	NOT-FOR-US: Android Mediaserver
 CVE-2017-18153
 	RESERVED
@@ -759,71 +759,71 @@ CVE-2017-18149
 	RESERVED
 CVE-2017-18148
 	RESERVED
-CVE-2017-18147
+CVE-2017-18147 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18146
+CVE-2017-18146 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18145
+CVE-2017-18145 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18144
+CVE-2017-18144 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18143
+CVE-2017-18143 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18142
+CVE-2017-18142 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18141
+CVE-2017-18141 (When a 3rd party TEE has been loaded it is possible for the non-secure ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18140
+CVE-2017-18140 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18139
+CVE-2017-18139 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18138
+CVE-2017-18138 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18137
+CVE-2017-18137 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18136
+CVE-2017-18136 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18135
+CVE-2017-18135 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18134
+CVE-2017-18134 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18133
+CVE-2017-18133 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18132
+CVE-2017-18132 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18131
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18130
+CVE-2017-18130 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18129
+CVE-2017-18129 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18128
+CVE-2017-18128 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18127
+CVE-2017-18127 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18126
+CVE-2017-18126 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18125
+CVE-2017-18125 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18124
+CVE-2017-18124 (During secure boot, addition is performed on uint8 ptrs which led to o ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18123
+CVE-2017-18123 (The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19 ...)
 	{DLA-1413-1 DLA-1269-1}
 	- dokuwiki 0.0.20160626.a-2.1 (bug #889281)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/2029
 	NOTE: https://github.com/splitbrain/dokuwiki/commit/238b8e878ad48f370903465192b57c2072f65d86
-CVE-2017-18122
+CVE-2017-18122 (A signature-validation bypass issue was discovered in SimpleSAMLphp th ...)
 	{DSA-4127-1 DLA-1273-1}
 	- simplesamlphp 1.15.0-1 (bug #889286)
 	NOTE: https://simplesamlphp.org/security/201710-01
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/e2d53086abbb253efb24ddcb49b116246eb0b6ca (v1.14.17)
-CVE-2017-18121
+CVE-2017-18121 (The consentAdmin module in SimpleSAMLphp through 1.14.15 is vulnerable ...)
 	{DSA-4127-1 DLA-1273-1}
 	- simplesamlphp 1.15.0-1 (bug #889286)
 	NOTE: https://simplesamlphp.org/security/201709-01
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/34e1bdb7660c0c9b627f8e5f0ca224a6afe641a8 (v1.14.16)
-CVE-2017-18120
+CVE-2017-18120 (A double-free bug in the read_gif function in gifread.c in gifsicle 1. ...)
 	- gifsicle 1.91-1 (unimportant; bug #878739; bug #881120)
 	NOTE: https://github.com/kohler/gifsicle/issues/117
 	NOTE: https://github.com/kohler/gifsicle/commit/118a46090c50829dc543179019e6140e1235f909
@@ -858,182 +858,182 @@ CVE-2017-18106
 	RESERVED
 CVE-2017-18105
 	RESERVED
-CVE-2017-18104
+CVE-2017-18104 (The Webhooks component of Atlassian Jira before version 7.6.7 and from ...)
 	NOT-FOR-US: Atlassian Jira
-CVE-2017-18103
+CVE-2017-18103 (The atlassian-http library, as used in various Atlassian products, bef ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-18102
+CVE-2017-18102 (The wiki markup component of atlassian-renderer from version 8.0.0 bef ...)
 	NOT-FOR-US: wiki markup component of atlassian-renderer
-CVE-2017-18101
+CVE-2017-18101 (Various administrative external system import resources in Atlassian J ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-18100
+CVE-2017-18100 (The agile wallboard gadget in Atlassian Jira before version 7.8.1 allo ...)
 	NOT-FOR-US: Atlassian
 CVE-2017-18099
 	RESERVED
-CVE-2017-18098
+CVE-2017-18098 (The searchrequest-xml resource in Atlassian Jira before version 7.6.1  ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-18097
+CVE-2017-18097 (The Trello board importer resource in Atlassian Jira before version 7. ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-18096
+CVE-2017-18096 (The OAuth status rest resource in Atlassian Application Links before v ...)
 	NOT-FOR-US: Atlassian Application Links
-CVE-2017-18095
+CVE-2017-18095 (The SnippetRPCServiceImpl class in Atlassian Crucible before version 4 ...)
 	NOT-FOR-US: Atlassian Crucible
-CVE-2017-18094
+CVE-2017-18094 (Various resources in Atlassian Fisheye and Crucible before version 4.4 ...)
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-18093
+CVE-2017-18093 (Various resources in Atlassian Fisheye and Crucible before version 4.4 ...)
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-18092
+CVE-2017-18092 (The print snippet resource in Atlassian Crucible before version 4.4.3  ...)
 	NOT-FOR-US: Atlassian Crucible
-CVE-2017-18091
+CVE-2017-18091 (The admin backupprogress action in Atlassian Fisheye and Crucible befo ...)
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-18090
+CVE-2017-18090 (Various resources in Atlassian Fisheye before version 4.5.1 (the fixed ...)
 	NOT-FOR-US: Atlassian Fisheye
-CVE-2017-18089
+CVE-2017-18089 (The view review history resource in Atlassian Crucible before version  ...)
 	NOT-FOR-US: Atlassian Crucible
-CVE-2017-18088
+CVE-2017-18088 (Various plugin servlet resources in Atlassian Bitbucket Server before  ...)
 	NOT-FOR-US: Atlassian Bitbucket Server
-CVE-2017-18087
+CVE-2017-18087 (The download commit resource in Atlassian Bitbucket Server from versio ...)
 	NOT-FOR-US: Atlassian Bitbucket Server
-CVE-2017-18086
+CVE-2017-18086 (Various resources in Atlassian Confluence Server before version 6.4.2  ...)
 	NOT-FOR-US: Atlassian Confluence
-CVE-2017-18085
+CVE-2017-18085 (The viewdefaultdecorator resource in Atlassian Confluence Server befor ...)
 	NOT-FOR-US: Atlassian Confluence
-CVE-2017-18084
+CVE-2017-18084 (The usermacros resource in Atlassian Confluence Server before version  ...)
 	NOT-FOR-US: Atlassian Confluence
-CVE-2017-18083
+CVE-2017-18083 (The editinword resource in Atlassian Confluence Server before version  ...)
 	NOT-FOR-US: Atlassian Confluence
-CVE-2017-18082
+CVE-2017-18082 (The plan configure branches resource in Atlassian Bamboo before versio ...)
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-18081
+CVE-2017-18081 (The signupUser resource in Atlassian Bamboo before version 6.3.1 allow ...)
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-18080
+CVE-2017-18080 (The saveConfigureSecurity resource in Atlassian Bamboo before version  ...)
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-1000510
+CVE-2017-1000510 (Croogo version 2.3.1-17-g6f82e6c contains a Cross Site Scripting (XSS) ...)
 	NOT-FOR-US: Croogo
-CVE-2017-1000509
+CVE-2017-1000509 (Dolibarr version 6.0.2 contains a Cross Site Scripting (XSS) vulnerabi ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/7727
-CVE-2017-1000508
+CVE-2017-1000508 (Invoice Plane version 1.5.4 and earlier contains a Cross Site Scriptin ...)
 	NOT-FOR-US: Invoice Plane
-CVE-2017-1000507
+CVE-2017-1000507 (Canvs Canvas version 3.4.2 contains a Cross Site Scripting (XSS) vulne ...)
 	NOT-FOR-US: Canvs Canvas
-CVE-2017-1000506
+CVE-2017-1000506 (Mautic version 2.11.0 and earlier contains a Cross Site Scripting (XSS ...)
 	NOT-FOR-US: Mautic
-CVE-2017-18079
+CVE-2017-18079 (drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows a ...)
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux 3.2.96-1
 	NOTE: Fixed by: https://git.kernel.org/linus/340d394a789518018f834ff70f7534fc463d3226
-CVE-2017-18078
+CVE-2017-18078 (systemd-tmpfiles in systemd before 237 attempts to support ownership/p ...)
 	- systemd 237-1 (unimportant)
 	NOTE: https://github.com/systemd/systemd/issues/7736
 	NOTE: https://github.com/systemd/systemd/commit/5579f85663d10269e7ac7464be6548c99cea4ada (v237)
 	NOTE: Neutralised by kernel hardening
-CVE-2017-18077
+CVE-2017-18077 (index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expr ...)
 	- node-brace-expansion 1.1.8-1 (unimportant; bug #862712)
 	[stretch] - node-brace-expansion 1.1.6-1+deb9u1
 	NOTE: https://nodesecurity.io/advisories/338
 	NOTE: https://github.com/juliangruber/brace-expansion/issues/33
 	NOTE: https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3
 	NOTE: nodejs not covered by security support
-CVE-2017-18076
+CVE-2017-18076 (In strategy.rb in OmniAuth before 1.3.2, the authenticity_token value  ...)
 	{DSA-4109-1}
 	[experimental] - ruby-omniauth 1.6.1-1
 	- ruby-omniauth 1.3.1-2 (bug #888523)
 	NOTE: https://github.com/omniauth/omniauth/pull/867
-CVE-2017-1000505
+CVE-2017-1000505 (In Jenkins Script Security Plugin version 1.36 and earlier, users with ...)
 	NOT-FOR-US: Jenkins Script Security Plugin
 CVE-2017-1000468
 	REJECTED
 CVE-2017-1000464
 	REJECTED
-CVE-2017-1000414
+CVE-2017-1000414 (ImpulseAdventure JPEGsnoop version 1.7.5 is vulnerable to a division b ...)
 	NOT-FOR-US: ImpulseAdventure JPEGsnoop
-CVE-2017-1000504
+CVE-2017-1000504 (A race condition during Jenkins 2.94 and earlier; 2.89.1 and earlier s ...)
 	- jenkins <removed>
-CVE-2017-1000503
+CVE-2017-1000503 (A race condition during Jenkins 2.81 through 2.94 (inclusive); 2.89.1  ...)
 	- jenkins <removed>
-CVE-2017-1000502
+CVE-2017-1000502 (Users with permission to create or configure agents in Jenkins 1.37 an ...)
 	- jenkins <removed>
-CVE-2017-1000474
+CVE-2017-1000474 (Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is ...)
 	NOT-FOR-US: Soyket Chowdhury Vehicle Sales Management System
-CVE-2017-1000475
+CVE-2017-1000475 (FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service allow ...)
 	NOT-FOR-US: FreeSSHd
-CVE-2017-18075
+CVE-2017-18075 (crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing  ...)
 	- linux 4.14.13-1
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/d76c68109f37cb85b243a1cf0f40313afd2bae68
-CVE-2017-18074
+CVE-2017-18074 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-18073
+CVE-2017-18073 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-18072
+CVE-2017-18072 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-18071
+CVE-2017-18071 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-18070
+CVE-2017-18070 (In wma_ndp_end_response_event_handler(), the variable len_end_rsp is a ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18069
+CVE-2017-18069 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-18068
+CVE-2017-18068 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18067
+CVE-2017-18067 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18066
+CVE-2017-18066 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18065
+CVE-2017-18065 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18064
+CVE-2017-18064 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18063
+CVE-2017-18063 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18062
+CVE-2017-18062 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18061
+CVE-2017-18061 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18060
+CVE-2017-18060 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18059
+CVE-2017-18059 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18058
+CVE-2017-18058 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18057
+CVE-2017-18057 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18056
+CVE-2017-18056 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18055
+CVE-2017-18055 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18054
+CVE-2017-18054 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18053
+CVE-2017-18053 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18052
+CVE-2017-18052 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18051
+CVE-2017-18051 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18050
+CVE-2017-18050 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-18049
+CVE-2017-18049 (In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3 ...)
 	NOT-FOR-US: SilverStripe
-CVE-2017-18048
+CVE-2017-18048 (Monstra CMS 3.0.4 allows users to upload arbitrary files, which leads  ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2017-1000417
+CVE-2017-1000417 (MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic  ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2017-1000416
+CVE-2017-1000416 (axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting i ...)
 	NOT-FOR-US: axTLS
-CVE-2017-18047
+CVE-2017-18047 (Buffer Overflow in the FTP client in LabF nfsAxe 3.7 allows remote FTP ...)
 	NOT-FOR-US: LabF nfsAxe
-CVE-2017-18046
+CVE-2017-18046 (Buffer overflow on Dasan GPON ONT WiFi Router H640X 12.02-01121 2.77p1 ...)
 	NOT-FOR-US: Dasan GPON ONT WiFi Router devices
-CVE-2017-18045
+CVE-2017-18045 (JBMC DirectAdmin before 1.52, when the email_ftp_password_change setti ...)
 	NOT-FOR-US: JBMC DirectAdmin
-CVE-2017-18044
+CVE-2017-18044 (A Command Injection issue was discovered in ContentStore/Base/CVDataPi ...)
 	NOT-FOR-US: Commvault
-CVE-2017-18043
+CVE-2017-18043 (Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) ...)
 	{DSA-4213-1 DLA-1497-1}
 	- qemu 1:2.10.0+dfsg-2
 	[wheezy] - qemu <not-affected> (vulnerable code not present)
@@ -1042,47 +1042,47 @@ CVE-2017-18043
 	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=2098b073f398cd628c09c5a78537a6854
 	NOTE: Broken since: https://git.qemu.org/?p=qemu.git;a=object;h=292c8e50 (v1.5.0)
 	NOTE: Fix included in 1:2.10.0+dfsg-2 via debian/patches/qemu-2.10.1.diff patch
-CVE-2017-18042
+CVE-2017-18042 (The update user administration resource in Atlassian Bamboo before ver ...)
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-18041
+CVE-2017-18041 (The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo ...)
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-18040
+CVE-2017-18040 (The viewDeploymentVersionCommits resource in Atlassian Bamboo before v ...)
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-18039
+CVE-2017-18039 (The IncomingMailServers resource in Atlassian Jira from version 6.2.1  ...)
 	NOT-FOR-US: Atlassian Jira
-CVE-2017-18038
+CVE-2017-18038 (The repository settings resource in Atlassian Bitbucket Server before  ...)
 	NOT-FOR-US: Atlassian Bitbucket
-CVE-2017-18037
+CVE-2017-18037 (The git repository tag rest resource in Atlassian Bitbucket Server fro ...)
 	NOT-FOR-US: Atlassian Bitbucket
-CVE-2017-18036
+CVE-2017-18036 (The Github repository importer in Atlassian Bitbucket Server before ve ...)
 	NOT-FOR-US: Atlassian Bitbucket
-CVE-2017-18035
+CVE-2017-18035 (The /rest/review-coverage-chart/1.0/data/&lt;repository_name&gt;/.json ...)
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-18034
+CVE-2017-18034 (The source browse resource in Atlassian FishEye and Crucible before ve ...)
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-18033
+CVE-2017-18033 (The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allow ...)
 	NOT-FOR-US: Jira-importers-plugin in Atlassian Jira
-CVE-2017-18032
+CVE-2017-18032 (The download-manager plugin before 2.9.52 for WordPress has XSS via th ...)
 	NOT-FOR-US: download-manager plugin for WordPress
 CVE-2017-18031
 	RESERVED
-CVE-2017-18030
+CVE-2017-18030 (The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qe ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-4
 	[wheezy] - qemu 1.1.2+dfsg-6+deb7u22
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm 1.1.2+dfsg-6+deb7u21
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=f153b563f8cf121aebf5a2fff5f0110faf58ccb3
-CVE-2017-18029
+CVE-2017-18029 (In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in  ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/691
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d3144a8be81aed6e635de68f0d8e97881638a398
-CVE-2017-18028
+CVE-2017-18028 (In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was foun ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/736
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/740985d9bd3f1c50d622c3496bb2e75d44b65a91
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/32a3eeb9e0da083cbc05909e4935efdbf9846df9
-CVE-2017-18027
+CVE-2017-18027 (In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in t ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/734
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a43f4155ee916fbed080acd534232a9d2396b5b5
@@ -1091,13 +1091,13 @@ CVE-2017-1000441
 	REJECTED
 CVE-2017-1000439
 	REJECTED
-CVE-2017-1000465
+CVE-2017-1000465 (Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripti ...)
 	NOT-FOR-US: Sulu-standard
-CVE-2017-1000429
+CVE-2017-1000429 (rui Li finecms 5.0.10 is vulnerable to a reflected XSS in the file Wei ...)
 	NOT-FOR-US: rui Li finecms
-CVE-2017-1000428
+CVE-2017-1000428 (flatCore-CMS 1.4.6 is vulnerable to reflected XSS in user_management.p ...)
 	NOT-FOR-US: flatCore-CMS
-CVE-2017-18026
+CVE-2017-18026 (Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does  ...)
 	{DSA-4191-1}
 	- redmine 3.4.4-1 (bug #887307)
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -1107,30 +1107,30 @@ CVE-2017-18026
 	NOTE: https://github.com/redmine/redmine/commit/58ed8655136ff2fe5ff7796859bf6a399c76c678
 	NOTE: https://github.com/redmine/redmine/commit/9d797400eaec5f9fa7ba9507c82d9c18cb91d02e
 	NOTE: upstream fixed in 3.2.9, 3.3.6 and 3.4.4
-CVE-2017-1000415
+CVE-2017-1000415 (MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2017-18025
+CVE-2017-18025 (cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote a ...)
 	NOT-FOR-US: Innotube ITGuard-Manager
-CVE-2017-18024
+CVE-2017-18024 (AvantFAX 3.3.3 has XSS via an arbitrary parameter name to the default  ...)
 	NOT-FOR-US: AvantFAX
-CVE-2017-18023
+CVE-2017-18023 (Office Tracker 11.2.5 has XSS via the logincount parameter to the /otw ...)
 	NOT-FOR-US: Office Tracker
-CVE-2017-18022
+CVE-2017-18022 (In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCom ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/904
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8cf0676455929a067257400e8020dea6ca94c1a4
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/e7649e96a7730dd116afb629b372c5772be0b900
-CVE-2017-18021
+CVE-2017-18021 (It was discovered that QtPass before 1.2.1, when using the built-in pa ...)
 	- qtpass 1.2.1-1
 	[stretch] - qtpass 1.1.6-1+deb9u1
 	NOTE: https://lists.zx2c4.com/pipermail/password-store/2018-January/003165.html
 	NOTE: https://github.com/IJHack/QtPass/issues/338
-CVE-2017-18020
+CVE-2017-18020 (On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and ...)
 	NOT-FOR-US: Samsung mobile devices
-CVE-2017-18019
+CVE-2017-18019 (In K7 Total Security before 15.1.0.305, user-controlled input to the K ...)
 	NOT-FOR-US: K7 Total Security
-CVE-2017-18018
+CVE-2017-18018 (In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does no ...)
 	- coreutils <unfixed> (unimportant)
 	NOTE: http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html
 	NOTE: http://www.openwall.com/lists/oss-security/2018/01/04/3
@@ -1140,18 +1140,18 @@ CVE-2017-18018
 	NOTE: Neutralised by kernel hardening
 CVE-2017-1000500
 	REJECTED
-CVE-2017-1000499
+CVE-2017-1000499 (phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a ...)
 	- phpmyadmin <not-affected> (Only affects phpMyAdmin starting from 4.7.0)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-9/
-CVE-2017-1000498
+CVE-2017-1000498 (AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsi ...)
 	NOT-FOR-US: AndroidSVG
-CVE-2017-1000497
+CVE-2017-1000497 (Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the gets ...)
 	NOT-FOR-US: Pepperminty-Wiki
-CVE-2017-1000496
+CVE-2017-1000496 (Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration ...)
 	NOT-FOR-US: Commsy
-CVE-2017-1000495
+CVE-2017-1000495 (QuickApps CMS version 2.0.0 is vulnerable to Stored Cross-site Scripti ...)
 	NOT-FOR-US: QuickApps CMS
-CVE-2017-1000494
+CVE-2017-1000494 (Uninitialized stack variable vulnerability in NameValueParserEndElt (u ...)
 	- miniupnpd 2.0.20171212-1 (bug #887129)
 	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u1
 	[jessie] - miniupnpd <no-dsa> (Minor issue)
@@ -1159,146 +1159,146 @@ CVE-2017-1000494
 	NOTE: https://github.com/miniupnp/miniupnp/issues/268
 	NOTE: https://github.com/miniupnp/miniupnp/commit/7aeb624b44f86d335841242ff427433190e7168a
 	NOTE: https://github.com/miniupnp/miniupnp/commit/a0573e251817ec090a8c9f9f41b56d720c835a6c
-CVE-2017-1000490
+CVE-2017-1000490 (Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing any authoriz ...)
 	NOT-FOR-US: Mautic
-CVE-2017-1000489
+CVE-2017-1000489 (Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow ...)
 	NOT-FOR-US: Mautic
-CVE-2017-1000488
+CVE-2017-1000488 (Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack ...)
 	NOT-FOR-US: Mautic
-CVE-2017-1000487
+CVE-2017-1000487 (Plexus-utils before 3.0.16 is vulnerable to command injection because  ...)
 	{DSA-4149-1 DSA-4146-1 DLA-1237-1 DLA-1236-1}
 	- plexus-utils 1:1.5.15-5
 	- plexus-utils2 3.0.22-1
 	NOTE: https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522
 	NOTE: https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41
-CVE-2017-1000486
+CVE-2017-1000486 (Primetek Primefaces 5.x is vulnerable to a weak encryption flaw result ...)
 	NOT-FOR-US: Primetek Primefaces
-CVE-2017-1000485
+CVE-2017-1000485 (Nylas Mail Lives 2.2.2 uses 0755 permissions for $HOME/.nylas-mail, wh ...)
 	NOT-FOR-US: Nylas Mail Lives
-CVE-2017-1000484
+CVE-2017-1000484 (By linking to a specific url in Plone 2.5-5.1rc1 with a parameter, an  ...)
 	NOT-FOR-US: Plone
-CVE-2017-1000483
+CVE-2017-1000483 (Accessing private content via str.format in through-the-web templates  ...)
 	NOT-FOR-US: Plone
-CVE-2017-1000482
+CVE-2017-1000482 (A member of the Plone 2.5-5.1rc1 site could set javascript in the home ...)
 	NOT-FOR-US: Plone
-CVE-2017-1000481
+CVE-2017-1000481 (When you visit a page where you need to login, Plone 2.5-5.1rc1 sends  ...)
 	NOT-FOR-US: Plone
-CVE-2017-1000480
+CVE-2017-1000480 (Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when call ...)
 	{DSA-4094-1 DLA-1249-1}
 	- smarty <removed>
 	- smarty3 3.1.31+20161214.1.c7d42e4+selfpack1-3 (bug #886460)
 	NOTE: https://github.com/smarty-php/smarty/commit/614ad1f8b9b00086efc123e49b7bb8efbfa81b61
-CVE-2017-1000479
+CVE-2017-1000479 (pfSense versions 2.4.1 and lower are vulnerable to clickjacking attack ...)
 	NOT-FOR-US: pfSense
-CVE-2017-1000478
+CVE-2017-1000478 (ELabftw version 1.7.8 is vulnerable to stored cross-site scripting in  ...)
 	NOT-FOR-US: ELabftw
-CVE-2017-1000477
+CVE-2017-1000477 (XMLBundle version 0.1.7 is vulnerable to XXE attacks which can result  ...)
 	NOT-FOR-US: XMLBundle
-CVE-2017-1000476
+CVE-2017-1000476 (ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in  ...)
 	{DLA-1229-1}
 	- imagemagick 8:6.9.9.34+dfsg-3
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/867
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e5dae180b9236bccd73ce93bfce81e99232a8533
-CVE-2017-1000473
+CVE-2017-1000473 (Linux Dash up to version v2 is vulnerable to multiple command injectio ...)
 	NOT-FOR-US: Linux Dash
-CVE-2017-1000472
+CVE-2017-1000472 (The ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO ...)
 	{DSA-4083-1 DLA-1239-1}
 	- poco 1.8.0-2
 	NOTE: https://github.com/pocoproject/poco/issues/1968
-CVE-2017-1000471
+CVE-2017-1000471 (EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL poin ...)
 	NOT-FOR-US: EmbedThis GoAhead Webserver
-CVE-2017-1000470
+CVE-2017-1000470 (EmbedThis GoAhead Webserver versions 4.0.0 and earlier is vulnerable t ...)
 	NOT-FOR-US: EmbedThis GoAhead Webserver
-CVE-2017-1000469
+CVE-2017-1000469 (Cobbler version up to 2.8.2 is vulnerable to a command injection vulne ...)
 	- cobbler <removed> (bug #886480)
 	NOTE: https://github.com/cobbler/cobbler/issues/1845
-CVE-2017-1000467
+CVE-2017-1000467 (LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vu ...)
 	NOT-FOR-US: LavaLite
-CVE-2017-1000462
+CVE-2017-1000462 (BookStack version 0.18.4 is vulnerable to stored cross-site scripting, ...)
 	NOT-FOR-US: BookStack
-CVE-2017-1000461
+CVE-2017-1000461 (Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulne ...)
 	- brave-browser <itp> (bug #864795)
-CVE-2017-1000460
+CVE-2017-1000460 (In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chr ...)
 	- libav <removed>
 	- ffmpeg 7:3.1.1-1
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=952
 	NOTE: https://lists.ffmpeg.org/pipermail/ffmpeg-cvslog/2017-January/104221.html
-CVE-2017-18196
+CVE-2017-18196 (Leptonica 1.74.4 constructs unintended pathnames (containing duplicate ...)
 	- leptonlib 1.74.4-2 (low; bug #885704)
 	[stretch] - leptonlib <no-dsa> (Minor issue)
 	[jessie] - leptonlib <not-affected> (Vulnerable code not present)
 	[wheezy] - leptonlib <not-affected> (Vulnerable code not present)
-CVE-2017-18017
+CVE-2017-18017 (The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the  ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.11.6-1
 	[stretch] - linux 4.9.47-1
 	NOTE: Fixed by: https://git.kernel.org/linus/2638fd0f92d4397884fd991d8f4925cb3f081901
-CVE-2017-18016
+CVE-2017-18016 (Parity Browser 1.6.10 and earlier allows remote attackers to bypass th ...)
 	NOT-FOR-US: Paritytech Parity Ethereum
-CVE-2017-1000493
+CVE-2017-1000493 (Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL inj ...)
 	NOT-FOR-US: Rocket.Chat Server
-CVE-2017-1000492
+CVE-2017-1000492 (Leanote-desktop version v2.5 is vulnerable to a XSS which leads to cod ...)
 	NOT-FOR-US: Leanote-desktop
-CVE-2017-1000491
+CVE-2017-1000491 (Shiba markdown live preview app version 1.1.0 is vulnerable to XSS whi ...)
 	NOT-FOR-US: Shiba markdown live preview app
-CVE-2017-1000466
+CVE-2017-1000466 (Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripti ...)
 	NOT-FOR-US: Invoice Ninja
-CVE-2017-1000463
+CVE-2017-1000463 (Leafpub version 1.2.0-beta6 is vulnerable to stored cross-site scripti ...)
 	NOT-FOR-US: Leafpub
-CVE-2017-1000459
+CVE-2017-1000459 (Leanote version &lt;= 2.5 is vulnerable to XSS due to not sanitized in ...)
 	NOT-FOR-US: Leanote
-CVE-2017-1000438
+CVE-2017-1000438 (In OMERO 5.3.3 or earlier a user could create an OriginalFile and adju ...)
 	NOT-FOR-US: OMERO
-CVE-2017-1000437
+CVE-2017-1000437 (Creolabs Gravity 1.0 contains a stack based buffer overflow in the ope ...)
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000434
+CVE-2017-1000434 (Wordpress plugin Furikake version 0.1.0 is vulnerable to an Open Redir ...)
 	NOT-FOR-US: Wordpress plugin Furikake
-CVE-2017-1000433
+CVE-2017-1000433 (pysaml2 version 4.4.0 and older accept any password when run with pyth ...)
 	{DLA-1410-1}
 	- python-pysaml2 4.5.0-2 (bug #886423)
 	[stretch] - python-pysaml2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/rohe/pysaml2/issues/451
 	NOTE: Fixed by: https://github.com/rohe/pysaml2/commit/6312a41e037954850867f29d329e5007df1424a5
-CVE-2017-1000432
+CVE-2017-1000432 (Vanilla Forums below 2.1.5 are affected by CSRF leading to Deleting to ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2017-1000427
+CVE-2017-1000427 (marked version 0.3.6 and earlier is vulnerable to an XSS attack in the ...)
 	- node-marked 0.3.9+dfsg-1 (unimportant; bug #886451)
 	NOTE: https://github.com/chjj/marked/commit/cd2f6f5b7091154c5526e79b5f3bfb4d15995a51
 	NOTE: nodejs not covered by security support
-CVE-2017-1000426
+CVE-2017-1000426 (MapProxy version 1.10.3 and older is vulnerable to a Cross Site Script ...)
 	- mapproxy 1.10.4-1 (low)
 	[stretch] - mapproxy 1.9.0-3+deb9u1
 	NOTE: https://github.com/mapproxy/mapproxy/issues/322
 	NOTE: https://github.com/mapproxy/mapproxy/commit/2e102843203c11b02c002daa08ca59d05d5eff5a (master)
 	NOTE: https://github.com/mapproxy/mapproxy/commit/87faa667007b00ef11ee09b16707aa9ad2e8da28 (1.10.x)
-CVE-2017-1000425
+CVE-2017-1000425 (Cross-site scripting (XSS) vulnerability in the /html/portal/flash.jsp ...)
 	NOT-FOR-US: Liferay Portal CE
-CVE-2017-1000458
+CVE-2017-1000458 (Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the C ...)
 	- bro 2.5.2-1
 	[stretch] - bro <no-dsa> (Minor issue)
 	NOTE: https://bro-tracker.atlassian.net/browse/BIT-1856
 	NOTE: https://github.com/bro/bro/commit/6c0f101a62489b1c5927b4ed63b0e1d37db40282
-CVE-2017-1000457
+CVE-2017-1000457 (Cross-site scripting (XSS) vulnerability in Help.aspx in mojoPortal ve ...)
 	NOT-FOR-US: mojoPortal
-CVE-2017-1000456
+CVE-2017-1000456 (freedesktop.org libpoppler 0.60.1 fails to validate boundaries in Text ...)
 	{DSA-4097-1 DLA-1228-1}
 	- poppler 0.61.1-2
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103116
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=7ee9dadef37b20bca707a6b1e858e17d191e368b
-CVE-2017-1000455
+CVE-2017-1000455 (GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d us ...)
 	- guix <itp> (bug #850644)
 	NOTE: https://lists.gnu.org/archive/html/guix-devel/2017-10/msg00090.html
-CVE-2017-1000454
+CVE-2017-1000454 (CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template In ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-1000453
+CVE-2017-1000453 (CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templat ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-1000452
+CVE-2017-1000452 (An XML Signature Wrapping vulnerability exists in Samlify 2.2.0 and ea ...)
 	NOT-FOR-US: Samlify
-CVE-2017-1000451
+CVE-2017-1000451 (fs-git is a file system like api for git repository. The fs-git versio ...)
 	NOT-FOR-US: fs-git
-CVE-2017-1000450
+CVE-2017-1000450 (In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and  ...)
 	{DLA-1438-1 DLA-1235-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #886282)
@@ -1308,9 +1308,9 @@ CVE-2017-1000450
 	NOTE: https://github.com/opencv/opencv/pull/9726
 CVE-2017-1000449
 	REJECTED
-CVE-2017-1000448
+CVE-2017-1000448 (Structured Data Linter versions 2.4.1 and older are vulnerable to a di ...)
 	NOT-FOR-US: Structured Data Linter
-CVE-2017-1000445
+CVE-2017-1000445 (ImageMagick 7.0.7-1 and older version are vulnerable to null pointer d ...)
 	{DLA-1229-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #886281)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -1318,69 +1318,69 @@ CVE-2017-1000445
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/775
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/441fde32557eb3cec573b0f877ac324173feed7f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/839a14e43d0c88db7b3fffe8aa4ec57d80c93623
-CVE-2017-1000444
+CVE-2017-1000444 (Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in t ...)
 	NOT-FOR-US: Eleix Openhacker
-CVE-2017-1000443
+CVE-2017-1000443 (Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability i ...)
 	NOT-FOR-US: Eleix Openhacker
-CVE-2017-1000442
+CVE-2017-1000442 (Passbolt API version 1.6.4 and older are vulnerable to a XSS in the ur ...)
 	NOT-FOR-US: Passbolt API
-CVE-2017-1000431
+CVE-2017-1000431 (eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is ...)
 	NOT-FOR-US: eZ Systems eZ Publish
-CVE-2017-1000430
+CVE-2017-1000430 (rust-base64 version &lt;= 0.5.1 is vulnerable to a buffer overflow whe ...)
 	NOTE: https://github.com/RustSec/advisory-db/blob/master/crates/base64/RUSTSEC-2017-0004.toml
 	NOT-FOR-US: rust-base64
-CVE-2017-1000424
+CVE-2017-1000424 (Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable ...)
 	- electron <itp> (bug #842420)
-CVE-2017-1000423
+CVE-2017-1000423 (b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation ( ...)
 	- b2evolution <removed>
-CVE-2017-1000422
+CVE-2017-1000422 (Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer ove ...)
 	{DSA-4088-1 DLA-1234-1}
 	- gdk-pixbuf 2.36.11-1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=785973
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=0012e066ba37439d402ce46afbc1311530a4ec61
-CVE-2017-1000421
+CVE-2017-1000421 (Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in t ...)
 	{DSA-4084-1 DLA-1233-1}
 	- gifsicle 1.90-1
 	NOTE: https://github.com/kohler/gifsicle/issues/114
 	NOTE: https://github.com/kohler/gifsicle/commit/81fd7823f6d9c85ab598bc850e40382068361185
-CVE-2017-1000420
+CVE-2017-1000420 (Syncthing version 0.14.33 and older is vulnerable to symlink traversal ...)
 	- syncthing 0.14.36+ds1-1
 	[stretch] - syncthing <no-dsa> (Minor issue)
 	NOTE: https://github.com/syncthing/syncthing/commit/1f09488a0f1fdca07076b007b9789f23a6df1060 (v0.14.34)
 	NOTE: https://github.com/syncthing/syncthing/commit/a0f771c221f6ef18fcc496e736670d85f36b8dec
 	NOTE: https://github.com/syncthing/syncthing/issues/4286
-CVE-2017-1000419
+CVE-2017-1000419 (phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar functio ...)
 	- phpbb3 <removed>
 	[jessie] - phpbb3 <not-affected> (Vulnerable code not present)
 	[wheezy] - phpbb3 <not-affected> (Vulnerable code not present)
-CVE-2017-1000418
+CVE-2017-1000418 (The WildMidi_Open function in WildMIDI since commit d8a466829c67cacbb1 ...)
 	- wildmidi 0.4.2-1 (bug #886503)
 	[stretch] - wildmidi <no-dsa> (Minor issue)
 	[jessie] - wildmidi <not-affected> (Vulnerable code introduced later)
 	[wheezy] - wildmidi <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Mindwerks/wildmidi/issues/178
 	NOTE: https://github.com/Mindwerks/wildmidi/commit/814f31d8eceda8401eb812fc2e94ed143fdad0ab
-CVE-2017-1000413
+CVE-2017-1000413 (Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and ol ...)
 	NOT-FOR-US: OP-TEE
-CVE-2017-1000412
+CVE-2017-1000412 (Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and ol ...)
 	NOT-FOR-US: OP-TEE
-CVE-2017-18015
+CVE-2017-18015 (The ILLID Share This Image plugin before 1.04 for WordPress has XSS vi ...)
 	NOT-FOR-US: ILLID Share This Image plugin for WordPress
-CVE-2017-18014
+CVE-2017-18014 (An NC-25986 issue was discovered in the Logging subsystem of Sophos XG ...)
 	NOT-FOR-US: Sophos
-CVE-2017-18013
+CVE-2017-18013 (In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print ...)
 	{DSA-4100-1 DLA-1260-1 DLA-1259-1}
 	- tiff 4.0.9-3 (bug #885985)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2770
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01
-CVE-2017-18012
+CVE-2017-18012 (The Z-URL Preview plugin 1.6.1 for WordPress has XSS via the class.zli ...)
 	NOT-FOR-US: Z-URL Preview plugin for WordPress
-CVE-2017-18011
+CVE-2017-18011 (The MyCBGenie Affiliate Ads for Clickbank Products plugin through 1.6  ...)
 	NOT-FOR-US: MyCBGenie Affiliate Ads for Clickbank Products plugin WordPress
-CVE-2017-18010
+CVE-2017-18010 (The E-goi Smart Marketing SMS and Newsletters Forms plugin before 2.0. ...)
 	NOT-FOR-US: E-goi Smart Marketing SMS and Newsletters Forms plugin for WordPress
-CVE-2017-18009
+CVE-2017-18009 (In OpenCV 3.3.1, a heap-based buffer over-read exists in the function  ...)
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv <unfixed> (bug #924884)
 	[stretch] - opencv <not-affected> (Vulnerable code introduced later)
@@ -1388,15 +1388,15 @@ CVE-2017-18009
 	[wheezy] - opencv <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/opencv/opencv/issues/10479
 	NOTE: Introduced after: https://github.com/opencv/opencv/commit/7469c935f3ec8e9fe4f56b7eed07b284b7b7b5df
-CVE-2017-18008
+CVE-2017-18008 (In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/921
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1a5f95fc018a5667de5a9448aee9d7251b2eb952
 CVE-2017-18007
 	RESERVED
-CVE-2017-18006
+CVE-2017-18006 (netpub/server.np in Extensis Portfolio NetPublish has XSS in the quick ...)
 	NOT-FOR-US: Extensis Portfolio NetPublish
-CVE-2017-18005
+CVE-2017-18005 (Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toL ...)
 	- exiv2 <unfixed> (low; bug #885981)
 	[buster] - exiv2 <ignored> (Minor issue)
 	[stretch] - exiv2 <ignored> (Minor issue)
@@ -1404,21 +1404,21 @@ CVE-2017-18005
 	[wheezy] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/168
 	NOTE: Fixed via: https://github.com/Exiv2/exiv2/pull/199
-CVE-2017-18004
+CVE-2017-18004 (Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to maps ...)
 	NOT-FOR-US: Zurmo
 CVE-2017-18003
 	RESERVED
 CVE-2017-18002
 	RESERVED
-CVE-2017-18001
+CVE-2017-18001 (Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote att ...)
 	NOT-FOR-US: Trustwave Secure Web Gateway
 CVE-2017-18000
 	RESERVED
-CVE-2017-17999
+CVE-2017-17999 (SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allow ...)
 	NOT-FOR-US: RISE Ultimate Project Manager
 CVE-2017-17998
 	RESERVED
-CVE-2017-17997
+CVE-2017-17997 (In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointe ...)
 	{DLA-1634-1}
 	- wireshark 2.4.0-1
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -1426,37 +1426,37 @@ CVE-2017-17997
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14299
 	NOTE: https://code.wireshark.org/review/#/c/25063/
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=80a695869c9aef2fb473d9361da068022be7cb50
-CVE-2017-17996
+CVE-2017-17996 (A buffer overflow vulnerability in "Add command" functionality exists  ...)
 	NOT-FOR-US: Flexense SyncBreeze Enterprise
-CVE-2017-17995
+CVE-2017-17995 (Biometric Shift Employee Management System has XSS via the Last_Name p ...)
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17994
+CVE-2017-17994 (Biometric Shift Employee Management System has XSS via the criteria pa ...)
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17993
+CVE-2017-17993 (Biometric Shift Employee Management System has XSS via the amount para ...)
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17992
+CVE-2017-17992 (Biometric Shift Employee Management System allows Arbitrary File Downl ...)
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17991
+CVE-2017-17991 (Biometric Shift Employee Management System has XSS via the expense_nam ...)
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17990
+CVE-2017-17990 (Biometric Shift Employee Management System has CSRF via index.php in a ...)
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17989
+CVE-2017-17989 (Biometric Shift Employee Management System has XSS via the index.php h ...)
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17988
+CVE-2017-17988 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event ...)
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17987
+CVE-2017-17987 (PHP Scripts Mall Muslim Matrimonial Script allows arbitrary file uploa ...)
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17986
+CVE-2017-17986 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/caste ...)
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17985
+CVE-2017-17985 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/state ...)
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17984
+CVE-2017-17984 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event ...)
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17983
+CVE-2017-17983 (PHP Scripts Mall Muslim Matrimonial Script has SQL injection via the v ...)
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17982
+CVE-2017-17982 (PHP Scripts Mall Muslim Matrimonial Script has CSRF via admin/subadmin ...)
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
-CVE-2017-17981
+CVE-2017-17981 (PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/slide ...)
 	NOT-FOR-US: PHP Scripts Mall Muslim Matrimonial Script
 CVE-2017-17980
 	RESERVED
@@ -1466,16 +1466,16 @@ CVE-2017-17978
 	RESERVED
 CVE-2017-17977
 	RESERVED
-CVE-2017-17976
+CVE-2017-17976 (In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lea ...)
 	NOT-FOR-US: Perfex CRM
-CVE-2017-17975
+CVE-2017-17975 (Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/ ...)
 	{DSA-4188-1}
 	- linux 4.15.17-1
 	[jessie] - linux <not-affected> (Vulnerable code path not present)
 	[wheezy] - linux <not-affected> (Vulnerable code path not present)
-CVE-2017-17974
+CVE-2017-17974 (BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPser ...)
 	NOT-FOR-US: BA SYSTEMS BAS Web on BAS920 devices
-CVE-2017-17973
+CVE-2017-17973 (** DISPUTED ** In LibTIFF 4.0.8, there is a heap-based use-after-free  ...)
 	- tiff <unfixed> (unimportant)
 	- tiff3 <removed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2769
@@ -1494,26 +1494,26 @@ CVE-2017-1000436
 	REJECTED
 CVE-2017-1000435
 	REJECTED
-CVE-2017-1000501
+CVE-2017-1000501 (Awstats version 7.6 and earlier is vulnerable to a path traversal flaw ...)
 	{DSA-4092-1 DLA-1238-1}
 	- awstats 7.6+dfsg-2 (bug #885835)
 	NOTE: https://github.com/eldy/awstats/commit/cf219843a74c951bf5986f3a7fffa3dcf99c3899
 	NOTE: https://github.com/eldy/awstats/commit/06c0ab29c1e5059d9e0279c6b64d573d619e1651
 CVE-2017-17972
 	RESERVED
-CVE-2017-17971
+CVE-2017-17971 (The test_sql_and_script_inject function in htdocs/main.inc.php in Doli ...)
 	- dolibarr <removed> (bug #885828)
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/8000
-CVE-2017-17970
+CVE-2017-17970 (Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote atta ...)
 	NOT-FOR-US: Muviko
-CVE-2017-17969
+CVE-2017-17969 (Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeRe ...)
 	{DSA-4104-1 DLA-1268-1}
 	- p7zip 16.02+dfsg-5 (bug #888297)
 	NOTE: https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/
 	NOTE: Fixed in upstream 18.00-beta.
-CVE-2017-17968
+CVE-2017-17968 (A buffer overflow vulnerability in NetTransport.exe in NetTransport Do ...)
 	NOT-FOR-US: NetTransport Download Manager
-CVE-2017-17967
+CVE-2017-17967 (pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote attacke ...)
 	NOT-FOR-US: Kingsoft WPS Office
 CVE-2017-17966
 	RESERVED
@@ -1527,37 +1527,37 @@ CVE-2017-17962
 	RESERVED
 CVE-2017-17961
 	RESERVED
-CVE-2017-17960
+CVE-2017-17960 (PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerup ...)
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17959
+CVE-2017-17959 (PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the s ...)
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17958
+CVE-2017-17958 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the my_wishlist ...)
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17957
+CVE-2017-17957 (PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the m ...)
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17956
+CVE-2017-17956 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the admin/selle ...)
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17955
+CVE-2017-17955 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the shopping-ca ...)
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17954
+CVE-2017-17954 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the seller-view ...)
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17953
+CVE-2017-17953 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the category.ph ...)
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17952
+CVE-2017-17952 (PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registrati ...)
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17951
+CVE-2017-17951 (PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the s ...)
 	NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce
-CVE-2017-17950
+CVE-2017-17950 (Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid paramet ...)
 	NOT-FOR-US: Cells Blog
-CVE-2017-17949
+CVE-2017-17949 (Cells Blog 3.5 has XSS via the pub_readpost.php fmid parameter. ...)
 	NOT-FOR-US: Cells Blog
-CVE-2017-17948
+CVE-2017-17948 (Cells Blog 3.5 has XSS via the jfdname parameter in an act=showpic req ...)
 	NOT-FOR-US: Cells Blog
-CVE-2017-17947
+CVE-2017-17947 (A cross site scripting issue has been found in custompage.cgi in Pulse ...)
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2017-1000411
+CVE-2017-1000411 (OpenFlow Plugin and OpenDayLight Controller versions Nitrogen, Carbon, ...)
 	NOT-FOR-US: OpenDayLight
-CVE-2017-17946
+CVE-2017-17946 (A buffer overflow in Handy Password 4.9.3 allows remote attackers to e ...)
 	NOT-FOR-US: Handy Password
 CVE-2017-17945
 	RESERVED
@@ -1565,7 +1565,7 @@ CVE-2017-17944
 	RESERVED
 CVE-2017-17943
 	RESERVED
-CVE-2017-17942
+CVE-2017-17942 (In LibTIFF 4.0.9, there is a heap-based buffer over-read in the functi ...)
 	- tiff <unfixed> (low; bug #885579)
 	[buster] - tiff <postponed> (Minor issue, revisit once fixed upstream)
 	[stretch] - tiff <postponed> (Minor issue, revisit once fixed upstream)
@@ -1574,49 +1574,49 @@ CVE-2017-17942
 	- tiff3 <removed>
 	[wheezy] - tiff3 <postponed> (Minor issue, revisit once fixed upstream)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2767
-CVE-2017-17941
+CVE-2017-17941 (PHP Scripts Mall Single Theater Booking has SQL Injection via the admi ...)
 	NOT-FOR-US: PHP Scripts Mall Single Theater Booking
-CVE-2017-17940
+CVE-2017-17940 (PHP Scripts Mall Single Theater Booking has XSS via the title paramete ...)
 	NOT-FOR-US: PHP Scripts Mall Single Theater Booking
-CVE-2017-17939
+CVE-2017-17939 (PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesetting ...)
 	NOT-FOR-US: PHP Scripts Mall Single Theater Booking
-CVE-2017-17938
+CVE-2017-17938 (PHP Scripts Mall Single Theater Booking has XSS via the admin/viewthea ...)
 	NOT-FOR-US: PHP Scripts Mall Single Theater Booking
-CVE-2017-17937
+CVE-2017-17937 (Vanguard Marketplace Digital Products PHP has XSS via the phps_query p ...)
 	NOT-FOR-US: Vanguard Marketplace Digital Products PHP
-CVE-2017-17936
+CVE-2017-17936 (Vanguard Marketplace Digital Products PHP has CSRF via /search. ...)
 	NOT-FOR-US: Vanguard Marketplace Digital Products PHP
-CVE-2017-17935
+CVE-2017-17935 (The File_read_line function in epan/wslua/wslua_file.c in Wireshark th ...)
 	{DLA-1634-1}
 	- wireshark 2.4.4-1 (bug #885831)
 	[wheezy] - wireshark <ignored> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14295
 	NOTE: https://code.wireshark.org/review/#/c/24997/
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=137ab7d5681486c6d6cc8faac4300b7cd4ec0cf1
-CVE-2017-17934
+CVE-2017-17934 (ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, rela ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/920
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3755d2289b032919c065f6ab11ef570063f7f828
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/08278c7cf1c0b4f1da4cdcfaa857ff6b2373a1b2
-CVE-2017-17933
+CVE-2017-17933 (cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or ...)
 	NOT-FOR-US: NetWin SurgeFTP
-CVE-2017-17932
+CVE-2017-17932 (A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ...)
 	NOT-FOR-US: ALLPlayer
-CVE-2017-17931
+CVE-2017-17931 (PHP Scripts Mall Resume Clone Script has SQL Injection via the forget. ...)
 	NOT-FOR-US: PHP Scripts Mall Resume Clone Script
-CVE-2017-17930
+CVE-2017-17930 (PHP Scripts Mall Professional Service Script has CSRF via admin/genera ...)
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
-CVE-2017-17929
+CVE-2017-17929 (PHP Scripts Mall Professional Service Script has XSS via the admin/ban ...)
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
-CVE-2017-17928
+CVE-2017-17928 (PHP Scripts Mall Professional Service Script has SQL injection via the ...)
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
-CVE-2017-17927
+CVE-2017-17927 (PHP Scripts Mall Professional Service Script allows remote attackers t ...)
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
-CVE-2017-17926
+CVE-2017-17926 (PHP Scripts Mall Professional Service Script has a predicable registra ...)
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
-CVE-2017-17925
+CVE-2017-17925 (PHP Scripts Mall Professional Service Script has XSS via the admin/gen ...)
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
-CVE-2017-17924
+CVE-2017-17924 (PHP Scripts Mall Professional Service Script allows remote attackers t ...)
 	NOT-FOR-US: PHP Scripts Mall Professional Service Script
 CVE-2017-17923
 	RESERVED
@@ -1624,30 +1624,30 @@ CVE-2017-17922
 	RESERVED
 CVE-2017-17921
 	RESERVED
-CVE-2017-17920
+CVE-2017-17920 (** DISPUTED ** SQL injection vulnerability in the 'reorder' method in  ...)
 	- rails <unfixed> (unimportant)
 	NOTE: https://kay-malwarebenchmark.github.io/blog/ruby-on-rails-arbitrary-sql-injection/
 	NOTE: All of those methods accept arbitrary SQL by design.
-CVE-2017-17919
+CVE-2017-17919 (** DISPUTED ** SQL injection vulnerability in the 'order' method in Ru ...)
 	- rails <unfixed> (unimportant)
 	NOTE: https://kay-malwarebenchmark.github.io/blog/ruby-on-rails-arbitrary-sql-injection/
 	NOTE: All of those methods accept arbitrary SQL by design.
 CVE-2017-17918
 	RESERVED
-CVE-2017-17917
+CVE-2017-17917 (** DISPUTED ** SQL injection vulnerability in the 'where' method in Ru ...)
 	- rails <unfixed> (unimportant)
 	NOTE: https://kay-malwarebenchmark.github.io/blog/ruby-on-rails-arbitrary-sql-injection/
 	NOTE: All of those methods accept arbitrary SQL by design.
-CVE-2017-17916
+CVE-2017-17916 (** DISPUTED ** SQL injection vulnerability in the 'find_by' method in  ...)
 	- rails <unfixed> (unimportant)
 	NOTE: https://kay-malwarebenchmark.github.io/blog/ruby-on-rails-arbitrary-sql-injection/
 	NOTE: All of those methods accept arbitrary SQL by design.
-CVE-2017-17915
+CVE-2017-17915 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buff ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-3
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/1721f1b7e67a
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/535/
-CVE-2017-17914
+CVE-2017-17914 (In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ...)
 	{DLA-1227-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #886584)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -1655,7 +1655,7 @@ CVE-2017-17914
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/908
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/650ec57d84b7b1dce66435b8cd3b58f7ae66db1b
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/42781eeebadf111a2e01559735ea504a78192046
-CVE-2017-17913
+CVE-2017-17913 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buf ...)
 	{DSA-4321-1}
 	- graphicsmagick 1.3.27-3
 	[jessie] - graphicsmagick <not-affected> (webp feature was not compiled in)
@@ -1663,136 +1663,136 @@ CVE-2017-17913
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/88313ebe379c
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/6dda3c33f35f
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/536/
-CVE-2017-17912
+CVE-2017-17912 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buff ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-3
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/0d871e813a4f
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/533/
-CVE-2017-17911
+CVE-2017-17911 (packages/core/contact.php in Archon 3.21 rev-1 has XSS in the referer  ...)
 	NOT-FOR-US: Archon
-CVE-2017-17910
+CVE-2017-17910 (On Hoermann BiSecur devices before 2018, a vulnerability can be exploi ...)
 	NOT-FOR-US: Hoermann BiSecur
-CVE-2017-17909
+CVE-2017-17909 (PHP Scripts Mall Responsive Realestate Script has XSS via the admin/ge ...)
 	NOT-FOR-US: PHP Scripts Mall Responsive Realestate Script
-CVE-2017-17908
+CVE-2017-17908 (PHP Scripts Mall Responsive Realestate Script has CSRF via admin/gener ...)
 	NOT-FOR-US: PHP Scripts Mall Responsive Realestate Script
-CVE-2017-17907
+CVE-2017-17907 (PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php  ...)
 	NOT-FOR-US: PHP Scripts Mall Car Rental Script
-CVE-2017-17906
+CVE-2017-17906 (PHP Scripts Mall Car Rental Script has SQL Injection via the admin/car ...)
 	NOT-FOR-US: PHP Scripts Mall Car Rental Script
-CVE-2017-17905
+CVE-2017-17905 (PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php ...)
 	NOT-FOR-US: PHP Scripts Mall Car Rental Script
-CVE-2017-17904
+CVE-2017-17904 (FS Lynda Clone has XSS via the keywords parameter to tutorial/ or the  ...)
 	NOT-FOR-US: FS Lynda Clone
-CVE-2017-17903
+CVE-2017-17903 (FS Lynda Clone has CSRF via user/edit_profile, as demonstrated by addi ...)
 	NOT-FOR-US: FS Lynda Clone
-CVE-2017-17902
+CVE-2017-17902 (SQL Injection exists in Kliqqi CMS 3.5.2 via the randkey parameter of  ...)
 	NOT-FOR-US: Kliqqi CMS
-CVE-2017-17901
+CVE-2017-17901 (ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of s ...)
 	NOT-FOR-US: ZyXEL
-CVE-2017-17900
+CVE-2017-17900 (SQL injection vulnerability in fourn/index.php in Dolibarr ERP/CRM ver ...)
 	- dolibarr <removed> (bug #885321)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c
-CVE-2017-17899
+CVE-2017-17899 (SQL injection vulnerability in adherents/subscription/info.php in Doli ...)
 	- dolibarr <removed> (bug #885321)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c
-CVE-2017-17898
+CVE-2017-17898 (Dolibarr ERP/CRM version 6.0.4 does not block direct requests to *.tpl ...)
 	- dolibarr <removed> (bug #885321)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/6a62e139604dbbd5729e57df2433b37a5950c35c
-CVE-2017-17897
+CVE-2017-17897 (SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM  ...)
 	- dolibarr <removed> (bug #885321)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c
-CVE-2017-17896
+CVE-2017-17896 (Readymade Job Site Script has XSS via the keyword parameter to the /jo ...)
 	NOT-FOR-US: Readymade Job Site Script
-CVE-2017-17895
+CVE-2017-17895 (Readymade Job Site Script has SQL Injection via the location_name arra ...)
 	NOT-FOR-US: Readymade Job Site Script
-CVE-2017-17894
+CVE-2017-17894 (Readymade Job Site Script has CSRF via the /job URI. ...)
 	NOT-FOR-US: Readymade Job Site Script
-CVE-2017-17893
+CVE-2017-17893 (Readymade Video Sharing Script has XSS via the search_video.php search ...)
 	NOT-FOR-US: Readymade Video Sharing Script
-CVE-2017-17892
+CVE-2017-17892 (Readymade Video Sharing Script has SQL Injection via the viewsubs.php  ...)
 	NOT-FOR-US: Readymade Video Sharing Script
-CVE-2017-17891
+CVE-2017-17891 (Readymade Video Sharing Script has CSRF via user-profile-edit.php. ...)
 	NOT-FOR-US: Readymade Video Sharing Script
 CVE-2017-17890
 	RESERVED
-CVE-2017-17889
+CVE-2017-17889 (Kliqqi CMS 3.5.2 has XSS via a crafted group name in pligg/groups.php, ...)
 	NOT-FOR-US: Kliqqi CMS
-CVE-2017-17888
+CVE-2017-17888 (cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS ...)
 	NOT-FOR-US: Anti-Web
-CVE-2017-17887
+CVE-2017-17887 (In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in  ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/903
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7a42f63927e7f2e26846b7ed4560e9cb4984af7b
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/dddce3e790b5b0f5dad91a7960de67af5bdea789
-CVE-2017-17886
+CVE-2017-17886 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in  ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/874
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8204599ef0e85324876459e5d45db00660920482
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4a71d71f4ae289b6672102efaef6543643e8efb8
-CVE-2017-17885
+CVE-2017-17885 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in  ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/879
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2ba085736fd49ad89c1937d1ee2b80ae4e11ab97
 	NOTE: Imagemagick-6: https://github.com/ImageMagick/ImageMagick/commit/5e863ae629010110772321fd181bac34c4b57345
-CVE-2017-17884
+CVE-2017-17884 (In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in  ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/902
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4d6accd355119d54429a86a1859b8329f0130f30
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/82f20a898107a9c1ef6ad2024c4b191719b294ea
-CVE-2017-17883
+CVE-2017-17883 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in  ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/877
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b0a7241df0f889cc3158ba82774ff21fa1da87ec
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/2a1ec7d97f356e9fb6dbc328da17d93ab7a8167c
-CVE-2017-17882
+CVE-2017-17882 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in  ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/880
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/903f14eb94521aa6dca9d9ac55d3d9a6c7676a63
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/92fbef516b94ed96fa2a672831acd5dafb242ac5
-CVE-2017-17881
+CVE-2017-17881 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in  ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/878
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ece953bbe14e8514afc23e05e4030eea872e29da
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/aa601d79a630f6de0694fadbeee31456a357fa73
-CVE-2017-17880
+CVE-2017-17880 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based  ...)
 	- imagemagick 8:6.9.9.39+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/907
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4b5d1edb02c432040e3ff894d0c461bcce6fd2c9
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/663b3b432c202cd2aeda7ea7e82b74cce51ab1cf
 	NOTE: webp support not enabled, see #806425
-CVE-2017-17879
+CVE-2017-17879 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based b ...)
 	{DSA-4204-1 DSA-4074-1 DLA-1227-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #885125)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/906
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/72b3994a948a8a90dc664f3e7f72464878a31fbf
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e41f18ecccbdd1c38e1382057718e91e8f8d6d80
-CVE-2017-17878
+CVE-2017-17878 (An issue was discovered in Valve Steam Link build 643. Root passwords  ...)
 	NOT-FOR-US: Valve Steam Link
-CVE-2017-17877
+CVE-2017-17877 (An issue was discovered in Valve Steam Link build 643. When the SSH da ...)
 	NOT-FOR-US: Valve Steam Link
-CVE-2017-17876
+CVE-2017-17876 (Biometric Shift Employee Management System 3.0 allows remote attackers ...)
 	NOT-FOR-US: Biometric Shift Employee Management System
-CVE-2017-17875
+CVE-2017-17875 (The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via th ...)
 	NOT-FOR-US: JEXTN FAQ Pro extension for Joomla!
-CVE-2017-17874
+CVE-2017-17874 (Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file up ...)
 	NOT-FOR-US: Vanguard Marketplace Digital Products PHP
-CVE-2017-17873
+CVE-2017-17873 (Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via th ...)
 	NOT-FOR-US: Vanguard Marketplace Digital Products PHP
-CVE-2017-17872
+CVE-2017-17872 (The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection  ...)
 	NOT-FOR-US: JEXTN Video Gallery extension for Joomla!
-CVE-2017-17871
+CVE-2017-17871 (The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL In ...)
 	NOT-FOR-US: "JEXTN Question And Answer" extension for Joomla!
-CVE-2017-17870
+CVE-2017-17870 (The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the a ...)
 	NOT-FOR-US: JBuildozer extension for Joomla!
-CVE-2017-17869
+CVE-2017-17869 (The mgl-instagram-gallery plugin for WordPress has XSS via the single- ...)
 	NOT-FOR-US: mgl-instagram-gallery plugin for WordPress
-CVE-2017-17868
+CVE-2017-17868 (In Liferay Portal 6.1.0, the tags section has XSS via a Public Render  ...)
 	NOT-FOR-US: Liferay Portal
-CVE-2017-17867
+CVE-2017-17867 (Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated user ...)
 	NOT-FOR-US: Inteno iopsys
-CVE-2017-17866
+CVE-2017-17866 (pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain leng ...)
 	{DSA-4334-1}
 	- mupdf 1.12.0+ds1-1 (bug #885120)
 	[jessie] - mupdf <no-dsa> (Minor issue)
@@ -1801,18 +1801,18 @@ CVE-2017-17866
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698699 (not public)
 CVE-2017-17865
 	RESERVED
-CVE-2017-17864
+CVE-2017-17864 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles st ...)
 	{DSA-4073-1}
 	- linux 4.14.7-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-17863
+CVE-2017-17863 (kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does no ...)
 	{DSA-4073-1}
 	- linux 4.14.7-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.spinics.net/lists/stable/msg206985.html
-CVE-2017-17862
+CVE-2017-17862 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unrea ...)
 	{DSA-4073-1}
 	- linux 4.14.7-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -1821,11 +1821,11 @@ CVE-2017-17862
 	NOTE: https://www.spinics.net/lists/stable/msg206984.html
 CVE-2017-17861
 	RESERVED
-CVE-2017-17860
+CVE-2017-17860 (In Samsung Gear products, Bluetooth link key is updated to the differe ...)
 	NOT-FOR-US: Samsung
-CVE-2017-17859
+CVE-2017-17859 (Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass t ...)
 	NOT-FOR-US: Samsung Internet Browser
-CVE-2017-17858
+CVE-2017-17858 (Heap-based buffer overflow in the ensure_solid_xref function in pdf/pd ...)
 	- mupdf <not-affected> (Vulnerable code introduced in 1.11.1)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698819 (not public)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;a=commit;h=55c3f68d638ac1263a386e0aaa004bb6e8bde731
@@ -1834,46 +1834,46 @@ CVE-2017-17858
 	NOTE: https://github.com/mzet-/Security-Advisories/blob/master/mzet-adv-2017-01.md
 CVE-2017-17851
 	RESERVED
-CVE-2017-17850
+CVE-2017-17850 (An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and olde ...)
 	- asterisk 1:13.18.5~dfsg-1 (bug #885072)
 	[stretch] - asterisk <not-affected> (Vulnerable code introduced after 13.15.0)
 	[jessie] - asterisk <not-affected> (Vulnerable code introduced after 13.15.0)
 	[wheezy] - asterisk <not-affected> (Vulnerable code introduced after 13.15.0)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-014.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27480
-CVE-2017-17849
+CVE-2017-17849 (A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 a ...)
 	NOT-FOR-US: GetGo Download Manager
-CVE-2017-17857
+CVE-2017-17857 (The check_stack_boundary function in kernel/bpf/verifier.c in the Linu ...)
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introdued later)
 	[jessie] - linux <not-affected> (Vulnerable code introdued later)
 	[wheezy] - linux <not-affected> (Vulnerable code introdued later)
 	NOTE: Fixed by: https://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469
-CVE-2017-17856
+CVE-2017-17856 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local  ...)
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introdued later)
 	[jessie] - linux <not-affected> (Vulnerable code introdued later)
 	[wheezy] - linux <not-affected> (Vulnerable code introdued later)
 	NOTE: Fixed by: https://git.kernel.org/linus/a5ec6ae161d72f01411169a938fa5f8baea16e8f
-CVE-2017-17855
+CVE-2017-17855 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local  ...)
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introdued later)
 	[jessie] - linux <not-affected> (Vulnerable code introdued later)
 	[wheezy] - linux <not-affected> (Vulnerable code introdued later)
 	NOTE: Fixed by: https://git.kernel.org/linus/179d1c5602997fef5a940c6ddcf31212cbfebd14
-CVE-2017-17854
+CVE-2017-17854 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local  ...)
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introdued later)
 	[jessie] - linux <not-affected> (Vulnerable code introdued later)
 	[wheezy] - linux <not-affected> (Vulnerable code introdued later)
 	NOTE: Fixed by: https://git.kernel.org/linus/bb7f0f989ca7de1153bd128a40a71709e339fa03
-CVE-2017-17853
+CVE-2017-17853 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local  ...)
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introdued later)
 	[jessie] - linux <not-affected> (Vulnerable code introdued later)
 	[wheezy] - linux <not-affected> (Vulnerable code introdued later)
 	NOTE: Fixed by: https://git.kernel.org/linus/4374f256ce8182019353c0c639bb8d0695b4c941
-CVE-2017-17852
+CVE-2017-17852 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local  ...)
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introdued later)
 	[jessie] - linux <not-affected> (Vulnerable code introdued later)
@@ -1881,9 +1881,9 @@ CVE-2017-17852
 	NOTE: Fixed by: https://git.kernel.org/linus/468f6eafa6c44cb2c5d8aad35e12f06c240a812a
 CVE-2017-17842
 	RESERVED
-CVE-2017-17841
+CVE-2017-17841 (Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an in ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-17840
+CVE-2017-17840 (An issue was discovered in Open-iSCSI through 2.0.875. A local attacke ...)
 	- open-iscsi 2.0.874-5 (bug #885021)
 	[stretch] - open-iscsi <no-dsa> (Minor issue)
 	[jessie] - open-iscsi <ignored> (Minor issue, iscsiuio not built in this version, source affected)
@@ -1899,189 +1899,189 @@ CVE-2017-17839
 	REJECTED
 CVE-2017-17838
 	REJECTED
-CVE-2017-17837
+CVE-2017-17837 (The Apache DeltaSpike-JSF 1.8.0 module has a XSS injection leak in the ...)
 	NOT-FOR-US: Apache DeltaSpike-JSF module
-CVE-2017-17836
+CVE-2017-17836 (In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature d ...)
 	- airflow <itp> (bug #819700)
-CVE-2017-17835
+CVE-2017-17835 (In Apache Airflow 1.8.2 and earlier, a CSRF vulnerability allowed for  ...)
 	- airflow <itp> (bug #819700)
 CVE-2017-17834
 	REJECTED
-CVE-2017-17833
+CVE-2017-17833 (OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-relat ...)
 	{DLA-1364-1}
 	- openslp-dfsg <removed> (low)
 	[jessie] - openslp-dfsg <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/
-CVE-2017-17832
+CVE-2017-17832 (ServersCheck Monitoring Software before 14.2.3 is prone to a cross-sit ...)
 	NOT-FOR-US: ServersCheck Monitoring Software
-CVE-2017-17843
+CVE-2017-17843 (An issue was discovered in Enigmail before 1.9.9 that allows remote at ...)
 	{DSA-4070-1 DLA-1219-1}
 	- enigmail 2:1.9.9-1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17844
+CVE-2017-17844 (An issue was discovered in Enigmail before 1.9.9. A remote attacker ca ...)
 	{DSA-4070-1 DLA-1219-1}
 	- enigmail 2:1.9.9-1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17845
+CVE-2017-17845 (An issue was discovered in Enigmail before 1.9.9. Improper Random Secr ...)
 	{DSA-4070-1 DLA-1219-1}
 	- enigmail 2:1.9.9-1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17846
+CVE-2017-17846 (An issue was discovered in Enigmail before 1.9.9. Regular expressions  ...)
 	{DSA-4070-1 DLA-1219-1}
 	- enigmail 2:1.9.9-1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17847
+CVE-2017-17847 (An issue was discovered in Enigmail before 1.9.9. Signature spoofing i ...)
 	{DSA-4070-1 DLA-1219-1}
 	- enigmail 2:1.9.9-1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17848
+CVE-2017-17848 (An issue was discovered in Enigmail before 1.9.9. In a variant of CVE- ...)
 	{DSA-4070-1 DLA-1219-1}
 	- enigmail 2:1.9.9-1
 	NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17831
+CVE-2017-17831 (GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitra ...)
 	- git-lfs <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/git-lfs/git-lfs/pull/2242
 	NOTE: https://github.com/git-lfs/git-lfs/releases/tag/v2.1.1
-CVE-2017-17830
+CVE-2017-17830 (Bus Booking Script has CSRF via admin/new_master.php. ...)
 	NOT-FOR-US: Bus Booking Script
-CVE-2017-17829
+CVE-2017-17829 (Bus Booking Script has SQL Injection via the admin/view_seatseller.php ...)
 	NOT-FOR-US: Bus Booking Script
-CVE-2017-17828
+CVE-2017-17828 (Bus Booking Script has XSS via the results.php datepicker parameter or ...)
 	NOT-FOR-US: Bus Booking Script
-CVE-2017-17827
+CVE-2017-17827 (Piwigo 2.9.2 is vulnerable to Cross-Site Request Forgery via /admin.ph ...)
 	- piwigo <removed>
 	NOTE: https://github.com/Piwigo/Piwigo/issues/822
 	NOTE: https://github.com/Piwigo/Piwigo/commit/c3b4c6f7f0ddeaea492080fb8211d7b4cfedaf6f
 	NOTE: https://github.com/Piwigo/Piwigo/commit/77f02bfd76ed13dd14044d04cdd8d28213e1848d
-CVE-2017-17826
+CVE-2017-17826 (The Configuration component of Piwigo 2.9.2 is vulnerable to Persisten ...)
 	- piwigo <removed>
-CVE-2017-17825
+CVE-2017-17825 (The Batch Manager component of Piwigo 2.9.2 is vulnerable to Persisten ...)
 	- piwigo <removed>
-CVE-2017-17824
+CVE-2017-17824 (The Batch Manager component of Piwigo 2.9.2 is vulnerable to SQL Injec ...)
 	- piwigo <removed>
-CVE-2017-17823
+CVE-2017-17823 (The Configuration component of Piwigo 2.9.2 is vulnerable to SQL Injec ...)
 	- piwigo <removed>
-CVE-2017-17822
+CVE-2017-17822 (The List Users API of Piwigo 2.9.2 is vulnerable to SQL Injection via  ...)
 	- piwigo <removed>
-CVE-2017-17821
+CVE-2017-17821 (WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology ...)
 	- webkit2gtk <unfixed> (unimportant)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=181020 (not public)
 	NOTE: Not covered by security support
-CVE-2017-17820
+CVE-2017-17820 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_l ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392433
-CVE-2017-17819
+CVE-2017-17819 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address acces ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392435
 	NOTE: http://repo.or.cz/nasm.git/commit/7524cfd91492e6e3719b959498be584a9ced13af (nasm-2.13.02rc3)
-CVE-2017-17818
+CVE-2017-17818 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392428
-CVE-2017-17817
+CVE-2017-17817 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_v ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392427
-CVE-2017-17816
+CVE-2017-17816 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_g ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392426
-CVE-2017-17815
+CVE-2017-17815 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address acces ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: http://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3 (nasm-2.13.02rc3)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392436
-CVE-2017-17814
+CVE-2017-17814 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_d ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392430
-CVE-2017-17813
+CVE-2017-17813 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the  ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392429
-CVE-2017-17812
+CVE-2017-17812 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: http://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 (nasm-2.13.02rc3)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392424
-CVE-2017-17811
+CVE-2017-17811 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392432
-CVE-2017-17810
+CVE-2017-17810 (In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown addre ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: http://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4 (nasm-2.13.02rc3)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392431
-CVE-2017-17809
+CVE-2017-17809 (In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservic ...)
 	NOT-FOR-US: Golden Frog VyprVPN
 CVE-2017-17808
 	RESERVED
-CVE-2017-17807
+CVE-2017-17807 (The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access ...)
 	{DSA-4082-1 DSA-4073-1 DLA-1232-1}
 	- linux 4.14.7-1
 	NOTE: Fixed by: https://git.kernel.org/linus/4dca6ea1d9432052afb06baf2e3ae78188a4410b (v4.15-rc3)
-CVE-2017-17806
+CVE-2017-17806 (The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.1 ...)
 	{DSA-4082-1 DSA-4073-1 DLA-1232-1}
 	- linux 4.14.7-1
 	NOTE: Fixed by: https://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1 (v4.15-rc4)
-CVE-2017-17805
+CVE-2017-17805 (The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 doe ...)
 	{DSA-4082-1 DSA-4073-1 DLA-1232-1}
 	- linux 4.14.7-1
 	NOTE: Fixed by: https://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e (4.15-rc4)
-CVE-2017-17804
+CVE-2017-17804 (In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows loc ...)
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-17803
+CVE-2017-17803 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17802
+CVE-2017-17802 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17801
+CVE-2017-17801 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17800
+CVE-2017-17800 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17799
+CVE-2017-17799 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17798
+CVE-2017-17798 (In TG Soft Vir.IT eXplorer Lite 8.5.42, the driver file (VIRAGTLT.SYS) ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17797
+CVE-2017-17797 (In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows loc ...)
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-17796
+CVE-2017-17796 (In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file (VIRAGTLT.SYS) ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17795
+CVE-2017-17795 (In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows loc ...)
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-17794
+CVE-2017-17794 (validate_form_preferences in admin/preferences.php in BlogoText throug ...)
 	NOT-FOR-US: BlogoText
-CVE-2017-17793
+CVE-2017-17793 (Information Disclosure vulnerability in creer_fichier_zip in admin/mai ...)
 	NOT-FOR-US: BlogoText
-CVE-2017-17792
+CVE-2017-17792 (Cross site scripting (XSS) vulnerability in the markup_clean_href func ...)
 	NOT-FOR-US: BlogoText
 CVE-2017-17791
 	RESERVED
-CVE-2017-17790
+CVE-2017-17790 (The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 us ...)
 	{DSA-4259-1 DLA-1421-1 DLA-1222-1 DLA-1221-1}
 	- ruby2.5 2.5.0-1 (bug #884878)
 	- ruby2.3 <removed> (bug #884879)
@@ -2090,75 +2090,75 @@ CVE-2017-17790
 	- ruby1.8 <removed>
 	NOTE: https://github.com/ruby/ruby/pull/1777
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/e7464561b5151501beb356fc750d5dd1a88014f7
-CVE-2017-17783
+CVE-2017-17783 (In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImag ...)
 	{DSA-4321-1}
 	- graphicsmagick 1.3.27-2 (bug #884904)
 	[jessie] - graphicsmagick <no-dsa> (Minor issue)
 	[wheezy] - graphicsmagick <not-affected> (vulnerable code not present, unreproducible with ASAN)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=60932931559a
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/529/
-CVE-2017-17782
+CVE-2017-17782 (In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in R ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-2 (bug #884905)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=8e3d2264109c
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/530/
 CVE-2017-17781
 	REJECTED
-CVE-2017-17780
+CVE-2017-17780 (The Clockwork SMS clockwork-test-message.php component has XSS via a c ...)
 	NOT-FOR-US: Clockwork SMS plugins for WordPress
-CVE-2017-17779
+CVE-2017-17779 (Paid To Read Script 2.0.5 has SQL injection via the referrals.php id p ...)
 	NOT-FOR-US: Paid To Read Script
-CVE-2017-17778
+CVE-2017-17778 (Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter ...)
 	NOT-FOR-US: Paid To Read Script
-CVE-2017-17777
+CVE-2017-17777 (Paid To Read Script 2.0.5 has authentication bypass in the admin panel ...)
 	NOT-FOR-US: Paid To Read Script
-CVE-2017-17776
+CVE-2017-17776 (Paid To Read Script 2.0.5 has full path disclosure via an invalid admi ...)
 	NOT-FOR-US: Paid To Read Script
-CVE-2017-17775
+CVE-2017-17775 (Piwigo 2.9.2 has XSS via the name parameter in an admin.php?page=album ...)
 	- piwigo <removed>
-CVE-2017-17774
+CVE-2017-17774 (admin/configuration.php in Piwigo 2.9.2 has CSRF. ...)
 	- piwigo <removed>
-CVE-2017-17773
+CVE-2017-17773 (In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile MD ...)
 	NOT-FOR-US: Android Qualcomm closed-source components
 CVE-2017-17772
 	RESERVED
-CVE-2017-17771
+CVE-2017-17771 (In msm_isp_prepare_v4l2_buf in Android for MSM, Firefox OS for MSM, an ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17770
+CVE-2017-17770 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Android Linux component (source code not availalable, so probably Android-specific)
-CVE-2017-17769
+CVE-2017-17769 (Information leakage in Android for MSM, Firefox OS for MSM, and QRD An ...)
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-17768
 	RESERVED
-CVE-2017-17767
+CVE-2017-17767 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17766
+CVE-2017-17766 (In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MS ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17765
+CVE-2017-17765 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17764
+CVE-2017-17764 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17763
+CVE-2017-17763 (SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share featu ...)
 	NOT-FOR-US: SuperBeam
-CVE-2017-17762
+CVE-2017-17762 (XML external entity (XXE) vulnerability in Episerver 7 patch 4 and ear ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-17761
+CVE-2017-17761 (An issue was discovered on Ichano AtHome IP Camera devices. The device ...)
 	NOT-FOR-US: Ichano AtHome IP Camera
-CVE-2017-17476
+CVE-2017-17476 (Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5. ...)
 	{DSA-4069-1 DLA-1215-1}
 	- otrs2 6.0.3-1 (bug #884801)
 	NOTE: https://www.otrs.com/security-advisory-2017-10-security-update-otrs-framework/
 	NOTE: OTRS-6: https://github.com/OTRS/otrs/commit/36e3be99cfe8a9e09afa1b75fdc39f3e28f561fc
 	NOTE: OTRS-5: https://github.com/OTRS/otrs/commit/720c73fbf53e476ca7dfdf2ae1d4d3d2aad2b953
 	NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/26707eaaa791648e6c7ad6aeaa27efd70e7c66eb
-CVE-2017-17785
+CVE-2017-17785 (In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_ ...)
 	{DSA-4077-1 DLA-1220-1}
 	- gimp 2.8.20-1.1 (bug #884836)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=739133
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=edb251a7ef1602d20a5afcbf23f24afb163de63b (master)
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=1882bac996a20ab5c15c42b0c5e8f49033a1af54 (gimp-2-8)
 	NOTE: Can be reproduced (at least in wheezy) with "valgrind --trace-children=yes gimp <reproducerfile>"
-CVE-2017-17786
+CVE-2017-17786 (In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in ...)
 	{DSA-4077-1 DLA-1220-1}
 	- gimp 2.8.20-1.1 (unimportant; bug #884862)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=739134
@@ -2167,20 +2167,20 @@ CVE-2017-17786
 	NOTE: https://git.gnome.org/browse/gimp/commit/?h=gimp-2-8&id=ef9c821fff8b637a2178eab1c78cae6764c50e12 (gimp-2-8)
 	NOTE: https://git.gnome.org/browse/gimp/commit/?h=gimp-2-8&id=22e2571c25425f225abdb11a566cc281fca6f366 (gimp-2-8)
 	NOTE: Crash in desktop tool, no/negligible security impact
-CVE-2017-17788
+CVE-2017-17788 (In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_st ...)
 	{DSA-4077-1 DLA-1220-1}
 	- gimp 2.8.20-1.1 (unimportant; bug #885347)
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=702c4227e8b6169f781e4bb5ae4b5733f51ab126 (master)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790783
 	NOTE: Crash in desktop tool, no/negligible security impact
-CVE-2017-17784
+CVE-2017-17784 (In GIMP 2.8.22, there is a heap-based buffer over-read in load_image i ...)
 	{DSA-4077-1 DLA-1220-1}
 	- gimp 2.8.20-1.1 (unimportant; bug #884925)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790784
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=06d24a79af94837d615d0024916bb95a01bf3c59 (master)
 	NOTE: https://git.gnome.org/browse/gimp/commit/?id=c57f9dcf1934a9ab0cd67650f2dea18cb0902270 (gimp-2-8)
 	NOTE: Crash in desktop tool, no/negligible security impact
-CVE-2017-17789
+CVE-2017-17789 (In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_ ...)
 	{DSA-4077-1 DLA-1220-1}
 	- gimp 2.8.20-1.1 (bug #884837)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790849
@@ -2188,25 +2188,25 @@ CVE-2017-17789
 	NOTE: https://git.gnome.org/browse/GIMP/commit/?id=01898f10f87a094665a7fdcf7153990f4e511d3f (gimp-2-8)
 	NOTE: Cannot be reproduced in wheezy with "valgrind --trace-children=yes gimp <reproducerfile>"
 	NOTE: Some OOB read/write can be reproduced in sid with "valgrind --trace-children=yes gimp <reproducerfile>"
-CVE-2017-17787
+CVE-2017-17787 (In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator ...)
 	{DSA-4077-1 DLA-1220-1}
 	- gimp 2.8.20-1.1 (unimportant; bug #884927)
 	NOTE: https://git.gnome.org/browse/GIMP/commit/?id=eb2980683e6472aff35a3117587c4f814515c74d (master)
 	NOTE: https://git.gnome.org/browse/GIMP/commit/?id=87ba505fff85989af795f4ab6a047713f4d9381d (gimp-2-8)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790853
 	NOTE: Crash in desktop tool, no/negligible security impact
-CVE-2017-17760
+CVE-2017-17760 (OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData fun ...)
 	{DLA-1438-1 DLA-1235-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #885843)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/10351
 	NOTE: https://github.com/opencv/opencv/pull/10369/commits/7bbe1a53cfc097b82b1589f7915a2120de39274c
-CVE-2017-17759
+CVE-2017-17759 (Conarc iChannel allows remote attackers to obtain sensitive informatio ...)
 	NOT-FOR-US: Conarc iChannel
-CVE-2017-17758
+CVE-2017-17758 (TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to  ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-17757
+CVE-2017-17757 (TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to  ...)
 	NOT-FOR-US: TP-Link
 CVE-2017-17756
 	RESERVED
@@ -2214,29 +2214,29 @@ CVE-2017-17755
 	RESERVED
 CVE-2017-17754
 	RESERVED
-CVE-2017-17753
+CVE-2017-17753 (Multiple cross-site scripting (XSS) vulnerabilities in the esb-csv-imp ...)
 	NOT-FOR-US: esb-csv-import-export plugin for WordPress
-CVE-2017-17752
+CVE-2017-17752 (Ability Mail Server 3.3.2 has Cross Site Scripting (XSS) via the body  ...)
 	NOT-FOR-US: Ability Mail Server
-CVE-2017-17751
+CVE-2017-17751 (Bose SoundTouch devices allows remote attackers to achieve remote cont ...)
 	NOT-FOR-US: Bose SoundTouch devices
-CVE-2017-17750
+CVE-2017-17750 (Bose SoundTouch devices allow XSS via a crafted public playlist from S ...)
 	NOT-FOR-US: Bose SoundTouch devices
-CVE-2017-17749
+CVE-2017-17749 (Bose SoundTouch devices allow XSS via crafted song data from a music s ...)
 	NOT-FOR-US: Bose SoundTouch devices
 CVE-2017-17748
 	RESERVED
-CVE-2017-17747
+CVE-2017-17747 (Weak access controls in the Device Logout functionality on the TP-Link ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-17746
+CVE-2017-17746 (Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any u ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-17745
+CVE-2017-17745 (Cross-site scripting (XSS) vulnerability in system_name_set.cgi in TP- ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-17744
+CVE-2017-17744 (A cross-site scripting (XSS) vulnerability in the custom-map plugin th ...)
 	NOT-FOR-US: custom-map plugin for WordPress
-CVE-2017-17743
+CVE-2017-17743 (Improper input sanitization within the restricted administration shell ...)
 	NOT-FOR-US: UCOPIA Wireless Appliance
-CVE-2017-17742
+CVE-2017-17742 (Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x befo ...)
 	{DSA-4259-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
@@ -2244,74 +2244,74 @@ CVE-2017-17742
 	- ruby1.9.1 <removed>
 	- ruby1.8 <removed>
 	NOTE: https://www.ruby-lang.org/en/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/
-CVE-2017-17741
+CVE-2017-17741 (The KVM implementation in the Linux kernel through 4.14.7 allows attac ...)
 	{DSA-4082-1 DSA-4073-1 DLA-1232-1}
 	- linux 4.14.7-1
 	NOTE: https://www.spinics.net/lists/kvm/msg160796.html
-CVE-2017-17740
+CVE-2017-17740 (contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when bot ...)
 	- openldap <unfixed> (unimportant)
 	NOTE: http://www.openldap.org/its/index.cgi/Incoming?id=8759
 	NOTE: nops slapd-module not built
-CVE-2017-17739
+CVE-2017-17739 (The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and bel ...)
 	NOT-FOR-US: BrightSign Digital Signage
-CVE-2017-17738
+CVE-2017-17738 (The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and bel ...)
 	NOT-FOR-US: BrightSign Digital Signage
-CVE-2017-17737
+CVE-2017-17737 (The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and bel ...)
 	NOT-FOR-US: BrightSign Digital Signage
-CVE-2017-17736
+CVE-2017-17736 (Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attack ...)
 	NOT-FOR-US: Kentico
-CVE-2017-17735
+CVE-2017-17735 (CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login inf ...)
 	NOT-FOR-US: CMS Made Simple (CMSMS)
-CVE-2017-17734
+CVE-2017-17734 (CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login inf ...)
 	NOT-FOR-US: CMS Made Simple (CMSMS)
-CVE-2017-17733
+CVE-2017-17733 (Maccms 8.x allows remote command execution via the wd parameter in an  ...)
 	NOT-FOR-US: Maccms
 CVE-2017-17732
 	RESERVED
-CVE-2017-17731
+CVE-2017-17731 (DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to p ...)
 	NOT-FOR-US: DedeCMS
-CVE-2017-17730
+CVE-2017-17730 (DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/f ...)
 	NOT-FOR-US: DedeCMS
 CVE-2017-17729
 	RESERVED
 CVE-2017-17728
 	RESERVED
-CVE-2017-17727
+CVE-2017-17727 (DedeCMS through 5.6 allows arbitrary file upload and PHP code executio ...)
 	NOT-FOR-US: DedeCMS
 CVE-2017-17726
 	RESERVED
-CVE-2017-17725
+CVE-2017-17725 (In Exiv2 0.26, there is an integer overflow leading to a heap-based bu ...)
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Introduced in 0.26)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1525055
 	NOTE: https://github.com/Exiv2/exiv2/issues/188
 	NOTE: https://github.com/Exiv2/exiv2/pull/193
-CVE-2017-17724
+CVE-2017-17724 (In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Ip ...)
 	[experimental] - exiv2 <unfixed> (bug #891783)
 	- exiv2 <not-affected> (Introduced in 0.26)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1524107
 	NOTE: https://github.com/Exiv2/exiv2/issues/210
 	NOTE: https://github.com/Exiv2/exiv2/commit/962962a8e9885ccbca28f624492f1427152a0695
-CVE-2017-17723
+CVE-2017-17723 (In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Im ...)
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Introduced in 0.26)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1524104
 	NOTE: https://github.com/Exiv2/exiv2/issues/229
 	NOTE: https://github.com/Exiv2/exiv2/commit/36df4bc997d74ecc447e4541e2fc3fda10586103
-CVE-2017-17722
+CVE-2017-17722 (In Exiv2 0.26, there is a reachable assertion in the readHeader functi ...)
 	[experimental] - exiv2 <unfixed> (low; bug #891044)
 	- exiv2 <not-affected> (Vulnerable code introduced in 0.26)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1524116
 	NOTE: https://github.com/Exiv2/exiv2/issues/208
 	NOTE: https://github.com/Exiv2/exiv2/issues/228 (duplicate)
 	NOTE: https://github.com/Kicer86/exiv2/commit/1647908e00a4df7246d76678e59587e62c690dcd
-CVE-2017-17721
+CVE-2017-17721 (CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allo ...)
 	NOT-FOR-US: ZUUSE BEIMS ContractorWeb .NET
 CVE-2017-17720
 	RESERVED
-CVE-2017-17719
+CVE-2017-17719 (A cross-site scripting (XSS) vulnerability in the wp-concours plugin t ...)
 	NOT-FOR-US: wp-concours plugin for WordPress
-CVE-2017-17718
+CVE-2017-17718 (The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SS ...)
 	- ruby-net-ldap 0.16.1-1 (bug #884693)
 	[stretch] - ruby-net-ldap <no-dsa> (Minor issue)
 	[jessie] - ruby-net-ldap <not-affected> (Documentation already states that there is no validation)
@@ -2321,17 +2321,17 @@ CVE-2017-17718
 	NOTE: validation, see https://sources.debian.org/src/ruby-net-ldap/0.8.0-1/lib/net/ldap.rb/#L476
 	NOTE: In wheezy/jessie, only reverse dependencies are redmine (which is unsupported in wheezy)
 	NOTE: and ruby-omniauth-ldap (which has no reverse dep either).
-CVE-2017-17717
+CVE-2017-17717 (Sonatype Nexus Repository Manager through 2.14.5 has weak password enc ...)
 	NOT-FOR-US: Sonatype Nexus
-CVE-2017-17716
+CVE-2017-17716 (GitLab 9.4.x before 9.4.2 does not support LDAP SSL certificate verifi ...)
 	- gitlab <not-affected> (vulnerable version never uploaded to the archive)
-CVE-2017-17715
+CVE-2017-17715 (The saveFile method in MediaController.java in the Telegram Messenger  ...)
 	NOT-FOR-US: Telegram Messenger for Android
-CVE-2017-17714
+CVE-2017-17714 (Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId ...)
 	NOT-FOR-US: Trape
-CVE-2017-17713
+CVE-2017-17713 (Trape before 2017-11-05 has SQL injection via the /nr red parameter, t ...)
 	NOT-FOR-US: Trape
-CVE-2017-17712
+CVE-2017-17712 (The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel throu ...)
 	{DSA-4073-1}
 	- linux 4.14.7-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -2343,45 +2343,45 @@ CVE-2017-17710
 	RESERVED
 CVE-2017-17709
 	RESERVED
-CVE-2017-17708
+CVE-2017-17708 (Because of insufficient authorization checks it is possible for any au ...)
 	NOT-FOR-US: Pleasant Password Server
-CVE-2017-17707
+CVE-2017-17707 (Due to missing authorization checks, any authenticated user is able to ...)
 	NOT-FOR-US: Pleasant Password Server
 CVE-2017-17706
 	RESERVED
 CVE-2017-17705
 	RESERVED
-CVE-2017-17704
+CVE-2017-17704 (A door-unlocking issue was discovered on Software House iStar Ultra de ...)
 	NOT-FOR-US: Software House iStar Ultra devices
-CVE-2017-17703
+CVE-2017-17703 (Synacor Zimbra Collaboration Suite (ZCS) before 8.8.3 has Persistent X ...)
 	NOT-FOR-US: Zimbra
 CVE-2017-17702
 	RESERVED
-CVE-2017-17701
+CVE-2017-17701 (K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer de ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-17700
+CVE-2017-17700 (K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer de ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-17699
+CVE-2017-17699 (K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer de ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-17698
+CVE-2017-17698 (Zoho ManageEngine Password Manager Pro 9 before 9.4 (9400) has reflect ...)
 	NOT-FOR-US: Zoho ManageEngine Password Manager Pro
-CVE-2017-17697
+CVE-2017-17697 (The Ping() function in ui/api/target.go in Harbor through 1.3.0-rc4 ha ...)
 	NOT-FOR-US: Harbor
-CVE-2017-17696
+CVE-2017-17696 (Techno - Portfolio Management Panel through 2017-11-16 allows full pat ...)
 	NOT-FOR-US: Techno - Portfolio Management Panel
-CVE-2017-17695
+CVE-2017-17695 (Techno - Portfolio Management Panel through 2017-11-16 allows SQL Inje ...)
 	NOT-FOR-US: Techno - Portfolio Management Panel
-CVE-2017-17694
+CVE-2017-17694 (Techno - Portfolio Management Panel through 2017-11-16 allows XSS via  ...)
 	NOT-FOR-US: Techno - Portfolio Management Panel
-CVE-2017-17693
+CVE-2017-17693 (Techno - Portfolio Management Panel through 2017-11-16 does not check  ...)
 	NOT-FOR-US: Techno - Portfolio Management Panel
-CVE-2017-17692
+CVE-2017-17692 (Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass th ...)
 	NOT-FOR-US: Samsung Internet Browser
-CVE-2017-17691
+CVE-2017-17691 (Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses clea ...)
 	NOT-FOR-US: Homeputer CL Studio fur HomeMatic
 CVE-2017-17690
 	RESERVED
-CVE-2017-17689
+CVE-2017-17689 (The S/MIME specification allows a Cipher Block Chaining (CBC) malleabi ...)
 	- evolution <unfixed> (bug #898633; unimportant)
 	- kf5-messagelib 4:18.08.1-1 (bug #899127)
 	[stretch] - kf5-messagelib <no-dsa> (Defaults to secure handling, change to disable it entirely can be fixed via spu)
@@ -2396,7 +2396,7 @@ CVE-2017-17689
 	NOTE: kf5-messagelib: https://phabricator.kde.org/D12391 (v18.04.1)
 	NOTE: kf5-messagelib: https://phabricator.kde.org/D12393 (v18.04.1)
 	NOTE: kmail: https://phabricator.kde.org/D12394
-CVE-2017-17688
+CVE-2017-17688 (** DISPUTED ** The OpenPGP specification allows a Cipher Feedback Mode ...)
 	- enigmail 2:2.0.6.1-4 (bug #898630)
 	[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)
 	NOTE: vulnerability is in the clients handling, not in OpenPGP
@@ -2409,11 +2409,11 @@ CVE-2017-17686
 	RESERVED
 CVE-2017-17685
 	RESERVED
-CVE-2017-17684
+CVE-2017-17684 (Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c04  ...)
 	NOT-FOR-US: Panda Global Protection
-CVE-2017-17683
+CVE-2017-17683 (Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44  ...)
 	NOT-FOR-US: Panda Global Protection
-CVE-2017-17682
+CVE-2017-17682 (In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in t ...)
 	{DLA-1227-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #885942)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -2421,7 +2421,7 @@ CVE-2017-17682
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/870
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/da649f031e36753c69268c5c027e695b8ae45e9a
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/06c8dd4de59e48d282d4f224faa64ab9012a711a
-CVE-2017-17681
+CVE-2017-17681 (In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found  ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #885941)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -2433,7 +2433,7 @@ CVE-2017-17681
 	NOTE: different fix for IM-6: https://github.com/ImageMagick/ImageMagick/commit/cae42160e5ab6de4b2a9433267e143ce295ae957
 	NOTE: The fix involves all done changes on the relevant part of coders/psd.c between
 	NOTE: (and including) edf1b9408492b97cd08111a0a9cb123f6391dc5b and cae42160e5ab6de4b2a9433267e143ce295ae957 .
-CVE-2017-17680
+CVE-2017-17680 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in  ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/873
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/69601843684dd038a8397e1a12dd15777d2513bf
@@ -2452,32 +2452,32 @@ CVE-2017-17674
 	RESERVED
 CVE-2017-17673
 	RESERVED
-CVE-2017-17672
+CVE-2017-17672 (In vBulletin through 5.3.x, there is an unauthenticated deserializatio ...)
 	NOT-FOR-US: vBulletin
-CVE-2017-17671
+CVE-2017-17671 (vBulletin through 5.3.x on Windows allows remote PHP code execution be ...)
 	NOT-FOR-US: vBulletin
-CVE-2017-17670
+CVE-2017-17670 (In VideoLAN VLC media player through 2.2.8, there is a type conversion ...)
 	{DSA-4203-1}
 	- vlc 3.0.0~rc2-1
 	[jessie] - vlc <end-of-life> (See DSA-4203-1)
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/12/15/1
 	NOTE: POC: https://gist.github.com/dyntopia/194d912287656f66dd502158b0cd2e68
-CVE-2017-17669
+CVE-2017-17669 (There is a heap-based buffer over-read in the Exiv2::Internal::PngChun ...)
 	- exiv2 <unfixed> (bug #886006)
 	[stretch] - exiv2 <ignored> (Minor issue)
 	[jessie] - exiv2 <ignored> (Minor issue)
 	[wheezy] - exiv2 <ignored> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/187
-CVE-2017-17668
+CVE-2017-17668 (Memory write mechanism in NCR S1 Dispenser controller before firmware  ...)
 	NOT-FOR-US: NCR S1 Dispenser controller
 CVE-2017-17667
 	RESERVED
 CVE-2017-17666
 	RESERVED
-CVE-2017-17665
+CVE-2017-17665 (In Octopus Deploy before 4.1.3, the machine update process doesn't che ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2017-17664
+CVE-2017-17664 (A Remote Crash issue was discovered in Asterisk Open Source 13.x befor ...)
 	- asterisk 1:13.18.5~dfsg-1 (bug #884345)
 	[stretch] - asterisk 1:13.14.1~dfsg-2+deb9u3
 	[jessie] - asterisk <not-affected> (Vulnerable code introduced later)
@@ -2485,236 +2485,236 @@ CVE-2017-17664
 	NOTE: http://downloads.digium.com/pub/security/AST-2017-012.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27382
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27429
-CVE-2017-17663
+CVE-2017-17663 (The htpasswd implementation of mini_httpd before v1.28 and of thttpd b ...)
 	- mini-httpd <unfixed> (unimportant)
 	- thttpd <removed> (unimportant)
 	NOTE: http://acme.com/updates/archive/199.html
-CVE-2017-17662
+CVE-2017-17662 (Directory traversal in the HTTP server on Yawcam 0.2.6 through 0.6.0 d ...)
 	NOT-FOR-US: Yawcam
 CVE-2017-17661
 	RESERVED
 CVE-2017-17660
 	RESERVED
-CVE-2017-17659
+CVE-2017-17659 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17658
+CVE-2017-17658 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17657
+CVE-2017-17657 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17656
+CVE-2017-17656 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17655
+CVE-2017-17655 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17654
+CVE-2017-17654 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17653
+CVE-2017-17653 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17652
+CVE-2017-17652 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17651
+CVE-2017-17651 (Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php ...)
 	NOT-FOR-US: Paid To Read Script
 CVE-2017-17650
 	RESERVED
-CVE-2017-17649
+CVE-2017-17649 (Readymade Video Sharing Script 3.2 has HTML Injection via the single-v ...)
 	NOT-FOR-US: Readymade Video Sharing Script
-CVE-2017-17648
+CVE-2017-17648 (Entrepreneur Dating Script 2.0.1 has SQL Injection via the search_resu ...)
 	NOT-FOR-US: Entrepreneur Dating Script
 CVE-2017-17647
 	RESERVED
 CVE-2017-17646
 	RESERVED
-CVE-2017-17645
+CVE-2017-17645 (Bus Booking Script 1.0 has SQL Injection via the txtname parameter to  ...)
 	NOT-FOR-US: Bus Booking Script
 CVE-2017-17644
 	RESERVED
-CVE-2017-17643
+CVE-2017-17643 (FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tut ...)
 	NOT-FOR-US: FS Lynda Clone
-CVE-2017-17642
+CVE-2017-17642 (Basic Job Site Script 2.0.5 has SQL Injection via the keyword paramete ...)
 	NOT-FOR-US: Basic Job Site Script
-CVE-2017-17641
+CVE-2017-17641 (Resume Clone Script 2.0.5 has SQL Injection via the preview.php id par ...)
 	NOT-FOR-US: Resume Clone Script
-CVE-2017-17640
+CVE-2017-17640 (Advanced World Database 2.0.5 has SQL Injection via the city.php count ...)
 	NOT-FOR-US: Advanced World Database
-CVE-2017-17639
+CVE-2017-17639 (Muslim Matrimonial Script 3.02 has SQL Injection via the success-story ...)
 	NOT-FOR-US: Muslim Matrimonial Script
-CVE-2017-17638
+CVE-2017-17638 (Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php stat ...)
 	NOT-FOR-US: Groupon Clone Script
-CVE-2017-17637
+CVE-2017-17637 (Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val ...)
 	NOT-FOR-US: Car Rental Script
-CVE-2017-17636
+CVE-2017-17636 (MLM Forced Matrix 2.0.9 has SQL Injection via the news-detail.php newi ...)
 	NOT-FOR-US: MLM Forced Matrix
-CVE-2017-17635
+CVE-2017-17635 (MLM Forex Market Plan Script 2.0.4 has SQL Injection via the news_deta ...)
 	NOT-FOR-US: MLM Forex Market Plan Script
-CVE-2017-17634
+CVE-2017-17634 (Single Theater Booking Script 3.2.1 has SQL Injection via the findcity ...)
 	NOT-FOR-US: Single Theater Booking Script
-CVE-2017-17633
+CVE-2017-17633 (Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the ...)
 	NOT-FOR-US: Multiplex Movie Theater Booking Script
-CVE-2017-17632
+CVE-2017-17632 (Responsive Events And Movie Ticket Booking Script 3.2.1 has SQL Inject ...)
 	NOT-FOR-US: Responsive Events And Movie Ticket Booking Script
-CVE-2017-17631
+CVE-2017-17631 (Multireligion Responsive Matrimonial 4.7.2 has SQL Injection via the s ...)
 	NOT-FOR-US: Multireligion Responsive Matrimonial
-CVE-2017-17630
+CVE-2017-17630 (Yoga Class Script 1.0 has SQL Injection via the /list city parameter. ...)
 	NOT-FOR-US: Yoga Class Script
-CVE-2017-17629
+CVE-2017-17629 (Secure E-commerce Script 2.0.1 has SQL Injection via the category.php  ...)
 	NOT-FOR-US: Secure E-commerce Script
-CVE-2017-17628
+CVE-2017-17628 (Responsive Realestate Script 3.2 has SQL Injection via the property-li ...)
 	NOT-FOR-US: Responsive Realestate Script
-CVE-2017-17627
+CVE-2017-17627 (Readymade Video Sharing Script 3.2 has SQL Injection via the single-vi ...)
 	NOT-FOR-US: Readymade Video Sharing Script
-CVE-2017-17626
+CVE-2017-17626 (Readymade PHP Classified Script 3.3 has SQL Injection via the /categor ...)
 	NOT-FOR-US: Readymade PHP Classified Script
-CVE-2017-17625
+CVE-2017-17625 (Professional Service Script 1.0 has SQL Injection via the service-list ...)
 	NOT-FOR-US: Professional Service Script
-CVE-2017-17624
+CVE-2017-17624 (PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail. ...)
 	NOT-FOR-US: PHP Multivendor Ecommerce
-CVE-2017-17623
+CVE-2017-17623 (Opensource Classified Ads Script 3.2 has SQL Injection via the advance ...)
 	NOT-FOR-US: Opensource Classified Ads Script
-CVE-2017-17622
+CVE-2017-17622 (Online Exam Test Application Script 1.6 has SQL Injection via the exam ...)
 	NOT-FOR-US: Online Exam Test Application Script
-CVE-2017-17621
+CVE-2017-17621 (Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the P ...)
 	NOT-FOR-US: Multivendor Penny Auction Clone Script
-CVE-2017-17620
+CVE-2017-17620 (Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city p ...)
 	NOT-FOR-US: Lawyer Search Script
-CVE-2017-17619
+CVE-2017-17619 (Laundry Booking Script 1.0 has SQL Injection via the /list city parame ...)
 	NOT-FOR-US: Laundry Booking Script
-CVE-2017-17618
+CVE-2017-17618 (Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php  ...)
 	NOT-FOR-US: Kickstarter Clone Script
-CVE-2017-17617
+CVE-2017-17617 (Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.ph ...)
 	NOT-FOR-US: Foodspotting Clone Script
-CVE-2017-17616
+CVE-2017-17616 (Event Search Script 1.0 has SQL Injection via the /event-list city par ...)
 	NOT-FOR-US: Event Search Script
-CVE-2017-17615
+CVE-2017-17615 (Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php ...)
 	NOT-FOR-US: Facebook Clone Script
-CVE-2017-17614
+CVE-2017-17614 (Food Order Script 1.0 has SQL Injection via the /list city parameter. ...)
 	NOT-FOR-US: Food Order Script
-CVE-2017-17613
+CVE-2017-17613 (Freelance Website Script 2.0.6 has SQL Injection via the jobdetails.ph ...)
 	NOT-FOR-US: Freelance Website Script
-CVE-2017-17612
+CVE-2017-17612 (Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or ...)
 	NOT-FOR-US: Hot Scripts Clone
-CVE-2017-17611
+CVE-2017-17611 (Doctor Search Script 1.0 has SQL Injection via the /list city paramete ...)
 	NOT-FOR-US: Doctor Search Script
-CVE-2017-17610
+CVE-2017-17610 (E-commerce MLM Software 1.0 has SQL Injection via the service_detail.p ...)
 	NOT-FOR-US: E-commerce MLM Software
-CVE-2017-17609
+CVE-2017-17609 (Chartered Accountant Booking Script 1.0 has SQL Injection via the /ser ...)
 	NOT-FOR-US: Chartered Accountant Booking Script
-CVE-2017-17608
+CVE-2017-17608 (Child Care Script 1.0 has SQL Injection via the /list city parameter. ...)
 	NOT-FOR-US: Child Care Script
-CVE-2017-17607
+CVE-2017-17607 (CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-d ...)
 	NOT-FOR-US: CMS Auditor Website
-CVE-2017-17606
+CVE-2017-17606 (Co-work Space Search Script 1.0 has SQL Injection via the /list city p ...)
 	NOT-FOR-US: Co-work Space Search Script
-CVE-2017-17605
+CVE-2017-17605 (Consumer Complaints Clone Script 1.0 has SQL Injection via the other-u ...)
 	NOT-FOR-US: Consumer Complaints Clone Script
-CVE-2017-17604
+CVE-2017-17604 (Entrepreneur Bus Booking Script 3.0.4 has SQL Injection via the booker ...)
 	NOT-FOR-US: Entrepreneur Bus Booking Script
-CVE-2017-17603
+CVE-2017-17603 (Advanced Real Estate Script 4.0.7 has SQL Injection via the search-res ...)
 	NOT-FOR-US: Advanced Real Estate Script
-CVE-2017-17602
+CVE-2017-17602 (Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-deta ...)
 	NOT-FOR-US: Advance B2B Script
-CVE-2017-17601
+CVE-2017-17601 (Cab Booking Script 1.0 has SQL Injection via the /service-list city pa ...)
 	NOT-FOR-US: Cab Booking Script
-CVE-2017-17600
+CVE-2017-17600 (Basic B2B Script 2.0.8 has SQL Injection via the product_details.php i ...)
 	NOT-FOR-US: Basic B2B Script
-CVE-2017-17599
+CVE-2017-17599 (Advance Online Learning Management Script 3.1 has SQL Injection via th ...)
 	NOT-FOR-US: Advance Online Learning Management Script
-CVE-2017-17598
+CVE-2017-17598 (Affiliate MLM Script 1.0 has SQL Injection via the product-category.ph ...)
 	NOT-FOR-US: Affiliate MLM Script
-CVE-2017-17597
+CVE-2017-17597 (Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php s ...)
 	NOT-FOR-US: Nearbuy Clone Script
-CVE-2017-17596
+CVE-2017-17596 (Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsear ...)
 	NOT-FOR-US: Entrepreneur Job Portal Script
-CVE-2017-17595
+CVE-2017-17595 (Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gend ...)
 	NOT-FOR-US: Beauty Parlour Booking Script
-CVE-2017-17594
+CVE-2017-17594 (DomainSale PHP Script 1.0 has SQL Injection via the domain.php id para ...)
 	NOT-FOR-US: DomainSale PHP Script
-CVE-2017-17593
+CVE-2017-17593 (Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_pr ...)
 	NOT-FOR-US: Simple Chatting System
-CVE-2017-17592
+CVE-2017-17592 (Website Auction Marketplace 2.0.5 has SQL Injection via the search.php ...)
 	NOT-FOR-US: Website Auction Marketplace
-CVE-2017-17591
+CVE-2017-17591 (Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single- ...)
 	NOT-FOR-US: Realestate Crowdfunding Script
-CVE-2017-17590
+CVE-2017-17590 (FS Stackoverflow Clone 1.0 has SQL Injection via the /question keyword ...)
 	NOT-FOR-US: FS Stackoverflow Clone
-CVE-2017-17589
+CVE-2017-17589 (FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php c ...)
 	NOT-FOR-US: FS Thumbtack Clone
-CVE-2017-17588
+CVE-2017-17588 (FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvs ...)
 	NOT-FOR-US: FS IMDB Clone
-CVE-2017-17587
+CVE-2017-17587 (FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token  ...)
 	NOT-FOR-US: FS Indiamart Clone
-CVE-2017-17586
+CVE-2017-17586 (FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter  ...)
 	NOT-FOR-US: FS Olx Clone
-CVE-2017-17585
+CVE-2017-17585 (FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id ...)
 	NOT-FOR-US: FS Monster Clone
-CVE-2017-17584
+CVE-2017-17584 (FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.p ...)
 	NOT-FOR-US: FS Makemytrip Clone
-CVE-2017-17583
+CVE-2017-17583 (FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords ...)
 	NOT-FOR-US: FS Shutterstock Clone
-CVE-2017-17582
+CVE-2017-17582 (FS Grubhub Clone 1.0 has SQL Injection via the /food keywords paramete ...)
 	NOT-FOR-US: FS Grubhub Clone
-CVE-2017-17581
+CVE-2017-17581 (FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid pa ...)
 	NOT-FOR-US: FS Quibids Clone
-CVE-2017-17580
+CVE-2017-17580 (FS Linkedin Clone 1.0 has SQL Injection via the group.php grid paramet ...)
 	NOT-FOR-US: FS Linkedin Clone
-CVE-2017-17579
+CVE-2017-17579 (FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parame ...)
 	NOT-FOR-US: FS Freelancer Clone
-CVE-2017-17578
+CVE-2017-17578 (FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_detai ...)
 	NOT-FOR-US: FS Crowdfunding Script
-CVE-2017-17577
+CVE-2017-17577 (FS Trademe Clone 1.0 has SQL Injection via the search_item.php search  ...)
 	NOT-FOR-US: FS Trademe Clone
-CVE-2017-17576
+CVE-2017-17576 (FS Gigs Script 1.0 has SQL Injection via the browse-category.php cat p ...)
 	NOT-FOR-US: FS Gigs Script
-CVE-2017-17575
+CVE-2017-17575 (FS Groupon Clone 1.0 has SQL Injection via the item_details.php id par ...)
 	NOT-FOR-US: FS Groupon Clone
-CVE-2017-17574
+CVE-2017-17574 (FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or j ...)
 	NOT-FOR-US: FS Care Clone
-CVE-2017-17573
+CVE-2017-17573 (FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter,  ...)
 	NOT-FOR-US: FS Ebay Clone
-CVE-2017-17572
+CVE-2017-17572 (FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari. ...)
 	NOT-FOR-US: FS Amazon Clone
-CVE-2017-17571
+CVE-2017-17571 (FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parame ...)
 	NOT-FOR-US: FS Foodpanda Clone
-CVE-2017-17570
+CVE-2017-17570 (FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.ph ...)
 	NOT-FOR-US: FS Expedia Clone
-CVE-2017-17569
+CVE-2017-17569 (Scubez Posty Readymade Classifieds has XSS via the admin/user_activate ...)
 	NOT-FOR-US: Scubez Posty Readymade Classifieds
-CVE-2017-17568
+CVE-2017-17568 (Scubez Posty Readymade Classifieds has Incorrect Access Control for vi ...)
 	NOT-FOR-US: Scubez Posty Readymade Classifieds
-CVE-2017-17567
+CVE-2017-17567 (Scubez Posty Readymade Classifieds has SQL Injection via the admin/use ...)
 	NOT-FOR-US: Scubez Posty Readymade Classifieds
-CVE-2017-17562
+CVE-2017-17562 (Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is  ...)
 	NOT-FOR-US: Embedthis GoAhead
-CVE-2017-17561
+CVE-2017-17561 (SeaCMS 6.56 allows remote authenticated administrators to execute arbi ...)
 	NOT-FOR-US: SeaCMS
-CVE-2017-17560
+CVE-2017-17560 (An issue was discovered on Western Digital MyCloud PR4100 2.30.172 dev ...)
 	NOT-FOR-US: Western Digital MyCloud
 CVE-2017-17559
 	RESERVED
-CVE-2017-17565
+CVE-2017-17565 (An issue was discovered in Xen through 4.9.x allowing PV guest OS user ...)
 	{DSA-4112-1 DLA-1549-1 DLA-1230-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	NOTE: https://xenbits.xen.org/xsa/advisory-251.html
-CVE-2017-17564
+CVE-2017-17564 (An issue was discovered in Xen through 4.9.x allowing guest OS users t ...)
 	{DSA-4112-1 DLA-1549-1 DLA-1230-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	NOTE: https://xenbits.xen.org/xsa/advisory-250.html
-CVE-2017-17563
+CVE-2017-17563 (An issue was discovered in Xen through 4.9.x allowing guest OS users t ...)
 	{DSA-4112-1 DLA-1549-1 DLA-1230-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	NOTE: https://xenbits.xen.org/xsa/advisory-249.html
-CVE-2017-17566
+CVE-2017-17566 (An issue was discovered in Xen through 4.9.x allowing PV guest OS user ...)
 	{DSA-4112-1 DLA-1549-1 DLA-1230-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	NOTE: https://xenbits.xen.org/xsa/advisory-248.html
-CVE-2017-17558
+CVE-2017-17558 (The usb_destroy_configuration function in drivers/usb/core/config.c in ...)
 	{DSA-4082-1 DSA-4073-1 DLA-1232-1}
 	- linux 4.14.7-1
 	NOTE: https://www.spinics.net/lists/linux-usb/msg163644.html
 	NOTE: Fixed by: https://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7
-CVE-2017-17557
+CVE-2017-17557 (In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exi ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-17556
+CVE-2017-17556 (A debug tool in Synaptics TouchPad drivers allows local users with adm ...)
 	NOT-FOR-US: debug tool in Synaptics TouchPad drivers
-CVE-2017-17555
+CVE-2017-17555 (The swri_audio_convert function in audioconvert.c in FFmpeg libswresam ...)
 	- aubio 0.4.6-1 (low; bug #884232)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
@@ -2724,7 +2724,7 @@ CVE-2017-17555
 	NOTE: aubio initializes libswresample with 2 channels and then passes data
 	NOTE: that contains just one channel. Not an issue in src:ffmpeg.
 	NOTE: https://github.com/aubio/aubio/issues/137
-CVE-2017-17554
+CVE-2017-17554 (A NULL pointer dereference (DoS) Vulnerability was found in the functi ...)
 	- aubio 0.4.6-1 (low; bug #884237)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
@@ -2732,15 +2732,15 @@ CVE-2017-17554
 	NOTE: Fixed by: https://github.com/aubio/aubio/commit/a81b12a3b4174953b3bc7ef4c37103f4d5636740
 	NOTE: https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20%20aubio_source_avcodec_readframe%20of%20aubio.md
 	NOTE: https://github.com/aubio/aubio/issues/137
-CVE-2017-17553
+CVE-2017-17553 (The Dolphin Browser for Android 12.0.2 suffers from an insecure parsin ...)
 	NOT-FOR-US: Dolphin Browser for Android
-CVE-2017-17552
+CVE-2017-17552 (/LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 allo ...)
 	NOT-FOR-US: Zoho ManageEngine AD Manager Plus
-CVE-2017-17551
+CVE-2017-17551 (The Backup and Restore feature in Mobotap Dolphin Browser for Android  ...)
 	NOT-FOR-US: Dolphin Browser for Android
-CVE-2017-17550
+CVE-2017-17550 (ZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 devices are affected by a C ...)
 	NOT-FOR-US: ZyXEL
-CVE-2017-17549
+CVE-2017-17549 (Citrix NetScaler Application Delivery Controller (ADC) and NetScaler G ...)
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
 CVE-2017-17548
 	RESERVED
@@ -2752,80 +2752,80 @@ CVE-2017-17545
 	RESERVED
 CVE-2017-17544
 	RESERVED
-CVE-2017-17543
+CVE-2017-17543 (Users' VPN authentication credentials are unsafely encrypted in Fortin ...)
 	NOT-FOR-US: Fortinet FortiClient
 CVE-2017-17542
 	RESERVED
-CVE-2017-17541
+CVE-2017-17541 (A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6. ...)
 	NOT-FOR-US: Fortinet
-CVE-2017-17540
+CVE-2017-17540 (The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows  ...)
 	NOT-FOR-US: Fortinet FortiWLC
-CVE-2017-17539
+CVE-2017-17539 (The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and ea ...)
 	NOT-FOR-US: Fortinet FortiWLC
-CVE-2017-17538
+CVE-2017-17538 (MikroTik v6.40.5 devices allow remote attackers to cause a denial of s ...)
 	NOT-FOR-US: MikroTik
-CVE-2017-17537
+CVE-2017-17537 (MikroTik RouterBOARD v6.39.2 and v6.40.5 allows an unauthenticated rem ...)
 	NOT-FOR-US: MikroTik
-CVE-2017-17536
+CVE-2017-17536 (Phabricator before 2017-11-10 does not block the --config and --debugg ...)
 	- phabricator <unfixed> (unimportant)
 	NOTE: Fixed by: https://github.com/phacility/phabricator/commit/a7921a4448093d00defa8bd18f35b8c8f8bf3314
 	NOTE: Starting with 0~git20160726-3 the Phabricator package is not built
 	NOTE: The issue is unfixed in the source up to 0~git20170812-1
 	NOTE: Fixed in 0~git20171202-1 (not yet accepted from NEW)
-CVE-2017-17535
+CVE-2017-17535 (lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before ...)
 	- gjots2 <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/gjots2/2.4.1-2/lib/gui.py/?hl=2188#L2188
-CVE-2017-17534
+CVE-2017-17534 (uiutil.c in Mensis 0.0.080507 does not validate strings before launchi ...)
 	- mensis <removed> (unimportant)
 	NOTE: https://sources.debian.org/src/mensis/0.0.080507-4/uiutil.c/?hl=293#L428
-CVE-2017-17533
+CVE-2017-17533 (** DISPUTED ** default.tcl in Tkabber 1.1 does not validate strings be ...)
 	NOTE: Originally assigned for src:tkabber
 	NOTE: https://sources.debian.org/src/tkabber/1.1-1/default.tcl/?hl=118#L118
 	NOTE: TCL's exec call does not involve the shell. It does its own argument parsing
 	NOTE: which safely forwards the content of any variable. No command injection is
 	NOTE: thus possible. See https://tcl.tk/man/tcl/TclCmd/exec.htm
 	NOTE: MITRE only considers this as DISPUTED rather than fully REJECT The CVE.
-CVE-2017-17532
+CVE-2017-17532 (examples/framework/news/news3.py in Kiwi 1.9.22 does not validate stri ...)
 	- kiwi <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/kiwi/1.9.22-4/examples/framework/news/news3.py/?hl=88#L88
 	NOTE: Only in examples code, negligible impact
-CVE-2017-17531
+CVE-2017-17531 (gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launchi ...)
 	- global 6.6.1-1 (unimportant; bug #884912)
 	[stretch] - global 6.5.6-2+deb9u1
 	NOTE: https://sources.debian.org/src/global/4.8.6-2/gozilla/gozilla.c/#L269
-CVE-2017-17530
+CVE-2017-17530 (common/help.c in Geomview 1.9.5 does not validate strings before launc ...)
 	- geomview <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/geomview/1.9.5-1/src/bin/geomview/common/help.c/?hl=51#L83
-CVE-2017-17529
+CVE-2017-17529 (af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings ...)
 	- abiword <unfixed> (unimportant; bug #884923)
 	NOTE: Non-issue, nothing exploitable, should be rejected
-CVE-2017-17528
+CVE-2017-17528 (backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not valida ...)
 	- scummvm <unfixed> (unimportant)
 	[wheezy] - scummvm <not-affected> (Vulnerable code not there)
 	NOTE: https://sources.debian.org/src/scummvm/1.9.0+dfsg-2/backends/platform/sdl/posix/posix.cpp/?hl=274#L274
-CVE-2017-17527
+CVE-2017-17527 (** DISPUTED ** delphi_gui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does n ...)
 	- pasdoc 0.15.0-1 (unimportant)
 	NOTE: https://sources.debian.org/src/pasdoc/0.14.0-1/source/delphi_gui/WWWBrowserRunnerDM.pas/?hl=63#L63
 	NOTE: Marked as unimportant since issue in unused code. MITRE marks CVE as
 	NOTE: disputed.
-CVE-2017-17526
+CVE-2017-17526 (Input.cc in Bernard Parisse Giac 1.2.3.57 does not validate strings be ...)
 	- giac <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/giac/1.2.3.57+dfsg1-2/src/Input.cc/?hl=68#L77
-CVE-2017-17525
+CVE-2017-17525 (guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate st ...)
 	- postbooks <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/postbooks/4.7.0-3/guiclient/guiclient.cpp/?hl=1610#L1610
-CVE-2017-17524
+CVE-2017-17524 (library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings b ...)
 	- swi-prolog <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/swi-prolog/7.2.3+dfsg-1/library/www_browser.pl/?hl=68#L68
 	NOTE: In wheezy it is technically possible to trigger an argument injection
 	NOTE: vulnerability however it is quoted in an unusual way which makes it highly
 	NOTE: unlikely that it going to be.
-CVE-2017-17523
+CVE-2017-17523 (lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings b ...)
 	- lilypond 2.18.2-12 (bug #884136)
 	[jessie] - lilypond <no-dsa> (Minor issue)
 	[wheezy] - lilypond <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/testlilyissues/issues/5243/
-CVE-2017-17522
+CVE-2017-17522 (** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not vali ...)
 	- jython <unfixed> (unimportant)
 	[wheezy] - jython <not-affected> (Vulnerable code is not provided in the binary package)
 	- python2.6 <removed> (unimportant)
@@ -2840,35 +2840,35 @@ CVE-2017-17522
 	NOTE: https://bugs.python.org/issue32367
 	NOTE: Hardly an issue with security impact, as the problematic code further relies
 	NOTE: on subprocess.Popen with the default shell=False.
-CVE-2017-17521
+CVE-2017-17521 (uiutil.c in FontForge through 20170731 does not validate strings befor ...)
 	- fontforge <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/fontforge/1:20170731%7Edfsg-1/fontforgeexe/uiutil.c/#L285
-CVE-2017-17520
+CVE-2017-17520 (** DISPUTED ** tools/url_handler.pl in TIN 2.4.1 does not validate str ...)
 	- tin <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/tin/1:2.4.1-1/tools/url_handler.pl/?hl=120#L120
 	NOTE: Documentation has a clear SECURITY section mentioning that [...] url_handler
 	NOTE: does not try hard to shell escape its input nor does it convert relative URLs
 	NOTE: into abosulte ones. If you use url_handler.pl from other applications be sure to
 	NOTE: at least shell escaped its input.
-CVE-2017-17519
+CVE-2017-17519 (batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries)  ...)
 	- ocaml-batteries <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/ocaml-batteries/2.6.0-1/src/batteriesConfig.mlp/?hl=23#L23
-CVE-2017-17518
+CVE-2017-17518 (swt/motif/browser.c in White_dune (aka whitedune) 0.30.10 does not val ...)
 	- whitedune <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/whitedune/0.30.10-2.1/src/swt/motif/browser.c/?hl=159#L214
-CVE-2017-17517
+CVE-2017-17517 (libsylph/utils.c in Sylpheed through 3.6 does not validate strings bef ...)
 	- sylpheed <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/sylpheed/3.5.1-1/libsylph/utils.c/?hl=4292#L4292
-CVE-2017-17516
+CVE-2017-17516 (scripts/inspect_webbrowser.py in Reddit Terminal Viewer (RTV) 1.19.0 d ...)
 	- rtv <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/rtv/1.20.0+dfsg-1/scripts/inspect_webbrowser.py/
-CVE-2017-17515
+CVE-2017-17515 (** DISPUTED ** etc/ObjectList in Metview 4.7.3 does not validate strin ...)
 	- metview <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/metview/4.7.2-3/share/metview/etc/ObjectList/?hl=2857#L2857
-CVE-2017-17514
+CVE-2017-17514 (** DISPUTED ** boxes.c in nip2 8.4.0 does not validate strings before  ...)
 	- nip2 <unfixed> (unimportant)
 	NOTE: https://sources.debian.org/src/nip2/8.4.0-1/src/boxes.c/?hl=727#L727
-CVE-2017-17513
+CVE-2017-17513 (TeX Live through 20170524 does not validate strings before launching t ...)
 	- texlive-base <unfixed> (unimportant)
 	[wheezy] - texlive-base <not-affected> (Vulnerable code do not exist)
 	- texlive-bin <unfixed> (unimportant)
@@ -2878,11 +2878,11 @@ CVE-2017-17513
 	NOTE: https://sources.debian.org/src/texlive-base/2017.20171128-1/texmf-dist/tex/luatex/lualibs/lualibs-os.lua/#L153
 	NOTE: https://sources.debian.org/src/texlive-bin/2016.20160513.41080.dfsg-2/texk/texlive/linked_scripts/context/stubs/unix/mtxrun/#L3004
 	NOTE: https://sources.debian.org/src/context/2017.05.15.20170613-2/texmf-dist/scripts/context/stubs/mswin/mtxrun.lua/?hl=3424#L3424
-CVE-2017-17512
+CVE-2017-17512 (sensible-browser in sensible-utils before 0.0.11 does not validate str ...)
 	{DSA-4071-1 DLA-1209-1}
 	- sensible-utils 0.0.11 (bug #881767)
 	NOTE: https://anonscm.debian.org/git/collab-maint/sensible-utils.git/commit/?id=e16c937c43126df7f08d355277f99dd94cc21ce5
-CVE-2017-17511
+CVE-2017-17511 (KildClient 3.1.0 does not validate strings before launching the progra ...)
 	{DLA-1210-1}
 	- kildclient 3.2.0-1 (bug #885007)
 	[stretch] - kildclient 3.1.0-1+deb9u1
@@ -2891,21 +2891,21 @@ CVE-2017-17511
 	NOTE: https://sources.debian.org/src/kildclient/3.1.0-1/src/prefs.c/?hl=324#L324
 CVE-2017-17510
 	RESERVED
-CVE-2017-17509
+CVE-2017-17509 (In HDF5 1.10.1, there is an out of bounds write vulnerability in the f ...)
 	- hdf5 1.10.4+repack-1 (bug #884365)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
 	NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/5-hdf5-heap-overflow-H5G__ent_decode_vec
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
-CVE-2017-17508
+CVE-2017-17508 (In HDF5 1.10.1, there is a divide-by-zero vulnerability in the functio ...)
 	- hdf5 1.10.4+repack-1 (bug #884365)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
 	NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/1-hdf5-divbyzero-H5T_set_loc
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
-CVE-2017-17507
+CVE-2017-17507 (In HDF5 1.10.1, there is an out of bounds read vulnerability in the fu ...)
 	- hdf5 <unfixed> (low; bug #915807)
 	[buster] - hdf5 <no-dsa> (Minor issue, requires ABI change)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
@@ -2915,48 +2915,48 @@ CVE-2017-17507
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
 	NOTE: Fixing the bug requires an ABI changes thus upstream will only include a fix
 	NOTE: on a major version bump.
-CVE-2017-17506
+CVE-2017-17506 (In HDF5 1.10.1, there is an out of bounds read vulnerability in the fu ...)
 	- hdf5 1.10.4+repack-1 (bug #884365)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
 	NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/4-hdf5-outbound-read-H5Opline_pline_decode
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
-CVE-2017-17505
+CVE-2017-17505 (In HDF5 1.10.1, there is a NULL pointer dereference in the function H5 ...)
 	- hdf5 1.10.4+repack-1 (bug #884365)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
 	NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/2-hdf5-null-pointer-H5O_pline_decode
 	NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md
-CVE-2017-17504
+CVE-2017-17504 (ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_pro ...)
 	{DSA-4204-1 DSA-4074-1 DLA-1227-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #885340)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/872
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/ce3a586a43a7d13442587eb7f28d129557b6a135
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/59c49559e302e06bfba46cb6feb4e39adbe675b6
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/fb89192c4ca1600741af79dd22166a7d91e76924
-CVE-2017-17503
+CVE-2017-17503 (ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/i ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/460ef5e858ad
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/522/
-CVE-2017-17502
+CVE-2017-17502 (ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/i ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/a9c425688397
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/521/
-CVE-2017-17501
+CVE-2017-17501 (WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-b ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/5b8414c0d0c4
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/526/
-CVE-2017-17500
+CVE-2017-17500 (ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/imp ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/1366f2dd9931
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/523/
-CVE-2017-17499
+CVE-2017-17499 (ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-fr ...)
 	{DSA-4074-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #885339)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
@@ -2964,12 +2964,12 @@ CVE-2017-17499
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8c35502217c1879cb8257c617007282eee3fe1cc
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/dd96d671e4d5ae22c6894c302e8996c13f24c45a
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=33078&sid=5fbb164c3830293138917f9b14264ed1
-CVE-2017-17498
+CVE-2017-17498 (WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote a ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1231-1}
 	- graphicsmagick 1.3.27-1
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f1c418ef0260
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/525/
-CVE-2017-17497
+CVE-2017-17497 (In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows a ...)
 	- tidy-html5 2:5.6.0-3
 	[stretch] - tidy-html5 <not-affected> (Vulnerable code introduced after 5.6.0)
 	- tidy <not-affected> (Vulnerable code not present)
@@ -3000,12 +3000,12 @@ CVE-2017-17487
 	RESERVED
 CVE-2017-17486
 	RESERVED
-CVE-2017-17485
+CVE-2017-17485 (FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allo ...)
 	{DSA-4114-1}
 	- jackson-databind 2.9.4-1 (bug #888318)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1528565#c0
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/1855
-CVE-2017-17484
+CVE-2017-17484 (The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Compone ...)
 	- icu <not-affected> (Vulnerable code not present, only experimental was ever affected and fixed in 60.2-1)
 	NOTE: https://ssl.icu-project.org/trac/ticket/13510
 	NOTE: https://ssl.icu-project.org/trac/ticket/13490
@@ -3015,48 +3015,48 @@ CVE-2017-17484
 	NOTE: Introduced by https://ssl.icu-project.org/trac/changeset/40455/
 CVE-2017-17483
 	RESERVED
-CVE-2017-17482
+CVE-2017-17482 (An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and throu ...)
 	NOT-FOR-US: OpenVMS
 CVE-2017-17481
 	RESERVED
-CVE-2017-17480
+CVE-2017-17480 (In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ...)
 	{DSA-4405-1 DLA-1579-1}
 	- openjpeg2 2.3.0-2 (bug #884738)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1044
 	NOTE: https://github.com/uclouvain/openjpeg/commit/0bc90e4062a5f9258c91eca018c019b179066c62
-CVE-2017-17479
+CVE-2017-17479 (In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ...)
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1044
 	NOTE: Debian packaging does not build JPWL, has BUILD_JPWL:BOOL=OFF
-CVE-2017-17478
+CVE-2017-17478 (An XSS issue was discovered in Designer Studio in Pegasystems Pega Pla ...)
 	NOT-FOR-US: Pegasystems Pega Platform
 CVE-2017-17477
 	RESERVED
-CVE-2017-17475
+CVE-2017-17475 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17474
+CVE-2017-17474 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17473
+CVE-2017-17473 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17472
+CVE-2017-17472 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17471
+CVE-2017-17471 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17470
+CVE-2017-17470 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17469
+CVE-2017-17469 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17468
+CVE-2017-17468 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to gain privile ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17467
+CVE-2017-17467 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17466
+CVE-2017-17466 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to gain privile ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17465
+CVE-2017-17465 (K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer de ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-17464
+CVE-2017-17464 (K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer de ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-17463
+CVE-2017-17463 (Vivo modems allow remote attackers to obtain sensitive information by  ...)
 	NOT-FOR-US: Vivo modems
 CVE-2017-17462
 	RESERVED
@@ -3064,13 +3064,13 @@ CVE-2017-17461
 	REJECTED
 CVE-2017-17460
 	RESERVED
-CVE-2017-17459
+CVE-2017-17459 (http_transport.c in Fossil before 2.4, when the SSH sync protocol is u ...)
 	- fossil 1:2.4-1
 	[stretch] - fossil <no-dsa> (Minor issue)
 	[jessie] - fossil <no-dsa> (Minor issue)
 	[wheezy] - fossil <no-dsa> (Minor issue)
 	NOTE: https://www.fossil-scm.org/xfer/info/1f63db591c77108c
-CVE-2017-17458
+CVE-2017-17458 (In Mercurial before 4.4.1, it is possible that a specially malformed r ...)
 	{DLA-1414-2 DLA-1414-1 DLA-1224-1}
 	- mercurial 4.4.1-1
 	NOTE: https://bz.mercurial-scm.org/show_bug.cgi?id=5730
@@ -3078,47 +3078,47 @@ CVE-2017-17458
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.4.1_.282017-11-07.29
 	NOTE: Fixed by: https://mercurial-scm.org/repo/hg/rev/071cbeba4212
 	NOTE: Alternative workaround/additionally needed: https://mercurial-scm.org/repo/hg/rev/5e27afeddaee
-CVE-2017-1002102
+CVE-2017-1002102 (In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to version ...)
 	- kubernetes 1.7.16+dfsg-1 (bug #894051)
 	NOTE: https://github.com/kubernetes/kubernetes/issues/60814
-CVE-2017-1002101
+CVE-2017-1002101 (In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to version ...)
 	- kubernetes 1.7.16+dfsg-1 (bug #892801)
 	NOTE: https://github.com/kubernetes/kubernetes/issues/60813
-CVE-2017-17457
+CVE-2017-17457 (The function d2ulaw_array() in ulaw.c of libsndfile 1.0.29pre1 may lea ...)
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (low; bug #884735)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/344
 	NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
-CVE-2017-17456
+CVE-2017-17456 (The function d2alaw_array() in alaw.c of libsndfile 1.0.29pre1 may lea ...)
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (low; bug #884735)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/344
 	NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
-CVE-2017-17455
+CVE-2017-17455 (Mahara 16.10 before 16.10.7, 17.04 before 17.04.5, and 17.10 before 17 ...)
 	- mahara <removed>
-CVE-2017-17454
+CVE-2017-17454 (Mahara 16.10 before 16.10.7 and 17.04 before 17.04.5 and 17.10 before  ...)
 	- mahara <removed>
 CVE-2017-17453
 	RESERVED
 CVE-2017-17452
 	RESERVED
-CVE-2017-17451
+CVE-2017-17451 (The WP Mailster plugin before 1.5.5 for WordPress has XSS in the unsub ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-17450
+CVE-2017-17450 (net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not req ...)
 	{DSA-4082-1 DSA-4073-1}
 	- linux 4.14.7-1
 	[wheezy] - linux <ignored> (User namespaces not supported)
 	NOTE: https://lkml.org/lkml/2017/12/5/982
-CVE-2017-17449
+CVE-2017-17449 (The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in  ...)
 	{DSA-4082-1 DSA-4073-1}
 	- linux 4.14.7-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lkml.org/lkml/2017/12/5/950
-CVE-2017-17448
+CVE-2017-17448 (net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4  ...)
 	{DSA-4082-1 DSA-4073-1}
 	- linux 4.14.7-1
 	[wheezy] - linux <ignored> (User namespaces not supported)
@@ -3129,13 +3129,13 @@ CVE-2017-17445
 	RESERVED
 CVE-2017-17444
 	RESERVED
-CVE-2017-17443
+CVE-2017-17443 (OPC Foundation Local Discovery Server (LDS) 1.03.370 required a securi ...)
 	NOT-FOR-US: OPC Foundation Local Discovery Server
-CVE-2017-17442
+CVE-2017-17442 (In BlackBerry UEM Management Console version 12.7.1 and earlier, a ref ...)
 	NOT-FOR-US: BlackBerry
 CVE-2017-17441
 	RESERVED
-CVE-2017-17446
+CVE-2017-17446 (The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Gam ...)
 	- game-music-emu 0.6.2-1 (bug #883691)
 	[stretch] - game-music-emu <no-dsa> (Minor issue)
 	[jessie] - game-music-emu <no-dsa> (Minor issue)
@@ -3143,13 +3143,13 @@ CVE-2017-17446
 	NOTE: https://bitbucket.org/mpyne/game-music-emu/issues/14/addresssanitizer-negative-size-param-size
 	NOTE: Patch: https://bitbucket.org/mpyne/game-music-emu/commits/205290614cdc057541b26adeea05a9d45993f860
 	NOTE: Additional hardening: https://bitbucket.org/mpyne/game-music-emu/commits/4a441e94cba14268bc4e983d4dfd6ed112084d00
-CVE-2017-17440
+CVE-2017-17440 (GNU Libextractor 1.6 allows remote attackers to cause a denial of serv ...)
 	- libextractor 1:1.6-2 (bug #883528)
 	[stretch] - libextractor 1:1.3-4+deb9u1
 	[jessie] - libextractor 1:1.3-2+deb8u1
 	[wheezy] - libextractor <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e
-CVE-2017-17439
+CVE-2017-17439 (In Heimdal through 7.4, remote unauthenticated attackers are able to c ...)
 	{DSA-4055-1}
 	- heimdal 7.5.0+dfsg-1 (bug #878144)
 	[jessie] - heimdal <not-affected> (Vulnerability introduced in 7.0)
@@ -3161,104 +3161,104 @@ CVE-2017-17438
 	RESERVED
 CVE-2017-17437
 	RESERVED
-CVE-2017-17436
+CVE-2017-17436 (An issue was discovered in the software on Vaultek Gun Safe VT20i prod ...)
 	NOT-FOR-US: Vaultek Gun Safe
-CVE-2017-17435
+CVE-2017-17435 (An issue was discovered in the software on Vaultek Gun Safe VT20i prod ...)
 	NOT-FOR-US: Vaultek Gun Safe
-CVE-2017-17434
+CVE-2017-17434 (The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, do ...)
 	{DSA-4068-1 DLA-1218-1}
 	- rsync 3.1.2-2.1 (bug #883665)
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=5509597decdbd7b91994210f700329d8a35e70a1
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=70aeb5fddd1b2f8e143276f8d5a085db16c593b9
-CVE-2017-17433
+CVE-2017-17433 (The recv_files function in receiver.c in the daemon in rsync 3.1.2, an ...)
 	{DSA-4068-1 DLA-1218-1}
 	- rsync 3.1.2-2.1 (bug #883667)
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51
-CVE-2017-17431
+CVE-2017-17431 (GeniXCMS 1.1.5 has XSS via the from, id, lang, menuid, mod, q, status, ...)
 	NOT-FOR-US: GeniXCMS
-CVE-2017-17430
+CVE-2017-17430 (Sangoma NetBorder / Vega Session Controller before 2.3.12-80-GA allows ...)
 	NOT-FOR-US: Sangoma NetBorder / Vega Session Controller
-CVE-2017-17429
+CVE-2017-17429 (In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-17428
+CVE-2017-17428 (Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kit ...)
 	NOT-FOR-US: Cisco ACE
 	NOTE: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher
 	NOTE: https://robotattack.org/
-CVE-2017-17427
+CVE-2017-17427 (Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3 ...)
 	NOT-FOR-US: Radware
 	NOTE: https://portals.radware.com/getattachment/21be0b7b-fa1c-4cbc-8bd2-c19946aee270/Security-Advisory-Adaptive-chosen-ciphertext-atta/
 	NOTE: https://robotattack.org/
-CVE-2017-17426
+CVE-2017-17426 (The malloc function in the GNU C Library (aka glibc or libc6) 2.26 cou ...)
 	- glibc <not-affected> (Issue introduced in glibc-2.26 with addition of per-thread cache to malloc)
 	- eglibc <not-affected> (Issue introduced in glibc-2.26 with addition of per-thread cache to malloc)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22375
 	NOTE: Introduced by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d5c3fafc4307c9b7a4c7d5cb381fcdbfad340bcc
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=34697694e8a93b325b18f25f7dcded55d6baeaf6
 	NOTE: The upload of 2.26-0experimental2 to experimental fixed the issue (cf. #883729).
-CVE-2017-1000410
+CVE-2017-1000410 (The Linux kernel version 3.3-rc1 and later is affected by a vulnerabil ...)
 	{DSA-4082-1 DSA-4073-1}
 	- linux 4.14.7-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.3)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/12/06/3
-CVE-2017-1000409
+CVE-2017-1000409 (A buffer overflow in glibc 2.5 (released on September 29, 2006) and ca ...)
 	- glibc 2.25-5 (bug #884133)
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <no-dsa> (Minor issue)
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/12/11/4
-CVE-2017-1000408
+CVE-2017-1000408 (A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached ...)
 	- glibc 2.25-5 (bug #884132)
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <no-dsa> (Minor issue)
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/12/11/4
-CVE-2017-17432
+CVE-2017-17432 (OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, w ...)
 	{DSA-4067-1 DLA-1213-1}
 	- openafs 1.6.22-1 (bug #883602)
 	NOTE: https://www.openafs.org/pages/security/OPENAFS-SA-2017-001.txt
-CVE-2017-17425
+CVE-2017-17425 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17424
+CVE-2017-17424 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17423
+CVE-2017-17423 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17422
+CVE-2017-17422 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17421
+CVE-2017-17421 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17420
+CVE-2017-17420 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17419
+CVE-2017-17419 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17418
+CVE-2017-17418 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17417
+CVE-2017-17417 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17416
+CVE-2017-17416 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17415
+CVE-2017-17415 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17414
+CVE-2017-17414 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17413
+CVE-2017-17413 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17412
+CVE-2017-17412 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2017-17411
+CVE-2017-17411 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: web management portal of Linksys WVBR0 WVBR0
-CVE-2017-17410
+CVE-2017-17410 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Bitdefender Internet Security 2018
-CVE-2017-17409
+CVE-2017-17409 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Bitdefender Internet Security 2018
-CVE-2017-17408
+CVE-2017-17408 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Bitdefender Internet Security 2018
-CVE-2017-17407
+CVE-2017-17407 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: NetGain
-CVE-2017-17406
+CVE-2017-17406 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: NetGain
-CVE-2017-17405
+CVE-2017-17405 (Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, get ...)
 	{DSA-4259-1 DLA-1421-1 DLA-1222-1 DLA-1221-1}
 	- ruby2.5 2.5.0~rc1-1 (bug #884437)
 	- ruby2.3 2.3.6-1 (bug #884438)
@@ -3309,15 +3309,15 @@ CVE-2017-17386
 	RESERVED
 CVE-2017-17385
 	RESERVED
-CVE-2017-17384
+CVE-2017-17384 (ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain ...)
 	NOT-FOR-US: ISPConfig
-CVE-2017-17383
+CVE-2017-17383 (Jenkins through 2.93 allows remote authenticated administrators to con ...)
 	- jenkins <removed>
-CVE-2017-17382
+CVE-2017-17382 (Citrix NetScaler Application Delivery Controller (ADC) and NetScaler G ...)
 	NOT-FOR-US: Citrix
 	NOTE: https://support.citrix.com/article/CTX230238
 	NOTE: https://robotattack.org/
-CVE-2017-17381
+CVE-2017-17381 (The Virtio Vring implementation in QEMU allows local OS guest users to ...)
 	{DSA-4213-1}
 	- qemu 1:2.11+dfsg-1 (bug #883625)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -3425,109 +3425,109 @@ CVE-2017-17332
 	RESERVED
 CVE-2017-17331
 	RESERVED
-CVE-2017-17330
+CVE-2017-17330 (Huawei AR3200 V200R005C32; V200R006C10; V200R006C11; V200R007C00; V200 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17329
+CVE-2017-17329 (Huawei ViewPoint 8660 V100R008C03 have a memory leak vulnerability. Th ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17328
+CVE-2017-17328 (Huawei smartphones with software of MHA-AL00AC00B125 have an integer o ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17327
+CVE-2017-17327 (Huawei smartphones with software of MHA-AL00AC00B125 have an improper  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17326
+CVE-2017-17326 (Huawei Mate 9 Pro Smartphones with software of LON-AL00BC00B139D; LON- ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17325
+CVE-2017-17325 (Huawei video applications HiCinema with software of 8.0.3.308; 8.0.4.3 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17324
+CVE-2017-17324 (Huawei Mate 9 Pro smartphones with software LON-AL00BC00B139D; LON-AL0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17323
+CVE-2017-17323 (Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper aut ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17322
+CVE-2017-17322 (Huawei Honor Smart Scale Application with software of 1.1.1 has an inf ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17321
+CVE-2017-17321 (Huawei eNSP software with software of versions earlier than V100R002C0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17320
+CVE-2017-17320 (Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON- ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17319
+CVE-2017-17319 (Huawei P9 smartphones with the versions before EVA-AL10C00B399SP02 hav ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17318
+CVE-2017-17318 (Huawei MBB (Mobile Broadband) products E5771h-937 with the versions be ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17317
+CVE-2017-17317 (Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17316
+CVE-2017-17316 (Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17315
+CVE-2017-17315 (Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17314
+CVE-2017-17314 (Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17313
+CVE-2017-17313 (The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earl ...)
 	NOT-FOR-US: inputhub driver of HUAWEI P9 Lite mobile phones
-CVE-2017-17312
+CVE-2017-17312 (Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17311
+CVE-2017-17311 (Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17310
+CVE-2017-17310 (Electronic Numbers to URI Mapping (ENUM) module in some Huawei product ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17309
+CVE-2017-17309 (Huawei HG255s-10 V100R001C163B025SP02 has a path traversal vulnerabili ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17308
+CVE-2017-17308 (SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17307
+CVE-2017-17307 (Some Huawei Smartphones with software of VNS-L21AUTC555B141 have an ou ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17306
+CVE-2017-17306 (Some Huawei Smartphones with software of VNS-L21AUTC555B141, VNS-L21C1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17305
+CVE-2017-17305 (Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17304
+CVE-2017-17304 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; V500R ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17303
+CVE-2017-17303 (Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17302
+CVE-2017-17302 (Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17301
+CVE-2017-17301 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17300
+CVE-2017-17300 (Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17299
+CVE-2017-17299 (Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17298
+CVE-2017-17298 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17297
+CVE-2017-17297 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17296
+CVE-2017-17296 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17295
+CVE-2017-17295 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17294
+CVE-2017-17294 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17293
+CVE-2017-17293 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17292
+CVE-2017-17292 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17291
+CVE-2017-17291 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17290
+CVE-2017-17290 (The Light Directory Access Protocol (LDAP) clients of Huawei TE60 with ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17289
+CVE-2017-17289 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17288
+CVE-2017-17288 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17287
+CVE-2017-17287 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V20 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17286
+CVE-2017-17286 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V20 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17285
+CVE-2017-17285 (Bluetooth module in some Huawei mobile phones with software LON-AL00BC ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17284
+CVE-2017-17284 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17283
+CVE-2017-17283 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17282
+CVE-2017-17282 (SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17281
+CVE-2017-17281 (SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17280
+CVE-2017-17280 (NFC (Near Field Communication) module in Huawei mobile phones with sof ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17279
+CVE-2017-17279 (The soundtrigger module in Huawei Mate 9 Pro smart phones with softwar ...)
 	NOT-FOR-US: Huawei
 CVE-2017-17278
 	REJECTED
@@ -3569,23 +3569,23 @@ CVE-2017-17260
 	REJECTED
 CVE-2017-17259
 	REJECTED
-CVE-2017-17258
+CVE-2017-17258 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17257
+CVE-2017-17257 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17256
+CVE-2017-17256 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17255
+CVE-2017-17255 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17254
+CVE-2017-17254 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17253
+CVE-2017-17253 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17252
+CVE-2017-17252 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17251
+CVE-2017-17251 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17250
+CVE-2017-17250 (Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32;  ...)
 	NOT-FOR-US: Huawei
 CVE-2017-17249
 	REJECTED
@@ -3631,31 +3631,31 @@ CVE-2017-17229
 	REJECTED
 CVE-2017-17228
 	REJECTED
-CVE-2017-17227
+CVE-2017-17227 (GPU driver in Huawei Mate 10 smart phones with the versions before ALP ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17226
+CVE-2017-17226 (The TripAdvisor app with the versions before TAMobileApp-24.6.4 pre-in ...)
 	NOT-FOR-US: The TripAdvisor app on Huawei
-CVE-2017-17225
+CVE-2017-17225 (The Near Field Communication (NFC) module in Huawei Mate 9 Pro mobile  ...)
 	NOT-FOR-US: Huawei
 CVE-2017-17224
 	RESERVED
-CVE-2017-17223
+CVE-2017-17223 (Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 V ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17222
+CVE-2017-17222 (Import Language Package function in Huawei eSpace 7950 V200R003C30; eS ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17221
+CVE-2017-17221 (Import Signal Tone function in Huawei eSpace 7950 V200R003C30; eSpace  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17220
+CVE-2017-17220 (SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17219
+CVE-2017-17219 (SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17218
+CVE-2017-17218 (SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17217
+CVE-2017-17217 (Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP2 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17216
+CVE-2017-17216 (Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP2 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17215
+CVE-2017-17215 (Huawei HG532 with some customized versions has a remote code execution ...)
 	NOT-FOR-US: Huawei
 CVE-2017-17214
 	REJECTED
@@ -3681,13 +3681,13 @@ CVE-2017-17204
 	REJECTED
 CVE-2017-17203
 	REJECTED
-CVE-2017-17202
+CVE-2017-17202 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V20 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17201
+CVE-2017-17201 (Some huawei smartphones with software BTV-DL09C233B350, Berlin-L21HNC4 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17200
+CVE-2017-17200 (Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17199
+CVE-2017-17199 (Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
 CVE-2017-17198
 	REJECTED
@@ -3711,17 +3711,17 @@ CVE-2017-17189
 	REJECTED
 CVE-2017-17188
 	REJECTED
-CVE-2017-17187
+CVE-2017-17187 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17186
+CVE-2017-17186 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17185
+CVE-2017-17185 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17184
+CVE-2017-17184 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17183
+CVE-2017-17183 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17182
+CVE-2017-17182 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
 CVE-2017-17181
 	REJECTED
@@ -3733,114 +3733,114 @@ CVE-2017-17178
 	REJECTED
 CVE-2017-17177
 	REJECTED
-CVE-2017-17176
+CVE-2017-17176 (The hardware security module of Mate 9 and Mate 9 Pro Huawei smart pho ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17175
+CVE-2017-17175 (Short Message Service (SMS) module of Mate 9 Pro Huawei smart phones w ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17174
+CVE-2017-17174 (Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17173
+CVE-2017-17173 (Due to insufficient parameters verification GPU driver of Mate 9 Pro H ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17172
+CVE-2017-17172 (Huawei smart phones LYO-L21 with software LYO-L21C479B107, LYO-L21C479 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17171
+CVE-2017-17171 (Some Huawei smart phones have the denial of service (DoS) vulnerabilit ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17170
+CVE-2017-17170 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; V500R ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17169
+CVE-2017-17169 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; V500R ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17168
+CVE-2017-17168 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; V500R ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17167
+CVE-2017-17167 (Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17166
+CVE-2017-17166 (Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20,  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17165
+CVE-2017-17165 (IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17164
+CVE-2017-17164 (Huawei Secospace AntiDDoS8000 V500R001C20SPC500 have a memory leak vul ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17163
+CVE-2017-17163 (Huawei Secospace USG6600 V500R001C30SPC100 has an Out-of-Bounds memory ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17162
+CVE-2017-17162 (Huawei Secospace USG6600 V500R001C30SPC100, Secospace USG6600 V500R001 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17161
+CVE-2017-17161 (The 'Find Phone' function in some Huawei smart phones with software ea ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17160
+CVE-2017-17160 (Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17159
+CVE-2017-17159 (Some Huawei smart phones with software of NXT-AL10C00B386, NXT-CL00C92 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17158
+CVE-2017-17158 (Some Huawei smart phones with the versions before Berlin-L21HNC185B381 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17157
+CVE-2017-17157 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17156
+CVE-2017-17156 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17155
+CVE-2017-17155 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17154
+CVE-2017-17154 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17153
+CVE-2017-17153 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17152
+CVE-2017-17152 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17151
+CVE-2017-17151 (Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR15 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17150
+CVE-2017-17150 (Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17149
+CVE-2017-17149 (Huawei HiWallet App with the versions before 8.0.4 has an arbitrary lo ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17148
+CVE-2017-17148 (Huawei DP300 V500R002C00 have a DoS vulnerability due to the lack of v ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17147
+CVE-2017-17147 (Huawei DP300 V500R002C00 have an integer overflow vulnerability due to ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17146
+CVE-2017-17146 (Huawei DP300 V500R002C00 have a buffer overflow vulnerability due to t ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17145
+CVE-2017-17145 (Huawei Honor V9 Play smart phones with the versions before Jimmy-AL00A ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17144
+CVE-2017-17144 (Backup feature of SIP module in Huawei DP300 V500R002C00; V500R002C00S ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17143
+CVE-2017-17143 (SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; V500R002C00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17142
+CVE-2017-17142 (SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; V500R002C00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17141
+CVE-2017-17141 (Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17140
+CVE-2017-17140 (Huawei Enjoy 5s and Y6 Pro smartphones with software the versions befo ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17139
+CVE-2017-17139 (Huawei Mate 9 and Mate 9 pro smart phones with software the versions b ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17138
+CVE-2017-17138 (PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30;  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17137
+CVE-2017-17137 (PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17136
+CVE-2017-17136 (PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17135
+CVE-2017-17135 (PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17134
+CVE-2017-17134 (XML parser in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17133
+CVE-2017-17133 (Huawei VP9660 V500R002C10 has a null pointer reference vulnerability i ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17132
+CVE-2017-17132 (Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerabili ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17131
+CVE-2017-17131 (Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-17130
+CVE-2017-17130 (The ff_free_picture_tables function in libavcodec/mpegpicture.c in Lib ...)
 	{DLA-1630-1}
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1100
-CVE-2017-17129
+CVE-2017-17129 (The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12. ...)
 	- libav <not-affected> (Vulnerable code introduced in 12.x)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1101
-CVE-2017-17128
+CVE-2017-17128 (The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2  ...)
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1104
-CVE-2017-17127
+CVE-2017-17127 (The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 all ...)
 	- libav <removed>
 	[jessie] - libav <ignored> (Minor issue)
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1099
-CVE-2017-17126
+CVE-2017-17126 (The load_debug_section function in readelf.c in GNU Binutils 2.29.1 al ...)
 	[experimental] - binutils 2.29.51.20171208-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -3848,7 +3848,7 @@ CVE-2017-17126
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22510
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f425ec6600b69e39eb605f3128806ff688137ea8
-CVE-2017-17125
+CVE-2017-17125 (nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global sym ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -3856,7 +3856,7 @@ CVE-2017-17125
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22443
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=160b1a618ad94988410dc81fce9189fcda5b7ff4
-CVE-2017-17124
+CVE-2017-17124 (The _bfd_coff_read_string_table function in coffgen.c in the Binary Fi ...)
 	[experimental] - binutils 2.29.51.20171208-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -3864,7 +3864,7 @@ CVE-2017-17124
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22507
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b0029dce6867de1a2828293177b0e030d2f0f03c
-CVE-2017-17123
+CVE-2017-17123 (The coff_slurp_reloc_table function in coffcode.h in the Binary File D ...)
 	[experimental] - binutils 2.29.51.20171208-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -3872,7 +3872,7 @@ CVE-2017-17123
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22509
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=4581a1c7d304ce14e714b27522ebf3d0188d6543
-CVE-2017-17122
+CVE-2017-17122 (The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29. ...)
 	[experimental] - binutils 2.29.51.20171208-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -3880,7 +3880,7 @@ CVE-2017-17122
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22508
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d785b7d4b877ed465d04072e17ca19d0f47d840f
-CVE-2017-17121
+CVE-2017-17121 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	[experimental] - binutils 2.29.51.20171208-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -3900,101 +3900,101 @@ CVE-2017-17116
 	RESERVED
 CVE-2017-17115
 	RESERVED
-CVE-2017-17114
+CVE-2017-17114 (ntguard.sys and ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16. ...)
 	NOT-FOR-US: IKARUS
-CVE-2017-17113
+CVE-2017-17113 (ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL po ...)
 	NOT-FOR-US: IKARUS
-CVE-2017-17112
+CVE-2017-17112 (ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a Pool Co ...)
 	NOT-FOR-US: IKARUS
-CVE-2017-17111
+CVE-2017-17111 (Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQ ...)
 	NOT-FOR-US: Posty Readymade Classifieds Script
-CVE-2017-17110
+CVE-2017-17110 (Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL ...)
 	NOT-FOR-US: Techno Portfolio Management Panel
 CVE-2017-17109
 	RESERVED
-CVE-2017-17108
+CVE-2017-17108 (Path traversal vulnerability in the administrative panel in KonaKart e ...)
 	NOT-FOR-US: KonaKart eCommerce Platform
-CVE-2017-17107
+CVE-2017-17107 (Zivif PR115-204-P-RS V2.3.4.2103 web cameras contain a hard-coded cat1 ...)
 	NOT-FOR-US: Zivif web cameras
-CVE-2017-17106
+CVE-2017-17106 (Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtain ...)
 	NOT-FOR-US: Zivif web cameras
-CVE-2017-17105
+CVE-2017-17105 (Zivif PR115-204-P-RS V2.3.4.2103 web cameras are vulnerable to unauthe ...)
 	NOT-FOR-US: Zivif web cameras
-CVE-2017-17104
+CVE-2017-17104 (Fiyo CMS 2.0.7 has an arbitrary file read vulnerability in dapur/apps/ ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-17103
+CVE-2017-17103 (Fiyo CMS 2.0.7 has SQL injection in /apps/app_user/sys_user.php via $_ ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-17102
+CVE-2017-17102 (Fiyo CMS 2.0.7 has SQL injection in /system/site.php via $_REQUEST['li ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-17101
+CVE-2017-17101 (An issue was discovered in Apexis APM-H803-MPC software, as used with  ...)
 	NOT-FOR-US: Apexis
 CVE-2017-17100
 	RESERVED
-CVE-2017-17099
+CVE-2017-17099 (There exists an unauthenticated SEH based Buffer Overflow vulnerabilit ...)
 	NOT-FOR-US: Flexense SyncBreeze Enterprise
-CVE-2017-17098
+CVE-2017-17098 (The writeLog function in fn_common.php in gps-server.net GPS Tracking  ...)
 	NOT-FOR-US: gps-server.net GPS Tracking Software
-CVE-2017-17097
+CVE-2017-17097 (gps-server.net GPS Tracking Software (self hosted) 2.x has a password  ...)
 	NOT-FOR-US: gps-server.net GPS Tracking Software
-CVE-2017-17096
+CVE-2017-17096 (Cross-site scripting (XSS) vulnerability in the Content Cards plugin b ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-17090
+CVE-2017-17090 (An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18 ...)
 	{DSA-4076-1 DLA-1225-1}
 	- asterisk 1:13.18.3~dfsg-1 (bug #883342)
 	NOTE: http://downloads.digium.com/pub/security/AST-2017-013.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27452
-CVE-2017-17089
+CVE-2017-17089 (custom/run.cgi in Webmin before 1.870 allows remote authenticated admi ...)
 	- webmin <removed>
-CVE-2017-17091
+CVE-2017-17091 (wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser k ...)
 	{DSA-4090-1 DLA-1216-1}
 	- wordpress 4.9.1+dfsg-1 (bug #883314)
 	NOTE: https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
 	NOTE: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
-CVE-2017-17093
+CVE-2017-17093 (wp-includes/general-template.php in WordPress before 4.9.1 does not pr ...)
 	{DSA-4090-1 DLA-1216-1}
 	- wordpress 4.9.1+dfsg-1 (bug #883314)
 	NOTE: https://github.com/WordPress/WordPress/commit/3713ac5ebc90fb2011e98dfd691420f43da6c09a
 	NOTE: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
-CVE-2017-17094
+CVE-2017-17094 (wp-includes/feed.php in WordPress before 4.9.1 does not properly restr ...)
 	{DSA-4090-1 DLA-1216-1}
 	- wordpress 4.9.1+dfsg-1 (bug #883314)
 	NOTE: https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de
 	NOTE: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
-CVE-2017-17092
+CVE-2017-17092 (wp-includes/functions.php in WordPress before 4.9.1 does not require t ...)
 	{DSA-4090-1 DLA-1216-1}
 	- wordpress 4.9.1+dfsg-1 (bug #883314)
 	NOTE: https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
 	NOTE: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
-CVE-2017-17095
+CVE-2017-17095 (tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to ...)
 	{DSA-4349-1}
 	- tiff 4.0.9-5 (unimportant; bug #883320)
 	- tiff3 <removed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2750
 	NOTE: Crash in CLI tool not treated as a security issue
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/9171da596c88e6a2dadcab4a3a89dddd6e1b4655
-CVE-2017-17088
+CVE-2017-17088 (The Enterprise version of SyncBreeze 10.2.12 and earlier is affected b ...)
 	NOT-FOR-US: SyncBreeze
-CVE-2017-17087
+CVE-2017-17087 (fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp f ...)
 	- vim 2:8.0.1401-1
 	[stretch] - vim <no-dsa> (Minor issue)
 	[jessie] - vim <no-dsa> (Minor issue)
 	[wheezy] - vim <no-dsa> (Minor issue)
 	NOTE: https://github.com/vim/vim/commit/5a73e0ca54c77e067c3b12ea6f35e3e8681e8cf8 (8.0.1263)
-CVE-2017-17086
+CVE-2017-17086 (Indeo Otter through 1.7.4 mishandles a "&lt;/script&gt;" substring in  ...)
 	NOT-FOR-US: Indeo Otter
-CVE-2017-17085
+CVE-2017-17085 (In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissec ...)
 	{DSA-4060-1 DLA-1226-1}
 	- wireshark 2.4.3-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14250
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f5939debe96e3c3953c6020818f1fbb80eb83ce8
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-49.html
-CVE-2017-17084
+CVE-2017-17084 (In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissect ...)
 	{DSA-4060-1 DLA-1226-1}
 	- wireshark 2.4.3-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14236
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8502fe94ef9e431860921507e1a351c5e3f5c634
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-47.html
-CVE-2017-17083
+CVE-2017-17083 (In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector ...)
 	{DSA-4060-1 DLA-1226-1}
 	- wireshark 2.4.3-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14249
@@ -4002,11 +4002,11 @@ CVE-2017-17083
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-48.html
 CVE-2017-17082
 	REJECTED
-CVE-2017-17081
+CVE-2017-17081 (The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 3.4 do ...)
 	{DSA-4099-1}
 	- ffmpeg 7:3.4.1-1
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/58cf31cee7a456057f337b3102a03206d833d5e8
-CVE-2017-17080
+CVE-2017-17080 (elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as dis ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -4033,30 +4033,30 @@ CVE-2017-17071
 	REJECTED
 CVE-2017-17070
 	REJECTED
-CVE-2017-17069
+CVE-2017-17069 (ActiveSetupN.exe in Amazon Audible for Windows before November 2017 al ...)
 	NOT-FOR-US: ActiveSetupN.exe in Amazon Audible for Windows
-CVE-2017-17068
+CVE-2017-17068 (A cross-origin vulnerability has been discovered in the Auth0 auth0.js ...)
 	NOT-FOR-US: Auth0 auth0.js library
-CVE-2017-17067
+CVE-2017-17067 (Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6 ...)
 	NOT-FOR-US: Splunk Web
-CVE-2017-17066
+CVE-2017-17066 (The (1) i2pd before 2.17 and (2) kovri pre-alpha implementations of th ...)
 	- i2pd <not-affected> (Fixed before/with the initial upload to Debian)
 	NOTE: Issue fixed with 2.17.0 upstream
-CVE-2017-17065
+CVE-2017-17065 (An issue was discovered on D-Link DIR-605L Model B before FW2.11betaB0 ...)
 	NOT-FOR-US: D-Link
 CVE-2017-17064
 	RESERVED
 CVE-2017-17063
 	RESERVED
-CVE-2017-17062
+CVE-2017-17062 (The backend component in Open-Xchange OX App Suite before 7.6.3-rev35, ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2017-17061
 	RESERVED
 CVE-2017-17060
 	RESERVED
-CVE-2017-17059
+CVE-2017-17059 (XSS exists in the amtyThumb amty-thumb-recent-post (aka amtyThumb post ...)
 	NOT-FOR-US: WordPress plugin wp-thumb-post
-CVE-2017-1000385
+CVE-2017-1000385 (The Erlang otp TLS server answers with different TLS alerts to differe ...)
 	{DSA-4057-1 DLA-1207-1}
 	- erlang 1:20.1.7+dfsg-1
 	NOTE: https://groups.google.com/forum/#!topic/erlang-programming/J0LH-j6fRlM
@@ -4064,43 +4064,43 @@ CVE-2017-1000385
 	NOTE: https://github.com/erlang/otp/commit/3b4386dd19b7e669f557c95ace8d7ba228291927 (OTP-19.3.6.4)
 	NOTE: https://github.com/erlang/otp/commit/de3b9cdb8521d7edd524b4e17d1e3f883f832ec0 (OTP-18.3.4.7)
 	NOTE: https://robotattack.org/
-CVE-2017-17058
+CVE-2017-17058 (** DISPUTED ** The WooCommerce plugin through 3.x for WordPress has a  ...)
 	NOT-FOR-US: WooCommerce plugin for WordPress
-CVE-2017-17057
+CVE-2017-17057 (There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The  ...)
 	NOT-FOR-US: ZKTeco ZKTime Web Software
-CVE-2017-17056
+CVE-2017-17056 (The ZKTime Web Software 2.0.1.12280 allows the Administrator to elevat ...)
 	NOT-FOR-US: ZKTeco ZKTime Web Software
-CVE-2017-17055
+CVE-2017-17055 (Artica Web Proxy before 3.06.112911 allows remote attackers to execute ...)
 	NOT-FOR-US: Artica Web Proxy
-CVE-2017-17054
+CVE-2017-17054 (In aubio 0.4.6, a divide-by-zero error exists in the function new_aubi ...)
 	- aubio 0.4.6-1 (bug #883355)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <not-affected> (Vulnerability introduced in 0.4.3)
 	[wheezy] - aubio <not-affected> (Vulnerability introduced in 0.4.3)
 	NOTE: https://github.com/aubio/aubio/issues/148
-CVE-2017-17050
+CVE-2017-17050 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
-CVE-2017-17049
+CVE-2017-17049 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
 CVE-2017-17048
 	RESERVED
 CVE-2017-17047
 	RESERVED
-CVE-2017-17043
+CVE-2017-17043 (The Emag Marketplace Connector plugin 1.0.0 for WordPress has reflecte ...)
 	NOT-FOR-US: Emag Marketplace Connector for WordPress
-CVE-2017-17053
+CVE-2017-17053 (The init_new_context function in arch/x86/include/asm/mmu_context.h in ...)
 	- linux 4.12.12-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/ccd5b3235180eef3cfec337df1c8554ab151b5cc
-CVE-2017-17052
+CVE-2017-17052 (The mm_init function in kernel/fork.c in the Linux kernel before 4.12. ...)
 	- linux 4.12.12-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/2b7e8665b4ff51c034c55df3cff76518d1a9ee3a
-CVE-2017-17042
+CVE-2017-17042 (lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not ...)
 	- yard 0.9.12-1
 	[stretch] - yard <no-dsa> (Minor issue)
 	[jessie] - yard <no-dsa> (Minor issue)
@@ -4122,29 +4122,29 @@ CVE-2017-17035
 	RESERVED
 CVE-2017-17034
 	RESERVED
-CVE-2017-17033
+CVE-2017-17033 (A buffer overflow vulnerability in password function in QNAP QTS versi ...)
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17032
+CVE-2017-17032 (A buffer overflow vulnerability in password function in QNAP QTS versi ...)
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17031
+CVE-2017-17031 (A buffer overflow vulnerability in password function in QNAP QTS versi ...)
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17030
+CVE-2017-17030 (A buffer overflow vulnerability in login function in QNAP QTS version  ...)
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17029
+CVE-2017-17029 (A buffer overflow vulnerability in login function in QNAP QTS version  ...)
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17028
+CVE-2017-17028 (A buffer overflow vulnerability in external device function in QNAP QT ...)
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17027
+CVE-2017-17027 (A buffer overflow vulnerability in FTP service in QNAP QTS version 4.2 ...)
 	NOT-FOR-US: QNAP QTS
-CVE-2017-17045
+CVE-2017-17045 (An issue was discovered in Xen through 4.9.x allowing HVM guest OS use ...)
 	{DSA-4050-1 DLA-1559-1 DLA-1230-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-247.html
-CVE-2017-17044
+CVE-2017-17044 (An issue was discovered in Xen through 4.9.x allowing HVM guest OS use ...)
 	{DSA-4050-1 DLA-1559-1 DLA-1230-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-246.html
-CVE-2017-17046
+CVE-2017-17046 (An issue was discovered in Xen through 4.9.x on the ARM platform allow ...)
 	{DSA-4050-1 DLA-1549-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	[wheezy] - xen <not-affected> (arm not supported)
@@ -4161,7 +4161,7 @@ CVE-2017-17022
 	RESERVED
 CVE-2017-17021
 	RESERVED
-CVE-2017-17020
+CVE-2017-17020 (On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 ...)
 	NOT-FOR-US: D-Link
 CVE-2017-17019
 	RESERVED
@@ -4181,7 +4181,7 @@ CVE-2017-17012
 	RESERVED
 CVE-2017-17011
 	RESERVED
-CVE-2017-17010
+CVE-2017-17010 (Untrusted search path vulnerability in Content Manager Assistant for P ...)
 	NOT-FOR-US: Content Manager Assistant for PlayStation
 CVE-2017-17009
 	REJECTED
@@ -4207,7 +4207,7 @@ CVE-2017-16999
 	REJECTED
 CVE-2017-16998
 	REJECTED
-CVE-2017-16997
+CVE-2017-16997 (elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2 ...)
 	- glibc 2.25-6 (bug #884615)
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <no-dsa> (Minor issue)
@@ -4215,29 +4215,29 @@ CVE-2017-16997
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=22625
 	NOTE: Proposed patch: https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html
-CVE-2017-16996
+CVE-2017-16996 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local  ...)
 	- linux 4.14.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958
-CVE-2017-16995
+CVE-2017-16995 (The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel ...)
 	{DSA-4073-1}
 	- linux 4.14.7-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/95a762e2c8c942780948091f8f2a4f32fce1ac6f
-CVE-2017-1001004
+CVE-2017-1001004 (typed-function before 0.10.6 had an arbitrary code execution in the Ja ...)
 	NOT-FOR-US: typed-function
-CVE-2017-1001003
+CVE-2017-1001003 (math.js before 3.17.0 had an issue where private properties such as a  ...)
 	NOT-FOR-US: math.js
-CVE-2017-1001002
+CVE-2017-1001002 (math.js before 3.17.0 had an arbitrary code execution in the JavaScrip ...)
 	NOT-FOR-US: math.js
-CVE-2017-1000214
+CVE-2017-1000214 (GitPHP by xiphux is vulnerable to OS Command Injections ...)
 	NOT-FOR-US: GitPHP
-CVE-2017-1000207
+CVE-2017-1000207 (A vulnerability in Swagger-Parser's version &lt;= 1.0.30 and Swagger c ...)
 	NOT-FOR-US: Swagger-Parser
-CVE-2017-1000159
+CVE-2017-1000159 (Command injection in evince via filename when printing to PDF. This af ...)
 	{DLA-1204-1}
 	- evince 3.25.92-1 (low)
 	[stretch] - evince <no-dsa> (Minor issue)
@@ -4245,7 +4245,7 @@ CVE-2017-1000159
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=784947
 	NOTE: Introduced by: https://git.gnome.org/browse/evince/commit/?id=1fcca0b8041de0d6074d7e17fba174da36c65f99 (EVINCE_0_9_1)
 	NOTE: Fixed by: https://git.gnome.org/browse/evince/commit/?id=350404c76dc8601e2cdd2636490e2afc83d3090e (3.25.91)
-CVE-2017-16994
+CVE-2017-16994 (The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel b ...)
 	- linux 4.14.2-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in 4.0)
@@ -4313,48 +4313,48 @@ CVE-2017-16964
 	RESERVED
 CVE-2017-16963
 	RESERVED
-CVE-2017-16962
+CVE-2017-16962 (The WebMail components (Crystal, pronto, and pronto4) in CommuniGate P ...)
 	NOT-FOR-US: CommuniGate Pro
-CVE-2017-16961
+CVE-2017-16961 (A SQL injection vulnerability in core/inc/auto-modules.php in BigTree  ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-16960
+CVE-2017-16960 (TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authentic ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-16959
+CVE-2017-16959 (The locale feature in cgi-bin/luci on TP-Link TL-WVR, TL-WAR, TL-ER, a ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-16958
+CVE-2017-16958 (TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authentic ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-16957
+CVE-2017-16957 (TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authentic ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-16956
+CVE-2017-16956 (b3log Symphony (aka Sym) 2.2.0 allows an XSS attack by sending a priva ...)
 	NOT-FOR-US: b3log Symphony
-CVE-2017-16955
+CVE-2017-16955 (SQL injection vulnerability in the InLinks plugin through 1.1 for Word ...)
 	NOT-FOR-US: InLinks plugin for WordPress
 CVE-2017-16954
 	RESERVED
-CVE-2017-16953
+CVE-2017-16953 (connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic A ...)
 	NOT-FOR-US: ZTE
-CVE-2017-16952
+CVE-2017-16952 (KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: K-Multimedia Player
-CVE-2017-16951
+CVE-2017-16951 (Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Winamp
-CVE-2017-16950
+CVE-2017-16950 (Cross - site scripting (XSS) vulnerability in UrBackup Server before 2 ...)
 	- urbackup-server <itp> (bug #697325)
-CVE-2017-16949
+CVE-2017-16949 (An issue was discovered in the AccessKeys AccessPress Anonymous Post P ...)
 	NOT-FOR-US: AccessKeys AccessPress Anonymous Post Pro plugin for WordPress
-CVE-2017-16948
+CVE-2017-16948 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
 CVE-2017-16947
 	RESERVED
-CVE-2017-16946
+CVE-2017-16946 (The admin_edit function in app/Controller/UsersController.php in MISP  ...)
 	NOT-FOR-US: MISP
-CVE-2017-16945
+CVE-2017-16945 (The standardrestorer binary in Arq 5.10 and earlier for Mac allows loc ...)
 	NOT-FOR-US: standardrestorer binary in Arq
-CVE-2017-16942
+CVE-2017-16942 (In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists  ...)
 	- libsndfile 1.0.27-1
 	[jessie] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/341
-CVE-2017-16944
+CVE-2017-16944 (The receive_msg function in receive.c in the SMTP daemon in Exim 4.88  ...)
 	{DSA-4053-1}
 	- exim4 4.89-13 (bug #882671)
 	[jessie] - exim4 <not-affected> (ESMTP CHUNKING extension introduced in 4.88)
@@ -4363,7 +4363,7 @@ CVE-2017-16944
 	NOTE: https://git.exim.org/exim.git/commitdiff/178ecb70987f024f0e775d87c2f8b2cf587dd542
 	NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html
 	NOTE: 4.89-10 adds a workaround which disables the affected code by default
-CVE-2017-16943
+CVE-2017-16943 (The receive_msg function in receive.c in the SMTP daemon in Exim 4.88  ...)
 	{DSA-4053-1}
 	- exim4 4.89-12 (bug #882648)
 	[jessie] - exim4 <not-affected> (ESMTP CHUNKING extension introduced in 4.88)
@@ -4373,34 +4373,34 @@ CVE-2017-16943
 	NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html
 	NOTE: https://twitter.com/philpennock/status/934270613811875840
 	NOTE: 4.89-10 adds a workaround which disables the affected code by default
-CVE-2017-16941
+CVE-2017-16941 (** DISPUTED ** October CMS through 1.0.428 does not prevent use of .ht ...)
 	NOT-FOR-US: October CMS
 CVE-2017-16940
 	RESERVED
-CVE-2017-16939
+CVE-2017-16939 (The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Lin ...)
 	{DSA-4082-1 DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	NOTE: Fixed by: https://git.kernel.org/linus/1137b5e2529a8f5ca8ee709288ecba3e68044df2
-CVE-2017-16938
+CVE-2017-16938 (A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to c ...)
 	{DSA-4058-1 DLA-1196-1}
 	- optipng 0.7.6-1.1 (bug #878839)
 	NOTE: https://sourceforge.net/p/optipng/bugs/69/
 CVE-2017-16937
 	RESERVED
-CVE-2017-16936
+CVE-2017-16936 (Directory Traversal vulnerability in app_data_center on Shenzhen Tenda ...)
 	NOT-FOR-US: Shenzhen Tenda
-CVE-2017-16935
+CVE-2017-16935 (Ametys before 4.0.3 requires authentication only for URIs containing a ...)
 	NOT-FOR-US: Ametys CMS
-CVE-2017-16934
+CVE-2017-16934 (The web server on DBL DBLTek devices allows remote attackers to execut ...)
 	NOT-FOR-US: DBL DBLTek devices
-CVE-2017-16933
+CVE-2017-16933 (etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown ca ...)
 	- icinga2 2.8.4-1 (low; bug #883247)
 	[stretch] - icinga2 <no-dsa> (Minor issue)
 	[jessie] - icinga2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Icinga/icinga2/issues/5793
 	NOTE: CVE is for the unsafe use of chown(1)
-CVE-2017-16932
+CVE-2017-16932 (parser.c in libxml2 before 2.9.5 does not prevent infinite recursion i ...)
 	{DLA-1194-1}
 	[experimental] - libxml2 2.9.7+dfsg-1
 	- libxml2 <unfixed> (bug #882613)
@@ -4410,7 +4410,7 @@ CVE-2017-16932
 	NOTE: https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961
 	NOTE: Applying only 899a5d9f0ed13b8e32449a08a361e0de127dd961 does not completely
 	NOTE: fix the issue, see https://bugs.debian.org/882613#12 for discussion.
-CVE-2017-16931
+CVE-2017-16931 (parser.c in libxml2 before 2.9.5 mishandles parameter-entity reference ...)
 	{DLA-1194-1}
 	- libxml2 2.9.4+dfsg1-3.1
 	[stretch] - libxml2 2.9.4+dfsg1-2.2+deb9u1
@@ -4418,13 +4418,13 @@ CVE-2017-16931
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=766956
 	NOTE: https://github.com/GNOME/libxml2/commit/e26630548e7d138d2c560844c43820b6767251e3
 	NOTE: Not a duplicate but a variant of the issue of CVE-2017-9049 and CVE-2017-9050
-CVE-2017-16930
+CVE-2017-16930 (The remote management interface on the Claymore Dual GPU miner 10.1 al ...)
 	NOT-FOR-US: Claymore's Dual Ethereum+Decred AMD+NVIDIA GPU Miner
-CVE-2017-16929
+CVE-2017-16929 (The remote management interface on the Claymore Dual GPU miner 10.1 is ...)
 	NOT-FOR-US: Claymore's Dual Ethereum+Decred AMD+NVIDIA GPU Miner
-CVE-2017-16928
+CVE-2017-16928 (The arq_updater binary in Arq 5.10 and earlier for Mac allows local us ...)
 	NOT-FOR-US: arq_updater binary in Arq
-CVE-2017-16927
+CVE-2017-16927 (The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the sessio ...)
 	{DLA-1203-1}
 	- xrdp 0.9.4-3 (bug #882463)
 	[stretch] - xrdp 0.9.1-9+deb9u2
@@ -4433,7 +4433,7 @@ CVE-2017-16927
 	NOTE: https://groups.google.com/forum/#!topic/xrdp-devel/PmVfMuy_xBA
 	NOTE: Originally fixed with upstream patch in 0.9.4-2 but which caused regression
 	NOTE: thus marking it only as fixed in the followup version, cf. #884702
-CVE-2017-16926
+CVE-2017-16926 (Ohcount 3.0.0 is prone to a command injection via specially crafted fi ...)
 	- ohcount 3.1.0-1 (bug #882372)
 	[stretch] - ohcount <no-dsa> (Minor issue)
 	[jessie] - ohcount <no-dsa> (Minor issue)
@@ -4441,13 +4441,13 @@ CVE-2017-16926
 	NOTE: https://github.com/blackducksoftware/ohcount/commit/6bed45d6fb7c080ae5c163c12b4eb8749a3492ac (v3.1.0)
 CVE-2017-16925
 	RESERVED
-CVE-2017-16924
+CVE-2017-16924 (Remote Information Disclosure and Escalation of Privileges in ManageEn ...)
 	NOT-FOR-US: ManageEngine Desktop Central
-CVE-2017-16923
+CVE-2017-16923 (Command Injection vulnerability in app_data_center on Shenzhen Tenda A ...)
 	NOT-FOR-US: Shenzhen Tenda
-CVE-2017-16922
+CVE-2017-16922 (In com.wowza.wms.timedtext.http.HTTPProviderCaptionFile in Wowza Strea ...)
 	NOT-FOR-US: Wowza
-CVE-2017-16921
+CVE-2017-16921 (In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and includin ...)
 	{DSA-4066-1 DLA-1212-1}
 	- otrs2 6.0.2-1 (bug #883774)
 	NOTE: https://www.otrs.com/security-advisory-2017-09-security-update-otrs-framework/
@@ -4456,9 +4456,9 @@ CVE-2017-16921
 	NOTE: OTRS-5: https://github.com/OTRS/otrs/commit/d433518d7bd8e9e079af67ef9ea7079cd2f59646
 	NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/368bc37f137e6344f4db014ee2e03c38e2fc62d2
 	NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/4043ebb2580cd8f87e7758e95bf0d77eea5c82ae
-CVE-2017-16920
+CVE-2017-16920 (v5/config/system.php in dayrui FineCms 5.2.0 has a default SYS_KEY val ...)
 	NOT-FOR-US: dayrui FineCms
-CVE-2017-16919
+CVE-2017-16919 (MapOS 3.1.11 and earlier has a Stored Cross-site Scripting (XSS) vulne ...)
 	NOT-FOR-US: MapOS
 CVE-2017-16918
 	RESERVED
@@ -4468,47 +4468,47 @@ CVE-2017-16916
 	RESERVED
 CVE-2017-16915
 	RESERVED
-CVE-2017-16914
+CVE-2017-16914 (The "stub_send_ret_submit()" function (drivers/usb/usbip/stub_tx.c) in ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/be6123df1ea8f01ee2f896a16c2b7be3e4557a5a
-CVE-2017-16913
+CVE-2017-16913 (The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/c6688ef9f29762e65bce325ef4acd6c675806366
-CVE-2017-16912
+CVE-2017-16912 (The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) in the Linux K ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/635f545a7e8be7596b9b2b6a43cab6bbd5a88e43
-CVE-2017-16911
+CVE-2017-16911 (The vhci_hcd driver in the Linux Kernel before version 4.14.8 and 4.4. ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/2f2d0088eb93db5c649d2a5e34a3800a8a935fc5
-CVE-2017-16910
+CVE-2017-16910 (An error within the "LibRaw::xtrans_interpolate()" function (internal/ ...)
 	- libraw 0.18.6-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-19
 	NOTE: https://github.com/LibRaw/LibRaw/commit/2f59bac59dbcbf6bbcf01a9f3eed74307e96ca7e
-CVE-2017-16909
+CVE-2017-16909 (An error related to the "LibRaw::panasonic_load_raw()" function (dcraw ...)
 	- libraw 0.18.6-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-19
 	NOTE: https://github.com/LibRaw/LibRaw/commit/2f59bac59dbcbf6bbcf01a9f3eed74307e96ca7e
-CVE-2017-16908
+CVE-2017-16908 (In Horde Groupware 5.2.19, there is XSS via the Name field during crea ...)
 	- php-horde-kronolith 4.2.24-1 (bug #909738)
 	[jessie] - php-horde-kronolith <not-affected> (vulnerable code not present)
 	NOTE: http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html
 	NOTE: https://bugs.horde.org/ticket/14857
 	NOTE: https://github.com/horde/kronolith/commit/39f740068ad21618f6f70b6e37855c61cadbd716
-CVE-2017-16907
+CVE-2017-16907 (In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field ...)
 	{DLA-1536-1 DLA-1535-1}
 	- php-horde 5.2.18+debian0-1 (bug #909739)
 	- php-horde-core 2.31.3+debian0-1 (bug #909800)
@@ -4516,52 +4516,52 @@ CVE-2017-16907
 	NOTE: https://bugs.horde.org/ticket/14857
 	NOTE: php-horde: https://github.com/horde/base/commit/fb2113bbcd04bd4a28c46aad0889fb0a3979a230
 	NOTE: php-horde-core: https://github.com/horde/Core/commit/ecea6ea740419e19122a50579ba2903c1cb71d7a
-CVE-2017-16906
+CVE-2017-16906 (In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a  ...)
 	{DLA-1537-1}
 	- php-horde-kronolith 4.2.24-1 (bug #909737)
 	NOTE: http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html
 	NOTE: https://bugs.horde.org/ticket/14857
 	NOTE: https://github.com/horde/kronolith/commit/09d90141292f9ec516a7a2007bf828ce2bbdf60d
-CVE-2017-16905
+CVE-2017-16905 (The DuoLingo TinyCards application before 1.0 for Android has one use  ...)
 	NOT-FOR-US: DuoLingo TinyCards application
-CVE-2017-16904
+CVE-2017-16904 (The Public tologin feature in admin.php in LvyeCMS through 3.1 allows  ...)
 	NOT-FOR-US: LvyeCMS
-CVE-2017-16903
+CVE-2017-16903 (LvyeCMS through 3.1 allows remote attackers to upload and execute arbi ...)
 	NOT-FOR-US: LvyeCMS
-CVE-2017-16902
+CVE-2017-16902 (On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long str ...)
 	NOT-FOR-US: Vonage VDV-23 115 3.2.11-0.9.40 home router
 CVE-2017-16901
 	RESERVED
 CVE-2017-16900
 	RESERVED
-CVE-2017-16899
+CVE-2017-16899 (An array index error in the fig2dev program in Xfig 3.2.6a allows remo ...)
 	- fig2dev 1:3.2.6a-5 (bug #881143)
 	[stretch] - fig2dev 1:3.2.6a-2+deb9u1
 	- transfig <removed>
 	[jessie] - transfig 1:3.2.5.e-4+deb8u1
 	[wheezy] - transfig <no-dsa> (Minor issue)
-CVE-2017-16898
+CVE-2017-16898 (The printMP3Headers function in util/listmp3.c in libming v0.4.8 or ea ...)
 	{DLA-1240-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/75
-CVE-2017-16897
+CVE-2017-16897 (A vulnerability has been discovered in the Auth0 passport-wsfed-saml2  ...)
 	NOT-FOR-US: Auth0 passport-wsfed-saml2 library
-CVE-2017-16896
+CVE-2017-16896 (A SQL injection in classes/handler/public.php in the forgotpass compon ...)
 	- tt-rss 17.4+git20180312+dfsg-1 (bug #882543)
 	NOTE: https://discourse.tt-rss.org/t/sql-injection-in-forgotpass-fixed/669
 	NOTE: https://git.tt-rss.org/git/tt-rss/commit/2352c320c2ed34ec7df1ad22f0c55a1b26489815
-CVE-2017-16895
+CVE-2017-16895 (The (1) arq_updater, (2) arqcommitter, (3) standardrestorer, (4) arqgl ...)
 	NOT-FOR-US: Arq
-CVE-2017-16894
+CVE-2017-16894 (In Laravel framework through 5.5.21, remote attackers can obtain sensi ...)
 	NOT-FOR-US: Laravel framework
-CVE-2017-16893
+CVE-2017-16893 (The application Piwigo is affected by an SQL injection vulnerability i ...)
 	- piwigo <removed>
-CVE-2017-16892
+CVE-2017-16892 (In Bftpd before 4.7, there is a memory leak in the file rename functio ...)
 	- bftpd <itp> (bug #640469)
 	NOTE: http://bftpd.sourceforge.net/news.html#032390
 CVE-2017-16891
 	RESERVED
-CVE-2017-16890
+CVE-2017-16890 (SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono func ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/57
 	NOTE: Crash in CLI tool, no security impact
@@ -4569,19 +4569,19 @@ CVE-2017-16889
 	RESERVED
 CVE-2017-16888
 	RESERVED
-CVE-2017-16887
+CVE-2017-16887 (The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 ...)
 	NOT-FOR-US: FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38
-CVE-2017-16886
+CVE-2017-16886 (The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 ...)
 	NOT-FOR-US: FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38
-CVE-2017-16885
+CVE-2017-16885 (Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R ...)
 	NOT-FOR-US: FiberHome LM53Q1 VH519R05C01S38 devices
-CVE-2017-1000407
+CVE-2017-1000407 (The Linux Kernel 2.6.32 and later are affected by a denial of service, ...)
 	{DSA-4082-1 DSA-4073-1 DLA-1200-1}
 	- linux 4.14.7-1
 	NOTE: https://www.spinics.net/lists/kvm/msg159809.html
-CVE-2017-1000406
+CVE-2017-1000406 (OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a passw ...)
 	NOT-FOR-US: OpenDayLight
-CVE-2017-1000405
+CVE-2017-1000405 (The Linux Kernel versions 2.6.38 through 4.14 have a problematic use o ...)
 	- linux 4.14.2-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
@@ -4589,107 +4589,107 @@ CVE-2017-1000405
 	NOTE: Fixed by: https://git.kernel.org/linus/a8f97366452ed491d13cf1e44241bc0b5740b1f0
 	NOTE: http://www.openwall.com/lists/oss-security/2017/11/30/1
 	NOTE: https://github.com/bindecy/HugeDirtyCowPOC
-CVE-2017-1000404
+CVE-2017-1000404 (The Jenkins Delivery Pipeline Plugin version 1.0.7 and earlier used th ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000403
+CVE-2017-1000403 (Jenkins Speaks! Plugin, all current versions, allows users with Job/Co ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000402
+CVE-2017-1000402 (Jenkins Swarm Plugin Client 3.4 and earlier bundled a version of the c ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000401
+CVE-2017-1000401 (The Jenkins 2.73.1 and earlier, 2.83 and earlier default form control  ...)
 	NOT-FOR-US: Jenkins
-CVE-2017-1000400
+CVE-2017-1000400 (The Jenkins 2.73.1 and earlier, 2.83 and earlier remote API at /job/(j ...)
 	NOT-FOR-US: Jenkins
-CVE-2017-1000399
+CVE-2017-1000399 (The Jenkins 2.73.1 and earlier, 2.83 and earlier remote API at /queue/ ...)
 	NOT-FOR-US: Jenkins
-CVE-2017-1000398
+CVE-2017-1000398 (The remote API in Jenkins 2.73.1 and earlier, 2.83 and earlier at /com ...)
 	NOT-FOR-US: Jenkins
-CVE-2017-1000397
+CVE-2017-1000397 (Jenkins Maven Plugin 2.17 and earlier bundled a version of the commons ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000396
+CVE-2017-1000396 (Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the  ...)
 	NOT-FOR-US: Jenkins
-CVE-2017-1000395
+CVE-2017-1000395 (Jenkins 2.73.1 and earlier, 2.83 and earlier provides information abou ...)
 	NOT-FOR-US: Jenkins
-CVE-2017-1000394
+CVE-2017-1000394 (Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the  ...)
 	NOT-FOR-US: Jenkins
-CVE-2017-1000393
+CVE-2017-1000393 (Jenkins 2.73.1 and earlier, 2.83 and earlier users with permission to  ...)
 	NOT-FOR-US: Jenkins
-CVE-2017-1000392
+CVE-2017-1000392 (Jenkins 2.88 and earlier; 2.73.2 and earlier Autocompletion suggestion ...)
 	NOT-FOR-US: Jenkins
-CVE-2017-1000391
+CVE-2017-1000391 (Jenkins versions 2.88 and earlier and 2.73.2 and earlier stores metada ...)
 	NOT-FOR-US: Jenkins
-CVE-2017-1000390
+CVE-2017-1000390 (Jenkins Multijob plugin version 1.25 and earlier did not check permiss ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000389
+CVE-2017-1000389 (Some URLs provided by Jenkins global-build-stats plugin version 1.4 an ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000388
+CVE-2017-1000388 (Jenkins Dependency Graph Viewer plugin 0.12 and earlier did not perfor ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000387
+CVE-2017-1000387 (Jenkins Build-Publisher plugin version 1.21 and earlier stores credent ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000386
+CVE-2017-1000386 (Jenkins Active Choices plugin version 1.5.3 and earlier allowed users  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-16884
+CVE-2017-16884 (Cross-site scripting (XSS) vulnerability in MistServer before 2.13 all ...)
 	NOT-FOR-US: MistServer
-CVE-2017-16883
+CVE-2017-16883 (The outputSWF_TEXT_RECORD function in util/outputscript.c in libming & ...)
 	{DLA-1240-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/77
-CVE-2017-16882
+CVE-2017-16882 (Icinga Core through 1.14.0 initially executes bin/icinga as root but s ...)
 	- icinga <not-affected> (Doesn't affect Icinga 1.x as packaged in Debian)
 	NOTE: https://github.com/Icinga/icinga-core/issues/1601
 	NOTE: State is not fully correct, since "affected" source would be there,
 	NOTE: But Debian does not install the binaries nor configuration files as
 	NOTE: respective icinga user.
-CVE-2017-16881
+CVE-2017-16881 (b3log Symphony (aka Sym) 2.2.0 does not properly address XSS in JSON o ...)
 	NOT-FOR-US: b3log Symphony
-CVE-2017-16880
+CVE-2017-16880 (The dump function in Util/TemplateHelper.php in filp whoops before 2.1 ...)
 	NOT-FOR-US: filp whoops
-CVE-2017-1000230
+CVE-2017-1000230 (The Snap7 Server version 1.4.1 can be crashed when the ItemCount field ...)
 	NOT-FOR-US: Snap7 Server
-CVE-2017-1000227
+CVE-2017-1000227 (Stored XSS in Salutation Responsive WordPress + BuddyPress Theme versi ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1000221
+CVE-2017-1000221 (In Opencast 2.2.3 and older if user names overlap, the Opencast search ...)
 	NOT-FOR-US: Opencast
-CVE-2017-1000217
+CVE-2017-1000217 (Opencast 2.3.2 and older versions are vulnerable to script injections  ...)
 	NOT-FOR-US: Opencast
-CVE-2017-1000190
+CVE-2017-1000190 (SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability ...)
 	- simple-xml <unfixed> (bug #888547)
 	[stretch] - simple-xml <no-dsa> (Minor issue)
 	[jessie] - simple-xml <no-dsa> (Minor issue)
 	[wheezy] - simple-xml <no-dsa> (Minor issue)
 	NOTE: https://github.com/ngallagher/simplexml/issues/18
-CVE-2017-1000163
+CVE-2017-1000163 (The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1. ...)
 	NOT-FOR-US: Phoenix Framework
-CVE-2017-1000128
+CVE-2017-1000128 (Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser ...)
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Vulnerable code introduced in 0.26)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1
 	NOTE: https://github.com/Exiv2/exiv2/issues/177
-CVE-2017-1000127
+CVE-2017-1000127 (Exiv2 0.26 contains a heap buffer overflow in tiff parser ...)
 	[experimental] - exiv2 <unfixed> (low; bug #888863)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1
 	NOTE: https://github.com/Exiv2/exiv2/issues/176
-CVE-2017-1000126
+CVE-2017-1000126 (exiv2 0.26 contains a Stack out of bounds read in webp parser ...)
 	[experimental] - exiv2 <unfixed> (low; bug #888864)
 	- exiv2 <not-affected> (WebP support introduced in 0.26)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1
 	NOTE: https://github.com/Exiv2/exiv2/issues/175
-CVE-2017-16879
+CVE-2017-16879 (Stack-based buffer overflow in the _nc_write_entry function in tinfo/w ...)
 	- ncurses 6.0+20171125-1 (bug #882620)
 	[stretch] - ncurses 6.0+20161126-1+deb9u2
 	[jessie] - ncurses 5.9+20140913-1+deb8u3
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: PoC https://packetstormsecurity.com/files/download/145045/tic-overflow.tgz
 	NOTE: http://invisible-island.net/ncurses/NEWS.html#t20171125
-CVE-2017-16878
+CVE-2017-16878 (Cross-site scripting (XSS) vulnerability in the Captive Portal functio ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-16877
+CVE-2017-16877 (ZEIT Next.js before 2.4.1 has directory traversal under the /_next and ...)
 	NOT-FOR-US: ZEIT Next.js
-CVE-2017-16876
+CVE-2017-16876 (Cross-site scripting (XSS) vulnerability in the _keyify function in mi ...)
 	- mistune 0.8.1-1
 	[stretch] - mistune <no-dsa> (Minor issue)
 	NOTE: https://github.com/lepture/mistune/commit/5f06d724bc05580e7f203db2d4a4905fc1127f98
-CVE-2017-16875
+CVE-2017-16875 (An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in P ...)
 	{DSA-4170-1}
 	- pjproject 2.7.1~dfsg-1
 	[jessie] - pjproject <ignored> (Minor issue)
@@ -4698,189 +4698,189 @@ CVE-2017-16875
 	NOTE: In jessie Asterisk doesn't use pjproject for SIP (only for ICE, STUN and TURN)
 CVE-2017-16874
 	RESERVED
-CVE-2017-16873
+CVE-2017-16873 (It is possible to exploit an unsanitized PATH in the suid binary that  ...)
 	NOT-FOR-US: vagrant-vmware-fusion
 CVE-2017-1000233
 	REJECTED
 CVE-2017-1000222
 	REJECTED
-CVE-2017-1000215
+CVE-2017-1000215 (ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticate ...)
 	- xrootd <itp> (bug #687222)
-CVE-2017-1000212
+CVE-2017-1000212 (Elixir's vim plugin, alchemist.vim is vulnerable to remote code execut ...)
 	NOT-FOR-US: Elixir's vim plugin
-CVE-2017-1000211
+CVE-2017-1000211 (Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML  ...)
 	{DLA-1175-1}
 	- lynx 2.8.9dev16-1
 	[stretch] - lynx <no-dsa> (Minor issue)
 	- lynx-cur <removed>
 	[jessie] - lynx-cur <no-dsa> (Minor issue)
 	NOTE: https://github.com/ThomasDickey/lynx-snapshots/commit/280a61b300a1614f6037efc0902ff7ecf17146e9
-CVE-2017-1000206
+CVE-2017-1000206 (samtools htslib library version 1.4.0 and earlier is vulnerable to buf ...)
 	- htslib 1.4.1-1
 	[stretch] - htslib <no-dsa> (Minor issue)
 	[jessie] - htslib <no-dsa> (Minor issue)
 CVE-2017-1000204
 	REJECTED
-CVE-2017-1000203
+CVE-2017-1000203 (ROOT version 6.9.03 and below is vulnerable to an authenticated shell  ...)
 	- root-system <removed>
 	[jessie] - root-system <ignored> (Minor issue)
 	[wheezy] - root-system <ignored> (Minor issue as it's restricted to authenticated users)
 	NOTE: https://github.com/root-project/root/commit/88ccff152604e0f1012653a596d802ff7ede3145#diff-6cd6f6c31bac70116b7ca7abdc8e517e
-CVE-2017-1000192
+CVE-2017-1000192 (Cygnux sysPass version 2.1.7 and older is vulnerable to a Local File I ...)
 	NOT-FOR-US: Cygnux sysPass
-CVE-2017-1000191
+CVE-2017-1000191 (Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting i ...)
 	NOT-FOR-US: Jool
-CVE-2017-1000170
+CVE-2017-1000170 (jqueryFileTree 2.1.5 and older Directory Traversal ...)
 	NOT-FOR-US: jqueryFileTree
-CVE-2017-1000169
+CVE-2017-1000169 (QuickerBB version &lt;= 0.7.2 is vulnerable to arbitrary file writes w ...)
 	NOT-FOR-US: QuickerBB
-CVE-2017-1000168
+CVE-2017-1000168 (sodiumoxide 0.0.13 and older scalarmult() vulnerable to degenerate pub ...)
 	NOT-FOR-US: sodiumoxide
 CVE-2017-1000161
 	REJECTED
-CVE-2017-16872
+CVE-2017-16872 (An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in P ...)
 	{DSA-4170-1}
 	- pjproject 2.7.1~dfsg-1
 	[jessie] - pjproject <ignored> (Minor issue)
 	NOTE: https://trac.pjsip.org/repos/ticket/2056
 	NOTE: https://trac.pjsip.org/repos/changeset/5682
 	NOTE: In jessie Asterisk doesn't use pjproject for SIP (only for ICE, STUN and TURN)
-CVE-2017-16871
+CVE-2017-16871 (** DISPUTED ** The UpdraftPlus plugin through 1.13.12 for WordPress al ...)
 	NOT-FOR-US: UpdraftPlus plugin for WordPress
-CVE-2017-16870
+CVE-2017-16870 (** DISPUTED ** The UpdraftPlus plugin through 1.13.12 for WordPress ha ...)
 	NOT-FOR-US: UpdraftPlus plugin for WordPress
-CVE-2017-16869
+CVE-2017-16869 (** DISPUTED ** p_mach.cpp in UPX 3.94 allows remote attackers to cause ...)
 	- upx-ucl 3.94-4 (bug #882041; unimportant)
 	NOTE: https://github.com/upx/upx/issues/146
 	NOTE: crash in CLI tool, no security impact
-CVE-2017-16868
+CVE-2017-16868 (In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/52
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-16867
+CVE-2017-16867 (Amazon Key through 2017-11-16 mishandles Cloud Cam 802.11 deauthentica ...)
 	NOT-FOR-US: Amazon Key
-CVE-2017-1000248
+CVE-2017-1000248 (Redis-store &lt;=v1.3.0 allows unsafe objects to be loaded from redis ...)
 	- ruby-redis-store 1.1.6-2 (bug #882034)
 	[stretch] - ruby-redis-store 1.1.6-1+deb9u1
 	NOTE: https://github.com/redis-store/redis-store/commit/e0c1398d54a9661c8c70267c3a925ba6b192142e
-CVE-2017-1000247
+CVE-2017-1000247 (British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerab ...)
 	- codeigniter <itp> (bug #471583)
-CVE-2017-1000246
+CVE-2017-1000246 (Python package pysaml2 version 4.4.0 and earlier reuses the initializa ...)
 	- python-pysaml2 4.5.0-4 (bug #882012)
 	[stretch] - python-pysaml2 <no-dsa> (Minor issue)
 	[jessie] - python-pysaml2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/rohe/pysaml2/issues/417
 	NOTE: https://github.com/c00kiemon5ter/pysaml2/commit/7323f5c20efb59424d853c822e7a26d1aa3e84aa
-CVE-2017-1000241
+CVE-2017-1000241 (The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected ...)
 	NOT-FOR-US: OpenEMR
-CVE-2017-1000240
+CVE-2017-1000240 (The application OpenEMR is affected by multiple reflected &amp; stored ...)
 	NOT-FOR-US: OpenEMR
-CVE-2017-1000239
+CVE-2017-1000239 (InvoicePlane version 1.4.10 is vulnerable to a Stored Cross Site Scrip ...)
 	NOT-FOR-US: InvoicePlane
-CVE-2017-1000238
+CVE-2017-1000238 (InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload r ...)
 	NOT-FOR-US: InvoicePlane
-CVE-2017-1000237
+CVE-2017-1000237 (I, Librarian version &lt;=4.6 &amp; 4.7 is vulnerable to Server-Side R ...)
 	- i-librarian <itp> (bug #649291)
-CVE-2017-1000236
+CVE-2017-1000236 (I, Librarian version &lt;=4.6 &amp; 4.7 is vulnerable to Reflected Cro ...)
 	- i-librarian <itp> (bug #649291)
-CVE-2017-1000235
+CVE-2017-1000235 (I, Librarian version &lt;=4.6 &amp; 4.7 is vulnerable to OS Command In ...)
 	- i-librarian <itp> (bug #649291)
-CVE-2017-1000234
+CVE-2017-1000234 (I, Librarian version &lt;=4.6 &amp; 4.7 is vulnerable to Directory Enu ...)
 	- i-librarian <itp> (bug #649291)
-CVE-2017-1000232
+CVE-2017-1000232 (A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecifi ...)
 	- ldns 1.7.0-4 (bug #882014)
 	[stretch] - ldns <no-dsa> (Minor issue)
 	[jessie] - ldns <no-dsa> (Minor issue)
 	[wheezy] - ldns <not-affected> (Vulnerable code not present)
 	NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1257
 	NOTE: https://git.nlnetlabs.nl/ldns/commit/?id=3bdeed02505c9bbacb3b64a97ddcb1de967153b7
-CVE-2017-1000231
+CVE-2017-1000231 (A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified  ...)
 	{DLA-1182-1}
 	- ldns 1.7.0-4 (bug #882015)
 	[stretch] - ldns <no-dsa> (Minor issue)
 	[jessie] - ldns <no-dsa> (Minor issue)
 	NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1256
 	NOTE: https://git.nlnetlabs.nl/ldns/commit/?id=c8391790c96d4c8a2c10f9ab1460fda83b509fc2
-CVE-2017-1000229
+CVE-2017-1000229 (Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 ...)
 	{DSA-4058-1 DLA-1184-1}
 	- optipng 0.7.6-1.1 (bug #882032)
 	NOTE: https://sourceforge.net/p/optipng/bugs/65/
 	NOTE: Proposed patch: https://sourceforge.net/p/optipng/bugs/_discuss/thread/2a56b3aa/f6bb/attachment/0001-Prevent-integer-overflow-bug-65-CVE-2017-1000229.patch
-CVE-2017-1000228
+CVE-2017-1000228 (nodejs ejs versions older than 2.5.3 is vulnerable to remote code exec ...)
 	NOT-FOR-US: nodejs ejs
-CVE-2017-1000226
+CVE-2017-1000226 (Stop User Enumeration 1.3.8 allows user enumeration via the REST API ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1000225
+CVE-2017-1000225 (Reflected XSS in Relevanssi Premium version 1.14.8 when using relevans ...)
 	NOT-FOR-US: Relevanssi
-CVE-2017-1000224
+CVE-2017-1000224 (CSRF in YouTube (WordPress plugin) could allow unauthenticated attacke ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1000223
+CVE-2017-1000223 (A stored web content injection vulnerability (WCI, a.k.a XSS) is prese ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2017-1000220
+CVE-2017-1000220 (soyuka/pidusage &lt;=1.1.4 is vulnerable to command injection in the m ...)
 	NOT-FOR-US: soyuka/pidusage
-CVE-2017-1000219
+CVE-2017-1000219 (npm/KyleRoss windows-cpu all versions vulnerable to command injection  ...)
 	NOT-FOR-US: npm/KyleRoss windows-cpu
-CVE-2017-1000218
+CVE-2017-1000218 (LightFTP version 1.1 is vulnerable to a buffer overflow in the "writel ...)
 	NOT-FOR-US: LightFTP
-CVE-2017-1000213
+CVE-2017-1000213 (WBCE v1.1.11 is vulnerable to reflected XSS via the "begriff" POST par ...)
 	NOT-FOR-US: WBCE
-CVE-2017-1000210
+CVE-2017-1000210 (picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflo ...)
 	NOT-FOR-US: picoTCP
-CVE-2017-1000209
+CVE-2017-1000209 (The Java WebSocket client nv-websocket-client does not verify that the ...)
 	NOT-FOR-US: Java WebSocket client nv-websocket-client
-CVE-2017-1000208
+CVE-2017-1000208 (A vulnerability in Swagger-Parser's (version &lt;= 1.0.30) yaml parsin ...)
 	NOT-FOR-US: Swagger-Parser
-CVE-2017-1000197
+CVE-2017-1000197 (October CMS build 412 is vulnerable to file path modification in asset ...)
 	NOT-FOR-US: October CMS
-CVE-2017-1000196
+CVE-2017-1000196 (October CMS build 412 is vulnerable to PHP code execution in the asset ...)
 	NOT-FOR-US: October CMS
-CVE-2017-1000195
+CVE-2017-1000195 (October CMS build 412 is vulnerable to PHP object injection in asset m ...)
 	NOT-FOR-US: October CMS
-CVE-2017-1000194
+CVE-2017-1000194 (October CMS build 412 is vulnerable to Apache configuration modificati ...)
 	NOT-FOR-US: October CMS
-CVE-2017-1000193
+CVE-2017-1000193 (October CMS build 412 is vulnerable to stored WCI (a.k.a XSS) in brand ...)
 	NOT-FOR-US: October CMS
-CVE-2017-1000189
+CVE-2017-1000189 (nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-servi ...)
 	NOT-FOR-US: nodejs ejs
-CVE-2017-1000188
+CVE-2017-1000188 (nodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scri ...)
 	NOT-FOR-US: nodejs ejs
-CVE-2017-1000187
+CVE-2017-1000187 (In SWFTools, an address access exception was found in pdf2swf. FoFiTru ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/36
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-1000186
+CVE-2017-1000186 (In SWFTools, a stack overflow was found in pdf2swf. ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/34
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-1000185
+CVE-2017-1000185 (In SWFTools, a memcpy buffer overflow was found in gif2swf. ...)
 	- swftools <unfixed>
 	[stretch] - swftools <no-dsa> (Minor issue)
 	[jessie] - swftools <no-dsa> (Minor issue)
 	[wheezy] - swftools <no-dsa> (Minor issue)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/33
-CVE-2017-1000182
+CVE-2017-1000182 (In SWFTools, a memory leak was found in wav2swf. ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/30
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-1000176
+CVE-2017-1000176 (In SWFTools, a memcpy buffer overflow was found in swfc. ...)
 	- swftools <unfixed>
 	[stretch] - swftools <no-dsa> (Minor issue)
 	[jessie] - swftools <no-dsa> (Minor issue)
 	[wheezy] - swftools <no-dsa> (Minor issue)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/23
-CVE-2017-1000174
+CVE-2017-1000174 (In SWFTools, an address access exception was found in swfdump swf_GetB ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/21
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-1000173
+CVE-2017-1000173 (Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution.  ...)
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000172
+CVE-2017-1000172 (Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution.  ...)
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000164
+CVE-2017-1000164 (Tine 2.0 version 2017.02.4 is vulnerable to XSS in the Addressbook res ...)
 	NOT-FOR-US: Tine groupware
-CVE-2017-1000160
+CVE-2017-1000160 (EllisLab ExpressionEngine 3.4.2 is vulnerable to cross-site scripting  ...)
 	NOT-FOR-US: EllisLab ExpressionEngine
-CVE-2017-1000158
+CVE-2017-1000158 (CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow ...)
 	{DSA-4307-1 DLA-1520-1 DLA-1519-1 DLA-1190-1 DLA-1189-1}
 	- python3.5 3.5.5-1
 	- python3.4 <removed>
@@ -4892,35 +4892,35 @@ CVE-2017-1000158
 	NOTE: 3.4 https://github.com/python/cpython/commit/6c004b40f9d51872d848981ef1a18bb08c2dfc42 (v3.4.8rc1)
 	NOTE: 3.5 https://github.com/python/cpython/commit/fd8614c5c5466a14a945db5b059c10c0fb8f76d9 (v3.5.5rc1)
 	NOTE: The 2.7.13-4 upload included the commit in debian/patches/git-updates.diff
-CVE-2017-1000129
+CVE-2017-1000129 (Serendipity 2.0.3 is vulnerable to a SQL injection in the blog compone ...)
 	- serendipity <removed>
-CVE-2017-1000125
+CVE-2017-1000125 (Codiad(full version) is vulnerable to write anything to configure file ...)
 	NOT-FOR-US: Codiad
-CVE-2017-16866
+CVE-2017-16866 (dayrui FineCms 5.2.0 before 2017.11.16 has Cross Site Scripting (XSS)  ...)
 	NOT-FOR-US: dayrui FineCms
-CVE-2017-16865
+CVE-2017-16865 (The Trello importer in Atlassian Jira before version 7.6.1 allows remo ...)
 	NOT-FOR-US: Atlassian Jira
-CVE-2017-16864
+CVE-2017-16864 (The issue search resource in Atlassian Jira before version 7.4.2 allow ...)
 	NOT-FOR-US: Atlassian Jira
-CVE-2017-16863
+CVE-2017-16863 (The PieChart gadget in Atlassian Jira before version 7.5.3 allows remo ...)
 	NOT-FOR-US: PieChart gadget in Atlassian Jira
-CVE-2017-16862
+CVE-2017-16862 (The IncomingMailServers resource in Atlassian Jira before version 7.6. ...)
 	NOT-FOR-US: Atlassian Jira
-CVE-2017-16861
+CVE-2017-16861 (It was possible for double OGNL evaluation in certain redirect action  ...)
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-16860
+CVE-2017-16860 (The invalidRedirectUrl template in Atlassian Application Links before  ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-16859
+CVE-2017-16859 (The review attachment resource in Atlassian Fisheye and Crucible befor ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-16858
+CVE-2017-16858 (The 'crowd-application' plugin module (notably used by the Google Apps ...)
 	NOT-FOR-US: 'crowd-application' plugin module in Atlassian Crowd
-CVE-2017-16857
+CVE-2017-16857 (It is possible to bypass the bitbucket auto-unapprove plugin via minim ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-16856
+CVE-2017-16856 (The RSS Feed macro in Atlassian Confluence before version 6.5.2 allows ...)
 	NOT-FOR-US: Atlassian Confluence
 CVE-2017-16855
 	REJECTED
-CVE-2017-16854
+CVE-2017-16854 (In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, ...)
 	{DSA-4066-1 DLA-1212-1}
 	- otrs2 6.0.2-1
 	NOTE: https://www.otrs.com/security-advisory-2017-08-security-update-otrs-framework/
@@ -4928,19 +4928,19 @@ CVE-2017-16854
 	NOTE: OTRS-6: https://github.com/OTRS/otrs/commit/867aba14900f17caacb0285a08b6981bbdbbe016
 	NOTE: OTRS-5: https://github.com/OTRS/otrs/commit/8748d040058695fda5c9cfcb2a78d8947ed4188d
 	NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/e0deab303e3d0f7c860bba291410512734f4d6b0
-CVE-2017-16851
+CVE-2017-16851 (Zoho ManageEngine Applications Manager 13 before build 13530 allows SQ ...)
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2017-16850
+CVE-2017-16850 (Zoho ManageEngine Applications Manager 13 before build 13530 allows SQ ...)
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2017-16849
+CVE-2017-16849 (Zoho ManageEngine Applications Manager 13 before build 13530 allows SQ ...)
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2017-16848
+CVE-2017-16848 (Zoho ManageEngine Applications Manager 13 allows SQL injection via the ...)
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2017-16847
+CVE-2017-16847 (Zoho ManageEngine Applications Manager 13 before build 13530 allows SQ ...)
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2017-16846
+CVE-2017-16846 (Zoho ManageEngine Applications Manager 13 before build 13530 allows SQ ...)
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2017-16845
+CVE-2017-16845 (hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values dur ...)
 	{DSA-4213-1 DLA-1497-1}
 	- qemu 1:2.12~rc3+dfsg-1 (bug #882136)
 	[wheezy] - qemu <postponed> (Can be fixed along in a future update)
@@ -4948,45 +4948,45 @@ CVE-2017-16845
 	[wheezy] - qemu-kvm <postponed> (Can be fixed along in a future update)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg02982.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=802cbcb73002b92e6ddc8464d39b668a71b78d74
-CVE-2017-16844
+CVE-2017-16844 (Heap-based buffer overflow in the loadbuf function in formisc.c in for ...)
 	{DSA-4041-1 DLA-1173-1}
 	- procmail 3.22-26 (bug #876511)
-CVE-2017-16843
+CVE-2017-16843 (Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the NewKey ...)
 	NOT-FOR-US: Vonage VDV-23
-CVE-2017-16842
+CVE-2017-16842 (Cross-site scripting (XSS) vulnerability in admin/google_search_consol ...)
 	NOT-FOR-US: Yoast SEO plugin for WordPress
-CVE-2017-16841
+CVE-2017-16841 (LanSweeper 6.0.100.75 has XSS via the description parameter to /Calend ...)
 	NOT-FOR-US: LanSweeper
-CVE-2017-16840
+CVE-2017-16840 (The VC-2 Video Compression encoder in FFmpeg 3.4 allows remote attacke ...)
 	{DSA-4049-1}
 	- ffmpeg 7:3.4.1-1
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=a94cb36ab2ad99d3a1331c9f91831ef593d94f74
-CVE-2017-16839
+CVE-2017-16839 (Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root ...)
 	NOT-FOR-US: vagrant-vmware-fusion
 CVE-2017-16838
 	RESERVED
-CVE-2017-16837
+CVE-2017-16837 (Certain function pointers in Trusted Boot (tboot) through 1.9.6 are no ...)
 	- tboot <itp> (bug #803180)
-CVE-2017-16836
+CVE-2017-16836 (Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC2 ...)
 	NOT-FOR-US: Arris TG1682G devices
-CVE-2017-16835
+CVE-2017-16835 (The "Photo,Video Locker-Calculator" application 12.0 for Android has a ...)
 	NOT-FOR-US: Photo Video Locker-Calculator application for Android
-CVE-2017-16834
+CVE-2017-16834 (PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an u ...)
 	- pnp4nagios <not-affected> (/etc/pnp4nagios and its content is installed as root by the Debian package)
 	NOTE: https://github.com/lingej/pnp4nagios/issues/140
-CVE-2017-16833
+CVE-2017-16833 (Stored cross-site scripting (XSS) vulnerability in Gemirro before 0.16 ...)
 	NOT-FOR-US: Gemirro
-CVE-2017-16853
+CVE-2017-16853 (The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicM ...)
 	{DSA-4039-1 DLA-1178-1}
 	- opensaml2 2.6.1-1 (bug #881856)
 	NOTE: https://git.shibboleth.net/view/?p=cpp-opensaml.git;a=commit;h=6182b0acf2df670e75423c2ed7afe6950ef11c9d
 	NOTE: https://shibboleth.net/community/advisories/secadv_20171115.txt
-CVE-2017-16852
+CVE-2017-16852 (shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataPro ...)
 	{DSA-4038-1 DLA-1179-1}
 	- shibboleth-sp2 2.6.1+dfsg1-1 (bug #881857)
 	NOTE: https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=b66cceb0e992c351ad5e2c665229ede82f261b16
 	NOTE: https://shibboleth.net/community/advisories/secadv_20171115.txt
-CVE-2017-16832
+CVE-2017-16832 (The pe_bfd_read_buildid function in peicode.h in the Binary File Descr ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -4994,7 +4994,7 @@ CVE-2017-16832
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22373
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0bb6961f18b8e832d88b490d421ca56cea16c45b
-CVE-2017-16831
+CVE-2017-16831 (coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -5002,7 +5002,7 @@ CVE-2017-16831
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22385
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6cee897971d4d7cd37d2a686bb6d2aa3e759c8ca
-CVE-2017-16830
+CVE-2017-16830 (The print_gnu_property_note function in readelf.c in GNU Binutils 2.29 ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -5010,7 +5010,7 @@ CVE-2017-16830
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22384
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6ab2c4ed51f9c4243691755e1b1d2149c6a426f4
-CVE-2017-16829
+CVE-2017-16829 (The _bfd_elf_parse_gnu_properties function in elf-properties.c in the  ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -5018,7 +5018,7 @@ CVE-2017-16829
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22307
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cf54ebff3b7361989712fd9c0128a9b255578163
-CVE-2017-16828
+CVE-2017-16828 (The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 al ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -5026,7 +5026,7 @@ CVE-2017-16828
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22386
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bf59c5d5f4f5b8b4da1f5f605cfa546f8029b43d
-CVE-2017-16827
+CVE-2017-16827 (The aout_get_external_symbols function in aoutx.h in the Binary File D ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -5034,7 +5034,7 @@ CVE-2017-16827
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22306
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0301ce1486b1450f219202677f30d0fa97335419
-CVE-2017-16826
+CVE-2017-16826 (The coff_slurp_line_table function in coffcode.h in the Binary File De ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -5050,57 +5050,57 @@ CVE-2017-16823
 	RESERVED
 CVE-2017-16822
 	RESERVED
-CVE-2017-16821
+CVE-2017-16821 (b3log Symphony (aka Sym) 2.2.0 has XSS in processor/AdminProcessor.jav ...)
 	NOT-FOR-US: b3log Symphony
-CVE-2017-16819
+CVE-2017-16819 (A stored cross-site scripting vulnerability in the Icon Time Systems R ...)
 	NOT-FOR-US: Icon Time Systems RTC-1000
-CVE-2017-16818
+CVE-2017-16818 (RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticate ...)
 	- ceph <not-affected> (Vulnerable code introduced after 12.1.0)
 	NOTE: https://github.com/ceph/ceph/commit/b3118cabb8060a8cc6a01c4e8264cb18e7b1745a
 CVE-2017-16817
 	RESERVED
-CVE-2017-16816
+CVE-2017-16816 (The condor_schedd component in HTCondor before 8.6.8 and 8.7.x before  ...)
 	- condor 8.6.8~dfsg.1-1
 	[stretch] - condor <not-affected> (VOMS support disabled)
 	[jessie] - condor <no-dsa> (Minor issue)
 	[wheezy] - condor <no-dsa> (Minor issue)
 	NOTE: http://research.cs.wisc.edu/htcondor//security/vulnerabilities/HTCONDOR-2017-0001.html
-CVE-2017-16815
+CVE-2017-16815 (installer.php in the Snap Creek Duplicator (WordPress Site Migration & ...)
 	NOT-FOR-US: Snap Creek Duplicator (WordPress Site Migration & Backup) plugin for WordPress
-CVE-2017-16820
+CVE-2017-16820 (The csnmp_read_table function in snmp.c in the SNMP plugin in collectd ...)
 	- collectd 5.8.0-1 (bug #881757)
 	[stretch] - collectd <no-dsa> (Minor issue)
 	[jessie] - collectd <no-dsa> (Minor issue)
 	[wheezy] - collectd <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/collectd/collectd/issues/2291
-CVE-2017-16814
+CVE-2017-16814 (A Directory Traversal issue was discovered in the Foxit MobilePDF app  ...)
 	NOT-FOR-US: Foxit
-CVE-2017-16813
+CVE-2017-16813 (A denial-of-service issue was discovered in the Foxit MobilePDF app be ...)
 	NOT-FOR-US: Foxit
 CVE-2017-16812
 	RESERVED
 CVE-2017-16811
 	RESERVED
-CVE-2017-16810
+CVE-2017-16810 (Cross-site scripting (XSS) vulnerability in the All Variables tab in O ...)
 	NOT-FOR-US: Octopus Deploy
 CVE-2017-16809
 	RESERVED
-CVE-2017-16808
+CVE-2017-16808 (tcpdump 4.9.2 has a heap-based buffer over-read related to aoe_print i ...)
 	- tcpdump <unfixed> (unimportant; bug #881862)
 	NOTE: https://github.com/the-tcpdump-group/tcpdump/issues/645
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-16807
+CVE-2017-16807 (A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3 ...)
 	NOT-FOR-US: Kirby Panel
-CVE-2017-16806
+CVE-2017-16806 (The Process function in RemoteTaskServer/WebServer/HttpServer.cs in Ul ...)
 	NOT-FOR-US: Ulterius
-CVE-2017-16805
+CVE-2017-16805 (In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a  ...)
 	- radare2 2.1.0+dfsg-1 (bug #882134)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <not-affected> (Vulnerable code does not exist; no dwarf support)
 	NOTE: https://github.com/radare/radare2/commit/2ca9ab45891b6ae8e32b6c28c81eebca059cbe5d
 	NOTE: https://github.com/radare/radare2/issues/8813
-CVE-2017-16803
+CVE-2017-16803 (In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree  ...)
 	{DSA-4119-1}
 	- libav <removed> (low)
 	- ffmpeg 7:2.2.1-1
@@ -5108,9 +5108,9 @@ CVE-2017-16803
 	NOTE: https://github.com/libav/libav/commit/cd4663dc80323ba64989d0c103d51ad3ee0e9c2f
 	NOTE: ffmpeg: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/cd4663dc80323ba64989d0c103d51ad3ee0e9c2f
 	NOTE: ffmpeg originally fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/b829da363985cb2f80130bba304cc29a632f6446
-CVE-2017-16802
+CVE-2017-16802 (In the sharingGroupPopulateOrganisations function in app/webroot/js/mi ...)
 	NOT-FOR-US: MISP
-CVE-2017-16804
+CVE-2017-16804 (In Redmine before 3.2.7 and 3.3.x before 3.3.4, the reminders function ...)
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -5118,65 +5118,65 @@ CVE-2017-16804
 	NOTE: https://www.redmine.org/issues/25713 (private)
 	NOTE: upstream fixed in 3.2.7, 3.3.4 and 3.4.0
 	NOTE: https://github.com/redmine/redmine/commit/0f09f161f64f4190a52166675ff380a15b72a8bc
-CVE-2017-16801
+CVE-2017-16801 (Cross-site scripting (XSS) vulnerability in Octopus Deploy 3.7.0-3.17. ...)
 	NOT-FOR-US: Octopus Deploy
 CVE-2017-16800
 	RESERVED
-CVE-2017-16799
+CVE-2017-16799 (In CMS Made Simple 2.2.3.1, in modules/New/action.addcategory.php, sto ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-16798
+CVE-2017-16798 (In CMS Made Simple 2.2.3.1, the is_file_acceptable function in modules ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-16797
+CVE-2017-16797 (In SWFTools 0.9.2, the png_load function in lib/png.c does not properl ...)
 	- swftools <unfixed>
 	[stretch] - swftools <no-dsa> (Minor issue)
 	[jessie] - swftools <no-dsa> (Minor issue)
 	[wheezy] - swftools <no-dsa> (Minor issue)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/51
-CVE-2017-16796
+CVE-2017-16796 (In SWFTools 0.9.2, the png_load function in lib/png.c does not check t ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/51
 	NOTE: Crash in CLI tool, no security implications
 CVE-2017-16795
 	RESERVED
-CVE-2017-16794
+CVE-2017-16794 (The png_load function in lib/png.c in SWFTools 0.9.2 does not properly ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/50
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-16793
+CVE-2017-16793 (The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not  ...)
 	- swftools <unfixed>
 	[stretch] - swftools <no-dsa> (Minor issue)
 	[jessie] - swftools <no-dsa> (Minor issue)
 	[wheezy] - swftools <no-dsa> (Minor issue)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/47
-CVE-2017-16792
+CVE-2017-16792 (Stored cross-site scripting (XSS) vulnerability in "geminabox" (Gem in ...)
 	NOT-FOR-US: geminabox
 CVE-2017-16791
 	RESERVED
-CVE-2017-16790
+CVE-2017-16790 (An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3. ...)
 	{DSA-4262-1}
 	- symfony 3.4.0+dfsg-1
 	[jessie] - symfony <not-affected> (vulnerable code introduced in 2.4.*)
 	NOTE: https://symfony.com/blog/cve-2017-16790-ensure-that-submitted-data-are-uploaded-files
 	NOTE: https://github.com/symfony/symfony/pull/24993
-CVE-2017-16789
+CVE-2017-16789 (Cross-site scripting (XSS) vulnerability in Integration Matters nJAMS  ...)
 	NOT-FOR-US: TIBCO
-CVE-2017-16788
+CVE-2017-16788 (Directory traversal vulnerability in the "Upload Groupkey" functionali ...)
 	NOT-FOR-US: Meinberg LANTIME
-CVE-2017-16787
+CVE-2017-16787 (The Web Configuration Utility in Meinberg LANTIME devices with firmwar ...)
 	NOT-FOR-US: Meinberg LANTIME
-CVE-2017-16786
+CVE-2017-16786 (The Web Configuration Utility in Meinberg LANTIME devices with firmwar ...)
 	NOT-FOR-US: Meinberg LANTIME
-CVE-2017-16784
+CVE-2017-16784 (In CMS Made Simple 2.2.2, there is Reflected XSS via the cntnt01detail ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-16783
+CVE-2017-16783 (In CMS Made Simple 2.1.6, there is Server-Side Template Injection via  ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-16782
+CVE-2017-16782 (In Home Assistant before 0.57, it is possible to inject JavaScript cod ...)
 	NOT-FOR-US: Home Assistant
-CVE-2017-16781
+CVE-2017-16781 (The installer in MyBB before 1.8.13 has XSS. ...)
 	NOT-FOR-US: MyBB
-CVE-2017-16780
+CVE-2017-16780 (The installer in MyBB before 1.8.13 allows remote attackers to execute ...)
 	NOT-FOR-US: MyBB
-CVE-2017-16785
+CVE-2017-16785 (Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php. ...)
 	- cacti 1.1.27+ds1-3
 	[stretch] - cacti <not-affected> (Vulnerable code does not exist)
 	[jessie] - cacti <not-affected> (Vulnerable code does not exist)
@@ -5188,145 +5188,145 @@ CVE-2017-16779
 	RESERVED
 CVE-2017-16778
 	RESERVED
-CVE-2017-16777
+CVE-2017-16777 (If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion)  ...)
 	NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
-CVE-2017-16776
+CVE-2017-16776 (Security researchers discovered an authentication bypass vulnerability ...)
 	NOT-FOR-US: Conserus Workflow Intelligence
 CVE-2017-16775
 	RESERVED
 CVE-2017-16774
 	RESERVED
-CVE-2017-16773
+CVE-2017-16773 (Improper authorization vulnerability in Highlight Preview in Synology  ...)
 	NOT-FOR-US: Synology
-CVE-2017-16772
+CVE-2017-16772 (Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUploa ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-16771
+CVE-2017-16771 (Cross-site scripting (XSS) vulnerability in Log Viewer in Synology Pho ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-16770
+CVE-2017-16770 (File and directory information exposure vulnerability in SYNO.Surveill ...)
 	NOT-FOR-US: Synology Surveillance Station
-CVE-2017-16769
+CVE-2017-16769 (Exposure of private information vulnerability in Photo Viewer in Synol ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-16768
+CVE-2017-16768 (Cross-site scripting (XSS) vulnerability in User Policy editor in Syno ...)
 	NOT-FOR-US: Synology MailPlus Server
-CVE-2017-16767
+CVE-2017-16767 (Cross-site scripting (XSS) vulnerability in User Profile in Synology S ...)
 	NOT-FOR-US: Synology Surveillance Station
-CVE-2017-16766
+CVE-2017-16766 (An improper access control vulnerability in synodsmnotify in Synology  ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2017-16765
+CVE-2017-16765 (XSS exists on D-Link DWR-933 1.00(WW)B17 devices via cgi-bin/gui.cgi. ...)
 	NOT-FOR-US: D-Link
-CVE-2017-16764
+CVE-2017-16764 (An exploitable vulnerability exists in the YAML parsing functionality  ...)
 	NOT-FOR-US: django_make_app
-CVE-2017-16763
+CVE-2017-16763 (An exploitable vulnerability exists in the YAML parsing functionality  ...)
 	NOT-FOR-US: Confire
-CVE-2017-16762
+CVE-2017-16762 (Sanic before 0.5.1 allows reading arbitrary files with directory trave ...)
 	NOT-FOR-US: Sanic
-CVE-2017-16761
+CVE-2017-16761 (An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allow ...)
 	NOT-FOR-US: Inedo BuildMaster
-CVE-2017-16760
+CVE-2017-16760 (Inedo BuildMaster before 5.8.2 has XSS. ...)
 	NOT-FOR-US: Inedo BuildMaster
-CVE-2017-16759
+CVE-2017-16759 (The installation process in LibreNMS before 2017-08-18 allows remote a ...)
 	NOT-FOR-US: LibreNMS
-CVE-2017-16758
+CVE-2017-16758 (Cross-site scripting (XSS) vulnerability in admin/partials/uif-access- ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-16757
+CVE-2017-16757 (Hola VPN 1.34 has weak permissions (Everyone:F) under %PROGRAMFILES%,  ...)
 	NOT-FOR-US: Hola VPN
-CVE-2017-16756
+CVE-2017-16756 (An issue was discovered in Userscape HelpSpot before 4.7.2. A cross-si ...)
 	NOT-FOR-US: Userscape HelpSpot
-CVE-2017-16755
+CVE-2017-16755 (An issue was discovered in Userscape HelpSpot before 4.7.2. A reflecte ...)
 	NOT-FOR-US: Userscape HelpSpot
-CVE-2017-16754
+CVE-2017-16754 (Bolt before 3.3.6 does not properly restrict access to _profiler route ...)
 	NOT-FOR-US: Bolt CMS
-CVE-2017-16753
+CVE-2017-16753 (An Improper Input Validation issue was discovered in Advantech WebAcce ...)
 	NOT-FOR-US: Advantech WebAccess
 CVE-2017-16752
 	RESERVED
-CVE-2017-16751
+CVE-2017-16751 (A Stack-based Buffer Overflow issue was discovered in Delta Electronic ...)
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
 CVE-2017-16750
 	RESERVED
-CVE-2017-16749
+CVE-2017-16749 (A Use-after-Free issue was discovered in Delta Electronics Delta Indus ...)
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
-CVE-2017-16748
+CVE-2017-16748 (An attacker can log into the local Niagara platform (Niagara AX Framew ...)
 	NOT-FOR-US: Niagara AX
-CVE-2017-16747
+CVE-2017-16747 (An Out-of-bounds Write issue was discovered in Delta Electronics Delta ...)
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
 CVE-2017-16746
 	RESERVED
-CVE-2017-16745
+CVE-2017-16745 (A Type Confusion issue was discovered in Delta Electronics Delta Indus ...)
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
-CVE-2017-16744
+CVE-2017-16744 (A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and  ...)
 	NOT-FOR-US: Niagara AX
-CVE-2017-16743
+CVE-2017-16743 (An Improper Authorization issue was discovered in PHOENIX CONTACT FL S ...)
 	NOT-FOR-US: PHOENIX CONTACT FL SWITCH
 CVE-2017-16742
 	RESERVED
-CVE-2017-16741
+CVE-2017-16741 (An Information Exposure issue was discovered in PHOENIX CONTACT FL SWI ...)
 	NOT-FOR-US: PHOENIX CONTACT FL SWITCH
-CVE-2017-16740
+CVE-2017-16740 (A Buffer Overflow issue was discovered in Rockwell Automation Allen-Br ...)
 	NOT-FOR-US: Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers
-CVE-2017-16739
+CVE-2017-16739 (An issue was discovered in WECON Technology LEVI Studio HMI Editor v1. ...)
 	NOT-FOR-US: WECON Technology LEVI Studio HMI Editor
 CVE-2017-16738
 	RESERVED
-CVE-2017-16737
+CVE-2017-16737 (An issue was discovered in WECON Technology LEVI Studio HMI Editor v1. ...)
 	NOT-FOR-US: WECON Technology LEVI Studio HMI Editor
-CVE-2017-16736
+CVE-2017-16736 (An Unrestricted Upload Of File With Dangerous Type issue was discovere ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-16735
+CVE-2017-16735 (A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1  ...)
 	NOT-FOR-US: Ecava IntegraXor
 CVE-2017-16734
 	RESERVED
-CVE-2017-16733
+CVE-2017-16733 (A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1  ...)
 	NOT-FOR-US: Ecava IntegraXor
-CVE-2017-16732
+CVE-2017-16732 (A use-after-free issue was discovered in Advantech WebAccess versions  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-16731
+CVE-2017-16731 (An Unprotected Transport of Credentials issue was discovered in ABB El ...)
 	NOT-FOR-US: Ellipse
 CVE-2017-16730
 	RESERVED
 CVE-2017-16729
 	RESERVED
-CVE-2017-16728
+CVE-2017-16728 (An Untrusted Pointer Dereference issue was discovered in Advantech Web ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-16727
+CVE-2017-16727 (A Credentials Management issue was discovered in Moxa NPort W2150A ver ...)
 	NOT-FOR-US: Moxa
-CVE-2017-16726
+CVE-2017-16726 (Beckhoff TwinCAT supports communication over ADS. ADS is a protocol fo ...)
 	NOT-FOR-US: Beckhoff TwinCAT
-CVE-2017-16725
+CVE-2017-16725 (A Stack-based Buffer Overflow issue was discovered in Xiongmai Technol ...)
 	NOT-FOR-US: Xiongmai Technology IP Cameras and DVRs
-CVE-2017-16724
+CVE-2017-16724 (A Stack-based Buffer Overflow issue was discovered in Advantech WebAcc ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-16723
+CVE-2017-16723 (A Cross-site Scripting issue was discovered in PHOENIX CONTACT FL COMS ...)
 	NOT-FOR-US: PHOENIX
 CVE-2017-16722
 	RESERVED
-CVE-2017-16721
+CVE-2017-16721 (A Cross-site Scripting issue was discovered in Geovap Reliance SCADA V ...)
 	NOT-FOR-US: Geovap Reliance SCADA
-CVE-2017-16720
+CVE-2017-16720 (A Path Traversal issue was discovered in WebAccess versions 8.3.2 and  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-16719
+CVE-2017-16719 (An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPor ...)
 	NOT-FOR-US: Moxa
-CVE-2017-16718
+CVE-2017-16718 (Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol  ...)
 	NOT-FOR-US: Beckhoff TwinCAT
-CVE-2017-16717
+CVE-2017-16717 (A Heap-based Buffer Overflow issue was discovered in WECON LeviStudio  ...)
 	NOT-FOR-US: WECON LeviStudio HMI
-CVE-2017-16716
+CVE-2017-16716 (A SQL Injection issue was discovered in WebAccess versions prior to 8. ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-16715
+CVE-2017-16715 (An Information Exposure issue was discovered in Moxa NPort 5110 Versio ...)
 	NOT-FOR-US: Moxa
-CVE-2017-16714
+CVE-2017-16714 (In Ice Qube Thermal Management Center versions prior to version 4.13,  ...)
 	NOT-FOR-US: Ice Qube Thermal Management Center
 CVE-2017-16713
 	RESERVED
 CVE-2017-16712
 	RESERVED
-CVE-2017-16711
+CVE-2017-16711 (The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c ...)
 	- swftools <unfixed> (unimportant; bug #881390)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/46
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-16710
+CVE-2017-16710 (Cross-site scripting (XSS) vulnerability in Crestron Airmedia AM-100 d ...)
 	NOT-FOR-US: Creston
-CVE-2017-16709
+CVE-2017-16709 (Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 ...)
 	NOT-FOR-US: Creston
 CVE-2017-16708
 	RESERVED
@@ -5362,33 +5362,33 @@ CVE-2017-16693
 	RESERVED
 CVE-2017-16692
 	RESERVED
-CVE-2017-16691
+CVE-2017-16691 (SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.1 ...)
 	NOT-FOR-US: SAP Note Assistant
-CVE-2017-16690
+CVE-2017-16690 (A malicious DLL preload attack possible on NwSapSetup and Installation ...)
 	NOT-FOR-US: SAP Plant Connectivity
-CVE-2017-16689
+CVE-2017-16689 (A Trusted RFC connection in SAP KERNEL 32NUC, SAP KERNEL 32Unicode, SA ...)
 	NOT-FOR-US: SAP KERNEL
 CVE-2017-16688
 	RESERVED
-CVE-2017-16687
+CVE-2017-16687 (The user self-service tools of SAP HANA extended application services, ...)
 	NOT-FOR-US: SAP HANA
 CVE-2017-16686
 	RESERVED
-CVE-2017-16685
+CVE-2017-16685 (Cross-Site scripting (XSS) in SAP Business Warehouse Universal Data In ...)
 	NOT-FOR-US: SAP Business Warehouse Universal Data Integration
-CVE-2017-16684
+CVE-2017-16684 (SAP Business Intelligence Promotion Management Application, Enterprise ...)
 	NOT-FOR-US: SAP Business Intelligence Promotion Management Application
-CVE-2017-16683
+CVE-2017-16683 (Denial of Service (DOS) in SAP Business Objects Platform, Enterprise 4 ...)
 	NOT-FOR-US: SAP Business Objects Platform
-CVE-2017-16682
+CVE-2017-16682 (SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 t ...)
 	NOT-FOR-US: SAP NetWeaver Internet Transaction Server
-CVE-2017-16681
+CVE-2017-16681 (Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence  ...)
 	NOT-FOR-US: SAP Business Intelligence Promotion Management Application
-CVE-2017-16680
+CVE-2017-16680 (Two potential audit log injections in SAP HANA extended application se ...)
 	NOT-FOR-US: SAP HANA extended application services
-CVE-2017-16679
+CVE-2017-16679 (URL redirection vulnerability in SAP's Startup Service, SAP KERNEL 32  ...)
 	NOT-FOR-US: SAP's Startup Service
-CVE-2017-16678
+CVE-2017-16678 (Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Know ...)
 	NOT-FOR-US: SAP NetWeaver Knowledge Management Configuration Service
 CVE-2017-16677
 	RESERVED
@@ -5396,11 +5396,11 @@ CVE-2017-16676
 	RESERVED
 CVE-2017-16675
 	RESERVED
-CVE-2017-16674
+CVE-2017-16674 (Datto Windows Agent allows unauthenticated remote command execution vi ...)
 	NOT-FOR-US: Datto Windows Agent
-CVE-2017-16673
+CVE-2017-16673 (Datto Backup Agent 1.0.6.0 and earlier does not authenticate incoming  ...)
 	NOT-FOR-US: Datto Backup Agent
-CVE-2017-16672
+CVE-2017-16672 (An issue was discovered in Asterisk Open Source 13 before 13.18.1, 14  ...)
 	- asterisk 1:13.18.1~dfsg-1 (bug #881256)
 	[stretch] - asterisk 1:13.14.1~dfsg-2+deb9u3
 	[jessie] - asterisk <not-affected> (Vulnerable code not present)
@@ -5408,7 +5408,7 @@ CVE-2017-16672
 	NOTE: http://downloads.digium.com/pub/security/AST-2017-011.html
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-011-13.diff
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27345
-CVE-2017-16671
+CVE-2017-16671 (A Buffer Overflow issue was discovered in Asterisk Open Source 13 befo ...)
 	- asterisk 1:13.18.1~dfsg-1 (bug #881257)
 	[stretch] - asterisk 1:13.14.1~dfsg-2+deb9u3
 	[jessie] - asterisk <not-affected> (Vulnerable code do not exist)
@@ -5416,9 +5416,9 @@ CVE-2017-16671
 	NOTE: http://downloads.digium.com/pub/security/AST-2017-010.html
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-010-13.diff
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27337
-CVE-2017-16670
+CVE-2017-16670 (The project import functionality in SoapUI 5.3.0 allows remote attacke ...)
 	NOT-FOR-US: SoapUI
-CVE-2017-16669
+CVE-2017-16669 (coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1168-1}
 	- graphicsmagick 1.3.26-19 (bug #881391)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/450/
@@ -5432,31 +5432,31 @@ CVE-2017-16669
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/fcd3ed3394f6
 CVE-2017-16668
 	RESERVED
-CVE-2017-16666
+CVE-2017-16666 (Xplico before 1.2.1 allows remote authenticated users to execute arbit ...)
 	NOT-FOR-US: Xplico
-CVE-2017-16665
+CVE-2017-16665 (RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflec ...)
 	NOT-FOR-US: RemObjects Remoting SDK
-CVE-2017-16664
+CVE-2017-16664 (Code injection exists in Kernel/System/Spelling.pm in Open Ticket Requ ...)
 	{DSA-4047-1 DLA-1212-1}
 	- otrs2 5.0.24-1 (bug #882370)
 	NOTE: https://www.otrs.com/security-advisory-2017-07-security-update-otrs-framework/
 	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/4c36932d0c42343f21246a107e17a2ebbd9c2c7d
 	NOTE: OTRS 3.3: https://github.com/OTRS/otrs/commit/2e58a4bbd99b2477d72c3b2d9fef009537ab19ce
-CVE-2017-16667
+CVE-2017-16667 (backintime (aka Back in Time) before 1.1.24 did improper escaping/quot ...)
 	- backintime 1.1.24-0.1 (bug #881205)
 	[stretch] - backintime <no-dsa> (Minor issue)
 	[jessie] - backintime <no-dsa> (Minor issue)
 	[wheezy] - backintime <not-affected> (Vulnerable code does not exist)
 	NOTE: https://github.com/bit-team/backintime/issues/834
 	NOTE: https://github.com/bit-team/backintime/commit/cef81d0da93ff601252607df3db1a48f7f6f01b3
-CVE-2017-16663
+CVE-2017-16663 (In sam2p 0.49.4, there are integer overflows (with resultant heap-base ...)
 	{DLA-1185-1}
 	- sam2p <removed>
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/16
 CVE-2017-16662
 	RESERVED
-CVE-2017-16659
+CVE-2017-16659 (The Gentoo mail-filter/assp package 1.9.8.13030 and earlier allows loc ...)
 	NOT-FOR-US: assp as packaged by Gentoo
 CVE-2017-16658
 	RESERVED
@@ -5466,24 +5466,24 @@ CVE-2017-16656
 	RESERVED
 CVE-2017-16655
 	RESERVED
-CVE-2017-16654
+CVE-2017-16654 (An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3. ...)
 	{DSA-4262-1 DLA-1707-1}
 	- symfony 3.4.0+dfsg-1
 	NOTE: https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths
 	NOTE: https://github.com/symfony/symfony/pull/24994
-CVE-2017-16653
+CVE-2017-16653 (An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3. ...)
 	{DSA-4262-1}
 	- symfony 3.4.0+dfsg-1
 	[jessie] - symfony <not-affected> (vulnerable code not present in branch 2.3)
 	NOTE: https://symfony.com/blog/cve-2017-16653-csrf-protection-does-not-use-different-tokens-for-http-and-https
 	NOTE: https://github.com/symfony/symfony/pull/24992
-CVE-2017-16652
+CVE-2017-16652 (An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2 ...)
 	{DSA-4262-1 DLA-1707-1}
 	- symfony 3.4.0+dfsg-1
 	NOTE: https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers
 	NOTE: https://github.com/symfony/symfony/pull/24995
 	NOTE: See CVE-2018-11408 to address original incomplete fix for CVE-2017-16652
-CVE-2017-16651
+CVE-2017-16651 (Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before  ...)
 	{DSA-4030-1 DLA-1193-1}
 	- roundcube 1.3.3+dfsg.1-1
 	NOTE: master: https://github.com/roundcube/roundcubemail/commit/2a32f51c91d5e9c7b1a9d931846dd44c008ff36d
@@ -5492,45 +5492,45 @@ CVE-2017-16651
 	NOTE: release-1.1: https://github.com/roundcube/roundcubemail/commit/e757cc410145d043c30889d28fa0b5f67a5cf2fd
 	NOTE: release-1.0: https://github.com/roundcube/roundcubemail/commit/8d87bb34f3c6103ab81e5342d8b3d297832d178a
 	NOTE: https://github.com/roundcube/roundcubemail/issues/6026
-CVE-2017-16650
+CVE-2017-16650 (The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux  ...)
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-16649
+CVE-2017-16649 (The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in ...)
 	{DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
-CVE-2017-16648
+CVE-2017-16648 (The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend. ...)
 	- linux <not-affected> (Vulnerable code not present)
-CVE-2017-16647
+CVE-2017-16647 (drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 all ...)
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-16646
+CVE-2017-16646 (drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel throug ...)
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-16645
+CVE-2017-16645 (The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu. ...)
 	- linux 4.14.2-1 (unimportant)
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.56-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: CONFIG_INPUT_IMS_PCU is not set in Debian config
-CVE-2017-16644
+CVE-2017-16644 (The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in th ...)
 	{DSA-4073-1}
 	- linux 4.14.7-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-16643
+CVE-2017-16643 (The parse_hid_report_descriptor function in drivers/input/tablet/gtco. ...)
 	{DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
-CVE-2017-16642
+CVE-2017-16642 (In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an e ...)
 	{DSA-4081-1 DSA-4080-1}
 	- php7.1 7.1.11-1
 	- php7.0 7.0.25-1
@@ -5540,21 +5540,21 @@ CVE-2017-16642
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75055
 	NOTE: https://github.com/derickr/timelib/commit/aa9156006e88565e1f1a5f7cc088b18322d57536
 	NOTE: https://github.com/php/php-src/commit/5c0455bf2c8cd3c25401407f158e820aa3b239e1
-CVE-2017-16661
+CVE-2017-16661 (Cacti 1.1.27 allows remote authenticated administrators to read arbitr ...)
 	- cacti 1.1.27+ds1-3
 	[stretch] - cacti <not-affected> (Vulnerable code does not exist)
 	[jessie] - cacti <not-affected> (Vulnerable code does not exist)
 	[wheezy] - cacti <not-affected> (Vulnerable code does not exist)
 	NOTE: https://github.com/Cacti/cacti/issues/1066
 	NOTE: affected code was introduced in the 1.x release
-CVE-2017-16660
+CVE-2017-16660 (Cacti 1.1.27 allows remote authenticated administrators to conduct Rem ...)
 	- cacti 1.1.27+ds1-3
 	[stretch] - cacti <not-affected> (Vulnerable code does not exist)
 	[jessie] - cacti <not-affected> (Vulnerable code does not exist)
 	[wheezy] - cacti <not-affected> (Vulnerable code does not exist)
 	NOTE: https://github.com/Cacti/cacti/issues/1066
 	NOTE: affected code was introduced in the 1.x release
-CVE-2017-16641
+CVE-2017-16641 (lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators ...)
 	- cacti 1.1.27+ds1-3 (bug #881110)
 	[stretch] - cacti <ignored> (Minor issue, due to CVE-2009-4112 does not make sense to isolately fix unless CVE-2009-4112 adressed upstream)
 	[jessie] - cacti <ignored> (Minor issue, due to CVE-2009-4112 does not make sense to isolately fix unless CVE-2009-4112 adressed upstream)
@@ -5563,19 +5563,19 @@ CVE-2017-16641
 	NOTE: https://github.com/Cacti/cacti/commit/e8088bb6593e6a49d000c342d17402f01db8740e
 CVE-2017-16640
 	RESERVED
-CVE-2017-16639
+CVE-2017-16639 (Tor Browser on Windows before 8.0 allows remote attackers to bypass th ...)
 	NOT-FOR-US: Tor Browser on Windows
-CVE-2017-16638
+CVE-2017-16638 (The Gentoo net-misc/vde package before version 2.3.2-r4 may allow memb ...)
 	NOT-FOR-US: Gentoo net-misc/vde packaging issue
-CVE-2017-16637
+CVE-2017-16637 (In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when res ...)
 	NOT-FOR-US: Vectura Perfect Privacy VPN Manager
-CVE-2017-16636
+CVE-2017-16636 (In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the ne ...)
 	NOT-FOR-US: Bludit
-CVE-2017-16635
+CVE-2017-16635 (In TinyWebGallery v2.4, an XSS vulnerability is located in the `mkname ...)
 	NOT-FOR-US: TinyWebGallery
-CVE-2017-16634
+CVE-2017-16634 (In Joomla! before 3.8.2, a bug allowed third parties to bypass a user' ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-16633
+CVE-2017-16633 (In Joomla! before 3.8.2, a logic bug in com_fields exposed read-only i ...)
 	NOT-FOR-US: Joomla!
 CVE-2017-16632
 	RESERVED
@@ -5605,21 +5605,21 @@ CVE-2017-16620
 	RESERVED
 CVE-2017-16619
 	RESERVED
-CVE-2017-16618
+CVE-2017-16618 (An exploitable vulnerability exists in the YAML loading functionality  ...)
 	NOT-FOR-US: OwlMixin
 CVE-2017-16617
 	RESERVED
-CVE-2017-16616
+CVE-2017-16616 (An exploitable vulnerability exists in the YAML parsing functionality  ...)
 	NOT-FOR-US: pyanyapi
-CVE-2017-16615
+CVE-2017-16615 (An exploitable vulnerability exists in the YAML parsing functionality  ...)
 	NOT-FOR-US: MLAlchemy
-CVE-2017-16614
+CVE-2017-16614 (SSRF (Server Side Request Forgery) in tpshop 2.0.5 and 2.0.6 allows re ...)
 	NOT-FOR-US: tpshop
-CVE-2017-16613
+CVE-2017-16613 (An issue was discovered in middleware.py in OpenStack Swauth through 1 ...)
 	{DSA-4044-1}
 	- swauth 1.2.0-4 (bug #882314)
 	NOTE: https://bugs.launchpad.net/swift/+bug/1655781
-CVE-2017-16612
+CVE-2017-16612 (libXcursor before 1.1.15 has various integer overflows that could lead ...)
 	{DSA-4059-1 DLA-1201-1}
 	- libxcursor 1:1.1.14-3.1 (bug #883792)
 	- wayland 1.14.0-2 (bug #889681)
@@ -5633,7 +5633,7 @@ CVE-2017-16612
 	NOTE: Wayland: https://cgit.freedesktop.org/wayland/wayland/commit/?id=5d201df72f3d4f4cb8b8f75f980169b03507da38
 	NOTE: For src:wayland originally fixed in 1.14.0-2 but the 1.15.0-1 upload
 	NOTE: did not merge in the 1.14.0-2 upload.
-CVE-2017-16611
+CVE-2017-16611 (In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker  ...)
 	- libxfont 1:2.0.3-1 (low; bug #883929)
 	[stretch] - libxfont <no-dsa> (Minor issue)
 	[jessie] - libxfont <no-dsa> (Minor issue)
@@ -5644,148 +5644,148 @@ CVE-2017-16611
 	NOTE: (for 1.5.x): https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?h=libXfont-1.5-branch&id=5ed8ac0e4f063825b8ecda48e9a111d3ce92e825
 	NOTE: https://marc.info/?l=freedesktop-xorg-announce&m=151188049718337&w=2
 	NOTE: https://marc.info/?l=freedesktop-xorg-announce&m=151188044218304&w=2
-CVE-2017-16610
+CVE-2017-16610 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16609
+CVE-2017-16609 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16608
+CVE-2017-16608 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16607
+CVE-2017-16607 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16606
+CVE-2017-16606 (This vulnerability allows remote attackers to execute code by creating ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16605
+CVE-2017-16605 (This vulnerability allows remote attackers to overwrite arbitrary file ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16604
+CVE-2017-16604 (This vulnerability allows remote attackers to overwrite arbitrary file ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16603
+CVE-2017-16603 (This vulnerability allows remote attackers to execute code by creating ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16602
+CVE-2017-16602 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16601
+CVE-2017-16601 (This vulnerability allows remote attackers to overwrite arbitrary file ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16600
+CVE-2017-16600 (This vulnerability allows remote attackers to overwrite files on vulne ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16599
+CVE-2017-16599 (This vulnerability allows remote attackers to delete arbitrary files o ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16598
+CVE-2017-16598 (This vulnerability allows remote attackers to execute code by overwrit ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16597
+CVE-2017-16597 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16596
+CVE-2017-16596 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16595
+CVE-2017-16595 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16594
+CVE-2017-16594 (This vulnerability allows remote attackers to create arbitrary files o ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16593
+CVE-2017-16593 (This vulnerability allows remote attackers to delete arbitrary files o ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16592
+CVE-2017-16592 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16591
+CVE-2017-16591 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16590
+CVE-2017-16590 (This vulnerability allows remote attackers to bypass authentication on ...)
 	NOT-FOR-US: Netgain
-CVE-2017-16589
+CVE-2017-16589 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16588
+CVE-2017-16588 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16587
+CVE-2017-16587 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16586
+CVE-2017-16586 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16585
+CVE-2017-16585 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16584
+CVE-2017-16584 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16583
+CVE-2017-16583 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16582
+CVE-2017-16582 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16581
+CVE-2017-16581 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16580
+CVE-2017-16580 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16579
+CVE-2017-16579 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16578
+CVE-2017-16578 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16577
+CVE-2017-16577 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16576
+CVE-2017-16576 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16575
+CVE-2017-16575 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16574
+CVE-2017-16574 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16573
+CVE-2017-16573 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16572
+CVE-2017-16572 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16571
+CVE-2017-16571 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-16570
+CVE-2017-16570 (KeystoneJS before 4.0.0-beta.7 allows application-wide CSRF bypass by  ...)
 	NOT-FOR-US: KeystoneJS
-CVE-2017-16569
+CVE-2017-16569 (An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018 via an h ...)
 	NOT-FOR-US: Zurmo
-CVE-2017-16568
+CVE-2017-16568 (Cross-site scripting (XSS) vulnerability in Logitech Media Server 7.9. ...)
 	NOT-FOR-US: Logitech Media Server
-CVE-2017-16567
+CVE-2017-16567 (Cross-site scripting (XSS) vulnerability in Logitech Media Server 7.9. ...)
 	NOT-FOR-US: Logitech Media Server
-CVE-2017-16566
+CVE-2017-16566 (On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not  ...)
 	NOT-FOR-US: Jooan IP Camera A5 2.3.36 devices
-CVE-2017-16565
+CVE-2017-16565 (Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage (Grandst ...)
 	NOT-FOR-US: Vonage
-CVE-2017-16564
+CVE-2017-16564 (Stored Cross-site scripting (XSS) vulnerability in /cgi-bin/config2 on ...)
 	NOT-FOR-US: Vonage
-CVE-2017-16563
+CVE-2017-16563 (Cross-Site Request Forgery (CSRF) in the Basic Settings screen on Vona ...)
 	NOT-FOR-US: Vonage
-CVE-2017-16562
+CVE-2017-16562 (The UserPro plugin before 4.9.17.1 for WordPress, when used on a site  ...)
 	NOT-FOR-US: WordPress plugin userpro
-CVE-2017-16561
+CVE-2017-16561 (/view/friend_profile.php in Ingenious School Management System 2.3.0 i ...)
 	NOT-FOR-US: Ingenious School Management System
-CVE-2017-16560
+CVE-2017-16560 (SanDisk Secure Access 3.01 vault decrypts and copies encrypted files t ...)
 	NOT-FOR-US: SanDisk Secure Access
 CVE-2017-16559
 	RESERVED
 CVE-2017-16558
 	RESERVED
-CVE-2017-16557
+CVE-2017-16557 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain privi ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16556
+CVE-2017-16556 (In K7 Antivirus Premium before 15.1.0.53, user-controlled input can be ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16555
+CVE-2017-16555 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain privi ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16554
+CVE-2017-16554 (K7 Antivirus Premium before 15.1.0.53 allows local users to write to a ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16553
+CVE-2017-16553 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain privi ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16552
+CVE-2017-16552 (K7 Antivirus Premium before 15.1.0.53 allows local users to write to a ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16551
+CVE-2017-16551 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain privi ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16550
+CVE-2017-16550 (K7 Antivirus Premium before 15.1.0.53 allows local users to write to a ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16549
+CVE-2017-16549 (K7 Antivirus Premium before 15.1.0.53 allows local users to write to a ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2017-16548
+CVE-2017-16548 (The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-develo ...)
 	{DSA-4068-1 DLA-1218-1}
 	- rsync 3.1.2-2.1 (bug #880954)
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=13112
 	NOTE: https://git.samba.org/rsync.git/?p=rsync.git;a=commit;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1
-CVE-2017-16547
+CVE-2017-16547 (The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 doe ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1170-1}
 	- graphicsmagick 1.3.26-18
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/785758bbbfcc
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/517/
-CVE-2017-16546
+CVE-2017-16546 (The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does  ...)
 	{DSA-4074-1 DSA-4040-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #881392)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present; PoC from GitHub issue results in memory allocation exception thrown at coders/wpg.c:1109 and valgrind does not report any issues)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e04cf3e9524f50ca336253513d977224e083b816
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/851
-CVE-2017-16545
+CVE-2017-16545 (The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 doe ...)
 	{DSA-4321-1}
 	- graphicsmagick 1.3.26-18
 	[jessie] - graphicsmagick 1.3.20-3+deb8u3
@@ -5795,18 +5795,18 @@ CVE-2017-16545
 	NOTE: The wheezy version gives an assert before the vulnerability can be triggered. Due to this
 	NOTE: the severity of the wheezy version is low even though the vulnerable code is still present.
 	NOTE: The patch is trivial so it may be worth fixing in combination with some other fix.
-CVE-2017-16544
+CVE-2017-16544 (In the add_match function in libbb/lineedit.c in BusyBox through 1.27. ...)
 	{DLA-1445-1}
 	- busybox 1:1.27.2-2 (bug #882258)
 	[stretch] - busybox <no-dsa> (Minor issue, can be fixed via point release)
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	NOTE: https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/
 	NOTE: https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8
-CVE-2017-16543
+CVE-2017-16543 (Zoho ManageEngine Applications Manager 13 before build 13500 allows SQ ...)
 	NOT-FOR-US: Zoho
-CVE-2017-16542
+CVE-2017-16542 (Zoho ManageEngine Applications Manager 13 before build 13500 allows Po ...)
 	NOT-FOR-US: Zoho
-CVE-2017-16541
+CVE-2017-16541 (Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to ...)
 	{DSA-4327-1 DLA-1575-1}
 	- firefox 62.0-1 (unimportant)
 	- firefox-esr 60.2.0esr-1 (unimportant)
@@ -5817,99 +5817,99 @@ CVE-2017-16541
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2017-16541
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2017-16541
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2017-16541
-CVE-2017-16540
+CVE-2017-16540 (OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database co ...)
 	NOT-FOR-US: OpenEMR
-CVE-2017-16539
+CVE-2017-16539 (The DefaultLinuxSpec function in oci/defaults.go in Docker Moby throug ...)
 	- docker.io 1.13.1~ds3-1 (bug #900140)
 	NOTE: https://github.com/moby/moby/pull/35399
 	NOTE: https://github.com/moby/moby/pull/35399/commits/a21ecdf3c8a343a7c94e4c4d01b178c87ca7aaa1
-CVE-2017-16538
+CVE-2017-16538 (drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.1 ...)
 	{DSA-4082-1 DSA-4073-1}
 	- linux 4.14.7-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-16537
+CVE-2017-16537 (The imon_probe function in drivers/media/rc/imon.c in the Linux kernel ...)
 	{DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
-CVE-2017-16536
+CVE-2017-16536 (The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-ca ...)
 	{DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
-CVE-2017-16535
+CVE-2017-16535 (The usb_get_bos_descriptor function in drivers/usb/core/config.c in th ...)
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/1c0edc3633b56000e18d82fc241e3995ca18a69e
-CVE-2017-16534
+CVE-2017-16534 (The cdc_parse_cdc_header function in drivers/usb/core/message.c in the ...)
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/2e1c42391ff2556387b3cb6308b24f6f65619feb
-CVE-2017-16533
+CVE-2017-16533 (The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linu ...)
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f043bfc98c193c284e2cd768fefabe18ac2fed9b
-CVE-2017-16532
+CVE-2017-16532 (The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux  ...)
 	{DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/7c80f9e4a588f1925b07134bb2e3689335f6c6d8
-CVE-2017-16531
+CVE-2017-16531 (drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows loc ...)
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/bd7a3fe770ebd8391d1c7d072ff88e9e76d063eb
-CVE-2017-16530
+CVE-2017-16530 (The uas driver in the Linux kernel before 4.13.6 allows local users to ...)
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/786de92b3cb26012d3d0f00ee37adf14527f35c4
-CVE-2017-16529
+CVE-2017-16529 (The snd_usb_create_streams function in sound/usb/card.c in the Linux k ...)
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/bfc81a8bc18e3c4ba0cbaa7666ff76be2f998991
-CVE-2017-16528
+CVE-2017-16528 (sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local ...)
 	- linux 4.13.4-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57
-CVE-2017-16527
+CVE-2017-16527 (sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users ...)
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/124751d5e63c823092060074bd0abaae61aaa9c4
-CVE-2017-16526
+CVE-2017-16526 (drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local user ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	NOTE: Fixed by: https://git.kernel.org/linus/bbf26183b7a6236ba602f4d6a2f7cade35bba043
-CVE-2017-16525
+CVE-2017-16525 (The usb_serial_console_disconnect function in drivers/usb/serial/conso ...)
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
-CVE-2017-16524
+CVE-2017-16524 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unre ...)
 	NOT-FOR-US: Samsung SRN-1670D devices
-CVE-2017-16523
+CVE-2017-16523 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b ...)
 	NOT-FOR-US: MitraStar
-CVE-2017-16522
+CVE-2017-16522 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b ...)
 	NOT-FOR-US: MitraStar
-CVE-2017-16521
+CVE-2017-16521 (In Inedo BuildMaster before 5.8.2, XslTransform was used where XslComp ...)
 	NOT-FOR-US: Inedo BuildMaster
-CVE-2017-16520
+CVE-2017-16520 (Inedo BuildMaster before 5.8.2 does not properly restrict creation of  ...)
 	NOT-FOR-US: Inedo BuildMaster
 CVE-2017-16519
 	RESERVED
@@ -5917,7 +5917,7 @@ CVE-2017-16518
 	RESERVED
 CVE-2017-16517
 	RESERVED
-CVE-2017-16516
+CVE-2017-16516 (In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is suppl ...)
 	{DLA-1167-1}
 	- ruby-yajl 1.2.0-3.1 (low; bug #880691)
 	[stretch] - ruby-yajl <no-dsa> (Minor issue)
@@ -5926,72 +5926,72 @@ CVE-2017-16516
 	NOTE: https://github.com/brianmario/yajl-ruby/commit/a8ca8f476655adaa187eedc60bdc770fff3c51ce
 CVE-2017-16515
 	RESERVED
-CVE-2017-16514
+CVE-2017-16514 (Multiple persistent stored Cross-Site-Scripting (XSS) vulnerabilities  ...)
 	NOT-FOR-US: WebsiteBaker
-CVE-2017-16513
+CVE-2017-16513 (Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in t ...)
 	NOT-FOR-US: Ipswitch WS_FTP Professional
-CVE-2017-16512
+CVE-2017-16512 (The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 th ...)
 	NOT-FOR-US: vagrant-vmware-fusion
 CVE-2017-16511
 	RESERVED
-CVE-2017-1000171
+CVE-2017-1000171 (Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to th ...)
 	- mahara <removed>
-CVE-2017-1000157
+CVE-2017-1000157 (Mahara 15.04 before 15.04.13 and 16.04 before 16.04.7 and 16.10 before ...)
 	- mahara <removed>
-CVE-2017-1000156
+CVE-2017-1000156 (Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before  ...)
 	- mahara <removed>
-CVE-2017-1000155
+CVE-2017-1000155 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before  ...)
 	- mahara <removed>
-CVE-2017-1000154
+CVE-2017-1000154 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before  ...)
 	- mahara <removed>
-CVE-2017-1000153
+CVE-2017-1000153 (Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before ...)
 	- mahara <removed>
-CVE-2017-1000152
+CVE-2017-1000152 (Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running PHP 5.3 a ...)
 	- mahara <removed>
-CVE-2017-1000151
+CVE-2017-1000151 (Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before  ...)
 	- mahara <removed>
-CVE-2017-1000150
+CVE-2017-1000150 (Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to ...)
 	- mahara <removed>
-CVE-2017-1000149
+CVE-2017-1000149 (Mahara 1.10 before 1.10.9 and 15.04 before 15.04.6 and 15.10 before 15 ...)
 	- mahara <removed>
-CVE-2017-1000148
+CVE-2017-1000148 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before  ...)
 	- mahara <removed>
-CVE-2017-1000147
+CVE-2017-1000147 (Mahara 1.9 before 1.9.8 and 1.10 before 1.10.6 and 15.04 before 15.04. ...)
 	- mahara <removed>
-CVE-2017-1000146
+CVE-2017-1000146 (Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before 15.04. ...)
 	- mahara <removed>
-CVE-2017-1000145
+CVE-2017-1000145 (Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before 15.04. ...)
 	- mahara <removed>
-CVE-2017-1000144
+CVE-2017-1000144 (Mahara 1.9 before 1.9.6 and 1.10 before 1.10.4 and 15.04 before 15.04. ...)
 	- mahara <removed>
-CVE-2017-1000143
+CVE-2017-1000143 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 an ...)
 	- mahara <removed>
-CVE-2017-1000142
+CVE-2017-1000142 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 an ...)
 	- mahara <removed>
-CVE-2017-1000141
+CVE-2017-1000141 (An issue was discovered in Mahara before 18.10.0. It mishandled user r ...)
 	- mahara <removed>
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1422492
-CVE-2017-1000140
+CVE-2017-1000140 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 an ...)
 	- mahara <removed>
-CVE-2017-1000139
+CVE-2017-1000139 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 an ...)
 	- mahara <removed>
-CVE-2017-1000138
+CVE-2017-1000138 (Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to p ...)
 	- mahara <removed>
-CVE-2017-1000137
+CVE-2017-1000137 (Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to p ...)
 	- mahara <removed>
-CVE-2017-1000136
+CVE-2017-1000136 (Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 an ...)
 	- mahara <removed>
-CVE-2017-1000135
+CVE-2017-1000135 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 an ...)
 	- mahara <removed>
-CVE-2017-1000134
+CVE-2017-1000134 (Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 an ...)
 	- mahara <removed>
-CVE-2017-1000133
+CVE-2017-1000133 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before  ...)
 	- mahara <removed>
-CVE-2017-1000132
+CVE-2017-1000132 (Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 an ...)
 	- mahara <removed>
-CVE-2017-1000131
+CVE-2017-1000131 (Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before  ...)
 	- mahara <removed>
-CVE-2017-16510
+CVE-2017-16510 (WordPress before 4.8.3 is affected by an issue where $wpdb-&gt;prepare ...)
 	{DSA-4090-1 DLA-1160-1}
 	- wordpress 4.8.3+dfsg-1 (bug #880528)
 	NOTE: https://wpvulndb.com/vulnerabilities/8941
@@ -6175,129 +6175,129 @@ CVE-2017-16422
 	REJECTED
 CVE-2017-16421
 	REJECTED
-CVE-2017-16420
+CVE-2017-16420 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16419
+CVE-2017-16419 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16418
+CVE-2017-16418 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16417
+CVE-2017-16417 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16416
+CVE-2017-16416 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16415
+CVE-2017-16415 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16414
+CVE-2017-16414 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16413
+CVE-2017-16413 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16412
+CVE-2017-16412 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16411
+CVE-2017-16411 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16410
+CVE-2017-16410 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16409
+CVE-2017-16409 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16408
+CVE-2017-16408 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16407
+CVE-2017-16407 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16406
+CVE-2017-16406 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16405
+CVE-2017-16405 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16404
+CVE-2017-16404 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16403
+CVE-2017-16403 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16402
+CVE-2017-16402 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16401
+CVE-2017-16401 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16400
+CVE-2017-16400 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16399
+CVE-2017-16399 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16398
+CVE-2017-16398 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16397
+CVE-2017-16397 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16396
+CVE-2017-16396 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16395
+CVE-2017-16395 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16394
+CVE-2017-16394 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16393
+CVE-2017-16393 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16392
+CVE-2017-16392 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16391
+CVE-2017-16391 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16390
+CVE-2017-16390 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16389
+CVE-2017-16389 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16388
+CVE-2017-16388 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16387
+CVE-2017-16387 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16386
+CVE-2017-16386 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16385
+CVE-2017-16385 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16384
+CVE-2017-16384 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16383
+CVE-2017-16383 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16382
+CVE-2017-16382 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16381
+CVE-2017-16381 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16380
+CVE-2017-16380 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16379
+CVE-2017-16379 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16378
+CVE-2017-16378 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16377
+CVE-2017-16377 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16376
+CVE-2017-16376 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16375
+CVE-2017-16375 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16374
+CVE-2017-16374 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16373
+CVE-2017-16373 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16372
+CVE-2017-16372 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16371
+CVE-2017-16371 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16370
+CVE-2017-16370 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16369
+CVE-2017-16369 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16368
+CVE-2017-16368 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16367
+CVE-2017-16367 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16366
+CVE-2017-16366 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16365
+CVE-2017-16365 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16364
+CVE-2017-16364 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16363
+CVE-2017-16363 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16362
+CVE-2017-16362 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16361
+CVE-2017-16361 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16360
+CVE-2017-16360 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-16359
+CVE-2017-16359 (In radare 2.0.1, a pointer wraparound vulnerability exists in store_ve ...)
 	- radare2 2.1.0+dfsg-1 (bug #880616)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced later)
@@ -6306,23 +6306,23 @@ CVE-2017-16359
 	NOTE: https://github.com/radare/radare2/commit/d21e91f075a7a7a8ed23baa5c1bb1fac48313882
 	NOTE: https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243d
 	NOTE: https://github.com/radare/radare2/issues/8764
-CVE-2017-16358
+CVE-2017-16358 (In radare 2.0.1, an out-of-bounds read vulnerability exists in string_ ...)
 	- radare2 2.1.0+dfsg-1 (bug #880619)
 	[stretch] - radare2 <not-affected> (Vulnerable code introduced later)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/radare/radare2/commit/d31c4d3cbdbe01ea3ded16a584de94149ecd31d9
 	NOTE: https://github.com/radare/radare2/issues/8748
-CVE-2017-16357
+CVE-2017-16357 (In radare 2.0.1, a memory corruption vulnerability exists in store_ver ...)
 	- radare2 2.1.0+dfsg-1 (bug #880620)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/radare/radare2/commit/0b973e28166636e0ff1fad80baa0385c9c09c53a
 	NOTE: https://github.com/radare/radare2/issues/8742
-CVE-2017-16356
+CVE-2017-16356 (Reflected XSS in Kubik-Rubik SIGE (aka Simple Image Gallery Extended)  ...)
 	NOT-FOR-US: Kubik-Rubik SIGE
-CVE-2017-16355
+CVE-2017-16355 (In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed ...)
 	- passenger <unfixed> (bug #884463)
 	- ruby-passenger <removed>
 	[jessie] - ruby-passenger <no-dsa> (Minor issue)
@@ -6334,56 +6334,56 @@ CVE-2017-16355
 	NOTE: get the status information.
 CVE-2017-16354
 	RESERVED
-CVE-2017-16353
+CVE-2017-16353 (GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1159-1}
 	- graphicsmagick 1.3.26-17
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=e4e1c2a581d8
 	NOTE: https://blogs.securiteam.com/index.php/archives/3494
-CVE-2017-16352
+CVE-2017-16352 (GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vu ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1159-1}
 	- graphicsmagick 1.3.26-17
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=7292230dd185
 	NOTE: https://blogs.securiteam.com/index.php/archives/3494
-CVE-2017-1001001
+CVE-2017-1001001 (PluXml version 5.6 is vulnerable to stored cross-site scripting vulner ...)
 	- pluxml 5.6-1 (bug #881796)
 	[stretch] - pluxml <no-dsa> (Minor issue)
 	[jessie] - pluxml <no-dsa> (Minor issue)
 	NOTE: https://github.com/pluxml/PluXml/issues/253
-CVE-2017-1000244
+CVE-2017-1000244 (Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000243
+CVE-2017-1000243 (Jenkins Favorite Plugin 2.1.4 and older does not perform permission ch ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000242
+CVE-2017-1000242 (Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file wit ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2017-16351
 	RESERVED
 CVE-2017-16350
 	RESERVED
-CVE-2017-16349
+CVE-2017-16349 (An exploitable XML external entity vulnerability exists in the reporti ...)
 	NOT-FOR-US: SAP
-CVE-2017-16348
+CVE-2017-16348 (An exploitable denial of service vulnerability exists in Insteon Hub r ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16347
+CVE-2017-16347 (An attacker could send an authenticated HTTP request to trigger this v ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16346
+CVE-2017-16346 (An attacker could send an authenticated HTTP request to trigger this v ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16345
+CVE-2017-16345 (An attacker could send an authenticated HTTP request to trigger this v ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16344
+CVE-2017-16344 (An attacker could send an authenticated HTTP request to trigger this v ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16343
+CVE-2017-16343 (An attacker could send an authenticated HTTP request to trigger this v ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16342
+CVE-2017-16342 (An attacker could send an authenticated HTTP request to trigger this v ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16341
+CVE-2017-16341 (An attacker could send an authenticated HTTP request to trigger this v ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16340
+CVE-2017-16340 (An attacker could send an authenticated HTTP request to trigger this v ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16339
+CVE-2017-16339 (An attacker could send an authenticated HTTP request to trigger this v ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16338
+CVE-2017-16338 (An attacker could send an authenticated HTTP request to trigger this v ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16337
+CVE-2017-16337 (On Insteon Hub 2245-222 devices with firmware version 1012, specially  ...)
 	NOT-FOR-US: Insteon Hub
 CVE-2017-16336
 	RESERVED
@@ -6553,13 +6553,13 @@ CVE-2017-16254
 	RESERVED
 CVE-2017-16253
 	RESERVED
-CVE-2017-16252
+CVE-2017-16252 (Specially crafted commands sent through the PubNub service in Insteon  ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-16251
+CVE-2017-16251 (A vulnerability in the conferencing component of Mitel ST 14.2, releas ...)
 	NOT-FOR-US: Mitel
-CVE-2017-16250
+CVE-2017-16250 (A vulnerability in Mitel ST 14.2, release GA28 and earlier, could allo ...)
 	NOT-FOR-US: Mitel
-CVE-2017-16249
+CVE-2017-16249 (The Debut embedded http server contains a remotely exploitable denial  ...)
 	NOT-FOR-US: Debut embedded http server
 CVE-2017-16247
 	RESERVED
@@ -6567,42 +6567,42 @@ CVE-2017-16246
 	RESERVED
 CVE-2017-16245
 	RESERVED
-CVE-2017-16244
+CVE-2017-16244 (Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426 ...)
 	NOT-FOR-US: OctoberCMS
 CVE-2017-16243
 	RESERVED
-CVE-2017-16242
+CVE-2017-16242 (An issue was discovered on MECO USB Memory Stick with Fingerprint MECO ...)
 	NOT-FOR-US: MECO
 CVE-2017-1000384
 	REJECTED
-CVE-2017-1000383
+CVE-2017-1000383 (GNU Emacs version 25.3.1 (and other versions most likely) ignores umas ...)
 	NOTE: This CVE assignment is nonsense, GNU emacs reuses the umask of the original
 	NOTE: file when creating a backup file. That's hardly incorrect behaviour
 	NOTE: Upstream report: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=29182
-CVE-2017-1000382
+CVE-2017-1000382 (VIM version 8.0.1187 (and other versions most likely) ignores umask wh ...)
 	- vim <unfixed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/10/31/15
 	NOTE: Cf. http://www.openwall.com/lists/oss-security/2017/11/01/4
 	NOTE: vim creates the .swp file according to the permissions of the file being
 	NOTE: edited, admitely ignoring the umask, so in the reporters case the .swp
 	NOTE: file is readable by others. But that seem to be the intended behaviour.
-CVE-2017-16248
+CVE-2017-16248 (The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows r ...)
 	- libcatalyst-plugin-static-simple-perl 0.34-1 (bug #880458)
 	[stretch] - libcatalyst-plugin-static-simple-perl <no-dsa> (Minor issue)
 	[jessie] - libcatalyst-plugin-static-simple-perl <no-dsa> (Minor issue)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=120558
-CVE-2017-16241
+CVE-2017-16241 (Incorrect access control in AMAG Symmetry Door Edge Network Controller ...)
 	NOT-FOR-US: AMAG Symmetry Door Edge Network Controllers
 CVE-2017-16240
 	RESERVED
-CVE-2017-17051
+CVE-2017-17051 (An issue was discovered in the default FilterScheduler in OpenStack No ...)
 	- nova 2:16.0.3-6 (bug #883621)
 	[stretch] - nova <not-affected> (Fix for CVE-2017-16239 not applied and not affecting 14.x.y)
 	[jessie] - nova <not-affected> (Vulnerable code not present)
 	[wheezy] - nova <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/12/05/5
 	NOTE: https://launchpad.net/bugs/1732976
-CVE-2017-16239
+CVE-2017-16239 (In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x throug ...)
 	{DSA-4056-1}
 	- nova 2:16.0.3-1 (bug #882009)
 	[jessie] - nova <not-affected> (Vulnerble code introduced later)
@@ -6612,7 +6612,7 @@ CVE-2017-16239
 	NOTE: Regression fix: http://www.openwall.com/lists/oss-security/2017/12/05/4
 CVE-2017-16238
 	RESERVED
-CVE-2017-16237
+CVE-2017-16237 (In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file (VIAGLT64 ...)
 	NOT-FOR-US: Vir.IT eXplorer Anti-Virus
 CVE-2017-16236
 	RESERVED
@@ -6622,25 +6622,25 @@ CVE-2017-16234
 	RESERVED
 CVE-2017-16233
 	RESERVED
-CVE-2017-16232 [memory-based DoS in tiff2bw]
+CVE-2017-16232 (** DISPUTED ** LibTIFF 4.0.8 has multiple memory leak vulnerabilities, ...)
 	- tiff <unfixed> (unimportant)
 	NOTE: http://seclists.org/oss-sec/2017/q4/168
 	NOTE: Related commit: https://gitlab.com/libtiff/libtiff/commit/25f9ffa56548c1846c4a1f19308b7f561f7b1ab0
 	NOTE: This is actually only a partial fix, but upstream will not fix it completely.
 	NOTE: The related commit is included in 4.0.9. The underlying memory-based DOS
 	NOTE: would still be present.
-CVE-2017-16231 [match() stack overflow]
+CVE-2017-16231 (** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC ...)
 	- pcre3 <unfixed> (unimportant)
-CVE-2017-16230
+CVE-2017-16230 (In admin/write-post.php in Typecho through 1.1, one can log in to the  ...)
 	NOT-FOR-US: Typecho
-CVE-2017-16229
+CVE-2017-16229 (In the Ox gem 2.8.1 for Ruby, the process crashes with a stack-based b ...)
 	- ruby-ox 2.8.2-1
 	[stretch] - ruby-ox <no-dsa> (Minor issue)
 	[jessie] - ruby-ox <no-dsa> (Minor issue)
 	NOTE: https://github.com/ohler55/ox/issues/195
 	NOTE: https://github.com/ohler55/ox/pull/196
 	NOTE: https://github.com/ohler55/ox/commit/0708ae44faf2ffc3d9330daf6ae023859a8b168b
-CVE-2017-16228
+CVE-2017-16228 (Dulwich before 0.18.5, when an SSH subprocess is used, allows remote a ...)
 	- dulwich 0.18.5-1
 	[stretch] - dulwich <no-dsa> (Minor issue)
 	[jessie] - dulwich <no-dsa> (Minor issue)
@@ -6648,413 +6648,413 @@ CVE-2017-16228
 	NOTE: https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/
 	NOTE: This is similar class of issue as for CVE-2017-1000117/git
 	NOTE: But needs a separate CVE since different codebasis.
-CVE-2017-16227
+CVE-2017-16227 (The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 al ...)
 	{DSA-4011-1 DLA-1152-1}
 	- quagga 1.2.2-1 (bug #879474)
 	NOTE: https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html
 	NOTE: http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008
-CVE-2017-16226
+CVE-2017-16226 (The static-eval module is intended to evaluate statically-analyzable e ...)
 	NOT-FOR-US: static-eval module
-CVE-2017-16225
+CVE-2017-16225 (aegir is a module to help automate JavaScript project management. Vers ...)
 	NOT-FOR-US: aegir
-CVE-2017-16224
+CVE-2017-16224 (st is a module for serving static files. An attacker is able to craft  ...)
 	NOT-FOR-US: st
-CVE-2017-16223
+CVE-2017-16223 (nodeaaaaa is a static file server. nodeaaaaa is vulnerable to a direct ...)
 	NOT-FOR-US: nodeaaaaa
-CVE-2017-16222
+CVE-2017-16222 (elding is a simple web server. elding is vulnerable to a directory tra ...)
 	NOT-FOR-US: elding
-CVE-2017-16221
+CVE-2017-16221 (yzt is a simple file server. yzt is vulnerable to a directory traversa ...)
 	NOT-FOR-US: yzt
-CVE-2017-16220
+CVE-2017-16220 (wind-mvc is an mvc framework. wind-mvc is vulnerable to a directory tr ...)
 	NOT-FOR-US: wind-mvc
-CVE-2017-16219
+CVE-2017-16219 (yttivy is a static file server. yttivy is vulnerable to a directory tr ...)
 	NOT-FOR-US: yttivy
-CVE-2017-16218
+CVE-2017-16218 (dgard8.lab6 is a static file server. dgard8.lab6 is vulnerable to a di ...)
 	NOT-FOR-US: dgard8.lab6
-CVE-2017-16217
+CVE-2017-16217 (fbr-client sends files through sockets via socket.io and webRTC. fbr-c ...)
 	NOT-FOR-US: fbr-client
-CVE-2017-16216
+CVE-2017-16216 (tencent-server is a simple web server. tencent-server is vulnerable to ...)
 	NOT-FOR-US: tencent-server
-CVE-2017-16215
+CVE-2017-16215 (sgqserve is a simple file server. sgqserve is vulnerable to a director ...)
 	NOT-FOR-US: sgqserve
-CVE-2017-16214
+CVE-2017-16214 (peiserver is a static file server. peiserver is vulnerable to a direct ...)
 	NOT-FOR-US: peiserver
-CVE-2017-16213
+CVE-2017-16213 (mfrserver is a simple file server. mfrserver is vulnerable to a direct ...)
 	NOT-FOR-US: mfrserver
-CVE-2017-16212
+CVE-2017-16212 (ltt is a static file server. ltt is vulnerable to a directory traversa ...)
 	NOT-FOR-US: ltt
-CVE-2017-16211
+CVE-2017-16211 (lessindex is a static file server. lessindex is vulnerable to a direct ...)
 	NOT-FOR-US: lessindex
-CVE-2017-16210
+CVE-2017-16210 (jn_jj_server is a static file server. jn_jj_server is vulnerable to a  ...)
 	NOT-FOR-US: jn_jj_server
-CVE-2017-16209
+CVE-2017-16209 (enserver is a simple web server. enserver is vulnerable to a directory ...)
 	NOT-FOR-US: enserver
-CVE-2017-16208
+CVE-2017-16208 (dmmcquay.lab6 is a REST server. dmmcquay.lab6 is vulnerable to a direc ...)
 	NOT-FOR-US: dmmcquay.lab6
-CVE-2017-16207
+CVE-2017-16207 (discordi.js is a malicious module based on the discord.js library that ...)
 	NOT-FOR-US: discordi.js
-CVE-2017-16206
+CVE-2017-16206 (The cofee-script module exfiltrates sensitive data such as a user's pr ...)
 	NOT-FOR-US: cofee-script
-CVE-2017-16205
+CVE-2017-16205 (The coffescript module exfiltrates sensitive data such as a user's pri ...)
 	NOT-FOR-US:  coffescript
-CVE-2017-16204
+CVE-2017-16204 (The jquey module exfiltrates sensitive data such as a user's private S ...)
 	NOT-FOR-US: jquey
-CVE-2017-16203
+CVE-2017-16203 (The coffe-script module exfiltrates sensitive data such as a user's pr ...)
 	NOT-FOR-US: coffe-script
-CVE-2017-16202
+CVE-2017-16202 (The cofeescript module exfiltrates sensitive data such as a user's pri ...)
 	NOT-FOR-US: cofeescript
-CVE-2017-16201
+CVE-2017-16201 (zjjserver is a static file server. zjjserver is vulnerable to a direct ...)
 	NOT-FOR-US: zjjserver
-CVE-2017-16200
+CVE-2017-16200 (uv-tj-demo is a static file server. uv-tj-demo is vulnerable to a dire ...)
 	NOT-FOR-US: uv-tj-demo
-CVE-2017-16199
+CVE-2017-16199 (susu-sum is a static file server. susu-sum is vulnerable to a director ...)
 	NOT-FOR-US: sus-sum
-CVE-2017-16198
+CVE-2017-16198 (ritp is a static web server. ritp is vulnerable to a directory travers ...)
 	NOT-FOR-US: ritp
-CVE-2017-16197
+CVE-2017-16197 (qinserve is a static file server. qinserve is vulnerable to a director ...)
 	NOT-FOR-US: sinserve
-CVE-2017-16196
+CVE-2017-16196 (quickserver is a simple static file server. quickserver is vulnerable  ...)
 	NOT-FOR-US: quickserver
-CVE-2017-16195
+CVE-2017-16195 (pytservce is a static file server. pytservce is vulnerable to a direct ...)
 	NOT-FOR-US: pytservce
-CVE-2017-16194
+CVE-2017-16194 (picard is a micro framework. picard is vulnerable to a directory trave ...)
 	NOT-FOR-US: picard
-CVE-2017-16193
+CVE-2017-16193 (mfrs is a static file server. mfrs is vulnerable to a directory traver ...)
 	NOT-FOR-US: mfrs
-CVE-2017-16192
+CVE-2017-16192 (getcityapi.yoehoehne is a web server. getcityapi.yoehoehne is vulnerab ...)
 	NOT-FOR-US: getcityapi.yoehoehne
-CVE-2017-16191
+CVE-2017-16191 (cypserver is a static file server. cypserver is vulnerable to a direct ...)
 	NOT-FOR-US: cypserver
-CVE-2017-16190
+CVE-2017-16190 (dcdcdcdcdc is a static file server. dcdcdcdcdc is vulnerable to a dire ...)
 	NOT-FOR-US: dcdcdcdcdc
-CVE-2017-16189
+CVE-2017-16189 (sly07 is an API for censoring text. sly07 is vulnerable to a directory ...)
 	NOT-FOR-US: sly07
-CVE-2017-16188
+CVE-2017-16188 (reecerver is a web server. reecerver is vulnerable to a directory trav ...)
 	NOT-FOR-US: reecerver
-CVE-2017-16187
+CVE-2017-16187 (open-device creates a web interface for any device. open-device is vul ...)
 	NOT-FOR-US: open-device
-CVE-2017-16186
+CVE-2017-16186 (360class.jansenhm is a static file server. 360class.jansenhm is vulner ...)
 	NOT-FOR-US: 360class.jansenhm
-CVE-2017-16185
+CVE-2017-16185 (uekw1511server is a static file server. uekw1511server is vulnerable t ...)
 	NOT-FOR-US: uekw1511server
-CVE-2017-16184
+CVE-2017-16184 (scott-blanch-weather-app is a sample Node.js app using Express 4. scot ...)
 	NOT-FOR-US: scott-blanch-weather-app
-CVE-2017-16183
+CVE-2017-16183 (iter-server is a static file server. iter-server is vulnerable to a di ...)
 	NOT-FOR-US: iter-server
-CVE-2017-16182
+CVE-2017-16182 (serverxxx is a static file server. serverxxx is vulnerable to a direct ...)
 	NOT-FOR-US: serverxxx
-CVE-2017-16181
+CVE-2017-16181 (wintiwebdev is a static file server. wintiwebdev is vulnerable to a di ...)
 	NOT-FOR-US: wintiwebdev
-CVE-2017-16180
+CVE-2017-16180 (serverabc is a static file server. serverabc is vulnerable to a direct ...)
 	NOT-FOR-US: serverabc
-CVE-2017-16179
+CVE-2017-16179 (dasafio is a web server. dasafio is vulnerable to a directory traversa ...)
 	NOT-FOR-US: dasafio
-CVE-2017-16178
+CVE-2017-16178 (intsol-package is a file server. intsol-package is vulnerable to a dir ...)
 	NOT-FOR-US: intsol-package
-CVE-2017-16177
+CVE-2017-16177 (chatbyvista is a file server. chatbyvista is vulnerable to a directory ...)
 	NOT-FOR-US: chatbyvista
-CVE-2017-16176
+CVE-2017-16176 (jansenstuffpleasework is a file server. jansenstuffpleasework is vulne ...)
 	NOT-FOR-US: jansenstuffpleasework
-CVE-2017-16175
+CVE-2017-16175 (ewgaddis.lab6 is a file server. ewgaddis.lab6 is vulnerable to a direc ...)
 	NOT-FOR-US: ewgaddis.lab6
-CVE-2017-16174
+CVE-2017-16174 (whispercast is a file server. whispercast is vulnerable to a directory ...)
 	NOT-FOR-US: whispercast
-CVE-2017-16173
+CVE-2017-16173 (utahcityfinder constructs lists of Utah cities with a certain prefix.  ...)
 	NOT-FOR-US: utahcityfinder
-CVE-2017-16172
+CVE-2017-16172 (section2.madisonjbrooks12 is a simple web server. section2.madisonjbro ...)
 	NOT-FOR-US: section2.madisonjbrooks12
-CVE-2017-16171
+CVE-2017-16171 (hcbserver is a static file server. hcbserver is vulnerable to a direct ...)
 	NOT-FOR-US: hcbserver
-CVE-2017-16170
+CVE-2017-16170 (liuyaserver is a static file server. liuyaserver is vulnerable to a di ...)
 	NOT-FOR-US: liuyaserver
-CVE-2017-16169
+CVE-2017-16169 (looppake is a simple http server. looppake is vulnerable to a director ...)
 	NOT-FOR-US: looppake
-CVE-2017-16168
+CVE-2017-16168 (wffserve is vulnerable to a directory traversal issue, giving an attac ...)
 	NOT-FOR-US: wffserve
-CVE-2017-16167
+CVE-2017-16167 (yyooopack is a simple file server. yyooopack is vulnerable to a direct ...)
 	NOT-FOR-US: yyooopack
-CVE-2017-16166
+CVE-2017-16166 (byucslabsix is an http server. byucslabsix is vulnerable to a director ...)
 	NOT-FOR-US: byucslabsix
-CVE-2017-16165
+CVE-2017-16165 (calmquist.static-server is a static file server. calmquist.static-serv ...)
 	NOT-FOR-US: calmquist.static-server
-CVE-2017-16164
+CVE-2017-16164 (desafio is a simple web server. desafio is vulnerable to a directory t ...)
 	NOT-FOR-US: desafio
-CVE-2017-16163
+CVE-2017-16163 (dylmomo is a simple file server. dylmomo is vulnerable to a directory  ...)
 	NOT-FOR-US: dylmomo
-CVE-2017-16162
+CVE-2017-16162 (22lixian is a simple file server. 22lixian is vulnerable to a director ...)
 	NOT-FOR-US: 22lixian
-CVE-2017-16161
+CVE-2017-16161 (shenliru is a simple file server. shenliru is vulnerable to a director ...)
 	NOT-FOR-US: shenliru
-CVE-2017-16160
+CVE-2017-16160 (11xiaoli is a simple file server. 11xiaoli is vulnerable to a director ...)
 	NOT-FOR-US: 11xiaoli
-CVE-2017-16159
+CVE-2017-16159 (caolilinode is a simple file server. caolilinode is vulnerable to a di ...)
 	NOT-FOR-US: caolilinode
-CVE-2017-16158
+CVE-2017-16158 (dcserver is a static file server. dcserver is vulnerable to a director ...)
 	NOT-FOR-US: dcserver
-CVE-2017-16157
+CVE-2017-16157 (censorify.tanisjr is a simple web server and API RESTful service. cens ...)
 	NOT-FOR-US: censorify.tanisjr
-CVE-2017-16156
+CVE-2017-16156 (myprolyz is a static file server. myprolyz is vulnerable to a director ...)
 	NOT-FOR-US: myprolyz
-CVE-2017-16155
+CVE-2017-16155 (fast-http-cli is the command line interface for fast-http, a simple we ...)
 	NOT-FOR-US: fast-http-cli
-CVE-2017-16154
+CVE-2017-16154 (earlybird is a web server module for early development. earlybird is v ...)
 	NOT-FOR-US: earlybird
-CVE-2017-16153
+CVE-2017-16153 (gaoxuyan is vulnerable to a directory traversal issue, giving an attac ...)
 	NOT-FOR-US: gaoxuyan
-CVE-2017-16152
+CVE-2017-16152 (static-html-server is a static file server. static-html-server is vuln ...)
 	NOT-FOR-US: static-html-server
-CVE-2017-16151
+CVE-2017-16151 (Based on details posted by the ElectronJS team; A remote code executio ...)
 	NOT-FOR-US: Electron
-CVE-2017-16150
+CVE-2017-16150 (wanggoujing123 is a simple webserver. wanggoujing123 is vulnerable to  ...)
 	NOT-FOR-US: wanggoujing123
-CVE-2017-16149
+CVE-2017-16149 (zwserver is a weather web server. zwserver is vulnerable to a director ...)
 	NOT-FOR-US: zwserver
-CVE-2017-16148
+CVE-2017-16148 (serve46 is a static file server. serve46 is vulnerable to a directory  ...)
 	NOT-FOR-US: serve46
-CVE-2017-16147
+CVE-2017-16147 (shit-server is a file server. shit-server is vulnerable to a directory ...)
 	NOT-FOR-US: shit-server
-CVE-2017-16146
+CVE-2017-16146 (mockserve is a file server. mockserve is vulnerable to a directory tra ...)
 	NOT-FOR-US: mockserve
-CVE-2017-16145
+CVE-2017-16145 (sspa is a server dedicated to single-page apps. sspa is vulnerable to  ...)
 	NOT-FOR-US: sspa
-CVE-2017-16144
+CVE-2017-16144 (myserver.alexcthomas18 is a file server. myserver.alexcthomas18 is vul ...)
 	NOT-FOR-US: myserver.alexcthomas18
-CVE-2017-16143
+CVE-2017-16143 (commentapp.stetsonwood is an http server. commentapp.stetsonwood is vu ...)
 	NOT-FOR-US: commentapp.stetsonwood
-CVE-2017-16142
+CVE-2017-16142 (infraserver is a RESTful server. infraserver is vulnerable to a direct ...)
 	NOT-FOR-US: infraserver
-CVE-2017-16141
+CVE-2017-16141 (lab6drewfusbyu is an http server. lab6drewfusbyu is vulnerable to a di ...)
 	NOT-FOR-US: lab6drewfusbyu
-CVE-2017-16140
+CVE-2017-16140 (lab6.brit95 is a file server. lab6.brit95 is vulnerable to a directory ...)
 	NOT-FOR-US: lab6.brit95
-CVE-2017-16139
+CVE-2017-16139 (jikes is a file server. jikes is vulnerable to a directory traversal i ...)
 	NOT-FOR-US: jikes
-CVE-2017-16138
+CVE-2017-16138 (The mime module &lt; 1.4.1, 2.0.1, 2.0.2 is vulnerable to regular expr ...)
 	- node-mime 2.3.1-1 (unimportant; bug #901277)
 	NOTE: https://github.com/broofa/node-mime/issues/167
 	NOTE: https://nodesecurity.io/advisories/535
 	NOTE: https://github.com/broofa/node-mime/commit/855d0c4b8b22e4a80b9401a81f2872058eae274d (1.x)
 	NOTE: https://github.com/broofa/node-mime/commit/1df903fdeb9ae7eaa048795b8d580ce2c98f40b0 (2.x)
 	NOTE: nodejs not covered by security support
-CVE-2017-16137
+CVE-2017-16137 (The debug module is vulnerable to regular expression denial of service ...)
 	- node-debug 3.1.0-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/534
 	NOTE: nodejs not covered by security support
-CVE-2017-16136
+CVE-2017-16136 (method-override is a module used by the Express.js framework to let yo ...)
 	NOT-FOR-US: method-override nodejs module
-CVE-2017-16135
+CVE-2017-16135 (serverzyy is a static file server. serverzyy is vulnerable to a direct ...)
 	NOT-FOR-US: serverzyy
-CVE-2017-16134
+CVE-2017-16134 (http_static_simple is an http server. http_static_simple is vulnerable ...)
 	NOT-FOR-US: http_static_simple
-CVE-2017-16133
+CVE-2017-16133 (goserv is an http server. goserv is vulnerable to a directory traversa ...)
 	NOT-FOR-US: goserv
-CVE-2017-16132
+CVE-2017-16132 (simple-npm-registry is a local npm package cache. simple-npm-registry  ...)
 	NOT-FOR-US: simple-npm-registry
-CVE-2017-16131
+CVE-2017-16131 (unicorn-list is a web framework. unicorn-list is vulnerable to a direc ...)
 	NOT-FOR-US: unicorn-list
-CVE-2017-16130
+CVE-2017-16130 (exxxxxxxxxxx is an Http eX Frame Google Style JavaScript Guide. exxxxx ...)
 	NOT-FOR-US: exxxxxxxxxxx
-CVE-2017-16129
+CVE-2017-16129 (The HTTP client module superagent is vulnerable to ZIP bomb attacks. I ...)
 	- node-superagent <unfixed> (unimportant)
 	NOTE: https://github.com/visionmedia/superagent/issues/1259
 	NOTE: https://nodesecurity.io/advisories/479
 	NOTE: nodejs not covered by security support
-CVE-2017-16128
+CVE-2017-16128 (The module npm-script-demo opened a connection to a command and contro ...)
 	NOT-FOR-US: npm-script-demo
-CVE-2017-16127
+CVE-2017-16127 (The module pandora-doomsday infects other modules. It's since been unp ...)
 	NOT-FOR-US: pandora-doomsday
-CVE-2017-16126
+CVE-2017-16126 (The module botbait is a tool to be used to track bot and automated too ...)
 	NOT-FOR-US: botbait
-CVE-2017-16125
+CVE-2017-16125 (rtcmulticonnection-client is a signaling implementation for RTCMultiCo ...)
 	NOT-FOR-US: rtcmulticonnection-client
-CVE-2017-16124
+CVE-2017-16124 (node-server-forfront is a simple static file server. node-server-forfr ...)
 	NOT-FOR-US: node-server-forfront
-CVE-2017-16123
+CVE-2017-16123 (welcomyzt is a simple file server. welcomyzt is vulnerable to a direct ...)
 	NOT-FOR-US: welcomyzt
-CVE-2017-16122
+CVE-2017-16122 (cuciuci is a simple fileserver. cuciuci is vulnerable to a directory t ...)
 	NOT-FOR-US: cuciuci
-CVE-2017-16121
+CVE-2017-16121 (datachannel-client is a signaling implementation for DataChannel.js. d ...)
 	NOT-FOR-US: datachannel-client
-CVE-2017-16120
+CVE-2017-16120 (liyujing is a static file server. liyujing is vulnerable to a director ...)
 	NOT-FOR-US: liyujing
-CVE-2017-16119
+CVE-2017-16119 (Fresh is a module used by the Express.js framework for HTTP response f ...)
 	- node-fresh <unfixed> (unimportant)
 	NOTE: https://nodesecurity.io/advisories/526
 	NOTE: nodejs not covered by security support
-CVE-2017-16118
+CVE-2017-16118 (The forwarded module is used by the Express.js framework to handle the ...)
 	NOT-FOR-US: forwarded nodejs module
-CVE-2017-16117
+CVE-2017-16117 (slug is a module to slugify strings, even if they contain unicode. slu ...)
 	NOT-FOR-US: slug node module
-CVE-2017-16116
+CVE-2017-16116 (The string module is a module that provides extra string operations. T ...)
 	NOT-FOR-US: string node module
-CVE-2017-16115
+CVE-2017-16115 (The timespan module is vulnerable to regular expression denial of serv ...)
 	NOT-FOR-US: timespane node module
-CVE-2017-16114
+CVE-2017-16114 (The marked module is vulnerable to a regular expression denial of serv ...)
 	- node-marked 0.3.9+dfsg-1 (unimportant)
 	NOTE: https://nodesecurity.io/advisories/531
-CVE-2017-16113
+CVE-2017-16113 (The parsejson module is vulnerable to regular expression denial of ser ...)
 	NOT-FOR-US: parsejson node module
 CVE-2017-16112
 	RESERVED
-CVE-2017-16111
+CVE-2017-16111 (The content module is a module to parse HTTP Content-* headers. It is  ...)
 	NOT-FOR-US: node content
-CVE-2017-16110
+CVE-2017-16110 (weather.swlyons is a simple web server for weather updates. weather.sw ...)
 	NOT-FOR-US: weather.swlyons
-CVE-2017-16109
+CVE-2017-16109 (easyquick is a simple web server. easyquick is vulnerable to a directo ...)
 	NOT-FOR-US: easyquick
-CVE-2017-16108
+CVE-2017-16108 (gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is vulnerab ...)
 	NOT-FOR-US: gaoxiaotingtingting
-CVE-2017-16107
+CVE-2017-16107 (pooledwebsocket is vulnerable to a directory traversal issue, giving a ...)
 	NOT-FOR-US: pooledwebsocket
-CVE-2017-16106
+CVE-2017-16106 (tmock is a static file server. tmock is vulnerable to a directory trav ...)
 	NOT-FOR-US: tmock
-CVE-2017-16105
+CVE-2017-16105 (serverwzl is a simple http server. serverwzl is vulnerable to a direct ...)
 	NOT-FOR-US: serverwzl
-CVE-2017-16104
+CVE-2017-16104 (citypredict.whauwiller is vulnerable to a directory traversal issue, g ...)
 	NOT-FOR-US: citypredict.whauwiller
-CVE-2017-16103
+CVE-2017-16103 (serveryztyzt is a simple http server. serveryztyzt is vulnerable to a  ...)
 	NOT-FOR-US: serveryztyzt
-CVE-2017-16102
+CVE-2017-16102 (serverhuwenhui is a simple http server. serverhuwenhui is vulnerable t ...)
 	NOT-FOR-US: serverhuwenhui
-CVE-2017-16101
+CVE-2017-16101 (serverwg is a simple http server. serverwg is vulnerable to a director ...)
 	NOT-FOR-US: serverwg
-CVE-2017-16100
+CVE-2017-16100 (dns-sync is a sync/blocking dns resolver. If untrusted user input is a ...)
 	NOT-FOR-US: dns-sync
-CVE-2017-16099
+CVE-2017-16099 (The no-case module is vulnerable to regular expression denial of servi ...)
 	NOT-FOR-US: no-case
-CVE-2017-16098
+CVE-2017-16098 (charset 1.0.0 and below are vulnerable to regular expression denial of ...)
 	NOT-FOR-US: charset
-CVE-2017-16097
+CVE-2017-16097 (tiny-http is a simple http server. tiny-http is vulnerable to a direct ...)
 	NOT-FOR-US: tiny-http
-CVE-2017-16096
+CVE-2017-16096 (serveryaozeyan is a simple HTTP server. serveryaozeyan is vulnerable t ...)
 	NOT-FOR-US: serveryaozeyan
-CVE-2017-16095
+CVE-2017-16095 (serverliujiayi1 is a simple http server. serverliujiayi1 is vulnerable ...)
 	NOT-FOR-US: serverliujiayi1
-CVE-2017-16094
+CVE-2017-16094 (iter-http is a server for static files. iter-http is vulnerable to a d ...)
 	NOT-FOR-US: iter-http
-CVE-2017-16093
+CVE-2017-16093 (cyber-js is a simple http server. A cyberjs server is vulnerable to a  ...)
 	NOT-FOR-US: cyber-js
-CVE-2017-16092
+CVE-2017-16092 (Sencisho is a simple http server for local development. Sencisho is vu ...)
 	NOT-FOR-US: Sencisho
-CVE-2017-16091
+CVE-2017-16091 (xtalk helps your browser talk to nodex, a simple web framework. xtalk  ...)
 	NOT-FOR-US: xtalk (not the chat client)
-CVE-2017-16090
+CVE-2017-16090 (fsk-server is a simple http server. fsk-server is vulnerable to a dire ...)
 	NOT-FOR-US: fsk-server
-CVE-2017-16089
+CVE-2017-16089 (serverlyr is a simple http server. serverlyr is vulnerable to a direct ...)
 	NOT-FOR-US: serverlyr
-CVE-2017-16088
+CVE-2017-16088 (The safe-eval module describes itself as a safer version of eval. By a ...)
 	NOT-FOR-US: safe-eval
 CVE-2017-16087
 	RESERVED
-CVE-2017-16086
+CVE-2017-16086 (ua-parser is a port of Browserscope's user agent parser. ua-parser is  ...)
 	NOT-FOR-US: ua-parser
-CVE-2017-16085
+CVE-2017-16085 (tinyserver2 is a webserver for static files. tinyserver2 is vulnerable ...)
 	NOT-FOR-US: tinyserver2
-CVE-2017-16084
+CVE-2017-16084 (list-n-stream is a server for static files to list and stream local vi ...)
 	NOT-FOR-US: list-n-stream
-CVE-2017-16083
+CVE-2017-16083 (node-simple-router is a minimalistic router for Node. node-simple-rout ...)
 	NOT-FOR-US: node-simple-router
-CVE-2017-16082
+CVE-2017-16082 (A remote code execution vulnerability was found within the pg module w ...)
 	- node-postgres <unfixed> (unimportant)
 	NOTE: https://nodesecurity.io/advisories/521
 	NOTE: nodejs not covered by security support
-CVE-2017-16081
+CVE-2017-16081 (cross-env.js was a malicious module published with the intent to hijac ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16080
+CVE-2017-16080 (nodesass was a malicious module published with the intent to hijack en ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16079
+CVE-2017-16079 (smb was a malicious module published with the intent to hijack environ ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16078
+CVE-2017-16078 (shadowsock was a malicious module published with the intent to hijack  ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16077
+CVE-2017-16077 (mongose was a malicious module published with the intent to hijack env ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16076
+CVE-2017-16076 (proxy.js was a malicious module published with the intent to hijack en ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16075
+CVE-2017-16075 (http-proxy.js was a malicious module published with the intent to hija ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16074
+CVE-2017-16074 (crossenv was a malicious module published with the intent to hijack en ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16073
+CVE-2017-16073 (noderequest was a malicious module published with the intent to hijack ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16072
+CVE-2017-16072 (nodemailer.js was a malicious module published with the intent to hija ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16071
+CVE-2017-16071 (nodemailer-js was a malicious module published with the intent to hija ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16070
+CVE-2017-16070 (nodecaffe was a malicious module published with the intent to hijack e ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16069
+CVE-2017-16069 (nodeffmpeg was a malicious module published with the intent to hijack  ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16068
+CVE-2017-16068 (ffmepg was a malicious module published with the intent to hijack envi ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16067
+CVE-2017-16067 (node-opencv was a malicious module published with the intent to hijack ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16066
+CVE-2017-16066 (opencv.js was a malicious module published with the intent to hijack e ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16065
+CVE-2017-16065 (openssl.js was a malicious module published with the intent to hijack  ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16064
+CVE-2017-16064 (node-openssl was a malicious module published with the intent to hijac ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16063
+CVE-2017-16063 (node-opensl was a malicious module published with the intent to hijack ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16062
+CVE-2017-16062 (node-tkinter was a malicious module published with the intent to hijac ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16061
+CVE-2017-16061 (tkinter was a malicious module published with the intent to hijack env ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16060
+CVE-2017-16060 (babelcli was a malicious module published with the intent to hijack en ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16059
+CVE-2017-16059 (mssql-node was a malicious module published with the intent to hijack  ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16058
+CVE-2017-16058 (gruntcli was a malicious module published with the intent to hijack en ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16057
+CVE-2017-16057 (nodemssql was a malicious module published with the intent to hijack e ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16056
+CVE-2017-16056 (mssql.js was a malicious module published with the intent to hijack en ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16055
+CVE-2017-16055 (`sqlserver` was a malicious module published with the intent to hijack ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16054
+CVE-2017-16054 (`nodefabric` was a malicious module published with the intent to hijac ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16053
+CVE-2017-16053 (`fabric-js` was a malicious module published with the intent to hijack ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16052
+CVE-2017-16052 (`node-fabric` was a malicious module published with the intent to hija ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16051
+CVE-2017-16051 (`sqliter` was a malicious module published with the intent to hijack e ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16050
+CVE-2017-16050 (`sqlite.js` was a malicious module published with the intent to hijack ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16049
+CVE-2017-16049 (`nodesqlite` was a malicious module published with the intent to hijac ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16048
+CVE-2017-16048 (`node-sqlite` was a malicious module published with the intent to hija ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16047
+CVE-2017-16047 (mysqljs was a malicious module published with the intent to hijack env ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16046
+CVE-2017-16046 (`mariadb` was a malicious module published with the intent to hijack e ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16045
+CVE-2017-16045 (`jquery.js` was a malicious module published with the intent to hijack ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16044
+CVE-2017-16044 (`d3.js` was a malicious module published with the intent to hijack env ...)
 	NOT-FOR-US: malicious node module
-CVE-2017-16043
+CVE-2017-16043 (Shout is an IRC client. Because the `/topic` command in messages is un ...)
 	NOT-FOR-US: Shout
-CVE-2017-16042
+CVE-2017-16042 (Growl adds growl notification support to nodejs. Growl before 1.10.2 d ...)
 	- node-growl 1.10.5-1 (unimportant; bug #900868)
 	NOTE: Issue: https://github.com/tj/node-growl/issues/60
 	NOTE: https://github.com/tj/node-growl/pull/61
 	NOTE: https://nodesecurity.io/advisories/146
 	NOTE: nodejs not covered by security support
-CVE-2017-16041
+CVE-2017-16041 (ikst versions before 1.1.2 download resources over HTTP, which leaves  ...)
 	NOT-FOR-US: ikst
-CVE-2017-16040
+CVE-2017-16040 (gfe-sass is a library for promises (CommonJS/Promises/A,B,D) gfe-sass  ...)
 	NOT-FOR-US: gfe-sass
-CVE-2017-16039
+CVE-2017-16039 (`hftp` is a static http or ftp server `hftp` is vulnerable to a direct ...)
 	NOT-FOR-US: hftp
-CVE-2017-16038
+CVE-2017-16038 (`f2e-server` 1.12.11 and earlier is vulnerable to a directory traversa ...)
 	NOT-FOR-US: f2e-server
-CVE-2017-16037
+CVE-2017-16037 (`gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allo ...)
 	NOT-FOR-US: gomeplus-h5-proxy
-CVE-2017-16036
+CVE-2017-16036 (`badjs-sourcemap-server` receives files sent by `badjs-sourcemap`. `ba ...)
 	NOT-FOR-US: badjs-sourcemap-server
-CVE-2017-16035
+CVE-2017-16035 (The hubl-server module is a wrapper for the HubL Development Server. D ...)
 	NOT-FOR-US: hubl-server
 CVE-2017-16034
 	RESERVED
@@ -7062,92 +7062,92 @@ CVE-2017-16033
 	RESERVED
 CVE-2017-16032
 	RESERVED
-CVE-2017-16031
+CVE-2017-16031 (Socket.io is a realtime application framework that provides communicat ...)
 	NOT-FOR-US: Socket.io
-CVE-2017-16030
+CVE-2017-16030 (Useragent is used to parse useragent headers. It uses several regular  ...)
 	NOT-FOR-US: useragent nodejs module
-CVE-2017-16029
+CVE-2017-16029 (hostr is a simple web server that serves up the contents of the curren ...)
 	NOT-FOR-US: hostr
-CVE-2017-16028
+CVE-2017-16028 (react-native-meteor-oauth is a library for Oauth2 login to a Meteor se ...)
 	NOT-FOR-US: react-native-meteor-oauth
 CVE-2017-16027
 	RESERVED
-CVE-2017-16026
+CVE-2017-16026 (Request is an http client. If a request is made using ```multipart```, ...)
 	- node-request <unfixed> (unimportant; bug #901708)
 	NOTE: https://github.com/request/request/issues/1904
 	NOTE: https://nodesecurity.io/advisories/309
 	NOTE: https://github.com/request/request/pull/2018
 	NOTE: nodejs not covered by security support
-CVE-2017-16025
+CVE-2017-16025 (Nes is a websocket extension library for hapi. Hapi is a webserver fra ...)
 	NOT-FOR-US: Nes
-CVE-2017-16024
+CVE-2017-16024 (The sync-exec module is used to simulate child_process.execSync in nod ...)
 	NOT-FOR-US: sync-exec
-CVE-2017-16023
+CVE-2017-16023 (Decamelize is used to convert a dash/dot/underscore/space separated st ...)
 	- node-decamelize <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/sindresorhus/decamelize/issues/5
 	NOTE: https://github.com/sindresorhus/decamelize/commit/76d47d8de360afb574da2e34db87430ce11094e0
 	NOTE: nodejs not covered by security support
-CVE-2017-16022
+CVE-2017-16022 (Morris.js creates an svg graph, with labels that appear when hovering  ...)
 	NOT-FOR-US: Morris.js
-CVE-2017-16021
+CVE-2017-16021 (uri-js is a module that tries to fully implement RFC 3986. One of thes ...)
 	NOT-FOR-US: uri-js nodejs module
-CVE-2017-16020
+CVE-2017-16020 (Summit is a node web framework. When using the PouchDB driver in the m ...)
 	NOT-FOR-US: Summit
-CVE-2017-16019
+CVE-2017-16019 (GitBook is a command line tool (and Node.js library) for building beau ...)
 	NOT-FOR-US: GitBook
-CVE-2017-16018
+CVE-2017-16018 (Restify is a framework for building REST APIs. Restify &gt;=2.0.0 &lt; ...)
 	NOT-FOR-US: Restify
-CVE-2017-16017
+CVE-2017-16017 (sanitize-html is a library for scrubbing html input for malicious valu ...)
 	NOT-FOR-US: sanitize-html
-CVE-2017-16016
+CVE-2017-16016 (Sanitize-html is a library for scrubbing html input of malicious value ...)
 	NOT-FOR-US: sanitize-html
-CVE-2017-16015
+CVE-2017-16015 (Forms is a library for easily creating HTML forms. Versions before 1.3 ...)
 	NOT-FOR-US: Forms
-CVE-2017-16014
+CVE-2017-16014 (Http-proxy is a proxying library. Because of the way errors are handle ...)
 	- node-http-proxy <itp> (bug #896978)
 	NOTE: https://nodesecurity.io/advisories/323
 	NOTE: https://github.com/nodejitsu/node-http-proxy/pull/101
-CVE-2017-16013
+CVE-2017-16013 (hapi is a web and services application framework. When hapi &gt;= 15.0 ...)
 	NOT-FOR-US: hapi
 CVE-2017-16012
 	REJECTED
 CVE-2017-16011
 	REJECTED
-CVE-2017-16010
+CVE-2017-16010 (i18next is a language translation framework. When using the .init meth ...)
 	- libjs-i18next <unfixed> (unimportant)
 	NOTE: https://github.com/i18next/i18next/pull/826
 	NOTE: https://nodesecurity.io/advisories/326
 	NOTE: nodejs not covered by security support
-CVE-2017-16009
+CVE-2017-16009 (ag-grid is an advanced data grid that is library agnostic. ag-grid is  ...)
 	NOT-FOR-US: ag-grid
-CVE-2017-16008
+CVE-2017-16008 (i18next is a language translation framework. Because of how the interp ...)
 	NOT-FOR-US: i18next
-CVE-2017-16007
+CVE-2017-16007 (node-jose is a JavaScript implementation of the JSON Object Signing an ...)
 	NOT-FOR-US: node-jose
-CVE-2017-16006
+CVE-2017-16006 (Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkab ...)
 	NOT-FOR-US: Remarkable
-CVE-2017-16005
+CVE-2017-16005 (Http-signature is a "Reference implementation of Joyent's HTTP Signatu ...)
 	- node-http-signature <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/joyent/node-http-signature/issues/10
 	NOTE: https://nodesecurity.io/advisories/318
 	NOTE: nodejs not covered by security support
 CVE-2017-16004
 	RESERVED
-CVE-2017-16003
+CVE-2017-16003 (windows-build-tools is a module for installing C++ Build Tools for Win ...)
 	NOT-FOR-US: windows-build-tools
 CVE-2017-16002
 	RESERVED
-CVE-2017-16001
+CVE-2017-16001 (In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion)  ...)
 	NOT-FOR-US: VMware
-CVE-2017-16000
+CVE-2017-16000 (SQL injection vulnerability in the EyesOfNetwork web interface (aka eo ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-15999
+CVE-2017-15999 (In the "NQ Contacts Backup &amp; Restore" application 1.1 for Android, ...)
 	NOT-FOR-US: Contacts Backup & Restore
-CVE-2017-15998
+CVE-2017-15998 (In the "NQ Contacts Backup &amp; Restore" application 1.1 for Android, ...)
 	NOT-FOR-US: Contacts Backup & Restore
-CVE-2017-15997
+CVE-2017-15997 (In the "NQ Contacts Backup &amp; Restore" application 1.1 for Android, ...)
 	NOT-FOR-US: Contacts Backup & Restore
-CVE-2017-15996
+CVE-2017-15996 (elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to c ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -7157,7 +7157,7 @@ CVE-2017-15996
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d91f0b20e561e326ee91a09a76206257bde8438b
 CVE-2017-15995
 	RESERVED
-CVE-2017-15994
+CVE-2017-15994 (rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums ...)
 	- rsync <not-affected> (Problematic code to allow checksum choice only introduced after 3.1.2 release)
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55
@@ -7168,130 +7168,130 @@ CVE-2017-15994
 	NOTE: The following commit introduced special handling of archaic versions / handling of
 	NOTE: --checksum-choice option to choose the checksum algorithms:
 	NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=a5a7d3a297b836387b0ac677383bdddaf2ac3598
-CVE-2017-15993
+CVE-2017-15993 (Zomato Clone Script allows SQL Injection via the restaurant-menu.php r ...)
 	NOT-FOR-US: Zomato Clone Script
-CVE-2017-15992
+CVE-2017-15992 (Website Broker Script allows SQL Injection via the 'status_id' Paramet ...)
 	NOT-FOR-US: Website Broker Script
-CVE-2017-15991
+CVE-2017-15991 (Vastal I-Tech Agent Zone (aka The Real Estate Script) allows SQL Injec ...)
 	NOT-FOR-US: Vastal I-Tech Agent Zone
-CVE-2017-15990
+CVE-2017-15990 (Php Inventory &amp; Invoice Management System allows Arbitrary File Up ...)
 	NOT-FOR-US: Php Inventory & Invoice Management System
-CVE-2017-15989
+CVE-2017-15989 (Online Exam Test Application allows SQL Injection via the resources.ph ...)
 	NOT-FOR-US: Online Exam Test Application
-CVE-2017-15988
+CVE-2017-15988 (Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme  ...)
 	NOT-FOR-US: PHP FAQ Script
-CVE-2017-15987
+CVE-2017-15987 (Fake Magazine Cover Script allows SQL Injection via the rate.php value ...)
 	NOT-FOR-US: Fake Magazine Cover Script
-CVE-2017-15986
+CVE-2017-15986 (CPA Lead Reward Script allows SQL Injection via the username parameter ...)
 	NOT-FOR-US: CPA Lead Reward Script
-CVE-2017-15985
+CVE-2017-15985 (Basic B2B Script allows SQL Injection via the product_view1.php pid or ...)
 	NOT-FOR-US: Basic B2B Script
-CVE-2017-15984
+CVE-2017-15984 (Creative Management System (CMS) Lite 1.4 allows SQL Injection via the ...)
 	NOT-FOR-US: Creative Management System (CMS) Lite
-CVE-2017-15983
+CVE-2017-15983 (MyMagazine Magazine &amp; Blog CMS 1.0 allows SQL Injection via the id ...)
 	NOT-FOR-US: MyMagazine Magazine & Blog CMS
-CVE-2017-15982
+CVE-2017-15982 (Dynamic News Magazine &amp; Blog CMS 1.0 allows SQL Injection via the  ...)
 	NOT-FOR-US: Dynamic News Magazine & Blog CMS
-CVE-2017-15981
+CVE-2017-15981 (Responsive Newspaper Magazine &amp; Blog CMS 1.0 allows SQL Injection  ...)
 	NOT-FOR-US: Responsive Newspaper Magazine & Blog CMS
-CVE-2017-15980
+CVE-2017-15980 (US Zip Codes Database Script 1.0 allows SQL Injection via the state pa ...)
 	NOT-FOR-US: US Zip Codes Database Script
-CVE-2017-15979
+CVE-2017-15979 (Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via th ...)
 	NOT-FOR-US: Shareet - Photo Sharing Social Network
-CVE-2017-15978
+CVE-2017-15978 (AROX School ERP PHP Script 1.0 allows SQL Injection via the office_adm ...)
 	NOT-FOR-US: AROX School ERP PHP Script
-CVE-2017-15977
+CVE-2017-15977 (Protected Links - Expiring Download Links 1.0 allows SQL Injection via ...)
 	NOT-FOR-US: Protected Links - Expiring Download Links
-CVE-2017-15976
+CVE-2017-15976 (ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid ...)
 	NOT-FOR-US: ZeeBuddy
-CVE-2017-15975
+CVE-2017-15975 (Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_ ...)
 	NOT-FOR-US: Vastal I-Tech Dating Zone
-CVE-2017-15974
+CVE-2017-15974 (tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 ...)
 	NOT-FOR-US: tPanel
-CVE-2017-15973
+CVE-2017-15973 (Sokial Social Network Script 1.0 allows SQL Injection via the id param ...)
 	NOT-FOR-US: Sokial Social Network Script
-CVE-2017-15972
+CVE-2017-15972 (SoftDatepro Dating Social Network 1.3 allows SQL Injection via the vie ...)
 	NOT-FOR-US: SoftDatepro Dating Social Network
-CVE-2017-15971
+CVE-2017-15971 (Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprof ...)
 	NOT-FOR-US: Same Sex Dating Software Pro
-CVE-2017-15970
+CVE-2017-15970 (PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index ...)
 	NOT-FOR-US: PHP CityPortal
-CVE-2017-15969
+CVE-2017-15969 (PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to searc ...)
 	NOT-FOR-US: PG All Share Video
-CVE-2017-15968
+CVE-2017-15968 (MyBuilder Clone 1.0 allows SQL Injection via the phpsqlsearch_genxml.p ...)
 	NOT-FOR-US: MyBuilder Clone
-CVE-2017-15967
+CVE-2017-15967 (Mailing List Manager Pro 3.0 allows SQL Injection via the edit paramet ...)
 	NOT-FOR-US: Mailing List Manager Pro
-CVE-2017-15966
+CVE-2017-15966 (The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! a ...)
 	NOT-FOR-US: Zh YandexMap
-CVE-2017-15965
+CVE-2017-15965 (The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joo ...)
 	NOT-FOR-US: NS Download Shop
-CVE-2017-15964
+CVE-2017-15964 (Job Board Script Software allows SQL Injection via the PATH_INFO to a  ...)
 	NOT-FOR-US: Job Board Script Software
-CVE-2017-15963
+CVE-2017-15963 (iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.p ...)
 	NOT-FOR-US: iTech Gigs Script
-CVE-2017-15962
+CVE-2017-15962 (iStock Management System 1.0 allows Arbitrary File Upload via user/pro ...)
 	NOT-FOR-US: iStock Management System
-CVE-2017-15961
+CVE-2017-15961 (iProject Management System 1.0 allows SQL Injection via the ID paramet ...)
 	NOT-FOR-US: iProject Management System
-CVE-2017-15960
+CVE-2017-15960 (Article Directory Script 3.0 allows SQL Injection via the id parameter ...)
 	NOT-FOR-US: Article Directory Scrip
-CVE-2017-15959
+CVE-2017-15959 (Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a /do ...)
 	NOT-FOR-US: Adult Script Pro
-CVE-2017-15958
+CVE-2017-15958 (D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the user ...)
 	NOT-FOR-US: D-Park Pro Domain Parking Script
-CVE-2017-15957
+CVE-2017-15957 (my_profile.php in Ingenious School Management System 2.3.0 allows a st ...)
 	NOT-FOR-US: Ingenious School Management System
-CVE-2017-15956
+CVE-2017-15956 (ConverTo Video Downloader &amp; Converter 1.4.1 allows Arbitrary File  ...)
 	NOT-FOR-US: ConverTo Video Downloader
-CVE-2017-15955
+CVE-2017-15955 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an "Ac ...)
 	{DSA-4026-1 DLA-1158-1}
 	- bchunk 1.2.0-12.1 (bug #880116)
 	NOTE: https://github.com/extramaster/bchunk/issues/4
-CVE-2017-15954
+CVE-2017-15954 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap ...)
 	{DSA-4026-1 DLA-1158-1}
 	- bchunk 1.2.0-12.1 (bug #880116)
 	NOTE: https://github.com/extramaster/bchunk/issues/3
-CVE-2017-15953
+CVE-2017-15953 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap ...)
 	{DSA-4026-1 DLA-1158-1}
 	- bchunk 1.2.0-12.1 (bug #880116)
 	NOTE: https://github.com/extramaster/bchunk/issues/2
 CVE-2017-15952
 	RESERVED
-CVE-2017-15951
+CVE-2017-15951 (The KEYS subsystem in the Linux kernel before 4.13.10 does not correct ...)
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/363b02dab09b3226f3bd1420dad9c72b79a42a76 (v4.14-rc6)
-CVE-2017-15950
+CVE-2017-15950 (Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buff ...)
 	NOT-FOR-US: Flexense SyncBreeze
-CVE-2017-15949
+CVE-2017-15949 (Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedi ...)
 	NOT-FOR-US: Xavier PHP Management Panel
-CVE-2017-15948
+CVE-2017-15948 (Perch Content Management System 3.0.3 allows unrestricted file upload  ...)
 	NOT-FOR-US: Perch Content Management System
-CVE-2017-15947
+CVE-2017-15947 (Simple ASC Content Management System v1.2 has XSS in the location fiel ...)
 	NOT-FOR-US: Simple ASC Content Management
-CVE-2017-15946
+CVE-2017-15946 (In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerabil ...)
 	NOT-FOR-US: Joomla addon
-CVE-2017-15945
+CVE-2017-15945 (The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, d ...)
 	NOT-FOR-US: Gentoo installation scripts
-CVE-2017-15944
+CVE-2017-15944 (Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x be ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-15943
+CVE-2017-15943 (The configuration file import for applications, spyware and vulnerabil ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-15942
+CVE-2017-15942 (Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x be ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-15941
+CVE-2017-15941 (Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS  ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-15940
+CVE-2017-15940 (The web interface packet capture management component in Palo Alto Net ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-15939
+CVE-2017-15939 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as  ...)
 	- binutils <not-affected> (Incomplete fix not applied)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22205
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a54018b72d75abf2e74bf36016702da06399c1d9
 	NOTE: https://blogs.gentoo.org/ago/2017/10/24/binutils-null-pointer-dereference-in-concat_filename-dwarf2-c-incomplete-fix-for-cve-2017-15023/
-CVE-2017-15938
+CVE-2017-15938 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as  ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -7300,31 +7300,31 @@ CVE-2017-15938
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22209
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1b86808a86077722ee4f42ff97f836b12420bb2a
 	NOTE: https://blogs.gentoo.org/ago/2017/10/24/binutils-invalid-memory-read-in-find_abstract_instance_name-dwarf2-c/
-CVE-2017-15937
+CVE-2017-15937 (Artica Pandora FMS version 7.0 leaks a full installation pathname via  ...)
 	NOT-FOR-US: Artica Pandora FMS
-CVE-2017-15936
+CVE-2017-15936 (In Artica Pandora FMS version 7.0, an Attacker with write Permission c ...)
 	NOT-FOR-US: Artica Pandora FMS
-CVE-2017-15935
+CVE-2017-15935 (Artica Pandora FMS version 7.0 is vulnerable to remote PHP code execut ...)
 	NOT-FOR-US: Artica Pandora FMS
-CVE-2017-15934
+CVE-2017-15934 (Artica Pandora FMS version 7.0 is vulnerable to stored Cross-Site Scri ...)
 	NOT-FOR-US: Artica Pandora FMS
-CVE-2017-15933
+CVE-2017-15933 (SQL injection vulnerability vulnerability in the EyesOfNetwork web int ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-15932
+CVE-2017-15932 (In radare2 2.0.1, an integer exception (negative number leading to an  ...)
 	- radare2 2.1.0+dfsg-1 (bug #880024)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	NOTE: https://github.com/radare/radare2/commit/44ded3ff35b8264f54b5a900cab32ec489d9e5b9
 	NOTE: https://github.com/radare/radare2/issues/8743
-CVE-2017-15931
+CVE-2017-15931 (In radare2 2.0.1, an integer exception (negative number leading to an  ...)
 	- radare2 2.1.0+dfsg-1 (bug #880025)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	NOTE: https://github.com/radare/radare2/commit/c6d0076c924891ad9948a62d89d0bcdaf965f0cd
 	NOTE: https://github.com/radare/radare2/issues/8731
-CVE-2017-15930
+CVE-2017-15930 (In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Po ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1154-1}
 	- graphicsmagick 1.3.26-16 (bug #879999)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=6fc54b6d2be8
@@ -7332,7 +7332,7 @@ CVE-2017-15930
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/518/
 CVE-2017-15929
 	RESERVED
-CVE-2017-15928
+CVE-2017-15928 (In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation  ...)
 	- ruby-ox 2.8.2-1 (bug #881445)
 	[stretch] - ruby-ox 2.1.1-2+deb9u1
 	[jessie] - ruby-ox 2.1.1-2+deb8u1
@@ -7344,26 +7344,26 @@ CVE-2017-15926
 	RESERVED
 CVE-2017-15925
 	RESERVED
-CVE-2017-15923
+CVE-2017-15923 (Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x before 1.7.3 allow remote  ...)
 	{DSA-4033-1 DLA-1174-1}
 	- konversation 1.7.3-1 (bug #881586)
 	NOTE: https://cgit.kde.org/konversation.git/commit/?h=1.7&id=6a7f59ee1b9dbc6e5cf9e5f3b306504d02b73ef0
-CVE-2017-15922
+CVE-2017-15922 (In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACT ...)
 	{DLA-1198-1}
 	- libextractor 1:1.6-2 (low; bug #880016)
 	[stretch] - libextractor 1:1.3-4+deb9u1
 	[jessie] - libextractor 1:1.3-2+deb8u1
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html
 	NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=d4d488b0e5ab13dda241d688d87a07816368f117
-CVE-2017-15921
+CVE-2017-15921 (In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186 ...)
 	NOT-FOR-US: Watchdog Anti-Malware
-CVE-2017-15920
+CVE-2017-15920 (In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186 ...)
 	NOT-FOR-US: Watchdog Anti-Malware
-CVE-2017-15918
+CVE-2017-15918 (Sera 1.2 stores the user's login password in plain text in their home  ...)
 	NOT-FOR-US: Sera
-CVE-2017-15917
+CVE-2017-15917 (In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create ...)
 	NOT-FOR-US: Paessler PRTG Network Monitor
-CVE-2017-15908
+CVE-2017-15908 (In systemd 223 through 235, a remote DNS server can respond with a cus ...)
 	- systemd 235-3 (bug #880026)
 	[stretch] - systemd 232-25+deb9u2
 	[jessie] - systemd <not-affected> (Vulnerable code introduced later)
@@ -7371,29 +7371,29 @@ CVE-2017-15908
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351
 	NOTE: https://github.com/systemd/systemd/pull/7184
 	NOTE: Fix: https://github.com/systemd/systemd/commit/9f939335a07085aa9a9663efd1dca06ef6405d62
-CVE-2017-15919
+CVE-2017-15919 (The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has S ...)
 	NOT-FOR-US: WordPress plugin ultimate-form-builder-lite
 CVE-2017-15916
 	RESERVED
 CVE-2017-15915
 	RESERVED
-CVE-2017-15914
+CVE-2017-15914 (Incorrect implementation of access controls allows remote users to ove ...)
 	- borgbackup 1.1.3-1
 	[stretch] - borgbackup <not-affected> (Only affects 1.1.0, 1.1.1 and 1.1.2 releases)
 	NOTE: https://borgbackup.readthedocs.io/en/stable/changes.html#version-1-1-3-2017-11-27
-CVE-2017-15913
+CVE-2017-15913 (The Installer in Whale allows DLL hijacking. ...)
 	NOT-FOR-US: Installer in Whale
 CVE-2017-15912
 	RESERVED
-CVE-2017-15911
+CVE-2017-15911 (The Admin Console in Ignite Realtime Openfire Server before 4.1.7 allo ...)
 	NOT-FOR-US: Ignite Realtime Openfire Server
 CVE-2017-15910
 	RESERVED
-CVE-2017-15909
+CVE-2017-15909 (D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password,  ...)
 	NOT-FOR-US: D-Link
-CVE-2017-15907
+CVE-2017-15907 (SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remo ...)
 	NOT-FOR-US: phpCollab
-CVE-2017-15906
+CVE-2017-15906 (The process_open function in sftp-server.c in OpenSSH before 7.6 does  ...)
 	{DLA-1500-1}
 	- openssh 1:7.6p1-1 (low)
 	[stretch] - openssh 1:7.4p1-10+deb9u3
@@ -7415,53 +7415,53 @@ CVE-2017-15899
 	RESERVED
 CVE-2017-15898
 	RESERVED
-CVE-2017-15897
+CVE-2017-15897 (Node.js had a bug in versions 8.X and 9.X which caused buffers to not  ...)
 	- nodejs <not-affected> (Only affects 8.x and 9.x)
-CVE-2017-15896
+CVE-2017-15896 (Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards ...)
 	- nodejs <not-affected> (HTTP2 module only in 8.x and 9.x and Debian package uses the system copy of OpenSSL)
-CVE-2017-15895
+CVE-2017-15895 (Directory traversal vulnerability in the SYNO.FileStation.Extract in S ...)
 	NOT-FOR-US: Synology Router Manager
-CVE-2017-15894
+CVE-2017-15894 (Directory traversal vulnerability in the SYNO.FileStation.Extract in S ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2017-15893
+CVE-2017-15893 (Directory traversal vulnerability in the SYNO.FileStation.Extract in S ...)
 	NOT-FOR-US: Synology File Station
-CVE-2017-15892
+CVE-2017-15892 (Multiple cross-site scripting (XSS) vulnerabilities in Slash Command C ...)
 	NOT-FOR-US: Synology Chat
-CVE-2017-15891
+CVE-2017-15891 (Improper access control vulnerability in SYNO.Cal.EventBase in Synolog ...)
 	NOT-FOR-US: Synology Calendar
-CVE-2017-15890
+CVE-2017-15890 (Cross-site scripting (XSS) vulnerability in Disclaimer in Synology Mai ...)
 	NOT-FOR-US: Synology
-CVE-2017-15889
+CVE-2017-15889 (Command injection vulnerability in smart.cgi in Synology DiskStation M ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2017-15888
+CVE-2017-15888 (Cross-site scripting (XSS) vulnerability in Custom Internet Radio List ...)
 	NOT-FOR-US: Synology
-CVE-2017-15887
+CVE-2017-15887 (An improper restriction of excessive authentication attempts vulnerabi ...)
 	NOT-FOR-US: Synology
-CVE-2017-15886
+CVE-2017-15886 (Server-side request forgery (SSRF) vulnerability in Link Preview in Sy ...)
 	NOT-FOR-US: Synology Chat
-CVE-2017-15885
+CVE-2017-15885 (Reflected XSS in the web administration portal on the Axis 2100 Networ ...)
 	NOT-FOR-US: Axis
-CVE-2017-15884
+CVE-2017-15884 (In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion)  ...)
 	NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
-CVE-2017-15883
+CVE-2017-15883 (Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remo ...)
 	NOT-FOR-US: Sitefinity
-CVE-2017-15882
+CVE-2017-15882 (The London Trust Media Private Internet Access (PIA) application befor ...)
 	NOT-FOR-US: London Trust Media Private Internet Access (PIA) application
-CVE-2017-15881
+CVE-2017-15881 (Cross-Site Scripting vulnerability in KeystoneJS before 4.0.0-beta.7 a ...)
 	NOT-FOR-US: KeystoneJS
-CVE-2017-15880
+CVE-2017-15880 (SQL injection vulnerability vulnerability in the EyesOfNetwork web int ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-15879
+CVE-2017-15879 (CSV Injection (aka Excel Macro Injection or Formula Injection) exists  ...)
 	NOT-FOR-US: KeystoneJS
-CVE-2017-15878
+CVE-2017-15878 (A cross-site scripting (XSS) vulnerability exists in fields/types/mark ...)
 	NOT-FOR-US: KeystoneJS
-CVE-2017-15877
+CVE-2017-15877 (Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allo ...)
 	NOT-FOR-US: GPWeb
-CVE-2017-15876
+CVE-2017-15876 (Unrestricted File Upload vulnerability in GPWeb 8.4.61 allows remote a ...)
 	NOT-FOR-US: GPWeb
-CVE-2017-15875
+CVE-2017-15875 (SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allow ...)
 	NOT-FOR-US: GPWeb
-CVE-2017-15874
+CVE-2017-15874 (archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integ ...)
 	- busybox 1:1.27.2-2 (bug #879732)
 	[stretch] - busybox <not-affected> (Vulnerable code not present)
 	[jessie] - busybox <not-affected> (Vulnerable code not present)
@@ -7469,32 +7469,32 @@ CVE-2017-15874
 	NOTE: https://bugs.busybox.net/show_bug.cgi?id=10436
 	NOTE: Introduced in: https://git.busybox.net/busybox/commit/?id=3989e5adf454a3ab98412b249c2c9bd2a3175ae0
 	NOTE: Fixed by: https://git.busybox.net/busybox/commit/?id=9ac42c500586fa5f10a1f6d22c3f797df11b1f6b
-CVE-2017-15873
+CVE-2017-15873 (The get_next_block function in archival/libarchive/decompress_bunzip2. ...)
 	{DLA-1445-1}
 	- busybox 1:1.27.2-2 (bug #879732)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	[wheezy] - busybox <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://git.busybox.net/busybox/commit/?id=0402cb32df015d9372578e3db27db47b33d5c7b0
 	NOTE: https://bugs.busybox.net/show_bug.cgi?id=10431
-CVE-2017-15872
+CVE-2017-15872 (phpwcms 1.8.9 has XSS in include/inc_tmpl/admin.edituser.tmpl.php and  ...)
 	NOT-FOR-US: phpwcms
-CVE-2017-15871
+CVE-2017-15871 (** DISPUTED ** The deserialize function in serialize-to-js through 1.1 ...)
 	NOT-FOR-US: Disputed serialize-to-js issue
-CVE-2017-15870
+CVE-2017-15870 (Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers w ...)
 	NOT-FOR-US: Palo Alto Networks GlobalProtect Agent
-CVE-2017-15869
+CVE-2017-15869 (Cross-site scripting (XSS) vulnerability in knowledgebase.php in LiveZ ...)
 	NOT-FOR-US: LiveZilla
-CVE-2017-15868
+CVE-2017-15868 (The bnep_add_connection function in net/bluetooth/bnep/core.c in the L ...)
 	{DSA-4082-1 DLA-1200-1}
 	- linux 4.0.2-1
 	NOTE: Fixed by: https://git.kernel.org/linus/71bb99a02b32b4cc4265118e85f6035ca72923f0 (v3.19-rc3)
-CVE-2017-15867
+CVE-2017-15867 (Multiple cross-site scripting (XSS) vulnerabilities in the user-login- ...)
 	NOT-FOR-US: user-login-history plugin for WordPress
 CVE-2017-15866
 	RESERVED
-CVE-2017-15865
+CVE-2017-15865 (bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in  ...)
 	- frr <not-affected> (Fixed before initial upload)
-CVE-2017-15864
+CVE-2017-15864 (In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x throu ...)
 	{DLA-1212-1}
 	- otrs2 4.0.7-2
 	[jessie] - otrs2 3.3.18-1+deb8u2
@@ -7504,49 +7504,49 @@ CVE-2017-15864
 	NOTE: DTL template engine that OTRS used up to OTRS 3.3. Starting with OTRS 4
 	NOTE: OTRS switched to a new Template::Toolkit based engine which does not perform
 	NOTE: recursive parsing and not affected by this issue.
-CVE-2017-15863
+CVE-2017-15863 (Cross Site Scripting (XSS) exists in the wp-noexternallinks plugin bef ...)
 	NOT-FOR-US: WordPress plugin wp-noexternallinks
-CVE-2017-15862
+CVE-2017-15862 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15861
+CVE-2017-15861 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15860
+CVE-2017-15860 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15859
+CVE-2017-15859 (While processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_ ...)
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-15858
 	RESERVED
-CVE-2017-15857
+CVE-2017-15857 (In the camera driver, an out-of-bounds access can occur due to an erro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15856
+CVE-2017-15856 (Due to a race condition while processing the power stats debug file to ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15855
+CVE-2017-15855 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15854
+CVE-2017-15854 (The value of fix_param-&gt;num_chans is received from firmware and if  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15853
+CVE-2017-15853 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15852
+CVE-2017-15852 (Information leak of the ISPIF base address in Android for MSM, Firefox ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15851
+CVE-2017-15851 (Lack of copy_from_user and information leak in function "msm_ois_subde ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15850
+CVE-2017-15850 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15849
+CVE-2017-15849 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15848
+CVE-2017-15848 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15847
+CVE-2017-15847 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15846
+CVE-2017-15846 (In the video_ioctl2() function in the camera driver in Android for MSM ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15845
+CVE-2017-15845 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15844
+CVE-2017-15844 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15843
+CVE-2017-15843 (Due to a race condition in a bus driver, a double free in msm_bus_floo ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15842
+CVE-2017-15842 (Buffer might get used after it gets freed due to unlocking the mutex b ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-15841
 	RESERVED
@@ -7557,74 +7557,74 @@ CVE-2017-15839
 	RESERVED
 CVE-2017-15838
 	RESERVED
-CVE-2017-15837
+CVE-2017-15837 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15836
+CVE-2017-15836 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15835
+CVE-2017-15835 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15834
+CVE-2017-15834 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15833
+CVE-2017-15833 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-15832
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15831
+CVE-2017-15831 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15830
+CVE-2017-15830 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15829
+CVE-2017-15829 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15828
+CVE-2017-15828 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-15827
 	RESERVED
-CVE-2017-15826
+CVE-2017-15826 (Due to a race condition in MDSS rotator in Android for MSM, Firefox OS ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15825
+CVE-2017-15825 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15824
+CVE-2017-15824 (In Android releases from CAF using the linux kernel (Android for MSM,  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15823
+CVE-2017-15823 (In spectral_create_samp_msg() in Android for MSM, Firefox OS for MSM,  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15822
+CVE-2017-15822 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15821
+CVE-2017-15821 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15820
+CVE-2017-15820 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-15819
 	RESERVED
-CVE-2017-15818
+CVE-2017-15818 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-15817
+CVE-2017-15817 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-15816
 	RESERVED
-CVE-2017-15815
+CVE-2017-15815 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15814
+CVE-2017-15814 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15813
+CVE-2017-15813 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm closed-source components on Android
-CVE-2017-15812
+CVE-2017-15812 (The Easy Appointments plugin before 1.12.0 for WordPress has XSS via a ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-15811
+CVE-2017-15811 (The Pootle Button plugin before 1.2.0 for WordPress has XSS via the as ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-15810
+CVE-2017-15810 (The PopCash.Net Code Integration Tool plugin before 1.1 for WordPress  ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-15809
+CVE-2017-15809 (In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a cr ...)
 	NOT-FOR-US: phpMyFaq
-CVE-2017-15808
+CVE-2017-15808 (In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php. ...)
 	NOT-FOR-US: phpMyFaq
 CVE-2017-15807
 	RESERVED
-CVE-2017-15806
+CVE-2017-15806 (The send function in the ezcMailMtaTransport class in Zeta Components  ...)
 	NOT-FOR-US: Zeta Components Mail
-CVE-2017-15805
+CVE-2017-15805 (Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-15804
+CVE-2017-15804 (The glob function in glob.c in the GNU C Library (aka glibc or libc6)  ...)
 	- glibc 2.25-3 (low; bug #879955)
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <no-dsa> (Minor issue)
@@ -7632,11 +7632,11 @@ CVE-2017-15804
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22332
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8
-CVE-2017-15803
+CVE-2017-15803 (XnView Classic for Windows Version 2.43 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-15802
+CVE-2017-15802 (XnView Classic for Windows Version 2.43 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-15801
+CVE-2017-15801 (XnView Classic for Windows Version 2.43 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
 CVE-2017-15800
 	REJECTED
@@ -7660,134 +7660,134 @@ CVE-2017-15791
 	REJECTED
 CVE-2017-15790
 	REJECTED
-CVE-2017-15789
+CVE-2017-15789 (XnView Classic for Windows Version 2.43 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-15788
+CVE-2017-15788 (XnView Classic for Windows Version 2.43 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-15787
+CVE-2017-15787 (XnView Classic for Windows Version 2.43 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-15786
+CVE-2017-15786 (XnView Classic for Windows Version 2.43 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-15785
+CVE-2017-15785 (XnView Classic for Windows Version 2.43 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-15784
+CVE-2017-15784 (XnView Classic for Windows Version 2.43 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-15783
+CVE-2017-15783 (XnView Classic for Windows Version 2.43 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-15782
+CVE-2017-15782 (XnView Classic for Windows Version 2.43 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-15781
+CVE-2017-15781 (XnView Classic for Windows Version 2.43 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-15780
+CVE-2017-15780 (XnView Classic for Windows Version 2.43 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-15779
+CVE-2017-15779 (XnView Classic for Windows Version 2.43 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-15778
+CVE-2017-15778 (XnView Classic for Windows Version 2.43 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-15777
+CVE-2017-15777 (XnView Classic for Windows Version 2.43 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-15776
+CVE-2017-15776 (XnView Classic for Windows Version 2.43 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-15775
+CVE-2017-15775 (XnView Classic for Windows Version 2.43 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-15774
+CVE-2017-15774 (XnView Classic for Windows Version 2.43 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-15773
+CVE-2017-15773 (XnView Classic for Windows Version 2.43 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-15772
+CVE-2017-15772 (XnView Classic for Windows Version 2.43 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
 CVE-2017-15771
 	REJECTED
 CVE-2017-15770
 	REJECTED
-CVE-2017-15769
+CVE-2017-15769 (IrfanView 4.50 - 64bit allows attackers to cause a denial of service o ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15768
+CVE-2017-15768 (IrfanView version 4.50 - 64bit allows attackers to cause a denial of s ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15767
+CVE-2017-15767 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15766
+CVE-2017-15766 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15765
+CVE-2017-15765 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15764
+CVE-2017-15764 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15763
+CVE-2017-15763 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15762
+CVE-2017-15762 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15761
+CVE-2017-15761 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15760
+CVE-2017-15760 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15759
+CVE-2017-15759 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15758
+CVE-2017-15758 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15757
+CVE-2017-15757 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15756
+CVE-2017-15756 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15755
+CVE-2017-15755 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15754
+CVE-2017-15754 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15753
+CVE-2017-15753 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15752
+CVE-2017-15752 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15751
+CVE-2017-15751 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15750
+CVE-2017-15750 (IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15749
+CVE-2017-15749 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15748
+CVE-2017-15748 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15747
+CVE-2017-15747 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15746
+CVE-2017-15746 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15745
+CVE-2017-15745 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15744
+CVE-2017-15744 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15743
+CVE-2017-15743 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15742
+CVE-2017-15742 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15741
+CVE-2017-15741 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15740
+CVE-2017-15740 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15739
+CVE-2017-15739 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15738
+CVE-2017-15738 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15737
+CVE-2017-15737 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows at ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15736
+CVE-2017-15736 (Cross-site scripting (XSS) vulnerability (stored) in SPIP before 3.1.7 ...)
 	{DSA-4228-1}
 	- spip 3.1.4-4 (bug #879954)
 	[wheezy] - spip <not-affected> (vulnerable code not present)
 	NOTE: https://core.spip.net/projects/spip/repository/revisions/23701
-CVE-2017-15735
+CVE-2017-15735 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) f ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15734
+CVE-2017-15734 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) i ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15733
+CVE-2017-15733 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) i ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15732
+CVE-2017-15732 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) i ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15731
+CVE-2017-15731 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) i ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15730
+CVE-2017-15730 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) i ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15729
+CVE-2017-15729 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) f ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15728
+CVE-2017-15728 (In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) v ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-15727
+CVE-2017-15727 (In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) v ...)
 	NOT-FOR-US: phpMyFAQ
 CVE-2017-15726
 	RESERVED
@@ -7795,59 +7795,59 @@ CVE-2017-15725
 	RESERVED
 CVE-2017-15724
 	RESERVED
-CVE-2017-15723
+CVE-2017-15723 (In Irssi before 1.0.5, overlong nicks or targets may result in a NULL  ...)
 	{DSA-4016-1}
 	- irssi 1.0.5-1 (bug #879521)
 	[wheezy] - irssi <not-affected> (Vulnerable code introduced in 0.8.17)
 	NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
 	NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
-CVE-2017-15722
+CVE-2017-15722 (In certain cases, Irssi before 1.0.5 may fail to verify that a Safe ch ...)
 	{DSA-4016-1 DLA-1217-1}
 	- irssi 1.0.5-1 (bug #879521)
 	NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
 	NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
-CVE-2017-15721
+CVE-2017-15721 (In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages ...)
 	{DSA-4016-1 DLA-1217-1}
 	- irssi 1.0.5-1 (bug #879521)
 	NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
 	NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
-CVE-2017-15720
+CVE-2017-15720 (In Apache Airflow 1.8.2 and earlier, an authenticated user can execute ...)
 	- airflow <itp> (bug #819700)
-CVE-2017-15719
+CVE-2017-15719 (In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M ...)
 	NOT-FOR-US: Wicket jQuery UI
-CVE-2017-15718
+CVE-2017-15718 (The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the pas ...)
 	- hadoop <itp> (bug #793644)
-CVE-2017-15717
+CVE-2017-15717 (A flaw in the way URLs are escaped and encoded in the org.apache.sling ...)
 	NOT-FOR-US: Apache Sling
 CVE-2017-15716
 	RESERVED
-CVE-2017-15715
+CVE-2017-15715 (In Apache httpd 2.4.0 to 2.4.29, the expression specified in &lt;Files ...)
 	{DSA-4164-1}
 	- apache2 2.4.33-1
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/6
-CVE-2017-15714
+CVE-2017-15714 (The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape u ...)
 	NOT-FOR-US: BIRT plugin in Apache OFBiz
-CVE-2017-15713
+CVE-2017-15713 (Vulnerability in Apache Hadoop 0.23.x, 2.x before 2.7.5, 2.8.x before  ...)
 	- hadoop <itp> (bug #793644)
-CVE-2017-15712
+CVE-2017-15712 (Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 4.3.0  ...)
 	NOT-FOR-US: Apache Oozie
 CVE-2017-15711
 	REJECTED
-CVE-2017-15710
+CVE-2017-15710 (In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29 ...)
 	{DSA-4164-1 DLA-1389-1}
 	- apache2 2.4.33-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/8
-CVE-2017-15709
+CVE-2017-15709 (When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 ...)
 	- activemq 5.15.3-1 (bug #890352)
 	[stretch] - activemq <no-dsa> (Minor issue)
 	[jessie] - activemq <not-affected> (Issue introduced with OpenWire protocol support)
 	[wheezy] - activemq <not-affected> (Issue introduced with OpenWire protocol support)
-CVE-2017-15708
+CVE-2017-15708 (In Apache Synapse, by default no authentication is required for Java R ...)
 	NOT-FOR-US: Apache Synapse
-CVE-2017-15707
+CVE-2017-15707 (In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated J ...)
 	- libstruts1.2-java <not-affected> (Specific to 2.x)
-CVE-2017-15706
+CVE-2017-15706 (As part of the fix for bug 61201, the documentation for Apache Tomcat  ...)
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.24-1
 	[stretch] - tomcat8 <not-affected> (Issue introduced later)
@@ -7860,50 +7860,50 @@ CVE-2017-15706
 	NOTE: https://svn.apache.org/r1814826 (8.5.x)
 	NOTE: Introduced by fix for https://bz.apache.org/bugzilla/show_bug.cgi?id=61201
 	NOTE: https://lists.apache.org/thread.html/e1ef853fc0079cdb55befbd2dac042934e49288b476d5f6a649e5da2@%3Cannounce.tomcat.apache.org%3E
-CVE-2017-15705
+CVE-2017-15705 (A denial of service vulnerability was identified that exists in Apache ...)
 	{DLA-1578-1}
 	- spamassassin 3.4.2-1 (bug #908969)
 	[stretch] - spamassassin 3.4.2-1~deb9u1
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/16/1
 CVE-2017-15704
 	REJECTED
-CVE-2017-15703
+CVE-2017-15703 (Any authenticated user (valid client certificate but without ACL permi ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2017-15702
+CVE-2017-15702 (In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured ...)
 	- qpid-java <itp> (bug #840131)
-CVE-2017-15701
+CVE-2017-15701 (In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the b ...)
 	- qpid-java <itp> (bug #840131)
-CVE-2017-15700
+CVE-2017-15700 (A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectValid meth ...)
 	NOT-FOR-US: Apache Sling Authentication Service
-CVE-2017-15699
+CVE-2017-15699 (A Denial of Service vulnerability was found in Apache Qpid Dispatch Ro ...)
 	- qpid-dispatch <itp> (bug #737776)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/02/13/5
-CVE-2017-15698
+CVE-2017-15698 (When parsing the AIA-Extension field of a client certificate, Apache T ...)
 	{DSA-4118-1 DLA-1276-1}
 	- tomcat-native 1.2.16-1
 	NOTE: https://lists.apache.org/thread.html/6eb0a53e5827d97db1a05c736d01101fec21202a5b8fc77bb0eaaed8@%3Cannounce.tomcat.apache.org%3E
 	NOTE: http://svn.apache.org/r1815200
 	NOTE: http://svn.apache.org/r1815218
 	NOTE: Affects: 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34
-CVE-2017-15697
+CVE-2017-15697 (A malicious X-ProxyContextPath or X-Forwarded-Context header containin ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2017-15696
+CVE-2017-15696 (When an Apache Geode cluster before v1.4.0 is operating in secure mode ...)
 	NOT-FOR-US: Apache Geode
-CVE-2017-15695
+CVE-2017-15695 (When an Apache Geode server versions 1.0.0 to 1.4.0 is configured with ...)
 	NOT-FOR-US: Apache Geode
 CVE-2017-15694
 	RESERVED
-CVE-2017-15693
+CVE-2017-15693 (In Apache Geode before v1.4.0, the Geode server stores application obj ...)
 	NOT-FOR-US: Apache Geode
-CVE-2017-15692
+CVE-2017-15692 (In Apache Geode before v1.4.0, the TcpServer within the Geode locator  ...)
 	NOT-FOR-US: Apache Geode
-CVE-2017-15691
+CVE-2017-15691 (In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0 ...)
 	- uimaj 2.10.2-1 (bug #897009)
 	[stretch] - uimaj <no-dsa> (Minor issue)
 	[jessie] - uimaj <no-dsa> (Minor issue)
 	[wheezy] - uimaj <no-dsa> (Minor issue)
 	NOTE: https://uima.apache.org/security_report#CVE-2017-15691
-CVE-2017-15924
+CVE-2017-15924 (In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsin ...)
 	{DSA-4009-1}
 	- shadowsocks-libev 3.1.0+ds-2
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-010-shadowsocks-libev/
@@ -7915,7 +7915,7 @@ CVE-2017-15689
 	RESERVED
 CVE-2017-15688
 	RESERVED
-CVE-2017-15687
+CVE-2017-15687 (DOM Based Cross Site Scripting (XSS) exists in Logitech Media Server 7 ...)
 	NOT-FOR-US: Logitech
 CVE-2017-15686
 	RESERVED
@@ -7943,14 +7943,14 @@ CVE-2017-15675
 	RESERVED
 CVE-2017-15674
 	RESERVED
-CVE-2017-15673
+CVE-2017-15673 (The files function in the administration section in CS-Cart 4.6.2 and  ...)
 	NOT-FOR-US: CS-Cart
-CVE-2017-15672
+CVE-2017-15672 (The read_header function in libavcodec/ffv1dec.c in FFmpeg 3.3.4 and e ...)
 	{DSA-4049-1 DLA-1630-1}
 	- ffmpeg 7:3.4-1
 	- libav <removed>
 	NOTE: Fixed by: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904
-CVE-2017-15671
+CVE-2017-15671 (The glob function in glob.c in the GNU C Library (aka glibc or libc6)  ...)
 	[experimental] - glibc 2.26-0experimental0
 	- glibc 2.25-3 (low; bug #879500)
 	[stretch] - glibc 2.24-11+deb9u4
@@ -7959,7 +7959,7 @@ CVE-2017-15671
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22325
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c66c908230169c1bab1f83b071eb585baa214b9f
-CVE-2017-15670
+CVE-2017-15670 (The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by- ...)
 	[experimental] - glibc 2.26-0experimental0
 	- glibc 2.25-3 (low; bug #879501)
 	[stretch] - glibc 2.24-11+deb9u4
@@ -7973,17 +7973,17 @@ CVE-2017-15669
 	RESERVED
 CVE-2017-15668
 	RESERVED
-CVE-2017-15667
+CVE-2017-15667 (In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from  ...)
 	NOT-FOR-US: Flexense SysGauge Server
 CVE-2017-15666
 	RESERVED
-CVE-2017-15665
+CVE-2017-15665 (In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers f ...)
 	NOT-FOR-US: Flexense DiskBoss Enterprise
-CVE-2017-15664
+CVE-2017-15664 (In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suff ...)
 	NOT-FOR-US: Flexense Sync Breeze Enterprise
-CVE-2017-15663
+CVE-2017-15663 (In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffe ...)
 	NOT-FOR-US: Flexense Disk Pulse Enterprise
-CVE-2017-15662
+CVE-2017-15662 (In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffer ...)
 	NOT-FOR-US: Flexense VX Search Enterprise
 CVE-2017-15661
 	RESERVED
@@ -7995,43 +7995,43 @@ CVE-2017-15658
 	RESERVED
 CVE-2017-15657
 	RESERVED
-CVE-2017-15656
+CVE-2017-15656 (Password are stored in plaintext in nvram in the HTTPd server in all c ...)
 	NOT-FOR-US: HTTPd server in Asus asuswrt
-CVE-2017-15655
+CVE-2017-15655 (Multiple buffer overflow vulnerabilities exist in the HTTPd server in  ...)
 	NOT-FOR-US: HTTPd server in Asus asuswrt
-CVE-2017-15654
+CVE-2017-15654 (Highly predictable session tokens in the HTTPd server in all current v ...)
 	NOT-FOR-US: HTTPd server in Asus asuswrt
-CVE-2017-15653
+CVE-2017-15653 (Improper administrator IP validation after his login in the HTTPd serv ...)
 	NOT-FOR-US: HTTPd server in Asus asuswrt
 CVE-2017-15652
 	RESERVED
-CVE-2017-15651
+CVE-2017-15651 (PRTG Network Monitor 17.3.33.2830 allows remote authenticated administ ...)
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2017-15649
+CVE-2017-15649 (net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local  ...)
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/008ba2a13f2d04c947adc536d19debb8fe66f110
 	NOTE: Fixed by: https://git.kernel.org/linus/4971613c1639d8e5f102c4e797c3bf8f83a5a69e
-CVE-2017-15648
+CVE-2017-15648 (In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the  ...)
 	NOT-FOR-US: PHPSUGAR PHP Melody
-CVE-2017-15647
+CVE-2017-15647 (On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc v ...)
 	NOT-FOR-US: On FiberHome
-CVE-2017-15646
+CVE-2017-15646 (Webmin before 1.860 has XSS with resultant remote code execution. Unde ...)
 	- webmin <removed>
-CVE-2017-15645
+CVE-2017-15645 (CSRF exists in Webmin 1.850. By sending a GET request to at/create_job ...)
 	- webmin <removed>
-CVE-2017-15644
+CVE-2017-15644 (SSRF exists in Webmin 1.850 via the PATH_INFO to tunnel/link.cgi, as d ...)
 	- webmin <removed>
-CVE-2017-15643
+CVE-2017-15643 (An active network attacker (MiTM) can achieve remote code execution on ...)
 	NOT-FOR-US: IKARUS Anti Virus
-CVE-2017-15650
+CVE-2017-15650 (musl libc before 1.1.17 has a buffer overflow via crafted DNS replies  ...)
 	- musl 1.1.17-1
 	[stretch] - musl <no-dsa> (Minor issue)
 	[jessie] - musl <no-dsa> (Minor issue)
 	NOTE: https://git.musl-libc.org/cgit/musl/patch/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395
-CVE-2017-15642
+CVE-2017-15642 (In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there i ...)
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #882144)
 	[stretch] - sox <no-dsa> (Minor issue)
@@ -8039,76 +8039,76 @@ CVE-2017-15642
 	NOTE: https://github.com/mansr/sox/commit/0be259eaa9ce3f3fa587a3ef0cf2c0b9c73167a2
 CVE-2017-15641
 	RESERVED
-CVE-2017-15640
+CVE-2017-15640 (app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip  ...)
 	NOT-FOR-US: phpIPAM
-CVE-2017-15639
+CVE-2017-15639 (tasks/feed/readRSS.cfm in Mura CMS before 6.2 allows attackers to bypa ...)
 	NOT-FOR-US: Mura CMS
-CVE-2017-15638
+CVE-2017-15638 (The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterpri ...)
 	NOT-FOR-US: SuSEfirewall2 in SUSE
-CVE-2017-15637
+CVE-2017-15637 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15636
+CVE-2017-15636 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15635
+CVE-2017-15635 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15634
+CVE-2017-15634 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15633
+CVE-2017-15633 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15632
+CVE-2017-15632 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15631
+CVE-2017-15631 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15630
+CVE-2017-15630 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15629
+CVE-2017-15629 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15628
+CVE-2017-15628 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15627
+CVE-2017-15627 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15626
+CVE-2017-15626 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15625
+CVE-2017-15625 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15624
+CVE-2017-15624 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15623
+CVE-2017-15623 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15622
+CVE-2017-15622 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15621
+CVE-2017-15621 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15620
+CVE-2017-15620 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15619
+CVE-2017-15619 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15618
+CVE-2017-15618 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15617
+CVE-2017-15617 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15616
+CVE-2017-15616 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15615
+CVE-2017-15615 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15614
+CVE-2017-15614 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15613
+CVE-2017-15613 (TP-Link WVR, WAR and ER devices allow remote authenticated administrat ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-15612
+CVE-2017-15612 (mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline (such ...)
 	- mistune 0.8-1 (bug #879098)
 	[stretch] - mistune <no-dsa> (Minor issue)
 	NOTE: https://github.com/lepture/mistune/pull/140
 	NOTE: https://github.com/lepture/mistune/commit/d6f0b6402299bf5a380e7b4e77bd80e8736630fe
-CVE-2017-15611
+CVE-2017-15611 (In Octopus before 3.17.7, an authenticated user who was explicitly gra ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2017-15610
+CVE-2017-15610 (An issue was discovered in Octopus before 3.17.7. When the special Gue ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2017-15609
+CVE-2017-15609 (Octopus before 3.17.7 allows attackers to obtain sensitive cleartext i ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2017-15608
+CVE-2017-15608 (Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change ...)
 	NOT-FOR-US: Inedo ProGet
-CVE-2017-15607
+CVE-2017-15607 (Inedo Otter before 1.7.4 has directory traversal in filesystem-based r ...)
 	NOT-FOR-US: Inedo Otter
 CVE-2017-15606
 	RESERVED
@@ -8118,21 +8118,21 @@ CVE-2017-15604
 	RESERVED
 CVE-2017-15603
 	RESERVED
-CVE-2017-15602
+CVE-2017-15602 (In GNU Libextractor 1.4, there is an integer signedness error for the  ...)
 	{DLA-1198-1}
 	- libextractor 1:1.6-1 (low)
 	[stretch] - libextractor 1:1.3-4+deb9u1
 	[jessie] - libextractor 1:1.3-2+deb8u1
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html
 	NOTE: Fixed by https://gnunet.org/git/libextractor.git/commit/?id=ffab889c1710c7646af9ed360c796a2a0a619efc
-CVE-2017-15601
+CVE-2017-15601 (In GNU Libextractor 1.4, there is a heap-based buffer overflow in the  ...)
 	{DLA-1198-1}
 	- libextractor 1:1.6-1 (low)
 	[stretch] - libextractor 1:1.3-4+deb9u1
 	[jessie] - libextractor 1:1.3-2+deb8u1
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html
 	NOTE: Fixed by https://gnunet.org/git/libextractor.git/commit/?id=f813535dad4ad860b989952a46266a1469801091
-CVE-2017-15600
+CVE-2017-15600 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EX ...)
 	{DLA-1198-1}
 	- libextractor 1:1.6-1 (low)
 	[stretch] - libextractor 1:1.3-4+deb9u1
@@ -8144,7 +8144,7 @@ CVE-2017-15599
 	RESERVED
 CVE-2017-15598
 	RESERVED
-CVE-2017-15597
+CVE-2017-15597 (An issue was discovered in Xen through 4.9.x. Grant copying code made  ...)
 	{DSA-4050-1 DLA-1549-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
@@ -8155,28 +8155,28 @@ CVE-2017-15585
 	RESERVED
 CVE-2017-15584
 	RESERVED
-CVE-2017-15583
+CVE-2017-15583 (The embedded web server on ABB Fox515T 1.0 devices is vulnerable to Lo ...)
 	NOT-FOR-US: ABB Fox515T 1.0 devices
-CVE-2017-15582
+CVE-2017-15582 (In net.MCrypt in the "Diary with lock" (aka WriteDiary) application 4. ...)
 	NOT-FOR-US: Diary with lock
-CVE-2017-15581
+CVE-2017-15581 (In the "Diary with lock" (aka WriteDiary) application 4.72 for Android ...)
 	NOT-FOR-US: Diary with lock
-CVE-2017-15580
+CVE-2017-15580 (osTicket 1.10.1 provides a functionality to upload 'html' files with a ...)
 	NOT-FOR-US: osTicket
-CVE-2017-15579
+CVE-2017-15579 (In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pa ...)
 	NOT-FOR-US: PHPSUGAR PHP Melody
-CVE-2017-15578
+CVE-2017-15578 (In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the imag ...)
 	NOT-FOR-US: PHPSUGAR PHP Melody
-CVE-2017-15567
+CVE-2017-15567 (** DISPUTED ** The certificate import component in IDEMIA (formerly Mo ...)
 	NOT-FOR-US: IDEMIA
-CVE-2017-15566
+CVE-2017-15566 (Insecure SPANK environment variable handling exists in SchedMD Slurm b ...)
 	{DSA-4023-1}
 	- slurm-llnl 17.02.9-1 (bug #880530)
 	[jessie] - slurm-llnl <not-affected> (Vulnerable code introduced later)
 	[wheezy] - slurm-llnl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.schedmd.com/show_bug.cgi?id=4228 (not public)
 	NOTE: Fixed by: https://github.com/SchedMD/slurm/commit/b30e9e9ee2ade6951bfaf28e15ef77325a206971
-CVE-2017-15565
+CVE-2017-15565 (In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageCo ...)
 	{DSA-4079-1 DLA-1177-1}
 	- poppler 0.61.1-2 (bug #879066)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103016
@@ -8209,15 +8209,15 @@ CVE-2017-15552
 	REJECTED
 CVE-2017-15551
 	REJECTED
-CVE-2017-15550
+CVE-2017-15550 (An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4. ...)
 	NOT-FOR-US: EMC Avamar Server
-CVE-2017-15549
+CVE-2017-15549 (An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4. ...)
 	NOT-FOR-US: EMC Avamar Server
-CVE-2017-15548
+CVE-2017-15548 (An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4. ...)
 	NOT-FOR-US: EMC Avamar Server
 CVE-2017-15547
 	REJECTED
-CVE-2017-15546
+CVE-2017-15546 (The Security Console in EMC RSA Authentication Manager 8.2 SP1 P6 and  ...)
 	NOT-FOR-US: EMC RSA Authentication Manager
 CVE-2017-15545
 	REJECTED
@@ -8231,42 +8231,42 @@ CVE-2017-15541
 	REJECTED
 CVE-2017-15540
 	REJECTED
-CVE-2017-15539
+CVE-2017-15539 (SQL Injection exists in zorovavi/blog through 2017-10-17 via the id pa ...)
 	NOT-FOR-US: zorovavi/blog
-CVE-2017-15587
+CVE-2017-15587 (An integer overflow was discovered in pdf_read_new_xref_section in pdf ...)
 	{DSA-4006-2 DSA-4006-1 DLA-1164-1}
 	- mupdf 1.11+ds1-2 (bug #879055)
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=82df2631d7d0446b206ea6b434ea609b6c28b0e8
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698605 (not public)
 	NOTE: https://nandynarwhals.org/CVE-2017-15587/
-CVE-2017-15538
+CVE-2017-15538 (Stored XSS vulnerability in the Media Objects component of ILIAS befor ...)
 	NOT-FOR-US: ILIAS
-CVE-2017-15536
+CVE-2017-15536 (An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.x  ...)
 	NOT-FOR-US: Cloudera Data Science Workbench
-CVE-2017-15535
+CVE-2017-15535 (MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by- ...)
 	- mongodb <not-affected> (wire protocol compression introduced in 3.4.x and disabled by default)
 	NOTE: https://jira.mongodb.org/browse/SERVER-31273
-CVE-2017-15534
+CVE-2017-15534 (The Norton App Lock prior to version 1.3.0.13 can be susceptible to an ...)
 	NOT-FOR-US: Noron App Lock
-CVE-2017-15533
+CVE-2017-15533 (Symantec SSL Visibility (SSLV) 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11,  ...)
 	NOT-FOR-US: Symantec
-CVE-2017-15532
+CVE-2017-15532 (Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a pa ...)
 	NOT-FOR-US: Symantec
-CVE-2017-15531
+CVE-2017-15531 (Symantec Reporter 9.5 prior to 9.5.4.1 and 10.1 prior to 10.1.5.5 does ...)
 	NOT-FOR-US: Symantec
-CVE-2017-15530
+CVE-2017-15530 (Prior to 4.4.1.10, the Norton Family Android App can be susceptible to ...)
 	NOT-FOR-US: Norton
-CVE-2017-15529
+CVE-2017-15529 (Prior to 4.4.1.10, the Norton Family Android App can be susceptible to ...)
 	NOT-FOR-US: Norton
-CVE-2017-15528
+CVE-2017-15528 (Prior to v 7.6, the Install Norton Security (INS) product can be susce ...)
 	NOT-FOR-US: Install Norton Security
-CVE-2017-15527
+CVE-2017-15527 (Prior to ITMS 8.1 RU4, the Symantec Management Console can be suscepti ...)
 	NOT-FOR-US: Symantec
-CVE-2017-15526
+CVE-2017-15526 (Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptib ...)
 	NOT-FOR-US: Symantec
-CVE-2017-15525
+CVE-2017-15525 (Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptib ...)
 	NOT-FOR-US: Symantec
-CVE-2017-15524
+CVE-2017-15524 (The Application Firewall Pack (AFP, aka Web Application Firewall) comp ...)
 	NOT-FOR-US: Kemp Load Balancer
 CVE-2017-15523
 	REJECTED
@@ -8276,19 +8276,19 @@ CVE-2017-15521
 	REJECTED
 CVE-2017-15520
 	REJECTED
-CVE-2017-15519
+CVE-2017-15519 (Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote  ...)
 	NOT-FOR-US: SnapCenter
-CVE-2017-15518
+CVE-2017-15518 (All versions of OnCommand API Services prior to 2.1 and NetApp Service ...)
 	NOT-FOR-US: NetApp
-CVE-2017-15517
+CVE-2017-15517 (AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to o ...)
 	NOT-FOR-US: AltaVault OST Plug-in
-CVE-2017-15516
+CVE-2017-15516 (NetApp SnapCenter Server versions 1.1 through 2.x are susceptible to a ...)
 	NOT-FOR-US: NetApp
-CVE-2017-15515
+CVE-2017-15515 (NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scr ...)
 	NOT-FOR-US: NetApp SnapCenter Server
 CVE-2017-15514
 	RESERVED
-CVE-2017-15568
+CVE-2017-15568 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, X ...)
 	{DSA-4191-1}
 	- redmine 3.4.4-1 (bug #882544)
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8297,7 +8297,7 @@ CVE-2017-15568
 	NOTE: https://www.redmine.org/issues/27186 (private)
 	NOTE: upstream fixed in 3.2.8, 3.3.5 and 3.4.3
 	NOTE: https://github.com/redmine/redmine/commit/94f7cfbf990028348b9262578acbc53a94fce448
-CVE-2017-15569
+CVE-2017-15569 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, X ...)
 	{DSA-4191-1}
 	- redmine 3.4.4-1 (bug #882545)
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8305,7 +8305,7 @@ CVE-2017-15569
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/27186 (private)
 	NOTE: https://github.com/redmine/redmine/commit/56c8ee0440d8555aa7822d947ba9091c8a791508
-CVE-2017-15570
+CVE-2017-15570 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, X ...)
 	{DSA-4191-1}
 	- redmine 3.4.4-1 (bug #882547)
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8313,7 +8313,7 @@ CVE-2017-15570
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/27186 (private)
 	NOTE: https://github.com/redmine/redmine/commit/1a0976417975a128b0a932ba1552c37e9414953b
-CVE-2017-15571
+CVE-2017-15571 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, X ...)
 	{DSA-4191-1}
 	- redmine 3.4.4-1 (bug #882548)
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8321,7 +8321,7 @@ CVE-2017-15571
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/27186 (private)
 	NOTE: https://github.com/redmine/redmine/commit/273dd9cb3bcfb1e0a0b90570b3b34eafa07d67aa
-CVE-2017-15573
+CVE-2017-15573 (In Redmine before 3.2.6 and 3.3.x before 3.3.3, XSS exists because mar ...)
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8329,7 +8329,7 @@ CVE-2017-15573
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/25503 (private)
 	NOTE: upstream fixed in 3.2.6 and 3.3.3
-CVE-2017-15572
+CVE-2017-15572 (In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers can o ...)
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8337,7 +8337,7 @@ CVE-2017-15572
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/24416 (private)
 	NOTE: upstream fixed in 3.2.6 and 3.3.3
-CVE-2017-15575
+CVE-2017-15575 (In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a che ...)
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8345,7 +8345,7 @@ CVE-2017-15575
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/24307 (private)
 	NOTE: upstream fixed in 3.2.6 and 3.3.3
-CVE-2017-15574
+CVE-2017-15574 (In Redmine before 3.2.6 and 3.3.x before 3.3.3, stored XSS is possible ...)
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8353,7 +8353,7 @@ CVE-2017-15574
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/24199 (private)
 	NOTE: upstream fixed in 3.2.6 and 3.3.3
-CVE-2017-15576
+CVE-2017-15576 (Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rend ...)
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8361,7 +8361,7 @@ CVE-2017-15576
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/23803 (private)
 	NOTE: upstream fixed in 3.2.6 and 3.3.3
-CVE-2017-15577
+CVE-2017-15577 (Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering o ...)
 	{DSA-4191-1}
 	- redmine 3.4.2-1
 	[jessie] - redmine <end-of-life> (Not supported in Jessie-LTS)
@@ -8369,7 +8369,7 @@ CVE-2017-15577
 	NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
 	NOTE: https://www.redmine.org/issues/23793 (private)
 	NOTE: upstream fixed in 3.2.6 and 3.3.3
-CVE-2017-15537
+CVE-2017-15537 (The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before ...)
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
@@ -8541,46 +8541,46 @@ CVE-2017-15432
 	REJECTED
 CVE-2017-15431
 	RESERVED
-CVE-2017-15430
+CVE-2017-15430 (Unsafe navigation in Chromecast in Google Chrome prior to 63.0.3239.84 ...)
 	- chromium-browser <not-affected> (Plugin specific to Chrome)
-CVE-2017-15429
+CVE-2017-15429 (Inappropriate implementation in V8 WebAssembly JS bindings in Google C ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-15428
+CVE-2017-15428 (Insufficient data validation in V8 builtins string generator could lea ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15427
+CVE-2017-15427 (Insufficient policy enforcement in Omnibox in Google Chrome prior to 6 ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15426
+CVE-2017-15426 (Insufficient policy enforcement in Omnibox in Google Chrome prior to 6 ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15425
+CVE-2017-15425 (Insufficient policy enforcement in Omnibox in Google Chrome prior to 6 ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15424
+CVE-2017-15424 (Insufficient policy enforcement in Omnibox in Google Chrome prior to 6 ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15423
+CVE-2017-15423 (Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prio ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15422
+CVE-2017-15422 (Integer overflow in international date handling in International Compo ...)
 	{DSA-4150-1}
 	- icu 57.1-9 (bug #892766)
 	[wheezy] - icu <not-affected> (Vulnerable code not present)
@@ -8589,92 +8589,92 @@ CVE-2017-15422
 	NOTE: Issue fixed in: https://ssl.icu-project.org/trac/changeset/40654
 CVE-2017-15421
 	RESERVED
-CVE-2017-15420
+CVE-2017-15420 (Incorrect handling of back navigations in error pages in Navigation in ...)
 	{DSA-4103-1 DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15419
+CVE-2017-15419 (Insufficient policy enforcement in Resource Timing API in Google Chrom ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15418
+CVE-2017-15418 (Use of uninitialized memory in Skia in Google Chrome prior to 63.0.323 ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15417
+CVE-2017-15417 (Inappropriate implementation in Skia canvas composite operations in Go ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15416
+CVE-2017-15416 (Heap buffer overflow in Blob API in Google Chrome prior to 63.0.3239.8 ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15415
+CVE-2017-15415 (Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84  ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15414
 	RESERVED
-CVE-2017-15413
+CVE-2017-15413 (Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.323 ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15412
+CVE-2017-15412 (Use after free in libxml2 before 2.9.5, as used in Google Chrome prior ...)
 	{DSA-4086-1 DLA-1211-1}
 	- libxml2 2.9.4+dfsg1-5.2 (bug #883790)
 	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=727039
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=783160 (not public)
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=0f3b843b3534784ef57a4f9b874238aa1fda5a73
-CVE-2017-15411
+CVE-2017-15411 (Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowe ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15410
+CVE-2017-15410 (Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowe ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15409
+CVE-2017-15409 (Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 al ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15408
+CVE-2017-15408 (Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15407
+CVE-2017-15407 (Out-of-bounds Write in the QUIC networking stack in Google Chrome prio ...)
 	{DSA-4064-1}
 	- chromium-browser 63.0.3239.84-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15406
+CVE-2017-15406 (A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 a ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-15405
+CVE-2017-15405 (Inappropriate symlink handling and a race condition in the stateful re ...)
 	NOT-FOR-US: Chrome OS
-CVE-2017-15404
+CVE-2017-15404 (An ability to process crash dumps under root privileges and inappropri ...)
 	NOT-FOR-US: Chrome OS
-CVE-2017-15403
+CVE-2017-15403 (Insufficient data validation in crosh could lead to a command injectio ...)
 	NOT-FOR-US: Chrome OS
-CVE-2017-15402
+CVE-2017-15402 (Using an ID that can be controlled by a compromised renderer which all ...)
 	NOT-FOR-US: Chrome OS
-CVE-2017-15401
+CVE-2017-15401 (A memory corruption bug in WebAssembly could lead to out of bounds rea ...)
 	NOT-FOR-US: Chrome OS
-CVE-2017-15400
+CVE-2017-15400 (Insufficient restriction of IPP filters in CUPS in Google Chrome OS pr ...)
 	{DSA-4243-1}
 	- cups 2.2.3-2
 	[jessie] - cups <not-affected> (Vulnerable code not present, ppdCreateFromIPP() introduced in v2.2.0)
@@ -8683,148 +8683,148 @@ CVE-2017-15400
 	NOTE: Patches from upstream to restrict what filters will be accpeted
 	NOTE: https://github.com/apple/cups/commit/07428f6a640ff93aa0b4cc69ca372e2cf8490e41 (v2.2.2)
 	NOTE: https://github.com/apple/cups/commit/1add23375658e9163e5493ee19de7c9f7a9b483b (v2.2.2)
-CVE-2017-15399
+CVE-2017-15399 (A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed  ...)
 	{DSA-4024-1}
 	- chromium-browser 62.0.3202.89-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-15398
+CVE-2017-15398 (A stack buffer overflow in the QUIC networking stack in Google Chrome  ...)
 	{DSA-4024-1}
 	- chromium-browser 62.0.3202.89-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15397
+CVE-2017-15397 (Inappropriate implementation in ChromeVox in Google Chrome OS prior to ...)
 	NOT-FOR-US: ChromeVox in Google Chrome OS
-CVE-2017-15396
+CVE-2017-15396 (A stack buffer overflow in NumberingSystem in International Components ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-15395
+CVE-2017-15395 (A use after free in Blink in Google Chrome prior to 62.0.3202.62 allow ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15394
+CVE-2017-15394 (Insufficient Policy Enforcement in Extensions in Google Chrome prior t ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15393
+CVE-2017-15393 (Insufficient Policy Enforcement in Devtools remote debugging in Google ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15392
+CVE-2017-15392 (Insufficient data validation in V8 in Google Chrome prior to 62.0.3202 ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15391
+CVE-2017-15391 (Insufficient Policy Enforcement in Extensions in Google Chrome prior t ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15390
+CVE-2017-15390 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 6 ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15389
+CVE-2017-15389 (An insufficient watchdog timer in navigation in Google Chrome prior to ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15388
+CVE-2017-15388 (Iteration through non-finite points in Skia in Google Chrome prior to  ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15387
+CVE-2017-15387 (Insufficient enforcement of Content Security Policy in Blink in Google ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15386
+CVE-2017-15386 (Incorrect implementation in Blink in Google Chrome prior to 62.0.3202. ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-15385
+CVE-2017-15385 (The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c ...)
 	- radare2 2.1.0+dfsg-1 (bug #879119)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	NOTE: https://github.com/radare/radare2/issues/8685
 	NOTE: https://github.com/radare/radare2/commit/21a6f570ba33fa9f52f1bba87f07acc4e8c178f4
-CVE-2017-15384
+CVE-2017-15384 (rate-me.php in Rate Me 1.0 has XSS via the id field in a rate action. ...)
 	NOT-FOR-US: Rate Me
-CVE-2017-15383
+CVE-2017-15383 (Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploita ...)
 	NOT-FOR-US: Nero
 CVE-2017-15382
 	RESERVED
-CVE-2017-15381
+CVE-2017-15381 (SQL Injection exists in E-Sic 1.0 via the f parameter to esiclivre/res ...)
 	NOT-FOR-US: E-Sic
-CVE-2017-15380
+CVE-2017-15380 (XSS exists in the E-Sic 1.0 /cadastro/index.php URI (aka the requester ...)
 	NOT-FOR-US: E-Sic
-CVE-2017-15379
+CVE-2017-15379 (An authentication bypass exists in the E-Sic 1.0 /index (aka login) UR ...)
 	NOT-FOR-US: E-Sic
-CVE-2017-15378
+CVE-2017-15378 (SQL Injection exists in the E-Sic 1.0 password reset parameter (aka th ...)
 	NOT-FOR-US: E-Sic
-CVE-2017-15377
+CVE-2017-15377 (In Suricata before 4.x, it was possible to trigger lots of redundant c ...)
 	{DLA-1603-1}
 	- suricata 1:4.0.0-1 (low)
 	[stretch] - suricata <no-dsa> (Minor issue)
 	[wheezy] - suricata <no-dsa> (Minor issue)
 	NOTE: https://github.com/OISF/suricata/pull/2680/commits/47afc577ff763150f9b47f10331f5ef9eb847a57
 	NOTE: https://redmine.openinfosecfoundation.org/issues/2231
-CVE-2017-15376
+CVE-2017-15376 (The TELNET service in Mobatek MobaXterm 10.4 does not require authenti ...)
 	NOT-FOR-US: Mobatek MobaXterm
-CVE-2017-15375
+CVE-2017-15375 (Multiple client-side cross site scripting vulnerabilities have been di ...)
 	NOT-FOR-US: WpJobBoard
-CVE-2017-15374
+CVE-2017-15374 (Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the cu ...)
 	NOT-FOR-US: Shopware
-CVE-2017-15373
+CVE-2017-15373 (E-Sic 1.0 allows SQL injection via the q parameter to esiclivre/restri ...)
 	NOT-FOR-US: E-Sic
-CVE-2017-15372
+CVE-2017-15372 (There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expan ...)
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #878808)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500553
 	NOTE: https://github.com/mansr/sox/commit/001c337552912d286ba68086ac378f6fdc1e8b50
-CVE-2017-15371
+CVE-2017-15371 (There is a reachable assertion abort in the function sox_append_commen ...)
 	{DLA-1705-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #878809)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500570
 	NOTE: https://github.com/mansr/sox/commit/818bdd0ccc1e5b6cae742c740c17fd414935cf39
-CVE-2017-15370
+CVE-2017-15370 (There is a heap-based buffer overflow in the ImaExpandS function of im ...)
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #878810)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500554
 	NOTE: https://github.com/mansr/sox/commit/ef3d8be0f80cbb650e4766b545d61e10d7a24c9e
-CVE-2017-15369
+CVE-2017-15369 (The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF b ...)
 	- mupdf <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=c2663e51238ec8256da7fc61ad580db891d9fe9a
 	NOTE: Introduced by: http://git.ghostscript.com/?p=mupdf.git;h=2707fa9e8e6d17d794330e719dec1b08161fb045
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698592
-CVE-2017-15368
+CVE-2017-15368 (The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 al ...)
 	- radare2 2.1.0+dfsg-1 (bug #878767)
 	[stretch] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0)
 	NOTE: https://github.com/radare/radare2/issues/8673
 	NOTE: https://github.com/radare/radare2/commit/52b1526443c1f433087928291d1c3d37a5600515
-CVE-2017-15367
+CVE-2017-15367 (Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vuln ...)
 	NOT-FOR-US: Bacula-Web
-CVE-2017-15366
+CVE-2017-15366 (Before Thornberry NDoc version 8.0, laptop clients and the server have ...)
 	NOT-FOR-US: Thornberry NDoc
-CVE-2017-15365
+CVE-2017-15365 (sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before  ...)
 	{DSA-4341-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 1:10.1.34-1 (bug #885345)
@@ -8839,204 +8839,204 @@ CVE-2017-15365
 	NOTE: Likely (unconfirmed) fix: https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e?diff=unified
 	NOTE: Possibly only introduced with https://github.com/MariaDB/server/commit/df4dd593f29aec8e2116aec1775ad4b8833d8c93 (mariadb-10.1.1)
 	NOTE: starting to be present in mariadb-10.1.1.
-CVE-2017-15364
+CVE-2017-15364 (The foreach function in ext/ccsv.c in Ccsv 1.1.0 allows remote attacke ...)
 	NOT-FOR-US: ccsv
-CVE-2017-15363
+CVE-2017-15363 (Directory traversal vulnerability in public/examples/resources/getsour ...)
 	NOT-FOR-US: Luracast Restler
-CVE-2017-15362
+CVE-2017-15362 (osTicket 1.10.1 allows arbitrary client-side JavaScript code execution ...)
 	NOT-FOR-US: osTicket
-CVE-2017-15361
+CVE-2017-15361 (The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module  ...)
 	NOT-FOR-US: Infineon RSA library
-CVE-2017-15360
+CVE-2017-15360 (PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cros ...)
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2017-15359
+CVE-2017-15359 (In the 3CX Phone System 15.5.3554.1, the Management Console typically  ...)
 	NOT-FOR-US: 3CX Phone System
-CVE-2017-15358
+CVE-2017-15358 (Race condition in the Charles Proxy Settings suid binary in Charles Pr ...)
 	NOT-FOR-US: Charles Proxy
-CVE-2017-15357
+CVE-2017-15357 (The setpermissions function in the auto-updater in Arq before 5.9.7 fo ...)
 	NOT-FOR-US: Arq
-CVE-2017-15356
+CVE-2017-15356 (Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15355
+CVE-2017-15355 (Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15354
+CVE-2017-15354 (Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15353
+CVE-2017-15353 (Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15352
+CVE-2017-15352 (Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15351
+CVE-2017-15351 (The 'Find Phone' function in Huawei Honor V9 play smart phones with ve ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15350
+CVE-2017-15350 (The Common Open Policy Service Protocol (COPS) module in Huawei DP300  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15349
+CVE-2017-15349 (Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15348
+CVE-2017-15348 (Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 V500R0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15347
+CVE-2017-15347 (Huawei Mate 9 Pro mobile phones with software of versions earlier than ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15346
+CVE-2017-15346 (XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15345
+CVE-2017-15345 (Huawei Smartphones with software LON-L29DC721B186 have a denial of ser ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15344
+CVE-2017-15344 (Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V20 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15343
+CVE-2017-15343 (Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V20 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15342
+CVE-2017-15342 (Huawei DP300 V500R002C00, TE60 V600R006C00, TP3106 V100R002C00, eSpace ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15341
+CVE-2017-15341 (Huawei AR3200 V200R008C20, V200R008C30, TE40 V600R006C00, TE50 V600R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15340
+CVE-2017-15340 (Huawei smartphones with software of TAG-AL00C92B168 have an informatio ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15339
+CVE-2017-15339 (The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15338
+CVE-2017-15338 (The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15337
+CVE-2017-15337 (The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15336
+CVE-2017-15336 (The SIP backup feature in Huawei DP300 V500R002C00, IPS Module V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15335
+CVE-2017-15335 (The SIP backup feature in Huawei DP300 V500R002C00, IPS Module V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15334
+CVE-2017-15334 (The SIP backup feature in Huawei DP300 V500R002C00, IPS Module V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15333
+CVE-2017-15333 (XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15332
+CVE-2017-15332 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15331
+CVE-2017-15331 (Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15330
+CVE-2017-15330 (The Flp Driver in some Huawei smartphones of the software Vicky-AL00AC ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15329
+CVE-2017-15329 (Huawei UMA V200R001C00 has a SQL injection vulnerability in the operat ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15328
+CVE-2017-15328 (Huawei HG8245H version earlier than V300R018C00SPC110 has an authentic ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15327
+CVE-2017-15327 (S12700 V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15326
+CVE-2017-15326 (DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algori ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15325
+CVE-2017-15325 (The Bdat driver of Prague smart phones with software versions earlier  ...)
 	NOT-FOR-US: Bdat driver of Prague smart phones
-CVE-2017-15324
+CVE-2017-15324 (Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnera ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15323
+CVE-2017-15323 (Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C3 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15322
+CVE-2017-15322 (Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 a ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15321
+CVE-2017-15321 (Huawei FusionSphere OpenStack V100R006C000SPC102 (NFV) has an informat ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15320
+CVE-2017-15320 (RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15319
+CVE-2017-15319 (RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15318
+CVE-2017-15318 (RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15317
+CVE-2017-15317 (AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V20 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15316
+CVE-2017-15316 (The GPU driver of Mate 9 Huawei smart phones with software before MHA- ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15315
+CVE-2017-15315 (Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, N ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15314
+CVE-2017-15314 (Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15313
+CVE-2017-15313 (Huawei SmartCare V200R003C10 has a CSV injection vulnerability. An rem ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15312
+CVE-2017-15312 (Huawei SmartCare V200R003C10 has a stored XSS (cross-site scripting) v ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15311
+CVE-2017-15311 (The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawe ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15310
+CVE-2017-15310 (Huawei iReader app before 8.0.2.301 has an arbitrary file deletion vul ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15309
+CVE-2017-15309 (Huawei iReader app before 8.0.2.301 has a path traversal vulnerability ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15308
+CVE-2017-15308 (Huawei iReader app before 8.0.2.301 has an input validation vulnerabil ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15307
+CVE-2017-15307 (Huawei Honor 8 smartphone with software versions earlier than FRD-L04C ...)
 	NOT-FOR-US: Huawei
-CVE-2017-15306
+CVE-2017-15306 (The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc. ...)
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/ac64115a66c18c01745bbd3c47a36b124e5fd8c0 (4.14-rc7)
-CVE-2017-15305
+CVE-2017-15305 (XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php. ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-15304
+CVE-2017-15304 (/bin/login.php in the Web Panel on the Airtame HDMI dongle with firmwa ...)
 	NOT-FOR-US: Airtame HDMI dongle
-CVE-2017-15303
+CVE-2017-15303 (In CPUID CPU-Z before 1.43, there is an arbitrary memory write that re ...)
 	NOT-FOR-US: CPUID CPU-Z
-CVE-2017-15302
+CVE-2017-15302 (In CPUID CPU-Z through 1.81, there are improper access rights to a ker ...)
 	NOT-FOR-US: CPUID CPU-Z
 CVE-2017-15301
 	RESERVED
-CVE-2017-15300
+CVE-2017-15300 (The miner statistics HTTP API in EWBF Cuda Zcash Miner Version 0.3.4b  ...)
 	NOT-FOR-US: EWBF Cuda Zcash Miner
-CVE-2017-15299
+CVE-2017-15299 (The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use o ...)
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/60ff5b2f547af3828aebafd54daded44cfb0807a (4.14-rc6)
-CVE-2017-15298
+CVE-2017-15298 (Git through 2.14.2 mishandles layers of tree objects, which allows rem ...)
 	- git <unfixed> (unimportant)
 	NOTE: https://kate.io/blog/git-bomb/
 	NOTE: https://github.com/Katee/git-bomb
 	NOTE: No practical security implications
-CVE-2017-15297
+CVE-2017-15297 (SAP Hostcontrol does not require authentication for the SOAP SAPContro ...)
 	NOT-FOR-US: SAP
-CVE-2017-15296
+CVE-2017-15296 (The Java component in SAP CRM has CSRF. This is SAP Security Note 2478 ...)
 	NOT-FOR-US: SAP
-CVE-2017-15295
+CVE-2017-15295 (Xpress Server in SAP POS does not require authentication for read/writ ...)
 	NOT-FOR-US: SAP
-CVE-2017-15294
+CVE-2017-15294 (The Java administration console in SAP CRM has XSS. This is SAP Securi ...)
 	NOT-FOR-US: SAP
-CVE-2017-15293
+CVE-2017-15293 (Xpress Server in SAP POS does not require authentication for file read ...)
 	NOT-FOR-US: SAP
 CVE-2017-15292
 	RESERVED
-CVE-2017-15291
+CVE-2017-15291 (Cross-site scripting (XSS) vulnerability in the Wireless MAC Filtering ...)
 	NOT-FOR-US: TP-LINK TL-MR3220 wireless routers
-CVE-2017-15290
+CVE-2017-15290 (Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before 7.5 ...)
 	NOT-FOR-US: Mirasys Video Management System
-CVE-2017-15594
+CVE-2017-15594 (An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest ...)
 	{DSA-4050-1 DLA-1559-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	[wheezy] - xen <ignored> (minor issue)
 	NOTE: https://xenbits.xen.org/xsa/advisory-244.html
-CVE-2017-15592
+CVE-2017-15592 (An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS ...)
 	{DSA-4050-1 DLA-1559-1 DLA-1181-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-243.html
-CVE-2017-15593
+CVE-2017-15593 (An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS  ...)
 	{DSA-4050-1 DLA-1559-1 DLA-1181-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-242.html
-CVE-2017-15588
+CVE-2017-15588 (An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS  ...)
 	{DSA-4050-1 DLA-1549-1 DLA-1181-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-241.html
-CVE-2017-15595
+CVE-2017-15595 (An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS  ...)
 	{DSA-4050-1 DLA-1559-1 DLA-1181-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-240.html
-CVE-2017-15589
+CVE-2017-15589 (An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS ...)
 	{DSA-4050-1 DLA-1549-1 DLA-1181-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-239.html
-CVE-2017-15591
+CVE-2017-15591 (An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers  ...)
 	{DSA-4050-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	[jessie] - xen <not-affected> (Only affects 4.5 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.5 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-238.html
-CVE-2017-15590
+CVE-2017-15590 (An issue was discovered in Xen through 4.9.x allowing x86 guest OS use ...)
 	{DSA-4050-1 DLA-1549-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	[wheezy] - xen <no-dsa> (Patches too intrusive to backport)
 	NOTE: https://xenbits.xen.org/xsa/advisory-237.html
-CVE-2017-15289
+CVE-2017-15289 (The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow ...)
 	{DSA-4213-1 DLA-1497-1}
 	- qemu 1:2.11+dfsg-1 (bug #880832)
 	[wheezy] - qemu <postponed> (Can be fixed along in a future update)
@@ -9044,31 +9044,31 @@ CVE-2017-15289
 	[wheezy] - qemu-kvm <postponed> (Can be fixed along in a future update)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg02557.html
 	NOTE: Fixed by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=eb38e1bc3740725ca29a535351de94107ec58d51
-CVE-2017-15288
+CVE-2017-15288 (The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12,  ...)
 	- scala 2.11.12-1 (unimportant)
 	NOTE: http://scala-lang.org/news/security-update-nov17.html
 	NOTE: For 2.11.x: https://github.com/scala/scala/pull/6108
 	NOTE: For 2.12.x: https://github.com/scala/scala/pull/6120
 	NOTE: For 2.10.x: https://github.com/scala/scala/pull/6128
 	NOTE: Neutralised by kernel hardening
-CVE-2017-15287
+CVE-2017-15287 (There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dream ...)
 	NOT-FOR-US: BouquetEditor WebPlugin
-CVE-2017-15286
+CVE-2017-15286 (SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in she ...)
 	- sqlite3 3.20.1-2 (low; bug #878680)
 	[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
 	[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/Ha0Team/crash-of-sqlite3/blob/master/poc.md
 	NOTE: https://www.sqlite.org/src/info/5d0ceb8dcdef92cd
-CVE-2017-15285
+CVE-2017-15285 (X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to Remote Co ...)
 	NOT-FOR-US: X-Cart
-CVE-2017-15284
+CVE-2017-15284 (Cross-Site Scripting exists in OctoberCMS 1.0.425 (aka Build 425), all ...)
 	NOT-FOR-US: OctoberCMS
 CVE-2017-15283
 	RESERVED
 CVE-2017-15282
 	RESERVED
-CVE-2017-15281
+CVE-2017-15281 (ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote atta ...)
 	{DLA-1139-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878579)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -9076,13 +9076,13 @@ CVE-2017-15281
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/832
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e9d1c2adae866861a291535997b2263f26becb1e
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/32cbfceeee57962321b2ead627129c9d9ffbfcdb
-CVE-2017-15280
+CVE-2017-15280 (XML external entity (XXE) vulnerability in Umbraco CMS before 7.7.3 al ...)
 	NOT-FOR-US: Umbraco CMS
-CVE-2017-15279
+CVE-2017-15279 (Cross-site scripting (XSS) vulnerability in Umbraco CMS before 7.7.3 a ...)
 	NOT-FOR-US: Umbraco CMS
-CVE-2017-15278
+CVE-2017-15278 (Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. ...)
 	NOT-FOR-US: TeamPass
-CVE-2017-15277
+CVE-2017-15277 (ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick ...)
 	{DSA-4321-1 DSA-4040-1 DSA-4032-1 DLA-1456-1 DLA-1140-1 DLA-1139-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #878578)
 	- graphicsmagick 1.3.26-14
@@ -9090,30 +9090,30 @@ CVE-2017-15277
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/592
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/923c4a525c99
 	NOTE: https://github.com/neex/gifoeb
-CVE-2017-15276
+CVE-2017-15276 (OpenText Documentum Content Server (formerly EMC Documentum Content Se ...)
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-15275
+CVE-2017-15275 (Samba before 4.7.3 might allow remote attackers to obtain sensitive in ...)
 	{DSA-4043-1 DLA-1183-1}
 	- samba 2:4.7.1+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2017-15275.html
-CVE-2017-15274
+CVE-2017-15274 (security/keys/keyctl.c in the Linux kernel before 4.11.5 does not cons ...)
 	- linux 4.11.6-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.48-1
 	[wheezy] - linux 3.2.93-1
 	NOTE: Fixed by: https://git.kernel.org/linus/5649645d725c73df4302428ee4e02c869248b4c5 (4.12-rc5)
-CVE-2017-15273
+CVE-2017-15273 (Mahara 15.04 before 15.04.15, 16.04 before 16.04.9, 16.10 before 16.10 ...)
 	- mahara <removed>
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=8081
-CVE-2017-15272
+CVE-2017-15272 (The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSF ...)
 	NOT-FOR-US: PSFTPd
-CVE-2017-15271
+CVE-2017-15271 (A use-after-free issue could be triggered remotely in the SFTP compone ...)
 	NOT-FOR-US: PSFTPd
-CVE-2017-15270
+CVE-2017-15270 (The PSFTPd 10.0.4 Build 729 server does not properly escape data befor ...)
 	NOT-FOR-US: PSFTPd
-CVE-2017-15269
+CVE-2017-15269 (The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans b ...)
 	NOT-FOR-US: PSFTPd
-CVE-2017-15268
+CVE-2017-15268 (Qemu through 2.10.0 allows remote attackers to cause a memory leak by  ...)
 	{DSA-4213-1}
 	- qemu 1:2.11+dfsg-1 (bug #880836)
 	[jessie] - qemu <not-affected> (I/O channels driver websockets introduced later)
@@ -9123,7 +9123,7 @@ CVE-2017-15268
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1496879
 	NOTE: https://bugs.launchpad.net/bugs/1718964
 	NOTE: Fixed by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=a7b20a8efa28e5f22c26c06cd06c2f12bc863493
-CVE-2017-15267
+CVE-2017-15267 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_m ...)
 	{DLA-1198-1}
 	- libextractor 1:1.6-1 (bug #878314)
 	[stretch] - libextractor 1:1.3-4+deb9u1
@@ -9132,7 +9132,7 @@ CVE-2017-15267
 	NOTE: http://openwall.com/lists/oss-security/2017/10/11/1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1499600
 	NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=6095d7132b57fc7368fc7a40bab2a71b735724d2
-CVE-2017-15266
+CVE-2017-15266 (In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_ex ...)
 	{DLA-1198-1}
 	- libextractor 1:1.6-1 (bug #878314)
 	[stretch] - libextractor 1:1.3-4+deb9u1
@@ -9141,66 +9141,66 @@ CVE-2017-15266
 	NOTE: http://openwall.com/lists/oss-security/2017/10/11/1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1499599
 	NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=b577d5452c5c4ee9d552da62a24b95f461551fe2
-CVE-2017-15265
+CVE-2017-15265 (Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 ...)
 	{DLA-1200-1}
 	- linux 4.13.4-2
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1062520
 	NOTE: http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html
-CVE-2017-15264
+CVE-2017-15264 (IrfanView version 4.44 (32bit) allows attackers to cause a denial of s ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15263
+CVE-2017-15263 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15262
+CVE-2017-15262 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15261
+CVE-2017-15261 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15260
+CVE-2017-15260 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15259
+CVE-2017-15259 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15258
+CVE-2017-15258 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15257
+CVE-2017-15257 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15256
+CVE-2017-15256 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15255
+CVE-2017-15255 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15254
+CVE-2017-15254 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15253
+CVE-2017-15253 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15252
+CVE-2017-15252 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15251
+CVE-2017-15251 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15250
+CVE-2017-15250 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15249
+CVE-2017-15249 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15248
+CVE-2017-15248 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15247
+CVE-2017-15247 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15246
+CVE-2017-15246 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15245
+CVE-2017-15245 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15244
+CVE-2017-15244 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15243
+CVE-2017-15243 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15242
+CVE-2017-15242 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15241
+CVE-2017-15241 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15240
+CVE-2017-15240 (IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows att ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15239
+CVE-2017-15239 (IrfanView 4.44 - 32bit with PDF plugin version 4.43 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-15238
+CVE-2017-15238 (ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-aft ...)
 	{DSA-4321-1}
 	- graphicsmagick 1.3.26-14
 	[jessie] - graphicsmagick <not-affected> (Vulnerable code not present)
@@ -9210,9 +9210,9 @@ CVE-2017-15238
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/469/
 CVE-2017-15237
 	RESERVED
-CVE-2017-15236
+CVE-2017-15236 (Tiandy IP cameras 5.56.17.120 do not properly restrict a certain propr ...)
 	NOT-FOR-US: Tiandy IP cameras
-CVE-2017-15235
+CVE-2017-15235 (The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allo ...)
 	- php-horde-gollem 3.0.12-1
 	[stretch] - php-horde-gollem <no-dsa> (Minor issue)
 	[jessie] - php-horde-gollem <no-dsa> (Minor issue)
@@ -9223,7 +9223,7 @@ CVE-2017-15234
 	RESERVED
 CVE-2017-15233
 	RESERVED
-CVE-2017-15232
+CVE-2017-15232 (libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and j ...)
 	- libjpeg-turbo <unfixed> (low; bug #878567)
 	[stretch] - libjpeg-turbo <ignored> (Minor issue)
 	[jessie] - libjpeg-turbo <no-dsa> (Minor issue)
@@ -9241,19 +9241,19 @@ CVE-2017-15230
 	RESERVED
 CVE-2017-15229
 	RESERVED
-CVE-2017-15228
+CVE-2017-15228 (Irssi before 1.0.5, when installing themes with unterminated colour fo ...)
 	{DSA-4016-1 DLA-1217-1}
 	- irssi 1.0.5-1 (bug #879521)
 	NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
 	NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
-CVE-2017-15227
+CVE-2017-15227 (Irssi before 1.0.5, while waiting for the channel synchronisation, may ...)
 	{DSA-4016-1 DLA-1217-1}
 	- irssi 1.0.5-1 (bug #879521)
 	NOTE: https://irssi.org/security/irssi_sa_2017_10.txt
 	NOTE: https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1
-CVE-2017-15226
+CVE-2017-15226 (Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the o ...)
 	NOT-FOR-US: Zyxel
-CVE-2017-15225
+CVE-2017-15225 (_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descript ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -9263,72 +9263,72 @@ CVE-2017-15225
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b55ec8b676ed05d93ee49d6c79ae0403616c4fb0
 CVE-2017-15224
 	RESERVED
-CVE-2017-15223
+CVE-2017-15223 (Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 a ...)
 	NOT-FOR-US: ArGoSoft Mini Mail Server
-CVE-2017-15222
+CVE-2017-15222 (Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows r ...)
 	NOT-FOR-US: Ayukov NFTPD
-CVE-2017-15221
+CVE-2017-15221 (ASX to MP3 converter 3.1.3.7.2010.11.05 has a buffer overflow via a cr ...)
 	NOT-FOR-US: ASX to MP3 converter
-CVE-2017-15220
+CVE-2017-15220 (Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overfl ...)
 	NOT-FOR-US: Flexense VX Search Enterprise
-CVE-2017-15219
+CVE-2017-15219 (The dotCMS 4.1.1 application is vulnerable to Stored Cross-Site Script ...)
 	NOT-FOR-US: dotCMS
-CVE-2017-15218
+CVE-2017-15218 (ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/760
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/698c09d05a749664288281012f319cd51da664ee
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6387479aa974709d5c329c8efbde38175f386844
-CVE-2017-15217
+CVE-2017-15217 (ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c. ...)
 	[experimental] - imagemagick 8:6.9.9.34+dfsg-1
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/759
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/9bad9cd6752bf8dc5825f555fd1117855bd2fc47
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8fa3c10977f668c92688272a4802f4477df61076
-CVE-2017-15216
+CVE-2017-15216 (MISP before 2.4.81 has a potential reflected XSS in a quickDelete acti ...)
 	NOT-FOR-US: MISP
-CVE-2017-15215
+CVE-2017-15215 (Reflected XSS vulnerability in Shaarli v0.9.1 allows an unauthenticate ...)
 	- shaarli <itp> (bug #864559)
-CVE-2017-15214
+CVE-2017-15214 (Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an  ...)
 	NOT-FOR-US: Flyspray
-CVE-2017-15213
+CVE-2017-15213 (Stored XSS vulnerability in Flyspray before 1.0-rc6 allows an authenti ...)
 	NOT-FOR-US: Flyspray
-CVE-2017-15212
+CVE-2017-15212 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15211
+CVE-2017-15211 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15210
+CVE-2017-15210 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15209
+CVE-2017-15209 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15208
+CVE-2017-15208 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15207
+CVE-2017-15207 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15206
+CVE-2017-15206 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15205
+CVE-2017-15205 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15204
+CVE-2017-15204 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15203
+CVE-2017-15203 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15202
+CVE-2017-15202 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15201
+CVE-2017-15201 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15200
+CVE-2017-15200 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15199
+CVE-2017-15199 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15198
+CVE-2017-15198 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15197
+CVE-2017-15197 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15196
+CVE-2017-15196 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15195
+CVE-2017-15195 (In Kanboard before 1.0.47, by altering form data, an authenticated use ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-15193
+CVE-2017-15193 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector cou ...)
 	- wireshark 2.4.2-1 (low)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -9336,7 +9336,7 @@ CVE-2017-15193
 	NOTE: https://code.wireshark.org/review/23537
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=afb9ff7982971aba6e42472de0db4c1bedfc641b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-43.html
-CVE-2017-15192
+CVE-2017-15192 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector c ...)
 	- wireshark 2.4.2-1 (low)
 	[jessie] - wireshark <not-affected> (Vulnerable code introduced in version 1.99)
 	[wheezy] - wireshark <not-affected> (Vulnerable code introduced in version 1.99)
@@ -9344,7 +9344,7 @@ CVE-2017-15192
 	NOTE: https://code.wireshark.org/review/23470
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3689dc1db36037436b1616715f9a3f888fc9a0f6
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-42.html
-CVE-2017-15191
+CVE-2017-15191 (In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the  ...)
 	{DLA-1634-1}
 	- wireshark 2.4.2-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -9352,7 +9352,7 @@ CVE-2017-15191
 	NOTE: https://code.wireshark.org/review/23591
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dbb21dfde14221dab09b6b9c7719b9067c1f06e
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-44.html
-CVE-2017-15190
+CVE-2017-15190 (In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was  ...)
 	- wireshark 2.4.2-1 (low)
 	[stretch] - wireshark <not-affected> (Only affects 2.4)
 	[jessie] - wireshark <not-affected> (Only affects 2.4)
@@ -9361,7 +9361,7 @@ CVE-2017-15190
 	NOTE: https://code.wireshark.org/review/23635
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e27870eaa6efa1c2dac08aa41a67fe9f0839e6e0
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-45.html
-CVE-2017-15189
+CVE-2017-15189 (In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an inf ...)
 	- wireshark 2.4.2-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code not present)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -9369,11 +9369,11 @@ CVE-2017-15189
 	NOTE: https://code.wireshark.org/review/23663
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=625bab309d9dd21db2d8ae2aa3511810d32842a8
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-46.html
-CVE-2017-15188
+CVE-2017-15188 (A persistent (stored) XSS vulnerability in the EyesOfNetwork web inter ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2017-15187
 	RESERVED
-CVE-2017-15194
+CVE-2017-15194 (include/global_session.php in Cacti 1.1.25 has XSS related to (1) the  ...)
 	- cacti 1.1.25+ds1-1 (bug #878304)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced in 1.0.0)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced in 1.0.0)
@@ -9381,14 +9381,14 @@ CVE-2017-15194
 	NOTE: https://github.com/Cacti/cacti/issues/1010
 	NOTE: https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd
 	NOTE: https://github.com/Cacti/cacti/commit/4f87256e63859117f81d2a2bd40c9c730e39b65d
-CVE-2017-15186
+CVE-2017-15186 (Double free vulnerability in FFmpeg 3.3.4 and earlier allows remote at ...)
 	{DSA-4049-1}
 	- ffmpeg 7:3.4-1
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code was introduced later)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/10/20/4
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/df62b70de8aaa285168e72fe8f6e740843ca91fa
-CVE-2017-15185
+CVE-2017-15185 (plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_cle ...)
 	- mp3splt 2.6.2+20170630-2
 	[jessie] - mp3splt <not-affected> (Vulnerable code not present)
 	[wheezy] - mp3splt <not-affected> (Vulnerable code does not exist)
@@ -9487,38 +9487,38 @@ CVE-2017-15141
 	RESERVED
 CVE-2017-15140
 	RESERVED
-CVE-2017-15139
+CVE-2017-15139 (A vulnerability was found in openstack-cinder releases up to and inclu ...)
 	[experimental] - cinder 2:13.0.0-1
 	- cinder 2:13.0.0-2
 	[stretch] - cinder <no-dsa> (Minor issue)
 	[jessie] - cinder <not-affected> (ScaleIO Driver support does not exist)
 	NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0084
 	NOTE: https://bugs.launchpad.net/ossn/+bug/1699573
-CVE-2017-15138
+CVE-2017-15138 (The OpenShift Enterprise cluster-read can access webhook tokens which  ...)
 	NOT-FOR-US: atomic-openshift
-CVE-2017-15137
+CVE-2017-15137 (The OpenShift image import whitelist failed to enforce restrictions co ...)
 	NOT-FOR-US: atomic-openshift
-CVE-2017-15136
+CVE-2017-15136 (When registering and activating a new system with Red Hat Satellite 6  ...)
 	NOT-FOR-US: Red Hat Satellite 6
-CVE-2017-15135
+CVE-2017-15135 (It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0. ...)
 	- 389-ds-base 1.3.7.9-1 (bug #888451)
 	[stretch] - 389-ds-base <not-affected> (Affected code was never backported)
 	[jessie] - 389-ds-base <not-affected> (vulnerable code (patch for CVE-2016-5405) not applied)
-CVE-2017-15134
+CVE-2017-15134 (A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x  ...)
 	{DLA-1428-1}
 	- 389-ds-base 1.3.7.9-1 (bug #888452)
 	NOTE: Fixed by: https://pagure.io/389-ds-base/c/6aa2acdc3cad9
-CVE-2017-15133
+CVE-2017-15133 (A denial of service flaw was found in miekg-dns before 1.0.4. A remote ...)
 	- golang-github-miekg-dns 0.0~git20170501.0.f282f80-3 (bug #888777)
 	[stretch] - golang-github-miekg-dns <no-dsa> (Minor issue)
 	NOTE: https://github.com/miekg/dns/issues/627
 	NOTE: https://github.com/miekg/dns/pull/631
-CVE-2017-15132
+CVE-2017-15132 (A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SA ...)
 	{DSA-4130-1 DLA-1333-1}
 	- dovecot 1:2.2.34-1 (bug #888432)
 	NOTE: Fixed by: https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060.patch
 	NOTE: Regression fix needed on top: https://github.com/dovecot/core/commit/a9b135760aea6d1790d447d351c56b78889dac22
-CVE-2017-15131
+CVE-2017-15131 (It was found that system umask policy is not being honored when creati ...)
 	- xdg-user-dirs <unfixed> (unimportant)
 	NOTE: The CVE relates that created directories by xdg-user-dirs might not
 	NOTE: respect a system policy for user created files by setting a umask
@@ -9531,7 +9531,7 @@ CVE-2017-15131
 	NOTE: sessions.
 	NOTE: Enforcements can be achieved e.g. by using pam_umask.
 	NOTE: http://bugs.freedesktop.org/show_bug.cgi?id=102303
-CVE-2017-15130
+CVE-2017-15130 (A denial of service flaw was found in dovecot before 2.2.34. An attack ...)
 	{DSA-4130-1 DLA-1333-1}
 	- dovecot 1:2.2.34-1 (bug #891820)
 	NOTE: https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
@@ -9541,33 +9541,33 @@ CVE-2017-15130
 	NOTE: https://github.com/dovecot/core/commit/390592e6af07e02064ebdbb1bbcf06528887370f
 	NOTE: https://github.com/dovecot/core/commit/bc27538d084e01a7a1aca3330e27aebfc0e311eb
 	NOTE: https://github.com/dovecot/core/commit/00016646cc32a3fa1cf54c22ed7388ed06bbc0f1
-CVE-2017-15129
+CVE-2017-15129 (A use-after-free vulnerability was found in network namespaces code af ...)
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/21b5944350052d2583e82dd59b19a9ba94a007f0
-CVE-2017-15128
+CVE-2017-15128 (A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetl ...)
 	- linux 4.13.13-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: http://post-office.corp.redhat.com/archives/rhkernel-list/2017-October/msg09574.html
-CVE-2017-15127
+CVE-2017-15127 (A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetl ...)
 	- linux 3.13.4-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/5af10dfd0afc559bb4b0f7e3e8227a1578333995
-CVE-2017-15126
+CVE-2017-15126 (A use-after-free flaw was found in fs/userfaultfd.c in the Linux kerne ...)
 	- linux 4.13.10-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/384632e67e0829deb8015ee6ad916b180049d252
-CVE-2017-15125
+CVE-2017-15125 (A flaw was found in CloudForms before 5.9.0.22 in the self-service UI  ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2017-15124
+CVE-2017-15124 (VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older wa ...)
 	{DSA-4213-1}
 	- qemu 1:2.12~rc3+dfsg-1 (bug #884806)
 	[jessie] - qemu <postponed> (Can be fixed along in later update)
@@ -9579,19 +9579,19 @@ CVE-2017-15123
 	RESERVED
 CVE-2017-15122
 	RESERVED
-CVE-2017-15121
+CVE-2017-15121 (A non-privileged user is able to mount a fuse filesystem on RHEL 6 or  ...)
 	- linux 3.11.5-1
 	[wheezy] - linux <ignored> (Too much work to backport)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1520893
 	NOTE: Fixed by: https://git.kernel.org/linus/5a7203947a1d9b6f3a00a39fda08c2466489555f (v3.11-rc1)
-CVE-2017-15120
+CVE-2017-15120 (An issue has been found in the parsing of authoritative answers in Pow ...)
 	{DSA-4063-1}
 	- pdns-recursor 4.1.0-1
 	[jessie] - pdns-recursor <not-affected> (Vulnerable code introduced in 4.0.0)
 	[wheezy] - pdns-recursor <not-affected> (Vulnerable code introduced in 4.0.0)
 	NOTE: Patch: https://downloads.powerdns.com/patches/2017-08
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-08.html
-CVE-2017-15119
+CVE-2017-15119 (The Network Block Device (NBD) server in Quick Emulator (QEMU) before  ...)
 	{DSA-4213-1}
 	- qemu 1:2.11+dfsg-1 (bug #883399)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -9599,7 +9599,7 @@ CVE-2017-15119
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg05044.html
-CVE-2017-15118
+CVE-2017-15118 (A stack-based buffer overflow vulnerability was found in NBD server im ...)
 	- qemu 1:2.11+dfsg-1 (bug #883406)
 	[stretch] - qemu <not-affected> (Vulnerable code introduced in 2.10)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced in 2.10)
@@ -9609,17 +9609,17 @@ CVE-2017-15118
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg05045.html
 CVE-2017-15117
 	REJECTED
-CVE-2017-15116
+CVE-2017-15116 (The rngapi_reset function in crypto/rng.c in the Linux kernel before 4 ...)
 	- linux 4.2.1-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-15115
+CVE-2017-15115 (The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel  ...)
 	{DLA-1200-1}
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: https://git.kernel.org/linus/df80cd9b28b9ebaa284a41df611dbf3a2d05ca74 (v4.14-rc6)
-CVE-2017-15114
+CVE-2017-15114 (When libvirtd is configured by OSP director (tripleo-heat-templates) t ...)
 	- tripleo-heat-templates <not-affected> (Vulnerability introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1510015
 	NOTE: Bug: https://bugs.launchpad.net/tripleo/+bug/1730370
@@ -9627,24 +9627,24 @@ CVE-2017-15114
 	NOTE: TLS libvirt live migration introduced in: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=fa740c5e49994ffdd3a5aa1f43a0305c8e5a0b3a
 	NOTE: Re-enabled libvirt TLS with SASL auth:
 	NOTE: https://bugs.launchpad.net/tripleo/+bug/1732479
-CVE-2017-15113
+CVE-2017-15113 (ovirt-engine before version 4.1.7.6 with log level set to DEBUG includ ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2017-15112
+CVE-2017-15112 (keycloak-httpd-client-install versions before 0.8 allow users to insec ...)
 	NOT-FOR-US: Keycloak
-CVE-2017-15111
+CVE-2017-15111 (keycloak-httpd-client-install versions before 0.8 insecurely creates t ...)
 	NOT-FOR-US: Keycloak
-CVE-2017-15110
+CVE-2017-15110 (In Moodle 3.x, students can find out email addresses of other students ...)
 	- moodle <removed>
 CVE-2017-15109
 	RESERVED
-CVE-2017-15108
+CVE-2017-15108 (spice-vdagent up to and including 0.17.0 does not properly escape save ...)
 	- spice-vdagent 0.18.0-1 (bug #883238)
 	[stretch] - spice-vdagent <no-dsa> (Minor issue)
 	[jessie] - spice-vdagent <no-dsa> (Minor issue)
 	[wheezy] - spice-vdagent <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://cgit.freedesktop.org/spice/linux/vd_agent/commit/?id=8ba174816d245757e743e636df357910e1d5eb61
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1510864
-CVE-2017-15107
+CVE-2017-15107 (A vulnerability was found in the implementation of DNSSEC in Dnsmasq u ...)
 	- dnsmasq 2.79-1 (bug #888200)
 	[stretch] - dnsmasq <no-dsa> (Minor issue)
 	[jessie] - dnsmasq <no-dsa> (Minor issue)
@@ -9655,35 +9655,35 @@ CVE-2017-15107
 	NOTE: https://medium.com/nlnetlabs/the-peculiar-case-of-nsec-processing-using-expanded-wildcard-records-ae8285f236be
 CVE-2017-15106
 	RESERVED
-CVE-2017-15105
+CVE-2017-15105 (A flaw was found in the way unbound before 1.6.8 validated wildcard-sy ...)
 	{DLA-1676-1 DLA-1264-1}
 	- unbound 1.7.1-1 (bug #887733)
 	[stretch] - unbound 1.6.0-3+deb9u2
 	NOTE: https://unbound.net/downloads/CVE-2017-15105.txt
 	NOTE: https://unbound.net/downloads/patch_cve_2017_15105.diff
 	NOTE: https://medium.com/nlnetlabs/the-peculiar-case-of-nsec-processing-using-expanded-wildcard-records-ae8285f236be
-CVE-2017-15104
+CVE-2017-15104 (An access flaw was found in Heketi 5, where the heketi.json configurat ...)
 	NOT-FOR-US: Heketi
-CVE-2017-15103
+CVE-2017-15103 (A security-check flaw was found in the way the Heketi 5 server API han ...)
 	NOT-FOR-US: Heketi
-CVE-2017-15102
+CVE-2017-15102 (The tower_probe function in drivers/usb/misc/legousbtower.c in the Lin ...)
 	- linux 4.7.8-1
 	[jessie] - linux 3.16.43-1
 	[wheezy] - linux 3.2.86-1
 	NOTE: Fixed by: https://git.kernel.org/linus/2fae9e5a7babada041e2e161699ade2447a01989 (4.9-rc1)
-CVE-2017-15101
+CVE-2017-15101 (A missing patch for a stack-based buffer overflow in findTable() was f ...)
 	- liblouis <not-affected> (Incomplete fix not applied in Debian)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1492701#c12
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1511023
-CVE-2017-15100
+CVE-2017-15100 (An attacker submitting facts to the Foreman server containing HTML can ...)
 	- foreman <itp> (bug #663101)
-CVE-2017-15099
+CVE-2017-15099 (INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10 ...)
 	{DSA-4028-1}
 	- postgresql-10 10.1-1
 	- postgresql-9.6 <removed>
 	- postgresql-9.4 <not-affected> (ON CONFLICT DO UPDATE and RLS introduced in 9.5)
 	- postgresql-9.1 <not-affected> (ON CONFLICT DO UPDATE and RLS introduced in 9.5)
-CVE-2017-15098
+CVE-2017-15098 (Invalid json_populate_recordset or jsonb_populate_recordset function c ...)
 	{DSA-4028-1 DSA-4027-1}
 	- postgresql-10 10.1-1
 	- postgresql-9.6 <removed>
@@ -9691,11 +9691,11 @@ CVE-2017-15098
 	- postgresql-9.1 <removed>
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	[wheezy] - postgresql-9.1 <not-affected> (Vulnerable code does not exist)
-CVE-2017-15097
+CVE-2017-15097 (Privilege escalation flaws were found in the Red Hat initialization sc ...)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1508985
 	NOTE: Similar issues as CVE-2016-1255 in Debian
 	NOT-FOR-US: Red Hat specific provides scripts for starting the database server during system boot and for initializing the database
-CVE-2017-15096
+CVE-2017-15096 (A flaw was found in GlusterFS in versions prior to 3.10. A null pointe ...)
 	- glusterfs 3.12.2-2 (bug #880017)
 	[stretch] - glusterfs <not-affected> (Vulnerable code introduced later)
 	[jessie] - glusterfs <not-affected> (Vulnerable code introduced later)
@@ -9704,7 +9704,7 @@ CVE-2017-15096
 	NOTE: https://review.gluster.org/18539 (release-3.10)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1502928
 	NOTE: Fixed by: http://git.gluster.org/cgit/glusterfs.git/commit/?id=1f48d17fee0cac95648ec34d13f038b27ef5c6ac
-CVE-2017-15095
+CVE-2017-15095 (A deserialization flaw was discovered in the jackson-databind in versi ...)
 	{DSA-4037-1}
 	- jackson-databind 2.9.1-1
 	NOTE: The Debian upload for stretch (2.8.6-1+deb9u1) and jessie (2.4.2-2+deb8u1)
@@ -9721,44 +9721,44 @@ CVE-2017-15095
 	NOTE: NO_DESER_CLASS_NAMES as of:
 	NOTE: https://github.com/FasterXML/jackson-databind/blob/7093008aa2afe8068e120df850189ae072dfa1b2/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java#L43
 	NOTE: Details: http://www.openwall.com/lists/oss-security/2017/11/02/3
-CVE-2017-15094
+CVE-2017-15094 (An issue has been found in the DNSSEC parsing code of PowerDNS Recurso ...)
 	- pdns-recursor 4.0.7-1
 	[stretch] - pdns-recursor 4.0.4-1+deb9u2
 	[jessie] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	[wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-07.html
 	NOTE: https://downloads.powerdns.com/patches/2017-07/
-CVE-2017-15093
+CVE-2017-15093 (When api-config-dir is set to a non-empty value, which is not the case ...)
 	- pdns-recursor 4.0.7-1
 	[stretch] - pdns-recursor 4.0.4-1+deb9u2
 	[jessie] - pdns-recursor 3.6.2-2+deb8u4
 	[wheezy] - pdns-recursor <not-affected> (Vulnerable code introduced later)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-06.html
 	NOTE: https://downloads.powerdns.com/patches/2017-06/
-CVE-2017-15092
+CVE-2017-15092 (A cross-site scripting issue has been found in the web interface of Po ...)
 	- pdns-recursor 4.0.7-1
 	[stretch] - pdns-recursor 4.0.4-1+deb9u2
 	[jessie] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	[wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-05.html
 	NOTE: https://downloads.powerdns.com/patches/2017-05/
-CVE-2017-15091
+CVE-2017-15091 (An issue has been found in the API component of PowerDNS Authoritative ...)
 	- pdns 4.0.5-1
 	[stretch] - pdns 4.0.3-1+deb9u2
 	[jessie] - pdns 3.4.1-4+deb8u8
 	[wheezy] - pdns <not-affected> (Vulnerable code not present)
 	NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2017-04.html
 	NOTE: https://downloads.powerdns.com/patches/2017-04/
-CVE-2017-15090
+CVE-2017-15090 (An issue has been found in the DNSSEC validation component of PowerDNS ...)
 	- pdns-recursor 4.0.7-1
 	[stretch] - pdns-recursor 4.0.4-1+deb9u2
 	[jessie] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	[wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-03.html
 	NOTE: https://downloads.powerdns.com/patches/2017-03/
-CVE-2017-15089
+CVE-2017-15089 (It was found that the Hotrod client in Infinispan before 9.2.0.CR1 wou ...)
 	NOT-FOR-US: infinispan
-CVE-2017-15088
+CVE-2017-15088 (plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka  ...)
 	- krb5 1.15.2-2 (unimportant; bug #871698)
 	NOTE: https://github.com/krb5/krb5/pull/707
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4
@@ -9767,23 +9767,23 @@ CVE-2017-15088
 	NOTE: runs on client systems, and only with a certificate that is explicitly
 	NOTE: configured locally, leading to a local kinit crash if passed a crafted
 	NOTE: local certificate. This is hardly has any harmful security implication.
-CVE-2017-15087
+CVE-2017-15087 (It was discovered that the fix for CVE-2017-12163 was not properly shi ...)
 	- samba <not-affected> (Incomplete Red Hat backport for CVE-2017-12163)
-CVE-2017-15086
+CVE-2017-15086 (It was discovered that the fix for CVE-2017-12151 was not properly shi ...)
 	- samba <not-affected> (Incomplete Red Hat backport for CVE-2017-12151)
-CVE-2017-15085
+CVE-2017-15085 (It was discovered that the fix for CVE-2017-12150 was not properly shi ...)
 	- samba <not-affected> (Incomplete Red Hat backport for CVE-2017-12150)
-CVE-2017-15084
+CVE-2017-15084 (The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout C ...)
 	NOT-FOR-US: Metasploit Framework
 CVE-2017-15083
 	REJECTED
 CVE-2017-15082
 	RESERVED
-CVE-2017-15081
+CVE-2017-15081 (In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlis ...)
 	NOT-FOR-US: PHPSUGAR PHP Melody CMS
 CVE-2017-15080
 	RESERVED
-CVE-2017-15079
+CVE-2017-15079 (The Smush Image Compression and Optimization plugin before 2.7.6 for W ...)
 	NOT-FOR-US: Smush Image Compression and Optimization plugin for WordPress
 CVE-2017-15078
 	REJECTED
@@ -9815,16 +9815,16 @@ CVE-2017-15065
 	REJECTED
 CVE-2017-15064
 	REJECTED
-CVE-2017-1002153
+CVE-2017-1002153 (Koji 1.13.0 does not properly validate SCM paths, allowing an attacker ...)
 	- koji 1.16.0-1 (bug #877921)
 	[stretch] - koji <no-dsa> (Minor issue)
 	NOTE: https://pagure.io/koji/issue/563
 	NOTE: https://pagure.io/koji/c/ba7b5a3cbed11ade11c3af5e834c9a6de4f6d7c3
-CVE-2017-1000257
+CVE-2017-1000257 (An IMAP FETCH response line indicates the size of the returned data, i ...)
 	{DSA-4007-1 DLA-1143-1}
 	- curl 7.56.1-1
 	NOTE: https://curl.haxx.se/docs/adv_20171023.html
-CVE-2017-1000256
+CVE-2017-1000256 (libvirt version 2.3.0 and later is vulnerable to a bad default configu ...)
 	{DSA-4003-1}
 	- libvirt 3.8.0-3 (bug #878799)
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced later)
@@ -9833,13 +9833,13 @@ CVE-2017-1000256
 	NOTE: https://security.libvirt.org/2017/0002.html
 	NOTE: Broken by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=ce61c16450d4992612d1fc6f39a39e79bfccead5 (master)
 	NOTE: Fixed by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=441d3eb6d1be940a67ce45a286602a967601b157 (master)
-CVE-2017-1000255
+CVE-2017-1000255 (On Linux running on PowerPC hardware (Power8 or later) a user process  ...)
 	- linux 4.13.4-2
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/265e60a170d0a0ecfc2d20490134ed2c48dd45ab
-CVE-2017-15063
+CVE-2017-15063 (There are CSRF vulnerabilities in Subrion CMS 4.1.x through 4.1.5, and ...)
 	NOT-FOR-US: Subrion CMS
 CVE-2017-15062
 	RESERVED
@@ -9853,52 +9853,52 @@ CVE-2017-15058
 	RESERVED
 CVE-2017-15057
 	RESERVED
-CVE-2017-15056
+CVE-2017-15056 (p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote a ...)
 	- upx-ucl 3.94-4 (unimportant)
 	NOTE: https://github.com/upx/upx/issues/128
 	NOTE: https://github.com/upx/upx/commit/ef336dbcc6dc8344482f8cf6c909ae96c3286317
 	NOTE: crash in CLI tool, no security impact
-CVE-2017-15055
+CVE-2017-15055 (TeamPass before 2.1.27.9 does not properly enforce item access control ...)
 	- teampass <itp> (bug #730180)
-CVE-2017-15054
+CVE-2017-15054 (An arbitrary file upload vulnerability, present in TeamPass before 2.1 ...)
 	- teampass <itp> (bug #730180)
-CVE-2017-15053
+CVE-2017-15053 (TeamPass before 2.1.27.9 does not properly enforce manager access cont ...)
 	- teampass <itp> (bug #730180)
-CVE-2017-15052
+CVE-2017-15052 (TeamPass before 2.1.27.9 does not properly enforce manager access cont ...)
 	- teampass <itp> (bug #730180)
-CVE-2017-15051
+CVE-2017-15051 (Multiple stored cross-site scripting (XSS) vulnerabilities in TeamPass ...)
 	- teampass <itp> (bug #730180)
 CVE-2017-15050
 	RESERVED
-CVE-2017-15049
+CVE-2017-15049 (The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900 ...)
 	NOT-FOR-US: Zoom
-CVE-2017-15048
+CVE-2017-15048 (Stack-based buffer overflow in the ZoomLauncher binary in the Zoom cli ...)
 	NOT-FOR-US: Zoom
-CVE-2017-15047
+CVE-2017-15047 (The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows atta ...)
 	- redis 4:4.0.2-5 (bug #878076; unimportant)
 	[jessie] - redis <not-affected> (Vulnerable code introduced later)
 	[wheezy] - redis <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/antirez/redis/issues/4278
 	NOTE: Pull request: https://github.com/antirez/redis/pull/4365
-CVE-2017-15046
+CVE-2017-15046 (LAME 3.99.5 has a stack-based buffer overflow in unpack_read_samples i ...)
 	- lame 3.99.5+repack1-8
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://sourceforge.net/p/lame/bugs/479/
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-15045
+CVE-2017-15045 (LAME 3.99.5 has a heap-based buffer over-read in fill_buffer in libmp3 ...)
 	- lame 3.99.5+repack1-8
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://sourceforge.net/p/lame/bugs/478/
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-15044
+CVE-2017-15044 (The default installation of DocuWare Fulltext Search server through 6. ...)
 	NOT-FOR-US: DocuWare Fulltext Search server
-CVE-2017-15043
+CVE-2017-15043 (A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS ...)
 	NOT-FOR-US: Sierra Wireless AirLink routers
-CVE-2017-15042
+CVE-2017-15042 (An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x befo ...)
 	- golang-1.9 1.9.1-1
 	- golang-1.8 1.8.4-1
 	[stretch] - golang-1.8 <ignored> (Minor issue, would require builds of all go packages in stable)
@@ -9911,7 +9911,7 @@ CVE-2017-15042
 	NOTE: https://golang.org/cl/68023
 	NOTE: https://golang.org/cl/68210
 	NOTE: https://groups.google.com/d/msg/golang-dev/RinSE3EiJBI/kYL7zb07AgAJ
-CVE-2017-15041
+CVE-2017-15041 (Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command  ...)
 	{DLA-1148-1}
 	- golang-1.9 1.9.1-1
 	- golang-1.8 1.8.4-1
@@ -9927,31 +9927,31 @@ CVE-2017-15041
 	NOTE: https://groups.google.com/d/msg/golang-dev/RinSE3EiJBI/kYL7zb07AgAJ
 CVE-2017-15040
 	RESERVED
-CVE-2017-15039
+CVE-2017-15039 (Cross-site scripting (XSS) exists in Zurmo 3.2.1.57987acc3018 via a da ...)
 	NOT-FOR-US: Zurmo
-CVE-2017-15038
+CVE-2017-15038 (Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU  ...)
 	{DSA-4213-1 DLA-1497-1 DLA-1129-1 DLA-1128-1}
 	- qemu 1:2.10.0+dfsg-2 (bug #877890)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg00729.html
-CVE-2017-15037
+CVE-2017-15037 (In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_s ...)
 	- kfreebsd-10 <unfixed> (unimportant; bug #877903)
 	NOTE: kfreebsd not covered by security support
 CVE-2017-15036
 	RESERVED
-CVE-2017-15035
+CVE-2017-15035 (EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial ...)
 	NOT-FOR-US: EmTec PyroBatchFTP
 CVE-2017-15034
 	RESERVED
-CVE-2017-15033
+CVE-2017-15033 (ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in  ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/pull/756
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ef8f40689ac452398026c07da41656a7c87e4683
-CVE-2017-15032
+CVE-2017-15032 (ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage i ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/pull/752
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/241988ca28139ad970c1d9717c419f41e360ddb0
-CVE-2017-15031
+CVE-2017-15031 (In all versions of ARM Trusted Firmware up to and including v1.4, not  ...)
 	NOT-FOR-US: ARM Trusted Firmware
 CVE-2017-15030
 	RESERVED
@@ -9963,7 +9963,7 @@ CVE-2017-15027
 	RESERVED
 CVE-2017-15026
 	RESERVED
-CVE-2017-15025
+CVE-2017-15025 (decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) libra ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -9972,7 +9972,7 @@ CVE-2017-15025
 	NOTE: https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22186
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d8010d3e75ec7194a4703774090b27486b742d48
-CVE-2017-15024
+CVE-2017-15024 (find_abstract_instance_name in dwarf2.c in the Binary File Descriptor  ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -9981,7 +9981,7 @@ CVE-2017-15024
 	NOTE: https://blogs.gentoo.org/ago/2017/10/03/binutils-infinite-loop-in-find_abstract_instance_name-dwarf2-c/
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22187
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=52a93b95ec0771c97e26f0bb28630a271a667bd2
-CVE-2017-15023
+CVE-2017-15023 (read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -9992,7 +9992,7 @@ CVE-2017-15023
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c361faae8d964db951b7100cada4dcdc983df1bf
 	NOTE: When this issue is fixed it is to make sure to not open CVE-2017-15939, i.e.
 	NOTE: not to apply the incomplete fix. See notes on CVE-2017-15939
-CVE-2017-15022
+CVE-2017-15022 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as  ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10001,7 +10001,7 @@ CVE-2017-15022
 	NOTE: https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c/
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22201
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11855d8a1f11b102a702ab76e95b22082cccf2f8
-CVE-2017-15021
+CVE-2017-15021 (bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (B ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10010,7 +10010,7 @@ CVE-2017-15021
 	NOTE: https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c/
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22197
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=52b36c51e5bf6d7600fdc6ba115b170b0e78e31d
-CVE-2017-15020
+CVE-2017-15020 (dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as  ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10019,19 +10019,19 @@ CVE-2017-15020
 	NOTE: https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-parse_die-dwarf1-c/
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22202
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1da5c9a485f3dcac4c45e96ef4b7dae5948314b5
-CVE-2017-15019
+CVE-2017-15019 (LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init func ...)
 	- lame 3.100-1
 	[stretch] - lame <ignored> (Minor issue)
 	[jessie] - lame <ignored> (Minor issue)
 	NOTE: https://sourceforge.net/p/lame/bugs/477/
-CVE-2017-15018
+CVE-2017-15018 (LAME 3.99.5 has a heap-based buffer over-read when handling a malforme ...)
 	- lame 3.99.5+repack1-8
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://sourceforge.net/p/lame/bugs/480/
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-15017
+CVE-2017-15017 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability i ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878554)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -10039,14 +10039,14 @@ CVE-2017-15017
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/723
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5a1006a249516a875558c3d642e719b1eac8f820
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0cff8bac0a47f8693cfe57f026fcd752689ff375
-CVE-2017-15016
+CVE-2017-15016 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability i ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/725
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8254d24b86a62803231773ecf54c707aef4a1457
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/27f8ba82ddd665ab41cef6588128f680cbd69905
 	NOTE: emf.c not compiled under Debian
-CVE-2017-15015
+CVE-2017-15015 (ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability i ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878555)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -10054,37 +10054,37 @@ CVE-2017-15015
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/724
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/0cbb3b3b02e7af493a9aafa8f7e7d23fc70644e4
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a0cef9db632ef8e1b9de4c463700c6a24d4f96ca
-CVE-2017-15014
+CVE-2017-15014 (OpenText Documentum Content Server (formerly EMC Documentum Content Se ...)
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-15013
+CVE-2017-15013 (OpenText Documentum Content Server (formerly EMC Documentum Content Se ...)
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-15012
+CVE-2017-15012 (OpenText Documentum Content Server (formerly EMC Documentum Content Se ...)
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-1000120
+CVE-2017-1000120 ([ERPNext][Frappe Version &lt;= 7.1.27] SQL injection vulnerability in  ...)
 	NOT-FOR-US: ERPNext Frappe framework
-CVE-2017-1000119
+CVE-2017-1000119 (October CMS build 412 is vulnerable to PHP code execution in the file  ...)
 	NOT-FOR-US: October CMS
-CVE-2017-1000118
+CVE-2017-1000118 (Akka HTTP versions &lt;= 10.0.5 Illegal Media Range in Accept Header C ...)
 	NOT-FOR-US: Akka HTTP
-CVE-2017-1000114
+CVE-2017-1000114 (The Datadog Plugin stores an API key to access the Datadog service in  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000113
+CVE-2017-1000113 (The Deploy to container Plugin stored passwords unencrypted as part of ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000110
+CVE-2017-1000110 (Blue Ocean allows the creation of GitHub organization folders that are ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000109
+CVE-2017-1000109 (The custom Details view of the Static Analysis Utilities based OWASP D ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000106
+CVE-2017-1000106 (Blue Ocean allows the creation of GitHub organization folders that are ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000105
+CVE-2017-1000105 (The optional Run/Artifacts permission can be enabled by setting a Java ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000104
+CVE-2017-1000104 (The Config File Provider Plugin is used to centrally manage configurat ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000103
+CVE-2017-1000103 (The custom Details view of the Static Analysis Utilities based DRY Plu ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000102
+CVE-2017-1000102 (The Details view of some Static Analysis Utilities based plugins, was  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000098
+CVE-2017-1000098 (The net/http package's Request.ParseMultipartForm method starts writin ...)
 	{DLA-1123-1}
 	- golang-1.9 <not-affected> (Fixed before initial release to Debian)
 	- golang-1.8 <not-affected> (Fixed before initial release to Debian)
@@ -10094,21 +10094,21 @@ CVE-2017-1000098
 	NOTE: https://groups.google.com/forum/#!msg/golang-dev/4NdLzS8sls8/uIz8QlnIBQAJ
 	NOTE: https://golang.org/cl/30410
 	NOTE: https://golang.org/issue/17965
-CVE-2017-1000097
+CVE-2017-1000097 (On Darwin, user's trust preferences for root certificates were not hon ...)
 	- golang <not-affected> (OS X specific issue)
 	- golang-1.7 <not-affected> (OS X specific issue)
 	- golang-1.8 <not-affected> (OS X specific issue)
 	- golang-1.9 <not-affected> (OS X specific issue)
 	NOTE: https://github.com/golang/go/issues/18141
-CVE-2017-15011
+CVE-2017-15011 (The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and S ...)
 	- qbittorrent <not-affected> (Only affects Windows)
-CVE-2017-15010
+CVE-2017-15010 (A ReDoS (regular expression denial of service) flaw was found in the t ...)
 	- node-tough-cookie 2.3.4+dfsg-1 (bug #877660)
 	NOTE: https://github.com/salesforce/tough-cookie/issues/92
 	NOTE: https://nodesecurity.io/advisories/525
-CVE-2017-15009
+CVE-2017-15009 (PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected C ...)
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2017-15008
+CVE-2017-15008 (PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cros ...)
 	NOT-FOR-US: PRTG Network Monitor
 CVE-2017-15007
 	RESERVED
@@ -10130,23 +10130,23 @@ CVE-2017-14999
 	RESERVED
 CVE-2017-14998
 	RESERVED
-CVE-2017-14997
+CVE-2017-14997 (GraphicsMagick 1.3.26 allows remote attackers to cause a denial of ser ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1130-1}
 	- graphicsmagick 1.3.26-13
 	NOTE: https://sourceforge.net/p/graphicsmagick/code/ci/0683f8724200495059606c03f04e0d589b33ebe8/
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/511/
 CVE-2017-14996
 	RESERVED
-CVE-2017-14995
+CVE-2017-14995 (The Management Console in WSO2 Application Server 5.3.0, WSO2 Business ...)
 	NOT-FOR-US: WSO2 Application Server
-CVE-2017-14994
+CVE-2017-14994 (ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote at ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1130-1}
 	- graphicsmagick 1.3.26-13
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=b3eca3eaa264
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/512/
-CVE-2017-14993
+CVE-2017-14993 (OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x be ...)
 	NOT-FOR-US: OXID eShop Community Edition
-CVE-2017-14992
+CVE-2017-14992 (Lack of content verification in Docker-CE (Also known as Moby) version ...)
 	- docker.io 18.03.1+dfsg1-2 (bug #908055)
 	- golang-github-vbatts-tar-split 0.10.2-1 (bug #908056)
 	[stretch] - golang-github-vbatts-tar-split <no-dsa> (Minor issue)
@@ -10156,26 +10156,26 @@ CVE-2017-14992
 	NOTE: version.
 	NOTE: 17.12.1+dfsg-1 was the first upload (to experimental) using the fixed version
 	NOTE: golang-github-vbatts-tar-split.
-CVE-2017-14991
+CVE-2017-14991 (The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before  ...)
 	- linux 4.13.4-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/3e0097499839e0fe3af380410eababe5a47c4cf9
-CVE-2017-14758
+CVE-2017-14758 (OpenText Document Sciences xPression (formerly EMC Document Sciences x ...)
 	NOT-FOR-US: EMC
-CVE-2017-14990
+CVE-2017-14990 (WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but ...)
 	{DSA-3997-1}
 	- wordpress 4.8.2+dfsg-2 (bug #877629)
 	[wheezy] - wordpress <ignored> (Fix requires database upgrade which is too intrusive compared to the actual benefit.)
 	NOTE: https://core.trac.wordpress.org/ticket/38474
-CVE-2017-14989
+CVE-2017-14989 (A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMa ...)
 	{DSA-4040-1 DSA-4032-1 DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #878562)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/781
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/97740ccc177ee264e79091fa573d994eb6b05628
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/28bad01242898d7f863deedbfa8502c348293093
-CVE-2017-14988
+CVE-2017-14988 (Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remot ...)
 	- openexr <unfixed> (bug #878551; unimportant)
 	NOTE: https://github.com/openexr/openexr/issues/248
 	NOTE: Issue in the use of openexr via ImageMagick, no real security impact
@@ -10183,38 +10183,38 @@ CVE-2017-14987
 	RESERVED
 CVE-2017-14986
 	RESERVED
-CVE-2017-14985
+CVE-2017-14985 (Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web inte ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14984
+CVE-2017-14984 (Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web inte ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14983
+CVE-2017-14983 (Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web inte ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2017-14982
 	RESERVED
-CVE-2017-14981
+CVE-2017-14981 (Cross-Site Scripting (XSS) was discovered in ATutor before 2.2.3. The  ...)
 	NOT-FOR-US: ATutor
-CVE-2017-14980
+CVE-2017-14980 (Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attack ...)
 	NOT-FOR-US: Sync Breeze Enterprise
-CVE-2017-14979
+CVE-2017-14979 (Gxlcms uses an unsafe character-replacement approach in an attempt to  ...)
 	NOT-FOR-US: Gxlcms
 CVE-2017-14978
 	RESERVED
-CVE-2017-14977
+CVE-2017-14977 (The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0 ...)
 	{DSA-4079-1 DLA-1177-1}
 	- poppler 0.61.1-2 (low; bug #877952)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103045
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=19eedc6fb693a62f305e13079501e3105f869f3c
-CVE-2017-14976
+CVE-2017-14976 (The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0. ...)
 	{DSA-4079-1 DLA-1177-1}
 	- poppler 0.61.1-2 (low; bug #877954)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102724
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf
-CVE-2017-14975
+CVE-2017-14975 (The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0. ...)
 	{DSA-4079-1 DLA-1177-1}
 	- poppler 0.61.1-2 (low; bug #877957)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102653
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=a5e5649ecf16fa05770620dbbd4985935dc2bbff
-CVE-2017-14974
+CVE-2017-14974 (The *_get_synthetic_symtab functions in the Binary File Descriptor (BF ...)
 	- binutils 2.29.1-2
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -10223,58 +10223,58 @@ CVE-2017-14974
 	NOTE: a fixed 2.29.1-3 for unrelated issues.
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22163
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e70c19e3a4c26e9c1ebf0c9170d105039b56d7cf
-CVE-2017-14973
+CVE-2017-14973 (IDenticard Two-Reader Controller Configuration Manager 1.18.8 (396) is ...)
 	NOT-FOR-US: IDenticard Two-Reader Controller Configuration Manager
-CVE-2017-14972
+CVE-2017-14972 (InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when ac ...)
 	NOT-FOR-US: InFocus Mondopad
-CVE-2017-14971
+CVE-2017-14971 (Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosur ...)
 	NOT-FOR-US: InFocus Mondopad
-CVE-2017-14970
+CVE-2017-14970 (In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multip ...)
 	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch 2.8.1+dfsg1-2 (unimportant; bug #877543)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339085.html
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339086.html
 	NOTE: Not considered a security issue by upstream, see #877543
-CVE-2017-14969
+CVE-2017-14969 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains a ...)
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14968
+CVE-2017-14968 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains a ...)
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14967
+CVE-2017-14967 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains a ...)
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14966
+CVE-2017-14966 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains a ...)
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14965
+CVE-2017-14965 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains a ...)
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14964
+CVE-2017-14964 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains a ...)
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14963
+CVE-2017-14963 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains a ...)
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14962
+CVE-2017-14962 (In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains a ...)
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14961
+CVE-2017-14961 (In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitr ...)
 	NOT-FOR-US: IKARUS anti.virus
-CVE-2017-14960
+CVE-2017-14960 (xDashboard in OpenText Document Sciences xPression (formerly EMC Docum ...)
 	NOT-FOR-US: EMC Document Sciences xPression
 CVE-2017-14959
 	RESERVED
-CVE-2017-14958
+CVE-2017-14958 (lib.php in PivotX 2.3.11 does not properly block uploads of dangerous  ...)
 	NOT-FOR-US: PivotX
-CVE-2017-14957
+CVE-2017-14957 (Stored XSS vulnerability via a comment in inc/conv.php in BlogoText be ...)
 	NOT-FOR-US: BlogoText
-CVE-2017-14956
+CVE-2017-14956 (AlienVault USM v5.4.2 and earlier offers authenticated users the funct ...)
 	NOT-FOR-US: AlienVault
-CVE-2017-14955
+CVE-2017-14955 (Check_MK before 1.2.8p26 mishandles certain errors within the failed-l ...)
 	- check-mk 1.2.8p26-1
 	[wheezy] - check-mk <not-affected> (Vulnerable code not present)
 	NOTE: http://mathias-kettner.com/check_mk_werks.php?edition_id=raw&branch=1.2.8
 	NOTE: https://mathias-kettner.de/check_mk_werks.php?werk_id=5208&HTML=yes
 	NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commitdiff;h=a4a2cc1f30ff6032899ca80eed29fa26b8898c54
-CVE-2017-14954
+CVE-2017-14954 (The waitid implementation in kernel/exit.c in the Linux kernel through ...)
 	- linux <not-affected> (Vulnerable code introduced in v4.13-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/6c85501f2fabcfc4fc6ed976543d252c4eaf4be9
-CVE-2017-14953
+CVE-2017-14953 (HikVision Wi-Fi IP cameras, when used in a wired configuration, allow  ...)
 	NOT-FOR-US: HikVision
-CVE-2017-14952
+CVE-2017-14952 (Double free in i18n/zonemeta.cpp in International Components for Unico ...)
 	- icu 57.1-7 (bug #878840)
 	[stretch] - icu 57.1-6+deb9u1
 	[jessie] - icu 52.1-8+deb8u6
@@ -10285,28 +10285,28 @@ CVE-2017-14951
 	RESERVED
 CVE-2017-14950
 	RESERVED
-CVE-2017-14949
+CVE-2017-14949 (Restlet Framework before 2.3.12 allows remote attackers to access arbi ...)
 	- restlet <itp> (bug #596472)
 CVE-2017-14948
 	RESERVED
-CVE-2017-14947
+CVE-2017-14947 (Artifex GSView 6.0 Beta on Windows allows attackers to execute arbitra ...)
 	NOT-FOR-US: GSView (different from gv)
-CVE-2017-14946
+CVE-2017-14946 (Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial  ...)
 	NOT-FOR-US: GSView (different from gv)
-CVE-2017-14945
+CVE-2017-14945 (Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial  ...)
 	NOT-FOR-US: GSView (different from gv)
-CVE-2017-14944
+CVE-2017-14944 (Inedo ProGet before 4.7.14 does not properly address dangerous package ...)
 	NOT-FOR-US: Inedo ProGet
-CVE-2017-14943
+CVE-2017-14943 (Trapeze TransitMaster is vulnerable to information disclosure (emails  ...)
 	NOT-FOR-US: Trapeze TransitMaster
-CVE-2017-14942
+CVE-2017-14942 (Intelbras WRN 150 devices allow remote attackers to read the configura ...)
 	NOT-FOR-US: Intelbras WRN 150 devices
-CVE-2017-14941
+CVE-2017-14941 (Jaspersoft JasperReports 4.7 suffers from a saved credential disclosur ...)
 	- jasperreports <undetermined> (bug #880467; bug #884131)
 	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: https://github.com/binary1985/VulnerabilityDisclosure/blob/master/JasperSoft%20JasperReports%20-%204.7%20-%20CVE-2017-14941
-CVE-2017-14940
+CVE-2017-14940 (scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD)  ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10315,7 +10315,7 @@ CVE-2017-14940
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22166
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0d76029f92182c3682d8be2c833d45bc9a2068fe
 	NOTE: https://blogs.gentoo.org/ago/2017/09/26/binutils-null-pointer-dereference-in-scan_unit_for_symbols-dwarf2-c
-CVE-2017-14939
+CVE-2017-14939 (decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) libra ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10324,7 +10324,7 @@ CVE-2017-14939
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22169
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=515f23e63c0074ab531bc954f84ca40c6281a724
 	NOTE: https://blogs.gentoo.org/ago/2017/09/26/binutils-heap-based-buffer-overflow-in-read_1_byte-dwarf2-c
-CVE-2017-14938
+CVE-2017-14938 (_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor ( ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10333,13 +10333,13 @@ CVE-2017-14938
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22166
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bd61e135492ecf624880e6b78e5fcde3c9716df6
 	NOTE: https://blogs.gentoo.org/ago/2017/09/26/binutils-memory-allocation-failure-in-_bfd_elf_slurp_version_tables-elf-c/
-CVE-2017-14937
+CVE-2017-14937 (The airbag detonation algorithm allows injury to passenger-car occupan ...)
 	NOT-FOR-US: passenger-car
 CVE-2017-14936
 	RESERVED
-CVE-2017-14935
+CVE-2017-14935 (Pulse Secure Pulse One On-Premise 2.0.1649 and below does not properly ...)
 	NOT-FOR-US: Pulse Secure
-CVE-2017-14934
+CVE-2017-14934 (process_debug_info in dwarf.c in the Binary File Descriptor (BFD) libr ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10347,7 +10347,7 @@ CVE-2017-14934
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22219
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=19485196044b2521af979f1e5c4a89bfb90fba0b
-CVE-2017-14933
+CVE-2017-14933 (read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10356,7 +10356,7 @@ CVE-2017-14933
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22210
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=30d0157a2ad64e64e5ff9fcc0dbe78a3e682f573
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=33e0a9a056bd23e923b929a4f2ab049ade0b1c32
-CVE-2017-14932
+CVE-2017-14932 (decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) libra ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10364,9 +10364,9 @@ CVE-2017-14932
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22204
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e338894dc2e603683bed2172e8e9f25b29051005
-CVE-2017-14931
+CVE-2017-14931 (ExifImageFile::readDQT in ExifImageFileRead.cpp in OpenExif 2.1.4 allo ...)
 	NOT-FOR-US: OpenExif
-CVE-2017-14930
+CVE-2017-14930 (Memory leak in decode_line_info in dwarf2.c in the Binary File Descrip ...)
 	[experimental] - binutils 2.29.51.20171128-1
 	- binutils 2.29.90.20180122-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
@@ -10374,160 +10374,160 @@ CVE-2017-14930
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22191
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a26a013f22a19e2c16729e64f40ef8a7dfcc086e
-CVE-2017-14929
+CVE-2017-14929 (In Poppler 0.59.0, memory corruption occurs in a call to Object::dictL ...)
 	- poppler 0.61.1-2 (bug #877222)
 	[stretch] - poppler 0.48.0-2+deb9u2
 	[jessie] - poppler <ignored> (Minor impact, too intrusive to backport)
 	[wheezy] - poppler <ignored> (unreproducible, requires API change which appears to be too intrusive in this case.)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102969
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=2c92c7b6a828c9db8a38f079ea7a3d51c12a481d
-CVE-2017-14928
+CVE-2017-14928 (In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia ...)
 	- poppler 0.61.1-2 (bug #877231)
 	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <not-affected> (Problematic code introduced in 0.36)
 	[wheezy] - poppler <not-affected> (Problematic code introduced in 0.36)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102607
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=1316c7a41f4dd7276f404f775ebb5fef2d24ab1c
-CVE-2017-14927
+CVE-2017-14927 (In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutp ...)
 	- poppler 0.61.1-2 (bug #877237)
 	[stretch] - poppler <not-affected> (Vulnerable code introduced in 0.49)
 	[jessie] - poppler <not-affected> (Vulnerable code introduced in 0.49)
 	[wheezy] - poppler <not-affected> (Vulnerable code introduced in 0.49)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102604
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=6472d8493f7e82cc78b41da20a2bf19fcb4e0a7d
-CVE-2017-14926
+CVE-2017-14926 (In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia ...)
 	- poppler 0.61.1-2 (bug #877239)
 	[stretch] - poppler <no-dsa> (Minor issue)
 	[jessie] - poppler <not-affected> (Problematic code introduced in 0.36)
 	[wheezy] - poppler <not-affected> (Problematic code introduced in 0.36)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102601
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=2532df6060092e9fab7f041ae9598aff9cdd94bb
-CVE-2017-14925
+CVE-2017-14925 (Cross-Site Request Forgery (CSRF) vulnerability via IMG element in Tik ...)
 	NOT-FOR-US: Tiki
-CVE-2017-14924
+CVE-2017-14924 (Cross-Site Request Forgery (CSRF) vulnerability via IMG element in Tik ...)
 	NOT-FOR-US: Tiki
-CVE-2017-14923
+CVE-2017-14923 (Stored XSS vulnerability via IMG element at "Leadname" of CRM in Tine  ...)
 	NOT-FOR-US: Tine groupware
-CVE-2017-14922
+CVE-2017-14922 (Stored XSS vulnerability via IMG element at "History" of Profile, Cale ...)
 	NOT-FOR-US: Tine groupware
-CVE-2017-14921
+CVE-2017-14921 (Stored XSS vulnerability via IMG element at "Filename" of Filemanager  ...)
 	NOT-FOR-US: Tine groupware
-CVE-2017-14920
+CVE-2017-14920 (Stored XSS vulnerability in eGroupware Community Edition before 16.1.2 ...)
 	NOT-FOR-US: eGroupware
-CVE-2017-14919
+CVE-2017-14919 (Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows r ...)
 	- nodejs <unfixed> (unimportant)
 	NOTE: Debian doesn't use zlib 1.2.9 yet
 	NOTE: https://nodejs.org/en/blog/vulnerability/oct-2017-dos/
-CVE-2017-14918
+CVE-2017-14918 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14917
+CVE-2017-14917 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14916
+CVE-2017-14916 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14915
+CVE-2017-14915 (In Android before 2018-01-05 on Qualcomm Snapdragon Mobile SD 625, SD  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14914
+CVE-2017-14914 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14913
+CVE-2017-14913 (In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mo ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14912
+CVE-2017-14912 (In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mo ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14911
+CVE-2017-14911 (In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mo ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14910
+CVE-2017-14910 (In Snapdragon Automobile, Snapdragon IoT and Snapdragon Mobile MDM9206 ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14909
+CVE-2017-14909 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14908
+CVE-2017-14908 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14907
+CVE-2017-14907 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm closed-source components on Android
-CVE-2017-14906
+CVE-2017-14906 (In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mo ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14905
+CVE-2017-14905 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14904
+CVE-2017-14904 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Android MediaServer
-CVE-2017-14903
+CVE-2017-14903 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14902
+CVE-2017-14902 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Android
-CVE-2017-14901
+CVE-2017-14901 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14900
+CVE-2017-14900 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14899
+CVE-2017-14899 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14898
+CVE-2017-14898 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14897
+CVE-2017-14897 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Android
-CVE-2017-14896
+CVE-2017-14896 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14895
+CVE-2017-14895 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Android
-CVE-2017-14894
+CVE-2017-14894 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14893
+CVE-2017-14893 (While flashing meta image, a buffer over-read may potentially occur wh ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14892
+CVE-2017-14892 (In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14891
+CVE-2017-14891 (In the KGSL driver function _gpuobj_map_useraddr() in Android for MSM, ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14890
+CVE-2017-14890 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14889
+CVE-2017-14889 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14888
+CVE-2017-14888 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14887
+CVE-2017-14887 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-14886
 	RESERVED
-CVE-2017-14885
+CVE-2017-14885 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14884
+CVE-2017-14884 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14883
+CVE-2017-14883 (In the function wma_unified_power_debug_stats_event_handler() in Andro ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14882
+CVE-2017-14882 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14881
+CVE-2017-14881 (While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in An ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14880
+CVE-2017-14880 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14879
+CVE-2017-14879 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14878
+CVE-2017-14878 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14877
+CVE-2017-14877 (While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD A ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14876
+CVE-2017-14876 (In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, a ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-14875
+CVE-2017-14875 (In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE i ...)
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-14874
 	RESERVED
-CVE-2017-14873
+CVE-2017-14873 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14872
+CVE-2017-14872 (While flashing a meta image, a buffer over-read can potentially occur  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-14871
 	RESERVED
-CVE-2017-14870
+CVE-2017-14870 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14869
+CVE-2017-14869 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-14868
+CVE-2017-14868 (Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows  ...)
 	- restlet <itp> (bug #596472)
-CVE-2017-14866
+CVE-2017-14866 (There is a heap-based buffer overflow in the Exiv2::s2Data function of ...)
 	[experimental] - exiv2 <unfixed> (bug #880015)
 	- exiv2 <not-affected> (Versions prior to 0.26 don't parse ICC profiles yet)
 	NOTE: https://github.com/Exiv2/exiv2/issues/140
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494781
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and "free(): corrupted unsorted chunks" without valgrind).
-CVE-2017-14865
+CVE-2017-14865 (There is a heap-based buffer overflow in the Exiv2::us2Data function o ...)
 	[experimental] - exiv2 <unfixed> (bug #888865)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/134
@@ -10535,7 +10535,7 @@ CVE-2017-14865
 	NOTE: Patch: https://github.com/Exiv2/exiv2/commit/d3c2b9938583440f87ce9115de5a7e8cd8f8db57
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and "free(): corrupted unsorted chunks" without valgrind).
-CVE-2017-14864
+CVE-2017-14864 (An Invalid memory address dereference was discovered in Exiv2::getULon ...)
 	{DLA-1147-1}
 	- exiv2 <unfixed>
 	[stretch] - exiv2 <ignored> (Minor issue)
@@ -10546,14 +10546,14 @@ CVE-2017-14864
 	NOTE: Depends on: https://github.com/Exiv2/exiv2/commit/65f45a350516bfde4941d7906f2d67462f48d1ca
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind).
-CVE-2017-14863
+CVE-2017-14863 (A NULL pointer dereference was discovered in Exiv2::Image::printIFDStr ...)
 	[experimental] - exiv2 <unfixed> (low; bug #888866)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/132
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494443
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and "free(): invalid next size (fast)" without valgrind).
-CVE-2017-14862
+CVE-2017-14862 (An Invalid memory address dereference was discovered in Exiv2::DataVal ...)
 	{DLA-1147-1}
 	- exiv2 <unfixed>
 	[stretch] - exiv2 <ignored> (Minor issue)
@@ -10564,14 +10564,14 @@ CVE-2017-14862
 	NOTE: Depends on: https://github.com/Exiv2/exiv2/commit/65f45a350516bfde4941d7906f2d67462f48d1ca
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind).
-CVE-2017-14861
+CVE-2017-14861 (There is a stack consumption vulnerability in the Exiv2::Internal::str ...)
 	[experimental] - exiv2 <unfixed> (bug #880027)
 	- exiv2 <not-affected> (printIFDStructure introduced in 0.26)
 	NOTE: https://github.com/Exiv2/exiv2/issues/139
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494787
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind).
-CVE-2017-14860
+CVE-2017-14860 (There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMet ...)
 	[experimental] - exiv2 <unfixed> (low; bug #888867)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/71
@@ -10579,7 +10579,7 @@ CVE-2017-14860
 	NOTE: Patch: https://github.com/Exiv2/exiv2/pull/108
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind).
-CVE-2017-14859
+CVE-2017-14859 (An Invalid memory address dereference was discovered in Exiv2::StringV ...)
 	{DLA-1147-1}
 	- exiv2 <unfixed>
 	[stretch] - exiv2 <ignored> (Minor issue)
@@ -10590,14 +10590,14 @@ CVE-2017-14859
 	NOTE: Depends on: https://github.com/Exiv2/exiv2/commit/65f45a350516bfde4941d7906f2d67462f48d1ca
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1).
-CVE-2017-14858
+CVE-2017-14858 (There is a heap-based buffer overflow in the Exiv2::l2Data function of ...)
 	[experimental] - exiv2 <unfixed> (bug #897134)
 	- exiv2 <not-affected> (TIFF meta data handler doesn't parse ICC profiles yet)
 	NOTE: https://github.com/Exiv2/exiv2/issues/138
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494782
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with a different error (double free or corruption (out))
-CVE-2017-14857
+CVE-2017-14857 (In Exiv2 0.26, there is an invalid free in the Image class in image.cp ...)
 	[experimental] - exiv2 <unfixed> (low; bug #888869)
 	- exiv2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/Exiv2/exiv2/issues/76
@@ -10607,7 +10607,7 @@ CVE-2017-14857
 	NOTE: Reproducible in experimental(0.26-1).
 CVE-2017-14856
 	RESERVED
-CVE-2017-14855
+CVE-2017-14855 (Red Lion HMI panels allow remote attackers to cause a denial of servic ...)
 	NOT-FOR-US: Red Lion HMI
 CVE-2017-14854
 	RESERVED
@@ -10619,71 +10619,71 @@ CVE-2017-14851
 	RESERVED
 CVE-2017-14850
 	RESERVED
-CVE-2017-14849
+CVE-2017-14849 (Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintende ...)
 	- nodejs <not-affected> (Vulnerable code introduced in 8.5.0)
 	NOTE: https://nodejs.org/en/blog/vulnerability/september-2017-path-validation/
 	NOTE: https://twitter.com/nodejs/status/913131152868876288
-CVE-2017-14848
+CVE-2017-14848 (WPHRM Human Resource Management System for WordPress 1.0 allows SQL In ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-14847
+CVE-2017-14847 (Mojoomla WPAMS Apartment Management System for WordPress allows SQL In ...)
 	NOT-FOR-US: Mojoomla WPAMS Apartment Management System for WordPress
-CVE-2017-14846
+CVE-2017-14846 (Mojoomla Hospital Management System for WordPress allows SQL Injection ...)
 	NOT-FOR-US: Mojoomla Hospital Management System for WordPress
-CVE-2017-14845
+CVE-2017-14845 (Mojoomla WPCHURCH Church Management System for WordPress allows SQL In ...)
 	NOT-FOR-US: Mojoomla WPCHURCH Church Management System for WordPress
-CVE-2017-14844
+CVE-2017-14844 (Mojoomla WPGYM WordPress Gym Management System allows SQL Injection vi ...)
 	NOT-FOR-US: Mojoomla WPGYM WordPress Gym Management System
-CVE-2017-14843
+CVE-2017-14843 (Mojoomla School Management System for WordPress allows SQL Injection v ...)
 	NOT-FOR-US: Mojoomla School Management System for WordPress
-CVE-2017-14842
+CVE-2017-14842 (Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress allows SQL I ...)
 	NOT-FOR-US: Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress
-CVE-2017-14841
+CVE-2017-14841 (Mojoomla Annual Maintenance Contract (AMC) Management System allows Ar ...)
 	NOT-FOR-US: Mojoomla Annual Maintenance Contract (AMC) Management System
-CVE-2017-14840
+CVE-2017-14840 (TeamWork TicketPlus allows Arbitrary File Upload in updateProfile. ...)
 	NOT-FOR-US: TeamWork TicketPlus
-CVE-2017-14839
+CVE-2017-14839 (TeamWork Photo Fusion allows Arbitrary File Upload in changeAvatar and ...)
 	NOT-FOR-US: TeamWork Photo Fusion
-CVE-2017-14838
+CVE-2017-14838 (TeamWork Job Links allows Arbitrary File Upload in profileChange and c ...)
 	NOT-FOR-US: TeamWork Job Links
-CVE-2017-14837
+CVE-2017-14837 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14836
+CVE-2017-14836 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14835
+CVE-2017-14835 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14834
+CVE-2017-14834 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14833
+CVE-2017-14833 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14832
+CVE-2017-14832 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14831
+CVE-2017-14831 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14830
+CVE-2017-14830 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14829
+CVE-2017-14829 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14828
+CVE-2017-14828 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14827
+CVE-2017-14827 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14826
+CVE-2017-14826 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14825
+CVE-2017-14825 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14824
+CVE-2017-14824 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14823
+CVE-2017-14823 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14822
+CVE-2017-14822 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14821
+CVE-2017-14821 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14820
+CVE-2017-14820 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14819
+CVE-2017-14819 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14818
+CVE-2017-14818 (This vulnerability allows remote attackers to disclose sensitive on vu ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2017-14817
 	REJECTED
@@ -10711,28 +10711,28 @@ CVE-2017-14806
 	RESERVED
 CVE-2017-14805
 	RESERVED
-CVE-2017-14804
+CVE-2017-14804 (The build package before 20171128 did not check directory names during ...)
 	- obs-build 20180302-1 (bug #887306)
 	[stretch] - obs-build <no-dsa> (Minor issue)
 	[jessie] - obs-build <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1069904
-CVE-2017-14803
+CVE-2017-14803 (In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server w ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2017-14802
+CVE-2017-14802 (Novell Access Manager Admin Console and IDP servers before 4.3.3 have  ...)
 	NOT-FOR-US: Novell Access Manager Admin Console
-CVE-2017-14801
+CVE-2017-14801 (Reflected XSS in the NetIQ Access Manager before 4.3.3 allowed attacke ...)
 	NOT-FOR-US: NetIQ
-CVE-2017-14800
+CVE-2017-14800 (A reflected cross site scripting attack in the NetIQ Access Manager be ...)
 	NOT-FOR-US: NetIQ
-CVE-2017-14799
+CVE-2017-14799 (A cross site scripting attack in handling the ESP login parameter hand ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2017-14798
+CVE-2017-14798 (A race condition in the postgresql init script could be used by attack ...)
 	NOT-FOR-US: SuSE-specific flaw in Postgres init script
-CVE-2017-14797
+CVE-2017-14797 (Lack of Transport Encryption in the public API in Philips Hue Bridge B ...)
 	NOT-FOR-US: Philips Hue
-CVE-2017-14796
+CVE-2017-14796 (The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remot ...)
 	NOT-FOR-US: libbpg
-CVE-2017-14795
+CVE-2017-14795 (The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remot ...)
 	NOT-FOR-US: libbpg
 CVE-2017-14794
 	REJECTED
@@ -10772,74 +10772,74 @@ CVE-2017-14777
 	REJECTED
 CVE-2017-14776
 	REJECTED
-CVE-2017-14775
+CVE-2017-14775 (Laravel before 5.5.10 mishandles the remember_me token verification pr ...)
 	NOT-FOR-US: Laravel
 CVE-2017-14774
 	RESERVED
-CVE-2017-14773
+CVE-2017-14773 (Skybox Manager Client Application prior to 8.5.501 is prone to an elev ...)
 	NOT-FOR-US: Skybox Manager Client Application
-CVE-2017-14772
+CVE-2017-14772 (Skybox Manager Client Application is prone to information disclosure v ...)
 	NOT-FOR-US: Skybox Manager Client Application
-CVE-2017-14771
+CVE-2017-14771 (Skybox Manager Client Application prior to 8.5.501 is prone to an arbi ...)
 	NOT-FOR-US: Skybox Manager Client Application
-CVE-2017-14770
+CVE-2017-14770 (Skybox Manager Client Application prior to 8.5.501 is prone to an info ...)
 	NOT-FOR-US: Skybox Manager Client Application
 CVE-2017-14769
 	RESERVED
 CVE-2017-14768
 	RESERVED
-CVE-2017-14767
+CVE-2017-14767 (The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c i ...)
 	{DSA-3996-1 DLA-1630-1}
 	- ffmpeg 7:3.3.4-1
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d
 	NOTE: Fixed in 3.2.8
 	NOTE: The check is completely missing in Jessie. It should be added.
-CVE-2017-14766
+CVE-2017-14766 (The Simple Student Result plugin before 1.6.4 for WordPress has an Aut ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-14765
+CVE-2017-14765 (In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in  ...)
 	NOT-FOR-US: GeniXCMS
-CVE-2017-14764
+CVE-2017-14764 (In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated use ...)
 	NOT-FOR-US: GeniXCMS
-CVE-2017-14763
+CVE-2017-14763 (In the Install Themes page in GeniXCMS 1.1.4, remote authenticated use ...)
 	NOT-FOR-US: GeniXCMS
-CVE-2017-14762
+CVE-2017-14762 (In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS  ...)
 	NOT-FOR-US: GeniXCMS
-CVE-2017-14761
+CVE-2017-14761 (In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the  ...)
 	NOT-FOR-US: GeniXCMS
-CVE-2017-14760
+CVE-2017-14760 (SQL Injection exists in /includes/event-management/index.php in the ev ...)
 	NOT-FOR-US: Event Espresso Lite
-CVE-2017-14759
+CVE-2017-14759 (OpenText Document Sciences xPression (formerly EMC Document Sciences x ...)
 	NOT-FOR-US: OpenText Document Sciences xPression
-CVE-2017-14757
+CVE-2017-14757 (OpenText Document Sciences xPression (formerly EMC Document Sciences x ...)
 	NOT-FOR-US: OpenText Document Sciences xPression
-CVE-2017-14756
+CVE-2017-14756 (OpenText Document Sciences xPression (formerly EMC Document Sciences x ...)
 	NOT-FOR-US: OpenText Document Sciences xPression
-CVE-2017-14755
+CVE-2017-14755 (OpenText Document Sciences xPression (formerly EMC Document Sciences x ...)
 	NOT-FOR-US: OpenText Document Sciences xPression
-CVE-2017-14754
+CVE-2017-14754 (OpenText Document Sciences xPression (formerly EMC Document Sciences x ...)
 	NOT-FOR-US: OpenText Document Sciences xPression
-CVE-2017-14753
+CVE-2017-14753 (Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web inte ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14752
+CVE-2017-14752 (Mahara 15.04 before 15.04.15, 16.04 before 16.04.9, 16.10 before 16.10 ...)
 	- mahara <removed>
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=8083
-CVE-2017-14751
+CVE-2017-14751 (The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to  ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2017-14750
 	RESERVED
-CVE-2017-14749
+CVE-2017-14749 (JerryScript 1.0 allows remote attackers to cause a denial of service ( ...)
 	NOT-FOR-US: JerryScript
-CVE-2017-14748
+CVE-2017-14748 (Race condition in Blizzard Overwatch 1.15.0.2 allows remote authentica ...)
 	NOT-FOR-US: Blizzard Overwatch
 CVE-2017-14747
 	RESERVED
-CVE-2017-14746
+CVE-2017-14746 (Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote a ...)
 	{DSA-4043-1}
 	- samba 2:4.7.1+dfsg-2
 	[wheezy] - samba <not-affected> (Issue introduced in 4.0.0)
 	NOTE: https://www.samba.org/samba/security/CVE-2017-14746.html
-CVE-2017-14745
+CVE-2017-14745 (The *_get_synthetic_symtab functions in the Binary File Descriptor (BF ...)
 	- binutils 2.29-11
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -10847,18 +10847,18 @@ CVE-2017-14745
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22148
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=94670f6cf11fc29cc6db6814b38c4305d9bcac96 (master)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e6ff33ca50c1180725dde11c84ee93fcdb4235ef (binutils-2_29-branch)
-CVE-2017-14867
+CVE-2017-14867 (Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x  ...)
 	{DSA-3984-1 DLA-1120-1}
 	- git 1:2.14.2-1 (bug #876854)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/26/9
 	NOTE: https://public-inbox.org/git/xmqqy3p29ekj.fsf@gitster.mtv.corp.google.com/T/#u
-CVE-2017-14744
+CVE-2017-14744 (UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element. ...)
 	NOT-FOR-US: UEditor
-CVE-2017-14743
+CVE-2017-14743 (Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated SQL inje ...)
 	NOT-FOR-US: Faleemi FSC-880 00.01.01.0048P2 devices
 CVE-2017-14742
 	RESERVED
-CVE-2017-14741
+CVE-2017-14741 (The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7 ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878548)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -10866,9 +10866,9 @@ CVE-2017-14741
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/771
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d8e14899c562157c7760a77fc91625a27cb596f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bb11d07139efe0f5e4ce0e4afda32abdbe82fa9d
-CVE-2017-14740
+CVE-2017-14740 (Cross-site scripting (XSS) vulnerability in GeniXCMS 1.1.0 allows remo ...)
 	NOT-FOR-US: GeniXCMS
-CVE-2017-14739
+CVE-2017-14739 (The AcquireResampleFilterThreadSet function in magick/resample-private ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878547)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -10879,9 +10879,9 @@ CVE-2017-14739
 	NOTE: Requires additional fixes:
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/bbc582d5439a7f9338c6bdc8c34b1ae221ae5214
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/67a633df9386704f45d1ad24f7f5af8a5d11f4a3
-CVE-2017-14738
+CVE-2017-14738 (FileRun (version 2017.09.18 and below) suffers from a remote SQL injec ...)
 	NOT-FOR-US: FileRun
-CVE-2017-14737
+CVE-2017-14737 (A cryptographic cache-based side channel in the RSA implementation in  ...)
 	{DLA-1125-1}
 	- botan1.10 1.10.17-0.1 (bug #877436)
 	[stretch] - botan1.10 <no-dsa> (Minor issue)
@@ -10892,27 +10892,27 @@ CVE-2017-14737
 	NOTE: for 2.x: https://github.com/randombit/botan/commit/95df7f155570949837e8e28e733f3d59408092da
 CVE-2017-14736
 	RESERVED
-CVE-2017-14735
+CVE-2017-14735 (OWASP AntiSamy before 1.5.7 allows XSS via HTML5 entities, as demonstr ...)
 	NOT-FOR-US: OWASP AntiSamy
-CVE-2017-14734
+CVE-2017-14734 (The build_msps function in libbpg.c in libbpg 0.9.7 allows remote atta ...)
 	NOT-FOR-US: libbpg
-CVE-2017-14733
+CVE-2017-14733 (ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE h ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1130-1}
 	- graphicsmagick 1.3.26-13
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=5381c71724e3
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/458/
 CVE-2017-14732
 	RESERVED
-CVE-2017-14731
+CVE-2017-14731 (ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attack ...)
 	{DLA-1192-1}
 	- libofx 1:0.9.11-5 (bug #877442)
 	[stretch] - libofx 1:0.9.10-2+deb9u1
 	[jessie] - libofx 1:0.9.10-1+deb8u1
 	NOTE: https://github.com/libofx/libofx/issues/10
 	NOTE: https://github.com/libofx/libofx/commit/fad8418f34094de42e1307113598e0e8bee0a2bd
-CVE-2017-14730
+CVE-2017-14730 (The init script in the Gentoo app-admin/logstash-bin package before 5. ...)
 	NOT-FOR-US: Gentoo packagin flaw for Logstash
-CVE-2017-14729
+CVE-2017-14729 (The *_get_synthetic_symtab functions in the Binary File Descriptor (BF ...)
 	- binutils 2.29.1-2
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -10925,22 +10925,22 @@ CVE-2017-14729
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=61e3bf5f83f7e505b6bc51ef65426e5b31e6e360
 CVE-2017-14728
 	RESERVED
-CVE-2017-14726
+CVE-2017-14726 (Before version 4.8.2, WordPress was vulnerable to a cross-site scripti ...)
 	{DSA-3997-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	[wheezy] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: https://core.trac.wordpress.org/changeset/41395
-CVE-2017-14725
+CVE-2017-14725 (Before version 4.8.2, WordPress was susceptible to an open redirect at ...)
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41398
-CVE-2017-14724
+CVE-2017-14724 (Before version 4.8.2, WordPress was vulnerable to cross-site scripting ...)
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	[stretch] - wordpress 4.7.5+dfsg-2+deb9u1
 	[jessie] - wordpress <not-affected> (Vulnerable code not present)
 	[wheezy] - wordpress <not-affected> (Vulnerable code not present)
 	NOTE: https://core.trac.wordpress.org/changeset/41448
-CVE-2017-14723
+CVE-2017-14723 (Before version 4.8.2, WordPress mishandled % characters and additional ...)
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41470
@@ -10949,140 +10949,140 @@ CVE-2017-14723
 	NOTE: https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
 	NOTE: https://medium.com/websec/wordpress-sqli-bbb2afcc8e94
 	NOTE: https://medium.com/websec/wordpress-sqli-poc-f1827c20bf8e
-CVE-2017-14722
+CVE-2017-14722 (Before version 4.8.2, WordPress allowed a Directory Traversal attack i ...)
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41397
-CVE-2017-14721
+CVE-2017-14721 (Before version 4.8.2, WordPress allowed Cross-Site scripting in the pl ...)
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41412
-CVE-2017-14720
+CVE-2017-14720 (Before version 4.8.2, WordPress allowed a Cross-Site scripting attack  ...)
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41412
-CVE-2017-14719
+CVE-2017-14719 (Before version 4.8.2, WordPress was vulnerable to a directory traversa ...)
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41457
-CVE-2017-14718
+CVE-2017-14718 (Before version 4.8.2, WordPress was susceptible to a Cross-Site Script ...)
 	{DSA-3997-1 DLA-1151-1}
 	- wordpress 4.8.2+dfsg-1 (bug #876274)
 	NOTE: https://core.trac.wordpress.org/changeset/41393
-CVE-2017-14727
+CVE-2017-14727 (logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash v ...)
 	{DLA-1111-1}
 	- weechat 1.9.1-1 (bug #876553)
 	[stretch] - weechat 1.6-1+deb9u2
 	[jessie] - weechat 1.0.1-1+deb8u2
 	NOTE: Fixed by: https://github.com/weechat/weechat/commit/f105c6f0b56fb5687b2d2aedf37cb1d1b434d556
-CVE-2017-14717
+CVE-2017-14717 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Descripti ...)
 	NOT-FOR-US: EPESI
-CVE-2017-14716
+CVE-2017-14716 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Title par ...)
 	NOT-FOR-US: EPESI
-CVE-2017-14715
+CVE-2017-14715 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts Ti ...)
 	NOT-FOR-US: EPESI
-CVE-2017-14714
+CVE-2017-14714 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Subj ...)
 	NOT-FOR-US: EPESI
-CVE-2017-14713
+CVE-2017-14713 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Desc ...)
 	NOT-FOR-US: EPESI
-CVE-2017-14712
+CVE-2017-14712 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Phonecall ...)
 	NOT-FOR-US: EPESI
-CVE-2017-14711
+CVE-2017-14711 (The Kickbase GmbH "Kickbase Bundesliga Manager" app before 2.2.1 -- ak ...)
 	NOT-FOR-US: Kickbase GmbH "Kickbase Bundesliga Manager"
-CVE-2017-14710
+CVE-2017-14710 (The Shein Group Ltd. "SHEIN - Fashion Shopping" app -- aka shein fashi ...)
 	NOT-FOR-US: Fashion Shopping app
-CVE-2017-14709
+CVE-2017-14709 (The komoot GmbH "Komoot - Cycling &amp; Hiking Maps" app before 9.3.2  ...)
 	NOT-FOR-US: Cycling & Hiking Maps app
 CVE-2017-14708
 	RESERVED
 CVE-2017-14707
 	RESERVED
-CVE-2017-14706
+CVE-2017-14706 (DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to ob ...)
 	NOT-FOR-US: DenyAll WAF
-CVE-2017-14705
+CVE-2017-14705 (DenyAll WAF before 6.4.1 allows unauthenticated remote command executi ...)
 	NOT-FOR-US: DenyAll WAF
-CVE-2017-14704
+CVE-2017-14704 (Multiple unrestricted file upload vulnerabilities in the (1) imageSubm ...)
 	NOT-FOR-US: Claydip Laravel Airbnb Clone
-CVE-2017-14703
+CVE-2017-14703 (SQL injection vulnerability in Cash Back Comparison Script 1.0 allows  ...)
 	NOT-FOR-US: Cash Back Comparison Script
-CVE-2017-14702
+CVE-2017-14702 (ERS Data System 1.8.1.0 allows remote attackers to execute arbitrary c ...)
 	NOT-FOR-US: ERS Data System
 CVE-2017-14701
 	RESERVED
 CVE-2017-14700
 	RESERVED
-CVE-2017-14699
+CVE-2017-14699 (Multiple XML external entity (XXE) vulnerabilities in the AiCloud feat ...)
 	NOT-FOR-US: ASUS routers
-CVE-2017-14698
+CVE-2017-14698 (ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC5 ...)
 	NOT-FOR-US: ASUS routers
 CVE-2017-14697
 	RESERVED
-CVE-2017-14696
+CVE-2017-14696 (SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7 ...)
 	- salt 2016.11.8+dfsg1-1 (bug #879090)
 	[stretch] - salt 2016.11.2+ds-1+deb9u1
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/89e084bda356739de645c15e7d1968afebdcc56e (2016.11)
-CVE-2017-14695
+CVE-2017-14695 (Directory traversal vulnerability in minion id validation in SaltStack ...)
 	- salt 2016.11.8+dfsg1-1 (bug #879089)
 	[stretch] - salt 2016.11.2+ds-1+deb9u1
 	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/206ae23f15cb7ec95a07dee4cbe9802da84f9c42 (2016.11)
-CVE-2017-14694
+CVE-2017-14694 (Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013  ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-14693
+CVE-2017-14693 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service o ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-14692
+CVE-2017-14692 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14691
+CVE-2017-14691 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14690
+CVE-2017-14690 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14689
+CVE-2017-14689 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14688
+CVE-2017-14688 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14687
+CVE-2017-14687 (Artifex MuPDF 1.11 allows attackers to cause a denial of service or po ...)
 	{DSA-4006-1 DLA-1164-1}
 	- mupdf 1.11+ds1-1.1 (bug #877379)
 	[jessie] - mupdf <no-dsa> (Minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698558
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28
 	NOTE: Several fz_xml_tag && !strcmp idoms are used in older versions
-CVE-2017-14686
+CVE-2017-14686 (Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause ...)
 	{DSA-4006-1}
 	- mupdf 1.11+ds1-1.1 (bug #877379)
 	[jessie] - mupdf <not-affected> (vulnerable code not present, poc not effective)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698540
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1
-CVE-2017-14685
+CVE-2017-14685 (Artifex MuPDF 1.11 allows attackers to cause a denial of service or po ...)
 	{DSA-4006-1}
 	- mupdf 1.11+ds1-1.1 (bug #877379)
 	[jessie] - mupdf <not-affected> (vulnerable code not present, poc not effective)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698539
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=ab1a420613dec93c686acbee2c165274e922f82a
-CVE-2017-14684
+CVE-2017-14684 (In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in t ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant; bug #876487)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/770
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/dd367e0c3c3f37fbf1c20fa107b67a668b22c6e2
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/a25142f284384a10306f14393d9bfd7af95ddfff
-CVE-2017-14683
+CVE-2017-14683 (geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated b ...)
 	NOT-FOR-US: geminabox
-CVE-2017-14682
+CVE-2017-14682 (GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote  ...)
 	{DSA-4040-1 DSA-4032-1 DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #876488)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32726
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3bee958ee63eb6ec62834d0c7b28b4b6835e6a00
-CVE-2017-14681
+CVE-2017-14681 (The daemon in P3Scan 3.0_rc1 and earlier creates a p3scan.pid file aft ...)
 	- p3scan <removed> (bug #876674)
 	[stretch] - p3scan <ignored> (Minor issue)
 	[jessie] - p3scan <ignored> (Minor issue)
 	[wheezy] - p3scan <ignored> (Minor issue)
 	NOTE: https://sourceforge.net/p/p3scan/bugs/33/
-CVE-2017-14680
+CVE-2017-14680 (ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensit ...)
 	NOT-FOR-US: ZKTeco ZKTime Web
 CVE-2017-14679
 	REJECTED
@@ -11136,50 +11136,50 @@ CVE-2017-14655
 	REJECTED
 CVE-2017-14654
 	RESERVED
-CVE-2017-14653
+CVE-2017-14653 (member/Orderinfo.asp in ASP4CMS AspCMS 2.7.2 allows remote authenticat ...)
 	NOT-FOR-US: ASP4CMS AspCMS
-CVE-2017-14652
+CVE-2017-14652 (SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the Tap ...)
 	NOT-FOR-US: Tapatalk plugin for MyBB
-CVE-2017-14651
+CVE-2017-14651 (WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_colle ...)
 	NOT-FOR-US: WSO2 Data Analytics Server
-CVE-2017-14649
+CVE-2017-14649 (ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does  ...)
 	- graphicsmagick 1.3.26-12 (unimportant; bug #876460)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/358608a46f0a
 	NOTE: https://blogs.gentoo.org/ago/2017/09/19/graphicsmagick-assertion-failure-in-pixel_cache-c/
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/439/
-CVE-2017-14648
+CVE-2017-14648 (A global buffer overflow was discovered in the iteration_loop function ...)
 	NOT-FOR-US: BladeEnc
-CVE-2017-14647
+CVE-2017-14647 (A heap-based buffer overflow was discovered in AP4_VisualSampleEntry:: ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14646
+CVE-2017-14646 (The AP4_AvccAtom and AP4_HvccAtom classes in Bento4 version 1.5.0-617  ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14645
+CVE-2017-14645 (A heap-based buffer over-read was discovered in AP4_BitStream::ReadByt ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14644
+CVE-2017-14644 (A heap-based buffer overflow was discovered in the AP4_HdlrAtom class  ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14643
+CVE-2017-14643 (The AP4_HdlrAtom class in Core/Ap4HdlrAtom.cpp in Bento4 version 1.5.0 ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14642
+CVE-2017-14642 (A NULL pointer dereference was discovered in the AP4_HdlrAtom class in ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14641
+CVE-2017-14641 (A NULL pointer dereference was discovered in the AP4_DataAtom class in ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14640
+CVE-2017-14640 (A NULL pointer dereference was discovered in AP4_AtomSampleTable::GetS ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14639
+CVE-2017-14639 (AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14638
+CVE-2017-14638 (AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in Be ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14637
+CVE-2017-14637 (In sam2p 0.49.3, there is an invalid read of size 2 in the parse_rgb f ...)
 	{DLA-1127-1}
 	- sam2p <removed> (bug #876744)
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 5)
-CVE-2017-14636
+CVE-2017-14636 (Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffff ...)
 	{DLA-1127-1}
 	- sam2p <removed> (bug #876744)
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 4)
-CVE-2017-14635
+CVE-2017-14635 (In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before 4 ...)
 	{DSA-4021-1 DLA-1119-1}
 	- otrs2 5.0.23-1 (bug #876462)
 	NOTE: https://github.com/OTRS/otrs/commit/a4093dc404fcbd87b235b31c72913141672f2a85 (rel-5_0)
@@ -11192,26 +11192,26 @@ CVE-2017-14635
 	NOTE: https://github.com/OTRS/otrs/commit/5468720cc8225a85699b1977ff230adbf9f8362d (rel-3_3)
 	NOTE: https://github.com/OTRS/otrs/commit/0583dfda7bc9c7d76457aad68083f4b28a288ce5 (rel-3_3)
 	NOTE: https://www.otrs.com/security-advisory-2017-04-security-update-otrs-versions/
-CVE-2017-14650
+CVE-2017-14650 (A Remote Code Execution vulnerability has been found in the Horde_Imag ...)
 	{DSA-4276-1 DLA-1395-1}
 	- php-horde-image 2.5.2-1 (bug #876400)
 	NOTE: https://marc.info/?l=horde-announce&m=150600299528079&w=2
 	NOTE: https://github.com/horde/horde/commit/eb3afd14c22c77ae0d29e2848f5ac726ef6e7c5b
-CVE-2017-14634
+CVE-2017-14634 (In libsndfile 1.0.28, a divide-by-zero error exists in the function do ...)
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (bug #876783)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/318
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/85c877d5072866aadbe8ed0c3e0590fbb5e16788
-CVE-2017-14633
+CVE-2017-14633 (In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability ...)
 	{DSA-4113-1 DLA-1368-1}
 	- libvorbis 1.3.5-4.1 (bug #876778)
 	[jessie] - libvorbis <postponed> (Minor issue, can be fixed along later)
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2329
 	NOTE: https://github.com/xiph/vorbis/pull/34
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/commit/a79ec216cd119069c68b8f3542c6a425a74ab993
-CVE-2017-14632
+CVE-2017-14632 (Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uni ...)
 	{DSA-4113-1 DLA-1368-1}
 	- libvorbis 1.3.5-4.1 (bug #876779)
 	[jessie] - libvorbis <not-affected> (Vulnerable code not present)
@@ -11219,29 +11219,29 @@ CVE-2017-14632
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2328
 	NOTE: https://github.com/xiph/vorbis/issues/29
 	NOTE: https://github.com/xiph/vorbis/pull/34
-CVE-2017-14631
+CVE-2017-14631 (In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an integ ...)
 	{DLA-1127-1}
 	- sam2p <removed> (bug #876744)
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 1)
-CVE-2017-14630
+CVE-2017-14630 (In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 func ...)
 	{DLA-1127-1}
 	- sam2p <removed> (bug #876744)
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 6)
-CVE-2017-14629
+CVE-2017-14629 (In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an integ ...)
 	{DLA-1127-1}
 	- sam2p <removed> (bug #876744)
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 3)
-CVE-2017-14628
+CVE-2017-14628 (In sam2p 0.49.3, a heap-based buffer overflow exists in the pcxLoadIma ...)
 	{DLA-1127-1}
 	- sam2p <removed> (bug #876744)
 	[jessie] - sam2p 0.49.2-3+deb8u1
 	NOTE: https://github.com/pts/sam2p/issues/14 (bug 2)
-CVE-2017-14627
+CVE-2017-14627 (Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote  ...)
 	NOT-FOR-US: CyberLink LabelPrint
-CVE-2017-14626
+CVE-2017-14626 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability i ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878524)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -11250,36 +11250,36 @@ CVE-2017-14626
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/721
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/90b301db18434b2c2228776d06c2898b5fed74f0
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/cc797c296c30f3ec31cd02418b58a2c27549b0a9
-CVE-2017-14625
+CVE-2017-14625 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability i ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #877355)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/721
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/cc797c296c30f3ec31cd02418b58a2c27549b0a9
-CVE-2017-14624
+CVE-2017-14624 (ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability i ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #877354)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/722
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/9ff805077fd5297dc41dc989f9dba59877e12f97
-CVE-2017-14623
+CVE-2017-14623 (In the ldap.v2 (aka go-ldap) package through 2.5.0 for Go, an attacker ...)
 	- golang-github-go-ldap-ldap 2.5.1-1 (low; bug #876404)
 	[stretch] - golang-github-go-ldap-ldap 2.4.1-1+deb9u1
 	NOTE: https://github.com/go-ldap/ldap/pull/126
 	NOTE: https://github.com/go-ldap/ldap/commit/95ede1266b237bf8e9aa5dce0b3250e51bfefe66
-CVE-2017-14622
+CVE-2017-14622 (Multiple cross-site scripting (XSS) vulnerabilities in the 2kb Amazon  ...)
 	NOT-FOR-US: 2kb Amazon Affiliates Store plugin for WordPress
-CVE-2017-14621
+CVE-2017-14621 (Portus 2.2.0 has XSS via the Team field, related to typeahead. ...)
 	NOT-FOR-US: Portus
-CVE-2017-14620
+CVE-2017-14620 (SmarterStats Version 11.3.6347 will Render the Referer Field of HTTP L ...)
 	NOT-FOR-US: SmarterStats
-CVE-2017-14619
+CVE-2017-14619 (Cross-site scripting (XSS) vulnerability in phpMyFAQ through 2.9.8 all ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-14618
+CVE-2017-14618 (Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in phpMyFA ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-14617
+CVE-2017-14617 (In Poppler 0.59.0, a floating point exception occurs in the ImageStrea ...)
 	{DLA-1116-1}
 	- poppler 0.61.1-2 (bug #876385)
 	[stretch] - poppler <ignored> (Minor issue)
@@ -11289,36 +11289,36 @@ CVE-2017-14617
 	NOTE: The patch applied in 0.48.0-2+deb9u1 (stretch) and 0.26.5-2+deb8u2 (jessie)
 	NOTE: does not completely fix the issue thus still marked as unfixed even if the
 	NOTE: CVE is recorded in debian/changelog.
-CVE-2017-14616
+CVE-2017-14616 (An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. I ...)
 	NOT-FOR-US: WatchGuard Fireware
-CVE-2017-14615
+CVE-2017-14615 (An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. W ...)
 	NOT-FOR-US: WatchGuard Fireware
-CVE-2017-14614
+CVE-2017-14614 (Directory traversal vulnerability in the Visor GUI Console in GridGain ...)
 	NOT-FOR-US: GridGain
 CVE-2017-14613
 	RESERVED
-CVE-2017-14612
+CVE-2017-14612 ("Shpock Boot Sale &amp; Classifieds" app before 3.17.0 -- aka shpock-b ...)
 	NOT-FOR-US: Book sale app
-CVE-2017-14611
+CVE-2017-14611 (SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote att ...)
 	NOT-FOR-US: Cockpit CMS (different from src:cockpit)
-CVE-2017-14610
+CVE-2017-14610 (bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 a ...)
 	- bareos <unfixed> (bug #877334)
 	[buster] - bareos <no-dsa> (Minor issue)
 	[stretch] - bareos <no-dsa> (Minor issue)
 	[jessie] - bareos <no-dsa> (Minor issue)
 	NOTE: https://bugs.bareos.org/view.php?id=847
-CVE-2017-14609
+CVE-2017-14609 (The server daemons in Kannel 1.5.0 and earlier create a PID file after ...)
 	- kannel <unfixed> (unimportant; bug #877361)
 	NOTE: https://redmine.kannel.org/issues/771
 	NOTE: No real security issue in combination with start-stop-daemon from dpkg
-CVE-2017-14608
+CVE-2017-14608 (In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_ ...)
 	{DLA-1109-1}
 	- libraw 0.18.5-1 (low)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://github.com/LibRaw/LibRaw/commit/d13e8f6d1e987b7491182040a188c16a395f1d21
 	NOTE: https://github.com/LibRaw/LibRaw/issues/101
-CVE-2017-14607
+CVE-2017-14607 (In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to Read ...)
 	{DSA-4040-1 DSA-4032-1 DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878527)
 	NOTE: IM6 patch: https://github.com/ImageMagick/ImageMagick/commit/cd665c3d05b46d1579c738a72214175ff50aec74
@@ -11327,7 +11327,7 @@ CVE-2017-14606
 	RESERVED
 CVE-2017-14605
 	RESERVED
-CVE-2017-14604
+CVE-2017-14604 (GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by ...)
 	{DSA-3994-1}
 	- nautilus 3.25.90-1 (bug #860268)
 	[jessie] - nautilus <no-dsa> (Minor issue, issue mitigated because does not silently decompress tarballs)
@@ -11336,160 +11336,160 @@ CVE-2017-14604
 	NOTE: https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/
 	NOTE: https://github.com/freedomofpress/securedrop/issues/2238
 	NOTE: https://github.com/GNOME/nautilus/commit/1630f53481f445ada0a455e9979236d31a8d3bb0
-CVE-2017-14603
+CVE-2017-14603 (In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before  ...)
 	{DSA-3990-1}
 	- asterisk 1:13.17.2~dfsg-1 (bug #876328)
 	[wheezy] - asterisk <ignored> (strictrtp option is disabled by default. Too intrusive too backport)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-008.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27274
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27252
-CVE-2017-14602
+CVE-2017-14602 (A vulnerability has been identified in the management interface of Cit ...)
 	NOT-FOR-US: Citrix
-CVE-2017-14601
+CVE-2017-14601 (Pragyan CMS v3.0 is vulnerable to a Boolean-based SQL injection in cms ...)
 	NOT-FOR-US: Pragyan CMS
-CVE-2017-14600
+CVE-2017-14600 (Pragyan CMS v3.0 is vulnerable to an Error-Based SQL injection in cms/ ...)
 	NOT-FOR-US: Pragyan CMS
 CVE-2017-14599
 	RESERVED
 CVE-2017-14598
 	RESERVED
-CVE-2017-14597
+CVE-2017-14597 (AdminPanel in AfterLogic WebMail 7.7 and Aurora 7.7.5 has XSS via the  ...)
 	NOT-FOR-US: AfterLogic WebMail
-CVE-2017-14596
+CVE-2017-14596 (In Joomla! before 3.8.0, inadequate escaping in the LDAP authenticatio ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-14595
+CVE-2017-14595 (In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the  ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-14594
+CVE-2017-14594 (The printable searchrequest issue resource in Atlassian Jira before ve ...)
 	NOT-FOR-US: Atlassian Jira
-CVE-2017-14593
+CVE-2017-14593 (Sourcetree for Windows had several argument and command injection bugs ...)
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2017-14592
+CVE-2017-14592 (Sourcetree for macOS had several argument and command injection bugs i ...)
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2017-14591
+CVE-2017-14591 (Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4. ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-14590
+CVE-2017-14590 (Bamboo did not check that the name of a branch in a Mercurial reposito ...)
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-14589
+CVE-2017-14589 (It was possible for double OGNL evaluation in FreeMarker templates thr ...)
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-14588
+CVE-2017-14588 (Various resources in Atlassian FishEye and Crucible before version 4.4 ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-14587
+CVE-2017-14587 (The administration user deletion resource in Atlassian FishEye and Cru ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-14586
+CVE-2017-14586 (The Hipchat for Mac desktop client is vulnerable to client-side remote ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-14585
+CVE-2017-14585 (A Server Side Request Forgery (SSRF) vulnerability could lead to remot ...)
 	NOT-FOR-US: Atlassian
 CVE-2017-14584
 	RESERVED
-CVE-2017-14583
+CVE-2017-14583 (NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are ...)
 	NOT-FOR-US: NetApp Clustered Data ONTAP
-CVE-2017-14582
+CVE-2017-14582 (The Zoho Site24x7 Mobile Network Poller application before 1.1.5 for A ...)
 	NOT-FOR-US: Zoho
 CVE-2017-XXXX [pcb code injection by malicious layout file]
 	- pcb-rnd 1.2.5-2 (bug #876540)
 	[stretch] - pcb-rnd 1.1.4-2
-CVE-2017-14581
+CVE-2017-14581 (The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5  ...)
 	NOT-FOR-US: SAP
-CVE-2017-14580
+CVE-2017-14580 (XnView Classic for Windows Version 2.41 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-14579
+CVE-2017-14579 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14578
+CVE-2017-14578 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service o ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-14577
+CVE-2017-14577 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14576
+CVE-2017-14576 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14575
+CVE-2017-14575 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14574
+CVE-2017-14574 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14573
+CVE-2017-14573 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14572
+CVE-2017-14572 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14571
+CVE-2017-14571 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14570
+CVE-2017-14570 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14569
+CVE-2017-14569 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14568
+CVE-2017-14568 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14567
+CVE-2017-14567 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14566
+CVE-2017-14566 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14565
+CVE-2017-14565 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14564
+CVE-2017-14564 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14563
+CVE-2017-14563 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14562
+CVE-2017-14562 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14561
+CVE-2017-14561 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14560
+CVE-2017-14560 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14559
+CVE-2017-14559 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14558
+CVE-2017-14558 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14557
+CVE-2017-14557 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14556
+CVE-2017-14556 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14555
+CVE-2017-14555 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14554
+CVE-2017-14554 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14553
+CVE-2017-14553 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14552
+CVE-2017-14552 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14551
+CVE-2017-14551 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14550
+CVE-2017-14550 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14549
+CVE-2017-14549 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14548
+CVE-2017-14548 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14547
+CVE-2017-14547 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14546
+CVE-2017-14546 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14545
+CVE-2017-14545 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14544
+CVE-2017-14544 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14543
+CVE-2017-14543 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14542
+CVE-2017-14542 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14541
+CVE-2017-14541 (XnView Classic for Windows Version 2.40 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-14540
+CVE-2017-14540 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service o ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-14539
+CVE-2017-14539 (IrfanView 4.44 - 32bit allows attackers to cause a denial of service o ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-14538
+CVE-2017-14538 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-14537
+CVE-2017-14537 (trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter t ...)
 	NOT-FOR-US: trixbox
-CVE-2017-14536
+CVE-2017-14536 (trixbox 2.8.0.4 has XSS via the PATH_INFO to /maint/index.php or /user ...)
 	NOT-FOR-US: trixbox
-CVE-2017-14535
+CVE-2017-14535 (trixbox 2.8.0.4 has OS command injection via shell metacharacters in t ...)
 	NOT-FOR-US: trixbox
-CVE-2017-14534
+CVE-2017-14534 (Cross Site Scripting (XSS) exists in NexusPHP 1.5.beta5.20120707 via t ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-14533
+CVE-2017-14533 (ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c. ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/648
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f1f2089e79bcf5714cefba7cdc47049b4ac53c6b
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bdfc5538051ad0d1c2083ba2a29180ff6abea907
-CVE-2017-14532
+CVE-2017-14532 (ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags i ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #878541)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -11497,14 +11497,14 @@ CVE-2017-14532
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/719
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1942317d9208ea17ee17d976a39768cd51d74160
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/c55fb18c3f78445d100a378ab8b3c0acd53c6590
-CVE-2017-14531
+CVE-2017-14531 (ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in c ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/718
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/69967f4161bd14d8e03ea463d6545da442a6ea78
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/1385a09732c261f1f403a9af6700979ca56c76d3
-CVE-2017-14530
+CVE-2017-14530 (WP_Admin_UI in the Crony Cronjob Manager plugin before 0.4.7 for WordP ...)
 	NOT-FOR-US: Crony Cronjob Manager plugin for WordPress
-CVE-2017-14529
+CVE-2017-14529 (The pe_print_idata function in peXXigen.c in the Binary File Descripto ...)
 	- binutils 2.29-10
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -11512,7 +11512,7 @@ CVE-2017-14529
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22113
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=4d465c689a8fb27212ef358d0aee89d60dee69a6
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=dcaaca89e8618eba35193c27afcb1cfa54f74582
-CVE-2017-14528
+CVE-2017-14528 (The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has ...)
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (bug #878544)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -11520,65 +11520,65 @@ CVE-2017-14528
 	[wheezy] - imagemagick <not-affected> (Can't reproduce crash with file)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2730
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32560
-CVE-2017-14527
+CVE-2017-14527 (Multiple XML external entity (XXE) vulnerabilities in the OpenText Doc ...)
 	NOT-FOR-US: OpenText Documentum Webtop
-CVE-2017-14526
+CVE-2017-14526 (Multiple XML external entity (XXE) vulnerabilities in the OpenText Doc ...)
 	NOT-FOR-US: OpenText Documentum Administrator
-CVE-2017-14525
+CVE-2017-14525 (Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6 ...)
 	NOT-FOR-US: OpenText Documentum Webtop
-CVE-2017-14524
+CVE-2017-14524 (Multiple open redirect vulnerabilities in OpenText Documentum Administ ...)
 	NOT-FOR-US: OpenText Documentum Administrator
-CVE-2017-14523
+CVE-2017-14523 (** DISPUTED **  WonderCMS 2.3.1 is vulnerable to an HTTP Host header i ...)
 	NOT-FOR-US: WonderCMS
-CVE-2017-14522
+CVE-2017-14522 (** DISPUTED **  In WonderCMS 2.3.1, the application's input fields acc ...)
 	NOT-FOR-US: WonderCMS
-CVE-2017-14521
+CVE-2017-14521 (In WonderCMS 2.3.1, the upload functionality accepts random applicatio ...)
 	NOT-FOR-US: WonderCMS
-CVE-2017-14520
+CVE-2017-14520 (In Poppler 0.59.0, a floating point exception occurs in Splash::scaleI ...)
 	{DSA-4079-1}
 	- poppler 0.61.1-2 (low; bug #876081)
 	[wheezy] - poppler <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102719
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=504b3590182175390f474657a372e78fb1508262
-CVE-2017-14519
+CVE-2017-14519 (In Poppler 0.59.0, memory corruption occurs in a call to Object::strea ...)
 	{DSA-4079-1 DLA-1116-1}
 	- poppler 0.61.1-2 (bug #876086)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102701
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=aaf5327649e8f7371c9d3270e7813c43ddfd47ee
-CVE-2017-14518
+CVE-2017-14518 (In Poppler 0.59.0, a floating point exception exists in the isImageInt ...)
 	{DSA-4079-1}
 	- poppler 0.61.1-2 (low; bug #876082)
 	[wheezy] - poppler <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102688
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=80f9819b6233f9f9b5fd44f0e4cad026e5d048c2
-CVE-2017-14517
+CVE-2017-14517 (In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::pars ...)
 	{DSA-4079-1 DLA-1116-1}
 	- poppler 0.61.1-2 (low; bug #876079)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102687
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=476394e7a025e02e4897da2e765df2c895d0708f
-CVE-2017-14516
+CVE-2017-14516 (Cross-Site Scripting (XSS) exists in SAP Business Objects Financial Co ...)
 	NOT-FOR-US: SAP Business Objects Financial Consolidation
-CVE-2017-14515
+CVE-2017-14515 (Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 all ...)
 	NOT-FOR-US: Tenda W15E devices
-CVE-2017-14514
+CVE-2017-14514 (Directory Traversal on Tenda W15E devices before 15.11.0.14 allows rem ...)
 	NOT-FOR-US: Tenda W15E devices
-CVE-2017-14513
+CVE-2017-14513 (Directory traversal vulnerability in MetInfo 5.3.17 allows remote atta ...)
 	NOT-FOR-US: MetInfo
-CVE-2017-14512
+CVE-2017-14512 (NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via t ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-14511
+CVE-2017-14511 (An issue was discovered in SAP E-Recruiting (aka ERECRUIT) 605 through ...)
 	NOT-FOR-US: SAP
-CVE-2017-14510
+CVE-2017-14510 (An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2 ...)
 	NOT-FOR-US: SugarCRM
-CVE-2017-14509
+CVE-2017-14509 (An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2 ...)
 	NOT-FOR-US: SugarCRM
-CVE-2017-14508
+CVE-2017-14508 (An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2 ...)
 	NOT-FOR-US: SugarCRM
-CVE-2017-14507
+CVE-2017-14507 (Multiple SQL injection vulnerabilities in the Content Timeline plugin  ...)
 	NOT-FOR-US: Content Timeline plugin for WordPress
-CVE-2017-14506
+CVE-2017-14506 (geminabox (aka Gem in a Box) before 0.13.6 has XSS, as demonstrated by ...)
 	NOT-FOR-US: geminabox
-CVE-2017-14505
+CVE-2017-14505 (DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 m ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878545)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -11586,31 +11586,31 @@ CVE-2017-14505
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/716
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6ad5fc3c9b652eec27fc0b1a0817159f8547d5d9
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f7b0cf098bc800c5b6181dc522a99997bfee8948
-CVE-2017-14504
+CVE-2017-14504 (ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure  ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1130-1}
 	- graphicsmagick 1.3.26-11
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=fb09ca6dd22c
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/465/
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/466/
-CVE-2017-14503
+CVE-2017-14503 (libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_da ...)
 	{DSA-4360-1 DLA-1600-1}
 	- libarchive 3.2.2-4.1 (bug #875960)
 	[wheezy] - libarchive <no-dsa> (Minor issue)
 	NOTE: https://github.com/libarchive/libarchive/issues/948
 	NOTE: https://github.com/libarchive/libarchive/commit/2c8c83b9731ff822fad6cc8c670ea5519c366a14
-CVE-2017-14502
+CVE-2017-14502 (read_header in archive_read_support_format_rar.c in libarchive 3.3.2 s ...)
 	{DSA-4360-1 DLA-1600-1}
 	- libarchive 3.2.2-4.1 (bug #875974)
 	[wheezy] - libarchive <no-dsa> (Minor issue)
 	NOTE: https://github.com/libarchive/libarchive/commit/5562545b5562f6d12a4ef991fae158bf4ccf92b6
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=573
-CVE-2017-14501
+CVE-2017-14501 (An out-of-bounds read flaw exists in parse_file_info in archive_read_s ...)
 	{DSA-4360-1 DLA-1600-1}
 	- libarchive 3.2.2-4.2 (bug #875966)
 	[wheezy] - libarchive <no-dsa> (Minor issue)
 	NOTE: https://github.com/libarchive/libarchive/issues/949
 	NOTE: https://github.com/libarchive/libarchive/commit/f9569c086ff29259c73790db9cbf39fe8fb9d862
-CVE-2017-14500
+CVE-2017-14500 (Improper Neutralization of Special Elements used in an OS Command in t ...)
 	{DSA-3977-1 DLA-1104-1}
 	- newsbeuter 2.9-7 (bug #876004)
 	NOTE: http://openwall.com/lists/oss-security/2017/09/16/1
@@ -11619,45 +11619,45 @@ CVE-2017-14500
 	NOTE: https://github.com/akrennmair/newsbeuter/issues/598
 CVE-2017-14499
 	RESERVED
-CVE-2017-14498
+CVE-2017-14498 (SilverStripe CMS before 3.6.1 has XSS via an SVG document that is mish ...)
 	NOT-FOR-US: SilverStripe CMS
-CVE-2017-14497
+CVE-2017-14497 (The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel ...)
 	- linux 4.12.13-1
 	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/edbd58be15a957f6a760c4a514cd475217eb97fd (v4.13)
-CVE-2017-14496
+CVE-2017-14496 (Integer underflow in the add_pseudoheader function in dnsmasq before 2 ...)
 	- dnsmasq 2.78-1
 	[stretch] - dnsmasq 2.76-5+deb9u1
 	[jessie] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	[wheezy] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=897c113fda0886a28a986cc6ba17bb93bd6cb1c7
-CVE-2017-14495
+CVE-2017-14495 (Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id o ...)
 	- dnsmasq 2.78-1
 	[stretch] - dnsmasq 2.76-5+deb9u1
 	[jessie] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	[wheezy] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=51eadb692a5123b9838e5a68ecace3ac579a3a45
-CVE-2017-14494
+CVE-2017-14494 (dnsmasq before 2.78, when configured as a relay, allows remote attacke ...)
 	{DSA-3989-1 DLA-1124-1}
 	- dnsmasq 2.78-1
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=33e3f1029c9ec6c63e430ff51063a6301d4b2262
-CVE-2017-14493
+CVE-2017-14493 (Stack-based buffer overflow in dnsmasq before 2.78 allows remote attac ...)
 	{DSA-3989-1}
 	- dnsmasq 2.78-1
 	[wheezy] - dnsmasq <not-affected> (Vulnerable code introduced later)
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=3d4ff1ba8419546490b464418223132529514033
-CVE-2017-14492
+CVE-2017-14492 (Heap-based buffer overflow in dnsmasq before 2.78 allows remote attack ...)
 	{DSA-3989-1 DLA-1124-1}
 	- dnsmasq 2.78-1
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=24036ea507862c7b7898b68289c8130f85599c10
-CVE-2017-14491
+CVE-2017-14491 (Heap-based buffer overflow in dnsmasq before 2.78 allows remote attack ...)
 	{DSA-3989-1 DLA-1124-1}
 	- dnsmasq 2.78-1
 	NOTE: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
@@ -11665,122 +11665,122 @@ CVE-2017-14491
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=62cb936cb7ad5f219715515ae7d32dd281a5aa1f
 CVE-2017-14490
 	RESERVED
-CVE-2017-14489
+CVE-2017-14489 (The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the ...)
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.13-1
 	NOTE: https://patchwork.kernel.org/patch/9923803/
 	NOTE: Fixed by: https://git.kernel.org/linus/c88f0e6b06f4092995688211a631bb436125d77b
 CVE-2017-14488
 	RESERVED
-CVE-2017-14487
+CVE-2017-14487 (The OhMiBod Remote app for Android and iOS allows remote attackers to  ...)
 	NOT-FOR-US: OhMiBod Remote app
-CVE-2017-14486
+CVE-2017-14486 (The Vibease Wireless Remote Vibrator app for Android and the Vibease C ...)
 	NOT-FOR-US: Vibease Wireless Remote Vibrator app
 CVE-2017-14485
 	RESERVED
-CVE-2017-14484
+CVE-2017-14484 (The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Int ...)
 	NOT-FOR-US: Gentoo packaging flaw in gimps
-CVE-2017-14483
+CVE-2017-14483 (flower.initd in the Gentoo dev-python/flower package before 0.9.1-r1 f ...)
 	- flower <not-affected> (Gentoo-specific issue, Debian doesn't provide an init script at all)
-CVE-2017-1002100
+CVE-2017-1002100 (Default access permissions for Persistent Volumes (PVs) created by the ...)
 	- kubernetes <not-affected> (Vulnerable code not yet present)
-CVE-2017-1002028
+CVE-2017-1002028 (Vulnerability in wordpress plugin wordpress-gallery-transformation v1. ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002027
+CVE-2017-1002027 (Vulnerability in wordpress plugin rk-responsive-contact-form v1.0, The ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002026
+CVE-2017-1002026 (Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, Th ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002025
+CVE-2017-1002025 (Vulnerability in wordpress plugin add-edit-delete-listing-for-member-m ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002023
+CVE-2017-1002023 (Vulnerability in wordpress plugin Easy Team Manager v1.3.2, The code d ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002022
+CVE-2017-1002022 (Vulnerability in wordpress plugin surveys v1.01.8, The code in questio ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002021
+CVE-2017-1002021 (Vulnerability in wordpress plugin surveys v1.01.8, The code in individ ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002020
+CVE-2017-1002020 (Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_ ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002019
+CVE-2017-1002019 (Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form an ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002018
+CVE-2017-1002018 (Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form an ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002017
+CVE-2017-1002017 (Vulnerability in wordpress plugin gift-certificate-creator v1.0, The c ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002016
+CVE-2017-1002016 (Vulnerability in wordpress plugin flickr-picture-backup v0.7, The code ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002015
+CVE-2017-1002015 (Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002014
+CVE-2017-1002014 (Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002013
+CVE-2017-1002013 (Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002012
+CVE-2017-1002012 (Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002011
+CVE-2017-1002011 (Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002010
+CVE-2017-1002010 (Vulnerability in wordpress plugin Membership Simplified v1.58, The cod ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002009
+CVE-2017-1002009 (Vulnerability in wordpress plugin Membership Simplified v1.58, The cod ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002008
+CVE-2017-1002008 (Vulnerability in wordpress plugin membership-simplified-for-oap-member ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002007
+CVE-2017-1002007 (Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/sav ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002006
+CVE-2017-1002006 (Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/sav ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002005
+CVE-2017-1002005 (Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/de ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002004
+CVE-2017-1002004 (Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/do ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002003
+CVE-2017-1002003 (Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002002
+CVE-2017-1002002 (Vulnerability in wordpress plugin webapp-builder v2.0, The plugin incl ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002001
+CVE-2017-1002001 (Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05 ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-1002000
+CVE-2017-1002000 (Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easyt ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-14481
+CVE-2017-14481 (In the MMM::Agent::Helpers::Network::send_arp function in MySQL Multi- ...)
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14480
+CVE-2017-14480 (In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi- ...)
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14479
+CVE-2017-14479 (In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi- ...)
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14478
+CVE-2017-14478 (In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi- ...)
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14477
+CVE-2017-14477 (In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Ma ...)
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14476
+CVE-2017-14476 (In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Ma ...)
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14475
+CVE-2017-14475 (In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Ma ...)
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14474
+CVE-2017-14474 (In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Re ...)
 	NOT-FOR-US: MySQL ulti-Master Replication Manager
-CVE-2017-14473
+CVE-2017-14473 (An exploitable access control vulnerability exists in the data, progra ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14472
+CVE-2017-14472 (An exploitable access control vulnerability exists in the data, progra ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14471
+CVE-2017-14471 (An exploitable access control vulnerability exists in the data, progra ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14470
+CVE-2017-14470 (An exploitable access control vulnerability exists in the data, progra ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14469
+CVE-2017-14469 (An exploitable access control vulnerability exists in the data, progra ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14468
+CVE-2017-14468 (An exploitable access control vulnerability exists in the data, progra ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14467
+CVE-2017-14467 (An exploitable access control vulnerability exists in the data, progra ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14466
+CVE-2017-14466 (An exploitable access control vulnerability exists in the data, progra ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14465
+CVE-2017-14465 (An exploitable access control vulnerability exists in the data, progra ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14464
+CVE-2017-14464 (An exploitable access control vulnerability exists in the data, progra ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14463
+CVE-2017-14463 (An exploitable access control vulnerability exists in the data, progra ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14462
+CVE-2017-14462 (An exploitable access control vulnerability exists in the data, progra ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-14461
+CVE-2017-14461 (A specially crafted email delivered over SMTP and passed on to Dovecot ...)
 	{DSA-4130-1 DLA-1333-1}
 	- dovecot 1:2.2.34-1 (bug #891819)
 	NOTE: https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
@@ -11792,163 +11792,163 @@ CVE-2017-14461
 	NOTE: https://github.com/dovecot/core/commit/18a7a161c8dae6f630770a3cbab7374a0c3dd732
 	NOTE: https://github.com/dovecot/core/commit/0ed696987e5e5d44e971da2a10f6275b276ece34
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0510
-CVE-2017-14460
+CVE-2017-14460 (An exploitable overly permissive cross-domain (CORS) whitelist vulnera ...)
 	- parity <itp> (bug #890550)
-CVE-2017-14459
+CVE-2017-14459 (An exploitable OS Command Injection vulnerability exists in the Telnet ...)
 	NOT-FOR-US: Moxa
-CVE-2017-14458
+CVE-2017-14458 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2017-14457
+CVE-2017-14457 (An exploitable information leak/denial of service vulnerability exists ...)
 	- cpp-etherum <itp> (bug #860434)
 CVE-2017-14456
 	RESERVED
-CVE-2017-14455
+CVE-2017-14455 (On Insteon Hub 2245-222 devices with firmware version 1012, specially  ...)
 	NOT-FOR-US: Insteon Hub
 CVE-2017-14454
 	RESERVED
-CVE-2017-14453
+CVE-2017-14453 (On Insteon Hub 2245-222 devices with firmware version 1012, specially  ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-14452
+CVE-2017-14452 (An exploitable buffer overflow vulnerability exists in the PubNub mess ...)
 	NOT-FOR-US: Insteon Hub
 CVE-2017-14451
 	RESERVED
-CVE-2017-14450
+CVE-2017-14450 (A buffer overflow vulnerability exists in the GIF image parsing functi ...)
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0499
 	NOTE: https://hg.libsdl.org/SDL_image/rev/45e750f92c84
-CVE-2017-14449
+CVE-2017-14449 (A double-Free vulnerability exists in the XCF image rendering function ...)
 	{DSA-4177-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 <not-affected> (Vulnerable code not present)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0498
 	NOTE: https://hg.libsdl.org/SDL_image/rev/d0142861559c
-CVE-2017-14448
+CVE-2017-14448 (An exploitable code execution vulnerability exists in the XCF image re ...)
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0497
 	NOTE: https://hg.libsdl.org/SDL_image/rev/7df1580f1695
-CVE-2017-14447
+CVE-2017-14447 (An exploitable buffer overflow vulnerability exists in the PubNub mess ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-14446
+CVE-2017-14446 (An exploitable stack-based buffer overflow vulnerability exists in Ins ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-14445
+CVE-2017-14445 (An exploitable buffer overflow vulnerability exists in Insteon Hub run ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-14444
+CVE-2017-14444 (An exploitable buffer overflow vulnerability exists in Insteon Hub run ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-14443
+CVE-2017-14443 (An exploitable information leak vulnerability exists in Insteon Hub ru ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2017-14442
+CVE-2017-14442 (An exploitable code execution vulnerability exists in the BMP image re ...)
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0491
 	NOTE: https://hg.libsdl.org/SDL_image/rev/37445f6180a8
-CVE-2017-14441
+CVE-2017-14441 (An exploitable code execution vulnerability exists in the ICO image re ...)
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0490
 	NOTE: https://hg.libsdl.org/SDL_image/rev/a1e9b624ca10
-CVE-2017-14440
+CVE-2017-14440 (An exploitable code execution vulnerability exists in the ILBM image r ...)
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0489
 	NOTE: https://hg.libsdl.org/SDL_image/rev/bfa08dc02b3c
-CVE-2017-14439
+CVE-2017-14439 (Exploitable denial of service vulnerabilities exists in the Service Ag ...)
 	NOT-FOR-US: Moxa
-CVE-2017-14438
+CVE-2017-14438 (Exploitable denial of service vulnerabilities exists in the Service Ag ...)
 	NOT-FOR-US: Moxa
-CVE-2017-14437
+CVE-2017-14437 (An exploitable denial of service vulnerability exists in the web serve ...)
 	NOT-FOR-US: Moxa
-CVE-2017-14436
+CVE-2017-14436 (An exploitable denial of service vulnerability exists in the web serve ...)
 	NOT-FOR-US: Moxa
-CVE-2017-14435
+CVE-2017-14435 (An exploitable denial of service vulnerability exists in the web serve ...)
 	NOT-FOR-US: Moxa
-CVE-2017-14434
+CVE-2017-14434 (An exploitable command injection vulnerability exists in the web serve ...)
 	NOT-FOR-US: Moxa
-CVE-2017-14433
+CVE-2017-14433 (An exploitable command injection vulnerability exists in the web serve ...)
 	NOT-FOR-US: Moxa
-CVE-2017-14432
+CVE-2017-14432 (An exploitable command injection vulnerability exists in the web serve ...)
 	NOT-FOR-US: Moxa
-CVE-2017-14430
+CVE-2017-14430 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) a ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14429
+CVE-2017-14429 (The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114 ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14428
+CVE-2017-14428 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) a ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14427
+CVE-2017-14427 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) a ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14426
+CVE-2017-14426 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) a ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14425
+CVE-2017-14425 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) a ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14424
+CVE-2017-14424 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) a ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14423
+CVE-2017-14423 (htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A (with firmw ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14422
+CVE-2017-14422 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) a ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14421
+CVE-2017-14421 (D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices have ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14420
+CVE-2017-14420 (The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with fi ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14419
+CVE-2017-14419 (The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with fi ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14418
+CVE-2017-14418 (The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850 ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14417
+CVE-2017-14417 (register_send.php on D-Link DIR-850L REV. B (with firmware through FW2 ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14416
+CVE-2017-14416 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) d ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14415
+CVE-2017-14415 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) d ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14414
+CVE-2017-14414 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) d ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14413
+CVE-2017-14413 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) d ...)
 	NOT-FOR-US: D-Link
-CVE-2017-14412
+CVE-2017-14412 (An invalid memory write was discovered in copy_mp in interface.c in mp ...)
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-invalid-memory-write-in-copy_mp-mpglibdblinterface-c/
-CVE-2017-14411
+CVE-2017-14411 (A stack-based buffer overflow was discovered in copy_mp in interface.c ...)
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-stack-based-buffer-overflow-in-copy_mp-mpglibdblinterface-c/
-CVE-2017-14410
+CVE-2017-14410 (A buffer over-read was discovered in III_i_stereo in layer3.c in mpgli ...)
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-global-buffer-overflow-in-iii_i_stereo-mpglibdbllayer3-c/
-CVE-2017-14409
+CVE-2017-14409 (A buffer overflow was discovered in III_dequantize_sample in layer3.c  ...)
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-global-buffer-overflow-in-iii_dequantize_sample-mpglibdbllayer3-c/
-CVE-2017-14408
+CVE-2017-14408 (A stack-based buffer over-read was discovered in dct36 in layer3.c in  ...)
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-stack-based-buffer-overflow-in-dct36-mpglibdbllayer3-c/
-CVE-2017-14407
+CVE-2017-14407 (A stack-based buffer over-read was discovered in filterYule in gain_an ...)
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-stack-based-buffer-overflow-in-filteryule-gain_analysis-c/
-CVE-2017-14406
+CVE-2017-14406 (A NULL pointer dereference was discovered in sync_buffer in interface. ...)
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://blogs.gentoo.org/ago/2017/09/08/mp3gain-null-pointer-dereference-in-sync_buffer-mpglibdblinterface-c/
-CVE-2017-14405
+CVE-2017-14405 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote comma ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14404
+CVE-2017-14404 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows local file i ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14403
+CVE-2017-14403 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection v ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14402
+CVE-2017-14402 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection v ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14401
+CVE-2017-14401 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection v ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14400
+CVE-2017-14400 (In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/c ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878546)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -11956,13 +11956,13 @@ CVE-2017-14400
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/746
 	NOTE: im6 patch: https://github.com/ImageMagick/ImageMagick/commit/04b863f15effa4375e4ee42f413f0246062b48af
 	NOTE: im6 patch: https://github.com/ImageMagick/ImageMagick/commit/44a55580ac8c01d8cff1e6e0063820af113f8591
-CVE-2017-14399
+CVE-2017-14399 (In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend ...)
 	NOT-FOR-US: BlackCat CMS
-CVE-2017-14398
+CVE-2017-14398 (rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and ...)
 	NOT-FOR-US: Razer Synapse
-CVE-2017-14397
+CVE-2017-14397 (AnyDesk before 3.6.1 on Windows has a DLL injection vulnerability. ...)
 	NOT-FOR-US: AnyDesk
-CVE-2017-14396
+CVE-2017-14396 (In osTicket before 1.10.1, SQL injection is possible by constructing a ...)
 	NOT-FOR-US: osTicket
 CVE-2017-14395
 	RESERVED
@@ -11974,49 +11974,49 @@ CVE-2017-14392
 	REJECTED
 CVE-2017-14391
 	REJECTED
-CVE-2017-14390
+CVE-2017-14390 (In Cloud Foundry Foundation cf-deployment v0.35.0, a misconfiguration  ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-14389
+CVE-2017-14389 (An issue was discovered in Cloud Foundry Foundation capi-release (all  ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-14388
+CVE-2017-14388 (Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30. ...)
 	NOT-FOR-US: Cloud Foundry Foundation GrootFS
-CVE-2017-14387
+CVE-2017-14387 (The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8. ...)
 	NOT-FOR-US: EMC Isilon OneFS
-CVE-2017-14386
+CVE-2017-14386 (The web user interface of Dell 2335dn and 2355dn Multifunction Laser P ...)
 	NOT-FOR-US: Dell
-CVE-2017-14385
+CVE-2017-14385 (An issue was discovered in EMC Data Domain DD OS 5.7 family, versions  ...)
 	NOT-FOR-US: EMC Data Domain DD OS
-CVE-2017-14384
+CVE-2017-14384 (In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMig ...)
 	NOT-FOR-US: EMConfigMigration service
-CVE-2017-14383
+CVE-2017-14383 (In Dell EMC VNX2 versions prior to Operating Environment for File 8.1. ...)
 	NOT-FOR-US: EMC VNX
 CVE-2017-14382
 	REJECTED
 CVE-2017-14381
 	REJECTED
-CVE-2017-14380
+CVE-2017-14380 (In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2 ...)
 	NOT-FOR-US: EMC Isilon OneFS
-CVE-2017-14379
+CVE-2017-14379 (EMC RSA Authentication Manager before 8.2 SP1 P6 has a cross-site scri ...)
 	NOT-FOR-US: EMC RSA
-CVE-2017-14378
+CVE-2017-14378 (EMC RSA Authentication Agent API 8.5 for C and RSA Authentication Agen ...)
 	NOT-FOR-US: EMC RSA
-CVE-2017-14377
+CVE-2017-14377 (EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 an ...)
 	NOT-FOR-US: EMC RSA
-CVE-2017-14376
+CVE-2017-14376 (EMC AppSync Server prior to 3.5.0.1 contains database accounts with ha ...)
 	NOT-FOR-US: EMC AppSync Server
-CVE-2017-14375
+CVE-2017-14375 (EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4. ...)
 	NOT-FOR-US: EMC
-CVE-2017-14374
+CVE-2017-14374 (The SMI-S service in Dell Storage Manager versions earlier than 16.3.2 ...)
 	NOT-FOR-US: Dell
-CVE-2017-14373
+CVE-2017-14373 (EMC RSA Authentication Manager 8.2 SP1 P4 and earlier contains a refle ...)
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2017-14372
+CVE-2017-14372 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cros ...)
 	NOT-FOR-US: RSA Archer GRC Platform
-CVE-2017-14371
+CVE-2017-14371 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cros ...)
 	NOT-FOR-US: RSA Archer GRC Platform
-CVE-2017-14370
+CVE-2017-14370 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-s ...)
 	NOT-FOR-US: RSA Archer GRC Platform
-CVE-2017-14369
+CVE-2017-14369 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by a privilege es ...)
 	NOT-FOR-US: RSA Archer GRC Platform
 CVE-2017-14368
 	RESERVED
@@ -12028,53 +12028,53 @@ CVE-2017-14365
 	RESERVED
 CVE-2017-14364
 	RESERVED
-CVE-2017-14363
+CVE-2017-14363 (Cross-Site Scripting (XSS) vulnerability has been identified in Micro  ...)
 	NOT-FOR-US: Micro Focus Operations Manager
-CVE-2017-14362
+CVE-2017-14362 (Cross-Site Request Forgery vulnerability in Micro Focus Project and Po ...)
 	NOT-FOR-US: Micro Focus Project and Portfolio Management Center
-CVE-2017-14361
+CVE-2017-14361 (Man-In-The-Middle vulnerability in Micro Focus Project and Portfolio M ...)
 	NOT-FOR-US: Micro Focus Project and Portfolio Management Center
-CVE-2017-14360
+CVE-2017-14360 (A potential security vulnerability has been identified in HPE Content  ...)
 	NOT-FOR-US: HPE
-CVE-2017-14359
+CVE-2017-14359 (A potential security vulnerability has been identified in HPE Performa ...)
 	NOT-FOR-US: HPE Performance Center
-CVE-2017-14358
+CVE-2017-14358 (A URL redirection to untrusted site vulnerability in HP ArcSight ESM a ...)
 	NOT-FOR-US: HP ArcSight
-CVE-2017-14357
+CVE-2017-14357 (A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP  ...)
 	NOT-FOR-US: HP ArcSight
-CVE-2017-14356
+CVE-2017-14356 (An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM  ...)
 	NOT-FOR-US: HP ArcSight
-CVE-2017-14355
+CVE-2017-14355 (A potential security vulnerability has been identified in HPE Connecte ...)
 	NOT-FOR-US: HPE Connected Backup
-CVE-2017-14354
+CVE-2017-14354 (A remote cross-site scripting vulnerability in HP UCMDB Foundation Sof ...)
 	NOT-FOR-US: HP UCMDB Foundation
-CVE-2017-14353
+CVE-2017-14353 (A remote code execution vulnerability in HP UCMDB Foundation Software  ...)
 	NOT-FOR-US: HP UCMDB Foundation
-CVE-2017-14352
+CVE-2017-14352 (A potential security vulnerability has been identified in HP UCMDB Con ...)
 	NOT-FOR-US: HP
-CVE-2017-14351
+CVE-2017-14351 (A potential security vulnerability has been identified in HP UCMDB Con ...)
 	NOT-FOR-US: HP
-CVE-2017-14350
+CVE-2017-14350 (A potential security vulnerability has been identified in HPE Applicat ...)
 	NOT-FOR-US: HP
-CVE-2017-14349
+CVE-2017-14349 (An authentication vulnerability in HPE SiteScope product versions 11.2 ...)
 	NOT-FOR-US: HP
-CVE-2017-14347
+CVE-2017-14347 (NexusPHP 1.5.beta5.20120707 has XSS in the returnto parameter to fun.p ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-14346
+CVE-2017-14346 (upload.php in tianchoy/blog through 2017-09-12 allows unrestricted fil ...)
 	NOT-FOR-US: tianchoy/blog
-CVE-2017-14345
+CVE-2017-14345 (SQL Injection exists in tianchoy/blog through 2017-09-12 via the id pa ...)
 	NOT-FOR-US: tianchoy/blog
-CVE-2017-14344
+CVE-2017-14344 (This vulnerability allows local attackers to escalate privileges on Ju ...)
 	NOT-FOR-US: Jungo WinDriver
-CVE-2017-14343
+CVE-2017-14343 (ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/649
-CVE-2017-14342
+CVE-2017-14342 (ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGIm ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/650
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4e378ea8fb99e869768f34e900105e8c769adfcd
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6d5b22baedd49ef8a35011789bd600762ce1ef21
-CVE-2017-14341
+CVE-2017-14341 (ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in  ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #876105)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -12082,190 +12082,190 @@ CVE-2017-14341
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/654
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d63315a64267c565d1f34b9cb523a14616fed24
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4eae304e773bad8a876c3c26fdffac24d4253ae4
-CVE-2017-14348
+CVE-2017-14348 (LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCa ...)
 	- libraw 0.18.5-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <not-affected> (Vulnerable code not present)
 	[wheezy] - libraw <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/LibRaw/LibRaw/issues/100
 	NOTE: https://github.com/LibRaw/LibRaw/commit/8303e74b0567806dd5f16fc39aab70fe928de1a2
-CVE-2017-14340
+CVE-2017-14340 (The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux ker ...)
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/b31ff3cdf540110da4572e3e29bd172087af65cc
-CVE-2017-14339
+CVE-2017-14339 (The DNS packet parser in YADIFA before 2.2.6 does not check for the pr ...)
 	{DSA-4001-1}
 	- yadifa 2.2.6-1 (bug #876315)
 	NOTE: https://www.tarlogic.com/blog/fuzzing-yadifa-dns/
 	NOTE: https://github.com/yadifa/yadifa/blob/v2.2.6/ChangeLog
 CVE-2017-14338
 	RESERVED
-CVE-2017-14337
+CVE-2017-14337 (When MISP before 2.4.80 is configured with X.509 certificate authentic ...)
 	NOT-FOR-US: MISP (Malware Information Sharing Platform and Threat Sharing)
 CVE-2017-14336
 	RESERVED
-CVE-2017-14335
+CVE-2017-14335 (On Beijing Hanbang Hanbanggaoke devices, because user-controlled input ...)
 	NOT-FOR-US: Beijing Hanbang Hanbanggaoke devices
 CVE-2017-14334
 	RESERVED
-CVE-2017-14333
+CVE-2017-14333 (The process_version_sections function in readelf.c in GNU Binutils 2.2 ...)
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21990
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=452bf675ea772002aa86fb1d28f3474da70ee1de
-CVE-2017-14332
+CVE-2017-14332 (Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hij ...)
 	NOT-FOR-US: Extreme EXOS
-CVE-2017-14331
+CVE-2017-14331 (Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the  ...)
 	NOT-FOR-US: Extreme EXOS
-CVE-2017-14330
+CVE-2017-14330 (Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a ro ...)
 	NOT-FOR-US: Extreme EXOS
-CVE-2017-14329
+CVE-2017-14329 (Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a ro ...)
 	NOT-FOR-US: Extreme EXOS
-CVE-2017-14328
+CVE-2017-14328 (Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to tri ...)
 	NOT-FOR-US: Extreme EXOS
-CVE-2017-14327
+CVE-2017-14327 (Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitr ...)
 	NOT-FOR-US: Extreme EXOS
-CVE-2017-14326
+CVE-2017-14326 (In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in t ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/740
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/dfefe8de5068a547ae4097c69456f02f93935164
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/a542c9f9a53327b623333150874d4e5a5b3bcbd0
-CVE-2017-14325
+CVE-2017-14325 (In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in t ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/741
-CVE-2017-14324
+CVE-2017-14324 (In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in t ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/739
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/399631650b38eaf21c2f3c306b8b74e66be6a0d2
-CVE-2017-14323
+CVE-2017-14323 (SSRF (Server Side Request Forgery) in getRemoteImage.php in Ueditor in ...)
 	NOT-FOR-US: Onethink
-CVE-2017-14322
+CVE-2017-14322 (The function in charge to check whether the user is already logged in  ...)
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2017-14321
+CVE-2017-14321 (Multiple cross-site scripting (XSS) vulnerabilities in the administrat ...)
 	NOT-FOR-US: Mirasvit Helpdesk MX
-CVE-2017-14320
+CVE-2017-14320 (Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to exec ...)
 	NOT-FOR-US: Mirasvit Helpdesk MX
-CVE-2017-14319
+CVE-2017-14319 (A grant unmapping issue was discovered in Xen through 4.9.x. When remo ...)
 	{DSA-4050-1 DLA-1549-1 DLA-1132-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-234.html
-CVE-2017-14318
+CVE-2017-14318 (An issue was discovered in Xen 4.5.x through 4.9.x. The function `__gn ...)
 	{DSA-4050-1 DLA-1132-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	[jessie] - xen <not-affected> (Only affects 4.5 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-232.html
 	NOTE: Wheezy will be affected with the upcoming grant table backport
-CVE-2017-14317
+CVE-2017-14317 (A domain cleanup issue was discovered in the C xenstore daemon (aka cx ...)
 	{DSA-4050-1 DLA-1549-1 DLA-1132-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-233.html
-CVE-2017-14316
+CVE-2017-14316 (A parameter verification issue was discovered in Xen through 4.9.x. Th ...)
 	{DSA-4050-1 DLA-1549-1 DLA-1132-1}
 	- xen 4.8.2+xsa245-0+deb9u1
 	NOTE: https://xenbits.xen.org/xsa/advisory-231.html
-CVE-2017-14315
+CVE-2017-14315 (In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementatio ...)
 	NOT-FOR-US: Apple
-CVE-2017-14314
+CVE-2017-14314 (Off-by-one error in the DrawImage function in magick/render.c in Graph ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1130-1}
 	- graphicsmagick 1.3.26-10
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/2835184bfb78
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/448/
-CVE-2017-14312
+CVE-2017-14312 (Nagios Core through 4.3.4 initially executes /usr/sbin/nagios as root  ...)
 	- nagios3 <not-affected> (Doesn't affect Nagios as packaged in Debian)
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/issues/424
 	NOTE: State is not fully correct, since "affected" source would be there.
-CVE-2017-15596
+CVE-2017-15596 (An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest  ...)
 	{DSA-3969-1}
 	- xen 4.8.1-1+deb9u3
 	[wheezy] - xen <not-affected> (No arm support in Wheezy)
 	NOTE: https://xenbits.xen.org/xsa/advisory-235.html
-CVE-2017-14311
+CVE-2017-14311 (The Winring0x32.sys driver in NetMechanica NetDecision 5.8.2 allows lo ...)
 	NOT-FOR-US: NetMechanica NetDecision
-CVE-2017-14310
+CVE-2017-14310 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14309
+CVE-2017-14309 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14308
+CVE-2017-14308 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14307
+CVE-2017-14307 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14306
+CVE-2017-14306 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14305
+CVE-2017-14305 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14304
+CVE-2017-14304 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14303
+CVE-2017-14303 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14302
+CVE-2017-14302 (STDU Viewer 1.6.375 allows attackers to cause a denial of service or p ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14301
+CVE-2017-14301 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14300
+CVE-2017-14300 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14299
+CVE-2017-14299 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14298
+CVE-2017-14298 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14297
+CVE-2017-14297 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14296
+CVE-2017-14296 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14295
+CVE-2017-14295 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14294
+CVE-2017-14294 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14293
+CVE-2017-14293 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14292
+CVE-2017-14292 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14291
+CVE-2017-14291 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14290
+CVE-2017-14290 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14289
+CVE-2017-14289 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14288
+CVE-2017-14288 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14287
+CVE-2017-14287 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14286
+CVE-2017-14286 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-14285
+CVE-2017-14285 (XnView Classic for Windows Version 2.40 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-14284
+CVE-2017-14284 (XnView Classic for Windows Version 2.40 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-14283
+CVE-2017-14283 (XnView Classic for Windows Version 2.40 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-14282
+CVE-2017-14282 (XnView Classic for Windows Version 2.40 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-14281
+CVE-2017-14281 (XnView Classic for Windows Version 2.40 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-14280
+CVE-2017-14280 (XnView Classic for Windows Version 2.40 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-14279
+CVE-2017-14279 (XnView Classic for Windows Version 2.40 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-14278
+CVE-2017-14278 (XnView Classic for Windows Version 2.40 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-14277
+CVE-2017-14277 (XnView Classic for Windows Version 2.40 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-14276
+CVE-2017-14276 (XnView Classic for Windows Version 2.40 allows attackers to cause a de ...)
 	NOT-FOR-US: XnView
-CVE-2017-14275
+CVE-2017-14275 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-14274
+CVE-2017-14274 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-14273
+CVE-2017-14273 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-14272
+CVE-2017-14272 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-14271
+CVE-2017-14271 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-14270
+CVE-2017-14270 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-14482
+CVE-2017-14482 (GNU Emacs before 25.3 allows remote attackers to execute arbitrary cod ...)
 	{DSA-3975-1 DSA-3970-1 DLA-1101-1}
 	- emacs25 25.2+1-6 (bug #875447)
 	- emacs24 <removed> (bug #875448)
@@ -12273,18 +12273,18 @@ CVE-2017-14482
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/11/1
 	NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350
 	NOTE: https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25&id=9ad0fcc54442a9a01d41be19880250783426db70
-CVE-2017-14313
+CVE-2017-14313 (The shibboleth_login_form function in shibboleth.php in the Shibboleth ...)
 	{DSA-3973-1 DLA-1096-1}
 	- wordpress-shibboleth 1.8-1 (bug #874416)
 	NOTE: https://github.com/michaelryanmcneill/shibboleth/commit/1d65ad6786282d23ba1865f56e2fd19188e7c26a
 	NOTE: https://make.wordpress.org/plugins/2015/04/20/fixing-add_query_arg-and-remove_query_arg-usage/
-CVE-2017-14269
+CVE-2017-14269 (EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attack ...)
 	NOT-FOR-US: EE 4GEE WiFi MBB
-CVE-2017-14268
+CVE-2017-14268 (EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have XSS in the sms ...)
 	NOT-FOR-US: EE 4GEE WiFi MBB
-CVE-2017-14267
+CVE-2017-14267 (EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have CSRF, related  ...)
 	NOT-FOR-US: EE 4GEE WiFi MBB
-CVE-2017-14266
+CVE-2017-14266 (tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnera ...)
 	- tcpreplay 3.4.4-3
 	[jessie] - tcpreplay 3.4.4-2+deb8u1
 	[wheezy] - tcpreplay 3.4.3-2+wheezy2
@@ -12292,7 +12292,7 @@ CVE-2017-14266
 	NOTE: Not a duplicate of CVE-2016-6160 the detailed MITRE description, but both issues
 	NOTE: are addressed with the same patch:
 	NOTE: Patch enforce-maxpacket.patch addresses the issue
-CVE-2017-14265
+CVE-2017-14265 (A Stack-based Buffer Overflow was discovered in xtrans_interpolate in  ...)
 	- libraw 0.18.5-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
@@ -12301,19 +12301,19 @@ CVE-2017-14265
 	NOTE: https://github.com/LibRaw/LibRaw/commit/82616eff4c7f7437e96bdeeed238c3ef3dc12d60
 CVE-2017-14264
 	RESERVED
-CVE-2017-14263
+CVE-2017-14263 (Honeywell NVR devices allow remote attackers to create a user account  ...)
 	NOT-FOR-US: Honeywell
-CVE-2017-14262
+CVE-2017-14262 (On Samsung NVR devices, remote attackers can read the MD5 password has ...)
 	NOT-FOR-US: Samsung
-CVE-2017-14261
+CVE-2017-14261 (In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in Ap4StszAtom. ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14260
+CVE-2017-14260 (In the SDK in Bento4 1.5.0-616, the AP4_StssAtom class in Ap4StssAtom. ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14259
+CVE-2017-14259 (In the SDK in Bento4 1.5.0-616, the AP4_StscAtom class in Ap4StscAtom. ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14258
+CVE-2017-14258 (In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h fil ...)
 	NOT-FOR-US: Bento4
-CVE-2017-14257
+CVE-2017-14257 (In the SDK in Bento4 1.5.0-616, AP4_AtomSampleTable::GetSample in Core ...)
 	NOT-FOR-US: Bento4
 CVE-2017-14256
 	RESERVED
@@ -12323,14 +12323,14 @@ CVE-2017-14254
 	RESERVED
 CVE-2017-14253
 	RESERVED
-CVE-2017-14252
+CVE-2017-14252 (SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5 ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14251
+CVE-2017-14251 (Unrestricted File Upload vulnerability in the fileDenyPattern in sysex ...)
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life> (Not supported in Wheezy LTS)
-CVE-2017-14250
+CVE-2017-14250 (In TP-LINK TL-WR741N / TL-WR741ND 150M Wireless Lite N Router with Fir ...)
 	NOT-FOR-US: TP-LINK Router
-CVE-2017-14249
+CVE-2017-14249 (ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coder ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #876099)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -12338,43 +12338,43 @@ CVE-2017-14249
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/708
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2071d67ebf729f76d73c33c1152df4816d1d79ac
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/66112b7a7b64f688efe6fec53a829874a74dea04
-CVE-2017-14248
+CVE-2017-14248 (A heap-based buffer over-read in SampleImage() in MagickCore/resize.c  ...)
 	- imagemagick <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/717
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/c5402b6e0fcf8b694ae2af6a6652ebb8ce0ccf46
-CVE-2017-14247
+CVE-2017-14247 (SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5 ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14246
+CVE-2017-14246 (An out of bounds read in the function d2ulaw_array() in ulaw.c of libs ...)
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (low; bug #876682)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/317
 	NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
-CVE-2017-14245
+CVE-2017-14245 (An out of bounds read in the function d2alaw_array() in alaw.c of libs ...)
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (low; bug #876682)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[wheezy] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/317
 	NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
-CVE-2017-14244
+CVE-2017-14244 (An authentication bypass vulnerability on iBall Baton ADSL2+ Home Rout ...)
 	NOT-FOR-US: iBall
-CVE-2017-14243
+CVE-2017-14243 (An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadba ...)
 	NOT-FOR-US: UTStar
-CVE-2017-14242
+CVE-2017-14242 (SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0  ...)
 	- dolibarr <removed> (bug #885319)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/33e2179b65331d9d9179b59d746817c5be1fecdb
-CVE-2017-14241
+CVE-2017-14241 (Cross-site scripting (XSS) vulnerability in Dolibarr ERP/CRM 6.0.0 all ...)
 	- dolibarr <removed> (bug #885320)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/d26b2a694de30f95e46ea54ea72cc54f0d38e548
-CVE-2017-14240
+CVE-2017-14240 (There is a sensitive information disclosure vulnerability in document. ...)
 	- dolibarr <removed> (bug #885320)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/d26b2a694de30f95e46ea54ea72cc54f0d38e548
-CVE-2017-14239
+CVE-2017-14239 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CR ...)
 	- dolibarr <removed> (bug #885320)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/d26b2a694de30f95e46ea54ea72cc54f0d38e548
-CVE-2017-14238
+CVE-2017-14238 (SQL injection vulnerability in admin/menus/edit.php in Dolibarr ERP/CR ...)
 	- dolibarr <removed> (bug #885320)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/d26b2a694de30f95e46ea54ea72cc54f0d38e548
 CVE-2017-14237
@@ -12389,25 +12389,25 @@ CVE-2017-14233
 	RESERVED
 CVE-2017-14232
 	RESERVED
-CVE-2017-14231
+CVE-2017-14231 (GeniXCMS before 1.1.0 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: GenixCMS
-CVE-2017-14230
+CVE-2017-14230 (In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP befo ...)
 	- cyrus-imapd <not-affected> (Vulnerable code introduced later)
 	- cyrus-imapd-2.4 <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://github.com/cyrusimap/cyrus-imapd/commit/6bd33275368edfa71ae117de895488584678ac79
 	NOTE: Introduced by: https://github.com/cyrusimap/cyrus-imapd/commit/1fe918087237f55e09a37fa414bf988873739021 (cyrus-imapd-3.0.0-beta1)
 	NOTE: https://github.com/cyrusimap/cyrus-imapd/issues/2132
-CVE-2017-14229
+CVE-2017-14229 (There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_ ...)
 	- jasper <removed>
 	[jessie] - jasper <ignored> (Minor issue)
 	[wheezy] - jasper <ignored> (Minor issue)
 	NOTE: https://github.com/mdadams/jasper/issues/146
 	NOTE: Possible false-positive, cf. https://github.com/mdadams/jasper/issues/146#issuecomment-330674648
-CVE-2017-14228
+CVE-2017-14228 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address acces ...)
 	- nasm 2.13.02-0.1 (unimportant; bug #874731)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392423
 	NOTE: Crash in CLI tool, no securiy impact
-CVE-2017-14227
+CVE-2017-14227 (In MongoDB libbson 1.7.0, the bson_iter_codewscope function in bson-it ...)
 	- libbson 1.8.0-1 (bug #874754)
 	[stretch] - libbson <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1489355
@@ -12421,7 +12421,7 @@ CVE-2017-14227
 	NOTE: type is present in earlier versions.
 	NOTE: Upstream issue: https://jira.mongodb.org/browse/CDRIVER-2269
 	NOTE: Fixed by: https://github.com/mongodb/libbson/commit/42900956dc461dfe7fb91d93361d10737c1602b3
-CVE-2017-14226
+CVE-2017-14226 (WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.c ...)
 	- libwpd 0.10.2-1 (bug #876001)
 	[stretch] - libwpd 0.10.1-5+deb9u1
 	[jessie] - libwpd 0.10.0-2+deb8u1
@@ -12429,24 +12429,24 @@ CVE-2017-14226
 	NOTE: https://bugs.documentfoundation.org/show_bug.cgi?id=112269
 	NOTE: https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/
 	NOTE: https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/
-CVE-2017-14225
+CVE-2017-14225 (The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg  ...)
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/837cb4325b712ff1aab531bf41668933f61d75d2
-CVE-2017-14224
+CVE-2017-14224 (A heap-based buffer overflow in WritePCXImage in coders/pcx.c in Image ...)
 	{DSA-4040-1 DSA-4032-1 DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #876097)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/733
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7f2d6fe34d695d3445e2d50937db5541a1b76bde
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/c6409227c430f114b6425337e64b848535b62e0b
-CVE-2017-14223
+CVE-2017-14223 (In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_i ...)
 	{DSA-3996-1 DLA-1654-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/afc9c683ed9db01edb357bc8c19edad4282b3a97
-CVE-2017-14222
+CVE-2017-14222 (In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack ...)
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
@@ -12456,7 +12456,7 @@ CVE-2017-14221
 	RESERVED
 CVE-2017-14220
 	RESERVED
-CVE-2017-14219
+CVE-2017-14219 (XSS (persistent) on the Intelbras Wireless N 150Mbps router with firmw ...)
 	NOT-FOR-US: Intelbras Wireless N 150Mbps router
 CVE-2017-14218
 	RESERVED
@@ -12498,66 +12498,66 @@ CVE-2017-14200
 	RESERVED
 CVE-2017-14199
 	RESERVED
-CVE-2017-14198
+CVE-2017-14198 (An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x befor ...)
 	NOT-FOR-US: Squiz Matrix
-CVE-2017-14197
+CVE-2017-14197 (An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x befor ...)
 	NOT-FOR-US: Squiz Matrix
-CVE-2017-14196
+CVE-2017-14196 (An issue was discovered in Squiz Matrix from 5.3 through to 5.3.6.1 an ...)
 	NOT-FOR-US: Squiz Matrix
-CVE-2017-14195
+CVE-2017-14195 (The call_msg function in controllers/Form.php in dayrui FineCms 5.0.11 ...)
 	NOT-FOR-US: dayrui FineCms
-CVE-2017-14194
+CVE-2017-14194 (The out function in controllers/member/Login.php in dayrui FineCms 5.0 ...)
 	NOT-FOR-US: dayrui FineCms
-CVE-2017-14193
+CVE-2017-14193 (The oauth function in controllers/member/api.php in dayrui FineCms 5.0 ...)
 	NOT-FOR-US: dayrui FineCms
-CVE-2017-14192
+CVE-2017-14192 (The checktitle function in controllers/member/api.php in dayrui FineCm ...)
 	NOT-FOR-US: dayrui FineCms
-CVE-2017-14191
+CVE-2017-14191 (An Improper Access Control vulnerability in Fortinet FortiWeb 5.6.0 an ...)
 	NOT-FOR-US: Fortinet
-CVE-2017-14190
+CVE-2017-14190 (A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6. ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-14189
+CVE-2017-14189 (An improper access control vulnerability in Fortinet FortiWebManager 5 ...)
 	NOT-FOR-US: Fortinet
 CVE-2017-14188
 	RESERVED
-CVE-2017-14187
+CVE-2017-14187 (A local privilege escalation and local code execution vulnerability in ...)
 	NOT-FOR-US: Fortinet
-CVE-2017-14186
+CVE-2017-14186 (A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 5.6.0 t ...)
 	NOT-FOR-US: Fortinet
-CVE-2017-14185
+CVE-2017-14185 (An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5 ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-14184
+CVE-2017-14184 (An Information Disclosure vulnerability in Fortinet FortiClient for Wi ...)
 	NOT-FOR-US: Fortinet
 CVE-2017-14183
 	RESERVED
-CVE-2017-14182
+CVE-2017-14182 (A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to 5 ...)
 	NOT-FOR-US: Fortinet
-CVE-2017-14180
+CVE-2017-14180 (Apport 2.13 through 2.20.7 does not properly handle crashes originatin ...)
 	[experimental] - apport <unfixed>
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, to have an explicit reference for apport if it ever enters unstable
-CVE-2017-14179
+CVE-2017-14179 (Apport before 2.13 does not properly handle crashes originating from a ...)
 	[experimental] - apport <unfixed>
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, to have an explicit reference for apport if it ever enters unstable
-CVE-2017-14178
+CVE-2017-14178 (In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to  ...)
 	- snapd 2.30-1
 	[stretch] - snapd <not-affected> (Issue introduced in 2.27)
 	NOTE: https://launchpad.net/bugs/1730255
-CVE-2017-14177
+CVE-2017-14177 (Apport through 2.20.7 does not properly handle core dumps from setuid  ...)
 	[experimental] - apport <unfixed>
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, to have an explicit reference for apport if it ever enters unstable
-CVE-2017-14181
+CVE-2017-14181 (DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 ...)
 	NOT-FOR-US: aacplusenc
-CVE-2017-14175
+CVE-2017-14175 (In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() du ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875502)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/712
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/b8c63b156bf26b52e710b1a0643c846a6cd01e56
-CVE-2017-14174
+CVE-2017-14174 (In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInte ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875503)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -12565,31 +12565,31 @@ CVE-2017-14174
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/714
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f68a98a9d385838a1c73ec960a14102949940a64
-CVE-2017-14173
+CVE-2017-14173 (In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10 ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875504)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/713
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/48bcf7c39302cdf9b0d9202ad03bf1b95152c44d
-CVE-2017-14172
+CVE-2017-14172 (In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due  ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875506)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/715
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8598a497e2d1f556a34458cf54b40ba40674734c
-CVE-2017-14171
+CVE-2017-14171 (In libavformat/nsvdec.c in FFmpeg 3.3.3, a DoS in nsv_parse_NSVf_heade ...)
 	{DSA-3996-1 DLA-1630-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/c24bcb553650b91e9eff15ef6e54ca73de2453b7
-CVE-2017-14170
+CVE-2017-14170 (In libavformat/mxfdec.c in FFmpeg 3.3.3, a DoS in mxf_read_index_entry ...)
 	{DSA-3996-1 DLA-1630-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/900f39692ca0337a98a7cf047e4e2611071810c2
-CVE-2017-14169
+CVE-2017-14169 (In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg ...)
 	{DSA-3996-1 DLA-1654-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
@@ -12598,30 +12598,30 @@ CVE-2017-14169
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/9d00fb9d70ee8c0cc7002b89318c5be00f1bbdad
 CVE-2017-14168
 	RESERVED
-CVE-2017-14167
+CVE-2017-14167 (Integer overflow in the load_multiboot function in hw/i386/multiboot.c ...)
 	{DSA-3991-1 DLA-1497-1 DLA-1129-1 DLA-1128-1}
 	- qemu 1:2.10.0-1 (bug #874606)
 	- qemu-kvm <removed>
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01483.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1489375
-CVE-2017-14163
+CVE-2017-14163 (An issue was discovered in Mahara before 15.04.14, 16.x before 16.04.8 ...)
 	- mahara <removed>
 CVE-2017-14162
 	RESERVED
 CVE-2017-14161
 	RESERVED
-CVE-2017-14166
+CVE-2017-14166 (libarchive 3.3.2 allows remote attackers to cause a denial of service  ...)
 	{DSA-4360-1 DLA-1600-1 DLA-1092-1}
 	- libarchive 3.2.2-3.1 (bug #874539)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/06/5
 	NOTE: https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71
 	NOTE: https://github.com/libarchive/libarchive/issues/935
-CVE-2017-14165
+CVE-2017-14165 (The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has ...)
 	- graphicsmagick 1.3.26-9 (unimportant; bug #874724)
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/493da54370aa
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/06/4
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/442/
-CVE-2017-14160
+CVE-2017-14160 (The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5  ...)
 	- libvorbis 1.3.6-2 (bug #876780)
 	[stretch] - libvorbis <no-dsa> (Minor issue)
 	[jessie] - libvorbis <no-dsa> (Minor issue)
@@ -12630,34 +12630,34 @@ CVE-2017-14160
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/21/3
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2330
 	NOTE: Upstream fix: https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25
-CVE-2017-14176
+CVE-2017-14176 (Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attac ...)
 	{DSA-4052-1 DLA-1107-1}
 	- bzr 2.7.0+bzr6622-7 (bug #874429)
 	- breezy 3.0.0~bzr6772-1
 	NOTE: https://bugs.launchpad.net/bzr/+bug/1710979
-CVE-2017-14159
+CVE-2017-14159 (slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping ...)
 	- openldap <unfixed> (unimportant)
 	NOTE: http://www.openldap.org/its/index.cgi?findid=8703
 	NOTE: Negligible security impact, but filed #877512
-CVE-2017-14158
+CVE-2017-14158 (Scrapy 1.4 allows remote attackers to cause a denial of service (memor ...)
 	- python-scrapy <unfixed> (unimportant; bug #875947)
 	NOTE: http://blog.csdn.net/wangtua/article/details/75228728
 	NOTE: https://github.com/scrapy/scrapy/issues/482
 	NOTE: Negligable security impact
 CVE-2017-14157
 	RESERVED
-CVE-2017-14156
+CVE-2017-14156 (The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in th ...)
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.13-1 (low)
 CVE-2017-14155
 	RESERVED
 CVE-2017-14154
 	RESERVED
-CVE-2017-14153
+CVE-2017-14153 (This vulnerability allows local attackers to escalate privileges on Ju ...)
 	NOT-FOR-US: Jungo WinDriver
-CVE-2017-14164
+CVE-2017-14164 (A size-validation issue was discovered in opj_j2k_write_sot in lib/ope ...)
 	- openjpeg2 <not-affected> (Incomplete fix for CVE-2017-14152 not applied)
-CVE-2017-14152
+CVE-2017-14152 (A mishandled zero case was discovered in opj_j2k_set_cinema_parameters ...)
 	{DSA-4013-1}
 	- openjpeg2 2.3.0-1 (bug #874431)
 	NOTE: https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c/
@@ -12667,25 +12667,25 @@ CVE-2017-14152
 	NOTE: commit:
 	NOTE: https://github.com/uclouvain/openjpeg/commit/dcac91b8c72f743bda7dbfa9032356bc8110098a
 	NOTE: to not make openjpeg2 vulnerable to CVE-2017-14164.
-CVE-2017-14151
+CVE-2017-14151 (An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_ ...)
 	- openjpeg2 2.3.0-1 (bug #874430)
 	[stretch] - openjpeg2 2.1.2-1.1+deb9u2
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later, see #874430)
 	NOTE: https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_mqc_flush-mqc-c/
 	NOTE: https://github.com/uclouvain/openjpeg/commit/afb308b9ccbe129608c9205cf3bb39bbefad90b9
 	NOTE: https://github.com/uclouvain/openjpeg/issues/982
-CVE-2017-1000254
+CVE-2017-1000254 (libcurl may read outside of a heap allocated buffer when doing FTP. Wh ...)
 	{DSA-3992-1 DLA-1121-1}
 	- curl 7.56.1-1 (bug #877671)
 	NOTE: https://curl.haxx.se/docs/adv_20171004.html
 	NOTE: Patch: https://curl.haxx.se/CVE-2017-1000254.patch
 	NOTE: Introduced by: https://github.com/curl/curl/commit/415d2e7cb7
 	NOTE: Upstream fix: https://github.com/curl/curl/commit/5ff2c5ff25750aba1a8f64fbcad8e5b891512584
-CVE-2017-1000253
+CVE-2017-1000253 (Linux distributions that have not patched their long-term kernels with ...)
 	- linux 4.0.2-1
 	[jessie] - linux 3.16.7-ckt11-1
 	[wheezy] - linux 3.2.71-1
-CVE-2017-1000252
+CVE-2017-1000252 (The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS u ...)
 	- linux 4.12.13-1
 	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -12693,18 +12693,18 @@ CVE-2017-1000252
 	NOTE: Fixed by: https://git.kernel.org/linus/3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb (v4.14-rc1)
 	NOTE: https://marc.info/?l=kvm&m=150549145711115&w=2
 	NOTE: https://marc.info/?l=kvm&m=150549146311117&w=2
-CVE-2017-1000251
+CVE-2017-1000251 (The native Bluetooth stack in the Linux Kernel (BlueZ), starting at th ...)
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.13-1 (bug #875881)
 	NOTE: Fixed by: https://git.kernel.org/linus/e860d2c904d1a9f38a24eb44c9f34b8f915a6ea3
 	NOTE: https://www.armis.com/blueborne/
 	NOTE: https://access.redhat.com/security/vulnerabilities/blueborne
-CVE-2017-1000250
+CVE-2017-1000250 (All versions of the SDP server in BlueZ 5.46 and earlier are vulnerabl ...)
 	{DSA-3972-1 DLA-1103-1}
 	- bluez 5.46-1 (bug #875633)
 	NOTE: https://www.armis.com/blueborne/
 	NOTE: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=9e009647b14e810e06626dde7f1bb9ea3c375d09
-CVE-2017-1000249
+CVE-2017-1000249 (An issue in file() was introduced in commit 9611f31313a93aa036389c5f3b ...)
 	{DSA-3965-1}
 	- file 1:5.32-1
 	[jessie] - file <not-affected> (Vulnerable code introduced later)
@@ -12713,56 +12713,56 @@ CVE-2017-1000249
 	NOTE: Introduced by: https://github.com/file/file/commit/9611f31313a93aa036389c5f3b15eea53510d4d1
 CVE-2017-14150
 	RESERVED
-CVE-2017-14149
+CVE-2017-14149 (GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the webs ...)
 	NOT-FOR-US: GoAhead
 CVE-2017-14148
 	RESERVED
-CVE-2017-14147
+CVE-2017-14147 (An issue was discovered on FiberHome User End Routers Bearing Model Nu ...)
 	NOT-FOR-US: FiberHome
-CVE-2017-14146
+CVE-2017-14146 (HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary  ...)
 	NOT-FOR-US: HelpDEZk
-CVE-2017-14145
+CVE-2017-14145 (HelpDEZk 1.1.1 has SQL Injection in app\modules\admin\controllers\logi ...)
 	NOT-FOR-US: HelpDEZk
 CVE-2017-14144
 	RESERVED
-CVE-2017-14143
+CVE-2017-14143 (The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcod ...)
 	NOT-FOR-US: Kaltura
-CVE-2017-14142
+CVE-2017-14142 (Multiple cross-site scripting (XSS) vulnerabilities in Kaltura before  ...)
 	NOT-FOR-US: Kaltura
-CVE-2017-14141
+CVE-2017-14141 (The wiki_decode Developer System Helper function in the admin panel in ...)
 	NOT-FOR-US: Kaltura
-CVE-2017-14140
+CVE-2017-14140 (The move_pages system call in mm/migrate.c in the Linux kernel before  ...)
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.12-1
 	NOTE: Fixed by: https://git.kernel.org/linus/197e7e521384a23b9e585178f3f11c9fa08274b9
-CVE-2017-14139
+CVE-2017-14139 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage i ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/578
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/955bd1008a5371bbd1b8db0a1e41e333ebfc63ef
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/dbe0008c6fa225d01085ca86f3e425c306ee6240
 	NOTE: Requires: https://github.com/ImageMagick/ImageMagick/commit/d426a1dc84cfdafdac67bdb2a1ecc6e1798053e6
 	NOTE: Requires: https://github.com/ImageMagick/ImageMagick/commit/0dfce0579c881245e495aa2d8d114e63b96a860e
-CVE-2017-14138
+CVE-2017-14138 (ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage i ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/639
-CVE-2017-14137
+CVE-2017-14137 (ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue whe ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/641
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cb63560ba25e4a6c51ab282538c24877fff7d471
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/cfc2bd4c87481d4cf60308cc6ffd3c61288ff004
 	NOTE: ImageMagick in Debian not compiled with webp support (--with-webp=yes)
-CVE-2017-14136
+CVE-2017-14136 (OpenCV (Open Source Computer Vision Library) 3.3 has an out-of-bounds  ...)
 	- opencv <not-affected> (Incomplete patch never shipped)
 	NOTE: https://github.com/opencv/opencv/issues/9443
 	NOTE: https://github.com/opencv/opencv/pull/9448
-CVE-2017-14135
+CVE-2017-14135 (enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the we ...)
 	NOT-FOR-US: webadmin plugin for opendreambox
-CVE-2017-14134
+CVE-2017-14134 (A Reflected XSS Vulnerability affects the forgotten password page of M ...)
 	NOT-FOR-US: Maplesoft Maple
 CVE-2017-14133
 	RESERVED
-CVE-2017-14132
+CVE-2017-14132 (JasPer 2.0.13 allows remote attackers to cause a denial of service (he ...)
 	{DLA-1583-1}
 	- jasper <removed> (low)
 	[wheezy] - jasper <ignored> (Minor issue)
@@ -12770,63 +12770,63 @@ CVE-2017-14132
 	NOTE: The suggested fix by thoger addresses the reported issue.
 CVE-2017-14131
 	RESERVED
-CVE-2017-14130
+CVE-2017-14130 (The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary Fi ...)
 	- binutils 2.29-9 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22058
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a143b99fc4a5094a9cf128f3184d8e6818c8229
-CVE-2017-14129
+CVE-2017-14129 (The read_section function in dwarf2.c in the Binary File Descriptor (B ...)
 	- binutils 2.29-10 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22047
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e4f2723003859dc6b33ca0dadbc4a7659ebf1643
-CVE-2017-14128
+CVE-2017-14128 (The decode_line_info function in dwarf2.c in the Binary File Descripto ...)
 	- binutils 2.29-9 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22059
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7e8b60085eb3e6f2c41bc0c00c0d759fa7f72780
-CVE-2017-14127
+CVE-2017-14127 (Command Injection in the Ping Module in the Web Interface on Technicol ...)
 	NOT-FOR-US: Technicolor
-CVE-2017-14126
+CVE-2017-14126 (The Participants Database plugin before 1.7.5.10 for WordPress has XSS ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-14125
+CVE-2017-14125 (SQL injection vulnerability in the Responsive Image Gallery plugin bef ...)
 	NOT-FOR-US: Responsive Image Gallery plugin for WordPress
-CVE-2017-14124
+CVE-2017-14124 (In eLux RP 5.x before 5.5.1000 LTSR and 5.6.x before 5.6.2 CR when cla ...)
 	NOT-FOR-US: eLux
-CVE-2017-14123
+CVE-2017-14123 (Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upl ...)
 	NOT-FOR-US: Zoho ManageEngine
-CVE-2017-14122
+CVE-2017-14122 (unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based b ...)
 	- unrar-free 1:0.0.1+cvs20140707-4 (unimportant; bug #874060)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/20/1
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-14121
+CVE-2017-14121 (The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free ...)
 	- unrar-free 1:0.0.1+cvs20140707-4 (unimportant; bug #874061)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/20/1
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-14120
+CVE-2017-14120 (unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a directory tra ...)
 	{DLA-1091-1}
 	- unrar-free 1:0.0.1+cvs20140707-2 (bug #874059)
 	[stretch] - unrar-free <no-dsa> (Minor issue)
 	[jessie] - unrar-free <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/20/1
 	NOTE: Proposed patch: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=874059;filename=874059.diff.txt;msg=29
-CVE-2017-14119
+CVE-2017-14119 (In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14118
+CVE-2017-14118 (In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14117
+CVE-2017-14117 (The AT&amp;T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG5 ...)
 	NOT-FOR-US: Arris
-CVE-2017-14116
+CVE-2017-14116 (The AT&amp;T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device,  ...)
 	NOT-FOR-US: Arris
-CVE-2017-14115
+CVE-2017-14115 (The AT&amp;T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG5 ...)
 	NOT-FOR-US: Arris
-CVE-2017-14114
+CVE-2017-14114 (RTPproxy through 2.2.alpha.20160822 has a NAT feature that results in  ...)
 	- rtpproxy <unfixed> (unimportant; bug #874070)
 	NOTE: https://rtpbleed.com/
 	NOTE: https://github.com/sippy/rtpproxy/issues/70
@@ -12835,25 +12835,25 @@ CVE-2017-14113
 	REJECTED
 CVE-2017-14112
 	RESERVED
-CVE-2017-14111
+CVE-2017-14111 (The workstation logging function in Philips IntelliSpace Cardiovascula ...)
 	NOT-FOR-US: Philips IntelliSpace Cardiovascular and Xcelera
 CVE-2017-14110
 	RESERVED
-CVE-2017-1000201
+CVE-2017-1000201 (The tcmu-runner daemon in tcmu-runner version 1.0.5 to 1.2.0 is vulner ...)
 	NOT-FOR-US: tcmu-runner
-CVE-2017-1000200
+CVE-2017-1000200 (tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered N ...)
 	NOT-FOR-US: tcmu-runner
-CVE-2017-1000199
+CVE-2017-1000199 (tcmu-runner version 0.91 up to 1.20 is vulnerable to information discl ...)
 	NOT-FOR-US: tcmu-runner
-CVE-2017-1000198
+CVE-2017-1000198 (tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid mem ...)
 	NOT-FOR-US: tcmu-runner
 CVE-2017-14109
 	RESERVED
-CVE-2017-14108
+CVE-2017-14108 (libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to ca ...)
 	- gedit <unfixed> (unimportant; bug #875311)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=791037
 	NOTE: negligible security impact
-CVE-2017-14107
+CVE-2017-14107 (The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mis ...)
 	[experimental] - libzip 1.3.0+dfsg.1-1
 	- libzip 1.5.1-3 (low; bug #874010)
 	[stretch] - libzip <no-dsa> (Minor issue)
@@ -12865,15 +12865,15 @@ CVE-2017-14107
 	NOTE: https://github.com/nih-at/libzip/commit/9b46957ec98d85a572e9ef98301247f39338a3b5
 	NOTE: PHP commit: https://github.com/php/php-src/commit/f6e8ce812174343b5c9fd1860f9e2e2864428567
 	NOTE: Marked as unimportant, php5 uses system libzip since 5.4.5-1
-CVE-2017-14105
+CVE-2017-14105 (HiveManager Classic through 8.1r1 allows arbitrary JSP code execution  ...)
 	NOT-FOR-US: HiveManager
 CVE-2017-14104
 	RESERVED
-CVE-2017-14106
+CVE-2017-14106 (The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel befo ...)
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/499350a5a6e7512d9ed369ed63a4244b6536f4f8 (v4.12-rc3)
-CVE-2017-14103
+CVE-2017-14103 (The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in Grap ...)
 	{DLA-1130-1}
 	- graphicsmagick 1.3.26-8
 	[stretch] - graphicsmagick <not-affected> (Incomplete fix for CVE-2017-11403 not applied)
@@ -12881,78 +12881,78 @@ CVE-2017-14103
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/98721124e51f
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/01/6
 	NOTE: https://blogs.gentoo.org/ago/2017/07/12/graphicsmagick-use-after-free-in-closeblob-blob-c/
-CVE-2017-14102
+CVE-2017-14102 (MIMEDefang 2.80 and earlier creates a PID file after dropping privileg ...)
 	- mimedefang 2.83-1 (bug #877363)
 	[stretch] - mimedefang <no-dsa> (Minor issue)
 	[jessie] - mimedefang <no-dsa> (Minor issue)
 	[wheezy] - mimedefang <ignored> (Minor issue only exploitable if daemon is compromised in some other way)
 	NOTE: http://lists.roaringpenguin.com/pipermail/mimedefang/2017-August/038077.html
 	NOTE: http://lists.roaringpenguin.com/pipermail/mimedefang/2017-August/038085.html
-CVE-2017-14101
+CVE-2017-14101 (A security researcher found an XML External Entity (XXE) vulnerability ...)
 	NOT-FOR-US: Conserus Image Repository
-CVE-2017-14097
+CVE-2017-14097 (An improper access control vulnerability in Trend Micro Smart Protecti ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-14096
+CVE-2017-14096 (A stored cross site scripting (XSS) vulnerability in Trend Micro Smart ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-14095
+CVE-2017-14095 (A vulnerability in Trend Micro Smart Protection Server (Standalone) ve ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-14094
+CVE-2017-14094 (A vulnerability in Trend Micro Smart Protection Server (Standalone) ve ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-14093
+CVE-2017-14093 (The Log Query and Quarantine Query pages in Trend Micro ScanMail for E ...)
 	NOT-FOR-US: Trend Micro ScanMail for Exchange
-CVE-2017-14092
+CVE-2017-14092 (The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 1 ...)
 	NOT-FOR-US: Trend Micro ScanMail for Exchange
-CVE-2017-14091
+CVE-2017-14091 (A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in wh ...)
 	NOT-FOR-US: Trend Micro ScanMail for Exchange
-CVE-2017-14090
+CVE-2017-14090 (A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in wh ...)
 	NOT-FOR-US: Trend Micro ScanMail for Exchange
-CVE-2017-14089
+CVE-2017-14089 (An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeS ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-14088
+CVE-2017-14088 (Memory Corruption Privilege Escalation vulnerabilities in Trend Micro  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-14087
+CVE-2017-14087 (A Host Header Injection vulnerability in Trend Micro OfficeScan XG (12 ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-14086
+CVE-2017-14086 (Pre-authorization Start Remote Process vulnerabilities in Trend Micro  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-14085
+CVE-2017-14085 (Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-14084
+CVE-2017-14084 (A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Mic ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-14083
+CVE-2017-14083 (A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote un ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-14082
+CVE-2017-14082 (An uninitialized pointer information disclosure vulnerability in Trend ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-14081
+CVE-2017-14081 (Proxy command injection vulnerabilities in Trend Micro Mobile Security ...)
 	NOT-FOR-US: Trend Micro Mobile Security
-CVE-2017-14080
+CVE-2017-14080 (Authentication bypass vulnerability in Trend Micro Mobile Security (En ...)
 	NOT-FOR-US: Trend Micro Mobile Security
-CVE-2017-14079
+CVE-2017-14079 (Unrestricted file uploads in Trend Micro Mobile Security (Enterprise)  ...)
 	NOT-FOR-US: Trend Micro Mobile Security
-CVE-2017-14078
+CVE-2017-14078 (SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterpri ...)
 	NOT-FOR-US: Trend Micro Mobile Security
-CVE-2017-14098
+CVE-2017-14098 (In the pjsip channel driver (res_pjsip) in Asterisk 13.x before 13.17. ...)
 	- asterisk 1:13.17.1~dfsg-1 (bug #873909)
 	[stretch] - asterisk <not-affected> (Vulnerable code not present; issue introduced in 13.15)
 	[jessie] - asterisk <not-affected> (Vulnerable code not present; issue introduced in 13.15)
 	[wheezy] - asterisk <not-affected> (Vulnerable code not present; issue introduced in 13.15)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27152
 	NOTE: Fix: https://gerrit.asterisk.org/#/q/topic:ASTERISK-27152
-CVE-2017-14100
+CVE-2017-14100 (In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before  ...)
 	{DSA-3964-1 DLA-1122-1}
 	- asterisk 1:13.17.1~dfsg-1 (bug #873908)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27103
 	NOTE: Fix: https://gerrit.asterisk.org/#/q/topic:ASTERISK-27103
-CVE-2017-14099
+CVE-2017-14099 (In res/res_rtp_asterisk.c in Asterisk 11.x before 11.25.2, 13.x before ...)
 	{DSA-3964-1}
 	- asterisk 1:13.17.1~dfsg-1 (bug #873907)
 	[wheezy] - asterisk <ignored> (strictrtp option is disabled by default. Too intrusive too backport)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27013
 	NOTE: Fix: https://gerrit.asterisk.org/#/q/topic:ASTERISK-27013
-CVE-2017-14077
+CVE-2017-14077 (HTML Injection in Securimage 3.6.4 and earlier allows remote attackers ...)
 	NOT-FOR-US: Securimage
-CVE-2017-14076
+CVE-2017-14076 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id paramet ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-14075
+CVE-2017-14075 (This vulnerability allows local attackers to escalate privileges on Ju ...)
 	NOT-FOR-US: Jungo WinDriver
 CVE-2017-14074
 	RESERVED
@@ -12962,9 +12962,9 @@ CVE-2017-14072
 	RESERVED
 CVE-2017-14071
 	RESERVED
-CVE-2017-14070
+CVE-2017-14070 (Cross Site Scripting (XSS) exists in NexusPHP 1.5.beta5.20120707 via t ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-14069
+CVE-2017-14069 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the usernw arr ...)
 	NOT-FOR-US: NexusPHP
 CVE-2017-14068
 	RESERVED
@@ -12974,26 +12974,26 @@ CVE-2017-14066
 	RESERVED
 CVE-2017-14065
 	RESERVED
-CVE-2017-14064
+CVE-2017-14064 (Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can e ...)
 	{DSA-3966-1 DLA-1421-1 DLA-1114-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #873906)
 	- ruby2.1 <removed>
 	- ruby1.9.1 <removed>
 	NOTE: https://bugs.ruby-lang.org/issues/13853
 	NOTE: https://github.com/flori/json/commit/8f782fd8e181d9cfe9387ded43a5ca9692266b85
-CVE-2017-14062
+CVE-2017-14062 (Integer overflow in the decode_digit function in puny_decode.c in Libi ...)
 	{DSA-3988-1 DLA-1447-1 DLA-1085-1 DLA-1084-1}
 	- libidn2-0 2.0.2-4 (bug #873902)
 	- libidn 1.33-2 (bug #873903)
 	NOTE: https://gitlab.com/libidn/libidn2/commit/3284eb342cd0ed1a18786e3fcdf0cdd7e76676bd
-CVE-2017-14061
+CVE-2017-14061 (Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2 ...)
 	- libidn2-0 2.0.2-4 (bug #873904)
 	[stretch] - libidn2-0 <not-affected> (Vulnerable code not present)
 	[jessie] - libidn2-0 <not-affected> (Vulnerable code not present)
 	[wheezy] - libidn2-0 <not-affected> (Vulnerable code not present)
 	- libidn <not-affected> (Vulnerable code not present)
 	NOTE: https://gitlab.com/libidn/libidn2/commit/16853b6973a1e72fee2b7cccda85472cb9951305
-CVE-2017-14060
+CVE-2017-14060 (In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present i ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878506)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -13001,52 +13001,52 @@ CVE-2017-14060
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/710
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/c535e1f1a6b1faaa35e007df4fc535ec08daa97c
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5bdfef29f5e6744f36f25ec04583c6b6f4a13b48
-CVE-2017-14059
+CVE-2017-14059 (In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF che ...)
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/7e80b63ecd259d69d383623e75b318bf2bd491f6
-CVE-2017-14058
+CVE-2017-14058 (In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not  ...)
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/7ec414892ddcad88313848494b6fc5f437c9ca4a
-CVE-2017-14057
+CVE-2017-14057 (In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End ...)
 	{DSA-3996-1 DLA-1630-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/7f9ec5593e04827249e7aeb466da06a98a0d7329
 	NOTE: libav: The vulnerable code is in asfdec.c.
-CVE-2017-14056
+CVE-2017-14056 (In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due t ...)
 	{DSA-3996-1 DLA-1630-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/96f24d1bee7fe7bac08e2b7c74db1a046c9dc0de
-CVE-2017-14055
+CVE-2017-14055 (In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due  ...)
 	{DSA-3996-1 DLA-1630-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/4f05e2e2dc1a89f38cd9f0960a6561083d714f1e
-CVE-2017-14054
+CVE-2017-14054 (In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due ...)
 	{DSA-3996-1}
 	- ffmpeg 7:3.3.4-1 (low)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/124eb202e70678539544f6268efc98131f19fa49
-CVE-2017-14053
+CVE-2017-14053 (NetApp OnCommand Unified Manager for Clustered Data ONTAP before 7.2P1 ...)
 	NOT-FOR-US: NetApp
 CVE-2017-14052
 	RESERVED
-CVE-2017-14063
+CVE-2017-14063 (Async Http Client (aka async-http-client) before 2.0.35 can be tricked ...)
 	- async-http-client <not-affected> (Vulnerable code introduced later after port to new Request API)
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/issues/1455
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/commit/eb9e3347e45319be494db24d285a2aee4396f5d3
-CVE-2017-14050
+CVE-2017-14050 (In BlackCat CMS 1.2, backend/addons/install.php allows remote authenti ...)
 	NOT-FOR-US: BlackCat CMS
-CVE-2017-14049
+CVE-2017-14049 (In BlackCat CMS 1.2, backend/settings/ajax_save_settings.php allows re ...)
 	NOT-FOR-US: BlackCat CMS
-CVE-2017-14048
+CVE-2017-14048 (BlackCat CMS 1.2 allows remote authenticated users to inject arbitrary ...)
 	NOT-FOR-US: BlackCat CMS
 CVE-2017-14047
 	RESERVED
@@ -13058,15 +13058,15 @@ CVE-2017-14044
 	RESERVED
 CVE-2017-14043
 	RESERVED
-CVE-2017-14038
+CVE-2017-14038 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerabilit ...)
 	NOT-FOR-US: CrushFTP
-CVE-2017-14037
+CVE-2017-14037 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header vulnerab ...)
 	NOT-FOR-US: CrushFTP
-CVE-2017-14036
+CVE-2017-14036 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has XSS. ...)
 	NOT-FOR-US: CrushFTP
-CVE-2017-14035
+CVE-2017-14035 (CrushFTP 8.x before 8.2.0 has a serialization vulnerability. ...)
 	NOT-FOR-US: CrushFTP
-CVE-2017-14051
+CVE-2017-14051 (An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in  ...)
 	{DLA-1200-1}
 	- linux 4.12.13-1 (unimportant)
 	[stretch] - linux 4.9.30-2+deb9u5
@@ -13074,10 +13074,10 @@ CVE-2017-14051
 	NOTE: Fixed by: https://git.kernel.org/linus/e6f77540c067b48dee10f1e33678415bfcc89017
 	NOTE: https://patchwork.kernel.org/patch/9929625/
 	NOTE: Non issue, only "exploitable" with root access
-CVE-2017-14034
+CVE-2017-14034 (The restore_tqb_pixels function in hevc_filter.c in libavcodec, as use ...)
 	NOT-FOR-US: libbpg
 	NOTE: Issue 3 from https://github.com/ebel34/bpg-web-encoder/issues/1
-CVE-2017-14033
+CVE-2017-14033 (The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, 2. ...)
 	{DSA-4031-1 DLA-1421-1 DLA-1114-1}
 	- ruby2.3 2.3.5-1 (bug #875928)
 	- ruby2.1 <removed>
@@ -13086,106 +13086,106 @@ CVE-2017-14033
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1058757
 	NOTE: https://www.ruby-lang.org/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/
 	NOTE: https://github.com/ruby/openssl/commit/1648afef33c1d97fb203c82291b8a61269e85d3b
-CVE-2017-14031
+CVE-2017-14031 (An Improper Access Control issue was discovered in Trihedral VTScada 1 ...)
 	NOT-FOR-US: Trihedral VTScada
-CVE-2017-14030
+CVE-2017-14030 (An issue was discovered in Moxa MXview v2.8 and prior. The unquoted se ...)
 	NOT-FOR-US: Moxa MXview
-CVE-2017-14029
+CVE-2017-14029 (An Uncontrolled Search Path Element issue was discovered in Trihedral  ...)
 	NOT-FOR-US: Trihedral VTScada
-CVE-2017-14028
+CVE-2017-14028 (A Resource Exhaustion issue was discovered in Moxa NPort 5110 Version  ...)
 	NOT-FOR-US: Moxa
-CVE-2017-14027
+CVE-2017-14027 (A Use of Hard-coded Credentials issue was discovered in Korenix JetNet ...)
 	NOT-FOR-US: Korenix
-CVE-2017-14026
+CVE-2017-14026 (In Ice Qube Thermal Management Center versions prior to version 4.13,  ...)
 	NOT-FOR-US: Ice Qube Thermal Management Center
-CVE-2017-14025
+CVE-2017-14025 (An Improper Input Validation issue was discovered in ABB FOX515T relea ...)
 	NOT-FOR-US: ABB FOX515T
-CVE-2017-14024
+CVE-2017-14024 (A Stack-based Buffer Overflow issue was discovered in Schneider Electr ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-14023
+CVE-2017-14023 (An Improper Input Validation issue was discovered in Siemens SIMATIC P ...)
 	NOT-FOR-US: Siemens
-CVE-2017-14022
+CVE-2017-14022 (An Improper Input Validation issue was discovered in Rockwell Automati ...)
 	NOT-FOR-US: Rockwell Automation FactoryTalk Alarms and Events
-CVE-2017-14021
+CVE-2017-14021 (A Use of Hard-coded Cryptographic Key issue was discovered in Korenix  ...)
 	NOT-FOR-US: Korenix
-CVE-2017-14020
+CVE-2017-14020 (In AutomationDirect CLICK Programming Software (Part Number C0-PGMSW)  ...)
 	NOT-FOR-US: AutomationDirect
-CVE-2017-14019
+CVE-2017-14019 (An Unquoted Search Path or Element issue was discovered in Progea Movi ...)
 	NOT-FOR-US: Progea Movicon
-CVE-2017-14018
+CVE-2017-14018 (An improper authentication issue was discovered in Johnson &amp; Johns ...)
 	NOT-FOR-US: Johnson & Johnson Ethicon Endo-Surgery Generator Gen11
-CVE-2017-14017
+CVE-2017-14017 (An Uncontrolled Search Path Element issue was discovered in Progea Mov ...)
 	NOT-FOR-US: Progea Movicon
-CVE-2017-14016
+CVE-2017-14016 (A Stack-based Buffer Overflow issue was discovered in Advantech WebAcc ...)
 	NOT-FOR-US: Advantech
 CVE-2017-14015
 	RESERVED
-CVE-2017-14014
+CVE-2017-14014 (Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded crypt ...)
 	NOT-FOR-US: Boston Scientific ZOOM LATITUDE PRM Model 3120
-CVE-2017-14013
+CVE-2017-14013 (A Client-Side Enforcement of Server-Side Security issue was discovered ...)
 	NOT-FOR-US: ProMinent MultiFLEX M10a Controller
-CVE-2017-14012
+CVE-2017-14012 (Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at ...)
 	NOT-FOR-US: Boston Scientific ZOOM LATITUDE PRM Model 3120
-CVE-2017-14011
+CVE-2017-14011 (A Cross-Site Request Forgery issue was discovered in ProMinent MultiFL ...)
 	NOT-FOR-US: ProMinent MultiFLEX M10a Controller
-CVE-2017-14010
+CVE-2017-14010 (In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions  ...)
 	NOT-FOR-US: SpiderControl
-CVE-2017-14009
+CVE-2017-14009 (An Information Exposure issue was discovered in ProMinent MultiFLEX M1 ...)
 	NOT-FOR-US: ProMinent MultiFLEX M10a Controller
-CVE-2017-14008
+CVE-2017-14008 (GE Centricity PACS RA1000, diagnostic image analysis, all current vers ...)
 	NOT-FOR-US: GE Centricity PACS RA1000
-CVE-2017-14007
+CVE-2017-14007 (An Insufficient Session Expiration issue was discovered in ProMinent M ...)
 	NOT-FOR-US: ProMinent MultiFLEX M10a Controller
-CVE-2017-14006
+CVE-2017-14006 (GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all  ...)
 	NOT-FOR-US: GE Xeleris
-CVE-2017-14005
+CVE-2017-14005 (An Unverified Password Change issue was discovered in ProMinent MultiF ...)
 	NOT-FOR-US: ProMinent MultiFLEX M10a Controller
-CVE-2017-14004
+CVE-2017-14004 (GE GEMNet License server (EchoServer) all current versions are affecte ...)
 	NOT-FOR-US: GE GEMNet License server
-CVE-2017-14003
+CVE-2017-14003 (An Authentication Bypass by Spoofing issue was discovered in LAVA Ethe ...)
 	NOT-FOR-US: LAVA Ether-Serial Link
-CVE-2017-14002
+CVE-2017-14002 (GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current  ...)
 	NOT-FOR-US: GE Infinia/Infinia with Hawkeye 4 medical imaging systems
-CVE-2017-14001
+CVE-2017-14001 (An Improper Neutralization of Special Elements used in an OS Command i ...)
 	NOT-FOR-US: Asterisk GUI
 	NOTE: Different from standard asterisk: https://wiki.asterisk.org/wiki/display/AST/Asterisk+GUI
-CVE-2017-14000
+CVE-2017-14000 (An Improper Authentication issue was discovered in Ctek SkyRouter Seri ...)
 	NOT-FOR-US: Ctek SkyRouter
-CVE-2017-13999
+CVE-2017-13999 (A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studi ...)
 	NOT-FOR-US: WECON LEVI Studio HMI Editor
-CVE-2017-13998
+CVE-2017-13998 (An Insufficiently Protected Credentials issue was discovered in LOYTEC ...)
 	NOT-FOR-US: LOYTEC LVIS-3ME
-CVE-2017-13997
+CVE-2017-13997 (A Missing Authentication for Critical Function issue was discovered in ...)
 	NOT-FOR-US: Schneider
-CVE-2017-13996
+CVE-2017-13996 (A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME vers ...)
 	NOT-FOR-US: LOYTEC LVIS-3ME
-CVE-2017-13995
+CVE-2017-13995 (An Improper Authentication issue was discovered in iniNet Solutions in ...)
 	NOT-FOR-US: iniNet Solutions iniNet Webserver
-CVE-2017-13994
+CVE-2017-13994 (A Cross-site Scripting issue was discovered in LOYTEC LVIS-3ME version ...)
 	NOT-FOR-US: LOYTEC LVIS-3ME
-CVE-2017-13993
+CVE-2017-13993 (An Uncontrolled Search Path or Element issue was discovered in i-SENS  ...)
 	NOT-FOR-US: i-SENS SmartLog Diabetes Management Software
-CVE-2017-13992
+CVE-2017-13992 (An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versio ...)
 	NOT-FOR-US: LOYTEC LVIS-3ME
-CVE-2017-13991
+CVE-2017-13991 (An information leakage vulnerability in ArcSight ESM and ArcSight ESM  ...)
 	NOT-FOR-US: ArcSight
-CVE-2017-13990
+CVE-2017-13990 (An information leakage vulnerability in ArcSight ESM and ArcSight ESM  ...)
 	NOT-FOR-US: ArcSight
-CVE-2017-13989
+CVE-2017-13989 (An improper access control vulnerability in ArcSight ESM and ArcSight  ...)
 	NOT-FOR-US: ArcSight
-CVE-2017-13988
+CVE-2017-13988 (An improper access control vulnerability in ArcSight ESM and ArcSight  ...)
 	NOT-FOR-US: ArcSight
-CVE-2017-13987
+CVE-2017-13987 (An insufficient access control vulnerability in ArcSight ESM and ArcSi ...)
 	NOT-FOR-US: ArcSight
-CVE-2017-13986
+CVE-2017-13986 (A reflected Cross-Site Scripting(XSS) vulnerability in ArcSight ESM an ...)
 	NOT-FOR-US: ArcSight
-CVE-2017-13985
+CVE-2017-13985 (An authentication vulnerability in HPE BSM Platform Application Perfor ...)
 	NOT-FOR-US: HP
-CVE-2017-13984
+CVE-2017-13984 (An authentication vulnerability in HPE BSM Platform Application Perfor ...)
 	NOT-FOR-US: HP
-CVE-2017-13983
+CVE-2017-13983 (An authentication vulnerability in HPE BSM Platform Application Perfor ...)
 	NOT-FOR-US: HP
-CVE-2017-13982
+CVE-2017-13982 (A directory traversal vulnerability in HPE BSM Platform Application Pe ...)
 	NOT-FOR-US: HP
 CVE-2017-13981
 	RESERVED
@@ -13341,9 +13341,9 @@ CVE-2017-13906
 	RESERVED
 CVE-2017-13905
 	RESERVED
-CVE-2017-13904
+CVE-2017-13904 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13903
+CVE-2017-13903 (An issue was discovered in certain Apple products. iOS before 11.2.1 i ...)
 	NOT-FOR-US: Apple
 CVE-2017-13902
 	RESERVED
@@ -13367,29 +13367,29 @@ CVE-2017-13893
 	RESERVED
 CVE-2017-13892
 	RESERVED
-CVE-2017-13891
+CVE-2017-13891 (In iOS before 11.2, an inconsistent user interface issue was addressed ...)
 	NOT-FOR-US: Apple
-CVE-2017-13890
+CVE-2017-13890 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13889
+CVE-2017-13889 (In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra,  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13888
+CVE-2017-13888 (In iOS before 11.2, a type confusion issue was addressed with improved ...)
 	NOT-FOR-US: Apple
-CVE-2017-13887
+CVE-2017-13887 (In macOS High Sierra before 10.13.2, a logic issue existed in APFS whe ...)
 	NOT-FOR-US: Apple
-CVE-2017-13886
+CVE-2017-13886 (In macOS High Sierra before 10.13.2, an access issue existed with priv ...)
 	NOT-FOR-US: Apple
-CVE-2017-13885
+CVE-2017-13885 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2017-13884
+CVE-2017-13884 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2017-13883
+CVE-2017-13883 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
 CVE-2017-13882
 	RESERVED
@@ -13397,239 +13397,239 @@ CVE-2017-13881
 	RESERVED
 CVE-2017-13880
 	RESERVED
-CVE-2017-13879
+CVE-2017-13879 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13878
+CVE-2017-13878 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13877
+CVE-2017-13877 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-13876
+CVE-2017-13876 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13875
+CVE-2017-13875 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13874
+CVE-2017-13874 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13873
+CVE-2017-13873 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-13872
+CVE-2017-13872 (An issue was discovered in certain Apple products. macOS High Sierra b ...)
 	NOT-FOR-US: Apple
-CVE-2017-13871
+CVE-2017-13871 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13870
+CVE-2017-13870 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	- webkit2gtk 2.18.4-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0010.html
 	NOTE: Not covered by security support
-CVE-2017-13869
+CVE-2017-13869 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13868
+CVE-2017-13868 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13867
+CVE-2017-13867 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13866
+CVE-2017-13866 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	- webkit2gtk 2.18.4-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0010.html
 	NOTE: Not covered by security support
-CVE-2017-13865
+CVE-2017-13865 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13864
+CVE-2017-13864 (An issue was discovered in certain Apple products. iCloud before 7.2 o ...)
 	NOT-FOR-US: Apple
-CVE-2017-13863
+CVE-2017-13863 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-13862
+CVE-2017-13862 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13861
+CVE-2017-13861 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13860
+CVE-2017-13860 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
 CVE-2017-13859
 	RESERVED
-CVE-2017-13858
+CVE-2017-13858 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
 CVE-2017-13857
 	RESERVED
-CVE-2017-13856
+CVE-2017-13856 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	- webkit2gtk 2.18.4-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0010.html
 	NOTE: Not covered by security support
-CVE-2017-13855
+CVE-2017-13855 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13854
+CVE-2017-13854 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-13853
+CVE-2017-13853 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13852
+CVE-2017-13852 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13851
+CVE-2017-13851 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13850
+CVE-2017-13850 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13849
+CVE-2017-13849 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13848
+CVE-2017-13848 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13847
+CVE-2017-13847 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13846
+CVE-2017-13846 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Potentially src:pcre3, but Apple doesn't play by the rules
 CVE-2017-13845
 	RESERVED
-CVE-2017-13844
+CVE-2017-13844 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13843
+CVE-2017-13843 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13842
+CVE-2017-13842 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13841
+CVE-2017-13841 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13840
+CVE-2017-13840 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13839
+CVE-2017-13839 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13838
+CVE-2017-13838 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13837
+CVE-2017-13837 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13836
+CVE-2017-13836 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
 CVE-2017-13835
 	RESERVED
-CVE-2017-13834
+CVE-2017-13834 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13833
+CVE-2017-13833 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13832
+CVE-2017-13832 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13831
+CVE-2017-13831 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13830
+CVE-2017-13830 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13829
+CVE-2017-13829 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13828
+CVE-2017-13828 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13827
+CVE-2017-13827 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
 CVE-2017-13826
 	REJECTED
-CVE-2017-13825
+CVE-2017-13825 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13824
+CVE-2017-13824 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13823
+CVE-2017-13823 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13822
+CVE-2017-13822 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13821
+CVE-2017-13821 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13820
+CVE-2017-13820 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13819
+CVE-2017-13819 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13818
+CVE-2017-13818 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13817
+CVE-2017-13817 (An out-of-bounds read issue was discovered in certain Apple products.  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13816
+CVE-2017-13816 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Potentially src:libarchive, but Apple doesn't play by the rules
-CVE-2017-13815
+CVE-2017-13815 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-13814
+CVE-2017-13814 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13813
+CVE-2017-13813 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Potentially src:libarchive, but Apple doesn't play by the rules
-CVE-2017-13812
+CVE-2017-13812 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Potentially src:libarchive, but Apple doesn't play by the rules
-CVE-2017-13811
+CVE-2017-13811 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13810
+CVE-2017-13810 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13809
+CVE-2017-13809 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13808
+CVE-2017-13808 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13807
+CVE-2017-13807 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13806
+CVE-2017-13806 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-13805
+CVE-2017-13805 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13804
+CVE-2017-13804 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13803
+CVE-2017-13803 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.3-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13802
+CVE-2017-13802 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13801
+CVE-2017-13801 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13800
+CVE-2017-13800 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13799
+CVE-2017-13799 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-13798
+CVE-2017-13798 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.3-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13797
+CVE-2017-13797 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	NOT-FOR-US: Apple-specific Webkit change (since not mentioned in webkitgtk releases)
-CVE-2017-13796
+CVE-2017-13796 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13795
+CVE-2017-13795 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13794
+CVE-2017-13794 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13793
+CVE-2017-13793 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13792
+CVE-2017-13792 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13791
+CVE-2017-13791 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13790
+CVE-2017-13790 (An issue was discovered in certain Apple products. Safari before 11.0. ...)
 	NOT-FOR-US: Apple Safari
-CVE-2017-13789
+CVE-2017-13789 (An issue was discovered in certain Apple products. Safari before 11.0. ...)
 	NOT-FOR-US: Apple Safari
-CVE-2017-13788
+CVE-2017-13788 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.3-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
 CVE-2017-13787
 	RESERVED
-CVE-2017-13786
+CVE-2017-13786 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-13785
+CVE-2017-13785 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13784
+CVE-2017-13784 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13783
+CVE-2017-13783 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0009.html
 	NOTE: Not covered by security support
-CVE-2017-13782
+CVE-2017-13782 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
 CVE-2017-13781
 	RESERVED
-CVE-2017-13780
+CVE-2017-13780 (The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows directory tr ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-14032
+CVE-2017-14032 (ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentic ...)
 	{DSA-3967-1}
 	- mbedtls 2.6.0-1 (bug #873557)
 	- polarssl <removed>
@@ -13639,34 +13639,34 @@ CVE-2017-14032
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-02
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/31458a18788b0cf0b722acda9bb2f2fe13a3fb32
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/d15795acd5074e0b44e71f7ede8bdfe1b48591fc
-CVE-2017-13779
+CVE-2017-13779 (GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offli ...)
 	NOT-FOR-US: India Goods and Services Tax Network
-CVE-2017-13778
+CVE-2017-13778 (Fiyo CMS 2.0.7 has XSS in dapur\apps\app_config\sys_config.php via the ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-13777
+CVE-2017-13777 (GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage()  ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-8 (low)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/233a720bfd5e
-CVE-2017-13776
+CVE-2017-13776 (GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage()  ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-8 (low)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/233a720bfd5e
-CVE-2017-13775
+CVE-2017-13775 (GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage()  ...)
 	{DSA-4321-1 DLA-1456-1}
 	- graphicsmagick 1.3.26-8 (low)
 	[wheezy] - graphicsmagick <not-affected> (Vulnerable code not present)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/b037d79b6ccd
-CVE-2017-13774
+CVE-2017-13774 (Hikvision iVMS-4200 devices before v2.6.2.7 allow local users to gener ...)
 	NOT-FOR-US: Hikvision
 CVE-2017-13773
 	RESERVED
-CVE-2017-13772
+CVE-2017-13772 (Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers w ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-13771
+CVE-2017-13771 (Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configu ...)
 	NOT-FOR-US: Lexmark Scan To Network
 CVE-2017-13770
 	RESERVED
-CVE-2017-13769
+CVE-2017-13769 (The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick  ...)
 	{DSA-4040-1 DSA-4032-1 DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #878507)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/705
@@ -13675,7 +13675,7 @@ CVE-2017-13769
 	NOTE: Extra checks:
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5a3897693a8b4e97add649c0ca1d538bd90f59c9
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/abb9d1322317733b799e8b87b2e346b3038f3260
-CVE-2017-13768
+CVE-2017-13768 (Null Pointer Dereference in the IdentifyImage function in MagickCore/i ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875352)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -13683,14 +13683,14 @@ CVE-2017-13768
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/706
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/152e510e2b7858efe5992ed95090d8e0049417f3
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/2c1b360d80e5f8f7c7108c0afedde64ab79318ff
-CVE-2017-13767
+CVE-2017-13767 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP diss ...)
 	- wireshark 2.4.1-1
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13933
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6f18ace2a2683418a9368a8dfd92da6bd8213e15
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-38.html
-CVE-2017-13766
+CVE-2017-13766 (In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector coul ...)
 	- wireshark 2.4.1-1
 	[stretch] - wireshark 2.2.6+g32dac6a-2+deb9u1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
@@ -13699,142 +13699,142 @@ CVE-2017-13766
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2096bc1e5078732543e0a3ee115a2ce520a72bbc
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=af7b093ca528516c14247acb545046199d30843e
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-39.html
-CVE-2017-13765
+CVE-2017-13765 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM di ...)
 	{DLA-1634-1}
 	- wireshark 2.4.1-1
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13929
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=94666d4357096fc45e3bcad3d9414a14f0831bc8
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-41.html
-CVE-2017-13764
+CVE-2017-13764 (In Wireshark 2.4.0, the Modbus dissector could crash with a NULL point ...)
 	- wireshark 2.4.1-1
 	[jessie] - wireshark <not-affected> (vulnerable request not implemented)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13925
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b87ffbd12bddf64582c0a6e082b462744474de94
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-40.html
-CVE-2017-13763
+CVE-2017-13763 (ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of m ...)
 	NOT-FOR-US: ONOS
-CVE-2017-13762
+CVE-2017-13762 (ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS. ...)
 	NOT-FOR-US: ONOS
-CVE-2017-13761
+CVE-2017-13761 (The Fastly CDN module before 1.2.26 for Magento2, when used with a thi ...)
 	NOT-FOR-US: Fastly CDN module for Magento2
-CVE-2017-13760
+CVE-2017-13760 (In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat image in t ...)
 	- sleuthkit 4.4.2-3 (unimportant; bug #873724)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/906
 	NOTE: Negligible security impact
 CVE-2017-13759
 	RESERVED
-CVE-2017-13758
+CVE-2017-13758 (In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the  ...)
 	{DSA-4040-1 DSA-4032-1 DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #878508)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32583
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/ef6cee1bcf144b7c9285787920361a53296e7907
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/57eced684ad0660fe580800d977ba94623ec67ac
-CVE-2017-13757
+CVE-2017-13757 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.29-10
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22018
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=90efb6422939ca031804266fba669f77c22a274a
-CVE-2017-13756
+CVE-2017-13756 (In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers i ...)
 	- sleuthkit 4.4.2-3 (unimportant; bug #873725)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/914
 	NOTE: Negligible security impact
-CVE-2017-13755
+CVE-2017-13755 (In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image trigge ...)
 	- sleuthkit 4.4.2-3 (unimportant; bug #873726)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/913
 	NOTE: Negligible security impact
-CVE-2017-13754
+CVE-2017-13754 (Cross-site scripting (XSS) vulnerability in the "advanced settings - t ...)
 	NOT-FOR-US: Wibu-Systems
 CVE-2017-13753
 	REJECTED
-CVE-2017-13752
+CVE-2017-13752 (There is a reachable assertion abort in the function jpc_dequantize()  ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485276
-CVE-2017-13751
+CVE-2017-13751 (There is a reachable assertion abort in the function calcstepsizes() i ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485283
-CVE-2017-13750
+CVE-2017-13750 (There is a reachable assertion abort in the function jpc_dec_process_s ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485280
-CVE-2017-13749
+CVE-2017-13749 (There is a reachable assertion abort in the function jpc_pi_nextrpcl() ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485285
-CVE-2017-13748
+CVE-2017-13748 (There are lots of memory leaks in JasPer 2.0.12, triggered in the func ...)
 	{DLA-1583-1}
 	- jasper <removed> (low)
 	[wheezy] - jasper <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485287
 	NOTE: https://github.com/mdadams/jasper/issues/168
 	NOTE: Fixed by https://github.com/mdadams/jasper/pull/159 but still no upstream comment.
-CVE-2017-13747
+CVE-2017-13747 (There is a reachable assertion abort in the function jpc_floorlog2() i ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485282
-CVE-2017-13746
+CVE-2017-13746 (There is a reachable assertion abort in the function jpc_dec_process_s ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485286
-CVE-2017-13745
+CVE-2017-13745 (There is a reachable assertion abort in the function jpc_dec_process_s ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1485274
-CVE-2017-13744
+CVE-2017-13744 (There is an illegal address access in the function _lou_getALine() in  ...)
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484338
 	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/edf8ee00197e5a9b062554bdca00fe1617d257a4
-CVE-2017-13743
+CVE-2017-13743 (There is a buffer overflow in Liblouis 3.2.0, triggered in the functio ...)
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484335
-CVE-2017-13742
+CVE-2017-13742 (There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in ...)
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484334
 	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/d8cfdf1ab64a4c9c6685efe45bc735f68dac618c
-CVE-2017-13741
+CVE-2017-13741 (There is a use-after-free in the function compileBrailleIndicator() in ...)
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484332
 	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/af5791ea792acc0a9707738001aa1df3daff7a66
-CVE-2017-13740
+CVE-2017-13740 (There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in ...)
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484306
 	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/d8cfdf1ab64a4c9c6685efe45bc735f68dac618c
-CVE-2017-13739
+CVE-2017-13739 (There is a heap-based buffer overflow that causes a more than two thou ...)
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484299
 	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/d8cfdf1ab64a4c9c6685efe45bc735f68dac618c
-CVE-2017-13738
+CVE-2017-13738 (There is an illegal address access in the _lou_getALine function in co ...)
 	- liblouis 3.3.0-1 (low; bug #874302)
 	[stretch] - liblouis 3.0.0-3+deb9u1
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	[wheezy] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484297
 	NOTE: Proposed fix via pull request: https://github.com/liblouis/liblouis/pull/393/commits/edf8ee00197e5a9b062554bdca00fe1617d257a4
-CVE-2017-13737
+CVE-2017-13737 (There is an invalid free in the MagickFree function in magick/memory.c ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1140-1}
 	- graphicsmagick 1.3.26-15 (low; bug #878511)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484196
 	NOTE: Fixed by: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/3db9449e3d6a/
-CVE-2017-13736
+CVE-2017-13736 (There are lots of memory leaks in the GMCommand function in magick/com ...)
 	- graphicsmagick <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484192
-CVE-2017-13735
+CVE-2017-13735 (There is a floating point exception in the kodak_radc_load_raw functio ...)
 	- libraw 0.18.5-1 (low; bug #874729)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
@@ -13842,84 +13842,84 @@ CVE-2017-13735
 	NOTE: https://github.com/LibRaw/LibRaw/issues/96
 	NOTE: Isolated patch: https://github.com/LibRaw/LibRaw/files/1276421/radc_divbyzero.txt
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1483988
-CVE-2017-13734
+CVE-2017-13734 (There is an illegal address access in the _nc_safe_strcat function in  ...)
 	- ncurses 6.0+20170827-1 (bug #873723)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484291
-CVE-2017-13733
+CVE-2017-13733 (There is an illegal address access in the fmt_entry function in progs/ ...)
 	- ncurses 6.0+20170902-1 (bug #873746)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484290
-CVE-2017-13732
+CVE-2017-13732 (There is an illegal address access in the function dump_uses() in prog ...)
 	- ncurses 6.0+20170827-1 (bug #873723)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484287
-CVE-2017-13731
+CVE-2017-13731 (There is an illegal address access in the function postprocess_termcap ...)
 	- ncurses 6.0+20170827-1 (bug #873723)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484285
-CVE-2017-13730
+CVE-2017-13730 (There is an illegal address access in the function _nc_read_entry_sour ...)
 	- ncurses 6.0+20170827-1 (bug #873723)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484284
-CVE-2017-13729
+CVE-2017-13729 (There is an illegal address access in the _nc_save_str function in all ...)
 	- ncurses 6.0+20170827-1 (bug #873723)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484276
-CVE-2017-13728
+CVE-2017-13728 (There is an infinite loop in the next_char function in comp_scan.c in  ...)
 	- ncurses 6.0+20170827-1 (bug #873723)
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1484274
-CVE-2017-13727
+CVE-2017-13727 (There is a reachable assertion abort in the function TIFFWriteDirector ...)
 	{DSA-4100-1 DLA-1093-1}
 	- tiff 4.0.8-5 (bug #873879)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (Vulnerable code not present)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2728
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/b6af137bf9ef852f1a48a50a5afb88f9e9da01cc
-CVE-2017-13726
+CVE-2017-13726 (There is a reachable assertion abort in the function TIFFWriteDirector ...)
 	{DSA-4100-1 DLA-1093-1}
 	- tiff 4.0.8-5 (bug #873880)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (Vulnerable code not present)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2727
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/f91ca83a21a6a583050e5a5755ce1441b2bf1d7e
-CVE-2017-13725
+CVE-2017-13725 (The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer ov ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13724
+CVE-2017-13724 (On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scri ...)
 	NOT-FOR-US: Axesstel MU553S MU55XS-V1.14
-CVE-2017-13723
+CVE-2017-13723 (In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local a ...)
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.4-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=94f11ca5cf011ef123bd222cabeaef6f424d76ac
 	NOTE: This is in libxkbfile in wheezy
-CVE-2017-13722
+CVE-2017-13722 (In the pcfGetProperties function in bitmap/pcfread.c in libXfont throu ...)
 	{DSA-3995-1 DLA-1126-1}
 	- libxfont 1:2.0.1-4
 	- libxfont1 <removed> (unimportant)
 	NOTE: Fixed by: https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=672bb944311392e2415b39c0d63b1e1902905bcd
 	NOTE: libxfont1 is only used by xfonts-utils, no security impact
-CVE-2017-13721
+CVE-2017-13721 (In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attack ...)
 	{DSA-4000-1}
 	- xorg-server 2:1.19.4-1
 	[wheezy] - xorg-server <not-affected> (Vulnerable code introduced later)
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=b95f25af141d33a65f6f821ea9c003f66a01e1f1
-CVE-2017-13720
+CVE-2017-13720 (In the PatternMatch function in fontfile/fontdir.c in libXfont through ...)
 	{DSA-3995-1 DLA-1126-1}
 	- libxfont 1:2.0.1-4
 	- libxfont1 <removed> (unimportant)
@@ -13931,7 +13931,7 @@ CVE-2017-13718
 	RESERVED
 CVE-2017-13717
 	RESERVED
-CVE-2017-13716
+CVE-2017-13716 (The C++ symbol demangler routine in cplus-dem.c in libiberty, as distr ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -13939,7 +13939,7 @@ CVE-2017-13716
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22009
 	NOTE: Underlying bug is though in the C++ demangler part of libiberty, but MITRE
 	NOTE: has assigned it specifically to the issue as raised within binutils.
-CVE-2017-13715
+CVE-2017-13715 (The __skb_flow_dissect function in net/core/flow_dissector.c in the Li ...)
 	- linux 4.3.1-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -13947,14 +13947,14 @@ CVE-2017-13715
 	NOTE: Introduced by: https://git.kernel.org/linus/b3baa0fbd02a1a9d493d8cb92ae4a4491b9e9d13 (4.2-rc1)
 CVE-2017-13714
 	RESERVED
-CVE-2017-13713
+CVE-2017-13713 (T&amp;W WIFI Repeater BE126 allows remote authenticated users to execu ...)
 	NOT-FOR-US: T&W WIFI Repeater BE126
-CVE-2017-13712
+CVE-2017-13712 (NULL Pointer Dereference in the id3v2AddAudioDuration function in libm ...)
 	- lame 3.100-1 (low)
 	[stretch] - lame <no-dsa> (Minor issue)
 	[jessie] - lame <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/lame/bugs/472/
-CVE-2017-13711
+CVE-2017-13711 (Use-after-free vulnerability in the sofree function in slirp/socket.c  ...)
 	{DSA-3991-1}
 	- qemu 1:2.10.0-1 (bug #873875)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
@@ -13963,50 +13963,50 @@ CVE-2017-13711
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg05201.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1486400
-CVE-2017-14041
+CVE-2017-14041 (A stack-based buffer overflow was discovered in the pgxtoimage functio ...)
 	{DSA-4013-1}
 	- openjpeg2 2.3.0-1 (bug #874115)
 	NOTE: Fixed by: https://github.com/uclouvain/openjpeg/commit/e5285319229a5d77bf316bb0d3a6cbd3cb8666d9
 	NOTE: Reproducer: https://blogs.gentoo.org/ago/2017/08/28/openjpeg-stack-based-buffer-overflow-write-in-pgxtoimage-convert-c/
 	NOTE: https://github.com/uclouvain/openjpeg/issues/997
-CVE-2017-14040
+CVE-2017-14040 (An invalid write access was discovered in bin/jp2/convert.c in OpenJPE ...)
 	{DSA-4013-1}
 	- openjpeg2 2.3.0-1 (bug #874117)
 	NOTE: Fixed by: https://github.com/uclouvain/openjpeg/commit/2cd30c2b06ce332dede81cccad8b334cde997281
 	NOTE: Reproducer: https://blogs.gentoo.org/ago/2017/08/28/openjpeg-invalid-memory-write-in-tgatoimage-convert-c/
 	NOTE: https://github.com/uclouvain/openjpeg/issues/995
-CVE-2017-14039
+CVE-2017-14039 (A heap-based buffer overflow was discovered in the opj_t2_encode_packe ...)
 	{DSA-4013-1}
 	- openjpeg2 2.3.0-1 (bug #874118)
 	NOTE: Fixed by: https://github.com/uclouvain/openjpeg/commit/c535531f03369623b9b833ef41952c62257b507e
 	NOTE: Reproducer: https://blogs.gentoo.org/ago/2017/08/28/openjpeg-heap-based-buffer-overflow-in-opj_t2_encode_packet-t2-c/
 	NOTE: https://github.com/uclouvain/openjpeg/issues/992
 	NOTE: The issue is covered by https://github.com/uclouvain/openjpeg/commit/4241ae6fbbf1de9658764a80944dc8108f2b4154
-CVE-2017-14042
+CVE-2017-14042 (A memory allocation failure was discovered in the ReadPNMImage functio ...)
 	- graphicsmagick 1.3.26-9 (unimportant; bug #873538)
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/3bbf7a13643d
 	NOTE: https://blogs.gentoo.org/ago/2017/08/28/graphicsmagick-memory-allocation-failure-in-magickrealloc-memory-c-2/
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/441/
-CVE-2017-13710
+CVE-2017-13710 (The setup_group function in elf.c in the Binary File Descriptor (BFD)  ...)
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0c54f69295208331faab9bc5e995111a35672f9b
-CVE-2017-13708
+CVE-2017-13708 (Buffer overflow in the web server service in VX Search Enterprise 10.0 ...)
 	NOT-FOR-US: VX Search Enterprise
-CVE-2017-13707
+CVE-2017-13707 (Privilege escalation in Replibit Backup Manager earlier than version 2 ...)
 	NOT-FOR-US: Replibit
-CVE-2017-13706
+CVE-2017-13706 (XML external entity (XXE) vulnerability in the import package function ...)
 	NOT-FOR-US: Lansweeper
-CVE-2017-13709
+CVE-2017-13709 (In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger ...)
 	- flightgear 1:2017.2.1+dfsg-4 (low; bug #873439)
 	[stretch] - flightgear 1:2016.4.4+dfsg-3+deb9u1
 	[jessie] - flightgear 3.0.0-5+deb8u3
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/27/1
 CVE-2017-13705
 	RESERVED
-CVE-2017-13704
+CVE-2017-13704 (In dnsmasq before 2.78, if the DNS packet size does not match the expe ...)
 	- dnsmasq 2.78-1 (bug #877102)
 	[stretch] - dnsmasq <not-affected> (Vulnerable code not present; Upstream: Regression introduced in 2.77)
 	[jessie] - dnsmasq <not-affected> (Vulnerable code not present; Upstream: Regression introduced in 2.77)
@@ -14014,94 +14014,94 @@ CVE-2017-13704
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1495510
 	NOTE: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2017q3/011729.html
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928
-CVE-2017-13703
+CVE-2017-13703 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.  ...)
 	NOT-FOR-US: Moxa
-CVE-2017-13702
+CVE-2017-13702 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.  ...)
 	NOT-FOR-US: Moxa
-CVE-2017-13701
+CVE-2017-13701 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.  ...)
 	NOT-FOR-US: Moxa
-CVE-2017-13700
+CVE-2017-13700 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.  ...)
 	NOT-FOR-US: Moxa
-CVE-2017-13699
+CVE-2017-13699 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.  ...)
 	NOT-FOR-US: MOXA
-CVE-2017-13698
+CVE-2017-13698 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.  ...)
 	NOT-FOR-US: MOXA
-CVE-2017-13697
+CVE-2017-13697 (controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-13696
+CVE-2017-13696 (A buffer overflow vulnerability lies in the web server component of Du ...)
 	NOT-FOR-US: Dup Scout Enterprise
-CVE-2017-1000122
+CVE-2017-1000122 (The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, do ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0007.html
 	NOTE: Not covered by security support
-CVE-2017-1000121
+CVE-2017-1000121 (The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, do ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0007.html
 	NOTE: Not covered by security support
-CVE-2017-13695
+CVE-2017-13695 (The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the ...)
 	- acpica-unix 20180209-1 (unimportant)
 	- linux 4.17.3-1 (unimportant)
 	NOTE: https://patchwork.kernel.org/patch/9850567/
 	NOTE: non-issue/no relevant security impact
-CVE-2017-13694
+CVE-2017-13694 (The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobje ...)
 	- acpica-unix 20180209-1 (unimportant)
 	- linux <unfixed> (unimportant)
 	NOTE: https://patchwork.kernel.org/patch/9806085/
 	NOTE: non-issue/no relevant security impact
-CVE-2017-13693
+CVE-2017-13693 (The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils. ...)
 	- acpica-unix 20180209-1 (unimportant)
 	- linux <unfixed> (unimportant)
 	NOTE: https://patchwork.kernel.org/patch/9919053/
 	NOTE: non-issue/no relevant security impact
-CVE-2017-13692
+CVE-2017-13692 (In Tidy 5.5.31, the IsURLCodePoint function in attrs.c allows attacker ...)
 	- tidy-html5 <not-affected> (Vulnerable code introduced later)
 	- tidy <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/htacg/tidy-html5/issues/588
 CVE-2017-13691
 	RESERVED
-CVE-2017-13690
+CVE-2017-13690 (The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in pri ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13689
+CVE-2017-13689 (The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in pri ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13688
+CVE-2017-13688 (The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13687
+CVE-2017-13687 (The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read i ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13686
+CVE-2017-13686 (net/ipv4/route.c in the Linux kernel 4.13-rc1 through 4.13-rc6 is too  ...)
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/bc3aae2bbac46dd894c89db5d5e98f7f0ef9e205
-CVE-2017-13685
+CVE-2017-13685 (The dump_callback function in SQLite 3.20.0 allows remote attackers to ...)
 	- sqlite3 3.20.1-1 (unimportant; bug #873762)
 	NOTE: https://sqlite.org/src/info/02f0f4c54f2819b3
 	NOTE: http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html
 	NOTE: Crash in the command-line shell program, not the the core SQLite library.
-CVE-2017-13684
+CVE-2017-13684 (Unisys Libra 64xx and 84xx and FS601 class systems with MCP-FIRMWARE b ...)
 	NOT-FOR-US: Unisys Libra
-CVE-2017-13683
+CVE-2017-13683 (In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory  ...)
 	NOT-FOR-US: Symantec
-CVE-2017-13682
+CVE-2017-13682 (In Symantec Encryption Desktop before SED 10.4.1 MP2HF1, a kernel memo ...)
 	NOT-FOR-US: Symantec
-CVE-2017-13681
+CVE-2017-13681 (Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be suscep ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2017-13680
+CVE-2017-13680 (Prior to SEP 12.1 RU6 MP9 &amp; SEP 14 RU1 Symantec Endpoint Protectio ...)
 	NOT-FOR-US: Symantec Endpoint Protection
-CVE-2017-13679
+CVE-2017-13679 (A denial of service (DoS) attack in Symantec Encryption Desktop before ...)
 	NOT-FOR-US: Symantec
-CVE-2017-13678
+CVE-2017-13678 (Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) ...)
 	NOT-FOR-US: Symantec
-CVE-2017-13677
+CVE-2017-13677 (Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure  ...)
 	NOT-FOR-US: Symantec
-CVE-2017-13676
+CVE-2017-13676 (Norton Remove &amp; Reinstall can be susceptible to a DLL preloading v ...)
 	NOT-FOR-US: Symantec
-CVE-2017-13675
+CVE-2017-13675 (A denial of service (DoS) attack in Symantec Endpoint Encryption befor ...)
 	NOT-FOR-US: Symantec
-CVE-2017-13674
+CVE-2017-13674 (Symantec ProxyClient 3.4 for Windows is susceptible to a privilege esc ...)
 	NOT-FOR-US: Symantec ProxyClient
-CVE-2017-13673
+CVE-2017-13673 (The vga display update in mis-calculated the region for the dirty bitm ...)
 	- qemu 1:2.10.0+dfsg-2
 	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
@@ -14111,7 +14111,7 @@ CVE-2017-13673
 	NOTE: Fixed by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=d6f7f3b0cf4b6c5e7cdff9dfa6d20545e1051375 (v2.10.1)
 	NOTE: Introduced by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=fec5e8c92becad223df9d972770522f64aafdb72
 	NOTE: In the unstable upload the fix is integrated in debian/patches/qemu-2.10.1.diff
-CVE-2017-13672
+CVE-2017-13672 (QEMU (aka Quick Emulator), when built with the VGA display emulator su ...)
 	{DSA-3991-1}
 	- qemu 1:2.10.0-1 (low; bug #873851)
 	[jessie] - qemu <no-dsa> (Minor issue. Too complex to backport)
@@ -14120,23 +14120,23 @@ CVE-2017-13672
 	[wheezy] - qemu-kvm <postponed> (Can be fixed along in a future DSA)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg04684.html
 	NOTE: Fixed by https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=3d90c6254863693a6b13d918d2b8682e08bbc681
-CVE-2017-13671
+CVE-2017-13671 (app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent ...)
 	NOT-FOR-US: MISP (Malware Information Sharing Platform and Threat Sharing)
-CVE-2017-13670
+CVE-2017-13670 (In BlackCat CMS 1.2, remote authenticated users can upload any file vi ...)
 	NOT-FOR-US: BlackCat CMS
-CVE-2017-13669
+CVE-2017-13669 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswere ...)
 	NOT-FOR-US: NexusPHP
 CVE-2017-13668
 	RESERVED
 CVE-2017-13667
 	RESERVED
-CVE-2017-13666
+CVE-2017-13666 (An integer underflow vulnerability exists in pixel-a.asm, the x86 asse ...)
 	- x265 <not-affected> (Affected code is not enabled)
 CVE-2017-13665
 	RESERVED
-CVE-2017-13664
+CVE-2017-13664 (Password file exposure in firmware in iSmartAlarm CubeOne version 2.2. ...)
 	NOT-FOR-US: iSmartAlarm CubeOne
-CVE-2017-13663
+CVE-2017-13663 (Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2 ...)
 	NOT-FOR-US: iSmartAlarm CubeOne
 CVE-2017-13662
 	RESERVED
@@ -14156,20 +14156,20 @@ CVE-2017-13654
 	RESERVED
 CVE-2017-13653
 	RESERVED
-CVE-2017-13652
+CVE-2017-13652 (NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are ...)
 	NOT-FOR-US: NetApp
 CVE-2017-13651
 	RESERVED
 CVE-2017-13650
 	RESERVED
-CVE-2017-1002150
+CVE-2017-1002150 (python-fedora 0.8.0 and lower is vulnerable to an open redirect result ...)
 	- python-fedora 0.9.0-1
 	[stretch] - python-fedora <no-dsa> (Minor issue)
 	[jessie] - python-fedora <no-dsa> (Minor issue)
 	NOTE: https://github.com/fedora-infra/python-fedora/commit/b27f38a67573f4c989710c9bfb726dd4c1eeb929.patch
-CVE-2017-13649
+CVE-2017-13649 (UnrealIRCd 4.0.13 and earlier creates a PID file after dropping privil ...)
 	- unrealircd <itp> (bug #515130)
-CVE-2017-13648
+CVE-2017-13648 (In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the ...)
 	- graphicsmagick 1.3.27-1 (unimportant)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/433/
 CVE-2017-13647
@@ -14860,372 +14860,372 @@ CVE-2017-13309
 	RESERVED
 CVE-2017-13308
 	RESERVED
-CVE-2017-13307
+CVE-2017-13307 (A elevation of privilege vulnerability in the Upstream kernel pci sysf ...)
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2017-13306
+CVE-2017-13306 (A elevation of privilege vulnerability in the Upstream kernel mnh driv ...)
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2017-13305
+CVE-2017-13305 (A information disclosure vulnerability in the Upstream kernel encrypte ...)
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.82-1+deb9u1
 	NOTE: Fixed by: https://git.kernel.org/linus/794b4bc292f5d31739d89c0202c54e7dc9bc3add
-CVE-2017-13304
+CVE-2017-13304 (A information disclosure vulnerability in the Upstream kernel mnh_sm d ...)
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2017-13303
+CVE-2017-13303 (A information disclosure vulnerability in the Broadcom bcmdhd driver.  ...)
 	NOT-FOR-US: Broadcom components for Android
-CVE-2017-13302
+CVE-2017-13302 (A denial of service vulnerability in the Android system (system ui). P ...)
 	NOT-FOR-US: Android
-CVE-2017-13301
+CVE-2017-13301 (A denial of service vulnerability in the Android system (system ui). P ...)
 	NOT-FOR-US: Android
-CVE-2017-13300
+CVE-2017-13300 (A denial of service vulnerability in the Android media framework (libh ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13299
+CVE-2017-13299 (A other vulnerability in the Android media framework (libavc). Product ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13298
+CVE-2017-13298 (A information disclosure vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13297
+CVE-2017-13297 (A information disclosure vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13296
+CVE-2017-13296 (A information disclosure vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13295
+CVE-2017-13295 (A denial of service vulnerability in the Android framework (package in ...)
 	NOT-FOR-US: Android
-CVE-2017-13294
+CVE-2017-13294 (A information disclosure vulnerability in the Android framework (aosp  ...)
 	NOT-FOR-US: Android framework (aosp email application)
-CVE-2017-13293
+CVE-2017-13293 (In the nfc_hci_cmd_received() function of core.c, there is a possible  ...)
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2017-13292
+CVE-2017-13292 (In wl_get_assoc_ies of wl_cfg80211.c, there is a possible out of bound ...)
 	NOT-FOR-US: Broadcom components for Android
-CVE-2017-13291
+CVE-2017-13291 (In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible N ...)
 	NOT-FOR-US: Android
-CVE-2017-13290
+CVE-2017-13290 (In sdp_server_handle_client_req of sdp_server.cc, there is an out of b ...)
 	NOT-FOR-US: Android
-CVE-2017-13289
+CVE-2017-13289 (In writeToParcel and createFromParcel of RttManager.java, there is a p ...)
 	NOT-FOR-US: Android
-CVE-2017-13288
+CVE-2017-13288 (In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, ...)
 	NOT-FOR-US: Android
-CVE-2017-13287
+CVE-2017-13287 (In createFromParcel of VerifyCredentialResponse.java, there is a possi ...)
 	NOT-FOR-US: Android
-CVE-2017-13286
+CVE-2017-13286 (In writeToParcel and readFromParcel of OutputConfiguration.java, there ...)
 	NOT-FOR-US: Android
-CVE-2017-13285
+CVE-2017-13285 (In SvoxSsmlParser and startElement of svox_ssml_parser.cpp, there is a ...)
 	NOT-FOR-US: Android
-CVE-2017-13284
+CVE-2017-13284 (In config_set_string of config.cc, it is possible to pair a second BT  ...)
 	NOT-FOR-US: Android
-CVE-2017-13283
+CVE-2017-13283 (In avrc_ctrl_pars_vendor_rsp of bluetooth avrcp_ctrl, there is a possi ...)
 	NOT-FOR-US: Android
-CVE-2017-13282
+CVE-2017-13282 (In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible s ...)
 	NOT-FOR-US: Android
-CVE-2017-13281
+CVE-2017-13281 (In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible stac ...)
 	NOT-FOR-US: Android
-CVE-2017-13280
+CVE-2017-13280 (In the FrameSequence_gif::FrameSequence_gif function of libframesequen ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13279
+CVE-2017-13279 (In M3UParser::parse of M3UParser.cpp, there is a memory resource exhau ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13278
+CVE-2017-13278 (In MediaPlayerService::Client::notify of MediaPlayerService.cpp, there ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13277
+CVE-2017-13277 (In ihevcd_fmt_conv of ihevcd_fmt_conv.c, there is a possible out of bo ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13276
+CVE-2017-13276 (In CProgramConfig_ReadHeightExt of tpdec_asc.cpp, there is a possible  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13275
+CVE-2017-13275 (In getVSCoverage of CmapCoverage.cpp, there is a possible out of bound ...)
 	NOT-FOR-US: Android
-CVE-2017-13274
+CVE-2017-13274 (In the getHost() function of UriTest.java, there is the possibility of ...)
 	NOT-FOR-US: Android
-CVE-2017-13273
+CVE-2017-13273 (In xt_qtaguid.c, there is a race condition due to insufficient locking ...)
 	NOT-FOR-US: Android
-CVE-2017-13272
+CVE-2017-13272 (In alarm_ready_generic of alarm.cc, there is a possible out of bounds  ...)
 	NOT-FOR-US: Android
-CVE-2017-13271
+CVE-2017-13271 (A elevation of privilege vulnerability in the upstream kernel mnh_sm d ...)
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2017-13270
+CVE-2017-13270 (A elevation of privilege vulnerability in the upstream kernel mnh_sm d ...)
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2017-13269
+CVE-2017-13269 (A information disclosure vulnerability in the Android system (bluetoot ...)
 	NOT-FOR-US: Android
-CVE-2017-13268
+CVE-2017-13268 (A information disclosure vulnerability in the Android system (bluetoot ...)
 	NOT-FOR-US: Android
-CVE-2017-13267
+CVE-2017-13267 (In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack  ...)
 	NOT-FOR-US: Android
-CVE-2017-13266
+CVE-2017-13266 (In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack  ...)
 	NOT-FOR-US: Android
-CVE-2017-13265
+CVE-2017-13265 (A elevation of privilege vulnerability in the Android system (OTA upda ...)
 	NOT-FOR-US: Android
-CVE-2017-13264
+CVE-2017-13264 (A other vulnerability in the Android media framework (Avcdec). Product ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13263
+CVE-2017-13263 (A elevation of privilege vulnerability in the Android framework. Produ ...)
 	NOT-FOR-US: Android
-CVE-2017-13262
+CVE-2017-13262 (In bnep_data_ind of bnep_main.cc, there is a possible out of bounds re ...)
 	NOT-FOR-US: Android
-CVE-2017-13261
+CVE-2017-13261 (In bnep_process_control_packet of bnep_utils.cc, there is a possible o ...)
 	NOT-FOR-US: Android
-CVE-2017-13260
+CVE-2017-13260 (In bnep_data_ind of bnep_main.cc, there is a possible out of bounds re ...)
 	NOT-FOR-US: Android
-CVE-2017-13259
+CVE-2017-13259 (In functionality implemented in sdp_discovery.cc, there are possible o ...)
 	NOT-FOR-US: Android
-CVE-2017-13258
+CVE-2017-13258 (In bnep_data_ind of bnep_main.cc, there is a possible out of bounds re ...)
 	NOT-FOR-US: Android
-CVE-2017-13257
+CVE-2017-13257 (In bta_pan_data_buf_ind_cback of bta_pan_act.cc there is a use after f ...)
 	NOT-FOR-US: Android
-CVE-2017-13256
+CVE-2017-13256 (In process_service_search_attr_req of sdp_server.cc, there is an out o ...)
 	NOT-FOR-US: Android
-CVE-2017-13255
+CVE-2017-13255 (In process_service_attr_req of sdp_server.c, there is an out of bounds ...)
 	NOT-FOR-US: Android
-CVE-2017-13254
+CVE-2017-13254 (A other vulnerability in the Android media framework (AACExtractor). P ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13253
+CVE-2017-13253 (In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13252
+CVE-2017-13252 (In CryptoHal::decrypt of CryptoHal.cpp, there is an out of bounds writ ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13251
+CVE-2017-13251 (In impeg2d_dec_pic_data_thread of impeg2d_dec_hdr.c, there is a possib ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13250
+CVE-2017-13250 (In ih264d_fmt_conv_420sp_to_420p of ih264d_utils.c, there is an out of ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13249
+CVE-2017-13249 (In impeg2d_api_set_display_frame of impeg2d_api_main.c, there is an ou ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13248
+CVE-2017-13248 (In impeg2_idct_recon_sse42() of impeg2_idct_recon_sse42_intr.c, there  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13247
+CVE-2017-13247 (In the Pixel 2 bootloader, there is a missing permission check which b ...)
 	NOT-FOR-US: HTC Android components
-CVE-2017-13246
+CVE-2017-13246 (A information disclosure vulnerability in the Upstream kernel network  ...)
 	NOT-FOR-US: Closed source network driver for Pixel phones
-CVE-2017-13245
+CVE-2017-13245 (A elevation of privilege vulnerability in the Upstream kernel audio dr ...)
 	NOT-FOR-US: Closed source audio driver for Pixel phones
-CVE-2017-13244
+CVE-2017-13244 (A elevation of privilege vulnerability in the Upstream kernel easel. P ...)
 	NOT-FOR-US: Easel driver for Pixel phones
-CVE-2017-13243
+CVE-2017-13243 (A information disclosure vulnerability in the Android system (ui). Pro ...)
 	NOT-FOR-US: Android
-CVE-2017-13242
+CVE-2017-13242 (A information disclosure vulnerability in the Android system (bluetoot ...)
 	NOT-FOR-US: Android
-CVE-2017-13241
+CVE-2017-13241 (A information disclosure vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13240
+CVE-2017-13240 (A information disclosure vulnerability in the Android framework (crypt ...)
 	NOT-FOR-US: Android
-CVE-2017-13239
+CVE-2017-13239 (A information disclosure vulnerability in the Android framework (ui fr ...)
 	NOT-FOR-US: Android
-CVE-2017-13238
+CVE-2017-13238 (In XBLRamDump mode, there is a debug feature that can be used to dump  ...)
 	NOT-FOR-US: HTC Android components
 CVE-2017-13237
 	RESERVED
-CVE-2017-13236
+CVE-2017-13236 (In the KeyStore service, there is a permissions bypass that allows acc ...)
 	NOT-FOR-US: Android
-CVE-2017-13235
+CVE-2017-13235 (A other vulnerability in the Android media framework (n/a). Product: A ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13234
+CVE-2017-13234 (In DLSParser of the sonivox library, there is possible resource exhaus ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13233
+CVE-2017-13233 (In ihevcd_ctb_boundary_strength_pbslice of libhevc, there is possible  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13232
+CVE-2017-13232 (In audioserver, there is an out-of-bounds write due to a log statement ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13231
+CVE-2017-13231 (In libmediadrm, there is an out-of-bounds write due to improper input  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13230
+CVE-2017-13230 (In hevc codec, there is an out-of-bounds write due to an incorrect bou ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13229
+CVE-2017-13229 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13228
+CVE-2017-13228 (In function ih264d_ref_idx_reordering of libavc, there is an out-of-bo ...)
 	NOT-FOR-US: Android Media Framework
 CVE-2017-13227
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2017-13226
+CVE-2017-13226 (An elevation of privilege vulnerability in the MediaTek mtk. Product:  ...)
 	NOT-FOR-US: Mediatek components for Android
-CVE-2017-13225
+CVE-2017-13225 (In libMtkOmxVdec.so there is a possible heap buffer overflow. This cou ...)
 	NOT-FOR-US: Mediatek components for Android
 CVE-2017-13224
 	RESERVED
 CVE-2017-13223
 	RESERVED
-CVE-2017-13222
+CVE-2017-13222 (An information disclosure vulnerability in the Upstream kernel kernel. ...)
 	NOT-FOR-US: Android kernel component (no source release, no apparently not affecting mainline)
-CVE-2017-13221
+CVE-2017-13221 (An elevation of privilege vulnerability in the Upstream kernel wifi dr ...)
 	NOT-FOR-US: Android kernel component (no source release, no apparently not affecting mainline)
-CVE-2017-13220
+CVE-2017-13220 (An elevation of privilege vulnerability in the Upstream kernel bluez.  ...)
 	{DSA-4187-1}
 	- linux 4.0.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/51bda2bca53b265715ca1852528f38dc67429d9a
-CVE-2017-13219
+CVE-2017-13219 (A denial of service vulnerability in the Upstream kernel synaptics tou ...)
 	NOT-FOR-US: Android kernel component (no source release, no apparently not affecting mainline)
-CVE-2017-13218
+CVE-2017-13218 (Access to CNTVCT_EL0 in Small Cell SoC, Snapdragon Automobile, Snapdra ...)
 	NOT-FOR-US: Android kernel component (no source release, no apparently not affecting mainline)
-CVE-2017-13217
+CVE-2017-13217 (In DisplayFtmItem in the bootloader, there is an out-of-bounds write d ...)
 	NOT-FOR-US: Android kernel component (no source release, no apparently not affecting mainline)
-CVE-2017-13216
+CVE-2017-13216 (In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to in ...)
 	- linux 4.14.17-1 (unimportant)
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux 3.16.56-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/443064cb0b1fb4569fe0a71209da7625129f
-CVE-2017-13215
+CVE-2017-13215 (A elevation of privilege vulnerability in the Upstream kernel skcipher ...)
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	[wheezy] - linux 3.2.78-1
-CVE-2017-13214
+CVE-2017-13214 (In the hardware HEVC decoder, some media files could cause a page faul ...)
 	NOT-FOR-US: HTC components for Android
-CVE-2017-13213
+CVE-2017-13213 (An elevation of privilege vulnerability in the Broadcom bcmdhd driver. ...)
 	NOT-FOR-US: Broadcom component for Android
-CVE-2017-13212
+CVE-2017-13212 (An elevation of privilege vulnerability in the Android system (systemu ...)
 	NOT-FOR-US: Android
-CVE-2017-13211
+CVE-2017-13211 (In bta_scan_results_cb_impl of btif_ble_scanner.cc, there is possible  ...)
 	NOT-FOR-US: Android
-CVE-2017-13210
+CVE-2017-13210 (In CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp, th ...)
 	NOT-FOR-US: Android
-CVE-2017-13209
+CVE-2017-13209 (In the ServiceManager::add function in the hardware service manager, t ...)
 	NOT-FOR-US: Android
-CVE-2017-13208
+CVE-2017-13208 (In receive_packet of libnetutils/packet.c, there is a possible out-of- ...)
 	NOT-FOR-US: Android
-CVE-2017-13207
+CVE-2017-13207 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13206
+CVE-2017-13206 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13205
+CVE-2017-13205 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13204
+CVE-2017-13204 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13203
+CVE-2017-13203 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13202
+CVE-2017-13202 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13201
+CVE-2017-13201 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13200
+CVE-2017-13200 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13199
+CVE-2017-13199 (In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13198
+CVE-2017-13198 (A vulnerability in the Android media framework (ex) related to composi ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13197
+CVE-2017-13197 (In the ihevcd_parse_slice.c function, slave threads are not joined if  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13196
+CVE-2017-13196 (In several places in ihevcd_decode.c, a dead loop could occur due to i ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13195
+CVE-2017-13195 (In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several pa ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13194
+CVE-2017-13194 (A vulnerability in the Android media framework (libvpx) related to odd ...)
 	{DSA-4132-1 DLA-1290-1}
 	- libvpx 1.7.0-2
 	NOTE: Android patch: https://android.googlesource.com/platform/external/libvpx/+/55cd1dd7c8d0a3de907d22e0f12718733f4e41d9
-CVE-2017-13193
+CVE-2017-13193 (In ihevcd_decode.c there is a possible infinite loop due to bytes for  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13192
+CVE-2017-13192 (In the ihevcd_parse_slice_header function of ihevcd_parse_slice_header ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13191
+CVE-2017-13191 (In the ihevcd_decode function of ihevcd_decode.c, there is an infinite ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13190
+CVE-2017-13190 (A vulnerability in the Android media framework (libhevc) related to ha ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13189
+CVE-2017-13189 (A vulnerability in the Android media framework (libavc) related to han ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13188
+CVE-2017-13188 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13187
+CVE-2017-13187 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13186
+CVE-2017-13186 (A vulnerability in the Android media framework (libavc) related to inc ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13185
+CVE-2017-13185 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13184
+CVE-2017-13184 (In the enableVSyncInjections function of SurfaceFlinger, there is a po ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13183
+CVE-2017-13183 (In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, ther ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13182
+CVE-2017-13182 (In the sendFormatChange function of ACodec, there is a possible intege ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13181
+CVE-2017-13181 (In the doGetThumb and getThumbnail functions of MtpServer, there is a  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13180
+CVE-2017-13180 (In the onQueueFilled function of SoftAVCDec, there is a possible out-o ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13179
+CVE-2017-13179 (In the ihevcd_allocate_static_bufs and ihevcd_create functions of Soft ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13178
+CVE-2017-13178 (In the initDecoder function of SoftAVCDec, there is a possible out-of- ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13177
+CVE-2017-13177 (In several functions of libhevc, NEON registers are not preserved. Thi ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-13176
+CVE-2017-13176 (In the parseURL function of URLStreamHandler, there is improper input  ...)
 	NOT-FOR-US: Android
-CVE-2017-13175
+CVE-2017-13175 (An information disclosure vulnerability in the NVIDIA libwilhelm. Prod ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-13174
+CVE-2017-13174 (An elevation of privilege vulnerability in the kernel edl. Product: An ...)
 	NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline)
-CVE-2017-13173
+CVE-2017-13173 (An elevation of privilege vulnerability in the MediaTek system server. ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-13172
+CVE-2017-13172 (An elevation of privilege vulnerability in the MediaTek bluetooth driv ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-13171
+CVE-2017-13171 (An elevation of privilege vulnerability in the MediaTek performance se ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-13170
+CVE-2017-13170 (An elevation of privilege vulnerability in the MediaTek display driver ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-13169
+CVE-2017-13169 (An information disclosure vulnerability in the kernel camera server. P ...)
 	NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline)
-CVE-2017-13168
+CVE-2017-13168 (An elevation of privilege vulnerability in the kernel scsi driver. Pro ...)
 	- linux 4.17.6-1
 	[stretch] - linux 4.9.130-1
 	NOTE: Fixed by: https://git.kernel.org/linus/26b5b874aff5659a7e26e5b1997e3df2c41fa7fd
-CVE-2017-13167
+CVE-2017-13167 (An elevation of privilege vulnerability in the kernel sound timer. Pro ...)
 	- linux 4.4.2-1
 	[jessie] - linux 3.16.7-ckt25-1
 	NOTE: Fixed by: https://git.kernel.org/linus/c3b1681375dc6e71d89a3ae00cc3ce9e775a8917
 	NOTE: Fixed by: https://git.kernel.org/linus/4dff5c7b7093b19c19d3a100f8a3ad87cb7cd9e7
-CVE-2017-13166
+CVE-2017-13166 (An elevation of privilege vulnerability in the kernel v4l2 video drive ...)
 	{DSA-4187-1 DSA-4120-1 DLA-1369-1}
 	- linux 4.15.4-1
 	NOTE: https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-13166.html
 	NOTE: https://git.kernel.org/linus/a1dfb4c48cc1e64eeb7800a27c66a6f7e88d075a
-CVE-2017-13165
+CVE-2017-13165 (An elevation of privilege vulnerability in the kernel file system. Pro ...)
 	NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline)
-CVE-2017-13164
+CVE-2017-13164 (An information disclosure vulnerability in the kernel binder driver. P ...)
 	NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline)
-CVE-2017-13163
+CVE-2017-13163 (An elevation of privilege vulnerability in the kernel mtp usb driver.  ...)
 	NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline)
-CVE-2017-13162
+CVE-2017-13162 (An elevation of privilege vulnerability in the kernel binder. Product: ...)
 	NOT-FOR-US: Android kernel components (no source release, so apparently not present in mainline)
-CVE-2017-13161
+CVE-2017-13161 (An elevation of privilege vulnerability in the Broadcom wireless drive ...)
 	NOT-FOR-US: Broadcom components for Android
-CVE-2017-13160
+CVE-2017-13160 (A remote code execution vulnerability in the Android system (bluetooth ...)
 	NOT-FOR-US: Android
-CVE-2017-13159
+CVE-2017-13159 (An information disclosure vulnerability in the Android system (activit ...)
 	NOT-FOR-US: Android
-CVE-2017-13158
+CVE-2017-13158 (An information disclosure vulnerability in the Android system (activit ...)
 	NOT-FOR-US: Android
-CVE-2017-13157
+CVE-2017-13157 (An information disclosure vulnerability in the Android system (activit ...)
 	NOT-FOR-US: Android
-CVE-2017-13156
+CVE-2017-13156 (An elevation of privilege vulnerability in the Android system (art). P ...)
 	- android-platform-system-core <not-affected> (Not exploitable on Debian, see #890949)
 CVE-2017-13155
 	RESERVED
-CVE-2017-13154
+CVE-2017-13154 (An elevation of privilege vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13153
+CVE-2017-13153 (An elevation of privilege vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13152
+CVE-2017-13152 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13151
+CVE-2017-13151 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13150
+CVE-2017-13150 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13149
+CVE-2017-13149 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13148
+CVE-2017-13148 (A denial of service vulnerability in the Android media framework (libm ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-13147
+CVE-2017-13147 (In GraphicsMagick 1.3.26, an allocation failure vulnerability was foun ...)
 	- graphicsmagick 1.3.27-1 (unimportant)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/446/
-CVE-2017-13146
+CVE-2017-13146 (In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memor ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870013)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/437a35e57db5ec078f4a3ccbf71f941276e88430
-CVE-2017-13141
+CVE-2017-13141 (In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file c ...)
 	{DSA-4019-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870116)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/600
-CVE-2017-13138
+CVE-2017-13138 (DOM based Cross-site scripting (XSS) vulnerability in the Bridge theme ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2017-13137
+CVE-2017-13137 (The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in th ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-13136
+CVE-2017-13136 (The image_alloc function in bpgenc.c in libbpg 0.9.7 has an integer ov ...)
 	NOT-FOR-US: libbpg
-CVE-2017-13135
+CVE-2017-13135 (A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg  ...)
 	- x265 2.6-3
 	[stretch] - x265 <no-dsa> (Minor issue)
 	NOTE: https://github.com/ebel34/bpg-web-encoder/issues/1
 	NOTE: https://bitbucket.org/multicoreware/x265/issues/385/cve-2017-13135
 	NOTE: https://bitbucket.org/multicoreware/x265/commits/78c0f2c8ba087b38e291226a9555b4b4dab323a5/raw
-CVE-2017-13134
+CVE-2017-13134 (In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer  ...)
 	{DSA-4321-1 DSA-4040-1 DSA-4032-1 DLA-1401-1 DLA-1170-1 DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #873099)
 	- graphicsmagick 1.3.26-19 (bug #881524)
@@ -15233,7 +15233,7 @@ CVE-2017-13134
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5304ae14655a67b9a3db00563fe44d9abd6de4f0
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/1b234b4fe2ec864b2d5af898a31c06c9736da904
 	NOTE: GraphicsMagick: http://hg.code.sf.net/p/graphicsmagick/code/rev/1b47e0078e05
-CVE-2017-13133
+CVE-2017-13133 (In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks  ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #873100)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -15241,19 +15241,19 @@ CVE-2017-13133
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/679
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/19dbe11c5060f66abb393d1945107c5f54894fa8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/fad03699658d2607562a8487c944c300d59a1ca5
-CVE-2017-13132
+CVE-2017-13132 (In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c ope ...)
 	- imagemagick <not-affected> (Vulnerable code not present, introduced in 7.0.1-0)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/674
-CVE-2017-13131
+CVE-2017-13131 (In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the f ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/676
-CVE-2017-13130
+CVE-2017-13130 (mcmnm in BMC Patrol allows local users to gain privileges via a crafte ...)
 	NOT-FOR-US: BMC Patrol
-CVE-2017-13129
+CVE-2017-13129 (Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2 ...)
 	NOT-FOR-US: ZKTeco ZKTime Web
 CVE-2017-13128
 	RESERVED
-CVE-2017-13127
+CVE-2017-13127 (The VIP.com application for IOS and Android allows remote attackers to ...)
 	NOT-FOR-US: VIP.com app
 CVE-2017-13126
 	REJECTED
@@ -15291,29 +15291,29 @@ CVE-2017-13110
 	REJECTED
 CVE-2017-13109
 	REJECTED
-CVE-2017-13108
+CVE-2017-13108 (DFNDR Security Antivirus, Anti-hacking &amp; Cleaner, 5.0.9, 2017-11-0 ...)
 	NOT-FOR-US: DFNDR Security Antivirus, Anti-hacking & Cleaner
-CVE-2017-13107
+CVE-2017-13107 (Live.me - live stream video chat, 3.7.20, 2017-11-06, Android applicat ...)
 	NOT-FOR-US: Live.me - live stream video chat Android application
-CVE-2017-13106
+CVE-2017-13106 (Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient, 5. ...)
 	NOT-FOR-US: Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient Android application
-CVE-2017-13105
+CVE-2017-13105 (Hi Security Virus Cleaner - Antivirus, Booster, 3.7.1.1329, 2017-09-13 ...)
 	NOT-FOR-US: Hi Security Virus Cleaner - Antivirus, Booster Android application
-CVE-2017-13104
+CVE-2017-13104 (Uber Technologies, Inc. UberEATS: Uber for Food Delivery, 1.108.10001, ...)
 	NOT-FOR-US: Uber Technologies, Inc. UberEATS: Uber for Food Delivery iOS application
 CVE-2017-13103
 	REJECTED
-CVE-2017-13102
+CVE-2017-13102 (Gameloft Asphalt Xtreme: Offroad Rally Racing, 1.6.0, 2017-08-13, iOS  ...)
 	NOT-FOR-US: Gameloft Asphalt Xtreme: Offroad Rally Racing iOS application
-CVE-2017-13101
+CVE-2017-13101 (Musical.ly Inc., musical.ly - your video social network, 6.1.6, 2017-1 ...)
 	NOT-FOR-US: Musical.ly Inc., musical.ly - your video social network iOS application
-CVE-2017-13100
+CVE-2017-13100 (DistinctDev, Inc., The Moron Test, 6.3.1, 2017-05-04, iOS application  ...)
 	NOT-FOR-US: DistinctDev, Inc., The Moron Test iOS application
-CVE-2017-13099
+CVE-2017-13099 (wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle  ...)
 	- wolfssl 3.13.0+dfsg-1 (bug #884235)
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/1229
 	NOTE: https://robotattack.org/
-CVE-2017-13098
+CVE-2017-13098 (BouncyCastle TLS prior to version 1.0.3, when configured to use the JC ...)
 	{DSA-4072-1}
 	- bouncycastle 1.58-1 (bug #884241)
 	[jessie] - bouncycastle <not-affected> (Vulnerable code introduced in 1.56 with tls API addition)
@@ -15322,43 +15322,43 @@ CVE-2017-13098
 	NOTE: Fixed by: https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c
 	NOTE: Fixed in 1.59 beta 9
 	NOTE: https://robotattack.org/
-CVE-2017-13097
+CVE-2017-13097 (The P1735 IEEE standard describes flawed methods for encrypting electr ...)
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13096
+CVE-2017-13096 (The P1735 IEEE standard describes flawed methods for encrypting electr ...)
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13095
+CVE-2017-13095 (The P1735 IEEE standard describes flawed methods for encrypting electr ...)
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13094
+CVE-2017-13094 (The P1735 IEEE standard describes flawed methods for encrypting electr ...)
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13093
+CVE-2017-13093 (The P1735 IEEE standard describes flawed methods for encrypting electr ...)
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13092
+CVE-2017-13092 (The P1735 IEEE standard describes flawed methods for encrypting electr ...)
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13091
+CVE-2017-13091 (The P1735 IEEE standard describes flawed methods for encrypting electr ...)
 	NOT-FOR-US: P1735 IEEE standard
-CVE-2017-13090
+CVE-2017-13090 (The retr.c:fd_read_body() function is called when processing OK respon ...)
 	{DSA-4008-1 DLA-1149-1}
 	- wget 1.19.2-1 (bug #879957)
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=ba6b44f6745b14dce414761a8e4b35d31b176bba
-CVE-2017-13089
+CVE-2017-13089 (The http.c:skip_short_body() function is called in some circumstances, ...)
 	{DSA-4008-1 DLA-1149-1}
 	- wget 1.19.2-1 (bug #879957)
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=d892291fb8ace4c3b734ea5125770989c215df3f
-CVE-2017-13088
+CVE-2017-13088 (Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows rein ...)
 	{DSA-3999-1 DLA-1150-1}
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
-CVE-2017-13087
+CVE-2017-13087 (Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows rein ...)
 	{DSA-3999-1 DLA-1150-1}
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
-CVE-2017-13086
+CVE-2017-13086 (Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tun ...)
 	{DSA-3999-1 DLA-1150-1}
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
 CVE-2017-13085
 	RESERVED
-CVE-2017-13084
+CVE-2017-13084 (Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Sta ...)
 	- wpa <unfixed> (unimportant)
 	NOTE: From https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
 	NOTE: As far as the related CVE-2017-13084 (reinstallation of the STK key in
@@ -15367,20 +15367,20 @@ CVE-2017-13084
 	NOTE: installation of the key into the driver does not work. As such, this
 	NOTE: item is not applicable in practice. Furthermore, the PeerKey handshake
 	NOTE: for IEEE 802.11e DLS is obsolete and not known to have been deployed.
-CVE-2017-13083
+CVE-2017-13083 (Akeo Consulting Rufus prior to version 2.17.1187 does not adequately v ...)
 	NOT-FOR-US: Akeo Consulting Rufus
-CVE-2017-13082
+CVE-2017-13082 (Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allow ...)
 	{DSA-3999-1 DLA-1150-1}
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
-CVE-2017-13081
+CVE-2017-13081 (Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allow ...)
 	{DSA-3999-1 DLA-1573-1 DLA-1150-1}
 	- firmware-nonfree 20180825-1
 	[stretch] - firmware-nonfree 20161130-4
 	[jessie] - firmware-nonfree <no-dsa> (non-free not supported)
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
-CVE-2017-13080
+CVE-2017-13080 (Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Gro ...)
 	{DSA-3999-1 DLA-1573-1 DLA-1200-1 DLA-1150-1}
 	- firmware-nonfree 20180825-1
 	[stretch] - firmware-nonfree 20161130-4
@@ -15391,21 +15391,21 @@ CVE-2017-13080
 	[jessie] - linux 3.16.51-1
 	NOTE: https://w1.fi/security/2017-1/
 	NOTE: https://git.kernel.org/linus/fdf7cb4185b60c68e1a75e61691c4afdc15dea0e (v4.14-rc6)
-CVE-2017-13079
+CVE-2017-13079 (Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allow ...)
 	{DSA-3999-1 DLA-1573-1 DLA-1150-1}
 	- firmware-nonfree 20180825-1
 	[stretch] - firmware-nonfree 20161130-4
 	[jessie] - firmware-nonfree <no-dsa> (non-free not supported)
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
-CVE-2017-13078
+CVE-2017-13078 (Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Gro ...)
 	{DSA-3999-1 DLA-1573-1 DLA-1150-1}
 	- firmware-nonfree 20180825-1
 	[stretch] - firmware-nonfree 20161130-4
 	[jessie] - firmware-nonfree <no-dsa> (non-free not supported)
 	- wpa 2:2.4-1.1
 	NOTE: https://w1.fi/security/2017-1/
-CVE-2017-13077
+CVE-2017-13077 (Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pai ...)
 	{DSA-3999-1 DLA-1573-1 DLA-1150-1}
 	- firmware-nonfree 20180825-1
 	[stretch] - firmware-nonfree 20161130-4
@@ -15418,42 +15418,42 @@ CVE-2017-13075
 	RESERVED
 CVE-2017-13074
 	RESERVED
-CVE-2017-13073
+CVE-2017-13073 (Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo ...)
 	NOT-FOR-US: NAP NAS application Photo Station
-CVE-2017-13072
+CVE-2017-13072 (Cross-site scripting (XSS) vulnerability in App Center in QNAP QTS 4.2 ...)
 	NOT-FOR-US: QNAP
-CVE-2017-13071
+CVE-2017-13071 (QNAP has already patched this vulnerability. This security concern all ...)
 	NOT-FOR-US: QNAP
-CVE-2017-13070
+CVE-2017-13070 (A DLL Hijacking vulnerability in QNAP Qsync for Windows (exe) version  ...)
 	NOT-FOR-US: QNAP
-CVE-2017-13069
+CVE-2017-13069 (QNAP discovered a number of command injection vulnerabilities found in ...)
 	NOT-FOR-US: QNAP
-CVE-2017-13068
+CVE-2017-13068 (QNAP has already patched this vulnerability. This security concern all ...)
 	NOT-FOR-US: QNAP
-CVE-2017-13067
+CVE-2017-13067 (QNAP has patched a remote code execution vulnerability affecting the Q ...)
 	NOT-FOR-US: QNAP
-CVE-2017-13066
+CVE-2017-13066 (GraphicsMagick 1.3.26 has a memory leak vulnerability in the function  ...)
 	- graphicsmagick 1.3.27-1 (unimportant)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/430/
-CVE-2017-13065
+CVE-2017-13065 (GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in  ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-7 (bug #873119)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/435/
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a
-CVE-2017-13064
+CVE-2017-13064 (GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability i ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-7 (bug #873129)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/436/
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a
-CVE-2017-13063
+CVE-2017-13063 (GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability i ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-7 (bug #873130)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/434/
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a
-CVE-2017-13062
+CVE-2017-13062 (In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the f ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/669
-CVE-2017-13061
+CVE-2017-13061 (In ImageMagick 7.0.6-5, a length-validation vulnerability was found in ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #873131)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
@@ -15461,262 +15461,262 @@ CVE-2017-13061
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/645
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/90ed66889d6455a1d7f36e939977fa099e2d7ca7
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/90ed66889d6455a1d7f36e939977fa099e2d7ca7
-CVE-2017-13060
+CVE-2017-13060 (In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the f ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/644
-CVE-2017-13059
+CVE-2017-13059 (In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the f ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/667
-CVE-2017-13058
+CVE-2017-13058 (In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the f ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/666
 CVE-2017-13057
 	RESERVED
-CVE-2017-13056
+CVE-2017-13056 (The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might a ...)
 	NOT-FOR-US: PDF-XChange Viewer
-CVE-2017-13055
+CVE-2017-13055 (The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13054
+CVE-2017-13054 (The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13053
+CVE-2017-13053 (The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13052
+CVE-2017-13052 (The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13051
+CVE-2017-13051 (The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13050
+CVE-2017-13050 (The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read  ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13049
+CVE-2017-13049 (The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read  ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13048
+CVE-2017-13048 (The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13047
+CVE-2017-13047 (The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13046
+CVE-2017-13046 (The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13045
+CVE-2017-13045 (The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13044
+CVE-2017-13044 (The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13043
+CVE-2017-13043 (The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13042
+CVE-2017-13042 (The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13041
+CVE-2017-13041 (The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in pr ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13040
+CVE-2017-13040 (The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in pri ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13039
+CVE-2017-13039 (The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in pr ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13038
+CVE-2017-13038 (The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13037
+CVE-2017-13037 (The IP parser in tcpdump before 4.9.2 has a buffer over-read in print- ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13036
+CVE-2017-13036 (The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in pr ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13035
+CVE-2017-13035 (The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13034
+CVE-2017-13034 (The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13033
+CVE-2017-13033 (The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13032
+CVE-2017-13032 (The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in pr ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13031
+CVE-2017-13031 (The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buf ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13030
+CVE-2017-13030 (The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13029
+CVE-2017-13029 (The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13028
+CVE-2017-13028 (The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in pri ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13027
+CVE-2017-13027 (The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13026
+CVE-2017-13026 (The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13025
+CVE-2017-13025 (The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-rea ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13024
+CVE-2017-13024 (The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-rea ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13023
+CVE-2017-13023 (The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-rea ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13022
+CVE-2017-13022 (The IP parser in tcpdump before 4.9.2 has a buffer over-read in print- ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13021
+CVE-2017-13021 (The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in pr ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13020
+CVE-2017-13020 (The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13019
+CVE-2017-13019 (The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13018
+CVE-2017-13018 (The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13017
+CVE-2017-13017 (The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in pr ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13016
+CVE-2017-13016 (The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13015
+CVE-2017-13015 (The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13014
+CVE-2017-13014 (The White Board protocol parser in tcpdump before 4.9.2 has a buffer o ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13013
+CVE-2017-13013 (The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13012
+CVE-2017-13012 (The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13011
+CVE-2017-13011 (Several protocol parsers in tcpdump before 4.9.2 could cause a buffer  ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13010
+CVE-2017-13010 (The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13009
+CVE-2017-13009 (The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-rea ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13008
+CVE-2017-13008 (The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read  ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13007
+CVE-2017-13007 (The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read  ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13006
+CVE-2017-13006 (The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13005
+CVE-2017-13005 (The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13004
+CVE-2017-13004 (The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13003
+CVE-2017-13003 (The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13002
+CVE-2017-13002 (The AODV parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13001
+CVE-2017-13001 (The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-13000
+CVE-2017-13000 (The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-rea ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12999
+CVE-2017-12999 (The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in pri ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12998
+CVE-2017-12998 (The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in pri ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12997
+CVE-2017-12997 (The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop d ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12996
+CVE-2017-12996 (The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in pri ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12995
+CVE-2017-12995 (The DNS parser in tcpdump before 4.9.2 could enter an infinite loop du ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12994
+CVE-2017-12994 (The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12993
+CVE-2017-12993 (The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12992
+CVE-2017-12992 (The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in pri ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12991
+CVE-2017-12991 (The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12990
+CVE-2017-12990 (The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12989
+CVE-2017-12989 (The RESP parser in tcpdump before 4.9.2 could enter an infinite loop d ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12988
+CVE-2017-12988 (The telnet parser in tcpdump before 4.9.2 has a buffer over-read in pr ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12987
+CVE-2017-12987 (The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read  ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12986
+CVE-2017-12986 (The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer ov ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12985
+CVE-2017-12985 (The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12984
+CVE-2017-12984 (PHPMyWind 5.3 has XSS in shoppingcart.php, related to message.php, adm ...)
 	NOT-FOR-US: PHPMyWind
-CVE-2017-12983
+CVE-2017-12983 (Heap-based buffer overflow in the ReadSFWImage function in coders/sfw. ...)
 	{DSA-4040-1 DSA-4032-1 DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #873134)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/682
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d4145e664aea3752ca6d3bf1ee825352b595dab5
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/26078285f49c361ad8ddc8e14bd1d4aab7ed5682
-CVE-2017-12981
+CVE-2017-12981 (NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via t ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12980
+CVE-2017-12980 (DokuWiki through 2017-02-19c has stored XSS when rendering a malicious ...)
 	- dokuwiki 0.0.20180422.a-1 (bug #872941)
 	[jessie] - dokuwiki <no-dsa> (Minor issue)
 	[wheezy] - dokuwiki <no-dsa> (Minor issue)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/2081
 	NOTE: https://github.com/splitbrain/dokuwiki/commit/f883db117a4fdeae72071db41b3ef5932d6335da
-CVE-2017-12979
+CVE-2017-12979 (DokuWiki through 2017-02-19c has stored XSS when rendering a malicious ...)
 	- dokuwiki 0.0.20180422.a-1 (bug #872940)
 	[jessie] - dokuwiki <no-dsa> (Minor issue)
 	[wheezy] - dokuwiki <no-dsa> (Minor issue)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/2080
 	NOTE: https://github.com/splitbrain/dokuwiki/commit/56bd9509ab2037512829392fda6427af7f390724
-CVE-2017-12978
+CVE-2017-12978 (lib/html.php in Cacti before 1.1.18 has XSS via the title field of an  ...)
 	- cacti 1.1.18+ds1-1
 	[stretch] - cacti <not-affected> (Vulnerable code, external link support, introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code, external link support, introduced later)
 	[wheezy] - cacti <not-affected> (Vulnerable code, external link support, introduced later)
 	NOTE: https://github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24
 	NOTE: https://github.com/Cacti/cacti/issues/918
-CVE-2017-12977
+CVE-2017-12977 (The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin ...)
 	NOT-FOR-US: Web-Dorado plugin for Wordpress
 CVE-2017-1000216
 	REJECTED
@@ -15752,19 +15752,19 @@ CVE-2017-1000124
 	REJECTED
 CVE-2017-1000123
 	REJECTED
-CVE-2017-12982
+CVE-2017-12982 (The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG  ...)
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/983
 	NOTE: https://github.com/uclouvain/openjpeg/commit/baf0c1ad4572daa89caa3b12985bdd93530f0dd7
 CVE-2017-12975
 	RESERVED
-CVE-2017-12974
+CVE-2017-12974 (Nimbus JOSE+JWT before 4.36 proceeds with ECKey construction without e ...)
 	NOT-FOR-US: Nimbus JOSE + JWT
-CVE-2017-12973
+CVE-2017-12973 (Nimbus JOSE+JWT before 4.39 proceeds improperly after detection of an  ...)
 	NOT-FOR-US: Nimbus JOSE + JWT
-CVE-2017-12972
+CVE-2017-12972 (In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check whe ...)
 	NOT-FOR-US: Nimbus JOSE + JWT
-CVE-2017-12976
+CVE-2017-12976 (git-annex before 6.20170818 allows remote attackers to execute arbitra ...)
 	{DSA-4010-1 DLA-1495-1 DLA-1144-1}
 	- git-annex 6.20170818-1 (bug #873088)
 	NOTE: http://source.git-annex.branchable.com/?p=source.git;a=commit;h=df11e54788b254efebb4898b474de11ae8d3b471
@@ -15773,182 +15773,182 @@ CVE-2017-12976
 	NOTE: jessie patch: https://gitlab.com/anarcat/git-annex/commit/58daf6cbe4c1ea1cf71f3a538a0e27b5075c7265
 	NOTE: stretch patch: https://gitlab.com/anarcat/git-annex/commit/115585df48dce16aa702663dab220de625b9de7d
 	NOTE: This is similar class of issue as for CVE-2017-1000117/git
-CVE-2017-12971
+CVE-2017-12971 (Cross-site scripting (XSS) vulnerability in Apache2Triad 1.5.4 allows  ...)
 	NOT-FOR-US: Apache2Triad
-CVE-2017-12970
+CVE-2017-12970 (Cross-site request forgery (CSRF) vulnerability in Apache2Triad 1.5.4  ...)
 	NOT-FOR-US: Apache2Triad
-CVE-2017-12969
+CVE-2017-12969 (Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Ava ...)
 	NOT-FOR-US: Avaya IP Office Contact Center
 CVE-2017-12968
 	RESERVED
-CVE-2017-12967
+CVE-2017-12967 (The getsym function in tekhex.c in the Binary File Descriptor (BFD) li ...)
 	- binutils 2.29-5
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21962
-CVE-2017-12966
+CVE-2017-12966 (The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1 ...)
 	- asn1c <unfixed> (unimportant)
-CVE-2017-12965
+CVE-2017-12965 (Session fixation vulnerability in Apache2Triad 1.5.4 allows remote att ...)
 	NOT-FOR-US: Apache2Triad
-CVE-2017-12964
+CVE-2017-12964 (There is a stack consumption issue in LibSass 3.4.5 that is triggered  ...)
 	- libsass <unfixed> (low; bug #873034)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482397
-CVE-2017-12963
+CVE-2017-12963 (There is an illegal address access in Sass::Eval::operator() in eval.c ...)
 	- libsass <unfixed> (low; bug #873034)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482335
 	NOTE: Similar issue to CVE-2017-11555 but for the issue which remains unfixed
 	NOTE: with the upstream patch for CVE-2017-11555.
-CVE-2017-12962
+CVE-2017-12962 (There are memory leaks in LibSass 3.4.5 triggered by deeply nested cod ...)
 	- libsass <unfixed> (low; bug #873034)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482331
-CVE-2017-12961
+CVE-2017-12961 (There is an assertion abort in the function parse_attributes() in data ...)
 	- pspp 1.0.1-1 (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482436
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-12960
+CVE-2017-12960 (There is a reachable assertion abort in the function dict_rename_var() ...)
 	- pspp 1.0.1-1 (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482433
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-12959
+CVE-2017-12959 (There is a reachable assertion abort in the function dict_add_mrset()  ...)
 	- pspp 1.0.1-1 (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482432
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-12958
+CVE-2017-12958 (There is an illegal address access in the function output_hex() in dat ...)
 	- pspp 1.0.1-1 (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482429
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-12957
+CVE-2017-12957 (There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that  ...)
 	- exiv2 <not-affected> (Incorrect memory allocation introduced in 0.26)
 	NOTE: https://github.com/Exiv2/exiv2/issues/60
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482423
 	NOTE: Experimental is affected, tracking as #876242
-CVE-2017-12956
+CVE-2017-12956 (There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() ...)
 	[experimental] - exiv2 <unfixed> (low; bug #888872)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/59
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482296
 	NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1) => "The file contains data of an unknown image type"
 	NOTE: Reproducible in experimental (0.26-1).
-CVE-2017-12955
+CVE-2017-12955 (There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. Th ...)
 	[experimental] - exiv2 <unfixed> (bug #888873)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/58
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482295
 	NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1) => "The memory contains data of an unknown image type"
 	NOTE: Reproducible in experimental (0.26-1).
-CVE-2017-12954
+CVE-2017-12954 (The gig::Region::GetSampleFromWavePool function in gig.cpp in libgig 4 ...)
 	- libgig 4.0.0-5 (low; bug #877652)
 	[stretch] - libgig <no-dsa> (Minor issue)
 	[jessie] - libgig <no-dsa> (Minor issue)
 	[wheezy] - libgig <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files)
 	NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3350
-CVE-2017-12953
+CVE-2017-12953 (The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in libgi ...)
 	- libgig 4.0.0-4 (low; bug #873718)
 	[stretch] - libgig <no-dsa> (Minor issue)
 	[jessie] - libgig <no-dsa> (Minor issue)
 	[wheezy] - libgig <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files)
 	NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348
-CVE-2017-12952
+CVE-2017-12952 (The LoadString function in helper.h in libgig 4.0.0 allows remote atta ...)
 	- libgig 4.0.0-4 (low; bug #873718)
 	[stretch] - libgig <no-dsa> (Minor issue)
 	[jessie] - libgig <no-dsa> (Minor issue)
 	[wheezy] - libgig <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files)
 	NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348
-CVE-2017-12951
+CVE-2017-12951 (The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in l ...)
 	- libgig 4.0.0-5 (low; bug #877651)
 	[stretch] - libgig <no-dsa> (Minor issue)
 	[jessie] - libgig <no-dsa> (Minor issue)
 	[wheezy] - libgig <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files)
 	NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3349
-CVE-2017-12950
+CVE-2017-12950 (The gig::Region::Region function in gig.cpp in libgig 4.0.0 allows rem ...)
 	- libgig 4.0.0-4 (low; bug #873718)
 	[stretch] - libgig <no-dsa> (Minor issue)
 	[jessie] - libgig <no-dsa> (Minor issue)
 	[wheezy] - libgig <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files)
 	NOTE: http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348
-CVE-2017-12949
+CVE-2017-12949 (lib\modules\contributors\contributor_list_table.php in the Podlove Pod ...)
 	NOT-FOR-US: Podlove Podcast Publisher plugin for Wordpress
-CVE-2017-12948
+CVE-2017-12948 (Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlie ...)
 	NOT-FOR-US: PressForward plugin for Wordpress
-CVE-2017-12947
+CVE-2017-12947 (classes\controller\admin\modals.php in the Easy Modal plugin before 2. ...)
 	NOT-FOR-US: Easy Modal plugin for WordPress
-CVE-2017-12946
+CVE-2017-12946 (classes\controller\admin\modals.php in the Easy Modal plugin before 2. ...)
 	NOT-FOR-US: Easy Modal plugin for WordPress
 CVE-2017-12945
 	RESERVED
-CVE-2017-12944
+CVE-2017-12944 (The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mish ...)
 	{DSA-4100-1 DLA-1093-1}
 	- tiff 4.0.8-6 (bug #872607)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (Vulnerable code not present)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2725
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/dc02f9050311a90b3c0655147cee09bfa7081cfc
-CVE-2017-12943
+CVE-2017-12943 (D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attacker ...)
 	NOT-FOR-US: D-Link DIR-600 Rev Bx devices
-CVE-2017-12939
+CVE-2017-12939 (A Remote Code Execution vulnerability was identified in all Windows ve ...)
 	NOT-FOR-US: Unity Editor
-CVE-2017-12942
+CVE-2017-12942 (libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack:: ...)
 	- unrar-nonfree 1:5.5.8-1
 	[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/6
-CVE-2017-12941
+CVE-2017-12941 (libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpa ...)
 	- unrar-nonfree 1:5.5.8-1
 	[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/6
-CVE-2017-12940
+CVE-2017-12940 (libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Enco ...)
 	- unrar-nonfree 1:5.5.8-1
 	[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/6
-CVE-2017-12938
+CVE-2017-12938 (UnRAR before 5.5.7 allows remote attackers to bypass a directory-trave ...)
 	- unrar-nonfree 1:5.5.8-1
 	[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[jessie] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/2
-CVE-2017-12937
+CVE-2017-12937 (The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-6 (bug #872574)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/5
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/95d00d55e978
-CVE-2017-12936
+CVE-2017-12936 (The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-6 (bug #872575)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/3
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/be898b7c97bd
-CVE-2017-12935
+CVE-2017-12935 (The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mis ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1082-1}
 	- graphicsmagick 1.3.26-6 (bug #872576)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/18/4
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/cd699a44f188
-CVE-2017-12934
+CVE-2017-12934 (ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x  ...)
 	{DSA-4080-1}
 	- php7.1 7.1.8-1
 	- php7.0 7.0.22-1
 	NOTE: Fixed in 7.1.7, 7.0.21
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74101
-CVE-2017-12933
+CVE-2017-12933 (The finish_nested_data function in ext/standard/var_unserializer.re in ...)
 	{DSA-4081-1 DSA-4080-1 DLA-1076-1}
 	- php7.1 7.1.8-1
 	- php7.0 7.0.22-1
 	- php5 <removed>
 	NOTE: Fixed in 7.1.7, 7.0.21, 5.6.31
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74111
-CVE-2017-12932
+CVE-2017-12932 (ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x ...)
 	{DSA-4080-1}
 	- php7.1 7.1.8-1
 	- php7.0 7.0.22-1
@@ -15957,11 +15957,11 @@ CVE-2017-12932
 	NOTE: https://github.com/php/php-src/commit/1a23ebc1fff59bf480ca92963b36eba5c1b904c4
 CVE-2017-12931
 	RESERVED
-CVE-2017-12930
+CVE-2017-12930 (SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 v ...)
 	NOT-FOR-US: TecnoVISION DLX Spot Player4
-CVE-2017-12929
+CVE-2017-12929 (Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4  ...)
 	NOT-FOR-US: TecnoVISION DLX Spot Player4
-CVE-2017-12928
+CVE-2017-12928 (A hard-coded password of tecn0visi0n for the dlxuser account in TecnoV ...)
 	NOT-FOR-US: TecnoVISION DLX Spot Player4
 CVE-2017-12926
 	RESERVED
@@ -15977,89 +15977,89 @@ CVE-2017-12914
 	RESERVED
 CVE-2017-12913
 	RESERVED
-CVE-2017-12912
+CVE-2017-12912 (The "mpglibDBL/layer3.c" file in MP3Gain 1.5.2.r2 has a vulnerability  ...)
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://drive.google.com/open?id=0B9DojFnTUSNGeS1hZlJkeGVkYlU
-CVE-2017-12911
+CVE-2017-12911 (The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which resu ...)
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life>
 	NOTE: https://drive.google.com/open?id=0B9DojFnTUSNGeS1hZlJkeGVkYlU
-CVE-2017-12910
+CVE-2017-12910 (SQL injection vulnerability in massmail.php in NexusPHP 1.5 allows rem ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12909
+CVE-2017-12909 (SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remo ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12908
+CVE-2017-12908 (SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows  ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12907
+CVE-2017-12907 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the url ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12906
+CVE-2017-12906 (Multiple cross-site scripting (XSS) vulnerabilities in NexusPHP allow  ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12905
+CVE-2017-12905 (Server Side Request Forgery vulnerability in Vebto Pixie Image Editor  ...)
 	NOT-FOR-US: Vebto Pixie Image Editor
-CVE-2017-12904
+CVE-2017-12904 (Improper Neutralization of Special Elements used in an OS Command in b ...)
 	{DSA-3947-1 DLA-1061-1}
 	- newsbeuter 2.9-6
 	NOTE: https://github.com/akrennmair/newsbeuter/issues/591
 	NOTE: https://github.com/akrennmair/newsbeuter/commit/96e9506ae9e252c548665152d1b8968297128307
 CVE-2017-12903
 	RESERVED
-CVE-2017-12902
+CVE-2017-12902 (The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in pr ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12901
+CVE-2017-12901 (The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in pri ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12900
+CVE-2017-12900 (Several protocol parsers in tcpdump before 4.9.2 could cause a buffer  ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12899
+CVE-2017-12899 (The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in pr ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12898
+CVE-2017-12898 (The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12897
+CVE-2017-12897 (The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in  ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12896
+CVE-2017-12896 (The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in pr ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12895
+CVE-2017-12895 (The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in prin ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12894
+CVE-2017-12894 (Several protocol parsers in tcpdump before 4.9.2 could cause a buffer  ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12893
+CVE-2017-12893 (The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in  ...)
 	{DSA-3971-1 DLA-1097-1}
 	- tcpdump 4.9.2-1
-CVE-2017-12925
+CVE-2017-12925 (Double free vulnerability in DfFromLB in docfile.cxx in libfpx 1.3.1_p ...)
 	NOT-FOR-US: libfpx
-CVE-2017-12924
+CVE-2017-12924 (CDirVector::GetTable in dirfunc.hxx in libfpx 1.3.1_p6 allows remote a ...)
 	NOT-FOR-US: libfpx
-CVE-2017-12923
+CVE-2017-12923 (OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remo ...)
 	NOT-FOR-US: libfpx
-CVE-2017-12922
+CVE-2017-12922 (wchar.c in libfpx 1.3.1_p6 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: libfpx
-CVE-2017-12921
+CVE-2017-12921 (PFileFlashPixView::GetGlobalInfoProperty in f_fpxvw.cpp in libfpx 1.3. ...)
 	NOT-FOR-US: libfpx
-CVE-2017-12920
+CVE-2017-12920 (CDirectory::GetDirEntry in dir.cxx in libfpx 1.3.1_p6 allows remote at ...)
 	NOT-FOR-US: libfpx
-CVE-2017-12919
+CVE-2017-12919 (Heap-based buffer overflow in OLEStream::WriteVT_LPSTR in olestrm.cpp  ...)
 	NOT-FOR-US: libfpx
-CVE-2017-12927
+CVE-2017-12927 (A cross-site scripting vulnerability exists in Cacti 1.1.17 in the met ...)
 	- cacti 1.1.17+ds1-2 (bug #872478)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later)
 	[wheezy] - cacti <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Cacti/cacti/issues/907
 	NOTE: https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99
-CVE-2017-1000108
+CVE-2017-1000108 (The Pipeline: Input Step Plugin by default allowed users with Item/Rea ...)
 	NOT-FOR-US: Jenkins Input Step Plugin
-CVE-2017-1000107
+CVE-2017-1000107 (Script Security Plugin did not apply sandboxing restrictions to constr ...)
 	NOT-FOR-US: Jenkins Script Security Plugin
-CVE-2017-12892
+CVE-2017-12892 (Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2. ...)
 	NOT-FOR-US: Foxit PDF Compressor
 CVE-2017-12891
 	RESERVED
@@ -16077,7 +16077,7 @@ CVE-2017-12885
 	RESERVED
 CVE-2017-12884
 	RESERVED
-CVE-2017-12883
+CVE-2017-12883 (Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 ...)
 	{DSA-3982-1}
 	- perl 5.26.0-8 (bug #875597)
 	[wheezy] - perl <not-affected> (Vulnerable code introduced later)
@@ -16085,28 +16085,28 @@ CVE-2017-12883
 	NOTE: https://perl5.git.perl.org/perl.git/commitdiff/2be4edede4ae226e2eebd4eff28cedd2041f300f
 	NOTE: maint-5.26: https://perl5.git.perl.org/perl.git/commitdiff/2692dda97731c37082a0075eff50d741901c665f
 	NOTE: maint-5.24: https://perl5.git.perl.org/perl.git/commitdiff/40b3cdad3649334585cee8f4630ec9a025e62be6
-CVE-2017-12882
+CVE-2017-12882 (Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin  ...)
 	NOT-FOR-US: Spring Batch Admin
-CVE-2017-12881
+CVE-2017-12881 (Cross-site request forgery (CSRF) vulnerability in the Spring Batch Ad ...)
 	NOT-FOR-US: Spring Batch Admin
 CVE-2017-12880
 	REJECTED
-CVE-2017-12879
+CVE-2017-12879 (Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR SENS ...)
 	NOT-FOR-US: Paessler PRTG Network Monitor
 CVE-2017-12878
 	RESERVED
-CVE-2017-12877
+CVE-2017-12877 (Use-after-free vulnerability in the DestroyImage function in image.c i ...)
 	{DSA-4074-1 DSA-4040-1 DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #872373)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/662
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/98dda239ec398dd56453460849b4c9057fc424e5
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/04178de2247e353fc095846784b9a10fefdbf890
 	NOTE: This doesn't affect the base releases, but got introduced via security fixes, which got backported to older suites
-CVE-2017-12876
+CVE-2017-12876 (Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6  ...)
 	- imagemagick <not-affected> (Specific to Imagemagick 7, 6.x uses fixed pixel cache morphology)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/663
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1cc6f0ccc92c20c7cab6c4a7335daf29c91f0d8e
-CVE-2017-12875
+CVE-2017-12875 (The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remot ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #873871)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -16116,111 +16116,111 @@ CVE-2017-12875
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d96b55ea41e71de43663818ccd17c6af3fa6c4fd
 CVE-2017-12866
 	RESERVED
-CVE-2017-12865
+CVE-2017-12865 (Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlie ...)
 	{DSA-3956-1 DLA-1078-1}
 	- connman 1.35-1 (bug #872844)
 	NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71 (1.35)
-CVE-2017-12864
+CVE-2017-12864 (In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did ...)
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #875345)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9372
-CVE-2017-12863
+CVE-2017-12863 (In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::re ...)
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #875344)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9371
-CVE-2017-12862
+CVE-2017-12862 (In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffe ...)
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #875342)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9370
-CVE-2017-12861
+CVE-2017-12861 (The Epson "EasyMP" software is designed to remotely stream a users com ...)
 	NOT-FOR-US: Epson "EasyMP"
-CVE-2017-12860
+CVE-2017-12860 (The Epson "EasyMP" software is designed to remotely stream a users com ...)
 	NOT-FOR-US: Epson "EasyMP"
-CVE-2017-12859
+CVE-2017-12859 (NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS enviro ...)
 	NOT-FOR-US: NetApp
-CVE-2017-12858
+CVE-2017-12858 (Double free vulnerability in the _zip_dirent_read function in zip_dire ...)
 	- libzip <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced after: https://github.com/nih-at/libzip/commit/796c5968ad679220db3fb65ec6f48c66e554e5d5 (rel-1-2-0)
 	NOTE: Fixed by: https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796
-CVE-2017-12857
+CVE-2017-12857 (Polycom SoundStation IP, VVX, and RealPresence Trio that are running s ...)
 	NOT-FOR-US: Polycom
-CVE-2017-12856
+CVE-2017-12856 (Cross-site scripting (XSS) vulnerability in C.P.Sub 5.2 allows remote  ...)
 	NOT-FOR-US: C.P.Sub
 CVE-2017-12854
 	RESERVED
-CVE-2017-12874
+CVE-2017-12874 (The InfoCard module 1.0 for SimpleSAMLphp allows attackers to spoof XM ...)
 	{DSA-4127-1 DLA-1205-1}
 	- simplesamlphp 1.14.11-1
 	NOTE: Issue lies in simplesamlphp/simplesamlphp-module-infocard and fixed
 	NOTE: in 1.0.1. The module is embedded in src:simplesamlphp
 	NOTE: https://simplesamlphp.org/security/201612-03
 	NOTE: Patch: https://github.com/simplesamlphp/simplesamlphp-module-infocard/commit/7353762acacd827a61378629f87de991451089da
-CVE-2017-12873
+CVE-2017-12873 (SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain se ...)
 	{DSA-4127-1 DLA-1205-1}
 	- simplesamlphp 1.14.11-1
 	NOTE: https://simplesamlphp.org/security/201612-04
 	NOTE: Patches: https://github.com/simplesamlphp/simplesamlphp/commit/90dca835158495b173808273e7df127303b8b953aa
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/e2daf4ceb6e580815c3741384b3a09b85a5fc231
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/300d8aa48fe93706ade95be481c68e9cf2f32d1f
-CVE-2017-12872
+CVE-2017-12872 (The (1) Htpasswd authentication source in the authcrypt module and (2) ...)
 	{DLA-1408-1 DLA-1205-1}
 	- simplesamlphp 1.14.15-1
 	[stretch] - simplesamlphp <no-dsa> (Minor issue)
 	NOTE: https://simplesamlphp.org/security/201703-01
 	NOTE: Patches: https://github.com/simplesamlphp/simplesamlphp/commit/ab7761d4a523a4ed00479fb1ddba688e7ca72439
 	NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/caf764cc2c9b68ac29741070ebdf133a595443f1
-CVE-2017-12871
+CVE-2017-12871 (The aesEncrypt method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAML ...)
 	- simplesamlphp 1.14.15-1
 	[jessie] - simplesamlphp <not-affected> (Vulnerable code not present)
 	[wheezy] - simplesamlphp <not-affected> (Vulnerable code not present)
 	NOTE: https://simplesamlphp.org/security/201703-02
-CVE-2017-12870
+CVE-2017-12870 (SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle ...)
 	- simplesamlphp 1.14.15-1
 	[jessie] - simplesamlphp <ignored> (Minor issue mitigated by HTTPS usage, hard to backport)
 	[wheezy] - simplesamlphp <ignored> (Minor issue mitigated by HTTPS usage, hard to backport)
 	NOTE: https://simplesamlphp.org/security/201704-01
-CVE-2017-12869
+CVE-2017-12869 (The multiauth module in SimpleSAMLphp 1.14.13 and earlier allows remot ...)
 	{DSA-4127-1 DLA-1205-1}
 	- simplesamlphp 1.14.15-1
 	NOTE: https://simplesamlphp.org/security/201704-02
 	NOTE: Patch: https://github.com/simplesamlphp/simplesamlphp/commit/f1e485284dd428ab3cd9500c62e19c7c7234be9a
-CVE-2017-12868
+CVE-2017-12868 (The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleS ...)
 	{DLA-1408-1 DLA-1205-1}
 	- simplesamlphp 1.14.15-1
 	[stretch] - simplesamlphp <not-affected> (Only affects setups with old PHP versions not found in stable)
 	NOTE: https://simplesamlphp.org/security/201705-01
 	NOTE: Patch: https://github.com/simplesamlphp/simplesamlphp/commit/caf764cc2c9b68ac29741070ebdf133a595443f1
-CVE-2017-12867
+CVE-2017-12867 (The SimpleSAML_Auth_TimeLimitedToken class in SimpleSAMLphp 1.14.14 an ...)
 	{DSA-4127-1 DLA-1205-1}
 	- simplesamlphp 1.14.15-1
 	NOTE: https://simplesamlphp.org/security/201708-01
 	NOTE: Patch: https://github.com/simplesamlphp/simplesamlphp/commit/608f24c2d5afd70c2af050785d2b12f878b33c68
-CVE-2017-12855
+CVE-2017-12855 (Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform t ...)
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-230.html
-CVE-2017-12853
+CVE-2017-12853 (The RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 is affecte ...)
 	NOT-FOR-US: RealTime RWR-3G-100 Router Firmware
-CVE-2017-12852
+CVE-2017-12852 (The numpy.pad function in Numpy 1.13.1 and older versions is missing i ...)
 	- python-numpy <unfixed> (unimportant; bug #872407)
 	NOTE: https://github.com/numpy/numpy/issues/9560#issuecomment-322395292
 	NOTE: Negligible security impact
-CVE-2017-12851
+CVE-2017-12851 (An authenticated standard user could reset the password of the admin b ...)
 	- kanboard <itp> (bug #790814)
-CVE-2017-12850
+CVE-2017-12850 (An authenticated standard user could reset the password of other users ...)
 	- kanboard <itp> (bug #790814)
 	NOTE: https://github.com/kanboard/kanboard/commit/88dd6abbf3f519897f2f6280e95c9eec9123a4ae
-CVE-2017-12849
+CVE-2017-12849 (Response discrepancy in the login and password reset forms in SilverSt ...)
 	NOT-FOR-US: SilverStripe CMS
 CVE-2017-12848
 	RESERVED
-CVE-2017-12847
+CVE-2017-12847 (Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping ...)
 	- nagios3 <removed>
 	[jessie] - nagios3 <no-dsa> (Minor issue)
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
@@ -16232,9 +16232,9 @@ CVE-2017-12846
 	RESERVED
 CVE-2017-12845
 	RESERVED
-CVE-2017-12844
+CVE-2017-12844 (Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp ...)
 	NOT-FOR-US: IceWarp
-CVE-2017-12843
+CVE-2017-12843 (Cyrus IMAP before 3.0.3 allows remote authenticated users to write to  ...)
 	- cyrus-imapd <not-affected> (Vulnerable code introduced later)
 	- cyrus-imapd-2.4 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/cyrusimap/cyrus-imapd/commit/d734a23122155f3522a8cb6aef118223aa73cde0
@@ -16242,13 +16242,13 @@ CVE-2017-12842
 	RESERVED
 CVE-2017-12841
 	RESERVED
-CVE-2017-12840
+CVE-2017-12840 (A kernel driver, namely DLMFENC.sys, bundled with the DESLock+ client  ...)
 	NOTE: DESLock+
 CVE-2017-12839
 	RESERVED
-CVE-2017-12838
+CVE-2017-12838 (Cross-site request forgery (CSRF) vulnerability in NexusPHP 1.5 allows ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12837
+CVE-2017-12837 (Heap-based buffer overflow in the S_regatom function in regcomp.c in P ...)
 	{DSA-3982-1}
 	- perl 5.26.0-8 (bug #875596)
 	[wheezy] - perl <not-affected> (Vulnerable code introduced after 5.14.4)
@@ -16278,38 +16278,38 @@ CVE-2017-12826
 	REJECTED
 CVE-2017-12825
 	RESERVED
-CVE-2017-12824
+CVE-2017-12824 (Special crafted InPage document leads to arbitrary code execution in I ...)
 	NOT-FOR-US: InPage
-CVE-2017-12823
+CVE-2017-12823 (Kernel pool memory corruption in one of drivers in Kaspersky Embedded  ...)
 	NOT-FOR-US: Kaspersky
-CVE-2017-12822
+CVE-2017-12822 (Remote enabling and disabling admin interface in Gemalto's HASP SRM, S ...)
 	NOT-FOR-US: Gemalto
-CVE-2017-12821
+CVE-2017-12821 (Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel LD ...)
 	NOT-FOR-US: Gemalto
-CVE-2017-12820
+CVE-2017-12820 (Arbitrary memory read from controlled memory pointer in Gemalto's HASP ...)
 	NOT-FOR-US: Gemalto
-CVE-2017-12819
+CVE-2017-12819 (Remote manipulations with language pack updater lead to NTLM-relay att ...)
 	NOT-FOR-US: Gemalto
-CVE-2017-12818
+CVE-2017-12818 (Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel HA ...)
 	NOT-FOR-US: Gemalto
-CVE-2017-12817
+CVE-2017-12817 (In Kaspersky Internet Security for Android 11.12.4.1622, some of the a ...)
 	NOT-FOR-US: Kaspersky Internet Security for Android
-CVE-2017-12816
+CVE-2017-12816 (In Kaspersky Internet Security for Android 11.12.4.1622, some of appli ...)
 	NOT-FOR-US: Kaspersky Internet Security for Android
-CVE-2017-12815
+CVE-2017-12815 (Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 5279 ...)
 	NOT-FOR-US: Bomgar Remote Support Portal JavaStart Applet
-CVE-2017-12814
+CVE-2017-12814 (Stack-based buffer overflow in the CPerlHost::Add method in win32/perl ...)
 	- perl <not-affected> (Windows specific issue)
 	NOTE: https://rt.perl.org/Public/Bug/Display.html?id=131665 (not yet public)
-CVE-2017-12813
+CVE-2017-12813 (PHPJabbers File Sharing Script 1.0 has stored XSS in the comments sect ...)
 	NOT-FOR-US: PHPJabbers File Sharing Script
-CVE-2017-12812
+CVE-2017-12812 (PHPJabbers Night Club Booking Software has stored XSS in the name para ...)
 	NOT-FOR-US: PHPJabbers Night Club Booking Software
-CVE-2017-12811
+CVE-2017-12811 (PHPJabbers Star Rating Script 4.0 has stored XSS via a rating item. ...)
 	NOT-FOR-US: PHPJabbers Star Rating Script
-CVE-2017-12810
+CVE-2017-12810 (PHPJabbers PHP Newsletter Script 4.2 has stored XSS in lists in the ad ...)
 	NOT-FOR-US: PHPJabbers PHP Newsletter Script
-CVE-2017-12809
+CVE-2017-12809 (QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM ...)
 	{DSA-3991-1}
 	- qemu 1:2.10.0-1 (bug #873849)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -16327,39 +16327,39 @@ CVE-2017-12805
 	RESERVED
 CVE-2017-12804
 	RESERVED
-CVE-2017-12803
+CVE-2017-12803 (The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0. ...)
 	NOT-FOR-US: mkclean
-CVE-2017-12802
+CVE-2017-12802 (The EBML_IntegerValue function in ebmlnumber.c in libebml2 through 201 ...)
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12801
+CVE-2017-12801 (The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-0 ...)
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12800
+CVE-2017-12800 (The EBML_FindNextElement function in ebmlmain.c in libebml2 through 20 ...)
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12836
+CVE-2017-12836 (CVS 1.12.x, when configured to use SSH for remote repositories, might  ...)
 	{DSA-3940-1 DLA-1056-1}
 	- cvs 2:1.12.13+real-24 (bug #871810)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/11/1
-CVE-2017-12799
+CVE-2017-12799 (The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows re ...)
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21933
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=957e1fc1c5d0262e4b2f764cf031ad1458446498
-CVE-2017-12798
+CVE-2017-12798 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the q p ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12797
+CVE-2017-12797 (Integer overflow in the INT123_parse_new_id3 function in the ID3 parse ...)
 	- mpg123 1.25.6-1
 	[stretch] - mpg123 <no-dsa> (Minor issue)
 	[jessie] - mpg123 <no-dsa> (Minor issue)
 	[wheezy] - mpg123 <ignored> (Minor issue)
 	NOTE: https://sourceforge.net/p/mpg123/bugs/254/
 	NOTE: https://sourceforge.net/p/mpg123/mailman/message/35987663/
-CVE-2017-12796
+CVE-2017-12796 (The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distri ...)
 	NOT-FOR-US: OpenMRS addon
 CVE-2017-12795
 	RESERVED
-CVE-2017-12794
+CVE-2017-12794 (In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoesca ...)
 	- python-django 1:1.11.5-1 (low; bug #874415)
 	[stretch] - python-django 1:1.10.7-2+deb9u2
 	[jessie] - python-django <not-affected> (Vulnerable code do not exist)
@@ -16367,9 +16367,9 @@ CVE-2017-12794
 	NOTE: https://www.djangoproject.com/weblog/2017/sep/05/security-releases/
 CVE-2017-12793
 	RESERVED
-CVE-2017-12792
+CVE-2017-12792 (Multiple cross-site request forgery (CSRF) vulnerabilities in NexusPHP ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12791
+CVE-2017-12791 (Directory traversal vulnerability in minion id validation in SaltStack ...)
 	- salt 2016.11.8+dfsg1-1 (bug #872399)
 	[stretch] - salt 2016.11.2+ds-1+deb9u1
 	[jessie] - salt <no-dsa> (Minor issue)
@@ -16382,43 +16382,43 @@ CVE-2017-12789
 	RESERVED
 CVE-2017-12788
 	RESERVED
-CVE-2017-12787
+CVE-2017-12787 (A network interface of the novi_process_manager_daemon service, includ ...)
 	NOT-FOR-US: NoviWare
-CVE-2017-12786
+CVE-2017-12786 (Network interfaces of the cliengine and noviengine services, included  ...)
 	NOT-FOR-US: NoviWare
-CVE-2017-12785
+CVE-2017-12785 (The novish command-line interface, included in the NoviWare software d ...)
 	NOT-FOR-US: NoviWare
-CVE-2017-12784
+CVE-2017-12784 (In Youngzsoft CCFile (aka CC File Transfer) 3.6, by sending a crafted  ...)
 	NOT-FOR-US: Youngzsoft CCFile
-CVE-2017-12783
+CVE-2017-12783 (The ReadDataFloat function in ebmlnumber.c in libebml2 through 2012-08 ...)
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12782
+CVE-2017-12782 (The ReadData function in ebmlmaster.c in libebml2 through 2012-08-26 a ...)
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12781
+CVE-2017-12781 (The EBML_BufferToID function in ebmlelement.c in libebml2 through 2012 ...)
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12780
+CVE-2017-12780 (The ReadData function in ebmlstring.c in libebml2 through 2012-08-26 a ...)
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
-CVE-2017-12779
+CVE-2017-12779 (The Node_GetData function in corec/corec/node/node.c in mkvalidator 0. ...)
 	NOT-FOR-US: libembl2 (different codebase than src:libebml)
 CVE-2017-12778
 	RESERVED
-CVE-2017-1000112
+CVE-2017-1000112 (Linux kernel: Exploitable memory corruption due to UFO to non-UFO path ...)
 	{DSA-3981-1}
 	- linux 4.12.6-1 (low)
 	[wheezy] - linux <ignored> (Low severity and difficult to backport)
 	NOTE: Introduced by: https://git.kernel.org/linus/e89e9cf539a28df7d0eb1d0a545368e9920b34ac (2.6.15-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/85f1bd9a7b5a79d5baa8bf44af19658f7bf77bfa
-CVE-2017-1000111
+CVE-2017-1000111 (Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue  ...)
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.6-1
 	NOTE: Introduced by: https://git.kernel.org/linus/8913336a7e8d56e984109a3137d6c0e3362596a4 (2.6.27-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/c27927e372f0785f3303e8fad94b85945e2c97b7
 	NOTE: Non-privileged user namespaces disabled by default, only exploitable by arbitrary user if sysctl kernel.unprivileged_userns_clone=1
-CVE-2017-1000117
+CVE-2017-1000117 (A malicious third-party can give a crafted "ssh://..." URL to an unsus ...)
 	{DSA-3934-1 DLA-1068-1}
 	- git 1:2.14.1-1
 	NOTE: https://public-inbox.org/git/xmqqh8xf482j.fsf@gitster.mtv.corp.google.com/T/#u
-CVE-2017-1000116
+CVE-2017-1000116 (Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ...)
 	{DSA-3963-1 DLA-1072-1}
 	- mercurial 4.3.1-1 (bug #871710)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
@@ -16436,7 +16436,7 @@ CVE-2017-1000116
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/943c91326b23
 	NOTE: 3.7 and 4.1 backports also available at https://bitbucket.org/atlassian/mercurial/commits/branch/sec-3.7
 	NOTE: and https://bitbucket.org/octobus/mercurial-backport/branch/backport-4.1
-CVE-2017-1000115
+CVE-2017-1000115 (Mercurial prior to version 4.3 is vulnerable to a missing symlink chec ...)
 	{DSA-3963-1 DLA-1072-1}
 	- mercurial 4.3.1-1 (bug #871709)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
@@ -16444,13 +16444,13 @@ CVE-2017-1000115
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/377e8ddaebef (fix)
 	NOTE: 3.7 and 4.1 backports available at https://bitbucket.org/atlassian/mercurial/commits/branch/sec-3.7
 	NOTE: and https://bitbucket.org/octobus/mercurial-backport/branch/backport-4.1CVE-2017-12777
-CVE-2017-12777
+CVE-2017-12777 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via some pa ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12776
+CVE-2017-12776 (SQL injection vulnerability in reports.php in NexusPHP 1.5 allows remo ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12775
+CVE-2017-12775 (qa-include/qa-install.php in Question2Answer before 1.7.5 allows remot ...)
 	NOT-FOR-US: question2answer
-CVE-2017-12774
+CVE-2017-12774 (finecms in 1.9.5\controllers\member\ContentController.php allows remot ...)
 	NOT-FOR-US: FineCMS
 CVE-2017-12773
 	RESERVED
@@ -16472,9 +16472,9 @@ CVE-2017-12765
 	RESERVED
 CVE-2017-12764
 	RESERVED
-CVE-2017-12763
+CVE-2017-12763 (An unspecified server utility in NoMachine before 5.3.10 on Mac OS X a ...)
 	NOT-FOR-US: NoMachine
-CVE-2017-12762
+CVE-2017-12762 (In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied in ...)
 	- linux 4.13.4-1 (unimportant)
 	NOTE: Fixed by: https://git.kernel.org/linus/9f5af546e6acc30f075828cb58c7f09665033967 (v4.13-rc4)
 	NOTE: Driver is disabled since squeeze and unmaintained for a long time
@@ -16488,13 +16488,13 @@ CVE-2017-12758
 	RESERVED
 CVE-2017-12757
 	RESERVED
-CVE-2017-12756
+CVE-2017-12756 (Command inject in transfer from another server in extplorer 2.1.9 and  ...)
 	{DLA-1063-1}
 	- extplorer <removed>
 	NOTE: http://extplorer.net/news/21
 CVE-2017-12755
 	RESERVED
-CVE-2017-12754
+CVE-2017-12754 (Stack buffer overflow in httpd in Asuswrt-Merlin firmware 380.67_0RT-A ...)
 	NOT-FOR-US: Asuswrt-Merlin firmware
 CVE-2017-12753
 	RESERVED
@@ -16520,119 +16520,119 @@ CVE-2017-12743
 	RESERVED
 CVE-2017-12742
 	RESERVED
-CVE-2017-12741
+CVE-2017-12741 (A vulnerability has been identified in SIMATIC S7-200 Smart (All versi ...)
 	NOT-FOR-US: Siemens
-CVE-2017-12740
+CVE-2017-12740 (Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity  ...)
 	NOT-FOR-US: Siemens
-CVE-2017-12739
+CVE-2017-12739 (An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with ...)
 	NOT-FOR-US: Siemens
-CVE-2017-12738
+CVE-2017-12738 (An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with ...)
 	NOT-FOR-US: Siemens
-CVE-2017-12737
+CVE-2017-12737 (An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with ...)
 	NOT-FOR-US: Siemens
-CVE-2017-12736
+CVE-2017-12736 (A vulnerability has been identified in RUGGEDCOM ROS for RSL910 device ...)
 	NOT-FOR-US: Siemens
-CVE-2017-12735
+CVE-2017-12735 (A vulnerability has been identified in Siemens LOGO! devices. An attac ...)
 	NOT-FOR-US: Siemens
-CVE-2017-12734
+CVE-2017-12734 (A vulnerability has been identified in Siemens LOGO! devices before V1 ...)
 	NOT-FOR-US: Siemens
-CVE-2017-12733
+CVE-2017-12733 (A Missing Authentication for Critical Function issue was discovered in ...)
 	NOT-FOR-US: SiteSentinel
-CVE-2017-12732
+CVE-2017-12732 (A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Ve ...)
 	NOT-FOR-US: GE CIMPLICITY
-CVE-2017-12731
+CVE-2017-12731 (A SQL Injection issue was discovered in OPW Fuel Management Systems Si ...)
 	NOT-FOR-US: SiteSentinel
-CVE-2017-12730
+CVE-2017-12730 (An Unquoted Search Path issue was discovered in mySCADA myPRO Versions ...)
 	NOT-FOR-US: mySCADA myPRO
-CVE-2017-12729
+CVE-2017-12729 (A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer throu ...)
 	NOT-FOR-US: Moxa SoftCMS Live Viewer
-CVE-2017-12728
+CVE-2017-12728 (An Improper Privilege Management issue was discovered in SpiderControl ...)
 	NOT-FOR-US: SpiderControl SCADA Web Server
 CVE-2017-12727
 	RESERVED
-CVE-2017-12726
+CVE-2017-12726 (A Use of Hard-coded Password issue was discovered in Smiths Medical Me ...)
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12725
+CVE-2017-12725 (A Use of Hard-coded Credentials issue was discovered in Smiths Medical ...)
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12724
+CVE-2017-12724 (A Use of Hard-coded Credentials issue was discovered in Smiths Medical ...)
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12723
+CVE-2017-12723 (A Password in Configuration File issue was discovered in Smiths Medica ...)
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12722
+CVE-2017-12722 (An Out-of-bounds Read issue was discovered in Smiths Medical Medfusion ...)
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12721
+CVE-2017-12721 (An Improper Certificate Validation issue was discovered in Smiths Medi ...)
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12720
+CVE-2017-12720 (An Improper Access Control issue was discovered in Smiths Medical Medf ...)
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12719
+CVE-2017-12719 (An Untrusted Pointer Dereference issue was discovered in Advantech Web ...)
 	NOT-FOR-US: Advantech
-CVE-2017-12718
+CVE-2017-12718 (A Classic Buffer Overflow issue was discovered in Smiths Medical Medfu ...)
 	NOT-FOR-US: Smiths Medical Medfusion
-CVE-2017-12717
+CVE-2017-12717 (An Uncontrolled Search Path Element issue was discovered in Advantech  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12716
+CVE-2017-12716 (Abbott Laboratories Accent and Anthem pacemakers manufactured prior to ...)
 	NOT-FOR-US: Abbott Laboratories Accent and Anthem pacemakers
 CVE-2017-12715
 	RESERVED
-CVE-2017-12714
+CVE-2017-12714 (Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do n ...)
 	NOT-FOR-US: Abbott Laboratories pacemakers
-CVE-2017-12713
+CVE-2017-12713 (An Incorrect Permission Assignment for Critical Resource issue was dis ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12712
+CVE-2017-12712 (The authentication algorithm in Abbott Laboratories pacemakers manufac ...)
 	NOT-FOR-US: Abbott Laboratories pacemakers
-CVE-2017-12711
+CVE-2017-12711 (An Incorrect Privilege Assignment issue was discovered in Advantech We ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12710
+CVE-2017-12710 (A SQL Injection issue was discovered in Advantech WebAccess versions p ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12709
+CVE-2017-12709 (A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN ve ...)
 	NOT-FOR-US: Westermo devices
-CVE-2017-12708
+CVE-2017-12708 (An Improper Restriction Of Operations Within The Bounds Of A Memory Bu ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12707
+CVE-2017-12707 (A Stack-based Buffer Overflow issue was discovered in SpiderControl SC ...)
 	NOT-FOR-US: SpiderControl SCADA MicroBrowser
-CVE-2017-12706
+CVE-2017-12706 (A stack-based buffer overflow issue was discovered in Advantech WebAcc ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12705
+CVE-2017-12705 (A Heap-Based Buffer Overflow issue was discovered in Advantech WebOP.  ...)
 	NOT-FOR-US: Advantech
-CVE-2017-12704
+CVE-2017-12704 (A heap-based buffer overflow issue was discovered in Advantech WebAcce ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12703
+CVE-2017-12703 (A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo M ...)
 	NOT-FOR-US: Westermo
-CVE-2017-12702
+CVE-2017-12702 (An Externally Controlled Format String issue was discovered in Advante ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12701
+CVE-2017-12701 (BMC Medical Luna CPAP Machines released prior to July 1, 2017, contain ...)
 	NOT-FOR-US: BMC Medical Luna CPAP Machines
 CVE-2017-12700
 	RESERVED
-CVE-2017-12699
+CVE-2017-12699 (An Incorrect Default Permissions issue was discovered in AzeoTech DAQF ...)
 	NOT-FOR-US: AzeoTech DAQFactory
-CVE-2017-12698
+CVE-2017-12698 (An Improper Authentication issue was discovered in Advantech WebAccess ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-12697
+CVE-2017-12697 (A Man-in-the-Middle issue was discovered in General Motors (GM) and Sh ...)
 	NOT-FOR-US: General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client
 CVE-2017-12696
 	RESERVED
-CVE-2017-12695
+CVE-2017-12695 (An Improper Authentication issue was discovered in General Motors (GM) ...)
 	NOT-FOR-US: General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client
-CVE-2017-12694
+CVE-2017-12694 (A Directory Traversal issue was discovered in SpiderControl SCADA Web  ...)
 	NOT-FOR-US: SpiderControl SCADA Web Server
-CVE-2017-1000101
+CVE-2017-1000101 (curl supports "globbing" of URLs, in which a user can pass a numerical ...)
 	{DSA-3992-1}
 	- curl 7.55.0-1 (bug #871554)
 	[wheezy] - curl <not-affected> (Vulnerable code not present, introduced later in 7.34.0)
 	NOTE: https://curl.haxx.se/docs/adv_20170809A.html
 	NOTE: https://curl.haxx.se/CVE-2017-1000101.patch
-CVE-2017-1000100
+CVE-2017-1000100 (When doing a TFTP transfer and curl/libcurl is given a URL that contai ...)
 	{DSA-3992-1 DLA-1062-1}
 	- curl 7.55.0-1 (bug #871555)
 	NOTE: https://curl.haxx.se/docs/adv_20170809B.html
 	NOTE: https://curl.haxx.se/CVE-2017-1000100.patch
-CVE-2017-1000099
+CVE-2017-1000099 (When asking to get a file from a file:// URL, libcurl provides a featu ...)
 	- curl <not-affected> (Only affects 7.54.1, no affected version ever in the archive)
 	NOTE: https://curl.haxx.se/docs/adv_20170809C.html
 	NOTE: https://curl.haxx.se/CVE-2017-1000099.patch
 	NOTE: Introduced by: https://github.com/curl/curl/commit/7c312f84ea930d8
-CVE-2017-12693
+CVE-2017-12693 (The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allow ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875341)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -16640,7 +16640,7 @@ CVE-2017-12693
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/652
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/75fcbf5d649bba046c6a0db650a518f7bfc0fb3f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6709bd585b9609a9cf98a7042089f3e725886d5e
-CVE-2017-12692
+CVE-2017-12692 (The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 all ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875339)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -16648,7 +16648,7 @@ CVE-2017-12692
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/653
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4a25fe5447bfb3a1918a2e9d595928e853b09d2e
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5919dc606bc1d6022d3d2d205a91fdbe98de9e15
-CVE-2017-12691
+CVE-2017-12691 (The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allow ...)
 	{DLA-1131-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #875338)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -16676,11 +16676,11 @@ CVE-2017-12682
 	RESERVED
 CVE-2017-12681
 	RESERVED
-CVE-2017-12680
+CVE-2017-12680 (Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type paramet ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12679
+CVE-2017-12679 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12678
+CVE-2017-12678 (In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefac ...)
 	- taglib 1.11.1+dfsg.1-0.2 (bug #871511)
 	[stretch] - taglib <no-dsa> (Minor issue)
 	[jessie] - taglib <not-affected> (Vulnerable code not present)
@@ -16688,21 +16688,21 @@ CVE-2017-12678
 	- silverjuke <not-affected> (Vulnerable code not present, based on older taglib version)
 	NOTE: https://github.com/taglib/taglib/issues/829
 	NOTE: https://github.com/taglib/taglib/pull/831/commits/eb9ded1206f18f2c319157337edea2533a40bea6#diff-37f706c8696a7c1ca939b169c0a04d97
-CVE-2017-12677
+CVE-2017-12677 (IdentityServer3 2.4.x, 2.5.x, and 2.6.x before 2.6.1 has XSS in an Ang ...)
 	NOT-FOR-US: IdentityServer
-CVE-2017-12676
+CVE-2017-12676 (In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the f ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870118)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/618
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/387adbe4b05a545b9f3972e862602480c850303c
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7287f50888c26b133ee173816332fcaec4e8cb62
-CVE-2017-12675
+CVE-2017-12675 (In ImageMagick 7.0.6-3, a missing check for multidimensional data was  ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870022)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/616
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7a020acbcfea6e53eff6766c87ea175eac9dcd18
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e33a39a6a168cdd800fd160e8f93f0059432bdf7
-CVE-2017-12674
+CVE-2017-12674 (In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in th ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #872609)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -16710,45 +16710,45 @@ CVE-2017-12674
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/604
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/91651bd482b6637cf650700ffd7b3b63de1cb049
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5a91708c6b70bd4e3d2b931465307e0aeababb3c
-CVE-2017-12673
+CVE-2017-12673 (In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the f ...)
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870117)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/619
-CVE-2017-12672
+CVE-2017-12672 (In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the f ...)
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870021)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/617
-CVE-2017-12671
+CVE-2017-12671 (In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/ ...)
 	{DSA-4019-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870119)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/621
-CVE-2017-12669
+CVE-2017-12669 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage  ...)
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870475)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/571
-CVE-2017-12668
+CVE-2017-12668 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage i ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870489)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/575
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2ba8f335fa06daf1165e0878462686028e633a74
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/560e6e512961008938aa1d1b9aab06347b1c8f9b
-CVE-2017-12667
+CVE-2017-12667 (ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in ...)
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870015)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/553
-CVE-2017-12666
+CVE-2017-12666 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImag ...)
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870482)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/572
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d5559407ce29f4371e5df9c1cbde65455fe5854c
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/45aeda5da9eb328689afc221fa3b7dfa5cdea54d
-CVE-2017-12665
+CVE-2017-12665 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage  ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870501)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/577
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/c1b09bbec148f6ae11d0b686fdb89ac6dc0ab14e
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/859084b4fd966ac007965c3d85caabccd8aee9b4
-CVE-2017-12663
+CVE-2017-12663 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage i ...)
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870483)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/573
-CVE-2017-12662
+CVE-2017-12662 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage i ...)
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870492)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/576
 CVE-2017-12661
@@ -16763,79 +16763,79 @@ CVE-2017-12657
 	RESERVED
 CVE-2017-12656
 	RESERVED
-CVE-2017-12655
+CVE-2017-12655 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the que ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-12654
+CVE-2017-12654 (The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 all ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870502)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/620
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ffcb8f8e2248fde38a2cb30aeb48403d2b3471cc
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f2c26fa4db84e92d754c7f8b269db2883cf7f32c
-CVE-2017-12653
+CVE-2017-12653 (360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escal ...)
 	NOT-FOR-US: 360 Total Security
 CVE-2017-12652
 	RESERVED
-CVE-2017-12651
+CVE-2017-12651 (Cross Site Request Forgery (CSRF) exists in the Blacklist and Whitelis ...)
 	NOT-FOR-US: Loginizer plugin for WordPress
-CVE-2017-12650
+CVE-2017-12650 (SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPres ...)
 	NOT-FOR-US: Loginizer plugin for WordPress
-CVE-2017-12649
+CVE-2017-12649 (XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted title or  ...)
 	NOT-FOR-US: Liferay Portal
-CVE-2017-12648
+CVE-2017-12648 (XSS exists in Liferay Portal before 7.0 CE GA4 via a bookmark URL. ...)
 	NOT-FOR-US: Liferay Portal
-CVE-2017-12647
+CVE-2017-12647 (XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base ar ...)
 	NOT-FOR-US: Liferay Portal
-CVE-2017-12646
+CVE-2017-12646 (XSS exists in Liferay Portal before 7.0 CE GA4 via a login name, passw ...)
 	NOT-FOR-US: Liferay Portal
-CVE-2017-12645
+CVE-2017-12645 (XSS exists in Liferay Portal before 7.0 CE GA4 via an invalid portletI ...)
 	NOT-FOR-US: Liferay Portal
-CVE-2017-12644
+CVE-2017-12644 (ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/551
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a33f7498f9052b50e8fe8c8422a11ba84474cb42
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/9f375e7080a2c1044cd546854d0548b4bfb429d0
-CVE-2017-12642
+CVE-2017-12642 (ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869796)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/552
-CVE-2017-12641
+CVE-2017-12641 (ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870108)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/550
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3320955045e5a2a22c13a04fa9422bb809e75eda
-CVE-2017-12640
+CVE-2017-12640 (ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOne ...)
 	{DSA-4040-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870106)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/542
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/78d4c5db50fbab0b4beb69c46c6167f2c6513dec
-CVE-2017-12639
+CVE-2017-12639 (Stack based buffer overflow in Ipswitch IMail server up to and includi ...)
 	NOT-FOR-US: Ipswitch IMail
-CVE-2017-12638
+CVE-2017-12638 (Stack based buffer overflow in Ipswitch IMail server up to and includi ...)
 	NOT-FOR-US: Ipswitch IMail
-CVE-2017-12637
+CVE-2017-12637 (Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/ ...)
 	NOT-FOR-US: SAP
-CVE-2017-12636
+CVE-2017-12636 (CouchDB administrative users can configure the database server via HTT ...)
 	{DLA-1252-1}
 	- couchdb <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6
 	NOTE: Likely patch for 1.2.x: https://github.com/apache/couchdb/commit/9a28df7e9703a1a3420e7616c4d33a523ee06354
 	NOTE: Possibly needs more updates: https://github.com/apache/couchdb/commit/bf6b6a1c84321baee2c4ad354059a45e0b8fdec7
-CVE-2017-12635
+CVE-2017-12635 (Due to differences in the Erlang-based JSON parser and JavaScript-base ...)
 	{DLA-1252-1}
 	- couchdb <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6
 	NOTE: Likely patch for 1.2.x: https://github.com/apache/couchdb/commit/3706a77c13a78672e5a3fbde06e7bffd3665f73b
-CVE-2017-12634
+CVE-2017-12634 (The camel-castor component in Apache Camel 2.x before 2.19.4 and 2.20. ...)
 	NOT-FOR-US: Apache Camel
-CVE-2017-12633
+CVE-2017-12633 (The camel-hessian component in Apache Camel 2.x before 2.19.4 and 2.20 ...)
 	NOT-FOR-US: Apache Camel
-CVE-2017-12632
+CVE-2017-12632 (A malicious host header in an incoming HTTP request could cause NiFi t ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2017-12631
+CVE-2017-12631 (Apache CXF Fediz ships with a number of container-specific plugins to  ...)
 	NOT-FOR-US: Apache CXF
-CVE-2017-12630
+CVE-2017-12630 (In Apache Drill 1.11.0 and earlier when submitting form from Query pag ...)
 	NOT-FOR-US: Apache Drill
-CVE-2017-12629
+CVE-2017-12629 (Remote code execution occurs in Apache Solr before 7.1 with Apache Luc ...)
 	{DSA-4124-1 DLA-1254-1}
 	- lucene-solr 3.6.2+dfsg-11
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1501529
@@ -16843,16 +16843,16 @@ CVE-2017-12629
 	NOTE: http://lucene.472066.n3.nabble.com/Re-Several-critical-vulnerabilities-discovered-in-Apache-Solr-XXE-amp-RCE-tt4358355.html
 	NOTE: Patch removing RunExecutableListener: https://github.com/apache/lucene-solr/commit/7b313bb597a6d1f78773dc9c00f484c078a46c25
 	NOTE: Patch disallowing XXE: https://github.com/apache/lucene-solr/commit/926cc4d65b6d2cc40ff07f76d50ddeda947e3cc4
-CVE-2017-12628
+CVE-2017-12628 (The JMX server embedded in Apache James, also used by the command line ...)
 	NOT-FOR-US: Apache James
-CVE-2017-12627
+CVE-2017-12627 (In Apache Xerces-C XML Parser library before 3.2.1, processing of exte ...)
 	{DLA-1328-1}
 	- xerces-c 3.2.1+debian-1 (bug #894050)
 	[stretch] - xerces-c 3.1.4+debian-2+deb9u1
 	[jessie] - xerces-c 3.1.1-5.1+deb8u4
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1819998
 	NOTE: https://xerces.apache.org/xerces-c/secadv/CVE-2017-12627.txt
-CVE-2017-12626
+CVE-2017-12626 (Apache POI in versions prior to release 3.17 are vulnerable to Denial  ...)
 	- libapache-poi-java 3.17-1 (bug #888651)
 	[stretch] - libapache-poi-java <no-dsa> (Minor issue)
 	[jessie] - libapache-poi-java <no-dsa> (Minor issue)
@@ -16861,31 +16861,31 @@ CVE-2017-12626
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61294
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=52372
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61295
-CVE-2017-12625
+CVE-2017-12625 (Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2 ...)
 	NOT-FOR-US: Apache Hive
-CVE-2017-12624
+CVE-2017-12624 (Apache CXF supports sending and receiving attachments via either the J ...)
 	NOT-FOR-US: Apache CXF
-CVE-2017-12623
+CVE-2017-12623 (An authorized user could upload a template which contained malicious c ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2017-12622
+CVE-2017-12622 (When an Apache Geode cluster before v1.3.0 is operating in secure mode ...)
 	NOT-FOR-US: Apache Geode
-CVE-2017-12621
+CVE-2017-12621 (During Jelly (xml) file parsing with Apache Xerces, if a custom doctyp ...)
 	- jenkins-commons-jelly <removed>
 	[jessie] - jenkins-commons-jelly <ignored> (Minor issue, only used by Jenkins which got removed)
 	[wheezy] - jenkins-commons-jelly <ignored> (Minor issue, only used by Jenkins which got removed)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/27/6
-CVE-2017-12620
+CVE-2017-12620 (When loading models or dictionaries that contain XML it is possible to ...)
 	NOT-FOR-US: Apache OpenNLP
 CVE-2017-12619
 	RESERVED
-CVE-2017-12618
+CVE-2017-12618 (Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to val ...)
 	{DLA-1163-1}
 	- apr-util 1.6.1-1 (low; bug #879996)
 	[stretch] - apr-util <no-dsa> (Minor issue)
 	[jessie] - apr-util <no-dsa> (Minor issue)
 	NOTE: mail-archives.apache.org/mod_mbox/apr-dev/201710.mbox/%3CCACsi252POs4toeJJciwg09_eu2cO3XFg%3DUqsPjXsfjDoeC3-UQ%40mail.gmail.com%3E
 	NOTE: https://github.com/apache/apr/commit/f672b565c825c34de9ee298b5bdc62c01cdd6147
-CVE-2017-12617
+CVE-2017-12617 (When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22 ...)
 	{DLA-1166-1}
 	- tomcat8 <not-affected> (Specific to running Tomcat on Windows)
 	- tomcat8.0 <not-affected> (Specific to running Tomcat on Windows)
@@ -16899,116 +16899,116 @@ CVE-2017-12617
 	NOTE: https://svn.apache.org/r1810014 (7.0.x)
 	NOTE: https://svn.apache.org/r1810026 (7.0.x)
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61542
-CVE-2017-12616
+CVE-2017-12616 (When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it w ...)
 	{DLA-1400-1 DLA-1108-1}
 	- tomcat7 7.0.72-3
 	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
 	NOTE: https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81
 	NOTE: https://svn.apache.org/r1804729
-CVE-2017-12615
+CVE-2017-12615 (When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs e ...)
 	- tomcat7 <not-affected> (Windows-specific)
-CVE-2017-12614
+CVE-2017-12614 (It was noticed an XSS in certain 404 pages that could be exploited to  ...)
 	- airflow <itp> (bug #819700)
-CVE-2017-12613
+CVE-2017-12613 (When apr_time_exp*() or apr_os_exp_time*() functions are invoked with  ...)
 	{DLA-1162-1}
 	- apr 1.6.3-1 (low; bug #879708)
 	[stretch] - apr <no-dsa> (Minor issue)
 	[jessie] - apr <no-dsa> (Minor issue)
 	NOTE: mail-archives.apache.org/mod_mbox/apr-dev/201710.mbox/%3CCACsi252POs4toeJJciwg09_eu2cO3XFg%3DUqsPjXsfjDoeC3-UQ%40mail.gmail.com%3E
 	NOTE: Fixed by: https://github.com/apache/apr/commit/ad958385a4180d7a83d90589689fcd36e3bbc57a
-CVE-2017-12612
+CVE-2017-12612 (In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe de ...)
 	NOT-FOR-US: Apache Spark
-CVE-2017-12611
+CVE-2017-12611 (In Apache Struts 2.0.1 through 2.3.33 and 2.5 through 2.5.10, using an ...)
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <ignored> (Minor issue)
 	NOTE: Only a problem if the application programmer has made a security mistake.
 	NOTE: https://struts.apache.org/docs/s2-053.html
-CVE-2017-12610
+CVE-2017-12610 (In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authent ...)
 	- kafka <itp> (bug #786460)
 CVE-2017-12609
 	REJECTED
-CVE-2017-12608
+CVE-2017-12608 (A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1 ...)
 	{DSA-4022-1 DLA-1214-1}
 	- libreoffice 1:5.0.2-1
 	NOTE: https://www.talosintelligence.com/reports/TALOS-2017-0301
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2017-12608
 	NOTE: https://gerrit.libreoffice.org/gitweb?p=core.git;a=commitdiff_plain;h=42a709d1ef647aab9a1c9422b4e25ecaee857aba
-CVE-2017-12607
+CVE-2017-12607 (A vulnerability in OpenOffice's PPT file parser before 4.1.4, and spec ...)
 	{DSA-4022-1 DLA-1214-1}
 	- libreoffice 1:5.0.2-1
 	NOTE: https://www.talosintelligence.com/reports/TALOS-2017-0300
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2017-12607
 	NOTE: https://cgit.freedesktop.org/libreoffice/core/commit/?id=334dba623dfb0c4fb2b5292c2d03741b7b33aef1
-CVE-2017-12606
+CVE-2017-12606 (OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of ...)
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12605
+CVE-2017-12605 (OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of ...)
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12604
+CVE-2017-12604 (OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of ...)
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12603
+CVE-2017-12603 (OpenCV (Open Source Computer Vision Library) through 3.3 has an invali ...)
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12602
+CVE-2017-12602 (OpenCV (Open Source Computer Vision Library) through 3.3 has a denial  ...)
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872045)
 	[stretch] - opencv <ignored> (Minor issue)
 	[jessie] - opencv <ignored> (Minor issue)
 	[wheezy] - opencv <ignored> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9311
-CVE-2017-12601
+CVE-2017-12601 (OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer  ...)
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12600
+CVE-2017-12600 (OpenCV (Open Source Computer Vision Library) through 3.3 has a denial  ...)
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872045)
 	[stretch] - opencv <ignored> (Minor issue)
 	[jessie] - opencv <ignored> (Minor issue)
 	[wheezy] - opencv <ignored> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9311
-CVE-2017-12599
+CVE-2017-12599 (OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of ...)
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12598
+CVE-2017-12598 (OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of ...)
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12597
+CVE-2017-12597 (OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of ...)
 	{DLA-1438-1 DLA-1117-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #872044)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/9309
-CVE-2017-12596
+CVE-2017-12596 (In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read ...)
 	- openexr 2.2.0-11.1 (bug #877352)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr 1.6.1-6+deb7u1
 	NOTE: https://github.com/openexr/openexr/issues/238
 	NOTE: Upstream fix https://github.com/openexr/openexr/commit/f09f5f26c1924c4f7e183428ca79c9881afaf53c
-CVE-2017-12595
+CVE-2017-12595 (The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dic ...)
 	- qpdf 7.0.0-1
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
@@ -17017,60 +17017,60 @@ CVE-2017-12595
 	NOTE: Fixed by: https://github.com/qpdf/qpdf/commit/ad527a64f93dca12f6aabab2ca99ae5eb352ab4b
 CVE-2017-12594
 	RESERVED
-CVE-2017-12593
+CVE-2017-12593 (ASUS DSL-N10S V2.1.16_APAC devices allow CSRF. ...)
 	NOT-FOR-US: ASUS DSL-N10S V2.1.16_APAC devices
-CVE-2017-12592
+CVE-2017-12592 (ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation vulnera ...)
 	NOT-FOR-US: ASUS DSL-N10S V2.1.16_APAC devices
-CVE-2017-12591
+CVE-2017-12591 (ASUS DSL-N10S V2.1.16_APAC devices have reflected and stored cross sit ...)
 	NOT-FOR-US: ASUS DSL-N10S V2.1.16_APAC devices
-CVE-2017-12590
+CVE-2017-12590 (ASUS RT-N14UHP devices before 3.0.0.4.380.8015 have a reflected XSS vu ...)
 	NOT-FOR-US: ASUS RT-N14UHP devices
-CVE-2017-12589
+CVE-2017-12589 (ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any protecti ...)
 	NOT-FOR-US: ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices
-CVE-2017-12588
+CVE-2017-12588 (The zmq3 input and output modules in rsyslog before 8.28.0 interpreted ...)
 	- rsyslog 8.28.0-1 (unimportant)
 	NOTE: https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b
 	NOTE: https://github.com/rsyslog/rsyslog/pull/1565
 	NOTE: The zmq3 input and output modules are not enabled and built in Debian
-CVE-2017-12587
+CVE-2017-12587 (ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage ...)
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870526)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/535
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/bb5b16c512977e8134701063e0adb05a4a342add
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/d4192df5eb03892089806d52a317cc3101856726
-CVE-2017-12586
+CVE-2017-12586 (SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue becau ...)
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2017-12585
+CVE-2017-12585 (SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_ha ...)
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2017-12584
+CVE-2017-12584 (There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1. Also, an  ...)
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2017-12583
+CVE-2017-12583 (DokuWiki through 2017-02-19b has XSS in the at parameter (aka the DATE ...)
 	- dokuwiki 0.0.20180422.a-1 (bug #870903)
 	[jessie] - dokuwiki <not-affected> (Vulnerable code not present)
 	[wheezy] - dokuwiki <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/splitbrain/dokuwiki/issues/2061
-CVE-2017-12582
+CVE-2017-12582 (Unprivileged user can access all functions in the Surveillance Station ...)
 	NOT-FOR-US: QNAP
-CVE-2017-12581
+CVE-2017-12581 (GitHub Electron before 1.6.8 allows remote command execution because o ...)
 	- electron <itp> (bug #842420)
 CVE-2017-12580
 	RESERVED
-CVE-2017-12579
+CVE-2017-12579 (An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion ...)
 	NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
 CVE-2017-12578
 	RESERVED
-CVE-2017-12577
+CVE-2017-12577 (An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded accoun ...)
 	NOT-FOR-US: PLANEX
-CVE-2017-12576
+CVE-2017-12576 (An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undoc ...)
 	NOT-FOR-US: PLANEX
-CVE-2017-12575
+CVE-2017-12575 (An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router h ...)
 	NOT-FOR-US: NEC
-CVE-2017-12574
+CVE-2017-12574 (An issue was discovered on PLANEX CS-W50HD devices with firmware befor ...)
 	NOT-FOR-US: PLANEX
-CVE-2017-12573
+CVE-2017-12573 (An issue was discovered on PLANEX CS-W50HD devices with firmware befor ...)
 	NOT-FOR-US: PLANEX
-CVE-2017-12572
+CVE-2017-12572 (Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5. ...)
 	NOT-FOR-US: Splunk
 CVE-2017-12571
 	RESERVED
@@ -17078,29 +17078,29 @@ CVE-2017-12570
 	RESERVED
 CVE-2017-12569
 	RESERVED
-CVE-2017-12568
+CVE-2017-12568 (Denial of Service vulnerability in Debut embedded httpd 1.20 in Brothe ...)
 	NOT-FOR-US: Brother
-CVE-2017-12567
+CVE-2017-12567 (SQL injection exists in Quest KACE Asset Management Appliance 6.4.1208 ...)
 	NOT-FOR-US: Quest KACE Asset Management Appliance
-CVE-2017-12566
+CVE-2017-12566 (In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the f ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870503)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/603
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2477eacf09d3a26efe814590a5dbbe1efd16764f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/27b3b9ca5cfb7b8935852cf315abc005ea7c1e16
-CVE-2017-12565
+CVE-2017-12565 (In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the f ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870115)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/602
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/e0e544bb173213df00f82a810d66321e1bb4f3c8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4d0ac66c9778faebd2d1fac7140462b043626458
-CVE-2017-12564
+CVE-2017-12564 (In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the f ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870017)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/601
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ff3faa31166439d81b72de22daea2b6404569137
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/a4779cfbee2e4235fa9f9f8f2e58dca17f7ccc6b
-CVE-2017-12563
+CVE-2017-12563 (In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870530)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -17108,155 +17108,155 @@ CVE-2017-12563
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/599
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/82b53bd74df1489332e4043035a51b43f54d43f1
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7d3af83d8b946f952bfd028451e6dfb1f7ace07a
-CVE-2017-12561
+CVE-2017-12561 (A remote code execution vulnerability in HPE intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12560
+CVE-2017-12560 (A Remote Denial of Service vulnerability in HPE Intelligent Management ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12559
+CVE-2017-12559 (A Remote Denial of Service vulnerability in HPE Intelligent Management ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12558
+CVE-2017-12558 (A Remote Code Execution vulnerability in HPE intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12557
+CVE-2017-12557 (A Remote Code Execution vulnerability in HPE intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12556
+CVE-2017-12556 (A Remote Code Execution vulnerability in HPE intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12555
+CVE-2017-12555 (A remote arbitrary file download and disclosure of information vulnera ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12554
+CVE-2017-12554 (A remote code execution vulnerability in HPE intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12553
+CVE-2017-12553 (A local authentication bypass vulnerability in HPE System Management H ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12552
+CVE-2017-12552 (A local arbitrary execution of commands vulnerability in HPE System Ma ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12551
+CVE-2017-12551 (A local arbitrary execution of commands vulnerability in HPE System Ma ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12550
+CVE-2017-12550 (A local security misconfiguration vulnerability in HPE System Manageme ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12549
+CVE-2017-12549 (A local authentication bypass vulnerability in HPE System Management H ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12548
+CVE-2017-12548 (A local arbitrary command execution vulnerability in HPE System Manage ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12547
+CVE-2017-12547 (A local arbitrary command execution vulnerability in HPE System Manage ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12546
+CVE-2017-12546 (A local buffer overflow vulnerability in HPE System Management Homepag ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12545
+CVE-2017-12545 (A remote denial of service vulnerability in HPE System Management Home ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12544
+CVE-2017-12544 (A cross-site scripting vulnerability in HPE System Management Homepage ...)
 	NOT-FOR-US: HPE System Management Homepage
-CVE-2017-12543
+CVE-2017-12543 (A remote disclosure of information vulnerability in Moonshot Remote Co ...)
 	NOT-FOR-US: Moonshot Remote Console Administrator Pro
-CVE-2017-12542
+CVE-2017-12542 (A authentication bypass and execution of code vulnerability in HPE Int ...)
 	NOT-FOR-US: HPE ILO 4
-CVE-2017-12541
+CVE-2017-12541 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12540
+CVE-2017-12540 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12539
+CVE-2017-12539 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12538
+CVE-2017-12538 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12537
+CVE-2017-12537 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12536
+CVE-2017-12536 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12535
+CVE-2017-12535 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12534
+CVE-2017-12534 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12533
+CVE-2017-12533 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12532
+CVE-2017-12532 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12531
+CVE-2017-12531 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12530
+CVE-2017-12530 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12529
+CVE-2017-12529 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12528
+CVE-2017-12528 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12527
+CVE-2017-12527 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12526
+CVE-2017-12526 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12525
+CVE-2017-12525 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12524
+CVE-2017-12524 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12523
+CVE-2017-12523 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12522
+CVE-2017-12522 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12521
+CVE-2017-12521 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12520
+CVE-2017-12520 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12519
+CVE-2017-12519 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12518
+CVE-2017-12518 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12517
+CVE-2017-12517 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12516
+CVE-2017-12516 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12515
+CVE-2017-12515 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12514
+CVE-2017-12514 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12513
+CVE-2017-12513 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12512
+CVE-2017-12512 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12511
+CVE-2017-12511 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12510
+CVE-2017-12510 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12509
+CVE-2017-12509 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12508
+CVE-2017-12508 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12507
+CVE-2017-12507 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12506
+CVE-2017-12506 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12505
+CVE-2017-12505 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12504
+CVE-2017-12504 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12503
+CVE-2017-12503 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12502
+CVE-2017-12502 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12501
+CVE-2017-12501 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12500
+CVE-2017-12500 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12499
+CVE-2017-12499 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12498
+CVE-2017-12498 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12497
+CVE-2017-12497 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12496
+CVE-2017-12496 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12495
+CVE-2017-12495 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12494
+CVE-2017-12494 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12493
+CVE-2017-12493 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12492
+CVE-2017-12492 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12491
+CVE-2017-12491 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12490
+CVE-2017-12490 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12489
+CVE-2017-12489 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12488
+CVE-2017-12488 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-12487
+CVE-2017-12487 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
 CVE-2017-12486
 	RESERVED
@@ -17266,7 +17266,7 @@ CVE-2017-12484
 	RESERVED
 CVE-2017-12483
 	RESERVED
-CVE-2017-12482
+CVE-2017-12482 (The ledger::parse_date_mask_routine function in times.cc in Ledger 3.1 ...)
 	- ledger 3.1.2+dfsg1-1 (low; bug #870900)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
@@ -17274,7 +17274,7 @@ CVE-2017-12482
 	NOTE: http://bugs.ledger-cli.org/show_bug.cgi?id=1224
 	NOTE: https://github.com/ledger/ledger/issues/1224
 	NOTE: https://github.com/ledger/ledger/commit/7c0ae5b02571e21f97d45f5d091cb78af9885713
-CVE-2017-12481
+CVE-2017-12481 (The find_option function in option.cc in Ledger 3.1.1 allows remote at ...)
 	- ledger 3.1.2+dfsg1-1 (low; bug #870900)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
@@ -17282,155 +17282,155 @@ CVE-2017-12481
 	NOTE: http://bugs.ledger-cli.org/show_bug.cgi?id=1222
 	NOTE: https://github.com/ledger/ledger/issues/1222
 	NOTE: https://github.com/ledger/ledger/commit/c5343f18744d0f6fddcc590f9a54c23674d8c489
-CVE-2017-12480
+CVE-2017-12480 (Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading  ...)
 	NOT-FOR-US: Sandboxie
-CVE-2017-12479
+CVE-2017-12479 (It was discovered that an issue in the session logic in Unitrends Back ...)
 	NOT-FOR-US: Unitrends Backup
-CVE-2017-12478
+CVE-2017-12478 (It was discovered that the api/storage web interface in Unitrends Back ...)
 	NOT-FOR-US: Unitrends Backup
-CVE-2017-12477
+CVE-2017-12477 (It was discovered that the bpserverd proprietary protocol in Unitrends ...)
 	NOT-FOR-US: Unitrends Backup
-CVE-2017-12476
+CVE-2017-12476 (The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Be ...)
 	NOT-FOR-US: Bento4
-CVE-2017-12475
+CVE-2017-12475 (The AP4_Processor::Process function in Core/Ap4Processor.cpp in Bento4 ...)
 	NOT-FOR-US: Bento4
-CVE-2017-12474
+CVE-2017-12474 (The AP4_AtomSampleTable::GetSample function in Core/Ap4AtomSampleTable ...)
 	NOT-FOR-US: Bento4
-CVE-2017-12473
+CVE-2017-12473 (ccnl_ccntlv_bytes2pkt in CCN-lite allows context-dependent attackers t ...)
 	NOT-FOR-US: CCN-lite
-CVE-2017-12472
+CVE-2017-12472 (ccnl-ext-mgmt.c in CCN-lite before 2.00 allows context-dependent attac ...)
 	NOT-FOR-US: CCN-lite
-CVE-2017-12471
+CVE-2017-12471 (The cnb_parse_lev function in CCN-lite before 2.00 allows context-depe ...)
 	NOT-FOR-US: CCN-lite
-CVE-2017-12470
+CVE-2017-12470 (Integer overflow in the ndn_parse_sequence function in CCN-lite before ...)
 	NOT-FOR-US: CCN-lite
-CVE-2017-12469
+CVE-2017-12469 (Buffer overflow in util/ccnl-common.c in CCN-lite before 2.00 allows c ...)
 	NOT-FOR-US: CCN-lite
-CVE-2017-12468
+CVE-2017-12468 (Buffer overflow in ccn-lite-ccnb2xml.c in CCN-lite before 2.00 allows  ...)
 	NOT-FOR-US: CCN-lite
-CVE-2017-12467
+CVE-2017-12467 (Memory leak in CCN-lite before 2.00 allows context-dependent attackers ...)
 	NOT-FOR-US: CCN-lite
-CVE-2017-12466
+CVE-2017-12466 (CCN-lite before 2.00 allows context-dependent attackers to have unspec ...)
 	NOT-FOR-US: CCN-lite
-CVE-2017-12465
+CVE-2017-12465 (Multiple integer overflows in CCN-lite before 2.00 allow context-depen ...)
 	NOT-FOR-US: CCN-lite
-CVE-2017-12464
+CVE-2017-12464 (ccn-lite-valid.c in CCN-lite before 2.00 allows context-dependent atta ...)
 	NOT-FOR-US: CCN-lite
-CVE-2017-12463
+CVE-2017-12463 (Memory leak in the ccnl_app_RX function in ccnl-uapi.c in CCN-lite bef ...)
 	NOT-FOR-US: CCN-lite
 CVE-2017-12462
 	RESERVED
 CVE-2017-12461
 	RESERVED
-CVE-2017-12460
+CVE-2017-12460 (An issue was discovered in Barco ClickShare CSM-1 firmware before v1.7 ...)
 	NOT-FOR-US: Barco ClickShare CSM-1 firmware
-CVE-2017-12459
+CVE-2017-12459 (The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Bina ...)
 	- binutils 2.29-8
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21840
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8bdf0be19d2777565a8b1c88347f65d6a4b8c5fc
-CVE-2017-12458
+CVE-2017-12458 (The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Bin ...)
 	- binutils 2.29-8
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21840
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8bdf0be19d2777565a8b1c88347f65d6a4b8c5fc
-CVE-2017-12457
+CVE-2017-12457 (The bfd_make_section_with_flags function in section.c in the Binary Fi ...)
 	- binutils 2.29-8
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21840
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=patch;h=8bdf0be19d2777565a8b1c88347f65d6a4b8c5fc
-CVE-2017-12456
+CVE-2017-12456 (The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binuti ...)
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21813
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ca4cf9b9c622a5695e01f7f5815a7382a31fcf51
-CVE-2017-12455
+CVE-2017-12455 (The evax_bfd_print_emh function in vms-alpha.c in the Binary File Desc ...)
 	- binutils 2.29-8
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21840
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8bdf0be19d2777565a8b1c88347f65d6a4b8c5fc
-CVE-2017-12454
+CVE-2017-12454 (The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File ...)
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21813
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ca4cf9b9c622a5695e01f7f5815a7382a31fcf51
-CVE-2017-12453
+CVE-2017-12453 (The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descri ...)
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21813
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ca4cf9b9c622a5695e01f7f5815a7382a31fcf51
-CVE-2017-12452
+CVE-2017-12452 (The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386 ...)
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21813
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ca4cf9b9c622a5695e01f7f5815a7382a31fcf51
-CVE-2017-12451
+CVE-2017-12451 (The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff6 ...)
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21786
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=29866fa186ee3ebda5242221607dba360b2e541e
-CVE-2017-12450
+CVE-2017-12450 (The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File  ...)
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21813
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8a2df5e2df374289e00ecd8f099eb46d76ef982e
-CVE-2017-12449
+CVE-2017-12449 (The _bfd_vms_save_sized_string function in vms-misc.c in the Binary Fi ...)
 	- binutils 2.29-8
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21840
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8bdf0be19d2777565a8b1c88347f65d6a4b8c5fc
-CVE-2017-12448
+CVE-2017-12448 (The bfd_cache_close function in bfd/cache.c in the Binary File Descrip ...)
 	- binutils 2.29-9
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21787
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=909e4e716c4d77e33357bbe9bc902bfaf2e1af24
-CVE-2017-12447
+CVE-2017-12447 (GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus ...)
 	- gdk-pixbuf 2.34.0-1
 	[jessie] - gdk-pixbuf 2.31.1-2+deb8u5
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=785979
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gdk-pixbuf/commit/b7bf6fbfb310fceba2d35d4de143b8d5ffdad990 (2.33.2)
 CVE-2017-12446
 	RESERVED
-CVE-2017-12445
+CVE-2017-12445 (The JB2BitmapCoder::code_row_by_refinement function in jb2/bmpcoder.cp ...)
 	- minidjvu <unfixed> (unimportant; bug #871495)
 	NOTE: https://sourceforge.net/p/minidjvu/bugs/8/
-CVE-2017-12444
+CVE-2017-12444 (The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in minidj ...)
 	- minidjvu <unfixed> (unimportant; bug #871495)
 	NOTE: https://sourceforge.net/p/minidjvu/bugs/8/
-CVE-2017-12443
+CVE-2017-12443 (The mdjvu_bitmap_pack_row function in base/4bitmap.c in minidjvu 0.8 c ...)
 	- minidjvu <unfixed> (unimportant; bug #871495)
 	NOTE: https://sourceforge.net/p/minidjvu/bugs/8/
-CVE-2017-12442
+CVE-2017-12442 (The row_is_empty function in base/4bitmap.c:272 in minidjvu 0.8 can ca ...)
 	- minidjvu <unfixed> (unimportant; bug #871495)
 	NOTE: https://sourceforge.net/p/minidjvu/bugs/8/
-CVE-2017-12441
+CVE-2017-12441 (The row_is_empty function in base/4bitmap.c:274 in minidjvu 0.8 can ca ...)
 	- minidjvu <unfixed> (unimportant; bug #871495)
 	NOTE: https://sourceforge.net/p/minidjvu/bugs/8/
-CVE-2017-12440
+CVE-2017-12440 (Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11 ...)
 	{DSA-3953-1}
 	- aodh 5.0.0-2 (bug #872605)
 	NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0080
@@ -17438,7 +17438,7 @@ CVE-2017-12440
 	NOTE: Ocata: https://review.openstack.org/#/c/493824/
 	NOTE: Newton: https://review.openstack.org/#/c/493826/
 	NOTE: https://github.com/openstack/aodh/commit/cb90d3ad472bba8d648803ca94a9196dff97f0e8
-CVE-2017-12439
+CVE-2017-12439 (SocuSoft Flash Slideshow Maker Professional through v5.20, when the ad ...)
 	NOT-FOR-US: SocuSoft Flash Slideshow Maker Professional
 CVE-2017-12438
 	RESERVED
@@ -17446,7 +17446,7 @@ CVE-2017-12437
 	RESERVED
 CVE-2017-12436
 	RESERVED
-CVE-2017-12435
+CVE-2017-12435 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870504)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -17454,13 +17454,13 @@ CVE-2017-12435
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/543
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2dd8d55742fce7d079b6a16039c18e49c091224f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/44cb8dfd4cbe6fc475c863a5946cff64e34c2088
-CVE-2017-12433
+CVE-2017-12433 (In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the f ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant; bug #872481)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/548
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7beec9a7a8a5701652b313e6e94bafd36b3627dc
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/0a170d18390d3762586f164e6abe3c4766d14620
-CVE-2017-12432
+CVE-2017-12432 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (low; bug #870491)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -17468,7 +17468,7 @@ CVE-2017-12432
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/536
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/061de02095a56d438409c63f723f340b2d9d36c7
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/3ded916c5da6febe9660c3cfa44c3114567adf74
-CVE-2017-12429
+CVE-2017-12429 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -17478,38 +17478,38 @@ CVE-2017-12429
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/3ac6c73d39d59a7b0285b3756810272121759a31
 	NOTE: The fix applied for #869727 included the change for upstream issue 545, cf.
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/546#issuecomment-313968413
-CVE-2017-12427
+CVE-2017-12427 (The ProcessMSLScript function in coders/msl.c in ImageMagick before 6. ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870525)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/636
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/e793eb203e5e0f91f5037aed6585e81b1e27395b
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/841f7b27dc88c685c61252d59b7e20e94c982456
-CVE-2017-12426
+CVE-2017-12426 (GitLab Community Edition (CE) and Enterprise Edition (EE) before 8.17. ...)
 	- gitlab 9.5.4+dfsg-7 (bug #872190; unimportant)
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/35212
 	NOTE: The fix for git for CVE-2017-1000117 mitgates the issue in gitlab itself.
 	NOTE: The CVE is for the issue when importing a project via crafted SSH URLs,
 	NOTE: which becomes ineffective with a fixed git version itself.
-CVE-2017-12424
+CVE-2017-12424 (In shadow before 4.5, the newusers tool could be made to manipulate in ...)
 	- shadow 1:4.5-1 (bug #756630)
 	[stretch] - shadow <no-dsa> (Minor issue)
 	[jessie] - shadow <no-dsa> (Minor issue)
 	[wheezy] - shadow <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1266675
 	NOTE: https://github.com/shadow-maint/shadow/commit/954e3d2e7113e9ac06632aee3c69b8d818cc8952 (4.5)
-CVE-2017-12423
+CVE-2017-12423 (NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote authen ...)
 	NOT-FOR-US: NetApp
-CVE-2017-12422
+CVE-2017-12422 (NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3 ...)
 	NOT-FOR-US: NetApp
-CVE-2017-12421
+CVE-2017-12421 (NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote authen ...)
 	NOT-FOR-US: NetApp
-CVE-2017-12420
+CVE-2017-12420 (Heap-based buffer overflow in the SMB implementation in NetApp Cluster ...)
 	NOT-FOR-US: NetApp
-CVE-2017-12419
+CVE-2017-12419 (If, after successful installation of MantisBT through 2.5.2 on MySQL/M ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in Wheezy)
 	NOTE: https://mantisbt.org/bugs/view.php?id=23173
-CVE-2017-12418
+CVE-2017-12418 (ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM  ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant; bug #872498)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/643
@@ -17517,19 +17517,19 @@ CVE-2017-12418
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bfd93888beccf2eff49cc9abfa6b5167c9c9109d
 CVE-2017-12417
 	RESERVED
-CVE-2017-12416
+CVE-2017-12416 (Cross-site scripting (XSS) vulnerability in the GlobalProtect internal ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-12415
+CVE-2017-12415 (OXID eShop Community Edition before 6.0.0 RC2 (development), 4.10.x be ...)
 	NOT-FOR-US: OXID eShop
-CVE-2017-12414
+CVE-2017-12414 (Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an untr ...)
 	NOT-FOR-US: Format Factory
-CVE-2017-12413
+CVE-2017-12413 (AXIS 2100 devices 2.43 have XSS via the URI, possibly related to admin ...)
 	NOT-FOR-US: AXIS 2100 devices
-CVE-2017-12412
+CVE-2017-12412 (ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent at ...)
 	NOT-FOR-US: CCN-lite
 CVE-2017-12411
 	RESERVED
-CVE-2017-12410
+CVE-2017-12410 (It is possible to exploit a Time of Check &amp; Time of Use (TOCTOU) v ...)
 	NOT-FOR-US: Kaseya Virtual System Administrator agent
 CVE-2017-12409
 	RESERVED
@@ -17589,7 +17589,7 @@ CVE-2017-12382
 	RESERVED
 CVE-2017-12381
 	RESERVED
-CVE-2017-12380
+CVE-2017-12380 (ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerab ...)
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17597,7 +17597,7 @@ CVE-2017-12380
 	NOTE: http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11945
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/39c89d14a61aef2958b8ea64ade1be7a5faca897
-CVE-2017-12379
+CVE-2017-12379 (ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerab ...)
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17605,7 +17605,7 @@ CVE-2017-12379
 	NOTE: http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11944
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/0604618374dc0dfd148b0ce7bf7a3d2b7528e66b
-CVE-2017-12378
+CVE-2017-12378 (ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerab ...)
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17614,7 +17614,7 @@ CVE-2017-12378
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11946
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/292d6878fa3e7fd2ab0f7275a78190639ad116d4
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/0cf813f835e48ab0f94dd54200ceba0dc25fa1c4
-CVE-2017-12377
+CVE-2017-12377 (ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerab ...)
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17623,7 +17623,7 @@ CVE-2017-12377
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11943
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/38da4800bfb2d6b13579950b6543302d13e3015c
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/e887f113242ffcb0ea8735c3f567c6be77f382d6
-CVE-2017-12376
+CVE-2017-12376 (ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerab ...)
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17631,7 +17631,7 @@ CVE-2017-12376
 	NOTE: http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11942
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/c8ba4ae2e47a4f49add3e85ef7041b166be6bfdb
-CVE-2017-12375
+CVE-2017-12375 (The ClamAV AntiVirus software versions 0.99.2 and prior contain a vuln ...)
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17639,7 +17639,7 @@ CVE-2017-12375
 	NOTE: http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11940
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/d1100be31a567718ce7c7dd6e6c632eddab55209
-CVE-2017-12374
+CVE-2017-12374 (The ClamAV AntiVirus software versions 0.99.2 and prior contain a vuln ...)
 	{DLA-1261-1}
 	- clamav 0.99.3~beta2+dfsg-1 (bug #888484)
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -17647,97 +17647,97 @@ CVE-2017-12374
 	NOTE: http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11939
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/7cf2a701041b775dda9743d01665279facc9b326
-CVE-2017-12373
+CVE-2017-12373 (A vulnerability in the TLS protocol implementation of legacy Cisco ASA ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12372
+CVE-2017-12372 (A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerab ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12371
+CVE-2017-12371 (A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerab ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12370
+CVE-2017-12370 (A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerab ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12369
+CVE-2017-12369 (A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" e ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12368
+CVE-2017-12368 (A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerab ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12367
+CVE-2017-12367 (A "Cisco WebEx Network Recording Player Denial of Service Vulnerabilit ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12366
+CVE-2017-12366 (A vulnerability in Cisco WebEx Meeting Center could allow an unauthent ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12365
+CVE-2017-12365 (A vulnerability in Cisco WebEx Event Center could allow an authenticat ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12364
+CVE-2017-12364 (A SQL Injection vulnerability in the web framework of Cisco Prime Serv ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12363
+CVE-2017-12363 (A vulnerability in Cisco WebEx Meeting Server could allow an unauthent ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12362
+CVE-2017-12362 (A vulnerability in Cisco Meeting Server versions prior to 2.2.2 could  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12361
+CVE-2017-12361 (A vulnerability in Cisco Jabber for Windows could allow an unauthentic ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12360
+CVE-2017-12360 (A vulnerability in Cisco WebEx Network Recording Player for WebEx Reco ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12359
+CVE-2017-12359 (A Buffer Overflow vulnerability in Cisco WebEx Network Recording Playe ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12358
+CVE-2017-12358 (A vulnerability in the web-based management interface of Cisco Jabber  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12357
+CVE-2017-12357 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12356
+CVE-2017-12356 (A vulnerability in the web-based management interface of Cisco Jabber  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12355
+CVE-2017-12355 (A vulnerability in the Local Packet Transport Services (LPTS) ingress  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12354
+CVE-2017-12354 (A vulnerability in the web-based interface of Cisco Secure Access Cont ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12353
+CVE-2017-12353 (A vulnerability in the Multipurpose Internet Mail Extensions (MIME) sc ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12352
+CVE-2017-12352 (A vulnerability in certain system script files that are installed at b ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12351
+CVE-2017-12351 (A vulnerability in the guest shell feature of Cisco NX-OS System Softw ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12350
+CVE-2017-12350 (A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 an ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12349
+CVE-2017-12349 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12348
+CVE-2017-12348 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12347
+CVE-2017-12347 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) S ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12346
+CVE-2017-12346 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) S ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12345
+CVE-2017-12345 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) S ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12344
+CVE-2017-12344 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) S ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12343
+CVE-2017-12343 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) S ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12342
+CVE-2017-12342 (A vulnerability in the Open Agent Container (OAC) feature of Cisco Nex ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12341
+CVE-2017-12341 (A vulnerability in the CLI of Cisco NX-OS System Software could allow  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12340
+CVE-2017-12340 (A vulnerability in Cisco NX-OS System Software running on Cisco MDS Mu ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12339
+CVE-2017-12339 (A vulnerability in the CLI of Cisco NX-OS System Software could allow  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12338
+CVE-2017-12338 (A vulnerability in the CLI of Cisco NX-OS System Software could allow  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12337
+CVE-2017-12337 (A vulnerability in the upgrade mechanism of Cisco collaboration produc ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12336
+CVE-2017-12336 (A vulnerability in the TCL scripting subsystem of Cisco NX-OS System S ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12335
+CVE-2017-12335 (A vulnerability in the CLI of Cisco NX-OS System Software could allow  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12334
+CVE-2017-12334 (A vulnerability in the CLI of Cisco NX-OS System Software could allow  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12333
+CVE-2017-12333 (A vulnerability in Cisco NX-OS System Software could allow an authenti ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12332
+CVE-2017-12332 (A vulnerability in Cisco NX-OS System Software patch installation coul ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12331
+CVE-2017-12331 (A vulnerability in Cisco NX-OS System Software could allow an authenti ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12330
+CVE-2017-12330 (A vulnerability in the CLI of Cisco NX-OS System Software could allow  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12329
+CVE-2017-12329 (A vulnerability in the CLI of Cisco Firepower Extensible Operating Sys ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12328
+CVE-2017-12328 (A vulnerability in Session Initiation Protocol (SIP) call handling in  ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12327
 	RESERVED
@@ -17747,231 +17747,231 @@ CVE-2017-12325
 	RESERVED
 CVE-2017-12324
 	RESERVED
-CVE-2017-12323
+CVE-2017-12323 (Multiple vulnerabilities in the web interface of the Cisco Registered  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12322
+CVE-2017-12322 (Multiple vulnerabilities in the web interface of the Cisco Registered  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12321
+CVE-2017-12321 (Multiple vulnerabilities in the web interface of the Cisco Registered  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12320
+CVE-2017-12320 (Multiple vulnerabilities in the web interface of the Cisco Registered  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12319
+CVE-2017-12319 (A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12318
+CVE-2017-12318 (A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12317
+CVE-2017-12317 (The Cisco AMP For Endpoints application allows an authenticated, local ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12316
+CVE-2017-12316 (A vulnerability in the Guest Portal login page of Cisco Identity Servi ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12315
+CVE-2017-12315 (A vulnerability in system logging when replication is being configured ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12314
+CVE-2017-12314 (A vulnerability in the Cisco FindIT Network Discovery Utility could al ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12313
+CVE-2017-12313 (An untrusted search path (aka DLL Preload) vulnerability in the Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12312
+CVE-2017-12312 (An untrusted search path (aka DLL Preloading) vulnerability in the Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12311
+CVE-2017-12311 (A vulnerability in the H.264 decoder function of Cisco Meeting Server  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12310
+CVE-2017-12310 (A vulnerability in the auto discovery phase of Cisco Spark Hybrid Cale ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12309
+CVE-2017-12309 (A vulnerability in the Cisco Email Security Appliance (ESA) could allo ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12308
+CVE-2017-12308 (A vulnerability in the web framework of Cisco Small Business Managed S ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12307
+CVE-2017-12307 (A vulnerability in the web framework of Cisco Small Business Managed S ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12306
+CVE-2017-12306 (A vulnerability in the upgrade process of Cisco Spark Board could allo ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12305
+CVE-2017-12305 (A vulnerability in the debug interface of Cisco IP Phone 8800 series c ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12304
+CVE-2017-12304 (A vulnerability in the IOS daemon (IOSd) web-based management interfac ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12303
+CVE-2017-12303 (A vulnerability in the Advanced Malware Protection (AMP) file filterin ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12302
+CVE-2017-12302 (A vulnerability in the Cisco Unified Communications Manager SQL databa ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12301
+CVE-2017-12301 (A vulnerability in the Python scripting subsystem of Cisco NX-OS Softw ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12300
+CVE-2017-12300 (A vulnerability in the SNORT detection engine of Cisco Firepower Syste ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12299
+CVE-2017-12299 (A vulnerability exists in the process of creating default IP blocks du ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12298
+CVE-2017-12298 (A vulnerability in Cisco WebEx Meeting Center could allow an unauthent ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12297
+CVE-2017-12297 (A vulnerability in Cisco WebEx Meeting Center could allow an authentic ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12296
+CVE-2017-12296 (A vulnerability in Cisco WebEx Meetings Server could allow an unauthen ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12295
+CVE-2017-12295 (A vulnerability in Cisco WebEx Meetings Server could allow an unauthen ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12294
+CVE-2017-12294 (A vulnerability in Cisco WebEx Meetings Server could allow an authenti ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12293
+CVE-2017-12293 (A vulnerability in Cisco WebEx Meetings Server could allow an unauthen ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12292
+CVE-2017-12292 (Multiple vulnerabilities in the web interface of the Cisco Registered  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12291
+CVE-2017-12291 (Multiple vulnerabilities in the web interface of the Cisco Registered  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12290
+CVE-2017-12290 (Multiple vulnerabilities in the web interface of the Cisco Registered  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12289
+CVE-2017-12289 (A vulnerability in conditional, verbose debug logging for the IPsec fe ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12288
+CVE-2017-12288 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12287
+CVE-2017-12287 (A vulnerability in the cluster database (CDB) management component of  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12286
+CVE-2017-12286 (A vulnerability in the web interface of Cisco Jabber could allow an au ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12285
+CVE-2017-12285 (A vulnerability in the web interface of Cisco Network Analysis Module  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12284
+CVE-2017-12284 (A vulnerability in the web interface of Cisco Jabber for Windows Clien ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12283
+CVE-2017-12283 (A vulnerability in the handling of 802.11w Protected Management Frames ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12282
+CVE-2017-12282 (A vulnerability in the Access Network Query Protocol (ANQP) ingress fr ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12281
+CVE-2017-12281 (A vulnerability in the implementation of Protected Extensible Authenti ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12280
+CVE-2017-12280 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12279
+CVE-2017-12279 (A vulnerability in the packet processing code of Cisco IOS Software fo ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12278
+CVE-2017-12278 (A vulnerability in the Simple Network Management Protocol (SNMP) subsy ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12277
+CVE-2017-12277 (A vulnerability in the Smart Licensing Manager service of the Cisco Fi ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12276
+CVE-2017-12276 (A vulnerability in the web framework code for the SQL database interfa ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12275
+CVE-2017-12275 (A vulnerability in the implementation of 802.11v Basic Service Set (BS ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12274
+CVE-2017-12274 (A vulnerability in Extensible Authentication Protocol (EAP) ingress fr ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12273
+CVE-2017-12273 (A vulnerability in 802.11 association request frame processing for the ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12272
+CVE-2017-12272 (A vulnerability in the web framework code of Cisco IOS XE Software cou ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12271
+CVE-2017-12271 (A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allo ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12270
+CVE-2017-12270 (A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Ne ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12269
+CVE-2017-12269 (A vulnerability in the web UI of Cisco Spark Messaging Software could  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12268
+CVE-2017-12268 (A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnec ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12267
+CVE-2017-12267 (A vulnerability in the Independent Computing Architecture (ICA) accele ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12266
+CVE-2017-12266 (A vulnerability in the routine that loads DLL files in Cisco Meeting A ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12265
+CVE-2017-12265 (A vulnerability in the web-based management interface of Cisco Adaptiv ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12264
+CVE-2017-12264 (A vulnerability in the Web Admin Interface of Cisco Meeting Server cou ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12263
+CVE-2017-12263 (A vulnerability in the web interface of Cisco License Manager software ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12262
+CVE-2017-12262 (A vulnerability within the firewall configuration of the Cisco Applica ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12261
+CVE-2017-12261 (A vulnerability in the restricted shell of the Cisco Identity Services ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12260
+CVE-2017-12260 (A vulnerability in the implementation of Session Initiation Protocol ( ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12259
+CVE-2017-12259 (A vulnerability in the implementation of Session Initiation Protocol ( ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12258
+CVE-2017-12258 (A vulnerability in the web-based UI of Cisco Unified Communications Ma ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12257
+CVE-2017-12257 (A vulnerability in the web framework of Cisco WebEx Meetings Server co ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12256
+CVE-2017-12256 (A vulnerability in the Akamai Connect feature of Cisco Wide Area Appli ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12255
+CVE-2017-12255 (A vulnerability in the CLI of Cisco UCS Central Software could allow a ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12254
+CVE-2017-12254 (A vulnerability in the web interface of Cisco Unified Intelligence Cen ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12253
+CVE-2017-12253 (A vulnerability in the Cisco Unified Intelligence Center could allow a ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12252
+CVE-2017-12252 (A vulnerability in the Cisco FindIT Network Discovery Utility could al ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12251
+CVE-2017-12251 (A vulnerability in the web console of the Cisco Cloud Services Platfor ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12250
+CVE-2017-12250 (A vulnerability in the HTTP web interface for Cisco Wide Area Applicat ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12249
+CVE-2017-12249 (A vulnerability in the Traversal Using Relay NAT (TURN) server include ...)
 	NOT-FOR-US: Cisco Meeting Server
-CVE-2017-12248
+CVE-2017-12248 (A vulnerability in the web framework code of Cisco Unified Intelligenc ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12247
 	RESERVED
-CVE-2017-12246
+CVE-2017-12246 (A vulnerability in the implementation of the direct authentication fea ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12245
+CVE-2017-12245 (A vulnerability in SSL traffic decryption for Cisco Firepower Threat D ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12244
+CVE-2017-12244 (A vulnerability in the detection engine parsing of IPv6 packets for Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12243
+CVE-2017-12243 (A vulnerability in the Cisco Unified Computing System (UCS) Manager, C ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12242
 	RESERVED
 CVE-2017-12241
 	RESERVED
-CVE-2017-12240
+CVE-2017-12240 (The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12239
+CVE-2017-12239 (A vulnerability in motherboard console ports of line cards for Cisco A ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12238
+CVE-2017-12238 (A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12237
+CVE-2017-12237 (A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12236
+CVE-2017-12236 (A vulnerability in the implementation of the Locator/ID Separation Pro ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12235
+CVE-2017-12235 (A vulnerability in the implementation of the PROFINET Discovery and Co ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12234
+CVE-2017-12234 (Multiple vulnerabilities in the implementation of the Common Industria ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12233
+CVE-2017-12233 (Multiple vulnerabilities in the implementation of the Common Industria ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12232
+CVE-2017-12232 (A vulnerability in the implementation of a protocol in Cisco Integrate ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12231
+CVE-2017-12231 (A vulnerability in the implementation of Network Address Translation ( ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12230
+CVE-2017-12230 (A vulnerability in the web-based user interface (web UI) of Cisco IOS  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12229
+CVE-2017-12229 (A vulnerability in the REST API of the web-based user interface (web U ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12228
+CVE-2017-12228 (A vulnerability in the Cisco Network Plug and Play application of Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12227
+CVE-2017-12227 (A vulnerability in the SQL database interface for Cisco Emergency Resp ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12226
+CVE-2017-12226 (A vulnerability in the web-based Wireless Controller GUI of Cisco IOS  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12225
+CVE-2017-12225 (A vulnerability in the web functionality of the Cisco Prime LAN Manage ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12224
+CVE-2017-12224 (A vulnerability in the ability for guest users to join meetings via a  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12223
+CVE-2017-12223 (A vulnerability in the ROM Monitor (ROMMON) code of Cisco IR800 Integr ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12222
+CVE-2017-12222 (A vulnerability in the wireless controller manager of Cisco IOS XE cou ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12221
+CVE-2017-12221 (A vulnerability in the web framework of Cisco Firepower Management Cen ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12220
+CVE-2017-12220 (A vulnerability in the web-based management interface of Cisco Firepow ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12219
+CVE-2017-12219 (A vulnerability in the handling of IP fragments for the Cisco Small Bu ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12218
+CVE-2017-12218 (A vulnerability in the malware detection functionality within Advanced ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12217
+CVE-2017-12217 (A vulnerability in the General Packet Radio Service (GPRS) Tunneling P ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12216
+CVE-2017-12216 (A vulnerability in the web-based user interface of Cisco SocialMiner c ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12215
+CVE-2017-12215 (A vulnerability in the email message filtering feature of Cisco AsyncO ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12214
+CVE-2017-12214 (A vulnerability in the Operations, Administration, Maintenance, and Pr ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12213
+CVE-2017-12213 (A vulnerability in the dynamic access control list (ACL) feature of Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12212
+CVE-2017-12212 (A vulnerability in the web framework of Cisco Unity Connection could a ...)
 	NOT-FOR-US: Cisco
-CVE-2017-12211
+CVE-2017-12211 (A vulnerability in the IPv6 Simple Network Management Protocol (SNMP)  ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12210
 	RESERVED
@@ -17993,33 +17993,33 @@ CVE-2017-12202
 	RESERVED
 CVE-2017-12201
 	RESERVED
-CVE-2017-12425
+CVE-2017-12425 (An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1 ...)
 	{DSA-3924-1}
 	- varnish 5.0.0-7.1 (bug #870467)
 	[wheezy] - varnish <not-affected> (code path is not exposed to clients)
 	NOTE: https://www.varnish-cache.org/security/VSV00001.html#vsv00001
 	NOTE: https://github.com/varnishcache/varnish-cache/issues/2379
 	NOTE: https://github.com/varnishcache/varnish-cache/commit/09731b24b2225e3c0d66d3ec1b4fedef6fa22b6e
-CVE-2017-12200
+CVE-2017-12200 (The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has XS ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-12199
+CVE-2017-12199 (The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQ ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2017-12198
 	RESERVED
-CVE-2017-12197
+CVE-2017-12197 (It was found that libpam4j up to and including 1.8 did not properly va ...)
 	{DSA-4025-1 DLA-1165-1}
 	- libpam4j 1.4-3 (bug #879001)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1503103
 	NOTE: https://github.com/kohsuke/libpam4j/issues/18
 	NOTE: (Non-upstream) patch: https://github.com/letonez/libpam4j/commit/84f32f4001fc6bdcc125ccc959081de022d18b6d
-CVE-2017-12196
+CVE-2017-12196 (undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was fou ...)
 	- undertow 1.4.25-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1503055
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/facb33a5cedaf4b7b96d3840a08210370a806870
 	NOTE: See also https://github.com/undertow-io/undertow/commit/8804170ce3186bdd83b486959399ec7ac0f59d0f
-CVE-2017-12195
+CVE-2017-12195 (A flaw was found in all Openshift Enterprise versions using the opensh ...)
 	NOT-FOR-US: OpenShift
-CVE-2017-12194
+CVE-2017-12194 (A flaw was found in the way spice-client processed certain messages se ...)
 	- spice-gtk 0.35-1 (bug #898503)
 	[stretch] - spice-gtk <no-dsa> (Minor issue)
 	[jessie] - spice-gtk <no-dsa> (Minor issue)
@@ -18027,99 +18027,99 @@ CVE-2017-12194
 	NOTE: Proposed patches in: https://bugzilla.redhat.com/show_bug.cgi?id=1240165
 	NOTE: Although not present in the binary packages the (de)marshal.py are used to
 	NOTE: generate repsecitve code which should be in libspice-common-client.
-CVE-2017-12193
+CVE-2017-12193 (The assoc_array_insert_into_terminal_node function in lib/assoc_array. ...)
 	- linux 4.13.13-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.13-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/ea6789980fdaa610d7eb63602c746bf6ec70cd2b (4.14-rc7)
 	NOTE: Introduced by: https://git.kernel.org/linus/3cb989501c2688cacbb7dc4b0d353faf838f53a1 (3.13-rc1)
-CVE-2017-12192
+CVE-2017-12192 (The keyctl_read_key function in security/keys/keyctl.c in the Key Mana ...)
 	- linux 4.13.4-2
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/37863c43b2c6464f252862bf2e9768264e961678 (4.14-rc3)
 	NOTE: Introduced by: https://git.kernel.org/linus/61ea0c0ba904a55f55317d850c1072ff7835ac92 (3.13-rc1)
-CVE-2017-12191
+CVE-2017-12191 (A flaw was found in the CloudForms account configuration when using VM ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2017-12190
+CVE-2017-12190 (The bio_map_user_iov and bio_unmap_user functions in block/bio.c in th ...)
 	{DLA-1200-1}
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1495089
-CVE-2017-12189
+CVE-2017-12189 (It was discovered that the jboss init script as used in Red Hat JBoss  ...)
 	NOT-FOR-US: Red Hat JBoss; jbossas init script
-CVE-2017-12188
+CVE-2017-12188 (arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested vir ...)
 	- linux 4.13.4-2
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500380
 	NOTE: https://www.spinics.net/lists/kvm/msg156651.html
-CVE-2017-12187
+CVE-2017-12187 (xorg-x11-server before 1.19.5 was missing length validation in RENDER  ...)
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
-CVE-2017-12186
+CVE-2017-12186 (xorg-x11-server before 1.19.5 was missing length validation in X-Resou ...)
 	{DSA-4000-1}
 	- xorg-server 2:1.19.5-1
 	[wheezy] - xorg-server <not-affected> (Vulnerable code introduced later)
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
-CVE-2017-12185
+CVE-2017-12185 (xorg-x11-server before 1.19.5 was missing length validation in MIT-SCR ...)
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
-CVE-2017-12184
+CVE-2017-12184 (xorg-x11-server before 1.19.5 was missing length validation in XINERAM ...)
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
-CVE-2017-12183
+CVE-2017-12183 (xorg-x11-server before 1.19.5 was missing length validation in XFIXES  ...)
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=55caa8b08c84af2b50fbc936cf334a5a93dd7db5
-CVE-2017-12182
+CVE-2017-12182 (xorg-x11-server before 1.19.5 was missing length validation in XFree86 ...)
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=1b1d4c04695dced2463404174b50b3581dbd857b
-CVE-2017-12181
+CVE-2017-12181 (xorg-x11-server before 1.19.5 was missing length validation in XFree86 ...)
 	{DSA-4000-1}
 	- xorg-server 2:1.19.5-1
 	[wheezy] - xorg-server <not-affected> (Vulnerable code introduced later)
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=1b1d4c04695dced2463404174b50b3581dbd857b
-CVE-2017-12180
+CVE-2017-12180 (xorg-x11-server before 1.19.5 was missing length validation in XFree86 ...)
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=1b1d4c04695dced2463404174b50b3581dbd857b
-CVE-2017-12179
+CVE-2017-12179 (xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S ...)
 	{DSA-4000-1}
 	- xorg-server 2:1.19.5-1
 	[wheezy] - xorg-server <not-affected> (Vulnerable code introduced later)
-CVE-2017-12178
+CVE-2017-12178 (xorg-x11-server before 1.19.5 had wrong extra length check in ProcXICh ...)
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=859b08d523307eebde7724fd1a0789c44813e821
-CVE-2017-12177
+CVE-2017-12177 (xorg-x11-server before 1.19.5 was vulnerable to integer overflow in Pr ...)
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=4ca68b878e851e2136c234f40a25008297d8d831
-CVE-2017-12176
+CVE-2017-12176 (xorg-x11-server before 1.19.5 was missing extra length validation in P ...)
 	{DSA-4000-1 DLA-1186-1}
 	- xorg-server 2:1.19.5-1
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81
-CVE-2017-12175
+CVE-2017-12175 (Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule  ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2017-12174
+CVE-2017-12174 (It was found that when Artemis and HornetQ before 2.4.0 are configured ...)
 	NOT-FOR-US: Artemis and HornetQ
-CVE-2017-12173
+CVE-2017-12173 (It was found that sssd's sysdb_search_user_by_upn_res() function befor ...)
 	- sssd 1.15.3-2 (bug #877885)
 	[jessie] - sssd <not-affected> (Vulnerable code introduced later)
 	[wheezy] - sssd <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1498173
 	NOTE: Fixed by: https://pagure.io/SSSD/sssd/c/1f2662c8f97c9c0fa250055d4b6750abfc6d0835
 	NOTE: Introduced by https://pagure.io/SSSD/sssd/c/7ecb5aea65cb1899f16e7a41bffa93d074defd4a (sssd-1_12_0)
-CVE-2017-12172
+CVE-2017-12172 (PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10,  ...)
 	- postgresql-10 10.1-1 (unimportant)
 	- postgresql-9.6 <removed> (unimportant)
 	[stretch] - postgresql-9.6 9.6.6-0+deb9u1
@@ -18129,24 +18129,24 @@ CVE-2017-12172
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	[wheezy] - postgresql-9.1 <not-affected> (Vulnerable code not installed)
 	NOTE: Issue in sample init-scirpt as provided by postgresql project, but not installed
-CVE-2017-12171
+CVE-2017-12171 (A regression was found in the Red Hat Enterprise Linux 6.9 version of  ...)
 	- apache2 <not-affected> (Introduced by Red Hat RHEL 6.9 specific non-security patch)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1493056
-CVE-2017-12170
+CVE-2017-12170 (Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vuln ...)
 	- pure-ftpd <not-affected> (Fedora specific packaging error)
-CVE-2017-12169
+CVE-2017-12169 (It was found that FreeIPA 4.2.0 and later could disclose password hash ...)
 	- freeipa <unfixed> (unimportant; bug #895950)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1487697
 	NOTE: Proposed patch: https://bugzilla.redhat.com/attachment.cgi?id=1331008
 	NOTE: Negligible security impact
-CVE-2017-12168
+CVE-2017-12168 (The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Lin ...)
 	- linux 4.8.11-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/9e3f7a29694049edd728e2400ab57ad7553e5aa9 (4.9-rc6)
-CVE-2017-12167
+CVE-2017-12167 (It was found in EAP 7 before 7.0.9 that properties based files of the  ...)
 	NOT-FOR-US: Red Hat JBoss EAP
-CVE-2017-12166
+CVE-2017-12166 (OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to ...)
 	- openvpn 2.4.4-1 (bug #877089)
 	[stretch] - openvpn <no-dsa> (Minor issue)
 	[jessie] - openvpn <no-dsa> (Minor issue)
@@ -18157,102 +18157,102 @@ CVE-2017-12166
 	NOTE: https://community.openvpn.net/openvpn/changeset/c7e259160b28e94e4ea7f0ef767f8134283af255/ (release/2.4)
 	NOTE: https://community.openvpn.net/openvpn/changeset/fce34375295151f548a26c2d0eb30141e427c81a/ (release/2.3)
 	NOTE: https://community.openvpn.net/openvpn/changeset/a9f5c744d6b09f2495ca48d2c926efd3a4b981e6/ (release/2.2)
-CVE-2017-12165
+CVE-2017-12165 (It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 proces ...)
 	- undertow <unfixed> (bug #885338)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1490301
 	NOTE: Fix likely included in the same commit as the fix for CVE-2017-7559
 	NOTE: https://github.com/undertow-io/undertow/commit/3436b03eda8b0b62c1855698c4d7c358add836c2
-CVE-2017-12164
+CVE-2017-12164 (A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer se ...)
 	- gdm3 3.26.0-1
 	[stretch] - gdm3 <not-affected> (Vulnerable code not present)
 	[jessie] - gdm3 <not-affected> (Vulnerable code not present)
 	[wheezy] - gdm3 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1490417
 	NOTE: Introduced in https://git.gnome.org/browse/gdm/commit/?id=ff98b28
-CVE-2017-12163
+CVE-2017-12163 (An information leak flaw was found in the way SMB1 protocol was implem ...)
 	{DSA-3983-1 DLA-1110-1}
 	- samba 2:4.6.7+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2017-12163.html
 CVE-2017-12162
 	RESERVED
-CVE-2017-12161
+CVE-2017-12161 (It was found that keycloak before 3.4.2 final would permit misuse of a ...)
 	NOT-FOR-US: Keycloak
-CVE-2017-12160
+CVE-2017-12160 (It was found that Keycloak oauth would permit an authenticated resourc ...)
 	NOT-FOR-US: Keycloak
-CVE-2017-12159
+CVE-2017-12159 (It was found that the cookie used for CSRF prevention in Keycloak was  ...)
 	NOT-FOR-US: Keycloak
-CVE-2017-12158
+CVE-2017-12158 (It was found that Keycloak would accept a HOST header URL in the admin ...)
 	NOT-FOR-US: Keycloak
-CVE-2017-12157
+CVE-2017-12157 (In Moodle 3.x, various course reports allow teachers to view details a ...)
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=358586
-CVE-2017-12156
+CVE-2017-12156 (Moodle 3.x has XSS in the contact form on the "non-respondents" page i ...)
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=358585
-CVE-2017-12155
+CVE-2017-12155 (A resource-permission flaw was found in the openstack-tripleo-heat-tem ...)
 	- tripleo-heat-templates <removed> (bug #900176)
 	NOTE: https://bugs.launchpad.net/tripleo/+bug/1720787
-CVE-2017-12154
+CVE-2017-12154 (The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel  ...)
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/51aa68e7d57e3217192d88ce90fd5b8ef29ec94f (v4.14-rc1)
 	NOTE: https://www.spinics.net/lists/kvm/msg155414.html
-CVE-2017-12153
+CVE-2017-12153 (A security flaw was discovered in the nl80211_set_rekey_data() functio ...)
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.13-1
 	NOTE: https://marc.info/?t=150525503100001&r=1&w=2
 	NOTE: https://marc.info/?l=linux-wireless&m=150525493517953&w=2
 CVE-2017-12152
 	RESERVED
-CVE-2017-12151
+CVE-2017-12151 (A flaw was found in the way samba client before samba 4.4.16, samba 4. ...)
 	{DSA-3983-1}
 	- samba 2:4.6.7+dfsg-2
 	[wheezy] - samba <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.samba.org/samba/security/CVE-2017-12151.html
-CVE-2017-12150
+CVE-2017-12150 (It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x  ...)
 	{DSA-3983-1 DLA-1110-1}
 	- samba 2:4.6.7+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2017-12150.html
-CVE-2017-12149
+CVE-2017-12149 (In Jboss Application Server as shipped with Red Hat Enterprise Applica ...)
 	- jbossas4 <removed>
 	[wheezy] - jbossas4 <end-of-life> (incomplete packaging, 4.x series released more than nine years ago.)
-CVE-2017-12148
+CVE-2017-12148 (A flaw was found in Ansible Tower's interface before 3.1.5 and 3.2.0 w ...)
 	NOT-FOR-US: Ansible Tower
 CVE-2017-12147
 	RESERVED
-CVE-2017-12146
+CVE-2017-12146 (The driver_override implementation in drivers/base/platform.c in the L ...)
 	- linux 4.11.11-1
 	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/6265539776a0810b7ce6398c27866ddb9c6bd154 (v4.13-rc1)
-CVE-2017-12145
+CVE-2017-12145 (In libquicktime 1.2.4, an allocation failure was found in the function ...)
 	- libquicktime <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2017-12144
+CVE-2017-12144 (In ytnef 1.9.2, an allocation failure was found in the function TNEFFi ...)
 	- libytnef 1.9.3-1 (bug #870817)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/51
 	NOTE: https://github.com/ohwgiles/ytnef/commit/a341b7f1bf8a2c59ece89f2d6cdc09856d501cc0
-CVE-2017-12143
+CVE-2017-12143 (In libquicktime 1.2.4, an allocation failure was found in the function ...)
 	- libquicktime <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2017-12142
+CVE-2017-12142 (In ytnef 1.9.2, an invalid memory read vulnerability was found in the  ...)
 	- libytnef 1.9.3-1 (low; bug #870816)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/49
 	NOTE: https://github.com/Yeraze/ytnef/commit/35dc50190aac54947bafb3d84ab7727e940c6236
-CVE-2017-12141
+CVE-2017-12141 (In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found i ...)
 	- libytnef 1.9.3-1 (low; bug #870815)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/50
-CVE-2017-12140
+CVE-2017-12140 (The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has a ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #873059)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -18260,30 +18260,30 @@ CVE-2017-12140
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/533
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/94933146cb2d9d95889a385f08d5eb5f92d4e3cd
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6bf56fbe1fc551f198c3491ed58d56bb5efea23c
-CVE-2017-12139
+CVE-2017-12139 (XOOPS Core 2.5.8 has stored XSS in imagemanager.php because of missing ...)
 	NOT-FOR-US: XOOPS
-CVE-2017-12138
+CVE-2017-12138 (XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in /mo ...)
 	NOT-FOR-US: XOOPS
-CVE-2017-12137
+CVE-2017-12137 (arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS pr ...)
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-227.html
-CVE-2017-12136
+CVE-2017-12136 (Race condition in the grant table code in Xen 4.6.x through 4.9.x allo ...)
 	- xen 4.8.1-1+deb9u3
 	[stretch] - xen 4.8.1-1+deb9u3
 	[jessie] - xen <not-affected> (Only affects 4.6 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.6 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-228.html
-CVE-2017-12135
+CVE-2017-12135 (Xen allows local OS guest users to cause a denial of service (crash) o ...)
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-226.html
-CVE-2017-12134
+CVE-2017-12134 (The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xe ...)
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.12-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-229.html
 	NOTE: https://git.kernel.org/linus/462cdace790ac2ed6aad1b19c9c0af0143b6aab0 (v4.13-rc6)
-CVE-2017-12133
+CVE-2017-12133 (Use-after-free vulnerability in the clntudp_call function in sunrpc/cl ...)
 	- glibc 2.24-15 (bug #870648)
 	[stretch] - glibc 2.24-11+deb9u2
 	[jessie] - glibc <no-dsa> (Minor issue)
@@ -18292,7 +18292,7 @@ CVE-2017-12133
 	NOTE: issue introduced by fix for CVE-2016-4429
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21115
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d42eed4a044e5e10dfb885cf9891c2518a72a491
-CVE-2017-12132
+CVE-2017-12132 (The DNS stub resolver in the GNU C Library (aka glibc or libc6) before ...)
 	[experimental] - glibc 2.25-0experimental1
 	- glibc 2.25-1 (bug #870650)
 	[stretch] - glibc <no-dsa> (Minor issue)
@@ -18302,220 +18302,220 @@ CVE-2017-12132
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21361
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e14a27723cc3a154d67f3f26e719d08c0ba9ad25
 	NOTE: https://arxiv.org/pdf/1205.4011.pdf
-CVE-2017-12131
+CVE-2017-12131 (The Easy Testimonials plugin 3.0.4 for WordPress has XSS in include/se ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-12130
+CVE-2017-12130 (An exploitable NULL pointer dereference vulnerability exists in the ti ...)
 	NOT-FOR-US: tinysvcmdns
-CVE-2017-12129
+CVE-2017-12129 (An exploitable Weak Cryptography for Passwords vulnerability exists in ...)
 	NOT-FOR-US: Moxa
-CVE-2017-12128
+CVE-2017-12128 (An exploitable information disclosure vulnerability exists in the Serv ...)
 	NOT-FOR-US: Moxa
-CVE-2017-12127
+CVE-2017-12127 (A password storage vulnerability exists in the operating system functi ...)
 	NOT-FOR-US: Moxa
-CVE-2017-12126
+CVE-2017-12126 (An exploitable cross-site request forgery vulnerability exists in the  ...)
 	NOT-FOR-US: Moxa
-CVE-2017-12125
+CVE-2017-12125 (An exploitable command injection vulnerability exists in the web serve ...)
 	NOT-FOR-US: Moxa
-CVE-2017-12124
+CVE-2017-12124 (An exploitable denial of service vulnerability exists in the web serve ...)
 	NOT-FOR-US: Moxa
-CVE-2017-12123
+CVE-2017-12123 (An exploitable clear text transmission of password vulnerability exist ...)
 	NOT-FOR-US: Moxa
-CVE-2017-12122
+CVE-2017-12122 (An exploitable code execution vulnerability exists in the ILBM image r ...)
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0488
 	NOTE: https://hg.libsdl.org/SDL_image/rev/16772bbb1b09
 	NOTE: https://hg.libsdl.org/SDL_image/rev/97f7f01e0665
-CVE-2017-12121
+CVE-2017-12121 (An exploitable command injection vulnerability exists in the web serve ...)
 	NOT-FOR-US: Moxa
-CVE-2017-12120
+CVE-2017-12120 (An exploitable command injection vulnerability exists in the web serve ...)
 	NOT-FOR-US: Moxa
-CVE-2017-12119
+CVE-2017-12119 (An exploitable unhandled exception vulnerability exists in multiple AP ...)
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12118
+CVE-2017-12118 (An exploitable improper authorization vulnerability exists in miner_st ...)
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12117
+CVE-2017-12117 (An exploitable improper authorization vulnerability exists in miner_st ...)
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12116
+CVE-2017-12116 (An exploitable improper authorization vulnerability exists in miner_se ...)
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12115
+CVE-2017-12115 (An exploitable improper authorization vulnerability exists in miner_se ...)
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12114
+CVE-2017-12114 (An exploitable improper authorization vulnerability exists in admin_pe ...)
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12113
+CVE-2017-12113 (An exploitable improper authorization vulnerability exists in admin_no ...)
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12112
+CVE-2017-12112 (An exploitable improper authorization vulnerability exists in admin_ad ...)
 	- cpp-ethereum <itp> (bug #860434)
-CVE-2017-12111
+CVE-2017-12111 (An exploitable out-of-bounds vulnerability exists in the xls_addCell f ...)
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2 (bug #895564)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0463
-CVE-2017-12110
+CVE-2017-12110 (An exploitable integer overflow vulnerability exists in the xls_append ...)
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2 (bug #895564)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0462
-CVE-2017-12109
+CVE-2017-12109 (An exploitable integer overflow vulnerability exists in the xls_prepar ...)
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0461
-CVE-2017-12108
+CVE-2017-12108 (An exploitable integer overflow vulnerability exists in the xls_prepar ...)
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0460
-CVE-2017-12107
+CVE-2017-12107 (An memory corruption vulnerability exists in the .PCX parsing function ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2017-12106
+CVE-2017-12106 (A memory corruption vulnerability exists in the .TGA parsing functiona ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2017-12105
+CVE-2017-12105 (An exploitable integer overflow exists in the way that the Blender ope ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0457
-CVE-2017-12104
+CVE-2017-12104 (An exploitable integer overflow exists in the way that the Blender ope ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e6df02861e17f75d4dd243776f35208681b78465
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0456
-CVE-2017-12103
+CVE-2017-12103 (An exploitable integer overflow exists in the way that the Blender ope ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e6df02861e17f75d4dd243776f35208681b78465
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0455
-CVE-2017-12102
+CVE-2017-12102 (An exploitable integer overflow exists in the way that the Blender ope ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e6df02861e17f75d4dd243776f35208681b78465
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0454
-CVE-2017-12101
+CVE-2017-12101 (An exploitable integer overflow exists in the 'modifier_mdef_compact_i ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0453
-CVE-2017-12100
+CVE-2017-12100 (An exploitable integer overflow exists in the 'multires_load_old_dm' f ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0452
-CVE-2017-12099
+CVE-2017-12099 (An exploitable integer overflow exists in the upgrade of the legacy Me ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0451
-CVE-2017-12098
+CVE-2017-12098 (An exploitable cross site scripting (XSS) vulnerability exists in the  ...)
 	- ruby-rails-admin <removed> (bug #900178)
 	[stretch] - ruby-rails-admin <no-dsa> (Minor issue)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0450
 	NOTE: https://github.com/sferik/rails_admin/issues/2985
 	NOTE: https://github.com/sferik/rails_admin/commit/44f09ed72b5e0e917a5d61bd89c48d97c494b41c
-CVE-2017-12097
+CVE-2017-12097 (An exploitable cross site scripting (XSS) vulnerability exists in the  ...)
 	NOT-FOR-US: delayed_job_web rails gem
-CVE-2017-12096
+CVE-2017-12096 (An exploitable vulnerability exists in the WiFi management of Circle w ...)
 	NOT-FOR-US: Circle of Disney
-CVE-2017-12095
+CVE-2017-12095 (An exploitable vulnerability exists in the WiFi Access Point feature o ...)
 	NOT-FOR-US: Circle of Disney
-CVE-2017-12094
+CVE-2017-12094 (An exploitable vulnerability exists in the WiFi Channel parsing of Cir ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-12093
+CVE-2017-12093 (An exploitable insufficient resource pool vulnerability exists in the  ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-12092
+CVE-2017-12092 (An exploitable file write vulnerability exists in the memory module fu ...)
 	NOT-FOR-US: Allen Bradley Micrologix
 CVE-2017-12091
 	REJECTED
-CVE-2017-12090
+CVE-2017-12090 (An exploitable denial of service vulnerability exists in the processin ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-12089
+CVE-2017-12089 (An exploitable denial of service vulnerability exists in the program d ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-12088
+CVE-2017-12088 (An exploitable denial of service vulnerability exists in the Ethernet  ...)
 	NOT-FOR-US: Allen Bradley Micrologix
-CVE-2017-12087
+CVE-2017-12087 (An exploitable heap overflow vulnerability exists in the tinysvcmdns l ...)
 	- shairport-sync 3.1.4-1 (unimportant; bug #882508)
 	NOTE: Debian build uses Avahi instead
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/shairport-sync/+bug/1729668
-CVE-2017-12086
+CVE-2017-12086 (An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_t ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0438
-CVE-2017-12085
+CVE-2017-12085 (An exploitable routing vulnerability exists in the Circle with Disney  ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-12084
+CVE-2017-12084 (A backdoor vulnerability exists in remote control functionality of Cir ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-12083
+CVE-2017-12083 (An exploitable information disclosure vulnerability exists in the apid ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-12082
+CVE-2017-12082 (An exploitable integer overflow exists in the 'CustomData' Mesh loadin ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0434
-CVE-2017-12081
+CVE-2017-12081 (An exploitable integer overflow exists in the upgrade of a legacy Mesh ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/e04d7c49dca9dc7bbf1cbe446b612aaa5ba12581
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0433
-CVE-2017-12080
+CVE-2017-12080 (An information exposure vulnerability in default HTTP configuration fi ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-12079
+CVE-2017-12079 (Files or directories accessible to external parties vulnerability in p ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-12078
+CVE-2017-12078 (Command injection vulnerability in EZ-Internet in Synology Router Mana ...)
 	NOT-FOR-US: Synology
-CVE-2017-12077
+CVE-2017-12077 (Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwa ...)
 	NOT-FOR-US: Synology
-CVE-2017-12076
+CVE-2017-12076 (Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwa ...)
 	NOT-FOR-US: Synology
-CVE-2017-12075
+CVE-2017-12075 (Command injection vulnerability in EZ-Internet in Synology DiskStation ...)
 	NOT-FOR-US: Synology
-CVE-2017-12074
+CVE-2017-12074 (Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZon ...)
 	NOT-FOR-US: Synology
 CVE-2017-12073
 	RESERVED
-CVE-2017-12072
+CVE-2017-12072 (Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in  ...)
 	NOT-FOR-US: Synology
-CVE-2017-12071
+CVE-2017-12071 (Server-side request forgery (SSRF) vulnerability in file_upload.php in ...)
 	NOT-FOR-US: Synology
-CVE-2017-12070
+CVE-2017-12070 (Unsigned versions of the DLLs distributed by the OPC Foundation may be ...)
 	NOT-FOR-US: OPC Foundation
-CVE-2017-12069
+CVE-2017-12069 (An XXE vulnerability has been identified in OPC Foundation UA .NET Sam ...)
 	NOT-FOR-US: OPC Foundation UA .NET Sampe code and Local Discovery Server affecting various vendors
-CVE-2017-12068
+CVE-2017-12068 (The Event List plugin 0.7.9 for WordPress has XSS in the slug array pa ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-12067
+CVE-2017-12067 (Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubi ...)
 	- potrace 1.15-1 (unimportant; bug #870356)
 	NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/potrace/heap-buffer-overflow-mkbitmap
 	NOTE: Upstream bug report https://sourceforge.net/p/potrace/bugs/22/
 	NOTE: Crash only in CLI tool mkbitmap, negligible security impact
-CVE-2017-12066
+CVE-2017-12066 (Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Ca ...)
 	- cacti 1.1.16+ds1-1 (bug #870354)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later)
 	[wheezy] - cacti <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e
 	NOTE: https://github.com/Cacti/cacti/issues/877
-CVE-2017-12065
+CVE-2017-12065 (spikekill.php in Cacti before 1.1.16 might allow remote attackers to e ...)
 	- cacti 1.1.16+ds1-1 (bug #870353)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later)
 	[wheezy] - cacti <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e
 	NOTE: https://github.com/Cacti/cacti/issues/877
-CVE-2017-12064
+CVE-2017-12064 (The csv_log_html function in library/edihistory/edih_csv_inc.php in Op ...)
 	NOT-FOR-US: OpenEMR
 CVE-2017-12063
 	RESERVED
-CVE-2017-12062
+CVE-2017-12062 (An XSS issue was discovered in manage_user_page.php in MantisBT 2.x be ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in Wheezy LTS)
-CVE-2017-12061
+CVE-2017-12061 (An XSS issue was discovered in admin/install.php in MantisBT before 1. ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in Wheezy LTS)
 CVE-2017-12060
@@ -18758,33 +18758,33 @@ CVE-2017-11942
 	RESERVED
 CVE-2017-11941
 	RESERVED
-CVE-2017-11940
+CVE-2017-11940 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11939
+CVE-2017-11939 (Microsoft Office 2016 Click-to-Run (C2R) allows an information disclos ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11938
 	RESERVED
-CVE-2017-11937
+CVE-2017-11937 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11936
+CVE-2017-11936 (Microsoft SharePoint Enterprise Server 2016 allows an elevation of pri ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11935
+CVE-2017-11935 (Microsoft Office 2016 Click-to-Run (C2R) allows a remote code executio ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11934
+CVE-2017-11934 (Microsoft Office 2013 RT SP1, Microsoft Office 2013 SP1, and Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11933
 	RESERVED
-CVE-2017-11932
+CVE-2017-11932 (Microsoft Exchange Server 2016 CU5 and Microsoft Exchange Server 2016  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11931
 	RESERVED
-CVE-2017-11930
+CVE-2017-11930 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows  ...)
 	NOT-FOR-US: Microsoft ChakraCore
 CVE-2017-11929
 	RESERVED
 CVE-2017-11928
 	RESERVED
-CVE-2017-11927
+CVE-2017-11927 (Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2  ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2017-11926
 	RESERVED
@@ -18800,47 +18800,47 @@ CVE-2017-11921
 	RESERVED
 CVE-2017-11920
 	RESERVED
-CVE-2017-11919
+CVE-2017-11919 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows  ...)
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11918
+CVE-2017-11918 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 17 ...)
 	NOT-FOR-US: Microsoft ChakraCore
 CVE-2017-11917
 	RESERVED
-CVE-2017-11916
+CVE-2017-11916 (ChakraCore allows an attacker to execute arbitrary code in the context ...)
 	NOT-FOR-US: Microsoft ChakraCore
 CVE-2017-11915
 	RESERVED
-CVE-2017-11914
+CVE-2017-11914 (ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, an ...)
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11913
+CVE-2017-11913 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2017-11912
+CVE-2017-11912 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows  ...)
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11911
+CVE-2017-11911 (ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2 ...)
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11910
+CVE-2017-11910 (ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Se ...)
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11909
+CVE-2017-11909 (ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2 ...)
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11908
+CVE-2017-11908 (ChakraCore and Windows 10 1709 allows an attacker to execute arbitrary ...)
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11907
+CVE-2017-11907 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2017-11906
+CVE-2017-11906 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2017-11905
+CVE-2017-11905 (ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, an ...)
 	NOT-FOR-US: Microsoft ChakraCore
 CVE-2017-11904
 	RESERVED
-CVE-2017-11903
+CVE-2017-11903 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2017-11902
 	RESERVED
-CVE-2017-11901
+CVE-2017-11901 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2017-11900
 	RESERVED
-CVE-2017-11899
+CVE-2017-11899 (Device Guard in Windows 10 1511, 1607, 1703 and 1709, Windows Server 2 ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2017-11898
 	RESERVED
@@ -18848,283 +18848,283 @@ CVE-2017-11897
 	RESERVED
 CVE-2017-11896
 	RESERVED
-CVE-2017-11895
+CVE-2017-11895 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows  ...)
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11894
+CVE-2017-11894 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows  ...)
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11893
+CVE-2017-11893 (ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, an ...)
 	NOT-FOR-US: Microsoft ChakraCore
 CVE-2017-11892
 	RESERVED
 CVE-2017-11891
 	RESERVED
-CVE-2017-11890
+CVE-2017-11890 (Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 a ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2017-11889
+CVE-2017-11889 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 17 ...)
 	NOT-FOR-US: Microsoft ChakraCore
-CVE-2017-11888
+CVE-2017-11888 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, a ...)
 	NOT-FOR-US: Microsoft Edge
-CVE-2017-11887
+CVE-2017-11887 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2017-11886
+CVE-2017-11886 (Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 a ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2017-11885
+CVE-2017-11885 (Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2  ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2017-11884
+CVE-2017-11884 (Microsoft Excel 2016 Click-to-Run (C2R) allows an attacker to run arbi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11883
+CVE-2017-11883 (.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remot ...)
 	NOT-FOR-US: .NET core
-CVE-2017-11882
+CVE-2017-11882 (Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pa ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11881
 	RESERVED
-CVE-2017-11880
+CVE-2017-11880 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11879
+CVE-2017-11879 (ASP.NET Core 2.0 allows an attacker to steal log-in session informatio ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11878
+CVE-2017-11878 (Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11877
+CVE-2017-11877 (Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11876
+CVE-2017-11876 (Microsoft Project Server and Microsoft SharePoint Enterprise Server 20 ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11875
 	RESERVED
-CVE-2017-11874
+CVE-2017-11874 (Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, ver ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11873
+CVE-2017-11873 (ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11872
+CVE-2017-11872 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11871
+CVE-2017-11871 (ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Se ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11870
+CVE-2017-11870 (ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Se ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11869
+CVE-2017-11869 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11868
 	RESERVED
 CVE-2017-11867
 	RESERVED
-CVE-2017-11866
+CVE-2017-11866 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 17 ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11865
 	RESERVED
 CVE-2017-11864
 	RESERVED
-CVE-2017-11863
+CVE-2017-11863 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11862
+CVE-2017-11862 (ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, v ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11861
+CVE-2017-11861 (Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11860
 	RESERVED
 CVE-2017-11859
 	RESERVED
-CVE-2017-11858
+CVE-2017-11858 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows S ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11857
 	RESERVED
-CVE-2017-11856
+CVE-2017-11856 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11855
+CVE-2017-11855 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11854
+CVE-2017-11854 (Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11853
+CVE-2017-11853 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11852
+CVE-2017-11852 (Microsoft GDI Component in Windows 7 SP1 and Windows Server 2008 SP2 a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11851
+CVE-2017-11851 (The Windows kernel component on Windows 7 SP1, Windows Server 2008 SP2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11850
+CVE-2017-11850 (Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11849
+CVE-2017-11849 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11848
+CVE-2017-11848 (Internet Explorer in Microsoft Microsoft Windows 7 SP1, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11847
+CVE-2017-11847 (Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11846
+CVE-2017-11846 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11845
+CVE-2017-11845 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11844
+CVE-2017-11844 (Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11843
+CVE-2017-11843 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11842
+CVE-2017-11842 (Windows kernel in Windows 8.1 and RT 8.1, Server 2012 and R2, Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11841
+CVE-2017-11841 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 17 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11840
+CVE-2017-11840 (ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 17 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11839
+CVE-2017-11839 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11838
+CVE-2017-11838 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11837
+CVE-2017-11837 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11836
+CVE-2017-11836 (ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 160 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11835
+CVE-2017-11835 (Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11834
+CVE-2017-11834 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11833
+CVE-2017-11833 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11832
+CVE-2017-11832 (The Microsoft Windows embedded OpenType (EOT) font engine in Windows 7 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11831
+CVE-2017-11831 (Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11830
+CVE-2017-11830 (Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11829
+CVE-2017-11829 (Microsoft Windows 10 allows an elevation of privilege vulnerability wh ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11828
 	RESERVED
-CVE-2017-11827
+CVE-2017-11827 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11826
+CVE-2017-11826 (Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11825
+CVE-2017-11825 (Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11824
+CVE-2017-11824 (The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11823
+CVE-2017-11823 (The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11822
+CVE-2017-11822 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11821
+CVE-2017-11821 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11820
+CVE-2017-11820 (Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11819
+CVE-2017-11819 (Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code i ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11818
+CVE-2017-11818 (The Microsoft Windows Storage component on Microsoft Windows 8.1, Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11817
+CVE-2017-11817 (The Microsoft Windows Kernel component on Microsoft Windows Server 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11816
+CVE-2017-11816 (The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11815
+CVE-2017-11815 (The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11814
+CVE-2017-11814 (The Microsoft Windows Kernel component on Microsoft Windows Server 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11813
+CVE-2017-11813 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11812
+CVE-2017-11812 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11811
+CVE-2017-11811 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11810
+CVE-2017-11810 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11809
+CVE-2017-11809 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11808
+CVE-2017-11808 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11807
+CVE-2017-11807 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11806
+CVE-2017-11806 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11805
+CVE-2017-11805 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11804
+CVE-2017-11804 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11803
+CVE-2017-11803 (Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11802
+CVE-2017-11802 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11801
+CVE-2017-11801 (ChakraCore allows an attacker to execute arbitrary code in the context ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11800
+CVE-2017-11800 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11799
+CVE-2017-11799 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11798
+CVE-2017-11798 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11797
+CVE-2017-11797 (ChakraCore allows an attacker to execute arbitrary code in the context ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11796
+CVE-2017-11796 (ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11795
 	RESERVED
-CVE-2017-11794
+CVE-2017-11794 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obta ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11793
+CVE-2017-11793 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11792
+CVE-2017-11792 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an at ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11791
+CVE-2017-11791 (ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11790
+CVE-2017-11790 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11789
 	RESERVED
-CVE-2017-11788
+CVE-2017-11788 (Windows Search in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, W ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11787
 	RESERVED
-CVE-2017-11786
+CVE-2017-11786 (Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2 ...)
 	NOT-FOR-US: Skype
-CVE-2017-11785
+CVE-2017-11785 (The Microsoft Windows Kernel component on Microsoft Windows Server 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11784
+CVE-2017-11784 (The Microsoft Windows Kernel component on Microsoft Windows Server 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11783
+CVE-2017-11783 (Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11782
+CVE-2017-11782 (The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11781
+CVE-2017-11781 (The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11780
+CVE-2017-11780 (The Server Message Block 1.0 (SMBv1) on Microsoft Windows Server 2008  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11779
+CVE-2017-11779 (The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11778
 	RESERVED
-CVE-2017-11777
+CVE-2017-11777 (Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11776
+CVE-2017-11776 (Microsoft Outlook 2016 allows an attacker to obtain the email content  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11775
+CVE-2017-11775 (Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11774
+CVE-2017-11774 (Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2 ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-11773
 	RESERVED
-CVE-2017-11772
+CVE-2017-11772 (The Microsoft Windows Search component on Microsoft Windows Server 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11771
+CVE-2017-11771 (The Microsoft Windows Search component on Microsoft Windows Server 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11770
+CVE-2017-11770 (.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remot ...)
 	NOT-FOR-US: .NET Core
-CVE-2017-11769
+CVE-2017-11769 (The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, 151 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11768
+CVE-2017-11768 (Windows Media Player in Windows 7 SP1, Windows Server 2008 SP2 and R2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11767
+CVE-2017-11767 (ChakraCore allows an attacker to gain the same user rights as the curr ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11766
+CVE-2017-11766 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11765
+CVE-2017-11765 (The Microsoft Windows Kernel component on Microsoft Windows Server 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11764
+CVE-2017-11764 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11763
+CVE-2017-11763 (The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11762
+CVE-2017-11762 (The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11761
+CVE-2017-11761 (Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016 allo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-11760
+CVE-2017-11760 (uploadImage.php in ProjeQtOr before 6.3.2 allows remote authenticated  ...)
 	NOT-FOR-US: ProjeQtOr
 CVE-2017-11759
 	RESERVED
 CVE-2017-11758
 	RESERVED
-CVE-2017-11757
+CVE-2017-11757 (Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 ...)
 	NOT-FOR-US: Actian Pervasive PSQL server
 CVE-2017-XXXX [executes javascript code downloaded from insecure URL]
 	- smplayer 17.7.0~ds0-1 (low; bug #870233)
@@ -19135,7 +19135,7 @@ CVE-2017-XXXX [executes javascript code downloaded from insecure URL]
 	NOTE: be present in the source. Users though need to explicitly rebuilt the package
 	NOTE: changing the upstream pro file to enable YT_USE_YTSIG. YT_USE_YTSIG is
 	NOTE: disabled by default on upstream since 17.2.0
-CVE-2017-13140
+CVE-2017-13140 (In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGIm ...)
 	{DSA-4019-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870111)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -19144,49 +19144,49 @@ CVE-2017-13140
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/596
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/62fcf3d9638b87cd7ac81962cadf5bf88db62fa0
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/75f7e994e4e990627a5a37385bcc9a0205013645
-CVE-2017-13139
+CVE-2017-13139 (In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGIm ...)
 	{DSA-4040-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870109)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/22e0310345499ffe906c604428f2a3a668942b05
-CVE-2017-12643
+CVE-2017-12643 (ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJN ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (low; bug #870107)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/549
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9eedb5660f1704cde8e8cd784c5c2a09dd2fd60f
-CVE-2017-13142
+CVE-2017-13142 (In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG fi ...)
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (low; bug #870105)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/46e3aabbf8d59a1bdebdbb65acb9b9e0484577d3
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/aa84944b405acebbeefe871d0f64969b9e9f31ac
-CVE-2017-11756
+CVE-2017-11756 (In Earcms Ear Music through 4.1 build 20170710, remote authenticated u ...)
 	NOT-FOR-US: Earcms
-CVE-2017-11755
+CVE-2017-11755 (The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 al ...)
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/634
 	NOTE: Possibly fixed by same commit as issue #631 upstream
-CVE-2017-11754
+CVE-2017-11754 (The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 al ...)
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/633
 	NOTE: ossibly fixed by same commit as issue #631 upstream
-CVE-2017-11753
+CVE-2017-11753 (The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7. ...)
 	- imagemagick <not-affected> (Affects only ImageMagick-7; vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/629
-CVE-2017-11752
+CVE-2017-11752 (The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870481)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/628
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/21d19d0c64ff070dbf37279432837bf425c0d5dd
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9eccfd52199616da66c93b6d627d4d4126f5a5f0
-CVE-2017-11751
+CVE-2017-11751 (The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 al ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-16 (unimportant; bug #870480)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/631
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cb713211bad3fa4f0c535255fa043917482fc964
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/b04e9c949d917a4a603f1a9bfe09737246229323
-CVE-2017-11750
+CVE-2017-11750 (The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 an ...)
 	- imagemagick 8:6.9.7.4+dfsg-16 (bug #870478)
 	[stretch] - imagemagick <not-affected> (Incomplete patch for upstream issues/618 not applied)
 	[jessie] - imagemagick <not-affected> (Incomplete patch for upstream issues/618 not applied)
@@ -19198,17 +19198,17 @@ CVE-2017-11750
 	NOTE: Fixed by (ImageMagick-6): https://github.com/ImageMagick/ImageMagick/commit/253d56027765dcbd8d6bc2bbd7d59aa41dab60e7
 	NOTE: Issue introduced by the original patch for https://github.com/ImageMagick/ImageMagick/issues/618
 	TODO: check if patch simplifying patch applied in any suite
-CVE-2017-11749
+CVE-2017-11749 (InternetSoft FTP Commander 8.02 and prior has an untrusted search path ...)
 	NOT-FOR-US: InternetSoft FTP Commander
-CVE-2017-11748
+CVE-2017-11748 (VIT Spider Player 2.5.3 has an untrusted search path, allowing DLL hij ...)
 	NOT-FOR-US: VIT Spider Player
-CVE-2017-11747
+CVE-2017-11747 (main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinypro ...)
 	- tinyproxy 1.10.0-1 (bug #870307)
 	[stretch] - tinyproxy <no-dsa> (Minor issue)
 	[jessie] - tinyproxy <no-dsa> (Minor issue)
 	[wheezy] - tinyproxy <no-dsa> (Minor issue)
 	NOTE: https://github.com/tinyproxy/tinyproxy/issues/106
-CVE-2017-11746
+CVE-2017-11746 (Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a n ...)
 	{DLA-1069-1}
 	- tenshi <unfixed> (unimportant; bug #871321)
 	NOTE: https://github.com/inversepath/tenshi/issues/6
@@ -19216,13 +19216,13 @@ CVE-2017-11746
 	NOTE: Negligible security impact
 CVE-2017-11745
 	RESERVED
-CVE-2017-11744
+CVE-2017-11744 (In MODX Revolution 2.5.7, the "key" and "name" parameters in the Syste ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2017-11743
+CVE-2017-11743 (MEDHOST Connex contains a hard-coded Mirth Connect admin credential th ...)
 	NOT-FOR-US: MEDHOST Connex
-CVE-2017-11742
+CVE-2017-11742 (The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat i ...)
 	- expat <not-affected> (Windows specfic issue)
-CVE-2017-11741
+CVE-2017-11741 (HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) bef ...)
 	NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
 CVE-2017-11740
 	RESERVED
@@ -19230,57 +19230,57 @@ CVE-2017-11739
 	RESERVED
 CVE-2017-11738
 	RESERVED
-CVE-2017-11737
+CVE-2017-11737 (interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS ...)
 	- rspamd 1.7.6-1
 	[jessie] - rspamd <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/vstakhov/rspamd/issues/1738
 	NOTE: https://github.com/rspamd/rspamd/pull/1739
-CVE-2017-11736
+CVE-2017-11736 (SQL injection vulnerability in core\admin\auto-modules\forms\process.p ...)
 	NOT-FOR-US: BigTree CMS
 CVE-2017-11735
 	REJECTED
-CVE-2017-11734
+CVE-2017-11734 (A heap-based buffer over-read was found in the function decompileCALLF ...)
 	{DLA-1133-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/83
-CVE-2017-11733
+CVE-2017-11733 (A null pointer dereference vulnerability was found in the function sta ...)
 	{DLA-1176-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/78
-CVE-2017-11732
+CVE-2017-11732 (A heap-based buffer overflow vulnerability was found in the function d ...)
 	{DLA-1240-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/80
-CVE-2017-11731
+CVE-2017-11731 (An invalid memory read vulnerability was found in the function OpCode  ...)
 	{DLA-1133-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/84
-CVE-2017-11730
+CVE-2017-11730 (A heap-based buffer over-read was found in the function OpCode (called ...)
 	{DLA-1133-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/81
-CVE-2017-11729
+CVE-2017-11729 (A heap-based buffer over-read was found in the function OpCode (called ...)
 	{DLA-1133-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/79
-CVE-2017-11728
+CVE-2017-11728 (A heap-based buffer over-read was found in the function OpCode (called ...)
 	{DLA-1133-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/82
-CVE-2017-11727
+CVE-2017-11727 (services/system_io/actionprocessor/Contact.rails in ConnectWise Manage ...)
 	NOT-FOR-US: ConnectWise Manage
-CVE-2017-11726
+CVE-2017-11726 (services/system_io/actionprocessor/System.rails in ConnectWise Manage  ...)
 	NOT-FOR-US: ConnectWise Manage
-CVE-2017-11725
+CVE-2017-11725 (The share function in Thycotic Secret Server before 10.2.000019 mishan ...)
 	NOT-FOR-US: Thycotic Secret Server
-CVE-2017-11723
+CVE-2017-11723 (Directory traversal vulnerability in plugins/ImageManager/backend.php  ...)
 	NOT-FOR-US: Xinha
-CVE-2017-11724
+CVE-2017-11724 (The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9 ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870023)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/624
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5163756a1f829a561912dfdb74a0dae41d8ed8cf
-CVE-2017-12670
+CVE-2017-12670 (In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c,  ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (low; bug #870020)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -19288,14 +19288,14 @@ CVE-2017-12670
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/610
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ab440f9ea11e0dbefb7a808cbb9441198758b0cb
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/75db34b6a4d642cb6f88c792942de27490c900e0
-CVE-2017-13658
+CVE-2017-13658 (In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missi ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (low; bug #870019)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/598
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/e5c063a1007506ba69e97a35effcdef944421c89
-CVE-2017-12434
+CVE-2017-12434 (In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found i ...)
 	{DSA-4019-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (bug #870014)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -19303,19 +19303,19 @@ CVE-2017-12434
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/547
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6767f31cac3eacdc9dc41b3193a73bdd37610375
-CVE-2017-13143
+CVE-2017-13143 (In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage ...)
 	{DSA-4204-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (bug #870012)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/362
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/51b0ae01709adc1e4a9245e158ef17b85a110960
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f86268752ffc70e40b6e1afdebfc96dcc29452db
-CVE-2017-11722
+CVE-2017-11722 (The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 ...)
 	{DSA-4321-1}
 	- graphicsmagick 1.3.26-4 (bug #870158)
 	[jessie] - graphicsmagick <not-affected> (vulnerable code not present)
 	[wheezy] - graphicsmagick <not-affected> (vulnerable code not present)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f423ba88ca4e
-CVE-2017-11721
+CVE-2017-11721 (Buffer overflow in ioquake3 before 2017-08-02 allows remote attackers  ...)
 	{DSA-3948-1 DSA-3941-1}
 	- ioquake3 1.36+u20170803+dfsg1-1 (bug #870725)
 	[wheezy] - ioquake3 <end-of-life> (games are not supported in Wheezy)
@@ -19323,27 +19323,27 @@ CVE-2017-11721
 	- iortcw 1.51+dfsg1-3 (bug #870811)
 	NOTE: https://github.com/iortcw/iortcw/commit/260c39a29af517a08b3ee1a0e78ad654bdd70934
 	NOTE: Also affects openjk (only in experimental; fixed in 0~20170718+dfsg1-2
-CVE-2017-11720
+CVE-2017-11720 (There is a division-by-zero vulnerability in LAME 3.99.5, caused by a  ...)
 	- lame 3.99.5+repack1-6 (low; bug #870809; bug #777159)
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	NOTE: https://sourceforge.net/p/lame/bugs/460/
 	NOTE: Duplicate/same as: https://blogs.gentoo.org/ago/2017/06/17/lame-divide-by-zero-in-parse_wave_header-get_audio-c/
-CVE-2017-11719
+CVE-2017-11719 (The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg th ...)
 	{DSA-3957-1}
 	- ffmpeg 7:3.3.3-1
 	- libav <removed>
 	[jessie] - libav <not-affected> (Issue only present in ffmpeg since 6f1ccca4)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/296debd213bd6dce7647cedd34eb64e5b94cdc92
 	NOTE: Fixed in 3.2.7
-CVE-2017-11718
+CVE-2017-11718 (There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl  ...)
 	NOT-FOR-US: MetInfo
-CVE-2017-11717
+CVE-2017-11717 (MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 secon ...)
 	NOT-FOR-US: MetInfo
-CVE-2017-11716
+CVE-2017-11716 (MetInfo through 5.3.17 allows stored XSS via HTML Edit Mode. ...)
 	NOT-FOR-US: MetInfo
-CVE-2017-11715
+CVE-2017-11715 (job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php exte ...)
 	NOT-FOR-US: MetInfo
-CVE-2017-11714
+CVE-2017-11714 (psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the  ...)
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869977)
@@ -19363,17 +19363,17 @@ CVE-2017-11708
 	RESERVED
 CVE-2017-11707
 	RESERVED
-CVE-2017-11706
+CVE-2017-11706 (The Boozt Fashion application before 2.3.4 for Android allows remote a ...)
 	NOT-FOR-US: Boozt Fashion application
-CVE-2017-11705
+CVE-2017-11705 (A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in uti ...)
 	- ming <removed>
 	[wheezy] - ming <ignored> (Minor issue present everywhere in the source code, hard to fix)
 	NOTE: https://github.com/libming/libming/issues/71
-CVE-2017-11704
+CVE-2017-11704 (A heap-based buffer over-read was found in the function decompileIF in ...)
 	{DLA-1133-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/76
-CVE-2017-11703
+CVE-2017-11703 (A memory leak vulnerability was found in the function parseSWF_DOACTIO ...)
 	- ming <removed>
 	[wheezy] - ming <ignored> (Minor issue present everywhere in the source code, hard to fix)
 	NOTE: https://github.com/libming/libming/issues/72
@@ -19385,39 +19385,39 @@ CVE-2017-11700
 	RESERVED
 CVE-2017-11699
 	RESERVED
-CVE-2017-11698
+CVE-2017-11698 (Heap-based buffer overflow in the __get_page function in lib/dbm/src/h ...)
 	- nss <unfixed> (bug #873259; unimportant)
 	NOTE: Issues triggered by crafted DBM databases, which would
 	NOTE: require local user access to a machine running NSS and
 	NOTE: crafting the local DBM files.
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/17
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1360779
-CVE-2017-11697
+CVE-2017-11697 (The __hash_open function in hash.c:229 in Mozilla Network Security Ser ...)
 	- nss <unfixed> (bug #873258; unimportant)
 	NOTE: Issues triggered by crafted DBM databases, which would
 	NOTE: require local user access to a machine running NSS and
 	NOTE: crafting the local DBM files.
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/17
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1360900
-CVE-2017-11696
+CVE-2017-11696 (Heap-based buffer overflow in the __hash_open function in lib/dbm/src/ ...)
 	- nss <unfixed> (bug #873257; unimportant)
 	NOTE: Issues triggered by crafted DBM databases, which would
 	NOTE: require local user access to a machine running NSS and
 	NOTE: crafting the local DBM files.
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/17
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1360778
-CVE-2017-11695
+CVE-2017-11695 (Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/h ...)
 	- nss <unfixed> (bug #873256; unimportant)
 	NOTE: Issues triggered by crafted DBM databases, which would
 	NOTE: require local user access to a machine running NSS and
 	NOTE: crafting the local DBM files.
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/17
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1360782
-CVE-2017-11694
+CVE-2017-11694 (MEDHOST Document Management System contains hard-coded credentials tha ...)
 	NOT-FOR-US: MEDHOST Document Management System
-CVE-2017-11693
+CVE-2017-11693 (MEDHOST Document Management System contains hard-coded credentials tha ...)
 	NOT-FOR-US: MEDHOST Document Management System
-CVE-2017-11692
+CVE-2017-11692 (The function "Token&amp; Scanner::peek" in scanner.cpp in yaml-cpp 0.5 ...)
 	- yaml-cpp <unfixed> (low; bug #870326)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -19433,19 +19433,19 @@ CVE-2017-11689
 	RESERVED
 CVE-2017-11688
 	RESERVED
-CVE-2017-11687
+CVE-2017-11687 (Multiple Persistent cross-site scripting (XSS) vulnerabilities in Even ...)
 	NOT-FOR-US: Zoho ManageEngine Event Log Analyzer
-CVE-2017-11686
+CVE-2017-11686 (Zoho ManageEngine Event Log Analyzer 11.4 and 11.5 allows remote attac ...)
 	NOT-FOR-US: Zoho ManageEngine Event Log Analyzer
-CVE-2017-11685
+CVE-2017-11685 (Multiple Reflective cross-site scripting (XSS) vulnerabilities in sear ...)
 	NOT-FOR-US: Zoho ManageEngine Event Log Analyzer
-CVE-2017-11684
+CVE-2017-11684 (There is an illegal address access in the build_table function in liba ...)
 	- libav <removed>
 	[jessie] - libav 6:11.11-1~deb8u1
 	- ffmpeg 7:2.3.1-1
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1073
 	NOTE: Fixed by https://github.com/libav/libav/commit/ec683ed527cef9aad208d1daeb10d0e7fb63e75e.patch
-CVE-2017-11683
+CVE-2017-11683 (There is a reachable assertion in the Internal::TiffReader::visitDirec ...)
 	{DLA-1147-1}
 	- exiv2 <unfixed> (unimportant)
 	NOTE: http://dev.exiv2.org/issues/1307
@@ -19453,29 +19453,29 @@ CVE-2017-11683
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1475124
 	NOTE: Problematic assert() exists in all versions in Debian.
 	NOTE: Negligable security impact
-CVE-2017-11682
+CVE-2017-11682 (Stored Cross-site scripting vulnerability in Hashtopussy 0.4.0 allows  ...)
 	NOT-FOR-US: Hashtopussy
-CVE-2017-11681
+CVE-2017-11681 (Incorrect Access Control vulnerability in Hashtopussy 0.4.0 allows rem ...)
 	NOT-FOR-US: Hashtopussy
-CVE-2017-11680
+CVE-2017-11680 (Cross-Site Request Forgery (CSRF) exists in Hashtopussy 0.4.0, allowin ...)
 	NOT-FOR-US: Hashtopussy
-CVE-2017-11679
+CVE-2017-11679 (Cross-Site Request Forgery (CSRF) exists in Hashtopus 1.5g via the pas ...)
 	NOT-FOR-US: Hashtopus
-CVE-2017-11678
+CVE-2017-11678 (SQL injection vulnerability in Hashtopus 1.5g allows remote authentica ...)
 	NOT-FOR-US: Hashtopus
-CVE-2017-11677
+CVE-2017-11677 (Cross-site scripting (XSS) vulnerability in Hashtopus 1.5g allows remo ...)
 	NOT-FOR-US: Hashtopus
 CVE-2017-11676
 	RESERVED
-CVE-2017-11675
+CVE-2017-11675 (The traverseStrictSanitize function in admin_dir/includes/classes/Admi ...)
 	NOT-FOR-US: ZenCart
-CVE-2017-11674
+CVE-2017-11674 (Reporter.exe in Acunetix 8 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Acunetix
-CVE-2017-11673
+CVE-2017-11673 (Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: Acunetix
-CVE-2017-11672
+CVE-2017-11672 (The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is ins ...)
 	NOT-FOR-US: OPC Foundation Local Discovery Server
-CVE-2017-11671
+CVE-2017-11671 (Under certain circumstances, the ix86_expand_builtin function in i386. ...)
 	- gcc-6 6.3.0-12
 	- gcc-5 5.4.1-10
 	- gcc-4.9 <removed>
@@ -19489,13 +19489,13 @@ CVE-2017-11671
 	NOTE: http://openwall.com/lists/oss-security/2017/07/27/2
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80180
 	NOTE: https://gcc.gnu.org/ml/gcc-patches/2017-03/msg01349.html
-CVE-2017-11670
+CVE-2017-11670 (A length validation (leading to out-of-bounds read and write) flaw was ...)
 	NOT-FOR-US: eapmd5pass
-CVE-2017-11669
+CVE-2017-11669 (An out-of-bounds read flaw related to the assess_packet function in ea ...)
 	NOT-FOR-US: eapmd5pass
-CVE-2017-11668
+CVE-2017-11668 (An out-of-bounds read flaw related to the assess_packet function in ea ...)
 	NOT-FOR-US: eapmd5pass
-CVE-2017-13145
+CVE-2017-13145 (In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image ...)
 	{DSA-4019-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869830)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -19504,44 +19504,44 @@ CVE-2017-13145
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ac23b02ecb741e5de60f5235ea443790c88a0b80
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b0c5222ce31e8f941fa02ff9c7a040fb2db30dbc
-CVE-2017-11691
+CVE-2017-11691 (Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti  ...)
 	- cacti 1.1.15+ds1-1 (bug #869848)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later with addition of user profile management page for users)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later with addition of user profile management page for users)
 	[wheezy] - cacti <not-affected> (Vulnerable code introduced later with addition of user profile management page for users)
 	NOTE: https://github.com/Cacti/cacti/issues/867
 	NOTE: /for/fohttps://github.com/Cacti/cacti/commit/104090aeead4aa433bf1f18cd6d52dcfeb71236c
-CVE-2017-11667
+CVE-2017-11667 (OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expir ...)
 	NOT-FOR-US: OpenProject
-CVE-2017-11666
+CVE-2017-11666 (Cross-site scripting (XSS) vulnerability in js/ViewerPanel.js in the f ...)
 	NOT-FOR-US: Kopano
-CVE-2017-11665
+CVE-2017-11665 (The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg ...)
 	{DSA-3957-1}
 	- ffmpeg 7:3.3.3-1
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/ffcc82219cef0928bed2d558b19ef6ea35634130
 	NOTE: Fixed in 3.2.7
-CVE-2017-11664
+CVE-2017-11664 (The _WM_SetupMidiEvent function in internal_midi.c:2122 in WildMIDI 0. ...)
 	- wildmidi 0.4.2-1 (low; bug #871616)
 	[stretch] - wildmidi <no-dsa> (Minor issue)
 	[jessie] - wildmidi <not-affected> (vulnerable code not present)
 	[wheezy] - wildmidi <not-affected> (vulnerable code not present)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/12
 	NOTE: https://github.com/Mindwerks/wildmidi/commit/660b513d99bced8783a4a5984ac2f742c74ebbdd
-CVE-2017-11663
+CVE-2017-11663 (The _WM_SetupMidiEvent function in internal_midi.c:2315 in WildMIDI 0. ...)
 	- wildmidi 0.4.2-1 (low; bug #871616)
 	[stretch] - wildmidi <no-dsa> (Minor issue)
 	[jessie] - wildmidi <not-affected> (vulnerable code not present)
 	[wheezy] - wildmidi <not-affected> (vulnerable code not present)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/12
 	NOTE: https://github.com/Mindwerks/wildmidi/commit/660b513d99bced8783a4a5984ac2f742c74ebbdd
-CVE-2017-11662
+CVE-2017-11662 (The _WM_ParseNewMidi function in f_midi.c in WildMIDI 0.4.2 can cause  ...)
 	- wildmidi 0.4.2-1 (low; bug #871616)
 	[stretch] - wildmidi <no-dsa> (Minor issue)
 	[jessie] - wildmidi <not-affected> (vulnerable code not present)
 	[wheezy] - wildmidi <not-affected> (vulnerable code not present)
 	NOTE: http://seclists.org/fulldisclosure/2017/Aug/12
 	NOTE: https://github.com/Mindwerks/wildmidi/commit/660b513d99bced8783a4a5984ac2f742c74ebbdd
-CVE-2017-11661
+CVE-2017-11661 (The _WM_SetupMidiEvent function in internal_midi.c:2318 in WildMIDI 0. ...)
 	- wildmidi 0.4.2-1 (low; bug #871616)
 	[stretch] - wildmidi <no-dsa> (Minor issue)
 	[jessie] - wildmidi <not-affected> (vulnerable code not present)
@@ -19552,95 +19552,95 @@ CVE-2017-11660
 	RESERVED
 CVE-2017-11659
 	RESERVED
-CVE-2017-11658
+CVE-2017-11658 (In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion  ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-11657
+CVE-2017-11657 (Dashlane might allow local users to gain privileges by placing a Troja ...)
 	NOT-FOR-US: Dashlane
 CVE-2017-11656
 	RESERVED
-CVE-2017-11655
+CVE-2017-11655 (A memory leak was found in the way SIPcrack 0.2 handled processing of  ...)
 	- sipcrack <unfixed> (unimportant; bug #869803)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/07/26/1
 	NOTE: Negligible security impact
-CVE-2017-11654
+CVE-2017-11654 (An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 ...)
 	- sipcrack <unfixed> (unimportant; bug #869803)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/07/26/1
 	NOTE: Negligible security impact
-CVE-2017-11653
+CVE-2017-11653 (Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the D ...)
 	NOT-FOR-US: Razer Synapse
-CVE-2017-11652
+CVE-2017-11652 (Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the C ...)
 	NOT-FOR-US: Razer Synapse
-CVE-2017-11651
+CVE-2017-11651 (NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url  ...)
 	NOT-FOR-US: NexusPHP
-CVE-2017-11650
+CVE-2017-11650 (Cross-site scripting (XSS) vulnerability in DrayTek Vigor AP910C devic ...)
 	NOT-FOR-US: DrayTek
-CVE-2017-11649
+CVE-2017-11649 (Cross-site request forgery (CSRF) vulnerability in DrayTek Vigor AP910 ...)
 	NOT-FOR-US: DrayTek
-CVE-2017-11648
+CVE-2017-11648 (Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do ...)
 	NOT-FOR-US: Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices
-CVE-2017-11647
+CVE-2017-11647 (NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1. ...)
 	NOT-FOR-US: NetComm Wireless 4GT101W routers
-CVE-2017-11646
+CVE-2017-11646 (NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1. ...)
 	NOT-FOR-US: NetComm Wireless 4GT101W routers
-CVE-2017-11645
+CVE-2017-11645 (NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1. ...)
 	NOT-FOR-US: NetComm Wireless 4GT101W routers
-CVE-2017-11644
+CVE-2017-11644 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (unimportant; bug #870016)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/587
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a6802e21d824e786d1e2a8440cf749a6e1a8d95f
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/418f88dd18af34b6cb64f709567c81b89865d7bc
-CVE-2017-11643
+CVE-2017-11643 (GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() func ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-4 (bug #870157)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/d00b74315a71
-CVE-2017-11642
+CVE-2017-11642 (GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPIm ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-4 (bug #870156)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/29550606d8b9
-CVE-2017-11641
+CVE-2017-11641 (GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function i ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-4 (bug #870155)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/db732abd9318
-CVE-2017-11640
+CVE-2017-11640 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	{DSA-4040-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870067)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/584
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1b811f7e7dad92b2992939f854201370a7d8084a
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1fcd0feb93b51b9363176097ee5f360c62687d86
-CVE-2017-11639
+CVE-2017-11639 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	{DSA-4204-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (bug #870065)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/588
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/65b7c57502bb2b6d22f607383e87cc3eaed94014
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8ec8ca4c61b1199b727cf52e440f3db79a5b0d0a
-CVE-2017-11638
+CVE-2017-11638 (GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImag ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-4 (bug #870154)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/29550606d8b9
-CVE-2017-11637
+CVE-2017-11637 (GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLIm ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-4 (bug #870153)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f3ffc5541257
-CVE-2017-11636
+CVE-2017-11636 (GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() funct ...)
 	{DSA-4321-1 DLA-1401-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-4 (bug #870149)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/39961adf974c
-CVE-2017-11635
+CVE-2017-11635 (An issue was discovered on Wireless IP Camera 360 devices. Attackers c ...)
 	NOT-FOR-US: Wireless IP Camera 360 devices
-CVE-2017-11634
+CVE-2017-11634 (An issue was discovered on Wireless IP Camera 360 devices. Remote atta ...)
 	NOT-FOR-US: Wireless IP Camera 360 devices
-CVE-2017-11633
+CVE-2017-11633 (An issue was discovered on Wireless IP Camera 360 devices. Remote atta ...)
 	NOT-FOR-US: Wireless IP Camera 360 devices
-CVE-2017-11632
+CVE-2017-11632 (An issue was discovered on Wireless IP Camera 360 devices. A root acco ...)
 	NOT-FOR-US: Wireless IP Camera 360 devices
-CVE-2017-11631
+CVE-2017-11631 (dapur/app/app_user/controller/status.php in Fiyo CMS 2.0.7 has SQL inj ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11630
+CVE-2017-11630 (dapur\apps\app_config\controller\backuper.php in Fiyo CMS 2.0.7 allows ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11629
+CVE-2017-11629 (dayrui FineCms through 5.0.10 has Cross Site Scripting (XSS) in contro ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-11628
+CVE-2017-11628 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a sta ...)
 	{DSA-4081-1 DSA-4080-1 DLA-1066-1}
 	- php7.1 7.1.8-1 (low)
 	- php7.0 7.0.22-1 (low)
@@ -19648,28 +19648,28 @@ CVE-2017-11628
 	NOTE: https://bugs.php.net/bug.php?id=74603
 	NOTE: Fixed in 7.1.7, 7.0.21, 5.6.31
 	NOTE: Fixed by https://git.php.net/?p=php-src.git;a=commit;h=05255749139b3686c8a6a58ee01131ac0047465e
-CVE-2017-11627
+CVE-2017-11627 (A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0,  ...)
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #871320)
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/issues/118
-CVE-2017-11626
+CVE-2017-11626 (A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0,  ...)
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #871320)
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/issues/119
-CVE-2017-11625
+CVE-2017-11625 (A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0,  ...)
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #871320)
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/qpdf/qpdf/issues/120
-CVE-2017-11624
+CVE-2017-11624 (A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0,  ...)
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #871320)
 	[stretch] - qpdf <no-dsa> (Minor issue)
@@ -19692,12 +19692,12 @@ CVE-2017-XXXX [out-of-bounds read in eexec_line()]
 	[wheezy] - t1utils <not-affected> (Vulnerable code introduced in 1.39)
 	NOTE: Crash in CLI tool, no security impact
 	NOTE: https://github.com/kohler/t1utils/issues/6
-CVE-2017-13144
+CVE-2017-13144 (In ImageMagick before 6.9.7-10, there is a crash (rather than a "width ...)
 	{DSA-4040-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869728)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31438
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9b580ad0564aefd9beeccbcbb8d62ccd05795a84
-CVE-2017-12430
+CVE-2017-12430 (In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (low; bug #869727)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -19711,18 +19711,18 @@ CVE-2017-XXXX [memory leak in quantize]
 	NOTE: Workaround entry for DLA-1081-1 since no CVE assigned
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/574
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b604a554dfb6630fe32e739334fa57341dc6123
-CVE-2017-12664
+CVE-2017-12664 (ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage  ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869721)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/574
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/db1ffb6cf44bcfe5c4d5fcf9d9109ded5617387f
-CVE-2017-12431
+CVE-2017-12431 (In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in th ...)
 	{DSA-4040-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869715)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/555
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/784fcac688161aeaea221e00b706c88b08196945
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/5660836f9197107e9c38f14f27a45c2d9f26afe2
-CVE-2017-12428
+CVE-2017-12428 (In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the f ...)
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869713)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/544
@@ -19730,15 +19730,15 @@ CVE-2017-12428
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/f37d26336bf13737db45e556c25fc098f8a8b277
 CVE-2017-11618
 	RESERVED
-CVE-2017-11617
+CVE-2017-11617 (Cross-site scripting (XSS) vulnerability in atmail prior to version 7. ...)
 	- atmailopen <removed>
 CVE-2017-11616
 	RESERVED
-CVE-2017-11615
+CVE-2017-11615 (A sandbox escape in the Lua interface in Wube Factorio before 0.15.31  ...)
 	NOT-FOR-US: Wube Factorio
-CVE-2017-11614
+CVE-2017-11614 (MEDHOST Connex contains hard-coded credentials that are used for custo ...)
 	NOT-FOR-US: MEDHOST Connex
-CVE-2017-11613
+CVE-2017-11613 (In LibTIFF 4.0.8, there is a denial of service vulnerability in the TI ...)
 	{DSA-4349-1 DLA-1411-1 DLA-1391-1}
 	- tiff 4.0.9-5 (low; bug #869823)
 	- tiff3 <removed>
@@ -19748,11 +19748,11 @@ CVE-2017-11613
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1475530
 	NOTE: Upstream fix 1/2: https://gitlab.com/libtiff/libtiff/commit/3719385a3fac5cfb20b487619a5f08abbf967cf8
 	NOTE: Upstream fix 2/2: https://gitlab.com/libtiff/libtiff/commit/7a092f8af2568d61993a8cc2e7a35a998d7d37be
-CVE-2017-11612
+CVE-2017-11612 (In Joomla! before 3.7.4, inadequate filtering of potentially malicious ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-11611
+CVE-2017-11611 (Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The vulner ...)
 	NOT-FOR-US: Wolf CMS
-CVE-2017-11610
+CVE-2017-11610 (The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2 ...)
 	{DSA-3942-1 DLA-1047-1}
 	- supervisor 3.3.1-1.1 (bug #870187)
 	NOTE: https://github.com/Supervisor/supervisor/issues/964
@@ -19762,7 +19762,7 @@ CVE-2017-11610
 	NOTE: 3.0.1 https://github.com/Supervisor/supervisor/commit/83060f3383ebd26add094398174f1de34cf7b7f0
 CVE-2017-11609
 	RESERVED
-CVE-2017-11608
+CVE-2017-11608 (There is a heap-based buffer over-read in the Sass::Prelexer::re_lineb ...)
 	- libsass 3.4.6-1 (bug #870186)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1474276
@@ -19771,7 +19771,7 @@ CVE-2017-11607
 	RESERVED
 CVE-2017-11606
 	RESERVED
-CVE-2017-11605
+CVE-2017-11605 (There is a heap based buffer over-read in LibSass 3.4.5, related to ad ...)
 	- libsass <unfixed> (bug #870184)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1474019
@@ -19783,7 +19783,7 @@ CVE-2017-11602
 	RESERVED
 CVE-2017-11601
 	RESERVED
-CVE-2017-11600
+CVE-2017-11600 (net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG ...)
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.12.6-1
 	NOTE: http://seclists.org/bugtraq/2017/Jul/30
@@ -19797,18 +19797,18 @@ CVE-2017-11596
 	RESERVED
 CVE-2017-11595
 	RESERVED
-CVE-2017-11594
+CVE-2017-11594 (Cross-site scripting (XSS) vulnerability in the Markdown parser in Loo ...)
 	- loomio <itp> (bug #756319)
-CVE-2017-11593
+CVE-2017-11593 (Cross-site scripting (XSS) vulnerability in the Markdown Preview Plus  ...)
 	NOT-FOR-US: Chrome extension Markdown Preview Plus
-CVE-2017-11592
+CVE-2017-11592 (There is a Mismatched Memory Management Routines vulnerability in the  ...)
 	[experimental] - exiv2 <unfixed> (bug #895568)
 	- exiv2 <not-affected> (printTiffStructure introduced in 0.26)
 	NOTE: https://github.com/Exiv2/exiv2/issues/56
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473889
 	NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental with version 0.26-1.
-CVE-2017-11591
+CVE-2017-11591 (There is a Floating point exception in the Exiv2::ValueType function i ...)
 	{DLA-1147-1}
 	- exiv2 <unfixed> (low; bug #876893)
 	[buster] - exiv2 <ignored> (Minor issue)
@@ -19817,7 +19817,7 @@ CVE-2017-11591
 	NOTE: https://github.com/Exiv2/exiv2/issues/55
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473888
 	NOTE: Reproducible in wheezy/jessie/stretch/sid(0.25-3.1)/experimental(0.26-1).
-CVE-2017-11590
+CVE-2017-11590 (There is a NULL pointer dereference in the caseless_hash function in g ...)
 	{DLA-1054-1}
 	- libgxps 0.3.0-1 (low; bug #870183)
 	[stretch] - libgxps <no-dsa> (Minor issue)
@@ -19825,23 +19825,23 @@ CVE-2017-11590
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473167
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=785479
 	NOTE: Fixed by: https://git.gnome.org/browse/libgxps/commit/?id=9d5d2920
-CVE-2017-11589
+CVE-2017-11589 (On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-11588
+CVE-2017-11588 (On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-11587
+CVE-2017-11587 (On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-11586
+CVE-2017-11586 (dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in ...)
 	NOT-FOR-US: FineCms
-CVE-2017-11585
+CVE-2017-11585 (dayrui FineCms 5.0.9 has remote PHP code execution via the param param ...)
 	NOT-FOR-US: FineCms
-CVE-2017-11584
+CVE-2017-11584 (dayrui FineCms 5.0.9 has SQL Injection via the field parameter in an a ...)
 	NOT-FOR-US: FineCms
-CVE-2017-11583
+CVE-2017-11583 (dayrui FineCms 5.0.9 has SQL Injection via the catid parameter in an a ...)
 	NOT-FOR-US: FineCms
-CVE-2017-11582
+CVE-2017-11582 (dayrui FineCms 5.0.9 has SQL Injection via the num parameter in an act ...)
 	NOT-FOR-US: FineCms
-CVE-2017-11581
+CVE-2017-11581 (dayrui FineCms 5.0.9 has Cross Site Scripting (XSS) in admin/Login.php ...)
 	NOT-FOR-US: FineCms
 CVE-2017-11580
 	RESERVED
@@ -19849,64 +19849,64 @@ CVE-2017-11579
 	RESERVED
 CVE-2017-11578
 	RESERVED
-CVE-2017-11577
+CVE-2017-11577 (FontForge 20161012 is vulnerable to a buffer over-read in getsid (pars ...)
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3088
 	NOTE: https://github.com/fontforge/fontforge/commit/3245d354865def9d712bdffe61fa211ad6aa4081
-CVE-2017-11576
+CVE-2017-11576 (FontForge 20161012 does not ensure a positive size in a weight vector  ...)
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3091
 	NOTE: https://github.com/fontforge/fontforge/commit/df349365630344ef3004a3c7934c7e7496692fb1
-CVE-2017-11575
+CVE-2017-11575 (FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (c ...)
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3096
 	NOTE: https://github.com/fontforge/fontforge/commit/4de0c58a01e5e30610c200e9aea98bc7db12c7ac
-CVE-2017-11574
+CVE-2017-11574 (FontForge 20161012 is vulnerable to a heap-based buffer overflow in re ...)
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3090
 	NOTE: https://github.com/fontforge/fontforge/commit/62b6433a81ee7ed6e0ac2d6b09ac85b885046ac3
-CVE-2017-11573
+CVE-2017-11573 (FontForge 20161012 is vulnerable to a buffer over-read in ValidatePost ...)
 	- fontforge <unfixed> (unimportant; bug #873588)
 	NOTE: https://github.com/fontforge/fontforge/issues/3098
 	NOTE: Crash in GUI tool/related desktop libs, no security impact
-CVE-2017-11572
+CVE-2017-11572 (FontForge 20161012 is vulnerable to a heap-based buffer over-read in r ...)
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3092
-CVE-2017-11571
+CVE-2017-11571 (FontForge 20161012 is vulnerable to a stack-based buffer overflow in a ...)
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3087
 	NOTE: https://github.com/fontforge/fontforge/commit/5a0c6522682b0788fc478dd159dd6168cb5fa38b
-CVE-2017-11570
+CVE-2017-11570 (FontForge 20161012 is vulnerable to a buffer over-read in umodenc (par ...)
 	- fontforge <unfixed> (unimportant; bug #873587)
 	NOTE: https://github.com/fontforge/fontforge/issues/3097
 	NOTE: Crash in GUI tool/related desktop libs, no security impact
-CVE-2017-11569
+CVE-2017-11569 (FontForge 20161012 is vulnerable to a heap-based buffer over-read in r ...)
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3093
 	NOTE: https://github.com/fontforge/fontforge/commit/7bfec47910293bf149b8debe44c6f3f788506092
-CVE-2017-11568
+CVE-2017-11568 (FontForge 20161012 is vulnerable to a heap-based buffer over-read in P ...)
 	{DSA-3958-1 DLA-1065-1}
 	- fontforge 1:20170731~dfsg-1 (bug #869614)
 	NOTE: https://github.com/fontforge/fontforge/issues/3089
-CVE-2017-11567
+CVE-2017-11567 (Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server ...)
 	NOT-FOR-US: Mongoose
-CVE-2017-11566
+CVE-2017-11566 (AppUse 4.0 allows shell command injection via a proxy field. ...)
 	NOT-FOR-US: AppUse
-CVE-2017-1002151
+CVE-2017-1002151 (Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due t ...)
 	- pagure <itp> (bug #829046)
 	NOTE: https://pagure.io/pagure/pull-request/2426
-CVE-2017-11564
+CVE-2017-11564 (The D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has multiple command i ...)
 	NOT-FOR-US: D-Link
-CVE-2017-11563
+CVE-2017-11563 (D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has a remote code executio ...)
 	NOT-FOR-US: D-Link
-CVE-2017-11562
+CVE-2017-11562 (A Session Fixation Vulnerability exists in the MT4 Networks SenhaSegur ...)
 	NOT-FOR-US: MT4 SenhaSegura
 CVE-2017-11561
 	RESERVED
@@ -19918,26 +19918,26 @@ CVE-2017-11558
 	RESERVED
 CVE-2017-11557
 	RESERVED
-CVE-2017-11556
+CVE-2017-11556 (There is a stack consumption vulnerability in the Parser::advanceToNex ...)
 	- libsass <unfixed> (bug #870182)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2447
-CVE-2017-11555
+CVE-2017-11555 (There is an illegal address access in the Eval::operator function in e ...)
 	- libsass <unfixed> (bug #870182)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2446
-CVE-2017-11554
+CVE-2017-11554 (There is a stack consumption vulnerability in the lex function in pars ...)
 	- libsass <unfixed> (bug #870182)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2445
-CVE-2017-11553
+CVE-2017-11553 (There is an illegal address access in the extend_alias_table function  ...)
 	[experimental] - exiv2 <unfixed> (low; bug #888874)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/54
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1471772
 	NOTE: Not reproducible in wheezy/jessie/stretch.
 	NOTE: Reproducible with 0.26-1 (experimental).
-CVE-2017-11552
+CVE-2017-11552 (mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use wit ...)
 	- mpg321 0.3.2-2 (bug #870406)
 	[stretch] - mpg321 <no-dsa> (Minor issue)
 	[jessie] - mpg321 <no-dsa> (Minor issue)
@@ -19946,29 +19946,29 @@ CVE-2017-11552
 	NOTE: that the underlying issue is in src:mpg321
 	NOTE: Cf. https://bugs.debian.org/870406#25 for more Details.
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/94
-CVE-2017-11551
+CVE-2017-11551 (The id3_field_parse function in field.c in libid3tag 0.15.1b allows re ...)
 	- libid3tag 0.15.1b-5 (bug #870333)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/85
 	NOTE: Same issue as #304913
-CVE-2017-11550
+CVE-2017-11550 (The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows rem ...)
 	- libid3tag 0.15.1b-9 (bug #405801)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/85
 	NOTE: Addressed by the 11_unknown_encoding.dpatch patch
-CVE-2017-11549
+CVE-2017-11549 (The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remot ...)
 	- timidity <unfixed> (unimportant; bug #870338)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/83
 	NOTE: https://sourceforge.net/p/timidity/discussion/217458/thread/9a1c9620/
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-11548
+CVE-2017-11548 (The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 a ...)
 	- libao <unfixed> (unimportant; bug #870608)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/84
 	NOTE: Not a security issue in ao, needs to be validated in applications using it, see #870608
-CVE-2017-11547
+CVE-2017-11547 (The resample_gauss function in resample.c in TiMidity++ 2.14.0 allows  ...)
 	- timidity 2.14.0-4 (unimportant; bug #870338)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/83
 	NOTE: https://sourceforge.net/p/timidity/discussion/217458/thread/9a1c9620/
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-11546
+CVE-2017-11546 (The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allo ...)
 	- timidity 2.14.0-4 (unimportant; bug #870338)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/83
 	NOTE: https://sourceforge.net/p/timidity/discussion/217458/thread/9a1c9620/
@@ -19977,77 +19977,77 @@ CVE-2017-11545
 	REJECTED
 CVE-2017-11544
 	REJECTED
-CVE-2017-11543
+CVE-2017-11543 (tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in  ...)
 	{DSA-3971-1 DLA-1090-1}
 	- tcpdump 4.9.1-3 (bug #873806)
 	NOTE: Fixed by: https://github.com/the-tcpdump-group/tcpdump/commit/7039327875525278d17edee59720e29a3e76b7b3
 	NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/global-overflow/print-sl
-CVE-2017-11542
+CVE-2017-11542 (tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print fun ...)
 	{DSA-3971-1 DLA-1090-1}
 	- tcpdump 4.9.1-3 (bug #873805)
 	NOTE: Fixed by: https://github.com/the-tcpdump-group/tcpdump/commit/bed48062a64fca524156d7684af19f5b4a116fae
 	NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/print-pim
-CVE-2017-11541
+CVE-2017-11541 (tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print func ...)
 	{DSA-3971-1 DLA-1090-1}
 	- tcpdump 4.9.1-3 (bug #873804)
 	NOTE: Fixed by: https://github.com/the-tcpdump-group/tcpdump/commit/21d702a136c5c16882e368af7c173df728242280
 	NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/util-print
-CVE-2017-11540
+CVE-2017-11540 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	- imagemagick <not-affected> (Only affects ImageMagick-7 series)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/581
-CVE-2017-11539
+CVE-2017-11539 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-15 (unimportant; bug #870120)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/582
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4e81160d66f02bf7b4f569669ca7dd80d416ba6e
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/36aad912d1f405a28a9a1204120b569e7da5898e
-CVE-2017-11538
+CVE-2017-11538 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	- imagemagick <not-affected> (Vulnerable code introduced later, cf bug #870110)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/569
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0a80c9e5f293a8de51011ac784ac52b96932c08f
 	NOTE: Introduced after: https://github.com/ImageMagick/ImageMagick/commit/0bf18387ae1336475631284854b664d0e2d89697
-CVE-2017-11537
+CVE-2017-11537 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (low; bug #869712)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/560
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2bbc1b96f0d9371df675fdf7b8fc9bd4a42ae9cd
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/bac384563f557d1ac7413d2eaec00dd59c3cc29b
-CVE-2017-11536
+CVE-2017-11536 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869831)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/567
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/167e1538ae9818d46c9462a4273082871e35a480
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/dba1ccfbcdf61c0eb599c7c308b42ed46dc92be6
-CVE-2017-11535
+CVE-2017-11535 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	{DSA-4204-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869827)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/561
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b8647f11ddfd6f85a6cc39654c7e78c2bc6412e4
 	NOTE: Imagemagick-6: https://github.com/ImageMagick/ImageMagick/commit/bba95cfcc19fa8a261e12692f31279148ad42441
-CVE-2017-11534
+CVE-2017-11534 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869711)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/564
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3f21b17f06eacb40dab08738e0abf68fb0d58c90
-CVE-2017-11533
+CVE-2017-11533 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	{DSA-4204-1 DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (bug #869834)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/562
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f0c29cc251578fe0ad8ec7b72f2487a77a1696b8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/ed1fd69231ab21dc540167c63bc3b0fa3282ec59
-CVE-2017-11532
+CVE-2017-11532 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869726)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/563
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/d60d705cddac7fa5d0e6596c183bbb9b46a57161
-CVE-2017-11531
+CVE-2017-11531 (When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...)
 	{DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (unimportant; bug #869725)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/566
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/c81594c6ee93581b97e8f8c743200b1366d83989
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1885ab1231e82f90d3f0e839555ee3e1a441bbf8
-CVE-2017-11521
+CVE-2017-11521 (The SdpContents::Session::Medium::parse function in resip/stack/SdpCon ...)
 	{DLA-1439-1 DLA-1040-1}
 	- resiprocate <removed> (low; bug #869404)
 	[stretch] - resiprocate <no-dsa> (Minor issue)
@@ -20055,13 +20055,13 @@ CVE-2017-11521
 	NOTE: https://github.com/resiprocate/resiprocate/pull/88/commits/4b8ffa5afd3291a2701f8d39c31ada443f79a5c8
 CVE-2017-11520
 	RESERVED
-CVE-2017-11519
+CVE-2017-11519 (passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an a ...)
 	NOT-FOR-US: TP-Link
 CVE-2017-11518
 	RESERVED
-CVE-2017-11517
+CVE-2017-11517 (Stack-based buffer overflow in GCoreServer.exe in the server in Geuteb ...)
 	NOT-FOR-US: Geutebrueck Gcore
-CVE-2017-11516
+CVE-2017-11516 (An XSS vulnerability exists in framework/views/errorHandler/exception. ...)
 	NOT-FOR-US: Yii Framework
 CVE-2017-11515
 	RESERVED
@@ -20069,13 +20069,13 @@ CVE-2017-11514
 	RESERVED
 CVE-2017-11513
 	RESERVED
-CVE-2017-11512
+CVE-2017-11512 (The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file  ...)
 	NOT-FOR-US: ManageEngine ServiceDesk
-CVE-2017-11511
+CVE-2017-11511 (The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file  ...)
 	NOT-FOR-US: ManageEngine ServiceDesk
-CVE-2017-11510
+CVE-2017-11510 (An information leak exists in Wanscam's HW0021 network camera that all ...)
 	NOT-FOR-US: Wanscam's HW0021 network camera
-CVE-2017-11509
+CVE-2017-11509 (An authenticated remote attacker can execute arbitrary code in Firebir ...)
 	{DLA-1374-1}
 	- firebird3.0 3.0.3.32900.ds4-3
 	[stretch] - firebird3.0 <postponed> (Minor issue, can be fixed along in a future update)
@@ -20087,56 +20087,56 @@ CVE-2017-11509
 	NOTE: Issue adressed by disabling UDFs in firebird.conf, this is not a source code fix,
 	NOTE: and might actually be considered more justof a mitigation.
 	NOTE: Steps to reproduce (partly) in: https://lists.debian.org/874lk9wyz5.fsf@curie.anarc.at
-CVE-2017-11508
+CVE-2017-11508 (SecurityCenter versions 5.5.0, 5.5.1 and 5.5.2 contain a SQL Injection ...)
 	NOT-FOR-US: SecurityCenter
-CVE-2017-11507
+CVE-2017-11507 (A cross site scripting (XSS) vulnerability exists in Check_MK versions ...)
 	- check-mk 1.2.8p26-1
 	[wheezy] - check-mk <no-dsa> (Minor issue)
 	NOTE: http://mathias-kettner.com/check_mk_werks.php?werk_id=7661
 	NOTE: https://www.tenable.com/security/research/tra-2017-20
-CVE-2017-11506
+CVE-2017-11506 (When linking a Nessus scanner or agent to Tenable.io or other manager, ...)
 	NOT-FOR-US: Nessus
-CVE-2017-11565
+CVE-2017-11565 (debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor wa ...)
 	- tor 0.3.1.7-1 (bug #869153)
 	[stretch] - tor <no-dsa> (Minor issue)
 	[jessie] - tor <not-affected> (aa-exec in jessie is located in /usr/sbin/)
 	[wheezy] - tor <not-affected> (aa-exec in jessie is located in /usr/sbin/)
 	NOTE: https://twitter.com/pissquark/status/888142796414226432
-CVE-2017-11523
+CVE-2017-11523 (The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9 ...)
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-14 (low; bug #869210)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/591
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/83e0f8ffd7eeb7661b0ff83257da23d24ca7f078
 	NOTE: Fixed by (ImageMagick-6): https://github.com/ImageMagick/ImageMagick/commit/a8f9c2aabed37cd6a728532d1aed13ae0f3dfd78
-CVE-2017-11522
+CVE-2017-11522 (The WriteOnePNGImage function in coders/png.c in ImageMagick through 6 ...)
 	- imagemagick <not-affected> (bug #869209; vulnerable code not present, ImageMagick-7 issue only)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/586
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/816ecab6c532ae086ff4186b3eaf4aa7092d536f
 CVE-2017-11504
 	RESERVED
-CVE-2017-11503
+CVE-2017-11503 (PHPMailer 5.2.23 has XSS in the "From Email Address" and "To Email Add ...)
 	- libphp-phpmailer <unfixed> (unimportant)
 	NOTE: code_generator.phps installed to examples
-CVE-2017-11502
+CVE-2017-11502 (Technicolor DPC3928AD DOCSIS devices allow remote attackers to read ar ...)
 	NOT-FOR-US: Technicolor
-CVE-2017-11501
+CVE-2017-11501 (NixOS 17.03 and earlier has an unintended default absence of SSL Certi ...)
 	NOT-FOR-US: NixOS
-CVE-2017-11500
+CVE-2017-11500 (A directory traversal vulnerability exists in MetInfo 5.3.17. A remote ...)
 	NOT-FOR-US: MetInfo
-CVE-2017-11499
+CVE-2017-11499 (Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11. ...)
 	- nodejs 4.8.4~dfsg-1 (bug #868162; unimportant)
 	NOTE: https://nodejs.org/en/blog/release/v6.11.1/
 	NOTE: https://nodejs.org/en/blog/release/v4.8.4/
-CVE-2017-11498
+CVE-2017-11498 (Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all  ...)
 	NOT-FOR-US: Gemalto ACC
-CVE-2017-11497
+CVE-2017-11497 (Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center) ...)
 	NOT-FOR-US: Gemalto ACC
-CVE-2017-11496
+CVE-2017-11496 (Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center) ...)
 	NOT-FOR-US: Gemalto ACC
-CVE-2017-11495
+CVE-2017-11495 (PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticat ...)
 	NOT-FOR-US: PHICOMM
-CVE-2017-11494
+CVE-2017-11494 (SQL injection vulnerability in SOL.Connect ISET-mpp meter 1.2.4.2 and  ...)
 	NOT-FOR-US: SOL.Connect ISET-mpp meter
 CVE-2017-11493
 	REJECTED
@@ -20160,38 +20160,38 @@ CVE-2017-11484
 	REJECTED
 CVE-2017-11483
 	REJECTED
-CVE-2017-11482
+CVE-2017-11482 (The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pa ...)
 	- kibana <itp> (bug #700337)
-CVE-2017-11481
+CVE-2017-11481 (Kibana versions prior to 6.0.1 and 5.6.5 had a cross-site scripting (X ...)
 	- kibana <itp> (bug #700337)
-CVE-2017-11480
+CVE-2017-11480 (Packetbeat versions prior to 5.6.4 are affected by a denial of service ...)
 	NOT-FOR-US: Packetbeat
-CVE-2017-11479
+CVE-2017-11479 (Kibana versions prior to 5.6.1 had a cross-site scripting (XSS) vulner ...)
 	- kibana <itp> (bug #700337)
 CVE-2017-11477
 	RESERVED
 CVE-2017-11476
 	RESERVED
-CVE-2017-11475
+CVE-2017-11475 (GLPI before 9.1.5.1 has SQL Injection in the condition rule field, exp ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2017-11474
+CVE-2017-11474 (GLPI before 9.1.5.1 has SQL Injection in the $crit variable in inc/com ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2017-11471
+CVE-2017-11471 (IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/upt ...)
 	NOT-FOR-US: IDERA Uptime Monitor
-CVE-2017-11470
+CVE-2017-11470 (IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/upt ...)
 	NOT-FOR-US: IDERA Uptime Monitor
-CVE-2017-11469
+CVE-2017-11469 (get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in th ...)
 	NOT-FOR-US: IDERA Uptime Monitor
-CVE-2017-11468
+CVE-2017-11468 (Docker Registry before 2.6.2 in Docker Distribution does not properly  ...)
 	- docker-registry 2.6.2~ds1-1 (bug #869242)
-CVE-2017-11467
+CVE-2017-11467 (OrientDB through 2.2.22 does not enforce privilege requirements during ...)
 	NOT-FOR-US: OrientDB
-CVE-2017-11465
+CVE-2017-11465 (The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows a ...)
 	- ruby2.3 <not-affected> (Specific to Ruby 2.4)
 	- ruby2.1 <not-affected> (Specific to Ruby 2.4)
-CVE-2017-11464
+CVE-2017-11464 (A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in G ...)
 	- librsvg 2.40.18-1 (bug #869129)
 	[stretch] - librsvg <no-dsa> (Minor issue)
 	[jessie] - librsvg <not-affected> (Vulnerable code introduced in 2.40.9)
@@ -20199,41 +20199,41 @@ CVE-2017-11464
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=783835
 	NOTE: Introduced in: https://git.gnome.org/browse/librsvg/commit/?id=054807726db76558728e7a7513aabc4698b3dc95 (2.40.9)
 	NOTE: Fixed by: https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
-CVE-2017-11473
+CVE-2017-11473 (Buffer overflow in the mp_override_legacy_irq() function in arch/x86/k ...)
 	- linux 4.13.4-1 (unimportant)
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux 3.2.96-1
 	NOTE: Fixed by: https://git.kernel.org/linus/dad5ab0db8deac535d03e3fe3d8f2892173fa6a4
 	NOTE: Non-issue since ACPI tables are trusted
-CVE-2017-11472
+CVE-2017-11472 (The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in t ...)
 	- linux <unfixed> (unimportant)
 	NOTE: Fixed by: https://git.kernel.org/linus/3b2d69114fefa474fca542e51119036dceb4aa6f (4.12-rc1)
 	NOTE: Non-issue since ACPI tables are trusted
-CVE-2017-11466
+CVE-2017-11466 (Arbitrary file upload vulnerability in com/dotmarketing/servlets/AjaxF ...)
 	NOT-FOR-US: dotCMS
-CVE-2017-11463
+CVE-2017-11463 (In Ivanti Service Desk (formerly LANDESK Management Suite) versions be ...)
 	NOT-FOR-US: LANDESK
-CVE-2017-11462
+CVE-2017-11462 (Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attacker ...)
 	- krb5 1.15.2-1 (low; bug #873563)
 	[stretch] - krb5 <ignored> (Minor issue, might lead to behaviour changes)
 	[jessie] - krb5 <ignored> (Minor issue, might lead to behaviour changes)
 	[wheezy] - krb5 <ignored> (Minor issue, might lead to behaviour changes)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cf
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8598
-CVE-2017-11461
+CVE-2017-11461 (NetApp OnCommand Unified Manager for 7-mode (core package) versions pr ...)
 	NOT-FOR-US: NetApp
-CVE-2017-11460
+CVE-2017-11460 (Cross-site scripting (XSS) vulnerability in the DataArchivingService s ...)
 	NOT-FOR-US: SAP
-CVE-2017-11459
+CVE-2017-11459 (SAP TREX 7.10 allows remote attackers to (1) read arbitrary files via  ...)
 	NOT-FOR-US: SAP
-CVE-2017-11458
+CVE-2017-11458 (Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol s ...)
 	NOT-FOR-US: SAP
-CVE-2017-11457
+CVE-2017-11457 (XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP Ne ...)
 	NOT-FOR-US: SAP
-CVE-2017-11456
+CVE-2017-11456 (Geneko GWR routers allow directory traversal sequences starting with a ...)
 	NOT-FOR-US: Geneko GWR routers
-CVE-2017-11455
+CVE-2017-11455 (diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through 8. ...)
 	NOT-FOR-US: Pulse Connect Secure
 CVE-2017-11454
 	RESERVED
@@ -20243,61 +20243,61 @@ CVE-2017-11452
 	RESERVED
 CVE-2017-11451
 	RESERVED
-CVE-2017-11450
+CVE-2017-11450 (coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867894)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/556
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/948356eec65aea91995d4b7cc487d197d2c5f602
-CVE-2017-11449
+CVE-2017-11449 (coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable st ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867896)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/556
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b007dd3a048097d8f58949297f5b434612e1e1a3#diff-cdb21e3ad4d6e304030bd19bdc881fce
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/529ff26b68febb2ac03062c58452ea0b4c6edbc1#diff-cdb21e3ad4d6e304030bd19bdc881fce
-CVE-2017-11448
+CVE-2017-11448 (The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0. ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867893)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/556
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1737ac82b335e53376382c07b9a500d73dd2aa11
-CVE-2017-11447
+CVE-2017-11447 (The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick ...)
 	{DSA-3914-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867897)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/556
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8c10b9247509c0484b55330458846115131ec2ae#diff-0a5dc34e461f3c458e758c199f2dc46d
-CVE-2017-11446
+CVE-2017-11446 (The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has a ...)
 	{DSA-4019-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (low; bug #868950)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/537
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/787ee25e9fb0e4e0509121342371d925fe5044f8
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/96182884778bfc43d6a9a0abd90cedb5d8cf8977
-CVE-2017-11445
+CVE-2017-11445 (Subrion CMS before 4.1.6 has a SQL injection vulnerability in /front/a ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2017-11444
+CVE-2017-11444 (Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in /fron ...)
 	NOT-FOR-US: Subrion CMS
 CVE-2017-11443
 	RESERVED
 CVE-2017-11442
 	RESERVED
-CVE-2017-11441
+CVE-2017-11441 (The WHM Upload Locale interface in cPanel before 56.0.51, 58.x before  ...)
 	NOT-FOR-US: WHM Upload Locale interface in cPanel
-CVE-2017-11440
+CVE-2017-11440 (In Sitecore 8.2, there is absolute path traversal via the shell/Applic ...)
 	NOT-FOR-US: Sitecore
-CVE-2017-11439
+CVE-2017-11439 (In Sitecore 8.2, there is reflected XSS in the shell/Applications/Tool ...)
 	NOT-FOR-US: Sitecore
-CVE-2017-11438
+CVE-2017-11438 (GitLab Community Edition (CE) and Enterprise Edition (EE) before 9.0.1 ...)
 	- gitlab <not-affected> (Only affects 8.5 onwards)
 	NOTE: https://about.gitlab.com/2017/07/19/gitlab-9-dot-3-dot-8-released/
-CVE-2017-11437
+CVE-2017-11437 (GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, an ...)
 	- gitlab <not-affected> (Only affects Enterprise Edition)
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ee/issues/2905
 	NOTE: https://about.gitlab.com/2017/07/19/gitlab-9-dot-3-dot-8-released/
-CVE-2017-11436
+CVE-2017-11436 (D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x ...)
 	NOT-FOR-US: D-Link
-CVE-2017-11435
+CVE-2017-11435 (The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authenticat ...)
 	NOT-FOR-US: Humax Wi-Fi Router model HG100R-*
-CVE-2017-11434
+CVE-2017-11434 (The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) ...)
 	{DSA-3925-1 DLA-1497-1 DLA-1071-1 DLA-1070-1}
 	- qemu 1:2.8+dfsg-7 (bug #869171)
 	- qemu-kvm <removed>
@@ -20339,11 +20339,11 @@ CVE-2017-11426
 	RESERVED
 CVE-2017-11425
 	RESERVED
-CVE-2017-11424
+CVE-2017-11424 (In PyJWT 1.5.0 and below the `invalid_strings` check in `HMACAlgorithm ...)
 	{DSA-3979-1}
 	- pyjwt 1.4.2-1.1 (bug #873244)
 	NOTE: https://github.com/jpadilla/pyjwt/pull/277
-CVE-2017-11423
+CVE-2017-11423 (The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha,  ...)
 	{DSA-3946-1 DLA-1279-1}
 	- libmspack 0.6-1 (bug #868956)
 	- clamav 0.99.3~beta1+dfsg-1 (unimportant)
@@ -20356,27 +20356,27 @@ CVE-2017-11423
 	NOTE: ClamAV uses the libmspack system library when available. This is the
 	NOTE: case from starting from Debian Jessie. Debian Wheezy does not have
 	NOTE: libmspack and thus need to have the fix as well in the src:clamav source package.
-CVE-2017-11422
+CVE-2017-11422 (Statamic framework before 2.6.0 does not correctly check a session's p ...)
 	NOT-FOR-US: Statamic
-CVE-2017-11420
+CVE-2017-11420 (Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asusw ...)
 	NOT-FOR-US: ASUS
-CVE-2017-11419
+CVE-2017-11419 (Fiyo CMS 2.0.7 has SQL injection in /apps/app_article/controller/edito ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11418
+CVE-2017-11418 (Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/ ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11417
+CVE-2017-11417 (Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/ ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11416
+CVE-2017-11416 (Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/inser ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11415
+CVE-2017-11415 (Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/sys_article ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11414
+CVE-2017-11414 (Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/sys_comment ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11413
+CVE-2017-11413 (Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/ ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11412
+CVE-2017-11412 (Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/controller/ ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11411
+CVE-2017-11411 (In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY di ...)
 	- wireshark 2.4.0-1 (bug #870179)
 	[stretch] - wireshark <not-affected> (Incomplete fix for CVE-2017-9350 not applied)
 	[jessie] - wireshark <not-affected> (Incomplete fix for CVE-2017-9350 not applied)
@@ -20384,14 +20384,14 @@ CVE-2017-11411
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13755
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a83a324acdfc07a0ca8b65e6ebaba3374ab19c76
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-28.html
-CVE-2017-11410
+CVE-2017-11410 (In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissect ...)
 	- wireshark 2.4.0-1 (bug #870180)
 	[jessie] - wireshark <not-affected> (Incomplete fix for CVE-2017-7702 not applied)
 	[wheezy] - wireshark <not-affected> (Incomplete fix for CVE-2017-7702 not applied)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13796
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3c7168cc5f044b4da8747d35da0b2b204dabf398
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-13.html
-CVE-2017-11409
+CVE-2017-11409 (In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a l ...)
 	{DLA-1634-1}
 	- wireshark 2.2.0~rc1+g438c022-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -20401,93 +20401,93 @@ CVE-2017-11409
 	NOTE: Technically the 2.2.0~rc1+g438c022-1 is just the first version in unstable
 	NOTE: after 2.1.0 from upstream. Upstream changed the types in llc_gprs_dissect_xid
 	NOTE: in version 2.1.0.
-CVE-2017-11408
+CVE-2017-11408 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector co ...)
 	{DSA-4060-1 DLA-1226-1}
 	- wireshark 2.4.0-1 (bug #870172)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13780
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a102c172b0b2fe231fdb49f4f6694603f5b93b0c
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e57c86ef8e3b57b7f90c224f6053d1eacf20e1ba
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-34.html
-CVE-2017-11407
+CVE-2017-11407 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector coul ...)
 	{DLA-1634-1}
 	- wireshark 2.4.0-1 (low; bug #870172)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13792
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4e54dae7f0d7840836ee6d5ce1e688f152ab2978
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-35.html
-CVE-2017-11406
+CVE-2017-11406 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector  ...)
 	{DLA-1634-1}
 	- wireshark 2.4.0-1 (bug #870172)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13797
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=250216263c3a3f2c651e80d9c6b3dc0adc53dc2c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-36.html
-CVE-2017-11405
+CVE-2017-11405 (In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators  ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-11404
+CVE-2017-11404 (In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators  ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-11403
+CVE-2017-11403 (The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-3
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/d0a76868ca37
 	NOTE: When fixing this CVE make sure to not make the fix incomplete and open the CVE-2017-14103
 	NOTE: issue. See: http://www.openwall.com/lists/oss-security/2017/09/01/6
 	NOTE: The addition required commit is: http://hg.code.sf.net/p/graphicsmagick/code/rev/98721124e51f
-CVE-2017-11402
+CVE-2017-11402 (An issue has been discovered on the Belden Hirschmann Tofino Xenon Sec ...)
 	NOT-FOR-US: Belden Hirschmann Tofino Xenon Security Appliance
-CVE-2017-11401
+CVE-2017-11401 (An issue has been discovered on the Belden Hirschmann Tofino Xenon Sec ...)
 	NOT-FOR-US: Belden Hirschmann Tofino Xenon Security Appliance
-CVE-2017-11400
+CVE-2017-11400 (An issue has been discovered on the Belden Hirschmann Tofino Xenon Sec ...)
 	NOT-FOR-US: Belden Hirschmann Tofino Xenon Security Appliance
-CVE-2017-11421
+CVE-2017-11421 (gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection wh ...)
 	- gnome-exe-thumbnailer 0.9.5-1 (bug #868705)
 	[stretch] - gnome-exe-thumbnailer 0.9.4-2+deb9u1
 	NOTE: http://news.dieweltistgarnichtso.net/posts/gnome-thumbnailer-msi-fail.html
 	NOTE: https://github.com/gnome-exe-thumbnailer/gnome-exe-thumbnailer/commit/1d8e3102dd8fd23431ae6127d14a236da6b4a4a5
-CVE-2017-11399
+CVE-2017-11399 (Integer overflow in the ape_decode_frame function in libavcodec/apedec ...)
 	{DSA-3957-1}
 	- ffmpeg 7:3.3.3-1
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/ba4beaf6149f7241c8bd85fe853318c2f6837ad0
 	NOTE: Fixed in 3.2.7
-CVE-2017-11398
+CVE-2017-11398 (A session hijacking via log disclosure vulnerability in Trend Micro Sm ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-11397
+CVE-2017-11397 (A service DLL preloading vulnerability in Trend Micro Encryption for E ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-11396
+CVE-2017-11396 (Vulnerability issues with the web service inspection of input paramete ...)
 	NOT-FOR-US: Trend Micro Web Security Virtual Appliance
-CVE-2017-11395
+CVE-2017-11395 (Command injection vulnerability in Trend Micro Smart Protection Server ...)
 	NOT-FOR-US: Trend Micro Smart Protection Server
-CVE-2017-11394
+CVE-2017-11394 (Proxy command injection vulnerability in Trend Micro OfficeScan 11 and ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-11393
+CVE-2017-11393 (Proxy command injection vulnerability in Trend Micro OfficeScan 11 and ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-11392
+CVE-2017-11392 (Proxy command injection vulnerability in Trend Micro InterScan Messagi ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-11391
+CVE-2017-11391 (Proxy command injection vulnerability in Trend Micro InterScan Messagi ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-11390
+CVE-2017-11390 (XML external entity (XXE) processing vulnerability in Trend Micro Cont ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11389
+CVE-2017-11389 (Directory traversal vulnerability in Trend Micro Control Manager 6.0 a ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11388
+CVE-2017-11388 (SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Ex ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11387
+CVE-2017-11387 (Authentication Bypass in Trend Micro Control Manager 6.0 causes Inform ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11386
+CVE-2017-11386 (SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Ex ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11385
+CVE-2017-11385 (SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Ex ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11384
+CVE-2017-11384 (SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Ex ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11383
+CVE-2017-11383 (SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Ex ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2017-11382
+CVE-2017-11382 (Denial of Service vulnerability in Trend Micro Deep Discovery Email In ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-11381
+CVE-2017-11381 (A command injection vulnerability exists in Trend Micro Deep Discovery ...)
 	NOT-FOR-US: Trend Micro Deep Discovery Director
-CVE-2017-11380
+CVE-2017-11380 (Backup archives were found to be encrypted with a static password acro ...)
 	NOT-FOR-US: Trend Micro Deep Discovery Director
-CVE-2017-11379
+CVE-2017-11379 (Configuration and database backup archives are not signed or validated ...)
 	NOT-FOR-US: Trend Micro Deep Discovery Director
 CVE-2017-11378
 	RESERVED
@@ -20509,116 +20509,116 @@ CVE-2017-11370
 	RESERVED
 CVE-2017-11369
 	RESERVED
-CVE-2017-11368
+CVE-2017-11368 (In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker  ...)
 	{DLA-1058-1}
 	- krb5 1.15.1-2 (bug #869260)
 	[stretch] - krb5 1.15-1+deb9u1
 	[jessie] - krb5 1.12.1+dfsg-19+deb8u3
 	NOTE: https://github.com/krb5/krb5/pull/678/commits/a860385dd8fbd239fdb31b347e07f4e6b2fbdcc2
-CVE-2017-11367
+CVE-2017-11367 (The shoco_decompress function in the API in shoco through 2017-07-17 a ...)
 	NOT-FOR-US: shoco
-CVE-2017-11366
+CVE-2017-11366 (components/filemanager/class.filemanager.php in Codiad before 2.8.4 is ...)
 	NOT-FOR-US: Codiad
 CVE-2017-11365 [Empty passwords validation issue]
 	RESERVED
 	- symfony <not-affected> (introduced in versions that were never packaged in Debian)
 	NOTE: https://symfony.com/blog/cve-2017-11365-empty-passwords-validation-issue
-CVE-2017-11364
+CVE-2017-11364 (The CMS installer in Joomla! before 3.7.4 does not verify a user's own ...)
 	NOT-FOR-US: Joomla!
 CVE-2017-11363
 	RESERVED
-CVE-2017-11362
+CVE-2017-11362 (In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/ms ...)
 	- php7.1 7.1.8-1 (unimportant)
 	- php7.0 7.0.22-1 (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73473
 	NOTE: Fixed in 7.1.7, 7.0.21
 	NOTE: Only triggerable by malicious script
-CVE-2017-11361
+CVE-2017-11361 (Inteno routers have a JUCI ACL misconfiguration that allows the "user" ...)
 	NOT-FOR-US: Inteno routers
-CVE-2017-11360
+CVE-2017-11360 (The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867808)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/518
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/224bc946b24824a77e8e8c52ee07e9bc65796e30
-CVE-2017-11359
+CVE-2017-11359 (The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allow ...)
 	{DLA-1705-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #870328)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
 	NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
 	NOTE: https://github.com/mansr/sox/commit/8b590b3a52f4ccc4eea3f41b4a067c38b3565b60
-CVE-2017-11358
+CVE-2017-11358 (The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 all ...)
 	{DLA-1705-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #870328)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
 	NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
 	NOTE: https://github.com/mansr/sox/commit/6cb44a44b9eda6b321ccdbf6483348d4a9798b00
-CVE-2017-11357
+CVE-2017-11357 (Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not prope ...)
 	NOT-FOR-US: Progress Telerik UI
-CVE-2017-11356
+CVE-2017-11356 (The application distribution export functionality in PEGA Platform 7.2 ...)
 	NOT-FOR-US: PEGA Platform
-CVE-2017-11355
+CVE-2017-11355 (Multiple cross-site scripting (XSS) vulnerabilities in PEGA Platform 7 ...)
 	NOT-FOR-US: PEGA Platform
-CVE-2017-11354
+CVE-2017-11354 (Fiyo CMS v2.0.7 has an SQL injection vulnerability in dapur/apps/app_a ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-11351
+CVE-2017-11351 (Axesstel MU553S MU55XS-V1.14 devices have a default password of admin  ...)
 	NOT-FOR-US: Axesstel MU553S MU55XS-V1.14
-CVE-2017-11350
+CVE-2017-11350 (Cross-Site Request Forgery (CSRF) exists in cgi-bin/ConfigSet on Axess ...)
 	NOT-FOR-US: Axesstel MU553S MU55XS-V1.14
-CVE-2017-11349
+CVE-2017-11349 (dataTaker DT8x dEX 1.72.007 allows remote attackers to compose program ...)
 	NOT-FOR-US: dataTaker
-CVE-2017-11348
+CVE-2017-11348 (In Octopus Deploy 3.x before 3.15.4, an authenticated user with Packag ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2017-11347
+CVE-2017-11347 (Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a  ...)
 	NOT-FOR-US: MetInfo
-CVE-2017-11346
+CVE-2017-11346 (Zoho ManageEngine Desktop Central before build 100092 allows remote at ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2017-11345
+CVE-2017-11345 (Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASU ...)
 	NOT-FOR-US: ASUS
-CVE-2017-11344
+CVE-2017-11344 (Global buffer overflow in networkmap in Asuswrt-Merlin firmware for AS ...)
 	NOT-FOR-US: ASUS
-CVE-2017-11353
+CVE-2017-11353 (yadm (yet another dotfile manager) 1.10.0 has a race condition (relate ...)
 	- yadm 1.11.1-1 (bug #868300)
 	[stretch] - yadm 1.06-1+deb9u1
 	NOTE: https://github.com/TheLocehiliosan/yadm/issues/74
-CVE-2017-11343
+CVE-2017-11343 (Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Sc ...)
 	- chicken 4.12.0-0.2 (bug #870266)
 	[stretch] - chicken <no-dsa> (Minor issue)
 	[jessie] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	NOTE: http://lists.nongnu.org/archive/html/chicken-announce/2017-07/msg00000.html
-CVE-2017-11342
+CVE-2017-11342 (There is an illegal address access in ast.cpp of LibSass 3.4.5. A craf ...)
 	- libsass <unfixed> (bug #868577)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470722
-CVE-2017-11341
+CVE-2017-11341 (There is a heap based buffer over-read in lexer.hpp of LibSass 3.4.5.  ...)
 	- libsass <unfixed> (bug #868577)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470714
-CVE-2017-11340
+CVE-2017-11340 (There is a Segmentation fault in the XmpParser::terminate() function i ...)
 	[experimental] - exiv2 <unfixed> (low; bug #868578)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/53
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470950
 	NOTE: Not reproducible in wheezy/jessie/stretch, I get "The file contains data of an unknown image type".
 	NOTE: Reproducible with 0.26-1 (experimental) although I get another error "free(): invalid next size (fast)".
-CVE-2017-11339
+CVE-2017-11339 (There is a heap-based buffer overflow in the Image::printIFDStructure  ...)
 	[experimental] - exiv2 <unfixed> (bug #868578)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/52
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470946
 	NOTE: Not reproducible in wheezy/jessie/stretch, I get "The file contains data of an unknown image type".
 	NOTE: Reproducible with 0.26-1 (experimental) although I get another error "free(): invalid next size (fast)".
-CVE-2017-11338
+CVE-2017-11338 (There is an infinite loop in the Exiv2::Image::printIFDStructure funct ...)
 	[experimental] - exiv2 <unfixed> (low; bug #868578)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/51
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470913
 	NOTE: Not reproducible in wheezy/jessie/stretch, I get "No Exif data found in the file".
 	NOTE: Reproducible with 0.26-1 (experimental).
-CVE-2017-11337
+CVE-2017-11337 (There is an invalid free in the Action::TaskFactory::cleanup function  ...)
 	[experimental] - exiv2 <unfixed> (low; bug #868578)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/50
@@ -20626,14 +20626,14 @@ CVE-2017-11337
 	NOTE: Not reproducible in wheezy/jessie/stretch (even with valgrind), I get "No Exif data found in the file".
 	NOTE: Reproducible with 0.26-1 (experimental).
 	NOTE: Action::TaskFactory::cleanup function is the same in all versions, so the problem is likely an earlier memory corruption.
-CVE-2017-11336
+CVE-2017-11336 (There is a heap-based buffer over-read in the Image::printIFDStructure ...)
 	[experimental] - exiv2 <unfixed> (bug #868578)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/49
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470729
 	NOTE: Not reproducible in wheezy/jessie/stretch (even with valgrind).
 	NOTE: Reproducible with 0.26-1 (experimental) although I get another error "free(): invalid next size (fast)".
-CVE-2017-11335
+CVE-2017-11335 (There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4 ...)
 	{DSA-4100-1 DLA-1094-1 DLA-1093-1}
 	- tiff 4.0.8-4 (bug #868513)
 	[stretch] - tiff <no-dsa> (Minor issue)
@@ -20641,32 +20641,32 @@ CVE-2017-11335
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2715
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/69bfeec247899776b1b396651adb47436e5f1556
-CVE-2017-11529
+CVE-2017-11529 (The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9- ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867823)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/525
-CVE-2017-11478
+CVE-2017-11478 (The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through  ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867826)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/528
-CVE-2017-11526
+CVE-2017-11526 (The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9 ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867825)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/527
-CVE-2017-11505
+CVE-2017-11505 (The ReadOneJNGImage function in coders/png.c in ImageMagick through 6. ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867824)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/526
-CVE-2017-11530
+CVE-2017-11530 (The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9- ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867821)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/524
-CVE-2017-11524
+CVE-2017-11524 (The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9. ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867798)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/506
-CVE-2017-11334
+CVE-2017-11334 (The address_space_write_continue function in exec.c in QEMU (aka Quick ...)
 	{DSA-3925-1}
 	- qemu 1:2.8+dfsg-7 (bug #869173)
 	[jessie] - qemu <no-dsa> (Minor issue. Backport caused regression in Ubuntu)
@@ -20676,57 +20676,57 @@ CVE-2017-11334
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03775.html
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=f5aa69bdc3418773f26747ca282c291519626ece
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=04bf2526ce87f21b32c9acba1c5518708c243ad0
-CVE-2017-11333
+CVE-2017-11333 (The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbi ...)
 	{DSA-4113-1 DLA-1368-1}
 	- libvorbis 1.3.5-4.1 (low; bug #870341)
 	[jessie] - libvorbis <postponed> (Minor issue, can be revisited once fixed upstream)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/82
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2332
 	NOTE: Fixed by: https://gitlab.xiph.org/xiph/vorbis/commit/a79ec216cd119069c68b8f3542c6a425a74ab993
-CVE-2017-11332
+CVE-2017-11332 (The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows  ...)
 	{DLA-1705-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #870328)
 	[stretch] - sox <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
 	NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
 	NOTE: https://github.com/mansr/sox/commit/7405bcaacb1ded8c595cb751d407cf738cb26571
-CVE-2017-11331
+CVE-2017-11331 (The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 ...)
 	- vorbis-tools <unfixed> (unimportant)
 	NOTE: The issue is "covered" by the fix applied in 0016-oggenc-validate-count-of-channels-in-the-header-CVE-.patch
 	NOTE: still the return of malloc is not checked.
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/80
 	NOTE: Crash in CLI tool only, negligible security impact
-CVE-2017-11330
+CVE-2017-11330 (The DivFixppCore::avi_header_fix function in DivFix++Core.cpp in DivFi ...)
 	NOT-FOR-US: DivFix++
-CVE-2017-11329
+CVE-2017-11329 (GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.ph ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2017-11328
+CVE-2017-11328 (Heap buffer overflow in the yr_object_array_set_item() function in obj ...)
 	- yara 3.6.3+dfsg-1
 	[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - yara <ignored> (Minor issue, too intrusive to backport)
 	NOTE: Fixed by: https://github.com/VirusTotal/yara/commit/4a342f01e5439b9bb901aff1c6c23c536baeeb3f
-CVE-2017-11327
+CVE-2017-11327 (An issue was discovered in Tilde CMS 1.0.1. It is possible to retrieve ...)
 	NOT-FOR-US: Tilde CMS
-CVE-2017-11326
+CVE-2017-11326 (An issue was discovered in Tilde CMS 1.0.1. It is possible to bypass t ...)
 	NOT-FOR-US: Tilde CMS
-CVE-2017-11325
+CVE-2017-11325 (An issue was discovered in Tilde CMS 1.0.1. Arbitrary files can be rea ...)
 	NOT-FOR-US: Tilde CMS
-CVE-2017-11324
+CVE-2017-11324 (An issue was discovered in Tilde CMS 1.0.1. Due to missing escaping of ...)
 	NOT-FOR-US: Tilde CMS
-CVE-2017-11323
+CVE-2017-11323 (Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows r ...)
 	NOT-FOR-US: ESTsoft ALZip
-CVE-2017-11322
+CVE-2017-11322 (The chroothole_client executable in UCOPIA Wireless Appliance before 5 ...)
 	NOT-FOR-US: UCOPIA Wireless Appliance
-CVE-2017-11321
+CVE-2017-11321 (The restricted shell interface in UCOPIA Wireless Appliance before 5.1 ...)
 	NOT-FOR-US: UCOPIA Wireless Appliance
-CVE-2017-11320
+CVE-2017-11320 (Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor ...)
 	NOT-FOR-US: Technicolor TC7337 routers
-CVE-2017-11319
+CVE-2017-11319 (Perspective ICM Investigation &amp; Case 5.1.1.16 allows remote authen ...)
 	NOT-FOR-US: Perspective ICM Investigation
-CVE-2017-11318
+CVE-2017-11318 (Cobian Backup 11 client allows man-in-the-middle attackers to add and  ...)
 	NOT-FOR-US: Cobian
-CVE-2017-11317
+CVE-2017-11317 (Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017  ...)
 	NOT-FOR-US: Progress Telerik UI
 CVE-2017-11316
 	RESERVED
@@ -20738,216 +20738,216 @@ CVE-2017-11313
 	RESERVED
 CVE-2017-11312
 	RESERVED
-CVE-2017-11311
+CVE-2017-11311 (soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt bef ...)
 	- libopenmpt 0.2.8461~beta26-1 (bug #867579)
 	[stretch] - libopenmpt 0.2.7386~beta20.3-3+deb9u2
-CVE-2017-11310
+CVE-2017-11310 (The read_user_chunk_callback function in coders\png.c in ImageMagick 7 ...)
 	- imagemagick <not-affected> (Vulnerable code not present, Only affects ImageMagick-7)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/517
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/8ca35831e91c3db8c6d281d09b605001003bec08
-CVE-2017-11309
+CVE-2017-11309 (Buffer overflow in the SoftConsole client in Avaya IP Office before 10 ...)
 	NOT-FOR-US: Avaya IP Office
-CVE-2017-11308
+CVE-2017-11308 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11307
+CVE-2017-11307 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11306
+CVE-2017-11306 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11305
+CVE-2017-11305 (A regression affecting Adobe Flash Player version 27.0.0.187 (and earl ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11304
+CVE-2017-11304 (An issue was discovered in Adobe Photoshop 18.1.1 (2017.1.1) and earli ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11303
+CVE-2017-11303 (An issue was discovered in Adobe Photoshop 18.1.1 (2017.1.1) and earli ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11302
+CVE-2017-11302 (An issue was discovered in Adobe InDesign 12.1.0 and earlier versions. ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11301
+CVE-2017-11301 (An issue was discovered in Adobe Digital Editions 4.5.6 and earlier ve ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11300
+CVE-2017-11300 (An issue was discovered in Adobe Digital Editions 4.5.6 and earlier ve ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11299
+CVE-2017-11299 (An issue was discovered in Adobe Digital Editions 4.5.6 and earlier ve ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11298
+CVE-2017-11298 (An issue was discovered in Adobe Digital Editions 4.5.6 and earlier ve ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11297
+CVE-2017-11297 (An issue was discovered in Adobe Digital Editions 4.5.6 and earlier ve ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11296
+CVE-2017-11296 (An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11295
+CVE-2017-11295 (An issue was discovered in Adobe DNG Converter 9.12.1 and earlier vers ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11294
+CVE-2017-11294 (An issue was discovered in Adobe Shockwave 12.2.9.199 and earlier. An  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11293
+CVE-2017-11293 (An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11292
+CVE-2017-11292 (Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecod ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-11291
+CVE-2017-11291 (An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11290
+CVE-2017-11290 (An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11289
+CVE-2017-11289 (An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11288
+CVE-2017-11288 (An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11287
+CVE-2017-11287 (An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11286
+CVE-2017-11286 (Adobe ColdFusion has an XML external entity (XXE) injection vulnerabil ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2017-11285
+CVE-2017-11285 (Adobe ColdFusion has a cross-site scripting (XSS) vulnerability. This  ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2017-11284
+CVE-2017-11284 (Adobe ColdFusion has an Untrusted Data Deserialization vulnerability.  ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2017-11283
+CVE-2017-11283 (Adobe ColdFusion has an Untrusted Data Deserialization vulnerability.  ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2017-11282
+CVE-2017-11282 (Adobe Flash Player has an exploitable memory corruption vulnerability  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11281
+CVE-2017-11281 (Adobe Flash Player has an exploitable memory corruption vulnerability  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11280
+CVE-2017-11280 (Adobe Digital Editions 4.5.4 and earlier has an exploitable memory cor ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11279
+CVE-2017-11279 (Adobe Digital Editions 4.5.4 and earlier has an exploitable use after  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11278
+CVE-2017-11278 (Adobe Digital Editions 4.5.4 and earlier has an exploitable memory cor ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11277
+CVE-2017-11277 (Adobe Digital Editions 4.5.4 and earlier has an exploitable memory cor ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11276
+CVE-2017-11276 (Adobe Digital Editions 4.5.4 and earlier has an exploitable memory cor ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11275
+CVE-2017-11275 (Adobe Digital Editions 4.5.4 and earlier has an exploitable heap overf ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11274
+CVE-2017-11274 (Adobe Digital Editions 4.5.4 and earlier has an exploitable use after  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11273
+CVE-2017-11273 (An issue was discovered in Adobe Digital Editions 4.5.6 and earlier ve ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11272
+CVE-2017-11272 (Adobe Digital Editions 4.5.4 and earlier has a security bypass vulnera ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11271
+CVE-2017-11271 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11270
+CVE-2017-11270 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11269
+CVE-2017-11269 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11268
+CVE-2017-11268 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11267
+CVE-2017-11267 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2017-11266
 	REJECTED
-CVE-2017-11265
+CVE-2017-11265 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2017-11264
 	REJECTED
-CVE-2017-11263
+CVE-2017-11263 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11262
+CVE-2017-11262 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11261
+CVE-2017-11261 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11260
+CVE-2017-11260 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11259
+CVE-2017-11259 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11258
+CVE-2017-11258 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11257
+CVE-2017-11257 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11256
+CVE-2017-11256 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11255
+CVE-2017-11255 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11254
+CVE-2017-11254 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11253
+CVE-2017-11253 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11252
+CVE-2017-11252 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11251
+CVE-2017-11251 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11250
+CVE-2017-11250 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11249
+CVE-2017-11249 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11248
+CVE-2017-11248 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2017-11247
 	REJECTED
-CVE-2017-11246
+CVE-2017-11246 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11245
+CVE-2017-11245 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11244
+CVE-2017-11244 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11243
+CVE-2017-11243 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11242
+CVE-2017-11242 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11241
+CVE-2017-11241 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11240
+CVE-2017-11240 (Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11239
+CVE-2017-11239 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11238
+CVE-2017-11238 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11237
+CVE-2017-11237 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11236
+CVE-2017-11236 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11235
+CVE-2017-11235 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11234
+CVE-2017-11234 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11233
+CVE-2017-11233 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11232
+CVE-2017-11232 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11231
+CVE-2017-11231 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11230
+CVE-2017-11230 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11229
+CVE-2017-11229 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11228
+CVE-2017-11228 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11227
+CVE-2017-11227 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11226
+CVE-2017-11226 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11225
+CVE-2017-11225 (An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier v ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11224
+CVE-2017-11224 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11223
+CVE-2017-11223 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11222
+CVE-2017-11222 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11221
+CVE-2017-11221 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11220
+CVE-2017-11220 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11219
+CVE-2017-11219 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11218
+CVE-2017-11218 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11217
+CVE-2017-11217 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11216
+CVE-2017-11216 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11215
+CVE-2017-11215 (An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier v ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11214
+CVE-2017-11214 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11213
+CVE-2017-11213 (An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier v ...)
 	NOT-FOR-US: Adobe
-CVE-2017-11212
+CVE-2017-11212 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11211
+CVE-2017-11211 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11210
+CVE-2017-11210 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-11209
+CVE-2017-11209 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-1000083
+CVE-2017-1000083 (backend/comics/comics-document.c (aka the comic book backend) in GNOME ...)
 	{DSA-3916-1 DSA-3911-1 DLA-1031-1}
 	- evince 3.22.1-4
 	- atril 1.16.1-2.1 (bug #868500)
@@ -20964,133 +20964,133 @@ CVE-2017-11204
 	RESERVED
 CVE-2017-11203
 	RESERVED
-CVE-2017-11202
+CVE-2017-11202 (FineCMS through 2017-07-12 allows XSS in visitors.php because JavaScri ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-11201
+CVE-2017-11201 (application/core/controller/images.php in FineCMS through 2017-07-12 a ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-11200
+CVE-2017-11200 (SQL Injection exists in FineCMS through 2017-07-12 via the application ...)
 	NOT-FOR-US: FineCMS
 CVE-2017-11199
 	RESERVED
-CVE-2017-11198
+CVE-2017-11198 (Cross-site scripting (XSS) vulnerability in /application/lib/ajax/get_ ...)
 	NOT-FOR-US: FineCMS
 CVE-2017-11197
 	RESERVED
-CVE-2017-12562
+CVE-2017-12562 (Heap-based Buffer Overflow in the psf_binheader_writef function in com ...)
 	{DLA-1049-1}
 	- libsndfile 1.0.28-3 (bug #869166)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/292
 	NOTE: https://github.com/erikd/libsndfile/commit/cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8
-CVE-2017-11196
+CVE-2017-11196 (Pulse Connect Secure 8.3R1 has CSRF in logout.cgi. The logout function ...)
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2017-11195
+CVE-2017-11195 (Pulse Connect Secure 8.3R1 has Reflected XSS in launchHelp.cgi. The he ...)
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2017-11194
+CVE-2017-11194 (Pulse Connect Secure 8.3R1 has Reflected XSS in adminservercacertdetai ...)
 	NOT-FOR-US: Pulse Connect Secure
-CVE-2017-11193
+CVE-2017-11193 (Pulse Connect Secure 8.3R1 has CSRF in diag.cgi. In the panel, the dia ...)
 	NOT-FOR-US: Pulse Connect Secure
 CVE-2017-11192
 	RESERVED
-CVE-2017-11191
+CVE-2017-11191 (** DISPUTED ** FreeIPA 4.x with API version 2.213 allows a remote auth ...)
 	NOTE: non-issue claimed for freepia
-CVE-2017-11190
+CVE-2017-11190 (unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, might ...)
 	- unrar-free <unfixed> (unimportant)
 	NOTE: Affected debug code not enabled
-CVE-2017-11189
+CVE-2017-11189 (unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a ...)
 	- unrar-free <unfixed> (unimportant)
 	NOTE: Crash in CLI tool, no security impact
-CVE-2017-11187
+CVE-2017-11187 (phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks t ...)
 	NOT-FOR-US: phpMyFAQ
 CVE-2017-11186
 	RESERVED
-CVE-2017-11185
+CVE-2017-11185 (The gmp plugin in strongSwan before 5.6.0 allows remote attackers to c ...)
 	{DSA-3962-1 DLA-1059-1}
 	- strongswan 5.6.0-1 (bug #872155)
 	NOTE: https://www.strongswan.org/blog/2017/08/14/strongswan-vulnerability-(cve-2017-11185).html
 	NOTE: https://git.strongswan.org/?p=strongswan.git;a=commit;h=ef5c37fcdf47273feea320091598135688df4ef7
-CVE-2017-11184
+CVE-2017-11184 (SQL injection exists in front/devicesoundcard.php in GLPI before 9.1.5 ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2017-11183
+CVE-2017-11183 (front/backup.php in GLPI before 9.1.5 allows remote authenticated admi ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2017-11182
+CVE-2017-11182 (In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found  ...)
 	NOT-FOR-US: Rise Ultimate Project Manager
-CVE-2017-11181
+CVE-2017-11181 (In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found  ...)
 	NOT-FOR-US: Rise Ultimate Project Manager
-CVE-2017-11180
+CVE-2017-11180 (FineCMS through 2017-07-11 has stored XSS in the logging functionality ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-11179
+CVE-2017-11179 (FineCMS through 2017-07-11 has stored XSS in route=admin when modifyin ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-11178
+CVE-2017-11178 (In FineCMS through 2017-07-11, application/core/controller/style.php a ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-11177
+CVE-2017-11177 (TRITON AP-EMAIL 8.2 before 8.2 IB does not properly restrict file acce ...)
 	NOT-FOR-US: TRITON
-CVE-2017-11176
+CVE-2017-11176 (The mq_notify function in the Linux kernel through 4.11.9 does not set ...)
 	{DSA-3945-1 DSA-3927-1 DLA-1099-1}
 	- linux 4.11.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f991af3daabaecff34684fd51fac80319d1baad1
-CVE-2017-11175
+CVE-2017-11175 (In J2 Innovations FIN Stack 4.0, the authentication webform is vulnera ...)
 	NOT-FOR-US: J2 Innovations FIN Stack
-CVE-2017-11174
+CVE-2017-11174 (In install/page_dbsettings.php in the Core distribution of XOOPS 2.5.8 ...)
 	NOT-FOR-US: XOOPS
-CVE-2017-11173
+CVE-2017-11173 (Missing anchor in generated regex for rack-cors before 0.4.1 allows a  ...)
 	{DSA-3931-1}
 	- ruby-rack-cors 0.4.1-1
 	[jessie] - ruby-rack-cors <not-affected> (Vulnerable code not present)
 CVE-2017-11172
 	RESERVED
-CVE-2017-1000096
+CVE-2017-1000096 (Arbitrary code execution due to incomplete sandbox protection: Constru ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000095
+CVE-2017-1000095 (The default whitelist included the following unsafe entries: DefaultGr ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000094
+CVE-2017-1000094 (Docker Commons Plugin provides a list of applicable credential IDs to  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000093
+CVE-2017-1000093 (Poll SCM Plugin was not requiring requests to its API be sent via POST ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000092
+CVE-2017-1000092 (Git Plugin connects to a user-specified Git repository as part of form ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000091
+CVE-2017-1000091 (GitHub Branch Source Plugin connects to a user-specified GitHub API UR ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000090
+CVE-2017-1000090 (Role-based Authorization Strategy Plugin was not requiring requests to ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000089
+CVE-2017-1000089 (Builds in Jenkins are associated with an authentication that controls  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000088
+CVE-2017-1000088 (The Sidebar Link plugin allows users able to configure jobs, views, an ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000087
+CVE-2017-1000087 (GitHub Branch Source provides a list of applicable credential IDs to a ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000086
+CVE-2017-1000086 (The Periodic Backup Plugin did not perform any permission checks, allo ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000085
+CVE-2017-1000085 (Subversion Plugin connects to a user-specified Subversion repository a ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-1000084
+CVE-2017-1000084 (Parameterized Trigger Plugin fails to check Item/Build permission: The ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-11171
+CVE-2017-11171 (Bad reference counting in the context of accept_ice_connection() in gs ...)
 	- gnome-session 2.30.0-1
 	NOTE: https://github.com/GNOME/gnome-session/commit/b0dc999e0b45355314616321dbb6cb71e729fc9d
-CVE-2017-11170
+CVE-2017-11170 (The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (low; bug #868184)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/472
-CVE-2017-11169
+CVE-2017-11169 (Privilege Escalation on iBall iB-WRA300N3GT iB-WRA300N3GT_1.1.1 device ...)
 	NOT-FOR-US: iBall iB-WRA300N3GT iB-WRA300N3GT_1.1.1 devices
 CVE-2017-11168
 	RESERVED
-CVE-2017-11167
+CVE-2017-11167 (FineCMS 2.1.0 allows remote attackers to execute arbitrary PHP code by ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-11166
+CVE-2017-11166 (The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a ...)
 	- imagemagick 8:6.9.7.4+dfsg-7 (unimportant; bug #868263)
 	[wheezy] - imagemagick 8:6.7.7.10-5+deb7u14
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/471
-CVE-2017-11165
+CVE-2017-11165 (dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: dataTaker
-CVE-2017-11164
+CVE-2017-11164 (In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exe ...)
 	- pcre3 <unfixed> (unimportant)
 	NOTE: http://openwall.com/lists/oss-security/2017/07/11/3
-CVE-2017-11163
+CVE-2017-11163 (Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Ca ...)
 	- cacti 1.1.12+ds1-1 (bug #868080)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later)
@@ -21099,39 +21099,39 @@ CVE-2017-11163
 	NOTE: aggregate_graphs.php not available in 0.8.8.
 	NOTE: Upstream claims fix for CVE-2017-10970 also fixes this CVE
 	NOTE: but produced this patch anyway: https://github.com/Cacti/cacti/commit/bf5b1309dcf68578c3bdc4db54112dfb2e8ec4f4
-CVE-2017-11162
+CVE-2017-11162 (Directory traversal vulnerability in synphotoio in Synology Photo Stat ...)
 	NOT-FOR-US: Synology
-CVE-2017-11161
+CVE-2017-11161 (Multiple SQL injection vulnerabilities in Synology Photo Station befor ...)
 	NOT-FOR-US: Synology
-CVE-2017-11160
+CVE-2017-11160 (Multiple untrusted search path vulnerabilities in installer in Synolog ...)
 	NOT-FOR-US: Installer in Synology Assistant
-CVE-2017-11159
+CVE-2017-11159 (Multiple untrusted search path vulnerabilities in installer in Synolog ...)
 	NOT-FOR-US: Installer in Synology Photo Station Uploader
-CVE-2017-11158
+CVE-2017-11158 (Multiple untrusted search path vulnerabilities in the installer in Syn ...)
 	NOT-FOR-US: Synology Cloud Station Drive
-CVE-2017-11157
+CVE-2017-11157 (Multiple untrusted search path vulnerabilities in the installer in Syn ...)
 	NOT-FOR-US: Synology
-CVE-2017-11156
+CVE-2017-11156 (Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2 ...)
 	NOT-FOR-US: Synology Download Station
-CVE-2017-11155
+CVE-2017-11155 (An information exposure vulnerability in index.php in Synology Photo S ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-11154
+CVE-2017-11154 (Unrestricted file upload vulnerability in PixlrEditorHandler.php in Sy ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-11153
+CVE-2017-11153 (Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-11152
+CVE-2017-11152 (Directory traversal vulnerability in PixlrEditorHandler.php in Synolog ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-11151
+CVE-2017-11151 (A vulnerability in synotheme_upload.php in Synology Photo Station befo ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-11150
+CVE-2017-11150 (Command injection vulnerability in Document.php in Synology Office 2.2 ...)
 	NOT-FOR-US: Synology Office
-CVE-2017-11149
+CVE-2017-11149 (Server-side request forgery (SSRF) vulnerability in Downloader in Syno ...)
 	NOT-FOR-US: Synology Download Station
-CVE-2017-11148
+CVE-2017-11148 (Server-side request forgery (SSRF) vulnerability in link preview in Sy ...)
 	NOT-FOR-US: Synology Chat
 CVE-2017-11146
 	REJECTED
-CVE-2017-11145
+CVE-2017-11145 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an er ...)
 	{DSA-4081-1 DSA-4080-1 DLA-1034-1}
 	- php7.1 7.1.8-1
 	- php7.0 7.0.22-1
@@ -21140,29 +21140,29 @@ CVE-2017-11145
 	NOTE: Fixed in 7.1.7, 7.0.21, 5.6.31
 	NOTE: Fixed by: https://github.com/php/php-src/commit/e8b7698f5ee757ce2c8bd10a192a491a498f891c
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
-CVE-2017-1000362
+CVE-2017-1000362 (The re-key admin monitor was introduced in Jenkins 1.498 and re-encryp ...)
 	- jenkins <removed>
-CVE-2017-1000081
+CVE-2017-1000081 (Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of ...)
 	NOT-FOR-US: ONOS
-CVE-2017-1000080
+CVE-2017-1000080 (Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets. ...)
 	NOT-FOR-US: ONOS
-CVE-2017-1000079
+CVE-2017-1000079 (Linux foundation ONOS 1.9.0 is vulnerable to a DoS. ...)
 	NOT-FOR-US: ONOS
-CVE-2017-1000078
+CVE-2017-1000078 (Linux foundation ONOS 1.9 is vulnerable to XSS in the device. registra ...)
 	NOT-FOR-US: ONOS
 CVE-2017-1000077
 	REJECTED
 CVE-2017-1000076
 	REJECTED
-CVE-2017-1000075
+CVE-2017-1000075 (Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the  ...)
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000074
+CVE-2017-1000074 (Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the  ...)
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000073
+CVE-2017-1000073 (Creolabs Gravity version 1.0 is vulnerable to a heap overflow in an un ...)
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000072
+CVE-2017-1000072 (Creolabs Gravity version 1.0 is vulnerable to a Double Free in gravity ...)
 	NOT-FOR-US: Creolabs Gravity
-CVE-2017-1000071
+CVE-2017-1000071 (Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass i ...)
 	- php-cas 1.3.6-1 (bug #868466)
 	[stretch] - php-cas <no-dsa> (Minor issue)
 	[jessie] - php-cas <no-dsa> (Minor issue)
@@ -21171,56 +21171,56 @@ CVE-2017-1000071
 	NOTE: Fixed by: https://github.com/apereo/phpCAS/commit/c9ba00327fd0ac8faecc62ce150c1986022856cd
 	NOTE: The vulnerability only exists when the server is affected by
 	NOTE: another very old vulnerability fixed in 2010.
-CVE-2017-1000070
+CVE-2017-1000070 (The Bitly oauth2_proxy in version 2.1 and earlier was affected by an o ...)
 	NOT-FOR-US: Bitly oauth2_proxy
-CVE-2017-1000069
+CVE-2017-1000069 (CSRF in Bitly oauth2_proxy 2.1 during authentication flow ...)
 	NOT-FOR-US: Bitly oauth2_proxy
-CVE-2017-1000068
+CVE-2017-1000068 (TestTrack Server versions 1.0 and earlier are vulnerable to an authent ...)
 	NOT-FOR-US: TestTrack
-CVE-2017-1000067
+CVE-2017-1000067 (MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injecti ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2017-1000066
+CVE-2017-1000066 (The entry details view function in KeePass version 1.32 inadvertently  ...)
 	- keepass2 <not-affected> (Only affects 1.x)
-CVE-2017-1000065
+CVE-2017-1000065 (Multiple Cross-site scripting (XSS) vulnerabilities in rpc.php in Open ...)
 	NOT-FOR-US: OpenMediaVault
-CVE-2017-1000064
+CVE-2017-1000064 (kittoframework kitto version 0.5.1 is vulnerable to memory exhaustion  ...)
 	NOT-FOR-US: kittoframework kitto
-CVE-2017-1000063
+CVE-2017-1000063 (kittoframework kitto version 0.5.1 is vulnerable to an XSS in the 404  ...)
 	NOT-FOR-US: kittoframework kitto
-CVE-2017-1000062
+CVE-2017-1000062 (kittoframework kitto 0.5.1 is vulnerable to directory traversal in the ...)
 	NOT-FOR-US: kittoframework kitto
-CVE-2017-1000061
+CVE-2017-1000061 (xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansio ...)
 	- xmlsec1 1.2.24-1
 	[stretch] - xmlsec1 <no-dsa> (Minor issue)
 	[jessie] - xmlsec1 <no-dsa> (Minor issue)
 	[wheezy] - xmlsec1 <no-dsa> (Minor issue)
 	NOTE: https://github.com/lsh123/xmlsec/issues/43
-CVE-2017-1000060
+CVE-2017-1000060 (EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leadin ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
-CVE-2017-1000059
+CVE-2017-1000059 (Live Helper Chat version 2.06v and older is vulnerable to Cross-Site S ...)
 	NOT-FOR-US: Live Helper Chat
-CVE-2017-1000058
+CVE-2017-1000058 (Stored XSS vulnerabilities in chevereto CMS before version 3.8.11, one ...)
 	NOT-FOR-US: chevereto CMS
 CVE-2017-1000057
 	REJECTED
-CVE-2017-1000056
+CVE-2017-1000056 (Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation ...)
 	- kubernetes 1.5.5+dfsg-1
 	NOTE: https://github.com/kubernetes/kubernetes/issues/43459
 CVE-2017-1000055
 	REJECTED
-CVE-2017-1000054
+CVE-2017-1000054 (Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdo ...)
 	NOT-FOR-US: Rocket.Chat
-CVE-2017-1000053
+CVE-2017-1000053 (Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to  ...)
 	NOT-FOR-US: Elixir Plug
-CVE-2017-1000052
+CVE-2017-1000052 (Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to  ...)
 	NOT-FOR-US: Elixir Plug
-CVE-2017-1000051
+CVE-2017-1000051 (Cross-site scripting (XSS) vulnerability in pad export in XWiki labs C ...)
 	NOT-FOR-US: XWiki labs
 CVE-2017-1000049
 	REJECTED
-CVE-2017-1000048
+CVE-2017-1000048 (the web framework using ljharb's qs module older than v6.3.2, v6.2.3,  ...)
 	NOT-FOR-US: ljharb
-CVE-2017-1000047
+CVE-2017-1000047 (rbenv (all current versions) is vulnerable to Directory Traversal in t ...)
 	- rbenv <unfixed> (bug #869702)
 	[buster] - rbenv <no-dsa> (Minor issue)
 	[stretch] - rbenv <no-dsa> (Minor issue)
@@ -21228,36 +21228,36 @@ CVE-2017-1000047
 	[wheezy] - rbenv <no-dsa> (Minor issue)
 	NOTE: https://github.com/rbenv/rbenv/issues/977
 	NOTE: .ruby-version is .rbenv-version in wheezy
-CVE-2017-1000046
+CVE-2017-1000046 (Mautic 2.6.1 and earlier fails to set flags on session cookies ...)
 	NOT-FOR-US: Mautic
 CVE-2017-1000045
 	REJECTED
-CVE-2017-1000043
+CVE-2017-1000043 (Mapbox.js versions 1.x prior to 1.6.6 and 2.x prior to 2.2.4 are vulne ...)
 	NOT-FOR-US: Mapbox.js
-CVE-2017-1000042
+CVE-2017-1000042 (Mapbox.js versions 1.x prior to 1.6.5 and 2.x prior to 2.1.7 are vulne ...)
 	NOT-FOR-US: Mapbox.js
-CVE-2017-1000039
+CVE-2017-1000039 (Framadate version 1.0 is vulnerable to Formula Injection in the CSV Ex ...)
 	NOT-FOR-US: Framadate
-CVE-2017-1000038
+CVE-2017-1000038 (WordPress plugin Relevanssi version 3.5.7.1 is vulnerable to stored XS ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2017-1000037
+CVE-2017-1000037 (RVM automatically loads environment variables from files in $PWD resul ...)
 	NOT-FOR-US: RVM
 CVE-2017-1000036
 	REJECTED
-CVE-2017-1000035
+CVE-2017-1000035 (Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attac ...)
 	- tt-rss 17.1+git20170410+dfsg-1
 	NOTE: https://git.tt-rss.org/git/tt-rss/commit/829d478f1b054c8ce1eeb4f15170dc4a1abb3e47
-CVE-2017-1000034
+CVE-2017-1000034 (Akka versions &lt;=2.4.16 and 2.5-M1 are vulnerable to a java deserial ...)
 	NOT-FOR-US: Akka
-CVE-2017-1000033
+CVE-2017-1000033 (Wordpress Plugin Vospari Forms version &lt; 1.4 is vulnerable to a ref ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2017-1000032
+CVE-2017-1000032 (Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remot ...)
 	- cacti 0.8.8b+dfsg-6
 	[wheezy] - cacti 0.8.8a+dfsg-5+deb7u3
 	NOTE: MITRE will not reject the entry, but the issue is already covered by the
 	NOTE: patch as for CVE-2014-4002. See discussion in
 	NOTE: https://github.com/distributedweaknessfiling/DWF-CVE-Database/issues/27
-CVE-2017-1000031
+CVE-2017-1000031 (SQL injection vulnerability in graph_templates_inputs.php in Cacti 0.8 ...)
 	- cacti 0.8.8e+ds1-1
 	[jessie] - cacti <ignored> (Minor issue, can be mitigated with Web Application Firewalls)
 	[wheezy] - cacti <ignored> (Minor issue, can be mitigated with Web Application Firewalls)
@@ -21277,86 +21277,86 @@ CVE-2017-1000031
 	NOTE: CVE-2015-4634 seems part of the duplication. Upstream commit 4e4dd67 was in the
 	NOTE: preperation git tree for 1.x, its equivalent svn commit was used to fix
 	NOTE: CVE-2015-4634 in Debian.
-CVE-2017-1000030
+CVE-2017-1000030 (Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulne ...)
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-1000029
+CVE-2017-1000029 (Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulne ...)
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-1000028
+CVE-2017-1000028 (Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both ...)
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-1000027
+CVE-2017-1000027 (Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable t ...)
 	NOT-FOR-US: Koozali Foundation SME Server
-CVE-2017-1000026
+CVE-2017-1000026 (Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable ...)
 	{DSA-3915-1}
 	- ruby-mixlib-archive 0.4.1-1 (bug #868572)
 	NOTE: https://github.com/chef/mixlib-archive/pull/6
 	NOTE: https://github.com/chef/mixlib-archive/pull/6/commits/3a874a24aed6ee93fbccf97efe0ecc999bafe87d
-CVE-2017-1000025
+CVE-2017-1000025 (GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 befo ...)
 	- epiphany-browser 3.22.6-1 (unimportant)
 	NOTE: webkit not covered by security support
-CVE-2017-1000024
+CVE-2017-1000024 (Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable ...)
 	- shotwell 0.25.4+really0.24.5-0.1 (unimportant)
-CVE-2017-1000023
+CVE-2017-1000023 (LogicalDoc Community Edition 7.5.3 and prior is vulnerable to an XSS w ...)
 	NOT-FOR-US: LogicalDoc Community Edition
-CVE-2017-1000022
+CVE-2017-1000022 (LogicalDoc Community Edition 7.5.3 and prior contain an Incorrect acce ...)
 	NOT-FOR-US: LogicalDoc Community Edition
-CVE-2017-1000021
+CVE-2017-1000021 (LogicalDoc Community Edition 7.5.3 and prior is vulnerable to XXE when ...)
 	NOT-FOR-US: LogicalDoc Community Edition
-CVE-2017-1000020
+CVE-2017-1000020 (SYN Flood or FIN Flood attack in ECos 1 and other versions embedded de ...)
 	NOT-FOR-US: ECos
-CVE-2017-1000018
+CVE-2017-1000018 (phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the re ...)
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-7
-CVE-2017-1000017
+CVE-2017-1000017 (phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user  ...)
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-6
-CVE-2017-1000016
+CVE-2017-1000016 (A weakness was discovered where an attacker can inject arbitrary value ...)
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-5
-CVE-2017-1000015
+CVE-2017-1000015 (phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack  ...)
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-4
-CVE-2017-1000014
+CVE-2017-1000014 (phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the t ...)
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-3
-CVE-2017-1000013
+CVE-2017-1000013 (phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakne ...)
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-1
-CVE-2017-1000012
+CVE-2017-1000012 (MySQL Dumper version 1.24 is vulnerable to stored XSS when displaying  ...)
 	NOT-FOR-US: MySQL Dumper
-CVE-2017-1000011
+CVE-2017-1000011 (MyWebSQL version 3.6 is vulnerable to stored XSS in the database manag ...)
 	NOT-FOR-US: MyWebSQL
-CVE-2017-1000010
+CVE-2017-1000010 (Audacity version 2.1.2 is vulnerable to Dll HIjacking in the avformat- ...)
 	- audacity <not-affected> (Specific to Windows packaging)
-CVE-2017-1000009
+CVE-2017-1000009 (Akeneo PIM CE and EE &lt;1.6.6, &lt;1.5.15, &lt;1.4.28 are vulnerable  ...)
 	NOT-FOR-US: Akeneo PIM
-CVE-2017-1000008
+CVE-2017-1000008 (Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user setting ...)
 	NOT-FOR-US: Chyrp Lite
-CVE-2017-1000007
+CVE-2017-1000007 (txAWS (all current versions) fail to perform complete certificate veri ...)
 	NOT-FOR-US: txAWS
-CVE-2017-1000006
+CVE-2017-1000006 (Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an X ...)
 	NOT-FOR-US: plotly.js (different from the plotly Python package)
-CVE-2017-1000005
+CVE-2017-1000005 (PHPMiniAdmin version 1.9.160630 is vulnerable to stored XSS in the nam ...)
 	NOT-FOR-US: PHPMiniAdmin
-CVE-2017-1000004
+CVE-2017-1000004 (ATutor version 2.2.1 and earlier are vulnerable to a SQL injection in  ...)
 	NOT-FOR-US: ATutor
-CVE-2017-1000003
+CVE-2017-1000003 (ATutor versions 2.2.1 and earlier are vulnerable to an incorrect acces ...)
 	NOT-FOR-US: ATutor
-CVE-2017-1000002
+CVE-2017-1000002 (ATutor versions 2.2.1 and earlier are vulnerable to a directory traver ...)
 	NOT-FOR-US: ATutor
-CVE-2017-1000001
+CVE-2017-1000001 (FedMsg 0.18.1 and older is vulnerable to a message validation flaw res ...)
 	- fedmsg <removed> (bug #868508)
 	[jessie] - fedmsg <no-dsa> (Minor issue)
 	NOTE: https://github.com/fedora-infra/fedmsg/commit/5c21cf88a
-CVE-2017-11141
+CVE-2017-11141 (The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (low; bug #868264)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/469
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/353b942bd83da7e1356ba99c942848bd1871ee9f
-CVE-2017-11140
+CVE-2017-11140 (The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 c ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-3 (low)
 	NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/b4139088b49a
-CVE-2017-11139
+CVE-2017-11139 (GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJN ...)
 	{DSA-4321-1}
 	- graphicsmagick 1.3.26-2 (low)
 	[jessie] - graphicsmagick <not-affected> (vulnerable code for CVE-2017-11102 not applied in Jessie)
@@ -21366,123 +21366,123 @@ CVE-2017-11138
 	RESERVED
 CVE-2017-11137
 	RESERVED
-CVE-2017-11136
+CVE-2017-11136 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for A ...)
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11135
+CVE-2017-11135 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for A ...)
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11134
+CVE-2017-11134 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for A ...)
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11133
+CVE-2017-11133 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for A ...)
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11132
+CVE-2017-11132 (An issue was discovered in heinekingmedia StashCat before 1.5.18 for A ...)
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11131
+CVE-2017-11131 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for A ...)
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11130
+CVE-2017-11130 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for A ...)
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11129
+CVE-2017-11129 (An issue was discovered in heinekingmedia StashCat through 1.7.5 for A ...)
 	NOT-FOR-US: heinekingmedia StashCat
-CVE-2017-11128
+CVE-2017-11128 (Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by t ...)
 	NOT-FOR-US: Bolt CMS
-CVE-2017-11127
+CVE-2017-11127 (Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a  ...)
 	NOT-FOR-US: Bolt CMS
-CVE-2017-11126
+CVE-2017-11126 (The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25 ...)
 	- mpg123 1.25.3-1 (unimportant)
 	NOTE: no security impact
-CVE-2017-11125
+CVE-2017-11125 (libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_p ...)
 	- xar <removed>
-CVE-2017-11124
+CVE-2017-11124 (libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unser ...)
 	- xar <removed>
 CVE-2017-11123
 	RESERVED
-CVE-2017-11122
+CVE-2017-11122 (On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can t ...)
 	NOT-FOR-US: Broadcom
-CVE-2017-11121
+CVE-2017-11121 (On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, p ...)
 	NOT-FOR-US: Broadcom
-CVE-2017-11120
+CVE-2017-11120 (On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, a ...)
 	NOT-FOR-US: Broadcom
-CVE-2017-11119
+CVE-2017-11119 (The chk_mem_access function in cpu/nes6502/nes6502.c in libnosefart.a  ...)
 	- xine-lib-1.2 <not-affected> (it is built with --disable-nosefart)
 	- xine-lib <not-affected> (it is built with --disable-nosefart)
 	NOTE: https://sourceforge.net/p/nosefart/bugs/6/
-CVE-2017-11118
+CVE-2017-11118 (The ExifImageFile::readImage function in ExifImageFileRead.cpp in Open ...)
 	NOT-FOR-US: OpenExif
-CVE-2017-11117
+CVE-2017-11117 (The ExifImageFile::readDHT function in ExifImageFileRead.cpp in OpenEx ...)
 	NOT-FOR-US: OpenExif
-CVE-2017-11116
+CVE-2017-11116 (The ExifImageFile::readDQT function in ExifImageFileRead.cpp in OpenEx ...)
 	NOT-FOR-US: OpenExif
-CVE-2017-11115
+CVE-2017-11115 (The ExifJpegHUFFTable::deriveTable function in ExifHuffmanTable.cpp in ...)
 	NOT-FOR-US: OpenExif
-CVE-2017-11114
+CVE-2017-11114 (The put_chars function in html_r.c in Twibright Links 2.14 allows remo ...)
 	- links2 2.14-3 (unimportant; bug #870299)
 	NOTE: PoC: http://seclists.org/fulldisclosure/2017/Jul/76
-CVE-2017-11527
+CVE-2017-11527 (The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9- ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867812)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/523
-CVE-2017-11528
+CVE-2017-11528 (The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9- ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867811)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/522
-CVE-2017-11525
+CVE-2017-11525 (The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9- ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867810)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/519
-CVE-2017-11188
+CVE-2017-11188 (The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867806)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/509
-CVE-2017-11113
+CVE-2017-11113 (In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_e ...)
 	- ncurses 6.0+20170701-1
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464691
-CVE-2017-11112
+CVE-2017-11112 (In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the ...)
 	- ncurses 6.0+20170701-1
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464686
-CVE-2017-11111
+CVE-2017-11111 (In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers ...)
 	{DLA-1041-1}
 	- nasm 2.13.02-0.1 (bug #867988)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392415
-CVE-2017-11110
+CVE-2017-11110 (The ole_init function in ole.c in catdoc 0.95 allows remote attackers  ...)
 	{DSA-3917-1 DLA-1037-1}
 	- catdoc 1:0.95-3 (bug #867717)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1468471
-CVE-2017-11109
+CVE-2017-11109 (Vim 8.0 allows attackers to cause a denial of service (invalid free) o ...)
 	{DLA-1030-1}
 	- vim 2:8.0.0197-5 (low; bug #867720)
 	[stretch] - vim 2:8.0.0197-4+deb9u1
 	[jessie] - vim <postponed> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1468492
-CVE-2017-11108
+CVE-2017-11108 (tcpdump 4.9.0 allows remote attackers to cause a denial of service (he ...)
 	{DSA-3971-1 DLA-1090-1}
 	- tcpdump 4.9.1-1 (bug #867718)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1468504
 	NOTE: Proposed patch: https://github.com/the-tcpdump-group/tcpdump/pull/617
 	NOTE: https://github.com/the-tcpdump-group/tcpdump/commit/d9e65de3d94698ec90dbca42962a30dd2f0680e1 (4.9.1)
-CVE-2017-11107
+CVE-2017-11107 (phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the ...)
 	{DLA-1561-1 DLA-1019-1}
 	- phpldapadmin <unfixed> (bug #867719)
 	NOTE: https://github.com/leenooks/phpLDAPadmin/issues/50
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/phpldapadmin/+bug/1701731
 CVE-2017-11106
 	RESERVED
-CVE-2017-11105
+CVE-2017-11105 (The OnePlus 2 Primary Bootloader (PBL) does not validate the SBL1 part ...)
 	NOT-FOR-US: OnePlus
-CVE-2017-1000050
+CVE-2017-1000050 (JasPer 2.0.12 is vulnerable to a NULL pointer exception in the functio ...)
 	- jasper <removed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/06/1
 	NOTE: https://github.com/mdadams/jasper/issues/120
 	NOTE: Fixed by: https://github.com/mdadams/jasper/commit/58ba0365d911b9f9dd68e9abf826682c0b4f2293
-CVE-2017-1002024
+CVE-2017-1002024 (Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/u ...)
 	NOT-FOR-US: kindeditor
-CVE-2017-11103
+CVE-2017-11103 (Heimdal before 7.4 allows remote attackers to impersonate services wit ...)
 	{DSA-3912-1 DSA-3909-1 DLA-1027-1}
 	- heimdal 7.4.0.dfsg.1-1 (bug #868208)
 	- samba 2:4.6.5+dfsg-4 (bug #868209)
@@ -21494,235 +21494,235 @@ CVE-2017-11103
 	NOTE: samba's source package embeds heimdal but the binary is statically linked to src:heimdal
 	NOTE: https://www.samba.org/samba/security/CVE-2017-11103.html
 	NOTE: Upstream Samba Bug: https://bugzilla.samba.org/show_bug.cgi?id=12894
-CVE-2017-11102
+CVE-2017-11102 (The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26  ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-2 (bug #867746)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/d445af60a8d5
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/dea93a690fc1
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/4d0baa77245b
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/e8f859704230
-CVE-2017-11101
+CVE-2017-11101 (When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lea ...)
 	- swftools <unfixed> (unimportant; bug #871022)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/26
-CVE-2017-11100
+CVE-2017-11100 (When SWFTools 0.9.2 processes a crafted file in swfextract, it can lea ...)
 	- swftools <unfixed> (unimportant; bug #871024)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/27
-CVE-2017-11099
+CVE-2017-11099 (When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead t ...)
 	- swftools <unfixed> (unimportant; bug #871018)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/31
-CVE-2017-11098
+CVE-2017-11098 (When SWFTools 0.9.2 processes a crafted file in png2swf, it can lead t ...)
 	- swftools <unfixed> (unimportant; bug #871020)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/32
-CVE-2017-11097
+CVE-2017-11097 (When SWFTools 0.9.2 processes a crafted file in swfc, it can lead to a ...)
 	- swftools <unfixed> (unimportant; bug #871025)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/24
-CVE-2017-11096
+CVE-2017-11096 (When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lea ...)
 	- swftools <unfixed> (unimportant; bug #871026)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/25
 CVE-2017-11095
 	RESERVED
 CVE-2017-11094
 	RESERVED
-CVE-2017-11093
+CVE-2017-11093 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11092
+CVE-2017-11092 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11091
+CVE-2017-11091 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11090
+CVE-2017-11090 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11089
+CVE-2017-11089 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.51-1
 	NOTE: Fixed by: https://git.kernel.org/linus/8feb69c7bd89513be80eb19198d48f154b254021
-CVE-2017-11088
+CVE-2017-11088 (Improper Input Validation in Linux io-prefetch in Snapdragon Mobile an ...)
 	NOT-FOR-US: Snapdragon
-CVE-2017-11087
+CVE-2017-11087 (libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android cop ...)
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-11086
 	RESERVED
-CVE-2017-11085
+CVE-2017-11085 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11084
 	RESERVED
 CVE-2017-11083
 	RESERVED
-CVE-2017-11082
+CVE-2017-11082 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11081
+CVE-2017-11081 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11080
+CVE-2017-11080 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11079
+CVE-2017-11079 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11078
+CVE-2017-11078 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11077
 	RESERVED
 CVE-2017-11076
 	RESERVED
-CVE-2017-11075
+CVE-2017-11075 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11074
+CVE-2017-11074 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11073
+CVE-2017-11073 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11072
+CVE-2017-11072 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: HTC component for Android
 CVE-2017-11071
 	RESERVED
 CVE-2017-11070
 	RESERVED
-CVE-2017-11069
+CVE-2017-11069 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11068
 	RESERVED
-CVE-2017-11067
+CVE-2017-11067 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11066
+CVE-2017-11066 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11065
 	RESERVED
-CVE-2017-11064
+CVE-2017-11064 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11063
+CVE-2017-11063 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11062
+CVE-2017-11062 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11061
+CVE-2017-11061 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11060
+CVE-2017-11060 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11059
+CVE-2017-11059 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11058
+CVE-2017-11058 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11057
+CVE-2017-11057 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11056
+CVE-2017-11056 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11055
+CVE-2017-11055 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11054
+CVE-2017-11054 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11053
+CVE-2017-11053 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11052
+CVE-2017-11052 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11051
+CVE-2017-11051 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11050
+CVE-2017-11050 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11049
+CVE-2017-11049 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11048
+CVE-2017-11048 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11047
+CVE-2017-11047 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11046
+CVE-2017-11046 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11045
+CVE-2017-11045 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11044
+CVE-2017-11044 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11043
+CVE-2017-11043 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11042
+CVE-2017-11042 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11041
+CVE-2017-11041 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-11040
+CVE-2017-11040 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-11039
 	RESERVED
-CVE-2017-11038
+CVE-2017-11038 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11037
 	RESERVED
 CVE-2017-11036
 	RESERVED
-CVE-2017-11035
+CVE-2017-11035 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11034
 	RESERVED
-CVE-2017-11033
+CVE-2017-11033 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11032
+CVE-2017-11032 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11031
+CVE-2017-11031 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11030
+CVE-2017-11030 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11029
+CVE-2017-11029 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11028
+CVE-2017-11028 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Android
-CVE-2017-11027
+CVE-2017-11027 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11026
+CVE-2017-11026 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11025
+CVE-2017-11025 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11024
+CVE-2017-11024 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11023
+CVE-2017-11023 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11022
+CVE-2017-11022 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11021
 	RESERVED
 CVE-2017-11020
 	RESERVED
-CVE-2017-11019
+CVE-2017-11019 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11018
+CVE-2017-11018 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11017
+CVE-2017-11017 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11016
+CVE-2017-11016 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11015
+CVE-2017-11015 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11014
+CVE-2017-11014 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11013
+CVE-2017-11013 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11012
+CVE-2017-11012 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11011
+CVE-2017-11011 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11010
+CVE-2017-11010 (In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mo ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-11009
 	RESERVED
 CVE-2017-11008
 	RESERVED
-CVE-2017-11007
+CVE-2017-11007 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11006
+CVE-2017-11006 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm closed-source components for Android
-CVE-2017-11005
+CVE-2017-11005 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm closed-source components for Android
-CVE-2017-11004
+CVE-2017-11004 (A non-secure user may be able to access certain registers in snapdrago ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11003
+CVE-2017-11003 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-11002
+CVE-2017-11002 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-11001
+CVE-2017-11001 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-11000
+CVE-2017-11000 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-10999
+CVE-2017-10999 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-10998
+CVE-2017-10998 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-10997
+CVE-2017-10997 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-10996
+CVE-2017-10996 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-10995
+CVE-2017-10995 (The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allow ...)
 	{DSA-4204-1 DLA-1081-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #867748)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/538
@@ -21730,17 +21730,17 @@ CVE-2017-10995
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1fdc09dc8f9522f07f5f501fe8453765ad82556c
 	NOTE: The second commit is not security sensitive relevant, cf.
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/538#issuecomment-317047977
-CVE-2017-10994
+CVE-2017-10994 (Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrar ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10993
+CVE-2017-10993 (Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to i ...)
 	NOT-FOR-US: Contao
 CVE-2017-10992
 	RESERVED
-CVE-2017-10991
+CVE-2017-10991 (The WP Statistics plugin through 12.0.9 for WordPress has XSS in the r ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2017-10990
 	RESERVED
-CVE-2017-10989
+CVE-2017-10989 (The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3 ...)
 	{DLA-1633-1 DLA-1018-1}
 	- sqlite3 3.19.3-3 (bug #867618)
 	[stretch] - sqlite3 3.16.2-5+deb9u1
@@ -21751,28 +21751,28 @@ CVE-2017-10989
 	NOTE: http://marc.info/?l=sqlite-users&m=149933696214713&w=2
 CVE-2017-10988
 	REJECTED
-CVE-2017-10987
+CVE-2017-10987 (An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buff ...)
 	- freeradius 3.0.15+dfsg-1 (bug #868765)
 	[stretch] - freeradius 3.0.12+dfsg-5+deb9u1
 	[jessie] - freeradius <not-affected> (Only affects 3.x series)
 	[wheezy] - freeradius <not-affected> (Only affects 3.x series)
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-304
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/19a18bf7c8af649c9e9742fb6a046f6aff639866
-CVE-2017-10986
+CVE-2017-10986 (An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infi ...)
 	- freeradius 3.0.15+dfsg-1 (bug #868765)
 	[stretch] - freeradius 3.0.12+dfsg-5+deb9u1
 	[jessie] - freeradius <not-affected> (Only affects 3.x series)
 	[wheezy] - freeradius <not-affected> (Only affects 3.x series)
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-303
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/21e2e95751bfb54c0fb0328392d06671a75c191c
-CVE-2017-10985
+CVE-2017-10985 (An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite lo ...)
 	- freeradius 3.0.15+dfsg-1 (bug #868765)
 	[stretch] - freeradius 3.0.12+dfsg-5+deb9u1
 	[jessie] - freeradius <not-affected> (Only affects 3.x series)
 	[wheezy] - freeradius <not-affected> (Only affects 3.x series)
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-302
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/6726c16549b131ed39f6f8886cdf5d9d922a9a97
-CVE-2017-10984
+CVE-2017-10984 (An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overf ...)
 	- freeradius 3.0.15+dfsg-1 (bug #868765)
 	[stretch] - freeradius 3.0.12+dfsg-5+deb9u1
 	[jessie] - freeradius <not-affected> (Only affects 3.x series)
@@ -21780,13 +21780,13 @@ CVE-2017-10984
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-301
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/931850e5d2f65193520c2d9c9878148c0cdc16a6
 	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/4b059296e14b6ab75dc17163077490528a819806
-CVE-2017-10983
+CVE-2017-10983 (An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0. ...)
 	{DSA-3930-1 DLA-1064-1}
 	- freeradius 3.0.15+dfsg-1 (bug #868765)
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-206
 	NOTE: 2.x: https://github.com/FreeRADIUS/freeradius-server/commit/ec08b30f87066f82073d02fab57e8ffeef81373d
 	NOTE: 3.x: https://github.com/FreeRADIUS/freeradius-server/commit/5759b20af99af6d30924f0efd8da5eac2a17163d
-CVE-2017-10982
+CVE-2017-10982 (An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buff ...)
 	{DLA-1064-1}
 	- freeradius 3.0.12+dfsg-3
 	[jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
@@ -21795,7 +21795,7 @@ CVE-2017-10982
 	NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
 	NOTE: This is not fully technically correct, the issue affects only the 2.x
 	NOTE: series but not 3.x.
-CVE-2017-10981
+CVE-2017-10981 (An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memo ...)
 	{DLA-1064-1}
 	- freeradius 3.0.12+dfsg-3
 	[jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
@@ -21804,7 +21804,7 @@ CVE-2017-10981
 	NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
 	NOTE: This is not fully technically correct, the issue affects only the 2.x
 	NOTE: series but not 3.x.
-CVE-2017-10980
+CVE-2017-10980 (An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memo ...)
 	{DLA-1064-1}
 	- freeradius 3.0.12+dfsg-3
 	[jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
@@ -21813,7 +21813,7 @@ CVE-2017-10980
 	NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
 	NOTE: This is not fully technically correct, the issue affects only the 2.x
 	NOTE: series but not 3.x.
-CVE-2017-10979
+CVE-2017-10979 (An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overf ...)
 	{DLA-1064-1}
 	- freeradius 3.0.12+dfsg-3
 	[jessie] - freeradius 2.2.5+dfsg-0.2+deb8u1
@@ -21822,13 +21822,13 @@ CVE-2017-10979
 	NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
 	NOTE: This is not fully technically correct, the issue affects only the 2.x
 	NOTE: series but not 3.x.
-CVE-2017-10978
+CVE-2017-10978 (An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0. ...)
 	{DSA-3930-1 DLA-1064-1}
 	- freeradius 3.0.15+dfsg-1 (bug #868765)
 	NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-201
 	NOTE: 2.x: https://github.com/FreeRADIUS/freeradius-server/commit/38ee90f2a5a28dc5887a30bdfdc98109c0418e68
 	NOTE: 3.x: https://github.com/FreeRADIUS/freeradius-server/commit/fc8662d7e827f630d515eaa0bddfa94754c8047f
-CVE-2017-1000082
+CVE-2017-1000082 (systemd v233 and earlier fails to safely parse usernames starting with ...)
 	- systemd 234-1 (unimportant)
 	[jessie] - systemd <not-affected> (Vulnerable code introduced in systemd-229)
 	[wheezy] - systemd <not-affected> (Vulnerable code introduced in systemd-229)
@@ -21837,25 +21837,25 @@ CVE-2017-1000082
 	NOTE: http://www.openwall.com/lists/oss-security/2017/07/02/1
 CVE-2017-10977
 	RESERVED
-CVE-2017-10976
+CVE-2017-10976 (When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead t ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: ttftool not shipped in Debian package
-CVE-2017-10975
+CVE-2017-10975 (Cross-site scripting (XSS) vulnerability in Lutim before 0.8 might all ...)
 	NOT-FOR-US: Lutim
-CVE-2017-10974
+CVE-2017-10974 (Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Direc ...)
 	- yaws 1.91-2
 	NOTE: Slightly different, additional CVE assignment which MITRE insists on, but fixed by the
 	NOTE: original patch for CVE-2011-4350
-CVE-2017-10973
+CVE-2017-10973 (In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php  ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-10970
+CVE-2017-10970 (Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 a ...)
 	- cacti 1.1.12+ds1-1 (bug #867532)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later)
 	[jessie] - cacti <not-affected> (Vulnerable code introduced later)
 	[wheezy] - cacti <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Cacti/cacti/issues/838
 	NOTE: https://github.com/Cacti/cacti/commit/3381cba6a9e36b01ed0ab0acfd41b00487966cb5
-CVE-2017-11147
+CVE-2017-11147 (In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler c ...)
 	{DLA-1034-1}
 	- php7.1 7.1.1-1
 	- php7.0 7.0.15-1
@@ -21865,7 +21865,7 @@ CVE-2017-11147
 	NOTE: Fixed in 7.1.1, 7.0.15, 5.6.30
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=e5246580a85f031e1a3b8064edbaa55c1643a451
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
-CVE-2017-11144
+CVE-2017-11144 (In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the o ...)
 	{DSA-4081-1 DSA-4080-1 DLA-1034-1}
 	- php7.1 7.1.8-1
 	- php7.0 7.0.22-1
@@ -21876,7 +21876,7 @@ CVE-2017-11144
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=73cabfedf519298e1a11192699f44d53c529315e
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=91826a311dd37f4c4e5d605fa7af331e80ddd4c3
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
-CVE-2017-11143
+CVE-2017-11143 (In PHP before 5.6.31, an invalid free in the WDDX deserialization of b ...)
 	{DSA-4081-1 DLA-1034-1}
 	- php7.1 <not-affected> (Only affected 5.6)
 	- php7.0 <not-affected> (Only affected 5.6)
@@ -21885,7 +21885,7 @@ CVE-2017-11143
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=2aae60461c2ff7b7fbcdd194c789ac841d0747d7
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=f269cdcd4f76accbecd03884f327cffb9a7f1ca9
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
-CVE-2017-11142
+CVE-2017-11142 (In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remot ...)
 	{DSA-4081-1}
 	- php7.1 7.1.3+-1
 	- php7.0 7.0.17-1
@@ -21896,12 +21896,12 @@ CVE-2017-11142
 	NOTE: https://github.com/php/php-src/commit/a15bffd105ac28fd0dd9b596632dbf035238fda3
 	NOTE: https://github.com/php/php-src/commit/0f8cf3b8497dc45c010c44ed9e96518e11e19fc3
 	NOTE: http://openwall.com/lists/oss-security/2017/07/10/6
-CVE-2017-10972
+CVE-2017-10972 (Uninitialized data in endianness conversion in the XEvent handling of  ...)
 	{DSA-3905-1 DLA-1026-1}
 	- xorg-server 2:1.19.3-2 (bug #867492)
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=05442de962d3dc624f79fc1a00eca3ffc5489ced
 	NOTE: http://www.openwall.com/lists/oss-security/2017/07/06/6
-CVE-2017-10971
+CVE-2017-10971 (In the X.Org X server before 2017-06-19, a user authenticated to an X  ...)
 	{DSA-3905-1 DLA-1026-1}
 	- xorg-server 2:1.19.3-2 (bug #867492)
 	NOTE: https://cgit.freedesktop.org/xorg/xserver/commit/?id=ba336b24052122b136486961c82deac76bbde455
@@ -21910,18 +21910,18 @@ CVE-2017-10971
 	NOTE: http://www.openwall.com/lists/oss-security/2017/07/06/6
 CVE-2017-10969
 	RESERVED
-CVE-2017-10968
+CVE-2017-10968 (In FineCMS through 2017-07-07, application\core\controller\template.ph ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-10967
+CVE-2017-10967 (In FineCMS before 2017-07-06, application\core\controller\config.php a ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-10966
+CVE-2017-10966 (An issue was discovered in Irssi before 1.0.4. While updating the inte ...)
 	{DLA-1089-1}
 	- irssi 1.0.4-1 (low; bug #867598)
 	[stretch] - irssi 1.0.2-1+deb9u2
 	[jessie] - irssi 0.8.17-1+deb8u5
 	NOTE: https://irssi.org/security/irssi_sa_2017_07.txt
 	NOTE: https://github.com/irssi/irssi/commit/5e26325317c72a04c1610ad952974e206384d291
-CVE-2017-10965
+CVE-2017-10965 (An issue was discovered in Irssi before 1.0.4. When receiving messages ...)
 	{DLA-1089-1}
 	- irssi 1.0.4-1 (low; bug #867598)
 	[stretch] - irssi 1.0.2-1+deb9u2
@@ -21930,145 +21930,145 @@ CVE-2017-10965
 	NOTE: https://github.com/irssi/irssi/commit/5e26325317c72a04c1610ad952974e206384d291
 CVE-2017-10964
 	RESERVED
-CVE-2017-10963
+CVE-2017-10963 (In Knox SDS IAM (Identity Access Management) and EMM (Enterprise Mobil ...)
 	NOT-FOR-US: Samsung
-CVE-2017-10962
+CVE-2017-10962 (REDCap before 7.5.1 has XSS via the query string. ...)
 	NOT-FOR-US: REDCap
-CVE-2017-10961
+CVE-2017-10961 (REDCap before 7.5.1 has CSRF in the deletion feature of the File Repos ...)
 	NOT-FOR-US: REDCap
 CVE-2017-10960
 	RESERVED
-CVE-2017-10959
+CVE-2017-10959 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10958
+CVE-2017-10958 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10957
+CVE-2017-10957 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10956
+CVE-2017-10956 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10955
+CVE-2017-10955 (** DISPUTED ** This vulnerability allows remote attackers to execute a ...)
 	NOT-FOR-US: EMC
-CVE-2017-10954
+CVE-2017-10954 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Bitdefender Internet Security Internet Security 2018
-CVE-2017-10953
+CVE-2017-10953 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10952
+CVE-2017-10952 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10951
+CVE-2017-10951 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10950
+CVE-2017-10950 (This vulnerability allows local attackers to execute arbitrary code on ...)
 	NOT-FOR-US: Bitdefender Total Security
-CVE-2017-10949
+CVE-2017-10949 (Directory Traversal in Dell Storage Manager 2016 R2.1 causes Informati ...)
 	NOT-FOR-US: Dell Storage Manager
-CVE-2017-10948
+CVE-2017-10948 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10947
+CVE-2017-10947 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10946
+CVE-2017-10946 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10945
+CVE-2017-10945 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10944
+CVE-2017-10944 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10943
+CVE-2017-10943 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10942
+CVE-2017-10942 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10941
+CVE-2017-10941 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-10940
+CVE-2017-10940 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Joyent
 CVE-2017-10939
 	REJECTED
 CVE-2017-10938
 	REJECTED
-CVE-2017-10937
+CVE-2017-10937 (SQL injection vulnerability in all versions prior to V2.01.05.09 of th ...)
 	NOT-FOR-US: ZTE
-CVE-2017-10936
+CVE-2017-10936 (SQL injection vulnerability in all versions prior to V4.01.01 of the Z ...)
 	NOT-FOR-US: ZTE ZXCDN-SNS
-CVE-2017-10935
+CVE-2017-10935 (All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products ...)
 	NOT-FOR-US: ZTE ZXR10 1800-2S products
-CVE-2017-10934
+CVE-2017-10934 (All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use  ...)
 	NOT-FOR-US: ZTE ZXIPTV-EPG product
-CVE-2017-10933
+CVE-2017-10933 (All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring sy ...)
 	NOT-FOR-US: ZTE ZXDT22 SF01
-CVE-2017-10932
+CVE-2017-10932 (All versions prior to V12.17.20 of the ZTE Microwave NR8000 series pro ...)
 	NOT-FOR-US: ZTE Microwave
-CVE-2017-10931
+CVE-2017-10931 (The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download o ...)
 	NOT-FOR-US: ZXR10 1800-2S
-CVE-2017-10930
+CVE-2017-10930 (The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a re ...)
 	NOT-FOR-US: ZXR10 1800-2S
-CVE-2017-10929
+CVE-2017-10929 (The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 al ...)
 	{DLA-1016-1}
 	- radare2 1.6.0+dfsg-1 (low; bug #867369)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/issues/7855
 	NOTE: https://github.com/radare/radare2/commit/c57997e76ec70862174a1b3b3aeb62a6f8570e85
-CVE-2017-10928
+CVE-2017-10928 (In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextTo ...)
 	{DSA-3914-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #867367)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/539
 CVE-2017-10927
 	RESERVED
-CVE-2017-10926
+CVE-2017-10926 (IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to c ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-10925
+CVE-2017-10925 (IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to c ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-10924
+CVE-2017-10924 (IrfanView 4.44 (32bit) with FPX Plugin 4.47 allows attackers to execut ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-10910
+CVE-2017-10910 (MQTT.js 2.x.x prior to 2.15.0 issue in handling PUBLISH tickets may le ...)
 	- node-mqtt <itp> (bug #816028)
-CVE-2017-10909
+CVE-2017-10909 (Untrusted search path vulnerability in Music Center for PC version 1.0 ...)
 	NOT-FOR-US: Music Center for PC
-CVE-2017-10908
+CVE-2017-10908 (H2O version 2.2.3 and earlier allows remote attackers to cause a denia ...)
 	- h2o 2.2.4+dfsg-1 (medium)
 	NOTE: https://github.com/h2o/h2o/issues/1544
-CVE-2017-10907
+CVE-2017-10907 (Directory traversal vulnerability in OneThird CMS Show Off v1.85 and e ...)
 	NOT-FOR-US: OneThird CMS Show Off
-CVE-2017-10906
+CVE-2017-10906 (Escape sequence injection vulnerability in Fluentd versions 0.12.29 th ...)
 	NOT-FOR-US: Fluentd
-CVE-2017-10905
+CVE-2017-10905 (A vulnerability in applications created using Qt for Android prior to  ...)
 	NOT-FOR-US: Qt for Android
-CVE-2017-10904
+CVE-2017-10904 (Qt for Android prior to 5.9.0 allows remote attackers to execute arbit ...)
 	NOT-FOR-US: Qt for Android
-CVE-2017-10903
+CVE-2017-10903 (Improper authentication issue in PTW-WMS1 firmware version 2.000.012 a ...)
 	NOT-FOR-US: PTW-WMS1 firmware
-CVE-2017-10902
+CVE-2017-10902 (PTW-WMS1 firmware version 2.000.012 allows remote attackers to execute ...)
 	NOT-FOR-US: PTW-WMS1 firmware
-CVE-2017-10901
+CVE-2017-10901 (Buffer overflow in PTW-WMS1 firmware version 2.000.012 allows remote a ...)
 	NOT-FOR-US: PTW-WMS1 firmware
-CVE-2017-10900
+CVE-2017-10900 (PTW-WMS1 firmware version 2.000.012 allows remote attackers to bypass  ...)
 	NOT-FOR-US: PTW-WMS1 firmware
-CVE-2017-10899
+CVE-2017-10899 (SQL injection vulnerability in the A-Reserve and A-Reserve for MT clou ...)
 	NOT-FOR-US: A-Reserve
-CVE-2017-10898
+CVE-2017-10898 (SQL injection vulnerability in the A-Member and A-Member for MT cloud  ...)
 	NOT-FOR-US: A-Member
-CVE-2017-10897
+CVE-2017-10897 (Input validation issue in Buffalo BBR-4HG and and BBR-4MG broadband ro ...)
 	NOT-FOR-US: Buffalo BBR-4HG and and BBR-4MG broadband routers
-CVE-2017-10896
+CVE-2017-10896 (Cross-site scripting vulnerability in Buffalo BBR-4HG and and BBR-4MG  ...)
 	NOT-FOR-US: Buffalo BBR-4HG and and BBR-4MG broadband routers
-CVE-2017-10895
+CVE-2017-10895 (sDNSProxy.exe ver1.1.0.0 and earlier allows remote attackers to cause  ...)
 	NOT-FOR-US: sDNSProxy
-CVE-2017-10894
+CVE-2017-10894 (StreamRelay.NET.exe ver2.14.0.7 and earlier allows remote attackers to ...)
 	NOT-FOR-US: StreamRelay.NET
-CVE-2017-10893
+CVE-2017-10893 (Untrusted search path vulnerability in The Public Certification Servic ...)
 	NOT-FOR-US: The Public Certification Service for Individuals
-CVE-2017-10892
+CVE-2017-10892 (Untrusted search path vulnerability in Music Center for PC version 1.0 ...)
 	NOT-FOR-US: Music Center for PC
-CVE-2017-10891
+CVE-2017-10891 (Untrusted search path vulnerability in Media Go version 3.2.0.191 and  ...)
 	NOT-FOR-US: Media Go
-CVE-2017-10890
+CVE-2017-10890 (Session management issue in RX-V200 firmware versions prior to 09.87.1 ...)
 	NOT-FOR-US: RX-V200 firmware
-CVE-2017-10889
+CVE-2017-10889 (TablePress prior to version 1.8.1 allows an attacker to conduct XML Ex ...)
 	NOT-FOR-US: TablePress
-CVE-2017-10888
+CVE-2017-10888 (BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver ...)
 	NOT-FOR-US: BOOK WALKER
-CVE-2017-10887
+CVE-2017-10887 (Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2 ...)
 	NOT-FOR-US: BOOK WALKER
-CVE-2017-10886
+CVE-2017-10886 (Cross-site scripting vulnerability in CS-Cart Japanese Edition v4.3.10 ...)
 	NOT-FOR-US: CS-Cart
-CVE-2017-10885
+CVE-2017-10885 (Untrusted search path vulnerability in HYPER SBI Ver. 2.2 and earlier  ...)
 	NOT-FOR-US: HYPER SBI
 CVE-2017-10884
 	RESERVED
@@ -22088,140 +22088,140 @@ CVE-2017-10877
 	RESERVED
 CVE-2017-10876
 	RESERVED
-CVE-2017-10875
+CVE-2017-10875 (I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an attacke ...)
 	NOT-FOR-US: I-O DATA DEVICE LAN DISK Connect
-CVE-2017-10874
+CVE-2017-10874 (PWR-Q200 does not use random values for source ports of DNS query pack ...)
 	NOT-FOR-US: PWR-Q200
-CVE-2017-10873
+CVE-2017-10873 (OpenAM (Open Source Edition) allows an attacker to bypass authenticati ...)
 	NOT-FOR-US: OpenAM
-CVE-2017-10872
+CVE-2017-10872 (H2O version 2.2.3 and earlier allows remote attackers to cause a denia ...)
 	- h2o 2.2.4+dfsg-1 (medium)
 	NOTE: https://github.com/h2o/h2o/issues/1543
-CVE-2017-10871
+CVE-2017-10871 (Buffer overflow in NTT DOCOMO Wi-Fi STATION L-02F Software version L02 ...)
 	NOT-FOR-US: NTT DOCOMO Wi-Fi STATION L-02F Software
-CVE-2017-10870
+CVE-2017-10870 (Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 20 ...)
 	NOT-FOR-US: Rakuraku Hagaki
-CVE-2017-10869
+CVE-2017-10869 (Buffer overflow in H2O version 2.2.2 and earlier allows remote attacke ...)
 	- h2o 2.2.3+dfsg-1 (medium)
 	NOTE: https://github.com/h2o/h2o/issues/1460
-CVE-2017-10868
+CVE-2017-10868 (H2O version 2.2.2 and earlier allows remote attackers to cause a denia ...)
 	- h2o 2.2.3+dfsg-1 (medium)
 	NOTE: https://github.com/h2o/h2o/issues/1459
 CVE-2017-10867
 	RESERVED
 CVE-2017-10866
 	RESERVED
-CVE-2017-10865
+CVE-2017-10865 (Untrusted search path vulnerability in HIBUN Confidential File Decrypt ...)
 	NOT-FOR-US: HIBUN Confidential File Decryption
-CVE-2017-10864
+CVE-2017-10864 (Untrusted search path vulnerability in Installer of HIBUN Confidential ...)
 	NOT-FOR-US: HIBUN Confidential File Decryption
-CVE-2017-10863
+CVE-2017-10863 (Untrusted search path vulnerability in HIBUN Confidential File Decrypt ...)
 	NOT-FOR-US: HIBUN Confidential File Decryption
-CVE-2017-10862
+CVE-2017-10862 (jwt-scala 1.2.2 and earlier fails to verify token signatures correctly ...)
 	NOT-FOR-US: jwt-scala
-CVE-2017-10861
+CVE-2017-10861 (Directory traversal vulnerability in QND Advance/Standard allows an at ...)
 	NOT-FOR-US: QND Advance/Standard
-CVE-2017-10860
+CVE-2017-10860 (Untrusted search path vulnerability in "i-filter 6.0 installer" timest ...)
 	NOT-FOR-US: i-filter 6.0 installer
-CVE-2017-10859
+CVE-2017-10859 (Untrusted search path vulnerability in "i-filter 6.0 installer" timest ...)
 	NOT-FOR-US: i-filter 6.0 installer
-CVE-2017-10858
+CVE-2017-10858 (Untrusted search path vulnerability in "i-filter 6.0 install program"  ...)
 	NOT-FOR-US: i-filter 6.0 install program
-CVE-2017-10857
+CVE-2017-10857 (Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypas ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-10856
+CVE-2017-10856 (SEIL/X 4.60 to 5.72, SEIL/B1 4.60 to 5.72, SEIL/x86 3.20 to 5.72, SEIL ...)
 	NOT-FOR-US: SEIL
-CVE-2017-10855
+CVE-2017-10855 (Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4 ...)
 	NOT-FOR-US: FENCE-Explorer for Windows
-CVE-2017-10854
+CVE-2017-10854 (Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypa ...)
 	NOT-FOR-US: Corega CG-WGR1200 firmware
-CVE-2017-10853
+CVE-2017-10853 (Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows  ...)
 	NOT-FOR-US: Corega CG-WGR1200 firmware
-CVE-2017-10852
+CVE-2017-10852 (Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows  ...)
 	NOT-FOR-US: Corega CG-WGR1200 firmware
-CVE-2017-10851
+CVE-2017-10851 (Untrusted search path vulnerability in Installer for ContentsBridge Ut ...)
 	NOT-FOR-US: Installer for ContentsBridge Utility for Windows
-CVE-2017-10850
+CVE-2017-10850 (Untrusted search path vulnerability in Installers of ART EX Driver for ...)
 	NOT-FOR-US: Various installer for Drivers for ApeosPort-VI and DocuCentre-VI products
-CVE-2017-10849
+CVE-2017-10849 (Untrusted search path vulnerability in Self-extracting document genera ...)
 	NOT-FOR-US: DocuWorks
-CVE-2017-10848
+CVE-2017-10848 (Untrusted search path vulnerability in Installers for DocuWorks 8.0.7  ...)
 	NOT-FOR-US: Installers for DocuWorks
 CVE-2017-10847
 	RESERVED
-CVE-2017-10846
+CVE-2017-10846 (Wi-Fi STATION L-02F Software version V10b and earlier allows remote at ...)
 	NOT-FOR-US: Wi-Fi STATION L-02F Software
-CVE-2017-10845
+CVE-2017-10845 (Wi-Fi STATION L-02F Software version V10g and earlier allows remote at ...)
 	NOT-FOR-US: Wi-Fi STATION L-02F Software
-CVE-2017-10844
+CVE-2017-10844 (baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows an attacker to e ...)
 	NOT-FOR-US: baserCMS
-CVE-2017-10843
+CVE-2017-10843 (baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote a ...)
 	NOT-FOR-US: baserCMS
-CVE-2017-10842
+CVE-2017-10842 (SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5  ...)
 	NOT-FOR-US: baserCMS
-CVE-2017-10841
+CVE-2017-10841 (Directory traversal vulnerability in WebCalendar 1.2.7 and earlier all ...)
 	- webcalendar <removed>
-CVE-2017-10840
+CVE-2017-10840 (Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier al ...)
 	- webcalendar <removed>
-CVE-2017-10839
+CVE-2017-10839 (SQL injection vulnerability in the SEO Panel prior to version 3.11.0 a ...)
 	NOT-FOR-US: SEO Panel
-CVE-2017-10838
+CVE-2017-10838 (Cross-site scripting vulnerability in SEO Panel prior to version 3.11. ...)
 	NOT-FOR-US: SEO Panel
-CVE-2017-10837
+CVE-2017-10837 (Cross-site scripting vulnerability in BackupGuard prior to version 1.1 ...)
 	NOT-FOR-US: BackupGuard
-CVE-2017-10836
+CVE-2017-10836 (Untrusted search path vulnerability in Optimal Guard 1.1.21 and earlie ...)
 	NOT-FOR-US: Optimal Guard
-CVE-2017-10835
+CVE-2017-10835 ("Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows ...)
 	NOT-FOR-US: "Dokodemo eye Smart HD" SCR02HD Firmware
-CVE-2017-10834
+CVE-2017-10834 (Directory traversal vulnerability in "Dokodemo eye Smart HD" SCR02HD F ...)
 	NOT-FOR-US: "Dokodemo eye Smart HD" SCR02HD Firmware
-CVE-2017-10833
+CVE-2017-10833 ("Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows ...)
 	NOT-FOR-US: "Dokodemo eye Smart HD" SCR02HD Firmware
-CVE-2017-10832
+CVE-2017-10832 ("Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows ...)
 	NOT-FOR-US: "Dokodemo eye Smart HD" SCR02HD Firmware
-CVE-2017-10831
+CVE-2017-10831 (Untrusted search path vulnerability in The electronic authentication s ...)
 	NOT-FOR-US: The CRCA user's Software system
-CVE-2017-10830
+CVE-2017-10830 (Untrusted search path vulnerability in Security Setup Tool all version ...)
 	NOT-FOR-US: Security Setup Tool
-CVE-2017-10829
+CVE-2017-10829 (Untrusted search path vulnerability in Remote Support Tool (Enkaku Sup ...)
 	NOT-FOR-US: Remote Support Tool (Enkaku Support Tool)
-CVE-2017-10828
+CVE-2017-10828 (Untrusted search path vulnerability in Flets Install Tool all versions ...)
 	NOT-FOR-US: Flets Install Tool
-CVE-2017-10827
+CVE-2017-10827 (Untrusted search path vulnerability in Flets Azukeru for Windows Auto  ...)
 	NOT-FOR-US: Flets Azukeru for Windows Auto Backup Tool
-CVE-2017-10826
+CVE-2017-10826 (Untrusted search path vulnerability in Security Kinou Mihariban v1.0.2 ...)
 	NOT-FOR-US: Security Kinou Mihariban
-CVE-2017-10825
+CVE-2017-10825 (Untrusted search path vulnerability in Installer of Flets Easy Setup T ...)
 	NOT-FOR-US: Installer of Flets Easy Setup Tool
-CVE-2017-10824
+CVE-2017-10824 (Untrusted search path vulnerability in TDB CA TypeA use software Versi ...)
 	NOT-FOR-US: TDB CA TypeA use software
-CVE-2017-10823
+CVE-2017-10823 (Untrusted search path vulnerability in Installer for Shin Kinkyuji Hou ...)
 	NOT-FOR-US: Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program
-CVE-2017-10822
+CVE-2017-10822 (Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu ...)
 	NOT-FOR-US: Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program
-CVE-2017-10821
+CVE-2017-10821 (Untrusted search path vulnerability in Installer for Shin Kikan Toukei ...)
 	NOT-FOR-US: Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program
-CVE-2017-10820
+CVE-2017-10820 (Untrusted search path vulnerability in Installer of IP Messenger for W ...)
 	NOT-FOR-US: Installer of IP Messenger for Win
-CVE-2017-10819
+CVE-2017-10819 (MaLion for Mac 4.3.0 to 5.2.1 does not properly validate certificates, ...)
 	NOT-FOR-US: MaLion
-CVE-2017-10818
+CVE-2017-10818 (MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cr ...)
 	NOT-FOR-US: MaLion
-CVE-2017-10817
+CVE-2017-10817 (MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote attackers to b ...)
 	NOT-FOR-US: MaLion
-CVE-2017-10816
+CVE-2017-10816 (SQL injection vulnerability in the MaLion for Windows and Mac 5.0.0 to ...)
 	NOT-FOR-US: MaLion
-CVE-2017-10815
+CVE-2017-10815 (MaLion for Windows 5.2.1 and earlier (only when "Remote Control" is in ...)
 	NOT-FOR-US: MaLion
-CVE-2017-10814
+CVE-2017-10814 (Buffer overflow in CG-WLR300NM Firmware version 1.90 and earlier allow ...)
 	NOT-FOR-US: CG-WLR300NM Firmware
-CVE-2017-10813
+CVE-2017-10813 (CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to ex ...)
 	NOT-FOR-US: CG-WLR300NM Firmware
-CVE-2017-10812
+CVE-2017-10812 (Untrusted search path vulnerability in Photo Collection PC Software Ve ...)
 	NOT-FOR-US: Photo Collection PC Software
-CVE-2017-10811
+CVE-2017-10811 (Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an att ...)
 	NOT-FOR-US: Buffalo WCR-1166DS devices
-CVE-2017-10810
+CVE-2017-10810 (Memory leak in the virtio_gpu_object_create function in drivers/gpu/dr ...)
 	{DSA-3927-1}
 	- linux 4.11.11-1 (low)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -22231,29 +22231,29 @@ CVE-2017-10809
 	RESERVED
 CVE-2017-10808
 	RESERVED
-CVE-2017-10806
+CVE-2017-10806 (Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Em ...)
 	{DSA-3925-1 DLA-1497-1}
 	- qemu 1:2.8+dfsg-7 (bug #867751)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-05/msg03087.html
-CVE-2017-10807
+CVE-2017-10807 (JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate  ...)
 	{DSA-3902-1}
 	- jabberd2 2.6.1-1 (bug #867032)
 	NOTE: Fixed by: https://github.com/jabberd2/jabberd2/commit/8416ae54ecefa670534f27a31db71d048b9c7f16
 	NOTE: https://github.com/jabberd2/jabberd2/releases/tag/jabberd-2.6.1
-CVE-2017-10805
+CVE-2017-10805 (In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise  ...)
 	NOT-FOR-US: Odoo
-CVE-2017-10804
+CVE-2017-10804 (In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise  ...)
 	NOT-FOR-US: Odoo
-CVE-2017-10803
+CVE-2017-10803 (In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise  ...)
 	NOT-FOR-US: Odoo
 CVE-2017-10802
 	RESERVED
-CVE-2017-10801
+CVE-2017-10801 (phpSocial (formerly phpDolphin) before 3.0.1 has XSS in the PATH_INFO  ...)
 	NOT-FOR-US: phpSocial
-CVE-2017-10800
+CVE-2017-10800 (When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, i ...)
 	{DSA-4321-1}
 	- graphicsmagick 1.3.26-1 (bug #867060)
 	[jessie] - graphicsmagick <no-dsa> (Minor issue)
@@ -22263,43 +22263,43 @@ CVE-2017-10800
 	NOTE: changes, and Bob Friesenhahn commented that it's not complete. All
 	NOTE: the rlated changesets to mat.c since the one referenced should be
 	NOTE: picked up.
-CVE-2017-10799
+CVE-2017-10799 (When GraphicsMagick 1.3.25 processes a DPX image (with metadata indica ...)
 	{DSA-4321-1 DLA-1045-1}
 	- graphicsmagick 1.3.26-1 (bug #867077)
 	[jessie] - graphicsmagick <no-dsa> (Minor issue)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/f10b9bb3ca62
-CVE-2017-10798
+CVE-2017-10798 (In ObjectPlanet Opinio before 7.6.4, there is XSS. ...)
 	NOT-FOR-US: ObjectPlanet Opinio
 CVE-2017-10797
 	RESERVED
-CVE-2017-10796
+CVE-2017-10796 (On TP-Link NC250 devices with firmware through 1.2.1 build 170515, any ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-10795
+CVE-2017-10795 (Cross-site scripting (XSS) vulnerability in Subrion CMS 4.1.4 allows r ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2017-10794
+CVE-2017-10794 (When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadat ...)
 	{DSA-4321-1}
 	- graphicsmagick 1.3.26-1 (bug #867085)
 	[jessie] - graphicsmagick <not-affected> (vulnerable code not present)
 	[wheezy] - graphicsmagick <not-affected> (vulnerable code not present)
 	NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/a20bee0a0ad2
-CVE-2017-10793
+CVE-2017-10793 (The AT&amp;T U-verse 9.2.2h0d83 firmware for the Arris NVG589, NVG599, ...)
 	NOT-FOR-US: Arris
-CVE-2017-10792
+CVE-2017-10792 (There is a NULL Pointer Dereference in the function ll_insert() of the ...)
 	- pspp 1.0.0-1 (unimportant; bug #866890)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1467005
 	NOTE: No security impact, crash in CLI tool
-CVE-2017-10791
+CVE-2017-10791 (There is an Integer overflow in the hash_int function of the libpspp l ...)
 	- pspp 1.0.0-1 (unimportant; bug #866890)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1467004
 	NOTE: No security impact as built in Debian
-CVE-2017-10790
+CVE-2017-10790 (The _asn1_check_identifier function in GNU Libtasn1 through 4.12 cause ...)
 	{DSA-4106-1 DLA-1038-1}
 	- libtasn1-6 4.12-2.1 (bug #867398)
 	[jessie] - libtasn1-6 <no-dsa> (Minor issue)
 	- libtasn1-3 <removed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464141
 	NOTE: Fixed by: https://gitlab.com/gnutls/libtasn1/commit/d8d805e1f2e6799bb2dff4871a8598dc83088a39
-CVE-2017-10789
+CVE-2017-10789 (The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=1 sett ...)
 	{DLA-1079-1}
 	- libdbd-mysql-perl 4.046-1 (bug #866821)
 	[stretch] - libdbd-mysql-perl <no-dsa> (Minor issue, can be fixed via point release)
@@ -22309,7 +22309,7 @@ CVE-2017-10789
 	NOTE: Upstream 4.042 fixed this issue, but was reverted upstream in 4.043:
 	NOTE: https://www.nntp.perl.org/group/perl.dbi.dev/2017/08/msg8037.html
 	NOTE: No upstream-blessed patch available.
-CVE-2017-10788
+CVE-2017-10788 (The DBD::mysql module through 4.043 for Perl allows remote attackers t ...)
 	{DLA-1079-1}
 	- libdbd-mysql-perl 4.046-1 (bug #866818)
 	[stretch] - libdbd-mysql-perl <no-dsa> (Minor issue, can be fixed via point release)
@@ -22323,7 +22323,7 @@ CVE-2017-10786
 	RESERVED
 CVE-2017-10785
 	RESERVED
-CVE-2017-10784
+CVE-2017-10784 (The Basic authentication code in WEBrick library in Ruby before 2.2.8, ...)
 	{DSA-4031-1 DLA-1421-1 DLA-1114-1 DLA-1113-1}
 	- ruby2.3 2.3.5-1 (bug #875931)
 	- ruby2.1 <removed>
@@ -22332,123 +22332,123 @@ CVE-2017-10784
 	NOTE: https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/
 	NOTE: https://github.com/ruby/ruby/commit/6617c41292b7d1e097abb8fdb0cab9ddd83c77e7
 	NOTE: https://hackerone.com/reports/223363
-CVE-2017-10783
+CVE-2017-10783 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10782
+CVE-2017-10782 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10781
+CVE-2017-10781 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10780
+CVE-2017-10780 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10779
+CVE-2017-10779 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10778
+CVE-2017-10778 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10777
+CVE-2017-10777 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10776
+CVE-2017-10776 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10775
+CVE-2017-10775 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10774
+CVE-2017-10774 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10773
+CVE-2017-10773 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10772
+CVE-2017-10772 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10771
+CVE-2017-10771 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10770
+CVE-2017-10770 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10769
+CVE-2017-10769 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10768
+CVE-2017-10768 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10767
+CVE-2017-10767 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10766
+CVE-2017-10766 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10765
+CVE-2017-10765 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10764
+CVE-2017-10764 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10763
+CVE-2017-10763 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10762
+CVE-2017-10762 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10761
+CVE-2017-10761 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10760
+CVE-2017-10760 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10759
+CVE-2017-10759 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10758
+CVE-2017-10758 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10757
+CVE-2017-10757 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10756
+CVE-2017-10756 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10755
+CVE-2017-10755 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10754
+CVE-2017-10754 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10753
+CVE-2017-10753 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10752
+CVE-2017-10752 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10751
+CVE-2017-10751 (XnView Classic for Windows Version 2.40 might allow attackers to cause ...)
 	NOT-FOR-US: XnView
-CVE-2017-10750
+CVE-2017-10750 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10749
+CVE-2017-10749 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10748
+CVE-2017-10748 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10747
+CVE-2017-10747 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10746
+CVE-2017-10746 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10745
+CVE-2017-10745 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10744
+CVE-2017-10744 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10743
+CVE-2017-10743 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10742
+CVE-2017-10742 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10741
+CVE-2017-10741 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10740
+CVE-2017-10740 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10739
+CVE-2017-10739 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10738
+CVE-2017-10738 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10737
+CVE-2017-10737 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10736
+CVE-2017-10736 (XnView Classic for Windows Version 2.40 allows attackers to execute ar ...)
 	NOT-FOR-US: XnView
-CVE-2017-10735
+CVE-2017-10735 (IrfanView version 4.44 (32bit) might allow attackers to cause a denial ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-10734
+CVE-2017-10734 (IrfanView version 4.44 (32bit) might allow attackers to cause a denial ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-10733
+CVE-2017-10733 (IrfanView version 4.44 (32bit) might allow attackers to cause a denial ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-10732
+CVE-2017-10732 (IrfanView version 4.44 (32bit) might allow attackers to cause a denial ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-10731
+CVE-2017-10731 (IrfanView version 4.44 (32bit) allows attackers to execute arbitrary c ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-10730
+CVE-2017-10730 (IrfanView version 4.44 (32bit) allows attackers to execute arbitrary c ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-10729
+CVE-2017-10729 (IrfanView version 4.44 (32bit) allows attackers to execute arbitrary c ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-10728
+CVE-2017-10728 (Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrar ...)
 	NOT-FOR-US: Winamp
-CVE-2017-10727
+CVE-2017-10727 (Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrar ...)
 	NOT-FOR-US: Winamp
-CVE-2017-10726
+CVE-2017-10726 (Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrar ...)
 	NOT-FOR-US: Winamp
-CVE-2017-10725
+CVE-2017-10725 (Winamp 5.666 Build 3516(x86) allows attackers to execute arbitrary cod ...)
 	NOT-FOR-US: Winamp
 CVE-2017-10724
 	RESERVED
@@ -22476,18 +22476,18 @@ CVE-2017-10713
 	RESERVED
 CVE-2017-10712
 	RESERVED
-CVE-2017-10711
+CVE-2017-10711 (In SimpleRisk 20170614-001, a CSRF attack on reset.php (aka the Send P ...)
 	NOT-FOR-US: SimpleRisk
 CVE-2017-10710
 	RESERVED
-CVE-2017-10709
+CVE-2017-10709 (The lockscreen on Elephone P9000 devices (running Android 6.0) allows  ...)
 	NOT-FOR-US: Elephone P9000 devices
-CVE-2017-10708
+CVE-2017-10708 (An issue was discovered in Apport through 2.20.x. In apport/report.py, ...)
 	[experimental] - apport 2.20.4-2 (bug #868831)
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 CVE-2017-10707
 	RESERVED
-CVE-2017-10706
+CVE-2017-10706 (When Antiy Antivirus Engine before 5.0.0.05171547 scans a special ZIP  ...)
 	NOT-FOR-US: When Antiy Antivirus Engine
 CVE-2017-10705
 	RESERVED
@@ -22497,11 +22497,11 @@ CVE-2017-10703
 	RESERVED
 CVE-2017-10702
 	RESERVED
-CVE-2017-10701
+CVE-2017-10701 (Cross site scripting (XSS) vulnerability in SAP Enterprise Portal 7.50 ...)
 	NOT-FOR-US: SAP Enterprise Portal
-CVE-2017-10700
+CVE-2017-10700 (In the medialibrary component in QNAP NAS 4.3.3.0229, an un-authentica ...)
 	NOT-FOR-US: QNAP
-CVE-2017-10699
+CVE-2017-10699 (avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 201 ...)
 	{DSA-4045-1}
 	- vlc 2.2.6-3
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
@@ -22524,12 +22524,12 @@ CVE-2017-10692
 	RESERVED
 CVE-2017-10691
 	RESERVED
-CVE-2017-10690
+CVE-2017-10690 (In previous versions of Puppet Agent it was possible for the agent to  ...)
 	- puppet <not-affected> (Only affects Puppet 5, only in experimental)
 	NOTE: https://puppet.com/security/cve/CVE-2017-10690
 	NOTE: https://tickets.puppetlabs.com/browse/PUP-8225
 	NOTE: Fixed by: https://github.com/puppetlabs/puppet/commit/bd87bef2c3862d333f4c1f2b148b147d449a375b
-CVE-2017-10689
+CVE-2017-10689 (In previous versions of Puppet Agent it was possible to install a modu ...)
 	- puppet 5.4.0-1 (bug #890412)
 	[stretch] - puppet <no-dsa> (Minor issue)
 	[jessie] - puppet <no-dsa> (Minor issue)
@@ -22538,36 +22538,36 @@ CVE-2017-10689
 	NOTE: https://tickets.puppetlabs.com/browse/PUP-7866
 	NOTE: https://github.com/puppetlabs/puppet/commit/17d9e02da3882e44c1876e2805cf9708481715ee
 	NOTE: https://github.com/puppetlabs/puppet/commit/983154f7e29a2a50d416d889a6fed012b9b12399
-CVE-2017-10688
+CVE-2017-10688 (In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectory ...)
 	{DSA-3903-1 DLA-1022-1}
 	- tiff 4.0.8-3 (bug #866611)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (vulnerable code not present)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2712
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/6173a57d39e04d68b139f8c1aa499a24dbe74ba1
-CVE-2017-10687
+CVE-2017-10687 (In LibSass 3.4.5, there is a heap-based buffer over-read in the functi ...)
 	- libsass <unfixed> (low; bug #866672)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1466411
-CVE-2017-10686
+CVE-2017-10686 (In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after ...)
 	{DLA-1041-1}
 	- nasm 2.13.02-0.1 (bug #867988)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392414
-CVE-2017-10685
+CVE-2017-10685 (In ncurses 6.0, there is a format string vulnerability in the fmt_entr ...)
 	- ncurses 6.0+20170701-1
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464692
-CVE-2017-10684
+CVE-2017-10684 (In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entr ...)
 	- ncurses 6.0+20170708-1
 	[stretch] - ncurses 6.0+20161126-1+deb9u1
 	[jessie] - ncurses 5.9+20140913-1+deb8u1
 	[wheezy] - ncurses <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464687
-CVE-2017-10683
+CVE-2017-10683 (In mpg123 1.25.0, there is a heap-based buffer over-read in the conver ...)
 	{DLA-1017-1}
 	- mpg123 1.25.1-1 (bug #866860)
 	[stretch] - mpg123 <no-dsa> (Minor issue)
@@ -22575,46 +22575,46 @@ CVE-2017-10683
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465819
 	NOTE: Duplicate of https://sourceforge.net/p/mpg123/bugs/252/
 	NOTE: Patch: http://scm.orgis.org/view/mpg123/trunk/src/libmpg123/id3.c?sortby=date&r1=4249&r2=4248&pathrev=4249
-CVE-2017-10682
+CVE-2017-10682 (SQL injection vulnerability in the administrative backend in Piwigo th ...)
 	- piwigo <removed>
-CVE-2017-10681
+CVE-2017-10681 (Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9. ...)
 	- piwigo <removed>
-CVE-2017-10680
+CVE-2017-10680 (Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9. ...)
 	- piwigo <removed>
-CVE-2017-10679
+CVE-2017-10679 (Piwigo through 2.9.1 allows remote attackers to obtain sensitive infor ...)
 	- piwigo <removed>
-CVE-2017-10678
+CVE-2017-10678 (Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9. ...)
 	- piwigo <removed>
-CVE-2017-10677
+CVE-2017-10677 (Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices wit ...)
 	NOT-FOR-US: Linksys EA4500 devices
-CVE-2017-10676
+CVE-2017-10676 (On D-Link DIR-600M devices before C1_v3.05ENB01_beta_20170306, XSS was ...)
 	NOT-FOR-US: D-Link
 CVE-2017-10675
 	RESERVED
-CVE-2017-10674
+CVE-2017-10674 (Antiy Antivirus Engine 5.0.0.06281654 allows local users to cause a de ...)
 	NOT-FOR-US: Antiy Antivirus Engine
-CVE-2017-10673
+CVE-2017-10673 (admin/profile.php in GetSimple CMS 3.x has XSS in a name field. ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2017-10672
+CVE-2017-10672 (Use-after-free in the XML-LibXML module through 2.0129 for Perl allows ...)
 	{DSA-4042-1 DLA-1171-1}
 	- libxml-libxml-perl 2.0128+dfsg-5 (bug #866676)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=122246
 	NOTE: Pull request: https://github.com/shlomif/perl-XML-LibXML/pull/8
-CVE-2017-10671
+CVE-2017-10671 (Heap-based Buffer Overflow in the de_dotdot function in libhttpd.c in  ...)
 	- thttpd <removed>
-CVE-2017-10670
+CVE-2017-10670 (An XML External Entity (XXE) issue exists in OSCI-Transport 1.2 as use ...)
 	NOT-FOR-US: OSCI-Transport
-CVE-2017-10669
+CVE-2017-10669 (Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transp ...)
 	NOT-FOR-US: OSCI-Transport
-CVE-2017-10668
+CVE-2017-10668 (A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transpor ...)
 	NOT-FOR-US: OSCI-Transport
-CVE-2017-10667
+CVE-2017-10667 (In index.php in Zen Cart 1.6.0, the products_id parameter can cause XS ...)
 	NOT-FOR-US: Zen Cart
 CVE-2017-10666
 	RESERVED
-CVE-2017-10665
+CVE-2017-10665 (Directory traversal vulnerability in ajaxfileupload.php in Kayson Grou ...)
 	NOT-FOR-US: Kayson Group Ltd. phpGrid
-CVE-2017-9998
+CVE-2017-9998 (The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf thr ...)
 	- dwarfutils 20170416-3 (bug #866968)
 	[stretch] - dwarfutils 20161124-1+deb9u1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
@@ -22622,22 +22622,22 @@ CVE-2017-9998
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465756
 CVE-2017-9997
 	RESERVED
-CVE-2017-10664
+CVE-2017-10664 (qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which a ...)
 	{DSA-3920-1 DLA-1599-1 DLA-1071-1 DLA-1070-1}
 	- qemu 1:2.8+dfsg-7 (bug #866674)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02693.html
 	NOTE: Fixed by (master): http://git.qemu.org/?p=qemu.git;a=commitdiff;h=041e32b8d9d076980b4e35317c0339e57ab888f1
-CVE-2017-10663
+CVE-2017-10663 (The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel  ...)
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.47-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/15d3042a937c13f5d9244241c7a9c8416ff6e82a (v4.13-rc1)
-CVE-2017-10662
+CVE-2017-10662 (The sanity_check_raw_super function in fs/f2fs/super.c in the Linux ke ...)
 	- linux 4.9.30-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/b9dd46188edc2f0d1f37328637860bb65a771124 (v4.12-rc1)
-CVE-2017-10661
+CVE-2017-10661 (Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allo ...)
 	{DLA-1099-1}
 	- linux 4.9.30-1
 	[jessie] - linux 3.16.43-2+deb8u5
@@ -22714,75 +22714,75 @@ CVE-2017-10626
 	RESERVED
 CVE-2017-10625
 	RESERVED
-CVE-2017-10624
+CVE-2017-10624 (Insufficient verification of node certificates in Juniper Networks Jun ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10623
+CVE-2017-10623 (Lack of authentication and authorization of cluster messages in Junipe ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10622
+CVE-2017-10622 (An authentication bypass vulnerability in Juniper Networks Junos Space ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10621
+CVE-2017-10621 (A denial of service vulnerability in telnetd service on Juniper Networ ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10620
+CVE-2017-10620 (Juniper Networks Junos OS on SRX series devices do not verify the HTTP ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10619
+CVE-2017-10619 (When Express Path (formerly known as service offloading) is configured ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10618
+CVE-2017-10618 (When the 'bgp-error-tolerance' feature &amp;#xe2;&amp;#x80;" designed  ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10617
+CVE-2017-10617 (The ifmap service that comes bundled with Contrail has an XML External ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10616
+CVE-2017-10616 (The ifmap service that comes bundled with Juniper Networks Contrail re ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10615
+CVE-2017-10615 (A vulnerability in the pluggable authentication module (PAM) of Junipe ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10614
+CVE-2017-10614 (A vulnerability in telnetd service on Junos OS allows a remote attacke ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10613
+CVE-2017-10613 (A vulnerability in a specific loopback filter action command, processe ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10612
+CVE-2017-10612 (A persistent site scripting vulnerability in Juniper Networks Junos Sp ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10611
+CVE-2017-10611 (If extended statistics are enabled via 'set chassis extended-statistic ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10610
+CVE-2017-10610 (On SRX Series devices, a crafted ICMP packet embedded within a NAT64 I ...)
 	NOT-FOR-US: Juniper
 CVE-2017-10609
 	RESERVED
-CVE-2017-10608
+CVE-2017-10608 (Any Juniper Networks SRX series device with one or more ALGs enabled m ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10607
+CVE-2017-10607 (Juniper Networks Junos OS 16.1R1, and services releases based off of 1 ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10606
+CVE-2017-10606 (Version 4.40 of the TPM (Trusted Platform Module) firmware on Juniper  ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10605
+CVE-2017-10605 (On all vSRX and SRX Series devices, when the DHCP or DHCP relay is con ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10604
+CVE-2017-10604 (When the device is configured to perform account lockout with a define ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10603
+CVE-2017-10603 (An XML injection vulnerability in Junos OS CLI can allow a locally aut ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10602
+CVE-2017-10602 (A buffer overflow vulnerability in Junos OS CLI may allow a local auth ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10601
+CVE-2017-10601 (A specific device configuration can result in a commit failure conditi ...)
 	NOT-FOR-US: Juniper
-CVE-2017-10600
+CVE-2017-10600 (ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, creates  ...)
 	NOT-FOR-US: ubuntu-image
-CVE-2017-9996
+CVE-2017-9996 (The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x be ...)
 	- ffmpeg 7:3.2.5-1
 	- libav <not-affected> (Vulnerable feature not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/1e42736b95065c69a7481d0cf55247024f54b660
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/e1b60aad77c27ed5d4dfc11e5e6a05a38c70489d
 	NOTE: The bug affects FFmpeg's support for CHUNKY cdxl files, a feature that is
 	NOTE: not present in Libav. Libav detects CHUNKY files and bails out early.
-CVE-2017-9995
+CVE-2017-9995 (libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validat ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2171dfae8c065878a2e130390eb78cf2947a5b69
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/7ac5067146613997bb38442cb022d7f41321a706
-CVE-2017-9994
+CVE-2017-9994 (libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x b ...)
 	{DLA-1630-1}
 	- ffmpeg 7:3.2.5-1
 	- libav <removed>
 	[wheezy] - libav <not-affected> (Vulnerable code not present, WebP decoder feature introduced in v10)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/6b5d3fb26fb4be48e4966e4b1d97c2165538d4ef
-CVE-2017-9993
+CVE-2017-9993 (FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6 ...)
 	{DSA-3957-1 DLA-1630-1}
 	- ffmpeg 7:3.2.6-1
 	- libav <removed>
@@ -22791,46 +22791,46 @@ CVE-2017-9993
 	NOTE: Fixed in 3.2.6
 	NOTE: Jessie is only partially affected. Only the second commit is
 	NOTE: relevant. HTTP Live Streaming filename extension code is not present.
-CVE-2017-9992
+CVE-2017-9992 (Heap-based buffer overflow in the decode_dds1 function in libavcodec/d ...)
 	{DSA-4012-1 DLA-1142-1}
 	- ffmpeg 7:3.2.5-1
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/f52fbf4f3ed02a7d872d8a102006f29b4421f360
 	NOTE: Fixed in 11.11
-CVE-2017-9991
+CVE-2017-9991 (Heap-based buffer overflow in the xwd_decode_frame function in libavco ...)
 	- ffmpeg 7:3.2.5-1
 	- libav <not-affected> (Vulnerable feature not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/441026fcb13ac23aa10edc312bdacb6445a0ad06
 	NOTE: The error occurs in the support for 8bpp XWD images where bpp and image
 	NOTE: depth are not checked thoroughly enough. Libav does not support 8bpp
 	NOTE: images and bails out early -- Diego Biurrun (libav project)
-CVE-2017-9990
+CVE-2017-9990 (Stack-based buffer overflow in the color_string_to_rgba function in li ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/cb243972b121b1ae6b60a78ff55a0506c69f3879
-CVE-2017-9989
+CVE-2017-9989 (util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A craf ...)
 	{DLA-1176-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/86
-CVE-2017-9988
+CVE-2017-9988 (The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles  ...)
 	{DLA-1176-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/85
-CVE-2017-9987
+CVE-2017-9987 (There is a heap-based buffer overflow in the function hpel_motion in m ...)
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1067
 	NOTE: Five different issues but only one POC instead of five attached.
 	NOTE: Requires more information.
-CVE-2017-9986
+CVE-2017-9986 (The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel thr ...)
 	- linux <unfixed> (unimportant)
 	NOTE: No security issue, only "exploitable" with malicious ISA cards
-CVE-2017-9985
+CVE-2017-9985 (The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in  ...)
 	- linux 4.13.4-1 (unimportant)
 	[stretch] - linux 4.9.51-1
 	NOTE: No security issue, only "exploitable" with malicious ISA cards
 	NOTE: Fixed by: https://git.kernel.org/linus/20e2b791796bd68816fa115f12be5320de2b8021 (v4.13-rc1)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=196133
-CVE-2017-9984
+CVE-2017-9984 (The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in t ...)
 	- linux 4.13.4-1 (unimportant)
 	[stretch] - linux 4.9.51-1
 	NOTE: No security issue, only "exploitable" with malicious ISA cards
@@ -22838,18 +22838,18 @@ CVE-2017-9984
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=196131
 CVE-2017-9983
 	RESERVED
-CVE-2017-9982
+CVE-2017-9982 (TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of s ...)
 	- teamspeak-client <removed>
 	[wheezy] - teamspeak-client <end-of-life> (non-free is not supported)
 CVE-2017-9981
 	RESERVED
-CVE-2017-9980
+CVE-2017-9980 (In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "P ...)
 	NOT-FOR-US: Green Packet
-CVE-2017-9979
+CVE-2017-9979 (On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, if the RE ...)
 	NOT-FOR-US: QuantaStor
-CVE-2017-9978
+CVE-2017-9978 (On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, a flaw wa ...)
 	NOT-FOR-US: QuantaStor
-CVE-2017-9977
+CVE-2017-9977 (AVG AntiVirus for MacOS with scan engine before 4668 might allow remot ...)
 	NOT-FOR-US: AVG
 CVE-2017-9976
 	RESERVED
@@ -22863,49 +22863,49 @@ CVE-2017-9972
 	REJECTED
 CVE-2017-9971
 	REJECTED
-CVE-2017-9970
+CVE-2017-9970 (A remote code execution vulnerability exists in Schneider Electric's S ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9969
+CVE-2017-9969 (An information disclosure vulnerability exists in Schneider Electric's ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9968
+CVE-2017-9968 (A security misconfiguration vulnerability exists in Schneider Electric ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9967
+CVE-2017-9967 (A security misconfiguration vulnerability exists in Schneider Electric ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9966
+CVE-2017-9966 (A privilege escalation vulnerability exists in Schneider Electric's Pe ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9965
+CVE-2017-9965 (An exposure of sensitive information vulnerability exists in Schneider ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9964
+CVE-2017-9964 (A Path Traversal issue was discovered in Schneider Electric Pelco Vide ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9963
+CVE-2017-9963 (A cross-site request forgery vulnerability exists on the Secure Gatewa ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9962
+CVE-2017-9962 (Schneider Electric's ClearSCADA versions released prior to August 2017 ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9961
+CVE-2017-9961 (A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX vers ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9960
+CVE-2017-9960 (An information disclosure vulnerability exists in Schneider Electric's ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9959
+CVE-2017-9959 (A vulnerability exists in Schneider Electric's U.motion Builder softwa ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9958
+CVE-2017-9958 (An improper access control vulnerability exists in Schneider Electric' ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9957
+CVE-2017-9957 (A vulnerability exists in Schneider Electric's U.motion Builder softwa ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9956
+CVE-2017-9956 (An authentication bypass vulnerability exists in Schneider Electric's  ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9955
+CVE-2017-9955 (The get_build_id function in opncls.c in the Binary File Descriptor (B ...)
 	- binutils 2.29-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21665
-CVE-2017-9954
+CVE-2017-9954 (The getvalue function in tekhex.c in the Binary File Descriptor (BFD)  ...)
 	- binutils 2.29-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21670
-CVE-2017-9953
+CVE-2017-9953 (There is an invalid free in Image::printIFDStructure that leads to a S ...)
 	- exiv2 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465061
 	NOTE: Possibly introduced after https://github.com/Exiv2/exiv2/commit/fd5e983746c336336039e91cb6b656cf8eeccdea
@@ -22913,201 +22913,201 @@ CVE-2017-9953
 	NOTE: again. Around that commit upstream source though does not build.
 CVE-2017-9952
 	RESERVED
-CVE-2017-9951
+CVE-2017-9951 (The try_read_command function in memcached.c in memcached before 1.4.3 ...)
 	{DSA-4218-1 DLA-1033-1}
 	- memcached 1.5.0-1 (bug #868701)
 	NOTE: https://www.twistlock.com/2017/07/13/cve-2017-9951-heap-overflow-memcached-server-1-4-38-twistlock-vulnerability-report/
 	NOTE: https://github.com/memcached/memcached/commit/328629445c71e6c17074f6e9e0e3ef585b58f167
 CVE-2017-9950
 	RESERVED
-CVE-2017-9949
+CVE-2017-9949 (The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 al ...)
 	- radare2 1.6.0+dfsg-1 (bug #866068)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/issues/7683
 	NOTE: https://github.com/radare/radare2/commit/796dd28aaa6b9fa76d99c42c4d5ff8b257cc2191
-CVE-2017-9948
+CVE-2017-9948 (A stack buffer overflow vulnerability has been discovered in Microsoft ...)
 	NOT-FOR-US: Microsoft Skype
-CVE-2017-9947
+CVE-2017-9947 (A vulnerability has been identified in Siemens APOGEE PXC and TALON TC ...)
 	NOT-FOR-US: Siemens
-CVE-2017-9946
+CVE-2017-9946 (A vulnerability has been identified in Siemens APOGEE PXC and TALON TC ...)
 	NOT-FOR-US: Siemens
-CVE-2017-9945
+CVE-2017-9945 (In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (Al ...)
 	NOT-FOR-US: Siemens
-CVE-2017-9944
+CVE-2017-9944 (A vulnerability has been identified in Siemens 7KT PAC1200 data manage ...)
 	NOT-FOR-US: Siemens
 CVE-2017-9943
 	RESERVED
-CVE-2017-9942
+CVE-2017-9942 (A vulnerability was discovered in Siemens SiPass integrated (All versi ...)
 	NOT-FOR-US: Siemens
-CVE-2017-9941
+CVE-2017-9941 (A vulnerability was discovered in Siemens SiPass integrated (All versi ...)
 	NOT-FOR-US: Siemens
-CVE-2017-9940
+CVE-2017-9940 (A vulnerability was discovered in Siemens SiPass integrated (All versi ...)
 	NOT-FOR-US: Siemens
-CVE-2017-9939
+CVE-2017-9939 (A vulnerability was discovered in Siemens SiPass integrated (All versi ...)
 	NOT-FOR-US: Siemens
-CVE-2017-9938
+CVE-2017-9938 (A vulnerability was discovered in Siemens SIMATIC Logon (All versions  ...)
 	NOT-FOR-US: Siemens
-CVE-2017-9937
+CVE-2017-9937 (In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A cr ...)
 	- jbigkit <unfixed> (unimportant; bug #869708)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2707
 	NOTE: The CVE was assigned for src:tiff by MITRE, but the issue actually lies
 	NOTE: in jbigkit itself.
-CVE-2017-9936
+CVE-2017-9936 (In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF ...)
 	{DSA-3903-1 DLA-1023-1 DLA-1022-1}
 	- tiff 4.0.8-3 (bug #866113)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2706
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a
-CVE-2017-9935
+CVE-2017-9935 (In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_wri ...)
 	{DSA-4100-1 DLA-1206-1}
 	- tiff 4.0.9-2 (bug #866109)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (does not build vulnerable tiff2pdf)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2704
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940
-CVE-2017-9934
+CVE-2017-9934 (Missing CSRF token checks and improper input validation in Joomla! CMS ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-9933
+CVE-2017-9933 (Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads t ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-9932
+CVE-2017-9932 (Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a defa ...)
 	NOT-FOR-US: Green Packet
-CVE-2017-9931
+CVE-2017-9931 (Cross-Site Scripting (XSS) exists in Green Packet DX-350 Firmware vers ...)
 	NOT-FOR-US: Green Packet
-CVE-2017-9930
+CVE-2017-9930 (Cross-Site Request Forgery (CSRF) exists in Green Packet DX-350 Firmwa ...)
 	NOT-FOR-US: Green Packet
-CVE-2017-9929
+CVE-2017-9929 (In lrzip 0.631, a stack buffer overflow was found in the function get_ ...)
 	- lrzip 0.631+git180517-1 (bug #866020)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/75
-CVE-2017-9928
+CVE-2017-9928 (In lrzip 0.631, a stack buffer overflow was found in the function get_ ...)
 	- lrzip 0.631+git180517-1 (bug #866022)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/74
-CVE-2017-9927
+CVE-2017-9927 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attacker ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
 	NOTE: https://github.com/matthiaskramm/swftools/issues/41
-CVE-2017-9926
+CVE-2017-9926 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attacker ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
 	NOTE: https://github.com/matthiaskramm/swftools/issues/41
-CVE-2017-9925
+CVE-2017-9925 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attacker ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
 	NOTE: https://github.com/matthiaskramm/swftools/issues/41
-CVE-2017-9924
+CVE-2017-9924 (In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attacker ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
 	NOTE: https://github.com/matthiaskramm/swftools/issues/41
-CVE-2017-9923
+CVE-2017-9923 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9922
+CVE-2017-9922 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9921
+CVE-2017-9921 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9920
+CVE-2017-9920 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9919
+CVE-2017-9919 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9918
+CVE-2017-9918 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9917
+CVE-2017-9917 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9916
+CVE-2017-9916 (IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9915
+CVE-2017-9915 (IrfanView version 4.44 (32bit) with TOOLS plugin 4.50 allows attackers ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9914
+CVE-2017-9914 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9913
+CVE-2017-9913 (XnView Classic for Windows Version 2.40 allows remote attackers to cau ...)
 	NOT-FOR-US: XnView
-CVE-2017-9912
+CVE-2017-9912 (XnView Classic for Windows Version 2.40 allows remote attackers to cau ...)
 	NOT-FOR-US: XnView
-CVE-2017-9911
+CVE-2017-9911 (XnView Classic for Windows Version 2.40 allows remote attackers to cau ...)
 	NOT-FOR-US: XnView
-CVE-2017-9910
+CVE-2017-9910 (XnView Classic for Windows Version 2.40 allows remote attackers to cau ...)
 	NOT-FOR-US: XnView
-CVE-2017-9909
+CVE-2017-9909 (XnView Classic for Windows Version 2.40 allows remote attackers to cau ...)
 	NOT-FOR-US: XnView
-CVE-2017-9908
+CVE-2017-9908 (XnView Classic for Windows Version 2.40 allows remote attackers to cau ...)
 	NOT-FOR-US: XnView
-CVE-2017-9907
+CVE-2017-9907 (XnView Classic for Windows Version 2.40 allows remote attackers to cau ...)
 	NOT-FOR-US: XnView
-CVE-2017-9906
+CVE-2017-9906 (XnView Classic for Windows Version 2.40 allows remote attackers to cau ...)
 	NOT-FOR-US: XnView
-CVE-2017-9905
+CVE-2017-9905 (XnView Classic for Windows Version 2.40 allows remote attackers to cau ...)
 	NOT-FOR-US: XnView
-CVE-2017-9904
+CVE-2017-9904 (XnView Classic for Windows Version 2.40 allows remote attackers to cau ...)
 	NOT-FOR-US: XnView
-CVE-2017-9903
+CVE-2017-9903 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9902
+CVE-2017-9902 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9901
+CVE-2017-9901 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9900
+CVE-2017-9900 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9899
+CVE-2017-9899 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9898
+CVE-2017-9898 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9897
+CVE-2017-9897 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9896
+CVE-2017-9896 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9895
+CVE-2017-9895 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9894
+CVE-2017-9894 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9893
+CVE-2017-9893 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9892
+CVE-2017-9892 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9891
+CVE-2017-9891 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9890
+CVE-2017-9890 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9889
+CVE-2017-9889 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9888
+CVE-2017-9888 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9887
+CVE-2017-9887 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9886
+CVE-2017-9886 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9885
+CVE-2017-9885 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9884
+CVE-2017-9884 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9883
+CVE-2017-9883 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9882
+CVE-2017-9882 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9881
+CVE-2017-9881 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9880
+CVE-2017-9880 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9879
+CVE-2017-9879 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9878
+CVE-2017-9878 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9877
+CVE-2017-9877 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9876
+CVE-2017-9876 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9875
+CVE-2017-9875 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9874
+CVE-2017-9874 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9873
+CVE-2017-9873 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9872
+CVE-2017-9872 (The III_dequantize_sample function in layer3.c in mpglib, as used in l ...)
 	- lame 3.99.5+repack1-8 (bug #867725)
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_dequantize_sample-layer3-c/
@@ -23115,7 +23115,7 @@ CVE-2017-9872
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-9871
+CVE-2017-9871 (The III_i_stereo function in layer3.c in mpglib, as used in libmpgdeco ...)
 	- lame 3.99.5+repack1-8 (bug #867725)
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_i_stereo-layer3-c/
@@ -23123,7 +23123,7 @@ CVE-2017-9871
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-9870
+CVE-2017-9870 (The III_i_stereo function in layer3.c in mpglib, as used in libmpgdeco ...)
 	- lame 3.99.5+repack1-8 (bug #867725)
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-iii_i_stereo-layer3-c/
@@ -23131,7 +23131,7 @@ CVE-2017-9870
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-9869
+CVE-2017-9869 (The II_step_one function in layer2.c in mpglib, as used in libmpgdecod ...)
 	- lame 3.99.5+repack1-8 (bug #867725)
 	[jessie] - lame 3.99.5+repack1-7+deb8u2
 	NOTE: https://blogs.gentoo.org/ago/2017/06/17/lame-global-buffer-overflow-in-ii_step_one-layer2-c/
@@ -23139,7 +23139,7 @@ CVE-2017-9869
 	NOTE: Starting with 3.99.5+repack1-8 libsndfile is used to read the input file, marking that as the fixed
 	NOTE: version, although the internal lame code was only fixed in 3.100 (strictly speaking that would be
 	NOTE: severity:unimportant for stretch onwards, but we don't have suite-specific severity annotations
-CVE-2017-9868
+CVE-2017-9868 (In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) i ...)
 	{DLA-1525-1 DLA-1146-1}
 	- mosquitto 1.4.14-1 (bug #865959)
 	[stretch] - mosquitto 1.4.10-3+deb9u1
@@ -23149,47 +23149,47 @@ CVE-2017-9867
 	RESERVED
 CVE-2017-9866
 	RESERVED
-CVE-2017-9865
+CVE-2017-9865 (The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54. ...)
 	{DSA-4079-1 DLA-1074-1}
 	- poppler 0.57.0-2 (bug #867477)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100774
 	NOTE: http://somevulnsofadlab.blogspot.com/2017/06/popplerstack-buffer-overflow-in.html
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=75fff6556eaf0ef3a6fcdef2c2229d0b6d1c58d9
-CVE-2017-9864
+CVE-2017-9864 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9863
+CVE-2017-9863 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9862
+CVE-2017-9862 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9861
+CVE-2017-9861 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9860
+CVE-2017-9860 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9859
+CVE-2017-9859 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9858
+CVE-2017-9858 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9857
+CVE-2017-9857 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9856
+CVE-2017-9856 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9855
+CVE-2017-9855 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9854
+CVE-2017-9854 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9853
+CVE-2017-9853 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9852
+CVE-2017-9852 (** DISPUTED ** An Incorrect Password Management issue was discovered i ...)
 	NOT-FOR-US: SMA Solar Technology products
-CVE-2017-9851
+CVE-2017-9851 (** DISPUTED ** An issue was discovered in SMA Solar Technology product ...)
 	NOT-FOR-US: SMA Solar Technology products
 CVE-2017-9850
 	RESERVED
 CVE-2017-9849
 	RESERVED
-CVE-2017-9848
+CVE-2017-9848 (SQL injection vulnerability in C_InfoService.asmx in WebServices in Ea ...)
 	NOT-FOR-US: Easysite
-CVE-2017-9847
+CVE-2017-9847 (The bdecode function in bdecode.cpp in libtorrent 1.1.3 allows remote  ...)
 	- libtorrent-rasterbar 1.1.4-1 (bug #865845)
 	[stretch] - libtorrent-rasterbar <no-dsa> (Minor issue)
 	[jessie] - libtorrent-rasterbar <no-dsa> (Minor issue)
@@ -23197,17 +23197,17 @@ CVE-2017-9847
 	NOTE: https://github.com/arvidn/libtorrent/issues/2099
 	NOTE: Fixed by: https://github.com/arvidn/libtorrent/commit/ec30a5e9ec703afb8abefba757c6d401303b53db
 	NOTE: Pre-1.1.0 versions possibly similarly affected in lazy_bdecode.cpp
-CVE-2017-9846
+CVE-2017-9846 (Winmail Server 6.1 allows remote code execution by authenticated users ...)
 	NOT-FOR-US: Winmail Server
-CVE-2017-9845
+CVE-2017-9845 (disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attacke ...)
 	NOT-FOR-US: SAP
-CVE-2017-9844
+CVE-2017-9844 (SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: SAP
-CVE-2017-9843
+CVE-2017-9843 (SAP NetWeaver AS ABAP 7.40 allows remote authenticated users with cert ...)
 	NOT-FOR-US: SAP
 CVE-2017-9842
 	RESERVED
-CVE-2017-9841
+CVE-2017-9841 (Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3  ...)
 	- phpunit 5.4.6-2 (bug #866200)
 	[stretch] - phpunit 5.4.6-2~deb9u1
 	[jessie] - phpunit <not-affected> (Issue introduced later; vulnerable code not present)
@@ -23215,54 +23215,54 @@ CVE-2017-9841
 	NOTE: https://github.com/sebastianbergmann/phpunit/pull/1956
 	NOTE: https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5
 	NOTE: http://phpunit.vulnbusters.com/
-CVE-2017-9840
+CVE-2017-9840 (Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload  ...)
 	- dolibarr <removed> (bug #867495)
-CVE-2017-9839
+CVE-2017-9839 (Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 ...)
 	- dolibarr <removed>
-CVE-2017-9838
+CVE-2017-9838 (Dolibarr ERP/CRM is affected by multiple reflected Cross-Site Scriptin ...)
 	- dolibarr <removed>
 CVE-2017-9837
 	REJECTED
-CVE-2017-9836
+CVE-2017-9836 (Cross-site scripting (XSS) vulnerability in Piwigo 2.9.1 allows remote ...)
 	- piwigo <removed>
-CVE-2017-9835
+CVE-2017-9835 (The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript ...)
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869907)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697985
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=cfde94be1d4286bc47633c6e6eaf4e659bd78066 (ghostpdl-9.22rc1)
-CVE-2017-9834
+CVE-2017-9834 (SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for W ...)
 	NOT-FOR-US: WatuPRO plugin for WordPress
-CVE-2017-9833
+CVE-2017-9833 (/cgi-bin/wapopen in BOA Webserver 0.94.14rc21 allows the injection of  ...)
 	NOT-FOR-US: Undetermined product
 	NOTE: /wapopen is not part of BOA, it's probably an insecure CGI
 	NOTE: script used in some embedded product relying on BOA as webserver.
 	NOTE: I asked Mitre to reject the CVE. -- Raphael Hertzog
-CVE-2017-9832
+CVE-2017-9832 (An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL functi ...)
 	{DLA-1029-1}
 	- libmtp 1.1.13-1
 	[jessie] - libmtp <no-dsa> (Minor issue; can be fixed in a point release)
 	NOTE: https://sourceforge.net/p/libmtp/mailman/message/35729062/
 	NOTE: https://sourceforge.net/p/libmtp/code/ci/aa7d91a789873a9d86969028e57f888a1241c085/
 	NOTE: reduced patchset: https://lists.debian.org/87lgnzvjvb.fsf@curie.anarc.at
-CVE-2017-9831
+CVE-2017-9831 (An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx f ...)
 	{DLA-1029-1}
 	- libmtp 1.1.13-1
 	[jessie] - libmtp <no-dsa> (Minor issue; can be fixed in a point release)
 	NOTE: https://sourceforge.net/p/libmtp/mailman/message/35735992/
 	NOTE: https://sourceforge.net/p/libmtp/code/ci/aa7d91a789873a9d86969028e57f888a1241c085/
 	NOTE: reduced patchset: https://lists.debian.org/87lgnzvjvb.fsf@curie.anarc.at
-CVE-2017-9830
+CVE-2017-9830 (Remote Code Execution is possible in Code42 CrashPlan 5.4.x via the or ...)
 	NOT-FOR-US: Code42
-CVE-2017-9829
+CVE-2017-9829 ('/cgi-bin/admin/downloadMedias.cgi' of the web service in most of the  ...)
 	NOT-FOR-US: VIVOTEK Network Cameras
-CVE-2017-9828
+CVE-2017-9828 ('/cgi-bin/admin/testserver.cgi' of the web service in most of the VIVO ...)
 	NOT-FOR-US: VIVOTEK Network Cameras
 CVE-2017-9827
 	RESERVED
 CVE-2017-9826
 	RESERVED
-CVE-2017-11104
+CVE-2017-11104 (Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within th ...)
 	{DSA-3910-1}
 	- knot 2.5.3-1 (bug #865678)
 	NOTE: https://lists.nic.cz/pipermail/knot-dns-users/2017-June/001144.html
@@ -23273,21 +23273,21 @@ CVE-2017-9824
 	RESERVED
 CVE-2017-9823
 	RESERVED
-CVE-2017-9822
+CVE-2017-9822 (DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cook ...)
 	NOT-FOR-US: DotNetNuke
-CVE-2017-9821
+CVE-2017-9821 (The National Payments Corporation of India BHIM application 1.3 for An ...)
 	NOT-FOR-US: India BHIM
-CVE-2017-9820
+CVE-2017-9820 (The National Payments Corporation of India BHIM application 1.3 for An ...)
 	NOT-FOR-US: India BHIM
-CVE-2017-9819
+CVE-2017-9819 (The National Payments Corporation of India BHIM application 1.3 for An ...)
 	NOT-FOR-US: India BHIM
-CVE-2017-9818
+CVE-2017-9818 (The National Payments Corporation of India BHIM application 1.3 for An ...)
 	NOT-FOR-US: India BHIM
 CVE-2017-9817
 	RESERVED
-CVE-2017-9816
+CVE-2017-9816 (Cross-site scripting (XSS) vulnerability in Paessler PRTG Network Moni ...)
 	NOT-FOR-US: Paessler PRTG Network Monitor
-CVE-2017-9815
+CVE-2017-9815 (In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/t ...)
 	- tiff 4.0.8-1
 	[jessie] - tiff 4.0.3-12.3+deb8u4
 	[wheezy] - tiff 4.0.2-6+deb7u14
@@ -23296,7 +23296,7 @@ CVE-2017-9815
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2682
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/fb3dc46a2fcf6197ff3b93fc76f0c37fddc0333b
 	NOTE: The issue is addressed with the same commit as for CVE-2017-9403
-CVE-2017-9814
+CVE-2017-9814 (cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote atta ...)
 	- cairo <unfixed> (low; bug #868580)
 	[buster] - cairo <no-dsa> (Minor issue)
 	[stretch] - cairo <no-dsa> (Minor issue)
@@ -23304,98 +23304,98 @@ CVE-2017-9814
 	[wheezy] - cairo <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101547
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/264
-CVE-2017-9813
+CVE-2017-9813 (In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack  ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2017-9812
+CVE-2017-9812 (The reportId parameter of the getReportStatus action method can be abu ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2017-9811
+CVE-2017-9811 (The kluser is able to interact with the kav4fs-control binary in Kaspe ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2017-9810
+CVE-2017-9810 (There are no Anti-CSRF tokens in any forms on the web interface in Kas ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
 CVE-2017-9809
 	RESERVED
 CVE-2017-9808
 	RESERVED
-CVE-2017-9807
+CVE-2017-9807 (An issue was discovered in the OpenWebif plugin through 1.2.4 for E2 o ...)
 	NOT-FOR-US: OpenWebif plugin for E2
-CVE-2017-9806
+CVE-2017-9806 (A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, ...)
 	- libreoffice 1:3.4.3-1
 	NOTE: https://www.talosintelligence.com/reports/TALOS-2017-0295
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2017-9806
 	NOTE: https://gerrit.libreoffice.org/gitweb?p=core.git;a=commitdiff_plain;h=bb494d6bd8c5868f34bd8f9444ed3eb401145f10
-CVE-2017-9805
+CVE-2017-9805 (The REST Plugin in Apache Struts 2.1.2 through 2.3.x before 2.3.34 and ...)
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <not-affected> (vulnerable code not present)
 	NOTE: https://struts.apache.org/docs/s2-052.html
-CVE-2017-9804
+CVE-2017-9804 (In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an ap ...)
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <ignored> (Minor issue)
 	NOTE: DOS class vulnerability and classified as low by upstream.
 	NOTE: https://struts.apache.org/docs/s2-050.html
-CVE-2017-9803
+CVE-2017-9803 (Apache Solr's Kerberos plugin can be configured to use delegation toke ...)
 	- lucene-solr <not-affected> (Introduced in 6.2)
-CVE-2017-9802
+CVE-2017-9802 (The Javascript method Sling.evalString() in Apache Sling Servlets Post ...)
 	NOT-FOR-US: Apache Sling
-CVE-2017-9801
+CVE-2017-9801 (When a call-site passes a subject for an email that contains line-brea ...)
 	- commons-email <not-affected> (Fixed with first upload to Debian)
 	NOTE: https://commons.apache.org/proper/commons-email/security-reports.html
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1801385
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1801388
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1801389
-CVE-2017-9800
+CVE-2017-9800 (A maliciously constructed svn+ssh:// URL would cause Subversion client ...)
 	{DSA-3932-1 DLA-1052-1}
 	- subversion 1.9.7-1
 	NOTE: Fixed by: http://svn.apache.org/viewvc?view=revision&amp;sortby=rev&amp;revision=1804691
 	NOTE: http://subversion.apache.org/security/CVE-2017-9800-advisory.txt
-CVE-2017-9799
+CVE-2017-9799 (It was found that under some situations and configurations of Apache S ...)
 	NOT-FOR-US: Apache Storm
-CVE-2017-9798
+CVE-2017-9798 (Apache httpd allows remote attackers to read secret data from process  ...)
 	{DSA-3980-1 DLA-1102-1}
 	- apache2 2.4.27-6 (bug #876109)
 	NOTE: https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
 	NOTE: https://github.com/hannob/optionsbleed
 	NOTE: Patch: https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
 	NOTE: Patch backport for 2.2: https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
-CVE-2017-9797
+CVE-2017-9797 (When an Apache Geode cluster before v1.2.1 is operating in secure mode ...)
 	NOT-FOR-US: Apache Geode
-CVE-2017-9796
+CVE-2017-9796 (When an Apache Geode cluster before v1.3.0 is operating in secure mode ...)
 	NOT-FOR-US: Apache Geode
-CVE-2017-9795
+CVE-2017-9795 (When an Apache Geode cluster before v1.3.0 is operating in secure mode ...)
 	NOT-FOR-US: Apache Geode
-CVE-2017-9794
+CVE-2017-9794 (When a cluster is operating in secure mode, a user with read privilege ...)
 	NOT-FOR-US: Apache Geode
-CVE-2017-9793
+CVE-2017-9793 (The REST Plugin in Apache Struts 2.3.7 through 2.3.33 and 2.5 through  ...)
 	- libstruts1.2-java <removed>
 	[wheezy] - libstruts1.2-java <not-affected> (vulnerable code not present)
 	NOTE: https://struts.apache.org/docs/s2-051.html
-CVE-2017-9792
+CVE-2017-9792 (In Apache Impala (incubating) before 2.10.0, a malicious user with "AL ...)
 	NOT-FOR-US: Apache Impala
-CVE-2017-9791
+CVE-2017-9791 (The Struts 1 plugin in Apache Struts 2.3.x might allow remote code exe ...)
 	- libstruts1.2-java <not-affected> (Vulnerable code not present)
 	NOTE: Issue is specific to Struts 2.x.
-CVE-2017-9790
+CVE-2017-9790 (When handling a libprocess message wrapped in an HTTP request, libproc ...)
 	- apache-mesos <itp> (bug #760315)
-CVE-2017-9789
+CVE-2017-9789 (When under stress, closing many connections, the HTTP/2 handling code  ...)
 	- apache2 <not-affected> (Only affected 2.4.26)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27
-CVE-2017-9788
+CVE-2017-9788 (In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value place ...)
 	{DSA-3913-1 DLA-1028-1}
 	- apache2 2.4.27-1 (bug #868467)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27
 	NOTE: Fixed by (2.4.x): https://svn.apache.org/r1800955
 	NOTE: 2.4.x: https://github.com/apache/httpd/commit/549ba6a39aa0df78a610025f74f3a06503a70f67
 	NOTE: trunk: https://github.com/apache/httpd/commit/c5d3719133b9e5dab0d540c5aa03b2fdabc30395
-CVE-2017-9787
+CVE-2017-9787 (When using a Spring AOP functionality to secure Struts actions it is p ...)
 	- libstruts1.2-java <not-affected> (Vulnerable code not present)
 	NOTE: Issue is specific to Struts 2.x.
 	NOTE: https://struts.apache.org/docs/s2-049.html
-CVE-2017-9786
+CVE-2017-9786 (Cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP ...)
 	NOT-FOR-US: ProjectSend
-CVE-2017-9785
+CVE-2017-9785 (Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse h ...)
 	NOT-FOR-US: NancyFX Nancy
 CVE-2017-9784
 	RESERVED
-CVE-2017-9783
+CVE-2017-9783 (Cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP ...)
 	NOT-FOR-US: ProjectSend
 CVE-2017-10599
 	RESERVED
@@ -23739,95 +23739,95 @@ CVE-2017-10430
 	RESERVED
 CVE-2017-10429
 	RESERVED
-CVE-2017-10428
+CVE-2017-10428 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.30-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10427
+CVE-2017-10427 (Vulnerability in the Oracle Retail Xstore Point of Service component o ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10426
+CVE-2017-10426 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle Pe ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10425
+CVE-2017-10425 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10424
+CVE-2017-10424 (Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQ ...)
 	NOT-FOR-US: MySQL Enterprise Monitor component of Oracle MySQL
-CVE-2017-10423
+CVE-2017-10423 (Vulnerability in the Oracle Retail Back Office component of Oracle Ret ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10422
+CVE-2017-10422 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10421
+CVE-2017-10421 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10420
+CVE-2017-10420 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10419
+CVE-2017-10419 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10418
+CVE-2017-10418 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10417
+CVE-2017-10417 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10416
+CVE-2017-10416 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10415
+CVE-2017-10415 (Vulnerability in the Oracle iSupport component of Oracle E-Business Su ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10414
+CVE-2017-10414 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10413
+CVE-2017-10413 (Vulnerability in the Oracle Mobile Field Service component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10412
+CVE-2017-10412 (Vulnerability in the Oracle Knowledge Management component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10411
+CVE-2017-10411 (Vulnerability in the Oracle Knowledge Management component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10410
+CVE-2017-10410 (Vulnerability in the Oracle Knowledge Management component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10409
+CVE-2017-10409 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10408
+CVE-2017-10408 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.30-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10407
+CVE-2017-10407 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.30-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10406
+CVE-2017-10406 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10405
+CVE-2017-10405 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10404
+CVE-2017-10404 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10403
+CVE-2017-10403 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10402
+CVE-2017-10402 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10401
+CVE-2017-10401 (Vulnerability in the Oracle Hospitality Cruise Materials Management co ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10400
+CVE-2017-10400 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-10399
+CVE-2017-10399 (Vulnerability in the Oracle Hospitality Cruise Fleet Management compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10398
+CVE-2017-10398 (Vulnerability in the Oracle Hospitality Cruise Fleet Management compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10397
+CVE-2017-10397 (Vulnerability in the Oracle Hospitality Cruise Fleet Management compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10396
+CVE-2017-10396 (Vulnerability in the Oracle Hospitality Cruise AffairWhere component o ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10395
+CVE-2017-10395 (Vulnerability in the Oracle Hospitality Cruise Fleet Management compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10394
+CVE-2017-10394 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10393
+CVE-2017-10393 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-10392
+CVE-2017-10392 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.30-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10391
+CVE-2017-10391 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
 CVE-2017-10390
 	RESERVED
-CVE-2017-10389
+CVE-2017-10389 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10388
+CVE-2017-10388 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23835,35 +23835,35 @@ CVE-2017-10388
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10387
+CVE-2017-10387 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10386
+CVE-2017-10386 (Vulnerability in the Java Advanced Management Console component of Ora ...)
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10385
+CVE-2017-10385 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-10384
+CVE-2017-10384 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4002-1 DSA-3944-1 DLA-1141-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <removed> (bug #878402)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10383
+CVE-2017-10383 (Vulnerability in the Oracle Hospitality Guest Access component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10382
+CVE-2017-10382 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10381
+CVE-2017-10381 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10380
+CVE-2017-10380 (Vulnerability in the Java Advanced Management Console component of Ora ...)
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10379
+CVE-2017-10379 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4002-1 DSA-3944-1 DLA-1141-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <removed> (bug #878402)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10378
+CVE-2017-10378 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4002-1 DLA-1407-1 DLA-1141-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 10.1.29-1
@@ -23877,46 +23877,46 @@ CVE-2017-10377
 	RESERVED
 CVE-2017-10376
 	RESERVED
-CVE-2017-10375
+CVE-2017-10375 (Vulnerability in the Oracle Hospitality Guest Access component of Orac ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10374
 	RESERVED
-CVE-2017-10373
+CVE-2017-10373 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10372
+CVE-2017-10372 (Vulnerability in the Oracle Hospitality Guest Access component of Orac ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10371
 	RESERVED
-CVE-2017-10370
+CVE-2017-10370 (Vulnerability in the Oracle Hospitality Guest Access component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10369
+CVE-2017-10369 (Vulnerability in the Oracle Virtual Directory component of Oracle Fusi ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10368
+CVE-2017-10368 (Vulnerability in the PeopleSoft Enterprise SCM eProcurement component  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10367
+CVE-2017-10367 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10366
+CVE-2017-10366 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10365
+CVE-2017-10365 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mariadb-10.2 <removed> (bug #884065)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10364
+CVE-2017-10364 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10363
+CVE-2017-10363 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10362
+CVE-2017-10362 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10361
+CVE-2017-10361 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10360
+CVE-2017-10360 (Vulnerability in the Oracle WebCenter Content component of Oracle Fusi ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10359
+CVE-2017-10359 (Vulnerability in the Oracle Hyperion BI+ component of Oracle Hyperion  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10358
+CVE-2017-10358 (Vulnerability in the Oracle Hyperion Financial Reporting component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10357
+CVE-2017-10357 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23924,7 +23924,7 @@ CVE-2017-10357
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10356
+CVE-2017-10356 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23932,7 +23932,7 @@ CVE-2017-10356
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10355
+CVE-2017-10355 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23940,21 +23940,21 @@ CVE-2017-10355
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10354
+CVE-2017-10354 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10353
+CVE-2017-10353 (Vulnerability in the Oracle Hospitality Hotel Mobile component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10352
+CVE-2017-10352 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10351
+CVE-2017-10351 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10350
+CVE-2017-10350 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	[experimental] - openjdk-7 7u151-2.6.11-2
 	- openjdk-7 <removed>
-CVE-2017-10349
+CVE-2017-10349 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23962,7 +23962,7 @@ CVE-2017-10349
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10348
+CVE-2017-10348 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23970,7 +23970,7 @@ CVE-2017-10348
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10347
+CVE-2017-10347 (Vulnerability in the Java SE, JRockit component of Oracle Java SE (sub ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23978,7 +23978,7 @@ CVE-2017-10347
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10346
+CVE-2017-10346 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23986,7 +23986,7 @@ CVE-2017-10346
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10345
+CVE-2017-10345 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -23994,117 +23994,117 @@ CVE-2017-10345
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10344
+CVE-2017-10344 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10343
+CVE-2017-10343 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10342
+CVE-2017-10342 (Vulnerability in the Java Advanced Management Console component of Ora ...)
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10341
+CVE-2017-10341 (Vulnerability in the Java Advanced Management Console component of Ora ...)
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10340
+CVE-2017-10340 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10339
+CVE-2017-10339 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10338
+CVE-2017-10338 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10337
+CVE-2017-10337 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10336
+CVE-2017-10336 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10335
+CVE-2017-10335 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10334
+CVE-2017-10334 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10333
+CVE-2017-10333 (Vulnerability in the Siebel UI Framework component of Oracle Siebel CR ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10332
+CVE-2017-10332 (Vulnerability in the Oracle Universal Work Queue component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10331
+CVE-2017-10331 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10330
+CVE-2017-10330 (Vulnerability in the Oracle Common Applications component of Oracle E- ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10329
+CVE-2017-10329 (Vulnerability in the Oracle Global Order Promising component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10328
+CVE-2017-10328 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10327
+CVE-2017-10327 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10326
+CVE-2017-10326 (Vulnerability in the Oracle Common Applications Calendar component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10325
+CVE-2017-10325 (Vulnerability in the Oracle Common Applications Calendar component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10324
+CVE-2017-10324 (Vulnerability in the Oracle Applications Technology Stack component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10323
+CVE-2017-10323 (Vulnerability in the Oracle Web Applications Desktop Integrator compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10322
+CVE-2017-10322 (Vulnerability in the Oracle Common Applications Calendar component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10321
+CVE-2017-10321 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10320
+CVE-2017-10320 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mariadb-10.2 <removed> (bug #884065)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10319
+CVE-2017-10319 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10318
+CVE-2017-10318 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10317
+CVE-2017-10317 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10316
+CVE-2017-10316 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10315
+CVE-2017-10315 (Vulnerability in the Siebel UI Framework component of Oracle Siebel CR ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10314
+CVE-2017-10314 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10313
+CVE-2017-10313 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10312
+CVE-2017-10312 (Vulnerability in the Oracle Hyperion BI+ component of Oracle Hyperion  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10311
+CVE-2017-10311 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10310
+CVE-2017-10310 (Vulnerability in the Oracle Hyperion Financial Reporting component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10309
+CVE-2017-10309 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-9 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2017-10308
+CVE-2017-10308 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10307
 	RESERVED
-CVE-2017-10306
+CVE-2017-10306 (Vulnerability in the PeopleSoft Enterprise HCM component of Oracle Peo ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10305
 	RESERVED
-CVE-2017-10304
+CVE-2017-10304 (Vulnerability in the PeopleSoft Enterprise HCM component of Oracle Peo ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10303
+CVE-2017-10303 (Vulnerability in the Oracle Interaction Center Intelligence component  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10302
+CVE-2017-10302 (Vulnerability in the Siebel UI Framework component of Oracle Siebel CR ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10301
+CVE-2017-10301 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10300
+CVE-2017-10300 (Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10299
+CVE-2017-10299 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10298
 	RESERVED
 CVE-2017-10297
 	RESERVED
-CVE-2017-10296
+CVE-2017-10296 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10295
+CVE-2017-10295 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -24112,15 +24112,15 @@ CVE-2017-10295
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10294
+CVE-2017-10294 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10293
+CVE-2017-10293 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-8 <not-affected> (Seems to be specific to Oracle Java)
 	- openjdk-7 <not-affected> (Seems to be specific to Oracle Java)
 	- openjdk-6 <not-affected> (Seems to be specific to Oracle Java)
-CVE-2017-10292
+CVE-2017-10292 (Vulnerability in the RDBMS Security component of Oracle Database Serve ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10291
 	RESERVED
@@ -24130,16 +24130,16 @@ CVE-2017-10289
 	RESERVED
 CVE-2017-10288
 	RESERVED
-CVE-2017-10287
+CVE-2017-10287 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle Pe ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10286
+CVE-2017-10286 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3944-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10285
+CVE-2017-10285 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -24147,17 +24147,17 @@ CVE-2017-10285
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10284
+CVE-2017-10284 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10283
+CVE-2017-10283 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10282
+CVE-2017-10282 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10281
+CVE-2017-10281 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -24165,26 +24165,26 @@ CVE-2017-10281
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10280
+CVE-2017-10280 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10279
+CVE-2017-10279 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10278
+CVE-2017-10278 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middlewa ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10277
+CVE-2017-10277 (Vulnerability in the MySQL Connectors component of Oracle MySQL (subco ...)
 	- mysql-connector-net <unfixed> (bug #883923)
 	[stretch] - mysql-connector-net <no-dsa> (Minor issue)
 	[jessie] - mysql-connector-net <no-dsa> (Minor issue)
 	[wheezy] - mysql-connector-net <no-dsa> (Minor issue)
-CVE-2017-10276
+CVE-2017-10276 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10275
+CVE-2017-10275 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10274
+CVE-2017-10274 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	{DSA-4048-1 DSA-4015-1 DLA-1187-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
@@ -24192,17 +24192,17 @@ CVE-2017-10274
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10273
+CVE-2017-10273 (Vulnerability in the Oracle JDeveloper component of Oracle Fusion Midd ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10272
+CVE-2017-10272 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middlewa ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10271
+CVE-2017-10271 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10270
+CVE-2017-10270 (Vulnerability in the Oracle Identity Manager Connector component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10269
+CVE-2017-10269 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middlewa ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10268
+CVE-2017-10268 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4002-1 DLA-1407-1 DLA-1141-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 10.1.29-1
@@ -24210,314 +24210,314 @@ CVE-2017-10268
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <removed> (bug #878402)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10267
+CVE-2017-10267 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middlewa ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10266
+CVE-2017-10266 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middlewa ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10265
+CVE-2017-10265 (Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) compo ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10264
+CVE-2017-10264 (Vulnerability in the Siebel UI Framework component of Oracle Siebel CR ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10263
+CVE-2017-10263 (Vulnerability in the Siebel UI Framework component of Oracle Siebel CR ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10262
+CVE-2017-10262 (Vulnerability in the Oracle Access Manager component of Oracle Fusion  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10261
+CVE-2017-10261 (Vulnerability in the XML Database component of Oracle Database Server. ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10260
+CVE-2017-10260 (Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) compo ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10259
+CVE-2017-10259 (Vulnerability in the Oracle Access Manager component of Oracle Fusion  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10258
+CVE-2017-10258 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10257
+CVE-2017-10257 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10256
+CVE-2017-10256 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10255
+CVE-2017-10255 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10254
+CVE-2017-10254 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle Pe ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10253
+CVE-2017-10253 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10252
+CVE-2017-10252 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10251
+CVE-2017-10251 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10250
+CVE-2017-10250 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10249
+CVE-2017-10249 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10248
+CVE-2017-10248 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10247
+CVE-2017-10247 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10246
+CVE-2017-10246 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10245
+CVE-2017-10245 (Vulnerability in the Oracle General Ledger component of Oracle E-Busin ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10244
+CVE-2017-10244 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10243
+CVE-2017-10243 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10242
+CVE-2017-10242 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10241
+CVE-2017-10241 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10240
+CVE-2017-10240 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10239
+CVE-2017-10239 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10238
+CVE-2017-10238 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10237
+CVE-2017-10237 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10236
+CVE-2017-10236 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10235
+CVE-2017-10235 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10234
+CVE-2017-10234 (Vulnerability in the Solaris Cluster component of Oracle Sun Systems P ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10233
+CVE-2017-10233 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10232
+CVE-2017-10232 (Vulnerability in the Hospitality WebSuite8 Cloud Service component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10231
+CVE-2017-10231 (Vulnerability in the Oracle Hospitality Cruise AffairWhere component o ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10230
+CVE-2017-10230 (Vulnerability in the Oracle Hospitality Cruise Dining Room Management  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10229
+CVE-2017-10229 (Vulnerability in the Oracle Hospitality Cruise Materials Management co ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10228
+CVE-2017-10228 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10227
+CVE-2017-10227 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10226
+CVE-2017-10226 (Vulnerability in the Oracle Hospitality Cruise Fleet Management compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10225
+CVE-2017-10225 (Vulnerability in the Oracle Hospitality RES 3700 component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10224
+CVE-2017-10224 (Vulnerability in the Oracle Hospitality Inventory Management component ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10223
+CVE-2017-10223 (Vulnerability in the Oracle Hospitality Materials Control component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10222
+CVE-2017-10222 (Vulnerability in the Oracle Hospitality Materials Control component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10221
+CVE-2017-10221 (Vulnerability in the Oracle Hospitality RES 3700 component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10220
+CVE-2017-10220 (Vulnerability in the Hospitality Property Interfaces component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10219
+CVE-2017-10219 (Vulnerability in the Oracle Hospitality Guest Access component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10218
+CVE-2017-10218 (Vulnerability in the Oracle Hospitality Guest Access component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10217
+CVE-2017-10217 (Vulnerability in the Oracle Hospitality Guest Access component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10216
+CVE-2017-10216 (Vulnerability in the Hospitality Property Interfaces component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10215
+CVE-2017-10215 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: PeopleSoft
-CVE-2017-10214
+CVE-2017-10214 (Vulnerability in the Oracle Retail Xstore Point of Service component o ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10213
+CVE-2017-10213 (Vulnerability in the Hospitality Suite8 component of Oracle Hospitalit ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10212
+CVE-2017-10212 (Vulnerability in the Hospitality Suite8 component of Oracle Hospitalit ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10211
+CVE-2017-10211 (Vulnerability in the Hospitality Suite8 component of Oracle Hospitalit ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10210
+CVE-2017-10210 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10209
+CVE-2017-10209 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10208
+CVE-2017-10208 (Vulnerability in the Oracle Hospitality e7 component of Oracle Hospita ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10207
+CVE-2017-10207 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10206
+CVE-2017-10206 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10205
+CVE-2017-10205 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10204
+CVE-2017-10204 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10203
+CVE-2017-10203 (Vulnerability in the MySQL Connectors component of Oracle MySQL (subco ...)
 	- mysql-connector-net <unfixed> (bug #883923)
 	[stretch] - mysql-connector-net <no-dsa> (Minor issue)
 	[jessie] - mysql-connector-net <no-dsa> (Minor issue)
 	[wheezy] - mysql-connector-net <no-dsa> (Minor issue)
-CVE-2017-10202
+CVE-2017-10202 (Vulnerability in the OJVM component of Oracle Database Server. Support ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10201
+CVE-2017-10201 (Vulnerability in the Oracle Hospitality e7 component of Oracle Hospita ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10200
+CVE-2017-10200 (Vulnerability in the Oracle Hospitality e7 component of Oracle Hospita ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10199
+CVE-2017-10199 (Vulnerability in the Oracle iLearning component of Oracle iLearning (s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10198
+CVE-2017-10198 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10197
+CVE-2017-10197 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10196
+CVE-2017-10196 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10195
+CVE-2017-10195 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10194
+CVE-2017-10194 (Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) compo ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10193
+CVE-2017-10193 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10192
+CVE-2017-10192 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10191
+CVE-2017-10191 (Vulnerability in the Oracle Web Analytics component of Oracle E-Busine ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10190
+CVE-2017-10190 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10189
+CVE-2017-10189 (Vulnerability in the Hospitality Suite8 component of Oracle Hospitalit ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10188
+CVE-2017-10188 (Vulnerability in the Hospitality Hotel Mobile component of Oracle Hosp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10187
+CVE-2017-10187 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10186
+CVE-2017-10186 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10185
+CVE-2017-10185 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10184
+CVE-2017-10184 (Vulnerability in the Oracle Field Service component of Oracle E-Busine ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10183
+CVE-2017-10183 (Vulnerability in the Oracle Retail Xstore Point of Service component o ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10182
+CVE-2017-10182 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10181
+CVE-2017-10181 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10180
+CVE-2017-10180 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10179
+CVE-2017-10179 (Vulnerability in the Application Management Pack for Oracle E-Business ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10178
+CVE-2017-10178 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10177
+CVE-2017-10177 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10176
+CVE-2017-10176 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
-CVE-2017-10175
+CVE-2017-10175 (Vulnerability in the Oracle iSupport component of Oracle E-Business Su ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10174
+CVE-2017-10174 (Vulnerability in the Oracle iSupport component of Oracle E-Business Su ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10173
+CVE-2017-10173 (Vulnerability in the Oracle Retail Open Commerce Platform component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10172
+CVE-2017-10172 (Vulnerability in the Oracle Retail Open Commerce Platform component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10171
+CVE-2017-10171 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10170
+CVE-2017-10170 (Vulnerability in the Oracle Field Service component of Oracle E-Busine ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10169
+CVE-2017-10169 (Vulnerability in the Oracle Hospitality 9700 component of Oracle Hospi ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10168
+CVE-2017-10168 (Vulnerability in the Hospitality Hotel Mobile component of Oracle Hosp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10167
+CVE-2017-10167 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10166
+CVE-2017-10166 (Vulnerability in the Oracle Security Service component of Oracle Fusio ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10165
+CVE-2017-10165 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10164
+CVE-2017-10164 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle Pe ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10163
+CVE-2017-10163 (Vulnerability in the Oracle Business Intelligence Enterprise Edition c ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10162
+CVE-2017-10162 (Vulnerability in the Siebel Core - Server Framework component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10161
+CVE-2017-10161 (Vulnerability in the Oracle Engineering Data Management component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10160
+CVE-2017-10160 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Primavera
-CVE-2017-10159
+CVE-2017-10159 (Vulnerability in the Oracle Communications Policy Management component ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10158
+CVE-2017-10158 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10157
+CVE-2017-10157 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10156
+CVE-2017-10156 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10155
+CVE-2017-10155 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
-CVE-2017-10154
+CVE-2017-10154 (Vulnerability in the Oracle Access Manager component of Oracle Fusion  ...)
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10153
+CVE-2017-10153 (Vulnerability in the Oracle Communications WebRTC Session Controller c ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10152
+CVE-2017-10152 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10151
+CVE-2017-10151 (Vulnerability in the Oracle Identity Manager component of Oracle Fusio ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10150
+CVE-2017-10150 (Vulnerability in the Primavera Unifier component of Oracle Primavera P ...)
 	NOT-FOR-US: Primavera
-CVE-2017-10149
+CVE-2017-10149 (Vulnerability in the Primavera Unifier component of Oracle Primavera P ...)
 	NOT-FOR-US: Primavera
-CVE-2017-10148
+CVE-2017-10148 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10147
+CVE-2017-10147 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10146
+CVE-2017-10146 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10145
+CVE-2017-10145 (Vulnerability in the Java Advanced Management Console component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10144
+CVE-2017-10144 (Vulnerability in the Oracle Applications Manager component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10143
+CVE-2017-10143 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10142
+CVE-2017-10142 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10141
+CVE-2017-10141 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10140
+CVE-2017-10140 (Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3 ...)
 	{DLA-1137-1 DLA-1136-1 DLA-1135-1}
 	- db5.3 5.3.28-13.1 (bug #872436)
 	[stretch] - db5.3 5.3.28-12+deb9u1
@@ -24542,11 +24542,11 @@ CVE-2017-10139
 	RESERVED
 CVE-2017-10138
 	RESERVED
-CVE-2017-10137
+CVE-2017-10137 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10136
+CVE-2017-10136 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10135
+CVE-2017-10135 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
@@ -24554,378 +24554,378 @@ CVE-2017-10135
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
 	NOTE: OpenJDK-8 upstream commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/079cd6c5de27
-CVE-2017-10134
+CVE-2017-10134 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle Pe ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10133
+CVE-2017-10133 (Vulnerability in the Hospitality Hotel Mobile component of Oracle Hosp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10132
+CVE-2017-10132 (Vulnerability in the Hospitality Hotel Mobile component of Oracle Hosp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10131
+CVE-2017-10131 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10130
+CVE-2017-10130 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10129
+CVE-2017-10129 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-10128
+CVE-2017-10128 (Vulnerability in the Hospitality WebSuite8 Cloud Service component of  ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10127
 	RESERVED
-CVE-2017-10126
+CVE-2017-10126 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10125
+CVE-2017-10125 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2017-10124
 	RESERVED
-CVE-2017-10123
+CVE-2017-10123 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10122
+CVE-2017-10122 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10121
+CVE-2017-10121 (Vulnerability in the Java Advanced Management Console component of Ora ...)
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10120
+CVE-2017-10120 (Vulnerability in the RDBMS Security component of Oracle Database Serve ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10119
+CVE-2017-10119 (Vulnerability in the Oracle Service Bus component of Oracle Fusion Mid ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10118
+CVE-2017-10118 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
-CVE-2017-10117
+CVE-2017-10117 (Vulnerability in the Java Advanced Management Console component of Ora ...)
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10116
+CVE-2017-10116 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10115
+CVE-2017-10115 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10114
+CVE-2017-10114 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	{DSA-4005-1}
 	- openjfx 8u141-b14-1 (low; bug #870860)
-CVE-2017-10113
+CVE-2017-10113 (Vulnerability in the Oracle Common Applications component of Oracle E- ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10112
+CVE-2017-10112 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10111
+CVE-2017-10111 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3919-1}
 	- openjdk-8 8u141-b15-1
-CVE-2017-10110
+CVE-2017-10110 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10109
+CVE-2017-10109 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10108
+CVE-2017-10108 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10107
+CVE-2017-10107 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10106
+CVE-2017-10106 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10105
+CVE-2017-10105 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2017-10104
+CVE-2017-10104 (Vulnerability in the Java Advanced Management Console component of Ora ...)
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2017-10103
+CVE-2017-10103 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10102
+CVE-2017-10102 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <unfixed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10101
+CVE-2017-10101 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10100
+CVE-2017-10100 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10099
+CVE-2017-10099 (Vulnerability in the SPARC M7, T7, S7 based Servers component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10098
+CVE-2017-10098 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10097
+CVE-2017-10097 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10096
+CVE-2017-10096 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10095
+CVE-2017-10095 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10094
+CVE-2017-10094 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10093
+CVE-2017-10093 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10092
+CVE-2017-10092 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10091
+CVE-2017-10091 (Vulnerability in the Enterprise Manager Base Platform component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10090
+CVE-2017-10090 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
-CVE-2017-10089
+CVE-2017-10089 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10088
+CVE-2017-10088 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10087
+CVE-2017-10087 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10086
+CVE-2017-10086 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	{DSA-4005-1}
 	- openjfx 8u141-b14-1 (low; bug #870860)
-CVE-2017-10085
+CVE-2017-10085 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10084
+CVE-2017-10084 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10083
+CVE-2017-10083 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10082
+CVE-2017-10082 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10081
+CVE-2017-10081 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10080
+CVE-2017-10080 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10079
+CVE-2017-10079 (Vulnerability in the Oracle Hospitality Suites Management component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10078
+CVE-2017-10078 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	{DSA-3919-1}
 	- openjdk-8 8u141-b15-1
-CVE-2017-10077
+CVE-2017-10077 (Vulnerability in the Oracle Applications DBA component of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10076
+CVE-2017-10076 (Vulnerability in the Oracle Hospitality Simphony First Edition Venue M ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10075
+CVE-2017-10075 (Vulnerability in the Oracle WebCenter Content component of Oracle Fusi ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10074
+CVE-2017-10074 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10073
+CVE-2017-10073 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10072
+CVE-2017-10072 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10071
+CVE-2017-10071 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10070
+CVE-2017-10070 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10069
+CVE-2017-10069 (Vulnerability in the Oracle Payment Interface component of Oracle Hosp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10068
+CVE-2017-10068 (Vulnerability in the Oracle Business Intelligence Enterprise Edition c ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10067
+CVE-2017-10067 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10066
+CVE-2017-10066 (Vulnerability in the Oracle Applications Technology Stack component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10065
+CVE-2017-10065 (Vulnerability in the Oracle Retail Point-of-Service component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10064
+CVE-2017-10064 (Vulnerability in the Hospitality WebSuite8 Cloud Service component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10063
+CVE-2017-10063 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10062
+CVE-2017-10062 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10061
+CVE-2017-10061 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10060
+CVE-2017-10060 (Vulnerability in the Oracle Business Intelligence Enterprise Edition c ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10059
+CVE-2017-10059 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10058
+CVE-2017-10058 (Vulnerability in the Oracle Business Intelligence Enterprise Edition c ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10057
+CVE-2017-10057 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10056
+CVE-2017-10056 (Vulnerability in the Oracle Hospitality 9700 component of Oracle Hospi ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10055
+CVE-2017-10055 (Vulnerability in the Oracle iPlanet Web Server component of Oracle Fus ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10054
+CVE-2017-10054 (Vulnerability in the Oracle Hospitality Cruise Materials Management co ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10053
+CVE-2017-10053 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3954-1 DSA-3919-1 DLA-1073-1}
 	- openjdk-8 8u141-b15-1
 	[experimental] - openjdk-7 7u151-2.6.11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-10052
+CVE-2017-10052 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10051
+CVE-2017-10051 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10050
+CVE-2017-10050 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10049
+CVE-2017-10049 (Vulnerability in the Siebel Core CRM component of Oracle Siebel CRM (s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10048
+CVE-2017-10048 (Vulnerability in the Oracle Enterprise Repository component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10047
+CVE-2017-10047 (Vulnerability in the MICROS BellaVita component of Oracle Hospitality  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10046
+CVE-2017-10046 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10045
+CVE-2017-10045 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10044
+CVE-2017-10044 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10043
+CVE-2017-10043 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10042
+CVE-2017-10042 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10041
+CVE-2017-10041 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10040
+CVE-2017-10040 (Vulnerability in the Oracle WebCenter Content component of Oracle Fusi ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10039
+CVE-2017-10039 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10038
+CVE-2017-10038 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10037
+CVE-2017-10037 (Vulnerability in the Oracle BI Publisher component of Oracle Fusion Mi ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10036
+CVE-2017-10036 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10035
+CVE-2017-10035 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10034
+CVE-2017-10034 (Vulnerability in the Oracle BI Publisher component of Oracle Fusion Mi ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10033
+CVE-2017-10033 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10032
+CVE-2017-10032 (Vulnerability in the Oracle Transportation Management component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10031
+CVE-2017-10031 (Vulnerability in the Oracle Communications Convergence component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10030
+CVE-2017-10030 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10029
+CVE-2017-10029 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10028
+CVE-2017-10028 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10027
+CVE-2017-10027 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10026
+CVE-2017-10026 (Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middl ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10025
+CVE-2017-10025 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10024
+CVE-2017-10024 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10023
+CVE-2017-10023 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10022
+CVE-2017-10022 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10021
+CVE-2017-10021 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10020
+CVE-2017-10020 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10019
+CVE-2017-10019 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10018
+CVE-2017-10018 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle Pe ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10017
+CVE-2017-10017 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10016
+CVE-2017-10016 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10015
+CVE-2017-10015 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10014
+CVE-2017-10014 (Vulnerability in the Oracle Hospitality Hotel Mobile component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10013
+CVE-2017-10013 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10012
+CVE-2017-10012 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10011
+CVE-2017-10011 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10010
+CVE-2017-10010 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10009
+CVE-2017-10009 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10008
+CVE-2017-10008 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10007
+CVE-2017-10007 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10006
+CVE-2017-10006 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10005
+CVE-2017-10005 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10004
+CVE-2017-10004 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10003
+CVE-2017-10003 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10002
+CVE-2017-10002 (Vulnerability in the Oracle Hospitality Inventory Management component ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10001
+CVE-2017-10001 (Vulnerability in the Oracle Hospitality Simphony First Edition compone ...)
 	NOT-FOR-US: Oracle
-CVE-2017-10000
+CVE-2017-10000 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2017-9782
+CVE-2017-9782 (JasPer 2.0.12 allows remote attackers to cause a denial of service (he ...)
 	- jasper <removed>
 	[jessie] - jasper <no-dsa> (Minor issue)
 	[wheezy] - jasper <no-dsa> (Minor issue)
 	NOTE: https://github.com/mdadams/jasper/issues/140
-CVE-2017-9781
+CVE-2017-9781 (A cross site scripting (XSS) vulnerability exists in Check_MK versions ...)
 	[experimental] - check-mk 1.4.0p9-1
 	- check-mk <unfixed> (bug #865497)
 	[wheezy] - check-mk <ignored> (Minor issue)
 	NOTE: http://mathias-kettner.com/check_mk_werks.php?werk_id=4757
 	NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commitdiff;h=c248f0b6ff7b15ced9f07a3df8a80fad656ea5b1
-CVE-2017-9779
+CVE-2017-9779 (OCaml compiler allows attackers to have unspecified impact via unknown ...)
 	- ocaml 4.05.0-9 (bug #874700)
 	[stretch] - ocaml <no-dsa> (Minor issue)
 	[jessie] - ocaml <no-dsa> (Minor issue)
@@ -24934,53 +24934,53 @@ CVE-2017-9779
 	NOTE: https://caml.inria.fr/mantis/view.php?id=7557
 	NOTE: Make sure any potential advisories are clear that any created suid
 	NOTE: binaries using ocaml must be re-created once ocaml has been updated.
-CVE-2017-9778
+CVE-2017-9778 (GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length f ...)
 	- gdb <unfixed> (unimportant; bug #865607)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21600
 CVE-2017-9777
 	RESERVED
-CVE-2017-9776
+CVE-2017-9776 (Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in  ...)
 	{DSA-4079-2 DSA-4079-1 DLA-1074-1}
 	- poppler 0.57.0-2 (bug #865679)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101541
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=a3a98a6d83dfbf49f565f5aa2d7c07153a7f62fc
-CVE-2017-9775
+CVE-2017-9775 (Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0 ...)
 	{DSA-4079-1 DLA-1074-1}
 	- poppler 0.57.0-2 (bug #865680)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101540
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=8f4ff8243a3d599ff2a6c08b1da389e606ba4fc9
-CVE-2017-9774
+CVE-2017-9774 (Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a  ...)
 	{DSA-4276-1 DLA-1395-1}
 	- php-horde-image 2.5.1-1 (bug #865505)
 	NOTE: https://lists.horde.org/archives/announce/2017/001234.html
 	NOTE: https://github.com/horde/horde/commit/01a11ccd37149101d67e0b20261fa48ab07dae13
 	NOTE: Regression in upstream patch, fixing in https://github.com/horde/Image/pull/1
-CVE-2017-9773
+CVE-2017-9773 (Denial of Service was found in Horde_Image 2.x before 2.5.0 via a craf ...)
 	{DSA-4276-1}
 	- php-horde-image 2.5.1-1 (bug #865504)
 	[jessie] - php-horde-image <not-affected> (Only Horde_Image above 2.3.0 affected)
 	NOTE: https://lists.horde.org/archives/announce/2017/001234.html
 	NOTE: https://github.com/horde/horde/commit/2b8a6fe1a5fc0fc662178145f853c65956985538
-CVE-2017-9772
+CVE-2017-9772 (Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4. ...)
 	- ocaml <not-affected> (Only affects 4.04.0 and 4.04.1)
 	NOTE: https://caml.inria.fr/mantis/view.php?id=7557
-CVE-2017-9771
+CVE-2017-9771 (install\save.php in WebsiteBaker v2.10.0 allows remote attackers to ex ...)
 	NOT-FOR-US: WebsiteBaker
-CVE-2017-9770
+CVE-2017-9770 (A specially crafted IOCTL can be issued to the rzpnk.sys driver in Raz ...)
 	NOT-FOR-US: Razer Synapse
-CVE-2017-9769
+CVE-2017-9769 (A specially crafted IOCTL can be issued to the rzpnk.sys driver in Raz ...)
 	NOT-FOR-US: Razer Synapse
 CVE-2017-9768
 	RESERVED
-CVE-2017-9767
+CVE-2017-9767 (Multiple cross-site scripting (XSS) vulnerabilities in Quali CloudShel ...)
 	NOT-FOR-US: Quali CloudShell
-CVE-2017-9766
+CVE-2017-9766 (In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allow ...)
 	{DLA-1634-1}
 	- wireshark 2.4.0-1 (low; bug #870175)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13811
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d6e888400ba64de3147d1111a4c23edf389b0000
-CVE-2017-9765
+CVE-2017-9765 (Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2 ...)
 	{DLA-1036-1}
 	- gsoap 2.8.48-1
 	[stretch] - gsoap 2.8.35-4+deb9u1
@@ -24989,68 +24989,68 @@ CVE-2017-9765
 	NOTE: http://blog.senr.io/blog/devils-ivy-flaw-in-widely-used-third-party-code-impacts-millions
 	NOTE: https://www.genivia.com/changelog.html#Version_2.8.48_upd_(06/21/2017)
 	NOTE: SuSE patch: https://bugzilla.suse.com/attachment.cgi?id=733005
-CVE-2017-9764
+CVE-2017-9764 (Cross-site scripting (XSS) vulnerability in MetInfo 5.3.17 allows remo ...)
 	NOT-FOR-US: MetInfo
-CVE-2017-9780
+CVE-2017-9780 (In Flatpak before 0.8.7, a third-party app repository could include ma ...)
 	{DSA-3895-1}
 	- flatpak 0.8.7-1 (bug #865413)
 	NOTE: https://github.com/flatpak/flatpak/issues/845
-CVE-2017-10923
+CVE-2017-10923 (Xen through 4.8.x does not validate a vCPU array index upon the sendin ...)
 	- xen 4.8.1-1+deb9u3
 	[stretch] - xen 4.8.1-1+deb9u3
 	[jessie] - xen <not-affected> (Vulnerable code not present)
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	NOTE: https://xenbits.xen.org/xsa/advisory-225.html
-CVE-2017-10922
+CVE-2017-10922 (The grant-table feature in Xen through 4.8.x mishandles MMIO region gr ...)
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-224.html
-CVE-2017-10921
+CVE-2017-10921 (The grant-table feature in Xen through 4.8.x does not ensure sufficien ...)
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-224.html
-CVE-2017-10920
+CVE-2017-10920 (The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_devic ...)
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-224.html
-CVE-2017-10919
+CVE-2017-10919 (Xen through 4.8.x mishandles virtual interrupt injection, which allows ...)
 	- xen 4.8.1-1+deb9u3
 	[stretch] - xen 4.8.1-1+deb9u3
 	[jessie] - xen <ignored> (No backport available, limited to arm)
 	[wheezy] - xen <not-affected> (arm not supported)
 	NOTE: https://xenbits.xen.org/xsa/advisory-223.html
-CVE-2017-10918
+CVE-2017-10918 (Xen through 4.8.x does not validate memory allocations during certain  ...)
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-222.html
-CVE-2017-10917
+CVE-2017-10917 (Xen through 4.8.x does not validate the port numbers of polled event c ...)
 	{DSA-3969-1}
 	- xen 4.8.1-1+deb9u3
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	NOTE: https://xenbits.xen.org/xsa/advisory-221.html
-CVE-2017-10916
+CVE-2017-10916 (The vCPU context-switch implementation in Xen through 4.8.x improperly ...)
 	- xen 4.8.1-1+deb9u3
 	[stretch] - xen 4.8.1-1+deb9u3
 	[jessie] - xen <not-affected> (Vulnerable code not present)
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	NOTE: https://xenbits.xen.org/xsa/advisory-220.html
-CVE-2017-10915
+CVE-2017-10915 (The shadow-paging feature in Xen through 4.8.x mismanages page referen ...)
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-219.html
-CVE-2017-10914
+CVE-2017-10914 (The grant-table feature in Xen through 4.8.x has a race condition lead ...)
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-218.html
-CVE-2017-10913
+CVE-2017-10913 (The grant-table feature in Xen through 4.8.x provides false mapping in ...)
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-218.html
-CVE-2017-10912
+CVE-2017-10912 (Xen through 4.8.x mishandles page transfer, which allows guest OS user ...)
 	{DSA-3969-1 DLA-1132-1}
 	- xen 4.8.1-1+deb9u3
 	NOTE: https://xenbits.xen.org/xsa/advisory-217.html
-CVE-2017-10911
+CVE-2017-10911 (The make_response function in drivers/block/xen-blkback/blkback.c in t ...)
 	{DSA-3945-1 DSA-3927-1 DSA-3920-1 DLA-1497-1 DLA-1099-1}
 	- linux 4.11.11-1
 	- qemu 1:2.8+dfsg-7 (bug #869706)
@@ -25058,14 +25058,14 @@ CVE-2017-10911
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Wheezy's xen uses an embedded qemu copy)
 	NOTE: https://xenbits.xen.org/xsa/advisory-216.html
-CVE-2017-1000381
+CVE-2017-1000381 (The c-ares function `ares_parse_naptr_reply()`, which is used for pars ...)
 	{DLA-998-1}
 	- c-ares 1.12.0-4 (bug #865360)
 	[stretch] - c-ares 1.12.0-1+deb9u1
 	[jessie] - c-ares 1.10.0-2+deb8u2
 	NOTE: https://c-ares.haxx.se/adv_20170620.html
 	NOTE: Patch: https://c-ares.haxx.se/CVE-2017-1000381.patch
-CVE-2017-9763
+CVE-2017-9763 (The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013 ...)
 	- grub2 2.02~beta2-8 (unimportant)
 	- radare2 1.6.0+dfsg-1 (bug #869423)
 	[stretch] - radare2 <no-dsa> (Minor issue)
@@ -25074,14 +25074,14 @@ CVE-2017-9763
 	NOTE: https://github.com/radare/radare2/commit/65000a7fd9eea62359e6d6714f17b94a99a82edd
 	NOTE: https://github.com/radare/radare2/issues/7723
 	NOTE: Not a security issue for Grub
-CVE-2017-9762
+CVE-2017-9762 (The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows  ...)
 	- radare2 1.6.0+dfsg-1 (low; bug #869426)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/issues/7726
 	NOTE: https://github.com/radare/radare2/commit/f85bc674b2a2256a364fe796351bc1971e106005
-CVE-2017-9761
+CVE-2017-9761 (The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remot ...)
 	- radare2 1.6.0+dfsg-1 (low; bug #869428)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
@@ -25090,65 +25090,65 @@ CVE-2017-9761
 	NOTE: https://github.com/radare/radare2/issues/7727
 CVE-2017-9760
 	RESERVED
-CVE-2017-9759
+CVE-2017-9759 (SQL Injection exists in admin/index.php in Zenbership 1.0.8 via the fi ...)
 	NOT-FOR-US: Zenbership
-CVE-2017-9758
+CVE-2017-9758 (Savitech driver packages for Windows silently install a self-signed ce ...)
 	NOT-FOR-US: Savitech driver packages for Windows
-CVE-2017-9757
+CVE-2017-9757 (IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi vi ...)
 	NOT-FOR-US: IPFire
-CVE-2017-1000375
+CVE-2017-1000375 (NetBSD maps the run-time link-editor ld.so directly below the stack re ...)
 	NOT-FOR-US: NetBSD
-CVE-2017-1000374
+CVE-2017-1000374 (A flaw exists in NetBSD's implementation of the stack guard page that  ...)
 	NOT-FOR-US: NetBSD
-CVE-2017-1000373
+CVE-2017-1000373 (The OpenBSD qsort() function is recursive, and not randomized, an atta ...)
 	NOT-FOR-US: OpenBSD
-CVE-2017-1000372
+CVE-2017-1000372 (A flaw exists in OpenBSD's implementation of the stack guard page that ...)
 	NOT-FOR-US: OpenBSD
-CVE-2017-1000364
+CVE-2017-1000364 (An issue was discovered in the size of the stack guard page on Linux,  ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.11.6-1
 	[stretch] - linux 4.9.30-2+deb9u1
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000365
+CVE-2017-1000365 (The Linux Kernel imposes a size restriction on the arguments and envir ...)
 	{DSA-3945-1 DSA-3927-1 DLA-1099-1}
 	- linux 4.11.11-1
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 	NOTE: Fixed by: https://git.kernel.org/linus/98da7d08850fb8bdeb395d6368ed15753304aa0c
-CVE-2017-1000366
+CVE-2017-1000366 (glibc contains a vulnerability that allows specially crafted LD_LIBRAR ...)
 	{DSA-3887-1 DLA-992-1}
 	- glibc 2.24-12
 	- eglibc <removed>
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000369
+CVE-2017-1000369 (Exim supports the use of multiple "-p" command line arguments which ar ...)
 	{DSA-3888-1 DLA-1001-1}
 	- exim4 4.89-3
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000370
+CVE-2017-1000370 (The offset2lib patch as used in the Linux Kernel contains a vulnerabil ...)
 	{DSA-3981-1}
 	- linux 4.11.11-1
 	[wheezy] - linux <not-affected> (Memory layout is different)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000371
+CVE-2017-1000371 (The offset2lib patch as used by the Linux Kernel contains a vulnerabil ...)
 	{DSA-3981-1}
 	- linux 4.11.11-1
 	[wheezy] - linux <not-affected> (Memory layout is different)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000376
+CVE-2017-1000376 (libffi requests an executable stack allowing attackers to more easily  ...)
 	{DSA-3889-1 DLA-997-1}
 	- libffi 3.2.1-4
 	NOTE: https://github.com/libffi/libffi/commit/978c9540154d320525488db1b7049277122f736d
 	NOTE: and additionally cf. #751907 for the configure flag.
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000377
+CVE-2017-1000377 (An issue was discovered in the size of the default stack guard page on ...)
 	NOT-FOR-US: GRSecurity/PAX Linux specific assignment
-CVE-2017-9756
+CVE-2017-9756 (The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU  ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21595
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cd3ea7c69acc5045eb28f9bf80d923116e15e4f5
-CVE-2017-9755
+CVE-2017-9755 (opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number o ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -25156,106 +25156,106 @@ CVE-2017-9755
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21594
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0d96e4df4812c3bad77c229dfef47a9bc115ac12
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8cac017d35ef374e65acc98818a17cf8a652cbd0
-CVE-2017-9754
+CVE-2017-9754 (The process_otr function in bfd/versados.c in the Binary File Descript ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21591
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=04f963fd489cae724a60140e13984415c205f4ac
-CVE-2017-9753
+CVE-2017-9753 (The versados_mkobject function in bfd/versados.c in the Binary File De ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21591
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=04f963fd489cae724a60140e13984415c205f4ac
-CVE-2017-9752
+CVE-2017-9752 (bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbf ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21589
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c53d2e6d744da000aaafe0237bced090aab62818
-CVE-2017-9751
+CVE-2017-9751 (opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE  ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21588
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=63323b5b23bd83fa7b04ea00dff593c933e9b0e3
-CVE-2017-9750
+CVE-2017-9750 (opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for cer ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21587
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=db5fa770268baf8cc82cf9b141d69799fd485fe2
-CVE-2017-9749
+CVE-2017-9749 (The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow rem ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21586
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=08c7881b814c546efc3996fd1decdf0877f7a779
-CVE-2017-9748
+CVE-2017-9748 (The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21582
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=63634bb4a107877dd08b6282e28e11cfd1a1649e
-CVE-2017-9747
+CVE-2017-9747 (The ieee_archive_p function in bfd/ieee.c in the Binary File Descripto ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21581
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=62b76e4b6e0b4cb5b3e0053d1de4097b32577049
-CVE-2017-9746
+CVE-2017-9746 (The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allow ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21580
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ae87f7e73eba29bd38b3a9684a10b948ed715612
-CVE-2017-9745
+CVE-2017-9745 (The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21579
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=76800cba595efc3fe95a446c2d664e42ae4ee869
-CVE-2017-9744
+CVE-2017-9744 (The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binar ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21578
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f461bbd847f15657f3dd2f317c30c75a7520da1f
-CVE-2017-9743
+CVE-2017-9743 (The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Bin ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21577
-CVE-2017-9742
+CVE-2017-9742 (The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.2 ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21576
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e64519d1ed7fd8f990f05a5562d5b5c0c44b7d7e
-CVE-2017-9741
+CVE-2017-9741 (install/make-config.php in ProjectSend r754 allows remote attackers to ...)
 	NOT-FOR-US: ProjectSend
-CVE-2017-9740
+CVE-2017-9740 (The xps_decode_font_char_imp function in xps/xpsfont.c in Artifex Ghos ...)
 	- ghostscript 9.22~dfsg-1 (unimportant; bug #869879)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
 	NOTE: The Debian binary package is not affected xps/ not used
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698064
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=961b10cdd71403072fb99401a45f3bef6ce53626
-CVE-2017-9739
+CVE-2017-9739 (The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostX ...)
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869910)
@@ -25265,7 +25265,7 @@ CVE-2017-9738
 	RESERVED
 CVE-2017-9737
 	RESERVED
-CVE-2017-9736
+CVE-2017-9736 (SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell  ...)
 	{DSA-3890-1}
 	- spip 3.1.4-3 (bug #864921)
 	[jessie] - spip <not-affected> (Vulnerable code not present)
@@ -25277,29 +25277,29 @@ CVE-2017-9734
 	RESERVED
 CVE-2017-9733
 	RESERVED
-CVE-2017-9732
+CVE-2017-9732 (The read_packet function in knc (Kerberised NetCat) before 1.11-1 is v ...)
 	NOT-FOR-US: knc (Kerberised NetCat)
-CVE-2017-9731
+CVE-2017-9731 (In meta/classes/package_ipk.bbclass in Poky in poky-pyro 17.0.0 for Yo ...)
 	NOT-FOR-US: Poky for Yocto Project
-CVE-2017-9730
+CVE-2017-9730 (SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and  ...)
 	NOT-FOR-US: nuevoMailer
-CVE-2017-9729
+CVE-2017-9729 (In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) ...)
 	- uclibc <unfixed> (unimportant)
-CVE-2017-9728
+CVE-2017-9728 (In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp f ...)
 	- uclibc <unfixed> (unimportant)
-CVE-2017-9727
+CVE-2017-9727 (The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscrip ...)
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869913)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=698056
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=937ccd17ac65935633b2ebc06cb7089b91e17e6b (ghostpdl-9.22rc1)
-CVE-2017-9726
+CVE-2017-9726 (The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostX ...)
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869915)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=698055
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=7755e67116e8973ee0e3b22d653df026a84fa01b (ghostpdl-9.22rc1)
-CVE-2017-9735
+CVE-2017-9735 (Jetty through 9.4.x is prone to a timing channel in util/security/Pass ...)
 	{DLA-1021-1 DLA-1020-1}
 	- jetty9 9.2.22-1 (bug #864898)
 	[stretch] - jetty9 <ignored> (Harmless information leak)
@@ -25311,118 +25311,118 @@ CVE-2017-9735
 	NOTE: https://github.com/eclipse/jetty.project/commit/042f325f1cd6e7891d72c7e668f5947b5457dc02
 	NOTE: https://github.com/eclipse/jetty.project/commit/f3751d70787fd8ab93932a51c60514c2eb37cb58
 	NOTE: https://github.com/eclipse/jetty.project/commit/2baa1abe4b1c380a30deacca1ed367466a1a62ea
-CVE-2017-9725
+CVE-2017-9725 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	- linux 4.3.1-1
 	NOTE: Fixed by: https://git.kernel.org/linus/67a2e213e7e937c41c52ab5bc46bf3f4de469f6e (4.3-rc7)
-CVE-2017-9724
+CVE-2017-9724 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9723
+CVE-2017-9723 (The touchscreen driver synaptics_dsx in Android for MSM, Firefox OS fo ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-9722
+CVE-2017-9722 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9721
+CVE-2017-9721 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Android boot loader (aboot)
-CVE-2017-9720
+CVE-2017-9720 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9719
+CVE-2017-9719 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9718
+CVE-2017-9718 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9717
+CVE-2017-9717 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9716
+CVE-2017-9716 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: qbt1000 driver in Android
-CVE-2017-9715
+CVE-2017-9715 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9714
+CVE-2017-9714 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9713
 	RESERVED
-CVE-2017-9712
+CVE-2017-9712 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9711
 	RESERVED
-CVE-2017-9710
+CVE-2017-9710 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9709
+CVE-2017-9709 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9708
+CVE-2017-9708 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9707
 	RESERVED
-CVE-2017-9706
+CVE-2017-9706 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9705
+CVE-2017-9705 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9704
+CVE-2017-9704 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9703
+CVE-2017-9703 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9702
+CVE-2017-9702 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9701
+CVE-2017-9701 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9700
+CVE-2017-9700 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9699
 	RESERVED
-CVE-2017-9698
+CVE-2017-9698 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9697
+CVE-2017-9697 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9696
+CVE-2017-9696 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9695
 	RESERVED
-CVE-2017-9694
+CVE-2017-9694 (While parsing Netlink attributes in QCA_WLAN_VENDOR_ATTR_EXTSCAN_BSSID ...)
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-9693
+CVE-2017-9693 (The length of attribute value for STA_EXT_CAPABILITY in __wlan_hdd_cha ...)
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-9692
+CVE-2017-9692 (When an atomic commit is issued on a writeback panel with a NULL outpu ...)
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-9691
+CVE-2017-9691 (There is a race condition in Android for MSM, Firefox OS for MSM, and  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9690
+CVE-2017-9690 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9689
+CVE-2017-9689 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-9688
 	RESERVED
-CVE-2017-9687
+CVE-2017-9687 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9686
+CVE-2017-9686 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9685
+CVE-2017-9685 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9684
+CVE-2017-9684 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9683
+CVE-2017-9683 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-9682
+CVE-2017-9682 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9681
+CVE-2017-9681 (In Android before 2017-08-05 on Qualcomm MSM, Firefox OS for MSM, QRD  ...)
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-9680
+CVE-2017-9680 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-9679
+CVE-2017-9679 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-9678
+CVE-2017-9678 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9677
+CVE-2017-9677 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9676
+CVE-2017-9676 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-9675
+CVE-2017-9675 (On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows a ...)
 	NOT-FOR-US: D-Link DIR-605L devices
-CVE-2017-9674
+CVE-2017-9674 (In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on ind ...)
 	NOT-FOR-US: SimpleCE
-CVE-2017-9673
+CVE-2017-9673 (In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an adm ...)
 	NOT-FOR-US: SimpleCE
 CVE-2017-9672
 	RESERVED
-CVE-2017-9671
+CVE-2017-9671 (A heap overflow in apk (Alpine Linux's package manager) allows a remot ...)
 	NOT-FOR-US: apk (Alpine's package manager)
-CVE-2017-9670
+CVE-2017-9670 (An uninitialized stack variable vulnerability in load_tic_series() in  ...)
 	- gnuplot 5.0.5+dfsg1-7 (unimportant; bug #864901)
 	[stretch] - gnuplot 5.0.5+dfsg1-6+deb9u1
 	[jessie] - gnuplot <not-affected> (Vulnerable code introduced later)
@@ -25435,9 +25435,9 @@ CVE-2017-9670
 	NOTE: Fixed by: https://github.com/gnuplot/gnuplot/commit/4e39b1d7b274c7d4a69cbaba85ff321264f4457e
 	NOTE: Introduced by: https://github.com/gnuplot/gnuplot/commit/cd4b777389379598740fc02decff772b0e7bcbd6
 	NOTE: Crash in a CLI tool, no security impact
-CVE-2017-9669
+CVE-2017-9669 (A heap overflow in apk (Alpine Linux's package manager) allows a remot ...)
 	NOT-FOR-US: apk (Alpine's package manager)
-CVE-2017-9668
+CVE-2017-9668 (In admin\addgroup.php in CMS Made Simple 2.1.6, when adding a user gro ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2017-9667
 	RESERVED
@@ -25445,164 +25445,164 @@ CVE-2017-9666
 	RESERVED
 CVE-2017-9665
 	RESERVED
-CVE-2017-9664
+CVE-2017-9664 (In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, a ...)
 	NOT-FOR-US: ABB
-CVE-2017-9663
+CVE-2017-9663 (An Cleartext Storage of Sensitive Information issue was discovered in  ...)
 	NOT-FOR-US: General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client
-CVE-2017-9662
+CVE-2017-9662 (An Improper Privilege Management issue was discovered in Fuji Electric ...)
 	NOT-FOR-US: Fuji Electric Monitouch V-SFT
-CVE-2017-9661
+CVE-2017-9661 (An Uncontrolled Search Path Element issue was discovered in SIMPlight  ...)
 	NOT-FOR-US: SIMPlight SCADA Software
-CVE-2017-9660
+CVE-2017-9660 (A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch ...)
 	NOT-FOR-US: Fuji Electric Monitouch V-SFT
-CVE-2017-9659
+CVE-2017-9659 (A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Mo ...)
 	NOT-FOR-US: Fuji Electric Monitouch V-SFT
-CVE-2017-9658
+CVE-2017-9658 (Certain 802.11 network management messages have been determined to inv ...)
 	NOT-FOR-US: Philips IntelliVue MX40
-CVE-2017-9657
+CVE-2017-9657 (Under specific 802.11 network conditions, a partial re-association of  ...)
 	NOT-FOR-US: Philips IntelliVue MX40
-CVE-2017-9656
+CVE-2017-9656 (The backend database of the Philips DoseWise Portal application versio ...)
 	NOT-FOR-US: Philips DoseWise Portal
-CVE-2017-9655
+CVE-2017-9655 (A Cross-Site Scripting issue was discovered in OSIsoft PI Integrator f ...)
 	NOT-FOR-US: OSIsoft
-CVE-2017-9654
+CVE-2017-9654 (The Philips DoseWise Portal web-based application versions 1.1.7.333 a ...)
 	NOT-FOR-US: Philips DoseWise Portal
-CVE-2017-9653
+CVE-2017-9653 (An Improper Authorization issue was discovered in OSIsoft PI Integrato ...)
 	NOT-FOR-US: OSIsoft
 CVE-2017-9652
 	RESERVED
 CVE-2017-9651
 	RESERVED
-CVE-2017-9650
+CVE-2017-9650 (An Unrestricted Upload of File with Dangerous Type issue was discovere ...)
 	NOT-FOR-US: Automated Logic Corporation (ALC)
-CVE-2017-9649
+CVE-2017-9649 (A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion T ...)
 	NOT-FOR-US: Mirion
-CVE-2017-9648
+CVE-2017-9648 (An Uncontrolled Search Path Element issue was discovered in Solar Cont ...)
 	NOT-FOR-US: Solar Controls WATTConfig M Software
-CVE-2017-9647
+CVE-2017-9647 (A Stack-Based Buffer Overflow issue was discovered in the Continental  ...)
 	NOT-FOR-US: Continental AG Infineon S-Gold
-CVE-2017-9646
+CVE-2017-9646 (An Uncontrolled Search Path Element issue was discovered in Solar Cont ...)
 	NOT-FOR-US: Solar Controls Heating Control Downloader (HCDownloader)
-CVE-2017-9645
+CVE-2017-9645 (An Inadequate Encryption Strength issue was discovered in Mirion Techn ...)
 	NOT-FOR-US: Mirion
-CVE-2017-9644
+CVE-2017-9644 (An Unquoted Search Path or Element issue was discovered in Automated L ...)
 	NOT-FOR-US: Automated Logic Corporation (ALC)
 CVE-2017-9643
 	RESERVED
 CVE-2017-9642
 	RESERVED
-CVE-2017-9641
+CVE-2017-9641 (PI Coresight 2016 R2 contains a cross-site request forgery vulnerabili ...)
 	NOT-FOR-US: PI Coresight
-CVE-2017-9640
+CVE-2017-9640 (A Path Traversal issue was discovered in Automated Logic Corporation ( ...)
 	NOT-FOR-US: Automated Logic Corporation (ALC)
-CVE-2017-9639
+CVE-2017-9639 (An issue was discovered in Fuji Electric V-Server Version 3.3.22.0 and ...)
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2017-9638
+CVE-2017-9638 (Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sectio ...)
 	NOT-FOR-US: Mitsubishi E-Designer
-CVE-2017-9637
+CVE-2017-9637 (Schneider Electric Ampla MES 6.4 provides capability to interact with  ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9636
+CVE-2017-9636 (Mitsubishi E-Designer, Version 7.52 Build 344 contains five code secti ...)
 	NOT-FOR-US: Mitsubishi E-Designer
-CVE-2017-9635
+CVE-2017-9635 (Schneider Electric Ampla MES 6.4 provides capability to configure user ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9634
+CVE-2017-9634 (Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sectio ...)
 	NOT-FOR-US: Mitsubishi E-Designer
-CVE-2017-9633
+CVE-2017-9633 (An Improper Restriction of Operations within the Bounds of a Memory Bu ...)
 	NOT-FOR-US: Continental AG Infineon S-Gold 2
-CVE-2017-9632
+CVE-2017-9632 (A Missing Encryption of Sensitive Data issue was discovered in PDQ Man ...)
 	NOT-FOR-US: PDQ Manufacturing LaserWash
-CVE-2017-9631
+CVE-2017-9631 (A Null Pointer Dereference issue was discovered in Schneider Electric  ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9630
+CVE-2017-9630 (An Improper Authentication issue was discovered in PDQ Manufacturing L ...)
 	NOT-FOR-US: PDQ Manufacturing LaserWash
-CVE-2017-9629
+CVE-2017-9629 (A Stack-Based Buffer Overflow issue was discovered in Schneider Electr ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-9628
+CVE-2017-9628 (An Information Exposure issue was discovered in Saia Burgess Controls  ...)
 	NOT-FOR-US: Saia Burgess Controls
-CVE-2017-9627
+CVE-2017-9627 (An Uncontrolled Resource Consumption issue was discovered in Schneider ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2017-9626
 	RESERVED
-CVE-2017-9625
+CVE-2017-9625 (An Improper Authentication issue was discovered in Envitech EnviDAS Ul ...)
 	NOT-FOR-US: Envitech EnviDAS Ultimate
-CVE-2017-9624
+CVE-2017-9624 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1 ...)
 	NOT-FOR-US: Telaxus/EPESI
-CVE-2017-9623
+CVE-2017-9623 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1 ...)
 	NOT-FOR-US: Telaxus/EPESI
-CVE-2017-9622
+CVE-2017-9622 (Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1 ...)
 	NOT-FOR-US: Telaxus/EPESI
-CVE-2017-9621
+CVE-2017-9621 (Cross-site scripting (XSS) vulnerability in modules/Base/Lang/Administ ...)
 	NOT-FOR-US: Telaxus/EPESI
-CVE-2017-9620
+CVE-2017-9620 (The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghos ...)
 	- ghostscript 9.22~dfsg-1 (unimportant; bug #869879)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
 	NOTE: The Debian binary package is not affected xps/ not used
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698050
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3ee55637480d5e319a5de0481b01c3346855cbc9
-CVE-2017-9619
+CVE-2017-9619 (The xps_true_callback_glyph_name function in xps/xpsttf.c in Artifex G ...)
 	- ghostscript 9.22~dfsg-1 (unimportant; bug #869879)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
 	NOTE: The Debian binary package is not affected xps/ not used
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698042
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c53183d4e7103e87368b7cfa15367a47d559e323
-CVE-2017-9618
+CVE-2017-9618 (The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscrip ...)
 	- ghostscript 9.22~dfsg-1 (unimportant; bug #869879)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
 	NOTE: The Debian binary package is not affected xps/ not used
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698044
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3c2aebbedd37fab054e80f2e315de07d7e9b5bdb
-CVE-2017-9617
+CVE-2017-9617 (In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion ...)
 	- wireshark 2.4.0-1 (low; bug #870174)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13799
-CVE-2017-9616
+CVE-2017-9616 (In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion  ...)
 	- wireshark 2.4.0-1 (low; bug #870173)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13777
-CVE-2017-9615
+CVE-2017-9615 (Password exposure in Cognito Software Moneyworks 8.0.3 and earlier all ...)
 	NOT-FOR-US: Cognito Software Moneyworks
-CVE-2017-9614
+CVE-2017-9614 (The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 al ...)
 	NOT-FOR-US: Not a bug in libjpeg itself, but incorrect API usage
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/167
-CVE-2017-9613
+CVE-2017-9613 (Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors  ...)
 	NOT-FOR-US: SAP SuccessFactors
-CVE-2017-9612
+CVE-2017-9612 (The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS ...)
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869916)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698026
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=98f6da60b9d463c617e631fc254cf6d66f2e8e3c (ghostpdl-9.22rc1)
-CVE-2017-9611
+CVE-2017-9611 (The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostX ...)
 	{DSA-3986-1 DLA-1048-1}
 	[experimental] - ghostscript 9.22~~rc1~dfsg-1
 	- ghostscript 9.22~dfsg-1 (bug #869917)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698024
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c7c55972758a93350882c32147801a3485b010fe (ghostpdl-9.22rc1)
-CVE-2017-9610
+CVE-2017-9610 (The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscrip ...)
 	- ghostscript 9.22~dfsg-1 (unimportant; bug #869879)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
 	NOTE: The Debian binary package is not affected xps/ not used
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698025
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d2ab84732936b6e7e5a461dc94344902965e9a06
-CVE-2017-9609
+CVE-2017-9609 (Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows re ...)
 	NOT-FOR-US: Blackcat CMS
-CVE-2017-9608
+CVE-2017-9608 (The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allow ...)
 	{DSA-3957-1}
 	- ffmpeg 7:3.3.3-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/14/1
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/611b35627488a8d0763e75c25ee0875c5b7987dd
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/0a709e2a10b8288a0cc383547924ecfe285cef89
-CVE-2017-9607
+CVE-2017-9607 (The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might ...)
 	NOT-FOR-US: ARM Trusted Firmware
-CVE-2017-9606
+CVE-2017-9606 (Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local  ...)
 	NOT-FOR-US: Infotecs ViPNet Client and Coordinator
-CVE-2017-9604
+CVE-2017-9604 (KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in  ...)
 	- kdepim 4:16.04.3-4 (bug #864804)
 	[stretch] - kdepim 4:16.04.3-4~deb9u1
 	[jessie] - kdepim 4:4.14.1-1+deb8u1
@@ -25612,144 +25612,144 @@ CVE-2017-9604
 	NOTE: Fixed by (kmail): https://commits.kde.org/kmail/78c5552be2f00a4ac25bd77ca39386522fca70a8
 	NOTE: Fixed by (messagelib): https://commits.kde.org/messagelib/c54706e990bbd6498e7b1597ec7900bc809e8197
 	NOTE: https://www.kde.org/info/security/advisory-20170615-1.txt
-CVE-2017-1000379
+CVE-2017-1000379 (The Linux Kernel running on AMD64 systems will sometimes map the conte ...)
 	- linux <unfixed>
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-CVE-2017-1000378
+CVE-2017-1000378 (The NetBSD qsort() function is recursive, and not randomized, an attac ...)
 	NOT-FOR-US: NetBSD
-CVE-2017-9605
+CVE-2017-9605 (The vmw_gb_surface_define_ioctl function (accessible via DRM_IOCTL_VMW ...)
 	{DSA-3945-1 DSA-3927-1}
 	- linux 4.11.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/13/2
 	NOTE: Fixed by: https://git.kernel.org/linus/07678eca2cf9c9a18584e546c2b2a0d0c9a3150c (v4.12-rc5)
-CVE-2017-9603
+CVE-2017-9603 (SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordP ...)
 	NOT-FOR-US: WP Jobs plugin for WordPress
-CVE-2017-9602
+CVE-2017-9602 (KBVault Mysql Free Knowledge Base application package 0.16a comes with ...)
 	NOT-FOR-US: KBVault Mysql Free Knowledge Base application
-CVE-2017-9601
+CVE-2017-9601 (The "FNB Kemp Mobile Banking" by First National Bank of Kemp app 3.0.2 ...)
 	NOT-FOR-US: "FNB Kemp Mobile Banking" by First National Bank of Kemp app
-CVE-2017-9600
+CVE-2017-9600 (The "Peoples Bank Tulsa" by Peoples Bank - OK app 3.0.2 -- aka peoples ...)
 	NOT-FOR-US: "Peoples Bank Tulsa" by Peoples Bank - OK app
-CVE-2017-9599
+CVE-2017-9599 (The "Fountain Trust Mobile Banking" by FOUNTAIN TRUST COMPANY app befo ...)
 	NOT-FOR-US: "Fountain Trust Mobile Banking" by FOUNTAIN TRUST COMPANY app
-CVE-2017-9598
+CVE-2017-9598 (The "Morton Credit Union Mobile Banking" by Morton Credit Union app 3. ...)
 	NOT-FOR-US: "Morton Credit Union Mobile Banking" by Morton Credit Union app
-CVE-2017-9597
+CVE-2017-9597 (The "Blue Ridge Bank and Trust Co. Mobile Banking" by Blue Ridge Bank  ...)
 	NOT-FOR-US: "Blue Ridge Bank and Trust Co. Mobile Banking" app
-CVE-2017-9596
+CVE-2017-9596 (The "CFB Mobile Banking" by Citizens First Bank Wisconsin app 3.0.1 -- ...)
 	NOT-FOR-US: "CFB Mobile Banking" by Citizens First Bank Wisconsin app
-CVE-2017-9595
+CVE-2017-9595 (The "First State Bank of Bigfork Mobile Banking" by First State Bank o ...)
 	NOT-FOR-US: "First State Bank of Bigfork Mobile Banking" by First State Bank of Bigfork app
-CVE-2017-9594
+CVE-2017-9594 (The "SVB Mobile" by Sauk Valley Bank Mobile Banking app 3.0.0 -- aka s ...)
 	NOT-FOR-US: "SVB Mobile" by Sauk Valley Bank Mobile Banking app
-CVE-2017-9593
+CVE-2017-9593 (The "Oculina Mobile Banking" by Oculina Bank app 3.0.0 -- aka oculina- ...)
 	NOT-FOR-US: "Oculina Mobile Banking" by Oculina Bank app
-CVE-2017-9592
+CVE-2017-9592 (The "Your Legacy Federal Credit Union Mobile Banking" by Your Legacy F ...)
 	NOT-FOR-US: "Your Legacy Federal Credit Union Mobile Banking" by Your Legacy Federal Credit Union app
-CVE-2017-9591
+CVE-2017-9591 (The "PCB Mobile" by Phelps County Bank app 3.0.2 -- aka pcb-mobile/id4 ...)
 	NOT-FOR-US: "PCB Mobile" by Phelps County Bank app
-CVE-2017-9590
+CVE-2017-9590 (The "State Bank of Waterloo Mobile Banking" by State Bank of Waterloo  ...)
 	NOT-FOR-US: "State Bank of Waterloo Mobile Banking" by State Bank of Waterloo app
-CVE-2017-9589
+CVE-2017-9589 (The "SCSB Shelbyville IL Mobile Banking" by Shelby County State Bank a ...)
 	NOT-FOR-US: "SCSB Shelbyville IL Mobile Banking" by Shelby County State Bank app
-CVE-2017-9588
+CVE-2017-9588 (The "Oritani Mobile Banking" by Oritani Bank app 3.0.0 -- aka oritani- ...)
 	NOT-FOR-US: "Oritani Mobile Banking" by Oritani Bank app
-CVE-2017-9587
+CVE-2017-9587 (The "PCSB BANK Mobile" by PCSB Bank app 3.0.4 -- aka pcsb-bank-mobile/ ...)
 	NOT-FOR-US: "PCSB BANK Mobile" by PCSB Bank app
-CVE-2017-9586
+CVE-2017-9586 (The "FSBY Mobile Banking" by First State Bank of Yoakum TX app 3.0.0 - ...)
 	NOT-FOR-US: "FSBY Mobile Banking" by First State Bank of Yoakum TX app
-CVE-2017-9585
+CVE-2017-9585 (The "Community State Bank - Lamar Mobile Banking" by Community State B ...)
 	NOT-FOR-US: "Community State Bank - Lamar Mobile Banking" by Community State Bank - Lamar app
-CVE-2017-9584
+CVE-2017-9584 (The "HBO Mobile Banking" by Heritage Bank of Ozarks app 3.0.0 -- aka h ...)
 	NOT-FOR-US: "HBO Mobile Banking" by Heritage Bank of Ozarks app
-CVE-2017-9583
+CVE-2017-9583 (The "Charlevoix State Bank" by Charlevoix State Bank app 3.0.1 -- aka  ...)
 	NOT-FOR-US: "Charlevoix State Bank" by Charlevoix State Bank app
-CVE-2017-9582
+CVE-2017-9582 (The "BNB Mobile Banking" by Brady National Bank app 3.0.0 -- aka bnb-m ...)
 	NOT-FOR-US: "BNB Mobile Banking" by Brady National Bank app
-CVE-2017-9581
+CVE-2017-9581 (The "Algonquin State Bank Mobile Banking" by Algonquin State Bank app  ...)
 	NOT-FOR-US: "Algonquin State Bank Mobile Banking" by Algonquin State Bank app
-CVE-2017-9580
+CVE-2017-9580 (The "Pioneer Bank &amp; Trust Mobile Banking" by PIONEER BANK AND TRUS ...)
 	NOT-FOR-US: "Pioneer Bank & Trust Mobile Banking" by PIONEER BANK AND TRUST app
-CVE-2017-9579
+CVE-2017-9579 (The "JMCU Mobile Banking" by Joplin Metro Credit Union app 3.0.0 -- ak ...)
 	NOT-FOR-US: "JMCU Mobile Banking" by Joplin Metro Credit Union app
-CVE-2017-9578
+CVE-2017-9578 (The "RVCB Mobile" by RVCB Mobile Banking app 3.0.0 -- aka rvcb-mobile/ ...)
 	NOT-FOR-US: "RVCB Mobile" by RVCB Mobile Banking app
-CVE-2017-9577
+CVE-2017-9577 (The "First Citizens Bank-Mobile Banking" by First Citizens Bank (AL) a ...)
 	NOT-FOR-US: "First Citizens Bank-Mobile Banking" by First Citizens Bank (AL) app
-CVE-2017-9576
+CVE-2017-9576 (The "Middleton Community Bank Mobile Banking" by Middleton Community B ...)
 	NOT-FOR-US: "Middleton Community Bank Mobile Banking" by Middleton Community Bank app
-CVE-2017-9575
+CVE-2017-9575 (The "FVB Mobile Banking" by First Volunteer Bank of Tennessee app 3.1. ...)
 	NOT-FOR-US: "FVB Mobile Banking" by First Volunteer Bank of Tennessee app
-CVE-2017-9574
+CVE-2017-9574 (The "KC Area Credit Union Mobile Banking" by K C Area Credit Union app ...)
 	NOT-FOR-US: "KC Area Credit Union Mobile Banking" by K C Area Credit Union app
-CVE-2017-9573
+CVE-2017-9573 (The North Adams State Bank (Ursa) nasb-mobile-banking/id980573797 app  ...)
 	NOT-FOR-US: North Adams State Bank (Ursa) nasb-mobile-banking/id980573797 app
-CVE-2017-9572
+CVE-2017-9572 (The athens-state-bank-mobile-banking/id719748589 app 3.0.0 for iOS doe ...)
 	NOT-FOR-US: athens-state-bank-mobile-banking/id719748589 app
-CVE-2017-9571
+CVE-2017-9571 (The Citizens Community Bank (TN) ccb-mobile-banking/id610030469 app 3. ...)
 	NOT-FOR-US: Citizens Community Bank (TN) ccb-mobile-banking/id610030469 app
-CVE-2017-9570
+CVE-2017-9570 (The mount-vernon-bank-trust-mobile-banking/id542706679 app 3.0.0 for i ...)
 	NOT-FOR-US: mount-vernon-bank-trust-mobile-banking/id542706679 app
-CVE-2017-9569
+CVE-2017-9569 (The Citizens Bank (TX) cbtx-on-the-go/id892396102 app 3.0.0 for iOS do ...)
 	NOT-FOR-US: Citizens Bank (TX) cbtx-on-the-go/id892396102 app
-CVE-2017-9568
+CVE-2017-9568 (The financial-plus-mobile-banking/id731070564 app 3.0.3 for iOS does n ...)
 	NOT-FOR-US: financial-plus-mobile-banking/id731070564 app
-CVE-2017-9567
+CVE-2017-9567 (The avb-bank-mobile-banking/id592565443 app 3.0.0 for iOS does not ver ...)
 	NOT-FOR-US: avb-bank-mobile-banking/id592565443 app
-CVE-2017-9566
+CVE-2017-9566 (The fsb-dequeen-mobile-banking/id1091025340 app 3.0.1 for iOS does not ...)
 	NOT-FOR-US: fsb-dequeen-mobile-banking/id1091025340 app
-CVE-2017-9565
+CVE-2017-9565 (The first-security-bank-sleepy-eye-mobile/id870531890 app 3.0.0 for iO ...)
 	NOT-FOR-US: first-security-bank-sleepy-eye-mobile/id870531890 app
-CVE-2017-9564
+CVE-2017-9564 (The community-banks-cb2go/id445828071 app 3.1.3 for iOS does not verif ...)
 	NOT-FOR-US: community-banks-cb2go/id445828071 app
-CVE-2017-9563
+CVE-2017-9563 (The First Citizens Community Bank fccb/id809930960 app 3.0.1 for iOS d ...)
 	NOT-FOR-US: First Citizens Community Bank fccb/id809930960 app
-CVE-2017-9562
+CVE-2017-9562 (The Freedom First freedom-1st-credit-union-mobile-banking/id1085229458 ...)
 	NOT-FOR-US: Freedom First freedom-1st-credit-union-mobile-banking/id1085229458 app
-CVE-2017-9561
+CVE-2017-9561 (The Lee Bank &amp; Trust lbtc-mobile/id1068984753 app 3.0.1 for iOS do ...)
 	NOT-FOR-US: Lee Bank & Trust lbtc-mobile/id1068984753 app
-CVE-2017-9560
+CVE-2017-9560 (The cayuga-lake-national-bank/id1151601539 app 4.0.1 for iOS does not  ...)
 	NOT-FOR-US: cayuga-lake-national-bank/id1151601539 app
-CVE-2017-9559
+CVE-2017-9559 (The MEA Financial vision-bank/id420406345 app 3.0.1 for iOS does not v ...)
 	NOT-FOR-US: MEA Financial vision-bank/id420406345 app
-CVE-2017-9558
+CVE-2017-9558 (The wawa-employees-credit-union-mobile/id1158082793 app 4.0.1 for iOS  ...)
 	NOT-FOR-US: wawa-employees-credit-union-mobile/id1158082793 app
-CVE-2017-9557
+CVE-2017-9557 (register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allo ...)
 	NOT-FOR-US: EFS Software Easy Chat Server
-CVE-2017-9556
+CVE-2017-9556 (Cross-site scripting (XSS) vulnerability in Video Metadata Editor in S ...)
 	NOT-FOR-US: Synology Video Station
-CVE-2017-9555
+CVE-2017-9555 (Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in  ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-9554
+CVE-2017-9554 (An information exposure vulnerability in forget_passwd.cgi in Synology ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2017-9553
+CVE-2017-9553 (A design flaw in SYNO.API.Encryption in Synology DiskStation Manager ( ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2017-9552
+CVE-2017-9552 (A design flaw in authentication in Synology Photo Station 6.0-2528 thr ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2017-9551
+CVE-2017-9551 (Mahara 15.04 before 15.04.14 and 16.04 before 16.04.8 and 16.10 before ...)
 	- mahara <removed>
 CVE-2017-9550
 	RESERVED
 CVE-2017-9549
 	RESERVED
-CVE-2017-9548
+CVE-2017-9548 (admin.php in BigTree through 4.2.18 has a Cross-site Scripting (XSS) v ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9547
+CVE-2017-9547 (admin.php in BigTree through 4.2.18 has a Cross-site Scripting (XSS) v ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9546
+CVE-2017-9546 (admin.php in BigTree through 4.2.18 allows remote authenticated users  ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9545
+CVE-2017-9545 (The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows  ...)
 	- mpg123 1.25.4-1 (low; bug #870799)
 	[stretch] - mpg123 <no-dsa> (Minor issue)
 	[jessie] - mpg123 <no-dsa> (Minor issue)
 	[wheezy] - mpg123 <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/65
-CVE-2017-9544
+CVE-2017-9544 (There is a remote stack-based buffer overflow (SEH) in register.ghp in ...)
 	NOT-FOR-US: EFS Software Easy Chat Server
-CVE-2017-9543
+CVE-2017-9543 (register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allo ...)
 	NOT-FOR-US: EFS Software Easy Chat Server
-CVE-2017-9542
+CVE-2017-9542 (D-Link DIR-615 Wireless N 300 Router allows authentication bypass via  ...)
 	NOT-FOR-US: D-Link
 CVE-2017-9541
 	RESERVED
@@ -25757,36 +25757,36 @@ CVE-2017-9540
 	RESERVED
 CVE-2017-9539
 	RESERVED
-CVE-2017-9538
+CVE-2017-9538 (The 'Upload logo from external path' function of SolarWinds Network Pe ...)
 	NOT-FOR-US: SolarWinds Network Performance Monitor
-CVE-2017-9537
+CVE-2017-9537 (Persistent cross-site scripting (XSS) in the Add Node function of Sola ...)
 	NOT-FOR-US: SolarWinds Network Performance Monitor
-CVE-2017-9536
+CVE-2017-9536 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9535
+CVE-2017-9535 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9534
+CVE-2017-9534 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9533
+CVE-2017-9533 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9532
+CVE-2017-9532 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9531
+CVE-2017-9531 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers t ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9530
+CVE-2017-9530 (IrfanView version 4.44 (32bit) might allow attackers to cause a denial ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9529
+CVE-2017-9529 (XnView Classic for Windows Version 2.40 allows remote attackers to exe ...)
 	NOT-FOR-US: XnView
-CVE-2017-9528
+CVE-2017-9528 (IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows remote atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-9527
+CVE-2017-9527 (The mark_context_stack function in gc.c in mruby through 1.2.0 allows  ...)
 	[experimental] - mruby 1.2.0+20170601+git51e0e690-1
 	- mruby 1.3.0-1 (low; bug #865778)
 	[stretch] - mruby <no-dsa> (Minor issue)
 	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/issues/3486
 	NOTE: Fixed by: https://github.com/mruby/mruby/commit/5c114c91d4ff31859fcd84cf8bf349b737b90d99
-CVE-2017-9526
+CVE-2017-9526 (In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session ke ...)
 	{DSA-3880-1}
 	- libgcrypt20 1.7.6-2
 	- libgcrypt11 <not-affected> (Curve Ed25519 signing and verification introduced in 1.6.0)
@@ -25795,7 +25795,7 @@ CVE-2017-9526
 	NOTE: Curve Ed25519 signing and verification inplemented in 1.6.0 with
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=bc5199a02abe428ad377443280b3eda60141a1d6
 	NOTE: and following refactorings.
-CVE-2017-9524
+CVE-2017-9524 (The qemu-nbd server in QEMU (aka Quick Emulator), when built with the  ...)
 	{DSA-3925-1}
 	- qemu 1:2.8+dfsg-7 (bug #865755)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -25804,58 +25804,58 @@ CVE-2017-9524
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg06240.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02321.html
-CVE-2017-9525
+CVE-2017-9525 (In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-1 ...)
 	- cron 3.0pl1-129 (bug #864466)
 	[stretch] - cron <no-dsa> (Minor issue)
 	[jessie] - cron <no-dsa> (Minor issue)
 	[wheezy] - cron <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/08/3
-CVE-2017-9523
+CVE-2017-9523 (The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page ...)
 	NOT-FOR-US: Sophos
-CVE-2017-9522
+CVE-2017-9522 (The Time Warner firmware on Technicolor TC8717T devices sets the defau ...)
 	NOT-FOR-US: Time Warner firmware on Technicolor TC8717T devices
-CVE-2017-9521
+CVE-2017-9521 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9520
+CVE-2017-9520 (The r_config_set function in libr/config/config.c in radare2 1.5.0 all ...)
 	- radare2 1.6.0+dfsg-1 (low; bug #864533)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/f85bc674b2a2256a364fe796351bc1971e106005
 	NOTE: https://github.com/radare/radare2/issues/7698
-CVE-2017-9519
+CVE-2017-9519 (atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user  ...)
 	NOT-FOR-US: atmail
-CVE-2017-9518
+CVE-2017-9518 (atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMT ...)
 	NOT-FOR-US: atmail
-CVE-2017-9517
+CVE-2017-9517 (atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and imp ...)
 	NOT-FOR-US: atmail
-CVE-2017-9516
+CVE-2017-9516 (Craft CMS before 2.6.2982 allows for a potential XSS attack vector by  ...)
 	NOT-FOR-US: Craft CMS
 CVE-2017-9515
 	RESERVED
-CVE-2017-9514
+CVE-2017-9514 (Bamboo before 6.0.5, 6.1.x before 6.1.4, and 6.2.x before 6.2.1 had a  ...)
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-9513
+CVE-2017-9513 (Several rest inline action resources of Atlassian Activity Streams bef ...)
 	NOT-FOR-US: Atlassian Activity Streams
-CVE-2017-9512
+CVE-2017-9512 (The mostActiveCommitters.do resource in Atlassian FishEye and Crucible ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-9511
+CVE-2017-9511 (The MultiPathResource class in Atlassian FishEye and Crucible, before  ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-9510
+CVE-2017-9510 (The repository changelog resource in Atlassian FishEye before version  ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-9509
+CVE-2017-9509 (The review file upload resource in Atlassian Crucible before version 4 ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-9508
+CVE-2017-9508 (Various resources in Atlassian FishEye and Crucible before version 4.4 ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-9507
+CVE-2017-9507 (The review dashboard resource in Atlassian Crucible from version 4.1.0 ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-9506
+CVE-2017-9506 (The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 be ...)
 	NOT-FOR-US: Atlassian
-CVE-2017-9505
+CVE-2017-9505 (Atlassian Confluence starting with 4.3.0 before 6.2.1 did not check if ...)
 	NOT-FOR-US: Atlassian Confluence
 CVE-2017-9504
 	REJECTED
-CVE-2017-9503
+CVE-2017-9503 (QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host B ...)
 	{DLA-1497-1}
 	- qemu 1:2.10.0-1 (low; bug #865754)
 	[stretch] - qemu <ignored> (Minor issue, too intrusive to backport)
@@ -25871,80 +25871,80 @@ CVE-2017-9503
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=24c0c77af515acbf0f9705e8096f33ef24d37430
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=134550bf81a026e18cf58b81e2c2cceaf516f92e
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=660174fc1b346803b3f1d7c260e2a36329b66435
-CVE-2017-9502
+CVE-2017-9502 (In curl before 7.54.1 on Windows and DOS, libcurl's default protocol f ...)
 	- curl <not-affected> (Windows only)
-CVE-2017-9501
+CVE-2017-9501 (In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the func ...)
 	{DSA-3914-1 DLA-1081-1 DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (low; bug #867721)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/491
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/01843366d6a7b96e22ad7bb67f3df7d9fd4d5d74
-CVE-2017-9500
+CVE-2017-9500 (In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the func ...)
 	{DSA-4019-1 DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-13 (low; bug #867778)
 	[jessie] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/500
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/5d95b4c24a964114e2b1ae85c2b36769251ed11d
 	NOTE: Fixed by (6.x): https://github.com/ImageMagick/ImageMagick/commit/837085e7725f6eb591eb019e299c1ddcf34b9a79
-CVE-2017-9499
+CVE-2017-9499 (In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the func ...)
 	- imagemagick <not-affected> (Vulnerable code introduced later, only affects ImageMagick 7.x)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/492
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/7fd419441bc7103398e313558171d342c6315f44
-CVE-2017-9498
+CVE-2017-9498 (The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2. ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9497
+CVE-2017-9497 (The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2. ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9496
+CVE-2017-9496 (The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2. ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9495
+CVE-2017-9495 (The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2. ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9494
+CVE-2017-9494 (The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2. ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9493
+CVE-2017-9493 (The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2. ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9492
+CVE-2017-9492 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9491
+CVE-2017-9491 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9490
+CVE-2017-9490 (The Comcast firmware on Arris TG1682G (eMTA&amp;DOCSIS version 10.0.13 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9489
+CVE-2017-9489 (The Comcast firmware on Cisco DPC3939B (firmware version dpc3939b-v303 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9488
+CVE-2017-9488 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9487
+CVE-2017-9487 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9486
+CVE-2017-9486 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9485
+CVE-2017-9485 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9484
+CVE-2017-9484 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9483
+CVE-2017-9483 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9482
+CVE-2017-9482 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9481
+CVE-2017-9481 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9480
+CVE-2017-9480 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9479
+CVE-2017-9479 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9478
+CVE-2017-9478 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9477
+CVE-2017-9477 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9476
+CVE-2017-9476 (The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18 ...)
 	NOT-FOR-US: Comcast firmware on various devices
-CVE-2017-9475
+CVE-2017-9475 (Comcast XFINITY WiFi Home Hotspot devices allow remote attackers to sp ...)
 	NOT-FOR-US: Comcast XFINITY WiFi Home Hotspot devices
-CVE-2017-9474
+CVE-2017-9474 (In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remot ...)
 	- libytnef 1.9.3-1 (low; bug #870192)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/40
 	NOTE: https://blogs.gentoo.org/ago/2017/05/24/ytnef-heap-based-buffer-overflow-in-decompressrtf-ytnef-c/
-CVE-2017-9473
+CVE-2017-9473 (In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote ...)
 	- libytnef 1.9.3-1 (low; bug #870197)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
@@ -25952,181 +25952,181 @@ CVE-2017-9473
 	NOTE: https://github.com/Yeraze/ytnef/issues/42
 	NOTE: https?//github.com/Yeraze/ytnef/commit/a341b7f1bf8a2c59ece89f2d6cdc09856d501cc0
 	NOTE: https://blogs.gentoo.org/ago/2017/05/24/ytnef-memory-allocation-failure-in-tneffillmapi-ytnef-c/
-CVE-2017-9472
+CVE-2017-9472 (In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote at ...)
 	- libytnef 1.9.3-1 (low; bug #870193)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/41
 	NOTE: https://blogs.gentoo.org/ago/2017/05/24/ytnef-heap-based-buffer-overflow-in-swapdword-ytnef-c/
-CVE-2017-9471
+CVE-2017-9471 (In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote att ...)
 	- libytnef 1.9.3-1 (low; bug #870194)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/39
 	NOTE: https://blogs.gentoo.org/ago/2017/05/24/ytnef-heap-based-buffer-overflow-in-swapword-ytnef-c/
-CVE-2017-9470
+CVE-2017-9470 (In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote at ...)
 	- libytnef 1.9.3-1 (low; bug #870196)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/37
 	NOTE: https://blogs.gentoo.org/ago/2017/05/24/ytnef-null-pointer-dereference-in-mapiprint-ytnef-c/
-CVE-2017-9469
+CVE-2017-9469 (In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC f ...)
 	{DSA-3885-1 DLA-1088-1}
 	- irssi 1.0.3-1 (bug #864400)
 	NOTE: https://github.com/irssi/irssi/commit/30a92754bb650c3dedd507d41110443142899a65
 	NOTE: https://irssi.org/security/irssi_sa_2017_06.txt
-CVE-2017-9468
+CVE-2017-9468 (In Irssi before 1.0.3, when receiving a DCC message without source nic ...)
 	{DSA-3885-1 DLA-1088-1}
 	- irssi 1.0.3-1 (bug #864400)
 	NOTE: https://github.com/irssi/irssi/commit/528f51bfbe5c65c5b24546faa244009dd5b3c586
 	NOTE: https://irssi.org/security/irssi_sa_2017_06.txt
-CVE-2017-9467
+CVE-2017-9467 (Cross-site scripting (XSS) vulnerability in the GlobalProtect external ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-9466
+CVE-2017-9466 (The executable httpd on the TP-Link WR841N V8 router before TL-WR841N( ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-9465
+CVE-2017-9465 (The yr_arena_write_data function in YARA 3.6.1 allows remote attackers ...)
 	- yara 3.6.2+dfsg-1 (low; bug #864517)
 	[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - yara <ignored> (Minor issue, too intrusive to backport)
 	NOTE: https://github.com/VirusTotal/yara/issues/678
 	NOTE: https://github.com/VirusTotal/yara/commit/992480c30f75943e9cd6245bb2015c7737f9b661
-CVE-2017-9464
+CVE-2017-9464 (An open redirect vulnerability is present in Piwigo 2.9 and probably p ...)
 	- piwigo <removed>
-CVE-2017-9463
+CVE-2017-9463 (The application Piwigo is affected by a SQL injection vulnerability in ...)
 	- piwigo <removed>
 CVE-2017-9460
 	RESERVED
-CVE-2017-9459
+CVE-2017-9459 (Cross-site scripting (XSS) vulnerability in the management web interfa ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-9458
+CVE-2017-9458 (XML external entity (XXE) vulnerability in the GlobalProtect internal  ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-9457
+CVE-2017-9457 (Intense PC Phoenix SecureCore UEFI firmware does not perform capsule s ...)
 	NOT-FOR-US: Intense PC (aka MintBox 2) Phoenix SecureCore UEFI firmware
 CVE-2017-9456
 	RESERVED
 CVE-2017-9455
 	RESERVED
-CVE-2017-9454
+CVE-2017-9454 (Buffer overflow in the ares_parse_a_reply function in the embedded are ...)
 	- resiprocate 1:1.11.0~beta4-1 (unimportant)
 	NOTE: https://github.com/resiprocate/resiprocate/commit/d67a9ca6fd06ca65d23e313bdbad1ef4dd3aa0df
 	NOTE: Fixed sourcewise in 1:1.11.0~beta4-1 but unimportant since uses the
 	NOTE: system library.
 CVE-2017-9453
 	RESERVED
-CVE-2017-9452
+CVE-2017-9452 (Cross-site scripting (XSS) vulnerability in admin.php in Piwigo 2.9.0  ...)
 	- piwigo <removed>
-CVE-2017-9451
+CVE-2017-9451 (Cross site scripting (XSS) vulnerability in pages.edit_form.php in fla ...)
 	NOT-FOR-US: flatCore CMS
-CVE-2017-9450
+CVE-2017-9450 (The Amazon Web Services (AWS) CloudFormation bootstrap tools package ( ...)
 	NOT-FOR-US: Amazon Web Services (AWS) CloudFormation bootstrap tools package
-CVE-2017-9449
+CVE-2017-9449 (SQL injection vulnerability in BigTree CMS through 4.2.18 allows remot ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9448
+CVE-2017-9448 (Cross-site scripting (XSS) vulnerabilities in BigTree CMS through 4.2. ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9462
+CVE-2017-9462 (In Mercurial before 4.1.3, "hg serve --stdio" allows remote authentica ...)
 	{DLA-1414-1 DLA-1005-1}
 	- mercurial 4.3.1-1 (bug #861243)
 	[stretch] - mercurial 4.0-1+deb9u1
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.1.3_.282017-4-18.29
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/77eaf9539499
-CVE-2017-9461
+CVE-2017-9461 (smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of ser ...)
 	- samba 2:4.5.6+dfsg-1 (bug #864291)
 	[jessie] - samba <no-dsa> (Minor issue)
 	[wheezy] - samba <no-dsa> (Minor, non reproducible issue)
 	NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=10c3e3923022485c720f322ca4f0aca5d7501310
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=12572
-CVE-2017-9447
+CVE-2017-9447 (In the web interface of Parallels Remote Application Server (RAS) 15.5 ...)
 	NOT-FOR-US: Parallels Remote Application Server
 CVE-2017-9446
 	RESERVED
-CVE-2017-9445
+CVE-2017-9445 (In systemd through 233, certain sizes passed to dns_packet_new in syst ...)
 	- systemd 233-10 (bug #866147)
 	[stretch] - systemd 232-25+deb9u1
 	[jessie] - systemd <not-affected> (Vulnerable code not present)
 	[wheezy] - systemd <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by: https://github.com/systemd/systemd/commit/a0166609f782da91710dea9183d1bf138538db37
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/27/8
-CVE-2017-9444
+CVE-2017-9444 (BigTree CMS through 4.2.18 has CSRF related to the core\admin\modules\ ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9443
+CVE-2017-9443 (** DISPUTED ** BigTree CMS through 4.2.18 allows remote authenticated  ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9442
+CVE-2017-9442 (** DISPUTED ** BigTree CMS through 4.2.18 allows remote authenticated  ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9441
+CVE-2017-9441 (** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in  ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9440
+CVE-2017-9440 (In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPS ...)
 	{DSA-3914-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (low; bug #864273)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/462
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/c2be129c25763680afeca59f4de5d6d4240ca2cf
-CVE-2017-9439
+CVE-2017-9439 (In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPD ...)
 	{DSA-3914-1 DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (low; bug #864274)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/460
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/6c6abed989ea4a3ef472db65ab487c1809a3a718
-CVE-2017-9438
+CVE-2017-9438 (libyara/re.c in the regexp module in YARA 3.5.0 allows remote attacker ...)
 	- yara 3.6.1+dfsg-1 (low; bug #864518)
 	[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - yara <ignored> (Minor issue, too intrusive to backport)
 	NOTE: https://github.com/VirusTotal/yara/issues/674
 	NOTE: Fixed by: https://github.com/VirusTotal/yara/commit/10e8bd3071677dd1fa76beeef4bc2fc427cea5e7
-CVE-2017-9437
+CVE-2017-9437 (Openbravo Business Suite 3.0 is affected by SQL injection. This vulner ...)
 	NOT-FOR-US: Openbravo Business Suite
-CVE-2017-9436
+CVE-2017-9436 (TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.que ...)
 	NOT-FOR-US: TeamPass
-CVE-2017-9435
+CVE-2017-9435 (Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user ...)
 	- dolibarr 5.0.4+dfsg3-1 (bug #864569)
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/70636cc59ffa1ffbc0ce3dba315d7d9b837aad04
-CVE-2017-9434
+CVE-2017-9434 (Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read v ...)
 	- libcrypto++ 5.6.4-7 (bug #864214)
 	[jessie] - libcrypto++ <no-dsa> (Minor issue)
 	[wheezy] - libcrypto++ <no-dsa> (Minor issue)
 	NOTE: https://github.com/weidai11/cryptopp/issues/414
 	NOTE: https://github.com/weidai11/cryptopp/commit/07dbcc3d9644b18e05c1776db2a57fe04d780965
-CVE-2017-9433
+CVE-2017-9433 (Document Liberation Project libmwaw before 2017-04-08 has an out-of-bo ...)
 	{DSA-3875-1}
 	- libmwaw 0.3.9-2 (bug #864366)
 	NOTE: https://sourceforge.net/p/libmwaw/libmwaw/ci/68b3b74569881248bfb6cbb4266177cc253b292f/
-CVE-2017-9432
+CVE-2017-9432 (Document Liberation Project libstaroffice before 2017-04-07 has an out ...)
 	- libstaroffice 0.0.3-3 (bug #864207)
-CVE-2017-9431
+CVE-2017-9431 (Google gRPC before 2017-04-05 has an out-of-bounds write caused by a h ...)
 	- grpc 1.3.2-0.1 (bug #864210)
 	NOTE: https://github.com/grpc/grpc/pull/10492
 	NOTE: Fixed by: https://github.com/grpc/grpc/commit/c6ec1155d026c91b1badb07ef1605bb747cff064
-CVE-2017-9430
+CVE-2017-9430 (Stack-based buffer overflow in dnstracer through 1.9 allows attackers  ...)
 	- dnstracer <unfixed> (unimportant)
 	NOTE: Crash in CLI tool, disputable if any exposed service makes use of dnstrace.
 	NOTE: One scenario would be to have a web application that launches dnstracer
 	NOTE: with user supplied name strings to evaluate.
-CVE-2017-9429
+CVE-2017-9429 (SQL injection vulnerability in the Event List plugin 0.7.8 for WordPre ...)
 	NOT-FOR-US: Event List plugin for WordPress
-CVE-2017-9428
+CVE-2017-9428 (A directory traversal vulnerability exists in core\admin\ajax\develope ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9427
+CVE-2017-9427 (SQL injection vulnerability in BigTree CMS through 4.2.18 allows remot ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9426
+CVE-2017-9426 (ws.php in the Facetag extension 0.0.3 for Piwigo allows SQL injection  ...)
 	NOT-FOR-US: Piwigo extension
-CVE-2017-9425
+CVE-2017-9425 (The Facetag extension 0.0.3 for Piwigo allows XSS via the name paramet ...)
 	NOT-FOR-US: Piwigo extension
-CVE-2017-9424
+CVE-2017-9424 (IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attacker ...)
 	NOT-FOR-US: IdeaBlade Breeze Breeze.Server.NET
 CVE-2017-9423
 	RESERVED
 CVE-2017-9422
 	REJECTED
-CVE-2017-9421
+CVE-2017-9421 (Authentication Bypass vulnerability in Accellion kiteworks before 2017 ...)
 	NOT-FOR-US: Accellion kiteworks
-CVE-2017-9420
+CVE-2017-9420 (Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin ...)
 	NOT-FOR-US: Spiffy Calendar plugin for WordPress
-CVE-2017-9419
+CVE-2017-9419 (Cross-site scripting (XSS) vulnerability in the Webhammer WP Custom Fi ...)
 	NOT-FOR-US: Webhammer WP Custom Fields Search plugin for WordPress
-CVE-2017-9418
+CVE-2017-9418 (SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for Wo ...)
 	NOT-FOR-US: WP-Testimonials plugin for WordPress
-CVE-2017-9417
+CVE-2017-9417 (Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitra ...)
 	{DLA-1573-1}
 	- firmware-nonfree 20180518-1 (bug #869639)
 	[stretch] - firmware-nonfree 20161130-4
@@ -26134,15 +26134,15 @@ CVE-2017-9417
 	[wheezy] - firmware-nonfree <no-dsa> (non-free not supported)
 	NOTE: https://www.blackhat.com/us-17/briefings/schedule/#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets-7603
 	NOTE: https://marc.info/?l=linux-wireless&m=150391055518346&w=2
-CVE-2017-9416
+CVE-2017-9416 (Directory traversal vulnerability in tools.file_open in Odoo 8.0, 9.0, ...)
 	NOT-FOR-US: Odoo
-CVE-2017-9415
+CVE-2017-9415 (Cross-site request forgery (CSRF) vulnerability in subsonic 6.1.1 allo ...)
 	NOT-FOR-US: Subsonic
-CVE-2017-9414
+CVE-2017-9414 (Cross-site request forgery (CSRF) vulnerability in the Subscribe to Po ...)
 	NOT-FOR-US: Subsonic
-CVE-2017-9413
+CVE-2017-9413 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Podc ...)
 	NOT-FOR-US: Subsonic
-CVE-2017-9412
+CVE-2017-9412 (The unpack_read_samples function in frontend/get_audio.c in LAME 3.99. ...)
 	- lame 3.99.5+repack1-7
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	NOTE: Fixed by the improved 0001-Add-check-for-invalid-input-sample-rate.patch in
@@ -26150,46 +26150,46 @@ CVE-2017-9412
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/63
 	NOTE: https://sourceforge.net/p/lame/bugs/463/
 	NOTE: Invalid read in command line tool so no CVE is needed. MITRE contacted by ago@gentoo
-CVE-2017-9411
+CVE-2017-9411 (The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5  ...)
 	- lame 3.99.5+repack1-6
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/63
 	NOTE: https://sourceforge.net/p/lame/bugs/462/
 	NOTE: Duplicate of CVE-2015-9100
-CVE-2017-9410
+CVE-2017-9410 (The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5  ...)
 	- lame 3.99.5+repack1-6
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/63
 	NOTE: https://sourceforge.net/p/lame/bugs/461/
 	NOTE: Duplicate of CVE-2015-9101
-CVE-2017-9409
+CVE-2017-9409 (In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows atta ...)
 	{DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-11 (low; bug #864090)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/458
-CVE-2017-9408
+CVE-2017-9408 (In Poppler 0.54.0, a memory leak vulnerability was found in the functi ...)
 	{DSA-4079-1}
 	- poppler 0.57.0-2 (low; bug #864009)
 	[wheezy] - poppler <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100776
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=b21b041f7948680c03109f0c404400a9dbc4544c
-CVE-2017-9407
+CVE-2017-9407 (In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows at ...)
 	{DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-11 (low; bug #864089)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/459
-CVE-2017-9406
+CVE-2017-9406 (In Poppler 0.54.0, a memory leak vulnerability was found in the functi ...)
 	{DSA-4079-1}
 	- poppler 0.57.0-2 (low; bug #864010)
 	[wheezy] - poppler <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100775
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=278439531b13b0b047dbe3a75aa3f1b3407c8bd4
-CVE-2017-9405
+CVE-2017-9405 (In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allow ...)
 	{DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-11 (low; bug #864087)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/457
-CVE-2017-9404
+CVE-2017-9404 (In LibTIFF 4.0.7, a memory leak vulnerability was found in the functio ...)
 	{DLA-984-1 DLA-983-1}
 	- tiff 4.0.8-1
 	[jessie] - tiff 4.0.3-12.3+deb8u4
@@ -26206,7 +26206,7 @@ CVE-2017-9404
 	NOTE: 2ea32f7372b65c24b2816f11c04bf59b5090d05b commit the Direct leak of 73 byte
 	NOTE: with backtrace following the methods in http://bugzilla.maptools.org/show_bug.cgi?id=2688
 	NOTE: is shown.
-CVE-2017-9403
+CVE-2017-9403 (In LibTIFF 4.0.7, a memory leak vulnerability was found in the functio ...)
 	{DLA-984-1 DLA-983-1}
 	- tiff 4.0.8-1
 	[jessie] - tiff 4.0.3-12.3+deb8u4
@@ -26229,9 +26229,9 @@ CVE-2017-9396
 	RESERVED
 CVE-2017-9395
 	RESERVED
-CVE-2017-9394
+CVE-2017-9394 (A stored cross-site scripting vulnerability in CA Identity Governance  ...)
 	NOT-FOR-US: CA Identity Governance
-CVE-2017-9393
+CVE-2017-9393 (CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote a ...)
 	NOT-FOR-US: CA Identity Manager
 CVE-2017-9392
 	RESERVED
@@ -26257,17 +26257,17 @@ CVE-2017-9382
 	RESERVED
 CVE-2017-9381
 	RESERVED
-CVE-2017-9380
+CVE-2017-9380 (OpenEMR 5.0.0 and prior allows low-privilege users to upload files of  ...)
 	NOT-FOR-US: OpenEMR
-CVE-2017-9379
+CVE-2017-9379 (Multiple CSRF issues exist in BigTree CMS through 4.2.18 - the clear p ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9378
+CVE-2017-9378 (BigTree CMS through 4.2.18 does not prevent a user from deleting their ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9377
+CVE-2017-9377 (A command injection was identified on Barco ClickShare Base Unit devic ...)
 	NOT-FOR-US: Barco ClickShare Base Unit device
 CVE-2017-9376
 	RESERVED
-CVE-2017-9375
+CVE-2017-9375 (QEMU (aka Quick Emulator), when built with USB xHCI controller emulato ...)
 	{DSA-3991-1}
 	- qemu 1:2.10.0-1 (bug #864219)
 	[jessie] - qemu <no-dsa> (Minor issue)
@@ -26275,90 +26275,90 @@ CVE-2017-9375
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=96d87bdda3919bb16f754b3d3fd1227e1f38f13c
-CVE-2017-9374
+CVE-2017-9374 (Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emu ...)
 	{DSA-3920-1 DLA-1497-1}
 	- qemu 1:2.8+dfsg-7 (bug #864568)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0
-CVE-2017-9373
+CVE-2017-9373 (Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emu ...)
 	{DSA-3920-1 DLA-1497-1}
 	- qemu 1:2.8+dfsg-7 (bug #864216)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d68f0f778e7f4fbd674627274267f269e40f0b04
-CVE-2017-9371
+CVE-2017-9371 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0  ...)
 	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
-CVE-2017-9370
+CVE-2017-9370 (An information disclosure / elevation of privilege vulnerability in th ...)
 	NOT-FOR-US: BlackBerry
-CVE-2017-9369
+CVE-2017-9369 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0  ...)
 	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
-CVE-2017-9368
+CVE-2017-9368 (An information disclosure vulnerability in the BlackBerry Workspaces S ...)
 	NOT-FOR-US: BlackBerry Workspaces Server
-CVE-2017-9367
+CVE-2017-9367 (A directory traversal vulnerability in the BlackBerry Workspaces Serve ...)
 	NOT-FOR-US: BlackBerry Workspaces Server
-CVE-2017-9366
+CVE-2017-9366 (Telaxus EPESI 1.8.2 and earlier has a Stored Cross-site Scripting (XSS ...)
 	NOT-FOR-US: Telaxus EPESI
-CVE-2017-9365
+CVE-2017-9365 (CSRF exists in BigTree CMS through 4.2.18 with the force parameter to  ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9364
+CVE-2017-9364 (Unrestricted File Upload exists in BigTree CMS through 4.2.18: if an a ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-9363
+CVE-2017-9363 (Untrusted Java serialization in Soffid IAM console before 1.7.5 allows ...)
 	NOT-FOR-US: Soffid IAM console
 CVE-2017-9362
 	RESERVED
-CVE-2017-9361
+CVE-2017-9361 (WebsiteBaker v2.10.0 has a stored XSS vulnerability in /account/detail ...)
 	NOT-FOR-US: WebsiteBaker
-CVE-2017-9360
+CVE-2017-9360 (WebsiteBaker v2.10.0 has a SQL injection vulnerability in /account/det ...)
 	NOT-FOR-US: WebsiteBaker
 CVE-2017-9357
 	RESERVED
-CVE-2017-9356
+CVE-2017-9356 (Sitecore.NET 7.1 through 7.2 has a Cross Site Scripting Vulnerability  ...)
 	NOT-FOR-US: Sitecore.NET
-CVE-2017-9358
+CVE-2017-9358 (A memory exhaustion vulnerability exists in Asterisk Open Source 13.x  ...)
 	- asterisk 1:13.14.1~dfsg-2 (bug #863906)
 	[jessie] - asterisk <not-affected> (11.x series not affected)
 	[wheezy] - asterisk <not-affected> (Vulnerable code not present)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-004.txt
-CVE-2017-9359
+CVE-2017-9359 (The multi-part body parser in PJSIP, as used in Asterisk Open Source 1 ...)
 	{DSA-3933-1}
 	- pjproject 2.5.5~dfsg-6 (bug #863902)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-003.txt
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-26939
-CVE-2017-9372
+CVE-2017-9372 (PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x be ...)
 	{DSA-3933-1}
 	- pjproject 2.5.5~dfsg-6 (bug #863901)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-002.txt
-CVE-2017-9355
+CVE-2017-9355 (XML external entity (XXE) vulnerability in the import playlist feature ...)
 	NOT-FOR-US: Subsonic
-CVE-2017-9354
+CVE-2017-9354 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector co ...)
 	- wireshark 2.2.7-1 (bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-32.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13646
-CVE-2017-9353
+CVE-2017-9353 (In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was  ...)
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <not-affected> (Only affects 2.2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-33.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13675
-CVE-2017-9352
+CVE-2017-9352 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector  ...)
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-22.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599
-CVE-2017-9351
+CVE-2017-9351 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector co ...)
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-24.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609
-CVE-2017-9350
+CVE-2017-9350 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissec ...)
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -26367,44 +26367,44 @@ CVE-2017-9350
 	NOTE: When fixing this entry make sure to apply the complete fix and adding
 	NOTE: the related commits from the CVE-2017-11411. Otherwise those releases
 	NOTE: are opened to CVE-2017-11411, which exists because of an incomplete fix.
-CVE-2017-9349
+CVE-2017-9349 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector h ...)
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-27.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685
-CVE-2017-9348
+CVE-2017-9348 (In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end ...)
 	- wireshark 2.2.7-1 (bug #864058)
 	[jessie] - wireshark <not-affected> (Only affects 2.2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-23.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13608
-CVE-2017-9347
+CVE-2017-9347 (In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL ...)
 	- wireshark 2.2.7-1 (bug #864058)
 	[stretch] - wireshark <no-dsa> (Minor issue)
 	[jessie] - wireshark <not-affected> (Only affects 2.2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-31.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13637
-CVE-2017-9346
+CVE-2017-9346 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissecto ...)
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-25.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13631
-CVE-2017-9345
+CVE-2017-9345 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector cou ...)
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-26.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13633
-CVE-2017-9344
+CVE-2017-9344 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP d ...)
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-29.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13701
-CVE-2017-9343
+CVE-2017-9343 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector m ...)
 	- wireshark 2.2.7-1 (low; bug #864058)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -26414,27 +26414,27 @@ CVE-2017-9342
 	RESERVED
 CVE-2017-9341
 	RESERVED
-CVE-2017-9340
+CVE-2017-9340 (An attacker is logged in as a normal user and can somehow make admin t ...)
 	- owncloud <removed>
-CVE-2017-9339
+CVE-2017-9339 (A logical error in ownCloud Server before 10.0.2 caused disclosure of  ...)
 	- owncloud <removed>
-CVE-2017-9338
+CVE-2017-9338 (Inadequate escaping lead to XSS vulnerability in the search module in  ...)
 	- owncloud <removed>
-CVE-2017-9337
+CVE-2017-9337 (The Markdown on Save Improved plugin 2.5 for WordPress has a stored XS ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-9336
+CVE-2017-9336 (The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerabili ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2017-9335
 	RESERVED
-CVE-2017-9333
+CVE-2017-9333 (OpenWebif 1.2.5 allows remote code execution via a URL to the CallOPKG ...)
 	NOT-FOR-US: OpenWebif
-CVE-2017-9332
+CVE-2017-9332 (The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 ...)
 	NOT-FOR-US: PivotX
-CVE-2017-9331
+CVE-2017-9331 (The Agenda component in Telaxus EPESI 1.8.2 and earlier has a Stored C ...)
 	NOT-FOR-US: Telaxus EPESI
 CVE-2017-9329
 	RESERVED
-CVE-2017-9328
+CVE-2017-9328 (Shell metacharacter injection vulnerability in /usr/www/include/ajax/G ...)
 	NOT-FOR-US: TerraMaster TOS
 CVE-2017-9327
 	RESERVED
@@ -26442,21 +26442,21 @@ CVE-2017-9326
 	RESERVED
 CVE-2017-9325
 	RESERVED
-CVE-2017-9334
+CVE-2017-9334 (An incorrect "pair?" check in the Scheme "length" procedure results in ...)
 	- chicken 4.12.0-0.2 (low; bug #863884)
 	[stretch] - chicken <no-dsa> (Minor issue)
 	[jessie] - chicken <no-dsa> (Minor issue)
 	[wheezy] - chicken <no-dsa> (Minor issue)
 	NOTE: Original announcement: http://lists.nongnu.org/archive/html/chicken-announce/2017-05/msg00000.html
 	NOTE: Patch: http://lists.nongnu.org/archive/html/chicken-hackers/2017-05/msg00099.html
-CVE-2017-9330
+CVE-2017-9330 (QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI E ...)
 	{DSA-3920-1 DLA-1497-1}
 	- qemu 1:2.8+dfsg-7 (bug #863943)
 	[wheezy] - qemu <not-affected> (Vulnerable code no present)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code no present)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=26f670a244982335cc08943fb1ec099a2c81e42d
-CVE-2017-9324
+CVE-2017-9324 (In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through ...)
 	{DSA-3876-1}
 	- otrs2 5.0.20-1 (bug #864319)
 	[stretch] - otrs2 5.0.16-1+deb9u1
@@ -26475,17 +26475,17 @@ CVE-2017-9319
 	RESERVED
 CVE-2017-9318
 	RESERVED
-CVE-2017-9317
+CVE-2017-9317 (Privilege escalation vulnerability found in some Dahua IP devices. Att ...)
 	NOT-FOR-US: Dahua
-CVE-2017-9316
+CVE-2017-9316 (Firmware upgrade authentication bypass vulnerability was found in Dahu ...)
 	NOT-FOR-US: Dahua
-CVE-2017-9315
+CVE-2017-9315 (Customer of Dahua IP camera or IP PTZ could submit relevant device inf ...)
 	NOT-FOR-US: Dahua
-CVE-2017-9314
+CVE-2017-9314 (Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52X ...)
 	NOT-FOR-US: Dahua NVR
-CVE-2017-9313
+CVE-2017-9313 (Multiple Cross-site scripting (XSS) vulnerabilities in Webmin before 1 ...)
 	- webmin <removed>
-CVE-2017-9312
+CVE-2017-9312 (Improperly implemented option-field processing in the TCP/IP stack on  ...)
 	NOT-FOR-US: Allen-Bradley
 CVE-2017-9311
 	RESERVED
@@ -26493,24 +26493,24 @@ CVE-2017-9309
 	RESERVED
 CVE-2017-9308
 	RESERVED
-CVE-2017-9307
+CVE-2017-9307 (SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows remo ...)
 	NOT-FOR-US: Allen Disk
-CVE-2017-9306
+CVE-2017-9306 (inc/SP/Html/Html.class.php in sysPass 2.1.9 allows remote attackers to ...)
 	NOT-FOR-US: sysPass
-CVE-2017-9305
+CVE-2017-9305 (lib/core/TikiFilter/PreventXss.php in Tiki Wiki CMS Groupware 16.2 all ...)
 	- tikiwiki <removed>
-CVE-2017-9304
+CVE-2017-9304 (libyara/re.c in the regexp module in YARA 3.5.0 allows remote attacker ...)
 	- yara 3.6.1+dfsg-1 (bug #863842)
 	[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - yara <ignored> (Minor issue, too intrusive to backport)
 	NOTE: https://github.com/VirusTotal/yara/issues/674
 	NOTE: https://github.com/VirusTotal/yara/commit/925bcf3c3b0a28b5b78e25d9efda5c0bf27ae699
-CVE-2017-1000380
+CVE-2017-1000380 (sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to  ...)
 	{DSA-3981-1 DLA-1099-1}
 	- linux 4.11.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/d11662f4f798b50d8c8743f433842c3e40fe3378 (v4.12-rc5)
 	NOTE: Fixed by: https://git.kernel.org/linus/ba3021b2c79b2fa9114f92790a99deb27a65b728 (v4.12-rc5)
-CVE-2017-1000368
+CVE-2017-1000368 (Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an in ...)
 	{DLA-1011-1}
 	- sudo 1.8.20p1-1.1 (bug #863897)
 	[buster] - sudo 1.8.19p1-2.1
@@ -26518,7 +26518,7 @@ CVE-2017-1000368
 	[jessie] - sudo 1.8.10p3-1+deb8u5
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/02/7
 	NOTE: https://www.sudo.ws/repos/sudo/raw-rev/15a46f4007dd
-CVE-2017-1000367
+CVE-2017-1000367 (Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an inpu ...)
 	{DSA-3867-1 DLA-970-1}
 	- sudo 1.8.20p1-1 (bug #863731)
 	[buster] - sudo 1.8.19p1-2
@@ -26526,7 +26526,7 @@ CVE-2017-1000367
 	NOTE: https://www.sudo.ws/alerts/linux_tty.html
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/30/16
 	NOTE: https://www.sudo.ws/repos/sudo/raw-rev/b5460cbbb11b
-CVE-2017-9310
+CVE-2017-9310 (QEMU (aka Quick Emulator), when built with the e1000e NIC emulation su ...)
 	{DSA-3920-1}
 	- qemu 1:2.8+dfsg-7 (bug #863840)
 	[jessie] - qemu <not-affected> (Vulnerable code not present; e1000e introduced in 2.7.0-rc0)
@@ -26534,69 +26534,69 @@ CVE-2017-9310
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4154c7e03fa55b4cf52509a83d50d6c09d743b7
-CVE-2017-9303
+CVE-2017-9303 (Laravel 5.4.x before 5.4.22 does not properly constrain the host porti ...)
 	NOT-FOR-US: Laravel
-CVE-2017-9302
+CVE-2017-9302 (RealPlayer 16.0.2.32 allows remote attackers to cause a denial of serv ...)
 	NOT-FOR-US: RealPlayer
-CVE-2017-9301
+CVE-2017-9301 (plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media ...)
 	- vlc 2.2.5.1-1
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9300
+CVE-2017-9300 (plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 al ...)
 	{DSA-4045-1}
 	- vlc 2.2.6-3
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commit;h=55a82442cfea9dab8b853f3a4610f2880c5fadf3
-CVE-2017-9299
+CVE-2017-9299 (Open Ticket Request System (OTRS) 3.3.9 has XSS in index.pl?Action=Age ...)
 	NOTE: This report for OTRS is quite vague/unclear and upstream can
 	NOTE: not track the issue down to a specific fixed release claims though that
 	NOTE: it should not be reproducible with versions later than 3.3.17.
-CVE-2017-9298
+CVE-2017-9298 (Cross-site scripting vulnerability in Hitachi Device Manager before 8. ...)
 	NOT-FOR-US: Hitacho Device Manager
-CVE-2017-9297
+CVE-2017-9297 (Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01  ...)
 	NOT-FOR-US: Hitacho Device Manager
-CVE-2017-9296
+CVE-2017-9296 (Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01  ...)
 	NOT-FOR-US: Hitacho Device Manager
-CVE-2017-9295
+CVE-2017-9295 (XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitach ...)
 	NOT-FOR-US: Hitacho Device Manager
-CVE-2017-9294
+CVE-2017-9294 (RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows rem ...)
 	NOT-FOR-US: Hitacho Device Manager
 CVE-2017-9293
 	RESERVED
-CVE-2017-9292
+CVE-2017-9292 (Lansweeper before 6.0.0.65 has XSS in an image retrieval URI, aka Bug  ...)
 	NOT-FOR-US: Lansweeper
 CVE-2017-9291
 	RESERVED
 CVE-2017-9290
 	RESERVED
-CVE-2017-9289
+CVE-2017-9289 (Bram Korsten Note through 1.2.0 is vulnerable to a reflected XSS in no ...)
 	NOT-FOR-US: Bram Korsten Note
-CVE-2017-9288
+CVE-2017-9288 (The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a reflected  ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-9286
+CVE-2017-9286 (The packaging of NextCloud in openSUSE used /srv/www/htdocs in an unsa ...)
 	NOT-FOR-US: OpenSUSE specific packaging issue of NextCloud
-CVE-2017-9285
+CVE-2017-9285 (NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions whe ...)
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2017-9284
+CVE-2017-9284 (IDM 4.6 Identity Applications prior to 4.6.2.1 may expose sensitive in ...)
 	NOT-FOR-US: IDM
-CVE-2017-9283
+CVE-2017-9283 (An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus Vi ...)
 	NOT-FOR-US: Micro Focus VisiBroker
-CVE-2017-9282
+CVE-2017-9282 (An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787)  ...)
 	NOT-FOR-US: Micro Focus VisiBroker
-CVE-2017-9281
+CVE-2017-9281 (An integer overflow (CWE-190) potentially causing an out-of-bounds rea ...)
 	NOT-FOR-US: Micro Focus VisiBroker
-CVE-2017-9280
+CVE-2017-9280 (Some NetIQ Identity Manager Applications before Identity Manager 4.5.6 ...)
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2017-9279
+CVE-2017-9279 (NetIQ Identity Manager before 4.5.6.1 allowed uploading files with dou ...)
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2017-9278
+CVE-2017-9278 (The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS l ...)
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2017-9277
+CVE-2017-9277 (The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to  ...)
 	NOT-FOR-US: Novell eDirectory
-CVE-2017-9276
+CVE-2017-9276 (Novell Access Manager iManager before 4.3.3 did not validate parameter ...)
 	NOT-FOR-US: Novell Access Manager iManager
-CVE-2017-9275
+CVE-2017-9275 (NetIQ Identity Reporting, in versions prior to 5.5 Service Pack 1, is  ...)
 	NOT-FOR-US: NetIQ Identity Reporting
-CVE-2017-9274
+CVE-2017-9274 (A shell command injection in the obs-service-source_validator before 0 ...)
 	- osc 0.162.1-1 (bug #887391)
 	[stretch] - osc <no-dsa> (Minor issue)
 	[jessie] - osc <no-dsa> (Minor issue)
@@ -26605,127 +26605,127 @@ CVE-2017-9274
 	NOTE: SUSE adressed the issue not only in the obs-service-source_validator
 	NOTE: and adding a validation in 0.162.0 when using OBS 2.9, cf.:
 	NOTE: https://github.com/openSUSE/osc/commit/f0325eb0b58c266eb0905ccf827dc7eb864378a1
-CVE-2017-9273
+CVE-2017-9273 (The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptib ...)
 	NOT-FOR-US: IDM
-CVE-2017-9272
+CVE-2017-9272 (The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptib ...)
 	NOT-FOR-US: IDM
-CVE-2017-9271
+CVE-2017-9271 (The commandline package update tool zypper writes HTTP proxy credentia ...)
 	- zypper <unfixed> (low)
 	[buster] - zypper <ignored> (Minor issue)
 	[jessie] - zypper <ignored> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1050625
-CVE-2017-9270
+CVE-2017-9270 (In cryptctl before version 2.0 a malicious server could send RPC reque ...)
 	NOT-FOR-US: SuSE cryptctl
-CVE-2017-9269
+CVE-2017-9269 (In libzypp before August 2018 GPG keys attached to YUM repositories we ...)
 	- libzypp 17.3.1-1 (bug #899065)
 	[jessie] - libzypp <ignored> (Minor issue)
-CVE-2017-9268
+CVE-2017-9268 (In the open build service before 201707022 the wipetrigger and rebuild ...)
 	- open-build-service <unfixed> (low)
 	[stretch] - open-build-service <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1045519
-CVE-2017-9267
+CVE-2017-9267 (In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictl ...)
 	NOT-FOR-US: Novell eDirectory
 CVE-2017-9266
 	RESERVED
-CVE-2017-9265
+CVE-2017-9265 (In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsin ...)
 	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch 2.8.1+dfsg1-2 (unimportant; bug #863662)
 	[jessie] - openvswitch <not-affected> (Vulnerable code not present)
 	[wheezy] - openvswitch <not-affected> (Vulnerable code not present)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332965.html
 	NOTE: OpenFlow 1.5 support still incomplete
-CVE-2017-9264
+CVE-2017-9264 (In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS ...)
 	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch 2.8.1+dfsg1-2 (unimportant; bug #863661)
 	[jessie] - openvswitch <not-affected> (Vulnerable code not present; connection tracking support introduced in 2.6.0)
 	[wheezy] - openvswitch <not-affected> (Vulnerable code not present; connection tracking support introduced in 2.6.0)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-March/329323.html
 	NOTE: Userspace data path not enabled in Debian packaging
-CVE-2017-9263
+CVE-2017-9263 (In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status mes ...)
 	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch 2.8.1+dfsg1-2 (unimportant; bug #863655)
 	[jessie] - openvswitch <not-affected> (No controllers implemented, cf. #863655)
 	[wheezy] - openvswitch <not-affected> (No controllers implemented, cf. #863655)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332966.html
 	NOTE: Controllers shipped in Debian not vulnerable, see #863655
-CVE-2017-9262
+CVE-2017-9262 (In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c  ...)
 	{DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-10 (low; bug #863834)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/475
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4649578df8dcbfb2b08d8623d52486dc124da3a8
-CVE-2017-9261
+CVE-2017-9261 (In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c  ...)
 	{DLA-1000-1}
 	- imagemagick 8:6.9.7.4+dfsg-10 (low; bug #863833)
 	[jessie] - imagemagick 8:6.8.9.9-5+deb8u10
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/476
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/01d522e990aa57cbe67d222dd5e8f7196cc6d199
-CVE-2017-9260
+CVE-2017-9260 (The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_opti ...)
 	- soundtouch 1.9.2-3 (low; bug #870857)
 	[stretch] - soundtouch 1.9.2-2+deb9u1
 	[jessie] - soundtouch 1.8.0-1+deb8u1
 	[wheezy] - soundtouch <no-dsa> (Minor issue)
-CVE-2017-9259
+CVE-2017-9259 (The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TD ...)
 	- soundtouch 1.9.2-3 (low; bug #870856)
 	[stretch] - soundtouch 1.9.2-2+deb9u1
 	[jessie] - soundtouch 1.8.0-1+deb8u1
 	[wheezy] - soundtouch <no-dsa> (Minor issue)
-CVE-2017-9258
+CVE-2017-9258 (The TDStretch::processSamples function in source/SoundTouch/TDStretch. ...)
 	- soundtouch 1.9.2-3 (low; bug #870854)
 	[stretch] - soundtouch 1.9.2-2+deb9u1
 	[jessie] - soundtouch 1.8.0-1+deb8u1
 	[wheezy] - soundtouch <no-dsa> (Minor issue)
-CVE-2017-9257
+CVE-2017-9257 (The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware Adv ...)
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9256
+CVE-2017-9256 (The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Adv ...)
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9255
+CVE-2017-9255 (The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Adv ...)
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9254
+CVE-2017-9254 (The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Adv ...)
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9253
+CVE-2017-9253 (The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Adv ...)
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9287
+CVE-2017-9287 (servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to ...)
 	{DSA-3868-1 DLA-972-1}
 	- openldap 2.4.44+dfsg-5 (bug #863563)
 	NOTE: http://www.openldap.org/its/?findid=8655
 	NOTE: https://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e
-CVE-2017-9252
+CVE-2017-9252 (andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-9251
+CVE-2017-9251 (andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-9250
+CVE-2017-9250 (The lexer_process_char_literal function in jerry-core/parser/js/js-lex ...)
 	NOT-FOR-US: jerryscript
-CVE-2017-9249
+CVE-2017-9249 (Cross-site scripting (XSS) vulnerability in Allen Disk 1.6 allows remo ...)
 	NOT-FOR-US: Allen Disk
-CVE-2017-9248
+CVE-2017-9248 (Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2 ...)
 	NOT-FOR-US: Progress Telerik UI for ASP.NET AJAX
-CVE-2017-9247
+CVE-2017-9247 (Multiple unquoted service path vulnerabilities in Sierra Wireless Wind ...)
 	NOT-FOR-US: Sierra Wireless Windows Mobile Broadband Driver Packages
-CVE-2017-9246
+CVE-2017-9246 (New Relic .NET Agent before 6.3.123.0 adds SQL injection flaws to safe ...)
 	NOT-FOR-US: New Relic .NET Agent
-CVE-2017-9245
+CVE-2017-9245 (The Google News and Weather application before 3.3.1 for Android allow ...)
 	NOT-FOR-US: Google News and Weather application for Android
-CVE-2017-9244
+CVE-2017-9244 (Cross-site scripting (XSS) vulnerability in the Trello app before 4.0. ...)
 	NOT-FOR-US: Trello
-CVE-2017-9243
+CVE-2017-9243 (Aries QWR-1104 Wireless-N Router with Firmware Version WRC.253.2.0913  ...)
 	NOT-FOR-US: Aries QWR-1104 Wireless-N Router
-CVE-2017-9242
+CVE-2017-9242 (The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux k ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: https://git.kernel.org/linus/232cd35d0804cc241eb887bb8d4d9b3b9881c64a
@@ -26733,7 +26733,7 @@ CVE-2017-9241
 	RESERVED
 CVE-2017-9240
 	RESERVED
-CVE-2017-9239
+CVE-2017-9239 (An issue was discovered in Exiv2 0.26. When the data structure of the  ...)
 	{DLA-963-1}
 	- exiv2 0.25-3.1 (bug #863410)
 	[jessie] - exiv2 <ignored> (Minor issue)
@@ -26749,91 +26749,91 @@ CVE-2017-9235
 	RESERVED
 CVE-2017-9234
 	RESERVED
-CVE-2017-9233
+CVE-2017-9233 (XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat ...)
 	{DSA-3898-1 DLA-990-1}
 	- expat 2.2.1-1
 	NOTE: https://libexpat.github.io/doc/cve-2017-9233/
 	NOTE: https://github.com/libexpat/libexpat/commit/c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f
-CVE-2017-9232
+CVE-2017-9232 (Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a ...)
 	- juju <removed>
-CVE-2017-9231
+CVE-2017-9231 (XML external entity (XXE) vulnerability in Citrix XenMobile Server 9.x ...)
 	NOT-FOR-US: Citrix
-CVE-2017-9230
+CVE-2017-9230 (** DISPUTED ** The Bitcoin Proof-of-Work algorithm does not consider a ...)
 	NOT-FOR-US: Bitcoin Proof-of-Work algorithm
-CVE-2017-9229
+CVE-2017-9229 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod i ...)
 	{DLA-958-1}
 	- libonig 6.1.3-2 (bug #863318)
 	[jessie] - libonig 5.9.5-3.2+deb8u1
 	NOTE: https://github.com/kkos/oniguruma/issues/59
 	NOTE: https://github.com/kkos/oniguruma/commit/b690371bbf97794b4a1d3f295d4fb9a8b05d402d
-CVE-2017-9228
+CVE-2017-9228 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod i ...)
 	{DLA-958-1}
 	- libonig 6.1.3-2 (bug #863316)
 	[jessie] - libonig 5.9.5-3.2+deb8u1
 	NOTE: https://github.com/kkos/oniguruma/commit/3b63d12038c8d8fc278e81c942fa9bec7c704c8b
 	NOTE: https://github.com/kkos/oniguruma/issues/60
-CVE-2017-9227
+CVE-2017-9227 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod i ...)
 	{DLA-958-1}
 	- libonig 6.1.3-2 (bug #863315)
 	[jessie] - libonig 5.9.5-3.2+deb8u1
 	NOTE: https://github.com/kkos/oniguruma/commit/9690d3ab1f9bcd2db8cbe1fe3ee4a5da606b8814
 	NOTE: https://github.com/kkos/oniguruma/issues/58
-CVE-2017-9226
+CVE-2017-9226 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod i ...)
 	{DLA-958-1}
 	- libonig 6.1.3-2 (bug #863314)
 	[jessie] - libonig 5.9.5-3.2+deb8u1
 	NOTE: https://github.com/kkos/oniguruma/commit/b4bf968ad52afe14e60a2dc8a95d3555c543353a
 	NOTE: https://github.com/kkos/oniguruma/commit/f015fbdd95f76438cd86366467bb2b39870dd7c6
 	NOTE: https://github.com/kkos/oniguruma/issues/55
-CVE-2017-9225
+CVE-2017-9225 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod i ...)
 	- libonig 6.1.3-2 (bug #863313)
 	[jessie] - libonig <not-affected> (Vulnerable code introduced later)
 	[wheezy] - libonig <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/kkos/oniguruma/commit/166a6c3999bf06b4de0ab4ce6b088a468cc4029f
 	NOTE: https://github.com/kkos/oniguruma/issues/56
-CVE-2017-9224
+CVE-2017-9224 (An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod i ...)
 	{DLA-958-1}
 	- libonig 6.1.3-2 (bug #863312)
 	[jessie] - libonig 5.9.5-3.2+deb8u1
 	NOTE: https://github.com/kkos/oniguruma/commit/690313a061f7a4fa614ec5cc8368b4f2284e059b
 	NOTE: https://github.com/kkos/oniguruma/issues/57
-CVE-2017-9223
+CVE-2017-9223 (The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Adv ...)
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9222
+CVE-2017-9222 (The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Adv ...)
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9221
+CVE-2017-9221 (The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Adv ...)
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9220
+CVE-2017-9220 (The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Adv ...)
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9219
+CVE-2017-9219 (The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Adv ...)
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9218
+CVE-2017-9218 (The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Adv ...)
 	{DLA-1077-1}
 	- faad2 2.8.1-1 (low; bug #867724)
 	[stretch] - faad2 2.8.0~cvs20161113-1+deb9u1
 	[jessie] - faad2 2.7-8+deb8u1
-CVE-2017-9217
+CVE-2017-9217 (systemd-resolved through 233 allows remote attackers to cause a denial ...)
 	[experimental] - systemd 233-8
 	- systemd 232-24 (bug #863277)
 	[jessie] - systemd <not-affected> (vulnerable code introduced later)
 	[wheezy] - systemd <not-affected> (vulnerable code introduced later)
 	NOTE: https://github.com/systemd/systemd/pull/5998
-CVE-2017-9216
+CVE-2017-9216 (libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscri ...)
 	- jbig2dec 0.13-5 (bug #863279)
 	[stretch] - jbig2dec <no-dsa> (Minor issue)
 	[jessie] - jbig2dec <no-dsa> (Minor issue)
@@ -26842,7 +26842,7 @@ CVE-2017-9216
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3ebffb1d96ba0cacec23016eccb4047dab365853
 CVE-2017-9215
 	RESERVED
-CVE-2017-9214
+CVE-2017-9214 (In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_RE ...)
 	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch 2.8.1+dfsg1-2 (bug #863228)
 	[stretch] - openvswitch <no-dsa> (Minor issue)
@@ -26851,169 +26851,169 @@ CVE-2017-9214
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html
 CVE-2017-9213
 	RESERVED
-CVE-2017-9212
+CVE-2017-9212 (The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the  ...)
 	NOT-FOR-US: Bluetooth stack on the BMW 330i 2011
-CVE-2017-9211
+CVE-2017-9211 (The crypto_skcipher_init_tfm function in crypto/skcipher.c in the Linu ...)
 	- linux 4.9.30-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/9933e113c2e87a9f46a40fde8dafbf801dca1ab9
-CVE-2017-9200
+CVE-2017-9200 (libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in typ ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9199
+CVE-2017-9199 (libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in typ ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9198
+CVE-2017-9198 (libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in typ ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9197
+CVE-2017-9197 (libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in typ ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9196
+CVE-2017-9196 (libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue i ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9195
+CVE-2017-9195 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read i ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9194
+CVE-2017-9194 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read i ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9193
+CVE-2017-9193 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read i ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9192
+CVE-2017-9192 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9191
+CVE-2017-9191 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9190
+CVE-2017-9190 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9189
+CVE-2017-9189 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9188
+CVE-2017-9188 (libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be rep ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9187
+CVE-2017-9187 (libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in typ ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9186
+CVE-2017-9186 (libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in typ ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9185
+CVE-2017-9185 (libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in typ ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9184
+CVE-2017-9184 (libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in typ ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9183
+CVE-2017-9183 (libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in typ ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9182
+CVE-2017-9182 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9181
+CVE-2017-9181 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9180
+CVE-2017-9180 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9179
+CVE-2017-9179 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9178
+CVE-2017-9178 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9177
+CVE-2017-9177 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9176
+CVE-2017-9176 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9175
+CVE-2017-9175 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9174
+CVE-2017-9174 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9173
+CVE-2017-9173 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9172
+CVE-2017-9172 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9171
+CVE-2017-9171 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read i ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9170
+CVE-2017-9170 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9169
+CVE-2017-9169 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9168
+CVE-2017-9168 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9167
+CVE-2017-9167 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9166
+CVE-2017-9166 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read i ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9165
+CVE-2017-9165 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read i ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9164
+CVE-2017-9164 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read i ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9163
+CVE-2017-9163 (libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in typ ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9162
+CVE-2017-9162 (libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in typ ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9161
+CVE-2017-9161 (libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in typ ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9160
+CVE-2017-9160 (libautotrace.a in AutoTrace 0.31.1 has a stack-based buffer overflow i ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9159
+CVE-2017-9159 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9158
+CVE-2017-9158 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9157
+CVE-2017-9157 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9156
+CVE-2017-9156 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9155
+CVE-2017-9155 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9154
+CVE-2017-9154 (libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a  ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9153
+CVE-2017-9153 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9152
+CVE-2017-9152 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read i ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9151
+CVE-2017-9151 (libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in ...)
 	- autotrace <removed>
 	[wheezy] - autotrace <end-of-life> (Not supported in wheezy LTS)
-CVE-2017-9150
+CVE-2017-9150 (The do_check function in kernel/bpf/verifier.c in the Linux kernel bef ...)
 	- linux 4.9.30-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/0d0e57697f162da4aa218b5feafe614fb666db07
-CVE-2017-9210
+CVE-2017-9210 (libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of s ...)
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #863390)
 	[stretch] - qpdf <no-dsa> (Minor issue)
@@ -27021,7 +27021,7 @@ CVE-2017-9210
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/23/10
 	NOTE: https://github.com/qpdf/qpdf/issues/101
-CVE-2017-9209
+CVE-2017-9209 (libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of s ...)
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #863390)
 	[stretch] - qpdf <no-dsa> (Minor issue)
@@ -27029,7 +27029,7 @@ CVE-2017-9209
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/23/10
 	NOTE: https://github.com/qpdf/qpdf/issues/100
-CVE-2017-9208
+CVE-2017-9208 (libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of s ...)
 	[experimental] - qpdf 7.0~b1-1
 	- qpdf 7.0.0-1 (low; bug #863390)
 	[stretch] - qpdf <no-dsa> (Minor issue)
@@ -27037,149 +27037,149 @@ CVE-2017-9208
 	[wheezy] - qpdf <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/23/10
 	NOTE: https://github.com/qpdf/qpdf/issues/99
-CVE-2017-9207
+CVE-2017-9207 (The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9206
+CVE-2017-9206 (The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9205
+CVE-2017-9205 (The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9204
+CVE-2017-9204 (The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9203
+CVE-2017-9203 (imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allo ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9202
+CVE-2017-9202 (imagew-cmd.c:854:45 in libimageworsener.a in ImageWorsener 1.3.1 allow ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9201
+CVE-2017-9201 (imagew-cmd.c:850:46 in libimageworsener.a in ImageWorsener 1.3.1 allow ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9148
+CVE-2017-9148 (The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before  ...)
 	{DLA-977-1}
 	- freeradius 3.0.12+dfsg-5 (bug #863673)
 	[jessie] - freeradius <not-affected> (Only affects 2.1.1 to 2.1.7 and 3.0 to 3.0.13)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/29/1
 	NOTE: http://freeradius.org/security.html#session-resumption-2017
 	NOTE: https://anonscm.debian.org/cgit/pkg-freeradius/freeradius.git/commit/?id=8d681449aa95ee4388b5e3c266bdb070a264f563
-CVE-2017-9147
+CVE-2017-9147 (LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in ti ...)
 	{DLA-984-1 DLA-983-1}
 	- tiff 4.0.8-2 (bug #863185)
 	[jessie] - tiff 4.0.3-12.3+deb8u4
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2693
-CVE-2017-9146
+CVE-2017-9146 (The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through  ...)
 	- libytnef 1.9.3-1 (bug #862707)
 	[stretch] - libytnef <no-dsa> (Minor issue, can be fixed via a point update)
 	[jessie] - libytnef <no-dsa> (Minor issue, can be fixed via a point update)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/47
 	NOTE: https://github.com/Yeraze/ytnef/commit/c576639e7e6bd9c7de0a288b9f94590d34ac9215
-CVE-2017-9145
+CVE-2017-9145 (TikiFilter.php in Tiki Wiki CMS Groupware 12.x through 16.x does not p ...)
 	- tikiwiki <removed>
-CVE-2017-11352
+CVE-2017-11352 (In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a cras ...)
 	{DSA-4040-1 DLA-1081-1}
 	- imagemagick 8:6.9.7.4+dfsg-12 (bug #868469)
 	[stretch] - imagemagick 8:6.9.7.4+dfsg-11+deb9u1
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/502
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7f1f01b695e869c410ee10e2176f8fd764f09373
 	NOTE: ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/86cb33143c5b21912187403860a7c26761a3cd23
-CVE-2017-9144
+CVE-2017-9144 (In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash becaus ...)
 	{DSA-3863-1 DLA-1081-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-9 (bug #863126)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7fdf9ea808caa3c81a0eb42656e5fafc59084198
-CVE-2017-9142
+CVE-2017-9142 (In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion  ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-9 (bug #863125)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/490
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/72f5c8632bff2daf3c95005f9b4cf2982786b52a
-CVE-2017-9141
+CVE-2017-9141 (In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion  ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-9 (bug #863124)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/489
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f5910e91b0778e03ded45b9022be8eb8f77942cd
-CVE-2017-9143
+CVE-2017-9143 (In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allo ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-9 (bug #863123)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/456
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b8c1df65b25d6671f113e2306982eded44ce3b4
-CVE-2017-9140
+CVE-2017-9140 (Cross-site scripting (XSS) vulnerability in Telerik.ReportViewer.WebFo ...)
 	NOT-FOR-US: Telerik
-CVE-2017-9139
+CVE-2017-9139 (There is a stack-based buffer overflow on some Tenda routers (FH1202/F ...)
 	NOT-FOR-US: Tenda
-CVE-2017-9138
+CVE-2017-9138 (There is a debug-interface vulnerability on some Tenda routers (FH1202 ...)
 	NOT-FOR-US: Tenda
-CVE-2017-9137
+CVE-2017-9137 (Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default pas ...)
 	NOT-FOR-US: Ceragon FibeAir
-CVE-2017-9136
+CVE-2017-9136 (An issue was discovered on Mimosa Client Radios before 2.2.3. In the d ...)
 	NOT-FOR-US: Mimosa Client Radios
-CVE-2017-9135
+CVE-2017-9135 (An issue was discovered on Mimosa Client Radios before 2.2.4 and Mimos ...)
 	NOT-FOR-US: Mimosa Client Radios
-CVE-2017-9134
+CVE-2017-9134 (An information-leakage issue was discovered on Mimosa Client Radios be ...)
 	NOT-FOR-US: Mimosa Client Radios
-CVE-2017-9133
+CVE-2017-9133 (An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimos ...)
 	NOT-FOR-US: Mimosa Client Radios
-CVE-2017-9132
+CVE-2017-9132 (A hard-coded credentials issue was discovered on Mimosa Client Radios  ...)
 	NOT-FOR-US: Mimosa Client Radios
-CVE-2017-9131
+CVE-2017-9131 (An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimos ...)
 	NOT-FOR-US: Mimosa Client Radios
-CVE-2017-9130
+CVE-2017-9130 (The faacEncOpen function in libfaac/frame.c in Freeware Advanced Audio ...)
 	- faac 1.29+git20170704-1 (bug #865909)
 	[stretch] - faac <no-dsa> (Non-free not supported)
 	[jessie] - faac <no-dsa> (Non-free not supported)
 	NOTE: https://www.exploit-db.com/exploits/42207/
-CVE-2017-9129
+CVE-2017-9129 (The wav_open_read function in frontend/input.c in Freeware Advanced Au ...)
 	- faac 1.29+git20170704-1 (bug #865909)
 	[stretch] - faac <no-dsa> (Non-free not supported)
 	[jessie] - faac <no-dsa> (Non-free not supported)
 	NOTE: https://www.exploit-db.com/exploits/42207/
-CVE-2017-9128
+CVE-2017-9128 (The quicktime_video_width function in lqt_quicktime.c in libquicktime  ...)
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
-CVE-2017-9127
+CVE-2017-9127 (The quicktime_user_atoms_read_atom function in useratoms.c in libquick ...)
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
-CVE-2017-9126
+CVE-2017-9126 (The quicktime_read_dref_table function in dref.c in libquicktime 1.2.4 ...)
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
-CVE-2017-9125
+CVE-2017-9125 (The lqt_frame_duration function in lqt_quicktime.c in libquicktime 1.2 ...)
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
-CVE-2017-9124
+CVE-2017-9124 (The quicktime_match_32 function in util.c in libquicktime 1.2.4 allows ...)
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
-CVE-2017-9123
+CVE-2017-9123 (The lqt_frame_duration function in lqt_quicktime.c in libquicktime 1.2 ...)
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
-CVE-2017-9122
+CVE-2017-9122 (The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allow ...)
 	{DLA-1042-1}
 	- libquicktime 2:1.2.4-11 (low; bug #864664)
 	[stretch] - libquicktime 2:1.2.4-10+deb9u1
 	[jessie] - libquicktime <no-dsa> (Minor issue)
 CVE-2017-9121
 	RESERVED
-CVE-2017-9120
+CVE-2017-9120 (PHP 7.x through 7.1.5 allows remote attackers to cause a denial of ser ...)
 	- php7.2 <unfixed> (unimportant)
 	- php7.1 <removed> (unimportant)
 	- php7.0 <removed> (unimportant)
 	- php5 <not-affected> (Not reproducible, vulnerable code not present.)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74544
 	NOTE: Not treated as a security issue by upstream
-CVE-2017-9119
+CVE-2017-9119 (The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 all ...)
 	- php7.1 <removed> (unimportant)
 	- php7.0 <removed> (unimportant)
 	- php5 <unfixed> (unimportant)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74593
 	NOTE: Only triggerable by malicious script
-CVE-2017-9118
+CVE-2017-9118 (PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a c ...)
 	- php7.2 <unfixed> (unimportant)
 	- php7.1 <removed> (unimportant)
 	- php7.0 <removed> (unimportant)
@@ -27187,54 +27187,54 @@ CVE-2017-9118
 	NOTE: Check for Jessie again as soon as more information are available.
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74604
 	NOTE: Not treated as a security issue by upstream
-CVE-2017-9117
+CVE-2017-9117 (In LibTIFF 4.0.7, the program processes BMP images without verifying t ...)
 	- tiff <unfixed> (unimportant)
 	- tiff3 <not-affected> (Does not ship libtiff-tools)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2690
 	NOTE: bmp2tiff utility removed in 4.0.6-3 and 4.0.3-12.3+deb8u2
-CVE-2017-9116
+CVE-2017-9116 (In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function ...)
 	{DLA-1083-1}
 	- openexr 2.2.0-11.1 (bug #864078)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-CVE-2017-9115
+CVE-2017-9115 (In OpenEXR 2.2.0, an invalid write of size 2 in the = operator functio ...)
 	- openexr <unfixed> (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-CVE-2017-9114
+CVE-2017-9114 (In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in  ...)
 	- openexr <unfixed> (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-CVE-2017-9113
+CVE-2017-9113 (In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels ...)
 	- openexr <unfixed> (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-CVE-2017-9112
+CVE-2017-9112 (In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ...)
 	{DLA-1083-1}
 	- openexr 2.2.0-11.1 (bug #864078)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-CVE-2017-9111
+CVE-2017-9111 (In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function  ...)
 	- openexr <unfixed> (bug #873885)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	[wheezy] - openexr <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/12/5
 	NOTE: https://github.com/openexr/openexr/issues/232
-CVE-2017-9110
+CVE-2017-9110 (In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function  ...)
 	{DLA-1083-1}
 	- openexr 2.2.0-11.1 (bug #864078)
 	[stretch] - openexr <no-dsa> (Minor issue)
@@ -27257,34 +27257,34 @@ CVE-2017-9103
 	RESERVED
 CVE-2017-9102
 	RESERVED
-CVE-2017-9101
+CVE-2017-9101 (import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows re ...)
 	NOT-FOR-US: PlaySMS
-CVE-2017-9100
+CVE-2017-9100 (login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote  ...)
 	NOT-FOR-US: D-Link
 CVE-2017-9099
 	RESERVED
-CVE-2017-9098
+CVE-2017-9098 (ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninit ...)
 	{DSA-3863-1 DLA-1456-1 DLA-960-1 DLA-953-1}
 	- imagemagick 8:6.9.7.4+dfsg-9 (bug #862967)
 	- graphicsmagick 1.3.24-1
 	NOTE: ImageMagick fix: https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b
 	NOTE: GraphicsMagick fix: http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c
 	NOTE: https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html
-CVE-2017-9097
+CVE-2017-9097 (In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through  ...)
 	NOT-FOR-US: Anti-Web
-CVE-2017-9096
+CVE-2017-9096 (The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not dis ...)
 	NOT-FOR-US: iText
-CVE-2017-9095
+CVE-2017-9095 (XXE in Diving Log 6.0 allows attackers to remotely view local files th ...)
 	NOT-FOR-US: Diving Log
-CVE-2017-9094
+CVE-2017-9094 (The lzw_add_to_dict function in imagew-gif.c in libimageworsener.a in  ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-9093
+CVE-2017-9093 (The my_skip_input_data_fn function in imagew-jpeg.c in libimageworsene ...)
 	NOT-FOR-US: ImageWorsener
 CVE-2017-9092
 	RESERVED
-CVE-2017-9091
+CVE-2017-9091 (/admin/loginc.php in Allen Disk 1.6 doesn't check if isset($_SESSION[' ...)
 	NOT-FOR-US: Allen Disk
-CVE-2017-9090
+CVE-2017-9090 (reg.php in Allen Disk 1.6 doesn't check if isset($_SESSION['captcha'][ ...)
 	NOT-FOR-US: Allen Disk
 CVE-2017-9089
 	RESERVED
@@ -27294,11 +27294,11 @@ CVE-2017-9087
 	RESERVED
 CVE-2017-9086
 	RESERVED
-CVE-2017-9085
+CVE-2017-9085 (Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 6. ...)
 	NOT-FOR-US: Kodak InSite
 CVE-2017-9084
 	RESERVED
-CVE-2017-9083
+CVE-2017-9083 (poppler 0.54.0, as used in Evince and other products, has a NULL point ...)
 	- poppler <unfixed> (unimportant; bug #863016)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101084
 	NOTE: Does not use JPX decoder but openjpeg; affected only source wise
@@ -27306,48 +27306,48 @@ CVE-2017-9082
 	RESERVED
 CVE-2017-9081
 	RESERVED
-CVE-2017-9080
+CVE-2017-9080 (PlaySMS 1.4 allows remote code execution because PHP code in the name  ...)
 	NOT-FOR-US: PlaySMS
-CVE-2017-9079
+CVE-2017-9079 (Dropbear before 2017.75 might allow local users to read certain files  ...)
 	{DSA-3859-1 DLA-948-1}
 	- dropbear 2016.74-5 (bug #862970)
 	NOTE: Patch: https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123
-CVE-2017-9078
+CVE-2017-9078 (The server in Dropbear before 2017.75 might allow post-authentication  ...)
 	{DSA-3859-1}
 	- dropbear 2016.74-5 (bug #862970)
 	[wheezy] - dropbear <not-affected> (Vulnerable code not present)
 	NOTE: Patch: https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c
-CVE-2017-9077
+CVE-2017-9077 (The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux  ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: Fixed by: https://git.kernel.org/linus/83eaddab4378db256d00d295bda6ca997cd13a52
-CVE-2017-9076
+CVE-2017-9076 (The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: Fixed by: https://git.kernel.org/linus/83eaddab4378db256d00d295bda6ca997cd13a52
-CVE-2017-9075
+CVE-2017-9075 (The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux  ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: Fixed by: https://git.kernel.org/linus/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8
-CVE-2017-9074
+CVE-2017-9074 (The IPv6 fragmentation implementation in the Linux kernel through 4.11 ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: Fixed by: https://git.kernel.org/linus/2423496af35d94a87156b063ea5cedffc10a70a1
 CVE-2017-9073
 	REJECTED
-CVE-2017-9072
+CVE-2017-9072 (Two CalendarXP products have XSS in common parts of HTML files. Calend ...)
 	NOT-FOR-US: CalendarXP
-CVE-2017-9071
+CVE-2017-9071 (In MODX Revolution before 2.5.7, an attacker might be able to trigger  ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2017-9070
+CVE-2017-9070 (In MODX Revolution before 2.5.7, a user with resource edit permissions ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2017-9069
+CVE-2017-9069 (In MODX Revolution before 2.5.7, a user with file upload permissions i ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2017-9068
+CVE-2017-9068 (In MODX Revolution before 2.5.7, an attacker is able to trigger Reflec ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2017-9067
+CVE-2017-9067 (In MODX Revolution before 2.5.7, when PHP 5.3.3 is used, an attacker i ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2017-9060
+CVE-2017-9060 (Memory leak in the virtio_gpu_set_scanout function in hw/display/virti ...)
 	- qemu 1:2.10.0-1 (unimportant)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -27356,7 +27356,7 @@ CVE-2017-9060
 	NOTE: virtio gpu (virglrenderer) and opengl, but the affected code is
 	NOTE: still present.
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=dd248ed7e204ee8a1873914e02b8b526e8f1b80d
-CVE-2017-9059
+CVE-2017-9059 (The NFSv4 implementation in the Linux kernel through 4.11.1 allows loc ...)
 	- linux 4.9.30-1
 	[jessie] - linux <not-affected> (Introduced in 4.9)
 	[wheezy] - linux <not-affected> (Introduced in 4.9)
@@ -27364,31 +27364,31 @@ CVE-2017-9057
 	RESERVED
 CVE-2017-9056
 	RESERVED
-CVE-2017-9055
+CVE-2017-9055 (An issue, also known as DW201703-001, was discovered in libdwarf 2017- ...)
 	- dwarfutils 20170416-2 (bug #864064)
 	[stretch] - dwarfutils 20161124-1+deb9u1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://www.prevanders.net/dwarfbug.html#DW201703-001
-CVE-2017-9054
+CVE-2017-9054 (An issue, also known as DW201703-002, was discovered in libdwarf 2017- ...)
 	- dwarfutils 20170416-2 (bug #864064)
 	[stretch] - dwarfutils 20161124-1+deb9u1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://www.prevanders.net/dwarfbug.html#DW201703-002
-CVE-2017-9053
+CVE-2017-9053 (An issue, also known as DW201703-005, was discovered in libdwarf 2017- ...)
 	- dwarfutils 20170416-2 (bug #864064)
 	[stretch] - dwarfutils 20161124-1+deb9u1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://www.prevanders.net/dwarfbug.html#DW201703-005
-CVE-2017-9052
+CVE-2017-9052 (An issue, also known as DW201703-006, was discovered in libdwarf 2017- ...)
 	- dwarfutils 20170416-2 (bug #864064)
 	[stretch] - dwarfutils 20161124-1+deb9u1
 	[jessie] - dwarfutils <no-dsa> (Minor issue)
 	[wheezy] - dwarfutils <no-dsa> (Minor issue)
 	NOTE: https://www.prevanders.net/dwarfbug.html#DW201703-006
-CVE-2017-9051
+CVE-2017-9051 (libav before 12.1 is vulnerable to an invalid read of size 1 due to NU ...)
 	- libav <removed> (low)
 	[jessie] - libav <not-affected> (Tested with the original reproducer, 0.11 branch not vulnerable)
 	[wheezy] - libav <not-affected> (Tested with the original reproducer, 0.8 branch not vulnerable)
@@ -27396,94 +27396,94 @@ CVE-2017-9051
 	NOTE: Fix in libav: https://github.com/libav/libav/commit/fe6eea99efac66839052af547426518efd970b24.patch
 	NOTE: Fix in ffmpeg: https://github.com/FFmpeg/FFmpeg/commit/8d7ce5cdb707d4b22749f72d3f118e62e2b95cd3
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1039
-CVE-2017-9050
+CVE-2017-9050 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buff ...)
 	{DSA-3952-1 DLA-1008-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #863018)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781361 (not public)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/15/1
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=e26630548e7d138d2c560844c43820b6767251e3
-CVE-2017-9049
+CVE-2017-9049 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buff ...)
 	{DSA-3952-1 DLA-1008-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #863019)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781205 (not public)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/15/1
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=e26630548e7d138d2c560844c43820b6767251e3
-CVE-2017-9048
+CVE-2017-9048 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buf ...)
 	{DSA-3952-1 DLA-1008-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #863021)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781701 (not public)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/15/1
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=932cc9896ab41475d4aa429c27d9afd175959d74
-CVE-2017-9047
+CVE-2017-9047 (A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g074180 ...)
 	{DSA-3952-1 DLA-1008-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #863022)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781333 (not public)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/15/1
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=932cc9896ab41475d4aa429c27d9afd175959d74
-CVE-2017-9046
+CVE-2017-9046 (winpm-32.exe in Pegasus Mail (aka Pmail) v4.72 build 572 allows code e ...)
 	NOT-FOR-US: Pegasus Mail
-CVE-2017-9045
+CVE-2017-9045 (The Google I/O 2017 application before 5.1.4 for Android downloads mul ...)
 	NOT-FOR-US: Google I/O 2017 application
-CVE-2017-9044
+CVE-2017-9044 (The print_symbol_for_build_attribute function in readelf.c in GNU Binu ...)
 	- binutils 2.29-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
-CVE-2017-9043
+CVE-2017-9043 (readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large f ...)
 	- binutils 2.29-1 (low; bug #863674)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ddef72cdc10d82ba011a7ff81cafbbd3466acf54
-CVE-2017-9042
+CVE-2017-9042 (readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in t ...)
 	- binutils 2.29-1 (low; bug #863674)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf
-CVE-2017-9041
+CVE-2017-9041 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...)
 	- binutils 2.28-6 (low; bug #863674)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75ec1fdbb797a389e4fe4aaf2e15358a070dcc19
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c4ab9505b53cdc899506ed421fddb7e1f8faf7a3
-CVE-2017-9040
+CVE-2017-9040 (GNU Binutils 2017-04-03 allows remote attackers to cause a denial of s ...)
 	- binutils 2.29-1 (low; bug #863674)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf
-CVE-2017-9039
+CVE-2017-9039 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...)
 	- binutils 2.28-6 (low; bug #863674)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=82156ab704b08b124d319c0decdbd48b3ca2dac5
-CVE-2017-9038
+CVE-2017-9038 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...)
 	- binutils 2.28-6 (low; bug #863674)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f32ba72991d2406b21ab17edc234a2f3fa7fb23d
-CVE-2017-9037
+CVE-2017-9037 (Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro Ser ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-9036
+CVE-2017-9036 (Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local us ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-9035
+CVE-2017-9035 (Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attacker ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-9034
+CVE-2017-9034 (Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attacker ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-9033
+CVE-2017-9033 (Cross-site request forgery (CSRF) vulnerability in Trend Micro ServerP ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-9032
+CVE-2017-9032 (Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro Ser ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-9058
+CVE-2017-9058 (In libytnef in ytnef through 1.9.2, there is a heap-based buffer over- ...)
 	- libytnef 1.9.2-2 (low; bug #862556)
 	[jessie] - libytnef <no-dsa> (Minor issue)
 	[wheezy] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/45
-CVE-2017-9030
+CVE-2017-9030 (The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 f ...)
 	NOT-FOR-US: Joomla extension
 CVE-2017-9029
 	RESERVED
@@ -27491,48 +27491,48 @@ CVE-2017-9028
 	RESERVED
 CVE-2017-9027
 	RESERVED
-CVE-2017-9026
+CVE-2017-9026 (Stack buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6 ...)
 	NOT-FOR-US: HooHoo Trip Mate
-CVE-2017-9025
+CVE-2017-9025 (Heap buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) ...)
 	NOT-FOR-US: HooHoo Trip Mate
-CVE-2017-9066
+CVE-2017-9066 (In WordPress before 4.7.5, there is insufficient redirect validation i ...)
 	{DLA-1075-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	[jessie] - wordpress 4.1+dfsg-1+deb8u16
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11
-CVE-2017-9065
+CVE-2017-9065 (In WordPress before 4.7.5, there is a lack of capability checks for po ...)
 	{DSA-3870-1 DLA-975-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/e88a48a066ab2200ce3091b131d43e2fab2460a4
-CVE-2017-9064
+CVE-2017-9064 (In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnera ...)
 	{DSA-3870-1 DLA-975-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/38347d7c580be4cdd8476e4bbc653d5c79ed9b67
-CVE-2017-9063
+CVE-2017-9063 (In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability  ...)
 	{DSA-3870-1 DLA-975-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/3d10fef22d788f29aed745b0f5ff6f6baea69af3
-CVE-2017-9062
+CVE-2017-9062 (In WordPress before 4.7.5, there is improper handling of post meta dat ...)
 	{DSA-3870-1 DLA-975-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/3d95e3ae816f4d7c638f40d3e936a4be19724381
-CVE-2017-9061
+CVE-2017-9061 (In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability  ...)
 	{DSA-3870-1 DLA-975-1}
 	- wordpress 4.7.5+dfsg-1 (bug #862816)
 	NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 	NOTE: https://github.com/WordPress/WordPress/commit/8c7ea71edbbffca5d9766b7bea7c7f3722ffafa6
-CVE-2017-9024
+CVE-2017-9024 (Secure Bytes Cisco Configuration Manager, as bundled in Secure Bytes S ...)
 	NOT-FOR-US: Secure Bytes Cisco Configuration Manager
-CVE-2017-9023
+CVE-2017-9023 (The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE  ...)
 	{DSA-3866-1 DLA-973-1}
 	- strongswan 5.5.1-4
 	NOTE: upstream fix https://git.strongswan.org/?p=strongswan.git;a=commit;h=407fcca200fdf6a41a04ac0885a770b6b53c5d23
-CVE-2017-9022
+CVE-2017-9022 (The gmp plugin in strongSwan before 5.5.3 does not properly validate R ...)
 	{DSA-3866-1 DLA-973-1}
 	- strongswan 5.5.1-4
 	NOTE: upstream fix https://git.strongswan.org/?p=strongswan.git;a=commit;h=6681d98d18d24b31410fc12c3d61f150107481b3
@@ -27572,13 +27572,13 @@ CVE-2017-9005
 	RESERVED
 CVE-2017-9004
 	RESERVED
-CVE-2017-9003
+CVE-2017-9003 (Multiple memory corruption flaws are present in ArubaOS which could al ...)
 	NOT-FOR-US: Aruba
-CVE-2017-9002
+CVE-2017-9002 (All versions of Aruba ClearPass prior to 6.6.8 contain reflected cross ...)
 	NOT-FOR-US: Aruba
-CVE-2017-9001
+CVE-2017-9001 (Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout ...)
 	NOT-FOR-US: Aruba
-CVE-2017-9000
+CVE-2017-9000 (ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x  ...)
 	NOT-FOR-US: Aruba
 CVE-2017-8999
 	RESERVED
@@ -27590,127 +27590,127 @@ CVE-2017-8996
 	RESERVED
 CVE-2017-8995
 	RESERVED
-CVE-2017-8994
+CVE-2017-8994 (A input validation vulnerability in HPE Operations Orchestration produ ...)
 	NOT-FOR-US: HPE
-CVE-2017-8993
+CVE-2017-8993 (A Remote Cross-Site Scripting vulnerability in HPE Project and Portfol ...)
 	NOT-FOR-US: HPE Project and Portfolio Management
-CVE-2017-8992
+CVE-2017-8992 (HPE has identified a remote privilege escalation vulnerability in HPE  ...)
 	NOT-FOR-US: HPE
-CVE-2017-8991
+CVE-2017-8991 (HPE has identified a cross site scripting (XSS) vulnerability in HPE C ...)
 	NOT-FOR-US: HPE
-CVE-2017-8990
+CVE-2017-8990 (A remote code execution vulnerability was identified in HPE Intelligen ...)
 	NOT-FOR-US: HPE
-CVE-2017-8989
+CVE-2017-8989 (A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, ...)
 	NOT-FOR-US: HPE
-CVE-2017-8988
+CVE-2017-8988 (A Remote Bypass of Security Restrictions vulnerability was identified  ...)
 	NOT-FOR-US: HPE
-CVE-2017-8987
+CVE-2017-8987 (A Unauthenticated Remote Denial of Service vulnerability was identifie ...)
 	NOT-FOR-US: HPE
 CVE-2017-8986
 	RESERVED
-CVE-2017-8985
+CVE-2017-8985 (HPE XP Storage using Hitachi Global Link Manager (HGLM) has a local au ...)
 	NOT-FOR-US: HPE XP Storage
-CVE-2017-8984
+CVE-2017-8984 (A remote code execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8983
+CVE-2017-8983 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8982
+CVE-2017-8982 (A Remote Authentication Restriction Bypass vulnerability in HPE Intell ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8981
+CVE-2017-8981 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8980
+CVE-2017-8980 (A Remote Disclosure of Information vulnerability in HPE Intelligent Ma ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8979
+CVE-2017-8979 (Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) fi ...)
 	NOT-FOR-US: HPE Integrated Lights-Out 2 (iLO 2) firmware
-CVE-2017-8978
+CVE-2017-8978 (A Remote Unauthorized Disclosure of Information vulnerability in HPE I ...)
 	NOT-FOR-US: HPE IceWall Products
-CVE-2017-8977
+CVE-2017-8977 (A Remote Denial of Service vulnerability in Hewlett Packard Enterprise ...)
 	NOT-FOR-US: Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance
-CVE-2017-8976
+CVE-2017-8976 (A Remote Code Execution vulnerability in Hewlett Packard Enterprise Mo ...)
 	NOT-FOR-US: Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance
-CVE-2017-8975
+CVE-2017-8975 (A Remote Code Execution vulnerability in Hewlett Packard Enterprise Mo ...)
 	NOT-FOR-US: Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance
-CVE-2017-8974
+CVE-2017-8974 (A Local Authentication Restriction Bypass vulnerability in HPE NonStop ...)
 	NOT-FOR-US: HPE NonStop Server
-CVE-2017-8973
+CVE-2017-8973 (An improper input validation vulnerability in HPE Matrix Operating Env ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-8972
+CVE-2017-8972 (A clickjacking vulnerability in HPE Matrix Operating Environment versi ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-8971
+CVE-2017-8971 (A clickjacking vulnerability in HPE Matrix Operating Environment versi ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-8970
+CVE-2017-8970 (A remote unauthenticated disclosure of information vulnerability in HP ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-8969
+CVE-2017-8969 (An improper input validation vulnerability in HPE Insight Control vers ...)
 	NOT-FOR-US: HPE Insight Control
-CVE-2017-8968
+CVE-2017-8968 (A remote execution of arbitrary code vulnerability has been identified ...)
 	NOT-FOR-US: HPE
-CVE-2017-8967
+CVE-2017-8967 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard E ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8966
+CVE-2017-8966 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard E ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8965
+CVE-2017-8965 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard E ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8964
+CVE-2017-8964 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard E ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8963
+CVE-2017-8963 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard E ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8962
+CVE-2017-8962 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard E ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8961
+CVE-2017-8961 (A directory traversal vulnerability in HPE Intelligent Management Cent ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8960
+CVE-2017-8960 (An Authentication Bypass vulnerability in HPE MSA 1040 and MSA 2040 SA ...)
 	NOT-FOR-US: HPE MSA
-CVE-2017-8959
+CVE-2017-8959 (An Authentication Bypass vulnerability in HPE MSA 1040 and HPE MSA 204 ...)
 	NOT-FOR-US: HPE MSA
-CVE-2017-8958
+CVE-2017-8958 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8957
+CVE-2017-8957 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8956
+CVE-2017-8956 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8955
+CVE-2017-8955 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8954
+CVE-2017-8954 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-8953
+CVE-2017-8953 (A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v1 ...)
 	NOT-FOR-US: HPE LoadRunner
-CVE-2017-8952
+CVE-2017-8952 (A Disclosure of Sensitive Information vulnerability in HPE SiteScope v ...)
 	NOT-FOR-US: HPE SiteScope
-CVE-2017-8951
+CVE-2017-8951 (A Disclosure of Sensitive Information vulnerability in HPE SiteScope v ...)
 	NOT-FOR-US: HPE SiteScope
-CVE-2017-8950
+CVE-2017-8950 (A Disclosure of Sensitive Information vulnerability in HPE SiteScope v ...)
 	NOT-FOR-US: HPE SiteScope
-CVE-2017-8949
+CVE-2017-8949 (A Disclosure of Sensitive Information vulnerability in HPE SiteScope v ...)
 	NOT-FOR-US: HPE SiteScope
-CVE-2017-8948
+CVE-2017-8948 (A Remote Bypass Security Restriction vulnerability in HPE Network Node ...)
 	NOT-FOR-US: HPE Network Node Manager
-CVE-2017-8947
+CVE-2017-8947 (A Remote Code Execution vulnerability in HPE UCMDB version v10.10, v10 ...)
 	NOT-FOR-US: HPE UCMDB
-CVE-2017-8946
+CVE-2017-8946 (A Remote Code Execution vulnerability in HPE Aruba AirWave Glass versi ...)
 	NOT-FOR-US: HPE Aruba AirWave Glass
-CVE-2017-8945
+CVE-2017-8945 (A Remote Unauthorized Disclosure of Information vulnerability in HPE I ...)
 	NOT-FOR-US: HPE IceWall Federation Agent
-CVE-2017-8944
+CVE-2017-8944 (A Remote Disclosure of Information vulnerability in HPE Cloud Optimize ...)
 	NOT-FOR-US: HPE Cloud Optimizer
-CVE-2017-8943
+CVE-2017-8943 (The PUMA PUMATRAC app 3.0.2 for iOS does not verify X.509 certificates ...)
 	NOT-FOR-US: PUMA PUMATRAC app
-CVE-2017-8942
+CVE-2017-8942 (The YottaMark ShopWell - Healthy Diet &amp; Grocery Food Scanner app 5 ...)
 	NOT-FOR-US: YottaMark ShopWell app
-CVE-2017-8941
+CVE-2017-8941 (The Interval International app 3.3 through 3.5.1 for iOS does not veri ...)
 	NOT-FOR-US: Interval International app
-CVE-2017-8940
+CVE-2017-8940 (The Zipongo - Healthy Recipes and Grocery Deals app before 6.3 for iOS ...)
 	NOT-FOR-US: Zipongo app
-CVE-2017-8939
+CVE-2017-8939 (The Warner Bros. ellentube app 3.1.1 through 3.1.3 for iOS does not ve ...)
 	NOT-FOR-US: ellentube app
-CVE-2017-8938
+CVE-2017-8938 (The Radio Javan app 9.3.4 through 9.6.1 for iOS does not verify X.509  ...)
 	NOT-FOR-US: Radio Javan app
-CVE-2017-8937
+CVE-2017-8937 (The Life Before Us Yo app 2.5.8 for iOS does not verify X.509 certific ...)
 	NOT-FOR-US: Life Before Us Yo app
-CVE-2017-8936
+CVE-2017-8936 (The MoboTap Dolphin Web Browser - Fast Private Internet Search app 9.2 ...)
 	NOT-FOR-US: MoboTap Dolphin Web Browser
-CVE-2017-8935
+CVE-2017-8935 (The Quest Information Systems Indiana Voters app 1.1.24 for iOS does n ...)
 	NOT-FOR-US: Quest Information Systems Indiana Voters app
-CVE-2017-8932
+CVE-2017-8932 (A bug in the standard library ScalarMult implementation of curve P-256 ...)
 	- golang-1.8 1.8.3-1 (bug #863307)
 	[stretch] - golang-1.8 <ignored> (Minor issue, would require builds of all go packages in stable)
 	- golang-1.7 1.7.6-1 (bug #863308)
@@ -27722,46 +27722,46 @@ CVE-2017-8932
 	NOTE: Upstream patch: https://golang.org/cl/41070
 	NOTE: Fix for 1.7: https://go-review.googlesource.com/c/43773
 	NOTE: Fix for 1.8: https://go-review.googlesource.com/c/43770
-CVE-2017-8931
+CVE-2017-8931 (Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow a ...)
 	NOT-FOR-US: Bitdefender
-CVE-2017-8930
+CVE-2017-8930 (Multiple cross-site request forgery (CSRF) vulnerabilities in Simple I ...)
 	NOT-FOR-US: Simple Invoices
-CVE-2017-8929
+CVE-2017-8929 (The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allo ...)
 	- yara 3.6.0+dfsg-1
 	[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - yara <ignored> (Minor issue, too intrusive to backport)
 	NOTE: https://github.com/VirusTotal/yara/issues/658
 	NOTE: https://github.com/VirusTotal/yara/commit/053e67e3ec81cc9268ce30eaf0d6663d8639ed1e
-CVE-2017-8928
+CVE-2017-8928 (mailcow 0.14, as used in "mailcow: dockerized" and other products, has ...)
 	NOT-FOR-US: mailcow
-CVE-2017-9031
+CVE-2017-9031 (The WebUI component in Deluge before 1.3.15 contains a directory trave ...)
 	{DSA-3856-1 DLA-943-1}
 	- deluge 1.3.13+git20161130.48cedf63-3 (bug #862611)
 	NOTE: http://dev.deluge-torrent.org/wiki/ReleaseNotes/1.3.15
 	NOTE: Fixed by: http://git.deluge-torrent.org/deluge/commit/?h=1.3-stable&id=41acade01ae88f7b7bbdba308a0886771aa582fd
-CVE-2017-8934
+CVE-2017-8934 (PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local ...)
 	- pcmanfm 1.2.5-3 (low; bug #862571)
 	[jessie] - pcmanfm <no-dsa> (Minor issue)
 	[wheezy] - pcmanfm <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://git.lxde.org/gitweb/?p=lxde/pcmanfm.git;a=commitdiff;h=bc8c3d871e9ecc67c47ff002b68cf049793faf08
-CVE-2017-8933
+CVE-2017-8933 (Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a ...)
 	- menu-cache 1.0.2-3 (low; bug #862570)
 	[jessie] - menu-cache <no-dsa> (Minor issue)
 	[wheezy] - menu-cache <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://git.lxde.org/gitweb/?p=lxde/menu-cache.git;a=commitdiff;h=56f66684592abf257c4004e6e1fff041c64a12ce
-CVE-2017-8927
+CVE-2017-8927 (Buffer overflow in Larson VizEx Reader 9.7.5 allows attackers to cause ...)
 	NOT-FOR-US: Larson VizEx Reader
-CVE-2017-8926
+CVE-2017-8926 (Buffer overflow in Halliburton LogView Pro 10.0.1 allows attackers to  ...)
 	NOT-FOR-US: Halliburton LogView Pro
-CVE-2017-8925
+CVE-2017-8925 (The omninet_open function in drivers/usb/serial/omninet.c in the Linux ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.16-1 (low)
 	NOTE: Fixed by: https://git.kernel.org/linus/30572418b445d85fcfe6c8fe84c947d2606767d8
-CVE-2017-8924
+CVE-2017-8924 (The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in th ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.16-1 (low)
 	NOTE: Fixed by: https://git.kernel.org/linus/654b404f2a222f918af9b0cd18ad469d0c941a8e
-CVE-2017-8923
+CVE-2017-8923 (The zend_string_extend function in Zend/zend_string.h in PHP through 7 ...)
 	- php7.1 <removed> (bug #881539)
 	- php7.0 <removed> (bug #881538)
 	[stretch] - php7.0 <ignored> (Minor issue)
@@ -27769,31 +27769,31 @@ CVE-2017-8923
 	NOTE: (Duplicate of) PHP Bug: https://bugs.php.net/bug.php?id=73122
 CVE-2017-8922
 	RESERVED
-CVE-2017-8921
+CVE-2017-8921 (In FlightGear before 2017.2.1, the FGCommand interface allows overwrit ...)
 	- flightgear 1:2016.4.4+dfsg-3 (bug #862689)
 	[jessie] - flightgear 3.0.0-5+deb8u2
 	NOTE: Fixed by: https://sourceforge.net/p/flightgear/flightgear/ci/faf872e7f71ca14c567ac7080561fc785d8d2fd0/ (next)
 	NOTE: Fixed by: https://sourceforge.net/p/flightgear/flightgear/ci/19ab09406e4249f2c6f8ac51938258d1c51eace0/ (2016.4)
 	NOTE: Fixed by: https://sourceforge.net/p/flightgear/flightgear/ci/c8250b10bb9a116889f831d2299678b0ef70fec2/ (3.0.0)
-CVE-2017-8920
+CVE-2017-8920 (irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the ...)
 	- cgiirc <removed>
-CVE-2017-8919
+CVE-2017-8919 (NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password ...)
 	NOT-FOR-US: NetApp
-CVE-2017-8918
+CVE-2017-8918 (XXE in Dive Assistant - Template Builder in Blackwave Dive Assistant - ...)
 	NOT-FOR-US: Dive Assistant
-CVE-2017-8917
+CVE-2017-8917 (SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attac ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-8916
+CVE-2017-8916 (In Center for Internet Security CIS-CAT Pro Dashboard before 1.0.4, an ...)
 	NOT-FOR-US: Center for Internet Security CIS-CAT Pro Dashboard
-CVE-2017-8915
+CVE-2017-8915 (sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers ...)
 	NOT-FOR-US: SAP
-CVE-2017-8914
+CVE-2017-8914 (sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers ...)
 	NOT-FOR-US: SAP
-CVE-2017-8913
+CVE-2017-8913 (The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 ...)
 	NOT-FOR-US: SAP
-CVE-2017-8912
+CVE-2017-8912 (** DISPUTED ** CMS Made Simple (CMSMS) 2.1.6 allows remote authenticat ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-8911
+CVE-2017-8911 (An integer underflow has been identified in the unicode_to_utf8() func ...)
 	{DSA-3869-1 DLA-962-1}
 	- tnef 1.4.12-1.2 (bug #862442)
 	NOTE: https://github.com/verdammelt/tnef/issues/23
@@ -27802,41 +27802,41 @@ CVE-2017-8910
 	RESERVED
 CVE-2017-8909
 	RESERVED
-CVE-2017-8908
+CVE-2017-8908 (The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 all ...)
 	- ghostscript 9.22~dfsg-1 (unimportant)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697810
 	NOTE: edgebuffer scan converter was made default only in: http://git.ghostscript.com/?p=ghostpdl.git;h=dd5da2cb3e08398ac6d86598b36b00994d058308
 	NOTE: But the vulnerable code via base/gxscan.c, a new scan converter introduced in 9.20 is present.
-CVE-2017-8907
+CVE-2017-8907 (Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not correc ...)
 	NOT-FOR-US: Atlassian Bamboo
-CVE-2017-8906
+CVE-2017-8906 (An integer underflow vulnerability exists in pixel-a.asm, the x86 asse ...)
 	- x265 <not-affected> (Affected code is not enabled)
 	NOTE: https://bitbucket.org/multicoreware/x265/issues/345/integer-underflow-in-x265-source-common
 CVE-2017-8902
 	RESERVED
 CVE-2017-8901
 	RESERVED
-CVE-2017-8900
+CVE-2017-8900 (LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, ...)
 	- lightdm <not-affected> (No guest account support in Debian, cf. #661230)
-CVE-2017-8899
+CVE-2017-8899 (Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has ...)
 	NOT-FOR-US: Invision Power Services
-CVE-2017-8898
+CVE-2017-8898 (Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has ...)
 	NOT-FOR-US: Invision Power Services
-CVE-2017-8897
+CVE-2017-8897 (Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has ...)
 	NOT-FOR-US: Invision Power Services
-CVE-2017-8896
+CVE-2017-8896 (ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6 ...)
 	- owncloud <removed>
-CVE-2017-8895
+CVE-2017-8895 (In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before bui ...)
 	NOT-FOR-US: Veritas
-CVE-2017-8894
+CVE-2017-8894 (AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software upd ...)
 	NOT-FOR-US: AeroAdmin
-CVE-2017-8893
+CVE-2017-8893 (AeroAdmin 4.1 uses a function to copy data between two pointers where  ...)
 	NOT-FOR-US: AeroAdmin
-CVE-2017-8892
+CVE-2017-8892 (Cross-site scripting (XSS) vulnerability in OpenText Tempo Box 10.0.3  ...)
 	NOT-FOR-US: OpenText Tempo Box
-CVE-2017-8891
+CVE-2017-8891 (Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a mal ...)
 	- lepton 1.2.1+20170405-1 (bug #862446)
 	NOTE: https://github.com/dropbox/lepton/issues/87
 	NOTE: https://github.com/dropbox/lepton/commit/82167c144a322cc956da45407f6dce8d4303d346
@@ -27860,85 +27860,85 @@ CVE-2017-8881
 	RESERVED
 CVE-2017-8880
 	RESERVED
-CVE-2017-8879
+CVE-2017-8879 (Dolibarr ERP/CRM 4.0.4 allows password changes without supplying the c ...)
 	- dolibarr 5.0.4+dfsg3-1 (bug #863544)
-CVE-2017-8878
+CVE-2017-8878 (ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 al ...)
 	NOT-FOR-US: ASUS
-CVE-2017-8877
+CVE-2017-8877 (ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 a ...)
 	NOT-FOR-US: ASUS
-CVE-2017-8890
+CVE-2017-8890 (The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: Fixed by: https://git.kernel.org/linus/657831ffc38e30092a2d5f03d385d710eb88b09a
-CVE-2017-8876
+CVE-2017-8876 (Symphony 2 2.6.11 has XSS in the meta[navigation_group] parameter to c ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2017-8875
+CVE-2017-8875 (CSRF in the Clean Login plugin before 1.8 for WordPress allows remote  ...)
 	NOT-FOR-US: Wordpress addon
-CVE-2017-8874
+CVE-2017-8874 (Multiple cross-site request forgery (CSRF) vulnerabilities in Mautic 1 ...)
 	NOT-FOR-US: Mautic
 CVE-2017-8873
 	RESERVED
-CVE-2017-8872
+CVE-2017-8872 (The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 all ...)
 	- libxml2 2.9.4+dfsg1-6.1 (bug #862450)
 	[stretch] - libxml2 <no-dsa> (Minor issue)
 	[jessie] - libxml2 <no-dsa> (Minor issue)
 	[wheezy] - libxml2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775200
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/commit/123234f2cfcd9e9b9f83047eee1dc17b4c3f4407
-CVE-2017-8871
+CVE-2017-8871 (The cr_parser_parse_selector_core function in cr-parser.c in libcroco  ...)
 	- libcroco <unfixed> (bug #864666; low)
 	[buster] - libcroco <no-dsa> (Minor issue)
 	[stretch] - libcroco <no-dsa> (Minor issue)
 	[jessie] - libcroco <no-dsa> (Minor issue)
 	[wheezy] - libcroco <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=782649
-CVE-2017-8870
+CVE-2017-8870 (Buffer overflow in AudioCoder 0.8.46 allows remote attackers to execut ...)
 	NOT-FOR-US: AudioCoder
-CVE-2017-8869
+CVE-2017-8869 (Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to e ...)
 	NOT-FOR-US: MediaCoder
-CVE-2017-8868
+CVE-2017-8868 (acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via  ...)
 	NOT-FOR-US: flatCore
-CVE-2017-8867
+CVE-2017-8867 (Elemental Path's CogniToys Dino smart toys through firmware version 0. ...)
 	NOT-FOR-US: Elemental Path's CogniToys Dino smart toys
-CVE-2017-8866
+CVE-2017-8866 (Elemental Path's CogniToys Dino smart toys through firmware version 0. ...)
 	NOT-FOR-US: Elemental Path's CogniToys Dino smart toys
-CVE-2017-8865
+CVE-2017-8865 (Elemental Path's CogniToys Dino smart toys through firmware version 0. ...)
 	NOT-FOR-US: Elemental Path's CogniToys Dino smart toys
-CVE-2017-8864
+CVE-2017-8864 (Client-side enforcement using JavaScript of server-side security optio ...)
 	NOT-FOR-US: Cohu
-CVE-2017-8863
+CVE-2017-8863 (Information disclosure of .esp source code on the Cohu 3960 allows an  ...)
 	NOT-FOR-US: Cohu
-CVE-2017-8862
+CVE-2017-8862 (The webupgrade function on the Cohu 3960HD does not verify the firmwar ...)
 	NOT-FOR-US: Cohu
-CVE-2017-8861
+CVE-2017-8861 (Missing authentication for the remote configuration port 1236/tcp on t ...)
 	NOT-FOR-US: Cohu
-CVE-2017-8860
+CVE-2017-8860 (Information disclosure through directory listing on the Cohu 3960HD al ...)
 	NOT-FOR-US: Cohu
-CVE-2017-8859
+CVE-2017-8859 (In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users  ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-8858
+CVE-2017-8858 (In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and e ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-8857
+CVE-2017-8857 (In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and e ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-8856
+CVE-2017-8856 (In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and e ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-1000044
+CVE-2017-1000044 (gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly ...)
 	- gtk-vnc 0.4.3-1
 	NOTE: Fixed by: https://git.gnome.org/browse/gtk-vnc/commit/?id=f3fc5e57a78d4be9872f1394f697b9929873a737 (release-0.4.3)
-CVE-2017-8855
+CVE-2017-8855 (wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a mal ...)
 	- wolfssl 3.12.0+dfsg-1 (bug #870170)
 	NOTE: Fixed upstream in 3.11.0, https://github.com/wolfSSL/wolfssl/releases/tag/v3.11.0-stable
-CVE-2017-8854
+CVE-2017-8854 (wolfSSL before 3.10.2 has an out-of-bounds memory access with loading  ...)
 	- wolfssl 3.10.2+dfsg-1
-CVE-2017-8853
+CVE-2017-8853 (Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in dapur/ap ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-8852
+CVE-2017-8852 (SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It  ...)
 	NOT-FOR-US: SAP
-CVE-2017-8851
+CVE-2017-8851 (An issue was discovered on OnePlus One and X devices. Due to a lenient ...)
 	NOT-FOR-US: OnePlus One
-CVE-2017-8850
+CVE-2017-8850 (An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. Due t ...)
 	NOT-FOR-US: OnePlus One
-CVE-2017-8849
+CVE-2017-8849 (smb4k before 2.0.1 allows local users to gain root privileges by lever ...)
 	{DSA-3951-1 DLA-1002-1}
 	- smb4k 1.2.1-2 (bug #862505)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/10/3
@@ -27946,150 +27946,150 @@ CVE-2017-8849
 	NOTE: https://github.com/stealth/plasmapulsar
 	NOTE: smb4k 2.0.0: https://commits.kde.org/smb4k/a90289b0962663bc1d247bbbd31b9e65b2ca000e
 	NOTE: smb4k 1.2.3: https://commits.kde.org/smb4k/71554140bdaede27b95dbe4c9b5a028a83c83cce
-CVE-2017-8848
+CVE-2017-8848 (Allen Disk 1.6 has CSRF in setpass.php with an impact of changing a pa ...)
 	NOT-FOR-US: Allen Disk
-CVE-2017-8847
+CVE-2017-8847 (The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrz ...)
 	- lrzip 0.631+git180517-1 (unimportant; bug #863145)
 	NOTE: https://github.com/ckolivas/lrzip/issues/67
 	NOTE: https://blogs.gentoo.org/ago/2017/05/07/lrzip-null-pointer-dereference-in-bufreadget-libzpaq-h/
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-8846
+CVE-2017-8846 (The read_stream function in stream.c in liblrzip.so in lrzip 0.631 all ...)
 	- lrzip 0.631+git180517-1 (bug #863150)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/71
 	NOTE: https://blogs.gentoo.org/ago/2017/05/07/lrzip-use-after-free-in-read_stream-stream-c/
-CVE-2017-8845
+CVE-2017-8845 (The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lr ...)
 	- lrzip 0.631+git180517-1 (unimportant; bug #863151)
 	NOTE: https://github.com/ckolivas/lrzip/issues/68
 	NOTE: https://github.com/ckolivas/lrzip/commit/89d7b33e6a6450eed326b40084b547d42bad333f
 	NOTE: https://blogs.gentoo.org/ago/2017/05/07/lrzip-invalid-memory-read-in-lzo_decompress_buf-stream-c/
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-8844
+CVE-2017-8844 (The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows  ...)
 	- lrzip 0.631+git180517-1 (bug #863153)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/70
 	NOTE: https://blogs.gentoo.org/ago/2017/05/07/lrzip-heap-based-buffer-overflow-write-in-read_1g-stream-c/
-CVE-2017-8843
+CVE-2017-8843 (The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 al ...)
 	- lrzip 0.631+git180517-1 (unimportant; bug #863155)
 	NOTE: https://github.com/ckolivas/lrzip/issues/69
 	NOTE: https://blogs.gentoo.org/ago/2017/05/07/lrzip-null-pointer-dereference-in-join_pthread-stream-c/
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-8842
+CVE-2017-8842 (The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrz ...)
 	- lrzip 0.631+git180517-1 (unimportant; bug #863156)
 	NOTE: https://github.com/ckolivas/lrzip/issues/66
 	NOTE: https://blogs.gentoo.org/ago/2017/05/07/lrzip-divide-by-zero-in-bufreadget-libzpaq-h/
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-8841
+CVE-2017-8841 (Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710,  ...)
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8840
+CVE-2017-8840 (Debug information disclosure exists on Peplink Balance 305, 380, 580,  ...)
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8839
+CVE-2017-8839 (XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, a ...)
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8838
+CVE-2017-8838 (XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and ...)
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8837
+CVE-2017-8837 (Cleartext password storage exists on Peplink Balance 305, 380, 580, 71 ...)
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8836
+CVE-2017-8836 (CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devi ...)
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8835
+CVE-2017-8835 (SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and  ...)
 	NOT-FOR-US: Peplink Balance devices
-CVE-2017-8834
+CVE-2017-8834 (The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 a ...)
 	- libcroco <unfixed> (bug #864666; low)
 	[buster] - libcroco <no-dsa> (Minor issue)
 	[stretch] - libcroco <no-dsa> (Minor issue)
 	[jessie] - libcroco <no-dsa> (Minor issue)
 	[wheezy] - libcroco <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=782647
-CVE-2017-8833
+CVE-2017-8833 (Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE:  ...)
 	NOT-FOR-US: Zen Cart
-CVE-2017-8832
+CVE-2017-8832 (Allen Disk 1.6 has XSS in the id parameter to downfile.php. ...)
 	NOT-FOR-US: Allen Disk
-CVE-2017-8831
+CVE-2017-8831 (The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus. ...)
 	{DLA-1200-1}
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.51-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=195559
-CVE-2017-8830
+CVE-2017-8830 (In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (low; bug #862637)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/467
 CVE-2017-8828
 	RESERVED
-CVE-2017-8827
+CVE-2017-8827 (forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might a ...)
 	NOT-FOR-US: GenixCMS
-CVE-2017-8826
+CVE-2017-8826 (FastStone Image Viewer 6.2 has a "User Mode Write AV" issue, possibly  ...)
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2017-8825
+CVE-2017-8825 (A null dereference vulnerability has been found in the MIME handling c ...)
 	- libetpan 1.6-3 (bug #862151)
 	[jessie] - libetpan <no-dsa> (Minor issue)
 	[wheezy] - libetpan <no-dsa> (Minor issue)
 	NOTE: https://github.com/dinhviethoa/libetpan/commit/1fe8fbc032ccda1db9af66d93016b49c16c1f22d
 	NOTE: https://github.com/dinhviethoa/libetpan/issues/274
-CVE-2017-8824
+CVE-2017-8824 (The dccp_disconnect function in net/dccp/proto.c in the Linux kernel t ...)
 	{DSA-4082-1 DSA-4073-1 DLA-1200-1}
 	- linux 4.14.7-1
 	NOTE: http://lists.openwall.net/netdev/2017/12/04/224
 	NOTE: Fixed by: https://git.kernel.org/linus/69c64866ce072dea1d1e59a0d61e0f66c0dffb76
-CVE-2017-8823
+CVE-2017-8823 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ...)
 	{DSA-4054-1}
 	- tor 0.3.1.9-1
 	[wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://bugs.torproject.org/24313
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8822
+CVE-2017-8822 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ...)
 	{DSA-4054-1}
 	- tor 0.3.1.9-1
 	[wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://bugs.torproject.org/21534
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8821
+CVE-2017-8821 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ...)
 	{DSA-4054-1}
 	- tor 0.3.1.9-1
 	[wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://bugs.torproject.org/24246
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8820
+CVE-2017-8820 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ...)
 	{DSA-4054-1}
 	- tor 0.3.1.9-1
 	[wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://bugs.torproject.org/24245
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8819
+CVE-2017-8819 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ...)
 	{DSA-4054-1}
 	- tor 0.3.1.9-1
 	[wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://bugs.torproject.org/24244
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
-CVE-2017-8818
+CVE-2017-8818 (curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to  ...)
 	- curl 7.57.0-1
 	[stretch] - curl <not-affected> (Vulnerable code not present)
 	[jessie] - curl <not-affected> (Vulnerable code not present)
 	[wheezy] - curl <not-affected> (Vulnerable code not present)
 	NOTE: https://curl.haxx.se/docs/adv_2017-af0a.html
 	NOTE: https://curl.haxx.se/CVE-2017-8818.patch
-CVE-2017-8817
+CVE-2017-8817 (The FTP wildcard function in curl and libcurl before 7.57.0 allows rem ...)
 	{DSA-4051-1 DLA-1195-1}
 	- curl 7.57.0-1
 	NOTE: https://curl.haxx.se/docs/adv_2017-ae72.html
 	NOTE: https://curl.haxx.se/CVE-2017-8817.patch
-CVE-2017-8816
+CVE-2017-8816 (The NTLM authentication feature in curl and libcurl before 7.57.0 on 3 ...)
 	{DSA-4051-1}
 	- curl 7.57.0-1
 	[wheezy] - curl <not-affected> (Vulnerable code not present, introduced in 7.36.0)
 	NOTE: https://curl.haxx.se/docs/adv_2017-11e7.html
 	NOTE: https://curl.haxx.se/CVE-2017-8816.patch
-CVE-2017-8815
+CVE-2017-8815 (The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28. ...)
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
 	NOTE: https://phabricator.wikimedia.org/T119158
-CVE-2017-8814
+CVE-2017-8814 (The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28. ...)
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
@@ -28097,37 +28097,37 @@ CVE-2017-8814
 	NOTE: https://phabricator.wikimedia.org/T124404
 CVE-2017-8813
 	REJECTED
-CVE-2017-8812
+CVE-2017-8812 (MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29. ...)
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
 	NOTE: https://phabricator.wikimedia.org/T125163
-CVE-2017-8811
+CVE-2017-8811 (The implementation of raw message parameter expansion in MediaWiki bef ...)
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
 	NOTE: https://phabricator.wikimedia.org/T176247
-CVE-2017-8810
+CVE-2017-8810 (MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29. ...)
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
 	NOTE: https://phabricator.wikimedia.org/T134100
-CVE-2017-8809
+CVE-2017-8809 (api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x b ...)
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
 	NOTE: https://phabricator.wikimedia.org/T128209
-CVE-2017-8808
+CVE-2017-8808 (MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29. ...)
 	{DSA-4036-1}
 	- mediawiki 1:1.27.4-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
 	NOTE: https://phabricator.wikimedia.org/T178451
-CVE-2017-8807
+CVE-2017-8807 (vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cach ...)
 	{DSA-4034-1}
 	- varnish 5.2.1-1 (bug #881808)
 	[jessie] - varnish <not-affected> (Vulnerable code not present, issue introduced in 4.1.0)
@@ -28135,10 +28135,10 @@ CVE-2017-8807
 	NOTE: http://varnish-cache.org/security/VSV00002.html
 	NOTE: https://github.com/varnishcache/varnish-cache/pull/2429
 	NOTE: Fixed by: https://github.com/varnishcache/varnish-cache/commit/176f8a075a
-CVE-2017-8806
+CVE-2017-8806 (The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scri ...)
 	{DSA-4029-1 DLA-1169-1}
 	- postgresql-common 188
-CVE-2017-8805
+CVE-2017-8805 (Debian ftpsync before 20171017 does not use the rsync --safe-links opt ...)
 	- archvsync 20171017
 	NOTE: http://www.openwall.com/lists/oss-security/2017/10/17/2
 	NOTE: https://anonscm.debian.org/cgit/mirror/archvsync.git/commit/?id=d1ca2ab2210990b6dfb664cd6776a41b71c48016
@@ -28148,416 +28148,416 @@ CVE-2017-1000040
 	REJECTED
 CVE-2017-1000019
 	REJECTED
-CVE-2017-8829
+CVE-2017-8829 (Deserialization vulnerability in lintian through 2.5.50.3 allows attac ...)
 	- lintian 2.5.50.4 (bug #861958)
 	[jessie] - lintian <not-affected> (upstream/metadata check introduced in 2.5.41; vulnerable code not present)
 	[wheezy] - lintian <not-affected> (upstream/metadata check introduced in 2.5.41; vulnerable code not present)
-CVE-2017-8804
+CVE-2017-8804 (The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc ...)
 	NOTE: This is not a vulnerability in glibc, but a bug in the application, see
 	NOTE: https://sourceware.org/ml/libc-alpha/2017-05/msg00128.html and
 	NOTE: https://sourceware.org/ml/libc-alpha/2017-05/msg00129.html
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/05/2
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21461
-CVE-2017-8803
+CVE-2017-8803 (Notepad++ 7.3.3 (32-bit) with Hex Editor Plugin v0.9.5 might allow use ...)
 	NOT-FOR-US: Notepad++
-CVE-2017-8802
+CVE-2017-8802 (Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite ...)
 	NOT-FOR-US: Zimbra
-CVE-2017-8801
+CVE-2017-8801 (Trend Micro OfficeScan 11.0 before SP1 CP 6325 (with Agent Module Buil ...)
 	NOT-FOR-US: Trend Micro
 CVE-2017-8800
 	RESERVED
-CVE-2017-8799
+CVE-2017-8799 (Untrusted input execution via igetwild in all iRODS versions before 4. ...)
 	NOT-FOR-US: iRODS
-CVE-2017-8798
+CVE-2017-8798 (Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v ...)
 	{DLA-949-1}
 	- miniupnpc 1.9.20140610-3 (bug #862273)
 	[jessie] - miniupnpc <no-dsa> (Minor issue)
 	NOTE: https://github.com/tintinweb/pub/blob/master/pocs/cve-2017-8798/Readme.md
 	NOTE: Fixed by: https://github.com/miniupnp/miniupnp/commit/f0f1f4b22d6a98536377a1bb07e7c20e4703d229
-CVE-2017-8797
+CVE-2017-8797 (The NFSv4 server in the Linux kernel before 4.11.3 does not properly v ...)
 	- linux 4.9.30-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/b550a32e60a4941994b437a8d662432a486235a5 (4.12-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/f961e3f2acae94b727380c0b74e2d3954d0edf79 (4.12-rc1)
-CVE-2017-8796
+CVE-2017-8796 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8795
+CVE-2017-8795 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8794
+CVE-2017-8794 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8793
+CVE-2017-8793 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8792
+CVE-2017-8792 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8791
+CVE-2017-8791 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8790
+CVE-2017-8790 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8789
+CVE-2017-8789 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8788
+CVE-2017-8788 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8787
+CVE-2017-8787 (The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in ...)
 	- libpodofo 0.9.5-7 (bug #861738)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: Possible unspecified impact. Needs further analysis.
 	NOTE: Upstream commit: https://sourceforge.net/p/podofo/code/1851
-CVE-2017-8786
+CVE-2017-8786 (pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial o ...)
 	- pcre2 10.31-1 (unimportant; bug #861873)
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=2079
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libpcre-heap-based-buffer-overflow-write-in-pcre2test-c/
 	NOTE: https://vcs.pcre.org/pcre2/code/trunk/src/pcre2test.c?r1=692&r2=697
-CVE-2017-8785
+CVE-2017-8785 (FastStone Image Viewer 6.2 has a "Data from Faulting Address may be us ...)
 	NOT-FOR-US: FastStone Image Viewer
 CVE-2017-8784
 	REJECTED
-CVE-2017-8783
+CVE-2017-8783 (Synacor Zimbra Collaboration Suite (ZCS) before 8.7.10 has Persistent  ...)
 	NOT-FOR-US: Zimbra
-CVE-2017-8782
+CVE-2017-8782 (The readString function in util/read.c and util/old/read.c in libming  ...)
 	{DLA-980-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/70
-CVE-2017-8781
+CVE-2017-8781 (XnView Classic for Windows Version 2.40 allows user-assisted remote at ...)
 	NOT-FOR-US: XnView
-CVE-2017-8780
+CVE-2017-8780 (GeniXCMS 1.0.2 has XSS triggered by a comment that is mishandled durin ...)
 	NOT-FOR-US: GenixCMS
-CVE-2017-8778
+CVE-2017-8778 (GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 h ...)
 	- gitlab <not-affected> (SVG rendering feature introduced later, cf. bug #861870)
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/27471
 CVE-2017-8777
 	RESERVED
-CVE-2017-8779
+CVE-2017-8779 (rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0 ...)
 	{DSA-3845-1 DLA-937-1 DLA-936-1}
 	- rpcbind 0.2.3-0.6 (bug #861835)
 	- libtirpc 0.2.5-1.2 (bug #861834)
 	- ntirpc 1.4.4-1 (bug #861836)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/04/1
 	NOTE: https://github.com/guidovranken/rpcbomb/
-CVE-2017-8776
+CVE-2017-8776 (Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10. ...)
 	NOT-FOR-US: Quick Heal Internet Security
-CVE-2017-8775
+CVE-2017-8775 (Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10. ...)
 	NOT-FOR-US: Quick Heal Internet Security
-CVE-2017-8774
+CVE-2017-8774 (Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10. ...)
 	NOT-FOR-US: Quick Heal Internet Security
-CVE-2017-8773
+CVE-2017-8773 (Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10. ...)
 	NOT-FOR-US: Quick Heal Internet Security
-CVE-2017-8772
+CVE-2017-8772 (On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (w ...)
 	NOT-FOR-US: BE126 WIFI repeater
-CVE-2017-8771
+CVE-2017-8771 (On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (w ...)
 	NOT-FOR-US: BE126 WIFI repeater
-CVE-2017-8770
+CVE-2017-8770 (There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 device ...)
 	NOT-FOR-US: BE126 WIFI repeater
-CVE-2017-8769
+CVE-2017-8769 (** DISPUTED ** Facebook WhatsApp Messenger before 2.16.323 for Android ...)
 	NOT-FOR-US: WhatsApp Messenger
-CVE-2017-8768
+CVE-2017-8768 (Atlassian SourceTree v2.5c and prior are affected by a command injecti ...)
 	NOT-FOR-US: Atlassian SourceTree
 CVE-2017-8767
 	REJECTED
-CVE-2017-8766
+CVE-2017-8766 (IrfanView version 4.44 (32bit) allows remote attackers to execute code ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-8765
+CVE-2017-8765 (The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5 ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (low; bug #862653)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/466
 CVE-2017-8764
 	RESERVED
-CVE-2017-8763
+CVE-2017-8763 (Cross-site scripting (XSS) vulnerability in modules/Base/Box/check_for ...)
 	NOT-FOR-US: EPESI
-CVE-2017-8762
+CVE-2017-8762 (GeniXCMS 1.0.2 has XSS triggered by an authenticated user who submits  ...)
 	NOT-FOR-US: GenixCMS
 CVE-2017-8761
 	RESERVED
-CVE-2017-8760
+CVE-2017-8760 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8759
+CVE-2017-8759 (Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8758
+CVE-2017-8758 (Microsoft Exchange Server 2016 allows an elevation of privilege vulner ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8757
+CVE-2017-8757 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8756
+CVE-2017-8756 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8755
+CVE-2017-8755 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8754
+CVE-2017-8754 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8753
+CVE-2017-8753 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8752
+CVE-2017-8752 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows S ...)
 	NOT-FOR-US: Apache Atlas
-CVE-2017-8751
+CVE-2017-8751 (Microsoft Edge in Microsoft Windows 1703 allows an attacker to execute ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8750
+CVE-2017-8750 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8749
+CVE-2017-8749 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8748
+CVE-2017-8748 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8747
+CVE-2017-8747 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8746
+CVE-2017-8746 (Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8745
+CVE-2017-8745 (An elevation of privilege vulnerability exists in Microsoft SharePoint ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8744
+CVE-2017-8744 (A remote code execution vulnerability exists in Excel Services, Micros ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8743
+CVE-2017-8743 (A remote code execution vulnerability exists in Microsoft PowerPoint 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8742
+CVE-2017-8742 (A remote code execution vulnerability exists in Microsoft PowerPoint 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8741
+CVE-2017-8741 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8740
+CVE-2017-8740 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8739
+CVE-2017-8739 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obta ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8738
+CVE-2017-8738 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8737
+CVE-2017-8737 (Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8736
+CVE-2017-8736 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8735
+CVE-2017-8735 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8734
+CVE-2017-8734 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8733
+CVE-2017-8733 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8732
 	RESERVED
-CVE-2017-8731
+CVE-2017-8731 (Microsoft Edge in Microsoft Windows 10 1607 and Windows Server 2016 al ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8730
 	RESERVED
-CVE-2017-8729
+CVE-2017-8729 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8728
+CVE-2017-8728 (Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8727
+CVE-2017-8727 (Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8726
+CVE-2017-8726 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8725
+CVE-2017-8725 (A remote code execution vulnerability exists in Microsoft Publisher 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8724
+CVE-2017-8724 (Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8723
+CVE-2017-8723 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8722
 	RESERVED
 CVE-2017-8721
 	RESERVED
-CVE-2017-8720
+CVE-2017-8720 (The Microsoft Windows graphics component on Microsoft Windows Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8719
+CVE-2017-8719 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8718
+CVE-2017-8718 (The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8717
+CVE-2017-8717 (The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8716
+CVE-2017-8716 (Windows Control Flow Guard in Microsoft Windows 10 Version 1703 allows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8715
+CVE-2017-8715 (The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8714
+CVE-2017-8714 (The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8713
+CVE-2017-8713 (The Windows Hyper-V component on Microsoft Windows Windows 8.1, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8712
+CVE-2017-8712 (The Windows Hyper-V component on Microsoft Windows 10 1607, 1703, and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8711
+CVE-2017-8711 (The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8710
+CVE-2017-8710 (The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8709
+CVE-2017-8709 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8708
+CVE-2017-8708 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8707
+CVE-2017-8707 (The Windows Hyper-V component on Microsoft Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8706
+CVE-2017-8706 (The Windows Hyper-V component on Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8705
 	RESERVED
-CVE-2017-8704
+CVE-2017-8704 (The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8703
+CVE-2017-8703 (The Microsoft Windows Subsystem for Linux on Microsoft Windows 10 1703 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8702
+CVE-2017-8702 (Windows Error Reporting (WER) in Microsoft Windows 10 Gold, 1511, and  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8701
 	RESERVED
-CVE-2017-8700
+CVE-2017-8700 (ASP.NET Core 1.0, 1.1, and 2.0 allow an attacker to bypass Cross-origi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8699
+CVE-2017-8699 (Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 S ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8698
 	RESERVED
 CVE-2017-8697
 	RESERVED
-CVE-2017-8696
+CVE-2017-8696 (Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8695
+CVE-2017-8695 (Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8694
+CVE-2017-8694 (The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8693
+CVE-2017-8693 (The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, 1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8692
+CVE-2017-8692 (The Windows Uniscribe component on Microsoft Windows 8.1, Windows Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8691
+CVE-2017-8691 (Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow an attacke ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2017-8690
 	RESERVED
-CVE-2017-8689
+CVE-2017-8689 (The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8688
+CVE-2017-8688 (Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8687
+CVE-2017-8687 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8686
+CVE-2017-8686 (The Windows Server DHCP service in Windows Server 2012 Gold and R2, an ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8685
+CVE-2017-8685 (Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, and Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8684
+CVE-2017-8684 (Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8683
+CVE-2017-8683 (Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8682
+CVE-2017-8682 (Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8681
+CVE-2017-8681 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8680
+CVE-2017-8680 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8679
+CVE-2017-8679 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8678
+CVE-2017-8678 (The Windows kernel component on Microsoft Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8677
+CVE-2017-8677 (The Windows GDI+ component on Microsoft Windows Server 2008 SP2 and R2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8676
+CVE-2017-8676 (The Windows Graphics Device Interface (GDI) in Microsoft Windows Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8675
+CVE-2017-8675 (The Windows Kernel-Mode Drivers component on Microsoft Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8674
+CVE-2017-8674 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8673
+CVE-2017-8673 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8672
+CVE-2017-8672 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8671
+CVE-2017-8671 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8670
+CVE-2017-8670 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8669
+CVE-2017-8669 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8668
+CVE-2017-8668 (The Volume Manager Extension Driver in Microsoft Windows 7 SP1, Window ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8667
 	RESERVED
-CVE-2017-8666
+CVE-2017-8666 (Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8665
+CVE-2017-8665 (The Xamarin.iOS update component on systems running macOS allows an at ...)
 	NOT-FOR-US: Xamarin.iOS
-CVE-2017-8664
+CVE-2017-8664 (Windows Hyper-V in Windows 8.1, Windows Server 2012 Gold and R2, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8663
+CVE-2017-8663 (Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outloo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8662
+CVE-2017-8662 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to disc ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8661
+CVE-2017-8661 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8660
+CVE-2017-8660 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8659
+CVE-2017-8659 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obta ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8658
+CVE-2017-8658 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8657
+CVE-2017-8657 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8656
+CVE-2017-8656 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8655
+CVE-2017-8655 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8654
+CVE-2017-8654 (Microsoft SharePoint Server 2010 Service Pack 2 allows a cross-site sc ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8653
+CVE-2017-8653 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8652
+CVE-2017-8652 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8651
+CVE-2017-8651 (Internet Explorer in Microsoft Windows Server 2008 SP2 and Windows Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8650
+CVE-2017-8650 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to expl ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8649
+CVE-2017-8649 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8648
+CVE-2017-8648 (Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8647
+CVE-2017-8647 (Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitr ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8646
+CVE-2017-8646 (Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8645
+CVE-2017-8645 (Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8644
+CVE-2017-8644 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8643
+CVE-2017-8643 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8642
+CVE-2017-8642 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to elev ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8641
+CVE-2017-8641 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8640
+CVE-2017-8640 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8639
+CVE-2017-8639 (Microsoft Edge in Windows 10 1607, 1703, and Windows Server 2016 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8638
+CVE-2017-8638 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8637
+CVE-2017-8637 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to bypa ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8636
+CVE-2017-8636 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8635
+CVE-2017-8635 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2  ...)
 	NOT-FOR-US: MIcrosoft
-CVE-2017-8634
+CVE-2017-8634 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8633
+CVE-2017-8633 (Windows Error Reporting (WER) in Windows Server 2008 SP2 and R2 SP1, W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8632
+CVE-2017-8632 (A remote code execution vulnerability exists in Microsoft Excel 2010 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8631
+CVE-2017-8631 (A remote code execution vulnerability exists in Excel Services, Micros ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8630
+CVE-2017-8630 (Microsoft Office 2016 allows a remote code execution vulnerability whe ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8629
+CVE-2017-8629 (Microsoft SharePoint Server 2013 Service Pack 1 allows an elevation of ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8628
+CVE-2017-8628 (Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1,  ...)
 	NOT-FOR-US: Microsoft Windows
 	NOTE: https://www.armis.com/blueborne/
-CVE-2017-8627
+CVE-2017-8627 (Windows Subsystem for Linux in Windows 10 1703, allows a denial of ser ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8626
 	RESERVED
-CVE-2017-8625
+CVE-2017-8625 (Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Se ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8624
+CVE-2017-8624 (CLFS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8623
+CVE-2017-8623 (Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8622
+CVE-2017-8622 (Windows Subsystem for Linux in Windows 10 1703 allows an elevation of  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8621
+CVE-2017-8621 (Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8620
+CVE-2017-8620 (Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8619
+CVE-2017-8619 (Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8618
+CVE-2017-8618 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8617
+CVE-2017-8617 (Microsoft Edge in Windows 10 1703 Microsoft Edge allows a remote code  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8616
 	RESERVED
@@ -28565,357 +28565,357 @@ CVE-2017-8615
 	RESERVED
 CVE-2017-8614
 	RESERVED
-CVE-2017-8613
+CVE-2017-8613 (Azure AD Connect Password writeback, if misconfigured during enablemen ...)
 	NOT-FOR-US: Azure AD Connect Password writeback
 CVE-2017-8612
 	RESERVED
-CVE-2017-8611
+CVE-2017-8611 (Microsoft Edge on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8610
+CVE-2017-8610 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8609
+CVE-2017-8609 (Microsoft Internet Explorer in Microsoft Windows 10 Gold, 1511, 1607,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8608
+CVE-2017-8608 (Microsoft browsers in Microsoft Windows Server 2008 and R2, Windows 8. ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8607
+CVE-2017-8607 (Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8606
+CVE-2017-8606 (Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8605
+CVE-2017-8605 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8604
+CVE-2017-8604 (Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8603
+CVE-2017-8603 (Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8602
+CVE-2017-8602 (Microsoft browsers on Microsoft Windows 7 SP1, Windows Server 2008 R2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8601
+CVE-2017-8601 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8600
 	RESERVED
-CVE-2017-8599
+CVE-2017-8599 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8598
+CVE-2017-8598 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8597
+CVE-2017-8597 (Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8596
+CVE-2017-8596 (Microsoft Edge in Microsoft Windows 10 1607, and 1703, and Windows Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8595
+CVE-2017-8595 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8594
+CVE-2017-8594 (Internet Explorer on Microsoft Windows 8.1 and Windows RT 8.1, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8593
+CVE-2017-8593 (Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8592
+CVE-2017-8592 (Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8591
+CVE-2017-8591 (Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8590
+CVE-2017-8590 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8589
+CVE-2017-8589 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8588
+CVE-2017-8588 (Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8587
+CVE-2017-8587 (Windows Explorer in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8586
 	RESERVED
-CVE-2017-8585
+CVE-2017-8585 (Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an attacker  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8584
+CVE-2017-8584 (Windows 10 1607 and Windows Server 2016 allow an attacker to execute c ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8583
 	RESERVED
-CVE-2017-8582
+CVE-2017-8582 (HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8581
+CVE-2017-8581 (Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8580
+CVE-2017-8580 (Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8579
+CVE-2017-8579 (The DirectX component in Microsoft Windows 10 Gold, 1511, 1607, 1703,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8578
+CVE-2017-8578 (Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8577
+CVE-2017-8577 (Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8576
+CVE-2017-8576 (The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8575
+CVE-2017-8575 (The kernel in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows ...)
 	NOT-FOR-US: Windows
-CVE-2017-8574
+CVE-2017-8574 (Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8573
+CVE-2017-8573 (Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8572
+CVE-2017-8572 (Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outloo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8571
+CVE-2017-8571 (Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outloo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8570
+CVE-2017-8570 (Microsoft Office allows a remote code execution vulnerability due to t ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8569
+CVE-2017-8569 (Microsoft SharePoint Server allows an elevation of privilege vulnerabi ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8568
 	RESERVED
-CVE-2017-8567
+CVE-2017-8567 (A remote code execution vulnerability exists in Microsoft Excel for Ma ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8566
+CVE-2017-8566 (Microsoft Windows 1607, 1703, and Windows Server 2016 allows an elevat ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8565
+CVE-2017-8565 (Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8564
+CVE-2017-8564 (Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8563
+CVE-2017-8563 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8562
+CVE-2017-8562 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8561
+CVE-2017-8561 (Windows kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8560
+CVE-2017-8560 (Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8559
+CVE-2017-8559 (Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8558
+CVE-2017-8558 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8557
+CVE-2017-8557 (Windows System Information Console in Windows Server 2008 SP2 and R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8556
+CVE-2017-8556 (Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8555
+CVE-2017-8555 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to tric ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8554
+CVE-2017-8554 (The kernel in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8553
+CVE-2017-8553 (An information disclosure vulnerability exists in Microsoft Windows Se ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8552
+CVE-2017-8552 (A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8551
+CVE-2017-8551 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8550
+CVE-2017-8550 (A remote code execution vulnerability exists in Skype for Business whe ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8549
+CVE-2017-8549 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8548
+CVE-2017-8548 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8547
+CVE-2017-8547 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8546
 	RESERVED
-CVE-2017-8545
+CVE-2017-8545 (A spoofing vulnerability exists in when Microsoft Outlook for Mac does ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8544
+CVE-2017-8544 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8543
+CVE-2017-8543 (Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8542
+CVE-2017-8542 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8541
+CVE-2017-8541 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8540
+CVE-2017-8540 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8539
+CVE-2017-8539 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8538
+CVE-2017-8538 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8537
+CVE-2017-8537 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8536
+CVE-2017-8536 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8535
+CVE-2017-8535 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8534
+CVE-2017-8534 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8533
+CVE-2017-8533 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8532
+CVE-2017-8532 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8531
+CVE-2017-8531 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8530
+CVE-2017-8530 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8529
+CVE-2017-8529 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8528
+CVE-2017-8528 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8527
+CVE-2017-8527 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8526
 	RESERVED
 CVE-2017-8525
 	RESERVED
-CVE-2017-8524
+CVE-2017-8524 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8523
+CVE-2017-8523 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8522
+CVE-2017-8522 (Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8521
+CVE-2017-8521 (Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitr ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8520
+CVE-2017-8520 (Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitr ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8519
+CVE-2017-8519 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8518
+CVE-2017-8518 (Microsoft Edge allows a remote code execution vulnerability due to the ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8517
+CVE-2017-8517 (Microsoft browsers in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8516
+CVE-2017-8516 (Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, M ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8515
+CVE-2017-8515 (Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 all ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8514
+CVE-2017-8514 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8513
+CVE-2017-8513 (A remote code execution vulnerability exists in Microsoft PowerPoint w ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8512
+CVE-2017-8512 (A remote code execution vulnerability exists in Microsoft Office when  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8511
+CVE-2017-8511 (A remote code execution vulnerability exists in Microsoft Office when  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8510
+CVE-2017-8510 (A remote code execution vulnerability exists in Microsoft Office when  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8509
+CVE-2017-8509 (A remote code execution vulnerability exists in Microsoft Office when  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8508
+CVE-2017-8508 (A security feature bypass vulnerability exists in Microsoft Office sof ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8507
+CVE-2017-8507 (A remote code execution vulnerability exists in the way Microsoft Offi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8506
+CVE-2017-8506 (A remote code execution vulnerability exists in Microsoft Office when  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8505
 	RESERVED
-CVE-2017-8504
+CVE-2017-8504 (Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 al ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8503
+CVE-2017-8503 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8502
+CVE-2017-8502 (Microsoft Office allows a remote code execution vulnerability due to t ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8501
+CVE-2017-8501 (Microsoft Office allows a remote code execution vulnerability due to t ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8500
 	RESERVED
-CVE-2017-8499
+CVE-2017-8499 (Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitr ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8498
+CVE-2017-8498 (Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 al ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8497
+CVE-2017-8497 (Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an at ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8496
+CVE-2017-8496 (Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an at ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8495
+CVE-2017-8495 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8494
+CVE-2017-8494 (Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8493
+CVE-2017-8493 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8492
+CVE-2017-8492 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8491
+CVE-2017-8491 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8490
+CVE-2017-8490 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8489
+CVE-2017-8489 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8488
+CVE-2017-8488 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8487
+CVE-2017-8487 (Windows OLE in Windows XP and Windows Server 2003 allows an attacker t ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8486
+CVE-2017-8486 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8485
+CVE-2017-8485 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8484
+CVE-2017-8484 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8483
+CVE-2017-8483 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8482
+CVE-2017-8482 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8481
+CVE-2017-8481 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8480
+CVE-2017-8480 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8479
+CVE-2017-8479 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8478
+CVE-2017-8478 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8477
+CVE-2017-8477 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8476
+CVE-2017-8476 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8475
+CVE-2017-8475 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8474
+CVE-2017-8474 (The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8473
+CVE-2017-8473 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8472
+CVE-2017-8472 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8471
+CVE-2017-8471 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8470
+CVE-2017-8470 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8469
+CVE-2017-8469 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8468
+CVE-2017-8468 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8467
+CVE-2017-8467 (Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8466
+CVE-2017-8466 (Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8465
+CVE-2017-8465 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8464
+CVE-2017-8464 (Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8463
+CVE-2017-8463 (Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8462
+CVE-2017-8462 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8461
+CVE-2017-8461 (Windows RPC with Routing and Remote Access enabled in Windows XP and W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8460
+CVE-2017-8460 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows R ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-8459
+CVE-2017-8459 (** DISPUTED ** Brave 0.12.4 has a Status Bar Obfuscation issue in whic ...)
 	- brave-browser <itp> (bug #864795)
-CVE-2017-8458
+CVE-2017-8458 (Brave 0.12.4 has a URI Obfuscation issue in which a string such as htt ...)
 	- brave-browser <itp> (bug #864795)
 CVE-2017-8457
 	RESERVED
 CVE-2017-8456
 	RESERVED
-CVE-2017-8455
+CVE-2017-8455 (Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-b ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-8454
+CVE-2017-8454 (Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-b ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-8453
+CVE-2017-8453 (Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-b ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2017-8452
+CVE-2017-8452 (Kibana versions prior to 5.2.1 configured for SSL client access, file  ...)
 	- kibana <itp> (bug #700337)
-CVE-2017-8451
+CVE-2017-8451 (With X-Pack installed, Kibana versions before 5.3.1 have an open redir ...)
 	NOT-FOR-US: Kibana addon
-CVE-2017-8450
+CVE-2017-8450 (X-Pack 5.1.1 did not properly apply document and field level security  ...)
 	NOT-FOR-US: Kibana addon
-CVE-2017-8449
+CVE-2017-8449 (X-Pack Security 5.2.x would allow access to more fields than the user  ...)
 	NOT-FOR-US: Kibana addon
-CVE-2017-8448
+CVE-2017-8448 (An error was found in the permission model used by X-Pack Alerting 5.0 ...)
 	- kibana <itp> (bug #700337)
-CVE-2017-8447
+CVE-2017-8447 (An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enf ...)
 	NOT-FOR-US: X-Pack plugin for Kibana
-CVE-2017-8446
+CVE-2017-8446 (The Reporting feature in X-Pack in versions prior to 5.5.2 and standal ...)
 	NOT-FOR-US: X-Pack plugin for Kibana
-CVE-2017-8445
+CVE-2017-8445 (An error was found in the X-Pack Security TLS trust manager for versio ...)
 	NOT-FOR-US: X-PackSecurity TLS trust manager plugin for Elasticsearch
-CVE-2017-8444
+CVE-2017-8444 (The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0 ...)
 	NOT-FOR-US: Elastic Cloud Enterprise
-CVE-2017-8443
+CVE-2017-8443 (In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user ope ...)
 	NOT-FOR-US: Kibana X-Pack Security
-CVE-2017-8442
+CVE-2017-8442 (Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, c ...)
 	NOT-FOR-US: Elastic X-Pack Security
-CVE-2017-8441
+CVE-2017-8441 (Elastic X-Pack Security versions prior to 5.4.1 and 5.3.3 did not alwa ...)
 	NOT-FOR-US: Elastic X-Pack Security
-CVE-2017-8440
+CVE-2017-8440 (Starting in version 5.3.0, Kibana had a cross-site scripting (XSS) vul ...)
 	- kibana <itp> (bug #700337)
-CVE-2017-8439
+CVE-2017-8439 (Kibana version 5.4.0 was affected by a Cross Site Scripting (XSS) bug  ...)
 	- kibana <itp> (bug #700337)
-CVE-2017-8438
+CVE-2017-8438 (Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege es ...)
 	NOT-FOR-US: Elastic X-Pack Security
 CVE-2017-8437
 	RESERVED
@@ -28947,7 +28947,7 @@ CVE-2017-8424
 	RESERVED
 CVE-2017-8423
 	RESERVED
-CVE-2017-8422
+CVE-2017-8422 (KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to  ...)
 	{DSA-3849-1 DLA-952-1}
 	- kauth 5.28.0-2
 	- kde4libs 4:4.14.26-2
@@ -28955,35 +28955,35 @@ CVE-2017-8422
 	NOTE: patch for kauth: https://cgit.kde.org/kauth.git/commit/?id=df875f725293af53399f5146362eb158b4f9216a
 	NOTE: patch for kde4libs: https://cgit.kde.org/kdelibs.git/commit/?h=KDE/4.14&id=264e97625abe2e0334f97de17f6ffb52582888ab
 	NOTE: https://www.kde.org/info/security/advisory-20170510-1.txt
-CVE-2017-8421
+CVE-2017-8421 (The function coff_set_alignment_hook in coffcode.h in Binary File Desc ...)
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21440
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=39ff1b79f687b65f4144ddb379f22587003443fb
-CVE-2017-8420
+CVE-2017-8420 (SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address  ...)
 	- swftools <unfixed> (unimportant)
 	NOTE: No actionable information, just a crash report against a four year old release
 	NOTE: https://github.com/matthiaskramm/swftools/issues/41
-CVE-2017-8419
+CVE-2017-8419 (LAME through 3.99.5 relies on the signed integer data type for values  ...)
 	- lame 3.99.5+repack1-7
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	NOTE: https://sourceforge.net/p/lame/bugs/458/
 	NOTE: Issue addressed in Debian via: https://sources.debian.org/patches/lame/3.99.5%2Brepack1-9/0001-Add-check-for-invalid-input-sample-rate.patch/
 	NOTE: in the revised version as included in 3.99.5+repack1-7
-CVE-2017-8905
+CVE-2017-8905 (Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback,  ...)
 	{DSA-3847-1 DLA-964-1}
 	- xen 4.8.0~rc3-1 (bug #861662)
 	NOTE: https://xenbits.xen.org/xsa/advisory-215.html
-CVE-2017-8904
+CVE-2017-8904 (Xen through 4.8.x mishandles the "contains segment descriptors" proper ...)
 	{DSA-3847-1 DLA-964-1}
 	- xen 4.8.1-1+deb9u1 (bug #861660)
 	NOTE: https://xenbits.xen.org/xsa/advisory-214.html
-CVE-2017-8903
+CVE-2017-8903 (Xen through 4.8.x on 64-bit platforms mishandles page tables after an  ...)
 	{DSA-3847-1 DLA-964-1}
 	- xen 4.8.1-1+deb9u1 (bug #861659)
 	NOTE: https://xenbits.xen.org/xsa/advisory-213.html
-CVE-2017-8418
+CVE-2017-8418 (RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing loc ...)
 	- rubocop 0.49.1+dfsg-1 (bug #870852)
 	NOTE: https://github.com/bbatsov/rubocop/issues/4336
 	NOTE: https://github.com/bbatsov/rubocop/commit/dcb258fabd5f2624c1ea0e1634763094590c09d7
@@ -29015,95 +29015,95 @@ CVE-2017-8405
 	RESERVED
 CVE-2017-8404
 	RESERVED
-CVE-2017-8403
+CVE-2017-8403 (360fly 4K cameras allow unauthenticated Wi-Fi password changes and com ...)
 	NOT-FOR-US: 360fly
-CVE-2017-8402
+CVE-2017-8402 (PivotX 2.3.11 allows remote authenticated users to execute arbitrary P ...)
 	NOT-FOR-US: PivotX
-CVE-2017-8401
+CVE-2017-8401 (In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the ...)
 	{DLA-995-1}
 	- swftools <unfixed> (unimportant; bug #861998)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/14
 	NOTE: https://github.com/matthiaskramm/swftools/commit/392fb1f3cd9a5b167787c551615c651c3f5326f2
 	NOTE: Crash in CLI tool not considered a security issue
-CVE-2017-8400
+CVE-2017-8400 (In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in th ...)
 	{DLA-995-1}
 	- swftools 0.9.2+git20130725-4.1 (bug #861693)
 	[jessie] - swftools <no-dsa> (Minor issue)
 	NOTE: https://github.com/matthiaskramm/swftools/issues/13
 	NOTE: https://github.com/matthiaskramm/swftools/commit/7139f3cf7c8bc576bea1dbd07c58ce1ad92b774a
-CVE-2017-8399
+CVE-2017-8399 (PCRE2 before 10.30 has an out-of-bounds write caused by a stack-based  ...)
 	- pcre2 <not-affected> (Did only affect revision after r670 upstream; not in a released version)
 	NOTE: Fixed by: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=783
 	NOTE: https://vcs.pcre.org/pcre2?view=revision&revision=674
-CVE-2017-8398
+CVE-2017-8398 (dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size  ...)
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21438
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d949ff5607b9f595e0eed2ff15fbe5eb84eb3a34
-CVE-2017-8397
+CVE-2017-8397 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21434
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=04b31182bf3f8a1a76e995bdfaaaab4c009b9cb2
-CVE-2017-8396
+CVE-2017-8396 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21432
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a941291cab71b9ac356e1c03968c177c03e602ab
-CVE-2017-8395
+CVE-2017-8395 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21431
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e63d123268f23a4cbc45ee55fb6dbc7d84729da3
-CVE-2017-8394
+CVE-2017-8394 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21414
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7eacd66b086cabb1daab20890d5481894d4f56b2
-CVE-2017-8393
+CVE-2017-8393 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.28-5
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21412
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bce964aa6c777d236fbd641f2bc7bb931cfe4bf3
-CVE-2017-8392
+CVE-2017-8392 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils <not-affected> (Vulnerable code introduced later)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21409
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=97e83a100aa8250be783304bfe0429761c6e6b6b
 	NOTE: Introduced by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3239a4231ff79bf8b67b8faaf414b1667486167c
-CVE-2017-8391
+CVE-2017-8391 (The OS Installation Management component in CA Client Automation r12.9 ...)
 	NOT-FOR-US: OS Installation Management component in CA Client Automation
-CVE-2017-8390
+CVE-2017-8390 (The DNS Proxy in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7 ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2017-8389
 	RESERVED
-CVE-2017-8388
+CVE-2017-8388 (GeniXCMS 1.0.2 allows remote attackers to bypass the alertDanger MSG_U ...)
 	NOT-FOR-US: GeniXCMS
-CVE-2017-8387
+CVE-2017-8387 (STDU Viewer version 1.6.375 might allow user-assisted attackers to exe ...)
 	NOT-FOR-US: STDU Viewer
-CVE-2017-8386
+CVE-2017-8386 (git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7 ...)
 	{DSA-3848-1 DLA-938-1}
 	- git 1:2.11.0-3
 	NOTE: http://lkml.iu.edu/hypermail/linux/kernel/1705.1/01337.html
 	NOTE: http://lkml.iu.edu/hypermail/linux/kernel/1705.1/01346.html
 	NOTE: https://insinuator.net/2017/05/git-shell-bypass-by-abusing-less-cve-2017-8386/
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=3ec804490a265f4c418a321428c12f3f18b7eff5
-CVE-2017-8385
+CVE-2017-8385 (Craft CMS before 2.6.2976 does not prevent modification of the URL in  ...)
 	NOT-FOR-US: Craft CMS
-CVE-2017-8384
+CVE-2017-8384 (Craft CMS before 2.6.2976 allows XSS attacks because an array returned ...)
 	NOT-FOR-US: Craft CMS
-CVE-2017-8383
+CVE-2017-8383 (Craft CMS before 2.6.2976 does not properly restrict viewing the conte ...)
 	NOT-FOR-US: Craft CMS
-CVE-2017-8382
+CVE-2017-8382 (admidio 3.2.8 has CSRF in adm_program/modules/members/members_function ...)
 	NOT-FOR-US: admidio
-CVE-2017-8381
+CVE-2017-8381 (XnView Classic for Windows Version 2.40 allows user-assisted remote at ...)
 	NOT-FOR-US: XnView Classic for Windows
-CVE-2017-8380
+CVE-2017-8380 (Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 all ...)
 	- qemu 1:2.8+dfsg-5 (bug #862282)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -29111,159 +29111,159 @@ CVE-2017-8380
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04147.html
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=e23d04984a78490d8aaa5c45724a3a334933331f (v2.2.0-rc0)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=24dfa9fa2f90a95ac33c7372de4f4f2c8a2c141f
-CVE-2017-8379
+CVE-2017-8379 (Memory leak in the keyboard input event handlers support in QEMU (aka  ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-5 (bug #862289)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=fa18f36a461984eae50ab957e47ec78dae3c14fc
-CVE-2017-8378
+CVE-2017-8378 (Heap-based buffer overflow in the PdfParser::ReadObjects function in b ...)
 	- libpodofo 0.9.5-9 (bug #861597)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: PoC: https://github.com/xiangxiaobo/poc_and_report/tree/master/podofo_heapoverflow_PdfParser.ReadObjects
 	NOTE: Upstream commit: https://sourceforge.net/p/podofo/code/1833/
-CVE-2017-8377
+CVE-2017-8377 (GeniXCMS 1.0.2 has SQL Injection in inc/lib/Control/Backend/menus.cont ...)
 	NOT-FOR-US: GeniXCMS
-CVE-2017-8376
+CVE-2017-8376 (GeniXCMS 1.0.2 has XSS triggered by an authenticated comment that is m ...)
 	NOT-FOR-US: GeniXCMS
 CVE-2017-8375
 	RESERVED
-CVE-2017-8374
+CVE-2017-8374 (The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b allo ...)
 	{DSA-4192-1 DLA-1380-1}
 	- libmad 0.15.1b-9
 	NOTE: https://blogs.gentoo.org/ago/2017/04/30/libmad-heap-based-buffer-overflow-in-mad_bit_skip-bit-c/
 	NOTE: The patch from #508133 fixed things related to this, but did not fix this.
 	NOTE: Patch in 0.15.1b-9: libmad-0.15.1b/debian/patches/length-check.patch
-CVE-2017-8373
+CVE-2017-8373 (The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b  ...)
 	{DSA-4192-1 DLA-1380-1}
 	- libmad 0.15.1b-9 (bug #287519)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/30/libmad-heap-based-buffer-overflow-in-mad_layer_iii-layer3-c/
 	NOTE: The patch from #508133 applied in 0.15.1b-4 only partially fixed it
 	NOTE: "Duplicate with"/basically same as CVE-2017-8372
 	NOTE: Patch in 0.15.1b-9: libmad-0.15.1b/debian/patches/md_size.diff
-CVE-2017-8372
+CVE-2017-8372 (The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, ...)
 	{DSA-4192-1 DLA-1380-1}
 	- libmad 0.15.1b-9 (bug #287519)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/30/libmad-assertion-failure-in-layer3-c/
 	NOTE: The patch from #508133 applied in 0.15.1b-4 only partially fixed it
 	NOTE: "Duplicate" with/basically same as CVE-2017-8373
 	NOTE: Patch in 0.15.1b-9: libmad-0.15.1b/debian/patches/md_size.diff
-CVE-2017-8371
+CVE-2017-8371 (Schneider Electric StruxureWare Data Center Expert before 7.4.0 uses c ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-8370
+CVE-2017-8370 (IrfanView version 4.44 (32bit) with FPX Plugin 4.45 allows remote atta ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-8369
+CVE-2017-8369 (IrfanView version 4.44 (32bit) has a "Data from Faulting Address contr ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-8368
+CVE-2017-8368 (Sublime Text 3 Build 3126 allows user-assisted attackers to cause a de ...)
 	- sublime-text <itp> (bug #682158)
-CVE-2017-8367
+CVE-2017-8367 (Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD  ...)
 	NOT-FOR-US: Ether Software
-CVE-2017-8366
+CVE-2017-8366 (The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote ...)
 	{DSA-3874-1}
 	- ettercap 1:0.8.2-5 (bug #861604)
 	NOTE: https://github.com/Ettercap/ettercap/issues/792
 	NOTE: Fixed by: https://github.com/Ettercap/ettercap/commit/1083d604930ebb9f350126b83802ecd2cbc17f90
-CVE-2017-8365
+CVE-2017-8365 (The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote a ...)
 	{DLA-1618-1 DLA-956-1}
 	- libsndfile 1.0.27-3 (bug #862202)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2les_array-pcm-c/
 	NOTE: https://github.com/erikd/libsndfile/issues/230
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
-CVE-2017-8364
+CVE-2017-8364 (The read_buf function in stream.c in rzip 2.1 allows remote attackers  ...)
 	{DLA-955-1}
 	- rzip 2.1-4.1 (bug #861614)
 	[jessie] - rzip <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/rzip-heap-based-buffer-overflow-in-read_buf-stream-c/
 	NOTE: Patch in http://download.opensuse.org/repositories/openSUSE:/Leap:/42.2:/Update/standard/src/rzip-2.1-151.3.1.src.rpm
-CVE-2017-8363
+CVE-2017-8363 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows re ...)
 	{DLA-1618-1 DLA-956-1}
 	- libsndfile 1.0.27-3 (bug #862203)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-heap-based-buffer-overflow-in-flac_buffer_copy-flac-c/
 	NOTE: https://github.com/erikd/libsndfile/issues/233
 	NOTE: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
 	NOTE: https://github.com/erikd/libsndfile/commit/cd7da8dbf6ee4310d21d9e44b385d6797160d9e8
-CVE-2017-8362
+CVE-2017-8362 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows re ...)
 	{DLA-1618-1 DLA-956-1}
 	- libsndfile 1.0.27-3 (bug #862204)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-invalid-memory-read-in-flac_buffer_copy-flac-c/
 	NOTE: https://github.com/erikd/libsndfile/issues/231
 	NOTE: https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808
-CVE-2017-8361
+CVE-2017-8361 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows re ...)
 	{DLA-1618-1 DLA-956-1}
 	- libsndfile 1.0.27-3 (bug #862205)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-flac_buffer_copy-flac-c/
 	NOTE: https://github.com/erikd/libsndfile/issues/232
 	NOTE: https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
-CVE-2017-8360
+CVE-2017-8360 (Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBo ...)
 	NOT-FOR-US: Conexant Systems mictray64 task
-CVE-2017-8359
+CVE-2017-8359 (Google gRPC before 2017-03-29 has an out-of-bounds write caused by a h ...)
 	- grpc 1.3.2-0.1
 	NOTE: https://github.com/grpc/grpc/pull/10353
 	NOTE: Fixed by: https://github.com/grpc/grpc/commit/6544a2d5d9ecdb64214da1d228886a7d15bbf5c7
-CVE-2017-8358
+CVE-2017-8358 (LibreOffice before 2017-03-17 has an out-of-bounds write caused by a h ...)
 	- libreoffice <not-affected> (Vulnerable code introduced on 2017-03-15; never in released version)
 	NOTE: Fixed by: https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c
 	NOTE: Introduced by: https://github.com/LibreOffice/core/commit/ceb53ad9f34ae05d09f61845d581546eac0c6d60
-CVE-2017-8357
+CVE-2017-8357 (In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862636)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/453
-CVE-2017-8356
+CVE-2017-8356 (In ImageMagick 7.0.5-5, the ReadSUNImage function in sun.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862635)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/449
-CVE-2017-8355
+CVE-2017-8355 (In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862634)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/450
-CVE-2017-8354
+CVE-2017-8354 (In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862633)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/451
-CVE-2017-8353
+CVE-2017-8353 (In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows at ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862632)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/454
-CVE-2017-8352
+CVE-2017-8352 (In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows atta ...)
 	{DSA-3863-1 DLA-1081-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862590)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/452
-CVE-2017-8351
+CVE-2017-8351 (In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862589)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/448
-CVE-2017-8350
+CVE-2017-8350 (In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862587)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/447
-CVE-2017-8349
+CVE-2017-8349 (In ImageMagick 7.0.5-5, the ReadSFWImage function in sfw.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862579)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/443
-CVE-2017-8348
+CVE-2017-8348 (In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862578)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/445
-CVE-2017-8347
+CVE-2017-8347 (In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862577)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/441
-CVE-2017-8346
+CVE-2017-8346 (In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862575)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/440
-CVE-2017-8345
+CVE-2017-8345 (In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862573)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/442
-CVE-2017-8344
+CVE-2017-8344 (In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862574)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/446
-CVE-2017-8343
+CVE-2017-8343 (In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows atta ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-7 (bug #862572)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/444
@@ -29271,9 +29271,9 @@ CVE-2017-8341
 	RESERVED
 CVE-2017-8340
 	RESERVED
-CVE-2017-8339
+CVE-2017-8339 (PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a  ...)
 	NOT-FOR-US: Panda Free Antivirus
-CVE-2017-8338
+CVE-2017-8338 (A vulnerability in MikroTik Version 6.38.5 could allow an unauthentica ...)
 	NOT-FOR-US: MikroTik
 CVE-2017-8337
 	RESERVED
@@ -29295,17 +29295,17 @@ CVE-2017-8329
 	RESERVED
 CVE-2017-8328
 	RESERVED
-CVE-2017-8342
+CVE-2017-8342 (Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracl ...)
 	{DLA-934-1}
 	- radicale 1.1.1+20160115-4 (bug #861514)
 	[jessie] - radicale <no-dsa> (Minor issue)
 	NOTE: https://github.com/Kozea/Radicale/commit/190b1dd795f0c552a4992445a231da760211183b (1.1.x)
 	NOTE: https://github.com/Kozea/Radicale/commit/059ba8dec1f22ccbeab837e288b3833a099cee2d (master)
-CVE-2017-8327
+CVE-2017-8327 (The bmpr_read_uncompressed function in imagew-bmp.c in libimageworsene ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-8326
+CVE-2017-8326 (libimageworsener.a in ImageWorsener before 1.3.1 has "left shift canno ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-8325
+CVE-2017-8325 (The iw_process_cols_to_intermediate function in imagew-main.c in libim ...)
 	NOT-FOR-US: ImageWorsener
 CVE-2017-8324
 	RESERVED
@@ -29323,9 +29323,9 @@ CVE-2017-8318
 	RESERVED
 CVE-2017-8317
 	RESERVED
-CVE-2017-8316
+CVE-2017-8316 (IntelliJ IDEA XML parser was found vulnerable to XML External Entity a ...)
 	NOT-FOR-US: IntelliJ IDEA XML parser
-CVE-2017-8315
+CVE-2017-8315 (Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier w ...)
 	- apktool 2.2.4-1 (low)
 	[stretch] - apktool <no-dsa> (Minor issue)
 	NOTE: Upstream bug with details is restricted
@@ -29334,7 +29334,7 @@ CVE-2017-8315
 	NOTE: Possible fixes: https://github.com/iBotPeaches/Apktool/commit/f19317d87c316ed254aafa0a27eddd024e25ec6c
 	NOTE: https://github.com/iBotPeaches/Apktool/commit/657a44f5938b072898a0de913c03760210e0f4ed
 	NOTE: https://github.com/iBotPeaches/Apktool/commit/dbb144f9af5478c780e59c8b65036ae882595063
-CVE-2017-8314
+CVE-2017-8314 (Directory Traversal in Zip Extraction built-in function in Kodi 17.1 a ...)
 	{DLA-1243-1}
 	- kodi 2:17.1+dfsg1-3 (bug #863230)
 	- xbmc <removed>
@@ -29342,65 +29342,65 @@ CVE-2017-8314
 	NOTE: http://blog.checkpoint.com/2017/05/23/hacked-in-translation/
 	NOTE: https://kodi.tv/article/kodi-v172-minor-bug-fix-and-security-release
 	NOTE: Fixed by https://github.com/xbmc/xbmc/commit/35cfe35608b15335ef21d798947fceab3f47c8d7
-CVE-2017-8313
+CVE-2017-8313 (Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to ...)
 	{DSA-3899-1}
 	- vlc 2.2.5-1
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: http://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=05b653355ce303ada3b5e0e645ae717fea39186c
-CVE-2017-8312
+CVE-2017-8312 (Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing chec ...)
 	{DSA-3899-1}
 	- vlc 2.2.6-1~deb9u1
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commitdiff;h=611398fc8d32f3fe4331f60b220c52ba3557beaa
-CVE-2017-8311
+CVE-2017-8311 (Potential heap based buffer overflow in ParseJSS in VideoLAN VLC befor ...)
 	{DSA-3899-1}
 	- vlc 2.2.5-1
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commitdiff;h=775de716add17322f24b476439f903a829446eb6
-CVE-2017-8310
+CVE-2017-8310 (Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due ...)
 	{DSA-3899-1}
 	- vlc 2.2.5.1-1~deb9u1
 	[wheezy] - vlc <end-of-life> (Not supported in wheezy LTS)
 	NOTE: http://git.videolan.org/?p=vlc/vlc-2.2.git;a=commit;h=7cac839692ab79dbfe5e4ebd4c4e37d9a8b1b328
-CVE-2017-8309
+CVE-2017-8309 (Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows r ...)
 	{DLA-1497-1 DLA-1071-1 DLA-1070-1}
 	- qemu 1:2.8+dfsg-5 (bug #862280)
 	- qemu-kvm <removed>
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=3268a845f41253fb55852a8429c32b50f36f349a
-CVE-2017-8308
+CVE-2017-8308 (In Avast Antivirus before v17, an unprivileged user (and thus malware  ...)
 	NOT-FOR-US: Avast Antivirus
-CVE-2017-8307
+CVE-2017-8307 (In Avast Antivirus before v17, using the LPC interface API exposed by  ...)
 	NOT-FOR-US: Avast Antivirus
 CVE-2017-8306
 	RESERVED
-CVE-2017-8304
+CVE-2017-8304 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8303
+CVE-2017-8303 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
 	NOT-FOR-US: Accellion FTA devices
-CVE-2017-8302
+CVE-2017-8302 (Mura CMS 7.0.6967 allows admin/?muraAction= XSS attacks, related to ad ...)
 	NOT-FOR-US: Mura CMS
 CVE-2017-8300
 	RESERVED
 CVE-2017-8299
 	RESERVED
-CVE-2017-8298
+CVE-2017-8298 (cnvs.io Canvas 3.3.0 has XSS in the title and content fields of a "Pos ...)
 	NOT-FOR-US: cnvs.io Canvas
-CVE-2017-8297
+CVE-2017-8297 (A path traversal vulnerability exists in simple-file-manager before 20 ...)
 	NOT-FOR-US: simple-file-manager
-CVE-2017-8296
+CVE-2017-8296 (kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is w ...)
 	{DLA-925-1}
 	- kedpm <removed> (bug #860817)
 	[jessie] - kedpm 1.0+deb8u1
 	NOTE: patch in BTS gives workaround to always prompt for password and do not save
 	NOTE: to database.
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/25/9
-CVE-2017-8295
+CVE-2017-8295 (WordPress through 4.7.4 relies on the Host HTTP header for a password- ...)
 	{DSA-3870-1 DLA-975-1}
 	- wordpress 4.7.5+dfsg-2 (bug #862053)
 	NOTE: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
 	NOTE: http://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
 	NOTE: https://core.trac.wordpress.org/ticket/25239
-CVE-2017-8294
+CVE-2017-8294 (libyara/re.c in the regex component in YARA 3.5.0 allows remote attack ...)
 	- yara 3.6.0+dfsg-1 (bug #861590)
 	[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - yara <ignored> (Minor issue, too intrusive to backport)
@@ -29410,23 +29410,23 @@ CVE-2017-8293
 	RESERVED
 CVE-2017-8292
 	RESERVED
-CVE-2017-8290
+CVE-2017-8290 (A potential Buffer Overflow Vulnerability (from a BB Code handling iss ...)
 	- teamspeak-server <removed>
 	[wheezy] - teamspeak-server <end-of-life> (non-free is not supported)
-CVE-2017-8289
+CVE-2017-8289 (Stack-based buffer overflow in the ipv6_addr_from_str function in sys/ ...)
 	NOT-FOR-US: RIOS OS
-CVE-2017-8288
+CVE-2017-8288 (gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to rel ...)
 	- gnome-shell 3.22.3-3
 	[jessie] - gnome-shell <no-dsa> (Minor issue)
 	[wheezy] - gnome-shell <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781728
 	NOTE: https://github.com/GNOME/gnome-shell/commit/ff425d1db7082e2755d2a405af53861552acf2a1
-CVE-2017-8305
+CVE-2017-8305 (The UDFclient (before 0.8.8) custom strlcpy implementation has a buffe ...)
 	- udfclient 0.8.8-1 (bug #861347)
-CVE-2017-8301
+CVE-2017-8301 (LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_ ...)
 	- libressl <itp> (bug #754513)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/27/11
-CVE-2017-8291
+CVE-2017-8291 (Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remot ...)
 	{DSA-3838-1 DLA-932-1}
 	- ghostscript 9.20~dfsg-3.1 (bug #861295)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697808 (duplicate of 697799)
@@ -29434,7 +29434,7 @@ CVE-2017-8291
 	NOTE: Full report viewable at: https://bugzilla.suse.com/show_bug.cgi?id=1036453
 	NOTE: Fixed by: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=04b37bbce174eed24edec7ad5b920eb93db4d47d
 	NOTE: Fixed by: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3
-CVE-2017-8287
+CVE-2017-8287 (FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a he ...)
 	{DSA-3839-1 DLA-931-1}
 	- freetype 2.6.3-3.2 (bug #861308)
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0
@@ -29442,113 +29442,113 @@ CVE-2017-8286
 	RESERVED
 CVE-2017-8285
 	RESERVED
-CVE-2017-8284
+CVE-2017-8284 (** DISPUTED ** The disas_insn function in target/i386/translate.c in Q ...)
 	- qemu 1:2.10.0-1 (unimportant)
 	- qemu-kvm <removed> (unimportant)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=30663fd26c0307e414622c7a8607fbc04f92ec14
 	NOTE: qemu issue without security implication per upstream
-CVE-2017-8282
+CVE-2017-8282 (XnView Classic for Windows Version 2.40 allows user-assisted remote at ...)
 	NOT-FOR-US: XnView Classic for Windows
-CVE-2017-8281
+CVE-2017-8281 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8280
+CVE-2017-8280 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8279
+CVE-2017-8279 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-8278
+CVE-2017-8278 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8277
+CVE-2017-8277 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8276
+CVE-2017-8276 (Improper authorization involving a fuse in TrustZone in snapdragon aut ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8275
+CVE-2017-8275 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-8274
+CVE-2017-8274 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-8273
+CVE-2017-8273 (In all Qualcomm products with Android release from CAF using the Linux ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8272
+CVE-2017-8272 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8271
+CVE-2017-8271 (Out of bound memory write can happen in the MDSS Rotator driver in all ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8270
+CVE-2017-8270 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8269
+CVE-2017-8269 (Userspace-controlled non null terminated parameter for IPA WAN ioctl i ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8268
+CVE-2017-8268 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8267
+CVE-2017-8267 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8266
+CVE-2017-8266 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8265
+CVE-2017-8265 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8264
+CVE-2017-8264 (A userspace process can cause a Denial of Service in the camera driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8263
+CVE-2017-8263 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8262
+CVE-2017-8262 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8261
+CVE-2017-8261 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8260
+CVE-2017-8260 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8259
+CVE-2017-8259 (In the service locator in all Qualcomm products with Android releases  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8258
+CVE-2017-8258 (An array out-of-bounds access in all Qualcomm products with Android re ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8257
+CVE-2017-8257 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8256
+CVE-2017-8256 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8255
+CVE-2017-8255 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8254
+CVE-2017-8254 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8253
+CVE-2017-8253 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-8252
 	RESERVED
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8251
+CVE-2017-8251 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8250
+CVE-2017-8250 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-8249
 	RESERVED
-CVE-2017-8248
+CVE-2017-8248 (A buffer overflow may occur in the processing of a downlink NAS messag ...)
 	NOT-FOR-US: Qualcomm Telephony
-CVE-2017-8247
+CVE-2017-8247 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8246
+CVE-2017-8246 (In function msm_pcm_playback_close() in all Android releases from CAF  ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2017-8245
+CVE-2017-8245 (In all Android releases from CAF using the Linux kernel, while process ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2017-8244
+CVE-2017-8244 (In core_info_read and inst_info_read in all Android releases from CAF  ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2017-8243
+CVE-2017-8243 (A buffer overflow can occur in all Qualcomm products with Android for  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-8242
+CVE-2017-8242 (In all Android releases from CAF using the Linux kernel, a race condit ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2017-8241
+CVE-2017-8241 (In all Android releases from CAF using the Linux kernel, a buffer over ...)
 	NOT-FOR-US: Android driver
-CVE-2017-8240
+CVE-2017-8240 (In all Android releases from CAF using the Linux kernel, a kernel driv ...)
 	- linux 4.0.2-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-CVE-2017-8239
+CVE-2017-8239 (In all Android releases from CAF using the Linux kernel, userspace-con ...)
 	NOT-FOR-US: Android driver
-CVE-2017-8238
+CVE-2017-8238 (In all Android releases from CAF using the Linux kernel, a buffer over ...)
 	NOT-FOR-US: Android driver
-CVE-2017-8237
+CVE-2017-8237 (In all Android releases from CAF using the Linux kernel, a buffer over ...)
 	NOT-FOR-US: Android driver
-CVE-2017-8236
+CVE-2017-8236 (In all Android releases from CAF using the Linux kernel, a buffer over ...)
 	NOT-FOR-US: Android driver
-CVE-2017-8235
+CVE-2017-8235 (In all Android releases from CAF using the Linux kernel, a memory stru ...)
 	NOT-FOR-US: Android driver
-CVE-2017-8234
+CVE-2017-8234 (In all Android releases from CAF using the Linux kernel, an out of bou ...)
 	NOT-FOR-US: Android driver
-CVE-2017-8233
+CVE-2017-8233 (In a camera driver function in all Android releases from CAF using the ...)
 	NOT-FOR-US: Android driver
 CVE-2017-8232
 	RESERVED
@@ -29564,232 +29564,232 @@ CVE-2017-8227
 	RESERVED
 CVE-2017-8226
 	RESERVED
-CVE-2017-8283
+CVE-2017-8283 (dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU pat ...)
 	- dpkg 1.18.24 (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/20/2
-CVE-2017-8225
+CVE-2017-8225 (On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (con ...)
 	NOT-FOR-US: Wireless IP Camera (P2P) WIFICAM devices
-CVE-2017-8224
+CVE-2017-8224 (Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account  ...)
 	NOT-FOR-US: Wireless IP Camera (P2P) WIFICAM devices
-CVE-2017-8223
+CVE-2017-8223 (On Wireless IP Camera (P2P) WIFICAM devices, an attacker can use the R ...)
 	NOT-FOR-US: Wireless IP Camera (P2P) WIFICAM devices
-CVE-2017-8222
+CVE-2017-8222 (Wireless IP Camera (P2P) WIFICAM devices have an "Apple Production IOS ...)
 	NOT-FOR-US: Wireless IP Camera (P2P) WIFICAM devices
-CVE-2017-8221
+CVE-2017-8221 (Wireless IP Camera (P2P) WIFICAM devices rely on a cleartext UDP tunne ...)
 	NOT-FOR-US: Wireless IP Camera (P2P) WIFICAM devices
-CVE-2017-8220
+CVE-2017-8220 (TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 1 ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-8219
+CVE-2017-8219 (TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 1 ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-8218
+CVE-2017-8218 (vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032 ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-8217
+CVE-2017-8217 (TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 1 ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-8216
+CVE-2017-8216 (Warsaw Huawei Smart phones with software of versions earlier than Wars ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8215
+CVE-2017-8215 (Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toron ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8214
+CVE-2017-8214 (Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toron ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8213
+CVE-2017-8213 (Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8212
+CVE-2017-8212 (The driver of honor 5C,honor 6x Huawei smart phones with software of v ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8211
+CVE-2017-8211 (The driver of honor 5C,honor 6x Huawei smart phones with software of v ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8210
+CVE-2017-8210 (The driver of honor 5C,honor 6x Huawei smart phones with software of v ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8209
+CVE-2017-8209 (The driver of honor 5C,honor 6x Huawei smart phones with software of v ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8208
+CVE-2017-8208 (The driver of honor 5C,honor 6x Huawei smart phones with software of v ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8207
+CVE-2017-8207 (The driver of honor 5C, honor 6x Huawei smart phones with software of  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8206
+CVE-2017-8206 (HONOR 7 Lite mobile phones with software of versions earlier than NEM- ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8205
+CVE-2017-8205 (The Bastet driver of Honor 9 Huawei smart phones with software of vers ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8204
+CVE-2017-8204 (The Bastet driver of Honor 9 Huawei smart phones with software of vers ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8203
+CVE-2017-8203 (The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with softw ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8202
+CVE-2017-8202 (The CameraISP driver of some Huawei smart phones with software of vers ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8201
+CVE-2017-8201 (MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8200
+CVE-2017-8200 (MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8199
+CVE-2017-8199 (MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8198
+CVE-2017-8198 (FusionSphere V100R006C00SPC102(NFV) has an SQL injection vulnerability ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8197
+CVE-2017-8197 (FusionSphere V100R006C00SPC102(NFV) has a command injection vulnerabil ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8196
+CVE-2017-8196 (FusionSphere V100R006C00SPC102(NFV) has an incorrect authorization vul ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8195
+CVE-2017-8195 (The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper auth ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8194
+CVE-2017-8194 (The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper auth ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8193
+CVE-2017-8193 (The FusionSphere OpenStack V100R006C00SPC102(NFV) has a command inject ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8192
+CVE-2017-8192 (FusionSphere OpenStack V100R006C00 has an improper authorization vulne ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8191
+CVE-2017-8191 (FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8190
+CVE-2017-8190 (FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verificat ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8189
+CVE-2017-8189 (FusionSphere OpenStack V100R006C00SPC102(NFV)has a path traversal vuln ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8188
+CVE-2017-8188 (FusionSphere OpenStack V100R006C00SPC102(NFV)has a command injection v ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8187
+CVE-2017-8187 (Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) has a privilege e ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8186
+CVE-2017-8186 (The Bastet of some Huawei mobile phones with software of earlier than  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8185
+CVE-2017-8185 (ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a p ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8184
+CVE-2017-8184 (MTK platform in Huawei smart phones with software of earlier than Nice ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8183
+CVE-2017-8183 (MTK platform in Huawei smart phones with software of earlier than Nice ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8182
+CVE-2017-8182 (MTK platform in Huawei smart phones with software of earlier than Nice ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8181
+CVE-2017-8181 (The camera driver of MTK platform in Huawei smart phones with software ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8180
+CVE-2017-8180 (The camera driver of MTK platform in Huawei smart phones with software ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8179
+CVE-2017-8179 (The camera driver of MTK platform in Huawei smart phones with software ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8178
+CVE-2017-8178 (Huawei Email APP Vicky-AL00 smartphones with software of earlier than  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8177
+CVE-2017-8177 (Huawei APP HiWallet earlier than 5.0.3.100 versions do not support sig ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8176
+CVE-2017-8176 (Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 ver ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8175
+CVE-2017-8175 (The Bastet of some Huawei mobile phones with software earlier than Vic ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8174
+CVE-2017-8174 (Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8173
+CVE-2017-8173 (Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00 smart  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8172
+CVE-2017-8172 (Isub service in P10 Plus and P10 smart phones with earlier than VKY-AL ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8171
+CVE-2017-8171 (Huawei smart phones with software earlier than Vicky-AL00AC00B172D ver ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8170
+CVE-2017-8170 (Huawei smart phones with software earlier than VIE-L09C40B360 versions ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8169
+CVE-2017-8169 (Huawei smart phones with software earlier than VIE-L09C40B360 versions ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8168
+CVE-2017-8168 (FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8167
+CVE-2017-8167 (Huawei firewall products USG9500 V500R001C50 has a DoS vulnerability.A ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8166
+CVE-2017-8166 (Huawei mobile phones Honor V9 with the software versions before Duke-A ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8165
+CVE-2017-8165 (Mate 9 Huawei smart phones with versions earlier than MHA-AL00BC00B233 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8164
+CVE-2017-8164 (Some Huawei smart phones with software EVA-L09C34B142; EVA-L09C40B196; ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8163
+CVE-2017-8163 (AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8162
+CVE-2017-8162 (AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8161
+CVE-2017-8161 (EVA-L09 smartphones with software Earlier than EVA-L09C25B150CUSTC25D0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8160
+CVE-2017-8160 (The Madapt Driver of some Huawei smart phones with software Earlier th ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8159
+CVE-2017-8159 (Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019, ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8158
+CVE-2017-8158 (FusionCompute V100R005C00 and V100R005C10 have an improper authorizati ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8157
+CVE-2017-8157 (OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8156
+CVE-2017-8156 (The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8155
+CVE-2017-8155 (The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8154
+CVE-2017-8154 (The Themes App Honor 8 Lite Huawei mobile phones with software of vers ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8153
+CVE-2017-8153 (Huawei VMall (for Android) with the versions before 1.5.8.5 have a pri ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8152
+CVE-2017-8152 (Huawei Honor 5S smart phones with software the versions before TAG-TL0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8151
+CVE-2017-8151 (Huawei Honor 5S smart phones with software the versions before TAG-TL0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8150
+CVE-2017-8150 (The boot loaders of P10 and P10 Plus Huawei mobile phones with softwar ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8149
+CVE-2017-8149 (The boot loaders of P10 and P10 Plus Huawei mobile phones with softwar ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8148
+CVE-2017-8148 (Audio driver in P9 smartphones with software The versions before EVA-A ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8147
+CVE-2017-8147 (AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8146
+CVE-2017-8146 (The call module of P10 and P10 Plus smartphones with software versions ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8145
+CVE-2017-8145 (The call module of P10 and P10 Plus smartphones with software versions ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8144
+CVE-2017-8144 (Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8143
+CVE-2017-8143 (Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8142
+CVE-2017-8142 (The Trusted Execution Environment (TEE) module driver of Mate 9 and Ma ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8141
+CVE-2017-8141 (The Touch Panel (TP) driver in P10 Plus smart phones with software ver ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8140
+CVE-2017-8140 (The soundtrigger driver in P9 Plus smart phones with software versions ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8139
+CVE-2017-8139 (HedEx Earlier than V200R006C00 versions have the stored cross-site scr ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8138
+CVE-2017-8138 (HedEx Earlier than V200R006C00 versions has a cross-site request forge ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8137
+CVE-2017-8137 (HedEx Earlier than V200R006C00 versions has a dynamic link library (DL ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8136
+CVE-2017-8136 (HedEx Earlier than V200R006C00 versions has an arbitrary file download ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8135
+CVE-2017-8135 (The FusionSphere OpenStack with software V100R006C00 and V100R006C10 h ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8134
+CVE-2017-8134 (The FusionSphere OpenStack with software V100R006C00 and V100R006C10 h ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8133
+CVE-2017-8133 (Huawei iManager NetEco with software V600R008C00 and V600R008C10 has a ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8132
+CVE-2017-8132 (The FusionSphere OpenStack with software V100R006C00 and V100R006C10 h ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8131
+CVE-2017-8131 (The FusionSphere OpenStack with software V100R006C00 and V100R006C10 h ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8130
+CVE-2017-8130 (The UMA product with software V200R001 and V300R001 has an information ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8129
+CVE-2017-8129 (The UMA product with software V200R001 and V300R001 has a privilege el ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8128
+CVE-2017-8128 (The UMA product with software V200R001 and V300R001 has a privilege el ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8127
+CVE-2017-8127 (The UMA product with software V200R001 has a cross-site scripting (XSS ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8126
+CVE-2017-8126 (The UMA product with software V200R001 has a privilege elevation vulne ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8125
+CVE-2017-8125 (The UMA product with software V200R001 and V300R001 has a cross-site s ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8124
+CVE-2017-8124 (The UMA product with software V200R001 has a privilege elevation vulne ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8123
+CVE-2017-8123 (The UMA product with software V200R001 has a privilege elevation vulne ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8122
+CVE-2017-8122 (The UMA product with software V200R001 has a privilege elevation vulne ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8121
+CVE-2017-8121 (The UMA product with software V200R001 and V300R001 has an information ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8120
+CVE-2017-8120 (The UMA product with software V200R001 and V300R001 has a privilege el ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8119
+CVE-2017-8119 (The UMA product with software V200R001 and V300R001 has a privilege el ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8118
+CVE-2017-8118 (The UMA product with software V200R001 and V300R001 has an information ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8117
+CVE-2017-8117 (The UMA product with software V200R001 and V300R001 has a privilege el ...)
 	NOT-FOR-US: Huawei
-CVE-2017-8116
+CVE-2017-8116 (The management interface for the Teltonika RUT9XX routers (aka LuCI) w ...)
 	NOT-FOR-US: Teltonika RUT9XX routers
-CVE-2017-8115
+CVE-2017-8115 (Directory traversal in setup/processors/url_search.php (aka the search ...)
 	NOT-FOR-US: MODX
-CVE-2017-8114
+CVE-2017-8114 (Roundcube Webmail allows arbitrary password resets by authenticated us ...)
 	{DLA-933-1}
 	- roundcube 1.2.3+dfsg.1-4 (bug #861388)
 	NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.2.5
@@ -29800,7 +29800,7 @@ CVE-2017-8114
 	NOTE: https://github.com/roundcube/roundcubemail/commit/271426429bfbb5b63e6dec91b1e4780e8ef1c67e (1.0.x)
 CVE-2017-8113
 	RESERVED
-CVE-2017-8112
+CVE-2017-8112 (hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest O ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-5 (bug #861351)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -29810,44 +29810,44 @@ CVE-2017-8112
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=f68826989cd4d1217797251339579c57b3c0934e
 CVE-2017-8111
 	RESERVED
-CVE-2017-8110
+CVE-2017-8110 (www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 1069 ...)
 	NOT-FOR-US: modified eCommerce Shopsoftware
-CVE-2017-8109
+CVE-2017-8109 (The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 co ...)
 	- salt 2016.11.5+ds-1 (bug #861219)
 	[stretch] - salt 2016.11.2+ds-1+deb9u2
 	[jessie] - salt <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/saltstack/salt/issues/40075
 	NOTE: https://github.com/saltstack/salt/pull/40609
 	NOTE: https://github.com/saltstack/salt/commit/8492cef7a5c8871a3978ffc2f6e48b3b960e0151
-CVE-2017-8108
+CVE-2017-8108 (Unspecified tests in Lynis before 2.5.0 allow local users to write to  ...)
 	- lynis 2.5.0-1 (unimportant)
 	[wheezy] - lynis <not-affected> (Vulnerable code do not exist)
 	NOTE: Neutralised by kernel hardening
 CVE-2017-8107
 	RESERVED
-CVE-2017-8106
+CVE-2017-8106 (The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3 ...)
 	- linux 3.16.2-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by: https://git.kernel.org/linus/bfd0a56b90005f8c8a004baf407ad90045c2b11e (3.12-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/4b855078601fc422dbac3059f2215e776f49780f (3.16-rc4)
-CVE-2017-8105
+CVE-2017-8105 (FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a he ...)
 	{DSA-3839-1 DLA-918-1}
 	- freetype 2.6.3-3.2 (bug #861220)
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
-CVE-2017-8104
+CVE-2017-8104 (In MyBB before 1.8.11, the smilie module allows Directory Traversal vi ...)
 	NOT-FOR-US: MyBB
-CVE-2017-8103
+CVE-2017-8103 (In MyBB before 1.8.11, the Email MyCode component allows XSS, as demon ...)
 	NOT-FOR-US: MyBB
-CVE-2017-8102
+CVE-2017-8102 (Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an admi ...)
 	- serendipity <removed>
-CVE-2017-8101
+CVE-2017-8101 (There is CSRF in Serendipity 2.0.5, allowing attackers to install any  ...)
 	- serendipity <removed>
-CVE-2017-8100
+CVE-2017-8100 (There is CSRF in the CopySafe Web Protection plugin before 2.6 for Wor ...)
 	NOT-FOR-US: CopySafe Web Protection plugin
-CVE-2017-8099
+CVE-2017-8099 (There is CSRF in the WHIZZ plugin before 1.1.1 for WordPress, allowing ...)
 	NOT-FOR-US: WHIZZ plugin for Wordpress
-CVE-2017-8098
+CVE-2017-8098 (e107 2.1.4 is vulnerable to cross-site request forgery in plugin-insta ...)
 	NOT-FOR-US: e107
 CVE-2017-8097
 	RESERVED
@@ -29871,136 +29871,136 @@ CVE-2017-8088
 	RESERVED
 CVE-2017-8087
 	RESERVED
-CVE-2017-8086
+CVE-2017-8086 (Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in Q ...)
 	{DLA-1497-1 DLA-1035-1 DLA-965-1}
 	- qemu 1:2.8+dfsg-5 (bug #861348)
 	- qemu-kvm <removed>
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4ffcdef4277a91af15a3c09f7d16af072c29f3f2 (v2.9.0-rc4)
 	NOTE: Introduced possibly by the fix d10142c11bdcecebe97fd834a834167053b7a05c to
 	NOTE: partially fix CVE-2016-9602.
-CVE-2017-8085
+CVE-2017-8085 (In Exponent CMS before 2.4.1 Patch #5, XSS in elFinder is possible in  ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2017-1000363
+CVE-2017-1000363 (Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds c ...)
 	{DSA-3945-1 DLA-1099-1}
 	- linux 4.9.30-1 (low)
 	NOTE: Fixed by: https://git.kernel.org/linus/3e21f4af170bebf47c187c1ff8bf155583c9f3b1 (4.12-rc2)
 	NOTE: https://alephsecurity.com/vulns/aleph-2017023
-CVE-2017-1000361
+CVE-2017-1000361 (DOMRpcImplementationNotAvailableException when sending Port-Status pac ...)
 	NOT-FOR-US: OpenDaylight
-CVE-2017-1000360
+CVE-2017-1000360 (StreamCorruptedException and NullPointerException in OpenDaylight odl- ...)
 	NOT-FOR-US: OpenDaylight
-CVE-2017-1000359
+CVE-2017-1000359 (Java out of memory error and significant increase in resource consumpt ...)
 	NOT-FOR-US: OpenDaylight
-CVE-2017-1000358
+CVE-2017-1000358 (Controller throws an exception and does not allow user to add subseque ...)
 	NOT-FOR-US: OpenDaylight
-CVE-2017-1000357
+CVE-2017-1000357 (Denial of Service attack when the switch rejects to receive packets fr ...)
 	NOT-FOR-US: OpenDaylight
-CVE-2017-1000356
+CVE-2017-1000356 (Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier ar ...)
 	- jenkins <removed>
-CVE-2017-1000355
+CVE-2017-1000355 (Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier ar ...)
 	- jenkins <removed>
-CVE-2017-1000354
+CVE-2017-1000354 (Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier ar ...)
 	- jenkins <removed>
-CVE-2017-1000353
+CVE-2017-1000353 (Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier ar ...)
 	- jenkins <removed>
 CVE-2017-8084
 	RESERVED
-CVE-2017-8083
+CVE-2017-8083 (CompuLab Intense PC and MintBox 2 devices with BIOS before 2017-05-21  ...)
 	NOT-FOR-US: CompuLab Intense PC and MintBox 2 devices
-CVE-2017-8082
+CVE-2017-8082 (concrete5 8.1.0 has CSRF in Thumbnail Editor in the File Manager, whic ...)
 	NOT-FOR-US: concrete5
-CVE-2017-8081
+CVE-2017-8081 (Poor cryptographic salt initialization in admin/inc/template_functions ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2017-8080
+CVE-2017-8080 (Atlassian Hipchat Server before 2.2.4 allows remote authenticated user ...)
 	NOT-FOR-US: HipChat
 CVE-2017-8079
 	RESERVED
-CVE-2017-8078
+CVE-2017-8078 (On the TP-Link TL-SG108E 1.0, the upgrade process can be requested rem ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-8077
+CVE-2017-8077 (On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a l ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-8076
+CVE-2017-8076 (On the TP-Link TL-SG108E 1.0, admin network communications are RC4 enc ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-8075
+CVE-2017-8075 (On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credent ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-8074
+CVE-2017-8074 (On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credent ...)
 	NOT-FOR-US: TP-Link
-CVE-2017-8073
+CVE-2017-8073 (WeeChat before 1.7.1 allows a remote crash by sending a filename via D ...)
 	{DSA-3836-1 DLA-919-1}
 	- weechat 1.7-3 (bug #861121)
 	[stretch] - weechat 1.6-1+deb9u1
 	NOTE: https://github.com/weechat/weechat/commit/2fb346f25f79e412cf0ed314fdf791763c19b70b
-CVE-2017-8072
+CVE-2017-8072 (The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c i ...)
 	- linux 4.9.10-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/8e9faa15469ed7c7467423db4c62aeed3ff4cae3
-CVE-2017-8071
+CVE-2017-8071 (drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a ...)
 	- linux 4.9.10-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/7a7b5df84b6b4e5d599c7289526eed96541a0654
-CVE-2017-8070
+CVE-2017-8070 (drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11 interac ...)
 	- linux 4.9.13-1
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/2d6a0e9de03ee658a9adc3bfb2f0ca55dff1e478
-CVE-2017-8069
+CVE-2017-8069 (drivers/net/usb/rtl8150.c in the Linux kernel 4.9.x before 4.9.11 inte ...)
 	- linux 4.9.13-1
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/7926aff5c57b577ab0f43364ff0c59d968f6a414
-CVE-2017-8068
+CVE-2017-8068 (drivers/net/usb/pegasus.c in the Linux kernel 4.9.x before 4.9.11 inte ...)
 	- linux 4.9.10-1 (bug #852556)
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/5593523f968bc86d42a035c6df47d5e0979b5ace
-CVE-2017-8067
+CVE-2017-8067 (drivers/char/virtio_console.c in the Linux kernel 4.9.x and 4.10.x bef ...)
 	- linux 4.9.25-1
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/c4baad50297d84bde1a7ad45e50c73adae4a2192
-CVE-2017-8066
+CVE-2017-8066 (drivers/net/can/usb/gs_usb.c in the Linux kernel 4.9.x and 4.10.x befo ...)
 	- linux 4.9.16-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/c919a3069c775c1c876bec55e00b2305d5125caa
-CVE-2017-8065
+CVE-2017-8065 (crypto/ccm.c in the Linux kernel 4.9.x and 4.10.x through 4.10.12 inte ...)
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/3b30460c5b0ed762be75a004e924ec3f8711e032
-CVE-2017-8064
+CVE-2017-8064 (drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x  ...)
 	{DSA-3886-1}
 	- linux 4.9.25-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/005145378c9ad7575a01b6ce1ba118fb427f583a
-CVE-2017-8063
+CVE-2017-8063 (drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x ...)
 	- linux 4.9.25-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/3f190e3aec212fc8c61e202c51400afa7384d4bc
-CVE-2017-8062
+CVE-2017-8062 (drivers/media/usb/dvb-usb/dw2102.c in the Linux kernel 4.9.x and 4.10. ...)
 	- linux 4.9.16-1
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/606142af57dad981b78707234cfbd15f9f7b7125
-CVE-2017-8061
+CVE-2017-8061 (drivers/media/usb/dvb-usb/dvb-usb-firmware.c in the Linux kernel 4.9.x ...)
 	- linux 4.9.25-1
 	[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/67b0503db9c29b04eadfeede6bebbfe5ddad94ef
-CVE-2017-8060
+CVE-2017-8060 (Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Se ...)
 	NOT-FOR-US: Panda
-CVE-2017-8059
+CVE-2017-8059 (Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF ...)
 	NOT-FOR-US: Foxit
-CVE-2017-8058
+CVE-2017-8058 (Acceptance of invalid/self-signed TLS certificates in Atlassian HipCha ...)
 	NOT-FOR-US: HipChat
-CVE-2017-8057
+CVE-2017-8057 (In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-8056
+CVE-2017-8056 (WatchGuard Fireware v11.12.1 and earlier mishandles requests referring ...)
 	NOT-FOR-US: WatchGuard
-CVE-2017-8055
+CVE-2017-8055 (WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML- ...)
 	NOT-FOR-US: WatchGuard
-CVE-2017-8054
+CVE-2017-8054 (The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 ...)
 	- libpodofo 0.9.5-9 (bug #860995)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -30014,7 +30014,7 @@ CVE-2017-8054
 	NOTE: partially reverted in: https://sourceforge.net/p/podofo/code/1881
 	NOTE: ... and re-fixed in: https://sourceforge.net/p/podofo/code/1882
 	NOTE: and https://sourceforge.net/p/podofo/code/1883
-CVE-2017-8053
+CVE-2017-8053 (PoDoFo 0.9.5 allows denial of service (infinite recursion and stack co ...)
 	- libpodofo 0.9.6+dfsg-3 (bug #860994)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -30023,55 +30023,55 @@ CVE-2017-8053
 	NOTE: https://sourceforge.net/p/podofo/tickets/7/
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1834
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1924
-CVE-2017-8052
+CVE-2017-8052 (Craft CMS before 2.6.2974 allows XSS attacks. ...)
 	NOT-FOR-US: Craft CMS
-CVE-2017-8051
+CVE-2017-8051 (Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a ...)
 	NOT-FOR-US: Tenable Appliance
-CVE-2017-8050
+CVE-2017-8050 (Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the We ...)
 	NOT-FOR-US: Tenable Appliance
 CVE-2017-8049
 	REJECTED
-CVE-2017-8048
+CVE-2017-8048 (In Cloud Foundry capi-release versions 1.33.0 and later, prior to 1.42 ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8047
+CVE-2017-8047 (In Cloud Foundry router routing-release all versions prior to v0.163.0 ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8046
+CVE-2017-8046 (Malicious PATCH requests submitted to servers using Spring Data REST v ...)
 	NOT-FOR-US: Spring Data REST
-CVE-2017-8045
+CVE-2017-8045 (In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an  ...)
 	NOT-FOR-US: Spring AMQP
-CVE-2017-8044
+CVE-2017-8044 (In Pivotal Single Sign-On for PCF (1.3.x versions prior to 1.3.4 and 1 ...)
 	NOT-FOR-US: Pivotal SSO
 CVE-2017-8043
 	REJECTED
 CVE-2017-8042
 	REJECTED
-CVE-2017-8041
+CVE-2017-8041 (In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior ...)
 	NOT-FOR-US: Pivotal
-CVE-2017-8040
+CVE-2017-8040 (In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior ...)
 	NOT-FOR-US: Pivotal
-CVE-2017-8039
+CVE-2017-8039 (An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Appl ...)
 	NOT-FOR-US: Spring Web Flow
-CVE-2017-8038
+CVE-2017-8038 (In Cloud Foundry Foundation Credhub-release version 1.1.0, access cont ...)
 	NOT-FOR-US: Cloud Foundry Foundation Credhub-release
-CVE-2017-8037
+CVE-2017-8037 (In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and pri ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8036
+CVE-2017-8036 (An issue was discovered in the Cloud Controller API in Cloud Foundry F ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8035
+CVE-2017-8035 (An issue was discovered in the Cloud Controller API in Cloud Foundry F ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8034
+CVE-2017-8034 (The Cloud Controller and Router in Cloud Foundry (CAPI-release capi ve ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8033
+CVE-2017-8033 (An issue was discovered in the Cloud Controller API in Cloud Foundry F ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8032
+CVE-2017-8032 (In Cloud Foundry cf-release versions prior to v264; UAA release all ve ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-8031
+CVE-2017-8031 (An issue was discovered in Cloud Foundry Foundation cf-release (all ve ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2017-8030
 	REJECTED
 CVE-2017-8029
 	REJECTED
-CVE-2017-8028
+CVE-2017-8028 (In Pivotal Spring-LDAP versions 1.3.0 - 2.3.1, when connected to some  ...)
 	{DSA-4046-1 DLA-1180-1}
 	- libspring-ldap-java <removed>
 	NOTE: https://pivotal.io/security/cve-2017-8028
@@ -30080,35 +30080,35 @@ CVE-2017-8027
 	REJECTED
 CVE-2017-8026
 	REJECTED
-CVE-2017-8025
+CVE-2017-8025 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by an arbitrary f ...)
 	NOT-FOR-US: RSA Archer GRC Platform
-CVE-2017-8024
+CVE-2017-8024 (EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2 ...)
 	NOT-FOR-US: EMC
 CVE-2017-8023
 	RESERVED
-CVE-2017-8022
+CVE-2017-8022 (An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all suppor ...)
 	NOT-FOR-US: EMC
-CVE-2017-8021
+CVE-2017-8021 (EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumen ...)
 	NOT-FOR-US: EMC Elastic Cloud Storage
-CVE-2017-8020
+CVE-2017-8020 (An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vuln ...)
 	NOT-FOR-US: EMC
-CVE-2017-8019
+CVE-2017-8019 (An issue was discovered in EMC ScaleIO 2.0.1.x. A vulnerability in mes ...)
 	NOT-FOR-US: EMC
-CVE-2017-8018
+CVE-2017-8018 (EMC AppSync host plug-in versions 3.5 and below (Windows platform only ...)
 	NOT-FOR-US: EMC AppSync
-CVE-2017-8017
+CVE-2017-8017 (EMC Network Configuration Manager (NCM) 9.3.x, 9.4.0.x, 9.4.1.x, and 9 ...)
 	NOT-FOR-US: EMC Network Configuration Manager
-CVE-2017-8016
+CVE-2017-8016 (RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-s ...)
 	NOT-FOR-US: RSA Archer GRC Platform
-CVE-2017-8015
+CVE-2017-8015 (EMC AppSync (all versions prior to 3.5) contains a SQL injection vulne ...)
 	NOT-FOR-US: EMC
 CVE-2017-8014
 	REJECTED
-CVE-2017-8013
+CVE-2017-8013 (EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before pat ...)
 	NOT-FOR-US: EMC Data Protection Adv
-CVE-2017-8012
+CVE-2017-8012 (In EMC ViPR SRM, Storage M&amp;R, VNX M&amp;R, and M&amp;R (Watch4Net) ...)
 	NOT-FOR-US: EMC
-CVE-2017-8011
+CVE-2017-8011 (EMC ViPR SRM, EMC Storage M&amp;R, EMC VNX M&amp;R, EMC M&amp;R for SA ...)
 	NOT-FOR-US: EMC
 CVE-2017-8010
 	REJECTED
@@ -30116,35 +30116,35 @@ CVE-2017-8009
 	REJECTED
 CVE-2017-8008
 	REJECTED
-CVE-2017-8007
+CVE-2017-8007 (In EMC ViPR SRM, Storage M&amp;R, VNX M&amp;R, and M&amp;R (Watch4Net) ...)
 	NOT-FOR-US: EMC
-CVE-2017-8006
+CVE-2017-8006 (In EMC RSA Authentication Manager 8.2 SP1 Patch 1 and earlier, a malic ...)
 	NOT-FOR-US: EMC
-CVE-2017-8005
+CVE-2017-8005 (The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and G ...)
 	NOT-FOR-US: EMC
-CVE-2017-8004
+CVE-2017-8004 (The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and G ...)
 	NOT-FOR-US: EMC
-CVE-2017-8003
+CVE-2017-8003 (EMC Data Protection Advisor prior to 6.4 contains a path traversal vul ...)
 	NOT-FOR-US: EMC Data Protection Advisor
-CVE-2017-8002
+CVE-2017-8002 (EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL i ...)
 	NOT-FOR-US: EMC Data Protection Advisor
-CVE-2017-8001
+CVE-2017-8001 (An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment ...)
 	NOT-FOR-US: EMC
-CVE-2017-8000
+CVE-2017-8000 (In EMC RSA Authentication Manager 8.2 SP1 and earlier, a malicious RSA ...)
 	NOT-FOR-US: EMC
-CVE-2017-7999
+CVE-2017-7999 (Atlassian Eucalyptus before 4.4.1, when in EDGE mode, allows remote au ...)
 	NOT-FOR-US: Atlassian Eucalyptus
-CVE-2017-7998
+CVE-2017-7998 (Multiple cross-site scripting (XSS) vulnerabilities in Gespage before  ...)
 	NOT-FOR-US: Gespage
-CVE-2017-7997
+CVE-2017-7997 (Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow r ...)
 	NOT-FOR-US: Gespage
 CVE-2017-7996
 	RESERVED
-CVE-2017-7995
+CVE-2017-7995 (Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges  ...)
 	{DLA-964-1}
 	- xen 4.3.0-1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1033948
-CVE-2017-7994
+CVE-2017-7994 (The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoD ...)
 	- libpodofo 0.9.5-7 (bug #860930)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -30154,27 +30154,27 @@ CVE-2017-7994
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1849
 CVE-2017-7993
 	RESERVED
-CVE-2017-7992
+CVE-2017-7992 (Heartland Payment Systems Payment Gateway PHP SDK hps/heartland-php v2 ...)
 	NOT-FOR-US: Heartland Payment Systems Payment Gateway PHP SDK
-CVE-2017-7991
+CVE-2017-7991 (Exponent CMS 2.4.1 and earlier has SQL injection via a base64 serializ ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2017-7990
+CVE-2017-7990 (The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resul ...)
 	NOT-FOR-US: OpenMRS
-CVE-2017-7989
+CVE-2017-7989 (In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type  ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-7988
+CVE-2017-7988 (In Joomla! 1.6.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering  ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-7987
+CVE-2017-7987 (In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate escaping o ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-7986
+CVE-2017-7986 (In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering  ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-7985
+CVE-2017-7985 (In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering  ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-7984
+CVE-2017-7984 (In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering  ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-7983
+CVE-2017-7983 (In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), mail sent using the J ...)
 	NOT-FOR-US: Joomla!
-CVE-2017-7982
+CVE-2017-7982 (Integer overflow in the plist_from_bin function in bplist.c in libimob ...)
 	- libplist 1.12+git+1+e37ca00-0.3 (bug #860945)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	[wheezy] - libplist <no-dsa> (Minor issue)
@@ -30182,64 +30182,64 @@ CVE-2017-7982
 	NOTE: https://github.com/libimobiledevice/libplist/issues/103
 	NOTE: The issue seems covered in prior versions of upstream dccd9290745345896e3a4a73154576a599fd8b7b
 	NOTE: which is CVE-2017-6440.
-CVE-2017-7981
+CVE-2017-7981 (Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 Synt ...)
 	NOT-FOR-US: Enalean Tuleap
-CVE-2017-7980
+CVE-2017-7980 (Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick E ...)
 	{DLA-1497-1 DLA-1035-1 DLA-939-1}
 	- qemu 1:2.8+dfsg-4
 	- qemu-kvm <removed>
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=026aeffcb4752054830ba203020ed6eb05bcaba8
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ffaf857778286ca54e3804432a2369a279e73aa7
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=f019722cbbb45aea153294fc8921fcc96a4d3fa2
-CVE-2017-7978
+CVE-2017-7978 (Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software a ...)
 	NOT-FOR-US: Samsung
-CVE-2017-7979
+CVE-2017-7979 (The cookie feature in the packet action API implementation in net/sche ...)
 	- linux <not-affected> (Only affects 4.11-rc1 onwards)
-CVE-2017-7977
+CVE-2017-7977 (The Screensavercc component in eLux RP before 5.5.0 allows attackers t ...)
 	NOT-FOR-US: Screensavercc component in eLux RP
-CVE-2017-7976
+CVE-2017-7976 (Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of ...)
 	{DSA-3855-1 DLA-942-1}
 	- jbig2dec 0.13-4.1 (bug #860787)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697683
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ed6c5133a1004ce8d
-CVE-2017-7975
+CVE-2017-7975 (Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds wr ...)
 	{DSA-3855-1 DLA-942-1}
 	- jbig2dec 0.13-4.1 (bug #860788)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697693
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5e57e483298dae8b
-CVE-2017-7974
+CVE-2017-7974 (A path traversal information disclosure vulnerability exists in Schnei ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7973
+CVE-2017-7973 (A SQL injection vulnerability exists in Schneider Electric's U.motion  ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7972
+CVE-2017-7972 (A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1. ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7971
+CVE-2017-7971 (A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1. ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7970
+CVE-2017-7970 (A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1. ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7969
+CVE-2017-7969 (A cross-site request forgery vulnerability exists on the Secure Gatewa ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7968
+CVE-2017-7968 (An Incorrect Default Permissions issue was discovered in Schneider Ele ...)
 	NOT-FOR-US: Schneider
-CVE-2017-7967
+CVE-2017-7967 (All versions of VAMPSET software produced by Schneider Electric, prior ...)
 	NOT-FOR-US: Schneider
-CVE-2017-7966
+CVE-2017-7966 (A DLL Hijacking vulnerability in the programming software in Schneider ...)
 	NOT-FOR-US: Schneider
-CVE-2017-7965
+CVE-2017-7965 (A buffer overflow vulnerability exists in Programming Software executa ...)
 	NOT-FOR-US: Schneider
-CVE-2017-7964
+CVE-2017-7964 (Zyxel WRE6505 devices have a default TELNET password of 1234 for the r ...)
 	NOT-FOR-US: Zyxel
-CVE-2017-7963
+CVE-2017-7963 (** DISPUTED ** The GNU Multiple Precision Arithmetic Library (GMP) int ...)
 	NOTE: PHP non-issue, might get rejected
-CVE-2017-7962
+CVE-2017-7962 (The iwgif_read_image function in imagew-gif.c in libimageworsener.a in ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7961
+CVE-2017-7961 (** DISPUTED ** The cr_tknzr_parse_rgb function in cr-tknzr.c in libcro ...)
 	{DLA-909-1}
 	- libcroco 0.6.11-3 (bug #860961)
 	[jessie] - libcroco <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/17/libcroco-heap-overflow-and-undefined-behavior/
 	NOTE: https://git.gnome.org/browse/libcroco/commit/?id=9ad72875e9f08e4c519ef63d44cdbd94aa9504f7
-CVE-2017-7960
+CVE-2017-7960 (The cr_input_new_from_uri function in cr-input.c in libcroco 0.6.11 an ...)
 	{DLA-909-1}
 	- libcroco 0.6.11-3 (bug #860961)
 	[jessie] - libcroco <no-dsa> (Minor issue; will be fixed via point release)
@@ -30249,7 +30249,7 @@ CVE-2017-7959
 	RESERVED
 CVE-2017-7958
 	RESERVED
-CVE-2017-7957
+CVE-2017-7957 (XStream through 1.4.9, when a certain denyTypes workaround is not used ...)
 	{DSA-3841-1 DLA-930-1}
 	- libxstream-java 1.4.9-2 (bug #861521)
 	NOTE: https://x-stream.github.io/CVE-2017-7957.html
@@ -30260,17 +30260,17 @@ CVE-2017-7955
 	RESERVED
 CVE-2017-7954
 	RESERVED
-CVE-2017-7953
+CVE-2017-7953 (INFOR EAM V11.0 Build 201410 has XSS via comment fields. ...)
 	NOT-FOR-US: INFOR EAM
-CVE-2017-7952
+CVE-2017-7952 (INFOR EAM V11.0 Build 201410 has SQL injection via search fields, rela ...)
 	NOT-FOR-US: INFOR EAM
-CVE-2017-7951
+CVE-2017-7951 (WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspe ...)
 	NOT-FOR-US: WonderCMS
-CVE-2017-7950
+CVE-2017-7950 (Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Nitro Pro
 CVE-2017-7949
 	RESERVED
-CVE-2017-7948
+CVE-2017-7948 (Integer overflow in the mark_curve function in Artifex Ghostscript 9.2 ...)
 	- ghostscript 9.22~dfsg-1 (unimportant)
 	[jessie] - ghostscript <not-affected> (Vulnerable code not present)
 	[wheezy] - ghostscript <not-affected> (Vulnerable code not present)
@@ -30278,129 +30278,129 @@ CVE-2017-7948
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;h=8210a2864372723b49c526e2b102fdc00c9c4699
 	NOTE: edgebuffer scan converter was made default only in: http://git.ghostscript.com/?p=ghostpdl.git;h=dd5da2cb3e08398ac6d86598b36b00994d058308
 	NOTE: But the vulnerable code via base/gxscan.c, a new scan converter introduced in 9.20 is present.
-CVE-2017-7947
+CVE-2017-7947 (NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 be ...)
 	NOT-FOR-US: NetApp
-CVE-2017-7946
+CVE-2017-7946 (The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 ...)
 	- radare2 1.1.0+dfsg-5 (low; bug #860962)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/issues/7301
 	NOTE: https://github.com/radare/radare2/commit/d1e8ac62c6d978d4662f69116e30230d43033c92
-CVE-2017-7945
+CVE-2017-7945 (The GlobalProtect external interface in Palo Alto Networks PAN-OS befo ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-7944
+CVE-2017-7944 (XOOPS Core 2.5.8.1 has XSS due to unescaped HTML output of an Install  ...)
 	NOT-FOR-US: XOOPS
-CVE-2017-7943
+CVE-2017-7943 (The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remot ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-6 (low; bug #860736)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/427
-CVE-2017-7942
+CVE-2017-7942 (The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remot ...)
 	- imagemagick 8:6.9.7.4+dfsg-6 (low; bug #860735)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present, does not use pixel_info yet)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present, does not use pixel_info yet)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/429
-CVE-2017-7941
+CVE-2017-7941 (The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remot ...)
 	{DSA-3863-1 DLA-960-1}
 	- imagemagick 8:6.9.7.4+dfsg-6 (low; bug #860734)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/428
-CVE-2017-7940
+CVE-2017-7940 (The iw_read_gif_file function in imagew-gif.c in libimageworsener.a in ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7939
+CVE-2017-7939 (The read_next_pam_token function in imagew-pnm.c in libimageworsener.a ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7938
+CVE-2017-7938 (Stack-based buffer overflow in DMitry (Deepmagic Information Gathering ...)
 	NOT-FOR-US: DMitry
-CVE-2017-7937
+CVE-2017-7937 (An Improper Authentication issue was discovered in Phoenix Contact Gmb ...)
 	NOT-FOR-US: Phoenix Contact
-CVE-2017-7936
+CVE-2017-7936 (A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.M ...)
 	NOT-FOR-US: NXP i.MX devices
-CVE-2017-7935
+CVE-2017-7935 (A Resource Exhaustion issue was discovered in Phoenix Contact GmbH mGu ...)
 	NOT-FOR-US: Phoenix Contact
-CVE-2017-7934
+CVE-2017-7934 (An Improper Authentication issue was discovered in OSIsoft PI Server 2 ...)
 	NOT-FOR-US: OSIsoft
-CVE-2017-7933
+CVE-2017-7933 (In ABB IP GATEWAY 3.39 and prior, some configuration files contain pas ...)
 	NOT-FOR-US: ABB
-CVE-2017-7932
+CVE-2017-7932 (An improper certificate validation issue was discovered in NXP i.MX 28 ...)
 	NOT-FOR-US: NXP i.MX devices
-CVE-2017-7931
+CVE-2017-7931 (In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform reso ...)
 	NOT-FOR-US: ABB
-CVE-2017-7930
+CVE-2017-7930 (An Improper Authentication issue was discovered in OSIsoft PI Server 2 ...)
 	NOT-FOR-US: OSIsoft
-CVE-2017-7929
+CVE-2017-7929 (An Absolute Path Traversal issue was discovered in Advantech WebAccess ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-7928
+CVE-2017-7928 (An Improper Access Control issue was discovered in Schweitzer Engineer ...)
 	NOT-FOR-US: Schweitzer Engineering Laboratories Security Gateway
-CVE-2017-7927
+CVE-2017-7927 (A Use of Password Hash Instead of Password for Authentication issue wa ...)
 	NOT-FOR-US: Dahua
-CVE-2017-7926
+CVE-2017-7926 (A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web AP ...)
 	NOT-FOR-US: OSIsoft
-CVE-2017-7925
+CVE-2017-7925 (A Password in Configuration File issue was discovered in Dahua DH-IPC- ...)
 	NOT-FOR-US: Dahua
-CVE-2017-7924
+CVE-2017-7924 (An Improper Input Validation issue was discovered in Rockwell Automati ...)
 	NOT-FOR-US: Rockwell
-CVE-2017-7923
+CVE-2017-7923 (A Password in Configuration File issue was discovered in Hikvision DS- ...)
 	NOT-FOR-US: Hikvision
-CVE-2017-7922
+CVE-2017-7922 (An Improper Privilege Management issue was discovered in Cambium Netwo ...)
 	NOT-FOR-US: Cambium Networks ePMP
-CVE-2017-7921
+CVE-2017-7921 (An Improper Authentication issue was discovered in Hikvision DS-2CD2xx ...)
 	NOT-FOR-US: Hikvision
-CVE-2017-7920
+CVE-2017-7920 (An Improper Authentication issue was discovered in ABB VSN300 WiFi Log ...)
 	NOT-FOR-US: ABB WiFi Logger Card
-CVE-2017-7919
+CVE-2017-7919 (An Improper Authentication issue was discovered in Newport XPS-Cx and  ...)
 	NOT-FOR-US: Newport
-CVE-2017-7918
+CVE-2017-7918 (An Improper Access Control issue was discovered in Cambium Networks eP ...)
 	NOT-FOR-US: Cambium Networks ePMP
-CVE-2017-7917
+CVE-2017-7917 (A Cross-Site Request Forgery issue was discovered in Moxa OnCell G3110 ...)
 	NOT-FOR-US: Moxa
-CVE-2017-7916
+CVE-2017-7916 (A Permissions, Privileges, and Access Controls issue was discovered in ...)
 	NOT-FOR-US: ABB WiFi Logger Card
-CVE-2017-7915
+CVE-2017-7915 (An Improper Restriction of Excessive Authentication Attempts issue was ...)
 	NOT-FOR-US: Moxa
-CVE-2017-7914
+CVE-2017-7914 (A Missing Authorization issue was discovered in Rockwell Automation Pa ...)
 	NOT-FOR-US: Rockwell Rockwell PanelView Plus
-CVE-2017-7913
+CVE-2017-7913 (A Plaintext Storage of a Password issue was discovered in Moxa OnCell  ...)
 	NOT-FOR-US: Moxa
 CVE-2017-7912
 	RESERVED
-CVE-2017-7911
+CVE-2017-7911 (A Code Injection issue was discovered in CyberVision Kaa IoT Platform, ...)
 	NOT-FOR-US: CyberVision Kaa IoT Platform
-CVE-2017-7910
+CVE-2017-7910 (A Stack-Based Buffer Overflow issue was discovered in Digital Canal St ...)
 	NOT-FOR-US: Digital Canal Structural Wind Analysis
-CVE-2017-7909
+CVE-2017-7909 (A Use of Client-Side Authentication issue was discovered in Advantech  ...)
 	NOT-FOR-US: Advantech
-CVE-2017-7908
+CVE-2017-7908 (A heap-based buffer overflow exists in the third-party product Gigasof ...)
 	NOT-FOR-US: Gigasoft
-CVE-2017-7907
+CVE-2017-7907 (An Improper XML Parser Configuration issue was discovered in Schneider ...)
 	NOT-FOR-US: Schneider
-CVE-2017-7906
+CVE-2017-7906 (In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently ...)
 	NOT-FOR-US: ABB
-CVE-2017-7905
+CVE-2017-7905 (A Weak Cryptography for Passwords issue was discovered in General Elec ...)
 	NOT-FOR-US: General Electric
 CVE-2017-7904
 	RESERVED
-CVE-2017-7903
+CVE-2017-7903 (A Weak Password Requirements issue was discovered in Rockwell Automati ...)
 	NOT-FOR-US: Rockwell Automation
-CVE-2017-7902
+CVE-2017-7902 (A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in Ro ...)
 	NOT-FOR-US: Rockwell Automation
-CVE-2017-7901
+CVE-2017-7901 (A Predictable Value Range from Previous Values issue was discovered in ...)
 	NOT-FOR-US: Rockwell Automation
 CVE-2017-7900
 	RESERVED
-CVE-2017-7899
+CVE-2017-7899 (An Information Exposure issue was discovered in Rockwell Automation Al ...)
 	NOT-FOR-US: Rockwell Automation
-CVE-2017-7898
+CVE-2017-7898 (An Improper Restriction of Excessive Authentication Attempts issue was ...)
 	NOT-FOR-US: Rockwell Automation
-CVE-2017-7897
+CVE-2017-7897 (A cross-site scripting (XSS) vulnerability in the MantisBT (2.3.x befo ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
-CVE-2017-7896
+CVE-2017-7896 (Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-7895
+CVE-2017-7895 (The NFSv2 and NFSv3 server implementations in the Linux kernel through ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.25-1
 	NOTE: Fixed by: https://git.kernel.org/linus/13bf9fbff0e5e099e2b6f003a0ab8ae145436309
-CVE-2017-7894
+CVE-2017-7894 (WinDjView 2.1 might allow user-assisted attackers to execute code via  ...)
 	NOT-FOR-US: WinDjView
-CVE-2017-7893
+CVE-2017-7893 (In SaltStack Salt before 2016.3.6, compromised salt-minions can impers ...)
 	- salt 2016.11.5+ds-1
 	[stretch] - salt <no-dsa> (Minor issue)
 	[jessie] - salt <ignored> (Vulnerable code introduced later, but older versions did not verify master anyways)
@@ -30414,14 +30414,14 @@ CVE-2017-7893
 	NOTE: off by default and needs considerations of admins before enabling. We still
 	NOTE: consider the issue as fixed starting with this change. Details in
 	NOTE: https://github.com/saltstack/salt/issues/48939#issuecomment-410777638
-CVE-2017-7892
+CVE-2017-7892 (Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to  ...)
 	- capnproto 0.6.1-1 (unimportant; bug #860960)
 	NOTE: https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2017-04-17-0-apple-clang-elides-bounds-check.md
 	NOTE: Fixed by: https://github.com/sandstorm-io/capnproto/commit/52bc956459a5e83d7c31be95763ff6399e064ae4
 	NOTE: So far only Apple's compiler has been shown to apply the problematic optimization, fixed in 0.5.3.1 upstream
-CVE-2017-7891
+CVE-2017-7891 (sourcebans-pp (SourceBans++) 1.5.4.7 has XSS in admin.comms.php via th ...)
 	NOT-FOR-US: SourceBans++
-CVE-2017-7890
+CVE-2017-7890 (The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in th ...)
 	{DSA-3938-1 DLA-1055-1}
 	- php7.1 7.1.8-1 (unimportant)
 	- php7.0 7.0.22-1 (unimportant)
@@ -30431,44 +30431,44 @@ CVE-2017-7890
 	- libgd2 2.2.5-1 (bug #869263)
 	NOTE: https://github.com/libgd/libgd/issues/399
 	NOTE: https://github.com/libgd/libgd/commit/c613bc169802bb4b639ee2e15c61b25b80a88424
-CVE-2017-7888
+CVE-2017-7888 (Dolibarr ERP/CRM 4.0.4 stores passwords with the MD5 algorithm, which  ...)
 	- dolibarr 5.0.4+dfsg3-1 (bug #863544)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/10/6
-CVE-2017-7887
+CVE-2017-7887 (Dolibarr ERP/CRM 4.0.4 has XSS in doli/societe/list.php via the sall p ...)
 	- dolibarr 5.0.4+dfsg3-1 (bug #863544)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/10/6
-CVE-2017-7886
+CVE-2017-7886 (Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css. ...)
 	- dolibarr 5.0.4+dfsg3-1 (bug #863544)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/10/6
-CVE-2017-7885
+CVE-2017-7885 (Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to den ...)
 	{DSA-3855-1 DLA-942-1}
 	- jbig2dec 0.13-4.1 (bug #860460)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697703
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b184e783702246e15
-CVE-2017-7884
+CVE-2017-7884 (In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default i ...)
 	- apcupsd <not-affected> (Only APC UPS Daemon on Windows)
-CVE-2017-7889
+CVE-2017-7889 (The mm subsystem in the Linux kernel through 4.10.10 does not properly ...)
 	{DSA-3945-1 DLA-1099-1}
 	- linux 4.9.25-1
 	NOTE: Fixed by: https://git.kernel.org/linus/a4866aa812518ed1a37d8ea0c881dc946409de94 (v4.11-rc7)
 CVE-2017-7883
 	RESERVED
-CVE-2017-7882
+CVE-2017-7882 (LibreOffice before 2017-03-14 has an out-of-bounds write related to th ...)
 	- libreoffice <not-affected> (Vulnerable code not present in any release)
 	NOTE: Fixed by: https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c
-CVE-2017-7881
+CVE-2017-7881 (BigTree CMS through 4.2.17 relies on a substring check for CSRF protec ...)
 	NOT-FOR-US: BigTree CMS
 CVE-2017-7880
 	RESERVED
-CVE-2017-7879
+CVE-2017-7879 (SQL Injection vulnerability in flatCore version 1.4.6 allows an attack ...)
 	NOT-FOR-US: flatCore
-CVE-2017-7878
+CVE-2017-7878 (SQL Injection vulnerability in flatCore version 1.4.6 allows an attack ...)
 	NOT-FOR-US: flatCore
-CVE-2017-7877
+CVE-2017-7877 (CSRF vulnerability in flatCore version 1.4.6 allows remote attackers t ...)
 	NOT-FOR-US: flatCore
-CVE-2017-7876
+CVE-2017-7876 (QNAP QTS before 4.2.6 build 20170517 allows command injection. ...)
 	NOT-FOR-US: QNAP QTS
-CVE-2017-7875
+CVE-2017-7875 (In wallpaper.c in feh before v2.18.3, if a malicious client pretends t ...)
 	{DLA-899-1}
 	- feh 2.18-2 (low; bug #860367)
 	[jessie] - feh <no-dsa> (Minor issue)
@@ -30479,13 +30479,13 @@ CVE-2017-7873
 	RESERVED
 CVE-2017-7872
 	RESERVED
-CVE-2017-7871
+CVE-2017-7871 (trollepierre/tdm before 2017-04-13 is vulnerable to a reflected XSS in ...)
 	NOT-FOR-US: trollepierre/tdm
-CVE-2017-7870
+CVE-2017-7870 (LibreOffice before 2017-01-02 has an out-of-bounds write caused by a h ...)
 	{DSA-3837-1 DLA-910-1}
 	- libreoffice 1:5.2.5-1
 	NOTE: Fixed by: https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722
-CVE-2017-7869
+CVE-2017-7869 (GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integ ...)
 	- gnutls28 3.5.8-4
 	[jessie] - gnutls28 3.3.8-6+deb8u5
 	- gnutls26 <removed>
@@ -30494,144 +30494,144 @@ CVE-2017-7869
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/51464af713d71802e3c6d5ac15f1a95132a354fe
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420
 	NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-3
-CVE-2017-7868
+CVE-2017-7868 (International Components for Unicode (ICU) for C/C++ before 2017-02-13 ...)
 	{DSA-3830-1 DLA-947-1}
 	- icu 57.1-6 (bug #860314)
 	NOTE: http://bugs.icu-project.org/trac/changeset/39671
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437
-CVE-2017-7867
+CVE-2017-7867 (International Components for Unicode (ICU) for C/C++ before 2017-02-13 ...)
 	{DSA-3830-1 DLA-947-1}
 	- icu 57.1-6 (bug #860314)
 	NOTE: http://bugs.icu-project.org/trac/changeset/39671
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=213
-CVE-2017-7866
+CVE-2017-7866 (FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack- ...)
 	- ffmpeg 7:3.2.4-1
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/e371f031b942d73e02c090170975561fabd5c264
-CVE-2017-7865
+CVE-2017-7865 (FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-b ...)
 	{DLA-1654-1}
 	- ffmpeg 7:3.2.4-1
 	- libav <removed>
 	NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/2080bc33717955a0e4268e738acf8c1eeddbf8cb
-CVE-2017-7864
+CVE-2017-7864 (FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a he ...)
 	- freetype <not-affected> (Vulnerable code not present; CFF2 support introduced in 2.7.1, cf #860313)
 	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509
-CVE-2017-7863
+CVE-2017-7863 (FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-b ...)
 	{DLA-1654-1}
 	- ffmpeg 7:3.2.4-1
 	- libav <removed>
 	NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/e477f09d0b3619f3d29173b2cd593e17e2d1978e
 	NOTE: libav in jessie only supports transparency with RGB palette, only parts of the upstream fix apply
-CVE-2017-7862
+CVE-2017-7862 (FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-b ...)
 	{DSA-4012-1 DLA-1142-1}
 	- ffmpeg 7:3.2.4-1
 	- libav <removed>
 	NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/8c2ea3030af7b40a3c4275696fb5c76cdb80950a
 	NOTE: Fixed in 11.11
-CVE-2017-7861
+CVE-2017-7861 (Google gRPC before 2017-02-22 has an out-of-bounds write related to th ...)
 	- grpc 1.2.5-1+nmu0 (bug #860316)
-CVE-2017-7860
+CVE-2017-7860 (Google gRPC before 2017-02-22 has an out-of-bounds write caused by a h ...)
 	- grpc 1.2.5-1+nmu0 (bug #860316)
-CVE-2017-7859
+CVE-2017-7859 (FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-b ...)
 	- ffmpeg <not-affected> (Only affected master, not present in a release)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1034183
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/70ebc05bce51215cd0857194d6cabf1e4d1440fb
-CVE-2017-7858
+CVE-2017-7858 (FreeType 2 before 2017-03-07 has an out-of-bounds write related to the ...)
 	- freetype <not-affected> (Vulnerable code introduced in 2.6.4)
 	NOTE: Introduced after: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=813aca51d28704f7ffc470721167738fa8decb3d
 	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738
-CVE-2017-7857
+CVE-2017-7857 (FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a he ...)
 	- freetype <not-affected> (Vulnerable code introduced in 2.6.4)
 	NOTE: Introduced after: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=813aca51d28704f7ffc470721167738fa8decb3d
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb91fbf47fc0775cc9705673caf0c47a81f94b
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759
-CVE-2017-7856
+CVE-2017-7856 (LibreOffice before 2017-03-11 has an out-of-bounds write caused by a h ...)
 	- libreoffice <not-affected> (Didn't affect any released version of LibreOffice)
-CVE-2017-7855
+CVE-2017-7855 (In the webmail component in IceWarp Server 11.3.1.5, there was an XSS  ...)
 	NOT-FOR-US: IceWarp
-CVE-2017-7854
+CVE-2017-7854 (The consume_init_expr function in wasm.c in radare2 1.3.0 allows remot ...)
 	- radare2 <not-affected> (Vulnerable code introduced later)
-CVE-2017-7853
+CVE-2017-7853 (In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can l ...)
 	{DSA-3879-1 DLA-898-1}
 	- libosip2 4.1.0-2.1 (bug #860287)
 	NOTE: https://savannah.gnu.org/support/index.php?109265
 	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/osip.git/commit/?id=1ae06daf3b2375c34af23083394a6f010be24a45
-CVE-2017-7852
+CVE-2017-7852 (D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allo ...)
 	NOT-FOR-US: D-Link
-CVE-2017-7851
+CVE-2017-7851 (D-Link DCS-936L devices with firmware before 1.05.07 have an inadequat ...)
 	NOT-FOR-US: D-Link
-CVE-2017-7850
+CVE-2017-7850 (Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local priv ...)
 	NOT-FOR-US: Nessus
-CVE-2017-7849
+CVE-2017-7849 (Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local deni ...)
 	NOT-FOR-US: Nessus
-CVE-2017-7848
+CVE-2017-7848 (RSS fields can inject new lines into the created email structure, modi ...)
 	{DSA-4075-1 DLA-1223-1}
 	- thunderbird 1:52.5.2-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/#CVE-2017-7848
-CVE-2017-7847
+CVE-2017-7847 (Crafted CSS in an RSS feed can leak and reveal local path strings, whi ...)
 	{DSA-4075-1 DLA-1223-1}
 	- thunderbird 1:52.5.2-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/#CVE-2017-7847
-CVE-2017-7846
+CVE-2017-7846 (It is possible to execute JavaScript in the parsed RSS feed when RSS f ...)
 	{DSA-4075-1 DLA-1223-1}
 	- thunderbird 1:52.5.2-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/#CVE-2017-7846
-CVE-2017-7845
+CVE-2017-7845 (A buffer overflow occurs when drawing and validating elements using Di ...)
 	- firefox <not-affected> (Only affects Firefox on Windows)
 	- firefox-esr <not-affected> (Only affects Firefox on Windows)
 	- thunderbird <not-affected> (Only affects Firefox on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-29/#CVE-2017-7845
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-28/#CVE-2017-7845
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/#CVE-2017-7845
-CVE-2017-7844
+CVE-2017-7844 (A combination of an external SVG image referenced on a page and the co ...)
 	- firefox 57.0.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-27/#CVE-2017-7844
-CVE-2017-7843
+CVE-2017-7843 (When Private Browsing mode is used, it is possible for a web worker to ...)
 	{DSA-4062-1 DLA-1202-1}
 	- firefox 57.0.1-1
 	- firefox-esr 52.5.2esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-27/#CVE-2017-7843
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-28/#CVE-2017-7843
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1410106
-CVE-2017-7842
+CVE-2017-7842 (If a document's Referrer Policy attribute is set to "no-referrer" some ...)
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7842
 CVE-2017-7841
 	RESERVED
-CVE-2017-7840
+CVE-2017-7840 (JavaScript can be injected into an exported bookmarks file by placing  ...)
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7840
-CVE-2017-7839
+CVE-2017-7839 (Control characters prepended before "javascript:" URLs pasted in the a ...)
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7839
-CVE-2017-7838
+CVE-2017-7838 (Punycode format text will be displayed for entire qualified internatio ...)
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7838
-CVE-2017-7837
+CVE-2017-7837 (SVG loaded through "&lt;img&gt;" tags can use "&lt;meta&gt;" tags with ...)
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7837
-CVE-2017-7836
+CVE-2017-7836 (The "pingsender" executable used by the Firefox Health Report dynamica ...)
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7836
-CVE-2017-7835
+CVE-2017-7835 (Mixed content blocking of insecure (HTTP) sub-resources in a secure (H ...)
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7835
-CVE-2017-7834
+CVE-2017-7834 (A "data:" URL loaded in a new tab did not inherit the Content Security ...)
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7834
-CVE-2017-7833
+CVE-2017-7833 (Some Arabic and Indic vowel marker characters can be combined with Lat ...)
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7833
-CVE-2017-7832
+CVE-2017-7832 (The combined, single character, version of the letter 'i' with any of  ...)
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7832
-CVE-2017-7831
+CVE-2017-7831 (A vulnerability where the security wrapper does not deny access to som ...)
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7831
-CVE-2017-7830
+CVE-2017-7830 (The Resource Timing API incorrectly revealed navigations in cross-orig ...)
 	{DSA-4075-1 DSA-4061-1 DSA-4035-1 DLA-1199-1 DLA-1172-1}
 	- firefox 57.0-1
 	- firefox-esr 52.5.0esr-1
@@ -30639,11 +30639,11 @@ CVE-2017-7830
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7830
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/#CVE-2017-7830
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/#CVE-2017-7830
-CVE-2017-7829
+CVE-2017-7829 (It is possible to spoof the sender's email address and display an arbi ...)
 	{DSA-4075-1 DLA-1223-1}
 	- thunderbird 1:52.5.2-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/#CVE-2017-7829
-CVE-2017-7828
+CVE-2017-7828 (A use-after-free vulnerability can occur when flushing and resizing la ...)
 	{DSA-4075-1 DSA-4061-1 DSA-4035-1 DLA-1199-1 DLA-1172-1}
 	- firefox 57.0-1
 	- firefox-esr 52.5.0esr-1
@@ -30651,10 +30651,10 @@ CVE-2017-7828
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7828
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/#CVE-2017-7828
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/#CVE-2017-7828
-CVE-2017-7827
+CVE-2017-7827 (Memory safety bugs were reported in Firefox 56. Some of these bugs sho ...)
 	- firefox 57.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7827
-CVE-2017-7826
+CVE-2017-7826 (Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. S ...)
 	{DSA-4075-1 DSA-4061-1 DSA-4035-1 DLA-1199-1 DLA-1172-1}
 	- firefox 57.0-1
 	- firefox-esr 52.5.0esr-1
@@ -30662,14 +30662,14 @@ CVE-2017-7826
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7826
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/#CVE-2017-7826
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/#CVE-2017-7826
-CVE-2017-7825
+CVE-2017-7825 (Several fonts on OS X display some Tibetan and Arabic characters as wh ...)
 	- firefox <not-affected> (Only affects Firefox on OS X)
 	- firefox-esr <not-affected> (Only affects Firefox on OS X)
 	- icedove <not-affected> (Only affects Thunderbird on OS X)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7825
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7825
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7825
-CVE-2017-7824
+CVE-2017-7824 (A buffer overflow occurs when drawing and validating elements with the ...)
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30677,7 +30677,7 @@ CVE-2017-7824
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7824
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7824
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7824
-CVE-2017-7823
+CVE-2017-7823 (The content security policy (CSP) "sandbox" directive did not create a ...)
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30685,16 +30685,16 @@ CVE-2017-7823
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7823
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7823
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7823
-CVE-2017-7822
+CVE-2017-7822 (The AES-GCM implementation in WebCrypto API accepts 0-length IV when i ...)
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7822
-CVE-2017-7821
+CVE-2017-7821 (A vulnerability where WebExtensions can download and attempt to open a ...)
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7821
-CVE-2017-7820
+CVE-2017-7820 (The "instanceof" operator can bypass the Xray wrapper mechanism. When  ...)
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7820
-CVE-2017-7819
+CVE-2017-7819 (A use-after-free vulnerability can occur in design mode when image obj ...)
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30702,7 +30702,7 @@ CVE-2017-7819
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7819
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7819
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7819
-CVE-2017-7818
+CVE-2017-7818 (A use-after-free vulnerability can occur when manipulating arrays of A ...)
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30710,16 +30710,16 @@ CVE-2017-7818
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7818
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7818
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7818
-CVE-2017-7817
+CVE-2017-7817 (A spoofing vulnerability can occur when a page switches to fullscreen  ...)
 	- firefox <not-affected> (Only affects Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7817
-CVE-2017-7816
+CVE-2017-7816 (WebExtensions could use popups and panels in the extension UI to load  ...)
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7816
-CVE-2017-7815
+CVE-2017-7815 (On pages containing an iframe, the "data:" protocol can be used to cre ...)
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7815
-CVE-2017-7814
+CVE-2017-7814 (File downloads encoded with "blob:" and "data:" URL elements bypassed  ...)
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30727,16 +30727,16 @@ CVE-2017-7814
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7814
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7814
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7814
-CVE-2017-7813
+CVE-2017-7813 (Inside the JavaScript parser, a cast of an integer to a narrower type  ...)
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7813
-CVE-2017-7812
+CVE-2017-7812 (If web content on a page is dragged onto portions of the browser UI, s ...)
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7812
-CVE-2017-7811
+CVE-2017-7811 (Memory safety bugs were reported in Firefox 55. Some of these bugs sho ...)
 	- firefox 56.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7811
-CVE-2017-7810
+CVE-2017-7810 (Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. S ...)
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30744,21 +30744,21 @@ CVE-2017-7810
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7810
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7810
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7810
-CVE-2017-7809
+CVE-2017-7809 (A use-after-free vulnerability can occur when an editor DOM node is de ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7808
+CVE-2017-7808 (A content security policy (CSP) "frame-ancestors" directive containing ...)
 	- firefox 55.0-1
-CVE-2017-7807
+CVE-2017-7807 (A mechanism that uses AppCache to hijack a URL in a domain using fallb ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7806
+CVE-2017-7806 (A use-after-free vulnerability can occur when the layer manager is fre ...)
 	- firefox 55.0-1
-CVE-2017-7805
+CVE-2017-7805 (During TLS 1.2 exchanges, handshake hashes are generated which point t ...)
 	{DSA-4014-1 DSA-3998-1 DSA-3987-1 DLA-1153-1 DLA-1138-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30769,45 +30769,45 @@ CVE-2017-7805
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7805
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7805
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7805
-CVE-2017-7804
+CVE-2017-7804 (The destructor function for the "WindowsDllDetourPatcher" class can be ...)
 	- firefox <not-affected> (Windows-specific)
 	- firefox-esr <not-affected> (Windows-specific)
 	- icedove <not-affected> (Windows-specific)
-CVE-2017-7803
+CVE-2017-7803 (When a page's content security policy (CSP) header contains a "sandbox ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7802
+CVE-2017-7802 (A use-after-free vulnerability can occur when manipulating the DOM dur ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7801
+CVE-2017-7801 (A use-after-free vulnerability can occur while re-computing layout for ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7800
+CVE-2017-7800 (A use-after-free vulnerability can occur in WebSockets when the object ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7799
+CVE-2017-7799 (JavaScript in the "about:webrtc" page is not sanitized properly being  ...)
 	- firefox 55.0-1
-CVE-2017-7798
+CVE-2017-7798 (The Developer Tools feature suffers from a XUL injection vulnerability ...)
 	{DSA-3928-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
-CVE-2017-7797
+CVE-2017-7797 (Response header name interning does not have same-origin protections a ...)
 	- firefox 55.0-1
-CVE-2017-7796
+CVE-2017-7796 (On Windows systems, the logger run by the Windows updater deletes the  ...)
 	- firefox <not-affected> (Windows-specific)
 CVE-2017-7795
 	RESERVED
-CVE-2017-7794
+CVE-2017-7794 (On Linux systems, if the content process is compromised, the sandbox b ...)
 	- firefox 55.0-1
-CVE-2017-7793
+CVE-2017-7793 (A use-after-free vulnerability can occur in the Fetch API when the wor ...)
 	{DSA-4014-1 DSA-3987-1 DLA-1153-1 DLA-1118-1}
 	- firefox 56.0-1
 	- firefox-esr 52.4.0esr-2
@@ -30815,59 +30815,59 @@ CVE-2017-7793
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7793
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7793
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7793
-CVE-2017-7792
+CVE-2017-7792 (A buffer overflow will occur when viewing a certificate in the certifi ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7791
+CVE-2017-7791 (On pages containing an iframe, the "data:" protocol can be used to cre ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7790
+CVE-2017-7790 (On Windows systems, if non-null-terminated strings are copied into the ...)
 	- firefox <not-affected> (Windows-specific)
-CVE-2017-7789
+CVE-2017-7789 (If a server sends two Strict-Transport-Security (STS) headers for a si ...)
 	- firefox 55.0-1 (low)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1074642
-CVE-2017-7788
+CVE-2017-7788 (When an "iframe" has a "sandbox" attribute and its content is specifie ...)
 	- firefox 55.0-1
-CVE-2017-7787
+CVE-2017-7787 (Same-origin policy protections can be bypassed on pages with embedded  ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7786
+CVE-2017-7786 (A buffer overflow can occur when the image renderer attempts to paint  ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7785
+CVE-2017-7785 (A buffer overflow can occur when manipulating Accessible Rich Internet ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7784
+CVE-2017-7784 (A use-after-free vulnerability can occur when reading an image observe ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7783
+CVE-2017-7783 (If a long user name is used in a username/password combination in a si ...)
 	- firefox 55.0-1
-CVE-2017-7782
+CVE-2017-7782 (An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Exe ...)
 	- firefox <not-affected> (Windows-specific)
 	- firefox-esr <not-affected> (Windows-specific)
 	- icedove <not-affected> (Windows-specific)
-CVE-2017-7781
+CVE-2017-7781 (An error occurs in the elliptic curve point addition algorithm that us ...)
 	- firefox 55.0-1
-CVE-2017-7780
+CVE-2017-7780 (Memory safety bugs were reported in Firefox 54. Some of these bugs sho ...)
 	- firefox 55.0-1
-CVE-2017-7779
+CVE-2017-7779 (Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and  ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7778
+CVE-2017-7778 (A number of security vulnerabilities in the Graphite 2 library includi ...)
 	{DSA-3918-1 DSA-3894-1 DSA-3881-1 DLA-1013-1 DLA-1007-1 DLA-991-1}
 	- graphite2 1.3.10-1
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1349310
@@ -30934,34 +30934,34 @@ CVE-2017-7771
 	- firefox-esr 52.2.0esr-1
 	- icedove 1:52.2.0-1
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1350047
-CVE-2017-7770
+CVE-2017-7770 (A mechanism where when a new tab is loaded through JavaScript events,  ...)
 	- firefox <not-affected> (Only Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7770
 CVE-2017-7769
 	RESERVED
-CVE-2017-7768
+CVE-2017-7768 (The Mozilla Maintenance Service can be invoked by an unprivileged user ...)
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7768
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7768
-CVE-2017-7767
+CVE-2017-7767 (The Mozilla Maintenance Service can be invoked by an unprivileged user ...)
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7767
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7767
-CVE-2017-7766
+CVE-2017-7766 (An attack using manipulation of "updater.ini" contents, used by the Mo ...)
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7766
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7766
-CVE-2017-7765
+CVE-2017-7765 (The "Mark of the Web" was not correctly saved on Windows when files wi ...)
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	- icedove <not-affected> (Only Thunderbird on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7765
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7765
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7765
-CVE-2017-7764
+CVE-2017-7764 (Characters from the "Canadian Syllabics" unicode block can be mixed wi ...)
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -30969,30 +30969,30 @@ CVE-2017-7764
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7764
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7764
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7764
-CVE-2017-7763
+CVE-2017-7763 (Default fonts on OS X display some Tibetan characters as whitespace. W ...)
 	- firefox <not-affected> (Only firefox on Mac OS X)
 	- firefox-esr <not-affected> (Only Firefox ESR on Mac OS X)
 	- icedove <not-affected> (Only Thunderbird on Mac OS X)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7763
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7763
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7763
-CVE-2017-7762
+CVE-2017-7762 (When entered directly, Reader Mode did not strip the username and pass ...)
 	- firefox 54.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7762
-CVE-2017-7761
+CVE-2017-7761 (The Mozilla Maintenance Service "helper.exe" application creates a tem ...)
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7761
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7761
-CVE-2017-7760
+CVE-2017-7760 (The Mozilla Windows updater modifies some files to be updated by readi ...)
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7760
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7760
-CVE-2017-7759
+CVE-2017-7759 (Android intent URLs given to Firefox for Android can be used to naviga ...)
 	- firefox <not-affected> (Only Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7759
-CVE-2017-7758
+CVE-2017-7758 (An out-of-bounds read vulnerability with the Opus encoder when the num ...)
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31000,7 +31000,7 @@ CVE-2017-7758
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7758
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7758
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7758
-CVE-2017-7757
+CVE-2017-7757 (A use-after-free vulnerability in IndexedDB when one of its objects is ...)
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31008,7 +31008,7 @@ CVE-2017-7757
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7757
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7757
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7757
-CVE-2017-7756
+CVE-2017-7756 (A use-after-free and use-after-scope vulnerability when logging errors ...)
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31016,12 +31016,12 @@ CVE-2017-7756
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7756
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7756
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7756
-CVE-2017-7755
+CVE-2017-7755 (The Firefox installer on Windows can be made to load malicious DLL fil ...)
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox ESR on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7755
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7755
-CVE-2017-7754
+CVE-2017-7754 (An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo"  ...)
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31029,12 +31029,12 @@ CVE-2017-7754
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7754
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7754
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7754
-CVE-2017-7753
+CVE-2017-7753 (An out-of-bounds read occurs when applying style rules to pseudo-eleme ...)
 	{DSA-3968-1 DSA-3928-1 DLA-1087-1 DLA-1053-1}
 	- firefox 55.0-1
 	- firefox-esr 52.3.0esr-1
 	- icedove 1:52.3.0-1 (bug #872834)
-CVE-2017-7752
+CVE-2017-7752 (A use-after-free vulnerability during specific user interactions with  ...)
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31042,7 +31042,7 @@ CVE-2017-7752
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7752
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7752
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7752
-CVE-2017-7751
+CVE-2017-7751 (A use-after-free vulnerability with content viewer listeners that resu ...)
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31050,7 +31050,7 @@ CVE-2017-7751
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7751
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7751
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7751
-CVE-2017-7750
+CVE-2017-7750 (A use-after-free vulnerability during video control operations when a  ...)
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31058,7 +31058,7 @@ CVE-2017-7750
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7750
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7750
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7750
-CVE-2017-7749
+CVE-2017-7749 (A use-after-free vulnerability when using an incorrect URL during the  ...)
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -31066,28 +31066,28 @@ CVE-2017-7749
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7749
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7749
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7749
-CVE-2017-7748
+CVE-2017-7748 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector cou ...)
 	- wireshark 2.2.6+g32dac6a-1 (low)
 	[jessie] - wireshark <not-affected> (Vulnerable code introduced later)
 	[wheezy] - wireshark <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-21.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f55cbcde2c8f74b652add4450b0592082eb6acff
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13581
-CVE-2017-7747
+CVE-2017-7747 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissecto ...)
 	{DLA-1634-1}
 	- wireshark 2.2.6+g32dac6a-1
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-18.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5cfd52d6629cf8a7ab67c6bacd3431a964f43584
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13559
-CVE-2017-7746
+CVE-2017-7746 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector co ...)
 	{DLA-1634-1}
 	- wireshark 2.2.6+g32dac6a-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-19.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=58e69cc769dea24b721abd8a29f9eedc11024b7e
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13576
-CVE-2017-7745
+CVE-2017-7745 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector ...)
 	- wireshark 2.2.6+g32dac6a-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -31098,13 +31098,13 @@ CVE-2017-7744
 	RESERVED
 CVE-2017-7743
 	RESERVED
-CVE-2017-7742
+CVE-2017-7742 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" func ...)
 	{DLA-928-1}
 	- libsndfile 1.0.27-3 (bug #860255)
 	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
 	NOTE: https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/
-CVE-2017-7741
+CVE-2017-7741 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" func ...)
 	{DLA-928-1}
 	- libsndfile 1.0.27-2
 	[jessie] - libsndfile <no-dsa> (Minor issue)
@@ -31114,58 +31114,58 @@ CVE-2017-7741
 	NOTE: https://sources.debian.org/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
 CVE-2017-7740
 	RESERVED
-CVE-2017-7739
+CVE-2017-7739 (A reflected Cross-site Scripting (XSS) vulnerability in web proxy disc ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-7738
+CVE-2017-7738 (An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5 ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-7737
+CVE-2017-7737 (An information disclosure vulnerability in Fortinet FortiWeb 5.8.2 and ...)
 	NOT-FOR-US: Fortinet
-CVE-2017-7736
+CVE-2017-7736 (A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb ...)
 	NOT-FOR-US: Fortinet
-CVE-2017-7735
+CVE-2017-7735 (A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.2. ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-7734
+CVE-2017-7734 (A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4. ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-7733
+CVE-2017-7733 (A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 t ...)
 	NOT-FOR-US: Fortinet
-CVE-2017-7732
+CVE-2017-7732 (A reflected Cross-Site Scripting (XSS) vulnerability in Fortinet Forti ...)
 	NOT-FOR-US: Fortinet
-CVE-2017-7731
+CVE-2017-7731 (A weak password recovery vulnerability in Fortinet FortiPortal version ...)
 	NOT-FOR-US: Fortinet FortiPortal
-CVE-2017-7730
+CVE-2017-7730 (iSmartAlarm cube devices allow Denial of Service. Sending a SYN flood  ...)
 	NOT-FOR-US: iSmartAlarm
-CVE-2017-7729
+CVE-2017-7729 (On iSmartAlarm cube devices, there is Incorrect Access Control because ...)
 	NOT-FOR-US: iSmartAlarm
-CVE-2017-7728
+CVE-2017-7728 (On iSmartAlarm cube devices, there is authentication bypass leading to ...)
 	NOT-FOR-US: iSmartAlarm
 CVE-2017-7727
 	REJECTED
-CVE-2017-7726
+CVE-2017-7726 (iSmartAlarm cube devices have an SSL Certificate Validation Vulnerabil ...)
 	NOT-FOR-US: iSmartAlarm
-CVE-2017-7725
+CVE-2017-7725 (concrete5 8.1.0 places incorrect trust in the HTTP Host header during  ...)
 	NOT-FOR-US: concrete5
 CVE-2017-7724
 	RESERVED
-CVE-2017-7723
+CVE-2017-7723 (XSS exists in Easy WP SMTP (before 1.2.5), a WordPress Plugin, via the ...)
 	NOT-FOR-US: Easy WP SMTP WordPress plugin
-CVE-2017-7722
+CVE-2017-7722 (In SolarWinds Log &amp; Event Manager (LEM) before 6.3.1 Hotfix 4, a m ...)
 	NOT-FOR-US: SolarWinds
-CVE-2017-7721
+CVE-2017-7721 (IrfanView version 4.44 (32bit) with FPX Plugin before 4.45 has an Acce ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-7720
+CVE-2017-7720 (Buffer overflow in PrivateTunnel 2.7 and 2.8 allows local attackers to ...)
 	NOT-FOR-US: PrivateTunnel
-CVE-2017-7719
+CVE-2017-7719 (SQL injection in the Spider Event Calendar (aka spider-event-calendar) ...)
 	NOT-FOR-US: Spider Event Calendar
-CVE-2017-7718
+CVE-2017-7718 (hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local  ...)
 	{DLA-1497-1 DLA-1035-1 DLA-939-1}
 	- qemu 1:2.8+dfsg-4
 	- qemu-kvm <removed>
 	NOTE: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=215902d7b6fb50c6fc216fc74f770858278ed904
 	NOTE: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=3328c14e63f08fb07e8c6dec779c9d365e9e9864 (v2.8.1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1443441
-CVE-2017-7717
+CVE-2017-7717 (SQL injection vulnerability in the getUserUddiElements method in the E ...)
 	NOT-FOR-US: SAP
-CVE-2017-7716
+CVE-2017-7716 (The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 a ...)
 	- radare2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/radare/radare2/issues/7260
 CVE-2017-7715
@@ -31188,14 +31188,14 @@ CVE-2017-7707
 	RESERVED
 CVE-2017-7706
 	RESERVED
-CVE-2017-7705
+CVE-2017-7705 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dis ...)
 	- wireshark 2.2.6+g32dac6a-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-15.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13558
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=08d392bbecc8fb666bf979e70a34536007b83ea2
-CVE-2017-7704
+CVE-2017-7704 (In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infini ...)
 	- wireshark 2.2.6+g32dac6a-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -31203,14 +31203,14 @@ CVE-2017-7704
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13453
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6032b0fe5fc1176ab77e03e20765f95fbd21b19e
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=da53a90b6895e47e03c5de05edf84bd99d535fd8
-CVE-2017-7703
+CVE-2017-7703 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector co ...)
 	{DLA-1634-1}
 	- wireshark 2.2.6+g32dac6a-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-12.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13466
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=671e32820ab29d41d712cc8a472eab9b672684d9
-CVE-2017-7702
+CVE-2017-7702 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector c ...)
 	- wireshark 2.2.6+g32dac6a-1 (low)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -31220,14 +31220,14 @@ CVE-2017-7702
 	NOTE: When for older releases fixing this entry, make sure to fix apply the
 	NOTE: complete patch including https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2f322f66cbcca2fefdaa630494f9d6c97eb659b7
 	NOTE: to not open CVE-2017-11410.
-CVE-2017-7701
+CVE-2017-7701 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector cou ...)
 	- wireshark 2.2.6+g32dac6a-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-16.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a
-CVE-2017-7700
+CVE-2017-7700 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file pa ...)
 	{DLA-1634-1 DLA-858-1}
 	- wireshark 2.2.6+g32dac6a-1 (low)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-14.html
@@ -31235,11 +31235,11 @@ CVE-2017-7700
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8fc0af859de4993951a915ad735be350221f3f53
 CVE-2017-7699
 	RESERVED
-CVE-2017-7698
+CVE-2017-7698 (A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier all ...)
 	- swftools 0.9.2+ds1-2
 	NOTE: https://github.com/matthiaskramm/swftools/pull/19
 	NOTE: Vulnerable code removed with the 0.9.2+dfs1-2 upload
-CVE-2017-7697
+CVE-2017-7697 (In libsamplerate before 0.1.9, a buffer over-read occurs in the calc_o ...)
 	- libsamplerate 0.1.9-1 (bug #860159)
 	[stretch] - libsamplerate <no-dsa> (Minor issue)
 	[jessie] - libsamplerate <no-dsa> (Minor issue)
@@ -31247,53 +31247,53 @@ CVE-2017-7697
 	NOTE: https://github.com/erikd/libsamplerate/issues/11
 	NOTE: https://blogs.gentoo.org/ago/2017/04/11/libsamplerate-global-buffer-overflow-in-calc_output_single-src_sinc-c/
 	NOTE: Fixed by: https://github.com/erikd/libsamplerate/commit/c3b66186656de44da18b7058aec099dbe782dd0b
-CVE-2017-7696
+CVE-2017-7696 (SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote at ...)
 	NOT-FOR-US: SAP
-CVE-2017-7695
+CVE-2017-7695 (Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an at ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-7694
+CVE-2017-7694 (Remote Code Execution vulnerability in symphony/content/content.bluepr ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2017-7693
+CVE-2017-7693 (Directory traversal vulnerability in viewer_script.jsp in Riverbed OPN ...)
 	NOT-FOR-US: Riverbed OPNET App Response Xpert (ARX)
-CVE-2017-7692
+CVE-2017-7692 (SquirrelMail 1.4.22 (and other versions before 20170427_0200-SVN) allo ...)
 	{DSA-3852-1 DLA-941-1}
 	- squirrelmail <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/19/6
 	NOTE: https://legalhackers.com/advisories/SquirrelMail-Exploit-Remote-Code-Exec-CVE-2017-7692-Vuln.html
-CVE-2017-7691
+CVE-2017-7691 (A code injection vulnerability exists in SAP TREX / Business Warehouse ...)
 	NOT-FOR-US: SAP TREX
-CVE-2017-7690
+CVE-2017-7690 (Proxifier for Mac before 2.19.2, when first run, allows local users to ...)
 	NOT-FOR-US: Proxifier for Mac
-CVE-2017-7689
+CVE-2017-7689 (A Command Injection vulnerability in Schneider Electric homeLYnk Contr ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-7688
+CVE-2017-7688 (Apache OpenMeetings 1.0.0 updates user password in insecure manner. ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7687
+CVE-2017-7687 (When handling a decoding failure for a malformed URL path of an HTTP r ...)
 	- apache-mesos <itp> (bug #760315)
-CVE-2017-7686
+CVE-2017-7686 (Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to up ...)
 	NOT-FOR-US: Apache Ignite
-CVE-2017-7685
+CVE-2017-7685 (Apache OpenMeetings 1.0.0 responds to the following insecure HTTP meth ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7684
+CVE-2017-7684 (Apache OpenMeetings 1.0.0 doesn't check contents of files being upload ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7683
+CVE-2017-7683 (Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error s ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7682
+CVE-2017-7682 (Apache OpenMeetings 3.2.0 is vulnerable to parameter manipulation atta ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7681
+CVE-2017-7681 (Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows  ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7680
+CVE-2017-7680 (Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml fil ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7679
+CVE-2017-7679 (In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime  ...)
 	{DSA-3896-1 DLA-1009-1}
 	- apache2 2.4.25-4
-CVE-2017-7678
+CVE-2017-7678 (In Apache Spark before 2.2.0, it is possible for an attacker to take a ...)
 	NOT-FOR-US: Apache Spark
-CVE-2017-7677
+CVE-2017-7677 (In environments that use external location for hive tables, Hive Autho ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2017-7676
+CVE-2017-7676 (Policy resource matcher in Apache Ranger before 0.7.1 ignores characte ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2017-7675
+CVE-2017-7675 (The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8 ...)
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.16-1
 	[stretch] - tomcat8 8.5.14-1+deb9u2
@@ -31302,7 +31302,7 @@ CVE-2017-7675
 	- tomcat6 <not-affected> (Only affects Tomcat 8.5.x and 9.x series; vulnerable code not present)
 	NOTE: Fixed by: http://svn.apache.org/r1796091 (8.5.x)
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61120
-CVE-2017-7674
+CVE-2017-7674 (The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.1 ...)
 	{DSA-3974-1 DLA-1400-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.16-1
@@ -31313,49 +31313,49 @@ CVE-2017-7674
 	NOTE: Fixed by: http://svn.apache.org/r1795815 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1795816 (7.0.x)
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61101
-CVE-2017-7673
+CVE-2017-7673 (Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage,  ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7672
+CVE-2017-7672 (If an application allows enter an URL in a form field and built-in URL ...)
 	- libstruts1.2-java <not-affected> (Vulnerable code not present)
 	NOTE: Issue is specific to Struts 2.x.
-CVE-2017-7671
+CVE-2017-7671 (There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2 ...)
 	{DSA-4128-1}
 	- trafficserver 7.1.2+ds-1
 	[wheezy] - trafficserver <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/apache/trafficserver/pull/1941
-CVE-2017-7670
+CVE-2017-7670 (The Traffic Router component of the incubating Apache Traffic Control  ...)
 	NOT-FOR-US: Apache Traffic Control
-CVE-2017-7669
+CVE-2017-7669 (In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxConta ...)
 	- hadoop <itp> (bug #793644)
-CVE-2017-7668
+CVE-2017-7668 (The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.2 ...)
 	{DSA-3896-1 DLA-1009-1}
 	- apache2 2.4.25-4
-CVE-2017-7667
+CVE-2017-7667 (Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the re ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2017-7666
+CVE-2017-7666 (Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery  ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7665
+CVE-2017-7665 (In Apache NiFi before 0.7.4 and 1.x before 1.3.0, there are certain us ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2017-7664
+CVE-2017-7664 (Uploaded XML documents were not correctly validated in Apache OpenMeet ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7663
+CVE-2017-7663 (Both global and Room chat are vulnerable to XSS attack in Apache OpenM ...)
 	NOT-FOR-US: Apache OpenMeetings
-CVE-2017-7662
+CVE-2017-7662 (Apache CXF Fediz ships with an OpenId Connect (OIDC) service which has ...)
 	NOT-FOR-US: Apache CXF
-CVE-2017-7661
+CVE-2017-7661 (Apache CXF Fediz ships with a number of container-specific plugins to  ...)
 	NOT-FOR-US: Apache CXF
-CVE-2017-7660
+CVE-2017-7660 (Apache Solr uses a PKI based mechanism to secure inter-node communicat ...)
 	- lucene-solr <not-affected> (Vulnerable code introduced later)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-10624
 	NOTE: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/2f5ecbcf
-CVE-2017-7659
+CVE-2017-7659 (A maliciously constructed HTTP/2 request could cause mod_http2 in Apac ...)
 	- apache2 2.4.25-4
 	[stretch] - apache2 2.4.25-3+deb9u1
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/19/5
-CVE-2017-7658
+CVE-2017-7658 (In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP ...)
 	{DSA-4278-1}
 	- jetty <removed>
 	[jessie] - jetty <ignored> (very hard to exploit, complex patch)
@@ -31365,7 +31365,7 @@ CVE-2017-7658
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669
 	NOTE: https://github.com/eclipse/jetty.project/commit/a285deea
 	NOTE: Exploit very unlikely, needs a very particular intermediary behaviour.
-CVE-2017-7657
+CVE-2017-7657 (In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations) ...)
 	{DSA-4278-1}
 	- jetty <removed>
 	[jessie] - jetty <ignored> (very hard to exploit, complex patch)
@@ -31374,7 +31374,7 @@ CVE-2017-7657
 	- jetty9 9.2.25-1 (low; bug #902953)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668
 	NOTE: https://github.com/eclipse/jetty.project/commit/a285deea
-CVE-2017-7656
+CVE-2017-7656 (In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations) ...)
 	{DSA-4278-1}
 	- jetty <removed>
 	[jessie] - jetty <ignored> (very hard to exploit, complex patch)
@@ -31385,267 +31385,267 @@ CVE-2017-7656
 	NOTE: https://github.com/eclipse/jetty.project/commit/a285deea
 CVE-2017-7655
 	RESERVED
-CVE-2017-7654
+CVE-2017-7654 (In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability w ...)
 	{DSA-4325-1 DLA-1525-1}
 	- mosquitto 1.5.4-1 (bug #911265)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=533493
 	NOTE: https://github.com/eclipse/mosquitto/commit/51ec5601c2ec523bf2973fdc1eca77335eafb8de
-CVE-2017-7653
+CVE-2017-7653 (The Eclipse Mosquitto broker up to version 1.4.15 does not reject stri ...)
 	{DSA-4325-1 DLA-1525-1}
 	- mosquitto 1.5.4-1 (bug #911266)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=532113
 	NOTE: https://github.com/eclipse/mosquitto/commit/729a09310a7a56fbe5933b70b4588049da1a42b4
-CVE-2017-7652
+CVE-2017-7652 (In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running wi ...)
 	{DSA-4325-1 DLA-1409-1 DLA-1334-1}
 	- mosquitto 1.4.15-1
 	NOTE: Patches: https://mosquitto.org/files/cve/2017-7652
 	NOTE: http://mosquitto.org/blog/2018/02/security-advisory-cve-2017-7651-cve-2017-7652/
-CVE-2017-7651
+CVE-2017-7651 (In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server  ...)
 	{DSA-4325-1 DLA-1409-1 DLA-1334-1}
 	- mosquitto 1.4.15-1
 	NOTE: Patches: https://mosquitto.org/files/cve/2017-7651
 	NOTE: http://mosquitto.org/blog/2018/02/security-advisory-cve-2017-7651-cve-2017-7652/
-CVE-2017-7650
+CVE-2017-7650 (In Mosquitto before 1.4.12, pattern based ACLs can be bypassed by clie ...)
 	{DSA-3865-1 DLA-961-1}
 	- mosquitto 1.4.10-3
 	NOTE: http://mosquitto.org/2017/05/security-advisory-cve-2017-7650/
 	NOTE: Patches: https://mosquitto.org/files/cve/2017-7650/
-CVE-2017-7649
+CVE-2017-7649 (The network enabled distribution of Kura before 2.1.0 takes control ov ...)
 	NOT-FOR-US: Kura
-CVE-2017-7648
+CVE-2017-7648 (Foscam networked devices use the same hardcoded SSL private key across ...)
 	NOT-FOR-US: Foscam
-CVE-2017-7647
+CVE-2017-7647 (SolarWinds Log &amp; Event Manager (LEM) before 6.3.1 Hotfix 4 allows  ...)
 	NOT-FOR-US: SolarWinds
-CVE-2017-7646
+CVE-2017-7646 (SolarWinds Log &amp; Event Manager (LEM) before 6.3.1 Hotfix 4 allows  ...)
 	NOT-FOR-US: SolarWinds
-CVE-2017-7645
+CVE-2017-7645 (The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel throu ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.25-1
 	NOTE: Fixed by: https://git.kernel.org/linus/e6838a29ecb484c97e4efef9429643b9851fba6e
-CVE-2017-7644
+CVE-2017-7644 (The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.1 ...)
 	NOT-FOR-US: Management Web Interface in Palo Alto Networks PAN-OS
-CVE-2017-7643
+CVE-2017-7643 (Proxifier for Mac before 2.19 allows local users to gain privileges vi ...)
 	NOT-FOR-US: Proxifier for Mac
-CVE-2017-7642
+CVE-2017-7642 (The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vag ...)
 	NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
-CVE-2017-7641
+CVE-2017-7641 (QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2 ...)
 	NOT-FOR-US: QNAP NAS application Media Streaming add-on
-CVE-2017-7640
+CVE-2017-7640 (QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2 ...)
 	NOT-FOR-US: QNAP NAS application Media Streaming add-on
-CVE-2017-7639
+CVE-2017-7639 (QNAP NAS application Proxy Server through version 1.2.0 does not authe ...)
 	NOT-FOR-US: QNAP
-CVE-2017-7638
+CVE-2017-7638 (QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2 ...)
 	NOT-FOR-US: QNAP NAS application Media Streaming add-on
-CVE-2017-7637
+CVE-2017-7637 (QNAP NAS application Proxy Server through version 1.2.0 allows remote  ...)
 	NOT-FOR-US: QNAP
-CVE-2017-7636
+CVE-2017-7636 (Cross-site scripting (XSS) vulnerability in QNAP NAS application Proxy ...)
 	NOT-FOR-US: QNAP
-CVE-2017-7635
+CVE-2017-7635 (QNAP NAS application Proxy Server through version 1.2.0 does not utili ...)
 	NOT-FOR-US: QNAP
-CVE-2017-7634
+CVE-2017-7634 (Cross-site scripting (XSS) vulnerability in QNAP NAS application Media ...)
 	NOT-FOR-US: QNAP NAS application Media Streaming add-on
-CVE-2017-7633
+CVE-2017-7633 (QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive informati ...)
 	NOT-FOR-US: QNAP
-CVE-2017-7632
+CVE-2017-7632 (Cross-site scripting (XSS) vulnerability in File Station of QNAP QTS 4 ...)
 	NOT-FOR-US: File Station of QNAP QTS
-CVE-2017-7631
+CVE-2017-7631 (Cross-site scripting (XSS) vulnerability in the share link function of ...)
 	NOT-FOR-US: File Station of QNAP
-CVE-2017-7630
+CVE-2017-7630 (QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier al ...)
 	NOT-FOR-US: QNAP
-CVE-2017-7629
+CVE-2017-7629 (QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password ...)
 	NOT-FOR-US: QNAP QTS
-CVE-2017-7628
+CVE-2017-7628 (The "Smart related articles" extension 1.1 for Joomla! has SQL injecti ...)
 	NOT-FOR-US: Joomla extension
-CVE-2017-7627
+CVE-2017-7627 (The "Smart related articles" extension 1.1 for Joomla! does not preven ...)
 	NOT-FOR-US: Joomla extension
-CVE-2017-7626
+CVE-2017-7626 (The "Smart related articles" extension 1.1 for Joomla! has XSS in dial ...)
 	NOT-FOR-US: Joomla extension
-CVE-2017-7625
+CVE-2017-7625 (In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2017-7624
+CVE-2017-7624 (The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7623
+CVE-2017-7623 (The iwmiffr_convert_row32 function in imagew-miff.c in libimageworsene ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7622
+CVE-2017-7622 (dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15. ...)
 	NOT-FOR-US: dde-daemon
-CVE-2017-7621
+CVE-2017-7621 (Cross Site Scripting Vulnerability in core-eMLi in AuroMeera Technomet ...)
 	NOT-FOR-US: core-eMLi
-CVE-2017-7620
+CVE-2017-7620 (MantisBT before 1.3.11, 2.x before 2.3.3, and 2.4.x before 2.4.1 omits ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://mantisbt.org/bugs/view.php?id=22909
 	NOTE: https://mantisbt.org/bugs/view.php?id=22702
-CVE-2017-7618
+CVE-2017-7618 (crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to  ...)
 	{DLA-922-1}
 	- linux 4.9.25-1
 	[jessie] - linux 3.16.43-1
 	NOTE: http://marc.info/?l=linux-crypto-vger&m=149181655623850&w=2
-CVE-2017-7616
+CVE-2017-7616 (Incorrect error handling in the set_mempolicy and mbind compat syscall ...)
 	{DLA-922-1}
 	- linux 4.9.25-1
 	[jessie] - linux 3.16.43-1
 	NOTE: Fixed by: https://git.kernel.org/linus/cf01fb9985e8deb25ccf0ea54d916b8871ae0e62 (4.11-rc6)
 	NOTE: https://grsecurity.net/the_infoleak_that_mostly_wasnt.php
-CVE-2017-7615
+CVE-2017-7615 (MantisBT through 2.3.0 allows arbitrary password reset and unauthentic ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/16/2
-CVE-2017-7614
+CVE-2017-7614 (elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
 	- binutils 2.28-4 (low; bug #859989)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/05/binutils-two-null-pointer-dereference-in-elflink-c/
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ad32986fdf9da1c8748e47b8b45100398223dba8
-CVE-2017-7613
+CVE-2017-7613 (elflint.c in elfutils 0.168 does not validate the number of sections a ...)
 	{DLA-1689-1}
 	- elfutils 0.168-1 (bug #859990)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21312
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-xcalloc-xmalloc-c/
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=4314716cd498bb51639db717bd7ce6182de33322
-CVE-2017-7612
+CVE-2017-7612 (The check_sysv_hash function in elflint.c in elfutils 0.168 allows rem ...)
 	{DLA-1689-1}
 	- elfutils 0.168-1 (bug #859991)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21311
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_sysv_hash-elflint-c/
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=61fe61898747f63eb35a81c2261f3590a3dab8fd
-CVE-2017-7611
+CVE-2017-7611 (The check_symtab_shndx function in elflint.c in elfutils 0.168 allows  ...)
 	{DLA-1689-1}
 	- elfutils 0.168-1 (bug #859992)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21310
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_symtab_shndx-elflint-c/
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=9a0d9d314a6342b56e3277bd7ad7ecb6e73a7d38
-CVE-2017-7610
+CVE-2017-7610 (The check_group function in elflint.c in elfutils 0.168 allows remote  ...)
 	{DLA-1689-1}
 	- elfutils 0.168-1 (bug #859993)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21320
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_group-elflint-c/
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=fb6709f1a41b58a9557ea45b7f53ae678c660b21
-CVE-2017-7609
+CVE-2017-7609 (elf_compress.c in elfutils 0.168 does not validate the zlib compressio ...)
 	- elfutils 0.168-1 (bug #859994)
 	[jessie] - elfutils <not-affected> (Vulnerable code not present)
 	[wheezy] - elfutils <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21301
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-__libelf_decompress-elf_compress-c/
-CVE-2017-7608
+CVE-2017-7608 (The ebl_object_note_type_name function in eblobjnotetypename.c in elfu ...)
 	{DLA-1689-1}
 	- elfutils 0.168-1 (bug #859995)
 	[wheezy] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21300
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-ebl_object_note_type_name-eblobjnotetypename-c/
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=b0b58c5e0b34e54194aa042f2310af58ee7de603
-CVE-2017-7607
+CVE-2017-7607 (The handle_gnu_hash function in readelf.c in elfutils 0.168 allows rem ...)
 	- elfutils 0.168-1 (bug #859996)
 	[jessie] - elfutils <no-dsa> (Minor issue)
 	[wheezy] - elfutils <not-affected> (vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21299
 	NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-handle_gnu_hash-readelf-c/
-CVE-2017-7605
+CVE-2017-7605 (aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion  ...)
 	NOT-FOR-US: libaacplus
-CVE-2017-7604
+CVE-2017-7604 (au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a left-shift  ...)
 	NOT-FOR-US: libaacplus
-CVE-2017-7603
+CVE-2017-7603 (au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a signed inte ...)
 	NOT-FOR-US: libaacplus
-CVE-2017-7602
+CVE-2017-7602 (LibTIFF 4.0.7 has a signed integer overflow, which might allow remote  ...)
 	{DSA-3844-1 DLA-911-1}
 	- tiff 4.0.7-6
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/vadz/libtiff/commit/66e7bd59520996740e4df5495a830b42fae48bc4
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
-CVE-2017-7601
+CVE-2017-7601 (LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" un ...)
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/0a76a8c765c7b8327c59646284fa78c3c27e5490
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
-CVE-2017-7600
+CVE-2017-7600 (LibTIFF 4.0.7 has an "outside the range of representable values of typ ...)
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
-CVE-2017-7599
+CVE-2017-7599 (LibTIFF 4.0.7 has an "outside the range of representable values of typ ...)
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
-CVE-2017-7598
+CVE-2017-7598 (tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a ...)
 	{DSA-3844-1 DLA-911-1}
 	- tiff 4.0.7-6 (low)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/vadz/libtiff/commit/3cfd62d77c2a7e147a05bd678524c345fa9c2bb8
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
-CVE-2017-7597
+CVE-2017-7597 (tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representa ...)
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6
 	- tiff3 <removed>
 	NOTE: https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
-CVE-2017-7596
+CVE-2017-7596 (LibTIFF 4.0.7 has an "outside the range of representable values of typ ...)
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6
 	- tiff3 <removed>
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
 	NOTE: https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
-CVE-2017-7595
+CVE-2017-7595 (The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows re ...)
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6 (low; bug #860003)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2653
 	NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-divide-by-zero-in-jpegsetupencode-tiff_jpeg-c
 	NOTE: https://github.com/vadz/libtiff/commit/47f2fb61a3a64667bce1a8398a8fcb1b348ff122
-CVE-2017-7594
+CVE-2017-7594 (The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in Lib ...)
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6 (low; bug #860001)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2659
 	NOTE: https://github.com/vadz/libtiff/commit/2ea32f7372b65c24b2816f11c04bf59b5090d05b
 	NOTE: https://github.com/vadz/libtiff/commit/8283e4d1b7e53340684d12932880cbcbaf23a8c1
-CVE-2017-7593
+CVE-2017-7593 (tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is proper ...)
 	{DSA-3844-1 DLA-912-1 DLA-911-1}
 	- tiff 4.0.7-6 (bug #860000)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2651
 	NOTE: https://github.com/vadz/libtiff/commit/d60332057b9575ada4f264489582b13e30137be1
-CVE-2017-7592
+CVE-2017-7592 (The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a lef ...)
 	{DSA-3844-1 DLA-911-1}
 	- tiff 4.0.7-6 (bug #859998)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <not-affected> (vulnerable code not present)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2658
 	NOTE: https://github.com/vadz/libtiff/commit/48780b4fcc425cddc4ef8ffdf536f96a0d1b313b
-CVE-2017-7617
+CVE-2017-7617 (Remote code execution can occur in Asterisk Open Source 13.x before 13 ...)
 	- asterisk 1:13.14.1~dfsg-1 (bug #859910)
 	[jessie] - asterisk <not-affected> (Vulnerable code not present)
 	[wheezy] - asterisk <not-affected> (Vulnerable code not present)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-001.html
-CVE-2017-7619
+CVE-2017-7619 (In ImageMagick 7.0.4-9, an infinite loop can occur because of a floati ...)
 	{DSA-3863-1 DLA-902-1}
 	- imagemagick 8:6.9.7.4+dfsg-4 (bug #859769)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31506
 	NOTE: Fixed by: http://git.imagemagick.org/repos/ImageMagick/commit/63757068c803f692bd70304b06ce3406e0b67c7f
-CVE-2017-7606
+CVE-2017-7606 (coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of repre ...)
 	{DSA-3863-1 DLA-902-1}
 	- imagemagick 8:6.9.7.4+dfsg-4 (bug #859771)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/415
 	NOTE: https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/
-CVE-2017-7591
+CVE-2017-7591 (OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site  ...)
 	NOT-FOR-US: ForgeRock OpenIDM
-CVE-2017-7590
+CVE-2017-7590 (OpenIDM through 4.0.0 and 4.5.0 is vulnerable to persistent cross-site ...)
 	NOT-FOR-US: ForgeRock OpenIDM
-CVE-2017-7589
+CVE-2017-7589 (In OpenIDM through 4.0.0 before 4.5.0, the info endpoint may leak sens ...)
 	NOT-FOR-US: ForgeRock OpenIDM
-CVE-2017-7588
+CVE-2017-7588 (On certain Brother devices, authorization is mishandled by including a ...)
 	NOT-FOR-US: Brother devices
 CVE-2017-7587
 	RESERVED
-CVE-2017-7586
+CVE-2017-7586 (In libsndfile before 1.0.28, an error in the "header_read()" function  ...)
 	{DLA-928-1}
 	- libsndfile 1.0.27-2
 	[jessie] - libsndfile <no-dsa> (Minor issue)
@@ -31653,7 +31653,7 @@ CVE-2017-7586
 	NOTE: https://github.com/erikd/libsndfile/commit/f457b7b5ecfe91697ed01cfc825772c4d8de1236
 	NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
 	NOTE: https://sources.debian.org/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
-CVE-2017-7585
+CVE-2017-7585 (In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" func ...)
 	{DLA-928-1}
 	- libsndfile 1.0.27-2
 	[jessie] - libsndfile <no-dsa> (Minor issue)
@@ -31661,64 +31661,64 @@ CVE-2017-7585
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-4/
 	NOTE: 1.0.27-2 in unstable contain fix_bufferoverflows.patch meant to address this issue
 	NOTE: https://sources.debian.org/data/main/libs/libsndfile/1.0.27-2/debian/patches/fix_bufferoverflows.patch
-CVE-2017-7584
+CVE-2017-7584 (Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows ...)
 	NOT-FOR-US: Foxit PDF Toolkit
-CVE-2017-7583
+CVE-2017-7583 (ILIAS before 5.2.3 has XSS via SVG documents. ...)
 	NOT-FOR-US: ILIAS
 CVE-2017-7582
 	RESERVED
-CVE-2017-7581
+CVE-2017-7581 (SQL injection vulnerability in NewsController.php in the News module 5 ...)
 	NOT-FOR-US: News module for TYPO3
 CVE-2017-7580
 	RESERVED
-CVE-2017-7579
+CVE-2017-7579 (inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2017-7577
+CVE-2017-7577 (XiongMai uc-httpd has directory traversal allowing the reading of arbi ...)
 	NOT-FOR-US: XiongMai uc-httpd
-CVE-2017-7576
+CVE-2017-7576 (DragonWave Horizon 1.01.03 wireless radios have hardcoded login creden ...)
 	NOT-FOR-US: DragonWave Horizon
-CVE-2017-7575
+CVE-2017-7575 (Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote att ...)
 	NOT-FOR-US: Schneider
-CVE-2017-7574
+CVE-2017-7574 (Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modi ...)
 	NOT-FOR-US: Schneider
 CVE-2017-7573
 	RESERVED
-CVE-2017-7572
+CVE-2017-7572 (The _checkPolkitPrivilege function in serviceHelper.py in Back In Time ...)
 	- backintime 1.1.12-2 (bug #859815)
 	[jessie] - backintime <no-dsa> (Minor issue)
 	[wheezy] - backintime <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/07/2
 	NOTE: https://github.com/bit-team/backintime/commit/7f208dc547f569b689c888103e3b593a48cd1869
-CVE-2017-7571
+CVE-2017-7571 (public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtai ...)
 	NOT-FOR-US: Faveo
-CVE-2017-7570
+CVE-2017-7570 (PivotX 2.3.11 allows remote authenticated Advanced users to execute ar ...)
 	NOT-FOR-US: PivotX
-CVE-2017-7569
+CVE-2017-7569 (In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-64 ...)
 	NOT-FOR-US: vBulletin
-CVE-2017-7568
+CVE-2017-7568 (NetApp OnCommand Unified Manager for 7-Mode (core package) versions pr ...)
 	NOT-FOR-US: NetApp
 CVE-2017-7567
 	RESERVED
-CVE-2017-7566
+CVE-2017-7566 (MyBB before 1.8.11 allows remote attackers to bypass an SSRF protectio ...)
 	NOT-FOR-US: MyBB
-CVE-2017-7565
+CVE-2017-7565 (Splunk Hadoop Connect App has a path traversal vulnerability that allo ...)
 	NOT-FOR-US: Splunk Hadoop Connect App
-CVE-2017-7564
+CVE-2017-7564 (In ARM Trusted Firmware through 1.3, the secure self-hosted invasive d ...)
 	NOT-FOR-US: ARM
-CVE-2017-7563
+CVE-2017-7563 (In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 ...)
 	NOT-FOR-US: ARM
-CVE-2017-7578
+CVE-2017-7578 (Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allo ...)
 	{DLA-890-1}
 	- ming <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/07/1
 	NOTE: https://github.com/libming/libming/issues/68
-CVE-2017-7562
+CVE-2017-7562 (An authentication bypass flaw was found in the way krb5's certauth int ...)
 	- krb5 <not-affected> (Vulnerable code introduced later, cf. #873281)
 	NOTE: https://github.com/krb5/krb5/pull/694
 	NOTE: https://github.com/krb5/krb5/pull/694/commits/50fe4074f188c2d4da0c421e96553acea8378db2
 	NOTE: https://github.com/krb5/krb5/pull/694/commits/1de6ca2f2eb1fdbab51f1549a25a6903aefcc196
 	NOTE: https://github.com/krb5/krb5/pull/694/commits/b7af544e50a4d8291524f590e20dd44430bf627d
-CVE-2017-7561
+CVE-2017-7561 (Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerab ...)
 	- resteasy 3.6.2-1 (bug #873392)
 	[jessie] - resteasy <not-affected> (CORS Filter added in 3.0.7.Final)
 	- resteasy3.0 3.0.26-1 (bug #908836)
@@ -31726,11 +31726,11 @@ CVE-2017-7561
 	NOTE: https://issues.jboss.org/projects/RESTEASY/issues/RESTEASY-1704
 	NOTE: Fixed by: https://github.com/resteasy/Resteasy/commit/517db971d8f7094124416bf72091fd0b45a13028
 	NOTE: Fixed in 4.0.0.Beta1, 3.0.25.Final, 3.5.0.CR1
-CVE-2017-7560
+CVE-2017-7560 (It was found that rhnsd PID files are created as world-writable that a ...)
 	- rhnsd <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1480550
 	NOTE: Introduced by: https://github.com/spacewalkproject/spacewalk/commit/75d9c00b96ab430221c5c7668baebebc74ddd67e
-CVE-2017-7559
+CVE-2017-7559 (In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1. ...)
 	- undertow 1.4.23-1 (bug #885576)
 	NOTE: CVE is for an incomplete fix of CVE-2017-2666
 	NOTE: Invalid characters were still allowed in the query string and path parameters.
@@ -31738,41 +31738,41 @@ CVE-2017-7559
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1295
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1481665#c7
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/3436b03eda8b0b62c1855698c4d7c358add836c2
-CVE-2017-7558
+CVE-2017-7558 (A kernel data leak due to an out-of-bound read was found in the Linux  ...)
 	- linux 4.12.13-1
 	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code introduced later 4.7 and not backported)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later 4.7 and not backported)
-CVE-2017-7557
+CVE-2017-7557 (dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechan ...)
 	- dnsdist 1.2.0-1 (low; bug #872854)
 	[stretch] - dnsdist 1.1.0-2+deb9u1
 	NOTE: https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2017-02.html
 	NOTE: https://downloads.powerdns.com/patches/2017-02
-CVE-2017-7556
+CVE-2017-7556 (Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulne ...)
 	NOT-FOR-US: hawtio
-CVE-2017-7555
+CVE-2017-7555 (Augeas versions up to and including 1.8.0 are vulnerable to heap-based ...)
 	{DSA-3949-1 DLA-1067-1}
 	- augeas 1.8.1-1 (bug #872400)
 	NOTE: https://github.com/hercules-team/augeas/pull/480
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1478373
-CVE-2017-7554
+CVE-2017-7554 (It was found that the App Studio component of RHMAP 4.4 executes javas ...)
 	NOT-FOR-US: Red Hat Mobile Application Platform
-CVE-2017-7553
+CVE-2017-7553 (The external_request api call in App Studio (millicore) allows server  ...)
 	NOT-FOR-US: Red Hat Mobile Application Platform
-CVE-2017-7552
+CVE-2017-7552 (A flaw was discovered in the file editor of millicore, affecting versi ...)
 	NOT-FOR-US: Red Hat Mobile Application Platform
-CVE-2017-7551
+CVE-2017-7551 (389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to pass ...)
 	- 389-ds-base 1.3.6.7-1 (bug #870752)
 	[jessie] - 389-ds-base <not-affected> (vulnerable code not present)
 	NOTE: https://pagure.io/389-ds-base/issue/49336
-CVE-2017-7550
+CVE-2017-7550 (A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x bef ...)
 	- ansible 2.4.2.0+dfsg-1 (unimportant)
 	NOTE: https://github.com/ansible/ansible/issues/30874
 	NOTE: https://github.com/ansible/ansible/pull/30875
 	NOTE: Just an insecure example
-CVE-2017-7549
+CVE-2017-7549 (A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat Op ...)
 	NOT-FOR-US: instack-undercloud
-CVE-2017-7548
+CVE-2017-7548 (PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to a ...)
 	{DSA-3936-1 DSA-3935-1}
 	- postgresql-9.6 9.6.4-1
 	- postgresql-9.4 <removed>
@@ -31782,7 +31782,7 @@ CVE-2017-7548
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	NOTE: https://www.postgresql.org/about/news/1772/
-CVE-2017-7547
+CVE-2017-7547 (PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are ...)
 	{DSA-3936-1 DSA-3935-1 DLA-1051-1}
 	- postgresql-9.6 9.6.4-1
 	- postgresql-9.4 <removed>
@@ -31791,7 +31791,7 @@ CVE-2017-7547
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	NOTE: https://www.postgresql.org/about/news/1772/
-CVE-2017-7546
+CVE-2017-7546 (PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are ...)
 	{DSA-3936-1 DSA-3935-1 DLA-1051-1}
 	- postgresql-9.6 9.6.4-1
 	- postgresql-9.4 <removed>
@@ -31800,74 +31800,74 @@ CVE-2017-7546
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 	NOTE: https://www.postgresql.org/about/news/1772/
-CVE-2017-7545
+CVE-2017-7545 (It was discovered that the XmlUtils class in jbpmmigration 6.5 perform ...)
 	NOT-FOR-US: jbpm-designer / jBPM
-CVE-2017-7544
+CVE-2017-7544 (libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulner ...)
 	- libexif 0.6.21-2.1 (bug #876466)
 	[stretch] - libexif <no-dsa> (Minor issue)
 	[jessie] - libexif <no-dsa> (Minor issue)
 	[wheezy] - libexif <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/libexif/bugs/130/
-CVE-2017-7543
+CVE-2017-7543 (A race-condition flaw was discovered in openstack-neutron before 7.2.0 ...)
 	- neutron <not-affected> (Specific to Red Hat packaging)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473792
-CVE-2017-7542
+CVE-2017-7542 (The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linu ...)
 	{DSA-3945-1 DSA-3927-1 DLA-1099-1}
 	- linux 4.12.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/6399f1fae4ec29fab5ec76070435555e256ca3a6
-CVE-2017-7541
+CVE-2017-7541 (The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/b ...)
 	{DSA-3945-1 DSA-3927-1}
 	- linux 4.12.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/8f44c9a41386729fea410e688959ddaa9d51be7c
-CVE-2017-7540
+CVE-2017-7540 (rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are v ...)
 	NOT-FOR-US: Safemode ruby gem
-CVE-2017-7539
+CVE-2017-7539 (An assertion-failure flaw was found in Qemu before 2.10.1, in the Netw ...)
 	- qemu <not-affected> (Vulnerable code introduced in v2.9.0-rc0)
 	- qemu-kvm <not-affected> (Vulnerable code introduced in v2.9.0-rc0)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=2b0bbc4f8809c972bad134bc1a2570dbb01dea0b
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ff82911cd3f69f028f2537825c9720ff78bc3f19
-CVE-2017-7538
+CVE-2017-7538 (A cross-site scripting (XSS) flaw was found in how an organization nam ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2017-7537
+CVE-2017-7537 (It was found that a mock CMC authentication plugin with a hardcoded se ...)
 	- dogtag-pki 10.3.5+12-5 (bug #869261)
 	NOTE: https://github.com/dogtagpki/pki/commit/876d13c6d20e7e1235b9
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470817
-CVE-2017-7536
+CVE-2017-7536 (In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it  ...)
 	- libhibernate-validator-java 4.3.3-4 (bug #885577)
 	[stretch] - libhibernate-validator-java 4.3.3-1+deb9u1
 	[jessie] - libhibernate-validator-java <not-affected> (Vulnerable code introduced in 4.3)
 	[wheezy] - libhibernate-validator-java <not-affected> (Vulnerable code introduced in 4.3)
 	NOTE: https://github.com/hibernate/hibernate-validator/commit/0ed45f37c4680998167179e631113a2c9cb5d113
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465573
-CVE-2017-7535
+CVE-2017-7535 (foreman before version 1.16.0 is vulnerable to a stored XSS in organiz ...)
 	- foreman <itp> (bug #663101)
-CVE-2017-7534
+CVE-2017-7534 (OpenShift Enterprise version 3.x is vulnerable to a stored XSS via the ...)
 	NOT-FOR-US: OpenShift
-CVE-2017-7533
+CVE-2017-7533 (Race condition in the fsnotify implementation in the Linux kernel thro ...)
 	{DSA-3945-1 DSA-3927-1}
 	- linux 4.12.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/08/03/2
 	NOTE: Fixed by: https://git.kernel.org/linus/49d31c2f389acfe83417083e1208422b4091cd9 (v4.13-rc1)
-CVE-2017-7532
+CVE-2017-7532 (In Moodle 3.x, course creators are able to change system default setti ...)
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=355556
-CVE-2017-7531
+CVE-2017-7531 (In Moodle 3.3, the course overview block reveals activities in hidden  ...)
 	- moodle <not-affected> (Only affects 3.3)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=355555
-CVE-2017-7530
+CVE-2017-7530 (In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5 ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2017-7529
+CVE-2017-7529 (Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable t ...)
 	{DSA-3908-1 DLA-1024-1}
 	- nginx 1.13.3-1 (bug #868109)
 	NOTE: http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html
 	NOTE: Fixed in 1.13.3, 1.12.1.
-CVE-2017-7528
+CVE-2017-7528 (Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 i ...)
 	NOT-FOR-US: Ansible Tower
 CVE-2017-7527
 	RESERVED
-CVE-2017-7526
+CVE-2017-7526 (libgcrypt before version 1.7.8 is vulnerable to a cache side-channel a ...)
 	{DSA-3960-1 DSA-3901-1 DLA-1080-1 DLA-1015-1}
 	- libgcrypt20 1.7.8-1
 	- libgcrypt11 <removed>
@@ -31888,16 +31888,16 @@ CVE-2017-7526
 	NOTE: For GnuPG: https://lists.gnupg.org/pipermail/gnupg-users/2017-July/058598.html
 	NOTE: GnuPG: https://dev.gnupg.org/rC8725c99ffa41778f382ca97233183bcd687bb0ce
 	NOTE: GnuPG1: https://dev.gnupg.org/D438
-CVE-2017-7525
+CVE-2017-7525 (A deserialization flaw was discovered in the jackson-databind, version ...)
 	{DSA-4004-1}
 	- jackson-databind 2.9.1-1 (bug #870848)
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/1599
-CVE-2017-7524
+CVE-2017-7524 (tpm2-tools versions before 1.1.1 are vulnerable to a password leak due ...)
 	- tpm2-tools 2.1.0-1 (bug #866257)
 	NOTE: https://github.com/01org/tpm2.0-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157
-CVE-2017-7523
+CVE-2017-7523 (Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buff ...)
 	NOT-FOR-US: Cygwin
-CVE-2017-7522
+CVE-2017-7522 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to deni ...)
 	- openvpn 2.4.3-1 (unimportant)
 	[jessie] - openvpn <not-affected> (x509-track implemented in 2.4.0)
 	[wheezy] - openvpn <not-affected> (x509-track implemented in 2.4.0)
@@ -31906,7 +31906,7 @@ CVE-2017-7522
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
 	NOTE: In Debian openvpn is compiled against OpenSSL, thus even affected
 	NOTE: code present.
-CVE-2017-7521
+CVE-2017-7521 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remo ...)
 	{DSA-3900-1}
 	- openvpn 2.4.3-1 (bug #865480)
 	[wheezy] - openvpn <not-affected> (Vulnerable code not present)
@@ -31918,7 +31918,7 @@ CVE-2017-7521
 	NOTE: Fixed by (2.3.x): https://github.com/OpenVPN/openvpn/commit/1dde0cd6e5e6a0f2f45ec9969b7ff1b6537514ad
 	NOTE: https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
-CVE-2017-7520
+CVE-2017-7520 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to deni ...)
 	{DSA-3900-1 DLA-999-1}
 	- openvpn 2.4.3-1 (bug #865480)
 	NOTE: Fixed by (master): https://github.com/OpenVPN/openvpn/commit/7718c8984f04b507c1885f363970e2124e3c6c77
@@ -31926,12 +31926,12 @@ CVE-2017-7520
 	NOTE: Fixed by (2.3.x): https://github.com/OpenVPN/openvpn/commit/f38a4a105979b87ebebe9be1c3d323116d3fb924
 	NOTE: https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
-CVE-2017-7519
+CVE-2017-7519 (In Ceph, a format string flaw was found in the way libradosstriper par ...)
 	{DSA-4339-1}
 	- ceph 12.2.8+dfsg1-1 (bug #864535)
 	[jessie] - ceph <not-affected> (Vulnerable code not present)
 	NOTE: http://tracker.ceph.com/issues/20240
-CVE-2017-7518
+CVE-2017-7518 (A flaw was found in the Linux kernel before version 4.12 in the way th ...)
 	{DSA-3981-1}
 	- linux 4.11.11-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -31944,18 +31944,18 @@ CVE-2017-7517
 	NOT-FOR-US: OpenShift
 CVE-2017-7516
 	REJECTED
-CVE-2017-7515
+CVE-2017-7515 (poppler through version 0.55.0 is vulnerable to an uncontrolled recurs ...)
 	- poppler 0.57.0-2 (unimportant)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101208
 	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=771c82623e8e1e0c92b8ca6f7c2b8a81ccbb60d3
 	NOTE: Crash in CLI tool, no security implications
-CVE-2017-7514
+CVE-2017-7514 (A cross-site scripting (XSS) flaw was found in how the failed action e ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2017-7513
+CVE-2017-7513 (It was found that Satellite 5 configured with SSL/TLS for the PostgreS ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2017-7512
+CVE-2017-7512 (Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2. ...)
 	NOT-FOR-US: Red Hat 3scale
-CVE-2017-7511
+CVE-2017-7511 (poppler since version 0.17.3 has been vulnerable to NULL pointer deref ...)
 	- poppler 0.57.0-2 (unimportant; bug #863759)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101149
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101153
@@ -31964,9 +31964,9 @@ CVE-2017-7511
 CVE-2017-7510
 	RESERVED
 	NOT-FOR-US: ovirt-engine
-CVE-2017-7509
+CVE-2017-7509 (An input validation error was found in Red Hat Certificate System's ha ...)
 	NOT-FOR-US: Red Hat Certificate System
-CVE-2017-7508
+CVE-2017-7508 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remo ...)
 	{DSA-3900-1}
 	- openvpn 2.4.3-1 (bug #865480)
 	[wheezy] - openvpn <not-affected> (Vulnerable code not present)
@@ -31975,7 +31975,7 @@ CVE-2017-7508
 	NOTE: Fixed by (master): https://github.com/OpenVPN/openvpn/commit/c3f47077a7756de5929094569421a95aa66f2022
 	NOTE: Fixed by (2.4.x): https://github.com/OpenVPN/openvpn/commit/ed28cde3d8bf3f1459b2f42f0e27d64801009f92
 	NOTE: Fixed by (2.3.x): https://github.com/OpenVPN/openvpn/commit/fc61d1bda112ffc669dbde961fab19f60b3c7439
-CVE-2017-7507
+CVE-2017-7507 (GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dere ...)
 	{DSA-3884-1}
 	[experimental] - gnutls28 3.5.13-1
 	- gnutls28 3.5.8-6 (bug #864560)
@@ -31985,26 +31985,26 @@ CVE-2017-7507
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/4c4d35264fada08b6536425c051fb8e0b05ee86b
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/3efb6c5fd0e3822ec11879d5bcbea0e8d322cd03
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/e1d6c59a7b0392fb3b8b75035614084a53e2c8c9
-CVE-2017-7506
+CVE-2017-7506 (spice versions though 0.13 are vulnerable to out-of-bounds memory acce ...)
 	{DSA-3907-1}
 	- spice 0.12.8-2.2 (bug #868083)
 	[wheezy] - spice <not-affected> (Vulnerable code not introduced later)
-CVE-2017-7505
+CVE-2017-7505 (Foreman since version 1.5 is vulnerable to an incorrect authorization  ...)
 	- foreman <itp> (bug #663101)
-CVE-2017-7504
+CVE-2017-7504 (HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the Jbos ...)
 	NOT-FOR-US: Red Hat JBoss
-CVE-2017-7503
+CVE-2017-7503 (It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax. ...)
 	NOT-FOR-US: Red Hat JBoss EAP implementation of javax.xml.transform.TransformerFactory
-CVE-2017-7502
+CVE-2017-7502 (Null pointer dereference vulnerability in NSS since 3.24.0 was found w ...)
 	{DSA-3872-1 DLA-971-1}
 	[experimental] - nss 2:3.29-1
 	- nss 2:3.26.2-1.1 (bug #863839)
 	NOTE: https://hg.mozilla.org/projects/nss/rev/55ea60effd0d
-CVE-2017-7501
+CVE-2017-7501 (It was found that versions of rpm before 4.13.0.2 use temporary files  ...)
 	- rpm <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1452133
 	NOTE: Not supported for installations in Debian (and an unprivileged attacker would not have permissions for systems directories anyway)
-CVE-2017-7500
+CVE-2017-7500 (It was found that rpm did not properly handle RPM installations when a ...)
 	- rpm <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1450369
 	NOTE: Not supported for installations in Debian (and an unprivileged attacker would not have permissions for systems directories anyway)
@@ -32012,20 +32012,20 @@ CVE-2017-7499
 	REJECTED
 CVE-2017-7498
 	REJECTED
-CVE-2017-7497
+CVE-2017-7497 (The dialog for creating cloud volumes (cinder provider) in CloudForms  ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2017-7496
+CVE-2017-7496 (fedora-arm-installer up to and including 1.99.16 is vulnerable to loca ...)
 	NOT-FOR-US: fedora-arm-installer
-CVE-2017-7495
+CVE-2017-7495 (fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=order ...)
 	- linux 4.6.2-1
 	[jessie] - linux 3.16.39-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/06bd3c36a733ac27962fea7d6f47168841376824
-CVE-2017-7494
+CVE-2017-7494 (Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulne ...)
 	{DSA-3860-1 DLA-951-1}
 	- samba 2:4.5.8+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2017-7494.html
-CVE-2017-7493
+CVE-2017-7493 (Quick Emulator (Qemu) built with the VirtFS, host directory sharing vi ...)
 	{DLA-1497-1 DLA-1035-1 DLA-965-1}
 	- qemu 1:2.8+dfsg-6
 	- qemu-kvm <removed>
@@ -32033,22 +32033,22 @@ CVE-2017-7493
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg03663.html
 CVE-2017-7492
 	REJECTED
-CVE-2017-7491
+CVE-2017-7491 (In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers ...)
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=352355
-CVE-2017-7490
+CVE-2017-7490 (In Moodle 2.x and 3.x, searching of arbitrary blogs is possible becaus ...)
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=352354
-CVE-2017-7489
+CVE-2017-7489 (In Moodle 2.x and 3.x, remote authenticated users can take ownership o ...)
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=352353
-CVE-2017-7488
+CVE-2017-7488 (Authconfig version 6.2.8 is vulnerable to an Information exposure whil ...)
 	NOT-FOR-US: authconfig in Red Hat
-CVE-2017-7487
+CVE-2017-7487 (The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel thro ...)
 	{DSA-3886-1 DLA-993-1}
 	- linux 4.9.30-1
 	NOTE: Fixed by: https://git.kernel.org/linus/ee0d8d8482345ff97a75a7d747efc309f13b0d80
-CVE-2017-7486
+CVE-2017-7486 (PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg ...)
 	{DSA-3851-1 DLA-1051-1}
 	- postgresql-9.6 9.6.3-1
 	- postgresql-9.4 <removed>
@@ -32056,14 +32056,14 @@ CVE-2017-7486
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
 	- postgresql-8.4 <not-affected> (feature not present in 8.x)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=c928addfccd7f9905472dddd94e9cd10bc3f6808
-CVE-2017-7485
+CVE-2017-7485 (In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9 ...)
 	{DSA-3851-1}
 	- postgresql-9.6 9.6.3-1
 	- postgresql-9.4 <removed>
 	- postgresql-9.1 <not-affected> (bug introduced in 9.3)
 	- postgresql-8.4 <not-affected> (bug introduced in 9.3)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=aafbd1df969135c185947c596c46608fc9f4a67c
-CVE-2017-7484
+CVE-2017-7484 (It was found that some selectivity estimation functions in PostgreSQL  ...)
 	{DSA-3851-1}
 	- postgresql-9.6 9.6.3-1
 	- postgresql-9.4 <removed>
@@ -32075,30 +32075,30 @@ CVE-2017-7484
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=c33c42362256382ed398df9dcda559cd547c68a7
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cad15943225adbcadea51602b38b04d71d1183d2
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=935e77d527a018b652f247c7374c558871210db6
-CVE-2017-7483
+CVE-2017-7483 (Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the ...)
 	- rxvt 1:2.7.10-7.1 (low; bug #861694)
 	[stretch] - rxvt <no-dsa> (Minor issue)
 	[jessie] - rxvt <no-dsa> (Minor issue)
 	[wheezy] - rxvt <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/01/15
-CVE-2017-7482
+CVE-2017-7482 (In the Linux kernel before version 4.12, Kerberos 5 tickets decoded wh ...)
 	{DSA-3945-1 DSA-3927-1 DLA-1099-1}
 	- linux 4.11.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/5f2f97656ada8d811d3c1bef503ced266fcd53a0
-CVE-2017-7481
+CVE-2017-7481 (Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark loo ...)
 	- ansible 2.3.1.0+dfsg-1 (bug #862666)
 	[stretch] - ansible <no-dsa> (Minor issue)
 	[jessie] - ansible <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1450018
 	NOTE: Fixed by: https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2
-CVE-2017-7480
+CVE-2017-7480 (rkhunter versions before 1.4.4 are vulnerable to file download over in ...)
 	{DLA-1039-1}
 	- rkhunter 1.4.4-1 (bug #866677)
 	[stretch] - rkhunter 1.4.2-6+deb9u1
 	[jessie] - rkhunter 1.4.2-0.4+deb8u1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/29/2
 	NOTE: http://rkhunter.cvs.sourceforge.net/viewvc/rkhunter/rkhunter/files/rkhunter?r1=1.549&r2=1.550&view=patch
-CVE-2017-7479
+CVE-2017-7479 (OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reac ...)
 	{DLA-944-1}
 	- openvpn 2.4.0-5 (low)
 	[jessie] - openvpn 2.3.4-5+deb8u2
@@ -32107,7 +32107,7 @@ CVE-2017-7479
 	NOTE: https://github.com/OpenVPN/openvpn/commit/b727643cdf4e078f132a90e1c474a879a5760578 (2.3.x)
 	NOTE: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14643.html (3 patches for 2.2.x)
 	NOTE: https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits
-CVE-2017-7478
+CVE-2017-7478 (OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Deni ...)
 	- openvpn 2.4.0-5
 	[jessie] - openvpn <not-affected> (Vulnerable code introduced later)
 	[wheezy] - openvpn <not-affected> (Vulnerable code introduced later)
@@ -32117,18 +32117,18 @@ CVE-2017-7478
 	NOTE: Introduced in: https://github.com/OpenVPN/openvpn/commit/3c1b19e04745177185decd14da82c71458442b82 (2.4.0)
 	NOTE: Introduced in (backported to 2.3.12): https://github.com/OpenVPN/openvpn/commit/358f513c008bf01fadb82759ac75ffb8613fc785
 	NOTE: https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits
-CVE-2017-7477
+CVE-2017-7477 (Heap-based buffer overflow in drivers/net/macsec.c in the MACsec modul ...)
 	- linux 4.9.25-1
 	[jessie] - linux <not-affected> (Introduced in 4.6)
 	[wheezy] - linux <not-affected> (Introduced in 4.6)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/25/4
 	NOTE: Fixed by: https://git.kernel.org/linus/4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee
 	NOTE: Fixed by: https://git.kernel.org/linus/5294b83086cc1c35b4efeca03644cf9d12282e5b
-CVE-2017-7476
+CVE-2017-7476 (Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ  ...)
 	- gnulib <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commitdiff;h=94e01571
 	NOTE: Introduced with 4bc76593 and 4e6e16b3f.
-CVE-2017-7475
+CVE-2017-7475 (Cairo version 1.15.4 is vulnerable to a NULL pointer dereference relat ...)
 	- cairo <unfixed> (low; bug #870264)
 	[buster] - cairo <no-dsa> (Minor issue)
 	[stretch] - cairo <no-dsa> (Minor issue)
@@ -32136,17 +32136,17 @@ CVE-2017-7475
 	[wheezy] - cairo <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100763
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/80
-CVE-2017-7474
+CVE-2017-7474 (It was found that the Keycloak Node.js adapter 2.5 - 3.0 did not handl ...)
 	NOT-FOR-US: Keycloak
 CVE-2017-7473
 	REJECTED
-CVE-2017-7472
+CVE-2017-7472 (The KEYS subsystem in the Linux kernel before 4.10.13 allows local use ...)
 	{DLA-922-1}
 	- linux 4.9.25-1
 	[jessie] - linux 3.16.43-1
 	NOTE: https://lkml.org/lkml/2017/4/1/235
 	NOTE: https://lkml.org/lkml/2017/4/3/724
-CVE-2017-7471
+CVE-2017-7471 (Quick Emulator (Qemu) built with the VirtFS, host directory sharing vi ...)
 	{DLA-1035-1}
 	- qemu 1:2.8+dfsg-5 (bug #860785)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced with fix for CVE-2016-9602)
@@ -32157,129 +32157,129 @@ CVE-2017-7471
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1443401
 	NOTE: Introduced by: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=acf22d2264a131ad2695b5a18746dabf0cc8b843
 	NOTE: which is part of the fix for CVE-2016-9602.
-CVE-2017-7470
+CVE-2017-7470 (It was found that spacewalk-channel can be used by a non-admin user or ...)
 	NOT-FOR-US: Red Hat / spacewalk-backend
 CVE-2017-7469
 	REJECTED
-CVE-2017-7468
+CVE-2017-7468 (In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would atte ...)
 	- curl 7.52.1-5
 	[jessie] - curl <not-affected> (Only affects 7.52 and later)
 	[wheezy] - curl <not-affected> (Only affects 7.52 and later)
 	NOTE: https://curl.haxx.se/docs/adv_20170419.html
-CVE-2017-7467
+CVE-2017-7467 (A buffer overflow flaw was found in the way minicom before version 2.7 ...)
 	{DLA-914-1}
 	- minicom 2.7-1.1 (bug #860940)
 	[jessie] - minicom 2.7-1+deb8u1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/18/5
-CVE-2017-7466
+CVE-2017-7466 (Ansible before version 2.3 has an input validation vulnerability in th ...)
 	- ansible 2.2.1.0-2
 	[jessie] - ansible <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ansible/ansible/commit/0d418789a298561fded9bce977d34babc9097079 (v2.3.0.0-0.1.rc1)
-CVE-2017-7465
+CVE-2017-7465 (It was found that the JAXP implementation used in JBoss EAP 7.0 for XS ...)
 	NOT-FOR-US: JBoss JAXP
-CVE-2017-7464
+CVE-2017-7464 (It was found that the JAXP implementation used in JBoss EAP 7.0 for SA ...)
 	NOT-FOR-US: JBoss JAXP
-CVE-2017-7463
+CVE-2017-7463 (JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a reflecte ...)
 	NOT-FOR-US: Red Hat business central
-CVE-2017-7462
+CVE-2017-7462 (Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a r ...)
 	NOT-FOR-US: Intellinet NFC-30ir IP Camera
-CVE-2017-7461
+CVE-2017-7461 (Directory traversal vulnerability in the web-based management site on  ...)
 	NOT-FOR-US: Intellinet NFC-30ir IP Camera
 CVE-2017-7460
 	RESERVED
-CVE-2017-7459
+CVE-2017-7459 (ntopng before 3.0 allows HTTP Response Splitting. ...)
 	- ntopng 2.4+dfsg1-4 (bug #866719)
 	[stretch] - ntopng <no-dsa> (Minor issue)
 	[jessie] - ntopng <no-dsa> (Minor issue)
 	NOTE: https://github.com/ntop/ntopng/commit/9469e58f07e043da712e6d6c41244852a11bcaeb
-CVE-2017-7458
+CVE-2017-7458 (The NetworkInterface::getHost function in NetworkInterface.cpp in ntop ...)
 	- ntopng 2.4+dfsg1-4 (bug #866721)
 	[stretch] - ntopng <no-dsa> (Minor issue)
 	[jessie] - ntopng <no-dsa> (Minor issue)
 	NOTE: https://github.com/ntop/ntopng/commit/01f47e04fd7c8d54399c9e465f823f0017069f8f
-CVE-2017-7457
+CVE-2017-7457 (XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 r ...)
 	NOT-FOR-US: Moxa
-CVE-2017-7456
+CVE-2017-7456 (Moxa MXView 2.8 allows remote attackers to cause a Denial of Service b ...)
 	NOT-FOR-US: Moxa
-CVE-2017-7455
+CVE-2017-7455 (Moxa MXView 2.8 allows remote attackers to read web server's private k ...)
 	NOT-FOR-US: Moxa
-CVE-2017-7454
+CVE-2017-7454 (The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a  ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7453
+CVE-2017-7453 (The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a  ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2017-7452
+CVE-2017-7452 (The iwbmp_read_info_header function in imagew-bmp.c in libimageworsene ...)
 	NOT-FOR-US: ImageWorsener
 CVE-2017-7451
 	RESERVED
-CVE-2017-7450
+CVE-2017-7450 (AIRTAME HDMI dongle with firmware before 2.2.0 allows unauthenticated  ...)
 	NOT-FOR-US: AIRTAME HDMI dongle
 CVE-2017-7449
 	RESERVED
-CVE-2017-7448
+CVE-2017-7448 (The allocate_channel_framebuffer function in uncompressed_components.h ...)
 	- lepton 1.2.1-3 (bug #859714)
 	NOTE: https://github.com/dropbox/lepton/issues/86
 	NOTE: https://github.com/dropbox/lepton/commit/7789d99ac156adfd7bbf66e7824bd3e948a74cf7
-CVE-2017-7447
+CVE-2017-7447 (HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote ...)
 	NOT-FOR-US: HelpDEZk
-CVE-2017-7446
+CVE-2017-7446 (HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtai ...)
 	NOT-FOR-US: HelpDEZk
 CVE-2017-7445
 	RESERVED
-CVE-2017-0887
+CVE-2017-0887 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-7444
+CVE-2017-7444 (In Veritas System Recovery before 16 SP1, there is a DLL hijacking vul ...)
 	NOT-FOR-US: Veritas System Recovery
-CVE-2017-7442
+CVE-2017-7442 (Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code ...)
 	NOT-FOR-US: Nitro Pro
-CVE-2017-7441
+CVE-2017-7441 (In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the ...)
 	NOT-FOR-US: Sophos
-CVE-2017-7440
+CVE-2017-7440 (Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop ap ...)
 	NOT-FOR-US: Kerio
-CVE-2017-7439
+CVE-2017-7439 (NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 might ...)
 	NOT-FOR-US: NetApp
-CVE-2017-7438
+CVE-2017-7438 (NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cro ...)
 	NOT-FOR-US: NetIQ Privileged Account Manager
-CVE-2017-7437
+CVE-2017-7437 (NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cro ...)
 	NOT-FOR-US: NetIQ Privileged Account Manager
-CVE-2017-7436
+CVE-2017-7436 (In libzypp before 20170803 it was possible to retrieve unsigned packag ...)
 	- libzypp 17.3.1-1 (bug #899065)
 	[jessie] - libzypp <ignored> (Minor issue)
-CVE-2017-7435
+CVE-2017-7435 (In libzypp before 20170803 it was possible to add unsigned YUM reposit ...)
 	- libzypp 17.3.1-1 (bug #899065)
 	[jessie] - libzypp <ignored> (Minor issue)
-CVE-2017-7434
+CVE-2017-7434 (In the JDBC driver of NetIQ Identity Manager before 4.6 sending out in ...)
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2017-7433
+CVE-2017-7433 (An absolute path traversal vulnerability (CWE-36) in Micro Focus Vibe  ...)
 	NOT-FOR-US: Micro Focus Vibe
-CVE-2017-7432
+CVE-2017-7432 (Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3 ...)
 	NOT-FOR-US: Novell Novell iManager and NetIQ iManager
-CVE-2017-7431
+CVE-2017-7431 (Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3 ...)
 	NOT-FOR-US: Novell Novell iManager and NetIQ iManager
-CVE-2017-7430
+CVE-2017-7430 (Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3 ...)
 	NOT-FOR-US: Novell Novell iManager and NetIQ iManager
-CVE-2017-7429
+CVE-2017-7429 (The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Pat ...)
 	NOT-FOR-US: NetIQ eDirectory PKI plugin
-CVE-2017-7428
+CVE-2017-7428 (NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of ...)
 	NOT-FOR-US: NetIQ iManager
-CVE-2017-7427
+CVE-2017-7427 (Multiple cross site scripting attacks were found in the Identity Manag ...)
 	NOT-FOR-US: NetIQ Identity Manager Plug-in
-CVE-2017-7426
+CVE-2017-7426 (The NetIQ Identity Manager Plugins before 4.6.1 contained various XML  ...)
 	NOT-FOR-US: NetIQ Identity Manager Plugins
-CVE-2017-7425
+CVE-2017-7425 (Multiple potential reflected XSS issues exist in NetIQ iManager versio ...)
 	NOT-FOR-US: NetIQ
-CVE-2017-7424
+CVE-2017-7424 (A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus  ...)
 	NOT-FOR-US: Micro Focus
-CVE-2017-7423
+CVE-2017-7423 (A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in ...)
 	NOT-FOR-US: Micro Focus
-CVE-2017-7422
+CVE-2017-7422 (Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilitie ...)
 	NOT-FOR-US: Micro Focus
-CVE-2017-7421
+CVE-2017-7421 (Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilitie ...)
 	NOT-FOR-US: Micro Focus
-CVE-2017-7420
+CVE-2017-7420 (An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterpr ...)
 	NOT-FOR-US: Micro Focus
-CVE-2017-7419
+CVE-2017-7419 (A OAuth application in NetIQ Access Manager 4.3 before 4.3.2 and 4.2 b ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2017-7418
+CVE-2017-7418 (ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the h ...)
 	- proftpd-dfsg 1.3.5b-4 (low; bug #859592)
 	[jessie] - proftpd-dfsg 1.3.5-1.1+deb8u2
 	[wheezy] - proftpd-dfsg <no-dsa> (Minor issue)
@@ -32288,56 +32288,56 @@ CVE-2017-7418
 	NOTE: https://github.com/proftpd/proftpd/commit/f59593e6ff730b832dbe8754916cb5c821db579f
 CVE-2017-7417
 	RESERVED
-CVE-2017-7416
+CVE-2017-7416 (ntopng before 3.0 allows XSS because GET and POST parameters are impro ...)
 	- ntopng 3.2+dfsg1-1 (bug #866722)
 	[stretch] - ntopng <no-dsa> (Minor issue)
 	[jessie] - ntopng <no-dsa> (Minor issue)
-CVE-2017-7415
+CVE-2017-7415 (Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypas ...)
 	NOT-FOR-US: Atlassian Confluence
-CVE-2017-7414
+CVE-2017-7414 (In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Editio ...)
 	{DLA-1398-1}
 	- php-horde-crypt 2.7.5-2 (bug #859635)
-CVE-2017-7413
+CVE-2017-7413 (In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Editio ...)
 	{DLA-1398-1}
 	- php-horde-crypt 2.7.5-2 (bug #859635)
-CVE-2017-7412
+CVE-2017-7412 (NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which ...)
 	NOT-FOR-US: NixOS specific Docker issue
-CVE-2017-7411
+CVE-2017-7411 (An issue was discovered in Enalean Tuleap 9.6 and prior versions. The  ...)
 	NOT-FOR-US: Enalean Tuleap
-CVE-2017-7410
+CVE-2017-7410 (Multiple SQL injection vulnerabilities in account/signup.php and accou ...)
 	NOT-FOR-US: WebsiteBaker
-CVE-2017-7409
+CVE-2017-7409 (Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect e ...)
 	NOT-FOR-US: Palo Alto Networks
-CVE-2017-7408
+CVE-2017-7408 (Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to  ...)
 	NOT-FOR-US: Palo Alto Networks Traps ESM Console
-CVE-2017-7407
+CVE-2017-7407 (The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow ...)
 	{DLA-883-1}
 	- curl 7.52.1-4 (unimportant; bug #859500)
 	NOTE: https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13
 	NOTE: Negligible security impact
-CVE-2017-7406
+CVE-2017-7406 (The D-Link DIR-615 device before v20.12PTb04 doesn't use SSL for any o ...)
 	NOT-FOR-US: D-Link
-CVE-2017-7405
+CVE-2017-7405 (On the D-Link DIR-615 before v20.12PTb04, once authenticated, this dev ...)
 	NOT-FOR-US: D-Link
-CVE-2017-7404
+CVE-2017-7404 (On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the ...)
 	NOT-FOR-US: D-Link
 CVE-2017-7403
 	RESERVED
-CVE-2017-7402
+CVE-2017-7402 (Pixie 1.0.4 allows remote authenticated users to upload and execute ar ...)
 	NOT-FOR-US: Pixie CMS
-CVE-2017-7401
+CVE-2017-7401 (Incorrect interaction of the parse_packet() and parse_part_sign_sha256 ...)
 	{DLA-884-1}
 	- collectd 5.7.2-1 (bug #859494)
 	[stretch] - collectd <no-dsa> (Minor issue)
 	[jessie] - collectd <no-dsa> (Minor issue)
 	NOTE: https://github.com/collectd/collectd/issues/2174
 	NOTE: https://github.com/collectd/collectd/commit/f6be4f9b49b949b379326c3d7002476e6ce4f211
-CVE-2017-7400
+CVE-2017-7400 (OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 a ...)
 	- horizon 3:10.0.1-1 (bug #859559)
 	[jessie] - horizon <not-affected> (Vulnerable code not present)
 	[wheezy] - horizon <not-affected> (Vulnerable code not present)
 	NOTE: https://launchpad.net/bugs/1667086
-CVE-2017-1001000
+CVE-2017-1001000 (The register_routes function in wp-includes/rest-api/endpoints/class-w ...)
 	- wordpress 4.7.2+dfsg-1
 	[jessie] - wordpress <not-affected> (Vulnerable code introduced after 4.4)
 	[wheezy] - wordpress <not-affected> (Vulnerable code not present)
@@ -32345,84 +32345,84 @@ CVE-2017-1001000
 	NOTE: rest-api introduced in 4.4 upstream
 CVE-2017-7399
 	RESERVED
-CVE-2017-7398
+CVE-2017-7398 (D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request For ...)
 	NOT-FOR-US: D-Link
-CVE-2017-7397
+CVE-2017-7397 (** DISPUTED ** BackBox Linux 4.6 allows remote attackers to cause a de ...)
 	NOT-FOR-US: BackBox OS specific CVE assignment
-CVE-2017-7396
+CVE-2017-7396 (In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unaut ...)
 	- tigervnc 1.7.0+dfsg-7 (bug #859259)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/436
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/436/commits/dccb5f7d776e93863ae10bbff56a45c523c6eeb0
-CVE-2017-7395
+CVE-2017-7395 (In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by c ...)
 	- tigervnc 1.7.0+dfsg-7 (bug #859259)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/436
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/436/commits/bf3bdac082978ca32895a4b6a123016094905689
-CVE-2017-7394
+CVE-2017-7394 (In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), una ...)
 	- tigervnc 1.7.0+dfsg-7 (bug #859259)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/440
-CVE-2017-7393
+CVE-2017-7393 (In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an a ...)
 	- tigervnc 1.7.0+dfsg-7 (bug #859259)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/438
-CVE-2017-7392
+CVE-2017-7392 (In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityV ...)
 	- tigervnc 1.7.0+dfsg-7 (bug #859259)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/441
-CVE-2017-7391
+CVE-2017-7391 (A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The vul ...)
 	NOT-FOR-US: Magmi
-CVE-2017-7390
+CVE-2017-7390 (A Cross-Site Scripting (XSS) was discovered in 'SocialNetwork v1.2.1'. ...)
 	NOT-FOR-US: SocialNetwork
-CVE-2017-7389
+CVE-2017-7389 (Multiple Cross-Site Scripting (XSS) were discovered in 'openeclass Rel ...)
 	NOT-FOR-US: The Open eClass Platform
-CVE-2017-7388
+CVE-2017-7388 (A Cross-Site Scripting (XSS) was discovered in 'wallacepos v1.4.1'. Th ...)
 	NOT-FOR-US: WallacePOS
-CVE-2017-7387
+CVE-2017-7387 (TheFirstQuestion/HelpMeWatchWho before 2017-03-28 is vulnerable to a r ...)
 	NOT-FOR-US: HelpMeWatchWho
-CVE-2017-7386
+CVE-2017-7386 (citymont/symetrie v.0.9.6 is vulnerable to a reflected XSS in symetrie ...)
 	NOT-FOR-US: symetrie
 CVE-2017-7385
 	RESERVED
-CVE-2017-7384
+CVE-2017-7384 (Cross-site scripting (XSS) vulnerability in FlipBuilder Flip PDF allow ...)
 	NOT-FOR-US: FlipBuilder Flip PDF
-CVE-2017-7383
+CVE-2017-7383 (The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attac ...)
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #859329)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/3
 	NOTE: https://github.com/asarubbo/poc/blob/master/00252-podofo-nullptr4
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1848
-CVE-2017-7382
+CVE-2017-7382 (The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attac ...)
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #859329)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/3
 	NOTE: https://github.com/asarubbo/poc/blob/master/00251-podofo-nullptr3
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1848
-CVE-2017-7381
+CVE-2017-7381 (The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attacker ...)
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #859329)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/3
 	NOTE: https://github.com/asarubbo/poc/blob/master/00251-podofo-nullptr2
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1848
-CVE-2017-7380
+CVE-2017-7380 (The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attacker ...)
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #859329)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/3
 	NOTE: https://github.com/asarubbo/poc/blob/master/00250-podofo-nullptr1
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1848
-CVE-2017-7379
+CVE-2017-7379 (The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncodi ...)
 	{DLA-929-1}
 	- libpodofo 0.9.4-5 (bug #859331)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/2
 	NOTE: upstream fix: https://sourceforge.net/p/podofo/code/1842/
-CVE-2017-7378
+CVE-2017-7378 (The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoF ...)
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #859330)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/1
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1847
-CVE-2017-7377
+CVE-2017-7377 (The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in  ...)
 	{DLA-1497-1 DLA-1035-1 DLA-965-1}
 	- qemu 1:2.8+dfsg-4 (bug #859854)
 	- qemu-kvm <removed>
@@ -32430,7 +32430,7 @@ CVE-2017-7377
 	NOTE: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=d63fb193e71644a073b77ff5ac6f1216f2f6cf6e
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/03/2
 	NOTE: For older releases affected code is in hw/9pfs/virtio-9p.c
-CVE-2017-7376
+CVE-2017-7376 (Buffer overflow in libxml2 allows remote attackers to execute arbitrar ...)
 	{DSA-3952-1 DLA-1060-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #870865)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780690 (not yet public)
@@ -32440,52 +32440,52 @@ CVE-2017-7376
 	NOTE: negative when cast to a 32-bit int. A negative port though in the URL would
 	NOTE: make the URL invalid. It is discussed if instead it would be best to prevent
 	NOTE: the port from ever being negative. Upstream decided to leave the above patch.
-CVE-2017-7375
+CVE-2017-7375 (A flaw in libxml2 allows remote XML entity inclusion with default pars ...)
 	{DSA-3952-1 DLA-1008-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #870867)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780691 (not yet public)
 	NOTE: Android patch: https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa
 	NOTE: Fix upstream: https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e
-CVE-2017-7374
+CVE-2017-7374 (Use-after-free vulnerability in fs/crypto/ in the Linux kernel before  ...)
 	- linux 4.9.25-1
 	[jessie] - linux <not-affected> (Vulnerable code not present; Introduced in 4.2-rc1)
 	[wheezy] - linux <not-affected> (Vulnerable code not present; Introduced in 4.2-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/1b53cf9815bb4744958d41f3795d5d5a1d365e2d (4.11-rc4)
-CVE-2017-7373
+CVE-2017-7373 (In all Android releases from CAF using the Linux kernel, a double free ...)
 	NOT-FOR-US: Android display driver
-CVE-2017-7372
+CVE-2017-7372 (In all Android releases from CAF using the Linux kernel, a race condit ...)
 	NOT-FOR-US: Android
-CVE-2017-7371
+CVE-2017-7371 (In all Android releases from CAF using the Linux kernel, a data pointe ...)
 	NOT-FOR-US: Android
-CVE-2017-7370
+CVE-2017-7370 (In all Android releases from CAF using the Linux kernel, a race condit ...)
 	NOT-FOR-US: Android
-CVE-2017-7369
+CVE-2017-7369 (In all Android releases from CAF using the Linux kernel, an array inde ...)
 	- linux <not-affected> (Android-specific)
-CVE-2017-7368
+CVE-2017-7368 (In all Android releases from CAF using the Linux kernel, a race condit ...)
 	NOT-FOR-US: Android driver
-CVE-2017-7367
+CVE-2017-7367 (In all Android releases from CAF using the Linux kernel, an integer un ...)
 	NOT-FOR-US: Android
-CVE-2017-7366
+CVE-2017-7366 (In all Android releases from CAF using the Linux kernel, a KGSL ioctl  ...)
 	NOT-FOR-US: Android driver
-CVE-2017-7365
+CVE-2017-7365 (In all Android releases from CAF using the Linux kernel, a buffer over ...)
 	NOT-FOR-US: Android
-CVE-2017-7364
+CVE-2017-7364 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-7363
+CVE-2017-7363 (Pixie 1.0.4 allows an admin/index.php s=publish&amp;m=module&amp;x= XS ...)
 	NOT-FOR-US: Pixie CMS
-CVE-2017-7362
+CVE-2017-7362 (Pixie 1.0.4 allows an admin/index.php s=publish&amp;m=dynamic&amp;x= X ...)
 	NOT-FOR-US: Pixie CMS
-CVE-2017-7361
+CVE-2017-7361 (Pixie 1.0.4 allows an admin/index.php s=publish&amp;m=static&amp;x= XS ...)
 	NOT-FOR-US: Pixie CMS
-CVE-2017-7360
+CVE-2017-7360 (Pixie 1.0.4 allows an admin/index.php s=settings&amp;x= XSS attack. ...)
 	NOT-FOR-US: Pixie CMS
-CVE-2017-7359
+CVE-2017-7359 (Pixie 1.0.4 allows an admin/index.php s=login&amp;m= XSS attack. ...)
 	NOT-FOR-US: Pixie CMS
-CVE-2017-7358
+CVE-2017-7358 (In LightDM through 1.22.0, a directory traversal issue in debian/guest ...)
 	- lightdm <not-affected> (Vulnerable code not present)
 	NOTE: https://launchpad.net/bugs/1677924
 	NOTE: Specific script debian/guest-account.sh not merged from Ubuntu
-CVE-2017-7357
+CVE-2017-7357 (Hipchat Server before 2.2.3 allows remote authenticated users with Ser ...)
 	NOT-FOR-US: Hipchat Server
 CVE-2017-7356
 	RESERVED
@@ -32495,9 +32495,9 @@ CVE-2017-7354
 	RESERVED
 CVE-2017-7353
 	RESERVED
-CVE-2017-7352
+CVE-2017-7352 (Stored Cross-site scripting (XSS) vulnerability in Pure Storage Purity ...)
 	NOT-FOR-US: Pure Storage Purity
-CVE-2017-7351
+CVE-2017-7351 (A SQL injection issue exists in a file upload handler in REDCap 7.x be ...)
 	NOT-FOR-US: REDCap
 CVE-2017-7350
 	RESERVED
@@ -32507,32 +32507,32 @@ CVE-2017-7348
 	RESERVED
 CVE-2017-7347
 	RESERVED
-CVE-2017-7346
+CVE-2017-7346 (The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmw ...)
 	{DSA-3945-1 DSA-3927-1}
 	- linux 4.11.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.14)
 	NOTE: Fixed by: https://git.kernel.org/linus/ee9c4e681ec4f58e42a83cb0c22a0289ade1aacf
-CVE-2017-7345
+CVE-2017-7345 (NetApp OnCommand Performance Manager and OnCommand Unified Manager for ...)
 	NOT-FOR-US: NetApp
-CVE-2017-7344
+CVE-2017-7344 (A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earli ...)
 	NOT-FOR-US: Fortinet FortiClient Windows
-CVE-2017-7343
+CVE-2017-7343 (An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below ...)
 	NOT-FOR-US: Fortinet FortiPortal
 CVE-2017-7342
 	RESERVED
-CVE-2017-7341
+CVE-2017-7341 (An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 throu ...)
 	NOT-FOR-US: Fortinet
 CVE-2017-7340
 	RESERVED
-CVE-2017-7339
+CVE-2017-7339 (A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions  ...)
 	NOT-FOR-US: Fortinet FortiPortal
-CVE-2017-7338
+CVE-2017-7338 (A password management vulnerability in Fortinet FortiPortal versions 4 ...)
 	NOT-FOR-US: Fortinet FortiPortal
-CVE-2017-7337
+CVE-2017-7337 (An improper Access Control vulnerability in Fortinet FortiPortal versi ...)
 	NOT-FOR-US: Fortinet FortiPortal
-CVE-2017-7336
+CVE-2017-7336 (A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lo ...)
 	NOT-FOR-US: Fortinet
-CVE-2017-7335
+CVE-2017-7335 (A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x  ...)
 	NOT-FOR-US: Fortinet
 CVE-2017-7334
 	RESERVED
@@ -32548,83 +32548,83 @@ CVE-2017-7329
 	RESERVED
 CVE-2017-7328
 	RESERVED
-CVE-2017-7327
+CVE-2017-7327 (Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking ...)
 	NOT-FOR-US: Yandex Browser installer for Desktop
-CVE-2017-7326
+CVE-2017-7326 (Race condition issue in Yandex Browser for Android before 17.4.0.16 al ...)
 	NOT-FOR-US: Yandex Browser for Android
-CVE-2017-7325
+CVE-2017-7325 (Yandex Browser before 16.9.0 allows remote attackers to spoof the addr ...)
 	NOT-FOR-US: Yandex Browser
-CVE-2017-7324
+CVE-2017-7324 (setup/templates/findcore.php in MODX Revolution 2.5.4-pl and earlier a ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2017-7323
+CVE-2017-7323 (The (1) update and (2) package-installation features in MODX Revolutio ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2017-7322
+CVE-2017-7322 (The (1) update and (2) package-installation features in MODX Revolutio ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2017-7321
+CVE-2017-7321 (setup/controllers/welcome.php in MODX Revolution 2.5.4-pl and earlier  ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2017-7320
+CVE-2017-7320 (setup/controllers/language.php in MODX Revolution 2.5.4-pl and earlier ...)
 	NOT-FOR-US: MODX Revolution
 CVE-2017-7319
 	REJECTED
-CVE-2017-7318
+CVE-2017-7318 (Siklu EtherHaul devices before 7.4.0 are vulnerable to a remote comman ...)
 	NOT-FOR-US: Siklu EtherHaul
-CVE-2017-7317
+CVE-2017-7317 (An issue was discovered on Humax Digital HG100 2.0.6 devices. The atta ...)
 	NOT-FOR-US: Humax Digital HG100
-CVE-2017-7316
+CVE-2017-7316 (An issue was discovered on Humax Digital HG100R 2.0.6 devices. There i ...)
 	NOT-FOR-US: Humax Digital HG100R
-CVE-2017-7315
+CVE-2017-7315 (An issue was discovered on Humax Digital HG100R 2.0.6 devices. To down ...)
 	NOT-FOR-US: Humax Digital HG100R
-CVE-2017-7314
+CVE-2017-7314 (An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1 ...)
 	NOT-FOR-US: Personify360 e-Business
-CVE-2017-7313
+CVE-2017-7313 (An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1 ...)
 	NOT-FOR-US: Personify360 e-Business
-CVE-2017-7312
+CVE-2017-7312 (An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1 ...)
 	NOT-FOR-US: Personify360 e-Business
 CVE-2017-7311
 	RESERVED
-CVE-2017-7310
+CVE-2017-7310 (A buffer overflow vulnerability in Import Command in SyncBreeze before ...)
 	NOT-FOR-US: Sync Breeze Enterprise
-CVE-2017-7309
+CVE-2017-7309 (A cross-site scripting (XSS) vulnerability in the MantisBT Configurati ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/30/4
-CVE-2017-7307
+CVE-2017-7307 (Riverbed RiOS before 9.0.1 does not properly restrict shell access in  ...)
 	NOT-FOR-US: Riverbed RiOS
-CVE-2017-7306
+CVE-2017-7306 (** DISPUTED ** Riverbed RiOS through 9.6.0 has a weak default password ...)
 	NOT-FOR-US: Riverbed RiOS
-CVE-2017-7305
+CVE-2017-7305 (** DISPUTED ** Riverbed RiOS through 9.6.0 does not require a bootload ...)
 	NOT-FOR-US: Riverbed RiOS
-CVE-2017-7304
+CVE-2017-7304 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <not-affected> (vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20931
-CVE-2017-7303
+CVE-2017-7303 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <not-affected> (vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20922
-CVE-2017-7302
+CVE-2017-7302 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20921
-CVE-2017-7301
+CVE-2017-7301 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20924
-CVE-2017-7300
+CVE-2017-7300 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20909
-CVE-2017-7299
+CVE-2017-7299 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.27.51.20161220-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20908
-CVE-2017-7308
+CVE-2017-7308 (The packet_set_ring function in net/packet/af_packet.c in the Linux ke ...)
 	{DLA-922-1}
 	- linux 4.9.18-1
 	[jessie] - linux 3.16.43-1
@@ -32632,21 +32632,21 @@ CVE-2017-7308
 	NOTE: Fixed by: https://git.kernel.org/linus/8f8d28e4d6d815a391285e121c3a53a0b6cb9e7b
 	NOTE: Fixed by: https://git.kernel.org/linus/bcc5364bdcfe131e6379363f089e7b4108d35b70
 	NOTE: https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html
-CVE-2017-7298
+CVE-2017-7298 (In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Ad ...)
 	- moodle <removed> (unimportant)
 	NOTE: http://www.daimacn.com/post/12.html
 	NOTE: https://tracker.moodle.org/browse/MDL-52038
 	NOTE: Not considered a security issue/bug upstream, disputed that it got a CVE
 	NOTE: assigned. Mark as unimportant as non-issue.
-CVE-2017-7297
+CVE-2017-7297 (Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated user ...)
 	NOT-FOR-US: Rancher Labs rancher server
-CVE-2017-7296
+CVE-2017-7296 (An issue was discovered in Contiki Operating System 3.0. A Persistent  ...)
 	NOT-FOR-US: Contiki Operating System
-CVE-2017-7295
+CVE-2017-7295 (An issue was discovered in Contiki Operating System 3.0. A use-after-f ...)
 	NOT-FOR-US: Contiki Operating System
-CVE-2017-7293
+CVE-2017-7293 (The Dolby DAX2 and DAX3 API services are vulnerable to a privilege esc ...)
 	NOT-FOR-US: Dolby
-CVE-2017-7294
+CVE-2017-7294 (The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx ...)
 	{DLA-922-1}
 	- linux 4.9.18-1
 	[jessie] - linux 3.16.43-1
@@ -32655,37 +32655,37 @@ CVE-2017-7292
 	RESERVED
 CVE-2017-7291
 	RESERVED
-CVE-2017-7290
+CVE-2017-7290 (SQL injection vulnerability in XOOPS 2.5.7.2 and other versions before ...)
 	NOT-FOR-US: XOOPS
 CVE-2017-7289
 	RESERVED
-CVE-2017-7288
+CVE-2017-7288 (Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite ...)
 	NOT-FOR-US: Zimbra
 CVE-2017-7287
 	RESERVED
 CVE-2017-7286
 	REJECTED
-CVE-2017-7285
+CVE-2017-7285 (A vulnerability in the network stack of MikroTik Version 6.38.5 releas ...)
 	NOT-FOR-US: MikroTik
-CVE-2017-7284
+CVE-2017-7284 (An attacker that has hijacked a Unitrends Enterprise Backup (before 9. ...)
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7283
+CVE-2017-7283 (An authenticated user of Unitrends Enterprise Backup before 9.1.2 can  ...)
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7282
+CVE-2017-7282 (An issue was discovered in Unitrends Enterprise Backup before 9.1.1. T ...)
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7281
+CVE-2017-7281 (An issue was discovered in Unitrends Enterprise Backup before 9.1.2. A ...)
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7280
+CVE-2017-7280 (An issue was discovered in api/includes/systems.php in Unitrends Enter ...)
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7279
+CVE-2017-7279 (An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 w ...)
 	NOT-FOR-US: Unitrends Enterprise Backup
-CVE-2017-7278
+CVE-2017-7278 (Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 44 ...)
 	NOT-FOR-US: ASSA ABLOY APTUS Styra Porttelefonkort 4400
-CVE-2017-7277
+CVE-2017-7277 (The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TI ...)
 	- linux <not-affected> (Vulnerable code introduced in 4.10-rc1)
-CVE-2017-7276
+CVE-2017-7276 (There is reflected XSS in TOPdesk before 5.7.6 and 6.x and 7.x before  ...)
 	NOT-FOR-US: TOPdesk
-CVE-2017-7275
+CVE-2017-7275 (The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allow ...)
 	- imagemagick <unfixed> (unimportant; bug #859025)
 	NOTE: https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/271
@@ -32695,20 +32695,20 @@ CVE-2017-7275
 	NOTE: and the issue not addressed, treat this as "non-issue" (and thus marked
 	NOTE: unimportant). If in future details can be elaborated by the reporter
 	NOTE: we might re-evaluate this entry.
-CVE-2017-7274
+CVE-2017-7274 (The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 ...)
 	- radare2 <not-affected> (Vulnerable parsers introduced in 1.3.0-git, cf. #858873)
 	NOTE: https://github.com/radare/radare2/commit/7ab66cca5bbdf6cb2d69339ef4f513d95e532dbf
 	NOTE: https://github.com/radare/radare2/issues/7152
-CVE-2017-7271
+CVE-2017-7271 (Reflected Cross-site scripting (XSS) vulnerability in Yii Framework be ...)
 	- yii <itp> (bug #597899)
 CVE-2017-7270
 	RESERVED
-CVE-2017-7273
+CVE-2017-7273 (The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux ...)
 	{DLA-922-1}
 	- linux 4.9.6-1
 	[jessie] - linux 3.16.43-1
 	NOTE: Fixed by: https://git.kernel.org/linus/1ebb71143758f45dc0fa76e2f48429e13b16d110
-CVE-2017-7272
+CVE-2017-7272 (PHP through 7.1.11 enables potential SSRF in applications that accept  ...)
 	{DLA-875-1}
 	- php7.1 <removed>
 	- php7.0 <removed>
@@ -32718,17 +32718,17 @@ CVE-2017-7272
 	NOTE: https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a
 	NOTE: https://bugs.php.net/bug.php?id=74216
 	NOTE: Fixed in 7.1.4 and 7.0.18, but were later reverted: https://bugzilla.redhat.com/show_bug.cgi?id=1437837#c3
-CVE-2017-7269
+CVE-2017-7269 (Buffer overflow in the ScStoragePathFromUrl function in the WebDAV ser ...)
 	NOT-FOR-US: Windows
 CVE-2017-7268
 	RESERVED
 CVE-2017-7267
 	RESERVED
-CVE-2017-7266
+CVE-2017-7266 (Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout  ...)
 	NOT-FOR-US: Netflix Security Monkey
 CVE-2017-7265
 	RESERVED
-CVE-2017-7264
+CVE-2017-7264 (Use-after-free vulnerability in the fz_subsample_pixmap function in fi ...)
 	{DSA-3797-1}
 	- mupdf 1.9a+ds1-3 (bug #854734)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
@@ -32738,7 +32738,7 @@ CVE-2017-7264
 	NOTE: Related to CVE-2017-5896. But CVE-2017-7264 is for the use-after-free
 	NOTE: vulnerability whereas CVE-2017-5896 is for the hea-based buffer overflow
 	NOTE: in fz_subsample_pixmap.
-CVE-2017-7263
+CVE-2017-7263 (The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows rem ...)
 	- potrace 1.15-1 (bug #858763)
 	[stretch] - potrace <no-dsa> (Minor issue)
 	[jessie] - potrace <no-dsa> (Minor issue)
@@ -32746,9 +32746,9 @@ CVE-2017-7263
 	NOTE: https://blogs.gentoo.org/ago/2017/03/03/potrace-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c-incomplete-fix-for-cve-2016-8698/
 	NOTE: Proposed patch: https://github.com/asarubbo/poc/blob/master/00219-potrace-heapoverflow-bm_readbody_bmp-PATCH
 	NOTE: This CVE is for an incomplete fix of CVE-2016-8698
-CVE-2017-7262
+CVE-2017-7262 (The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows ...)
 	NOT-FOR-US: Hardware bug in AMD Ryzen CPUs, cannot be fixed via micro code updates, but only BIOS updates
-CVE-2017-7261
+CVE-2017-7261 (The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx ...)
 	{DLA-922-1}
 	- linux 4.9.18-1
 	[jessie] - linux 3.16.43-1
@@ -32757,33 +32757,33 @@ CVE-2017-7260
 	RESERVED
 CVE-2017-7259
 	REJECTED
-CVE-2017-7258
+CVE-2017-7258 (HTTP Exploit in eMLi Portal in AuroMeera Technometrix Pvt. Ltd. eMLi a ...)
 	NOT-FOR-US: AuroMeera Technometrix
-CVE-2017-7257
+CVE-2017-7257 (XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content--&gt;News--&g ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-7256
+CVE-2017-7256 (XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content--&gt;News--&g ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-7255
+CVE-2017-7255 (XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content--&gt;News--&g ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2017-7254
 	RESERVED
-CVE-2017-7253
+CVE-2017-7253 (Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: ...)
 	NOT-FOR-US: Dahua IP Camera devices
 CVE-2017-7252 [Incorrect bcrypt computation]
 	RESERVED
 	- botan1.10 <not-affected> (Introduced in 1.11.0)
 	NOTE: Bug introduced in 1.11.0, fixed in 2.1.0.
-CVE-2017-7251
+CVE-2017-7251 (A Cross-Site Scripting (XSS) was discovered in pi-engine/pi 2.5.0. The ...)
 	NOT-FOR-US: pi-engine
-CVE-2017-7250
+CVE-2017-7250 (A Cross-Site Scripting (XSS) was discovered in Gazelle before 2017-03- ...)
 	NOT-FOR-US: Gazelle torrent tracker
-CVE-2017-7249
+CVE-2017-7249 (Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before  ...)
 	NOT-FOR-US: Gazelle torrent tracker
-CVE-2017-7248
+CVE-2017-7248 (A Cross-Site Scripting (XSS) was discovered in Gazelle before 2017-03- ...)
 	NOT-FOR-US: Gazelle torrent tracker
-CVE-2017-7247
+CVE-2017-7247 (Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before  ...)
 	NOT-FOR-US: Gazelle torrent tracker
-CVE-2017-7246
+CVE-2017-7246 (Stack-based buffer overflow in the pcre32_copy_substring function in p ...)
 	- pcre3 <unfixed> (bug #858679; unimportant)
 	[jessie] - pcre3 <no-dsa> (Minor issue; 32bit character support not enabled)
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -32791,7 +32791,7 @@ CVE-2017-7246
 	NOTE: https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
 	NOTE: pcre32 support enabled only in pcre3/1:8.35-4
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1691 (8.41)
-CVE-2017-7245
+CVE-2017-7245 (Stack-based buffer overflow in the pcre32_copy_substring function in p ...)
 	- pcre3 <unfixed> (bug #858678; unimportant)
 	[jessie] - pcre3 <no-dsa> (Minor issue; 32bit character support not enabled)
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -32799,7 +32799,7 @@ CVE-2017-7245
 	NOTE: https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
 	NOTE: pcre32 support enabled only in pcre3/1:8.35-4
 	NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1691 (8.41)
-CVE-2017-7244
+CVE-2017-7244 (The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40  ...)
 	- pcre3 2:8.39-3 (bug #858683)
 	[jessie] - pcre3 <no-dsa> (Minor issue; 32bit character support not enabled)
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -32808,152 +32808,152 @@ CVE-2017-7244
 	NOTE: pcre32 support enabled only in pcre3/1:8.35-4
 	NOTE: Bisected and the following change addresses the issue for pcre3:
 	NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1688 (8.41)
-CVE-2017-7243
+CVE-2017-7243 (Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to caus ...)
 	NOT-FOR-US: Eclipse tinydtls for Eclipse IoT
-CVE-2017-7242
+CVE-2017-7242 (Multiple Cross-Site Scripting (XSS) were discovered in admin/modules c ...)
 	NOT-FOR-US: SLiMS
-CVE-2017-7241
+CVE-2017-7241 (A cross-site scripting (XSS) vulnerability in the MantisBT Move Attach ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/30/4
-CVE-2017-7240
+CVE-2017-7240 (An issue was discovered on Miele Professional PST10 devices. The corre ...)
 	NOT-FOR-US: Miele Professional PG 8528 PST10 devices
-CVE-2017-7239
+CVE-2017-7239 (Ninka before 1.3.2 might allow remote attackers to obtain sensitive in ...)
 	- ninka <not-affected> (Fixed with the initial release to Debian)
 	NOTE: https://github.com/dmgerman/ninka/commit/81f185261c8863c5b84344ee31192870be939faf
 CVE-2017-7238
 	RESERVED
-CVE-2017-7237
+CVE-2017-7237 (The Spiceworks TFTP Server, as distributed with Spiceworks Inventory 7 ...)
 	NOT-FOR-US: Spiceworks
-CVE-2017-7236
+CVE-2017-7236 (SQL injection vulnerability in NetApp OnCommand Unified Manager Core P ...)
 	NOT-FOR-US: NetApp
-CVE-2017-7235
+CVE-2017-7235 (An issue was discovered in cloudflare-scrape 1.6.6 through 1.7.1. A ma ...)
 	NOT-FOR-US: cloudflare-scrape
-CVE-2017-7234
+CVE-2017-7234 (A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before  ...)
 	{DSA-3835-1 DLA-885-1}
 	- python-django 1:1.10.7-1 (bug #859516)
 	NOTE: https://www.djangoproject.com/weblog/2017/apr/04/security-releases/
 	NOTE: Fixed by (master): https://github.com/django/django/commit/a1f948b468b6621083a03b0d53432341b7a4d753
-CVE-2017-7233
+CVE-2017-7233 (Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 re ...)
 	{DSA-3835-1 DLA-885-1}
 	- python-django 1:1.10.7-1 (bug #859515)
 	NOTE: https://www.djangoproject.com/weblog/2017/apr/04/security-releases/
 	NOTE: Fixed by (master): https://github.com/django/django/commit/5ea48a70afac5e5684b504f09286e7defdd1a81a
 CVE-2017-7232
 	RESERVED
-CVE-2017-7231
+CVE-2017-7231 (pngdefry through 2017-03-22 is prone to a heap-based buffer-overflow v ...)
 	NOT-FOR-US: pngdefry
-CVE-2017-7230
+CVE-2017-7230 (A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and e ...)
 	NOT-FOR-US: Disk Sorter Enterprise
-CVE-2017-7229
+CVE-2017-7229 (PGP/MIME encrypted messages injected into a Vaultive O365 (before 4.5. ...)
 	NOT-FOR-US: Vaultive O365
-CVE-2017-7228
+CVE-2017-7228 (An issue (known as XSA-212) was discovered in Xen, with fixes availabl ...)
 	{DSA-3847-1 DLA-907-1}
 	- xen 4.8.1-1 (bug #859560)
 	NOTE: https://xenbits.xen.org/xsa/advisory-212.html
-CVE-2017-7227
+CVE-2017-7227 (GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buf ...)
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20906
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=406bd128dba2a59d0736839fc87a59bce319076c
-CVE-2017-7226
+CVE-2017-7226 (The pe_ILF_object_p function in the Binary File Descriptor (BFD) libra ...)
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20905
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=fa6631b4eecfcca00c13b9594e6336dffd40982f
-CVE-2017-7225
+CVE-2017-7225 (The find_nearest_line function in addr2line in GNU Binutils 2.28 does  ...)
 	- binutils 2.27.51.20161201-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20891
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=50455f1ab2935f7321215dfa681745c9b1cb5b19
-CVE-2017-7224
+CVE-2017-7224 (The find_nearest_line function in objdump in GNU Binutils 2.28 is vuln ...)
 	- binutils 2.27.51.20161201-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20892
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e82ab856bb4689330c29fb9f1c57a8555b26380e
-CVE-2017-7223
+CVE-2017-7223 (GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer ov ...)
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20898
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=69ace2200106348a1b00d509a6a234337c104c17
-CVE-2017-7222
+CVE-2017-7222 (A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 al ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
-CVE-2017-7221
+CVE-2017-7221 (OpenText Documentum Content Server has an inadequate protection mechan ...)
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-7220
+CVE-2017-7220 (OpenText Documentum Content Server allows superuser access via sys_obj ...)
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-7219
+CVE-2017-7219 (A heap overflow vulnerability in Citrix NetScaler Gateway versions 10. ...)
 	NOT-FOR-US: Citrix
-CVE-2017-7218
+CVE-2017-7218 (The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-7217
+CVE-2017-7217 (The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.1 ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-7216
+CVE-2017-7216 (The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2017-7215
+CVE-2017-7215 (Cross site scripting in some view elements in the index filter tool in ...)
 	NOT-FOR-US: MISP (Malware Information Sharing Platform and Threat Sharing)
-CVE-2017-7214
+CVE-2017-7214 (An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x ...)
 	- nova 2:14.0.0-4 (bug #858568)
 	[jessie] - nova <not-affected> (Vulnerable code not present)
 	[wheezy] - nova <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://bugs.launchpad.net/nova/+bug/1673569
-CVE-2017-7213
+CVE-2017-7213 (Zoho ManageEngine Desktop Central before build 100082 allows remote at ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
 CVE-2017-7212
 	RESERVED
 CVE-2017-7211
 	RESERVED
-CVE-2017-7210
+CVE-2017-7210 (objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buff ...)
 	- binutils 2.28-3 (low; bug #858324)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21157
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a2dea0b20bc66a4c287c3c50002b8c3b3e9d953a
-CVE-2017-7209
+CVE-2017-7209 (The dump_section_as_bytes function in readelf in GNU Binutils 2.28 acc ...)
 	- binutils 2.28-3 (low; bug #858323)
 	[jessie] - binutils <not-affected> (Vulnerable code introduced later)
 	[wheezy] - binutils <not-affected> (Vulnerable code introduced later)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21135
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f055032e4e922f1e1a5e11026c7c2669fa2a7d19
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1835f746a7c7fff70a2cc03a051b14fdc6b3f73f
-CVE-2017-7208
+CVE-2017-7208 (The decode_residual function in libavcodec in libav 9.21 allows remote ...)
 	{DSA-4012-1 DLA-1142-1}
 	- libav <removed> (low)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1000
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=522d850e68ec4b77d3477b3c8f55b1ba00a9d69a
-CVE-2017-7207
+CVE-2017-7207 (The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscr ...)
 	{DSA-3838-1 DLA-1048-1}
 	- ghostscript 9.20~dfsg-3 (bug #858350)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=309eca4e0a31ea70dcc844812691439312dad091
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697676
-CVE-2017-7206
+CVE-2017-7206 (The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows  ...)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	- ffmpeg <not-affected> (bug #872517; Previous patches mitigated the issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1002
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=83b2b34d06e74cc8775ba3d833f9782505e17539
-CVE-2017-7205
+CVE-2017-7205 (A Cross-Site Scripting (XSS) was discovered in GamePanelX-V3 3.0.12. T ...)
 	NOT-FOR-US: GamePanelX-V3
-CVE-2017-7204
+CVE-2017-7204 (A Cross-Site Scripting (XSS) was discovered in imdbphp 5.1.1. The vuln ...)
 	NOT-FOR-US: imdbphp
-CVE-2017-7203
+CVE-2017-7203 (A Cross-Site Scripting (XSS) was discovered in ZoneMinder before 1.30. ...)
 	- zoneminder 1.30.4+dfsg-1 (bug #858329)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
 	NOTE: https://github.com/ZoneMinder/ZoneMinder/issues/1797
 	NOTE: Fixed in 1.30.2 upstream.
-CVE-2017-7202
+CVE-2017-7202 (Multiple Cross-Site Scripting (XSS) were discovered in SLiMS 7 Cendana ...)
 	NOT-FOR-US: SLiMS
 CVE-2017-7201
 	RESERVED
-CVE-2017-7199
+CVE-2017-7199 (Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions  ...)
 	NOT-FOR-US: Nessus
-CVE-2017-7200
+CVE-2017-7200 (An SSRF issue was discovered in OpenStack Glance before Newton. The 'c ...)
 	- glance 2:13.0.0-1
 	[jessie] - glance <no-dsa> (Minor issue, too intrusive to backport)
 	[wheezy] - glance <end-of-life> (Not supported in Wheezy LTS)
@@ -32974,39 +32974,39 @@ CVE-2017-7194
 	RESERVED
 CVE-2017-7193
 	RESERVED
-CVE-2017-7192
+CVE-2017-7192 (WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypas ...)
 	NOT-FOR-US: Starscream
 CVE-2017-7190
 	RESERVED
 CVE-2017-7189
 	RESERVED
-CVE-2017-7188
+CVE-2017-7188 (Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack with a b ...)
 	NOT-FOR-US: Zurmo
-CVE-2017-7187
+CVE-2017-7187 (The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through ...)
 	- linux 4.9.18-1
 	[jessie] - linux <not-affected> (Introduced in 3.17)
 	[wheezy] - linux <not-affected> (Introduced in 3.17)
 	NOTE: Fixed by: https://git.kernel.org/linus/bf33f87dd04c371ea33feb821b60d63d754e3124 (4.11-rc5)
 	NOTE: Introduced by: https://git.kernel.org/linus/65c26a0f39695ba01d9693754f27ca76cc8a3ab5 (3.17-rc1)
-CVE-2017-7185
+CVE-2017-7185 (Use-after-free vulnerability in the mg_http_multipart_wait_for_boundar ...)
 	NOT-FOR-US: Mongoose
-CVE-2017-7183
+CVE-2017-7183 (The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers ...)
 	NOT-FOR-US: ExtraPuTTY
 CVE-2017-7182
 	RESERVED
 CVE-2017-7181
 	RESERVED
-CVE-2017-7180
+CVE-2017-7180 (Net Monitor for Employees Pro through 5.3.4 has an unquoted service pa ...)
 	NOT-FOR-US: Net Monitor for Employees Pro
 CVE-2017-7179
 	RESERVED
-CVE-2017-7184
+CVE-2017-7184 (The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Lin ...)
 	{DLA-922-1}
 	- linux 4.9.18-1 (low)
 	[jessie] - linux 3.16.43-1
 	NOTE: Unprivileged user namespaces are disabled in Debian, this only affects
 	NOTE: non-standard setups
-CVE-2017-7186
+CVE-2017-7186 (libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attacke ...)
 	- pcre3 2:8.39-3 (bug #858230)
 	[jessie] - pcre3 <no-dsa> (Minor issue; 32bit character support not enabled)
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
@@ -33016,11 +33016,11 @@ CVE-2017-7186
 	NOTE: https://vcs.pcre.org/pcre/code/trunk/pcre_ucd.c?r1=1490&r2=1688&sortby=date (for pcre3)
 	NOTE: https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_ucd.c?r1=316&r2=670&sortby=date (for pcre2)
 	NOTE: https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_internal.h?r1=600&r2=670&sortby=date (for pcre2)
-CVE-2017-7178
+CVE-2017-7178 (CSRF was discovered in the web UI in Deluge before 1.3.14. The exploit ...)
 	{DSA-3856-1 DLA-863-1}
 	- deluge 1.3.13+git20161130.48cedf63-2 (bug #857903)
 	NOTE: http://git.deluge-torrent.org/deluge/commit/?h=1.3-stable&id=318ab179865e0707d7945edc3a13a464a108d583
-CVE-2017-9149
+CVE-2017-9149 (Metadata Anonymisation Toolkit (MAT) 0.6 and 0.6.1 silently fails to p ...)
 	- mat 0.6.1-4 (bug #858058)
 	[jessie] - mat <not-affected> (Vulnerable code not present)
 	[wheezy] - mat <not-affected> (Vulnerable code not present)
@@ -33030,552 +33030,552 @@ CVE-2017-9149
 	NOTE: Introduced by: https://0xacab.org/mat/mat/commit/0d1fe2555e90db35eeb531a1b6026ff64f1f5ae5
 CVE-2017-7176
 	REJECTED
-CVE-2017-7175
+CVE-2017-7175 (NfSen before 1.3.8 allows remote attackers to execute arbitrary OS com ...)
 	NOT-FOR-US: NfSen
-CVE-2017-7174
+CVE-2017-7174 (The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 a ...)
 	NOT-FOR-US: Chef Manage
-CVE-2017-7173
+CVE-2017-7173 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7172
+CVE-2017-7172 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7171
+CVE-2017-7171 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7170
+CVE-2017-7170 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
 CVE-2017-7169
 	RESERVED
 CVE-2017-7168
 	RESERVED
-CVE-2017-7167
+CVE-2017-7167 (An issue was discovered in certain Apple products. Xcode before 9.2 is ...)
 	NOT-FOR-US: Apple
 CVE-2017-7166
 	RESERVED
-CVE-2017-7165
+CVE-2017-7165 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2017-7164
+CVE-2017-7164 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7163
+CVE-2017-7163 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Intel Graphics Driver on Apple / macOS
-CVE-2017-7162
+CVE-2017-7162 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7161
+CVE-2017-7161 (An issue was discovered in certain Apple products. Safari before 11.0. ...)
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2017-7160
+CVE-2017-7160 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2017-7159
+CVE-2017-7159 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7158
+CVE-2017-7158 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7157
+CVE-2017-7157 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0010.html
 	NOTE: Not covered by security support
-CVE-2017-7156
+CVE-2017-7156 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	- webkit2gtk 2.18.4-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0010.html
 	NOTE: Not covered by security support
-CVE-2017-7155
+CVE-2017-7155 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Intel Graphics Driver on Apple / macOS
-CVE-2017-7154
+CVE-2017-7154 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7153
+CVE-2017-7153 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2017-7152
+CVE-2017-7152 (An issue was discovered in certain Apple products. iOS before 11.2 is  ...)
 	NOT-FOR-US: Apple
 CVE-2017-7151
 	RESERVED
-CVE-2017-7150
+CVE-2017-7150 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7149
+CVE-2017-7149 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7148
+CVE-2017-7148 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7147
+CVE-2017-7147 (An issue was discovered in certain Apple products. The Apple Support a ...)
 	NOT-FOR-US: Apple
-CVE-2017-7146
+CVE-2017-7146 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7145
+CVE-2017-7145 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7144
+CVE-2017-7144 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7143
+CVE-2017-7143 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7142
+CVE-2017-7142 (An issue was discovered in certain Apple products. Safari before 11 is ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7141
+CVE-2017-7141 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7140
+CVE-2017-7140 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7139
+CVE-2017-7139 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7138
+CVE-2017-7138 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7137
+CVE-2017-7137 (An issue was discovered in certain Apple products. Xcode before 9 is a ...)
 	NOT-FOR-US: Apple
-CVE-2017-7136
+CVE-2017-7136 (An issue was discovered in certain Apple products. Xcode before 9 is a ...)
 	NOT-FOR-US: Apple
-CVE-2017-7135
+CVE-2017-7135 (An issue was discovered in certain Apple products. Xcode before 9 is a ...)
 	NOT-FOR-US: Apple
-CVE-2017-7134
+CVE-2017-7134 (An issue was discovered in certain Apple products. Xcode before 9 is a ...)
 	NOT-FOR-US: Apple
-CVE-2017-7133
+CVE-2017-7133 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7132
+CVE-2017-7132 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7131
+CVE-2017-7131 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7130
+CVE-2017-7130 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Potentially src:sqlite, but Apple doesn't play by the rules
-CVE-2017-7129
+CVE-2017-7129 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Potentially src:sqlite, but Apple doesn't play by the rules
-CVE-2017-7128
+CVE-2017-7128 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Potentially src:sqlite, but Apple doesn't play by the rules
-CVE-2017-7127
+CVE-2017-7127 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Potentially src:sqlite, but Apple doesn't play by the rules
-CVE-2017-7126
+CVE-2017-7126 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-7125
+CVE-2017-7125 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-7124
+CVE-2017-7124 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-7123
+CVE-2017-7123 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-7122
+CVE-2017-7122 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-7121
+CVE-2017-7121 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Potentially src:file, but Apple doesn't play by the rules
-CVE-2017-7120
+CVE-2017-7120 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7119
+CVE-2017-7119 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7118
+CVE-2017-7118 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7117
+CVE-2017-7117 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7116
+CVE-2017-7116 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7115
+CVE-2017-7115 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7114
+CVE-2017-7114 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7113
+CVE-2017-7113 (An issue was discovered in certain Apple products. iOS before 11.1 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7112
+CVE-2017-7112 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7111
+CVE-2017-7111 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7110
+CVE-2017-7110 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7109
+CVE-2017-7109 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7108
+CVE-2017-7108 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7107
+CVE-2017-7107 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7106
+CVE-2017-7106 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7105
+CVE-2017-7105 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7104
+CVE-2017-7104 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7103
+CVE-2017-7103 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7102
+CVE-2017-7102 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
 CVE-2017-7101
 	RESERVED
-CVE-2017-7100
+CVE-2017-7100 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7099
+CVE-2017-7099 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7098
+CVE-2017-7098 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7097
+CVE-2017-7097 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7096
+CVE-2017-7096 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7095
+CVE-2017-7095 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7094
+CVE-2017-7094 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7093
+CVE-2017-7093 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7092
+CVE-2017-7092 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7091
+CVE-2017-7091 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7090
+CVE-2017-7090 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7089
+CVE-2017-7089 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7088
+CVE-2017-7088 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7087
+CVE-2017-7087 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7086
+CVE-2017-7086 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7085
+CVE-2017-7085 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7084
+CVE-2017-7084 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7083
+CVE-2017-7083 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7082
+CVE-2017-7082 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7081
+CVE-2017-7081 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	- webkit2gtk 2.18.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0008.html
 	NOTE: Not covered by security support
-CVE-2017-7080
+CVE-2017-7080 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7079
+CVE-2017-7079 (An issue was discovered in certain Apple products. iTunes before 12.7  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7078
+CVE-2017-7078 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7077
+CVE-2017-7077 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7076
+CVE-2017-7076 (An issue was discovered in certain Apple products. Xcode before 9 is a ...)
 	NOT-FOR-US: Apple
-CVE-2017-7075
+CVE-2017-7075 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7074
+CVE-2017-7074 (An issue was discovered in certain Apple products. macOS before 10.13  ...)
 	NOT-FOR-US: Apple
 CVE-2017-7073
 	RESERVED
-CVE-2017-7072
+CVE-2017-7072 (An issue was discovered in certain Apple products. iOS before 11 is af ...)
 	NOT-FOR-US: Apple
-CVE-2017-7071
+CVE-2017-7071 (An issue was discovered in certain Apple products. Safari before 10.1  ...)
 	NOT-FOR-US: Apple
-CVE-2017-7070
+CVE-2017-7070 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7069
+CVE-2017-7069 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7068
+CVE-2017-7068 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple / libarchive
 	NOTE: Possibly Apple-specific, but noone really knows and Apple doesn't cooperate
-CVE-2017-7067
+CVE-2017-7067 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7066
+CVE-2017-7066 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7065
+CVE-2017-7065 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-7064
+CVE-2017-7064 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7063
+CVE-2017-7063 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7062
+CVE-2017-7062 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7061
+CVE-2017-7061 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: Not covered by security support
-CVE-2017-7060
+CVE-2017-7060 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7059
+CVE-2017-7059 (A DOMParser XSS issue was discovered in certain Apple products. iOS be ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-7058
+CVE-2017-7058 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
 CVE-2017-7057
 	RESERVED
-CVE-2017-7056
+CVE-2017-7056 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: Not covered by security support
-CVE-2017-7055
+CVE-2017-7055 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7054
+CVE-2017-7054 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7053
+CVE-2017-7053 (An issue was discovered in certain Apple products. iTunes before 12.6. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7052
+CVE-2017-7052 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.4-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7051
+CVE-2017-7051 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7050
+CVE-2017-7050 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7049
+CVE-2017-7049 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7048
+CVE-2017-7048 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7047
+CVE-2017-7047 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7046
+CVE-2017-7046 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7045
+CVE-2017-7045 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7044
+CVE-2017-7044 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7043
+CVE-2017-7043 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7042
+CVE-2017-7042 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7041
+CVE-2017-7041 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7040
+CVE-2017-7040 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7039
+CVE-2017-7039 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7038
+CVE-2017-7038 (A DOMParser XSS issue was discovered in certain Apple products. iOS be ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7037
+CVE-2017-7037 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7036
+CVE-2017-7036 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7035
+CVE-2017-7035 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7034
+CVE-2017-7034 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7033
+CVE-2017-7033 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7032
+CVE-2017-7032 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7031
+CVE-2017-7031 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7030
+CVE-2017-7030 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7029
+CVE-2017-7029 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7028
+CVE-2017-7028 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7027
+CVE-2017-7027 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7026
+CVE-2017-7026 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7025
+CVE-2017-7025 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7024
+CVE-2017-7024 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7023
+CVE-2017-7023 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7022
+CVE-2017-7022 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7021
+CVE-2017-7021 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7020
+CVE-2017-7020 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7019
+CVE-2017-7019 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7018
+CVE-2017-7018 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7017
+CVE-2017-7017 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7016
+CVE-2017-7016 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7015
+CVE-2017-7015 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7014
+CVE-2017-7014 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-7013
+CVE-2017-7013 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
-CVE-2017-7012
+CVE-2017-7012 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7011
+CVE-2017-7011 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7010
+CVE-2017-7010 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Possibly Apple-specific CVE ID for libxml2
-CVE-2017-7009
+CVE-2017-7009 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7008
+CVE-2017-7008 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7007
+CVE-2017-7007 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7006
+CVE-2017-7006 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2017-0006.html
 	NOTE: Not covered by security support
-CVE-2017-7005
+CVE-2017-7005 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7004
+CVE-2017-7004 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7003
+CVE-2017-7003 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-7002
+CVE-2017-7002 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Potentially src:sqlite, but Apple doesn't play by the rules
-CVE-2017-7001
+CVE-2017-7001 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Potentially src:sqlite, but Apple doesn't play by the rules
-CVE-2017-7000
+CVE-2017-7000 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-6999
+CVE-2017-6999 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-6998
+CVE-2017-6998 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-6997
+CVE-2017-6997 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-6996
+CVE-2017-6996 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-6995
+CVE-2017-6995 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-6994
+CVE-2017-6994 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
 CVE-2017-6993
 	RESERVED
 CVE-2017-6992
 	RESERVED
-CVE-2017-6991
+CVE-2017-6991 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOTE: Unspecified sqlite issue found by Apple, no further details available
-CVE-2017-6990
+CVE-2017-6990 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-6989
+CVE-2017-6989 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-6988
+CVE-2017-6988 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-6987
+CVE-2017-6987 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-6986
+CVE-2017-6986 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-6985
+CVE-2017-6985 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-6984
+CVE-2017-6984 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-6983
+CVE-2017-6983 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOTE: Unspecified sqlite issue found by Apple, no further details available
-CVE-2017-6982
+CVE-2017-6982 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-6981
+CVE-2017-6981 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-6980
+CVE-2017-6980 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-6979
+CVE-2017-6979 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-6978
+CVE-2017-6978 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-6977
+CVE-2017-6977 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-6976
+CVE-2017-6976 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-6975
+CVE-2017-6975 (Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack  ...)
 	NOT-FOR-US: Applie
-CVE-2017-6974
+CVE-2017-6974 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-6973
+CVE-2017-6973 (A cross-site scripting (XSS) vulnerability in the MantisBT Configurati ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/30/4
-CVE-2017-6972
+CVE-2017-6972 (AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an e ...)
 	NOT-FOR-US: AlienVault
-CVE-2017-6971
+CVE-2017-6971 (AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow rem ...)
 	NOT-FOR-US: AlienVault
-CVE-2017-6970
+CVE-2017-6970 (AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow loc ...)
 	NOT-FOR-US: AlienVault
-CVE-2017-6968
+CVE-2017-6968 (GMV Checker ATM Security prior to 5.0.18 allows remote authenticated u ...)
 	NOT-FOR-US: GMV Checker ATM Security
-CVE-2017-6969
+CVE-2017-6969 (readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over ...)
 	- binutils 2.28-3 (bug #858256)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21156
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b814a36d3440de95f2ac6eaa4fc7935c322ea456
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=43a444f9c5bfd44b4304eafd78338e21d54bea14
-CVE-2017-6967
+CVE-2017-6967 (xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect ...)
 	{DLA-872-1}
 	[experimental] - xrdp 0.9.2~20170325-1~exp1
 	- xrdp 0.9.1-9 (bug #858143)
@@ -33586,64 +33586,64 @@ CVE-2017-6967
 	NOTE: Followed by: https://github.com/neutrinolabs/xrdp/pull/696
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/18/1
 	NOTE: https://github.com/neutrinolabs/xrdp/pull/696/commits/44129acd210c803fc8bbcfaf1b0db05e5bb4034f
-CVE-2017-6966
+CVE-2017-6966 (readelf in GNU Binutils 2.28 has a use-after-free (specifically read-a ...)
 	- binutils 2.28-3 (bug #858263)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21139
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f84ce13b6708801ca1d6289b7c4003e2f5a6d7f9
-CVE-2017-6965
+CVE-2017-6965 (readelf in GNU Binutils 2.28 writes to illegal addresses while process ...)
 	- binutils 2.28-3 (bug #858264)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21137
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=03f7786e2f440b9892b1c34a58fb26222ce1b493
-CVE-2017-6964
+CVE-2017-6964 (dmcrypt-get-device, as shipped in the eject package of Debian and Ubun ...)
 	{DSA-3823-1 DLA-876-1}
 	- eject 2.1.5+deb1+cvs20081104-13.2 (bug #858872)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/eject/+bug/1673627
 CVE-2017-6963
 	RESERVED
-CVE-2017-6962
+CVE-2017-6962 (An issue was discovered in apng2gif 1.7. There is an integer overflow  ...)
 	- apng2gif 1.8-0.1 (bug #854447)
 	[stretch] - apng2gif <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring)
 	[wheezy] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring)
-CVE-2017-6961
+CVE-2017-6961 (An issue was discovered in apng2gif 1.7. There is improper sanitizatio ...)
 	- apng2gif 1.8-0.1 (bug #854441)
 	[stretch] - apng2gif <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring)
 	[wheezy] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring)
-CVE-2017-6960
+CVE-2017-6960 (An issue was discovered in apng2gif 1.7. There is an integer overflow  ...)
 	{DLA-981-1}
 	- apng2gif 1.8-0.1 (bug #854367)
 	[stretch] - apng2gif <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - apng2gif <no-dsa> (Minor issue; can be fixed via point release)
 CVE-2017-6959
 	REJECTED
-CVE-2017-6958
+CVE-2017-6958 (An XSS vulnerability in the MantisBT Source Integration Plugin (before ...)
 	NOT-FOR-US: MantisBT Source Integration Plugin
-CVE-2017-6957
+CVE-2017-6957 (Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC  ...)
 	NOT-FOR-US: Firmware on some Broadcom SoCs
-CVE-2017-6956
+CVE-2017-6956 (On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer ov ...)
 	NOT-FOR-US: Firmware on some Broadcom SoCs
-CVE-2017-6955
+CVE-2017-6955 (An issue was discovered in by-email/by-email.php in the Invite Anyone  ...)
 	NOT-FOR-US: wordpress Anyone plugin
-CVE-2017-6954
+CVE-2017-6954 (An issue was discovered in includes/component.php in the BuddyPress Do ...)
 	NOT-FOR-US: wordpress buddypress docs plugin
-CVE-2017-6953
+CVE-2017-6953 (Gemalto SmartDiag Diagnosis Tool v2.5 has a stack-based Buffer Overflo ...)
 	NOT-FOR-US: Gemalto SmartDiag Diagnosis Tool
-CVE-2017-6952
+CVE-2017-6952 (Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c ...)
 	- capstone <not-affected> (Vulnerable code not present, in Windows specific distribution)
 CVE-2017-9999
 	REJECTED
-CVE-2017-6951
+CVE-2017-6951 (The keyring_search_aux function in security/keys/keyring.c in the Linu ...)
 	{DLA-922-1}
 	- linux 4.0.2-1
 	[jessie] - linux 3.16.43-1
-CVE-2017-6950
+CVE-2017-6950 (SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended sec ...)
 	NOT-FOR-US: SAP
-CVE-2017-6949
+CVE-2017-6949 (An issue was discovered in CHICKEN Scheme through 4.12.0. When using a ...)
 	{DLA-908-1}
 	- chicken 4.12.0-0.2 (bug #858057)
 	[stretch] - chicken <no-dsa> (Minor issue)
@@ -33681,66 +33681,66 @@ CVE-2017-6934
 	RESERVED
 CVE-2017-6933
 	RESERVED
-CVE-2017-6931
+CVE-2017-6931 (In Drupal versions 8.4.x versions before 8.4.5 the Settings Tray modul ...)
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-6930
+CVE-2017-6930 (In Drupal versions 8.4.x versions before 8.4.5 when using node access  ...)
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-6926
+CVE-2017-6926 (In Drupal versions 8.4.x versions before 8.4.5 users with permission t ...)
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/sa-core-2018-001
-CVE-2017-6925
+CVE-2017-6925 (In versions of Drupal 8 core prior to 8.3.7; There is a vulnerability  ...)
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-CORE-2017-004
-CVE-2017-6924
+CVE-2017-6924 (In Drupal 8 prior to 8.3.7; When using the REST API, users without the ...)
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-CORE-2017-004
-CVE-2017-6923
+CVE-2017-6923 (In Drupal 8.x prior to 8.3.7 When creating a view, you can optionally  ...)
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-CORE-2017-004
-CVE-2017-6922
+CVE-2017-6922 (In Drupal core 8.x prior to 8.3.4 and Drupal core 7.x prior to 7.56; P ...)
 	{DSA-3897-1 DLA-1004-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.56-1 (bug #865498)
 	NOTE: https://www.drupal.org/SA-CORE-2017-003
 	NOTE: http://cgit.drupalcode.org/drupal/diff/?h=7.x&id=600c1346ed976e6f35fc2b0f907a7837f0f7c145&id2=9eebe462d1e93e785e6c028dc6cf689623c4d936
-CVE-2017-6921
+CVE-2017-6921 (In Drupal 8 prior to 8.3.4; The file REST resource does not properly v ...)
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-CORE-2017-003
-CVE-2017-6920
+CVE-2017-6920 (Drupal core 8 before versions 8.3.4 allows remote attackers to execute ...)
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-CORE-2017-003
-CVE-2017-6919
+CVE-2017-6919 (Drupal 8 before 8.2.8 and 8.3 before 8.3.1 allows critical access bypa ...)
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-CORE-2017-002
-CVE-2017-6918
+CVE-2017-6918 (CSRF exists in BigTree CMS 4.2.16 with the value[#][*] parameter to th ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-6917
+CVE-2017-6917 (CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admi ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-6916
+CVE-2017-6916 (CSRF exists in BigTree CMS 4.1.18 with the nav-social[#] parameter to  ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-6915
+CVE-2017-6915 (CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the a ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-6914
+CVE-2017-6914 (CSRF exists in BigTree CMS 4.1.18 and 4.2.16 with the id parameter to  ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2017-6913
+CVE-2017-6913 (Cross-site scripting (XSS) vulnerability in the Open-Xchange webmail b ...)
 	NOT-FOR-US: Open-Xchange
 CVE-2017-6912
 	RESERVED
-CVE-2017-6911
+CVE-2017-6911 (USB Pratirodh is prone to sensitive information disclosure. It stores  ...)
 	NOT-FOR-US: USB Pratirodh
-CVE-2017-6910
+CVE-2017-6910 (The HTTP and WebSocket engine components in the server in Kaazing Gate ...)
 	NOT-FOR-US: Kaazing Gateway
-CVE-2017-6909
+CVE-2017-6909 (An issue was discovered in Shimmie &lt;= 2.5.1. The vulnerability exis ...)
 	NOT-FOR-US: Shimmie
-CVE-2017-6908
+CVE-2017-6908 (An issue was discovered in concrete5 &lt;= 5.6.3.4. The vulnerability  ...)
 	NOT-FOR-US: concrete5
-CVE-2017-6907
+CVE-2017-6907 (An issue was discovered in Open.GL before 2017-03-13. The vulnerabilit ...)
 	NOT-FOR-US: Open.GL
-CVE-2017-6906
+CVE-2017-6906 (An issue was discovered in SiberianCMS before 4.10.0.  The vulnerabili ...)
 	NOT-FOR-US: SiberianCMS
-CVE-2017-6905
+CVE-2017-6905 (An issue was discovered in concrete5 &lt;= 5.6.3.4. The vulnerability  ...)
 	NOT-FOR-US: concrete5
 CVE-2017-6904
 	RESERVED
@@ -33750,108 +33750,108 @@ CVE-2017-6901
 	RESERVED
 CVE-2017-6900
 	RESERVED
-CVE-2017-6899
+CVE-2017-6899 (The msm_bus_dbg_update_request_write function in drivers/platform/msm/ ...)
 	NOT-FOR-US: android_kernel_huawei_msm8916 in LineageOS (and other kernels for MSM devices)
 CVE-2017-6898
 	RESERVED
 CVE-2017-6897
 	RESERVED
-CVE-2017-6896
+CVE-2017-6896 (Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.02 wi ...)
 	NOT-FOR-US: DIGISOL DG-HR1400 1.00.02 wireless router
-CVE-2017-6895
+CVE-2017-6895 (USB Pratirodh allows remote attackers to conduct XML External Entity ( ...)
 	NOT-FOR-US: USB Pratirodh
 CVE-2017-6894
 	RESERVED
 CVE-2017-6893
 	RESERVED
-CVE-2017-6892
+CVE-2017-6892 (In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" fu ...)
 	{DLA-985-1}
 	- libsndfile 1.0.28-1 (bug #864704)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	[jessie] - libsndfile <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748
-CVE-2017-6891
+CVE-2017-6891 (Two errors in the "asn1_find_node()" function (lib/parser_aux.c) withi ...)
 	{DSA-3861-1 DLA-950-1}
 	- libtasn1-6 4.10-1.1 (bug #863186)
 	- libtasn1-3 <removed>
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/
 	NOTE: https://gitlab.com/gnutls/libtasn1/commit/5520704d075802df25ce4ffccc010ba1641bd484
-CVE-2017-6890
+CVE-2017-6890 (A boundary error within the "foveon_load_camf()" function (dcraw_foveo ...)
 	NOT-FOR-US: libraw demosaic extension (not packaged in Debian)
-CVE-2017-6889
+CVE-2017-6889 (An integer overflow error within the "foveon_load_camf()" function (dc ...)
 	NOT-FOR-US: libraw demosaic extension (not packaged in Debian)
-CVE-2017-6888
+CVE-2017-6888 (An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC ...)
 	- flac 1.3.2-2 (low; bug #897015)
 	[stretch] - flac <no-dsa> (Minor issue)
 	[jessie] - flac <no-dsa> (Minor issue)
 	[wheezy] - flac <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-7/
 	NOTE: https://git.xiph.org/?p=flac.git;a=commit;h=4f47b63e9c971e6391590caf00a0f2a5ed612e67
-CVE-2017-6887
+CVE-2017-6887 (A boundary error within the "parse_tiff_ifd()" function (internal/dcra ...)
 	{DSA-3950-1 DLA-1057-1}
 	- libraw 0.18.2-2 (bug #864183)
 	NOTE: https://github.com/LibRaw/LibRaw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251
-CVE-2017-6886
+CVE-2017-6886 (An error within the "parse_tiff_ifd()" function (internal/dcraw_common ...)
 	{DSA-3950-1 DLA-1057-1}
 	- libraw 0.18.2-2 (bug #864183)
 	NOTE: https://github.com/LibRaw/LibRaw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251
-CVE-2017-6885
+CVE-2017-6885 (An error when handling certain external commands and services related  ...)
 	NOT-FOR-US: FlexNet
-CVE-2017-6903
+CVE-2017-6903 (In ioquake3 before 2017-03-14, the auto-downloading feature has insuff ...)
 	{DSA-3812-1}
 	- ioquake3 1.36+u20161101+dfsg1-2 (bug #857699)
 	[wheezy] - ioquake3 <end-of-life> (Not supported in Wheezy LTS)
 	- iortcw 1.50a+dfsg1-3 (bug #857714)
 	NOTE: https://ioquake3.org/2017/03/13/important-security-update-please-update-ioquake3-immediately/
 	NOTE: Also affects openjk (only in experimental; bug #857715)
-CVE-2017-6884
+CVE-2017-6884 (A command injection vulnerability was discovered on the Zyxel EMG2926  ...)
 	NOT-FOR-US: Zyxel
-CVE-2017-6883
+CVE-2017-6883 (The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF be ...)
 	NOT-FOR-US: Foxit
 CVE-2017-6882
 	RESERVED
 CVE-2017-6881
 	RESERVED
-CVE-2017-6880
+CVE-2017-6880 (Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attacker ...)
 	NOT-FOR-US: Cerberus FTP Server
 CVE-2017-6879
 	RESERVED
-CVE-2017-6878
+CVE-2017-6878 (Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remo ...)
 	NOT-FOR-US: MetInfo
-CVE-2017-6877
+CVE-2017-6877 (Cross-site scripting (XSS) vulnerability in SVG file handling in Lutim ...)
 	NOT-FOR-US: Lutim
 CVE-2017-6876
 	RESERVED
 CVE-2017-6875
 	RESERVED
-CVE-2017-6874
+CVE-2017-6874 (Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 a ...)
 	- linux 4.9.16-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/040757f738e13caaa9c5078bca79aa97e11dde88
-CVE-2017-6873
+CVE-2017-6873 (A vulnerability was discovered in Siemens OZW672 (all versions) and OZ ...)
 	NOT-FOR-US: Siemens
-CVE-2017-6872
+CVE-2017-6872 (A vulnerability was discovered in Siemens OZW672 (all versions) and OZ ...)
 	NOT-FOR-US: Siemens
-CVE-2017-6871
+CVE-2017-6871 (A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient fo ...)
 	NOT-FOR-US: Siemens
-CVE-2017-6870
+CVE-2017-6870 (A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient fo ...)
 	NOT-FOR-US: Siemens
-CVE-2017-6869
+CVE-2017-6869 (A vulnerability was discovered in Siemens ViewPort for Web Office Port ...)
 	NOT-FOR-US: Siemens
-CVE-2017-6868
+CVE-2017-6868 (An Improper Authentication issue was discovered in Siemens SIMATIC CP  ...)
 	NOT-FOR-US: Siemens
-CVE-2017-6867
+CVE-2017-6867 (A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before U ...)
 	NOT-FOR-US: Siemens
-CVE-2017-6866
+CVE-2017-6866 (A vulnerability was discovered in Siemens XHQ server 4 and 5 (4 before ...)
 	NOT-FOR-US: Siemens
-CVE-2017-6865
+CVE-2017-6865 (A vulnerability has been identified in Primary Setup Tool (PST) (All v ...)
 	NOT-FOR-US: Siemens
-CVE-2017-6864
+CVE-2017-6864 (The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at ...)
 	NOT-FOR-US: Siemens
 CVE-2017-6863
 	RESERVED
-CVE-2017-6862
+CVE-2017-6862 (NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1. ...)
 	NOT-FOR-US: NETGEAR
 CVE-2017-6861
 	RESERVED
@@ -33871,83 +33871,83 @@ CVE-2017-6854
 	RESERVED
 CVE-2017-6853
 	RESERVED
-CVE-2017-6839
+CVE-2017-6839 (Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka aud ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
 	NOTE: https://github.com/mpruett/audiofile/issues/41
 	NOTE: https://github.com/antlarr/audiofile/commit/beacc44eb8cdf6d58717ec1a5103c5141f1b37f9
-CVE-2017-6838
+CVE-2017-6838 (Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka  ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
 	NOTE: https://github.com/mpruett/audiofile/issues/41
 	NOTE: https://github.com/antlarr/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c
 	NOTE: https://github.com/antlarr/audiofile/commit/ce536d707b8e2a26baca77320398c45238224ca7
-CVE-2017-6837
+CVE-2017-6837 (WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote att ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
 	NOTE: https://github.com/mpruett/audiofile/issues/41
 	NOTE: https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
-CVE-2017-6836
+CVE-2017-6836 (Heap-based buffer overflow in the Expand3To4Module::run function in li ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-expand3to4modulerun-simplemodule-h
 	NOTE: https://github.com/mpruett/audiofile/issues/40
 	NOTE: https://github.com/mpruett/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c
 	NOTE: https://github.com/antlarr/audiofile/commit/ce536d707b8e2a26baca77320398c45238224ca7
-CVE-2017-6835
+CVE-2017-6835 (The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio Fi ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecreset1-blockcodec-cpp
 	NOTE: https://github.com/mpruett/audiofile/issues/39
 	NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
-CVE-2017-6834
+CVE-2017-6834 (Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp
 	NOTE: https://github.com/mpruett/audiofile/issues/38
 	NOTE: https://github.com/mpruett/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c
 	NOTE: https://github.com/antlarr/audiofile/commit/ce536d707b8e2a26baca77320398c45238224ca7
-CVE-2017-6833
+CVE-2017-6833 (The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio F ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecrunpull-blockcodec-cpp
 	NOTE: https://github.com/mpruett/audiofile/issues/37
 	NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
-CVE-2017-6832
+CVE-2017-6832 (Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio  ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcmdecodeblock-msadpcm-cpp
 	NOTE: https://github.com/mpruett/audiofile/issues/36
 	NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
-CVE-2017-6831
+CVE-2017-6831 (Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp  ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp
 	NOTE: https://github.com/mpruett/audiofile/issues/35
 	NOTE: https://github.com/antlarr/audiofile/commit/a2e9eab8ea87c4ffc494d839ebb4ea145eb9f2e6
-CVE-2017-6830
+CVE-2017-6830 (Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp
 	NOTE: https://github.com/mpruett/audiofile/issues/34
 	NOTE: https://github.com/mpruett/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c
 	NOTE: https://github.com/antlarr/audiofile/commit/ce536d707b8e2a26baca77320398c45238224ca7
-CVE-2017-6829
+CVE-2017-6829 (The decodeSample function in IMA.cpp in Audio File Library (aka audiof ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://github.com/mpruett/audiofile/issues/33
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp
 	NOTE: https://github.com/mpruett/audiofile/pull/43/commits/25eb00ce913452c2e614548d7df93070bf0d066f
-CVE-2017-6828
+CVE-2017-6828 (Heap-based buffer overflow in the readValue function in FileHandle.cpp ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://github.com/mpruett/audiofile/issues/31
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-readvalue-filehandle-cpp
 	NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
-CVE-2017-6827
+CVE-2017-6827 (Heap-based buffer overflow in the MSADPCM::initializeCoefficients func ...)
 	{DSA-3814-1 DLA-867-1}
 	- audiofile 0.3.6-4 (bug #857651)
 	NOTE: https://github.com/mpruett/audiofile/issues/32
@@ -33957,7 +33957,7 @@ CVE-2017-XXXX [Server certificates are not verified]
 	- profanity 0.5.1-1 (bug #857546)
 	[jessie] - profanity <no-dsa> (Minor issue)
 	NOTE: https://github.com/boothj5/profanity/issues/280
-CVE-2017-7191
+CVE-2017-7191 (The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to c ...)
 	- irssi 1.0.2-1 (bug #857502)
 	[jessie] - irssi <not-affected> (Different code path caused the netjoins to be flushed prior reaching use-after-free condition)
 	[wheezy] - irssi <not-affected> (Different code path caused the netjoins to be flushed prior reaching use-after-free condition)
@@ -33969,469 +33969,469 @@ CVE-2017-6825
 	RESERVED
 CVE-2017-6824
 	RESERVED
-CVE-2017-6823
+CVE-2017-6823 (Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges  ...)
 	NOT-FOR-US: Fiyo CMS
 CVE-2017-6822
 	RESERVED
-CVE-2017-6821
+CVE-2017-6821 (Directory traversal vulnerability in Zimbra Collaboration Suite (aka Z ...)
 	NOT-FOR-US: Zimbra
-CVE-2017-6820
+CVE-2017-6820 (rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is su ...)
 	{DLA-855-1}
 	- roundcube 1.2.3+dfsg.1-3 (bug #857473)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/fa2824fdcd44af3f970b2797feb47652482c8305
 	NOTE: https://github.com/roundcube/roundcubemail/commit/cbd35626f7db7855f3b5e2db00d28ecc1554e9f4
 	NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-124
 	NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.1.8
-CVE-2017-6813
+CVE-2017-6813 (A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 fa ...)
 	NOT-FOR-US: Zimbra
-CVE-2017-6812
+CVE-2017-6812 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
 	NOT-FOR-US: MaNGOSWebV4
-CVE-2017-6811
+CVE-2017-6811 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
 	NOT-FOR-US: MaNGOSWebV4
-CVE-2017-6810
+CVE-2017-6810 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
 	NOT-FOR-US: MaNGOSWebV4
-CVE-2017-6809
+CVE-2017-6809 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
 	NOT-FOR-US: MaNGOSWebV4
-CVE-2017-6808
+CVE-2017-6808 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
 	NOT-FOR-US: MaNGOSWebV4
-CVE-2017-6807
+CVE-2017-6807 (mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Tr ...)
 	- libapache2-mod-auth-mellon 0.12.0-2
 	[jessie] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
 CVE-2017-6806
 	RESERVED
-CVE-2017-6805
+CVE-2017-6805 (Directory traversal vulnerability in the TFTP server in MobaXterm Pers ...)
 	NOT-FOR-US: MobaXterm
 CVE-2017-6804
 	REJECTED
-CVE-2017-6803
+CVE-2017-6803 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web  ...)
 	NOT-FOR-US: SolarWinds (formerly Serv-U) FTP Voyager
-CVE-2017-6798
+CVE-2017-6798 (Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulne ...)
 	NOT-FOR-US: Trend Micro Endpoint Sensor
-CVE-2017-6802
+CVE-2017-6802 (An issue was discovered in ytnef before 1.9.2. There is a potential he ...)
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.2-1
 	NOTE: Fixed by: https://github.com/Yeraze/ytnef/commit/22f8346c8d4f0020a40d9f258fdb3bfc097359cc
-CVE-2017-6801
+CVE-2017-6801 (An issue was discovered in ytnef before 1.9.2. There is a potential ou ...)
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.2-1
 	NOTE: Fixed by: https://github.com/Yeraze/ytnef/commit/3cb0f914d6427073f262e1b2b5fd973e3043cdf7
-CVE-2017-6800
+CVE-2017-6800 (An issue was discovered in ytnef before 1.9.2. An invalid memory acces ...)
 	{DSA-3846-1}
 	- libytnef 1.9.2-1
 	[wheezy] - libytnef <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: https://github.com/Yeraze/ytnef/commit/f98f5d4adc1c4bd4033638f6167c1bb95d642f89
-CVE-2017-6799
+CVE-2017-6799 (A cross-site scripting (XSS) vulnerability in view_filters_page.php in ...)
 	- mantis <not-affected> (Vulnerable versions only 2.1.0 through 2.2.0)
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/1677251434b6e8b2be8f1d4376a3e78f7be14d95
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=22497
-CVE-2017-6797
+CVE-2017-6797 (A cross-site scripting (XSS) vulnerability in bug_change_status_page.p ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/a2d90ecabf3bcf3aa22ed9dbbecfd3d37902956f
 	NOTE: https://github.com/mantisbt/mantisbt/commit/c272c3f65da9677e505ff692b1f1e476b3afa56e
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=22486
-CVE-2017-6796
+CVE-2017-6796 (A vulnerability in the USB-modem code of Cisco IOS XE Software running ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6795
+CVE-2017-6795 (A vulnerability in the USB-modem code of Cisco IOS XE Software running ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6794
+CVE-2017-6794 (A vulnerability in the CLI command-parsing code of Cisco Meeting Serve ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6793
+CVE-2017-6793 (A vulnerability in the Inventory Management feature of Cisco Prime Col ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6792
+CVE-2017-6792 (A vulnerability in the batch provisioning feature in Cisco Prime Colla ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6791
+CVE-2017-6791 (A vulnerability in the Trust Verification Service (TVS) of Cisco Unifi ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6790
+CVE-2017-6790 (A vulnerability in the Session Initiation Protocol (SIP) on the Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6789
+CVE-2017-6789 (A vulnerability in the Cisco Unified Intelligence Center web interface ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6788
+CVE-2017-6788 (The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6787
 	RESERVED
-CVE-2017-6786
+CVE-2017-6786 (A vulnerability in Cisco Elastic Services Controller could allow an au ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6785
+CVE-2017-6785 (A vulnerability in configuration modification permissions validation f ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6784
+CVE-2017-6784 (A vulnerability in the web interface of the Cisco RV340, RV345, and RV ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6783
+CVE-2017-6783 (A vulnerability in SNMP polling for the Cisco Web Security Appliance ( ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6782
+CVE-2017-6782 (A vulnerability in the administrative web interface of Cisco Prime Inf ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6781
+CVE-2017-6781 (A vulnerability in the management of shell user accounts for Cisco Pol ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6780
+CVE-2017-6780 (A vulnerability in the TCP throttling process for Cisco IoT Field Netw ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6779
+CVE-2017-6779 (Multiple Cisco products are affected by a vulnerability in local file  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6778
+CVE-2017-6778 (A vulnerability in the Elastic Services Controller (ESC) web interface ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6777
+CVE-2017-6777 (A vulnerability in the ConfD server of the Cisco Elastic Services Cont ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6776
+CVE-2017-6776 (A vulnerability in the web framework of Cisco Elastic Services Control ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6775
+CVE-2017-6775 (A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Service ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6774
+CVE-2017-6774 (A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers r ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6773
+CVE-2017-6773 (A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Service ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6772
+CVE-2017-6772 (A vulnerability in Cisco Elastic Services Controller (ESC) could allow ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6771
+CVE-2017-6771 (A vulnerability in the AutoVNF automation tool of the Cisco Ultra Serv ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6770
+CVE-2017-6770 (Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Softwar ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6769
+CVE-2017-6769 (A vulnerability in the web-based management interface of the Cisco Sec ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6768
+CVE-2017-6768 (A vulnerability in the build procedure for certain executable system f ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6767
+CVE-2017-6767 (A vulnerability in Cisco Application Policy Infrastructure Controller  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6766
+CVE-2017-6766 (A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspe ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6765
+CVE-2017-6765 (A vulnerability in the web-based management interface of Cisco Adaptiv ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6764
+CVE-2017-6764 (A vulnerability in the web-based management interface of Cisco Adaptiv ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6763
+CVE-2017-6763 (A vulnerability in the implementation of the H.264 protocol in Cisco M ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6762
+CVE-2017-6762 (A vulnerability in the web-based management interface of Cisco Jabber  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6761
+CVE-2017-6761 (A vulnerability in the web-based management interface of Cisco Finesse ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6760
 	RESERVED
-CVE-2017-6759
+CVE-2017-6759 (A vulnerability in the UpgradeManager of the Cisco Prime Collaboration ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6758
+CVE-2017-6758 (A vulnerability in the web framework of Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6757
+CVE-2017-6757 (A vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6756
+CVE-2017-6756 (A vulnerability in the Web UI Application of the Cisco Prime Collabora ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6755
+CVE-2017-6755 (A vulnerability in the web portal of the Cisco Prime Collaboration Pro ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6754
+CVE-2017-6754 (A vulnerability in the web-based management interface of the Cisco Sma ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6753
+CVE-2017-6753 (A vulnerability in Cisco WebEx browser extensions for Google Chrome an ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6752
+CVE-2017-6752 (A vulnerability in the web interface of the Cisco Adaptive Security Ap ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6751
+CVE-2017-6751 (A vulnerability in the web proxy functionality of the Cisco Web Securi ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6750
+CVE-2017-6750 (A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA)  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6749
+CVE-2017-6749 (A vulnerability in the web-based management interface of Cisco Web Sec ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6748
+CVE-2017-6748 (A vulnerability in the CLI parser of the Cisco Web Security Appliance  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6747
+CVE-2017-6747 (A vulnerability in the authentication module of Cisco Identity Service ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6746
+CVE-2017-6746 (A vulnerability in the web interface of the Cisco Web Security Applian ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6745
+CVE-2017-6745 (A vulnerability in the cache server within Cisco Videoscape Distributi ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6744
+CVE-2017-6744 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6743
+CVE-2017-6743 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6742
+CVE-2017-6742 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6741
+CVE-2017-6741 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6740
+CVE-2017-6740 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6739
+CVE-2017-6739 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6738
+CVE-2017-6738 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6737
+CVE-2017-6737 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6736
+CVE-2017-6736 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6735
+CVE-2017-6735 (A vulnerability in the backup and restore functionality of Cisco FireS ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6734
+CVE-2017-6734 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6733
+CVE-2017-6733 (A vulnerability in the web-based application interface of the Cisco Id ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6732
+CVE-2017-6732 (A vulnerability in the installation procedure for Cisco Prime Network  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6731
+CVE-2017-6731 (A vulnerability in Multicast Source Discovery Protocol (MSDP) ingress  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6730
+CVE-2017-6730 (A vulnerability in the web-based GUI of Cisco Wide Area Application Se ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6729
+CVE-2017-6729 (A vulnerability in the Border Gateway Protocol (BGP) processing functi ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6728
+CVE-2017-6728 (A vulnerability in the CLI of Cisco IOS XR Software could allow an aut ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6727
+CVE-2017-6727 (A vulnerability in the Server Message Block (SMB) protocol of Cisco Wi ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6726
+CVE-2017-6726 (A vulnerability in the CLI of the Cisco Prime Network Gateway could al ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6725
+CVE-2017-6725 (A vulnerability in the web framework code of Cisco Prime Infrastructur ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6724
+CVE-2017-6724 (A vulnerability in the web framework code of Cisco Prime Infrastructur ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6723
 	RESERVED
-CVE-2017-6722
+CVE-2017-6722 (A vulnerability in the Extensible Messaging and Presence Protocol (XMP ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6721
+CVE-2017-6721 (A vulnerability in the ingress processing of fragmented TCP packets by ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6720
+CVE-2017-6720 (A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Bus ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6719
+CVE-2017-6719 (A vulnerability in the CLI of Cisco IOS XR Software could allow an aut ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6718
+CVE-2017-6718 (A vulnerability in the CLI of Cisco IOS XR Software could allow an aut ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6717
+CVE-2017-6717 (A vulnerability in the web framework of Cisco Firepower Management Cen ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6716
+CVE-2017-6716 (A vulnerability in the web framework code of Cisco Firepower Managemen ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6715
+CVE-2017-6715 (A vulnerability in the web framework of Cisco Firepower Management Cen ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6714
+CVE-2017-6714 (A vulnerability in the AutoIT service of Cisco Ultra Services Framewor ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6713
+CVE-2017-6713 (A vulnerability in the Play Framework of Cisco Elastic Services Contro ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6712
+CVE-2017-6712 (A vulnerability in certain commands of Cisco Elastic Services Controll ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6711
+CVE-2017-6711 (A vulnerability in the Ultra Automation Service (UAS) of the Cisco Ult ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6710
+CVE-2017-6710 (A vulnerability in the Cisco Virtual Network Function (VNF) Element Ma ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6709
+CVE-2017-6709 (A vulnerability in the AutoVNF tool for the Cisco Ultra Services Frame ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6708
+CVE-2017-6708 (A vulnerability in the symbolic link (symlink) creation functionality  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6707
+CVE-2017-6707 (A vulnerability in the CLI command-parsing code of the Cisco StarOS op ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6706
+CVE-2017-6706 (A vulnerability in the logging subsystem of the Cisco Prime Collaborat ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6705
+CVE-2017-6705 (A vulnerability in the filesystem of the Cisco Prime Collaboration Pro ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6704
+CVE-2017-6704 (A vulnerability in the web application in the Cisco Prime Collaboratio ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6703
+CVE-2017-6703 (A vulnerability in the web application in the Cisco Prime Collaboratio ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6702
+CVE-2017-6702 (A vulnerability in the web framework of Cisco SocialMiner could allow  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6701
+CVE-2017-6701 (A vulnerability in the web application interface of the Cisco Identity ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6700
+CVE-2017-6700 (A vulnerability in the web-based management interface of Cisco Prime I ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6699
+CVE-2017-6699 (A vulnerability in the web-based management interface of Cisco Prime I ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6698
+CVE-2017-6698 (A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Pro ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6697
+CVE-2017-6697 (A vulnerability in the web interface of Cisco Elastic Services Control ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6696
+CVE-2017-6696 (A vulnerability in the file system of Cisco Elastic Services Controlle ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6695
+CVE-2017-6695 (A vulnerability in the ConfD server in Cisco Ultra Services Platform c ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6694
+CVE-2017-6694 (A vulnerability in the Virtual Network Function Manager's (VNFM) loggi ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6693
+CVE-2017-6693 (A vulnerability in the ConfD server component of Cisco Elastic Service ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6692
+CVE-2017-6692 (A vulnerability in Cisco Ultra Services Framework Element Manager coul ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6691
+CVE-2017-6691 (A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6690
+CVE-2017-6690 (A vulnerability in the file check operation of Cisco ASR 5000 Series A ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6689
+CVE-2017-6689 (A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6688
+CVE-2017-6688 (A vulnerability in Cisco Elastic Services Controllers could allow an a ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6687
+CVE-2017-6687 (A vulnerability in Cisco Ultra Services Framework Element Manager coul ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6686
+CVE-2017-6686 (A vulnerability in Cisco Ultra Services Framework Element Manager coul ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6685
+CVE-2017-6685 (A vulnerability in Cisco Ultra Services Framework Staging Server could ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6684
+CVE-2017-6684 (A vulnerability in Cisco Elastic Services Controllers could allow an a ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6683
+CVE-2017-6683 (A vulnerability in the esc_listener.py script of Cisco Elastic Service ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6682
+CVE-2017-6682 (A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6681
+CVE-2017-6681 (A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Ser ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6680
+CVE-2017-6680 (A vulnerability in the AutoVNF logging function of Cisco Ultra Service ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6679
+CVE-2017-6679 (The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6678
+CVE-2017-6678 (A vulnerability in the ingress UDP packet processing functionality of  ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6677
 	RESERVED
 CVE-2017-6676
 	RESERVED
-CVE-2017-6675
+CVE-2017-6675 (A vulnerability in the web interface of Cisco Industrial Network Direc ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6674
+CVE-2017-6674 (A vulnerability in the feature-license management functionality of Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6673
+CVE-2017-6673 (A vulnerability in Cisco Firepower Management Center could allow an au ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6672
+CVE-2017-6672 (A vulnerability in certain filtering mechanisms of access control list ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6671
+CVE-2017-6671 (A vulnerability in the email message scanning of Cisco AsyncOS Softwar ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6670
+CVE-2017-6670 (A vulnerability in the web-based GUI of Cisco Unified Communications D ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6669
+CVE-2017-6669 (Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Netw ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6668
+CVE-2017-6668 (Vulnerabilities in the web-based GUI of Cisco Unified Communications D ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6667
+CVE-2017-6667 (A vulnerability in the update process for the dynamic JAR file of the  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6666
+CVE-2017-6666 (A vulnerability in the forwarding component of Cisco IOS XR Software f ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6665
+CVE-2017-6665 (A vulnerability in the Autonomic Networking feature of Cisco IOS Softw ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6664
+CVE-2017-6664 (A vulnerability in the Autonomic Networking feature of Cisco IOS XE So ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6663
+CVE-2017-6663 (A vulnerability in the Autonomic Networking feature of Cisco IOS Softw ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6662
+CVE-2017-6662 (A vulnerability in the web-based user interface of Cisco Prime Infrast ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6661
+CVE-2017-6661 (A vulnerability in the web-based management interface of Cisco Email S ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6660
 	RESERVED
-CVE-2017-6659
+CVE-2017-6659 (A vulnerability in the web-based management interface of Cisco Prime C ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6658
+CVE-2017-6658 (Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread rela ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6657
+CVE-2017-6657 (Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Vali ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6656
+CVE-2017-6656 (A vulnerability in Session Initiation Protocol (SIP) call handling of  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6655
+CVE-2017-6655 (A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol imp ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6654
+CVE-2017-6654 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6653
+CVE-2017-6653 (A vulnerability in the TCP throttling process for the GUI of the Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6652
+CVE-2017-6652 (A vulnerability in the web framework of the Cisco TelePresence IX5000  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6651
+CVE-2017-6651 (A vulnerability in Cisco WebEx Meetings Server could allow unauthentic ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6650
+CVE-2017-6650 (A vulnerability in the Telnet CLI command of Cisco NX-OS System Softwa ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6649
+CVE-2017-6649 (A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6648
+CVE-2017-6648 (A vulnerability in the Session Initiation Protocol (SIP) of the Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6647
+CVE-2017-6647 (A vulnerability in the web interface of Cisco Remote Expert Manager So ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6646
+CVE-2017-6646 (A vulnerability in the web interface of Cisco Remote Expert Manager So ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6645
+CVE-2017-6645 (A vulnerability in the web interface of Cisco Remote Expert Manager So ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6644
+CVE-2017-6644 (A vulnerability in the web interface of Cisco Remote Expert Manager So ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6643
+CVE-2017-6643 (A vulnerability in the web interface of Cisco Remote Expert Manager So ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6642
+CVE-2017-6642 (A vulnerability in the web interface of Cisco Remote Expert Manager So ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6641
+CVE-2017-6641 (A vulnerability in the TCP connection handling functionality of Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6640
+CVE-2017-6640 (A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6639
+CVE-2017-6639 (A vulnerability in the role-based access control (RBAC) functionality  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6638
+CVE-2017-6638 (A vulnerability in how DLL files are loaded with Cisco AnyConnect Secu ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6637
+CVE-2017-6637 (A vulnerability in the web interface of Cisco Prime Collaboration Prov ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6636
+CVE-2017-6636 (A vulnerability in the web interface of Cisco Prime Collaboration Prov ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6635
+CVE-2017-6635 (A vulnerability in the web interface of Cisco Prime Collaboration Prov ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6634
+CVE-2017-6634 (A vulnerability in the Device Manager web interface of Cisco Industria ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6633
+CVE-2017-6633 (A vulnerability in the TCP throttling process of Cisco UCS C-Series Ra ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6632
+CVE-2017-6632 (A vulnerability in the logging configuration of Secure Sockets Layer ( ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6631
+CVE-2017-6631 (A vulnerability in the HTTP remote procedure call (RPC) service of set ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6630
+CVE-2017-6630 (A vulnerability in the Session Initiation Protocol (SIP) implementatio ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6629
+CVE-2017-6629 (A vulnerability in the ImageID parameter of Cisco Unity Connection 10. ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6628
+CVE-2017-6628 (A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6627
+CVE-2017-6627 (A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, an ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6626
+CVE-2017-6626 (A vulnerability in the Cisco Finesse Notification Service for Cisco Un ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6625
+CVE-2017-6625 (A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA wi ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6624
+CVE-2017-6624 (A vulnerability in Cisco IOS 15.5(3)M Software for Cisco CallManager E ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6623
+CVE-2017-6623 (A vulnerability in a script file that is installed as part of the Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6622
+CVE-2017-6622 (A vulnerability in the web interface for Cisco Prime Collaboration Pro ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6621
+CVE-2017-6621 (A vulnerability in the web interface of Cisco Prime Collaboration Prov ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6620
+CVE-2017-6620 (A vulnerability in the remote management access control list (ACL) fea ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6619
+CVE-2017-6619 (A vulnerability in the web-based GUI of Cisco Integrated Management Co ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6618
+CVE-2017-6618 (A vulnerability in the web-based GUI of Cisco Integrated Management Co ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6617
+CVE-2017-6617 (A vulnerability in the session identification management functionality ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6616
+CVE-2017-6616 (A vulnerability in the web-based GUI of Cisco Integrated Management Co ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6615
+CVE-2017-6615 (A vulnerability in the Simple Network Management Protocol (SNMP) subsy ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6614
+CVE-2017-6614 (A vulnerability in the file-download feature of the web user interface ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6613
+CVE-2017-6613 (A vulnerability in the DNS input packet processor for Cisco Prime Netw ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6612
+CVE-2017-6612 (A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6611
+CVE-2017-6611 (A vulnerability in the web framework code of Cisco Prime Infrastructur ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6610
+CVE-2017-6610 (A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH c ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6609
+CVE-2017-6609 (A vulnerability in the IPsec code of Cisco ASA Software could allow an ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6608
+CVE-2017-6608 (A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6607
+CVE-2017-6607 (A vulnerability in the DNS code of Cisco ASA Software could allow an u ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6606
+CVE-2017-6606 (A vulnerability in a startup script of Cisco IOS XE Software could all ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6605
+CVE-2017-6605 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6604
+CVE-2017-6604 (A vulnerability in the web interface of Cisco Integrated Management Co ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6603
+CVE-2017-6603 (A vulnerability in Cisco ASR 903 or ASR 920 Series Devices running wit ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6602
+CVE-2017-6602 (A vulnerability in the CLI of Cisco Unified Computing System (UCS) Man ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6601
+CVE-2017-6601 (A vulnerability in the CLI of the Cisco Unified Computing System (UCS) ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6600
+CVE-2017-6600 (A vulnerability in the CLI of the Cisco Unified Computing System (UCS) ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6599
+CVE-2017-6599 (A vulnerability in Google-defined remote procedure call (gRPC) handlin ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6598
+CVE-2017-6598 (A vulnerability in the debug plug-in functionality of the Cisco Unifie ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6597
+CVE-2017-6597 (A vulnerability in the local-mgmt CLI command of the Cisco Unified Com ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6596
+CVE-2017-6596 (partclone.chkimg in partclone 0.2.89 is prone to a heap-based buffer o ...)
 	{DLA-923-1}
 	[experimental] - partclone 0.2.90-1
 	- partclone 0.2.89-3 (bug #857966)
@@ -34442,7 +34442,7 @@ CVE-2017-6596
 	NOTE: https://github.com/Thomas-Tsai/partclone/commit/96401fb5b7221fc5f44df7079485c395f9c3a428
 CVE-2017-6595
 	RESERVED
-CVE-2017-6594
+CVE-2017-6594 (The transit path validation code in Heimdal before 7.3 might allow att ...)
 	- heimdal 7.1.0+dfsg-12
 	[jessie] - heimdal <no-dsa> (Minor issue)
 	[wheezy] - heimdal <no-dsa> (Minor issue)
@@ -34452,14 +34452,14 @@ CVE-2017-6593
 	RESERVED
 CVE-2017-6592
 	RESERVED
-CVE-2017-6591
+CVE-2017-6591 (There is a cross-site scripting vulnerability in django-epiceditor 0.2 ...)
 	NOT-FOR-US: django-epiceditor
-CVE-2017-6590
+CVE-2017-6590 (An issue was discovered in network-manager-applet (aka network-manager ...)
 	- network-manager-applet <unfixed> (unimportant)
 	NOTE: Marked as 'unimportant', since not exploitable in Debian, although the source
 	NOTE: would be affected as well for Debian.
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/network-manager-applet/+bug/1668321
-CVE-2017-6589
+CVE-2017-6589 (EpicEditor through 0.2.3 has Cross-Site Scripting because of an insecu ...)
 	NOT-FOR-US: django-epiceditor
 CVE-2017-6588
 	RESERVED
@@ -34481,23 +34481,23 @@ CVE-2017-6580
 	RESERVED
 CVE-2017-6579
 	RESERVED
-CVE-2017-6578
+CVE-2017-6578 (A SQL injection issue is exploitable, with WordPress admin access, in  ...)
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6577
+CVE-2017-6577 (A SQL injection issue is exploitable, with WordPress admin access, in  ...)
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6576
+CVE-2017-6576 (A SQL injection issue is exploitable, with WordPress admin access, in  ...)
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6575
+CVE-2017-6575 (A SQL injection issue is exploitable, with WordPress admin access, in  ...)
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6574
+CVE-2017-6574 (A SQL injection issue is exploitable, with WordPress admin access, in  ...)
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6573
+CVE-2017-6573 (A SQL injection issue is exploitable, with WordPress admin access, in  ...)
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6572
+CVE-2017-6572 (A SQL injection issue is exploitable, with WordPress admin access, in  ...)
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6571
+CVE-2017-6571 (A SQL injection issue is exploitable, with WordPress admin access, in  ...)
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
-CVE-2017-6570
+CVE-2017-6570 (A SQL injection issue is exploitable, with WordPress admin access, in  ...)
 	NOT-FOR-US: Mail Masta (aka mail-masta) plugin 1.0 for WordPress
 CVE-2017-6569
 	RESERVED
@@ -34507,53 +34507,53 @@ CVE-2017-6567
 	RESERVED
 CVE-2017-6566
 	RESERVED
-CVE-2017-6565
+CVE-2017-6565 (On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDia ...)
 	NOT-FOR-US: Franklin Fueling Systems TS-550 evo
-CVE-2017-6564
+CVE-2017-6564 (On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest u ...)
 	NOT-FOR-US: Franklin Fueling Systems TS-550 evo
 CVE-2017-6563
 	RESERVED
-CVE-2017-6562
+CVE-2017-6562 (XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=file&amp;targ ...)
 	NOT-FOR-US: Agora-Project
-CVE-2017-6561
+CVE-2017-6561 (XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=object&amp;ac ...)
 	NOT-FOR-US: Agora-Project
-CVE-2017-6560
+CVE-2017-6560 (XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=misc&amp;acti ...)
 	NOT-FOR-US: Agora-Project
-CVE-2017-6559
+CVE-2017-6559 (XSS in Agora-Project 3.2.2 exists with an index.php?disconnect=1&amp;m ...)
 	NOT-FOR-US: Agora-Project
-CVE-2017-6558
+CVE-2017-6558 (iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n  ...)
 	NOT-FOR-US: iball Baton
-CVE-2017-6557
+CVE-2017-6557 (SQL injection vulnerability in ArrayOS before AG 9.4.0.135, when the p ...)
 	NOT-FOR-US: ArrayOS
-CVE-2017-6556
+CVE-2017-6556 (Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) 2. ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-6555
+CVE-2017-6555 (Cross-site scripting (XSS) vulnerability in /admin/moduleinterface.php ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-6554
+CVE-2017-6554 (pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured ...)
 	NOT-FOR-US: Quest Privilege Manager
-CVE-2017-6553
+CVE-2017-6553 (Buffer Overflow in Quest One Identity Privilege Manager for Unix befor ...)
 	NOT-FOR-US: Quest One Identity Privilege Manager for Unix
-CVE-2017-6552
+CVE-2017-6552 (Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently ...)
 	NOT-FOR-US: Livebox 3 Sagemcom
-CVE-2017-6551
+CVE-2017-6551 (Pexip Infinity before 14.2 allows remote attackers to cause a denial o ...)
 	NOT-FOR-US: Pexip Infinity
-CVE-2017-6550
+CVE-2017-6550 (Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerl ...)
 	NOT-FOR-US: Kinsey Infor-Lawson
-CVE-2017-6549
+CVE-2017-6549 (Session hijack vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC6 ...)
 	NOT-FOR-US: ASUS
-CVE-2017-6548
+CVE-2017-6548 (Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT- ...)
 	NOT-FOR-US: ASUS
-CVE-2017-6547
+CVE-2017-6547 (Cross-site scripting (XSS) vulnerability in httpd on ASUS RT-N56U, RT- ...)
 	NOT-FOR-US: ASUS
 CVE-2017-6546
 	RESERVED
 CVE-2017-6545
 	RESERVED
-CVE-2017-6544
+CVE-2017-6544 (Gargaj/wuhu through 2017-03-08 is vulnerable to a reflected XSS in wuh ...)
 	NOT-FOR-US: wuhu
-CVE-2017-6543
+CVE-2017-6543 (Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance be ...)
 	NOT-FOR-US: Nessus
-CVE-2017-6542
+CVE-2017-6542 (The ssh_agent_channel_data function in PuTTY before 0.68 allows remote ...)
 	- putty 0.67-3 (bug #857642)
 	[jessie] - putty <no-dsa> (Minor issue)
 	[wheezy] - putty <no-dsa> (Minor issue)
@@ -34562,37 +34562,37 @@ CVE-2017-6542
 	NOTE: Bug only exploitable if SSH agent forwarding enabled (not the default) and if
 	NOTE: the attacker can already be able to connect to the  Unix-domain socket
 	NOTE: representing the forwarded agent connection.
-CVE-2017-6541
+CVE-2017-6541 (Multiple Cross-Site Scripting (XSS) issues were discovered in webpaget ...)
 	NOT-FOR-US: webpagetest
-CVE-2017-6540
+CVE-2017-6540 (Multiple Cross-Site Scripting (XSS) issues were discovered in webpaget ...)
 	NOT-FOR-US: webpagetest
-CVE-2017-6539
+CVE-2017-6539 (Multiple Cross-Site Scripting (XSS) issues were discovered in webpaget ...)
 	NOT-FOR-US: webpagetest
-CVE-2017-6538
+CVE-2017-6538 (A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0.  ...)
 	NOT-FOR-US: webpagetest
-CVE-2017-6537
+CVE-2017-6537 (A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0.  ...)
 	NOT-FOR-US: webpagetest
-CVE-2017-6536
+CVE-2017-6536 (Multiple Cross-Site Scripting (XSS) issues were discovered in webpaget ...)
 	NOT-FOR-US: webpagetest
-CVE-2017-6535
+CVE-2017-6535 (Multiple Cross-Site Scripting (XSS) issues were discovered in webpaget ...)
 	NOT-FOR-US: webpagetest
-CVE-2017-6534
+CVE-2017-6534 (A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0.  ...)
 	NOT-FOR-US: webpagetest
-CVE-2017-6533
+CVE-2017-6533 (A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0.  ...)
 	NOT-FOR-US: webpagetest
-CVE-2017-6532
+CVE-2017-6532 (Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 ha ...)
 	NOT-FOR-US: Televes COAXDATA GATEWAY
-CVE-2017-6531
+CVE-2017-6531 (On Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 ...)
 	NOT-FOR-US: Televes COAXDATA GATEWAY
-CVE-2017-6530
+CVE-2017-6530 (Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 do ...)
 	NOT-FOR-US: Televes COAXDATA GATEWAY
-CVE-2017-6529
+CVE-2017-6529 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vuln ...)
 	NOT-FOR-US: dnaLIMS
-CVE-2017-6528
+CVE-2017-6528 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affe ...)
 	NOT-FOR-US: dnaLIMS
-CVE-2017-6527
+CVE-2017-6527 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vuln ...)
 	NOT-FOR-US: dnaLIMS
-CVE-2017-6526
+CVE-2017-6526 (An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vuln ...)
 	NOT-FOR-US: dnaLIMS
 CVE-2017-6525
 	RESERVED
@@ -34604,37 +34604,37 @@ CVE-2017-6522
 	RESERVED
 CVE-2017-6521
 	RESERVED
-CVE-2017-6520
+CVE-2017-6520 (The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 inadvert ...)
 	NOT-FOR-US: Multicast DNS (mDNS) responder used in BOSE Soundtouch 30
-CVE-2017-6519
+CVE-2017-6519 (avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to ...)
 	- avahi <unfixed> (unimportant; bug #917047)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1426712
 	NOTE: https://github.com/lathiat/avahi/issues/203
 	NOTE: https://github.com/lathiat/avahi/commit/e111def44a7df4624a4aa3f85fe98054bffb6b4f
-CVE-2017-6518
+CVE-2017-6518 (Cross-site scripting (XSS) vulnerability in /sanadata/seo/index.asp in ...)
 	NOT-FOR-US: SanaCMS
-CVE-2017-6517
+CVE-2017-6517 (Microsoft Skype 7.16.0.102 contains a vulnerability that could allow a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-6516
+CVE-2017-6516 (A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo befo ...)
 	NOT-FOR-US: MagniComp
 CVE-2017-6515
 	RESERVED
 CVE-2017-6514
 	RESERVED
-CVE-2017-6513
+CVE-2017-6513 (The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2 ...)
 	NOT-FOR-US: Softaculous Virtualizor
-CVE-2017-6512
+CVE-2017-6512 (Race condition in the rmtree and remove_tree functions in the File-Pat ...)
 	{DSA-3873-1 DLA-978-1}
 	- perl 5.24.1-3 (bug #863870)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=121951
 	NOTE: https://github.com/jkeenan/File-Path/commit/e5ef95276ee8ad471c66ee574a5d42552b3a6af2
-CVE-2017-6511
+CVE-2017-6511 (andrzuk/FineCMS before 2017-03-06 is vulnerable to a reflected XSS in  ...)
 	NOT-FOR-US: FineCMS
-CVE-2017-6510
+CVE-2017-6510 (Easy File Sharing FTP Server version 3.6 is vulnerable to a directory  ...)
 	NOT-FOR-US: Easy File Sharing FTP Server
-CVE-2017-6509
+CVE-2017-6509 (Smith0r/burgundy-cms before 2017-03-06 is vulnerable to a reflected XS ...)
 	NOT-FOR-US: burgundy-cms
-CVE-2017-6507
+CVE-2017-6507 (An issue was discovered in AppArmor before 2.12. Incorrect handling of ...)
 	- apparmor 2.11.0-3 (bug #858768)
 	[jessie] - apparmor <no-dsa> (Minor issue)
 	[wheezy] - apparmor <no-dsa> (Experimental/unsupported feature)
@@ -34643,40 +34643,40 @@ CVE-2017-6507
 	NOTE: https://bugs.launchpad.net/apparmor/+bug/1668892
 	NOTE: affects only third-party rules, e.g. from Docker or LXC
 	NOTE: LXC in wheezy doesn't support proper isolation
-CVE-2017-6814
+CVE-2017-6814 (In WordPress before 4.7.3, there is authenticated Cross-Site Scripting ...)
 	{DSA-3815-1 DLA-860-1}
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/28f838ca3ee205b6f39cd2bf23eb4e5f52796bd7
-CVE-2017-6815
+CVE-2017-6815 (In WordPress before 4.7.3 (wp-includes/pluggable.php), control charact ...)
 	{DSA-3815-1 DLA-860-1}
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/288cd469396cfe7055972b457eb589cea51ce40e
-CVE-2017-6816
+CVE-2017-6816 (In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can ...)
 	{DSA-3815-1 DLA-860-1}
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/4d80f8b3e1b00a3edcee0774dc9c2f4c78f9e663
-CVE-2017-6817
+CVE-2017-6817 (In WordPress before 4.7.3 (wp-includes/embed.php), there is authentica ...)
 	{DSA-3815-1}
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	[wheezy] - wordpress <not-affected> (vulnerable code was introduced later)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/419c8d97ce8df7d5004ee0b566bc5e095f0a6ca8
-CVE-2017-6818
+CVE-2017-6818 (In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-si ...)
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	[jessie] - wordpress <not-affected> (Only affects 4.7.x)
 	[wheezy] - wordpress <not-affected> (Only affects 4.7.x)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/9092fd01e1f452f37c313d38b18f9fe6907541f9
-CVE-2017-6819
+CVE-2017-6819 (In WordPress before 4.7.3, there is cross-site request forgery (CSRF)  ...)
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	[jessie] - wordpress <not-affected> (Only affects 4.2 and later)
 	[wheezy] - wordpress <not-affected> (Only affects 4.2 and later)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/263831a72d08556bc2f3a328673d95301a152829
-CVE-2017-6508
+CVE-2017-6508 (CRLF injection vulnerability in the url_parse function in url.c in Wge ...)
 	{DLA-851-1}
 	- wget 1.19.1-2 (bug #857073)
 	[buster] - wget 1.18-5
@@ -34684,52 +34684,52 @@ CVE-2017-6508
 	[jessie] - wget 1.16-1+deb8u2
 	NOTE: http://lists.gnu.org/archive/html/bug-wget/2017-03/msg00018.html
 	NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=4d729e322fae359a1aefaafec1144764a54e8ad4
-CVE-2017-6506
+CVE-2017-6506 (In Azure Data Expert Ultimate 2.2.16, the SMTP verification function s ...)
 	NOT-FOR-US: Azure Data Expert Ultimate
-CVE-2017-6505
+CVE-2017-6505 (The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Qu ...)
 	{DLA-1497-1 DLA-1071-1 DLA-1070-1}
 	- qemu 1:2.8+dfsg-4 (bug #856969)
 	- qemu-kvm <removed>
 	NOTE: Fixed by: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=95ed56939eb2eaa4e2f349fe6dcd13ca4edfd8fb
-CVE-2017-6504
+CVE-2017-6504 (WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options hea ...)
 	{DLA-897-1}
 	- qbittorrent 3.3.7-3 (low; bug #856978)
 	[jessie] - qbittorrent <no-dsa> (Minor issue)
 	NOTE: https://github.com/qbittorrent/qBittorrent/commit/f5ad04766f4abaa78374ff03704316f8ce04627d
 	NOTE: Fixed upstream in 3.3.11
-CVE-2017-6503
+CVE-2017-6503 (WebUI in qBittorrent before 3.3.11 did not escape many values, which c ...)
 	{DLA-897-1}
 	- qbittorrent 3.3.7-3 (low; bug #856977)
 	[jessie] - qbittorrent <no-dsa> (Minor issue)
 	NOTE: https://github.com/qbittorrent/qBittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16
 	NOTE: Fixed upstream in 3.3.11
-CVE-2017-6502
+CVE-2017-6502 (An issue was discovered in ImageMagick 6.9.7. A specially crafted webp ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant; bug #856883)
 	NOTE: webp is disable under Debian, cf. https://bugs.debian.org/856883#14
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/126c7c98ea788241922c30df4a5633ea692cf8df
-CVE-2017-6501
+CVE-2017-6501 (An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf  ...)
 	- imagemagick 8:6.9.7.4+dfsg-2 (bug #856881)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d31fec57e9dfb0516deead2053a856e3c71e9751
-CVE-2017-6500
+CVE-2017-6500 (An issue was discovered in ImageMagick 6.9.7. A specially crafted sun  ...)
 	{DSA-3808-1 DLA-868-1}
 	- imagemagick 8:6.9.7.4+dfsg-2 (bug #856879)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/375
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/376
-CVE-2017-6499
+CVE-2017-6499 (An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially  ...)
 	{DSA-3808-1}
 	- imagemagick 8:6.9.7.4+dfsg-2 (bug #856880)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=23&p=142634
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/3358f060fc182551822576b2c0a8850faab5d543
-CVE-2017-6498
+CVE-2017-6498 (An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files coul ...)
 	{DSA-3808-1 DLA-868-1}
 	- imagemagick 8:6.9.7.4+dfsg-2 (bug #856878)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/65f75a32a93ae4044c528a987a68366ecd4b46b9
 	NOTE: https://github.com/ImageMagick/ImageMagick/pull/359
-CVE-2017-6497
+CVE-2017-6497 (An issue was discovered in ImageMagick 6.9.7. A specially crafted psd  ...)
 	- imagemagick 8:6.9.7.4+dfsg-2 (bug #856882)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
@@ -34742,35 +34742,35 @@ CVE-2017-6494
 	RESERVED
 CVE-2017-6493
 	RESERVED
-CVE-2017-6492
+CVE-2017-6492 (SQL Injection was discovered in adm_program/modules/dates/dates_functi ...)
 	NOT-FOR-US: Admidio
-CVE-2017-6491
+CVE-2017-6491 (Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1. ...)
 	NOT-FOR-US: EPESI
-CVE-2017-6490
+CVE-2017-6490 (Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1. ...)
 	NOT-FOR-US: EPESI
-CVE-2017-6489
+CVE-2017-6489 (Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1. ...)
 	NOT-FOR-US: EPESI
-CVE-2017-6488
+CVE-2017-6488 (Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1. ...)
 	NOT-FOR-US: EPESI
-CVE-2017-6487
+CVE-2017-6487 (Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1. ...)
 	NOT-FOR-US: EPESI
-CVE-2017-6486
+CVE-2017-6486 (A Cross-Site Scripting (XSS) issue was discovered in reasoncms before  ...)
 	NOT-FOR-US: reasoncms
-CVE-2017-6485
+CVE-2017-6485 (A Cross-Site Scripting (XSS) issue was discovered in php-calendar befo ...)
 	NOT-FOR-US: PHP-Calendar
-CVE-2017-6484
+CVE-2017-6484 (Multiple Cross-Site Scripting (XSS) issues were discovered in INTER-Me ...)
 	NOT-FOR-US: INTER-Mediator
-CVE-2017-6483
+CVE-2017-6483 (Multiple Cross-Site Scripting (XSS) issues were discovered in ATutor 2 ...)
 	NOT-FOR-US: ATutor
 CVE-2017-6482
 	REJECTED
-CVE-2017-6481
+CVE-2017-6481 (Multiple Cross-Site Scripting (XSS) issues were discovered in phpipam  ...)
 	NOT-FOR-US: phpipam
-CVE-2017-6480
+CVE-2017-6480 (groovel/cmsgroovel before 3.3.7-beta is vulnerable to a reflected XSS  ...)
 	NOT-FOR-US: cmsgroovel
-CVE-2017-6479
+CVE-2017-6479 (FenixHosting/fenix-open-source before 2017-03-04 is vulnerable to a re ...)
 	NOT-FOR-US: FenixHosting (different than fenix game engine)
-CVE-2017-6478
+CVE-2017-6478 (paintballrefjosh/MaNGOSWebV4 before 4.0.8 is vulnerable to a reflected ...)
 	NOT-FOR-US: MaNGOSWebV4
 CVE-2017-6477
 	RESERVED
@@ -34778,87 +34778,87 @@ CVE-2017-6476
 	RESERVED
 CVE-2017-6475
 	RESERVED
-CVE-2017-6474
+CVE-2017-6474 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler  ...)
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-07.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a998c9195f183d85f5b0bbeebba21a2d4d303d47
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13429
-CVE-2017-6473
+CVE-2017-6473 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file p ...)
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-09.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7edc761a01cda8e1b37677f673985582330317d2
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13431
-CVE-2017-6472
+CVE-2017-6472 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dis ...)
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-04.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2b3a0909beff8963b390034c594e0b6be6a4e531
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13347
-CVE-2017-6471
+CVE-2017-6471 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infini ...)
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-05.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=62afef41277dfac37f515207ca73d33306e3302b
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13348
-CVE-2017-6470
+CVE-2017-6470 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infi ...)
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-10.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=0b89174ef4c531a1917437fff586fe525ee7bf2d
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13432
-CVE-2017-6469
+CVE-2017-6469 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS diss ...)
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-03.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f753c127082d5e28abf482d6d175cbfee6661f7
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13346
-CVE-2017-6468
+CVE-2017-6468 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler  ...)
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-08.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9f3bc84b7e7e435c50b8b68f0fc526d0f5676cbf
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13430
-CVE-2017-6467
+CVE-2017-6467 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler  ...)
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-11.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=284ad58d288722a8725401967bff0c4455488f0c
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12083
-CVE-2017-6466
+CVE-2017-6466 (F-Secure Software Updater 2.20, as distributed in several F-Secure pro ...)
 	NOT-FOR-US: F-Secure
-CVE-2017-6465
+CVE-2017-6465 (Remote Code Execution was discovered in FTPShell Client 6.53. By defau ...)
 	NOT-FOR-US: FTPShell Client
-CVE-2017-6464
+CVE-2017-6464 (NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to ...)
 	- ntp 1:4.2.8p10+dfsg-1 (low)
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3389
 	NOTE: https://cure53.de/pentest-report_ntp.pdf
-CVE-2017-6463
+CVE-2017-6463 (NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticate ...)
 	- ntp 1:4.2.8p10+dfsg-1
 	[jessie] - ntp <no-dsa> (Minor issue)
 	[wheezy] - ntp <no-dsa> (Minor issue)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3387
 	NOTE: https://cure53.de/pentest-report_ntp.pdf
-CVE-2017-6462
+CVE-2017-6462 (Buffer overflow in the legacy Datum Programmable Time Server (DPTS) re ...)
 	- ntp 1:4.2.8p10+dfsg-1 (unimportant)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3388
 	NOTE: https://cure53.de/pentest-report_ntp.pdf
 	NOTE: Obscure legacy feature, no real impact
 CVE-2017-6461
 	REJECTED
-CVE-2017-6460
+CVE-2017-6460 (Stack-based buffer overflow in the reslist function in ntpq in NTP bef ...)
 	- ntp 1:4.2.8p10+dfsg-1
 	[jessie] - ntp <not-affected> (Vulnerable code not present)
 	[wheezy] - ntp <not-affected> (Vulnerable code not present)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3377
 	NOTE: https://cure53.de/pentest-report_ntp.pdf
-CVE-2017-6459
+CVE-2017-6459 (The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94  ...)
 	- ntp <not-affected> (NTP on Windows)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3382
-CVE-2017-6458
+CVE-2017-6458 (Multiple buffer overflows in the ctl_put* functions in NTP before 4.2. ...)
 	- ntp 1:4.2.8p10+dfsg-1 (unimportant)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3379
 	NOTE: https://cure53.de/pentest-report_ntp.pdf
@@ -34867,24 +34867,24 @@ CVE-2017-6457
 	REJECTED
 CVE-2017-6456
 	REJECTED
-CVE-2017-6455
+CVE-2017-6455 (NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows ...)
 	- ntp <not-affected> (NTP on Windows)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3384
 CVE-2017-6454
 	REJECTED
 CVE-2017-6453
 	REJECTED
-CVE-2017-6452
+CVE-2017-6452 (Stack-based buffer overflow in the Windows installer for NTP before 4. ...)
 	- ntp <not-affected> (NTP on Windows)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3383
-CVE-2017-6451
+CVE-2017-6451 (The mx4200_send function in the legacy MX4200 refclock in NTP before 4 ...)
 	- ntp <not-affected> (Vulnerable code not enabled at build time)
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3378
 CVE-2017-6450
 	RESERVED
 CVE-2017-6449
 	RESERVED
-CVE-2017-6448
+CVE-2017-6448 (The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2  ...)
 	{DLA-901-1}
 	[experimental] - radare2 1.3.0+dfsg-1
 	- radare2 1.1.0+dfsg-4 (bug #859447)
@@ -34893,13 +34893,13 @@ CVE-2017-6448
 	NOTE: https://github.com/radare/radare2/issues/6885
 CVE-2017-6447
 	RESERVED
-CVE-2017-6446
+CVE-2017-6446 (XSS was discovered in Dotclear v2.11.2, affecting admin/blogs.php and  ...)
 	- dotclear <removed>
-CVE-2017-6445
+CVE-2017-6445 (The auto-update feature of Open Embedded Linux Entertainment Center (O ...)
 	NOT-FOR-US: OpenELEC
-CVE-2017-6444
+CVE-2017-6444 (The MikroTik Router hAP Lite 6.25 has no protection mechanism for unso ...)
 	NOT-FOR-US: MikroTik Router hAP Lite
-CVE-2017-6443
+CVE-2017-6443 (Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 ...)
 	NOT-FOR-US: EPSON TMNet WebConfig
 CVE-2017-XXXX [dns: out of bound memory read]
 	- suricata 3.2.1-1 (bug #856648)
@@ -34907,46 +34907,46 @@ CVE-2017-XXXX [dns: out of bound memory read]
 	[wheezy] - suricata <not-affected> (vulnerable code not present)
 	NOTE: https://redmine.openinfosecfoundation.org/issues/2022
 	NOTE: Fixed by: https://github.com/inliniac/suricata/commit/20990f7a7eb7939946a275dfc9a95426b0080a19 (3.2.1)
-CVE-2017-7177
+CVE-2017-7177 (Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused ...)
 	{DLA-1603-1 DLA-865-1}
 	- suricata 3.2.1-1 (bug #856649)
 	NOTE: https://redmine.openinfosecfoundation.org/issues/2019
 	NOTE: Fixed by: https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8 (3.2.1)
 CVE-2017-6442
 	RESERVED
-CVE-2017-6441
+CVE-2017-6441 (** DISPUTED ** The _zval_get_long_func_ex in Zend/zend_operators.c in  ...)
 	NOTE: PHP bug without security relevance
-CVE-2017-6440
+CVE-2017-6440 (The parse_data_node function in bplist.c in libimobiledevice libplist  ...)
 	- libplist 1.12+git+1+e37ca00-0.2 (bug #858055)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	[wheezy] - libplist <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/99
 	NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/dccd9290745345896e3a4a73154576a599fd8b7b
-CVE-2017-6439
+CVE-2017-6439 (Heap-based buffer overflow in the parse_string_node function in bplist ...)
 	{DLA-870-1}
 	- libplist 1.12+git+1+e37ca00-0.1
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/95
 	NOTE: https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
-CVE-2017-6438
+CVE-2017-6438 (Heap-based buffer overflow in the parse_unicode_node function in bplis ...)
 	- libplist 1.12+git+1+e37ca00-0.2 (bug #858786)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	[wheezy] - libplist <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/98
 	NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/dccd9290745345896e3a4a73154576a599fd8b7b
-CVE-2017-6437
+CVE-2017-6437 (The base64encode function in base64.c in libimobiledevice libplist 1.1 ...)
 	- libplist 1.12+git+1+e37ca00-0.2 (bug #858787)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	[wheezy] - libplist <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/100
 	NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/dccd9290745345896e3a4a73154576a599fd8b7b
-CVE-2017-6436
+CVE-2017-6436 (The parse_string_node function in bplist.c in libimobiledevice libplis ...)
 	{DLA-870-1}
 	- libplist 1.12+git+1+e37ca00-0.1
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/94
 	NOTE: https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
-CVE-2017-6435
+CVE-2017-6435 (The parse_string_node function in bplist.c in libimobiledevice libplis ...)
 	{DLA-870-1}
 	- libplist 1.12+git+1+e37ca00-0.1
 	[jessie] - libplist <no-dsa> (Minor issue)
@@ -34956,24 +34956,24 @@ CVE-2017-6434
 	RESERVED
 CVE-2017-6433
 	RESERVED
-CVE-2017-6432
+CVE-2017-6432 (An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build  ...)
 	NOT-FOR-US: Dahua DVR
 CVE-2017-6431
 	RESERVED
-CVE-2017-6430
+CVE-2017-6430 (The compile_tree function in ef_compiler.c in the Etterfilter utility  ...)
 	{DSA-3874-1}
 	- ettercap 1:0.8.2-4 (bug #857035)
 	NOTE: https://github.com/Ettercap/ettercap/issues/782
 	NOTE: Patch: https://github.com/LocutusOfBorg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506
-CVE-2017-6429
+CVE-2017-6429 (Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Be ...)
 	- tcpreplay <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/appneta/tcpreplay/issues/278
 	NOTE: https://github.com/appneta/tcpreplay/commit/d689d14dbcd768c028eab2fb378d849e543dcfe9
 CVE-2017-6428
 	RESERVED
-CVE-2017-6427
+CVE-2017-6427 (A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. A cr ...)
 	NOT-FOR-US: EvoStream Media Server
-CVE-2017-6849
+CVE-2017-6849 (The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in Po ...)
 	- libpodofo 0.9.5-9 (bug #861566)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -34982,7 +34982,7 @@ CVE-2017-6849
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfcolorgraypdfcolorgray-pdfcolor-cpp
 	NOTE: https://sourceforge.net/p/podofo/tickets/8/
 	NOTE: Same fix as for CVE-2017-6845
-CVE-2017-6848
+CVE-2017-6848 (The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoF ...)
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #861565)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
@@ -34990,14 +34990,14 @@ CVE-2017-6848
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/9
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfxobjectpdfxobject-pdfxobject-cpp
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1846
-CVE-2017-6847
+CVE-2017-6847 (The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo ...)
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #861564)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/8
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfvariantdelayedload-pdfvariant-h
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1846
-CVE-2017-6846
+CVE-2017-6846 (The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace fun ...)
 	- libpodofo 0.9.5-9 (bug #861563)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -35006,7 +35006,7 @@ CVE-2017-6846
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-graphicsstacktgraphicsstackelementsetnonstrokingcolorspace-graphicsstack-h/
 	NOTE: https://sourceforge.net/p/podofo/tickets/9/
 	NOTE: Same fix as for CVE-2017-6845
-CVE-2017-6845
+CVE-2017-6845 (The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9. ...)
 	- libpodofo 0.9.5-9 (bug #861562)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -35017,14 +35017,14 @@ CVE-2017-6845
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/6
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfcoloroperator-pdfcolor-cpp
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1892
-CVE-2017-6844
+CVE-2017-6844 (Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function  ...)
 	{DLA-929-1}
 	- libpodofo 0.9.4-5 (bug #861561)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/5
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-global-buffer-overflow-in-podofopdfparserreadxrefsubsection-pdfparser-cpp
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1840/
-CVE-2017-6843
+CVE-2017-6843 (Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad func ...)
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #861560)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -35032,7 +35032,7 @@ CVE-2017-6843
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-heap-based-buffer-overflow-in-podofopdfvariantdelayedload-pdfvariant-h
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1844
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1845
-CVE-2017-6842
+CVE-2017-6842 (The ColorChanger::GetColorFromStack function in colorchanger.cpp in Po ...)
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #861559)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -35040,7 +35040,7 @@ CVE-2017-6842
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-colorchangergetcolorfromstack-colorchanger-cpp
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1844
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1845
-CVE-2017-6841
+CVE-2017-6841 (The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement funct ...)
 	- libpodofo 0.9.5-9 (bug #861558)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -35049,7 +35049,7 @@ CVE-2017-6841
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-graphicsstacktgraphicsstackelementtgraphicsstackelement-graphicsstack-h
 	NOTE: https://sourceforge.net/p/podofo/tickets/10/
 	NOTE: Same fix as for CVE-2017-6845
-CVE-2017-6840
+CVE-2017-6840 (The ColorChanger::GetColorFromStack function in colorchanger.cpp in Po ...)
 	{DLA-968-1}
 	- libpodofo 0.9.4-6 (bug #861557)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -35057,19 +35057,19 @@ CVE-2017-6840
 	NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-invalid-memory-read-in-colorchangergetcolorfromstack-colorchanger-cpp
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1844
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1845
-CVE-2017-6426
+CVE-2017-6426 (An information disclosure vulnerability in the Qualcomm SPMI driver. P ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-6425
+CVE-2017-6425 (An information disclosure vulnerability in the Qualcomm video driver.  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-6424
+CVE-2017-6424 (An elevation of privilege vulnerability in the Qualcomm WiFi driver. P ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-6423
+CVE-2017-6423 (An elevation of privilege vulnerability in the Qualcomm kyro L2 driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-6422
 	RESERVED
-CVE-2017-6421
+CVE-2017-6421 (In the touch controller function in all Qualcomm products with Android ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-6420
+CVE-2017-6420 (The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows  ...)
 	{DLA-1261-1 DLA-1105-1}
 	- clamav 0.99.3~beta1+dfsg-1
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
@@ -35077,7 +35077,7 @@ CVE-2017-6420
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11798
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/60671e3deb1df6c626e5c7e13752c2eec1649f98
-CVE-2017-6419
+CVE-2017-6419 (mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows  ...)
 	{DSA-3946-1 DLA-1279-1}
 	- libmspack 0.6-1 (bug #871263)
 	- clamav 0.99.3~beta1+dfsg-1 (unimportant)
@@ -35089,93 +35089,93 @@ CVE-2017-6419
 	NOTE: have libmspack and thus need to have the fix as well in the
 	NOTE: src:clamav source package.
 	NOTE: libmspack: https://github.com/kyz/libmspack/commit/6139a0b9e93fcb7fcf423e56aa825bc869e02229
-CVE-2017-6418
+CVE-2017-6418 (libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause  ...)
 	{DLA-1261-1 DLA-1105-1}
 	- clamav 0.99.3~beta1+dfsg-1
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
 	[jessie] - clamav 0.99.2+dfsg-0+deb8u3
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11797
 	NOTE: https://github.com/vrtadmin/clamav-devel/commit/586a5180287262070637c8943f2f7efd652e4a2c
-CVE-2017-6417
+CVE-2017-6417 (Code injection vulnerability in Avira Total Security Suite 15.0 (and e ...)
 	NOT-FOR-US: Avira Total Security Suite
-CVE-2017-6416
+CVE-2017-6416 (An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerab ...)
 	NOT-FOR-US: SysGauge
-CVE-2017-6415
+CVE-2017-6415 (The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1 ...)
 	- radare2 1.1.0+dfsg-3 (bug #856572)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 1.1.0)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 1.1.0)
 	NOTE: https://github.com/radare/radare2/issues/6872
 	NOTE: https://github.com/radare/radare2/commit/252afb1cff9676f3ae1f341a28448bf2c8b6e308
-CVE-2017-6414
+CVE-2017-6414 (Memory leak in the vcard_apdu_new function in card_7816.c in libcacard ...)
 	- libcacard 1:2.5.0-3 (bug #856501)
 	NOTE: Fixed by: https://cgit.freedesktop.org/spice/libcacard/commit/?id=9113dc6a303604a2d9812ac70c17d076ef11886c
-CVE-2017-6413
+CVE-2017-6413 (The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka  ...)
 	- libapache2-mod-auth-openidc 2.1.6-1
 	[jessie] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
 	NOTE: https://github.com/pingidentity/mod_auth_openidc/commit/21e3728a825c41ab41efa75e664108051bb9665e
-CVE-2017-6412
+CVE-2017-6412 (In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could o ...)
 	NOT-FOR-US: Sophos
-CVE-2017-6411
+CVE-2017-6411 (Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devic ...)
 	NOT-FOR-US: D-Link
-CVE-2017-6410
+CVE-2017-6410 (kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 call ...)
 	{DSA-3849-1 DLA-952-1}
 	- kio 5.28.0-2 (bug #856889)
 	- kde4libs 4:4.14.26-2 (bug #856890)
 	NOTE: https://www.kde.org/info/security/advisory-20170228-1.txt
 	NOTE: Patch for kio: https://commits.kde.org/kio/f9d0cb47cf94e209f6171ac0e8d774e68156a6e4
 	NOTE: Patch for kde4libs: https://commits.kde.org/kdelibs/1804c2fde7bf4e432c6cf5bb8cce5701c7010559
-CVE-2017-6409
+CVE-2017-6409 (An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBa ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6408
+CVE-2017-6408 (An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBa ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6407
+CVE-2017-6407 (An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBacku ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6406
+CVE-2017-6406 (An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBacku ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6405
+CVE-2017-6405 (An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBa ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6404
+CVE-2017-6404 (An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup  ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6403
+CVE-2017-6403 (An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup  ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6402
+CVE-2017-6402 (An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBa ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6401
+CVE-2017-6401 (An issue was discovered in Veritas NetBackup before 8.0 and NetBackup  ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6400
+CVE-2017-6400 (An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBacku ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6399
+CVE-2017-6399 (An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBacku ...)
 	NOT-FOR-US: Veritas NetBackup
-CVE-2017-6398
+CVE-2017-6398 (An issue was discovered in Trend Micro InterScan Messaging Security (V ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-6397
+CVE-2017-6397 (An issue was discovered in FlightAirMap v1.0-beta.10. The vulnerabilit ...)
 	NOT-FOR-US: FlightAirMap
-CVE-2017-6396
+CVE-2017-6396 (An issue was discovered in WPO-Foundation WebPageTest 3.0. The vulnera ...)
 	NOT-FOR-US: WPO-Foundation WebPageTest
-CVE-2017-6395
+CVE-2017-6395 (An issue was discovered in HashOver 2.0. The vulnerability exists due  ...)
 	NOT-FOR-US: HashOveer
-CVE-2017-6394
+CVE-2017-6394 (Multiple Cross-Site Scripting (XSS) issues were discovered in OpenEMR  ...)
 	NOT-FOR-US: OpenEMR
-CVE-2017-6393
+CVE-2017-6393 (An issue was discovered in NagVis 1.9b12. The vulnerability exists due ...)
 	- nagvis <not-affected> (Vulnerable code introduced in nagvis-1.8.0)
 	NOTE: https://github.com/NagVis/nagvis/issues/91
-CVE-2017-6392
+CVE-2017-6392 (An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerabil ...)
 	NOT-FOR-US: Kaltura server
-CVE-2017-6391
+CVE-2017-6391 (An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerabil ...)
 	NOT-FOR-US: Kaltura server
-CVE-2017-6390
+CVE-2017-6390 (An issue was discovered in whatanime.ga before c334dd8499a681587dd4199 ...)
 	NOT-FOR-US: whatanime.ga
 CVE-2017-6389
 	RESERVED
 CVE-2017-6388
 	RESERVED
-CVE-2017-6387
+CVE-2017-6387 (The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 all ...)
 	- radare2 1.1.0+dfsg-3 (bug #856574)
 	[jessie] - radare2 <not-affected> (Vulnerable code not present)
 	[wheezy] - radare2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/ead645853a63bf83d8386702cad0cf23b31d7eeb
 	NOTE: https://github.com/radare/radare2/issues/6857
-CVE-2017-6386
+CVE-2017-6386 (Memory leak in the vrend_create_vertex_elements_state function in vren ...)
 	- virglrenderer 0.6.0-2 (bug #858255; bug #872884)
 	NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=737c3350850ca4dbc5633b3bdb4118176ce59920
 CVE-2017-6385
@@ -35184,17 +35184,17 @@ CVE-2017-6383
 	REJECTED
 CVE-2017-6382
 	RESERVED
-CVE-2017-6381
+CVE-2017-6381 (A 3rd party development library including with Drupal 8 development de ...)
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-2017-001
 CVE-2017-6380
 	RESERVED
-CVE-2017-6379
+CVE-2017-6379 (Some administrative paths in Drupal 8.2.x before 8.2.7 did not include ...)
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-2017-001
 CVE-2017-6378
 	RESERVED
-CVE-2017-6377
+CVE-2017-6377 (When adding a private file via the editor in Drupal 8.2.x before 8.2.7 ...)
 	- drupal8 <itp> (bug #756305)
 	NOTE: https://www.drupal.org/SA-2017-001
 CVE-2017-6376
@@ -35209,9 +35209,9 @@ CVE-2017-6372
 	RESERVED
 CVE-2017-6371
 	RESERVED
-CVE-2017-6370
+CVE-2017-6370 (TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI i ...)
 	NOT-FOR-US: Typo3
-CVE-2017-6369
+CVE-2017-6369 (Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5. ...)
 	{DSA-3824-1 DLA-879-1}
 	- firebird2.5 <unfixed> (bug #858641)
 	- firebird3.0 3.0.1.32609.ds4-14 (bug #858644)
@@ -35221,9 +35221,9 @@ CVE-2017-6369
 	NOTE: https://github.com/FirebirdSQL/firebird/commit/a802126cd501f641f00d6cda12d5d9ee3ecda6f5 (2.5)
 CVE-2017-6368
 	RESERVED
-CVE-2017-6367
+CVE-2017-6367 (In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Win ...)
 	NOT-FOR-US: Cerberus FTP Server
-CVE-2017-6366
+CVE-2017-6366 (Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 rou ...)
 	NOT-FOR-US: Netgear
 CVE-2017-6365
 	RESERVED
@@ -35231,85 +35231,85 @@ CVE-2017-6364
 	RESERVED
 CVE-2017-6363
 	RESERVED
-CVE-2017-6362
+CVE-2017-6362 (Double free vulnerability in the gdImagePngPtr function in libgd2 befo ...)
 	{DSA-3961-1 DLA-1106-1}
 	- libgd2 2.2.5-1
 	NOTE: https://github.com/libgd/libgd/issues/381
 	NOTE: https://github.com/libgd/libgd/commit/56ce6ef068b954ad28379e83cca04feefc51320c
-CVE-2017-6361
+CVE-2017-6361 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbit ...)
 	NOT-FOR-US: QNAP
-CVE-2017-6360
+CVE-2017-6360 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administ ...)
 	NOT-FOR-US: QNAP
-CVE-2017-6359
+CVE-2017-6359 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administ ...)
 	NOT-FOR-US: QNAP
 CVE-2017-6358
 	RESERVED
 CVE-2017-6357
 	RESERVED
-CVE-2017-6356
+CVE-2017-6356 (Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0  ...)
 	NOT-FOR-US: Palo Alto Networks Terminal Services
-CVE-2017-6355
+CVE-2017-6355 (Integer overflow in the vrend_create_shader function in vrend_renderer ...)
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=93761787b29f37fa627dea9082cdfc1a1ec608d6 (0.6.0)
 CVE-2017-6354
 	RESERVED
 CVE-2017-6352
 	RESERVED
-CVE-2017-6351
+CVE-2017-6351 (The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacture ...)
 	NOT-FOR-US: WePresent WiPG-1500
-CVE-2017-6350
+CVE-2017-6350 (An integer overflow at an unserialize_uep memory allocation site would ...)
 	{DLA-850-1}
 	- vim 2:8.0.0197-3 (bug #856266)
 	[jessie] - vim 2:7.4.488-7+deb8u3
 	- neovim 0.1.7-4
 	NOTE: Fixed by: https://github.com/vim/vim/commit/0c8485f0e4931463c0f7986e1ea84a7d79f10c75
-CVE-2017-6349
+CVE-2017-6349 (An integer overflow at a u_read_undo memory allocation site would occu ...)
 	{DLA-850-1}
 	- vim 2:8.0.0197-3 (bug #856266)
 	[jessie] - vim 2:7.4.488-7+deb8u3
 	- neovim 0.1.7-4
 	NOTE: Fixed by: https://github.com/vim/vim/commit/3eb1637b1bba19519885dd6d377bd5596e91d22c
-CVE-2017-6344
+CVE-2017-6344 (XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allow ...)
 	NOT-FOR-US: Grails PDF plugin
-CVE-2017-6343
+CVE-2017-6343 (The web interface on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware  ...)
 	NOT-FOR-US: Dahua devices
-CVE-2017-6342
+CVE-2017-6342 (An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Fir ...)
 	NOT-FOR-US: Dahua devices
-CVE-2017-6341
+CVE-2017-6341 (Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06 ...)
 	NOT-FOR-US: Dahua devices
-CVE-2017-6340
+CVE-2017-6340 (Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 befor ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-6339
+CVE-2017-6339 (Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 befor ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-6338
+CVE-2017-6338 (Multiple Access Control issues in Trend Micro InterScan Web Security V ...)
 	NOT-FOR-US: Trend Micro
 CVE-2017-6337
 	RESERVED
 CVE-2017-6336
 	RESERVED
-CVE-2017-6334
+CVE-2017-6334 (dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0. ...)
 	NOT-FOR-US: NETGEAR
 CVE-2017-6333
 	RESERVED
 CVE-2017-6332
 	RESERVED
-CVE-2017-6331
+CVE-2017-6331 (Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter ...)
 	NOT-FOR-US: Symantec
-CVE-2017-6330
+CVE-2017-6330 (Symantec Encryption Desktop before SED 10.4.1MP2 can allow remote atta ...)
 	NOT-FOR-US: Symantec
-CVE-2017-6329
+CVE-2017-6329 (Symantec VIP Access for Desktop prior to 2.2.4 can be susceptible to a ...)
 	NOT-FOR-US: Symantec
-CVE-2017-6328
+CVE-2017-6328 (The Symantec Messaging Gateway before 10.6.3-267 can encounter an issu ...)
 	NOT-FOR-US: Symantec
-CVE-2017-6327
+CVE-2017-6327 (The Symantec Messaging Gateway before 10.6.3-267 can encounter an issu ...)
 	NOT-FOR-US: Symantec
-CVE-2017-6326
+CVE-2017-6326 (The Symantec Messaging Gateway can encounter an issue of remote code e ...)
 	NOT-FOR-US: Symantec
-CVE-2017-6325
+CVE-2017-6325 (The Symantec Messaging Gateway can encounter a file inclusion vulnerab ...)
 	NOT-FOR-US: Symantec
-CVE-2017-6324
+CVE-2017-6324 (The Symantec Messaging Gateway, when processing a specific email attac ...)
 	NOT-FOR-US: Symantec
-CVE-2017-6323
+CVE-2017-6323 (The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_H ...)
 	NOT-FOR-US: Symantec
 CVE-2017-6322
 	RESERVED
@@ -35318,55 +35318,55 @@ CVE-2017-XXXX [scanelf: out of bounds read in scanelf_file_get_symtabs (scanelf.
 	NOTE: https://blogs.gentoo.org/ago/2017/02/25/pax-utils-scanelf-out-of-bounds-read-in-scanelf_file_get_symtabs-scanelf-c-2/
 	NOTE: https://github.com/gentoo/pax-utils/commit/e577c5b7e230c52e5fc4fa40e4e9014c634b3c1d
 	NOTE: https://github.com/gentoo/pax-utils/commit/858939ea6ad63f1acb4ec74bba705c197a67d559
-CVE-2017-6353
+CVE-2017-6353 (net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly ...)
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.13-1
 	NOTE: https://marc.info/?l=linux-netdev&m=148785309416337&w=2
-CVE-2017-6348
+CVE-2017-6348 (The hashbin_delete function in net/irda/irqueue.c in the Linux kernel  ...)
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/4c03b862b12f980456f9de92db6d508a4999b788
-CVE-2017-6347
+CVE-2017-6347 (The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Li ...)
 	- linux 4.9.13-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in 4.0)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 4.0)
 	NOTE: Fixed by: https://git.kernel.org/linus/ca4ef4574f1ee5252e2cd365f8f5d5bafd048f32
-CVE-2017-6346
+CVE-2017-6346 (Race condition in net/packet/af_packet.c in the Linux kernel before 4. ...)
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/d199fab63c11998a602205f7ee7ff7c05c97164b
-CVE-2017-6345
+CVE-2017-6345 (The LLC subsystem in the Linux kernel before 4.9.13 does not ensure th ...)
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/8b74d439e1697110c5e5c600643e823eb1dd0762
 CVE-2017-6321
 	RESERVED
-CVE-2017-6320
+CVE-2017-6320 (A remote command injection vulnerability exists in the Barracuda Load  ...)
 	NOT-FOR-US: Barracuda
-CVE-2017-6319
+CVE-2017-6319 (The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1 ...)
 	- radare2 1.1.0+dfsg-3 (bug #856579)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 1.1.0)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 1.1.0)
 	NOTE: https://github.com/radare/radare2/issues/6836
 	NOTE: https://github.com/radare/radare2/commit/ad55822430a03fe075221b543efb434567e9e431
-CVE-2017-6318
+CVE-2017-6318 (saned in sane-backends 1.0.25 allows remote attackers to obtain sensit ...)
 	{DLA-940-1}
 	- sane-backends 1.0.25-4 (low; bug #854804)
 	[jessie] - sane-backends 1.0.24-8+deb8u2
 	NOTE: Upstream patch: https://anonscm.debian.org/cgit/sane/sane-backends.git/commit/frontend/saned.c?id=42896939822b44f44ecd1b6d35afdfa4473ed35d
-CVE-2017-6316
+CVE-2017-6316 (Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote  ...)
 	NOT-FOR-US: Citrix
-CVE-2017-6315
+CVE-2017-6315 (Astaro Security Gateway (aka ASG) 7 allows remote attackers to execute ...)
 	NOT-FOR-US: Astaro
-CVE-2017-6335
+CVE-2017-6335 (The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1. ...)
 	{DLA-1456-1}
 	- graphicsmagick 1.3.25-8
 	[wheezy] - graphicsmagick <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: https://sourceforge.net/p/graphicsmagick/code/ci/6156b4c2992d855ece6079653b3b93c3229fc4b8/
-CVE-2017-6317
+CVE-2017-6317 (Memory leak in the add_shader_program function in vrend_renderer.c in  ...)
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=a2f12a1b0f95b13b6f8dc3d05d7b74b4386394e4 (0.6.0)
-CVE-2017-6314
+CVE-2017-6314 (The make_available_at_least function in io-tiff.c in gdk-pixbuf allows ...)
 	- gdk-pixbuf 2.36.11-2 (low; bug #856448)
 	[stretch] - gdk-pixbuf 2.36.5-2+deb9u2
 	[jessie] - gdk-pixbuf <ignored> (Minor issue)
@@ -35374,7 +35374,7 @@ CVE-2017-6314
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=779020
 	NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=1e513abdb55529f888233d3c96b27352d83aad5f
-CVE-2017-6313
+CVE-2017-6313 (Integer underflow in the load_resources function in io-icns.c in gdk-p ...)
 	- gdk-pixbuf 2.36.11-2 (low; bug #856445)
 	[stretch] - gdk-pixbuf 2.36.5-2+deb9u2
 	[jessie] - gdk-pixbuf <ignored> (Minor issue)
@@ -35383,7 +35383,7 @@ CVE-2017-6313
 	NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=210b16399a492d05efb209615a143920b24251f4
 	NOTE: Tests: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=4cc39d479356b6b09e3d62a0f3ab424db6c266d8
-CVE-2017-6312
+CVE-2017-6312 (Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent at ...)
 	- gdk-pixbuf 2.36.11-2 (low; bug #856444)
 	[stretch] - gdk-pixbuf 2.36.5-2+deb9u2
 	[jessie] - gdk-pixbuf <ignored> (Minor issue)
@@ -35392,7 +35392,7 @@ CVE-2017-6312
 	NOTE: http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=dec9ca22d70c0f0d4492333b4e8147afb038afd2
 	NOTE: Tests: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=a6303ad765882555cf1b278a09be5f9e4cf3a39d
-CVE-2017-6311
+CVE-2017-6311 (gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attack ...)
 	- gdk-pixbuf 2.36.10-1 (bug #858491; unimportant)
 	[jessie] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1)
 	[wheezy] - gdk-pixbuf <not-affected> (Code introduced in 2.36.1)
@@ -35403,134 +35403,134 @@ CVE-2017-6311
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=57362ed4c1f37c05723e25e136327e262f32d35f
 	NOTE: Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=758655315bc3760c2d646e1e935f7448847073af
 	NOTE: Tests: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=67a02e1bfef1ae8f7fa50ca36f6d922c1b6d3ed6
-CVE-2017-6310
+CVE-2017-6310 (An issue was discovered in tnef before 1.4.13. Four type confusions ha ...)
 	{DSA-3798-1 DLA-839-1}
 	- tnef 1.4.12-1.1 (bug #856117)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/8dccf79857ceeb7a6d3e42c1e762e7b865d5344d
 	NOTE: regression fixed by: https://github.com/verdammelt/tnef/commit/9c4015433ecd3177976f820f7aa524c7e64c7c92
 	NOTE: regression fixed by: https://github.com/verdammelt/tnef/commit/c0b99164d14dcc61348a2ddffd47dfe31d087bad
-CVE-2017-6309
+CVE-2017-6309 (An issue was discovered in tnef before 1.4.13. Two type confusions hav ...)
 	{DSA-3798-1 DLA-839-1}
 	- tnef 1.4.12-1.1 (bug #856117)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/8dccf79857ceeb7a6d3e42c1e762e7b865d5344d
-CVE-2017-6308
+CVE-2017-6308 (An issue was discovered in tnef before 1.4.13. Several Integer Overflo ...)
 	{DSA-3798-1 DLA-839-1}
 	- tnef 1.4.12-1.1 (bug #856117)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/c5044689e50039635e7700fe2472fd632ac77176
-CVE-2017-6307
+CVE-2017-6307 (An issue was discovered in tnef before 1.4.13. Two OOB Writes have bee ...)
 	{DSA-3798-1 DLA-839-1}
 	- tnef 1.4.12-1.1 (bug #856117)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
 	NOTE: Fixed by: https://github.com/verdammelt/tnef/commit/1a17af1ed0c791aec44dbdc9eab91218cc1e335a
-CVE-2017-6306
+CVE-2017-6306 (An issue was discovered in ytnef before 1.9.1. This is related to a pa ...)
 	{DSA-3846-1}
 	- libytnef 1.9.1-1
 	[wheezy] - libytnef <not-affected> (vulnerable code not present)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6305
+CVE-2017-6305 (An issue was discovered in ytnef before 1.9.1. This is related to a pa ...)
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6304
+CVE-2017-6304 (An issue was discovered in ytnef before 1.9.1. This is related to a pa ...)
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6303
+CVE-2017-6303 (An issue was discovered in ytnef before 1.9.1. This is related to a pa ...)
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6302
+CVE-2017-6302 (An issue was discovered in ytnef before 1.9.1. This is related to a pa ...)
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6301
+CVE-2017-6301 (An issue was discovered in ytnef before 1.9.1. This is related to a pa ...)
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6300
+CVE-2017-6300 (An issue was discovered in ytnef before 1.9.1. This is related to a pa ...)
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6299
+CVE-2017-6299 (An issue was discovered in ytnef before 1.9.1. This is related to a pa ...)
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6298
+CVE-2017-6298 (An issue was discovered in ytnef before 1.9.1. This is related to a pa ...)
 	{DSA-3846-1 DLA-878-1}
 	- libytnef 1.9.1-1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/15/4
 	NOTE: fixed in https://github.com/Yeraze/ytnef/commit/b36d6b25b7a546fc28d6c3812124e487987a4910
-CVE-2017-6297
+CVE-2017-6297 (The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does n ...)
 	NOT-FOR-US: MikroTik RouterOS
-CVE-2017-6296
+CVE-2017-6296 (NVIDIA TrustZone Software contains a TOCTOU issue in the DRM applicati ...)
 	NOT-FOR-US: NVIDIA
-CVE-2017-6295
+CVE-2017-6295 (NVIDIA TrustZone Software contains a vulnerability in the Keymaster im ...)
 	NOT-FOR-US: NVIDIA
-CVE-2017-6294
+CVE-2017-6294 (In Android before the 2018-06-05 security patch level, NVIDIA Tegra X1 ...)
 	NOT-FOR-US: NVIDIA
-CVE-2017-6293
+CVE-2017-6293 (In Android before the 2018-05-05 security patch level, NVIDIA Tegra X1 ...)
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6292
+CVE-2017-6292 (In Android before the 2018-06-05 security patch level, NVIDIA TLZ Trus ...)
 	NOT-FOR-US: NVIDIA
 CVE-2017-6291
 	RESERVED
-CVE-2017-6290
+CVE-2017-6290 (In Android before the 2018-06-05 security patch level, NVIDIA TLK Trus ...)
 	NOT-FOR-US: NVIDIA
-CVE-2017-6289
+CVE-2017-6289 (In Android before the 2018-05-05 security patch level, NVIDIA Trusted  ...)
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6288
+CVE-2017-6288 (NVIDIA libnvrm contains a possible out of bounds read due to a missing ...)
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6287
+CVE-2017-6287 (NVIDIA libnvrm contains a possible out of bounds read due to a missing ...)
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6286
+CVE-2017-6286 (NVIDIA libnvomx contains a possible out of bounds write due to a missi ...)
 	NOT-FOR-US: NVIDIA
-CVE-2017-6285
+CVE-2017-6285 (NVIDIA libnvrm contains a possible out of bounds read due to a missing ...)
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6284
+CVE-2017-6284 (NVIDIA Security Engine contains a vulnerability in the Deterministic R ...)
 	NOT-FOR-US: NVIDIA
-CVE-2017-6283
+CVE-2017-6283 (NVIDIA Security Engine contains a vulnerability in the RSA function wh ...)
 	NOT-FOR-US: NVIDIA
-CVE-2017-6282
+CVE-2017-6282 (NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an  ...)
 	NOT-FOR-US: NVIDIA
-CVE-2017-6281
+CVE-2017-6281 (NVIDIA libnvomx contains a possible out of bounds write due to a impro ...)
 	NOT-FOR-US: NVIDIA
-CVE-2017-6280
+CVE-2017-6280 (NVIDIA driver contains a possible out-of-bounds read vulnerability due ...)
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6279
+CVE-2017-6279 (NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnera ...)
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6278
+CVE-2017-6278 (NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal  ...)
 	NOT-FOR-US: NVIDIA Tegra
-CVE-2017-6277
+CVE-2017-6277 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6276
+CVE-2017-6276 (NVIDIA mediaserver contains a vulnerability where it is possible a use ...)
 	NOT-FOR-US: NVIDIA
-CVE-2017-6275
+CVE-2017-6275 (An information disclosure vulnerability exists in the Thermal Driver,  ...)
 	NOT-FOR-US: NVIDIA components for Android
-CVE-2017-6274
+CVE-2017-6274 (An elevation of Privilege vulnerability exists in the Thermal Driver,  ...)
 	NOT-FOR-US: NVIDIA components for Android
-CVE-2017-6273
+CVE-2017-6273 (NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader compo ...)
 	NOT-FOR-US: NVIDIA ADSP Firmware
-CVE-2017-6272
+CVE-2017-6272 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode  ...)
 	[experimental] - nvidia-graphics-drivers 384.90-1
 	- nvidia-graphics-drivers 384.98-2 (bug #876414)
 	[stretch] - nvidia-graphics-drivers 384.130-1
@@ -35543,15 +35543,15 @@ CVE-2017-6272
 	[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544
-CVE-2017-6271
+CVE-2017-6271 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6270
+CVE-2017-6270 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6269
+CVE-2017-6269 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6268
+CVE-2017-6268 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6267
+CVE-2017-6267 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode  ...)
 	[experimental] - nvidia-graphics-drivers 384.90-1
 	- nvidia-graphics-drivers 384.98-2 (bug #876414)
 	[stretch] - nvidia-graphics-drivers 384.130-1
@@ -35564,7 +35564,7 @@ CVE-2017-6267
 	[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544
-CVE-2017-6266
+CVE-2017-6266 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode  ...)
 	[experimental] - nvidia-graphics-drivers 384.90-1
 	- nvidia-graphics-drivers 384.98-2 (bug #876414)
 	[stretch] - nvidia-graphics-drivers 384.130-1
@@ -35579,51 +35579,51 @@ CVE-2017-6266
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544
 CVE-2017-6265
 	RESERVED
-CVE-2017-6264
+CVE-2017-6264 (An elevation of privilege vulnerability exists in the NVIDIA GPU drive ...)
 	NOT-FOR-US: NVIDIA components for Android
-CVE-2017-6263
+CVE-2017-6263 (NVIDIA driver contains a vulnerability where it is possible a use afte ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-6262
+CVE-2017-6262 (NVIDIA driver contains a vulnerability where it is possible a use afte ...)
 	NOT-FOR-US: NVIDIA driver for Android
 CVE-2017-6261
 	RESERVED
-CVE-2017-6260
+CVE-2017-6260 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6259
+CVE-2017-6259 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode  ...)
 	- nvidia-graphics-drivers 375.82-1 (bug #869783)
 	[stretch] - nvidia-graphics-drivers 375.82-1~deb9u1
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <not-affected> (Limited to E384 and E375)
 	- nvidia-graphics-drivers-legacy-304xx <not-affected> (Limited to E384 and E375)
-CVE-2017-6258
+CVE-2017-6258 (NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnera ...)
 	NOT-FOR-US: Nvidia component for Android
-CVE-2017-6257
+CVE-2017-6257 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode  ...)
 	- nvidia-graphics-drivers 375.82-1 (bug #869783)
 	[stretch] - nvidia-graphics-drivers 375.82-1~deb9u1
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <not-affected> (Limited to E384 and E375)
 	- nvidia-graphics-drivers-legacy-304xx <not-affected> (Limited to E384 and E375)
-CVE-2017-6256
+CVE-2017-6256 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6255
+CVE-2017-6255 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6254
+CVE-2017-6254 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6253
+CVE-2017-6253 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6252
+CVE-2017-6252 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6251
+CVE-2017-6251 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2017-6250
+CVE-2017-6250 (NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web Helpe ...)
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2017-6249
+CVE-2017-6249 (An elevation of privilege vulnerability in the NVIDIA sound driver cou ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-6248
+CVE-2017-6248 (An elevation of privilege vulnerability in the NVIDIA sound driver cou ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-6247
+CVE-2017-6247 (An elevation of privilege vulnerability in the NVIDIA sound driver cou ...)
 	NOT-FOR-US: NVIDIA driver for Android
 CVE-2017-6246
 	RESERVED
@@ -35657,21 +35657,21 @@ CVE-2017-6232
 	RESERVED
 CVE-2017-6231
 	RESERVED
-CVE-2017-6230
+CVE-2017-6230 (Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus ...)
 	NOT-FOR-US: Ruckus Networks firmware
-CVE-2017-6229
+CVE-2017-6229 (Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and ...)
 	NOT-FOR-US: Ruckus Networks firmware
 CVE-2017-6228
 	RESERVED
-CVE-2017-6227
+CVE-2017-6227 (A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN product ...)
 	NOT-FOR-US: Brocade
 CVE-2017-6226
 	RESERVED
-CVE-2017-6225
+CVE-2017-6225 (Cross-site scripting (XSS) vulnerability in the web-based management i ...)
 	NOT-FOR-US: Brocade
-CVE-2017-6224
+CVE-2017-6224 (Ruckus Wireless Zone Director Controller firmware releases ZD9.x, ZD10 ...)
 	NOT-FOR-US: Ruckus
-CVE-2017-6223
+CVE-2017-6223 (Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD ...)
 	NOT-FOR-US: Ruckus
 CVE-2017-6222
 	RESERVED
@@ -35687,31 +35687,31 @@ CVE-2017-6217
 	RESERVED
 CVE-2017-6216
 	RESERVED
-CVE-2017-6215
+CVE-2017-6215 (paypal/permissions-sdk-php is vulnerable to reflected XSS in the sampl ...)
 	NOT-FOR-US: PayPal permissions-sdk-php
-CVE-2017-6213
+CVE-2017-6213 (paypal/invoice-sdk-php is vulnerable to reflected XSS in samples/permi ...)
 	NOT-FOR-US: PayPal invoice-sdk-php
 CVE-2017-6212
 	REJECTED
-CVE-2017-6211
+CVE-2017-6211 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2017-6214
+CVE-2017-6214 (The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel bef ...)
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/ccf7abb93af09ad0868ae9033d1ca8108bdaec82 (v4.10-rc8)
-CVE-2017-6210
+CVE-2017-6210 (The vrend_decode_reset function in vrend_decode.c in virglrenderer bef ...)
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=0a5dff15912207b83018485f83e067474e818bab (0.6.0)
-CVE-2017-6209
+CVE-2017-6209 (Stack-based buffer overflow in the parse_identifier function in tgsi_t ...)
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=e534b51ca3c3cd25f3990589932a9ed711c59b27 (0.6.0)
 CVE-2017-6208
 	RESERVED
 CVE-2017-6207
 	REJECTED
-CVE-2017-6206
+CVE-2017-6206 (D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-15 ...)
 	NOT-FOR-US: D-Link
-CVE-2017-6205
+CVE-2017-6205 (D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-15 ...)
 	NOT-FOR-US: D-Link
 CVE-2017-6204
 	RESERVED
@@ -35719,15 +35719,15 @@ CVE-2017-6203
 	RESERVED
 CVE-2017-6202
 	RESERVED
-CVE-2017-6201
+CVE-2017-6201 (A Server Side Request Forgery vulnerability exists in the install app  ...)
 	NOT-FOR-US: Sandstorm
-CVE-2017-6200
+CVE-2017-6200 (Sandstorm before build 0.203 allows remote attackers to read any speci ...)
 	NOT-FOR-US: Sandstorm
-CVE-2017-6199
+CVE-2017-6199 (A remote attacker could bypass the Sandstorm organization restriction  ...)
 	NOT-FOR-US: Sandstorm
-CVE-2017-6198
+CVE-2017-6198 (The Supervisor in Sandstorm doesn't set and enforce the resource limit ...)
 	NOT-FOR-US: Sandstorm
-CVE-2017-6197
+CVE-2017-6197 (The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 all ...)
 	{DLA-837-1}
 	- radare2 1.1.0+dfsg-2 (bug #856063)
 	[jessie] - radare2 <no-dsa> (Minor issue)
@@ -35737,53 +35737,53 @@ CVE-2017-6197
 	NOTE: The NULL pointer dereferences are still triggerable, via the shown
 	NOTE: vector and seen under valgrind. It might be disputable if that is the
 	NOTE: same vulnerability though.
-CVE-2017-6196
+CVE-2017-6196 (Multiple use-after-free vulnerabilities in the gx_image_enum_begin fun ...)
 	- ghostscript <not-affected> (Issue introduced later, cf. bug #856142)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697596
 	NOTE: Fixed by: http://git.ghostscript.com/?p=ghostpdl.git;h=ecceafe3abba2714ef9b432035fe0739d9b1a283
 	NOTE: Possibly introduced only after http://git.ghostscript.com/?p=ghostpdl.git;h=cffb5712bc10c2c2f46adf311fc74aaae74cb784
-CVE-2017-6195
+CVE-2017-6195 (Ipswitch MOVEit Transfer (formerly DMZ) allows pre-authentication blin ...)
 	NOT-FOR-US: Ipswitch MOVEit Transfer
-CVE-2017-6194
+CVE-2017-6194 (The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows r ...)
 	[experimental] - radare2 1.3.0+dfsg-1
 	- radare2 1.1.0+dfsg-4 (bug #859448)
 	[jessie] - radare2 <not-affected> (Vulnerable code not present)
 	[wheezy] - radare2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/72794dc3523bbd5bb370de3c5857cb736c387e18 (1.3.0-git)
 	NOTE: https://github.com/radare/radare2/issues/6829
-CVE-2017-6193
+CVE-2017-6193 (Buffer overflow in APNGDis 2.8 and earlier allows remote attackers to  ...)
 	NOT-FOR-US: APNGDis
-CVE-2017-6192
+CVE-2017-6192 (Buffer overflow in APNGDis 2.8 and earlier allows a remote attackers t ...)
 	NOT-FOR-US: APNGDis
-CVE-2017-6191
+CVE-2017-6191 (Buffer overflow in APNGDis 2.8 and below allows a remote attacker to e ...)
 	NOT-FOR-US: APNGDis
-CVE-2017-6190
+CVE-2017-6190 (Directory traversal vulnerability in the web interface on the D-Link D ...)
 	NOT-FOR-US: D-Link
-CVE-2017-6189
+CVE-2017-6189 (Untrusted search path vulnerability in Amazon Kindle for PC before 1.1 ...)
 	NOT-FOR-US: Amazon Kindle
-CVE-2017-6187
+CVE-2017-6187 (Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4 ...)
 	NOT-FOR-US: DiskSavvy Enterprise
-CVE-2017-6186
+CVE-2017-6186 (Code injection vulnerability in Bitdefender Total Security 12.0 (and e ...)
 	NOT-FOR-US: Bitdefender
 CVE-2017-6185
 	RESERVED
-CVE-2017-6184
+CVE-2017-6184 (In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine ...)
 	NOT-FOR-US: Sophos
-CVE-2017-6183
+CVE-2017-6183 (In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine ...)
 	NOT-FOR-US: Sophos
-CVE-2017-6182
+CVE-2017-6182 (In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine ...)
 	NOT-FOR-US: Sophos
-CVE-2017-6181
+CVE-2017-6181 (The parse_char_class function in regparse.c in the Onigmo (aka Oniguru ...)
 	- ruby2.3 <not-affected> (Introduced in v2_4_0_rc1)
 	- ruby2.1 <not-affected> (Introduced in v2_4_0_rc1)
 	NOTE: Introduced by: https://github.com/ruby/ruby/commit/2873edeafb6f6df1fc99bb9b1167591b99dd378c
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/ea940cc4dcff8d6c345d7015eda0bf06671f87e9
 	NOTE: https://bugs.ruby-lang.org/issues/13234
-CVE-2017-6180
+CVE-2017-6180 (Keekoon KK002 devices 1.8.12 HD have a Cross Site Request Forgery Vuln ...)
 	NOT-FOR-US: Keekoon KK002 devices
 CVE-2017-6179
 	RESERVED
-CVE-2017-6178
+CVE-2017-6178 (The IofCallDriver function in USBPcap 1.1.0.0 allows local users to ga ...)
 	NOT-FOR-US: USBPcap
 CVE-2017-6177
 	REJECTED
@@ -35801,97 +35801,97 @@ CVE-2017-6171
 	REJECTED
 CVE-2017-6170
 	REJECTED
-CVE-2017-6169
+CVE-2017-6169 (In versions 13.0.0, 12.0.0-12.1.3, or 11.6.0-11.6.2, an F5 BIG-IP virt ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6168
+CVE-2017-6168 (On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2  ...)
 	NOT-FOR-US: F5 BIG-IP
 	NOTE: https://support.f5.com/csp/article/K21905460
 	NOTE: https://robotattack.org/
-CVE-2017-6167
+CVE-2017-6167 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6166
+CVE-2017-6166 (In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PE ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6165
+CVE-2017-6165 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Contro ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6164
+CVE-2017-6164 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GT ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6163
+CVE-2017-6163 (In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM softwa ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6162
+CVE-2017-6162 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GT ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6161
+CVE-2017-6161 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GT ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6160
+CVE-2017-6160 (In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6159
+CVE-2017-6159 (F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controlle ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6158
+CVE-2017-6158 (In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 th ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6157
+CVE-2017-6157 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Contro ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6156
+CVE-2017-6156 (When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6155
+CVE-2017-6155 (On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6154
+CVE-2017-6154 (On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6153
+CVE-2017-6153 (Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6152
+CVE-2017-6152 (A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the  ...)
 	NOT-FOR-US: F5 BIG-IQ Centralized Management
-CVE-2017-6151
+CVE-2017-6151 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GT ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6150
+CVE-2017-6150 (Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1 ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6149
 	REJECTED
-CVE-2017-6148
+CVE-2017-6148 (Responses to SOCKS proxy requests made through F5 BIG-IP version 13.0. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6147
+CVE-2017-6147 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2017-6146
 	REJECTED
-CVE-2017-6145
+CVE-2017-6145 (iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Li ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6144
+CVE-2017-6144 (In F5 BIG-IP PEM 12.1.0 through 12.1.2 when downloading the Type Alloc ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6143
+CVE-2017-6143 (X509 certificate verification was not correctly implemented in the IP  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6142
+CVE-2017-6142 (X509 certificate verification was not correctly implemented in the ear ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6141
+CVE-2017-6141 (In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, and WebSaf ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6140
+CVE-2017-6140 (On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800,  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6139
+CVE-2017-6139 (In F5 BIG-IP APM software version 13.0.0 and 12.1.2, under rare condit ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6138
+CVE-2017-6138 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Contro ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6137
+CVE-2017-6137 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GT ...)
 	NOT-FOR-US: F5
-CVE-2017-6136
+CVE-2017-6136 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Contro ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6135
+CVE-2017-6135 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Contro ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6134
+CVE-2017-6134 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Contro ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6133
+CVE-2017-6133 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6132
+CVE-2017-6132 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Contro ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6131
+CVE-2017-6131 (In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0. ...)
 	NOT-FOR-US: F5
-CVE-2017-6130
+CVE-2017-6130 (F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulner ...)
 	NOT-FOR-US: F5
-CVE-2017-6129
+CVE-2017-6129 (In F5 BIG-IP APM software version 13.0.0 and 12.1.2, in some circumsta ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-6128
+CVE-2017-6128 (An attacker may be able to cause a denial-of-service (DoS) attack agai ...)
 	NOT-FOR-US: F5
-CVE-2017-6188
+CVE-2017-6188 (Munin before 2.999.6 has a local file write vulnerability when CGI gra ...)
 	{DSA-3794-1 DLA-836-1}
 	- munin 2.0.31-1 (bug #855705)
 	NOTE: https://github.com/munin-monitoring/munin/issues/721
-CVE-2017-6127
+CVE-2017-6127 (Multiple cross-site request forgery (CSRF) vulnerabilities in the acce ...)
 	NOT-FOR-US: DIGISOL DG-HR1400 Wireless Router
 CVE-2017-6126
 	RESERVED
@@ -35937,30 +35937,30 @@ CVE-2017-6106
 	RESERVED
 CVE-2017-6105
 	RESERVED
-CVE-2017-6104
+CVE-2017-6104 (Remote file upload vulnerability in Wordpress Plugin Mobile App Native ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-6103
+CVE-2017-6103 (Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1. ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-6102
+CVE-2017-6102 (Persistent XSS in wordpress plugin rockhoist-badges v1.2.2. ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-6384
+CVE-2017-6384 (Memory leak in the login_user function in saslserv/main.c in saslserv/ ...)
 	- atheme-services 7.2.9-1 (bug #855588)
 	[jessie] - atheme-services <not-affected> (versions prior to 7.2.7 not vulnerable)
 	NOTE: 7.2.7 vulnerable, fixed in 7.2.8, but the fix introduced another DOS, fixed in 7.2.9
 	NOTE: (Possibly) introduced in https://github.com/atheme/atheme/commit/8ac7aa8d007331ae694f099c288e27f911e8cad1 (v7.2.7)
 CVE-2017-6101
 	RESERVED
-CVE-2017-6099
+CVE-2017-6099 (Cross-site scripting (XSS) vulnerability in GetAuthDetails.html.php in ...)
 	NOT-FOR-US: PayPal PHP Merchant SDK
-CVE-2017-6098
+CVE-2017-6098 (A SQL injection issue was discovered in the Mail Masta (aka mail-masta ...)
 	NOT-FOR-US: Mail Masta plugin for Wordpress
-CVE-2017-6097
+CVE-2017-6097 (A SQL injection issue was discovered in the Mail Masta (aka mail-masta ...)
 	NOT-FOR-US: Mail Masta plugin for Wordpress
-CVE-2017-6096
+CVE-2017-6096 (A SQL injection issue was discovered in the Mail Masta (aka mail-masta ...)
 	NOT-FOR-US: Mail Masta plugin for Wordpress
-CVE-2017-6095
+CVE-2017-6095 (A SQL injection issue was discovered in the Mail Masta (aka mail-masta ...)
 	NOT-FOR-US: Mail Masta plugin for Wordpress
-CVE-2017-6094
+CVE-2017-6094 (CPEs used by subscribers on the access network receive their individua ...)
 	NOT-FOR-US: Genexis GASP
 CVE-2017-6093
 	RESERVED
@@ -35968,15 +35968,15 @@ CVE-2017-6092
 	RESERVED
 CVE-2017-6091
 	RESERVED
-CVE-2017-6090
+CVE-2017-6090 (Unrestricted file upload vulnerability in clients/editclient.php in Ph ...)
 	NOT-FOR-US: PhpCollab
-CVE-2017-6089
+CVE-2017-6089 (SQL injection vulnerability in PhpCollab 2.5.1 and earlier allows remo ...)
 	NOT-FOR-US: PhpCollab
-CVE-2017-6088
+CVE-2017-6088 (Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0  ...)
 	NOT-FOR-US: EyesOfNetwork
-CVE-2017-6087
+CVE-2017-6087 (EyesOfNetwork ("EON") 5.0 and earlier allows remote authenticated user ...)
 	NOT-FOR-US: EyesOfNetwork
-CVE-2017-6086
+CVE-2017-6086 (Multiple cross-site request forgery (CSRF) vulnerabilities in the addA ...)
 	NOT-FOR-US: ViMbAdmin
 CVE-2017-6085
 	RESERVED
@@ -35986,57 +35986,57 @@ CVE-2017-6083
 	RESERVED
 CVE-2017-6082
 	RESERVED
-CVE-2017-6081
+CVE-2017-6081 (A CSRF issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3 ...)
 	- zammad <itp> (bug #841355)
-CVE-2017-6080
+CVE-2017-6080 (An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, an ...)
 	- zammad <itp> (bug #841355)
-CVE-2017-6079
+CVE-2017-6079 (The HTTP web-management application on Edgewater Networks Edgemarc app ...)
 	NOT-FOR-US: Edgewater
-CVE-2017-6078
+CVE-2017-6078 (FastStone MaxView 3.0 and 3.1 allows user-assisted attackers to cause  ...)
 	NOT-FOR-US: FastStone MaxView
-CVE-2017-6077
+CVE-2017-6077 (ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 al ...)
 	NOT-FOR-US: NETGEAR
-CVE-2017-6076
+CVE-2017-6076 (In versions of wolfSSL before 3.10.2 the function fp_mul_comba makes i ...)
 	- wolfssl 3.10.2+dfsg-1 (bug #856114)
 	NOTE: https://github.com/wolfSSL/wolfssl/releases/tag/v3.10.2-stable
 	NOTE: https://github.com/wolfSSL/wolfssl/commit/345df93978c41da1ac8047a37f1fed5286883d8d
 CVE-2017-6075
 	RESERVED
-CVE-2017-6074
+CVE-2017-6074 (The dccp_rcv_state_process function in net/dccp/input.c in the Linux k ...)
 	{DSA-3791-1 DLA-833-1}
 	- linux 4.9.13-1
 	NOTE: Fixed by: https://git.kernel.org/linus/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4
 CVE-2017-6073
 	RESERVED
-CVE-2017-6072
+CVE-2017-6072 (CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-6071
+CVE-2017-6071 (CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-6070
+CVE-2017-6070 (CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2017-6069
+CVE-2017-6069 (Subrion CMS 4.0.5 has CSRF in admin/blog/add/. The attacker can add an ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2017-6068
+CVE-2017-6068 (Subrion CMS 4.0.5 has CSRF in admin/blocks/add/. The attacker can crea ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2017-6067
+CVE-2017-6067 (Symphony 2.6.9 has XSS in publish/notes/edit/##/saved/ via the bottom  ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2017-6066
+CVE-2017-6066 (Subrion CMS 4.0.5 has CSRF in admin/languages/edit/1/. The attacker ca ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2017-6065
+CVE-2017-6065 (SQL injection vulnerability in inc/lib/Control/Backend/menus.control.p ...)
 	NOT-FOR-US: GenixCMS
 CVE-2017-6064
 	RESERVED
 CVE-2017-6063
 	RESERVED
-CVE-2017-6061
+CVE-2017-6061 (Cross-site scripting (XSS) vulnerability in the help component of SAP  ...)
 	NOT-FOR-US: SAP
-CVE-2017-6060
+CVE-2017-6060 (Stack-based buffer overflow in jstest_main.c in mujstest in Artifex So ...)
 	- mupdf <unfixed> (unimportant)
 	[wheezy] - mupdf <not-affected> (Vulnerable code not present)
 	NOTE: Although jstest_main.c compiled during build and mujstest is created
 	NOTE: it is not included in the produced binary packages
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/18/1
-CVE-2017-6058
+CVE-2017-6058 (Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU ( ...)
 	- qemu 1:2.8+dfsg-3 (bug #855616)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -36045,148 +36045,148 @@ CVE-2017-6058
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1423358
 CVE-2017-6057
 	RESERVED
-CVE-2017-6055
+CVE-2017-6055 (XML external entity (XXE) vulnerability in eParakstitajs 3 before 1.3. ...)
 	NOT-FOR-US: eParakstitajs and eParaksts Java lib
-CVE-2017-6054
+CVE-2017-6054 (A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai  ...)
 	NOT-FOR-US: Hyundai
-CVE-2017-6053
+CVE-2017-6053 (A Cross-Site Scripting issue was discovered in Trihedral VTScada Versi ...)
 	NOT-FOR-US: Trihedral VTScada
-CVE-2017-6052
+CVE-2017-6052 (A Man-in-the-Middle issue was discovered in Hyundai Motor America Blue ...)
 	NOT-FOR-US: Hyundai
-CVE-2017-6051
+CVE-2017-6051 (An Uncontrolled Search Path Element issue was discovered in BLF-Tech L ...)
 	NOT-FOR-US: BLF-Tech LLC VisualView HMI
-CVE-2017-6050
+CVE-2017-6050 (A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2. ...)
 	NOT-FOR-US: Ecava IntegraXor
 CVE-2017-6049
 	RESERVED
-CVE-2017-6048
+CVE-2017-6048 (A Command Injection issue was discovered in Satel Iberia SenNet Data L ...)
 	NOT-FOR-US: Satel Iberia SenNet Data Logger and Electricity Meters
 CVE-2017-6047
 	RESERVED
-CVE-2017-6046
+CVE-2017-6046 (An Insufficiently Protected Credentials issue was discovered in Sierra ...)
 	NOT-FOR-US: Sierra Wireless AirLink Raven
-CVE-2017-6045
+CVE-2017-6045 (An Information Exposure issue was discovered in Trihedral VTScada Vers ...)
 	NOT-FOR-US: Trihedral VTScada
-CVE-2017-6044
+CVE-2017-6044 (An Improper Authorization issue was discovered in Sierra Wireless AirL ...)
 	NOT-FOR-US: Sierra Wireless AirLink Raven
-CVE-2017-6043
+CVE-2017-6043 (A Resource Consumption issue was discovered in Trihedral VTScada Versi ...)
 	NOT-FOR-US: Trihedral VTScada
-CVE-2017-6042
+CVE-2017-6042 (A Cross-Site Request Forgery issue was discovered in Sierra Wireless A ...)
 	NOT-FOR-US: Sierra Wireless AirLink Raven
-CVE-2017-6041
+CVE-2017-6041 (An Unrestricted Upload issue was discovered in Marel Food Processing S ...)
 	NOT-FOR-US: Marel
-CVE-2017-6040
+CVE-2017-6040 (An Information Exposure issue was discovered in Belden Hirschmann GECK ...)
 	NOT-FOR-US: Belden Hirschmann GECKO Lite Managed switch
-CVE-2017-6039
+CVE-2017-6039 (A Use of Hard-Coded Password issue was discovered in Phoenix Broadband ...)
 	NOT-FOR-US: Phoenix
-CVE-2017-6038
+CVE-2017-6038 (A Cross-Site Request Forgery issue was discovered in Belden Hirschmann ...)
 	NOT-FOR-US: Belden Hirschmann GECKO Lite Managed switch
-CVE-2017-6037
+CVE-2017-6037 (A Heap-Based Buffer Overflow issue was discovered in Wecon Technologie ...)
 	NOT-FOR-US: Wecon
-CVE-2017-6036
+CVE-2017-6036 (A Server-Side Request Forgery issue was discovered in Belden Hirschman ...)
 	NOT-FOR-US: Belden Hirschmann GECKO Lite Managed switch
-CVE-2017-6035
+CVE-2017-6035 (A Stack-Based Buffer Overflow issue was discovered in Wecon Technologi ...)
 	NOT-FOR-US: Wecon
-CVE-2017-6034
+CVE-2017-6034 (An Authentication Bypass by Capture-Replay issue was discovered in Sch ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6033
+CVE-2017-6033 (A DLL Hijacking issue was discovered in Schneider Electric Interactive ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6032
+CVE-2017-6032 (A Violation of Secure Design Principles issue was discovered in Schnei ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6031
+CVE-2017-6031 (A Header Injection issue was discovered in Certec EDV GmbH atvise scad ...)
 	NOT-FOR-US: Certec EDV GmbH atvise scada
-CVE-2017-6030
+CVE-2017-6030 (A Predictable Value Range from Previous Values issue was discovered in ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6029
+CVE-2017-6029 (A Cross-Site Scripting issue was discovered in Certec EDV GmbH atvise  ...)
 	NOT-FOR-US: Certec EDV GmbH atvise scada
-CVE-2017-6028
+CVE-2017-6028 (An Insufficiently Protected Credentials issue was discovered in Schnei ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6027
+CVE-2017-6027 (An Arbitrary File Upload issue was discovered in 3S-Smart Software Sol ...)
 	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS Web Server
-CVE-2017-6026
+CVE-2017-6026 (A Use of Insufficiently Random Values issue was discovered in Schneide ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6025
+CVE-2017-6025 (A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solu ...)
 	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS Web Server
-CVE-2017-6024
+CVE-2017-6024 (A Resource Exhaustion issue was discovered in Rockwell Automation Cont ...)
 	NOT-FOR-US: Rockwell
-CVE-2017-6023
+CVE-2017-6023 (An issue was discovered in Fatek Automation PLC Ethernet Module. The a ...)
 	NOT-FOR-US: Fatek
-CVE-2017-6022
+CVE-2017-6022 (A hard-coded password issue was discovered in Becton, Dickinson and Co ...)
 	NOT-FOR-US: BD's Kiestra PerformA and KLA Journal Service applications
-CVE-2017-6021
+CVE-2017-6021 (In Schneider Electric ClearSCADA 2014 R1 (build 75.5210) and prior, 20 ...)
 	NOT-FOR-US: Schneider
-CVE-2017-6020
+CVE-2017-6020 (Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis S ...)
 	NOT-FOR-US: Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software
-CVE-2017-6019
+CVE-2017-6019 (An issue was discovered in Schneider Electric Conext ComBox, model 865 ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6018
+CVE-2017-6018 (An open redirect issue was discovered in B. Braun Medical SpaceCom mod ...)
 	NOT-FOR-US: SpaceCom / SpaceStation
-CVE-2017-6017
+CVE-2017-6017 (A Resource Exhaustion issue was discovered in Schneider Electric Modic ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-6016
+CVE-2017-6016 (An Improper Access Control issue was discovered in LCDS - Leao Consult ...)
 	NOT-FOR-US: LCDS (Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA)
-CVE-2017-6015
+CVE-2017-6015 (Without quotation marks, any whitespace in the file path for Rockwell  ...)
 	NOT-FOR-US: Rockwell
-CVE-2017-6014
+CVE-2017-6014 (In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 cap ...)
 	{DSA-3811-1 DLA-826-1}
 	- wireshark 2.2.5+g440fd4d-2 (bug #855408)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13416
-CVE-2017-6013
+CVE-2017-6013 (Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the quer ...)
 	NOT-FOR-US: Subrion CMS
 CVE-2017-6012
 	RESERVED
-CVE-2017-6011
+CVE-2017-6011 (An issue was discovered in icoutils 0.31.1. An out-of-bounds read lead ...)
 	{DSA-3807-1 DLA-854-1}
 	- icoutils 0.31.2-1 (bug #854054)
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=bf97b99109607d4367a4e57df9a37cbcac02e220
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=45a0207225df4cd4b82f41eee636e21f11a7db74
 	NOTE: Proposed patch from Red Hat contributor: https://bugzilla.redhat.com/attachment.cgi?id=1256393
-CVE-2017-6010
+CVE-2017-6010 (An issue was discovered in icoutils 0.31.1. A buffer overflow was obse ...)
 	{DSA-3807-1 DLA-854-1}
 	- icoutils 0.31.2-1 (bug #854054)
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=bf97b99109607d4367a4e57df9a37cbcac02e220
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=45a0207225df4cd4b82f41eee636e21f11a7db74
 	NOTE: Proposed patch from Red Hat contributor: https://bugzilla.redhat.com/attachment.cgi?id=1256393
-CVE-2017-6009
+CVE-2017-6009 (An issue was discovered in icoutils 0.31.1. A buffer overflow was obse ...)
 	{DSA-3807-1 DLA-854-1}
 	- icoutils 0.31.2-1 (bug #854050)
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=f148ae5af1c9eeb85610a5653a7f625dd6c3ac2e
 	NOTE: Proposed patch from Red Hat contributor: https://bugzilla.redhat.com/attachment.cgi?id=1256407
-CVE-2017-6008
+CVE-2017-6008 (A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRig ...)
 	NOT-FOR-US: Sophos
-CVE-2017-6007
+CVE-2017-6007 (A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRig ...)
 	NOT-FOR-US: Sophos
 CVE-2017-6006
 	REJECTED
-CVE-2017-6005
+CVE-2017-6005 (Waves MaxxAudio, as installed on Dell laptops, adds a "WavesSysSvc" Wi ...)
 	NOT-FOR-US: Waves MaxxAudio
-CVE-2017-6004
+CVE-2017-6004 (The compile_bracket_matchingpath function in pcre_jit_compile.c in PCR ...)
 	- pcre3 2:8.39-2.1 (bug #855405)
 	[jessie] - pcre3 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://vcs.pcre.org/pcre/code/trunk/pcre_jit_compile.c?r1=1676&r2=1680&view=patch
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=2035
-CVE-2017-6003
+CVE-2017-6003 (dotCMS 3.7.0 has XSS reachable from ext/languages_manager/edit_languag ...)
 	NOT-FOR-US: dotCMS
-CVE-2017-6002
+CVE-2017-6002 (Subrion CMS 4.0.5.10 has CSRF in admin/blog/add/. The attacker can add ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2017-6001
+CVE-2017-6001 (Race condition in kernel/events/core.c in the Linux kernel before 4.9. ...)
 	{DSA-3791-1 DLA-833-1}
 	- linux 4.9.10-1
 	NOTE: Fixed by: https://git.kernel.org/linus/321027c1fe77f892f4ea07846aeae08cefbbb290
 CVE-2017-6000
 	REJECTED
-CVE-2017-5999
+CVE-2017-5999 (An issue was discovered in sysPass 2.x before 2.1, in which an algorit ...)
 	NOT-FOR-US: sysPass
-CVE-2017-5998
+CVE-2017-5998 (Cross-site scripting (XSS) vulnerability in InterSect Alliance SNARE E ...)
 	NOT-FOR-US: InterSect Alliance SNARE Epilog
-CVE-2017-5997
+CVE-2017-5997 (The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remo ...)
 	NOT-FOR-US: SAP Message Server
-CVE-2017-5996
+CVE-2017-5996 (The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before ...)
 	NOT-FOR-US: Bomgar Remote Support
-CVE-2017-5995
+CVE-2017-5995 (The NetApp ONTAP Select Deploy administration utility 2.0 through 2.2. ...)
 	NOT-FOR-US: NetApp ONTAP Select Deploy administration utility
-CVE-2017-14431
+CVE-2017-14431 (Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a  ...)
 	{DLA-1493-1}
 	- xen 4.8.1-1 (bug #856229)
 	[wheezy] - xen <no-dsa> (Minor issue)
@@ -36196,38 +36196,38 @@ CVE-2017-XXXX [XSA-206: xenstore denial of service via repeated update]
 	[jessie] - xen 4.4.4lts1-0+deb8u1
 	[wheezy] - xen <ignored> (Too intrusive to backport)
 	NOTE: https://xenbits.xen.org/xsa/advisory-206.html
-CVE-2017-5994
+CVE-2017-5994 (Heap-based buffer overflow in the vrend_create_vertex_elements_state f ...)
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=114688c526fe45f341d75ccd1d85473c3b08f7a7 (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1422452
-CVE-2017-5993
+CVE-2017-5993 (Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blit ...)
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=6eb13f7a2dcf391ec9e19b4c2a79e68305f63c22 (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1422438
-CVE-2017-5991
+CVE-2017-5991 (An issue was discovered in Artifex Software, Inc. MuPDF before 1912de5 ...)
 	{DSA-3797-1}
 	- mupdf 1.9a+ds1-4 (low)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697500
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=1912de5f08e90af1d9d0a9791f58ba3afdb9d465
-CVE-2017-5990
+CVE-2017-5990 (An issue was discovered in PhreeBooksERP before 2017-02-13. The vulner ...)
 	NOT-FOR-US: PhreeBooksERP
 CVE-2017-5989
 	RESERVED
-CVE-2017-5988
+CVE-2017-5988 (NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enab ...)
 	NOT-FOR-US: NetApp
-CVE-2017-5987
+CVE-2017-5987 (The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-3 (bug #855159)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg02776.html
-CVE-2017-5986
+CVE-2017-5986 (Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket ...)
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.10-1
 	NOTE: Fixed by: https://git.kernel.org/linus/2dcab598484185dea7ec22219c76dcdd59e3cb90
-CVE-2017-5985
+CVE-2017-5985 (lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-u ...)
 	- lxc 1:2.0.7-2 (bug #857295)
 	[jessie] - lxc 1:1.0.6-6+deb8u6
 	[wheezy] - lxc <not-affected> (vulnerable code not present)
@@ -36238,9 +36238,9 @@ CVE-2017-5985
 	NOTE: stable-1.0: https://github.com/lxc/lxc/commit/c905f00ad78b78a5e9c0d67504b86e00dfe085ec
 CVE-2017-5984
 	RESERVED
-CVE-2017-5983
+CVE-2017-5983 (The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3. ...)
 	NOT-FOR-US: JIRA Workflow Designer Plugin
-CVE-2017-5982
+CVE-2017-5982 (Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi ...)
 	- kodi <unfixed> (bug #855225)
 	[buster] - kodi <ignored> (Minor issue)
 	[stretch] - kodi <ignored> (Minor issue)
@@ -36253,68 +36253,68 @@ CVE-2017-5982
 	NOTE: https://lists.debian.org/debian-lts/2017/04/msg00025.html
 	NOTE: https://lists.debian.org/debian-lts/2017/04/msg00055.html (and followups)
 	NOTE: https://lists.debian.org/debian-lts/2017/05/msg00006.html
-CVE-2017-5681
+CVE-2017-5681 (The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) E ...)
 	NOT-FOR-US: Intel QuickAssist Technology (QAT) Engine
-CVE-2017-6056
+CVE-2017-6056 (It was discovered that a programming error in the processing of HTTPS  ...)
 	{DSA-3788-1 DSA-3787-1 DLA-823-1}
 	- tomcat8 8.0.21-2 (bug #851304)
 	- tomcat7 7.0.72-3 (bug #854551)
 	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=57544
-CVE-2017-5981
+CVE-2017-5981 (seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial o ...)
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-assertion-failure-in-seeko-c/
-CVE-2017-5980
+CVE-2017-5980 (The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows ...)
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-null-pointer-dereference-in-zzip_mem_entry_new-memdisk-c/
-CVE-2017-5979
+CVE-2017-5979 (The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remot ...)
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-null-pointer-dereference-in-prescan_entry-fseeko-c/
-CVE-2017-5978
+CVE-2017-5978 (The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows ...)
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-out-of-bounds-read-in-zzip_mem_entry_new-memdisk-c/
-CVE-2017-5977
+CVE-2017-5977 (The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.6 ...)
 	- zziplib <unfixed> (bug #864150; bug #854727)
 	[stretch] - zziplib <ignored> (Minor issue)
 	[jessie] - zziplib <ignored> (Minor issue)
 	[wheezy] - zziplib <ignored> (Minor issue)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-invalid-memory-read-in-zzip_mem_entry_extra_block-memdisk-c/
-CVE-2017-5976
+CVE-2017-5976 (Heap-based buffer overflow in the zzip_mem_entry_extra_block function  ...)
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-zzip_mem_entry_extra_block-memdisk-c/
-CVE-2017-5975
+CVE-2017-5975 (Heap-based buffer overflow in the __zzip_get64 function in fetch.c in  ...)
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-__zzip_get64-fetch-c/
 	NOTE: https://github.com/gdraheim/zziplib/commit/33d6e9c52fcf1a8983896a512033994dc2ca5734 (v0.13.63)
 	NOTE: https://github.com/gdraheim/zziplib/commit/64e745f8a3604ba1c444febed86b5e142ce03dd7 (v0.13.63)
-CVE-2017-5974
+CVE-2017-5974 (Heap-based buffer overflow in the __zzip_get32 function in fetch.c in  ...)
 	{DSA-3878-1 DLA-994-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-__zzip_get32-fetch-c/
-CVE-2017-5973
+CVE-2017-5973 (The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick E ...)
 	{DLA-1497-1 DLA-845-1 DLA-842-1}
 	- qemu 1:2.8+dfsg-3 (bug #855611)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg01101.html
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/13/11
-CVE-2017-5972
+CVE-2017-5972 (The TCP stack in the Linux kernel 3.x does not properly implement a SY ...)
 	- linux 4.4.2-1
 	[jessie] - linux <ignored> (Known perfomance limitation)
 	[wheezy] - linux <no-dsa> (Known perfomance limitation)
-CVE-2017-5971
+CVE-2017-5971 (SQL injection vulnerability in NewsBee CMS allow remote attackers to e ...)
 	NOT-FOR-US: NewsBee CMS
-CVE-2017-5970
+CVE-2017-5970 (The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Lin ...)
 	{DSA-3791-1 DLA-922-1}
 	- linux 4.9.10-1
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644 (v4.10-rc8)
 	NOTE: Introduced by: https://github.com/torvalds/linux/commit/f84af32cbca70a3c6d30463dc08c7984af11c277 (v2.6.35-rc1)
-CVE-2017-5969
+CVE-2017-5969 (** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows remote ...)
 	- libxml2 2.9.4+dfsg1-5.1 (bug #855001)
 	[stretch] - libxml2 <no-dsa> (Minor issue, only a denial-of-service when using recover mode)
 	[jessie] - libxml2 <no-dsa> (Minor issue, only a denial-of-service when using recover mode)
@@ -36325,31 +36325,31 @@ CVE-2017-5969
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=94691dc884d1a8ada39f073408b4bb92fe7fe882
 CVE-2017-5968
 	RESERVED
-CVE-2017-5967
+CVE-2017-5967 (The time subsystem in the Linux kernel through 4.9.9, when CONFIG_TIME ...)
 	- linux 4.9.13-1 (low)
-CVE-2017-5966
+CVE-2017-5966 (Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators ...)
 	NOT-FOR-US: Sitecore
-CVE-2017-5965
+CVE-2017-5965 (The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authe ...)
 	NOT-FOR-US: Sitecore
-CVE-2017-5964
+CVE-2017-5964 (An issue was discovered in Emoncms through 9.8.0. The vulnerability ex ...)
 	NOT-FOR-US: Emoncms
-CVE-2017-5963
+CVE-2017-5963 (An issue was discovered in caddy (for TYPO3) before 7.2.10. The vulner ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2017-5962
+CVE-2017-5962 (An issue was discovered in contexts_wurfl (for TYPO3) before 0.4.2. Th ...)
 	NOT-FOR-US: Typo3 extension
-CVE-2017-5961
+CVE-2017-5961 (An issue was discovered in ionize through 1.0.8. The vulnerability exi ...)
 	NOT-FOR-US: ionize
-CVE-2017-5960
+CVE-2017-5960 (An issue was discovered in Phalcon Eye through 0.4.1. The vulnerabilit ...)
 	NOT-FOR-US: Phalcon Eye
-CVE-2017-5959
+CVE-2017-5959 (CSRF token bypass in GeniXCMS before 1.0.2 could result in escalation  ...)
 	NOT-FOR-US: GenixCMS
 CVE-2017-5958
 	RESERVED
-CVE-2017-5957
+CVE-2017-5957 (Stack-based buffer overflow in the vrend_decode_set_framebuffer_state  ...)
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=926b9b3460a48f6454d8bbe9e44313d86a65447f (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1421126
-CVE-2017-5956
+CVE-2017-5956 (The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local ...)
 	- virglrenderer 0.6.0-1 (bug #858255)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=a5ac49940c40ae415eac0cf912eac7070b4ba95d (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1421073
@@ -36357,21 +36357,21 @@ CVE-2017-5956
 	NOTE: Additional patch required: https://bugzilla.suse.com/attachment.cgi?id=715395
 CVE-2017-5955
 	RESERVED
-CVE-2017-5954
+CVE-2017-5954 (An issue was discovered in the serialize-to-js package 0.5.0 for Node. ...)
 	NOT-FOR-US: serialize-to-js Node package
-CVE-2017-5953
+CVE-2017-5953 (vim before patch 8.0.0322 does not properly validate values for tree l ...)
 	{DSA-3786-1 DLA-822-1}
 	- vim 2:8.0.0197-2 (bug #854969)
 	- neovim 0.1.7-4
 	NOTE: Fixed by https://github.com/vim/vim/commit/399c297aa93afe2c0a39e2a1b3f972aebba44c9d
 CVE-2017-5952
 	RESERVED
-CVE-2017-5951
+CVE-2017-5951 (The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Softw ...)
 	{DSA-3838-1 DLA-905-1}
 	- ghostscript 9.20~dfsg-3.1 (bug #859696)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697548
 	NOTE: Fixed by: http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=bfa6b2ecbe48edc69a7d9d22a12419aed25960b8
-CVE-2017-5950
+CVE-2017-5950 (The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) ...)
 	- yaml-cpp <unfixed> (low; bug #859891)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -36382,65 +36382,65 @@ CVE-2017-5950
 	[jessie] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	NOTE: https://github.com/jbeder/yaml-cpp/issues/459
 	NOTE: possible fix: https://github.com/jbeder/yaml-cpp/pull/489
-CVE-2017-5949
+CVE-2017-5949 (JavaScriptCore in WebKit, as distributed in Safari Technology Preview  ...)
 	- webkitgtk <removed> (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-5948
+CVE-2017-5948 (An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. Oxyge ...)
 	NOT-FOR-US: OnePlus One
-CVE-2017-5947
+CVE-2017-5947 (An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices wit ...)
 	NOT-FOR-US: OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS
-CVE-2017-5946
+CVE-2017-5946 (The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a ...)
 	{DSA-3801-1 DLA-846-1}
 	- ruby-zip 1.2.0-1.1 (bug #856269)
 	- libzip-ruby <removed>
 	NOTE: https://github.com/rubyzip/rubyzip/issues/315
-CVE-2017-5945
+CVE-2017-5945 (An issue was discovered in the PoodLL Filter plugin through 3.0.20 for ...)
 	NOT-FOR-US: Moodle plugin
-CVE-2017-5944
+CVE-2017-5944 (The dashboard subscription interface in Request Tracker (RT) 4.x befor ...)
 	{DSA-3882-1 DLA-987-1}
 	- request-tracker4 4.4.1-4
-CVE-2017-5943
+CVE-2017-5943 (Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x ...)
 	{DSA-3882-1 DLA-987-1}
 	- request-tracker4 4.4.1-4
-CVE-2017-5942
+CVE-2017-5942 (An issue was discovered in the WP Mail plugin before 1.2 for WordPress ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2017-5941
+CVE-2017-5941 (An issue was discovered in the node-serialize package 0.0.4 for Node.j ...)
 	NOT-FOR-US: node-serialize
 CVE-2017-5939
 	RESERVED
-CVE-2017-5936
+CVE-2017-5936 (OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pair ...)
 	NOT-FOR-US: Nova-LXD
-CVE-2017-5937
+CVE-2017-5937 (The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d ...)
 	- virglrenderer 0.6.0-1 (bug #854728)
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=48f67f60967f963b698ec8df57ec6912a43d6282 (0.6.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1420246
 CVE-2017-5935
 	RESERVED
-CVE-2017-5934
+CVE-2017-5934 (Cross-site scripting (XSS) vulnerability in the link dialogue in GUI e ...)
 	{DSA-4318-1 DLA-1546-1}
 	- moin 1.9.9-1+deb9u1 (bug #910776)
 	NOTE: https://github.com/moinwiki/moin-1.9/commit/70955a8eae091cc88fd9a6e510177e70289ec024
-CVE-2017-5933
+CVE-2017-5933 (Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11 ...)
 	NOT-FOR-US: Citrix
-CVE-2017-5932
+CVE-2017-5932 (The path autocompletion feature in Bash 4.4 allows local users to gain ...)
 	- bash 4.4-3
 	[jessie] - bash <not-affected> (Introduced in 4.4)
 	[wheezy] - bash <not-affected> (Introduced in 4.4)
 	NOTE: https://github.com/jheyens/bash_completion_vuln/raw/master/2017-01-17.bash_completion_report.pdf
 	NOTE: Fix http://git.savannah.gnu.org/cgit/bash.git/commit/?id=4f747edc625815f449048579f6e65869914dd715
-CVE-2017-5931
+CVE-2017-5931 (Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emula ...)
 	- qemu 1:2.8+dfsg-3 (bug #854730)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01368.html
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/07/8
-CVE-2017-5930
+CVE-2017-5930 (The AliasHandler component in PostfixAdmin before 3.0.2 allows remote  ...)
 	- postfixadmin 3.0.2-1 (bug #854742)
 	[jessie] - postfixadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - postfixadmin <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/07/6
-CVE-2017-5929
+CVE-2017-5929 (QOS.ch Logback before 1.2.0 has a serialization vulnerability affectin ...)
 	{DLA-888-1}
 	- logback 1:1.1.9-3 (bug #857343)
 	[jessie] - logback 1:1.1.2-1+deb8u1
@@ -36449,19 +36449,19 @@ CVE-2017-5929
 	NOTE: https://github.com/qos-ch/logback/commit/7fbea6127fa98fc48368ca5e8540eefe0e60cec5
 	NOTE: https://github.com/qos-ch/logback/commit/3b4f605454534b304770eeee3cb343521fcd6968
 	NOTE: Information asked about complete patchset to fix CVE-2017-5929: http://mailman.qos.ch/pipermail/logback-user/2017-March/004875.html
-CVE-2017-5928
+CVE-2017-5928 (The W3C High Resolution Time API, as implemented in various web browse ...)
 	NOT-FOR-US: Design limitation of W3C High Resolution Time API
-CVE-2017-5927
+CVE-2017-5927 (Page table walks conducted by the MMU during virtual to physical addre ...)
 	NOT-FOR-US: Hardware issue in some Intel CPUs
-CVE-2017-5926
+CVE-2017-5926 (Page table walks conducted by the MMU during virtual to physical addre ...)
 	NOT-FOR-US: Hardware issue in some Intel CPUs
-CVE-2017-5925
+CVE-2017-5925 (Page table walks conducted by the MMU during virtual to physical addre ...)
 	NOT-FOR-US: Hardware issue in some Intel CPUs
-CVE-2017-5924
+CVE-2017-5924 (libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a den ...)
 	- yara 3.5.0+dfsg-9 (bug #859821)
 	[jessie] - yara 3.1.0-2+deb8u1
 	NOTE: https://github.com/VirusTotal/yara/issues/593
-CVE-2017-5923
+CVE-2017-5923 (libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a den ...)
 	- yara 3.5.0+dfsg-9 (bug #859821)
 	[jessie] - yara 3.1.0-2+deb8u1
 	NOTE: https://github.com/VirusTotal/yara/issues/597
@@ -36471,47 +36471,47 @@ CVE-2017-5921
 	RESERVED
 CVE-2017-5920
 	RESERVED
-CVE-2017-5919
+CVE-2017-5919 (The 21st Century Insurance app 10.0.0 for iOS does not verify X.509 ce ...)
 	NOT-FOR-US: 21st Century Insurance app for iOS
-CVE-2017-5918
+CVE-2017-5918 (The Banco de Costa Rica BCR Movil app 3.7 for iOS does not verify X.50 ...)
 	NOT-FOR-US: Banco de Costa Rica BCR Movil app for iOS
 CVE-2017-5917
 	REJECTED
-CVE-2017-5916
+CVE-2017-5916 (The America's First Federal Credit Union (FCU) Mobile Banking app 3.1. ...)
 	NOT-FOR-US: America's First Federal Credit Union (FCU) Mobile Banking app
-CVE-2017-5915
+CVE-2017-5915 (The Emirates NBD Bank P.J.S.C Emirates NBD KSA app 3.10.0 through 3.10 ...)
 	NOT-FOR-US: Emirates NBD Bank P.J.S.C Emirates NBD KSA app
-CVE-2017-5914
+CVE-2017-5914 (The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509 certif ...)
 	NOT-FOR-US: DOT IT Banque Zitouna app
-CVE-2017-5913
+CVE-2017-5913 (The TradeKing Forex for iPhone app 1.2.1 for iOS does not verify X.509 ...)
 	NOT-FOR-US: TradeKing Forex for iPhone app
-CVE-2017-5912
+CVE-2017-5912 (The FOREX.com FOREXTrader for iPhone app 2.9.12 through 2.9.14 for iOS ...)
 	NOT-FOR-US: FOREX.com FOREXTrader for iPhone app
-CVE-2017-5911
+CVE-2017-5911 (The Banco Santander Mexico SA Supermovil app 3.5 through 3.7 for iOS d ...)
 	NOT-FOR-US: Banco Santander Mexico SA Supermovil app
 CVE-2017-5910
 	RESERVED
-CVE-2017-5909
+CVE-2017-5909 (The Electronic Funds Source (EFS) Mobile Driver Source app 2.5 for iOS ...)
 	NOT-FOR-US: Electronic Funds Source (EFS) Mobile Driver Source app
 CVE-2017-5908
 	REJECTED
-CVE-2017-5907
+CVE-2017-5907 (The Great Southern Bank Great Southern Mobile Banking app before 4.0.4 ...)
 	NOT-FOR-US: Great Southern Bank Great Southern Mobile Banking app
-CVE-2017-5906
+CVE-2017-5906 (The Everyday Health Diabetes in Check: Blood Glucose &amp; Carb Tracke ...)
 	NOT-FOR-US: Everyday Health Diabetes in Check: Blood Glucose & Carb Tracker app
-CVE-2017-5905
+CVE-2017-5905 (The Dollar Bank Mobile app 2.6.3 for iOS does not verify X.509 certifi ...)
 	NOT-FOR-US: Dollar Bank Mobile app
 CVE-2017-5904
 	RESERVED
 CVE-2017-5903
 	RESERVED
-CVE-2017-5902
+CVE-2017-5902 (The PayQuicker app 1.0.0 for iOS does not verify X.509 certificates fr ...)
 	NOT-FOR-US: PayQuicker app
-CVE-2017-5901
+CVE-2017-5901 (The State Bank of India State Bank Anywhere app 5.1.0 for iOS does not ...)
 	NOT-FOR-US: State Bank of India State Bank Anywhere app
-CVE-2017-5900
+CVE-2017-5900 (Cross-site scripting (XSS) vulnerability in the NetComm NB16WV-02 rout ...)
 	NOT-FOR-US: NetComm
-CVE-2017-5896
+CVE-2017-5896 (Heap-based buffer overflow in the fz_subsample_pixmap function in fitz ...)
 	{DSA-3797-1}
 	- mupdf 1.9a+ds1-3 (bug #854734)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
@@ -36525,11 +36525,11 @@ CVE-2017-5894
 	RESERVED
 CVE-2017-5893
 	RESERVED
-CVE-2017-5892
+CVE-2017-5892 (ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 al ...)
 	NOT-FOR-US: ASUS
-CVE-2017-5891
+CVE-2017-5891 (ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 ha ...)
 	NOT-FOR-US: ASUS
-CVE-2017-5898
+CVE-2017-5898 (Integer overflow in the emulated_apdu_from_guest function in usb/dev-s ...)
 	{DLA-845-1 DLA-842-1}
 	- qemu 1:2.8+dfsg-3 (bug #854729)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -36537,7 +36537,7 @@ CVE-2017-5898
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-02/msg01075.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1419699
 	NOTE: http://git.qemu-project.org/?p=qemu.git;a=commit;h=c7dfbf322595ded4e70b626bf83158a9f3807c6a
-CVE-2017-5897
+CVE-2017-5897 (The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allo ...)
 	{DSA-3791-1}
 	- linux 4.9.13-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -36549,14 +36549,14 @@ CVE-2017-5889
 	RESERVED
 CVE-2017-5888
 	RESERVED
-CVE-2017-5887
+CVE-2017-5887 (WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypas ...)
 	NOT-FOR-US: Starscream
-CVE-2017-5885
+CVE-2017-5885 (Multiple integer overflows in the (1) vnc_connection_server_message an ...)
 	{DLA-831-1}
 	- gtk-vnc 0.6.0-3 (bug #854450)
 	[jessie] - gtk-vnc <no-dsa> (Minor issue)
 	NOTE: http://openwall.com/lists/oss-security/2017/02/05/5
-CVE-2017-5884
+CVE-2017-5884 (gtk-vnc before 0.7.0 does not properly check boundaries of subrectangl ...)
 	{DLA-831-1}
 	- gtk-vnc 0.6.0-3 (bug #854450)
 	[jessie] - gtk-vnc <no-dsa> (Minor issue)
@@ -36564,33 +36564,33 @@ CVE-2017-5884
 	NOTE: http://openwall.com/lists/oss-security/2017/02/05/5
 CVE-2017-5883
 	RESERVED
-CVE-2017-5882
+CVE-2017-5882 (Cross-site scripting (XSS) vulnerability in index.asp in SANADATA Sana ...)
 	NOT-FOR-US: SanaCMS
-CVE-2017-5881
+CVE-2017-5881 (GOM Player 2.3.10.5266 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: GOM Player
-CVE-2017-5880
+CVE-2017-5880 (Splunk Web in Splunk Enterprise versions 6.5.x before 6.5.2, 6.4.x bef ...)
 	NOT-FOR-US: Splunk
-CVE-2017-5879
+CVE-2017-5879 (An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL inj ...)
 	NOT-FOR-US: Exponent CMS
-CVE-2017-5878
+CVE-2017-5878 (The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restric ...)
 	NOT-FOR-US: AMF unmarshallers in Red5 Media Server
-CVE-2017-5938
+CVE-2017-5938 (Cross-site scripting (XSS) vulnerability in the nav_path function in l ...)
 	{DSA-3784-1 DLA-820-1}
 	- viewvc 1.1.26-1 (bug #854681)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/08/7
 	NOTE: https://github.com/viewvc/viewvc/commit/9dcfc7daa4c940992920d3b2fbd317da20e44aad
-CVE-2017-5992
+CVE-2017-5992 (Openpyxl 2.4.1 resolves external entities by default, which allows rem ...)
 	- openpyxl 2.3.0-3 (bug #854442)
 	[jessie] - openpyxl <not-affected> (vulnerable code not present)
 	[wheezy] - openpyxl <not-affected> (vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/07/5
 	NOTE: https://bitbucket.org/openpyxl/openpyxl/issues/749
 	NOTE: https://bitbucket.org/openpyxl/openpyxl/commits/3b4905f428e1
-CVE-2017-6059
+CVE-2017-6059 (Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication  ...)
 	- libapache2-mod-auth-openidc 2.1.5-1
 	[jessie] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
 	NOTE: https://github.com/pingidentity/mod_auth_openidc/issues/212
-CVE-2017-6062
+CVE-2017-6062 (The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka  ...)
 	- libapache2-mod-auth-openidc 2.1.5-1
 	[jessie] - libapache2-mod-auth-openidc <not-affected> (support for OIDCUnAuthAction added in 1.8.5rc1)
 	NOTE: https://github.com/pingidentity/mod_auth_openidc/issues/222
@@ -36604,38 +36604,38 @@ CVE-2017-XXXX [irssi missing null terminator]
 	- irssi 1.0.1-1 (unimportant)
 	NOTE: Patch: https://github.com/irssi/irssi/pull/619/commits/677fb1f55ca52d0e43c93f7d8361d333ff5bffd6
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/02/05/8
-CVE-2017-5886
+CVE-2017-5886 (Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken f ...)
 	{DLA-929-1}
 	- libpodofo 0.9.4-5 (bug #854604)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/03/podofo-heap-based-buffer-overflow-in-podofopdftokenizergetnexttoken-pdftokenizer-cpp
 	NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/1623824.EtgW9yDooZ%40blackgate/#msg35644693
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1837
-CVE-2017-5877
+CVE-2017-5877 (XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack aga ...)
 	NOT-FOR-US: dotCMS
-CVE-2017-5876
+CVE-2017-5876 (XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack aga ...)
 	NOT-FOR-US: dotCMS
-CVE-2017-5875
+CVE-2017-5875 (XSS was discovered in dotCMS 3.7.0, with an authenticated attack again ...)
 	NOT-FOR-US: dotCMS
-CVE-2017-5874
+CVE-2017-5874 (CSRF exists on D-Link DIR-600M Rev. Cx devices before v3.05ENB01_beta_ ...)
 	NOT-FOR-US: D-Link
-CVE-2017-5873
+CVE-2017-5873 (Unquoted Windows search path vulnerability in the guest service in Uni ...)
 	NOT-FOR-US: Unisys
-CVE-2017-5872
+CVE-2017-5872 (The TCP/IP networking module in Unisys ClearPath MCP systems with TCP- ...)
 	NOT-FOR-US: Unisys ClearPath
 CVE-2017-5871
 	RESERVED
-CVE-2017-5870
+CVE-2017-5870 (Multiple cross-site scripting (XSS) vulnerabilities in ViMbAdmin 3.0.1 ...)
 	NOT-FOR-US: ViMbAdmin
-CVE-2017-5869
+CVE-2017-5869 (Directory traversal vulnerability in the file import feature in Nuxeo  ...)
 	NOT-FOR-US: Nuxeo
-CVE-2017-5868
+CVE-2017-5868 (CRLF injection vulnerability in the web interface in OpenVPN Access Se ...)
 	NOT-FOR-US: OpenVPN Access Server
-CVE-2017-5867
+CVE-2017-5867 (ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, ...)
 	- owncloud <removed>
-CVE-2017-5866
+CVE-2017-5866 (The autocomplete feature in the E-Mail share dialog in ownCloud Server ...)
 	- owncloud <removed>
-CVE-2017-5865
+CVE-2017-5865 (The password reset functionality in ownCloud Server before 8.1.11, 8.2 ...)
 	- owncloud <removed>
 CVE-2017-5864
 	RESERVED
@@ -36647,129 +36647,129 @@ CVE-2017-5861
 	RESERVED
 CVE-2017-5860
 	RESERVED
-CVE-2017-5859
+CVE-2017-5859 (On Cambium Networks cnPilot R200/201 devices before 4.3, there is a vu ...)
 	NOT-FOR-US: Cambium Networks cnPilot
-CVE-2017-5858
+CVE-2017-5858 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
 	NOT-FOR-US: converse.js
-CVE-2017-5836
+CVE-2017-5836 (The plist_free_data function in plist.c in libplist allows attackers t ...)
 	- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	[wheezy] - libplist <no-dsa> (pointers are not incorrectly freed and non-string key nodes are officially allowed)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/86
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
-CVE-2017-5835
+CVE-2017-5835 (libplist allows attackers to cause a denial of service (large memory a ...)
 	{DLA-840-1}
 	- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/88
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
-CVE-2017-5834
+CVE-2017-5834 (The parse_dict_node function in bplist.c in libplist allows attackers  ...)
 	{DLA-840-1}
 	- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/89
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
-CVE-2017-5829
+CVE-2017-5829 (An access restriction bypass vulnerability in HPE Aruba ClearPass Poli ...)
 	NOT-FOR-US: HPE Aruba ClearPass Policy Manager
-CVE-2017-5828
+CVE-2017-5828 (An arbitrary command execution vulnerability in HPE Aruba ClearPass Po ...)
 	NOT-FOR-US: HPE Aruba ClearPass Policy Manager
-CVE-2017-5827
+CVE-2017-5827 (A reflected cross site scripting vulnerability in HPE Aruba ClearPass  ...)
 	NOT-FOR-US: HPE Aruba ClearPass Policy Manager
-CVE-2017-5826
+CVE-2017-5826 (An authenticated remote code execution vulnerability in HPE Aruba Clea ...)
 	NOT-FOR-US: HPE Aruba ClearPass Policy Manager
-CVE-2017-5825
+CVE-2017-5825 (A privilege escalation vulnerability in HPE Aruba ClearPass Policy Man ...)
 	NOT-FOR-US: HPE Aruba ClearPass Policy Manager
-CVE-2017-5824
+CVE-2017-5824 (An unauthenticated remote code execution vulnerability in HPE Aruba Cl ...)
 	NOT-FOR-US: HPE Aruba ClearPass Policy Manager
-CVE-2017-5823
+CVE-2017-5823 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5822
+CVE-2017-5822 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5821
+CVE-2017-5821 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5820
+CVE-2017-5820 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5819
+CVE-2017-5819 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5818
+CVE-2017-5818 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5817
+CVE-2017-5817 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5816
+CVE-2017-5816 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5815
+CVE-2017-5815 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5814
+CVE-2017-5814 (A remote sql injection authentication bypass in HPE Network Automation ...)
 	NOT-FOR-US: HPE
-CVE-2017-5813
+CVE-2017-5813 (A remote unauthenticated access vulnerability in HPE Network Automatio ...)
 	NOT-FOR-US: HPE
-CVE-2017-5812
+CVE-2017-5812 (A remote sql information disclosure vulnerability in HPE Network Autom ...)
 	NOT-FOR-US: HPE
-CVE-2017-5811
+CVE-2017-5811 (A remote code execution vulnerability in HPE Network Automation versio ...)
 	NOT-FOR-US: HPE
-CVE-2017-5810
+CVE-2017-5810 (A remote sql injection vulnerability in HPE Network Automation version ...)
 	NOT-FOR-US: HPE
-CVE-2017-5809
+CVE-2017-5809 (A Remote Arbitrary Code Execution vulnerability in HPE Data Protector  ...)
 	NOT-FOR-US: HPE
-CVE-2017-5808
+CVE-2017-5808 (A Remote Arbitrary Code Execution vulnerability in HPE Data Protector  ...)
 	NOT-FOR-US: HPE
-CVE-2017-5807
+CVE-2017-5807 (A Remote Arbitrary Code Execution vulnerability in HPE Data Protector  ...)
 	NOT-FOR-US: HPE
-CVE-2017-5806
+CVE-2017-5806 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5805
+CVE-2017-5805 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5804
+CVE-2017-5804 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5803
+CVE-2017-5803 (A Remote Disclosure of Information vulnerability in HPE NonStop Server ...)
 	NOT-FOR-US: HPE NonStop Servers
-CVE-2017-5802
+CVE-2017-5802 (A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics ...)
 	NOT-FOR-US: HPE Vertica Analytics Platform
-CVE-2017-5801
+CVE-2017-5801 (A Remote Unauthorized Access to Data vulnerability in HPE Business Pro ...)
 	NOT-FOR-US: HPE Business Process Monitor
-CVE-2017-5800
+CVE-2017-5800 (A Remote Cross-Site Scripting (XSS) vulnerability in HPE Operations Br ...)
 	NOT-FOR-US: HPE Operations Bridge Analytics
-CVE-2017-5799
+CVE-2017-5799 (A Remote Code Execution vulnerability in HPE OpenCall Media Platform ( ...)
 	NOT-FOR-US: HPE OpenCall Media Platform
-CVE-2017-5798
+CVE-2017-5798 (A Remote Code Execution vulnerability in HPE OpenCall Media Platform ( ...)
 	NOT-FOR-US: HPE OpenCall Media Platform
-CVE-2017-5797
+CVE-2017-5797 (A Remote Unauthenticated Disclosure of Information vulnerability in HP ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5796
+CVE-2017-5796 (A Remote Cross Site Request Forgery (CSRF) vulnerability in HPE 2620 S ...)
 	NOT-FOR-US: HPE 2620 Series Network Switches
-CVE-2017-5795
+CVE-2017-5795 (A Local Arbitrary File Download vulnerability in HPE Intelligent Manag ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5794
+CVE-2017-5794 (A Remote Arbitrary File Download vulnerability in HPE Intelligent Mana ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5793
+CVE-2017-5793 (A Remote Arbitrary Code Execution vulnerability in HPE Intelligent Man ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5792
+CVE-2017-5792 (A Remote Code Execution vulnerability in HPE Intelligent Management Ce ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5791
+CVE-2017-5791 (The doFilter method in UrlAccessController in HPE Intelligent Manageme ...)
 	NOT-FOR-US: HPE Intelligent Management Center
 	NOTE: it appears that it was incorrectly used for an issue in JanTek JTC-200
-CVE-2017-5790
+CVE-2017-5790 (A remote deserialization of untrusted data vulnerability in HPE Intell ...)
 	NOT-FOR-US: HPE Intelligent Management Center
-CVE-2017-5789
+CVE-2017-5789 (HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before  ...)
 	NOT-FOR-US: HPE LoadRunner
 	NOTE: it appears that it was incorrectly used for an issue in JanTek JTC-200
-CVE-2017-5788
+CVE-2017-5788 (A Local Disclosure of Sensitive Information vulnerability in HPE NonSt ...)
 	NOT-FOR-US: HPE NonStop Software Essentials
-CVE-2017-5787
+CVE-2017-5787 (A remote denial of service vulnerability in HPE Version Control Reposi ...)
 	NOT-FOR-US: HPE Version Control Manager
-CVE-2017-5786
+CVE-2017-5786 (A local Unauthorized Data Modification vulnerability in HPE OfficeConn ...)
 	NOT-FOR-US: HPE OfficeConnect Network Switches
-CVE-2017-5785
+CVE-2017-5785 (A remote information disclosure vulnerability in HPE Matrix Operating  ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-5784
+CVE-2017-5784 (A missing HSTS Header vulnerability in HPE Matrix Operating Environmen ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-5783
+CVE-2017-5783 (A remote clickjacking vulnerability in HPE Matrix Operating Environmen ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-5782
+CVE-2017-5782 (A missing HSTS Header vulnerability in HPE Matrix Operating Environmen ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-5781
+CVE-2017-5781 (A CSRF vulnerability in HPE Matrix Operating Environment version v7.6  ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
-CVE-2017-5780
+CVE-2017-5780 (A remote clickjacking vulnerability in HPE Matrix Operating Environmen ...)
 	NOT-FOR-US: HPE Matrix Operating Environment
 CVE-2017-5779
 	RESERVED
@@ -36821,7 +36821,7 @@ CVE-2017-5756
 	RESERVED
 CVE-2017-5755
 	RESERVED
-CVE-2017-5754
+CVE-2017-5754 (Systems with microprocessors utilizing speculative execution and indir ...)
 	{DSA-4120-1 DSA-4082-1 DSA-4078-1 DLA-1232-1}
 	- linux 4.14.12-1
 	- nvidia-graphics-drivers 384.111-1 (bug #886852)
@@ -36840,7 +36840,7 @@ CVE-2017-5754
 	NOTE: Paper: https://meltdownattack.com/meltdown.pdf
 	NOTE: https://01.org/security/advisories/intel-oss-10003
 	- linux-grsec <removed>
-CVE-2017-5753
+CVE-2017-5753 (Systems with microprocessors utilizing speculative execution and branc ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1423-1 DLA-1422-1}
 	- linux 4.15.11-1
 	- nvidia-graphics-drivers 384.111-1 (bug #886852)
@@ -36886,11 +36886,11 @@ CVE-2017-5740
 	RESERVED
 CVE-2017-5739
 	RESERVED
-CVE-2017-5738
+CVE-2017-5738 (Escalation of privilege vulnerability in admin portal for Intel Unite  ...)
 	NOT-FOR-US: Intel Unite App
 CVE-2017-5737
 	RESERVED
-CVE-2017-5736
+CVE-2017-5736 (An elevation of privilege in Intel Software Guard Extensions Platform  ...)
 	NOT-FOR-US: Intel
 CVE-2017-5735
 	RESERVED
@@ -36919,11 +36919,11 @@ CVE-2017-5731
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html
 CVE-2017-5730
 	RESERVED
-CVE-2017-5729
+CVE-2017-5729 (Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and T ...)
 	NOT-FOR-US: Intel
 CVE-2017-5728
 	RESERVED
-CVE-2017-5727
+CVE-2017-5727 (Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 1 ...)
 	NOT-FOR-US: Intel
 CVE-2017-5726
 	RESERVED
@@ -36933,21 +36933,21 @@ CVE-2017-5724
 	RESERVED
 CVE-2017-5723
 	RESERVED
-CVE-2017-5722
+CVE-2017-5722 (Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, N ...)
 	NOT-FOR-US: Intel
-CVE-2017-5721
+CVE-2017-5721 (Insufficient input validation in system firmware for Intel NUC7i3BNK,  ...)
 	NOT-FOR-US: Intel
 CVE-2017-5720
 	RESERVED
-CVE-2017-5719
+CVE-2017-5719 (A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows ...)
 	NOT-FOR-US: Intel
 CVE-2017-5718
 	RESERVED
-CVE-2017-5717
+CVE-2017-5717 (Type Confusion in Content Protection HECI Service in Intel Graphics Dr ...)
 	NOT-FOR-US: Intel graphics driver
 CVE-2017-5716
 	REJECTED
-CVE-2017-5715
+CVE-2017-5715 (Systems with microprocessors utilizing speculative execution and indir ...)
 	{DSA-4213-1 DSA-4188-1 DSA-4187-1 DLA-1497-1 DLA-1422-1 DLA-1369-1}
 	- linux 4.15.11-1
 	- intel-microcode 3.20180425.1
@@ -36988,72 +36988,72 @@ CVE-2017-5714
 	RESERVED
 CVE-2017-5713
 	RESERVED
-CVE-2017-5712
+CVE-2017-5712 (Buffer overflow in Active Management Technology (AMT) in Intel Managea ...)
 	NOT-FOR-US: Intel
-CVE-2017-5711
+CVE-2017-5711 (Multiple buffer overflows in Active Management Technology (AMT) in Int ...)
 	NOT-FOR-US: Intel
-CVE-2017-5710
+CVE-2017-5710 (Multiple privilege escalations in kernel in Intel Trusted Execution En ...)
 	NOT-FOR-US: Intel
-CVE-2017-5709
+CVE-2017-5709 (Multiple privilege escalations in kernel in Intel Server Platform Serv ...)
 	NOT-FOR-US: Intel
-CVE-2017-5708
+CVE-2017-5708 (Multiple privilege escalations in kernel in Intel Manageability Engine ...)
 	NOT-FOR-US: Intel
-CVE-2017-5707
+CVE-2017-5707 (Multiple buffer overflows in kernel in Intel Trusted Execution Engine  ...)
 	NOT-FOR-US: Intel
-CVE-2017-5706
+CVE-2017-5706 (Multiple buffer overflows in kernel in Intel Server Platform Services  ...)
 	NOT-FOR-US: Intel
-CVE-2017-5705
+CVE-2017-5705 (Multiple buffer overflows in kernel in Intel Manageability Engine Firm ...)
 	NOT-FOR-US: Intel
-CVE-2017-5704
+CVE-2017-5704 (Platform sample code firmware included with 4th Gen Intel Core Process ...)
 	NOT-FOR-US: Intel
-CVE-2017-5703
+CVE-2017-5703 (Configuration of SPI Flash in platforms based on multiple Intel platfo ...)
 	NOT-FOR-US: Intel
 CVE-2017-5702
 	RESERVED
-CVE-2017-5701
+CVE-2017-5701 (Insecure platform configuration in system firmware for Intel NUC7i3BNK ...)
 	NOT-FOR-US: Intel
-CVE-2017-5700
+CVE-2017-5700 (Insufficient protection of password storage in system firmware for Int ...)
 	NOT-FOR-US: Intel
-CVE-2017-5699
+CVE-2017-5699 (Input validation error in Intel MinnowBoard 3 Firmware versions prior  ...)
 	NOT-FOR-US: Intel MinnowBoard 3 Firmware
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/uefi-variable-deletioncorruption.html
-CVE-2017-5698
+CVE-2017-5698 (Intel Active Management Technology, Intel Standard Manageability, and  ...)
 	NOT-FOR-US: Intel
-CVE-2017-5697
+CVE-2017-5697 (Insufficient clickjacking protection in the Web User Interface of Inte ...)
 	NOT-FOR-US: Intel
-CVE-2017-5696
+CVE-2017-5696 (Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, a ...)
 	NOT-FOR-US: Intel
-CVE-2017-5695
+CVE-2017-5695 (Data corruption vulnerability in firmware in Intel Solid-State Drive C ...)
 	NOT-FOR-US: Intel
-CVE-2017-5694
+CVE-2017-5694 (Data corruption vulnerability in firmware in Intel Solid-State Drive P ...)
 	NOT-FOR-US: Intel
-CVE-2017-5693
+CVE-2017-5693 (Firmware in the Intel Puma 5, 6, and 7 Series might experience resourc ...)
 	NOT-FOR-US: Intel Puma
-CVE-2017-5692
+CVE-2017-5692 (Out-of-bounds read condition in older versions of some Intel Graphics  ...)
 	NOT-FOR-US: Intel Graphics Driver for Windows
-CVE-2017-5691
+CVE-2017-5691 (Incorrect check in Intel processors from 6th and 7th Generation Intel  ...)
 	NOT-FOR-US: Intel CPUs
 CVE-2017-5690
 	RESERVED
-CVE-2017-5689
+CVE-2017-5689 (An unprivileged network attacker could gain system privileges to provi ...)
 	NOT-FOR-US: Intel AMT
-CVE-2017-5688
+CVE-2017-5688 (There is an escalation of privilege vulnerability in the Intel Solid S ...)
 	NOT-FOR-US: Intel Solid State Drive Toolbox
 CVE-2017-5687
 	RESERVED
-CVE-2017-5686
+CVE-2017-5686 (The BIOS in Intel NUC systems based on 6th Gen Intel Core processors p ...)
 	NOT-FOR-US: BIOS in Intel NUC systems
-CVE-2017-5685
+CVE-2017-5685 (The BIOS in Intel NUC systems based on 6th Gen Intel Core processors p ...)
 	NOT-FOR-US: BIOS in Intel NUC systems
-CVE-2017-5684
+CVE-2017-5684 (The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core pr ...)
 	NOT-FOR-US: BIOS in Intel NUC systems
-CVE-2017-5683
+CVE-2017-5683 (Privilege escalation in IntelHAXM.sys driver in the Intel Hardware Acc ...)
 	NOT-FOR-US: Intel Hardware Accelerated Execution Manager
-CVE-2017-5682
+CVE-2017-5682 (Intel PSET Application Install wrapper of Intel Parallel Studio XE, In ...)
 	NOT-FOR-US: Intel PSET
 CVE-2017-5680
 	RESERVED
-CVE-2017-5848
+CVE-2017-5848 (The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in ...)
 	{DSA-3818-1 DLA-830-1}
 	- gst-plugins-bad1.0 1.10.4-1 (low)
 	- gst-plugins-bad0.10 <unfixed> (low)
@@ -37061,7 +37061,7 @@ CVE-2017-5848
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777957
 	NOTE: Patch: https://bugzilla.gnome.org/show_bug.cgi?id=777957#c3
-CVE-2017-5847
+CVE-2017-5847 (The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gs ...)
 	{DSA-3821-1 DLA-829-1}
 	- gst-plugins-ugly1.0 1.10.4-1 (low)
 	- gst-plugins-ugly0.10 <unfixed> (low)
@@ -37069,72 +37069,72 @@ CVE-2017-5847
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777955
 	NOTE: https://github.com/GStreamer/gst-plugins-ugly/commit/d21017b52a585f145e8d62781bcc1c5fefc7ee37
-CVE-2017-5846
+CVE-2017-5846 (The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gs ...)
 	{DSA-3821-1 DLA-829-1}
 	- gst-plugins-ugly1.0 1.10.3-1 (low)
 	- gst-plugins-ugly0.10 <unfixed> (low)
 	[jessie] - gst-plugins-ugly0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777937
-CVE-2017-5845
+CVE-2017-5845 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst- ...)
 	{DSA-3820-1}
 	- gst-plugins-good1.0 1.10.3-1 (low)
 	- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777532
-CVE-2017-5844
+CVE-2017-5844 (The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-medi ...)
 	{DSA-3819-1 DLA-827-1}
 	- gst-plugins-base1.0 1.10.3-1 (low)
 	- gst-plugins-base0.10 <unfixed> (low)
 	[jessie] - gst-plugins-base0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777525
-CVE-2017-5843
+CVE-2017-5843 (Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unr ...)
 	{DSA-3818-1 DLA-830-1}
 	- gst-plugins-bad1.0 1.10.3-1
 	- gst-plugins-bad0.10 <unfixed> (low)
 	[jessie] - gst-plugins-bad0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777503
-CVE-2017-5842
+CVE-2017-5842 (The html_context_handle_element function in gst/subparse/samiparse.c i ...)
 	{DSA-3819-1}
 	- gst-plugins-base1.0 1.10.3-1
 	- gst-plugins-base0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777502
-CVE-2017-5841
+CVE-2017-5841 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst- ...)
 	{DSA-3820-1}
 	- gst-plugins-good1.0 1.10.3-1 (low)
 	- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777500
-CVE-2017-5840
+CVE-2017-5840 (The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plug ...)
 	{DSA-3820-1 DLA-828-1}
 	- gst-plugins-good1.0 1.10.3-1 (low)
 	- gst-plugins-good0.10 <unfixed> (low)
 	[jessie] - gst-plugins-good0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777469
-CVE-2017-5839
+CVE-2017-5839 (The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-medi ...)
 	{DSA-3819-1}
 	- gst-plugins-base1.0 1.10.3-1
 	- gst-plugins-base0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777265
-CVE-2017-5838
+CVE-2017-5838 (The gst_date_time_new_from_iso8601_string function in gst/gstdatetime. ...)
 	{DSA-3822-1}
 	- gstreamer1.0 1.10.3-1 (low)
 	- gstreamer0.10 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777263
-CVE-2017-5837
+CVE-2017-5837 (The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-medi ...)
 	{DSA-3819-1 DLA-827-1}
 	- gst-plugins-base1.0 1.10.3-1 (low)
 	- gst-plugins-base0.10 <unfixed> (low)
 	[jessie] - gst-plugins-base0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777262
-CVE-2017-5851
+CVE-2017-5851 (The free_options function in options_manager.c in mp3splt 2.6.2 allows ...)
 	- mp3splt <unfixed> (unimportant)
 	NOTE: https://github.com/asarubbo/poc/blob/master/00127-mp3splt-nullptr-free_options
 	NOTE: https://blogs.gentoo.org/ago/2017/02/01/mp3splt-null-pointer-dereference-in-free_options-options_manager-c
@@ -37143,12 +37143,12 @@ CVE-2017-5679
 	RESERVED
 CVE-2017-5678
 	RESERVED
-CVE-2017-5677
+CVE-2017-5677 (PEAR HTML_AJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerab ...)
 	NOT-FOR-US: PEAR HTML_AJAX
 	NOTE: http://karmainsecurity.com/KIS-2017-01
 CVE-2017-5676
 	RESERVED
-CVE-2017-5857
+CVE-2017-5857 (Memory leak in the virgl_cmd_resource_unref function in hw/display/vir ...)
 	- qemu 1:2.8+dfsg-3 (bug #853996; unimportant)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -37156,7 +37156,7 @@ CVE-2017-5857
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg04615.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1418382
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/21
-CVE-2017-5856
+CVE-2017-5856 (Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c i ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-3 (bug #853996)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -37165,14 +37165,14 @@ CVE-2017-5856
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/19
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=765a707000e838c30b18d712fe6cb3dd8e0435f3
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1418342
-CVE-2017-5855
+CVE-2017-5855 (The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in ...)
 	- libpodofo 0.9.4-6 (bug #854603)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-null-pointer-dereference-in-podofopdfparserreadxrefsubsection-pdfparser-cpp
 	NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
 	NOTE: upstream commit: http://sourceforge.net/p/podofo/code/1843
-CVE-2017-5854
+CVE-2017-5854 (base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to ca ...)
 	- libpodofo 0.9.5-9 (bug #854602)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -37182,7 +37182,7 @@ CVE-2017-5854
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1870
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1876
 	NOTE: duplicate CVE: CVE-2018-5308
-CVE-2017-5853
+CVE-2017-5853 (Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote a ...)
 	{DLA-929-1}
 	- libpodofo 0.9.4-5 (bug #854601)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -37190,7 +37190,7 @@ CVE-2017-5853
 	NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
 	NOTE: Proposed fix: https://sourceforge.net/p/podofo/mailman/message/35692197/
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1840/
-CVE-2017-5852
+CVE-2017-5852 (The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVar ...)
 	{DLA-929-1}
 	- libpodofo 0.9.5-7 (low; bug #854600)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
@@ -37201,48 +37201,48 @@ CVE-2017-5852
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1838
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1841
 	NOTE: further patch for ABI compatibility: https://sourceforge.net/p/podofo/mailman/message/36084628/
-CVE-2017-5849
+CVE-2017-5849 (tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRG ...)
 	- netpbm-free <not-affected> (vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/02/2
 	NOTE: Debian uses an unaffected fork:
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2654#c8
-CVE-2017-5850
+CVE-2017-5850 (httpd in OpenBSD allows remote attackers to cause a denial of service  ...)
 	NOT-FOR-US: OpenBSD httpd
-CVE-2017-5833
+CVE-2017-5833 (Cross-site scripting (XSS) vulnerability in the invocation code genera ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2017-5832
+CVE-2017-5832 (Cross-site scripting (XSS) vulnerability in Revive Adserver before 4.0 ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2017-5831
+CVE-2017-5831 (Session fixation vulnerability in the forgot password mechanism in Rev ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2017-5830
+CVE-2017-5830 (Revive Adserver before 4.0.1 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Revive Adserver
-CVE-2017-5675
+CVE-2017-5675 (A command-injection vulnerability exists in a web application on a cus ...)
 	NOT-FOR-US: GoAhead Web Server
-CVE-2017-5674
+CVE-2017-5674 (A vulnerability in a custom-built GoAhead web server used on Foscam, V ...)
 	NOT-FOR-US: GoAhead Web Server
-CVE-2017-5673
+CVE-2017-5673 (In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum mes ...)
 	NOT-FOR-US: Joomla extension
-CVE-2017-5672
+CVE-2017-5672 (Kony Enterprise Mobile Management (EMM) before 4.2.5.2 has the vulnera ...)
 	NOT-FOR-US: Kony Enterprise Mobile Management
-CVE-2017-5671
+CVE-2017-5671 (Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 indust ...)
 	NOT-FOR-US: Honeywell
-CVE-2017-5670
+CVE-2017-5670 (Riverbed RiOS through 9.6.0 deletes the secure vault with the rm progr ...)
 	NOT-FOR-US: Riverbed RiOS
-CVE-2017-5669
+CVE-2017-5669 (The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12  ...)
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.13-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=192931
-CVE-2017-5666
+CVE-2017-5666 (The free_options function in options_manager.c in mp3splt 2.6.2 allows ...)
 	- mp3splt <unfixed> (unimportant; bug #854278)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c
 	NOTE: https://sourceforge.net/p/mp3splt/bugs/209/
 	NOTE: Negligable security impact
-CVE-2017-5665
+CVE-2017-5665 (The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allo ...)
 	- mp3splt <unfixed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-null-pointer-dereference-in-splt_cue_export_to_file-cue-c
 	NOTE: https://sourceforge.net/p/mp3splt/bugs/209/
 	NOTE: No security impact, crash in CLI tool
-CVE-2017-5664
+CVE-2017-5664 (The error page mechanism of the Java Servlet Specification requires th ...)
 	{DSA-3892-1 DSA-3891-1 DLA-996-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.14-2 (bug #864447)
@@ -37258,64 +37258,64 @@ CVE-2017-5664
 	NOTE: Fixed by: http://svn.apache.org/r1793470 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1793471 (7.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1793491 (7.0.x)
-CVE-2017-5663
+CVE-2017-5663 (In Apache Fineract 0.4.0-incubating, 0.5.0-incubating, and 0.6.0-incub ...)
 	NOT-FOR-US: Apache Fineract
-CVE-2017-5662
+CVE-2017-5662 (In Apache Batik before 1.9, files lying on the filesystem of the serve ...)
 	{DSA-4215-1 DLA-926-1}
 	- batik 1.9-1 (bug #860566)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/18/1
 	NOTE: Upstream bug: https://issues.apache.org/jira/browse/BATIK-1139
 	NOTE: Fixed by: http://svn.apache.org/r1743326
 	NOTE: Similar issue to CVE-2015-0250
-CVE-2017-5661
+CVE-2017-5661 (In Apache FOP before 2.2, files lying on the filesystem of the server  ...)
 	{DSA-3864-1 DLA-927-1}
 	- fop 1:2.1-6 (bug #860567)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/18/2
 	NOTE: Upstream bug: https://issues.apache.org/jira/browse/FOP-2668
 	NOTE: Fixed by: http://svn.apache.org/r1769967
 	NOTE: Fixed by: http://svn.apache.org/r1769968 (fix for Java 6)
-CVE-2017-5660
+CVE-2017-5660 (There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prio ...)
 	{DSA-4128-1}
 	- trafficserver 7.1.2+ds-1
 	[wheezy] - trafficserver <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/apache/trafficserver/pull/1657
 	NOTE: https://issues.apache.org/jira/browse/TS-4930
-CVE-2017-5659
+CVE-2017-5659 (Apache Traffic Server before 6.2.1 generates a coredump when there is  ...)
 	- trafficserver 7.0.0-1
 	[wheezy] - trafficserver <not-affected> (PoC doesn't crash the server, fix too hard to backport)
 	NOTE: https://issues.apache.org/jira/browse/TS-4507
 	NOTE: reproducer in https://issues.apache.org/jira/browse/TS-4819 (dupe of above)
 	NOTE: https://github.com/apache/trafficserver/pull/787/commits/85c021123fd94c4d97a6015484eb1d8054bec9eb
 	NOTE: evaluate related backport to 6.2: https://github.com/apache/trafficserver/pull/1153
-CVE-2017-5658
+CVE-2017-5658 (The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to b ...)
 	NOT-FOR-US: Apache Pony Mail
-CVE-2017-5657
+CVE-2017-5657 (Several REST service endpoints of Apache Archiva are not protected aga ...)
 	NOT-FOR-US: Apache Archiva
-CVE-2017-5656
+CVE-2017-5656 (Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of c ...)
 	NOT-FOR-US: Apache CXF
-CVE-2017-5655
+CVE-2017-5655 (In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be  ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2017-5654
+CVE-2017-5654 (In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2017-5653
+CVE-2017-5653 (JAX-RS XML Security streaming clients in Apache CXF before 3.1.11 and  ...)
 	NOT-FOR-US: Apache CXF
-CVE-2017-5652
+CVE-2017-5652 (During a routine security analysis, it was found that one of the ports ...)
 	NOT-FOR-US: Impala
-CVE-2017-5651
+CVE-2017-5651 (In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refact ...)
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.11-2 (bug #860071)
 	[jessie] - tomcat8 <not-affected> (Only affects 8.5 and later)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/10/21
 	NOTE: Fixed by: http://svn.apache.org/r1788546 (8.5.x)
-CVE-2017-5650
+CVE-2017-5650 (In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handli ...)
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.11-2 (bug #860070)
 	[jessie] - tomcat8 <not-affected> (Only affects 8.5 and later)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/10/22
 	NOTE: Fixed by: http://svn.apache.org/r1788480 (8.5.x)
-CVE-2017-5649
+CVE-2017-5649 (Apache Geode before 1.1.1, when a cluster has enabled security by sett ...)
 	NOT-FOR-US: Apache Geode
-CVE-2017-5648
+CVE-2017-5648 (While investigating bug 60718, it was noticed that some calls to appli ...)
 	{DSA-3843-1 DSA-3842-1 DLA-924-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.11-2 (bug #860069)
@@ -37326,7 +37326,7 @@ CVE-2017-5648
 	NOTE: Fixed by: http://svn.apache.org/r1785775 (8.5.x)
 	NOTE: Fixed by: http://svn.apache.org/r1785776 (8.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1785777 (7.0.x)
-CVE-2017-5647
+CVE-2017-5647 (A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0 ...)
 	{DSA-3843-1 DSA-3842-1 DLA-924-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.11-2 (bug #860068)
@@ -37341,93 +37341,93 @@ CVE-2017-5647
 	NOTE: Fixed by: http://svn.apache.org/r1789024 (6.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1789155 (6.0.x)
 	NOTE: Fixed by: http://svn.apache.org/r1789856 (6.0.x)
-CVE-2017-5646
+CVE-2017-5646 (For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated us ...)
 	NOT-FOR-US: Apache Knox
-CVE-2017-5645
+CVE-2017-5645 (In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or  ...)
 	- apache-log4j2 2.7-2 (bug #860489)
 	[jessie] - apache-log4j2 <ignored> (Minor issue, no consumers of liblog4j2-java in Jessie)
 	NOTE: https://issues.apache.org/jira/browse/LOG4J2-1863
 	NOTE: Fixed by: https://git-wip-us.apache.org/repos/asf?p=logging-log4j2.git;h=5dcc19215827db29c993d0305ee2b0d8dd05939d
-CVE-2017-5644
+CVE-2017-5644 (Apache POI in versions prior to release 3.15 allows remote attackers t ...)
 	- libapache-poi-java 3.17-1 (bug #858301)
 	[stretch] - libapache-poi-java <no-dsa> (Minor issue)
 	[jessie] - libapache-poi-java <no-dsa> (Minor issue)
 	[wheezy] - libapache-poi-java <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/20/9
-CVE-2017-5643
+CVE-2017-5643 (Apache Camel's Validation Component is vulnerable against SSRF via rem ...)
 	NOT-FOR-US: Apache Camel
-CVE-2017-5642
+CVE-2017-5642 (During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artif ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2017-5641
+CVE-2017-5641 (Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not r ...)
 	NOT-FOR-US: Apache Flex BlazeDS
-CVE-2017-5640
+CVE-2017-5640 (It was noticed that a malicious process impersonating an Impala daemon ...)
 	NOT-FOR-US: Impala
 CVE-2017-5639
 	REJECTED
-CVE-2017-5638
+CVE-2017-5638 (The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 an ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2.3.5 - Struts 2.3.31, Struts 2.5 - Struts 2.5.10)
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-045
-CVE-2017-5637
+CVE-2017-5637 (Two four letter word commands "wchp/wchc" are CPU intensive and could  ...)
 	{DSA-3871-1 DLA-986-1}
 	- zookeeper 3.4.9-3 (bug #863811)
 	NOTE: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
-CVE-2017-5636
+CVE-2017-5636 (In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environm ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2017-5635
+CVE-2017-5635 (In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environm ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2017-5634
+CVE-2017-5634 (The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows phy ...)
 	NOT-FOR-US: Norwegian
-CVE-2017-5633
+CVE-2017-5633 (Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Li ...)
 	NOT-FOR-US: D-Link
-CVE-2017-5632
+CVE-2017-5632 (An issue was discovered on the ASUS RT-N56U Wireless Router with Firmw ...)
 	NOT-FOR-US: Asus router
-CVE-2017-5631
+CVE-2017-5631 (An issue was discovered in KMCIS CaseAware. Reflected cross site scrip ...)
 	NOT-FOR-US: KMCIS CaseAware
-CVE-2017-5630
+CVE-2017-5630 (PECL in the download utility class in the Installer in PEAR Base Syste ...)
 	- php5 <unfixed> (unimportant)
 	- php-pear <unfixed> (unimportant)
 	NOTE: https://pear.php.net/bugs/bug.php?id=21171
 	NOTE: pear performs no kind of authentication/integrity checks for downloads, so an attacker can MITM freely anyway
 CVE-2017-5629
 	RESERVED
-CVE-2017-5626
+CVE-2017-5626 (OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden fas ...)
 	NOT-FOR-US: OxygenOS
-CVE-2017-5625
+CVE-2017-5625 (In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized  ...)
 	NOT-FOR-US: OxygenOS
-CVE-2017-5624
+CVE-2017-5624 (An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. ...)
 	NOT-FOR-US: OxygenOS
-CVE-2017-5623
+CVE-2017-5623 (An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T d ...)
 	NOT-FOR-US: OxygenOS
-CVE-2017-5622
+CVE-2017-5622 (With OxygenOS before 4.0.3, when a charger is connected to a powered-o ...)
 	NOT-FOR-US: OxygenOS
-CVE-2017-5621
+CVE-2017-5621 (An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, an ...)
 	- zammad <itp> (bug #841355)
-CVE-2017-5620
+CVE-2017-5620 (An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3 ...)
 	- zammad <itp> (bug #841355)
-CVE-2017-5619
+CVE-2017-5619 (An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, an ...)
 	- zammad <itp> (bug #841355)
-CVE-2017-5609
+CVE-2017-5609 (SQL injection vulnerability in include/functions_entries.inc.php in Se ...)
 	- serendipity <removed>
-CVE-2017-5607
+CVE-2017-5607 (Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x befo ...)
 	NOT-FOR-US: Splunk
-CVE-2017-5606
+CVE-2017-5606 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
 	NOT-FOR-US: Xabber
-CVE-2017-5605
+CVE-2017-5605 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
 	NOT-FOR-US: Movim
-CVE-2017-5604
+CVE-2017-5604 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
 	- mcabber 1.0.4-1.1 (bug #854738)
 	[jessie] - mcabber <not-affected> (XEP-0280: Message Carbons not implemented)
 	[wheezy] - mcabber <not-affected> (XEP-0280: Message Carbons not implemented)
-CVE-2017-5603
+CVE-2017-5603 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
 	- jitsi <removed> (bug #854737)
-CVE-2017-5602
+CVE-2017-5602 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
 	- jappix <itp> (bug #619347)
-CVE-2017-5601
+CVE-2017-5601 (An error in the lha_read_file_header_1() function (archive_read_suppor ...)
 	{DLA-1600-1 DLA-810-1}
 	- libarchive 3.2.1-6 (bug #853278)
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/98dcbbf0bf4854bf987557e55e55fff7abbf3ea9
 	NOTE: https://secunia.com/secunia_research/2017-3/
-CVE-2017-5667
+CVE-2017-5667 (The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-3 (bug #853996)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -37436,7 +37436,7 @@ CVE-2017-5667
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06191.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1417559
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/2
-CVE-2017-5668
+CVE-2017-5668 (bitlbee-libpurple before 3.5.1 allows remote attackers to cause a deni ...)
 	- bitlbee 3.5.1-1 (bug #853282)
 	[jessie] - bitlbee <not-affected> (Incomplete fix for CVE-2016-10189 not applied)
 	[wheezy] - bitlbee <not-affected> (Incomplete fix for CVE-2016-10189 not applied)
@@ -37444,7 +37444,7 @@ CVE-2017-5668
 	NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441 (3.5.1)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4
 	NOTE: This CVE exists because of an incomplete fix for CVE-2016-10189
-CVE-2017-5940
+CVE-2017-5940 (Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does no ...)
 	- firejail 0.9.44.6-1
 	NOTE: Changelog mentions the new fix for CVE-2017-5180 in RELNOTES for 0.9.44.6
 	NOTE: an needs series of commits after 0.9.44.4
@@ -37452,96 +37452,96 @@ CVE-2017-5940
 	NOTE: https://github.com/netblue30/firejail/commit/38d418505e9ee2d326557e5639e8da49c298858f (0.9.44.6)
 	NOTE: https://github.com/netblue30/firejail/commit/b8a4ff9775318ca5e679183884a6a63f3da8f863 (0.9.44.6)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/29/4
-CVE-2017-5899
+CVE-2017-5899 (Directory traversal vulnerability in the setuid root helper binary in  ...)
 	- s-nail 14.8.16-1 (bug #852934)
 	NOTE: https://www.mail-archive.com/s-nail-users@lists.sourceforge.net/msg00551.html
 	NOTE: https://git.sdaoden.eu/cgit/s-nail.git/commit/?id=f797c27efecad45af191c518b7f87fda32ada160
 	NOTE: https://git.sdaoden.eu/cgit/s-nail.git/commit/?id=f2699449b66dd702a98925bd1b11153a6f7294bf
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/7
-CVE-2017-5628
+CVE-2017-5628 (An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10 ...)
 	NOT-FOR-US: MuJS
-CVE-2017-5627
+CVE-2017-5627 (An issue was discovered in Artifex Software, Inc. MuJS before 4006739a ...)
 	NOT-FOR-US: MuJS
-CVE-2017-5617
+CVE-2017-5617 (The SVG Salamander (aka svgSalamander) library, when used in a web app ...)
 	{DSA-3781-1 DLA-816-1}
 	- svgsalamander 1.1.1+dfsg-2 (bug #853134)
 	NOTE: https://github.com/blackears/svgSalamander/issues/11
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/3
-CVE-2017-5608
+CVE-2017-5608 (Cross-site scripting (XSS) vulnerability in the image upload function  ...)
 	- piwigo <removed>
-CVE-2017-5600
+CVE-2017-5600 (The Data Warehouse component in NetApp OnCommand Insight before 7.2.3  ...)
 	NOT-FOR-US: NetApp OnCommand Insight
-CVE-2017-5599
+CVE-2017-5599 (An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. ...)
 	NOT-FOR-US: eClinicalWorks
-CVE-2017-5598
+CVE-2017-5598 (An issue was discovered in eClinicalWorks healow@work 8.0 build 8. Thi ...)
 	NOT-FOR-US: eClinicalWorks
-CVE-2017-5612
+CVE-2017-5612 (Cross-site scripting (XSS) vulnerability in wp-admin/includes/class-wp ...)
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.2+dfsg-1 (bug #852767)
 	NOTE: https://github.com/WordPress/WordPress/commit/4482f9207027de8f36630737ae085110896ea849
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/2
-CVE-2017-5611
+CVE-2017-5611 (SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Qu ...)
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.2+dfsg-1 (bug #852767)
 	NOTE: https://github.com/WordPress/WordPress/commit/85384297a60900004e27e417eac56d24267054cb
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/2
-CVE-2017-5610
+CVE-2017-5610 (wp-admin/includes/class-wp-press-this.php in Press This in WordPress b ...)
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.2+dfsg-1 (bug #852767)
 	NOTE: https://github.com/WordPress/WordPress/commit/21264a31e0849e6ff793a06a17de877dd88ea454
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/2
-CVE-2017-5595
+CVE-2017-5595 (A file disclosure and inclusion vulnerability exists in web/views/file ...)
 	{DLA-1145-1}
 	- zoneminder 1.30.4+dfsg-1 (bug #854733)
 	NOTE: Check https://github.com/ZoneMinder/ZoneMinder/commit/8b19fca9927cdec07cc9dd09bdcf2496a5ae69b3
-CVE-2017-5594
+CVE-2017-5594 (An issue was discovered in Pagekit CMS before 1.0.11. In this vulnerab ...)
 	NOT-FOR-US: Pagekit CMS
-CVE-2017-5593
+CVE-2017-5593 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
 	- psi-plus <not-affected> (vulnerable code not present, XEP-0280 not implemented)
-CVE-2017-5592
+CVE-2017-5592 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
 	- profanity 0.5.1-1 (bug #854735)
 	[jessie] - profanity <not-affected> (Vulnerable code not present)
-CVE-2017-5591
+CVE-2017-5591 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
 	- sleekxmpp 1.3.1-6 (bug #854739)
 	[jessie] - sleekxmpp <not-affected> (vulnerable code not present, XEP-0280 not implemented)
 	[wheezy] - sleekxmpp <not-affected> (vulnerable code not present, XEP-0280 not implemented)
 	- slixmpp 1.2.2-1.1 (bug #854740)
-CVE-2017-5590
+CVE-2017-5590 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
 	NOT-FOR-US: ChatSecure / Zom
-CVE-2017-5589
+CVE-2017-5589 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
 	NOT-FOR-US: yaxim / Bruno
 CVE-2017-5588
 	RESERVED
 CVE-2017-5587
 	RESERVED
-CVE-2017-5586
+CVE-2017-5586 (OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote  ...)
 	NOT-FOR-US: OpenText Documentum D2
-CVE-2017-5585
+CVE-2017-5585 (OpenText Documentum Content Server (formerly EMC Documentum Content Se ...)
 	NOT-FOR-US: OpenText Documentum Content Server
-CVE-2017-5584
+CVE-2017-5584 (Cross-site scripting (XSS) vulnerability in the Management Web Interfa ...)
 	NOT-FOR-US: Palo Alto Networks
-CVE-2017-5583
+CVE-2017-5583 (The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.1 ...)
 	NOT-FOR-US: Palo Alto Networks
 CVE-2017-5582
 	RESERVED
-CVE-2017-6852
+CVE-2017-6852 (Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2 ...)
 	- jasper <removed>
 	[jessie] - jasper <no-dsa> (Minor issue)
 	[wheezy] - jasper <no-dsa> (Minor issue)
 	NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/114
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/25/10
 	NOTE: The POC only triggers an assertion failure but an overflow cannot be observed.
-CVE-2017-6850
+CVE-2017-6850 (The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 all ...)
 	- jasper <removed> (unimportant)
 	NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/112
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/25/8
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2017-6851
+CVE-2017-6851 (The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows r ...)
 	- jasper <removed> (unimportant)
 	NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/113
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/25/9
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2017-5618
+CVE-2017-5618 (GNU screen before 4.5.1 allows local users to modify arbitrary files a ...)
 	- screen 4.5.0-3 (bug #852484)
 	[stretch] - screen <not-affected> (Vulnerable code not present/never migrated to stretch)
 	[jessie] - screen <not-affected> (Vulnerable code not present)
@@ -37551,26 +37551,26 @@ CVE-2017-5618
 	NOTE: Introduced in (screen-v4): http://git.savannah.gnu.org/cgit/screen.git/commit/?h=screen-v4&id=5460f5d28c01a9a58e021eb1dffef2965e629d58
 	NOTE: Introduced in (master): http://git.savannah.gnu.org/cgit/screen.git/commit/?id=c575c40c9bd7653470639da32e06faed0a9b2ec4
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/24/10
-CVE-2017-5597
+CVE-2017-5597 (In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector c ...)
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.4+gcc3dc1b-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-02.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13345
-CVE-2017-5596
+CVE-2017-5596 (In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector  ...)
 	{DSA-3811-1 DLA-858-1}
 	- wireshark 2.2.4+gcc3dc1b-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-01.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13344
-CVE-2017-5581
+CVE-2017-5581 (Buffer overflow in the ModifiablePixelBuffer::fillRect function in Tig ...)
 	- tigervnc 1.7.0+dfsg-3 (bug #852213)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/399
 	NOTE: https://github.com/TigerVNC/tigervnc/commit/18c020124ff1b2441f714da2017f63dba50720ba
-CVE-2017-5580
+CVE-2017-5580 (The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c i ...)
 	- virglrenderer 0.6.0-1 (bug #852604)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415986
 	NOTE: https://cgit.freedesktop.org/virglrenderer/commit/?id=28894a30a17a84529be102b21118e55d6c9f23fa (0.6.0)
 	NOTE: https://lists.freedesktop.org/archives/virglrenderer-devel/2017-January/000105.html
-CVE-2017-5579
+CVE-2017-5579 (Memory leak in the serial_exit_core function in hw/char/serial.c in QE ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-3 (bug #853002)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -37578,7 +37578,7 @@ CVE-2017-5579
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1416157
-CVE-2017-5578
+CVE-2017-5578 (Memory leak in the virtio_gpu_resource_attach_backing function in hw/d ...)
 	- qemu 1:2.10.0-1 (unimportant)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -37588,43 +37588,43 @@ CVE-2017-5578
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415795
 	NOTE: Marked as unimportant, since 1:2.8+dfsg-2 upload reverts
 	NOTE: enable virtio gpu (virglrenderer) and opengl support
-CVE-2017-5577
+CVE-2017-5577 (The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the Video ...)
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/6b8ac63847bc2f958dd93c09edc941a0118992d9
 	NOTE: Introduced by: https://git.kernel.org/linus/d5b1a78a772f1e31a94f8babfa964152ec5e9aa5 (4.5-rc1)
-CVE-2017-5576
+CVE-2017-5576 (Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc ...)
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/0f2ff82e11c86c05d051cae32b58226392d33bbf
 	NOTE: Introduced by: https://git.kernel.org/linus/d5b1a78a772f1e31a94f8babfa964152ec5e9aa5 (4.5-rc1)
-CVE-2017-5575
+CVE-2017-5575 (SQL injection vulnerability in inc/lib/Options.class.php in GeniXCMS b ...)
 	NOT-FOR-US: GenixCMS
-CVE-2017-5574
+CVE-2017-5574 (SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 a ...)
 	NOT-FOR-US: GenixCMS
-CVE-2017-5573
+CVE-2017-5573 (An issue was discovered in Linux Foundation xapi in Citrix XenServer t ...)
 	NOT-FOR-US: Citrix
-CVE-2017-5572
+CVE-2017-5572 (An issue was discovered in Linux Foundation xapi in Citrix XenServer t ...)
 	NOT-FOR-US: Citrix
-CVE-2017-5571
+CVE-2017-5571 (Open redirect vulnerability in the lmadmin component in Flexera FlexNe ...)
 	NOT-FOR-US: Flexera FlexNet Publisher
-CVE-2017-5570
+CVE-2017-5570 (An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. ...)
 	NOT-FOR-US: eClinicalWorks
-CVE-2017-5569
+CVE-2017-5569 (An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. ...)
 	NOT-FOR-US: eClinicalWorks
 CVE-2017-5568
 	RESERVED
-CVE-2017-5567
+CVE-2017-5567 (Code injection vulnerability in Avast Premier 12.3 (and earlier), Inte ...)
 	NOT-FOR-US: Avast
-CVE-2017-5566
+CVE-2017-5566 (Code injection vulnerability in AVG Ultimate 17.1 (and earlier), AVG I ...)
 	NOT-FOR-US: AVG
-CVE-2017-5565
+CVE-2017-5565 (Code injection vulnerability in Trend Micro Maximum Security 11.0 (and ...)
 	NOT-FOR-US: Trend Micro
 CVE-2017-5564
 	RESERVED
-CVE-2017-5563
+CVE-2017-5563 (LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read i ...)
 	- tiff <unfixed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2664
 	NOTE: bmp2tiff utility removed in 4.0.6-3 and 4.0.3-12.3+deb8u2
@@ -37640,81 +37640,81 @@ CVE-2017-5558
 	RESERVED
 CVE-2017-5557
 	RESERVED
-CVE-2017-5556
+CVE-2017-5556 (The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF befo ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2017-5555
 	RESERVED
-CVE-2017-5554
+CVE-2017-5554 (An issue was discovered in ABOOT in OnePlus 3 and 3T OxygenOS before 4 ...)
 	NOT-FOR-US: OnePlus 3 / 3T OxygenOS
-CVE-2017-5553
+CVE-2017-5553 (Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_m ...)
 	- b2evolution <removed>
-CVE-2017-5545
+CVE-2017-5545 (The main function in plistutil.c in libimobiledevice libplist through  ...)
 	{DLA-811-1}
 	- libplist 1.12+git+1+e37ca00-0.1 (low; bug #852385)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/87
 	NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/7391a506352c009fe044dead7baad9e22dd279ee
-CVE-2017-5544
+CVE-2017-5544 (An issue was discovered on FiberHome Fengine S5800 switches V210R240.  ...)
 	NOT-FOR-US: FiberHome switches
-CVE-2017-5543
+CVE-2017-5543 (includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote  ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2017-5542
+CVE-2017-5542 (Cross-site scripting (XSS) vulnerability in template/usererror.missing ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2017-5541
+CVE-2017-5541 (Directory traversal vulnerability in template/usererror.missing_extens ...)
 	NOT-FOR-US: Symphony CMS
 CVE-2017-5540
 	RESERVED
-CVE-2017-5539
+CVE-2017-5539 (The patch for directory traversal (CVE-2017-5480) in b2evolution versi ...)
 	- b2evolution <removed>
-CVE-2017-5536
+CVE-2017-5536 (The GridServer Broker, and GridServer Director components of TIBCO Sof ...)
 	NOT-FOR-US: TIBCO GridServer
-CVE-2017-5535
+CVE-2017-5535 (The GridServer Broker, GridServer Driver, and GridServer Engine compon ...)
 	NOT-FOR-US: TIBCO GridServer
-CVE-2017-5534
+CVE-2017-5534 (The tibbr user profiles components of tibbr Community, and tibbr Enter ...)
 	NOT-FOR-US: tibbr
-CVE-2017-5533
+CVE-2017-5533 (A vulnerability in the server content cache of TIBCO JasperReports Ser ...)
 	- jasperreports <undetermined> (bug #884131)
 	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: http://www.tibco.com/support/advisories/2017/11/tibco-security-advisory-november-15-2017-tibco-jasperreports-server-2017
-CVE-2017-5532
+CVE-2017-5532 (A vulnerability in the report renderer component of TIBCO JasperReport ...)
 	- jasperreports <undetermined> (bug #884131)
 	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: https://www.tibco.com/support/advisories/2017/11/tibco-security-advisory-november-15-2017-tibco-jasperreports-2017-5532
-CVE-2017-5531
+CVE-2017-5531 (Deployments of TIBCO Managed File Transfer Command Center versions 8.0 ...)
 	NOT-FOR-US: TIBCO
-CVE-2017-5530
+CVE-2017-5530 (The tibbr web server components of tibbr Community, and tibbr Enterpri ...)
 	NOT-FOR-US: tibbr
-CVE-2017-5529
+CVE-2017-5529 (JasperReports library components contain an information disclosure vul ...)
 	- jasperreports <undetermined> (bug #880467)
 	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: https://www.tibco.com/support/advisories/2017/06/tibco-security-advisory-june-28-2017-tibco-jasperreports-server-2017-0
-CVE-2017-5528
+CVE-2017-5528 (Multiple JasperReports Server components contain vulnerabilities which ...)
 	- jasperreports <undetermined> (bug #880467)
 	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: https://www.tibco.com/support/advisories/2017/06/tibco-security-advisory-june-28-2017-tibco-jasperreports-server-2017
-CVE-2017-5527
+CVE-2017-5527 (TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1, 7.6.x be ...)
 	NOT-FOR-US: TIBCO Spotfire Server
-CVE-2017-5616
+CVE-2017-5616 (Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allow ...)
 	{DLA-869-1}
 	- cgiemail <removed> (bug #852031)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6
-CVE-2017-5615
+CVE-2017-5615 (cgiemail and cgiecho allow remote attackers to inject HTTP headers via ...)
 	{DLA-869-1}
 	- cgiemail <removed> (bug #852031)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6
-CVE-2017-5614
+CVE-2017-5614 (Open redirect vulnerability in cgiemail and cgiecho allows remote atta ...)
 	{DLA-869-1}
 	- cgiemail <removed> (bug #852031)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6
-CVE-2017-5613
+CVE-2017-5613 (Format string vulnerability in cgiemail and cgiecho allows remote atta ...)
 	{DLA-869-1}
 	- cgiemail <removed> (bug #852031)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6
-CVE-2017-5552
+CVE-2017-5552 (Memory leak in the virgl_resource_attach_backing function in hw/displa ...)
 	- qemu 1:2.10.0-1 (bug #852119; unimportant)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -37725,45 +37725,45 @@ CVE-2017-5552
 	NOTE: Marked as unimportant, since 1:2.8+dfsg-2 reverted the support for
 	NOTE: virtio gpu (virglrenderer) and opengl, but the affected code is
 	NOTE: still present.
-CVE-2017-5551
+CVE-2017-5551 (The simple_set_acl function in fs/posix_acl.c in the Linux kernel befo ...)
 	{DSA-3791-1}
 	- linux 4.9.6-1
 	[wheezy] - linux 3.2.84-1
 	NOTE: Backported fix for CVE-2016-7097 already covered this CVE for wheezy
 	NOTE: Fixed by: https://git.kernel.org/linus/497de07d89c1410d76a15bec2bb41f24a2a89f31 (4.10-rc4)
-CVE-2017-5550
+CVE-2017-5550 (Off-by-one error in the pipe_advance function in lib/iov_iter.c in the ...)
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (Introduced in 4.9)
 	[wheezy] - linux <not-affected> (Introduced in 4.9)
 	NOTE: Fixed by: https://git.kernel.org/linus/b9dc6f65bc5e232d1c05fe34b5daadc7e8bbf1fb (4.10-rc4)
 	NOTE: Introduced by: https://github.com/torvalds/linux/commit/241699cd72a8489c9446ae3910ddd243e9b9061b (4.9-rc1)
-CVE-2017-5549
+CVE-2017-5549 (The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105. ...)
 	{DSA-3791-1 DLA-833-1}
 	- linux 4.9.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/146cc8a17a3b4996f6805ee5c080e7101277c410 (4.10-rc4)
-CVE-2017-5548
+CVE-2017-5548 (drivers/net/ieee802154/atusb.c in the Linux kernel 4.9.x before 4.9.6  ...)
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
 	[wheezy] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
 	NOTE: Fixed by: https://git.kernel.org/linus/05a974efa4bdf6e2a150e3f27dc6fcf0a9ad5655
-CVE-2017-5547
+CVE-2017-5547 (drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 inter ...)
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced in v4.4-rc1)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in v4.4-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/6d104af38b570d37aa32a5803b04c354f8ed513d
-CVE-2017-5546
+CVE-2017-5546 (The freelist-randomization feature in mm/slab.c in the Linux kernel 4. ...)
 	- linux 4.9.6-1
 	[jessie] - linux <not-affected> (freelist randomisation introduced in 4.7)
 	[wheezy] - linux <not-affected> (freelist randomisation introduced in 4.7)
 	NOTE: Fixed by: https://git.kernel.org/linus/c4e490cf148e85ead0d1b1c2caaba833f1d5b29f (v4.10-rc4)
-CVE-2017-5538
+CVE-2017-5538 (The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c i ...)
 	NOT-FOR-US: Samsung Exynos
-CVE-2017-5524
+CVE-2017-5524 (Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers  ...)
 	NOT-FOR-US: Plone
-CVE-2017-5537
+CVE-2017-5537 (The password reset form in Weblate before 2.10.1 provides different er ...)
 	- weblate <itp> (bug #745661)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/18/11
-CVE-2017-5526
+CVE-2017-5526 (Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows l ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-2 (bug #851910)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -37773,7 +37773,7 @@ CVE-2017-5526
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1414209
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da
 	NOTE: Sound device hotplug not supported by libvirt
-CVE-2017-5525
+CVE-2017-5525 (Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows loc ...)
 	{DLA-1497-1}
 	- qemu 1:2.8+dfsg-2 (bug #852021)
 	[wheezy] - qemu <no-dsa> (Minor issue)
@@ -37784,30 +37784,30 @@ CVE-2017-5525
 	NOTE: Sound device hotplug not supported by libvirt
 CVE-2017-5523
 	RESERVED
-CVE-2017-5522
+CVE-2017-5522 (Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6. ...)
 	{DSA-3766-1 DLA-790-1}
 	- mapserver 7.0.4-1
 	NOTE: https://lists.osgeo.org/pipermail/mapserver-dev/2017-January/015007.html
 	NOTE: https://github.com/mapserver/mapserver/commit/e52a436c0e1c5e9f7ef13428dba83194a800f4df
-CVE-2017-2578
+CVE-2017-2578 (In Moodle 3.x, there is XSS in the assignment submission page. ...)
 	- moodle 2.7.18+dfsg-1
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=345915
-CVE-2017-2576
+CVE-2017-2576 (In Moodle 2.x and 3.x, there is incorrect sanitization of attributes i ...)
 	- moodle 2.7.18+dfsg-1
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=345912
-CVE-2017-5521
+CVE-2017-5521 (An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300,  ...)
 	NOT-FOR-US: NETGEAR
-CVE-2017-5520
+CVE-2017-5520 (The media rename feature in GeniXCMS through 0.0.8 does not consider a ...)
 	NOT-FOR-US: GenixCMS
-CVE-2017-5519
+CVE-2017-5519 (SQL injection vulnerability in Posts.class.php in GeniXCMS through 0.0 ...)
 	NOT-FOR-US: GenixCMS
-CVE-2017-5518
+CVE-2017-5518 (The media-file upload feature in GeniXCMS through 0.0.8 allows remote  ...)
 	NOT-FOR-US: GenixCMS
-CVE-2017-5517
+CVE-2017-5517 (SQL injection vulnerability in author.control.php in GeniXCMS through  ...)
 	NOT-FOR-US: GenixCMS
-CVE-2017-5516
+CVE-2017-5516 (Multiple cross-site scripting (XSS) vulnerabilities in the user forms  ...)
 	NOT-FOR-US: GenixCMS
-CVE-2017-5515
+CVE-2017-5515 (Cross-site scripting (XSS) vulnerability in the user prompt function i ...)
 	NOT-FOR-US: GenixCMS
 CVE-2017-5514
 	RESERVED
@@ -37817,9 +37817,9 @@ CVE-2017-5512
 	RESERVED
 CVE-2017-5497
 	RESERVED
-CVE-2017-5496
+CVE-2017-5496 (Sawmill Enterprise 8.7.9 allows remote attackers to gain login access  ...)
 	NOT-FOR-US: Sawmill Enterprise
-CVE-2017-5495
+CVE-2017-5495 (All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbou ...)
 	- quagga 1.1.1-1 (bug #852454)
 	[jessie] - quagga <no-dsa> (Minor issue)
 	[wheezy] - quagga <no-dsa> (Minor issue)
@@ -37827,26 +37827,26 @@ CVE-2017-5495
 	NOTE: http://mirror.easyname.at/nongnu//quagga/quagga-1.1.1.changelog.txt
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=b7ceefea77a246fe5c1dcd1b91bf6079d1b97c02
 	NOTE: http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7d66284a5817a1613b1e4d64a0775ec04fdf8c01
-CVE-2017-5494
+CVE-2017-5494 (Multiple cross-site scripting (XSS) vulnerabilities in the file types  ...)
 	- b2evolution <removed>
-CVE-2017-5486
+CVE-2017-5486 (The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in p ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5485
+CVE-2017-5485 (The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in a ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5484
+CVE-2017-5484 (The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print- ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5483
+CVE-2017-5483 (The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5482
+CVE-2017-5482 (The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in prin ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5481
+CVE-2017-5481 (Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 a ...)
 	NOT-FOR-US: Trend Micro
-CVE-2017-5480
+CVE-2017-5480 (Directory traversal vulnerability in inc/files/files.ctrl.php in b2evo ...)
 	- b2evolution <removed>
 CVE-2017-5479
 	RESERVED
@@ -37854,18 +37854,18 @@ CVE-2017-5478
 	RESERVED
 CVE-2017-5477
 	RESERVED
-CVE-2017-5476
+CVE-2017-5476 (Serendipity through 2.0.5 allows CSRF for the installation of an event ...)
 	- serendipity <removed>
-CVE-2017-5475
+CVE-2017-5475 (comment.php in Serendipity through 2.0.5 allows CSRF in deleting any c ...)
 	- serendipity <removed>
-CVE-2017-5474
+CVE-2017-5474 (Open redirect vulnerability in comment.php in Serendipity through 2.0. ...)
 	- serendipity <removed>
-CVE-2017-5473
+CVE-2017-5473 (Cross-site request forgery (CSRF) vulnerability in ntopng through 2.4  ...)
 	- ntopng 2.4+dfsg1-3 (bug #852109)
 	[jessie] - ntopng <no-dsa> (Minor issue)
 	NOTE: https://github.com/ntop/ntopng/commit/1b2ceac8f578a246af6351c4f476e3102cdf21b3
 	NOTE: https://github.com/ntop/ntopng/commit/f91fbe3d94c8346884271838ae3406ae633f6f15
-CVE-2017-5472
+CVE-2017-5472 (A use-after-free vulnerability with the frameloader during tree recons ...)
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -37873,10 +37873,10 @@ CVE-2017-5472
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-5472
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-5472
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-5472
-CVE-2017-5471
+CVE-2017-5471 (Memory safety bugs were reported in Firefox 53. Some of these bugs sho ...)
 	- firefox 54.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-5471
-CVE-2017-5470
+CVE-2017-5470 (Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. S ...)
 	{DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
 	- firefox 54.0-1
 	- firefox-esr 52.2.0esr-1
@@ -37884,27 +37884,27 @@ CVE-2017-5470
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-5470
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-5470
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-5470
-CVE-2017-5469
+CVE-2017-5469 (Fixed potential buffer overflows in generated Firefox code due to CVE- ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox-esr 45.9.0esr-1
 	- firefox 52.0.1-1
-CVE-2017-5468
+CVE-2017-5468 (An issue with incorrect ownership model of "privateBrowsing" informati ...)
 	- firefox 52.0.1-1
-CVE-2017-5467
+CVE-2017-5467 (A potential memory corruption and crash when using Skia content when d ...)
 	- firefox 52.0.1-1
-CVE-2017-5466
+CVE-2017-5466 (If a page is loaded from an original site through a hyperlink and cont ...)
 	- firefox 52.0.1-1
-CVE-2017-5465
+CVE-2017-5465 (An out-of-bounds read while processing SVG content in "ConvolvePixel". ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5464
+CVE-2017-5464 (During DOM manipulations of the accessibility tree through script, the ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5463
+CVE-2017-5463 (Android intents can be used to launch Firefox for Android in reader mo ...)
 	- firefox <not-affected> (Only affects Firefox on Android)
-CVE-2017-5462
+CVE-2017-5462 (A flaw in DRBG number generation within the Network Security Services  ...)
 	{DSA-3872-1 DSA-3831-1 DLA-946-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
@@ -37912,7 +37912,7 @@ CVE-2017-5462
 	- nss 2:3.26.2-1.1 (bug #862958)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5462
 	NOTE: https://hg.mozilla.org/projects/nss/rev/7248d38b76e5
-CVE-2017-5461
+CVE-2017-5461 (Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through  ...)
 	{DSA-3872-1 DSA-3831-1 DLA-946-1 DLA-906-1}
 	- firefox 52.0.1-1
 	[experimental] - nss 2:3.30.1-1
@@ -37920,163 +37920,163 @@ CVE-2017-5461
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1344380
 	NOTE: https://hg.mozilla.org/projects/nss/rev/77a5bb81dbaa
-CVE-2017-5460
+CVE-2017-5460 (A use-after-free vulnerability in frame selection triggered by a combi ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5459
+CVE-2017-5459 (A buffer overflow in WebGL triggerable by web content, resulting in a  ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5458
+CVE-2017-5458 (When a "javascript:" URL is drag and dropped by a user into the addres ...)
 	- firefox 52.0.1-1
 CVE-2017-5457
 	RESERVED
-CVE-2017-5456
+CVE-2017-5456 (A mechanism to bypass file system access protections in the sandbox us ...)
 	- firefox 52.0.1-1
-CVE-2017-5455
+CVE-2017-5455 (The internal feed reader APIs that crossed the sandbox barrier allowed ...)
 	- firefox 52.0.1-1
-CVE-2017-5454
+CVE-2017-5454 (A mechanism to bypass file system access protections in the sandbox to ...)
 	- firefox 52.0.1-1
-CVE-2017-5453
+CVE-2017-5453 (A mechanism to inject static HTML into the RSS reader preview page due ...)
 	- firefox 52.0.1-1
-CVE-2017-5452
+CVE-2017-5452 (Malicious sites can display a spoofed addressbar on a page when the ex ...)
 	- firefox <not-affected> (Only affects Firefox on Android)
-CVE-2017-5451
+CVE-2017-5451 (A mechanism to spoof the addressbar through the user interaction on th ...)
 	- firefox 52.0.1-1
-CVE-2017-5450
+CVE-2017-5450 (A mechanism to spoof the Firefox for Android addressbar using a "javas ...)
 	- firefox 52.0.1-1
-CVE-2017-5449
+CVE-2017-5449 (A possibly exploitable crash triggered during layout and manipulation  ...)
 	- firefox 52.0.1-1
-CVE-2017-5448
+CVE-2017-5448 (An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Cl ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5447
+CVE-2017-5447 (An out-of-bounds read during the processing of glyph widths during tex ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5446
+CVE-2017-5446 (An out-of-bounds read when an HTTP/2 connection to a servers sends "DA ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5445
+CVE-2017-5445 (A vulnerability while parsing "application/http-index-format" format c ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5444
+CVE-2017-5444 (A buffer overflow vulnerability while parsing "application/http-index- ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5443
+CVE-2017-5443 (An out-of-bounds write vulnerability while decoding improperly formed  ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5442
+CVE-2017-5442 (A use-after-free vulnerability during changes in style when manipulati ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5441
+CVE-2017-5441 (A use-after-free vulnerability when holding a selection during scroll  ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5440
+CVE-2017-5440 (A use-after-free vulnerability during XSLT processing due to a failure ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5439
+CVE-2017-5439 (A use-after-free vulnerability during XSLT processing due to poor hand ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5438
+CVE-2017-5438 (A use-after-free vulnerability during XSLT processing due to the resul ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
 CVE-2017-5437
 	REJECTED
-CVE-2017-5436
+CVE-2017-5436 (An out-of-bounds write in the Graphite 2 library triggered with a mali ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5435
+CVE-2017-5435 (A use-after-free vulnerability occurs during transaction processing in ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5434
+CVE-2017-5434 (A use-after-free vulnerability occurs when redirecting focus handling  ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5433
+CVE-2017-5433 (A use-after-free vulnerability in SMIL animation functions occurs when ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
-CVE-2017-5432
+CVE-2017-5432 (A use-after-free vulnerability occurs during certain text input select ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox 52.0.1-1
 	- firefox-esr 45.9.0esr-1
 CVE-2017-5431
 	RESERVED
-CVE-2017-5430
+CVE-2017-5430 (Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Th ...)
 	- firefox 52.0.1-1
 	- firefox-esr <not-affected> (Only affects ESR52 and Firefox)
-CVE-2017-5429
+CVE-2017-5429 (Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Fire ...)
 	{DSA-3831-1 DLA-906-1}
 	- firefox-esr 45.9.0esr-1
 	- firefox 52.0.1-1
-CVE-2017-5428
+CVE-2017-5428 (An integer overflow in "createImageBitmap()" was reported through the  ...)
 	- firefox-esr <not-affected> (Only affects 52 ESR, which isn't packaged yet except experimental where it's fixed)
 	- firefox 52.0.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-08/#CVE-2017-5428
-CVE-2017-5427
+CVE-2017-5427 (A non-existent chrome.manifest file will attempt to be loaded during s ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5427
-CVE-2017-5426
+CVE-2017-5426 (On Linux, if the secure computing mode BPF (seccomp-bpf) filter is run ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5426
-CVE-2017-5425
+CVE-2017-5425 (The Gecko Media Plugin sandbox allows access to local files that match ...)
 	- firefox <not-affected> (Only Firefox on OS X)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5425
 CVE-2017-5424
 	RESERVED
 CVE-2017-5423
 	RESERVED
-CVE-2017-5422
+CVE-2017-5422 (If a malicious site uses the "view-source:" protocol in a series withi ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5422
-CVE-2017-5421
+CVE-2017-5421 (A malicious site could spoof the contents of the print preview window  ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5421
-CVE-2017-5420
+CVE-2017-5420 (A "javascript:" url loaded by a malicious page can obfuscate its locat ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5420
-CVE-2017-5419
+CVE-2017-5419 (If a malicious site repeatedly triggers a modal authentication prompt, ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5419
-CVE-2017-5418
+CVE-2017-5418 (An out of bounds read error occurs when parsing some HTTP digest autho ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5418
-CVE-2017-5417
+CVE-2017-5417 (When dragging content from the primary browser pane to the addressbar  ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5417
-CVE-2017-5416
+CVE-2017-5416 (In certain circumstances a networking event listener can be prematurel ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5416
-CVE-2017-5415
+CVE-2017-5415 (An attack can use a blob URL and script to spoof an arbitrary addressb ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5415
-CVE-2017-5414
+CVE-2017-5414 (The file picker dialog can choose and display the wrong local default  ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5414
-CVE-2017-5413
+CVE-2017-5413 (A segmentation fault can occur during some bidirectional layout operat ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5413
-CVE-2017-5412
+CVE-2017-5412 (A buffer overflow read during SVG filter color value operations, resul ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5412
-CVE-2017-5411
+CVE-2017-5411 (A use-after-free can occur during buffer storage operations within the ...)
 	- firefox <not-affected> (Only Firefox on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5411
-CVE-2017-5410
+CVE-2017-5410 (Memory corruption resulting in a potentially exploitable crash during  ...)
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38084,12 +38084,12 @@ CVE-2017-5410
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5410
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5410
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5410
-CVE-2017-5409
+CVE-2017-5409 (The Mozilla Windows updater can be called by a non-privileged user to  ...)
 	- firefox <not-affected> (Only Firefox on Windows)
 	- firefox-esr <not-affected> (Only Firefox on Windows)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5409
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5409
-CVE-2017-5408
+CVE-2017-5408 (Video files loaded video captions cross-origin without checking for th ...)
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38097,7 +38097,7 @@ CVE-2017-5408
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5408
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5408
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5408
-CVE-2017-5407
+CVE-2017-5407 (Using SVG filters that don't use the fixed point math implementation o ...)
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38105,10 +38105,10 @@ CVE-2017-5407
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5407
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5407
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5407
-CVE-2017-5406
+CVE-2017-5406 (A segmentation fault can occur in the Skia graphics library during som ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5406
-CVE-2017-5405
+CVE-2017-5405 (Certain response codes in FTP connections can result in the use of uni ...)
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38116,7 +38116,7 @@ CVE-2017-5405
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5405
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5405
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5405
-CVE-2017-5404
+CVE-2017-5404 (A use-after-free error can occur when manipulating ranges in selection ...)
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38124,10 +38124,10 @@ CVE-2017-5404
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5404
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5404
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5404
-CVE-2017-5403
+CVE-2017-5403 (When adding a range to an object in the DOM, it is possible to use "ad ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5403
-CVE-2017-5402
+CVE-2017-5402 (A use-after-free can occur when events are fired for a "FontFace" obje ...)
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38135,7 +38135,7 @@ CVE-2017-5402
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5402
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5402
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5402
-CVE-2017-5401
+CVE-2017-5401 (A crash triggerable by web content in which an "ErrorResult" reference ...)
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38143,7 +38143,7 @@ CVE-2017-5401
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5401
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5401
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5401
-CVE-2017-5400
+CVE-2017-5400 (JIT-spray targeting asm.js combined with a heap spray allows for a byp ...)
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38151,10 +38151,10 @@ CVE-2017-5400
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5400
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5400
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5400
-CVE-2017-5399
+CVE-2017-5399 (Memory safety bugs were reported in Firefox 51. Some of these bugs sho ...)
 	- firefox 52.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5399
-CVE-2017-5398
+CVE-2017-5398 (Memory safety bugs were reported in Thunderbird 45.7. Some of these bu ...)
 	{DSA-3832-1 DSA-3805-1 DLA-896-1 DLA-852-1}
 	- firefox 52.0-1
 	- firefox-esr 45.8.0esr-1
@@ -38162,10 +38162,10 @@ CVE-2017-5398
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5398
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5398
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/#CVE-2017-5398
-CVE-2017-5397
+CVE-2017-5397 (The cache directory on the local file system is set to be world writab ...)
 	- firefox <not-affected> (Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-04/#CVE-2017-5397
-CVE-2017-5396
+CVE-2017-5396 (A use-after-free vulnerability in the Media Decoder when working with  ...)
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38173,24 +38173,24 @@ CVE-2017-5396
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5396
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5396
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5396
-CVE-2017-5395
+CVE-2017-5395 (Malicious sites can display a spoofed location bar on a subsequently l ...)
 	- firefox <not-affected> (Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5395
-CVE-2017-5394
+CVE-2017-5394 (A location bar spoofing attack where the location bar of loaded page w ...)
 	- firefox <not-affected> (Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5394
-CVE-2017-5393
+CVE-2017-5393 (The "mozAddonManager" allows for the installation of extensions from t ...)
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5393
-CVE-2017-5392
+CVE-2017-5392 (Weak proxy objects have weak references on multiple threads when they  ...)
 	- firefox <not-affected> (Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5392
-CVE-2017-5391
+CVE-2017-5391 (Special "about:" pages used by web content, such as RSS feeds, can loa ...)
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5391
-CVE-2017-5390
+CVE-2017-5390 (The JSON viewer in the Developer Tools uses insecure methods to create ...)
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38198,33 +38198,33 @@ CVE-2017-5390
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5390
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5390
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5390
-CVE-2017-5389
+CVE-2017-5389 (WebExtensions could use the "mozAddonManager" API by modifying the CSP ...)
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5389
-CVE-2017-5388
+CVE-2017-5388 (A STUN server in conjunction with a large number of "webkitRTCPeerConn ...)
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5388
-CVE-2017-5387
+CVE-2017-5387 (The existence of a specifically requested local file can be found due  ...)
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5387
-CVE-2017-5386
+CVE-2017-5386 (WebExtension scripts can use the "data:" protocol to affect pages load ...)
 	{DSA-3771-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5386
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5386
-CVE-2017-5385
+CVE-2017-5385 (Data sent with in multipart channels, such as the multipart/x-mixed-re ...)
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5385
-CVE-2017-5384
+CVE-2017-5384 (Proxy Auto-Config (PAC) files can specify a JavaScript function called ...)
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5384
-CVE-2017-5383
+CVE-2017-5383 (URLs containing certain unicode glyphs for alternative hyphens and quo ...)
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38232,15 +38232,15 @@ CVE-2017-5383
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5383
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5383
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5383
-CVE-2017-5382
+CVE-2017-5382 (Feed preview for RSS feeds can be used to capture errors and exception ...)
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5382
-CVE-2017-5381
+CVE-2017-5381 (The "export" function in the Certificate Viewer can force local filesy ...)
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5381
-CVE-2017-5380
+CVE-2017-5380 (A potential use-after-free found through fuzzing during DOM manipulati ...)
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38248,11 +38248,11 @@ CVE-2017-5380
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5380
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5380
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5380
-CVE-2017-5379
+CVE-2017-5379 (Use-after-free vulnerability in Web Animations when interacting with c ...)
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5379
-CVE-2017-5378
+CVE-2017-5378 (Hashed codes of JavaScript objects are shared between pages. This allo ...)
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38260,11 +38260,11 @@ CVE-2017-5378
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5378
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5378
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5378
-CVE-2017-5377
+CVE-2017-5377 (A memory corruption vulnerability in Skia that can occur when using tr ...)
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5377
-CVE-2017-5376
+CVE-2017-5376 (Use-after-free while manipulating XSL in XSLT documents. This vulnerab ...)
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38272,7 +38272,7 @@ CVE-2017-5376
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5376
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5376
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5376
-CVE-2017-5375
+CVE-2017-5375 (JIT code allocation can allow for a bypass of ASLR and DEP protections ...)
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38280,11 +38280,11 @@ CVE-2017-5375
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5375
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5375
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5375
-CVE-2017-5374
+CVE-2017-5374 (Memory safety bugs were reported in Firefox 50.1. Some of these bugs s ...)
 	- firefox 51.0-1
 	- firefox-esr <not-affected> (Does not affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5374
-CVE-2017-5373
+CVE-2017-5373 (Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. ...)
 	{DSA-3832-1 DSA-3771-1 DLA-896-1 DLA-800-1}
 	- firefox 51.0-1
 	- firefox-esr 45.7.0esr-1
@@ -38292,164 +38292,164 @@ CVE-2017-5373
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5373
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/#CVE-2017-5373
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/#CVE-2017-5373
-CVE-2017-5372
+CVE-2017-5372 (The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE compon ...)
 	NOT-FOR-US: SAP
-CVE-2017-5371
+CVE-2017-5371 (Odata Server in SAP Adaptive Server Enterprise (ASE) 16 allows remote  ...)
 	NOT-FOR-US: SAP
 CVE-2017-5370
 	RESERVED
 CVE-2017-5369
 	RESERVED
-CVE-2017-5368
+CVE-2017-5368 (ZoneMinder v1.30 and v1.29, an open-source CCTV server web application ...)
 	- zoneminder 1.30.4+dfsg-1 (bug #854733)
 	[wheezy] - zoneminder <no-dsa> (Too intrusive to backport)
 	NOTE: https://github.com/ZoneMinder/ZoneMinder/pull/1822
-CVE-2017-5367
+CVE-2017-5367 (Multiple reflected XSS vulnerabilities exist within form and link inpu ...)
 	- zoneminder 1.30.4+dfsg-1 (bug #854733)
 	[wheezy] - zoneminder <no-dsa> (Minor issue)
 CVE-2017-5366
 	RESERVED
 CVE-2017-5365
 	RESERVED
-CVE-2017-5364
+CVE-2017-5364 (Memory Corruption Vulnerability in Foxit PDF Toolkit v1.3 allows an at ...)
 	NOT-FOR-US: Foxit PDF Toolkit
 CVE-2017-5363
 	RESERVED
 CVE-2017-5362
 	RESERVED
-CVE-2017-5361
+CVE-2017-5361 (Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x ...)
 	{DSA-3883-1 DSA-3882-1 DLA-988-1 DLA-987-1}
 	- request-tracker4 4.4.1-4
 	- rt-authen-externalauth <removed>
 	NOTE: https://github.com/bestpractical/rt-authen-externalauth/commit/436255c04b4881bb6d8eec9a57b8593033d863a9
 CVE-2017-5360
 	RESERVED
-CVE-2017-5359
+CVE-2017-5359 (EasyCom SQL iPlug allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: EasyCom
-CVE-2017-5358
+CVE-2017-5358 (Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for PH ...)
 	NOT-FOR-US: EasyCom
-CVE-2017-5505
+CVE-2017-5505 (The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows rem ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-read-in-jas_matrix_asl-jas_seq-c
 	NOTE: https://github.com/mdadams/jasper/issues/88
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2017-5504
+CVE-2017-5504 (The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.2 ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-read-in-jpc_undo_roi-jpc_dec-c
 	NOTE: https://github.com/mdadams/jasper/issues/89
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2017-5503
+CVE-2017-5503 (The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900. ...)
 	- jasper <not-affected> (Vulnerable code introduced later)
 	NOTE: https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-write-in-dec_clnpass-jpc_t1dec-c
 	NOTE: https://github.com/mdadams/jasper/issues/90
-CVE-2017-5502
+CVE-2017-5502 (libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to  ...)
 	- jasper <removed> (unimportant)
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00030-jasper-leftshift-jp2_dec_c
 	NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/
 	NOTE: https://github.com/mdadams/jasper/issues/76
 	NOTE: Not suitable for code injection, hardly denial of service
-CVE-2017-5501
+CVE-2017-5501 (Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows ...)
 	- jasper <removed> (unimportant)
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00022-jasper-signedintoverflow-jpc_tsfb_c
 	NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/
 	NOTE: https://github.com/mdadams/jasper/issues/70
 	NOTE: Only crashes with debug builds using ubsan
-CVE-2017-5500
+CVE-2017-5500 (libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to  ...)
 	- jasper <removed> (unimportant)
 	NOTE: Triggers an assert. Not suitable for code injection, hardly denial of service
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00019-jasper-leftshift-jpc_dec_c
 	NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/
 	NOTE: https://github.com/mdadams/jasper/issues/64
-CVE-2017-5499
+CVE-2017-5499 (Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows  ...)
 	- jasper <removed> (unimportant)
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00018-jasper-signedintoverflow-jpc_dec_c
 	NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/
 	NOTE: https://github.com/mdadams/jasper/issues/63
 	NOTE: Triggers an assert. Not suitable for code injection, hardly denial of service
-CVE-2017-5498
+CVE-2017-5498 (libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote a ...)
 	- jasper <removed> (unimportant)
 	NOTE: Triggers an assert. Not suitable for code injection, hardly denial of service
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00017-jasper-leftshift-jas_math_h
 	NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/
 	NOTE: https://github.com/mdadams/jasper/issues/62
-CVE-2017-5506
+CVE-2017-5506 (Double free vulnerability in magick/profile.c in ImageMagick allows re ...)
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851383)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/354
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6235f1f7a9f7b0f83b197f6cd0073dbb6602d0fb
-CVE-2017-5507
+CVE-2017-5507 (Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x befo ...)
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851382)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4493d9ca1124564da17f9b628ef9d0f1a6be9738
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
-CVE-2017-5508
+CVE-2017-5508 (Heap-based buffer overflow in the PushQuantumPixel function in ImageMa ...)
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851381)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31161
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/379e21cd32483df6e128147af3bc4ce1f82eb9c4
-CVE-2017-5509
+CVE-2017-5509 (coders/psd.c in ImageMagick allows remote attackers to have unspecifie ...)
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851377)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/350
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
-CVE-2017-5510
+CVE-2017-5510 (coders/psd.c in ImageMagick allows remote attackers to have unspecifie ...)
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851376)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/348
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/e87af64b1ff1635a32d9b6162f1b0e260fb54ed9
-CVE-2017-5511
+CVE-2017-5511 (coders/psd.c in ImageMagick allows remote attackers to have unspecifie ...)
 	{DSA-3799-1 DLA-807-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #851374)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/347
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/7d65a814ac76bd04760072c33e452371692ee790
-CVE-2017-5487
+CVE-2017-5487 (wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in t ...)
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	[jessie] - wordpress <not-affected> (vulnerable code not present)
 	[wheezy] - wordpress <not-affected> (vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8715
 	NOTE: https://github.com/WordPress/WordPress/commit/daf358983cc1ce0c77bf6d2de2ebbb43df2add60
-CVE-2017-5488
+CVE-2017-5488 (Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update ...)
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8716
 	NOTE: https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php
-CVE-2017-5489
+CVE-2017-5489 (Cross-site request forgery (CSRF) vulnerability in WordPress before 4. ...)
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8717
-CVE-2017-5490
+CVE-2017-5490 (Cross-site scripting (XSS) vulnerability in the theme-name fallback fu ...)
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8718
 	NOTE: https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
-CVE-2017-5491
+CVE-2017-5491 (wp-mail.php in WordPress before 4.7.1 might allow remote attackers to  ...)
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8719
 	NOTE: https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
-CVE-2017-5492
+CVE-2017-5492 (Cross-site request forgery (CSRF) vulnerability in the widget-editing  ...)
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8720
 	NOTE: https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
-CVE-2017-5493
+CVE-2017-5493 (wp-includes/ms-functions.php in the Multisite WordPress API in WordPre ...)
 	{DSA-3779-1 DLA-813-1}
 	- wordpress 4.7.1+dfsg-1 (bug #851310)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
 	NOTE: https://wpvulndb.com/vulnerabilities/8721
 	NOTE: https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
-CVE-2017-5356
+CVE-2017-5356 (Irssi before 0.8.21 allows remote attackers to cause a denial of servi ...)
 	{DLA-1217-1}
 	- irssi 0.8.21-1 (low)
 	[jessie] - irssi 0.8.17-1+deb8u3
@@ -38464,39 +38464,39 @@ CVE-2017-5353
 	RESERVED
 CVE-2017-5352
 	RESERVED
-CVE-2017-5351
+CVE-2017-5351 (Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software all ...)
 	NOT-FOR-US: Samsung
-CVE-2017-5350
+CVE-2017-5350 (Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allo ...)
 	NOT-FOR-US: Samsung
 CVE-2017-5349
 	RESERVED
 CVE-2017-5348
 	RESERVED
-CVE-2017-5347
+CVE-2017-5347 (SQL injection vulnerability in inc/mod/newsletter/options.php in GeniX ...)
 	NOT-FOR-US: GeniXMS
-CVE-2017-5346
+CVE-2017-5346 (SQL injection vulnerability in inc/lib/Control/Backend/posts.control.p ...)
 	NOT-FOR-US: GeniXMS
-CVE-2017-5345
+CVE-2017-5345 (SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control. ...)
 	NOT-FOR-US: GeniXMS
-CVE-2017-5344
+CVE-2017-5344 (An issue was discovered in dotCMS through 3.6.1. The findChildrenByFil ...)
 	NOT-FOR-US: dotCMS
 CVE-2017-5343
 	RESERVED
-CVE-2017-5342
+CVE-2017-5342 (In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, G ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5341
+CVE-2017-5341 (The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print- ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5357
+CVE-2017-5357 (regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of  ...)
 	- ed <not-affected> (Vulnerable code not present, cf #851159)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/12/5
 	NOTE: The issue is only present from 1.14 onwards, and prior to 1.14.1 since upstream
 	NOTE: changed a malloc'ed buffer for a static one.
 	NOTE: https://lists.gnu.org/archive/html/bug-ed/2017-01/msg00001.html
-CVE-2017-5329
+CVE-2017-5329 (Palo Alto Networks Terminal Services Agent before 7.0.7 allows local u ...)
 	NOT-FOR-US: Palo Alto Networks Terminal Services Agent
-CVE-2017-5328
+CVE-2017-5328 (Palo Alto Networks Terminal Services Agent before 7.0.7 allows attacke ...)
 	NOT-FOR-US: Palo Alto Networks Terminal Services Agent
 CVE-2017-5327
 	RESERVED
@@ -38624,83 +38624,83 @@ CVE-2017-5266
 	RESERVED
 CVE-2017-5265
 	RESERVED
-CVE-2017-5264
+CVE-2017-5264 (Versions of Nexpose prior to 6.4.66 fail to adequately validate the so ...)
 	NOT-FOR-US: Nexpose
-CVE-2017-5263
+CVE-2017-5263 (Versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware lack  ...)
 	NOT-FOR-US: Cambium Networks cnPilot firmware
-CVE-2017-5262
+CVE-2017-5262 (In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, t ...)
 	NOT-FOR-US: Cambium Networks cnPilot firmware
-CVE-2017-5261
+CVE-2017-5261 (In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, t ...)
 	NOT-FOR-US: Cambium Networks cnPilot firmware
-CVE-2017-5260
+CVE-2017-5260 (In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, a ...)
 	NOT-FOR-US: Cambium Networks cnPilot firmware
-CVE-2017-5259
+CVE-2017-5259 (In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, a ...)
 	NOT-FOR-US: Cambium Networks cnPilot firmware
-CVE-2017-5258
+CVE-2017-5258 (In version 3.5 and prior of Cambium Networks ePMP firmware, an attacke ...)
 	NOT-FOR-US: Cambium Networks ePMP firmware
-CVE-2017-5257
+CVE-2017-5257 (In version 3.5 and prior of Cambium Networks ePMP firmware, an attacke ...)
 	NOT-FOR-US: Cambium Networks ePMP firmware
-CVE-2017-5256
+CVE-2017-5256 (In version 3.5 and prior of Cambium Networks ePMP firmware, all authen ...)
 	NOT-FOR-US: Cambium Networks ePMP firmware
-CVE-2017-5255
+CVE-2017-5255 (In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of  ...)
 	NOT-FOR-US: Cambium Networks ePMP firmware
-CVE-2017-5254
+CVE-2017-5254 (In version 3.5 and prior of Cambium Networks ePMP firmware, the non-ad ...)
 	NOT-FOR-US: Cambium Networks ePMP firmware
 CVE-2017-5253
 	RESERVED
 CVE-2017-5252
 	RESERVED
-CVE-2017-5251
+CVE-2017-5251 (In version 1012 and prior of Insteon's Insteon Hub, the radio transmis ...)
 	NOT-FOR-US: Insteon
-CVE-2017-5250
+CVE-2017-5250 (In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, t ...)
 	NOT-FOR-US: Insteon
-CVE-2017-5249
+CVE-2017-5249 (In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android ...)
 	NOT-FOR-US: Wink
 CVE-2017-5248
 	RESERVED
-CVE-2017-5247
+CVE-2017-5247 (Biscom Secure File Transfer is vulnerable to cross-site scripting in t ...)
 	NOT-FOR-US: Biscom Secure File Transfer
-CVE-2017-5246
+CVE-2017-5246 (Biscom Secure File Transfer is vulnerable to AngularJS expression inje ...)
 	NOT-FOR-US: Biscom Secure File Transfer
 CVE-2017-5245
 	REJECTED
-CVE-2017-5244
+CVE-2017-5244 (Routes used to stop running Metasploit tasks (either particular ones o ...)
 	NOT-FOR-US: Metasploit
-CVE-2017-5243
+CVE-2017-5243 (The default SSH configuration in Rapid7 Nexpose hardware appliances sh ...)
 	NOT-FOR-US: Rapid7 Nexpose hardware appliances
 CVE-2017-5242
 	RESERVED
-CVE-2017-5241
+CVE-2017-5241 (Biscom Secure File Transfer version 5.1.1015 (and possibly prior) is v ...)
 	NOT-FOR-US: Biscom Secure File Transfer
-CVE-2017-5240
+CVE-2017-5240 (Editions of Rapid7 AppSpider Pro prior to version 6.14.060 contain a h ...)
 	NOT-FOR-US: Rapid7 AppSpider Pro
-CVE-2017-5239
+CVE-2017-5239 (Due to a lack of standard encryption when transmitting sensitive infor ...)
 	NOT-FOR-US: Eview GPS trackers
-CVE-2017-5238
+CVE-2017-5238 (Due to a lack of bounds checking, several input configuration fields f ...)
 	NOT-FOR-US: Eview GPS trackers
-CVE-2017-5237
+CVE-2017-5237 (Due to a lack of authentication, an unauthenticated user who knows the ...)
 	NOT-FOR-US: Eview GPS trackers
-CVE-2017-5236
+CVE-2017-5236 (Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060  ...)
 	NOT-FOR-US: Rapid7 AppSpider Pro
-CVE-2017-5235
+CVE-2017-5235 (Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 co ...)
 	NOT-FOR-US: Rapid7
-CVE-2017-5234
+CVE-2017-5234 (Rapid7 Insight Collector installers prior to version 1.0.16 contain a  ...)
 	NOT-FOR-US: Rapid7
-CVE-2017-5233
+CVE-2017-5233 (Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DL ...)
 	NOT-FOR-US: Rapid7
-CVE-2017-5232
+CVE-2017-5232 (All editions of Rapid7 Nexpose installers prior to version 6.4.24 cont ...)
 	NOT-FOR-US: Rapid7
-CVE-2017-5231
+CVE-2017-5231 (All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 c ...)
 	NOT-FOR-US: Rapid7
-CVE-2017-5230
+CVE-2017-5230 (The Java keystore in all versions and editions of Rapid7 Nexpose prior ...)
 	NOT-FOR-US: Rapid7
-CVE-2017-5229
+CVE-2017-5229 (All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 c ...)
 	NOT-FOR-US: Rapid7
-CVE-2017-5228
+CVE-2017-5228 (All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 c ...)
 	NOT-FOR-US: Rapid7
-CVE-2017-5227
+CVE-2017-5227 (QNAP QTS before 4.2.4 Build 20170313 allows local users to obtain sens ...)
 	NOT-FOR-US: QNAP
-CVE-2017-5225
+CVE-2017-5225 (LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the t ...)
 	{DSA-3844-1 DLA-795-1}
 	- tiff 4.0.7-5 (bug #851297)
 	NOTE: Fixed by: https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7
@@ -38708,7 +38708,7 @@ CVE-2017-5225
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2657
 CVE-2017-5224
 	RESERVED
-CVE-2017-5223
+CVE-2017-5223 (An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTM ...)
 	{DLA-1591-1 DLA-817-1}
 	- libphp-phpmailer 5.2.14+dfsg-2.3 (bug #853232)
 	NOTE: Fixed by: https://github.com/PHPMailer/PHPMailer/commit/ad4cb09682682da2217799a0c521d4cdc6753402 (v5.2.22)
@@ -38719,17 +38719,17 @@ CVE-2017-5221
 	RESERVED
 CVE-2017-5220
 	RESERVED
-CVE-2017-5219
+CVE-2017-5219 (An issue was discovered in SageCRM 7.x before 7.3 SP3. The Component M ...)
 	NOT-FOR-US: SageCRM
-CVE-2017-5218
+CVE-2017-5218 (A SQL Injection issue was discovered in SageCRM 7.x before 7.3 SP3. Th ...)
 	NOT-FOR-US: SageCRM
-CVE-2017-5217
+CVE-2017-5217 (Installing a zero-permission Android application on certain Samsung An ...)
 	NOT-FOR-US: Samsung
-CVE-2017-5216
+CVE-2017-5216 (Stack-based buffer overflow vulnerability in Netop Remote Control vers ...)
 	NOT-FOR-US: Netop Remote Control
-CVE-2017-5215
+CVE-2017-5215 (The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 f ...)
 	NOT-FOR-US: Joomla extension
-CVE-2017-5214
+CVE-2017-5214 (The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 f ...)
 	NOT-FOR-US: Joomla extension
 CVE-2017-5213
 	RESERVED
@@ -38739,27 +38739,27 @@ CVE-2017-5211
 	RESERVED
 CVE-2017-5210
 	RESERVED
-CVE-2017-5209
+CVE-2017-5209 (The base64decode function in base64.c in libimobiledevice libplist thr ...)
 	{DLA-811-1}
 	- libplist 1.12+git+1+e37ca00-0.1 (low; bug #851196)
 	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: Upstream bug: https://github.com/libimobiledevice/libplist/issues/84
 	NOTE: https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957
-CVE-2017-5205
+CVE-2017-5205 (The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in pri ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5204
+CVE-2017-5204 (The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5203
+CVE-2017-5203 (The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in prin ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5202
+CVE-2017-5202 (The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in p ...)
 	{DSA-3775-1 DLA-809-1}
 	- tcpdump 4.9.0-1
-CVE-2017-5201
+CVE-2017-5201 (NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow rem ...)
 	NOT-FOR-US: NetApp
-CVE-2017-5200
+CVE-2017-5200 (Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, ...)
 	- salt 2016.11.2+ds-1
 	[jessie] - salt <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/saltstack/salt/compare/c0e5a1171d7ce2ba8747a971c024632e0d96d848~1...97b0f64923bc5382531b931625267a3c30d2f17e
@@ -38771,7 +38771,7 @@ CVE-2017-XXXX [multiple new security issues]
 	- w3m 0.5.3-34 (bug #850432)
 	[jessie] - w3m 0.5.3-19+deb8u2
 	[wheezy] - w3m <no-dsa> (Minor issues)
-CVE-2017-5337
+CVE-2017-5337 (Multiple heap-based buffer overflows in the read_attribute function in ...)
 	- gnutls28 3.5.8-1
 	[jessie] - gnutls28 3.3.8-6+deb8u5
 	- gnutls26 <removed>
@@ -38779,7 +38779,7 @@ CVE-2017-5337
 	NOTE: OpenPGP-related issue
 	NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-2
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/94fcf1645ea17223237aaf8d19132e004afddc1a
-CVE-2017-5336
+CVE-2017-5336 (Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/op ...)
 	- gnutls28 3.5.8-1
 	[jessie] - gnutls28 3.3.8-6+deb8u5
 	- gnutls26 <removed>
@@ -38787,7 +38787,7 @@ CVE-2017-5336
 	NOTE: OpenPGP-related issue
 	NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-2
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/5140422e0d7319a8e2fe07f02cbcafc4d6538732
-CVE-2017-5335
+CVE-2017-5335 (The stream reading functions in lib/opencdk/read-packet.c in GnuTLS be ...)
 	- gnutls28 3.5.8-1
 	[jessie] - gnutls28 3.3.8-6+deb8u5
 	- gnutls26 <removed>
@@ -38795,44 +38795,44 @@ CVE-2017-5335
 	NOTE: OpenPGP-related issue
 	NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-2
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/49be4f7b82eba2363bb8d4090950dad976a77a3a
-CVE-2017-5334
+CVE-2017-5334 (Double free vulnerability in the gnutls_x509_ext_import_proxy function ...)
 	- gnutls28 3.5.8-1
 	[jessie] - gnutls28 3.3.8-6+deb8u5
 	NOTE: https://gnutls.org/security.html#GNUTLS-SA-2017-1
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/c5aaa488a3d6df712dc8dff23a049133cab5ec1b
-CVE-2017-5330
+CVE-2017-5330 (ark before 16.12.1 might allow remote attackers to execute arbitrary c ...)
 	- ark 4:16.08.3-2 (bug #850874)
 	[jessie] - ark <not-affected> (Vulnerable code introduced later)
 	[wheezy] - ark <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://cgit.kde.org/ark.git/commit/?id=82fdfd24d46966a117fa625b68784735a40f9065
 	NOTE: "Open File" action introduced in  https://cgit.kde.org/ark.git/commit/?id=f1cf10f25af245823f81b8ff457a04c7593dede7 (v15.11.80)
-CVE-2017-5226
+CVE-2017-5226 (When executing a program via the bubblewrap sandbox, the nonpriv sessi ...)
 	- bubblewrap 0.1.5-2 (bug #850702)
 	NOTE: https://github.com/projectatomic/bubblewrap/issues/142
-CVE-2017-5207
+CVE-2017-5207 (Firejail before 0.9.44.4, when running a bandwidth command, allows loc ...)
 	- firejail 0.9.44.4-1 (bug #850528)
 	NOTE: https://github.com/netblue30/firejail/issues/1023
 	NOTE: Fixed by: https://github.com/netblue30/firejail/commit/5d43fdcd215203868d440ffc42036f5f5ffc89fc
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/07/3
-CVE-2017-5206
+CVE-2017-5206 (Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, a ...)
 	- firejail 0.9.44.4-1 (bug #850558)
 	NOTE: Fixed by: https://github.com/netblue30/firejail/commit/6b8dba29d73257311564ee7f27b9b14758cc693e
-CVE-2017-5199
+CVE-2017-5199 (The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allo ...)
 	NOT-FOR-US: SolarWinds LEM
-CVE-2017-5198
+CVE-2017-5198 (SolarWinds LEM (aka SIEM) before 6.3.1 has an incorrect sudo configura ...)
 	NOT-FOR-US: SolarWinds LEM
-CVE-2017-5197
+CVE-2017-5197 (There is XSS in SilverStripe CMS before 3.4.4 and 3.5.x before 3.5.2.  ...)
 	NOT-FOR-US: SilverStripe
-CVE-2017-5192
+CVE-2017-5192 (When using the local_batch client from salt-api in SaltStack Salt befo ...)
 	- salt 2016.11.2+ds-1
 	[jessie] - salt <not-affected> (Vulnerable code not present)
-CVE-2017-5191
+CVE-2017-5191 (An XSS vulnerability on the /NAGErrors URI in NetIQ Access Manager 4.2 ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2017-5190
+CVE-2017-5190 (NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when c ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2017-5189
+CVE-2017-5189 (NetIQ iManager before 3.0.3 delivered a SSL private key in a Java appl ...)
 	NOT-FOR-US: NetIQ iManager
-CVE-2017-5188
+CVE-2017-5188 (The bs_worker code in open build service before 20170320 followed rela ...)
 	- open-build-service 2.7.4-3 (low; bug #900133)
 	[stretch] - open-build-service <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/openSUSE/open-build-service/commit/00ec3c6f4132422f00d5c15e854755c331ef1661 (2.7.x)
@@ -38841,160 +38841,160 @@ CVE-2017-5188
 	NOTE: it might be wise to disallow as well other types (devices, sockets,
 	NOTE: directories, symlinks, ...) and needs:
 	NOTE: https://github.com/openSUSE/open-build-service/commit/ba27c91351878bc297ec4baba0bd488a2f3b568d
-CVE-2017-5187
+CVE-2017-5187 (A Cross-Site Request Forgery (CWE-352) vulnerability in Directory Serv ...)
 	NOT-FOR-US: Micro Focus
-CVE-2017-5186
+CVE-2017-5186 (Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0. ...)
 	NOT-FOR-US: Novell iManager
-CVE-2017-5185
+CVE-2017-5185 (A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0 ...)
 	NOT-FOR-US: NetIQ Sentinel
-CVE-2017-5184
+CVE-2017-5184 (A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0 ...)
 	NOT-FOR-US: NetIQ Sentinel
-CVE-2017-5183
+CVE-2017-5183 (NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2017-5182
+CVE-2017-5182 (Remote Manager in Open Enterprise Server (OES) allows unauthenticated  ...)
 	NOT-FOR-US: Open Enterprise Server
 CVE-2017-5181
 	REJECTED
-CVE-2017-5196
+CVE-2017-5196 (Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial o ...)
 	- irssi 0.8.21-1 (bug #850403)
 	[jessie] - irssi <not-affected> (Affects only 0.8.18 and later)
 	[wheezy] - irssi <not-affected> (Affects only 0.8.18 and later)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
 	NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
 	NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
-CVE-2017-5195
+CVE-2017-5195 (Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial o ...)
 	- irssi 0.8.21-1 (bug #850403)
 	[jessie] - irssi 0.8.17-1+deb8u3
 	[wheezy] - irssi <not-affected> (Affects only 0.8.17 and later)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
 	NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
 	NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
-CVE-2017-5194
+CVE-2017-5194 (Use-after-free vulnerability in Irssi before 0.8.21 allows remote atta ...)
 	{DLA-1217-1}
 	- irssi 0.8.21-1 (bug #850403)
 	[jessie] - irssi 0.8.17-1+deb8u3
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
 	NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
 	NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
-CVE-2017-5193
+CVE-2017-5193 (The nickcmp function in Irssi before 0.8.21 allows remote attackers to ...)
 	{DLA-1217-1}
 	- irssi 0.8.21-1 (bug #850403)
 	[jessie] - irssi 0.8.17-1+deb8u3
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
 	NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
 	NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
-CVE-2017-5179
+CVE-2017-5179 (Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9. ...)
 	NOT-FOR-US: Nessus
-CVE-2017-5178
+CVE-2017-5178 (An issue was discovered in Schneider Electric Tableau Server/Desktop V ...)
 	NOT-FOR-US: Schneider
-CVE-2017-5177
+CVE-2017-5177 (A Stack Buffer Overflow issue was discovered in VIPA Controls WinPLC7  ...)
 	NOT-FOR-US: VIPA Controls WinPLC7
-CVE-2017-5176
+CVE-2017-5176 (A DLL Hijack issue was discovered in Rockwell Automation Connected Com ...)
 	NOT-FOR-US: Rockwell Automation Connected Components Workbench
-CVE-2017-5175
+CVE-2017-5175 (Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerabi ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-5174
+CVE-2017-5174 (An Authentication Bypass issue was discovered in Geutebruck IP Camera  ...)
 	NOT-FOR-US: Geutebruck IP Camera G-Cam/EFD-2250
-CVE-2017-5173
+CVE-2017-5173 (An Improper Neutralization of Special Elements (in an OS command) issu ...)
 	NOT-FOR-US: Geutebruck IP Camera G-Cam/EFD-2250
 CVE-2017-5172
 	RESERVED
 CVE-2017-5171
 	RESERVED
-CVE-2017-5170
+CVE-2017-5170 (An Uncontrolled Search Path Element issue was discovered in Moxa SoftN ...)
 	NOT-FOR-US: Moxa
-CVE-2017-5169
+CVE-2017-5169 (An issue was discovered in Hanwha Techwin Smart Security Manager Versi ...)
 	NOT-FOR-US: Hanwha Techwin
-CVE-2017-5168
+CVE-2017-5168 (An issue was discovered in Hanwha Techwin Smart Security Manager Versi ...)
 	NOT-FOR-US: Hanwha Techwin
-CVE-2017-5167
+CVE-2017-5167 (An issue was discovered in BINOM3 Universal Multifunctional Electric P ...)
 	NOT-FOR-US: BINOM3
-CVE-2017-5166
+CVE-2017-5166 (An issue was discovered in BINOM3 Universal Multifunctional Electric P ...)
 	NOT-FOR-US: BINOM3
-CVE-2017-5165
+CVE-2017-5165 (An issue was discovered in BINOM3 Universal Multifunctional Electric P ...)
 	NOT-FOR-US: BINOM3
-CVE-2017-5164
+CVE-2017-5164 (An issue was discovered in BINOM3 Universal Multifunctional Electric P ...)
 	NOT-FOR-US: BINOM3
-CVE-2017-5163
+CVE-2017-5163 (An issue was discovered in Belden Hirschmann GECKO Lite Managed switch ...)
 	NOT-FOR-US: Belden Hirschmann
-CVE-2017-5162
+CVE-2017-5162 (An issue was discovered in BINOM3 Universal Multifunctional Electric P ...)
 	NOT-FOR-US: BINOM3
-CVE-2017-5161
+CVE-2017-5161 (An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software,  ...)
 	NOT-FOR-US: Sielco Sistemi
-CVE-2017-5160
+CVE-2017-5160 (An Inadequate Encryption Strength issue was discovered in Schneider El ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-5159
+CVE-2017-5159 (An issue was discovered on Phoenix Contact mGuard devices that have be ...)
 	NOT-FOR-US: Phoenix Contact mGuard
-CVE-2017-5158
+CVE-2017-5158 (An Information Exposure issue was discovered in Schneider Electric Won ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-5157
+CVE-2017-5157 (An issue was discovered in Schneider Electric homeLYnk Controller, LSS ...)
 	NOT-FOR-US: Schneider
-CVE-2017-5156
+CVE-2017-5156 (A Cross-Site Request Forgery issue was discovered in Schneider Electri ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2017-5155
+CVE-2017-5155 (An issue was discovered in Schneider Electric Wonderware Historian 201 ...)
 	NOT-FOR-US: Schneider
-CVE-2017-5154
+CVE-2017-5154 (An issue was discovered in Advantech WebAccess Version 8.1. To be able ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-5153
+CVE-2017-5153 (An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier ve ...)
 	NOT-FOR-US: OSIsoft PI Coresight
-CVE-2017-5152
+CVE-2017-5152 (An issue was discovered in Advantech WebAccess Version 8.1. By accessi ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2017-5151
+CVE-2017-5151 (An issue was discovered in VideoInsight Web Client Version 6.3.5.11 an ...)
 	NOT-FOR-US: VideoInsight Web Client
 CVE-2017-5150
 	RESERVED
-CVE-2017-5149
+CVE-2017-5149 (An issue was discovered in St. Jude Medical Merlin@home, versions prio ...)
 	NOT-FOR-US: St. Jude Medical Merlin@home
 CVE-2017-5148
 	RESERVED
-CVE-2017-5147
+CVE-2017-5147 (An Uncontrolled Search Path Element issue was discovered in AzeoTech D ...)
 	NOT-FOR-US: AzeoTech DAQFactory
-CVE-2017-5146
+CVE-2017-5146 (An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Ve ...)
 	NOT-FOR-US: Carlo Gavazzi
-CVE-2017-5145
+CVE-2017-5145 (An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Ve ...)
 	NOT-FOR-US: Carlo Gavazzi
-CVE-2017-5144
+CVE-2017-5144 (An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Ve ...)
 	NOT-FOR-US: Carlo Gavazzi
-CVE-2017-5143
+CVE-2017-5143 (An issue was discovered in Honeywell XL Web II controller XL1000C500 X ...)
 	NOT-FOR-US: Honeywell
-CVE-2017-5142
+CVE-2017-5142 (An issue was discovered in Honeywell XL Web II controller XL1000C500 X ...)
 	NOT-FOR-US: Honeywell
-CVE-2017-5141
+CVE-2017-5141 (An issue was discovered in Honeywell XL Web II controller XL1000C500 X ...)
 	NOT-FOR-US: Honeywell
-CVE-2017-5140
+CVE-2017-5140 (An issue was discovered in Honeywell XL Web II controller XL1000C500 X ...)
 	NOT-FOR-US: Honeywell
-CVE-2017-5139
+CVE-2017-5139 (An issue was discovered in Honeywell XL Web II controller XL1000C500 X ...)
 	NOT-FOR-US: Honeywell
 CVE-2017-5138
 	RESERVED
-CVE-2017-5137
+CVE-2017-5137 (An issue was discovered on SendQuick Entera and Avera devices before 2 ...)
 	NOT-FOR-US: SendQuick Entera and Avera devices
-CVE-2017-5136
+CVE-2017-5136 (An issue was discovered on SendQuick Entera and Avera devices before 2 ...)
 	NOT-FOR-US: SendQuick Entera and Avera devices
-CVE-2017-5180
+CVE-2017-5180 (Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not ...)
 	- firejail 0.9.44.2-3 (bug #850160)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/04/1
 	NOTE: https://github.com/netblue30/firejail/issues/1020
-CVE-2017-5135
+CVE-2017-5135 (Certain Technicolor devices have an SNMP access-control bypass, possib ...)
 	NOT-FOR-US: Technicolor
 CVE-2017-5134
 	RESERVED
-CVE-2017-5133
+CVE-2017-5133 (Off-by-one read/write on the heap in Blink in Google Chrome prior to 6 ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5132
+CVE-2017-5132 (Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202 ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5131
+CVE-2017-5131 (An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 all ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5130
+CVE-2017-5130 (An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in ...)
 	{DLA-1188-1}
 	- libxml2 2.9.4+dfsg1-5.1 (bug #880000)
 	[stretch] - libxml2 <no-dsa> (Minor issue)
@@ -39007,32 +39007,32 @@ CVE-2017-5130
 	NOTE: with --maxmem. Similar issue for xmlMallocLoc and xmlReallocLoc.
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed
 	NOTE: Needs follow up: https://git.gnome.org/browse/libxml2/commit/?id=ed48d65b4d6c5cec7be035ad5eebeba873b4b955
-CVE-2017-5129
+CVE-2017-5129 (A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3 ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5128
+CVE-2017-5128 (Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 a ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5127
+CVE-2017-5127 (Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowe ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5126
+CVE-2017-5126 (A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allo ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5125
+CVE-2017-5125 (Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 al ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5124
+CVE-2017-5124 (Incorrect application of sandboxing in Blink in Google Chrome prior to ...)
 	{DSA-4020-1}
 	- chromium-browser 62.0.3202.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -39044,434 +39044,434 @@ CVE-2017-5123 [waitid() not calling access_ok()]
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/96ca579a1ecc943b75beba58bebb0356f6cc4b51
-CVE-2017-5122
+CVE-2017-5122 (Inappropriate use of table size handling in V8 in Google Chrome prior  ...)
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5121
+CVE-2017-5121 (Inappropriate use of JIT optimisation in V8 in Google Chrome prior to  ...)
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5120
+CVE-2017-5120 (Inappropriate use of www mismatch redirects in browser navigation in G ...)
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5119
+CVE-2017-5119 (Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3 ...)
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5118
+CVE-2017-5118 (Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Lin ...)
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5117
+CVE-2017-5117 (Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3 ...)
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5116
+CVE-2017-5116 (Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, W ...)
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5115
+CVE-2017-5115 (Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Window ...)
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5114
+CVE-2017-5114 (Inappropriate use of partition alloc in PDFium in Google Chrome prior  ...)
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5113
+CVE-2017-5113 (Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac,  ...)
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5112
+CVE-2017-5112 (Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 f ...)
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5111
+CVE-2017-5111 (A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for  ...)
 	{DSA-3985-1}
 	- chromium-browser 61.0.3163.100-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5110
+CVE-2017-5110 (Inappropriate implementation of the web payments API on blob: and data ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5109
+CVE-2017-5109 (Inappropriate implementation of unload handler handling in permission  ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5108
+CVE-2017-5108 (Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Ma ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5107
+CVE-2017-5107 (A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.7 ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5106
+CVE-2017-5106 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 6 ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5105
+CVE-2017-5105 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 6 ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5104
+CVE-2017-5104 (Inappropriate implementation in interstitials in Google Chrome prior t ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5103
+CVE-2017-5103 (Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3 ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5102
+CVE-2017-5102 (Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3 ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5101
+CVE-2017-5101 (Inappropriate implementation in Omnibox in Google Chrome prior to 60.0 ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5100
+CVE-2017-5100 (A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Wi ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5099
+CVE-2017-5099 (Insufficient validation of untrusted input in PPAPI Plugins in Google  ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5098
+CVE-2017-5098 (A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5097
+CVE-2017-5097 (Insufficient validation of untrusted input in Skia in Google Chrome pr ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5096
+CVE-2017-5096 (Insufficient policy enforcement during navigation between different sc ...)
 	- chromium-browser <not-affected> (Android-specific)
-CVE-2017-5095
+CVE-2017-5095 (Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Li ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5094
+CVE-2017-5094 (Type confusion in extensions JavaScript bindings in Google Chrome prio ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5093
+CVE-2017-5093 (Inappropriate implementation in modal dialog handling in Blink in Goog ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5092
+CVE-2017-5092 (Insufficient validation of untrusted input in PPAPI Plugins in Google  ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5091
+CVE-2017-5091 (A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 f ...)
 	{DSA-3926-1}
 	- chromium-browser 60.0.3112.78-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5090
+CVE-2017-5090 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 5 ...)
 	- chromium-browser <not-affected> (Chrome on Mac)
-CVE-2017-5089
+CVE-2017-5089 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 5 ...)
 	{DSA-3926-1}
 	- chromium-browser 59.0.3071.104-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5088
+CVE-2017-5088 (Insufficient validation of untrusted input in V8 in Google Chrome prio ...)
 	{DSA-3926-1}
 	- chromium-browser 59.0.3071.104-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5087
+CVE-2017-5087 (A use after free in Blink in Google Chrome prior to 59.0.3071.104 for  ...)
 	{DSA-3926-1}
 	- chromium-browser 59.0.3071.104-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5086
+CVE-2017-5086 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 5 ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5085
+CVE-2017-5085 (Inappropriate implementation in Bookmarks in Google Chrome prior to 59 ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5084
+CVE-2017-5084 (Inappropriate implementation in image-burner in Google Chrome OS prior ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5083
+CVE-2017-5083 (Inappropriate implementation in Blink in Google Chrome prior to 59.0.3 ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5082
+CVE-2017-5082 (Failure to take advantage of available mitigations in credit card auto ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5081
+CVE-2017-5081 (Lack of verification of an extension's locale folder in Google Chrome  ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5080
+CVE-2017-5080 (A use after free in credit card autofill in Google Chrome prior to 59. ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5079
+CVE-2017-5079 (Inappropriate implementation in Blink in Google Chrome prior to 59.0.3 ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5078
+CVE-2017-5078 (Insufficient validation of untrusted input in Blink's mailto: handling ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5077
+CVE-2017-5077 (Insufficient validation of untrusted input in Skia in Google Chrome pr ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5076
+CVE-2017-5076 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 5 ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5075
+CVE-2017-5075 (Inappropriate implementation in CSP reporting in Blink in Google Chrom ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5074
+CVE-2017-5074 (A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5073
+CVE-2017-5073 (Use after free in print preview in Blink in Google Chrome prior to 59. ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5072
+CVE-2017-5072 (Inappropriate implementation in Omnibox in Google Chrome prior to 59.0 ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5071
+CVE-2017-5071 (Insufficient validation of untrusted input in V8 in Google Chrome prio ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5070
+CVE-2017-5070 (Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, ...)
 	- chromium-browser 59.0.3071.86-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5069
+CVE-2017-5069 (Incorrect MIME type of XSS-Protection reports in Blink in Google Chrom ...)
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5068
+CVE-2017-5068 (Incorrect handling of picture ID in WebRTC in Google Chrome prior to 5 ...)
 	- chromium-browser 58.0.3029.96-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5067
+CVE-2017-5067 (An insufficient watchdog timer in navigation in Google Chrome prior to ...)
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5066
+CVE-2017-5066 (Insufficient consistency checks in signature handling in the networkin ...)
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5065
+CVE-2017-5065 (Lack of an appropriate action on page navigation in Blink in Google Ch ...)
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5064
+CVE-2017-5064 (Incorrect handling of DOM changes in Blink in Google Chrome prior to 5 ...)
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5063
+CVE-2017-5063 (A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for  ...)
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5062
+CVE-2017-5062 (A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 ...)
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5061
+CVE-2017-5061 (A race condition in navigation in Google Chrome prior to 58.0.3029.81  ...)
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5060
+CVE-2017-5060 (Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 5 ...)
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5059
+CVE-2017-5059 (Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Lin ...)
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5058
+CVE-2017-5058 (A use after free in PrintPreview in Google Chrome prior to 58.0.3029.8 ...)
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5057
+CVE-2017-5057 (Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Ma ...)
 	- chromium-browser 58.0.3029.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5056
+CVE-2017-5056 (A use after free in Blink in Google Chrome prior to 57.0.2987.133 for  ...)
 	- chromium-browser 57.0.2987.133-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5055
+CVE-2017-5055 (A use after free in printing in Google Chrome prior to 57.0.2987.133 f ...)
 	- chromium-browser 57.0.2987.133-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5054
+CVE-2017-5054 (An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 fo ...)
 	- chromium-browser 57.0.2987.133-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5053
+CVE-2017-5053 (An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 fo ...)
 	- chromium-browser 57.0.2987.133-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5052
+CVE-2017-5052 (An incorrect assumption about block structure in Blink in Google Chrom ...)
 	- chromium-browser 57.0.2987.133-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5051
+CVE-2017-5051 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 f ...)
 	- chromium-browser 57.0.2987.98-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://codereview.chromium.org/2654913002
-CVE-2017-5050
+CVE-2017-5050 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 f ...)
 	- chromium-browser 57.0.2987.98-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://codereview.chromium.org/2654913002
-CVE-2017-5049
+CVE-2017-5049 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 f ...)
 	- chromium-browser 57.0.2987.98-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://codereview.chromium.org/2654913002
-CVE-2017-5048
+CVE-2017-5048 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 f ...)
 	- chromium-browser 57.0.2987.98-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://codereview.chromium.org/2654913002
-CVE-2017-5047
+CVE-2017-5047 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 f ...)
 	- chromium-browser 57.0.2987.98-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	NOTE: https://codereview.chromium.org/2654913002
-CVE-2017-5046
+CVE-2017-5046 (V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux  ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5045
+CVE-2017-5045 (XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, a ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5044
+CVE-2017-5044 (Heap buffer overflow in filter processing in Skia in Google Chrome pri ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5043
+CVE-2017-5043 (Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5042
+CVE-2017-5042 (Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linu ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5041
+CVE-2017-5041 (Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward  ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5040
+CVE-2017-5040 (V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux  ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5039
+CVE-2017-5039 (A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for  ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5038
+CVE-2017-5038 (Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5037
+CVE-2017-5037 (An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 f ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5036
+CVE-2017-5036 (A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for  ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5035
+CVE-2017-5035 (Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race con ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5034
+CVE-2017-5034 (A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for  ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5033
+CVE-2017-5033 (Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Lin ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5032
+CVE-2017-5032 (PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be mad ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5031
+CVE-2017-5031 (A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for W ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5030
+CVE-2017-5030 (Incorrect handling of complex species in V8 in Google Chrome prior to  ...)
 	{DSA-3810-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5029
+CVE-2017-5029 (The xsltAddTextString function in transform.c in libxslt 1.1.29, as us ...)
 	{DSA-3810-1 DLA-866-1}
 	- chromium-browser 57.0.2987.98-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
@@ -39480,99 +39480,99 @@ CVE-2017-5029
 	NOTE: Upstream fix in libxslt: https://git.gnome.org/browse/libxslt/commit/?id=08ab2774b870de1c7b5a48693df75e8154addae5
 CVE-2017-5028
 	RESERVED
-CVE-2017-5027
+CVE-2017-5027 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Ma ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5026
+CVE-2017-5026 (Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5025
+CVE-2017-5025 (FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and M ...)
 	{DSA-3776-1}
 	- chromium-browser 44.0.2403.157-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- ffmpeg 7:3.2.4-1
-CVE-2017-5024
+CVE-2017-5024 (FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and M ...)
 	{DSA-3776-1}
 	- chromium-browser 44.0.2403.157-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- ffmpeg 7:3.2.4-1
-CVE-2017-5023
+CVE-2017-5023 (Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5022
+CVE-2017-5022 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Ma ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5021
+CVE-2017-5021 (A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Win ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5020
+CVE-2017-5020 (Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56 ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5019
+CVE-2017-5019 (A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Win ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5018
+CVE-2017-5018 (Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56 ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5017
+CVE-2017-5017 (Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Ma ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5016
+CVE-2017-5016 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Ma ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5015
+CVE-2017-5015 (Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56 ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5014
+CVE-2017-5014 (Heap buffer overflow during image processing in Skia in Google Chrome  ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5013
+CVE-2017-5013 (Google Chrome prior to 56.0.2924.76 for Linux incorrectly handled new  ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5012
+CVE-2017-5012 (A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 fo ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2017-5011
+CVE-2017-5011 (Google Chrome prior to 56.0.2924.76 for Windows insufficiently sanitiz ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5010
+CVE-2017-5010 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Ma ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5009
+CVE-2017-5009 (WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and M ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5008
+CVE-2017-5008 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Ma ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5007
+CVE-2017-5007 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Ma ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5006
+CVE-2017-5006 (Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Ma ...)
 	{DSA-3776-1}
 	- chromium-browser 56.0.2924.76-3
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-5005
+CVE-2017-5005 (Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 ...)
 	NOT-FOR-US: Quickheal
 CVE-2017-5333
 	RESERVED
@@ -39598,119 +39598,119 @@ CVE-2017-5331 [make check_offset more stringent]
 	- icoutils 0.31.1-1
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=4fbe9222fd79ee31b7ec031b0be070a9a400d1d3
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/10/4
-CVE-2017-5208
+CVE-2017-5208 (Integer overflow in the wrestool program in icoutils before 0.31.1 all ...)
 	{DSA-3756-1 DLA-789-1}
 	- icoutils 0.31.0-4 (bug #850017)
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=0d569f458f306b88f60156d60c9cf058125cf173
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/08/1
-CVE-2017-5340
+CVE-2017-5340 (Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandle ...)
 	- php7.1 7.1.1-1 (bug #852022)
 	- php7.0 7.0.15-1 (bug #850158)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73832
 	NOTE: Fixed in PHP 7.1.1, 7.0.15
-CVE-2017-5004
+CVE-2017-5004 (EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all p ...)
 	NOT-FOR-US: RSA Identity Governance and Lifecycle
-CVE-2017-5003
+CVE-2017-5003 (EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all p ...)
 	NOT-FOR-US: RSA Identity Governance and Lifecycle
-CVE-2017-5002
+CVE-2017-5002 (EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is ...)
 	NOT-FOR-US: EMC
-CVE-2017-5001
+CVE-2017-5001 (EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is ...)
 	NOT-FOR-US: EMC
-CVE-2017-5000
+CVE-2017-5000 (EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is ...)
 	NOT-FOR-US: EMC
-CVE-2017-4999
+CVE-2017-4999 (EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is ...)
 	NOT-FOR-US: EMC
-CVE-2017-4998
+CVE-2017-4998 (EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is ...)
 	NOT-FOR-US: EMC
-CVE-2017-4997
+CVE-2017-4997 (EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an un ...)
 	NOT-FOR-US: EMC
 CVE-2017-4996
 	REJECTED
-CVE-2017-4995
+CVE-2017-4995 (An issue was discovered in Pivotal Spring Security 4.2.0.RELEASE throu ...)
 	- libspring-security-java <itp> (bug #582181)
 	NOTE: https://pivotal.io/security/cve-2017-4995
-CVE-2017-4994
+CVE-2017-4994 (An issue was discovered in Cloud Foundry Foundation cf-release version ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2017-4993
 	REJECTED
-CVE-2017-4992
+CVE-2017-4992 (An issue was discovered in Cloud Foundry Foundation cf-release version ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4991
+CVE-2017-4991 (An issue was discovered in Cloud Foundry Foundation cf-release version ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4990
+CVE-2017-4990 (In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-23 ...)
 	NOT-FOR-US: EMC
-CVE-2017-4989
+CVE-2017-4989 (In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-3 ...)
 	NOT-FOR-US: EMC
-CVE-2017-4988
+CVE-2017-4988 (EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is a ...)
 	NOT-FOR-US: EMC
-CVE-2017-4987
+CVE-2017-4987 (In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions  ...)
 	NOT-FOR-US: EMC
-CVE-2017-4986
+CVE-2017-4986 (EMC ESRS VE 3.18 or earlier contains Authentication Bypass that could  ...)
 	NOT-FOR-US: EMC
-CVE-2017-4985
+CVE-2017-4985 (In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions  ...)
 	NOT-FOR-US: EMC
-CVE-2017-4984
+CVE-2017-4984 (In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions  ...)
 	NOT-FOR-US: EMC
-CVE-2017-4983
+CVE-2017-4983 (EMC Data Domain OS 5.2 through 5.7 before 5.7.3.0 and 6.0 before 6.0.1 ...)
 	NOT-FOR-US: EMC Data Domain OS
-CVE-2017-4982
+CVE-2017-4982 (EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1 ...)
 	NOT-FOR-US: EMC Mainframe
-CVE-2017-4981
+CVE-2017-4981 (EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper cert ...)
 	NOT-FOR-US: EMC
-CVE-2017-4980
+CVE-2017-4980 (EMC Isilon OneFS is affected by a path traversal vulnerability that ma ...)
 	NOT-FOR-US: EMC
-CVE-2017-4979
+CVE-2017-4979 (EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2 ...)
 	NOT-FOR-US: EMC
-CVE-2017-4978
+CVE-2017-4978 (EMC RSA Adaptive Authentication (On-Premise) versions prior to 7.3 P2  ...)
 	NOT-FOR-US: EMC
-CVE-2017-4977
+CVE-2017-4977 (EMC RSA Archer Security Operations Management with RSA Unified Collect ...)
 	NOT-FOR-US: EMC
-CVE-2017-4976
+CVE-2017-4976 (EMC ESRS Policy Manager prior to 6.8 contains an undocumented account  ...)
 	NOT-FOR-US: EMC
-CVE-2017-4975
+CVE-2017-4975 (An issue was discovered in Pivotal PCF Tile Generator versions prior t ...)
 	NOT-FOR-US: Pivotal PCF Tile Generator
-CVE-2017-4974
+CVE-2017-4974 (An issue was discovered in Cloud Foundry Foundation cf-release version ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4973
+CVE-2017-4973 (An issue was discovered in Cloud Foundry Foundation cf-release version ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4972
+CVE-2017-4972 (An issue was discovered in Cloud Foundry Foundation cf-release version ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4971
+CVE-2017-4971 (An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Appl ...)
 	NOT-FOR-US: Spring Web Flow
-CVE-2017-4970
+CVE-2017-4970 (An issue was discovered in Cloud Foundry Foundation cf-release v255 an ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4969
+CVE-2017-4969 (The Cloud Controller in Cloud Foundry cf-release versions prior to v25 ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2017-4968
 	REJECTED
-CVE-2017-4967
+CVE-2017-4967 (An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x  ...)
 	- rabbitmq-server 3.6.10-1 (low; bug #863586)
 	[stretch] - rabbitmq-server <no-dsa> (Minor issue)
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	[wheezy] - rabbitmq-server <no-dsa> (Minor issue)
-CVE-2017-4966
+CVE-2017-4966 (An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x  ...)
 	- rabbitmq-server 3.6.10-1 (low; bug #863586)
 	[stretch] - rabbitmq-server <no-dsa> (Minor issue)
 	[jessie] - rabbitmq-server <not-affected> (Vulnerable code introduced later)
 	[wheezy] - rabbitmq-server <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://github.com/rabbitmq/rabbitmq-management/commit/2371633f99ad0d293899384f078872ff9e9f3e10 (rabbitmq_v3_6_9)
 	NOTE: Introduced by: https://github.com/rabbitmq/rabbitmq-management/commit/ced47b0bdca862a58e8f31833643e948655f8368 (rabbitmq_v3_4_0)
-CVE-2017-4965
+CVE-2017-4965 (An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x  ...)
 	- rabbitmq-server 3.6.10-1 (low; bug #863586)
 	[stretch] - rabbitmq-server <no-dsa> (Minor issue)
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	[wheezy] - rabbitmq-server <no-dsa> (Minor issue)
-CVE-2017-4964
+CVE-2017-4964 (Cloud Foundry Foundation BOSH Azure CPI v22 could potentially allow a  ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4963
+CVE-2017-4963 (An issue was discovered in Cloud Foundry Foundation Cloud Foundry rele ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2017-4962
 	REJECTED
-CVE-2017-4961
+CVE-2017-4961 (An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4960
+CVE-2017-4960 (An issue was discovered in Cloud Foundry release v247 through v252, UA ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2017-4959
+CVE-2017-4959 (An issue was discovered in Pivotal PCF Elastic Runtime 1.8.x versions  ...)
 	NOT-FOR-US: Pivotal PCF Elastic Runtime
 CVE-2017-4958
 	REJECTED
@@ -39718,127 +39718,127 @@ CVE-2017-4957
 	REJECTED
 CVE-2017-4956
 	REJECTED
-CVE-2017-4955
+CVE-2017-4955 (An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions  ...)
 	NOT-FOR-US: Pivotal PCF Elastic Runtime
 CVE-2017-4954
 	RESERVED
 CVE-2017-4953
 	RESERVED
-CVE-2017-4952
+CVE-2017-4952 (VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 1.3.7-CR ...)
 	NOT-FOR-US: VMware Xenon
-CVE-2017-4951
+CVE-2017-4951 (VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) co ...)
 	NOT-FOR-US: VMware AirWatch Console
-CVE-2017-4950
+CVE-2017-4950 (VMware Workstation and Fusion contain an integer overflow vulnerabilit ...)
 	NOT-FOR-US: VMware
-CVE-2017-4949
+CVE-2017-4949 (VMware Workstation and Fusion contain a use-after-free vulnerability i ...)
 	NOT-FOR-US: VMware
-CVE-2017-4948
+CVE-2017-4948 (VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Clie ...)
 	NOT-FOR-US: VMware
-CVE-2017-4947
+CVE-2017-4947 (VMware Realize Automation (7.3 and 7.2) and vSphere Integrated Contain ...)
 	NOT-FOR-US: VMware Realize Automation
-CVE-2017-4946
+CVE-2017-4946 (The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a pr ...)
 	NOT-FOR-US: VMware
-CVE-2017-4945
+CVE-2017-4945 (VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a ...)
 	NOT-FOR-US: VMware
 CVE-2017-4944
 	RESERVED
-CVE-2017-4943
+CVE-2017-4943 (VMware vCenter Server Appliance (vCSA) (6.5 before 6.5 U1d) contains a ...)
 	NOT-FOR-US: VMware
-CVE-2017-4942
+CVE-2017-4942 (VMware AirWatch Console (AWC) contains a Broken Access Control vulnera ...)
 	NOT-FOR-US: VMware
-CVE-2017-4941
+CVE-2017-4941 (VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG ...)
 	NOT-FOR-US: VMware
-CVE-2017-4940
+CVE-2017-4940 (The ESXi Host Client in VMware ESXi (6.5 before ESXi650-201712103-SG,  ...)
 	NOT-FOR-US: VMware
-CVE-2017-4939
+CVE-2017-4939 (VMware Workstation (12.x before 12.5.8) installer contains a DLL hijac ...)
 	NOT-FOR-US: VMware
-CVE-2017-4938
+CVE-2017-4938 (VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9)  ...)
 	NOT-FOR-US: VMware
-CVE-2017-4937
+CVE-2017-4937 (VMware Workstation (12.x before 12.5.8) and Horizon View Client for Wi ...)
 	NOT-FOR-US: VMware
-CVE-2017-4936
+CVE-2017-4936 (VMware Workstation (12.x before 12.5.8) and Horizon View Client for Wi ...)
 	NOT-FOR-US: VMware
-CVE-2017-4935
+CVE-2017-4935 (VMware Workstation (12.x before 12.5.8) and Horizon View Client for Wi ...)
 	NOT-FOR-US: VMware
-CVE-2017-4934
+CVE-2017-4934 (VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9)  ...)
 	NOT-FOR-US: VMware
-CVE-2017-4933
+CVE-2017-4933 (VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x befor ...)
 	NOT-FOR-US: VMware
-CVE-2017-4932
+CVE-2017-4932 (VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnera ...)
 	NOT-FOR-US: VMware
-CVE-2017-4931
+CVE-2017-4931 (VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability th ...)
 	NOT-FOR-US: VMware
-CVE-2017-4930
+CVE-2017-4930 (VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability th ...)
 	NOT-FOR-US: VMware
-CVE-2017-4929
+CVE-2017-4929 (VMware NSX Edge (6.2.x before 6.2.9 and 6.3.x before 6.3.5) contains a ...)
 	NOT-FOR-US: VMware
-CVE-2017-4928
+CVE-2017-4928 (The flash-based vSphere Web Client (6.0 prior to 6.0 U3c and 5.5 prior ...)
 	NOT-FOR-US: VMware
-CVE-2017-4927
+CVE-2017-4927 (VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) d ...)
 	NOT-FOR-US: VMware
-CVE-2017-4926
+CVE-2017-4926 (VMware vCenter Server (6.5 prior to 6.5 U1) contains a vulnerability t ...)
 	NOT-FOR-US: VMware
-CVE-2017-4925
+CVE-2017-4925 (VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without p ...)
 	NOT-FOR-US: VMware
-CVE-2017-4924
+CVE-2017-4924 (VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation ...)
 	NOT-FOR-US: VMware
-CVE-2017-4923
+CVE-2017-4923 (VMware vCenter Server (6.5 prior to 6.5 U1) contains an information di ...)
 	NOT-FOR-US: VMware
-CVE-2017-4922
+CVE-2017-4922 (VMware vCenter Server (6.5 prior to 6.5 U1) contains an information di ...)
 	NOT-FOR-US: VMware
-CVE-2017-4921
+CVE-2017-4921 (VMware vCenter Server (6.5 prior to 6.5 U1) contains an insecure libra ...)
 	NOT-FOR-US: VMware
-CVE-2017-4920
+CVE-2017-4920 (The implementation of the OSPF protocol in VMware NSX-V Edge 6.2.x pri ...)
 	NOT-FOR-US: VMware
-CVE-2017-4919
+CVE-2017-4919 (VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, ...)
 	NOT-FOR-US: VMware vCenter Server
-CVE-2017-4918
+CVE-2017-4918 (VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains  ...)
 	NOT-FOR-US: VMware
-CVE-2017-4917
+CVE-2017-4917 (VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x lo ...)
 	NOT-FOR-US: VMware
-CVE-2017-4916
+CVE-2017-4916 (VMware Workstation Pro/Player contains a NULL pointer dereference vuln ...)
 	NOT-FOR-US: VMware
-CVE-2017-4915
+CVE-2017-4915 (VMware Workstation Pro/Player contains an insecure library loading vul ...)
 	NOT-FOR-US: VMware
-CVE-2017-4914
+CVE-2017-4914 (VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x co ...)
 	NOT-FOR-US: VMware
-CVE-2017-4913
+CVE-2017-4913 (VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x ...)
 	NOT-FOR-US: VMware
-CVE-2017-4912
+CVE-2017-4912 (VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x ...)
 	NOT-FOR-US: VMware
-CVE-2017-4911
+CVE-2017-4911 (VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x ...)
 	NOT-FOR-US: VMware
-CVE-2017-4910
+CVE-2017-4910 (VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x ...)
 	NOT-FOR-US: VMware
-CVE-2017-4909
+CVE-2017-4909 (VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x ...)
 	NOT-FOR-US: VMware
-CVE-2017-4908
+CVE-2017-4908 (VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x ...)
 	NOT-FOR-US: VMware
-CVE-2017-4907
+CVE-2017-4907 (VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and ...)
 	NOT-FOR-US: VMware
 CVE-2017-4906
 	RESERVED
-CVE-2017-4905
+CVE-2017-4905 (VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without pat ...)
 	NOT-FOR-US: VMware
-CVE-2017-4904
+CVE-2017-4904 (The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410 ...)
 	NOT-FOR-US: VMware
-CVE-2017-4903
+CVE-2017-4903 (VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without pat ...)
 	NOT-FOR-US: VMware
-CVE-2017-4902
+CVE-2017-4902 (VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without pat ...)
 	NOT-FOR-US: VMware
-CVE-2017-4901
+CVE-2017-4901 (The drag-and-drop (DnD) function in VMware Workstation 12.x before ver ...)
 	NOT-FOR-US: VMware
-CVE-2017-4900
+CVE-2017-4900 (VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL point ...)
 	NOT-FOR-US: VMware
-CVE-2017-4899
+CVE-2017-4899 (VMware Workstation Pro/Player 12.x before 12.5.3 contains a security v ...)
 	NOT-FOR-US: VMware
-CVE-2017-4898
+CVE-2017-4898 (VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loadin ...)
 	NOT-FOR-US: VMware
-CVE-2017-4897
+CVE-2017-4897 (VMware Horizon DaaS before 7.0.0 contains a vulnerability that exists  ...)
 	NOT-FOR-US: VMware Horizon DaaS
-CVE-2017-4896
+CVE-2017-4896 (Airwatch Inbox for Android contains a vulnerability that may allow a r ...)
 	NOT-FOR-US: Airwatch Inbox for Android
-CVE-2017-4895
+CVE-2017-4895 (Airwatch Agent for Android contains a vulnerability that may allow a d ...)
 	NOT-FOR-US: Airwatch Inbox for Android
 CVE-2017-4894
 	REJECTED
@@ -41514,17 +41514,17 @@ CVE-2017-4059
 	REJECTED
 CVE-2017-4058
 	REJECTED
-CVE-2017-4057
+CVE-2017-4057 (Privilege Escalation vulnerability in the web interface in McAfee Adva ...)
 	NOT-FOR-US: McAfee
 CVE-2017-4056
 	REJECTED
-CVE-2017-4055
+CVE-2017-4055 (Exploitation of Authentication vulnerability in the web interface in M ...)
 	NOT-FOR-US: McAfee
-CVE-2017-4054
+CVE-2017-4054 (Command Injection vulnerability in the web interface in McAfee Advance ...)
 	NOT-FOR-US: McAfee
-CVE-2017-4053
+CVE-2017-4053 (Command Injection vulnerability in the web interface in McAfee Advance ...)
 	NOT-FOR-US: McAfee
-CVE-2017-4052
+CVE-2017-4052 (Authentication Bypass vulnerability in the web interface in McAfee Adv ...)
 	NOT-FOR-US: McAfee
 CVE-2017-4051
 	RESERVED
@@ -41572,7 +41572,7 @@ CVE-2017-4030
 	REJECTED
 CVE-2017-4029
 	REJECTED
-CVE-2017-4028
+CVE-2017-4028 (Maliciously misconfigured registry vulnerability in all Microsoft Wind ...)
 	NOT-FOR-US: MacAfee
 CVE-2017-4027
 	REJECTED
@@ -41594,19 +41594,19 @@ CVE-2017-4019
 	REJECTED
 CVE-2017-4018
 	REJECTED
-CVE-2017-4017
+CVE-2017-4017 (User Name Disclosure in the server in McAfee Network Data Loss Prevent ...)
 	NOT-FOR-US: McAfee
-CVE-2017-4016
+CVE-2017-4016 (Web Server method disclosure in the server in McAfee Network Data Loss ...)
 	NOT-FOR-US: McAfee
-CVE-2017-4015
+CVE-2017-4015 (Clickjacking vulnerability in the server in McAfee Network Data Loss P ...)
 	NOT-FOR-US: McAfee
-CVE-2017-4014
+CVE-2017-4014 (Session Side jacking vulnerability in the server in McAfee Network Dat ...)
 	NOT-FOR-US: McAfee
-CVE-2017-4013
+CVE-2017-4013 (Banner Disclosure in the server in McAfee Network Data Loss Prevention ...)
 	NOT-FOR-US: McAfee
-CVE-2017-4012
+CVE-2017-4012 (Privilege Escalation vulnerability in the server in McAfee Network Dat ...)
 	NOT-FOR-US: McAfee
-CVE-2017-4011
+CVE-2017-4011 (Embedding Script (XSS) in HTTP Headers vulnerability in the server in  ...)
 	NOT-FOR-US: McAfee
 CVE-2017-4010
 	REJECTED
@@ -41668,7 +41668,7 @@ CVE-2017-3982
 	REJECTED
 CVE-2017-3981
 	REJECTED
-CVE-2017-3980
+CVE-2017-3980 (A directory traversal vulnerability in the ePO Extension in McAfee ePo ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
 CVE-2017-3979
 	REJECTED
@@ -41684,31 +41684,31 @@ CVE-2017-3974
 	REJECTED
 CVE-2017-3973
 	REJECTED
-CVE-2017-3972
+CVE-2017-3972 (Infrastructure-based foot printing vulnerability in the web interface  ...)
 	NOT-FOR-US: McAfee
-CVE-2017-3971
+CVE-2017-3971 (Cryptanalysis vulnerability in the web interface in McAfee Network Sec ...)
 	NOT-FOR-US: McAfee
 CVE-2017-3970
 	RESERVED
-CVE-2017-3969
+CVE-2017-3969 (Abuse of communication channels vulnerability in the server in McAfee  ...)
 	NOT-FOR-US: McAfee
-CVE-2017-3968
+CVE-2017-3968 (Session fixation vulnerability in the web interface in McAfee Network  ...)
 	NOT-FOR-US: McAfee
-CVE-2017-3967
+CVE-2017-3967 (Target influence via framing vulnerability in the web interface in McA ...)
 	NOT-FOR-US: McAfee
-CVE-2017-3966
+CVE-2017-3966 (Exploitation of session variables, resource IDs and other trusted cred ...)
 	NOT-FOR-US: McAfee
-CVE-2017-3965
+CVE-2017-3965 (Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability i ...)
 	NOT-FOR-US: McAfee
-CVE-2017-3964
+CVE-2017-3964 (Reflective Cross-Site Scripting (XSS) vulnerability in the web interfa ...)
 	NOT-FOR-US: McAfee
 CVE-2017-3963
 	REJECTED
-CVE-2017-3962
+CVE-2017-3962 (Password recovery exploitation vulnerability in the non-certificate-ba ...)
 	NOT-FOR-US: McAfee
-CVE-2017-3961
+CVE-2017-3961 (Cross-Site Scripting (XSS) vulnerability in the web interface in McAfe ...)
 	NOT-FOR-US: McAfee
-CVE-2017-3960
+CVE-2017-3960 (Exploitation of Authorization vulnerability in the web interface in Mc ...)
 	NOT-FOR-US: McAfee
 CVE-2017-3959
 	REJECTED
@@ -41732,7 +41732,7 @@ CVE-2017-3950
 	REJECTED
 CVE-2017-3949
 	REJECTED
-CVE-2017-3948
+CVE-2017-3948 (Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee  ...)
 	NOT-FOR-US: McAfee
 CVE-2017-3947
 	REJECTED
@@ -41756,13 +41756,13 @@ CVE-2017-3938
 	REJECTED
 CVE-2017-3937
 	RESERVED
-CVE-2017-3936
+CVE-2017-3936 (OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO ...)
 	NOT-FOR-US: McAfee
-CVE-2017-3935
+CVE-2017-3935 (Network Data Loss Prevention is vulnerable to MIME type sniffing which ...)
 	NOT-FOR-US: McAfee Network Data Loss Prevention
-CVE-2017-3934
+CVE-2017-3934 (Missing HTTP Strict Transport Security state information vulnerability ...)
 	NOT-FOR-US: McAfee Network Data Loss Prevention
-CVE-2017-3933
+CVE-2017-3933 (Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network ...)
 	NOT-FOR-US: McAfee Network Data Loss Prevention
 CVE-2017-3932
 	RESERVED
@@ -41804,7 +41804,7 @@ CVE-2017-3914
 	RESERVED
 CVE-2017-3913
 	RESERVED
-CVE-2017-3912
+CVE-2017-3912 (Bypassing password security vulnerability in McAfee Application and Ch ...)
 	NOT-FOR-US: McAfee
 CVE-2017-3911
 	RESERVED
@@ -41814,7 +41814,7 @@ CVE-2017-3909
 	RESERVED
 CVE-2017-3908
 	RESERVED
-CVE-2017-3907
+CVE-2017-3907 (Code Injection vulnerability in the ePolicy Orchestrator (ePO) extensi ...)
 	NOT-FOR-US: McAfee
 CVE-2017-3906
 	RESERVED
@@ -41824,231 +41824,231 @@ CVE-2017-3904
 	RESERVED
 CVE-2017-3903
 	RESERVED
-CVE-2017-3902
+CVE-2017-3902 (Cross-site scripting (XSS) vulnerability in the Web user interface (UI ...)
 	NOT-FOR-US: Intel Security ePO
 CVE-2017-3901
 	RESERVED
 CVE-2017-3900
 	RESERVED
-CVE-2017-3899
+CVE-2017-3899 (SQL injection vulnerability in Intel Security Advanced Threat Defense  ...)
 	NOT-FOR-US: Intel antivirus
-CVE-2017-3898
+CVE-2017-3898 (A man-in-the-middle attack vulnerability in the non-certificate-based  ...)
 	NOT-FOR-US: McAfee
-CVE-2017-3897
+CVE-2017-3897 (A Code Injection vulnerability in the non-certificate-based authentica ...)
 	NOT-FOR-US: McAfee
-CVE-2017-3896
+CVE-2017-3896 (Unvalidated parameter vulnerability in the remote log viewing capabili ...)
 	NOT-FOR-US: Intel McAfee
 CVE-2017-3895
 	REJECTED
-CVE-2017-3894
+CVE-2017-3894 (A stored cross site scripting vulnerability in the Management Console  ...)
 	NOT-FOR-US: BlackBerry
-CVE-2017-3893
+CVE-2017-3893 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the defau ...)
 	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
-CVE-2017-3892
+CVE-2017-3892 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an inform ...)
 	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
-CVE-2017-3891
+CVE-2017-3891 (In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevat ...)
 	NOT-FOR-US: BlackBerry QNX Software Development Platform (SDP)
-CVE-2017-3890
+CVE-2017-3890 (A reflected cross-site scripting vulnerability in the BlackBerry Watch ...)
 	NOT-FOR-US: BlackBerry
-CVE-2017-3889
+CVE-2017-3889 (A vulnerability in the web interface of the Cisco Registered Envelope  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3888
+CVE-2017-3888 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3887
+CVE-2017-3887 (A vulnerability in the detection engine that handles Secure Sockets La ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3886
+CVE-2017-3886 (A vulnerability in the Cisco Unified Communications Manager web interf ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3885
+CVE-2017-3885 (A vulnerability in the detection engine reassembly of Secure Sockets L ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3884
+CVE-2017-3884 (A vulnerability in the web interface of Cisco Prime Infrastructure and ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3883
+CVE-2017-3883 (A vulnerability in the authentication, authorization, and accounting ( ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3882
+CVE-2017-3882 (A vulnerability in the Universal Plug-and-Play (UPnP) implementation i ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3881
+CVE-2017-3881 (A vulnerability in the Cisco Cluster Management Protocol (CMP) process ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3880
+CVE-2017-3880 (An Authentication Bypass vulnerability in Cisco WebEx Meetings Server  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3879
+CVE-2017-3879 (A Denial of Service vulnerability in the remote login functionality fo ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3878
+CVE-2017-3878 (A Denial of Service vulnerability in the Telnet remote login functiona ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3877
+CVE-2017-3877 (A vulnerability in the web framework of Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3876
+CVE-2017-3876 (A vulnerability in the Event Management Service daemon (emsd) of Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3875
+CVE-2017-3875 (An Access-Control Filtering Mechanisms Bypass vulnerability in certain ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3874
+CVE-2017-3874 (A vulnerability in the web framework of Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3873
+CVE-2017-3873 (A vulnerability in the Plug-and-Play (PnP) subsystem of the Cisco Airo ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3872
+CVE-2017-3872 (A cross-site scripting (XSS) filter bypass vulnerability in the web-ba ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3871
+CVE-2017-3871 (A RADIUS Secret Disclosure vulnerability in the web network management ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3870
+CVE-2017-3870 (A vulnerability in the URL filtering feature of Cisco AsyncOS Software ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3869
+CVE-2017-3869 (An API Credentials Management vulnerability in the APIs for Cisco Prim ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3868
+CVE-2017-3868 (A vulnerability in the web-based management interface of Cisco UCS Dir ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3867
+CVE-2017-3867 (A vulnerability in the Border Gateway Protocol (BGP) Bidirectional For ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3866
+CVE-2017-3866 (A vulnerability in the web framework code of Cisco Prime Service Catal ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3865
+CVE-2017-3865 (A vulnerability in the IPsec component of Cisco StarOS for Cisco ASR 5 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3864
+CVE-2017-3864 (A vulnerability in the DHCP client implementation of Cisco IOS (12.2,  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3863
+CVE-2017-3863 (Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 a ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3862
+CVE-2017-3862 (Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 a ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3861
+CVE-2017-3861 (Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 a ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3860
+CVE-2017-3860 (Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 a ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3859
+CVE-2017-3859 (A vulnerability in the DHCP code for the Zero Touch Provisioning featu ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3858
+CVE-2017-3858 (A vulnerability in the web framework of Cisco IOS XE Software could al ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3857
+CVE-2017-3857 (A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing funct ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3856
+CVE-2017-3856 (A vulnerability in the web user interface of Cisco IOS XE 3.1 through  ...)
 	NOT-FOR-US: Cisco
 CVE-2017-3855
 	RESERVED
-CVE-2017-3854
+CVE-2017-3854 (A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3853
+CVE-2017-3853 (A vulnerability in the Data-in-Motion (DMo) process installed with the ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3852
+CVE-2017-3852 (A vulnerability in the Cisco application-hosting framework (CAF) compo ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3851
+CVE-2017-3851 (A Directory Traversal vulnerability in the web framework code of the C ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3850
+CVE-2017-3850 (A vulnerability in the Autonomic Networking Infrastructure (ANI) featu ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3849
+CVE-2017-3849 (A vulnerability in the Autonomic Networking Infrastructure (ANI) regis ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3848
+CVE-2017-3848 (A vulnerability in the HTTP web-based management interface of Cisco Pr ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3847
+CVE-2017-3847 (A vulnerability in the web framework of Cisco Firepower Management Cen ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3846
+CVE-2017-3846 (A vulnerability in the Client Manager Server of Cisco Workload Automat ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3845
+CVE-2017-3845 (A vulnerability in the web-based management interface of Cisco Prime C ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3844
+CVE-2017-3844 (A vulnerability in exporting functions of the user interface for Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3843
+CVE-2017-3843 (A vulnerability in the file download functions for Cisco Prime Collabo ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3842
+CVE-2017-3842 (A vulnerability in the web-based management interface of the Cisco Int ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3841
+CVE-2017-3841 (A vulnerability in the web interface of the Cisco Secure Access Contro ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3840
+CVE-2017-3840 (A vulnerability in the web interface of the Cisco Secure Access Contro ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3839
+CVE-2017-3839 (An XML External Entity vulnerability in the web-based user interface o ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3838
+CVE-2017-3838 (A vulnerability in Cisco Secure Access Control System (ACS) could allo ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3837
+CVE-2017-3837 (An HTTP Packet Processing vulnerability in the Web Bridge interface of ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3836
+CVE-2017-3836 (A vulnerability in the web framework Cisco Unified Communications Mana ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3835
+CVE-2017-3835 (A vulnerability in the sponsor portal of Cisco Identity Services Engin ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3834
+CVE-2017-3834 (A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Se ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3833
+CVE-2017-3833 (A vulnerability in the web framework of Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3832
+CVE-2017-3832 (A vulnerability in the web management interface of Cisco Wireless LAN  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3831
+CVE-2017-3831 (A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Se ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3830
+CVE-2017-3830 (A vulnerability in an internal API of the Cisco Meeting Server (CMS) c ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3829
+CVE-2017-3829 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3828
+CVE-2017-3828 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3827
+CVE-2017-3827 (A vulnerability in the Multipurpose Internet Mail Extensions (MIME) sc ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3826
+CVE-2017-3826 (A vulnerability in the Stream Control Transmission Protocol (SCTP) dec ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3825
+CVE-2017-3825 (A vulnerability in the ICMP ingress packet processing of Cisco TelePre ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3824
+CVE-2017-3824 (A vulnerability in the handling of list headers in Cisco cBR Series Co ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3823
+CVE-2017-3823 (An issue was discovered in the Cisco WebEx Extension before 1.0.7 on G ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3822
+CVE-2017-3822 (A vulnerability in the logging subsystem of the Cisco Firepower Threat ...)
 	NOT-FOR-US: Cisco Firepower Threat Defense
-CVE-2017-3821
+CVE-2017-3821 (A vulnerability in the serviceability page of Cisco Unified Communicat ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3820
+CVE-2017-3820 (A vulnerability in Simple Network Management Protocol (SNMP) functions ...)
 	NOT-FOR-US: Cisco IOS XE
-CVE-2017-3819
+CVE-2017-3819 (A privilege escalation vulnerability in the Secure Shell (SSH) subsyst ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3818
+CVE-2017-3818 (A vulnerability in the Multipurpose Internet Mail Extensions (MIME) sc ...)
 	NOT-FOR-US: Cisco Email Security Appliances
-CVE-2017-3817
+CVE-2017-3817 (A vulnerability in the role-based resource checking functionality of C ...)
 	NOT-FOR-US: Cisco
 CVE-2017-3816
 	RESERVED
-CVE-2017-3815
+CVE-2017-3815 (An API Privilege vulnerability in Cisco TelePresence Server Software c ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3814
+CVE-2017-3814 (A vulnerability in Cisco Firepower System Software could allow an unau ...)
 	NOT-FOR-US: Cisco Firepower System Software
-CVE-2017-3813
+CVE-2017-3813 (A vulnerability in the Start Before Logon (SBL) module of Cisco AnyCon ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3812
+CVE-2017-3812 (A vulnerability in the implementation of Common Industrial Protocol (C ...)
 	NOT-FOR-US: Cisco Industrial Ethernet 2000 Series Switches
-CVE-2017-3811
+CVE-2017-3811 (An XML External Entity vulnerability in Cisco WebEx Meetings Server co ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3810
+CVE-2017-3810 (A vulnerability in the web framework of Cisco Prime Service Catalog co ...)
 	NOT-FOR-US: Cisco Prime Service Catalog
-CVE-2017-3809
+CVE-2017-3809 (A vulnerability in the Policy deployment module of the Cisco Firepower ...)
 	NOT-FOR-US: Cisco Firepower Management Center
-CVE-2017-3808
+CVE-2017-3808 (A vulnerability in the Session Initiation Protocol (SIP) UDP throttlin ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3807
+CVE-2017-3807 (A vulnerability in Common Internet Filesystem (CIFS) code in the Clien ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3806
+CVE-2017-3806 (A vulnerability in CLI command processing in the Cisco Firepower 4100  ...)
 	NOT-FOR-US: Cisco Firepower
-CVE-2017-3805
+CVE-2017-3805 (A vulnerability in the web-based management interface of Cisco IOS and ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2017-3804
+CVE-2017-3804 (A vulnerability in Intermediate System-to-Intermediate System (IS-IS)  ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3803
+CVE-2017-3803 (A vulnerability in the Cisco IOS Software forwarding queue of Cisco 29 ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3802
+CVE-2017-3802 (A vulnerability in Cisco Unified Communications Manager could allow an ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3801
+CVE-2017-3801 (A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3800
+CVE-2017-3800 (A vulnerability in the content scanning engine of Cisco AsyncOS Softwa ...)
 	NOT-FOR-US: Cisco Email Security Appliance
-CVE-2017-3799
+CVE-2017-3799 (A vulnerability in a URL parameter of Cisco WebEx Meeting Center could ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3798
+CVE-2017-3798 (A cross-site scripting (XSS) filter bypass vulnerability in the web-ba ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3797
+CVE-2017-3797 (A vulnerability in Cisco WebEx Meetings Server could allow an unauthen ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3796
+CVE-2017-3796 (A vulnerability in Cisco WebEx Meetings Server could allow an authenti ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3795
+CVE-2017-3795 (A vulnerability in Cisco WebEx Meetings Server could allow an authenti ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3794
+CVE-2017-3794 (A vulnerability in Cisco WebEx Meetings Server could allow an unauthen ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3793
+CVE-2017-3793 (A vulnerability in the TCP normalizer of Cisco Adaptive Security Appli ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3792
+CVE-2017-3792 (A vulnerability in a proprietary device driver in the kernel of Cisco  ...)
 	NOT-FOR-US: Cisco TelePresence
-CVE-2017-3791
+CVE-2017-3791 (A vulnerability in the web-based GUI of Cisco Prime Home could allow a ...)
 	NOT-FOR-US: Cisco
-CVE-2017-3790
+CVE-2017-3790 (A vulnerability in the received packet parser of Cisco Expressway Seri ...)
 	NOT-FOR-US: Cisco Expressway
 CVE-2017-3789
 	REJECTED
@@ -42076,83 +42076,83 @@ CVE-2017-3778
 	REJECTED
 CVE-2017-3777
 	REJECTED
-CVE-2017-3776
+CVE-2017-3776 (Lenovo Help Android mobile app versions earlier than 6.1.2.0327 allowe ...)
 	NOT-FOR-US: Lenovo Help Android mobile app
-CVE-2017-3775
+CVE-2017-3775 (Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode  ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3774
+CVE-2017-3774 (A stack overflow vulnerability was discovered within the web administr ...)
 	NOT-FOR-US: IBM
 CVE-2017-3773
 	REJECTED
 CVE-2017-3772
 	RESERVED
-CVE-2017-3771
+CVE-2017-3771 (System boot process is not adequately secured In Lenovo E95 and ThinkC ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3770
+CVE-2017-3770 (Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 ...)
 	NOT-FOR-US: Lenovo LXCA
 CVE-2017-3769
 	RESERVED
-CVE-2017-3768
+CVE-2017-3768 (An unprivileged attacker with connectivity to the IMM2 could cause a d ...)
 	NOT-FOR-US: IBM System x / IMM2
-CVE-2017-3767
+CVE-2017-3767 (A local privilege escalation vulnerability was identified in the Realt ...)
 	NOT-FOR-US: Lenovo
 CVE-2017-3766
 	RESERVED
-CVE-2017-3765
+CVE-2017-3765 (In Enterprise Networking Operating System (ENOS) in Lenovo and IBM Rac ...)
 	NOT-FOR-US: IBM RackSwitch and BladeCenter products
-CVE-2017-3764
+CVE-2017-3764 (A vulnerability was identified in Lenovo XClarity Administrator (LXCA) ...)
 	NOT-FOR-US: Lenovo XClarity Administrator
-CVE-2017-3763
+CVE-2017-3763 (An attacker who obtains access to the location where the LXCA file sys ...)
 	NOT-FOR-US: Lenovo LXCA
-CVE-2017-3762
+CVE-2017-3762 (Sensitive data stored by Lenovo Fingerprint Manager Pro, version 8.01. ...)
 	NOT-FOR-US: Lenovo Fingerprint Manager Pro
-CVE-2017-3761
+CVE-2017-3761 (The Lenovo Service Framework Android application executes some system  ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3760
+CVE-2017-3760 (The Lenovo Service Framework Android application uses a set of nonsecu ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3759
+CVE-2017-3759 (The Lenovo Service Framework Android application accepts some response ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3758
+CVE-2017-3758 (Improper access controls on several Android components in the Lenovo S ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3757
+CVE-2017-3757 (An unquoted service path vulnerability was identified in the driver fo ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3756
+CVE-2017-3756 (A privilege escalation vulnerability was identified in Lenovo Active P ...)
 	NOT-FOR-US: Lenovo
 CVE-2017-3755
 	RESERVED
-CVE-2017-3754
+CVE-2017-3754 (Some Lenovo brand notebook systems do not have write protections prope ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3753
+CVE-2017-3753 (A vulnerability has been identified in some Lenovo products that use U ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3752
+CVE-2017-3752 (An industry-wide vulnerability has been identified in the implementati ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3751
+CVE-2017-3751 (An unquoted service path vulnerability was identified in the driver fo ...)
 	NOT-FOR-US: driver for the ThinkPad Compact USB Keyboard with TrackPoint
-CVE-2017-3750
+CVE-2017-3750 (On Lenovo VIBE mobile phones, the Lenovo Security Android application  ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3749
+CVE-2017-3749 (On Lenovo VIBE mobile phones, the Idea Friend Android application allo ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3748
+CVE-2017-3748 (On Lenovo VIBE mobile phones, improper access controls on the nac_serv ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3747
+CVE-2017-3747 (Privilege escalation vulnerability in Lenovo Nerve Center for Windows  ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3746
+CVE-2017-3746 (ThinkPad USB 3.0 Ethernet Adapter (part number 4X90E51405) driver, var ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3745
+CVE-2017-3745 (In Lenovo XClarity Administrator (LXCA) before 1.3.0, if service data  ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3744
+CVE-2017-3744 (In the IMM2 firmware of Lenovo System x servers, remote commands issue ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3743
+CVE-2017-3743 (If multiple users are concurrently logged into a single system where o ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3742
+CVE-2017-3742 (In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4. ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3741
+CVE-2017-3741 (In the Lenovo Power Management driver before 1.67.12.24, a local user  ...)
 	NOT-FOR-US: Lenovo
-CVE-2017-3740
+CVE-2017-3740 (In Lenovo Active Protection System before 1.82.0.14, an attacker with  ...)
 	NOT-FOR-US: Lenovo
 CVE-2017-3739
 	REJECTED
-CVE-2017-3738
+CVE-2017-3738 (There is an overflow bug in the AVX2 Montgomery multiplication procedu ...)
 	{DSA-4065-1}
 	- openssl 1.1.0h-1 (low)
 	[stretch] - openssl 1.1.0f-3+deb9u2
@@ -42162,7 +42162,7 @@ CVE-2017-3738
 	NOTE: https://www.openssl.org/news/secadv/20171207.txt
 	NOTE: OpenSSL_1_1_0-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=e502cc86df9dafded1694fceb3228ee34d11c11a
 	NOTE: OpenSSL_1_0_2-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=ca51bafc1a88d8b8348f5fd97adc5d6ca93f8e76
-CVE-2017-3737
+CVE-2017-3737 (OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error stat ...)
 	{DSA-4065-1}
 	- openssl 1.1.0b-2
 	[jessie] - openssl <not-affected> (Issue introduced in 1.0.2b)
@@ -42178,7 +42178,7 @@ CVE-2017-3737
 	NOTE: mechanism at all.
 	NOTE: Hardening mechanism introduced in:
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=e4f77bf1833245d2b6aa4ce6a16c85e1cdf78589
-CVE-2017-3736
+CVE-2017-3736 (There is a carry propagating bug in the x86_64 Montgomery squaring pro ...)
 	{DSA-4017-1}
 	- openssl 1.1.0g-1
 	[stretch] - openssl 1.1.0f-3+deb9u1
@@ -42188,7 +42188,7 @@ CVE-2017-3736
 	NOTE: https://www.openssl.org/news/secadv/20171102.txt
 	NOTE: Fix for 1.0.2: https://git.openssl.org/?p=openssl.git;a=commit;h=38d600147331d36e74174ebbd4008b63188b321b
 	NOTE: Fix for 1.1.0: https://git.openssl.org/?p=openssl.git;a=commit;h=4443cf7aa0099e5ce615c18cee249fff77fb0871
-CVE-2017-3735
+CVE-2017-3735 (While parsing an IPAddressFamily extension in an X.509 certificate, it ...)
 	{DSA-4018-1 DSA-4017-1 DLA-1157-1}
 	- openssl 1.1.0g-1
 	- openssl1.0 1.0.2m-1
@@ -42196,19 +42196,19 @@ CVE-2017-3735
 	NOTE: Fix for 1.1.0: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=068b963bb7afc57f5bdd723de0dd15e7795d5822
 CVE-2017-3734
 	REJECTED
-CVE-2017-3733
+CVE-2017-3733 (During a renegotiation handshake if the Encrypt-Then-Mac extension is  ...)
 	- openssl 1.1.0e-1
 	[jessie] - openssl <not-affected> (Only affects 1.1)
 	[wheezy] - openssl <not-affected> (Only affects 1.1)
 	- openssl1.0 <not-affected> (Only affects 1.1)
 	NOTE: https://www.openssl.org/news/secadv/20170216.txt
-CVE-2017-3732
+CVE-2017-3732 (There is a carry propagating bug in the x86_64 Montgomery squaring pro ...)
 	- openssl 1.1.0d-1
 	[jessie] - openssl <not-affected> (Only affects 1.0.2 and 1.1.0)
 	[wheezy] - openssl <not-affected> (Only affects 1.0.2 and 1.1.0)
 	- openssl1.0 1.0.2k-1
 	NOTE: https://www.openssl.org/news/secadv/20170126.txt
-CVE-2017-3731
+CVE-2017-3731 (If an SSL/TLS server or client is running on a 32-bit host, and a spec ...)
 	{DSA-3773-1 DLA-814-1}
 	- openssl 1.1.0d-1
 	- openssl1.0 1.0.2k-1
@@ -42216,7 +42216,7 @@ CVE-2017-3731
 	NOTE: Fix for 1.0.2: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=51d009043670a627d6abe66894126851cf3690e9
 	NOTE: Fix for 1.1.0: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=f3a7e57c92b2c9b87dc4b2997f2ebda6781300d0
 	NOTE: and https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=00d965474b22b54e4275232bc71ee0c699c5cd21
-CVE-2017-3730
+CVE-2017-3730 (In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad par ...)
 	- openssl 1.1.0d-1
 	[jessie] - openssl <not-affected> (Only affects OpenSSL 1.1)
 	[wheezy] - openssl <not-affected> (Only affects OpenSSL 1.1)
@@ -42244,7 +42244,7 @@ CVE-2017-3720
 	RESERVED
 CVE-2017-3719
 	RESERVED
-CVE-2017-3718
+CVE-2017-3718 (Improper setting of device configuration in system firmware for Intel( ...)
 	NOT-FOR-US: Intel
 CVE-2017-3717
 	RESERVED
@@ -42374,69 +42374,69 @@ CVE-2017-3655
 	RESERVED
 CVE-2017-3654
 	RESERVED
-CVE-2017-3653
+CVE-2017-3653 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3955-1 DSA-3944-1 DSA-3922-1 DLA-1043-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 10.1.26-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3652
+CVE-2017-3652 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3651
+CVE-2017-3651 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3650
+CVE-2017-3650 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3649
+CVE-2017-3649 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2017-3648
+CVE-2017-3648 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3647
+CVE-2017-3647 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2017-3646
+CVE-2017-3646 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.17-1
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3645
+CVE-2017-3645 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3644
+CVE-2017-3644 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3643
+CVE-2017-3643 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3642
+CVE-2017-3642 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3641
+CVE-2017-3641 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3955-1 DSA-3944-1 DSA-3922-1 DLA-1043-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 10.1.26-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3640
+CVE-2017-3640 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3639
+CVE-2017-3639 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3638
+CVE-2017-3638 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3637
+CVE-2017-3637 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3636
+CVE-2017-3636 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3955-1 DSA-3944-1 DSA-3922-1 DLA-1043-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 10.1.26-1
@@ -42447,77 +42447,77 @@ CVE-2017-3635
 	{DSA-3922-1 DLA-1043-1}
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <removed> (bug #868788)
-CVE-2017-3634
+CVE-2017-3634 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2017-3633
+CVE-2017-3633 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2017-3632
+CVE-2017-3632 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle Solaris
-CVE-2017-3631
+CVE-2017-3631 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3630
+CVE-2017-3630 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3629
+CVE-2017-3629 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
 CVE-2017-3628
 	RESERVED
 CVE-2017-3627
 	RESERVED
-CVE-2017-3626
+CVE-2017-3626 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	- glassfish <not-affected> (Only affects 3.x)
-CVE-2017-3625
+CVE-2017-3625 (Vulnerability in the Oracle WebCenter Content component of Oracle Fusi ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3624
 	RESERVED
-CVE-2017-3623
+CVE-2017-3623 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3622
+CVE-2017-3622 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3621
+CVE-2017-3621 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3620
+CVE-2017-3620 (Vulnerability in the Automatic Service Request (ASR) component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3619
+CVE-2017-3619 (Vulnerability in the Automatic Service Request (ASR) component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3618
+CVE-2017-3618 (Vulnerability in the Automatic Service Request (ASR) component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3617
+CVE-2017-3617 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3616
+CVE-2017-3616 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3615
+CVE-2017-3615 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3614
+CVE-2017-3614 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3613
+CVE-2017-3613 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3612
+CVE-2017-3612 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3611
+CVE-2017-3611 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3610
+CVE-2017-3610 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3609
+CVE-2017-3609 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3608
+CVE-2017-3608 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3607
+CVE-2017-3607 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3606
+CVE-2017-3606 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3605
+CVE-2017-3605 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3604
+CVE-2017-3604 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3603
+CVE-2017-3603 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3602
+CVE-2017-3602 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3601
+CVE-2017-3601 (Vulnerability in the Oracle API Gateway component of Oracle Fusion Mid ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3600
+CVE-2017-3600 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 <not-affected> (Fixed before initial upload to Debian)
 	- mariadb-10.0 10.0.28-1
@@ -42530,390 +42530,390 @@ CVE-2017-3600
 	NOTE: https://github.com/MariaDB/server/commit/5a43a31ee81bc181eeb5ef2bf0704befa6e0594d
 	NOTE: https://github.com/MariaDB/server/commit/01b39b7b0730102b88d8ea43ec719a75e9316a1e
 	NOTE: https://github.com/MariaDB/server/commit/383007c75d6ef5043fa5781956a6a02b24e2b79e
-CVE-2017-3599
+CVE-2017-3599 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (ONly affects MySQL 5.6 and 5.7)
-CVE-2017-3598
+CVE-2017-3598 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3597
+CVE-2017-3597 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3596
+CVE-2017-3596 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3595
+CVE-2017-3595 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3594
+CVE-2017-3594 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3593
+CVE-2017-3593 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3592
+CVE-2017-3592 (Vulnerability in the Oracle Payables component of Oracle E-Business Su ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3591
+CVE-2017-3591 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3590
+CVE-2017-3590 (Vulnerability in the MySQL Connectors component of Oracle MySQL (subco ...)
 	- mysql-connector-python 2.1.6-1 (bug #861511)
 	[jessie] - mysql-connector-python <no-dsa> (Minor issue)
 	[wheezy] - mysql-connector-python <postponed> (Minor issue, can be fixed along in a future update)
-CVE-2017-3589
+CVE-2017-3589 (Vulnerability in the MySQL Connectors component of Oracle MySQL (subco ...)
 	{DSA-3857-1 DLA-945-1}
 	- mysql-connector-java 5.1.42-1
-CVE-2017-3588
+CVE-2017-3588 (Vulnerability in the Solaris Cluster component of Oracle Sun Systems P ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3587
+CVE-2017-3587 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3586
+CVE-2017-3586 (Vulnerability in the MySQL Connectors component of Oracle MySQL (subco ...)
 	{DSA-3857-1 DLA-945-1}
 	- mysql-connector-java 5.1.42-1
-CVE-2017-3585
+CVE-2017-3585 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3584
+CVE-2017-3584 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3583
+CVE-2017-3583 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3582
+CVE-2017-3582 (Vulnerability in the Oracle SuperCluster Specific Software component o ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3581
+CVE-2017-3581 (Vulnerability in the Automatic Service Request (ASR) component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3580
+CVE-2017-3580 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3579
+CVE-2017-3579 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3578
+CVE-2017-3578 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3577
+CVE-2017-3577 (Vulnerability in the PeopleSoft Enterprise CS Campus Community compone ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3576
+CVE-2017-3576 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3575
+CVE-2017-3575 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3574
+CVE-2017-3574 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3573
+CVE-2017-3573 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3572
+CVE-2017-3572 (Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3571
+CVE-2017-3571 (Vulnerability in the PeopleSoft Enterprise SCM eBill Payment component ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3570
+CVE-2017-3570 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle Pe ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3569
+CVE-2017-3569 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3568
+CVE-2017-3568 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3567
+CVE-2017-3567 (Vulnerability in the OJVM component of Oracle Database Server. Support ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3566
 	RESERVED
-CVE-2017-3565
+CVE-2017-3565 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3564
+CVE-2017-3564 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3563
+CVE-2017-3563 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3562
+CVE-2017-3562 (Vulnerability in the Oracle Applications DBA component of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3561
+CVE-2017-3561 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3560
+CVE-2017-3560 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3559
+CVE-2017-3559 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3558
+CVE-2017-3558 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3557
+CVE-2017-3557 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3556
+CVE-2017-3556 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3555
+CVE-2017-3555 (Vulnerability in the Oracle iReceivables component of Oracle E-Busines ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3554
+CVE-2017-3554 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3553
+CVE-2017-3553 (Vulnerability in the Oracle Identity Manager component of Oracle Fusio ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3552
+CVE-2017-3552 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3551
+CVE-2017-3551 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3550
+CVE-2017-3550 (Vulnerability in the Oracle Customer Interaction History component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3549
+CVE-2017-3549 (Vulnerability in the Oracle Scripting component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3548
+CVE-2017-3548 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3547
+CVE-2017-3547 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3546
+CVE-2017-3546 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3545
+CVE-2017-3545 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3544
+CVE-2017-3544 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3858-1 DLA-954-1}
 	- openjdk-8 8u131-b11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3543
+CVE-2017-3543 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3542
+CVE-2017-3542 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3541
+CVE-2017-3541 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3540
+CVE-2017-3540 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3539
+CVE-2017-3539 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3858-1 DLA-954-1}
 	- openjdk-8 8u131-b11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3538
+CVE-2017-3538 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3537
+CVE-2017-3537 (Vulnerability in the Oracle Real-Time Scheduler component of Oracle Ut ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3536
+CVE-2017-3536 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3535
+CVE-2017-3535 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3534
+CVE-2017-3534 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3533
+CVE-2017-3533 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3858-1 DLA-954-1}
 	- openjdk-8 8u131-b11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3532
+CVE-2017-3532 (Vulnerability in the Oracle Retail Warehouse Management System compone ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3531
+CVE-2017-3531 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3530
+CVE-2017-3530 (Vulnerability in the Oracle Transportation Manager component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3529
+CVE-2017-3529 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1 (bug #868798)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3528
+CVE-2017-3528 (Vulnerability in the Oracle Applications Framework component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3527
+CVE-2017-3527 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3526
+CVE-2017-3526 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3858-1 DLA-954-1}
 	- openjdk-8 8u131-b11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3525
+CVE-2017-3525 (Vulnerability in the PeopleSoft Enterprise SCM Service Procurement com ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3524
+CVE-2017-3524 (Vulnerability in the PeopleSoft Enterprise SCM Strategic Sourcing comp ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3523
+CVE-2017-3523 (Vulnerability in the MySQL Connectors component of Oracle MySQL (subco ...)
 	{DSA-3840-1 DLA-945-1}
 	- mysql-connector-java 5.1.41-1
 	NOTE: https://www.computest.nl/advisories/CT-2017-0425_MySQL-Connector-J.txt
-CVE-2017-3522
+CVE-2017-3522 (Vulnerability in the PeopleSoft Enterprise SCM eSupplier Connection co ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3521
+CVE-2017-3521 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3520
+CVE-2017-3520 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3519
+CVE-2017-3519 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3518
+CVE-2017-3518 (Vulnerability in the Enterprise Manager Base Platform component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3517
+CVE-2017-3517 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3516
+CVE-2017-3516 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3515
+CVE-2017-3515 (Vulnerability in the Oracle User Management component of Oracle E-Busi ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3514
+CVE-2017-3514 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-8 <not-affected> (Windows builds only)
 	- openjdk-7 <not-affected> (Windows builds only)
 	NOTE: Upstream commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/95fd1952637b
-CVE-2017-3513
+CVE-2017-3513 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3512
+CVE-2017-3512 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-8 <not-affected> (MacOSX builds only)
 	- openjdk-7 <not-affected> (MacOSX builds only)
 	NOTE: Upstream commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/c878d0baff4a
-CVE-2017-3511
+CVE-2017-3511 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3858-1 DLA-954-1}
 	- openjdk-8 8u131-b11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3510
+CVE-2017-3510 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3509
+CVE-2017-3509 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3858-1 DLA-954-1}
 	- openjdk-8 8u131-b11-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3508
+CVE-2017-3508 (Vulnerability in the Primavera Gateway component of Oracle Primavera P ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3507
+CVE-2017-3507 (Vulnerability in the Oracle Service Bus component of Oracle Fusion Mid ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3506
+CVE-2017-3506 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3505
+CVE-2017-3505 (Vulnerability in the Automatic Service Request (ASR) component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3504
+CVE-2017-3504 (Vulnerability in the Automatic Service Request (ASR) component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3503
+CVE-2017-3503 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3502
+CVE-2017-3502 (Vulnerability in the PeopleSoft Enterprise FIN Receivables component o ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3501
+CVE-2017-3501 (Vulnerability in the Primavera Unifier component of Oracle Primavera P ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3500
+CVE-2017-3500 (Vulnerability in the Primavera Gateway component of Oracle Primavera P ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3499
+CVE-2017-3499 (Vulnerability in the Oracle Social Network component of Oracle Fusion  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3498
+CVE-2017-3498 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3497
+CVE-2017-3497 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3496
+CVE-2017-3496 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3495
+CVE-2017-3495 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3494
+CVE-2017-3494 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3493
+CVE-2017-3493 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3492
+CVE-2017-3492 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3491
+CVE-2017-3491 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3490
+CVE-2017-3490 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3489
+CVE-2017-3489 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3488
+CVE-2017-3488 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3487
+CVE-2017-3487 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3486
+CVE-2017-3486 (Vulnerability in the SQL*Plus component of Oracle Database Server. Sup ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3485
+CVE-2017-3485 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3484
+CVE-2017-3484 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3483
+CVE-2017-3483 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3482
+CVE-2017-3482 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3481
+CVE-2017-3481 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3480
+CVE-2017-3480 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3479
+CVE-2017-3479 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3478
+CVE-2017-3478 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3477
+CVE-2017-3477 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3476
+CVE-2017-3476 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3475
+CVE-2017-3475 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3474
+CVE-2017-3474 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3473
+CVE-2017-3473 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3472
+CVE-2017-3472 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3471
+CVE-2017-3471 (Vulnerability in the Oracle FLEXCUBE Private Banking component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3470
+CVE-2017-3470 (Vulnerability in the Oracle Communications Security Gateway component  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3469
+CVE-2017-3469 (Vulnerability in the MySQL Workbench component of Oracle MySQL (subcom ...)
 	- mysql-workbench 6.3.10+dfsg-1 (low; bug #861487)
 	[stretch] - mysql-workbench <no-dsa> (Minor issue)
 	[jessie] - mysql-workbench <no-dsa> (Minor issue)
 	[wheezy] - mysql-workbench <no-dsa> (Minor issue)
-CVE-2017-3468
+CVE-2017-3468 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3467
+CVE-2017-3467 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 CVE-2017-3466
 	RESERVED
-CVE-2017-3465
+CVE-2017-3465 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3464
+CVE-2017-3464 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3463
+CVE-2017-3463 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3834-1 DLA-916-1}
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3462
+CVE-2017-3462 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3834-1 DLA-916-1}
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3461
+CVE-2017-3461 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3834-1 DLA-916-1}
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3460
+CVE-2017-3460 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3459
+CVE-2017-3459 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3458
+CVE-2017-3458 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3457
+CVE-2017-3457 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3456
+CVE-2017-3456 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3455
+CVE-2017-3455 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3454
+CVE-2017-3454 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3453
+CVE-2017-3453 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3452
+CVE-2017-3452 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
-CVE-2017-3451
+CVE-2017-3451 (Vulnerability in the Oracle Retail Open Commerce Platform component of ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3450
+CVE-2017-3450 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 CVE-2017-3449
@@ -42922,328 +42922,328 @@ CVE-2017-3448
 	RESERVED
 CVE-2017-3447
 	REJECTED
-CVE-2017-3446
+CVE-2017-3446 (Vulnerability in the Oracle Trade Management component of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3445
+CVE-2017-3445 (Vulnerability in the Oracle Trade Management component of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3444
+CVE-2017-3444 (Vulnerability in the Oracle Trade Management component of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3443
+CVE-2017-3443 (Vulnerability in the Oracle Common Applications component of Oracle E- ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3442
+CVE-2017-3442 (Vulnerability in the Oracle Customer Interaction History component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3441
+CVE-2017-3441 (Vulnerability in the Oracle Customer Interaction History component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3440
+CVE-2017-3440 (Vulnerability in the Oracle Customer Interaction History component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3439
+CVE-2017-3439 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3438
+CVE-2017-3438 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3437
+CVE-2017-3437 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3436
+CVE-2017-3436 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3435
+CVE-2017-3435 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3434
+CVE-2017-3434 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3433
+CVE-2017-3433 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3432
+CVE-2017-3432 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3431
+CVE-2017-3431 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3430
+CVE-2017-3430 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3429
+CVE-2017-3429 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3428
+CVE-2017-3428 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3427
+CVE-2017-3427 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3426
+CVE-2017-3426 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3425
+CVE-2017-3425 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3424
+CVE-2017-3424 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3423
+CVE-2017-3423 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3422
+CVE-2017-3422 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3421
+CVE-2017-3421 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3420
+CVE-2017-3420 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3419
+CVE-2017-3419 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3418
+CVE-2017-3418 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3417
+CVE-2017-3417 (Vulnerability in the Oracle Universal Work Queue component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3416
+CVE-2017-3416 (Vulnerability in the Oracle Universal Work Queue component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3415
+CVE-2017-3415 (Vulnerability in the Oracle Universal Work Queue component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3414
+CVE-2017-3414 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3413
+CVE-2017-3413 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3412
+CVE-2017-3412 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3411
+CVE-2017-3411 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3410
+CVE-2017-3410 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3409
+CVE-2017-3409 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3408
+CVE-2017-3408 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3407
+CVE-2017-3407 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3406
+CVE-2017-3406 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3405
+CVE-2017-3405 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3404
+CVE-2017-3404 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3403
+CVE-2017-3403 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3402
+CVE-2017-3402 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3401
+CVE-2017-3401 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3400
+CVE-2017-3400 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3399
+CVE-2017-3399 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3398
+CVE-2017-3398 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3397
+CVE-2017-3397 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3396
+CVE-2017-3396 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3395
+CVE-2017-3395 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3394
+CVE-2017-3394 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3393
+CVE-2017-3393 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3392
+CVE-2017-3392 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3391
+CVE-2017-3391 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3390
+CVE-2017-3390 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3389
+CVE-2017-3389 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3388
+CVE-2017-3388 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3387
+CVE-2017-3387 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3386
+CVE-2017-3386 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3385
+CVE-2017-3385 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3384
+CVE-2017-3384 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3383
+CVE-2017-3383 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3382
+CVE-2017-3382 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3381
+CVE-2017-3381 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3380
+CVE-2017-3380 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3379
+CVE-2017-3379 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3378
+CVE-2017-3378 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3377
+CVE-2017-3377 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3376
+CVE-2017-3376 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3375
+CVE-2017-3375 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3374
+CVE-2017-3374 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3373
+CVE-2017-3373 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3372
+CVE-2017-3372 (Vulnerability in the Oracle Interaction Blending component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3371
+CVE-2017-3371 (Vulnerability in the Oracle iSupport component of Oracle E-Business Su ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3370
+CVE-2017-3370 (Vulnerability in the Oracle iSupport component of Oracle E-Business Su ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3369
+CVE-2017-3369 (Vulnerability in the Oracle iSupport component of Oracle E-Business Su ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3368
+CVE-2017-3368 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3367
+CVE-2017-3367 (Vulnerability in the Oracle Knowledge Management component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3366
+CVE-2017-3366 (Vulnerability in the Oracle Knowledge Management component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3365
+CVE-2017-3365 (Vulnerability in the Oracle Knowledge Management component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3364
+CVE-2017-3364 (Vulnerability in the Oracle Knowledge Management component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3363
+CVE-2017-3363 (Vulnerability in the Oracle Knowledge Management component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3362
+CVE-2017-3362 (Vulnerability in the Oracle Knowledge Management component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3361
+CVE-2017-3361 (Vulnerability in the Oracle Installed Base component of Oracle E-Busin ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3360
+CVE-2017-3360 (Vulnerability in the Oracle Customer Intelligence component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3359
+CVE-2017-3359 (Vulnerability in the Oracle Customer Intelligence component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3358
+CVE-2017-3358 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3357
+CVE-2017-3357 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3356
+CVE-2017-3356 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3355
+CVE-2017-3355 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3354
+CVE-2017-3354 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3353
+CVE-2017-3353 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3352
+CVE-2017-3352 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3351
+CVE-2017-3351 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3350
+CVE-2017-3350 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3349
+CVE-2017-3349 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3348
+CVE-2017-3348 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3347
+CVE-2017-3347 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3346
+CVE-2017-3346 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3345
+CVE-2017-3345 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3344
+CVE-2017-3344 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3343
+CVE-2017-3343 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3342
+CVE-2017-3342 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3341
+CVE-2017-3341 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3340
+CVE-2017-3340 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3339
+CVE-2017-3339 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3338
+CVE-2017-3338 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3337
+CVE-2017-3337 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3336
+CVE-2017-3336 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3335
+CVE-2017-3335 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3334
+CVE-2017-3334 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3333
+CVE-2017-3333 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3332
+CVE-2017-3332 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.14-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3331
+CVE-2017-3331 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3330
+CVE-2017-3330 (Vulnerability in the Siebel UI Framework component of Oracle Siebel CR ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2017-3329
+CVE-2017-3329 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3834-1 DLA-916-1}
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3328
+CVE-2017-3328 (Vulnerability in the Oracle Common Applications component of Oracle E- ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3327
+CVE-2017-3327 (Vulnerability in the Oracle Common Applications component of Oracle E- ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3326
+CVE-2017-3326 (Vulnerability in the Oracle Common Applications component of Oracle E- ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3325
+CVE-2017-3325 (Vulnerability in the Siebel UI Framework component of Oracle Siebel CR ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2017-3324
+CVE-2017-3324 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle Primavera
-CVE-2017-3323
+CVE-2017-3323 (Vulnerability in the MySQL Cluster component of Oracle MySQL (subcompo ...)
 	NOT-FOR-US: MySQL Cluster
-CVE-2017-3322
+CVE-2017-3322 (Vulnerability in the MySQL Cluster component of Oracle MySQL (subcompo ...)
 	NOT-FOR-US: MySQL Cluster
-CVE-2017-3321
+CVE-2017-3321 (Vulnerability in the MySQL Cluster component of Oracle MySQL (subcompo ...)
 	NOT-FOR-US: MySQL Cluster
-CVE-2017-3320
+CVE-2017-3320 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3319
+CVE-2017-3319 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3318
+CVE-2017-3318 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3317
+CVE-2017-3317 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3316
+CVE-2017-3316 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.14-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3315
+CVE-2017-3315 (Vulnerability in the PeopleSoft Enterprise HCM ePerformance component  ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2017-3314
+CVE-2017-3314 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2017-3313
+CVE-2017-3313 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3809-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3312
+CVE-2017-3312 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3311
+CVE-2017-3311 (Vulnerability in the Application Testing Suite component of Oracle Ent ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3310
+CVE-2017-3310 (Vulnerability in the OJVM component of Oracle Database Server. Support ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3309
+CVE-2017-3309 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3308
+CVE-2017-3308 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3944-1 DSA-3834-1 DLA-916-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.18-1 (bug #860547)
 	- mysql-5.5 <removed> (bug #860544)
-CVE-2017-3307
+CVE-2017-3307 (Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQ ...)
 	NOT-FOR-US: MySQL Enterprise Monitor
-CVE-2017-3306
+CVE-2017-3306 (Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQ ...)
 	NOT-FOR-US: MySQL Enterprise Monitor
-CVE-2017-3305
+CVE-2017-3305 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3834-1 DLA-916-1}
 	- mysql-5.7 <not-affected> (Fixed before the initial release to Debian)
 	- mysql-5.5 <removed> (bug #860544)
@@ -43255,11 +43255,11 @@ CVE-2017-3305
 	NOTE: opening CVE-2017-3305.
 	NOTE: Cf. https://bugzilla.redhat.com/show_bug.cgi?id=1217506#c22
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/17/4
-CVE-2017-3304
+CVE-2017-3304 (Vulnerability in the MySQL Cluster component of Oracle MySQL (subcompo ...)
 	- mysql-cluster <itp> (bug #833356)
-CVE-2017-3303
+CVE-2017-3303 (Vulnerability in the Oracle XML Gateway component of Oracle E-Business ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3302
+CVE-2017-3302 (Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x bef ...)
 	{DSA-3834-1 DSA-3809-1 DLA-916-1 DLA-819-1}
 	- mariadb-10.1 10.1.23-1
 	- mariadb-10.0 <removed>
@@ -43271,132 +43271,132 @@ CVE-2017-3302
 	NOTE: https://bugs.mysql.com/bug.php?id=70429
 	NOTE: https://bugs.mysql.com/bug.php?id=63363
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/28/1
-CVE-2017-3301
+CVE-2017-3301 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3300
+CVE-2017-3300 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2017-3299
+CVE-2017-3299 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2017-3298
+CVE-2017-3298 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2017-3297
+CVE-2017-3297 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracl ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2017-3296
+CVE-2017-3296 (Vulnerability in the Oracle Commerce Platform component of Oracle Comm ...)
 	NOT-FOR-US: Oracle Commerce
-CVE-2017-3295
+CVE-2017-3295 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3294
+CVE-2017-3294 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3293
+CVE-2017-3293 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3292
+CVE-2017-3292 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle PeopleSoft
-CVE-2017-3291
+CVE-2017-3291 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3290
+CVE-2017-3290 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.1.14-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2017-3289
+CVE-2017-3289 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
-CVE-2017-3288
+CVE-2017-3288 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3287
+CVE-2017-3287 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3286
+CVE-2017-3286 (Vulnerability in the Oracle Applications DBA component of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3285
+CVE-2017-3285 (Vulnerability in the Oracle Service Fulfillment Manager component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3284
+CVE-2017-3284 (Vulnerability in the Oracle Service Fulfillment Manager component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3283
+CVE-2017-3283 (Vulnerability in the Oracle Partner Management component of Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3282
+CVE-2017-3282 (Vulnerability in the Oracle Partner Management component of Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3281
+CVE-2017-3281 (Vulnerability in the Oracle Partner Management component of Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3280
+CVE-2017-3280 (Vulnerability in the Oracle Partner Management component of Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3279
+CVE-2017-3279 (Vulnerability in the Oracle Leads Management component of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3278
+CVE-2017-3278 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3277
+CVE-2017-3277 (Vulnerability in the Oracle Applications Manager component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3276
+CVE-2017-3276 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3275
+CVE-2017-3275 (Vulnerability in the Oracle Email Center component of Oracle E-Busines ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3274
+CVE-2017-3274 (Vulnerability in the Oracle Email Center component of Oracle E-Busines ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3273
+CVE-2017-3273 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2017-3272
+CVE-2017-3272 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3271
+CVE-2017-3271 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3270
+CVE-2017-3270 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3269
+CVE-2017-3269 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3268
+CVE-2017-3268 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3267
+CVE-2017-3267 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3266
+CVE-2017-3266 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3265
+CVE-2017-3265 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3264
+CVE-2017-3264 (Vulnerability in the Siebel UI Framework component of Oracle Siebel CR ...)
 	NOT-FOR-US: Oracle Siebel
-CVE-2017-3263
+CVE-2017-3263 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle Primavera
-CVE-2017-3262
+CVE-2017-3262 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-8 <not-affected> (specific to Oracle Java)
-CVE-2017-3261
+CVE-2017-3261 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3260
+CVE-2017-3260 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
-CVE-2017-3259
+CVE-2017-3259 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2017-3258
+CVE-2017-3258 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3257
+CVE-2017-3257 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3770-1}
 	- mariadb-10.2 <removed> (bug #884065)
 	- mariadb-10.1 10.1.21-1 (bug #851759)
@@ -43404,98 +43404,98 @@ CVE-2017-3257
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
-CVE-2017-3256
+CVE-2017-3256 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3255
+CVE-2017-3255 (Vulnerability in the Oracle JDeveloper component of Oracle Fusion Midd ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3254
+CVE-2017-3254 (Vulnerability in the Oracle Retail Invoice Matching component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3253
+CVE-2017-3253 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3252
+CVE-2017-3252 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3251
+CVE-2017-3251 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
-CVE-2017-3250
+CVE-2017-3250 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-3249
+CVE-2017-3249 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-3248
+CVE-2017-3248 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3247
+CVE-2017-3247 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
-CVE-2017-3246
+CVE-2017-3246 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3245
+CVE-2017-3245 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracl ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2017-3244
+CVE-2017-3244 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3243
+CVE-2017-3243 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.5)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3242
+CVE-2017-3242 (Vulnerability in the Oracle VM Server for Sparc component of Oracle Su ...)
 	NOT-FOR-US: Solaris
-CVE-2017-3241
+CVE-2017-3241 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3240
+CVE-2017-3240 (Vulnerability in the RDBMS Security component of Oracle Database Serve ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3239
+CVE-2017-3239 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	- glassfish <not-affected> (Only affects 3.x)
-CVE-2017-3238
+CVE-2017-3238 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-3770-1 DSA-3767-1 DLA-797-1}
 	- mariadb-10.1 10.1.21-1 (bug #851759)
 	- mariadb-10.0 <removed> (bug #851755)
 	- mysql-5.7 5.7.17-1 (bug #851235)
 	- mysql-5.6 5.6.35-1 (bug #851234)
 	- mysql-5.5 <removed> (bug #851233)
-CVE-2017-3237
+CVE-2017-3237 (Vulnerability in the Automatic Service Request (ASR) component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3236
+CVE-2017-3236 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2017-3235
+CVE-2017-3235 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle FLEXCUBE
-CVE-2017-3234
+CVE-2017-3234 (Vulnerability in the Automatic Service Request (ASR) component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3233
+CVE-2017-3233 (Vulnerability in the Automatic Service Request (ASR) component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3232
+CVE-2017-3232 (Vulnerability in the Automatic Service Request (ASR) component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2017-3231
+CVE-2017-3231 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-3782-1 DLA-821-1}
 	- openjdk-8 8u121-b13-1
 	[experimental] - openjdk-7 7u121-2.6.8-2
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2017-3230
+CVE-2017-3230 (Vulnerability in the Oracle Fusion Middleware MapViewer component of O ...)
 	NOT-FOR-US: Oracle
 CVE-2017-3229
 	REJECTED
@@ -43503,7 +43503,7 @@ CVE-2017-3228
 	REJECTED
 CVE-2017-3227
 	RESERVED
-CVE-2017-3226
+CVE-2017-3226 (Das U-Boot is a device bootloader that can read its configuration from ...)
 	- u-boot <unfixed> (unimportant)
 	[wheezy] - u-boot <not-affected> (Vulnerable code do not exist)
 	NOTE: jessie+ no built targets use ENV_AES by default, but fw_printenv/fw_setenv
@@ -43511,7 +43511,7 @@ CVE-2017-3226
 	NOTE: it in future versions.
 	NOTE: https://www.kb.cert.org/vuls/id/166743
 	NOTE: Negligible security impact
-CVE-2017-3225
+CVE-2017-3225 (Das U-Boot is a device bootloader that can read its configuration from ...)
 	- u-boot <unfixed> (unimportant)
 	[wheezy] - u-boot <not-affected> (Vulnerable code do not exist)
 	NOTE: jessie+ no built targets use ENV_AES by default, but fw_printenv/fw_setenv
@@ -43519,103 +43519,103 @@ CVE-2017-3225
 	NOTE: it in future versions.
 	NOTE: https://www.kb.cert.org/vuls/id/166743
 	NOTE: Negligible security impact
-CVE-2017-3224
+CVE-2017-3224 (Open Shortest Path First (OSPF) protocol implementations may improperl ...)
 	- quagga <unfixed> (low; bug #871617)
 	[buster] - quagga <no-dsa> (Minor issue)
 	[stretch] - quagga <no-dsa> (Minor issue)
 	[jessie] - quagga <no-dsa> (Minor issue)
 	[wheezy] - quagga <no-dsa> (Minor issue)
 	NOTE: http://www.kb.cert.org/vuls/id/793496
-CVE-2017-3223
+CVE-2017-3223 (Dahua IP camera products using firmware versions prior to V2.400.0000. ...)
 	NOT-FOR-US: Dahua IP camera products
-CVE-2017-3222
+CVE-2017-3222 (Hard-coded credentials in AmosConnect 8 allow remote attackers to gain ...)
 	NOT-FOR-US: AmosConnect
-CVE-2017-3221
+CVE-2017-3221 (Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote ...)
 	NOT-FOR-US: AmosConnect
 CVE-2017-3220
 	RESERVED
-CVE-2017-3219
+CVE-2017-3219 (Acronis True Image up to and including version 2017 Build 8053 perform ...)
 	NOT-FOR-US: Acronis True Image
-CVE-2017-3218
+CVE-2017-3218 (Samsung Magician 5.0 fails to validate TLS certificates for HTTPS soft ...)
 	NOT-FOR-US: Samsung
-CVE-2017-3217
+CVE-2017-3217 (CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text me ...)
 	NOT-FOR-US: CalAmp LMU 3030 series OBD-II CDMA and GSM devices
-CVE-2017-3216
+CVE-2017-3216 (WiMAX routers based on the MediaTek SDK (libmtk) that use a custom htt ...)
 	NOT-FOR-US: WiMAX routers
-CVE-2017-3215
+CVE-2017-3215 (The Milwaukee ONE-KEY Android mobile application uses bearer tokens wi ...)
 	NOT-FOR-US: Milwaukee ONE-KEY Android mobile application
-CVE-2017-3214
+CVE-2017-3214 (The Milwaukee ONE-KEY Android mobile application stores the master tok ...)
 	NOT-FOR-US: Milwaukee ONE-KEY Android mobile application
-CVE-2017-3213
+CVE-2017-3213 (The Think Mutual Bank Mobile Banking app 3.1.5 for iOS does not verify ...)
 	NOT-FOR-US: Think Mutual Bank Mobile Banking app
-CVE-2017-3212
+CVE-2017-3212 (The Space Coast Credit Union Mobile app 2.2 for iOS and 2.1.0.1104 for ...)
 	NOT-FOR-US: Space Coast Credit Union Mobile app
 CVE-2017-3211
 	RESERVED
-CVE-2017-3210
+CVE-2017-3210 (Applications developed using the Portrait Display SDK, versions 2.30 t ...)
 	NOT-FOR-US: Portrait Display SDK
-CVE-2017-3209
+CVE-2017-3209 (The DBPOWER U818A WIFI quadcopter drone provides FTP access over its o ...)
 	NOT-FOR-US: DBPOWER U818A WIFI quadcopter drone
-CVE-2017-3208
+CVE-2017-3208 (The Java implementation of AMF3 deserializers used by WebORB for Java  ...)
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3207
+CVE-2017-3207 (The Java implementations of AMF3 deserializers in WebORB for Java by M ...)
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3206
+CVE-2017-3206 (The Java implementation of AMF3 deserializers used by Flamingo amf-ser ...)
 	NOT-FOR-US: AMF3 deserialisers
 CVE-2017-3205
 	RESERVED
-CVE-2017-3204
+CVE-2017-3204 (The Go SSH library (x/crypto/ssh) by default does not verify host keys ...)
 	- golang-go.crypto 1:0.0~git20170407.0.55a552f+REALLY.0.0~git20161012.0.5f31782-1 (bug #859655)
 	[jessie] - golang-go.crypto <no-dsa> (In jessie no rdeps using SSH, that version doesn't even support host key validation)
 	NOTE: https://github.com/golang/crypto/commit/e4e2799dd7aab89f583e1d898300d96367750991
 	NOTE: https://github.com/golang/go/issues/19767
-CVE-2017-3203
+CVE-2017-3203 (The Java implementations of AMF3 deserializers in Pivotal/Spring Sprin ...)
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3202
+CVE-2017-3202 (The Java implementation of AMF3 deserializers used in Flamingo amf-ser ...)
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3201
+CVE-2017-3201 (The Java implementation of AMF3 deserializers used in Flamingo amf-ser ...)
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3200
+CVE-2017-3200 (The Java implementation of AMF3 deserializers used in GraniteDS, versi ...)
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3199
+CVE-2017-3199 (The Java implementation of GraniteDS, version 3.1.1.GA, AMF3 deseriali ...)
 	NOT-FOR-US: AMF3 deserialisers
-CVE-2017-3198
+CVE-2017-3198 (GIGABYTE BRIX UEFI firmware does not cryptographically validate images ...)
 	NOT-FOR-US: GIGABYTE
-CVE-2017-3197
+CVE-2017-3197 (GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 (version F6) and GB- ...)
 	NOT-FOR-US: GIGABYTE
-CVE-2017-3196
+CVE-2017-3196 (PCAUSA Rawether framework does not properly validate BPF data, allowin ...)
 	NOT-FOR-US: PCAUSA Rawether
-CVE-2017-3195
+CVE-2017-3195 (Commvault Edge Communication Service (cvd) prior to version 11 SP7 or  ...)
 	NOT-FOR-US: Commvault Edge Communication Service
-CVE-2017-3194
+CVE-2017-3194 (Pandora iOS app prior to version 8.3.2 fails to properly validate SSL  ...)
 	NOT-FOR-US: Pandora iOS app
-CVE-2017-3193
+CVE-2017-3193 (Multiple D-Link devices including the DIR-850L firmware versions 1.14B ...)
 	NOT-FOR-US: D-Link
-CVE-2017-3192
+CVE-2017-3192 (D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 ...)
 	NOT-FOR-US: D-Link
-CVE-2017-3191
+CVE-2017-3191 (D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 ...)
 	NOT-FOR-US: D-Link
-CVE-2017-3190
+CVE-2017-3190 (Flash Seats Mobile App for Android version 1.7.9 and earlier and for i ...)
 	NOT-FOR-US: Flash Seats Mobile App
-CVE-2017-3189
+CVE-2017-3189 (The dotCMS administration panel, versions 3.7.1 and earlier, "Push Pub ...)
 	NOT-FOR-US: dotCMS
-CVE-2017-3188
+CVE-2017-3188 (The dotCMS administration panel, versions 3.7.1 and earlier, "Push Pub ...)
 	NOT-FOR-US: dotCMS
-CVE-2017-3187
+CVE-2017-3187 (The dotCMS administration panel, versions 3.7.1 and earlier, are vulne ...)
 	NOT-FOR-US: dotCMS
-CVE-2017-3186
+CVE-2017-3186 (ACTi cameras including the D, B, I, and E series using firmware versio ...)
 	NOT-FOR-US: ACTi cameras
-CVE-2017-3185
+CVE-2017-3185 (ACTi cameras including the D, B, I, and E series using firmware versio ...)
 	NOT-FOR-US: ACTi cameras
-CVE-2017-3184
+CVE-2017-3184 (ACTi cameras including the D, B, I, and E series using firmware versio ...)
 	NOT-FOR-US: ACTi cameras
-CVE-2017-3183
+CVE-2017-3183 (Sage XRT Treasury, version 3, fails to properly restrict database acce ...)
 	NOT-FOR-US: Sage XRT Treasury
-CVE-2017-3182
+CVE-2017-3182 (On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail t ...)
 	NOT-FOR-US: ThreatMetrix SDK
-CVE-2017-3181
+CVE-2017-3181 (Multiple TIBCO Products are prone to multiple unspecified SQL-injectio ...)
 	NOT-FOR-US: TIBCO
-CVE-2017-3180
+CVE-2017-3180 (Multiple TIBCO Products are prone to multiple unspecified cross-site s ...)
 	NOT-FOR-US: TIBCO
 CVE-2017-3179
 	REJECTED
@@ -43637,57 +43637,57 @@ CVE-2017-3171
 	REJECTED
 CVE-2017-3170
 	REJECTED
-CVE-2017-3169
+CVE-2017-3169 (In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl m ...)
 	{DSA-3896-1 DLA-1009-1}
 	- apache2 2.4.25-4
 CVE-2017-3168
 	REJECTED
-CVE-2017-3167
+CVE-2017-3167 (In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of th ...)
 	{DSA-3896-1 DLA-1009-1}
 	- apache2 2.4.25-4
-CVE-2017-3166
+CVE-2017-3166 (In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-al ...)
 	- hadoop <itp> (bug #793644)
-CVE-2017-3165
+CVE-2017-3165 (In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cro ...)
 	NOT-FOR-US: Apache Brooklyn
-CVE-2017-3164
+CVE-2017-3164 (Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (in ...)
 	- lucene-solr <unfixed> (unimportant; bug #922242)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-12770
-CVE-2017-3163
+CVE-2017-3163 (When using the Index Replication feature, Apache Solr nodes can pull i ...)
 	{DSA-4124-1 DLA-1046-1}
 	- lucene-solr 3.6.2+dfsg-11 (bug #867712)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-10031
 	NOTE: https://github.com/apache/lucene-solr/commit/ae789c252687dc8a18bfdb677f2e6cd14570e4db
-CVE-2017-3162
+CVE-2017-3162 (HDFS clients interact with a servlet on the DataNode to browse the HDF ...)
 	- hadoop <itp> (bug #793644)
-CVE-2017-3161
+CVE-2017-3161 (The HDFS web UI in Apache Hadoop before 2.7.0 is vulnerable to a cross ...)
 	- hadoop <itp> (bug #793644)
-CVE-2017-3160
+CVE-2017-3160 (After the Android platform is added to Cordova the first time, or afte ...)
 	NOT-FOR-US: Apache Cordova
-CVE-2017-3159
+CVE-2017-3159 (Apache Camel's camel-snakeyaml component is vulnerable to Java object  ...)
 	NOT-FOR-US: Apache Camel
-CVE-2017-3158
+CVE-2017-3158 (A race condition in Guacamole's terminal emulator in versions 0.9.5 th ...)
 	- guacamole-client <unfixed> (bug #891798)
 	[stretch] - guacamole-client <no-dsa> (Minor issue)
 	[jessie] - guacamole-client <no-dsa> (Minor issue)
 	- guacamole <removed>
 	[wheezy] - guacamole <not-affected> (Version not vulnerable)
-CVE-2017-3157
+CVE-2017-3157 (By exploiting the way Apache OpenOffice before 4.1.4 renders embedded  ...)
 	{DSA-3792-1 DLA-910-1}
 	- libreoffice 1:5.2.3-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/
-CVE-2017-3156
+CVE-2017-3156 (The OAuth2 Hawk and JOSE MAC Validation code in Apache CXF prior to 3. ...)
 	NOT-FOR-US: Apache CXF
-CVE-2017-3155
+CVE-2017-3155 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found ...)
 	NOT-FOR-US: Apache Atlas
-CVE-2017-3154
+CVE-2017-3154 (Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0- ...)
 	NOT-FOR-US: Apache Atlas
-CVE-2017-3153
+CVE-2017-3153 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found ...)
 	NOT-FOR-US: Apache Atlas
-CVE-2017-3152
+CVE-2017-3152 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found ...)
 	NOT-FOR-US: Apache Atlas
-CVE-2017-3151
+CVE-2017-3151 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found ...)
 	NOT-FOR-US: Apache Atlas
-CVE-2017-3150
+CVE-2017-3150 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookie ...)
 	NOT-FOR-US: Apache Atlas
 CVE-2017-3149
 	RESERVED
@@ -43697,13 +43697,13 @@ CVE-2017-3147
 	RESERVED
 CVE-2017-3146
 	RESERVED
-CVE-2017-3145
+CVE-2017-3145 (BIND was improperly sequencing cleanup operations on upstream recursio ...)
 	{DSA-4089-1 DLA-1255-1}
 	- bind9 1:9.11.2.P1-1
 	NOTE: https://kb.isc.org/article/AA-01542
 	NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=053b51c4dbd28f6e4de71ce4268a6f606025d76d
 	NOTE: Fixed by (9.10.6-P1): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=55baf7d7e25c0e6444cb7e415f14d9e0819b5508
-CVE-2017-3144
+CVE-2017-3144 (A vulnerability stemming from failure to properly clean up closed OMAP ...)
 	{DSA-4133-1}
 	- isc-dhcp 4.3.5-3.1 (bug #887413)
 	[wheezy] - isc-dhcp <no-dsa> (Minor issue)
@@ -43711,20 +43711,20 @@ CVE-2017-3144
 	NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=46767
 	NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=1a6b62fe17a42b00fa234d06b6dfde3d03451894
 	NOTE: Fixes for 4.3.6p1: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=99a25aedea02d9c259cb8fabf4be700fb32571a3
-CVE-2017-3143
+CVE-2017-3143 (An attacker who is able to send and receive messages to an authoritati ...)
 	{DSA-3904-1 DLA-1025-1}
 	- bind9 1:9.10.3.dfsg.P4-12.4 (bug #866564)
 	NOTE: https://kb.isc.org/article/AA-01503
 	NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=581c1526ab0f74a177980da9ff0514f795ed8669
-CVE-2017-3142
+CVE-2017-3142 (An attacker who is able to send and receive messages to an authoritati ...)
 	{DSA-3904-1 DLA-1025-1}
 	- bind9 1:9.10.3.dfsg.P4-12.4 (bug #866564)
 	NOTE: https://kb.isc.org/article/AA-01504
 	NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=581c1526ab0f74a177980da9ff0514f795ed8669
-CVE-2017-3141
+CVE-2017-3141 (The BIND installer on Windows uses an unquoted service path which can  ...)
 	- bind9 <not-affected> (Affects only Windows systems)
 	NOTE: https://kb.isc.org/article/AA-01496
-CVE-2017-3140
+CVE-2017-3140 (If named is configured to use Response Policy Zones (RPZ) an error pro ...)
 	- bind9 <not-affected> (Upstream change #4377 not backported/included)
 	NOTE: https://kb.isc.org/article/AA-01495
 	NOTE: Fixed by (master): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=2648c49be78568ba9f4123d22122f2a649e2e1b7
@@ -43734,7 +43734,7 @@ CVE-2017-3140
 CVE-2017-3139
 	RESERVED
 	- bind9 <not-affected> (RHEL6 specific)
-CVE-2017-3138
+CVE-2017-3138 (named contains a feature which allows operators to issue commands to a ...)
 	{DSA-3854-1 DLA-957-1}
 	- bind9 1:9.10.3.dfsg.P4-12.3 (bug #860226)
 	NOTE: https://kb.isc.org/article/AA-01471
@@ -43744,7 +43744,7 @@ CVE-2017-3138
 	NOTE: commands was added only in 9.11.0 and before existing commands permitted
 	NOTE: over the control channel were already be given to cause the server to stop.
 	NOTE: The CVE-2017-3138 is barely an issue in practice anyway.
-CVE-2017-3137
+CVE-2017-3137 (Mistaken assumptions about the ordering of records in the answer secti ...)
 	{DSA-3854-1 DLA-957-1}
 	- bind9 1:9.10.3.dfsg.P4-12.3 (bug #860225)
 	NOTE: https://kb.isc.org/article/AA-01466
@@ -43752,598 +43752,598 @@ CVE-2017-3137
 	NOTE: Fixed by (9.10.x): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=69fd759b4aa02047e42e5cf4227f8257c4547988
 	NOTE: Fixed by (9.10.x): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=6841d7b854c15df9ec56cab38da201b315bbcabb (reimplentation)
 	NOTE: Fixed by (9.10.x): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=7ab9e8e00775782d474522a5b2bffba8daefefa5 (regression fix)
-CVE-2017-3136
+CVE-2017-3136 (A query with a specific set of characteristics could cause a server us ...)
 	{DSA-3854-1 DLA-957-1}
 	- bind9 1:9.10.3.dfsg.P4-12.3 (bug #860224)
 	NOTE: https://kb.isc.org/article/AA-01465
 	NOTE: Fixed by (9.10.x): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=764240ca07ab1b796226d5402ccd9fbfa77ec32a
-CVE-2017-3135
+CVE-2017-3135 (Under some conditions when using both DNS64 and RPZ to rewrite query r ...)
 	{DSA-3795-1 DLA-843-1}
 	- bind9 1:9.10.3.dfsg.P4-12 (bug #855520)
 	NOTE: https://kb.isc.org/article/AA-01453
 	NOTE: Patch for 9.9.9-P6: ftp://ftp.isc.org/isc/bind9/9.9.9-P6/patches/rt44434
-CVE-2017-3134
+CVE-2017-3134 (An escalation of privilege vulnerability in Fortinet FortiWLC-SD versi ...)
 	NOT-FOR-US: Fortinet FortiWLC-SD
-CVE-2017-3133
+CVE-2017-3133 (A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6. ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-3132
+CVE-2017-3132 (A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6. ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-3131
+CVE-2017-3131 (A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4. ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-3130
+CVE-2017-3130 (An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4 ...)
 	NOT-FOR-US: Fortinet
-CVE-2017-3129
+CVE-2017-3129 (A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7 ...)
 	NOT-FOR-US: Fortinet FortiWeb
-CVE-2017-3128
+CVE-2017-3128 (A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS  ...)
 	NOT-FOR-US: Fortinet FortiOS
-CVE-2017-3127
+CVE-2017-3127 (A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 throu ...)
 	NOT-FOR-US: Fortinet
-CVE-2017-3126
+CVE-2017-3126 (An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through ...)
 	NOT-FOR-US: Fortinet FortiAnalyzer
-CVE-2017-3125
+CVE-2017-3125 (An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and  ...)
 	NOT-FOR-US: FortiMail
-CVE-2017-3124
+CVE-2017-3124 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3123
+CVE-2017-3123 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3122
+CVE-2017-3122 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3121
+CVE-2017-3121 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3120
+CVE-2017-3120 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3119
+CVE-2017-3119 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3118
+CVE-2017-3118 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3117
+CVE-2017-3117 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3116
+CVE-2017-3116 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3115
+CVE-2017-3115 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3114
+CVE-2017-3114 (An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier v ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3113
+CVE-2017-3113 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3112
+CVE-2017-3112 (An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier v ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3111
+CVE-2017-3111 (An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3110
+CVE-2017-3110 (Adobe Experience Manager 6.1 and earlier has a sensitive data exposure ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3109
+CVE-2017-3109 (An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0 ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3108
+CVE-2017-3108 (Adobe Experience Manager 6.2 and earlier has a malicious file executio ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3107
+CVE-2017-3107 (Adobe Experience Manager 6.3 and earlier has a misconfiguration vulner ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3106
+CVE-2017-3106 (Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3105
+CVE-2017-3105 (Adobe RoboHelp has an Open Redirect vulnerability. This affects versio ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3104
+CVE-2017-3104 (Adobe RoboHelp has a cross-site scripting (XSS) vulnerability. This af ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3103
+CVE-2017-3103 (Adobe Connect versions 9.6.1 and earlier have a stored cross-site scri ...)
 	NOT-FOR-US: Adobe Connect
-CVE-2017-3102
+CVE-2017-3102 (Adobe Connect versions 9.6.1 and earlier have a reflected cross-site s ...)
 	NOT-FOR-US: Adobe Connect
-CVE-2017-3101
+CVE-2017-3101 (Adobe Connect versions 9.6.1 and earlier have a clickjacking vulnerabi ...)
 	NOT-FOR-US: Adobe Connect
-CVE-2017-3100
+CVE-2017-3100 (Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3099
+CVE-2017-3099 (Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3098
+CVE-2017-3098 (Adobe Captivate versions 9 and earlier have a remote code execution vu ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3097
+CVE-2017-3097 (Adobe Digital Editions versions 4.5.4 and earlier contain an insecure  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3096
+CVE-2017-3096 (Adobe Digital Editions versions 4.5.4 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3095
+CVE-2017-3095 (Adobe Digital Editions versions 4.5.4 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3094
+CVE-2017-3094 (Adobe Digital Editions versions 4.5.4 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3093
+CVE-2017-3093 (Adobe Digital Editions versions 4.5.4 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3092
+CVE-2017-3092 (Adobe Digital Editions versions 4.5.4 and earlier contain an insecure  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3091
+CVE-2017-3091 (Adobe Digital Editions 4.5.4 and earlier versions 4.5.4 and earlier ha ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3090
+CVE-2017-3090 (Adobe Digital Editions versions 4.5.4 and earlier contain an insecure  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3089
+CVE-2017-3089 (Adobe Digital Editions versions 4.5.4 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3088
+CVE-2017-3088 (Adobe Digital Editions versions 4.5.4 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3087
+CVE-2017-3087 (Adobe Captivate versions 9 and earlier have an information disclosure  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3086
+CVE-2017-3086 (Adobe Shockwave versions 12.2.8.198 and earlier have an exploitable me ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3085
+CVE-2017-3085 (Adobe Flash Player versions 26.0.0.137 and earlier have a security byp ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3084
+CVE-2017-3084 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3083
+CVE-2017-3083 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3082
+CVE-2017-3082 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3081
+CVE-2017-3081 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3080
+CVE-2017-3080 (Adobe Flash Player versions 26.0.0.131 and earlier have a security byp ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3079
+CVE-2017-3079 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3078
+CVE-2017-3078 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3077
+CVE-2017-3077 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3076
+CVE-2017-3076 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3075
+CVE-2017-3075 (Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3074
+CVE-2017-3074 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3073
+CVE-2017-3073 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3072
+CVE-2017-3072 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3071
+CVE-2017-3071 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3070
+CVE-2017-3070 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3069
+CVE-2017-3069 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3068
+CVE-2017-3068 (Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3067
+CVE-2017-3067 (Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an informat ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3066
+CVE-2017-3066 (Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3065
+CVE-2017-3065 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3064
+CVE-2017-3064 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3063
+CVE-2017-3063 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3062
+CVE-2017-3062 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3061
+CVE-2017-3061 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3060
+CVE-2017-3060 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3059
+CVE-2017-3059 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3058
+CVE-2017-3058 (Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3057
+CVE-2017-3057 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3056
+CVE-2017-3056 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3055
+CVE-2017-3055 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3054
+CVE-2017-3054 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3053
+CVE-2017-3053 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3052
+CVE-2017-3052 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3051
+CVE-2017-3051 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3050
+CVE-2017-3050 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3049
+CVE-2017-3049 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3048
+CVE-2017-3048 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3047
+CVE-2017-3047 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3046
+CVE-2017-3046 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3045
+CVE-2017-3045 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3044
+CVE-2017-3044 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3043
+CVE-2017-3043 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3042
+CVE-2017-3042 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3041
+CVE-2017-3041 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3040
+CVE-2017-3040 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3039
+CVE-2017-3039 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3038
+CVE-2017-3038 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3037
+CVE-2017-3037 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3036
+CVE-2017-3036 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3035
+CVE-2017-3035 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3034
+CVE-2017-3034 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3033
+CVE-2017-3033 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3032
+CVE-2017-3032 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3031
+CVE-2017-3031 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3030
+CVE-2017-3030 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3029
+CVE-2017-3029 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3028
+CVE-2017-3028 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3027
+CVE-2017-3027 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3026
+CVE-2017-3026 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3025
+CVE-2017-3025 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3024
+CVE-2017-3024 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3023
+CVE-2017-3023 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3022
+CVE-2017-3022 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3021
+CVE-2017-3021 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3020
+CVE-2017-3020 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3019
+CVE-2017-3019 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3018
+CVE-2017-3018 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3017
+CVE-2017-3017 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3016
+CVE-2017-3016 (Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3015
+CVE-2017-3015 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3014
+CVE-2017-3014 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3013
+CVE-2017-3013 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3012
+CVE-2017-3012 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3011
+CVE-2017-3011 (Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and ea ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-3010
+CVE-2017-3010 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3009
+CVE-2017-3009 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3008
+CVE-2017-3008 (Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 an ...)
 	NOT-FOR-US: Adobe
-CVE-2017-3007
+CVE-2017-3007 (Adobe Thor versions 3.9.5.353 and earlier have a vulnerability in the  ...)
 	NOT-FOR-US: Adobe Thor
-CVE-2017-3006
+CVE-2017-3006 (Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related ...)
 	NOT-FOR-US: Adobe Thor
-CVE-2017-3005
+CVE-2017-3005 (Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17 ...)
 	NOT-FOR-US: Adobe Photoshop
-CVE-2017-3004
+CVE-2017-3004 (Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17 ...)
 	NOT-FOR-US: Adobe Photoshop
-CVE-2017-3003
+CVE-2017-3003 (Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3002
+CVE-2017-3002 (Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3001
+CVE-2017-3001 (Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-3000
+CVE-2017-3000 (Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerabilit ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2999
+CVE-2017-2999 (Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2998
+CVE-2017-2998 (Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2997
+CVE-2017-2997 (Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2996
+CVE-2017-2996 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2995
+CVE-2017-2995 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2994
+CVE-2017-2994 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2993
+CVE-2017-2993 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2992
+CVE-2017-2992 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2991
+CVE-2017-2991 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2990
+CVE-2017-2990 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2989
+CVE-2017-2989 (Adobe Campaign versions Build 8770 and earlier have an input validatio ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2988
+CVE-2017-2988 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2987
+CVE-2017-2987 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2986
+CVE-2017-2986 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2985
+CVE-2017-2985 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2984
+CVE-2017-2984 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2983
+CVE-2017-2983 (Adobe Shockwave versions 12.2.7.197 and earlier have an insecure libra ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2982
+CVE-2017-2982 (Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2981
+CVE-2017-2981 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2980
+CVE-2017-2980 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2979
+CVE-2017-2979 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2978
+CVE-2017-2978 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2977
+CVE-2017-2977 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2976
+CVE-2017-2976 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2975
+CVE-2017-2975 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2974
+CVE-2017-2974 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2973
+CVE-2017-2973 (Adobe Digital Editions versions 4.5.3 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2972
+CVE-2017-2972 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2971
+CVE-2017-2971 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2970
+CVE-2017-2970 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2969
+CVE-2017-2969 (Adobe Campaign versions 16.4 Build 8724 and earlier have a cross-site  ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2968
+CVE-2017-2968 (Adobe Campaign versions 16.4 Build 8724 and earlier have a code inject ...)
 	NOT-FOR-US: Adobe
-CVE-2017-2967
+CVE-2017-2967 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2966
+CVE-2017-2966 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2965
+CVE-2017-2965 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2964
+CVE-2017-2964 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2963
+CVE-2017-2963 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2962
+CVE-2017-2962 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2961
+CVE-2017-2961 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2960
+CVE-2017-2960 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2959
+CVE-2017-2959 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2958
+CVE-2017-2958 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2957
+CVE-2017-2957 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2956
+CVE-2017-2956 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2955
+CVE-2017-2955 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2954
+CVE-2017-2954 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2953
+CVE-2017-2953 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2952
+CVE-2017-2952 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2951
+CVE-2017-2951 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2950
+CVE-2017-2950 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2949
+CVE-2017-2949 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2948
+CVE-2017-2948 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2947
+CVE-2017-2947 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2946
+CVE-2017-2946 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2945
+CVE-2017-2945 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2944
+CVE-2017-2944 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2943
+CVE-2017-2943 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2942
+CVE-2017-2942 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2941
+CVE-2017-2941 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2940
+CVE-2017-2940 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2939
+CVE-2017-2939 (Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 a ...)
 	NOT-FOR-US: Adobe Acrobat Reader
-CVE-2017-2938
+CVE-2017-2938 (Adobe Flash Player versions 24.0.0.186 and earlier have a security byp ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2937
+CVE-2017-2937 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2936
+CVE-2017-2936 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2935
+CVE-2017-2935 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2934
+CVE-2017-2934 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2933
+CVE-2017-2933 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2932
+CVE-2017-2932 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2931
+CVE-2017-2931 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2930
+CVE-2017-2930 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2929
+CVE-2017-2929 (Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a DOM ...)
 	NOT-FOR-US: Adobe Acrobat Chrome extension
-CVE-2017-2928
+CVE-2017-2928 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2927
+CVE-2017-2927 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2926
+CVE-2017-2926 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2925
+CVE-2017-2925 (Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2017-2924
+CVE-2017-2924 (An exploitable heap-based buffer overflow vulnerability exists in the  ...)
 	{DSA-3976-1 DLA-1098-1}
 	- freexl 1.0.4-1 (bug #875691)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0431
 	NOTE: https://www.gaia-gis.it/fossil/freexl/ci/40c17539ea56f0d8
-CVE-2017-2923
+CVE-2017-2923 (An exploitable heap based buffer overflow vulnerability exists in the  ...)
 	{DSA-3976-1 DLA-1098-1}
 	- freexl 1.0.4-1 (bug #875690)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0430
 	NOTE: https://www.gaia-gis.it/fossil/freexl/ci/40c17539ea56f0d8
-CVE-2017-2922
+CVE-2017-2922 (An exploitable memory corruption vulnerability exists in the Websocket ...)
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2921
+CVE-2017-2921 (An exploitable memory corruption vulnerability exists in the Websocket ...)
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2920
+CVE-2017-2920 (An memory corruption vulnerability exists in the .SVG parsing function ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2017-2919
+CVE-2017-2919 (An exploitable stack based buffer overflow vulnerability exists in the ...)
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2 (bug #895564)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0426
-CVE-2017-2918
+CVE-2017-2918 (An exploitable integer overflow exists in the Image loading functional ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: :https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0425
-CVE-2017-2917
+CVE-2017-2917 (An exploitable vulnerability exists in the notifications functionality ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2916
+CVE-2017-2916 (An exploitable vulnerability exists in the /api/CONFIG/restore functio ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2915
+CVE-2017-2915 (An exploitable vulnerability exists in the WiFi configuration function ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2914
+CVE-2017-2914 (An exploitable authentication bypass vulnerability exists in the API d ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2913
+CVE-2017-2913 (An exploitable vulnerability exists in the filtering functionality of  ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2912
+CVE-2017-2912 (An exploitable vulnerability exists in the remote control functionalit ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2911
+CVE-2017-2911 (An exploitable vulnerability exists in the remote control functionalit ...)
 	NOT-FOR-US: Circle with Disney
 CVE-2017-2910
 	RESERVED
-CVE-2017-2909
+CVE-2017-2909 (An infinite loop programming error exists in the DNS server functional ...)
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2908
+CVE-2017-2908 (An exploitable integer overflow exists in the thumbnail functionality  ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/07aed404cfb2759f97c60b9f64d8a9392dabaf1a
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0415
-CVE-2017-2907
+CVE-2017-2907 (An exploitable integer overflow exists in the animation playing functi ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0414
-CVE-2017-2906
+CVE-2017-2906 (An exploitable integer overflow exists in the animation playing functi ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0413
-CVE-2017-2905
+CVE-2017-2905 (An exploitable integer overflow exists in the bmp loading functionalit ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0412
-CVE-2017-2904
+CVE-2017-2904 (An exploitable integer overflow exists in the RADIANCE loading functio ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0411
-CVE-2017-2903
+CVE-2017-2903 (An exploitable integer overflow exists in the DPX loading functionalit ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0410
-CVE-2017-2902
+CVE-2017-2902 (An exploitable integer overflow exists in the DPX loading functionalit ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0409
-CVE-2017-2901
+CVE-2017-2901 (An exploitable integer overflow exists in the IRIS loading functionali ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/829916f4e57a2d1580ff3b625f6bb909b9144a20
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0408
-CVE-2017-2900
+CVE-2017-2900 (An exploitable integer overflow exists in the PNG loading functionalit ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0407
-CVE-2017-2899
+CVE-2017-2899 (An exploitable integer overflow exists in the TIFF loading functionali ...)
 	{DSA-4248-1 DLA-1465-1}
 	- blender 2.79.a+dfsg0-1
 	[wheezy] - blender <ignored> (Vulnerable but not ignored)
 	NOTE: https://git.blender.org/gitweb/gitweb.cgi/blender.git/commit/d30cc1ea0b9ba64d8a1e22105528b6cb8077692c
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0406
-CVE-2017-2898
+CVE-2017-2898 (An exploitable vulnerability exists in the signature verification of t ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2897
+CVE-2017-2897 (An exploitable out-of-bounds write vulnerability exists in the read_MS ...)
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2 (bug #895564)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0404
-CVE-2017-2896
+CVE-2017-2896 (An exploitable out-of-bounds write vulnerability exists in the xls_mer ...)
 	{DSA-4173-1}
 	- r-cran-readxl 1.0.0-2 (bug #895564)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0403
-CVE-2017-2895
+CVE-2017-2895 (An exploitable arbitrary memory read vulnerability exists in the MQTT  ...)
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2894
+CVE-2017-2894 (An exploitable stack buffer overflow vulnerability exists in the MQTT  ...)
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2893
+CVE-2017-2893 (An exploitable NULL pointer dereference vulnerability exists in the MQ ...)
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2892
+CVE-2017-2892 (An exploitable arbitrary memory read vulnerability exists in the MQTT  ...)
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2891
+CVE-2017-2891 (An exploitable use-after-free vulnerability exists in the HTTP server  ...)
 	- smplayer 18.5.0~ds1-1 (bug #898943)
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2017-2890
+CVE-2017-2890 (An exploitable vulnerability exists in the /api/CONFIG/restore functio ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2889
+CVE-2017-2889 (An exploitable Denial of Service vulnerability exists in the API daemo ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2888
+CVE-2017-2888 (An exploitable integer overflow vulnerability exists when creating a n ...)
 	- libsdl2 2.0.6+dfsg1-4 (bug #878264)
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	[jessie] - libsdl2 <no-dsa> (Minor issue)
@@ -44351,170 +44351,170 @@ CVE-2017-2888
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0395
 	NOTE: https://hg.libsdl.org/SDL/rev/7e0f1498ddb5
 	NOTE: https://hg.libsdl.org/SDL/rev/81a4950907a0
-CVE-2017-2887
+CVE-2017-2887 (An exploitable buffer overflow vulnerability exists in the XCF propert ...)
 	{DSA-4184-1 DSA-4177-1 DLA-1134-1}
 	- libsdl2-image 2.0.1+dfsg-4 (bug #878266)
 	- sdl-image1.2 1.2.12-7 (bug #878267)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0394
 	NOTE: https://hg.libsdl.org/SDL_image/rev/318484db0705
-CVE-2017-2886
+CVE-2017-2886 (A memory corruption vulnerability exists in the .PSD parsing functiona ...)
 	NOT-FOR-US: ACDSee Ultimate
-CVE-2017-2885
+CVE-2017-2885 (An exploitable stack based buffer overflow vulnerability exists in the ...)
 	{DSA-3929-1}
 	- libsoup2.4 2.56.1-1 (bug #871650)
 	[wheezy] - libsoup2.4 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=785774
-CVE-2017-2884
+CVE-2017-2884 (An exploitable vulnerability exists in the user photo update functiona ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2883
+CVE-2017-2883 (An exploitable vulnerability exists in the database update functionali ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2882
+CVE-2017-2882 (An exploitable vulnerability exists in the servers update functionalit ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2881
+CVE-2017-2881 (An exploitable vulnerability exists in the torlist update functionalit ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2880
+CVE-2017-2880 (An memory corruption vulnerability exists in the .GIF parsing function ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2017-2879
+CVE-2017-2879 (An exploitable buffer overflow vulnerability exists in the UPnP implem ...)
 	NOT-FOR-US: Foscam
-CVE-2017-2878
+CVE-2017-2878 (An exploitable buffer overflow vulnerability exists in the web managem ...)
 	NOT-FOR-US: Foscam
-CVE-2017-2877
+CVE-2017-2877 (A missing error check exists in the Multi-Camera interface used by the ...)
 	NOT-FOR-US: Foscam
-CVE-2017-2876
+CVE-2017-2876 (An exploitable buffer overflow vulnerability exists in the Multi-Camer ...)
 	NOT-FOR-US: Foscam
-CVE-2017-2875
+CVE-2017-2875 (An exploitable buffer overflow vulnerability exists in the Multi-Camer ...)
 	NOT-FOR-US: Foscam
-CVE-2017-2874
+CVE-2017-2874 (An information disclosure vulnerability exists in the Multi-Camera int ...)
 	NOT-FOR-US: Foscam
-CVE-2017-2873
+CVE-2017-2873 (An exploitable command injection vulnerability exists in the web manag ...)
 	NOT-FOR-US: Foscam
-CVE-2017-2872
+CVE-2017-2872 (Insufficient security checks exist in the recovery procedure used by t ...)
 	NOT-FOR-US: Foscam
-CVE-2017-2871
+CVE-2017-2871 (Insufficient security checks exist in the recovery procedure used by t ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2870
+CVE-2017-2870 (An exploitable integer overflow vulnerability exists in the tiff_image ...)
 	- gdk-pixbuf 2.36.10-1 (unimportant; bug #873787)
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=31a6cff3dfc6944aad4612a9668b8ad39122e48b
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=770986
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780269
 	NOTE: Built with GCC in Debian, which doesn't remove the check
-CVE-2017-2869
+CVE-2017-2869 (An exploitable code execution vulnerability exists in the OpenProducer ...)
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2868
+CVE-2017-2868 (An exploitable code execution vulnerability exists in the NewProducerS ...)
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2867
+CVE-2017-2867 (An exploitable code execution vulnerability exists in the SavePatientM ...)
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2866
+CVE-2017-2866 (An exploitable vulnerability exists in the /api/CONFIG/backup function ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2865
+CVE-2017-2865 (An exploitable vulnerability exists in the firmware update functionali ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2864
+CVE-2017-2864 (An exploitable vulnerability exists in the generation of authenticatio ...)
 	NOT-FOR-US: Circle with Disney
-CVE-2017-2863
+CVE-2017-2863 (An out-of-bounds write vulnerability exists in the PDF parsing functio ...)
 	NOT-FOR-US: Iceni Infix
-CVE-2017-2862
+CVE-2017-2862 (An exploitable heap overflow vulnerability exists in the gdk_pixbuf__j ...)
 	{DSA-3978-1 DLA-1100-1}
 	- gdk-pixbuf 2.36.10-1 (bug #874552)
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=c2a40a92fe3df4111ed9da51fe3368c079b86926
 	NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6dd89e126a277460faafc1f679db44ccf78446fb
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=784866
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0366
-CVE-2017-2861
+CVE-2017-2861 (An exploitable Denial of Service vulnerability exists in the use of a  ...)
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2860
+CVE-2017-2860 (An exploitable denial-of-service vulnerability exists in the lookup en ...)
 	NOT-FOR-US: Natus Xltek NeuroWorks
 CVE-2017-2859
 	RESERVED
-CVE-2017-2858
+CVE-2017-2858 (An exploitable denial-of-service vulnerability exists in the traversal ...)
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2857
+CVE-2017-2857 (An exploitable buffer overflow vulnerability exists in the DDNS client ...)
 	NOT-FOR-US: Foscam
-CVE-2017-2856
+CVE-2017-2856 (An exploitable buffer overflow vulnerability exists in the DDNS client ...)
 	NOT-FOR-US: Foscam
-CVE-2017-2855
+CVE-2017-2855 (An exploitable buffer overflow vulnerability exists in the DDNS client ...)
 	NOT-FOR-US: Foscam
-CVE-2017-2854
+CVE-2017-2854 (An exploitable buffer overflow vulnerability exists in the DDNS client ...)
 	NOT-FOR-US: Foscam
-CVE-2017-2853
+CVE-2017-2853 (An exploitable Code Execution vulnerability exists in the RequestForPa ...)
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2852
+CVE-2017-2852 (An exploitable denial-of-service vulnerability exists in the unseriali ...)
 	NOT-FOR-US: Natus Xltek NeuroWorks
-CVE-2017-2851
+CVE-2017-2851 (In the web management interface in Foscam C1 Indoor HD cameras with ap ...)
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2850
+CVE-2017-2850 (In the web management interface in Foscam C1 Indoor HD cameras with ap ...)
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2849
+CVE-2017-2849 (In the web management interface in Foscam C1 Indoor HD cameras with ap ...)
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2848
+CVE-2017-2848 (In the web management interface in Foscam C1 Indoor HD cameras with ap ...)
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2847
+CVE-2017-2847 (In the web management interface in Foscam C1 Indoor HD cameras with ap ...)
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2846
+CVE-2017-2846 (In the web management interface in Foscam C1 Indoor HD cameras with ap ...)
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2845
+CVE-2017-2845 (An exploitable command injection vulnerability exists in the web manag ...)
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2844
+CVE-2017-2844 (In the web management interface in Foscam C1 Indoor HD cameras with ap ...)
 	NOT-FOR-US: Foscam C1 Indoor HD cameras
-CVE-2017-2843
+CVE-2017-2843 (In the web management interface in Foscam C1 Indoor HD Camera running  ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2842
+CVE-2017-2842 (In the web management interface in Foscam C1 Indoor HD Camera running  ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2841
+CVE-2017-2841 (An exploitable command injection vulnerability exists in the web manag ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2840
+CVE-2017-2840 (A buffer overflow vulnerability exists in the ISO parsing functionalit ...)
 	NOT-FOR-US: EZB Systems UltraISO
-CVE-2017-2839
+CVE-2017-2839 (An exploitable denial of service vulnerability exists within the handl ...)
 	{DSA-3923-1 DLA-1095-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0341
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
-CVE-2017-2838
+CVE-2017-2838 (An exploitable denial of service vulnerability exists within the handl ...)
 	{DSA-3923-1 DLA-1095-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0340
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
-CVE-2017-2837
+CVE-2017-2837 (An exploitable denial of service vulnerability exists within the handl ...)
 	{DSA-3923-1 DLA-1095-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0339
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
-CVE-2017-2836
+CVE-2017-2836 (An exploitable denial of service vulnerability exists within the readi ...)
 	{DSA-3923-1 DLA-1095-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0338
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
-CVE-2017-2835
+CVE-2017-2835 (An exploitable code execution vulnerability exists in the RDP receive  ...)
 	{DSA-3923-1 DLA-1095-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0337
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
-CVE-2017-2834
+CVE-2017-2834 (An exploitable code execution vulnerability exists in the authenticati ...)
 	{DSA-3923-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	[wheezy] - freerdp <not-affected> (vulnerable code not present)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0336
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
-CVE-2017-2833
+CVE-2017-2833 (An exploitable command injection vulnerability exists in the web manag ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2832
+CVE-2017-2832 (An exploitable command injection vulnerability exists in the web manag ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2831
+CVE-2017-2831 (An exploitable buffer overflow vulnerability exists in the web managem ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2830
+CVE-2017-2830 (An exploitable buffer overflow vulnerability exists in the web managem ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2829
+CVE-2017-2829 (An exploitable directory traversal vulnerability exists in the web man ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2828
+CVE-2017-2828 (An exploitable command injection vulnerability exists in the web manag ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2827
+CVE-2017-2827 (An exploitable command injection vulnerability exists in the web manag ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2826
+CVE-2017-2826 (An information disclosure vulnerability exists in the iConfig proxy re ...)
 	{DLA-1708-1}
 	- zabbix <unfixed> (low)
 	[buster] - zabbix <ignored> (Minor issue, workaround exists)
@@ -44524,36 +44524,36 @@ CVE-2017-2826
 	NOTE: https://support.zabbix.com/browse/ZBX-12076
 	NOTE: Workaround for Zabbix 3.0 exists: https://www.zabbix.com/documentation/3.0/manual/distributed_monitoring/proxies#configuration
 	NOTE: using encyrpted connections with the proxy.
-CVE-2017-2825
+CVE-2017-2825 (In the trapper functionality of Zabbix Server 2.4.x, specifically craf ...)
 	{DSA-3937-1}
 	- zabbix 1:3.0.7+dfsg-3 (bug #863584)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2017-0326/
 	NOTE: https://support.zabbix.com/browse/ZBX-12076
-CVE-2017-2824
+CVE-2017-2824 (An exploitable code execution vulnerability exists in the trapper comm ...)
 	{DSA-3937-1}
 	- zabbix 1:3.0.7+dfsg-3 (bug #863584)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2017-0325/
 	NOTE: https://support.zabbix.com/browse/ZBX-12075
-CVE-2017-2823
+CVE-2017-2823 (A use-after-free vulnerability exists in the .ISO parsing functionalit ...)
 	NOT-FOR-US: PowerISO
-CVE-2017-2822
+CVE-2017-2822 (An exploitable code execution vulnerability exists in the image render ...)
 	NOT-FOR-US: Lexmark
-CVE-2017-2821
+CVE-2017-2821 (An exploitable use-after-free exists in the PDF parsing functionality  ...)
 	NOT-FOR-US: Lexmark
-CVE-2017-2820
+CVE-2017-2820 (An exploitable integer overflow vulnerability exists in the JPEG 2000  ...)
 	- poppler <unfixed> (unimportant)
 	NOTE: Debian uses openjpeg for processing JPEG 2000 images, this advisory is
 	NOTE: against Ubuntu, which disables openjpeg due to being in universe
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0321
-CVE-2017-2819
+CVE-2017-2819 (An exploitable heap-based buffer overflow exists in the Hangul Word Pr ...)
 	NOT-FOR-US: Hancom Thinkfree Office NEO
-CVE-2017-2818
+CVE-2017-2818 (An exploitable heap overflow vulnerability exists in the image renderi ...)
 	- poppler <unfixed> (unimportant)
 	NOTE: Debian links against libjpeg which is unaffected
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319
-CVE-2017-2817
+CVE-2017-2817 (A stack buffer overflow vulnerability exists in the ISO parsing functi ...)
 	NOT-FOR-US: PowerISO
-CVE-2017-2816
+CVE-2017-2816 (An exploitable buffer overflow vulnerability exists in the tag parsing ...)
 	{DLA-1192-1}
 	- libofx 1:0.9.11-4 (bug #875801)
 	[stretch] - libofx 1:0.9.10-2+deb9u1
@@ -44561,27 +44561,27 @@ CVE-2017-2816
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0317
 	NOTE: https://github.com/libofx/libofx/commit/a70934eea95c76a7737b83773bffe8738935082d
 	NOTE: https://github.com/libofx/libofx/issues/9
-CVE-2017-2815
+CVE-2017-2815 (An exploitable XML entity injection vulnerability exists in OpenFire U ...)
 	NOT-FOR-US: OpenFire User Import Export Plugin
-CVE-2017-2814
+CVE-2017-2814 (An exploitable heap overflow vulnerability exists in the image renderi ...)
 	- poppler <unfixed> (unimportant)
 	NOTE: Debian links against libjpeg which is unaffected
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0319
-CVE-2017-2813
+CVE-2017-2813 (An exploitable integer overflow vulnerability exists in the JPEG 2000  ...)
 	NOT-FOR-US: IrfanView
-CVE-2017-2812
+CVE-2017-2812 (A code execution vulnerability exists in the kdu_buffered_expand funct ...)
 	NOT-FOR-US: Kakadu
-CVE-2017-2811
+CVE-2017-2811 (A code execution vulnerability exists in the Kakadu SDK 7.9's parsing  ...)
 	NOT-FOR-US: Kakadu
-CVE-2017-2810
+CVE-2017-2810 (An exploitable vulnerability exists in the Databook loading functional ...)
 	- python-tablib 0.9.11-3 (bug #864818)
 	[stretch] - python-tablib 0.9.11-2+deb8u1
 	[jessie] - python-tablib 0.9.11-2+deb8u1
 	NOTE: Fixed by: https://github.com/kennethreitz/tablib/commit/69abfc3ada5d754cb152119c0b4777043657cb6e
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0307
-CVE-2017-2809
+CVE-2017-2809 (An exploitable vulnerability exists in the yaml loading functionality  ...)
 	NOT-FOR-US: Ansible Vault
-CVE-2017-2808
+CVE-2017-2808 (An exploitable use-after-free vulnerability exists in the account pars ...)
 	- ledger 3.1.2+dfsg1-1 (low; bug #876659)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
@@ -44589,7 +44589,7 @@ CVE-2017-2808
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0304
 	NOTE: https://github.com/ledger/ledger/issues/1723
 	NOTE: https://github.com/ledger/ledger/commit/f3bad93db256db07b6cb831d4d24f47543f57e4a
-CVE-2017-2807
+CVE-2017-2807 (An exploitable buffer overflow vulnerability exists in the tag parsing ...)
 	- ledger 3.1.2+dfsg1-1 (low; bug #876660)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
@@ -44597,88 +44597,88 @@ CVE-2017-2807
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0303
 	NOTE: https://github.com/ledger/ledger/issues/1722
 	NOTE: https://github.com/ledger/ledger/commit/5682f377aed5b0db6b6c4a44b1d8868103b7e9f7
-CVE-2017-2806
+CVE-2017-2806 (An exploitable arbitrary read exists in the XLS parsing of the Lexmark ...)
 	NOT-FOR-US: Lexmark Perspective Document Filters conversion functionality
-CVE-2017-2805
+CVE-2017-2805 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Foscam C1 Indoor HD Camera
-CVE-2017-2804
+CVE-2017-2804 (A remote out of bound write vulnerability exists in the TIFF parsing f ...)
 	NOT-FOR-US: Core PHOTO-PAINT X8
-CVE-2017-2803
+CVE-2017-2803 (A remote out of bound write vulnerability exists in the TIFF parsing f ...)
 	NOT-FOR-US: Core PHOTO-PAINT X8
-CVE-2017-2802
+CVE-2017-2802 (An exploitable dll hijacking vulnerability exists in the poaService.ex ...)
 	NOT-FOR-US: Dell
-CVE-2017-2801
+CVE-2017-2801 (A programming error exists in a way Randombit Botan cryptographic libr ...)
 	{DSA-3939-1 DLA-915-1}
 	- botan1.10 1.10.16-1 (bug #860072)
 	NOTE: https://github.com/randombit/botan/commit/c927101675e5f63fc0bdd93c5a4825adc54323b4 (1.10.16)
 	NOTE: Bug introduced in 1.6.0 or earlier, fixed in 2.1.0 and 1.10.16
-CVE-2017-2800
+CVE-2017-2800 (A specially crafted x509 certificate can cause a single out of bounds  ...)
 	- wolfssl 3.12.0+dfsg-1 (bug #862154)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2017-0293/
-CVE-2017-2799
+CVE-2017-2799 (An exploitable heap corruption vulnerability exists in the AddSst func ...)
 	NOT-FOR-US: Antenna House DMC HTMLFilter
-CVE-2017-2798
+CVE-2017-2798 (An exploitable heap corruption vulnerability exists in the GetIndexArr ...)
 	NOT-FOR-US: Antenna House DMC HTMLFilter
-CVE-2017-2797
+CVE-2017-2797 (An exploitable heap overflow vulnerability exists in the ParseEnvironm ...)
 	NOT-FOR-US: Antenna House
 CVE-2017-2796
 	RESERVED
-CVE-2017-2795
+CVE-2017-2795 (An exploitable heap corruption vulnerability exists in the Txo functio ...)
 	NOT-FOR-US: Antenna House
-CVE-2017-2794
+CVE-2017-2794 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Antenna House
-CVE-2017-2793
+CVE-2017-2793 (An exploitable heap corruption vulnerability exists in the UnCompressU ...)
 	NOT-FOR-US: Antenna House
-CVE-2017-2792
+CVE-2017-2792 (An exploitable heap corruption vulnerability exists in the iBldDirInfo ...)
 	NOT-FOR-US: Antenna House
-CVE-2017-2791
+CVE-2017-2791 (JustSystems Ichitaro 2016 Trial contains a vulnerability that exists w ...)
 	NOT-FOR-US: JustSystems Ichitaro 2016 Trial
-CVE-2017-2790
+CVE-2017-2790 (When processing a record type of 0x3c from a Workbook stream from an E ...)
 	NOT-FOR-US: JustSystems Ichitaro Office
-CVE-2017-2789
+CVE-2017-2789 (When copying filedata into a buffer, JustSystems Ichitaro Office 2016  ...)
 	NOT-FOR-US: JustSystems Ichitaro Office 2016 Trial
-CVE-2017-2788
+CVE-2017-2788 (A buffer overflows exists in the psnotifyd application of the Pharos P ...)
 	NOT-FOR-US: Pharos PopUp Printer Client
-CVE-2017-2787
+CVE-2017-2787 (A buffer overflows exists in the psnotifyd application of the Pharos P ...)
 	NOT-FOR-US: Pharos PopUp Printer Client
-CVE-2017-2786
+CVE-2017-2786 (A denial of service vulnerability exists in the psnotifyd application  ...)
 	NOT-FOR-US: Pharos PopUp Printer Client
-CVE-2017-2785
+CVE-2017-2785 (An exploitable buffer overflow exists in the psnotifyd application of  ...)
 	NOT-FOR-US: Pharos PopUp Printer Client
-CVE-2017-2784
+CVE-2017-2784 (An exploitable free of a stack pointer vulnerability exists in the x50 ...)
 	- mbedtls 2.4.2-1 (bug #857560)
 	- polarssl <removed> (bug #857561)
 	[jessie] - polarssl 1.3.9-2.1+deb8u2
 	[wheezy] - polarssl <not-affected> (Vulnerable code not present)
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-01
 	NOTE: Wheezy do not have any elliptic curve functionality. Jessie is affected however.
-CVE-2017-2783
+CVE-2017-2783 (An exploitable heap corruption vulnerability exists in the FillRowForm ...)
 	NOT-FOR-US: AntennaHouse
-CVE-2017-2782
+CVE-2017-2782 (An integer overflow vulnerability exists in the X509 certificate parsi ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0278
-CVE-2017-2781
+CVE-2017-2781 (An exploitable heap buffer overflow vulnerability exists in the X509 c ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0277
-CVE-2017-2780
+CVE-2017-2780 (An exploitable heap buffer overflow vulnerability exists in the X509 c ...)
 	- matrixssl <removed>
 	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0276
-CVE-2017-2779
+CVE-2017-2779 (An exploitable memory corruption vulnerability exists in the RSRC segm ...)
 	NOT-FOR-US: Labview
 CVE-2017-2778
 	RESERVED
-CVE-2017-2777
+CVE-2017-2777 (An exploitable heap overflow vulnerability exists in the ipStringCreat ...)
 	NOT-FOR-US: Iceni Argus
 CVE-2017-2776
 	RESERVED
-CVE-2017-2775
+CVE-2017-2775 (An exploitable memory corruption vulnerability exists in the LvVariant ...)
 	NOT-FOR-US: Labview
 CVE-2017-2774
 	REJECTED
-CVE-2017-2773
+CVE-2017-2773 (An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions  ...)
 	NOT-FOR-US: Pivotal PCF Elastic Runtime
 CVE-2017-2772
 	REJECTED
@@ -44688,13 +44688,13 @@ CVE-2017-2770
 	REJECTED
 CVE-2017-2769
 	REJECTED
-CVE-2017-2768
+CVE-2017-2768 (EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configurati ...)
 	NOT-FOR-US: EMC Network Configuration Manager
-CVE-2017-2767
+CVE-2017-2767 (EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configurati ...)
 	NOT-FOR-US: EMC Network Configuration Manager
-CVE-2017-2766
+CVE-2017-2766 (EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 ...)
 	NOT-FOR-US: EMC Documentum eRoom
-CVE-2017-2765
+CVE-2017-2765 (EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1,  ...)
 	NOT-FOR-US: EMC Isilon InsightIQ
 CVE-2017-2764
 	RESERVED
@@ -44722,149 +44722,149 @@ CVE-2017-2753
 	RESERVED
 CVE-2017-2752
 	RESERVED
-CVE-2017-2751
+CVE-2017-2751 (A BIOS password extraction vulnerability has been reported on certain  ...)
 	NOT-FOR-US: firmware on HP notebooks
-CVE-2017-2750
+CVE-2017-2750 (Insufficient Solution DLL Signature Validation allows potential execut ...)
 	NOT-FOR-US: HP printers
 CVE-2017-2749
 	RESERVED
 CVE-2017-2748
 	RESERVED
-CVE-2017-2747
+CVE-2017-2747 (HP has identified a potential security vulnerability before IG_11_00_0 ...)
 	NOT-FOR-US: HP printers
-CVE-2017-2746
+CVE-2017-2746 (Potential security vulnerabilities have been identified with HP JetAdv ...)
 	NOT-FOR-US: HP JetAdvantage Security Manager
-CVE-2017-2745
+CVE-2017-2745 (Potential security vulnerabilities have been identified with HP JetAdv ...)
 	NOT-FOR-US: HP JetAdvantage Security Manager
-CVE-2017-2744
+CVE-2017-2744 (The vulnerability allows attacker to extract binaries into protected f ...)
 	NOT-FOR-US: HP Support Assistant
-CVE-2017-2743
+CVE-2017-2743 (HP has identified a potential security vulnerability with HP Enterpris ...)
 	NOT-FOR-US: HP printers
-CVE-2017-2742
+CVE-2017-2742 (A potential security vulnerability has been identified with HP Web Jet ...)
 	NOT-FOR-US: HP Web JetAdmin
-CVE-2017-2741
+CVE-2017-2741 (A potential security vulnerability has been identified with HP PageWid ...)
 	NOT-FOR-US: HP printers
-CVE-2017-2740
+CVE-2017-2740 (A potential security vulnerability has been identified with the comman ...)
 	NOT-FOR-US: HP ThinPro
-CVE-2017-2739
+CVE-2017-2739 (The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 v ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2738
+CVE-2017-2738 (VCM5010 with software versions earlier before V100R002C50SPC100 has an ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2737
+CVE-2017-2737 (VCM5010 with software versions earlier before V100R002C50SPC100 has an ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2736
+CVE-2017-2736 (VCM5010 with software versions earlier before V100R002C50SPC100 has a  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2735
+CVE-2017-2735 (TIT-AL00 smartphones with software versions earlier before TIT-AL00C58 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2734
+CVE-2017-2734 (P9 Plus smartphones with software versions earlier before VIE-AL10BC00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2733
+CVE-2017-2733 (Honor 6X smartphones with software versions earlier than BLN-AL10C00B3 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2732
+CVE-2017-2732 (Huawei Hilink APP Versions earlier before 5.0.25.306 has an informatio ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2731
+CVE-2017-2731 (The vibrator service in P9 Plus smart phones with software versions ea ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2730
+CVE-2017-2730 (HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and HUA ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2729
+CVE-2017-2729 (The boot loaders in Honor 5A smart phones with software Versions earli ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2728
+CVE-2017-2728 (Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier vers ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2727
+CVE-2017-2727 (Huawei P9 smart phones with software versions earlier before EVA-AL00C ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2726
+CVE-2017-2726 (Bastet in P10 Plus and P10 smart phones with software earlier than VKY ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2725
+CVE-2017-2725 (Bastet in P10 Plus and P10 smart phones with software earlier than VKY ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2724
+CVE-2017-2724 (Bastet in P10 Plus and P10 smart phones with software earlier than VKY ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2723
+CVE-2017-2723 (The Files APP 7.1.1.308 and earlier versions in some Huawei mobile pho ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2722
+CVE-2017-2722 (DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R00 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2721
+CVE-2017-2721 (Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C18 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2720
+CVE-2017-2720 (FusionSphere OpenStack V100R006C00 has an information exposure vulnera ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2719
+CVE-2017-2719 (FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 ha ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2718
+CVE-2017-2718 (FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 ha ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2717
+CVE-2017-2717 (honor 8 Pro with software Duke-L09C10B120 and earlier versions,Duke-L0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2716
+CVE-2017-2716 (The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 h ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2715
+CVE-2017-2715 (The Files APP 7.1.1.309 and earlier versions in some Huawei mobile pho ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2714
+CVE-2017-2714 (The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier ve ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2713
+CVE-2017-2713 (HUAWEI P9 smartphones with software versions earlier before EVA-L09C43 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2712
+CVE-2017-2712 (S3300 V100R006C05 have an Ethernet in the First Mile (EFM) flapping vu ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2711
+CVE-2017-2711 (P9 Plus smartphones with software earlier than VIE-AL10C00B352 version ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2710
+CVE-2017-2710 (BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2709
+CVE-2017-2709 (HiGame with software earlier than 7.3.0 versions, SkyTone with softwar ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2708
+CVE-2017-2708 (The 'Find Phone' function in Nice smartphones with software versions e ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2707
+CVE-2017-2707 (Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege esc ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2706
+CVE-2017-2706 (Mate 9 smartphones with software MHA-AL00AC00B125 have a directory tra ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2705
+CVE-2017-2705 (Huawei P9 smartphones with software versions earlier before EVA-AL10C0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2704
+CVE-2017-2704 (Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier v ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2703
+CVE-2017-2703 (Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earl ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2702
+CVE-2017-2702 (Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2701
+CVE-2017-2701 (Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vu ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2700
+CVE-2017-2700 (AC6005 with software V200R006C10, AC6605 with software V200R006C10 hav ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2699
+CVE-2017-2699 (The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versio ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2698
+CVE-2017-2698 (The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has bu ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2697
+CVE-2017-2697 (The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C4 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2696
+CVE-2017-2696 (The emerg_data driver in CAM-L21C10B130 and earlier versions, CAM-L21C ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2695
+CVE-2017-2695 (TIT-AL00C583B211 has a directory traversal vulnerability which allows  ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2694
+CVE-2017-2694 (The AlarmService component in HwVmall with software earlier than 1.5.2 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2693
+CVE-2017-2693 (ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versi ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2692
+CVE-2017-2692 (The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2691
+CVE-2017-2691 (Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier be ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2690
+CVE-2017-2690 (SoftCo with software V200R003C20,eSpace U1910 with software V200R003C0 ...)
 	NOT-FOR-US: Huawei
-CVE-2017-2689
+CVE-2017-2689 (Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to  ...)
 	NOT-FOR-US: Siemens
-CVE-2017-2688
+CVE-2017-2688 (The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at ...)
 	NOT-FOR-US: Siemens
-CVE-2017-2687
+CVE-2017-2687 (Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability in the  ...)
 	NOT-FOR-US: Siemens
-CVE-2017-2686
+CVE-2017-2686 (Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that co ...)
 	NOT-FOR-US: Siemens
-CVE-2017-2685
+CVE-2017-2685 (Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 (incl ...)
 	NOT-FOR-US: Siemens
-CVE-2017-2684
+CVE-2017-2684 (Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attack ...)
 	NOT-FOR-US: Siemens
-CVE-2017-2683
+CVE-2017-2683 (A non-privileged user of the Siemens web application RUGGEDCOM NMS &lt ...)
 	NOT-FOR-US: Siemens
-CVE-2017-2682
+CVE-2017-2682 (The Siemens web application RUGGEDCOM NMS &lt; V1.2 on port 8080/TCP a ...)
 	NOT-FOR-US: Siemens
-CVE-2017-2681
+CVE-2017-2681 (A vulnerability has been identified in SIMATIC CP 343-1 Std (All versi ...)
 	NOT-FOR-US: Siemens
-CVE-2017-2680
+CVE-2017-2680 (SIEMENS SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP ...)
 	NOT-FOR-US: Siemens
 CVE-2017-2679
 	RESERVED
@@ -44874,55 +44874,55 @@ CVE-2017-2677
 	RESERVED
 CVE-2017-2676
 	RESERVED
-CVE-2017-2675
+CVE-2017-2675 (Little Snitch version 3.0 through 3.7.3 suffer from a local privilege  ...)
 	NOT-FOR-US: Little Snitch
-CVE-2017-2674
+CVE-2017-2674 (JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a stored X ...)
 	NOT-FOR-US: Red Hat business central
-CVE-2017-2673
+CVE-2017-2673 (An authorization-check flaw was discovered in federation configuration ...)
 	- keystone 2:10.0.0-9 (bug #861189)
 	[jessie] - keystone <not-affected> (Vulnerable code not present)
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1677723
-CVE-2017-2672
+CVE-2017-2672 (A flaw was found in foreman before version 1.15 in the logging of addi ...)
 	- foreman <itp> (bug #663101)
-CVE-2017-2671
+CVE-2017-2671 (The ping_unhash function in net/ipv4/ping.c in the Linux kernel throug ...)
 	{DLA-922-1}
 	- linux 4.9.25-1
 	[jessie] - linux 3.16.43-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/24/6
 	NOTE: Fixed by: https://git.kernel.org/linus/43a6684519ab0a6c52024b5e25322476cabad893
-CVE-2017-2670
+CVE-2017-2670 (It was found in Undertow before 1.3.28 that with non-clean TCP close,  ...)
 	{DSA-3906-1}
 	- undertow 1.4.18-1 (bug #864405)
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/9bfe9fbbb595d51157b61693f072895f7dbadd1d
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1035
-CVE-2017-2669
+CVE-2017-2669 (Dovecot before version 2.2.29 is vulnerable to a denial of service. Wh ...)
 	- dovecot 1:2.2.27-3 (bug #860049)
 	[jessie] - dovecot <not-affected> (Vulnerable code not present)
 	[wheezy] - dovecot <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://github.com/dovecot/core/commit/000030feb7a30f193197f1aab8a7b04a26b42735
 	NOTE: Introduced by: https://github.com/dovecot/core/commit/a3783f8a3c9cd816b51e77a922f82301512fcf22
-CVE-2017-2668
+CVE-2017-2668 (389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an  ...)
 	- 389-ds-base 1.3.5.17-1 (bug #860125)
 	[jessie] - 389-ds-base <not-affected> (Vulnerable code not present)
 	NOTE: CentOS fix: https://git.centos.org/raw/rpms!389-ds-base!/c9e5dad69e2b497f118efac56f43cc6c74b6a695/SOURCES!0072-fix-for-cve-2017-2668-simple-return-text-if-suffix-n.patch
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1436575
-CVE-2017-2667
+CVE-2017-2667 (Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not  ...)
 	- foreman <itp> (bug #663101)
-CVE-2017-2666
+CVE-2017-2666 (It was discovered in Undertow that the code that parsed the HTTP reque ...)
 	{DSA-3906-1}
 	- undertow 1.4.18-1 (bug #864405)
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1101
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/1e72647818c9fb31b693a953b1ae595a6c82eb7f
-CVE-2017-2665
+CVE-2017-2665 (The skyring-setup command creates random password for mongodb skyring  ...)
 	NOT-FOR-US: Red Hat Storage / skyring
-CVE-2017-2664
+CVE-2017-2664 (CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8. ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2017-2663
+CVE-2017-2663 (It was found that subscription-manager's DBus interface before 1.19.4  ...)
 	NOT-FOR-US: candlepin / subscription-manager
-CVE-2017-2662
+CVE-2017-2662 (A flaw was found in Foreman's katello plugin version 3.4.5. After sett ...)
 	- foreman <itp> (bug #663101)
-CVE-2017-2661
+CVE-2017-2661 (ClusterLabs pcs before version 0.9.157 is vulnerable to a cross-site s ...)
 	- pcs 0.9.155+dfsg-2 (bug #858379)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1428948
 	NOTE: https://github.com/ClusterLabs/pcs/commit/1874a769b5720ae5430f10c6cedd234430bc703f
@@ -44933,7 +44933,7 @@ CVE-2017-2659 [Information leak when given invalid username]
 	RESERVED
 	- dropbear 2013.60-1
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/d7784616409a#l1.86
-CVE-2017-2658
+CVE-2017-2658 (It was discovered that the Dashbuilder login page as used in Red Hat J ...)
 	NOT-FOR-US: JBoss BPMS
 CVE-2017-2657
 	RESERVED
@@ -44941,120 +44941,120 @@ CVE-2017-2656
 	REJECTED
 CVE-2017-2655
 	REJECTED
-CVE-2017-2654
+CVE-2017-2654 (jenkins-email-ext before version 2.57.1 is vulnerable to an Informatio ...)
 	NOT-FOR-US: jenkins-email-ext
-CVE-2017-2653
+CVE-2017-2653 (A number of unused delete routes are present in CloudForms before 5.7. ...)
 	NOT-FOR-US: Red Hat CloudForms
-CVE-2017-2652
+CVE-2017-2652 (It was found that there were no permission checks performed in the Dis ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-2651
+CVE-2017-2651 (jenkins-mailer-plugin before version 1.20 is vulnerable to an informat ...)
 	NOT-FOR-US: jenkins-mailer-plugin
-CVE-2017-2650
+CVE-2017-2650 (It was found that the use of Pipeline: Classpath Step Jenkins plugin e ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-2649
+CVE-2017-2649 (It was found that the Active Directory Plugin for Jenkins up to and in ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2017-2648
+CVE-2017-2648 (It was found that jenkins-ssh-slaves-plugin before version 1.15 did no ...)
 	NOT-FOR-US: jenkins-ssh-slaves-plugin
-CVE-2017-2647
+CVE-2017-2647 (The KEYS subsystem in the Linux kernel before 3.18 allows local users  ...)
 	{DLA-922-1}
 	- linux 4.0.2-1
 	[jessie] - linux 3.16.43-1
 	NOTE: Fixed by: https://git.kernel.org/linus/c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81 (v3.18-rc1)
-CVE-2017-2646
+CVE-2017-2646 (It was found that when Keycloak before 2.5.5 receives a Logout request ...)
 	NOT-FOR-US: Keycloak
-CVE-2017-2645
+CVE-2017-2645 (In Moodle 3.x, XSS can occur via attachments to evidence of prior lear ...)
 	- moodle <not-affected> (Only affects 3.2 to 3.2.1 and 3.1 to 3.1.4)
 	NOTE: https://tracker.moodle.org/browse/MDL-57597
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-57597
-CVE-2017-2644
+CVE-2017-2644 (In Moodle 3.x, XSS can occur via evidence of prior learning. ...)
 	- moodle <not-affected> (Only affects 3.2 to 3.2.1 and 3.1 to 3.1.4)
 	NOTE: https://tracker.moodle.org/browse/MDL-57596
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-57596
-CVE-2017-2643
+CVE-2017-2643 (In Moodle 3.2.x, global search displays user names for unauthenticated ...)
 	- moodle <not-affected> (Only affects 3.2 to 3.2.1)
 	NOTE: https://tracker.moodle.org/browse/MDL-56526
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-56526
-CVE-2017-2642
+CVE-2017-2642 (Moodle 3.x has user fullname disclosure on the user preferences page. ...)
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=355554
-CVE-2017-2641
+CVE-2017-2641 (In Moodle 2.x and 3.x, SQL injection can occur via user preferences. ...)
 	- moodle 2.7.19+dfsg-1
 	NOTE: https://tracker.moodle.org/browse/MDL-58010
 	NOTE: https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-58010
-CVE-2017-2640
+CVE-2017-2640 (An out-of-bounds write flaw was found in the way Pidgin before 2.12.0  ...)
 	{DSA-3806-1 DLA-853-1}
 	- pidgin 2.12.0-1 (bug #859159)
 	NOTE: https://www.pidgin.im/news/security/?id=109
 	NOTE: https://bitbucket.org/pidgin/main/commits/b2fc9e774cb9
-CVE-2017-2639
+CVE-2017-2639 (It was found that CloudForms does not verify that the server hostname  ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2017-2638
+CVE-2017-2638 (It was found that the REST API in Infinispan before version 9.0.0 did  ...)
 	NOT-FOR-US: infinispan
-CVE-2017-2637
+CVE-2017-2637 (A design flaw issue was found in the Red Hat OpenStack Platform direct ...)
 	NOT-FOR-US: Red Hat OpenStack Platform director
-CVE-2017-2636
+CVE-2017-2636 (Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.1 ...)
 	{DSA-3804-1 DLA-849-1}
 	- linux 4.9.16-1
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/07/6
 	NOTE: Fixed by: https://git.kernel.org/linus/82f2341c94d270421f383641b7cd670e474db56b (v4.11-rc2)
 	NOTE: https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html
-CVE-2017-2635
+CVE-2017-2635 (A NULL pointer deference flaw was found in the way libvirt from 2.5.0  ...)
 	- libvirt 3.0.0-3 (bug #856313)
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced later)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=c5f6151390ff0a8e65014172bb8c0a8d312c3353 (v3.0.0-rc1)
 	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=c3de387380f6057ee0e46cd9f2f0a092e8070875 (v3.1.0-rc1)
-CVE-2017-2634
+CVE-2017-2634 (It was found that the Linux kernel's Datagram Congestion Control Proto ...)
 	- linux <not-affected> (Fixed before initial rename to src:linux)
 	NOTE: Fixed by: https://git.kernel.org/linus/f53dc67c5e7babafe239b93a11678b0e05bead51 (2.6.25-rc1)
-CVE-2017-2633
+CVE-2017-2633 (An out-of-bounds memory access issue was found in Quick Emulator (QEMU ...)
 	- qemu 2.1+dfsg-1
 	[wheezy] - qemu <postponed> (Can be fixed along when more severe issues are being fixed)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <postponed> (Can be fixed along when more severe issues are being fixed)
 	NOTE: Upstream patch: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=bea60dd7679364493a0d7f5b54316c767cf894ef
 	NOTE: Upstream patch: http://git.qemu-project.org/?p=qemu.git;a=commit;h=9f64916da20eea67121d544698676295bbb105a7
-CVE-2017-2632
+CVE-2017-2632 (A logic error in valid_role() in CloudForms role validation before 5.7 ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
 CVE-2017-2631
 	RESERVED
-CVE-2017-2630
+CVE-2017-2630 (A stack buffer overflow flaw was found in the Quick Emulator (QEMU) be ...)
 	- qemu 1:2.8+dfsg-3 (bug #855227)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced in v2.8.0-rc0)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced in v2.8.0-rc0)
 	- qemu-kvm <not-affected> (Vulnerable code introduced later)
 	NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg01246.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1422415
-CVE-2017-2629
+CVE-2017-2629 (curl before 7.53.0 has an incorrect TLS Certificate Status Request ext ...)
 	- curl 7.52.1-3
 	[jessie] - curl <not-affected> (Vulnerable code introduced later)
 	[wheezy] - curl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/curl/curl/commit/ca6ea6d9be5102a2246dff6e17b3ee9ad4ec64d0
 	NOTE: Patch: https://curl.haxx.se/CVE-2017-2629.patch
 	NOTE: https://curl.haxx.se/docs/adv_20170222.html
-CVE-2017-2628
+CVE-2017-2628 (curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-5 ...)
 	- curl <not-affected> (Red Hat specific backport issue)
-CVE-2017-2627
+CVE-2017-2627 (A flaw was found in openstack-tripleo-common as shipped with Red Hat O ...)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1421917
 	NOT-FOR-US: RHEL packaging flaw for openstack
-CVE-2017-2626
+CVE-2017-2626 (It was discovered that libICE before 1.0.9-8 used a weak entropy to ge ...)
 	- libice 2:1.0.9-2 (bug #856400)
 	[jessie] - libice <no-dsa> (Minor issue, can be fixed in a point update or next DSA)
 	[wheezy] - libice <no-dsa> (Minor issue, can be fixed in a point update or next DSA)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
-CVE-2017-2625
+CVE-2017-2625 (It was discovered that libXdmcp before 1.1.2 including used weak entro ...)
 	- libxdmcp 1:1.1.2-2 (bug #856399)
 	[jessie] - libxdmcp <no-dsa> (Minor issue, can be fixed in a point update or next DSA)
 	[wheezy] - libxdmcp <no-dsa> (Minor issue, can be fixed in a point update or next DSA)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
-CVE-2017-2624
+CVE-2017-2624 (It was found that xorg-x11-server before 1.19.0 including uses memcmp( ...)
 	{DLA-1186-1}
 	- xorg-server 2:1.19.2-1 (low; bug #856398)
 	[jessie] - xorg-server 2:1.16.4-1+deb8u2
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
-CVE-2017-2623
+CVE-2017-2623 (It was discovered that rpm-ostree and rpm-ostree-client before 2017.3  ...)
 	NOT-FOR-US: Red Hat rpm-ostree
-CVE-2017-2622
+CVE-2017-2622 (An accessibility flaw was found in the OpenStack Workflow (mistral) se ...)
 	- mistral <not-affected> (Red Hat-specific)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1420992
 	NOTE: tracing the installation shows that mkdir -p /var/log/mistral
@@ -45062,10 +45062,10 @@ CVE-2017-2622
 	NOTE: permissions. But for Debian the final permissions seem to end
 	NOTE: to 0750, despite, owned by mistral:adm. Thus might need more
 	NOTE: investigation to determine the affected status.
-CVE-2017-2621
+CVE-2017-2621 (An access-control flaw was found in the OpenStack Orchestration (heat) ...)
 	- heat <not-affected> (heat-common postinst chmod's 0750 /var/log/heat)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1420990
-CVE-2017-2620
+CVE-2017-2620 (Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA E ...)
 	{DLA-1497-1 DLA-1270-1 DLA-845-1 DLA-842-1}
 	- qemu 1:2.8+dfsg-3 (bug #855791)
 	- qemu-kvm <removed>
@@ -45073,18 +45073,18 @@ CVE-2017-2620
 	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-209.html
 	NOTE: Qemu upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html
-CVE-2017-2619
+CVE-2017-2619 (Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a mali ...)
 	{DSA-3816-1 DLA-894-1}
 	- samba 2:4.5.6+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2017-2619.html
-CVE-2017-2618
+CVE-2017-2618 (A flaw was found in the Linux kernel's handling of clearing SELinux at ...)
 	{DSA-3791-1}
 	- linux 4.9.10-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/0c461cb727d146c9ef2d3e86214f498b78b7d125
-CVE-2017-2617
+CVE-2017-2617 (hawtio before version 1.5.5 is vulnerable to remote code execution via ...)
 	NOT-FOR-US: hawtio
-CVE-2017-2616
+CVE-2017-2616 (A race condition was found in util-linux before 2.32.1 in the way su h ...)
 	{DSA-3793-1 DLA-838-1}
 	- shadow 1:4.4-4 (bug #855943)
 	NOTE: https://github.com/shadow-maint/shadow/commit/08fd4b69e84364677a10e519ccb25b71710ee686
@@ -45093,128 +45093,128 @@ CVE-2017-2616
 	- coreutils 8.20-1 (unimportant)
 	NOTE: Coreutils: Removed from source in https://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=928dd737
 	NOTE: and not installed by default since 2007.
-CVE-2017-2615
+CVE-2017-2615 (Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator sup ...)
 	{DLA-1497-1 DLA-845-1 DLA-842-1}
 	- qemu 1:2.8+dfsg-3 (low; bug #854731)
 	NOTE: Introduced with: http://git.qemu.org/?p=qemu.git;a=commit;h=d3532a0db02296e687711b8cdc7791924efccea0 (which was the fix for CVE-2014-8106)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=62d4c6bd5263bb8413a06c80144fc678df6dfb64
-CVE-2017-2614
+CVE-2017-2614 (When updating a password in the rhvm database the ovirt-aaa-jdbc-tool  ...)
 	NOT-FOR-US: Red Hat ovirt-aaa-jdbc-tool tools
-CVE-2017-2613
+CVE-2017-2613 (jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation  ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2612
+CVE-2017-2612 (In Jenkins before versions 2.44, 2.32.2 low privilege users were able  ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2611
+CVE-2017-2611 (Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient  ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2610
+CVE-2017-2610 (jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cros ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2609
+CVE-2017-2609 (jenkins before versions 2.44, 2.32.2 is vulnerable to an information d ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2608
+CVE-2017-2608 (Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code ex ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2607
+CVE-2017-2607 (jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cros ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2606
+CVE-2017-2606 (Jenkins before versions 2.44, 2.32.2 is vulnerable to an information e ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
 CVE-2017-2605
 	REJECTED
-CVE-2017-2604
+CVE-2017-2604 (In Jenkins before versions 2.44, 2.32.2 low privilege users were able  ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2603
+CVE-2017-2603 (Jenkins before versions 2.44, 2.32.2 is vulnerable to a user data leak ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2602
+CVE-2017-2602 (jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blac ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2601
+CVE-2017-2601 (Jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cros ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2600
+CVE-2017-2600 (In jenkins before versions 2.44, 2.32.2 node monitor data could be vie ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2599
+CVE-2017-2599 (Jenkins before versions 2.44 and 2.32.2 is vulnerable to an insufficie ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
-CVE-2017-2598
+CVE-2017-2598 (Jenkins before versions 2.44, 2.32.2 uses AES ECB block cipher mode wi ...)
 	- jenkins <removed>
 	NOTE: https://jenkins.io/security/advisory/2017-02-01/
 CVE-2017-2597
 	RESERVED
-CVE-2017-2596
+CVE-2017-2596 (The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux ...)
 	{DSA-3791-1}
 	- linux 4.9.13-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.spinics.net/lists/kvm/msg144319.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1417812
-CVE-2017-2595
+CVE-2017-2595 (It was found that the log file viewer in Red Hat JBoss Enterprise Appl ...)
 	- wildfly <itp> (bug #752018)
-CVE-2017-2594
+CVE-2017-2594 (hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3,  ...)
 	NOT-FOR-US: hawtio
 CVE-2017-2593
 	RESERVED
-CVE-2017-2592
+CVE-2017-2592 (python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulner ...)
 	- python-oslo.middleware 3.19.0-3 (bug #852742)
 	NOTE: https://launchpad.net/bugs/1628031
-CVE-2017-2591
+CVE-2017-2591 (389-ds-base before version 1.3.6 is vulnerable to an improperly NULL t ...)
 	- 389-ds-base 1.3.5.15-2 (bug #851769)
 	[jessie] - 389-ds-base <not-affected> (Only affects 1.3.4.0 and later)
 	NOTE: https://fedorahosted.org/389/changeset/ffda694dd622b31277da07be76d3469fad86150f/
-CVE-2017-2590
+CVE-2017-2590 (A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, ...)
 	- freeipa <not-affected> (ca plugin introduced in 4.4)
 	NOTE: https://pagure.io/freeipa/issue/6713
 	NOTE: Fixed by (master): https://pagure.io/freeipa/c/b81ac59640f0b76fa9f53cf8be441f085a7089c4?branch=master
 	NOTE: Fixed by (ipa-4.4): https://pagure.io/freeipa/c/1aa314c79648c442473f19344387bfe11ec2141b?branch=ipa-4-4
-CVE-2017-2589
+CVE-2017-2589 (It was discovered that the hawtio servlet 1.4 uses a single HttpClient ...)
 	NOT-FOR-US: hawtio
 CVE-2017-2588
 	RESERVED
-CVE-2017-2587
+CVE-2017-2587 (A memory allocation vulnerability was found in netpbm before 10.61. A  ...)
 	- netpbm-free <not-affected> (vulnerable code not present)
 	NOTE: Debian uses an old fork of netpbm
 	NOTE: Fixed by http://pkgs.fedoraproject.org/cgit/rpms/netpbm.git/commit/?id=c16a8b893ed77fc3f6f2b382d0d47d03621ed328
-CVE-2017-2586
+CVE-2017-2586 (A null pointer dereference vulnerability was found in netpbm before 10 ...)
 	- netpbm-free <not-affected> (vulnerable code not present)
 	NOTE: Debian uses an old fork of netpbm
 	NOTE: Fixed by http://pkgs.fedoraproject.org/cgit/rpms/netpbm.git/commit/?id=c16a8b893ed77fc3f6f2b382d0d47d03621ed328
-CVE-2017-2585
+CVE-2017-2585 (Red Hat Keycloak before version 2.5.1 has an implementation of HMAC ve ...)
 	NOT-FOR-US: Keycloak
-CVE-2017-2584
+CVE-2017-2584 (arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local  ...)
 	{DSA-3791-1}
 	- linux 4.9.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.6-rc1)
 	NOTE: Upstream patch: https://www.spinics.net/lists/kvm/msg143571.html
 	NOTE: Fixed by: https://git.kernel.org/linus/129a72a0d3c8e139a04512325384fe5ac119e74d
-CVE-2017-2583
+CVE-2017-2583 (The load_segment_descriptor implementation in arch/x86/kvm/emulate.c i ...)
 	{DSA-3791-1}
 	- linux 4.9.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.6-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/33ab91103b3415e12457e3104f0e4517ce12d0f3
-CVE-2017-2582
+CVE-2017-2582 (It was found that while parsing the SAML messages the StaxParserUtil c ...)
 	NOT-FOR-US: Keycloak
-CVE-2017-2581
+CVE-2017-2581 (An out-of-bounds write vulnerability was found in netpbm before 10.61. ...)
 	- netpbm-free <undetermined> (bug #854978)
 	NOTE: Debian uses an old fork of netpbm
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/05/7
-CVE-2017-2580
+CVE-2017-2580 (An out-of-bounds write vulnerability was found in netpbm before 10.61. ...)
 	- netpbm-free <undetermined> (bug #854978)
 	NOTE: Debian uses an old fork of netpbm
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/05/7
-CVE-2017-2579
+CVE-2017-2579 (An out-of-bounds read vulnerability was found in netpbm before 10.61.  ...)
 	- netpbm-free <undetermined> (bug #854978)
 	NOTE: Debian uses an old fork of netpbm
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/05/7
 CVE-2017-2577
 	REJECTED
-CVE-2017-2575
+CVE-2017-2575 (A vulnerability was found while fuzzing libbpg 0.9.7. It is a NULL poi ...)
 	NOT-FOR-US: libbpg
 CVE-2017-2574
 	RESERVED
@@ -45262,620 +45262,620 @@ CVE-2017-2553
 	RESERVED
 CVE-2017-2552
 	RESERVED
-CVE-2017-2551
+CVE-2017-2551 (Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possib ...)
 	NOT-FOR-US: Wordpress plugin BackWPup
-CVE-2017-2550
+CVE-2017-2550 (Vulnerability in Easy Joomla Backup v3.2.4. The software creates a cop ...)
 	NOT-FOR-US: Easy Joomla Backup
-CVE-2017-2549
+CVE-2017-2549 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2548
+CVE-2017-2548 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2547
+CVE-2017-2547 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2546
+CVE-2017-2546 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2545
+CVE-2017-2545 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2544
+CVE-2017-2544 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2543
+CVE-2017-2543 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2542
+CVE-2017-2542 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2541
+CVE-2017-2541 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2540
+CVE-2017-2540 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2539
+CVE-2017-2539 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2538
+CVE-2017-2538 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.4-1 (unimportant)
 	[stretch] - webkit2gtk 2.16.6-0+deb9u1
 	NOTE: Not covered by security support
-CVE-2017-2537
+CVE-2017-2537 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2536
+CVE-2017-2536 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2535
+CVE-2017-2535 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2534
+CVE-2017-2534 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2533
+CVE-2017-2533 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
 CVE-2017-2532
 	RESERVED
-CVE-2017-2531
+CVE-2017-2531 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2530
+CVE-2017-2530 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
 CVE-2017-2529
 	RESERVED
-CVE-2017-2528
+CVE-2017-2528 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2527
+CVE-2017-2527 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2526
+CVE-2017-2526 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2525
+CVE-2017-2525 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2524
+CVE-2017-2524 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2523
+CVE-2017-2523 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2522
+CVE-2017-2522 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2521
+CVE-2017-2521 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2520
+CVE-2017-2520 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	{DLA-1633-1}
 	- sqlite3 3.16.2-1
 	[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=384
 	NOTE: https://clusterfuzz-external.appspot.com/testcase?key=5694101458518016
 	NOTE: Fixed by: https://www.sqlite.org/src/info/2dc7eeb5b4d2eaf1
-CVE-2017-2519
+CVE-2017-2519 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	{DLA-1633-1}
 	- sqlite3 3.16.0-1
 	[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=288
 	NOTE: https://clusterfuzz-external.appspot.com/testcase?key=6739028850245632
 	NOTE: Fixed by: https://www.sqlite.org/src/info/d08b72c38ff6fae6
-CVE-2017-2518
+CVE-2017-2518 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	{DLA-1633-1}
 	- sqlite3 3.15.2-1
 	[wheezy] - sqlite3 <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=199
 	NOTE: https://clusterfuzz-external.appspot.com/testcase?key=4603622180519936
 	NOTE: Fixed by: https://www.sqlite.org/src/info/0a98c8d76ac86412
-CVE-2017-2517
+CVE-2017-2517 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
 	NOT-FOR-US: Apple Safari
-CVE-2017-2516
+CVE-2017-2516 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2515
+CVE-2017-2515 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2514
+CVE-2017-2514 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2513
+CVE-2017-2513 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- sqlite3 3.15.2-1
 	[jessie] - sqlite3 <not-affected> (Vulnerable code not present)
 	[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=171
 	NOTE: https://clusterfuzz-external.appspot.com/testcase?key=5770842466156544
 	NOTE: Fixed by: https://www.sqlite.org/src/info/c5dbc599b910c02a
-CVE-2017-2512
+CVE-2017-2512 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2511
+CVE-2017-2511 (An issue was discovered in certain Apple products. Safari before 10.1. ...)
 	NOT-FOR-US: Apple Safari
-CVE-2017-2510
+CVE-2017-2510 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2509
+CVE-2017-2509 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2508
+CVE-2017-2508 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2507
+CVE-2017-2507 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2506
+CVE-2017-2506 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2505
+CVE-2017-2505 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2504
+CVE-2017-2504 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2503
+CVE-2017-2503 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2502
+CVE-2017-2502 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2501
+CVE-2017-2501 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2500
+CVE-2017-2500 (An issue was discovered in certain Apple products. Safari before 10.1. ...)
 	NOT-FOR-US: Apple Safari
-CVE-2017-2499
+CVE-2017-2499 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium/webkitgtk, the Chrome sec team will know and fix
-CVE-2017-2498
+CVE-2017-2498 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2497
+CVE-2017-2497 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2496
+CVE-2017-2496 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	- webkit2gtk 2.16.3-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2495
+CVE-2017-2495 (An issue was discovered in certain Apple products. iOS before 10.3.2 i ...)
 	NOT-FOR-US: Apple Safari
-CVE-2017-2494
+CVE-2017-2494 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2493
+CVE-2017-2493 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2492
+CVE-2017-2492 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2491
+CVE-2017-2491 (Use after free vulnerability in the String.replace method JavaScriptCo ...)
 	NOT-FOR-US: Apple Safari
-CVE-2017-2490
+CVE-2017-2490 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2489
+CVE-2017-2489 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple involving Intel Graphics Driver
 CVE-2017-2488
 	RESERVED
-CVE-2017-2487
+CVE-2017-2487 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving FontParser component
-CVE-2017-2486
+CVE-2017-2486 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium/webkitgtk, the Chrome sec team will know and fix
-CVE-2017-2485
+CVE-2017-2485 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving Security component
-CVE-2017-2484
+CVE-2017-2484 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving Phone component
-CVE-2017-2483
+CVE-2017-2483 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2482
+CVE-2017-2482 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2481
+CVE-2017-2481 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2480
+CVE-2017-2480 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium/webkitgtk, the Chrome sec team will know and fix
-CVE-2017-2479
+CVE-2017-2479 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium/webkitgtk, the Chrome sec team will know and fix
-CVE-2017-2478
+CVE-2017-2478 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2477
+CVE-2017-2477 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	- libxslt <undetermined>
 	NOTE: contacted Apple for more information, but no reply for quite a while
-CVE-2017-2476
+CVE-2017-2476 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2475
+CVE-2017-2475 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2474
+CVE-2017-2474 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2473
+CVE-2017-2473 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2472
+CVE-2017-2472 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2471
+CVE-2017-2471 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2470
+CVE-2017-2470 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2469
+CVE-2017-2469 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2468
+CVE-2017-2468 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2467
+CVE-2017-2467 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving ImageIO component
-CVE-2017-2466
+CVE-2017-2466 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2465
+CVE-2017-2465 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2464
+CVE-2017-2464 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2463
+CVE-2017-2463 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium/webkitgtk, the Chrome sec team will know and fix
-CVE-2017-2462
+CVE-2017-2462 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2461
+CVE-2017-2461 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving CoreText component
-CVE-2017-2460
+CVE-2017-2460 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2459
+CVE-2017-2459 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2458
+CVE-2017-2458 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2457
+CVE-2017-2457 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2456
+CVE-2017-2456 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2455
+CVE-2017-2455 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2454
+CVE-2017-2454 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2453
+CVE-2017-2453 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple Safari
-CVE-2017-2452
+CVE-2017-2452 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple Siri
-CVE-2017-2451
+CVE-2017-2451 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving Security component
-CVE-2017-2450
+CVE-2017-2450 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving CoreText component
-CVE-2017-2449
+CVE-2017-2449 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple invovling Bluetooth component
-CVE-2017-2448
+CVE-2017-2448 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving Keychain component
-CVE-2017-2447
+CVE-2017-2447 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2446
+CVE-2017-2446 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2445
+CVE-2017-2445 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2444
+CVE-2017-2444 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving CoreGraphics component
-CVE-2017-2443
+CVE-2017-2443 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple involving Intel Graphics Driver
-CVE-2017-2442
+CVE-2017-2442 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2441
+CVE-2017-2441 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple libc++abi component
-CVE-2017-2440
+CVE-2017-2440 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving Kernel component
-CVE-2017-2439
+CVE-2017-2439 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving FontParser component
-CVE-2017-2438
+CVE-2017-2438 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple involving AppleRAID component
-CVE-2017-2437
+CVE-2017-2437 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple involving IOFireWireAVC component
-CVE-2017-2436
+CVE-2017-2436 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple involving IOFireWireAVC component
-CVE-2017-2435
+CVE-2017-2435 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving CoreText component
-CVE-2017-2434
+CVE-2017-2434 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving HomeKit component
-CVE-2017-2433
+CVE-2017-2433 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2432
+CVE-2017-2432 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple involving ImageIO component
-CVE-2017-2431
+CVE-2017-2431 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2430
+CVE-2017-2430 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2429
+CVE-2017-2429 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2428
+CVE-2017-2428 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2427
+CVE-2017-2427 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2426
+CVE-2017-2426 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2425
+CVE-2017-2425 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2424
+CVE-2017-2424 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2423
+CVE-2017-2423 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2422
+CVE-2017-2422 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2421
+CVE-2017-2421 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2420
+CVE-2017-2420 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2419
+CVE-2017-2419 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2418
+CVE-2017-2418 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2417
+CVE-2017-2417 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2416
+CVE-2017-2416 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2415
+CVE-2017-2415 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2414
+CVE-2017-2414 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2413
+CVE-2017-2413 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2412
+CVE-2017-2412 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2411
+CVE-2017-2411 (In iOS before 11.2, exchange rates were retrieved from HTTP rather tha ...)
 	NOT-FOR-US: Apple
-CVE-2017-2410
+CVE-2017-2410 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2409
+CVE-2017-2409 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2408
+CVE-2017-2408 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2407
+CVE-2017-2407 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2406
+CVE-2017-2406 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2405
+CVE-2017-2405 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2404
+CVE-2017-2404 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2403
+CVE-2017-2403 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2402
+CVE-2017-2402 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2401
+CVE-2017-2401 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2400
+CVE-2017-2400 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2399
+CVE-2017-2399 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2398
+CVE-2017-2398 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2397
+CVE-2017-2397 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2396
+CVE-2017-2396 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2395
+CVE-2017-2395 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2394
+CVE-2017-2394 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2393
+CVE-2017-2393 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2392
+CVE-2017-2392 (An issue was discovered in certain Apple products. Safari before 10.1  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2391
+CVE-2017-2391 (An issue was discovered in certain Apple products. Pages before 6.1, N ...)
 	NOT-FOR-US: Apple
-CVE-2017-2390
+CVE-2017-2390 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple / libarchive
 	NOTE: Possibly Apple-specific, but noone really knows and Apple doesn't cooperate
-CVE-2017-2389
+CVE-2017-2389 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2388
+CVE-2017-2388 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2387
+CVE-2017-2387 (The Apple Music (aka com.apple.android.music) application before 2.0 f ...)
 	NOT-FOR-US: Apple Music application for Android
-CVE-2017-2386
+CVE-2017-2386 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2385
+CVE-2017-2385 (An issue was discovered in certain Apple products. Safari before 10.1  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2384
+CVE-2017-2384 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2383
+CVE-2017-2383 (An issue was discovered in certain Apple products. iCloud before 6.2 o ...)
 	NOT-FOR-US: Apple
-CVE-2017-2382
+CVE-2017-2382 (An issue was discovered in certain Apple products. macOS Server before ...)
 	NOT-FOR-US: Apple
-CVE-2017-2381
+CVE-2017-2381 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple, that's likely just a broken sudo config
-CVE-2017-2380
+CVE-2017-2380 (An issue was discovered in certain Apple products.  iOS before 10.3 is ...)
 	NOT-FOR-US: Apple
-CVE-2017-2379
+CVE-2017-2379 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2017-2378
+CVE-2017-2378 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium/webkitgtk, the Chrome sec team will know and fix
-CVE-2017-2377
+CVE-2017-2377 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2376
+CVE-2017-2376 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkit2gtk 2.16.3-2 (unimportant)
 	NOTE: Not covered by security support
 CVE-2017-2375
 	RESERVED
-CVE-2017-2374
+CVE-2017-2374 (An issue was discovered in certain Apple products. GarageBand before 1 ...)
 	NOT-FOR-US: Apple
-CVE-2017-2373
+CVE-2017-2373 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2372
+CVE-2017-2372 (An issue was discovered in certain Apple products. GarageBand before 1 ...)
 	NOT-FOR-US: Apple
-CVE-2017-2371
+CVE-2017-2371 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2370
+CVE-2017-2370 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2369
+CVE-2017-2369 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2368
+CVE-2017-2368 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2367
+CVE-2017-2367 (An issue was discovered in certain Apple products. iOS before 10.3 is  ...)
 	- webkitgtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2366
+CVE-2017-2366 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2365
+CVE-2017-2365 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2364
+CVE-2017-2364 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	- webkit2gtk 2.14.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2363
+CVE-2017-2363 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2362
+CVE-2017-2362 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2361
+CVE-2017-2361 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2360
+CVE-2017-2360 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2359
+CVE-2017-2359 (An issue was discovered in certain Apple products. Safari before 10.0. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2358
+CVE-2017-2358 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2357
+CVE-2017-2357 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2356
+CVE-2017-2356 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2355
+CVE-2017-2355 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2354
+CVE-2017-2354 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2353
+CVE-2017-2353 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
 	NOT-FOR-US: Apple
-CVE-2017-2352
+CVE-2017-2352 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2351
+CVE-2017-2351 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	NOT-FOR-US: Apple
-CVE-2017-2350
+CVE-2017-2350 (An issue was discovered in certain Apple products. iOS before 10.2.1 i ...)
 	- webkit2gtk 2.14.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2017-2349
+CVE-2017-2349 (A command injection vulnerability in the IDP feature of Juniper Networ ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2348
+CVE-2017-2348 (The Juniper Enhanced jdhcpd daemon may experience high CPU utilization ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2347
+CVE-2017-2347 (A denial of service vulnerability in rpd daemon of Juniper Networks Ju ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2346
+CVE-2017-2346 (An MS-MPC or MS-MIC Service PIC may crash when large fragmented packet ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2345
+CVE-2017-2345 (On Junos OS devices with SNMP enabled, a network based attacker with u ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2344
+CVE-2017-2344 (A routine within an internal Junos OS sockets library is vulnerable to ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2343
+CVE-2017-2343 (The Integrated User Firewall (UserFW) feature was introduced in Junos  ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2342
+CVE-2017-2342 (MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2341
+CVE-2017-2341 (An insufficient authentication vulnerability on platforms where Junos  ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2340
+CVE-2017-2340 (On Juniper Networks Junos OS 15.1 releases from 15.1R3 to 15.1R4, 16.1 ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2339
+CVE-2017-2339 (A persistent cross site scripting vulnerability in NetScreen WebUI of  ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2338
+CVE-2017-2338 (A persistent cross site scripting vulnerability in NetScreen WebUI of  ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2337
+CVE-2017-2337 (A persistent cross site scripting vulnerability in NetScreen WebUI of  ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2336
+CVE-2017-2336 (A reflected cross site scripting vulnerability in NetScreen WebUI of J ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2335
+CVE-2017-2335 (A persistent cross site scripting vulnerability in NetScreen WebUI of  ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2334
+CVE-2017-2334 (An information leak vulnerability in Juniper Networks NorthStar Contro ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2333
+CVE-2017-2333 (A persistent denial of service vulnerability in Juniper Networks North ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2332
+CVE-2017-2332 (An insufficient authentication vulnerability in Juniper Networks North ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2331
+CVE-2017-2331 (A firewall bypass vulnerability in Juniper Networks NorthStar Controll ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2330
+CVE-2017-2330 (A denial of service vulnerability in Juniper Networks NorthStar Contro ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2329
+CVE-2017-2329 (An insufficient authentication vulnerability in Juniper Networks North ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2328
+CVE-2017-2328 (An information leak vulnerability in Juniper Networks NorthStar Contro ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2327
+CVE-2017-2327 (A denial of service vulnerability in Juniper Networks NorthStar Contro ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2326
+CVE-2017-2326 (An information disclosure vulnerability in Juniper Networks NorthStar  ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2325
+CVE-2017-2325 (A buffer overflow vulnerability in Juniper Networks NorthStar Controll ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2324
+CVE-2017-2324 (A command injection vulnerability in Juniper Networks NorthStar Contro ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2323
+CVE-2017-2323 (A denial of service vulnerability in Juniper Networks NorthStar Contro ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2322
+CVE-2017-2322 (A denial of service vulnerability in Juniper Networks NorthStar Contro ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2321
+CVE-2017-2321 (A vulnerability in Juniper Networks NorthStar Controller Application p ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2320
+CVE-2017-2320 (A vulnerability in Juniper Networks NorthStar Controller Application p ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2319
+CVE-2017-2319 (A vulnerability in Juniper Networks NorthStar Controller Application p ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2318
+CVE-2017-2318 (A vulnerability in Juniper Networks NorthStar Controller Application p ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2317
+CVE-2017-2317 (A denial of service vulnerability in Juniper Networks NorthStar Contro ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2316
+CVE-2017-2316 (A buffer overflow vulnerability in Juniper Networks NorthStar Controll ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2315
+CVE-2017-2315 (On Juniper Networks EX Series Ethernet Switches running affected Junos ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2314
+CVE-2017-2314 (Receipt of a malformed BGP OPEN message may cause the routing protocol ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2313
+CVE-2017-2313 (Juniper Networks devices running affected Junos OS versions may be imp ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2312
+CVE-2017-2312 (On Juniper Networks devices running Junos OS affected versions and wit ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2311
+CVE-2017-2311 (On Juniper Networks Junos Space versions prior to 16.1R1, an unauthent ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2310
+CVE-2017-2310 (A firewall bypass vulnerability in the host based firewall of Juniper  ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2309
+CVE-2017-2309 (On Juniper Networks Junos Space versions prior to 16.1R1 when certific ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2308
+CVE-2017-2308 (An XML External Entity Injection vulnerability in Juniper Networks Jun ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2307
+CVE-2017-2307 (A reflected cross site scripting vulnerability in the administrative i ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2306
+CVE-2017-2306 (On Juniper Networks Junos Space versions prior to 16.1R1, due to an in ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2305
+CVE-2017-2305 (On Juniper Networks Junos Space versions prior to 16.1R1, due to an in ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2304
+CVE-2017-2304 (Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2303
+CVE-2017-2303 (On Juniper Networks products or platforms running Junos OS 12.1X46 pri ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2302
+CVE-2017-2302 (On Juniper Networks products or platforms running Junos OS 12.1X46 pri ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2301
+CVE-2017-2301 (On Juniper Networks products or platforms running Junos OS 11.4 prior  ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2300
+CVE-2017-2300 (On Juniper Networks SRX Series Services Gateways chassis clusters runn ...)
 	NOT-FOR-US: Juniper
-CVE-2017-2299
+CVE-2017-2299 (Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 mak ...)
 	- puppet-module-puppetlabs-apache 3.0.0-1 (bug #875983)
 	[stretch] - puppet-module-puppetlabs-apache <no-dsa> (Minor issue)
 	[jessie] - puppet-module-puppetlabs-apache <no-dsa> (Minor issue)
 	NOTE: https://puppet.com/security/cve/CVE-2017-2299
 	NOTE: https://github.com/puppetlabs/puppetlabs-apache/commit/7bb35c2293c12ce52329a4391fe1f20389efef06
-CVE-2017-2298
+CVE-2017-2298 (The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a  ...)
 	NOT-FOR-US: mcollective-sshkey-security plugin
-CVE-2017-2297
+CVE-2017-2297 (Puppet Enterprise versions prior to 2016.4.5 and 2017.2.1 did not corr ...)
 	- puppet <not-affected> (Specific to Puppet Enterprise)
-CVE-2017-2296
+CVE-2017-2296 (In Puppet Enterprise 2017.1.x and 2017.2.1, using specially formatted  ...)
 	- puppet <not-affected> (Specific to Puppet Enterprise)
-CVE-2017-2295
+CVE-2017-2295 (Versions of Puppet prior to 4.10.1 will deserialize data off the wire  ...)
 	{DSA-3862-1 DLA-1012-1}
 	- puppet 4.8.2-5 (bug #863212)
 	NOTE: https://puppet.com/security/cve/cve-2017-2295
 	NOTE: https://github.com/puppetlabs/puppet/commit/06d8c51367ca932b9da5d9b01958cfc0adf0f2ea
-CVE-2017-2294
+CVE-2017-2294 (Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 failed to  ...)
 	- puppet <not-affected> (Doesn't affect Puppet as shipped in Debian)
 	NOTE: Puppet as shipped in Debian doesn't provide puppetdb yet
-CVE-2017-2293
+CVE-2017-2293 (Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 shipped wi ...)
 	- puppet <not-affected> (Specific to Puppet Enterprise)
-CVE-2017-2292
+CVE-2017-2292 (Versions of MCollective prior to 2.10.4 deserialized YAML from agents  ...)
 	- mcollective 2.12.0+dfsg-1 (bug #866711)
 	[jessie] - mcollective <no-dsa> (Minor issue)
 	[wheezy] - mcollective <no-dsa> (Minor issue)
@@ -45883,57 +45883,57 @@ CVE-2017-2292
 	NOTE: https://github.com/puppetlabs/marionette-collective/commit/e0e741889f5adeb8f75387037106b0d28a9099b0
 CVE-2017-2291
 	RESERVED
-CVE-2017-2290
+CVE-2017-2290 (On Windows installations of the mcollective-puppet-agent plugin, versi ...)
 	NOT-FOR-US: mcollective-puppet-agent plugin on Windows
-CVE-2017-2289
+CVE-2017-2289 (Untrusted search path vulnerability in Installer of Qua station connec ...)
 	NOT-FOR-US: Installer of Qua station connection tool for Windows
-CVE-2017-2288
+CVE-2017-2288 (Untrusted search path vulnerability in LhaForge Ver.1.6.5 and earlier  ...)
 	NOT-FOR-US: LhaForge
-CVE-2017-2287
+CVE-2017-2287 (Untrusted search path vulnerability in NFC Port Software remover Ver.1 ...)
 	NOT-FOR-US: NFC Port Software remover
-CVE-2017-2286
+CVE-2017-2286 (Untrusted search path vulnerability in NFC Port Software Version 5.5.0 ...)
 	NOT-FOR-US: NFC Port Software
-CVE-2017-2285
+CVE-2017-2285 (Cross-site scripting vulnerability in Simple Custom CSS and JS prior t ...)
 	NOT-FOR-US: Simple Custom CSS and JS
-CVE-2017-2284
+CVE-2017-2284 (Cross-site scripting vulnerability in Popup Maker prior to version 1.6 ...)
 	NOT-FOR-US: Popup Maker
-CVE-2017-2283
+CVE-2017-2283 (WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credential ...)
 	NOT-FOR-US: WN-G300R3 firmware
-CVE-2017-2282
+CVE-2017-2282 (Buffer overflow in WN-AX1167GR firmware version 3.00 and earlier allow ...)
 	NOT-FOR-US: WN-AX1167GR firmware
-CVE-2017-2281
+CVE-2017-2281 (WN-AX1167GR firmware version 3.00 and earlier allows an attacker to ex ...)
 	NOT-FOR-US: WN-AX1167GR firmware
-CVE-2017-2280
+CVE-2017-2280 (WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentia ...)
 	NOT-FOR-US: WN-AX1167GR firmware
-CVE-2017-2279
+CVE-2017-2279 (Untrusted search path vulnerability in Tween Ver1.6.6.0 and earlier al ...)
 	NOT-FOR-US: Tween
-CVE-2017-2278
+CVE-2017-2278 (The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB SPEE ...)
 	NOT-FOR-US: RBB SPEED TEST App
-CVE-2017-2277
+CVE-2017-2277 (WG-C10 v3.0.79 and earlier allows an attacker to bypass access restric ...)
 	NOT-FOR-US: WG-C10
-CVE-2017-2276
+CVE-2017-2276 (Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to ex ...)
 	NOT-FOR-US: WG-C10
-CVE-2017-2275
+CVE-2017-2275 (WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS  ...)
 	NOT-FOR-US: WG-C10
-CVE-2017-2274
+CVE-2017-2274 (Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and ea ...)
 	NOT-FOR-US: WMR-433* firmware
-CVE-2017-2273
+CVE-2017-2273 (Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ve ...)
 	NOT-FOR-US: WMR-433* firmware
-CVE-2017-2272
+CVE-2017-2272 (Untrusted search path vulnerability in Self-extracting encrypted files ...)
 	NOT-FOR-US: AttacheCase
-CVE-2017-2271
+CVE-2017-2271 (Untrusted search path vulnerability in Self-extracting encrypted files ...)
 	NOT-FOR-US: AttacheCase
-CVE-2017-2270
+CVE-2017-2270 (Untrusted search path vulnerability in Encrypted files in self-decrypt ...)
 	NOT-FOR-US: FileCapsule Deluxe Portable
-CVE-2017-2269
+CVE-2017-2269 (Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver ...)
 	NOT-FOR-US: FileCapsule Deluxe Portable
-CVE-2017-2268
+CVE-2017-2268 (Untrusted search path vulnerability in Encrypted files in self-decrypt ...)
 	NOT-FOR-US: FileCapsule Deluxe Portable
-CVE-2017-2267
+CVE-2017-2267 (Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver ...)
 	NOT-FOR-US: FileCapsule Deluxe Portable
-CVE-2017-2266
+CVE-2017-2266 (Untrusted search path vulnerability in Encrypted files in self-decrypt ...)
 	NOT-FOR-US: FileCapsule Deluxe Portable
-CVE-2017-2265
+CVE-2017-2265 (Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver ...)
 	NOT-FOR-US: FileCapsule Deluxe Portable
 CVE-2017-2264
 	RESERVED
@@ -45947,111 +45947,111 @@ CVE-2017-2260
 	RESERVED
 CVE-2017-2259
 	RESERVED
-CVE-2017-2258
+CVE-2017-2258 (Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allo ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2257
+CVE-2017-2257 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 all ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2256
+CVE-2017-2256 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 all ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2255
+CVE-2017-2255 (Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 all ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2254
+CVE-2017-2254 (Cybozu Garoon 3.5.0 to 4.2.5 allows an attacker to cause a denial of s ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2253
+CVE-2017-2253 (Untrusted search path vulnerability in Installer of Yahoo! Toolbar (fo ...)
 	NOT-FOR-US: Installer of Yahoo! Toolbar (for Internet explorer)
-CVE-2017-2252
+CVE-2017-2252 (Untrusted search path vulnerability in self-extracting archive files c ...)
 	NOT-FOR-US: File Compact
 CVE-2017-2251
 	RESERVED
 CVE-2017-2250
 	RESERVED
-CVE-2017-2249
+CVE-2017-2249 (Untrusted search path vulnerability in Self-extracting archive files c ...)
 	NOT-FOR-US: Lhaz+
-CVE-2017-2248
+CVE-2017-2248 (Untrusted search path vulnerability in Installer of Lhaz+ version 3.4. ...)
 	NOT-FOR-US: Lhaz+
-CVE-2017-2247
+CVE-2017-2247 (Untrusted search path vulnerability in Self-extracting archive files c ...)
 	NOT-FOR-US: Lhaz
-CVE-2017-2246
+CVE-2017-2246 (Untrusted search path vulnerability in Installer of Lhaz version 2.4.0 ...)
 	NOT-FOR-US: Lhaz
-CVE-2017-2245
+CVE-2017-2245 (Directory traversal vulnerability in Shortcodes Ultimate prior to vers ...)
 	NOT-FOR-US: Shortcodes Ultimate
-CVE-2017-2244
+CVE-2017-2244 (Cross-site request forgery (CSRF) vulnerability in MFC-J960DWN firmwar ...)
 	NOT-FOR-US: MFC-J960DWN firmware
-CVE-2017-2243
+CVE-2017-2243 (Cross-site scripting vulnerability in Responsive Lightbox prior to ver ...)
 	NOT-FOR-US: Responsive Lightbox
-CVE-2017-2242
+CVE-2017-2242 (Untrusted search path vulnerability in Flets Setsuzoku Tool for Window ...)
 	NOT-FOR-US: Flets Setsuzoku Tool for Windows
-CVE-2017-2241
+CVE-2017-2241 (SQL injection vulnerability in the AssetView for MacOS Ver.9.2.0 and e ...)
 	NOT-FOR-US: AssetView for MacOS
-CVE-2017-2240
+CVE-2017-2240 (Directory traversal vulnerability in AssetView for MacOS Ver.9.2.0 and ...)
 	NOT-FOR-US: AssetView for MacOS
-CVE-2017-2239
+CVE-2017-2239 (Marp versions v0.0.10 and earlier may allow an attacker to access loca ...)
 	NOT-FOR-US: Marp
-CVE-2017-2238
+CVE-2017-2238 (Cross-site request forgery (CSRF) vulnerability in Toshiba Home gatewa ...)
 	NOT-FOR-US: Toshiba Home gateway HEM-GW16A
-CVE-2017-2237
+CVE-2017-2237 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlie ...)
 	NOT-FOR-US: Toshiba Home gateway HEM-GW16A firmware
-CVE-2017-2236
+CVE-2017-2236 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlie ...)
 	NOT-FOR-US: Toshiba Home gateway HEM-GW16A firmware
-CVE-2017-2235
+CVE-2017-2235 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlie ...)
 	NOT-FOR-US: Toshiba Home gateway HEM-GW16A firmware
-CVE-2017-2234
+CVE-2017-2234 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlie ...)
 	NOT-FOR-US: Toshiba Home gateway HEM-GW16A firmware
-CVE-2017-2233
+CVE-2017-2233 (Untrusted search path vulnerability in Installer of PDF Digital Signat ...)
 	NOT-FOR-US: PDF Digital Signature Plugin
-CVE-2017-2232
+CVE-2017-2232 (Untrusted search path vulnerability in Installer of Shinseiyo Sogo Sof ...)
 	NOT-FOR-US: Installer of Shinseiyo Sogo Soft
-CVE-2017-2231
+CVE-2017-2231 (Untrusted search path vulnerability in The installer of MLIT DenshiSei ...)
 	NOT-FOR-US: installer of MLIT DenshiSeikabutsuSakuseiShienKensa system
-CVE-2017-2230
+CVE-2017-2230 (Untrusted search path vulnerability in Douro Kouji Kanseizutou Check P ...)
 	NOT-FOR-US: Douro Kouji Kanseizutou Check Program
-CVE-2017-2229
+CVE-2017-2229 (Untrusted search path vulnerability in Douroshisetu Kihon Data Sakusei ...)
 	NOT-FOR-US: Douroshisetu Kihon Data Sakusei System
-CVE-2017-2228
+CVE-2017-2228 (Untrusted search path vulnerability in Teikihoukokusho Sakuseishien To ...)
 	NOT-FOR-US: Teikihoukokusho Sakuseishien Tool
-CVE-2017-2227
+CVE-2017-2227 (Untrusted search path vulnerability in The installer of Charamin OMP V ...)
 	NOT-FOR-US: installer of Charamin OMP
-CVE-2017-2226
+CVE-2017-2226 (Untrusted search path vulnerability in Setup file of advance preparati ...)
 	NOT-FOR-US: e-Tax
-CVE-2017-2225
+CVE-2017-2225 (Untrusted search path vulnerability in EbidSettingChecker.exe (version ...)
 	NOT-FOR-US: EbidSettingChecker.exe
-CVE-2017-2224
+CVE-2017-2224 (Cross-site scripting vulnerability in Event Calendar WD prior to versi ...)
 	NOT-FOR-US: Event Calendar WD
-CVE-2017-2223
+CVE-2017-2223 (Cross-site request forgery (CSRF) vulnerability in TS-WPTCAM, TS-PTCAM ...)
 	NOT-FOR-US: TS-WPTCAM
-CVE-2017-2222
+CVE-2017-2222 (Cross-site scripting vulnerability in WP-Members prior to version 3.1. ...)
 	NOT-FOR-US: WP-Members
-CVE-2017-2221
+CVE-2017-2221 (Untrusted search path vulnerability in Installer of Baidu IME Ver3.6.1 ...)
 	NOT-FOR-US: Installer of Baidu IME
-CVE-2017-2220
+CVE-2017-2220 (Untrusted search path vulnerability in Installer of CASL II simulator  ...)
 	NOT-FOR-US: Installer of CASL II simulator
-CVE-2017-2219
+CVE-2017-2219 (Untrusted search path vulnerability in the [Simeji for Windows] instal ...)
 	NOT-FOR-US: Simeji
-CVE-2017-2218
+CVE-2017-2218 (Untrusted search path vulnerability in Installer of QuickTime for Wind ...)
 	NOT-FOR-US: Installer of QuickTime for Windows
-CVE-2017-2217
+CVE-2017-2217 (Open redirect vulnerability in WordPress Download Manager prior to ver ...)
 	NOT-FOR-US: WordPress Download Manager
-CVE-2017-2216
+CVE-2017-2216 (Cross-site scripting vulnerability in WordPress Download Manager prior ...)
 	NOT-FOR-US: WordPress Download Manager
-CVE-2017-2215
+CVE-2017-2215 (Untrusted search path vulnerability in Installer of "Setup file of adv ...)
 	NOT-FOR-US: Installer of "Setup file of advance preparation"
-CVE-2017-2214
+CVE-2017-2214 (Untrusted search path vulnerability in AppCheck and AppCheck Pro prior ...)
 	NOT-FOR-US: AppCheck
-CVE-2017-2213
+CVE-2017-2213 (Untrusted search path vulnerability in SemiDynaEXE (SemiDynaEXE2008.EX ...)
 	NOT-FOR-US: SemiDynaEXE
-CVE-2017-2212
+CVE-2017-2212 (Untrusted search path vulnerability in TKY2JGD (TKY2JGD1379.EXE) ver.  ...)
 	NOT-FOR-US: TKY2JGD
-CVE-2017-2211
+CVE-2017-2211 (Untrusted search path vulnerability in PatchJGD (Hyoko) (PatchJGDh101. ...)
 	NOT-FOR-US: PatchJGD
-CVE-2017-2210
+CVE-2017-2210 (Untrusted search path vulnerability in PatchJGD (PatchJGD101.EXE) ver. ...)
 	NOT-FOR-US: PatchJGD
-CVE-2017-2209
+CVE-2017-2209 (Untrusted search path vulnerability in the installer of Houkokusyo Sak ...)
 	NOT-FOR-US: Houkokusyo Sakusei Shien Tool
-CVE-2017-2208
+CVE-2017-2208 (Untrusted search path vulnerability in Installer of Electronic tenderi ...)
 	NOT-FOR-US: Installer of Electronic tendering and bid opening system
-CVE-2017-2207
+CVE-2017-2207 (Untrusted search path vulnerability in the installer of SaAT Personal  ...)
 	NOT-FOR-US: SaAT Personal
-CVE-2017-2206
+CVE-2017-2206 (Untrusted search path vulnerability in the installer of SaAT Netizen v ...)
 	NOT-FOR-US: SaAT Netizen
 CVE-2017-2205
 	RESERVED
@@ -46073,217 +46073,217 @@ CVE-2017-2197
 	RESERVED
 CVE-2017-2196
 	RESERVED
-CVE-2017-2195
+CVE-2017-2195 (SQL injection vulnerability in the Multi Feed Reader prior to version  ...)
 	NOT-FOR-US: Multi Feed Reader plugin for wordpress
-CVE-2017-2194
+CVE-2017-2194 (Cross-site scripting vulnerability in Source code security studying to ...)
 	NOT-FOR-US: iCodeChecker
-CVE-2017-2193
+CVE-2017-2193 (Untrusted search path vulnerability in the installer of Tera Term 4.94 ...)
 	NOT-FOR-US: Tera Term
-CVE-2017-2192
+CVE-2017-2192 (Untrusted search path vulnerability in RW-5100 tool to verify executio ...)
 	NOT-FOR-US: RW5100 installer
-CVE-2017-2191
+CVE-2017-2191 (Untrusted search path vulnerability in RW-5100 driver installer for Wi ...)
 	NOT-FOR-US: RW5100 installer
-CVE-2017-2190
+CVE-2017-2190 (Untrusted search path vulnerability in RW-4040 tool to verify executio ...)
 	NOT-FOR-US: RW4040
-CVE-2017-2189
+CVE-2017-2189 (Untrusted search path vulnerability in RW-4040 driver installer for Wi ...)
 	NOT-FOR-US: RW4040
-CVE-2017-2188
+CVE-2017-2188 (Untrusted search path vulnerability in Installer of Denshinouhin Check ...)
 	NOT-FOR-US: Installer of Denshinouhin Check System
-CVE-2017-2187
+CVE-2017-2187 (Cross-site scripting vulnerability in WP Live Chat Support prior to ve ...)
 	NOT-FOR-US: WP Live Chat
-CVE-2017-2186
+CVE-2017-2186 (HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass ...)
 	NOT-FOR-US: HOME SPOT CUBE2 firmware
-CVE-2017-2185
+CVE-2017-2185 (HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attacke ...)
 	NOT-FOR-US: HOME SPOT CUBE2 firmware
-CVE-2017-2184
+CVE-2017-2184 (Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an ...)
 	NOT-FOR-US: HOME SPOT CUBE2 firmware
-CVE-2017-2183
+CVE-2017-2183 (HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attacke ...)
 	NOT-FOR-US: HOME SPOT CUBE2 firmware
-CVE-2017-2182
+CVE-2017-2182 (Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3. ...)
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool
-CVE-2017-2181
+CVE-2017-2181 (Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3. ...)
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool
-CVE-2017-2180
+CVE-2017-2180 (Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3. ...)
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool
-CVE-2017-2179
+CVE-2017-2179 (Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3. ...)
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool
-CVE-2017-2178
+CVE-2017-2178 (Untrusted search path vulnerability in Installer of electronic tenderi ...)
 	NOT-FOR-US: electronic tendering and bid opening system
-CVE-2017-2177
+CVE-2017-2177 (Untrusted search path vulnerability in Installer of Shogyo Touki Densh ...)
 	NOT-FOR-US: Shogyo Touki Denshi Ninsho
-CVE-2017-2176
+CVE-2017-2176 (Untrusted search path vulnerability in screensaver installers (jasdf_0 ...)
 	NOT-FOR-US: screensaver installers for Windows
-CVE-2017-2175
+CVE-2017-2175 (Untrusted search path vulnerability in Empirical Project Monitor - eXt ...)
 	NOT-FOR-US: Empirical Project Monitor - eXtended
-CVE-2017-2174
+CVE-2017-2174 (Cross-site scripting vulnerability in Empirical Project Monitor - eXte ...)
 	NOT-FOR-US: Empirical Project Monitor - eXtended
-CVE-2017-2173
+CVE-2017-2173 (Cross-site scripting vulnerability in Empirical Project Monitor - eXte ...)
 	NOT-FOR-US: Empirical Project Monitor - eXtended
-CVE-2017-2172
+CVE-2017-2172 (Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 t ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2171
+CVE-2017-2171 (Cross-site scripting vulnerability in Captcha prior to version 4.3.0,  ...)
 	NOT-FOR-US: WordPress plugins provided by BestWebSoft
 CVE-2017-2170
 	RESERVED
-CVE-2017-2169
+CVE-2017-2169 (Cross-site scripting vulnerability in MaxButtons prior to version 6.19 ...)
 	NOT-FOR-US: MaxButtons plugin for WordPress
-CVE-2017-2168
+CVE-2017-2168 (Cross-site scripting vulnerability in WP Booking System Free version p ...)
 	NOT-FOR-US: WP Booking System
-CVE-2017-2167
+CVE-2017-2167 (Untrusted search path vulnerability in Installer for PrimeDrive Deskto ...)
 	NOT-FOR-US: PrimeDrive
-CVE-2017-2166
+CVE-2017-2166 (Open redirect vulnerability in GroupSession version 4.7.0 and earlier  ...)
 	NOT-FOR-US: GroupSession
-CVE-2017-2165
+CVE-2017-2165 (GroupSession versions 4.6.4 and earlier allows remote authenticated at ...)
 	NOT-FOR-US: GroupSession
-CVE-2017-2164
+CVE-2017-2164 (Cross-site scripting vulnerability in SOY CMS with installer 1.8.12 an ...)
 	NOT-FOR-US: SOY CMS
-CVE-2017-2163
+CVE-2017-2163 (Directory traversal vulnerability in SOY CMS Ver.1.8.1 to Ver.1.8.12 a ...)
 	NOT-FOR-US: SOY CMS
-CVE-2017-2162
+CVE-2017-2162 (FlashAirTM SDHC Memory Card (SD-WE Series &lt;W-03&gt;) V3.00.02 and e ...)
 	NOT-FOR-US: FlashAirTM
-CVE-2017-2161
+CVE-2017-2161 (FlashAirTM SDHC Memory Card (SD-WE Series &lt;W-03&gt;) V3.00.02 and e ...)
 	NOT-FOR-US: FlashAirTM
 CVE-2017-2160
 	RESERVED
 CVE-2017-2159
 	RESERVED
-CVE-2017-2158
+CVE-2017-2158 (Improper verification when expanding ZIP64 archives in Lhaplus version ...)
 	NOT-FOR-US: Lhaplus
-CVE-2017-2157
+CVE-2017-2157 (Untrusted search path vulnerability in installers for The Public Certi ...)
 	NOT-FOR-US: The Public Certification Service
-CVE-2017-2156
+CVE-2017-2156 (Untrusted search path vulnerability in Vivaldi installer for Windows p ...)
 	NOT-FOR-US: Vivaldi installer Windows
-CVE-2017-2155
+CVE-2017-2155 (Buffer overflow in Hoozin Viewer 2, 3, 4.1.5.15 and earlier, 5.1.2.13  ...)
 	NOT-FOR-US: Hoozin Viewer
-CVE-2017-2154
+CVE-2017-2154 (Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanak ...)
 	NOT-FOR-US: Booking Calendar
-CVE-2017-2153
+CVE-2017-2153 (SEIL/x86 Fuji 1.70 to 5.62, SEIL/BPV4 5.00 to 5.62, SEIL/X1 1.30 to 5. ...)
 	NOT-FOR-US: SEIL
-CVE-2017-2152
+CVE-2017-2152 (WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to ...)
 	NOT-FOR-US: WNC01WH firmware
-CVE-2017-2151
+CVE-2017-2151 (Cross-site scripting vulnerability in Booking Calendar version 7.1 and ...)
 	NOT-FOR-US: Booking Calendar
-CVE-2017-2150
+CVE-2017-2150 (Directory traversal vulnerability in Booking Calendar version 7.0 and  ...)
 	NOT-FOR-US: Booking Calendar
-CVE-2017-2149
+CVE-2017-2149 (Untrusted search path vulnerability in installers of the software for  ...)
 	NOT-FOR-US: installers of the software for SDHC/SDXC Memory Cards
-CVE-2017-2148
+CVE-2017-2148 (Cross-site scripting vulnerability in WN-AC1167GR firmware version 1.0 ...)
 	NOT-FOR-US: WN-AC1167GR firmware
-CVE-2017-2147
+CVE-2017-2147 (Cross-site scripting vulnerability in WP Statistics version 12.0.4 and ...)
 	NOT-FOR-US: WP Statistics
-CVE-2017-2146
+CVE-2017-2146 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 all ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2017-2145
+CVE-2017-2145 (Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows  ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2017-2144
+CVE-2017-2144 (Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock another use ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2017-2143
+CVE-2017-2143 (CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor ...)
 	NOT-FOR-US: CS-Cart
-CVE-2017-2142
+CVE-2017-2142 (Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier allows remo ...)
 	NOT-FOR-US: WN-G300R3 firmware
-CVE-2017-2141
+CVE-2017-2141 (WN-G300R3 firmware 1.03 and earlier allows attackers with administrato ...)
 	NOT-FOR-US: WN-G300R3 firmware
-CVE-2017-2140
+CVE-2017-2140 (Tablacus Explorer 17.3.30 and earlier allows arbitrary scripts to be e ...)
 	NOT-FOR-US: Tablacus Explorer
-CVE-2017-2139
+CVE-2017-2139 (CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS ...)
 	NOT-FOR-US: CS-Cart
-CVE-2017-2138
+CVE-2017-2138 (Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese Ed ...)
 	NOT-FOR-US: CS-Cart
-CVE-2017-2137
+CVE-2017-2137 (ProSAFE Plus Configuration Utility prior to 2.3.29 allows remote attac ...)
 	NOT-FOR-US: ProSAFE Plus Configuration Utility
-CVE-2017-2136
+CVE-2017-2136 (Cross-site scripting vulnerability in WP Statistics version 12.0.4 and ...)
 	NOT-FOR-US: WP Statistics
-CVE-2017-2135
+CVE-2017-2135 (Cross-site scripting vulnerability in WP Statistics version 12.0.1 and ...)
 	NOT-FOR-US: WP Statistics
-CVE-2017-2134
+CVE-2017-2134 (Cross-site scripting vulnerability in ASSETBASE 8.0 and earlier allows ...)
 	NOT-FOR-US: ASSETBASE
-CVE-2017-2133
+CVE-2017-2133 (SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices  ...)
 	NOT-FOR-US: Panasonic KX-HJB1000 Home unit devices
-CVE-2017-2132
+CVE-2017-2132 (Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or H ...)
 	NOT-FOR-US: Panasonic KX-HJB1000 Home unit devices
-CVE-2017-2131
+CVE-2017-2131 (Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or H ...)
 	NOT-FOR-US: Panasonic KX-HJB1000 Home unit devices
-CVE-2017-2130
+CVE-2017-2130 (Untrusted search path vulnerability in the installer of PhishWall Clie ...)
 	NOT-FOR-US: installer of PhishWall Client Internet Explorer
 CVE-2017-2129
 	RESERVED
-CVE-2017-2128
+CVE-2017-2128 (Security guide for website operators allows remote attackers to execut ...)
 	NOT-FOR-US: Security guide for website operators
-CVE-2017-2127
+CVE-2017-2127 (Cross-site scripting vulnerability in YOP Poll versions prior to 5.8.1 ...)
 	NOT-FOR-US: YOP Poll
-CVE-2017-2126
+CVE-2017-2126 (WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1 ...)
 	NOT-FOR-US: WAPM-* firmware
-CVE-2017-2125
+CVE-2017-2125 (Privilege escalation vulnerability in CentreCOM AR260S V2 remote authe ...)
 	NOT-FOR-US: CentreCOM AR260S
-CVE-2017-2124
+CVE-2017-2124 (Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door ...)
 	NOT-FOR-US: OneThird CMS
-CVE-2017-2123
+CVE-2017-2123 (Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door ...)
 	NOT-FOR-US: OneThird CMS
-CVE-2017-2122
+CVE-2017-2122 (Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6. ...)
 	NOT-FOR-US: Nessus
 CVE-2017-2121
 	RESERVED
-CVE-2017-2120
+CVE-2017-2120 (SQL injection vulnerability in the WBCE CMS 1.1.10 and earlier allows  ...)
 	NOT-FOR-US: WBCE CMS
-CVE-2017-2119
+CVE-2017-2119 (Directory traversal vulnerability in WBCE CMS 1.1.10 and earlier allow ...)
 	NOT-FOR-US: WBCE CMS
-CVE-2017-2118
+CVE-2017-2118 (Cross-site scripting vulnerability in WBCE CMS 1.1.10 and earlier allo ...)
 	NOT-FOR-US: WBCE CMS
-CVE-2017-2117
+CVE-2017-2117 (Directory traversal vulnerability in CubeCart versions prior to 6.1.5  ...)
 	NOT-FOR-US: CubeCart
-CVE-2017-2116
+CVE-2017-2116 (Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers t ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2115
+CVE-2017-2115 (Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers t ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2114
+CVE-2017-2114 (Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.5.0 a ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2113
+CVE-2017-2113 (Buffer overflow in TS-WPTCAM firmware version 1.18 and earlier, TS-WPT ...)
 	NOT-FOR-US: firmware in network cameras by I-O DATA
-CVE-2017-2112
+CVE-2017-2112 (TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware versi ...)
 	NOT-FOR-US: firmware in network cameras by I-O DATA
-CVE-2017-2111
+CVE-2017-2111 (HTTP header injection vulnerability in TS-WPTCAM firmware version 1.18 ...)
 	NOT-FOR-US: firmware in network cameras by I-O DATA
-CVE-2017-2110
+CVE-2017-2110 (The Access CX App for Android prior to 2.0.0.1 and for iOS prior to 2. ...)
 	NOT-FOR-US: CX App for Android
-CVE-2017-2109
+CVE-2017-2109 (Cybozu KUNAI for Android 3.0.4 to 3.0.5.1 allow remote attackers to ob ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2108
+CVE-2017-2108 (Untrusted search path vulnerability in PrimeDrive Desktop Application  ...)
 	NOT-FOR-US: PrimeDrive Desktop Application
-CVE-2017-2107
+CVE-2017-2107 (Untrusted search path vulnerability in Self-extracting archive files c ...)
 	NOT-FOR-US: 7-ZIP32.DLL
-CVE-2017-2106
+CVE-2017-2106 (Multiple cross-site scripting vulnerabilities in Webmin versions prior ...)
 	NOT-FOR-US: Webmin
-CVE-2017-2105
+CVE-2017-2105 (The TVer App for Android 3.2.7 and earlier does not verify X.509 certi ...)
 	NOT-FOR-US: TVer App for Android
-CVE-2017-2104
+CVE-2017-2104 (The Business LaLa Call App for Android 1.4.7 and earlier does not veri ...)
 	NOT-FOR-US: Business LaLa Call App for Android
-CVE-2017-2103
+CVE-2017-2103 (The LaLa Call App for Android 2.4.7 and earlier does not verify X.509  ...)
 	NOT-FOR-US: LaLa Call App for Android
-CVE-2017-2102
+CVE-2017-2102 (Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerabil ...)
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool "AppGoat" for Web Application
-CVE-2017-2101
+CVE-2017-2101 (Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3. ...)
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool "AppGoat" for Web Application
-CVE-2017-2100
+CVE-2017-2100 (Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3. ...)
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool "AppGoat" for Web Application
-CVE-2017-2099
+CVE-2017-2099 (Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3. ...)
 	NOT-FOR-US: Hands-on Vulnerability Learning Tool "AppGoat" for Web Application
-CVE-2017-2098
+CVE-2017-2098 (Directory traversal vulnerability in CubeCart versions prior to 6.1.4  ...)
 	NOT-FOR-US: CubeCart
-CVE-2017-2097
+CVE-2017-2097 (Cross-site request forgery (CSRF) vulnerability in Knowledge versions  ...)
 	NOT-FOR-US: Knowledge
-CVE-2017-2096
+CVE-2017-2096 (smalruby-editor v0.4.0 and earlier allows remote attackers to execute  ...)
 	NOT-FOR-US: smalruby-editor
-CVE-2017-2095
+CVE-2017-2095 (Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to  ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2094
+CVE-2017-2094 (Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to  ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2093
+CVE-2017-2093 (Cybozu Garoon 3.0.0 to 4.2.3 allow remote attackers to obtain tokens u ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2092
+CVE-2017-2092 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 all ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2091
+CVE-2017-2091 (Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to  ...)
 	NOT-FOR-US: Cybozu
-CVE-2017-2090
+CVE-2017-2090 (Directory traversal vulnerability in CubeCart versions prior to 6.1.4  ...)
 	NOT-FOR-US: CubeCart
 CVE-2017-2089
 	REJECTED
@@ -46873,31 +46873,31 @@ CVE-2017-1797
 	RESERVED
 CVE-2017-1796
 	RESERVED
-CVE-2017-1795
+CVE-2017-1795 (IBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a local u ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2017-1794
+CVE-2017-1794 (IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1793
+CVE-2017-1793 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 a ...)
 	NOT-FOR-US: IBM
-CVE-2017-1792
+CVE-2017-1792 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 a ...)
 	NOT-FOR-US: IBM
-CVE-2017-1791
+CVE-2017-1791 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 a ...)
 	NOT-FOR-US: IBM
-CVE-2017-1790
+CVE-2017-1790 (IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through ...)
 	NOT-FOR-US: IBM DOORS Next Generation
-CVE-2017-1789
+CVE-2017-1789 (IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticate ...)
 	NOT-FOR-US: IBM
-CVE-2017-1788
+CVE-2017-1788 (IBM WebSphere Application Server 9 installations using Form Login coul ...)
 	NOT-FOR-US: IBM
-CVE-2017-1787
+CVE-2017-1787 (IBM Publishing Engine 2.1.2 and 6.0.5 contains an undisclosed vulnerab ...)
 	NOT-FOR-US: IBM Publishing Engine
-CVE-2017-1786
+CVE-2017-1786 (IBM WebSphere MQ 8.0 through 8.0.0.8 and 9.0 through 9.0.4 under speci ...)
 	NOT-FOR-US: IBM
-CVE-2017-1785
+CVE-2017-1785 (IBM API Connect 5.0.7 and 5.0.8 could allow an authenticated remote us ...)
 	NOT-FOR-US: IBM API Connect
-CVE-2017-1784
+CVE-2017-1784 (IBM Cognos Analytics 11.0 could produce results in temporary files tha ...)
 	NOT-FOR-US: IBM Cognos Analytics
-CVE-2017-1783
+CVE-2017-1783 (IBM Cognos Analytics 11.0 could allow a local user to change parameter ...)
 	NOT-FOR-US: IBM Cognos Analytics
 CVE-2017-1782
 	RESERVED
@@ -46905,7 +46905,7 @@ CVE-2017-1781
 	RESERVED
 CVE-2017-1780
 	RESERVED
-CVE-2017-1779
+CVE-2017-1779 (IBM Cognos Analytics 11.0 could store cached credentials locally that  ...)
 	NOT-FOR-US: IBM Cognos Analytics
 CVE-2017-1778
 	RESERVED
@@ -46915,79 +46915,79 @@ CVE-2017-1776
 	RESERVED
 CVE-2017-1775
 	RESERVED
-CVE-2017-1774
+CVE-2017-1774 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 discloses sen ...)
 	NOT-FOR-US: IBM Security Guardium Big Data Intelligence
-CVE-2017-1773
+CVE-2017-1773 (IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker  ...)
 	NOT-FOR-US: IBM DataPower Gateways
-CVE-2017-1772
+CVE-2017-1772 (IBM Worklight (IBM MobileFirst Platform Foundation 6.3, 7.0, 7.1, and  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1771
 	RESERVED
 CVE-2017-1770
 	RESERVED
-CVE-2017-1769
+CVE-2017-1769 (IBM Business Process Manager 8.6 is vulnerable to cross-site request f ...)
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2017-1768
+CVE-2017-1768 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 generates an  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1767
+CVE-2017-1767 (IBM Business Process Manager 8.6 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2017-1766
+CVE-2017-1766 (Due to incorrect authorization in IBM Business Process Manager 8.6 an  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1765
+CVE-2017-1765 (IBM Business Process Manager 8.6 could allow an authenticated user wit ...)
 	NOT-FOR-US: IBM
-CVE-2017-1764
+CVE-2017-1764 (IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, u ...)
 	NOT-FOR-US: IBM
 CVE-2017-1763
 	RESERVED
-CVE-2017-1762
+CVE-2017-1762 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1761
+CVE-2017-1761 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2017-1760
+CVE-2017-1760 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a local user to crash t ...)
 	NOT-FOR-US: IBM WebSphere MQ
 CVE-2017-1759
 	RESERVED
-CVE-2017-1758
+CVE-2017-1758 (IBM Financial Transaction Manager for ACH Services for Multi-Platform  ...)
 	NOT-FOR-US: IBM Financial Transaction Manager for ACH Services for Multi-Platform
-CVE-2017-1757
+CVE-2017-1757 (IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote at ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1756
+CVE-2017-1756 (IBM Business Process Manager 8.6 allows web pages to be stored locally ...)
 	NOT-FOR-US: IBM
-CVE-2017-1755
+CVE-2017-1755 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
 	NOT-FOR-US: IBM
 CVE-2017-1754
 	RESERVED
-CVE-2017-1753
+CVE-2017-1753 (Multiple IBM Rational products are vulnerable to HTML injection. A rem ...)
 	NOT-FOR-US: IBM
-CVE-2017-1752
+CVE-2017-1752 (IBM UrbanCode Deploy 6.1 and 6.2 could allow an authenticated privileg ...)
 	NOT-FOR-US: IBM UrbanCode Deploy
-CVE-2017-1751
+CVE-2017-1751 (IBM Robotic Process Automation with Automation Anywhere 10.0.0 is vuln ...)
 	NOT-FOR-US: IBM Robotic Process Automation with Automation Anywhere
-CVE-2017-1750
+CVE-2017-1750 (IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0 ...)
 	NOT-FOR-US: IBM Jazz Reporting Service
-CVE-2017-1749
+CVE-2017-1749 (IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker ...)
 	NOT-FOR-US: IBM UrbanCode Deploy
-CVE-2017-1748
+CVE-2017-1748 (IBM Connections 5.0, 5.5, and 6.0 could allow a remote attacker to con ...)
 	NOT-FOR-US: IBM
-CVE-2017-1747
+CVE-2017-1747 (A specially crafted message could cause a denial of service in IBM Web ...)
 	NOT-FOR-US: IBM
-CVE-2017-1746
+CVE-2017-1746 (IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is vulne ...)
 	NOT-FOR-US: IBM Jazz for Service Management
 CVE-2017-1745
 	RESERVED
 CVE-2017-1744
 	RESERVED
-CVE-2017-1743
+CVE-2017-1743 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1742
 	RESERVED
-CVE-2017-1741
+CVE-2017-1741 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1740
+CVE-2017-1740 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7. ...)
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2017-1739
+CVE-2017-1739 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 is  ...)
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2017-1738
+CVE-2017-1738 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 c ...)
 	NOT-FOR-US: IBM
 CVE-2017-1737
 	RESERVED
@@ -46995,55 +46995,55 @@ CVE-2017-1736
 	RESERVED
 CVE-2017-1735
 	RESERVED
-CVE-2017-1734
+CVE-2017-1734 (IBM Jazz Team Server affecting the following IBM Rational Products: Co ...)
 	NOT-FOR-US: IBM
-CVE-2017-1733
+CVE-2017-1733 (IBM QRadar 7.3 stores potentially sensitive information in log files t ...)
 	NOT-FOR-US: IBM
-CVE-2017-1732
+CVE-2017-1732 (IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 does n ...)
 	NOT-FOR-US: IBM
-CVE-2017-1731
+CVE-2017-1731 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2017-1730
 	RESERVED
-CVE-2017-1729
+CVE-2017-1729 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 a ...)
 	NOT-FOR-US: IBM
 CVE-2017-1728
 	RESERVED
-CVE-2017-1727
+CVE-2017-1727 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 discloses sensitive ...)
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
 CVE-2017-1726
 	RESERVED
-CVE-2017-1725
+CVE-2017-1725 (IBM Jazz Team Server affecting the following IBM Rational Products: Co ...)
 	NOT-FOR-US: IBM
-CVE-2017-1724
+CVE-2017-1724 (IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scrip ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2017-1723
+CVE-2017-1723 (IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to  ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2017-1722
+CVE-2017-1722 (IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to SQL injection. A ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2017-1721
+CVE-2017-1721 (IBM Security QRadar SIEM 7.2 and 7.3 could allow an unauthenticated us ...)
 	NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2017-1720
+CVE-2017-1720 (IBM Notes 8.5 and 9.0 could allow a local attacker to execute arbitrar ...)
 	NOT-FOR-US: IBM Notes
 CVE-2017-1719
 	RESERVED
 CVE-2017-1718
 	RESERVED
-CVE-2017-1717
+CVE-2017-1717 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1716
+CVE-2017-1716 (IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose s ...)
 	NOT-FOR-US: IBM Tivoli Workload Scheduler
-CVE-2017-1715
+CVE-2017-1715 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1714
+CVE-2017-1714 (IBM Notes and Domino NSD 8.5 and 9.0 could allow an authenticated loca ...)
 	NOT-FOR-US: IBM Notes and Domino NSD
 CVE-2017-1713
 	RESERVED
 CVE-2017-1712
 	RESERVED
-CVE-2017-1711
+CVE-2017-1711 (IBM iNotes 8.5 and 9.0 SUService can be misguided into running malicio ...)
 	NOT-FOR-US: IBM iNotes
-CVE-2017-1710
+CVE-2017-1710 (A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (20 ...)
 	NOT-FOR-US: IBM
 CVE-2017-1709
 	RESERVED
@@ -47053,7 +47053,7 @@ CVE-2017-1707
 	RESERVED
 CVE-2017-1706
 	RESERVED
-CVE-2017-1705
+CVE-2017-1705 (IBM Security Privileged Identity Manager 2.1.0 contains left-over, sen ...)
 	NOT-FOR-US: IBM
 CVE-2017-1704
 	RESERVED
@@ -47061,33 +47061,33 @@ CVE-2017-1703
 	RESERVED
 CVE-2017-1702
 	RESERVED
-CVE-2017-1701
+CVE-2017-1701 (IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6. ...)
 	NOT-FOR-US: IBM
-CVE-2017-1700
+CVE-2017-1700 (IBM Jazz Team Server affecting the following IBM Rational Products: Co ...)
 	NOT-FOR-US: IBM
-CVE-2017-1699
+CVE-2017-1699 (IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissio ...)
 	NOT-FOR-US: IBM MQ Managed File Transfer Agent
-CVE-2017-1698
+CVE-2017-1698 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could reveal sensitive inf ...)
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2017-1697
 	RESERVED
-CVE-2017-1696
+CVE-2017-1696 (IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to  ...)
 	NOT-FOR-US: IBM QRadar
-CVE-2017-1695
+CVE-2017-1695 (IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic al ...)
 	NOT-FOR-US: IBM
-CVE-2017-1694
+CVE-2017-1694 (IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain i ...)
 	NOT-FOR-US: IBM Integration Bus
-CVE-2017-1693
+CVE-2017-1693 (IBM Integration Bus 9.0 and 10.0 could allow an attacker that has capt ...)
 	NOT-FOR-US: IBM Integration Bus
-CVE-2017-1692
+CVE-2017-1692 (IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability t ...)
 	NOT-FOR-US: IBM AIX
-CVE-2017-1691
+CVE-2017-1691 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1690
+CVE-2017-1690 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1689
+CVE-2017-1689 (IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site sc ...)
 	NOT-FOR-US: IBM
-CVE-2017-1688
+CVE-2017-1688 (IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site sc ...)
 	NOT-FOR-US: IBM
 CVE-2017-1687
 	RESERVED
@@ -47097,19 +47097,19 @@ CVE-2017-1685
 	RESERVED
 CVE-2017-1684
 	RESERVED
-CVE-2017-1683
+CVE-2017-1683 (IBM Connections Engagement Center 6.0 is vulnerable to cross-site scri ...)
 	NOT-FOR-US: IBM Connections Engagement Center
-CVE-2017-1682
+CVE-2017-1682 (IBM Connections 4.0, 4.5, 5.0, 5.5, and 6.0 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM Connections
-CVE-2017-1681
+CVE-2017-1681 (IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.1 ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2017-1680
 	RESERVED
-CVE-2017-1679
+CVE-2017-1679 (IBM OpenPages GRC Platform 7.2, 7.3, 7.4, and 8.0 could allow an attac ...)
 	NOT-FOR-US: IBM
-CVE-2017-1678
+CVE-2017-1678 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
 	NOT-FOR-US: IBM
-CVE-2017-1677
+CVE-2017-1677 (IBM Data Server Driver for JDBC and SQLJ (IBM DB2 for Linux, UNIX and  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1676
 	RESERVED
@@ -47117,25 +47117,25 @@ CVE-2017-1675
 	RESERVED
 CVE-2017-1674
 	RESERVED
-CVE-2017-1673
+CVE-2017-1673 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to cr ...)
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1672
+CVE-2017-1672 (IBM Tivoli Key Lifecycle Manager 2.6 and 2.7 is vulnerable to cross-si ...)
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1671
+CVE-2017-1671 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remot ...)
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1670
+CVE-2017-1670 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQ ...)
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1669
+CVE-2017-1669 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 stores sensitive in ...)
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1668
+CVE-2017-1668 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remot ...)
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
 CVE-2017-1667
 	RESERVED
-CVE-2017-1666
+CVE-2017-1666 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to a  ...)
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1665
+CVE-2017-1665 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than ex ...)
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
-CVE-2017-1664
+CVE-2017-1664 (IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than ex ...)
 	NOT-FOR-US: IBM Tivoli Key Lifecycle Manager
 CVE-2017-1663
 	RESERVED
@@ -47153,19 +47153,19 @@ CVE-2017-1657
 	RESERVED
 CVE-2017-1656
 	RESERVED
-CVE-2017-1655
+CVE-2017-1655 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1654
+CVE-2017-1654 (IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivi ...)
 	NOT-FOR-US: IBM
-CVE-2017-1653
+CVE-2017-1653 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6 ...)
 	NOT-FOR-US: IBM Jazz Foundation
-CVE-2017-1652
+CVE-2017-1652 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1651
+CVE-2017-1651 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1650
+CVE-2017-1650 (IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site sc ...)
 	NOT-FOR-US: IBM
-CVE-2017-1649
+CVE-2017-1649 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
 CVE-2017-1648
 	RESERVED
@@ -47193,35 +47193,35 @@ CVE-2017-1637
 	RESERVED
 CVE-2017-1636
 	RESERVED
-CVE-2017-1635
+CVE-2017-1635 (IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to exec ...)
 	NOT-FOR-US: IBM Tivoli Monitoring
 CVE-2017-1634
 	RESERVED
-CVE-2017-1633
+CVE-2017-1633 (IBM Sterling B2B Integrator 5.2 through 5.2.6 could allow an authentic ...)
 	NOT-FOR-US: IBM
-CVE-2017-1632
+CVE-2017-1632 (IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. T ...)
 	NOT-FOR-US: IBM Sterling File Gateway
-CVE-2017-1631
+CVE-2017-1631 (IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is vulne ...)
 	NOT-FOR-US: IBM Jazz for Service Management
 CVE-2017-1630
 	RESERVED
-CVE-2017-1629
+CVE-2017-1629 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1628
+CVE-2017-1628 (IBM Business Process Manager 8.6.0.0 allows authenticated users to sto ...)
 	NOT-FOR-US: IBM
 CVE-2017-1627
 	RESERVED
 CVE-2017-1626
 	RESERVED
-CVE-2017-1625
+CVE-2017-1625 (IBM Pulse for QRadar 1.0.0 - 1.0.3 discloses sensitive information to  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1624
+CVE-2017-1624 (IBM QRadar 7.3 and 7.3.1 specifies permissions for a security-critical ...)
 	NOT-FOR-US: IBM
-CVE-2017-1623
+CVE-2017-1623 (IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. This vul ...)
 	NOT-FOR-US: IBM QRadar
-CVE-2017-1622
+CVE-2017-1622 (IBM QRadar SIEM 7.2.8 and 7.3 does not validate, or incorrectly valida ...)
 	NOT-FOR-US: IBM
-CVE-2017-1621
+CVE-2017-1621 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1620
 	RESERVED
@@ -47237,51 +47237,51 @@ CVE-2017-1615
 	RESERVED
 CVE-2017-1614
 	RESERVED
-CVE-2017-1613
+CVE-2017-1613 (IBM Connections 6.0 could allow an unauthenticated remote attacker to  ...)
 	NOT-FOR-US: IBM Connections
-CVE-2017-1612
+CVE-2017-1612 (IBM WebSphere MQ 7.0, 7.1, 7.5, 8.0, and 9.0 service trace module coul ...)
 	NOT-FOR-US: IBM WebSphere MQ
 CVE-2017-1611
 	RESERVED
 CVE-2017-1610
 	RESERVED
-CVE-2017-1609
+CVE-2017-1609 (IBM Quality Manager (RQM) 5.0 through 5.0.2 and 6.0 through 6.0.6 are  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1608
+CVE-2017-1608 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1607
+CVE-2017-1607 (IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site sc ...)
 	NOT-FOR-US: IBM
-CVE-2017-1606
+CVE-2017-1606 (IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0. ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
 CVE-2017-1605
 	RESERVED
-CVE-2017-1604
+CVE-2017-1604 (IBM Maximo Anywhere 7.5 and 7.6 is vulnerable to cross-site scripting. ...)
 	NOT-FOR-US: IBM Maximo Anywhere
 CVE-2017-1603
 	RESERVED
-CVE-2017-1602
+CVE-2017-1602 (IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6. ...)
 	NOT-FOR-US: IBM
-CVE-2017-1601
+CVE-2017-1601 (IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database A ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1600
+CVE-2017-1600 (IBM Security Guardium 10.0 Database Activity Monitor is vulnerable to  ...)
 	NOT-FOR-US: IBM Security Guardium
 CVE-2017-1599
 	RESERVED
-CVE-2017-1598
+CVE-2017-1598 (IBM Security Guardium 10.0 Database Activity Monitor uses weaker than  ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1597
+CVE-2017-1597 (IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1596
+CVE-2017-1596 (IBM Security Guardium 10.0 Database Activity Monitor could allow a loc ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1595
+CVE-2017-1595 (IBM Security Guardium 10.0 Database Activity Monitor could allow a loc ...)
 	NOT-FOR-US: IBM Security Guardium
 CVE-2017-1594
 	RESERVED
-CVE-2017-1593
+CVE-2017-1593 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
 	NOT-FOR-US: IBM
-CVE-2017-1592
+CVE-2017-1592 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1591
+CVE-2017-1591 (IBM WebSphere DataPower Appliances 7.0.0 through 7.6 is vulnerable to  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1590
 	RESERVED
@@ -47297,7 +47297,7 @@ CVE-2017-1585
 	RESERVED
 CVE-2017-1584
 	RESERVED
-CVE-2017-1583
+CVE-2017-1583 (IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.1 ...)
 	NOT-FOR-US: IBM
 CVE-2017-1582
 	RESERVED
@@ -47309,11 +47309,11 @@ CVE-2017-1579
 	RESERVED
 CVE-2017-1578
 	RESERVED
-CVE-2017-1577
+CVE-2017-1577 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attac ...)
 	NOT-FOR-US: IBM
 CVE-2017-1576
 	RESERVED
-CVE-2017-1575
+CVE-2017-1575 (IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gatewa ...)
 	NOT-FOR-US: IBM
 CVE-2017-1574
 	RESERVED
@@ -47321,119 +47321,119 @@ CVE-2017-1573
 	RESERVED
 CVE-2017-1572
 	RESERVED
-CVE-2017-1571
+CVE-2017-1571 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2017-1570
+CVE-2017-1570 (IBM Jazz Foundation products could allow an authenticated user to obta ...)
 	NOT-FOR-US: IBM
-CVE-2017-1569
+CVE-2017-1569 (IBM WebSphere Commerce 7.0 and 8.0 contains an unspecified vulnerabili ...)
 	NOT-FOR-US: IBM
-CVE-2017-1568
+CVE-2017-1568 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1567
+CVE-2017-1567 (IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM Doors Web Access
 CVE-2017-1566
 	RESERVED
-CVE-2017-1565
+CVE-2017-1565 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1564
+CVE-2017-1564 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1563
+CVE-2017-1563 (IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM Doors Web Access
-CVE-2017-1562
+CVE-2017-1562 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1561
+CVE-2017-1561 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1560
+CVE-2017-1560 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
 	NOT-FOR-US: IBM
-CVE-2017-1559
+CVE-2017-1559 (Multiple IBM Rational products could disclose sensitive information by ...)
 	NOT-FOR-US: IBM
-CVE-2017-1558
+CVE-2017-1558 (IBM Maximo Asset Management 7.5 and 7.6 could allow a remote attacker  ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2017-1557
+CVE-2017-1557 (IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user with au ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2017-1556
+CVE-2017-1556 (IBM API Connect 5.0.7.0 through 5.0.7.2 is vulnerable to a regular exp ...)
 	NOT-FOR-US: IBM
-CVE-2017-1555
+CVE-2017-1555 (IBM API Connect 5.0.0.0 through 5.0.7.2 could allow an authenticated u ...)
 	NOT-FOR-US: IBM
-CVE-2017-1554
+CVE-2017-1554 (IBM Infosphere BigInsights 4.2.0 and 4.2.5 could allow a remote attack ...)
 	NOT-FOR-US: IBM
-CVE-2017-1553
+CVE-2017-1553 (IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
-CVE-2017-1552
+CVE-2017-1552 (IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to link injec ...)
 	NOT-FOR-US: IBM
-CVE-2017-1551
+CVE-2017-1551 (IBM API Connect 5.0.0.0 through 5.0.7.2 could allow a remote attacker  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1550
+CVE-2017-1550 (IBM Sterling File Gateway 2.2 could allow an authenticated user to cha ...)
 	NOT-FOR-US: IBM Sterling File Gateway
-CVE-2017-1549
+CVE-2017-1549 (IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. T ...)
 	NOT-FOR-US: IBM Sterling File Gateway
-CVE-2017-1548
+CVE-2017-1548 (IBM Sterling File Gateway 2.2 could allow a remote attacker to travers ...)
 	NOT-FOR-US: IBM Sterling File Gateway
 CVE-2017-1547
 	RESERVED
-CVE-2017-1546
+CVE-2017-1546 (IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable t ...)
 	NOT-FOR-US: IBM DOORS Next Generation
-CVE-2017-1545
+CVE-2017-1545 (IBM Doors Web Access 9.5 and 9.6 could allow an attacker with physical ...)
 	NOT-FOR-US: IBM Doors Web Access
-CVE-2017-1544
+CVE-2017-1544 (IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gatewa ...)
 	NOT-FOR-US: IBM
 CVE-2017-1543
 	RESERVED
 CVE-2017-1542
 	RESERVED
-CVE-2017-1541
+CVE-2017-1541 (A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1540
+CVE-2017-1540 (IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM Doors Web Access
-CVE-2017-1539
+CVE-2017-1539 (IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to privil ...)
 	NOT-FOR-US: IBM
-CVE-2017-1538
+CVE-2017-1538 (IBM Financial Transaction Manager for ACH Services for Multi-Platform  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1537
 	RESERVED
-CVE-2017-1536
+CVE-2017-1536 (IBM Support Tools for Lotus WCM (IBM WebSphere Portal 7.0, 8.0, 8.5 an ...)
 	NOT-FOR-US: IBM Support Tools for Lotus WCM
-CVE-2017-1535
+CVE-2017-1535 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1534
+CVE-2017-1534 (IBM Security Access Manager Appliance 8.0.0 and 9.0.0 could allow a re ...)
 	NOT-FOR-US: IBM Security Access Manager Appliance
-CVE-2017-1533
+CVE-2017-1533 (IBM Security Access Manager Appliance 9.0.3 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM Security Access Manager Appliance
-CVE-2017-1532
+CVE-2017-1532 (IBM DOORS 9.5 and 9.6 is vulnerable to cross-site scripting. This vuln ...)
 	NOT-FOR-US: IBM DOORS
-CVE-2017-1531
+CVE-2017-1531 (IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
-CVE-2017-1530
+CVE-2017-1530 (IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
 CVE-2017-1529
 	RESERVED
 CVE-2017-1528
 	RESERVED
-CVE-2017-1527
+CVE-2017-1527 (IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to a XML  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1526
 	RESERVED
 CVE-2017-1525
 	RESERVED
-CVE-2017-1524
+CVE-2017-1524 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1523
+CVE-2017-1523 (IBM InfoSphere Master Data Management - Collaborative Edition 11.5 cou ...)
 	NOT-FOR-US: IBM
-CVE-2017-1522
+CVE-2017-1522 (IBM Content Navigator &amp; CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable ...)
 	NOT-FOR-US: IBM
-CVE-2017-1521
+CVE-2017-1521 (IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and A ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1520
+CVE-2017-1520 (IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized com ...)
 	NOT-FOR-US: IBM
-CVE-2017-1519
+CVE-2017-1519 (IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A re ...)
 	NOT-FOR-US: IBM
 CVE-2017-1518
 	RESERVED
 CVE-2017-1517
 	RESERVED
-CVE-2017-1516
+CVE-2017-1516 (IBM Doors Web Access 9.5 and 9.6 could allow a remote attacker to hija ...)
 	NOT-FOR-US: IBM Doors Web Access
-CVE-2017-1515
+CVE-2017-1515 (IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to  ...)
 	NOT-FOR-US: IBM Doors Web Access
 CVE-2017-1514
 	RESERVED
@@ -47445,79 +47445,79 @@ CVE-2017-1511
 	RESERVED
 CVE-2017-1510
 	RESERVED
-CVE-2017-1509
+CVE-2017-1509 (IBM Jazz Foundation products could allow an authenticated user to obta ...)
 	NOT-FOR-US: IBM
-CVE-2017-1508
+CVE-2017-1508 (IBM Informix Dynamic Server 12.1 could allow a local user logged in wi ...)
 	NOT-FOR-US: IBM
-CVE-2017-1507
+CVE-2017-1507 (IBM Jazz Foundation Products could disclose sensitive information duri ...)
 	NOT-FOR-US: IBM Jazz Foundation Products
-CVE-2017-1506
+CVE-2017-1506 (IBM Cognos TM1 10.2 and 10.2.2 is vulnerable to cross-site scripting.  ...)
 	NOT-FOR-US: IBM Cognos TM1
 CVE-2017-1505
 	RESERVED
-CVE-2017-1504
+CVE-2017-1504 (IBM WebSphere Application Server version 9.0.0.4 could provide weaker  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1503
+CVE-2017-1503 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1502
+CVE-2017-1502 (IBM Content Navigator &amp; CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable ...)
 	NOT-FOR-US: IBM
-CVE-2017-1501
+CVE-2017-1501 (IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide weake ...)
 	NOT-FOR-US: IBM
-CVE-2017-1500
+CVE-2017-1500 (A Reflected Cross Site Scripting (XSS) vulnerability exists in the aut ...)
 	NOT-FOR-US: IBM
-CVE-2017-1499
+CVE-2017-1499 (IBM Maximo Asset Management 7.5 and 7.6 could allow a remote attacker  ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2017-1498
+CVE-2017-1498 (IBM Connections 5.5 is vulnerable to cross-site scripting. This vulner ...)
 	NOT-FOR-US: IBM
-CVE-2017-1497
+CVE-2017-1497 (IBM Sterling File Gateway 2.2 could allow an unauthorized user to view ...)
 	NOT-FOR-US: IBM
-CVE-2017-1496
+CVE-2017-1496 (IBM Sterling B2B Integrator Standard Edition 5.2.x is vulnerable to cr ...)
 	NOT-FOR-US: IBM
-CVE-2017-1495
+CVE-2017-1495 (IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a pr ...)
 	NOT-FOR-US: IBM
-CVE-2017-1494
+CVE-2017-1494 (IBM Business Process Manager 8.5 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM Business Process Manager
-CVE-2017-1493
+CVE-2017-1493 (IBM UrbanCode Deploy (UCD) 6.1 and 6.2 could allow an authenticated us ...)
 	NOT-FOR-US: IBM UrbanCode Deploy
 CVE-2017-1492
 	RESERVED
-CVE-2017-1491
+CVE-2017-1491 (IBM QRadar Network Security 5.4 supports interaction between multiple  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1490
+CVE-2017-1490 (An unspecified vulnerability in the Lifecycle Query Engine of Jazz Rep ...)
 	NOT-FOR-US: IBM
-CVE-2017-1489
+CVE-2017-1489 (IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configu ...)
 	NOT-FOR-US: IBM
-CVE-2017-1488
+CVE-2017-1488 (An undisclosed vulnerability in Jazz common products exists with poten ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-1487
+CVE-2017-1487 (IBM Sterling File Gateway 2.2 could allow an authenticated attacker to ...)
 	NOT-FOR-US: IBM
-CVE-2017-1486
+CVE-2017-1486 (IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2 is ...)
 	NOT-FOR-US: IBM
-CVE-2017-1485
+CVE-2017-1485 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1484
+CVE-2017-1484 (IBM WebSphere Commerce Enterprise, Professional, Express, and Develope ...)
 	NOT-FOR-US: IBM
-CVE-2017-1483
+CVE-2017-1483 (IBM Security Identity Manager Adapters 6.0 and 7.0 does not perform an ...)
 	NOT-FOR-US: IBM
-CVE-2017-1482
+CVE-2017-1482 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cros ...)
 	NOT-FOR-US: IBM
-CVE-2017-1481
+CVE-2017-1481 (IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view ...)
 	NOT-FOR-US: IBM
-CVE-2017-1480
+CVE-2017-1480 (IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 ...)
 	NOT-FOR-US: IBM Security Access Manager Appliance
 CVE-2017-1479
 	RESERVED
-CVE-2017-1478
+CVE-2017-1478 (IBM Security Access Manager Appliance 9.0.0 allows web pages to be sto ...)
 	NOT-FOR-US: IBM Security Access Manager Appliance
-CVE-2017-1477
+CVE-2017-1477 (IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML Ext ...)
 	NOT-FOR-US: IBM
-CVE-2017-1476
+CVE-2017-1476 (IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, an ...)
 	NOT-FOR-US: IBM Security Access Manager Appliance
 CVE-2017-1475
 	RESERVED
-CVE-2017-1474
+CVE-2017-1474 (IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, an ...)
 	NOT-FOR-US: IBM Security Access Manager Appliance
-CVE-2017-1473
+CVE-2017-1473 (IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and 9.0.0  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1472
 	RESERVED
@@ -47525,31 +47525,31 @@ CVE-2017-1471
 	RESERVED
 CVE-2017-1470
 	RESERVED
-CVE-2017-1469
+CVE-2017-1469 (IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a lo ...)
 	NOT-FOR-US: IBM
-CVE-2017-1468
+CVE-2017-1468 (IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a lo ...)
 	NOT-FOR-US: IBM
-CVE-2017-1467
+CVE-2017-1467 (A network layer security vulnerability in InfoSphere Information Serve ...)
 	NOT-FOR-US: IBM
 CVE-2017-1466
 	RESERVED
-CVE-2017-1465
+CVE-2017-1465 (IBM TRIRIGA 3.2, 3.3, 3.4, and 3.5 could allow a remote attacker to hi ...)
 	NOT-FOR-US: IBM
 CVE-2017-1464
 	RESERVED
 CVE-2017-1463
 	RESERVED
-CVE-2017-1462
+CVE-2017-1462 (IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. Thi ...)
 	NOT-FOR-US: IBM Rhapsody DM
-CVE-2017-1461
+CVE-2017-1461 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
 	NOT-FOR-US: IBM
-CVE-2017-1460
+CVE-2017-1460 (IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router sp ...)
 	NOT-FOR-US: IBM
-CVE-2017-1459
+CVE-2017-1459 (IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permis ...)
 	NOT-FOR-US: IBM Security Access Manager Appliance
-CVE-2017-1458
+CVE-2017-1458 (IBM QRadar Network Security 5.4 is vulnerable to a XML External Entity ...)
 	NOT-FOR-US: IBM
-CVE-2017-1457
+CVE-2017-1457 (IBM QRadar Network Security 5.4 is vulnerable to cross-site scripting. ...)
 	NOT-FOR-US: IBM
 CVE-2017-1456
 	RESERVED
@@ -47557,37 +47557,37 @@ CVE-2017-1455
 	RESERVED
 CVE-2017-1454
 	RESERVED
-CVE-2017-1453
+CVE-2017-1453 (IBM Security Access Manager Appliance 9.0.3 could allow a remote authe ...)
 	NOT-FOR-US: IBM
-CVE-2017-1452
+CVE-2017-1452 (IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (include ...)
 	NOT-FOR-US: IBM
-CVE-2017-1451
+CVE-2017-1451 (IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (include ...)
 	NOT-FOR-US: IBM
-CVE-2017-1450
+CVE-2017-1450 (IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to co ...)
 	NOT-FOR-US: IBM
-CVE-2017-1449
+CVE-2017-1449 (IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to co ...)
 	NOT-FOR-US: IBM
-CVE-2017-1448
+CVE-2017-1448 (IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could all ...)
 	NOT-FOR-US: IBM
-CVE-2017-1447
+CVE-2017-1447 (IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site scripti ...)
 	NOT-FOR-US: IBM
-CVE-2017-1446
+CVE-2017-1446 (IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 is vulnerable to cr ...)
 	NOT-FOR-US: IBM
-CVE-2017-1445
+CVE-2017-1445 (IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 is vulnerable to cr ...)
 	NOT-FOR-US: IBM
-CVE-2017-1444
+CVE-2017-1444 (IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site scripti ...)
 	NOT-FOR-US: IBM
-CVE-2017-1443
+CVE-2017-1443 (IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
-CVE-2017-1442
+CVE-2017-1442 (IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
-CVE-2017-1441
+CVE-2017-1441 (IBM Emptoris Services Procurement 10.0.0.5 could allow a local user to ...)
 	NOT-FOR-US: IBM
-CVE-2017-1440
+CVE-2017-1440 (IBM Emptoris Services Procurement 10.0.0.5 could allow a remote attack ...)
 	NOT-FOR-US: IBM
-CVE-2017-1439
+CVE-2017-1439 (IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (include ...)
 	NOT-FOR-US: IBM
-CVE-2017-1438
+CVE-2017-1438 (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (include ...)
 	NOT-FOR-US: IBM
 CVE-2017-1437
 	RESERVED
@@ -47595,39 +47595,39 @@ CVE-2017-1436
 	RESERVED
 CVE-2017-1435
 	RESERVED
-CVE-2017-1434
+CVE-2017-1434 (IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) ...)
 	NOT-FOR-US: IBM
-CVE-2017-1433
+CVE-2017-1433 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow an authenticated user t ...)
 	NOT-FOR-US: IBM
 CVE-2017-1432
 	RESERVED
-CVE-2017-1431
+CVE-2017-1431 (IBM InfoSphere Streams 4.0, 4.1, and 4.2 is vulnerable to cross-site s ...)
 	NOT-FOR-US: IBM
 CVE-2017-1430
 	RESERVED
-CVE-2017-1429
+CVE-2017-1429 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
-CVE-2017-1428
+CVE-2017-1428 (IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1427
+CVE-2017-1427 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1426
 	RESERVED
-CVE-2017-1425
+CVE-2017-1425 (IBM Business Process Manager 8.0.1.1 and 8.5.7 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
-CVE-2017-1424
+CVE-2017-1424 (IBM Business Process Manager 8.5.7 is vulnerable to cross-site scripti ...)
 	NOT-FOR-US: IBM
-CVE-2017-1423
+CVE-2017-1423 (IBM WebSphere Portal 8.5 and 9.0 exposes backend server URLs that are  ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2017-1422
+CVE-2017-1422 (IBM MaaS360 DTM all versions up to 3.81 does not perform proper verifi ...)
 	NOT-FOR-US: IBM
-CVE-2017-1421
+CVE-2017-1421 (IBM iNotes is vulnerable to cross-site scripting. This vulnerability a ...)
 	NOT-FOR-US: IBM iNotes
 CVE-2017-1420
 	RESERVED
 CVE-2017-1419
 	RESERVED
-CVE-2017-1418
+CVE-2017-1418 (IBM Integration Bus 9.0.0.0, 9.0.0.11, 10.0.0.0, and 10.0.0.14 (includ ...)
 	NOT-FOR-US: IBM
 CVE-2017-1417
 	RESERVED
@@ -47639,21 +47639,21 @@ CVE-2017-1414
 	RESERVED
 CVE-2017-1413
 	RESERVED
-CVE-2017-1412
+CVE-2017-1412 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1411
+CVE-2017-1411 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
 	NOT-FOR-US: IBM
 CVE-2017-1410
 	RESERVED
-CVE-2017-1409
+CVE-2017-1409 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
 	NOT-FOR-US: IBM
 CVE-2017-1408
 	RESERVED
-CVE-2017-1407
+CVE-2017-1407 (IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allo ...)
 	NOT-FOR-US: IBM
 CVE-2017-1406
 	RESERVED
-CVE-2017-1405
+CVE-2017-1405 (IBM Security Identity Manager Virtual Appliance 7.0 processes patches, ...)
 	NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
 CVE-2017-1404
 	RESERVED
@@ -47667,13 +47667,13 @@ CVE-2017-1400
 	RESERVED
 CVE-2017-1399
 	RESERVED
-CVE-2017-1398
+CVE-2017-1398 (IBM WebSphere Commerce Enterprise, Professional, Express, and Develope ...)
 	NOT-FOR-US: IBM
 CVE-2017-1397
 	RESERVED
-CVE-2017-1396
+CVE-2017-1396 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1395
+CVE-2017-1395 (IBM Security Identity Governance and Intelligence Virtual Appliance 5. ...)
 	NOT-FOR-US: IBM
 CVE-2017-1394
 	RESERVED
@@ -47691,401 +47691,401 @@ CVE-2017-1388
 	RESERVED
 CVE-2017-1387
 	RESERVED
-CVE-2017-1386
+CVE-2017-1386 (IBM API Connect 5.0.0.0 could allow a user to bypass policy restrictio ...)
 	NOT-FOR-US: IBM
 CVE-2017-1385
 	RESERVED
 CVE-2017-1384
 	RESERVED
-CVE-2017-1383
+CVE-2017-1383 (IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to ...)
 	NOT-FOR-US: IBM
-CVE-2017-1382
+CVE-2017-1382 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create f ...)
 	NOT-FOR-US: IBM
-CVE-2017-1381
+CVE-2017-1381 (IBM WebSphere Application Server Proxy Server or On-demand-router (ODR ...)
 	NOT-FOR-US: IBM
-CVE-2017-1380
+CVE-2017-1380 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1379
+CVE-2017-1379 (IBM API Connect 5.0.0.0 could allow a remote attacker to obtain sensit ...)
 	NOT-FOR-US: IBM
-CVE-2017-1378
+CVE-2017-1378 (IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) dis ...)
 	NOT-FOR-US: IBM
-CVE-2017-1377
+CVE-2017-1377 (IBM Runbook Automation reveals sensitive information in error messages ...)
 	NOT-FOR-US: IBM
-CVE-2017-1376
+CVE-2017-1376 (A flaw in the IBM J9 VM class verifier allows untrusted code to disabl ...)
 	NOT-FOR-US: IBM JDK
-CVE-2017-1375
+CVE-2017-1375 (IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 uses we ...)
 	NOT-FOR-US: IBM
-CVE-2017-1374
+CVE-2017-1374 (Sensitive data can be exposed in the IBM TRIRIGA Application Platform  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1373
+CVE-2017-1373 (Reports executed in the IBM TRIRIGA Application Platform 3.3, 3.4, and ...)
 	NOT-FOR-US: IBM
-CVE-2017-1372
+CVE-2017-1372 (IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 is vulnerable to cr ...)
 	NOT-FOR-US: IBM
-CVE-2017-1371
+CVE-2017-1371 (Builder tools running in the IBM TRIRIGA Application Platform 3.3, 3.4 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1370
+CVE-2017-1370 (IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1369
+CVE-2017-1369 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
-CVE-2017-1368
+CVE-2017-1368 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1367
+CVE-2017-1367 (IBM Security Identity Governance and Intelligence Virtual Appliance 5. ...)
 	NOT-FOR-US: IBM
-CVE-2017-1366
+CVE-2017-1366 (IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1365
+CVE-2017-1365 (IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle M ...)
 	NOT-FOR-US: IBM Team Concert
-CVE-2017-1364
+CVE-2017-1364 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
-CVE-2017-1363
+CVE-2017-1363 (IBM Team Concert (RTC) is vulnerable to cross-site scripting. This vul ...)
 	NOT-FOR-US: IBM
-CVE-2017-1362
+CVE-2017-1362 (IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credent ...)
 	NOT-FOR-US: IBM
 CVE-2017-1361
 	RESERVED
 CVE-2017-1360
 	RESERVED
-CVE-2017-1359
+CVE-2017-1359 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
 CVE-2017-1358
 	RESERVED
-CVE-2017-1357
+CVE-2017-1357 (IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated u ...)
 	NOT-FOR-US: IBM
-CVE-2017-1356
+CVE-2017-1356 (IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL inj ...)
 	NOT-FOR-US: IBM
-CVE-2017-1355
+CVE-2017-1355 (IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive informa ...)
 	NOT-FOR-US: IBM
-CVE-2017-1354
+CVE-2017-1354 (IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to cross-s ...)
 	NOT-FOR-US: IBM
-CVE-2017-1353
+CVE-2017-1353 (IBM Atlas eDiscovery Process Management 6.0.3 could allow an authentic ...)
 	NOT-FOR-US: IBM
-CVE-2017-1352
+CVE-2017-1352 (IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated u ...)
 	NOT-FOR-US: IBM
 CVE-2017-1351
 	RESERVED
-CVE-2017-1350
+CVE-2017-1350 (IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 could allo ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2017-1349
+CVE-2017-1349 (IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially se ...)
 	NOT-FOR-US: IBM
-CVE-2017-1348
+CVE-2017-1348 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cros ...)
 	NOT-FOR-US: IBM
-CVE-2017-1347
+CVE-2017-1347 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1346
+CVE-2017-1346 (IBM Business Process Manager 7.5, 8.0, and 8.5 temporarily stores file ...)
 	NOT-FOR-US: IBM
-CVE-2017-1345
+CVE-2017-1345 (IBM Insights Foundation for Energy 2.0 is vulnerable to cross-site scr ...)
 	NOT-FOR-US: IBM
 CVE-2017-1344
 	RESERVED
 CVE-2017-1343
 	RESERVED
-CVE-2017-1342
+CVE-2017-1342 (IBM Insights Foundation for Energy 2.0 could reveal sensitive informat ...)
 	NOT-FOR-US: IBM
-CVE-2017-1341
+CVE-2017-1341 (IBM WebSphere MQ 8.0 and 9.0 could allow, under special circumstances, ...)
 	NOT-FOR-US: IBM
-CVE-2017-1340
+CVE-2017-1340 (IBM Jazz Reporting Service (JRS) 6.0.4 could allow an authenticated us ...)
 	NOT-FOR-US: IBM
-CVE-2017-1339
+CVE-2017-1339 (IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Ser ...)
 	NOT-FOR-US: IBM
-CVE-2017-1338
+CVE-2017-1338 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to ...)
 	NOT-FOR-US: IBM
-CVE-2017-1337
+CVE-2017-1337 (IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1336
+CVE-2017-1336 (IBM Infosphere BigInsights 4.2.0 could allow an attacker to inject cod ...)
 	NOT-FOR-US: IBM
-CVE-2017-1335
+CVE-2017-1335 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
-CVE-2017-1334
+CVE-2017-1334 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
-CVE-2017-1333
+CVE-2017-1333 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow an unauthenti ...)
 	NOT-FOR-US: IBM
-CVE-2017-1332
+CVE-2017-1332 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vul ...)
 	NOT-FOR-US: IBM
-CVE-2017-1331
+CVE-2017-1331 (IBM Content Navigator 2.0.3 and 3.0.0 is vulnerable to cross-site scri ...)
 	NOT-FOR-US: IBM
 CVE-2017-1330
 	RESERVED
-CVE-2017-1329
+CVE-2017-1329 (IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable t ...)
 	NOT-FOR-US: IBM Quality Manager
-CVE-2017-1328
+CVE-2017-1328 (IBM API Connect 5.0.0.0 - 5.0.6.0 could allow a remote attacker to byp ...)
 	NOT-FOR-US: IBM
-CVE-2017-1327
+CVE-2017-1327 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vul ...)
 	NOT-FOR-US: IBM
-CVE-2017-1326
+CVE-2017-1326 (IBM Sterling File Gateway does not properly restrict user requests bas ...)
 	NOT-FOR-US: IBM
-CVE-2017-1325
+CVE-2017-1325 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vul ...)
 	NOT-FOR-US: IBM
-CVE-2017-1324
+CVE-2017-1324 (IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
 CVE-2017-1323
 	RESERVED
-CVE-2017-1322
+CVE-2017-1322 (IBM API Connect 5.0.6.0 is vulnerable to an XML External Entity Inject ...)
 	NOT-FOR-US: IBM
-CVE-2017-1321
+CVE-2017-1321 (IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to ...)
 	NOT-FOR-US: IBM
-CVE-2017-1320
+CVE-2017-1320 (IBM Tivoli Federated Identity Manager 6.2 is vulnerable to cross-site  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1319
+CVE-2017-1319 (IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerabili ...)
 	NOT-FOR-US: IBM
-CVE-2017-1318
+CVE-2017-1318 (IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging ad ...)
 	NOT-FOR-US: IBM
-CVE-2017-1317
+CVE-2017-1317 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1316
+CVE-2017-1316 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1315
+CVE-2017-1315 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1314
+CVE-2017-1314 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1313
+CVE-2017-1313 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1312
+CVE-2017-1312 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1311
+CVE-2017-1311 (IBM Insights Foundation for Energy 2.0 is vulnerable to SQL injection. ...)
 	NOT-FOR-US: IBM
-CVE-2017-1310
+CVE-2017-1310 (IBM Informix Dynamic Server 12.1 could allow an authenticated user to  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1309
+CVE-2017-1309 (IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user c ...)
 	NOT-FOR-US: IBM
-CVE-2017-1308
+CVE-2017-1308 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 4.1.5.1 and 5.0 ...)
 	NOT-FOR-US: IBM
 CVE-2017-1307
 	RESERVED
-CVE-2017-1306
+CVE-2017-1306 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1305
+CVE-2017-1305 (IBM DOORS Next Generation (DNG/RRC) 6.0.2 and 6.0.3 is vulnerable to c ...)
 	NOT-FOR-US: IBM
-CVE-2017-1304
+CVE-2017-1304 (IBM has identified a vulnerability with IBM Spectrum Scale/GPFS utiliz ...)
 	NOT-FOR-US: IBM
-CVE-2017-1303
+CVE-2017-1303 (IBM WebSphere Portal and Web Content Manager 7.0, 8.0, 8.5, and 9.0 is ...)
 	NOT-FOR-US: IBM
-CVE-2017-1302
+CVE-2017-1302 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local u ...)
 	NOT-FOR-US: IBM
-CVE-2017-1301
+CVE-2017-1301 (IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launc ...)
 	NOT-FOR-US: IBM
-CVE-2017-1300
+CVE-2017-1300 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-si ...)
 	NOT-FOR-US: IBM
-CVE-2017-1299
+CVE-2017-1299 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1298
 	REJECTED
-CVE-2017-1297
+CVE-2017-1297 (IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (include ...)
 	NOT-FOR-US: IBM
 CVE-2017-1296
 	RESERVED
-CVE-2017-1295
+CVE-2017-1295 (IBM RSA DM contains unspecified vulnerability in CLM Applications with ...)
 	NOT-FOR-US: IBM
-CVE-2017-1294
+CVE-2017-1294 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1293
+CVE-2017-1293 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1292
+CVE-2017-1292 (IBM Maximo Asset Management 7.5 and 7.6 generates error messages that  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1291
+CVE-2017-1291 (IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to HTTP response ...)
 	NOT-FOR-US: IBM
-CVE-2017-1290
+CVE-2017-1290 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-si ...)
 	NOT-FOR-US: IBM
-CVE-2017-1289
+CVE-2017-1289 (IBM SDK, Java Technology Edition is vulnerable XML External Entity Inj ...)
 	NOT-FOR-US: IBM JDK
 CVE-2017-1288
 	RESERVED
-CVE-2017-1287
+CVE-2017-1287 (IBM Rhapsody DM 5.0 and 6.0 could allow a remote attacker to conduct p ...)
 	NOT-FOR-US: IBM
-CVE-2017-1286
+CVE-2017-1286 (Sensitive information about the configuration of the IBM UrbanCode Dep ...)
 	NOT-FOR-US: IBM UrbanCode Deploy
-CVE-2017-1285
+CVE-2017-1285 (IBM WebSphere MQ 9.0.1 and 9.0.2 could allow an authenticated user wit ...)
 	NOT-FOR-US: IBM
-CVE-2017-1284
+CVE-2017-1284 (IBM WebSphere MQ 9.0.1 and 9.0.2 could allow a local user with ability ...)
 	NOT-FOR-US: IBM
-CVE-2017-1283
+CVE-2017-1283 (IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to caus ...)
 	NOT-FOR-US: IBM
-CVE-2017-1282
+CVE-2017-1282 (IBM Content Navigator &amp; CMIS 2.0 and 3.0 is vulnerable to cross-si ...)
 	NOT-FOR-US: IBM
-CVE-2017-1281
+CVE-2017-1281 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1280
+CVE-2017-1280 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1279
+CVE-2017-1279 (IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remo ...)
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2017-1278
+CVE-2017-1278 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1277
+CVE-2017-1277 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1276
+CVE-2017-1276 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1275
+CVE-2017-1275 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1274
+CVE-2017-1274 (IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in t ...)
 	NOT-FOR-US: IBM
 CVE-2017-1273
 	RESERVED
-CVE-2017-1272
+CVE-2017-1272 (IBM Security Guardium 10.0 and 10.5 stores sensitive information in UR ...)
 	NOT-FOR-US: IBM
-CVE-2017-1271
+CVE-2017-1271 (IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between m ...)
 	NOT-FOR-US: IBM
-CVE-2017-1270
+CVE-2017-1270 (IBM Security Guardium 10.0 does not renew a session variable after a s ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1269
+CVE-2017-1269 (IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1268
+CVE-2017-1268 (IBM Security Guardium 10 and 10.5 uses a one-way cryptographic hash ag ...)
 	NOT-FOR-US: IBM
-CVE-2017-1267
+CVE-2017-1267 (IBM Security Guardium 10.0 and 10.1 processes patches, image backups a ...)
 	NOT-FOR-US: IBM
-CVE-2017-1266
+CVE-2017-1266 (IBM Security Guardium 10.0 specifies permissions for a security-critic ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1265
+CVE-2017-1265 (IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1264
+CVE-2017-1264 (IBM Security Guardium 10.0 does not prove or insufficiently proves tha ...)
 	NOT-FOR-US: IBM
 CVE-2017-1263
 	RESERVED
-CVE-2017-1262
+CVE-2017-1262 (IBM Security Guardium 10.0 is vulnerable to HTTP response splitting at ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1261
+CVE-2017-1261 (IBM Security Guardium 10.0 stores potentially sensitive information in ...)
 	NOT-FOR-US: IBM Security Guardium
 CVE-2017-1260
 	RESERVED
 CVE-2017-1259
 	RESERVED
-CVE-2017-1258
+CVE-2017-1258 (IBM Security Guardium 10.0 and 10.1 does not perform an authentication ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1257
+CVE-2017-1257 (IBM Security Guardium 10.0 discloses sensitive information to unauthor ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1256
+CVE-2017-1256 (IBM Security Guardium 10.0, 10.1 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1255
+CVE-2017-1255 (IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 uses weake ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1254
+CVE-2017-1254 (IBM Security Guardium 10.0 is vulnerable to a XML External Entity Inje ...)
 	NOT-FOR-US: IBM Security Guardium
-CVE-2017-1253
+CVE-2017-1253 (IBM Security Guardium 10.0 could allow a remote authenticated attacker ...)
 	NOT-FOR-US: IBM Security Guardium
 CVE-2017-1252
 	RESERVED
-CVE-2017-1251
+CVE-2017-1251 (An undisclosed vulnerability in CLM applications may result in some ad ...)
 	NOT-FOR-US: IBM
-CVE-2017-1250
+CVE-2017-1250 (IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1249
+CVE-2017-1249 (IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. Thi ...)
 	NOT-FOR-US: IBM
-CVE-2017-1248
+CVE-2017-1248 (IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable t ...)
 	NOT-FOR-US: IBM Quality Manager
-CVE-2017-1247
+CVE-2017-1247 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1246
 	RESERVED
-CVE-2017-1245
+CVE-2017-1245 (IBM Rational Software Architect Design Manager 5.0 and 6.0 is vulnerab ...)
 	NOT-FOR-US: IBM
 CVE-2017-1244
 	RESERVED
 CVE-2017-1243
 	RESERVED
-CVE-2017-1242
+CVE-2017-1242 (IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable t ...)
 	NOT-FOR-US: IBM Quality Manager
-CVE-2017-1241
+CVE-2017-1241 (An unspecified vulnerability in IBM Jazz Foundation based applications ...)
 	NOT-FOR-US: IBM
-CVE-2017-1240
+CVE-2017-1240 (IBM Rhapsody DM products could reveal sensitive information in HTTP 50 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1239
+CVE-2017-1239 (IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 could reveal sen ...)
 	NOT-FOR-US: IBM Quality Manager
-CVE-2017-1238
+CVE-2017-1238 (IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable t ...)
 	NOT-FOR-US: IBM Quality Manager
-CVE-2017-1237
+CVE-2017-1237 (IBM Jazz based applications are vulnerable to cross-site scripting. Th ...)
 	NOT-FOR-US: IBM
-CVE-2017-1236
+CVE-2017-1236 (IBM WebSphere MQ 9.0.2 could allow an authenticated user to potentiall ...)
 	NOT-FOR-US: IBM
-CVE-2017-1235
+CVE-2017-1235 (IBM WebSphere MQ 8.0 could allow an authenticated user to cause a prem ...)
 	NOT-FOR-US: IBM
-CVE-2017-1234
+CVE-2017-1234 (IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. This vul ...)
 	NOT-FOR-US: IBM
-CVE-2017-1233
+CVE-2017-1233 (IBM Remote Control v9 could allow a local user to use the component to ...)
 	NOT-FOR-US: IBM Remote Control
-CVE-2017-1232
+CVE-2017-1232 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) transmit ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1231
+CVE-2017-1231 (IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in cl ...)
 	NOT-FOR-US: IBM
-CVE-2017-1230
+CVE-2017-1230 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) uses ins ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1229
+CVE-2017-1229 (IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) could allow a rem ...)
 	NOT-FOR-US: IBM
-CVE-2017-1228
+CVE-2017-1228 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) could al ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1227
+CVE-2017-1227 (IBM Tivoli Endpoint Manager could allow a unauthorized user to consume ...)
 	NOT-FOR-US: IBM
-CVE-2017-1226
+CVE-2017-1226 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) generate ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1225
+CVE-2017-1225 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) stores s ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1224
+CVE-2017-1224 (IBM Tivoli Endpoint Manager uses weaker than expected cryptographic al ...)
 	NOT-FOR-US: IBM
-CVE-2017-1223
+CVE-2017-1223 (IBM Tivoli Endpoint Manager could allow a remote attacker to conduct p ...)
 	NOT-FOR-US: IBM
-CVE-2017-1222
+CVE-2017-1222 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) does not ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1221
+CVE-2017-1221 (IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1220
+CVE-2017-1220 (IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) disclose ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
-CVE-2017-1219
+CVE-2017-1219 (IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity Inj ...)
 	NOT-FOR-US: IBM
-CVE-2017-1218
+CVE-2017-1218 (IBM Tivoli Endpoint Manager is vulnerable to cross-site request forger ...)
 	NOT-FOR-US: IBM
-CVE-2017-1217
+CVE-2017-1217 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
 CVE-2017-1216
 	RESERVED
 CVE-2017-1215
 	RESERVED
-CVE-2017-1214
+CVE-2017-1214 (IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malform ...)
 	NOT-FOR-US: IBM
 CVE-2017-1213
 	RESERVED
-CVE-2017-1212
+CVE-2017-1212 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 4.1.5.1 and 5.0 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1211
+CVE-2017-1211 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 4.1.5.1 and 5.0 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1210
+CVE-2017-1210 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 4.1.5.1 and 5.0 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1209
+CVE-2017-1209 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 4.1.5.1 and 5.0 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1208
+CVE-2017-1208 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to cross-s ...)
 	NOT-FOR-US: IBM
-CVE-2017-1207
+CVE-2017-1207 (IBM WebSphere Message Broker stores user credentials in plain in clear ...)
 	NOT-FOR-US: IBM
 CVE-2017-1206
 	RESERVED
-CVE-2017-1205
+CVE-2017-1205 (IBM Platform LSF 10.1 contains an unspecified vulnerability that could ...)
 	NOT-FOR-US: IBM
-CVE-2017-1204
+CVE-2017-1204 (IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 contains hard-code ...)
 	NOT-FOR-US: IBM Tealeaf Customer Experience
-CVE-2017-1203
+CVE-2017-1203 (IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and A ...)
 	NOT-FOR-US: IBM
-CVE-2017-1202
+CVE-2017-1202 (IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) is vulne ...)
 	NOT-FOR-US: IBM
-CVE-2017-1201
+CVE-2017-1201 (IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores use ...)
 	NOT-FOR-US: IBM
-CVE-2017-1200
+CVE-2017-1200 (IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) does not ...)
 	NOT-FOR-US: IBM
-CVE-2017-1199
+CVE-2017-1199 (IBM InfoSphere Master Data Management Server 10.0, 11.0, 11.3, 11.4, 1 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1198
+CVE-2017-1198 (IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores s ...)
 	NOT-FOR-US: IBM
-CVE-2017-1197
+CVE-2017-1197 (IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1196
+CVE-2017-1196 (IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require tha ...)
 	NOT-FOR-US: IBM
-CVE-2017-1195
+CVE-2017-1195 (IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow ...)
 	NOT-FOR-US: IBM
-CVE-2017-1194
+CVE-2017-1194 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1193
+CVE-2017-1193 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to o ...)
 	NOT-FOR-US: IBM
-CVE-2017-1192
+CVE-2017-1192 (IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entit ...)
 	NOT-FOR-US: IBM
-CVE-2017-1191
+CVE-2017-1191 (An undisclosed vulnerability in CLM applications (including IBM Ration ...)
 	NOT-FOR-US: IBM Rational Collaborative Lifecycle Management
-CVE-2017-1190
+CVE-2017-1190 (IBM Emptoris Strategic Supply Management Platform 10.x and 10.1 could  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1189
+CVE-2017-1189 (IBM WebSphere Portal and Web Content Manager 6.1, 7.0, and 8.0 is vuln ...)
 	NOT-FOR-US: IBM
 CVE-2017-1188
 	RESERVED
@@ -48097,37 +48097,37 @@ CVE-2017-1185
 	RESERVED
 CVE-2017-1184
 	RESERVED
-CVE-2017-1183
+CVE-2017-1183 (IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) ...)
 	NOT-FOR-US: IBM
-CVE-2017-1182
+CVE-2017-1182 (IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) ...)
 	NOT-FOR-US: Oracle Primavera
-CVE-2017-1181
+CVE-2017-1181 (IBM Tivoli Monitoring Portal V6 client could allow a local attacker to ...)
 	NOT-FOR-US: IBM
-CVE-2017-1180
+CVE-2017-1180 (The IBM TRIRIGA Document Manager contains a vulnerability that could a ...)
 	NOT-FOR-US: IBM TRIRIGA Document Manager
-CVE-2017-1179
+CVE-2017-1179 (IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected crypt ...)
 	NOT-FOR-US: IBM
-CVE-2017-1178
+CVE-2017-1178 (IBM Endpoint Manager for Security and Compliance 1.9.70 is vulnerable  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1177
+CVE-2017-1177 (IBM BigFix Compliance 1.7 through 1.9.91 discloses sensitive informati ...)
 	NOT-FOR-US: IBM
-CVE-2017-1176
+CVE-2017-1176 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local user ...)
 	NOT-FOR-US: IBM
-CVE-2017-1175
+CVE-2017-1175 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to SQL inj ...)
 	NOT-FOR-US: IBM
-CVE-2017-1174
+CVE-2017-1174 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1173
 	RESERVED
 CVE-2017-1172
 	RESERVED
-CVE-2017-1171
+CVE-2017-1171 (The IBM TRIRIGA Application Platform 3.3, 3,4, and 3,5 contain a vulne ...)
 	NOT-FOR-US: IBM
-CVE-2017-1170
+CVE-2017-1170 (IBM WebSphere Commerce Enterprise, Professional, Express, and Develope ...)
 	NOT-FOR-US: IBM
-CVE-2017-1169
+CVE-2017-1169 (IBM DOORS next Generation (DNG/RRC) is vulnerable to cross-site script ...)
 	NOT-FOR-US: IBM
-CVE-2017-1168
+CVE-2017-1168 (IBM Rational Engineering Lifecycle Manager 4.0, 5.0, and 6.0 is vulner ...)
 	NOT-FOR-US: IBM
 CVE-2017-1167
 	RESERVED
@@ -48135,115 +48135,115 @@ CVE-2017-1166
 	RESERVED
 CVE-2017-1165
 	RESERVED
-CVE-2017-1164
+CVE-2017-1164 (IBM Jazz Foundation is vulnerable to cross-site scripting. This vulner ...)
 	NOT-FOR-US: IBM
 CVE-2017-1163
 	RESERVED
-CVE-2017-1162
+CVE-2017-1162 (IBM QRadar 7.2 and 7.3 discloses sensitive information to unauthorized ...)
 	NOT-FOR-US: IBM
-CVE-2017-1161
+CVE-2017-1161 (IBM API Connect 5.0.6.0 could allow a remote attacker to execute arbit ...)
 	NOT-FOR-US: IBM
-CVE-2017-1160
+CVE-2017-1160 (IBM Financial Transaction Manager for ACH Services for Multi-Platform  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1159
+CVE-2017-1159 (IBM Business Process Manager 8.0 and 8.5 could allow a remote attacker ...)
 	NOT-FOR-US: IBM
 CVE-2017-1158
 	RESERVED
-CVE-2017-1157
+CVE-2017-1157 (IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an authentica ...)
 	NOT-FOR-US: IBM
-CVE-2017-1156
+CVE-2017-1156 (IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to cond ...)
 	NOT-FOR-US: IBM
-CVE-2017-1155
+CVE-2017-1155 (IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could ...)
 	NOT-FOR-US: IBM
-CVE-2017-1154
+CVE-2017-1154 (IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could ...)
 	NOT-FOR-US: IBM
-CVE-2017-1153
+CVE-2017-1153 (IBM TRIRIGA Report Manager 3.2 through 3.5 contains a vulnerability th ...)
 	NOT-FOR-US: IBM
-CVE-2017-1152
+CVE-2017-1152 (IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly up ...)
 	NOT-FOR-US: IBM
-CVE-2017-1151
+CVE-2017-1151 (IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID ...)
 	NOT-FOR-US: IBM
-CVE-2017-1150
+CVE-2017-1150 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1 ...)
 	NOT-FOR-US: IBM
-CVE-2017-1149
+CVE-2017-1149 (IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial ...)
 	NOT-FOR-US: IBM
-CVE-2017-1148
+CVE-2017-1148 (IBM OpenPages GRC Platform 7.2 and 7.3 with OpenPages Loss Event Entry ...)
 	NOT-FOR-US: IBM
-CVE-2017-1147
+CVE-2017-1147 (IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-si ...)
 	NOT-FOR-US: IBM
-CVE-2017-1146
+CVE-2017-1146 (IBM Content Navigator 2.0.3 and 3.0.0 are vulnerable to cross-site scr ...)
 	NOT-FOR-US: IBM
-CVE-2017-1145
+CVE-2017-1145 (IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents wh ...)
 	NOT-FOR-US: IBM
-CVE-2017-1144
+CVE-2017-1144 (IBM WebSphere Message Broker could allow a local user with specialized ...)
 	NOT-FOR-US: IBM
-CVE-2017-1143
+CVE-2017-1143 (IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote att ...)
 	NOT-FOR-US: IBM
-CVE-2017-1142
+CVE-2017-1142 (IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote att ...)
 	NOT-FOR-US: IBM
-CVE-2017-1141
+CVE-2017-1141 (IBM Insights Foundation for Energy 1.0, 1.5, and 1.6 could allow an au ...)
 	NOT-FOR-US: IBM
-CVE-2017-1140
+CVE-2017-1140 (IBM Business Process Manager 8.0 and 8.5 are vulnerable to cross-site  ...)
 	NOT-FOR-US: IBM
 CVE-2017-1139
 	RESERVED
 CVE-2017-1138
 	RESERVED
-CVE-2017-1137
+CVE-2017-1137 (IBM WebSphere Application Server 8.0 and 8.5.5 could provide weaker th ...)
 	NOT-FOR-US: IBM
 CVE-2017-1136
 	RESERVED
 CVE-2017-1135
 	RESERVED
-CVE-2017-1134
+CVE-2017-1134 (IBM Reliable Scalable Cluster Technology could allow a local user to e ...)
 	NOT-FOR-US: IBM
-CVE-2017-1133
+CVE-2017-1133 (IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerabili ...)
 	NOT-FOR-US: IBM
-CVE-2017-1132
+CVE-2017-1132 (IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cros ...)
 	NOT-FOR-US: IBM
-CVE-2017-1131
+CVE-2017-1131 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authen ...)
 	NOT-FOR-US: IBM
-CVE-2017-1130
+CVE-2017-1130 (IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1129
+CVE-2017-1129 (IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1128
+CVE-2017-1128 (IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1127
+CVE-2017-1127 (IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to c ...)
 	NOT-FOR-US: IBM
-CVE-2017-1126
+CVE-2017-1126 (IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) could  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1125
+CVE-2017-1125 (IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a ...)
 	NOT-FOR-US: IBM
-CVE-2017-1124
+CVE-2017-1124 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local atta ...)
 	NOT-FOR-US: IBM
 CVE-2017-1123
 	RESERVED
-CVE-2017-1122
+CVE-2017-1122 (IBM Security Guardium 8.2, 9.0, and 10.0 contains a vulnerability that ...)
 	NOT-FOR-US: IBM
-CVE-2017-1121
+CVE-2017-1121 (IBM WebSphere Application Server 7.0, 8.0, and 9.0 is vulnerable to cr ...)
 	NOT-FOR-US: IBM
-CVE-2017-1120
+CVE-2017-1120 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2017-1119
+CVE-2017-1119 (IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote a ...)
 	NOT-FOR-US: IBM
-CVE-2017-1118
+CVE-2017-1118 (IBM WebSphere MQ Internet Pass-Thru 2.0 and 2.1 could allow n attacker ...)
 	NOT-FOR-US: IBM
-CVE-2017-1117
+CVE-2017-1117 (IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to caus ...)
 	NOT-FOR-US: IBM
-CVE-2017-1116
+CVE-2017-1116 (IBM Campaign 8.6, 9.0, 9.1, 9.1.1, 9.1.2, and 10.0 contains excessive  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1115
+CVE-2017-1115 (IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A rem ...)
 	NOT-FOR-US: IBM
-CVE-2017-1114
+CVE-2017-1114 (IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to cross-site scripting. ...)
 	NOT-FOR-US: IBM
-CVE-2017-1113
+CVE-2017-1113 (IBM Rational Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cros ...)
 	NOT-FOR-US: IBM
 CVE-2017-1112
 	RESERVED
 CVE-2017-1111
 	RESERVED
-CVE-2017-1110
+CVE-2017-1110 (IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an ...)
 	NOT-FOR-US: IBM
 CVE-2017-1109
 	RESERVED
@@ -48251,35 +48251,35 @@ CVE-2017-1108
 	RESERVED
 CVE-2017-1107
 	RESERVED
-CVE-2017-1106
+CVE-2017-1106 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to ...)
 	NOT-FOR-US: IBM
-CVE-2017-1105
+CVE-2017-1105 (IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (include ...)
 	NOT-FOR-US: IBM
-CVE-2017-1104
+CVE-2017-1104 (IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM
-CVE-2017-1103
+CVE-2017-1103 (IBM Team Concert (RTC) is vulnerable to a denial of service, caused by ...)
 	NOT-FOR-US: IBM
-CVE-2017-1102
+CVE-2017-1102 (IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM
-CVE-2017-1101
+CVE-2017-1101 (IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM
-CVE-2017-1100
+CVE-2017-1100 (IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM
-CVE-2017-1099
+CVE-2017-1099 (IBM Jazz Foundation could expose potentially sensitive information to  ...)
 	NOT-FOR-US: IBM
-CVE-2017-1098
+CVE-2017-1098 (IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to c ...)
 	NOT-FOR-US: IBM
-CVE-2017-1097
+CVE-2017-1097 (IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10. ...)
 	NOT-FOR-US: IBM
-CVE-2017-1096
+CVE-2017-1096 (IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-si ...)
 	NOT-FOR-US: IBM
 CVE-2017-1095
 	RESERVED
 CVE-2017-1094
 	RESERVED
-CVE-2017-1093
+CVE-2017-1093 (IBM AIX 6.1, 7.1, and 7.2 could allow a local user to exploit a vulner ...)
 	NOT-FOR-US: IBM AIX
-CVE-2017-1092
+CVE-2017-1092 (IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unaut ...)
 	NOT-FOR-US: IBM
 CVE-2017-1091
 	RESERVED
@@ -48287,32 +48287,32 @@ CVE-2017-1090
 	REJECTED
 CVE-2017-1089
 	REJECTED
-CVE-2017-1088
+CVE-2017-1088 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4 ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1087
+CVE-2017-1087 (In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE- ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1086
+CVE-2017-1086 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4 ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1085
+CVE-2017-1085 (In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1084
+CVE-2017-1084 (In FreeBSD before 11.2-RELEASE, multiple issues with the implementatio ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1083
+CVE-2017-1083 (In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1082
+CVE-2017-1082 (In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the  ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 	NOTE: kfreebsd not covered by security support
-CVE-2017-1081
+CVE-2017-1081 (In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3 ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-17:04.ipfilter.asc
 	NOTE: kfreebsd not covered by security support
@@ -48606,102 +48606,102 @@ CVE-2017-0940
 	RESERVED
 CVE-2017-0939
 	RESERVED
-CVE-2017-0938
+CVE-2017-0938 (Denial of Service attack in airMAX &lt; 8.3.2 , airMAX &lt; 6.0.7 and  ...)
 	NOT-FOR-US: airMAX
 CVE-2017-0937
 	RESERVED
-CVE-2017-0936
+CVE-2017-0936 (Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorizatio ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0935
+CVE-2017-0935 (Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Impr ...)
 	NOT-FOR-US: Ubiquiti Networks EdgeOS
-CVE-2017-0934
+CVE-2017-0934 (Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from an Improp ...)
 	NOT-FOR-US: Ubiquiti Networks EdgeOS
-CVE-2017-0933
+CVE-2017-0933 (Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from a Cross-S ...)
 	NOT-FOR-US: Ubiquiti Networks EdgeOS
-CVE-2017-0932
+CVE-2017-0932 (Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Impr ...)
 	NOT-FOR-US: Ubiquiti Networks EdgeOS
-CVE-2017-0931
+CVE-2017-0931 (html-janitor node module suffers from a Cross-Site Scripting (XSS) vul ...)
 	NOT-FOR-US: html-janitor node module
-CVE-2017-0930
+CVE-2017-0930 (augustine node module suffers from a Path Traversal vulnerability due  ...)
 	NOT-FOR-US: augustine node module
-CVE-2017-0929
+CVE-2017-0929 (DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request F ...)
 	NOT-FOR-US: DNN (aka DotNetNuke)
-CVE-2017-0928
+CVE-2017-0928 (html-janitor node module suffers from an External Control of Critical  ...)
 	NOT-FOR-US: html-janitor node module
-CVE-2017-0927
+CVE-2017-0927 (Gitlab Community Edition version 10.3 is vulnerable to an improper aut ...)
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	[stretch] - gitlab <not-affected> (Doesn't affect 8.x)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0926
+CVE-2017-0926 (Gitlab Community Edition version 10.3 is vulnerable to an improper aut ...)
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0925
+CVE-2017-0925 (Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insuffici ...)
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0924
+CVE-2017-0924 (Gitlab Community Edition version 10.2.4 is vulnerable to lack of input ...)
 	- gitlab 10.5.5+dfsg-1
 	[stretch] - gitlab <not-affected> (Only affects 9.0 and later)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0923
+CVE-2017-0923 (Gitlab Community Edition version 9.1 is vulnerable to lack of input va ...)
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	[stretch] - gitlab <not-affected> (Doesn't affect 8.x)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0922
+CVE-2017-0922 (Gitlab Enterprise Edition version 10.3 is vulnerable to an authorizati ...)
 	- gitlab 10.5.5+dfsg-1
 	[stretch] - gitlab <not-affected> (Only affects 9.1 and later)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0920
+CVE-2017-0920 (GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10 ...)
 	{DSA-4206-1}
 	- gitlab 10.5.5+dfsg-1
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0919
+CVE-2017-0919 (GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10 ...)
 	- gitlab 10.5.5+dfsg-1
 	NOTE: https://hackerone.com/reports/301137
 	NOTE: Fixed in 10.1.6, 10.2.6, and 10.3.4
-CVE-2017-0918
+CVE-2017-0918 (Gitlab Community Edition version 10.3 is vulnerable to a path traversa ...)
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0917
+CVE-2017-0917 (Gitlab Community Edition version 10.2.4 is vulnerable to lack of input ...)
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0916
+CVE-2017-0916 (Gitlab Community Edition version 10.3 is vulnerable to a lack of input ...)
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/commit/7fc0a6fc096768a5604d6dd24d7d952e53300c82
-CVE-2017-0915
+CVE-2017-0915 (Gitlab Community Edition version 10.2.4 is vulnerable to a lack of inp ...)
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0914
+CVE-2017-0914 (Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2. ...)
 	- gitlab 10.5.5+dfsg-1
 	[stretch] - gitlab <not-affected> (Only affects 9.4 and later)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
-CVE-2017-0913
+CVE-2017-0913 (Ubiquiti UCRM versions 2.3.0 to 2.7.7 allow an authenticated user to r ...)
 	NOT-FOR-US: Ubiquiti UCRM
-CVE-2017-0912
+CVE-2017-0912 (Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-s ...)
 	NOT-FOR-US: Ubiquiti UCRM
-CVE-2017-0911
+CVE-2017-0911 (Twitter Kit for iOS versions 3.0 to 3.2.1 is vulnerable to a callback  ...)
 	NOT-FOR-US: Twitter Kit for iOS
-CVE-2017-0910
+CVE-2017-0910 (In Zulip Server before 1.7.1, on a server with multiple realms, a vuln ...)
 	- zulip-server <itp> (bug #800052)
-CVE-2017-0909
+CVE-2017-0909 (The private_address_check ruby gem before 0.4.1 is vulnerable to a byp ...)
 	NOT-FOR-US: private_address_check ruby gem
 CVE-2017-0908
 	REJECTED
-CVE-2017-0907
+CVE-2017-0907 (The Recurly Client .NET Library before 1.0.1, 1.1.10, 1.2.8, 1.3.2, 1. ...)
 	NOT-FOR-US: Recurly Client .NET Library
-CVE-2017-0906
+CVE-2017-0906 (The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, ...)
 	NOT-FOR-US: Recurly Client Python Library
-CVE-2017-0905
+CVE-2017-0905 (The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10,  ...)
 	NOT-FOR-US: Recurly Client Ruby Library
-CVE-2017-0904
+CVE-2017-0904 (The private_address_check ruby gem before 0.4.0 is vulnerable to a byp ...)
 	NOT-FOR-US: private_address_check ruby gem
-CVE-2017-0903
+CVE-2017-0903 (RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possibl ...)
 	{DSA-4031-1 DLA-1421-1}
 	- ruby2.3 2.3.5-1 (bug #879231)
 	- ruby2.1 <removed>
@@ -48712,7 +48712,7 @@ CVE-2017-0903
 	NOTE: http://www.openwall.com/lists/oss-security/2017/10/10/2
 	NOTE: https://justi.cz/security/2017/10/07/rubygems-org-rce.html
 	NOTE: Fixed by: https://github.com/rubygems/rubygems/commit/510b1638ac9bba3ceb7a5d73135dafff9e5bab49
-CVE-2017-0902
+CVE-2017-0902 (RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking v ...)
 	{DSA-3966-1 DLA-1421-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #873802)
 	- ruby2.1 <removed>
@@ -48724,7 +48724,7 @@ CVE-2017-0902
 	NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
 	NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
 	NOTE: For Ruby 2.2.7: https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
-CVE-2017-0901
+CVE-2017-0901 (RubyGems version 2.6.12 and earlier fails to validate specification na ...)
 	{DSA-3966-1 DLA-1421-1 DLA-1114-1 DLA-1112-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #873802)
 	- ruby2.1 <removed>
@@ -48734,7 +48734,7 @@ CVE-2017-0901
 	NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
 	NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
 	NOTE: For Ruby 2.2.7: https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
-CVE-2017-0900
+CVE-2017-0900 (RubyGems version 2.6.12 and earlier is vulnerable to maliciously craft ...)
 	{DSA-3966-1 DLA-1421-1 DLA-1114-1 DLA-1112-1}
 	- ruby2.3 2.3.3-1+deb9u1 (bug #873802)
 	- ruby2.1 <removed>
@@ -48744,7 +48744,7 @@ CVE-2017-0900
 	NOTE: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
 	NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
 	NOTE: For Ruby 2.2.7: https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
-CVE-2017-0899
+CVE-2017-0899 (RubyGems version 2.6.12 and earlier is vulnerable to maliciously craft ...)
 	{DSA-3966-1 DLA-1421-1 DLA-1114-1}
 	- ruby2.3 2.3.3-1+deb9u1 (unimportant; bug #873802)
 	- ruby2.1 <removed> (unimportant)
@@ -48755,7 +48755,7 @@ CVE-2017-0899
 	NOTE: For Ruby 2.3.4: https://bugs.ruby-lang.org/attachments/download/6691/rubygems-2613-ruby23.patch
 	NOTE: For Ruby 2.2.7: https://bugs.ruby-lang.org/attachments/download/6690/rubygems-2613-ruby22.patch
 	NOTE: Not considered a vulnerability per se, if this affects a terminal emulator it's a bug there
-CVE-2017-0898
+CVE-2017-0898 (Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious forma ...)
 	{DSA-4031-1 DLA-1421-1 DLA-1114-1 DLA-1113-1}
 	- ruby2.3 2.3.5-1 (bug #875936)
 	- ruby2.1 <removed>
@@ -48764,494 +48764,494 @@ CVE-2017-0898
 	NOTE: https://github.com/mruby/mruby/issues/3722
 	NOTE: https://www.ruby-lang.org/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/
 	NOTE: https://bugs.ruby-lang.org/issues/13499
-CVE-2017-0897
+CVE-2017-0897 (ExpressionEngine version 2.x &lt; 2.11.8 and version 3.x &lt; 3.5.5 cr ...)
 	NOT-FOR-US: ExpressionEngine
-CVE-2017-0896
+CVE-2017-0896 (Zulip Server 1.5.1 and below suffer from an error in the implementatio ...)
 	- zulip-server <itp> (bug #800052)
-CVE-2017-0895
+CVE-2017-0895 (Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0894
+CVE-2017-0894 (Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid sh ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0893
+CVE-2017-0893 (Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are shipping a vu ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0892
+CVE-2017-0892 (Nextcloud Server before 11.0.3 is vulnerable to an improper session ha ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0891
+CVE-2017-0891 (Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are vulnerable to ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0890
+CVE-2017-0890 (Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0889
+CVE-2017-0889 (Paperclip ruby gem version 3.1.4 and later suffers from a Server-SIde  ...)
 	NOT-FOR-US: paperclip ruby gem
-CVE-2017-0888
+CVE-2017-0888 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoof ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0886
+CVE-2017-0886 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Ser ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0885
+CVE-2017-0885 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0884
+CVE-2017-0884 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of f ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0883
+CVE-2017-0883 (Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission in ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2017-0882
+CVE-2017-0882 (Multiple versions of GitLab expose sensitive user credentials when ass ...)
 	- gitlab 8.13.11+dfsg-7 (bug #858410)
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/29661
 	NOTE: https://about.gitlab.com/2017/03/20/gitlab-8-dot-17-dot-4-security-release/
-CVE-2017-0881
+CVE-2017-0881 (An error in the implementation of an autosubscribe feature in the chec ...)
 	NOT-FOR-US: Zulip
-CVE-2017-0880
+CVE-2017-0880 (A denial of service vulnerability in the Android media framework (libs ...)
 	- skia <itp> (bug #818180)
-CVE-2017-0879
+CVE-2017-0879 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0878
+CVE-2017-0878 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0877
+CVE-2017-0877 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0876
+CVE-2017-0876 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
 CVE-2017-0875
 	RESERVED
-CVE-2017-0874
+CVE-2017-0874 (A denial of service vulnerability in the Android media framework (liba ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0873
+CVE-2017-0873 (A denial of service vulnerability in the Android media framework (libm ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0872
+CVE-2017-0872 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0871
+CVE-2017-0871 (An elevation of privilege vulnerability in the Android framework (fram ...)
 	NOT-FOR-US: Android
-CVE-2017-0870
+CVE-2017-0870 (An elevation of privilege vulnerability in the Android framework (libm ...)
 	NOT-FOR-US: Android
-CVE-2017-0869
+CVE-2017-0869 (NVIDIA driver contains an integer overflow vulnerability which could c ...)
 	NOT-FOR-US: NVIDIA components for Android
 CVE-2017-0868
 	RESERVED
 CVE-2017-0867
 	RESERVED
-CVE-2017-0866
+CVE-2017-0866 (An elevation of privilege vulnerability in the Direct rendering infras ...)
 	NOT-FOR-US: NVIDIA components for Android
-CVE-2017-0865
+CVE-2017-0865 (An elevation of privilege vulnerability in the MediaTek soc driver. Pr ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0864
+CVE-2017-0864 (An elevation of privilege vulnerability in the MediaTek ioctl (flashli ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0863
+CVE-2017-0863 (An elevation of privilege vulnerability in the Upstream kernel video d ...)
 	NOT-FOR-US: Android driver (proprietary, not part of upstream kernel)
-CVE-2017-0862
+CVE-2017-0862 (An elevation of privilege vulnerability in the Upstream kernel kernel. ...)
 	NOT-FOR-US: Android driver (proprietary, not part of upstream kernel)
-CVE-2017-0861
+CVE-2017-0861 (Use-after-free vulnerability in the snd_pcm_info function in the ALSA  ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.13.4-1
 	[stretch] - linux 4.9.80-1
 	NOTE: https://git.kernel.org/linus/362bca57f5d78220f8b5907b875961af9436e229
 	NOTE: UAF actually already removed in https://git.kernel.org/linus/e11f0f90a626f93899687b1cc909ee37dd6c5809
-CVE-2017-0860
+CVE-2017-0860 (An elevation of privilege vulnerability in the Android system (inputdi ...)
 	NOT-FOR-US: Android
-CVE-2017-0859
+CVE-2017-0859 (Another vulnerability in the Android media framework (n/a). Product: A ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0858
+CVE-2017-0858 (Another vulnerability in the Android media framework (n/a). Product: A ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0857
+CVE-2017-0857 (Another vulnerability in the Android media framework (n/a). Product: A ...)
 	NOT-FOR-US: Android media framework
 CVE-2017-0856
 	RESERVED
-CVE-2017-0855
+CVE-2017-0855 (In MPEG4Extractor.cpp, there are several places where functions return ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0854
+CVE-2017-0854 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0853
+CVE-2017-0853 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0852
+CVE-2017-0852 (A denial of service vulnerability in the Android media framework (libh ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0851
+CVE-2017-0851 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0850
+CVE-2017-0850 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0849
+CVE-2017-0849 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0848
+CVE-2017-0848 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0847
+CVE-2017-0847 (An elevation of privilege vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0846
+CVE-2017-0846 (An information disclosure vulnerability in the Android framework (clip ...)
 	NOT-FOR-US: Android
-CVE-2017-0845
+CVE-2017-0845 (A denial of service vulnerability in the Android framework (syncstorag ...)
 	NOT-FOR-US: Android
 CVE-2017-0844
 	RESERVED
-CVE-2017-0843
+CVE-2017-0843 (An elevation of privilege vulnerability in the MediaTek ccci. Product: ...)
 	NOT-FOR-US: MediaTek component for Android
-CVE-2017-0842
+CVE-2017-0842 (An elevation of privilege vulnerability in the Android system (bluetoo ...)
 	NOT-FOR-US: Fluoride Bluetooth stack in Android
-CVE-2017-0841
+CVE-2017-0841 (A remote code execution vulnerability in the Android system (libutils) ...)
 	- android-platform-system-core <unfixed> (unimportant)
 	NOTE: Fixed by https://android.googlesource.com/platform/system/core/+/47efc676c849e3abf32001d66e2d6eb887e83c48%5E!/
-CVE-2017-0840
+CVE-2017-0840 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0839
+CVE-2017-0839 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0838
+CVE-2017-0838 (An elevation of privilege vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0837
+CVE-2017-0837 (An elevation of privilege vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0836
+CVE-2017-0836 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0835
+CVE-2017-0835 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0834
+CVE-2017-0834 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0833
+CVE-2017-0833 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0832
+CVE-2017-0832 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0831
+CVE-2017-0831 (An elevation of privilege vulnerability in the Android framework (wind ...)
 	NOT-FOR-US: Android
-CVE-2017-0830
+CVE-2017-0830 (An elevation of privilege vulnerability in the Android framework (devi ...)
 	NOT-FOR-US: Android
-CVE-2017-0829
+CVE-2017-0829 (An elevation of privilege vulnerability in the Motorola bootloader. Pr ...)
 	NOT-FOR-US: Motorola bootloader
-CVE-2017-0828
+CVE-2017-0828 (An elevation of privilege vulnerability in the Huawei bootloader. Prod ...)
 	NOT-FOR-US: Huawei bootloader
-CVE-2017-0827
+CVE-2017-0827 (An elevation of privilege vulnerability in the MediaTek soc driver. Pr ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0826
+CVE-2017-0826 (An elevation of privilege vulnerability in the HTC bootloader. Product ...)
 	NOT-FOR-US: HTC bootloader
-CVE-2017-0825
+CVE-2017-0825 (An information disclosure vulnerability in the Broadcom wifi driver. P ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0824
+CVE-2017-0824 (An elevation of privilege vulnerability in the Broadcom wifi driver. P ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0823
+CVE-2017-0823 (An information disclosure vulnerability in the Android system (rild).  ...)
 	NOT-FOR-US: Android (rild)
-CVE-2017-0822
+CVE-2017-0822 (An elevation of privilege vulnerability in the Android system (camera) ...)
 	- android-framework-23 <unfixed> (unimportant)
 	NOTE: Fixed by https://android.googlesource.com/platform/frameworks/base/+/c574568aaede7f652432deb7707f20ae54bbdf9a
 CVE-2017-0821
 	RESERVED
-CVE-2017-0820
+CVE-2017-0820 (A vulnerability in the Android media framework (n/a). Product: Android ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0819
+CVE-2017-0819 (A vulnerability in the Android media framework (n/a). Product: Android ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0818
+CVE-2017-0818 (A vulnerability in the Android media framework (n/a). Product: Android ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0817
+CVE-2017-0817 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0816
+CVE-2017-0816 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0815
+CVE-2017-0815 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0814
+CVE-2017-0814 (An information disclosure vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0813
+CVE-2017-0813 (A denial of service vulnerability in the Android media framework (libs ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0812
+CVE-2017-0812 (An elevation of privilege vulnerability in the Android media framework ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0811
+CVE-2017-0811 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0810
+CVE-2017-0810 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0809
+CVE-2017-0809 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0808
+CVE-2017-0808 (An information disclosure vulnerability in the Android framework (file ...)
 	NOT-FOR-US: Android
-CVE-2017-0807
+CVE-2017-0807 (An elevation of privilege vulnerability in the Android framework (ui f ...)
 	NOT-FOR-US: Android
-CVE-2017-0806
+CVE-2017-0806 (An elevation of privilege vulnerability in the Android framework (gate ...)
 	NOT-FOR-US: Android
-CVE-2017-0805
+CVE-2017-0805 (A elevation of privilege vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0804
+CVE-2017-0804 (A elevation of privilege vulnerability in the MediaTek mmc driver. Pro ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0803
+CVE-2017-0803 (A elevation of privilege vulnerability in the MediaTek accessory detec ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0802
+CVE-2017-0802 (A elevation of privilege vulnerability in the MediaTek kernel. Product ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0801
+CVE-2017-0801 (A elevation of privilege vulnerability in the MediaTek libmtkomxvdec.  ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0800
+CVE-2017-0800 (A elevation of privilege vulnerability in the MediaTek teei. Product:  ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0799
+CVE-2017-0799 (A elevation of privilege vulnerability in the MediaTek lastbus. Produc ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0798
+CVE-2017-0798 (A elevation of privilege vulnerability in the MediaTek kernel. Product ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0797
+CVE-2017-0797 (A elevation of privilege vulnerability in the MediaTek accessory detec ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0796
+CVE-2017-0796 (A elevation of privilege vulnerability in the MediaTek auxadc driver.  ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0795
+CVE-2017-0795 (A elevation of privilege vulnerability in the MediaTek accessory detec ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0794
+CVE-2017-0794 (A elevation of privilege vulnerability in the Upstream kernel scsi dri ...)
 	NOT-FOR-US: Android kernel on Nexus (probably)
 	NOTE: https://source.android.com/security/bulletin/2017-09-01 doesn't link a public patch, so probably related to some binary-only component on Nexus
-CVE-2017-0793
+CVE-2017-0793 (A information disclosure vulnerability in the N/A memory subsystem. Pr ...)
 	NOT-FOR-US: Imagetech driver for Android
-CVE-2017-0792
+CVE-2017-0792 (A information disclosure vulnerability in the Broadcom wi-fi driver. P ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0791
+CVE-2017-0791 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. P ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0790
+CVE-2017-0790 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. P ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0789
+CVE-2017-0789 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. P ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0788
+CVE-2017-0788 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. P ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0787
+CVE-2017-0787 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. P ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0786
+CVE-2017-0786 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. P ...)
 	- linux 4.13.4-2
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/17df6453d4be17910456e99c5a85025aa1b7a246 (v4.14-rc4)
-CVE-2017-0785
+CVE-2017-0785 (A information disclosure vulnerability in the Android system (bluetoot ...)
 	NOT-FOR-US: Android
 	NOTE: https://www.armis.com/blueborne/
-CVE-2017-0784
+CVE-2017-0784 (A elevation of privilege vulnerability in the Android system (nfc). Pr ...)
 	NOT-FOR-US: Android
-CVE-2017-0783
+CVE-2017-0783 (A information disclosure vulnerability in the Android system (bluetoot ...)
 	NOT-FOR-US: Android
 	NOTE: https://www.armis.com/blueborne/
-CVE-2017-0782
+CVE-2017-0782 (A remote code execution vulnerability in the Android system (bluetooth ...)
 	NOT-FOR-US: Android
 	NOTE: https://www.armis.com/blueborne/
-CVE-2017-0781
+CVE-2017-0781 (A remote code execution vulnerability in the Android system (bluetooth ...)
 	NOT-FOR-US: Android
 	NOTE: https://www.armis.com/blueborne/
-CVE-2017-0780
+CVE-2017-0780 (A denial of service vulnerability in the Android runtime (android mess ...)
 	NOT-FOR-US: Android messaging
-CVE-2017-0779
+CVE-2017-0779 (A information disclosure vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0778
+CVE-2017-0778 (A information disclosure vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0777
+CVE-2017-0777 (A information disclosure vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0776
+CVE-2017-0776 (A information disclosure vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0775
+CVE-2017-0775 (A denial of service vulnerability in the Android media framework (libs ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0774
+CVE-2017-0774 (A denial of service vulnerability in the Android media framework (libs ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0773
+CVE-2017-0773 (A denial of service vulnerability in the Android media framework (libh ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0772
+CVE-2017-0772 (A denial of service vulnerability in the Android media framework (liba ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0771
+CVE-2017-0771 (A denial of service vulnerability in the Android media framework (libs ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0770
+CVE-2017-0770 (A elevation of privilege vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0769
+CVE-2017-0769 (A elevation of privilege vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0768
+CVE-2017-0768 (A elevation of privilege vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0767
+CVE-2017-0767 (A elevation of privilege vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0766
+CVE-2017-0766 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0765
+CVE-2017-0765 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0764
+CVE-2017-0764 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0763
+CVE-2017-0763 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0762
+CVE-2017-0762 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0761
+CVE-2017-0761 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0760
+CVE-2017-0760 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0759
+CVE-2017-0759 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0758
+CVE-2017-0758 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0757
+CVE-2017-0757 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0756
+CVE-2017-0756 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2017-0755
+CVE-2017-0755 (A elevation of privilege vulnerability in the Android libraries (libmi ...)
 	NOT-FOR-US: Android
 CVE-2017-0754
 	RESERVED
-CVE-2017-0753
+CVE-2017-0753 (A remote code execution vulnerability in the Android libraries (libgdx ...)
 	NOT-FOR-US: Android (libgdx)
-CVE-2017-0752
+CVE-2017-0752 (A elevation of privilege vulnerability in the Android framework (windo ...)
 	- android-framework-23 <unfixed> (unimportant)
 	NOTE: Fixed by https://android.googlesource.com/platform/frameworks/base/+/6ca2eccdbbd4f11698bd5312812b4d171ff3c8ce%5E%21/
-CVE-2017-0751
+CVE-2017-0751 (An elevation of privilege vulnerability in the Qualcomm QCE driver. Pr ...)
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-0750
+CVE-2017-0750 (A elevation of privilege vulnerability in the Upstream Linux file syst ...)
 	- linux <not-affected> (Android-specific change)
 	NOTE: https://source.android.com/security/bulletin/2017-08-01
-CVE-2017-0749
+CVE-2017-0749 (A elevation of privilege vulnerability in the Upstream Linux linux ker ...)
 	- linux <not-affected> (Android-specific change)
 	NOTE: https://source.android.com/security/bulletin/2017-08-01
-CVE-2017-0748
+CVE-2017-0748 (An information disclosure vulnerability in the Qualcomm audio driver.  ...)
 	NOT-FOR-US: Google drivers for Android
-CVE-2017-0747
+CVE-2017-0747 (A elevation of privilege vulnerability in the Qualcomm proprietary com ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0746
+CVE-2017-0746 (A elevation of privilege vulnerability in the Qualcomm ipa driver. Pro ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0745
+CVE-2017-0745 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0744
+CVE-2017-0744 (An elevation of privilege vulnerability in the NVIDIA firmware process ...)
 	NOT-FOR-US: Google drivers for Android
 CVE-2017-0743
 	RESERVED
-CVE-2017-0742
+CVE-2017-0742 (A elevation of privilege vulnerability in the MediaTek video driver. P ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0741
+CVE-2017-0741 (A elevation of privilege vulnerability in the MediaTek gpu driver. Pro ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0740
+CVE-2017-0740 (A remote code execution vulnerability in the Broadcom networking drive ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0739
+CVE-2017-0739 (A information disclosure vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0738
+CVE-2017-0738 (A information disclosure vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0737
+CVE-2017-0737 (A elevation of privilege vulnerability in the Android media framework  ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0736
+CVE-2017-0736 (A denial of service vulnerability in the Android media framework (liba ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0735
+CVE-2017-0735 (A denial of service vulnerability in the Android media framework (liba ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0734
+CVE-2017-0734 (A denial of service vulnerability in the Android media framework (liba ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0733
+CVE-2017-0733 (A denial of service vulnerability in the Android media framework (libm ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0732
+CVE-2017-0732 (A elevation of privilege vulnerability in the Android media framework  ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0731
+CVE-2017-0731 (A elevation of privilege vulnerability in the Android media framework  ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0730
+CVE-2017-0730 (A denial of service vulnerability in the Android media framework (h264 ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0729
+CVE-2017-0729 (A elevation of privilege vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0728
+CVE-2017-0728 (A denial of service vulnerability in the Android media framework (hevc ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0727
+CVE-2017-0727 (A elevation of privilege vulnerability in the Android media framework  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0726
+CVE-2017-0726 (A denial of service vulnerability in the Android media framework (libs ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0725
+CVE-2017-0725 (A denial of service vulnerability in the Android media framework (libs ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0724
+CVE-2017-0724 (A denial of service vulnerability in the Android media framework (libm ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0723
+CVE-2017-0723 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0722
+CVE-2017-0722 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0721
+CVE-2017-0721 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0720
+CVE-2017-0720 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0719
+CVE-2017-0719 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0718
+CVE-2017-0718 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
 CVE-2017-0717
 	RESERVED
-CVE-2017-0716
+CVE-2017-0716 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0715
+CVE-2017-0715 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0714
+CVE-2017-0714 (A remote code execution vulnerability in the Android media framework ( ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0713
+CVE-2017-0713 (A remote code execution vulnerability in the Android libraries (sfntly ...)
 	NOT-FOR-US: Android
-CVE-2017-0712
+CVE-2017-0712 (A elevation of privilege vulnerability in the Android framework (wi-fi ...)
 	NOT-FOR-US: Android
-CVE-2017-0711
+CVE-2017-0711 (A elevation of privilege vulnerability in the MediaTek networking driv ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0710
+CVE-2017-0710 (A elevation of privilege vulnerability in the Upstream Linux tcb. Prod ...)
 	NOT-FOR-US: Android Trusted Computing Base
-CVE-2017-0709
+CVE-2017-0709 (A information disclosure vulnerability in the HTC sensor hub driver. P ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0708
+CVE-2017-0708 (A information disclosure vulnerability in the HTC sound driver. Produc ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0707
+CVE-2017-0707 (A elevation of privilege vulnerability in the HTC led driver. Product: ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0706
+CVE-2017-0706 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. P ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0705
+CVE-2017-0705 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. P ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0704
+CVE-2017-0704 (A elevation of privilege vulnerability in the Android system ui. Produ ...)
 	NOT-FOR-US: Android
-CVE-2017-0703
+CVE-2017-0703 (A elevation of privilege vulnerability in the Android system ui. Produ ...)
 	NOT-FOR-US: Android
-CVE-2017-0702
+CVE-2017-0702 (A remote code execution vulnerability in the Android system ui. Produc ...)
 	NOT-FOR-US: Android
-CVE-2017-0701
+CVE-2017-0701 (A remote code execution vulnerability in the Android system ui. Produc ...)
 	NOT-FOR-US: Android
-CVE-2017-0700
+CVE-2017-0700 (A remote code execution vulnerability in the Android system ui. Produc ...)
 	NOT-FOR-US: Android
-CVE-2017-0699
+CVE-2017-0699 (A information disclosure vulnerability in the Android media framework. ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0698
+CVE-2017-0698 (A information disclosure vulnerability in the Android media framework. ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0697
+CVE-2017-0697 (A denial of service vulnerability in the Android media framework. Prod ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0696
+CVE-2017-0696 (A denial of service vulnerability in the Android media framework. Prod ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0695
+CVE-2017-0695 (A denial of service vulnerability in the Android media framework. Prod ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0694
+CVE-2017-0694 (A denial of service vulnerability in the Android media framework. Prod ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0693
+CVE-2017-0693 (A denial of service vulnerability in the Android media framework. Prod ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0692
+CVE-2017-0692 (A denial of service vulnerability in the Android media framework. Prod ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0691
+CVE-2017-0691 (A denial of service vulnerability in the Android media framework. Prod ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0690
+CVE-2017-0690 (A denial of service vulnerability in the Android media framework. Prod ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0689
+CVE-2017-0689 (A denial of service vulnerability in the Android media framework. Prod ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0688
+CVE-2017-0688 (A denial of service vulnerability in the Android media framework. Prod ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0687
+CVE-2017-0687 (A denial of service vulnerability in the Android media framework (liba ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0686
+CVE-2017-0686 (A denial of service vulnerability in the Android media framework. Prod ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0685
+CVE-2017-0685 (A denial of service vulnerability in the Android media framework. Prod ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0684
+CVE-2017-0684 (A elevation of privilege vulnerability in the Android media framework. ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0683
+CVE-2017-0683 (A remote code execution vulnerability in the Android media framework.  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0682
+CVE-2017-0682 (A remote code execution vulnerability in the Android media framework.  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0681
+CVE-2017-0681 (A remote code execution vulnerability in the Android media framework.  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0680
+CVE-2017-0680 (A remote code execution vulnerability in the Android media framework.  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0679
+CVE-2017-0679 (A remote code execution vulnerability in the Android media framework.  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0678
+CVE-2017-0678 (A remote code execution vulnerability in the Android media framework.  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0677
+CVE-2017-0677 (A remote code execution vulnerability in the Android media framework.  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0676
+CVE-2017-0676 (A remote code execution vulnerability in the Android media framework.  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0675
+CVE-2017-0675 (A remote code execution vulnerability in the Android media framework.  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0674
+CVE-2017-0674 (A remote code execution vulnerability in the Android media framework.  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0673
+CVE-2017-0673 (A remote code execution vulnerability in the Android media framework.  ...)
 	NOT-FOR-US: Android media framework
-CVE-2017-0672
+CVE-2017-0672 (A denial of service vulnerability in the Android libraries. Product: A ...)
 	NOT-FOR-US: Android
-CVE-2017-0671
+CVE-2017-0671 (A remote code execution vulnerability in the Android libraries. Produc ...)
 	NOT-FOR-US: Android
 	NOTE: Not publicly available
-CVE-2017-0670
+CVE-2017-0670 (A denial of service vulnerability in the Android framework. Product: A ...)
 	NOT-FOR-US: Android
-CVE-2017-0669
+CVE-2017-0669 (A information disclosure vulnerability in the Android framework. Produ ...)
 	NOT-FOR-US: Android
-CVE-2017-0668
+CVE-2017-0668 (A information disclosure vulnerability in the Android framework. Produ ...)
 	NOT-FOR-US: Android
-CVE-2017-0667
+CVE-2017-0667 (A elevation of privilege vulnerability in the Android framework. Produ ...)
 	NOT-FOR-US: Android
-CVE-2017-0666
+CVE-2017-0666 (A elevation of privilege vulnerability in the Android framework. Produ ...)
 	NOT-FOR-US: Android
-CVE-2017-0665
+CVE-2017-0665 (A elevation of privilege vulnerability in the Android framework. Produ ...)
 	NOT-FOR-US: Android
-CVE-2017-0664
+CVE-2017-0664 (A elevation of privilege vulnerability in the Android framework. Produ ...)
 	NOT-FOR-US: Android
-CVE-2017-0663
+CVE-2017-0663 (A remote code execution vulnerability in libxml2 could enable an attac ...)
 	{DSA-3952-1 DLA-1060-1}
 	- libxml2 2.9.4+dfsg1-3.1 (bug #870870)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780228 (not yet public)
@@ -49279,214 +49279,214 @@ CVE-2017-0653
 	RESERVED
 CVE-2017-0652
 	RESERVED
-CVE-2017-0651
+CVE-2017-0651 (An information disclosure vulnerability in the kernel ION subsystem co ...)
 	NOT-FOR-US: Android
-CVE-2017-0650
+CVE-2017-0650 (An information disclosure vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0649
+CVE-2017-0649 (An elevation of privilege vulnerability in the MediaTek sound driver c ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0648
+CVE-2017-0648 (An elevation of privilege vulnerability in the kernel FIQ debugger cou ...)
 	NOT-FOR-US: Android
-CVE-2017-0647
+CVE-2017-0647 (An information disclosure vulnerability in libziparchive could enable  ...)
 	- android-platform-system-core 1:7.0.0+r33-2 (unimportant; bug #867229)
 	[jessie] - android-platform-system-core <not-affected> (Vulnerable code not present)
 	NOTE: No impact on SDK usage
-CVE-2017-0646
+CVE-2017-0646 (An information disclosure vulnerability in Bluetooth component could e ...)
 	NOT-FOR-US: Android
-CVE-2017-0645
+CVE-2017-0645 (An elevation of privilege vulnerability in Bluetooth could enable a lo ...)
 	NOT-FOR-US: Android
-CVE-2017-0644
+CVE-2017-0644 (A remote denial of service vulnerability in Mediaserver could enable a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0643
+CVE-2017-0643 (A remote denial of service vulnerability in Mediaserver could enable a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0642
+CVE-2017-0642 (A remote denial of service vulnerability in libhevc in Mediaserver cou ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0641
+CVE-2017-0641 (A remote denial of service vulnerability in libvpx in Mediaserver coul ...)
 	- libvpx <unfixed> (unimportant; bug #871931)
 	NOTE: https://android.googlesource.com/platform/external/libvpx/+/698796fc930baecf5c3fdebef17e73d5d9a58bcb
 	NOTE: Debian builds configures with --size-limit=16384x16384, Android lowered
 	NOTE: the limit to something more aligned for smart phones
-CVE-2017-0640
+CVE-2017-0640 (A remote denial of service vulnerability in Mediaserver could enable a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0639
+CVE-2017-0639 (An information disclosure vulnerability in Bluetooth component could e ...)
 	NOT-FOR-US: Android
-CVE-2017-0638
+CVE-2017-0638 (A remote code execution vulnerability in System UI component could ena ...)
 	NOT-FOR-US: Android
-CVE-2017-0637
+CVE-2017-0637 (A remote code execution vulnerability in libhevc in Mediaserver could  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0636
+CVE-2017-0636 (An elevation of privilege vulnerability in the MediaTek command queue  ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0635
+CVE-2017-0635 (A remote denial of service vulnerability in HevcUtils.cpp in libstagef ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0634
+CVE-2017-0634 (An information disclosure vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0633
+CVE-2017-0633 (An information disclosure vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0632
+CVE-2017-0632 (An information disclosure vulnerability in the Qualcomm sound codec dr ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0631
+CVE-2017-0631 (An information disclosure vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0630
+CVE-2017-0630 (An information disclosure vulnerability in the kernel trace subsystem  ...)
 	- linux <unfixed>
 	NOTE: https://lore.kernel.org/lkml/20180725202238.165314-1-salyzyn@android.com/
-CVE-2017-0629
+CVE-2017-0629 (An information disclosure vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0628
+CVE-2017-0628 (An information disclosure vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0627
+CVE-2017-0627 (An information disclosure vulnerability in the kernel UVC driver could ...)
 	NOT-FOR-US: Android kernel
-CVE-2017-0626
+CVE-2017-0626 (An information disclosure vulnerability in the Qualcomm crypto engine  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0625
+CVE-2017-0625 (An information disclosure vulnerability in the MediaTek command queue  ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0624
+CVE-2017-0624 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0623
+CVE-2017-0623 (An elevation of privilege vulnerability in the HTC bootloader could en ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0622
+CVE-2017-0622 (An elevation of privilege vulnerability in the Goodix touchscreen driv ...)
 	NOT-FOR-US: Goodix driver for Android
-CVE-2017-0621
+CVE-2017-0621 (An elevation of privilege vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0620
+CVE-2017-0620 (An elevation of privilege vulnerability in the Qualcomm Secure Channel ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0619
+CVE-2017-0619 (An elevation of privilege vulnerability in the Qualcomm pin controller ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0618
+CVE-2017-0618 (An elevation of privilege vulnerability in the MediaTek command queue  ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0617
+CVE-2017-0617 (An elevation of privilege vulnerability in the MediaTek video driver c ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0616
+CVE-2017-0616 (An elevation of privilege vulnerability in the MediaTek system managem ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0615
+CVE-2017-0615 (An elevation of privilege vulnerability in the MediaTek power driver c ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0614
+CVE-2017-0614 (An elevation of privilege vulnerability in the Qualcomm Secure Executi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0613
+CVE-2017-0613 (An elevation of privilege vulnerability in the Qualcomm Secure Executi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0612
+CVE-2017-0612 (An elevation of privilege vulnerability in the Qualcomm Secure Executi ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0611
+CVE-2017-0611 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0610
+CVE-2017-0610 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0609
+CVE-2017-0609 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0608
+CVE-2017-0608 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0607
+CVE-2017-0607 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0606
+CVE-2017-0606 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-0605
 	REJECTED
-CVE-2017-0604
+CVE-2017-0604 (An elevation of privilege vulnerability in the kernel Qualcomm power d ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0603
+CVE-2017-0603 (A denial of service vulnerability in libstagefright in Mediaserver cou ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0602
+CVE-2017-0602 (An information disclosure vulnerability in Bluetooth could allow a loc ...)
 	NOT-FOR-US: Android
-CVE-2017-0601
+CVE-2017-0601 (An Elevation of Privilege vulnerability in Bluetooth could potentially ...)
 	NOT-FOR-US: Android
-CVE-2017-0600
+CVE-2017-0600 (A remote denial of service vulnerability in libstagefright in Mediaser ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0599
+CVE-2017-0599 (A remote denial of service vulnerability in libhevc in Mediaserver cou ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0598
+CVE-2017-0598 (An information disclosure vulnerability in the Framework APIs could en ...)
 	NOT-FOR-US: Android
-CVE-2017-0597
+CVE-2017-0597 (An elevation of privilege vulnerability in Audioserver could enable a  ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0596
+CVE-2017-0596 (An elevation of privilege vulnerability in libstagefright in Mediaserv ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0595
+CVE-2017-0595 (An elevation of privilege vulnerability in libstagefright in Mediaserv ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0594
+CVE-2017-0594 (An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncode ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0593
+CVE-2017-0593 (An elevation of privilege vulnerability in the Framework APIs could en ...)
 	NOT-FOR-US: Android
-CVE-2017-0592
+CVE-2017-0592 (A remote code execution vulnerability in FLACExtractor.cpp in libstage ...)
 	NOT-FOR-US: Android
-CVE-2017-0591
+CVE-2017-0591 (A remote code execution vulnerability in libavc in Mediaserver could e ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0590
+CVE-2017-0590 (A remote code execution vulnerability in libhevc in Mediaserver could  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0589
+CVE-2017-0589 (A remote code execution vulnerability in libhevc in Mediaserver could  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0588
+CVE-2017-0588 (A remote code execution vulnerability in id3/ID3.cpp in libstagefright ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0587
+CVE-2017-0587 (A remote code execution vulnerability in libmpeg2 in Mediaserver could ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0586
+CVE-2017-0586 (An information disclosure vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0585
+CVE-2017-0585 (An information disclosure vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0584
+CVE-2017-0584 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0583
+CVE-2017-0583 (An elevation of privilege vulnerability in the Qualcomm CP access driv ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0582
+CVE-2017-0582 (An elevation of privilege vulnerability in the HTC OEM fastboot comman ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0581
+CVE-2017-0581 (An elevation of privilege vulnerability in the Synaptics Touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0580
+CVE-2017-0580 (An elevation of privilege vulnerability in the Synaptics Touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0579
+CVE-2017-0579 (An elevation of privilege vulnerability in the Qualcomm video driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0578
+CVE-2017-0578 (An elevation of privilege vulnerability in the DTS sound driver could  ...)
 	NOT-FOR-US: DTS driver for Android
-CVE-2017-0577
+CVE-2017-0577 (An elevation of privilege vulnerability in the HTC touchscreen driver  ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0576
+CVE-2017-0576 (An elevation of privilege vulnerability in the Qualcomm crypto engine  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0575
+CVE-2017-0575 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0574
+CVE-2017-0574 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0573
+CVE-2017-0573 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0572
+CVE-2017-0572 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0571
+CVE-2017-0571 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0570
+CVE-2017-0570 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0569
+CVE-2017-0569 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0568
+CVE-2017-0568 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0567
+CVE-2017-0567 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0566
+CVE-2017-0566 (An elevation of privilege vulnerability in the MediaTek camera driver  ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0565
+CVE-2017-0565 (An elevation of privilege vulnerability in the MediaTek thermal driver ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0564
+CVE-2017-0564 (An elevation of privilege vulnerability in the kernel ION subsystem co ...)
 	NOT-FOR-US: Android ION subsystem
 	NOTE: Linux mainline contains a copy in drivers/staging/android/ion, but since no
 	NOTE: patch has been made available it's likely some closed-source addon
-CVE-2017-0563
+CVE-2017-0563 (An elevation of privilege vulnerability in the HTC touchscreen driver  ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0562
+CVE-2017-0562 (An elevation of privilege vulnerability in the MediaTek touchscreen dr ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0561
+CVE-2017-0561 (A remote code execution vulnerability in the Broadcom Wi-Fi firmware c ...)
 	{DLA-1573-1}
 	- firmware-nonfree 20180518-1 (bug #869639)
 	[stretch] - firmware-nonfree 20161130-4
 	[jessie] - firmware-nonfree <no-dsa> (non-free not supported)
-CVE-2017-0560
+CVE-2017-0560 (An information disclosure vulnerability in the factory reset process c ...)
 	NOT-FOR-US: Android
-CVE-2017-0559
+CVE-2017-0559 (An information disclosure vulnerability in libskia could enable a loca ...)
 	- skia <itp> (bug #818180)
-CVE-2017-0558
+CVE-2017-0558 (An information disclosure vulnerability in Mediaserver could enable a  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0557
+CVE-2017-0557 (An information disclosure vulnerability in libmpeg2 in Mediaserver cou ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0556
+CVE-2017-0556 (An information disclosure vulnerability in libmpeg2 in Mediaserver cou ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0555
+CVE-2017-0555 (An information disclosure vulnerability in libavc in Mediaserver could ...)
 	NOT-FOR-US: Android Mediaserver/ libavc
-CVE-2017-0554
+CVE-2017-0554 (An elevation of privilege vulnerability in the Telephony component cou ...)
 	NOT-FOR-US: Android
-CVE-2017-0553
+CVE-2017-0553 (An elevation of privilege vulnerability in libnl could enable a local  ...)
 	{DLA-892-1 DLA-891-1}
 	- libnl3 3.2.27-2 (unimportant; bug #859948)
 	- libnl <removed> (unimportant)
@@ -49494,82 +49494,82 @@ CVE-2017-0553
 	NOTE: Fix via Android: https://android.googlesource.com/platform/external/libnl/+/f83d9c1c67b6be69a96995e384f50b572b667df0
 	NOTE: Not a security issue by itself, the upstream patch protects against API misuse,
 	NOTE: this still requires missing input validation in the application using libnl
-CVE-2017-0552
+CVE-2017-0552 (A remote denial of service vulnerability in libavc in Mediaserver coul ...)
 	NOT-FOR-US: Android Mediaserver / libavc
-CVE-2017-0551
+CVE-2017-0551 (A remote denial of service vulnerability in libavc in Mediaserver coul ...)
 	NOT-FOR-US: Android Mediaserver / libavc
-CVE-2017-0550
+CVE-2017-0550 (A remote denial of service vulnerability in libavc in Mediaserver coul ...)
 	NOT-FOR-US: Android Mediaserver / libavc
-CVE-2017-0549
+CVE-2017-0549 (A remote denial of service vulnerability in libavc in Mediaserver coul ...)
 	NOT-FOR-US: Android Mediaserver / libavc
-CVE-2017-0548
+CVE-2017-0548 (A remote denial of service vulnerability in libskia could enable an at ...)
 	- skia <itp> (bug #818180)
-CVE-2017-0547
+CVE-2017-0547 (An information disclosure vulnerability in libmedia in Mediaserver cou ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0546
+CVE-2017-0546 (An elevation of privilege vulnerability in SurfaceFlinger could enable ...)
 	NOT-FOR-US: Android
-CVE-2017-0545
+CVE-2017-0545 (An elevation of privilege vulnerability in Audioserver could enable a  ...)
 	NOT-FOR-US: Android
-CVE-2017-0544
+CVE-2017-0544 (An elevation of privilege vulnerability in CameraBase could enable a l ...)
 	NOT-FOR-US: Android
-CVE-2017-0543
+CVE-2017-0543 (A remote code execution vulnerability in libavc in Mediaserver could e ...)
 	NOT-FOR-US: Android Mediaserver/ libavc
-CVE-2017-0542
+CVE-2017-0542 (A remote code execution vulnerability in libavc in Mediaserver could e ...)
 	NOT-FOR-US: Android Mediaserver/ libavc
-CVE-2017-0541
+CVE-2017-0541 (A remote code execution vulnerability in sonivox in Mediaserver could  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0540
+CVE-2017-0540 (A remote code execution vulnerability in libhevc in Mediaserver could  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0539
+CVE-2017-0539 (A remote code execution vulnerability in libhevc in Mediaserver could  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0538
+CVE-2017-0538 (A remote code execution vulnerability in libavc in Mediaserver could e ...)
 	NOT-FOR-US: Android Mediaserver / libavc
-CVE-2017-0537
+CVE-2017-0537 (An information disclosure vulnerability in the kernel USB gadget drive ...)
 	NOT-FOR-US: Nvidia driver for Android
 	NOTE: https://source.android.com/security/bulletin/2017-03-01.html
 	NOTE: Android bulletin lists as affecting only Pixel C (Tegra X1) and Tegra USB gadget mode is not in mainline Linux
-CVE-2017-0536
+CVE-2017-0536 (An information disclosure vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0535
+CVE-2017-0535 (An information disclosure vulnerability in the HTC sound codec driver  ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0534
+CVE-2017-0534 (An information disclosure vulnerability in the Qualcomm video driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0533
+CVE-2017-0533 (An information disclosure vulnerability in the Qualcomm video driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0532
+CVE-2017-0532 (An information disclosure vulnerability in the MediaTek video codec dr ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0531
+CVE-2017-0531 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-0530
 	RESERVED
-CVE-2017-0529
+CVE-2017-0529 (An information disclosure vulnerability in the MediaTek driver could e ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0528
+CVE-2017-0528 (An elevation of privilege vulnerability in the kernel security subsyst ...)
 	NOT-FOR-US: Android bulletin lists as affecting only Pixel and Pixel XL (Qualcomm Snapdragon) so probably relates to Qualcomm driver
 	NOTE: https://source.android.com/security/bulletin/2017-03-01.html
-CVE-2017-0527
+CVE-2017-0527 (An elevation of privilege vulnerability in the HTC Sensor Hub Driver c ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0526
+CVE-2017-0526 (An elevation of privilege vulnerability in the HTC Sensor Hub Driver c ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0525
+CVE-2017-0525 (An elevation of privilege vulnerability in the Qualcomm IPA driver cou ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0524
+CVE-2017-0524 (An elevation of privilege vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0523
+CVE-2017-0523 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0522
+CVE-2017-0522 (An elevation of privilege vulnerability in a MediaTek APK could enable ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0521
+CVE-2017-0521 (An elevation of privilege vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0520
+CVE-2017-0520 (An elevation of privilege vulnerability in the Qualcomm crypto engine  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0519
+CVE-2017-0519 (An elevation of privilege vulnerability in the Qualcomm fingerprint se ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0518
+CVE-2017-0518 (An elevation of privilege vulnerability in the Qualcomm fingerprint se ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0517
+CVE-2017-0517 (An elevation of privilege vulnerability in the MediaTek hardware senso ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0516
+CVE-2017-0516 (An elevation of privilege vulnerability in the Qualcomm input hardware ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-0515
 	RESERVED
@@ -49581,330 +49581,330 @@ CVE-2017-0512
 	RESERVED
 CVE-2017-0511
 	RESERVED
-CVE-2017-0510
+CVE-2017-0510 (An elevation of privilege vulnerability in the kernel FIQ debugger cou ...)
 	- linux <not-affected> (Android-specific patch)
-CVE-2017-0509
+CVE-2017-0509 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0508
+CVE-2017-0508 (An elevation of privilege vulnerability in the kernel ION subsystem co ...)
 	NOT-FOR-US: Android ION subsystem
 	NOTE: Linux mainline contains a copy in drivers/staging/android/ion, but since no
 	NOTE: patch has been made available it's likely some closed-source addon
-CVE-2017-0507
+CVE-2017-0507 (An elevation of privilege vulnerability in the kernel ION subsystem co ...)
 	NOT-FOR-US: Android ION subsystem
 	NOTE: Linux mainline contains a copy in drivers/staging/android/ion, but since no
 	NOTE: patch has been made available it's likely some closed-source addon
-CVE-2017-0506
+CVE-2017-0506 (An elevation of privilege vulnerability in MediaTek components, includ ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0505
+CVE-2017-0505 (An elevation of privilege vulnerability in MediaTek components, includ ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0504
+CVE-2017-0504 (An elevation of privilege vulnerability in MediaTek components, includ ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0503
+CVE-2017-0503 (An elevation of privilege vulnerability in MediaTek components, includ ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0502
+CVE-2017-0502 (An elevation of privilege vulnerability in MediaTek components, includ ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0501
+CVE-2017-0501 (An elevation of privilege vulnerability in MediaTek components, includ ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0500
+CVE-2017-0500 (An elevation of privilege vulnerability in MediaTek components, includ ...)
 	NOT-FOR-US: MediaTek driver for Android
-CVE-2017-0499
+CVE-2017-0499 (A denial of service vulnerability in Audioserver could enable a local  ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0498
+CVE-2017-0498 (A denial of service vulnerability in Setup Wizard could allow a local  ...)
 	NOT-FOR-US: Android
-CVE-2017-0497
+CVE-2017-0497 (A denial of service vulnerability in Mediaserver could enable an attac ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0496
+CVE-2017-0496 (A denial of service vulnerability in Setup Wizard could allow a local  ...)
 	NOT-FOR-US: Android
-CVE-2017-0495
+CVE-2017-0495 (An information disclosure vulnerability in Mediaserver could enable a  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0494
+CVE-2017-0494 (An information disclosure vulnerability in AOSP Messaging could enable ...)
 	NOT-FOR-US: Android
-CVE-2017-0493
+CVE-2017-0493 (An information disclosure vulnerability in File-Based Encryption could ...)
 	NOT-FOR-US: Android
-CVE-2017-0492
+CVE-2017-0492 (An elevation of privilege vulnerability in the System UI could enable  ...)
 	NOT-FOR-US: Android
-CVE-2017-0491
+CVE-2017-0491 (An elevation of privilege vulnerability in Package Manager could enabl ...)
 	NOT-FOR-US: Android
-CVE-2017-0490
+CVE-2017-0490 (An elevation of privilege vulnerability in Wi-Fi could enable a local  ...)
 	NOT-FOR-US: Android
-CVE-2017-0489
+CVE-2017-0489 (An elevation of privilege vulnerability in Location Manager could enab ...)
 	NOT-FOR-US: Android
-CVE-2017-0488
+CVE-2017-0488 (A denial of service vulnerability in Mediaserver could enable an attac ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0487
+CVE-2017-0487 (A denial of service vulnerability in Mediaserver could enable an attac ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0486
+CVE-2017-0486 (A denial of service vulnerability in Mediaserver could enable an attac ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0485
+CVE-2017-0485 (A denial of service vulnerability in Mediaserver could enable an attac ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0484
+CVE-2017-0484 (A denial of service vulnerability in Mediaserver could enable an attac ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0483
+CVE-2017-0483 (A denial of service vulnerability in Mediaserver could enable an attac ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0482
+CVE-2017-0482 (A denial of service vulnerability in Mediaserver could enable an attac ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0481
+CVE-2017-0481 (An elevation of privilege vulnerability in NFC could enable a proximat ...)
 	NOT-FOR-US: Android
-CVE-2017-0480
+CVE-2017-0480 (An elevation of privilege vulnerability in Audioserver could enable a  ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0479
+CVE-2017-0479 (An elevation of privilege vulnerability in Audioserver could enable a  ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0478
+CVE-2017-0478 (A remote code execution vulnerability in the Framesequence library cou ...)
 	NOT-FOR-US: Framesequence library
-CVE-2017-0477
+CVE-2017-0477 (A remote code execution vulnerability in libgdx could enable an attack ...)
 	- libgdx <itp> (bug #686673)
-CVE-2017-0476
+CVE-2017-0476 (A remote code execution vulnerability in AOSP Messaging could enable a ...)
 	NOT-FOR-US: Android
-CVE-2017-0475
+CVE-2017-0475 (An elevation of privilege vulnerability in the recovery verifier could ...)
 	NOT-FOR-US: Android
-CVE-2017-0474
+CVE-2017-0474 (A remote code execution vulnerability in Mediaserver could enable an a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0473
+CVE-2017-0473 (A remote code execution vulnerability in Mediaserver could enable an a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0472
+CVE-2017-0472 (A remote code execution vulnerability in Mediaserver could enable an a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0471
+CVE-2017-0471 (A remote code execution vulnerability in Mediaserver could enable an a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0470
+CVE-2017-0470 (A remote code execution vulnerability in Mediaserver could enable an a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0469
+CVE-2017-0469 (A remote code execution vulnerability in Mediaserver could enable an a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0468
+CVE-2017-0468 (A remote code execution vulnerability in Mediaserver could enable an a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0467
+CVE-2017-0467 (A remote code execution vulnerability in Mediaserver could enable an a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0466
+CVE-2017-0466 (A remote code execution vulnerability in Mediaserver could enable an a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0465
+CVE-2017-0465 (An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0464
+CVE-2017-0464 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0463
+CVE-2017-0463 (An elevation of privilege vulnerability in the Qualcomm networking dri ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0462
+CVE-2017-0462 (An elevation of privilege vulnerability in the Qualcomm Seemp driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0461
+CVE-2017-0461 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0460
+CVE-2017-0460 (An elevation of privilege vulnerability in the Qualcomm networking dri ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0459
+CVE-2017-0459 (An information disclosure vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0458
+CVE-2017-0458 (An elevation of privilege vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0457
+CVE-2017-0457 (An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0456
+CVE-2017-0456 (An elevation of privilege vulnerability in the Qualcomm IPA driver cou ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0455
+CVE-2017-0455 (An information disclosure vulnerability in the Qualcomm bootloader cou ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0454
+CVE-2017-0454 (An elevation of privilege vulnerability in the Qualcomm audio driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0453
+CVE-2017-0453 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0452
+CVE-2017-0452 (An information disclosure vulnerability in the Qualcomm camera driver  ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0451
+CVE-2017-0451 (An information disclosure vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0450
+CVE-2017-0450 (An elevation of privilege vulnerability in Audioserver could enable a  ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0449
+CVE-2017-0449 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0448
+CVE-2017-0448 (An information disclosure vulnerability in the NVIDIA video driver cou ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0447
+CVE-2017-0447 (An elevation of privilege vulnerability in the HTC touchscreen driver  ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0446
+CVE-2017-0446 (An elevation of privilege vulnerability in the HTC touchscreen driver  ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0445
+CVE-2017-0445 (An elevation of privilege vulnerability in the HTC touchscreen driver  ...)
 	NOT-FOR-US: HTC driver for Android
-CVE-2017-0444
+CVE-2017-0444 (An elevation of privilege vulnerability in the Realtek sound driver co ...)
 	NOT-FOR-US: Realtek driver for Android
-CVE-2017-0443
+CVE-2017-0443 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0442
+CVE-2017-0442 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0441
+CVE-2017-0441 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0440
+CVE-2017-0440 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0439
+CVE-2017-0439 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0438
+CVE-2017-0438 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0437
+CVE-2017-0437 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0436
+CVE-2017-0436 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0435
+CVE-2017-0435 (An elevation of privilege vulnerability in the Qualcomm sound driver c ...)
 	NOT-FOR-US: Qualcomm driver for Android
-CVE-2017-0434
+CVE-2017-0434 (An elevation of privilege vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0433
+CVE-2017-0433 (An elevation of privilege vulnerability in the Synaptics touchscreen d ...)
 	NOT-FOR-US: Synaptics driver for Android
-CVE-2017-0432
+CVE-2017-0432 (An elevation of privilege vulnerability in the MediaTek driver could e ...)
 	NOT-FOR-US: Mediatek driver for Android
-CVE-2017-0431
+CVE-2017-0431 (An elevation of privilege vulnerability in Qualcomm closed source comp ...)
 	NOT-FOR-US: Qualcomm component for Android
-CVE-2017-0430
+CVE-2017-0430 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Broadcom driver for Android
-CVE-2017-0429
+CVE-2017-0429 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0428
+CVE-2017-0428 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0427
+CVE-2017-0427 (An elevation of privilege vulnerability in the kernel file system coul ...)
 	NOT-FOR-US: Unspecified Android filesystem, apparently not in mainline
 	NOTE: https://source.android.com/security/bulletin/2017-02-01.html
 	NOTE: Android bulletin lists all recent devices as affected.
 	NOTE: No source patch available, so may relate to Apache-licensed sdcardfs.
-CVE-2017-0426
+CVE-2017-0426 (An information disclosure vulnerability in the Filesystem could enable ...)
 	NOT-FOR-US: Android filesystem layout
-CVE-2017-0425
+CVE-2017-0425 (An information disclosure vulnerability in Audioserver could enable a  ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0424
+CVE-2017-0424 (An information disclosure vulnerability in AOSP Messaging could enable ...)
 	NOT-FOR-US: Android
-CVE-2017-0423
+CVE-2017-0423 (An elevation of privilege vulnerability in Bluetooth could enable a pr ...)
 	NOT-FOR-US: Android
-CVE-2017-0422
+CVE-2017-0422 (A denial of service vulnerability in Bionic DNS could enable a remote  ...)
 	NOT-FOR-US: Android
-CVE-2017-0421
+CVE-2017-0421 (An information disclosure vulnerability in the Framework APIs could en ...)
 	NOT-FOR-US: Android
-CVE-2017-0420
+CVE-2017-0420 (An information disclosure vulnerability in AOSP Mail could enable a lo ...)
 	NOT-FOR-US: Android
-CVE-2017-0419
+CVE-2017-0419 (An elevation of privilege vulnerability in Audioserver could enable a  ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0418
+CVE-2017-0418 (An elevation of privilege vulnerability in Audioserver could enable a  ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0417
+CVE-2017-0417 (An elevation of privilege vulnerability in Audioserver could enable a  ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0416
+CVE-2017-0416 (An elevation of privilege vulnerability in Audioserver could enable a  ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0415
+CVE-2017-0415 (An elevation of privilege vulnerability in Mediaserver could enable a  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0414
+CVE-2017-0414 (An information disclosure vulnerability in AOSP Messaging could enable ...)
 	NOT-FOR-US: Android
-CVE-2017-0413
+CVE-2017-0413 (An information disclosure vulnerability in AOSP Messaging could enable ...)
 	NOT-FOR-US: Android
-CVE-2017-0412
+CVE-2017-0412 (An elevation of privilege vulnerability in the Framework APIs could en ...)
 	NOT-FOR-US: Android
-CVE-2017-0411
+CVE-2017-0411 (An elevation of privilege vulnerability in the Framework APIs could en ...)
 	NOT-FOR-US: Android
-CVE-2017-0410
+CVE-2017-0410 (An elevation of privilege vulnerability in the Framework APIs could en ...)
 	NOT-FOR-US: Android
-CVE-2017-0409
+CVE-2017-0409 (A remote code execution vulnerability in libstagefright could enable a ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0408
+CVE-2017-0408 (A remote code execution vulnerability in libgdx could enable an attack ...)
 	- libgdx <itp> (bug #686673)
-CVE-2017-0407
+CVE-2017-0407 (A remote code execution vulnerability in Mediaserver could enable an a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0406
+CVE-2017-0406 (A remote code execution vulnerability in Mediaserver could enable an a ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0405
+CVE-2017-0405 (A remote code execution vulnerability in Surfaceflinger could enable a ...)
 	NOT-FOR-US: Android
-CVE-2017-0404
+CVE-2017-0404 (An elevation of privilege vulnerability in the kernel sound subsystem  ...)
 	- linux <not-affected> (Android-specific sound system)
-CVE-2017-0403
+CVE-2017-0403 (An elevation of privilege vulnerability in the kernel performance subs ...)
 	- linux <not-affected> (Android-specific performance subsystem)
-CVE-2017-0402
+CVE-2017-0402 (An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBu ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0401
+CVE-2017-0401 (An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBu ...)
 	NOT-FOR-US: Android Qualcomm audio post processor
-CVE-2017-0400
+CVE-2017-0400 (An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBu ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0399
+CVE-2017-0399 (An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBu ...)
 	NOT-FOR-US: Android Qualcomm audio post processor
-CVE-2017-0398
+CVE-2017-0398 (An information disclosure vulnerability in Audioserver could enable a  ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0397
+CVE-2017-0397 (An information disclosure vulnerability in id3/ID3.cpp in libstagefrig ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0396
+CVE-2017-0396 (An information disclosure vulnerability in visualizer/EffectVisualizer ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0395
+CVE-2017-0395 (An elevation of privilege vulnerability in Contacts could enable a loc ...)
 	NOT-FOR-US: Android Contacts
-CVE-2017-0394
+CVE-2017-0394 (A denial of service vulnerability in Telephony could enable a remote a ...)
 	NOT-FOR-US: Android Telephony
-CVE-2017-0393
+CVE-2017-0393 (A denial of service vulnerability in libvpx in Mediaserver could enabl ...)
 	- libvpx 1.6.1-1
 	[jessie] - libvpx <ignored> (Minor issue)
 	[wheezy] - libvpx <no-dsa> (Minor issue)
 	NOTE: probably fixed earlier, but this was the version checked
 	NOTE: The wheezy source is confirmed (by code inspection) to be vulnerable.
 	NOTE: https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc
-CVE-2017-0392
+CVE-2017-0392 (A denial of service vulnerability in VBRISeeker.cpp in libstagefright  ...)
 	NOT-FOR-US: libstagefright
-CVE-2017-0391
+CVE-2017-0391 (A denial of service vulnerability in decoder/ihevcd_decode.c in libhev ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0390
+CVE-2017-0390 (A denial of service vulnerability in Tremolo/dpen.s in Mediaserver cou ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0389
+CVE-2017-0389 (A denial of service vulnerability in core networking could enable a re ...)
 	NOT-FOR-US: Android
-CVE-2017-0388
+CVE-2017-0388 (An elevation of privilege vulnerability in the External Storage Provid ...)
 	NOT-FOR-US: Android
-CVE-2017-0387
+CVE-2017-0387 (An elevation of privilege vulnerability in Mediaserver could enable a  ...)
 	NOT-FOR-US: Android Mediaserver
-CVE-2017-0386
+CVE-2017-0386 (An elevation of privilege vulnerability in the libnl library could ena ...)
 	- libnl3 <not-affected> (Specific to Android's use of libnl)
 	NOTE: https://github.com/thom311/libnl/issues/124
-CVE-2017-0385
+CVE-2017-0385 (An elevation of privilege vulnerability in Audioserver could enable a  ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0384
+CVE-2017-0384 (An elevation of privilege vulnerability in lvm/wrapper/Bundle/EffectBu ...)
 	NOT-FOR-US: Android Audioserver
-CVE-2017-0383
+CVE-2017-0383 (An elevation of privilege vulnerability in the Framework APIs could en ...)
 	NOT-FOR-US: Android
-CVE-2017-0382
+CVE-2017-0382 (A remote code execution vulnerability in the Framesequence library cou ...)
 	NOT-FOR-US: Android
-CVE-2017-0381
+CVE-2017-0381 (An information disclosure vulnerability in silk/NLSF_stabilize.c in li ...)
 	{DLA-793-1}
 	- opus 1.2~alpha2-1 (bug #851612)
 	[jessie] - opus <ignored> (Minor issue, https://bugs.debian.org/851612#10)
 	NOTE: Fixed by: https://github.com/xiph/opus/commit/79e8f527b0344b0897a65be35e77f7885bd99409 (v1.2-alpha)
 	NOTE: https://git.xiph.org/?p=opus.git;a=commitdiff;h=70a3d641b
-CVE-2017-0380
+CVE-2017-0380 (The rend_service_intro_established function in or/rendservice.c in Tor ...)
 	{DSA-3993-1}
 	- tor 0.3.1.7-1 (bug #876221)
 	[jessie] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha)
 	[wheezy] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha)
 	NOTE: https://trac.torproject.org/projects/tor/ticket/23490
 	NOTE: https://gitweb.torproject.org/tor.git/commit/?id=09ea89764a4d3a907808ed7d4fe42abfe64bd486
-CVE-2017-0379
+CVE-2017-0379 (Libgcrypt before 1.8.1 does not properly consider Curve25519 side-chan ...)
 	{DSA-3959-1}
 	- libgcrypt20 1.7.9-1 (bug #873383)
 	[jessie] - libgcrypt20 <not-affected> (Vulnerable code not present, no Curve25519 support)
 	- libgcrypt11 <not-affected> (Vulnerable code not present, no Curve25519 support)
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff;h=da780c8183cccc8f533c8ace8211ac2cb2bdee7b
 	NOTE: https://eprint.iacr.org/2017/806
-CVE-2017-0378
+CVE-2017-0378 (XSS exists in the login_form function in views/helpers.php in Phamm be ...)
 	- phamm <unfixed> (bug #868988)
 	[stretch] - phamm <no-dsa> (Minor issue)
 	[jessie] - phamm <no-dsa> (Minor issue)
 	[wheezy] - phamm <no-dsa> (Minor issue)
 	NOTE: https://github.com/lota/phamm/issues/21
 	NOTE: https://github.com/lota/phamm/commit/331bdbf0e79632385495fa62e087a6b4cf78857e
-CVE-2017-0377
+CVE-2017-0377 (Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only con ...)
 	- tor <not-affected> (Affects only 0.3.x series)
 	NOTE: https://trac.torproject.org/projects/tor/ticket/22753
 	NOTE: https://blog.torproject.org/blog/tor-0309-released-security-update-clients
-CVE-2017-0376
+CVE-2017-0376 (The hidden-service feature in Tor before 0.3.0.8 allows a denial of se ...)
 	{DSA-3877-1 DLA-982-1}
 	- tor 0.2.9.11-1 (bug #864424)
 	NOTE: https://trac.torproject.org/22494
 	NOTE: Fixed by: https://gitweb.torproject.org/tor.git/commit/?id=56a7c5bc15e0447203a491c1ee37de9939ad1dcd
 	NOTE: Introduced in 0.2.2.1-alpha; fixed in 0.2.4.29, 0.2.5.14, 0.2.6.12, 0.2.7.8, 0.2.8.14, 0.2.9.11 0.3.0.8, 0.3.1.3-alpha
-CVE-2017-0375
+CVE-2017-0375 (The hidden-service feature in Tor before 0.3.0.8 allows a denial of se ...)
 	- tor <not-affected> (Introduced in 0.3.0.1-alpha)
 	NOTE: https://trac.torproject.org/22493
 	NOTE: Fixed by: https://gitweb.torproject.org/tor.git/commit/?id=79b59a2dfcb68897ee89d98587d09e55f07e68d7
 	NOTE: Introduced in 0.3.0.1-alpha; fixed in 0.3.0.8, 0.3.1.3-alpha
-CVE-2017-0374
+CVE-2017-0374 (lib/Config/Model.pm in Config-Model (aka libconfig-model-perl) before  ...)
 	- libconfig-model-perl 2.097-2
 	[jessie] - libconfig-model-perl <no-dsa> (Minor issue)
 	[wheezy] - libconfig-model-perl <no-dsa> (Minor issue. Perl itself has to fix this and this can not be done easily)
 	NOTE: https://anonscm.debian.org/cgit/pkg-perl/packages/libconfig-model-perl.git/commit/?h=stretch&id=0de8471e5a8958ad37446dfcd0362a269e3ec573
-CVE-2017-0373
+CVE-2017-0373 (The gen_class_pod implementation in lib/Config/Model/Utils/GenClassPod ...)
 	- libconfig-model-perl 2.097-2
 	[jessie] - libconfig-model-perl <no-dsa> (Minor issue)
 	[wheezy] - libconfig-model-perl <not-affected> (Vulnerable code do not exist)
 	NOTE: https://anonscm.debian.org/cgit/pkg-perl/packages/libconfig-model-perl.git/commit/?h=stretch&id=e7e5dd1a650939a0e021d1d5b311dbb3c4884773
-CVE-2017-0372
+CVE-2017-0372 (Parameters injection in the SyntaxHighlight extension of Mediawiki bef ...)
 	- mediawiki 1:1.27.3-1 (bug #861585)
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T158689
@@ -49915,825 +49915,825 @@ CVE-2017-0371
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T68404
-CVE-2017-0370
+CVE-2017-0370 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw were Spam b ...)
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T48143
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0369
+CVE-2017-0369 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a ...)
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T108138
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0368
+CVE-2017-0368 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw making rawH ...)
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T156184
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0367
+CVE-2017-0367 (Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary d ...)
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <not-affected> (Vulnerable code not present)
 	NOTE: https://phabricator.wikimedia.org/T161453
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0366
+CVE-2017-0366 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw allowing to ...)
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T151735
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0365
+CVE-2017-0365 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a XSS vulnerabilit ...)
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T144845
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0364
+CVE-2017-0364 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where Speci ...)
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T122209
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0363
+CVE-2017-0363 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:Us ...)
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T109140
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0362
+CVE-2017-0362 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the " ...)
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T150044
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0361
+CVE-2017-0361 (Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information dis ...)
 	- mediawiki 1:1.27.2-1
 	[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
 	NOTE: https://phabricator.wikimedia.org/T125177
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
-CVE-2017-0360
+CVE-2017-0360 (file_open in Tryton 3.x and 4.x through 4.2.2 allows remote authentica ...)
 	{DSA-3826-1 DLA-882-1}
 	- tryton-server 4.2.1-2
 	NOTE: Fixed by: http://hg.tryton.org/trytond?cmd=changeset;node=472510fdc6f8 (4.2.x)
-CVE-2017-0359
+CVE-2017-0359 (diffoscope before 77 writes to arbitrary locations on disk based on th ...)
 	- diffoscope 77 (bug #854723)
-CVE-2017-0358
+CVE-2017-0358 (Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write ...)
 	{DSA-3780-1 DLA-815-1}
 	- ntfs-3g 1:2016.2.22AR.1-4
 	NOTE: PoC http://www.openwall.com/lists/oss-security/2017/02/04/1
-CVE-2017-0357
+CVE-2017-0357 (A heap-overflow flaw exists in the -tr loader of iucode-tool starting  ...)
 	- iucode-tool 2.1.1-1
 	[jessie] - iucode-tool <not-affected> (Vulnerable code not present)
 	[wheezy] - iucode-tool <not-affected> (Vulnerable code not present)
 	NOTE: https://gitlab.com/iucode-tool/iucode-tool/issues/3
-CVE-2017-0356
+CVE-2017-0356 (A flaw, similar to to CVE-2016-9646, exists in ikiwiki before 3.201701 ...)
 	{DSA-3760-1 DLA-812-1}
 	- ikiwiki 3.20170111
 	NOTE: https://ikiwiki.info/security/#cve-2017-0356
-CVE-2017-0355
+CVE-2017-0355 (All versions of the NVIDIA Windows GPU Display Driver contain a vulner ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0354
+CVE-2017-0354 (All versions of the NVIDIA Windows GPU Display Driver contain a vulner ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0353
+CVE-2017-0353 (All versions of the NVIDIA GPU Display Driver contain a vulnerability  ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0352
+CVE-2017-0352 (All versions of the NVIDIA GPU Display Driver contain a vulnerability  ...)
 	- nvidia-graphics-drivers 375.66-1 (bug #863515)
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <not-affected> (Only affects later driver series)
 	- nvidia-graphics-drivers-legacy-304xx <not-affected> (Only affects later driver series)
-CVE-2017-0351
+CVE-2017-0351 (All versions of the NVIDIA GPU Display Driver contain a vulnerability  ...)
 	- nvidia-graphics-drivers 375.66-1 (bug #863515)
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <not-affected> (Only affects later driver series)
 	- nvidia-graphics-drivers-legacy-304xx <not-affected> (Only affects later driver series)
-CVE-2017-0350
+CVE-2017-0350 (All versions of the NVIDIA GPU Display Driver contain a vulnerability  ...)
 	- nvidia-graphics-drivers 375.66-1 (bug #863515)
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <not-affected> (Only affects later driver series)
 	- nvidia-graphics-drivers-legacy-304xx <not-affected> (Only affects later driver series)
-CVE-2017-0349
+CVE-2017-0349 (All versions of the NVIDIA Windows GPU Display Driver contain a vulner ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0348
+CVE-2017-0348 (All versions of the NVIDIA Windows GPU Display Driver contain a vulner ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0347
+CVE-2017-0347 (All versions of the NVIDIA Windows GPU Display Driver contain a vulner ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0346
+CVE-2017-0346 (All versions of the NVIDIA Windows GPU Display Driver contain a vulner ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0345
+CVE-2017-0345 (All versions of the NVIDIA Windows GPU Display Driver contain a vulner ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0344
+CVE-2017-0344 (All versions of the NVIDIA Windows GPU Display Driver contain a vulner ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0343
+CVE-2017-0343 (All versions of the NVIDIA Windows GPU Display Driver contain a vulner ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0342
+CVE-2017-0342 (All versions of the NVIDIA Windows GPU Display Driver contain a vulner ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0341
+CVE-2017-0341 (All versions of the NVIDIA Windows GPU Display Driver contain a vulner ...)
 	NOT-FOR-US: NVIDIA Windows drivers
-CVE-2017-0340
+CVE-2017-0340 (An elevation of privilege vulnerability in the NVIDIA Libnvparser comp ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0339
+CVE-2017-0339 (An elevation of privilege vulnerability in the NVIDIA crypto driver co ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0338
+CVE-2017-0338 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0337
+CVE-2017-0337 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0336
+CVE-2017-0336 (An information disclosure vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0335
+CVE-2017-0335 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0334
+CVE-2017-0334 (An information disclosure vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0333
+CVE-2017-0333 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0332
+CVE-2017-0332 (An elevation of privilege vulnerability in the NVIDIA crypto driver co ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0331
+CVE-2017-0331 (An elevation of privilege vulnerability in the NVIDIA video driver cou ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0330
+CVE-2017-0330 (An information disclosure vulnerability in the NVIDIA crypto driver co ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0329
+CVE-2017-0329 (An elevation of privilege vulnerability in the NVIDIA boot and power m ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0328
+CVE-2017-0328 (An information disclosure vulnerability in the NVIDIA crypto driver co ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0327
+CVE-2017-0327 (An elevation of privilege vulnerability in the NVIDIA crypto driver co ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0326
+CVE-2017-0326 (An information disclosure vulnerability in the NVIDIA Video Driver due ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0325
+CVE-2017-0325 (An elevation of privilege vulnerability in the NVIDIA I2C HID driver c ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0324
+CVE-2017-0324 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0323
+CVE-2017-0323 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0322
+CVE-2017-0322 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0321
+CVE-2017-0321 (All versions of NVIDIA GPU Display Driver contain a vulnerability in t ...)
 	- nvidia-graphics-drivers 375.39-1 (bug #855277)
 	[jessie] - nvidia-graphics-drivers 340.102-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx 340.102-1 (bug #855278)
 	- nvidia-graphics-drivers-legacy-304xx 304.135-2 (bug #855279)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.135-1
-CVE-2017-0320
+CVE-2017-0320 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0319
+CVE-2017-0319 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0318
+CVE-2017-0318 (All versions of NVIDIA Linux GPU Display Driver contain a vulnerabilit ...)
 	- nvidia-graphics-drivers 375.39-1 (bug #855277)
 	[jessie] - nvidia-graphics-drivers 340.102-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx 340.102-1 (bug #855278)
 	- nvidia-graphics-drivers-legacy-304xx 304.135-2 (bug #855279)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.135-1
-CVE-2017-0317
+CVE-2017-0317 (All versions of NVIDIA GPU and GeForce Experience installer contain a  ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0316
+CVE-2017-0316 (In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Fra ...)
 	NOT-FOR-US: NVIDIA Installer Framework
-CVE-2017-0315
+CVE-2017-0315 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0314
+CVE-2017-0314 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0313
+CVE-2017-0313 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0312
+CVE-2017-0312 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0311
+CVE-2017-0311 (NVIDIA GPU Display Driver R378 contains a vulnerability in the kernel  ...)
 	- nvidia-graphics-drivers 375.39-1 (bug #855277)
 	[jessie] - nvidia-graphics-drivers 340.102-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx 340.102-1 (bug #855278)
 	- nvidia-graphics-drivers-legacy-304xx 304.135-2 (bug #855279)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.135-1
-CVE-2017-0310
+CVE-2017-0310 (All versions of NVIDIA GPU Display Driver contain a vulnerability in t ...)
 	- nvidia-graphics-drivers 375.39-1 (bug #855277)
 	[jessie] - nvidia-graphics-drivers 340.102-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx 340.102-1 (bug #855278)
 	- nvidia-graphics-drivers-legacy-304xx 304.135-2 (bug #855279)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.135-1
-CVE-2017-0309
+CVE-2017-0309 (All versions of NVIDIA GPU Display Driver contain a vulnerability in t ...)
 	- nvidia-graphics-drivers 375.39-1 (bug #855277)
 	[jessie] - nvidia-graphics-drivers 340.102-1
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx 340.102-1 (bug #855278)
 	- nvidia-graphics-drivers-legacy-304xx 304.135-2 (bug #855279)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx 304.135-1
-CVE-2017-0308
+CVE-2017-0308 (All versions of NVIDIA Windows GPU Display Driver contain a vulnerabil ...)
 	NOT-FOR-US: NVIDIA drivers for Windows
-CVE-2017-0307
+CVE-2017-0307 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0306
+CVE-2017-0306 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
 	NOT-FOR-US: NVIDIA driver for Android
-CVE-2017-0305
+CVE-2017-0305 (F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauth ...)
 	NOT-FOR-US: F5
-CVE-2017-0304
+CVE-2017-0304 (A SQL injection vulnerability exists in the BIG-IP AFM management UI o ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-0303
+CVE-2017-0303 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Contro ...)
 	NOT-FOR-US: F5
-CVE-2017-0302
+CVE-2017-0302 (In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated us ...)
 	NOT-FOR-US: F5
-CVE-2017-0301
+CVE-2017-0301 (In F5 BIG-IP APM software versions 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2017-1000245
+CVE-2017-1000245 (The SSH Plugin stores credentials which allow jobs to access remote se ...)
 	NOT-FOR-US: Jenkins SSH plugin
-CVE-2017-0300
+CVE-2017-0300 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0299
+CVE-2017-0299 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0298
+CVE-2017-0298 (A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0297
+CVE-2017-0297 (The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0296
+CVE-2017-0296 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0295
+CVE-2017-0295 (Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0294
+CVE-2017-0294 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0293
+CVE-2017-0293 (Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0292
+CVE-2017-0292 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows R ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0291
+CVE-2017-0291 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows R ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0290
+CVE-2017-0290 (The Microsoft Malware Protection Engine running on Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0289
+CVE-2017-0289 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0288
+CVE-2017-0288 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0287
+CVE-2017-0287 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0286
+CVE-2017-0286 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0285
+CVE-2017-0285 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0284
+CVE-2017-0284 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0283
+CVE-2017-0283 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0282
+CVE-2017-0282 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0281
+CVE-2017-0281 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0280
+CVE-2017-0280 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of servic ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0279
+CVE-2017-0279 (The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0278
+CVE-2017-0278 (The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0277
+CVE-2017-0277 (The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0276
+CVE-2017-0276 (Microsoft Server Message Block 1.0 (SMBv1) allows an information discl ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0275
+CVE-2017-0275 (Microsoft Server Message Block 1.0 (SMBv1) allows an information discl ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0274
+CVE-2017-0274 (Microsoft Server Message Block 1.0 (SMBv1) allows an information discl ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0273
+CVE-2017-0273 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of servic ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0272
+CVE-2017-0272 (The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0271
+CVE-2017-0271 (Microsoft Server Message Block 1.0 (SMBv1) allows an information discl ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0270
+CVE-2017-0270 (Microsoft Server Message Block 1.0 (SMBv1) allows an information discl ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0269
+CVE-2017-0269 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of servic ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0268
+CVE-2017-0268 (Microsoft Server Message Block 1.0 (SMBv1) allows an information discl ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0267
+CVE-2017-0267 (Microsoft Server Message Block 1.0 (SMBv1) allows an information discl ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0266
+CVE-2017-0266 (A remote code execution vulnerability exists in Microsoft Edge in the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0265
+CVE-2017-0265 (Microsoft PowerPoint for Mac 2011 allows a remote code execution vulne ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0264
+CVE-2017-0264 (Microsoft PowerPoint for Mac 2011 allows a remote code execution vulne ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0263
+CVE-2017-0263 (The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0262
+CVE-2017-0262 (Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a re ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0261
+CVE-2017-0261 (Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a re ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0260
+CVE-2017-0260 (A remote code execution vulnerability exists in Microsoft Office when  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0259
+CVE-2017-0259 (The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0258
+CVE-2017-0258 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0257
 	RESERVED
-CVE-2017-0256
+CVE-2017-0256 (A spoofing vulnerability exists when the ASP.NET Core fails to properl ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0255
+CVE-2017-0255 (Microsoft SharePoint Foundation 2013 SP1 allows an elevation of privil ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0254
+CVE-2017-0254 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibil ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0253
 	RESERVED
-CVE-2017-0252
+CVE-2017-0252 (A remote code execution vulnerability exists in Microsoft Chakra Core  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0251
 	RESERVED
-CVE-2017-0250
+CVE-2017-0250 (Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0249
+CVE-2017-0249 (An elevation of privilege vulnerability exists when the ASP.NET Core f ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0248
+CVE-2017-0248 (Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0247
+CVE-2017-0247 (A denial of service vulnerability exists when the ASP.NET Core fails t ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0246
+CVE-2017-0246 (The Graphics Component in the kernel-mode drivers in Windows Server 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0245
+CVE-2017-0245 (The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0244
+CVE-2017-0244 (The kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 al ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0243
+CVE-2017-0243 (Microsoft Office allows a remote code execution vulnerability due to t ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0242
+CVE-2017-0242 (An information disclosure vulnerability exists in the way some ActiveX ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0241
+CVE-2017-0241 (An elevation of privilege vulnerability exists when Microsoft Edge ren ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0240
+CVE-2017-0240 (A remote code execution vulnerability exists in Microsoft Edge in the  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0239
 	RESERVED
-CVE-2017-0238
+CVE-2017-0238 (A remote code execution vulnerability exists in Microsoft browsers in  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0237
 	RESERVED
-CVE-2017-0236
+CVE-2017-0236 (A remote code execution vulnerability exists in Microsoft Edge in the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0235
+CVE-2017-0235 (A remote code execution vulnerability exists in Microsoft Edge in the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0234
+CVE-2017-0234 (A remote code execution vulnerability exists in Microsoft Edge in the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0233
+CVE-2017-0233 (An elevation of privilege vulnerability exists in Microsoft Edge that  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0232
 	RESERVED
-CVE-2017-0231
+CVE-2017-0231 (A spoofing vulnerability exists when Microsoft browsers render SmartSc ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0230
+CVE-2017-0230 (A remote code execution vulnerability exists in Microsoft Edge in the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0229
+CVE-2017-0229 (A remote code execution vulnerability exists in Microsoft Edge in the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0228
+CVE-2017-0228 (A remote code execution vulnerability exists in Microsoft browsers in  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0227
+CVE-2017-0227 (A remote code execution vulnerability exists in Microsoft Edge in the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0226
+CVE-2017-0226 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0225
 	RESERVED
-CVE-2017-0224
+CVE-2017-0224 (A remote code execution vulnerability exists in the way JavaScript eng ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0223
+CVE-2017-0223 (A remote code execution vulnerability exists in Microsoft Chakra Core  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0222
+CVE-2017-0222 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0221
+CVE-2017-0221 (A vulnerability exists when Microsoft Edge improperly accesses objects ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0220
+CVE-2017-0220 (The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0219
+CVE-2017-0219 (Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0218
+CVE-2017-0218 (Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windo ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0217
 	RESERVED
-CVE-2017-0216
+CVE-2017-0216 (Microsoft Windows 10 1511, Windows 10 1607, and Windows Server 2016 al ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0215
+CVE-2017-0215 (Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0214
+CVE-2017-0214 (Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0213
+CVE-2017-0213 (Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0212
+CVE-2017-0212 (Windows Hyper-V allows an elevation of privilege vulnerability when Mi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0211
+CVE-2017-0211 (An elevation of privilege vulnerability exists in Windows 10, Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0210
+CVE-2017-0210 (An elevation of privilege vulnerability exists when Internet Explorer  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0209
 	RESERVED
-CVE-2017-0208
+CVE-2017-0208 (An information disclosure vulnerability exists in Microsoft Edge when  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0207
+CVE-2017-0207 (Microsoft Outlook for Mac 2011 allows remote attackers to spoof web co ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0206
 	RESERVED
-CVE-2017-0205
+CVE-2017-0205 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0204
+CVE-2017-0204 (Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outl ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0203
+CVE-2017-0203 (A vulnerability exists in Microsoft Edge when the Edge Content Securit ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0202
+CVE-2017-0202 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0201
+CVE-2017-0201 (A remote code execution vulnerability exists in Internet Explorer in t ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0200
+CVE-2017-0200 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0199
+CVE-2017-0199 (Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0198
 	RESERVED
-CVE-2017-0197
+CVE-2017-0197 (Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0196
+CVE-2017-0196 (An information disclosure vulnerability in Microsoft scripting engine  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0195
+CVE-2017-0195 (Microsoft Excel Services on Microsoft SharePoint Server 2010 SP1 and S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0194
+CVE-2017-0194 (Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office Compati ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0193
+CVE-2017-0193 (Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0192
+CVE-2017-0192 (The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0191
+CVE-2017-0191 (A denial of service vulnerability exists in the way that Windows 7, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0190
+CVE-2017-0190 (The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0189
+CVE-2017-0189 (An elevation of privilege vulnerability exists in Windows 10 when the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0188
+CVE-2017-0188 (A Win32k information disclosure vulnerability exists in Windows 8.1, W ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0187
 	RESERVED
-CVE-2017-0186
+CVE-2017-0186 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0185
+CVE-2017-0185 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0184
+CVE-2017-0184 (A denial of service vulnerability exists when Microsoft Hyper-V runnin ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0183
+CVE-2017-0183 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0182
+CVE-2017-0182 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0181
+CVE-2017-0181 (A remote code execution vulnerability exists when Windows Hyper-V Netw ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0180
+CVE-2017-0180 (A remote code execution vulnerability exists when Windows Hyper-V Netw ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0179
+CVE-2017-0179 (A denial of service vulnerability exists when Microsoft Hyper-V runnin ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0178
+CVE-2017-0178 (A denial of service vulnerability exists when Microsoft Hyper-V runnin ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0177
 	RESERVED
-CVE-2017-0176
+CVE-2017-0176 (A buffer overflow in Smart Card authentication code in gpkcsp.dll in M ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0175
+CVE-2017-0175 (The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0174
+CVE-2017-0174 (Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0173
+CVE-2017-0173 (Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0172
 	RESERVED
-CVE-2017-0171
+CVE-2017-0171 (Windows DNS Server allows a denial of service vulnerability when Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0170
+CVE-2017-0170 (Windows Performance Monitor in Windows Server 2008 SP2 and R2 SP1, Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0169
+CVE-2017-0169 (An information disclosure vulnerability exists when Windows Hyper-V ru ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0168
+CVE-2017-0168 (An information disclosure vulnerability exists when the Windows Hyper- ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0167
+CVE-2017-0167 (An information disclosure vulnerability exists in Windows 8.1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0166
+CVE-2017-0166 (An elevation of privilege vulnerability exists in Windows when LDAP re ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0165
+CVE-2017-0165 (An elevation of privilege vulnerability exists when Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0164
+CVE-2017-0164 (A denial of service vulnerability exists in Windows 10 1607 and Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0163
+CVE-2017-0163 (A remote code execution vulnerability exists when Windows Hyper-V Netw ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0162
+CVE-2017-0162 (A remote code execution vulnerability exists when Windows Hyper-V Netw ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0161
+CVE-2017-0161 (The Windows NetBT Session Services component on Microsoft Windows Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0160
+CVE-2017-0160 (Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 al ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0159
+CVE-2017-0159 (A security feature bypass vulnerability exists in Windows 10 1607, Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0158
+CVE-2017-0158 (An elevation of privilege vulnerability exists when Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0157
 	RESERVED
-CVE-2017-0156
+CVE-2017-0156 (An elevation of privilege vulnerability exists in Windows 7, Windows 8 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0155
+CVE-2017-0155 (The Graphics component in the kernel in Microsoft Windows Vista SP2; W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0154
+CVE-2017-0154 (Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windo ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0153
 	RESERVED
-CVE-2017-0152
+CVE-2017-0152 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0151
+CVE-2017-0151 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0150
+CVE-2017-0150 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0149
+CVE-2017-0149 (Microsoft Internet Explorer 9 through 11 allow remote attackers to exe ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0148
+CVE-2017-0148 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0147
+CVE-2017-0147 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0146
+CVE-2017-0146 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0145
+CVE-2017-0145 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0144
+CVE-2017-0144 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0143
+CVE-2017-0143 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 S ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0142
 	RESERVED
-CVE-2017-0141
+CVE-2017-0141 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0140
+CVE-2017-0140 (Microsoft Edge allows remote attackers to bypass the Same Origin Polic ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0139
 	RESERVED
-CVE-2017-0138
+CVE-2017-0138 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0137
+CVE-2017-0137 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0136
+CVE-2017-0136 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0135
+CVE-2017-0135 (Microsoft Edge allows remote attackers to bypass the Same Origin Polic ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0134
+CVE-2017-0134 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0133
+CVE-2017-0133 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0132
+CVE-2017-0132 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0131
+CVE-2017-0131 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0130
+CVE-2017-0130 (The scripting engine in Microsoft Internet Explorer 9 through 11 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0129
+CVE-2017-0129 (Microsoft Lync for Mac 2011 fails to properly validate certificates, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0128
+CVE-2017-0128 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0127
+CVE-2017-0127 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0126
+CVE-2017-0126 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0125
+CVE-2017-0125 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0124
+CVE-2017-0124 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0123
+CVE-2017-0123 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0122
+CVE-2017-0122 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0121
+CVE-2017-0121 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0120
+CVE-2017-0120 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0119
+CVE-2017-0119 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0118
+CVE-2017-0118 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0117
+CVE-2017-0117 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0116
+CVE-2017-0116 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0115
+CVE-2017-0115 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0114
+CVE-2017-0114 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0113
+CVE-2017-0113 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0112
+CVE-2017-0112 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0111
+CVE-2017-0111 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0110
+CVE-2017-0110 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Outlook ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0109
+CVE-2017-0109 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0108
+CVE-2017-0108 (The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0107
+CVE-2017-0107 (Microsoft SharePoint Server fails to sanitize crafted web requests, al ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0106
+CVE-2017-0106 (Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outloo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0105
+CVE-2017-0105 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0104
+CVE-2017-0104 (The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, W ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0103
+CVE-2017-0103 (The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0102
+CVE-2017-0102 (Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0101
+CVE-2017-0101 (The kernel-mode drivers in Transaction Manager in Microsoft Windows Vi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0100
+CVE-2017-0100 (A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0099
+CVE-2017-0099 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0098
+CVE-2017-0098 (Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607; and Windows Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0097
+CVE-2017-0097 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0096
+CVE-2017-0096 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0095
+CVE-2017-0095 (Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0094
+CVE-2017-0094 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0093
+CVE-2017-0093 (A remote code execution vulnerability in Microsoft Edge exists in the  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0092
+CVE-2017-0092 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0091
+CVE-2017-0091 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0090
+CVE-2017-0090 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0089
+CVE-2017-0089 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0088
+CVE-2017-0088 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0087
+CVE-2017-0087 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0086
+CVE-2017-0086 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0085
+CVE-2017-0085 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0084
+CVE-2017-0084 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0083
+CVE-2017-0083 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0082
+CVE-2017-0082 (The kernel-mode drivers in Microsoft Windows 10 Gold and 1511 allow lo ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0081
+CVE-2017-0081 (The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0080
+CVE-2017-0080 (The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0079
+CVE-2017-0079 (The kernel-mode drivers in Windows 8.1; Windows Server 2012 R2; Window ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0078
+CVE-2017-0078 (The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0077
+CVE-2017-0077 (The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0076
+CVE-2017-0076 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0075
+CVE-2017-0075 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0074
+CVE-2017-0074 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 20 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0073
+CVE-2017-0073 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0072
+CVE-2017-0072 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0071
+CVE-2017-0071 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0070
+CVE-2017-0070 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0069
+CVE-2017-0069 (Microsoft Edge allows remote attackers to spoof web content via a craf ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0068
+CVE-2017-0068 (Browsers in Microsoft Edge allow remote attackers to obtain sensitive  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0067
+CVE-2017-0067 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0066
+CVE-2017-0066 (Microsoft Edge allows remote attackers to bypass the Same Origin Polic ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0065
+CVE-2017-0065 (Microsoft Edge allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0064
+CVE-2017-0064 (A security feature bypass vulnerability exists in Internet Explorer th ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0063
+CVE-2017-0063 (The Color Management Module (ICM32.dll) memory handling functionality  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0062
+CVE-2017-0062 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0061
+CVE-2017-0061 (The Color Management Module (ICM32.dll) memory handling functionality  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0060
+CVE-2017-0060 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0059
+CVE-2017-0059 (Microsoft Internet Explorer 9 through 11 allow remote attackers to obt ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0058
+CVE-2017-0058 (A Win32k information disclosure vulnerability exists in Microsoft Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0057
+CVE-2017-0057 (DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows R ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0056
+CVE-2017-0056 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0055
+CVE-2017-0055 (Microsoft Internet Information Server (IIS) in Windows Vista SP2; Wind ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0054
 	RESERVED
-CVE-2017-0053
+CVE-2017-0053 (Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0052
+CVE-2017-0052 (Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0051
+CVE-2017-0051 (Microsoft Windows 10 1607 and Windows Server 2016 allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0050
+CVE-2017-0050 (The kernel API in Microsoft Windows Vista SP2; Windows Server 2008 SP2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0049
+CVE-2017-0049 (The VBScript engine in Microsoft Internet Explorer 11 allows remote at ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0048
 	RESERVED
-CVE-2017-0047
+CVE-2017-0047 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Wi ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0046
 	RESERVED
-CVE-2017-0045
+CVE-2017-0045 (Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1 ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0044
 	RESERVED
-CVE-2017-0043
+CVE-2017-0043 (Active Directory Federation Services in Microsoft Windows 10 1607, Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0042
+CVE-2017-0042 (Windows Media Player in Microsoft Windows 8.1; Windows Server 2012 R2; ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0041
 	RESERVED
-CVE-2017-0040
+CVE-2017-0040 (The scripting engine in Microsoft Internet Explorer 9 through 11 allow ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0039
+CVE-2017-0039 (Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0038
+CVE-2017-0038 (gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vist ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0037
+CVE-2017-0037 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type c ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0036
 	RESERVED
-CVE-2017-0035
+CVE-2017-0035 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0034
+CVE-2017-0034 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0033
+CVE-2017-0033 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0032
+CVE-2017-0032 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0031
+CVE-2017-0031 (Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0030
+CVE-2017-0030 (Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web A ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0029
+CVE-2017-0029 (Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1, and Word 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0028
+CVE-2017-0028 (A remote code execution vulnerability exists when Microsoft scripting  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0027
+CVE-2017-0027 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 201 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0026
+CVE-2017-0026 (The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 a ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0025
+CVE-2017-0025 (The kernel-mode drivers in Microsoft Windows Vista; Windows Server 200 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0024
+CVE-2017-0024 (The kernel-mode drivers in Microsoft Windows 10 1607 and Windows Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0023
+CVE-2017-0023 (The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 an ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0022
+CVE-2017-0022 (Microsoft XML Core Services (MSXML) in Windows 10 Gold, 1511, and 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0021
+CVE-2017-0021 (Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0020
+CVE-2017-0020 (Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office We ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0019
+CVE-2017-0019 (Microsoft Word 2016 allows remote attackers to execute arbitrary code  ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0018
+CVE-2017-0018 (Microsoft Internet Explorer 10 and 11 allow remote attackers to execut ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0017
+CVE-2017-0017 (The RegEx class in the XSS filter in Microsoft Edge allows remote atta ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0016
+CVE-2017-0016 (Microsoft Windows 10 Gold, 1511, and 1607; Windows 8.1; Windows RT 8.1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0015
+CVE-2017-0015 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0014
+CVE-2017-0014 (The Windows Graphics Component in Microsoft Office 2010 SP2; Windows S ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0013
 	RESERVED
-CVE-2017-0012
+CVE-2017-0012 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote attacke ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0011
+CVE-2017-0011 (Microsoft Edge allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0010
+CVE-2017-0010 (A remote code execution vulnerability exists in the way affected Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0009
+CVE-2017-0009 (Microsoft Internet Explorer 9 through 11 allow remote attackers to obt ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0008
+CVE-2017-0008 (Microsoft Internet Explorer 9 through 11 allow remote attackers to obt ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0007
+CVE-2017-0007 (Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Ser ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0006
+CVE-2017-0006 (Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0005
+CVE-2017-0005 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0004
+CVE-2017-0004 (The Local Security Authority Subsystem Service (LSASS) in Microsoft Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0003
+CVE-2017-0003 (Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0002
+CVE-2017-0002 (Microsoft Edge allows remote attackers to bypass the Same Origin Polic ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0001
+CVE-2017-0001 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-7443
+CVE-2017-7443 (apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP respo ...)
 	{DLA-873-1}
 	- apt-cacher-ng 3-1 (bug #858833)
 	[buster] - apt-cacher-ng 2-2
@@ -50744,7 +50744,7 @@ CVE-2017-7443
 	[buster] - apt-cacher 1.7.13+deb9u1
 	[stretch] - apt-cacher 1.7.13+deb9u1
 	[jessie] - apt-cacher 1.7.10+deb8u1
-CVE-2017-6100
+CVE-2017-6100 (tcpdf before 6.2.0 uploads files from the server generating PDF-files  ...)
 	- tcpdf 6.2.12+dfsg2-1 (bug #814030)
 	[jessie] - tcpdf 6.0.093+dfsg-1+deb8u1
 	NOTE: https://sourceforge.net/p/tcpdf/bugs/1005/
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index e3e5eb7935..dd90eca655 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -1,20 +1,20 @@
-CVE-2018-20814
+CVE-2018-20814 (An XSS issue was found with Psaldownload.cgi in Pulse Secure Pulse Con ...)
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20813
+CVE-2018-20813 (An input validation issue has been found with login_meeting.cgi in Pul ...)
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20812
+CVE-2018-20812 (An information exposure issue where IPv6 DNS traffic would be sent out ...)
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20811
+CVE-2018-20811 (A hidden RPC service issue was found with Pulse Secure Pulse Connect S ...)
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20810
+CVE-2018-20810 (Session data between cluster nodes during cluster synchronization is n ...)
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20809
+CVE-2018-20809 (A crafted message can cause the web server to crash with Pulse Secure  ...)
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20808
+CVE-2018-20808 (An XSS issue has been found with rd.cgi in Pulse Secure Pulse Connect  ...)
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20807
+CVE-2018-20807 (An XSS issue has been found in welcome.cgi in Pulse Secure Pulse Conne ...)
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-20806
+CVE-2018-20806 (Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the  ...)
 	- phamm <unfixed> (bug #924731)
 	NOTE: https://github.com/lota/phamm/issues/24
 CVE-2018-20805
@@ -25,9 +25,9 @@ CVE-2018-20803
 	RESERVED
 CVE-2018-20802
 	RESERVED
-CVE-2018-20801
+CVE-2018-20801 (In js/parts/SvgRenderer.js in Highcharts JS before 6.1.0, the use of b ...)
 	NOT-FOR-US: Highcharts JS
-CVE-2018-20800
+CVE-2018-20800 (An issue was discovered in Open Ticket Request System (OTRS) 5.0.31 an ...)
 	- otrs2 6.0.14-1
 	[jessie] - otrs2 <not-affected> (Vulnerable code not present)
 	NOTE: https://community.otrs.com/security-advisory-2018-10-security-update-for-otrs-framework/
@@ -35,40 +35,40 @@ CVE-2018-20800
 	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/7d3c56d5b9bb38207695dae174dbba89a132e7b9
 	NOTE: For upstream versions only did affect OTRS 6.0.13 and OTRS 5.0.31.
 	TODO: check, if for the older series broken patches were backported and thus as well affected
-CVE-2018-20799
+CVE-2018-20799 (In pfSense 2.4.4_1, blocking of source IP addresses on the basis of fa ...)
 	NOT-FOR-US: pfSense
-CVE-2018-20798
+CVE-2018-20798 (The expiretable configuration in pfSense 2.4.4_1 establishes block dur ...)
 	NOT-FOR-US: pfSense
-CVE-2018-20797
+CVE-2018-20797 (An issue was discovered in PoDoFo 0.9.6. There is an attempted excessi ...)
 	- libpodofo <unfixed> (low; bug #923415)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/podofo/tickets/34/
-CVE-2018-20796
+CVE-2018-20796 (In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limi ...)
 	- glibc <unfixed> (unimportant)
 	- eglibc <removed> (unimportant)
 	NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
 	NOTE: https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html
 	NOTE: No treated as vulnerability: https://sourceware.org/glibc/wiki/Security%20Exceptions
-CVE-2018-20795
+CVE-2018-20795 (tecrail Responsive FileManager 9.13.4 allows remote attackers to read  ...)
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20794
+CVE-2018-20794 (tecrail Responsive FileManager 9.13.4 allows remote attackers to write ...)
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20793
+CVE-2018-20793 (tecrail Responsive FileManager 9.13.4 allows remote attackers to write ...)
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20792
+CVE-2018-20792 (tecrail Responsive FileManager 9.13.4 allows remote attackers to read  ...)
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20791
+CVE-2018-20791 (tecrail Responsive FileManager 9.13.4 allows XSS via a media file uplo ...)
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20790
+CVE-2018-20790 (tecrail Responsive FileManager 9.13.4 allows remote attackers to delet ...)
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20789
+CVE-2018-20789 (tecrail Responsive FileManager 9.13.4 allows remote attackers to delet ...)
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-20788
+CVE-2018-20788 (drivers/leds/leds-aw2023.c in the led driver for custom Linux kernels  ...)
 	NOT-FOR-US: led driver for custom Linux kernels on the Xiaomi Redmi 6pro daisy-o-oss phone
-CVE-2018-20787
+CVE-2018-20787 (The ft5x46 touchscreen driver for custom Linux kernels on the Xiaomi p ...)
 	NOT-FOR-US: touchscreen driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device
-CVE-2018-20786
+CVE-2018-20786 (libvterm through 0+bzr726, as used in Vim and other products, mishandl ...)
 	- vim 2:8.1.0693-1 (unimportant)
 	[stretch] - vim <not-affected> (Vulnerable code introduced later)
 	[jessie] - vim <not-affected> (Vulnerable code introduced later)
@@ -77,14 +77,14 @@ CVE-2018-20786
 	NOTE: Fixed by: https://github.com/vim/vim/commit/cd929f7ba8cc5b6d6dcf35c8b34124e969fed6b8 (v8.1.0633)
 	NOTE: MISC:https://github.com/vim/vim/issues/3711
 	NOTE: No security impact
-CVE-2018-20785
+CVE-2018-20785 (Secure boot bypass and memory extraction can be achieved on Neato Botv ...)
 	NOT-FOR-US: Neato
-CVE-2018-20784
+CVE-2018-20784 (In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf ...)
 	- linux 4.19.16-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/c40f7d74c741a907cfaeb73a7697081881c497d0
-CVE-2018-20783
+CVE-2018-20783 (In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2. ...)
 	{DSA-4353-1 DLA-1608-1}
 	- php7.3 7.3.0-1
 	- php7.0 <removed>
@@ -95,70 +95,70 @@ CVE-2018-1002161 [SQL injection in multiple remote calls]
 	- koji 1.16.2-1 (bug #922922)
 	NOTE: https://docs.pagure.org/koji/CVE-2018-1002161/
 	NOTE: https://pagure.io/koji/issue/1183
-CVE-2018-20782
+CVE-2018-20782 (The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages ...)
 	NOT-FOR-US: WooCommerce plugin
-CVE-2018-20781
+CVE-2018-20781 (In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's pas ...)
 	- gnome-keyring 3.28.0-1 (unimportant)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781486
 	NOTE: https://gitlab.gnome.org/GNOME/gnome-keyring/issues/3
 	NOTE: Not a vulnerability, just a hardening patch
-CVE-2018-20780
+CVE-2018-20780 (Traq 3.7.1 allows admin/users/new CSRF to create an admin account (aka ...)
 	NOT-FOR-US: Traq
-CVE-2018-20779
+CVE-2018-20779 (Traq 3.7.1 allows SQL Injection via a tickets?search= URI. ...)
 	NOT-FOR-US: Traq
-CVE-2018-20778
+CVE-2018-20778 (admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-20777
+CVE-2018-20777 (Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field. ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-20776
+CVE-2018-20776 (Frog CMS 0.9.5 provides a directory listing for a /public request. ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-20775
+CVE-2018-20775 (admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code executio ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-20774
+CVE-2018-20774 (Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field. ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-20773
+CVE-2018-20773 (Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-20772
+CVE-2018-20772 (Frog CMS 0.9.5 allows PHP code execution via &lt;?php to the admin/?/l ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-20771
+CVE-2018-20771 (An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi,  ...)
 	NOT-FOR-US: Xerox devices
-CVE-2018-20770
+CVE-2018-20770 (An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi,  ...)
 	NOT-FOR-US: Xerox devices
-CVE-2018-20769
+CVE-2018-20769 (An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi,  ...)
 	NOT-FOR-US: Xerox devices
-CVE-2018-20768
+CVE-2018-20768 (An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi,  ...)
 	NOT-FOR-US: Xerox devices
-CVE-2018-20767
+CVE-2018-20767 (An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi,  ...)
 	NOT-FOR-US: Xerox devices
 CVE-2018-20766
 	RESERVED
 CVE-2018-20765
 	RESERVED
-CVE-2018-20764
+CVE-2018-20764 (A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for Bo ...)
 	NOT-FOR-US: BoKS
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1676393
 	NOTE: https://community.helpsystems.com/knowledge-base/fox-technologies/hotfix/515/
 	NOTE: No specific information is provided, but seems caused by BoKS shipping tcpcrypt setuid
-CVE-2018-20763
+CVE-2018-20763 (In GPAC through 0.7.2, gf_text_get_utf8_line in media_tools/text_impor ...)
 	{DLA-1693-1}
 	- gpac <unfixed> (bug #921969)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: https://github.com/gpac/gpac/commit/1c449a34fe0b50aaffb881bfb9d7c5ab0bb18cdd
 	NOTE: https://github.com/gpac/gpac/issues/1188
-CVE-2018-20762
+CVE-2018-20762 (GPAC version 0.7.2 and earlier has a buffer overflow vulnerability in  ...)
 	{DLA-1693-1}
 	- gpac <unfixed> (bug #921969)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: https://github.com/gpac/gpac/commit/35ab4475a7df9b2a4bcab235e379c0c3ec543658
 	NOTE: https://github.com/gpac/gpac/issues/1187
-CVE-2018-20761
+CVE-2018-20761 (GPAC version 0.7.2 and earlier has a Buffer Overflow vulnerability in  ...)
 	{DLA-1693-1}
 	- gpac <unfixed> (bug #921969)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: https://github.com/gpac/gpac/commit/35ab4475a7df9b2a4bcab235e379c0c3ec543658
 	NOTE: https://github.com/gpac/gpac/issues/1186
-CVE-2018-20760
+CVE-2018-20760 (In GPAC 0.7.2, gf_text_get_utf8_line in media_tools/text_import.c in l ...)
 	{DLA-1693-1}
 	- gpac <unfixed> (bug #921969)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point update)
@@ -166,27 +166,27 @@ CVE-2018-20760
 	NOTE: https://github.com/gpac/gpac/issues/1177
 CVE-2018-20759
 	RESERVED
-CVE-2018-20758
+CVE-2018-20758 (MODX Revolution through v2.7.0-pl allows XSS via User Settings such as ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2018-20757
+CVE-2018-20757 (MODX Revolution through v2.7.0-pl allows XSS via an extended user fiel ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2018-20756
+CVE-2018-20756 (MODX Revolution through v2.7.0-pl allows XSS via a document resource ( ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2018-20755
+CVE-2018-20755 (MODX Revolution through v2.7.0-pl allows XSS via the User Photo field. ...)
 	NOT-FOR-US: MODX Revolution
 CVE-2018-20754
 	RESERVED
-CVE-2018-20753
+CVE-2018-20753 (Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 be ...)
 	NOT-FOR-US: Kaseya VSA RMM
-CVE-2018-20752
+CVE-2018-20752 (An issue was discovered in Recon-ng before 4.9.5. Lack of validation i ...)
 	- recon-ng 4.9.5-1
 	NOTE: https://bitbucket.org/LaNMaSteR53/recon-ng/issues/285/csv-injection-vulnerability-identified-in
-CVE-2018-1000999
+CVE-2018-1000999 (Fastnet SA MailCleaner version 2018092601 contains a Command Injection ...)
 	NOT-FOR-US: Fastnet SA MailCleaner
-CVE-2018-1000998
+CVE-2018-1000998 (FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulne ...)
 	- cvsweb 3:3.0.0-1
 	NOTE: https://www.kvakil.me/posts/cvsweb/
-CVE-2018-20751
+CVE-2018-20751 (An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PD ...)
 	- libpodofo 0.9.6+dfsg-4
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -196,13 +196,13 @@ CVE-2018-20747
 	RESERVED
 CVE-2018-20746
 	RESERVED
-CVE-2018-20745
+CVE-2018-20745 (Yii 2.x through 2.0.15.1 actively converts a wildcard CORS policy into ...)
 	- yii <itp> (bug #597899)
-CVE-2018-20744
+CVE-2018-20744 (The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a  ...)
 	NOT-FOR-US: Olivier Poitrey Go CORS handler
-CVE-2018-20742
+CVE-2018-20742 (An issue was discovered in UC Berkeley RISE Opaque before 2018-12-01.  ...)
 	NOT-FOR-US: UC Berkeley RISE Opaque
-CVE-2018-1000997
+CVE-2018-1000997 (A path traversal vulnerability exists in the Stapler web framework use ...)
 	NOT-FOR-US: Jenkins
 CVE-2018-20741
 	RESERVED
@@ -216,43 +216,43 @@ CVE-2018-20737
 	RESERVED
 CVE-2018-20736
 	RESERVED
-CVE-2018-20735
+CVE-2018-20735 (** DISPUTED ** An issue was discovered in BMC PATROL Agent through 11. ...)
 	NOT-FOR-US: BMC PATROL Agent
 CVE-2018-20734
 	RESERVED
-CVE-2018-20733
+CVE-2018-20733 (BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows ...)
 	NOT-FOR-US: SAS Web Infrastructure Platform
-CVE-2018-20732
+CVE-2018-20732 (SAS Web Infrastructure Platform before 9.4M6 allows remote attackers t ...)
 	NOT-FOR-US: SAS Web Infrastructure Platform
-CVE-2018-20731
+CVE-2018-20731 (A stored cross site scripting (XSS) vulnerability in NeDi before 1.7Cp ...)
 	NOT-FOR-US: NeDi
-CVE-2018-20730
+CVE-2018-20730 (A SQL injection vulnerability in NeDi before 1.7Cp3 allows any user to ...)
 	NOT-FOR-US: NeDi
-CVE-2018-20729
+CVE-2018-20729 (A reflected cross site scripting (XSS) vulnerability in NeDi before 1. ...)
 	NOT-FOR-US: NeDi
-CVE-2018-20728
+CVE-2018-20728 (A cross site request forgery (CSRF) vulnerability in NeDi before 1.7Cp ...)
 	NOT-FOR-US: NeDi
-CVE-2018-20727
+CVE-2018-20727 (Multiple command injection vulnerabilities in NeDi before 1.7Cp3 allow ...)
 	NOT-FOR-US: NeDi
-CVE-2018-20726
+CVE-2018-20726 (A cross-site scripting (XSS) vulnerability exists in host.php (via tre ...)
 	- cacti 1.2.1+ds1-1 (low)
 	[stretch] - cacti <no-dsa> (Minor issue)
 	[jessie] - cacti <ignored> (Minor issue)
 	NOTE: https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d
 	NOTE: https://github.com/Cacti/cacti/issues/2213
-CVE-2018-20725
+CVE-2018-20725 (A cross-site scripting (XSS) vulnerability exists in graph_templates.p ...)
 	- cacti 1.2.1+ds1-1 (low)
 	[stretch] - cacti <no-dsa> (Minor issue)
 	[jessie] - cacti <ignored> (Minor issue)
 	NOTE: https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d
 	NOTE: https://github.com/Cacti/cacti/issues/2214
-CVE-2018-20724
+CVE-2018-20724 (A cross-site scripting (XSS) vulnerability exists in pollers.php in Ca ...)
 	- cacti 1.2.1+ds1-1 (low)
 	[stretch] - cacti <no-dsa> (Minor issue)
 	[jessie] - cacti <ignored> (Minor issue)
 	NOTE: https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53
 	NOTE: https://github.com/Cacti/cacti/issues/2212
-CVE-2018-20723
+CVE-2018-20723 (A cross-site scripting (XSS) vulnerability exists in color_templates.p ...)
 	- cacti 1.2.1+ds1-1 (low)
 	[stretch] - cacti <no-dsa> (Minor issue)
 	[jessie] - cacti <ignored> (Minor issue)
@@ -260,34 +260,34 @@ CVE-2018-20723
 	NOTE: https://github.com/Cacti/cacti/issues/2215
 CVE-2018-20722
 	RESERVED
-CVE-2018-20721
+CVE-2018-20721 (URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bound ...)
 	{DLA-1682-1}
 	- uriparser 0.9.1-1 (low)
 	[stretch] - uriparser <no-dsa> (Minor issue)
 	NOTE: https://github.com/uriparser/uriparser/commit/cef25028de5ff872c2e1f0a6c562eb3ea9ecbce4
-CVE-2018-20720
+CVE-2018-20720 (ABB Relion 630 devices 1.1 before 1.1.0.C0, 1.2 before 1.2.0.B3, and 1 ...)
 	NOT-FOR-US: ABB Relion 630 devices
-CVE-2018-20743
+CVE-2018-20743 (murmur in Mumble through 1.2.19 before 2018-08-31 mishandles multiple  ...)
 	{DSA-4402-1 DLA-1661-1}
 	- mumble 1.3.0~git20190114.9fcc588+dfsg-1 (bug #919249)
 	NOTE: https://github.com/mumble-voip/mumble/issues/3505
 	NOTE: https://github.com/mumble-voip/mumble/pull/3510
 	NOTE: https://github.com/mumble-voip/mumble/pull/3512
-CVE-2018-20719
+CVE-2018-20719 (In Tiki before 17.2, the user task component is vulnerable to a SQL In ...)
 	- tikiwiki <removed>
-CVE-2018-20718
+CVE-2018-20718 (In Pydio before 8.2.2, an attack is possible via PHP Object Injection  ...)
 	- ajaxplorer <itp> (bug #668381)
-CVE-2018-20717
+CVE-2018-20717 (In the orders section of PrestaShop before 1.7.2.5, an attack is possi ...)
 	NOT-FOR-US: PrestaShop
-CVE-2018-20716
+CVE-2018-20716 (CubeCart before 6.1.13 has SQL Injection via the validate[] parameter  ...)
 	NOT-FOR-US: CubeCart
-CVE-2018-20715
+CVE-2018-20715 (The DB abstraction layer of OXID eSales 4.10.6 is vulnerable to SQL in ...)
 	NOT-FOR-US: OXID eSales
-CVE-2018-20714
+CVE-2018-20714 (The logging system of the Automattic WooCommerce plugin before 3.4.6 f ...)
 	NOT-FOR-US: Automattic WooCommerce plugin for WordPress
-CVE-2018-20713
+CVE-2018-20713 (Shopware before 5.4.3 allows SQL Injection by remote authenticated use ...)
 	NOT-FOR-US: Shopware
-CVE-2018-20712
+CVE-2018-20712 (A heap-based buffer over-read exists in the function d_expression_1 in ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -295,7 +295,7 @@ CVE-2018-20712
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24043
 CVE-2018-20711
 	RESERVED
-CVE-2018-20710
+CVE-2018-20710 (The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibY ...)
 	- yaml-cpp <unfixed> (low; bug #919432)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -317,7 +317,7 @@ CVE-2018-20705
 	RESERVED
 CVE-2018-20704
 	RESERVED
-CVE-2018-20703
+CVE-2018-20703 (CubeCart 6.2.2 has Reflected XSS via a /{ADMIN-FILE}/ query string. ...)
 	NOT-FOR-US: CubeCart
 CVE-2018-20702
 	RESERVED
@@ -325,7 +325,7 @@ CVE-2018-20701
 	RESERVED
 CVE-2018-20700
 	RESERVED
-CVE-2018-20699
+CVE-2018-20699 (Docker Engine before 18.09 allows attackers to cause a denial of servi ...)
 	- docker.io <unfixed> (unimportant)
 	NOTE: https://github.com/docker/engine/pull/70
 	NOTE: https://github.com/moby/moby/pull/37967
@@ -356,16 +356,16 @@ CVE-2018-20687
 	RESERVED
 CVE-2018-20686
 	RESERVED
-CVE-2018-20684
+CVE-2018-20684 (In WinSCP before 5.14 beta, due to missing validation, the scp impleme ...)
 	NOT-FOR-US: WinSCP
-CVE-2018-20685
+CVE-2018-20685 (In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to b ...)
 	{DSA-4387-1}
 	- openssh 1:7.9p1-5 (bug #919101)
 	NOTE: https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2
 	NOTE: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
-CVE-2018-20682
+CVE-2018-20682 (Fork CMS 5.0.6 allows stored XSS via the private/en/settings facebook_ ...)
 	NOT-FOR-US: Fork CMS
-CVE-2018-20681
+CVE-2018-20681 (mate-screensaver before 1.20.2 in MATE Desktop Environment allows phys ...)
 	- mate-screensaver 1.20.2-1 (low)
 	[stretch] - mate-screensaver <no-dsa> (Minor issue)
 	[jessie] - mate-screensaver <not-affected> (Vulnerability only manifests when built against GTK-3.22)
@@ -373,58 +373,58 @@ CVE-2018-20681
 	NOTE: https://github.com/mate-desktop/mate-screensaver/issues/155
 	NOTE: https://github.com/mate-desktop/mate-screensaver/issues/170
 	NOTE: https://github.com/mate-desktop/mate-screensaver/pull/167
-CVE-2018-1000426
+CVE-2018-1000426 (A cross-site scripting vulnerability exists in Jenkins Git Changelog P ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000425
+CVE-2018-1000425 (An insufficiently protected credentials vulnerability exists in Jenkin ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000424
+CVE-2018-1000424 (An insufficiently protected credentials vulnerability exists in Jenkin ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000423
+CVE-2018-1000423 (An insufficiently protected credentials vulnerability exists in Jenkin ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000422
+CVE-2018-1000422 (An improper authorization vulnerability exists in Jenkins Crowd 2 Inte ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000421
+CVE-2018-1000421 (An improper authorization vulnerability exists in Jenkins Mesos Plugin ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000420
+CVE-2018-1000420 (An improper authorization vulnerability exists in Jenkins Mesos Plugin ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000419
+CVE-2018-1000419 (An improper authorization vulnerability exists in Jenkins HipChat Plug ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000418
+CVE-2018-1000418 (An improper authorization vulnerability exists in Jenkins HipChat Plug ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000417
+CVE-2018-1000417 (A cross-site request forgery vulnerability exists in Jenkins Email Ext ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000416
+CVE-2018-1000416 (A reflected cross-site scripting vulnerability exists in Jenkins Job C ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000415
+CVE-2018-1000415 (A cross-site scripting vulnerability exists in Jenkins Rebuilder Plugi ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000414
+CVE-2018-1000414 (A cross-site request forgery vulnerability exists in Jenkins Config Fi ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000413
+CVE-2018-1000413 (A cross-site scripting vulnerability exists in Jenkins Config File Pro ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000412
+CVE-2018-1000412 (An improper authorization vulnerability exists in Jenkins Jira Plugin  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000411
+CVE-2018-1000411 (A cross-site request forgery vulnerability exists in Jenkins JUnit Plu ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000410
+CVE-2018-1000410 (An information exposure vulnerability exists in Jenkins 2.145 and earl ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1000409
+CVE-2018-1000409 (A session fixation vulnerability exists in Jenkins 2.145 and earlier,  ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1000408
+CVE-2018-1000408 (A denial of service vulnerability exists in Jenkins 2.145 and earlier, ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1000407
+CVE-2018-1000407 (A cross-site scripting vulnerability exists in Jenkins 2.145 and earli ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1000406
+CVE-2018-1000406 (A path traversal vulnerability exists in Jenkins 2.145 and earlier, LT ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-20683
+CVE-2018-20683 (commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables rsyn ...)
 	- gitolite3 3.6.11-1 (bug #918849)
 	[stretch] - gitolite3 <no-dsa> (Minor issue)
 	[jessie] - gitolite3 <no-dsa> (Minor issue)
 	- gitolite <removed>
 	NOTE: https://github.com/sitaramc/gitolite/commit/5df2b817255ee919991da6c310239e08c8fcc1ae
 	NOTE: https://groups.google.com/forum/#!topic/gitolite-announce/6xbjjmpLePQ
-CVE-2018-20680
+CVE-2018-20680 (Frog CMS 0.9.5 has XSS in the admin/?/page/edit/1 body field. ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-20679
+CVE-2018-20679 (An issue was discovered in BusyBox before 1.30.0. An out of bounds rea ...)
 	- busybox 1:1.30.1-1 (low; bug #918846)
 	[stretch] - busybox <no-dsa> (Minor issue)
 	[jessie] - busybox <no-dsa> (Minor issue)
@@ -436,7 +436,7 @@ CVE-2018-20679
 	NOTE: is needed to fix the issue completely.
 CVE-2018-20678
 	RESERVED
-CVE-2018-20677
+CVE-2018-20677 (In Bootstrap before 3.4.0, XSS is possible in the affix configuration  ...)
 	- twitter-bootstrap <unfixed>
 	[stretch] - twitter-bootstrap <no-dsa> (Minor issue)
 	[jessie] - twitter-bootstrap <no-dsa> (Minor issue)
@@ -448,7 +448,7 @@ CVE-2018-20677
 	NOTE: https://github.com/twbs/bootstrap/issues/27915#issuecomment-452196628
 	NOTE: https://github.com/twbs/bootstrap/pull/27047
 	NOTE: https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d (v3.4.0)
-CVE-2018-20676
+CVE-2018-20676 (In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewpor ...)
 	- twitter-bootstrap <unfixed>
 	[stretch] - twitter-bootstrap <no-dsa> (Minor issue)
 	[jessie] - twitter-bootstrap <no-dsa> (Minor issue)
@@ -460,18 +460,18 @@ CVE-2018-20676
 	NOTE: https://github.com/twbs/bootstrap/issues/27915#issuecomment-452196628
 	NOTE: https://github.com/twbs/bootstrap/pull/27047
 	NOTE: https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d (v3.4.0)
-CVE-2018-20675
+CVE-2018-20675 (D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Be ...)
 	NOT-FOR-US: D-Link
-CVE-2018-20674
+CVE-2018-20674 (D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Be ...)
 	NOT-FOR-US: D-Link
-CVE-2018-20673
+CVE-2018-20673 (The demangle_template function in cplus-dem.c in GNU libiberty, as dis ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24039
 CVE-2018-20672
 	RESERVED
-CVE-2018-20671
+CVE-2018-20671 (load_specific_debug_section in objdump.c in GNU Binutils through 2.31. ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -479,7 +479,7 @@ CVE-2018-20671
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca
 CVE-2018-20670
 	RESERVED
-CVE-2018-20669 [Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver)]
+CVE-2018-20669 (An issue where a provided address with access_ok() is not checked was  ...)
 	- linux <unfixed> (unimportant)
 	NOTE: Fixed by: https://git.kernel.org/linus/594cc251fdd0d231d342d88b2fdff4bc42fb0690
 CVE-2018-20668
@@ -490,11 +490,11 @@ CVE-2018-20666
 	RESERVED
 CVE-2018-20665
 	RESERVED
-CVE-2018-20664
+CVE-2018-20664 (Zoho ManageEngine ADSelfService Plus 5.x before build 5701 has XXE via ...)
 	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
-CVE-2018-20663
+CVE-2018-20663 (The Reporting Addon (aka Reports Addon) through 2019-01-02 for CUBA Pl ...)
 	NOT-FOR-US: Reporting Addon for CUBA Platform
-CVE-2018-20662
+CVE-2018-20662 (In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to caus ...)
 	{DLA-1706-1}
 	- poppler <unfixed> (low; bug #918158)
 	[stretch] - poppler <no-dsa> (Minor issue)
@@ -504,11 +504,11 @@ CVE-2018-20661
 	RESERVED
 CVE-2018-20660
 	RESERVED
-CVE-2018-20659
+CVE-2018-20659 (An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in ...)
 	NOT-FOR-US: Bento4
-CVE-2018-20658
+CVE-2018-20658 (The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote ...)
 	NOT-FOR-US: Core FTP
-CVE-2018-20657
+CVE-2018-20657 (The demangle_template function in cplus-dem.c in GNU libiberty, as dis ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -521,15 +521,15 @@ CVE-2018-20654
 	RESERVED
 CVE-2018-20653
 	RESERVED
-CVE-2018-20652
+CVE-2018-20652 (An attempted excessive memory allocation was discovered in the functio ...)
 	NOT-FOR-US: tinyexr
-CVE-2018-20651
+CVE-2018-20651 (A NULL pointer dereference was discovered in elf_link_add_object_symbo ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24041
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f
-CVE-2018-20650
+CVE-2018-20650 (A reachable Object::dictLookup assertion in Poppler 0.72.0 allows atta ...)
 	- poppler <unfixed> (low; bug #917974)
 	[buster] - poppler <no-dsa> (Minor issue)
 	[stretch] - poppler <no-dsa> (Minor issue)
@@ -588,75 +588,75 @@ CVE-2018-20625
 	RESERVED
 CVE-2018-20624
 	RESERVED
-CVE-2018-20623
+CVE-2018-20623 (In GNU Binutils 2.31.1, there is a use-after-free in the error functio ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24049
-CVE-2018-20622
+CVE-2018-20622 (JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a wh ...)
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/193
-CVE-2018-20621
+CVE-2018-20621 (An issue was discovered in Microvirt MEmu 6.0.6. The MemuService.exe s ...)
 	NOT-FOR-US: Microvirt MEmu
 CVE-2018-20620
 	RESERVED
 CVE-2018-20619
 	RESERVED
-CVE-2018-20618
+CVE-2018-20618 (ok-file-formats through 2018-10-16 has a heap-based buffer over-read i ...)
 	NOT-FOR-US: ok-file-formats
-CVE-2018-20617
+CVE-2018-20617 (ok-file-formats through 2018-10-16 has a heap-based buffer overflow in ...)
 	NOT-FOR-US: ok-file-formats
-CVE-2018-20616
+CVE-2018-20616 (ok-file-formats through 2018-10-16 has a heap-based buffer overflow in ...)
 	NOT-FOR-US: ok-file-formats
-CVE-2018-20615
+CVE-2018-20615 (An out-of-bounds read issue was discovered in the HTTP/2 protocol deco ...)
 	- haproxy 1.8.16-2
 	[stretch] - haproxy <not-affected> (Vulnerable code introduced later)
 	[jessie] - haproxy <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/haproxy/haproxy/commit/a01f45e3ced23c799f6e78b5efdbd32198a75354
-CVE-2018-20614
+CVE-2018-20614 (public\install\install.php in CIM 0.9.3 allows remote attackers to rel ...)
 	NOT-FOR-US: CIM
-CVE-2018-20613
+CVE-2018-20613 (TEMMOKU T1.09 Beta allows admin/user/add CSRF. ...)
 	NOT-FOR-US: TEMMOKU
-CVE-2018-20612
+CVE-2018-20612 (UWA 2.3.11 allows index.php?g=admin&amp;c=admin&amp;a=add_admin_do CSR ...)
 	NOT-FOR-US: UWA
-CVE-2018-20611
+CVE-2018-20611 (imcat 4.4 allow XSS via a crafted cookie to the root/tools/adbug/binfo ...)
 	NOT-FOR-US: imcat
-CVE-2018-20610
+CVE-2018-20610 (imcat 4.4 allows directory traversal via the root/run/adm.php efile pa ...)
 	NOT-FOR-US: imcat
-CVE-2018-20609
+CVE-2018-20609 (imcat 4.4 allows remote attackers to obtain potentially sensitive conf ...)
 	NOT-FOR-US: imcat
-CVE-2018-20608
+CVE-2018-20608 (imcat 4.4 allows remote attackers to read phpinfo output via the root/ ...)
 	NOT-FOR-US: imcat
-CVE-2018-20607
+CVE-2018-20607 (imcat 4.4 allows remote attackers to obtain potentially sensitive debu ...)
 	NOT-FOR-US: imcat
-CVE-2018-20606
+CVE-2018-20606 (imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&amp;a ...)
 	NOT-FOR-US: imcat
-CVE-2018-20605
+CVE-2018-20605 (imcat 4.4 allows remote attackers to execute arbitrary PHP code by usi ...)
 	NOT-FOR-US: imcat
-CVE-2018-20604
+CVE-2018-20604 (Lei Feng TV CMS (aka LFCMS) 3.8.6 allows Directory Traversal via craft ...)
 	NOT-FOR-US: Lei Feng TV CMS
-CVE-2018-20603
+CVE-2018-20603 (Lei Feng TV CMS (aka LFCMS) 3.8.6 allows admin.php?s=/Member/add.html  ...)
 	NOT-FOR-US: Lei Feng TV CMS
-CVE-2018-20602
+CVE-2018-20602 (Lei Feng TV CMS (aka LFCMS) 3.8.6 allows full path disclosure via the  ...)
 	NOT-FOR-US: Lei Feng TV CMS
-CVE-2018-20601
+CVE-2018-20601 (UCMS 1.4.7 has XSS via the description parameter in an index.php list_ ...)
 	NOT-FOR-US: UCMS
-CVE-2018-20600
+CVE-2018-20600 (sadmin\cedit.php in UCMS 1.4.7 has XSS via an index.php sadmin_cedit a ...)
 	NOT-FOR-US: UCMS
-CVE-2018-20599
+CVE-2018-20599 (UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by en ...)
 	NOT-FOR-US: UCMS
-CVE-2018-20598
+CVE-2018-20598 (UCMS 1.4.7 has ?do=user_addpost CSRF. ...)
 	NOT-FOR-US: UCMS
-CVE-2018-20597
+CVE-2018-20597 (UCMS 1.4.7 has XSS via the dir parameter in an index.php sadmin_fileed ...)
 	NOT-FOR-US: UCMS
-CVE-2018-20596
+CVE-2018-20596 (Jspxcms v9.0.0 allows SSRF. ...)
 	NOT-FOR-US: Jspxcms
-CVE-2018-20595
+CVE-2018-20595 (A CSRF issue was discovered in web/authorization/oauth2/controller/OAu ...)
 	NOT-FOR-US: hsweb
-CVE-2018-20594
+CVE-2018-20594 (An issue was discovered in hsweb 3.0.4. It is a reflected XSS vulnerab ...)
 	NOT-FOR-US: hsweb
-CVE-2018-20593
+CVE-2018-20593 (In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in  ...)
 	- mxml <unfixed> (low; bug #924353)
 	[buster] - mxml <ignored> (Minor issue)
 	[stretch] - mxml <ignored> (Minor issue)
@@ -667,7 +667,7 @@ CVE-2018-20593
 	NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2987_1.txt.err (error output)
 	NOTE: https://github.com/michaelrsweet/mxml/issues/237
 	NOTE: upstream tagged the issue with 'wontfix' and removed mxmldoc code completely
-CVE-2018-20592
+CVE-2018-20592 (In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd ...)
 	- mxml <unfixed> (low; bug #924353)
 	[buster] - mxml <ignored> (Minor issue)
 	[stretch] - mxml <ignored> (Minor issue)
@@ -678,27 +678,27 @@ CVE-2018-20592
 	NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_2.txt.err (error output)
 	NOTE: https://github.com/michaelrsweet/mxml/issues/237
 	NOTE: upstream tagged the issue with 'wontfix' and removed mxmldoc code completely
-CVE-2018-20591
+CVE-2018-20591 (A heap-based buffer over-read was discovered in decompileJUMP function ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/168
-CVE-2018-20590
+CVE-2018-20590 (Ivan Cordoba Generic Content Management System (CMS) through 2018-04-2 ...)
 	NOT-FOR-US: Ivan Cordoba Generic Content Management System (CMS)
-CVE-2018-20589
+CVE-2018-20589 (Ivan Cordoba Generic Content Management System (CMS) through 2018-04-2 ...)
 	NOT-FOR-US: Ivan Cordoba Generic Content Management System (CMS)
-CVE-2018-20588
+CVE-2018-20588 (lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc v0.10.3-a ...)
 	NOT-FOR-US: otfcc
-CVE-2018-20587
+CVE-2018-20587 (Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0. ...)
 	- bitcoin <unfixed>
 	NOTE: https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-20587
 CVE-2018-20586
 	RESERVED
 CVE-2018-20585
 	RESERVED
-CVE-2018-20584
+CVE-2018-20584 (JasPer 2.0.14 allows remote attackers to cause a denial of service (ap ...)
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/192
-CVE-2018-20583
+CVE-2018-20583 (Cross-site scripting (XSS) vulnerability in the PHP League CommonMark  ...)
 	NOT-FOR-US: PHP League CommonMark library
 CVE-2018-20582
 	RESERVED
@@ -706,17 +706,17 @@ CVE-2018-20581
 	RESERVED
 CVE-2018-20580
 	RESERVED
-CVE-2018-20579
+CVE-2018-20579 (Contiki-NG before 4.2 has a stack-based buffer overflow in the push fu ...)
 	NOT-FOR-US: Contiki-NG
-CVE-2018-20578
+CVE-2018-20578 (An issue was discovered in NuttX before 7.27. The function netlib_pars ...)
 	NOT-FOR-US: NuttX
-CVE-2018-20577
+CVE-2018-20577 (Orange Livebox 00.96.320S devices allow cgi-bin/restore.exe, cgi-bin/f ...)
 	NOT-FOR-US: Orange Livebox 00.96.320S devices
-CVE-2018-20576
+CVE-2018-20576 (Orange Livebox 00.96.320S devices allow cgi-bin/autodialing.exe and cg ...)
 	NOT-FOR-US: Orange Livebox 00.96.320S devices
-CVE-2018-20575
+CVE-2018-20575 (Orange Livebox 00.96.320S devices have an undocumented /system_firmwar ...)
 	NOT-FOR-US: Orange Livebox 00.96.320S devices
-CVE-2018-20574
+CVE-2018-20574 (The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C ...)
 	- yaml-cpp <unfixed> (low; bug #918145)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -725,7 +725,7 @@ CVE-2018-20574
 	[stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	[jessie] - yaml-cpp0.3 <postponed> (Minor issue)
 	NOTE: https://github.com/jbeder/yaml-cpp/issues/654
-CVE-2018-20573
+CVE-2018-20573 (The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++ ...)
 	- yaml-cpp <unfixed> (low; bug #918147)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -734,53 +734,53 @@ CVE-2018-20573
 	[stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	[jessie] - yaml-cpp0.3 <postponed> (Minor issue)
 	NOTE: https://github.com/jbeder/yaml-cpp/issues/655
-CVE-2018-20572
+CVE-2018-20572 (WUZHI CMS 4.1.0 allows coreframe/app/coupon/admin/copyfrom.php SQL inj ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-20571
+CVE-2018-20571 (DamiCMS 6.0.1 allows remote attackers to read arbitrary files via a cr ...)
 	NOT-FOR-US: DamiCMS
-CVE-2018-20570
+CVE-2018-20570 (jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer o ...)
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/191
-CVE-2018-20569
+CVE-2018-20569 (user/index.php in Ivan Cordoba Generic Content Management System (CMS) ...)
 	NOT-FOR-US: Ivan Cordoba Generic Content Management System (CMS)
-CVE-2018-20568
+CVE-2018-20568 (Administrator/index.php in Ivan Cordoba Generic Content Management Sys ...)
 	NOT-FOR-US: Ivan Cordoba Generic Content Management System (CMS)
-CVE-2018-20567
+CVE-2018-20567 (An issue was discovered in DouCo DouPHP 1.5 20181221. \install\index.p ...)
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20566
+CVE-2018-20566 (An issue was discovered in DouCo DouPHP 1.5 20181221. It allows full p ...)
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20565
+CVE-2018-20565 (An issue was discovered in DouCo DouPHP 1.5 20181221. admin/nav.php?re ...)
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20564
+CVE-2018-20564 (An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product_ca ...)
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20563
+CVE-2018-20563 (An issue was discovered in DouCo DouPHP 1.5 20181221. admin/mobile.php ...)
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20562
+CVE-2018-20562 (An issue was discovered in DouCo DouPHP 1.5 20181221. admin/article_ca ...)
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20561
+CVE-2018-20561 (An issue was discovered in DouCo DouPHP 1.5 20181221. admin/article.ph ...)
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20560
+CVE-2018-20560 (An issue was discovered in DouCo DouPHP 1.5 20181221. admin/show.php?r ...)
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20559
+CVE-2018-20559 (An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product.ph ...)
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20558
+CVE-2018-20558 (An issue was discovered in DouCo DouPHP 1.5 20181221. admin/system.php ...)
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20557
+CVE-2018-20557 (An issue was discovered in DouCo DouPHP 1.5 20181221. admin/page.php?r ...)
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20556
+CVE-2018-20556 (SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordP ...)
 	TODO: check
-CVE-2018-20555
+CVE-2018-20555 (The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress all ...)
 	TODO: check
 CVE-2018-20554
 	RESERVED
-CVE-2018-20553
+CVE-2018-20553 (Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len  ...)
 	- tcpreplay 4.3.1-1 (low; bug #917574)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (not used by any sponsor, hard to exploit)
 	NOTE: https://github.com/appneta/tcpreplay/issues/530
 	NOTE: https://github.com/appneta/tcpreplay/pull/532/commits/6b830a1640ca20528032c89a4fdd8291a4d2d8b2
-CVE-2018-20552
+CVE-2018-20552 (Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tre ...)
 	- tcpreplay 4.3.1-1 (low; bug #917574)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (not used by any sponsor, hard to exploit)
@@ -792,7 +792,7 @@ CVE-2018-1000892
 	RESERVED
 CVE-2018-1000891
 	RESERVED
-CVE-2018-20551
+CVE-2018-20551 (A reachable Object::getString assertion in Poppler 0.72.0 allows attac ...)
 	- poppler <unfixed> (low; bug #917525)
 	[stretch] - poppler <ignored> (Minor issue)
 	[jessie] - poppler <not-affected> (vulnerable code is not present)
@@ -800,109 +800,109 @@ CVE-2018-20551
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/7f87dc10b6adccd6d1b977a28b064add254aa2da
 CVE-2018-20550
 	RESERVED
-CVE-2018-20549
+CVE-2018-20549 (There is an illegal WRITE memory access at caca/file.c (function caca_ ...)
 	{DLA-1631-1}
 	- libcaca <unfixed> (low; bug #917807)
 	[stretch] - libcaca <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652628
 	NOTE: https://github.com/cacalabs/libcaca/issues/41
 	NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592
-CVE-2018-20548
+CVE-2018-20548 (There is an illegal WRITE memory access at common-image.c (function lo ...)
 	- libcaca <unfixed> (unimportant; bug #917807)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652625
 	NOTE: https://github.com/cacalabs/libcaca/issues/40
 	NOTE: Upstream fix: https://github.com/cacalabs/libcaca/commit/f6c61faa26b3e150c3daf514589afa737f42f152
 	NOTE: https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592
 	NOTE: Debian binary packages built with the Imlib2 library
-CVE-2018-20547
+CVE-2018-20547 (There is an illegal READ memory access at caca/dither.c (function get_ ...)
 	{DLA-1631-1}
 	- libcaca <unfixed> (low; bug #917807)
 	[stretch] - libcaca <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652624
 	NOTE: https://github.com/cacalabs/libcaca/issues/39
 	NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/02a09ec9e5ed8981e7a810bfb6a0172dc24f0790
-CVE-2018-20546
+CVE-2018-20546 (There is an illegal READ memory access at caca/dither.c (function get_ ...)
 	{DLA-1631-1}
 	- libcaca <unfixed> (low; bug #917807)
 	[stretch] - libcaca <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652622
 	NOTE: https://github.com/cacalabs/libcaca/issues/38
 	NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/02a09ec9e5ed8981e7a810bfb6a0172dc24f0790
-CVE-2018-20545
+CVE-2018-20545 (There is an illegal WRITE memory access at common-image.c (function lo ...)
 	- libcaca <unfixed> (unimportant; bug #917807)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652621
 	NOTE: https://github.com/cacalabs/libcaca/issues/37
 	NOTE: Upstream fix: https://github.com/cacalabs/libcaca/commit/f6c61faa26b3e150c3daf514589afa737f42f152
 	NOTE: https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592
 	NOTE: Debian binary packages built with the Imlib2 library
-CVE-2018-20544
+CVE-2018-20544 (There is floating point exception at caca/dither.c (function caca_dith ...)
 	{DLA-1631-1}
 	- libcaca <unfixed> (low; bug #917807)
 	[stretch] - libcaca <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652627
 	NOTE: https://github.com/cacalabs/libcaca/issues/36
 	NOTE: Upstream fix: https://github.com/cacalabs/libcaca/commit/84bd155087b93ab2d8d7cb5b1ac94ecd4cf4f93c
-CVE-2018-20543
+CVE-2018-20543 (There is an attempted excessive memory allocation at libxsmm_sparse_cs ...)
 	- libxsmm <unfixed> (bug #917573)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652634
-CVE-2018-20542
+CVE-2018-20542 (There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c ...)
 	- libxsmm <unfixed> (bug #917526)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652633
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652635
 	NOTE: https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d
 	NOTE: https://github.com/hfp/libxsmm/issues/287
-CVE-2018-20541
+CVE-2018-20541 (There is a heap-based buffer overflow in libxsmm_sparse_csc_reader at  ...)
 	- libxsmm <unfixed> (bug #917526)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652632
 	NOTE: https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d
 	NOTE: https://github.com/hfp/libxsmm/issues/287
-CVE-2018-20540
+CVE-2018-20540 (There is memory leak at liblas::Open (liblas/liblas.hpp) in libLAS 1.8 ...)
 	- liblas 1.8.1-10 (bug #922459)
 	[stretch] - liblas <no-dsa> (Minor issue)
 	[jessie] - liblas <no-dsa> (Minor issue)
 	NOTE: https://github.com/libLAS/libLAS/issues/158
 	NOTE: https://github.com/libLAS/libLAS/commit/ba7346d349fb00b18d0c12e226ac3090eac25d7b
-CVE-2018-20539
+CVE-2018-20539 (There is a Segmentation fault triggered by illegal address access at l ...)
 	- liblas <unfixed> (low; bug #924614)
 	[buster] - liblas <no-dsa> (Minor issue)
 	[stretch] - liblas <no-dsa> (Minor issue)
 	[jessie] - liblas <no-dsa> (Minor issue)
 	NOTE: https://github.com/libLAS/libLAS/issues/159
-CVE-2018-20538
+CVE-2018-20538 (There is a use-after-free at asm/preproc.c (function pp_getline) in Ne ...)
 	- nasm <unfixed> (bug #918269)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392531
-CVE-2018-20537
+CVE-2018-20537 (There is a NULL pointer dereference at liblas::SpatialReference::GetGT ...)
 	- liblas <unfixed> (low; bug #924614)
 	[buster] - liblas <no-dsa> (Minor issue)
 	[stretch] - liblas <no-dsa> (Minor issue)
 	[jessie] - liblas <no-dsa> (Minor issue)
 	NOTE: https://github.com/libLAS/libLAS/issues/160
-CVE-2018-20536
+CVE-2018-20536 (There is a heap-based buffer over-read at liblas::SpatialReference::Ge ...)
 	- liblas <unfixed> (low; bug #924614)
 	[buster] - liblas <no-dsa> (Minor issue)
 	[stretch] - liblas <no-dsa> (Minor issue)
 	[jessie] - liblas <no-dsa> (Minor issue)
 	NOTE: https://github.com/libLAS/libLAS/issues/161
-CVE-2018-20535
+CVE-2018-20535 (There is a use-after-free at asm/preproc.c (function pp_getline) in Ne ...)
 	- nasm <unfixed> (bug #918270)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392530
-CVE-2018-20534
+CVE-2018-20534 (There is an illegal address access at src/pool.h (function pool_whatpr ...)
 	- libsolv <unfixed> (low; bug #923002)
 	[stretch] - libsolv <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652604
 	NOTE: https://github.com/openSUSE/libsolv/pull/291
 	NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e
-CVE-2018-20533
+CVE-2018-20533 (There is a NULL pointer dereference at ext/testcase.c (function testca ...)
 	- libsolv <unfixed> (low; bug #923002)
 	[stretch] - libsolv <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652599
 	NOTE: https://github.com/openSUSE/libsolv/pull/291
 	NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e
-CVE-2018-20532
+CVE-2018-20532 (There is a NULL pointer dereference at ext/testcase.c (function testca ...)
 	- libsolv <unfixed> (low; bug #923002)
 	[stretch] - libsolv <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652605
@@ -910,19 +910,19 @@ CVE-2018-20532
 	NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e
 CVE-2018-20531
 	RESERVED
-CVE-2018-20530
+CVE-2018-20530 (PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile fie ...)
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
 CVE-2018-20529
 	RESERVED
-CVE-2018-20528
+CVE-2018-20528 (JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter ...)
 	NOT-FOR-US: JEECMS
 CVE-2018-20527
 	RESERVED
-CVE-2018-20526
+CVE-2018-20526 (Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php. ...)
 	TODO: check
-CVE-2018-20525
+CVE-2018-20525 (Roxy Fileman 1.4.5 allows Directory Traversal in copydir.php, copyfile ...)
 	TODO: check
-CVE-2018-20524
+CVE-2018-20524 (The Chat Anywhere extension 2.4.0 for Chrome allows XSS via crafted us ...)
 	NOT-FOR-US: Chat Anywhere Chrome extension
 CVE-2018-20523
 	RESERVED
@@ -930,9 +930,9 @@ CVE-2018-20522
 	RESERVED
 CVE-2018-20521
 	RESERVED
-CVE-2018-20520
+CVE-2018-20520 (MiniCMS V1.10 has XSS via the mc-admin/post-edit.php query string, a r ...)
 	NOT-FOR-US: MiniCMS
-CVE-2018-20519
+CVE-2018-20519 (An issue was discovered in 74cms v4.2.111. It allows remote authentica ...)
 	NOT-FOR-US: 74cms
 CVE-2018-20518
 	RESERVED
@@ -946,27 +946,27 @@ CVE-2018-20514
 	RESERVED
 CVE-2018-20513
 	RESERVED
-CVE-2018-20512
+CVE-2018-20512 (EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privi ...)
 	NOT-FOR-US: EPON CPE-WiFi devices
 CVE-2018-20510
 	RESERVED
 CVE-2018-20509
 	RESERVED
-CVE-2018-20508
+CVE-2018-20508 (CrashFix 1.0.4 has SQL Injection via the User[status] parameter. This  ...)
 	NOT-FOR-US: CrashFix
-CVE-2018-1000890
+CVE-2018-1000890 (FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulner ...)
 	- frontaccounting <removed>
-CVE-2018-1000889
+CVE-2018-1000889 (Logisim Evolution version 2.14.3 and earlier contains an XML External  ...)
 	NOT-FOR-US: Logisim Evolution
-CVE-2018-1000888
+CVE-2018-1000888 (PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 ...)
 	{DSA-4378-1 DLA-1674-1}
 	- php-pear 1:1.10.6+submodules+notgz-1.1 (bug #919147)
 	- php5 <removed>
 	NOTE: https://pear.php.net/bugs/bug.php?id=23782
 	NOTE: https://github.com/pear/Archive_Tar/commit/59ace120ac5ceb5f0d36e40e48e1884de1badf76
-CVE-2018-1000887
+CVE-2018-1000887 (Peel shopping peel-shopping_9_1_0 version contains a Cross Site Script ...)
 	NOT-FOR-US: Peel shopping
-CVE-2018-20511
+CVE-2018-20511 (An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ ...)
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.130-1
 	NOTE: Fixed by: https://git.kernel.org/linus/9824dfae5741275473a23a7ed5756c7b6efacc9d (4.19-rc5)
@@ -982,7 +982,7 @@ CVE-2018-20504
 	RESERVED
 CVE-2018-20503
 	RESERVED
-CVE-2018-20502
+CVE-2018-20502 (An issue was discovered in Bento4 1.5.1-627. There is an attempt at ex ...)
 	NOT-FOR-US: Bento4
 CVE-2018-20501 [Missing authorization control merge requests]
 	RESERVED
@@ -1042,13 +1042,13 @@ CVE-2018-20488 [Secret CI variable exposure]
 	NOTE: https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/
 CVE-2018-20487
 	RESERVED
-CVE-2018-20486
+CVE-2018-20486 (MetInfo 6.x through 6.1.3 has XSS via the /admin/login/login_check.php ...)
 	NOT-FOR-US: MetInfo
-CVE-2018-20485
+CVE-2018-20485 (Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in  ...)
 	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
-CVE-2018-20484
+CVE-2018-20484 (Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in  ...)
 	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
-CVE-2018-20483
+CVE-2018-20483 (set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's ...)
 	- wget 1.20.1-1 (bug #917375)
 	[stretch] - wget <not-affected> (Vulnerable code introduced in 1.19)
 	[jessie] - wget <not-affected> (Vulnerable code introduced in 1.19)
@@ -1056,7 +1056,7 @@ CVE-2018-20483
 	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=3cdfb594cf75f11cdbb9702ac5e856c332ccacfa
 	NOTE: Don't use extended attributes by default: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=c125d24762962d91050d925fbbd9e6f30b2302f8
 	NOTE: Introduced by: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=a933bdd31eee9c956a3b5cc142f004ef1fa94cb3 (v1.19)
-CVE-2018-20482
+CVE-2018-20482 (GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage ...)
 	{DLA-1623-1}
 	- tar 1.30+dfsg-3.1 (bug #917377)
 	[stretch] - tar <no-dsa> (Minor issue)
@@ -1065,21 +1065,21 @@ CVE-2018-20482
 	NOTE: https://twitter.com/thatcks/status/1076166645708668928
 	NOTE: https://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html
 	NOTE: Fixed by https://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42c
-CVE-2018-20481
+CVE-2018-20481 (XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRe ...)
 	{DLA-1706-1}
 	- poppler <unfixed> (low; bug #917325)
 	[stretch] - poppler <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/692
 	NOTE: Proposed fix: https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143
-CVE-2018-20480
+CVE-2018-20480 (An issue was discovered in S-CMS 1.0. It allows SQL Injection via the  ...)
 	NOT-FOR-US: S-CMS
-CVE-2018-20479
+CVE-2018-20479 (An issue was discovered in S-CMS 1.0. It allows SQL Injection via the  ...)
 	NOT-FOR-US: S-CMS
-CVE-2018-20478
+CVE-2018-20478 (An issue was discovered in S-CMS 1.0. It allows reading certain files, ...)
 	NOT-FOR-US: S-CMS
-CVE-2018-20477
+CVE-2018-20477 (An issue was discovered in S-CMS 3.0. It allows SQL Injection via the  ...)
 	NOT-FOR-US: S-CMS
-CVE-2018-20476
+CVE-2018-20476 (An issue was discovered in S-CMS 3.0. It allows XSS via the admin/demo ...)
 	NOT-FOR-US: S-CMS
 CVE-2018-20475
 	RESERVED
@@ -1097,7 +1097,7 @@ CVE-2018-20469
 	RESERVED
 CVE-2018-20468
 	RESERVED
-CVE-2018-20467
+CVE-2018-20467 (In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can resu ...)
 	- imagemagick 8:6.9.10.23+dfsg-1 (low; bug #917326)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -1106,149 +1106,149 @@ CVE-2018-20467
 	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/4dd53a3f790147aaf18b2dd4d15f2a19f9432d3f
 CVE-2018-20466
 	RESERVED
-CVE-2018-20465
+CVE-2018-20465 (Craft CMS through 3.0.34 allows remote authenticated administrators to ...)
 	NOT-FOR-US: Craft CMS
-CVE-2018-20464
+CVE-2018-20464 (There is a reflected XSS vulnerability in the CMS Made Simple 2.2.8 ad ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-20463
+CVE-2018-20463 (An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. The ...)
 	NOT-FOR-US: JSmol2WP plugin for WordPress
-CVE-2018-20462
+CVE-2018-20462 (An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. A c ...)
 	NOT-FOR-US: JSmol2WP plugin for WordPress
-CVE-2018-20461
+CVE-2018-20461 (In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c all ...)
 	- radare2 3.1.2+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/a1bc65c3db593530775823d6d7506a457ed95267
 	NOTE: https://github.com/radare/radare2/issues/12375
-CVE-2018-20460
+CVE-2018-20460 (In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch ...)
 	- radare2 3.1.2+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/df167c7db545953bb7f71c72e98e7a3ca0c793bf
 	NOTE: https://github.com/radare/radare2/issues/12376
-CVE-2018-20459
+CVE-2018-20459 (In radare2 through 3.1.3, the armass_assemble function in libr/asm/arc ...)
 	- radare2 3.2.1+dfsg-1 (low; bug #917322)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/e5c14c167b0dcf0a53d76bd50bacbbcc0dfc1ae7
 	NOTE: https://github.com/radare/radare2/issues/12418
-CVE-2018-20458
+CVE-2018-20458 (In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/ ...)
 	- radare2 3.1.2+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/30f4c7b52a4e2dc0d0b1bae487d90f5437c69d19
 	NOTE: https://github.com/radare/radare2/issues/12374
-CVE-2018-20457
+CVE-2018-20457 (In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_ ...)
 	- radare2 3.2.1+dfsg-1 (low; bug #917322)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/e5c14c167b0dcf0a53d76bd50bacbbcc0dfc1ae7
 	NOTE: https://github.com/radare/radare2/issues/12417
-CVE-2018-20456
+CVE-2018-20456 (In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p ...)
 	- radare2 3.1.2+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/9b46d38dd3c4de6048a488b655c7319f845af185
 	NOTE: https://github.com/radare/radare2/issues/12372
-CVE-2018-20455
+CVE-2018-20455 (In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p ...)
 	- radare2 3.1.2+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/9b46d38dd3c4de6048a488b655c7319f845af185
 	NOTE: https://github.com/radare/radare2/issues/12373
-CVE-2018-20454
+CVE-2018-20454 (An issue was discovered in 74cms v4.2.111. upload/index.php?c=resume&a ...)
 	NOT-FOR-US: 74cms
-CVE-2018-20453
+CVE-2018-20453 (The getlong function in numutils.c in libdoc through 2017-10-23 has a  ...)
 	- catdoc <unfixed> (unimportant; bug #919526)
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-20452
+CVE-2018-20452 (The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid fr ...)
 	- r-cran-readxl 1.2.0.9000-1 (bug #919324)
 	[stretch] - r-cran-readxl 0.1.1-1+deb9u2
 	NOTE: https://github.com/evanmiller/libxls/issues/35
-CVE-2018-20451
+CVE-2018-20451 (The process_file function in reader.c in libdoc through 2017-10-23 has ...)
 	- catdoc <unfixed> (unimportant; bug #919526)
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-20450
+CVE-2018-20450 (The read_MSAT function in ole.c in libxls 1.4.0 has a double free that ...)
 	- r-cran-readxl 1.2.0.9000-1 (bug #919324)
 	[stretch] - r-cran-readxl 0.1.1-1+deb9u2
 	NOTE: https://github.com/evanmiller/libxls/issues/34
 CVE-2018-20449
 	RESERVED
-CVE-2018-20448
+CVE-2018-20448 (Frog CMS 0.9.5 has XSS via the Database name field to the /install/ind ...)
 	NOT-FOR-US: Frog CMS
 CVE-2018-20447
 	RESERVED
 CVE-2018-20446
 	RESERVED
-CVE-2018-20445
+CVE-2018-20445 (D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_ ...)
 	NOT-FOR-US: D-Link
-CVE-2018-20444
+CVE-2018-20444 (Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU dev ...)
 	NOT-FOR-US: Technicolor
-CVE-2018-20443
+CVE-2018-20443 (Technicolor TC7200.d1I TC7200.d1IE-N23E-c7000r5712-170406-HAT devices  ...)
 	NOT-FOR-US: Technicolor
-CVE-2018-20442
+CVE-2018-20442 (Technicolor TC7110.B STC8.62.02 devices allow remote attackers to disc ...)
 	NOT-FOR-US: Technicolor
-CVE-2018-20441
+CVE-2018-20441 (Technicolor TC7200.TH2v2 SC05.00.22 devices allow remote attackers to  ...)
 	NOT-FOR-US: Technicolor
-CVE-2018-20440
+CVE-2018-20440 (Technicolor CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC devices allow  ...)
 	NOT-FOR-US: Technicolor
-CVE-2018-20439
+CVE-2018-20439 (Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a devices ...)
 	NOT-FOR-US: Technicolor
-CVE-2018-20438
+CVE-2018-20438 (Technicolor TC7110.AR STD3.38.03 devices allow remote attackers to dis ...)
 	NOT-FOR-US: Technicolor
-CVE-2018-20437
+CVE-2018-20437 (** DISPUTED ** An issue was discovered in the fileDownload function in ...)
 	NOT-FOR-US: FEBS-Shiro
-CVE-2018-20436
+CVE-2018-20436 (** DISPUTED ** The "secret chat" feature in Telegram 4.9.1 for Android ...)
 	NOT-FOR-US: Telegram for Android
 CVE-2018-20435
 	RESERVED
 CVE-2018-20434
 	RESERVED
-CVE-2018-20433
+CVE-2018-20433 (c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mcha ...)
 	{DLA-1621-1}
 	- c3p0 0.9.1.2-10 (bug #917257)
 	[stretch] - c3p0 0.9.1.2-9+deb9u1
 	NOTE: https://github.com/zhutougg/c3p0/commit/2eb0ea97f745740b18dd45e4a909112d4685f87b
 CVE-2018-20432
 	RESERVED
-CVE-2018-20431
+CVE-2018-20431 (GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerabil ...)
 	{DSA-4361-1 DLA-1616-1}
 	- libextractor 1:1.8-2 (bug #917213)
 	NOTE: https://gnunet.org/bugs/view.php?id=5494
 	NOTE: https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7
-CVE-2018-20430
+CVE-2018-20430 (GNU Libextractor through 1.8 has an out-of-bounds read vulnerability i ...)
 	{DSA-4361-1 DLA-1616-1}
 	- libextractor 1:1.8-2 (bug #917214)
 	NOTE: https://gnunet.org/bugs/view.php?id=5493
 	NOTE: https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110
-CVE-2018-20429
+CVE-2018-20429 (libming 0.4.8 has a NULL pointer dereference in the getName function o ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/160
-CVE-2018-20428
+CVE-2018-20428 (libming 0.4.8 has a NULL pointer dereference in the strlenext function ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/161
-CVE-2018-20427
+CVE-2018-20427 (libming 0.4.8 has a NULL pointer dereference in the getInt function of ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/164
-CVE-2018-20426
+CVE-2018-20426 (libming 0.4.8 has a NULL pointer dereference in the newVar3 function o ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/162
-CVE-2018-20425
+CVE-2018-20425 (libming 0.4.8 has a NULL pointer dereference in the pushdup function o ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/163
-CVE-2018-20424
+CVE-2018-20424 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attac ...)
 	NOT-FOR-US: DiscuzX
-CVE-2018-20423
+CVE-2018-20423 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attac ...)
 	NOT-FOR-US: DiscuzX
-CVE-2018-20422
+CVE-2018-20422 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attac ...)
 	NOT-FOR-US: DiscuzX
-CVE-2018-20421
+CVE-2018-20421 (Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of se ...)
 	NOT-FOR-US: Go Ethereum
-CVE-2018-20420
+CVE-2018-20420 (In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access C ...)
 	NOT-FOR-US: webERP
-CVE-2018-20419
+CVE-2018-20419 (DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF to add a ...)
 	NOT-FOR-US: DouCo DouPHP
-CVE-2018-20418
+CVE-2018-20418 (index.php?p=admin/actions/entries/save-entry in Craft CMS 3.0.25 allow ...)
 	NOT-FOR-US: Craft CMS
 CVE-2018-20417
 	RESERVED
@@ -1264,15 +1264,15 @@ CVE-2018-20412
 	RESERVED
 CVE-2018-20411
 	RESERVED
-CVE-2018-20410
+CVE-2018-20410 (WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer ov ...)
 	NOT-FOR-US: WellinTech KingSCADA
-CVE-2018-20409
+CVE-2018-20409 (An issue was discovered in Bento4 1.5.1-627. There is a heap-based buf ...)
 	NOT-FOR-US: Bento4
-CVE-2018-20408
+CVE-2018-20408 (An issue was discovered in Bento4 1.5.1-627. There is a memory leak in ...)
 	NOT-FOR-US: Bento4
-CVE-2018-20407
+CVE-2018-20407 (An issue was discovered in Bento4 1.5.1-627. There is a memory leak in ...)
 	NOT-FOR-US: Bento4
-CVE-2018-20406
+CVE-2018-20406 (Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a ...)
 	{DLA-1663-1}
 	- python3.7 3.7.0-7
 	- python3.6 3.6.7~rc1-1
@@ -1283,93 +1283,93 @@ CVE-2018-20406
 	NOTE: https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd (master)
 	NOTE: https://github.com/python/cpython/commit/ef4306b24c9034d6b37bb034e2ebe82e745d4b77 (3.7)
 	NOTE: https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc (3.6)
-CVE-2018-20405
+CVE-2018-20405 (BigTree 4.3 allows full path disclosure via authenticated admin/news/  ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2018-20404
+CVE-2018-20404 (ETK_E900.sys, a SmartETK driver for VIA Technologies EPIA-E900 system  ...)
 	NOT-FOR-US: ETK_E900.sys (SmartETK driver for VIA Technologies EPIA-E900 system board)
 CVE-2018-20403
 	RESERVED
-CVE-2018-20402
+CVE-2018-20402 (Safe Software FME Server through 2018.1 creates and enables three addi ...)
 	NOT-FOR-US: Safe Software FME Server
-CVE-2018-20401
+CVE-2018-20401 (Zoom 5352 v5.5.8.6Y devices allow remote attackers to discover credent ...)
 	NOT-FOR-US: Zoom 5352 v5.5.8.6Y devices
-CVE-2018-20400
+CVE-2018-20400 (Ubee DVW2108 6.28.1017 and DVW2110 6.28.2012 devices allow remote atta ...)
 	NOT-FOR-US: Ubee devices
-CVE-2018-20399
+CVE-2018-20399 (Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH, SBG941 SBG941-2.11.0.0 ...)
 	NOT-FOR-US: Motorola
-CVE-2018-20398
+CVE-2018-20398 (Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100 ...)
 	NOT-FOR-US: Skyworth devices
-CVE-2018-20397
+CVE-2018-20397 (mplus CBC383Z CBC383Z_mplus_MDr026 devices allow remote attackers to d ...)
 	NOT-FOR-US: mplus devices
-CVE-2018-20396
+CVE-2018-20396 (NET&amp;SYS MNG2120J 5.76.1006c and MNG6300 5.83.6305jrc2 devices allo ...)
 	NOT-FOR-US: NET&SYS devices
-CVE-2018-20395
+CVE-2018-20395 (NETWAVE MNG6200 C4835805jrc12FU121413.cpr devices allow remote attacke ...)
 	NOT-FOR-US: NETWAVE devices
-CVE-2018-20394
+CVE-2018-20394 (Thomson DWG849 STC0.01.16, DWG850-4 ST9C.05.25, DWG855 ST80.20.26, and ...)
 	NOT-FOR-US: Thomson devices
-CVE-2018-20393
+CVE-2018-20393 (Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU, CW ...)
 	NOT-FOR-US: Technicolor devices
-CVE-2018-20392
+CVE-2018-20392 (S-A WebSTAR DPC2100 v2.0.2r1256-060303 devices allow remote attackers  ...)
 	NOT-FOR-US: S-A WebSTAR devices
-CVE-2018-20391
+CVE-2018-20391 (TEKNOTEL CBW700N 81.447.392110.729.024 devices allow remote attackers  ...)
 	NOT-FOR-US: TEKNOTEL devices
-CVE-2018-20390
+CVE-2018-20390 (Kaonmedia CG2001-AN22A 1.2.1, CG2001-UDBNA 3.0.8, and CG2001-UN2NA 3.0 ...)
 	NOT-FOR-US: Kaonmedia devices
-CVE-2018-20389
+CVE-2018-20389 (D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_ ...)
 	NOT-FOR-US: D-Link
-CVE-2018-20388
+CVE-2018-20388 (Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005 devices all ...)
 	NOT-FOR-US: Comtrend devices
-CVE-2018-20387
+CVE-2018-20387 (Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16 devices al ...)
 	NOT-FOR-US: Bnmux devices
-CVE-2018-20386
+CVE-2018-20386 (ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote ...)
 	NOT-FOR-US: ARRIS devices
-CVE-2018-20385
+CVE-2018-20385 (CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT 125.553m ...)
 	NOT-FOR-US: CastleNet devices
-CVE-2018-20384
+CVE-2018-20384 (iNovo Broadband IB-8120-W21 139.4410mp1.004200.002 and IB-8120-W21E1 1 ...)
 	NOT-FOR-US: iNovo devices
-CVE-2018-20383
+CVE-2018-20383 (ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote at ...)
 	NOT-FOR-US: ARRIS devices
-CVE-2018-20382
+CVE-2018-20382 (Jiuzhou BCM93383WRG 139.4410mp1.3921132mp1.899.004404.004 devices allo ...)
 	NOT-FOR-US: Jiuzhou devices
-CVE-2018-20381
+CVE-2018-20381 (Technicolor DPC2320 dpc2300r2-v202r1244101-150420a-v6 devices allow re ...)
 	NOT-FOR-US: Technicolor devices
-CVE-2018-20380
+CVE-2018-20380 (Ambit DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926 4.64.1012, and U ...)
 	NOT-FOR-US: Ambit devices
-CVE-2018-20379
+CVE-2018-20379 (Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices ...)
 	NOT-FOR-US: Technicolor devices
 CVE-2018-20378
 	RESERVED
-CVE-2018-20377
+CVE-2018-20377 (Orange Livebox 00.96.320S devices allow remote attackers to discover W ...)
 	NOT-FOR-US: Orange Livebox
-CVE-2018-20376
+CVE-2018-20376 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
 	- tcc <unfixed> (unimportant)
 	NOTE: Negligible security impact
 	NOTE: https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00013.html
-CVE-2018-20375
+CVE-2018-20375 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
 	- tcc <unfixed> (unimportant)
 	NOTE: Negligible security impact
 	NOTE: https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00014.html
-CVE-2018-20374
+CVE-2018-20374 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
 	- tcc <unfixed> (unimportant)
 	NOTE: Negligible security impact
 	NOTE: https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00015.html
-CVE-2018-20373
+CVE-2018-20373 (Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP cl ...)
 	NOT-FOR-US: Tenda ADSL modem routers
-CVE-2018-20372
+CVE-2018-20372 (TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP client ...)
 	NOT-FOR-US: TP-Link TD-W8961ND devices
-CVE-2018-20371
+CVE-2018-20371 (PhotoRange Photo Vault 1.2 appends the password to the URI for authori ...)
 	NOT-FOR-US: PhotoRange Photo Vault
-CVE-2018-20370
+CVE-2018-20370 (SZ NetChat before 7.9 has XSS in the MyName input field of the Options ...)
 	NOT-FOR-US: SZ NetChat
-CVE-2018-20369
+CVE-2018-20369 (Barracuda Message Archiver 2018 has XSS in the error_msg exception-han ...)
 	NOT-FOR-US: Barracuda
-CVE-2018-20368
+CVE-2018-20368 (The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the ...)
 	NOT-FOR-US: Master Slider plugin for WordPress
-CVE-2018-20367
+CVE-2018-20367 (The "mall some commodity details: commodity consultation" component in ...)
 	NOT-FOR-US: WSTMart
 CVE-2018-20366
 	RESERVED
-CVE-2018-20365
+CVE-2018-20365 (LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow ...)
 	- libraw 0.19.2-2 (bug #917111)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <not-affected> (Vulnerable code not present)
@@ -1377,7 +1377,7 @@ CVE-2018-20365
 	NOTE: Fixed by: https://github.com/LibRaw/LibRaw/commit/7e29b9f29449fde30cc878fbb137d61c14bba3a4
 	NOTE: Additionally needed: https://github.com/LibRaw/LibRaw/commit/a7c17cb6bbec1e79f058d84511f9c3b142cbdfa7
 	NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause
-CVE-2018-20364
+CVE-2018-20364 (LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL point ...)
 	- libraw 0.19.2-2 (bug #917112)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <not-affected> (Vulnerable code not present)
@@ -1385,7 +1385,7 @@ CVE-2018-20364
 	NOTE: Fixed by: https://github.com/LibRaw/LibRaw/commit/7e29b9f29449fde30cc878fbb137d61c14bba3a4
 	NOTE: Additionally needed: https://github.com/LibRaw/LibRaw/commit/a7c17cb6bbec1e79f058d84511f9c3b142cbdfa7
 	NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause
-CVE-2018-20363
+CVE-2018-20363 (LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointe ...)
 	- libraw 0.19.2-2 (bug #917113)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <not-affected> (Vulnerable code not present)
@@ -1393,32 +1393,32 @@ CVE-2018-20363
 	NOTE: Fixed by: https://github.com/LibRaw/LibRaw/commit/7e29b9f29449fde30cc878fbb137d61c14bba3a4
 	NOTE: Additionally needed: https://github.com/LibRaw/LibRaw/commit/a7c17cb6bbec1e79f058d84511f9c3b142cbdfa7
 	NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause
-CVE-2018-20362
+CVE-2018-20362 (A NULL pointer dereference was discovered in ifilter_bank of libfaad/f ...)
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/26
-CVE-2018-20361
+CVE-2018-20361 (An invalid memory address dereference was discovered in the hf_assembl ...)
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/30
-CVE-2018-20360
+CVE-2018-20360 (An invalid memory address dereference was discovered in the sbr_proces ...)
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/32
-CVE-2018-20359
+CVE-2018-20359 (An invalid memory address dereference was discovered in the sbrDecodeS ...)
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/29
-CVE-2018-20358
+CVE-2018-20358 (An invalid memory address dereference was discovered in the lt_predict ...)
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/31
-CVE-2018-20357
+CVE-2018-20357 (A NULL pointer dereference was discovered in sbr_process_channel of li ...)
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
@@ -1433,11 +1433,11 @@ CVE-2018-20353
 	RESERVED
 CVE-2018-20352
 	RESERVED
-CVE-2018-20351
+CVE-2018-20351 (The Markdown component in Evernote (Chinese) before 8.3.2 on macOS all ...)
 	NOT-FOR-US: Evernote
 CVE-2018-20350
 	RESERVED
-CVE-2018-20349
+CVE-2018-20349 (The igraph_i_strdiff function in igraph_trie.c in igraph through 0.7.1 ...)
 	- igraph 0.7.1-3 (bug #917211)
 	[stretch] - igraph <no-dsa> (Minor issue)
 	[jessie] - igraph <no-dsa> (Minor issue)
@@ -1445,34 +1445,34 @@ CVE-2018-20349
 	[stretch] - r-cran-igraph <no-dsa> (Minor issue)
 	NOTE: https://github.com/igraph/igraph/issues/1141
 	NOTE: Fixed by: https://github.com/igraph/igraph/commit/e3a9566e6463186230f215151b57b893df6d9ce2
-CVE-2018-20348
+CVE-2018-20348 (libpff_item_tree_create_node in libpff_item_tree.c in libpff before ex ...)
 	- libpff 20180714-1
 	[stretch] - libpff <no-dsa> (Minor issue)
 	[jessie] - libpff <no-dsa> (Minor issue)
 	NOTE: https://github.com/libyal/libpff/issues/48
 CVE-2018-20347
 	RESERVED
-CVE-2018-20345
+CVE-2018-20345 (Incorrect access control in StackStorm API (st2api) in StackStorm befo ...)
 	NOT-FOR-US: SlackStorm
 CVE-2018-20344
 	RESERVED
 CVE-2018-20343
 	RESERVED
-CVE-2018-20342
+CVE-2018-20342 (The Floureon IP Camera SP012 provides a root terminal on a UART serial ...)
 	NOT-FOR-US: Floureon IP Camera SP012
 CVE-2018-20341
 	RESERVED
-CVE-2018-20340 [buffer overflow]
+CVE-2018-20340 (Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which c ...)
 	{DSA-4389-1}
 	- libu2f-host 1.1.7-1 (bug #921726)
 	NOTE: https://www.yubico.com/support/security-advisories/ysa-2019-01/
 	NOTE: https://github.com/Yubico/libu2f-host/commit/f526546bb29f2ef704ae9850f0f4b41fea7b62a4
 	NOTE: https://github.com/Yubico/libu2f-host/commit/e77a109f8cf60d9eafdf005ab5c851d5f576c01e
-CVE-2018-20339
+CVE-2018-20339 (Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-20338
+CVE-2018-20338 (Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL inject ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-20337
+CVE-2018-20337 (There is a stack-based buffer overflow in the parse_makernote function ...)
 	- libraw 0.19.2-1 (bug #917080)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <not-affected> (Vulnerable code not present)
@@ -1485,29 +1485,29 @@ CVE-2018-20334
 	RESERVED
 CVE-2018-20333
 	RESERVED
-CVE-2018-20332
+CVE-2018-20332 (An issue has been discovered in the OpenWebif plugin through 1.2.4 for ...)
 	NOT-FOR-US: OpenWebif plugin
-CVE-2018-20331
+CVE-2018-20331 (Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ...)
 	NOT-FOR-US: Antiy AVL ATool
-CVE-2018-20330
+CVE-2018-20330 (The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflo ...)
 	- libjpeg-turbo <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/304
 	NOTE: Fixed by: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3d9c64e9f8aa1ee954d1d0bb3390fc894bb84da3
-CVE-2018-20329
+CVE-2018-20329 (Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsC ...)
 	NOT-FOR-US: Chamilo LMS
-CVE-2018-20328
+CVE-2018-20328 (Chamilo LMS version 1.11.8 contains XSS in main/social/group_view.php  ...)
 	NOT-FOR-US: Chamilo LMS
-CVE-2018-20327
+CVE-2018-20327 (Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin ...)
 	NOT-FOR-US: Chamilo LMS
-CVE-2018-20326
+CVE-2018-20326 (ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W ...)
 	NOT-FOR-US: ChinaMobile PLC Wireless Router
-CVE-2018-20325
+CVE-2018-20325 (There is a vulnerability in load() method in definitions/parser.py in  ...)
 	NOT-FOR-US: Danijar Hafner
 CVE-2018-20324
 	RESERVED
-CVE-2018-20323
+CVE-2018-20323 (www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition  ...)
 	TODO: check
-CVE-2018-20322
+CVE-2018-20322 (LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulner ...)
 	- limesurvey <itp> (bug #472802)
 CVE-2018-20321
 	RESERVED
@@ -1515,17 +1515,17 @@ CVE-2018-20320
 	RESERVED
 CVE-2018-20319
 	RESERVED
-CVE-2018-20318
+CVE-2018-20318 (An issue was discovered in weixin-java-tools v3.2.0. There is an XXE v ...)
 	NOT-FOR-US: weixin-java-tools
-CVE-2018-1000886
+CVE-2018-1000886 (nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability ...)
 	- nasm <unfixed> (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392514
 	NOTE: Crash in CLI, no security impact
-CVE-2018-1000885
+CVE-2018-1000885 (PHKP version including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b ...)
 	NOT-FOR-US: PHKP
-CVE-2018-1000884
+CVE-2018-1000884 (Vesta CP version Prior to commit f6f6f9cfbbf2979e301956d1c6ab5c4438682 ...)
 	NOT-FOR-US: Vesta CP
-CVE-2018-1000883
+CVE-2018-1000883 (Elixir Plug Plug version All contains a Header Injection vulnerability ...)
 	NOT-FOR-US: Elixir Plug, different from src:elixir-lang
 CVE-2018-20317
 	RESERVED
@@ -1547,11 +1547,11 @@ CVE-2018-20309
 	RESERVED
 CVE-2018-20308
 	RESERVED
-CVE-2018-1000882
+CVE-2018-1000882 (WeBid version up to current version 1.2.2 contains a Directory Travers ...)
 	NOT-FOR-US: WeBid Auction Script
-CVE-2018-1000881
+CVE-2018-1000881 (Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Impr ...)
 	NOT-FOR-US: Traccar Traccar Server
-CVE-2018-1000880
+CVE-2018-1000880 (libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onw ...)
 	{DSA-4360-1}
 	- libarchive 3.3.3-2 (bug #916960)
 	[jessie] - libarchive <not-affected> (Vulnerable code introduced later)
@@ -1559,7 +1559,7 @@ CVE-2018-1000880
 	NOTE: https://github.com/libarchive/libarchive/pull/1105
 	NOTE: Introduced by: https://github.com/libarchive/libarchive/commit/9693801580c0cf7c70e862d305270a16b52826a7
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/9c84b7426660c09c18cc349f6d70b5f8168b5680
-CVE-2018-1000879
+CVE-2018-1000879 (libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onw ...)
 	- libarchive 3.3.3-2 (bug #916962)
 	[stretch] - libarchive <not-affected> (Vulnerable code introduced later)
 	[jessie] - libarchive <not-affected> (Vulnerable code introduced later)
@@ -1567,58 +1567,58 @@ CVE-2018-1000879
 	NOTE: https://github.com/libarchive/libarchive/pull/1105
 	NOTE: Introduced in: https://github.com/libarchive/libarchive/commit/379867ecb330b3a952fb7bfa7bffb7bbd5547205 (3.3.0)
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175
-CVE-2018-1000878
+CVE-2018-1000878 (libarchive version commit 416694915449219d505531b1096384f3237dd6cc onw ...)
 	{DSA-4360-1 DLA-1612-1}
 	- libarchive 3.3.3-2 (bug #916963)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
 	NOTE: https://github.com/libarchive/libarchive/pull/1105
 	NOTE: Introduced after: https://github.com/libarchive/libarchive/commit/416694915449219d505531b1096384f3237dd6cc
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28
-CVE-2018-1000877
+CVE-2018-1000877 (libarchive version commit 416694915449219d505531b1096384f3237dd6cc onw ...)
 	{DSA-4360-1 DLA-1612-1}
 	- libarchive 3.3.3-2 (bug #916964)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
 	NOTE: https://github.com/libarchive/libarchive/pull/1105
 	NOTE: Introduced after: https://github.com/libarchive/libarchive/commit/416694915449219d505531b1096384f3237dd6cc
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/021efa522ad729ff0f5806c4ce53e4a6cc1daa31
-CVE-2018-1000876
+CVE-2018-1000876 (binutils version 2.32 and earlier contains a Integer Overflow vulnerab ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23994
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f
-CVE-2018-1000875
+CVE-2018-1000875 (Berkeley Open Infrastructure for Network Computing BOINC Server and We ...)
 	NOT-FOR-US: BOINC server (src:boinc only covers the client)
-CVE-2018-1000874
+CVE-2018-1000874 (PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Si ...)
 	NOT-FOR-US: cebe markdown parser (different from src:php-markdown)
-CVE-2018-1000873
+CVE-2018-1000873 (Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Inp ...)
 	NOT-FOR-US: Fasterxml Jackson Jackson-Modules-Java8 module
-CVE-2018-1000872
+CVE-2018-1000872 (OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399:  ...)
 	- python-pykmip 0.7.0-3 (low; bug #917030)
 	[stretch] - python-pykmip <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenKMIP/PyKMIP/commit/3a7b880bdf70d295ed8af3a5880bab65fa6b3932
 	NOTE: https://github.com/OpenKMIP/PyKMIP/issues/430
-CVE-2018-1000871
+CVE-2018-1000871 (HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL I ...)
 	- hoteldruid 2.3.0-2 (low; bug #917099)
 	[stretch] - hoteldruid <no-dsa> (Minor issue)
 	[jessie] - hoteldruid <no-dsa> (Minor issue)
 	NOTE: https://www.exploit-db.com/exploits/45976
-CVE-2018-1000870
+CVE-2018-1000870 (PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in / ...)
 	- phpipam <itp> (bug #731713)
 	NOTE: https://github.com/phpipam/phpipam/commit/552fbb0fc7ecb84bda4a131b4f290a3de9980040
 	NOTE: https://github.com/phpipam/phpipam/issues/2326
-CVE-2018-1000869
+CVE-2018-1000869 (phpIPAM version 1.3.2 contains a CWE-89 vulnerability in /app/admin/na ...)
 	- phpipam <itp> (bug #731713)
 	NOTE: https://github.com/phpipam/phpipam/commit/856b10ca85a24c04ed8651f4e13f867ec78a353d
 	NOTE: https://github.com/phpipam/phpipam/issues/2344
-CVE-2018-1000868
+CVE-2018-1000868 (WeBid version up to current version 1.2.2 contains a Cross Site Script ...)
 	NOT-FOR-US: WeBid Auction Script
-CVE-2018-1000867
+CVE-2018-1000867 (WeBid version up to current version 1.2.2 contains a SQL Injection vul ...)
 	NOT-FOR-US: WeBid Auction Script
-CVE-2018-1000860
+CVE-2018-1000860 (phpipam version 1.3.2 and earlier contains a Cross Site Scripting (XSS ...)
 	- phpipam <itp> (bug #731713)
 	NOTE: https://github.com/phpipam/phpipam/issues/2338
-CVE-2018-1000858
+CVE-2018-1000858 (GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CS ...)
 	- gnupg2 2.2.12-1
 	[stretch] - gnupg2 <no-dsa> (Minor issue)
 	[jessie] - gnupg2 <not-affected> (Vulnerable code was introduced later)
@@ -1629,132 +1629,132 @@ CVE-2018-1000858
 	NOTE: https://sektioneins.de/en/blog/18-11-23-gnupg-wkd.html
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=fa1b1eaa4241ff3f0634c8bdf8591cbc7c464144 (master)
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=4a4bb874f63741026bd26264c43bb32b1099f060 (2.2.12)
-CVE-2018-1000857
+CVE-2018-1000857 (log-user-session version 0.7 and earlier contains a Directory Traversa ...)
 	NOT-FOR-US: log-user-session
-CVE-2018-1000856
+CVE-2018-1000856 (DomainMOD version 4.09.03 and above. Also verified in the latest versi ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-1000855
+CVE-2018-1000855 (easymon version 1.4 and earlier contains a Cross Site Scripting (XSS)  ...)
 	NOT-FOR-US: easymon
-CVE-2018-1000854
+CVE-2018-1000854 (esigate.org esigate version 5.2 and earlier contains a CWE-74: Imprope ...)
 	NOT-FOR-US: esigate
-CVE-2018-1000852
+CVE-2018-1000852 (FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac ...)
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FreeRDP/FreeRDP/issues/4866
 	NOTE: https://github.com/FreeRDP/FreeRDP/pull/4871
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/baee520e3dd9be6511c45a14c5f5e77784de1471
-CVE-2018-1000851
+CVE-2018-1000851 (Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/ ...)
 	NOT-FOR-US: Copay Bitcoin Wallet
-CVE-2018-1000850
+CVE-2018-1000850 (Square Retrofit version versions from (including) 2.0 and 2.5.0 (exclu ...)
 	NOT-FOR-US: Square Retrofit
-CVE-2018-1000849
+CVE-2018-1000849 (Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 conta ...)
 	NOT-FOR-US: Alpine Linux
-CVE-2018-1000848
+CVE-2018-1000848 (Wampserver version prior to version 3.1.5 contains a Cross Site Script ...)
 	NOT-FOR-US: Wampserver
-CVE-2018-1000847
+CVE-2018-1000847 (FreshDNS version 1.0.3 and prior contains a Cross Site Scripting (XSS) ...)
 	NOT-FOR-US: FreshDNS
-CVE-2018-1000846
+CVE-2018-1000846 (FreshDNS version 1.0.3 and earlier contains a Cross ite Request Forger ...)
 	NOT-FOR-US: FreshDNS
 CVE-2018-1000845
 	REJECTED
-CVE-2018-1000844
+CVE-2018-1000844 (Square Open Source Retrofit version Prior to commit 4a693c5aeeef2be6c7 ...)
 	NOT-FOR-US: Square Retrofit
-CVE-2018-1000843
+CVE-2018-1000843 (Luigi version prior to version 2.8.0; after commit 53b52e12745075a8acc ...)
 	NOT-FOR-US: Luigi
-CVE-2018-1000842
+CVE-2018-1000842 (FatFreeCRM version &lt;=0.14.1, &gt;=0.15.0 &lt;=0.15.1, &gt;=0.16.0 & ...)
 	NOT-FOR-US: FatFreeCRM
-CVE-2018-1000841
+CVE-2018-1000841 (Zend.To version Prior to 5.15-1 contains a Cross Site Scripting (XSS)  ...)
 	NOT-FOR-US: Zend.To
-CVE-2018-1000840
+CVE-2018-1000840 (Processing Foundation Processing version 3.4 and earlier contains a XM ...)
 	NOT-FOR-US: Processing Foundation Processing
-CVE-2018-1000839
+CVE-2018-1000839 (LH-EHR version REL-2_0_0 contains a Arbitrary File Upload vulnerabilit ...)
 	NOT-FOR-US: LH-EHR
-CVE-2018-1000838
+CVE-2018-1000838 (autopsy version &lt;= 4.9.0 contains a XML External Entity (XXE) vulne ...)
 	- autopsy <not-affected> (The ancient version in Debian predates the Java rewrite)
-CVE-2018-1000837
+CVE-2018-1000837 (UML Designer version &lt;= 8.0.0 contains a XML External Entity (XXE)  ...)
 	NOT-FOR-US: UML designer
-CVE-2018-1000836
+CVE-2018-1000836 (bw-calendar-engine version &lt;= bw-calendar-engine-3.12.0 contains a  ...)
 	NOT-FOR-US: bw-calendar-engine
-CVE-2018-1000835
+CVE-2018-1000835 (KeePassDX version &lt;= 2.5.0.0beta17 contains a XML External Entity ( ...)
 	NOT-FOR-US: KeePassDX
-CVE-2018-1000834
+CVE-2018-1000834 (runelite version &lt;= runelite-parent-1.4.23 contains a XML External  ...)
 	NOT-FOR-US: runelite
-CVE-2018-1000833
+CVE-2018-1000833 (ZoneMinder version &lt;= 1.32.2 contains a Other/Unknown vulnerability ...)
 	[experimental] - zoneminder 1.32.3-1
 	- zoneminder 1.32.3-2 (bug #917024)
 	NOTE: https://0dd.zone/2018/10/28/zoneminder-Object-Injection-2/
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2272
 	NOTE: https://github.com/ZoneMinder/zoneminder/pull/2273
 	NOTE: https://github.com/ZoneMinder/zoneminder/commit/f790eacc92f687442ae24df7a48f54861a4518b3 (1.32.3)
-CVE-2018-1000832
+CVE-2018-1000832 (ZoneMinder version &lt;= 1.32.2 contains a Other/Unknown vulnerability ...)
 	[experimental] - zoneminder 1.32.3-1
 	- zoneminder 1.32.3-2 (bug #917024)
 	NOTE: https://0dd.zone/2018/10/28/zoneminder-Object-Injection/
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2271
 	NOTE: https://github.com/ZoneMinder/zoneminder/pull/2273
 	NOTE: https://github.com/ZoneMinder/zoneminder/commit/f790eacc92f687442ae24df7a48f54861a4518b3 (1.32.3)
-CVE-2018-1000831
+CVE-2018-1000831 (K9Mail version &lt;= v5.600 contains a XML External Entity (XXE) vulne ...)
 	NOT-FOR-US: K9Mail
-CVE-2018-1000830
+CVE-2018-1000830 (XR3Player version &lt;= V3.124 contains a XML External Entity (XXE) vu ...)
 	NOT-FOR-US: XR3Player
-CVE-2018-1000829
+CVE-2018-1000829 (Anyplace version before commit 80359b4 contains a XML External Entity  ...)
 	NOT-FOR-US: Anyplace navigation service
-CVE-2018-1000828
+CVE-2018-1000828 (FrostWire version &lt;= frostwire-desktop-6.7.4-build-272 contains a X ...)
 	NOT-FOR-US: FrostWire
-CVE-2018-1000827
+CVE-2018-1000827 (Ubilling version &lt;= 0.9.2 contains a Other/Unknown vulnerability in ...)
 	NOT-FOR-US: Ubilling
-CVE-2018-1000826
+CVE-2018-1000826 (Microweber version &lt;= 1.0.7 contains a Cross Site Scripting (XSS) v ...)
 	NOT-FOR-US: Microweber
-CVE-2018-1000825
+CVE-2018-1000825 (FreeCol version &lt;= nightly-2018-08-22 contains a XML External Entit ...)
 	- freecol <unfixed> (bug #917023; low)
 	[buster] - freecol <no-dsa> (Minor issue)
 	[stretch] - freecol <no-dsa> (Minor issue)
 	[jessie] - freecol <end-of-life> (Games are not supported)
 	NOTE: https://github.com/FreeCol/freecol/issues/26
-CVE-2018-1000824
+CVE-2018-1000824 (MegaMek version &lt; v0.45.1 contains a Other/Unknown vulnerability in ...)
 	NOT-FOR-US: MegaMek
-CVE-2018-1000823
+CVE-2018-1000823 (exist version &lt;= 5.0.0-RC4 contains a XML External Entity (XXE) vul ...)
 	NOT-FOR-US: eXist DB
-CVE-2018-1000822
+CVE-2018-1000822 (codelibs fess version before commit faa265b contains a XML External En ...)
 	NOT-FOR-US: codelibs fess
-CVE-2018-1000821
+CVE-2018-1000821 (MicroMathematics version before commit 5c05ac8 contains a XML External ...)
 	NOT-FOR-US: MicroMathematics
-CVE-2018-1000820
+CVE-2018-1000820 (neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c cont ...)
 	NOT-FOR-US: neo4j-apoc-procedures
-CVE-2018-1000817
+CVE-2018-1000817 (Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2. ...)
 	NOT-FOR-US: Asset Pipeline Grails Plugin
-CVE-2018-1000816
+CVE-2018-1000816 (Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Sc ...)
 	- grafana <removed>
 	NOTE: https://github.com/grafana/grafana/issues/13667
-CVE-2018-1000815
+CVE-2018-1000815 (Brave Software Inc. Brave version version 0.22.810 to 0.24.0 contains  ...)
 	NOT-FOR-US: Brave Software Inc. Brave
-CVE-2018-1000814
+CVE-2018-1000814 (aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Un ...)
 	NOT-FOR-US: aio-libs aiohttp-session
-CVE-2018-1000813
+CVE-2018-1000813 (Backdrop CMS version 1.11.0 and earlier contains a Cross Site Scriptin ...)
 	- backdrop <itp> (bug #914257)
-CVE-2018-1000812
+CVE-2018-1000812 (&amp;#xc1;rtica Soluciones Tecnol&amp;#xf3;gicas Integria IMS version  ...)
 	NOT-FOR-US: Integria IMS
-CVE-2018-1000811
+CVE-2018-1000811 (bludit version 3.0.0 contains a Unrestricted Upload of File with Dange ...)
 	NOT-FOR-US: bludit
-CVE-2018-20307
+CVE-2018-20307 (Pulse Secure Virtual Traffic Manager 9.9 versions prior to 9.9r2 and 1 ...)
 	NOT-FOR-US: Pulse Secure Virtual Traffic Manager
-CVE-2018-20306
+CVE-2018-20306 (A stored cross-site scripting (XSS) vulnerability in the web administr ...)
 	NOT-FOR-US: Pulse Secure Virtual Traffic Manager
-CVE-2018-20305
+CVE-2018-20305 (D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code executi ...)
 	NOT-FOR-US: D-Link
-CVE-2018-20304
+CVE-2018-20304 (wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows ...)
 	NOT-FOR-US: libexcel
-CVE-2018-20303
+CVE-2018-20303 (In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal ...)
 	NOT-FOR-US: Go Git Service
-CVE-2018-20302
+CVE-2018-20302 (An XSS issue was discovered in Steve Pallen Xain before 0.6.2 via the  ...)
 	NOT-FOR-US: Steve Pallen Xain
-CVE-2018-20301
+CVE-2018-20301 (An issue was discovered in Steve Pallen Coherence before 0.5.2 that is ...)
 	NOT-FOR-US: Steve Pallen Coherence
-CVE-2018-20300
+CVE-2018-20300 (Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code v ...)
 	NOT-FOR-US: Empire CMS
-CVE-2018-20299
+CVE-2018-20299 (An issue was discovered in several Bosch Smart Home cameras (360 degre ...)
 	NOT-FOR-US: Bosch Smart Home cameras
-CVE-2018-20298
+CVE-2018-20298 (S3 Browser before 8.1.5 contains an XML external entity (XXE) vulnerab ...)
 	NOT-FOR-US: S3 Browser
 CVE-2018-20297
 	RESERVED
@@ -1844,53 +1844,53 @@ CVE-2018-20255
 	RESERVED
 CVE-2018-20254
 	RESERVED
-CVE-2018-20253
+CVE-2018-20253 (In WinRAR versions prior to and including 5.60, There is an out-of-bou ...)
 	NOT-FOR-US: WinRAR
-CVE-2018-20252
+CVE-2018-20252 (In WinRAR versions prior to and including 5.60, there is an out-of-bou ...)
 	NOT-FOR-US: WinRAR
-CVE-2018-20251
+CVE-2018-20251 (In WinRAR versions prior to and including 5.61, there is path traversa ...)
 	NOT-FOR-US: WinRAR
-CVE-2018-20250
+CVE-2018-20250 (In WinRAR versions prior to and including 5.61, There is path traversa ...)
 	NOT-FOR-US: WinRAR
-CVE-2018-20249
+CVE-2018-20249 (In Foxit Quick PDF Library (all versions prior to 16.12), issue where  ...)
 	NOT-FOR-US: Foxit Quick PDF Library
-CVE-2018-20248
+CVE-2018-20248 (In Foxit Quick PDF Library (all versions prior to 16.12), issue where  ...)
 	NOT-FOR-US: Foxit Quick PDF Library
-CVE-2018-20247
+CVE-2018-20247 (In Foxit Quick PDF Library (all versions prior to 16.12), issue where  ...)
 	NOT-FOR-US: Foxit Quick PDF Library
 CVE-2018-20246
 	REJECTED
-CVE-2018-20245
+CVE-2018-20245 (The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior  ...)
 	- airflow <itp> (bug #819700)
-CVE-2018-20244
+CVE-2018-20244 (In Apache Airflow before 1.10.2, a malicious admin user could edit the ...)
 	- airflow <itp> (bug #819700)
 CVE-2018-20243
 	RESERVED
-CVE-2018-20242
+CVE-2018-20242 (A carefully crafted URL could trigger an XSS vulnerability on Apache J ...)
 	- jspwiki <removed>
-CVE-2018-20241
+CVE-2018-20241 (The Edit upload resource for a review in Atlassian Fisheye and Crucibl ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-20240
+CVE-2018-20240 (The administrative linker functionality in Atlassian Fisheye and Cruci ...)
 	NOT-FOR-US: Atlassian
 CVE-2018-20239
 	RESERVED
-CVE-2018-20238
+CVE-2018-20238 (Various rest resources in Atlassian Crowd before version 3.2.7 and fro ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-20237
+CVE-2018-20237 (Atlassian Confluence Server and Data Center before version 6.13.1 allo ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-20236
+CVE-2018-20236 (There was an command injection vulnerability in Sourcetree for Windows ...)
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-20235
+CVE-2018-20235 (There was an argument injection vulnerability in Atlassian Sourcetree  ...)
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-20234
+CVE-2018-20234 (There was an argument injection vulnerability in Atlassian Sourcetree  ...)
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-20233
+CVE-2018-20233 (The Upload add-on resource in Atlassian Universal Plugin Manager befor ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-20232
+CVE-2018-20232 (The labels widget gadget in Atlassian Jira before version 7.6.11 and f ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-20231
+CVE-2018-20231 (Cross Site Request Forgery (CSRF) in the two-factor-authentication plu ...)
 	NOT-FOR-US: two-factor-authentication plugin for WordPress
-CVE-2018-20230
+CVE-2018-20230 (An issue was discovered in PSPP 1.2.0. There is a heap-based buffer ov ...)
 	- pspp <unfixed> (bug #916902)
 	[stretch] - pspp <no-dsa> (Minor issue)
 	[jessie] - pspp <no-dsa> (Crash cannot be observed under normal conditions)
@@ -1900,11 +1900,11 @@ CVE-2018-20229
 	RESERVED
 	- gitlab 11.5.5+dfsg-1
 	NOTE: https://about.gitlab.com/2018/12/20/critical-security-release-gitlab-11-dot-5-dot-5-released/
-CVE-2018-20228
+CVE-2018-20228 (Subsonic V6.1.5 allows internetRadioSettings.view streamUrl CSRF, with ...)
 	NOT-FOR-US: Subsonic
-CVE-2018-20227
+CVE-2018-20227 (RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP ar ...)
 	NOT-FOR-US: RDF4J
-CVE-2018-20226
+CVE-2018-20226 (An organization administrator can add a super administrator in THEHIVE ...)
 	NOT-FOR-US: THEHIVE
 CVE-2018-20225
 	RESERVED
@@ -1914,21 +1914,21 @@ CVE-2018-20223
 	RESERVED
 CVE-2018-20222
 	RESERVED
-CVE-2018-20221
+CVE-2018-20221 (Secure/SAService.rem in Deltek Ajera Timesheets 9.10.16 and prior are  ...)
 	TODO: check
-CVE-2018-20220
+CVE-2018-20220 (An issue was discovered on Teracue ENC-400 devices with firmware 2.56  ...)
 	TODO: check
-CVE-2018-20219
+CVE-2018-20219 (An issue was discovered on Teracue ENC-400 devices with firmware 2.56  ...)
 	TODO: check
-CVE-2018-20218
+CVE-2018-20218 (An issue was discovered on Teracue ENC-400 devices with firmware 2.56  ...)
 	TODO: check
-CVE-2018-20217
+CVE-2018-20217 (A Reachable Assertion issue was discovered in the KDC in MIT Kerberos  ...)
 	{DLA-1643-1}
 	- krb5 1.16.2-1 (low; bug #917387)
 	[stretch] - krb5 <no-dsa> (Minor issue)
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763
 	NOTE: https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086
-CVE-2018-20216
+CVE-2018-20216 (QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c becaus ...)
 	- qemu <unfixed> (unimportant)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -1940,11 +1940,11 @@ CVE-2018-20215
 	RESERVED
 CVE-2018-20214
 	RESERVED
-CVE-2018-20213
+CVE-2018-20213 (wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows ...)
 	NOT-FOR-US: libexcel
-CVE-2018-20212
+CVE-2018-20212 (bin/statistics in TWiki 6.0.2 allows cross-site scripting (XSS) via th ...)
 	- twiki <removed>
-CVE-2018-20211
+CVE-2018-20211 (ExifTool 8.32 allows local users to gain privileges by creating a %TEM ...)
 	NOT-FOR-US: Report for a Windows-specific flaw in a vintage version of libimage-exiftool-perl
 CVE-2018-20210
 	RESERVED
@@ -1964,65 +1964,65 @@ CVE-2018-20203
 	RESERVED
 CVE-2018-20202
 	RESERVED
-CVE-2018-20201
+CVE-2018-20201 (There is a stack-based buffer over-read in the jsfNameFromString funct ...)
 	NOT-FOR-US: Espruino 2V00
 CVE-2018-20200
 	RESERVED
-CVE-2018-20199
+CVE-2018-20199 (A NULL pointer dereference was discovered in ifilter_bank of libfaad/f ...)
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/24
-CVE-2018-20198
+CVE-2018-20198 (A NULL pointer dereference was discovered in ifilter_bank of libfaad/f ...)
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/23
-CVE-2018-20197
+CVE-2018-20197 (There is a stack-based buffer underflow in the third instance of the c ...)
 	- faad2 <unfixed>
 	NOTE: https://github.com/knik0/faad2/issues/20
-CVE-2018-20196
+CVE-2018-20196 (There is a stack-based buffer overflow in the third instance of the ca ...)
 	- faad2 <unfixed>
 	NOTE: https://github.com/knik0/faad2/issues/19
-CVE-2018-20195
+CVE-2018-20195 (A NULL pointer dereference was discovered in ic_predict of libfaad/ic_ ...)
 	- faad2 <unfixed> (low)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/knik0/faad2/issues/25
-CVE-2018-20194
+CVE-2018-20194 (There is a stack-based buffer underflow in the third instance of the c ...)
 	- faad2 <unfixed>
 	NOTE: https://github.com/knik0/faad2/issues/21
-CVE-2018-20193
+CVE-2018-20193 (Certain Secure Access SA Series SSL VPN products (originally developed ...)
 	NOT-FOR-US: Juniper
 CVE-2018-20192
 	RESERVED
-CVE-2018-20191
+CVE-2018-20191 (hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation  ...)
 	- qemu <unfixed> (unimportant)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg03066.html
 	NOTE: PVRDMA support not enabled in the binary packages until 1:3.1+dfsg-3, disabled again in 1:3.1+dfsg-4
-CVE-2018-20190
+CVE-2018-20190 (In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eva ...)
 	- libsass <unfixed> (low)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2786
-CVE-2018-20189
+CVE-2018-20189 (In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c ha ...)
 	{DLA-1619-1}
 	- graphicsmagick 1.4~hg15873-1 (bug #916752)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e2b406589
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/585/
-CVE-2018-20188
+CVE-2018-20188 (FUEL CMS 1.4.3 has CSRF via users/create/ to add an administrator acco ...)
 	NOT-FOR-US: FUEL CMS
-CVE-2018-20187
+CVE-2018-20187 (A side-channel issue was discovered in Botan before 2.9.0. An attacker ...)
 	[experimental] - botan 2.9.0-1
 	- botan 2.9.0-2 (bug #918732)
 	- botan1.10 <not-affected> (Vulnerable code introduced in 1.11.20)
 	NOTE: https://github.com/randombit/botan/pull/1792
 	NOTE: https://github.com/randombit/botan/commit/70aa7303acfff9eefc24598c289a84db3579ebd1
-CVE-2018-20186
+CVE-2018-20186 (An issue was discovered in Bento4 1.5.1-627. AP4_Sample::ReadData in C ...)
 	NOT-FOR-US: Bento4
-CVE-2018-20185
+CVE-2018-20185 (In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there  ...)
 	{DLA-1619-1}
 	- graphicsmagick 1.4~hg15880-1 (bug #916719)
 	NOTE: Partial fix: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e3977a293
@@ -2031,7 +2031,7 @@ CVE-2018-20185
 	NOTE: complete: Cf. https://bugs.debian.org/916719#15
 	NOTE: Fix causes more issues: https://bugzilla.suse.com/show_bug.cgi?id=1119823#c1
 	NOTE: Followup: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/c38fc0e3e465
-CVE-2018-20184
+CVE-2018-20184 (In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buff ...)
 	{DLA-1619-1}
 	- graphicsmagick 1.4~hg15873-1 (bug #916721)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/15d1b5fd003b
@@ -2040,45 +2040,45 @@ CVE-2018-20184
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/583/
 CVE-2018-20183
 	RESERVED
-CVE-2018-20182
+CVE-2018-20182 (rdesktop versions up to and including v1.8.3 contain a Buffer Overflow ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20181
+CVE-2018-20181 (rdesktop versions up to and including v1.8.3 contain an Integer Underf ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20180
+CVE-2018-20180 (rdesktop versions up to and including v1.8.3 contain an Integer Underf ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20179
+CVE-2018-20179 (rdesktop versions up to and including v1.8.3 contain an Integer Underf ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20178
+CVE-2018-20178 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds  ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20177
+CVE-2018-20177 (rdesktop versions up to and including v1.8.3 contain an Integer Overfl ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20176
+CVE-2018-20176 (rdesktop versions up to and including v1.8.3 contain several Out-Of- B ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20175
+CVE-2018-20175 (rdesktop versions up to and including v1.8.3 contains several Integer  ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20174
+CVE-2018-20174 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds  ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-20173
+CVE-2018-20173 (Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection vi ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-20346
+CVE-2018-20346 (SQLite before 3.25.3, when the FTS3 extension is enabled, encounters a ...)
 	{DSA-4352-1 DLA-1613-1}
 	- sqlite3 3.25.3-1
 	[stretch] - sqlite3 <no-dsa> (Minor issue)
@@ -2089,80 +2089,80 @@ CVE-2018-20346
 	NOTE: Fedora patch: https://src.fedoraproject.org/rpms/sqlite/c/d8da047b90b7eff583c50bf7fa7dc3bc37414249?branch=f28
 	NOTE: https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html
 	NOTE: Upstream change: https://www.sqlite.org/src/info/940f2adc8541a838
-CVE-2018-20172
+CVE-2018-20172 (An issue was discovered in Nagios XI before 5.5.8. The rss_url paramet ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-20171
+CVE-2018-20171 (An issue was discovered in Nagios XI before 5.5.8. The url parameter o ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-20170
+CVE-2018-20170 (** DISPUTED ** OpenStack Keystone through 14.0.1 has a user enumeratio ...)
 	NOT-FOR-US: Disputed issue in Keystone, no need to track for src:keystone
-CVE-2018-20169
+CVE-2018-20169 (An issue was discovered in the Linux kernel before 4.19.9. The USB sub ...)
 	- linux 4.19.9-1
 	NOTE: https://git.kernel.org/linus/704620afc70cf47abb9d6a1a57f3825d2bca49cf
-CVE-2018-20168
+CVE-2018-20168 (Google gVisor before 2018-08-22 reuses a pagetable in a different leve ...)
 	NOT-FOR-US: gVisor
-CVE-2018-20166
+CVE-2018-20166 (A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?mod ...)
 	NOT-FOR-US: Rukovoditel
-CVE-2018-20167
+CVE-2018-20167 (Terminology before 1.3.1 allows Remote Code Execution because popmedia ...)
 	- terminology 1.3.1-1 (bug #916630)
 	[jessie] - terminology <not-affected> (vulnerable code is not present)
 	NOTE: https://phab.enlightenment.org/T7504
 	NOTE: https://git.enlightenment.org/apps/terminology.git/commit/?id=1ac204da9148e7bccb1b5f34b523e2094dfc39e2
 CVE-2018-20165
 	RESERVED
-CVE-2018-20164
+CVE-2018-20164 (An issue was discovered in regex.yaml (aka regexes.yaml) in UA-Parser  ...)
 	- uap-core 20190213-1 (bug #922717)
 	NOTE: https://github.com/ua-parser/uap-core/commit/010ccdc7303546cd22b9da687c29f4a996990014
 	NOTE: https://github.com/ua-parser/uap-core/commit/156f7e12b215bddbaf3df4514c399d683e6cdadc
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-009-uaparser/
 CVE-2018-20163
 	RESERVED
-CVE-2018-20162
+CVE-2018-20162 (Digi TransPort LR54 4.4.0.26 and possible earlier devices have Imprope ...)
 	TODO: check
-CVE-2018-20161
+CVE-2018-20161 (A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.1 ...)
 	NOT-FOR-US: BlinkForHome (aka Blink For Home) Sync Module
 CVE-2018-20160
 	RESERVED
-CVE-2018-20159
+CVE-2018-20159 (i-doit open 1.11.2 allows Remote Code Execution because ZIP archives a ...)
 	NOT-FOR-US: i-doit
 CVE-2018-20158
 	RESERVED
-CVE-2018-20157
+CVE-2018-20157 (The data import functionality in OpenRefine through 3.1 allows an XML  ...)
 	NOT-FOR-US: OpenRefine
-CVE-2018-20156
+CVE-2018-20156 (The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remot ...)
 	NOT-FOR-US: WordPress plugin wp-maintenance-mode
-CVE-2018-20155
+CVE-2018-20155 (The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remot ...)
 	NOT-FOR-US: WordPress plugin wp-maintenance-mode
-CVE-2018-20154
+CVE-2018-20154 (The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remot ...)
 	NOT-FOR-US: WordPress plugin wp-maintenance-mode
-CVE-2018-20146
+CVE-2018-20146 (An issue was discovered in Liquidware ProfileUnity before 6.8.0 with L ...)
 	NOT-FOR-US: Liquidware ProfileUnity
-CVE-2018-20153
+CVE-2018-20153 (In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could mod ...)
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
-CVE-2018-20152
+CVE-2018-20152 (In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass i ...)
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
-CVE-2018-20151
+CVE-2018-20151 (In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation pa ...)
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
-CVE-2018-20150
+CVE-2018-20150 (In WordPress before 4.9.9 and 5.x before 5.0.1, crafted URLs could tri ...)
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/fb3c6ea0618fcb9a51d4f2c1940e9efcd4a2d460
-CVE-2018-20149
+CVE-2018-20149 (In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP S ...)
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a
-CVE-2018-20148
+CVE-2018-20148 (In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could con ...)
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
-CVE-2018-20147
+CVE-2018-20147 (In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify m ...)
 	{DSA-4401-1 DLA-1673-1}
 	- wordpress 5.0.1+dfsg1-1 (bug #916403)
 	NOTE: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
@@ -2174,37 +2174,37 @@ CVE-2018-20143
 	RESERVED
 CVE-2018-20142
 	RESERVED
-CVE-2018-20141
+CVE-2018-20141 (AbanteCart 1.2.12 has reflected cross-site scripting (XSS) via the sor ...)
 	TODO: check
-CVE-2018-20140
+CVE-2018-20140 (Zenphoto 1.4.14 has multiple cross-site scripting (XSS) vulnerabilitie ...)
 	TODO: check
 CVE-2018-20139
 	RESERVED
-CVE-2018-20138
+CVE-2018-20138 (PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via A ...)
 	NOT-FOR-US: PHP Scripts Mall Entrepreneur B2B Script
-CVE-2018-20137
+CVE-2018-20137 (XSS exists in FUEL CMS 1.4.3 via the Page title, Meta description, or  ...)
 	NOT-FOR-US: FUEL CMS
-CVE-2018-20136
+CVE-2018-20136 (XSS exists in FUEL CMS 1.4.3 via the Header or Body in the Layout Vari ...)
 	NOT-FOR-US: FUEL CMS
 CVE-2018-20135
 	RESERVED
 CVE-2018-20134
 	RESERVED
-CVE-2018-20133
+CVE-2018-20133 (ymlref allows code injection. ...)
 	NOT-FOR-US: ymlref
 CVE-2018-20132
 	REJECTED
-CVE-2018-20131
+CVE-2018-20131 (The Code42 app before 6.8.4, as used in Code42 for Enterprise, on Linu ...)
 	NOT-FOR-US: Code42
 CVE-2018-20130
 	RESERVED
-CVE-2018-20129
+CVE-2018-20129 (An issue was discovered in DedeCMS V5.7 SP2. uploads/include/dialog/se ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-20128
+CVE-2018-20128 (An issue was discovered in UsualToolCMS v8.0. cmsadmin\a_sqlback.php a ...)
 	NOT-FOR-US: UsualToolCMS
-CVE-2018-20127
+CVE-2018-20127 (An issue was discovered in zzzphp cms 1.5.8. del_file in /admin/save.p ...)
 	NOT-FOR-US: zzzphp cms
-CVE-2018-20126
+CVE-2018-20126 (hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory ...)
 	- qemu <unfixed> (unimportant)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -2212,7 +2212,7 @@ CVE-2018-20126
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02824.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=509f57c98e7536905bb4902363d0cba66ce7e089
 	NOTE: PVRDMA support not enabled in the binary packages until 1:3.1+dfsg-3, disabled again in 1:3.1+dfsg-4
-CVE-2018-20125
+CVE-2018-20125 (hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of ...)
 	- qemu <unfixed> (unimportant)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -2220,7 +2220,7 @@ CVE-2018-20125
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02823.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=2c858ce5da8ae6689c75182b73bc455a291cad41
 	NOTE: PVRDMA support not enabled in the binary packages until 1:3.1+dfsg-3, disabled again in 1:3.1+dfsg-4
-CVE-2018-20124
+CVE-2018-20124 (hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of ...)
 	- qemu <unfixed> (bug #922461; unimportant)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -2229,7 +2229,7 @@ CVE-2018-20124
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=0e68373cc2b3a063ce067bc0cc3edaf370752890
 	NOTE: PVRDMA support not enabled in the binary packages until 1:3.1+dfsg-3, disabled again in 1:3.1+dfsg-4
 	NOTE: The issue is in PVRDMA support, cf. https://bugs.debian.org/922461#18
-CVE-2018-20123
+CVE-2018-20123 (pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak  ...)
 	- qemu <unfixed> (unimportant; bug #916442)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -2237,15 +2237,15 @@ CVE-2018-20123
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02817.html
 	NOTE: PVRDMA support not enabled until 1:3.1+dfsg-3, disabled again in 1:3.1+dfsg-4, and
 	NOTE: applied patch in 1:3.1+dfsg-3 reverted.
-CVE-2018-20145
+CVE-2018-20145 (Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option  ...)
 	- mosquitto 1.5.5-1
 	[stretch] - mosquitto <not-affected> (Only affects 1.5.x)
 	[jessie] - mosquitto <not-affected> (Only affects 1.5.x)
 	NOTE: https://github.com/eclipse/mosquitto/commit/9097577b49b7fdcf45d30975976dd93808ccc0c4
 	NOTE: https://github.com/eclipse/mosquitto/issues/1073
-CVE-2018-20122
+CVE-2018-20122 (The web interface on FASTGate Fastweb devices with firmware through 0. ...)
 	NOT-FOR-US: FASTGate Fastweb
-CVE-2018-20121
+CVE-2018-20121 (Podcast Generator 2.7 has stored cross-site scripting (XSS) via the UR ...)
 	TODO: check
 CVE-2018-20120
 	RESERVED
@@ -2259,7 +2259,7 @@ CVE-2018-20116
 	RESERVED
 CVE-2018-20115
 	RESERVED
-CVE-2018-20114
+CVE-2018-20114 (On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices ...)
 	NOT-FOR-US: D-Link
 CVE-2018-20113
 	REJECTED
@@ -2275,54 +2275,54 @@ CVE-2018-20108
 	REJECTED
 CVE-2018-20107
 	REJECTED
-CVE-2018-20106
+CVE-2018-20106 (In yast2-printer up to and including version 4.0.2 the SMB printer set ...)
 	NOT-FOR-US: yast2-printer
 CVE-2018-20105
 	RESERVED
 CVE-2018-20104
 	RESERVED
-CVE-2018-20103
+CVE-2018-20103 (An issue was discovered in dns.c in HAProxy through 1.8.14. In the cas ...)
 	- haproxy 1.8.15-1 (bug #916307)
 	[stretch] - haproxy <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - haproxy <not-affected> (Vulnerable code not present)
 	NOTE: http://git.haproxy.org/?p=haproxy.git;a=commit;h=58df5aea0a0c926b2238f65908f5e9f83d1cca25
-CVE-2018-20102
+CVE-2018-20102 (An out-of-bounds read in dns_validate_dns_response in dns.c was discov ...)
 	- haproxy 1.8.15-1 (bug #916308)
 	[stretch] - haproxy <no-dsa> (Minor issue; can be fixed via point release)
 	[jessie] - haproxy <not-affected> (Vulnerable code not present)
 	NOTE: http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0
-CVE-2018-20101
+CVE-2018-20101 (The codection "Import users from CSV with meta" plugin before 1.12.1 f ...)
 	NOT-FOR-US: codection "Import users from CSV with meta" plugin for WordPress
-CVE-2018-20100
+CVE-2018-20100 (An issue was discovered on August Connect devices. Insecure data trans ...)
 	NOT-FOR-US: August Connect
-CVE-2018-20099
+CVE-2018-20099 (There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2im ...)
 	[experimental] - exiv2 <unfixed> (low)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/590
 	NOTE: https://github.com/Exiv2/exiv2/commit/eff0f52d0466d81beabf304e2500f3039fd90252
-CVE-2018-20098
+CVE-2018-20098 (There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2He ...)
 	[experimental] - exiv2 <unfixed> (low)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/590
 	NOTE: https://github.com/Exiv2/exiv2/commit/eff0f52d0466d81beabf304e2500f3039fd90252
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206
-CVE-2018-20097
+CVE-2018-20097 (There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroup ...)
 	{DLA-1691-1}
 	- exiv2 <unfixed> (low)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/590
 	NOTE: https://github.com/Exiv2/exiv2/commit/203ab0db28c9666b16069d4056ac5f66f753a51d
-CVE-2018-20096
+CVE-2018-20096 (There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf fun ...)
 	[experimental] - exiv2 <unfixed> (low)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/590
-CVE-2018-20095
+CVE-2018-20095 (An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 ...)
 	NOT-FOR-US: Bento4
-CVE-2018-20094
+CVE-2018-20094 (An issue was discovered in XXL-CONF 1.6.0. There is a path traversal v ...)
 	NOT-FOR-US: XXL-CONF
 CVE-2018-20093
 	RESERVED
-CVE-2018-20092
+CVE-2018-20092 (PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory trav ...)
 	NOT-FOR-US: PTC ThingWorx Platform
 CVE-2018-20091
 	RESERVED
@@ -2367,36 +2367,36 @@ CVE-2018-20073 [chromium stores download meta data in extended attributes]
 	[stretch] - chromium <postponed> (Wait until fixed upstream)
 CVE-2018-20072
 	RESERVED
-CVE-2018-20071
+CVE-2018-20071 (Insufficiently strict origin checks during JIT payment app installatio ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-20070
+CVE-2018-20070 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-20069
+CVE-2018-20069 (Failure to prevent navigation to top frame to data URLs in Navigation  ...)
 	- chromium <not-affected> (Specific to iOS)
-CVE-2018-20068
+CVE-2018-20068 (Incorrect handling of 304 status codes in Navigation in Google Chrome  ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-20067
+CVE-2018-20067 (A renderer initiated back navigation was incorrectly allowed to cancel ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-20066
+CVE-2018-20066 (Incorrect object lifecycle in Extensions in Google Chrome prior to 71. ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-20065
+CVE-2018-20065 (Handling of URI action in PDFium in Google Chrome prior to 71.0.3578.8 ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-20064
+CVE-2018-20064 (doorGets 7.0 allows remote attackers to write to arbitrary files via d ...)
 	NOT-FOR-US: doorGets
-CVE-2018-20063
+CVE-2018-20063 (An issue was discovered in Gurock TestRail 5.6.0.3853. An "Unrestricte ...)
 	NOT-FOR-US: Gurock TestRail
-CVE-2018-20062
+CVE-2018-20062 (An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.ph ...)
 	NOT-FOR-US: NoneCms
-CVE-2018-20061
+CVE-2018-20061 (A SQL injection issue was discovered in ERPNext 10.x and 11.x through  ...)
 	NOT-FOR-US: Frappe ERPNext
-CVE-2018-20060
+CVE-2018-20060 (urllib3 before version 1.23 does not remove the Authorization HTTP hea ...)
 	- python-urllib3 1.24-1
 	[stretch] - python-urllib3 <no-dsa> (Minor issue)
 	[jessie] - python-urllib3 <ignored> (Minor issue)
@@ -2416,13 +2416,13 @@ CVE-2018-20060
 	NOTE: https://github.com/urllib3/urllib3/commit/63948f3a607ed8e7a3ce9ac4e20782359896e27e
 	NOTE: https://github.com/urllib3/urllib3/commit/560bd227b90f74417ffaedebf5f8d05a8ee4f532
 	NOTE: Fixed upstream in 1.23
-CVE-2018-20059
+CVE-2018-20059 (jaxb/JaxbEngine.java in Pippo 1.11.0 allows XXE. ...)
 	NOT-FOR-US: Pippo
-CVE-2018-20058
+CVE-2018-20058 (In Evernote before 7.6 on macOS, there is a local file path traversal  ...)
 	NOT-FOR-US: Evernote
-CVE-2018-20057
+CVE-2018-20057 (An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 an ...)
 	NOT-FOR-US: D-Link
-CVE-2018-20056
+CVE-2018-20056 (An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 an ...)
 	NOT-FOR-US: D-Link
 CVE-2018-20055
 	RESERVED
@@ -2432,9 +2432,9 @@ CVE-2018-20053
 	RESERVED
 CVE-2018-20052
 	RESERVED
-CVE-2018-20051
+CVE-2018-20051 (Mishandling of '&gt;' on the Jooan JA-Q1H Wi-Fi camera with firmware 2 ...)
 	NOT-FOR-US: Jooan JA-Q1H Wi-Fi camera
-CVE-2018-20050
+CVE-2018-20050 (Mishandling of an empty string on the Jooan JA-Q1H Wi-Fi camera with f ...)
 	NOT-FOR-US: Jooan JA-Q1H Wi-Fi camera
 CVE-2018-20049
 	RESERVED
@@ -2468,60 +2468,60 @@ CVE-2018-20035
 	RESERVED
 CVE-2018-20034
 	RESERVED
-CVE-2018-20033
+CVE-2018-20033 (A Remote Code Execution vulnerability in lmgrd and vendor daemon compo ...)
 	NOT-FOR-US: FlexNet Publisher
 CVE-2018-20032
 	RESERVED
 CVE-2018-20031
 	RESERVED
-CVE-2018-20030
+CVE-2018-20030 (An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EX ...)
 	- libexif 0.6.21-5.1 (bug #918730)
 	[stretch] - libexif <no-dsa> (Minor issue)
 	[jessie] - libexif <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-28/
 	NOTE: https://github.com/libexif/libexif/commit/6aa11df549114ebda520dde4cdaea2f9357b2c89
-CVE-2018-20029
+CVE-2018-20029 (The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6 ...)
 	NOT-FOR-US: nxfs.sys driver in the DokanFS library in NoMachine on Windows
 CVE-2018-20028
 	RESERVED
-CVE-2018-20027
+CVE-2018-20027 (The yaml_parse.load method in Pylearn2 allows code injection. ...)
 	NOT-FOR-US: Pylearn2
-CVE-2018-20026
+CVE-2018-20026 (Improper Communication Address Filtering exists in CODESYS V3 products ...)
 	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS V3 Products
-CVE-2018-20025
+CVE-2018-20025 (Use of Insufficiently Random Values exists in CODESYS V3 products vers ...)
 	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS V3 Products
-CVE-2018-20024
+CVE-2018-20024 (LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains ...)
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/254
 	NOTE:  https://github.com/LibVNC/libvncserver/commit/4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-034-libvnc-null-pointer-dereference/
-CVE-2018-20023
+CVE-2018-20023 (LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-66 ...)
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/253
 	NOTE: https://github.com/LibVNC/libvncserver/commit/8b06f835e259652b0ff026898014fc7297ade858
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-033-libvnc-memory-leak/
-CVE-2018-20022
+CVE-2018-20022 (LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multip ...)
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/252
 	NOTE: https://github.com/LibVNC/libvncserver/commit/2f5b2ad1c6c99b1ac6482c95844a84d66bb52838
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-032-libvnc-multiple-memory-leaks/
-CVE-2018-20021
+CVE-2018-20021 (LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains ...)
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/251
 	NOTE: https://github.com/LibVNC/libvncserver/commit/c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-031-libvnc-infinite-loop/
-CVE-2018-20020
+CVE-2018-20020 (LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains ...)
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/250
 	NOTE: https://github.com/LibVNC/libvncserver/commit/09f2f3fb6a5a163e453e5c2979054670c39694bc
 	NOTE: https://github.com/LibVNC/libvncserver/commit/7b1ef0ffc4815cab9a96c7278394152bdc89dc4d
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-030-libvnc-heap-out-of-bound-write/
-CVE-2018-20748
+CVE-2018-20748 (LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulner ...)
 	{DLA-1652-1}
 	- libvncserver 0.9.11+dfsg-1.3 (bug #920941)
 	[stretch] - libvncserver <not-affected> (Incomplete fix for CVE-2018-20019 not applied)
@@ -2529,7 +2529,7 @@ CVE-2018-20748
 	NOTE: https://github.com/LibVNC/libvncserver/commit/e34bcbb759ca5bef85809967a268fdf214c1ad2c
 	NOTE: https://github.com/LibVNC/libvncserver/commit/c2c4b81e6cb3b485fb1ec7ba9e7defeb889f6ba7
 	NOTE: https://github.com/LibVNC/libvncserver/commit/a64c3b37af9a6c8f8009d7516874b8d266b42bae
-CVE-2018-20019
+CVE-2018-20019 (LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains ...)
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/247
@@ -2541,50 +2541,50 @@ CVE-2018-20019
 	NOTE: https://github.com/LibVNC/libvncserver/commit/e34bcbb759ca5bef85809967a268fdf214c1ad2c
 	NOTE: https://github.com/LibVNC/libvncserver/commit/c2c4b81e6cb3b485fb1ec7ba9e7defeb889f6ba7
 	NOTE: https://github.com/LibVNC/libvncserver/commit/a64c3b37af9a6c8f8009d7516874b8d266b42bae
-CVE-2018-20018
+CVE-2018-20018 (S-CMS V3.0 has SQL injection via the S_id parameter, as demonstrated b ...)
 	NOT-FOR-US: S-CMS
-CVE-2018-20017
+CVE-2018-20017 (SEMCMS 3.5 has XSS via the first text box to the SEMCMS_Main.php URI. ...)
 	NOT-FOR-US: SEMCMS
 CVE-2018-20016
 	RESERVED
-CVE-2018-20015
+CVE-2018-20015 (YzmCMS v5.2 has admin/role/add.html CSRF. ...)
 	NOT-FOR-US: YzmCMS
 CVE-2018-20014
 	RESERVED
 CVE-2018-20013
 	RESERVED
-CVE-2018-20012
+CVE-2018-20012 (PHPCMF 4.1.3 has XSS via the first input field to the index.php?s=memb ...)
 	NOT-FOR-US: PHPCMF
-CVE-2018-20011
+CVE-2018-20011 (DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Nam ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-20010
+CVE-2018-20010 (DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php  ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-20009
+CVE-2018-20009 (DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Prov ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-1000866
+CVE-2018-1000866 (A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59  ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1000865
+CVE-2018-1000865 (A sandbox bypass vulnerability exists in Script Security Plugin 1.47 a ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1000864
+CVE-2018-1000864 (A denial of service vulnerability exists in Jenkins 2.153 and earlier, ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1000863
+CVE-2018-1000863 (A data modification vulnerability exists in Jenkins 2.153 and earlier, ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1000862
+CVE-2018-1000862 (An information exposure vulnerability exists in Jenkins 2.153 and earl ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1000861
+CVE-2018-1000861 (A code execution vulnerability exists in the Stapler web framework use ...)
 	NOT-FOR-US: Jenkins
 CVE-2018-20008
 	RESERVED
 CVE-2018-20007
 	RESERVED
-CVE-2018-20006
+CVE-2018-20006 (An issue was discovered in PHPok v5.0.055. There is a Stored XSS vulne ...)
 	NOT-FOR-US: PHPok
-CVE-2018-20005
+CVE-2018-20005 (An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after ...)
 	- mxml <unfixed> (low)
 	[stretch] - mxml <no-dsa> (Minor issue)
 	[jessie] - mxml <ignored> (Minor issue)
 	NOTE: https://github.com/michaelrsweet/mxml/issues/234
-CVE-2018-20004
+CVE-2018-20004 (An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-bas ...)
 	{DLA-1641-1}
 	- mxml 2.12-2 (low; bug #918007)
 	[stretch] - mxml <no-dsa> (Minor issue)
@@ -2592,21 +2592,21 @@ CVE-2018-20004
 	NOTE: Fixed by https://github.com/michaelrsweet/mxml/commit/4f5577dd4672d228e4180f06bdbd66f343ea45e0
 CVE-2018-20003
 	RESERVED
-CVE-2018-20002
+CVE-2018-20002 (The _bfd_generic_read_minisymbols function in syms.c in the Binary Fil ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23952
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9
-CVE-2018-20001
+CVE-2018-20001 (In Libav 12.3, there is a floating point exception in the range_decode ...)
 	- libav <removed>
 	[jessie] - libav <no-dsa> (floating point exception cannot be observed on Jessie)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1141
-CVE-2018-20000
+CVE-2018-20000 (Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstr ...)
 	NOT-FOR-US: Apereo Bedework bw-webdav
 CVE-2018-19999
 	RESERVED
-CVE-2018-19998
+CVE-2018-19998 (SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/2b088a73c121a52e006c0d76ea4da7ffeb7b4f4a
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/bacd5110fbdc81a35030fdc322775fa15ea85924
@@ -2614,20 +2614,20 @@ CVE-2018-19997
 	RESERVED
 CVE-2018-19996
 	RESERVED
-CVE-2018-19995
+CVE-2018-19995 (A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 al ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/4b8be6ed64763327018ac1c076f81ddffa87855e
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/bacd5110fbdc81a35030fdc322775fa15ea85924
-CVE-2018-19994
+CVE-2018-19994 (An error-based SQL injection vulnerability in product/card.php in Doli ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/850b939ffd2c7a4443649331b923d5e0da2d6446
-CVE-2018-19993
+CVE-2018-19993 (A reflected cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/fc3fcc5455d9a610b85723e89e8be43a41ad1378
-CVE-2018-19992
+CVE-2018-19992 (A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 al ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/0f06e39d23636bd1e4039ac61a743c79725c798b
-CVE-2018-19991
+CVE-2018-19991 (VeryNginx 0.3.3 allows remote attackers to bypass the Web Application  ...)
 	NOT-FOR-US: VeryNginx
 CVE-2018-19990
 	RESERVED
@@ -2639,18 +2639,18 @@ CVE-2018-19987
 	RESERVED
 CVE-2018-19986
 	RESERVED
-CVE-2018-19985 [USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data]
+CVE-2018-19985 (The function hso_get_config_data in drivers/net/usb/hso.c in the Linux ...)
 	- linux 4.19.13-1
 	NOTE: https://git.kernel.org/linus/5146f95df782b0ac61abde36567e718692725c89
 CVE-2018-19984
 	RESERVED
-CVE-2018-19983
+CVE-2018-19983 (An issue was discovered on Sigma Design Z-Wave S0 through S2 devices.  ...)
 	NOT-FOR-US: Sigma Design Z-Wave devices
-CVE-2018-19982
+CVE-2018-19982 (An issue was discovered on KT MC01507L Z-Wave S0 devices. It occurs be ...)
 	NOT-FOR-US: KT MC01507L Z-Wave S0 devices
 CVE-2018-19981
 	RESERVED
-CVE-2018-19980
+CVE-2018-19980 (Anker Nebula Capsule Pro NBUI_M1_V2.1.9 devices allow attackers to cau ...)
 	NOT-FOR-US: Anker Nebula Capsule Pro devices
 CVE-2018-19979
 	RESERVED
@@ -2658,7 +2658,7 @@ CVE-2018-19978
 	RESERVED
 CVE-2018-19977
 	RESERVED
-CVE-2018-19976
+CVE-2018-19976 (In YARA 3.8.1, bytecode in a specially crafted compiled rule is expose ...)
 	- yara 3.8.1-2 (bug #916932)
 	[stretch] - yara <no-dsa> (Minor issue)
 	[jessie] - yara <no-dsa> (Minor issue)
@@ -2667,7 +2667,7 @@ CVE-2018-19976
 	NOTE: https://github.com/bnbdr/swisscheese/
 	NOTE: https://github.com/VirusTotal/yara/commit/6acc08d7329413f60e0976be017e18a581450d7a
 	NOTE: https://github.com/VirusTotal/yara/commit/d8f714891ed92da15d50b397b74d1d9431e9c54c
-CVE-2018-19975
+CVE-2018-19975 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can read  ...)
 	- yara 3.8.1-2 (bug #916932)
 	[stretch] - yara <no-dsa> (Minor issue)
 	[jessie] - yara <no-dsa> (Minor issue)
@@ -2676,7 +2676,7 @@ CVE-2018-19975
 	NOTE: https://github.com/bnbdr/swisscheese/
 	NOTE: https://github.com/VirusTotal/yara/commit/6acc08d7329413f60e0976be017e18a581450d7a
 	NOTE: https://github.com/VirusTotal/yara/commit/d8f714891ed92da15d50b397b74d1d9431e9c54c
-CVE-2018-19974
+CVE-2018-19974 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can read  ...)
 	- yara 3.8.1-2 (bug #916932)
 	[stretch] - yara <no-dsa> (Minor issue)
 	[jessie] - yara <no-dsa> (Minor issue)
@@ -2691,16 +2691,16 @@ CVE-2018-19972
 	RESERVED
 CVE-2018-19971
 	RESERVED
-CVE-2018-19970
+CVE-2018-19970 (In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navi ...)
 	{DLA-1658-1}
 	- phpmyadmin <unfixed>
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-8/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/b293ff5f234ef493336ed8638f623a12164d359e
-CVE-2018-19969
+CVE-2018-19969 (phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a s ...)
 	- phpmyadmin <undetermined>
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-7/
 	TODO: check, upstream explicitly fixed only the 4.7/4.8 branch but not entirely clear if only introduced in 4.7.0, and older versions are EOLed, and only on best-effort mentioned in affected versions informations.
-CVE-2018-19968
+CVE-2018-19968 (An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents o ...)
 	{DLA-1658-1}
 	- phpmyadmin <unfixed>
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-6/
@@ -2745,24 +2745,24 @@ CVE-2018-19941
 	RESERVED
 CVE-2018-19940
 	RESERVED
-CVE-2018-19939
+CVE-2018-19939 (The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi ...)
 	NOT-FOR-US: Goodix GT9xx touchscreen driver
 CVE-2018-19938
 	RESERVED
-CVE-2018-19937
+CVE-2018-19937 (A local, authenticated attacker can bypass the passcode in the VideoLA ...)
 	NOT-FOR-US: VLC port/application for iOS
-CVE-2018-19936
+CVE-2018-19936 (PrinterOn Enterprise 4.1.4 allows Arbitrary File Deletion. ...)
 	NOT-FOR-US: PrinterOn Enterprise
-CVE-2018-19934
+CVE-2018-19934 (SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site script ...)
 	TODO: check
-CVE-2018-19933
+CVE-2018-19933 (Bolt CMS &lt;3.6.2 allows XSS via text input click preview button as d ...)
 	NOT-FOR-US: Bolt CMS
-CVE-2018-19960
+CVE-2018-19960 (The debug_mode function in web/web.py in OnionShare through 1.3.1, whe ...)
 	- onionshare 1.3.2-1 (bug #915859; unimportant)
 	[jessie] - onionshare <no-dsa> (contrib not supported)
 	NOTE: https://github.com/micahflee/onionshare/issues/837
 	NOTE: Negligible (and disputable) security impact, as the debug mode is not enabled by default
-CVE-2018-19935
+CVE-2018-19935 (ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote atta ...)
 	{DSA-4353-1 DLA-1608-1}
 	- php7.3 7.3.0-1
 	- php7.2 <removed>
@@ -2771,14 +2771,14 @@ CVE-2018-19935
 	NOTE: Fixed in 5.6.39, 7.0.33, 7.1.26, 7.2.14, 7.3.0
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77020
 	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=648fc1e369fc05fb9200a42c7938912236b2a318
-CVE-2018-19932
+CVE-2018-19932 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
 	[experimental] - binutils 2.31.51.20181204-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23932
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7
-CVE-2018-19931
+CVE-2018-19931 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
 	[experimental] - binutils 2.31.51.20181204-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
@@ -2791,103 +2791,103 @@ CVE-2018-19929
 	RESERVED
 CVE-2018-19928
 	RESERVED
-CVE-2018-19927
+CVE-2018-19927 (Zenitel Norway IP-StationWeb before 4.2.3.9 allows stored XSS via the  ...)
 	NOT-FOR-US: Zenitel Norway IP-StationWeb
-CVE-2018-19926
+CVE-2018-19926 (Zenitel Norway IP-StationWeb before 4.2.3.9 allows reflected XSS via t ...)
 	NOT-FOR-US: Zenitel Norway IP-StationWeb
-CVE-2018-19925
+CVE-2018-19925 (An issue was discovered in Sales &amp; Company Management System (SCMS ...)
 	NOT-FOR-US: Sales & Company Management System (SCMS)
-CVE-2018-19924
+CVE-2018-19924 (An issue was discovered in Sales &amp; Company Management System (SCMS ...)
 	NOT-FOR-US: Sales & Company Management System (SCMS)
-CVE-2018-19923
+CVE-2018-19923 (An issue was discovered in Sales &amp; Company Management System (SCMS ...)
 	NOT-FOR-US: Sales & Company Management System (SCMS)
-CVE-2018-19922
+CVE-2018-19922 (Persistent Cross-Site Scripting (XSS) in the advancedsetup_websitebloc ...)
 	NOT-FOR-US: Actiontec C1000A router
-CVE-2018-19921
+CVE-2018-19921 (Zoho ManageEngine OpManager 12.3 before 123237 has XSS in the domain c ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2018-19920
 	RESERVED
-CVE-2018-19919
+CVE-2018-19919 (Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php data[tit ...)
 	NOT-FOR-US: Pixelimity
-CVE-2018-19918
+CVE-2018-19918 (CuppaCMS has XSS via an SVG document uploaded to the administrator/#/c ...)
 	NOT-FOR-US: CuppaCMS
-CVE-2018-19917
+CVE-2018-19917 (Microweber 1.0.8 has reflected cross-site scripting (XSS) vulnerabilit ...)
 	TODO: check
 CVE-2018-19916
 	RESERVED
-CVE-2018-19915
+CVE-2018-19915 (DomainMOD through 4.11.01 has XSS via the assets/edit/host.php Web Hos ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-19914
+CVE-2018-19914 (DomainMOD through 4.11.01 has XSS via the assets/add/dns.php Profile N ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-19913
+CVE-2018-19913 (DomainMOD through 4.11.01 has XSS via the assets/add/registrar-account ...)
 	NOT-FOR-US: DomainMOD
 CVE-2018-19912
 	RESERVED
-CVE-2018-19911
+CVE-2018-19911 (FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote a ...)
 	- freeswitch <itp> (bug #389591)
 CVE-2018-19910
 	RESERVED
 CVE-2018-19909
 	RESERVED
-CVE-2018-19908
+CVE-2018-19908 (An issue was discovered in MISP 2.4.9x before 2.4.99. In app/Model/Eve ...)
 	NOT-FOR-US: MISP
 CVE-2018-1000859
 	REJECTED
 CVE-2018-1000853
 	REJECTED
-CVE-2018-19907
+CVE-2018-19907 (A Server-Side Template Injection issue was discovered in Crafter CMS 3 ...)
 	NOT-FOR-US: Crafter CMS
-CVE-2018-19906
+CVE-2018-19906 (Stored XSS exists in razorCMS 3.4.8 via the /#/page description parame ...)
 	NOT-FOR-US: razorCMS
-CVE-2018-19905
+CVE-2018-19905 (HTML injection exists in razorCMS 3.4.8 via the /#/page keywords param ...)
 	NOT-FOR-US: razorCMS
-CVE-2018-19904
+CVE-2018-19904 (Persistent XSS exists in XSLT CMS via the create/?action=items.edit&am ...)
 	NOT-FOR-US: XSLT CMS
-CVE-2018-19903
+CVE-2018-19903 (Persistent XSS exists in XSLT CMS via the create/?action=items.edit&am ...)
 	NOT-FOR-US: XSLT CMS
-CVE-2018-19902
+CVE-2018-19902 (No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "k ...)
 	NOT-FOR-US: NO-CMS
-CVE-2018-19901
+CVE-2018-19901 (No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/in ...)
 	NOT-FOR-US: NO-CMS
 CVE-2018-19900
 	RESERVED
 CVE-2018-19899
 	RESERVED
-CVE-2018-19898
+CVE-2018-19898 (ThinkCMF X2.2.2 has SQL Injection via the method edit_post in ArticleC ...)
 	NOT-FOR-US: ThinkCMF
-CVE-2018-19897
+CVE-2018-19897 (ThinkCMF X2.2.2 has SQL Injection via the function _listorders() in Ad ...)
 	NOT-FOR-US: ThinkCMF
-CVE-2018-19896
+CVE-2018-19896 (ThinkCMF X2.2.2 has SQL Injection via the function delete() in SlideCo ...)
 	NOT-FOR-US: ThinkCMF
-CVE-2018-19895
+CVE-2018-19895 (ThinkCMF X2.2.2 has SQL Injection via the function edit_post() in NavC ...)
 	NOT-FOR-US: ThinkCMF
-CVE-2018-19894
+CVE-2018-19894 (ThinkCMF X2.2.2 has SQL Injection via the functions check() and delete ...)
 	NOT-FOR-US: ThinkCMF
-CVE-2018-19893
+CVE-2018-19893 (SearchController.php in PbootCMS 1.2.1 has SQL injection via the index ...)
 	NOT-FOR-US: PbootCMS
-CVE-2018-19892
+CVE-2018-19892 (DomainMOD through 4.11.01 has XSS via the admin/dw/add-server.php Disp ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-19891
+CVE-2018-19891 (An invalid memory address dereference was discovered in the huffcode f ...)
 	- faac <unfixed> (unimportant; bug #915763)
 	NOTE: https://github.com/knik0/faac/issues/24
 	NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal)
-CVE-2018-19890
+CVE-2018-19890 (An invalid memory address dereference was discovered in the huffcode f ...)
 	- faac <unfixed> (unimportant; bug #915763)
 	NOTE: https://github.com/knik0/faac/issues/20
 	NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal)
-CVE-2018-19889
+CVE-2018-19889 (An invalid memory address dereference was discovered in the huffcode f ...)
 	- faac <unfixed> (unimportant; bug #915763)
 	NOTE: https://github.com/knik0/faac/issues/22
 	NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal)
-CVE-2018-19888
+CVE-2018-19888 (An invalid memory address dereference was discovered in the huffcode f ...)
 	- faac <unfixed> (unimportant; bug #915763)
 	NOTE: https://github.com/knik0/faac/issues/25
 	NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal)
-CVE-2018-19887
+CVE-2018-19887 (An invalid memory address dereference was discovered in the huffcode f ...)
 	- faac <unfixed> (unimportant; bug #915763)
 	NOTE: https://github.com/knik0/faac/issues/21
 	NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal)
-CVE-2018-19886
+CVE-2018-19886 (An invalid memory address dereference was discovered in the huffcode f ...)
 	- faac <unfixed> (unimportant; bug #915763)
 	NOTE: https://github.com/knik0/faac/issues/23
 	NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal)
@@ -2897,12 +2897,12 @@ CVE-2018-19884
 	RESERVED
 CVE-2018-19883
 	RESERVED
-CVE-2018-19882
+CVE-2018-19882 (In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c a ...)
 	- mupdf <unfixed> (unimportant)
 	NOTE: Negligable security impact, crash in CLI tool
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700342
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203
-CVE-2018-19881
+CVE-2018-19881 (In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to caus ...)
 	- mupdf <unfixed> (unimportant)
 	NOTE: Negligable security impact, crash in CLI tool
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700342
@@ -2913,9 +2913,9 @@ CVE-2018-19879
 	RESERVED
 CVE-2018-19878
 	RESERVED
-CVE-2018-19877
+CVE-2018-19877 (login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login Bu ...)
 	NOT-FOR-US: Adiscon LogAnalyzer
-CVE-2018-19876
+CVE-2018-19876 (cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would ...)
 	- cairo 1.16.0-4 (bug #915801; bug #916389)
 	[stretch] - cairo <not-affected> (Vulnerable code introduced later)
 	[jessie] - cairo <not-affected> (Vulnerable code introduced later)
@@ -2929,7 +2929,7 @@ CVE-2018-19876
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/commit/90e85c2493fdfa3551f202ff10282463f1e36645
 CVE-2018-1002104
 	RESERVED
-CVE-2018-1002103
+CVE-2018-1002103 (In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Das ...)
 	NOT-FOR-US: minikube
 CVE-2018-1002102
 	RESERVED
@@ -2937,7 +2937,7 @@ CVE-2018-19875
 	RESERVED
 CVE-2018-19874
 	RESERVED
-CVE-2018-19873
+CVE-2018-19873 (An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer  ...)
 	{DSA-4374-1 DLA-1627-1}
 	[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
 	- qtbase-opensource-src 5.11.3+dfsg-2 (low)
@@ -2947,9 +2947,9 @@ CVE-2018-19873
 	NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
 	NOTE: https://codereview.qt-project.org/#/c/238749/
 	NOTE: https://github.com/qt/qtbase/commit/621ab8ab59901cc3f9bd98be709929c9eac997a8
-CVE-2018-19872
+CVE-2018-19872 (An issue was discovered in Qt 5.11. A malformed PPM image causes a div ...)
 	TODO: check
-CVE-2018-19871
+CVE-2018-19871 (An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontr ...)
 	- qtimageformats-opensource-src 5.11.3-2 (low)
 	[stretch] - qtimageformats-opensource-src <no-dsa> (Minor issue)
 	[jessie] - qtimageformats-opensource-src <postponed> (Minor issue)
@@ -2960,7 +2960,7 @@ CVE-2018-19871
 	NOTE: https://codereview.qt-project.org/#/c/237761/
 	NOTE: qt4-x11 affected in src/plugins/imageformats/tga/qtgafile.cpp
 	NOTE: https://github.com/qt/qtimageformats/commit/7cfe47a8fe2f987fb2a066a696fb3d9d0afe4d65
-CVE-2018-19870
+CVE-2018-19870 (An issue was discovered in Qt before 5.11.3. A malformed GIF image cau ...)
 	{DSA-4374-1 DLA-1627-1}
 	[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
 	- qtbase-opensource-src 5.11.3+dfsg-2 (low)
@@ -2972,7 +2972,7 @@ CVE-2018-19870
 	NOTE: affected code can be in src/gui/image/qgifhandler.cpp or in
 	NOTE: src/plugins/imageformats/gif/qgifhandler.cpp depending on the version
 	NOTE: https://github.com/qt/qtbase/commit/2841e2b61e32f26900bde987d469c8b97ea31999
-CVE-2018-19869
+CVE-2018-19869 (An issue was discovered in Qt before 5.11.3. A malformed SVG image cau ...)
 	[experimental] - qtsvg-opensource-src 5.11.3-1
 	- qtsvg-opensource-src 5.11.3-2 (low)
 	[stretch] - qtsvg-opensource-src <no-dsa> (Minor issue)
@@ -2990,25 +2990,25 @@ CVE-2018-19867
 	RESERVED
 CVE-2018-19866
 	RESERVED
-CVE-2018-19865
+CVE-2018-19865 (A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7 ...)
 	[experimental] - qtvirtualkeyboard-opensource-src 5.11.3+dfsg-1
 	- qtvirtualkeyboard-opensource-src 5.11.3+dfsg-2
 	NOTE: http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
-CVE-2018-19864
+CVE-2018-19864 (NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows rem ...)
 	NOT-FOR-US: NUUO NVRmini2 Network Video Recorder firmware
-CVE-2018-19863
+CVE-2018-19863 (An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on ...)
 	NOT-FOR-US: 1Password
-CVE-2018-19862
+CVE-2018-19862 (Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers ...)
 	NOT-FOR-US: MiniShare
-CVE-2018-19861
+CVE-2018-19861 (Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers ...)
 	NOT-FOR-US: MiniShare
 CVE-2018-19860
 	RESERVED
-CVE-2018-19859
+CVE-2018-19859 (OpenRefine before 3.5 allows directory traversal via a relative pathna ...)
 	NOT-FOR-US: OpenRefine
-CVE-2018-19858
+CVE-2018-19858 (PrinceXML, versions 10 and below, is vulnerable to XXE due to the lack ...)
 	NOT-FOR-US: PrinceXML
-CVE-2018-19857
+CVE-2018-19857 (The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3. ...)
 	{DSA-4366-1}
 	- vlc 3.0.4-4 (bug #915760)
 	[jessie] - vlc <end-of-life> (See https://lists.debian.org/debian-security-announce/2018/msg00130.html)
@@ -3018,12 +3018,12 @@ CVE-2018-19856
 	RESERVED
 CVE-2018-19855
 	RESERVED
-CVE-2018-19854
+CVE-2018-19854 (An issue was discovered in the Linux kernel before 4.19.3. crypto_repo ...)
 	- linux 4.18.20-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/f43f39958beb206b53292801e216d9b8a660f087
-CVE-2018-19853
+CVE-2018-19853 (An issue was discovered in hitshop through 2014-07-15. There is an ele ...)
 	NOT-FOR-US: hitshop
 CVE-2018-19852
 	RESERVED
@@ -3031,7 +3031,7 @@ CVE-2018-19851
 	RESERVED
 CVE-2018-19850
 	RESERVED
-CVE-2018-19849
+CVE-2018-19849 (An issue was discovered in YzmCMS 5.2. XSS exists via the admin/conten ...)
 	NOT-FOR-US: YzmCMS
 CVE-2018-19848
 	RESERVED
@@ -3039,51 +3039,51 @@ CVE-2018-19847
 	RESERVED
 CVE-2018-19846
 	RESERVED
-CVE-2018-19845
+CVE-2018-19845 (There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "po ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2018-19844
+CVE-2018-19844 (FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, whi ...)
 	NOT-FOR-US: FROG CMS
-CVE-2018-19843
+CVE-2018-19843 (opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attack ...)
 	- radare2 3.1.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code not present in libr/asm/p/asm_x86_nz.c)
 	NOTE: https://github.com/radare/radare2/commit/f17bfd9f1da05f30f23a4dd05e9d2363e1406948
 	NOTE: https://github.com/radare/radare2/issues/12242
-CVE-2018-19842
+CVE-2018-19842 (getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows att ...)
 	- radare2 3.1.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code not present in libr/asm/p/asm_x86_nz.c)
 	NOTE: https://github.com/radare/radare2/commit/66191f780863ea8c66ace4040d0d04a8842e8432
 	NOTE: https://github.com/radare/radare2/issues/12239
-CVE-2018-19841
+CVE-2018-19841 (The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a  ...)
 	- wavpack 5.1.0-5 (bug #915565)
 	[stretch] - wavpack <no-dsa> (Minor issue)
 	[jessie] - wavpack <no-dsa> (Minor issue)
 	NOTE: https://github.com/dbry/WavPack/commit/bba5389dc598a92bdf2b297c3ea34620b6679b5b
 	NOTE: https://github.com/dbry/WavPack/issues/54
-CVE-2018-19840
+CVE-2018-19840 (The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPac ...)
 	- wavpack 5.1.0-5 (bug #915564)
 	[stretch] - wavpack <no-dsa> (Minor issue)
 	[jessie] - wavpack <no-dsa> (Minor issue)
 	NOTE: https://github.com/dbry/WavPack/commit/070ef6f138956d9ea9612e69586152339dbefe51
 	NOTE: https://github.com/dbry/WavPack/issues/53
-CVE-2018-19839
+CVE-2018-19839 (In LibSass prior to 3.5.5, the function handle_error in sass_context.c ...)
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2657
 	NOTE: https://github.com/sass/libsass/pull/2767
-CVE-2018-19838
+CVE-2018-19838 (In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_ ...)
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2660
-CVE-2018-19837
+CVE-2018-19837 (In LibSass prior to 3.5.5, Sass::Eval::operator()(Sass::Binary_Express ...)
 	- libsass 3.5.4+20180621~c0a6cf3-1
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/commit/210fdff7a65370c2ae24e022a2b35da8c423cc5f
 	NOTE: https://github.com/sass/libsass/issues/2659
-CVE-2018-19836
+CVE-2018-19836 (In Metinfo 6.1.3, include/interface/applogin.php allows setting arbitr ...)
 	NOT-FOR-US: Metinfo
-CVE-2018-19835
+CVE-2018-19835 (Metinfo 6.1.3 has reflected XSS via the admin/column/move.php lang_col ...)
 	NOT-FOR-US: Metinfo
 CVE-2018-19834
 	RESERVED
@@ -3095,54 +3095,54 @@ CVE-2018-19831
 	RESERVED
 CVE-2018-19830
 	RESERVED
-CVE-2018-19829
+CVE-2018-19829 (Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios ...)
 	NOT-FOR-US: Artica Integria IMS
-CVE-2018-19828
+CVE-2018-19828 (Artica Integria IMS 5.0.83 has XSS via the search_string parameter. ...)
 	NOT-FOR-US: Artica Integria IMS
-CVE-2018-19827
+CVE-2018-19827 (In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedP ...)
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2782
-CVE-2018-19826
+CVE-2018-19826 (In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an  ...)
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2781
 CVE-2018-19825
 	RESERVED
-CVE-2018-19824
+CVE-2018-19824 (In the Linux kernel through 4.19.6, a local user could exploit a use-a ...)
 	- linux 4.19.9-1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1118152
 CVE-2018-19823
 	RESERVED
-CVE-2018-19822
+CVE-2018-19822 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19821
+CVE-2018-19821 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19820
+CVE-2018-19820 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19819
+CVE-2018-19819 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19818
+CVE-2018-19818 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19817
+CVE-2018-19817 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19816
+CVE-2018-19816 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19815
+CVE-2018-19815 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19814
+CVE-2018-19814 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19813
+CVE-2018-19813 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19812
+CVE-2018-19812 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19811
+CVE-2018-19811 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19810
+CVE-2018-19810 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19809
+CVE-2018-19809 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-1002105
+CVE-2018-1002105 (In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, in ...)
 	- kubernetes <unfixed> (bug #915828)
 	NOTE: https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88
 	NOTE: https://github.com/kubernetes/kubernetes/issues/71411
@@ -3164,55 +3164,55 @@ CVE-2018-19801
 	RESERVED
 CVE-2018-19800
 	RESERVED
-CVE-2018-19799
+CVE-2018-19799 (Dolibarr ERP/CRM through 8.0.3 has /exports/export.php?datatoexport= X ...)
 	- dolibarr <removed>
 CVE-2018-19798
 	RESERVED
-CVE-2018-19797
+CVE-2018-19797 (In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Sel ...)
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2779
-CVE-2018-19796
+CVE-2018-19796 (An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPre ...)
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2018-19795
+CVE-2018-19795 (ChipsBank UMPTool saves the password to the NAND with a simple substit ...)
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2018-19794
+CVE-2018-19794 (Cross-site scripting (XSS) vulnerability in UiV2Public.index in Intern ...)
 	NOT-FOR-US: ChipsBank UMPTool
-CVE-2018-19793
+CVE-2018-19793 (jiacrontab 1.4.5 allows remote attackers to execute arbitrary commands ...)
 	NOT-FOR-US: Internet2 Grouper
-CVE-2018-19792
+CVE-2018-19792 (The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows local us ...)
 	NOT-FOR-US: OpenLiteSpeed
-CVE-2018-19791
+CVE-2018-19791 (The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 does not correc ...)
 	NOT-FOR-US: OpenLiteSpeed
-CVE-2018-19790
+CVE-2018-19790 (An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x  ...)
 	{DLA-1707-1}
 	- symfony 3.4.20+dfsg-1
 	NOTE: https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http
-CVE-2018-19789
+CVE-2018-19789 (An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2 ...)
 	{DLA-1707-1}
 	- symfony 3.4.20+dfsg-1
 	NOTE: https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path
-CVE-2018-19788
+CVE-2018-19788 (A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user wi ...)
 	{DSA-4350-1 DLA-1644-1}
 	- policykit-1 0.105-23 (bug #915332)
 	NOTE: https://gitlab.freedesktop.org/polkit/polkit/issues/74
 	NOTE: https://gitlab.freedesktop.org/polkit/polkit/merge_requests/14
 	NOTE: https://gitlab.freedesktop.org/polkit/polkit/commit/2cb40c4d5feeaa09325522bd7d97910f1b59e379
 	NOTE: https://gitlab.freedesktop.org/polkit/polkit/commit/b534a10727455409acd54018a9c91000e7626126
-CVE-2018-19787
+CVE-2018-19787 (An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in th ...)
 	{DLA-1604-1}
 	- lxml 4.2.5-1
 	[stretch] - lxml <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109 (lxml-4.2.5)
-CVE-2018-19786
+CVE-2018-19786 (HashiCorp Vault before 1.0.0 writes the master key to the server log i ...)
 	NOT-FOR-US: HashiCorp Vault
-CVE-2018-19785
+CVE-2018-19785 (PHP-Proxy through 5.1.0 has Cross-Site Scripting (XSS) via the URL fie ...)
 	NOT-FOR-US: PHP-Proxy
-CVE-2018-19784
+CVE-2018-19784 (The str_rot_pass function in vendor/atholn1600/php-proxy/src/helpers.p ...)
 	NOT-FOR-US: PHP-Proxy
-CVE-2018-19783
+CVE-2018-19783 (Kentix MultiSensor-LAN 5.63.00 devices and previous allow Authenticati ...)
 	TODO: check
-CVE-2018-19782
+CVE-2018-19782 (Multiple cross-site scripting (XSS) vulnerabilities in GET requests in ...)
 	NOT-FOR-US: FreshRSS
 CVE-2018-19781
 	RESERVED
@@ -3222,53 +3222,53 @@ CVE-2018-19779
 	RESERVED
 CVE-2018-19778
 	RESERVED
-CVE-2018-19777
+CVE-2018-19777 (In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg ...)
 	- mupdf <unfixed> (unimportant; bug #915137)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700301
 	NOTE: No security impact, hang in GUI/CLI tool
 CVE-2018-19776
 	RESERVED
-CVE-2018-19775
+CVE-2018-19775 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19774
+CVE-2018-19774 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19773
+CVE-2018-19773 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19772
+CVE-2018-19772 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19771
+CVE-2018-19771 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19770
+CVE-2018-19770 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19769
+CVE-2018-19769 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19768
+CVE-2018-19768 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19767
+CVE-2018-19767 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19766
+CVE-2018-19766 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
-CVE-2018-19765
+CVE-2018-19765 (Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (b ...)
 	NOT-FOR-US: InfoVista VistaPortal SE
 CVE-2018-19764
 	REJECTED
-CVE-2018-19763
+CVE-2018-19763 (There is a heap-based buffer over-read at writer.c (function: write_pn ...)
 	- libsixel <undetermined>
-CVE-2018-19762
+CVE-2018-19762 (There is a heap-based buffer overflow at fromsixel.c (function: image_ ...)
 	- libsixel <undetermined>
-CVE-2018-19761
+CVE-2018-19761 (There is an illegal address access at fromsixel.c (function: sixel_dec ...)
 	- libsixel <undetermined>
-CVE-2018-19760
+CVE-2018-19760 (cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak. ...)
 	- confuse <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1649152
 	NOTE: https://github.com/martinh/libconfuse/issues/120
 	NOTE: https://github.com/martinh/libconfuse/commit/5f0e9ea4213d4047649c462e4f1b59a082af58e2
 	NOTE: Issue caused by premature exit without cleanup on an error in the caller
 	NOTE: not in the library; Negligible security impact in itself and disputed.
-CVE-2018-19759
+CVE-2018-19759 (There is a heap-based buffer over-read at stb_image_write.h (function: ...)
 	- libsixel <undetermined>
 	NOTE: https://github.com/saitoha/libsixel/issues/77
-CVE-2018-19758
+CVE-2018-19758 (There is a heap-based buffer over-read at wav.c in wav_write_header in ...)
 	{DLA-1632-1}
 	- libsndfile 1.0.28-5 (bug #917416)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
@@ -3276,29 +3276,29 @@ CVE-2018-19758
 	NOTE: https://github.com/erikd/libsndfile/issues/435
 	NOTE: https://github.com/erikd/libsndfile/commit/42132c543358cee9f7c3e9e9b15bb6c1063a608e
 	NOTE: when fixing this issue, the fix needs to be made complete to not open CVE-2019-3832
-CVE-2018-19757
+CVE-2018-19757 (There is a NULL pointer dereference at function sixel_helper_set_addit ...)
 	- libsixel <undetermined>
-CVE-2018-19756
+CVE-2018-19756 (There is a heap-based buffer over-read at stb_image.h (function: stbi_ ...)
 	TODO: check
-CVE-2018-19755
+CVE-2018-19755 (There is an illegal address access at asm/preproc.c (function: is_mmac ...)
 	- nasm <unfixed> (bug #915087)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392528
 	NOTE: https://repo.or.cz/nasm.git/commit/3079f7966dbed4497e36d5067cbfd896a90358cb
-CVE-2018-19754
+CVE-2018-19754 (Tarantella Enterprise before 3.11 allows bypassing Access Control. ...)
 	NOT-FOR-US: Tarantella Enterprise
-CVE-2018-19753
+CVE-2018-19753 (Tarantella Enterprise before 3.11 allows Directory Traversal. ...)
 	NOT-FOR-US: Tarantella Enterprise
-CVE-2018-19752
+CVE-2018-19752 (DomainMOD through 4.11.01 has XSS via the assets/add/registrar.php not ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-19751
+CVE-2018-19751 (DomainMOD through 4.11.01 has XSS via the admin/ssl-fields/add.php not ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-19750
+CVE-2018-19750 (DomainMOD through 4.11.01 has XSS via the admin/domain-fields/ notes f ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-19749
+CVE-2018-19749 (DomainMOD through 4.11.01 has XSS via the assets/add/account-owner.php ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-19748
+CVE-2018-19748 (app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows ...)
 	NOT-FOR-US: SDCMS
 CVE-2018-19747
 	REJECTED
@@ -3338,67 +3338,67 @@ CVE-2018-19730
 	REJECTED
 CVE-2018-19729
 	REJECTED
-CVE-2018-19728
+CVE-2018-19728 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19727
+CVE-2018-19727 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a r ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19726
+CVE-2018-19726 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a s ...)
 	NOT-FOR-US: Adobe
 CVE-2018-19725
 	REJECTED
-CVE-2018-19724
+CVE-2018-19724 (Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19723
+CVE-2018-19723 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19722
+CVE-2018-19722 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19721
+CVE-2018-19721 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19720
+CVE-2018-19720 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19719
+CVE-2018-19719 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19718
+CVE-2018-19718 (Adobe Connect versions 9.8.1 and earlier have a session token exposure ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19717
+CVE-2018-19717 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19716
+CVE-2018-19716 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19715
+CVE-2018-19715 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19714
+CVE-2018-19714 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19713
+CVE-2018-19713 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19712
+CVE-2018-19712 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19711
+CVE-2018-19711 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19710
+CVE-2018-19710 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19709
+CVE-2018-19709 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19708
+CVE-2018-19708 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19707
+CVE-2018-19707 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19706
+CVE-2018-19706 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19705
+CVE-2018-19705 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19704
+CVE-2018-19704 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19703
+CVE-2018-19703 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19702
+CVE-2018-19702 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19701
+CVE-2018-19701 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19700
+CVE-2018-19700 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19699
+CVE-2018-19699 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-19698
+CVE-2018-19698 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
 CVE-2018-1000819
 	REJECTED
@@ -3410,11 +3410,11 @@ CVE-2018-19696
 	RESERVED
 CVE-2018-19695
 	RESERVED
-CVE-2018-19694
+CVE-2018-19694 (HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous hav ...)
 	TODO: check
-CVE-2018-19693
+CVE-2018-19693 (An issue was discovered in tp5cms through 2017-05-25. admin.php/system ...)
 	NOT-FOR-US: tp5cms
-CVE-2018-19692
+CVE-2018-19692 (An issue was discovered in tp5cms through 2017-05-25. admin.php/upload ...)
 	NOT-FOR-US: tp5cms
 CVE-2018-19691
 	RESERVED
@@ -3466,9 +3466,9 @@ CVE-2018-19668
 	RESERVED
 CVE-2018-19667
 	RESERVED
-CVE-2018-19666
+CVE-2018-19666 (The agent in OSSEC through 3.1.0 on Windows allows local users to gain ...)
 	- ossec-hids <itp> (bug #361954)
-CVE-2018-19665
+CVE-2018-19665 (The Bluetooth subsystem in QEMU mishandles negative values for length  ...)
 	- qemu 1:3.1+dfsg-2 (low; bug #916278)
 	[stretch] - qemu <postponed> (Revisit when final upstream patch is out)
 	[jessie] - qemu <postponed> (Revisit when final upstream patch is out)
@@ -3476,30 +3476,30 @@ CVE-2018-19665
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg03570.html
 	NOTE: note that previously mentioned patch will never be merged by upstream, see
 	NOTE: https://lists.debian.org/debian-lts/2019/01/msg00073.html
-CVE-2018-19664
+CVE-2018-19664 (libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel ...)
 	- libjpeg-turbo <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305
 	NOTE: Introduced in: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/aa7459050d7a50e1d8a99488902d41fbc118a50f
 	NOTE: Fixed by: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/f8cca819a4fb42aafa5f70df43c45e8c416d716f
 CVE-2018-19663
 	RESERVED
-CVE-2018-19662
+CVE-2018-19662 (An issue was discovered in libsndfile 1.0.28. There is a buffer over-r ...)
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (low)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/429
 	NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
 	NOTE: similar to CVE-2017-17456/CVE-2017-17457 (but not duplicate)
-CVE-2018-19661
+CVE-2018-19661 (An issue was discovered in libsndfile 1.0.28. There is a buffer over-r ...)
 	{DLA-1618-1}
 	- libsndfile 1.0.28-5 (low)
 	[stretch] - libsndfile <no-dsa> (Minor issue)
 	NOTE: https://github.com/erikd/libsndfile/issues/429
 	NOTE: https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f
 	NOTE: similar to CVE-2017-17456/CVE-2017-17457 (but not duplicate)
-CVE-2018-19660
+CVE-2018-19660 (An exploitable authenticated command-injection vulnerability exists in ...)
 	NOT-FOR-US: Moxa
-CVE-2018-19659
+CVE-2018-19659 (An exploitable authenticated command-injection vulnerability exists in ...)
 	NOT-FOR-US: Moxa
 CVE-2018-19658
 	RESERVED
@@ -3507,29 +3507,29 @@ CVE-2018-19657
 	RESERVED
 CVE-2018-19656
 	RESERVED
-CVE-2018-19655
+CVE-2018-19655 (A stack-based buffer overflow in the find_green() function of dcraw th ...)
 	- ufraw 0.22-3.1 (unimportant; bug #890086)
 	- dcraw 9.28-2 (unimportant; bug #906529)
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19654
+CVE-2018-19654 (An issue was discovered in Sales &amp; Company Management System (SCMS ...)
 	NOT-FOR-US: Sales & Company Management System (SCMS)
-CVE-2018-19653
+CVE-2018-19653 (HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent  ...)
 	NOT-FOR-US: HashiCorp Consul
 CVE-2018-19652
 	RESERVED
-CVE-2018-19651
+CVE-2018-19651 (admin/functions/remote.php in Interspire Email Marketer through 6.1.6  ...)
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2018-19650
+CVE-2018-19650 (Local attackers can trigger a stack-based buffer overflow on vulnerabl ...)
 	NOT-FOR-US: Antiy-AVL ATool security management
-CVE-2018-19649
+CVE-2018-19649 (XSS exists in InfoVista VistaPortal SE Version 5.1 (build 51029). VPor ...)
 	NOT-FOR-US: InfoVista VistaPortal
 CVE-2018-19648
 	RESERVED
 CVE-2018-19647
 	RESERVED
-CVE-2018-19646
+CVE-2018-19646 (The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10 ...)
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2018-19645
+CVE-2018-19645 (An Authentication Bypass issue exists in Solutions Business Manager (S ...)
 	NOT-FOR-US: Solutions Business Manager (SBM)
 CVE-2018-19644
 	RESERVED
@@ -3539,19 +3539,19 @@ CVE-2018-19642
 	RESERVED
 CVE-2018-19641
 	RESERVED
-CVE-2018-19640
+CVE-2018-19640 (If the attacker manages to create files in the directory used to colle ...)
 	NOT-FOR-US: SLES support scripts
-CVE-2018-19639
+CVE-2018-19639 (If supportutils before version 3.1-5.7.1 is run with -v to perform rpm ...)
 	NOT-FOR-US: SLES support scripts
-CVE-2018-19638
+CVE-2018-19638 (In supportutils, before version 3.1-5.7.1 and if pacemaker is installe ...)
 	NOT-FOR-US: SLES support scripts
-CVE-2018-19637
+CVE-2018-19637 (Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp ...)
 	NOT-FOR-US: SLES support scripts
-CVE-2018-19636
+CVE-2018-19636 (Supportutils, before version 3.1-5.7.1, when run with command line arg ...)
 	NOT-FOR-US: SLES support scripts
-CVE-2018-19635
+CVE-2018-19635 (CA Service Desk Manager 14.1 and 17 contain a vulnerability that can a ...)
 	NOT-FOR-US: CA Service Desk Manager
-CVE-2018-19634
+CVE-2018-19634 (CA Service Desk Manager 14.1 and 17 contain a vulnerability that can a ...)
 	NOT-FOR-US: CA Service Desk Manager
 CVE-2018-19633
 	RESERVED
@@ -3559,57 +3559,57 @@ CVE-2018-19632
 	RESERVED
 CVE-2018-19631
 	RESERVED
-CVE-2018-19630
+CVE-2018-19630 (cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE throu ...)
 	NOT-FOR-US: uhttpd (in OpenWRT and LEDE)
 CVE-2018-19629
 	RESERVED
-CVE-2018-19628
+CVE-2018-19628 (In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. Thi ...)
 	{DSA-4359-1}
 	- wireshark 2.6.5-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present, zigbee color control support added in v2.1.0)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15281
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=212b18825d9b668cda23d334c48867dfa66b2b36
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-57.html
-CVE-2018-19627
+CVE-2018-19627 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file p ...)
 	{DSA-4359-1}
 	- wireshark 2.6.5-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present, variable buffer to find_signature introduced in 2.4.0 with OCTO support)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15279
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bdc33cfaecb1b4cf2c114ed9015713ddf8569a60
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-55.html
-CVE-2018-19626
+CVE-2018-19626 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector co ...)
 	{DSA-4359-1 DLA-1634-1}
 	- wireshark 2.6.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15130
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c5a65115ebab55cfd5ce0a855c2256e01cab6449
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-52.html
-CVE-2018-19625
+CVE-2018-19625 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine ...)
 	{DSA-4359-1 DLA-1634-1}
 	- wireshark 2.6.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14466
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dc4d209f39132a4ae05675a11609176ae9705cfc
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-51.html
-CVE-2018-19624
+CVE-2018-19624 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector co ...)
 	{DSA-4359-1 DLA-1634-1}
 	- wireshark 2.6.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15280
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3e319db1107b08fc3be804b6d449143ec9aa0dec
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-56.html
-CVE-2018-19623
+CVE-2018-19623 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector  ...)
 	{DSA-4359-1 DLA-1634-1}
 	- wireshark 2.6.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9c8645ec7b28e4d7193962ecd2a418613bf6a84f
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-53.html
-CVE-2018-19622
+CVE-2018-19622 (In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector co ...)
 	{DSA-4359-1 DLA-1634-1}
 	- wireshark 2.6.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15250
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3b7555d32d11862f0e500ec466ad6bfe54190076
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-54.html
-CVE-2018-19621
+CVE-2018-19621 (server/index.php?s=/api/teamMember/save in ShowDoc 2.4.2 has a CSRF th ...)
 	NOT-FOR-US: ShowDoc
-CVE-2018-19620
+CVE-2018-19620 (ShowDoc 2.4.1 allows remote attackers to edit other users' notes by na ...)
 	NOT-FOR-US: ShowDoc
 CVE-2018-19619
 	RESERVED
@@ -3617,9 +3617,9 @@ CVE-2018-19618
 	RESERVED
 CVE-2018-19617
 	RESERVED
-CVE-2018-19616
+CVE-2018-19616 (An issue was discovered in Rockwell Automation Allen-Bradley PowerMoni ...)
 	NOT-FOR-US: Rockwell Automation Allen-Bradley PowerMonitor 1000
-CVE-2018-19615
+CVE-2018-19615 (Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. A re ...)
 	NOT-FOR-US: Rockwell Automation Allen-Bradley PowerMonitor 1000
 CVE-2018-19614
 	RESERVED
@@ -3631,16 +3631,16 @@ CVE-2018-19611
 	RESERVED
 CVE-2018-19610
 	RESERVED
-CVE-2018-19609
+CVE-2018-19609 (ShowDoc 2.4.1 allows remote attackers to obtain sensitive information  ...)
 	NOT-FOR-US: ShowDoc
-CVE-2018-19608
+CVE-2018-19608 (Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a l ...)
 	- mbedtls 2.14.1-1 (bug #915796)
 	[stretch] - mbedtls <no-dsa> (Minor issue)
 	- polarssl <removed>
 	NOTE: http://cat.eyalro.net/
 	NOTE: https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03
-CVE-2018-19607
+CVE-2018-19607 (Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote att ...)
 	[experimental] - exiv2 <unfixed> (bug #915134)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://github.com/Exiv2/exiv2/commit/97e7905a8b90fcbd5e8c440ad7d55bf8ffe007e5
@@ -3655,19 +3655,19 @@ CVE-2018-19603
 	RESERVED
 CVE-2018-19602
 	RESERVED
-CVE-2018-19601
+CVE-2018-19601 (Rhymix CMS 1.9.8.1 allows SSRF via an index.php?module=admin&amp;act=d ...)
 	NOT-FOR-US: Rhymix CMS
-CVE-2018-19600
+CVE-2018-19600 (Rhymix CMS 1.9.8.1 allows XSS via an index.php?module=admin&amp;act=di ...)
 	NOT-FOR-US: Rhymix CMS
 CVE-2018-19599
 	RESERVED
-CVE-2018-19598
+CVE-2018-19598 (Statamic 2.10.3 allows XSS via First Name or Last Name to the /users U ...)
 	NOT-FOR-US: Statamic
-CVE-2018-19597
+CVE-2018-19597 (CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a relat ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-19596
+CVE-2018-19596 (Zurmo 3.2.4 allows HTML Injection via an admin's use of HTML in the re ...)
 	NOT-FOR-US: Zurmo
-CVE-2018-19595
+CVE-2018-19595 (PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to execute ar ...)
 	NOT-FOR-US: PbootCMS
 CVE-2018-19594
 	RESERVED
@@ -3675,7 +3675,7 @@ CVE-2018-19593
 	RESERVED
 CVE-2018-19592
 	RESERVED
-CVE-2018-19591
+CVE-2018-19591 (In the GNU C Library (aka glibc or libc6) through 2.28, attempting to  ...)
 	- glibc 2.28-1 (bug #914837)
 	[stretch] - glibc <not-affected> (Vulnerable code introduced later and not backported to stretch)
 	[jessie] - glibc <not-affected> (Vulnerable code introduced later and not backported to jessie)
@@ -3689,7 +3689,7 @@ CVE-2018-19589
 	RESERVED
 CVE-2018-19588
 	RESERVED
-CVE-2018-19587
+CVE-2018-19587 (In Cesanta Mongoose 6.13, a SIGSEGV exists in the mongoose.c mg_mqtt_a ...)
 	NOT-FOR-US: Cesanta Mongoose
 	NOTE: smplayer embeds a copy, which is unused in any released version and disabled since 18.5.0~ds1-1
 CVE-2018-19586
@@ -3762,65 +3762,65 @@ CVE-2018-19569
 	RESERVED
 	- gitlab 11.3.11+dfsg-1
 	NOTE: https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/
-CVE-2018-19568
+CVE-2018-19568 (A floating point exception in kodak_radc_load_raw in dcraw through 9.2 ...)
 	- dcraw <unfixed> (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/23/1
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19567
+CVE-2018-19567 (A floating point exception in parse_tiff_ifd in dcraw through 9.28 cou ...)
 	- dcraw <unfixed> (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/23/1
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19566
+CVE-2018-19566 (A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could  ...)
 	- dcraw <unfixed> (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/23/1
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19565
+CVE-2018-19565 (A buffer over-read in crop_masked_pixels in dcraw through 9.28 could b ...)
 	- dcraw <unfixed> (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/23/1
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19564
+CVE-2018-19564 (Stored XSS was discovered in the Easy Testimonials plugin 3.2 for Word ...)
 	NOT-FOR-US: Easy Testimonials plugin for WordPress
 CVE-2018-19563
 	RESERVED
-CVE-2018-19562
+CVE-2018-19562 (An issue was discovered in PHPok 4.9.015. admin.php?c=update&amp;f=unz ...)
 	NOT-FOR-US: PHPok
-CVE-2018-19561
+CVE-2018-19561 (sikcms 1.1 has CSRF via admin.php?m=Admin&amp;c=Users&amp;a=userAdd to ...)
 	NOT-FOR-US: sikcms
-CVE-2018-19560
+CVE-2018-19560 (BageCMS 3.1.3 has CSRF via upload/index.php?r=admini/admin/ownerUpdate ...)
 	NOT-FOR-US: BageCMS
-CVE-2018-19559
+CVE-2018-19559 (CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ ...)
 	NOT-FOR-US: CuppaCMS
-CVE-2018-19558
+CVE-2018-19558 (An issue was discovered in arcms through 2018-03-19. SQL injection exi ...)
 	NOT-FOR-US: arcms
-CVE-2018-19557
+CVE-2018-19557 (An issue was discovered in arcms through 2018-03-19. No authentication ...)
 	NOT-FOR-US: arcms
-CVE-2018-19556
+CVE-2018-19556 (zb_system/admin/index.php?act=UploadMng in Z-BlogPHP 1.5 mishandles fi ...)
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-19555
+CVE-2018-19555 (tp4a TELEPORT 3.1.0 has CSRF via user/do-reset-password to change any  ...)
 	NOT-FOR-US: tp4a TELEPORT
-CVE-2018-19554
+CVE-2018-19554 (An issue was discovered in Dotcms through 5.0.3. Attackers may perform ...)
 	NOT-FOR-US: dotCMS
-CVE-2018-19553
+CVE-2018-19553 (Interspire Email Marketer through 6.1.6 has SQL Injection via an updat ...)
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2018-19552
+CVE-2018-19552 (Interspire Email Marketer through 6.1.6 has SQL Injection via a delete ...)
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2018-19551
+CVE-2018-19551 (Interspire Email Marketer through 6.1.6 has SQL Injection via a checkd ...)
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2018-19550
+CVE-2018-19550 (Interspire Email Marketer through 6.1.6 allows arbitrary file upload v ...)
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2018-19549
+CVE-2018-19549 (Interspire Email Marketer through 6.1.6 has SQL Injection via a tagids ...)
 	NOT-FOR-US: Interspire Email Marketer
-CVE-2018-19548
+CVE-2018-19548 (index.php?r=site%2Flogin in EduSec through 4.2.6 does not restrict sen ...)
 	NOT-FOR-US: EduSec
-CVE-2018-19547
+CVE-2018-19547 (JTBC(PHP) 3.0.1.7 has XSS via the console/xml/manage.php?type=action&a ...)
 	NOT-FOR-US: JTBC(PHP)
-CVE-2018-19546
+CVE-2018-19546 (JTBC(PHP) 3.0.1.7 has CSRF via the console/xml/manage.php?type=action& ...)
 	NOT-FOR-US: JTBC(PHP)
-CVE-2018-19545
+CVE-2018-19545 (JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user. ...)
 	NOT-FOR-US: JEECMS
-CVE-2018-19544
+CVE-2018-19544 (JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news. ...)
 	NOT-FOR-US: JEECMS
-CVE-2018-19543
+CVE-2018-19543 (An issue was discovered in JasPer 2.0.14. There is a heap-based buffer ...)
 	- jasper <removed>
 	[jessie] - jasper <postponed> (Code appears to work correctly but wait for more information)
 	NOTE: https://github.com/mdadams/jasper/issues/182
@@ -3828,29 +3828,29 @@ CVE-2018-19543
 	NOTE: introduced with the fix for CVE-2014-8138, works as expected and
 	NOTE: jasper terminates properly. Still I am going to mark this bug as
 	NOTE: postponed until we receive feedback from upstream.
-CVE-2018-19542
+CVE-2018-19542 (An issue was discovered in JasPer 2.0.14. There is a NULL pointer dere ...)
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/182
-CVE-2018-19541
+CVE-2018-19541 (An issue was discovered in JasPer 2.0.14. There is a heap-based buffer ...)
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/182
-CVE-2018-19540
+CVE-2018-19540 (An issue was discovered in JasPer 2.0.14. There is a heap-based buffer ...)
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/182
-CVE-2018-19539
+CVE-2018-19539 (An issue was discovered in JasPer 2.0.14. There is an access violation ...)
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/182
 CVE-2018-19538
 	RESERVED
-CVE-2018-19537
+CVE-2018-19537 (TP-Link Archer C5 devices through V2_160201_US allow remote command ex ...)
 	NOT-FOR-US: TP-Link Archer C5 devices
 CVE-2018-19536
 	RESERVED
-CVE-2018-19535
+CVE-2018-19535 (In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngch ...)
 	{DLA-1691-1}
 	- exiv2 <unfixed> (bug #915135)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
@@ -3860,37 +3860,37 @@ CVE-2018-19534
 	RESERVED
 CVE-2018-19533
 	RESERVED
-CVE-2018-19532
+CVE-2018-19532 (A NULL pointer dereference vulnerability exists in the function PdfTra ...)
 	- libpodofo 0.9.6+dfsg-4 (low; bug #916085)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/podofo/tickets/32/
 	NOTE: https://sourceforge.net/p/podofo/code/1950/
-CVE-2018-19531
+CVE-2018-19531 (HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote c ...)
 	NOT-FOR-US: HTTL
-CVE-2018-19530
+CVE-2018-19530 (HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote c ...)
 	NOT-FOR-US: HTTL
 CVE-2018-19529
 	RESERVED
-CVE-2018-19528
+CVE-2018-19528 (TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a  ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-19527
+CVE-2018-19527 (i4 assistant 7.85 allows XSS via a crafted machine name field within i ...)
 	NOT-FOR-US: i4 assistant
 CVE-2018-19526
 	RESERVED
-CVE-2018-19525
+CVE-2018-19525 (An issue was discovered on Systrome ISG-600C, ISG-600H, and ISG-800W 1 ...)
 	TODO: check
-CVE-2018-19524
+CVE-2018-19524 (An issue was discovered on Shenzhen Skyworth DT741 Converged Intellige ...)
 	TODO: check
-CVE-2018-19523
+CVE-2018-19523 (DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows ...)
 	NOT-FOR-US: DriverAgent
-CVE-2018-19522
+CVE-2018-19522 (DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows ...)
 	NOT-FOR-US: DriverAgent
 CVE-2018-19521
 	RESERVED
-CVE-2018-19520
+CVE-2018-19520 (An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controlle ...)
 	NOT-FOR-US: SDCMS
-CVE-2018-19519
+CVE-2018-19519 (In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_p ...)
 	- tcpdump <unfixed> (unimportant)
 	NOTE: https://github.com/zyingp/temp/blob/master/tcpdump.md
 	NOTE: Crash in CLI tool, no security impact
@@ -3900,48 +3900,48 @@ CVE-2018-19516
 	[stretch] - kf5-messagelib <no-dsa> (Minor issue)
 	NOTE: https://www.kde.org/info/security/advisory-20181128-1.txt
 	NOTE: https://cgit.kde.org/messagelib.git/commit/?id=34765909cdf8e55402a8567b48fb288839c61612
-CVE-2018-19515
+CVE-2018-19515 (In Webgalamb through 7.0, system/ajax.php functionality is supposed to ...)
 	TODO: check
-CVE-2018-19514
+CVE-2018-19514 (In Webgalamb through 7.0, an arbitrary code execution vulnerability co ...)
 	TODO: check
-CVE-2018-19513
+CVE-2018-19513 (In Webgalamb through 7.0, log files are exposed to the internet with p ...)
 	TODO: check
-CVE-2018-19512
+CVE-2018-19512 (In Webgalamb through 7.0, a system/ajax.php "wgmfile restore" director ...)
 	TODO: check
-CVE-2018-19511
+CVE-2018-19511 (wg7.php in Webgalamb 7.0 lacks security measures to prevent CSRF attac ...)
 	TODO: check
-CVE-2018-19510
+CVE-2018-19510 (subscriber.php in Webgalamb through 7.0 is vulnerable to SQL injection ...)
 	TODO: check
-CVE-2018-19509
+CVE-2018-19509 (wg7.php in Webgalamb 7.0 makes opportunistic calls to htmlspecialchars ...)
 	TODO: check
-CVE-2018-19508
+CVE-2018-19508 (CMSimple 4.7.5 has XSS via an admin's upload of an SVG file at a ?user ...)
 	NOT-FOR-US: CMSimple
-CVE-2018-19507
+CVE-2018-19507 (CMSimple 4.7.5 has XSS via an admin's use of a ?file=config&amp;action ...)
 	NOT-FOR-US: CMSimple
-CVE-2018-19506
+CVE-2018-19506 (Zurmo 3.2.4 has XSS via an admin's use of the name parameter in the re ...)
 	NOT-FOR-US: Zurmo
-CVE-2018-19505
+CVE-2018-19505 (Remedy AR System Server in BMC Remedy 7.1 may fail to set the correct  ...)
 	NOT-FOR-US: Remedy AR System Server in BMC Remedy
-CVE-2018-19504
+CVE-2018-19504 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2 ...)
 	- faad2 <unfixed> (low; bug #914641)
 	[stretch] - faad2 <no-dsa> (Minor issue)
 	[jessie] - faad2 <postponed> (Minor issue)
 	NOTE: https://sourceforge.net/p/faac/bugs/240/
-CVE-2018-19503
+CVE-2018-19503 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2 ...)
 	- faad2 <unfixed> (bug #914641)
 	NOTE: https://sourceforge.net/p/faac/bugs/240/
-CVE-2018-19502
+CVE-2018-19502 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2 ...)
 	- faad2 <unfixed> (bug #914641)
 	NOTE: https://sourceforge.net/p/faac/bugs/240/
 CVE-2018-19501
 	RESERVED
 CVE-2018-19500
 	RESERVED
-CVE-2018-19499
+CVE-2018-19499 (Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code Executi ...)
 	NOT-FOR-US: Vanilla
-CVE-2018-19498
+CVE-2018-19498 (The Simplenia Pages plugin 2.6.0 for Atlassian Bitbucket Server has XS ...)
 	TODO: check
-CVE-2018-19497
+CVE-2018-19497 (In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs. ...)
 	{DLA-1610-1}
 	- sleuthkit <unfixed> (low; bug #914796)
 	[stretch] - sleuthkit <no-dsa> (Minor issue)
@@ -3963,7 +3963,7 @@ CVE-2018-19493
 	RESERVED
 	- gitlab 11.3.11+dfsg-1
 	NOTE: https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/
-CVE-2018-19492
+CVE-2018-19492 (An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allo ...)
 	{DLA-1597-1 DLA-1595-1}
 	- gnuplot <unfixed> (unimportant)
 	- gnuplot5 <removed> (unimportant)
@@ -3972,7 +3972,7 @@ CVE-2018-19492
 	NOTE: No security impact, neutralised by toolchain hardening
 	NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source,
 	NOTE: see README.Debian.security (added in 5.2.6)
-CVE-2018-19491
+CVE-2018-19491 (An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allow ...)
 	{DLA-1597-1 DLA-1595-1}
 	- gnuplot <unfixed> (unimportant)
 	- gnuplot5 <removed> (unimportant)
@@ -3980,7 +3980,7 @@ CVE-2018-19491
 	NOTE: https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/
 	NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source,
 	NOTE: see README.Debian.security (added in 5.2.6)
-CVE-2018-19490
+CVE-2018-19490 (An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue all ...)
 	{DLA-1597-1 DLA-1595-1}
 	- gnuplot <unfixed> (unimportant)
 	- gnuplot5 <removed> (unimportant)
@@ -3988,15 +3988,15 @@ CVE-2018-19490
 	NOTE: https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/
 	NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source,
 	NOTE: see README.Debian.security (added in 5.2.6)
-CVE-2018-19489
+CVE-2018-19489 (v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a de ...)
 	{DLA-1646-1}
 	- qemu 1:3.1+dfsg-1 (bug #914727)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=1d20398694a3b67a388d955b7a945ba4aa90a8a8 (master)
-CVE-2018-19488
+CVE-2018-19488 (The WP-jobhunt plugin before version 2.4 for WordPress does not contro ...)
 	TODO: check
-CVE-2018-19487
+CVE-2018-19487 (The WP-jobhunt plugin before version 2.4 for WordPress does not contro ...)
 	TODO: check
 CVE-2018-19485
 	RESERVED
@@ -4012,7 +4012,7 @@ CVE-2018-19480
 	RESERVED
 CVE-2018-19479
 	RESERVED
-CVE-2018-19478
+CVE-2018-19478 (In Artifex Ghostscript before 9.26, a carefully crafted PDF file can t ...)
 	{DSA-4346-1 DLA-1620-1}
 	- ghostscript 9.26~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699856
@@ -4027,9 +4027,9 @@ CVE-2018-19471
 	RESERVED
 CVE-2018-19470
 	RESERVED
-CVE-2018-19469
+CVE-2018-19469 (ArticleCMS through 2017-02-19 has XSS via the /update_personal_infomat ...)
 	NOT-FOR-US: ArticleCMS
-CVE-2018-19468
+CVE-2018-19468 (HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_clas ...)
 	NOT-FOR-US: HuCart
 CVE-2018-19467
 	RESERVED
@@ -4037,9 +4037,9 @@ CVE-2018-19466
 	RESERVED
 CVE-2018-19465
 	RESERVED
-CVE-2018-19464
+CVE-2018-19464 (Discuz! X3.4 allows XSS via admin.php because admincp/admincp_setting. ...)
 	NOT-FOR-US: Discuz!
-CVE-2018-19463
+CVE-2018-19463 (** DISPUTED ** zb_system/function/lib/upload.php in Z-BlogPHP through  ...)
 	NOT-FOR-US: Z-BlogPHP
 CVE-2018-19462
 	RESERVED
@@ -4047,41 +4047,41 @@ CVE-2018-19461
 	RESERVED
 CVE-2018-19460
 	RESERVED
-CVE-2018-19459
+CVE-2018-19459 (Adult Filter 1.0 has a Buffer Overflow via a crafted Black Domain List ...)
 	NOT-FOR-US: Adult Filter
-CVE-2018-19458
+CVE-2018-19458 (In PHP Proxy 3.0.3, any user can read files from the server without au ...)
 	NOT-FOR-US: PHP Proxy
-CVE-2018-19457
+CVE-2018-19457 (Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which le ...)
 	NOT-FOR-US: Logicspice FAQ Script
 CVE-2018-19456
 	RESERVED
 CVE-2018-19455
 	RESERVED
-CVE-2018-19486
+CVE-2018-19486 (Git before 2.19.2 on Linux and UNIX executes commands from the current ...)
 	- git 1:2.19.2-1
 	[stretch] - git <not-affected> (Vulnerable code introduced later)
 	[jessie] - git <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=321fd82389742398d2924640ce3a61791fd27d60
 	NOTE: Introduced by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=e3a434468fecca7c14a6bef32050dfa60534fde6
-CVE-2018-19477
+CVE-2018-19477 (psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attacke ...)
 	{DSA-4346-1 DLA-1598-1}
 	- ghostscript 9.26~dfsg-1
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ef252e7dc214bcbd9a2539216aab9202848602bb (ghostscript-9.26)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=606a22e77e7f081781e99e44644cd0119f559e03 (master)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700168
-CVE-2018-19476
+CVE-2018-19476 (psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers  ...)
 	{DSA-4346-1 DLA-1598-1}
 	- ghostscript 9.26~dfsg-1
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=67d760ab775dae4efe803b5944b0439aa3c0b04a (ghostscript-9.26)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=434753adbe8be5534bfb9b7d91746023e8073d16 (master)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700169
-CVE-2018-19475
+CVE-2018-19475 (psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attack ...)
 	{DSA-4346-1 DLA-1598-1}
 	- ghostscript 9.26~dfsg-1
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3005fcb9bb160af199e761e03bc70a9f249a987e (ghostscript-9.26)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=aeea342904978c9fe17d85f4906a0f6fcce2d315 (master)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700153
-CVE-2018-19518
+CVE-2018-19518 (University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_o ...)
 	{DSA-4353-1 DLA-1700-1 DLA-1608-1}
 	- php7.3 7.3.0-1 (bug #913775)
 	- php7.2 <removed> (bug #913835)
@@ -4121,27 +4121,27 @@ CVE-2018-19442
 	RESERVED
 CVE-2018-19441
 	RESERVED
-CVE-2018-19440
+CVE-2018-19440 (ARM Trusted Firmware-A allows information disclosure. ...)
 	NOT-FOR-US: ARM Trusted Firmware-A
-CVE-2018-19439
+CVE-2018-19439 (XSS exists in the Administration Console in Oracle Secure Global Deskt ...)
 	NOT-FOR-US: Oracle
 CVE-2018-19438
 	RESERVED
-CVE-2018-19443
+CVE-2018-19443 (The client in Tryton 5.x before 5.0.1 tries to make a connection to th ...)
 	- tryton-client <not-affected> (Only affects 5.x, vulnerable 5.0.0 version never in Debian)
 	NOTE: https://discuss.tryton.org/t/security-release-for-issue7792/830
 	NOTE: https://bugs.tryton.org/issue7792
-CVE-2018-19437
+CVE-2018-19437 (UCMS 1.4.7 allows remote authenticated users to change the administrat ...)
 	NOT-FOR-US: UCMS
-CVE-2018-19436
+CVE-2018-19436 (An issue was discovered in the Manufacturing component in webERP 4.15. ...)
 	NOT-FOR-US: webERP
-CVE-2018-19435
+CVE-2018-19435 (An issue was discovered in the Sales component in webERP 4.15. SalesIn ...)
 	NOT-FOR-US: webERP
-CVE-2018-19434
+CVE-2018-19434 (An issue was discovered on the "Bank Account Matching - Receipts" scre ...)
 	NOT-FOR-US: webERP
-CVE-2018-19433
+CVE-2018-19433 (ShowDoc 2.4.1 has XSS via the lang parameter because install/database. ...)
 	NOT-FOR-US: ShowDoc
-CVE-2018-19432
+CVE-2018-19432 (An issue was discovered in libsndfile 1.0.28. There is a NULL pointer  ...)
 	{DLA-1618-1}
 	- libsndfile <unfixed> (unimportant; bug #914381)
 	NOTE: https://github.com/erikd/libsndfile/issues/427
@@ -4163,30 +4163,30 @@ CVE-2018-19426
 	RESERVED
 CVE-2018-19425
 	RESERVED
-CVE-2018-19424
+CVE-2018-19424 (ClipperCMS 1.3.3 allows remote authenticated administrators to upload  ...)
 	NOT-FOR-US: ClipperCMS
-CVE-2018-19423
+CVE-2018-19423 (Codiad 2.8.4 allows remote authenticated administrators to execute arb ...)
 	NOT-FOR-US: Codiad
-CVE-2018-19422
+CVE-2018-19422 (/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2018-19421
+CVE-2018-19421 (In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Inte ...)
 	NOT-FOR-US: GetSimpleCMS
-CVE-2018-19420
+CVE-2018-19420 (In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but ther ...)
 	NOT-FOR-US: GetSimpleCMS
 CVE-2018-19419
 	RESERVED
 CVE-2018-19418
 	RESERVED
-CVE-2018-19417
+CVE-2018-19417 (An issue was discovered in the MQTT server in Contiki-NG before 4.2. T ...)
 	NOT-FOR-US: Contiki-NG
-CVE-2018-19517
+CVE-2018-19517 (An issue was discovered in sysstat 12.1.1. The remap_struct function i ...)
 	[experimental] - sysstat 12.0.3-1
 	- sysstat <unfixed> (low; bug #914553)
 	[stretch] - sysstat <not-affected> (Vulnerable code introduced later)
 	[jessie] - sysstat <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/sysstat/sysstat/issues/199
 	NOTE: Fixed by: https://github.com/sysstat/sysstat/commit/fbc691eaaa10d0bcea6741d5a223dc3906106548
-CVE-2018-19416
+CVE-2018-19416 (An issue was discovered in sysstat 12.1.1. The remap_struct function i ...)
 	[experimental] - sysstat 12.0.3-1
 	- sysstat <unfixed> (low; bug #914384)
 	[stretch] - sysstat <not-affected> (Vulnerable code introduced later)
@@ -4194,19 +4194,19 @@ CVE-2018-19416
 	NOTE: https://github.com/sysstat/sysstat/issues/196
 	NOTE: Fixed by: https://github.com/sysstat/sysstat/commit/fbc691eaaa10d0bcea6741d5a223dc3906106548
 	NOTE: Vulnerable code introduced with https://github.com/sysstat/sysstat/commit/65ac30359e49ee717397e39950d7c24a6610d57c#diff-cccb0877d1539c562536a98e0d17428f
-CVE-2018-19415
+CVE-2018-19415 (Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow remot ...)
 	NOT-FOR-US: Plikli CMS
-CVE-2018-19414
+CVE-2018-19414 (Multiple cross-site scripting (XSS) vulnerabilities in Plikli CMS 4.0. ...)
 	NOT-FOR-US: Plikli CMS
-CVE-2018-19413
+CVE-2018-19413 (A vulnerability in the API of SonarSource SonarQube before 7.4 could a ...)
 	NOT-FOR-US: SonarQube
 CVE-2018-19412
 	RESERVED
-CVE-2018-19411
+CVE-2018-19411 (PRTG Network Monitor before 18.2.40.1683 allows an authenticated user  ...)
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2018-19410
+CVE-2018-19410 (PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated ...)
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2018-19409
+CVE-2018-19409 (An issue was discovered in Artifex Ghostscript before 9.26. LockSafety ...)
 	{DSA-4346-1 DLA-1598-1}
 	- ghostscript 9.26~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700176
@@ -4214,20 +4214,20 @@ CVE-2018-19409
 	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ea1b3ef437f39e45874f821c06bd953196625ac5
 CVE-2018-19408
 	RESERVED
-CVE-2018-19407
+CVE-2018-19407 (The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kerne ...)
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lkml.org/lkml/2018/11/20/580
-CVE-2018-19406
+CVE-2018-19406 (kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4. ...)
 	- linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lkml.org/lkml/2018/11/20/411
 	NOTE: Introduced by: https://git.kernel.org/linus/4180bf1b655a791a0a6ef93a2ffffc762722c782 (4.19-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/38ab012f109caf10f471db1adf284e620dd8d701 (4.20-rc5)
 CVE-2018-19405
 	RESERVED
-CVE-2018-19404
+CVE-2018-19404 (In YXcms 1.4.7, protected/apps/appmanage/controller/indexController.ph ...)
 	NOT-FOR-US: YXcms
 CVE-2018-19403
 	RESERVED
@@ -4243,33 +4243,33 @@ CVE-2018-19398
 	RESERVED
 CVE-2018-19397
 	RESERVED
-CVE-2018-19396
+CVE-2018-19396 (ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attac ...)
 	- php7.3 <not-affected> (Windows-specific)
 	- php7.2 <not-affected> (Windows-specific)
 	- php7.1 <not-affected> (Windows-specific)
 	- php7.0 <not-affected> (Windows-specific)
 	- php5 <not-affected> (Windows-specific)
 	NOTE: https://bugs.php.net/bug.php?id=77177
-CVE-2018-19395
+CVE-2018-19395 (ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attacke ...)
 	- php7.3 <not-affected> (Windows-specific)
 	- php7.2 <not-affected> (Windows-specific)
 	- php7.1 <not-affected> (Windows-specific)
 	- php7.0 <not-affected> (Windows-specific)
 	- php5 <not-affected> (Windows-specific)
 	NOTE: https://bugs.php.net/bug.php?id=77177
-CVE-2018-19394
+CVE-2018-19394 (Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, whi ...)
 	NOT-FOR-US: Cobham Satcom Sailor
-CVE-2018-19393
+CVE-2018-19393 (Cobham Satcom Sailor 800 and 900 devices contained a vulnerability tha ...)
 	NOT-FOR-US: Cobham Satcom Sailor
-CVE-2018-19392
+CVE-2018-19392 (Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an unau ...)
 	NOT-FOR-US: Cobham Satcom Sailor
-CVE-2018-19391
+CVE-2018-19391 (Cobham Satcom Sailor 250 and 500 devices before 1.25 contained persist ...)
 	NOT-FOR-US: Cobham Satcom Sailor
-CVE-2018-19390
+CVE-2018-19390 (FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to ...)
 	NOT-FOR-US: Foxit
-CVE-2018-19389
+CVE-2018-19389 (FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to ...)
 	NOT-FOR-US: Foxit
-CVE-2018-19388
+CVE-2018-19388 (FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to ...)
 	NOT-FOR-US: Foxit
 CVE-2018-19387
 	REJECTED
@@ -4293,7 +4293,7 @@ CVE-2018-19378
 	RESERVED
 CVE-2018-19377
 	RESERVED
-CVE-2018-19376
+CVE-2018-19376 (An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnera ...)
 	NOT-FOR-US: GreenCMS
 CVE-2018-19375
 	RESERVED
@@ -4303,39 +4303,39 @@ CVE-2018-19373
 	RESERVED
 CVE-2018-19372
 	RESERVED
-CVE-2018-19371
+CVE-2018-19371 (The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has a ...)
 	NOT-FOR-US: SDL Web
-CVE-2018-19370
+CVE-2018-19370 (A Race condition vulnerability in unzip_file in admin/import/class-imp ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-19369
 	RESERVED
 CVE-2018-19368
 	RESERVED
-CVE-2018-19367
+CVE-2018-19367 (Portainer through 1.19.2 provides an API endpoint (/api/users/admin/ch ...)
 	NOT-FOR-US: Portainer
-CVE-2018-19966
+CVE-2018-19966 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
 	{DSA-4369-1}
 	- xen 4.11.1-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-280.txt
-CVE-2018-19965
+CVE-2018-19965 (An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest ...)
 	{DSA-4369-1}
 	- xen 4.11.1-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-279.txt
-CVE-2018-19964
+CVE-2018-19964 (An issue was discovered in Xen 4.11.x allowing x86 guest OS users to c ...)
 	- xen 4.11.1-1
 	[stretch] - xen <not-affected> (Only affects 4.11)
 	[jessie] - xen <not-affected> (Only affects 4.11)
 	NOTE: https://xenbits.xen.org/xsa/advisory-277.txt
-CVE-2018-19963
+CVE-2018-19963 (An issue was discovered in Xen 4.11 allowing HVM guest OS users to cau ...)
 	- xen 4.11.1-1
 	[stretch] - xen <not-affected> (Only affects 4.11)
 	[jessie] - xen <not-affected> (Only affects 4.11)
 	NOTE: https://xenbits.xen.org/xsa/advisory-276.txt
-CVE-2018-19962
+CVE-2018-19962 (An issue was discovered in Xen through 4.11.x on AMD x86 platforms, po ...)
 	{DSA-4369-1}
 	- xen 4.11.1-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-275.txt
-CVE-2018-19961
+CVE-2018-19961 (An issue was discovered in Xen through 4.11.x on AMD x86 platforms, po ...)
 	{DSA-4369-1}
 	- xen 4.11.1-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-275.txt
@@ -4343,7 +4343,7 @@ CVE-2018-19366
 	RESERVED
 CVE-2018-19365
 	RESERVED
-CVE-2018-19364
+CVE-2018-19364 (hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while ...)
 	{DLA-1646-1}
 	- qemu 1:3.1+dfsg-1 (bug #914599)
 	- qemu-kvm <removed>
@@ -4351,19 +4351,19 @@ CVE-2018-19364
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=5b3c77aa581ebb215125c84b0742119483571e55
 CVE-2018-19363
 	RESERVED
-CVE-2018-19362
+CVE-2018-19362 (FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to h ...)
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2186
 	NOTE: https://issues.apache.org/jira/browse/TINKERPOP-2121
-CVE-2018-19361
+CVE-2018-19361 (FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to h ...)
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2186
 	NOTE: https://issues.apache.org/jira/browse/TINKERPOP-2121
-CVE-2018-19360
+CVE-2018-19360 (FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to h ...)
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b
@@ -4373,7 +4373,7 @@ CVE-2018-19359 [Unauthorized service template creation]
 	RESERVED
 	- gitlab 11.3.10+dfsg-2 (bug #914166)
 	NOTE: https://about.gitlab.com/2018/11/19/critical-security-release-gitlab-11-dot-4-dot-6-released/
-CVE-2018-19358
+CVE-2018-19358 (GNOME Keyring through 3.28.2 allows local users to retrieve login cred ...)
 	- gnome-keyring <unfixed> (unimportant; bug #914154)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1780365
 	NOTE: https://github.com/sungjungk/keyring_crack
@@ -4384,43 +4384,43 @@ CVE-2018-19358
 	NOTE: Non issue
 	NOTE: https://wiki.gnome.org/Projects/GnomeKeyring/SecurityFAQ
 	NOTE: https://gitlab.gnome.org/GNOME/gnome-keyring/issues/5
-CVE-2018-19357
+CVE-2018-19357 (XMPlay 3.8.3 allows remote attackers to execute arbitrary code or caus ...)
 	NOT-FOR-US: XMPlay
 CVE-2018-19356
 	RESERVED
-CVE-2018-19355
+CVE-2018-19355 (modules/orderfiles/ajax/upload.php in the Customer Files Upload addon  ...)
 	NOT-FOR-US: Customer Files Upload addon for PrestaShop
 CVE-2018-19354
 	RESERVED
-CVE-2018-19353
+CVE-2018-19353 (The ansilove_ansi function in loaders/ansi.c in libansilove 1.0.0 allo ...)
 	NOT-FOR-US: libansilove
-CVE-2018-19352
+CVE-2018-19352 (Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name  ...)
 	- jupyter-notebook 5.7.4-1 (bug #917408)
 	NOTE: https://github.com/jupyter/notebook/commit/288b73e1edbf527740e273fcc69b889460871648
-CVE-2018-19351
+CVE-2018-19351 (Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook bec ...)
 	- jupyter-notebook 5.7.4-1 (bug #917409)
 	NOTE: https://github.com/jupyter/notebook/commit/107a89fce5f413fb5728c1c5d2c7788e1fb17491
-CVE-2018-19350
+CVE-2018-19350 (In SeaCMS v6.6.4, there is stored XSS via the member.php?action=chgpwd ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-19349
+CVE-2018-19349 (In SeaCMS v6.64, there is SQL injection via the admin_makehtml.php top ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-19348
+CVE-2018-19348 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19347
+CVE-2018-19347 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19346
+CVE-2018-19346 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19345
+CVE-2018-19345 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19344
+CVE-2018-19344 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19343
+CVE-2018-19343 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19342
+CVE-2018-19342 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19341
+CVE-2018-19341 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-19340
+CVE-2018-19340 (Guriddo Form PHP 5.3 has XSS via the demos/jqform/defaultnodb/default. ...)
 	NOT-FOR-US: Guriddo Form PHP
 CVE-2018-19339
 	RESERVED
@@ -4430,41 +4430,41 @@ CVE-2018-19337
 	RESERVED
 CVE-2018-19336
 	RESERVED
-CVE-2018-19335
+CVE-2018-19335 (Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search)  ...)
 	NOT-FOR-US: Google Monorail
-CVE-2018-19334
+CVE-2018-19334 (Google Monorail before 2018-05-04 has a Cross-Site Search (XS-Search)  ...)
 	NOT-FOR-US: Google Monorail
-CVE-2018-19333
+CVE-2018-19333 (pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows ...)
 	NOT-FOR-US: gVisor
-CVE-2018-19332
+CVE-2018-19332 (An issue was discovered in S-CMS v1.5. There is a CSRF vulnerability t ...)
 	NOT-FOR-US: S-CMS
-CVE-2018-19331
+CVE-2018-19331 (An issue was discovered in S-CMS v1.5. There is a SQL injection vulner ...)
 	NOT-FOR-US: S-CMS
 CVE-2018-19330
 	RESERVED
-CVE-2018-19329
+CVE-2018-19329 (GreenCMS v2.3.0603 allows remote authenticated administrators to delet ...)
 	NOT-FOR-US: GreenCMS
-CVE-2018-19328
+CVE-2018-19328 (LAOBANCMS 2.0 allows install/mysql_hy.php?riqi=../ Directory Traversal ...)
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19327
+CVE-2018-19327 (An issue was discovered in JTBC(PHP) 3.0.1.7. aboutus/manage.php?type= ...)
 	NOT-FOR-US: JTBC(PHP)
-CVE-2018-19326
+CVE-2018-19326 (Zyxel VMG1312-B10D devices before 5.13(AAXA.8)C0 allow ../ Directory T ...)
 	NOT-FOR-US: Zyxel
 CVE-2018-19325
 	RESERVED
-CVE-2018-19324
+CVE-2018-19324 (kimsQ Rb 2.3.0 allows XSS via the second input field to the /?r=home&a ...)
 	NOT-FOR-US: kimsQ Rb
-CVE-2018-19323
+CVE-2018-19323 (The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, ...)
 	NOT-FOR-US: GIGABYTE APP Center
-CVE-2018-19322
+CVE-2018-19322 (The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 ...)
 	NOT-FOR-US: GIGABYTE APP Center
-CVE-2018-19321
+CVE-2018-19321 (The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 ...)
 	NOT-FOR-US: GIGABYTE APP Center
-CVE-2018-19320
+CVE-2018-19320 (The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, ...)
 	NOT-FOR-US: GIGABYTE APP Center
-CVE-2018-19319
+CVE-2018-19319 (SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&amp;c=gifts&amp;a=update ...)
 	NOT-FOR-US: SRCMS
-CVE-2018-19318
+CVE-2018-19318 (SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&amp;c=manager&amp;a=upda ...)
 	NOT-FOR-US: SRCMS
 CVE-2018-19317
 	RESERVED
@@ -4476,9 +4476,9 @@ CVE-2018-19314
 	RESERVED
 CVE-2018-19313
 	RESERVED
-CVE-2018-19312
+CVE-2018-19312 (Centreon 3.4.x allows SQL Injection via the searchVM parameter to the  ...)
 	NOT-FOR-US: Centreon
-CVE-2018-19311
+CVE-2018-19311 (Centreon 3.4.x allows XSS via the Service field to the main.php?p=2020 ...)
 	NOT-FOR-US: Centreon
 CVE-2018-19310
 	RESERVED
@@ -4498,7 +4498,7 @@ CVE-2018-19303
 	RESERVED
 CVE-2018-19302
 	RESERVED
-CVE-2018-19301
+CVE-2018-19301 (tp4a TELEPORT 3.1.0 allows XSS via the login page because a crafted us ...)
 	NOT-FOR-US: tp4a TELEPORT
 CVE-2018-19300
 	RESERVED
@@ -4508,11 +4508,11 @@ CVE-2018-19298
 	RESERVED
 CVE-2018-19297
 	RESERVED
-CVE-2018-19296
+CVE-2018-19296 (PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an objec ...)
 	{DSA-4351-1 DLA-1591-1}
 	- libphp-phpmailer 5.2.14+dfsg-2.4 (bug #913912)
 	NOTE: https://github.com/PHPMailer/PHPMailer/commit/f1231a9771505f4f34da060390d82eadb8448271
-CVE-2018-19295
+CVE-2018-19295 (Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper I ...)
 	- singularity-container 2.6.1-1
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/12/2
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1111411
@@ -4522,17 +4522,17 @@ CVE-2018-19293
 	RESERVED
 CVE-2018-19292
 	RESERVED
-CVE-2018-19291
+CVE-2018-19291 (An issue was discovered in DiliCMS 2.4.0. There is a CSRF vulnerabilit ...)
 	NOT-FOR-US: DiliCMS
-CVE-2018-19290
+CVE-2018-19290 (In modules/HELPBOT_MODULE in Budabot 0.6 through 4.0, lax syntax valid ...)
 	NOT-FOR-US: Budabot
-CVE-2018-19289
+CVE-2018-19289 (An issue was discovered in Valine v1.3.3. It allows HTML injection, wh ...)
 	NOT-FOR-US: Valine
-CVE-2018-19288
+CVE-2018-19288 (Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the u ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-19287
+CVE-2018-19287 (XSS in the Ninja Forms plugin before 3.3.18 for WordPress allows Remot ...)
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2018-19286
+CVE-2018-19286 (The server in mubu note 2018-11-11 has XSS by configuring an account w ...)
 	NOT-FOR-US: mubu note
 CVE-2018-19285
 	RESERVED
@@ -4542,23 +4542,23 @@ CVE-2018-19283
 	RESERVED
 CVE-2018-19282
 	RESERVED
-CVE-2018-19281
+CVE-2018-19281 (Centreon 3.4.x allows SNMP trap SQL Injection. ...)
 	NOT-FOR-US: Centreon
-CVE-2018-19280
+CVE-2018-19280 (Centreon 3.4.x has XSS via the resource name or macro expression of a  ...)
 	NOT-FOR-US: Centreon
-CVE-2018-19279
+CVE-2018-19279 (PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plain ...)
 	NOT-FOR-US: PRIMX ZoneCentral
-CVE-2018-19278
+CVE-2018-19278 (Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x b ...)
 	- asterisk <not-affected> (Vulnerable code introduced in 15.x and 16.x releases)
 	NOTE: https://downloads.asterisk.org/pub/security/AST-2018-010.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28127
-CVE-2018-19277
+CVE-2018-19277 (securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows a bypa ...)
 	NOT-FOR-US: PHPOffice
-CVE-2018-19276
+CVE-2018-19276 (OpenMRS before 2.24.0 is affected by an Insecure Object Deserializatio ...)
 	TODO: check
 CVE-2018-19275
 	RESERVED
-CVE-2018-19274
+CVE-2018-19274 (Passing an absolute path to a file_exists check in phpBB before 3.2.4  ...)
 	{DLA-1593-1}
 	- phpbb3 <removed>
 	NOTE: https://www.phpbb.com/community/viewtopic.php?f=14&t=2492206
@@ -4567,7 +4567,7 @@ CVE-2018-19273
 	RESERVED
 CVE-2018-19272
 	RESERVED
-CVE-2018-19271
+CVE-2018-19271 (Centreon 3.4.x allows SQL Injection via the main.php searchH parameter ...)
 	NOT-FOR-US: Centreon
 CVE-2018-19270
 	REJECTED
@@ -4611,27 +4611,27 @@ CVE-2018-19251
 	REJECTED
 CVE-2018-19250
 	REJECTED
-CVE-2018-19249
+CVE-2018-19249 (The Stripe API v1 allows remote attackers to bypass intended access re ...)
 	NOT-FOR-US: Stripe API
-CVE-2018-19248
+CVE-2018-19248 (The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode) ...)
 	NOT-FOR-US: Epson
 CVE-2018-19247
 	RESERVED
-CVE-2018-19246
+CVE-2018-19246 (PHP-Proxy 5.1.0 allows remote attackers to read local files if the def ...)
 	NOT-FOR-US: PHP-Proxy
 CVE-2018-19245
 	RESERVED
-CVE-2018-19244
+CVE-2018-19244 (An XML External Entity (XXE) vulnerability exists in the Charles 4.2.7 ...)
 	NOT-FOR-US: Charles
 CVE-2018-19243
 	RESERVED
-CVE-2018-19242
+CVE-2018-19242 (Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-6 ...)
 	NOT-FOR-US: TRENDnet
-CVE-2018-19241
+CVE-2018-19241 (Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V ...)
 	NOT-FOR-US: TRENDnet
-CVE-2018-19240
+CVE-2018-19240 (Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, ...)
 	NOT-FOR-US: TRENDnet
-CVE-2018-19239
+CVE-2018-19239 (TRENDnet TEW-673GRU v1.00b40 devices have an OS command injection vuln ...)
 	NOT-FOR-US: TRENDnet
 CVE-2018-19238
 	RESERVED
@@ -4641,73 +4641,73 @@ CVE-2018-19236
 	RESERVED
 CVE-2018-19235
 	RESERVED
-CVE-2018-19234
+CVE-2018-19234 (The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edi ...)
 	NOT-FOR-US: Miss Marple Enterprise
-CVE-2018-19233
+CVE-2018-19233 (COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users  ...)
 	NOT-FOR-US: Miss Marple Enterprise
-CVE-2018-19232
+CVE-2018-19232 (The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode) ...)
 	NOT-FOR-US: Epson
 CVE-2018-19231
 	RESERVED
 CVE-2018-19230
 	RESERVED
-CVE-2018-19229
+CVE-2018-19229 (An issue was discovered in LAOBANCMS 2.0. It allows XSS via the admin/ ...)
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19228
+CVE-2018-19228 (An issue was discovered in LAOBANCMS 2.0. It allows arbitrary file del ...)
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19227
+CVE-2018-19227 (An issue was discovered in LAOBANCMS 2.0. It allows XSS via the admin/ ...)
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19226
+CVE-2018-19226 (An issue was discovered in LAOBANCMS 2.0. It allows remote attackers t ...)
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19225
+CVE-2018-19225 (An issue was discovered in LAOBANCMS 2.0. admin/mima.php has CSRF. ...)
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19224
+CVE-2018-19224 (An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoo ...)
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19223
+CVE-2018-19223 (An issue was discovered in LAOBANCMS 2.0. It allows XSS via the first  ...)
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19222
+CVE-2018-19222 (An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysql_h ...)
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19221
+CVE-2018-19221 (An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via  ...)
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19220
+CVE-2018-19220 (An issue was discovered in LAOBANCMS 2.0. It allows remote attackers t ...)
 	NOT-FOR-US: LAOBANCMS
-CVE-2018-19219
+CVE-2018-19219 (In LibSass 3.5-stable, there is an illegal address access at Sass::Eva ...)
 	- libsass <undetermined>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643760
-CVE-2018-19218
+CVE-2018-19218 (In LibSass 3.5-stable, there is an illegal address access at Sass::Par ...)
 	- libsass <undetermined>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643758
-CVE-2018-19217
+CVE-2018-19217 (In ncurses 6.1, there is a NULL pointer dereference at the function _n ...)
 	- ncurses <undetermined>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643753
 	NOTE: On Jessie the POC does not trigger a segfault.
-CVE-2018-19216
+CVE-2018-19216 (Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoke ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <ignored> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392425
 	NOTE: Fix: https://repo.or.cz/nasm.git/commitdiff/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1115758#c7
-CVE-2018-19215
+CVE-2018-19215 (Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in ...)
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392525
 	NOTE: https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19214
+CVE-2018-19214 (Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in ...)
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392521
 	NOTE: https://repo.or.cz/nasm.git/commit/661f723d39e03ca6eb05d7376a43ca33db478354
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19213
+CVE-2018-19213 (Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may le ...)
 	- nasm <unfixed> (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392524
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19212
+CVE-2018-19212 (In libwebm through 2018-10-03, there is an abort caused by libwebm::We ...)
 	NOT-FOR-US: libwebm
 	NOTE: Chromium and qtwebengine bundle the library, but not a security issue there
-CVE-2018-19211
+CVE-2018-19211 (In ncurses 6.1, there is a NULL pointer dereference at function _nc_pa ...)
 	NOTE: Duplicate of CVE-2018-10754
-CVE-2018-19210
+CVE-2018-19210 (In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWrite ...)
 	{DLA-1680-1}
 	- tiff 4.0.10-4 (bug #913675)
 	[stretch] - tiff <postponed> (Minor issue, revisit when fixed upstream)
@@ -4715,94 +4715,94 @@ CVE-2018-19210
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2820
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/d0a842c5dbad2609aed43c701a12ed12461d3405
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/38ede78b13810ff0fa8e61f86ef9aa0ab2964668
-CVE-2018-19209
+CVE-2018-19209 (Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in th ...)
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392522
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-19208
+CVE-2018-19208 (In libwpd 0.10.2, there is a NULL pointer dereference in the function  ...)
 	- libwpd 0.10.2-3 (low; bug #913702)
 	[stretch] - libwpd <no-dsa> (Minor issue)
 	[jessie] - libwpd <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643752
 	NOTE: Patch used in Fedora: https://src.fedoraproject.org/rpms/libwpd/raw/e42834b844f3282d8ccb0889abf1b33f3f71e02f/f/0001-Resolves-rhbz-1643752-bounds-check-m_currentTable-ac.patch
-CVE-2018-19204
+CVE-2018-19204 (PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated ...)
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2018-19203
+CVE-2018-19203 (PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated ...)
 	NOT-FOR-US: PRTG Network Monitor
 CVE-2018-19202
 	RESERVED
 CVE-2018-19201
 	RESERVED
-CVE-2018-19200
+CVE-2018-19200 (An issue was discovered in uriparser before 0.9.0. UriCommon.c allows  ...)
 	{DLA-1581-1}
 	- uriparser 0.9.0-1 (bug #913817)
 	[stretch] - uriparser 0.8.4-1+deb9u1
 	NOTE: https://github.com/uriparser/uriparser/commit/f58c25069cf4a986fe17a80c5b38687e31feb539
-CVE-2018-19199
+CVE-2018-19199 (An issue was discovered in uriparser before 0.9.0. UriQuery.c allows a ...)
 	{DLA-1581-1}
 	- uriparser 0.9.0-1 (bug #913817)
 	[stretch] - uriparser 0.8.4-1+deb9u1
 	NOTE: https://github.com/uriparser/uriparser/commit/f76275d4a91b28d687250525d3a0c5509bbd666f
-CVE-2018-19198
+CVE-2018-19198 (An issue was discovered in uriparser before 0.9.0. UriQuery.c allows a ...)
 	{DLA-1581-1}
 	- uriparser 0.9.0-1 (bug #913817)
 	[stretch] - uriparser 0.8.4-1+deb9u1
 	NOTE: https://github.com/uriparser/uriparser/commit/864f5d4c127def386dd5cc926ad96934b297f04e
-CVE-2018-19207
+CVE-2018-19207 (The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before  ...)
 	NOT-FOR-US: WordPress plugin wp-gdpr-compliance
-CVE-2018-19206
+CVE-2018-19206 (steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use  ...)
 	{DSA-4344-1}
 	- roundcube 1.3.8+dfsg.1-1
 	NOTE: https://roundcube.net/news/2018/10/26/update-1.3.8-released
 	NOTE: https://github.com/roundcube/roundcubemail/issues/6410
 	NOTE: https://github.com/roundcube/roundcubemail/commit/102fbf1169116fef32a940b9fb1738bc45276059 (released-1.3)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/adcac3b9de2728c34c4d2b107e54823b6a7f6a5b (master)
-CVE-2018-19205
+CVE-2018-19205 (Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection warni ...)
 	- roundcube 1.3.8+dfsg.1-1
 	[stretch] - roundcube <ignored> (Relies on php-crypt-gpg, not in stretch. Old version in 1.3 doesn't verify signature anyway)
 	NOTE: https://roundcube.net/news/2018/07/27/update-1.3.7-released
 	NOTE: https://github.com/roundcube/roundcubemail/issues/6289
 	NOTE: https://github.com/roundcube/roundcubemail/commit/94da947855329c5062ec2a7098eb86fb675aac37 (release-1.3)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/2fa112bd836e5e144e270bda11c9fda1a66a22ae (master)
-CVE-2018-19197
+CVE-2018-19197 (An issue was discovered in XiaoCms 20141229. admin\controller\database ...)
 	NOT-FOR-US: XiaoCms
-CVE-2018-19196
+CVE-2018-19196 (An issue was discovered in XiaoCms 20141229. It allows remote attacker ...)
 	NOT-FOR-US: XiaoCms
-CVE-2018-19195
+CVE-2018-19195 (An issue was discovered in XiaoCms 20141229. There is XSS related to t ...)
 	NOT-FOR-US: XiaoCms
-CVE-2018-19194
+CVE-2018-19194 (An issue was discovered in XiaoCms 20141229. /admin/index.php?c=databa ...)
 	NOT-FOR-US: XiaoCms
-CVE-2018-19193
+CVE-2018-19193 (An issue was discovered in XiaoCms 20141229. There is XSS via the larg ...)
 	NOT-FOR-US: XiaoCms
-CVE-2018-19192
+CVE-2018-19192 (An issue was discovered in XiaoCms 20141229. admin/index.php?c=content ...)
 	NOT-FOR-US: XiaoCms
-CVE-2018-19191
+CVE-2018-19191 (Webmin 1.890 has XSS via /config.cgi?webmin, the /shell/index.cgi hist ...)
 	TODO: check
-CVE-2018-19190
+CVE-2018-19190 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04 ...)
 	NOT-FOR-US: Amazon PAYFORT payfort-php-SDK payment gateway SDK
-CVE-2018-19189
+CVE-2018-19189 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04 ...)
 	NOT-FOR-US: Amazon PAYFORT payfort-php-SDK payment gateway SDK
-CVE-2018-19188
+CVE-2018-19188 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04 ...)
 	NOT-FOR-US: Amazon PAYFORT payfort-php-SDK payment gateway SDK
-CVE-2018-19187
+CVE-2018-19187 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04 ...)
 	NOT-FOR-US: Amazon PAYFORT payfort-php-SDK payment gateway SDK
-CVE-2018-19186
+CVE-2018-19186 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04 ...)
 	NOT-FOR-US: Amazon PAYFORT payfort-php-SDK payment gateway SDK
-CVE-2018-19185
+CVE-2018-19185 (An issue has been found in libIEC61850 v1.3. It is a heap-based buffer ...)
 	NOT-FOR-US: libIEC61850
-CVE-2018-19184
+CVE-2018-19184 (cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to ...)
 	NOT-FOR-US: Go Ethereum
-CVE-2018-19183
+CVE-2018-19183 (ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm. ...)
 	NOT-FOR-US: ethereumjs-vm
-CVE-2018-19182
+CVE-2018-19182 (Engelsystem before commit hash 2e28336 allows CSRF. ...)
 	NOT-FOR-US: Engelsystem
-CVE-2018-19181
+CVE-2018-19181 (statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arb ...)
 	NOT-FOR-US: YUNUCMS
-CVE-2018-19180
+CVE-2018-19180 (statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if install. ...)
 	NOT-FOR-US: YUNUCMS
 CVE-2018-19179
 	RESERVED
-CVE-2018-19178
+CVE-2018-19178 (In JEESNS 1.3, com/lxinet/jeesns/core/utils/XssHttpServletRequestWrapp ...)
 	NOT-FOR-US: JEESNS
 CVE-2018-19177
 	RESERVED
@@ -4818,11 +4818,11 @@ CVE-2018-19172
 	RESERVED
 CVE-2018-19171
 	RESERVED
-CVE-2018-19170
+CVE-2018-19170 (In JPress v1.0-rc.5, there is stored XSS via each of the first three i ...)
 	NOT-FOR-US: JPress
 CVE-2018-19169
 	RESERVED
-CVE-2018-19168
+CVE-2018-19168 (Shell Metacharacter Injection in www/modules/save.php in FruityWifi (a ...)
 	NOT-FOR-US: FruityWifi
 CVE-2018-19167
 	RESERVED
@@ -4842,7 +4842,7 @@ CVE-2018-19160
 	RESERVED
 CVE-2018-19159
 	RESERVED
-CVE-2018-19158
+CVE-2018-19158 (ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurre ...)
 	TODO: check
 CVE-2018-19157
 	RESERVED
@@ -4858,84 +4858,84 @@ CVE-2018-19152
 	RESERVED
 CVE-2018-19151
 	RESERVED
-CVE-2018-19150
+CVE-2018-19150 (Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdffor ...)
 	NOT-FOR-US: pdfforge PDF Architect
-CVE-2018-19149
+CVE-2018-19149 (Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attac ...)
 	- poppler <unfixed> (unimportant; bug #914600)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/664
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1649457#c3
 	NOTE: https://github.com/freedesktop/poppler/commit/f162ecdea0dda5dbbdb45503c1d55d9afaa41d44
-CVE-2018-19148
+CVE-2018-19148 (Caddy through 0.11.0 sends incorrect certificates for certain invalid  ...)
 	- caddy <itp> (bug #810890)
 CVE-2018-19147
 	RESERVED
 CVE-2018-19146
 	RESERVED
-CVE-2018-19145
+CVE-2018-19145 (An issue was discovered in S-CMS v1.5. There is an XSS vulnerability i ...)
 	NOT-FOR-US: S-CMS
 CVE-2018-19144
 	RESERVED
 CVE-2018-19140
 	RESERVED
-CVE-2018-19139
+CVE-2018-19139 (An issue has been found in JasPer 2.0.14. There is a memory leak in ja ...)
 	- jasper <removed> (low)
 	[jessie] - jasper <postponed> (can be fixed later)
 	NOTE: https://github.com/mdadams/jasper/issues/188
-CVE-2018-19138
+CVE-2018-19138 (WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI. ...)
 	NOT-FOR-US: WSTMart
-CVE-2018-19137
+CVE-2018-19137 (DomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php i ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-19136
+CVE-2018-19136 (DomainMOD through 4.11.01 has XSS via the assets/edit/registrar-accoun ...)
 	NOT-FOR-US: DomainMOD
-CVE-2018-19135
+CVE-2018-19135 (ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file up ...)
 	NOT-FOR-US: ClipperCMS
-CVE-2018-19134
+CVE-2018-19134 (In Artifex Ghostscript through 9.25, the setpattern operator did not p ...)
 	{DSA-4346-1 DLA-1620-1}
 	- ghostscript 9.26~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700141
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=693baf02152119af6e6afd30bb8ec76d14f84bbf (master)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7c8f85a23db24031945af3cacb2c0b4740e67072 (ghostscript-9.26)
-CVE-2018-19133
+CVE-2018-19133 (In Flarum Core 0.1.0-beta.7.1, a serious leak can get everyone's email ...)
 	NOT-FOR-US: Flarum Core
-CVE-2018-19130
+CVE-2018-19130 (In Libav 12.3, there is an invalid memory access in vc1_decode_frame i ...)
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1139
-CVE-2018-19129
+CVE-2018-19129 (In Libav 12.3, a NULL pointer dereference (RIP points to zero) issue i ...)
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1138
-CVE-2018-19128
+CVE-2018-19128 (In Libav 12.3, there is a heap-based buffer over-read in decode_frame  ...)
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1137
-CVE-2018-19127
+CVE-2018-19127 (A code injection vulnerability in /type.php in PHPCMS 2008 allows atta ...)
 	NOT-FOR-US: PHPCMS
-CVE-2018-19126
+CVE-2018-19126 (PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remot ...)
 	NOT-FOR-US: PrestaShop
-CVE-2018-19125
+CVE-2018-19125 (PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remot ...)
 	NOT-FOR-US: PrestaShop
-CVE-2018-19124
+CVE-2018-19124 (PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows a ...)
 	NOT-FOR-US: PrestaShop
 CVE-2018-19123
 	RESERVED
-CVE-2018-19122
+CVE-2018-19122 (An issue has been found in libIEC61850 v1.3. It is a NULL pointer dere ...)
 	NOT-FOR-US: libIEC61850
-CVE-2018-19121
+CVE-2018-19121 (An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_ ...)
 	NOT-FOR-US: libIEC61850
-CVE-2018-19141
+CVE-2018-19141 (Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before ...)
 	{DLA-1592-1}
 	- otrs2 6.0.1-1
 	NOTE: https://community.otrs.com/security-advisory-2018-09-security-update-for-otrs-framework/
 	NOTE: Only the 4.x and 5.x series are affected (and possibly earlier versions).
 	NOTE: Add workaround and mark first 6.x version as fixing version
-CVE-2018-19142
+CVE-2018-19142 (Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin  ...)
 	- otrs2 6.0.13-1
 	[stretch] - otrs2 <not-affected> (Only affects 6.x)
 	[jessie] - otrs2 <not-affected> (Only affects 6.x)
 	NOTE: https://community.otrs.com/security-advisory-2018-08-security-update-for-otrs-framework/
-CVE-2018-19143
+CVE-2018-19143 (Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5. ...)
 	{DLA-1592-1}
 	- otrs2 6.0.13-1
 	NOTE: https://community.otrs.com/security-advisory-2018-07-security-update-for-otrs-framework/
-CVE-2018-19120
+CVE-2018-19120 (The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows  ...)
 	- kio-extras 4:18.08.3-1 (bug #913595)
 	[buster] - kio-extras <no-dsa> (Minor issue)
 	[stretch] - kio-extras <no-dsa> (Minor issue)
@@ -4945,36 +4945,36 @@ CVE-2018-19120
 	NOTE: https://www.kde.org/info/security/advisory-20181012-1.txt
 CVE-2018-19119
 	RESERVED
-CVE-2018-19118
+CVE-2018-19118 (Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attacker ...)
 	NOT-FOR-US: Zoho
 CVE-2018-19117
 	RESERVED
 CVE-2018-19116
 	RESERVED
-CVE-2018-19967
+CVE-2018-19967 (An issue was discovered in Xen through 4.11.x on Intel x86 platforms a ...)
 	{DSA-4369-1 DLA-1577-1}
 	- xen 4.11.1-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-282.txt
-CVE-2018-19115
+CVE-2018-19115 (keepalived before 2.0.7 has a heap-based buffer overflow when parsing  ...)
 	{DLA-1589-1}
 	- keepalived 1:2.0.10-1 (low; bug #914393)
 	[stretch] - keepalived <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1015141
 	NOTE: https://github.com/acassen/keepalived/pull/961
 	NOTE: https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9
-CVE-2018-19114
+CVE-2018-19114 (An issue was discovered in MinDoc through v1.0.2. It allows attackers  ...)
 	NOT-FOR-US: MinDoc
 CVE-2018-19113
 	RESERVED
 CVE-2018-19112
 	RESERVED
-CVE-2018-19111
+CVE-2018-19111 (The Google Cardboard application 1.8 for Android and 1.2 for iOS sends ...)
 	NOT-FOR-US: Google Cardboard application for Android and iOS
-CVE-2018-19110
+CVE-2018-19110 (The skin-management feature in tianti 2.3 allows remote authenticated  ...)
 	NOT-FOR-US: tianti
-CVE-2018-19109
+CVE-2018-19109 (tianti 2.3 allows remote authenticated users to bypass intended permis ...)
 	NOT-FOR-US: tianti
-CVE-2018-19108
+CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PS ...)
 	{DLA-1691-1}
 	- exiv2 <unfixed> (bug #913272)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
@@ -4982,7 +4982,7 @@ CVE-2018-19108
 	NOTE: https://github.com/Exiv2/exiv2/pull/518
 	NOTE: https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b
 	NOTE: https://github.com/Exiv2/exiv2/commit/b7c71f3ad0386cd7af3b73443c0615ada073f0d5
-CVE-2018-19107
+CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdi ...)
 	{DLA-1691-1}
 	- exiv2 <unfixed> (bug #913273)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
@@ -4990,12 +4990,12 @@ CVE-2018-19107
 	NOTE: https://github.com/Exiv2/exiv2/pull/518
 	NOTE: https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b
 	NOTE: https://github.com/Exiv2/exiv2/commit/b7c71f3ad0386cd7af3b73443c0615ada073f0d5
-CVE-2018-19106
+CVE-2018-19106 (Avi Vantage before 17.2.13 uses an invalid URL encoding during a redir ...)
 	NOT-FOR-US: Avi Vantage
-CVE-2018-19105
+CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0 ...)
 	- librecad <undetermined>
 	NOTE: https://code610.blogspot.com/2018/11/crashing-librecad-213.html
-CVE-2018-19104
+CVE-2018-19104 (In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can b ...)
 	NOT-FOR-US: BageCMS
 CVE-2018-19103
 	RESERVED
@@ -5017,91 +5017,91 @@ CVE-2018-19095
 	RESERVED
 CVE-2018-19094
 	RESERVED
-CVE-2018-19093
+CVE-2018-19093 (** DISPUTED ** An issue has been found in libIEC61850 v1.3. It is a SE ...)
 	NOT-FOR-US: libIEC61850
-CVE-2018-19092
+CVE-2018-19092 (An issue was discovered in YzmCMS v5.2. It has XSS via a search/index/ ...)
 	NOT-FOR-US: YzmCMS
-CVE-2018-19091
+CVE-2018-19091 (tianti 2.3 has reflected XSS in the user management module via the tia ...)
 	NOT-FOR-US: tianti
-CVE-2018-19090
+CVE-2018-19090 (tianti 2.3 has stored XSS in the article management module via an arti ...)
 	NOT-FOR-US: tianti
-CVE-2018-19089
+CVE-2018-19089 (tianti 2.3 has stored XSS in the userlist module via the tianti-module ...)
 	NOT-FOR-US: tianti
 CVE-2018-19088
 	RESERVED
-CVE-2018-19087
+CVE-2018-19087 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-b ...)
 	NOT-FOR-US: IOBit Malware Fighter
-CVE-2018-19086
+CVE-2018-19086 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-b ...)
 	NOT-FOR-US: IOBit Malware Fighter
-CVE-2018-19085
+CVE-2018-19085 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-b ...)
 	NOT-FOR-US: IOBit Malware Fighter
-CVE-2018-19084
+CVE-2018-19084 (RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-b ...)
 	NOT-FOR-US: IOBit Malware Fighter
-CVE-2018-19083
+CVE-2018-19083 (WeCenter 3.2.0 through 3.2.2 has XSS in the views/default/question/ind ...)
 	NOT-FOR-US: WeCenter
-CVE-2018-19082
+CVE-2018-19082 (An issue was discovered on Foscam Opticam i5 devices with System Firmw ...)
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19081
+CVE-2018-19081 (An issue was discovered on Foscam Opticam i5 devices with System Firmw ...)
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19080
+CVE-2018-19080 (An issue was discovered on Foscam Opticam i5 devices with System Firmw ...)
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19079
+CVE-2018-19079 (An issue was discovered on Foscam Opticam i5 devices with System Firmw ...)
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19078
+CVE-2018-19078 (An issue was discovered on Foscam Opticam i5 devices with System Firmw ...)
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19077
+CVE-2018-19077 (An issue was discovered on Foscam Opticam i5 devices with System Firmw ...)
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19076
+CVE-2018-19076 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19075
+CVE-2018-19075 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19074
+CVE-2018-19074 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19073
+CVE-2018-19073 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19072
+CVE-2018-19072 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19071
+CVE-2018-19071 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19070
+CVE-2018-19070 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19069
+CVE-2018-19069 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19068
+CVE-2018-19068 (An issue was discovered on Foscam Opticam i5 devices with System Firmw ...)
 	NOT-FOR-US: Foscam Opticam i5 devices
-CVE-2018-19067
+CVE-2018-19067 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19066
+CVE-2018-19066 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19065
+CVE-2018-19065 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19064
+CVE-2018-19064 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
-CVE-2018-19063
+CVE-2018-19063 (An issue was discovered on Foscam C2 devices with System Firmware 1.11 ...)
 	NOT-FOR-US: Foscam C2 devices
 CVE-2018-19062
 	RESERVED
-CVE-2018-19061
+CVE-2018-19061 (DedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-19060
+CVE-2018-19060 (An issue was discovered in Poppler 0.71.0. There is a NULL pointer der ...)
 	- poppler <unfixed> (unimportant; bug #913182)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/660
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/d2f5d424ba8752f9a9e9dad410546ec1b46caa0a
 	NOTE: Issue in pdfdetach cli tool leading to crash
-CVE-2018-19059
+CVE-2018-19059 (An issue was discovered in Poppler 0.71.0. There is a out-of-bounds re ...)
 	- poppler <unfixed> (unimportant; bug #913180)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/661
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/77a30e94d96220d7e22dff5b3f0a7f296f01b118
 	NOTE: Issue in pdfdetach cli tool leading to crash
-CVE-2018-19058
+CVE-2018-19058 (An issue was discovered in Poppler 0.71.0. There is a reachable abort  ...)
 	{DLA-1706-1}
 	- poppler <unfixed> (low; bug #913177)
 	[stretch] - poppler <ignored> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/659
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/6912e06d9ab19ba28991b5cab3319d61d856bd6d
-CVE-2018-19057
+CVE-2018-19057 (SimpleMDE 1.11.2 has XSS via an onerror attribute of a crafted IMG ele ...)
 	NOT-FOR-US: SimpleMDE
-CVE-2018-19056
+CVE-2018-19056 (pandao Editor.md 1.5.0 has DOM XSS via input starting with a "&lt;&lt; ...)
 	NOT-FOR-US: pandao Editor.md
 CVE-2018-XXXX [VirtualBox E1000 Guest-to-Host Escape]
 	- virtualbox 5.2.22-dfsg-1 (bug #913137)
@@ -5113,55 +5113,55 @@ CVE-2018-19055
 	RESERVED
 CVE-2018-19054
 	RESERVED
-CVE-2018-19053
+CVE-2018-19053 (PbootCMS 1.2.2 allows remote attackers to execute arbitrary PHP code b ...)
 	NOT-FOR-US: PbootCMS
-CVE-2018-19051
+CVE-2018-19051 (MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword abt_type ...)
 	NOT-FOR-US: MetInfo
-CVE-2018-19050
+CVE-2018-19050 (MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword langset  ...)
 	NOT-FOR-US: MetInfo
 CVE-2018-19049
 	RESERVED
-CVE-2018-19052
+CVE-2018-19052 (An issue was discovered in mod_alias_physical_handler in mod_alias.c i ...)
 	- lighttpd 1.4.52-1 (bug #913528)
 	[stretch] - lighttpd <no-dsa> (Minor issue)
 	[jessie] - lighttpd <no-dsa> (Minor issue)
 	NOTE: https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1
 CVE-2018-19048
 	RESERVED
-CVE-2018-19047
+CVE-2018-19047 (** DISPUTED ** mPDF through 7.1.6, if deployed as a web application th ...)
 	NOT-FOR-US: mPDF
-CVE-2018-19046
+CVE-2018-19046 (keepalived 2.0.8 didn't check for existing plain files when writing da ...)
 	- keepalived 1:2.0.10-1 (unimportant)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1015141
 	NOTE: https://github.com/acassen/keepalived/issues/1048
 	NOTE: Neutralised by kernel hardening
-CVE-2018-19045
+CVE-2018-19045 (keepalived 2.0.8 used mode 0666 when creating new temporary files upon ...)
 	- keepalived 1:2.0.10-1 (unimportant)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1015141
 	NOTE: https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6
 	NOTE: https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067
 	NOTE: https://github.com/acassen/keepalived/issues/1048
-CVE-2018-19044
+CVE-2018-19044 (keepalived 2.0.8 didn't check for pathnames with symlinks when writing ...)
 	- keepalived 1:2.0.10-1 (unimportant)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1015141
 	NOTE: https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306
 	NOTE: https://github.com/acassen/keepalived/issues/1048
-CVE-2018-19043
+CVE-2018-19043 (The Media File Manager plugin 1.4.2 for WordPress allows arbitrary fil ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-19042
+CVE-2018-19042 (The Media File Manager plugin 1.4.2 for WordPress allows arbitrary fil ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-19041
+CVE-2018-19041 (The Media File Manager plugin 1.4.2 for WordPress allows XSS via the d ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-19040
+CVE-2018-19040 (The Media File Manager plugin 1.4.2 for WordPress allows directory lis ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-19039
+CVE-2018-19039 (Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated  ...)
 	- grafana <removed>
 	NOTE: https://community.grafana.com/t/grafana-5-3-3-and-4-6-5-security-update/11961
 CVE-2018-19038
 	RESERVED
 CVE-2018-19037
 	RESERVED
-CVE-2018-19036
+CVE-2018-19036 (An issue was discovered in several Bosch IP cameras for firmware versi ...)
 	NOT-FOR-US: Bosch
 CVE-2018-19035
 	RESERVED
@@ -5175,11 +5175,11 @@ CVE-2018-19031
 	RESERVED
 CVE-2018-19030
 	RESERVED
-CVE-2018-19029
+CVE-2018-19029 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using ...)
 	NOT-FOR-US: LCDS Laquis SCADA
 CVE-2018-19028
 	RESERVED
-CVE-2018-19027
+CVE-2018-19027 (Three type confusion vulnerabilities exist in CX-One Versions 4.50 and ...)
 	NOT-FOR-US: CX-One
 CVE-2018-19026
 	RESERVED
@@ -5187,93 +5187,93 @@ CVE-2018-19025
 	RESERVED
 CVE-2018-19024
 	RESERVED
-CVE-2018-19023
+CVE-2018-19023 (Hetronic Nova-M prior to verson r161 uses fixed codes that are reprodu ...)
 	NOT-FOR-US: Hetronic Nova-M radio control systems
 CVE-2018-19022
 	RESERVED
-CVE-2018-19021
+CVE-2018-19021 (A specially crafted script could bypass the authentication of a mainte ...)
 	NOT-FOR-US: Emerson DeltaV DCS
-CVE-2018-19020
+CVE-2018-19020 (When CX-Supervisor (Versions 3.42 and prior) processes project files a ...)
 	NOT-FOR-US: CX-Supervisor
-CVE-2018-19019
+CVE-2018-19019 (A type confusion vulnerability exists when processing project files in ...)
 	NOT-FOR-US: CX-Supervisor
-CVE-2018-19018
+CVE-2018-19018 (An access of uninitialized pointer vulnerability in CX-Supervisor (Ver ...)
 	NOT-FOR-US: CX-Supervisor
-CVE-2018-19017
+CVE-2018-19017 (Several use after free vulnerabilities have been identified in CX-Supe ...)
 	NOT-FOR-US: CX-Supervisor
 CVE-2018-19016
 	RESERVED
-CVE-2018-19015
+CVE-2018-19015 (An attacker could inject commands to launch programs and create, write ...)
 	NOT-FOR-US: CX-Supervisor
-CVE-2018-19014
+CVE-2018-19014 (Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all ver ...)
 	NOT-FOR-US: Drager patient monitoring medical devices
-CVE-2018-19013
+CVE-2018-19013 (An attacker could inject commands to delete files and/or delete the co ...)
 	NOT-FOR-US: CX-Supervisor
-CVE-2018-19012
+CVE-2018-19012 (Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all ver ...)
 	NOT-FOR-US: Drager patient monitoring medical devices
-CVE-2018-19011
+CVE-2018-19011 (CX-Supervisor (Versions 3.42 and prior) can execute code that has been ...)
 	NOT-FOR-US: CX-Supervisor
-CVE-2018-19010
+CVE-2018-19010 (Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all ver ...)
 	NOT-FOR-US: Drager patient monitoring medical devices
-CVE-2018-19009
+CVE-2018-19009 (Pilz PNOZmulti Configurator prior to version 10.9 allows an authentica ...)
 	NOT-FOR-US: Pilz PNOZmulti Configurator
-CVE-2018-19008
+CVE-2018-19008 (The TextEditor 2.0 in ABB CP400 Panel Builder versions 2.0.7.05 and ea ...)
 	NOT-FOR-US: TextEditor 2.0 in ABB CP400 Panel Builder
-CVE-2018-19007
+CVE-2018-19007 (In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the D ...)
 	NOT-FOR-US: Geutebrueck cameras
 CVE-2018-19006
 	RESERVED
-CVE-2018-19005
+CVE-2018-19005 (Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation  ...)
 	NOT-FOR-US: Cscape
-CVE-2018-19004
+CVE-2018-19004 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows out of bounds rea ...)
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-19003
+CVE-2018-19003 (GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to 0 ...)
 	NOT-FOR-US: GE Mark
-CVE-2018-19002
+CVE-2018-19002 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control  ...)
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-19001
+CVE-2018-19001 (Philips HealthSuite Health Android App, all versions. The software use ...)
 	NOT-FOR-US: Philips HealthSuite Health Android App
-CVE-2018-19000
+CVE-2018-19000 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication ...)
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18999
+CVE-2018-18999 (WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 20 ...)
 	NOT-FOR-US: Advantech WebAccess/SCADA
-CVE-2018-18998
+CVE-2018-18998 (LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credenti ...)
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18997
+CVE-2018-18997 (Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 a ...)
 	NOT-FOR-US: ABB GATE-E2
-CVE-2018-18996
+CVE-2018-18996 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user in ...)
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18995
+CVE-2018-18995 (Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all  ...)
 	NOT-FOR-US: ABB GATE-E2
 CVE-2018-18994
 	RESERVED
-CVE-2018-18993
+CVE-2018-18993 (Two stack-based buffer overflow vulnerabilities have been discovered i ...)
 	NOT-FOR-US: CX-One
-CVE-2018-18992
+CVE-2018-18992 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user in ...)
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18991
+CVE-2018-18991 (Reflected cross-site scripting (non-persistent) in SCADA WebServer (Ve ...)
 	NOT-FOR-US: SCADA WebServer
-CVE-2018-18990
+CVE-2018-18990 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied p ...)
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18989
+CVE-2018-18989 (In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and pri ...)
 	NOT-FOR-US: CX-One
-CVE-2018-18988
+CVE-2018-18988 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of scri ...)
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18987
+CVE-2018-18987 (VT-Designer Version 2.1.7.31 is vulnerable by the program populating o ...)
 	NOT-FOR-US: VT-Designer
-CVE-2018-18986
+CVE-2018-18986 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a  ...)
 	NOT-FOR-US: LCDS Laquis SCADA
-CVE-2018-18985
+CVE-2018-18985 (Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.1 ...)
 	NOT-FOR-US: Tridium Niagara Enterprise
-CVE-2018-18984
+CVE-2018-18984 (Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Enco ...)
 	NOT-FOR-US: Medtronic
-CVE-2018-18983
+CVE-2018-18983 (VT-Designer Version 2.1.7.31 is vulnerable by the program reading the  ...)
 	NOT-FOR-US: VT-Designer
-CVE-2018-18982
+CVE-2018-18982 (NUUO CMS All versions 3.3 and prior the web server application allows  ...)
 	NOT-FOR-US: NUUO CMS
-CVE-2018-18981
+CVE-2018-18981 (In Rockwell Automation FactoryTalk Services Platform 2.90 and earlier, ...)
 	NOT-FOR-US: Rockwell Automation FactoryTalk Services Platform
-CVE-2018-18980
+CVE-2018-18980 (An XML External Entity injection (XXE) vulnerability exists in Zoho Ma ...)
 	NOT-FOR-US: Zoho ManageEngine Network Configuration Manager and OpManager
 CVE-2018-18979
 	RESERVED
@@ -5301,40 +5301,40 @@ CVE-2018-18968
 	RESERVED
 CVE-2018-18967
 	RESERVED
-CVE-2018-18966
+CVE-2018-18966 (osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filteri ...)
 	NOT-FOR-US: osCommerce
-CVE-2018-18965
+CVE-2018-18965 (osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filteri ...)
 	NOT-FOR-US: osCommerce
-CVE-2018-18964
+CVE-2018-18964 (osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filteri ...)
 	NOT-FOR-US: osCommerce
-CVE-2018-18963
+CVE-2018-18963 (Busca.aspx.cs in Degrau Publicidade e Internet Plataforma de E-commerc ...)
 	NOT-FOR-US: Degrau Publicidade e Internet Plataforma de E-commerce
 CVE-2018-18962
 	RESERVED
 CVE-2018-18961
 	RESERVED
-CVE-2018-18960
+CVE-2018-18960 (An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51 ...)
 	NOT-FOR-US: Epson
-CVE-2018-18959
+CVE-2018-18959 (An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51 ...)
 	NOT-FOR-US: Epson
 CVE-2018-18958
 	RESERVED
-CVE-2018-18957
+CVE-2018-18957 (An issue has been found in libIEC61850 v1.3. It is a stack-based buffe ...)
 	NOT-FOR-US: libIEC61850
-CVE-2018-18956
+CVE-2018-18956 (The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x b ...)
 	- suricata 1:4.0.6-1
 	[stretch] - suricata <no-dsa> (Minor issue)
 	[jessie] - suricata <not-affected> (Vulnerable code not present, no MIME support in this version)
 	NOTE: https://lists.openinfosecfoundation.org/pipermail/oisf-users/2018-October/016227.html
 	NOTE: https://redmine.openinfosecfoundation.org/issues/2658#change-10374
-CVE-2018-18955
+CVE-2018-18955 (In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() i ...)
 	- linux 4.18.20-1
 	[stretch] - linux <not-affected> (Introduced in 4.15-rc1)
 	[jessie] - linux <not-affected> (Introduced in 4.15-rc1)
 	NOTE: https://git.kernel.org/linus/d2f007dbe7e4c9583eea6eb04d60001e85c6f1bd
 	NOTE: Introduced in https://git.kernel.org/linus/6397fac4915a
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1712
-CVE-2018-18954
+CVE-2018-18954 (The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 al ...)
 	- qemu 1:3.1+dfsg-1 (low; bug #914604)
 	[stretch] - qemu <postponed> (Minor issue, can be backported once fixed upstream)
 	[jessie] - qemu <not-affected> (Vulnerable code not present. ppc/pnv lpc was added in 2.7)
@@ -5342,13 +5342,13 @@ CVE-2018-18954
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=d07945e78eb6b593cd17a4640c1fc9eb35e3245d
 CVE-2018-18953
 	RESERVED
-CVE-2018-18952
+CVE-2018-18952 (JEECMS 9.3 has XSS via an index.do#/content/update?type=update URI. ...)
 	NOT-FOR-US: JEECMS
 CVE-2018-18951
 	RESERVED
-CVE-2018-18950
+CVE-2018-18950 (KindEditor through 4.1.11 has a path traversal vulnerability in php/up ...)
 	NOT-FOR-US: KindEditor
-CVE-2018-18949
+CVE-2018-18949 (Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via M ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2018-18948
 	RESERVED
@@ -5360,27 +5360,27 @@ CVE-2018-18945
 	RESERVED
 CVE-2018-18944
 	RESERVED
-CVE-2018-18943
+CVE-2018-18943 (An issue was discovered in baserCMS before 4.1.4. In the Register New  ...)
 	NOT-FOR-US: baserCMS
-CVE-2018-18942
+CVE-2018-18942 (In baserCMS before 4.1.4, lib\Baser\Model\ThemeConfig.php allows remot ...)
 	NOT-FOR-US: baserCMS
-CVE-2018-18941
+CVE-2018-18941 (In Vignette Content Management version 6, it is possible to gain remot ...)
 	NOT-FOR-US: Vignette Content Management
-CVE-2018-18940
+CVE-2018-18940 (servlet/SnoopServlet (a servlet installed by default) in Netscape Ente ...)
 	NOT-FOR-US: Netscape Enterprise
-CVE-2018-18939
+CVE-2018-18939 (An issue was discovered in WUZHI CMS 4.1.0. There is stored XSS in ind ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-18938
+CVE-2018-18938 (An issue was discovered in WUZHI CMS 4.1.0. There is stored XSS in ind ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-18937
+CVE-2018-18937 (An issue has been found in libIEC61850 v1.3. It is a NULL pointer dere ...)
 	NOT-FOR-US: libIEC61850
-CVE-2018-18936
+CVE-2018-18936 (An issue was discovered in PopojiCMS v2.0.1. admin_library.php allows  ...)
 	NOT-FOR-US: PopojiCMS
-CVE-2018-18935
+CVE-2018-18935 (An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-ad ...)
 	NOT-FOR-US: PopojiCMS
-CVE-2018-18934
+CVE-2018-18934 (An issue was discovered in PopojiCMS v2.0.1. admin_component.php is ex ...)
 	NOT-FOR-US: PopojiCMS
-CVE-2018-18933
+CVE-2018-18933 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2018-18932
 	RESERVED
@@ -5390,31 +5390,31 @@ CVE-2018-18930
 	RESERVED
 CVE-2018-18929
 	RESERVED
-CVE-2018-18928
+CVE-2018-18928 (International Components for Unicode (ICU) for C/C++ 63.1 has an integ ...)
 	- icu 63.1-3
 	[stretch] - icu <not-affected> (Vulnerable code not present)
 	[jessie] - icu <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=900059
 	NOTE: Fixed by: https://github.com/unicode-org/icu/commit/53d8c8f3d181d87a6aa925b449b51c4a2c922a51
 	NOTE: https://unicode-org.atlassian.net/browse/ICU-20246
-CVE-2018-18927
+CVE-2018-18927 (An issue was discovered in PublicCMS V4.0. It allows XSS by modifying  ...)
 	NOT-FOR-US: PublicCMS
-CVE-2018-18926
+CVE-2018-18926 (Gitea before 1.5.4 allows remote code execution because it does not pr ...)
 	- gitea <removed>
 	NOTE: https://github.com/go-gitea/gitea/issues/5140
-CVE-2018-18925
+CVE-2018-18925 (Gogs 0.11.66 allows remote code execution because it does not properly ...)
 	NOT-FOR-US: Go Git Service
-CVE-2018-18924
+CVE-2018-18924 (The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to ...)
 	NOT-FOR-US: ProjeQtOr
-CVE-2018-18923
+CVE-2018-18923 (AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabili ...)
 	NOT-FOR-US: AbiSoft Ticketly
-CVE-2018-18922
+CVE-2018-18922 (add_user in AbiSoft Ticketly 1.0 allows remote attackers to create adm ...)
 	NOT-FOR-US: AbiSoft Ticketly
-CVE-2018-18921
+CVE-2018-18921 (PHP Server Monitor before 3.3.2 has CSRF, as demonstrated by a Delete  ...)
 	NOT-FOR-US: PHP Server Monitor
-CVE-2018-18920
+CVE-2018-18920 (Py-EVM v0.2.0-alpha.33 allows attackers to make a vm.execute_bytecode  ...)
 	- python3-py-evm <itp> (bug #884796)
-CVE-2018-18919
+CVE-2018-18919 (The WP Editor.md plugin 10.0.1 for WordPress allows XSS via the commen ...)
 	NOT-FOR-US: WP Editor.md plugin for WordPress
 CVE-2018-18918
 	RESERVED
@@ -5422,7 +5422,7 @@ CVE-2018-18917
 	RESERVED
 CVE-2018-18916
 	RESERVED
-CVE-2018-18915
+CVE-2018-18915 (There is an infinite loop in the Exiv2::Image::printIFDStructure funct ...)
 	[experimental] - exiv2 <unfixed> (bug #912828)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/511
@@ -5436,9 +5436,9 @@ CVE-2018-18911
 	RESERVED
 CVE-2018-18910
 	RESERVED
-CVE-2018-18909
+CVE-2018-18909 (xhEditor 1.2.2 allows XSS via JavaScript code in the SRC attribute of  ...)
 	NOT-FOR-US: xhEditor
-CVE-2018-18908
+CVE-2018-18908 (The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows p ...)
 	NOT-FOR-US: Sky Go Desktop
 CVE-2018-18907
 	RESERVED
@@ -5448,7 +5448,7 @@ CVE-2018-18905
 	RESERVED
 CVE-2018-18904
 	RESERVED
-CVE-2018-18903
+CVE-2018-18903 (Vanilla 2.6.x before 2.6.4 allows remote code execution. ...)
 	NOT-FOR-US: Vanilla
 CVE-2018-18902
 	RESERVED
@@ -5458,14 +5458,14 @@ CVE-2018-18900
 	RESERVED
 CVE-2018-18899
 	RESERVED
-CVE-2018-18898
+CVE-2018-18898 (The email-ingestion feature in Best Practical Request Tracker 4.1.13 t ...)
 	- libemail-address-list-perl 0.06-1
 	[stretch] - libemail-address-list-perl 0.05-1+deb9u1
 	[jessie] - libemail-address-list-perl <ignored> (Minor issue)
 	NOTE: https://github.com/bestpractical/email-address-list/commit/a22e6b233443fe3ad1a408e50ecbd7237674817d
 	NOTE: https://github.com/bestpractical/email-address-list/commit/6dd5021a6e5df2e8c86a163dc2e180a76a38e63b
 	NOTE: https://github.com/bestpractical/email-address-list/commit/31bd4dc2dfb26fd6a17e4436df3d3c8904856f30
-CVE-2018-18897
+CVE-2018-18897 (An issue was discovered in Poppler 0.71.0. There is a memory leak in G ...)
 	- poppler <unfixed> (low; bug #913164)
 	[stretch] - poppler <ignored> (Negligible security impact)
 	[jessie] - poppler <ignored> (Negligible security impact; memory leak)
@@ -5476,19 +5476,19 @@ CVE-2018-18895
 	REJECTED
 CVE-2018-18894
 	RESERVED
-CVE-2018-18893
+CVE-2018-18893 (Jinjava before 2.4.6 does not block the getClass method, related to co ...)
 	NOT-FOR-US: Jinjava
-CVE-2018-18892
+CVE-2018-18892 (MiniCMS 1.10 allows execution of arbitrary PHP code via the install.ph ...)
 	NOT-FOR-US: MiniCMS
-CVE-2018-18891
+CVE-2018-18891 (MiniCMS 1.10 allows file deletion via /mc-admin/post.php?state=delete& ...)
 	NOT-FOR-US: MiniCMS
-CVE-2018-18890
+CVE-2018-18890 (MiniCMS 1.10 allows full path disclosure via /mc-admin/post.php?state= ...)
 	NOT-FOR-US: MiniCMS
 CVE-2018-18889
 	RESERVED
-CVE-2018-18888
+CVE-2018-18888 (An issue was discovered in laravelCMS through 2018-04-02. \app\Http\Co ...)
 	NOT-FOR-US: laravelCMS
-CVE-2018-18887
+CVE-2018-18887 (S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type ...)
 	NOT-FOR-US: S-CMS
 CVE-2018-18886
 	RESERVED
@@ -5496,9 +5496,9 @@ CVE-2018-18885
 	RESERVED
 CVE-2018-18884
 	RESERVED
-CVE-2018-18882
+CVE-2018-18882 (A stored cross-site scripting (XSS) issue was discovered in ControlByW ...)
 	TODO: check
-CVE-2018-18881
+CVE-2018-18881 (A Denial of Service (DOS) issue was discovered in ControlByWeb X-320M- ...)
 	TODO: check
 CVE-2018-18880
 	RESERVED
@@ -5512,59 +5512,59 @@ CVE-2018-18876
 	RESERVED
 CVE-2018-18875
 	RESERVED
-CVE-2018-18874
+CVE-2018-18874 (nc-cms through 2017-03-10 allows remote attackers to execute arbitrary ...)
 	NOT-FOR-US: nc-cms
-CVE-2018-18873
+CVE-2018-18873 (An issue was discovered in JasPer 2.0.14. There is a NULL pointer dere ...)
 	{DLA-1628-1}
 	- jasper <removed>
 	NOTE: https://github.com/mdadams/jasper/issues/184
 CVE-2018-18872
 	RESERVED
-CVE-2018-18871
+CVE-2018-18871 (Missing password verification in the web interface on Gigaset Maxwell  ...)
 	NOT-FOR-US: Gigaset
 CVE-2018-18870
 	RESERVED
-CVE-2018-18869
+CVE-2018-18869 (EmpireCMS V7.5 allows remote attackers to upload and execute arbitrary ...)
 	NOT-FOR-US: EmpireCMS
-CVE-2018-18868
+CVE-2018-18868 (No-CMS 1.1.3 is prone to Persistent XSS via a contact_us name paramete ...)
 	NOT-FOR-US: No-CMS
-CVE-2018-18867
+CVE-2018-18867 (An SSRF issue was discovered in tecrail Responsive FileManager 9.13.4  ...)
 	NOT-FOR-US: tecrail Responsive FileManager
 CVE-2018-18866
 	RESERVED
-CVE-2018-18865
+CVE-2018-18865 (The Royal browser extensions TS before 4.3.60728 (Release Date 2018-07 ...)
 	NOT-FOR-US: Royal browser extensions TS
-CVE-2018-18864
+CVE-2018-18864 (Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache ...)
 	NOT-FOR-US: Loadbalancer.org Enterprise VA MAX
 CVE-2018-18863
 	RESERVED
-CVE-2018-18862
+CVE-2018-18862 (BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has ...)
 	TODO: check
-CVE-2018-18861
+CVE-2018-18861 (Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code execu ...)
 	NOT-FOR-US: PCMan FTP Server
-CVE-2018-18860
+CVE-2018-18860 (A local privilege escalation vulnerability has been identified in the  ...)
 	NOT-FOR-US: SwitchVPN for macOS
-CVE-2018-18859
+CVE-2018-18859 (Multiple local privilege escalation vulnerabilities have been identifi ...)
 	NOT-FOR-US: LiquidVPN client for macOS
-CVE-2018-18858
+CVE-2018-18858 (Multiple local privilege escalation vulnerabilities have been identifi ...)
 	NOT-FOR-US: LiquidVPN client for macOS
-CVE-2018-18857
+CVE-2018-18857 (Multiple local privilege escalation vulnerabilities have been identifi ...)
 	NOT-FOR-US: LiquidVPN client for macOS
-CVE-2018-18856
+CVE-2018-18856 (Multiple local privilege escalation vulnerabilities have been identifi ...)
 	NOT-FOR-US: LiquidVPN client for macOS
 CVE-2018-18855
 	RESERVED
-CVE-2018-18854
+CVE-2018-18854 (Lightbend Spray spray-json through 1.3.4 allows remote attackers to ca ...)
 	NOT-FOR-US: Lightbend Spray spray-json
-CVE-2018-18853
+CVE-2018-18853 (Lightbend Spray spray-json through 1.3.4 allows remote attackers to ca ...)
 	NOT-FOR-US: Lightbend Spray spray-json
 CVE-2018-18852
 	RESERVED
 CVE-2018-18851
 	RESERVED
-CVE-2018-18850
+CVE-2018-18850 (In Octopus Deploy 2018.8.0 through 2018.9.x before 2018.9.1, an authen ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-18849 [lsi53c895a: OOB msg buffer access leads to DoS]
+CVE-2018-18849 (In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-boun ...)
 	- qemu 1:3.1+dfsg-1 (bug #912535)
 	[stretch] - qemu <postponed> (Minor issue, revisit for later update)
 	[jessie] - qemu <postponed> (Minor issue, revisit for later update)
@@ -5577,18 +5577,18 @@ CVE-2018-18847
 	RESERVED
 CVE-2018-18846
 	RESERVED
-CVE-2018-18845
+CVE-2018-18845 (internal/advanced_comment_system/index.php and internal/advanced_comme ...)
 	TODO: check
 CVE-2018-18844
 	RESERVED
-CVE-2018-18843
+CVE-2018-18843 (The Kubernetes integration in GitLab Enterprise Edition 11.x before 11 ...)
 	- gitlab <not-affected> (Only affects Enterprise edition)
 	NOTE: https://about.gitlab.com/2018/11/01/critical-security-release-gitlab-11-dot-4-dot-4-released/
-CVE-2018-18842
+CVE-2018-18842 (CSRF exists in zb_users/plugin/AppCentre/theme.js.php in Z-BlogPHP 1.5 ...)
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-18841
+CVE-2018-18841 (XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Cla ...)
 	NOT-FOR-US: SEMCMS PHP
-CVE-2018-18840
+CVE-2018-18840 (XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Cla ...)
 	NOT-FOR-US: SEMCMS PHP
 CVE-2018-18839
 	RESERVED
@@ -5598,44 +5598,44 @@ CVE-2018-18837
 	RESERVED
 CVE-2018-18836
 	RESERVED
-CVE-2018-18835
+CVE-2018-18835 (upload_template() in system/changeskin.php in DocCms 2016.5.12 allows  ...)
 	NOT-FOR-US: DocCms
-CVE-2018-18834
+CVE-2018-18834 (An issue has been found in libIEC61850 v1.3. It is a heap-based buffer ...)
 	NOT-FOR-US: libIEC61850
 CVE-2018-18833
 	RESERVED
-CVE-2018-18832
+CVE-2018-18832 (admin/check.asp in DKCMS 9.4 allows SQL Injection via an ASPSESSIONID  ...)
 	NOT-FOR-US: DKCMS
-CVE-2018-18831
+CVE-2018-18831 (An issue was discovered in com\mingsoft\cms\action\GeneraterAction.jav ...)
 	NOT-FOR-US: MCMS
-CVE-2018-18830
+CVE-2018-18830 (An issue was discovered in com\mingsoft\basic\action\web\FileAction.ja ...)
 	NOT-FOR-US: MCMS
-CVE-2018-18829
+CVE-2018-18829 (There exists a NULL pointer dereference in ff_vc1_parse_frame_header_a ...)
 	- libav <removed>
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1136
-CVE-2018-18828
+CVE-2018-18828 (There exists a heap-based buffer overflow in vc1_decode_i_block_adv in ...)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1135
-CVE-2018-18827
+CVE-2018-18827 (There exists a heap-based buffer over-read in ff_vc1_pred_dc in vc1_bl ...)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1135
-CVE-2018-18826
+CVE-2018-18826 (There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in  ...)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1135
-CVE-2018-18825
+CVE-2018-18825 (Pagoda Linux panel V6.0 has XSS via the verification code associated w ...)
 	NOT-FOR-US: Pagoda Linux panel
 CVE-2018-18824
 	RESERVED
 CVE-2018-18823
 	RESERVED
-CVE-2018-18822
+CVE-2018-18822 (Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pagere ...)
 	NOT-FOR-US: Grapixel New Media
 CVE-2018-18821
 	RESERVED
-CVE-2018-18820
+CVE-2018-18820 (A buffer overflow was discovered in the URL-authentication backend of  ...)
 	{DSA-4333-1 DLA-1588-1}
 	- icecast2 2.4.4-1 (bug #912611)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/01/3
@@ -5647,29 +5647,29 @@ CVE-2018-18819
 	RESERVED
 CVE-2018-18818
 	RESERVED
-CVE-2018-18817
+CVE-2018-18817 (The Leostream Agent before Build 7.0.1.0 when used with Leostream Conn ...)
 	NOT-FOR-US: Leostream Agent
-CVE-2018-18816
+CVE-2018-18816 (The repository component of TIBCO Software Inc.'s TIBCO JasperReports  ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-18815
+CVE-2018-18815 (The REST API component of TIBCO Software Inc.'s TIBCO JasperReports Se ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-18814
+CVE-2018-18814 (The TIBCO Spotfire authentication component of TIBCO Software Inc.'s T ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-18813
+CVE-2018-18813 (The Spotfire web server component of TIBCO Software Inc.'s TIBCO Spotf ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-18812
+CVE-2018-18812 (The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire ...)
 	NOT-FOR-US: TIBCO
 CVE-2018-18811
 	RESERVED
-CVE-2018-18810
+CVE-2018-18810 (The Administrator Service component of TIBCO Software Inc.'s TIBCO Man ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-18809
+CVE-2018-18809 (The default server implementation of TIBCO Software Inc.'s TIBCO Jaspe ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-18808
+CVE-2018-18808 (The domain management component of TIBCO Software Inc.'s TIBCO JasperR ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-18807
+CVE-2018-18807 (The web application of the TIBCO Statistica component of TIBCO Softwar ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-19132
+CVE-2018-19132 (Squid before 4.4, when SNMP is enabled, allows a denial of service (Me ...)
 	{DLA-1596-1}
 	- squid 4.4-1 (low; bug #912294)
 	- squid3 <removed> (low)
@@ -5677,83 +5677,83 @@ CVE-2018-19132
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2018_5.txt
 	NOTE: 3.5: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-bc9786119f058a76ddf0625424bc33d36460b9a2.patch
 	NOTE: 4.x: http://www.squid-cache.org/Versions/v4/changesets/squid-4-983c5c36e5f109512ed1af38a329d0b5d0967498.patch
-CVE-2018-19131
+CVE-2018-19131 (Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S ...)
 	- squid 4.4-1 (unimportant; bug #912293)
 	- squid3 <removed> (unimportant)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2018_4.txt
 	NOTE: Squid in Debian builds without TLS support
-CVE-2018-18806
+CVE-2018-18806 (School Equipment Monitoring System 1.0 allows SQL injection via the lo ...)
 	NOT-FOR-US: School Equipment Monitoring System
-CVE-2018-18805
+CVE-2018-18805 (PointOfSales 1.0 allows SQL injection via the login screen, related to ...)
 	NOT-FOR-US: PointOfSales
-CVE-2018-18804
+CVE-2018-18804 (Bakeshop Inventory System 1.0 has SQL injection via the login screen,  ...)
 	NOT-FOR-US: Bakeshop Inventory System
-CVE-2018-18803
+CVE-2018-18803 (Curriculum Evaluation System 1.0 allows SQL Injection via the login sc ...)
 	NOT-FOR-US: Curriculum Evaluation System
 CVE-2018-18802
 	RESERVED
-CVE-2018-18801
+CVE-2018-18801 (The BSEN Ordering software 1.0 has SQL Injection via student/index.php ...)
 	NOT-FOR-US: BSEN Ordering software
 CVE-2018-18800
 	RESERVED
-CVE-2018-18799
+CVE-2018-18799 (School Attendance Monitoring System 1.0 has CSRF via event/controller. ...)
 	NOT-FOR-US: School Attendance Monitoring System
-CVE-2018-18798
+CVE-2018-18798 (School Attendance Monitoring System 1.0 has SQL Injection via user/con ...)
 	TODO: check
-CVE-2018-18797
+CVE-2018-18797 (School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.p ...)
 	NOT-FOR-US: School Attendance Monitoring System
-CVE-2018-18796
+CVE-2018-18796 (Library Management System 1.0 has SQL Injection via the "Search for Bo ...)
 	NOT-FOR-US: Library Management System
-CVE-2018-18795
+CVE-2018-18795 (School Event Management System 1.0 has SQL Injection via the student/i ...)
 	NOT-FOR-US: School Event Management System
-CVE-2018-18794
+CVE-2018-18794 (School Event Management System 1.0 allows CSRF via user/controller.php ...)
 	NOT-FOR-US: School Event Management System
-CVE-2018-18793
+CVE-2018-18793 (School Event Management System 1.0 allows Arbitrary File Upload via ev ...)
 	NOT-FOR-US: School Event Management System
-CVE-2018-18792
+CVE-2018-18792 (An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs_li ...)
 	NOT-FOR-US: zzcms
-CVE-2018-18791
+CVE-2018-18791 (An issue was discovered in zzcms 8.3. SQL Injection exists in zs/searc ...)
 	NOT-FOR-US: zzcms
-CVE-2018-18790
+CVE-2018-18790 (An issue was discovered in zzcms 8.3. SQL Injection exists in admin/sp ...)
 	NOT-FOR-US: zzcms
-CVE-2018-18789
+CVE-2018-18789 (An issue was discovered in zzcms 8.3. SQL Injection exists in zt/top.p ...)
 	NOT-FOR-US: zzcms
-CVE-2018-18788
+CVE-2018-18788 (An issue was discovered in zzcms 8.3. SQL Injection exists in admin/cl ...)
 	NOT-FOR-US: zzcms
-CVE-2018-18787
+CVE-2018-18787 (An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs.ph ...)
 	NOT-FOR-US: zzcms
-CVE-2018-18786
+CVE-2018-18786 (An issue was discovered in zzcms 8.3. SQL Injection exists in ajax/zs. ...)
 	NOT-FOR-US: zzcms
-CVE-2018-18785
+CVE-2018-18785 (An issue was discovered in zzcms 8.3. SQL Injection exists in zs/subzs ...)
 	NOT-FOR-US: zzcms
-CVE-2018-18784
+CVE-2018-18784 (An issue was discovered in zzcms 8.3. SQL Injection exists in admin/ta ...)
 	NOT-FOR-US: zzcms
-CVE-2018-18783
+CVE-2018-18783 (XSS was discovered in SEMCMS V3.4 via the semcms_remail.php?type=ok um ...)
 	NOT-FOR-US: SEMCMS
-CVE-2018-18782
+CVE-2018-18782 (Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/myfriend.php f ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-18781
+CVE-2018-18781 (DedeCMS 5.7 SP2 allows XSS via the /member/uploads_select.php f or key ...)
 	NOT-FOR-US: DedeCMS
 CVE-2018-18780
 	RESERVED
 CVE-2018-18779
 	RESERVED
-CVE-2018-18778
+CVE-2018-18778 (ACME mini_httpd before 1.30 lets remote users read arbitrary files. ...)
 	- mini-httpd 1.30-0.1 (bug #913095)
 	[stretch] - mini-httpd <no-dsa> (Minor issue)
-CVE-2018-18777
+CVE-2018-18777 (Directory traversal vulnerability in Microstrategy Web, version 7, in  ...)
 	NOT-FOR-US: Microstrategy Web
-CVE-2018-18776
+CVE-2018-18776 (Microstrategy Web, version 7, does not sufficiently encode user-contro ...)
 	NOT-FOR-US: Microstrategy Web
-CVE-2018-18775
+CVE-2018-18775 (Microstrategy Web, version 7, does not sufficiently encode user-contro ...)
 	NOT-FOR-US: Microstrategy Web
-CVE-2018-18774
+CVE-2018-18774 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allow ...)
 	NOT-FOR-US: CentOS Web Panel
-CVE-2018-18773
+CVE-2018-18773 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allow ...)
 	NOT-FOR-US: CentOS Web Panel
-CVE-2018-18772
+CVE-2018-18772 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allow ...)
 	NOT-FOR-US: CentOS Web Panel
-CVE-2018-18771
+CVE-2018-18771 (An issue was discovered in LuLu CMS through 2015-05-14. backend\module ...)
 	NOT-FOR-US: Lulu CMS
 CVE-2018-18770
 	RESERVED
@@ -5761,185 +5761,185 @@ CVE-2018-18769
 	RESERVED
 CVE-2018-18768
 	RESERVED
-CVE-2018-18767
+CVE-2018-18767 (An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06.  ...)
 	NOT-FOR-US: D-Link
 CVE-2018-18766
 	RESERVED
-CVE-2018-18765
+CVE-2018-18765 (An exploitable arbitrary memory read vulnerability exists in the MQTT  ...)
 	- smplayer 18.5.0~ds1-1
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2018-18764
+CVE-2018-18764 (An exploitable arbitrary memory read vulnerability exists in the MQTT  ...)
 	- smplayer 18.5.0~ds1-1
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2018-18763
+CVE-2018-18763 (SaltOS 3.1 r8126 allows action=ajax&amp;query=numbers&amp;page=usuario ...)
 	NOT-FOR-US: SaltOS
-CVE-2018-18762
+CVE-2018-18762 (SaltOS 3.1 r8126 allows CSRF. ...)
 	TODO: check
-CVE-2018-18761
+CVE-2018-18761 (SaltOS 3.1 r8126 allows action=login&amp;querystring=&amp;user=[SQL] S ...)
 	NOT-FOR-US: SaltOS
-CVE-2018-18760
+CVE-2018-18760 (RhinOS 3.0 build 1190 allows CSRF. ...)
 	NOT-FOR-US: RhinOS
-CVE-2018-18759
+CVE-2018-18759 (Modbus Slave 7.0.0 in modbus tools has a Buffer Overflow. ...)
 	NOT-FOR-US: Modbus Slave
 CVE-2018-18758
 	RESERVED
 CVE-2018-18757
 	RESERVED
-CVE-2018-18756
+CVE-2018-18756 (Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008 ...)
 	NOT-FOR-US: Local Server
-CVE-2018-18755
+CVE-2018-18755 (K-iwi Framework 1775 has SQL Injection via the admin/user/group/update ...)
 	NOT-FOR-US: K-iwi Framework
-CVE-2018-18754
+CVE-2018-18754 (ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root account w ...)
 	NOT-FOR-US: ZyXEL
-CVE-2018-18753
+CVE-2018-18753 (Typecho V1.1 allows remote attackers to send shell commands via base64 ...)
 	NOT-FOR-US: Typecho
-CVE-2018-18752
+CVE-2018-18752 (Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerabi ...)
 	NOT-FOR-US: Webiness Inventory
-CVE-2018-18751
+CVE-2018-18751 (An issue was discovered in GNU gettext 0.19.8. There is a double free  ...)
 	- gettext 0.19.8.1-9 (unimportant; bug #913173)
 	NOTE: https://git.savannah.gnu.org/gitweb/?p=gettext.git;a=commitdiff;h=dce3a16e5e9368245735e29bf498dcd5e3e474a4
 	NOTE: Negligible security impact
 CVE-2018-18750
 	RESERVED
-CVE-2018-18749
+CVE-2018-18749 (data-tools through 2017-07-26 has an Integer Overflow leading to an in ...)
 	NOT-FOR-US: data-tools
-CVE-2018-18748
+CVE-2018-18748 (** DISPUTED ** Sandboxie 5.26 allows a Sandbox Escape via an "import o ...)
 	NOT-FOR-US: Sandboxie
 CVE-2018-18747
 	RESERVED
 CVE-2018-18746
 	RESERVED
-CVE-2018-18745
+CVE-2018-18745 (An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Menu.php?lg ...)
 	NOT-FOR-US: SEMCMS
-CVE-2018-18744
+CVE-2018-18744 (An XSS issue was discovered in SEMCMS 3.4 via the fifth text box to th ...)
 	NOT-FOR-US: SEMCMS
-CVE-2018-18743
+CVE-2018-18743 (An XSS issue was discovered in SEMCMS 3.4 via the second text field to ...)
 	NOT-FOR-US: SEMCMS
-CVE-2018-18742
+CVE-2018-18742 (A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.ph ...)
 	NOT-FOR-US: SEMCMS
-CVE-2018-18741
+CVE-2018-18741 (An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Download.ph ...)
 	NOT-FOR-US: SEMCMS
-CVE-2018-18740
+CVE-2018-18740 (An XSS issue was discovered in SEMCMS 3.4 via the first input field to ...)
 	NOT-FOR-US: SEMCMS
-CVE-2018-18739
+CVE-2018-18739 (An XSS issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_Product ...)
 	NOT-FOR-US: SEMCMS
-CVE-2018-18738
+CVE-2018-18738 (An XSS issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_Categor ...)
 	NOT-FOR-US: SEMCMS
-CVE-2018-18737
+CVE-2018-18737 (An XXE issue was discovered in Douchat 4.0.4 because Data\notify.php c ...)
 	NOT-FOR-US: Douchat
-CVE-2018-18736
+CVE-2018-18736 (An XSS issue was discovered in catfish blog 2.0.33, related to "write  ...)
 	NOT-FOR-US: catfish blog (different from src:catfish)
-CVE-2018-18735
+CVE-2018-18735 (A CSRF issue was discovered in admin/Index/tiquan in catfish blog 2.0. ...)
 	NOT-FOR-US: catfish blog (different from src:catfish)
-CVE-2018-18734
+CVE-2018-18734 (A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfi ...)
 	NOT-FOR-US: Catfish CMS
-CVE-2018-18733
+CVE-2018-18733 (An XSS issue was discovered in Catfish CMS 4.8.30, related to "write s ...)
 	NOT-FOR-US: Catfish CMS
-CVE-2018-18732
+CVE-2018-18732 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19 ...)
 	NOT-FOR-US: Tenda devices
-CVE-2018-18731
+CVE-2018-18731 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19 ...)
 	NOT-FOR-US: Tenda devices
-CVE-2018-18730
+CVE-2018-18730 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19 ...)
 	NOT-FOR-US: Tenda devices
-CVE-2018-18729
+CVE-2018-18729 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19 ...)
 	NOT-FOR-US: Tenda devices
-CVE-2018-18728
+CVE-2018-18728 (An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.0 ...)
 	NOT-FOR-US: Tenda devices
-CVE-2018-18727
+CVE-2018-18727 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19 ...)
 	NOT-FOR-US: Tenda devices
-CVE-2018-18726
+CVE-2018-18726 (An XSS issue was discovered in admin/sitelink/editsitelink?id=16 in YU ...)
 	NOT-FOR-US: YUNUCMS
-CVE-2018-18725
+CVE-2018-18725 (An XSS issue was discovered in admin/banner/editbanner?id=20 in YUNUCM ...)
 	NOT-FOR-US: YUNUCMS
-CVE-2018-18724
+CVE-2018-18724 (An XSS issue was discovered in index.php/admin/category/editcategory?i ...)
 	NOT-FOR-US: YUNUCMS
-CVE-2018-18723
+CVE-2018-18723 (An XSS issue was discovered in index.php/admin/area/editarea/id/110000 ...)
 	NOT-FOR-US: YUNUCMS
-CVE-2018-18722
+CVE-2018-18722 (An XSS issue was discovered in admin/content/editcontent?id=29&amp;gop ...)
 	NOT-FOR-US: YUNUCMS
-CVE-2018-18721
+CVE-2018-18721 (An XSS issue was discovered in admin/link/editlink?id=5 in YUNUCMS 1.1 ...)
 	NOT-FOR-US: YUNUCMS
-CVE-2018-18720
+CVE-2018-18720 (An XSS issue was discovered in index.php/admin/system/basic in YUNUCMS ...)
 	NOT-FOR-US: YUNUCMS
 CVE-2018-18719
 	RESERVED
-CVE-2018-18718
+CVE-2018-18718 (An issue was discovered in gThumb through 3.6.2. There is a double-fre ...)
 	{DLA-1567-1}
 	- gthumb 3:3.6.2-2 (unimportant; bug #912290)
 	NOTE: https://gitlab.gnome.org/GNOME/gthumb/issues/18
 	NOTE: https://gitlab.gnome.org/GNOME/gthumb/commit/06c39346fda502bd37429006d4822dd977995661 (master)
 	NOTE: https://gitlab.gnome.org/GNOME/gthumb/commit/f3edf6952757f887569e8c26cf18d40409f3fdca (3.6)
 	NOTE: Crash in end user application, no security impact
-CVE-2018-18717
+CVE-2018-18717 (An issue was discovered in Eleanor CMS through 2015-03-19. XSS exists  ...)
 	NOT-FOR-US: Eleanor CMS
-CVE-2018-18716
+CVE-2018-18716 (Zoho ManageEngine OpManager 12.3 before 123219 has a Self XSS Vulnerab ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-18715
+CVE-2018-18715 (Zoho ManageEngine OpManager 12.3 before 123219 has stored XSS. ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-18714
+CVE-2018-18714 (RegFilter.sys in IOBit Malware Fighter 6.2 and earlier is susceptible  ...)
 	NOT-FOR-US: IOBit Malware Fighter
-CVE-2018-18713
+CVE-2018-18713 (The function down_sql_action() in /admin/model/database.class.php in P ...)
 	NOT-FOR-US: PHPYun
-CVE-2018-18712
+CVE-2018-18712 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerabil ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-18711
+CVE-2018-18711 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerabil ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-18709
+CVE-2018-18709 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19 ...)
 	NOT-FOR-US: Tenda devices
-CVE-2018-18708
+CVE-2018-18708 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19 ...)
 	NOT-FOR-US: Tenda devices
-CVE-2018-18707
+CVE-2018-18707 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19 ...)
 	NOT-FOR-US: Tenda devices
-CVE-2018-18706
+CVE-2018-18706 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19 ...)
 	NOT-FOR-US: Tenda devices
-CVE-2018-18710
+CVE-2018-18710 (An issue was discovered in the Linux kernel through 4.19. An informati ...)
 	{DLA-1715-1}
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://git.kernel.org/linus/e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276
-CVE-2018-18705
+CVE-2018-18705 (PhpTpoint hospital management system suffers from multiple SQL injecti ...)
 	NOT-FOR-US: PhpTpoint hospital management system
-CVE-2018-18704
+CVE-2018-18704 (PhpTpoint Pharmacy Management System suffers from a SQL injection vuln ...)
 	NOT-FOR-US: PhpTpoint Pharmacy Management System
-CVE-2018-18703
+CVE-2018-18703 (PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple ...)
 	NOT-FOR-US: PhpTpoint Mailing Server Using File Handling
-CVE-2018-18702
+CVE-2018-18702 (spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.ph ...)
 	NOT-FOR-US: iCMS
-CVE-2018-18701
+CVE-2018-18701 (An issue was discovered in cp-demangle.c in GNU libiberty, as distribu ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-18700
+CVE-2018-18700 (An issue was discovered in cp-demangle.c in GNU libiberty, as distribu ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-18699
+CVE-2018-18699 (An issue was discovered in GoPro gpmf-parser 1.2.1. There is an out-of ...)
 	NOT-FOR-US: GoPro gpmf-parser
-CVE-2018-18698
+CVE-2018-18698 (An issue was discovered on Xiaomi Mi A1 tissot_sprout:8.1.0/OPM1.17101 ...)
 	NOT-FOR-US: Xiaomi Mi A1 devices
 CVE-2018-18697
 	RESERVED
-CVE-2018-18696
+CVE-2018-18696 (main.aspx in Microstrategy Analytics 10.4.0026.0049 and earlier has CS ...)
 	NOT-FOR-US: Microstrategy Analytics
-CVE-2018-18695
+CVE-2018-18695 (M2SOFT Report Designer Viewer 5.0 allows a Buffer Overflow with Extend ...)
 	NOT-FOR-US: M2SOFT Report Designer Viewer
-CVE-2018-18694
+CVE-2018-18694 (admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows remote aut ...)
 	NOT-FOR-US: Monstra CMS
 CVE-2018-18693
 	RESERVED
-CVE-2018-18692
+CVE-2018-18692 (A reflected Cross-Site scripting (XSS) vulnerability in SEMCO Semcosof ...)
 	NOT-FOR-US: SEMCO
 CVE-2018-18691
 	RESERVED
-CVE-2018-18690
+CVE-2018-18690 (In the Linux kernel before 4.17, a local attacker able to set attribut ...)
 	{DLA-1715-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.144-1
@@ -5990,97 +5990,97 @@ CVE-2018-18669
 	RESERVED
 CVE-2018-18668
 	RESERVED
-CVE-2018-18667
+CVE-2018-18667 (The mintToken function of Pylon (PYLNT) aka PylonToken, an Ethereum to ...)
 	NOT-FOR-US: Some Ethereum token
-CVE-2018-18666
+CVE-2018-18666 (The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum t ...)
 	NOT-FOR-US: Some Ethereum token
-CVE-2018-18665
+CVE-2018-18665 (The mintToken function of Nexxus (NXX) aka NexxusToken, an Ethereum to ...)
 	NOT-FOR-US: Some Ethereum token
 CVE-2018-18664
 	RESERVED
 CVE-2018-18663
 	RESERVED
-CVE-2018-18662
+CVE-2018-18662 (There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Ar ...)
 	- mupdf 1.14.0+ds1-3 (bug #912013)
 	[jessie] - mupdf <not-affected> (vulnerable code introduced later)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700043
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=164ddc22ee0d5b63a81d5148f44c37dd132a9356
-CVE-2018-18661
+CVE-2018-18661 (An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dere ...)
 	- tiff 4.0.10-1 (unimportant; bug #912012)
 	- tiff3 <removed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2819
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/99b10edde9a0fc28cc0e7b7757aa18ac4c8c225f
 	NOTE: No security impact, crash in CLI tool
-CVE-2018-18660
+CVE-2018-18660 (An issue was discovered in Arcserve Unified Data Protection (UDP) thro ...)
 	NOT-FOR-US: Arcserve Unified Data Protection
-CVE-2018-18659
+CVE-2018-18659 (An issue was discovered in Arcserve Unified Data Protection (UDP) thro ...)
 	NOT-FOR-US: Arcserve Unified Data Protection
-CVE-2018-18658
+CVE-2018-18658 (An issue was discovered in Arcserve Unified Data Protection (UDP) thro ...)
 	NOT-FOR-US: Arcserve Unified Data Protection
-CVE-2018-18657
+CVE-2018-18657 (An issue was discovered in Arcserve Unified Data Protection (UDP) thro ...)
 	NOT-FOR-US: Arcserve Unified Data Protection
-CVE-2018-18656
+CVE-2018-18656 (The PureVPN client before 6.1.0 for Windows stores Login Credentials ( ...)
 	NOT-FOR-US: PureVPN client for Windows
-CVE-2018-18653
+CVE-2018-18653 (The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Se ...)
 	- linux <undetermined>
 	TODO: check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset  https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
-CVE-2018-18652
+CVE-2018-18652 (A remote command execution vulnerability in Veritas NetBackup Applianc ...)
 	NOT-FOR-US: Veritas NetBackup Appliance
-CVE-2018-18655
+CVE-2018-18655 (Prayer through 1.3.5 sends a Referer header, containing a user's usern ...)
 	- prayer 1.3.5-dfsg1-5 (low; bug #911842)
 	[stretch] - prayer <no-dsa> (Minor issue)
 	[jessie] - prayer <no-dsa> (Minor issue)
-CVE-2018-18654
+CVE-2018-18654 (Crossroads 2.81 does not properly handle the /tmp directory during a b ...)
 	- crossroads <removed> (unimportant; bug #911877)
 	NOTE: Issue exploitable only during build of package
-CVE-2018-18651
+CVE-2018-18651 (An issue was discovered in Xpdf 4.00. catalog-&gt;getNumPages() in Acr ...)
 	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
-CVE-2018-18650
+CVE-2018-18650 (An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc  ...)
 	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
-CVE-2018-18649
+CVE-2018-18649 (An issue was discovered in the wiki API in GitLab Community and Enterp ...)
 	- gitlab <not-affected> (Only affects 11.3 and later)
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18648
+CVE-2018-18648 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	- gitlab <not-affected> (Only affects 11.2 and later)
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18647
+CVE-2018-18647 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	- gitlab <not-affected> (Only affects GitLab EE)
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18646
+CVE-2018-18646 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	[experimental] - gitlab 11.2.8+dfsg-1
 	- gitlab 11.2.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18645
+CVE-2018-18645 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	[experimental] - gitlab 11.2.8+dfsg-1
 	- gitlab 11.2.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18644
+CVE-2018-18644 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
 	- gitlab <not-affected> (Only affects GitLab EE)
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
 CVE-2018-18643 [Persistent XSS autocomplete]
 	RESERVED
 	- gitlab <not-affected> (Only affects 11.2 and later)
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18642
+CVE-2018-18642 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	- gitlab <not-affected> (Only affects GitLab EE)
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18641
+CVE-2018-18641 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	[experimental] - gitlab 11.2.8+dfsg-1
 	- gitlab 11.2.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
-CVE-2018-18640
+CVE-2018-18640 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	[experimental] - gitlab 11.2.8+dfsg-1
 	- gitlab 11.2.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
 CVE-2018-18639
 	RESERVED
-CVE-2018-18638
+CVE-2018-18638 (A command injection vulnerability in the setup API in the Neato Botvac ...)
 	NOT-FOR-US: Neato
 CVE-2018-18637
 	RESERVED
-CVE-2018-18636
+CVE-2018-18636 (XSS exists in cgi-bin/webcm on D-link DSL-2640T routers via the var:Re ...)
 	NOT-FOR-US: D-Link
-CVE-2018-18635
+CVE-2018-18635 (www/guis/admin/application/controllers/UserController.php in the admin ...)
 	NOT-FOR-US: MailCleaner
 CVE-2018-18634
 	RESERVED
@@ -6088,7 +6088,7 @@ CVE-2018-18633
 	RESERVED
 CVE-2018-18632
 	RESERVED
-CVE-2018-18883
+CVE-2018-18883 (An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 plat ...)
 	- xen 4.11.1-1
 	[stretch] - xen <not-affected> (Only affects 4.9 and later)
 	[jessie] - xen <not-affected> (Only affects 4.9 and later)
@@ -6097,13 +6097,13 @@ CVE-2018-18631
 	RESERVED
 CVE-2018-18630
 	RESERVED
-CVE-2018-18629
+CVE-2018-18629 (An issue was discovered in the Keybase command-line client before 2.8. ...)
 	NOT-FOR-US: Keybase command-line client
-CVE-2018-18628
+CVE-2018-18628 (An issue was discovered in Pippo 1.11.0. The function SerializationSes ...)
 	NOT-FOR-US: Pippo
 CVE-2018-18627
 	RESERVED
-CVE-2018-18626
+CVE-2018-18626 (An issue was discovered in PHPYun V4.6. There is a vulnerability that  ...)
 	NOT-FOR-US: PHPYun
 CVE-2018-18625
 	RESERVED
@@ -6111,13 +6111,13 @@ CVE-2018-18624
 	RESERVED
 CVE-2018-18623
 	RESERVED
-CVE-2018-18622
+CVE-2018-18622 (An issue was discovered in Waimai Super Cms 20150505. There is XSS via ...)
 	NOT-FOR-US: Waimai Super Cms
-CVE-2018-18621
+CVE-2018-18621 (CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Ma ...)
 	NOT-FOR-US: CommuniGate Pro
 CVE-2018-18620
 	RESERVED
-CVE-2018-18619
+CVE-2018-18619 (internal/advanced_comment_system/admin.php in Advanced Comment System  ...)
 	NOT-FOR-US: Advanced Comment System
 CVE-2018-18618
 	RESERVED
@@ -6139,23 +6139,23 @@ CVE-2018-18610
 	RESERVED
 CVE-2018-18609
 	RESERVED
-CVE-2018-18608
+CVE-2018-18608 (DedeCMS 5.7 SP2 allows XSS via the function named GetPageList defined  ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-18607
+CVE-2018-18607 (An issue was discovered in elf_link_input_bfd in elflink.c in the Bina ...)
 	[experimental] - binutils 2.31.51.20181204-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23805
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a
-CVE-2018-18606
+CVE-2018-18606 (An issue was discovered in the merge_strings function in merge.c in th ...)
 	[experimental] - binutils 2.31.51.20181204-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23806
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc
-CVE-2018-18605
+CVE-2018-18605 (A heap-based buffer over-read issue was discovered in the function sec ...)
 	[experimental] - binutils 2.31.51.20181204-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
@@ -6164,15 +6164,15 @@ CVE-2018-18605
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61
 CVE-2018-18604
 	RESERVED
-CVE-2018-18603
+CVE-2018-18603 (** DISPUTED ** 360 Total Security 3.5.0.1033 allows a Sandbox Escape v ...)
 	NOT-FOR-US: 360 Total Security
-CVE-2018-18602
+CVE-2018-18602 (The Cloud API on Guardzilla smart cameras allows user enumeration, wit ...)
 	NOT-FOR-US: Guardzilla
-CVE-2018-18601
+CVE-2018-18601 (The TK_set_deviceModel_req_handle function in the cloud communication  ...)
 	NOT-FOR-US: Guardzilla
-CVE-2018-18600
+CVE-2018-18600 (The remote upgrade feature in Guardzilla GZ180 devices allow command i ...)
 	NOT-FOR-US: Guardzilla
-CVE-2018-18599
+CVE-2018-18599 (Stegdetect through 2018-05-26 has an out-of-bounds write in f5_compres ...)
 	- stegdetect <removed>
 CVE-2018-18598
 	RESERVED
@@ -6184,43 +6184,43 @@ CVE-2018-18595
 	RESERVED
 CVE-2018-18594
 	RESERVED
-CVE-2018-18593
+CVE-2018-18593 (Remote Directory Traversal and Remote Disclosure of Privileged Informa ...)
 	NOT-FOR-US: UCMDB Configuration Management Service
 CVE-2018-18592
 	RESERVED
-CVE-2018-18591
+CVE-2018-18591 (A potential unauthorized disclosure of data vulnerability has been ide ...)
 	NOT-FOR-US: Micro Focus
-CVE-2018-18590
+CVE-2018-18590 (A potential remote code execution and information disclosure vulnerabi ...)
 	NOT-FOR-US: Micro Focus
-CVE-2018-18589
+CVE-2018-18589 (A potential Remote Arbitrary Code Execution vulnerability has been ide ...)
 	NOT-FOR-US: Micro Focus
 CVE-2018-18588
 	RESERVED
-CVE-2018-18587
+CVE-2018-18587 (BigProf AppGini 5.70 stores the passwords in the database using the MD ...)
 	NOT-FOR-US: BigProf AppGini
-CVE-2018-18583
+CVE-2018-18583 (An issue has been found in LuPng through 2017-03-10. It is a heap-base ...)
 	NOT-FOR-US: LuPng
-CVE-2018-18582
+CVE-2018-18582 (An issue has been found in LuPng through 2017-03-10. It is a heap-base ...)
 	NOT-FOR-US: LuPng
-CVE-2018-18581
+CVE-2018-18581 (An issue has been found in LuPng through 2017-03-10. It is a heap-base ...)
 	NOT-FOR-US: LuPng
 CVE-2018-18580
 	RESERVED
-CVE-2018-18579
+CVE-2018-18579 (Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder  ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-18578
+CVE-2018-18578 (DedeCMS 5.7 SP2 allows XSS via the plus/qrcode.php type parameter. ...)
 	NOT-FOR-US: DedeCMS
 CVE-2018-18577
 	RESERVED
 CVE-2018-18576
 	RESERVED
-CVE-2018-18585
+CVE-2018-18585 (chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accept ...)
 	{DLA-1555-1}
 	- libmspack 0.8-1 (bug #911637)
 	[stretch] - libmspack 0.5-1+deb9u3
 	NOTE: https://github.com/kyz/libmspack/commit/8759da8db6ec9e866cb8eb143313f397f925bb4f
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/22/1
-CVE-2018-18586
+CVE-2018-18586 (** DISPUTED ** chmextract.c in the chmextract sample program, as distr ...)
 	- libmspack 0.8-1 (unimportant; bug #911639)
 	NOTE: https://github.com/kyz/libmspack/commit/7cadd489698be117c47efcadd742651594429e6d
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/22/1
@@ -6228,7 +6228,7 @@ CVE-2018-18586
 	NOTE: This sample code is not installed into the binary packages and was as well
 	NOTE: never the idea to use it in "productised" binaries, but rather just simple
 	NOTE: examples of the library use.
-CVE-2018-18584
+CVE-2018-18584 (In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8 ...)
 	{DLA-1555-1}
 	- cabextract 1.4-5
 	NOTE: Starting with 1.4-5 cabextract uses the mspack system library
@@ -6248,34 +6248,34 @@ CVE-2018-18571
 	RESERVED
 CVE-2018-18570
 	RESERVED
-CVE-2018-18569
+CVE-2018-18569 (The Dundas BI server before 5.0.1.1010 is vulnerable to a Server-Side  ...)
 	NOT-FOR-US: Dundas BI
-CVE-2018-18568
+CVE-2018-18568 (Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in- ...)
 	NOT-FOR-US: Polycom
-CVE-2018-18567
+CVE-2018-18567 (AudioCodes 440HD and 450HD devices 3.1.2.89 and earlier allows man-in- ...)
 	NOT-FOR-US: AudioCodes devices
-CVE-2018-18566
+CVE-2018-18566 (The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and ear ...)
 	NOT-FOR-US: Polycom
-CVE-2018-18565
+CVE-2018-18565 (An issue was discovered in Roche Accu-Chek Inform II Instrument before ...)
 	NOT-FOR-US: Roche Diagnostics
-CVE-2018-18564
+CVE-2018-18564 (An issue was discovered in Roche Accu-Chek Inform II Instrument before ...)
 	NOT-FOR-US: Roche Diagnostics
-CVE-2018-18563
+CVE-2018-18563 (An issue was discovered in Roche Accu-Chek Inform II Instrument before ...)
 	NOT-FOR-US: Roche Diagnostics
-CVE-2018-18562
+CVE-2018-18562 (An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base  ...)
 	NOT-FOR-US: Roche Diagnostics
-CVE-2018-18561
+CVE-2018-18561 (An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base  ...)
 	NOT-FOR-US: Roche Diagnostics
 CVE-2018-18560
 	RESERVED
-CVE-2018-18559
+CVE-2018-18559 (In the Linux kernel through 4.19, a use-after-free can occur due to a  ...)
 	- linux 4.14.7-1
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux 3.16.56-1
 	NOTE: Fixed by: https://git.kernel.org/linus/15fe076edea787807a7cdc168df832544b58eba6
 CVE-2018-18558
 	RESERVED
-CVE-2018-18557
+CVE-2018-18557 (LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into  ...)
 	{DSA-4349-1 DLA-1557-1}
 	- tiff 4.0.9+git181026-1 (bug #911635)
 	- tiff3 <removed>
@@ -6287,31 +6287,31 @@ CVE-2018-XXXX [out of bounds memory read in MED files]
 	[stretch] - libopenmpt <no-dsa> (Minor issue)
 	NOTE: https://lib.openmpt.org/libopenmpt/2018/10/21/security-updates-0.3.13-0.2.10933-beta36-0.2.7561-beta20.5-p11-0.2.7386-beta20.3-p14/
 	NOTE: https://source.openmpt.org/browse/openmpt/trunk/?op=revision&rev=10903
-CVE-2018-18556
+CVE-2018-18556 (A privilege escalation issue was discovered in VyOS 1.1.8. The default ...)
 	NOT-FOR-US: VyOS
-CVE-2018-18555
+CVE-2018-18555 (A sandbox escape issue was discovered in VyOS 1.1.8. It provides a res ...)
 	NOT-FOR-US: VyOS
 CVE-2018-18554
 	RESERVED
-CVE-2018-18553
+CVE-2018-18553 (Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is ...)
 	NOT-FOR-US: Leanote
-CVE-2018-18552
+CVE-2018-18552 (ServersCheck Monitoring Software through 14.3.3 allows local users to  ...)
 	NOT-FOR-US: ServersCheck Monitoring Software
-CVE-2018-18551
+CVE-2018-18551 (ServersCheck Monitoring Software through 14.3.3 has Persistent and Ref ...)
 	NOT-FOR-US: ServersCheck Monitoring Software
-CVE-2018-18550
+CVE-2018-18550 (ServersCheck Monitoring Software before 14.3.4 allows SQL Injection by ...)
 	NOT-FOR-US: ServersCheck Monitoring Software
 CVE-2018-18549
 	RESERVED
-CVE-2018-18548
+CVE-2018-18548 (ajenticp (aka Ajenti Docker control panel) for Ajenti through v1.2.23. ...)
 	NOT-FOR-US: Ajenti
-CVE-2018-18547
+CVE-2018-18547 (Vesta Control Panel through 0.9.8-22 has XSS via the edit/web/ domain  ...)
 	NOT-FOR-US: Vesta Control Panel
-CVE-2018-18546
+CVE-2018-18546 (ThinkPHP 3.2.4 has SQL Injection via the order parameter because the L ...)
 	NOT-FOR-US: ThinkPHP
-CVE-2018-18545
+CVE-2018-18545 (Fiyo CMS 2.0.7 has XSS via the dapur\apps\app_user\edit_user.php name  ...)
 	NOT-FOR-US: Fiyo CMS
-CVE-2018-18544
+CVE-2018-18544 (There is a memory leak in the function WriteMSLImage of coders/msl.c i ...)
 	- imagemagick 8:6.9.10.14+dfsg-1 (unimportant)
 	- graphicsmagick 1.3.31-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1360
@@ -6319,11 +6319,11 @@ CVE-2018-18543
 	RESERVED
 CVE-2018-18542
 	RESERVED
-CVE-2018-18540
+CVE-2018-18540 (TeaKKi 2.7 allows XSS via a crafted onerror attribute for a picture's  ...)
 	NOT-FOR-US: TeaKKi
 CVE-2018-18539
 	RESERVED
-CVE-2018-18541
+CVE-2018-18541 (In Teeworlds before 0.6.5, connection packets could be forged. There w ...)
 	{DSA-4329-1}
 	- teeworlds 0.7.0-1 (bug #911487)
 	[jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
@@ -6334,11 +6334,11 @@ CVE-2018-18541
 	NOTE: https://github.com/teeworlds/teeworlds/commit/f5fa1a92ed81ed8da721e803a036b1553a38e39e
 CVE-2018-18538
 	RESERVED
-CVE-2018-18537
+CVE-2018-18537 (The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exp ...)
 	NOT-FOR-US: ASUS
-CVE-2018-18536
+CVE-2018-18536 (The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 an ...)
 	NOT-FOR-US: ASUS
-CVE-2018-18535
+CVE-2018-18535 (The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier ex ...)
 	NOT-FOR-US: ASUS
 CVE-2018-18534
 	RESERVED
@@ -6346,15 +6346,15 @@ CVE-2018-18533
 	RESERVED
 CVE-2018-18532
 	RESERVED
-CVE-2018-18531
+CVE-2018-18531 (text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, ...)
 	NOT-FOR-US: kaptcha
-CVE-2018-18530
+CVE-2018-18530 (ThinkPHP 5.1.25 has SQL Injection via the count parameter because the  ...)
 	NOT-FOR-US: ThinkPHP
-CVE-2018-18529
+CVE-2018-18529 (ThinkPHP 3.2.4 has SQL Injection via the count parameter because the L ...)
 	NOT-FOR-US: ThinkPHP
 CVE-2018-18528
 	RESERVED
-CVE-2018-18527
+CVE-2018-18527 (OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or edit ...)
 	NOT-FOR-US: OwnTicket
 CVE-2018-18526
 	RESERVED
@@ -6366,25 +6366,25 @@ CVE-2018-18523
 	RESERVED
 CVE-2018-18522
 	RESERVED
-CVE-2018-18521
+CVE-2018-18521 (Divide-by-zero vulnerabilities in the function arlib_add_symbols() in  ...)
 	{DLA-1689-1}
 	- elfutils 0.175-1 (low; bug #911413)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23786
 	NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00055.html
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=2b16a9be69939822dcafe075413468daac98b327
-CVE-2018-18520
+CVE-2018-18520 (An Invalid Memory Address Dereference exists in the function elf_end i ...)
 	{DLA-1689-1}
 	- elfutils 0.175-1 (low; bug #911414)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23787
 	NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=22d2d082d57a7470fadc0eae67179553f4919209
-CVE-2018-18519
+CVE-2018-18519 (BestXsoftware Best Free Keylogger 5.2.9 allows local users to gain pri ...)
 	NOT-FOR-US: BestXsoftware Best Free Keylogger
 CVE-2018-18518
 	RESERVED
-CVE-2018-18517
+CVE-2018-18517 (Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before 11.1 ...)
 	NOT-FOR-US: Citrix
 CVE-2018-18516
 	RESERVED
@@ -6417,10 +6417,10 @@ CVE-2018-18508 [NULL pointer dereference in several CMS functions resulting in a
 	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.42.1_release_notes
 CVE-2018-18507
 	RESERVED
-CVE-2018-18506
+CVE-2018-18506 (When proxy auto-detection is enabled, if a web server serves a Proxy A ...)
 	- firefox 65.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18506
-CVE-2018-18505
+CVE-2018-18505 (An earlier fix for an Inter-process Communication (IPC) vulnerability, ...)
 	{DSA-4392-1 DSA-4376-1 DLA-1678-1 DLA-1648-1}
 	- firefox 65.0-1
 	- firefox-esr 60.5.0esr-1
@@ -6428,16 +6428,16 @@ CVE-2018-18505
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18505
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/#CVE-2018-18505
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2018-18505
-CVE-2018-18504
+CVE-2018-18504 (A crash and out-of-bounds read can occur when the buffer of a texture  ...)
 	- firefox 65.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18504
-CVE-2018-18503
+CVE-2018-18503 (When JavaScript is used to create and manipulate an audio buffer, a po ...)
 	- firefox 65.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18503
-CVE-2018-18502
+CVE-2018-18502 (Mozilla developers and community members reported memory safety bugs p ...)
 	- firefox 65.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18502
-CVE-2018-18501
+CVE-2018-18501 (Mozilla developers and community members reported memory safety bugs p ...)
 	{DSA-4392-1 DSA-4376-1 DLA-1678-1 DLA-1648-1}
 	- firefox 65.0-1
 	- firefox-esr 60.5.0esr-1
@@ -6445,7 +6445,7 @@ CVE-2018-18501
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18501
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/#CVE-2018-18501
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2018-18501
-CVE-2018-18500
+CVE-2018-18500 (A use-after-free vulnerability can occur while parsing an HTML5 stream ...)
 	{DSA-4392-1 DSA-4376-1 DLA-1678-1 DLA-1648-1}
 	- firefox 65.0-1
 	- firefox-esr 60.5.0esr-1
@@ -6453,7 +6453,7 @@ CVE-2018-18500
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18500
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/#CVE-2018-18500
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2018-18500
-CVE-2018-18499
+CVE-2018-18499 (A same-origin policy violation allowing the theft of cross-origin URL  ...)
 	{DSA-4327-1 DSA-4287-1 DLA-1575-1 DLA-1571-1}
 	- firefox 62.0-1
 	- firefox-esr 60.2.0esr-1
@@ -6461,7 +6461,7 @@ CVE-2018-18499
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-18499
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-18499
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-18499
-CVE-2018-18498
+CVE-2018-18498 (A potential vulnerability leading to an integer overflow can occur dur ...)
 	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
@@ -6469,16 +6469,16 @@ CVE-2018-18498
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18498
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-18498
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/#CVE-2018-18498
-CVE-2018-18497
+CVE-2018-18497 (Limitations on the URIs allowed to WebExtensions by the browser.window ...)
 	- firefox 64.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18497
-CVE-2018-18496
+CVE-2018-18496 (When the RSS Feed preview about:feeds page is framed within another pa ...)
 	- firefox <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18496
-CVE-2018-18495
+CVE-2018-18495 (WebExtension content scripts can be loaded into about: pages in some c ...)
 	- firefox 64.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18495
-CVE-2018-18494
+CVE-2018-18494 (A same-origin policy violation allowing the theft of cross-origin URL  ...)
 	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
@@ -6486,7 +6486,7 @@ CVE-2018-18494
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18494
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-18494
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/#CVE-2018-18494
-CVE-2018-18493
+CVE-2018-18493 (A buffer overflow can occur in the Skia library during buffer offset c ...)
 	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
@@ -6494,7 +6494,7 @@ CVE-2018-18493
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18493
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-18493
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/#CVE-2018-18493
-CVE-2018-18492
+CVE-2018-18492 (A use-after-free vulnerability can occur after deleting a selection el ...)
 	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
@@ -6508,21 +6508,21 @@ CVE-2018-18490
 	RESERVED
 CVE-2018-18489
 	RESERVED
-CVE-2018-18488
+CVE-2018-18488 (In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injectio ...)
 	NOT-FOR-US: Gxlcms
-CVE-2018-18487
+CVE-2018-18487 (In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database ...)
 	NOT-FOR-US: Gxlcms
-CVE-2018-18486
+CVE-2018-18486 (An issue was discovered in PHPSHE 1.7. SQL injection exists via the ad ...)
 	NOT-FOR-US: PHPSHE
-CVE-2018-18485
+CVE-2018-18485 (An issue was discovered in PHPSHE 1.7. admin.php?mod=db&amp;act=del al ...)
 	NOT-FOR-US: PHPSHE
-CVE-2018-18484
+CVE-2018-18484 (An issue was discovered in cp-demangle.c in GNU libiberty, as distribu ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-18483
+CVE-2018-18483 (The get_count function in cplus-dem.c in GNU libiberty, as distributed ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -6530,21 +6530,21 @@ CVE-2018-18483
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83472
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79111
-CVE-2018-18482
+CVE-2018-18482 (An issue was discovered in libpg_query 10-1.0.2. There is a memory lea ...)
 	NOT-FOR-US: libpg_query
-CVE-2018-18481
+CVE-2018-18481 (A heap-based buffer over-read exists in libopencad 0.2.0 in the ReadCH ...)
 	NOT-FOR-US: libopencad
-CVE-2018-18480
+CVE-2018-18480 (A heap-based buffer over-read exists in libopencad 0.2.0 in the ReadMC ...)
 	NOT-FOR-US: libopencad
 CVE-2018-18479
 	RESERVED
-CVE-2018-18478
+CVE-2018-18478 (Persistent Cross-Site Scripting (XSS) issues in LibreNMS before 1.44 a ...)
 	NOT-FOR-US: LibreNMS
 CVE-2018-18477
 	RESERVED
-CVE-2018-18476
+CVE-2018-18476 (mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it  ...)
 	NOT-FOR-US: mysql-binuuid-rails
-CVE-2018-18475
+CVE-2018-18475 (Zoho ManageEngine OpManager before 12.3 build 123214 allows Unrestrict ...)
 	NOT-FOR-US: Zoho
 CVE-2018-18474
 	RESERVED
@@ -6560,7 +6560,7 @@ CVE-2018-18469
 	RESERVED
 CVE-2018-18468
 	RESERVED
-CVE-2018-18467
+CVE-2018-18467 (An issue was discovered in Daniel Gultsch Conversations 2.3.4. It is p ...)
 	NOT-FOR-US: Daniel Gultsch Conversations
 CVE-2018-18466
 	RESERVED
@@ -6584,36 +6584,36 @@ CVE-2018-XXXX [External URL injection through URL aliases]
 	[jessie] - drupal7 7.32-1+deb8u13
 	NOTE: https://www.drupal.org/sa-core-2018-006
 	NOTE: http://cgit.drupalcode.org/drupal/commit/?id=ee301cf5ebff3534b59fcece583b3a0e4f094f15
-CVE-2018-18461
+CVE-2018-18461 (The Arigato Autoresponder and Newsletter (aka bft-autoresponder) v2.5. ...)
 	NOT-FOR-US: Arigato
-CVE-2018-18460
+CVE-2018-18460 (XSS exists in the wp-live-chat-support v8.0.15 plugin for WordPress vi ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-18459
+CVE-2018-18459 (The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remo ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
 	NOTE: no security impact, crash in CLI tool
-CVE-2018-18458
+CVE-2018-18458 (The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows r ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
 	NOTE: no security impact, crash in CLI tool
-CVE-2018-18457
+CVE-2018-18457 (The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remo ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
 	NOTE: no security impact, crash in CLI tool
-CVE-2018-18456
+CVE-2018-18456 (The function Object::isName() in Object.h (called from Gfx::opSetFillC ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
 	NOTE: no security impact, crash in CLI tool
-CVE-2018-18455
+CVE-2018-18455 (The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote a ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
 	NOTE: no security impact, crash in CLI tool
-CVE-2018-18454
+CVE-2018-18454 (CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote atta ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
@@ -6624,9 +6624,9 @@ CVE-2018-18452
 	RESERVED
 CVE-2018-18451
 	RESERVED
-CVE-2018-18450
+CVE-2018-18450 (apps\admin\controller\content\SingleController.php in PbootCMS before  ...)
 	NOT-FOR-US: PbooCMS
-CVE-2018-18449
+CVE-2018-18449 (EmpireCMS 7.5 allows CSRF for adding a user account via an enews=AddUs ...)
 	NOT-FOR-US: EmpireCMS
 CVE-2018-18448
 	RESERVED
@@ -6634,34 +6634,34 @@ CVE-2018-18447
 	RESERVED
 CVE-2018-18446
 	RESERVED
-CVE-2018-18444
+CVE-2018-18444 (makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bound ...)
 	- openexr <unfixed> (unimportant)
 	NOTE: Issue in exrmultiview which is not installed in the binary package.
-CVE-2018-18443
+CVE-2018-18443 (OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/Ilm ...)
 	- openexr <unfixed> (low)
 	[buster] - openexr <no-dsa> (Minor issue)
 	[stretch] - openexr <no-dsa> (Minor issue)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://github.com/openexr/openexr/issues/350
-CVE-2018-18442
+CVE-2018-18442 (D-Link DCS-825L devices with firmware 1.08 do not employ a suitable me ...)
 	NOT-FOR-US: D-Link
-CVE-2018-18441
+CVE-2018-18441 (D-Link DCS series Wi-Fi cameras expose sensitive information regarding ...)
 	NOT-FOR-US: D-Link
-CVE-2018-18440
+CVE-2018-18440 (DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overf ...)
 	- u-boot <unfixed> (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/02/2
 	NOTE: No security impact as supported/packaged in Debian
-CVE-2018-18439
+CVE-2018-18439 (DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer over ...)
 	- u-boot <unfixed> (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/02/2
 	NOTE: No security impact as supported/packaged in Debian
-CVE-2018-18445
+CVE-2018-18445 (In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before  ...)
 	- linux 4.18.20-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1686
 	NOTE: https://git.kernel.org/linus/b799207e1e1816b09e7a5920fbb2d5fcf6edd681
-CVE-2018-18438
+CVE-2018-18438 (Qemu has integer overflows because IOReadHandler and its associated fu ...)
 	- qemu 1:3.1+dfsg-1 (bug #911470)
 	[stretch] - qemu <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - qemu <ignored> (Minor issue, too intrusive to backport)
@@ -6669,29 +6669,29 @@ CVE-2018-18438
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg02396.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg02402.html
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/17/3
-CVE-2018-18437
+CVE-2018-18437 (In AXIOS ITALIA Axioscloud Sissiweb Registro Elettronico 1.7.0, secret ...)
 	NOT-FOR-US: AXIOS
-CVE-2018-18436
+CVE-2018-18436 (JTBC(PHP) 3.0 allows CSRF for creating an account via the console/acco ...)
 	NOT-FOR-US: JTBC(PHP)
-CVE-2018-18435
+CVE-2018-18435 (KioWare Server 4.9.6 allows local users to gain privileges by replacin ...)
 	TODO: check
-CVE-2018-18434
+CVE-2018-18434 (An issue was discovered in litemall 0.9.0. Arbitrary file download is  ...)
 	NOT-FOR-US: litemall
-CVE-2018-18433
+CVE-2018-18433 (An issue was discovered in DESTOON B2B 7.0. admin/category.inc.php has ...)
 	NOT-FOR-US: DESTOON B2B
-CVE-2018-18432
+CVE-2018-18432 (An issue was discovered in DESTOON B2B 7.0. CSRF exists via the admin. ...)
 	NOT-FOR-US: DESTOON B2B
-CVE-2018-18431
+CVE-2018-18431 (An issue was discovered in DESTOON B2B 7.0. XSS exists via certain tex ...)
 	NOT-FOR-US: DESTOON B2B
-CVE-2018-18430
+CVE-2018-18430 (An issue was discovered in DESTOON B2B 7.0. admin\setting.inc.php has  ...)
 	NOT-FOR-US: DESTOON B2B
 CVE-2018-18429
 	RESERVED
-CVE-2018-18428
+CVE-2018-18428 (TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP  ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-18427
+CVE-2018-18427 (s-cms 3.0 allows SQL Injection via the member/post.php 0_id parameter  ...)
 	NOT-FOR-US: s-cms
-CVE-2018-18426
+CVE-2018-18426 (s-cms 3.0 allows remote attackers to execute arbitrary PHP code by pla ...)
 	NOT-FOR-US: s-cms
 CVE-2018-18425
 	RESERVED
@@ -6699,19 +6699,19 @@ CVE-2018-18424
 	RESERVED
 CVE-2018-18423
 	RESERVED
-CVE-2018-18422
+CVE-2018-18422 (UsualToolCMS 8.0 allows CSRF for adding a user account via the cmsadmi ...)
 	NOT-FOR-US: UsualToolCMS
 CVE-2018-18421
 	RESERVED
-CVE-2018-18420
+CVE-2018-18420 (Cross-Site Request Forgery (CSRF) vulnerability was discovered in the  ...)
 	NOT-FOR-US: Zenario Content Management System
-CVE-2018-18419
+CVE-2018-18419 (Stored XSS has been discovered in the upload section of ARDAWAN.COM Us ...)
 	NOT-FOR-US: ARDAWAN.COM User Management
 CVE-2018-18418
 	RESERVED
-CVE-2018-18417
+CVE-2018-18417 (In the 3.1 version of Ekushey Project Manager CRM, Stored XSS has been ...)
 	NOT-FOR-US: Ekushey Project Manager CRM
-CVE-2018-18416
+CVE-2018-18416 (LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upl ...)
 	NOT-FOR-US: LANGO Codeigniter Multilingual Scrip
 CVE-2018-18415
 	RESERVED
@@ -6725,18 +6725,18 @@ CVE-2018-18411
 	RESERVED
 CVE-2018-18410
 	RESERVED
-CVE-2018-18409
+CVE-2018-18409 (A stack-based buffer over-read exists in setbit() at iptree.h of TCPFL ...)
 	- tcpflow 1.5.2+repack1-1 (unimportant; bug #911263)
 	NOTE: https://github.com/simsong/tcpflow/issues/195
 	NOTE: https://github.com/simsong/tcpflow/commit/89c04b4fb0e46b3c4f1388686e83966e531cbea9
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-18408
+CVE-2018-18408 (A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4 ...)
 	- tcpreplay 4.3.1-1 (bug #911493)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
 	NOTE: https://github.com/appneta/tcpreplay/issues/489
 	NOTE: https://github.com/appneta/tcpreplay/commit/59dc76a1d641b1a6b22fd7cd409bee6e0a015616
-CVE-2018-18407
+CVE-2018-18407 (A heap-based buffer over-read was discovered in the tcpreplay-edit bin ...)
 	- tcpreplay 4.3.1-1 (bug #911454)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
@@ -6756,49 +6756,49 @@ CVE-2018-18401
 	RESERVED
 CVE-2018-18400
 	RESERVED
-CVE-2018-18399
+CVE-2018-18399 (SQL injection vulnerability in the "ContentPlaceHolder1_uxTitle" compo ...)
 	NOT-FOR-US: KARMA
-CVE-2018-18398
+CVE-2018-18398 (Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey ...)
 	- thunar <unfixed> (unimportant)
 	NOTE: https://0xd0ff9.wordpress.com/2018/10/18/cve-2018-18398/
 	NOTE: no security impact, crash in end user tool
-CVE-2018-18397
+CVE-2018-18397 (The userfaultfd implementation in the Linux kernel before 4.19.7 misha ...)
 	- linux 4.19.9-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lore.kernel.org/lkml/20181126173452.26955-1-aarcange@redhat.com/T/#u
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1700
-CVE-2018-18396
+CVE-2018-18396 (Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device Manage ...)
 	NOT-FOR-US: Moxa
-CVE-2018-18395
+CVE-2018-18395 (Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device Manageme ...)
 	NOT-FOR-US: Moxa
-CVE-2018-18394
+CVE-2018-18394 (Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gate ...)
 	NOT-FOR-US: Moxa
-CVE-2018-18393
+CVE-2018-18393 (Password Management Issue in Moxa ThingsPro IIoT Gateway and Device Ma ...)
 	NOT-FOR-US: Moxa
-CVE-2018-18392
+CVE-2018-18392 (Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT  ...)
 	NOT-FOR-US: Moxa
-CVE-2018-18391
+CVE-2018-18391 (User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Ma ...)
 	NOT-FOR-US: Moxa
-CVE-2018-18390
+CVE-2018-18390 (User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management  ...)
 	NOT-FOR-US: Moxa
-CVE-2018-18389
+CVE-2018-18389 (Due to incorrect access control in Neo4j Enterprise Database Server 3. ...)
 	NOT-FOR-US: Neo4J server
-CVE-2018-18388
+CVE-2018-18388 (eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technolog ...)
 	NOT-FOR-US: MicroWorld Technologies eScan
-CVE-2018-18387
+CVE-2018-18387 (playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse ...)
 	NOT-FOR-US: playSMS
-CVE-2018-18386
+CVE-2018-18386 (drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local at ...)
 	- linux 4.14.12-1
 	[stretch] - linux 4.9.82-1+deb9u1
 	[jessie] - linux 3.16.56-1
 	NOTE: Fixed by: https://git.kernel.org/linus/966031f340185eddd05affcf72b740549f056348
-CVE-2018-18385
+CVE-2018-18385 (Asciidoctor in versions &lt; 1.5.8 allows remote attackers to cause a  ...)
 	- asciidoctor 1.5.8-1 (low; bug #913892)
 	[stretch] - asciidoctor <no-dsa> (Minor issue)
 	[jessie] - asciidoctor <no-dsa> (Minor issue)
 	NOTE: https://github.com/asciidoctor/asciidoctor/issues/2888
-CVE-2018-18384
+CVE-2018-18384 (Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive ...)
 	- unzip 6.0-11 (bug #741384)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1110194
 	NOTE: https://sourceforge.net/p/infozip/bugs/53/
@@ -6808,27 +6808,27 @@ CVE-2018-18384
 	NOTE: https://sourceforge.net/p/infozip/bugs/53/#ba07
 CVE-2018-18383
 	RESERVED
-CVE-2018-18382
+CVE-2018-18382 (Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php f ...)
 	NOT-FOR-US: Advanced HRM
-CVE-2018-18381
+CVE-2018-18381 (Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_syste ...)
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-18380
+CVE-2018-18380 (A Session Fixation issue was discovered in Bigtree before 4.2.24. admi ...)
 	NOT-FOR-US: Bigtree CMS
 CVE-2018-18379
 	RESERVED
 CVE-2018-18378
 	RESERVED
-CVE-2018-18377
+CVE-2018-18377 (goform/setReset on Orange AirBox Y858_FL_01.16_04 devices allows attac ...)
 	NOT-FOR-US: Orange AirBox Y858_FL_01.16_04 devices
-CVE-2018-18376
+CVE-2018-18376 (goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remo ...)
 	NOT-FOR-US: Orange AirBox
-CVE-2018-18375
+CVE-2018-18375 (goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attacke ...)
 	NOT-FOR-US: Orange AirBox
-CVE-2018-18374
+CVE-2018-18374 (XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid par ...)
 	NOT-FOR-US: MetInfo
-CVE-2018-18373
+CVE-2018-18373 (In the Schiocco "Support Board - Chat And Help Desk" plugin 1.2.3 for  ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-18372
+CVE-2018-18372 (A Stored XSS vulnerability has been discovered in KAASoft Library CMS  ...)
 	NOT-FOR-US: KAASoft Library CMS
 CVE-2018-18371
 	RESERVED
@@ -6844,26 +6844,26 @@ CVE-2018-18366
 	RESERVED
 CVE-2018-18365
 	RESERVED
-CVE-2018-18364
+CVE-2018-18364 (Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be s ...)
 	NOT-FOR-US: Symantec
-CVE-2018-18363
+CVE-2018-18363 (Norton App Lock prior to 1.4.0.445 can be susceptible to a bypass expl ...)
 	NOT-FOR-US: Norton App Lock
-CVE-2018-18362
+CVE-2018-18362 (Norton Password Manager for Android (formerly Norton Identity Safe) ma ...)
 	NOT-FOR-US: Norton Password Manager for Android
-CVE-2018-18361
+CVE-2018-18361 (An issue was discovered in nc-cms through 2017-03-10. index.php?action ...)
 	NOT-FOR-US: nc-cms
 CVE-2018-18360
 	RESERVED
-CVE-2018-18359
+CVE-2018-18359 (Incorrect handling of Reflect.construct in V8 in Google Chrome prior t ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18358
+CVE-2018-18358 (Lack of special casing of localhost in WPAD files in Google Chrome pri ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18357
+CVE-2018-18357 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18356
+CVE-2018-18356 (An integer overflow in path handling lead to a use after free in Skia  ...)
 	{DSA-4392-1 DSA-4391-1 DSA-4352-1 DLA-1678-1 DLA-1677-1}
 	- chromium 71.0.3578.80-1
 	- firefox 65.0.1-1
@@ -6873,67 +6873,67 @@ CVE-2018-18356
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2018-18356
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18356
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2018-18356
-CVE-2018-18355
+CVE-2018-18355 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18354
+CVE-2018-18354 (Insufficient validate of external protocols in Shell Integration in Go ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18353
+CVE-2018-18353 (Failure to dismiss http auth dialogs on navigation in Network Authenti ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18352
+CVE-2018-18352 (Service works could inappropriately gain access to cross origin audio  ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18351
+CVE-2018-18351 (Lack of proper validation of ancestor frames site when sending lax coo ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18350
+CVE-2018-18350 (Incorrect handling of CSP enforcement during navigations in Blink in G ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18349
+CVE-2018-18349 (Remote frame navigations was incorrectly permitted to local resources  ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18348
+CVE-2018-18348 (Incorrect handling of bidirectional domain names with RTL characters i ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18347
+CVE-2018-18347 (Incorrect handling of failed navigations with invalid URLs in Navigati ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18346
+CVE-2018-18346 (Incorrect handling of alert box display in Blink in Google Chrome prio ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18345
+CVE-2018-18345 (Incorrect handling of blob URLS in Site Isolation in Google Chrome pri ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18344
+CVE-2018-18344 (Inappropriate allowance of the setDownloadBehavior devtools protocol f ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18343
+CVE-2018-18343 (Incorrect handing of paths leading to a use after free in Skia in Goog ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18342
+CVE-2018-18342 (Execution of user supplied Javascript during object deserialization ca ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18341
+CVE-2018-18341 (An integer overflow leading to a heap buffer overflow in Blink in Goog ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18340
+CVE-2018-18340 (Incorrect object lifecycle in MediaRecorder in Google Chrome prior to  ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18339
+CVE-2018-18339 (Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0. ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18338
+CVE-2018-18338 (Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome pri ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18337
+CVE-2018-18337 (Incorrect handling of stylesheets leading to a use after free in Blink ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18336
+CVE-2018-18336 (Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.35 ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-18335
+CVE-2018-18335 (Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 al ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
 	- firefox-esr <not-affected> (Only affects MacOS specific which had Canvas 2D acceleration enabled)
@@ -6941,87 +6941,87 @@ CVE-2018-18335
 	- skia <itp> (bug #818180)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18335
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2018-18335
-CVE-2018-18334
+CVE-2018-18334 (A vulnerability in the Private Browser of Trend Micro Dr. Safety for A ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-18333
+CVE-2018-18333 (A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer)  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-18332
+CVE-2018-18332 (A Trend Micro OfficeScan XG weak file permissions vulnerability may al ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-18331
+CVE-2018-18331 (A Trend Micro OfficeScan XG weak file permissions vulnerability on a p ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-18330
+CVE-2018-18330 (An Address Bar Spoofing vulnerability in Trend Micro Dr. Safety for An ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-18329
+CVE-2018-18329 (A KERedirect Untrusted Pointer Dereference Privilege Escalation vulner ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-18328
+CVE-2018-18328 (A KERedirect Untrusted Pointer Dereference Privilege Escalation vulner ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-18327
+CVE-2018-18327 (A KERedirect Untrusted Pointer Dereference Privilege Escalation vulner ...)
 	NOT-FOR-US: Trend Micro
 CVE-2018-18326
 	RESERVED
 CVE-2018-18325
 	RESERVED
-CVE-2018-18324
+CVE-2018-18324 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has XSS via t ...)
 	NOT-FOR-US: CentOS Web Panel
-CVE-2018-18323
+CVE-2018-18323 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local Fil ...)
 	NOT-FOR-US: CentOS Web Panel
-CVE-2018-18322
+CVE-2018-18322 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command I ...)
 	NOT-FOR-US: CentOS Web Panel
 CVE-2018-18321
 	RESERVED
-CVE-2018-18320
+CVE-2018-18320 (** DISPUTED ** An issue was discovered in the Merlin.PHP component 0.6 ...)
 	NOT-FOR-US: Merlin.PHP component for Asuswrt-Merlin devices
-CVE-2018-18319
+CVE-2018-18319 (** DISPUTED ** An issue was discovered in the Merlin.PHP component 0.6 ...)
 	NOT-FOR-US: Merlin.PHP component for Asuswrt-Merlin devices
-CVE-2018-18318
+CVE-2018-18318 (The /dev/block/mmcblk0rpmb driver kernel module on Qiku 360 Phone N6 P ...)
 	NOT-FOR-US: Qiku 360 Phone
-CVE-2018-18317
+CVE-2018-18317 (DESHANG DSCMS 1.1 has CSRF via the public/index.php/admin/admin/add.ht ...)
 	NOT-FOR-US: DESHANG DSCMS
-CVE-2018-18316
+CVE-2018-18316 (emlog v6.0.0 has CSRF via the admin/user.php?action=new URI. ...)
 	NOT-FOR-US: emlog
-CVE-2018-18315
+CVE-2018-18315 (com/mossle/cdn/CdnController.java in lemon 1.9.0 allows attackers to u ...)
 	NOT-FOR-US: lemon, different from src:lemon
-CVE-2018-18314
+CVE-2018-18314 (Perl before 5.26.3 has a buffer overflow via a crafted regular express ...)
 	{DSA-4347-1}
 	- perl 5.28.0-3
 	[jessie] - perl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://rt.perl.org/Ticket/Display.html?id=131649
 	NOTE: maint-5.28: https://perl5.git.perl.org/perl.git/commitdiff/19a498a461d7c81ae3507c450953d1148efecf4f
-CVE-2018-18313
+CVE-2018-18313 (Perl before 5.26.3 has a buffer over-read via a crafted regular expres ...)
 	{DSA-4347-1}
 	- perl 5.28.0-3
 	[jessie] - perl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://rt.perl.org/Ticket/Display.html?id=133192
 	NOTE: maint-5.28: https://perl5.git.perl.org/perl.git/commitdiff/43b2f4ef399e2fd7240b4eeb0658686ad95f8e62
-CVE-2018-18312
+CVE-2018-18312 (Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via  ...)
 	{DSA-4347-1}
 	- perl 5.28.1-1
 	[jessie] - perl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://rt.perl.org/Ticket/Display.html?id=133423
 	NOTE: maint-5.28: https://perl5.git.perl.org/perl.git/commitdiff/9b0464aa670d0a59bda5b75d54f2a6b6f9d1288a
-CVE-2018-18311
+CVE-2018-18311 (Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via  ...)
 	{DSA-4347-1 DLA-1601-1}
 	- perl 5.28.1-1
 	NOTE: https://rt.perl.org/Ticket/Display.html?id=133204
 	NOTE: Introduced by: https://perl5.git.perl.org/perl.git/commitdiff/e658793210bbe632a5e80a876acfcd0984c46b87
 	NOTE: maint-5.28: https://perl5.git.perl.org/perl.git/commitdiff/0589f071dc6836de80b24fd798c3336c72ead850
-CVE-2018-18310
+CVE-2018-18310 (An invalid memory address dereference was discovered in dwfl_segment_r ...)
 	{DLA-1689-1}
 	- elfutils 0.175-1 (bug #911083)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23752
 	NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00022.html
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=20f9de9b5f704cec55df92406a50bcbcfca96acd
-CVE-2018-18309
+CVE-2018-18309 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
 	[experimental] - binutils 2.31.51.20181022-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23770
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f
-CVE-2018-18308
+CVE-2018-18308 (In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been  ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2018-18307
+CVE-2018-18307 (A Stored XSS vulnerability has been discovered in version 4.1.0 of Alc ...)
 	NOT-FOR-US: AlchemyCMS
 CVE-2018-18306
 	RESERVED
@@ -7043,7 +7043,7 @@ CVE-2018-18298
 	RESERVED
 CVE-2018-18297
 	RESERVED
-CVE-2018-18296
+CVE-2018-18296 (MetInfo 6.1.2 has XSS via the /admin/index.php bigclass parameter in a ...)
 	NOT-FOR-US: MetInfo
 CVE-2018-18295
 	RESERVED
@@ -7053,21 +7053,21 @@ CVE-2018-18293
 	RESERVED
 CVE-2018-18292
 	RESERVED
-CVE-2018-18291
+CVE-2018-18291 (A cross site scripting (XSS) vulnerability on ASUS RT-AC58U 3.0.0.4.38 ...)
 	NOT-FOR-US: ASUS RT-AC58U devices
-CVE-2018-18290
+CVE-2018-18290 (** DISPUTED ** An issue was discovered in nc-cms through 2017-03-10. i ...)
 	NOT-FOR-US: nc-cms
-CVE-2018-18289
+CVE-2018-18289 (The MESILAT Zabbix plugin before 1.1.15 for Atlassian Confluence allow ...)
 	NOT-FOR-US: Zabbix Plugin for Confluence
 CVE-2018-18288
 	RESERVED
-CVE-2018-18287
+CVE-2018-18287 (On ASUS RT-AC58U 3.0.0.4.380_6516 devices, remote attackers can discov ...)
 	NOT-FOR-US: ASUS RT-AC58U devices
 CVE-2018-18286
 	RESERVED
 CVE-2018-18285
 	RESERVED
-CVE-2018-18284
+CVE-2018-18284 (Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sand ...)
 	{DSA-4336-1 DLA-1552-1}
 	- ghostscript 9.25~dfsg-3 (bug #911175)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699963
@@ -7076,9 +7076,9 @@ CVE-2018-18284
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;h=8d19fdf63f91f50466b08f23e2d93d37a4c5ea0b
 CVE-2018-18283
 	RESERVED
-CVE-2018-18282
+CVE-2018-18282 (Next.js 7.0.0 and 7.0.1 has XSS via the 404 or 500 /_error page. ...)
 	NOT-FOR-US: Next.js
-CVE-2018-18281
+CVE-2018-18281 (Since Linux kernel version 3.2, the mremap() syscall performs TLB flus ...)
 	{DLA-1715-1}
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.135-1
@@ -7095,15 +7095,15 @@ CVE-2018-18276
 	RESERVED
 CVE-2018-18275
 	RESERVED
-CVE-2018-18274
+CVE-2018-18274 (A issue was found in pdfalto 0.2. There is a heap-based buffer overflo ...)
 	NOT-FOR-US: pdfalto
 CVE-2018-18273
 	RESERVED
 CVE-2018-18272
 	RESERVED
-CVE-2018-18271
+CVE-2018-18271 (XSS exists in CMS Made Simple version 2.2.7 via the m1_extra parameter ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-18270
+CVE-2018-18270 (XSS exists in CMS Made Simple version 2.2.7 via the m1_news_url parame ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2018-18269
 	RESERVED
@@ -7115,55 +7115,55 @@ CVE-2018-18266
 	RESERVED
 CVE-2018-18265
 	RESERVED
-CVE-2018-18264
+CVE-2018-18264 (Kubernetes Dashboard before 1.10.1 allows attackers to bypass authenti ...)
 	NOT-FOR-US: Kubernetes Dashboard
 CVE-2018-18263
 	RESERVED
-CVE-2018-18262
+CVE-2018-18262 (Zoho ManageEngine OpManager 12.3 before build 123214 has XSS. ...)
 	NOT-FOR-US: Zoho
 CVE-2018-18261
 	RESERVED
-CVE-2018-18260
+CVE-2018-18260 (In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. Th ...)
 	NOT-FOR-US: Camaleon CMS
-CVE-2018-18259
+CVE-2018-18259 (Stored XSS has been discovered in version 1.0.12 of the LUYA CMS softw ...)
 	NOT-FOR-US: LUYA CMS
-CVE-2018-18258
+CVE-2018-18258 (An issue was discovered in BageCMS 3.1.3. The attacker can execute arb ...)
 	NOT-FOR-US: BageCMS
-CVE-2018-18257
+CVE-2018-18257 (An issue was discovered in BageCMS 3.1.3. An attacker can delete any f ...)
 	NOT-FOR-US: BageCMS
-CVE-2018-18256
+CVE-2018-18256 (An issue was discovered in CapMon Access Manager 5.4.1.1005. A regular ...)
 	NOT-FOR-US: CapMon Access Manager
-CVE-2018-18255
+CVE-2018-18255 (An issue was discovered in CapMon Access Manager 5.4.1.1005. The clien ...)
 	NOT-FOR-US: CapMon Access Manager
-CVE-2018-18254
+CVE-2018-18254 (An issue was discovered in CapMon Access Manager 5.4.1.1005. An unpriv ...)
 	NOT-FOR-US: CapMon Access Manager
-CVE-2018-18253
+CVE-2018-18253 (An issue was discovered in CapMon Access Manager 5.4.1.1005. CALRunEle ...)
 	NOT-FOR-US: CapMon Access Manager
-CVE-2018-18252
+CVE-2018-18252 (An issue was discovered in CapMon Access Manager 5.4.1.1005. CALRunEle ...)
 	NOT-FOR-US: CapMon Access Manager
 CVE-2018-18251
 	RESERVED
-CVE-2018-18250
+CVE-2018-18250 (Icinga Web 2 before 2.6.2 allows parameters that break navigation dash ...)
 	- icingaweb2 2.6.2-1
 	[stretch] - icingaweb2 <no-dsa> (Minor issue)
 	NOTE: https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180030.txt
-CVE-2018-18249
+CVE-2018-18249 (Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives  ...)
 	- icingaweb2 2.6.2-1
 	[stretch] - icingaweb2 <no-dsa> (Minor issue)
 	NOTE: https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180030.txt
-CVE-2018-18248
+CVE-2018-18248 (Icinga Web 2 has XSS via the /icingaweb2/monitoring/list/services dir  ...)
 	- icingaweb2 2.6.2-1
 	[stretch] - icingaweb2 <no-dsa> (Minor issue)
 	NOTE: https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180028.txt
-CVE-2018-18247
+CVE-2018-18247 (Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add i ...)
 	- icingaweb2 2.6.2-1
 	[stretch] - icingaweb2 <no-dsa> (Minor issue)
 	NOTE: https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180029.txt
-CVE-2018-18246
+CVE-2018-18246 (Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisabl ...)
 	- icingaweb2 2.6.2-1
 	[stretch] - icingaweb2 <no-dsa> (Minor issue)
 	NOTE: https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180027.txt
-CVE-2018-18245
+CVE-2018-18245 (Nagios Core 4.4.2 has XSS via the alert summary reports of plugin resu ...)
 	{DLA-1615-1}
 	- nagios4 4.3.4-3 (unimportant; bug #917138)
 	- nagios3 <removed> (unimportant)
@@ -7171,15 +7171,15 @@ CVE-2018-18245
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/issues/602
 	NOTE: Fixed by: https://github.com/NagiosEnterprises/nagioscore/commit/0329033db9a1d0954c304f209ea88824e8f78b8a
 	NOTE: No real security impact, plugins need to be trusted to begin with
-CVE-2018-18244
+CVE-2018-18244 (Cross-site scripting in syslog.html in VIVOTEK Network Camera Series p ...)
 	NOT-FOR-US: VIVOTEK Network Camera
 CVE-2018-18243
 	RESERVED
-CVE-2018-18242
+CVE-2018-18242 (youke365 v1.1.5 has SQL injection via admin/login.html, as demonstrate ...)
 	NOT-FOR-US: youke365
 CVE-2018-18241
 	RESERVED
-CVE-2018-18240
+CVE-2018-18240 (Pippo through 1.11.0 allows remote code execution via a command to jav ...)
 	NOT-FOR-US: Pippo
 CVE-2018-18239
 	RESERVED
@@ -7205,30 +7205,30 @@ CVE-2018-18229
 	RESERVED
 CVE-2018-18228
 	RESERVED
-CVE-2018-18227
+CVE-2018-18227 (In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol di ...)
 	{DSA-4359-1}
 	- wireshark 2.6.4-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present, mswsp support added in v1.99.9)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15119
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d443be449a52f95df5754adc39e1f3472fec2f03
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-47.html
-CVE-2018-18226
+CVE-2018-18226 (In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could c ...)
 	{DSA-4359-1}
 	- wireshark 2.6.4-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15171
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6e920ddc3cad2886ef07ca1a8e50e2a5c50986f7
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-48.html
-CVE-2018-18225
+CVE-2018-18225 (In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was  ...)
 	{DSA-4359-1}
 	- wireshark 2.6.4-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present, 2.31-continue-code added in v2.1.0)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15172
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=09a02cc1ea6de9f6c6cae75b3510a5477ef5f555
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-49.html
-CVE-2018-18224
+CVE-2018-18224 (A vulnerability exists in the file reading procedure in Open Design Al ...)
 	NOT-FOR-US: Open Design Alliance Drawings
-CVE-2018-18223
+CVE-2018-18223 (Open Design Alliance Drawings SDK 2019Update1 has a vulnerability duri ...)
 	NOT-FOR-US: Open Design Alliance Drawings
 CVE-2018-18222
 	RESERVED
@@ -7244,7 +7244,7 @@ CVE-2018-18217
 	RESERVED
 CVE-2018-18216
 	RESERVED
-CVE-2018-18215
+CVE-2018-18215 (In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can  ...)
 	NOT-FOR-US: youke365
 CVE-2018-18214
 	RESERVED
@@ -7252,55 +7252,55 @@ CVE-2018-18213
 	RESERVED
 CVE-2018-18212
 	RESERVED
-CVE-2018-18211
+CVE-2018-18211 (PbootCMS 1.2.1 has SQL injection via the HTTP POST data to the api.php ...)
 	NOT-FOR-US: PbootCMS
-CVE-2018-18210
+CVE-2018-18210 (XSS exists in DiliCMS 2.4.0 via the admin/index.php/setting/site?tab=s ...)
 	NOT-FOR-US: DiliCMS
-CVE-2018-18209
+CVE-2018-18209 (XSS exists in DiliCMS 2.4.0 via the admin/index.php/setting/site?tab=s ...)
 	NOT-FOR-US: DiliCMS
-CVE-2018-18208
+CVE-2018-18208 (Virtualmin 6.03 allows XSS via the query string, as demonstrated by th ...)
 	NOT-FOR-US: Virtualmin
-CVE-2018-18207
+CVE-2018-18207 (Virtualmin 6.03 allows Frame Injection via the settings-editor_read.cg ...)
 	NOT-FOR-US: Virtualmin
-CVE-2018-18206
+CVE-2018-18206 (In the client in Bytom before 1.0.6, checkTopicRegister in p2p/discove ...)
 	NOT-FOR-US: Bytom
-CVE-2018-18205
+CVE-2018-18205 (Topvision CC8800 CMTS C-E devices allow remote attackers to obtain sen ...)
 	NOT-FOR-US: Topvision CC8800 CMTS C-E devices
 CVE-2018-18204
 	RESERVED
-CVE-2018-18203
+CVE-2018-18203 (A vulnerability in the update mechanism of Subaru StarLink Harman head ...)
 	NOT-FOR-US: Subaru
-CVE-2018-18202
+CVE-2018-18202 (The QLogic 4Gb Fibre Channel 5.5.2.6.0 and 4/8Gb SAN 7.10.1.20.0 modul ...)
 	NOT-FOR-US: IBM
-CVE-2018-18201
+CVE-2018-18201 (qibosoft V7.0 allows CSRF via admin/index.php?lfj=member&amp;action=ad ...)
 	NOT-FOR-US: qibosoft
-CVE-2018-18200
+CVE-2018-18200 (There is a SQL injection in Benutzerverwaltung in REDAXO before 5.6.4. ...)
 	NOT-FOR-US: REDAXO
-CVE-2018-18199
+CVE-2018-18199 (Mediamanager in REDAXO before 5.6.4 has XSS. ...)
 	NOT-FOR-US: REDAXO
-CVE-2018-18198
+CVE-2018-18198 (The $opener_input_field variable in addons/mediapool/pages/index.php i ...)
 	NOT-FOR-US: REDAXO
-CVE-2018-18197
+CVE-2018-18197 (An issue was discovered in libgig 4.1.0. There is an operator new[] fa ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
-CVE-2018-18196
+CVE-2018-18196 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer  ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
-CVE-2018-18195
+CVE-2018-18195 (An issue was discovered in libgig 4.1.0. There is an FPE (divide-by-ze ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
-CVE-2018-18194
+CVE-2018-18194 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer  ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
-CVE-2018-18193
+CVE-2018-18193 (An issue was discovered in libgig 4.1.0. There is operator new[] failu ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
-CVE-2018-18192
+CVE-2018-18192 (An issue was discovered in libgig 4.1.0. There is a NULL pointer deref ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
-CVE-2018-18191
+CVE-2018-18191 (Cross-site request forgery (CSRF) vulnerability in /admin.php?c=member ...)
 	NOT-FOR-US: FineCms
-CVE-2018-18190
+CVE-2018-18190 (An issue was discovered in GoPro gpmf-parser before 1.2.1. There is a  ...)
 	NOT-FOR-US: GoPro gpmf-parser
 CVE-2018-18189
 	RESERVED
@@ -7484,42 +7484,42 @@ CVE-2018-18100
 	RESERVED
 CVE-2018-18099
 	RESERVED
-CVE-2018-18098
+CVE-2018-18098 (Improper file verification in install routine for Intel(R) SGX SDK and ...)
 	NOT-FOR-US: Intel
-CVE-2018-18097
+CVE-2018-18097 (Improper directory permissions in Intel Solid State Drive Toolbox befo ...)
 	NOT-FOR-US: Intel Solid State Drive Toolbox
-CVE-2018-18096
+CVE-2018-18096 (Improper memory handling in Intel QuickAssist Technology for Linux (al ...)
 	NOT-FOR-US: Intel QuickAssist Technology for Linux
 CVE-2018-18095
 	RESERVED
 CVE-2018-18094
 	RESERVED
-CVE-2018-18093
+CVE-2018-18093 (Improper file permissions in the installer for Intel VTune Amplifier 2 ...)
 	NOT-FOR-US: Intel VTune Amplifier
 CVE-2018-18092
 	RESERVED
-CVE-2018-18091
+CVE-2018-18091 (Use after free in Kernel Mode Driver in Intel(R) Graphics Driver for W ...)
 	NOT-FOR-US: Intel
-CVE-2018-18090
+CVE-2018-18090 (Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Wind ...)
 	NOT-FOR-US: Intel
-CVE-2018-18089
+CVE-2018-18089 (Multiple out of bounds read in igdkm64.sys in Intel(R) Graphics Driver ...)
 	NOT-FOR-US: Intel
-CVE-2018-18088
+CVE-2018-18088 (OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imageto ...)
 	{DSA-4405-1 DLA-1579-1}
 	- openjpeg2 2.3.0-2 (low; bug #910763)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1152
 	NOTE: https://github.com/uclouvain/openjpeg/commit/cab352e249ed3372dd9355c85e837613fff98fa2
-CVE-2018-18087
+CVE-2018-18087 (The Bixie Portfolio plugin 1.2.0 for Pagekit has XSS: a logged-in user ...)
 	NOT-FOR-US: Bixie Portfolio plugin for Pagekit
-CVE-2018-18086
+CVE-2018-18086 (EmpireCMS v7.5 has an arbitrary file upload vulnerability in the LoadI ...)
 	NOT-FOR-US: EmpireCMS
 CVE-2018-18085
 	RESERVED
-CVE-2018-18084
+CVE-2018-18084 (An issue was discovered in DuomiCMS 3.0. SQL injection exists in the a ...)
 	NOT-FOR-US: DuomiCMS
-CVE-2018-18083
+CVE-2018-18083 (An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is  ...)
 	NOT-FOR-US: DuomiCMS
-CVE-2018-18082
+CVE-2018-18082 (XSS exists in Waimai Super Cms 20150505 via the fname parameter to the ...)
 	NOT-FOR-US: Waimai Super Cms
 CVE-2018-18081
 	RESERVED
@@ -7533,16 +7533,16 @@ CVE-2018-18077
 	RESERVED
 CVE-2018-18076
 	RESERVED
-CVE-2018-18075
+CVE-2018-18075 (WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or nu ...)
 	NOT-FOR-US: WikidForum
-CVE-2018-18074
+CVE-2018-18074 (The Requests package before 2.20.0 for Python sends an HTTP Authorizat ...)
 	- requests 2.20.0-1 (low; bug #910766)
 	[stretch] - requests <no-dsa> (Minor issue)
 	[jessie] - requests <postponed> (Minor issue)
 	NOTE: https://github.com/requests/requests/issues/4716
 	NOTE: https://github.com/requests/requests/pull/4718
 	NOTE: https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff
-CVE-2018-18073
+CVE-2018-18073 (Artifex Ghostscript allows attackers to bypass a sandbox protection me ...)
 	{DSA-4336-1 DLA-1552-1}
 	- ghostscript 9.25~dfsg-3 (bug #910758)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1690
@@ -7551,29 +7551,29 @@ CVE-2018-18073
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/10/12
 CVE-2018-18072
 	RESERVED
-CVE-2018-18071
+CVE-2018-18071 (An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 ...)
 	NOT-FOR-US:  Daimler Mercedes-Benz Me app for iOS
-CVE-2018-18070
+CVE-2018-18070 (An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12  ...)
 	NOT-FOR-US: Daimler Mercedes-Benz COMAND on Mercedes-Benz C-Class 2018 vehicles
-CVE-2018-18069
+CVE-2018-18069 (process_forms in the WPML (aka sitepress-multilingual-cms) plugin thro ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-18068
 	RESERVED
 CVE-2018-18067
 	RESERVED
-CVE-2018-18066
+CVE-2018-18066 (snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NU ...)
 	- net-snmp 5.7.3+dfsg-1.1
 	[jessie] - net-snmp 5.7.2.1+dfsg-1+deb8u1
 	NOTE: https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/
 	NOTE: The same commit as for other CVEs (CVE-2018-1000116, CVE-2015-5621) adresses this
 	NOTE: issue, but might still not be just a duplicate but an independent issue fixed with
 	NOTE: same commit.
-CVE-2018-18065
+CVE-2018-18065 (_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has ...)
 	{DSA-4314-1 DLA-1540-1}
 	- net-snmp 5.7.3+dfsg-4 (bug #910638)
 	NOTE: https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
 	NOTE: https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/
-CVE-2018-18064
+CVE-2018-18064 (cairo through 1.15.14 has an out-of-bounds stack-memory write during p ...)
 	- cairo <unfixed> (low; bug #916083)
 	[buster] - cairo <no-dsa> (Minor issue)
 	[stretch] - cairo <no-dsa> (Minor issue)
@@ -7581,9 +7581,9 @@ CVE-2018-18064
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/341
 CVE-2018-18063
 	RESERVED
-CVE-2018-18062
+CVE-2018-18062 (An issue was discovered in dialog.php in tecrail Responsive FileManage ...)
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-18061
+CVE-2018-18061 (An issue was discovered in dialog.php in tecrail Responsive FileManage ...)
 	NOT-FOR-US: tecrail Responsive FileManager
 CVE-2018-18060
 	RESERVED
@@ -7595,35 +7595,35 @@ CVE-2018-18057
 	RESERVED
 CVE-2018-18056
 	RESERVED
-CVE-2018-1000810
+CVE-2018-1000810 (The Rust Programming Language Standard Library version 1.29.0, 1.28.0, ...)
 	- rustc 1.30.0+dfsg1-1
 	[stretch] - rustc <not-affected> (Introduced in 1.26)
 	[jessie] - rustc <not-affected> (Vulnerable code not present)
 	NOTE: https://blog.rust-lang.org/2018/09/21/Security-advisory-for-std.html
 	NOTE: https://groups.google.com/forum/#!topic/rustlang-security-announcements/CmSuTm-SaU0
-CVE-2018-1000809
+CVE-2018-1000809 (privacyIDEA version 2.23.1 and earlier contains a Improper Input Valid ...)
 	NOT-FOR-US: privacyIDEA
-CVE-2018-1000808
+CVE-2018-1000808 (Python Cryptographic Authority pyopenssl version Before 17.5.0 contain ...)
 	- pyopenssl 17.5.0-1 (low)
 	[stretch] - pyopenssl <no-dsa> (Minor issue)
 	[jessie] - pyopenssl <no-dsa> (Minor issue, but also requires at least cryptography 2.1.4 which exposes the X509_up_ref method)
 	NOTE: https://github.com/pyca/pyopenssl/pull/723
 	NOTE: https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509
-CVE-2018-1000807
+CVE-2018-1000807 (Python Cryptographic Authority pyopenssl version prior to version 17.5 ...)
 	- pyopenssl 17.5.0-1
 	[stretch] - pyopenssl <no-dsa> (Minor issue)
 	[jessie] - pyopenssl <no-dsa> (Minor issue, but also requires at least cryptography 2.1.4 which exposes the X509_up_ref method)
 	NOTE: https://github.com/pyca/pyopenssl/pull/723
 	NOTE: https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509
-CVE-2018-1000805
+CVE-2018-1000805 (Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 con ...)
 	{DLA-1556-1}
 	- paramiko 2.4.2-0.1 (bug #910760)
 	[stretch] - paramiko <no-dsa> (Minor issue)
 	NOTE: https://github.com/paramiko/paramiko/issues/1283
 	NOTE: https://github.com/paramiko/paramiko/commit/56c96a659658acdbb873aef8809a7b508434dcce
-CVE-2018-1000804
+CVE-2018-1000804 (contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL ( ...)
 	NOT-FOR-US: contiki-ng
-CVE-2018-1000803
+CVE-2018-1000803 (Gitea version prior to version 1.5.1 contains a CWE-200 vulnerability  ...)
 	- gitea <removed>
 	NOTE: https://github.com/go-gitea/gitea/pull/4664
 	NOTE: https://github.com/go-gitea/gitea/pull/4664/files#diff-146e0c2b5bb1ea96c9fb73d509456e57
@@ -7679,29 +7679,29 @@ CVE-2018-18031
 	RESERVED
 CVE-2018-18030
 	RESERVED
-CVE-2018-18029
+CVE-2018-18029 (Navigate CMS has Stored XSS via the navigate.php Title field in an edi ...)
 	NOT-FOR-US: Navigate CMS
 CVE-2018-18028
 	RESERVED
 CVE-2018-18027
 	RESERVED
-CVE-2018-18026
+CVE-2018-18026 (IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower  ...)
 	NOT-FOR-US: IObit Malware Fighter
-CVE-2018-18025
+CVE-2018-18025 (In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in ...)
 	{DLA-1574-1}
 	- imagemagick 8:6.9.10.14+dfsg-1 (low; bug #911435)
 	[stretch] - imagemagick <postponed> (Fix along in next DSA)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1335
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1a22fc0c8837838e60daecc0bf01648f359dd6fd
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/394b3e6edf74d1337ce338927da053bb40c00ae9
-CVE-2018-18024
+CVE-2018-18024 (In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPI ...)
 	- imagemagick 8:6.9.10.14+dfsg-1 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <postponed> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1337
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/948f1c86d649a29df08a38d2ff8b91cdf3e92b82
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/b268ce7a59440972f4476b9fd98104b6a836d971
-CVE-2018-18023
+CVE-2018-18023 (In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in ...)
 	- imagemagick 8:6.9.10.14+dfsg-1
 	[stretch] - imagemagick <not-affected> (Vulnerable code not present)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
@@ -7710,7 +7710,7 @@ CVE-2018-18023
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/a5db4873626f702d2ddd8bc293573493e0a412c0
 CVE-2018-18022
 	RESERVED
-CVE-2018-18020
+CVE-2018-18020 (In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and ...)
 	- qpdf <unfixed>
 	[buster] - qpdf <no-dsa> (Minor issue)
 	[stretch] - qpdf <no-dsa> (Minor issue)
@@ -7724,14 +7724,14 @@ CVE-2018-18018
 	RESERVED
 CVE-2018-18017
 	RESERVED
-CVE-2018-18016
+CVE-2018-18016 (ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage  ...)
 	- imagemagick 8:6.9.10.14+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1049
 CVE-2018-18015
 	RESERVED
-CVE-2018-18014
+CVE-2018-18014 (** DISPUTED *** Lack of authentication in Citrix Xen Mobile through 10 ...)
 	NOT-FOR-US: Citrix
-CVE-2018-18013
+CVE-2018-18013 (** DISPUTED *** Xen Mobile through 10.8.0 includes a service listening ...)
 	NOT-FOR-US: Citrix
 CVE-2018-18012
 	RESERVED
@@ -7739,17 +7739,17 @@ CVE-2018-18011
 	RESERVED
 CVE-2018-18010
 	RESERVED
-CVE-2018-18009
+CVE-2018-18009 (dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthen ...)
 	NOT-FOR-US: D-Link
-CVE-2018-18008
+CVE-2018-18008 (spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote un ...)
 	NOT-FOR-US: D-Link
-CVE-2018-18007
+CVE-2018-18007 (atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated at ...)
 	NOT-FOR-US: D-Link
-CVE-2018-18006
+CVE-2018-18006 (Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Win ...)
 	NOT-FOR-US: Ricoh myPrint application
-CVE-2018-18005
+CVE-2018-18005 (Cross-site scripting in event_script.js in VIVOTEK Network Camera Seri ...)
 	NOT-FOR-US: VIVOTEK Network Camera
-CVE-2018-18004
+CVE-2018-18004 (Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Se ...)
 	NOT-FOR-US: VIVOTEK Network Camera
 CVE-2018-18003
 	RESERVED
@@ -7763,9 +7763,9 @@ CVE-2018-17999
 	RESERVED
 CVE-2018-17998
 	RESERVED
-CVE-2018-17997
+CVE-2018-17997 (LayerBB 1.1.1 allows XSS via the titles of conversations (PMs). ...)
 	TODO: check
-CVE-2018-17996
+CVE-2018-17996 (LayerBB before 1.1.3 allows CSRF for adding a user via admin/new_user. ...)
 	TODO: check
 CVE-2018-17995
 	RESERVED
@@ -7781,27 +7781,27 @@ CVE-2018-17990
 	RESERVED
 CVE-2018-17989
 	RESERVED
-CVE-2018-17988
+CVE-2018-17988 (LayerBB 1.1.1 has SQL Injection via the search.php search_query parame ...)
 	NOT-FOR-US: LayerBB
-CVE-2018-17987
+CVE-2018-17987 (The determineWinner function of a smart contract implementation for Ha ...)
 	NOT-FOR-US: Some Ethereum application
-CVE-2018-17986
+CVE-2018-17986 (rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password ...)
 	NOT-FOR-US: razorCMS
-CVE-2018-17985
+CVE-2018-17985 (An issue was discovered in cp-demangle.c in GNU libiberty, as distribu ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-17984
+CVE-2018-17984 (An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 ...)
 	NOT-FOR-US: ISPConfig
 CVE-2018-17982
 	RESERVED
 CVE-2018-17981
 	RESERVED
-CVE-2018-17980
+CVE-2018-17980 (NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain  ...)
 	NOT-FOR-US: NoMachine
-CVE-2018-17983
+CVE-2018-17983 (cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read du ...)
 	- mercurial 4.7.2-1
 	[jessie] - mercurial <not-affected> (Vulnerable code not present)
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/5405cb1a7901
@@ -7809,17 +7809,17 @@ CVE-2018-17979
 	RESERVED
 CVE-2018-17978
 	RESERVED
-CVE-2018-17977
+CVE-2018-17977 (The Linux kernel 4.14.67 mishandles certain interaction among XFRM Net ...)
 	- linux <undetermined>
-CVE-2018-17976
+CVE-2018-17976 (An issue was discovered in GitLab Community Edition 11.x before 11.1.8 ...)
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/05/critical-security-release-11-3-4/
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/51581
-CVE-2018-17975
+CVE-2018-17975 (An issue was discovered in GitLab Community Edition 11.x before 11.1.8 ...)
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/05/critical-security-release-11-3-4/
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/50744
-CVE-2018-17974
+CVE-2018-17974 (An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer  ...)
 	- tcpreplay 4.3.1-1 (bug #910598)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
@@ -7830,42 +7830,42 @@ CVE-2018-17971
 	RESERVED
 CVE-2018-17970
 	RESERVED
-CVE-2018-17972
+CVE-2018-17972 (An issue was discovered in the proc_pid_stack function in fs/proc/base ...)
 	{DLA-1715-1}
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.135-1
 	NOTE: https://marc.info/?l=linux-fsdevel&m=153806242024956&w=2
 	NOTE: https://git.kernel.org/linus/f8a00cef17206ecd1b30d3d9f99e10d9fa707aa7
-CVE-2018-17969
+CVE-2018-17969 (Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attacke ...)
 	NOT-FOR-US: Samsung SCX-6545X V2.00.03.01 03-23-2012 devices
-CVE-2018-17968
+CVE-2018-17968 (A gambling smart contract implementation for RuletkaIo, an Ethereum ga ...)
 	NOT-FOR-US: RuletkaIo
-CVE-2018-17967
+CVE-2018-17967 (ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage i ...)
 	- imagemagick 8:6.9.10.14+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1051
-CVE-2018-17966
+CVE-2018-17966 (ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage  ...)
 	- imagemagick 8:6.9.10.14+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1050
-CVE-2018-17965
+CVE-2018-17965 (ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage  ...)
 	- imagemagick 8:6.9.10.14+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1052
-CVE-2018-17964
+CVE-2018-17964 (Aryanic HighPortal 12.5 has XSS via an Add Tags action. ...)
 	NOT-FOR-US: Aryanic HighPortal
-CVE-2018-17963
+CVE-2018-17963 (qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes grea ...)
 	{DSA-4338-1 DLA-1599-1}
 	- qemu 1:3.1+dfsg-1 (bug #911469)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/08/1
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=1592a9947036d60dde5404204a5d45975133caf5
-CVE-2018-17962
+CVE-2018-17962 (Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because  ...)
 	{DSA-4338-1 DLA-1599-1}
 	- qemu 1:3.1+dfsg-1 (bug #911468)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/08/1
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=b1d80d12c5f7ff081bb80ab4f4241d4248691192
-CVE-2018-17961
+CVE-2018-17961 (Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sand ...)
 	{DSA-4336-1 DLA-1552-1}
 	- ghostscript 9.25~dfsg-3 (bug #910678)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1682
@@ -7873,14 +7873,14 @@ CVE-2018-17961
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a54c9e61e7d02bbc620bcba9b1c208462a876afb
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a6807394bd94b708be24758287b606154daaaed9
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a5a9bf8c6a63aa4ac6874234fe8cd63e72077291
-CVE-2018-17960
+CVE-2018-17960 (CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a source ...)
 	- ckeditor 4.11.1+dfsg-1 (low)
 	[stretch] - ckeditor <no-dsa> (Minor issue)
 	[jessie] - ckeditor <ignored> (Minor issue)
 	- fckeditor <removed>
 CVE-2018-17959
 	RESERVED
-CVE-2018-17958
+CVE-2018-17958 (Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c b ...)
 	{DLA-1646-1}
 	- qemu 1:3.1+dfsg-1 (bug #911499)
 	[stretch] - qemu <postponed> (Minor issue, revisit for later update)
@@ -7888,42 +7888,42 @@ CVE-2018-17958
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03269.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=1a326646fef38782e5542280040ec3ea23e4a730
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/08/1
-CVE-2018-17957
+CVE-2018-17957 (The YaST2 RMT module for configuring the SUSE Repository Mirroring Too ...)
 	NOT-FOR-US: YaST2 RMT module
-CVE-2018-17956
+CVE-2018-17956 (In yast2-samba-provision up to and including version 1.0.1 the passwor ...)
 	NOT-FOR-US: yast2-samba-provision
-CVE-2018-17955
+CVE-2018-17955 (In yast2-multipath before version 4.1.1 a static temporary filename al ...)
 	NOT-FOR-US: yast2-multipath
 CVE-2018-17954
 	RESERVED
-CVE-2018-17953
+CVE-2018-17953 (A incorrect variable in a SUSE specific patch for pam_access rule matc ...)
 	- pam <not-affected> (Issue introduced by SUSE specific patch)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1115640
 	NOTE: Issue introduced by SUSE specific patch (pam-hostnames-in-access_conf.patch)
 	NOTE: https://build.opensuse.org/package/view_file/Linux-PAM/pam/pam-hostnames-in-access_conf.patch
 	NOTE: And fixed with (use-correct-IP-address.patch)
 	NOTE: https://build.opensuse.org/package/view_file/Linux-PAM/pam/use-correct-IP-address.patch
-CVE-2018-17952
+CVE-2018-17952 (Cross site scripting vulnerability in eDirectory prior to 9.1 SP2 ...)
 	NOT-FOR-US: eDirectory
 CVE-2018-17951
 	RESERVED
-CVE-2018-17950
+CVE-2018-17950 (Incorrect enforcement of authorization checks in eDirectory prior to 9 ...)
 	NOT-FOR-US: eDirectory
-CVE-2018-17949
+CVE-2018-17949 (Cross site scripting vulnerability in iManager prior to 3.1 SP2. ...)
 	NOT-FOR-US: iManager
-CVE-2018-17948
+CVE-2018-17948 (An open redirect vulnerability exists in the Access Manager Identity P ...)
 	NOT-FOR-US: Microfocus
-CVE-2018-17947
+CVE-2018-17947 (The Snazzy Maps plugin before 1.1.5 for WordPress has XSS via the text ...)
 	NOT-FOR-US: WordPress plugin snazzy-maps
-CVE-2018-17946
+CVE-2018-17946 (The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress ha ...)
 	NOT-FOR-US: WordPress plugin slideshow-gallery
 CVE-2018-17945
 	RESERVED
-CVE-2018-17944
+CVE-2018-17944 (On certain Lexmark devices that communicate with an LDAP or SMTP serve ...)
 	NOT-FOR-US: Lexmark
 CVE-2018-17943
 	RESERVED
-CVE-2018-17942
+CVE-2018-17942 (The convert_to_decimal function in vasnprintf.c in Gnulib before 2018- ...)
 	{DLA-1543-1}
 	- gnulib 20140202+stable-3.1 (low; bug #910757)
 	[stretch] - gnulib 20140202+stable-2+deb9u1
@@ -7934,115 +7934,115 @@ CVE-2018-17941
 	RESERVED
 CVE-2018-17940
 	RESERVED
-CVE-2018-17939
+CVE-2018-17939 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/05/critical-security-release-11-3-4/
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/51956
-CVE-2018-17938
+CVE-2018-17938 (Zimbra Collaboration before 8.8.10 GA allows text content spoofing via ...)
 	NOT-FOR-US: Zimbra
-CVE-2018-17937
+CVE-2018-17937 (gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open  ...)
 	TODO: check
-CVE-2018-17936
+CVE-2018-17936 (NUUO CMS All versions 3.3 and prior the application allows the upload  ...)
 	NOT-FOR-US: NUUO CMS
-CVE-2018-17935
+CVE-2018-17935 (All versions of Telecrane F25 Series Radio Controls before 00.0A use f ...)
 	NOT-FOR-US: Telecrane
-CVE-2018-17934
+CVE-2018-17934 (NUUO CMS All versions 3.3 and prior the application allows external in ...)
 	NOT-FOR-US: NUUO CMS
-CVE-2018-17933
+CVE-2018-17933 (VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662. Prior versions may al ...)
 	NOT-FOR-US: VGo Robot
 CVE-2018-17932
 	RESERVED
-CVE-2018-17931
+CVE-2018-17931 (If an attacker has physical access to the VGo Robot (Versions 3.0.3.52 ...)
 	NOT-FOR-US: VGo Robot
-CVE-2018-17930
+CVE-2018-17930 (A stack-based buffer overflow vulnerability has been identified in Tel ...)
 	NOT-FOR-US: Teledyne DALSA Sherlock
-CVE-2018-17929
+CVE-2018-17929 (In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and pr ...)
 	NOT-FOR-US: TPEditor
-CVE-2018-17928
+CVE-2018-17928 (The product CMS-770 (Software Versions 1.7.1 and prior)is vulnerable t ...)
 	NOT-FOR-US: ABB CMS-770
-CVE-2018-17927
+CVE-2018-17927 (In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and pr ...)
 	NOT-FOR-US: TPEditor
-CVE-2018-17926
+CVE-2018-17926 (The product M2M ETHERNET (FW Versions 2.22 and prior, ETH-FW Versions  ...)
 	NOT-FOR-US: ABB M2M ETHERNET
-CVE-2018-17925
+CVE-2018-17925 (Multiple instances of this vulnerability (Unsafe ActiveX Control Marke ...)
 	NOT-FOR-US: Gigasoft
-CVE-2018-17924
+CVE-2018-17924 (Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix  ...)
 	NOT-FOR-US: Rockwell
-CVE-2018-17923
+CVE-2018-17923 (SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to  ...)
 	NOT-FOR-US: SAGA1-L8B
-CVE-2018-17922
+CVE-2018-17922 (Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials ...)
 	NOT-FOR-US: Circontrol CirCarLife
-CVE-2018-17921
+CVE-2018-17921 (SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to  ...)
 	NOT-FOR-US: SAGA1-L8B
 CVE-2018-17920
 	RESERVED
-CVE-2018-17919
+CVE-2018-17919 (All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud  ...)
 	NOT-FOR-US: P2P Cloud Server
-CVE-2018-17918
+CVE-2018-17918 (Circontrol CirCarLife all versions prior to 4.3.1, authentication to t ...)
 	NOT-FOR-US: Circontrol CirCarLife
-CVE-2018-17917
+CVE-2018-17917 (All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud  ...)
 	NOT-FOR-US: P2P Cloud Server
-CVE-2018-17916
+CVE-2018-17916 (InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (f ...)
 	NOT-FOR-US: InduSoft Web Studio
-CVE-2018-17915
+CVE-2018-17915 (All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud  ...)
 	NOT-FOR-US: P2P Cloud Server
-CVE-2018-17914
+CVE-2018-17914 (InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (f ...)
 	NOT-FOR-US: InduSoft Web Studio
-CVE-2018-17913
+CVE-2018-17913 (A type confusion vulnerability exists when processing project files in ...)
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-17912
+CVE-2018-17912 (An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when ...)
 	NOT-FOR-US: CASE Suite
-CVE-2018-17911
+CVE-2018-17911 (LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buf ...)
 	NOT-FOR-US: LAquis SCADA
-CVE-2018-17910
+CVE-2018-17910 (WebAccess Versions 8.3.2 and prior. The application fails to properly  ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-17909
+CVE-2018-17909 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0  ...)
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-17908
+CVE-2018-17908 (WebAccess Versions 8.3.2 and prior. During installation, the applicati ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-17907
+CVE-2018-17907 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0  ...)
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-17906
+CVE-2018-17906 (Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and Int ...)
 	NOT-FOR-US: Philips
-CVE-2018-17905
+CVE-2018-17905 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0  ...)
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-17904
+CVE-2018-17904 (Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This vulnerabi ...)
 	NOT-FOR-US: Reliance 4 SCADA/HMI
-CVE-2018-17903
+CVE-2018-17903 (SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to  ...)
 	NOT-FOR-US: SAGA1-L8B
-CVE-2018-17902
+CVE-2018-17902 (Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versi ...)
 	NOT-FOR-US: Yokogawa STARDOM Controllers
-CVE-2018-17901
+CVE-2018-17901 (LAquis SCADA Versions 4.1.0.3870 and prior, when processing project fi ...)
 	NOT-FOR-US: LAquis SCADA
-CVE-2018-17900
+CVE-2018-17900 (Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versi ...)
 	NOT-FOR-US: Yokogawa STARDOM Controllers
-CVE-2018-17899
+CVE-2018-17899 (LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal vulner ...)
 	NOT-FOR-US: LAquis SCADA
-CVE-2018-17898
+CVE-2018-17898 (Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All versio ...)
 	NOT-FOR-US: Yokogawa STARDOM Controllers
-CVE-2018-17897
+CVE-2018-17897 (LAquis SCADA Versions 4.1.0.3870 and prior has several integer overflo ...)
 	NOT-FOR-US: LAquis SCADA
-CVE-2018-17896
+CVE-2018-17896 (Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versi ...)
 	NOT-FOR-US: Yokogawa STARDOM Controllers
-CVE-2018-17895
+CVE-2018-17895 (LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds r ...)
 	NOT-FOR-US: LAquis SCADA
-CVE-2018-17894
+CVE-2018-17894 (NUUO CMS all versions 3.1 and prior, The application creates default a ...)
 	NOT-FOR-US: NUUO CMS
-CVE-2018-17893
+CVE-2018-17893 (LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer de ...)
 	NOT-FOR-US: LAquis SCADA
-CVE-2018-17892
+CVE-2018-17892 (NUUO CMS all versions 3.1 and prior, The application implements a meth ...)
 	NOT-FOR-US: NUUO CMS
-CVE-2018-17891
+CVE-2018-17891 (Carestream Vue RIS, RIS Client Builds: Version 11.2 and prior running  ...)
 	NOT-FOR-US: Carestream Vue RIS, RIS Client Builds
-CVE-2018-17890
+CVE-2018-17890 (NUUO CMS all versions 3.1 and prior, The application uses insecure and ...)
 	NOT-FOR-US: NUUO CMS
-CVE-2018-17889
+CVE-2018-17889 (In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior a ...)
 	NOT-FOR-US: PI Studio HMI
-CVE-2018-17888
+CVE-2018-17888 (NUUO CMS all versions 3.1 and prior, The application uses a session id ...)
 	NOT-FOR-US: NUUO CMS
 CVE-2018-17887
 	RESERVED
-CVE-2018-17886
+CVE-2018-17886 (An issue was discovered in JEESNS 1.3. The XSS filter in com.lxinet.je ...)
 	NOT-FOR-US: JEESNS
 CVE-2018-17885
 	RESERVED
@@ -8053,47 +8053,47 @@ CVE-2018-17883
 	[jessie] - otrs2 <not-affected> (Only affects 6.x)
 	NOTE: https://community.otrs.com/security-advisory-2018-06-security-update-for-otrs-framework/
 	NOTE: https://github.com/OTRS/otrs/commit/40bbcc261a77c2f4c0383658cd99c07d577179ce
-CVE-2018-18021
+CVE-2018-18021 (arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on th ...)
 	{DSA-4313-1 DLA-1715-1}
 	- linux 4.18.10-2
 	[jessie] - linux <ignored> (arm64 not supported in jessie LTS)
 	NOTE: https://git.kernel.org/linus/d26c25a9d19b5976b319af528886f89cf455692d
 	NOTE: https://git.kernel.org/linus/2a3f93459d689d990b3ecfbe782fec89b97d3279
-CVE-2018-17884
+CVE-2018-17884 (XSS exists in admin/gb-dashboard-widget.php in the Gwolle Guestbook (g ...)
 	NOT-FOR-US: WordPress plugin gwolle-gb
-CVE-2018-17882
+CVE-2018-17882 (An Integer overflow vulnerability exists in the batchTransfer function ...)
 	NOT-FOR-US: CryptoBotsBattle
-CVE-2018-17881
+CVE-2018-17881 (On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allow ...)
 	NOT-FOR-US: D-Link DIR-823G 2018-09-19 devices
-CVE-2018-17880
+CVE-2018-17880 (On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allow ...)
 	NOT-FOR-US: D-Link DIR-823G 2018-09-19 devices
 CVE-2018-17879
 	RESERVED
 CVE-2018-17878
 	RESERVED
-CVE-2018-17877
+CVE-2018-17877 (A lottery smart contract implementation for Greedy 599, an Ethereum ga ...)
 	NOT-FOR-US: Greedy 599
-CVE-2018-17876
+CVE-2018-17876 (A Stored XSS vulnerability has been discovered in the v5.5.0 version o ...)
 	NOT-FOR-US: Coaster CMS
 CVE-2018-17875
 	RESERVED
-CVE-2018-17874
+CVE-2018-17874 (ExpressionEngine before 4.3.5 has reflected XSS. ...)
 	NOT-FOR-US: ExpressionEngine
-CVE-2018-17873
+CVE-2018-17873 (An incorrect access control vulnerability in the FTP configuration of  ...)
 	NOT-FOR-US: WifiRanger
-CVE-2018-17872
+CVE-2018-17872 (Verba Collaboration Compliance and Quality Management Platform before  ...)
 	NOT-FOR-US: Verba Collaboration Compliance and Quality Management Platform
-CVE-2018-17871
+CVE-2018-17871 (Verba Collaboration Compliance and Quality Management Platform before  ...)
 	NOT-FOR-US: Verba Collaboration Compliance and Quality Management Platform
-CVE-2018-17870
+CVE-2018-17870 (An issue was discovered in BTITeam XBTIT 2.5.4. The "returnto" paramet ...)
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-17869
+CVE-2018-17869 (DASAN H660GW devices do not implement any CSRF protection mechanism. ...)
 	NOT-FOR-US: DASAN H660GW devices
-CVE-2018-17868
+CVE-2018-17868 (DASAN H660GW devices have Stored XSS in the Port Forwarding functional ...)
 	NOT-FOR-US: DASAN H660GW devices
-CVE-2018-17867
+CVE-2018-17867 (The Port Forwarding functionality on DASAN H660GW devices allows remot ...)
 	NOT-FOR-US: DASAN H660GW device
-CVE-2018-17866
+CVE-2018-17866 (Multiple cross-site scripting (XSS) vulnerabilities in includes/core/u ...)
 	NOT-FOR-US: "Ultimate Member - User Profile & Membership" plugin for WordPress
 CVE-2018-17865
 	RESERVED
@@ -8107,43 +8107,43 @@ CVE-2018-17861
 	RESERVED
 CVE-2018-17860
 	RESERVED
-CVE-2018-17859
+CVE-2018-17859 (An issue was discovered in Joomla! before 3.8.13. Inadequate checks in ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-17858
+CVE-2018-17858 (An issue was discovered in Joomla! before 3.8.13. com_installer action ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-17857
+CVE-2018-17857 (An issue was discovered in Joomla! before 3.8.13. Inadequate checks on ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-17856
+CVE-2018-17856 (An issue was discovered in Joomla! before 3.8.13. com_joomlaupdate all ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-17855
+CVE-2018-17855 (An issue was discovered in Joomla! before 3.8.13. If an attacker gets  ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-17854
+CVE-2018-17854 (SIMDComp before 0.1.1 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: SIMDComp
 CVE-2018-17853
 	RESERVED
-CVE-2018-17852
+CVE-2018-17852 (A SQL injection was discovered in WUZHI CMS 4.1.0 in coreframe/app/cou ...)
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-17851
 	REJECTED
 CVE-2018-17850
 	REJECTED
-CVE-2018-17849
+CVE-2018-17849 (Navigate CMS 2.8 has Stored XSS via a navigate_upload.php (aka File Up ...)
 	NOT-FOR-US: Navigate CMS
-CVE-2018-17848
+CVE-2018-17848 (The html package (aka x/net/html) through 2018-09-25 in Go mishandles  ...)
 	- golang-golang-x-net-dev <unfixed> (low; bug #911795)
 	[stretch] - golang-golang-x-net-dev <not-affected> (Vulnerable code not present)
 	- golang-go.net-dev <removed>
 	[jessie] - golang-go.net-dev <ignored> (Minor issue)
 	NOTE: https://github.com/golang/go/issues/27846
 	NOTE: https://github.com/golang/net/commit/4b62a64f59f73840b9ab79204c94fee61cd1ba2c
-CVE-2018-17847
+CVE-2018-17847 (The html package (aka x/net/html) through 2018-09-25 in Go mishandles  ...)
 	- golang-golang-x-net-dev <unfixed> (low; bug #911795)
 	[stretch] - golang-golang-x-net-dev <not-affected> (Vulnerable code not present)
 	- golang-go.net-dev <removed>
 	[jessie] - golang-go.net-dev <ignored> (Minor issue)
 	NOTE: https://github.com/golang/go/issues/27846
 	NOTE: https://github.com/golang/net/commit/4b62a64f59f73840b9ab79204c94fee61cd1ba2c
-CVE-2018-17846
+CVE-2018-17846 (The html package (aka x/net/html) through 2018-09-25 in Go mishandles  ...)
 	- golang-golang-x-net-dev <unfixed> (bug #911795)
 	[stretch] - golang-golang-x-net-dev <not-affected> (Vulnerable code not present)
 	- golang-go.net-dev <removed>
@@ -8164,35 +8164,35 @@ CVE-2018-17840
 	RESERVED
 CVE-2018-17839
 	RESERVED
-CVE-2018-17838
+CVE-2018-17838 (An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file read oper ...)
 	NOT-FOR-US: JTBC
-CVE-2018-17837
+CVE-2018-17837 (An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file deletion  ...)
 	NOT-FOR-US: JTBC
-CVE-2018-17836
+CVE-2018-17836 (An issue was discovered in JTBC(PHP) 3.0.1.6. It allows remote attacke ...)
 	NOT-FOR-US: JTBC
-CVE-2018-17835
+CVE-2018-17835 (An issue was discovered in GetSimple CMS 3.3.15. An administrator can  ...)
 	NOT-FOR-US: GetSimple CMS
 CVE-2018-17834
 	RESERVED
 CVE-2018-17833
 	RESERVED
-CVE-2018-17832
+CVE-2018-17832 (XSS exists in WUZHI CMS 2.0 via the index.php v or f parameter. ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-17831
+CVE-2018-17831 (In REDAXO before 5.6.3, a critical SQL injection vulnerability has bee ...)
 	NOT-FOR-US: REDAXO
-CVE-2018-17830
+CVE-2018-17830 (The $args variable in addons/mediapool/pages/index.php in REDAXO 5.6.2 ...)
 	NOT-FOR-US: REDAXO
 CVE-2018-17829
 	RESERVED
-CVE-2018-17828
+CVE-2018-17828 (Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers  ...)
 	- zziplib <unfixed> (unimportant)
 	NOTE: https://github.com/gdraheim/zziplib/issues/62
 	NOTE: unzzipcat-mem not installed into the binary packages
-CVE-2018-17827
+CVE-2018-17827 (HisiPHP 1.0.8 allows remote attackers to execute arbitrary PHP code by ...)
 	NOT-FOR-US: HisiPHP
-CVE-2018-17826
+CVE-2018-17826 (HisiPHP 1.0.8 allows CSRF via admin.php/admin/user/adduser.html to add ...)
 	NOT-FOR-US: HisiPHP
-CVE-2018-17825
+CVE-2018-17825 (An issue was discovered in AdPlug 2.3.1. There are several double-free ...)
 	{DLA-1534-1}
 	- adplug 2.2.1+dfsg3-1 (low; bug #910534)
 	[stretch] - adplug <ignored> (Minor issue)
@@ -8250,13 +8250,13 @@ CVE-2018-17800
 	RESERVED
 CVE-2018-17799
 	RESERVED
-CVE-2018-17798
+CVE-2018-17798 (An issue was discovered in zzcms 8.3. user/ztconfig.php allows remote  ...)
 	NOT-FOR-US: zzcms
-CVE-2018-17797
+CVE-2018-17797 (An issue was discovered in zzcms 8.3. user/zssave.php allows remote at ...)
 	NOT-FOR-US: zzcms
-CVE-2018-17796
+CVE-2018-17796 (An issue was discovered in MRCMS (aka mushroom) through 3.1.2. The Web ...)
 	NOT-FOR-US: MRCMS
-CVE-2018-17795
+CVE-2018-17795 (The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 allows remot ...)
 	- tiff 4.0.9-2
 	[stretch] - tiff 4.0.8-2+deb9u2
 	[jessie] - tiff 4.0.3-12.3+deb8u5
@@ -8265,13 +8265,13 @@ CVE-2018-17795
 	NOTE: Similar issue as CVE-2017-9935 but not considered the same, but adressed
 	NOTE: with same commit.
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940
-CVE-2018-17794
+CVE-2018-17794 (An issue was discovered in cplus-dem.c in GNU libiberty, as distribute ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-17793
+CVE-2018-17793 (** DISPUTED ** Virtualenv 16.0.0 allows a sandbox escape via "python $ ...)
 	- python-virtualenv <unfixed> (unimportant)
 	NOTE: https://github.com/pypa/virtualenv/issues/1207
 	NOTE: No real security impact. 3rd party requested CVE rejection
@@ -8285,25 +8285,25 @@ CVE-2018-17789
 	RESERVED
 CVE-2018-17788
 	RESERVED
-CVE-2018-17787
+CVE-2018-17787 (On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Co ...)
 	NOT-FOR-US: D-Link DIR-823G devices
-CVE-2018-17786
+CVE-2018-17786 (On D-Link DIR-823G devices, ExportSettings.sh, upload_settings.cgi, Ge ...)
 	NOT-FOR-US: D-Link DIR-823G devices
-CVE-2018-17785
+CVE-2018-17785 (In blynk-server in Blynk before 0.39.7, Directory Traversal exists via ...)
 	NOT-FOR-US: blynk-server in Blynk
-CVE-2018-17784
+CVE-2018-17784 (Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM C ...)
 	NOT-FOR-US: SugarCRM
-CVE-2018-17783
+CVE-2018-17783 (A cross-site scripting (XSS) vulnerability in the Edit Filter page (ma ...)
 	- mantis <removed>
 	NOTE: https://mantisbt.org/blog/archives/mantisbt/613
 	NOTE: https://mantisbt.org/bugs/view.php?id=24814
-CVE-2018-17782
+CVE-2018-17782 (A cross-site scripting (XSS) vulnerability in the Manage Filters page  ...)
 	- mantis <removed>
 	NOTE: https://mantisbt.org/blog/archives/mantisbt/613
 	NOTE: https://mantisbt.org/bugs/view.php?id=24813
-CVE-2018-17781
+CVE-2018-17781 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to trigg ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17780
+CVE-2018-17780 (Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on  ...)
 	- telegram-desktop 1.4.0-1
 	NOTE: https://www.inputzero.io/2018/09/bug-bounty-telegram-cve-2018-17780.html
 	NOTE: https://github.com/telegramdesktop/tdesktop/commit/c4ca180745300e3d1ac755341e9879fca9087b74
@@ -8311,11 +8311,11 @@ CVE-2018-17779
 	RESERVED
 CVE-2018-17778
 	RESERVED
-CVE-2018-17777
+CVE-2018-17777 (An issue was discovered on D-Link DVA-5592 A1_WI_20180823 devices. If  ...)
 	NOT-FOR-US: D-Link
-CVE-2018-17776
+CVE-2018-17776 (PCProtect Anti-Virus v4.8.35 has "Everyone: (F)" permission for %PROGR ...)
 	NOT-FOR-US: PCProtect Anti-Virus
-CVE-2018-17775
+CVE-2018-17775 (Seqrite End Point Security v7.4 has "Everyone: (F)" permission for %PR ...)
 	NOT-FOR-US: Seqrite End Point Security
 CVE-2018-17774
 	RESERVED
@@ -8451,213 +8451,213 @@ CVE-2018-17709
 	RESERVED
 CVE-2018-17708
 	RESERVED
-CVE-2018-17707
+CVE-2018-17707 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Epic Games
-CVE-2018-17706
+CVE-2018-17706 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit PhantomPDF Phantom PDF
-CVE-2018-17705
+CVE-2018-17705 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17704
+CVE-2018-17704 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17703
+CVE-2018-17703 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17702
+CVE-2018-17702 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17701
+CVE-2018-17701 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17700
+CVE-2018-17700 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17699
+CVE-2018-17699 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17698
+CVE-2018-17698 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17697
+CVE-2018-17697 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17696
+CVE-2018-17696 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17695
+CVE-2018-17695 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17694
+CVE-2018-17694 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17693
+CVE-2018-17693 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17692
+CVE-2018-17692 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17691
+CVE-2018-17691 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17690
+CVE-2018-17690 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17689
+CVE-2018-17689 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17688
+CVE-2018-17688 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17687
+CVE-2018-17687 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17686
+CVE-2018-17686 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17685
+CVE-2018-17685 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17684
+CVE-2018-17684 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17683
+CVE-2018-17683 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17682
+CVE-2018-17682 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17681
+CVE-2018-17681 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17680
+CVE-2018-17680 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17679
+CVE-2018-17679 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17678
+CVE-2018-17678 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17677
+CVE-2018-17677 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17676
+CVE-2018-17676 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17675
+CVE-2018-17675 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17674
+CVE-2018-17674 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17673
+CVE-2018-17673 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17672
+CVE-2018-17672 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17671
+CVE-2018-17671 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17670
+CVE-2018-17670 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17669
+CVE-2018-17669 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17668
+CVE-2018-17668 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17667
+CVE-2018-17667 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17666
+CVE-2018-17666 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17665
+CVE-2018-17665 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17664
+CVE-2018-17664 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17663
+CVE-2018-17663 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17662
+CVE-2018-17662 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17661
+CVE-2018-17661 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17660
+CVE-2018-17660 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17659
+CVE-2018-17659 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17658
+CVE-2018-17658 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17657
+CVE-2018-17657 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17656
+CVE-2018-17656 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17655
+CVE-2018-17655 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17654
+CVE-2018-17654 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17653
+CVE-2018-17653 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17652
+CVE-2018-17652 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17651
+CVE-2018-17651 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17650
+CVE-2018-17650 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17649
+CVE-2018-17649 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17648
+CVE-2018-17648 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17647
+CVE-2018-17647 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17646
+CVE-2018-17646 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17645
+CVE-2018-17645 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17644
+CVE-2018-17644 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17643
+CVE-2018-17643 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17642
+CVE-2018-17642 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17641
+CVE-2018-17641 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17640
+CVE-2018-17640 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17639
+CVE-2018-17639 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17638
+CVE-2018-17638 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17637
+CVE-2018-17637 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17636
+CVE-2018-17636 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17635
+CVE-2018-17635 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17634
+CVE-2018-17634 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17633
+CVE-2018-17633 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17632
+CVE-2018-17632 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17631
+CVE-2018-17631 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17630
+CVE-2018-17630 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17629
+CVE-2018-17629 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17628
+CVE-2018-17628 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17627
+CVE-2018-17627 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17626
+CVE-2018-17626 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17625
+CVE-2018-17625 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17624
+CVE-2018-17624 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17623
+CVE-2018-17623 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17622
+CVE-2018-17622 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17621
+CVE-2018-17621 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17620
+CVE-2018-17620 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17619
+CVE-2018-17619 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17618
+CVE-2018-17618 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17617
+CVE-2018-17617 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17616
+CVE-2018-17616 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17615
+CVE-2018-17615 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-17614
+CVE-2018-17614 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Losant Arduino MQTT Client
-CVE-2018-17613
+CVE-2018-17613 (Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enab ...)
 	- telegram-desktop <unfixed> (unimportant; bug #921133)
 	NOTE: https://www.inputzero.io/2018/09/telegram-share-password-in-cleartext.html
 	NOTE: Non issue, works as expected, should probably be rejected
-CVE-2018-17612
+CVE-2018-17612 (Sennheiser HeadSetup 7.3.4903 places Certification Authority (CA) cert ...)
 	NOT-FOR-US: Sennheiser
-CVE-2018-17611
+CVE-2018-17611 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execu ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17610
+CVE-2018-17610 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execu ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17609
+CVE-2018-17609 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execu ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17608
+CVE-2018-17608 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execu ...)
 	NOT-FOR-US: Foxit
-CVE-2018-17607
+CVE-2018-17607 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execu ...)
 	NOT-FOR-US: Foxit
 CVE-2018-17606
 	RESERVED
-CVE-2018-17605
+CVE-2018-17605 (An issue was discovered in the Asset Pipeline plugin before 3.0.4 for  ...)
 	NOT-FOR-US: Grails plugin
 CVE-2018-17604
 	RESERVED
@@ -8675,25 +8675,25 @@ CVE-2018-17598
 	RESERVED
 CVE-2018-17597
 	RESERVED
-CVE-2018-17596
+CVE-2018-17596 (In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was dis ...)
 	NOT-FOR-US: Zoho ManageEngine AssetExplorer
-CVE-2018-17595
+CVE-2018-17595 (In the 5.4.0 version of the Fork CMS software, HTML Injection and Stor ...)
 	NOT-FOR-US: Fork CMS
-CVE-2018-17594
+CVE-2018-17594 (AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the top ...)
 	NOT-FOR-US: AirTies Air 5443v2 devices
-CVE-2018-17593
+CVE-2018-17593 (AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.h ...)
 	NOT-FOR-US: AirTies Air 5453 devices
 CVE-2018-17592
 	RESERVED
-CVE-2018-17591
+CVE-2018-17591 (AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top ...)
 	NOT-FOR-US: AirTies Air 5343v2 devices
-CVE-2018-17590
+CVE-2018-17590 (AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.h ...)
 	NOT-FOR-US: AirTies Air 5442 devices
-CVE-2018-17589
+CVE-2018-17589 (AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.h ...)
 	NOT-FOR-US: AirTies Air 5650 devices
-CVE-2018-17588
+CVE-2018-17588 (AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.h ...)
 	NOT-FOR-US: AirTies Air 5021 devices
-CVE-2018-17587
+CVE-2018-17587 (AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.h ...)
 	NOT-FOR-US: AirTies Air 5750 devices
 CVE-2018-17586
 	RESERVED
@@ -8703,19 +8703,19 @@ CVE-2018-17584
 	RESERVED
 CVE-2018-17583
 	RESERVED
-CVE-2018-17582
+CVE-2018-17582 (Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get ...)
 	- tcpreplay 4.3.1-1 (bug #910597)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
 	NOTE: https://github.com/appneta/tcpreplay/issues/484
 	NOTE: https://github.com/appneta/tcpreplay/commit/68f67b1a3a4d319543692afb5bd5b191ec984287
-CVE-2018-17581
+CVE-2018-17581 (CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has e ...)
 	{DLA-1691-1}
 	- exiv2 <unfixed> (low; bug #910060)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/460
 	NOTE: Fixed in: https://github.com/Exiv2/exiv2/commit/b3d077dcaefb6747fff8204490f33eba5a144edb
-CVE-2018-17580
+CVE-2018-17580 (A heap-based buffer over-read exists in the function fast_edit_packet( ...)
 	- tcpreplay 4.3.1-1 (bug #910596)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
@@ -8728,29 +8728,29 @@ CVE-2018-17577
 	RESERVED
 CVE-2018-17576
 	RESERVED
-CVE-2018-17575
+CVE-2018-17575 (SWA SWA.JACAD 3.1.37 Build 024 has SQL Injection via the /academico/al ...)
 	NOT-FOR-US: SWA SWA.JACAD
-CVE-2018-17574
+CVE-2018-17574 (An issue was discovered in YMFE YApi 1.3.23. There is stored XSS in th ...)
 	NOT-FOR-US: YMFE YApi
-CVE-2018-17573
+CVE-2018-17573 (The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbi ...)
 	NOT-FOR-US: Wp-Insert plugin for WordPress
 CVE-2018-17572
 	RESERVED
-CVE-2018-17571
+CVE-2018-17571 (Vanilla before 2.6.1 allows XSS via the email field of a profile. ...)
 	NOT-FOR-US: Vanilla
-CVE-2018-17570
+CVE-2018-17570 (utils/ut_ws_svr.c in ViaBTC Exchange Server before 2018-08-21 has an i ...)
 	NOT-FOR-US: ViaBTC Exchange Server
-CVE-2018-17569
+CVE-2018-17569 (network/nw_buf.c in ViaBTC Exchange Server before 2018-08-21 has an in ...)
 	NOT-FOR-US: ViaBTC Exchange Server
-CVE-2018-17568
+CVE-2018-17568 (utils/ut_rpc.c in ViaBTC Exchange Server before 2018-08-21 has an inte ...)
 	NOT-FOR-US: ViaBTC Exchange Server
-CVE-2018-17567
+CVE-2018-17567 (Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 all ...)
 	{DLA-1541-1}
 	- jekyll 3.8.3+dfsg-3.1 (low; bug #909933)
 	[stretch] - jekyll <no-dsa> (Minor issue)
 	NOTE: https://github.com/jekyll/jekyll/pull/7224
 	NOTE: https://jekyllrb.com/news/2018/09/19/security-fixes-for-3-6-3-7-3-8/
-CVE-2018-17566
+CVE-2018-17566 (In ThinkPHP 5.1.24, the inner function delete can be used for SQL inje ...)
 	NOT-FOR-US: ThinkPHP
 CVE-2018-17565
 	RESERVED
@@ -8758,7 +8758,7 @@ CVE-2018-17564
 	RESERVED
 CVE-2018-17563
 	RESERVED
-CVE-2018-17562
+CVE-2018-17562 (Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_ ...)
 	NOT-FOR-US: Multi-Tech FaxFinder
 CVE-2018-17561
 	RESERVED
@@ -8770,15 +8770,15 @@ CVE-2018-17558
 	RESERVED
 CVE-2018-17557
 	RESERVED
-CVE-2018-17556
+CVE-2018-17556 (MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Sou ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2018-17555
+CVE-2018-17555 (The web component on ARRIS TG2492LG-NA 061213 devices allows remote at ...)
 	NOT-FOR-US: ARRIS TG2492LG-NA 061213 devices
 CVE-2018-17554
 	RESERVED
-CVE-2018-17553
+CVE-2018-17553 (An "Unrestricted Upload of File with Dangerous Type" issue with direct ...)
 	NOT-FOR-US: Naviwebs Navigate CMS
-CVE-2018-17552
+CVE-2018-17552 (SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote  ...)
 	NOT-FOR-US: Naviwebs Navigate CMS
 CVE-2018-17551
 	RESERVED
@@ -8798,17 +8798,17 @@ CVE-2018-17544
 	RESERVED
 CVE-2018-17543
 	RESERVED
-CVE-2018-17542
+CVE-2018-17542 (SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allow ...)
 	NOT-FOR-US: MailSherlock
 CVE-2018-17541
 	RESERVED
-CVE-2018-17540
+CVE-2018-17540 (The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a  ...)
 	{DSA-4309-1 DLA-1528-1}
 	- strongswan 5.7.1-1
 	NOTE: https://www.strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html
-CVE-2018-17539
+CVE-2018-17539 (The BGP daemon (bgpd) in all IP Infusion ZebOS versions to 7.10.6 and  ...)
 	NOT-FOR-US: BGP daemon (bgpd) in IP Infusion ZebOS and OcNOS
-CVE-2018-17538
+CVE-2018-17538 (** DISPUTED ** Axon (formerly TASER International) Evidence Sync 3.15. ...)
 	NOT-FOR-US: Axon Evidence Sync
 CVE-2018-17537 [Persistent XSS package.json]
 	RESERVED
@@ -8824,11 +8824,11 @@ CVE-2018-17536 [Persistent XSS merge request project import]
 	NOTE: https://about.gitlab.com/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/
 CVE-2018-17535
 	RESERVED
-CVE-2018-17534
+CVE-2018-17534 (Teltonika RUT9XX routers with firmware before 00.04.233 provide a root ...)
 	NOT-FOR-US: Teltonika RUT9XX routers
-CVE-2018-17533
+CVE-2018-17533 (Teltonika RUT9XX routers with firmware before 00.05.01.1 are prone to  ...)
 	NOT-FOR-US: Teltonika RUT9XX routers
-CVE-2018-17532
+CVE-2018-17532 (Teltonika RUT9XX routers with firmware before 00.04.233 are prone to m ...)
 	NOT-FOR-US: Teltonika RUT9XX routers
 CVE-2018-17531
 	RESERVED
@@ -8930,10 +8930,10 @@ CVE-2018-17483
 	RESERVED
 CVE-2018-17482
 	RESERVED
-CVE-2018-17481
+CVE-2018-17481 (Incorrect object lifecycle handling in PDFium in Google Chrome prior t ...)
 	{DSA-4395-1 DSA-4352-1}
 	- chromium 71.0.3578.80-1
-CVE-2018-17480
+CVE-2018-17480 (Execution of user supplied Javascript during array deserialization lea ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
 CVE-2018-17479
@@ -8946,51 +8946,51 @@ CVE-2018-17478
 	{DSA-4340-1}
 	- chromium-browser 70.0.3538.102-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17477
+CVE-2018-17477 (Incorrect dialog placement in Extensions in Google Chrome prior to 70. ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17476
+CVE-2018-17476 (Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3 ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17475
+CVE-2018-17475 (Incorrect handling of history on iOS in Navigation in Google Chrome pr ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17474
+CVE-2018-17474 (Use after free in HTMLImportsController in Blink in Google Chrome prio ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17473
+CVE-2018-17473 (Incorrect handling of confusable characters in Omnibox in Google Chrom ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17472
+CVE-2018-17472 (Incorrect handling of googlechrome:// URL scheme on iOS in Intents in  ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17471
+CVE-2018-17471 (Incorrect dialog placement in WebContents in Google Chrome prior to 70 ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17470
+CVE-2018-17470 (A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 a ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17469
+CVE-2018-17469 (Incorrect handling of PDF filter chains in PDFium in Google Chrome pri ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17468
+CVE-2018-17468 (Incorrect handling of timer information during navigation in Blink in  ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17467
+CVE-2018-17467 (Insufficiently quick clearing of stale rendered content in Navigation  ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17466
+CVE-2018-17466 (Incorrect texture handling in Angle in Google Chrome prior to 70.0.353 ...)
 	{DSA-4362-1 DSA-4354-1 DSA-4330-1 DLA-1624-1 DLA-1605-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -9000,33 +9000,33 @@ CVE-2018-17466
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-17466
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/#CVE-2018-17466
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/#CVE-2018-17466
-CVE-2018-17465
+CVE-2018-17465 (Incorrect implementation of object trimming in V8 in Google Chrome pri ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17464
+CVE-2018-17464 (Incorrect handling of history on iOS in Navigation in Google Chrome pr ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17463
+CVE-2018-17463 (Incorrect side effect annotation in V8 in Google Chrome prior to 70.0. ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17462
+CVE-2018-17462 (Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538. ...)
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17461
+CVE-2018-17461 (An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 CVE-2018-17460
 	RESERVED
-CVE-2018-17457
+CVE-2018-17457 (An object lifecycle issue in Blink could lead to a use after free in W ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17456
+CVE-2018-17456 (Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x  ...)
 	{DSA-4311-1 DLA-1533-1}
 	- git 1:2.19.1-1
 	NOTE: https://public-inbox.org/git/xmqqy3bcuy3l.fsf@gitster-ct.c.googlers.com/
@@ -9075,127 +9075,127 @@ CVE-2018-17449 [Confidential information disclosure in events API endpoint]
 	- gitlab 11.1.8+dfsg-2
 	[stretch] - gitlab <not-affected> (Only affects 9.3 and later)
 	NOTE: https://about.gitlab.com/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/
-CVE-2018-17448
+CVE-2018-17448 (An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1 ...)
 	NOT-FOR-US: Citrix
-CVE-2018-17447
+CVE-2018-17447 (An Information Exposure Through Log Files issue was discovered in Citr ...)
 	NOT-FOR-US: Citrix
-CVE-2018-17446
+CVE-2018-17446 (A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetSc ...)
 	NOT-FOR-US: Citrix
-CVE-2018-17445
+CVE-2018-17445 (A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and N ...)
 	NOT-FOR-US: Citrix
-CVE-2018-17444
+CVE-2018-17444 (A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and ...)
 	NOT-FOR-US: Citrix
-CVE-2018-17443
+CVE-2018-17443 (An issue was discovered on D-Link Central WiFi Manager before v 1.03r0 ...)
 	NOT-FOR-US: D-Link
-CVE-2018-17442
+CVE-2018-17442 (An issue was discovered on D-Link Central WiFi Manager before v 1.03r0 ...)
 	NOT-FOR-US: D-Link
-CVE-2018-17441
+CVE-2018-17441 (An issue was discovered on D-Link Central WiFi Manager before v 1.03r0 ...)
 	NOT-FOR-US: D-Link
-CVE-2018-17440
+CVE-2018-17440 (An issue was discovered on D-Link Central WiFi Manager before v 1.03r0 ...)
 	NOT-FOR-US: D-Link
-CVE-2018-17439
+CVE-2018-17439 (An issue was discovered in the HDF HDF5 1.10.3 library. There is a sta ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#stack-overflow-in-h5s_extent_get_dims
-CVE-2018-17438
+CVE-2018-17438 (A SIGFPE signal is raised in the function H5D__select_io() of H5Dselec ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_h5d__select_io_h5dselect
-CVE-2018-17437
+CVE-2018-17437 (Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#memory-leak-in-h5o_dtype_decode_helper
-CVE-2018-17436
+CVE-2018-17436 (ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allo ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln8#invalid-write-memory-access-in-decompressc
-CVE-2018-17435
+CVE-2018-17435 (A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln7#heap-overflow-in-h5o_attr_decode
-CVE-2018-17434
+CVE-2018-17434 (A SIGFPE signal is raised in the function apply_filters() of h5repack_ ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_apply_filters_h5repack_filters
-CVE-2018-17433
+CVE-2018-17433 (A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln8#heap-overflow-in-readgifimagedesc
-CVE-2018-17432
+CVE-2018-17432 (A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in  ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln6#null-pointer-dereference-in-h5o_sdspace_encode
-CVE-2018-17431
+CVE-2018-17431 (Web Console in Comodo UTM Firewall before 2.7.0 allows remote attacker ...)
 	NOT-FOR-US: Comodo UTM
 CVE-2018-17430
 	RESERVED
-CVE-2018-17429
+CVE-2018-17429 (/console/account/manage.php?type=action&amp;action=add in JTBC v3.0(C) ...)
 	NOT-FOR-US: JTBC
-CVE-2018-17428
+CVE-2018-17428 (An issue was discovered in OPAC EasyWeb Five 5.7. There is SQL injecti ...)
 	NOT-FOR-US: OPAC EasyWeb Five
-CVE-2018-17427
+CVE-2018-17427 (SIMDComp before 0.1.0 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: SIMDComp
-CVE-2018-17426
+CVE-2018-17426 (WUZHI CMS 4.1.0 has stored XSS via the "Extension module" "SMS in stat ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-17425
+CVE-2018-17425 (WUZHI CMS 4.1.0 has stored XSS via the "Membership Center" "I want to  ...)
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-17424
 	RESERVED
 CVE-2018-17423
 	RESERVED
-CVE-2018-17422
+CVE-2018-17422 (dotCMS before 5.0.2 has open redirects via the html/common/forward_js. ...)
 	NOT-FOR-US: dotCMS
-CVE-2018-17421
+CVE-2018-17421 (An issue was discovered in ZrLog 2.0.3. There is stored XSS in the fil ...)
 	NOT-FOR-US: ZrLog
-CVE-2018-17420
+CVE-2018-17420 (An issue was discovered in ZrLog 2.0.3. There is a SQL injection vulne ...)
 	NOT-FOR-US: ZrLog
-CVE-2018-17419
+CVE-2018-17419 (An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS  ...)
 	NOT-FOR-US: Miek Gieben DNS library for Go
-CVE-2018-17418
+CVE-2018-17418 (Monstra CMS 3.0.4 allows remote attackers to execute arbitrary PHP cod ...)
 	NOT-FOR-US: Monstra CMS
 CVE-2018-17417
 	RESERVED
-CVE-2018-17416
+CVE-2018-17416 (A SQL injection vulnerability exists in zzcms v8.3 via the /admin/adcl ...)
 	NOT-FOR-US: zzcms
-CVE-2018-17415
+CVE-2018-17415 (zzcms V8.3 has a SQL injection in /user/zs_elite.php via the id parame ...)
 	NOT-FOR-US: zzcms
-CVE-2018-17414
+CVE-2018-17414 (zzcms v8.3 has a SQL injection in /user/jobmanage.php via the bigclass ...)
 	NOT-FOR-US: zzcms
-CVE-2018-17413
+CVE-2018-17413 (XSS exists in zzcms v8.3 via the /uploadimg_form.php noshuiyin paramet ...)
 	NOT-FOR-US: zzcms
-CVE-2018-17412
+CVE-2018-17412 (zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck. ...)
 	NOT-FOR-US: zzcms
-CVE-2018-17411
+CVE-2018-17411 (An XML External Entity (XXE) vulnerability exists in iWay Data Quality ...)
 	NOT-FOR-US: iWay Data Quality Suite Web Console
-CVE-2018-17410
+CVE-2018-17410 (Horus CMS allows SQL Injection, as demonstrated by a request to the /b ...)
 	NOT-FOR-US: Horus CMS
 CVE-2018-17409
 	RESERVED
-CVE-2018-17408
+CVE-2018-17408 (Stack-based buffer overflows in Zahir Accounting Enterprise Plus 6 thr ...)
 	NOT-FOR-US: Zahir Accounting Enterprise Plus
 CVE-2018-17406
 	RESERVED
 CVE-2018-17405
 	RESERVED
-CVE-2018-17404
+CVE-2018-17404 (The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Androi ...)
 	NOT-FOR-US: SBIbuddy application
-CVE-2018-17403
+CVE-2018-17403 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) application 3. ...)
 	NOT-FOR-US: PhonePe wallet application
-CVE-2018-17402
+CVE-2018-17402 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) application 3. ...)
 	NOT-FOR-US: PhonePe wallet application
-CVE-2018-17401
+CVE-2018-17401 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) application 3. ...)
 	NOT-FOR-US: PhonePe wallet application
-CVE-2018-17400
+CVE-2018-17400 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) application 3. ...)
 	NOT-FOR-US: PhonePe wallet application
 CVE-2018-17399
 	RESERVED
 CVE-2018-17398
 	RESERVED
-CVE-2018-17397
+CVE-2018-17397 (SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for  ...)
 	NOT-FOR-US: AlphaIndex Dictionaries component for Joomla!
 CVE-2018-17396
 	RESERVED
 CVE-2018-17395
 	RESERVED
-CVE-2018-17394
+CVE-2018-17394 (SQL Injection exists in the Timetable Schedule 3.6.8 component for Joo ...)
 	NOT-FOR-US: Timetable Schedule component for Joomla!
 CVE-2018-17393
 	RESERVED
 CVE-2018-17392
 	RESERVED
-CVE-2018-17391
+CVE-2018-17391 (SQL Injection exists in authors_post.php in Super Cms Blog Pro 1.0 via ...)
 	NOT-FOR-US: Super Cms Blog Pro
 CVE-2018-17390
 	RESERVED
@@ -9207,27 +9207,27 @@ CVE-2018-17387
 	RESERVED
 CVE-2018-17386
 	RESERVED
-CVE-2018-17385
+CVE-2018-17385 (SQL Injection exists in the Social Factory 3.8.3 component for Joomla! ...)
 	NOT-FOR-US: Social Factory component for Joomla!
-CVE-2018-17384
+CVE-2018-17384 (SQL Injection exists in the Swap Factory 2.2.1 component for Joomla! v ...)
 	NOT-FOR-US: Swap Factory component for Joomla!
-CVE-2018-17383
+CVE-2018-17383 (SQL Injection exists in the Collection Factory 4.1.9 component for Joo ...)
 	NOT-FOR-US: Collection Factory component for Joomla!
-CVE-2018-17382
+CVE-2018-17382 (SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! v ...)
 	NOT-FOR-US: Jobs Factory component for Joomla!
 CVE-2018-17381
 	RESERVED
-CVE-2018-17380
+CVE-2018-17380 (SQL Injection exists in the Article Factory Manager 4.3.9 component fo ...)
 	NOT-FOR-US: Article Factory Manager component for Joomla!
-CVE-2018-17379
+CVE-2018-17379 (SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! ...)
 	NOT-FOR-US: Raffle Factory component for Joomla!
-CVE-2018-17378
+CVE-2018-17378 (SQL Injection exists in the Penny Auction Factory 2.0.4 component for  ...)
 	NOT-FOR-US: Penny Auction Factory component for Joomla!
-CVE-2018-17377
+CVE-2018-17377 (SQL Injection exists in the Questions 1.4.3 component for Joomla! via  ...)
 	NOT-FOR-US: Questions component for Joomla!
-CVE-2018-17376
+CVE-2018-17376 (SQL Injection exists in the Reverse Auction Factory 4.3.8 component fo ...)
 	NOT-FOR-US: Reverse Auction Factory component for Joomla!
-CVE-2018-17375
+CVE-2018-17375 (SQL Injection exists in the Music Collection 3.0.3 component for Jooml ...)
 	NOT-FOR-US: Music Collection component for Joomla!
 CVE-2018-17374
 	RESERVED
@@ -9239,39 +9239,39 @@ CVE-2018-17371
 	RESERVED
 CVE-2018-17370
 	RESERVED
-CVE-2018-17369
+CVE-2018-17369 (An issue was discovered in springboot_authority through 2017-03-06. Th ...)
 	NOT-FOR-US: springboot_authority
-CVE-2018-17368
+CVE-2018-17368 (An issue was discovered in PublicCMS V4.0.180825. For an invalid login ...)
 	NOT-FOR-US: PublicCMS
 CVE-2018-17367
 	RESERVED
-CVE-2018-17366
+CVE-2018-17366 (An issue was discovered in MCMS 4.6.5. There is a CSRF vulnerability t ...)
 	NOT-FOR-US: MCMS
-CVE-2018-17365
+CVE-2018-17365 (SeaCMS 6.64 allows remote attackers to delete arbitrary files via the  ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-17364
+CVE-2018-17364 (OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via t ...)
 	NOT-FOR-US: OTCMS
 CVE-2018-17363
 	RESERVED
 CVE-2018-17362
 	RESERVED
-CVE-2018-17361
+CVE-2018-17361 (Multiple XSS vulnerabilities in WeaselCMS v0.3.6 allow remote attacker ...)
 	NOT-FOR-US: WeaselCMS
-CVE-2018-17360
+CVE-2018-17360 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
 	[experimental] - binutils 2.31.51.20181022-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23685
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cf93e9c2cf8f8b2566f8fc86e961592b51b5980d
-CVE-2018-17359
+CVE-2018-17359 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
 	[experimental] - binutils 2.31.51.20181022-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23686
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=30838132997e6a3cfe3ec11c58b32b22f6f6b102
-CVE-2018-17358
+CVE-2018-17358 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
 	[experimental] - binutils 2.31.51.20181022-1
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
@@ -9310,17 +9310,17 @@ CVE-2018-17343
 	RESERVED
 CVE-2018-17342
 	RESERVED
-CVE-2018-17341
+CVE-2018-17341 (BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is  ...)
 	NOT-FOR-US: BigTree CMS
 CVE-2018-17340
 	RESERVED
 CVE-2018-17339
 	RESERVED
-CVE-2018-17338
+CVE-2018-17338 (An issue has been found in pdfalto through 0.2. It is a heap-based buf ...)
 	NOT-FOR-US: pdfalto
-CVE-2018-17337
+CVE-2018-17337 (Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is r ...)
 	NOT-FOR-US: Intelbras NPLUG
-CVE-2018-17336
+CVE-2018-17336 (UDisks 2.8.0 has a format string vulnerability in udisks_log in udisks ...)
 	- udisks2 2.8.1-1 (bug #909607)
 	[stretch] - udisks2 <not-affected> (Vulnerable code introduced later)
 	[jessie] - udisks2 <not-affected> (Vulnerable code introduced later)
@@ -9329,11 +9329,11 @@ CVE-2018-17336
 	NOTE: Introduced by: https://github.com/storaged-project/udisks/commit/ad2ce6714e911be58011dd6b838ec0f6fd0f950f (udisks-2.6.4)
 CVE-2018-17335
 	RESERVED
-CVE-2018-17334
+CVE-2018-17334 (An issue was discovered in libsvg2 through 2012-10-19. A stack-based b ...)
 	NOT-FOR-US: libsvg2
-CVE-2018-17333
+CVE-2018-17333 (An issue was discovered in libsvg2 through 2012-10-19. A stack-based b ...)
 	NOT-FOR-US: libsvg2
-CVE-2018-17332
+CVE-2018-17332 (An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextP ...)
 	NOT-FOR-US: libsvg2
 CVE-2018-17331
 	RESERVED
@@ -9353,33 +9353,33 @@ CVE-2018-17324
 	RESERVED
 CVE-2018-17323
 	RESERVED
-CVE-2018-17322
+CVE-2018-17322 (Cross-site scripting (XSS) vulnerability in index.php/index/category/i ...)
 	NOT-FOR-US: YUNUCMS
-CVE-2018-17321
+CVE-2018-17321 (An issue was discovered in SeaCMS 6.64. XSS exists in admin_datarelate ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-17320
+CVE-2018-17320 (An issue was discovered in UCMS 1.4.6. aaddpost.php has stored XSS via ...)
 	NOT-FOR-US: UCMS
 CVE-2018-17319
 	RESERVED
 CVE-2018-17318
 	RESERVED
-CVE-2018-17317
+CVE-2018-17317 (FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers  ...)
 	NOT-FOR-US: FruityWifi
-CVE-2018-17316
+CVE-2018-17316 (On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabi ...)
 	NOT-FOR-US: RICOH MP C6003 printer
-CVE-2018-17315
+CVE-2018-17315 (On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabi ...)
 	NOT-FOR-US: RICOH MP C2003 printer
-CVE-2018-17314
+CVE-2018-17314 (On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS vul ...)
 	NOT-FOR-US: RICOH Aficio MP 305+ printer
-CVE-2018-17313
+CVE-2018-17313 (On the RICOH MP C307 printer, HTML Injection and Stored XSS vulnerabil ...)
 	NOT-FOR-US: RICOH MP C307 printer
-CVE-2018-17312
+CVE-2018-17312 (On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vuln ...)
 	NOT-FOR-US: RICOH Aficio MP 301 printer
-CVE-2018-17311
+CVE-2018-17311 (On the RICOH MP C6503 Plus printer, HTML Injection and Stored XSS vuln ...)
 	NOT-FOR-US: RICOH MP C6503 Plus printer
-CVE-2018-17310
+CVE-2018-17310 (On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS vulne ...)
 	NOT-FOR-US: RICOH MP C1803 JPN printer
-CVE-2018-17309
+CVE-2018-17309 (On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabi ...)
 	NOT-FOR-US: RICOH MP C406Z printer
 CVE-2018-17308
 	RESERVED
@@ -9393,31 +9393,31 @@ CVE-2018-17304
 	RESERVED
 CVE-2018-17303
 	RESERVED
-CVE-2018-17302
+CVE-2018-17302 (Stored XSS exists in views/fields/wysiwyg.js in EspoCRM 5.3.6 via a /# ...)
 	NOT-FOR-US: EspoCRM
-CVE-2018-17301
+CVE-2018-17301 (Reflected XSS exists in client/res/templates/global-search/name-field. ...)
 	NOT-FOR-US: EspoCRM
-CVE-2018-17300
+CVE-2018-17300 (Stored XSS exists in CuppaCMS through 2018-09-03 via an administrator/ ...)
 	NOT-FOR-US: CuppaCMS
 CVE-2018-17299
 	RESERVED
-CVE-2018-17298
+CVE-2018-17298 (An issue was discovered in Enalean Tuleap before 10.5. Reset password  ...)
 	NOT-FOR-US: Enalean Tuleap
-CVE-2018-17297
+CVE-2018-17297 (The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remo ...)
 	NOT-FOR-US: Hutool
 CVE-2018-17296
 	RESERVED
 CVE-2018-17295
 	RESERVED
-CVE-2018-17294
+CVE-2018-17294 (The matchCurrentInput function inside lou_translateString.c of Libloui ...)
 	- liblouis 3.7.0-1
 	[stretch] - liblouis <no-dsa> (Minor issue)
 	[jessie] - liblouis <ignored> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/commit/5e4089659bb49b3095fa541fa6387b4c40d7396e
 	NOTE: https://github.com/liblouis/liblouis/issues/635
-CVE-2018-17293
+CVE-2018-17293 (An issue was discovered in WAVM before 2018-09-16. The run function in ...)
 	NOT-FOR-US: WAVM
-CVE-2018-17292
+CVE-2018-17292 (An issue was discovered in WAVM before 2018-09-16. The loadModule func ...)
 	NOT-FOR-US: WAVM
 CVE-2018-17291
 	RESERVED
@@ -9435,19 +9435,19 @@ CVE-2018-17285
 	RESERVED
 CVE-2018-17284
 	RESERVED
-CVE-2018-17283
+CVE-2018-17283 (Zoho ManageEngine OpManager before 12.3 Build 123196 does not require  ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
-CVE-2018-17282
+CVE-2018-17282 (An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue: ...)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/457
 	NOTE: Fixed by: https://github.com/Exiv2/exiv2/commit/670fb73dd5ee8acab90971c4878de29f9fc43a02
 	NOTE: Introduced with: https://github.com/Exiv2/exiv2/commit/afb98cbc6e288dc8ea75f3394a347fb9b37abc55
-CVE-2018-17407
+CVE-2018-17407 (An issue was discovered in t1_check_unusual_charstring functions in wr ...)
 	{DSA-4299-1 DLA-1514-1}
 	- texlive-bin 2018.20180907.48586-2 (bug #909317)
 	NOTE: Fixed by: https://github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c
 	NOTE: Introduced in: https://github.com/TeX-Live/texlive-source/commit/59cbb8f96b0543c2912d6370ce8021181661e1cf
-CVE-2018-17281
+CVE-2018-17281 (There is a stack consumption vulnerability in the res_http_websocket.s ...)
 	{DSA-4320-1 DLA-1523-1}
 	- asterisk 1:13.23.1~dfsg-1 (bug #909554)
 	NOTE: https://downloads.asterisk.org/pub/security/AST-2018-009.html
@@ -9500,11 +9500,11 @@ CVE-2018-17258
 	REJECTED
 CVE-2018-17257
 	REJECTED
-CVE-2018-17256
+CVE-2018-17256 (Persistent cross-site scripting (XSS) vulnerability in Umbraco CMS 7.1 ...)
 	NOT-FOR-US: Umbraco CMS
-CVE-2018-17255
+CVE-2018-17255 (Navigate CMS 2.8 has Reflected XSS via the navigate.php fid parameter. ...)
 	NOT-FOR-US: Navigate CMS
-CVE-2018-17254
+CVE-2018-17254 (The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via th ...)
 	NOT-FOR-US: JCK Editor component for Joomla!
 CVE-2018-17253
 	REJECTED
@@ -9518,15 +9518,15 @@ CVE-2018-17249
 	REJECTED
 CVE-2018-17248
 	REJECTED
-CVE-2018-17247
+CVE-2018-17247 (Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in ...)
 	- elasticsearch <removed>
-CVE-2018-17246
+CVE-2018-17246 (Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file incl ...)
 	- kibana <itp> (bug #700337)
-CVE-2018-17245
+CVE-2018-17245 (Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an ...)
 	- kibana <itp> (bug #700337)
-CVE-2018-17244
+CVE-2018-17244 (Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the ...)
 	- elasticsearch <removed>
-CVE-2018-17243
+CVE-2018-17243 (Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2018-17242
 	RESERVED
@@ -9538,31 +9538,31 @@ CVE-2018-17239
 	RESERVED
 CVE-2018-17238
 	RESERVED
-CVE-2018-17237
+CVE-2018-17237 (A SIGFPE signal is raised in the function H5D__chunk_set_info_real() o ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/blob/master/HDF5/README.md#divided-by-zero---h5d__chunk_set_info_real_div_by_zero
-CVE-2018-17236
+CVE-2018-17236 (The function MP4Free() in mp4property.cpp in libmp4v2 2.1.0 internally ...)
 	- mp4v2 <removed> (bug #909277)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1629453
-CVE-2018-17235
+CVE-2018-17235 (The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in li ...)
 	- mp4v2 <removed> (bug #909278)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1629451
-CVE-2018-17234
+CVE-2018-17234 (Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in  ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln3#memory-leak---h5o__chunk_deserialize_memory_leak
-CVE-2018-17233
+CVE-2018-17233 (A SIGFPE signal is raised in the function H5D__create_chunk_file_map_h ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln2#divided-by-zero---h5d__create_chunk_file_map_hyper_div_zero
-CVE-2018-17232
+CVE-2018-17232 (SQL injection vulnerability in archivebot.py in docmarionum1 Slack Arc ...)
 	NOT-FOR-US: docmarionum1 Slack ArchiveBot (slack-archive-bot)
-CVE-2018-17231
+CVE-2018-17231 (** DISPUTED ** Telegram Desktop (aka tdesktop) 1.3.14 might allow atta ...)
 	- telegram-desktop <unfixed> (unimportant)
 	NOTE: Disputed as attack scenario does not cross a privilege boundary.
-CVE-2018-17230
+CVE-2018-17230 (Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to  ...)
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/455
@@ -9571,7 +9571,7 @@ CVE-2018-17230
 	NOTE: Some extra care needs to be applied when fixing isolately the issue in
 	NOTE: experimental, as the commit afb98cbc6e288dc8ea75f3394a347fb9b37abc55
 	NOTE: would introduce/uncover CVE-2018-17282.
-CVE-2018-17229
+CVE-2018-17229 (Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to c ...)
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/453
@@ -9580,7 +9580,7 @@ CVE-2018-17229
 	NOTE: Some extra care needs to be applied when fixing isolately the issue in
 	NOTE: experimental, as the commit afb98cbc6e288dc8ea75f3394a347fb9b37abc55
 	NOTE: would introduce/uncover CVE-2018-17282.
-CVE-2018-17228
+CVE-2018-17228 (nmap4j 1.1.0 allows attackers to execute arbitrary commands via shell  ...)
 	NOT-FOR-US: nmap4j
 CVE-2018-17227
 	RESERVED
@@ -9600,13 +9600,13 @@ CVE-2018-17220
 	RESERVED
 CVE-2018-17219
 	RESERVED
-CVE-2018-17218
+CVE-2018-17218 (An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. The ...)
 	NOT-FOR-US: PTC ThingWorx Platform
-CVE-2018-17217
+CVE-2018-17217 (An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. The ...)
 	NOT-FOR-US: PTC ThingWorx Platform
-CVE-2018-17216
+CVE-2018-17216 (An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. The ...)
 	NOT-FOR-US: PTC ThingWorx Platform
-CVE-2018-17215
+CVE-2018-17215 (An information-disclosure issue was discovered in Postman through 6.3. ...)
 	NOT-FOR-US: Postman
 CVE-2018-17214
 	RESERVED
@@ -9620,23 +9620,23 @@ CVE-2018-17210
 	RESERVED
 CVE-2018-17209
 	RESERVED
-CVE-2018-17208
+CVE-2018-17208 (Linksys Velop 1.1.2.187020 devices allow unauthenticated command injec ...)
 	NOT-FOR-US: Linksys Velop
-CVE-2018-17207
+CVE-2018-17207 (An issue was discovered in Snap Creek Duplicator before 1.2.42. By acc ...)
 	NOT-FOR-US: Snap Creek Duplicator
-CVE-2018-17206
+CVE-2018-17206 (An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The ...)
 	- openvswitch 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1
 	[jessie] - openvswitch <not-affected> (Vulnerable code does not exist; no such function)
 	NOTE: https://github.com/openvswitch/ovs/commit/5026a263d7846077eee540de42192d27da513226 (master)
 	NOTE: https://github.com/openvswitch/ovs/commit/20626d38c1a1d4cebb5a6911ea3cb6a7f4f993f8 (branch-2.8)
 	NOTE: https://github.com/openvswitch/ovs/commit/9237a63c47bd314b807cda0bd2216264e82edbe8 (branch-2.7)
-CVE-2018-17205
+CVE-2018-17205 (An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, aff ...)
 	- openvswitch 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1
 	[jessie] - openvswitch <not-affected> (Vulnerable code does not exist; no such function)
 	NOTE: https://github.com/openvswitch/ovs/commit/9a0ac025de9303334688ff08f01fc08604d2f624 (master)
 	NOTE: https://github.com/openvswitch/ovs/commit/638d406e3b647359f3d82189d7a6ee56b4a54928 (branch-2.8)
 	NOTE: https://github.com/openvswitch/ovs/commit/0befd1f3745055c32940f5faf9559be6a14395e6 (branch-2.7)
-CVE-2018-17204
+CVE-2018-17204 (An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, aff ...)
 	- openvswitch 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1
 	[jessie] - openvswitch <not-affected> (Vulnerable code does not exist; no such function)
 	NOTE: https://github.com/openvswitch/ovs/commit/9740d81d94888cb158fa99a9366fe2b32b3e4aaa (master)
@@ -9651,7 +9651,7 @@ CVE-2018-17201
 	RESERVED
 CVE-2018-17200
 	RESERVED
-CVE-2018-17199
+CVE-2018-17199 (In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks ...)
 	{DLA-1647-1}
 	- apache2 2.4.38-1 (low; bug #920303)
 	[stretch] - apache2 <no-dsa> (Minor issue)
@@ -9661,37 +9661,37 @@ CVE-2018-17199
 CVE-2018-17198
 	RESERVED
 	NOT-FOR-US: Apache Roller
-CVE-2018-17197
+CVE-2018-17197 (A carefully crafted or corrupt sqlite file can cause an infinite loop  ...)
 	- tika 1.20-1
 	[jessie] - tika <not-affected> (Only affects 1.8 to 1.19.1)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/22/2
 CVE-2018-17196
 	RESERVED
-CVE-2018-17195
+CVE-2018-17195 (The template upload API endpoint accepted requests from different doma ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2018-17194
+CVE-2018-17194 (When a client request to a cluster node was replicated to other nodes  ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2018-17193
+CVE-2018-17193 (The message-page.jsp error page used the value of the HTTP request hea ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2018-17192
+CVE-2018-17192 (The X-Frame-Options headers were applied inconsistently on some HTTP r ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2018-17191
+CVE-2018-17191 (Apache NetBeans (incubating) 9.0 NetBeans Proxy Auto-Configuration (PA ...)
 	- netbeans 10.0-1
 	[stretch] - netbeans <ignored> (Nashorn module is not enabled. Javascript support is incomplete)
 	NOTE: Fixed upstream in version 10.0
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/30/1
-CVE-2018-17190
+CVE-2018-17190 (In all versions of Apache Spark, its standalone resource manager accep ...)
 	NOT-FOR-US: Apache Spark
-CVE-2018-17189
+CVE-2018-17189 (In Apache HTTP server versions 2.4.37 and prior, by sending request bo ...)
 	- apache2 2.4.38-1 (low; bug #920302)
 	[stretch] - apache2 <no-dsa> (Minor issue)
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/22/2
-CVE-2018-17188
+CVE-2018-17188 (Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configurat ...)
 	- couchdb <removed>
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/17/1
-CVE-2018-17187
+CVE-2018-17187 (The Apache Qpid Proton-J transport includes an optional wrapper layer  ...)
 	- qpid-proton 0.22.0-1 (unimportant)
 	NOTE: https://qpid.apache.org/cves/CVE-2018-17187.html
 	NOTE: https://issues.apache.org/jira/browse/PROTON-1962
@@ -9699,13 +9699,13 @@ CVE-2018-17187
 	NOTE: Up to 0.17.0-rc1 upstream proton-j was included in the qpid-proton distribution
 	NOTE: but then moved out to a own repository.
 	NOTE: Cf. https://github.com/apache/qpid-proton/commit/ccdcf32932f04b387da9d4dbd810da29cae223aa
-CVE-2018-17186
+CVE-2018-17186 (An administrator with workflow definition entitlements can use DTD to  ...)
 	NOT-FOR-US: Apache Syncope
 CVE-2018-17185
 	RESERVED
-CVE-2018-17184
+CVE-2018-17184 (A malicious user with enough administration entitlements can inject ht ...)
 	NOT-FOR-US: Apache Syncope
-CVE-2018-17182
+CVE-2018-17182 (An issue was discovered in the Linux kernel through 4.18.8. The vmacac ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.10-1
 	NOTE: https://git.kernel.org/linus/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2
@@ -9716,20 +9716,20 @@ CVE-2018-17180
 	RESERVED
 CVE-2018-17179
 	RESERVED
-CVE-2018-17178
+CVE-2018-17178 (An issue was discovered on Neato Botvac Connected 2.2.0 devices. They  ...)
 	NOT-FOR-US: Neato Botvac Connected devices
-CVE-2018-17177
+CVE-2018-17177 (An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85  ...)
 	NOT-FOR-US: Neato Botvac Connected and Botvac 85 devices
-CVE-2018-17176
+CVE-2018-17176 (A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. ...)
 	NOT-FOR-US: Neato Botvac Connected devices
-CVE-2018-17175
+CVE-2018-17175 (In the marshmallow library before 2.15.1 and 3.x before 3.0.0b9 for Py ...)
 	- python-marshmallow 3.0.0b14-1 (bug #909140)
 	NOTE: https://github.com/marshmallow-code/marshmallow/issues/772
-CVE-2018-17174
+CVE-2018-17174 (A stack-based buffer overflow was discovered in the xtimor NMEA librar ...)
 	NOT-FOR-US: nmealib
-CVE-2018-17173
+CVE-2018-17173 (LG SuperSign CMS allows remote attackers to execute arbitrary code via ...)
 	NOT-FOR-US: LG SuperSign CMS
-CVE-2018-17172
+CVE-2018-17172 (The web application on Xerox AltaLink B80xx before 100.008.028.05200,  ...)
 	NOT-FOR-US: Xerox
 CVE-2018-17171
 	RESERVED
@@ -9751,29 +9751,29 @@ CVE-2018-17163
 	REJECTED
 CVE-2018-17162
 	REJECTED
-CVE-2018-17161
+CVE-2018-17161 (In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r ...)
 	NOT-FOR-US: FreeBSD bootpd
-CVE-2018-17160
+CVE-2018-17160 (In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficie ...)
 	NOT-FOR-US: FreeBSD bhyve
-CVE-2018-17159
+CVE-2018-17159 (In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS se ...)
 	NOT-FOR-US: FreeBSD nfs server
-CVE-2018-17158
+CVE-2018-17158 (In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer ...)
 	NOT-FOR-US: FreeBSD nfs server
-CVE-2018-17157
+CVE-2018-17157 (In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer ...)
 	NOT-FOR-US: FreeBSD nfs server
-CVE-2018-17156
+CVE-2018-17156 (In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to inc ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-EN-18:13.icmp.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-17155
+CVE-2018-17155 (In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE- ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-EN-18:12.mem.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-17154
+CVE-2018-17154 (In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELE ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-EN-18:10.syscall.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-1000802
+CVE-2018-1000802 (Python Software Foundation Python (CPython) version 2.7 contains a CWE ...)
 	{DSA-4306-1 DLA-1520-1 DLA-1519-1}
 	- python3.7 <not-affected> (Fixed before initial upload)
 	- python3.6 <not-affected> (Fixed before initial upload)
@@ -9786,7 +9786,7 @@ CVE-2018-1000802
 	NOTE: https://github.com/python/cpython/commit/a0934b2c1b939fdebee8dc18d49a0f6c52324773
 	NOTE: which used distutils.spawn.
 	NOTE: PoC: https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig
-CVE-2018-17153
+CVE-2018-17153 (It was discovered that the Western Digital My Cloud device before 2.30 ...)
 	NOT-FOR-US: Western Digital My Cloud device
 CVE-2018-17152
 	RESERVED
@@ -9804,57 +9804,57 @@ CVE-2018-17146
 	RESERVED
 CVE-2018-17145
 	RESERVED
-CVE-2018-17144
+CVE-2018-17144 (Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x be ...)
 	- bitcoin 0.16.3~dfsg-1
 	- litecoin 0.16.3-1
 	NOTE: https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17144
-CVE-2018-17143
+CVE-2018-17143 (The html package (aka x/net/html) through 2018-09-17 in Go mishandles  ...)
 	- golang-golang-x-net-dev <not-affected> (Vulnerable code introduced later)
 	- golang-go.net-dev <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/golang/go/issues/27704
 	NOTE: Fixed by: https://github.com/golang/net/commit/2f5d2388922f370f4355f327fcf4cfe9f5583908
 	NOTE: Introduced by: https://github.com/golang/net/commit/500e7a4f953ddaf55d316b4d3adc516aa0379622
-CVE-2018-17142
+CVE-2018-17142 (The html package (aka x/net/html) through 2018-09-17 in Go mishandles  ...)
 	- golang-golang-x-net-dev <not-affected> (Vulnerable code introduced later)
 	- golang-go.net-dev <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/golang/go/issues/27702
 	NOTE: Fixed by: https://github.com/golang/net/commit/cf3bd585ca2a5a21b057abd8be7eea2204af89d0
 	NOTE: Introduced by: https://github.com/golang/net/commit/500e7a4f953ddaf55d316b4d3adc516aa0379622
-CVE-2018-17141
+CVE-2018-17141 (HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arb ...)
 	{DSA-4298-1 DLA-1515-1}
 	- hylafax 3:6.0.6-8.1 (bug #909161)
 	NOTE: http://git.hylafax.org/HylaFAX?a=commit;h=82fa7bdbffc253de4d3e80a87d47fdbf68eabe36
-CVE-2018-17140
+CVE-2018-17140 (The Quizlord plugin through 2.0 for WordPress is prone to Stored XSS v ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-17139
+CVE-2018-17139 (UltimatePOS 2.5 allows users to upload arbitrary files, which leads to ...)
 	NOT-FOR-US: UltimatePOS
-CVE-2018-17138
+CVE-2018-17138 (The Jibu Pro plugin through 1.7 for WordPress is prone to Stored XSS v ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-17137
+CVE-2018-17137 (Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 prese ...)
 	NOT-FOR-US: Prezi Next
-CVE-2018-17136
+CVE-2018-17136 (zzcms 8.3 contains a SQL Injection vulnerability in /user/check.php vi ...)
 	NOT-FOR-US: zzcms
 CVE-2018-17135
 	RESERVED
-CVE-2018-17134
+CVE-2018-17134 (admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute ar ...)
 	NOT-FOR-US: PHPMyWind
-CVE-2018-17133
+CVE-2018-17133 (admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute ar ...)
 	NOT-FOR-US: PHPMyWind
-CVE-2018-17132
+CVE-2018-17132 (admin/goods_update.php in PHPMyWind 5.5 allows Admin users to execute  ...)
 	NOT-FOR-US: PHPMyWind
-CVE-2018-17131
+CVE-2018-17131 (admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute ar ...)
 	NOT-FOR-US: PHPMyWind
-CVE-2018-17130
+CVE-2018-17130 (PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header, ...)
 	NOT-FOR-US: PHPMyWind
-CVE-2018-17129
+CVE-2018-17129 (MetInfo 6.1.0 has SQL injection in doexport() in app/system/feedback/a ...)
 	NOT-FOR-US: MetInfo
-CVE-2018-17128
+CVE-2018-17128 (A Persistent XSS issue was discovered in the Visual Editor in MyBB bef ...)
 	NOT-FOR-US: MyBB
-CVE-2018-17127
+CVE-2018-17127 (blocking_request.cgi on ASUS GT-AC5300 devices through 3.0.0.4.384_327 ...)
 	NOT-FOR-US: ASUS
-CVE-2018-17126
+CVE-2018-17126 (CScms 4.1 allows remote code execution, as demonstrated by 1');eval($_ ...)
 	NOT-FOR-US: CScms
-CVE-2018-17125
+CVE-2018-17125 (CScms 4.1 allows arbitrary directory deletion via a dir=..\\ substring ...)
 	NOT-FOR-US: CScms
 CVE-2018-17124
 	RESERVED
@@ -9878,37 +9878,37 @@ CVE-2018-17115
 	RESERVED
 CVE-2018-17114
 	RESERVED
-CVE-2018-17113
+CVE-2018-17113 (App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.s ...)
 	NOT-FOR-US: EasyCMS
 CVE-2018-17112
 	RESERVED
-CVE-2018-17111
+CVE-2018-17111 (The onlyOwner modifier of a smart contract implementation for Coinlanc ...)
 	NOT-FOR-US: onlyOwner modifier of a smart contract implementation for Coinlancer (CL)
-CVE-2018-17110
+CVE-2018-17110 (Simple POS 4.0.24 allows SQL Injection via a products/get_products/ co ...)
 	NOT-FOR-US: Simple POS
 CVE-2018-17109
 	RESERVED
-CVE-2018-17108
+CVE-2018-17108 (The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Androi ...)
 	NOT-FOR-US: SBIbuddy
-CVE-2018-17107
+CVE-2018-17107 (In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in 3.2.5. ...)
 	NOT-FOR-US: Tgstation tgstation-server
-CVE-2018-17106
+CVE-2018-17106 (In Tinyftp Tinyftpd 1.1, a buffer overflow exists in the text variable ...)
 	NOT-FOR-US: Tinyftpd
 CVE-2018-17105
 	RESERVED
-CVE-2018-17104
+CVE-2018-17104 (An issue was discovered in Microweber 1.0.7. There is a CSRF attack (a ...)
 	NOT-FOR-US: Microweber
-CVE-2018-17103
+CVE-2018-17103 (** DISPUTED ** An issue was discovered in GetSimple CMS v3.3.13. There ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2018-17102
+CVE-2018-17102 (An issue was discovered in QuickAppsCMS (aka QACMS) through 2.0.0-beta ...)
 	NOT-FOR-US: QuickAppsCMS
-CVE-2018-17101
+CVE-2018-17101 (An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds  ...)
 	{DSA-4349-1 DLA-1557-1}
 	- tiff 4.0.9+git181026-1 (bug #909037)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2807
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/f1b94e8a3ba49febdd3361c0214a1d1149251577
-CVE-2018-17100
+CVE-2018-17100 (An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in ...)
 	{DLA-1557-1}
 	- tiff 4.0.9+git181026-1 (low; bug #909038)
 	[stretch] - tiff <postponed> (Minor issue)
@@ -9918,55 +9918,55 @@ CVE-2018-17100
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/6da1fb3f64d43be37e640efbec60400d1f1ac39e
 CVE-2018-17099
 	RESERVED
-CVE-2018-17098
+CVE-2018-17098 (The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 ...)
 	- soundtouch 2.1.2+ds1-1 (low; bug #913894)
 	[stretch] - soundtouch <no-dsa> (Minor issue)
 	[jessie] - soundtouch <ignored> (Minor issue)
 	NOTE: https://gitlab.com/soundtouch/soundtouch/issues/14
-CVE-2018-17097
+CVE-2018-17097 (The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 ...)
 	- soundtouch 2.1.2+ds1-1 (low; bug #913895)
 	[stretch] - soundtouch <no-dsa> (Minor issue)
 	[jessie] - soundtouch <ignored> (Minor issue)
 	NOTE: https://gitlab.com/soundtouch/soundtouch/issues/14
-CVE-2018-17096
+CVE-2018-17096 (The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parvia ...)
 	- soundtouch 2.1.2+ds1-1 (low)
 	[stretch] - soundtouch <no-dsa> (Minor issue)
 	[jessie] - soundtouch <ignored> (Minor issue)
 	NOTE: https://gitlab.com/soundtouch/soundtouch/issues/14
-CVE-2018-17183
+CVE-2018-17183 (Artifex Ghostscript before 9.25 allowed a user-writable error exceptio ...)
 	{DSA-4294-1 DLA-1527-1}
 	- ghostscript 9.25~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699708
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=fb713b3818b52d8a6cf62c951eba2e1795ff9624
-CVE-2018-17095
+CVE-2018-17095 (An issue has been discovered in mpruett Audio File Library (aka audiof ...)
 	- audiofile <unfixed> (low; bug #913166)
 	[stretch] - audiofile <no-dsa> (Minor issue)
 	[jessie] - audiofile <postponed> (Can be fixed along in future DLA)
 	NOTE: https://github.com/mpruett/audiofile/issues/50
 	NOTE: https://github.com/mpruett/audiofile/issues/51
-CVE-2018-17094
+CVE-2018-17094 (An issue has been discovered in mackyle xar 1.6.1. There is a NULL poi ...)
 	- xar <removed>
-CVE-2018-17093
+CVE-2018-17093 (An issue has been discovered in mackyle xar 1.6.1. There is a NULL poi ...)
 	- xar <removed>
-CVE-2018-17092
+CVE-2018-17092 (An issue was discovered in DonLinkage 6.6.8. SQL injection in /pages/p ...)
 	NOT-FOR-US: DonLinkage
-CVE-2018-17091
+CVE-2018-17091 (An issue was discovered in DonLinkage 6.6.8. It allows remote attacker ...)
 	NOT-FOR-US: DonLinkage
-CVE-2018-17090
+CVE-2018-17090 (An issue was discovered in DonLinkage 6.6.8. The modules /pages/bazy/b ...)
 	NOT-FOR-US: DonLinkage
 CVE-2018-17089
 	RESERVED
 CVE-2018-17087
 	RESERVED
-CVE-2018-17086
+CVE-2018-17086 (An issue was discovered in OTCMS 3.61. XSS exists in admin/share_switc ...)
 	NOT-FOR-US: OTCMS
-CVE-2018-17085
+CVE-2018-17085 (An issue was discovered in OTCMS 3.61. XSS exists in admin/users.php v ...)
 	NOT-FOR-US: OTCMS
 CVE-2018-17084
 	RESERVED
 CVE-2018-17083
 	RESERVED
-CVE-2018-17082
+CVE-2018-17082 (The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x ...)
 	{DSA-4353-1 DLA-1509-1}
 	- php7.3 7.3.0~rc2-1
 	- php7.2 <unfixed>
@@ -9976,7 +9976,7 @@ CVE-2018-17082
 	NOTE: Fixed in 5.6.38, 7.0.32, 7.1.22, 7.2.10, 7.3.0RC1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76582
 	NOTE: https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e
-CVE-2018-17081
+CVE-2018-17081 (e107 2.1.9 allows CSRF via e107_admin/wmessage.php?mode=&amp;action=in ...)
 	NOT-FOR-US: e107
 CVE-2018-17080
 	RESERVED
@@ -9984,112 +9984,112 @@ CVE-2018-17079
 	RESERVED
 CVE-2018-17078
 	RESERVED
-CVE-2018-17077
+CVE-2018-17077 (An issue was discovered in yiqicms through 2016-11-20. There is stored ...)
 	NOT-FOR-US: yiqicms
-CVE-2018-17076
+CVE-2018-17076 (GPP through 2.25 will try to use more memory space than is available o ...)
 	- gpp <unfixed> (unimportant; bug #908939)
 	NOTE: https://github.com/logological/gpp/issues/26
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-17075
+CVE-2018-17075 (The html package (aka x/net/html) before 2018-07-13 in Go mishandles " ...)
 	- golang-golang-x-net-dev <not-affected> (Vulnerable code introduced later)
 	- golang-go.net-dev <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/golang/go/issues/27016
 	NOTE: Fixed by: https://github.com/golang/net/commit/aaf60122140d3fcf75376d319f0554393160eb50
 	NOTE: Introduced in: https://github.com/golang/net/commit/500e7a4f953ddaf55d316b4d3adc516aa0379622
-CVE-2018-17074
+CVE-2018-17074 (The Feed Statistics plugin before 4.0 for WordPress has an Open Redire ...)
 	NOT-FOR-US: Feed Statistics plugin for WordPress
-CVE-2018-17073
+CVE-2018-17073 (wernsey/bitmap before 2018-08-18 allows a NULL pointer dereference via ...)
 	NOT-FOR-US: bitmap
-CVE-2018-17072
+CVE-2018-17072 (JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json. ...)
 	NOT-FOR-US: JSON++
-CVE-2018-17071
+CVE-2018-17071 (The fallback function of a simple lottery smart contract implementatio ...)
 	NOT-FOR-US: fallback function of a simple lottery smart contract implementation for Lucky9io
-CVE-2018-17070
+CVE-2018-17070 (An issue was discovered in UNL-CMS 7.59. A CSRF attack can update the  ...)
 	NOT-FOR-US: UNL-CMS
-CVE-2018-17069
+CVE-2018-17069 (An issue was discovered in UNL-CMS 7.59. A CSRF attack can create new  ...)
 	NOT-FOR-US: UNL-CMS
-CVE-2018-17068
+CVE-2018-17068 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP ...)
 	NOT-FOR-US: D-Link
-CVE-2018-17067
+CVE-2018-17067 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very  ...)
 	NOT-FOR-US: D-Link
-CVE-2018-17066
+CVE-2018-17066 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP ...)
 	NOT-FOR-US: D-Link
-CVE-2018-17065
+CVE-2018-17065 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within  ...)
 	NOT-FOR-US: D-Link
-CVE-2018-17064
+CVE-2018-17064 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP ...)
 	NOT-FOR-US: D-Link
-CVE-2018-17063
+CVE-2018-17063 (An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP ...)
 	NOT-FOR-US: D-Link
-CVE-2018-17062
+CVE-2018-17062 (An issue was discovered in SeaCMS 6.64. XSS exists in admin_video.php  ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-17061
+CVE-2018-17061 (BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing,  ...)
 	NOT-FOR-US: BullGuard Safe Browsing
-CVE-2018-17060
+CVE-2018-17060 (Telerik Extensions for ASP.NET MVC (all versions) does not whitelist r ...)
 	NOT-FOR-US: Telerik Extensions for ASP.NET MVC
 CVE-2018-17059
 	RESERVED
 CVE-2018-17058
 	RESERVED
-CVE-2018-17057
+CVE-2018-17057 (An issue was discovered in TCPDF before 6.2.22. Attackers can trigger  ...)
 	- tcpdf 6.2.26+dfsg-1 (bug #908866)
 	[stretch] - tcpdf <no-dsa> (Minor issue)
 	[jessie] - tcpdf <ignored> (Minor issue)
 	NOTE: https://github.com/tecnickcom/TCPDF/commit/1861e33fe05f653b67d070f7c106463e7a5c26e
 	NOTE: Was considered minor for jessie since arbitrary deserialization
 	NOTE: is still possible using http and https.
-CVE-2018-17056
+CVE-2018-17056 (Cross-site scripting (XSS) vulnerability in ServiceStack in Progress S ...)
 	NOT-FOR-US: Progress Sitefinity CMS
-CVE-2018-17055
+CVE-2018-17055 (An arbitrary file upload vulnerability in Progress Sitefinity CMS vers ...)
 	NOT-FOR-US: Progress Sitefinity CMS
-CVE-2018-17054
+CVE-2018-17054 (Cross-site scripting (XSS) vulnerability in Identity Server in Progres ...)
 	NOT-FOR-US: Progress Sitefinity CMS
-CVE-2018-17053
+CVE-2018-17053 (Cross-site scripting (XSS) vulnerability in Identity Server in Progres ...)
 	NOT-FOR-US: Progress Sitefinity CMS
 CVE-2018-17052
 	RESERVED
-CVE-2018-17051
+CVE-2018-17051 (K-Net Cisco Configuration Manager through 2014-11-19 has XSS via devic ...)
 	NOT-FOR-US: K-Net Cisco Configuration Manager
-CVE-2018-17050
+CVE-2018-17050 (The mintToken function of a smart contract implementation for PolyAi ( ...)
 	NOT-FOR-US: smart contract
-CVE-2018-17049
+CVE-2018-17049 (CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback ...)
 	NOT-FOR-US: CQU-LANKERS
 CVE-2018-17048
 	RESERVED
 CVE-2018-17047
 	RESERVED
-CVE-2018-17046
+CVE-2018-17046 (translate man before 2018-08-21 has XSS via containers/outputBox/outpu ...)
 	NOT-FOR-US: translate-man
-CVE-2018-17045
+CVE-2018-17045 (An issue was discovered in CMS MaeloStore V.1.5.0. There is a CSRF vul ...)
 	NOT-FOR-US: CMS MaeloStore
-CVE-2018-17044
+CVE-2018-17044 (In YzmCMS 5.1, stored XSS exists via the admin/system_manage/user_conf ...)
 	NOT-FOR-US: YzmCMS
-CVE-2018-17043
+CVE-2018-17043 (An issue has been found in doc2txt through 2014-03-19. It is a heap-ba ...)
 	NOT-FOR-US: doc2txt
-CVE-2018-17042
+CVE-2018-17042 (An issue has been found in dbf2txt through 2012-07-19. It is a infinit ...)
 	NOT-FOR-US: doc2txt
 CVE-2018-17041
 	RESERVED
 CVE-2018-17040
 	RESERVED
-CVE-2018-17039
+CVE-2018-17039 (MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted ...)
 	NOT-FOR-US: MiniCMS
 CVE-2018-17038
 	RESERVED
-CVE-2018-17037
+CVE-2018-17037 (user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escala ...)
 	NOT-FOR-US: UCMS
-CVE-2018-17036
+CVE-2018-17036 (An issue was discovered in UCMS 1.4.6. It allows PHP code injection du ...)
 	NOT-FOR-US: UCMS
-CVE-2018-17035
+CVE-2018-17035 (UCMS 1.4.6 has SQL injection during installation via the install/index ...)
 	NOT-FOR-US: UCMS
-CVE-2018-17034
+CVE-2018-17034 (UCMS 1.4.6 has XSS via the install/index.php mysql_dbname parameter. ...)
 	NOT-FOR-US: UCMS
 CVE-2018-17033
 	RESERVED
 CVE-2018-17032
 	RESERVED
-CVE-2018-17031
+CVE-2018-17031 (In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger MI ...)
 	NOT-FOR-US: Go Git Service
-CVE-2018-17030
+CVE-2018-17030 (BigTree CMS 4.2.23 allows remote authenticated users, if possessing pr ...)
 	NOT-FOR-US: BigTree CMS
 CVE-2018-17029
 	RESERVED
@@ -10097,61 +10097,61 @@ CVE-2018-17028
 	RESERVED
 CVE-2018-17027
 	RESERVED
-CVE-2018-17026
+CVE-2018-17026 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_titl ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-17025
+CVE-2018-17025 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_titl ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-17024
+CVE-2018-17024 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_titl ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-17023
+CVE-2018-17023 (Cross-site request forgery (CSRF) vulnerability on ASUS GT-AC5300 rout ...)
 	NOT-FOR-US: ASUS GT-AC5300 routers
-CVE-2018-17022
+CVE-2018-17022 (Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0 ...)
 	NOT-FOR-US: ASUS GT-AC5300 routers
-CVE-2018-17021
+CVE-2018-17021 (Cross-site scripting (XSS) vulnerability on ASUS GT-AC5300 devices wit ...)
 	NOT-FOR-US: ASUS GT-AC5300 devices
-CVE-2018-17020
+CVE-2018-17020 (ASUS GT-AC5300 devices with firmware through 3.0.0.4.384_32738 allow r ...)
 	NOT-FOR-US: ASUS GT-AC5300 devices
-CVE-2018-17019
+CVE-2018-17019 (In Bro through 2.5.5, there is a DoS in IRC protocol names command par ...)
 	- bro <unfixed> (bug #908779)
 	[stretch] - bro <no-dsa> (Minor issue)
 	NOTE: https://github.com/bro/bro/commit/c2b18849f8bb833253538f5dfedb4ed1dc176a30
-CVE-2018-17018
+CVE-2018-17018 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17017
+CVE-2018-17017 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17016
+CVE-2018-17016 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17015
+CVE-2018-17015 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17014
+CVE-2018-17014 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17013
+CVE-2018-17013 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17012
+CVE-2018-17012 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17011
+CVE-2018-17011 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17010
+CVE-2018-17010 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17009
+CVE-2018-17009 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17008
+CVE-2018-17008 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17007
+CVE-2018-17007 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17006
+CVE-2018-17006 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17005
+CVE-2018-17005 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17004
+CVE-2018-17004 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-17003
+CVE-2018-17003 (In LimeSurvey 3.14.7, HTML Injection and Stored XSS have been discover ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2018-17002
+CVE-2018-17002 (On the RICOH MP 2001 printer, HTML Injection and Stored XSS vulnerabil ...)
 	NOT-FOR-US: RICOH
-CVE-2018-17001
+CVE-2018-17001 (On the RICOH SP 4510SF printer, HTML Injection and Stored XSS vulnerab ...)
 	NOT-FOR-US: RICOH
-CVE-2018-17000
+CVE-2018-17000 (A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c ( ...)
 	{DLA-1680-1}
 	- tiff 4.0.10-4 (bug #908778)
 	[stretch] - tiff <postponed> (Minor issue)
@@ -10159,7 +10159,7 @@ CVE-2018-17000
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2811
 	NOTE: Relates to http://bugzilla.maptools.org/show_bug.cgi?id=2833
 	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/commit/802d3cbf3043be5dce5317e140ccb1c17a6a2d39
-CVE-2018-16999
+CVE-2018-16999 (Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segment ...)
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392508
 	NOTE: https://github.com/netwide-assembler/nasm/commit/980dd658b521afe4a688c4195410c4449a8e2468
@@ -10186,95 +10186,95 @@ CVE-2018-16989
 	RESERVED
 CVE-2018-16988
 	RESERVED
-CVE-2018-16987
+CVE-2018-16987 (Squash TM through 1.18.0 presents the cleartext passwords of external  ...)
 	NOT-FOR-US: Squash TM
-CVE-2018-16986
+CVE-2018-16986 (Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 de ...)
 	NOT-FOR-US: Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices
-CVE-2018-16985
+CVE-2018-16985 (In Lizard (formerly LZ5) 2.0, use of an invalid memory address was dis ...)
 	NOT-FOR-US: Lizard
-CVE-2018-16984
+CVE-2018-16984 (An issue was discovered in Django 2.1 before 2.1.2, in which unprivile ...)
 	[experimental] - python-django 2:2.1.2-1
 	- python-django <not-affected> (bug #910016; vulnerable code not present)
 	NOTE: https://www.djangoproject.com/weblog/2018/oct/01/security-release/
 	NOTE: https://github.com/django/django/commit/bf39978a53f117ca02e9a0c78b76664a41a54745 (master)
 	NOTE: https://github.com/django/django/commit/c4bd5b597e0aa2432e4c867b86650f18af117851 (2.1)
-CVE-2018-16983
+CVE-2018-16983 (NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other  ...)
 	- mozilla-noscript <unfixed> (unimportant)
 	NOTE: This is not a security issue in NoScript by itself
-CVE-2018-16982
+CVE-2018-16982 (Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial ...)
 	NOT-FOR-US: Open Chinese Convert (OpenCC)
-CVE-2018-16981
+CVE-2018-16981 (stb stb_image.h 2.19, as used in catimg, Emscripten, and other product ...)
 	- catimg <undetermined>
 	NOTE: https://github.com/nothings/stb/issues/656
 	TODO: further check, stb_image.h in older version is embedded in src:catimg
-CVE-2018-16980
+CVE-2018-16980 (dotCMS V5.0.1 has XSS in the /html/portlet/ext/contentlet/image_tools/ ...)
 	NOT-FOR-US: dotCMS
-CVE-2018-16979
+CVE-2018-16979 (Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-16978
+CVE-2018-16978 (Monstra CMS V3.0.4 has XSS when ones tries to register an account with ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-16977
+CVE-2018-16977 (Monstra CMS V3.0.4 has an information leakage risk (e.g., PATH, DOCUME ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-16975
+CVE-2018-16975 (An issue was discovered in Elefant CMS before 2.0.7. There is a PHP Co ...)
 	NOT-FOR-US: Elefant CMS
-CVE-2018-16974
+CVE-2018-16974 (An issue was discovered in Elefant CMS before 2.0.7. There is a PHP Co ...)
 	NOT-FOR-US: Elefant CMS
 CVE-2018-16973
 	RESERVED
 CVE-2018-16972
 	RESERVED
-CVE-2018-16971
+CVE-2018-16971 (Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direc ...)
 	NOT-FOR-US: Wisetail Learning Ecosystem
-CVE-2018-16970
+CVE-2018-16970 (Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direc ...)
 	NOT-FOR-US: Wisetail Learning Ecosystem
-CVE-2018-16969
+CVE-2018-16969 (Citrix ShareFile StorageZones Controller before 5.4.2 has Information  ...)
 	NOT-FOR-US: Citrix ShareFile StorageZones Controller
-CVE-2018-16968
+CVE-2018-16968 (Citrix ShareFile StorageZones Controller before 5.4.2 allows Directory ...)
 	NOT-FOR-US: Citrix ShareFile StorageZones Controller
 CVE-2018-16967
 	RESERVED
 CVE-2018-16966
 	RESERVED
-CVE-2018-16965
+CVE-2018-16965 (In Zoho ManageEngine SupportCenter Plus before 8.1 Build 8109, there i ...)
 	NOT-FOR-US: Zoho
 CVE-2018-16964
 	RESERVED
 CVE-2018-16963
 	RESERVED
-CVE-2018-16962
+CVE-2018-16962 (Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to t ...)
 	NOT-FOR-US: Webroot SecureAnywhere
 CVE-2018-16961
 	RESERVED
 CVE-2018-16960
 	RESERVED
-CVE-2018-16959
+CVE-2018-16959 (An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. ...)
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16958
+CVE-2018-16958 (An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. ...)
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16957
+CVE-2018-16957 (The Oracle WebCenter Interaction 10.3.3 search service queryd.exe bina ...)
 	NOT-FOR-US: Oracle WebCenter Interaction
-CVE-2018-16956
+CVE-2018-16956 (The AjaxControl component of Oracle WebCenter Interaction Portal 10.3. ...)
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16955
+CVE-2018-16955 (The login function of Oracle WebCenter Interaction Portal 10.3.3 is vu ...)
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16954
+CVE-2018-16954 (An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. ...)
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16953
+CVE-2018-16953 (The AjaxView::DisplayResponse() function of the portalpages.dll assemb ...)
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16952
+CVE-2018-16952 (The Oracle WebCenter Interaction Portal 10.3.3 does not implement prot ...)
 	NOT-FOR-US: Oracle WebCenter Interaction Portal
-CVE-2018-16976
+CVE-2018-16976 (Gitolite before 3.6.9 does not (in certain configurations involving @a ...)
 	- gitolite3 3.6.9-1 (bug #908699)
 	[stretch] - gitolite3 <no-dsa> (Minor issue)
 	[jessie] - gitolite3 <no-dsa> (Minor issue)
 	- gitolite <removed>
 	NOTE: https://groups.google.com/forum/#!topic/gitolite-announce/WrwDTYdbfRg
 	NOTE: https://github.com/sitaramc/gitolite/commit/dc13dfca8fdae5634bb0865f7e9822d2a268ed59
-CVE-2018-16951
+CVE-2018-16951 (xunfeng 0.2.0 allows command execution via CSRF because masscan.py mis ...)
 	NOT-FOR-US: xunfeng
-CVE-2018-16950
+CVE-2018-16950 (Inteno DG400 WU7U_ELION3.11.6-170614_1328 devices allow remote attacke ...)
 	NOT-FOR-US: Inteno DG400 WU7U_ELION3.11.6-170614_1328 devices
-CVE-2018-16946
+CVE-2018-16946 (LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken ...)
 	NOT-FOR-US: LG smart network camera device
 CVE-2018-16945
 	RESERVED
@@ -10386,29 +10386,29 @@ CVE-2018-16892
 	RESERVED
 CVE-2018-16891
 	RESERVED
-CVE-2018-16890
+CVE-2018-16890 (libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap  ...)
 	{DSA-4386-1 DLA-1672-1}
 	- curl 7.64.0-1
 	NOTE: https://curl.haxx.se/docs/CVE-2018-16890.html
 	NOTE: Fixed by: https://github.com/curl/curl/commit/b780b30d1377adb10bbe774835f49e9b237fb9bb
 	NOTE: Introduced by: https://github.com/curl/curl/commit/86724581b6c02d160b52f817550cfdfc9c93af62
-CVE-2018-16889
+CVE-2018-16889 (Ceph does not properly sanitize encryption keys in debug logging for v ...)
 	- ceph 12.2.11+dfsg1-1 (low; bug #918969)
 	[stretch] - ceph <postponed> (Minor issue)
 	[jessie] - ceph <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1665334
 	NOTE: http://tracker.ceph.com/issues/37847
 	NOTE: https://github.com/ceph/ceph/commit/ba55e2a96c9dfcc7aa2311431beaaa23cb05c30d
-CVE-2018-16888
+CVE-2018-16888 (It was discovered systemd does not correctly check the content of PIDF ...)
 	- systemd 237-1 (low)
 	[stretch] - systemd <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - systemd <no-dsa> (low priority because this is inherently a bug in the PID file logic)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1662867
 	NOTE: Upstream issue: https://github.com/systemd/systemd/issues/6632
 	NOTE: Upstream patches: https://github.com/systemd/systemd/pull/7816
-CVE-2018-16887
+CVE-2018-16887 (A cross-site scripting (XSS) flaw was found in the katello component o ...)
 	NOT-FOR-US: Katello
-CVE-2018-16886
+CVE-2018-16886 (etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerab ...)
 	- etcd 3.2.26+dfsg-1 (bug #923008)
 	NOTE: Introduced by: https://github.com/etcd-io/etcd/commit/0191509637546621d6f2e18e074e955ab8ef374d
 	NOTE: Upstream issue: https://github.com/etcd-io/etcd/pull/10366
@@ -10416,16 +10416,16 @@ CVE-2018-16886
 	NOTE: https://github.com/etcd-io/etcd/commit/a9a9466fb8ba11ad7bb6a44d7446fbd072d59887
 	NOTE: https://github.com/etcd-io/etcd/commit/99704e2a97e8710da942bdc737417fc9c9a2c03f
 	NOTE: https://github.com/etcd-io/etcd/commit/83c051b701d33261eef91a719e4421c81b000ba4
-CVE-2018-16885
+CVE-2018-16885 (A flaw was found in the Linux kernel that allows the userspace to call ...)
 	- linux 3.16.2-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1661503
 	NOTE: https://git.kernel.org/linus/06ebb06d49486676272a3c030bfeef4bd969a8e6
-CVE-2018-16884
+CVE-2018-16884 (A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares ...)
 	- linux 4.19.16-1
 	NOTE: https://patchwork.kernel.org/cover/10733767/
 	NOTE: https://patchwork.kernel.org/patch/10733769/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1660375
-CVE-2018-16883
+CVE-2018-16883 (sssd versions from 1.13.0 to before 2.0.0 did not properly restrict ac ...)
 	- sssd <unfixed> (bug #916824)
 	[stretch] - sssd <no-dsa> (Minor issue)
 	[jessie] - sssd <not-affected> (Issue got introduced with 1.13.0)
@@ -10433,50 +10433,50 @@ CVE-2018-16883
 	NOTE: Fixed in upstream 2.0.0 while refactoring code
 	NOTE: Fixed by https://pagure.io/SSSD/sssd/c/fbe2476a3dd9be83ffa85c29dca26f734618d72d?branch=master
 	NOTE: Fixes for older branches will be provided in January 2019.
-CVE-2018-16882
+CVE-2018-16882 (A use-after-free issue was found in the way the Linux kernel's KVM hyp ...)
 	- linux 4.19.13-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://marc.info/?l=kvm&m=154514994222809&w=2
 	NOTE: Fixed by: https://git.kernel.org/linus/c2dd5146e9fe1f22c77c1b011adf84eea0245806
-CVE-2018-16881
+CVE-2018-16881 (A denial of service vulnerability was found in rsyslog in the imptcp m ...)
 	- rsyslog 8.27.0-2
 	[stretch] - rsyslog <no-dsa> (Minor issue; imptcp not enabled by default)
 	[jessie] - rsyslog <not-affected> (Vulnerable code introduced in 8.13.1)
 	NOTE: Fixed by: https://github.com/rsyslog/rsyslog/commit/0381a0de64a5a048c3d48b79055bd9848d0c7fc2
 	NOTE: Introduced by: https://github.com/rsyslog/rsyslog/commit/6c52f29d593a27f934a1871d40eed84ebde3f3a6
-CVE-2018-16880
+CVE-2018-16880 (A flaw was found in the Linux kernel's handle_rx() function in the [vh ...)
 	- linux 4.19.20-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced in 4.16-rc1)
 	[jessie] - linux <not-affected> (Vulnerable code introduced in 4.16-rc1)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/25/1
-CVE-2018-16879
+CVE-2018-16879 (Ansible Tower before version 3.3.3 does not set a secure channel as it ...)
 	NOT-FOR-US: Ansible Tower
 CVE-2018-16878
 	RESERVED
 CVE-2018-16877
 	RESERVED
-CVE-2018-16876
+CVE-2018-16876 (ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a infor ...)
 	{DSA-4396-1}
 	- ansible 2.7.6+dfsg-1 (bug #916102)
 	[jessie] - ansible <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ansible/ansible/pull/49569
 	NOTE: https://github.com/ansible/ansible/commit/4c6d714aefb05366cb329e139214c89ebb364899
-CVE-2018-16875
+CVE-2018-16875 (The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 d ...)
 	- golang-1.11 1.11.3-1
 	- golang-1.10 1.10.6-1
 	NOTE: https://github.com/golang/go/issues/29233
 	NOTE: https://github.com/golang/go/commit/df523969435b8945d939c7e2a849b50910ef4c25 (1.11.3)
 	NOTE: https://github.com/golang/go/commit/0a4a37f1f0a36e55d8ae5c34210a79499f9f2a9d (1.10.6)
 	TODO: check other versions
-CVE-2018-16874
+CVE-2018-16874 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is  ...)
 	- golang-1.11 1.11.3-1
 	- golang-1.10 1.10.6-1
 	NOTE: https://github.com/golang/go/issues/29231
 	NOTE: https://github.com/golang/go/commit/8954addb3294a5e664a9833354bafa58f163fe8f (1.11.3)
 	NOTE: https://github.com/golang/go/commit/90d609ba6156299642d08afc06d85ab770a03972 (1.10.6)
 	TODO: check other versions
-CVE-2018-16873
+CVE-2018-16873 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is  ...)
 	- golang-1.11 1.11.3-1
 	- golang-1.10 1.10.6-1
 	NOTE: https://github.com/golang/go/issues/29230
@@ -10485,7 +10485,7 @@ CVE-2018-16873
 	NOTE: https://github.com/golang/go/commit/90d609ba6156299642d08afc06d85ab770a03972 (1.10.6)
 	NOTE: https://github.com/golang/go/commit/7ef6ee2c5727f0d11206b4d1866c18e6ab4785be (1.10.6)
 	TODO: check other versions
-CVE-2018-16872
+CVE-2018-16872 (A flaw was found in qemu Media Transfer Protocol (MTP). The code openi ...)
 	{DLA-1694-1}
 	- qemu 1:3.1+dfsg-2 (bug #916397)
 	- qemu-kvm <removed>
@@ -10493,10 +10493,10 @@ CVE-2018-16872
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=bab9df35ce73d1c8e19a37e2737717ea1c984dc1
 CVE-2018-16871
 	RESERVED
-CVE-2018-16870
+CVE-2018-16870 (It was found that wolfssl before 3.15.7 is vulnerable to a new variant ...)
 	- wolfssl <unfixed> (bug #918952)
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/1950
-CVE-2018-16869
+CVE-2018-16869 (A Bleichenbacher type side-channel based padding oracle attack was fou ...)
 	- nettle 3.4.1~rc1-1
 	[stretch] - nettle <no-dsa> (Minor issue)
 	[jessie] - nettle <no-dsa> (Minor issue - https://lists.debian.org/debian-lts/2019/03/msg00021.html)
@@ -10505,7 +10505,7 @@ CVE-2018-16869
 	NOTE: The upstream correction also makes a new public function that packages using
 	NOTE: nettle should use. This means that fixing this CVE is a pre-requisite for
 	NOTE: fixing other CVEs like CVE-2018-16868.
-CVE-2018-16868
+CVE-2018-16868 (A Bleichenbacher type side-channel based padding oracle attack was fou ...)
 	[experimental] - gnutls28 3.6.5-1
 	- gnutls28 3.6.5-2
 	[jessie] - gnutls28 <no-dsa> (Minor issue - https://lists.debian.org/debian-lts/2019/03/msg00021.html)
@@ -10515,7 +10515,7 @@ CVE-2018-16868
 	NOTE: https://gitlab.com/gnutls/gnutls/merge_requests/832
 	NOTE: CVE-2018-16869 must be fixed first and a new build dependency on this new
 	NOTE: nettle version.
-CVE-2018-16867
+CVE-2018-16867 (A flaw was found in qemu Media Transfer Protocol (MTP) before version  ...)
 	- qemu 1:3.1+dfsg-1 (bug #915884)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -10524,7 +10524,7 @@ CVE-2018-16867
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=c52d46e041b42bb1ee6f692e00a0abe37a9659f6 (master)
 	NOTE: vulnerable code introduced in
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=88d5f381ecb2d2828fd77676572ff9a99da699fb
-CVE-2018-16866
+CVE-2018-16866 (An out of bounds read was discovered in systemd-journald in the way it ...)
 	{DSA-4367-1}
 	- systemd 240-1
 	[jessie] - systemd <not-affected> (Vulnerable code not present)
@@ -10533,7 +10533,7 @@ CVE-2018-16866
 	NOTE: Fixed by: https://github.com/systemd/systemd/commit/8595102d3ddde6d25c282f965573a6de34ab4421 (v240) [2/2]
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
 	NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
-CVE-2018-16865
+CVE-2018-16865 (An allocation of memory without limits, that could result in the stack ...)
 	{DSA-4367-1 DLA-1639-1}
 	- systemd 240-4 (bug #918848)
 	NOTE: Intorduced in: https://github.com/systemd/systemd/commit/cf244689e9d1ab50082c9ddd0f3c4d1eb982badc (v38)
@@ -10543,7 +10543,7 @@ CVE-2018-16865
 	NOTE: Fixes for master: https://github.com/systemd/systemd/pull/11374
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
 	NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
-CVE-2018-16864
+CVE-2018-16864 (An allocation of memory without limits, that could result in the stack ...)
 	{DSA-4367-1 DLA-1639-1}
 	- systemd 240-4 (bug #918841)
 	NOTE: Introduced in: https://github.com/systemd/systemd/commit/ae018d9bc900d6355dea4af05119b49c67945184 (v203)
@@ -10552,28 +10552,28 @@ CVE-2018-16864
 	NOTE: Fixes for master: https://github.com/systemd/systemd/pull/11374
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
 	NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
-CVE-2018-16863
+CVE-2018-16863 (It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An  ...)
 	- ghostscript <not-affected> (Red Hat-specific issue)
 	NOTE: Debian updates backported all fixes to released suites
-CVE-2018-16862
+CVE-2018-16862 (A security flaw was found in the Linux kernel in a way that the cleanc ...)
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://lore.kernel.org/patchwork/patch/1011367/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1649017
 	NOTE: Fixed by: https://git.kernel.org/linus/6ff38bd40230af35e446239396e5fc8ebd6a5248
-CVE-2018-16861
+CVE-2018-16861 (A cross-site scripting (XSS) flaw was found in the foreman component o ...)
 	- foreman <itp> (bug #663101)
 CVE-2018-16860
 	RESERVED
-CVE-2018-16859
+CVE-2018-16859 (Execution of Ansible playbooks on Windows platforms with PowerShell Sc ...)
 	- ansible <not-affected> (Only issue when executing Ansible playbooks on Windows platforms)
 CVE-2018-16858 [Remote Code Execution via Macro/Event execution]
 	RESERVED
 	{DSA-4381-1 DLA-1669-1}
 	- libreoffice 1:6.1.3-1
 	NOTE: https://insert-script.blogspot.com/2019/02/libreoffice-cve-2018-16858-remote-code.html
-CVE-2018-16857
+CVE-2018-16857 (Samba from version 4.9.0 and before version 4.9.3 that have AD DC conf ...)
 	- samba 2:4.9.2+dfsg-2
 	[stretch] - samba <not-affected> (Vulnerable code not present)
 	[jessie] - samba <not-affected> (Vulnerable code not present)
@@ -10582,31 +10582,31 @@ CVE-2018-16856 [Private keys written to world-readable log files]
 	RESERVED
 	- octavia <not-affected> (Red Hat-specific, see bug #920769)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1649165
-CVE-2018-16855
+CVE-2018-16855 (An issue has been found in PowerDNS Recursor before version 4.1.8 wher ...)
 	- pdns-recursor 4.1.8-1
 	[stretch] - pdns-recursor <not-affected> (Only affects 4.1.x)
 	[jessie] - pdns-recursor <not-affected> (Only affects 4.1.x)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-09.html
-CVE-2018-16854
+CVE-2018-16854 (A flaw was found in moodle versions 3.5 to 3.5.2, 3.4 to 3.4.5, 3.3 to ...)
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=378731
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183
-CVE-2018-16853
+CVE-2018-16853 (Samba from version 4.7.0 has a vulnerability that allows a user in a S ...)
 	- samba 2:4.9.2+dfsg-2 (unimportant)
 	[stretch] - samba <not-affected> (Vulnerable code not present)
 	[jessie] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16853.html
 	NOTE: Samba in Debian is built with the default Heimdal Kerberos build
-CVE-2018-16852
+CVE-2018-16852 (Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a N ...)
 	- samba 2:4.9.2+dfsg-2
 	[stretch] - samba <not-affected> (Vulnerable code not present)
 	[jessie] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16852.html
-CVE-2018-16851
+CVE-2018-16851 (Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is v ...)
 	{DSA-4345-1 DLA-1607-1}
 	- samba 2:4.9.2+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16851.html
-CVE-2018-16850
+CVE-2018-16850 (postgresql before versions 11.1, 10.6 is vulnerable to a to SQL inject ...)
 	- postgresql-11 11.1-1
 	- postgresql-10 <removed>
 	- postgresql-9.6 <not-affected> (Only affects 11.x and 10.x)
@@ -10614,65 +10614,65 @@ CVE-2018-16850
 	- postgresql-9.1 <not-affected> (Only affects 11.x and 10.x)
 	NOTE: https://www.postgresql.org/about/news/1905/
 	NOTE: Fixed in 11.1, 10.6
-CVE-2018-16849
+CVE-2018-16849 (A flaw was found in openstack-mistral. By manipulating the SSH private ...)
 	- mistral 7.0.0-2 (low; bug #912714)
 	[stretch] - mistral 3.0.0-4+deb9u1
 	NOTE: https://bugs.launchpad.net/mistral/+bug/1783708
 CVE-2018-16848
 	RESERVED
-CVE-2018-16847
+CVE-2018-16847 (An OOB heap buffer r/w access issue was found in the NVM Express Contr ...)
 	- qemu 1:3.1+dfsg-1 (bug #912655)
 	[stretch] - qemu <not-affected> (support for Controller Memory Buffers added later)
 	[jessie] - qemu <not-affected> (support for Controller Memory Buffers added later)
 	- qemu-kvm <not-affected> (support for Controller Memory Buffers added later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg00200.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=87ad860c622cc8f8916b5232bd8728c08f938fce
-CVE-2018-16846
+CVE-2018-16846 (It was found in Ceph versions before 13.2.4 that authenticated ceph RG ...)
 	{DLA-1696-1}
 	- ceph 12.2.11+dfsg1-1 (bug #921947)
 	NOTE: http://tracker.ceph.com/issues/35994
 	NOTE: https://github.com/ceph/ceph/commit/4337e6a7d9f92c8549ebee20d0dd67a01e49857f
 	NOTE: https://github.com/ceph/ceph/commit/ab29bed2fc9f961fe895de1086a8208e21ddaddc
 	NOTE: Backport to 12.2.11: https://tracker.ceph.com/issues/37831
-CVE-2018-16845
+CVE-2018-16845 (nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_ht ...)
 	{DSA-4335-1 DLA-1572-1}
 	- nginx 1.14.1-1 (bug #913090)
 	NOTE: http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html
 	NOTE: https://nginx.org/download/patch.2018.mp4.txt
 	NOTE: http://hg.nginx.org/nginx/rev/fdc19a3289c1
 	NOTE: Fixed in 1.15.6, 1.14.1.
-CVE-2018-16844
+CVE-2018-16844 (nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the imp ...)
 	{DSA-4335-1}
 	- nginx 1.14.1-1 (bug #913090)
 	[jessie] - nginx <not-affected> (HTTP 2.0 support added later)
 	NOTE: http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
 	NOTE: http://hg.nginx.org/nginx/rev/9200b41db765
 	NOTE: Fixed in 1.15.6, 1.14.1.
-CVE-2018-16843
+CVE-2018-16843 (nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the imp ...)
 	{DSA-4335-1}
 	- nginx 1.14.1-1 (bug #913090)
 	[jessie] - nginx <not-affected> (HTTP 2.0 support added later)
 	NOTE: http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
 	NOTE: http://hg.nginx.org/nginx/rev/d4448892a294
 	NOTE: Fixed in 1.15.6, 1.14.1.
-CVE-2018-16842
+CVE-2018-16842 (Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buf ...)
 	{DSA-4331-1 DLA-1568-1}
 	- curl 7.62.0-1
 	NOTE: https://curl.haxx.se/docs/CVE-2018-16842.html
 	NOTE: Fixed by: https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211
-CVE-2018-16841
+CVE-2018-16841 (Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 a ...)
 	{DSA-4345-1}
 	- samba 2:4.9.2+dfsg-2
 	[jessie] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16841.html
-CVE-2018-16840
+CVE-2018-16840 (A heap use-after-free flaw was found in curl versions from 7.59.0 thro ...)
 	- curl 7.62.0-1
 	[stretch] - curl <not-affected> (Use-after-free issue introduced later)
 	[jessie] - curl <not-affected> (Use-after-free issue introduced later)
 	NOTE: https://curl.haxx.se/docs/CVE-2018-16840.html
 	NOTE: Fixed by: https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f
 	NOTE: Introduced by: https://github.com/curl/curl/commit/b46cfbc068ebe90f18e9777b9e877e4934c1b5e3
-CVE-2018-16839
+CVE-2018-16839 (Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun ...)
 	{DSA-4331-1 DLA-1568-1}
 	- curl 7.62.0-1
 	NOTE: https://curl.haxx.se/docs/CVE-2018-16839.html
@@ -10686,62 +10686,62 @@ CVE-2018-16838 [improper implementation of GPOs due to too restrictive permissio
 	NOTE: seems to presuppose configuration mistake: if sssd is not given enough permissions
 	NOTE: to read GPO, access is systematically granted instead of denied
 	TODO: check, Bugzilla entry does not provide details
-CVE-2018-16837
+CVE-2018-16837 (Ansible "User" module leaks any data which is passed on as a parameter ...)
 	{DSA-4396-1 DLA-1576-1}
 	- ansible 2.7.1+dfsg-1 (bug #912297)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1640642
 	NOTE: https://github.com/ansible/ansible/pull/47436
-CVE-2018-16836
+CVE-2018-16836 (Rubedo through 3.4.0 contains a Directory Traversal vulnerability in t ...)
 	NOT-FOR-US: Rubedo CMS
 CVE-2018-16835
 	RESERVED
 CVE-2018-16834
 	RESERVED
-CVE-2018-16833
+CVE-2018-16833 (Zoho ManageEngine Desktop Central 10.0.271 has XSS via the "Features & ...)
 	NOT-FOR-US: Zoho
-CVE-2018-16832
+CVE-2018-16832 (CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an attacker to ...)
 	NOT-FOR-US: xunfeng
-CVE-2018-16949
+CVE-2018-16949 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8. ...)
 	{DSA-4302-1 DLA-1513-1}
 	- openafs 1.8.2-1 (bug #908616)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-003.txt
-CVE-2018-16948
+CVE-2018-16948 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8. ...)
 	{DSA-4302-1 DLA-1513-1}
 	- openafs 1.8.2-1 (bug #908616)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-002.txt
-CVE-2018-16947
+CVE-2018-16947 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8. ...)
 	{DSA-4302-1 DLA-1513-1}
 	- openafs 1.8.2-1 (bug #908616)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-001.txt
-CVE-2018-17458
+CVE-2018-17458 (An improper update of the WebAssembly dispatch table in WebAssembly in ...)
 	{DSA-4297-1}
 	- chromium-browser 69.0.3497.92-1 (bug #908806)
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-17459
+CVE-2018-17459 (Incorrect handling of clicks in the omnibox in Navigation in Google Ch ...)
 	{DSA-4297-1}
 	- chromium-browser 69.0.3497.92-1 (bug #908806)
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-1002009
+CVE-2018-1002009 (There is a reflected XSS vulnerability in WordPress Arigato Autorespon ...)
 	NOTE: Wordpress plugin
-CVE-2018-1002008
+CVE-2018-1002008 (There is a reflected XSS vulnerability in WordPress Arigato Autorespon ...)
 	NOTE: Wordpress plugin
-CVE-2018-1002007
+CVE-2018-1002007 (There is a reflected XSS vulnerability in WordPress Arigato Autorespon ...)
 	NOTE: Wordpress plugin
-CVE-2018-1002006
+CVE-2018-1002006 (These vulnerabilities require administrative privileges to exploit. Th ...)
 	NOTE: Wordpress plugin
-CVE-2018-1002005
+CVE-2018-1002005 (These vulnerabilities require administrative privileges to exploit. Th ...)
 	NOTE: Wordpress plugin
-CVE-2018-1002004
+CVE-2018-1002004 (There is a reflected XSS vulnerability in WordPress Arigato Autorespon ...)
 	NOTE: Wordpress plugin
-CVE-2018-1002003
+CVE-2018-1002003 (There is a reflected XSS vulnerability in WordPress Arigato Autorespon ...)
 	NOTE: Wordpress plugin
-CVE-2018-1002002
+CVE-2018-1002002 (There is a reflected XSS vulnerability in WordPress Arigato Autorespon ...)
 	NOTE: Wordpress plugin
-CVE-2018-1002001
+CVE-2018-1002001 (There is a reflected XSS vulnerability in WordPress Arigato Autorespon ...)
 	NOTE: Wordpress plugin
-CVE-2018-1002000
+CVE-2018-1002000 (There is blind SQL injection in WordPress Arigato Autoresponder and Ne ...)
 	NOTE: Wordpress plugin
-CVE-2018-16831
+CVE-2018-16831 (Smarty before 3.1.33-dev-4 allows attackers to bypass the trusted_dir  ...)
 	- smarty3 3.1.33+20180830.1.3a78a21f+selfpack1-1 (bug #908698)
 	[jessie] - smarty3 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/smarty-php/smarty/issues/486
@@ -10763,13 +10763,13 @@ CVE-2018-16824
 	RESERVED
 CVE-2018-16823
 	RESERVED
-CVE-2018-16822
+CVE-2018-16822 (SeaCMS 6.64 allows SQL Injection via the upload/admin/admin_video.php  ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-16821
+CVE-2018-16821 (SeaCMS 6.64 allows arbitrary directory listing via upload/admin/admin_ ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-16820
+CVE-2018-16820 (admin/index.php in Monstra CMS 3.0.4 allows arbitrary directory listin ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-16819
+CVE-2018-16819 (admin/index.php in Monstra CMS 3.0.4 allows arbitrary file deletion vi ...)
 	NOT-FOR-US: Monstra CMS
 CVE-2018-16818
 	RESERVED
@@ -10789,23 +10789,23 @@ CVE-2018-16811
 	RESERVED
 CVE-2018-16810
 	RESERVED
-CVE-2018-16809
+CVE-2018-16809 (An issue was discovered in Dolibarr through 7.0.0. expensereport/card. ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/9449
-CVE-2018-16808
+CVE-2018-16808 (An issue was discovered in Dolibarr through 7.0.0. There is Stored XSS ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/issues/9449
-CVE-2018-16807
+CVE-2018-16807 (In Bro through 2.5.5, there is a memory leak potentially leading to Do ...)
 	- bro <unfixed> (low; bug #908614)
 	[stretch] - bro <no-dsa> (Minor issue)
 	NOTE: https://github.com/bro/bro/commit/34d0cf886ca16c665f673a299e295b2a2bc14533
-CVE-2018-16806
+CVE-2018-16806 (A Pektron Passive Keyless Entry and Start (PKES) system, as used on th ...)
 	NOT-FOR-US: Tesla
-CVE-2018-16805
+CVE-2018-16805 (In b3log Solo 2.9.3, XSS in the Input page under the Publish Articles  ...)
 	NOT-FOR-US: b3log
-CVE-2018-16804
+CVE-2018-16804 (An issue was discovered in UCMS 1.4.6. There is XSS in the title bar,  ...)
 	NOT-FOR-US: UCMS
-CVE-2018-16803
+CVE-2018-16803 (In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows  ...)
 	NOT-FOR-US: CIMTechniques CIMScan
 CVE-2018-16801
 	RESERVED
@@ -10815,34 +10815,34 @@ CVE-2018-16799
 	RESERVED
 CVE-2018-16798
 	RESERVED
-CVE-2018-16797
+CVE-2018-16797 (A heap-based buffer overflow in PotPlayerMini.exe in PotPlayer 1.7.855 ...)
 	NOT-FOR-US: PotPlayer
-CVE-2018-16796
+CVE-2018-16796 (HiScout GRC Suite before 3.1.5 allows Unrestricted Upload of Files wit ...)
 	NOT-FOR-US: HiScout GRC Suite
 CVE-2018-16795
 	RESERVED
-CVE-2018-16794
+CVE-2018-16794 (Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory  ...)
 	NOT-FOR-US: Microsoft ADFS 4.0 Windows Server
-CVE-2018-16793
+CVE-2018-16793 (Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions ...)
 	NOT-FOR-US: Rollup 18 for Microsoft Exchange Server
-CVE-2018-16802
+CVE-2018-16802 (An issue was discovered in Artifex Ghostscript before 9.25. Incorrect  ...)
 	{DSA-4294-1 DLA-1504-1}
 	[experimental] - ghostscript 9.25~dfsg-1~exp1
 	- ghostscript 9.25~dfsg-1
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3e5d316b72e3965b7968bb1d96baa137cd063ac6
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=643b24dbd002fb9c131313253c307cf3951b3d47
 	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5812b1b78fc4d36fdc293b7859de69241140d590
-CVE-2018-16792
+CVE-2018-16792 (SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via ...)
 	NOT-FOR-US: SolarWinds SFTP/SCP server
-CVE-2018-16791
+CVE-2018-16791 (In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration fi ...)
 	NOT-FOR-US: SolarWinds SFTP/SCP server
-CVE-2018-16790
+CVE-2018-16790 (_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in  ...)
 	- libbson <unfixed> (bug #913896)
 	[stretch] - libbson <no-dsa> (Minor issue)
 	- mongo-c-driver 1.13.0-1 (bug #913963)
 	NOTE: https://jira.mongodb.org/browse/CDRIVER-2819
 	NOTE: https://github.com/mongodb/mongo-c-driver/commit/0d9a4d98bfdf4acd2c0138d4aaeb4e2e0934bd84
-CVE-2018-16789 [infinite loop due to malformed request payload]
+CVE-2018-16789 (libhttp/url.c in shellinabox through 2.20 has an implementation flaw i ...)
 	- shellinabox 2.21 (low)
 	[stretch] - shellinabox <no-dsa> (Minor issue)
 	[jessie] - shellinabox <no-dsa> (Minor issue)
@@ -10851,63 +10851,63 @@ CVE-2018-16788
 	RESERVED
 CVE-2018-16787
 	RESERVED
-CVE-2018-16786
+CVE-2018-16786 (DedeCMS 5.7 SP2 allows XSS via an onhashchange attribute in the msg pa ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-16785
+CVE-2018-16785 (XML injection vulnerability exists in the file of DedeCMS V5.7 SP2 ver ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-16784
+CVE-2018-16784 (DedeCMS 5.7 SP2 allows XML injection, and resultant remote code execut ...)
 	NOT-FOR-US: DedeCMS
 CVE-2018-16783
 	RESERVED
-CVE-2018-16782
+CVE-2018-16782 (libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2018-16781
+CVE-2018-16781 (ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to caus ...)
 	NOT-FOR-US: Some Windows picture viewer using ffmpeg incorrectly
-CVE-2018-16780
+CVE-2018-16780 (Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment. ...)
 	NOT-FOR-US: Complete Responsive CMS Blog
-CVE-2018-16779
+CVE-2018-16779 (BlogCMS through 2016-10-25 has XSS via a comment. ...)
 	NOT-FOR-US: BlogCMS
-CVE-2018-16778
+CVE-2018-16778 (Cross-site scripting (XSS) vulnerability in Jenzabar v8.2.1 through 9. ...)
 	NOT-FOR-US: Jenzabar
 CVE-2018-16777
 	RESERVED
-CVE-2018-16776
+CVE-2018-16776 (wityCMS 0.6.2 has XSS via the "Site Name" field found in the "Contact" ...)
 	NOT-FOR-US: wityCMS
-CVE-2018-16775
+CVE-2018-16775 (An issue was discovered in Victor CMS through 2018-05-10. There is XSS ...)
 	NOT-FOR-US: Victor CMS
-CVE-2018-16774
+CVE-2018-16774 (HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file par ...)
 	NOT-FOR-US: HongCMS
-CVE-2018-16773
+CVE-2018-16773 (EasyCMS 1.5 allows XSS via the index.php?s=/admin/fields/update/navTab ...)
 	NOT-FOR-US: EasyCMS
-CVE-2018-16772
+CVE-2018-16772 (Hoosk v1.7.0 allows XSS via the Navigation Title of a new page entered ...)
 	NOT-FOR-US: Hoosk
-CVE-2018-16771
+CVE-2018-16771 (Hoosk v1.7.0 allows PHP code execution via a SiteUrl that is provided  ...)
 	NOT-FOR-US: Hoosk
-CVE-2018-16770
+CVE-2018-16770 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Vir ...)
 	NOT-FOR-US: WAVM
-CVE-2018-16769
+CVE-2018-16769 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Vir ...)
 	NOT-FOR-US: WAVM
-CVE-2018-16768
+CVE-2018-16768 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Vir ...)
 	NOT-FOR-US: WAVM
-CVE-2018-16767
+CVE-2018-16767 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Vir ...)
 	NOT-FOR-US: WAVM
-CVE-2018-16766
+CVE-2018-16766 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Vir ...)
 	NOT-FOR-US: WAVM
-CVE-2018-16765
+CVE-2018-16765 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Vir ...)
 	NOT-FOR-US: WAVM
-CVE-2018-16764
+CVE-2018-16764 (In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Vir ...)
 	NOT-FOR-US: WAVM
-CVE-2018-16763
+CVE-2018-16763 (FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter ...)
 	NOT-FOR-US: FUEL CMS
-CVE-2018-16762
+CVE-2018-16762 (FUEL CMS 1.4.1 allows SQL Injection via the layout, published, or sear ...)
 	NOT-FOR-US: FUEL CMS
-CVE-2018-16761
+CVE-2018-16761 (Eventum before 3.4.0 has an open redirect vulnerability. ...)
 	NOT-FOR-US: Eventum
 CVE-2018-16760
 	RESERVED
-CVE-2018-16759
+CVE-2018-16759 (The removeXSS function in App/Common/common.php (called from App/Modul ...)
 	NOT-FOR-US: EasyCMS
-CVE-2018-16758
+CVE-2018-16758 (Missing message authentication in the meta-protocol in Tinc VPN versio ...)
 	{DSA-4312-1 DLA-1538-1}
 	- tinc 1.0.35-1
 	NOTE: http://www.tinc-vpn.org/git/browse?p=tinc;a=commit;h=e97943b7cc9c851ae36f5a41e2b6102faa74193f
@@ -10921,16 +10921,16 @@ CVE-2018-16754
 	RESERVED
 CVE-2018-16753
 	RESERVED
-CVE-2018-16752
+CVE-2018-16752 (LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code ...)
 	NOT-FOR-US: LINK-NET LW-N605R devices
 CVE-2018-16751
 	RESERVED
-CVE-2018-16750
+CVE-2018-16750 (In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfr ...)
 	- imagemagick 8:6.9.10.2+dfsg-2 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1118
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/33d1b9590c401d4aee666ffd10b16868a38cf705
 	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/359331c61193138ce2b85331df25235b81499cfc
-CVE-2018-16749
+CVE-2018-16749 (In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJN ...)
 	{DLA-1530-1}
 	- imagemagick 8:6.9.10.2+dfsg-2 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -10942,29 +10942,29 @@ CVE-2018-16747
 	RESERVED
 CVE-2018-16746
 	RESERVED
-CVE-2018-16745
+CVE-2018-16745 (An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() i ...)
 	- mgetty 1.2.1-1
 	[stretch] - mgetty <no-dsa> (Minor issue)
 	[jessie] - mgetty <no-dsa> (Minor issue)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
 	NOTE: Upstream commit: 750939dfcaea9aa93dcea99526c49da7cafafe7f (1.2.1)
-CVE-2018-16744
+CVE-2018-16744 (An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() i ...)
 	- mgetty 1.2.1-1
 	[stretch] - mgetty <no-dsa> (Minor issue)
 	[jessie] - mgetty <no-dsa> (Minor issue)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
 	NOTE: Upstream commit: 750939dfcaea9aa93dcea99526c49da7cafafe7f (1.2.1)
-CVE-2018-16743
+CVE-2018-16743 (An issue was discovered in mgetty before 1.2.1. In contrib/next-login/ ...)
 	- mgetty 1.2.1-1 (unimportant)
 	NOTE: contrib/next-login/ not built in Debian packaging
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
 	NOTE: Upstream commit: 5feff135626b8dde886213ce0c99cc4349028a7e (1.2.1)
-CVE-2018-16742
+CVE-2018-16742 (An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a  ...)
 	- mgetty 1.2.1-1 (unimportant)
 	NOTE: contrib/scrts not built in Debian packaging
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
 	NOTE: Upstream removed contrib/scrts in 7d018d471f4c737f77ef281f5859a3b1c9ded42f (1.2.1)
-CVE-2018-16741
+CVE-2018-16741 (An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c,  ...)
 	{DSA-4291-1 DLA-1502-1}
 	- mgetty 1.2.1-1 (bug #910448)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
@@ -10973,42 +10973,42 @@ CVE-2018-16740
 	RESERVED
 CVE-2018-16739
 	RESERVED
-CVE-2018-16738
+CVE-2018-16738 (tinc 1.0.30 through 1.0.34 has a broken authentication protocol, altho ...)
 	{DSA-4312-1}
 	- tinc 1.0.35-1
 	[jessie] - tinc <not-affected> (Only affects 1.0.30 to 1.0.34)
 	NOTE: http://www.tinc-vpn.org/git/browse?p=tinc;a=commit;h=d3297fbd3b8c8c8a4661f5bbf89aca5cacba8b5a
 	NOTE: This CVE is specific for tinc versions which did had mitigations put
 	NOTE: in place for the Sweet32 attack in tinc 1.0.30.
-CVE-2018-16737
+CVE-2018-16737 (tinc before 1.0.30 has a broken authentication protocol, without even  ...)
 	{DLA-1538-1}
 	- tinc 1.0.31-1
 	NOTE: http://www.tinc-vpn.org/git/browse?p=tinc;a=commit;h=d3297fbd3b8c8c8a4661f5bbf89aca5cacba8b5a
-CVE-2018-16736
+CVE-2018-16736 (In the rcfilters plugin 2.1.6 for Roundcube, XSS exists via the _whatf ...)
 	NOT-FOR-US: rcfilters plugin for Roundcube
 CVE-2018-16735
 	RESERVED
 CVE-2018-16734
 	RESERVED
-CVE-2018-16733
+CVE-2018-16733 (In Go Ethereum (aka geth) before 1.8.14, TraceChain in eth/api_tracer. ...)
 	NOT-FOR-US: Go Ethereum
-CVE-2018-16732
+CVE-2018-16732 (\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via adm ...)
 	NOT-FOR-US: CScms
-CVE-2018-16731
+CVE-2018-16731 (CScms 4.1 allows arbitrary file upload by (for example) adding the php ...)
 	NOT-FOR-US: CScms
-CVE-2018-16730
+CVE-2018-16730 (\upload\plugins\sys\Install.php in CScms 4.1 has XSS via the site name ...)
 	NOT-FOR-US: CScms
-CVE-2018-16729
+CVE-2018-16729 (Pluck 4.7.7 allows XSS via an SVG file that contains Javascript in a S ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2018-16728
+CVE-2018-16728 (feindura 2.0.7 allows XSS via the tags field of a new page created at  ...)
 	NOT-FOR-US: feindura
-CVE-2018-16727
+CVE-2018-16727 (razorCMS 3.4.7 allows Stored XSS via the keywords of the homepage with ...)
 	NOT-FOR-US: razorCMS
-CVE-2018-16726
+CVE-2018-16726 (razorCMS 3.4.7 allows HTML injection via the description of the homepa ...)
 	NOT-FOR-US: razorCMS
-CVE-2018-16725
+CVE-2018-16725 (An issue is discovered in baijiacms V4. XSS exists via the assets/ween ...)
 	NOT-FOR-US: baijiacms
-CVE-2018-16724
+CVE-2018-16724 (An issue is discovered in baijiacms V4. Blind SQL Injection exists via ...)
 	NOT-FOR-US: baijiacms
 CVE-2018-16723
 	RESERVED
@@ -11026,32 +11026,32 @@ CVE-2018-16717
 	RESERVED
 CVE-2018-16716
 	RESERVED
-CVE-2018-16715
+CVE-2018-16715 (An issue was discovered in Absolute Software CTES Windows Agent throug ...)
 	NOT-FOR-US: Absolute Software CTES Windows Agent
 CVE-2018-16714
 	RESERVED
-CVE-2018-16713
+CVE-2018-16713 (IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Mon ...)
 	NOT-FOR-US: IObit Advanced SystemCare
-CVE-2018-16712
+CVE-2018-16712 (IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Mon ...)
 	NOT-FOR-US: IObit Advanced SystemCare
-CVE-2018-16711
+CVE-2018-16711 (IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Mon ...)
 	NOT-FOR-US: IObit Advanced SystemCare
-CVE-2018-16710
+CVE-2018-16710 (** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to obta ...)
 	- octoprint <itp> (bug #718591)
 	NOTE: https://github.com/foosel/OctoPrint/issues/2814
-CVE-2018-16709
+CVE-2018-16709 (Fuji Xerox DocuCentre-V 3065, ApeosPort-VI C3371, ApeosPort-V C4475, A ...)
 	NOT-FOR-US: Fuji Xerox devices
 CVE-2018-16708
 	RESERVED
 CVE-2018-16707
 	RESERVED
-CVE-2018-16706
+CVE-2018-16706 (LG SuperSign CMS allows TVs to be rebooted remotely without authentica ...)
 	NOT-FOR-US: LG SuperSign CMS
-CVE-2018-16705
+CVE-2018-16705 (FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the  ...)
 	NOT-FOR-US: FURUNO FELCOM 250 and 500 devices
-CVE-2018-16704
+CVE-2018-16704 (An issue was discovered in Gleez CMS v1.2.0. Because of an Insecure Di ...)
 	NOT-FOR-US: Gleez CMS
-CVE-2018-16703
+CVE-2018-16703 (A vulnerability in the Gleez CMS 1.2.0 login page could allow an unaut ...)
 	NOT-FOR-US: Gleez CMS
 CVE-2018-16702
 	RESERVED
@@ -11113,25 +11113,25 @@ CVE-2018-16674
 	RESERVED
 CVE-2018-16673
 	RESERVED
-CVE-2018-16672
+CVE-2018-16672 (An issue was discovered in CIRCONTROL CirCarLife before 4.3. Due to th ...)
 	NOT-FOR-US: CIRCONTROL CirCarLife
-CVE-2018-16671
+CVE-2018-16671 (An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is  ...)
 	NOT-FOR-US: CIRCONTROL CirCarLife
-CVE-2018-16670
+CVE-2018-16670 (An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is  ...)
 	NOT-FOR-US: CIRCONTROL CirCarLife
-CVE-2018-16669
+CVE-2018-16669 (An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP ...)
 	NOT-FOR-US: CIRCONTROL Open Charge Point Protocol
-CVE-2018-16668
+CVE-2018-16668 (An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is  ...)
 	NOT-FOR-US: CIRCONTROL CirCarLife
-CVE-2018-16667
+CVE-2018-16667 (An issue was discovered in Contiki-NG through 4.1. There is a buffer o ...)
 	NOT-FOR-US:  Contiki Operating System
-CVE-2018-16666
+CVE-2018-16666 (An issue was discovered in Contiki-NG through 4.1. There is a stack-ba ...)
 	NOT-FOR-US:  Contiki Operating System
-CVE-2018-16665
+CVE-2018-16665 (An issue was discovered in Contiki-NG through 4.1. There is a buffer o ...)
 	NOT-FOR-US:  Contiki Operating System
-CVE-2018-16664
+CVE-2018-16664 (An issue was discovered in Contiki-NG through 4.1. There is a buffer o ...)
 	NOT-FOR-US:  Contiki Operating System
-CVE-2018-16663
+CVE-2018-16663 (An issue was discovered in Contiki-NG through 4.1. There is a stack-ba ...)
 	NOT-FOR-US:  Contiki Operating System
 CVE-2018-16662
 	RESERVED
@@ -11139,46 +11139,46 @@ CVE-2018-16661
 	RESERVED
 CVE-2018-16660
 	RESERVED
-CVE-2018-16659
+CVE-2018-16659 (An issue was discovered in Rausoft ID.prove 2.95. The login page allow ...)
 	NOT-FOR-US: Rausoft ID.prove
-CVE-2018-16657
+CVE-2018-16657 (In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message ...)
 	{DSA-4292-1 DLA-1503-1}
 	- kamailio 5.1.4-1 (bug #908324)
 	NOTE: https://skalatan.de/blog/advisory-hw-2018-06
 	NOTE: https://github.com/kamailio/kamailio/commit/ad68e402ece8089f133c10de6ce319f9e28c0692 (master)
 	NOTE: https://github.com/kamailio/kamailio/commit/d67b2f9874ca23bd69f18df71b8f53b1b6151f6d (5.1)
 	NOTE: https://github.com/kamailio/kamailio/commit/f07dabffef98c7088cdbc2bd695a4ae7a241b159 (5.0)
-CVE-2018-16658
+CVE-2018-16658 (An issue was discovered in the Linux kernel before 4.18.6. An informat ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/8f3fafc9c2f0ece10832c25f7ffcb07c97a32ad4 (4.19-rc2)
 CVE-2018-16656
 	RESERVED
-CVE-2018-16655
+CVE-2018-16655 (Gxlcms 1.0 has XSS via the PATH_INFO to gx/lib/ThinkPHP/Tpl/ThinkExcep ...)
 	NOT-FOR-US: Gxlcms
-CVE-2018-16654
+CVE-2018-16654 (Zurmo 3.2.4 Stable allows XSS via app/index.php/accounts/default/detai ...)
 	NOT-FOR-US: Zurmo
-CVE-2018-16653
+CVE-2018-16653 (rejucms 2.1 has XSS via the ucenter/cms_user_add.php u_name parameter. ...)
 	NOT-FOR-US: rejucms
 CVE-2018-16652
 	RESERVED
-CVE-2018-16651
+CVE-2018-16651 (The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in re ...)
 	NOT-FOR-US: phpMyFAQ
-CVE-2018-16650
+CVE-2018-16650 (phpMyFAQ before 2.9.11 allows CSRF. ...)
 	NOT-FOR-US: phpMyFAQ
 CVE-2018-16649
 	RESERVED
-CVE-2018-16648
+CVE-2018-16648 (In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c  ...)
 	- mupdf 1.14.0+ds1-4 (bug #924351)
 	[jessie] - mupdf <ignored> (Minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699685
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?38f883fe129a5e89306252a4676eaaf4bc968824
-CVE-2018-16647
+CVE-2018-16647 (In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xr ...)
 	- mupdf 1.14.0+ds1-4 (bug #924351)
 	[jessie] - mupdf <ignored> (Minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699686
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?351c99d8ce23bbf7099dbd52771a095f67e45a2c
-CVE-2018-16646
+CVE-2018-16646 (In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may caus ...)
 	{DLA-1562-3 DLA-1562-2 DLA-1562-1}
 	- poppler <unfixed> (low; bug #909802)
 	[stretch] - poppler <no-dsa> (Minor issue)
@@ -11187,12 +11187,12 @@ CVE-2018-16646
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/3d35d209c19c1d3b09b794a0c863ba5de44a9c0a
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/89fccf45fc5bfca3756102e6bec1950ec1d436a9 (regression fix)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/08572e1bdca03baed694dd9828bb2b878865e669 (regression fix)
-CVE-2018-16645
+CVE-2018-16645 (There is an excessive memory allocation issue in the functions ReadBMP ...)
 	{DSA-4316-1 DLA-1530-1}
 	- imagemagick 8:6.9.10.14+dfsg-1 (bug #910889)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ecb31dbad39ccdc65868d5d2a37f0f0521250832
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1268
-CVE-2018-16644
+CVE-2018-16644 (There is a missing check for length in the functions ReadDCMImage of c ...)
 	{DSA-4316-1 DLA-1530-1}
 	- imagemagick 8:6.9.10.14+dfsg-1 (bug #910888)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/16916c8979c32765c542e216b31cee2671b7afe7
@@ -11200,53 +11200,53 @@ CVE-2018-16644
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/00ef0f1bbf9eb1efdf0f38f51c72ecb26cc9a306
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/01ca29604515fa4ddf3180870827df5c8ec93ada
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1269
-CVE-2018-16643
+CVE-2018-16643 (The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp ...)
 	{DLA-1530-1}
 	- imagemagick 8:6.9.10.8+dfsg-1 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6b6bff054d569a77973f2140c0e86366e6168a6c
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/11d9dac3d991c62289d1ef7a097670166480e76c
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1199
-CVE-2018-16642
+CVE-2018-16642 (The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows  ...)
 	{DSA-4316-1 DLA-1530-1}
 	- imagemagick 8:6.9.10.2+dfsg-2
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cc4ac341f29fa368da6ef01c207deaf8c61f6a2e
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/97bb5dc5aad1584557057d5062601aa151bf9a13
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1162
-CVE-2018-16641
+CVE-2018-16641 (ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePh ...)
 	- imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/256825d4eb33dc301496710d15cf5a7ae924088b
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1206
-CVE-2018-16640
+CVE-2018-16640 (ImageMagick 7.0.8-5 has a memory leak vulnerability in the function Re ...)
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/76efa969342568841ecf320b5a041685a6d24e0b
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/3449a06f0122d4d9e68b4739417a3eaad0b24265
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1201
 CVE-2018-16639
 	RESERVED
-CVE-2018-16638
+CVE-2018-16638 (Evolution CMS 1.4.x allows XSS via the manager/ search parameter. ...)
 	NOT-FOR-US: Evolution CMS
-CVE-2018-16637
+CVE-2018-16637 (Evolution CMS 1.4.x allows XSS via the page weblink title parameter to ...)
 	NOT-FOR-US: Evolution CMS
-CVE-2018-16636
+CVE-2018-16636 (Nucleus CMS 3.70 allows HTML Injection via the index.php body paramete ...)
 	NOT-FOR-US: Nucleus CMS
-CVE-2018-16635
+CVE-2018-16635 (Blackcat CMS 1.3.2 allows XSS via the willkommen.php?lang=DE page titl ...)
 	NOT-FOR-US: Blackcat CMS
-CVE-2018-16634
+CVE-2018-16634 (Pluck v4.7.7 allows CSRF via admin.php?action=settings. ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2018-16633
+CVE-2018-16633 (Pluck v4.7.7 allows XSS via the admin.php?action=editpage&amp;page= pa ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2018-16632
+CVE-2018-16632 (Mezzanine CMS v4.3.1 allows XSS via the /admin/blog/blogcategory/add/? ...)
 	NOT-FOR-US: Mezzanine CMS
-CVE-2018-16631
+CVE-2018-16631 (Subrion CMS v4.2.1 allows XSS via the panel/configuration/general/ SIT ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2018-16630
+CVE-2018-16630 (Kirby v2.5.12 allows XSS by using the "site files" Add option to uploa ...)
 	NOT-FOR-US: Kirby
-CVE-2018-16629
+CVE-2018-16629 (panel/uploads/#elf_l1_XA in Subrion CMS v4.2.1 allows XSS via an SVG f ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2018-16628
+CVE-2018-16628 (panel/login in Kirby v2.5.12 allows XSS via a blog name. ...)
 	NOT-FOR-US: Kirby
-CVE-2018-16627
+CVE-2018-16627 (panel/login in Kirby v2.5.12 allows Host header injection via the "for ...)
 	NOT-FOR-US: Kirby
 CVE-2018-16626
 	RESERVED
@@ -11256,20 +11256,20 @@ CVE-2018-16624
 	RESERVED
 CVE-2018-16623
 	RESERVED
-CVE-2018-16622
+CVE-2018-16622 (Multiple cross-site scripting (XSS) vulnerabilities in /api/content/ad ...)
 	NOT-FOR-US: DoraCMS
-CVE-2018-16621
+CVE-2018-16621 (Sonatype Nexus Repository Manager before 3.14 allows Java Expression L ...)
 	NOT-FOR-US: Sonatype Nexus Repository Manager
-CVE-2018-16620
+CVE-2018-16620 (Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Con ...)
 	NOT-FOR-US: Sonatype Nexus Repository Manager
-CVE-2018-16619
+CVE-2018-16619 (Sonatype Nexus Repository Manager before 3.14 allows XSS. ...)
 	NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2018-16618
 	RESERVED
-CVE-2018-1000670
+CVE-2018-1000670 (KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (u ...)
 	- koha <itp> (bug #702134)
 	NOTE: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19086
-CVE-2018-1000669
+CVE-2018-1000669 (KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (u ...)
 	- koha <itp> (bug #702134)
 	NOTE: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19117
 CVE-2018-16617
@@ -11290,34 +11290,34 @@ CVE-2018-16610
 	RESERVED
 CVE-2018-16609
 	RESERVED
-CVE-2018-16608
+CVE-2018-16608 (In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can change  ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-16607
+CVE-2018-16607 (Cross-site scripting (XSS) vulnerability in the Orgs Page in Open-AudI ...)
 	NOT-FOR-US: Orgs Page in Open-AudIT Professional
-CVE-2018-16606
+CVE-2018-16606 (In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) allo ...)
 	NOT-FOR-US: ProConf
-CVE-2018-16605
+CVE-2018-16605 (D-Link DIR-600M devices allow XSS via the Hostname and Username fields ...)
 	NOT-FOR-US: D-Link DIR-600M devices
-CVE-2018-16604
+CVE-2018-16604 (An issue was discovered in Nibbleblog v4.0.5. With an admin's username ...)
 	NOT-FOR-US: Nibbleblog
-CVE-2018-16603
+CVE-2018-16603 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through  ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16602
+CVE-2018-16602 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through  ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16601
+CVE-2018-16601 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through  ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16600
+CVE-2018-16600 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through  ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16599
+CVE-2018-16599 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through  ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16598
+CVE-2018-16598 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through  ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16597
+CVE-2018-16597 (An issue was discovered in the Linux kernel through 4.18.6. Incorrect  ...)
 	- linux 4.8.5-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1106512
 	NOTE: https://git.kernel.org/linus/c0ca3d70e8d3cf81e2255a217f7ca402f5ed0862
-CVE-2018-16596
+CVE-2018-16596 (A stack-based buffer overflow in the LAN UPnP service running on UDP p ...)
 	NOT-FOR-US: Swisscom
 CVE-2018-16595
 	RESERVED
@@ -11327,24 +11327,24 @@ CVE-2018-16593
 	RESERVED
 CVE-2018-16592
 	RESERVED
-CVE-2018-16591
+CVE-2018-16591 (FURUNO FELCOM 250 and 500 devices allow unauthenticated users to chang ...)
 	NOT-FOR-US: FURUNO FELCOM 250 and 500 devices
-CVE-2018-16590
+CVE-2018-16590 (FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in l ...)
 	NOT-FOR-US: FURUNO FELCOM
 CVE-2018-16589
 	RESERVED
-CVE-2018-16588
+CVE-2018-16588 (Privilege escalation can occur in the SUSE useradd.c code in useradd,  ...)
 	- shadow <not-affected> (SuSE-specific patch)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1106914
 	NOTE: The SUSE specific patch was a first iteration of https://github.com/shadow-maint/shadow/pull/2
-CVE-2018-16587
+CVE-2018-16587 (In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before ...)
 	{DSA-4317-1 DLA-1521-1}
 	- otrs2 6.0.11-1
 	NOTE: https://community.otrs.com/security-advisory-2018-04-security-update-for-otrs-framework/
 	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/a4a1a01f84fac7ab032570ee50b660e2ebb15c01
 	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/d9db0c6a15caafda7689320ecf61777993c33711
 	NOTE: OTRS 4: https://github.com/OTRS/otrs/commit/d8cae00b0f78c2a07bb10cedb817304139395843
-CVE-2018-16586
+CVE-2018-16586 (In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before ...)
 	{DSA-4317-1 DLA-1521-1}
 	- otrs2 6.0.11-1
 	NOTE: https://community.otrs.com/security-advisory-2018-05-security-update-for-otrs-framework/
@@ -11405,66 +11405,66 @@ CVE-2018-16559
 	RESERVED
 CVE-2018-16558
 	RESERVED
-CVE-2018-16557
+CVE-2018-16557 (A vulnerability has been identified in SIMATIC S7-400 (incl. F) V6 and ...)
 	NOT-FOR-US: Siemens
-CVE-2018-16556
+CVE-2018-16556 (A vulnerability has been identified in SIMATIC S7-400 (incl. F) V6 and ...)
 	NOT-FOR-US: Siemens
-CVE-2018-16555
+CVE-2018-16555 (A vulnerability has been identified in SCALANCE S602 (All versions &lt ...)
 	NOT-FOR-US: Siemens
-CVE-2018-1000801
+CVE-2018-1000801 (okular version 18.08 and earlier contains a Directory Traversal vulner ...)
 	{DSA-4303-1 DLA-1516-1}
 	- okular 4:17.12.2-2.1 (bug #908168)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=398096
 	NOTE: https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47
-CVE-2018-1000800
+CVE-2018-1000800 (zephyr-rtos version 1.12.0 contains a NULL base pointer reference vuln ...)
 	NOT-FOR-US: zephyr-rtos
-CVE-2018-1000773
+CVE-2018-1000773 (WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ...)
 	- wordpress <undetermined>
 CVE-2018-1000673
 	REJECTED
-CVE-2018-1000671
+CVE-2018-1000671 (sympa version 6.2.16 and later contains a CWE-601: URL Redirection to  ...)
 	{DLA-1512-1}
 	- sympa 6.2.36~dfsg-1 (bug #908165)
 	[stretch] - sympa <no-dsa> (Minor issue)
 	NOTE: https://github.com/sympa-community/sympa/issues/268
 	NOTE: https://github.com/sympa-community/sympa/commit/c6ce32a6c203070702eac45a4442a17d2bf7b0c1
 	NOTE: https://github.com/sympa-community/sympa/commit/03314a9baf7f7903283253829877afd0ae50e325
-CVE-2018-1000668
+CVE-2018-1000668 (jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vuln ...)
 	NOT-FOR-US: jsish
-CVE-2018-1000667
+CVE-2018-1000667 (NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains ...)
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392507
 	NOTE: https://github.com/netwide-assembler/nasm/commit/c713b5f994cf7b29164c3b6838b91f0499591434
 	NOTE: https://github.com/cyrillos/nasm/issues/3
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-1000666
+CVE-2018-1000666 (GIG Technology NV JumpScale Portal 7 version before commit 15443122ed2 ...)
 	NOT-FOR-US: GIG Technology NV JumpScale Portal
-CVE-2018-1000665
+CVE-2018-1000665 (Dojo Dojo Objective Harness (DOH) version prior to version 1.14 contai ...)
 	- dojo 1.14.1+dfsg1-1 (unimportant)
 	NOTE: https://github.com/dojo/dojo/pull/307
-CVE-2018-1000664
+CVE-2018-1000664 (daneren2005 DSub for Subsonic (Android client) version 5.4.1 contains  ...)
 	NOT-FOR-US: daneren2005 DSub for Subsonic
-CVE-2018-1000663
+CVE-2018-1000663 (jsish version 2.4.70 2.047 contains a Buffer Overflow vulnerability in ...)
 	NOT-FOR-US: jsish
-CVE-2018-1000661
+CVE-2018-1000661 (jsish version 2.4.67 contains a CWE-476: NULL Pointer Dereference vuln ...)
 	NOT-FOR-US: jsish
-CVE-2018-1000660
+CVE-2018-1000660 (TOCK version prior to commit 42f7f36e74088036068d62253e1d8fb26605feed. ...)
 	NOT-FOR-US: TOCK
-CVE-2018-1000659
+CVE-2018-1000659 (LimeSurvey version 3.14.4 and earlier contains a directory traversal i ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2018-1000658
+CVE-2018-1000658 (LimeSurvey version prior to 3.14.4 contains a file upload vulnerabilit ...)
 	- limesurvey <itp> (bug #472802)
 CVE-2018-16553
 	RESERVED
-CVE-2018-16552
+CVE-2018-16552 (MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/ ...)
 	NOT-FOR-US: MicroPyramid Django-CRM
-CVE-2018-16551
+CVE-2018-16551 (LavaLite 5.5 has XSS via a /edit URI, as demonstrated by client/job/jo ...)
 	NOT-FOR-US: LavaLite
-CVE-2018-16550
+CVE-2018-16550 (TeamViewer 10.x through 13.x allows remote attackers to bypass the bru ...)
 	NOT-FOR-US: TeamViewer
-CVE-2018-16549
+CVE-2018-16549 (HScripts PHP File Browser Script v1.0 allows Directory Traversal via t ...)
 	NOT-FOR-US: HScripts PHP File Browser Script
-CVE-2018-16548
+CVE-2018-16548 (An issue was discovered in ZZIPlib through 0.13.69. There is a memory  ...)
 	- zziplib 0.13.62-3.2 (low; bug #910335)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <ignored> (Minor issue)
@@ -11474,9 +11474,9 @@ CVE-2018-16548
 	NOTE: https://github.com/gdraheim/zziplib/commit/0e1dadb05c1473b9df2d7b8f298dab801778ef99
 CVE-2018-16547
 	RESERVED
-CVE-2018-16546
+CVE-2018-16546 (Amcrest networked devices use the same hardcoded SSL private key acros ...)
 	NOT-FOR-US: Amcrest
-CVE-2018-16545
+CVE-2018-16545 (Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterp ...)
 	NOT-FOR-US: Kaizen Asset Manager
 CVE-2018-16544
 	RESERVED
@@ -11500,47 +11500,47 @@ CVE-2018-16530
 	RESERVED
 CVE-2018-16529
 	RESERVED
-CVE-2018-16528
+CVE-2018-16528 (Amazon Web Services (AWS) FreeRTOS through 1.3.1 allows remote attacke ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16527
+CVE-2018-16527 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0 ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16526
+CVE-2018-16526 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0 ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16525
+CVE-2018-16525 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0 ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16524
+CVE-2018-16524 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0 ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16523
+CVE-2018-16523 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0 ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16522
+CVE-2018-16522 (Amazon Web Services (AWS) FreeRTOS through 1.3.1 has an uninitialized  ...)
 	NOT-FOR-US: FreeRTOS
-CVE-2018-16521
+CVE-2018-16521 (An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3 ...)
 	NOT-FOR-US: OpenMRS
 CVE-2018-16520
 	RESERVED
-CVE-2018-16519
+CVE-2018-16519 (COYO 9.0.8, 10.0.11 and 12.0.4 has cross-site scripting (XSS) via URLs ...)
 	TODO: check
-CVE-2018-16518
+CVE-2018-16518 (A directory traversal vulnerability with remote code execution in Prim ...)
 	NOT-FOR-US: Prim'X Zed! FREE
-CVE-2018-16517
+CVE-2018-16517 (asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dere ...)
 	- nasm 2.14-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392513
 	NOTE: https://fakhrizulkifli.github.io/CVE-2018-16517.html
 	NOTE: https://github.com/netwide-assembler/nasm/commit/e996d28c70d45008085322b442b44a9224308548
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-16516
+CVE-2018-16516 (helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL. ...)
 	- python-flask-admin <itp> (bug #765509)
 CVE-2018-16514
 	RESERVED
-CVE-2018-17088
+CVE-2018-17088 (The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may al ...)
 	- jhead 1:3.00-8 (bug #907925)
 	[stretch] - jhead 1:3.00-4+deb9u1
 	[jessie] - jhead <no-dsa> (Minor issue)
-CVE-2018-16554
+CVE-2018-16554 (The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may al ...)
 	- jhead 1:3.00-8 (bug #908176)
 	[stretch] - jhead 1:3.00-4+deb9u1
 	[jessie] - jhead <no-dsa> (Minor issue)
-CVE-2018-16515
+CVE-2018-16515 (Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events ...)
 	- matrix-synapse 0.33.3.1-1 (bug #908044)
 	NOTE: https://matrix.org/blog/2018/09/05/pre-disclosure-upcoming-critical-security-fix-for-synapse/
 	NOTE: https://matrix.org/blog/2018/09/06/critical-security-update-synapse-0-33-3-1/
@@ -11577,134 +11577,134 @@ CVE-2018-16495
 	RESERVED
 CVE-2018-16494
 	RESERVED
-CVE-2018-16493
+CVE-2018-16493 (A path traversal vulnerability was found in module static-resource-ser ...)
 	NOT-FOR-US: node static-resource-server
-CVE-2018-16492
+CVE-2018-16492 (A prototype pollution vulnerability was found in module extend &lt;2.0 ...)
 	- node-extend 3.0.2-1 (unimportant)
 	NOTE: https://snyk.io/vuln/npm:extend:20180424
 	NOTE: https://github.com/justmoon/node-extend/commit/0e68e71d93507fcc391e398bc84abd0666b28190
 	NOTE: https://github.com/justmoon/node-extend/pull/48
 	NOTE: nodejs not covered by security support
-CVE-2018-16491
+CVE-2018-16491 (A prototype pollution vulnerability was found in node.extend &lt;1.1.7 ...)
 	- node-extend 3.0.2-1 (unimportant)
 	NOTE: https://hackerone.com/reports/430831
 	NOTE: nodejs not covered by security support
-CVE-2018-16490
+CVE-2018-16490 (A prototype pollution vulnerability was found in module mpath &lt;0.5. ...)
 	NOT-FOR-US: node mpath
-CVE-2018-16489
+CVE-2018-16489 (A prototype pollution vulnerability was found in just-extend &lt;4.0.0 ...)
 	NOT-FOR-US: node just-extend
 CVE-2018-16488
 	RESERVED
-CVE-2018-16487
+CVE-2018-16487 (A prototype pollution vulnerability was found in lodash &lt;4.17.11 wh ...)
 	- node-lodash 4.17.11+dfsg-1 (unimportant)
 	NOTE: https://hackerone.com/reports/380873
 	NOTE: nodejs not covered by security support
-CVE-2018-16486
+CVE-2018-16486 (A prototype pollution vulnerability was found in defaults-deep &lt;=0. ...)
 	NOT-FOR-US: node defaults-deep
-CVE-2018-16485
+CVE-2018-16485 (Path Traversal vulnerability in module m-server &lt;1.4.1 allows malic ...)
 	NOT-FOR-US: node m-server
-CVE-2018-16484
+CVE-2018-16484 (A XSS vulnerability was found in module m-server &lt;1.4.2 that allows ...)
 	NOT-FOR-US: node m-server
-CVE-2018-16483
+CVE-2018-16483 (A deficiency in the access control in module express-cart &lt;=1.1.5 a ...)
 	NOT-FOR-US: node express-cart
-CVE-2018-16482
+CVE-2018-16482 (A server directory traversal vulnerability was found on node module mc ...)
 	NOT-FOR-US: node mcstatic
-CVE-2018-16481
+CVE-2018-16481 (A XSS vulnerability was found in html-page &lt;=2.1.1 that allows mali ...)
 	NOT-FOR-US: node html-page
-CVE-2018-16480
+CVE-2018-16480 (A XSS vulnerability was found in module public &lt;0.1.4 that allows m ...)
 	NOT-FOR-US: node public
-CVE-2018-16479
+CVE-2018-16479 (Path traversal vulnerability in http-live-simulator &lt;1.0.7 causes u ...)
 	NOT-FOR-US: node http-live-simulator
-CVE-2018-16478
+CVE-2018-16478 (A Path Traversal in simplehttpserver versions &lt;=0.2.1 allows to lis ...)
 	NOT-FOR-US: simplehttpserver
-CVE-2018-16477
+CVE-2018-16477 (A bypass vulnerability in Active Storage &gt;= 5.2.0 for Google Cloud  ...)
 	- rails 2:5.2.2+dfsg-1 (bug #914848)
 	[stretch] - rails <not-affected> (Only affects >= 5.2.0; vulnerable code not present)
 	[jessie] - rails <not-affected> (Only affects >= 5.2.0; vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/27/5
 	NOTE: Originally no version was affected until 2:5.2.0+dfsg-2 was uploaded to unstable.
-CVE-2018-16476
+CVE-2018-16476 (A Broken Access Control vulnerability in Active Job versions &gt;= 4.2 ...)
 	- rails 2:5.2.2+dfsg-1 (bug #914847)
 	[jessie] - rails <not-affected> (only affects >= 4.2.0)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/11/27/4
-CVE-2018-16475
+CVE-2018-16475 (A Path Traversal in Knightjs versions &lt;= 0.0.1 allows an attacker t ...)
 	NOT-FOR-US: Knightjs
-CVE-2018-16474
+CVE-2018-16474 (A stored xss in tianma-static module versions &lt;=1.0.4 allows an att ...)
 	NOT-FOR-US: tianma-static
-CVE-2018-16473
+CVE-2018-16473 (A path traversal in takeapeek module versions &lt;=0.2.2 allows an att ...)
 	NOT-FOR-US: takeapeek
-CVE-2018-16472
+CVE-2018-16472 (A prototype pollution attack in cached-path-relative versions &lt;=1.0 ...)
 	NOT-FOR-US: cached-path-relative
-CVE-2018-16471
+CVE-2018-16471 (There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. ...)
 	{DLA-1585-1}
 	- ruby-rack 1.6.4-6 (bug #913005)
 	[stretch] - ruby-rack 1.6.4-4+deb9u1
 	NOTE: Fixed by: https://github.com/rack/rack/commit/e5d58031b766e49687157b45edab1b8457d972bd (master)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/313dd6a05a5924ed6c82072299c53fed09e39ae7 (2.0.6)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/97ca63d87d88b4088fb1995b14103d4fe6a5e594 (1.6.11)
-CVE-2018-16470
+CVE-2018-16470 (There is a possible DoS vulnerability in the multipart parser in Rack  ...)
 	[experimental] - ruby-rack 2.0.6-1 (bug #913003)
 	- ruby-rack <not-affected> (Only affects >= 2.0.4)
 	NOTE: Introduced by: https://github.com/rack/rack/commit/c43217a81917de03aa6ceb1aa485ae69b8bb4598 (2.0.4)
 	NOTE: Fixed by: https://github.com/rack/rack/commit/37c1160b2360074d20858792f23a7eb3afeabebd (2.0.6)
-CVE-2018-16469
+CVE-2018-16469 (The merge.recursive function in the merge package &lt;1.2.1 can be tri ...)
 	NOT-FOR-US: merge package v
-CVE-2018-16468
+CVE-2018-16468 (In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may ...)
 	{DSA-4364-1}
 	- ruby-loofah 2.2.3-1 (bug #912398)
 	NOTE: https://github.com/flavorjones/loofah/issues/154
 	NOTE: https://github.com/flavorjones/loofah/commit/71e4b5434fbcb2ad87643f0c9fecfc3a847943c4 (v2.2.3)
-CVE-2018-16467
+CVE-2018-16467 (A missing check in Nextcloud Server prior to 14.0.0 could give unautho ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2018-16466
+CVE-2018-16466 (Improper revalidation of permissions in Nextcloud Server prior to 14.0 ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2018-16465
+CVE-2018-16465 (Missing state in Nextcloud Server prior to 14.0.0 would not enforce th ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2018-16464
+CVE-2018-16464 (A missing access check in Nextcloud Server prior to 14.0.0 could lead  ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2018-16463
+CVE-2018-16463 (A bug causing session fixation in Nextcloud Server prior to 14.0.0, 13 ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2018-16462
+CVE-2018-16462 (A command injection vulnerability in the apex-publish-static-files npm ...)
 	NOT-FOR-US: apex-publish-static-files npm
-CVE-2018-16461
+CVE-2018-16461 (A command injection vulnerability in libnmapp package for versions &lt ...)
 	NOT-FOR-US: libnmapp
-CVE-2018-16460
+CVE-2018-16460 (A command Injection in ps package versions &lt;1.0.0 for Node.js allow ...)
 	NOT-FOR-US: ps node module
-CVE-2018-16459
+CVE-2018-16459 (An unescaped payload in exceljs &lt;v1.6 allows a possible XSS via cel ...)
 	NOT-FOR-US: exceljs
 CVE-2018-1000672
 	REJECTED
 CVE-2018-1000662
 	REJECTED
-CVE-2018-16458
+CVE-2018-16458 (An issue was discovered in baigo CMS v2.1.1. There is an index.php?m=a ...)
 	NOT-FOR-US: baigo CMS
-CVE-2018-16457
+CVE-2018-16457 (PHP Scripts Mall Open Source Real-estate Script 3.6.2 allows remote at ...)
 	NOT-FOR-US: PHP Scripts Mall Open Source Real-estate Script
-CVE-2018-16456
+CVE-2018-16456 (PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a keyword. NO ...)
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
-CVE-2018-16455
+CVE-2018-16455 (PHP Scripts Mall Market Place Script 1.0.1 allows XSS via a keyword. ...)
 	NOT-FOR-US: PHP Scripts Mall Market Place Script
-CVE-2018-16454
+CVE-2018-16454 (PHP Scripts Mall Currency Converter Script 2.0.5 allows remote attacke ...)
 	NOT-FOR-US: PHP Scripts Mall Olx Clone
-CVE-2018-16453
+CVE-2018-16453 (PHP Scripts Mall Domain Lookup Script 3.0.5 allows XSS in the search b ...)
 	NOT-FOR-US: PHP Scripts Mall Domain Lookup Script
 CVE-2018-16452
 	RESERVED
 CVE-2018-16451
 	RESERVED
-CVE-2018-16450
+CVE-2018-16450 (CraftedWeb through 2013-09-24 has reflected XSS via the p parameter. ...)
 	NOT-FOR-US: CraftedWeb
-CVE-2018-16449
+CVE-2018-16449 (OneThink 1.1.141212 allows CSRF for adding a page via admin.php?s=/Cha ...)
 	NOT-FOR-US: OneThink
-CVE-2018-16448
+CVE-2018-16448 (Cscms 4 allows CSRF for creating a member via upload/admin.php/user/sa ...)
 	NOT-FOR-US: Cscms
-CVE-2018-16447
+CVE-2018-16447 (Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-16446
+CVE-2018-16446 (An issue was discovered in SeaCMS through 6.61. adm1n/admin_database.p ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-16445
+CVE-2018-16445 (An issue was discovered in SeaCMS through 6.61. SQL injection exists v ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-16444
+CVE-2018-16444 (An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSR ...)
 	NOT-FOR-US: SeaCMS
 CVE-2018-16443
 	RESERVED
@@ -11716,14 +11716,14 @@ CVE-2018-16440
 	RESERVED
 CVE-2018-16439
 	RESERVED
-CVE-2018-16438
+CVE-2018-16438 (An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ...)
 	- hdf5 <undetermined>
 	NOTE: H5L_extern_query@H5Lexternal.c:498-10___out-of-bounds-read
-CVE-2018-16437
+CVE-2018-16437 (Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable ...)
 	NOT-FOR-US: Gxlcms
-CVE-2018-16436
+CVE-2018-16436 (Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an ...)
 	NOT-FOR-US: Gxlcms
-CVE-2018-16435
+CVE-2018-16435 (Little CMS (aka Little Color Management System) 2.9 has an integer ove ...)
 	{DSA-4289-1 DSA-4284-1 DLA-1496-1}
 	- lcms2 2.9-3 (bug #907983)
 	- lcms <removed>
@@ -11735,82 +11735,82 @@ CVE-2018-16434
 	RESERVED
 CVE-2018-16433
 	RESERVED
-CVE-2018-16432
+CVE-2018-16432 (BlueCMS 1.6 allows SQL Injection via the user_name parameter to upload ...)
 	NOT-FOR-US: BlueCMS
-CVE-2018-16431
+CVE-2018-16431 (admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an adminis ...)
 	NOT-FOR-US: YFCMF
-CVE-2018-16430
+CVE-2018-16430 (GNU Libextractor through 1.7 has an out-of-bounds read vulnerability i ...)
 	{DSA-4290-1 DLA-1501-1}
 	- libextractor 1:1.7-1 (bug #907987)
 	NOTE: https://gnunet.org/bugs/view.php?id=5405
 	NOTE: https://gnunet.org/git/libextractor.git/commit/?id=24c8d489797499c0331f4d1039e357ece1ae98a7
-CVE-2018-16429
+CVE-2018-16429 (GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_ ...)
 	- glib2.0 2.58.0-1 (low)
 	[stretch] - glib2.0 <no-dsa> (Minor issue)
 	[jessie] - glib2.0 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/glib/commit/cec71705406f0b2790422f0c1aa0ff3b4b464b1b
 	NOTE: https://gitlab.gnome.org/GNOME/glib/issues/1361
-CVE-2018-16428
+CVE-2018-16428 (In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c  ...)
 	- glib2.0 2.58.0-1 (low)
 	[stretch] - glib2.0 <no-dsa> (Minor issue)
 	[jessie] - glib2.0 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9
 	NOTE: https://gitlab.gnome.org/GNOME/glib/issues/1364
-CVE-2018-16427
+CVE-2018-16427 (Various out of bounds reads when handling responses in OpenSC before 0 ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/pull/1447/commits/8fe377e93b4b56060e5bbfb6f3142ceaeca744fa
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16426
+CVE-2018-16426 (Endless recursion when handling responses from an IAS-ECC card in iase ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/03628449b75a93787eb2359412a3980365dda49b#diff-f8c0128e14031ed9307d47f10f601b54
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16425
+CVE-2018-16425 (A double free when handling responses from an HSM Card in sc_pkcs15emu ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-d643a0fa169471dbf2912f4866dc49c5
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16424
+CVE-2018-16424 (A double free when handling responses in read_file in tools/egk-tool.c ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-476b3b2a03c4eef331b4b0bfece4b063
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16423
+CVE-2018-16423 (A double free when handling responses from a smartcard in sc_file_set_ ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-db0cd89ff279ad8c7b3bb780cdf2770a
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16422
+CVE-2018-16422 (A single byte buffer overflow when handling responses from an esteid C ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-d64c08c80437cf0006ada91e50f20ba0
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16421
+CVE-2018-16421 (Several buffer overflows when handling responses from a CAC Card in ca ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-848b13147a344ba2c6361d91ca77feb1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16420
+CVE-2018-16420 (Several buffer overflows when handling responses from an ePass 2003 Ca ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-b36536074d13447fbbec061e0e64d15d
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16419
+CVE-2018-16419 (Several buffer overflows when handling responses from a Cryptoflex car ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-a6074523a9cbd875e26c58e20868fb15
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16418
+CVE-2018-16418 (A buffer overflow when handling string concatenation in util_acl_to_st ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
@@ -11818,20 +11818,20 @@ CVE-2018-16418
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
 CVE-2018-16417
 	RESERVED
-CVE-2018-16416
+CVE-2018-16416 (Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inl ...)
 	NOT-FOR-US: FUEL CMS
 CVE-2018-16415
 	RESERVED
 CVE-2018-16414
 	RESERVED
-CVE-2018-16413
+CVE-2018-16413 (ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the Magi ...)
 	{DSA-4316-1 DLA-1530-1}
 	- imagemagick 8:6.9.10.14+dfsg-1 (bug #910887)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1249
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1251
 	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/17a1a6f97fd088a71931bdc422f4e96bb6ffc549
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/4745eb1047617330141e9abfd5ae01236a71ae12
-CVE-2018-16412
+CVE-2018-16412 (ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the code ...)
 	{DSA-4316-1 DLA-1530-1}
 	- imagemagick 8:6.9.10.14+dfsg-1 (bug #910887)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1250
@@ -11841,27 +11841,27 @@ CVE-2018-16412
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/4745eb1047617330141e9abfd5ae01236a71ae12
 CVE-2018-16411
 	RESERVED
-CVE-2018-16410
+CVE-2018-16410 (Vanilla before 2.6.1 allows SQL injection via an invitationID array to ...)
 	NOT-FOR-US: Vanilla
-CVE-2018-16409
+CVE-2018-16409 (In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GE ...)
 	NOT-FOR-US: Go Git Service
-CVE-2018-16408
+CVE-2018-16408 (D-Link DIR-846 devices with firmware 100.26 allow remote attackers to  ...)
 	NOT-FOR-US: D-Link DIR-846 devices
-CVE-2018-16407
+CVE-2018-16407 (An issue was discovered in Mayan EDMS before 3.0.3. The Tags app has X ...)
 	- mayan-edms <itp> (bug #718580)
-CVE-2018-16406
+CVE-2018-16406 (An issue was discovered in Mayan EDMS before 3.0.2. The Cabinets app h ...)
 	- mayan-edms <itp> (bug #718580)
-CVE-2018-16405
+CVE-2018-16405 (An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app ...)
 	- mayan-edms <itp> (bug #718580)
 CVE-2018-16404
 	RESERVED
-CVE-2018-16403
+CVE-2018-16403 (libdw in elfutils 0.173 checks the end of the attributes list incorrec ...)
 	- elfutils 0.175-1 (low)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	[jessie] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23529
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=6983e59b727458a6c64d9659c85f08218bc4fcda
-CVE-2018-16402
+CVE-2018-16402 (libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a  ...)
 	- elfutils 0.175-1 (low)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	[jessie] - elfutils <not-affected> (vulnerable code introduced later)
@@ -11873,18 +11873,18 @@ CVE-2018-16400
 	RESERVED
 CVE-2018-16399
 	RESERVED
-CVE-2018-16398
+CVE-2018-16398 (In Twistlock AuthZ Broker 0.1, regular expressions are mishandled, as  ...)
 	NOT-FOR-US: Twistlock AuthZ Broker
-CVE-2018-16397
+CVE-2018-16397 (In LimeSurvey before 3.14.7, an admin user can leverage a "file upload ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2018-16396
+CVE-2018-16396 (An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5. ...)
 	{DSA-4332-1 DLA-1558-1}
 	- ruby2.5 2.5.3-1 (bug #911920)
 	- ruby2.3 <removed>
 	- ruby2.1 <removed>
 	NOTE: https://www.ruby-lang.org/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/
 	NOTE: https://github.com/ruby/ruby/commit/a2958f6743664006d21fc0bafd4ca6214df1d429
-CVE-2018-16395
+CVE-2018-16395 (An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2 ...)
 	{DSA-4332-1 DLA-1558-1}
 	- ruby-openssl <unfixed> (bug #911918)
 	- ruby2.5 2.5.3-1 (bug #911919)
@@ -11894,19 +11894,19 @@ CVE-2018-16395
 	NOTE: https://github.com/ruby/openssl/commit/f653cfa43f0f20e8c440122ea982382b6228e7f5
 CVE-2018-16394
 	RESERVED
-CVE-2018-16393
+CVE-2018-16393 (Several buffer overflows when handling responses from a Gemsafe V1 Sma ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16392
+CVE-2018-16392 (Several buffer overflows when handling responses from a TCOS Card in t ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-b2a356323a9ff2024d041cf2d7e89dd3
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
-CVE-2018-16391
+CVE-2018-16391 (Several buffer overflows when handling responses from a Muscle Card in ...)
 	- opensc 0.19.0~rc1-1 (low; bug #909444)
 	[stretch] - opensc 0.16.0-3+deb9u1
 	[jessie] - opensc <no-dsa> (Minor issue)
@@ -11914,17 +11914,17 @@ CVE-2018-16391
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
 CVE-2018-16390
 	RESERVED
-CVE-2018-16389
+CVE-2018-16389 (e107_admin/banlist.php in e107 2.1.8 allows SQL injection via the old_ ...)
 	NOT-FOR-US: e107
-CVE-2018-16388
+CVE-2018-16388 (e107_web/js/plupload/upload.php in e107 2.1.8 allows remote attackers  ...)
 	NOT-FOR-US: e107
-CVE-2018-16387
+CVE-2018-16387 (An issue was discovered in Elefant CMS before 2.0.5. There is a CSRF v ...)
 	NOT-FOR-US: Elefant CMS
 CVE-2018-16386
 	RESERVED
-CVE-2018-16385
+CVE-2018-16385 (ThinkPHP before 5.1.23 allows SQL Injection via the public/index/index ...)
 	NOT-FOR-US: ThinkPHP
-CVE-2018-16384
+CVE-2018-16384 (A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Co ...)
 	- modsecurity-crs <unfixed> (low; bug #924352)
 	[buster] - modsecurity-crs <no-dsa> (Minor issue)
 	[stretch] - modsecurity-crs <no-dsa> (Minor issue)
@@ -11932,65 +11932,65 @@ CVE-2018-16384
 	NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1167
 CVE-2018-16383
 	RESERVED
-CVE-2018-16382
+CVE-2018-16382 (Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regfla ...)
 	- nasm 2.14-1 (unimportant; bug #907866)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392503
 	NOTE: Duplicate of/relate to https://bugzilla.nasm.us/show_bug.cgi?id=3392447
 	NOTE: https://github.com/netwide-assembler/nasm/commit/3c755dac88039b718d52ef56e8f74b5f65f3b55b
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-16381
+CVE-2018-16381 (e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&amp;action=l ...)
 	NOT-FOR-US: e107
-CVE-2018-16380
+CVE-2018-16380 (An issue was discovered in Ogma CMS 0.4 Beta. There is a CSRF vulnerab ...)
 	NOT-FOR-US: Ogma CMS
-CVE-2018-16379
+CVE-2018-16379 (Ogma CMS 0.4 Beta has XSS via the "Footer Text footer" field on the "T ...)
 	NOT-FOR-US: Ogma CMS
 CVE-2018-16378
 	RESERVED
 CVE-2018-16377
 	RESERVED
-CVE-2018-16376
+CVE-2018-16376 (An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflo ...)
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1127
 	NOTE: We build with -DBUILD_MJ2:BOOL=OFF
-CVE-2018-16375
+CVE-2018-16375 (An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_i ...)
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1126
 	NOTE: We build with -DBUILD_JPWL:BOOL=OFF
-CVE-2018-16374
+CVE-2018-16374 (Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings. ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-16373
+CVE-2018-16373 (Frog CMS 0.9.5 has an Upload vulnerability that can create files via / ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-16372
+CVE-2018-16372 (The issue was discovered in IdeaCMS through 2016-04-30. There is refle ...)
 	NOT-FOR-US: IdeaCMS
-CVE-2018-16371
+CVE-2018-16371 (PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter ...)
 	NOT-FOR-US: PESCMS Team
-CVE-2018-16370
+CVE-2018-16370 (In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP c ...)
 	NOT-FOR-US: PESCMS Team
-CVE-2018-16369
+CVE-2018-16369 (XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: Crash in GUI/CLI tool, no security impact
-CVE-2018-16368
+CVE-2018-16368 (SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: Crash in GUI/CLI tool, no security impact
-CVE-2018-16367
+CVE-2018-16367 (In OnlineJudge 2.0, the sandbox has an incorrect access control vulner ...)
 	NOT-FOR-US: OnlineJudge
-CVE-2018-16366
+CVE-2018-16366 (An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=us ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-16365
+CVE-2018-16365 (An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=gr ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-16364
+CVE-2018-16364 (A serialization vulnerability in Zoho ManageEngine Applications Manage ...)
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2018-16363
+CVE-2018-16363 (The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via th ...)
 	NOT-FOR-US: mndpsingh287 File Manager plugin for WordPress
-CVE-2018-16362
+CVE-2018-16362 (An issue was discovered in the Source Integration plugin before 1.5.9  ...)
 	NOT-FOR-US: Mantis plugin
-CVE-2018-16361
+CVE-2018-16361 (An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS vi ...)
 	NOT-FOR-US: BTITeam XBTIT
 CVE-2018-16360
 	RESERVED
-CVE-2018-16359
+CVE-2018-16359 (Google gVisor before 2018-08-23, within the seccomp sandbox, permits a ...)
 	NOT-FOR-US: gVisor
-CVE-2018-16358
+CVE-2018-16358 (A cross-site scripting (XSS) vulnerability in inc/core/class.dc.core.p ...)
 	- dotclear <removed>
 CVE-2018-16357
 	RESERVED
@@ -11998,49 +11998,49 @@ CVE-2018-16356
 	RESERVED
 CVE-2018-16355
 	RESERVED
-CVE-2018-16354
+CVE-2018-16354 (An issue was discovered in FHCRM through 2018-02-11. There is a SQL in ...)
 	NOT-FOR-US: FHCRM
-CVE-2018-16353
+CVE-2018-16353 (An issue was discovered in FHCRM through 2018-02-11. There is a SQL in ...)
 	NOT-FOR-US: FHCRM
-CVE-2018-16352
+CVE-2018-16352 (There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via index. ...)
 	NOT-FOR-US: WeaselCMS
 CVE-2018-16351
 	RESERVED
-CVE-2018-16350
+CVE-2018-16350 (WUZHI CMS 4.1.0 has XSS via the index.php?m=core&amp;f=set&amp;v=basic ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-16349
+CVE-2018-16349 (WUZHI CMS 4.1.0 has XSS via the index.php?m=link&amp;f=index&amp;v=add ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-16348
+CVE-2018-16348 (SeaCMS V6.61 has XSS via the admin_video.php v_content parameter, rela ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-16347
+CVE-2018-16347 (An issue was discovered in Gleez CMS v1.2.0. There is XSS via media/im ...)
 	NOT-FOR-US: Gleez CMS
-CVE-2018-16346
+CVE-2018-16346 (ChemCMS 1.0.6 has XSS via the "setting -&gt; website information" fiel ...)
 	NOT-FOR-US: ChemCMS
-CVE-2018-16345
+CVE-2018-16345 (An issue was discovered in EasyCMS 1.5. There is a CSRF vulnerability  ...)
 	NOT-FOR-US: EasyCMS
-CVE-2018-16344
+CVE-2018-16344 (An issue was discovered in zzcms 8.3. It allows remote attackers to de ...)
 	NOT-FOR-US: zzcms
-CVE-2018-16343
+CVE-2018-16343 (SeaCMS 6.61 allows remote attackers to execute arbitrary code because  ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-16342
+CVE-2018-16342 (ShowDoc v1.8.0 has XSS via a new page. ...)
 	NOT-FOR-US: ShowDoc
 CVE-2018-16341
 	RESERVED
 CVE-2018-16340
 	RESERVED
-CVE-2018-16339
+CVE-2018-16339 (An issue was discovered in EmpireCMS 7.0. There is a CSRF vulnerabilit ...)
 	NOT-FOR-US: EmpireCMS
-CVE-2018-16338
+CVE-2018-16338 (An issue was discovered in AuraCMS 2.3. There is a CSRF vulnerability  ...)
 	NOT-FOR-US: AuraCMS
-CVE-2018-16337
+CVE-2018-16337 (An issue was discovered in Cscms V4.1.8. There is a CSRF vulnerability ...)
 	NOT-FOR-US: Cscms
-CVE-2018-16336
+CVE-2018-16336 (Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote  ...)
 	{DLA-1551-1}
 	- exiv2 <unfixed> (bug #916081)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/400
 	NOTE: https://github.com/Exiv2/exiv2/commit/35b3e596edacd2437c2c5d3dd2b5c9502626163d
-CVE-2018-16335
+CVE-2018-16335 (newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c  ...)
 	{DSA-4349-1}
 	- tiff 4.0.9-5 (bug #907795)
 	[jessie] - tiff 4.0.3-12.3+deb8u6
@@ -12049,17 +12049,17 @@ CVE-2018-16335
 	NOTE: Different issue than CVE-2017-11613 but adressed with same set of commits.
 	NOTE: Upstream fix 1/2: https://gitlab.com/libtiff/libtiff/commit/3719385a3fac5cfb20b487619a5f08abbf967cf8
 	NOTE: Upstream fix 2/2: https://gitlab.com/libtiff/libtiff/commit/7a092f8af2568d61993a8cc2e7a35a998d7d37be
-CVE-2018-16334
+CVE-2018-16334 (An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V1 ...)
 	NOT-FOR-US: Tenda
-CVE-2018-16333
+CVE-2018-16333 (An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19 ...)
 	NOT-FOR-US: Tenda
-CVE-2018-16332
+CVE-2018-16332 (An issue was discovered in iCMS 7.0.9. There is an admincp.php?app=art ...)
 	NOT-FOR-US: iCMS
-CVE-2018-16331
+CVE-2018-16331 (admin.php?s=/Admin/doedit in DamiCMS v6.0.0 allows CSRF to change the  ...)
 	NOT-FOR-US: DamiCMS
-CVE-2018-16330
+CVE-2018-16330 (Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid ...)
 	NOT-FOR-US: Pandao Editor.md
-CVE-2018-16329
+CVE-2018-16329 (In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in th ...)
 	- imagemagick <undetermined>
 	[jessie] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1225
@@ -12068,22 +12068,22 @@ CVE-2018-16329
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/db2a1d6aaff3a83a74b37731405424c95f0c873a
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/2c75f301d9ac84f91071393b02d8c88c8341c91c
 	TODO: check if though missing null checks are present as well in 6.x series
-CVE-2018-16328
+CVE-2018-16328 (In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in th ...)
 	- imagemagick 8:6.9.10.8+dfsg-1
 	[stretch] - imagemagick <not-affected> (Vulnerable code introduced later)
 	[jessie] - imagemagick <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1224
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/107ce8577e818cf4801e5a59641cb769d645cc95
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/68e4f4d22abaf97b61019ea85f74e2f639d0e93e
-CVE-2018-16327
+CVE-2018-16327 (There is Stored XSS in Subrion 4.2.1 via the admin panel URL configura ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2018-16326
+CVE-2018-16326 (PHP Scripts Mall Olx Clone 3.4.2 has XSS. ...)
 	NOT-FOR-US: PHP Scripts Mall Olx Clone
-CVE-2018-16325
+CVE-2018-16325 (There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title fie ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2018-16324
+CVE-2018-16324 (In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ u ...)
 	NOT-FOR-US: IceWarp Server
-CVE-2018-16323
+CVE-2018-16323 (ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data ...)
 	- imagemagick 8:6.9.10.14+dfsg-1 (bug #907776)
 	[stretch] - imagemagick <not-affected> (Introduced by b8c63b156bf26b52e710b1a0643c846a6cd01e56 which wasn't backported to stretch)
 	[jessie] - imagemagick <not-affected> (Introduced by b8c63b156bf26b52e710b1a0643c846a6cd01e56 which wasn't backported to jessie)
@@ -12093,7 +12093,7 @@ CVE-2018-16322
 	RESERVED
 CVE-2018-16321
 	RESERVED
-CVE-2018-16320
+CVE-2018-16320 (idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Travers ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-16319
 	RESERVED
@@ -12101,25 +12101,25 @@ CVE-2018-16318
 	RESERVED
 CVE-2018-16317
 	RESERVED
-CVE-2018-16316
+CVE-2018-16316 (A stored Cross-site scripting (XSS) vulnerability in Portainer through ...)
 	NOT-FOR-US: Portainer
-CVE-2018-16315
+CVE-2018-16315 (In waimai Super Cms 20150505, there is a CSRF vulnerability that can c ...)
 	NOT-FOR-US: waimai Super Cms
-CVE-2018-16314
+CVE-2018-16314 (An issue was discovered in admincp.php in idreamsoft iCMS 7.0.11. When ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-16313
+CVE-2018-16313 (Bludit 2.3.4 allows XSS via a user name. ...)
 	NOT-FOR-US: Bludit
 CVE-2018-16312
 	RESERVED
 CVE-2018-16311
 	RESERVED
-CVE-2018-16310
+CVE-2018-16310 (** DISPUTED ** Technicolor TG588V V2 devices allow remote attackers to ...)
 	NOT-FOR-US: Technicolor
 CVE-2018-16309
 	REJECTED
-CVE-2018-16308
+CVE-2018-16308 (The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV inject ...)
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2018-16307
+CVE-2018-16307 (An "Out-of-band resource load" issue was discovered on Xiaomi MIWiFi X ...)
 	NOT-FOR-US: Xiaomi
 CVE-2018-16306
 	RESERVED
@@ -12127,63 +12127,63 @@ CVE-2018-16305
 	RESERVED
 CVE-2018-16304
 	RESERVED
-CVE-2018-16303
+CVE-2018-16303 (PDF-XChange Editor through 7.0.326.1 allows remote attackers to cause  ...)
 	NOT-FOR-US: PDF-XChange Editor
-CVE-2018-16302
+CVE-2018-16302 (MediaComm Zip-n-Go before 4.95 has a Buffer Overflow via a crafted fil ...)
 	NOT-FOR-US: MediaComm Zip-n-Go
 CVE-2018-16301
 	RESERVED
 CVE-2018-16300
 	RESERVED
-CVE-2018-16299
+CVE-2018-16299 (The Localize My Post plugin 1.0 for WordPress allows Directory Travers ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-16298
+CVE-2018-16298 (An issue was discovered in MiniCMS 1.10. There is an mc-admin/post.php ...)
 	NOT-FOR-US: MiniCMS
-CVE-2018-16297
+CVE-2018-16297 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit
-CVE-2018-16296
+CVE-2018-16296 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit
-CVE-2018-16295
+CVE-2018-16295 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit
-CVE-2018-16294
+CVE-2018-16294 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit
-CVE-2018-16293
+CVE-2018-16293 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit
-CVE-2018-16292
+CVE-2018-16292 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit
-CVE-2018-16291
+CVE-2018-16291 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit
 CVE-2018-16290
 	RESERVED
 CVE-2018-16289
 	RESERVED
-CVE-2018-16288
+CVE-2018-16288 (LG SuperSign CMS allows reading of arbitrary files via signEzUI/playli ...)
 	NOT-FOR-US: LG SuperSign CMS
-CVE-2018-16287
+CVE-2018-16287 (LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/ ...)
 	NOT-FOR-US: LG SuperSign CMS
-CVE-2018-16286
+CVE-2018-16286 (LG SuperSign CMS allows authentication bypass because the CAPTCHA requ ...)
 	NOT-FOR-US: LG SuperSign CMS
-CVE-2018-16285
+CVE-2018-16285 (The UserPro plugin through 4.9.23 for WordPress allows XSS via the sho ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-16284
 	RESERVED
-CVE-2018-16283
+CVE-2018-16283 (The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Dir ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-16282
+CVE-2018-16282 (A command injection vulnerability in the web server functionality of M ...)
 	NOT-FOR-US: Moxa
-CVE-2018-16281
+CVE-2018-16281 (The DEISER "Profields - Project Custom Fields" app before 6.0.2 for Ji ...)
 	NOT-FOR-US: DEISER
 CVE-2018-16280
 	RESERVED
 CVE-2018-16279
 	RESERVED
-CVE-2018-16278
+CVE-2018-16278 (phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticat ...)
 	NOT-FOR-US: phpkaiyuancms PhpOpenSourceCMS (POSCMS)
-CVE-2018-16277
+CVE-2018-16277 (The Image Import function in XWiki through 10.7 has XSS. ...)
 	NOT-FOR-US: XWiki
-CVE-2018-16275
+CVE-2018-16275 (OPSWAT MetaDefender before v4.11.2 allows CSV injection. ...)
 	NOT-FOR-US: OPSWAT MetaDefender
-CVE-2018-16276
+CVE-2018-16276 (An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in t ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.8-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f1e255d60ae66a9f672ff9a207ee6cd8e33d2679 (4.18-rc5)
@@ -12213,7 +12213,7 @@ CVE-2018-16263
 	RESERVED
 CVE-2018-16262
 	RESERVED
-CVE-2018-16261
+CVE-2018-16261 (In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, the ...)
 	NOT-FOR-US: Pulse Secure Pulse Desktop Client
 CVE-2018-16260
 	RESERVED
@@ -12229,9 +12229,9 @@ CVE-2018-16255
 	RESERVED
 CVE-2018-16254
 	RESERVED
-CVE-2018-16253
+CVE-2018-16253 (In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS# ...)
 	NOT-FOR-US: axTLS
-CVE-2018-16252
+CVE-2018-16252 (FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML Exter ...)
 	NOT-FOR-US: FsPro Labs Event Log Explorer
 CVE-2018-16251
 	RESERVED
@@ -12251,29 +12251,29 @@ CVE-2018-16244
 	RESERVED
 CVE-2018-16243
 	RESERVED
-CVE-2018-16242
+CVE-2018-16242 (oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which  ...)
 	NOT-FOR-US: oBike
 CVE-2018-16241
 	RESERVED
 CVE-2018-16240
 	RESERVED
-CVE-2018-16239
+CVE-2018-16239 (An issue was discovered in damiCMS V6.0.1. It relies on the PHP time() ...)
 	NOT-FOR-US: damiCMS
-CVE-2018-16238
+CVE-2018-16238 (An issue was discovered in damiCMS V6.0.1. Remote code execution can o ...)
 	NOT-FOR-US: damiCMS
-CVE-2018-16237
+CVE-2018-16237 (An issue was discovered in damiCMS V6.0.1. There is Directory Traversa ...)
 	NOT-FOR-US: damiCMS
-CVE-2018-16236
+CVE-2018-16236 (cPanel through 74 allows XSS via a crafted filename in the logs subdir ...)
 	NOT-FOR-US: cPanel
-CVE-2018-16235
+CVE-2018-16235 (Telligent Community 6.x, 7.x, 8.x, 9.x, and 10.x up to 10.1.10.11792 h ...)
 	NOT-FOR-US: Telligent Community
-CVE-2018-16234
+CVE-2018-16234 (MorningStar WhatWeb 0.4.9 has XSS via JSON report files. ...)
 	NOT-FOR-US: MorningStar WhatWeb
-CVE-2018-16233
+CVE-2018-16233 (MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter. ...)
 	NOT-FOR-US: MiniCMS
-CVE-2018-16232
+CVE-2018-16232 (An authenticated command injection vulnerability exists in IPFire Fire ...)
 	NOT-FOR-US: IPFire
-CVE-2018-16231
+CVE-2018-16231 (Michael Roth Software Personal FTP Server (PFTP) through 8.4f allows r ...)
 	NOT-FOR-US: Michael Roth Software Personal FTP Server
 CVE-2018-16230
 	RESERVED
@@ -12283,15 +12283,15 @@ CVE-2018-16228
 	RESERVED
 CVE-2018-16227
 	RESERVED
-CVE-2018-16226
+CVE-2018-16226 (A vulnerability in the web admin component of Mitel MiVoice Office 400 ...)
 	NOT-FOR-US: Mitel
-CVE-2018-16225
+CVE-2018-16225 (The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network ...)
 	NOT-FOR-US: QBee MultiSensor Camera
-CVE-2018-16224
+CVE-2018-16224 (Incorrect access control for the diagnostic files of the iSmartAlarm C ...)
 	NOT-FOR-US: iSmartAlarm Cube One
-CVE-2018-16223
+CVE-2018-16223 (Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecam ...)
 	NOT-FOR-US: QBee Cam application for Android
-CVE-2018-16222
+CVE-2018-16222 (Cleartext Storage of credentials in the iSmartAlarmData.xml configurat ...)
 	NOT-FOR-US: iSmartAlarm application for Android
 CVE-2018-16221
 	RESERVED
@@ -12315,7 +12315,7 @@ CVE-2018-16212
 	RESERVED
 CVE-2018-16211
 	RESERVED
-CVE-2018-16210
+CVE-2018-16210 (WAGO 750-881 Ethernet Controller devices, versions 01.09.18(13) and be ...)
 	NOT-FOR-US: WAGO
 CVE-2018-16209
 	RESERVED
@@ -12323,119 +12323,119 @@ CVE-2018-16208
 	RESERVED
 CVE-2018-16207
 	RESERVED
-CVE-2018-16206
+CVE-2018-16206 (Cross-site scripting vulnerability in WordPress plugin spam-byebye 2.2 ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-16205
+CVE-2018-16205 (Cross-site scripting vulnerability in GROWI v3.2.3 and earlier allows  ...)
 	NOT-FOR-US: GROWI
-CVE-2018-16204
+CVE-2018-16204 (Cross-site scripting vulnerability in Google XML Sitemaps Version 4.0. ...)
 	NOT-FOR-US: WordPress plugin google-sitemap-generator
-CVE-2018-16203
+CVE-2018-16203 (PgpoolAdmin 4.0 and earlier allows remote attackers to bypass the logi ...)
 	NOT-FOR-US: postgresql-pgpoolAdmin
-CVE-2018-16202
+CVE-2018-16202 (Directory traversal vulnerability in cordova-plugin-ionic-webview vers ...)
 	NOT-FOR-US: cordova-plugin-ionic-webview
-CVE-2018-16201
+CVE-2018-16201 (Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway ...)
 	NOT-FOR-US: Toshiba
-CVE-2018-16200
+CVE-2018-16200 (Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway ...)
 	NOT-FOR-US: Toshiba
-CVE-2018-16199
+CVE-2018-16199 (Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1 ...)
 	NOT-FOR-US: Toshiba
-CVE-2018-16198
+CVE-2018-16198 (Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway ...)
 	NOT-FOR-US: Toshiba
-CVE-2018-16197
+CVE-2018-16197 (Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway ...)
 	NOT-FOR-US: Toshiba
-CVE-2018-16196
+CVE-2018-16196 (Multiple Yokogawa products that contain Vnet/IP Open Communication Dri ...)
 	NOT-FOR-US: Yokogawa
-CVE-2018-16195
+CVE-2018-16195 (Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 an ...)
 	NOT-FOR-US: Aterm firmware
-CVE-2018-16194
+CVE-2018-16194 (Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 an ...)
 	NOT-FOR-US: Aterm firmware
-CVE-2018-16193
+CVE-2018-16193 (Cross-site scripting vulnerability in Aterm WF1200CR and Aterm WG1200C ...)
 	NOT-FOR-US: Aterm firmware
-CVE-2018-16192
+CVE-2018-16192 (Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 an ...)
 	NOT-FOR-US: Aterm firmware
-CVE-2018-16191
+CVE-2018-16191 (Open redirect vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1,  ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2018-16190
+CVE-2018-16190 (Untrusted search path vulnerability in UNARJ32.DLL for Win32, LHMeltin ...)
 	NOT-FOR-US: Some Windows installer
-CVE-2018-16189
+CVE-2018-16189 (Untrusted search path vulnerability in Self-Extracting Archives create ...)
 	NOT-FOR-US: Some Windows installer
-CVE-2018-16188
+CVE-2018-16188 (SQL injection vulnerability in the RICOH Interactive Whiteboard D2200  ...)
 	NOT-FOR-US: RICOH
-CVE-2018-16187
+CVE-2018-16187 (The RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to V2. ...)
 	NOT-FOR-US: RICOH
-CVE-2018-16186
+CVE-2018-16186 (RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D ...)
 	NOT-FOR-US: RICOH
-CVE-2018-16185
+CVE-2018-16185 (RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D ...)
 	NOT-FOR-US: RICOH
-CVE-2018-16184
+CVE-2018-16184 (RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, D ...)
 	NOT-FOR-US: RICOH
-CVE-2018-16183
+CVE-2018-16183 (An unquoted search path vulnerability in some pre-installed applicatio ...)
 	NOT-FOR-US: Panasonic PC applications
-CVE-2018-16182
+CVE-2018-16182 (Untrusted search path vulnerability in the installer of MARKET SPEED V ...)
 	NOT-FOR-US: MARKET SPEED
-CVE-2018-16181
+CVE-2018-16181 (HTTP header injection vulnerability in i-FILTER Ver.9.50R05 and earlie ...)
 	NOT-FOR-US: i-FILTER
-CVE-2018-16180
+CVE-2018-16180 (Cross-site scripting vulnerability in i-FILTER Ver.9.50R05 and earlier ...)
 	NOT-FOR-US: i-FILTER
-CVE-2018-16179
+CVE-2018-16179 (The Mizuho Direct App for Android version 3.13.0 and earlier does not  ...)
 	NOT-FOR-US: Mizuho Direct App for Android
-CVE-2018-16178
+CVE-2018-16178 (Cybozu Garoon 3.0.0 to 4.10.0 allows remote attackers to bypass access ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-16177
+CVE-2018-16177 (Untrusted search path vulnerability in The installer of Windows10 Fall ...)
 	NOT-FOR-US: Random Windows installer
-CVE-2018-16176
+CVE-2018-16176 (Untrusted search path vulnerability in Installer of Mapping Tool 2.0.1 ...)
 	NOT-FOR-US: Random Windows installer
-CVE-2018-16175
+CVE-2018-16175 (SQL injection vulnerability in the LearnPress prior to version 3.1.0 a ...)
 	NOT-FOR-US: LearnPress
-CVE-2018-16174
+CVE-2018-16174 (Open redirect vulnerability in LearnPress prior to version 3.1.0 allow ...)
 	NOT-FOR-US: LearnPress
-CVE-2018-16173
+CVE-2018-16173 (Cross-site scripting vulnerability in LearnPress prior to version 3.1. ...)
 	NOT-FOR-US: LearnPress
-CVE-2018-16172
+CVE-2018-16172 (Improper countermeasure against clickjacking attack in client certific ...)
 	NOT-FOR-US: Cybozu Remote Service
-CVE-2018-16171
+CVE-2018-16171 (Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3. ...)
 	NOT-FOR-US: Cybozu Remote Service
-CVE-2018-16170
+CVE-2018-16170 (Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3. ...)
 	NOT-FOR-US: Cybozu Remote Service
-CVE-2018-16169
+CVE-2018-16169 (Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attac ...)
 	NOT-FOR-US: Cybozu Remote Service
-CVE-2018-16168
+CVE-2018-16168 (LogonTracer 1.2.0 and earlier allows remote attackers to conduct Pytho ...)
 	NOT-FOR-US: LogonTracer
-CVE-2018-16167
+CVE-2018-16167 (LogonTracer 1.2.0 and earlier allows remote attackers to execute arbit ...)
 	NOT-FOR-US: LogonTracer
-CVE-2018-16166
+CVE-2018-16166 (LogonTracer 1.2.0 and earlier allows remote attackers to conduct XML E ...)
 	NOT-FOR-US: LogonTracer
-CVE-2018-16165
+CVE-2018-16165 (Cross-site scripting vulnerability in LogonTracer 1.2.0 and earlier al ...)
 	NOT-FOR-US: LogonTracer
-CVE-2018-16164
+CVE-2018-16164 (Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 ...)
 	NOT-FOR-US: Event Calendar WD
-CVE-2018-16163
+CVE-2018-16163 (OpenDolphin 2.7.0 and earlier allows authenticated attackers to bypass ...)
 	NOT-FOR-US: OpenDolphin
-CVE-2018-16162
+CVE-2018-16162 (OpenDolphin 2.7.0 and earlier allows authenticated attackers to obtain ...)
 	NOT-FOR-US: OpenDolphin
-CVE-2018-16161
+CVE-2018-16161 (OpenDolphin 2.7.0 and earlier allows authenticated users to gain admin ...)
 	NOT-FOR-US: OpenDolphin
-CVE-2018-16160
+CVE-2018-16160 (SecureCore Standard Edition Version 2.x allows an attacker to bypass t ...)
 	NOT-FOR-US: SecureCore Standard Edition
-CVE-2018-16159
+CVE-2018-16159 (The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Inject ...)
 	NOT-FOR-US: Gift Vouchers plugin for WordPress
-CVE-2018-16048
+CVE-2018-16048 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	- gitlab <not-affected> (Only affects Enterprise edition)
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/49947
 	NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
-CVE-2018-16051
+CVE-2018-16051 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ee/issues/6012
 	NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
 CVE-2018-XXXX [gitlab: Missing CSRF in System Hooks]
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
-CVE-2018-16049
+CVE-2018-16049 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/46967
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/49272
 	NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
-CVE-2018-16050
+CVE-2018-16050 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
 	- gitlab 11.1.8+dfsg-2
 	[stretch] - gitlab <not-affected> (Only affects 11.1 and 11.2)
 	NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/49085
@@ -12444,9 +12444,9 @@ CVE-2018-XXXX [gitlab: Persistent XSS in Pipeline Tooltip]
 	- gitlab 11.1.8+dfsg-2
 	[stretch] - gitlab <not-affected> (Only affects 10.7 and later)
 	NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
-CVE-2018-16158
+CVE-2018-16158 (Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10  ...)
 	NOT-FOR-US: Eaton Power Xpert Meter
-CVE-2018-16157
+CVE-2018-16157 (waimai Super Cms 20150505 has a logic flaw allowing attackers to modif ...)
 	NOT-FOR-US: waimai Super Cms
 CVE-2018-16156
 	RESERVED
@@ -12456,35 +12456,35 @@ CVE-2018-16154
 	RESERVED
 CVE-2018-16153
 	RESERVED
-CVE-2018-16152
+CVE-2018-16152 (In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp pl ...)
 	{DSA-4305-1 DLA-1522-1}
 	- strongswan 5.7.0-1
 	NOTE: https://strongswan.org/blog/2018/09/24/strongswan-vulnerability-(cve-2018-16151,-cve-2018-16152).html
-CVE-2018-16151
+CVE-2018-16151 (In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp pl ...)
 	{DSA-4305-1 DLA-1522-1}
 	- strongswan 5.7.0-1
 	NOTE: https://strongswan.org/blog/2018/09/24/strongswan-vulnerability-(cve-2018-16151,-cve-2018-16152).html
-CVE-2018-16150
+CVE-2018-16150 (In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS# ...)
 	NOT-FOR-US: axTLS
-CVE-2018-16149
+CVE-2018-16149 (In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS# ...)
 	NOT-FOR-US: axTLS
-CVE-2018-16148
+CVE-2018-16148 (The diagnosticsb2ksy parameter of the /rest endpoint in Opsview Monito ...)
 	NOT-FOR-US: Opsview Monitor
-CVE-2018-16147
+CVE-2018-16147 (The data parameter of the /settings/api/router endpoint in Opsview Mon ...)
 	NOT-FOR-US: Opsview Monitor
-CVE-2018-16146
+CVE-2018-16146 (The web management console of Opsview Monitor 5.4.x before 5.4.2 provi ...)
 	NOT-FOR-US: Opsview Monitor
-CVE-2018-16145
+CVE-2018-16145 (The /etc/init.d/opsview-reporting-module script that runs at boot time ...)
 	NOT-FOR-US: Opsview Monitor
-CVE-2018-16144
+CVE-2018-16144 (The test connection functionality in the NetAudit section of Opsview M ...)
 	NOT-FOR-US: Opsview Monitor
 CVE-2018-16143
 	RESERVED
-CVE-2018-16142
+CVE-2018-16142 (PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/login ...)
 	NOT-FOR-US: PHPOK
-CVE-2018-16141
+CVE-2018-16141 (ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in do_ava ...)
 	NOT-FOR-US: ThinkCMF
-CVE-2018-16140
+CVE-2018-16140 (A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3. ...)
 	- fig2dev 1:3.2.7a-3 (unimportant; bug #907660)
 	- transfig <removed> (unimportant)
 	NOTE: https://sourceforge.net/p/mcj/tickets/28/
@@ -12500,15 +12500,15 @@ CVE-2018-16136
 	RESERVED
 CVE-2018-16135
 	RESERVED
-CVE-2018-16134
+CVE-2018-16134 (Cybrotech CyBroHttpServer 1.0.3 allows XSS via a URI. ...)
 	NOT-FOR-US: Cybrotech
-CVE-2018-16133
+CVE-2018-16133 (Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal via a ../ i ...)
 	NOT-FOR-US: Cybrotech
-CVE-2018-16132
+CVE-2018-16132 (The image rendering component (createGenericPreview) of the Open Whisp ...)
 	NOT-FOR-US: Signal app (specific on iOS)
-CVE-2018-16131
+CVE-2018-16131 (The decodeRequest and decodeRequestWith directives in Lightbend Akka H ...)
 	NOT-FOR-US: Lightbend Akka
-CVE-2018-16130
+CVE-2018-16130 (System command injection in request_mitv in Xiaomi Mi Router 3 version ...)
 	NOT-FOR-US: Xiaomi Mi Router
 CVE-2018-558213
 	REJECTED
@@ -12540,7 +12540,7 @@ CVE-2018-16117
 	RESERVED
 CVE-2018-16116
 	RESERVED
-CVE-2018-16115
+CVE-2018-16115 (Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modif ...)
 	NOT-FOR-US: Lightbend Akka
 CVE-2018-16114
 	RESERVED
@@ -12574,31 +12574,31 @@ CVE-2018-16100
 	REJECTED
 CVE-2018-16099
 	REJECTED
-CVE-2018-16098
+CVE-2018-16098 (In some Lenovo ThinkPads, an unquoted search path vulnerability was fo ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-16097
+CVE-2018-16097 (LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Ce ...)
 	NOT-FOR-US: LXCI (Lenovo XClarity Integrator)
-CVE-2018-16096
+CVE-2018-16096 (In System Management Module (SMM) versions prior to 1.06, the SMM web  ...)
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16095
+CVE-2018-16095 (In System Management Module (SMM) versions prior to 1.06, the SMM reco ...)
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16094
+CVE-2018-16094 (In System Management Module (SMM) versions prior to 1.06, an internal  ...)
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16093
+CVE-2018-16093 (In versions prior to 5.5, LXCI for VMware allows an authenticated user ...)
 	NOT-FOR-US: LXCI (Lenovo XClarity Integrator)
-CVE-2018-16092
+CVE-2018-16092 (In System Management Module (SMM) versions prior to 1.06, the FFDC fea ...)
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16091
+CVE-2018-16091 (In System Management Module (SMM) versions prior to 1.06, the SMM cert ...)
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16090
+CVE-2018-16090 (In System Management Module (SMM) versions prior to 1.06, the SMM cert ...)
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16089
+CVE-2018-16089 (In System Management Module (SMM) versions prior to 1.06, a field in t ...)
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-16088
+CVE-2018-16088 (A missing check for JS-simulated input events in Blink in Google Chrom ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16087
+CVE-2018-16087 (Lack of proper state tracking in Permissions in Google Chrome prior to ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -12607,35 +12607,35 @@ CVE-2018-16086
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16085
+CVE-2018-16085 (A use after free in ResourceCoordinator in Google Chrome prior to 69.0 ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16084
+CVE-2018-16084 (The default selected dialog button in CustomHandlers in Google Chrome  ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16083
+CVE-2018-16083 (An out of bounds read in forward error correction code in WebRTC in Go ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16082
+CVE-2018-16082 (An out of bounds read in Swiftshader in Google Chrome prior to 69.0.34 ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16081
+CVE-2018-16081 (Allowing the chrome.debugger API to run on file:// URLs in DevTools in ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16080
+CVE-2018-16080 (A missing check for popup window handling in Fullscreen in Google Chro ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16079
+CVE-2018-16079 (A race condition between permission prompts and navigations in Prompts ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16078
+CVE-2018-16078 (Unsafe handling of credit card details in Autofill in Google Chrome pr ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -12644,7 +12644,7 @@ CVE-2018-16077
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16076
+CVE-2018-16076 (Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81  ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -12663,9 +12663,9 @@ CVE-2018-16073
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16072
+CVE-2018-16072 (A missing origin check related to HLS manifests in Blink in Google Chr ...)
 	- chromium-browser <not-affected> (Android-specific)
-CVE-2018-16071
+CVE-2018-16071 (A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allo ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -12679,19 +12679,19 @@ CVE-2018-16069
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16068
+CVE-2018-16068 (Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allo ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16067
+CVE-2018-16067 (A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 al ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16066
+CVE-2018-16066 (A use after free in Blink in Google Chrome prior to 69.0.3497.81 allow ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-16065
+CVE-2018-16065 (A Javascript reentrancy issues that caused a use-after-free in V8 in G ...)
 	{DSA-4289-1}
 	- chromium-browser 69.0.3497.81-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -12699,7 +12699,7 @@ CVE-2018-16064
 	RESERVED
 CVE-2018-16063
 	RESERVED
-CVE-2018-16062
+CVE-2018-16062 (dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 201 ...)
 	{DLA-1689-1}
 	- elfutils 0.175-1 (bug #907562)
 	[stretch] - elfutils <no-dsa> (Minor issue)
@@ -12709,28 +12709,28 @@ CVE-2018-16061
 	RESERVED
 CVE-2018-16060
 	RESERVED
-CVE-2018-16059
+CVE-2018-16059 (Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Director ...)
 	NOT-FOR-US: Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices
-CVE-2018-16058
+CVE-2018-16058 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the  ...)
 	{DSA-4315-1 DLA-1634-1}
 	- wireshark 2.6.3-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14884
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c48d6a6d60c5c9111838a945966b6cb8750777be
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-44.html
-CVE-2018-16057
+CVE-2018-16057 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the  ...)
 	{DSA-4315-1 DLA-1634-1}
 	- wireshark 2.6.3-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15022
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ac83382dc49f9f7b62bffb3cfc508cdaa1e7be5
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-46.html
-CVE-2018-16056
+CVE-2018-16056 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the  ...)
 	{DSA-4315-1}
 	- wireshark 2.6.3-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14994
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f98fbce64cb230e94a2cafc410a3cedad657b485
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-45.html
-CVE-2018-16055
+CVE-2018-16055 (An authenticated command injection vulnerability exists in status_inte ...)
 	NOT-FOR-US: pfSense
 CVE-2018-16054
 	RESERVED
@@ -12738,265 +12738,265 @@ CVE-2018-16053
 	RESERVED
 CVE-2018-16052
 	RESERVED
-CVE-2018-16047
+CVE-2018-16047 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16046
+CVE-2018-16046 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16045
+CVE-2018-16045 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16044
+CVE-2018-16044 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16043
+CVE-2018-16043 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16042
+CVE-2018-16042 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16041
+CVE-2018-16041 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16040
+CVE-2018-16040 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16039
+CVE-2018-16039 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16038
+CVE-2018-16038 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16037
+CVE-2018-16037 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16036
+CVE-2018-16036 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16035
+CVE-2018-16035 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16034
+CVE-2018-16034 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16033
+CVE-2018-16033 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16032
+CVE-2018-16032 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16031
+CVE-2018-16031 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16030
+CVE-2018-16030 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16029
+CVE-2018-16029 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16028
+CVE-2018-16028 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16027
+CVE-2018-16027 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16026
+CVE-2018-16026 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16025
+CVE-2018-16025 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16024
+CVE-2018-16024 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16023
+CVE-2018-16023 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16022
+CVE-2018-16022 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16021
+CVE-2018-16021 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16020
+CVE-2018-16020 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16019
+CVE-2018-16019 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16018
+CVE-2018-16018 (Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16017
+CVE-2018-16017 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16016
+CVE-2018-16016 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16015
+CVE-2018-16015 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16014
+CVE-2018-16014 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16013
+CVE-2018-16013 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16012
+CVE-2018-16012 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16011
+CVE-2018-16011 (Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16010
+CVE-2018-16010 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16009
+CVE-2018-16009 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16008
+CVE-2018-16008 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16007
+CVE-2018-16007 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16006
+CVE-2018-16006 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16005
+CVE-2018-16005 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16004
+CVE-2018-16004 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16003
+CVE-2018-16003 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16002
+CVE-2018-16002 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16001
+CVE-2018-16001 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-16000
+CVE-2018-16000 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15999
+CVE-2018-15999 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15998
+CVE-2018-15998 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15997
+CVE-2018-15997 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15996
+CVE-2018-15996 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15995
+CVE-2018-15995 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15994
+CVE-2018-15994 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15993
+CVE-2018-15993 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15992
+CVE-2018-15992 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15991
+CVE-2018-15991 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15990
+CVE-2018-15990 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15989
+CVE-2018-15989 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15988
+CVE-2018-15988 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15987
+CVE-2018-15987 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15986
+CVE-2018-15986 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15985
+CVE-2018-15985 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15984
+CVE-2018-15984 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15983
+CVE-2018-15983 (Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earli ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15982
+CVE-2018-15982 (Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earli ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15981
+CVE-2018-15981 (Flash Player versions 31.0.0.148 and earlier have a type confusion vul ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15980
+CVE-2018-15980 (Adobe Photoshop CC versions 19.1.6 and earlier have an out-of-bounds r ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15979
+CVE-2018-15979 (Adobe Acrobat and Reader versions 2019.008.20080 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15978
+CVE-2018-15978 (Flash Player versions 31.0.0.122 and earlier have an out-of-bounds rea ...)
 	NOT-FOR-US: Adobe
 CVE-2018-15977
 	REJECTED
-CVE-2018-15976
+CVE-2018-15976 (Adobe Technical Communications Suite versions 1.0.5.1 and below have a ...)
 	NOT-FOR-US: Adobe
 CVE-2018-15975
 	REJECTED
-CVE-2018-15974
+CVE-2018-15974 (Adobe Framemaker versions 1.0.5.1 and below have an insecure library l ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15973
+CVE-2018-15973 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a s ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15972
+CVE-2018-15972 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a s ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15971
+CVE-2018-15971 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a r ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15970
+CVE-2018-15970 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a r ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15969
+CVE-2018-15969 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a s ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15968
+CVE-2018-15968 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15967
+CVE-2018-15967 (Adobe Flash Player versions 30.0.0.154 and earlier have a privilege es ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15966
+CVE-2018-15966 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15965
+CVE-2018-15965 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15964
+CVE-2018-15964 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15963
+CVE-2018-15963 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15962
+CVE-2018-15962 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15961
+CVE-2018-15961 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15960
+CVE-2018-15960 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15959
+CVE-2018-15959 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15958
+CVE-2018-15958 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15957
+CVE-2018-15957 (Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15956
+CVE-2018-15956 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15955
+CVE-2018-15955 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15954
+CVE-2018-15954 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15953
+CVE-2018-15953 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15952
+CVE-2018-15952 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15951
+CVE-2018-15951 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15950
+CVE-2018-15950 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15949
+CVE-2018-15949 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15948
+CVE-2018-15948 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15947
+CVE-2018-15947 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15946
+CVE-2018-15946 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15945
+CVE-2018-15945 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15944
+CVE-2018-15944 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15943
+CVE-2018-15943 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15942
+CVE-2018-15942 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15941
+CVE-2018-15941 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15940
+CVE-2018-15940 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15939
+CVE-2018-15939 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15938
+CVE-2018-15938 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15937
+CVE-2018-15937 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15936
+CVE-2018-15936 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15935
+CVE-2018-15935 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15934
+CVE-2018-15934 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15933
+CVE-2018-15933 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15932
+CVE-2018-15932 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15931
+CVE-2018-15931 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15930
+CVE-2018-15930 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15929
+CVE-2018-15929 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15928
+CVE-2018-15928 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15927
+CVE-2018-15927 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15926
+CVE-2018-15926 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15925
+CVE-2018-15925 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15924
+CVE-2018-15924 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15923
+CVE-2018-15923 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15922
+CVE-2018-15922 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
 CVE-2018-15921
 	REJECTED
-CVE-2018-15920
+CVE-2018-15920 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-15918
+CVE-2018-15918 (An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) a ...)
 	NOT-FOR-US: Jorani
-CVE-2018-15917
+CVE-2018-15917 (Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow rem ...)
 	NOT-FOR-US: Jorani
 CVE-2018-15916
 	RESERVED
@@ -13006,68 +13006,68 @@ CVE-2018-15914
 	RESERVED
 CVE-2018-15913
 	RESERVED
-CVE-2018-15912
+CVE-2018-15912 (An issue was discovered in manjaro-update-system.sh in manjaro-system  ...)
 	NOT-FOR-US: manjaro-update-system.sh in manjaro-system on Manjaro Linux
-CVE-2018-15919
+CVE-2018-15919 (Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 co ...)
 	- openssh <unfixed> (low; bug #907503)
 	[buster] - openssh <no-dsa> (Minor issue)
 	[stretch] - openssh <no-dsa> (Minor issue)
 	[jessie] - openssh <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/27/2
-CVE-2018-15911
+CVE-2018-15911 (In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to suppl ...)
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=8e9ce5016db968b40e4ec255a3005f2786cce45f
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699665
 	NOTE: https://www.kb.cert.org/vuls/id/332928
-CVE-2018-15910
+CVE-2018-15910 (In Artifex Ghostscript before 9.24, attackers able to supply crafted P ...)
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c3476dde7743761a4e1d39a631716199b696b880
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699656
 	NOTE: https://www.kb.cert.org/vuls/id/332928
-CVE-2018-15909
+CVE-2018-15909 (In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using  ...)
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0b6cd1918e1ec4ffd087400a754a845180a4522b
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=e01e77a36cbb2e0277bc3a63852244bec41be0f6
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699660
 	NOTE: https://www.kb.cert.org/vuls/id/332928
-CVE-2018-15908
+CVE-2018-15908 (In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to s ...)
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0d3901189f245232f0161addf215d7268c4d05a3
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699657
 	NOTE: https://www.kb.cert.org/vuls/id/332928
-CVE-2018-15907
+CVE-2018-15907 (** DISPUTED ** Technicolor (formerly RCA) TC8305C devices allow remote ...)
 	NOT-FOR-US: Technicolor (formerly RCA) TC8305C devices
-CVE-2018-15906
+CVE-2018-15906 (SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users  ...)
 	TODO: check
 CVE-2018-15905
 	RESERVED
-CVE-2018-15904
+CVE-2018-15904 (A10 ACOS Web Application Firewall (WAF) 2.7.1 and 2.7.2 before 2.7.2-P ...)
 	NOT-FOR-US: A10 ACOS Web Application Firewall
-CVE-2018-15903
+CVE-2018-15903 (The Discuss v1.2.1 module in Claromentis 8.2.2 is vulnerable to stored ...)
 	NOT-FOR-US: Claromentis
 CVE-2018-15902
 	RESERVED
-CVE-2018-15901
+CVE-2018-15901 (e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing d ...)
 	NOT-FOR-US: e107
 CVE-2018-15900
 	RESERVED
-CVE-2018-15899
+CVE-2018-15899 (An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS ...)
 	NOT-FOR-US: MiniCMS
-CVE-2018-15898
+CVE-2018-15898 (The Subsonic Music Streamer application 4.4 for Android has Improper C ...)
 	NOT-FOR-US: Subsonic Music Streamer application for Android
-CVE-2018-15897
+CVE-2018-15897 (PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers t ...)
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
-CVE-2018-15896
+CVE-2018-15896 (PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal Addr ...)
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
-CVE-2018-15895
+CVE-2018-15895 (An SSRF vulnerability was discovered in idreamsoft iCMS 7.0.11 because ...)
 	NOT-FOR-US: iCMS
-CVE-2018-15894
+CVE-2018-15894 (A SQL injection was discovered in /coreframe/app/admin/pay/admin/index ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-15893
+CVE-2018-15893 (A SQL injection was discovered in /coreframe/app/admin/copyfrom.php in ...)
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-15892
 	RESERVED
@@ -13075,57 +13075,57 @@ CVE-2018-15891
 	RESERVED
 CVE-2018-15890
 	RESERVED
-CVE-2018-15889
+CVE-2018-15889 (In podofo 0.9.6, the function PoDoFo::PdfParser::ReadObjects() in base ...)
 	- libpodofo <unfixed> (low; bug #916167)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1620065
 	NOTE: https://sourceforge.net/p/podofo/tickets/27/
 	NOTE: upstream thinks this could be a duplicate of CVE-2018-5783
-CVE-2018-15888
+CVE-2018-15888 (An issue was discovered in ASPCMS 2.5.6. When registering ordinary use ...)
 	NOT-FOR-US: ASPCMS
-CVE-2018-15887
+CVE-2018-15887 (Main_Analysis_Content.asp in ASUS DSL-N12E_C1 1.1.2.3_345 is prone to  ...)
 	NOT-FOR-US: ASUS DSL-N12E_C1
-CVE-2018-15886
+CVE-2018-15886 (Monstra CMS 3.0.4 does not properly restrict modified Snippet content, ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-15885
+CVE-2018-15885 (Ovation FindMe 1.4-1083-1 is intended to support transmission of netwo ...)
 	NOT-FOR-US: Ovation FindMe
-CVE-2018-15884
+CVE-2018-15884 (RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/ad ...)
 	NOT-FOR-US: RICOH MP C4504ex devices
 CVE-2018-15883
 	RESERVED
-CVE-2018-15882
+CVE-2018-15882 (An issue was discovered in Joomla! before 3.8.12. Inadequate checks in ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-15881
+CVE-2018-15881 (An issue was discovered in Joomla! before 3.8.12. Inadequate checks re ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-15880
+CVE-2018-15880 (An issue was discovered in Joomla! before 3.8.12. Inadequate output fi ...)
 	NOT-FOR-US: Joomla!
 CVE-2018-15879
 	RESERVED
 CVE-2018-15878
 	RESERVED
-CVE-2018-16543
+CVE-2018-16543 (In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolutio ...)
 	{DSA-4288-1 DLA-1527-1}
 	[experimental] - ghostscript 9.25~dfsg-1~exp1
 	- ghostscript 9.25~dfsg-1 (bug #908303)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5b5536fa88a9e885032bc0df3852c3439399a5c0
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699670
-CVE-2018-16542
+CVE-2018-16542 (In Artifex Ghostscript before 9.24, attackers able to supply crafted P ...)
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b575e1ec42cc86f6a58c603f2a88fcc2af699cc8
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699668
-CVE-2018-16541
+CVE-2018-16541 (In Artifex Ghostscript before 9.24, attackers able to supply crafted P ...)
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=241d91112771a6104de10b3948c3f350d6690c1d
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699664
-CVE-2018-16540
+CVE-2018-16540 (In Artifex Ghostscript before 9.24, attackers able to supply crafted P ...)
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c432131c3fdb2143e148e8ba88555f7f7a63b25e
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699661
-CVE-2018-16539
+CVE-2018-16539 (In Artifex Ghostscript before 9.24, attackers able to supply crafted P ...)
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=a054156d425b4dbdaaa9fda4b5f1182b27598c2b
@@ -13134,24 +13134,24 @@ CVE-2018-16539
 	NOTE: an additional (no-security) followup fix is needed as:
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=150c8f69646b854a99f35f27edaae012eb2e900f
 	NOTE: Cf. https://bugs.debian.org/908300
-CVE-2018-16513
+CVE-2018-16513 (In Artifex Ghostscript before 9.24, attackers able to supply crafted P ...)
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b326a71659b7837d3acde954b18bda1a6f5e9498
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699655
-CVE-2018-16511
+CVE-2018-16511 (An issue was discovered in Artifex Ghostscript before 9.24. A type con ...)
 	{DSA-4288-1 DLA-1504-1}
 	- ghostscript 9.22~dfsg-3 (bug #907332)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0edd3d6c634a577db261615a9dc2719bca7f6e01
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699659
-CVE-2018-16510
+CVE-2018-16510 (An issue was discovered in Artifex Ghostscript before 9.24. Incorrect  ...)
 	[experimental] - ghostscript 9.25~dfsg-1~exp1
 	- ghostscript 9.25~dfsg-1 (bug #908304)
 	[stretch] - ghostscript <not-affected> (Introduced in 9.22)
 	[jessie] - ghostscript <not-affected> (vulnerable code is not present)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ea735ba37dc0fd5f5622d031830b9a559dec1cc9
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699671
-CVE-2018-16509
+CVE-2018-16509 (An issue was discovered in Artifex Ghostscript before 9.24. Incorrect  ...)
 	{DSA-4294-1 DLA-1504-1}
 	[experimental] - ghostscript 9.25~dfsg-1~exp1
 	- ghostscript 9.25~dfsg-1 (bug #907332; bug #907703)
@@ -13161,32 +13161,32 @@ CVE-2018-16509
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=520bb0ea7519aa3e79db78aaf0589dae02103764
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699654
 	NOTE: Partially fixed in 9.22~dfsg-3, see #907703
-CVE-2018-16585
+CVE-2018-16585 (An issue was discovered in Artifex Ghostscript before 9.24. The .setdi ...)
 	{DSA-4288-1 DLA-1504-1}
 	[experimental] - ghostscript 9.25~dfsg-1~exp1
 	- ghostscript 9.25~dfsg-1 (bug #908305)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=1497d65039885a52b598b137dd8622bd4672f9be
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=971472c83a345a16dac9f90f91258bb22dd77f22
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699663
-CVE-2018-15877
+CVE-2018-15877 (The Plainview Activity Monitor plugin before 20180826 for WordPress is ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-15876
+CVE-2018-15876 (An issue was discovered in the ajax-bootmodal-login plugin 1.4.3 for W ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-15875
+CVE-2018-15875 (Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20. ...)
 	NOT-FOR-US: D-Link
-CVE-2018-15874
+CVE-2018-15874 (Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20. ...)
 	NOT-FOR-US: D-Link
-CVE-2018-15873
+CVE-2018-15873 (A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid  ...)
 	NOT-FOR-US: Sentrifugo
 CVE-2018-15872
 	RESERVED
-CVE-2018-15871
+CVE-2018-15871 (An invalid memory address dereference was discovered in decompileSingl ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/123
-CVE-2018-15870
+CVE-2018-15870 (An invalid memory address dereference was discovered in decompileGETVA ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/122
-CVE-2018-15869
+CVE-2018-15869 (An Amazon Web Services (AWS) developer who does not specify the --owne ...)
 	- packer 1.3.1+dfsg-1 (low; bug #907298)
 	[stretch] - packer <not-affected> (Vulnerable code added later)
 	NOTE: https://github.com/hashicorp/packer/issues/6584
@@ -13197,27 +13197,27 @@ CVE-2018-15867
 	RESERVED
 CVE-2018-15866
 	RESERVED
-CVE-2018-15865
+CVE-2018-15865 (The Pulse Secure Desktop (macOS) has a Privilege Escalation Vulnerabil ...)
 	NOT-FOR-US: Pulse Secure Desktop
-CVE-2018-15864
+CVE-2018-15864 (Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in  ...)
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html
-CVE-2018-15863
+CVE-2018-15863 (Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/co ...)
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html
-CVE-2018-15862
+CVE-2018-15862 (Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkb ...)
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/4e2ee9c3f6050d773f8bbe05bc0edb17f1ff8371
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html
-CVE-2018-15861
+CVE-2018-15861 (Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xk ...)
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
@@ -13225,95 +13225,95 @@ CVE-2018-15861
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html
 CVE-2018-15860
 	RESERVED
-CVE-2018-15859
+CVE-2018-15859 (Unchecked NULL pointer usage when parsing invalid atoms in ExprResolve ...)
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html
-CVE-2018-15858
+CVE-2018-15858 (Unchecked NULL pointer usage when handling invalid aliases in CopyKeyA ...)
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/badb428e63387140720f22486b3acbd3d738859f
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html
-CVE-2018-15857
+CVE-2018-15857 (An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in ...)
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/c1e5ac16e77a21f87bdf3bc4dea61b037a17dddb
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html
-CVE-2018-15856
+CVE-2018-15856 (An infinite loop when reaching EOL unexpectedly in compose/parser.c (a ...)
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html
-CVE-2018-15855
+CVE-2018-15855 (Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used b ...)
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/917636b1d0d70205a13f89062b95e3a0fc31d4ff
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html
-CVE-2018-15854
+CVE-2018-15854 (Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used b ...)
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/e3cacae7b1bfda0d839c280494f23284a1187adf
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html
-CVE-2018-15853
+CVE-2018-15853 (Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcomm ...)
 	- libxkbcommon 0.8.2-1 (low; bug #907302)
 	[stretch] - libxkbcommon <no-dsa> (Minor issue)
 	[jessie] - libxkbcommon <no-dsa> (Minor issue)
 	NOTE: https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a
 	NOTE: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html
-CVE-2018-15852
+CVE-2018-15852 (** DISPUTED ** Technicolor TC7200.20 devices allow remote attackers to ...)
 	NOT-FOR-US: Technicolor
-CVE-2018-15851
+CVE-2018-15851 (An issue was discovered in Flexo CMS v0.1.6. There is a CSRF vulnerabi ...)
 	NOT-FOR-US: Flexo CMS
-CVE-2018-15850
+CVE-2018-15850 (An issue was discovered in REDAXO CMS 4.7.2. There is a CSRF vulnerabi ...)
 	NOT-FOR-US: REDAXO CMS
-CVE-2018-15849
+CVE-2018-15849 (An issue was discovered in portfolioCMS 1.0.5. There is CSRF to update ...)
 	NOT-FOR-US: portfolioCMS
-CVE-2018-15848
+CVE-2018-15848 (An issue was discovered in portfolioCMS 1.0.5. There is CSRF to create ...)
 	NOT-FOR-US: portfolioCMS
-CVE-2018-15847
+CVE-2018-15847 (An issue was discovered in puppyCMS 5.1. There is an XSS vulnerability ...)
 	NOT-FOR-US: puppyCMS
-CVE-2018-15846
+CVE-2018-15846 (An issue was discovered in fledrCMS through 2014-02-03. There is a CSR ...)
 	NOT-FOR-US: fledrCMS
-CVE-2018-15845
+CVE-2018-15845 (There is a CSRF vulnerability that can add an administrator account in ...)
 	NOT-FOR-US: Gleez CMS
-CVE-2018-15844
+CVE-2018-15844 (An issue was discovered in DamiCMS 6.0.0. There is an CSRF vulnerabili ...)
 	NOT-FOR-US: DamiCMS
-CVE-2018-15843
+CVE-2018-15843 (GetSimple CMS 3.3.14 has XSS via the admin/edit.php "Add New Page" fie ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2018-15842
+CVE-2018-15842 (WolfCMS 0.8.3.1 has XSS via the /?/admin/page/add slug parameter. ...)
 	NOT-FOR-US: WolfCMS
 CVE-2018-15841
 	RESERVED
 CVE-2018-15840
 	RESERVED
-CVE-2018-15839
+CVE-2018-15839 (D-Link DIR-615 devices have a buffer overflow via a long Authorization ...)
 	NOT-FOR-US: D-Link DIR-615 devices
 CVE-2018-15838
 	RESERVED
 CVE-2018-15837
 	RESERVED
-CVE-2018-15836
+CVE-2018-15836 (In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan bef ...)
 	- openswan <removed>
 	NOTE: https://github.com/xelerance/Openswan/commit/0b460be9e287fd335c8ce58129c67bf06065ef51
 	NOTE: https://lists.openswan.org/pipermail/users/2018-August/023761.html
-CVE-2018-15835
+CVE-2018-15835 (Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID i ...)
 	NOT-FOR-US: Android
-CVE-2018-15834
+CVE-2018-15834 (In radare2 before 2.9.0, a heap overflow vulnerability exists in the r ...)
 	- radare2 2.9.0+dfsg-1
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code added later in 0.9.8)
 	NOTE: https://github.com/radare/radare2/issues/11274
 	NOTE: https://github.com/radare/radare2/pull/11300
-CVE-2018-15833
+CVE-2018-15833 (In Vanilla before 2.6.1, the polling functionality allows Insecure Dir ...)
 	NOT-FOR-US: Vanilla
-CVE-2018-15832
+CVE-2018-15832 (upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows re ...)
 	NOT-FOR-US: upc.exe in Ubisoft Uplay Desktop Client
 CVE-2018-15831
 	RESERVED
@@ -13333,7 +13333,7 @@ CVE-2018-15824
 	RESERVED
 CVE-2018-15823
 	RESERVED
-CVE-2018-15822
+CVE-2018-15822 (The flv_write_packet function in libavformat/flvenc.c in FFmpeg throug ...)
 	- ffmpeg 7:4.0.3-1 (low)
 	[stretch] - ffmpeg <postponed> (Minor issue, wait for next 3.2 release)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10
@@ -13343,7 +13343,7 @@ CVE-2018-15820
 	RESERVED
 CVE-2018-15819
 	RESERVED
-CVE-2018-15818
+CVE-2018-15818 (An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker ...)
 	TODO: check
 CVE-2018-15817
 	RESERVED
@@ -13359,38 +13359,38 @@ CVE-2018-15812
 	RESERVED
 CVE-2018-15811
 	RESERVED
-CVE-2018-15810
+CVE-2018-15810 (Visiology Flipbox Software Suite before 2.7.0 allows directory travers ...)
 	NOT-FOR-US: Visiology Flipbox Software Suite
-CVE-2018-15809
+CVE-2018-15809 (AccuPOS 2017.8 is installed with the insecure "Authenticated Users: Mo ...)
 	NOT-FOR-US: AccuPOS
-CVE-2018-15808
+CVE-2018-15808 (POSIM EVO 15.13 for Windows includes hardcoded database credentials fo ...)
 	NOT-FOR-US: POSIM EVO for Windows
-CVE-2018-15807
+CVE-2018-15807 (POSIM EVO 15.13 for Windows includes an "Emergency Override" administr ...)
 	NOT-FOR-US: POSIM EVO for Windows
 CVE-2018-15806
 	RESERVED
-CVE-2018-15805
+CVE-2018-15805 (Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML ex ...)
 	NOT-FOR-US: Accusoft PrizmDoc HTML5 Document Viewer
-CVE-2018-15804
+CVE-2018-15804 (An issue was discovered in the MapR File System in MapR Converged Data ...)
 	NOT-FOR-US: MapR File System
 CVE-2018-15803
 	REJECTED
 CVE-2018-15802
 	REJECTED
-CVE-2018-15801
+CVE-2018-15801 (Spring Security versions 5.1.x prior to 5.1.2 contain an authorization ...)
 	- libspring-security-2.0-java <removed>
 	[jessie] - libspring-security-2.0-java <no-dsa> (Minor issue)
-CVE-2018-15800
+CVE-2018-15800 (Cloud Foundry Bits Service, versions prior to 2.18.0, includes an info ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2018-15799
 	REJECTED
-CVE-2018-15798
+CVE-2018-15798 (Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow all ...)
 	NOT-FOR-US: Pivotal
-CVE-2018-15797
+CVE-2018-15797 (Cloud Foundry NFS volume release, 1.2.x prior to 1.2.5, 1.5.x prior to ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-15796
+CVE-2018-15796 (Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an  ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-15795
+CVE-2018-15795 (Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessa ...)
 	NOT-FOR-US: Pivotal
 CVE-2018-15794
 	REJECTED
@@ -13412,95 +13412,95 @@ CVE-2018-15786
 	REJECTED
 CVE-2018-15785
 	REJECTED
-CVE-2018-15784
+CVE-2018-15784 (Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerabilit ...)
 	NOT-FOR-US: Dell
 CVE-2018-15783
 	REJECTED
-CVE-2018-15782
+CVE-2018-15782 (The Quick Setup component of RSA Authentication Manager versions prior ...)
 	NOT-FOR-US: RSA
-CVE-2018-15781
+CVE-2018-15781 (The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.0 ...)
 	NOT-FOR-US: Dell
-CVE-2018-15780
+CVE-2018-15780 (RSA Archer versions prior to 6.5.0.1 contain an improper access contro ...)
 	NOT-FOR-US: RSA Archer
 CVE-2018-15779
 	REJECTED
-CVE-2018-15778
+CVE-2018-15778 (Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by ...)
 	NOT-FOR-US: Dell
 CVE-2018-15777
 	REJECTED
-CVE-2018-15776
+CVE-2018-15776 (Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 contain an imprope ...)
 	NOT-FOR-US: EMC iDRAC
 CVE-2018-15775
 	REJECTED
-CVE-2018-15774
+CVE-2018-15774 (Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 version ...)
 	NOT-FOR-US: EMC iDRAC
-CVE-2018-15773
+CVE-2018-15773 (Dell Encryption (formerly Dell Data Protection | Encryption) v10.1.0 a ...)
 	NOT-FOR-US: Dell
-CVE-2018-15772
+CVE-2018-15772 (Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for V ...)
 	NOT-FOR-US: EMC RecoverPoint
-CVE-2018-15771
+CVE-2018-15771 (Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for V ...)
 	NOT-FOR-US: EMC RecoverPoint
 CVE-2018-15770
 	REJECTED
-CVE-2018-15769
+CVE-2018-15769 (RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x serie ...)
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2018-15768
+CVE-2018-15768 (Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/w ...)
 	NOT-FOR-US: Dell OpenManage Network Manager
-CVE-2018-15767
+CVE-2018-15767 (The Dell OpenManage Network Manager virtual appliance versions prior t ...)
 	NOT-FOR-US: Dell OpenManage Network Manager
-CVE-2018-15766
+CVE-2018-15766 (On install, Dell Encryption versions prior 10.0.1 and Dell Endpoint Se ...)
 	NOT-FOR-US: Dell
-CVE-2018-15765
+CVE-2018-15765 (Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contain ...)
 	NOT-FOR-US: EMC Secure Remote Services
-CVE-2018-15764
+CVE-2018-15764 (Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote c ...)
 	NOT-FOR-US: EMC ESRS Policy Manager
-CVE-2018-15763
+CVE-2018-15763 (Pivotal Container Service, versions prior to 1.2.0, contains an inform ...)
 	NOT-FOR-US: Pivotal Container Service
-CVE-2018-15762
+CVE-2018-15762 (Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2 ...)
 	NOT-FOR-US: Pivotal
-CVE-2018-15761
+CVE-2018-15761 (Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions  ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2018-15760
 	REJECTED
-CVE-2018-15759
+CVE-2018-15759 (Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 c ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-15758
+CVE-2018-15758 (Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 prior to 2 ...)
 	NOT-FOR-US: Spring Security OAuth
 CVE-2018-15757
 	REJECTED
-CVE-2018-15756
+CVE-2018-15756 (Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, version ...)
 	- libspring-java 4.3.21-1 (bug #911786)
 	[stretch] - libspring-java <no-dsa> (Minor issue)
 	[jessie] - libspring-java <not-affected> (vulnerable code introduced in later version)
 	NOTE: https://pivotal.io/security/cve-2018-15756
-CVE-2018-15755
+CVE-2018-15755 (Cloud Foundry CF Networking Release, versions 2.11.0 prior to 2.16.0,  ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-15754
+CVE-2018-15754 (Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-15753
+CVE-2018-15753 (An issue was discovered in the MensaMax (aka com.breustedt.mensamax) a ...)
 	NOT-FOR-US: MensaMax application for Android
-CVE-2018-15752
+CVE-2018-15752 (An issue was discovered in the MensaMax (aka com.breustedt.mensamax) a ...)
 	NOT-FOR-US: MensaMax application for Android
-CVE-2018-15751
+CVE-2018-15751 (SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remo ...)
 	- salt 2018.3.3+dfsg1-1 (bug #913475)
 	[jessie] - salt <not-affected> (REST netapi code was first introduced with v2014.7)
 	NOTE: Fixed in 2016.11.10, 2017.7.8, 2018.3.3
 	NOTE: https://docs.saltstack.com/en/latest/topics/releases/2016.11.10.html#security-fix
 	NOTE: minimal patch: https://github.com/saltstack/salt/compare/v2016.11.9..v2016.11.10
-CVE-2018-15750
+CVE-2018-15750 (Directory Traversal vulnerability in salt-api in SaltStack Salt before ...)
 	- salt 2018.3.3+dfsg1-1 (bug #913476)
 	[stretch] - salt <no-dsa> (Minor issue)
 	[jessie] - salt <not-affected> (REST netapi code was first introduced with v2014.7)
 	NOTE: Fixed in 2016.11.10, 2017.7.8, 2018.3.3
 	NOTE: https://docs.saltstack.com/en/latest/topics/releases/2016.11.10.html#security-fix
 	NOTE: minimal patch: https://github.com/saltstack/salt/compare/v2016.11.9..v2016.11.10
-CVE-2018-15749
+CVE-2018-15749 (The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Fo ...)
 	NOT-FOR-US: Pulse Secure Desktop
-CVE-2018-15748
+CVE-2018-15748 (On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, Engi ...)
 	NOT-FOR-US: Dell 2335dn printers
 CVE-2018-15747
 	RESERVED
-CVE-2018-15746
+CVE-2018-15746 (qemu-seccomp.c in QEMU might allow local OS guest users to cause a den ...)
 	- qemu 1:3.1+dfsg-1 (low; bug #907500)
 	[stretch] - qemu <ignored> (Minor issue, too risky to backport, not enabled by default)
 	[jessie] - qemu <no-dsa> (Minor issue; Only enabled by default later, but supported)
@@ -13508,7 +13508,7 @@ CVE-2018-15746
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-08/msg02289.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-08/msg04892.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=70dfabeaa79ba4d7a3b699abe1a047c8012db114
-CVE-2018-15745
+CVE-2018-15745 (Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory ...)
 	NOT-FOR-US: Argus Surveillance DVR
 CVE-2018-15744
 	RESERVED
@@ -13518,7 +13518,7 @@ CVE-2018-15742
 	RESERVED
 CVE-2018-15741
 	RESERVED
-CVE-2018-15740
+CVE-2018-15740 (Zoho ManageEngine ADManager Plus 6.5.7 has XSS on the "Workflow Delega ...)
 	NOT-FOR-US: Zoho ManageEngine ADManager Plus
 CVE-2018-15739
 	RESERVED
@@ -13542,100 +13542,100 @@ CVE-2018-15730
 	RESERVED
 CVE-2018-15729
 	RESERVED
-CVE-2018-15728
+CVE-2018-15728 (An issue was discovered in Couchbase Server. Authenticated users can s ...)
 	NOT-FOR-US: Couchbase
-CVE-2018-15727
+CVE-2018-15727 (Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows aut ...)
 	- grafana <removed> (bug #907590)
 	NOTE: https://grafana.com/blog/2018/08/29/grafana-5.2.3-and-4.6.4-released-with-important-security-fix/
-CVE-2018-1999047
+CVE-2018-1999047 (A improper authorization vulnerability exists in Jenkins 2.137 and ear ...)
 	- jenkins <removed>
-CVE-2018-1999046
+CVE-2018-1999046 (A exposure of sensitive information vulnerability exists in Jenkins 2. ...)
 	- jenkins <removed>
-CVE-2018-1999045
+CVE-2018-1999045 (A improper authentication vulnerability exists in Jenkins 2.137 and ea ...)
 	- jenkins <removed>
-CVE-2018-1999044
+CVE-2018-1999044 (A denial of service vulnerability exists in Jenkins 2.137 and earlier, ...)
 	- jenkins <removed>
-CVE-2018-1999043
+CVE-2018-1999043 (A denial of service vulnerability exists in Jenkins 2.137 and earlier, ...)
 	- jenkins <removed>
-CVE-2018-1999042
+CVE-2018-1999042 (A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earli ...)
 	- jenkins <removed>
-CVE-2018-15726
+CVE-2018-15726 (The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Pr ...)
 	NOT-FOR-US: Pulse Secure Desktop
 CVE-2018-15725
 	RESERVED
 CVE-2018-15724
 	RESERVED
-CVE-2018-15723
+CVE-2018-15723 (The Logitech Harmony Hub before version 4.15.206 is vulnerable to appl ...)
 	NOT-FOR-US: Logitech Harmony Hub
-CVE-2018-15722
+CVE-2018-15722 (The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS c ...)
 	NOT-FOR-US: Logitech Harmony Hub
-CVE-2018-15721
+CVE-2018-15721 (The XMPP server in Logitech Harmony Hub before version 4.15.206 is vul ...)
 	NOT-FOR-US: Logitech Harmony Hub
-CVE-2018-15720
+CVE-2018-15720 (Logitech Harmony Hub before version 4.15.206 contained two hard-coded  ...)
 	NOT-FOR-US: Logitech Harmony Hub
-CVE-2018-15719
+CVE-2018-15719 (Open Dental before version 18.4 installs a mysql database and uses the ...)
 	NOT-FOR-US: Open Dental
-CVE-2018-15718
+CVE-2018-15718 (Open Dental before version 18.4 transmits the entire user database ove ...)
 	NOT-FOR-US: Open Dental
-CVE-2018-15717
+CVE-2018-15717 (Open Dental before version 18.4 stores user passwords as base64 encode ...)
 	NOT-FOR-US: Open Dental
-CVE-2018-15716
+CVE-2018-15716 (NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote comm ...)
 	NOT-FOR-US: NUUO NVRMini2
-CVE-2018-15715
+CVE-2018-15715 (Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (befor ...)
 	NOT-FOR-US: Zoom
-CVE-2018-15714
+CVE-2018-15714 (Nagios XI 5.5.6 allows reflected cross site scripting from remote unau ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-15713
+CVE-2018-15713 (Nagios XI 5.5.6 allows persistent cross site scripting from remote aut ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-15712
+CVE-2018-15712 (Nagios XI 5.5.6 allows reflected cross site scripting from remote unau ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-15711
+CVE-2018-15711 (Nagios XI 5.5.6 allows remote authenticated attackers to reset and reg ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-15710
+CVE-2018-15710 (Nagios XI 5.5.6 allows local authenticated attackers to escalate privi ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-15709
+CVE-2018-15709 (Nagios XI 5.5.6 allows remote authenticated attackers to execute arbit ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-15708
+CVE-2018-15708 (Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers  ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-15707
+CVE-2018-15707 (Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scrip ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-15706
+CVE-2018-15706 (WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote a ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-15705
+CVE-2018-15705 (WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote a ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-15704
+CVE-2018-15704 (Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer ov ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-15703
+CVE-2018-15703 (Advantech WebAccess 8.3.2 and below is vulnerable to multiple reflecte ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-15702
+CVE-2018-15702 (The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerab ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-15701
+CVE-2018-15701 (The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerab ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-15700
+CVE-2018-15700 (The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerab ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-15699
+CVE-2018-15699 (ASUSTOR Data Master 3.1.5 and below makes an HTTP request for a config ...)
 	NOT-FOR-US: ASUSTOR Data Master
-CVE-2018-15698
+CVE-2018-15698 (ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-ad ...)
 	NOT-FOR-US: ASUSTOR Data Master
-CVE-2018-15697
+CVE-2018-15697 (ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-ad ...)
 	NOT-FOR-US: ASUSTOR Data Master
-CVE-2018-15696
+CVE-2018-15696 (ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-ad ...)
 	NOT-FOR-US: ASUSTOR Data Master
-CVE-2018-15695
+CVE-2018-15695 (ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-ad ...)
 	NOT-FOR-US: ASUSTOR Data Master
-CVE-2018-15694
+CVE-2018-15694 (ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-ad ...)
 	NOT-FOR-US: ASUSTOR Data Master
-CVE-2018-15693
+CVE-2018-15693 (Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authen ...)
 	NOT-FOR-US: Inova Partner
-CVE-2018-15692
+CVE-2018-15692 (Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authen ...)
 	NOT-FOR-US: Inova Partner
-CVE-2018-15691
+CVE-2018-15691 (Insecure deserialization of a specially crafted serialized object, in  ...)
 	NOT-FOR-US: CA Release Automation
 CVE-2018-15690
 	REJECTED
 CVE-2018-15689
 	REJECTED
-CVE-2018-15688
+CVE-2018-15688 (A buffer overflow vulnerability in the dhcp6 client of systemd allows  ...)
 	{DLA-1580-1}
 	- network-manager 1.14.4-2
 	[stretch] - network-manager 1.6.2-3+deb9u2
@@ -13647,14 +13647,14 @@ CVE-2018-15688
 	NOTE: https://github.com/systemd/systemd/commit/49653743f69658aeeebdb14faf1ab158f1f2cb20
 	NOTE: systemd-networkd not enabled by default in Debian
 	NOTE: NetworkManager: https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=01ca2053bbea09f35b958c8cc7631e15469acb79
-CVE-2018-15687
+CVE-2018-15687 (A race condition in chown_one() of systemd allows an attacker to cause ...)
 	- systemd 239-11 (bug #912007)
 	[stretch] - systemd <not-affected> (Vulnerable code introduced later in v235)
 	[jessie] - systemd <not-affected> (Vulnerable code introduced later in v235)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1689
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796692
 	NOTE: https://github.com/systemd/systemd/pull/10517
-CVE-2018-15686
+CVE-2018-15686 (A vulnerability in unit_deserialize of systemd allows an attacker to s ...)
 	{DLA-1580-1}
 	- systemd 239-12 (bug #912005)
 	[stretch] - systemd <no-dsa> (Minor issue)
@@ -13662,25 +13662,25 @@ CVE-2018-15686
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796402
 	NOTE: https://github.com/systemd/systemd/pull/10519
 	NOTE: https://github.com/systemd/systemd/commit/9f1c81d80a435d15ca1bd536a6d043c18c81c047
-CVE-2018-15685
+CVE-2018-15685 (GitHub Electron 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6, in certain sce ...)
 	- electron <itp> (bug #842420)
-CVE-2018-15684
+CVE-2018-15684 (An issue was discovered in BTITeam XBTIT. PHP error logs are stored in ...)
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15683
+CVE-2018-15683 (An issue was discovered in BTITeam XBTIT. The "returnto" parameter of  ...)
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15682
+CVE-2018-15682 (An issue was discovered in BTITeam XBTIT. Due to a lack of cross-site  ...)
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15681
+CVE-2018-15681 (An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, t ...)
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15680
+CVE-2018-15680 (An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords s ...)
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15679
+CVE-2018-15679 (An issue was discovered in BTITeam XBTIT 2.5.4. The "keywords" paramet ...)
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15678
+CVE-2018-15678 (An issue was discovered in BTITeam XBTIT 2.5.4. The "act" parameter in ...)
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15677
+CVE-2018-15677 (The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has ...)
 	NOT-FOR-US: BTITeam XBTIT
-CVE-2018-15676
+CVE-2018-15676 (An issue was discovered in BTITeam XBTIT. By using String.replace and  ...)
 	NOT-FOR-US: BTITeam XBTIT
 CVE-2018-15675
 	RESERVED
@@ -13690,16 +13690,16 @@ CVE-2018-15673
 	RESERVED
 CVE-2018-15672
 	REJECTED
-CVE-2018-15671
+CVE-2018-15671 (An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stac ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5#stack-overflow---stackoverflow_h5p__get_cb
-CVE-2018-15670
+CVE-2018-15670 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primar ...)
 	NOT-FOR-US: Bloop Airmail
-CVE-2018-15669
+CVE-2018-15669 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primar ...)
 	NOT-FOR-US: Bloop Airmail
-CVE-2018-15668
+CVE-2018-15668 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. The "send" ...)
 	NOT-FOR-US: Bloop Airmail
-CVE-2018-15667
+CVE-2018-15667 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. It registe ...)
 	NOT-FOR-US: Bloop Airmail
 CVE-2018-15666
 	RESERVED
@@ -13711,19 +13711,19 @@ CVE-2018-15663
 	RESERVED
 CVE-2018-15662
 	RESERVED
-CVE-2018-15661
+CVE-2018-15661 (** DISPUTED ** An issue was discovered in the Ola Money (aka com.olaca ...)
 	NOT-FOR-US: Ola Money application for Android
-CVE-2018-15660
+CVE-2018-15660 (** DISPUTED ** An issue was discovered in the Ola Money (aka com.olaca ...)
 	NOT-FOR-US: Ola Money application for Android
-CVE-2018-15659
+CVE-2018-15659 (An issue was discovered in 42Gears SureMDM before 2018-11-27, related  ...)
 	NOT-FOR-US: 42Gears
-CVE-2018-15658
+CVE-2018-15658 (An issue was discovered in 42Gears SureMDM before 2018-11-27. By visit ...)
 	NOT-FOR-US: 42Gears
-CVE-2018-15657
+CVE-2018-15657 (An SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via  ...)
 	NOT-FOR-US: 42Gears
-CVE-2018-15656
+CVE-2018-15656 (An issue was discovered in the registration API endpoint in 42Gears Su ...)
 	NOT-FOR-US: 42Gears
-CVE-2018-15655
+CVE-2018-15655 (An issue was discovered in 42Gears SureMDM before 2018-11-27, related  ...)
 	NOT-FOR-US: 42Gears
 CVE-2018-15654
 	RESERVED
@@ -13799,34 +13799,34 @@ CVE-2018-15619
 	REJECTED
 CVE-2018-15618
 	REJECTED
-CVE-2018-15617
+CVE-2018-15617 (A vulnerability in the "capro" (Call Processor) process component of A ...)
 	NOT-FOR-US: Avaya
-CVE-2018-15616
+CVE-2018-15616 (A vulnerability in the Web UI component of Avaya Aura System Platform  ...)
 	NOT-FOR-US: Avaya Aura System Platform
-CVE-2018-15615
+CVE-2018-15615 (A vulnerability in the Supervisor component of Avaya Call Management S ...)
 	NOT-FOR-US: Avaya
-CVE-2018-15614
+CVE-2018-15614 (A vulnerability in the one-x Portal component of IP Office could allow ...)
 	NOT-FOR-US: IP Office
-CVE-2018-15613
+CVE-2018-15613 (A cross-site scripting (XSS) vulnerability in the Runtime Config compo ...)
 	NOT-FOR-US: Avaya
-CVE-2018-15612
+CVE-2018-15612 (A CSRF vulnerability in the Runtime Config component of Avaya Aura Orc ...)
 	NOT-FOR-US: Avaya
-CVE-2018-15611
+CVE-2018-15611 (A vulnerability in the local system administration component of Avaya  ...)
 	NOT-FOR-US: Avaya Aura Communication Manager
-CVE-2018-15610
+CVE-2018-15610 (A vulnerability in the one-X Portal component of Avaya IP Office allow ...)
 	NOT-FOR-US: Avaya
 CVE-2018-15609
 	RESERVED
-CVE-2018-15608
+CVE-2018-15608 (Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "A ...)
 	NOT-FOR-US: Zoho ManageEngine ADManager Plus
-CVE-2018-15607
+CVE-2018-15607 (In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x3 ...)
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1255
 	NOTE: This is mitigated by the default policies, if anyone modifies those they need
 	NOTE: be tuned to the deployment's memory buildout
-CVE-2018-15606
+CVE-2018-15606 (An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 ...)
 	NOT-FOR-US: SuiteCRM
-CVE-2018-15605
+CVE-2018-15605 (An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scrip ...)
 	- phpmyadmin <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-5/
 	NOTE: Introduced by: https://github.com/phpmyadmin/phpmyadmin/commit/9404287ac09415b627b6fa68c7d04a13f7ef41e2
@@ -13838,55 +13838,55 @@ CVE-2018-XXXX [security issue with the PASS command and duplicate server instanc
 	NOTE: partial fix: https://github.com/charybdis-ircd/charybdis/commit/d4b2529a61fb48ebcd54bc0fcc6f400f97bfe251
 CVE-2018-15604
 	RESERVED
-CVE-2018-15603
+CVE-2018-15603 (An issue was discovered in Victor CMS through 2018-05-10. There is XSS ...)
 	NOT-FOR-US: Victor CMS
-CVE-2018-15602
+CVE-2018-15602 (Zyxel VMG3312 B10B devices are affected by a persistent XSS vulnerabil ...)
 	NOT-FOR-US: Zyxel
-CVE-2018-15601
+CVE-2018-15601 (apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 perform ...)
 	NOT-FOR-US: Elefant CMS
 CVE-2018-15600
 	RESERVED
-CVE-2018-15599
+CVE-2018-15599 (The recv_msg_userauth_request function in svr-auth.c in Dropbear throu ...)
 	{DLA-1476-1}
 	- dropbear 2018.76-4 (bug #906890)
 	[stretch] - dropbear 2016.74-5+deb9u1
 	NOTE: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002108.html
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00
-CVE-2018-15598
+CVE-2018-15598 (Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the ...)
 	NOT-FOR-US: Traefik
 CVE-2018-15597
 	RESERVED
-CVE-2018-15596
+CVE-2018-15596 (An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17 ...)
 	NOT-FOR-US: MyBB
-CVE-2018-1000226
+CVE-2018-1000226 (Cobbler version Verified as present in Cobbler versions 2.6.11+, but c ...)
 	- cobbler <removed>
-CVE-2018-1000225
+CVE-2018-1000225 (Cobbler version Verified as present in Cobbler versions 2.6.11+, but c ...)
 	- cobbler <removed>
-CVE-2018-1000224
+CVE-2018-1000224 (Godot Engine version All versions prior to 2.1.5, all 3.0 versions pri ...)
 	NOT-FOR-US: Godot
-CVE-2018-1000222
+CVE-2018-1000222 (Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability ...)
 	{DLA-1651-1}
 	- libgd2 2.2.5-4.1 (low; bug #906886)
 	[stretch] - libgd2 2.2.4-2+deb9u3
 	NOTE: https://github.com/libgd/libgd/issues/447
 	NOTE: https://github.com/libgd/libgd/commit/ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5
-CVE-2018-1000221
+CVE-2018-1000221 (pkgconf version 1.5.0 to 1.5.2 contains a Buffer Overflow vulnerabilit ...)
 	- pkgconf <not-affected> (Vulnerable code introduced post 1.5.0)
 	NOTE: Fixed by: https://github.com/pkgconf/pkgconf/commit/9b7affe0b1e6512c6c73d19e1220c94fdb5c8159
 	NOTE: Introduced by: https://github.com/pkgconf/pkgconf/commit/b46bb93cd1fe221dc4d6ff5e3ce99feda4ea31f1
 CVE-2018-1000220
 	REJECTED
-CVE-2018-1000219
+CVE-2018-1000219 (OpenEMR version v5_0_1_4 contains a Cross Site Scripting (XSS) vulnera ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-1000218
+CVE-2018-1000218 (OpenEMR version v5_0_1_4 contains a Cross Site Scripting (XSS) vulnera ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-1000217
+CVE-2018-1000217 (Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use Af ...)
 	- cjson <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/DaveGamble/cJSON/issues/248
-CVE-2018-1000216
+CVE-2018-1000216 (Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double ...)
 	- cjson <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/DaveGamble/cJSON/issues/241
-CVE-2018-1000215
+CVE-2018-1000215 (Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnera ...)
 	- cjson 1.7.7-1
 	NOTE: https://github.com/DaveGamble/cJSON/issues/267
 CVE-2018-1000214
@@ -13897,19 +13897,19 @@ CVE-2018-1000212
 	REJECTED
 CVE-2018-15595
 	RESERVED
-CVE-2018-15593
+CVE-2018-15593 (An issue was discovered in Ivanti Workspace Control before 10.3.10.0 a ...)
 	NOT-FOR-US: Ivanti Workspace Control
-CVE-2018-15592
+CVE-2018-15592 (An issue was discovered in Ivanti Workspace Control before 10.3.10.0 a ...)
 	NOT-FOR-US: Ivanti Workspace Control
-CVE-2018-15591
+CVE-2018-15591 (An issue was discovered in Ivanti Workspace Control before 10.3.10.0 a ...)
 	NOT-FOR-US: Ivanti Workspace Control
-CVE-2018-15590
+CVE-2018-15590 (An issue was discovered in Ivanti Workspace Control before 10.3.0.0 an ...)
 	NOT-FOR-US: Ivanti Workspace Control
 CVE-2018-15589
 	RESERVED
-CVE-2018-15588
+CVE-2018-15588 (MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in  ...)
 	NOT-FOR-US: MailMate
-CVE-2018-15587
+CVE-2018-15587 (GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being sp ...)
 	- evolution <unfixed> (bug #924616)
 	- evolution-data-server <unfixed>
 	NOTE: https://gitlab.gnome.org/GNOME/evolution/issues/120
@@ -13921,73 +13921,73 @@ CVE-2018-15587
 	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/93306a296c64b48d12c356804f131048643eaa0a (evolution-data-server)
 	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/accb0e2415681565e4dac00cf1c4303c313ad29e (evolution-data-server)
 	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/5cd59aee67450e8750eb3cb2d357d0947f199f61 (evolution-data-server)
-CVE-2018-15586
+CVE-2018-15586 (Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed  ...)
 	- enigmail 2:2.0.6.1-2
 	[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)
 	NOTE: https://sourceforge.net/p/enigmail/bugs/849/
-CVE-2018-1000657
+CVE-2018-1000657 (Rust Programming Language Rust standard library version Commit bfa0e1f ...)
 	- rustc 1.22.1+dfsg1-1 (bug #906585)
 	NOTE: Introduced by: https://github.com/rust-lang/rust/commit/bfa0e1f58acf1c28d500c34ed258f09ae021893e (1.3.0)
 	NOTE: Fixed by: https://github.com/rust-lang/rust/commit/f71b37bc28326e272a37b938e835d4f99113eec2 (1.22.0)
 	NOTE: https://github.com/rust-lang/rust/issues/44800
-CVE-2018-1000656
+CVE-2018-1000656 (The Pallets Project flask version Before 0.12.3 contains a CWE-20: Imp ...)
 	- flask 1.0.2-1
 	[stretch] - flask <no-dsa> (Minor issue)
 	[jessie] - flask <no-dsa> (Minor issue)
 	NOTE: https://github.com/pallets/flask/pull/2691
-CVE-2018-1000655
+CVE-2018-1000655 (Jsish version 2.4.65 contains a CWE-476: NULL Pointer Dereference vuln ...)
 	NOT-FOR-US: Jsish
-CVE-2018-1000654
+CVE-2018-1000654 (GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 c ...)
 	- libtasn1-6 <unfixed> (unimportant; bug #906768)
 	- libtasn1-3 <removed>
 	NOTE: https://gitlab.com/gnutls/libtasn1/issues/4
 	NOTE: No security impact, does not affect libtasn, but only the asn1Parser from
 	NOTE: libtasn1-bin
-CVE-2018-1000653
+CVE-2018-1000653 (zzcms version 8.3 and earlier contains a SQL Injection vulnerability i ...)
 	NOT-FOR-US: zzcms
-CVE-2018-1000652
+CVE-2018-1000652 (JabRef version &lt;=4.3.1 contains a XML External Entity (XXE) vulnera ...)
 	- jabref 3.8.2+ds-12 (low; bug #921772)
 	[stretch] - jabref <no-dsa> (Minor issue)
 	[jessie] - jabref <no-dsa> (Minor issue)
 	NOTE: https://github.com/JabRef/jabref/issues/4229
 	NOTE: https://github.com/JabRef/jabref/commit/89f855d76713b4cd25ac0830c719cd61c511851e
-CVE-2018-1000651
+CVE-2018-1000651 (Stroom version &lt;5.4.5 contains a XML External Entity (XXE) vulnerab ...)
 	NOT-FOR-US: Stroom
-CVE-2018-1000650
+CVE-2018-1000650 (LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulner ...)
 	NOT-FOR-US: LibreHealthIO
-CVE-2018-1000649
+CVE-2018-1000649 (LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrest ...)
 	NOT-FOR-US: LibreHealthIO
-CVE-2018-1000648
+CVE-2018-1000648 (LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrest ...)
 	NOT-FOR-US: LibreHealthIO
-CVE-2018-1000647
+CVE-2018-1000647 (LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrest ...)
 	NOT-FOR-US: LibreHealthIO
-CVE-2018-1000646
+CVE-2018-1000646 (LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unres ...)
 	NOT-FOR-US: LibreHealthIO
-CVE-2018-1000645
+CVE-2018-1000645 (LibreHealthIO lh-ehr version &lt;REL-2.0.0 contains an Authenticated L ...)
 	NOT-FOR-US: LibreHealthIO
-CVE-2018-1000644
+CVE-2018-1000644 (Eclipse RDF4j version &lt; 2.4.0 Milestone 2 contains a XML External E ...)
 	NOT-FOR-US: Eclipse RDF4j
-CVE-2018-1000643
+CVE-2018-1000643 (OWASP OWASP ANTISAMY version 1.5.7 and earlier contains a Cross Site S ...)
 	NOT-FOR-US: OWASP OWASP ANTISAMY
-CVE-2018-1000642
+CVE-2018-1000642 (FlightAirMap version &lt;=v1.0-beta.21 contains a Cross Site Scripting ...)
 	NOT-FOR-US: FlightAirMap
-CVE-2018-1000641
+CVE-2018-1000641 (YesWiki version &lt;= cercopitheque beta 1 contains a PHP Object Injec ...)
 	NOT-FOR-US: YesWiki
-CVE-2018-1000640
+CVE-2018-1000640 (OpenCart-Overclocked version &lt;=1.11.1 contains a Cross Site Scripti ...)
 	NOT-FOR-US: OpenCart-Overclocked
-CVE-2018-1000639
+CVE-2018-1000639 (LatexDraw version &lt;=4.0 contains a XML External Entity (XXE) vulner ...)
 	NOT-FOR-US: LatexDraw
-CVE-2018-1000638
+CVE-2018-1000638 (MiniCMS version 1.1 contains a Cross Site Scripting (XSS) vulnerabilit ...)
 	NOT-FOR-US: MiniCMS
-CVE-2018-1000636
+CVE-2018-1000636 (JerryScript version Tested on commit f86d7459d195c8ba58479d1861b0cc726 ...)
 	NOT-FOR-US: JerryScript
-CVE-2018-1000635
+CVE-2018-1000635 (The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 co ...)
 	NOT-FOR-US: Open Microscopy Environment
-CVE-2018-1000634
+CVE-2018-1000634 (The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 co ...)
 	NOT-FOR-US: Open Microscopy Environment
-CVE-2018-1000633
+CVE-2018-1000633 (The Open Microscopy Environment OMERO.web version prior to 5.4.7 conta ...)
 	NOT-FOR-US: Open Microscopy Environment
-CVE-2018-1000632
+CVE-2018-1000632 (dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection  ...)
 	{DLA-1517-1}
 	- dom4j 2.1.1-1 (low)
 	[stretch] - dom4j 1.6.1+dfsg.3-2+deb9u1
@@ -14011,51 +14011,51 @@ CVE-2018-15578
 	RESERVED
 CVE-2018-15577
 	RESERVED
-CVE-2018-15576
+CVE-2018-15576 (An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php  ...)
 	NOT-FOR-US: EasyLogin Pro
 CVE-2018-15575
 	RESERVED
-CVE-2018-15574
+CVE-2018-15574 (** DISPUTED ** An issue was discovered in the license editor in Repris ...)
 	NOT-FOR-US: Reprise License Manager
-CVE-2018-15573
+CVE-2018-15573 (** DISPUTED ** An issue was discovered in Reprise License Manager (RLM ...)
 	NOT-FOR-US: Reprise License Manager
-CVE-2018-15594
+CVE-2018-15594 (arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandle ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.15-1
 	NOTE: https://twitter.com/grsecurity/status/1029324426142199808
 	NOTE: https://git.kernel.org/linus/5800dc5c19f34e6e03b5adab1282535cb102fafd
-CVE-2018-15572
+CVE-2018-15572 (The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs. ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.15-1
 	NOTE: https://git.kernel.org/linus/fdf82a7856b32d905c39afc85e34364491e46346
-CVE-2018-15571
+CVE-2018-15571 (The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV  ...)
 	NOT-FOR-US: Export Users to CSV plugin for WordPress
-CVE-2018-15570
+CVE-2018-15570 (In waimai Super Cms 20150505, there is stored XSS via the /admin.php/F ...)
 	NOT-FOR-US: waimai Super Cms
-CVE-2018-15569
+CVE-2018-15569 (my little forum 2.4.12 allows CSRF for deletion of users. ...)
 	NOT-FOR-US: my little forum
-CVE-2018-15568
+CVE-2018-15568 (tp5cms through 2017-05-25 has CSRF via admin.php/category/delete.html. ...)
 	NOT-FOR-US: tp5cms
-CVE-2018-15567
+CVE-2018-15567 (CMSUno before 1.5.3 has XSS via the title field. ...)
 	NOT-FOR-US: CMSUno
-CVE-2018-15566
+CVE-2018-15566 (tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html ...)
 	NOT-FOR-US: tp5cms
-CVE-2018-15565
+CVE-2018-15565 (An issue was discovered in daveismyname simple-cms through 2014-03-11. ...)
 	NOT-FOR-US: simple-cms
-CVE-2018-15564
+CVE-2018-15564 (An issue was discovered in daveismyname simple-cms through 2014-03-11. ...)
 	NOT-FOR-US: simple-cms
-CVE-2018-15563
+CVE-2018-15563 (_core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2018-15562
+CVE-2018-15562 (CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or oggettiR ...)
 	NOT-FOR-US: CMS ISWEB
 CVE-2018-15561
 	RESERVED
-CVE-2018-15560
+CVE-2018-15560 (PyCryptodome before 3.6.6 has an integer overflow in the data_len vari ...)
 	- pycryptodome <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Legrandin/pycryptodome/issues/198
 	NOTE: Introduced by: https://github.com/Legrandin/pycryptodome/commit/e1c7272f732abf3f2e2ea1326444ccbd339d17f2 (3.6.2)
 	NOTE: Fixed by: https://github.com/Legrandin/pycryptodome/commit/d1739c62b9b845f8a5b342de08d6bf6e2722d247 (3.6.6)
-CVE-2018-15559
+CVE-2018-15559 (The editor in Xiuno BBS 4.0.4 allows stored XSS. ...)
 	NOT-FOR-US: Xiuno BBS
 CVE-2018-15558
 	RESERVED
@@ -14067,9 +14067,9 @@ CVE-2018-15555
 	RESERVED
 CVE-2018-15554
 	RESERVED
-CVE-2018-15553
+CVE-2018-15553 (fileshare.cmd on Telus Actiontec T2200H T2200H-31.128L.03 devices allo ...)
 	NOT-FOR-US: Telus
-CVE-2018-15552
+CVE-2018-15552 (The "PayWinner" function of a simplelottery smart contract implementat ...)
 	NOT-FOR-US: simplelottery smart contract implementation for The Ethereum Lottery
 CVE-2018-15551
 	RESERVED
@@ -14081,44 +14081,44 @@ CVE-2018-15548
 	RESERVED
 CVE-2018-15547
 	RESERVED
-CVE-2018-15546
+CVE-2018-15546 (Accusoft PrizmDoc version 13.3 and earlier contains a Stored Cross-Sit ...)
 	NOT-FOR-US: Accusoft PrizmDoc
 CVE-2018-15545
 	RESERVED
 CVE-2018-15544
 	RESERVED
-CVE-2018-15543
+CVE-2018-15543 (** DISPUTED ** An issue was discovered in the org.telegram.messenger a ...)
 	NOT-FOR-US:  org.telegram.messenger for Android
-CVE-2018-15542
+CVE-2018-15542 (** DISPUTED ** An issue was discovered in the org.telegram.messenger a ...)
 	NOT-FOR-US:  org.telegram.messenger for Android
 CVE-2018-15541
 	RESERVED
-CVE-2018-15540
+CVE-2018-15540 (Agentejo Cockpit performs actions on files without appropriate validat ...)
 	NOT-FOR-US: Agentejo Cockpit
-CVE-2018-15539
+CVE-2018-15539 (Agentejo Cockpit lacks an anti-CSRF protection mechanism. Thus, an att ...)
 	NOT-FOR-US: Agentejo Cockpit
-CVE-2018-15538
+CVE-2018-15538 (Agentejo Cockpit has multiple Cross-Site Scripting vulnerabilities. ...)
 	NOT-FOR-US: Agentejo Cockpit
-CVE-2018-15537
+CVE-2018-15537 (Unrestricted file upload (with remote code execution) in OCS Inventory ...)
 	- ocsinventory-server <unfixed> (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-15536
+CVE-2018-15536 (/filemanager/ajax_calls.php in tecrail Responsive FileManager before 9 ...)
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-15535
+CVE-2018-15535 (/filemanager/ajax_calls.php in tecrail Responsive FileManager before 9 ...)
 	NOT-FOR-US: tecrail Responsive FileManager
-CVE-2018-15534
+CVE-2018-15534 (Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of unauth ...)
 	NOT-FOR-US: Geutebrueck
-CVE-2018-15533
+CVE-2018-15533 (A reflected cross-site scripting vulnerability exists in Geutebrueck r ...)
 	NOT-FOR-US: Geutebrueck
-CVE-2018-15532
+CVE-2018-15532 (SynTP.sys in Synaptics Touchpad drivers before 2018-06-06 allows local ...)
 	TODO: check
-CVE-2018-15531
+CVE-2018-15531 (JavaMelody before 1.74.0 has XXE via parseSoapMethodName in bull/javam ...)
 	NOT-FOR-US: JavaMelody
 CVE-2018-15530
 	RESERVED
-CVE-2018-15529
+CVE-2018-15529 (A command injection vulnerability in maintenance.cgi in Mutiny "Monito ...)
 	NOT-FOR-US: Mutiny appliance
-CVE-2018-15528
+CVE-2018-15528 (Reflected Cross-Site Scripting exists in the Java System Solutions SSO ...)
 	NOT-FOR-US: Java System Solutions SSO plugin
 CVE-2018-15527
 	RESERVED
@@ -14138,19 +14138,19 @@ CVE-2018-15520
 	RESERVED
 CVE-2018-15519
 	RESERVED
-CVE-2018-15518
+CVE-2018-15518 (QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption dur ...)
 	{DSA-4374-1 DLA-1627-1}
 	[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
 	- qtbase-opensource-src 5.11.3+dfsg-2
 	NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
 	NOTE: https://codereview.qt-project.org/#/c/236691/
-CVE-2018-15517
+CVE-2018-15517 (The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r00 ...)
 	NOT-FOR-US: D-Link
-CVE-2018-15516
+CVE-2018-15516 (The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devic ...)
 	NOT-FOR-US: D-Link
-CVE-2018-15515
+CVE-2018-15515 (The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03  ...)
 	NOT-FOR-US: D-Link
-CVE-2018-15514
+CVE-2018-15514 (HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 ( ...)
 	NOT-FOR-US: Docker for Windows
 CVE-2018-15513
 	RESERVED
@@ -14160,23 +14160,23 @@ CVE-2018-15511
 	RESERVED
 CVE-2018-15510
 	RESERVED
-CVE-2018-15509
+CVE-2018-15509 (Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 ...)
 	NOT-FOR-US: Five9 Agent Desktop Plus
-CVE-2018-15508
+CVE-2018-15508 (Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing ...)
 	NOT-FOR-US: Five9 Agent Desktop Plus
 CVE-2018-15507
 	RESERVED
 CVE-2018-15506
 	RESERVED
-CVE-2018-15505
+CVE-2018-15505 (An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb b ...)
 	NOT-FOR-US: Embedthis GoAhead
-CVE-2018-15504
+CVE-2018-15504 (An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb b ...)
 	NOT-FOR-US: Embedthis GoAhead
-CVE-2018-15503
+CVE-2018-15503 (The unpack implementation in Swoole version 4.0.4 lacks correct size c ...)
 	NOT-FOR-US: Swoole
-CVE-2018-15502
+CVE-2018-15502 (Insecure permissions in Lone Wolf Technologies loadingDOCS 2018-08-13  ...)
 	NOT-FOR-US: Lone Wolf Technologies loadingDOCS
-CVE-2018-15501
+CVE-2018-15501 (In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27. ...)
 	{DLA-1477-1}
 	- libgit2 0.27.4+dfsg.1-0.1 (low)
 	[stretch] - libgit2 <no-dsa> (Minor issue)
@@ -14184,27 +14184,27 @@ CVE-2018-15501
 	NOTE: https://github.com/libgit2/libgit2/commit/1f9a8510e1d2f20ed7334eeeddb92c4dd8e7c649
 CVE-2018-15500
 	RESERVED
-CVE-2018-15499
+CVE-2018-15499 (GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow lo ...)
 	NOT-FOR-US: GEAR Software
 CVE-2018-15498
 	RESERVED
-CVE-2018-15497
+CVE-2018-15497 (The Mitel MiVoice 5330e VoIP device is affected by memory corruption f ...)
 	NOT-FOR-US: Mitel
 CVE-2018-15496
 	RESERVED
-CVE-2018-15495
+CVE-2018-15495 (/filemanager/upload.php in Responsive FileManager before 9.13.3 allows ...)
 	NOT-FOR-US: Responsive FileManager
-CVE-2018-15494
+CVE-2018-15494 (In Dojo Toolkit before 1.14, there is unescaped string injection in do ...)
 	{DLA-1492-1}
 	- dojo 1.14.1+dfsg1-1 (bug #906540)
 	NOTE: https://github.com/dojo/dojox/pull/283
-CVE-2018-15493
+CVE-2018-15493 (vBulletin 5.4.3 has an Open Redirect. ...)
 	NOT-FOR-US: vBulletin
-CVE-2018-15492
+CVE-2018-15492 (A vulnerability in the lservnt.exe component of Sentinel License Manag ...)
 	NOT-FOR-US: Sentinel License Manager
-CVE-2018-15491
+CVE-2018-15491 (A vulnerability in the permission and encryption implementation of Zem ...)
 	NOT-FOR-US: Zemana Anti-Logger
-CVE-2018-15490
+CVE-2018-15490 (An issue was discovered in ExpressVPN on Windows. The Xvpnd.exe proces ...)
 	NOT-FOR-US: ExpressVPN
 CVE-2018-15489
 	RESERVED
@@ -14212,278 +14212,278 @@ CVE-2018-15488
 	RESERVED
 CVE-2018-15487
 	RESERVED
-CVE-2018-15486
+CVE-2018-15486 (An issue was discovered on KONE Group Controller (KGC) devices before  ...)
 	NOT-FOR-US: KONE Group Controller (KGC) devices
-CVE-2018-15485
+CVE-2018-15485 (An issue was discovered on KONE Group Controller (KGC) devices before  ...)
 	NOT-FOR-US: KONE Group Controller (KGC) devices
-CVE-2018-15484
+CVE-2018-15484 (An issue was discovered on KONE Group Controller (KGC) devices before  ...)
 	NOT-FOR-US: KONE Group Controller (KGC) devices
-CVE-2018-15483
+CVE-2018-15483 (An issue was discovered on KONE Group Controller (KGC) devices before  ...)
 	NOT-FOR-US: KONE Group Controller (KGC) devices
-CVE-2018-15482
+CVE-2018-15482 (Certain LG devices based on Android 6.0 through 8.1 have incorrect acc ...)
 	NOT-FOR-US: LG devices specific issue
-CVE-2018-15481
+CVE-2018-15481 (Improper input sanitization within the restricted administration shell ...)
 	NOT-FOR-US: UCOPIA
-CVE-2018-15480
+CVE-2018-15480 (An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Sw ...)
 	NOT-FOR-US: myStrom
-CVE-2018-15479
+CVE-2018-15479 (An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Sw ...)
 	NOT-FOR-US: myStrom
-CVE-2018-15478
+CVE-2018-15478 (An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Sw ...)
 	NOT-FOR-US: myStrom
-CVE-2018-15477
+CVE-2018-15477 (myStrom WiFi Switch V1 devices before 2.66 did not sanitize a paramete ...)
 	NOT-FOR-US: myStrom
-CVE-2018-15476
+CVE-2018-15476 (An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Sw ...)
 	NOT-FOR-US: myStrom
 CVE-2018-15475
 	RESERVED
-CVE-2018-15474
+CVE-2018-15474 (** DISPUTED ** CSV Injection (aka Excel Macro Injection or Formula Inj ...)
 	NOTE: Dokuwiki non-issue
 CVE-2018-15472 [Diff formatter DoS in Sidekiq jobs]
 	RESERVED
 	[experimental] - gitlab 11.1.8+dfsg-1
 	- gitlab 11.1.8+dfsg-2
 	NOTE: https://about.gitlab.com/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/
-CVE-2018-15467
+CVE-2018-15467 (A vulnerability in the web-based management interface of Cisco TelePre ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15466
+CVE-2018-15466 (A vulnerability in the Graphite web interface of the Policy and Chargi ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15465
+CVE-2018-15465 (A vulnerability in the authorization subsystem of Cisco Adaptive Secur ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15464
+CVE-2018-15464 (A vulnerability in Cisco 900 Series Aggregation Services Router (ASR)  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15463
+CVE-2018-15463 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15462
 	RESERVED
-CVE-2018-15461
+CVE-2018-15461 (A vulnerability in the MyWebex component of Cisco Webex Business Suite ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15460
+CVE-2018-15460 (A vulnerability in the email message filtering feature of Cisco AsyncO ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15459
+CVE-2018-15459 (A vulnerability in the administrative web interface of Cisco Identity  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15458
+CVE-2018-15458 (A vulnerability in the Shell Access Filter feature of Cisco Firepower  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15457
+CVE-2018-15457 (A vulnerability in the web-based management interface of Cisco Prime I ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15456
+CVE-2018-15456 (A vulnerability in the Admin Portal of Cisco Identity Services Engine  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15455
+CVE-2018-15455 (A vulnerability in the logging component of Cisco Identity Services En ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15454
+CVE-2018-15454 (A vulnerability in the Session Initiation Protocol (SIP) inspection en ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15453
+CVE-2018-15453 (A vulnerability in the Secure/Multipurpose Internet Mail Extensions (S ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15452
+CVE-2018-15452 (A vulnerability in the DLL loading component of Cisco Advanced Malware ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15451
+CVE-2018-15451 (A vulnerability in the web-based management interface of Cisco Prime S ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15450
+CVE-2018-15450 (A vulnerability in the web-based UI of Cisco Prime Collaboration Assur ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15449
+CVE-2018-15449 (A vulnerability in the web-based management interface of Cisco Video S ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15448
+CVE-2018-15448 (A vulnerability in the user management functions of Cisco Registered E ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15447
+CVE-2018-15447 (A vulnerability in the web framework code of Cisco Integrated Manageme ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15446
+CVE-2018-15446 (A vulnerability in Cisco Meeting Server could allow an unauthenticated ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15445
+CVE-2018-15445 (A vulnerability in the web-based management interface of Cisco Energy  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15444
+CVE-2018-15444 (A vulnerability in the web-based user interface of Cisco Energy Manage ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15443
+CVE-2018-15443 (A vulnerability in the detection engine of Cisco Firepower System Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15442
+CVE-2018-15442 (A vulnerability in the update service of Cisco Webex Meetings Desktop  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15441
+CVE-2018-15441 (A vulnerability in the web framework code of Cisco Prime License Manag ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15440
+CVE-2018-15440 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15439
+CVE-2018-15439 (A vulnerability in the Cisco Small Business Switches software could al ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15438
+CVE-2018-15438 (A vulnerability in the web-based management interface of Cisco Prime C ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15437
+CVE-2018-15437 (A vulnerability in the system scanning component of Cisco Immunet and  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15436
+CVE-2018-15436 (A vulnerability in the web-based management interface of Cisco Webex E ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15435
+CVE-2018-15435 (A vulnerability in the web-based management interface of Cisco SocialM ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15434
+CVE-2018-15434 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15433
+CVE-2018-15433 (A vulnerability in the server backup function of Cisco Prime Infrastru ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15432
+CVE-2018-15432 (A vulnerability in the server backup function of Cisco Prime Infrastru ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15431
+CVE-2018-15431 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15430
+CVE-2018-15430 (A vulnerability in the administrative web interface of Cisco Expresswa ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15429
+CVE-2018-15429 (A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platfor ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15428
+CVE-2018-15428 (A vulnerability in the implementation of Border Gateway Protocol (BGP) ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15427
+CVE-2018-15427 (A vulnerability in Cisco Video Surveillance Manager (VSM) Software run ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15426
+CVE-2018-15426 (A vulnerability in the web-based interface of Cisco Unity Connection c ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15425
+CVE-2018-15425 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15424
+CVE-2018-15424 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15423
+CVE-2018-15423 (A vulnerability in the web UI of Cisco HyperFlex Software could allow  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15422
+CVE-2018-15422 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15421
+CVE-2018-15421 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15420
+CVE-2018-15420 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15419
+CVE-2018-15419 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15418
+CVE-2018-15418 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15417
+CVE-2018-15417 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15416
+CVE-2018-15416 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15415
+CVE-2018-15415 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15414
+CVE-2018-15414 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15413
+CVE-2018-15413 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15412
+CVE-2018-15412 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15411
+CVE-2018-15411 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15410
+CVE-2018-15410 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15409
+CVE-2018-15409 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15408
+CVE-2018-15408 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15407
+CVE-2018-15407 (A vulnerability in the installation process of Cisco HyperFlex Softwar ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15406
+CVE-2018-15406 (A vulnerability in the web-based management interface of Cisco UCS Dir ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15405
+CVE-2018-15405 (A vulnerability in the web interface for specific feature sets of Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15404
+CVE-2018-15404 (A vulnerability in the web interface of Cisco Integrated Management Co ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15403
+CVE-2018-15403 (A vulnerability in the web interface of Cisco Emergency Responder, Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15402
+CVE-2018-15402 (A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15401
+CVE-2018-15401 (A vulnerability in the web-based management interface of Cisco Hosted  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15400
+CVE-2018-15400 (A vulnerability in the web-based management interface of Cisco Cloud S ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15399
+CVE-2018-15399 (A vulnerability in the TCP syslog module of Cisco Adaptive Security Ap ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15398
+CVE-2018-15398 (A vulnerability in the per-user-override feature of Cisco Adaptive Sec ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15397
+CVE-2018-15397 (A vulnerability in the implementation of Traffic Flow Confidentiality  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15396
+CVE-2018-15396 (A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15395
+CVE-2018-15395 (A vulnerability in the authentication and authorization checking mecha ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15394
+CVE-2018-15394 (A vulnerability in the Stealthwatch Management Console (SMC) of Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15393
+CVE-2018-15393 (A vulnerability in the web-based management interface of Cisco Content ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15392
+CVE-2018-15392 (A vulnerability in the DHCP service of Cisco Industrial Network Direct ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15391
+CVE-2018-15391 (A vulnerability in certain IPv4 fragment-processing functions of Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15390
+CVE-2018-15390 (A vulnerability in the FTP inspection engine of Cisco Firepower Threat ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15389
+CVE-2018-15389 (A vulnerability in the install function of Cisco Prime Collaboration P ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15388
 	RESERVED
-CVE-2018-15387
+CVE-2018-15387 (A vulnerability in the Cisco SD-WAN Solution could allow an unauthenti ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15386
+CVE-2018-15386 (A vulnerability in Cisco Digital Network Architecture (DNA) Center cou ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15385
 	RESERVED
 CVE-2018-15384
 	RESERVED
-CVE-2018-15383
+CVE-2018-15383 (A vulnerability in the cryptographic hardware accelerator driver of Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15382
+CVE-2018-15382 (A vulnerability in Cisco HyperFlex Software could allow an unauthentic ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15381
+CVE-2018-15381 (A Java deserialization vulnerability in Cisco Unity Express (CUE) coul ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15380
+CVE-2018-15380 (A vulnerability in the cluster service manager of Cisco HyperFlex Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15379
+CVE-2018-15379 (A vulnerability in which the HTTP web server for Cisco Prime Infrastru ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15378
+CVE-2018-15378 (A vulnerability in ClamAV versions prior to 0.100.2 could allow an att ...)
 	{DLA-1553-1}
 	- clamav 0.100.2+dfsg-1 (bug #910430)
 	[stretch] - clamav 0.100.2+dfsg-0+deb9u1
 	NOTE: https://blog.clamav.net/2018/10/clamav-01002-has-been-released.html
 	NOTE: http://lists.clamav.net/pipermail/clamav-announce/2018/000033.html
-CVE-2018-15377
+CVE-2018-15377 (A vulnerability in the Cisco Network Plug and Play agent, also referre ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15376
+CVE-2018-15376 (A vulnerability in the embedded test subsystem of Cisco IOS Software f ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15375
+CVE-2018-15375 (A vulnerability in the embedded test subsystem of Cisco IOS Software f ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15374
+CVE-2018-15374 (A vulnerability in the Image Verification feature of Cisco IOS XE Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15373
+CVE-2018-15373 (A vulnerability in the implementation of Cisco Discovery Protocol func ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15372
+CVE-2018-15372 (A vulnerability in the MACsec Key Agreement (MKA) using Extensible Aut ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15371
+CVE-2018-15371 (A vulnerability in the shell access request mechanism of Cisco IOS XE  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15370
+CVE-2018-15370 (A vulnerability in Cisco IOS ROM Monitor (ROMMON) Software for Cisco C ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15369
+CVE-2018-15369 (A vulnerability in the TACACS+ client subsystem of Cisco IOS Software  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15368
+CVE-2018-15368 (A vulnerability in the CLI parser of Cisco IOS XE Software could allow ...)
 	NOT-FOR-US: Cisco
-CVE-2018-15367
+CVE-2018-15367 (A ctl_set KERedirect Untrusted Pointer Dereference Privilege Escalatio ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-15366
+CVE-2018-15366 (A UrlfWTPPagePtr KERedirect Use-After-Free Privilege Escalation vulner ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-15365
+CVE-2018-15365 (A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro De ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-15364
+CVE-2018-15364 (A Named Pipe Request Processing Out-of-Bounds Read Information Disclos ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-15363
+CVE-2018-15363 (An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micr ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-15362
+CVE-2018-15362 (XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0 ...)
 	NOT-FOR-US: GE Proficy Cimplicity GDS
-CVE-2018-15361
+CVE-2018-15361 (UltraVNC revision 1198 has a buffer underflow vulnerability in VNC cli ...)
 	NOT-FOR-US: UltraVNC
-CVE-2018-15360
+CVE-2018-15360 (An attacker without authentication can login with default credentials  ...)
 	NOT-FOR-US: Eltex ESP-200 firmware
-CVE-2018-15359
+CVE-2018-15359 (An authenticated attacker with low privileges can use insecure sudo co ...)
 	NOT-FOR-US: Eltex ESP-200 firmware
-CVE-2018-15358
+CVE-2018-15358 (An authenticated attacker with low privileges can activate high privil ...)
 	NOT-FOR-US: Eltex ESP-200 firmware
-CVE-2018-15357
+CVE-2018-15357 (An authenticated attacker with low privileges can extract password has ...)
 	NOT-FOR-US: Eltex ESP-200 firmware
-CVE-2018-15356
+CVE-2018-15356 (An authenticated attacker can execute arbitrary code using command eje ...)
 	NOT-FOR-US: Eltex ESP-200 firmware
-CVE-2018-15355
+CVE-2018-15355 (Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraft ...)
 	NOT-FOR-US: Kraftway 24F2XG Router firmware
-CVE-2018-15354
+CVE-2018-15354 (A Buffer Overflow exploited through web interface by remote attacker c ...)
 	NOT-FOR-US: Kraftway 24F2XG Router firmware
-CVE-2018-15353
+CVE-2018-15353 (A Buffer Overflow exploited through web interface by remote attacker c ...)
 	NOT-FOR-US: Kraftway 24F2XG Router firmware
-CVE-2018-15352
+CVE-2018-15352 (An attacker with low privileges can cause denial of service in Kraftwa ...)
 	NOT-FOR-US: Kraftway 24F2XG Router firmware
-CVE-2018-15351
+CVE-2018-15351 (Denial of service via crafting malicious link and sending it to a priv ...)
 	NOT-FOR-US: Kraftway 24F2XG Router firmware
-CVE-2018-15350
+CVE-2018-15350 (Router Default Credentials in Kraftway 24F2XG Router firmware version  ...)
 	NOT-FOR-US: Kraftway 24F2XG Router firmware
-CVE-2018-15473
+CVE-2018-15473 (OpenSSH through 7.7 is prone to a user enumeration vulnerability due t ...)
 	{DSA-4280-1 DLA-1474-1}
 	- openssh 1:7.7p1-4 (bug #906236)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/15/5
@@ -14518,79 +14518,79 @@ CVE-2018-15337
 	REJECTED
 CVE-2018-15336
 	REJECTED
-CVE-2018-15335
+CVE-2018-15335 (When APM 13.0.0-13.1.x is deployed as an OAuth Resource Server, APM be ...)
 	NOT-FOR-US: F5
-CVE-2018-15334
+CVE-2018-15334 (A cross-site request forgery (CSRF) vulnerability in the APM webtop 11 ...)
 	NOT-FOR-US: F5
-CVE-2018-15333
+CVE-2018-15333 (On versions 11.2.1. and greater, unrestricted Snapshot File Access all ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15332
+CVE-2018-15332 (The svpn component of the F5 BIG-IP APM client prior to version 7.1.7. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15331
+CVE-2018-15331 (On BIG-IP AAM 13.0.0 or 12.1.0-12.1.3.7, the dcdb_convert utility used ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15330
+CVE-2018-15330 (On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15329
+CVE-2018-15329 (On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Ent ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15328
+CVE-2018-15328 (On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG- ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15327
+CVE-2018-15327 (In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15326
+CVE-2018-15326 (In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15325
+CVE-2018-15325 (In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15324
+CVE-2018-15324 (On BIG-IP APM 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, TMM may restart when ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15323
+CVE-2018-15323 (On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, in certain circumstances ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15322
+CVE-2018-15322 (On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15321
+CVE-2018-15321 (When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0- ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15320
+CVE-2018-15320 (On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, undisclosed traffic patt ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15319
+CVE-2018-15319 (On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malici ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15318
+CVE-2018-15318 (In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, If ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15317
+CVE-2018-15317 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15316
+CVE-2018-15316 (In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15315
+CVE-2018-15315 (On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a reflected ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15314
+CVE-2018-15314 (On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Refle ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15313
+CVE-2018-15313 (On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Refle ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15312
+CVE-2018-15312 (On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Si ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15311
+CVE-2018-15311 (When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 1 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-15310
+CVE-2018-15310 (A vulnerability in BIG-IP APM portal access 11.5.1-11.5.7, 11.6.0-11.6 ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2018-XXXX [libykneomgr memory corruption]
 	- libykneomgr <removed> (low; bug #906138)
 	[stretch] - libykneomgr <no-dsa> (Minor issue)
 	[jessie] - libykneomgr <no-dsa> (Minor issue)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-004-libykneomgr/
-CVE-2018-15470
+CVE-2018-15470 (An issue was discovered in Xen through 4.11.x. The logic in oxenstored ...)
 	{DSA-4274-1 DLA-1577-1}
 	- xen 4.11.1~pre.20180911.5acdd26fdc+dfsg-2 (unimportant)
 	NOTE: https://xenbits.xen.org/xsa/advisory-272.html
-CVE-2018-15471
+CVE-2018-15471 (An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen- ...)
 	{DSA-4313-1 DLA-1715-1}
 	- linux 4.18.10-2
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-270.html
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1607
-CVE-2018-15468
+CVE-2018-15468 (An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contai ...)
 	{DSA-4274-1}
 	- xen 4.11.1~pre.20180911.5acdd26fdc+dfsg-2
 	[jessie] - xen <not-affected> (Only affects 4.6 and later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-269.html
-CVE-2018-15469
+CVE-2018-15469 (An issue was discovered in Xen through 4.11.x. ARM never properly impl ...)
 	{DSA-4274-1 DLA-1577-1}
 	- xen 4.11.1~pre.20180911.5acdd26fdc+dfsg-2
 	NOTE: https://xenbits.xen.org/xsa/advisory-268.html
@@ -14794,7 +14794,7 @@ CVE-2018-15211
 	RESERVED
 CVE-2018-15210
 	RESERVED
-CVE-2018-15209
+CVE-2018-15209 (ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows ...)
 	{DSA-4349-1}
 	- tiff 4.0.9-5 (bug #905798)
 	[jessie] - tiff <not-affected> (Cannot reproduce with crash file)
@@ -14813,19 +14813,19 @@ CVE-2018-15205
 	RESERVED
 CVE-2018-15204
 	RESERVED
-CVE-2018-15203
+CVE-2018-15203 (An issue was discovered in Ignited CMS through 2017-02-19. ign/index.p ...)
 	NOT-FOR-US: Ignited CMS
-CVE-2018-15202
+CVE-2018-15202 (An issue was discovered in Juunan06 eCommerce through 2018-08-05. Ther ...)
 	NOT-FOR-US: Juunan06 eCommerce
 CVE-2018-15201
 	RESERVED
 CVE-2018-15200
 	RESERVED
-CVE-2018-15199
+CVE-2018-15199 (AuraCMS 2.3 allows XSS via a Bukutamu -&gt; AddGuestbook action. ...)
 	NOT-FOR-US: AuraCMS
-CVE-2018-15198
+CVE-2018-15198 (An issue was discovered in OneThink v1.1. There is a CSRF vulnerabilit ...)
 	NOT-FOR-US: OneThink
-CVE-2018-15197
+CVE-2018-15197 (An issue was discovered in OneThink v1.1. There is a CSRF vulnerabilit ...)
 	NOT-FOR-US: OneThink
 CVE-2018-15196
 	RESERVED
@@ -14833,59 +14833,59 @@ CVE-2018-15195
 	RESERVED
 CVE-2018-15194
 	RESERVED
-CVE-2018-15193
+CVE-2018-15193 (A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows ...)
 	NOT-FOR-US: Go Git Service
-CVE-2018-15192
+CVE-2018-15192 (An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs  ...)
 	- gitea <removed>
 	NOTE: https://github.com/go-gitea/gitea/issues/4624
-CVE-2018-15191
+CVE-2018-15191 (PHP Scripts Mall hotel-booking-script 2.0.4 allows remote attackers to ...)
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15190
+CVE-2018-15190 (PHP Scripts Mall hotel-booking-script 2.0.4 allows XSS via the First N ...)
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15189
+CVE-2018-15189 (PHP Scripts Mall advanced-real-estate-script has XSS via the Name fiel ...)
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15188
+CVE-2018-15188 (PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attac ...)
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15187
+CVE-2018-15187 (PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-p ...)
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15186
+CVE-2018-15186 (PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF ...)
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15185
+CVE-2018-15185 (PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows re ...)
 	NOT-FOR-US: PHP Scripts Mall
-CVE-2018-15184
+CVE-2018-15184 (PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 has Store ...)
 	NOT-FOR-US: PHP Scripts Mall Naukri / Shine / Jobsite Clone Script
-CVE-2018-15183
+CVE-2018-15183 (PHP Scripts Mall Myperfectresume / JobHero / Resume Clone Script 2.0.6 ...)
 	NOT-FOR-US: PHP Scripts Mall Myperfectresume / JobHero / Resume Clone Script
-CVE-2018-15182
+CVE-2018-15182 (PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and ...)
 	NOT-FOR-US: PHP Scripts Mall Car Rental Script
-CVE-2018-15181
+CVE-2018-15181 (JioFi 4G Hotspot M2S devices allow attackers to cause a denial of serv ...)
 	NOT-FOR-US: JioFi 4G Hotspot M2S devices
 CVE-2018-15180
 	RESERVED
 CVE-2018-15179
 	RESERVED
-CVE-2018-15178
+CVE-2018-15178 (Open redirect vulnerability in Gogs before 0.12 allows remote attacker ...)
 	NOT-FOR-US: Go Git Service
-CVE-2018-15177
+CVE-2018-15177 (In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can a ...)
 	NOT-FOR-US: Gxlcms
-CVE-2018-15176
+CVE-2018-15176 (XnView 2.45 allows remote attackers to cause a denial of service (User ...)
 	NOT-FOR-US: XnView
-CVE-2018-15175
+CVE-2018-15175 (XnView 2.45 allows remote attackers to cause a denial of service (User ...)
 	NOT-FOR-US: XnView
-CVE-2018-15174
+CVE-2018-15174 (XnView 2.45 allows remote attackers to cause a denial of service (Read ...)
 	NOT-FOR-US: XnView
-CVE-2018-15173
+CVE-2018-15173 (Nmap through 7.70, when the -sV option is used, allows remote attacker ...)
 	- nmap <unfixed> (unimportant)
 	NOTE: No security impact
-CVE-2018-15172
+CVE-2018-15172 (TP-Link WR840N devices have a buffer overflow via a long Authorization ...)
 	NOT-FOR-US: TP-Link WR840N devices
 CVE-2018-15171
 	RESERVED
 CVE-2018-15170
 	RESERVED
-CVE-2018-15169
+CVE-2018-15169 (A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEng ...)
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2018-15168
+CVE-2018-15168 (A SQL Injection vulnerability exists in the Zoho ManageEngine Applicat ...)
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
 CVE-2018-15167
 	RESERVED
@@ -14899,69 +14899,69 @@ CVE-2018-15163
 	RESERVED
 CVE-2018-15162
 	RESERVED
-CVE-2018-15161
+CVE-2018-15161 (** DISPUTED ** The libesedb_key_append_data function in libesedb_key.c ...)
 	- libesedb <undetermined>
 	NOTE: https://github.com/libyal/libesedb/issues/43
-CVE-2018-15160
+CVE-2018-15160 (** DISPUTED ** The libesedb_catalog_definition_read function in libese ...)
 	- libesedb <undetermined>
 	NOTE: https://github.com/libyal/libesedb/issues/43
-CVE-2018-15159
+CVE-2018-15159 (** DISPUTED ** The libesedb_page_read_tags function in libesedb_page.c ...)
 	- libesedb <undetermined>
 	NOTE: https://github.com/libyal/libesedb/issues/43
-CVE-2018-15158
+CVE-2018-15158 (** DISPUTED ** The libesedb_page_read_values function in libesedb_page ...)
 	- libesedb <undetermined>
 	NOTE: https://github.com/libyal/libesedb/issues/43
-CVE-2018-15157
+CVE-2018-15157 (** DISPUTED ** The libfsclfs_block_read function in libfsclfs_block.c  ...)
 	NOT-FOR-US: libfsclfs
-CVE-2018-15156
+CVE-2018-15156 (OS command injection occurring in versions of OpenEMR before 5.0.1.4 a ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15155
+CVE-2018-15155 (OS command injection occurring in versions of OpenEMR before 5.0.1.4 a ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15154
+CVE-2018-15154 (OS command injection occurring in versions of OpenEMR before 5.0.1.4 a ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15153
+CVE-2018-15153 (OS command injection occurring in versions of OpenEMR before 5.0.1.4 a ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15152
+CVE-2018-15152 (Authentication bypass vulnerability in portal/account/register.php in  ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15151
+CVE-2018-15151 (SQL injection vulnerability in interface/de_identification_forms/find_ ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15150
+CVE-2018-15150 (SQL injection vulnerability in interface/de_identification_forms/de_id ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15149
+CVE-2018-15149 (SQL injection vulnerability in interface/forms/eye_mag/php/Anything_si ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15148
+CVE-2018-15148 (SQL injection vulnerability in interface/patient_file/encounter/search ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15147
+CVE-2018-15147 (SQL injection vulnerability in interface/forms_admin/forms_admin.php f ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15146
+CVE-2018-15146 (SQL injection vulnerability in interface/de_identification_forms/find_ ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15145
+CVE-2018-15145 (Multiple SQL injection vulnerabilities in portal/add_edit_event_user.p ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15144
+CVE-2018-15144 (SQL injection vulnerability in interface/de_identification_forms/find_ ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15143
+CVE-2018-15143 (Multiple SQL injection vulnerabilities in portal/find_appt_popup_user. ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15142
+CVE-2018-15142 (Directory traversal in portal/import_template.php in versions of OpenE ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15141
+CVE-2018-15141 (Directory traversal in portal/import_template.php in versions of OpenE ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15140
+CVE-2018-15140 (Directory traversal in portal/import_template.php in versions of OpenE ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15139
+CVE-2018-15139 (Unrestricted file upload in interface/super/manage_site_files.php in v ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-15138
+CVE-2018-15138 (Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/down ...)
 	NOT-FOR-US: Ericsson-LG iPECS NMS 30M
-CVE-2018-15137
+CVE-2018-15137 (CeLa Link CLR-M20 devices allow unauthorized users to upload any file  ...)
 	NOT-FOR-US: CeLa Link CLR-M20 devices
-CVE-2018-15136
+CVE-2018-15136 (TitanHQ SpamTitan before 7.01 has Improper input validation. This allo ...)
 	NOT-FOR-US: TitanHQ
 CVE-2018-15135
 	RESERVED
 CVE-2018-15134
 	RESERVED
-CVE-2018-15133
+CVE-2018-15133 (In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote c ...)
 	NOT-FOR-US: Laravel
-CVE-2018-15132
+CVE-2018-15132 (An issue was discovered in ext/standard/link_win32.c in PHP before 5.6 ...)
 	- php7.2 <not-affected> (Windows-specific)
 	- php7.1 <not-affected> (Windows-specific)
 	- php7.0 <not-affected> (Windows-specific)
@@ -14971,23 +14971,23 @@ CVE-2018-15132
 	NOTE: https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4
 CVE-2018-15131
 	RESERVED
-CVE-2018-15130
+CVE-2018-15130 (ThinkSAAS through 2018-07-25 has XSS via the index.php?app=group&amp;a ...)
 	NOT-FOR-US: ThinkSAAS
-CVE-2018-15129
+CVE-2018-15129 (ThinkSAAS through 2018-07-25 has XSS via the index.php?app=article&amp ...)
 	NOT-FOR-US: ThinkSAAS
 CVE-2018-15128
 	RESERVED
-CVE-2018-20750
+CVE-2018-20750 (LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerabilit ...)
 	{DLA-1652-1}
 	- libvncserver 0.9.11+dfsg-1.3 (bug #920941)
 	[stretch] - libvncserver <not-affected> (Incomplete fix for CVE-2018-15127 not applied)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/09e8fc02f59f16e2583b34fe1a270c238bd9ffec
-CVE-2018-20749
+CVE-2018-20749 (LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability ...)
 	{DLA-1652-1}
 	- libvncserver 0.9.11+dfsg-1.3 (bug #920941)
 	[stretch] - libvncserver <not-affected> (Incomplete fix for CVE-2018-15127 not applied)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/15bb719c03cc70f14c36a843dcb16ed69b405707
-CVE-2018-15127
+CVE-2018-15127 (LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains ...)
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/243
@@ -14997,7 +14997,7 @@ CVE-2018-15127
 	NOTE: Additional commits:
 	NOTE: https://github.com/LibVNC/libvncserver/commit/15bb719c03cc70f14c36a843dcb16ed69b405707
 	NOTE: https://github.com/LibVNC/libvncserver/commit/09e8fc02f59f16e2583b34fe1a270c238bd9ffec
-CVE-2018-15126
+CVE-2018-15126 (LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains ...)
 	{DSA-4383-1 DLA-1652-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/242
@@ -15009,17 +15009,17 @@ CVE-2018-15126
 	NOTE: https://github.com/LibVNC/libvncserver/commit/2d939267a176bf4976dbad36399638956ad8cc34
 	NOTE: https://github.com/LibVNC/libvncserver/commit/495ffa3f3a213ab058eee1d7da48fa5ef71914d8
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-027-libvnc-heap-use-after-free/
-CVE-2018-15125
+CVE-2018-15125 (Sensitive Information Disclosure in Zipato Zipabox Smart Home Controll ...)
 	NOT-FOR-US: Zipato
-CVE-2018-15124
+CVE-2018-15124 (Weak hashing algorithm in Zipato Zipabox Smart Home Controller BOARD R ...)
 	NOT-FOR-US: Zipato
-CVE-2018-15123
+CVE-2018-15123 (Insecure configuration storage in Zipato Zipabox Smart Home Controller ...)
 	NOT-FOR-US: Zipato
-CVE-2018-15122
+CVE-2018-15122 (An issue found in Progress Telerik JustAssembly through 2018.1.323.2 a ...)
 	NOT-FOR-US: Telerik
-CVE-2018-15121
+CVE-2018-15121 (An issue was discovered in Auth0 auth0-aspnet and auth0-aspnet-owin. A ...)
 	NOT-FOR-US: Auth0 auth0-aspnet
-CVE-2018-15120
+CVE-2018-15120 (libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other  ...)
 	- pango1.0 1.42.4-1 (low)
 	[stretch] - pango1.0 <not-affected> (Vulnerable code not present)
 	[jessie] - pango1.0 <not-affected> (Vulnerable code not present)
@@ -15248,37 +15248,37 @@ CVE-2018-15009
 	RESERVED
 CVE-2018-15008
 	RESERVED
-CVE-2018-15007
+CVE-2018-15007 (The Sky Elite 6.0L+ Android device with a build fingerprint of SKY/x60 ...)
 	NOT-FOR-US: Sky Elite
-CVE-2018-15006
+CVE-2018-15006 (The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917 ...)
 	NOT-FOR-US: ZTE
-CVE-2018-15005
+CVE-2018-15005 (The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917 ...)
 	NOT-FOR-US: ZTE
-CVE-2018-15004
+CVE-2018-15004 (The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/ ...)
 	NOT-FOR-US: Coolpad
 CVE-2018-15003
 	RESERVED
-CVE-2018-15002
+CVE-2018-15002 (The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2 ...)
 	NOT-FOR-US: Vivo V7 device
-CVE-2018-15001
+CVE-2018-15001 (The Vivo V7 Android device with a build fingerprint of vivo/1718/1718: ...)
 	NOT-FOR-US: Vivo V7 device
 CVE-2018-15000
 	RESERVED
 CVE-2018-14999
 	RESERVED
-CVE-2018-14998
+CVE-2018-14998 (The Leagoo P1 Android device with a build fingerprint of sp7731c_1h10_ ...)
 	NOT-FOR-US: Leagoo P1 Android device
 CVE-2018-14997
 	RESERVED
 CVE-2018-14996
 	RESERVED
-CVE-2018-14995
+CVE-2018-14995 (The ZTE Blade Vantage Android device with a build fingerprint of ZTE/Z ...)
 	NOT-FOR-US: ZTE
 CVE-2018-14994
 	RESERVED
 CVE-2018-14993
 	RESERVED
-CVE-2018-14992
+CVE-2018-14992 (The ASUS ZenFone 3 Max Android device with a build fingerprint of asus ...)
 	NOT-FOR-US: ASUS ZenFone 3 Max Android device
 CVE-2018-14991
 	RESERVED
@@ -15286,116 +15286,116 @@ CVE-2018-14990
 	RESERVED
 CVE-2018-14989
 	RESERVED
-CVE-2018-14988
+CVE-2018-14988 (The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m2 ...)
 	NOT-FOR-US: MXQ TV Box
-CVE-2018-14987
+CVE-2018-14987 (The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m2 ...)
 	NOT-FOR-US: MXQ TV Box
-CVE-2018-14986
+CVE-2018-14986 (The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10 ...)
 	NOT-FOR-US: Leagoo Z5C Android device
-CVE-2018-14985
+CVE-2018-14985 (The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10 ...)
 	NOT-FOR-US: Leagoo Z5C Android device
-CVE-2018-14984
+CVE-2018-14984 (The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10 ...)
 	NOT-FOR-US: Leagoo Z5C Android device
 CVE-2018-14983
 	RESERVED
-CVE-2018-14982
+CVE-2018-14982 (Certain LG devices based on Android 6.0 through 8.1 have incorrect acc ...)
 	NOT-FOR-US: LG devices specific issue
-CVE-2018-14981
+CVE-2018-14981 (Certain LG devices based on Android 6.0 through 8.1 have incorrect acc ...)
 	NOT-FOR-US: LG devices specific issue
 CVE-2018-14980
 	RESERVED
-CVE-2018-14979
+CVE-2018-14979 (The ASUS ZenFone 3 Max Android device with a build fingerprint of asus ...)
 	NOT-FOR-US: ASUS ZenFone 3 Max Android device
-CVE-2018-14978
+CVE-2018-14978 (An issue was discovered in QCMS 3.0.1. CSRF exists via the backend/use ...)
 	NOT-FOR-US: QCMS
-CVE-2018-14977
+CVE-2018-14977 (An issue was discovered in QCMS 3.0.1. upload/System/Controller/guest. ...)
 	NOT-FOR-US: QCMS
-CVE-2018-14976
+CVE-2018-14976 (An issue was discovered in QCMS 3.0.1. upload/System/Controller/backen ...)
 	NOT-FOR-US: QCMS
-CVE-2018-14975
+CVE-2018-14975 (An issue was discovered in QCMS 3.0.1. upload/System/Controller/backen ...)
 	NOT-FOR-US: QCMSQCMS
-CVE-2018-14974
+CVE-2018-14974 (An issue was discovered in QCMS 3.0.1. upload/System/Controller/backen ...)
 	NOT-FOR-US: QCMS
-CVE-2018-14973
+CVE-2018-14973 (An issue was discovered in QCMS 3.0.1. upload/System/Controller/backen ...)
 	NOT-FOR-US: QCMS
-CVE-2018-14972
+CVE-2018-14972 (An issue was discovered in QCMS 3.0.1. upload/System/Controller/backen ...)
 	NOT-FOR-US: QCMS
-CVE-2018-14971
+CVE-2018-14971 (An issue was discovered in QCMS 3.0.1. upload/System/Controller/backen ...)
 	NOT-FOR-US: QCMS
-CVE-2018-14970
+CVE-2018-14970 (An issue was discovered in QCMS 3.0.1. upload/System/Controller/backen ...)
 	NOT-FOR-US: QCMS
-CVE-2018-14969
+CVE-2018-14969 (An issue was discovered in QCMS 3.0.1. upload/System/Controller/backen ...)
 	NOT-FOR-US: QCMS
-CVE-2018-14968
+CVE-2018-14968 (An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.add ...)
 	NOT-FOR-US: EMLsoft
-CVE-2018-14967
+CVE-2018-14967 (An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.use ...)
 	NOT-FOR-US: EMLsoft
-CVE-2018-14966
+CVE-2018-14966 (An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=u ...)
 	NOT-FOR-US: EMLsoft
-CVE-2018-14965
+CVE-2018-14965 (An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=a ...)
 	NOT-FOR-US: EMLsoft
-CVE-2018-14964
+CVE-2018-14964 (An issue was discovered in EMLsoft 5.4.5. XSS exists via the eml/uploa ...)
 	NOT-FOR-US: EMLsoft
-CVE-2018-14963
+CVE-2018-14963 (zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI. ...)
 	NOT-FOR-US: zzcms
-CVE-2018-14962
+CVE-2018-14962 (zzcms 8.3 has stored XSS related to the content variable in user/manag ...)
 	NOT-FOR-US: zzcms
-CVE-2018-14961
+CVE-2018-14961 (dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql paramete ...)
 	NOT-FOR-US: zzcms
-CVE-2018-14960
+CVE-2018-14960 (Xiao5uCompany 1.7 has CSRF via admin/Admin.asp. ...)
 	NOT-FOR-US: Xiao5uCompany
-CVE-2018-14959
+CVE-2018-14959 (An issue was discovered in WeaselCMS v0.3.5. CSRF can create new pages ...)
 	NOT-FOR-US: WeaselCMS
-CVE-2018-14958
+CVE-2018-14958 (An issue was discovered in WeaselCMS v0.3.5. CSRF can update the websi ...)
 	NOT-FOR-US: WeaselCMS
-CVE-2018-14957
+CVE-2018-14957 (CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file do ...)
 	NOT-FOR-US: CMS ISWEB
-CVE-2018-14956
+CVE-2018-14956 (CMS ISWEB 3.5.3 is vulnerable to multiple SQL injection flaws. An atta ...)
 	NOT-FOR-US: CMS ISWEB
 CVE-2018-14949
 	RESERVED
-CVE-2018-14948
+CVE-2018-14948 (An issue has been found in dilawar sound through 2017-11-27. The end o ...)
 	NOT-FOR-US: dilawar
-CVE-2018-14947
+CVE-2018-14947 (An issue has been found in PDF2JSON 0.69. XmlFontAccu::CSStyle in XmlF ...)
 	NOT-FOR-US: PDF2JSON
-CVE-2018-14946
+CVE-2018-14946 (An issue has been found in PDF2JSON 0.69. The HtmlString class in ImgO ...)
 	NOT-FOR-US: PDF2JSON
-CVE-2018-14945
+CVE-2018-14945 (An issue has been found in jpeg_encoder through 2015-11-27. It is a he ...)
 	NOT-FOR-US: jpeg_encoder
-CVE-2018-14944
+CVE-2018-14944 (An issue has been found in jpeg_encoder through 2015-11-27. It is a SE ...)
 	NOT-FOR-US: jpeg_encoder
-CVE-2018-14943
+CVE-2018-14943 (Harmonic NSG 9000 devices have a default password of nsgadmin for the  ...)
 	NOT-FOR-US: Harmonic NSG 9000 devices
-CVE-2018-14942
+CVE-2018-14942 (Harmonic NSG 9000 devices allow remote authenticated users to conduct  ...)
 	NOT-FOR-US: Harmonic NSG 9000 devices
-CVE-2018-14941
+CVE-2018-14941 (Harmonic NSG 9000 devices allow remote authenticated users to read the ...)
 	NOT-FOR-US: Harmonic NSG 9000 devices
-CVE-2018-14940
+CVE-2018-14940 (PHPCMS 9 allows remote attackers to cause a denial of service (resourc ...)
 	NOT-FOR-US: PHPCMS
-CVE-2018-14939
+CVE-2018-14939 (The get_app_path function in desktop/unx/source/start.c in LibreOffice ...)
 	- libreoffice <not-affected> (Doesn't affect LibreOffice running on glibc)
-CVE-2018-1000637
+CVE-2018-1000637 (zutils version prior to version 1.8-pre2 contains a Buffer Overflow vu ...)
 	{DLA-1505-1}
 	- zutils 1.7-3 (bug #902936; bug #904819)
 	[stretch] - zutils 1.5-5+deb9u1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/05/1
 	NOTE: https://lists.nongnu.org/archive/html/zutils-bug/2018-08/msg00000.html
 	NOTE: Fixed by: upstream/0001-zcat-buffer-overrun.patch (in 1.7-3)
-CVE-2018-14938
+CVE-2018-14938 (An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1. ...)
 	- tcpflow 1.5.0+repack1-1 (bug #905483)
 	[stretch] - tcpflow <no-dsa> (Minor issue)
 	[jessie] - tcpflow <no-dsa> (Minor issue)
 	NOTE: https://github.com/simsong/tcpflow/commit/a4e1cd14eb5ccc51ed271b65b3420f7d692c40eb
 	NOTE: https://github.com/simsong/tcpflow/issues/182
-CVE-2018-14937
+CVE-2018-14937 (The Add page option in my little forum 2.4.12 allows XSS via the Menu  ...)
 	NOT-FOR-US: My Little Forum
-CVE-2018-14936
+CVE-2018-14936 (The Add page option in my little forum 2.4.12 allows XSS via the Title ...)
 	NOT-FOR-US: My Little Forum
-CVE-2018-14935
+CVE-2018-14935 (The Web administration console on Polycom Trio devices with software b ...)
 	NOT-FOR-US: Polycom Trio
-CVE-2018-14934
+CVE-2018-14934 (The Bluetooth subsystem on Polycom Trio devices with software before 5 ...)
 	NOT-FOR-US: Polycom Trio
-CVE-2018-14933
+CVE-2018-14933 (upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execu ...)
 	NOT-FOR-US: NUUO NVRmini devices
 CVE-2018-14932
 	RESERVED
@@ -15403,21 +15403,21 @@ CVE-2018-14931
 	RESERVED
 CVE-2018-14930
 	RESERVED
-CVE-2018-14929
+CVE-2018-14929 (Matera Banco 1.0.0 is vulnerable to multiple reflected XSS, as demonst ...)
 	NOT-FOR-US: Metara
-CVE-2018-14928
+CVE-2018-14928 (/contingency/servlet/ServletFileDownload executes as root and provides ...)
 	NOT-FOR-US: Metara
-CVE-2018-14927
+CVE-2018-14927 (Matera Banco 1.0.0 is vulnerable to path traversal (allowing access to ...)
 	NOT-FOR-US: Metara
-CVE-2018-14926
+CVE-2018-14926 (Matera Banco 1.0.0 allows CSRF, as demonstrated by a /contingency/web/ ...)
 	NOT-FOR-US: Metara
-CVE-2018-14925
+CVE-2018-14925 (Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstra ...)
 	NOT-FOR-US: Metara
-CVE-2018-14924
+CVE-2018-14924 (Matera Banco 1.0.0 is vulnerable to multiple stored XSS, as demonstrat ...)
 	NOT-FOR-US: Metara
-CVE-2018-14923
+CVE-2018-14923 (A vulnerability in uniview EZPlayer 1.0.6 could allow an attacker to e ...)
 	NOT-FOR-US: EZPlayer
-CVE-2018-14922
+CVE-2018-14922 (Multiple cross-site scripting (XSS) vulnerabilities in Monstra CMS 3.0 ...)
 	NOT-FOR-US: Monstra CMS
 CVE-2018-14921
 	RESERVED
@@ -15433,7 +15433,7 @@ CVE-2018-14916
 	RESERVED
 CVE-2018-14915
 	REJECTED
-CVE-2018-1000223
+CVE-2018-1000223 (soundtouch version up to and including 2.0.0 contains a Buffer Overflo ...)
 	- soundtouch 2.1.2+ds1-1 (bug #905491)
 	[stretch] - soundtouch <no-dsa> (Minor issue)
 	[jessie] - soundtouch <no-dsa> (Minor issue)
@@ -15442,37 +15442,37 @@ CVE-2018-14914
 	RESERVED
 CVE-2018-14913
 	RESERVED
-CVE-2018-14912
+CVE-2018-14912 (cgit_clone_objects in CGit before 1.2.1 has a directory traversal vuln ...)
 	{DSA-4263-1 DLA-1459-1}
 	- cgit 1.1+git2.10.2-3.1 (bug #905382)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1627
 	NOTE: https://lists.zx2c4.com/pipermail/cgit/2018-August/004176.html
 	NOTE: https://git.zx2c4.com/cgit/commit/?id=53efaf30b50f095cad8c160488c74bba3e3b2680
-CVE-2018-14911
+CVE-2018-14911 (A file upload vulnerability exists in ukcms v1.1.7 and earlier. The vu ...)
 	NOT-FOR-US: ukcms
-CVE-2018-14910
+CVE-2018-14910 (SeaCMS v6.61 allows Remote Code execution by placing PHP code in an al ...)
 	NOT-FOR-US: SeaCMS
 CVE-2018-14909
 	RESERVED
-CVE-2018-14908
+CVE-2018-14908 (Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every r ...)
 	NOT-FOR-US: Samsung Syncthru Web Service
-CVE-2018-14907
+CVE-2018-14907 (The Web server in 3CX version 15.5.8801.3 is vulnerable to Information ...)
 	NOT-FOR-US: 3CX
-CVE-2018-14906
+CVE-2018-14906 (The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected X ...)
 	NOT-FOR-US: 3CX
-CVE-2018-14905
+CVE-2018-14905 (The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected X ...)
 	NOT-FOR-US: 3CX
-CVE-2018-14904
+CVE-2018-14904 (Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauth ...)
 	NOT-FOR-US: Samsung Syncthru Web Service
-CVE-2018-14903
+CVE-2018-14903 (EPSON WF-2750 printers with firmware JP02I2 do not properly validate f ...)
 	NOT-FOR-US: EPSON WF-2750 printers
-CVE-2018-14902
+CVE-2018-14902 (The ContentProvider in the EPSON iPrint application 6.6.3 for Android  ...)
 	NOT-FOR-US: EPSON iPrint application for Android
-CVE-2018-14901
+CVE-2018-14901 (The EPSON iPrint application 6.6.3 for Android contains hard-coded API ...)
 	NOT-FOR-US: EPSON iPrint application for Android
-CVE-2018-14900
+CVE-2018-14900 (On EPSON WF-2750 printers with firmware JP02I2, there is no filtering  ...)
 	NOT-FOR-US: EPSON WF-2750 printers
-CVE-2018-14899
+CVE-2018-14899 (On the EPSON WF-2750 printer with firmware JP02I2, the Web interface A ...)
 	NOT-FOR-US: EPSON WF-2750 printer
 CVE-2018-14898
 	RESERVED
@@ -15484,17 +15484,17 @@ CVE-2018-14895
 	RESERVED
 CVE-2018-14894
 	RESERVED
-CVE-2018-14893
+CVE-2018-14893 (A system command injection vulnerability in zyshclient in ZyXEL NSA325 ...)
 	NOT-FOR-US: ZyXEL
-CVE-2018-14892
+CVE-2018-14892 (Missing protections against Cross-Site Request Forgery in the web appl ...)
 	NOT-FOR-US: ZyXEL
-CVE-2018-14891
+CVE-2018-14891 (Management Console in Vectra Networks Cognito Brain and Sensor before  ...)
 	NOT-FOR-US: Vectra Networks Cognito Brain and Sensor
-CVE-2018-14890
+CVE-2018-14890 (Vectra Networks Cognito Brain and Sensor before 4.2 contains a cross-s ...)
 	NOT-FOR-US: Vectra Networks Cognito Brain and Sensor
-CVE-2018-14889
+CVE-2018-14889 (CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 contain ...)
 	NOT-FOR-US: Vectra Networks Cognito Brain and Sensor
-CVE-2018-14888
+CVE-2018-14888 (inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin be ...)
 	NOT-FOR-US: Eldenroot Thank You/Like plugin for MyBB
 CVE-2018-14887
 	RESERVED
@@ -15502,7 +15502,7 @@ CVE-2018-14886
 	RESERVED
 CVE-2018-14885
 	RESERVED
-CVE-2018-14884
+CVE-2018-14884 (An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.1 ...)
 	- php7.2 7.2.1-1
 	- php7.1 7.1.13-1
 	- php7.0 7.0.27-1
@@ -15511,7 +15511,7 @@ CVE-2018-14884
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75535
 	NOTE: Fixed by: https://github.com/php/php-src/commit/0e097f2c96ce31b16fa371981045f224e5a37160
 	NOTE: Introduced in: https://github.com/php/php-src/commit/5146d9f8ac170d8ba7109370d732d56dc0777578
-CVE-2018-14883
+CVE-2018-14883 (An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1 ...)
 	{DSA-4353-1 DLA-1490-1}
 	- php7.2 7.2.8-1
 	- php7.1 7.1.20-1
@@ -15542,11 +15542,11 @@ CVE-2018-XXXX [Default KeyInfo resolver doesn't check for empty element content.
 	[jessie] - xml-security-c 1.7.2-3+deb8u1
 	NOTE: https://issues.apache.org/jira/projects/SANTUARIO/issues/SANTUARIO-491
 	NOTE: https://shibboleth.net/community/advisories/secadv_20180803.txt
-CVE-2018-14878
+CVE-2018-14878 (JetBrains dotPeek before 2018.2 and ReSharper Ultimate before 2018.1.4 ...)
 	NOT-FOR-US: JetBrains dotPeek
-CVE-2018-14877
+CVE-2018-14877 (An issue was discovered in WeaselCMS v0.3.5. XSS exists via Site Langu ...)
 	NOT-FOR-US: WeaselCMS
-CVE-2018-14876
+CVE-2018-14876 (An issue was discovered in image_save_png in image/image-png.cpp in Fr ...)
 	[experimental] - flif <unfixed>
 	- flif <removed>
 	NOTE: https://github.com/FLIF-hub/FLIF/issues/520
@@ -15554,15 +15554,15 @@ CVE-2018-14875
 	RESERVED
 CVE-2018-14874
 	RESERVED
-CVE-2018-14873
+CVE-2018-14873 (An issue was discovered in Rincewind 0.1. There is a cross-site script ...)
 	NOT-FOR-US: Rincewind
-CVE-2018-14872
+CVE-2018-14872 (An issue was discovered in Rincewind 0.1. A reinstall vulnerability ex ...)
 	NOT-FOR-US: Rincewind
 CVE-2018-14871
 	RESERVED
 CVE-2018-14870
 	RESERVED
-CVE-2018-14869
+CVE-2018-14869 (PHP Template Store Script 3.0.6 allows XSS via the Address line 1, Add ...)
 	NOT-FOR-US: PHP Template Store Script
 CVE-2018-14868
 	RESERVED
@@ -15584,22 +15584,22 @@ CVE-2018-14860
 	RESERVED
 CVE-2018-14859
 	RESERVED
-CVE-2018-14858
+CVE-2018-14858 (An SSRF vulnerability was discovered in idreamsoft iCMS before V7.0.11 ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-14857
+CVE-2018-14857 (Unrestricted file upload (with remote code execution) in require/mail/ ...)
 	- ocsinventory-server <unfixed> (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-14856
+CVE-2018-14856 (Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wi ...)
 	NOT-FOR-US: Samsung wifi driver for Android
-CVE-2018-14855
+CVE-2018-14855 (Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wir ...)
 	NOT-FOR-US: Samsung wifi driver for Android
-CVE-2018-14854
+CVE-2018-14854 (Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wi ...)
 	NOT-FOR-US: Samsung wifi driver for Android
-CVE-2018-14853
+CVE-2018-14853 (A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/n ...)
 	NOT-FOR-US: Samsung wifi driver for Android
-CVE-2018-14852
+CVE-2018-14852 (Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcm ...)
 	NOT-FOR-US: Samsung wifi driver for Android
-CVE-2018-14851
+CVE-2018-14851 (exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, ...)
 	{DSA-4353-1 DLA-1490-1}
 	- php7.2 7.2.8-1
 	- php7.1 7.1.20-1
@@ -15607,17 +15607,17 @@ CVE-2018-14851
 	- php5 <removed>
 	NOTE: Fixed in 5.6.37, 7.0.31, 7.1.20, 7.2.8
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76557
-CVE-2018-14850
+CVE-2018-14850 (Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow a ...)
 	- tikiwiki <removed>
 	NOTE: https://sourceforge.net/p/tikiwiki/code/66990
-CVE-2018-14849
+CVE-2018-14849 (Tiki before 18.2, 15.7 and 12.14 has XSS via link attributes, related  ...)
 	- tikiwiki <removed>
 	NOTE: https://sourceforge.net/p/tikiwiki/code/66809
 CVE-2018-14848
 	RESERVED
-CVE-2018-14847
+CVE-2018-14847 (MikroTik RouterOS through 6.42 allows unauthenticated remote attackers ...)
 	NOT-FOR-US: Winbox for MikroTik RouterOS
-CVE-2018-14846
+CVE-2018-14846 (The Mondula Multi Step Form plugin before 1.2.8 for WordPress has mult ...)
 	NOT-FOR-US: Mondula Multi Step Form plugin for WordPress
 CVE-2018-14845
 	RESERVED
@@ -15629,17 +15629,17 @@ CVE-2018-14842
 	RESERVED
 CVE-2018-14841
 	RESERVED
-CVE-2018-14840
+CVE-2018-14840 (uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not  ...)
 	NOT-FOR-US: Subrion CMS
 CVE-2018-14839
 	RESERVED
-CVE-2018-14838
+CVE-2018-14838 (rejucms 2.1 has stored XSS via the admin/book.php content parameter. ...)
 	NOT-FOR-US: rejucms
-CVE-2018-14837
+CVE-2018-14837 (Wolf CMS 0.8.3.1 has XSS in the Snippets tab, as demonstrated by a ?/a ...)
 	NOT-FOR-US: Wolf CMS
-CVE-2018-14836
+CVE-2018-14836 (Subrion 4.2.1 is vulnerable to Improper Access control because user gr ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2018-14835
+CVE-2018-14835 (Subrion CMS v4.2.1 is vulnerable to Stored XSS because of no escaping  ...)
 	NOT-FOR-US: Subrion CMS
 CVE-2018-14834
 	RESERVED
@@ -15651,191 +15651,191 @@ CVE-2018-14831
 	RESERVED
 CVE-2018-14830
 	RESERVED
-CVE-2018-14829
+CVE-2018-14829 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vu ...)
 	NOT-FOR-US: Rockwell Automation RSLinx Classic
-CVE-2018-14828
+CVE-2018-14828 (Advantech WebAccess 8.3.1 and earlier has an improper privilege manage ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-14827
+CVE-2018-14827 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remot ...)
 	NOT-FOR-US: Rockwell Automation RSLinx Classic
-CVE-2018-14826
+CVE-2018-14826 (Entes EMG12 versions 2.57 and prior The application uses a web interfa ...)
 	NOT-FOR-US: Entes EMG12
-CVE-2018-14825
+CVE-2018-14825 (On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 runni ...)
 	NOT-FOR-US: Honeywell
-CVE-2018-14824
+CVE-2018-14824 (Delta Electronics Delta Industrial Automation PMSoft v2.11 or prior ha ...)
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation PMSoft
-CVE-2018-14823
+CVE-2018-14823 (Fuji Electric V-Server 4.0.3.0 and prior, A stack-based buffer overflo ...)
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14822
+CVE-2018-14822 (Entes EMG12 versions 2.57 and prior an information exposure through qu ...)
 	NOT-FOR-US: Entes EMG12
-CVE-2018-14821
+CVE-2018-14821 (Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vu ...)
 	NOT-FOR-US: Rockwell Automation RSLinx Classic
-CVE-2018-14820
+CVE-2018-14820 (Advantech WebAccess 8.3.1 and earlier has a .dll component that is sus ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-14819
+CVE-2018-14819 (Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read vulner ...)
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14818
+CVE-2018-14818 (WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and  ...)
 	NOT-FOR-US: PI Studio HMI
-CVE-2018-14817
+CVE-2018-14817 (Fuji Electric V-Server 4.0.3.0 and prior, An integer underflow vulnera ...)
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14816
+CVE-2018-14816 (Advantech WebAccess 8.3.1 and earlier has several stack-based buffer o ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-14815
+CVE-2018-14815 (Fuji Electric V-Server 4.0.3.0 and prior, Several out-of-bounds write  ...)
 	NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14814
 	RESERVED
-CVE-2018-14813
+CVE-2018-14813 (Fuji Electric V-Server 4.0.3.0 and prior, A heap-based buffer overflow ...)
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14812
+CVE-2018-14812 (An uncontrolled search path element (DLL Hijacking) vulnerability has  ...)
 	NOT-FOR-US: Fuji
-CVE-2018-14811
+CVE-2018-14811 (Fuji Electric V-Server 4.0.3.0 and prior, Multiple untrusted pointer d ...)
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14810
+CVE-2018-14810 (WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and  ...)
 	NOT-FOR-US: PI Studio HMI
-CVE-2018-14809
+CVE-2018-14809 (Fuji Electric V-Server 4.0.3.0 and prior, A use after free vulnerabili ...)
 	NOT-FOR-US: Fuji Electric V-Server
-CVE-2018-14808
+CVE-2018-14808 (Emerson AMS Device Manager v12.0 to v13.5.  Non-administrative users a ...)
 	NOT-FOR-US: Emerson AMS Device Manager
-CVE-2018-14807
+CVE-2018-14807 (A stack-based buffer overflow vulnerability in Opto 22 PAC Control Bas ...)
 	NOT-FOR-US: Opto
-CVE-2018-14806
+CVE-2018-14806 (Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerabili ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-14805
+CVE-2018-14805 (ABB eSOMS version 6.0.2 may allow unauthorized access to the system wh ...)
 	NOT-FOR-US: ABB eSOMS
-CVE-2018-14804
+CVE-2018-14804 (Emerson AMS Device Manager v12.0 to v13.5.  A specially crafted script ...)
 	NOT-FOR-US: Emerson AMS Device Manager
-CVE-2018-14803
+CVE-2018-14803 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
 	NOT-FOR-US: Philips e-Alert Unit
-CVE-2018-14802
+CVE-2018-14802 (Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC ...)
 	NOT-FOR-US: Fuji Electric
-CVE-2018-14801
+CVE-2018-14801 (In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all v ...)
 	NOT-FOR-US: Philips PageWriter
-CVE-2018-14800
+CVE-2018-14800 (Delta Electronics ISPSoft version 3.0.5 and prior allow an attacker, b ...)
 	NOT-FOR-US: Delta Electronics ISPSoft
-CVE-2018-14799
+CVE-2018-14799 (In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all v ...)
 	NOT-FOR-US: Philips PageWriter
-CVE-2018-14798
+CVE-2018-14798 (Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC ...)
 	NOT-FOR-US: Fuji Electric
-CVE-2018-14797
+CVE-2018-14797 (Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a ...)
 	NOT-FOR-US: Emerson DeltaV DCS
-CVE-2018-14796
+CVE-2018-14796 (Tec4Data SmartCooler, all versions prior to firmware 180806, the devic ...)
 	NOT-FOR-US: Tec4Data SmartCooler
-CVE-2018-14795
+CVE-2018-14795 (DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable d ...)
 	NOT-FOR-US: DeltaV
-CVE-2018-14794
+CVE-2018-14794 (Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. The device d ...)
 	NOT-FOR-US: Fuji Electric
-CVE-2018-14793
+CVE-2018-14793 (DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable t ...)
 	NOT-FOR-US: DeltaV
-CVE-2018-14792
+CVE-2018-14792 (WECON PLC Editor version 1.3.3U may allow an attacker to execute code  ...)
 	NOT-FOR-US: WECON
-CVE-2018-14791
+CVE-2018-14791 (Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may all ...)
 	NOT-FOR-US: Emerson DeltaV DCS
-CVE-2018-14790
+CVE-2018-14790 (Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC ...)
 	NOT-FOR-US: Fuji Electric
-CVE-2018-14789
+CVE-2018-14789 (In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version  ...)
 	NOT-FOR-US: Philips
-CVE-2018-14788
+CVE-2018-14788 (Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer ove ...)
 	NOT-FOR-US: Fuji Electric
-CVE-2018-14787
+CVE-2018-14787 (In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version  ...)
 	NOT-FOR-US: Philips
-CVE-2018-14786
+CVE-2018-14786 (Becton, Dickinson and Company (BD) Alaris Plus medical syringe pumps ( ...)
 	NOT-FOR-US: medical pumps
-CVE-2018-14785
+CVE-2018-14785 (NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmw ...)
 	NOT-FOR-US: NetComm Wireless G LTE Light Industrial M2M Router
-CVE-2018-14784
+CVE-2018-14784 (NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmw ...)
 	NOT-FOR-US: NetComm Wireless G LTE Light Industrial M2M Router
-CVE-2018-14783
+CVE-2018-14783 (NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmw ...)
 	NOT-FOR-US: NetComm Wireless G LTE Light Industrial M2M Router
-CVE-2018-14782
+CVE-2018-14782 (NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmw ...)
 	NOT-FOR-US: NetComm Wireless G LTE Light Industrial M2M Router
-CVE-2018-14781
+CVE-2018-14781 (Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL- ...)
 	NOT-FOR-US: Medtronic
-CVE-2018-14780
+CVE-2018-14780 (An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 sma ...)
 	- yubico-piv-tool 1.6.1-1 (low; bug #906128)
 	[stretch] - yubico-piv-tool <no-dsa> (Minor issue)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-001-Yubico-Piv/
-CVE-2018-14779
+CVE-2018-14779 (A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartca ...)
 	- yubico-piv-tool 1.6.1-1 (low; bug #906128)
 	[stretch] - yubico-piv-tool <no-dsa> (Minor issue)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-001-Yubico-Piv/
 CVE-2018-14778
 	RESERVED
-CVE-2018-14777
+CVE-2018-14777 (An issue was discovered in DataLife Engine (DLE) through 13.0. An atta ...)
 	NOT-FOR-US: DataLife Engine
-CVE-2018-1000631
+CVE-2018-1000631 (Battelle V2I Hub 3.0 is vulnerable to SQL injection. A remote attacker ...)
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000630
+CVE-2018-1000630 (Battelle V2I Hub 2.5.1 is vulnerable to SQL injection. A remote authen ...)
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000629
+CVE-2018-1000629 (Battelle V2I Hub 2.5.1 is vulnerable to cross-site scripting, caused b ...)
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000628
+CVE-2018-1000628 (Battelle V2I Hub 2.5.1 could allow a remote attacker to bypass securit ...)
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000627
+CVE-2018-1000627 (Battelle V2I Hub 2.5.1 could allow a remote attacker to obtain sensiti ...)
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000626
+CVE-2018-1000626 (Battelle V2I Hub 2.5.1 could allow a remote attacker to bypass securit ...)
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000625
+CVE-2018-1000625 (Battelle V2I Hub 2.5.1 contains hard-coded credentials for the adminis ...)
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-1000624
+CVE-2018-1000624 (Battelle V2I Hub 2.5.1 is vulnerable to a denial of service, caused by ...)
 	NOT-FOR-US: Battelle V2I Hub
-CVE-2018-14776
+CVE-2018-14776 (Click Studios Passwordstate before 8.3 Build 8397 allows XSS by authen ...)
 	NOT-FOR-US: Click Studios Passwordstate
-CVE-2018-14775
+CVE-2018-14775 (tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Loc ...)
 	NOT-FOR-US: OpenBSD
-CVE-2018-14774
+CVE-2018-14774 (An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, ...)
 	- symfony 3.4.14+dfsg-1
 	[stretch] - symfony <no-dsa> (Minor issue)
 	[jessie] - symfony <not-affected> (Vulnerable code not present, introduced later in commit 4c8a25a6e2)
 	NOTE: https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache
-CVE-2018-14773
+CVE-2018-14773 (An issue was discovered in Http Foundation in Symfony 2.7.0 through 2. ...)
 	{DLA-1707-1}
 	- symfony 3.4.14+dfsg-1
 	[stretch] - symfony <no-dsa> (Minor issue)
 	NOTE: https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers
-CVE-2018-14772
+CVE-2018-14772 (Pydio 4.2.1 through 8.2.1 has an authenticated remote code execution v ...)
 	- ajaxplorer <itp> (bug #668381)
-CVE-2018-14771
+CVE-2018-14771 (VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers ...)
 	NOT-FOR-US: VIVOTEK FD8177 devices
-CVE-2018-14770
+CVE-2018-14770 (VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers ...)
 	NOT-FOR-US: VIVOTEK FD8177 devices
-CVE-2018-14769
+CVE-2018-14769 (VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF. ...)
 	NOT-FOR-US: VIVOTEK FD8177 devices
-CVE-2018-14768
+CVE-2018-14768 (Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*,  ...)
 	NOT-FOR-US: VIVOTEK devices
-CVE-2018-1999025
+CVE-2018-1999025 (A man in the middle vulnerability exists in Jenkins TraceTronic ECU-TE ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999026
+CVE-2018-1999026 (A server-side request forgery vulnerability exists in Jenkins TraceTro ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999027
+CVE-2018-1999027 (An exposure of sensitive information vulnerability exists in Jenkins S ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999028
+CVE-2018-1999028 (An exposure of sensitive information vulnerability exists in Jenkins A ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999029
+CVE-2018-1999029 (A cross-site scripting vulnerability exists in Jenkins Shelve Project  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999041
+CVE-2018-1999041 (An exposure of sensitive information vulnerability exists in Jenkins T ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999040
+CVE-2018-1999040 (An exposure of sensitive information vulnerability exists in Jenkins K ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999039
+CVE-2018-1999039 (A server-side request forgery vulnerability exists in Jenkins Confluen ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999038
+CVE-2018-1999038 (A confused deputy vulnerability exists in Jenkins Publisher Over CIFS  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999037
+CVE-2018-1999037 (A data modification vulnerability exists in Jenkins Resource Disposer  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999036
+CVE-2018-1999036 (An exposure of sensitive information vulnerability exists in Jenkins S ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999030
+CVE-2018-1999030 (An exposure of sensitive information vulnerability exists in Jenkins M ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999031
+CVE-2018-1999031 (An exposure of sensitive information vulnerability exists in Jenkins m ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999032
+CVE-2018-1999032 (A data modification vulnerability exists in Jenkins Agiletestware Pang ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999033
+CVE-2018-1999033 (An exposure of sensitive information vulnerability exists in Jenkins A ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999034
+CVE-2018-1999034 (A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugi ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1999035
+CVE-2018-1999035 (A man in the middle vulnerability exists in Jenkins Inedo BuildMaster  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-14767
+CVE-2018-14767 (In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message ...)
 	{DSA-4267-1 DLA-1471-1}
 	- kamailio 5.1.4-1
 	NOTE: https://skalatan.de/blog/advisory-hw-2018-05
@@ -15875,75 +15875,75 @@ CVE-2018-14751
 	RESERVED
 CVE-2018-14750
 	RESERVED
-CVE-2018-14749
+CVE-2018-14749 (Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 b ...)
 	NOT-FOR-US: QNAP
-CVE-2018-14748
+CVE-2018-14748 (Improper Authorization vulnerability in QTS 4.3.5 build 20181013, QTS  ...)
 	NOT-FOR-US: QNAP
-CVE-2018-14747
+CVE-2018-14747 (NULL Pointer Dereference vulnerability in QTS 4.3.5 build 20181013, QT ...)
 	NOT-FOR-US: QNAP
-CVE-2018-14746
+CVE-2018-14746 (Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 ...)
 	NOT-FOR-US: QNAP
-CVE-2018-14955
+CVE-2018-14955 (The mail message display page in SquirrelMail through 1.4.22 has XSS v ...)
 	{DLA-1484-1}
 	- squirrelmail <removed> (bug #905023)
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2831/
-CVE-2018-14954
+CVE-2018-14954 (The mail message display page in SquirrelMail through 1.4.22 has XSS v ...)
 	{DLA-1484-1}
 	- squirrelmail <removed> (bug #905023)
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2831/
-CVE-2018-14953
+CVE-2018-14953 (The mail message display page in SquirrelMail through 1.4.22 has XSS v ...)
 	{DLA-1484-1}
 	- squirrelmail <removed> (bug #905023)
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2831/
-CVE-2018-14952
+CVE-2018-14952 (The mail message display page in SquirrelMail through 1.4.22 has XSS v ...)
 	{DLA-1484-1}
 	- squirrelmail <removed> (bug #905023)
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2831/
-CVE-2018-14951
+CVE-2018-14951 (The mail message display page in SquirrelMail through 1.4.22 has XSS v ...)
 	{DLA-1484-1}
 	- squirrelmail <removed> (bug #905023)
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2831/
-CVE-2018-14950
+CVE-2018-14950 (The mail message display page in SquirrelMail through 1.4.22 has XSS v ...)
 	{DLA-1484-1}
 	- squirrelmail <removed> (bug #905023)
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2831/
-CVE-2018-14745
+CVE-2018-14745 (Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver  ...)
 	TODO: check
-CVE-2018-14744
+CVE-2018-14744 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14743
+CVE-2018-14743 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14742
+CVE-2018-14742 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14741
+CVE-2018-14741 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14740
+CVE-2018-14740 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14739
+CVE-2018-14739 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14738
+CVE-2018-14738 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14737
+CVE-2018-14737 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14736
+CVE-2018-14736 (An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. ...)
 	NOT-FOR-US: cloudwu PBC
-CVE-2018-14735
+CVE-2018-14735 (An Information Exposure issue was discovered in Hitachi Command Suite  ...)
 	NOT-FOR-US: Hitachi
 CVE-2018-14733
 	RESERVED
-CVE-2018-14734
+CVE-2018-14734 (drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 all ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.14-1
 	NOTE: https://git.kernel.org/linus/cb2595c1393b4a5211534e6f0a0fbad369e21ad8 (4.18-rc1)
-CVE-2018-14732
+CVE-2018-14732 (An issue was discovered in lib/Server.js in webpack-dev-server before  ...)
 	NOT-FOR-US: webpack-dev-server
-CVE-2018-14731
+CVE-2018-14731 (An issue was discovered in HMRServer.js in Parcel parcel-bundler. Atta ...)
 	NOT-FOR-US: parcel-bundler
-CVE-2018-14730
+CVE-2018-14730 (An issue was discovered in Browserify-HMR. Attackers are able to steal ...)
 	NOT-FOR-US: Browserify-HMR
 CVE-2018-14729
 	RESERVED
-CVE-2018-14728
+CVE-2018-14728 (upload.php in Responsive FileManager 9.13.1 allows SSRF via the url pa ...)
 	NOT-FOR-US: Responsive FileManager
 CVE-2018-14727
 	RESERVED
@@ -15955,34 +15955,34 @@ CVE-2018-14724
 	RESERVED
 CVE-2018-14723
 	RESERVED
-CVE-2018-14722
+CVE-2018-14722 (An issue was discovered in evaluate_auto_mountpoint in btrfsmaintenanc ...)
 	- btrfsmaintenance 0.4.1-2 (bug #906131)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1102721
-CVE-2018-14721
+CVE-2018-14721 (FasterXML jackson-databind 2.x before 2.9.7 might allow remote attacke ...)
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2097
-CVE-2018-14720
+CVE-2018-14720 (FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to c ...)
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2097
-CVE-2018-14719
+CVE-2018-14719 (FasterXML jackson-databind 2.x before 2.9.7 might allow remote attacke ...)
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2097
-CVE-2018-14718
+CVE-2018-14718 (FasterXML jackson-databind 2.x before 2.9.7 might allow remote attacke ...)
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2097
 CVE-2018-14717
 	RESERVED
-CVE-2018-14716
+CVE-2018-14716 (A Server Side Template Injection (SSTI) was discovered in the SEOmatic ...)
 	NOT-FOR-US: SEOmatic plugin for Craft CMS
-CVE-2018-14715
+CVE-2018-14715 (The endCoinFlip function and throwSlammer function of the smart contra ...)
 	NOT-FOR-US: smart contract implementations for Cryptogs
 CVE-2018-14714
 	RESERVED
@@ -15994,35 +15994,35 @@ CVE-2018-14711
 	RESERVED
 CVE-2018-14710
 	RESERVED
-CVE-2018-14709
+CVE-2018-14709 (Incorrect access control in the Dashboard API on Drobo 5N2 NAS version ...)
 	NOT-FOR-US: Dashboard API on Drobo 5N2 NAS
-CVE-2018-14708
+CVE-2018-14708 (An insecure transport protocol used by Drobo Dashboard API on Drobo 5N ...)
 	NOT-FOR-US: Drobo Dashboard API on Drobo 5N2 NAS
-CVE-2018-14707
+CVE-2018-14707 (Directory traversal in the Drobo Pix web application on Drobo 5N2 NAS  ...)
 	NOT-FOR-US: Drobo Pix web application on Drobo 5N2 NAS
-CVE-2018-14706
+CVE-2018-14706 (System command injection in the /DroboPix/api/drobopix/demo endpoint o ...)
 	NOT-FOR-US: Drobo 5N2 NAS
 CVE-2018-14705
 	RESERVED
-CVE-2018-14704
+CVE-2018-14704 (Cross-site scripting in the MySQL API error page in Drobo 5N2 NAS vers ...)
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14703
+CVE-2018-14703 (Incorrect access control in the /mysql/api/droboapp/data endpoint in D ...)
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14702
+CVE-2018-14702 (Incorrect access control in the /drobopix/api/drobo.php endpoint in Dr ...)
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14701
+CVE-2018-14701 (System command injection in the /DroboAccess/delete_user endpoint in D ...)
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14700
+CVE-2018-14700 (Incorrect access control in the /mysql/api/logfile.php endpoint in Dro ...)
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14699
+CVE-2018-14699 (System command injection in the /DroboAccess/enable_user endpoint in D ...)
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14698
+CVE-2018-14698 (Cross-site scripting in the /DroboAccess/delete_user endpoint in Drobo ...)
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14697
+CVE-2018-14697 (Cross-site scripting in the /DroboAccess/enable_user endpoint in Drobo ...)
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14696
+CVE-2018-14696 (Incorrect access control in the /mysql/api/drobo.php endpoint in Drobo ...)
 	NOT-FOR-US: Drobo 5N2 NAS
-CVE-2018-14695
+CVE-2018-14695 (Incorrect access control in the /mysql/api/diags.php endpoint in Drobo ...)
 	NOT-FOR-US: Drobo 5N2 NAS
 CVE-2018-14694
 	RESERVED
@@ -16030,25 +16030,25 @@ CVE-2018-14693
 	RESERVED
 CVE-2018-14692
 	RESERVED
-CVE-2018-14691
+CVE-2018-14691 (An issue was discovered in Subsonic 6.1.1. The music tags feature is a ...)
 	NOT-FOR-US: Subsonic
-CVE-2018-14690
+CVE-2018-14690 (An issue was discovered in Subsonic 6.1.1. The general settings are af ...)
 	NOT-FOR-US: Subsonic
-CVE-2018-14689
+CVE-2018-14689 (An issue was discovered in Subsonic 6.1.1. The transcoding settings ar ...)
 	NOT-FOR-US: Subsonic
-CVE-2018-14688
+CVE-2018-14688 (An issue was discovered in Subsonic 6.1.1. The radio settings are affe ...)
 	NOT-FOR-US: Subsonic
 CVE-2018-14687
 	RESERVED
-CVE-2018-14686
+CVE-2018-14686 (system/edit_book.php in XYCMS 1.7 has stored XSS via a crafted add_do. ...)
 	NOT-FOR-US: XYCMS
-CVE-2018-14685
+CVE-2018-14685 (The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gx ...)
 	NOT-FOR-US: Gxlcms
 CVE-2018-14684
 	RESERVED
 CVE-2018-14683
 	RESERVED
-CVE-2018-14678
+CVE-2018-14678 (An issue was discovered in the Linux kernel through 4.17.11, as used i ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.14-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-274.html
@@ -16073,81 +16073,81 @@ CVE-2018-14669
 	RESERVED
 CVE-2018-14668
 	RESERVED
-CVE-2018-14679
+CVE-2018-14679 (An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. ...)
 	{DSA-4260-1 DLA-1460-1}
 	- libmspack 0.7-1 (bug #904802)
 	NOTE: https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-14680
+CVE-2018-14680 (An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. ...)
 	{DSA-4260-1 DLA-1460-1}
 	- libmspack 0.7-1 (bug #904801)
 	NOTE: https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-14682
+CVE-2018-14682 (An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. ...)
 	{DSA-4260-1 DLA-1460-1}
 	- libmspack 0.7-1 (bug #904800)
 	NOTE: https://github.com/kyz/libmspack/commit/4fd9ccaa54e1aebde1e4b95fb0163b699fd7bcc8
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-14681
+CVE-2018-14681 (An issue was discovered in kwajd_read_headers in mspack/kwajd.c in lib ...)
 	{DSA-4260-1 DLA-1460-1}
 	- libmspack 0.7-1 (bug #904799)
 	NOTE: https://github.com/kyz/libmspack/commit/0b0ef9344255ff5acfac6b7af09198ac9c9756c8
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-14667
+CVE-2018-14667 (The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression  ...)
 	NOT-FOR-US: RichFaces
-CVE-2018-14666
+CVE-2018-14666 (An improper authorization flaw was found in the Smart Class feature of ...)
 	- foreman <itp> (bug #663101)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1638156
-CVE-2018-14665
+CVE-2018-14665 (A flaw was found in xorg-x11-server before 1.20.3. An incorrect permis ...)
 	{DSA-4328-1}
 	- xorg-server 2:1.20.3-1
 	[jessie] - xorg-server <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by: https://gitlab.freedesktop.org/xorg/xserver/commit/032b1d79b7d04d47814a5b3a9fdd162249fea74c (1.19.0)
 	NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e
-CVE-2018-14664
+CVE-2018-14664 (A flaw was found in foreman from versions 1.18. A stored cross-site sc ...)
 	- foreman <itp> (bug #663101)
-CVE-2018-14663
+CVE-2018-14663 (An issue has been found in PowerDNS DNSDist before 1.3.3 allowing a re ...)
 	- dnsdist 1.3.3-1 (bug #913231)
 	[stretch] - dnsdist <no-dsa> (Minor issue)
 	NOTE: https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2018-08.html
-CVE-2018-14662
+CVE-2018-14662 (It was found Ceph versions before 13.2.4 that authenticated ceph users ...)
 	{DLA-1696-1}
 	- ceph 12.2.11+dfsg1-1 (bug #921948)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1637327
 	NOTE: https://github.com/ceph/ceph/commit/a2acedd2a7e12d58af6db35edbd8a9d29c557578
-CVE-2018-14661
+CVE-2018-14661 (It was found that usage of snprintf function in feature/locks translat ...)
 	{DLA-1565-1}
 	- glusterfs 5.1-1 (bug #912997)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1636880
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21532/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=74dbf0a9aac4b960832029ec122685b5b5009127
-CVE-2018-14660
+CVE-2018-14660 (A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2  ...)
 	- glusterfs 5.1-1 (bug #912997)
 	[jessie] - glusterfs <not-affected> (vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1635926
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21531/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=c2c70552188ee1b15bb748b4f2272062505c7696
-CVE-2018-14659
+CVE-2018-14659 (The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable ...)
 	{DLA-1565-1}
 	- glusterfs 5.1-1 (bug #912997)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1635929
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21530/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=be1e1785e2e4f3d6345ea5b5b684a1429784a01c
-CVE-2018-14658
+CVE-2018-14658 (A flaw was found in JBOSS Keycloak 3.2.1.Final. The Redirect URL for b ...)
 	NOT-FOR-US: Keycloak
-CVE-2018-14657
+CVE-2018-14657 (A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabl ...)
 	NOT-FOR-US: Keycloak
-CVE-2018-14656
+CVE-2018-14656 (A missing address check in the callers of the show_opcodes() in the Li ...)
 	- linux 4.18.6-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/342db04ae71273322f0011384a9ed414df8bdae4
-CVE-2018-14655
+CVE-2018-14655 (A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. Wh ...)
 	NOT-FOR-US: Keycloak
-CVE-2018-14654
+CVE-2018-14654 (The Gluster file system through version 4.1.4 is vulnerable to abuse o ...)
 	- glusterfs 5.1-1 (bug #912997)
 	[jessie] - glusterfs <not-affected> (vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
@@ -16155,7 +16155,7 @@ CVE-2018-14654
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21534/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=5f4ae8a80543332a2e92dfa5c7f833ae7b93a664 (release-4.1)
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=dc775c4ae052d1e9d0f61ace3be999f73f0ffa23 (release-5)
-CVE-2018-14653
+CVE-2018-14653 (The Gluster file system through versions 4.1.4 and 3.12 is vulnerable  ...)
 	{DLA-1565-1}
 	- glusterfs 5.1-1 (bug #912997)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
@@ -16164,14 +16164,14 @@ CVE-2018-14653
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21529/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=d3ec5f5a089edb68206b5d4a469358867340d4f7
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=e2712fbd38477e736f157c9dbfbbae9c253b6c13
-CVE-2018-14652
+CVE-2018-14652 (The Gluster file system through versions 3.12 and 4.1.4 is vulnerable  ...)
 	{DLA-1565-1}
 	- glusterfs 5.0-1 (bug #912997)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1632974
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21535/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=e2c195712a9ecbda4fa02f5308138a1257a2558a
-CVE-2018-14651
+CVE-2018-14651 (It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018 ...)
 	{DLA-1565-1}
 	- glusterfs 5.1-1 (bug #912997)
 	[stretch] - glusterfs <not-affected> (Incomplete fixes for CVE-2018-109{26,27,28,29,30} not applied)
@@ -16179,11 +16179,11 @@ CVE-2018-14651
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1632557
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21527/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=5fdb7ae37f602894f81a2cadc5a4c609a4c85427
-CVE-2018-14650
+CVE-2018-14650 (It was discovered that sos-collector does not properly set the default ...)
 	NOT-FOR-US: sos-collector (not same as sosreport itself, additional tool to sosreport)
-CVE-2018-14649
+CVE-2018-14649 (It was found that ceph-isci-cli package as shipped by Red Hat Ceph Sto ...)
 	NOT-FOR-US: ceph-iscsi-cli
-CVE-2018-14648
+CVE-2018-14648 (A flaw was found in 389 Directory Server. A specially crafted search q ...)
 	{DLA-1554-1}
 	- 389-ds-base 1.4.0.18-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1630668
@@ -16195,7 +16195,7 @@ CVE-2018-14648
 	NOTE: 1.3.7: https://pagure.io/389-ds-base/c/722a6f867
 	NOTE: 1.3.8: https://pagure.io/389-ds-base/c/bdb1af66c
 	NOTE: see https://pagure.io/389-ds-base/issue/49969
-CVE-2018-14647
+CVE-2018-14647 (Python's elementtree C accelerator failed to initialise Expat's hash s ...)
 	{DSA-4307-1 DSA-4306-1}
 	- python3.7 3.7.0-7
 	- python3.6 3.6.7~rc1-1
@@ -16209,28 +16209,28 @@ CVE-2018-14647
 	NOTE: 3.7: https://github.com/python/cpython/commit/470a435f3b42c9be5fdb7f7b04f3df5663ba7305
 	NOTE: 3.6: https://github.com/python/cpython/commit/f7666e828cc3d5873136473ea36ba2013d624fa1
 	NOTE: 2.7: https://github.com/python/cpython/commit/18b20bad75b4ff0486940fba4ec680e96e70f3a2
-CVE-2018-14646
+CVE-2018-14646 (The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL  ...)
 	- linux <not-affected> (Vulnerable code not present in any version released; apart experimental)
 	NOTE: Fixed by: https://git.kernel.org/linus/f428fe4a04cc339166c8bbd489789760de3a0cee
-CVE-2018-14645
+CVE-2018-14645 (A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14,  ...)
 	- haproxy 1.8.13-2
 	[stretch] - haproxy <not-affected> (Only affects 1.8.x)
 	[jessie] - haproxy <not-affected> (Only affects 1.8.x)
 	NOTE: https://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=b4e05a3daa30f657db01ec144a0e48850c48f813
-CVE-2018-14644
+CVE-2018-14644 (An issue has been found in PowerDNS Recursor from 4.0.0 up to and incl ...)
 	- pdns-recursor 4.1.7-1 (bug #913162)
 	[stretch] - pdns-recursor 4.0.4-1+deb9u4
 	[jessie] - pdns-recursor <ignored> (Minor issue)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-07.html
 	NOTE: https://downloads.powerdns.com/patches/2018-07/
 	NOTE: Patch backported for jessie https://git.fosscommunity.in/bhe/patches/raw/master/CVE-2018-14644.patch
-CVE-2018-14643
+CVE-2018-14643 (An authentication bypass flaw was found in the smart_proxy_dynflow com ...)
 	- foreman <itp> (bug #663101)
 	NOTE: Issue in a foreman component: smart_proxy_dynflow, which might land in separate source.
-CVE-2018-14642
+CVE-2018-14642 (An information leak vulnerability was found in Undertow. If all header ...)
 	- undertow <unfixed> (bug #911796)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1628702
-CVE-2018-14641
+CVE-2018-14641 (A security flaw was found in the ip_frag_reasm() function in net/ipv4/ ...)
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/18/1
 	NOTE: Fixed by: https://git.kernel.org/linus/5d407b071dc369c26a38398326ee2be53651cfe4
@@ -16238,48 +16238,48 @@ CVE-2018-14640
 	RESERVED
 CVE-2018-14639
 	RESERVED
-CVE-2018-14638
+CVE-2018-14638 (A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ...)
 	- 389-ds-base 1.4.0.18-1 (bug #908859)
 	[jessie] - 389-ds-base <not-affected> (Vulnerable code not present)
 	NOTE: https://pagure.io/389-ds-base/c/78fc627accacfa4061ce48977e22301f81ea8d73
-CVE-2018-14637
+CVE-2018-14637 (The SAML broker consumer endpoint in Keycloak before version 4.6.0.Fin ...)
 	NOT-FOR-US: Keycloak
-CVE-2018-14636
+CVE-2018-14636 (Live-migrated instances are briefly able to inspect traffic for other  ...)
 	- neutron 2:13.0.0-1 (low)
 	[stretch] - neutron <no-dsa> (Minor issue)
 	[jessie] - neutron <ignored> (Minor issue)
-CVE-2018-14635
+CVE-2018-14635 (When using the Linux bridge ml2 driver, non-privileged tenants are abl ...)
 	- neutron 2:13.0.0-1
 	[stretch] - neutron <ignored> (Minor issue)
 	[jessie] - neutron <ignored> (Minor issue)
 	NOTE: https://bugs.launchpad.net/neutron/+bug/1757482
 	NOTE: https://git.openstack.org/cgit/openstack/neutron/commit/?id=54aa6e81cb17b33ce4d5d469cc11dec2869c762d
-CVE-2018-14634
+CVE-2018-14634 (An integer overflow flaw was found in the Linux kernel's create_elf_ta ...)
 	{DLA-1529-1}
 	- linux 4.12.6-1
 	[stretch] - linux 4.9.47-1
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/25/4
-CVE-2018-14633
+CVE-2018-14633 (A security flaw was found in the chap_server_compute_md5() function in ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.10-1
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/24/2
-CVE-2018-14632
+CVE-2018-14632 (An out of bound write can occur when patching an Openshift object usin ...)
 	NOT-FOR-US: OpenShift
-CVE-2018-14631
+CVE-2018-14631 (moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost th ...)
 	- moodle <removed>
-CVE-2018-14630
+CVE-2018-14630 (moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an ...)
 	- moodle <removed>
-CVE-2018-14629
+CVE-2018-14629 (A denial of service vulnerability was discovered in Samba's LDAP serve ...)
 	{DSA-4345-1 DLA-1607-1}
 	- samba 2:4.9.2+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2018-14629.html
 CVE-2018-14628
 	RESERVED
-CVE-2018-14627
+CVE-2018-14627 (The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not h ...)
 	- wildfly <itp> (bug #752018)
 	NOTE: https://issues.jboss.org/browse/WFLY-9107
 	NOTE: https://github.com/wildfly/wildfly/pull/10675
-CVE-2018-14626
+CVE-2018-14626 (PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS ...)
 	- pdns 4.1.5-1 (bug #913163)
 	[stretch] - pdns <not-affected> (Vulnerable code present only in >=  4.1.0)
 	[jessie] - pdns <not-affected> (Vulnerable code not present)
@@ -16290,20 +16290,20 @@ CVE-2018-14626
 	NOTE: https://downloads.powerdns.com/patches/2018-05/
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-06.html
 	NOTE: https://downloads.powerdns.com/patches/2018-06/
-CVE-2018-14625
+CVE-2018-14625 (A flaw was found in the Linux Kernel where an attacker may be able to  ...)
 	- linux 4.19.9-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://syzkaller.appspot.com/bug?extid=bd391451452fb0b93039
-CVE-2018-14624
+CVE-2018-14624 (A vulnerability was discovered in 389-ds-base through versions 1.3.7.1 ...)
 	{DLA-1526-1}
 	- 389-ds-base 1.4.0.18-1 (bug #907778)
 	NOTE: https://pagure.io/389-ds-base/issue/49937
 	NOTE: https://pagure.io/389-ds-base/c/8ff8cb850 (master)
 	NOTE: https://pagure.io/389-ds-base/c/c5e78249d (389-ds-base-1.3.8)
 	NOTE: https://pagure.io/389-ds-base/c/9f28620d2 (389-ds-base-1.3.7)
-CVE-2018-14623
+CVE-2018-14623 (A SQL injection flaw was found in katello's errata-related API. An aut ...)
 	NOT-FOR-US: Katello
-CVE-2018-14622
+CVE-2018-14622 (A null-pointer dereference vulnerability was found in libtirpc before  ...)
 	{DLA-1487-1}
 	[experimental] - libtirpc 1.0.2-0.1
 	- libtirpc 0.2.5-1.3 (bug #907608)
@@ -16311,124 +16311,124 @@ CVE-2018-14622
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1620293
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=968175
 	NOTE: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=1c77f7a869bdea2a34799d774460d1f9983d45f0
-CVE-2018-14621
+CVE-2018-14621 (An infinite loop vulnerability was found in libtirpc before version 1. ...)
 	- libtirpc <not-affected> (Vulnerable code not in a released version)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1620290
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=968175
 	NOTE: Introduced by: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=b2c9430f46c4ac848957fb8adaac176a3f6ac03f (0.3.3-rc3)
 	NOTE: Fixed by: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=fce98161d9815ea016855d9f00274276452c2c4b
-CVE-2018-14620
+CVE-2018-14620 (The OpenStack RabbitMQ container image insecurely retrieves the rabbit ...)
 	NOT-FOR-US: Insecure Red Hat container config
-CVE-2018-14619
+CVE-2018-14619 (A flaw was found in the crypto subsystem of the Linux kernel before ve ...)
 	- linux 4.14.12-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/b32a7dc8aef1882fbf983eb354837488cc9d54dc
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/28/1
-CVE-2018-14618
+CVE-2018-14618 (curl before version 7.61.1 is vulnerable to a buffer overrun in the NT ...)
 	{DSA-4286-1 DLA-1498-1}
 	- curl 7.62.0-1 (bug #908327)
 	NOTE: https://curl.haxx.se/docs/CVE-2018-14618.html
 	NOTE: https://github.com/curl/curl/issues/2756
 	NOTE: https://github.com/curl/curl/commit/57d299a499155d4b327e341c6024e293b0418243
-CVE-2018-14617
+CVE-2018-14617 (An issue was discovered in the Linux kernel through 4.17.10. There is  ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.8-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200297
 	NOTE: https://www.spinics.net/lists/linux-fsdevel/msg130021.html
-CVE-2018-14616
+CVE-2018-14616 (An issue was discovered in the Linux kernel through 4.17.10. There is  ...)
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200465
-CVE-2018-14615
+CVE-2018-14615 (An issue was discovered in the Linux kernel through 4.17.10. There is  ...)
 	- linux 4.19.9-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200421
-CVE-2018-14614
+CVE-2018-14614 (An issue was discovered in the Linux kernel through 4.17.10. There is  ...)
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200419
-CVE-2018-14613
+CVE-2018-14613 (An issue was discovered in the Linux kernel through 4.17.10. There is  ...)
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199849
 	NOTE: https://patchwork.kernel.org/patch/10503147/
-CVE-2018-14612
+CVE-2018-14612 (An issue was discovered in the Linux kernel through 4.17.10. There is  ...)
 	{DLA-1715-1}
 	- linux 4.18.8-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199847
 	NOTE: https://patchwork.kernel.org/patch/10503403/
 	NOTE: https://patchwork.kernel.org/patch/10503413/
-CVE-2018-14611
+CVE-2018-14611 (An issue was discovered in the Linux kernel through 4.17.10. There is  ...)
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199839
 	NOTE: https://patchwork.kernel.org/patch/10503099/
-CVE-2018-14610
+CVE-2018-14610 (An issue was discovered in the Linux kernel through 4.17.10. There is  ...)
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199837
 	NOTE: https://patchwork.kernel.org/patch/10503415/
-CVE-2018-14609
+CVE-2018-14609 (An issue was discovered in the Linux kernel through 4.17.10. There is  ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.8-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199833
 	NOTE: https://patchwork.kernel.org/patch/10500521/
-CVE-2018-14608
+CVE-2018-14608 (Thomson Reuters UltraTax CS 2017 on Windows has a password protection  ...)
 	NOT-FOR-US: Thomson Reuters UltraTax CS 2017
-CVE-2018-14607
+CVE-2018-14607 (Thomson Reuters UltraTax CS 2017 on Windows, in a client/server config ...)
 	NOT-FOR-US: Thomson Reuters UltraTax CS 2017
-CVE-2018-14600
+CVE-2018-14600 (An issue was discovered in libX11 through 1.6.5. The function XListExt ...)
 	{DLA-1482-1}
 	- libx11 2:1.6.6-1 (low)
 	[stretch] - libx11 2:1.6.4-3+deb9u1
 	[wheezy] - libx11 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/commit/dbf72805fd9d7b1846fe9a11b46f3994bfc27fea
-CVE-2018-14599
+CVE-2018-14599 (An issue was discovered in libX11 through 1.6.5. The function XListExt ...)
 	{DLA-1482-1}
 	- libx11 2:1.6.6-1 (low)
 	[stretch] - libx11 2:1.6.4-3+deb9u1
 	[wheezy] - libx11 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/commit/b469da1430cdcee06e31c6251b83aede072a1ff0
-CVE-2018-14598
+CVE-2018-14598 (An issue was discovered in XListExtensions in ListExt.c in libX11 thro ...)
 	{DLA-1482-1}
 	- libx11 2:1.6.6-1 (low)
 	[stretch] - libx11 2:1.6.4-3+deb9u1
 	[wheezy] - libx11 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/commit/e83722768fd5c467ef61fa159e8c6278770b45c2
-CVE-2018-14606
+CVE-2018-14606 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	- gitlab 10.8.7+dfsg-1
 	[stretch] - gitlab <not-affected> (Only affects 10.6 and later)
 	NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
-CVE-2018-14605
+CVE-2018-14605 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	- gitlab 10.8.7+dfsg-1
 	[stretch] - gitlab <not-affected> (Only affects 10.7 and later)
 	NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
-CVE-2018-14604
+CVE-2018-14604 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	- gitlab 10.8.7+dfsg-1
 	[stretch] - gitlab <not-affected> (Only affects 10.7 and later)
 	NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
-CVE-2018-14603
+CVE-2018-14603 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	- gitlab 10.8.7+dfsg-1
 	NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
-CVE-2018-14602
+CVE-2018-14602 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
 	- gitlab 10.8.7+dfsg-1
 	[stretch] - gitlab <not-affected> (Affects 9.0 and later only)
 	NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
-CVE-2018-14601
+CVE-2018-14601 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
 	- gitlab <not-affected> (11.1.0 specific regression)
 	NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
-CVE-2018-14597
+CVE-2018-14597 (CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA  ...)
 	NOT-FOR-US: CA Technologies Identity Governance
-CVE-2018-1002208
+CVE-2018-1002208 (sharplibzip before 1.0 RC1 is vulnerable to directory traversal, allow ...)
 	- mono 5.18.0.240+dfsg-1
 	[stretch] - mono <no-dsa> (Minor issue)
 	[jessie] - mono <no-dsa> (Minor issue)
@@ -16436,64 +16436,64 @@ CVE-2018-1002208
 	NOTE: https://snyk.io/vuln/SNYK-DOTNET-SHARPZIPLIB-60247
 	NOTE: https://github.com/icsharpcode/SharpZipLib/issues/232
 	NOTE: https://github.com/mono/mono/issues/11492
-CVE-2018-1002207
+CVE-2018-1002207 (mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393e ...)
 	NOT-FOR-US: golang-github-mholt-archiver
-CVE-2018-1002206
+CVE-2018-1002206 (SharpCompress before 0.21.0 is vulnerable to directory traversal, allo ...)
 	NOT-FOR-US: SharpCompress library (for .NET Standard 1.0)
-CVE-2018-1002205
+CVE-2018-1002205 (DotNetZip.Semvered before 1.11.0 is vulnerable to directory traversal, ...)
 	NOT-FOR-US: DotNetZip.Semvered library (.NET)
-CVE-2018-1002203
+CVE-2018-1002203 (unzipper npm library before 0.8.13 is vulnerable to directory traversa ...)
 	NOT-FOR-US: unzipper nodejs module
-CVE-2018-14596
+CVE-2018-14596 (wancms 1.0 through 5.0 allows remote attackers to cause a denial of se ...)
 	NOT-FOR-US: wancms
 CVE-2018-14595
 	RESERVED
 CVE-2018-14594
 	RESERVED
-CVE-2018-14593
+CVE-2018-14593 (An issue was discovered in Open Ticket Request System (OTRS) 6.0.x thr ...)
 	{DSA-4317-1 DLA-1473-1}
 	- otrs2 6.0.10-1
 	NOTE: https://community.otrs.com/security-advisory-2018-03-security-update-for-otrs-framework/
 	NOTE: OTRS-6: https://github.com/OTRS/otrs/commit/57cda14db8fdbcbfb8cabb32d85fbc89fde48c62
 	NOTE: OTRS-5: https://github.com/OTRS/otrs/commit/7b6802723e1f5d1764b617e9fcf0a8dd21e96216
 	NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/78331ea187181d6130189d4563a50b4c30256320
-CVE-2018-14592
+CVE-2018-14592 (The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW  ...)
 	NOT-FOR-US: CWJoomla
 CVE-2018-14591
 	RESERVED
-CVE-2018-14590
+CVE-2018-14590 (An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in  ...)
 	NOT-FOR-US: Bento4
-CVE-2018-14589
+CVE-2018-14589 (An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParse ...)
 	NOT-FOR-US: Bento4
-CVE-2018-14588
+CVE-2018-14588 (An issue has been discovered in Bento4 1.5.1-624. A NULL pointer deref ...)
 	NOT-FOR-US: Bento4
-CVE-2018-14587
+CVE-2018-14587 (An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream ...)
 	NOT-FOR-US: Bento4
-CVE-2018-14586
+CVE-2018-14586 (An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in  ...)
 	NOT-FOR-US: Bento4
-CVE-2018-14585
+CVE-2018-14585 (An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE  ...)
 	NOT-FOR-US: Bento4
-CVE-2018-14584
+CVE-2018-14584 (An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create ...)
 	NOT-FOR-US: Bento4
-CVE-2018-14583
+CVE-2018-14583 (xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a backgroun ...)
 	NOT-FOR-US: XYHCMS
-CVE-2018-14582
+CVE-2018-14582 (index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a ...)
 	NOT-FOR-US: BageCMS
-CVE-2018-14581
+CVE-2018-14581 (Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12 ...)
 	NOT-FOR-US: Redgate .NET Reflector and SmartAssembly
 CVE-2018-14580
 	RESERVED
-CVE-2018-14579
+CVE-2018-14579 (GolemCMS through 2008-12-24, if the install/ directory remains active  ...)
 	NOT-FOR-US: GolemCMS
 CVE-2018-14578
 	RESERVED
 CVE-2018-14577
 	RESERVED
-CVE-2018-14576
+CVE-2018-14576 (The mintToken function of a smart contract implementation for SunContr ...)
 	NOT-FOR-US: smart contract implementation for SunContract
-CVE-2018-14575
+CVE-2018-14575 (Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a t ...)
 	TODO: check
-CVE-2018-14574
+CVE-2018-14574 (django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11 ...)
 	{DSA-4264-1}
 	- python-django 1:1.11.15-1 (bug #905216)
 	[jessie] - python-django <not-affected> (Vulnerable code not present)
@@ -16502,78 +16502,78 @@ CVE-2018-14574
 	NOTE: https://github.com/django/django/commit/c4e5ff7fdb5fce447675e90291fd33fddd052b3c (2.1 release branch)
 	NOTE: https://github.com/django/django/commit/d6eaee092709aad477a9894598496c6deec532ff (1.11 release branch)
 	NOTE: https://github.com/django/django/commit/434d309ef6dbecbfd2b322d3a1da78aa5cb05fa8 (vuln. introduced here?)
-CVE-2018-14573
+CVE-2018-14573 (A Local File Inclusion (LFI) vulnerability exists in the Web Interface ...)
 	NOT-FOR-US: TightRope Media Carousel Digital Signage
-CVE-2018-14572
+CVE-2018-14572 (In conference-scheduler-cli, a pickle.load call on imported data allow ...)
 	NOT-FOR-US: conference-scheduler-cli
 CVE-2018-14571
 	RESERVED
-CVE-2018-14570
+CVE-2018-14570 (A file upload vulnerability in application/shop/controller/member.php  ...)
 	NOT-FOR-US: Niushop B2B2C Multi-business basic
 CVE-2018-14569
 	RESERVED
-CVE-2018-1999024
+CVE-2018-1999024 (MathJax version prior to version 2.7.4 contains a Cross Site Scripting ...)
 	- mathjax 2.7.4+dfsg-1
 	[stretch] - mathjax <no-dsa> (Minor issue)
 	[jessie] - mathjax <no-dsa> (Minor issue)
 	NOTE: https://github.com/mathjax/MathJax/commit/a55da396c18cafb767a26aa9ad96f6f4199852f1
-CVE-2018-1999021
+CVE-2018-1999021 (Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) ...)
 	NOT-FOR-US: Gleezcms Gleez Cms
-CVE-2018-1999020
+CVE-2018-1999020 (Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier versi ...)
 	NOT-FOR-US: ONOS
-CVE-2018-1999019
+CVE-2018-1999019 (Chamilo LMS version 11.x contains an Unserialization vulnerability in  ...)
 	NOT-FOR-US: Chamilo LMS
-CVE-2018-1999018
+CVE-2018-1999018 (Pydio version 8.2.1 and prior contains an Unvalidated user input leadi ...)
 	- ajaxplorer <itp> (bug #668381)
-CVE-2018-1999017
+CVE-2018-1999017 (Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery ...)
 	- ajaxplorer <itp> (bug #668381)
-CVE-2018-1999016
+CVE-2018-1999016 (Pydio version 8.2.0 and earlier contains a Cross Site Scripting (XSS)  ...)
 	- ajaxplorer <itp> (bug #668381)
-CVE-2018-1999015
+CVE-2018-1999015 (FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains ...)
 	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32
-CVE-2018-1999014
+CVE-2018-1999014 (FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains ...)
 	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/bab0716c7f4793ec42e05a5aa7e80d82a0dd4e7
-CVE-2018-1999013
+CVE-2018-1999013 (FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains ...)
 	{DSA-4249-1}
 	- ffmpeg 7:4.0.2-1
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/a7e032a277452366771951e29fd0bf2bd5c029f
-CVE-2018-1999012
+CVE-2018-1999012 (FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains ...)
 	{DSA-4249-1}
 	- ffmpeg 7:4.0.2-1
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/9807d3976be0e92e4ece3b4b1701be894cd7c2e
-CVE-2018-1999011
+CVE-2018-1999011 (FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains ...)
 	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <postponed> (Minor issue, wait for next 3.2 release)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2b46ebdbff1d8dec7a3d8ea280a612b91a58286
-CVE-2018-1999010
+CVE-2018-1999010 (FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains ...)
 	{DSA-4249-1 DLA-1630-1}
 	- ffmpeg 7:4.0.2-1
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e
-CVE-2018-1999009
+CVE-2018-1999009 (October CMS version prior to Build 437 contains a Local File Inclusion ...)
 	NOT-FOR-US: October CMS
-CVE-2018-1999008
+CVE-2018-1999008 (October CMS version prior to build 437 contains a Cross Site Scripting ...)
 	NOT-FOR-US: October CMS
-CVE-2018-14568
+CVE-2018-14568 (Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from  ...)
 	- suricata 1:4.0.5-1
 	[stretch] - suricata <no-dsa> (Minor issue)
 	[jessie] - suricata <no-dsa> (Minor issue)
 	NOTE: https://github.com/OISF/suricata/pull/3428/commits/843d0b7a10bb45627f94764a6c5d468a24143345
 	NOTE: https://redmine.openinfosecfoundation.org/issues/2501
-CVE-2018-14567
+CVE-2018-14567 (libxml2 2.9.8, if --with-lzma is used, allows remote attackers to caus ...)
 	{DLA-1524-1}
 	- libxml2 <unfixed>
 	[stretch] - libxml2 <postponed> (Minor issue)
@@ -16581,13 +16581,13 @@ CVE-2018-14567
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74
 CVE-2018-14566
 	RESERVED
-CVE-2018-14565
+CVE-2018-14565 (An issue was discovered in libthulac.so in THULAC through 2018-02-25.  ...)
 	NOT-FOR-US: THULAC
-CVE-2018-14564
+CVE-2018-14564 (An issue was discovered in libthulac.so in THULAC through 2018-02-25.  ...)
 	NOT-FOR-US: THULAC
-CVE-2018-14563
+CVE-2018-14563 (An issue was discovered in libthulac.so in THULAC through 2018-02-25.  ...)
 	NOT-FOR-US: THULAC
-CVE-2018-14562
+CVE-2018-14562 (An issue was discovered in libthulac.so in THULAC through 2018-02-25.  ...)
 	NOT-FOR-US: THULAC
 CVE-2018-14561
 	RESERVED
@@ -16595,7 +16595,7 @@ CVE-2018-14560
 	RESERVED
 CVE-2018-14559
 	RESERVED
-CVE-2018-14558
+CVE-2018-14558 (An issue was discovered on Tenda AC7 devices with firmware through V15 ...)
 	NOT-FOR-US: Tenda AC7 devices
 CVE-2018-14557
 	RESERVED
@@ -16609,7 +16609,7 @@ CVE-2018-14553
 	RESERVED
 CVE-2018-14552
 	RESERVED
-CVE-2018-14551
+CVE-2018-14551 (The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 use ...)
 	- imagemagick 8:6.9.10.8+dfsg-1 (bug #904713)
 	[stretch] - imagemagick <postponed> (Can be fixed along in a future DSA)
 	[jessie] - imagemagick <not-affected> (vulnerable code not present)
@@ -16621,7 +16621,7 @@ CVE-2018-14550 [stack-based buffer overflow in contrib/pngminus/pnm2png.c:get_to
 	- libpng1.6 <unfixed> (unimportant)
 	- libpng <removed> (unimportant)
 	NOTE: https://github.com/glennrp/libpng/issues/246
-CVE-2018-14549
+CVE-2018-14549 (An issue has been found in libwav through 2017-04-20. It is a SEGV in  ...)
 	NOT-FOR-US: libwav
 CVE-2018-14548
 	RESERVED
@@ -16629,15 +16629,15 @@ CVE-2018-14547
 	RESERVED
 CVE-2018-14546
 	RESERVED
-CVE-2018-14545
+CVE-2018-14545 (There exists one invalid memory read bug in AP4_SampleDescription::Get ...)
 	NOT-FOR-US: Bento4
-CVE-2018-14544
+CVE-2018-14544 (There exists one invalid memory read bug in AP4_SampleDescription::Get ...)
 	NOT-FOR-US: Bento4
-CVE-2018-14543
+CVE-2018-14543 (There exists one NULL pointer dereference vulnerability in AP4_JsonIns ...)
 	NOT-FOR-US: Bento4
 CVE-2018-14542
 	RESERVED
-CVE-2018-14541
+CVE-2018-14541 (PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS v ...)
 	NOT-FOR-US: PHP Scripts Mall Basic B2B Script
 CVE-2018-14540
 	RESERVED
@@ -16653,11 +16653,11 @@ CVE-2018-14535
 	RESERVED
 CVE-2018-14534
 	RESERVED
-CVE-2018-14533
+CVE-2018-14533 (read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain privil ...)
 	NOT-FOR-US: Inteno IOPSYS
-CVE-2018-14532
+CVE-2018-14532 (An issue was discovered in Bento4 1.5.1-624. There is a heap-based buf ...)
 	NOT-FOR-US: Bento4
-CVE-2018-14531
+CVE-2018-14531 (An issue was discovered in Bento4 1.5.1-624. There is an unspecified " ...)
 	NOT-FOR-US: Bento4
 CVE-2018-14530
 	RESERVED
@@ -16665,9 +16665,9 @@ CVE-2018-14529
 	RESERVED
 CVE-2018-14528
 	RESERVED
-CVE-2018-14527
+CVE-2018-14527 (Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection m ...)
 	NOT-FOR-US: Xiao5uCompany
-CVE-2018-14526
+CVE-2018-14526 (An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 throug ...)
 	{DLA-1462-1}
 	- wpa 2:2.6-18 (bug #905739)
 	[stretch] - wpa 2:2.4-1+deb9u2
@@ -16676,19 +16676,19 @@ CVE-2018-14526
 	NOTE: https://w1.fi/security/2018-1/rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch
 CVE-2018-14525
 	RESERVED
-CVE-2018-14524
+CVE-2018-14524 (dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a doubl ...)
 	- libredwg <itp> (bug #595191)
-CVE-2018-14523
+CVE-2018-14523 (An issue was discovered in aubio 0.4.6. A buffer over-read can occur i ...)
 	- aubio 0.4.6-1 (bug #904906)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
 	NOTE: https://github.com/aubio/aubio/issues/189
-CVE-2018-14522
+CVE-2018-14522 (An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aub ...)
 	- aubio 0.4.6-1 (bug #904907)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
 	NOTE: https://github.com/aubio/aubio/issues/188
-CVE-2018-14521
+CVE-2018-14521 (An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aub ...)
 	- aubio 0.4.6-1 (bug #904908)
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
@@ -16699,17 +16699,17 @@ CVE-2018-14519
 	RESERVED
 CVE-2018-14518
 	RESERVED
-CVE-2018-14517
+CVE-2018-14517 (SeaCMS 6.61 has two XSS issues in the admin_config.php file via certai ...)
 	NOT-FOR-US: SeaCMS
 CVE-2018-14516
 	RESERVED
-CVE-2018-14515
+CVE-2018-14515 (A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote a ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-14514
+CVE-2018-14514 (An SSRF vulnerability was discovered in idreamsoft iCMS V7.0.9 that al ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-14513
+CVE-2018-14513 (An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is persi ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-14512
+CVE-2018-14512 (An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is persi ...)
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-14511
 	RESERVED
@@ -16723,20 +16723,20 @@ CVE-2018-14507
 	RESERVED
 CVE-2018-14506
 	RESERVED
-CVE-2018-14504
+CVE-2018-14504 (An issue was discovered in manage_filter_edit_page.php in MantisBT 2.x ...)
 	- mantis <removed>
 	NOTE: http://github.com/mantisbt/mantisbt/commit/8b5fa243dbf04344a55fe880135ec149fc1f439f
 	NOTE: https://mantisbt.org/blog/archives/mantisbt/602
 	NOTE: https://mantisbt.org/bugs/view.php?id=24608
-CVE-2018-14503
+CVE-2018-14503 (Cross-site scripting (XSS) vulnerability in intervalCheck.jsp in Corem ...)
 	NOT-FOR-US: Coremail XT
 CVE-2018-14502
 	RESERVED
-CVE-2018-14501
+CVE-2018-14501 (manager/admin_ajax.php in joyplus-cms 1.6.0 has SQL Injection, as demo ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-14500
+CVE-2018-14500 (joyplus-cms 1.6.0 has XSS via the manager/collect/collect_vod_zhuiju.p ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-1999023
+CVE-2018-1999023 (The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a ...)
 	- wesnoth-1.14 1:1.14.4-1
 	- wesnoth-1.12 <removed>
 	[stretch] - wesnoth-1.12 1:1.12.6-1+deb9u1
@@ -16744,15 +16744,15 @@ CVE-2018-1999023
 	[jessie] - wesnoth-1.10 <end-of-life> (Games are not supported in Jessie)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/20/1
 	NOTE: https://github.com/wesnoth/wesnoth/commit/d911268a783467842d38eae7ac1630f1fea41318 (1.14.x)
-CVE-2018-14505
+CVE-2018-14505 (mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to t ...)
 	- mitmproxy 3.0.4-1 (bug #904293)
 	[stretch] - mitmproxy <ignored> (Minor issue)
 	[jessie] - mitmproxy <ignored> (Minor issue)
 	NOTE: https://github.com/mitmproxy/mitmproxy/issues/3234
 	NOTE: https://github.com/mitmproxy/mitmproxy/pull/3243
-CVE-2018-14499
+CVE-2018-14499 (An issue was found in HYBBS through 2016-03-08. There is an XSS vulner ...)
 	NOT-FOR-US: HYBBS
-CVE-2018-14498
+CVE-2018-14498 (get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG th ...)
 	{DLA-1719-1}
 	- libjpeg-turbo <unfixed> (bug #924678)
 	[stretch] - libjpeg-turbo <no-dsa> (Minor issue)
@@ -16760,7 +16760,7 @@ CVE-2018-14498
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258
 	NOTE: https://github.com/mozilla/mozjpeg/issues/299
-CVE-2018-14497
+CVE-2018-14497 (Tenda D152 ADSL routers allow XSS via a crafted SSID. ...)
 	NOT-FOR-US: Tenda D152 ADSL routers
 CVE-2018-14496
 	RESERVED
@@ -16768,11 +16768,11 @@ CVE-2018-14495
 	RESERVED
 CVE-2018-14494
 	RESERVED
-CVE-2018-14493
+CVE-2018-14493 (Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Au ...)
 	NOT-FOR-US: Open-Audit Community
-CVE-2018-14492
+CVE-2018-14492 (Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN,  ...)
 	NOT-FOR-US: Tenda devices
-CVE-2018-1999022
+CVE-2018-1999022 (PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) ...)
 	- civicrm 5.3.1+dfsg-1 (bug #904215)
 	NOTE: https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform
 CVE-2018-14491
@@ -16785,7 +16785,7 @@ CVE-2018-14488
 	RESERVED
 CVE-2018-14487
 	RESERVED
-CVE-2018-14486
+CVE-2018-14486 (DNN (formerly DotNetNuke) 9.1.1 allows cross-site scripting (XSS) via  ...)
 	TODO: check
 CVE-2018-14485
 	RESERVED
@@ -16795,7 +16795,7 @@ CVE-2018-14483
 	RESERVED
 CVE-2018-14482
 	RESERVED
-CVE-2018-14481
+CVE-2018-14481 (Osclass 3.7.4 has XSS via the query string to index.php, a different v ...)
 	NOT-FOR-US: Osclass
 CVE-2018-14480
 	RESERVED
@@ -16810,14 +16810,14 @@ CVE-2018-14476
 	RESERVED
 CVE-2018-14475
 	RESERVED
-CVE-2018-14474
+CVE-2018-14474 (views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the ne ...)
 	NOT-FOR-US: Orange Forum
-CVE-2018-14473
+CVE-2018-14473 (OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing ...)
 	- ocsinventory-server 2.5+dfsg-1 (unimportant; bug #905396)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-14472
+CVE-2018-14472 (An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is cor ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-14471
+CVE-2018-14471 (dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0 ...)
 	- libredwg <itp> (bug #595191)
 CVE-2018-14470
 	RESERVED
@@ -16839,93 +16839,93 @@ CVE-2018-14462
 	RESERVED
 CVE-2018-14461
 	RESERVED
-CVE-2018-14460
+CVE-2018-14460 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README3.md
-CVE-2018-14459
+CVE-2018-14459 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14458
+CVE-2018-14458 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer  ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14457
+CVE-2018-14457 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14456
+CVE-2018-14456 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14455
+CVE-2018-14455 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14454
+CVE-2018-14454 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14453
+CVE-2018-14453 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer  ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14452
+CVE-2018-14452 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14451
+CVE-2018-14451 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer  ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14450
+CVE-2018-14450 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14449
+CVE-2018-14449 (An issue was discovered in libgig 4.1.0. There is an out of bounds rea ...)
 	- libgig <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
-CVE-2018-14448
+CVE-2018-14448 (Codec::parse in track.cpp in Untrunc through 2018-06-07 has a NULL poi ...)
 	- untrunc <itp> (bug #702476)
-CVE-2018-14447
+CVE-2018-14447 (trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds r ...)
 	{DLA-1470-1}
 	- confuse 3.2.1+dfsg-5 (bug #904159)
 	[stretch] - confuse 3.0+dfsg-2+deb9u1
 	NOTE: https://github.com/martinh/libconfuse/issues/109
-CVE-2018-14446
+CVE-2018-14446 (MP4Integer32Property::Read in atom_avcC.cpp in MP4v2 2.1.0 allows remo ...)
 	- mp4v2 <removed> (bug #904896)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/TechSmith/mp4v2/issues/20
-CVE-2018-14445
+CVE-2018-14445 (In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remo ...)
 	NOT-FOR-US: Bento4
-CVE-2018-14444
+CVE-2018-14444 (libdxfrw 0.6.3 has an Integer Overflow in dwgCompressor::decompress18  ...)
 	NOT-FOR-US: libdxfrw
-CVE-2018-14443
+CVE-2018-14443 (get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote ...)
 	- libredwg <itp> (bug #595191)
-CVE-2018-14442
+CVE-2018-14442 (Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Fre ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14441
+CVE-2018-14441 (An issue was discovered in cckevincyh SSH CompanyWebsite through 2018- ...)
 	NOT-FOR-US: cckevincyh SSH CompanyWebsite
-CVE-2018-14440
+CVE-2018-14440 (An issue was discovered in cckevincyh SSH CompanyWebsite through 2018- ...)
 	NOT-FOR-US: cckevincyh SSH CompanyWebsite
-CVE-2018-14439
+CVE-2018-14439 (espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 misha ...)
 	NOT-FOR-US: eos4j
-CVE-2018-14438
+CVE-2018-14438 (In Wireshark through 2.6.2, the create_app_running_mutex function in w ...)
 	- wireshark <not-affected> (Problem with SetSecurityDescriptorDacl() is Windows specific issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14921
-CVE-2018-14437
+CVE-2018-14437 (ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. ...)
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1190
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/082223fb992448dbb574747deac9a30f986c116e
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/0812674565df667b1b3e4122ad259096de311c6c
-CVE-2018-14436
+CVE-2018-14436 (ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff. ...)
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1191
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4b352c0be410ad900469a079e389178f878aded8
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ae3eecad2f59e27123c1a6c891be75d06fc03656
-CVE-2018-14435
+CVE-2018-14435 (ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. ...)
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1193
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/957b6397b958a5881005df27eb97319b3175a3c9
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/e8f4f5e776002aa6ed490d7c6f65e10fa67359dd
-CVE-2018-14434
+CVE-2018-14434 (ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage  ...)
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1192
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/98a2cceae0dceccbfe54051167c2c80be1f13c3f
 CVE-2018-14433
 	RESERVED
-CVE-2018-14432
+CVE-2018-14432 (In the Federation component of OpenStack Keystone before 11.0.4, 12.0. ...)
 	{DSA-4275-1}
 	- keystone 2:13.0.0-7 (bug #904616)
 	[jessie] - keystone <end-of-life> (Not supported in Jessie)
@@ -16933,9 +16933,9 @@ CVE-2018-14432
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1779205
 CVE-2018-14431
 	RESERVED
-CVE-2018-14430
+CVE-2018-14430 (The Mondula Multi Step Form plugin through 1.2.5 for WordPress allows  ...)
 	NOT-FOR-US:  Mondula Multi Step Form plugin for WordPress
-CVE-2018-14429
+CVE-2018-14429 (man-cgi before 1.16 allows Local File Inclusion via absolute path trav ...)
 	NOT-FOR-US: man-cgi
 CVE-2018-14428
 	RESERVED
@@ -16945,32 +16945,32 @@ CVE-2018-14426
 	RESERVED
 CVE-2018-14425
 	RESERVED
-CVE-2018-14424
+CVE-2018-14424 (The daemon in GDM through 3.29.1 does not properly unexport display ob ...)
 	{DSA-4270-1 DLA-1494-1}
 	- gdm3 3.28.2-4
 	NOTE: https://gitlab.gnome.org/GNOME/gdm/issues/401
 	NOTE: https://gitlab.gnome.org/GNOME/gdm/commit/6060db704a19b0db68f2e9e6a2d020c0c78b6bba
 	NOTE: https://gitlab.gnome.org/GNOME/gdm/commit/765b306c364885dd89d47fe9fe8618ce6a467bc1
-CVE-2018-14423
+CVE-2018-14423 (Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_nex ...)
 	{DSA-4405-1 DLA-1614-1}
 	- openjpeg2 2.3.0-2 (low; bug #904873)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1123
 	NOTE: https://github.com/uclouvain/openjpeg/commit/bd88611ed9ad7144ec4f3de54790cd848175891b
-CVE-2018-14422
+CVE-2018-14422 (blog/index.php in SansCMS 0.7 has XSS via the q parameter. ...)
 	NOT-FOR-US: SansCMS
-CVE-2018-14421
+CVE-2018-14421 (SeaCMS v6.61 allows Remote Code execution by placing PHP code in a mov ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-14420
+CVE-2018-14420 (MetInfo 6.0.0 allows a CSRF attack to add a user account via a doaddsa ...)
 	NOT-FOR-US: MetInfo
-CVE-2018-14419
+CVE-2018-14419 (MetInfo 6.0.0 allows XSS via a modified name of the navigation bar on  ...)
 	NOT-FOR-US: MetInfo
-CVE-2018-14418
+CVE-2018-14418 (In Msvod Cms v10, SQL Injection exists via an images/lists?cid= URI. ...)
 	NOT-FOR-US: Msvod Cms
-CVE-2018-14417
+CVE-2018-14417 (A command injection vulnerability was found in the web administration  ...)
 	NOT-FOR-US: SoftNAS
 CVE-2018-14416
 	RESERVED
-CVE-2018-14415
+CVE-2018-14415 (An issue was discovered in idreamsoft iCMS before 7.0.10. XSS exists v ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-14414
 	RESERVED
@@ -16992,70 +16992,70 @@ CVE-2018-14406
 	RESERVED
 CVE-2018-14405
 	RESERVED
-CVE-2018-14404
+CVE-2018-14404 (A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPat ...)
 	{DLA-1524-1}
 	- libxml2 <unfixed> (bug #901817)
 	[stretch] - libxml2 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/issues/5
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/issues/10
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/commit/a436374994c47b12d5de1b8b1d191a098fa23594
-CVE-2018-14403
+CVE-2018-14403 (MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substring ...)
 	- mp4v2 <removed> (bug #904897)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/3
-CVE-2018-14402
+CVE-2018-14402 (axmldec 1.2.0 has an out-of-bounds write in the jitana::axml_parser::p ...)
 	NOT-FOR-US: axmldec
-CVE-2018-14401
+CVE-2018-14401 (CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out- ...)
 	NOT-FOR-US: AXML Parser
 CVE-2018-14400
 	REJECTED
-CVE-2018-14399
+CVE-2018-14399 (libs\classes\attachment.class.php in PHPCMS 9.6.0 allows remote attack ...)
 	NOT-FOR-US: PHPCMS
-CVE-2018-14398
+CVE-2018-14398 (An issue was discovered in Creme CRM 1.6.12. The value of the cancel b ...)
 	NOT-FOR-US: Creme CRM
-CVE-2018-14397
+CVE-2018-14397 (An issue was discovered in Creme CRM 1.6.12. The organization creation ...)
 	NOT-FOR-US: Creme CRM
-CVE-2018-14396
+CVE-2018-14396 (An issue was discovered in Creme CRM 1.6.12. The salesman creation pag ...)
 	NOT-FOR-US: Creme CRM
-CVE-2018-14395
+CVE-2018-14395 (libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause  ...)
 	{DSA-4258-1}
 	- ffmpeg 7:4.0.2-1
 	- libav <removed>
 	[jessie] - libav <not-affected> (only version 2 is supported)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582
-CVE-2018-14394
+CVE-2018-14394 (libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause  ...)
 	{DSA-4249-1 DLA-1630-1}
 	- ffmpeg 7:4.0.2-1
 	- libav <removed>
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/3a2d21bc5f97aa0161db3ae731fc2732be6108b8
 CVE-2018-14393
 	RESERVED
-CVE-2018-14392
+CVE-2018-14392 (The New Threads plugin before 1.2 for MyBB has XSS. ...)
 	NOT-FOR-US: New Threads plugin for MyBB
 CVE-2018-14391
 	RESERVED
 CVE-2018-14390
 	RESERVED
-CVE-2018-1999001
+CVE-2018-1999001 (A unauthorized modification of configuration vulnerability exists in J ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1999002
+CVE-2018-1999002 (A arbitrary file read vulnerability exists in Jenkins 2.132 and earlie ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1999003
+CVE-2018-1999003 (A Improper authorization vulnerability exists in Jenkins 2.132 and ear ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1999004
+CVE-2018-1999004 (A Improper authorization vulnerability exists in Jenkins 2.132 and ear ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1999005
+CVE-2018-1999005 (A cross-site scripting vulnerability exists in Jenkins 2.132 and earli ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1999006
+CVE-2018-1999006 (A exposure of sensitive information vulnerability exists in Jenkins 2. ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1999007
+CVE-2018-1999007 (A cross-site scripting vulnerability exists in Jenkins 2.132 and earli ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-14389
+CVE-2018-14389 (joyplus-cms 1.6.0 has SQL Injection via the manager/admin_ajax.php val ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-14388
+CVE-2018-14388 (joyplus-cms 1.6.0 has XSS via the manager/admin_ajax.php can_search_de ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-14387
+CVE-2018-14387 (An issue was discovered in WonderCMS before 2.5.2. An attacker can cre ...)
 	NOT-FOR-US: WonderCMS
 CVE-2018-14386
 	RESERVED
@@ -17065,13 +17065,13 @@ CVE-2018-14384
 	RESERVED
 CVE-2018-14383
 	RESERVED
-CVE-2018-14382
+CVE-2018-14382 (InstantCMS 2.10.1 has /redirect?url= XSS. ...)
 	NOT-FOR-US: InstantCMS
-CVE-2018-14381
+CVE-2018-14381 (Pagekit before 1.0.14 has a /user/login?redirect= open redirect vulner ...)
 	NOT-FOR-US: Pagekit CMS
-CVE-2018-14380
+CVE-2018-14380 (In Graylog before 2.4.6, XSS was possible in typeahead components, rel ...)
 	- graylog2 <itp> (bug #652273)
-CVE-2018-14379
+CVE-2018-14379 (MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP ...)
 	- mp4v2 <removed> (bug #904898)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
@@ -17090,230 +17090,230 @@ CVE-2018-14373
 	REJECTED
 CVE-2018-14372
 	RESERVED
-CVE-2018-14371
+CVE-2018-14371 (The getLocalePrefix function in ResourceManager.java in Eclipse Mojarr ...)
 	- mojarra <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24
-CVE-2018-14370
+CVE-2018-14370 (In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protoc ...)
 	- wireshark 2.6.2-1
 	[stretch] - wireshark <not-affected> (Vulnerable code not present)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14686
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1446124eebc3ea5591d18e719c2a5cff3630638
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-43.html
-CVE-2018-14369
+CVE-2018-14369 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the  ...)
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14869
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=038cd225bfa54e2a7ade4043118796334920a61e
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-41.html
-CVE-2018-14368
+CVE-2018-14368 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the  ...)
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14841
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6c44312f465014eb409d766a9828b7f101f6251c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-40.html
-CVE-2018-14367
+CVE-2018-14367 (In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol diss ...)
 	- wireshark 2.6.2-1
 	[stretch] - wireshark <not-affected> (Vulnerable code not present)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14966
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81ce5fcb3e37a0aaeb7532f7a2a09366f16fa310
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-42.html
-CVE-2018-14366
+CVE-2018-14366 (download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13  ...)
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
 CVE-2018-14365
 	RESERVED
-CVE-2018-14364
+CVE-2018-14364 (GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before 1 ...)
 	- gitlab 10.7.7+dfsg-2 (bug #904026)
 	NOTE: https://about.gitlab.com/2018/07/17/critical-security-release-gitlab-11-dot-0-dot-4-released/
-CVE-2018-14363
+CVE-2018-14363 (An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does no ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.9.1-1
 	NOTE: https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e
 	NOTE: src:mutt 1.9.1-1 switches to official mutt.org source code without neomutt patchset
 	NOTE: previous versions ship a neomutt patchset.
-CVE-2018-14362
+CVE-2018-14362 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018- ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e
 	NOTE: https://gitlab.com/muttmua/mutt/commit/6aed28b40a0410ec47d40c8c7296d8d10bae7576
-CVE-2018-14361
+CVE-2018-14361 (An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds  ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.9.1-1
 	NOTE: https://github.com/neomutt/neomutt/commit/9e927affe3a021175f354af5fa01d22657c20585
 	NOTE: src:mutt 1.9.1-1 switches to official mutt.org source code without neomutt patchset
 	NOTE: previous versions ship a neomutt patchset.
-CVE-2018-14360
+CVE-2018-14360 (An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group i ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.9.1-1
 	NOTE: https://github.com/neomutt/neomutt/commit/6296f7153f0c9d5e5cd3aaf08f9731e56621bdd3
 	NOTE: src:mutt 1.9.1-1 switches to official mutt.org source code without neomutt patchset
 	NOTE: previous versions ship a neomutt patchset.
-CVE-2018-14359
+CVE-2018-14359 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018- ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/6f163e07ae68654d7ac5268cbb7565f6df79ad85
 	NOTE: https://gitlab.com/muttmua/mutt/commit/3d9028fec8f4d08db2251096307c0bbbebce669a
-CVE-2018-14358
+CVE-2018-14358 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018- ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485
 	NOTE: https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870
-CVE-2018-14357
+CVE-2018-14357 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018- ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/e52393740334443ae0206cab2d7caef381646725
 	NOTE: https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d
-CVE-2018-14356
+CVE-2018-14356 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018- ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/93b8ac558752d09e1c56d4f1bc82631316fa9c82
 	NOTE: https://gitlab.com/muttmua/mutt/commit/e154cba1b3fc52bb8cb8aa846353c0db79b5d9c6
-CVE-2018-14355
+CVE-2018-14355 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018- ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/57971dba06346b2d7179294f4528b8d4427a7c5d
 	NOTE: https://gitlab.com/muttmua/mutt/commit/31eef6c766f47df8281942d19f76e35f475c781d
-CVE-2018-14354
+CVE-2018-14354 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018- ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/95e80bf9ff10f68cb6443f760b85df4117cb15eb
 	NOTE: https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d
-CVE-2018-14353
+CVE-2018-14353 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018- ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/65d64a5b60a4a3883f2cd799d92c6091d8854f23
 	NOTE: https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d
-CVE-2018-14352
+CVE-2018-14352 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018- ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/e27b65b3bf8defa34db58919496056caf3850cd4
 	NOTE: https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d
-CVE-2018-14351
+CVE-2018-14351 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018- ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/3c49c44be9b459d9c616bcaef6eb5d51298c1741
 	NOTE: https://gitlab.com/muttmua/mutt/commit/e57a8602b45f58edf7b3ffb61bb17525d75dfcb1
-CVE-2018-14350
+CVE-2018-14350 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018- ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485
 	NOTE: https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870
-CVE-2018-14349
+CVE-2018-14349 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018- ...)
 	{DSA-4277-1 DLA-1455-1}
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
 	NOTE: https://github.com/neomutt/neomutt/commit/36a29280448097f34ce9c94606195f2ac643fed1
 	NOTE: https://gitlab.com/muttmua/mutt/commit/9347b5c01dc52682cb6be11539d9b7ebceae4416
-CVE-2018-14348
+CVE-2018-14348 (libcgroup up to and including 0.41 creates /var/log/cgred with mode 06 ...)
 	{DLA-1472-1}
 	- libcgroup 0.41-8.1 (low; bug #906308)
 	[stretch] - libcgroup 0.41-8+deb9u1
 	NOTE: https://sourceforge.net/p/libcg/libcg/ci/0d88b73d189ea3440ccaab00418d6469f76fa590/
 	NOTE: cgred not enabled by default, shipped example config logs to syslog by default
-CVE-2018-14347
+CVE-2018-14347 (GNU Libextractor before 1.7 contains an infinite loop vulnerability in ...)
 	{DSA-4290-1 DLA-1478-1}
 	- libextractor 1:1.7-1 (bug #904905)
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html
 	NOTE: https://gnunet.org/bugs/view.php?id=5399
 	NOTE: https://gnunet.org/git/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394
-CVE-2018-14346
+CVE-2018-14346 (GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_re ...)
 	{DSA-4290-1 DLA-1478-1}
 	- libextractor 1:1.7-1 (bug #904903)
 	NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html
 	NOTE: https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e
-CVE-2018-14345
+CVE-2018-14345 (An issue was discovered in SDDM through 0.17.0. If configured with Reu ...)
 	- sddm 0.18.0-1
 	[stretch] - sddm <not-affected> (Re-use session feature introduced in 0.16.0)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1101450
 	NOTE: https://github.com/sddm/sddm/commit/147cec383892d143b5e02daa70f1e7def50f5d98
-CVE-2018-14344
+CVE-2018-14344 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the  ...)
 	- wireshark 2.6.2-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present, introduced in v1.99.1rc0-224-g6720c80bab)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14672
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f7153685b39a164aea09ba7f96ebb648b8328ae
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-35.html
-CVE-2018-14343
+CVE-2018-14343 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the  ...)
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14682
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9402f2f80c6bc7d25178a0875c5a1f5ee36361db
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-37.html
-CVE-2018-14342
+CVE-2018-14342 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the  ...)
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13741
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=36af43dbb7673495948cd65d0346e8b9812b941c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-34.html
-CVE-2018-14341
+CVE-2018-14341 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the  ...)
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14742
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2e716c32be6aa20e1813b0002878853e71f8b2f4
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-39.html
-CVE-2018-14340
+CVE-2018-14340 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, diss ...)
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14675
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=672d882a53f96730e4ef1e5b1639c585823b0df8
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-36.html
-CVE-2018-14339
+CVE-2018-14339 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the  ...)
 	{DLA-1451-1}
 	- wireshark 2.6.2-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14738
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3b77c0a596a8071aebc1de71e3f79e5e15e919ca
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-38.html
-CVE-2018-14338
+CVE-2018-14338 (samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realp ...)
 	- exiv2 <unfixed> (unimportant)
 	NOTE: https://github.com/Exiv2/exiv2/issues/382
 	NOTE: Issue in example code of Exiv2
-CVE-2018-14337
+CVE-2018-14337 (The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1  ...)
 	- mruby 2.0.0-1 (low; bug #903985)
 	[stretch] - mruby <no-dsa> (Minor issue)
 	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/issues/4062
 	NOTE: https://github.com/mruby/mruby/commit/695f29cd604787f43be1af16e38d13610bf8312b
 	NOTE: https://github.com/mruby/mruby/commit/adb1eae912659d680a9c5b7832e22cf73d36a69a
-CVE-2018-14336
+CVE-2018-14336 (TP-Link WR840N devices allow remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-14335
+CVE-2018-14335 (An issue was discovered in H2 1.4.197. Insecure handling of permission ...)
 	NOT-FOR-US: H2 (different from src:python-h2)
-CVE-2018-14334
+CVE-2018-14334 (manager/editor/upload.php in joyplus-cms 1.6.0 allows arbitrary file u ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-14333
+CVE-2018-14333 (TeamViewer through 13.1.1548 stores a password in Unicode format withi ...)
 	NOT-FOR-US: TeamViewer
-CVE-2018-14332
+CVE-2018-14332 (An issue was discovered in Clementine Music Player 1.3.1. Clementine.e ...)
 	- clementine <unfixed> (unimportant)
 	NOTE: https://github.com/clementine-player/Clementine/issues/6078
 	NOTE: https://github.com/MostafaSoliman/Security-Advisories/blob/master/CVE-2018-14332
 	NOTE: Crash in enduser tool, no security impact
-CVE-2018-14331
+CVE-2018-14331 (An issue was discovered in XiaoCms X1 v20140305. There is a CSRF vulne ...)
 	NOT-FOR-US: XiaoCms
 CVE-2018-14330
 	RESERVED
-CVE-2018-14329
+CVE-2018-14329 (In HTSlib 1.8, a race condition in cram/cram_io.c might allow local us ...)
 	- htslib <unfixed> (unimportant)
 	NOTE: https://github.com/samtools/htslib/issues/736
 	NOTE: Neutralised by kernel hardening
-CVE-2018-14328
+CVE-2018-14328 (Brynamics "Online Trade - Online trading and cryptocurrency investment ...)
 	NOT-FOR-US: Brynamics "Online Trade - Online trading and cryptocurrency investment system"
-CVE-2018-14327
+CVE-2018-14327 (The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40V ...)
 	NOT-FOR-US: Alcatel
-CVE-2018-14324
+CVE-2018-14324 (The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP p ...)
 	- glassfish <not-affected> (Vulnerable code not included, only builds a few classes)
 CVE-2018-14323
 	RESERVED
@@ -17321,7 +17321,7 @@ CVE-2018-14322
 	RESERVED
 CVE-2018-14321
 	RESERVED
-CVE-2018-14320
+CVE-2018-14320 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	- libpodofo 0.9.6+dfsg-4 (bug #916240)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -17329,168 +17329,168 @@ CVE-2018-14320
 	NOTE: https://sourceforge.net/p/podofo/code/1953
 CVE-2018-14319
 	RESERVED
-CVE-2018-14318
+CVE-2018-14318 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Samsung
-CVE-2018-14317
+CVE-2018-14317 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14316
+CVE-2018-14316 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14315
+CVE-2018-14315 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14314
+CVE-2018-14314 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14313
+CVE-2018-14313 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14312
+CVE-2018-14312 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14311
+CVE-2018-14311 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14310
+CVE-2018-14310 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14309
+CVE-2018-14309 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14308
+CVE-2018-14308 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14307
+CVE-2018-14307 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14306
+CVE-2018-14306 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14305
+CVE-2018-14305 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14304
+CVE-2018-14304 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14303
+CVE-2018-14303 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14302
+CVE-2018-14302 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14301
+CVE-2018-14301 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14300
+CVE-2018-14300 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14299
+CVE-2018-14299 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14298
+CVE-2018-14298 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14297
+CVE-2018-14297 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14296
+CVE-2018-14296 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14295
+CVE-2018-14295 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-14294
+CVE-2018-14294 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14293
+CVE-2018-14293 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14292
+CVE-2018-14292 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14291
+CVE-2018-14291 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14290
+CVE-2018-14290 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14289
+CVE-2018-14289 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14288
+CVE-2018-14288 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14287
+CVE-2018-14287 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14286
+CVE-2018-14286 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14285
+CVE-2018-14285 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14284
+CVE-2018-14284 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14283
+CVE-2018-14283 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14282
+CVE-2018-14282 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14281
+CVE-2018-14281 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14280
+CVE-2018-14280 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14279
+CVE-2018-14279 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14278
+CVE-2018-14278 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14277
+CVE-2018-14277 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14276
+CVE-2018-14276 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14275
+CVE-2018-14275 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14274
+CVE-2018-14274 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14273
+CVE-2018-14273 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14272
+CVE-2018-14272 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14271
+CVE-2018-14271 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14270
+CVE-2018-14270 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14269
+CVE-2018-14269 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14268
+CVE-2018-14268 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14267
+CVE-2018-14267 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14266
+CVE-2018-14266 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14265
+CVE-2018-14265 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14264
+CVE-2018-14264 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14263
+CVE-2018-14263 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14262
+CVE-2018-14262 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14261
+CVE-2018-14261 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14260
+CVE-2018-14260 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14259
+CVE-2018-14259 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14258
+CVE-2018-14258 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14257
+CVE-2018-14257 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14256
+CVE-2018-14256 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14255
+CVE-2018-14255 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14254
+CVE-2018-14254 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14253
+CVE-2018-14253 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14252
+CVE-2018-14252 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14251
+CVE-2018-14251 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14250
+CVE-2018-14250 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14249
+CVE-2018-14249 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14248
+CVE-2018-14248 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14247
+CVE-2018-14247 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14246
+CVE-2018-14246 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14245
+CVE-2018-14245 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14244
+CVE-2018-14244 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14243
+CVE-2018-14243 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14242
+CVE-2018-14242 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14241
+CVE-2018-14241 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-14326
+CVE-2018-14326 (In MP4v2 2.0.0, there is an integer overflow (with resultant memory co ...)
 	- mp4v2 <removed> (bug #904900)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/16/1
-CVE-2018-14325
+CVE-2018-14325 (In MP4v2 2.0.0, there is an integer underflow (with resultant memory c ...)
 	- mp4v2 <removed> (bug #904901)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
@@ -17797,31 +17797,31 @@ CVE-2018-14091
 	RESERVED
 CVE-2018-14090
 	RESERVED
-CVE-2018-14089
+CVE-2018-14089 (An issue was discovered in a smart contract implementation for Virgo_Z ...)
 	NOT-FOR-US: smart contract implementation for Virgo_ZodiacToken
-CVE-2018-14088
+CVE-2018-14088 (An issue was discovered in a smart contract implementation for STeX Wh ...)
 	NOT-FOR-US: smart contract implementation for STeX White List (STE(WL))
-CVE-2018-14087
+CVE-2018-14087 (An issue was discovered in a smart contract implementation for EUC (EU ...)
 	NOT-FOR-US: smart contract implementation for EUC (EUC)
-CVE-2018-14086
+CVE-2018-14086 (An issue was discovered in a smart contract implementation for Singapo ...)
 	NOT-FOR-US: smart contract implementation for SingaporeCoinOrigin (SCO)
-CVE-2018-14085
+CVE-2018-14085 (An issue was discovered in a smart contract implementation for UserWal ...)
 	NOT-FOR-US: smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42
-CVE-2018-14084
+CVE-2018-14084 (An issue was discovered in a smart contract implementation for MKCB, a ...)
 	NOT-FOR-US: smart contract implementation for MKCB
-CVE-2018-14083
+CVE-2018-14083 (LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obtain se ...)
 	NOT-FOR-US: LICA miniCMTS E8K(u/i/...) devices
-CVE-2018-14082
+CVE-2018-14082 (PHP Scripts Mall JOB SITE (aka Job Portal) 3.0.1 has Cross-site Script ...)
 	NOT-FOR-US: PHP Scripts Mall JOB SITE (aka Job Portal)
-CVE-2018-14081
+CVE-2018-14081 (An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through  ...)
 	NOT-FOR-US: D-Link
-CVE-2018-14080
+CVE-2018-14080 (An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through  ...)
 	NOT-FOR-US: D-Link
-CVE-2018-14079
+CVE-2018-14079 (Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attack ...)
 	NOT-FOR-US: Wi2be SMART HP WMT
-CVE-2018-14078
+CVE-2018-14078 (Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attack ...)
 	NOT-FOR-US: Wi2be SMART HP WMT
-CVE-2018-14077
+CVE-2018-14077 (Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attack ...)
 	NOT-FOR-US: Wi2be SMART HP WMT
 CVE-2018-14076
 	RESERVED
@@ -17829,97 +17829,97 @@ CVE-2018-14075
 	RESERVED
 CVE-2018-14074
 	RESERVED
-CVE-2018-14073
+CVE-2018-14073 (libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c ...)
 	- libsixel 1.8.2-1 (low; bug #903858)
 	[stretch] - libsixel <no-dsa> (Minor issue)
 	[jessie] - libsixel <postponed> (Minor issue)
 	NOTE: https://github.com/saitoha/libsixel/issues/67#issuecomment-404989926
 	NOTE: https://github.com/saitoha/libsixel/commit/f94bc6fec696abd77be275226f28409602bd1f27
-CVE-2018-14072
+CVE-2018-14072 (libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, ...)
 	- libsixel 1.8.2-1 (low; bug #903858)
 	[stretch] - libsixel <no-dsa> (Minor issue)
 	[jessie] - libsixel <postponed> (Minor issue)
 	NOTE: https://github.com/saitoha/libsixel/issues/67#issue-341198610
 	NOTE: https://github.com/saitoha/libsixel/commit/f94bc6fec696abd77be275226f28409602bd1f27
-CVE-2018-14071
+CVE-2018-14071 (The Geo Mashup plugin before 1.10.4 for WordPress has insufficient san ...)
 	NOT-FOR-US: Geo Mashup plugin for WordPress
 CVE-2018-14070
 	RESERVED
-CVE-2018-14069
+CVE-2018-14069 (An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability ...)
 	NOT-FOR-US: SRCMS
-CVE-2018-14068
+CVE-2018-14068 (An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability ...)
 	NOT-FOR-US: SRCMS
 CVE-2018-14067
 	RESERVED
-CVE-2018-14066
+CVE-2018-14066 (The content://wappush content provider in com.android.provider.telepho ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-14065
+CVE-2018-14065 (XMLReader.php in PHPOffice Common before 0.2.9 allows XXE. ...)
 	NOT-FOR-US: PHPOffice
-CVE-2018-14064
+CVE-2018-14064 (The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices all ...)
 	NOT-FOR-US: VelotiSmart WiFi B-380 camera devices
-CVE-2018-14063
+CVE-2018-14063 (The increaseApproval function of a smart contract implementation for T ...)
 	NOT-FOR-US: smart contract
 CVE-2018-14062
 	RESERVED
 CVE-2018-14061
 	RESERVED
-CVE-2018-14060
+CVE-2018-14060 (OS command injection in the AP mode settings feature in /cgi-bin/luci  ...)
 	NOT-FOR-US: Xiaomi R3D
-CVE-2018-14059
+CVE-2018-14059 (Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails,  ...)
 	NOT-FOR-US: Pimcore
-CVE-2018-14058
+CVE-2018-14058 (Pimcore before 5.3.0 allows SQL Injection via the REST web service API ...)
 	NOT-FOR-US: Pimcore
-CVE-2018-14057
+CVE-2018-14057 (Pimcore before 5.3.0 allows remote attackers to conduct cross-site req ...)
 	NOT-FOR-US: Pimcore
-CVE-2018-14055
+CVE-2018-14055 (ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming ...)
 	{DSA-4252-1 DLA-1427-1}
 	- znc 1.7.1-1 (bug #903787)
 	NOTE: https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e
 	NOTE: https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/4
-CVE-2018-14056
+CVE-2018-14056 (ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a we ...)
 	{DSA-4252-1 DLA-1427-1}
 	- znc 1.7.1-1 (bug #903788)
 	NOTE: https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/5
 CVE-2018-14053
 	RESERVED
-CVE-2018-14052
+CVE-2018-14052 (An issue has been found in libwav through 2017-04-20. It is a SEGV in  ...)
 	NOT-FOR-US: libwav
-CVE-2018-14051
+CVE-2018-14051 (The function wav_read in libwav.c in libwav through 2017-04-20 has an  ...)
 	NOT-FOR-US: libwav
-CVE-2018-14050
+CVE-2018-14050 (An issue has been found in libwav through 2017-04-20. It is a SEGV in  ...)
 	NOT-FOR-US: libwav
-CVE-2018-14049
+CVE-2018-14049 (An issue has been found in libwav through 2017-04-20. It is a SEGV in  ...)
 	NOT-FOR-US: libwav
-CVE-2018-14048
+CVE-2018-14048 (An issue has been found in libpng 1.6.34. It is a SEGV in the function ...)
 	- libpng1.6 <unfixed> (unimportant)
 	- libpng <removed> (unimportant)
 	NOTE: https://github.com/glennrp/libpng/issues/238
 	NOTE: Issue in use of libpng in pnm2png not shipped in binary packages.
-CVE-2018-14047
+CVE-2018-14047 (** DISPUTED ** An issue has been found in PNGwriter 0.7.0. It is a SEG ...)
 	- pngwriter <removed>
 	NOTE: https://github.com/pngwriter/pngwriter/issues/129
-CVE-2018-14046
+CVE-2018-14046 (Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunk ...)
 	[experimental] - exiv2 <unfixed> (bug #903763)
 	- exiv2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/Exiv2/exiv2/issues/378
 	NOTE: https://github.com/D4N/exiv2/commit/49bfe84b4b7277cc425572fb68db23c8820181c1
-CVE-2018-14045
+CVE-2018-14045 (The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSou ...)
 	- soundtouch 2.1.2+ds1-1 (low; bug #905504)
 	[stretch] - soundtouch <no-dsa> (Minor issue)
 	[jessie] - soundtouch <no-dsa> (Minor issue)
 	NOTE: https://gitlab.com/soundtouch/soundtouch/issues/7
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/soundtouch/readme.md
-CVE-2018-14044
+CVE-2018-14044 (The RateTransposer::setChannels function in RateTransposer.cpp in libS ...)
 	- soundtouch 2.1.2+ds1-1 (low; bug #905504)
 	[stretch] - soundtouch <no-dsa> (Minor issue)
 	[jessie] - soundtouch <no-dsa> (Minor issue)
 	NOTE: https://gitlab.com/soundtouch/soundtouch/issues/7
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/soundtouch/readme.md
-CVE-2018-14043
+CVE-2018-14043 (mstdlib (aka the M Standard Library for C) 1.2.0 has incorrect file ac ...)
 	NOT-FOR-US: mstdlib
-CVE-2018-14042
+CVE-2018-14042 (In Bootstrap before 4.1.2, XSS is possible in the data-container prope ...)
 	- twitter-bootstrap <unfixed>
 	[stretch] - twitter-bootstrap <no-dsa> (Minor issue)
 	[jessie] - twitter-bootstrap <no-dsa> (Minor issue)
@@ -17934,7 +17934,7 @@ CVE-2018-14042
 	NOTE: https://snyk.io/vuln/npm:bootstrap:20180529
 	NOTE: https://github.com/twbs/bootstrap/commit/2d90d369bbc2bd2647620246c55cec8c4705e3d0 (v4.1.2)
 	NOTE: https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d (v3.4.0)
-CVE-2018-14041
+CVE-2018-14041 (In Bootstrap before 4.1.2, XSS is possible in the data-target property ...)
 	- twitter-bootstrap <not-affected> (Vulnerable code not present)
 	- twitter-bootstrap3 <not-affected> (Vulnerable code not present)
 	NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
@@ -17945,7 +17945,7 @@ CVE-2018-14041
 	NOTE: https://snyk.io/vuln/npm:bootstrap:20160627
 	NOTE: https://snyk.io/vuln/npm:bootstrap:20180529
 	NOTE: https://github.com/twbs/bootstrap/commit/cc61edfa8af7b5ec9d4888c59bf94377e499b78b (v4.1.2)
-CVE-2018-14040
+CVE-2018-14040 (In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent ...)
 	{DLA-1479-1}
 	- twitter-bootstrap <unfixed>
 	[stretch] - twitter-bootstrap <no-dsa> (Minor issue)
@@ -17962,60 +17962,60 @@ CVE-2018-14040
 	NOTE: https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d (v3.4.0)
 CVE-2018-14039
 	RESERVED
-CVE-2018-14038
+CVE-2018-14038 (The aout_32_swap_std_reloc_out function in aoutx.h in the Binary File  ...)
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23405
-CVE-2018-14037
+CVE-2018-14037 (Cross-site scripting (XSS) vulnerability in Progress Kendo UI Editor v ...)
 	NOT-FOR-US: Progress Kendo UI Editor
-CVE-2018-1000211
+CVE-2018-1000211 (Doorkeeper version 4.2.0 and later contains a Incorrect Access Control ...)
 	- ruby-doorkeeper 4.4.2-1 (bug #903980)
 	[stretch] - ruby-doorkeeper <no-dsa> (Minor issue)
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/issues/891
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/pull/1119
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/pull/1031
-CVE-2018-1000210
+CVE-2018-1000210 (YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object ...)
 	NOT-FOR-US: YamlDotNet
-CVE-2018-1000209
+CVE-2018-1000209 (Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insec ...)
 	NOT-FOR-US: Sensu
-CVE-2018-1000208
+CVE-2018-1000208 (MODX Revolution version &lt;=2.6.4 contains a Directory Traversal vuln ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2018-1000207
+CVE-2018-1000207 (MODX Revolution version &lt;=2.6.4 contains a Incorrect Access Control ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2018-1000206
+CVE-2018-1000206 (JFrog Artifactory version since 5.11 contains a Cross ite Request Forg ...)
 	NOT-FOR-US: JFrog Artifactory
-CVE-2018-14054
+CVE-2018-14054 (A double free exists in the MP4StringProperty class in mp4property.cpp ...)
 	- mp4v2 <removed> (bug #903859)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/13/1
-CVE-2018-14036
+CVE-2018-14036 (Directory Traversal with ../ sequences occurs in AccountsService befor ...)
 	- accountsservice 0.6.45-2 (low; bug #903828)
 	[stretch] - accountsservice <no-dsa> (Minor issue)
 	[jessie] - accountsservice <ignored> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/02/2
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=107085
 	NOTE: https://gitlab.freedesktop.org/accountsservice/accountsservice/commit/f9abd359f71a5bce421b9ae23432f539a067847a
-CVE-2018-14035
+CVE-2018-14035 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
-CVE-2018-14034
+CVE-2018-14034 (An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
-CVE-2018-14033
+CVE-2018-14033 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
 CVE-2018-14032
 	REJECTED
-CVE-2018-14031
+CVE-2018-14031 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md
 CVE-2018-14030
 	RESERVED
-CVE-2018-14029
+CVE-2018-14029 (CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allo ...)
 	NOT-FOR-US: Creatiwity wityCMS
-CVE-2018-14028
+CVE-2018-14028 (In WordPress 4.9.7, plugins uploaded via the admin area are not verifi ...)
 	- wordpress 4.9.8+dfsg1-1 (bug #906565)
 	[stretch] - wordpress <no-dsa> (Minor issue)
 	[jessie] - wordpress <postponed> (can be fixed with a later update)
@@ -18029,74 +18029,74 @@ CVE-2018-14025
 	RESERVED
 CVE-2018-14024
 	RESERVED
-CVE-2018-14023
+CVE-2018-14023 (Open Whisper Signal (aka Signal-Desktop) before 1.15.0-beta.10 allows  ...)
 	- signal-desktop <itp> (bug #842943)
 CVE-2018-14022
 	RESERVED
 CVE-2018-14021
 	RESERVED
-CVE-2018-14020
+CVE-2018-14020 (An issue was discovered in the Paymorrow module 1.0.0 before 1.0.2 and ...)
 	NOT-FOR-US: Paymorrow module for OXID shop
 CVE-2018-14019
 	RESERVED
 CVE-2018-14018
 	RESERVED
-CVE-2018-14017
+CVE-2018-14017 (The r_bin_java_annotation_new function in shlr/java/class.c in radare2 ...)
 	- radare2 2.8.0+dfsg-1 (bug #903726)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/e9ce0d64faf19fa4e9c260250fbdf25e3c11e152
 	NOTE: https://github.com/radare/radare2/issues/10498
-CVE-2018-14016
+CVE-2018-14016 (The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7. ...)
 	- radare2 2.8.0+dfsg-1 (bug #903725)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/eb7deb281df54771fb8ecf5890dc325a7d22d3e2
 	NOTE: https://github.com/radare/radare2/issues/10464
-CVE-2018-14015
+CVE-2018-14015 (The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote  ...)
 	- radare2 2.8.0+dfsg-1 (bug #903724)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/d37d2b858ac47f2f108034be0bcecadaddfbc8b3
 	NOTE: https://github.com/radare/radare2/issues/10465
-CVE-2018-14014
+CVE-2018-14014 (In waimai Super Cms 20150505, there is a CSRF vulnerability that can a ...)
 	NOT-FOR-US: waimai Super Cms
 CVE-2018-14013
 	RESERVED
 	NOT-FOR-US: Zimbra
-CVE-2018-14012
+CVE-2018-14012 (WolfSight CMS 3.2 allows SQL injection via the PATH_INFO to the defaul ...)
 	NOT-FOR-US: WolfSight CMS
 CVE-2018-14011
 	RESERVED
-CVE-2018-14010
+CVE-2018-14010 (OS command injection in the guest Wi-Fi settings feature in /cgi-bin/l ...)
 	NOT-FOR-US: Xiaomi
-CVE-2018-14009
+CVE-2018-14009 (Codiad through 2.8.4 allows Remote Code Execution, a different vulnera ...)
 	NOT-FOR-US: Codiad
 CVE-2018-14008
 	RESERVED
-CVE-2018-14007
+CVE-2018-14007 (Citrix XenServer 7.1 and newer allows Directory Traversal. ...)
 	NOT-FOR-US: xapi
-CVE-2018-14006
+CVE-2018-14006 (An integer overflow vulnerability exists in the function multipleTrans ...)
 	NOT-FOR-US: Neo Genesis Token (NGT)
-CVE-2018-14005
+CVE-2018-14005 (An integer overflow vulnerability exists in the function transferAny o ...)
 	NOT-FOR-US: Malaysia coins (Xmc)
-CVE-2018-14004
+CVE-2018-14004 (An integer overflow vulnerability exists in the function transfer_toke ...)
 	NOT-FOR-US: GlobeCoin (GLB)
-CVE-2018-14003
+CVE-2018-14003 (An integer overflow vulnerability exists in the function batchTransfer ...)
 	NOT-FOR-US: WeMediaChain (WMC)
-CVE-2018-14002
+CVE-2018-14002 (An integer overflow vulnerability exists in the function distribute of ...)
 	NOT-FOR-US: MP3 Coin (MP3)
-CVE-2018-14001
+CVE-2018-14001 (An integer overflow vulnerability exists in the function batchTransfer ...)
 	NOT-FOR-US: SHARKTECH (SKT)
 CVE-2018-14000
 	RESERVED
-CVE-2018-13999
+CVE-2018-13999 (Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html editorVal ...)
 	NOT-FOR-US: Catfish CMS
-CVE-2018-13998
+CVE-2018-13998 (ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Securit ...)
 	NOT-FOR-US: ClipperCMS
-CVE-2018-13997
+CVE-2018-13997 (Genann through 2018-07-08 has a SEGV in genann_run in genann.c. ...)
 	NOT-FOR-US: Genann
-CVE-2018-13996
+CVE-2018-13996 (Genann through 2018-07-08 has a stack-based buffer over-read in genann ...)
 	NOT-FOR-US: Genann
 CVE-2018-13995
 	RESERVED
@@ -18116,9 +18116,9 @@ CVE-2018-13991
 CVE-2018-13990
 	RESERVED
 	NOT-FOR-US: Phoenix Contact FL switch
-CVE-2018-13989
+CVE-2018-13989 (Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST ...)
 	NOT-FOR-US: Grundig Smart Inter@ctive TV 3.0 devices
-CVE-2018-13988
+CVE-2018-13988 (Poppler through 0.62 contains an out of bounds read vulnerability due  ...)
 	{DLA-1562-1}
 	- poppler 0.69.0-2 (low; bug #904922)
 	[stretch] - poppler <no-dsa> (Minor issue)
@@ -18134,7 +18134,7 @@ CVE-2018-13984
 	RESERVED
 CVE-2018-13983
 	RESERVED
-CVE-2018-13982
+CVE-2018-13982 (Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is pro ...)
 	- smarty3 3.1.33+20180830.1.3a78a21f+selfpack1-1
 	[jessie] - smarty3 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/smarty-php/smarty/commit/8d21f38dc35c4cd6b31c2f23fc9b8e5adbc56dfe
@@ -18145,9 +18145,9 @@ CVE-2018-13982
 	NOTE: https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180420-01_Smarty_Path_Traversal
 	NOTE: CVE is about the fetch tag as an attack vector.
 	NOTE: vulnerable code introduced in realpath() rewrite (c09b05cbe) released in 3.1.28
-CVE-2018-13981
+CVE-2018-13981 (The websites that were built from Zeta Producer Desktop CMS before 14. ...)
 	NOT-FOR-US: Zeta Producer Desktop CMS
-CVE-2018-13980
+CVE-2018-13980 (The websites that were built from Zeta Producer Desktop CMS before 14. ...)
 	NOT-FOR-US: Zeta Producer Desktop CMS
 CVE-2018-13979
 	RESERVED
@@ -18281,11 +18281,11 @@ CVE-2018-13916
 	RESERVED
 CVE-2018-13915
 	RESERVED
-CVE-2018-13914
+CVE-2018-13914 (Lack of input validation for data received from user space can lead to ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-13913
+CVE-2018-13913 (Improper validation of array index can lead to unauthorized access whi ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-13912
+CVE-2018-13912 (Arbitrary write issue can occur when user provides kernel address in c ...)
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-13911
 	RESERVED
@@ -18299,9 +18299,9 @@ CVE-2018-13907
 	RESERVED
 CVE-2018-13906
 	RESERVED
-CVE-2018-13905
+CVE-2018-13905 (KGSL syncsource lock not handled properly during syncsource cleanup ca ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-13904
+CVE-2018-13904 (Improper input validation in SCM handler to access storage in TZ can l ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-13903
 	RESERVED
@@ -18309,7 +18309,7 @@ CVE-2018-13902
 	RESERVED
 CVE-2018-13901
 	RESERVED
-CVE-2018-13900
+CVE-2018-13900 (Use-after-free vulnerability will occur as there is no protection for  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-13899
 	RESERVED
@@ -18324,7 +18324,7 @@ CVE-2018-13895
 	RESERVED
 CVE-2018-13894
 	RESERVED
-CVE-2018-13893
+CVE-2018-13893 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-13892
 	RESERVED
@@ -18332,9 +18332,9 @@ CVE-2018-13891
 	RESERVED
 CVE-2018-13890
 	RESERVED
-CVE-2018-13889
+CVE-2018-13889 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-13888
+CVE-2018-13888 (There is potential for memory corruption in the RIL daemon due to de r ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-13887
 	RESERVED
@@ -18352,60 +18352,60 @@ CVE-2018-13881
 	RESERVED
 CVE-2018-13880
 	RESERVED
-CVE-2018-13879
+CVE-2018-13879 (A reflected XSS issue was discovered in the registration form in Rocke ...)
 	NOT-FOR-US: Rocket.Chat
-CVE-2018-13878
+CVE-2018-13878 (An XSS issue was discovered in packages/rocketchat-mentions/Mentions.j ...)
 	NOT-FOR-US: Rocket.Chat
-CVE-2018-13877
+CVE-2018-13877 (The doPayouts() function of the smart contract implementation for Mega ...)
 	NOT-FOR-US: MegaCryptoPolis
-CVE-2018-13876
+CVE-2018-13876 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a sta ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13875
+CVE-2018-13875 (An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13874
+CVE-2018-13874 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a sta ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13873
+CVE-2018-13873 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a buf ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13872
+CVE-2018-13872 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13871
+CVE-2018-13871 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13870
+CVE-2018-13870 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13869
+CVE-2018-13869 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a mem ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13868
+CVE-2018-13868 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13867
+CVE-2018-13867 (An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13866
+CVE-2018-13866 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a sta ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/tree/master/hdf5
-CVE-2018-13865
+CVE-2018-13865 (An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the c ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-13864
+CVE-2018-13864 (A directory traversal vulnerability has been found in the Assets contr ...)
 	NOT-FOR-US: Play Framework
-CVE-2018-13862
+CVE-2018-13862 (Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09 ...)
 	NOT-FOR-US: Touchpad / Trivum WebTouch Setup
-CVE-2018-13861
+CVE-2018-13861 (Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09 ...)
 	NOT-FOR-US: Touchpad / Trivum WebTouch Setup
-CVE-2018-13860
+CVE-2018-13860 (MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Pro ...)
 	NOT-FOR-US: MusicCenter / Trivum Multiroom Setup
-CVE-2018-13859
+CVE-2018-13859 (MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Pro ...)
 	NOT-FOR-US: MusicCenter / Trivum Multiroom Setup
-CVE-2018-13858
+CVE-2018-13858 (MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Pro ...)
 	NOT-FOR-US: MusicCenter / Trivum Multiroom Setup
-CVE-2018-13863
+CVE-2018-13863 (The MongoDB bson JavaScript module (also known as js-bson) versions 0. ...)
 	- node-bson <itp> (bug #897282)
 	NOTE: https://github.com/mongodb/js-bson/commit/bd61c45157c53a1698ff23770160cf4783e9ea4a
 CVE-2018-13857
@@ -18422,27 +18422,27 @@ CVE-2018-13852
 	RESERVED
 CVE-2018-13851
 	RESERVED
-CVE-2018-13850
+CVE-2018-13850 (The "Firebase Cloud Messaging (FCM) + Advance Admin Panel" component s ...)
 	NOT-FOR-US: Firebase Cloud Messaging
-CVE-2018-13849
+CVE-2018-13849 (edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XS ...)
 	NOT-FOR-US: yTakkar Instagram-clone
-CVE-2018-13848
+CVE-2018-13848 (An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StszA ...)
 	NOT-FOR-US: Bento4
-CVE-2018-13847
+CVE-2018-13847 (An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoA ...)
 	NOT-FOR-US: Bento4
-CVE-2018-13846
+CVE-2018-13846 (An issue has been found in Bento4 1.5.1-624. AP4_Mpeg2TsVideoSampleStr ...)
 	NOT-FOR-US: Bento4
-CVE-2018-13845
+CVE-2018-13845 (An issue has been found in HTSlib 1.8. It is a buffer over-read in sam ...)
 	- htslib 1.9-2 (low)
 	[stretch] - htslib <no-dsa> (Minor issue)
 	[jessie] - htslib <no-dsa> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/issues/731#issuecomment-403681105
-CVE-2018-13844
+CVE-2018-13844 (An issue has been found in HTSlib 1.8. It is a memory leak in fai_read ...)
 	- htslib 1.9-2 (low)
 	[stretch] - htslib <no-dsa> (Minor issue)
 	[jessie] - htslib <no-dsa> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/issues/731#issuecomment-403675330
-CVE-2018-13843
+CVE-2018-13843 (** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory l ...)
 	- htslib 1.9-2 (low)
 	[stretch] - htslib <no-dsa> (Minor issue)
 	[jessie] - htslib <no-dsa> (Minor issue)
@@ -18459,15 +18459,15 @@ CVE-2018-13838
 	RESERVED
 CVE-2018-13837
 	RESERVED
-CVE-2018-13836
+CVE-2018-13836 (An integer overflow vulnerability exists in the function multiTransfer ...)
 	NOT-FOR-US: Rocket Coin (XRC)
 CVE-2018-13835
 	RESERVED
 CVE-2018-13834
 	RESERVED
-CVE-2018-13833
+CVE-2018-13833 (An issue was discovered in cmft through 2017-09-24. The cmft::rwReadFi ...)
 	NOT-FOR-US: cmft
-CVE-2018-13832
+CVE-2018-13832 (Multiple Persistent cross-site scripting (XSS) issues in the Techotron ...)
 	NOT-FOR-US: Techotronic all-in-one-favicon (aka All In One Favicon) plugin for WordPress
 CVE-2018-13831
 	RESERVED
@@ -18479,23 +18479,23 @@ CVE-2018-13828
 	REJECTED
 CVE-2018-13827
 	REJECTED
-CVE-2018-13826
+CVE-2018-13826 (An XML external entity vulnerability in the XOG functionality, in CA P ...)
 	NOT-FOR-US: CA PPM
-CVE-2018-13825
+CVE-2018-13825 (Insufficient input validation in the gridExcelExport functionality, in ...)
 	NOT-FOR-US: CA PPM
-CVE-2018-13824
+CVE-2018-13824 (Insufficient input sanitization of two parameters in CA PPM 14.3 and b ...)
 	NOT-FOR-US: CA PPM
-CVE-2018-13823
+CVE-2018-13823 (An XML external entity vulnerability in the XOG functionality, in CA P ...)
 	NOT-FOR-US: CA PPM
-CVE-2018-13822
+CVE-2018-13822 (Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15. ...)
 	NOT-FOR-US: CA PPM
-CVE-2018-13821
+CVE-2018-13821 (A lack of authentication, in CA Unified Infrastructure Management 8.5. ...)
 	NOT-FOR-US: CA Unified Infrastructure Management
-CVE-2018-13820
+CVE-2018-13820 (A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, ...)
 	NOT-FOR-US: CA Unified Infrastructure Management
-CVE-2018-13819
+CVE-2018-13819 (A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, ...)
 	NOT-FOR-US: CA Unified Infrastructure Management
-CVE-2018-13818
+CVE-2018-13818 (** DISPUTED ** Twig before 2.4.4 allows Server-Side Template Injection ...)
 	- twig 2.4.4-2 (unimportant)
 	NOTE: Fixed upstream in 2.4.4
 	NOTE: Vendor of Twig disputes issue as Twig itself is not a web application and
@@ -18503,17 +18503,17 @@ CVE-2018-13818
 	NOTE: input to it.
 CVE-2018-13817
 	RESERVED
-CVE-2018-13816
+CVE-2018-13816 (A vulnerability has been identified in TIM 1531 IRC (All version &lt;  ...)
 	NOT-FOR-US: Siemens TIM 1531 IRC Modules
-CVE-2018-13815
+CVE-2018-13815 (A vulnerability has been identified in SIMATIC S7-1200 (All versions), ...)
 	NOT-FOR-US: Siemens
-CVE-2018-13814
+CVE-2018-13814 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...)
 	NOT-FOR-US: Siemens
-CVE-2018-13813
+CVE-2018-13813 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...)
 	NOT-FOR-US: Siemens
-CVE-2018-13812
+CVE-2018-13812 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...)
 	NOT-FOR-US: Siemens
-CVE-2018-13811
+CVE-2018-13811 (A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (Al ...)
 	NOT-FOR-US: Siemens
 CVE-2018-13810
 	RESERVED
@@ -18521,27 +18521,27 @@ CVE-2018-13809
 	RESERVED
 CVE-2018-13808
 	RESERVED
-CVE-2018-13807
+CVE-2018-13807 (A vulnerability has been identified in SCALANCE X300 (All versions &lt ...)
 	NOT-FOR-US: Siemens
-CVE-2018-13806
+CVE-2018-13806 (A vulnerability has been identified in SIEMENS TD Keypad Designer (All ...)
 	NOT-FOR-US: Siemens
-CVE-2018-13805
+CVE-2018-13805 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...)
 	NOT-FOR-US: SIMATIC
-CVE-2018-13804
+CVE-2018-13804 (A vulnerability has been identified in SIMATIC IT LMS (All versions),  ...)
 	NOT-FOR-US: Siemens
 CVE-2018-13803
 	RESERVED
-CVE-2018-13802
+CVE-2018-13802 (A vulnerability has been identified in ROX II (All versions &lt; V2.12 ...)
 	NOT-FOR-US: Siemens / ROX II
-CVE-2018-13801
+CVE-2018-13801 (A vulnerability has been identified in ROX II (All versions &lt; V2.12 ...)
 	NOT-FOR-US: Siemens / ROX II
-CVE-2018-13800
+CVE-2018-13800 (A vulnerability has been identified in SIMATIC S7-1200 CPU family vers ...)
 	NOT-FOR-US: SIMATIC
-CVE-2018-13799
+CVE-2018-13799 (A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prio ...)
 	NOT-FOR-US: SIMATIC
 CVE-2018-13798
 	RESERVED
-CVE-2018-13796
+CVE-2018-13796 (An issue was discovered in GNU Mailman before 2.1.28. A crafted URL ca ...)
 	{DLA-1442-1}
 	- mailman 1:2.1.27-1.1 (bug #903674)
 	[stretch] - mailman 1:2.1.23-1+deb9u4
@@ -18552,716 +18552,716 @@ CVE-2018-13796
 	NOTE: Needs as well a further regression fix as per
 	NOTE: https://bugs.launchpad.net/mailman/+bug/1783417
 	NOTE: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1798
-CVE-2018-13797
+CVE-2018-13797 (The macaddress module before 0.2.9 for Node.js is prone to an arbitrar ...)
 	- node-macaddress 0.2.9-1 (unimportant)
 	NOTE: https://github.com/scravy/node-macaddress/pull/20
 	NOTE: nodejs not covered by security support
-CVE-2018-13795
+CVE-2018-13795 (Gravity before 0.5.1 does not support a maximum recursion depth. ...)
 	NOT-FOR-US: Gravity
-CVE-2018-13794
+CVE-2018-13794 (A heap-based buffer overflow exists in stbi__bmp_load_cont in stb_imag ...)
 	- catimg 2.5.0-1 (bug #903711)
 	NOTE: https://github.com/posva/catimg/issues/34
 	NOTE: Upstream fixed the issue by updating the stb_image copy to v2.19.
 	NOTE: https://github.com/posva/catimg/pull/41
-CVE-2018-13793
+CVE-2018-13793 (Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP ...)
 	NOT-FOR-US: ABBYY FlexiCapture
-CVE-2018-13792
+CVE-2018-13792 (Multiple SQL injection vulnerabilities in the monitoring feature in th ...)
 	NOT-FOR-US: ABBYY FlexiCapture
-CVE-2018-13791
+CVE-2018-13791 (The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows ...)
 	NOT-FOR-US: ABBYY FlexiCapture
-CVE-2018-13790
+CVE-2018-13790 (A Server Side Request Forgery (SSRF) vulnerability in tools/files/impo ...)
 	NOT-FOR-US: concrete5
-CVE-2018-13789
+CVE-2018-13789 (An issue was discovered in Descor Infocad FM before 3.1.0.0. An unauth ...)
 	NOT-FOR-US: Descor Infocad FM
 CVE-2018-13788
 	RESERVED
-CVE-2018-1000623
+CVE-2018-1000623 (JFrog JFrog Artifactory version Prior to version 6.0.3, since version  ...)
 	NOT-FOR-US: JFrog JFrog Artifactory
-CVE-2018-1000621
+CVE-2018-1000621 (Mycroft AI mycroft-core version 18.2.8b and earlier contains a Incorre ...)
 	NOT-FOR-US: Mycroft AI mycroft-core
-CVE-2018-1000620
+CVE-2018-1000620 (Eran Hammer cryptiles version 4.1.1 earlier contains a CWE-331: Insuff ...)
 	NOT-FOR-US: Eran Hammer cryptiles
-CVE-2018-1000619
+CVE-2018-1000619 (Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input  ...)
 	NOT-FOR-US: Ovidentia
-CVE-2018-1000618
+CVE-2018-1000618 (EOSIO/eos eos version after commit f1545dd0ae2b77580c2236fdb70ae7138d2 ...)
 	NOT-FOR-US: EOSIO/eos
-CVE-2018-1000617
+CVE-2018-1000617 (Atlassian Floodlight Atlassian Floodlight Controller version 1.2 and e ...)
 	NOT-FOR-US: Atlassian Floodlight Atlassian Floodlight Controller
-CVE-2018-1000616
+CVE-2018-1000616 (ONOS ONOS controller version 1.13.1 and earlier contains a XML Externa ...)
 	NOT-FOR-US: ONOS
-CVE-2018-1000615
+CVE-2018-1000615 (ONOS ONOS Controller version 1.13.1 and earlier contains a Denial of S ...)
 	NOT-FOR-US: ONOS
-CVE-2018-1000614
+CVE-2018-1000614 (ONOS ONOS Controller version 1.13.1 and earlier contains a XML Externa ...)
 	NOT-FOR-US: ONOS
-CVE-2018-1000613
+CVE-2018-1000613 (Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptogra ...)
 	- bouncycastle 1.60-1 (low)
 	[stretch] - bouncycastle <not-affected> (XMSS/XMSS^MT algorithms were first introduced in BC >= 1.57)
 	[jessie] - bouncycastle <not-affected> (XMSS/XMSS^MT algorithms were first introduced in BC >= 1.57)
 	NOTE: https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574
 	NOTE: https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc
-CVE-2018-1000611
+CVE-2018-1000611 (SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 contains a Cross ...)
 	NOT-FOR-US: SURFnet OpenConext EngineBlock
-CVE-2018-1000622
+CVE-2018-1000622 (The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 c ...)
 	- rustc 1.27.1+dfsg1-1~exp1
 	[stretch] - rustc <ignored> (Minor issue, can be fixed along in future rustc update for ESR69)
 	[jessie] - rustc <ignored> (Minor issue)
 	NOTE: https://groups.google.com/forum/#!topic/rustlang-security-announcements/4ybxYLTtXuM
-CVE-2018-13787
+CVE-2018-13787 (Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and  ...)
 	NOT-FOR-US: Supermicro
 CVE-2018-13786
 	RESERVED
-CVE-2018-13785
+CVE-2018-13785 (In libpng 1.6.34, a wrong calculation of row_factor in the png_check_c ...)
 	- libpng1.6 1.6.34-2 (bug #903430)
 	[stretch] - libpng1.6 <not-affected> (Issue with wrong calculation of row_factor introduced after 1.6.32beta08)
 	NOTE: https://github.com/glennrp/libpng/commit/8a05766cb74af05c04c53e6c9d60c13fc4d59bf2
 	NOTE: https://sourceforge.net/p/libpng/bugs/278/
-CVE-2018-13784
+CVE-2018-13784 (PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie  ...)
 	NOT-FOR-US: PrestaShop
 CVE-2018-1000612
 	REJECTED
-CVE-2018-13783
+CVE-2018-13783 (The mintToken function of a smart contract implementation for JiucaiTo ...)
 	NOT-FOR-US: smart contract implementation for JiucaiToken
-CVE-2018-13782
+CVE-2018-13782 (The mintToken function of a smart contract implementation for ENTER (E ...)
 	NOT-FOR-US: smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin)
-CVE-2018-13781
+CVE-2018-13781 (The mintToken function of a smart contract implementation for MyYLC, a ...)
 	NOT-FOR-US: smart contract implementation for MyYLC
-CVE-2018-13780
+CVE-2018-13780 (The mintToken function of a smart contract implementation for ESH, an  ...)
 	NOT-FOR-US: smart contract implementation for ESH
-CVE-2018-13779
+CVE-2018-13779 (The mintToken function of a smart contract implementation for YLCToken ...)
 	NOT-FOR-US: smart contract implementation for YLCToken
-CVE-2018-13778
+CVE-2018-13778 (The mintToken function of a smart contract implementation for CGCToken ...)
 	NOT-FOR-US: smart contract implementation for CGCToken
-CVE-2018-13777
+CVE-2018-13777 (The mintToken function of a smart contract implementation for RRToken, ...)
 	NOT-FOR-US: smart contract implementation for RRToken
-CVE-2018-13776
+CVE-2018-13776 (The mintToken function of a smart contract implementation for AppleTok ...)
 	NOT-FOR-US: smart contract implementation for AppleToken
-CVE-2018-13775
+CVE-2018-13775 (The mintToken function of a smart contract implementation for RCKT_Coi ...)
 	NOT-FOR-US: smart contract implementation for RCKT_Coin
-CVE-2018-13774
+CVE-2018-13774 (The mintToken function of a smart contract implementation for Bitstart ...)
 	NOT-FOR-US: smart contract implementation for Bitstarti
-CVE-2018-13773
+CVE-2018-13773 (The mintToken function of a smart contract implementation for Enterpri ...)
 	NOT-FOR-US: smart contract implementation for Enterprise Token Ecosystem (ETE) (Contract Name: NetkillerToken)
-CVE-2018-13772
+CVE-2018-13772 (The mintToken function of a smart contract implementation for TheFlash ...)
 	NOT-FOR-US: smart contract implementation for TheFlashToken
-CVE-2018-13771
+CVE-2018-13771 (The mintToken function of a smart contract implementation for ExacoreC ...)
 	NOT-FOR-US: smart contract implementation for ExacoreContract
-CVE-2018-13770
+CVE-2018-13770 (The mintToken function of a smart contract implementation for Ultimate ...)
 	NOT-FOR-US: smart contract implementation for UltimateCoin
-CVE-2018-13769
+CVE-2018-13769 (The mintToken function of a smart contract implementation for JeansTok ...)
 	NOT-FOR-US: smart contract implementation for JeansToken
-CVE-2018-13768
+CVE-2018-13768 (The mintToken function of a smart contract implementation for ZToken,  ...)
 	NOT-FOR-US: smart contract implementation for ZToken
-CVE-2018-13767
+CVE-2018-13767 (The mintToken function of a smart contract implementation for Cornerst ...)
 	NOT-FOR-US: smart contract implementation for Cornerstone
-CVE-2018-13766
+CVE-2018-13766 (The mintToken function of a smart contract implementation for Easticoi ...)
 	NOT-FOR-US: smart contract implementation for Easticoin
-CVE-2018-13765
+CVE-2018-13765 (The mintToken function of a smart contract implementation for LandCoin ...)
 	NOT-FOR-US: smart contract implementation for LandCoin
-CVE-2018-13764
+CVE-2018-13764 (The mintToken function of a smart contract implementation for BiquToke ...)
 	NOT-FOR-US: smart contract implementation for BiquToken
-CVE-2018-13763
+CVE-2018-13763 (The mintToken function of a smart contract implementation for Ublasti, ...)
 	NOT-FOR-US: smart contract implementation for Ublasti
-CVE-2018-13762
+CVE-2018-13762 (The mintToken function of a smart contract implementation for Yumerium ...)
 	NOT-FOR-US: smart contract implementation for Yumerium
-CVE-2018-13761
+CVE-2018-13761 (The mintToken function of a smart contract implementation for Netkille ...)
 	NOT-FOR-US: smart contract implementation for NetkillerAdvancedTokenAirDrop
-CVE-2018-13760
+CVE-2018-13760 (The mintToken function of a smart contract implementation for MoneyCha ...)
 	NOT-FOR-US: smart contract implementation for MoneyChainNet (MCN)
-CVE-2018-13759
+CVE-2018-13759 (The mintToken function of a smart contract implementation for BIGCAdva ...)
 	NOT-FOR-US: smart contract implementation for BIGCAdvancedToken
-CVE-2018-13758
+CVE-2018-13758 (The mintToken function of a smart contract implementation for LoliCoin ...)
 	NOT-FOR-US: smart contract implementation for LoliCoin
-CVE-2018-13757
+CVE-2018-13757 (The mintToken function of a smart contract implementation for Coinquer ...)
 	NOT-FOR-US: smart contract implementation for Coinquer
-CVE-2018-13756
+CVE-2018-13756 (The mintToken function of a smart contract implementation for CherryCo ...)
 	NOT-FOR-US: smart contract implementation for CherryCoinFoundation
-CVE-2018-13755
+CVE-2018-13755 (The mintToken function of a smart contract implementation for OTAKUTok ...)
 	NOT-FOR-US: smart contract implementation for OTAKUToken
-CVE-2018-13754
+CVE-2018-13754 (The mintToken function of a smart contract implementation for Cryptosi ...)
 	NOT-FOR-US: smart contract implementation for CryptosisToken
-CVE-2018-13753
+CVE-2018-13753 (The mintToken function of a smart contract implementation for DeWeiSec ...)
 	NOT-FOR-US: smart contract implementation for DeWeiSecurityServiceToken
-CVE-2018-13752
+CVE-2018-13752 (The mintToken function of a smart contract implementation for Thread,  ...)
 	NOT-FOR-US: smart contract implementation for Thread
-CVE-2018-13751
+CVE-2018-13751 (The mintToken function of a smart contract implementation for JustWall ...)
 	NOT-FOR-US: smart contract implementation for JustWallet
-CVE-2018-13750
+CVE-2018-13750 (The mintToken function of a smart contract implementation for RichiumT ...)
 	NOT-FOR-US: smart contract implementation for RichiumToken
-CVE-2018-13749
+CVE-2018-13749 (The mintToken function of a smart contract implementation for FinalTok ...)
 	NOT-FOR-US: smart contract implementation for FinalToken
-CVE-2018-13748
+CVE-2018-13748 (The mintToken function of a smart contract implementation for CarToken ...)
 	NOT-FOR-US: smart contract implementation for CarToken
-CVE-2018-13747
+CVE-2018-13747 (The mintToken function of a smart contract implementation for VanMinhC ...)
 	NOT-FOR-US: smart contract implementation for VanMinhCoin
-CVE-2018-13746
+CVE-2018-13746 (The mintToken function of a smart contract implementation for kBit, an ...)
 	NOT-FOR-US: smart contract implementation for kBit
-CVE-2018-13745
+CVE-2018-13745 (The mintToken function of a smart contract implementation for STCToken ...)
 	NOT-FOR-US: smart contract implementation for STCToken
-CVE-2018-13744
+CVE-2018-13744 (The mintToken function of a smart contract implementation for Crowdnex ...)
 	NOT-FOR-US: smart contract implementation for Crowdnext (CNX)
-CVE-2018-13743
+CVE-2018-13743 (The mintToken function of a smart contract implementation for SuperEne ...)
 	NOT-FOR-US: smart contract implementation for SuperEnergy (SEC)
-CVE-2018-13742
+CVE-2018-13742 (The mintToken function of a smart contract implementation for tickets  ...)
 	NOT-FOR-US: smart contract implementation for tickets (TKT)
-CVE-2018-13741
+CVE-2018-13741 (The mintToken function of a smart contract implementation for ABLGenes ...)
 	NOT-FOR-US: smart contract implementation for ABLGenesisToken
-CVE-2018-13740
+CVE-2018-13740 (The mintToken function of a smart contract implementation for OneChain ...)
 	NOT-FOR-US: smart contract implementation for OneChain
-CVE-2018-13739
+CVE-2018-13739 (The mintToken function of a smart contract implementation for dopnetwo ...)
 	NOT-FOR-US: smart contract implementation for dopnetwork
-CVE-2018-13738
+CVE-2018-13738 (The mintToken function of a smart contract implementation for PELOCoin ...)
 	NOT-FOR-US: smart contract implementation for PELOCoinToken
-CVE-2018-13737
+CVE-2018-13737 (The mintToken function of a smart contract implementation for AnovaBac ...)
 	NOT-FOR-US: smart contract implementation for AnovaBace
-CVE-2018-13736
+CVE-2018-13736 (The mintToken function of a smart contract implementation for ELearnin ...)
 	NOT-FOR-US: smart contract implementation for ELearningCoinERC
-CVE-2018-13735
+CVE-2018-13735 (The mintToken function of a smart contract implementation for ENTER (E ...)
 	NOT-FOR-US: smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken)
-CVE-2018-13734
+CVE-2018-13734 (The mintToken function of a smart contract implementation for AZTToken ...)
 	NOT-FOR-US: smart contract implementation for AZTToken
-CVE-2018-13733
+CVE-2018-13733 (The mintToken function of a smart contract implementation for ProjectJ ...)
 	NOT-FOR-US: smart contract implementation for ProjectJ
-CVE-2018-13732
+CVE-2018-13732 (The mintToken function of a smart contract implementation for RiptideC ...)
 	NOT-FOR-US: smart contract implementation for RiptideCoin (RIPT)
-CVE-2018-13731
+CVE-2018-13731 (The mintToken function of a smart contract implementation for TokenMAC ...)
 	NOT-FOR-US: smart contract implementation for TokenMACHU
-CVE-2018-13730
+CVE-2018-13730 (The mintToken function of a smart contract implementation for HEY, an  ...)
 	NOT-FOR-US: smart contract implementation for HEY
-CVE-2018-13729
+CVE-2018-13729 (The mintToken function of a smart contract implementation for JPMD100B ...)
 	NOT-FOR-US: smart contract implementation for JPMD100B
-CVE-2018-13728
+CVE-2018-13728 (The mintToken function of a smart contract implementation for JixoCoin ...)
 	NOT-FOR-US: smart contract implementation for JixoCoin
-CVE-2018-13727
+CVE-2018-13727 (The mintToken function of a smart contract implementation for Eastcoin ...)
 	NOT-FOR-US: smart contract implementation for Eastcoin
-CVE-2018-13726
+CVE-2018-13726 (The mintToken function of a smart contract implementation for ISeeVoic ...)
 	NOT-FOR-US: smart contract implementation for ISeeVoiceToken
-CVE-2018-13725
+CVE-2018-13725 (The mintToken function of a smart contract implementation for GlobalSu ...)
 	NOT-FOR-US: smart contract implementation for GlobalSuperGameToken
-CVE-2018-13724
+CVE-2018-13724 (The mint function of a smart contract implementation for HYIPCrowdsale ...)
 	NOT-FOR-US: smart contract implementation for HYIPCrowdsale1
-CVE-2018-13723
+CVE-2018-13723 (The mintToken function of a smart contract implementation for SERVVIZI ...)
 	NOT-FOR-US: smart contract implementation for SERVVIZIOToken
-CVE-2018-13722
+CVE-2018-13722 (The mint function of a smart contract implementation for HYIPToken, an ...)
 	NOT-FOR-US: smart contract implementation for HYIPToken
-CVE-2018-13721
+CVE-2018-13721 (The mintToken function of a smart contract implementation for GoMineWo ...)
 	NOT-FOR-US: smart contract implementation for GoMineWorld
-CVE-2018-13720
+CVE-2018-13720 (The mintToken function of a smart contract implementation for Antoken, ...)
 	NOT-FOR-US: smart contract implementation for Antoken
-CVE-2018-13719
+CVE-2018-13719 (The mintToken function of a smart contract implementation for BiteduTo ...)
 	NOT-FOR-US: smart contract implementation for BiteduToken
-CVE-2018-13718
+CVE-2018-13718 (The mintToken function of a smart contract implementation for FuturXe, ...)
 	NOT-FOR-US: smart contract implementation for FuturXe
-CVE-2018-13717
+CVE-2018-13717 (The mintToken function of a smart contract implementation for Hormitec ...)
 	NOT-FOR-US: smart contract implementation for HormitechToken
-CVE-2018-13716
+CVE-2018-13716 (The mintToken function of a smart contract implementation for sexhdsol ...)
 	NOT-FOR-US: smart contract implementation for sexhdsolo
-CVE-2018-13715
+CVE-2018-13715 (The mintToken function of a smart contract implementation for BpsToken ...)
 	NOT-FOR-US: smart contract implementation for BpsToken
-CVE-2018-13714
+CVE-2018-13714 (The mintToken function of a smart contract implementation for CM, an E ...)
 	NOT-FOR-US: smart contract implementation for CM
-CVE-2018-13713
+CVE-2018-13713 (The mintToken function of a smart contract implementation for Tradesma ...)
 	NOT-FOR-US: smart contract implementation for Tradesman
-CVE-2018-13712
+CVE-2018-13712 (The mintToken function of a smart contract implementation for PMET, an ...)
 	NOT-FOR-US: smart contract implementation for PMET
-CVE-2018-13711
+CVE-2018-13711 (The mintToken function of a smart contract implementation for Databits ...)
 	NOT-FOR-US: smart contract implementation for Databits
-CVE-2018-13710
+CVE-2018-13710 (The mintToken function of a smart contract implementation for Mjolnir, ...)
 	NOT-FOR-US: smart contract implementation for Mjolnir
-CVE-2018-13709
+CVE-2018-13709 (The mintToken function of a smart contract implementation for Tube, an ...)
 	NOT-FOR-US: smart contract implementation for Tube
-CVE-2018-13708
+CVE-2018-13708 (The mintToken function of a smart contract implementation for Order (E ...)
 	NOT-FOR-US: smart contract implementation for Order (ETH) (Contract Name: BuyToken)
-CVE-2018-13707
+CVE-2018-13707 (The mintToken function of a smart contract implementation for YSS, an  ...)
 	NOT-FOR-US: smart contract implementation for YSS
-CVE-2018-13706
+CVE-2018-13706 (The mintToken function of a smart contract implementation for IdeaCoin ...)
 	NOT-FOR-US: smart contract implementation for IdeaCoin
-CVE-2018-13705
+CVE-2018-13705 (The mintToken function of a smart contract implementation for PMHToken ...)
 	NOT-FOR-US: smart contract implementation for PMHToken
-CVE-2018-13704
+CVE-2018-13704 (The mintToken function of a smart contract implementation for eddToken ...)
 	NOT-FOR-US: smart contract implementation for eddToken
-CVE-2018-13703
+CVE-2018-13703 (The mintToken function of a smart contract implementation for CERB_Coi ...)
 	NOT-FOR-US: smart contract implementation for CERB_Coin
-CVE-2018-13702
+CVE-2018-13702 (The mintToken function of a smart contract implementation for Essence, ...)
 	NOT-FOR-US: smart contract implementation for Essence
-CVE-2018-13701
+CVE-2018-13701 (The mintToken function of a smart contract implementation for KissMe,  ...)
 	NOT-FOR-US: smart contract implementation for KissMe
-CVE-2018-13700
+CVE-2018-13700 (The mintToken function of a smart contract implementation for IPMCoin, ...)
 	NOT-FOR-US: smart contract implementation for IPMCoin
-CVE-2018-13699
+CVE-2018-13699 (The mintToken function of a smart contract implementation for DestiNee ...)
 	NOT-FOR-US: smart contract implementation for DestiNeed (DSN)
-CVE-2018-13698
+CVE-2018-13698 (The mintTokens function of a smart contract implementation for Play2Li ...)
 	NOT-FOR-US: smart contract implementation for Play2LivePromo
-CVE-2018-13697
+CVE-2018-13697 (The mintToken function of a smart contract implementation for RobotBTC ...)
 	NOT-FOR-US: smart contract implementation for RobotBTC
-CVE-2018-13696
+CVE-2018-13696 (The mintToken function of a smart contract implementation for RedTicke ...)
 	NOT-FOR-US: smart contract implementation for RedTicket
-CVE-2018-13695
+CVE-2018-13695 (The mint function of a smart contract implementation for CTest7, an Et ...)
 	NOT-FOR-US: smart contract implementation for CTest7
-CVE-2018-13694
+CVE-2018-13694 (The mintToken function of a smart contract implementation for GMile, a ...)
 	NOT-FOR-US: smart contract implementation for GMile
-CVE-2018-13693
+CVE-2018-13693 (The mintToken function of a smart contract implementation for GreenEne ...)
 	NOT-FOR-US: smart contract implementation for GreenEnergyToken
-CVE-2018-13692
+CVE-2018-13692 (The mintToken function of a smart contract implementation for MehdiTAZ ...)
 	NOT-FOR-US: smart contract implementation for MehdiTAZIToken
-CVE-2018-13691
+CVE-2018-13691 (The mintToken function of a smart contract implementation for R Time T ...)
 	NOT-FOR-US: smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain)
-CVE-2018-13690
+CVE-2018-13690 (The mintToken function of a smart contract implementation for Instacoc ...)
 	NOT-FOR-US: smart contract implementation for Instacocoa
-CVE-2018-13689
+CVE-2018-13689 (The mintToken function of a smart contract implementation for CJXToken ...)
 	NOT-FOR-US: smart contract implementation for CJXToken
-CVE-2018-13688
+CVE-2018-13688 (The mintToken function of a smart contract implementation for MallToke ...)
 	NOT-FOR-US: smart contract implementation for MallToken
-CVE-2018-13687
+CVE-2018-13687 (The mintToken function of a smart contract implementation for normikai ...)
 	NOT-FOR-US: smart contract implementation for normikaivo
-CVE-2018-13686
+CVE-2018-13686 (The mintToken function of a smart contract implementation for ICO Doll ...)
 	NOT-FOR-US: smart contract implementation for ICO Dollar (ICOD)
-CVE-2018-13685
+CVE-2018-13685 (The mintToken function of a smart contract implementation for Vornox ( ...)
 	NOT-FOR-US: smart contract implementation for Vornox (VRX) (Contract Name: VornoxCoinToken)
-CVE-2018-13684
+CVE-2018-13684 (The mintToken function of a smart contract implementation for ZIP, an  ...)
 	NOT-FOR-US: smart contract implementation for ZIP
-CVE-2018-13683
+CVE-2018-13683 (The mintToken function of a smart contract implementation for exsulcoi ...)
 	NOT-FOR-US: smart contract implementation for exsulcoin
-CVE-2018-13682
+CVE-2018-13682 (The mintToken function of a smart contract implementation for ViteMone ...)
 	NOT-FOR-US: smart contract implementation for ViteMoneyCoin
-CVE-2018-13681
+CVE-2018-13681 (The mintToken function of a smart contract implementation for SOSCoin, ...)
 	NOT-FOR-US: smart contract implementation for SOSCoin
-CVE-2018-13680
+CVE-2018-13680 (The mintToken function of a smart contract implementation for LexitTok ...)
 	NOT-FOR-US: smart contract implementation for LexitToken
-CVE-2018-13679
+CVE-2018-13679 (The mintToken function of a smart contract implementation for ZPEcoin, ...)
 	NOT-FOR-US: smart contract implementation for ZPEcoin
-CVE-2018-13678
+CVE-2018-13678 (The mintToken function of a smart contract implementation for Lottery, ...)
 	NOT-FOR-US: smart contract implementation for Lottery
-CVE-2018-13677
+CVE-2018-13677 (The mintToken function of a smart contract implementation for Goochain ...)
 	NOT-FOR-US: smart contract implementation for Goochain
-CVE-2018-13676
+CVE-2018-13676 (The mintToken function of a smart contract implementation for Orderboo ...)
 	NOT-FOR-US: smart contract implementation for Orderbook Presale Token (OBP)
-CVE-2018-13675
+CVE-2018-13675 (The mintToken function of a smart contract implementation for YAMBYO,  ...)
 	NOT-FOR-US: smart contract implementation for YAMBYO
-CVE-2018-13674
+CVE-2018-13674 (The mintToken function of a smart contract implementation for ComBillA ...)
 	NOT-FOR-US: smart contract implementation for ComBillAdvancedToken
-CVE-2018-13673
+CVE-2018-13673 (The mintToken function of a smart contract implementation for GoldToke ...)
 	NOT-FOR-US: smart contract implementation for GoldTokenERC20
-CVE-2018-13672
+CVE-2018-13672 (The mintToken function of a smart contract implementation for OBTCoin, ...)
 	NOT-FOR-US: smart contract implementation for OBTCoin
-CVE-2018-13671
+CVE-2018-13671 (The mintToken function of a smart contract implementation for Dinstein ...)
 	NOT-FOR-US: smart contract implementation for DinsteinCoin
-CVE-2018-13670
+CVE-2018-13670 (The mintToken function of a smart contract implementation for GFCB, an ...)
 	NOT-FOR-US: smart contract implementation for GFCB
-CVE-2018-13669
+CVE-2018-13669 (The mintToken function of a smart contract implementation for NCU, an  ...)
 	NOT-FOR-US: smart contract implementation for NCU
-CVE-2018-13668
+CVE-2018-13668 (The mintToken function of a smart contract implementation for BTPCoin, ...)
 	NOT-FOR-US: smart contract implementation for BTPCoin
-CVE-2018-13667
+CVE-2018-13667 (The mintToken function of a smart contract implementation for UTBToken ...)
 	NOT-FOR-US: smart contract implementation for UTBTokenTest
-CVE-2018-13666
+CVE-2018-13666 (The mintToken function of a smart contract implementation for Eristica ...)
 	NOT-FOR-US: smart contract implementation for EristicaICO
-CVE-2018-13665
+CVE-2018-13665 (The mintToken function of a smart contract implementation for BCaaS, a ...)
 	NOT-FOR-US: smart contract implementation for BCaaS
-CVE-2018-13664
+CVE-2018-13664 (The mintToken function of a smart contract implementation for CWS, an  ...)
 	NOT-FOR-US: smart contract implementation for CWS
-CVE-2018-13663
+CVE-2018-13663 (The mintToken function of a smart contract implementation for BSCToken ...)
 	NOT-FOR-US: smart contract implementation for BSCToken
-CVE-2018-13662
+CVE-2018-13662 (The mintToken function of a smart contract implementation for WorldOpc ...)
 	NOT-FOR-US: smart contract implementation for WorldOpctionChain
-CVE-2018-13661
+CVE-2018-13661 (The mintToken function of a smart contract implementation for APP, an  ...)
 	NOT-FOR-US: smart contract implementation for APP
-CVE-2018-13660
+CVE-2018-13660 (The mint function of a smart contract implementation for BillionReward ...)
 	NOT-FOR-US: smart contract implementation for BillionRewardsToken
-CVE-2018-13659
+CVE-2018-13659 (The mintToken function of a smart contract implementation for BrianCoi ...)
 	NOT-FOR-US: smart contract implementation for BrianCoin
-CVE-2018-13658
+CVE-2018-13658 (The mintToken function of a smart contract implementation for TheGoDgi ...)
 	NOT-FOR-US: smart contract implementation for TheGoDgital
-CVE-2018-13657
+CVE-2018-13657 (The mintToken function of a smart contract implementation for Rice, an ...)
 	NOT-FOR-US: smart contract implementation for Rice
-CVE-2018-13656
+CVE-2018-13656 (The mintToken function of a smart contract implementation for Sample T ...)
 	NOT-FOR-US: smart contract implementation for Sample Token (STK) (Contract Name: cashBackMintable)
-CVE-2018-13655
+CVE-2018-13655 (The mintToken function of a smart contract implementation for GFC, an  ...)
 	NOT-FOR-US: smart contract implementation for GFC
-CVE-2018-13654
+CVE-2018-13654 (The mintToken function of a smart contract implementation for ESTSToke ...)
 	NOT-FOR-US: smart contract implementation for ESTSToken
-CVE-2018-13653
+CVE-2018-13653 (The mintToken function of a smart contract implementation for ipshoots ...)
 	NOT-FOR-US: smart contract implementation for ipshoots
-CVE-2018-13652
+CVE-2018-13652 (The mintToken function of a smart contract implementation for TheGoDig ...)
 	NOT-FOR-US: smart contract implementation for TheGoDigital
-CVE-2018-13651
+CVE-2018-13651 (The mintToken function of a smart contract implementation for MicoinNe ...)
 	NOT-FOR-US: smart contract implementation for MicoinNetworkToken
-CVE-2018-13650
+CVE-2018-13650 (The mintToken function of a smart contract implementation for Bitmaxer ...)
 	NOT-FOR-US: smart contract implementation for BitmaxerToken
-CVE-2018-13649
+CVE-2018-13649 (The mintToken function of a smart contract implementation for Deploy,  ...)
 	NOT-FOR-US: smart contract implementation for Deploy
-CVE-2018-13648
+CVE-2018-13648 (The mintToken function of a smart contract implementation for BGC, an  ...)
 	NOT-FOR-US: smart contract implementation for BGC
-CVE-2018-13647
+CVE-2018-13647 (The mintToken function of a smart contract implementation for TrueGold ...)
 	NOT-FOR-US: smart contract implementation for TrueGoldCoinToken
-CVE-2018-13646
+CVE-2018-13646 (The mintToken function of a smart contract implementation for Datiac,  ...)
 	NOT-FOR-US: smart contract implementation for Datiac
-CVE-2018-13645
+CVE-2018-13645 (The mintToken function of a smart contract implementation for Fiocoin, ...)
 	NOT-FOR-US: smart contract implementation for Fiocoin
-CVE-2018-13644
+CVE-2018-13644 (The mintToken function of a smart contract implementation for RoyalCla ...)
 	NOT-FOR-US: smart contract implementation for RoyalClassicCoin
-CVE-2018-13643
+CVE-2018-13643 (The mintToken function of a smart contract implementation for GCRToken ...)
 	NOT-FOR-US: smart contract implementation for GCRTokenERC20
-CVE-2018-13642
+CVE-2018-13642 (The mintToken function of a smart contract implementation for SECoin,  ...)
 	NOT-FOR-US: smart contract implementation for SECoin
-CVE-2018-13641
+CVE-2018-13641 (The mintToken function of a smart contract implementation for MVGcoin, ...)
 	NOT-FOR-US: smart contract implementation for MVGcoin
-CVE-2018-13640
+CVE-2018-13640 (The mintToken function of a smart contract implementation for Ethereum ...)
 	NOT-FOR-US: smart contract implementation for EthereumSmart
-CVE-2018-13639
+CVE-2018-13639 (The mintToken function of a smart contract implementation for Virtual  ...)
 	NOT-FOR-US: smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20)
-CVE-2018-13638
+CVE-2018-13638 (The mintToken function of a smart contract implementation for Bitpark, ...)
 	NOT-FOR-US: smart contract implementation for Bitpark
-CVE-2018-13637
+CVE-2018-13637 (The mintToken function of a smart contract implementation for CikkaCoi ...)
 	NOT-FOR-US: smart contract implementation for CikkaCoin
-CVE-2018-13636
+CVE-2018-13636 (The mintToken function of a smart contract implementation for TurdCoin ...)
 	NOT-FOR-US: smart contract implementation for TurdCoin
-CVE-2018-13635
+CVE-2018-13635 (The mintToken function of a smart contract implementation for HBCM, an ...)
 	NOT-FOR-US: smart contract implementation for HBCM
-CVE-2018-13634
+CVE-2018-13634 (The mintToken function of a smart contract implementation for MediaCub ...)
 	NOT-FOR-US: smart contract implementation for MediaCubeToken
-CVE-2018-13633
+CVE-2018-13633 (The mintToken function of a smart contract implementation for Martcoin ...)
 	NOT-FOR-US: smart contract implementation for Martcoin
-CVE-2018-13632
+CVE-2018-13632 (The mintToken function of a smart contract implementation for NEXPARA, ...)
 	NOT-FOR-US: smart contract implementation for NEXPARA
-CVE-2018-13631
+CVE-2018-13631 (The mintToken function of a smart contract implementation for doccoin, ...)
 	NOT-FOR-US: smart contract implementation for doccoin
-CVE-2018-13630
+CVE-2018-13630 (The mintToken function of a smart contract implementation for DoccoinP ...)
 	NOT-FOR-US: smart contract implementation for DoccoinPreICO
-CVE-2018-13629
+CVE-2018-13629 (The mintToken function of a smart contract implementation for CrimsonS ...)
 	NOT-FOR-US: smart contract implementation for CrimsonShilling
-CVE-2018-13628
+CVE-2018-13628 (The mintToken function of a smart contract implementation for Momentum ...)
 	NOT-FOR-US: smart contract implementation for MomentumToken
-CVE-2018-13627
+CVE-2018-13627 (The mintToken function of a smart contract implementation for MyOffer, ...)
 	NOT-FOR-US: smart contract implementation for MyOffer
-CVE-2018-13626
+CVE-2018-13626 (The mintToken function of a smart contract implementation for SemainTo ...)
 	NOT-FOR-US: smart contract implementation for SemainToken
-CVE-2018-13625
+CVE-2018-13625 (The mintlvlToken function of a smart contract implementation for Krown ...)
 	NOT-FOR-US: smart contract implementation for Krown
-CVE-2018-13624
+CVE-2018-13624 (The mintToken function of a smart contract implementation for WXSLToke ...)
 	NOT-FOR-US: smart contract implementation for WXSLToken
-CVE-2018-13623
+CVE-2018-13623 (The mintToken function of a smart contract implementation for Airdropp ...)
 	NOT-FOR-US: smart contract implementation for AirdropperCryptics
-CVE-2018-13622
+CVE-2018-13622 (The mintToken function of a smart contract implementation for ObjectTo ...)
 	NOT-FOR-US: smart contract implementation for ObjectToken (OBJ)
-CVE-2018-13621
+CVE-2018-13621 (The mintToken function of a smart contract implementation for SoundTri ...)
 	NOT-FOR-US: smart contract implementation for SoundTribeToken
-CVE-2018-13620
+CVE-2018-13620 (The mintToken function of a smart contract implementation for TripCash ...)
 	NOT-FOR-US: smart contract implementation for TripCash
-CVE-2018-13619
+CVE-2018-13619 (The mintToken function of a smart contract implementation for MicoinTo ...)
 	NOT-FOR-US: smart contract implementation for MicoinToken
-CVE-2018-13618
+CVE-2018-13618 (The mintToken function of a smart contract implementation for VICETOKE ...)
 	NOT-FOR-US: smart contract implementation for VICETOKEN_ICO_IS_A_SCAM
-CVE-2018-13617
+CVE-2018-13617 (The mintToken function of a smart contract implementation for CAPTOZ,  ...)
 	NOT-FOR-US: smart contract implementation for CAPTOZ
-CVE-2018-13616
+CVE-2018-13616 (The mintToken function of a smart contract implementation for IOCT_Coi ...)
 	NOT-FOR-US: smart contract implementation for IOCT_Coin
-CVE-2018-13615
+CVE-2018-13615 (The mintToken function of a smart contract implementation for MJCToken ...)
 	NOT-FOR-US: smart contract implementation for MJCToken
-CVE-2018-13614
+CVE-2018-13614 (The mintToken function of a smart contract implementation for MAVCash, ...)
 	NOT-FOR-US: smart contract implementation for MAVCash
-CVE-2018-13613
+CVE-2018-13613 (The mintToken function of a smart contract implementation for CON0217, ...)
 	NOT-FOR-US: smart contract implementation for CON0217
-CVE-2018-13612
+CVE-2018-13612 (The mintToken function of a smart contract implementation for Robincoi ...)
 	NOT-FOR-US: smart contract implementation for Robincoin
-CVE-2018-13611
+CVE-2018-13611 (The mintToken function of a smart contract implementation for CDcurren ...)
 	NOT-FOR-US: smart contract implementation for CDcurrency
-CVE-2018-13610
+CVE-2018-13610 (The mintToken function of a smart contract implementation for Medicayu ...)
 	NOT-FOR-US: smart contract implementation for MedicayunLink
-CVE-2018-13609
+CVE-2018-13609 (The mintToken function of a smart contract implementation for CSAToken ...)
 	NOT-FOR-US: smart contract implementation for CSAToken
-CVE-2018-13608
+CVE-2018-13608 (The mintToken function of a smart contract implementation for archerco ...)
 	NOT-FOR-US: smart contract implementation for archercoin
-CVE-2018-13607
+CVE-2018-13607 (The mintToken function of a smart contract implementation for Residual ...)
 	NOT-FOR-US: smart contract implementation for ResidualShare
-CVE-2018-13606
+CVE-2018-13606 (The mintToken function of a smart contract implementation for ARChain, ...)
 	NOT-FOR-US: smart contract implementation for ARChain
-CVE-2018-13605
+CVE-2018-13605 (The mintToken function of a smart contract implementation for Extreme  ...)
 	NOT-FOR-US: smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken)
-CVE-2018-13604
+CVE-2018-13604 (The mintToken function of a smart contract implementation for wellieat ...)
 	NOT-FOR-US: smart contract implementation for wellieat
-CVE-2018-13603
+CVE-2018-13603 (The mintToken function of a smart contract implementation for Briant2T ...)
 	NOT-FOR-US: smart contract implementation for Briant2Token
-CVE-2018-13602
+CVE-2018-13602 (The mint function of a smart contract implementation for MiningToken,  ...)
 	NOT-FOR-US: smart contract implementation for MiningToken
-CVE-2018-13601
+CVE-2018-13601 (The mintToken function of a smart contract implementation for Galactic ...)
 	NOT-FOR-US: smart contract implementation for GalacticX
-CVE-2018-13600
+CVE-2018-13600 (The mintToken function of a smart contract implementation for AMToken, ...)
 	NOT-FOR-US: smart contract implementation for AMToken
-CVE-2018-13599
+CVE-2018-13599 (The mintToken function of a smart contract implementation for Residual ...)
 	NOT-FOR-US: smart contract implementation for ResidualValue
-CVE-2018-13598
+CVE-2018-13598 (The mintToken function of a smart contract implementation for SendMe,  ...)
 	NOT-FOR-US: smart contract implementation for SendMe
-CVE-2018-13597
+CVE-2018-13597 (The mintToken function of a smart contract implementation for testcoin ...)
 	NOT-FOR-US: smart contract implementation for testcoin
-CVE-2018-13596
+CVE-2018-13596 (The mintToken function of a smart contract implementation for TESTAhih ...)
 	NOT-FOR-US: smart contract implementation for TESTAhihi
-CVE-2018-13595
+CVE-2018-13595 (The mintToken function of a smart contract implementation for BitStore ...)
 	NOT-FOR-US: smart contract implementation for BitStore
-CVE-2018-13594
+CVE-2018-13594 (The mintToken function of a smart contract implementation for CardFact ...)
 	NOT-FOR-US: smart contract implementation for CardFactory
-CVE-2018-13593
+CVE-2018-13593 (The mintToken function of a smart contract implementation for CardToke ...)
 	NOT-FOR-US: smart contract implementation for CardToken
-CVE-2018-13592
+CVE-2018-13592 (The mintToken function of a smart contract implementation for RajTest, ...)
 	NOT-FOR-US: smart contract implementation for RajTest
-CVE-2018-13591
+CVE-2018-13591 (The mintToken function of a smart contract implementation for KAPcoin, ...)
 	NOT-FOR-US: smart contract implementation for KAPcoin
-CVE-2018-13590
+CVE-2018-13590 (The mintToken function of a smart contract implementation for SIPCOIN, ...)
 	NOT-FOR-US: smart contract implementation for SIPCOIN
-CVE-2018-13589
+CVE-2018-13589 (The mintToken function of a smart contract implementation for MooAdvTo ...)
 	NOT-FOR-US: smart contract implementation for MooAdvToken
-CVE-2018-13588
+CVE-2018-13588 (The mintToken function of a smart contract implementation for Code47 ( ...)
 	NOT-FOR-US: smart contract implementation for Code47 (C47)
-CVE-2018-13587
+CVE-2018-13587 (The mintToken function of a smart contract implementation for DECToken ...)
 	NOT-FOR-US: smart contract implementation for DECToken
-CVE-2018-13586
+CVE-2018-13586 (The mintToken function of a smart contract implementation for Nectar ( ...)
 	NOT-FOR-US: smart contract implementation for Nectar (NCTR)
-CVE-2018-13585
+CVE-2018-13585 (The mintToken function of a smart contract implementation for CHERRYCO ...)
 	NOT-FOR-US: smart contract implementation for CHERRYCOIN
-CVE-2018-13584
+CVE-2018-13584 (The mintToken function of a smart contract implementation for yasudem, ...)
 	NOT-FOR-US: smart contract implementation for yasudem
-CVE-2018-13583
+CVE-2018-13583 (The mintToken function of a smart contract implementation for Shmoo, a ...)
 	NOT-FOR-US: smart contract implementation for Shmoo
-CVE-2018-13582
+CVE-2018-13582 (The mintToken function of a smart contract implementation for My2Token ...)
 	NOT-FOR-US: smart contract implementation for My2Token
-CVE-2018-13581
+CVE-2018-13581 (The mintToken function of a smart contract implementation for TravelCo ...)
 	NOT-FOR-US: smart contract implementation for TravelCoin (TRV)
-CVE-2018-13580
+CVE-2018-13580 (The mintToken function of a smart contract implementation for Providen ...)
 	NOT-FOR-US: smart contract implementation for ProvidenceCasino (PVE)
-CVE-2018-13579
+CVE-2018-13579 (The mintToken function of a smart contract implementation for ForeverC ...)
 	NOT-FOR-US: smart contract implementation for ForeverCoin
-CVE-2018-13578
+CVE-2018-13578 (The mintToken function of a smart contract implementation for GalaxyCo ...)
 	NOT-FOR-US: smart contract implementation for GalaxyCoin
-CVE-2018-13577
+CVE-2018-13577 (The mintToken function of a smart contract implementation for ShitCoin ...)
 	NOT-FOR-US: smart contract implementation for ShitCoin (SHITC) (Contract Name: AdvancedShit)
-CVE-2018-13576
+CVE-2018-13576 (The mintToken function of a smart contract implementation for Escut (E ...)
 	NOT-FOR-US: smart contract implementation for Escut (ESCT) (Contract Name: JuntsPerCreixer)
-CVE-2018-13575
+CVE-2018-13575 (The mintToken function of a smart contract implementation for YESToken ...)
 	NOT-FOR-US: smart contract implementation for YESToken
-CVE-2018-13574
+CVE-2018-13574 (The mintToken function of a smart contract implementation for DataShie ...)
 	NOT-FOR-US: smart contract implementation for DataShieldCoin
-CVE-2018-13573
+CVE-2018-13573 (The mintToken function of a smart contract implementation for TripPay, ...)
 	NOT-FOR-US: smart contract implementation for TripPay
-CVE-2018-13572
+CVE-2018-13572 (The mintToken function of a smart contract implementation for PGM_Coin ...)
 	NOT-FOR-US: smart contract implementation for PGM_Coin
-CVE-2018-13571
+CVE-2018-13571 (The mintToken function of a smart contract implementation for GoramCoi ...)
 	NOT-FOR-US: smart contract implementation for GoramCoin
-CVE-2018-13570
+CVE-2018-13570 (The mint function of a smart contract implementation for kkTestCoin1 ( ...)
 	NOT-FOR-US: smart contract implementation for kkTestCoin1 (KTC1)
-CVE-2018-13569
+CVE-2018-13569 (The mintToken function of a smart contract implementation for HitToken ...)
 	NOT-FOR-US: smart contract implementation for HitToken
-CVE-2018-13568
+CVE-2018-13568 (The mintToken function of a smart contract implementation for MktCoin, ...)
 	NOT-FOR-US: smart contract implementation for MktCoin
-CVE-2018-13567
+CVE-2018-13567 (The mintToken function of a smart contract implementation for SDR, an  ...)
 	NOT-FOR-US: smart contract implementation for SDR
-CVE-2018-13566
+CVE-2018-13566 (The mintToken function of a smart contract implementation for RETNToke ...)
 	NOT-FOR-US: smart contract implementation for RETNToken
-CVE-2018-13565
+CVE-2018-13565 (The mintToken function of a smart contract implementation for Co2Bit,  ...)
 	NOT-FOR-US: smart contract implementation for Co2Bit
-CVE-2018-13564
+CVE-2018-13564 (The mintToken function of a smart contract implementation for GATcoin, ...)
 	NOT-FOR-US: smart contract implementation for GATcoin
-CVE-2018-13563
+CVE-2018-13563 (The mintToken function of a smart contract implementation for UPayToke ...)
 	NOT-FOR-US: smart contract implementation for UPayToken
-CVE-2018-13562
+CVE-2018-13562 (The mintToken function of a smart contract implementation for BMVCoin, ...)
 	NOT-FOR-US: smart contract implementation for BMVCoin
-CVE-2018-13561
+CVE-2018-13561 (The mintToken function of a smart contract implementation for YourCoin ...)
 	NOT-FOR-US: smart contract implementation for YourCoin (ICO) (Contract Name: ETH033)
-CVE-2018-13560
+CVE-2018-13560 (The mintToken function of a smart contract implementation for KelvinTo ...)
 	NOT-FOR-US: smart contract implementation for KelvinToken
-CVE-2018-13559
+CVE-2018-13559 (The mintToken function of a smart contract implementation for UTCT, an ...)
 	NOT-FOR-US: smart contract implementation for UTCT
-CVE-2018-13558
+CVE-2018-13558 (The mintToken function of a smart contract implementation for rhovit,  ...)
 	NOT-FOR-US: smart contract implementation for rhovit
-CVE-2018-13557
+CVE-2018-13557 (The mintToken function of a smart contract implementation for Trabet_C ...)
 	NOT-FOR-US: smart contract implementation for Trabet_Coin
-CVE-2018-13556
+CVE-2018-13556 (The mintToken function of a smart contract implementation for COSMOTok ...)
 	NOT-FOR-US: smart contract implementation for COSMOTokenERC20
-CVE-2018-13555
+CVE-2018-13555 (The mintToken function of a smart contract implementation for JaxBox,  ...)
 	NOT-FOR-US: smart contract implementation for JaxBox
-CVE-2018-13554
+CVE-2018-13554 (The mintToken function of a smart contract implementation for MoneyTre ...)
 	NOT-FOR-US: smart contract implementation for MoneyTree (TREE)
-CVE-2018-13553
+CVE-2018-13553 (The mintToken function of a smart contract implementation for Micro BT ...)
 	NOT-FOR-US: smart contract implementation for Micro BTC (MBTC)
-CVE-2018-13552
+CVE-2018-13552 (The mintToken function of a smart contract implementation for Trabet_C ...)
 	NOT-FOR-US: smart contract implementation for Trabet_Coin_PreICO
-CVE-2018-13551
+CVE-2018-13551 (The mintToken function of a smart contract implementation for Bgamecoi ...)
 	NOT-FOR-US: smart contract implementation for Bgamecoin
-CVE-2018-13550
+CVE-2018-13550 (The mintToken function of a smart contract implementation for Coquinho ...)
 	NOT-FOR-US: smart contract implementation for Coquinho Coin (CQNC) (Contract Name: CoquinhoERC20)
-CVE-2018-13549
+CVE-2018-13549 (The mintToken function of a smart contract implementation for NeuroTok ...)
 	NOT-FOR-US: smart contract implementation for NeuroToken
-CVE-2018-13548
+CVE-2018-13548 (The mintToken function of a smart contract implementation for Mimicoin ...)
 	NOT-FOR-US: smart contract implementation for Mimicoin
-CVE-2018-13547
+CVE-2018-13547 (The mintToken function of a smart contract implementation for Providen ...)
 	NOT-FOR-US: smart contract implementation for Providence Crypto Casino (PVE) (Contract Name: ProvidenceCasinoToken)
-CVE-2018-13546
+CVE-2018-13546 (The mintToken function of a smart contract implementation for CCASH, a ...)
 	NOT-FOR-US: smart contract implementation for CCASH
-CVE-2018-13545
+CVE-2018-13545 (The mintToken function of a smart contract implementation for HashShie ...)
 	NOT-FOR-US: smart contract implementation for HashShield
-CVE-2018-13544
+CVE-2018-13544 (The mintToken function of a smart contract implementation for Numisma, ...)
 	NOT-FOR-US: smart contract implementation for Numisma
-CVE-2018-13543
+CVE-2018-13543 (The mintToken function of a smart contract implementation for Gemstone ...)
 	NOT-FOR-US: smart contract implementation for GemstoneToken
-CVE-2018-13542
+CVE-2018-13542 (The mintToken function of a smart contract implementation for ZIBToken ...)
 	NOT-FOR-US: smart contract implementation for ZIBToken
-CVE-2018-13541
+CVE-2018-13541 (The mintToken function of a smart contract implementation for CryptoLe ...)
 	NOT-FOR-US: smart contract implementation for CryptoLeu
-CVE-2018-13540
+CVE-2018-13540 (The mintToken function of a smart contract implementation for GSI, an  ...)
 	NOT-FOR-US: smart contract implementation for GSI
-CVE-2018-13539
+CVE-2018-13539 (The mintToken function of a smart contract implementation for Bcxss, a ...)
 	NOT-FOR-US: smart contract implementation for Bcxss
-CVE-2018-13538
+CVE-2018-13538 (The mintToken function of a smart contract implementation for SIPCToke ...)
 	NOT-FOR-US: smart contract implementation for SIPCToken
-CVE-2018-13537
+CVE-2018-13537 (The mintToken function of a smart contract implementation for Ethereum ...)
 	NOT-FOR-US: smart contract implementation for EthereumLegit
-CVE-2018-13536
+CVE-2018-13536 (The mintToken function of a smart contract implementation for ERC20_IC ...)
 	NOT-FOR-US: smart contract implementation for ERC20_ICO
-CVE-2018-13535
+CVE-2018-13535 (The mintToken function of a smart contract implementation for PACCOIN, ...)
 	NOT-FOR-US: smart contract implementation for PACCOIN
-CVE-2018-13534
+CVE-2018-13534 (The mintToken function of a smart contract implementation for SpeedCas ...)
 	NOT-FOR-US: smart contract implementation for SpeedCashLite (SCSL)
-CVE-2018-13533
+CVE-2018-13533 (The mintToken function of a smart contract implementation for ALUXToke ...)
 	NOT-FOR-US: smart contract implementation for ALUXToken
-CVE-2018-13532
+CVE-2018-13532 (The mintToken function of a smart contract implementation for Mindexco ...)
 	NOT-FOR-US: smart contract implementation for Mindexcoin
-CVE-2018-13531
+CVE-2018-13531 (The mintToken function of a smart contract implementation for MaxHouse ...)
 	NOT-FOR-US: smart contract implementation for MaxHouse
-CVE-2018-13530
+CVE-2018-13530 (The mintToken function of a smart contract implementation for HunterCo ...)
 	NOT-FOR-US: smart contract implementation for HunterCoin
-CVE-2018-13529
+CVE-2018-13529 (The mintToken function of a smart contract implementation for BetterTh ...)
 	NOT-FOR-US: smart contract implementation for BetterThanAdrien
-CVE-2018-13528
+CVE-2018-13528 (The mintToken function of a smart contract implementation for DhaCoin, ...)
 	NOT-FOR-US: smart contract implementation for DhaCoin
-CVE-2018-13527
+CVE-2018-13527 (The mintToken function of a smart contract implementation for ElevateC ...)
 	NOT-FOR-US: smart contract implementation for ElevateCoin
-CVE-2018-13526
+CVE-2018-13526 (The mintToken function of a smart contract implementation for WangWang ...)
 	NOT-FOR-US: smart contract implementation for WangWangToken
-CVE-2018-13525
+CVE-2018-13525 (The mintToken function of a smart contract implementation for Flow, an ...)
 	NOT-FOR-US: smart contract implementation for Flow
-CVE-2018-13524
+CVE-2018-13524 (The mintToken function of a smart contract implementation for PornCoin ...)
 	NOT-FOR-US: smart contract implementation for PornCoin (PRNC)
-CVE-2018-13523
+CVE-2018-13523 (The mintToken function of a smart contract implementation for SmartPay ...)
 	NOT-FOR-US: smart contract implementation for SmartPayment
-CVE-2018-13522
+CVE-2018-13522 (The mintToken function of a smart contract implementation for EXGROUP, ...)
 	NOT-FOR-US: smart contract implementation for EXGROUP
-CVE-2018-13521
+CVE-2018-13521 (The mintToken function of a smart contract implementation for PinkyTok ...)
 	NOT-FOR-US: smart contract implementation for PinkyToken
-CVE-2018-13520
+CVE-2018-13520 (The mintToken function of a smart contract implementation for Topscoin ...)
 	NOT-FOR-US: smart contract implementation for TopscoinAdvanced
-CVE-2018-13519
+CVE-2018-13519 (The mint function of a smart contract implementation for DigitalCloudT ...)
 	NOT-FOR-US: smart contract implementation for DigitalCloudToken
-CVE-2018-13518
+CVE-2018-13518 (The mintToken function of a smart contract implementation for TCash, a ...)
 	NOT-FOR-US: smart contract implementation for TCash
-CVE-2018-13517
+CVE-2018-13517 (The mintToken function of a smart contract implementation for C3 Token ...)
 	NOT-FOR-US: smart contract implementation for C3 Token (C3)
-CVE-2018-13516
+CVE-2018-13516 (The mintToken function of a smart contract implementation for Super Co ...)
 	NOT-FOR-US: smart contract implementation for Super Cool Awesome Money (SCAM)
-CVE-2018-13515
+CVE-2018-13515 (The mintToken function of a smart contract implementation for aman, an ...)
 	NOT-FOR-US: smart contract implementation for aman
-CVE-2018-13514
+CVE-2018-13514 (The mintToken function of a smart contract implementation for esportz, ...)
 	NOT-FOR-US: smart contract implementation for esportz
-CVE-2018-13513
+CVE-2018-13513 (The mintToken function of a smart contract implementation for Ubiou, a ...)
 	NOT-FOR-US: smart contract implementation for Ubiou
-CVE-2018-13512
+CVE-2018-13512 (The mintToken function of a smart contract implementation for SmartHom ...)
 	NOT-FOR-US: smart contract implementation for SmartHomeCoin
-CVE-2018-13511
+CVE-2018-13511 (The mintToken function of a smart contract implementation for CorelliC ...)
 	NOT-FOR-US: smart contract implementation for CorelliCoin
-CVE-2018-13510
+CVE-2018-13510 (The mintToken function of a smart contract implementation for Welfare  ...)
 	NOT-FOR-US: smart contract implementation for Welfare Token Fund (WTF)
-CVE-2018-13509
+CVE-2018-13509 (The mintToken function of a smart contract implementation for IamRich, ...)
 	NOT-FOR-US: smart contract implementation for IamRich
-CVE-2018-13508
+CVE-2018-13508 (The mintToken function of a smart contract implementation for VITToken ...)
 	NOT-FOR-US: smart contract implementation for VITToken
-CVE-2018-13507
+CVE-2018-13507 (The mintToken function of a smart contract implementation for SLCAdvan ...)
 	NOT-FOR-US: smart contract implementation for SLCAdvancedToken
-CVE-2018-13506
+CVE-2018-13506 (The mintToken function of a smart contract implementation for SDR22, a ...)
 	NOT-FOR-US: smart contract implementation for SDR22
-CVE-2018-13505
+CVE-2018-13505 (The mintToken function of a smart contract implementation for ecogreen ...)
 	NOT-FOR-US: smart contract implementation for ecogreenhouse
-CVE-2018-13504
+CVE-2018-13504 (The mintToken function of a smart contract implementation for MMCoin,  ...)
 	NOT-FOR-US: smart contract implementation for MMCoin
-CVE-2018-13503
+CVE-2018-13503 (The mintToken function of a smart contract implementation for South Pa ...)
 	NOT-FOR-US: smart contract implementation for South Park Token Token (SPTKN)
-CVE-2018-13502
+CVE-2018-13502 (The mintToken function of a smart contract implementation for HeliumNe ...)
 	NOT-FOR-US: smart contract implementation for HeliumNetwork
-CVE-2018-13501
+CVE-2018-13501 (The mintToken function of a smart contract implementation for HRWtoken ...)
 	NOT-FOR-US: smart contract implementation for HRWtoken
-CVE-2018-13500
+CVE-2018-13500 (The mintToken function of a smart contract implementation for MSXAdvan ...)
 	NOT-FOR-US: smart contract implementation for MSXAdvanced
-CVE-2018-13499
+CVE-2018-13499 (The mintToken function of a smart contract implementation for Crowdsal ...)
 	NOT-FOR-US: smart contract implementation for Crowdsale
-CVE-2018-13498
+CVE-2018-13498 (The mintToken function of a smart contract implementation for KAPAYcoi ...)
 	NOT-FOR-US: smart contract implementation for KAPAYcoin
-CVE-2018-13497
+CVE-2018-13497 (The mintToken function of a smart contract implementation for COBToken ...)
 	NOT-FOR-US: smart contract implementation for COBToken
-CVE-2018-13496
+CVE-2018-13496 (The mintToken function of a smart contract implementation for RajTestI ...)
 	NOT-FOR-US: smart contract implementation for RajTestICO
-CVE-2018-13495
+CVE-2018-13495 (The mintToken function of a smart contract implementation for KMCToken ...)
 	NOT-FOR-US: smart contract implementation for KMCToken
-CVE-2018-13494
+CVE-2018-13494 (The mintToken function of a smart contract implementation for SusanTok ...)
 	NOT-FOR-US: smart contract implementation for SusanTokenERC20
-CVE-2018-13493
+CVE-2018-13493 (The mintToken function of a smart contract implementation for DaddyTok ...)
 	NOT-FOR-US: smart contract implementation for DaddyToken
-CVE-2018-13492
+CVE-2018-13492 (The mintToken function of a smart contract implementation for naga, an ...)
 	NOT-FOR-US: smart contract implementation for naga
-CVE-2018-13491
+CVE-2018-13491 (The mintToken function of a smart contract implementation for Carrot,  ...)
 	NOT-FOR-US: smart contract implementation for Carrot
-CVE-2018-13490
+CVE-2018-13490 (The mintToken function of a smart contract implementation for FILM, an ...)
 	NOT-FOR-US: smart contract implementation for FILM
-CVE-2018-13489
+CVE-2018-13489 (The mintToken function of a smart contract implementation for OllisCoi ...)
 	NOT-FOR-US: smart contract implementation for OllisCoin
-CVE-2018-13488
+CVE-2018-13488 (The mintToken function of a smart contract implementation for Crypto A ...)
 	NOT-FOR-US: smart contract implementation for Crypto Alley Shares (CAST)
-CVE-2018-13487
+CVE-2018-13487 (The mintToken function of a smart contract implementation for PlatoTok ...)
 	NOT-FOR-US: smart contract implementation for PlatoToken
-CVE-2018-13486
+CVE-2018-13486 (The mintToken function of a smart contract implementation for HELP, an ...)
 	NOT-FOR-US: smart contract implementation for HELP
-CVE-2018-13485
+CVE-2018-13485 (The mintToken function of a smart contract implementation for BitcoinA ...)
 	NOT-FOR-US: smart contract implementation for BitcoinAgileToken
-CVE-2018-13484
+CVE-2018-13484 (The mintToken function of a smart contract implementation for CBRToken ...)
 	NOT-FOR-US: smart contract implementation for CBRToken
-CVE-2018-13483
+CVE-2018-13483 (The mintToken function of a smart contract implementation for mkethTok ...)
 	NOT-FOR-US: smart contract implementation for mkethToken
-CVE-2018-13482
+CVE-2018-13482 (The mintToken function of a smart contract implementation for ETHERCAS ...)
 	NOT-FOR-US: smart contract implementation for ETHERCASH (ETC)
-CVE-2018-13481
+CVE-2018-13481 (The mintToken function of a smart contract implementation for TRIUM, a ...)
 	NOT-FOR-US: smart contract implementation for TRIUM
-CVE-2018-13480
+CVE-2018-13480 (The mintToken function of a smart contract implementation for QRG, an  ...)
 	NOT-FOR-US: smart contract implementation for QRG
-CVE-2018-13479
+CVE-2018-13479 (The mintToken function of a smart contract implementation for Slidebit ...)
 	NOT-FOR-US: smart contract implementation for SlidebitsToken
-CVE-2018-13478
+CVE-2018-13478 (The mintToken function of a smart contract implementation for DMPToken ...)
 	NOT-FOR-US: smart contract implementation for DMPToken
-CVE-2018-13477
+CVE-2018-13477 (The mintToken function of a smart contract implementation for CTESale, ...)
 	NOT-FOR-US: smart contract implementation for CTESale
-CVE-2018-13476
+CVE-2018-13476 (The mintToken function of a smart contract implementation for PhilCoin ...)
 	NOT-FOR-US: smart contract implementation for PhilCoin
-CVE-2018-13475
+CVE-2018-13475 (The mintToken function of a smart contract implementation for VSCToken ...)
 	NOT-FOR-US: smart contract implementation for VSCToken
-CVE-2018-13474
+CVE-2018-13474 (The mintToken function of a smart contract implementation for FansChai ...)
 	NOT-FOR-US: smart contract implementation for FansChainToken
-CVE-2018-13473
+CVE-2018-13473 (The mintToken function of a smart contract implementation for ohni_2 ( ...)
 	NOT-FOR-US: smart contract implementation for ohni_2 (OHNI)
-CVE-2018-13472
+CVE-2018-13472 (The mint function of a smart contract implementation for CloutToken, a ...)
 	NOT-FOR-US: smart contract implementation for CloutToken
-CVE-2018-13471
+CVE-2018-13471 (The mintToken function of a smart contract implementation for BeyondCa ...)
 	NOT-FOR-US: smart contract implementation for BeyondCashToken
-CVE-2018-13470
+CVE-2018-13470 (The mintToken function of a smart contract implementation for BuyerTok ...)
 	NOT-FOR-US: smart contract implementation for BuyerToken
-CVE-2018-13469
+CVE-2018-13469 (The mintToken function of a smart contract implementation for IcoContr ...)
 	NOT-FOR-US: smart contract implementation for IcoContract
-CVE-2018-13468
+CVE-2018-13468 (The mintToken function of a smart contract implementation for Cavecoin ...)
 	NOT-FOR-US: smart contract implementation for Cavecoin
-CVE-2018-13467
+CVE-2018-13467 (The mintToken function of a smart contract implementation for Epiphany ...)
 	NOT-FOR-US: smart contract implementation for EpiphanyCoin
-CVE-2018-13466
+CVE-2018-13466 (The mintToken function of a smart contract implementation for Crystals ...)
 	NOT-FOR-US: smart contract implementation for Crystals
-CVE-2018-13465
+CVE-2018-13465 (The mintToken function of a smart contract implementation for PaulyCoi ...)
 	NOT-FOR-US: smart contract implementation for PaulyCoin
-CVE-2018-13464
+CVE-2018-13464 (The mintToken function of a smart contract implementation for t_swap,  ...)
 	NOT-FOR-US: smart contract implementation for t_swap
-CVE-2018-13463
+CVE-2018-13463 (The mintToken function of a smart contract implementation for T-Swap-T ...)
 	NOT-FOR-US: smart contract implementation for T-Swap-Token (T-S-T)
-CVE-2018-13462
+CVE-2018-13462 (The mintToken function of a smart contract implementation for MoonToke ...)
 	NOT-FOR-US: smart contract implementation for MoonToken
 CVE-2018-13461
 	RESERVED
@@ -19269,11 +19269,11 @@ CVE-2018-13460
 	RESERVED
 CVE-2018-13459
 	RESERVED
-CVE-2018-13458
+CVE-2018-13458 (qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer de ...)
 	- nagios4 4.3.4-3 (low; bug #917160)
 	NOTE: https://gist.github.com/fakhrizulkifli/40f3daf52950cca6de28ebec2498ff6e
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/commit/b1a92a3b52d292ccb601e77a0b29cb1e67ac9d76
-CVE-2018-13457
+CVE-2018-13457 (qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer de ...)
 	- nagios4 4.3.4-3 (low; bug #917160)
 	NOTE: https://gist.github.com/fakhrizulkifli/87cf1c1ad403b4d40a86d90c9c9bf7ab
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/commit/b1a92a3b52d292ccb601e77a0b29cb1e67ac9d76
@@ -19289,39 +19289,39 @@ CVE-2018-13452
 	RESERVED
 CVE-2018-13451
 	RESERVED
-CVE-2018-13450
+CVE-2018-13450 (SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM ve ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/36402c22eef49d60edd73a2f312f8e28fe0bd1cb
-CVE-2018-13449
+CVE-2018-13449 (SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM ve ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/36402c22eef49d60edd73a2f312f8e28fe0bd1cb
-CVE-2018-13448
+CVE-2018-13448 (SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM ve ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/36402c22eef49d60edd73a2f312f8e28fe0bd1cb
-CVE-2018-13447
+CVE-2018-13447 (SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM ve ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/36402c22eef49d60edd73a2f312f8e28fe0bd1cb
-CVE-2018-13446
+CVE-2018-13446 (** DISPUTED ** An issue was discovered in the LINE jp.naver.line appli ...)
 	NOT-FOR-US: LINE jp.naver.line application for Android
-CVE-2018-13445
+CVE-2018-13445 (An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability  ...)
 	NOT-FOR-US: SeaCMS
-CVE-2018-13444
+CVE-2018-13444 (An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability  ...)
 	NOT-FOR-US: SeaCMS
 CVE-2018-13443
 	RESERVED
 CVE-2018-13442
 	RESERVED
-CVE-2018-13441
+CVE-2018-13441 (qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL po ...)
 	- nagios4 4.3.4-3 (low; bug #917160)
 	NOTE: https://gist.github.com/fakhrizulkifli/8df4a174158df69ebd765f824bd736b8
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/commit/b1a92a3b52d292ccb601e77a0b29cb1e67ac9d76
-CVE-2018-13440
+CVE-2018-13440 (The audiofile Audio File Library 0.3.6 has a NULL pointer dereference  ...)
 	- audiofile <unfixed> (low; bug #903499)
 	[buster] - audiofile <no-dsa> (Minor issue)
 	[stretch] - audiofile <no-dsa> (Minor issue)
 	[jessie] - audiofile <no-dsa> (Minor issue)
 	NOTE: https://github.com/mpruett/audiofile/issues/49
-CVE-2018-13439
+CVE-2018-13439 (WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a mercha ...)
 	NOT-FOR-US: WeChat Pay Java SDK
 CVE-2018-13438
 	RESERVED
@@ -19329,11 +19329,11 @@ CVE-2018-13437
 	RESERVED
 CVE-2018-13436
 	RESERVED
-CVE-2018-13435
+CVE-2018-13435 (** DISPUTED ** An issue was discovered in the LINE jp.naver.line appli ...)
 	NOT-FOR-US: LINE jp.naver.line application for iOS
-CVE-2018-13434
+CVE-2018-13434 (** DISPUTED ** An issue was discovered in the LINE jp.naver.line appli ...)
 	NOT-FOR-US: LINE jp.naver.line application for iOS
-CVE-2018-13433
+CVE-2018-13433 (Boostnote v0.11.7 allows XSS during highlighting of Markdown text, as  ...)
 	NOT-FOR-US: Boostnote
 CVE-2018-13432
 	RESERVED
@@ -19353,98 +19353,98 @@ CVE-2018-13425
 	RESERVED
 CVE-2018-13424
 	RESERVED
-CVE-2018-13423
+CVE-2018-13423 (admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows X ...)
 	NOT-FOR-US: Omeka
-CVE-2018-13422
+CVE-2018-13422 (TCExam before 14.1.2 has XSS via an ff_ or xl_ field. ...)
 	NOT-FOR-US: TCExam
-CVE-2018-13421
+CVE-2018-13421 (Fast C++ CSV Parser (aka fast-cpp-csv-parser) before 2018-07-06 has a  ...)
 	- fast-cpp-csv-parser 0.0+git20160525~9bf299c-2 (low; bug #903247)
 	[stretch] - fast-cpp-csv-parser <no-dsa> (Minor issue)
 	[jessie] - fast-cpp-csv-parser <no-dsa> (Minor issue)
 	NOTE: https://github.com/ben-strasser/fast-cpp-csv-parser/issues/67
 	NOTE: https://github.com/ben-strasser/fast-cpp-csv-parser/commit/8cf591aa7397f4372778cc927e184d28ee591093
-CVE-2018-13420
+CVE-2018-13420 (** DISPUTED ** Google gperftools 2.7 has a memory leak in malloc_exten ...)
 	- google-perftools <unfixed> (unimportant; bug #903248)
 	NOTE: https://github.com/gperftools/gperftools/issues/1013
-CVE-2018-13419
+CVE-2018-13419 (** DISPUTED ** An issue has been found in libsndfile 1.0.28. There is  ...)
 	NOTE: Misreport, not reprodiucible by upstream and no test file was provided
 	NOTE: https://github.com/erikd/libsndfile/issues/398
-CVE-2018-13418
+CVE-2018-13418 (System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 all ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13417
+CVE-2018-13417 (In Vuze Bittorrent Client 5.7.6.0, the XML parsing engine for SSDP/UPn ...)
 	- azureus <removed>
-CVE-2018-13416
+CVE-2018-13416 (In Universal Media Server (UMS) 7.1.0, the XML parsing engine for SSDP ...)
 	NOT-FOR-US: Universal Media Server
-CVE-2018-13415
+CVE-2018-13415 (In Plex Media Server 1.13.2.5154, the XML parsing engine for SSDP/UPnP ...)
 	NOT-FOR-US: Plex Media Server
 CVE-2018-13414
 	RESERVED
 CVE-2018-13413
 	RESERVED
-CVE-2018-13412
+CVE-2018-13412 (An issue was discovered in the Self Service Portal in Zoho ManageEngin ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-13411
+CVE-2018-13411 (An issue was discovered in Zoho ManageEngine Desktop Central before 10 ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-13410
+CVE-2018-13410 (** DISPUTED ** Info-ZIP Zip 3.0, when the -T and -TT command-line opti ...)
 	- zip <unfixed> (unimportant; bug #903196)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jul/24
 	NOTE: Negligible security impact, would involve that a untrusted party controls
 	NOTE: the -TT value.
-CVE-2018-13409
+CVE-2018-13409 (An issue was discovered in Jirafeau before 3.4.1. The "search file by  ...)
 	NOT-FOR-US: Jirafeau
-CVE-2018-13408
+CVE-2018-13408 (An issue was discovered in Jirafeau before 3.4.1. The "search file by  ...)
 	NOT-FOR-US: Jirafeau
-CVE-2018-13407
+CVE-2018-13407 (A CSRF issue was discovered in Jirafeau before 3.4.1. The "delete file ...)
 	NOT-FOR-US: Jirafeau
-CVE-2018-13406
+CVE-2018-13406 (An integer overflow in the uvesafb_setcmap function in drivers/video/f ...)
 	{DLA-1715-1 DLA-1529-1}
 	- linux 4.17.6-1
 	[stretch] - linux 4.9.130-1
 	NOTE: https://git.kernel.org/linus/9f645bcc566a1e9f921bdae7528a01ced5bc3713
-CVE-2018-13405
+CVE-2018-13405 (The inode_init_owner function in fs/inode.c in the Linux kernel throug ...)
 	{DSA-4266-1 DLA-1529-1 DLA-1466-1}
 	- linux 4.17.6-1
 	NOTE: https://git.kernel.org/linus/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/13/2
-CVE-2018-13404
+CVE-2018-13404 (The VerifyPopServerConnection resource in Atlassian Jira before versio ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-13403
+CVE-2018-13403 (The two-dimensional filter statistics gadget in Atlassian Jira before  ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-13402
+CVE-2018-13402 (Many resources in Atlassian Jira before version 7.6.9, from version 7. ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-13401
+CVE-2018-13401 (The XsrfErrorAction resource in Atlassian Jira before version 7.6.9, f ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-13400
+CVE-2018-13400 (Several administrative resources in Atlassian Jira before version 7.6. ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-13399
+CVE-2018-13399 (The Microsoft Windows Installer for Atlassian Fisheye and Crucible bef ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-13398
+CVE-2018-13398 (The administrative smart-commits resource in Atlassian Fisheye and Cru ...)
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2018-13397
+CVE-2018-13397 (There was an argument injection vulnerability in Sourcetree for Window ...)
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-13396
+CVE-2018-13396 (There was an argument injection vulnerability in Sourcetree for macOS  ...)
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-13395
+CVE-2018-13395 (Various resources in Atlassian Jira before version 7.6.8, from version ...)
 	NOT-FOR-US: Atlassian Jira
-CVE-2018-13394
+CVE-2018-13394 (The acceptAnswer resource in Atlassian Confluence Questions before ver ...)
 	NOT-FOR-US: Atlassian Confluence Questions
-CVE-2018-13393
+CVE-2018-13393 (The convertCommentToAnswer resource in Atlassian Confluence Questions  ...)
 	NOT-FOR-US: Atlassian Confluence Questions
-CVE-2018-13392
+CVE-2018-13392 (Several resources in Atlassian Fisheye and Crucible before version 4.6 ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-13391
+CVE-2018-13391 (The ProfileLinkUserFormat component of Jira Server before version 7.6. ...)
 	NOT-FOR-US: Atlassian Jira Server
-CVE-2018-13390
+CVE-2018-13390 (Unauthenticated access to cloudtoken daemon on Linux via network from  ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-13389
+CVE-2018-13389 (The attachment resource in Atlassian Confluence before version 6.6.1 a ...)
 	NOT-FOR-US: Atlassian Confluence
-CVE-2018-13388
+CVE-2018-13388 (The review attachment resource in Atlassian Fisheye and Crucible befor ...)
 	NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2018-13387
+CVE-2018-13387 (The IncomingMailServers resource in Atlassian JIRA Server before versi ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-13386
+CVE-2018-13386 (There was an argument injection vulnerability in Sourcetree for Window ...)
 	NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-13385
+CVE-2018-13385 (There was an argument injection vulnerability in Sourcetree for macOS  ...)
 	NOT-FOR-US: Atlassian Sourcetree
 CVE-2018-13384
 	RESERVED
@@ -19462,11 +19462,11 @@ CVE-2018-13378
 	RESERVED
 CVE-2018-13377
 	RESERVED
-CVE-2018-13376
+CVE-2018-13376 (An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 t ...)
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2018-13375
 	RESERVED
-CVE-2018-13374
+CVE-2018-13374 (A Improper Access Control in Fortinet FortiOS allows attacker to obtai ...)
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2018-13373
 	RESERVED
@@ -19492,31 +19492,31 @@ CVE-2018-13363
 	RESERVED
 CVE-2018-13362
 	RESERVED
-CVE-2018-13361
+CVE-2018-13361 (User enumeration in usertable.php in TerraMaster TOS version 3.1.03 al ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13360
+CVE-2018-13360 (Cross-site scripting in Text Editor in TerraMaster TOS version 3.1.03  ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13359
+CVE-2018-13359 (Cross-site scripting in usertable.php in TerraMaster TOS version 3.1.0 ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13358
+CVE-2018-13358 (System command injection in ajaxdata.php in TerraMaster TOS version 3. ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13357
+CVE-2018-13357 (Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.0 ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13356
+CVE-2018-13356 (Incorrect access control on ajaxdata.php in TerraMaster TOS version 3. ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13355
+CVE-2018-13355 (Incorrect access controls in ajaxdata.php in TerraMaster TOS version 3 ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13354
+CVE-2018-13354 (System command injection in logtable.php in TerraMaster TOS version 3. ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13353
+CVE-2018-13353 (System command injection in ajaxdata.php in TerraMaster TOS version 3. ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13352
+CVE-2018-13352 (Session Exposure in the web application for TerraMaster TOS version 3. ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13351
+CVE-2018-13351 (Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.0 ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13350
+CVE-2018-13350 (SQL injection in logtable.php in TerraMaster TOS version 3.1.03 allows ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13349
+CVE-2018-13349 (Cross-site scripting in the web application taskbar in TerraMaster TOS ...)
 	NOT-FOR-US: TerraMaster TOS
 CVE-2018-13345
 	RESERVED
@@ -19524,113 +19524,113 @@ CVE-2018-13344
 	RESERVED
 CVE-2018-13343
 	RESERVED
-CVE-2018-13342
+CVE-2018-13342 (The server API in the Anda app relies on hardcoded credentials. ...)
 	NOT-FOR-US: Anda app
-CVE-2018-13341
+CVE-2018-13341 (Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all vers ...)
 	NOT-FOR-US: Creston
-CVE-2018-13340
+CVE-2018-13340 (Gleez CMS 1.2.0 has CSRF, as demonstrated by a /page/add request. ...)
 	NOT-FOR-US: Gleez CMS
-CVE-2018-13339
+CVE-2018-13339 (Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode  ...)
 	NOT-FOR-US: Imperavi Redactor
-CVE-2018-13338
+CVE-2018-13338 (System command injection in ajaxdata.php in TerraMaster TOS version 3. ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13337
+CVE-2018-13337 (Session Fixation in the web application for TerraMaster TOS version 3. ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13336
+CVE-2018-13336 (System command injection in ajaxdata.php in TerraMaster TOS version 3. ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13335
+CVE-2018-13335 (Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.0 ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13334
+CVE-2018-13334 (Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 a ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13333
+CVE-2018-13333 (Cross-site scripting in File Manager in TerraMaster TOS version 3.1.03 ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13332
+CVE-2018-13332 (Directory Traversal in the explorer application in TerraMaster TOS ver ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13331
+CVE-2018-13331 (Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.0 ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13330
+CVE-2018-13330 (System command injection in ajaxdata.php in TerraMaster TOS version 3. ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13329
+CVE-2018-13329 (Cross-site scripting in ajaxdata.php in TerraMaster TOS version 3.1.03 ...)
 	NOT-FOR-US: TerraMaster TOS
-CVE-2018-13328
+CVE-2018-13328 (The transfer, transferFrom, and mint functions of a smart contract imp ...)
 	NOT-FOR-US: smart contract
-CVE-2018-13327
+CVE-2018-13327 (The transfer and transferFrom functions of a smart contract implementa ...)
 	NOT-FOR-US: smart contract
-CVE-2018-13326
+CVE-2018-13326 (The transfer and transferFrom functions of a smart contract implementa ...)
 	NOT-FOR-US: smart contract
-CVE-2018-13325
+CVE-2018-13325 (The _sell function of a smart contract implementation for GROWCHAIN (G ...)
 	NOT-FOR-US: smart contract
-CVE-2018-13324
+CVE-2018-13324 (Incorrect access control in nasapi in Buffalo TS5600D1206 version 3.61 ...)
 	NOT-FOR-US: Buffalo
-CVE-2018-13323
+CVE-2018-13323 (Cross-site scripting in detail.html in Buffalo TS5600D1206 version 3.6 ...)
 	NOT-FOR-US: Buffalo
-CVE-2018-13322
+CVE-2018-13322 (Directory traversal in list_folders method in Buffalo TS5600D1206 vers ...)
 	NOT-FOR-US: Buffalo
-CVE-2018-13321
+CVE-2018-13321 (Incorrect access controls in nasapi in Buffalo TS5600D1206 version 3.6 ...)
 	NOT-FOR-US: Buffalo
-CVE-2018-13320
+CVE-2018-13320 (System Command Injection in network.set_auth_settings in Buffalo TS560 ...)
 	NOT-FOR-US: Buffalo
-CVE-2018-13319
+CVE-2018-13319 (Incorrect access control in get_portal_info in Buffalo TS5600D1206 ver ...)
 	NOT-FOR-US: Buffalo
-CVE-2018-13318
+CVE-2018-13318 (System command injection in User.create method in Buffalo TS5600D1206  ...)
 	NOT-FOR-US: Buffalo
-CVE-2018-13317
+CVE-2018-13317 (Password disclosure in password.htm in TOTOLINK A3002RU version 1.0.8  ...)
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13316
+CVE-2018-13316 (System command injection in formAliasIp in TOTOLINK A3002RU version 1. ...)
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13315
+CVE-2018-13315 (Incorrect access control in formPasswordSetup in TOTOLINK A3002RU vers ...)
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13314
+CVE-2018-13314 (System command injection in formAliasIp in TOTOLINK A3002RU version 1. ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2018-13313
 	RESERVED
-CVE-2018-13312
+CVE-2018-13312 (Cross-site scripting in notice_gen.htm in TOTOLINK A3002RU version 1.0 ...)
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13311
+CVE-2018-13311 (System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 ...)
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13310
+CVE-2018-13310 (Cross-site scripting in password.htm in TOTOLINK A3002RU version 1.0.8 ...)
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13309
+CVE-2018-13309 (Cross-site scripting in password.htm in TOTOLINK A3002RU version 1.0.8 ...)
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13308
+CVE-2018-13308 (Cross-site scripting in notice_gen.htm in TOTOLINK A3002RU version 1.0 ...)
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13307
+CVE-2018-13307 (System command injection in fromNtp in TOTOLINK A3002RU version 1.0.8  ...)
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13306
+CVE-2018-13306 (System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 ...)
 	NOT-FOR-US: TOTOLINK
-CVE-2018-13305
+CVE-2018-13305 (In FFmpeg 4.0.1, due to a missing check for negative values of the mqu ...)
 	- ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/d08d4a8c7387e758d439b0592782e4cfa2b4d6a4
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/d08d4a8c7387e758d439b0592782e4cfa2b4d6a4#commitcomment-30094223
-CVE-2018-13304
+CVE-2018-13304 (In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency ...)
 	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/bd27a9364ca274ca97f1df6d984e88a0700fb235
-CVE-2018-13303
+CVE-2018-13303 (In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bit ...)
 	- ffmpeg 7:4.0.2-1
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/00e8181bd97c834fe60751b0c511d4bb97875f78
-CVE-2018-13302
+CVE-2018-13302 (In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRA ...)
 	{DSA-4249-1}
 	- ffmpeg 7:3.4.3-1
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/ed22dc22216f74c75ee7901f82649e1ff725ba50
 	NOTE: Fixed in 3.2.11
-CVE-2018-13301
+CVE-2018-13301 (In FFmpeg 4.0.1, due to a missing check of a profile value before sett ...)
 	- ffmpeg 7:4.0.2-1 (low)
 	[stretch] - ffmpeg <not-affected> (3.2.x not affected)
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code path not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2aa9047486dbff12d9e040f917e5f799ed2fd78b
 	NOTE: It looks like Jessie is not affected but we need the reproducer to confirm this assumption.
-CVE-2018-13300
+CVE-2018-13300 (In FFmpeg 4.0.1, an improper argument (AVCodecParameters) passed to th ...)
 	{DSA-4249-1}
 	- ffmpeg 7:3.4.3-1
 	- libav <removed>
@@ -19671,11 +19671,11 @@ CVE-2018-13284
 	RESERVED
 CVE-2018-13283
 	RESERVED
-CVE-2018-13282
+CVE-2018-13282 (Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology P ...)
 	NOT-FOR-US: Synology Photo Station
-CVE-2018-13281
+CVE-2018-13281 (Information exposure vulnerability in SYNO.Core.ACL in Synology DiskSt ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2018-13280
+CVE-2018-13280 (Use of insufficiently random values vulnerability in SYNO.Encryption.G ...)
 	NOT-FOR-US: Synology
 CVE-2018-13279
 	RESERVED
@@ -19717,19 +19717,19 @@ CVE-2018-13261
 	REJECTED
 CVE-2018-13260
 	REJECTED
-CVE-2018-13259
+CVE-2018-13259 (An issue was discovered in zsh before 5.6. Shebang lines exceeding 64  ...)
 	- zsh 5.6-1 (bug #908000)
 	[stretch] - zsh <no-dsa> (Minor issue)
 	[jessie] - zsh <no-dsa> (Minor issue)
 	NOTE: https://www.zsh.org/mla/zsh-announce/136
 	NOTE: https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d
-CVE-2018-13258
+CVE-2018-13258 (Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided ta ...)
 	- mediawiki <not-affected> (Affected upstream tarball was never used)
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
 	NOTE: https://phabricator.wikimedia.org/T199029
 CVE-2018-13257
 	RESERVED
-CVE-2018-13256
+CVE-2018-13256 (PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or fir ...)
 	NOT-FOR-US: PHP Scripts Mall Auditor Website
 CVE-2018-13255
 	RESERVED
@@ -19737,12 +19737,12 @@ CVE-2018-13254
 	RESERVED
 CVE-2018-13253
 	RESERVED
-CVE-2018-13252
+CVE-2018-13252 (Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain  ...)
 	NOT-FOR-US: Entrust Datacard Syntera CS
-CVE-2018-13251
+CVE-2018-13251 (In libming 0.4.8, there is an excessive memory allocation attempt in t ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/149
-CVE-2018-13250
+CVE-2018-13250 (libming 0.4.8 has a NULL pointer dereference in the getString function ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/147
 CVE-2018-13249
@@ -19777,167 +19777,167 @@ CVE-2018-13235
 	RESERVED
 CVE-2018-13234
 	RESERVED
-CVE-2018-13233
+CVE-2018-13233 (The sell function of a smart contract implementation for GSI, an Ether ...)
 	NOT-FOR-US: smart contract implementation for GSI
-CVE-2018-13232
+CVE-2018-13232 (The sell function of a smart contract implementation for ENTER (ENTR)  ...)
 	NOT-FOR-US: smart contract implementation for ENTER (ENTR)
-CVE-2018-13231
+CVE-2018-13231 (The sell function of a smart contract implementation for ENTER (ENTR)  ...)
 	NOT-FOR-US: smart contract implementation for ENTER (ENTR)
-CVE-2018-13230
+CVE-2018-13230 (The sell function of a smart contract implementation for DestiNeed (DS ...)
 	NOT-FOR-US: smart contract implementation for DestiNeed (DSN)
-CVE-2018-13229
+CVE-2018-13229 (The sell function of a smart contract implementation for RiptideCoin ( ...)
 	NOT-FOR-US: smart contract implementation for RiptideCoin (RIPT)
-CVE-2018-13228
+CVE-2018-13228 (The sell function of a smart contract implementation for Crowdnext (CN ...)
 	NOT-FOR-US: smart contract implementation for Crowdnext (CNX)
-CVE-2018-13227
+CVE-2018-13227 (The sell function of a smart contract implementation for MoneyChainNet ...)
 	NOT-FOR-US: smart contract implementation for MoneyChainNet (MCN)
-CVE-2018-13226
+CVE-2018-13226 (The sell function of a smart contract implementation for YLCToken, an  ...)
 	NOT-FOR-US: smart contract implementation for YLCToken
-CVE-2018-13225
+CVE-2018-13225 (The sell function of a smart contract implementation for MyYLC, an Eth ...)
 	NOT-FOR-US: smart contract implementation for MyYLC
-CVE-2018-13224
+CVE-2018-13224 (The sell function of a smart contract implementation for Virtual Energ ...)
 	NOT-FOR-US: smart contract implementation for Virtual Energy Units (VEU)
-CVE-2018-13223
+CVE-2018-13223 (The sell function of a smart contract implementation for R Time Token  ...)
 	NOT-FOR-US: smart contract implementation for R Time Token v3 (RS)
-CVE-2018-13222
+CVE-2018-13222 (The sell function of a smart contract implementation for ObjectToken ( ...)
 	NOT-FOR-US: smart contract implementation for ObjectToken (OBJ)
-CVE-2018-13221
+CVE-2018-13221 (The sell function of a smart contract implementation for Extreme Coin  ...)
 	NOT-FOR-US: smart contract implementation for Extreme Coin (XT)
-CVE-2018-13220
+CVE-2018-13220 (The sell function of a smart contract implementation for MAVCash, an E ...)
 	NOT-FOR-US: smart contract implementation for MAVCash
-CVE-2018-13219
+CVE-2018-13219 (The sell function of a smart contract implementation for YourCoin (ICO ...)
 	NOT-FOR-US: smart contract implementation for YourCoin (ICO)
-CVE-2018-13218
+CVE-2018-13218 (The sell function of a smart contract implementation for ICO Dollar (I ...)
 	NOT-FOR-US: smart contract implementation for ICO Dollar (ICOD)
-CVE-2018-13217
+CVE-2018-13217 (The sell function of a smart contract implementation for CoinToken, an ...)
 	NOT-FOR-US: smart contract implementation for CoinToken
-CVE-2018-13216
+CVE-2018-13216 (The sell function of a smart contract implementation for GreenMed (GRM ...)
 	NOT-FOR-US: smart contract implementation for GreenMed (GRMD)
-CVE-2018-13215
+CVE-2018-13215 (The sell function of a smart contract implementation for Sample Token  ...)
 	NOT-FOR-US: smart contract implementation for Sample Token (STK)
-CVE-2018-13214
+CVE-2018-13214 (The sell function of a smart contract implementation for GMile, an Eth ...)
 	NOT-FOR-US: smart contract implementation for GMile
-CVE-2018-13213
+CVE-2018-13213 (The sell function of a smart contract implementation for TravelCoin (T ...)
 	NOT-FOR-US: smart contract implementation for TravelCoin
-CVE-2018-13212
+CVE-2018-13212 (The sell function of a smart contract implementation for EthereumLegit ...)
 	NOT-FOR-US: smart contract implementation for EthereumLegit
-CVE-2018-13211
+CVE-2018-13211 (The sell function of a smart contract implementation for MyToken, an E ...)
 	NOT-FOR-US: smart contract implementation for MyToken
-CVE-2018-13210
+CVE-2018-13210 (The sell function of a smart contract implementation for Providence Cr ...)
 	NOT-FOR-US: smart contract implementation for Providence Crypto Casion (PVE)
-CVE-2018-13209
+CVE-2018-13209 (The sell function of a smart contract implementation for Nectar (NCTR) ...)
 	NOT-FOR-US: smart contract implementation for Nectar (NCTR)
-CVE-2018-13208
+CVE-2018-13208 (The sell function of a smart contract implementation for MoneyTree (TR ...)
 	NOT-FOR-US: smart contract implementation for MoneyTree (TREE)
-CVE-2018-13207
+CVE-2018-13207 (The sell function of a smart contract implementation for PornCoin (PRN ...)
 	NOT-FOR-US: smart contract implementation for PornCoin
-CVE-2018-13206
+CVE-2018-13206 (The sell function of a smart contract implementation for ProvidenceCas ...)
 	NOT-FOR-US: smart contract implementation for ProvidenceCasino (PVE)
-CVE-2018-13205
+CVE-2018-13205 (The sell function of a smart contract implementation for ohni_2 (OHNI) ...)
 	NOT-FOR-US: smart contract implementation for ohni_2 (OHNI)
-CVE-2018-13204
+CVE-2018-13204 (The sell function of a smart contract implementation for ETHERCASH (ET ...)
 	NOT-FOR-US: smart contract implementation for ETHERCASH
-CVE-2018-13203
+CVE-2018-13203 (The sellBuyerTokens function of a smart contract implementation for Sw ...)
 	NOT-FOR-US: smart contract implementation for SwapToken
-CVE-2018-13202
+CVE-2018-13202 (The sell function of a smart contract implementation for MyBO, an Ethe ...)
 	NOT-FOR-US: smart contract implementation for MyBO
-CVE-2018-13201
+CVE-2018-13201 (The sell function of a smart contract implementation for TiTok - Ticke ...)
 	NOT-FOR-US: smart contract implementation for TiTok - Ticket Token
-CVE-2018-13200
+CVE-2018-13200 (The sell function of a smart contract implementation for DateMe (DMX)  ...)
 	NOT-FOR-US: smart contract implementation for DateMe (DMX)
-CVE-2018-13199
+CVE-2018-13199 (The sell function of a smart contract implementation for ETHEREUMBLACK ...)
 	NOT-FOR-US: smart contract implementation for ETHEREUMBLACK
-CVE-2018-13198
+CVE-2018-13198 (The sell function of a smart contract implementation for STeX Exchange ...)
 	NOT-FOR-US: smart contract implementation for STeX Exchange ICO (STE)
-CVE-2018-13197
+CVE-2018-13197 (The sell function of a smart contract implementation for Welfare Token ...)
 	NOT-FOR-US: smart contract implementation for Welfare Token Fund (WTF)
-CVE-2018-13196
+CVE-2018-13196 (The sell function of a smart contract implementation for T-Swap-Token  ...)
 	NOT-FOR-US: smart contract implementation for T-Swap-Token
-CVE-2018-13195
+CVE-2018-13195 (The mintToken function of a smart contract implementation for Cranoo ( ...)
 	NOT-FOR-US: smart contract implementation for Cranoo
-CVE-2018-13194
+CVE-2018-13194 (The mintToken function of a smart contract implementation for TongTong ...)
 	NOT-FOR-US: smart contract implementation for TongTong Coin
-CVE-2018-13193
+CVE-2018-13193 (The mintToken function of a smart contract implementation for hentaiso ...)
 	NOT-FOR-US: smart contract implementation for hentaisolo
-CVE-2018-13192
+CVE-2018-13192 (The mintToken function of a smart contract implementation for Jobscoin ...)
 	NOT-FOR-US: smart contract implementation for Jobscoin
-CVE-2018-13191
+CVE-2018-13191 (The mintToken function of a smart contract implementation for Super Ca ...)
 	NOT-FOR-US: smart contract implementation for Super Carbon Coin
-CVE-2018-13190
+CVE-2018-13190 (The mintToken function of a smart contract implementation for DVChain, ...)
 	NOT-FOR-US: smart contract implementation for DVChain
-CVE-2018-13189
+CVE-2018-13189 (The mint function of a smart contract implementation for Unolabo (UNLB ...)
 	NOT-FOR-US: smart contract implementation for Unolabo
-CVE-2018-13188
+CVE-2018-13188 (The mintToken function of a smart contract implementation for MyBO, an ...)
 	NOT-FOR-US: smart contract implementation for MyBO
-CVE-2018-13187
+CVE-2018-13187 (The mintToken function of a smart contract implementation for CIBN Liv ...)
 	NOT-FOR-US: smart contract implementation for CIBN Live Token
-CVE-2018-13186
+CVE-2018-13186 (The mintToken function of a smart contract implementation for MMTCoin  ...)
 	NOT-FOR-US: smart contract implementation for MMTCoin
-CVE-2018-13185
+CVE-2018-13185 (The mintToken function of a smart contract implementation for appcoins ...)
 	NOT-FOR-US: smart contract implementation for appcoins
-CVE-2018-13184
+CVE-2018-13184 (The mintToken function of a smart contract implementation for TravelZe ...)
 	NOT-FOR-US: smart contract implementation for TravelZedi Token
-CVE-2018-13183
+CVE-2018-13183 (The mintToken function of a smart contract implementation for JWC, an  ...)
 	NOT-FOR-US: smart contract implementation for JWC
-CVE-2018-13182
+CVE-2018-13182 (The mintToken function of a smart contract implementation for loncoin  ...)
 	NOT-FOR-US: smart contract implementation for loncoin
-CVE-2018-13181
+CVE-2018-13181 (The mintToken function of a smart contract implementation for Troo, an ...)
 	NOT-FOR-US: smart contract implementation for Troo
-CVE-2018-13180
+CVE-2018-13180 (The mintToken function of a smart contract implementation for IMM Coin ...)
 	NOT-FOR-US: smart contract implementation for IMM Coin
-CVE-2018-13179
+CVE-2018-13179 (The mintToken function of a smart contract implementation for Air-Cont ...)
 	NOT-FOR-US: smart contract implementation for Air-Contact Token
-CVE-2018-13178
+CVE-2018-13178 (The mintToken function of a smart contract implementation for ECToints ...)
 	NOT-FOR-US: smart contract implementation for ECToints
-CVE-2018-13177
+CVE-2018-13177 (The mintToken function of a smart contract implementation for MiningRi ...)
 	NOT-FOR-US: smart contract implementation for MiningRigRentals Token
-CVE-2018-13176
+CVE-2018-13176 (The mintToken function of a smart contract implementation for Trust Ze ...)
 	NOT-FOR-US: smart contract implementation for Trust Zen Token
-CVE-2018-13175
+CVE-2018-13175 (The mintToken function of a smart contract implementation for AIChain, ...)
 	NOT-FOR-US: smart contract implementation for AIChain
-CVE-2018-13174
+CVE-2018-13174 (The mintToken function of a smart contract implementation for CryptoAB ...)
 	NOT-FOR-US: smart contract implementation for CryptoABS
-CVE-2018-13173
+CVE-2018-13173 (The mintToken function of a smart contract implementation for EliteShi ...)
 	NOT-FOR-US: smart contract implementation for EliteShipperToken
-CVE-2018-13172
+CVE-2018-13172 (The mintToken function of a smart contract implementation for bzxcoin  ...)
 	NOT-FOR-US: smart contract implementation for bzxcoin
-CVE-2018-13171
+CVE-2018-13171 (The mintToken function of a smart contract implementation for LadaToke ...)
 	NOT-FOR-US: smart contract implementation for LadaToken
-CVE-2018-13170
+CVE-2018-13170 (The mintToken function of a smart contract implementation for Snoqualm ...)
 	NOT-FOR-US: smart contract implementation for Snoqualmie Coin
-CVE-2018-13169
+CVE-2018-13169 (The mintToken function of a smart contract implementation for Ethereum ...)
 	NOT-FOR-US: smart contract implementation for Ethereum Cash Pro
-CVE-2018-13168
+CVE-2018-13168 (The mintToken function of a smart contract implementation for Yu Gi Oh ...)
 	NOT-FOR-US: smart contract implementation for Yu Gi Oh
-CVE-2018-13167
+CVE-2018-13167 (The mintToken function of a smart contract implementation for Yu Gi Oh ...)
 	NOT-FOR-US: smart contract implementation for Yu Gi Oh
-CVE-2018-13166
+CVE-2018-13166 (The mintToken function of a smart contract implementation for AthletiC ...)
 	NOT-FOR-US: smart contract implementation for AthletiCoin
-CVE-2018-13165
+CVE-2018-13165 (The mintToken function of a smart contract implementation for JustDCoi ...)
 	NOT-FOR-US: smart contract implementation for JustDCoin
-CVE-2018-13164
+CVE-2018-13164 (The mintToken function of a smart contract implementation for EPPCOIN  ...)
 	NOT-FOR-US: smart contract implementation for EPPCOIN
-CVE-2018-13163
+CVE-2018-13163 (The mintToken function of a smart contract implementation for Ethernet ...)
 	NOT-FOR-US: smart contract implementation for Ethernet Cash
-CVE-2018-13162
+CVE-2018-13162 (The mintToken function of a smart contract implementation for ALEX, an ...)
 	NOT-FOR-US: smart contract implementation for ALEX
-CVE-2018-13161
+CVE-2018-13161 (The mintToken function of a smart contract implementation for MultiGam ...)
 	NOT-FOR-US: smart contract implementation for MultiGames
-CVE-2018-13160
+CVE-2018-13160 (The mintToken function of a smart contract implementation for etktoken ...)
 	NOT-FOR-US: smart contract implementation for etktokens
-CVE-2018-13159
+CVE-2018-13159 (The mintToken function of a smart contract implementation for bankcoin ...)
 	NOT-FOR-US: smart contract implementation for bankcoin
-CVE-2018-13158
+CVE-2018-13158 (The mintToken function of a smart contract implementation for AssetTok ...)
 	NOT-FOR-US: smart contract implementation for AssetToken
-CVE-2018-13157
+CVE-2018-13157 (The mintToken function of a smart contract implementation for Cryptoni ...)
 	NOT-FOR-US: smart contract implementation for CryptonitexCoin
-CVE-2018-13156
+CVE-2018-13156 (The mintToken function of a smart contract implementation for bonusTok ...)
 	NOT-FOR-US: smart contract implementation for bonusToken
-CVE-2018-13155
+CVE-2018-13155 (The mintToken function of a smart contract implementation for GEMCHAIN ...)
 	NOT-FOR-US: smart contract implementation for GEMCHAIN
 CVE-2018-13154
 	RESERVED
-CVE-2018-13153
+CVE-2018-13153 (In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand f ...)
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1195
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4ab4849d667e26df0e63ece9d63ae23bc7ab0fa1
@@ -19954,11 +19954,11 @@ CVE-2018-13148
 	RESERVED
 CVE-2018-13147
 	RESERVED
-CVE-2018-13146
+CVE-2018-13146 (The mintToken, buy, and sell functions of a smart contract implementat ...)
 	NOT-FOR-US: smart contract
-CVE-2018-13145
+CVE-2018-13145 (The mintToken function of a smart contract implementation for JavaSwap ...)
 	NOT-FOR-US: smart contract
-CVE-2018-13144
+CVE-2018-13144 (The transfer and transferFrom functions of a smart contract implementa ...)
 	NOT-FOR-US: smart contract
 CVE-2018-13143
 	RESERVED
@@ -19966,9 +19966,9 @@ CVE-2018-13142
 	RESERVED
 CVE-2018-13141
 	RESERVED
-CVE-2018-13140
+CVE-2018-13140 (Druide Antidote through 9.5.1 on Windows and Linux allows remote code  ...)
 	NOT-FOR-US: Druide Antidote
-CVE-2018-13139
+CVE-2018-13139 (A stack-based buffer overflow in psf_memset in common.c in libsndfile  ...)
 	{DLA-1618-1}
 	- libsndfile <unfixed> (unimportant)
 	NOTE: https://github.com/erikd/libsndfile/issues/397
@@ -19979,37 +19979,37 @@ CVE-2018-13138
 	RESERVED
 CVE-2018-13137
 	RESERVED
-CVE-2018-13136
+CVE-2018-13136 (The Ultimate Member (aka ultimatemember) plugin before 2.0.18 for Word ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-13135
 	RESERVED
-CVE-2018-13134
+CVE-2018-13134 (TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU devices have X ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-13133
+CVE-2018-13133 (Golden Frog VyprVPN before 2018-06-21 has a vulnerability associated w ...)
 	NOT-FOR-US: Golden Frog VyprVPN
-CVE-2018-13132
+CVE-2018-13132 (Spadeico is a smart contract running on Ethereum. The mint function ha ...)
 	NOT-FOR-US: Spadeico
-CVE-2018-13131
+CVE-2018-13131 (SpadePreSale is a smart contract running on Ethereum. The mint functio ...)
 	NOT-FOR-US: SpadePreSale
-CVE-2018-13130
+CVE-2018-13130 (Bitotal (TFUND) is a smart contract running on Ethereum. The mintToken ...)
 	NOT-FOR-US: Bitotal (TFUND)
-CVE-2018-13129
+CVE-2018-13129 (SP8DE Token (SPX) is a smart contract running on Ethereum. The mint fu ...)
 	NOT-FOR-US: SP8DE Token (SPX)
-CVE-2018-13128
+CVE-2018-13128 (Etherty Token (ETY) is a smart contract running on Ethereum. The mint  ...)
 	NOT-FOR-US: Etherty Token (ETY)
-CVE-2018-13127
+CVE-2018-13127 (SP8DE PreSale Token (DSPX) is a smart contract running on Ethereum. Th ...)
 	NOT-FOR-US: SP8DE PreSale Token (DSPX)
-CVE-2018-13126
+CVE-2018-13126 (MoxyOnePresale is a smart contract running on Ethereum. The mint funct ...)
 	NOT-FOR-US: MoxyOnePresale
 CVE-2018-13125
 	RESERVED
 CVE-2018-13124
 	RESERVED
-CVE-2018-13123
+CVE-2018-13123 (onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers  ...)
 	NOT-FOR-US: OneFileCMS
-CVE-2018-13122
+CVE-2018-13122 (onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers  ...)
 	NOT-FOR-US: OneFileCMS
-CVE-2018-13121
+CVE-2018-13121 (RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a ...)
 	NOT-FOR-US: RealOne Player
 CVE-2018-13120
 	RESERVED
@@ -20019,147 +20019,147 @@ CVE-2018-13118
 	RESERVED
 CVE-2018-13117
 	RESERVED
-CVE-2018-13116
+CVE-2018-13116 (/user/del.php in zzcms 8.3 allows SQL injection via the tablename para ...)
 	NOT-FOR-US: zzcms
-CVE-2018-13115
+CVE-2018-13115 (Lack of an authentication mechanism in KERUI Wifi Endoscope Camera (YP ...)
 	NOT-FOR-US: KERUI Wifi Endoscope Camera
-CVE-2018-13114
+CVE-2018-13114 (Missing authentication and improper input validation in KERUI Wifi End ...)
 	NOT-FOR-US: KERUI Wifi Endoscope Camera
-CVE-2018-13113
+CVE-2018-13113 (The transfer and transferFrom functions of a smart contract implementa ...)
 	NOT-FOR-US: smart contract implementation for Easy Trading Token and Ethereum token
-CVE-2018-13112
+CVE-2018-13112 (get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attac ...)
 	- tcpreplay 4.3.1-1 (low; bug #902952)
 	[stretch] - tcpreplay <no-dsa> (Minor issue)
 	[jessie] - tcpreplay <no-dsa> (Minor issue)
 	NOTE: https://github.com/appneta/tcpreplay/issues/477
 	NOTE: https://github.com/appneta/tcpreplay/issues/408
 	NOTE: https://github.com/appneta/tcpreplay/commit/0253c4707446b9500804101122a72dde2763ed8f
-CVE-2018-13111
+CVE-2018-13111 (There exists a partial Denial of Service vulnerability in Wanscam HW00 ...)
 	NOT-FOR-US: Wanscam
-CVE-2018-13110
+CVE-2018-13110 (All ADB broadband gateways / routers based on the Epicentro platform a ...)
 	NOT-FOR-US: ADB broadband gateways / routers
-CVE-2018-13109
+CVE-2018-13109 (All ADB broadband gateways / routers based on the Epicentro platform a ...)
 	NOT-FOR-US: ADB broadband gateways / routers
-CVE-2018-13108
+CVE-2018-13108 (All ADB broadband gateways / routers based on the Epicentro platform a ...)
 	NOT-FOR-US: ADB broadband gateways / routers
 CVE-2018-13107
 	RESERVED
-CVE-2018-13106
+CVE-2018-13106 (ClipperCMS 1.3.3 has stored XSS via the "Tools -&gt; Configuration" sc ...)
 	NOT-FOR-US: ClipperCMS
 CVE-2018-13105
 	RESERVED
-CVE-2018-13104
+CVE-2018-13104 (OX App Suite 7.8.4 and earlier allows XSS. Internal reference: 58742 ( ...)
 	TODO: check
-CVE-2018-13103
+CVE-2018-13103 (OX App Suite 7.8.4 and earlier allows SSRF. ...)
 	TODO: check
-CVE-2018-13102
+CVE-2018-13102 (AnyDesk before "12.06.2018 - 4.1.3" on Windows 7 SP1 has a DLL preload ...)
 	NOT-FOR-US: AnyDesk
-CVE-2018-13101
+CVE-2018-13101 (KioskSimpleService.exe in RedSwimmer KioskSimple 1.4.7.0 suffers from  ...)
 	NOT-FOR-US: RedSwimmer KioskSimple
-CVE-2018-13100
+CVE-2018-13100 (An issue was discovered in fs/f2fs/super.c in the Linux kernel through ...)
 	{DLA-1715-1}
 	- linux 4.18.10-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200183
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=977f9bb558cb4a95d53b10301f5c739ed8867d4d
-CVE-2018-13099
+CVE-2018-13099 (An issue was discovered in fs/f2fs/inline.c in the Linux kernel throug ...)
 	{DSA-4308-1 DLA-1531-1}
 	- linux 4.18.10-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200179
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=cc60e90f9bfab8d6a7fb826937e824333c3bf94a
 	NOTE: https://sourceforge.net/p/linux-f2fs/mailman/message/36356878/
-CVE-2018-13098
+CVE-2018-13098 (An issue was discovered in fs/f2fs/inode.c in the Linux kernel through ...)
 	- linux 4.18.10-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200173
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=346886775c5fa6a541c0148bbecc0554ab9d6dad
-CVE-2018-13097
+CVE-2018-13097 (An issue was discovered in fs/f2fs/super.c in the Linux kernel through ...)
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200171
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=78bbd741456e31e0acb983283a8d3993ba859c15
-CVE-2018-13096
+CVE-2018-13096 (An issue was discovered in fs/f2fs/super.c in the Linux kernel through ...)
 	{DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200167
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=e335cc683fd13882b9152937b06ff3c16c28aa34
-CVE-2018-13095
+CVE-2018-13095 (An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux  ...)
 	- linux 4.18.6-1
 	[jessie] - linux <ignored> (Too risky to backport)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199915
 	NOTE: https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=23fcb3340d033d9f081e21e6c12c2db7eaa541d3
-CVE-2018-13094
+CVE-2018-13094 (An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux  ...)
 	{DLA-1529-1}
 	- linux 4.17.14-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199969
 	NOTE: https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a
-CVE-2018-13093
+CVE-2018-13093 (An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel thr ...)
 	{DLA-1529-1}
 	- linux 4.17.14-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199367
 	NOTE: https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=afca6c5b2595fc44383919fba740c194b0b76aff
-CVE-2018-13092
+CVE-2018-13092 (The mintToken function of a smart contract implementation for Reimburs ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13091
+CVE-2018-13091 (The mintToken function of a smart contract implementation for sumocoin ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13090
+CVE-2018-13090 (The mintToken function of a smart contract implementation for YiTongCo ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13089
+CVE-2018-13089 (The mintToken function of a smart contract implementation for Universa ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13088
+CVE-2018-13088 (The mintToken function of a smart contract implementation for Futures  ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13087
+CVE-2018-13087 (The mintToken function of a smart contract implementation for Coinstar ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13086
+CVE-2018-13086 (The mintToken function of a smart contract implementation for IADOWR C ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13085
+CVE-2018-13085 (The mintToken function of a smart contract implementation for FreeCoin ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13084
+CVE-2018-13084 (The mintToken function of a smart contract implementation for Good Tim ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13083
+CVE-2018-13083 (The mintToken function of a smart contract implementation for Plaza To ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13082
+CVE-2018-13082 (The mintToken function of a smart contract implementation for MODI Tok ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13081
+CVE-2018-13081 (The mintToken function of a smart contract implementation for GZS Toke ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13080
+CVE-2018-13080 (The mintToken function of a smart contract implementation for Goutex ( ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13079
+CVE-2018-13079 (The mintToken function of a smart contract implementation for GoodTo ( ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13078
+CVE-2018-13078 (The mintToken function of a smart contract implementation for Jitech ( ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13077
+CVE-2018-13077 (The mintToken function of a smart contract implementation for CTB, an  ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13076
+CVE-2018-13076 (The mintToken function of a smart contract implementation for Betcash  ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13075
+CVE-2018-13075 (The mintToken function of a smart contract implementation for Carbon E ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13074
+CVE-2018-13074 (The mintToken function of a smart contract implementation for FIBToken ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13073
+CVE-2018-13073 (The mintToken function of a smart contract implementation for ETHEREUM ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13072
+CVE-2018-13072 (The mintToken function of a smart contract implementation for Coffeeco ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13071
+CVE-2018-13071 (The mintToken function of a smart contract implementation for CCindex1 ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13070
+CVE-2018-13070 (The mintToken function of a smart contract implementation for Encrypte ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13069
+CVE-2018-13069 (The mintToken function of a smart contract implementation for DYchain  ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13068
+CVE-2018-13068 (The mintToken function of a smart contract implementation for AzurionT ...)
 	NOT-FOR-US: smart contract implementation
-CVE-2018-13067
+CVE-2018-13067 (/upload/catalog/controller/account/password.php in OpenCart through 3. ...)
 	NOT-FOR-US: OpenCart
-CVE-2018-13066
+CVE-2018-13066 (There is a memory leak in util/parser.c in libming 0.4.8, which will l ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/146
-CVE-2018-13065
+CVE-2018-13065 (** DISPUTED ** ModSecurity 3.0.0 has XSS via an onerror attribute of a ...)
 	NOT-FOR-US: Bogus claim for ModSecurity, to be revoked
 CVE-2018-13064
 	RESERVED
@@ -20177,25 +20177,25 @@ CVE-2018-13058
 	RESERVED
 CVE-2018-13057
 	RESERVED
-CVE-2018-13056
+CVE-2018-13056 (An issue was discovered on zzcms 8.3. There is a vulnerability at /use ...)
 	NOT-FOR-US: zzcms
-CVE-2018-13055
+CVE-2018-13055 (A cross-site scripting (XSS) vulnerability in the View Filters page (v ...)
 	- mantis <removed>
 	NOTE: http://github.com/mantisbt/mantisbt/commit/4efac90ed89a5c009108b641e2e95683791a165a
 	NOTE: https://mantisbt.org/blog/archives/mantisbt/602
 	NOTE: https://mantisbt.org/bugs/view.php?id=24580
-CVE-2018-13053
+CVE-2018-13053 (The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Lin ...)
 	{DLA-1715-1}
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.135-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200303
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=5f936e19cc0ef97dbe3a56e9498922ad5ba1edef
-CVE-2018-13052
+CVE-2018-13052 (In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privileg ...)
 	NOT-FOR-US: CyberArk Endpoint Privilege Manager
 CVE-2018-13051
 	RESERVED
-CVE-2018-13050
+CVE-2018-13050 (A SQL Injection vulnerability exists in Zoho ManageEngine Applications ...)
 	NOT-FOR-US: Zoho
 CVE-2018-13048
 	RESERVED
@@ -20203,50 +20203,50 @@ CVE-2018-13047
 	RESERVED
 CVE-2018-13046
 	RESERVED
-CVE-2018-13045
+CVE-2018-13045 (SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheq ...)
 	NOT-FOR-US: Yeswiki
-CVE-2018-13054
+CVE-2018-13054 (An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon- ...)
 	{DLA-1420-1}
 	- cinnamon 3.8.8-1 (bug #903201)
 	[stretch] - cinnamon <no-dsa> (Minor issue)
 	NOTE: https://github.com/linuxmint/Cinnamon/pull/7683
 	NOTE: https://github.com/linuxmint/Cinnamon/commit/66e54f43f179fdf041a3e5232178a9910963cfb5 (3.8.7)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1083067
-CVE-2018-13049
+CVE-2018-13049 (The constructSQL function in inc/search.class.php in GLPI 9.2.x throug ...)
 	- glpi <removed> (unimportant)
 	NOTE: https://github.com/glpi-project/glpi/issues/4270
 	NOTE: https://github.com/trasher/glpi/commit/5c58d4c57be7b1e0c1de925b97f22d4468291d41
 	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2018-13044
 	RESERVED
-CVE-2018-13042
+CVE-2018-13042 (The 1Password application 6.8 for Android is affected by a Denial Of S ...)
 	NOT-FOR-US: 1Password
-CVE-2018-13041
+CVE-2018-13041 (The mint function of a smart contract implementation for Link Platform ...)
 	NOT-FOR-US: Link Platform
-CVE-2018-13040
+CVE-2018-13040 (OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can a ...)
 	NOT-FOR-US: OpenSID
-CVE-2018-13039
+CVE-2018-13039 (OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the c ...)
 	NOT-FOR-US: OpenSID
-CVE-2018-13038
+CVE-2018-13038 (OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via  ...)
 	NOT-FOR-US: OpenSID
-CVE-2018-13037
+CVE-2018-13037 (An issue was discovered in jpeg-compressor 0.1. The bmp_load function  ...)
 	NOT-FOR-US: jpeg-compressor
 CVE-2018-13036
 	RESERVED
 CVE-2018-13035
 	RESERVED
-CVE-2018-13034
+CVE-2018-13034 (Directory traversal in Jester web framework 0.2.0 allows remote attack ...)
 	NOT-FOR-US: Jester web framework
-CVE-2018-13033
+CVE-2018-13033 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed  ...)
 	- binutils 2.30.90.20180627-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23361
-CVE-2018-13032
+CVE-2018-13032 (ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser a ...)
 	NOT-FOR-US: ECESSA ShieldLink
-CVE-2018-13031
+CVE-2018-13031 (DamiCMS v6.0.0 allows CSRF via admin.php?s=/Admin/doadd to add an admi ...)
 	NOT-FOR-US: DamiCMS
-CVE-2018-13030
+CVE-2018-13030 (An issue was discovered in jpeg-compressor 0.1. The build_huffman func ...)
 	NOT-FOR-US: jpeg-compressor
 CVE-2018-13029
 	RESERVED
@@ -20254,17 +20254,17 @@ CVE-2018-13028
 	RESERVED
 CVE-2018-13027
 	RESERVED
-CVE-2018-13026
+CVE-2018-13026 (An issue was discovered in gpmf-parser 1.1.2. There is a heap-based bu ...)
 	NOT-FOR-US: gpmf-parser
-CVE-2018-13025
+CVE-2018-13025 (protected/apps/admin/controller/photoController.php in YXcms 1.4.7 all ...)
 	NOT-FOR-US: YXcms
-CVE-2018-13024
+CVE-2018-13024 (Metinfo v6.0.0 allows remote attackers to write code into a .php file, ...)
 	NOT-FOR-US: Metinfo
-CVE-2018-13023
+CVE-2018-13023 (System command injection vulnerability in wifi_access in Xiaomi Mi Rou ...)
 	NOT-FOR-US: Xiaomi Mi Router
-CVE-2018-13022
+CVE-2018-13022 (Cross-site scripting vulnerability in the API 404 page on Xiaomi Mi Ro ...)
 	NOT-FOR-US: Xiaomi Mi Router
-CVE-2018-13021
+CVE-2018-13021 (An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script ...)
 	NOT-FOR-US: HongCMS
 CVE-2018-13020
 	RESERVED
@@ -20278,28 +20278,28 @@ CVE-2018-13016
 	RESERVED
 CVE-2018-13015
 	RESERVED
-CVE-2018-13014
+CVE-2018-13014 (Storing password in recoverable format in safensec.com (SysWatch servi ...)
 	NOT-FOR-US: SysWatch
-CVE-2018-13013
+CVE-2018-13013 (Improper check of unusual conditions when launching msiexec.exe in saf ...)
 	NOT-FOR-US: SysWatch
-CVE-2018-13012
+CVE-2018-13012 (Download of code with improper integrity check in snsupd.exe and upd.e ...)
 	NOT-FOR-US: SysWatch
-CVE-2018-13011
+CVE-2018-13011 (An issue was discovered in gpmf-parser 1.1.2. There is a heap-based bu ...)
 	NOT-FOR-US: gpmf-parser
-CVE-2018-13010
+CVE-2018-13010 (WSTMall v1.9.1_170316 has CSRF via the index.php?m=Admin&amp;c=Users&a ...)
 	NOT-FOR-US: WSTMall
-CVE-2018-13009
+CVE-2018-13009 (An issue was discovered in gpmf-parser 1.1.2. There is a heap-based bu ...)
 	NOT-FOR-US: gpmf-parser
-CVE-2018-13008
+CVE-2018-13008 (An issue was discovered in gpmf-parser 1.1.2. There is a heap-based bu ...)
 	NOT-FOR-US: gpmf-parser
-CVE-2018-13007
+CVE-2018-13007 (An issue was discovered in gpmf-parser 1.1.2. There is a heap-based bu ...)
 	NOT-FOR-US: gpmf-parser
-CVE-2018-13006
+CVE-2018-13006 (An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based ...)
 	{DLA-1432-1}
 	- gpac <unfixed> (bug #902782)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: https://github.com/gpac/gpac/commit/bceb03fd2be95097a7b409ea59914f332fb6bc86
-CVE-2018-13005
+CVE-2018-13005 (An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read ...)
 	{DLA-1432-1}
 	- gpac <unfixed> (bug #902782)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point update)
@@ -20307,37 +20307,37 @@ CVE-2018-13005
 	NOTE: https://github.com/gpac/gpac/commit/bceb03fd2be95097a7b409ea59914f332fb6bc86
 CVE-2018-13004
 	RESERVED
-CVE-2018-13003
+CVE-2018-13003 (An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter ' ...)
 	NOT-FOR-US: OpenTSDB
-CVE-2018-13002
+CVE-2018-13002 (An XSS issue was discovered in Inhaltsprojekte in Weblication CMS Core ...)
 	NOT-FOR-US: Weblication CMS
-CVE-2018-13001
+CVE-2018-13001 (An XSS issue was discovered in Sandoba CP:Shop v2016.1. The vulnerabil ...)
 	NOT-FOR-US: Sandoba CP:Shop
-CVE-2018-13000
+CVE-2018-13000 (An XSS issue was discovered in Advanced Electron Forum (AEF) v1.0.9. A ...)
 	NOT-FOR-US: Advanced Electron Forum
-CVE-2018-12999
+CVE-2018-12999 (Incorrect Access Control in AgentTrayIconServlet in Zoho ManageEngine  ...)
 	NOT-FOR-US: Zoho
-CVE-2018-12998
+CVE-2018-12998 (A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEng ...)
 	NOT-FOR-US: Zoho
-CVE-2018-12997
+CVE-2018-12997 (Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine ...)
 	NOT-FOR-US: Zoho
-CVE-2018-12996
+CVE-2018-12996 (A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEng ...)
 	NOT-FOR-US: Zoho
-CVE-2018-12995
+CVE-2018-12995 (onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers  ...)
 	NOT-FOR-US: OneFileCMS
-CVE-2018-12994
+CVE-2018-12994 (onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers  ...)
 	NOT-FOR-US: OneFileCMS
-CVE-2018-12993
+CVE-2018-12993 (onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers  ...)
 	NOT-FOR-US: OneFileCMS
-CVE-2018-12992
+CVE-2018-12992 (An issue was discovered CMS MaeloStore V.1.5.0. There is stored XSS in ...)
 	NOT-FOR-US: CMS MaeloStore
 CVE-2018-12991
 	RESERVED
-CVE-2018-12990
+CVE-2018-12990 (phpwcms 1.8.9 allows remote attackers to discover the installation pat ...)
 	NOT-FOR-US: phpwcms
-CVE-2018-12989
+CVE-2018-12989 (The report-viewing feature in Pearson VUE Certiport Console 8 and IQSy ...)
 	NOT-FOR-US: Pearson VUE Certiport Console 8 and IQSystem 7
-CVE-2018-12988
+CVE-2018-12988 (GreenCMS 2.3.0603 has an arbitrary file download vulnerability via an  ...)
 	NOT-FOR-US: GreenCMS
 CVE-2018-12987
 	RESERVED
@@ -20345,42 +20345,42 @@ CVE-2018-12986
 	RESERVED
 CVE-2018-12985
 	RESERVED
-CVE-2018-12984
+CVE-2018-12984 (Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" credential ...)
 	NOT-FOR-US: Hycus CMS
-CVE-2018-12983
+CVE-2018-12983 (A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryp ...)
 	- libpodofo <unfixed> (low; bug #916580)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1595693
 	NOTE: https://sourceforge.net/p/podofo/tickets/23
-CVE-2018-12982
+CVE-2018-12982 (Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function  ...)
 	- libpodofo 0.9.6+dfsg-4 (low; bug #916581)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1595689
 	NOTE: https://sourceforge.net/p/podofo/tickets/22
 	NOTE: https://sourceforge.net/p/podofo/code/1948
-CVE-2018-12981
+CVE-2018-12981 (An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 de ...)
 	NOT-FOR-US: WAGO e!DISPLAY devices
-CVE-2018-12980
+CVE-2018-12980 (An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 de ...)
 	NOT-FOR-US: WAGO e!DISPLAY devices
-CVE-2018-12979
+CVE-2018-12979 (An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 de ...)
 	NOT-FOR-US: WAGO e!DISPLAY devices
 CVE-2018-12978
 	RESERVED
-CVE-2018-12977
+CVE-2018-12977 (A SQL injection vulnerability in the SoftExpert (SE) Excellence Suite  ...)
 	NOT-FOR-US: SoftExpert (SE) Excellence Suite
-CVE-2018-12976
+CVE-2018-12976 (In Go Doc Dot Org (gddo) through 2018-06-27, an attacker could use spe ...)
 	NOT-FOR-US: Go Doc Dot Org
-CVE-2018-12975
+CVE-2018-12975 (The random() function of the smart contract implementation for CryptoS ...)
 	NOT-FOR-US: CryptoSaga
 CVE-2018-12974
 	RESERVED
-CVE-2018-12973
+CVE-2018-12973 (An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter ' ...)
 	NOT-FOR-US: OpenTSDB
-CVE-2018-12972
+CVE-2018-12972 (An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q U ...)
 	NOT-FOR-US: OpenTSDB
-CVE-2018-12971
+CVE-2018-12971 (EasyCMS 1.3 has CSRF via the index.php?s=/admin/user/delAll URI to del ...)
 	NOT-FOR-US: EasyCMS
 CVE-2018-12970
 	RESERVED
@@ -20404,7 +20404,7 @@ CVE-2018-12961
 	RESERVED
 CVE-2018-12960
 	RESERVED
-CVE-2018-12959
+CVE-2018-12959 (The approveAndCall function of a smart contract implementation for Adi ...)
 	NOT-FOR-US: smart contract implementation for Aditus (ADI)
 CVE-2018-12958
 	RESERVED
@@ -20434,17 +20434,17 @@ CVE-2018-12946
 	RESERVED
 CVE-2018-12945
 	RESERVED
-CVE-2018-12944
+CVE-2018-12944 (Persistent Cross-Site Scripting (XSS) vulnerability in the "Categories ...)
 	NOT-FOR-US: SeedDMS
-CVE-2018-12943
+CVE-2018-12943 (Cross-Site Scripting (XSS) vulnerability in every page that includes t ...)
 	NOT-FOR-US: SeedDMS
-CVE-2018-12942
+CVE-2018-12942 (SQL injection vulnerability in the "Users management" functionality in ...)
 	NOT-FOR-US: SeedDMS
-CVE-2018-12941
+CVE-2018-12941 (This vulnerability allows remote attackers to execute arbitrary code i ...)
 	NOT-FOR-US: SeedDMS
-CVE-2018-12940
+CVE-2018-12940 (Unrestricted file upload vulnerability in "op/op.UploadChunks.php" in  ...)
 	NOT-FOR-US: SeedDMS
-CVE-2018-12939
+CVE-2018-12939 (A directory traversal flaw in SeedDMS (formerly LetoDMS and MyDMS) bef ...)
 	NOT-FOR-US: SeedDMS
 CVE-2018-12937
 	RESERVED
@@ -20454,14 +20454,14 @@ CVE-2018-12936
 	RESERVED
 CVE-2018-12935
 	RESERVED
-CVE-2018-12934
+CVE-2018-12934 (remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU  ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84950
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23059
-CVE-2018-12933
+CVE-2018-12933 (PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to ...)
 	- wine 4.0~rc1-1 (low)
 	[stretch] - wine <no-dsa> (Minor issue)
 	[jessie] - wine <postponed> (Minor issue)
@@ -20472,7 +20472,7 @@ CVE-2018-12933
 	NOTE: https://bugs.winehq.org/attachment.cgi?id=61285
 	NOTE: https://source.winehq.org/git/wine.git/commit/8d2676fd14f130f9e8f06744743423168bf8d18d
 	NOTE: https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949
-CVE-2018-12932
+CVE-2018-12932 (PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to ...)
 	- wine 4.0~rc1-1 (low)
 	[stretch] - wine <no-dsa> (Minor issue)
 	[jessie] - wine <postponed> (Minor issue)
@@ -20483,81 +20483,81 @@ CVE-2018-12932
 	NOTE: https://bugs.winehq.org/attachment.cgi?id=61284
 	NOTE: https://source.winehq.org/git/wine.git/commit/8d2676fd14f130f9e8f06744743423168bf8d18d
 	NOTE: https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949
-CVE-2018-12931
+CVE-2018-12931 (ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4. ...)
 	- linux <unfixed>
-CVE-2018-12930
+CVE-2018-12930 (ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Lin ...)
 	- linux <unfixed>
-CVE-2018-12929
+CVE-2018-12929 (ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux k ...)
 	- linux <unfixed>
-CVE-2018-12928
+CVE-2018-12928 (In the Linux kernel 4.15.0, a NULL pointer dereference was discovered  ...)
 	- linux <unfixed> (low)
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384
 	NOTE: https://marc.info/?l=linux-fsdevel&m=152407263325766&w=2
-CVE-2018-12927
+CVE-2018-12927 (Northern Electric &amp; Power (NEP) inverter devices allow remote atta ...)
 	NOT-FOR-US: Northern Electric
-CVE-2018-12926
+CVE-2018-12926 (Pharos Controls devices allow remote attackers to obtain potentially s ...)
 	NOT-FOR-US: Pharos Controls
-CVE-2018-12925
+CVE-2018-12925 (Baseon Lantronix MSS devices do not require a password for TELNET acce ...)
 	NOT-FOR-US: Baseon Lantronix
-CVE-2018-12924
+CVE-2018-12924 (Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices hav ...)
 	NOT-FOR-US: Sollae
-CVE-2018-12923
+CVE-2018-12923 (BWS Systems HA-Bridge devices allow remote attackers to obtain potenti ...)
 	NOT-FOR-US: BWS Systems
-CVE-2018-12922
+CVE-2018-12922 (Emerson Liebert IntelliSlot Web Card devices allow remote attackers to ...)
 	NOT-FOR-US: Emerson Liebert
-CVE-2018-12921
+CVE-2018-12921 (Electro Industries GaugeTech Nexus devices allow remote attackers to o ...)
 	NOT-FOR-US: Electro Industries GaugeTech
-CVE-2018-12920
+CVE-2018-12920 (Brickstream 2300 devices allow remote attackers to obtain potentially  ...)
 	NOT-FOR-US: Brickstream
-CVE-2018-12919
+CVE-2018-12919 (In CraftedWeb through 2013-09-24, aasp_includes/pages/notice.php allow ...)
 	NOT-FOR-US: CraftedWeb
-CVE-2018-12918
+CVE-2018-12918 (In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault i ...)
 	NOT-FOR-US: PBC
-CVE-2018-12917
+CVE-2018-12917 (In libpbc.a in PBC through 2017-03-02, there is a heap-based buffer ov ...)
 	NOT-FOR-US: PBC
-CVE-2018-12916
+CVE-2018-12916 (In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault i ...)
 	NOT-FOR-US: PBC
-CVE-2018-12915
+CVE-2018-12915 (In libpbc.a in PBC through 2017-03-02, there is a buffer over-read in  ...)
 	NOT-FOR-US: PBC
-CVE-2018-12914
+CVE-2018-12914 (A remote code execution issue was discovered in PublicCMS V4.0.2018021 ...)
 	NOT-FOR-US: PublicCMS
-CVE-2018-12913
+CVE-2018-12913 (In Miniz 2.0.7, tinfl_decompress in miniz_tinfl.c has an infinite loop ...)
 	NOT-FOR-US: Miniz
-CVE-2018-12912
+CVE-2018-12912 (An issue wan discovered in admin\controllers\database.php in HongCMS 3 ...)
 	NOT-FOR-US: HongCMS
-CVE-2018-12911
+CVE-2018-12911 (WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bou ...)
 	- webkit2gtk 2.20.4-1 (unimportant)
 	NOTE: https://trac.webkit.org/changeset/233404/webkit
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
-CVE-2018-12910
+CVE-2018-12910 (The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows ...)
 	{DSA-4241-1 DLA-1416-1}
 	- libsoup2.4 2.62.2-2
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/commit/db2b0d5809d5f8226d47312b40992cadbcde439f
-CVE-2018-12909
+CVE-2018-12909 (** DISPUTED ** Webgrind 1.5 relies on user input to display a file, wh ...)
 	NOT-FOR-US: Webgrind
-CVE-2018-12908
+CVE-2018-12908 (Brynamics "Online Trade - Online trading and cryptocurrency investment ...)
 	NOT-FOR-US: Brynamics
-CVE-2018-12907
+CVE-2018-12907 (In Rclone 1.42, use of "rclone sync" to migrate data between two Googl ...)
 	NOT-FOR-US: Rclone
 CVE-2018-12906
 	RESERVED
-CVE-2018-12905
+CVE-2018-12905 (joyplus-cms 1.6.0 has XSS in admin_player.php, related to manager/inde ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-12904
+CVE-2018-12904 (In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested v ...)
 	- linux 4.16.16-1
 	[stretch] - linux <not-affected> (Vulnerability introduced later)
 	[jessie] - linux <not-affected> (Vulnerability introduced later)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1589
 	NOTE: https://git.kernel.org/linus/727ba748e110b4de50d142edca9d6a9b7e6111d8
-CVE-2018-12903
+CVE-2018-12903 (In CyberArk Endpoint Privilege Manager (formerly Viewfinity) 10.2.1.60 ...)
 	NOT-FOR-US: CyberArk Endpoint Privilege Manager
-CVE-2018-12902
+CVE-2018-12902 (In Easy Magazine through 2012-10-26, there is XSS in the search bar of ...)
 	NOT-FOR-US: Easy Magazine
-CVE-2018-12901
+CVE-2018-12901 (A vulnerability in the conferencing component of Mitel ST 14.2, versio ...)
 	NOT-FOR-US: Mitel
-CVE-2018-12900
+CVE-2018-12900 (Heap-based buffer overflow in the cpSeparateBufToContigBuf function in ...)
 	- tiff 4.0.10-4 (bug #902718)
 	[stretch] - tiff <postponed> (Minor issue, can be fixed along in future DSA)
 	[jessie] - tiff <postponed> (Minor issue, can be fixed along in future DLA)
@@ -20567,38 +20567,38 @@ CVE-2018-12899
 	RESERVED
 CVE-2018-12898
 	RESERVED
-CVE-2018-12897
+CVE-2018-12897 (SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overf ...)
 	NOT-FOR-US: SolarWinds DameWare Mini Remote Control
-CVE-2018-12896
+CVE-2018-12896 (An issue was discovered in the Linux kernel through 4.17.3. An Integer ...)
 	{DLA-1715-1}
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.144-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200189
 	NOTE: https://github.com/lcytxw/bug_repro/tree/master/bug_200189
 	NOTE: https://github.com/torvalds/linux/commit/78c9c4dfbf8c04883941445a195276bb4bb92c76
-CVE-2018-12895
+CVE-2018-12895 (WordPress through 4.9.6 allows Author users to execute arbitrary code  ...)
 	{DSA-4250-1 DLA-1452-1}
 	- wordpress 4.9.7+dfsg1-1 (bug #902876)
 	NOTE: https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/
 	NOTE: https://github.com/WordPress/WordPress/commit/c9dce0606b0d7e6f494d4abe7b193ac046a322cd
 CVE-2018-12894
 	RESERVED
-CVE-2018-12893
+CVE-2018-12893 (An issue was discovered in Xen through 4.10.x. One of the fixes in XSA ...)
 	{DSA-4236-1 DLA-1577-1}
 	- xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
 	NOTE: https://xenbits.xen.org/xsa/advisory-265.html
-CVE-2018-12892
+CVE-2018-12892 (An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass ...)
 	{DSA-4236-1}
 	- xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
 	[jessie] - xen <not-affected> (Issue introduced in 4.7)
 	NOTE: https://xenbits.xen.org/xsa/advisory-266.html
-CVE-2018-12891
+CVE-2018-12891 (An issue was discovered in Xen through 4.10.x. Certain PV MMU operatio ...)
 	{DSA-4236-1 DLA-1577-1}
 	- xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
 	NOTE: https://xenbits.xen.org/xsa/advisory-264.html
 CVE-2018-12890
 	RESERVED
-CVE-2018-12889
+CVE-2018-12889 (An issue was discovered in CCN-lite 2.0.1. There is a heap-based buffe ...)
 	NOT-FOR-US: CCN-lite
 CVE-2018-12888
 	RESERVED
@@ -20606,303 +20606,303 @@ CVE-2018-12887
 	RESERVED
 CVE-2018-12886
 	RESERVED
-CVE-2018-12885
+CVE-2018-12885 (The randMod() function of the smart contract implementation for MyCryp ...)
 	NOT-FOR-US: MyCryptoChamp
-CVE-2018-12884
+CVE-2018-12884 (In Octopus Deploy 3.0 onwards (before 2018.6.7), an authenticated user ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-1000205
+CVE-2018-1000205 (U-Boot contains a CWE-20: Improper Input Validation vulnerability in V ...)
 	- u-boot <unfixed> (unimportant)
 	NOTE: No security impact as supported/packaged in Debian
-CVE-2018-13043
+CVE-2018-13043 (scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows cod ...)
 	- devscripts 2.18.4 (low; bug #902409)
 	[stretch] - devscripts <not-affected> (Vulnerable code introduced in 2.17.7)
 	[jessie] - devscripts <not-affected> (Vulnerable code introduced in 2.17.7)
-CVE-2018-1000610
+CVE-2018-1000610 (A exposure of sensitive information vulnerability exists in Jenkins Co ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000609
+CVE-2018-1000609 (A exposure of sensitive information vulnerability exists in Jenkins Co ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000608
+CVE-2018-1000608 (A exposure of sensitive information vulnerability exists in Jenkins z/ ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000607
+CVE-2018-1000607 (A arbitrary file write vulnerability exists in Jenkins Fortify CloudSc ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000606
+CVE-2018-1000606 (A server-side request forgery vulnerability exists in Jenkins URLTrigg ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000605
+CVE-2018-1000605 (A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2 ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000604
+CVE-2018-1000604 (A persisted cross-site scripting vulnerability exists in Jenkins Badge ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000603
+CVE-2018-1000603 (A exposure of sensitive information vulnerability exists in Jenkins Op ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000602
+CVE-2018-1000602 (A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 a ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000601
+CVE-2018-1000601 (A arbitrary file read vulnerability exists in Jenkins SSH Credentials  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000600
+CVE-2018-1000600 (A exposure of sensitive information vulnerability exists in Jenkins Gi ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-12883
 	RESERVED
-CVE-2018-12882
+CVE-2018-12882 (exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allo ...)
 	- php7.2 7.2.8-1
 	- php7.1 <not-affected> (Specific to 7.2.x)
 	- php7.0 <not-affected> (Specific to 7.2.x)
 	- php5 <not-affected> (Specific to 7.2.x)
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76409
 	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=3fdde65617e9f954e2c964768aac8831005497e5
-CVE-2018-12881
+CVE-2018-12881 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12880
+CVE-2018-12880 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12879
+CVE-2018-12879 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12878
+CVE-2018-12878 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12877
+CVE-2018-12877 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12876
+CVE-2018-12876 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12875
+CVE-2018-12875 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12874
+CVE-2018-12874 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12873
+CVE-2018-12873 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12872
+CVE-2018-12872 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12871
+CVE-2018-12871 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12870
+CVE-2018-12870 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12869
+CVE-2018-12869 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12868
+CVE-2018-12868 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12867
+CVE-2018-12867 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12866
+CVE-2018-12866 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12865
+CVE-2018-12865 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12864
+CVE-2018-12864 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12863
+CVE-2018-12863 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12862
+CVE-2018-12862 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12861
+CVE-2018-12861 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12860
+CVE-2018-12860 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12859
+CVE-2018-12859 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12858
+CVE-2018-12858 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12857
+CVE-2018-12857 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12856
+CVE-2018-12856 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12855
+CVE-2018-12855 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12854
 	REJECTED
-CVE-2018-12853
+CVE-2018-12853 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12852
+CVE-2018-12852 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12851
+CVE-2018-12851 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12850
+CVE-2018-12850 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12849
+CVE-2018-12849 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12848
+CVE-2018-12848 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12847
+CVE-2018-12847 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12846
+CVE-2018-12846 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12845
+CVE-2018-12845 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12844
+CVE-2018-12844 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12843
+CVE-2018-12843 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12842
+CVE-2018-12842 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12841
+CVE-2018-12841 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12840
+CVE-2018-12840 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12839
+CVE-2018-12839 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12838
+CVE-2018-12838 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12837
+CVE-2018-12837 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12836
+CVE-2018-12836 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12835
+CVE-2018-12835 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12834
+CVE-2018-12834 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12833
+CVE-2018-12833 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12832
+CVE-2018-12832 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12831
+CVE-2018-12831 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12830
+CVE-2018-12830 (Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12829
+CVE-2018-12829 (Adobe Creative Cloud Desktop Application before 4.6.1 has an improper  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12828
+CVE-2018-12828 (Adobe Flash Player 30.0.0.134 and earlier have a "use of a component w ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12827
+CVE-2018-12827 (Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read v ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12826
+CVE-2018-12826 (Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read v ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12825
+CVE-2018-12825 (Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulne ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12824
+CVE-2018-12824 (Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read v ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12823
+CVE-2018-12823 (Adobe Digital Editions versions 4.5.8 and below have a heap overflow v ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12822
+CVE-2018-12822 (Adobe Digital Editions versions 4.5.8 and below have an use after free ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12821
+CVE-2018-12821 (Adobe Digital Editions versions 4.5.8 and below have an out of bounds  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12820
+CVE-2018-12820 (Adobe Digital Editions versions 4.5.8 and below have an out of bounds  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12819
+CVE-2018-12819 (Adobe Digital Editions versions 4.5.8 and below have an out of bounds  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12818
+CVE-2018-12818 (Adobe Digital Editions versions 4.5.8 and below have an out of bounds  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12817
+CVE-2018-12817 (Adobe Digital Editions versions 4.5.9 and below have an out of bounds  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12816
+CVE-2018-12816 (Adobe Digital Editions versions 4.5.8 and below have an out of bounds  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12815
+CVE-2018-12815 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12814
+CVE-2018-12814 (Adobe Digital Editions versions 4.5.8 and below have a heap overflow v ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12813
+CVE-2018-12813 (Adobe Digital Editions versions 4.5.8 and below have a heap overflow v ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12812
+CVE-2018-12812 (Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12811
+CVE-2018-12811 (Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18. ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12810
+CVE-2018-12810 (Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18. ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12809
+CVE-2018-12809 (Adobe Experience Manager versions 6.4 and earlier have a Server-Side R ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12808
+CVE-2018-12808 (Adobe Acrobat and Reader versions 2018.011.20055 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12807
+CVE-2018-12807 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have an  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12806
+CVE-2018-12806 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a r ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12805
+CVE-2018-12805 (Adobe Connect versions 9.7.5 and earlier have an Insecure Library Load ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12804
+CVE-2018-12804 (Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12803
+CVE-2018-12803 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12802
+CVE-2018-12802 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12801
+CVE-2018-12801 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12800
 	REJECTED
-CVE-2018-12799
+CVE-2018-12799 (Adobe Acrobat and Reader versions 2018.011.20055 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12798
+CVE-2018-12798 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12797
+CVE-2018-12797 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12796
+CVE-2018-12796 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12795
+CVE-2018-12795 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12794
+CVE-2018-12794 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12793
+CVE-2018-12793 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12792
+CVE-2018-12792 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12791
+CVE-2018-12791 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12790
+CVE-2018-12790 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12789
+CVE-2018-12789 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12788
+CVE-2018-12788 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12787
+CVE-2018-12787 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12786
+CVE-2018-12786 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12785
+CVE-2018-12785 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12784
+CVE-2018-12784 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12783
+CVE-2018-12783 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12782
+CVE-2018-12782 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12781
+CVE-2018-12781 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12780
+CVE-2018-12780 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12779
+CVE-2018-12779 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12778
+CVE-2018-12778 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12777
+CVE-2018-12777 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12776
+CVE-2018-12776 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12775
+CVE-2018-12775 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12774
+CVE-2018-12774 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12773
+CVE-2018-12773 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12772
+CVE-2018-12772 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12771
+CVE-2018-12771 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12770
+CVE-2018-12770 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12769
+CVE-2018-12769 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12768
+CVE-2018-12768 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12767
+CVE-2018-12767 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12766
+CVE-2018-12766 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12765
+CVE-2018-12765 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12764
+CVE-2018-12764 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12763
+CVE-2018-12763 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12762
+CVE-2018-12762 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12761
+CVE-2018-12761 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12760
+CVE-2018-12760 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12759
+CVE-2018-12759 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12758
+CVE-2018-12758 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12757
+CVE-2018-12757 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12756
+CVE-2018-12756 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12755
+CVE-2018-12755 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-12754
+CVE-2018-12754 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
 CVE-2018-12753
 	RESERVED
@@ -20932,7 +20932,7 @@ CVE-2018-12741
 	RESERVED
 CVE-2018-12740
 	RESERVED
-CVE-2018-12739
+CVE-2018-12739 (In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a  ...)
 	NOT-FOR-US: BEESCMS
 CVE-2018-12738
 	RESERVED
@@ -20940,7 +20940,7 @@ CVE-2018-12737
 	RESERVED
 CVE-2018-12736
 	RESERVED
-CVE-2018-12735
+CVE-2018-12735 (SAJ Solar Inverter allows remote attackers to obtain potentially sensi ...)
 	NOT-FOR-US: SAJ Solar Inverter
 CVE-2018-12734
 	RESERVED
@@ -20978,23 +20978,23 @@ CVE-2018-12718
 	RESERVED
 CVE-2018-12717
 	RESERVED
-CVE-2018-12716
+CVE-2018-12716 (The API service on Google Home and Chromecast devices before mid-July  ...)
 	NOT-FOR-US: Google services
 CVE-2018-12715
 	RESERVED
-CVE-2018-12714
+CVE-2018-12714 (An issue was discovered in the Linux kernel through 4.17.2. The filter ...)
 	- linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/70303420b5721c38998cf987e6b7d30cc62d4ff1
-CVE-2018-12713
+CVE-2018-12713 (GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary f ...)
 	- gimp <unfixed> (unimportant)
 	NOTE: https://github.com/GNOME/gimp/commit/c21eff4b031acb04fb4dfce8bd5fdfecc2b6524f
 	NOTE: https://gitlab.gnome.org/GNOME/gimp/issues/1689
 	NOTE: No security impact
-CVE-2018-12712
+CVE-2018-12712 (An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. T ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-12711
+CVE-2018-12711 (An XSS issue was discovered in the language switcher module in Joomla! ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-12710
+CVE-2018-12710 (An issue was discovered on D-Link DIR-601 2.02NA devices. Being local  ...)
 	NOT-FOR-US: D-Link DIR-601 2.02NA devices
 CVE-2018-12709
 	RESERVED
@@ -21002,74 +21002,74 @@ CVE-2018-12708
 	RESERVED
 CVE-2018-12707
 	RESERVED
-CVE-2018-12706
+CVE-2018-12706 (DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authoriz ...)
 	NOT-FOR-US: DIGISOL
-CVE-2018-12705
+CVE-2018-12705 (DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated onl ...)
 	NOT-FOR-US: DIGISOL
 CVE-2018-12704
 	RESERVED
-CVE-2018-12703
+CVE-2018-12703 (The approveAndCallcode function of a smart contract implementation for ...)
 	NOT-FOR-US: Block 18
-CVE-2018-12702
+CVE-2018-12702 (The approveAndCallcode function of a smart contract implementation for ...)
 	NOT-FOR-US: Globalvillage ecosystem
 CVE-2018-12701
 	RESERVED
-CVE-2018-12700
+CVE-2018-12700 (A Stack Exhaustion issue was discovered in debug_write_type in debug.c ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23057
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-12699
+CVE-2018-12699 (finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause  ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23057
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-12698
+CVE-2018-12698 (demangle_template in cplus-dem.c in GNU libiberty, as distributed in G ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23057
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-12697
+CVE-2018-12697 (A NULL pointer dereference (aka SEGV on unknown address 0x000000000000 ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23057
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-12696
+CVE-2018-12696 (mao10cms 6 allows XSS via the article page. ...)
 	NOT-FOR-US: mao10cms
-CVE-2018-12695
+CVE-2018-12695 (mao10cms 6 allows XSS via the m=bbs&amp;a=index page. ...)
 	NOT-FOR-US: mao10cms
-CVE-2018-12694
+CVE-2018-12694 (TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-12693
+CVE-2018-12693 (Stack-based buffer overflow in TP-Link TL-WA850RE Wi-Fi Range Extender ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-12692
+CVE-2018-12692 (TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-12691
+CVE-2018-12691 (Time-of-check to time-of-use (TOCTOU) race condition in org.onosprojec ...)
 	NOT-FOR-US: ONOS
 CVE-2018-12690
 	RESERVED
-CVE-2018-12689
+CVE-2018-12689 (phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id param ...)
 	- phpldapadmin <unfixed> (unimportant; bug #902186)
 	NOTE: https://www.exploit-db.com/exploits/44926/
 	NOTE: Non-security issue as demostrated in https://bugs.debian.org/902186
 	NOTE: and disputed as security issue. Should be properly rejected by MITRE.
-CVE-2018-12688
+CVE-2018-12688 (tinyexr 0.9.5 has a segmentation fault in the wav2Decode function. ...)
 	NOT-FOR-US: tinyexr
-CVE-2018-12687
+CVE-2018-12687 (tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h ...)
 	NOT-FOR-US: tinyexr
 CVE-2018-12686
 	RESERVED
 CVE-2018-12685
 	RESERVED
-CVE-2018-12684
+CVE-2018-12684 (Out-of-bounds Read in the send_ssi_file function in civetweb.c in Cive ...)
 	NOT-FOR-US: CivetWeb
 CVE-2018-12683
 	RESERVED
@@ -21081,31 +21081,31 @@ CVE-2018-12680
 	RESERVED
 CVE-2018-12679
 	RESERVED
-CVE-2018-12678
+CVE-2018-12678 (Portainer before 1.18.0 supports unauthenticated requests to the webso ...)
 	NOT-FOR-US: Portainer
 CVE-2018-12677
 	RESERVED
 CVE-2018-12676
 	RESERVED
-CVE-2018-12675
+CVE-2018-12675 (The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4 ...)
 	NOT-FOR-US: SV3C
-CVE-2018-12674
+CVE-2018-12674 (The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4 ...)
 	NOT-FOR-US: SV3C
-CVE-2018-12673
+CVE-2018-12673 (An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4. ...)
 	NOT-FOR-US: SV3C
-CVE-2018-12672
+CVE-2018-12672 (The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B) does not  ...)
 	NOT-FOR-US: SV3C
-CVE-2018-12671
+CVE-2018-12671 (An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4. ...)
 	NOT-FOR-US: SV3C
-CVE-2018-12670
+CVE-2018-12670 (SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103 ...)
 	NOT-FOR-US: SV3C
-CVE-2018-12669
+CVE-2018-12669 (SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103 ...)
 	NOT-FOR-US: SV3C
-CVE-2018-12668
+CVE-2018-12668 (SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103 ...)
 	NOT-FOR-US: SV3C
-CVE-2018-12667
+CVE-2018-12667 (The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4 ...)
 	NOT-FOR-US: SV3C
-CVE-2018-12666
+CVE-2018-12666 (SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices imprope ...)
 	NOT-FOR-US: SV3C
 CVE-2018-12665
 	RESERVED
@@ -21119,29 +21119,29 @@ CVE-2018-12661
 	RESERVED
 CVE-2018-12660
 	RESERVED
-CVE-2018-12659
+CVE-2018-12659 (SLiMS 8 Akasia 8.3.1 allows remote attackers to bypass the CSRF protec ...)
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2018-12658
+CVE-2018-12658 (Reflected Cross-Site Scripting (XSS) exists in the Stock Take module i ...)
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2018-12657
+CVE-2018-12657 (Reflected Cross-Site Scripting (XSS) exists in the Master File module  ...)
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2018-12656
+CVE-2018-12656 (Reflected Cross-Site Scripting (XSS) exists in the Membership module i ...)
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2018-12655
+CVE-2018-12655 (Reflected Cross-Site Scripting (XSS) exists in the Circulation module  ...)
 	NOT-FOR-US: SLiMS 8 Akasia
-CVE-2018-12654
+CVE-2018-12654 (Reflected Cross-Site Scripting (XSS) exists in the Bibliography module ...)
 	NOT-FOR-US: SLiMS 8 Akasia
 CVE-2018-12653
 	RESERVED
 CVE-2018-12652
 	RESERVED
-CVE-2018-12651
+CVE-2018-12651 (A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in ...)
 	NOT-FOR-US: Adrenalin HRMS
-CVE-2018-12650
+CVE-2018-12650 (Adrenalin HRMS version 5.4.0 contains a Reflected Cross Site Scripting ...)
 	NOT-FOR-US: Adrenalin HRMS
-CVE-2018-12649
+CVE-2018-12649 (An issue was discovered in app/Controller/UsersController.php in MISP  ...)
 	NOT-FOR-US: MISP
-CVE-2018-12648
+CVE-2018-12648 (The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Suppo ...)
 	[experimental] - exempi 2.5.0-1
 	- exempi 2.5.0-2 (low; bug #902175)
 	[stretch] - exempi <no-dsa> (Minor issue)
@@ -21159,9 +21159,9 @@ CVE-2018-12644
 	RESERVED
 CVE-2018-12643
 	RESERVED
-CVE-2018-12642
+CVE-2018-12642 (Froxlor through 0.9.39.5 has Incorrect Access Control for tickets not  ...)
 	NOT-FOR-US: Floxlor
-CVE-2018-12641
+CVE-2018-12641 (An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as  ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -21169,47 +21169,47 @@ CVE-2018-12641
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85452
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23058
 	NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9
-CVE-2018-12640
+CVE-2018-12640 (The webService binary on Insteon HD IP Camera White 2864-222 devices h ...)
 	NOT-FOR-US: Insteon
 CVE-2018-12639
 	RESERVED
-CVE-2018-12638
+CVE-2018-12638 (An issue was discovered in the Bose Soundtouch app 18.1.4 for iOS. The ...)
 	TODO: check
-CVE-2018-1000559
+CVE-2018-1000559 (qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970b ...)
 	- qutebrowser 1.3.3-1
 	NOTE: https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7
 	NOTE: https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f
 	NOTE: https://github.com/qutebrowser/qutebrowser/issues/4011
-CVE-2018-1000558
+CVE-2018-1000558 (OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2 ...)
 	- ocsinventory-server 2.4.1+dfsg-1 (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-1000557
+CVE-2018-1000557 (OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross ...)
 	- ocsinventory-server 2.4.1+dfsg-1 (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-1000556
+CVE-2018-1000556 (WordPress version 4.8 + contains a Cross Site Scripting (XSS) vulnerab ...)
 	NOT-FOR-US: WP Statistics plugin
 	NOTE: The CVE description is misleading, this is about a plugin, not Wordpress itself
 CVE-2018-1000555
 	REJECTED
-CVE-2018-1000554
+CVE-2018-1000554 (Trovebox version &lt;= 4.0.0-rc6 contains a Unsafe password reset toke ...)
 	NOT-FOR-US: Trovebox
-CVE-2018-1000553
+CVE-2018-1000553 (Trovebox version &lt;= 4.0.0-rc6 contains a Server-Side request forger ...)
 	NOT-FOR-US: Trovebox
-CVE-2018-1000552
+CVE-2018-1000552 (Trovebox version &lt;= 4.0.0-rc6 contains a SQL Injection vulnerabilit ...)
 	NOT-FOR-US: Trovebox
-CVE-2018-1000551
+CVE-2018-1000551 (Trovebox version &lt;= 4.0.0-rc6 contains a PHP Type juggling vulnerab ...)
 	NOT-FOR-US: Trovebox
-CVE-2018-1000550
+CVE-2018-1000550 (The Sympa Community Sympa version prior to version 6.2.32 contains a D ...)
 	{DSA-4285-1 DLA-1441-1}
 	- sympa 6.2.32~dfsg-1
 	NOTE: https://sympa-community.github.io/security/2018-001.html
-CVE-2018-1000549
+CVE-2018-1000549 (Wekan version 1.04.0 contains a Email / Username Enumeration vulnerabi ...)
 	NOT-FOR-US: Wekan
-CVE-2018-1000548
+CVE-2018-1000548 (Umlet version &lt; 14.3 contains a XML External Entity (XXE) vulnerabi ...)
 	NOT-FOR-US: Umlet
-CVE-2018-1000547
+CVE-2018-1000547 (coreBOS version 7.0 and earlier contains a Incorrect Access Control vu ...)
 	NOT-FOR-US: CoreBOS
-CVE-2018-1000546
+CVE-2018-1000546 (Triplea version &lt;= 1.9.0.0.10291 contains a XML External Entity (XX ...)
 	- triplea <unfixed> (low; bug #902719)
 	[stretch] - triplea <no-dsa> (Minor issue)
 	[jessie] - triplea <no-dsa> (Minor issue)
@@ -21218,7 +21218,7 @@ CVE-2018-1000546
 	NOTE: https://github.com/triplea-game/triplea/pull/4516
 CVE-2018-1000545
 	REJECTED
-CVE-2018-1000544
+CVE-2018-1000544 (rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Tra ...)
 	{DLA-1467-1}
 	- ruby-zip 1.2.2-1 (bug #902720)
 	NOTE: https://github.com/rubyzip/rubyzip/issues/369
@@ -21227,135 +21227,135 @@ CVE-2018-1000544
 	NOTE: https://github.com/rubyzip/rubyzip/commit/8e78311d670ba70476fb46062c988849a82d1e02
 	NOTE: And further followup fixes:
 	NOTE: https://github.com/rubyzip/rubyzip/pull/376
-CVE-2018-1000543
+CVE-2018-1000543 (Akiee version 0.0.3 contains a XSS leading to code execution due to th ...)
 	NOT-FOR-US: Akiee
-CVE-2018-1000542
+CVE-2018-1000542 (netbeans-mmd-plugin version &lt;= 1.4.3 contains a XML External Entity ...)
 	NOT-FOR-US: netbeans-mmd-plugin
 CVE-2018-1000541
 	REJECTED
-CVE-2018-1000540
+CVE-2018-1000540 (LoboEvolution version &lt; 9b75694cedfa4825d4a2330abf2719d470c654cd co ...)
 	NOT-FOR-US: LoboEvolution
-CVE-2018-1000539
+CVE-2018-1000539 (Nov json-jwt version &gt;= 0.5.0 &amp;&amp; &lt; 1.9.4 contains a CWE- ...)
 	{DSA-4283-1}
 	- ruby-json-jwt 1.9.4-1 (bug #902721)
 	NOTE: https://github.com/nov/json-jwt/pull/62
 	NOTE: https://github.com/nov/json-jwt/commit/3393f394f271c87bd42ec23c300727b4437d1638
-CVE-2018-1000538
+CVE-2018-1000538 (Minio Inc. Minio S3 server version prior to RELEASE.2018-05-16T23-35-3 ...)
 	NOT-FOR-US: Minion
-CVE-2018-1000537
+CVE-2018-1000537 (Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Ove ...)
 	NOT-FOR-US: Marlin
-CVE-2018-1000536
+CVE-2018-1000536 (Medis version 0.6.1 and earlier contains a XSS vulnerability evolving  ...)
 	NOT-FOR-US: Media
-CVE-2018-1000535
+CVE-2018-1000535 (lms version &lt;= LMS_011123 contains a Local File Disclosure vulnerab ...)
 	NOT-FOR-US: lms
-CVE-2018-1000534
+CVE-2018-1000534 (Joplin version prior to 1.0.90 contains a XSS evolving into code execu ...)
 	NOT-FOR-US: Joplin
-CVE-2018-1000533
+CVE-2018-1000533 (klaussilveira GitList version &lt;= 0.6 contains a Passing incorrectly ...)
 	NOT-FOR-US: klaussilveira GitList
-CVE-2018-1000532
+CVE-2018-1000532 (beep version 1.3 and up contains a External Control of File Name or Pa ...)
 	- beep 1.4.3-1 (low; bug #902722)
 	[stretch] - beep <no-dsa> (Minor issue)
 	[jessie] - beep <no-dsa> (Minor issue)
 	NOTE: https://github.com/johnath/beep/issues/11#issuecomment-379514298
-CVE-2018-1000531
+CVE-2018-1000531 (inversoft prime-jwt version prior to commit abb0d479389a2509f939452a67 ...)
 	NOT-FOR-US: prime-jwt
 CVE-2018-1000530
 	REJECTED
-CVE-2018-1000529
+CVE-2018-1000529 (Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XS ...)
 	NOT-FOR-US: Grails Fields plugin
-CVE-2018-1000528
+CVE-2018-1000528 (GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb756 ...)
 	{DSA-4239-1 DLA-1436-1}
 	- gosa 2.7.4+reloaded3-5 (low; bug #902723)
 	NOTE: https://github.com/gosa-project/gosa-core/commit/56070d6289d47ba3f5918885954dcceb75606001
 	NOTE: https://github.com/gosa-project/gosa-core/issues/14
-CVE-2018-1000527
+CVE-2018-1000527 (Froxlor version &lt;= 0.9.39.5 contains a PHP Object Injection vulnera ...)
 	NOT-FOR-US: Froxlor
-CVE-2018-1000526
+CVE-2018-1000526 (Openpsa contains a XML Injection vulnerability in RSS file upload feat ...)
 	NOT-FOR-US: openpsa
-CVE-2018-1000525
+CVE-2018-1000525 (openpsa contains a PHP Object Injection vulnerability in Form data pas ...)
 	NOT-FOR-US: openpsa
-CVE-2018-1000524
+CVE-2018-1000524 (miniSphere version 5.2.9 and earlier contains a Integer Overflow vulne ...)
 	NOT-FOR-US: miniSphere
-CVE-2018-1000523
+CVE-2018-1000523 (topydo contains a CWE-20: Improper Input Validation vulnerability in L ...)
 	NOT-FOR-US: topydo
 CVE-2018-1000522
 	REJECTED
-CVE-2018-1000521
+CVE-2018-1000521 (BigTree-CMS contains a Cross Site Scripting (XSS) vulnerability in /us ...)
 	NOT-FOR-US: BigTree-CMS
-CVE-2018-1000520
+CVE-2018-1000520 (ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows In ...)
 	- mbedtls <unfixed> (unimportant)
 	- polarssl <removed> (unimportant)
 	NOTE: https://github.com/ARMmbed/mbedtls/issues/1561
 	NOTE: No security impact
-CVE-2018-1000519
+CVE-2018-1000519 (aio-libs aiohttp-session contains a Session Fixation vulnerability in  ...)
 	NOT-FOR-US: aio-libs aiohttp-session
-CVE-2018-1000518
+CVE-2018-1000518 (aaugustin websockets version 4 contains a CWE-409: Improper Handling o ...)
 	NOT-FOR-US: aaugustin websockets
-CVE-2018-1000517
+CVE-2018-1000517 (BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c ...)
 	{DLA-1445-1}
 	- busybox 1:1.27.2-3 (low; bug #902724)
 	[stretch] - busybox <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e
-CVE-2018-1000516
+CVE-2018-1000516 (The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper N ...)
 	NOT-FOR-US: Galaxy Project Galaxy
-CVE-2018-1000515
+CVE-2018-1000515 (ventrian News-Articles version NewsArticles.00.09.11 contains a XML Ex ...)
 	NOT-FOR-US: News-Articles
-CVE-2018-1000514
+CVE-2018-1000514 (LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request For ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2018-1000513
+CVE-2018-1000513 (LimeSurvey version 3.0.0-beta.3+17110 contains a Cross Site Scripting  ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2018-1000512
+CVE-2018-1000512 (Tooltipy Tooltipy (tooltips for WP) version 5 contains a Cross Site Sc ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-1000511
+CVE-2018-1000511 (WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control vulner ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-1000510
+CVE-2018-1000510 (WP Image Zoom version 1.23 contains a Incorrect Access Control vulnera ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-1000509
+CVE-2018-1000509 (Redirection version 2.7.1 contains a Serialisation vulnerability possi ...)
 	NOT-FOR-US: Redirection
-CVE-2018-1000508
+CVE-2018-1000508 (WP ULike version 2.8.1, 3.1 contains a Cross Site Scripting (XSS) vuln ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-1000507
+CVE-2018-1000507 (WP User Groups version 2.0.0 contains a Cross ite Request Forgery (CSR ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-1000506
+CVE-2018-1000506 (Metronet Tag Manager version 1.2.7 contains a Cross ite Request Forger ...)
 	NOT-FOR-US: Metronet Tag Manager
-CVE-2018-1000505
+CVE-2018-1000505 (Tooltipy (tooltips for WP) version 5 contains a Cross ite Request Forg ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-1000504
+CVE-2018-1000504 (Redirection version 2.7.3 contains a ACE via file inclusion vulnerabil ...)
 	NOT-FOR-US: Redirection
-CVE-2018-1000503
+CVE-2018-1000503 (MyBB Group MyBB contains a Incorrect Access Control vulnerability in P ...)
 	NOT-FOR-US: MyBB Group MyBB
-CVE-2018-1000502
+CVE-2018-1000502 (MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel ...)
 	NOT-FOR-US: MyBB Group MyBB
-CVE-2018-1000501
+CVE-2018-1000501 (Instant Update CMS contains a Password Reset Vulnerability vulnerabili ...)
 	NOT-FOR-US: Instante Update CMS
-CVE-2018-1000500
+CVE-2018-1000500 (Busybox contains a Missing SSL certificate validation vulnerability in ...)
 	- busybox <unfixed> (unimportant)
 	NOTE: Intentional design decision:
 	NOTE: https://git.busybox.net/busybox/tree/networking/wget.c?id=8bc418f07eab79a9c8d26594629799f6157a9466#n74
 	NOTE: https://git.busybox.net/busybox/commit/networking/wget.c?id=0972c7f7a570c38edb68e1c60a45614b7a7c7d55
 	NOTE: Starting with 1:1.27.2-3 in unstable wget emmits a message that certificate
 	NOTE: verification is not implemented.
-CVE-2018-1000404
+CVE-2018-1000404 (Jenkins project Jenkins AWS CodeBuild Plugin version 0.26 and earlier  ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-12637
 	RESERVED
-CVE-2018-12636
+CVE-2018-12636 (The iThemes Security (better-wp-security) plugin before 7.0.3 for Word ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-12635
+CVE-2018-12635 (CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to t ...)
 	NOT-FOR-US: CirCarLife Scada
-CVE-2018-12634
+CVE-2018-12634 (CirCarLife Scada before 4.3 allows remote attackers to obtain sensitiv ...)
 	NOT-FOR-US: CirCarLife Scada
-CVE-2018-12633
+CVE-2018-12633 (An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_d ...)
 	- linux 4.17.3-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/bd23a7269834dc7c1f93e83535d16ebc44b75eba (4.18-rc1)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200131
-CVE-2018-12632
+CVE-2018-12632 (Redatam7 (formerly Redatam WebServer) allows remote attackers to disco ...)
 	NOT-FOR-US: Redatam7
-CVE-2018-12631
+CVE-2018-12631 (Redatam7 (formerly Redatam WebServer) allows remote attackers to read  ...)
 	NOT-FOR-US: Redatam7
-CVE-2018-12630
+CVE-2018-12630 (NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the sect_id  ...)
 	NOT-FOR-US: NEWMARK (aka New Mark) NMCMS 2.1
 CVE-2018-12629
 	RESERVED
@@ -21381,7 +21381,7 @@ CVE-2018-12619
 	RESERVED
 CVE-2018-12618
 	RESERVED
-CVE-2018-12617
+CVE-2018-12617 (qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c i ...)
 	{DLA-1694-1}
 	- qemu 1:3.1+dfsg-1 (low; bug #902725)
 	[stretch] - qemu <postponed> (Minor issue, wait until more severe issues are around)
@@ -21390,33 +21390,33 @@ CVE-2018-12617
 	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=141b197408ab398c4f474ac1a728ab316e921f2b
 CVE-2018-12616
 	RESERVED
-CVE-2018-12615
+CVE-2018-12615 (An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelpe ...)
 	- passenger <not-affected> (Vulnerable code not present)
 	- ruby-passenger <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/phusion/passenger/commit/4e97fdb86d0a0141ec9a052c6e691fcd07bb45c8
 CVE-2018-12614
 	RESERVED
-CVE-2018-12613
+CVE-2018-12613 (An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an  ...)
 	- phpmyadmin <not-affected> (Affects 4.8.x)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-4/
 CVE-2018-12612
 	RESERVED
-CVE-2018-12611
+CVE-2018-12611 (OX App Suite 7.8.4 and earlier allows Directory Traversal. ...)
 	NOT-FOR-US: OX App Suite
-CVE-2018-12610
+CVE-2018-12610 (OX App Suite 7.8.4 and earlier allows Information Exposure. ...)
 	NOT-FOR-US: OX App Suite
-CVE-2018-12609
+CVE-2018-12609 (OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery. ...)
 	NOT-FOR-US: OX App Suite
-CVE-2018-12608
+CVE-2018-12608 (An issue was discovered in Docker Moby before 17.06.0. The Docker engi ...)
 	- docker.io 18.03.1+dfsg1-2
 	NOTE: https://github.com/moby/moby/pull/33182
-CVE-2018-1000403
+CVE-2018-1000403 (Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000402
+CVE-2018-1000402 (Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000401
+CVE-2018-1000401 (Jenkins project Jenkins AWS CodePipeline Plugin version 0.36 and earli ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-12607
+CVE-2018-12607 (An issue was discovered in GitLab Community Edition and Enterprise Edi ...)
 	- gitlab 10.7.7+dfsg-2 (bug #902726)
 	[stretch] - gitlab <not-affected> (Only affects >= 10.5)
 	NOTE: https://about.gitlab.com/2018/06/25/security-release-gitlab-11-dot-0-dot-1-released/
@@ -21427,32 +21427,32 @@ CVE-2018-XXXX [gitlab: Activity feed publicly displaying internal project names]
 CVE-2018-XXXX [gitlab: Content injection via username]
 	- gitlab 10.7.7+dfsg-2 (bug #902726)
 	NOTE: https://about.gitlab.com/2018/06/25/security-release-gitlab-11-dot-0-dot-1-released/
-CVE-2018-12606
+CVE-2018-12606 (An issue was discovered in GitLab Community Edition and Enterprise Edi ...)
 	- gitlab 10.7.7+dfsg-2 (bug #902726)
 	NOTE: https://about.gitlab.com/2018/06/25/security-release-gitlab-11-dot-0-dot-1-released/
-CVE-2018-12605
+CVE-2018-12605 (An issue was discovered in GitLab Community Edition and Enterprise Edi ...)
 	- gitlab 10.7.7+dfsg-2 (bug #902726)
 	[stretch] - gitlab <not-affected> (Only affects 10.7)
 	NOTE: https://about.gitlab.com/2018/06/25/security-release-gitlab-11-dot-0-dot-1-released/
-CVE-2018-12604
+CVE-2018-12604 (GreenCMS 2.3.0603 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: GreenCMS
-CVE-2018-12603
+CVE-2018-12603 (Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS  ...)
 	NOT-FOR-US: LFCMS
-CVE-2018-12602
+CVE-2018-12602 (A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitra ...)
 	NOT-FOR-US: LFCMS
-CVE-2018-12601
+CVE-2018-12601 (There is a heap-based buffer overflow in ReadImage in input-tga.ci in  ...)
 	{DLA-1463-1}
 	- sam2p <removed>
 	NOTE: https://github.com/pts/sam2p/issues/41
 	NOTE: https://github.com/pts/sam2p/commit/8b2b7151991e07ef262857c2325e95c3b2867f80
-CVE-2018-12600
+CVE-2018-12600 (In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/d ...)
 	{DSA-4245-1 DLA-1394-1}
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (bug #902728)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1178
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/921f208c2ea3cc45847f380257f270ff424adfff
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ae71c12bbaa34d942e036824ff389c22b7dacade
-CVE-2018-12599
+CVE-2018-12599 (In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/b ...)
 	{DSA-4245-1 DLA-1394-1}
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (bug #902727)
@@ -21463,67 +21463,67 @@ CVE-2018-12598
 	RESERVED
 CVE-2018-12597
 	RESERVED
-CVE-2018-12596
+CVE-2018-12596 (Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU ...)
 	NOT-FOR-US: Episerver Ektron CMS
 CVE-2018-12595
 	RESERVED
-CVE-2018-12594
+CVE-2018-12594 (Reliable Controls MACH-ProWebCom 7.80 devices allow remote attackers t ...)
 	NOT-FOR-US: Reliable Controls MACH-ProWebCom devices
 CVE-2018-12593
 	RESERVED
-CVE-2018-12592
+CVE-2018-12592 (Polycom RealPresence Web Suite before 2.2.0 does not block a user's vi ...)
 	NOT-FOR-US: Polycom RealPresence Web Suite
-CVE-2018-12591
+CVE-2018-12591 (Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an im ...)
 	NOT-FOR-US: Ubiquiti Networks EdgeSwitch
-CVE-2018-12590
+CVE-2018-12590 (Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an ex ...)
 	NOT-FOR-US: Ubiquiti Networks EdgeSwitch
-CVE-2018-12589
+CVE-2018-12589 (Polaris Office 2017 8.1 allows attackers to execute arbitrary code via ...)
 	NOT-FOR-US: Polaris Office
-CVE-2018-12588
+CVE-2018-12588 (Cross-site scripting (XSS) vulnerability in templates/frontend/pages/s ...)
 	NOT-FOR-US: Public Knowledge Project (PKP) Open Monograph Press (OMP)
-CVE-2018-12587
+CVE-2018-12587 (A cross-site scripting (XSS) vulnerability was found in valeuraddons G ...)
 	NOT-FOR-US: valeuraddons German Spelling Dictionary
 CVE-2018-12586
 	RESERVED
-CVE-2018-12585
+CVE-2018-12585 (An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allo ...)
 	NOT-FOR-US: OPC UA Java and .NET Legacy Stack
-CVE-2018-12584
+CVE-2018-12584 (The ConnectionBase::preparseNewBytes function in resip/stack/Connectio ...)
 	{DLA-1439-1}
 	- resiprocate <removed> (bug #905495)
 	NOTE: http://joachimdezutter.webredirect.org/advisory.html
 	NOTE: https://github.com/resiprocate/resiprocate/commit/2cb291191c93c7c4e371e22cb89805a5b31d6608
-CVE-2018-12583
+CVE-2018-12583 (An issue was discovered in AKCMS 6.1. CSRF can delete an article via a ...)
 	NOT-FOR-US: AKCMS
-CVE-2018-12582
+CVE-2018-12582 (An issue was discovered in AKCMS 6.1. CSRF can add an admin account vi ...)
 	NOT-FOR-US: AKCMS
-CVE-2018-12581
+CVE-2018-12581 (An issue was discovered in js/designer/move.js in phpMyAdmin before 4. ...)
 	- phpmyadmin <unfixed> (low)
 	[stretch] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[jessie] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-3/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e
-CVE-2018-12580
+CVE-2018-12580 (library/DBTech/Security/Action/Sessions.php in DragonByte vBSecurity 3 ...)
 	NOT-FOR-US: DragonByte vBSecurity for vBulletin
-CVE-2018-12579
+CVE-2018-12579 (An issue was discovered in OXID eShop Enterprise Edition before 5.3.8, ...)
 	NOT-FOR-US: OXID eShop
-CVE-2018-12578
+CVE-2018-12578 (There is a heap-based buffer overflow in bmp_compress1_row in appliers ...)
 	{DLA-1463-1}
 	- sam2p <removed>
 	NOTE: https://github.com/pts/sam2p/issues/39
 	NOTE: https://github.com/pts/sam2p/commit/22e7a17e70e5f5eedf466b0b1855c8c954061a51
-CVE-2018-12577
+CVE-2018-12577 (The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-12576
+CVE-2018-12576 (TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.652 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-12575
+CVE-2018-12575 (On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel. ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-12574
+CVE-2018-12574 (CSRF exists for all actions in the web interface on TP-Link TL-WR841N  ...)
 	NOT-FOR-US: TP-Link
 CVE-2018-12573
 	RESERVED
-CVE-2018-12572
+CVE-2018-12572 (Avast Free Antivirus prior to 19.1.2360 stores user credentials in mem ...)
 	TODO: check
-CVE-2018-12571
+CVE-2018-12571 (uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-12570
 	RESERVED
@@ -21535,24 +21535,24 @@ CVE-2018-12567
 	RESERVED
 CVE-2018-12566
 	RESERVED
-CVE-2018-12565
+CVE-2018-12565 (An issue was discovered in Linaro LAVA before 2018.5.post1. Because of ...)
 	{DSA-4234-1}
 	- lava 2018.5.post1-1
 	- lava-server <removed>
 	[jessie] - lava-server <not-affected> (vulnerable code not present)
 	NOTE: https://git.linaro.org/lava/lava.git/commit/?id=583666c84ea2f12797a3eb71392bcb05782f5b14
-CVE-2018-12564
+CVE-2018-12564 (An issue was discovered in Linaro LAVA before 2018.5.post1. Because of ...)
 	{DSA-4234-1 DLA-1404-1}
 	- lava 2018.5.post1-1
 	- lava-server <removed>
 	NOTE: https://git.linaro.org/lava/lava.git/commit/?id=95a9a77b144ced24d7425d6544ab03ca7f6c75d3
-CVE-2018-12563
+CVE-2018-12563 (An issue was discovered in Linaro LAVA before 2018.5.post1. Because of ...)
 	- lava 2018.5.post1-1
 	- lava-server <removed>
 	[stretch] - lava-server <not-affected> (Vulnerable code introduced in 2017.6)
 	[jessie] - lava-server <not-affected> (vulnerable code not present)
 	NOTE: https://git.linaro.org/lava/lava.git/commit/?id=e24ec39599bc07562ad8bc2a581144b8448cb214
-CVE-2018-12562
+CVE-2018-12562 (An issue was discovered in the cantata-mounter D-Bus service in Cantat ...)
 	- cantata 2.3.0.ds1-2 (bug #901798; unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/18/1
 	NOTE: The daemon code is part of cantata since version 2.0.0 and it is built
@@ -21560,7 +21560,7 @@ CVE-2018-12562
 	NOTE: if `-DENABLE_REMOTE_DEVICES=ON` was passed to the cmake invocation.
 	NOTE: 2.3.0.ds1-2 disables the cantata-mounter.
 	NOTE: https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3
-CVE-2018-12561
+CVE-2018-12561 (An issue was discovered in the cantata-mounter D-Bus service in Cantat ...)
 	- cantata 2.3.0.ds1-2 (bug #901798; unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/18/1
 	NOTE: The daemon code is part of cantata since version 2.0.0 and it is built
@@ -21568,14 +21568,14 @@ CVE-2018-12561
 	NOTE: if `-DENABLE_REMOTE_DEVICES=ON` was passed to the cmake invocation.
 	NOTE: 2.3.0.ds1-2 disables the cantata-mounter.
 	NOTE: https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3
-CVE-2018-12560
+CVE-2018-12560 (An issue was discovered in the cantata-mounter D-Bus service in Cantat ...)
 	- cantata 2.3.0.ds1-2 (bug #901798; unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/18/1
 	NOTE: The daemon code is part of cantata since version 2.0.0 and it is built
 	NOTE: by default in versions 2.3.0 and 2.3.1. Before 2.3.0 it was only built
 	NOTE: if `-DENABLE_REMOTE_DEVICES=ON` was passed to the cmake invocation.
 	NOTE: 2.3.0.ds1-2 disables the cantata-mounter.
-CVE-2018-12559
+CVE-2018-12559 (An issue was discovered in the cantata-mounter D-Bus service in Cantat ...)
 	- cantata 2.3.0.ds1-2 (bug #901798; unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/18/1
 	NOTE: The daemon code is part of cantata since version 2.0.0 and it is built
@@ -21583,13 +21583,13 @@ CVE-2018-12559
 	NOTE: if `-DENABLE_REMOTE_DEVICES=ON` was passed to the cmake invocation.
 	NOTE: 2.3.0.ds1-2 disables the cantata-mounter.
 	NOTE: https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3
-CVE-2018-12558
+CVE-2018-12558 (The parse() method in the Email::Address module through 1.909 for Perl ...)
 	- libemail-address-perl 1.912-1 (unimportant; bug #901873)
 	[stretch] - libemail-address-perl 1.908-1+deb9u1
 	NOTE: Possibility of DoS vs. usability issue for Email::Address
 	NOTE: https://github.com/Perl-Email-Project/Email-Address/issues/19
 	NOTE: Mitigation: https://github.com/Perl-Email-Project/Email-Address/commit/aeaf0d7f1b0897b54cb246b8ac15d3ef177e5cae
-CVE-2018-12557
+CVE-2018-12557 (An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offl ...)
 	- zuul <itp> (bug #705844)
 CVE-2018-12556
 	RESERVED
@@ -21615,11 +21615,11 @@ CVE-2018-12550
 	[jessie] - mosquitto <postponed> (Minor issue)
 	NOTE: https://mosquitto.org/blog/2019/02/version-1-5-6-released/
 	NOTE: https://mosquitto.org/files/cve/2018-12550
-CVE-2018-12549
+CVE-2018-12549 (In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrec ...)
 	NOT-FOR-US: OpenJDK + Eclipse OpenJ9
-CVE-2018-12548
+CVE-2018-12548 (In OpenJDK + Eclipse OpenJ9 version 0.11.0 builds, the public jdk.cryp ...)
 	NOT-FOR-US: OpenJDK + Eclipse OpenJ9
-CVE-2018-12547
+CVE-2018-12547 (In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and ...)
 	NOT-FOR-US: OpenJDK + Eclipse OpenJ9
 CVE-2018-12546
 	RESERVED
@@ -21630,28 +21630,28 @@ CVE-2018-12546
 	NOTE: https://mosquitto.org/files/cve/2018-12546
 CVE-2018-12545
 	RESERVED
-CVE-2018-12544
+CVE-2018-12544 (In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML  ...)
 	NOT-FOR-US: Eclipse Vert.x
-CVE-2018-12543
+CVE-2018-12543 (In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a message is  ...)
 	- mosquitto <not-affected> (Vulnerable code introduced in 1.5)
 	NOTE: http://mosquitto.org/blog/2018/09/security-advisory-cve-2018-12543/
 	NOTE: https://mosquitto.org/files/cve/2018-12543/
-CVE-2018-12542
+CVE-2018-12542 (In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler us ...)
 	NOT-FOR-US: Eclipse Vert.x
-CVE-2018-12541
+CVE-2018-12541 (In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP u ...)
 	NOT-FOR-US: Eclipse Vert.x
-CVE-2018-12540
+CVE-2018-12540 (In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do n ...)
 	NOT-FOR-US: Eclipse Vertx
-CVE-2018-12539
+CVE-2018-12539 (In Eclipse OpenJ9 version 0.8, users other than the process owner may  ...)
 	NOT-FOR-US: Eclipse OpenJ9
-CVE-2018-12538
+CVE-2018-12538 (In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional ...)
 	- jetty9 <not-affected> (Only affects 9.4.x)
 	- jetty8 <not-affected> (Only affects 9.4.x)
 	- jetty <not-affected> (Only affects 9.4.x)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=536018
-CVE-2018-12537
+CVE-2018-12537 (In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response header ...)
 	NOT-FOR-US: Eclipse Vertx
-CVE-2018-12536
+CVE-2018-12536 (In Eclipse Jetty Server, all 9.x versions, on webapps deployed using d ...)
 	- jetty9 9.2.25-1 (low; bug #902774)
 	[stretch] - jetty9 <ignored> (Harmless information leak)
 	- jetty8 <removed>
@@ -21661,42 +21661,42 @@ CVE-2018-12536
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=535670
 CVE-2018-12535
 	RESERVED
-CVE-2018-12534
+CVE-2018-12534 (A SQL injection issue was discovered in the Quick Chat plugin before 4 ...)
 	NOT-FOR-US: Quick Chat plugin for WordPress
-CVE-2018-12533
+CVE-2018-12533 (JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote atta ...)
 	NOT-FOR-US: RichFaces
-CVE-2018-12532
+CVE-2018-12532 (JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote att ...)
 	NOT-FOR-US: RichFaces
-CVE-2018-12531
+CVE-2018-12531 (An issue was discovered in MetInfo 6.0.0. install\index.php allows rem ...)
 	NOT-FOR-US: MetInfo
-CVE-2018-12530
+CVE-2018-12530 (An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php al ...)
 	NOT-FOR-US: MetInfo
-CVE-2018-12529
+CVE-2018-12529 (An issue was discovered on Intex N150 devices. The router firmware suf ...)
 	NOT-FOR-US: Intex
-CVE-2018-12528
+CVE-2018-12528 (An issue was discovered on Intex N150 devices. The backup/restore opti ...)
 	NOT-FOR-US: Intex
 CVE-2018-12527
 	RESERVED
-CVE-2018-12526
+CVE-2018-12526 (Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a defaul ...)
 	NOT-FOR-US: Telesquare
-CVE-2018-12525
+CVE-2018-12525 (An issue was discovered in perfSONAR Monitoring and Debugging Dashboar ...)
 	NOT-FOR-US: perfSONAR Monitoring and Debugging Dashboard (MaDDash)
-CVE-2018-12524
+CVE-2018-12524 (An issue was discovered in perfSONAR Monitoring and Debugging Dashboar ...)
 	NOT-FOR-US: perfSONAR Monitoring and Debugging Dashboard (MaDDash)
-CVE-2018-12523
+CVE-2018-12523 (An issue was discovered in perfSONAR Monitoring and Debugging Dashboar ...)
 	NOT-FOR-US: perfSONAR Monitoring and Debugging Dashboard (MaDDash)
-CVE-2018-12522
+CVE-2018-12522 (An issue was discovered in perfSONAR Monitoring and Debugging Dashboar ...)
 	NOT-FOR-US: perfSONAR Monitoring and Debugging Dashboard (MaDDash)
 CVE-2018-12521
 	RESERVED
-CVE-2018-12520
+CVE-2018-12520 (An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG invo ...)
 	- ntopng 3.8+dfsg1-1 (bug #903154)
 	[stretch] - ntopng <no-dsa> (Minor issue)
 	[jessie] - ntopng <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jul/14
 	NOTE: https://gist.github.com/Psychotropos/3e8c047cada9b1fb716e6a014a428b7f
 	NOTE: https://github.com/ntop/ntopng/commit/30610bda60cbfc058f90a1c0a17d0e8f4516221a
-CVE-2018-12519
+CVE-2018-12519 (An issue was discovered in ShopNx through 2017-11-17. The vulnerabilit ...)
 	NOT-FOR-US: ShopNx
 CVE-2018-12518
 	RESERVED
@@ -21712,7 +21712,7 @@ CVE-2018-12513
 	RESERVED
 CVE-2018-12512
 	RESERVED
-CVE-2018-12511
+CVE-2018-12511 (In the mintToken function of a smart contract implementation for Subst ...)
 	NOT-FOR-US: Substratum
 CVE-2018-12510
 	RESERVED
@@ -21726,36 +21726,36 @@ CVE-2018-12506
 	RESERVED
 CVE-2018-12505
 	RESERVED
-CVE-2018-12504
+CVE-2018-12504 (tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tiny ...)
 	NOT-FOR-US: tinyexr
-CVE-2018-12503
+CVE-2018-12503 (tinyexr 0.9.5 has a heap-based buffer over-read in LoadEXRImageFromMem ...)
 	NOT-FOR-US: tinyexr
 CVE-2018-12502
 	RESERVED
-CVE-2018-12501
+CVE-2018-12501 (Nagios Fusion before 4.1.4 has XSS, aka TPS#13332-13335. ...)
 	NOT-FOR-US: Nagios Fusion
 CVE-2018-12500
 	RESERVED
-CVE-2018-12499
+CVE-2018-12499 (The Motorola MBP853 firmware does not correctly validate server certif ...)
 	NOT-FOR-US: Motoral
-CVE-2018-12498
+CVE-2018-12498 (spider.admincp.php in iCMS v7.0.8 has SQL Injection via the id paramet ...)
 	NOT-FOR-US: iCMS
 CVE-2018-12497
 	RESERVED
 CVE-2018-12496
 	RESERVED
-CVE-2018-12495
+CVE-2018-12495 (The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2 ...)
 	{DSA-4293-1 DLA-1499-1}
 	- discount 2.2.4-1 (bug #901912)
 	NOTE: https://github.com/Orc/discount/issues/189#issuecomment-397541501
 	NOTE: Fixed by https://github.com/Orc/discount/commit/b002a5a4db31e42dfb45451c059bc56941c17974
-CVE-2018-12494
+CVE-2018-12494 (An issue was discovered in PublicCMS V4.0.20180210. There is a "Direct ...)
 	NOT-FOR-US: PublicCMS
-CVE-2018-12493
+CVE-2018-12493 (An issue was discovered in PublicCMS V4.0.20180210. There is a "Direct ...)
 	NOT-FOR-US: PublicCMS
-CVE-2018-12492
+CVE-2018-12492 (PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delf ...)
 	NOT-FOR-US: PHPOK
-CVE-2018-12491
+CVE-2018-12491 (PHPOK 4.9.032 has an arbitrary file upload vulnerability in the import ...)
 	NOT-FOR-US: PHPOK
 CVE-2018-12490
 	RESERVED
@@ -21771,25 +21771,25 @@ CVE-2018-12485
 	RESERVED
 CVE-2018-12484
 	RESERVED
-CVE-2018-12483
+CVE-2018-12483 (OCS Inventory 2.4.1 is prone to a remote command-execution vulnerabili ...)
 	- ocsinventory-server 2.5+dfsg-1 (unimportant; bug #905396)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-12482
+CVE-2018-12482 (OCS Inventory 2.4.1 contains multiple SQL injections in the search eng ...)
 	- ocsinventory-server 2.5+dfsg-1 (unimportant; bug #905396)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
-CVE-2018-12481
+CVE-2018-12481 (The Olive Tree Ftp Server application 1.32 for Android has a "Sensitiv ...)
 	NOT-FOR-US: Olive Tree Ftp Server application for Android
-CVE-2018-12480
+CVE-2018-12480 (Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 S ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2018-12479
+CVE-2018-12479 (A Improper Input Validation vulnerability in Open Build Service allows ...)
 	- open-build-service 2.9.4-1 (bug #911797)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108435
 	NOTE: https://github.com/openSUSE/open-build-service/pull/5880
 	NOTE: https://github.com/openSUSE/open-build-service/commit/01b015ca2a320afc4fae823465d1e72da8bd60df
-CVE-2018-12478
+CVE-2018-12478 (A Improper Input Validation vulnerability in Open Build Service allows ...)
 	NOT-FOR-US: obs-service replace_using_package_version
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108280
-CVE-2018-12477
+CVE-2018-12477 (A Improper Neutralization of CRLF Sequences vulnerability in Open Buil ...)
 	NOT-FOR-US: obs-service refresh_patches
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108189
 	NOTE: https://github.com/openSUSE/obs-service-refresh_patches/commit/d6244245dda5367767efc989446fe4b5e4609cce
@@ -21797,66 +21797,66 @@ CVE-2018-12476
 	RESERVED
 CVE-2018-12475
 	RESERVED
-CVE-2018-12474
+CVE-2018-12474 (Improper input validation in obs-service-tar_scm of Open Build Service ...)
 	NOT-FOR-US: obs-service-tar_scm of Open Build Service
-CVE-2018-12473
+CVE-2018-12473 (A path traversal traversal vulnerability in obs-service-tar_scm of Ope ...)
 	NOT-FOR-US: obs-service-tar_scm of Open Build Service
-CVE-2018-12472
+CVE-2018-12472 (A improper authentication using the HOST header in SUSE Linux SMT allo ...)
 	NOT-FOR-US: SUSE Linux SMT
-CVE-2018-12471
+CVE-2018-12471 (A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT al ...)
 	NOT-FOR-US: SUSE Linux SMT
-CVE-2018-12470
+CVE-2018-12470 (A SQL Injection in the RegistrationSharing module of SUSE Linux SMT al ...)
 	NOT-FOR-US: SUSE Linux SMT
-CVE-2018-12469
+CVE-2018-12469 (Incorrect handling of an invalid value for an HTTP request parameter b ...)
 	NOT-FOR-US: Micro Focus
-CVE-2018-12468
+CVE-2018-12468 (A vulnerability in the administration console of Micro Focus GroupWise ...)
 	NOT-FOR-US: Micro Focus
-CVE-2018-12467
+CVE-2018-12467 (Authorized users of the openbuildservice before 2.9.4 could delete pac ...)
 	- open-build-service 2.9.4-1 (bug #911797)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1100217
 	NOTE: Fixed by: https://github.com/openSUSE/open-build-service/commit/f57b660f49f830006766a8d4abc3b4af6e178063
 	NOTE: Introduced by: https://github.com/openSUSE/open-build-service/commit/990ef7cccef6f38fc1d1a1bb22a08e174dcba43b
 	TODO: check if introducing commit is right and fix status
-CVE-2018-12466
+CVE-2018-12466 (openSUSE openbuildservice before 9.2.4 allowed authenticated users to  ...)
 	- open-build-service <unfixed> (bug #911797)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1098934
 	NOTE: Fixed by: https://github.com/openSUSE/open-build-service/commit/f57b660f49f830006766a8d4abc3b4af6e178063
 	NOTE: Introduced by: https://github.com/openSUSE/open-build-service/commit/990ef7cccef6f38fc1d1a1bb22a08e174dcba43b
 	TODO: check if introducing commit is right and fix status
-CVE-2018-12465
+CVE-2018-12465 (An OS command injection vulnerability in the web administration compon ...)
 	NOT-FOR-US: Micro Focus
-CVE-2018-12464
+CVE-2018-12464 (A SQL injection vulnerability in the web administration and quarantine ...)
 	NOT-FOR-US: Micro Focus
-CVE-2018-12463
+CVE-2018-12463 (An XML external entity (XXE) vulnerability in Fortify Software Securit ...)
 	NOT-FOR-US: Fortify
-CVE-2018-12462
+CVE-2018-12462 (NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities. ...)
 	NOT-FOR-US: NetIQ iManager
-CVE-2018-12461
+CVE-2018-12461 (Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certif ...)
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2018-12460
+CVE-2018-12460 (libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the ...)
 	[experimental] - ffmpeg 7:4.0.1-1 (low)
 	- ffmpeg <not-affected> (Introduced after 3.4)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/b3332a182f8ba33a34542e4a0370f38b914ccf7d
-CVE-2018-12459
+CVE-2018-12459 (An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_h ...)
 	[experimental] - ffmpeg 7:4.0.1-1 (low)
 	- ffmpeg 7:4.0.1-2 (low)
 	[stretch] - ffmpeg <not-affected> (Studio profile not yet supported)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/2fc108f60f98cd00813418a8754a46476b404a3c
-CVE-2018-12458
+CVE-2018-12458 (An improper integer type in the mpeg4_encode_gop_header function in li ...)
 	{DSA-4249-1}
 	[experimental] - ffmpeg 7:4.0.1-1 (low)
 	- ffmpeg 7:3.4.3-1 (low)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/e1182fac1afba92a4975917823a5f644bee7e6e8
 	NOTE: Fixed in 3.2.11
-CVE-2018-12457
+CVE-2018-12457 (expressCart before 1.1.6 allows remote attackers to create an admin us ...)
 	NOT-FOR-US: expressCart
-CVE-2018-12456
+CVE-2018-12456 (Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token  ...)
 	NOT-FOR-US: Intelbras NPLUG 1.0.0.14 wireless repeater devices
-CVE-2018-12455
+CVE-2018-12455 (Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vul ...)
 	NOT-FOR-US: Intelbras NPLUG 1.0.0.14 wireless repeater devices
-CVE-2018-12454
+CVE-2018-12454 (The _addguess function of a simplelottery smart contract implementatio ...)
 	NOT-FOR-US: simplelottery
-CVE-2018-12453
+CVE-2018-12453 (Type confusion in the xgroupCommand function in t_stream.c in redis-se ...)
 	- redis <not-affected> (Vulnerable code introduced in 5.0-rc1)
 	NOTE: https://gist.github.com/fakhrizulkifli/34a56d575030682f6c564553c53b82b5
 	NOTE: https://github.com/antirez/redis/commit/c04082cf138f1f51cedf05ee9ad36fb6763cafc6
@@ -21866,15 +21866,15 @@ CVE-2018-12451
 	RESERVED
 CVE-2018-12450
 	RESERVED
-CVE-2018-12449
+CVE-2018-12449 (The Whale browser installer 0.4.3.0 and earlier versions allows DLL hi ...)
 	NOT-FOR-US: Whale browser installer
-CVE-2018-12448
+CVE-2018-12448 (Whale Browser before 1.3.48.4 displays no URL information but only a t ...)
 	NOT-FOR-US: Whale Browser
-CVE-2018-12447
+CVE-2018-12447 (The restore_tqb_pixels function in hevc_filter.c in libavcodec, as use ...)
 	NOT-FOR-US: libbpg
-CVE-2018-12446
+CVE-2018-12446 (** DISPUTED ** An issue was discovered in the com.dropbox.android appl ...)
 	NOT-FOR-US: com.dropbox.android application for Android
-CVE-2018-12445
+CVE-2018-12445 (** DISPUTED ** An issue was discovered in the com.dropbox.android appl ...)
 	NOT-FOR-US: com.dropbox.android application for Android
 CVE-2018-12444
 	RESERVED
@@ -21882,93 +21882,93 @@ CVE-2018-12443
 	RESERVED
 CVE-2018-12442
 	RESERVED
-CVE-2018-12441
+CVE-2018-12441 (The CorsairService Service in Corsair Utility Engine is installed with ...)
 	NOT-FOR-US: Corsair
-CVE-2018-12440
+CVE-2018-12440 (BoringSSL through 2018-06-14 allows a memory-cache side-channel attack ...)
 	- boringssl <itp> (bug #823933)
-CVE-2018-12439
+CVE-2018-12439 (MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack ...)
 	- matrixssl <removed>
-CVE-2018-12438
+CVE-2018-12438 (The Elliptic Curve Cryptography library (aka sunec or libsunec) allows ...)
 	- openjdk-7 <not-affected> (Didn't include/build sunec, see #750400)
 	- openjdk-8 <undetermined>
 	- openjdk-11 <undetermined>
-CVE-2018-12437
+CVE-2018-12437 (LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack o ...)
 	- libtomcrypt 1.18.2-1 (low; bug #901626)
 	[stretch] - libtomcrypt <no-dsa> (Minor issue)
 	[jessie] - libtomcrypt <no-dsa> (Minor issue)
 	NOTE: https://github.com/libtom/libtomcrypt/issues/407
 	NOTE: https://github.com/libtom/libtomcrypt/pull/408
-CVE-2018-12436
+CVE-2018-12436 (wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cac ...)
 	- wolfssl 3.15.3+dfsg-1 (bug #901627)
 	NOTE: https://github.com/wolfSSL/wolfssl/commit/9b9568d500f31f964af26ba8d01e542e1f27e5ca
 	NOTE: https://www.wolfssl.com/wolfssh-and-rohnp/
-CVE-2018-12435
+CVE-2018-12435 (Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-chan ...)
 	- botan 2.6.0-3 (bug #901619)
 	- botan1.10 <not-affected> (Issue introduced in 2.5.0)
 	NOTE: https://github.com/randombit/botan/pull/1604
 	NOTE: https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3
-CVE-2018-12434
+CVE-2018-12434 (LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache sid ...)
 	- libressl <itp> (bug #754513)
-CVE-2018-12433
+CVE-2018-12433 (** DISPUTED ** cryptlib through 3.4.4 allows a memory-cache side-chann ...)
 	NOT-FOR-US: cryptlib
-CVE-2018-12432
+CVE-2018-12432 (JavaMelody through 1.60.0 has XSS via the counter parameter in a clear ...)
 	NOT-FOR-US: JavaMelody
-CVE-2018-12431
+CVE-2018-12431 (SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_con ...)
 	NOT-FOR-US: SeaCMS
 CVE-2018-12430
 	REJECTED
-CVE-2018-12429
+CVE-2018-12429 (JEESNS through 1.2.1 allows XSS attacks by ordinary users who publish  ...)
 	NOT-FOR-US: JEESNS
 CVE-2018-12428
 	RESERVED
 CVE-2018-12427
 	RESERVED
-CVE-2018-12426
+CVE-2018-12426 (The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vul ...)
 	NOT-FOR-US: WP Live Chat Support Pro plugin for WordPress
 CVE-2018-12425
 	RESERVED
 CVE-2018-12424
 	RESERVED
-CVE-2018-12422
+CVE-2018-12422 (** DISPUTED ** addressbook/backends/ldap/e-book-backend-ldap.c in Evol ...)
 	- evolution-data-server 3.28.5-1 (unimportant; bug #901665)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=796174
 	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/34bad6173
 	NOTE: non-issue, to be rejected
-CVE-2018-12421
+CVE-2018-12421 (LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a chan ...)
 	NOT-FOR-US: LTB Self Service Password
-CVE-2018-12420
+CVE-2018-12420 (IceHrm before 23.0.1.OS has a risky usage of a hashed password in a re ...)
 	NOT-FOR-US: IceHrm
 CVE-2018-12419
 	RESERVED
-CVE-2018-12418
+CVE-2018-12418 (Archive.java in Junrar before 1.0.1, as used in Apache Tika and other  ...)
 	NOT-FOR-US: Junrar
 CVE-2018-12417
 	RESERVED
-CVE-2018-12416
+CVE-2018-12416 (The GridServer Broker and GridServer Director components of TIBCO Soft ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-12415
+CVE-2018-12415 (The Central Administration server (emsca) component of TIBCO Software  ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-12414
+CVE-2018-12414 (The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-12413
+CVE-2018-12413 (The Schema repository server (tibschemad) component of TIBCO Software  ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-12412
+CVE-2018-12412 (The realm server (tibrealmserver) component of TIBCO Software Inc. TIB ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-12411
+CVE-2018-12411 (The administrative daemon (tibdgadmind) of TIBCO Software Inc.'s TIBCO ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-12410
+CVE-2018-12410 (The web server component of TIBCO Software Inc's Spotfire Statistics S ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-12409
+CVE-2018-12409 (The SOAP Admin API component of TIBCO Software Inc.'s TIBCO Silver Fab ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-12408
+CVE-2018-12408 (The BusinessWorks engine component of TIBCO Software Inc.'s TIBCO Acti ...)
 	NOT-FOR-US: TIBCO
-CVE-2018-12407
+CVE-2018-12407 (A buffer overflow occurs when drawing and validating elements with the ...)
 	- firefox 64.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12407
-CVE-2018-12406
+CVE-2018-12406 (Mozilla developers and community members reported memory safety bugs p ...)
 	- firefox 64.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-12406
-CVE-2018-12405
+CVE-2018-12405 (Mozilla developers and community members reported memory safety bugs p ...)
 	{DSA-4362-1 DSA-4354-1 DLA-1624-1 DLA-1605-1}
 	- firefox 64.0-1
 	- firefox-esr 60.4.0esr-1
@@ -21984,37 +21984,37 @@ CVE-2018-12404 [Cache side-channel variant of the Bleichenbacher attack]
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1485864 (not public)
 	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.36.6_release_notes
 	NOTE: Fixed in 3.36.6, 3.40.1
-CVE-2018-12403
+CVE-2018-12403 (If a site is loaded over a HTTPS connection but loads a favicon resour ...)
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12403
-CVE-2018-12402
+CVE-2018-12402 (The internal WebBrowserPersist code does not use correct origin contex ...)
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12402
-CVE-2018-12401
+CVE-2018-12401 (Some special resource URIs will cause a non-exploitable crash if loade ...)
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12401
-CVE-2018-12400
+CVE-2018-12400 (In private browsing mode on Firefox for Android, favicons are cached i ...)
 	- firefox <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12400
-CVE-2018-12399
+CVE-2018-12399 (When a new protocol handler is registered, the API accepts a title arg ...)
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12399
-CVE-2018-12398
+CVE-2018-12398 (By using the reflected URL in some special resource URIs, such as chro ...)
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12398
-CVE-2018-12397
+CVE-2018-12397 (A WebExtension can request access to local files without the warning p ...)
 	{DSA-4324-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12397
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12397
-CVE-2018-12396
+CVE-2018-12396 (A vulnerability where a WebExtension can run content scripts in disall ...)
 	{DSA-4324-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12396
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12396
-CVE-2018-12395
+CVE-2018-12395 (By rewriting the Host: request headers using the webRequest API, a Web ...)
 	{DSA-4324-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- firefox 63.0-1
@@ -22022,7 +22022,7 @@ CVE-2018-12395
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12395
 CVE-2018-12394
 	RESERVED
-CVE-2018-12393
+CVE-2018-12393 (A potential vulnerability was found in 32-bit builds where an integer  ...)
 	{DSA-4337-1 DSA-4324-1 DLA-1575-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- firefox 63.0-1
@@ -22030,7 +22030,7 @@ CVE-2018-12393
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12393
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12393
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12393
-CVE-2018-12392
+CVE-2018-12392 (When manipulating user events in nested loops while opening a document ...)
 	{DSA-4337-1 DSA-4324-1 DLA-1575-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- firefox 63.0-1
@@ -22038,14 +22038,14 @@ CVE-2018-12392
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12392
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12392
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12392
-CVE-2018-12391
+CVE-2018-12391 (During HTTP Live Stream playback on Firefox for Android, audio data ca ...)
 	- firefox-esr <not-affected> (Android-specific)
 	- firefox <not-affected> (Android-specific)
 	- thunderbird <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12391
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12391
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12391
-CVE-2018-12390
+CVE-2018-12390 (Mozilla developers and community members reported memory safety bugs p ...)
 	{DSA-4337-1 DSA-4324-1 DLA-1575-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- firefox 63.0-1
@@ -22053,26 +22053,26 @@ CVE-2018-12390
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12390
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12390
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12390
-CVE-2018-12389
+CVE-2018-12389 (Mozilla developers and community members reported memory safety bugs p ...)
 	{DSA-4337-1 DSA-4324-1 DLA-1575-1 DLA-1571-1}
 	- firefox-esr 60.3.0esr-1
 	- thunderbird 1:60.3.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/#CVE-2018-12389
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12389
-CVE-2018-12388
+CVE-2018-12388 (Mozilla developers and community members reported memory safety bugs p ...)
 	- firefox 63.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12388
-CVE-2018-12387
+CVE-2018-12387 (A vulnerability where the JavaScript JIT compiler inlines Array.protot ...)
 	{DSA-4310-1}
 	- firefox 62.0.3-1
 	- firefox-esr 60.2.2esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/#CVE-2018-12387
-CVE-2018-12386
+CVE-2018-12386 (A vulnerability in register allocation in JavaScript can lead to type  ...)
 	{DSA-4310-1}
 	- firefox 62.0.3-1
 	- firefox-esr 60.2.2esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/#CVE-2018-12386
-CVE-2018-12385
+CVE-2018-12385 (A potentially exploitable crash in TransportSecurityInfo used for SSL  ...)
 	{DSA-4327-1 DSA-4304-1 DLA-1575-1}
 	- firefox 62.0.2-1
 	- firefox-esr 60.2.1esr-1
@@ -22089,7 +22089,7 @@ CVE-2018-12384 [ServerHello.random is all zero when handling a v2-compatible Cli
 	NOTE: https://hg.mozilla.org/projects/nss/rev/46f9a1f40c3d (NSS_3_36_BRANCH)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1483128
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1622089
-CVE-2018-12383
+CVE-2018-12383 (If a user saved passwords before Firefox 58 and then later set a maste ...)
 	{DSA-4327-1 DSA-4304-1 DLA-1575-1}
 	- firefox 62.0-1
 	- firefox-esr 60.2.1esr-1
@@ -22097,17 +22097,17 @@ CVE-2018-12383
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12383
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-23/#CVE-2018-12383
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12383
-CVE-2018-12382
+CVE-2018-12382 (The displayed addressbar URL can be spoofed on Firefox for Android usi ...)
 	- firefox <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12382
-CVE-2018-12381
+CVE-2018-12381 (Manually dragging and dropping an Outlook email message into the brows ...)
 	- firefox <not-affected> (Windows-specific)
 	- firefox-esr <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12381
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12381
 CVE-2018-12380
 	RESERVED
-CVE-2018-12379
+CVE-2018-12379 (When the Mozilla Updater opens a MAR format file which contains a very ...)
 	{DSA-4327-1 DLA-1575-1}
 	- firefox 62.0-1 (unimportant)
 	- firefox-esr 60.2.0esr-1 (unimportant)
@@ -22116,7 +22116,7 @@ CVE-2018-12379
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12379
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12379
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12379
-CVE-2018-12378
+CVE-2018-12378 (A use-after-free vulnerability can occur when an IndexedDB index is de ...)
 	{DSA-4327-1 DSA-4287-1 DLA-1575-1}
 	- firefox 62.0-1
 	- firefox-esr 60.2.0esr-1
@@ -22124,7 +22124,7 @@ CVE-2018-12378
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12378
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12378
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12378
-CVE-2018-12377
+CVE-2018-12377 (A use-after-free vulnerability can occur when refresh driver timers ar ...)
 	{DSA-4327-1 DSA-4287-1 DLA-1575-1}
 	- firefox 62.0-1
 	- firefox-esr 60.2.0esr-1
@@ -22132,7 +22132,7 @@ CVE-2018-12377
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12377
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12377
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12377
-CVE-2018-12376
+CVE-2018-12376 (Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of ...)
 	{DSA-4327-1 DSA-4287-1 DLA-1575-1}
 	- firefox 62.0-1
 	- firefox-esr 60.2.0esr-1
@@ -22140,18 +22140,18 @@ CVE-2018-12376
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12376
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12376
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12376
-CVE-2018-12375
+CVE-2018-12375 (Memory safety bugs present in Firefox 61. Some of these bugs showed ev ...)
 	- firefox 62.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12375
-CVE-2018-12374
+CVE-2018-12374 (Plaintext of decrypted emails can leak through by user submitting an e ...)
 	{DSA-4244-1 DLA-1425-1}
 	- thunderbird 1:52.9.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12374
-CVE-2018-12373
+CVE-2018-12373 (dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can  ...)
 	{DSA-4244-1 DLA-1425-1}
 	- thunderbird 1:52.9.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12373
-CVE-2018-12372
+CVE-2018-12372 (Decrypted S/MIME parts, when included in HTML crafted for an attack, c ...)
 	{DSA-4244-1 DLA-1425-1}
 	- thunderbird 1:52.9.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12372
@@ -22162,26 +22162,26 @@ CVE-2018-12371
 	- thunderbird 1:60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12371
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/#CVE-2018-12371
-CVE-2018-12370
+CVE-2018-12370 (In Reader View SameSite cookie protections are not checked on exiting. ...)
 	- firefox 61.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12370
-CVE-2018-12369
+CVE-2018-12369 (WebExtensions bundled with embedded experiments were not correctly che ...)
 	- firefox 61.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12369
-CVE-2018-12368
+CVE-2018-12368 (Windows 10 does not warn users before opening executable files with th ...)
 	- firefox-esr <not-affected> (Windows-specific)
 	- firefox <not-affected> (Windows-specific)
 	- thunderbird <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12368
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12368
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12368
-CVE-2018-12367
+CVE-2018-12367 (In the previous mitigations for Spectre, the resolution or precision o ...)
 	{DSA-4295-1 DLA-1575-1}
 	- firefox 61.0-1
 	- thunderbird 1:60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12367
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/#CVE-2018-12367
-CVE-2018-12366
+CVE-2018-12366 (An invalid grid size during QCMS (color profile) transformations can r ...)
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22189,7 +22189,7 @@ CVE-2018-12366
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12366
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12366
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12366
-CVE-2018-12365
+CVE-2018-12365 (A compromised IPC child process can escape the content sandbox and lis ...)
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22197,7 +22197,7 @@ CVE-2018-12365
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12365
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12365
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12365
-CVE-2018-12364
+CVE-2018-12364 (NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin r ...)
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22205,7 +22205,7 @@ CVE-2018-12364
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12364
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12364
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12364
-CVE-2018-12363
+CVE-2018-12363 (A use-after-free vulnerability can occur when script uses mutation eve ...)
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22213,7 +22213,7 @@ CVE-2018-12363
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12363
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12363
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12363
-CVE-2018-12362
+CVE-2018-12362 (An integer overflow can occur during graphics operations done by the S ...)
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22221,13 +22221,13 @@ CVE-2018-12362
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12362
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12362
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12362
-CVE-2018-12361
+CVE-2018-12361 (An integer overflow can occur in the SwizzleData code while calculatin ...)
 	{DSA-4295-1 DLA-1575-1}
 	- firefox 61.0-1
 	- thunderbird 1:60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12361
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/#CVE-2018-12361
-CVE-2018-12360
+CVE-2018-12360 (A use-after-free vulnerability can occur when deleting an input elemen ...)
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22235,7 +22235,7 @@ CVE-2018-12360
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12360
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12360
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12360
-CVE-2018-12359
+CVE-2018-12359 (A buffer overflow can occur when rendering canvas content while adjust ...)
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -22243,15 +22243,15 @@ CVE-2018-12359
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12359
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-12359
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-12359
-CVE-2018-12358
+CVE-2018-12358 (Service workers can use redirection to avoid the tainting of cross-ori ...)
 	- firefox 61.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12358
-CVE-2018-12423
+CVE-2018-12423 (In Synapse before 0.31.2, unauthorised users can hijack rooms when the ...)
 	- matrix-synapse 0.31.2+dfsg-1 (bug #901549)
 	NOTE: https://github.com/matrix-org/synapse/pull/3397
 CVE-2018-12357
 	RESERVED
-CVE-2018-12356
+CVE-2018-12356 (An issue was discovered in password-store.sh in pass in Simple Passwor ...)
 	- password-store 1.7.2-1 (bug #901574)
 	[stretch] - password-store <not-affected> (Signature verification support added in 1.7)
 	[jessie] - password-store <not-affected> (Signature verification support added in 1.7)
@@ -22260,11 +22260,11 @@ CVE-2018-12356
 	NOTE: Fixed by: https://git.zx2c4.com/password-store/commit/?id=8683403b77f59c56fcb1f05c61ab33b9fd61a30d
 	NOTE: https://neopg.io/blog/pass-signature-spoof/
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/14/3
-CVE-2018-12355
+CVE-2018-12355 (Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name or descriptio ...)
 	NOT-FOR-US: Knowage / SpagoBI
-CVE-2018-12354
+CVE-2018-12354 (Knowage (formerly SpagoBI) 6.1.1 allows CSRF via every form, as demons ...)
 	NOT-FOR-US: Knowage / SpagoBI
-CVE-2018-12353
+CVE-2018-12353 (Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name field to the  ...)
 	NOT-FOR-US: Knowage / SpagoBI
 CVE-2018-12352
 	RESERVED
@@ -22292,35 +22292,35 @@ CVE-2018-12341
 	RESERVED
 CVE-2018-12340
 	RESERVED
-CVE-2018-12339
+CVE-2018-12339 (ArticleCMS through 2017-02-19 has XSS via an "add an article" action. ...)
 	NOT-FOR-US: ArticleCMS
-CVE-2018-12338
+CVE-2018-12338 (Undocumented Factory Backdoor in ECOS System Management Appliance (aka ...)
 	NOT-FOR-US: ECOS System Management Appliance
-CVE-2018-12337
+CVE-2018-12337 (Reliance on Security Through Obscurity vulnerability in ECOS Secure Bo ...)
 	NOT-FOR-US: ECOS Secure Boot Stick
-CVE-2018-12336
+CVE-2018-12336 (Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6. ...)
 	NOT-FOR-US: ECOS Secure Boot Stick
-CVE-2018-12335
+CVE-2018-12335 (Incorrect access control in ECOS System Management Appliance (aka SMA) ...)
 	NOT-FOR-US: ECOS System Management Appliance
-CVE-2018-12334
+CVE-2018-12334 (Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 ...)
 	NOT-FOR-US: ECOS Secure Boot Stick
-CVE-2018-12333
+CVE-2018-12333 (Insufficient Verification of Data Authenticity vulnerability in ECOS S ...)
 	NOT-FOR-US: ECOS Secure Boot Stick
-CVE-2018-12332
+CVE-2018-12332 (Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5 ...)
 	NOT-FOR-US: ECOS Secure Boot Stick
-CVE-2018-12331
+CVE-2018-12331 (Authentication Bypass by Spoofing vulnerability in ECOS System Managem ...)
 	NOT-FOR-US: ECOS System Management Appliance
-CVE-2018-12330
+CVE-2018-12330 (Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 ...)
 	NOT-FOR-US: ECOS Secure Boot Stick
-CVE-2018-12329
+CVE-2018-12329 (Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 ...)
 	NOT-FOR-US: ECOS Secure Boot Stick
 CVE-2018-12328
 	RESERVED
-CVE-2018-12327
+CVE-2018-12327 (Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11  ...)
 	- ntp <unfixed> (unimportant)
 	NOTE: https://gist.github.com/fakhrizulkifli/9b58ed8e0354e8deee50b0eebd1c011f
 	NOTE: Negligible security impact
-CVE-2018-12326
+CVE-2018-12326 (Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 ...)
 	{DSA-4230-1 DLA-1396-1}
 	- redis 5:4.0.10-1 (bug #902410)
 	NOTE: https://gist.github.com/fakhrizulkifli/f831f40ec6cde4f744c552503d8698f0
@@ -22329,55 +22329,55 @@ CVE-2018-12325
 	RESERVED
 CVE-2018-12324
 	RESERVED
-CVE-2018-12323
+CVE-2018-12323 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. A passwor ...)
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-12322
+CVE-2018-12322 (There is a heap out of bounds read in radare2 2.6.0 in _6502_op() in l ...)
 	- radare2 2.7.0+dfsg-1 (low; bug #901628)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/bbb4af56003c1afdad67af0c4339267ca38b1017
 	NOTE: https://github.com/radare/radare2/issues/10294
-CVE-2018-12321
+CVE-2018-12321 (There is a heap out of bounds read in radare2 2.6.0 in java_switch_op( ...)
 	- radare2 2.7.0+dfsg-1 (low; bug #901629)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/224e6bc13fa353dd3b7f7a2334588f1c4229e58d
 	NOTE: https://github.com/radare/radare2/issues/10296
-CVE-2018-12320
+CVE-2018-12320 (There is a use after free in radare2 2.6.0 in r_anal_bb_free() in libr ...)
 	- radare2 2.7.0+dfsg-1 (low; bug #901630)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/90b71c017a7fa9732fe45fd21b245ee051b1f548
 	NOTE: https://github.com/radare/radare2/issues/10293
-CVE-2018-12319
+CVE-2018-12319 (Denial-of-service in the login page of ASUSTOR ADM 3.1.1 allows attack ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12318
+CVE-2018-12318 (Information disclosure in the SNMP settings page in ASUSTOR ADM versio ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12317
+CVE-2018-12317 (OS command injection in group.cgi in ASUSTOR ADM version 3.1.1 allows  ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12316
+CVE-2018-12316 (OS Command Injection in upload.cgi in ASUSTOR ADM version 3.1.1 allows ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12315
+CVE-2018-12315 (Missing verification of a password in ASUSTOR ADM version 3.1.1 allows ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12314
+CVE-2018-12314 (Directory Traversal in downloadwallpaper.cgi in ASUSTOR ADM version 3. ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12313
+CVE-2018-12313 (OS command injection in snmp.cgi in ASUSTOR ADM version 3.1.1 allows a ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12312
+CVE-2018-12312 (OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows a ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12311
+CVE-2018-12311 (Cross-site scripting vulnerability in File Explorer in ASUSTOR ADM ver ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12310
+CVE-2018-12310 (Cross-site scripting in the Login page in ASUSTOR ADM version 3.1.1 al ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12309
+CVE-2018-12309 (Directory Traversal in upload.cgi in ASUSTOR ADM version 3.1.1 allows  ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12308
+CVE-2018-12308 (Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 al ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12307
+CVE-2018-12307 (OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows a ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12306
+CVE-2018-12306 (Directory Traversal in File Explorer in ASUSTOR ADM version 3.1.1 allo ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-12305
+CVE-2018-12305 (Cross-site scripting in File Explorer in ASUSTOR ADM version 3.1.1 all ...)
 	NOT-FOR-US: ASUSTOR ADM
 CVE-2018-12304
 	RESERVED
@@ -22399,17 +22399,17 @@ CVE-2018-12296
 	RESERVED
 CVE-2018-12295
 	RESERVED
-CVE-2018-12294
+CVE-2018-12294 (WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as  ...)
 	- webkit2gtk 2.20.2-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-12293
+CVE-2018-12293 (The getImageData function in the ImageBufferCairo class in WebCore/pla ...)
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-12292
+CVE-2018-12292 (A use-after-free vulnerability exists in DOMProxyHandler::EnsureExpand ...)
 	NOT-FOR-US: Pale Moon
-CVE-2018-12290
+CVE-2018-12290 (The Yii2-StateMachine extension v2.x.x for Yii2 has XSS. ...)
 	NOT-FOR-US: Yii2-StateMachine extension for Yii2
 CVE-2018-12289
 	RESERVED
@@ -22443,52 +22443,52 @@ CVE-2018-12275
 	RESERVED
 CVE-2018-12274
 	RESERVED
-CVE-2018-12273
+CVE-2018-12273 (The /edit URI in the DMS component in Ximdex 4.0 has XSS via the Ciuda ...)
 	NOT-FOR-US: Ximdex
-CVE-2018-12272
+CVE-2018-12272 (xowl/request.php in Ximdex 4.0 has XSS via the content parameter. ...)
 	NOT-FOR-US: Ximdex
-CVE-2018-12271
+CVE-2018-12271 (** DISPUTED ** An issue was discovered in the com.getdropbox.Dropbox a ...)
 	NOT-FOR-US: com.getdropbox.Dropbox app for IOS
 CVE-2018-12270
 	RESERVED
 CVE-2018-12269
 	RESERVED
-CVE-2018-12268
+CVE-2018-12268 (acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metac ...)
 	- acccheck <unfixed> (bug #901572)
 	[stretch] - acccheck <no-dsa> (Non-free not supported)
 CVE-2018-12267
 	RESERVED
-CVE-2018-12266
+CVE-2018-12266 (system\errors\404.php in HongCMS 3.0.0 has XSS via crafted input that  ...)
 	NOT-FOR-US: HongCMS
-CVE-2018-12265
+CVE-2018-12265 (Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in prev ...)
 	{DSA-4238-1 DLA-1402-1}
 	- exiv2 0.25-4 (bug #901706)
 	NOTE: https://github.com/Exiv2/exiv2/issues/365
 	NOTE: https://github.com/Exiv2/exiv2/commit/937a1a2bd067b8b3b787f3757089d972f3a39853
-CVE-2018-12264
+CVE-2018-12264 (Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.c ...)
 	{DSA-4238-1 DLA-1402-1}
 	- exiv2 0.25-4 (bug #901707)
 	NOTE: https://github.com/Exiv2/exiv2/issues/366
 	NOTE: https://github.com/Exiv2/exiv2/commit/fe70939f54476e99046245ca69ff27012401f759
-CVE-2018-12263
+CVE-2018-12263 (portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin ...)
 	NOT-FOR-US: portfolioCMS
 CVE-2018-12262
 	REJECTED
-CVE-2018-12261
+CVE-2018-12261 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. All proce ...)
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-12260
+CVE-2018-12260 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root  ...)
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-12259
+CVE-2018-12259 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. Root acce ...)
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-12258
+CVE-2018-12258 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. Custom Fi ...)
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-12257
+CVE-2018-12257 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. There is  ...)
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-12256
+CVE-2018-12256 (admin/vqmods.app/vqmods.inc.php in LiteCart before 2.1.3 allows remote ...)
 	NOT-FOR-US: LiteCart
-CVE-2018-12255
+CVE-2018-12255 (An XSS issue was discovered in InvoicePlane 1.5.10 via the "Quote PDF  ...)
 	NOT-FOR-US: InvoicePlane
-CVE-2018-12254
+CVE-2018-12254 (router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for  ...)
 	NOT-FOR-US: Harmis Ek rishta component for Joomla!
 CVE-2018-12253
 	RESERVED
@@ -22498,70 +22498,70 @@ CVE-2018-12251
 	RESERVED
 CVE-2018-12250
 	RESERVED
-CVE-2018-12249
+CVE-2018-12249 (An issue was discovered in mruby 1.4.1. There is a NULL pointer derefe ...)
 	- mruby 1.4.1+20180622+git640fca32-1 (bug #901652)
 	[stretch] - mruby <no-dsa> (Minor issue)
 	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/commit/faa4eaf6803bd11669bc324b4c34e7162286bfa3
 	NOTE: https://github.com/mruby/mruby/issues/4037
-CVE-2018-12248
+CVE-2018-12248 (An issue was discovered in mruby 1.4.1. There is a heap-based buffer o ...)
 	- mruby 1.4.1+20180622+git640fca32-1 (bug #901653)
 	[stretch] - mruby <no-dsa> (Minor issue)
 	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/commit/778500563a9f7ceba996937dc886bd8cde29b42b
 	NOTE: https://github.com/mruby/mruby/issues/4038
-CVE-2018-12247
+CVE-2018-12247 (An issue was discovered in mruby 1.4.1. There is a NULL pointer derefe ...)
 	- mruby <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://github.com/mruby/mruby/commit/f408143c289b8017883294f13d36d43b50c8bc5d
 	NOTE: Fixed by: https://github.com/mruby/mruby/commit/55edae0226409de25e59922807cb09acb45731a2
 	NOTE: https://github.com/mruby/mruby/issues/4036
-CVE-2018-12246
+CVE-2018-12246 (Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a  ...)
 	NOT-FOR-US: Symantec
-CVE-2018-12245
+CVE-2018-12245 (Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a ...)
 	NOT-FOR-US: Symantec Endpoint Protection
 CVE-2018-12244
 	RESERVED
-CVE-2018-12243
+CVE-2018-12243 (The Symantec Messaging Gateway product prior to 10.6.6 may be suscepti ...)
 	NOT-FOR-US: Symantec
-CVE-2018-12242
+CVE-2018-12242 (The Symantec Messaging Gateway product prior to 10.6.6 may be suscepti ...)
 	NOT-FOR-US: Symantec
-CVE-2018-12241
+CVE-2018-12241 (The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susc ...)
 	NOT-FOR-US: Symantec
-CVE-2018-12240
+CVE-2018-12240 (The Norton Identity Safe product prior to 5.3.0.976 may be susceptible ...)
 	NOT-FOR-US: Norton
-CVE-2018-12239
+CVE-2018-12239 (Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12. ...)
 	NOT-FOR-US: Norton
-CVE-2018-12238
+CVE-2018-12238 (Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12. ...)
 	NOT-FOR-US: Norton
-CVE-2018-12237
+CVE-2018-12237 (The Symantec Reporter CLI 10.1 prior to 10.1.5.6 and 10.2 prior to 10. ...)
 	NOT-FOR-US: Symantec Reporter CLI
 CVE-2018-12236
 	RESERVED
 CVE-2018-12235
 	RESERVED
-CVE-2018-12234
+CVE-2018-12234 (A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in ...)
 	NOT-FOR-US: Adrenalin HRMS Software
 CVE-2018-12231
 	RESERVED
-CVE-2018-12230
+CVE-2018-12230 (An wrong logical check identified in the transferFrom function of a sm ...)
 	NOT-FOR-US: smart contract implementation for RemiCoin (RMC)
-CVE-2018-12229
+CVE-2018-12229 (Cross-site scripting (XSS) vulnerability in Public Knowledge Project ( ...)
 	NOT-FOR-US: Public Knowledge Project (PKP) Open Journal System (OJS)
-CVE-2018-12233
+CVE-2018-12233 (In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4 ...)
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://lkml.org/lkml/2018/6/2/2
-CVE-2018-12232
+CVE-2018-12232 (In net/socket.c in the Linux kernel through 4.17.1, there is a race co ...)
 	- linux 4.17.3-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/6d8c50dcb029872b298eea68cc6209c866fd3e14
-CVE-2018-12228
+CVE-2018-12228 (An issue was discovered in Asterisk Open Source 15.x before 15.4.1. Wh ...)
 	- asterisk <not-affected> (Only affects 15.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2018-007.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27807
-CVE-2018-12227
+CVE-2018-12227 (An issue was discovered in Asterisk Open Source 13.x before 13.21.1, 1 ...)
 	{DSA-4320-1}
 	- asterisk 1:13.22.0~dfsg-1 (bug #902954)
 	[jessie] - asterisk <not-affected> (vulnerable code not present)
@@ -22571,85 +22571,85 @@ CVE-2018-12226
 	RESERVED
 CVE-2018-12225
 	RESERVED
-CVE-2018-12224
+CVE-2018-12224 (Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* ...)
 	NOT-FOR-US: Intel
-CVE-2018-12223
+CVE-2018-12223 (Insufficient access control in User Mode Driver in Intel(R) Graphics D ...)
 	NOT-FOR-US: Intel
-CVE-2018-12222
+CVE-2018-12222 (Insufficient input validation in Kernel Mode Driver in Intel(R) Graphi ...)
 	NOT-FOR-US: Intel
-CVE-2018-12221
+CVE-2018-12221 (Insufficient input validation in Kernel Mode Driver in Intel(R) Graphi ...)
 	NOT-FOR-US: Intel
-CVE-2018-12220
+CVE-2018-12220 (Logic bug in Kernel Mode Driver in Intel(R) Graphics Driver for Window ...)
 	NOT-FOR-US: Intel
-CVE-2018-12219
+CVE-2018-12219 (Insufficient input validation in Kernel Mode Driver in Intel(R) Graphi ...)
 	TODO: check
-CVE-2018-12218
+CVE-2018-12218 (Unhandled exception in User Mode Driver in Intel(R) Graphics Driver fo ...)
 	TODO: check
-CVE-2018-12217
+CVE-2018-12217 (Insufficient access control in Kernel Mode Driver in Intel(R) Graphics ...)
 	TODO: check
-CVE-2018-12216
+CVE-2018-12216 (Insufficient input validation in Kernel Mode Driver in Intel(R) Graphi ...)
 	TODO: check
-CVE-2018-12215
+CVE-2018-12215 (Insufficient input validation in Kernel Mode Driver in Intel(R) Graphi ...)
 	TODO: check
-CVE-2018-12214
+CVE-2018-12214 (Potential memory corruption in Kernel Mode Driver in Intel(R) Graphics ...)
 	TODO: check
-CVE-2018-12213
+CVE-2018-12213 (Potential memory corruption in Kernel Mode Driver in Intel(R) Graphics ...)
 	TODO: check
-CVE-2018-12212
+CVE-2018-12212 (Buffer overflow in User Mode Driver in Intel(R) Graphics Driver for Wi ...)
 	TODO: check
-CVE-2018-12211
+CVE-2018-12211 (Insufficient input validation in User Mode Driver in Intel(R) Graphics ...)
 	TODO: check
-CVE-2018-12210
+CVE-2018-12210 (Multiple pointer dereferences in User Mode Driver in Intel(R) Graphics ...)
 	TODO: check
-CVE-2018-12209
+CVE-2018-12209 (Insufficient access control in User Mode Driver in Intel(R) Graphics D ...)
 	TODO: check
-CVE-2018-12208
+CVE-2018-12208 (Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11. ...)
 	TODO: check
 CVE-2018-12207
 	RESERVED
-CVE-2018-12206
+CVE-2018-12206 (Improper configuration of hardware access in Intel QuickAssist Technol ...)
 	NOT-FOR-US: Intel QuickAssist Technology for Linux
-CVE-2018-12205
+CVE-2018-12205 (Privilege escalation vulnerability in Platform Sample/ Silicon Referen ...)
 	TODO: check
-CVE-2018-12204
+CVE-2018-12204 (Privilege escalation vulnerability in Platform Sample/ Silicon Referen ...)
 	TODO: check
-CVE-2018-12203
+CVE-2018-12203 (Denial of service vulnerability in Platform Sample/ Silicon Reference  ...)
 	TODO: check
-CVE-2018-12202
+CVE-2018-12202 (Privilege escalation vulnerability in Platform Sample/ Silicon Referen ...)
 	TODO: check
-CVE-2018-12201
+CVE-2018-12201 (Buffer overflow vulnerability in Platform Sample / Silicon Reference f ...)
 	TODO: check
-CVE-2018-12200
+CVE-2018-12200 (Insufficient access control in Intel(R) Capability Licensing Service b ...)
 	TODO: check
-CVE-2018-12199
+CVE-2018-12199 (Buffer overflow in an OS component in Intel CSME before versions 11.8. ...)
 	TODO: check
-CVE-2018-12198
+CVE-2018-12198 (Insufficient input validation in Intel(R) Server Platform Services HEC ...)
 	TODO: check
 CVE-2018-12197
 	RESERVED
-CVE-2018-12196
+CVE-2018-12196 (Insufficient input validation in Intel(R) AMT in Intel(R) CSME before  ...)
 	TODO: check
 CVE-2018-12195
 	RESERVED
 CVE-2018-12194
 	RESERVED
-CVE-2018-12193
+CVE-2018-12193 (Insufficient access control in driver stack for Intel QuickAssist Tech ...)
 	NOT-FOR-US: Intel
-CVE-2018-12192
+CVE-2018-12192 (Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11 ...)
 	TODO: check
-CVE-2018-12191
+CVE-2018-12191 (Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, ...)
 	TODO: check
-CVE-2018-12190
+CVE-2018-12190 (Insufficient input validation in Intel CSME subsystem before versions  ...)
 	TODO: check
-CVE-2018-12189
+CVE-2018-12189 (Unhandled exception in Content Protection subsystem in Intel CSME befo ...)
 	TODO: check
-CVE-2018-12188
+CVE-2018-12188 (Insufficient input validation in Intel CSME before versions 11.8.60, 1 ...)
 	TODO: check
-CVE-2018-12187
+CVE-2018-12187 (Insufficient input validation in Intel(R) Active Management Technology ...)
 	TODO: check
 CVE-2018-12186
 	RESERVED
-CVE-2018-12185
+CVE-2018-12185 (Insufficient input validation in Intel(R) AMT in Intel(R) CSME before  ...)
 	TODO: check
 CVE-2018-12184
 	RESERVED
@@ -22678,66 +22678,66 @@ CVE-2018-12178 [improper DNS packet size check]
 	[jessie] - edk2 <end-of-life> (non-free is not supported)
 	NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037251.html
 	NOTE: https://github.com/tianocore/edk2/commit/84110bbe4bb3a346514b9bb12eadb7586bca7dfd
-CVE-2018-12177
+CVE-2018-12177 (Improper directory permissions in the ZeroConfig service in Intel(R) P ...)
 	NOT-FOR-US: Intel PROSet/Wireless WiFi Software
-CVE-2018-12176
+CVE-2018-12176 (Improper input validation in firmware for Intel NUC Kits may allow a p ...)
 	NOT-FOR-US: Intel
-CVE-2018-12175
+CVE-2018-12175 (Default install directory permissions in Intel Distribution for Python ...)
 	NOT-FOR-US: Intel Distribution for Python
-CVE-2018-12174
+CVE-2018-12174 (Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE ...)
 	NOT-FOR-US: Intel
-CVE-2018-12173
+CVE-2018-12173 (Insufficient access protection in firmware in Intel Server Board, Inte ...)
 	NOT-FOR-US: Intel
-CVE-2018-12172
+CVE-2018-12172 (Improper password hashing in firmware in Intel Server Board (S7200AP,S ...)
 	NOT-FOR-US: Intel
-CVE-2018-12171
+CVE-2018-12171 (Privilege escalation in Intel Baseboard Management Controller (BMC) fi ...)
 	NOT-FOR-US: Intel Baseboard Management Controller firmware
 CVE-2018-12170
 	RESERVED
-CVE-2018-12169
+CVE-2018-12169 (Platform sample code firmware in 4th Generation Intel Core Processor,  ...)
 	NOT-FOR-US: Intel
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/unauthenticated-firmware-chain-of-trust-bypass.html
-CVE-2018-12168
+CVE-2018-12168 (Privilege escalation in file permissions in Intel Computing Improvemen ...)
 	NOT-FOR-US: Intel
-CVE-2018-12167
+CVE-2018-12167 (Firmware update routine in bootloader for Intel(R) Optane(TM) SSD DC P ...)
 	NOT-FOR-US: Intel
-CVE-2018-12166
+CVE-2018-12166 (Insufficient write protection in firmware for Intel(R) Optane(TM) SSD  ...)
 	NOT-FOR-US: Intel
 CVE-2018-12165
 	RESERVED
 CVE-2018-12164
 	RESERVED
-CVE-2018-12163
+CVE-2018-12163 (A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 inst ...)
 	NOT-FOR-US: Intel IoT Developers Kit
-CVE-2018-12162
+CVE-2018-12162 (Directory permissions in the Intel OpenVINO Toolkit for Windows before ...)
 	NOT-FOR-US: Intel OpenVINO Toolkit for Windows
-CVE-2018-12161
+CVE-2018-12161 (Insufficient session validation in the webserver component of the Inte ...)
 	NOT-FOR-US: Intel Rapid Web Server
-CVE-2018-12160
+CVE-2018-12160 (DLL injection vulnerability in software installer for Intel Data Cente ...)
 	NOT-FOR-US: Intel
-CVE-2018-12159
+CVE-2018-12159 (Buffer overflow in the command-line interface for Intel(R) PROSet Wire ...)
 	NOT-FOR-US: Intel
-CVE-2018-12158
+CVE-2018-12158 (Insufficient input validation in BIOS update utility in Intel NUC FW k ...)
 	NOT-FOR-US: Intel
 CVE-2018-12157
 	RESERVED
 CVE-2018-12156
 	RESERVED
-CVE-2018-12155
+CVE-2018-12155 (Data leakage in cryptographic libraries for Intel IPP before 2019 upda ...)
 	NOT-FOR-US: Intel
-CVE-2018-12154
+CVE-2018-12154 (Denial of Service in Unified Shader Compiler in Intel Graphics Drivers ...)
 	NOT-FOR-US: Intel
-CVE-2018-12153
+CVE-2018-12153 (Denial of Service in Unified Shader Compiler in Intel Graphics Drivers ...)
 	NOT-FOR-US: Intel
-CVE-2018-12152
+CVE-2018-12152 (Pointer corruption in Unified Shader Compiler in Intel Graphics Driver ...)
 	NOT-FOR-US: Intel
-CVE-2018-12151
+CVE-2018-12151 (Buffer overflow in installer for Intel Extreme Tuning Utility before 6 ...)
 	NOT-FOR-US: Intel
-CVE-2018-12150
+CVE-2018-12150 (Escalation of privilege in Installer for Intel Extreme Tuning Utility  ...)
 	NOT-FOR-US: Intel
-CVE-2018-12149
+CVE-2018-12149 (Buffer overflow in input handling in Intel Extreme Tuning Utility befo ...)
 	NOT-FOR-US: Intel
-CVE-2018-12148
+CVE-2018-12148 (Privilege escalation in file permissions in Intel Driver and Support A ...)
 	NOT-FOR-US: Intel
 CVE-2018-12147
 	RESERVED
@@ -22771,7 +22771,7 @@ CVE-2018-12133
 	RESERVED
 CVE-2018-12132
 	RESERVED
-CVE-2018-12131
+CVE-2018-12131 (Permissions in the driver pack installers for Intel NVMe before versio ...)
 	NOT-FOR-US: Intel
 CVE-2018-12130
 	RESERVED
@@ -22787,22 +22787,22 @@ CVE-2018-12125
 	RESERVED
 CVE-2018-12124
 	RESERVED
-CVE-2018-12123
+CVE-2018-12123 (Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11. ...)
 	- nodejs <unfixed> (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
 	NOTE: Nodejs not covered by security support
 	NOTE: Patch (v8): https://github.com/nodejs/node/commit/53a6e4eb2002efc66eb9aefe24529fb63715094e
-CVE-2018-12122
+CVE-2018-12122 (Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11. ...)
 	- nodejs <unfixed> (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
 	NOTE: Nodejs not covered by security support
 	NOTE: Patch (v8): https://github.com/nodejs/node/commit/696f063c5e9157fd10859515da00fd8bd190d76d
-CVE-2018-12121
+CVE-2018-12121 (Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11. ...)
 	- nodejs <unfixed> (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
 	NOTE: Nodejs not covered by security support
 	NOTE: Patch (v8): https://github.com/nodejs/node/commit/93dba83fb0fb46ee2ea87163f435392490b4d59b
-CVE-2018-12120
+CVE-2018-12120 (Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 list ...)
 	- nodejs 8.9.3~dfsg-5 (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
 	NOTE: Nodejs not covered by security support
@@ -22814,31 +22814,31 @@ CVE-2018-12118
 	RESERVED
 CVE-2018-12117
 	RESERVED
-CVE-2018-12116
+CVE-2018-12116 (Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request ...)
 	- nodejs <unfixed> (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
 	NOTE: Nodejs not covered by security support
 	NOTE: Patch (v8): https://github.com/nodejs/node/commit/513e9747a22386bc9c93a12f9698561827a1e631
-CVE-2018-12115
+CVE-2018-12115 (In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when use ...)
 	- nodejs <unfixed> (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
 	NOTE: Nodejs not covered by security support
 	NOTE: https://github.com/nodejs/node/commit/fc14d812b7
-CVE-2018-12114
+CVE-2018-12114 (Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user  ...)
 	NOT-FOR-US: Maccms
-CVE-2018-12113
+CVE-2018-12113 (Core FTP LE version 2.2 Build 1921 is prone to a buffer overflow vulne ...)
 	NOT-FOR-US: Core FTP LE
-CVE-2018-12112
+CVE-2018-12112 (md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to  ...)
 	NOT-FOR-US: md4c
-CVE-2018-12111
+CVE-2018-12111 (Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webi ...)
 	NOT-FOR-US: Canon PrintMe EFI webinterface
-CVE-2018-12110
+CVE-2018-12110 (portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php previ ...)
 	NOT-FOR-US: portfolioCMS
-CVE-2018-12109
+CVE-2018-12109 (An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The  ...)
 	[experimental] - flif <unfixed>
 	- flif <removed> (bug #902196)
 	NOTE: https://github.com/FLIF-hub/FLIF/issues/513
-CVE-2018-12108
+CVE-2018-12108 (An issue was discovered in Dropbox Lepton 1.2.1. The validateAndCompre ...)
 	- lepton <unfixed> (bug #905494)
 	NOTE: https://github.com/dropbox/lepton/issues/107
 CVE-2018-12107
@@ -22847,121 +22847,121 @@ CVE-2018-12106
 	RESERVED
 CVE-2018-12105
 	RESERVED
-CVE-2018-12104
+CVE-2018-12104 (Cross-site scripting (XSS) vulnerability in Airbnb Knowledge Repo 0.7. ...)
 	NOT-FOR-US: Airbnb Knowledge Repo
-CVE-2018-12103
+CVE-2018-12103 (An issue was discovered on D-Link DIR-890L with firmware 1.21B02beta01 ...)
 	NOT-FOR-US: D-Link
-CVE-2018-12102
+CVE-2018-12102 (md4c 0.2.6 has a NULL pointer dereference in the function md_process_l ...)
 	NOT-FOR-US: md4c
 CVE-2018-12101
 	RESERVED
-CVE-2018-12100
+CVE-2018-12100 (Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS i ...)
 	NOT-FOR-US: Sonatype Nexus Repository Manager
-CVE-2018-12099
+CVE-2018-12099 (Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links. ...)
 	- grafana <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/grafana/grafana/pull/11813
-CVE-2018-12098
+CVE-2018-12098 (** DISPUTED ** The liblnk_data_block_read function in liblnk_data_bloc ...)
 	- liblnk 20180626-1 (unimportant; bug #901962)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/33
 	NOTE: https://github.com/libyal/liblnk/commit/cb7fe0c66a5a01c19f1953fc7814c4fedfdc5785
 	NOTE: https://github.com/libyal/liblnk/issues/32
 	NOTE: https://github.com/libyal/liblnk/issues/33
 	NOTE: Questionable/negligabe security impact
-CVE-2018-12097
+CVE-2018-12097 (** DISPUTED ** The liblnk_location_information_read_data function in l ...)
 	- liblnk <unfixed> (unimportant; bug #901962)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/33
 	NOTE: https://github.com/libyal/liblnk/commit/cb7fe0c66a5a01c19f1953fc7814c4fedfdc5785
 	NOTE: https://github.com/libyal/liblnk/issues/32
 	NOTE: https://github.com/libyal/liblnk/issues/33
 	NOTE: Questionable/negligabe security impact
-CVE-2018-12096
+CVE-2018-12096 (** DISPUTED ** The liblnk_data_string_get_utf8_string_size function in ...)
 	- liblnk <unfixed> (unimportant; bug #901962)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/33
 	NOTE: https://github.com/libyal/liblnk/issues/32
 	NOTE: https://github.com/libyal/liblnk/issues/33
 	NOTE: Questionable/negligabe security impact
-CVE-2018-12095
+CVE-2018-12095 (A Reflected Cross-Site Scripting web vulnerability has been discovered ...)
 	NOT-FOR-US: OEcms
-CVE-2018-12094
+CVE-2018-12094 (Cross-site scripting (XSS) vulnerability in news.php in Dimofinf CMS V ...)
 	NOT-FOR-US: Dimofinf CMS
-CVE-2018-12093
+CVE-2018-12093 (tinyexr 0.9.5 has a memory leak in ParseEXRHeaderFromMemory in tinyexr ...)
 	NOT-FOR-US: tinyexr
-CVE-2018-12092
+CVE-2018-12092 (tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixe ...)
 	NOT-FOR-US: tinyexr
 CVE-2018-12091
 	RESERVED
-CVE-2018-12090
+CVE-2018-12090 (There is unauthenticated reflected cross-site scripting (XSS) in LAMS  ...)
 	NOT-FOR-US: LAMS
-CVE-2018-12089
+CVE-2018-12089 (In Octopus Deploy version 2018.5.1 to 2018.5.7, a user with Task View  ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-12291
+CVE-2018-12291 (The on_get_missing_events function in handlers/federation.py in Matrix ...)
 	- matrix-synapse 0.31.1+dfsg-1 (bug #901293)
 	NOTE: https://github.com/matrix-org/synapse/pull/3371
 	NOTE: https://github.com/matrix-org/synapse/commit/0834b49c6a9b6c597a154d4b2dfcf8fff90699ec
 	NOTE: https://matrix.org/blog/2018/06/08/synapse-0-31-1-released/
-CVE-2018-12088
+CVE-2018-12088 (S3QL before 2.27 mishandles checksumming, and consequently allows repl ...)
 	- s3ql 2.27.1+dfsg-1 (low)
 	[stretch] - s3ql <ignored> (Minor issue, backports would change the file system revision rendering it unable to read older file systems)
 	[jessie] - s3ql <ignored> (Minor issue, backports would change the file system revision rendering it unable to read older file systems)
 	NOTE: https://groups.google.com/forum/#!topic/s3ql/4TzCVIMkA4o
 	NOTE: https://bitbucket.org/nikratio/s3ql/commits/85aba5c2d5c81453a73a50ed638adaeef0521020
-CVE-2018-12087
+CVE-2018-12087 (Failure to validate certificates in OPC Foundation UA Client Applicati ...)
 	NOT-FOR-US: OPC UA
-CVE-2018-12086
+CVE-2018-12086 (Buffer overflow in OPC UA applications allows remote attackers to trig ...)
 	{DSA-4359-1}
 	- wireshark 2.6.4-1
 	[jessie] - wireshark <ignored> (changes are too intrusive to backport)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-50.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28a7a79cac425d1b1ecf06e73add41edd2241e49
-CVE-2018-12085
+CVE-2018-12085 (Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parse ...)
 	- liblouis 3.5.0-4 (bug #901202)
 	[stretch] - liblouis 3.0.0-3+deb9u4
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/issues/595
 	NOTE: https://github.com/liblouis/liblouis/commit/dbfa58bb128cae86729578ac596056b3385817ef
-CVE-2018-12084
+CVE-2018-12084 (The mintToken function of a smart contract implementation for BitAsean ...)
 	NOT-FOR-US: BitAsean
-CVE-2018-12083
+CVE-2018-12083 (The mintToken function of a smart contract implementation for GOAL Bon ...)
 	NOT-FOR-US: GOAL
-CVE-2018-12082
+CVE-2018-12082 (The mintToken function of a smart contract implementation for Fujinto  ...)
 	NOT-FOR-US: Fujinto
-CVE-2018-12081
+CVE-2018-12081 (The mintToken function of a smart contract implementation for Target C ...)
 	NOT-FOR-US: Target Coin
-CVE-2018-12080
+CVE-2018-12080 (The mintToken function of a smart contract implementation for Internet ...)
 	NOT-FOR-US: Internet Node Token
-CVE-2018-12079
+CVE-2018-12079 (The mintToken function of a smart contract implementation for Substrat ...)
 	NOT-FOR-US: Substratum
-CVE-2018-12078
+CVE-2018-12078 (The mintToken function of a smart contract implementation for PolyAI ( ...)
 	NOT-FOR-US: PolyAI
 CVE-2018-12077
 	RESERVED
-CVE-2018-12076
+CVE-2018-12076 (A vulnerability in the UPC bar code of the Avanti Markets MarketCard c ...)
 	NOT-FOR-US: Avanti Markets MarketCard
 CVE-2018-12075
 	RESERVED
 CVE-2018-12074
 	RESERVED
-CVE-2018-12073
+CVE-2018-12073 (An issue was discovered on Eminent EM4544 9.10 devices. The device doe ...)
 	NOT-FOR-US: Eminent EM4544 9.10 devices
-CVE-2018-12072
+CVE-2018-12072 (An issue was discovered in Cloud Media Popcorn A-200 03-05-130708-21-P ...)
 	NOT-FOR-US: Cloud Media Popcorn A-200 03-05-130708-21-POP-411-000 firmware
-CVE-2018-12071
+CVE-2018-12071 (A Session Fixation issue exists in CodeIgniter before 3.1.9 because se ...)
 	- codeigniter <itp> (bug #471583)
-CVE-2018-12070
+CVE-2018-12070 (The sell function of a smart contract implementation for SEC, a tradab ...)
 	NOT-FOR-US: SEC
 CVE-2018-12069
 	RESERVED
-CVE-2018-12068
+CVE-2018-12068 (The sell function of a smart contract implementation for Target Coin ( ...)
 	NOT-FOR-US: Target Coin
-CVE-2018-12067
+CVE-2018-12067 (The sell function of a smart contract implementation for Substratum (S ...)
 	NOT-FOR-US: Substratum
-CVE-2018-12065
+CVE-2018-12065 (A Local File Inclusion vulnerability in /system/WCore/WHelper.php in C ...)
 	NOT-FOR-US: wityCMS
-CVE-2018-12064
+CVE-2018-12064 (tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChann ...)
 	NOT-FOR-US: tinyexr
-CVE-2018-12063
+CVE-2018-12063 (The sell function of a smart contract implementation for Internet Node ...)
 	NOT-FOR-US: Internet Node Token
-CVE-2018-12062
+CVE-2018-12062 (The sell function of a smart contract implementation for SwftCoin (SWF ...)
 	NOT-FOR-US: SwfCoin
 CVE-2018-12061
 	RESERVED
@@ -22973,26 +22973,26 @@ CVE-2018-12058
 	RESERVED
 CVE-2018-12057
 	RESERVED
-CVE-2018-12056
+CVE-2018-12056 (The maxRandom function of a smart contract implementation for All For  ...)
 	NOT-FOR-US: smart contract implementation for All For One
-CVE-2018-12055
+CVE-2018-12055 (Multiple SQL Injections exist in PHP Scripts Mall Schools Alert Manage ...)
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
-CVE-2018-12054
+CVE-2018-12054 (Arbitrary File Read exists in PHP Scripts Mall Schools Alert Managemen ...)
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
-CVE-2018-12053
+CVE-2018-12053 (Arbitrary File Deletion exists in PHP Scripts Mall Schools Alert Manag ...)
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
-CVE-2018-12052
+CVE-2018-12052 (SQL Injection exists in PHP Scripts Mall Schools Alert Management Scri ...)
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
-CVE-2018-12051
+CVE-2018-12051 (Arbitrary File Upload and Remote Code Execution exist in PHP Scripts M ...)
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
 CVE-2018-12050
 	RESERVED
-CVE-2018-13346
+CVE-2018-13346 (The mpatch_apply function in mpatch.c in Mercurial before 4.6.1 incorr ...)
 	{DLA-1414-1}
 	- mercurial 4.6.1-1 (bug #901050)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/faa924469635
-CVE-2018-13347
+CVE-2018-13347 (mpatch.c in Mercurial before 4.6.1 mishandles integer addition and sub ...)
 	{DLA-1414-1}
 	- mercurial 4.6.1-1 (bug #901050)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29
@@ -23001,47 +23001,47 @@ CVE-2018-13347
 	NOTE: see https://www.mercurial-scm.org/repo/hg-committed/log?rev=modifies%28%22mercurial%2Fmpatch.c%22%29+and+4.5%3A%3A
 	NOTE: upstream proposes we use OVE-20180430-0002 to cover all undefined behavior
 	NOTE: cases which the 6 patches fix
-CVE-2018-13348
+CVE-2018-13348 (The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 misha ...)
 	{DLA-1414-1}
 	- mercurial 4.6.1-1 (bug #901050)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/90a274965de7
-CVE-2018-12049
+CVE-2018-12049 (** DISPUTED ** A remote attacker can bypass the System Manager Mode on ...)
 	NOT-FOR-US: Canon
-CVE-2018-12048
+CVE-2018-12048 (** DISPUTED ** A remote attacker can bypass the Management Mode on the ...)
 	NOT-FOR-US: Canon
-CVE-2018-12047
+CVE-2018-12047 (xfind/search in Ximdex 4.0 has XSS via the filter[n][value] parameters ...)
 	NOT-FOR-US: Ximdex
-CVE-2018-12046
+CVE-2018-12046 (DedeCMS through 5.7SP2 allows arbitrary file write in dede/file_manage ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-12045
+CVE-2018-12045 (DedeCMS through V5.7SP2 allows arbitrary file upload in dede/file_mana ...)
 	NOT-FOR-US: DedeCMS
 CVE-2018-12044
 	RESERVED
-CVE-2018-12043
+CVE-2018-12043 (content/content.blueprintspages.php in Symphony 2.7.6 has XSS via the  ...)
 	NOT-FOR-US: Symphony CMS
-CVE-2018-12042
+CVE-2018-12042 (Roxy Fileman through v1.4.5 has Directory traversal via the php/downlo ...)
 	NOT-FOR-US: Roxy Fileman
-CVE-2018-12041
+CVE-2018-12041 (An issue was discovered on the MediaTek AWUS036NH wireless USB adapter ...)
 	NOT-FOR-US: MediaTek
-CVE-2018-12040
+CVE-2018-12040 (** DISPUTED ** Reflected Cross-site scripting (XSS) vulnerability in t ...)
 	- symfony 3.4.12+dfsg-1 (unimportant)
 	NOTE: https://github.com/symfony/symfony/issues/28002
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1590702
-CVE-2018-12039
+CVE-2018-12039 (joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-12038
+CVE-2018-12038 (An issue was discovered on Samsung 840 EVO devices. Vendor-specific co ...)
 	NOT-FOR-US: Samsung 840 EVO devices
-CVE-2018-12037
+CVE-2018-12037 (An issue was discovered on Samsung 840 EVO and 850 EVO devices (only i ...)
 	NOT-FOR-US: Samsung
-CVE-2018-12036
+CVE-2018-12036 (OWASP Dependency-Check before 3.2.0 allows attackers to write to arbit ...)
 	NOT-FOR-US: OWASP Dependency-Check
-CVE-2018-12035
+CVE-2018-12035 (In YARA 3.7.1 and prior, parsing a specially crafted compiled rule fil ...)
 	- yara 3.7.1-3 (low)
 	[stretch] - yara <no-dsa> (Minor issue)
 	[jessie] - yara <no-dsa> (Minor issue)
 	NOTE: https://github.com/VirusTotal/yara/issues/891
-CVE-2018-12034
+CVE-2018-12034 (In YARA 3.7.1 and prior, parsing a specially crafted compiled rule fil ...)
 	- yara 3.7.1-3 (low)
 	[stretch] - yara <no-dsa> (Minor issue)
 	[jessie] - yara <no-dsa> (Minor issue)
@@ -23050,11 +23050,11 @@ CVE-2018-12033
 	RESERVED
 CVE-2018-12032
 	RESERVED
-CVE-2018-12031
+CVE-2018-12031 (Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an ...)
 	NOT-FOR-US: Eaton Intelligent Power Manager
-CVE-2018-12030
+CVE-2018-12030 (Chevereto Free before 1.0.13 has XSS. ...)
 	NOT-FOR-US: Chevereto Free
-CVE-2018-12029
+CVE-2018-12029 (A race condition in the nginx module in Phusion Passenger 3.x through  ...)
 	{DLA-1399-1}
 	- passenger <unfixed> (bug #921767; unimportant)
 	- ruby-passenger <removed> (unimportant)
@@ -23065,36 +23065,36 @@ CVE-2018-12029
 	NOTE: https://github.com/phusion/passenger/commit/9ed61bb4641ba1f5158fca3840d4e4088805b5af (release-5.3.2)
 	NOTE: https://github.com/phusion/passenger/commit/4f663c8246f529e32575d50196d11cde12a6dfda (release-5.3.3)
 	NOTE: https://pulsesecurity.co.nz/advisories/phusion-passenger-priv-esc
-CVE-2018-12028
+CVE-2018-12028 (An Incorrect Access Control vulnerability in SpawningKit in Phusion Pa ...)
 	- passenger <not-affected> (Introduced in 5.3.0 with major refactoring of SpawningKit)
 	- ruby-passenger <not-affected> (Introduced in 5.3.0 with major refactoring of SpawningKit)
 	NOTE: https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
-CVE-2018-12027
+CVE-2018-12027 (An Insecure Permissions vulnerability in SpawningKit in Phusion Passen ...)
 	- passenger <not-affected> (Introduced in 5.3.0 with major refactoring of SpawningKit)
 	- ruby-passenger <not-affected> (Introduced in 5.3.0 with major refactoring of SpawningKit)
 	NOTE: https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
-CVE-2018-12026
+CVE-2018-12026 (During the spawning of a malicious Passenger-managed application, Spaw ...)
 	- passenger <not-affected> (Introduced in 5.3.0 with major refactoring of SpawningKit)
 	- ruby-passenger <not-affected> (Introduced in 5.3.0 with major refactoring of SpawningKit)
 	NOTE: https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
-CVE-2018-12025
+CVE-2018-12025 (The transferFrom function of a smart contract implementation for Futur ...)
 	NOT-FOR-US: FuturXE
 CVE-2018-12024
 	RESERVED
-CVE-2018-12023 [improper polymorphic deserialization of types from Oracle JDBC driver]
+CVE-2018-12023 (An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4 ...)
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2058
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a1
-CVE-2018-12022 [improper polymorphic deserialization of types from Jodd-db library]
+CVE-2018-12022 (An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4 ...)
 	{DLA-1703-1}
 	- jackson-databind 2.9.8-1
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2052
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a1
-CVE-2018-12021
+CVE-2018-12021 (Singularity 2.3.0 through 2.5.1 is affected by an incorrect access con ...)
 	- singularity-container 2.5.2-1
 	NOTE: https://github.com/singularityware/singularity/releases/tag/2.5.2
-CVE-2018-12020
+CVE-2018-12020 (mainproc.c in GnuPG before 2.2.8 mishandles the original filename duri ...)
 	{DSA-4224-1 DSA-4223-1 DSA-4222-1}
 	- enigmail 2:2.0.7-1
 	[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)
@@ -23107,27 +23107,27 @@ CVE-2018-12020
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2326851c60793653069494379b16d84e4c10a0ac (STABLE-BRANCH-1-4)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/13/10
 	NOTE: https://neopg.io/blog/gpg-signature-spoof/
-CVE-2018-12019
+CVE-2018-12019 (The signature verification routine in Enigmail before 2.0.7 interprets ...)
 	- enigmail 2:2.0.7-1
 	[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/13/10
 	NOTE: https://neopg.io/blog/enigmail-signature-spoof/
-CVE-2018-12018
+CVE-2018-12018 (The GetBlockHeadersMsg handler in the LES protocol implementation in G ...)
 	NOT-FOR-US: Go Ethereum
 CVE-2018-12017
 	RESERVED
-CVE-2018-12016
+CVE-2018-12016 (libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows rem ...)
 	- epiphany-browser 3.28.3.1-1 (unimportant; bug #901018)
 	NOTE: webkit not covered by security support
-CVE-2018-12014
+CVE-2018-12014 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-12013
 	RESERVED
 CVE-2018-12012
 	RESERVED
-CVE-2018-12011
+CVE-2018-12011 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-12010
+CVE-2018-12010 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-12009
 	RESERVED
@@ -23135,7 +23135,7 @@ CVE-2018-12008
 	RESERVED
 CVE-2018-12007
 	RESERVED
-CVE-2018-12006
+CVE-2018-12006 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-12005
 	RESERVED
@@ -23149,19 +23149,19 @@ CVE-2018-12001
 	RESERVED
 CVE-2018-12000
 	RESERVED
-CVE-2018-11999
+CVE-2018-11999 (Improper input validation in trustzone can lead to denial of service i ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11998
+CVE-2018-11998 (While processing a packet decode request in MQTT, Race condition can o ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11997
 	RESERVED
-CVE-2018-11996
+CVE-2018-11996 (When a malformed command is sent to the device programmer, an out-of-b ...)
 	NOT-FOR-US: Snapdragon
-CVE-2018-11995
+CVE-2018-11995 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11994
+CVE-2018-11994 (SMMU secure camera logic allows secure camera controllers to access HL ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11993
+CVE-2018-11993 (Improper check while accessing the local memory stack on MQTT connecti ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11992
 	RESERVED
@@ -23171,22 +23171,22 @@ CVE-2018-11990
 	RESERVED
 CVE-2018-11989
 	RESERVED
-CVE-2018-11988
+CVE-2018-11988 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11987
+CVE-2018-11987 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	- linux <unfixed> (unimportant)
 	NOTE: https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=5e9ffcfa152ecb2832990c42fcd8a0f2e63c2c04
 	NOTE: https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin#_CVE-2018-11987
 	NOTE: ion not enabled in Debian build and in staging anyway
-CVE-2018-11986
+CVE-2018-11986 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11985
+CVE-2018-11985 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11984
+CVE-2018-11984 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11983
+CVE-2018-11983 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11982
+CVE-2018-11982 (In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MD ...)
 	NOT-FOR-US: Snapdragon
 CVE-2018-11981
 	RESERVED
@@ -23223,17 +23223,17 @@ CVE-2018-11967
 CVE-2018-11966
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11965
+CVE-2018-11965 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11964
+CVE-2018-11964 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11963
+CVE-2018-11963 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11962
+CVE-2018-11962 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11961
+CVE-2018-11961 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
-CVE-2018-11960
+CVE-2018-11960 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-11959
 	RESERVED
@@ -23242,7 +23242,7 @@ CVE-2018-11958
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11957
 	RESERVED
-CVE-2018-11956
+CVE-2018-11956 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Android
 CVE-2018-11955
 	RESERVED
@@ -23253,23 +23253,23 @@ CVE-2018-11953
 CVE-2018-11952
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11951
+CVE-2018-11951 (Improper access control in core module lead XBL_LOADER performs the ZI ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11950
+CVE-2018-11950 (Unapproved TrustZone applications can be loaded and executed in Snapdr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11949
 	RESERVED
-CVE-2018-11948
+CVE-2018-11948 (Exceeding the limit of usage entries are not tracked and the informati ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11947
 	RESERVED
-CVE-2018-11946
+CVE-2018-11946 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11945
+CVE-2018-11945 (Improper input validation in wireless service messaging module for dat ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11944
 	RESERVED
-CVE-2018-11943
+CVE-2018-11943 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11942
 	RESERVED
@@ -23279,21 +23279,21 @@ CVE-2018-11940
 	RESERVED
 CVE-2018-11939
 	RESERVED
-CVE-2018-11938
+CVE-2018-11938 (Improper input validation for argument received from HLOS can lead to  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11937
 	RESERVED
 CVE-2018-11936
 	RESERVED
-CVE-2018-11935
+CVE-2018-11935 (Improper input validation might result in incorrect app id returned to ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11934
 	RESERVED
 CVE-2018-11933
 	RESERVED
-CVE-2018-11932
+CVE-2018-11932 (Improper input validation can lead RW access to secure subsystem from  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11931
+CVE-2018-11931 (Improper access to HLOS is possible while transferring memory to CPZ i ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11930
 	RESERVED
@@ -23313,13 +23313,13 @@ CVE-2018-11923
 	RESERVED
 CVE-2018-11922
 	RESERVED
-CVE-2018-11921
+CVE-2018-11921 (Failure condition is not handled properly and the correct error code i ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11920
 	RESERVED
-CVE-2018-11919
+CVE-2018-11919 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11918
+CVE-2018-11918 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11917
 	RESERVED
@@ -23327,155 +23327,155 @@ CVE-2018-11916
 	RESERVED
 CVE-2018-11915
 	RESERVED
-CVE-2018-11914
+CVE-2018-11914 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11913
+CVE-2018-11913 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11912
+CVE-2018-11912 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11911
+CVE-2018-11911 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11910
+CVE-2018-11910 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11909
+CVE-2018-11909 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11908
+CVE-2018-11908 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11907
+CVE-2018-11907 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11906
+CVE-2018-11906 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11905
+CVE-2018-11905 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11904
+CVE-2018-11904 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11903
+CVE-2018-11903 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11902
+CVE-2018-11902 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11901
 	RESERVED
 CVE-2018-11900
 	RESERVED
-CVE-2018-11899
+CVE-2018-11899 (While processing radio connection status change events, Radio index is ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11898
+CVE-2018-11898 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11897
+CVE-2018-11897 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11896
 	RESERVED
-CVE-2018-11895
+CVE-2018-11895 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11894
+CVE-2018-11894 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11893
+CVE-2018-11893 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11892
 	RESERVED
-CVE-2018-11891
+CVE-2018-11891 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11890
 	RESERVED
-CVE-2018-11889
+CVE-2018-11889 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11888
+CVE-2018-11888 (Unauthorized access may be allowed by the SCP11 Crypto Services TA wil ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11887
 	RESERVED
-CVE-2018-11886
+CVE-2018-11886 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11885
 	RESERVED
-CVE-2018-11884
+CVE-2018-11884 (Improper input validation leads to buffer overflow while processing ne ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11883
+CVE-2018-11883 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11882
+CVE-2018-11882 (Incorrect bound check can lead to potential buffer overwrite in WLAN c ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11881
 	RESERVED
-CVE-2018-11880
+CVE-2018-11880 (Incorrect bound check can lead to potential buffer overwrite in WLAN f ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11879
+CVE-2018-11879 (When the buffer length passed is very large, bounds check could be byp ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11878
+CVE-2018-11878 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11877
+CVE-2018-11877 (When the buffer length passed is very large in WLAN, bounds check coul ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11876
+CVE-2018-11876 (Lack of input validation while copying to buffer in WLAN will lead to  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11875
+CVE-2018-11875 (Lack of check of buffer size before copying in a WLAN function can lea ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11874
+CVE-2018-11874 (Buffer overflow if the length of passphrase is more than 32 when setti ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11873
+CVE-2018-11873 (Improper input validation leads to buffer overwrite in the WLAN functi ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11872
+CVE-2018-11872 (Improper input validation leads to buffer overwrite in the WLAN functi ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11871
+CVE-2018-11871 (Buffer overwrite can happen in WLAN function while processing set pdev ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11870
+CVE-2018-11870 (Buffer overwrite can occur when the legacy rates count received from t ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11869
+CVE-2018-11869 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11868
+CVE-2018-11868 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11867
+CVE-2018-11867 (Lack of buffer length check before copying in WLAN function while proc ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11866
+CVE-2018-11866 (Integer overflow may happen in WLAN when calculating an internal struc ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11865
+CVE-2018-11865 (Integer overflow may happen when calculating an internal structure siz ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11864
+CVE-2018-11864 (Bytes can be written to fuses from Secure region which can be read lat ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11863
+CVE-2018-11863 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11862
+CVE-2018-11862 (Buffer overflow can happen in WLAN module due to lack of validation of ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11861
+CVE-2018-11861 (Buffer overflow can happen in WLAN function due to lack of validation  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11860
+CVE-2018-11860 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11859
+CVE-2018-11859 (Buffer overwrite can happen in WLAN due to lack of validation of the i ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11858
+CVE-2018-11858 (When processing IE set command, buffer overwrite may occur due to lack ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11857
+CVE-2018-11857 (Improper input validation in WLAN encrypt/decrypt module can lead to a ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11856
+CVE-2018-11856 (Improper input validation leads to buffer overwrite in the WLAN functi ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11855
+CVE-2018-11855 (If an end user makes use of SCP11 sample OCE code without modification ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11854
+CVE-2018-11854 (Lack of check of valid length of input parameter may cause buffer over ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11853
+CVE-2018-11853 (Lack of check on out of range for channels When processing channel lis ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11852
+CVE-2018-11852 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11851
+CVE-2018-11851 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11850
+CVE-2018-11850 (Lack of check on remaining length parameter When processing scan start ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11849
+CVE-2018-11849 (Lack of check on out of range of bssid parameter When processing scan  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11848
 	RESERVED
-CVE-2018-11847
+CVE-2018-11847 (Malicious TA can tag QSEE kernel memory and map to EL0, there by corru ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11846
+CVE-2018-11846 (The use of a non-time-constant memory comparison operation can lead to ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11845
+CVE-2018-11845 (Usage of non-time-constant comparison functions can lead to informatio ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11844
 	RESERVED
-CVE-2018-11843
+CVE-2018-11843 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11842
+CVE-2018-11842 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11841
 	RESERVED
-CVE-2018-11840
+CVE-2018-11840 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11839
 	RESERVED
@@ -23483,7 +23483,7 @@ CVE-2018-11838
 	RESERVED
 CVE-2018-11837
 	RESERVED
-CVE-2018-11836
+CVE-2018-11836 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11835
 	RESERVED
@@ -23491,7 +23491,7 @@ CVE-2018-11834
 	RESERVED
 CVE-2018-11833
 	RESERVED
-CVE-2018-11832
+CVE-2018-11832 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Android kernel, code not in mainline
 CVE-2018-11831
 	RESERVED
@@ -23499,27 +23499,27 @@ CVE-2018-11830
 	RESERVED
 CVE-2018-11829
 	RESERVED
-CVE-2018-11828
+CVE-2018-11828 (When FW tries to get random mac address generated from new SW RNG and  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11827
+CVE-2018-11827 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11826
+CVE-2018-11826 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11825
 	RESERVED
-CVE-2018-11824
+CVE-2018-11824 (A stack-based buffer overflow can occur in a firmware routine in Snapd ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11823
+CVE-2018-11823 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Android kernel, code not in mainline
-CVE-2018-11822
+CVE-2018-11822 (A possible integer overflow may happen in WLAN during memory allocatio ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11821
+CVE-2018-11821 (Possible integer overflow may happen in WLAN during memory allocation  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11820
+CVE-2018-11820 (Use of non-time constant memcmp function creates side channel that lea ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11819
 	RESERVED
-CVE-2018-11818
+CVE-2018-11818 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11817
 	RESERVED
@@ -23529,38 +23529,38 @@ CVE-2018-11816
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11815
 	RESERVED
-CVE-2018-12066
+CVE-2018-12066 (BIRD Internet Routing Daemon before 1.6.4 allows local users to cause  ...)
 	- bird 1.6.4-1 (low; bug #900967)
 	[stretch] - bird <no-dsa> (Minor issue)
 	[jessie] - bird <no-dsa> (Minor issue)
 	NOTE: https://gitlab.labs.nic.cz/labs/bird/blob/v1.6.4/NEWS#L11
 	NOTE: Fixed by: https://gitlab.labs.nic.cz/labs/bird/commit/e8bc64e308586b6502090da2775af84cd760ed0d
-CVE-2018-1002209
+CVE-2018-1002209 (QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing att ...)
 	- libquazip 0.7.6-1 (bug #902786)
 	[stretch] - libquazip <no-dsa> (Minor issue)
 	[jessie] - libquazip <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1593011
-CVE-2018-1002204
+CVE-2018-1002204 (adm-zip npm library before 0.4.9 is vulnerable to directory traversal, ...)
 	NOT-FOR-US: adm-zip nodejs module
-CVE-2018-1002202
+CVE-2018-1002202 (zip4j before 1.3.3 is vulnerable to directory traversal, allowing atta ...)
 	NOT-FOR-US: zip4j
-CVE-2018-1002201
+CVE-2018-1002201 (zt-zip before 1.13 is vulnerable to directory traversal, allowing atta ...)
 	NOT-FOR-US: zt-zip
-CVE-2018-1002200
+CVE-2018-1002200 (plexus-archiver before 3.6.0 is vulnerable to directory traversal, all ...)
 	{DSA-4227-1}
 	- plexus-archiver 3.6.0-1 (bug #900953)
 	NOTE: https://github.com/codehaus-plexus/plexus-archiver/pull/87
 	NOTE: https://github.com/codehaus-plexus/plexus-archiver/commit/58bc24e465c0842981692adbf6d75680298989de
-CVE-2018-1000204
+CVE-2018-1000204 (** DISPUTED ** Linux Kernel version 3.18 to 4.16 incorrectly handles a ...)
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
 	NOTE: Fixed by: https://git.kernel.org/linus/a45b599ad808c3c982fdcdc12b0b8611c2f92824
-CVE-2018-1000203
+CVE-2018-1000203 (Soar Labs Soar Coin version up to and including git commit 4a2aa71ee21 ...)
 	NOT-FOR-US: Soar Labs Soar Coin
 CVE-2018-11814
 	RESERVED
-CVE-2018-11813
+CVE-2018-11813 (libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles ...)
 	- libjpeg9 <unfixed> (low; bug #904719)
 CVE-2018-11812
 	RESERVED
@@ -23570,62 +23570,62 @@ CVE-2018-11810
 	RESERVED
 CVE-2018-11809
 	RESERVED
-CVE-2018-11808
+CVE-2018-11808 (Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngi ...)
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
 CVE-2018-11807
 	RESERVED
-CVE-2018-11806
+CVE-2018-11806 (m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via inc ...)
 	- qemu 1:3.1+dfsg-1 (bug #901017)
 	[stretch] - qemu <postponed> (Minor issue, wait until more severe issues are around)
 	[jessie] - qemu <postponed> (Minor issue, wait until more severe issues are around)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=864036e251f54c99d31df124aad7f34f01f5344c
-CVE-2018-1000202
+CVE-2018-1000202 (A persisted cross-site scripting vulnerability exists in Jenkins Groov ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000198
+CVE-2018-1000198 (A XML external entity processing vulnerability exists in Jenkins Black ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000197
+CVE-2018-1000197 (An improper authorization vulnerability exists in Jenkins Black Duck H ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000196
+CVE-2018-1000196 (A exposure of sensitive information vulnerability exists in Jenkins Gi ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000195
+CVE-2018-1000195 (A server-side request forgery vulnerability exists in Jenkins 2.120 an ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1000194
+CVE-2018-1000194 (A path traversal vulnerability exists in Jenkins 2.120 and older, LTS  ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-1000193
+CVE-2018-1000193 (A improper neutralization of control sequences vulnerability exists in ...)
 	NOT-FOR-US: Jenkins
-CVE-2018-12015
+CVE-2018-12015 (In Perl through 5.26.2, the Archive::Tar module allows remote attacker ...)
 	{DSA-4226-1}
 	- perl 5.26.2-6 (bug #900834)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=125523
 	NOTE: https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5
-CVE-2018-1000192
+CVE-2018-1000192 (A information exposure vulnerability exists in Jenkins 2.120 and older ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000191
+CVE-2018-1000191 (A exposure of sensitive information vulnerability exists in Jenkins Bl ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000190
+CVE-2018-1000190 (A exposure of sensitive information vulnerability exists in Jenkins Bl ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000189
+CVE-2018-1000189 (A command execution vulnerability exists in Jenkins Absint Astree Plug ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000188
+CVE-2018-1000188 (A server-side request forgery vulnerability exists in Jenkins CAS Plug ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000187
+CVE-2018-1000187 (A exposure of sensitive information vulnerability exists in Jenkins Ku ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000186
+CVE-2018-1000186 (A exposure of sensitive information vulnerability exists in Jenkins Gi ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000185
+CVE-2018-1000185 (A server-side request forgery vulnerability exists in Jenkins GitHub B ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000184
+CVE-2018-1000184 (A server-side request forgery vulnerability exists in Jenkins GitHub P ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000183
+CVE-2018-1000183 (A exposure of sensitive information vulnerability exists in Jenkins Gi ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000182
+CVE-2018-1000182 (A server-side request forgery vulnerability exists in Jenkins Git Plug ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-11805
 	RESERVED
-CVE-2018-11804
+CVE-2018-11804 (Spark's Apache Maven-based build includes a convenience script, 'build ...)
 	NOT-FOR-US: Apache Spark
-CVE-2018-11803
+CVE-2018-11803 (Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10. ...)
 	- subversion 1.10.4-1
 	[stretch] - subversion <not-affected> (Vulnerable code introduced in 1.10.0)
 	[jessie] - subversion <not-affected> (Vulnerable code introduced in 1.10.0)
@@ -23637,14 +23637,14 @@ CVE-2018-11801
 	RESERVED
 CVE-2018-11800
 	RESERVED
-CVE-2018-11799
+CVE-2018-11799 (Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0  ...)
 	NOT-FOR-US: Apache Oozie
-CVE-2018-11798
+CVE-2018-11798 (The Apache Thrift Node.js static web server in versions 0.9.2 through  ...)
 	- thrift 0.11.0-4 (unimportant; bug #918734)
 	NOTE: https://issues.apache.org/jira/browse/THRIFT-4647
 	NOTE: https://github.com/apache/thrift/commit/2a2b72f6c8aef200ecee4984f011e06052288ff2
 	NOTE: src:thrift in Debian configured with --without-nodejs
-CVE-2018-11797
+CVE-2018-11797 (In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully c ...)
 	{DLA-1547-1}
 	- libpdfbox-java 1:1.8.16-1 (bug #910390)
 	[stretch] - libpdfbox-java <no-dsa> (Minor issue)
@@ -23652,7 +23652,7 @@ CVE-2018-11797
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/05/4
 	NOTE: https://svn.apache.org/r1842131 (branch 2.0)
 	NOTE: https://svn.apache.org/r1842278 (branch 1.8)
-CVE-2018-11796
+CVE-2018-11796 (In Apache Tika 1.19 (CVE-2018-11761), we added an entity expansion lim ...)
 	- tika <not-affected> (Incomplete fix for CVE-2018-11761 not applied)
 	NOTE: https://lists.apache.org/thread.html/88de8350cda9b184888ec294c813c5bd8a2081de8fd3666f8904bc05@%3Cdev.tika.apache.org%3E
 	NOTE: https://issues.apache.org/jira/projects/TIKA/issues/TIKA-2727
@@ -23661,27 +23661,27 @@ CVE-2018-11795
 	REJECTED
 CVE-2018-11794
 	REJECTED
-CVE-2018-11793
+CVE-2018-11793 (When parsing a JSON payload with deeply nested JSON structures, the pa ...)
 	- apache-mesos <itp> (bug #760315)
-CVE-2018-11792
+CVE-2018-11792 (In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER  ...)
 	NOT-FOR-US: Apache Impala
 CVE-2018-11791
 	REJECTED
-CVE-2018-11790
+CVE-2018-11790 (When loading a document with Apache Open Office 4.1.5 and earlier with ...)
 	- libreoffice 1:4.0.3-1
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/16/2
 	NOTE: https://github.com/LibreOffice/core/commit/bbc94edb9a91b27910d43610db9994df10dd99e1
-CVE-2018-11789
+CVE-2018-11789 (When accessing the heron-ui webpage, people can modify the file paths  ...)
 	TODO: check
-CVE-2018-11788
+CVE-2018-11788 (Apache Karaf provides a features deployer, which allows users to "hot  ...)
 	- apache-karaf <itp> (bug #881297)
-CVE-2018-11787
+CVE-2018-11787 (In Apache Karaf version prior to 3.0.9, 4.0.9, 4.1.1, when the webcons ...)
 	- apache-karaf <itp> (bug #881297)
-CVE-2018-11786
+CVE-2018-11786 (In Apache Karaf prior to 4.2.0 release, if the sshd service in Karaf i ...)
 	- apache-karaf <itp> (bug #881297)
-CVE-2018-11785
+CVE-2018-11785 (Missing authorization check in Apache Impala before 3.0.1 allows a Ker ...)
 	NOT-FOR-US: Apache Impala
-CVE-2018-11784
+CVE-2018-11784 (When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, ...)
 	{DLA-1545-1 DLA-1544-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.34-1
@@ -23694,33 +23694,33 @@ CVE-2018-11784
 	NOTE: https://svn.apache.org/r1840055 (9.0.x)
 	NOTE: https://svn.apache.org/r1840056 (8.5.x)
 	NOTE: https://svn.apache.org/r1840057 (7.0.x)
-CVE-2018-11783
+CVE-2018-11783 (sslheaders plugin extracts information from the client certificate and ...)
 	- trafficserver 8.0.2+ds-1
 	[stretch] - trafficserver <postponed> (Minor issue, experimental plugin, will be fixed along in next DSA)
 	NOTE: https://github.com/apache/trafficserver/pull/4701
 	NOTE: https://www.openwall.com/lists/oss-security/2019/02/13/6
 CVE-2018-11782
 	RESERVED
-CVE-2018-11781
+CVE-2018-11781 (Apache SpamAssassin 3.4.2 fixes a local user code injection in the met ...)
 	{DLA-1578-1}
 	- spamassassin 3.4.2-1 (bug #908971)
 	[stretch] - spamassassin 3.4.2-1~deb9u1
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/16/1
-CVE-2018-11780
+CVE-2018-11780 (A potential Remote Code Execution bug exists with the PDFInfo plugin i ...)
 	{DLA-1578-1}
 	- spamassassin 3.4.2-1 (bug #908970)
 	[stretch] - spamassassin 3.4.2-1~deb9u1
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/16/1
 CVE-2018-11779
 	RESERVED
-CVE-2018-11778
+CVE-2018-11778 (UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correc ...)
 	NOT-FOR-US: Apache Ranger
-CVE-2018-11777
+CVE-2018-11777 (In Apache Hive 2.3.3, 3.1.0 and earlier, local resources on HiveServer ...)
 	NOT-FOR-US: Apache Hive
-CVE-2018-11776
+CVE-2018-11776 (Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from pos ...)
 	- libstruts1.2-java <not-affected> (Specific to 2.x)
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-057
-CVE-2018-11775
+CVE-2018-11775 (TLS hostname verification when using the Apache ActiveMQ Client before ...)
 	- activemq 5.15.6-1 (low; bug #908950)
 	[stretch] - activemq <no-dsa> (Minor issue)
 	[jessie] - activemq <no-dsa> (Minor issue)
@@ -23734,54 +23734,54 @@ CVE-2018-11773
 	RESERVED
 CVE-2018-11772
 	RESERVED
-CVE-2018-11771
+CVE-2018-11771 (When reading a specially crafted ZIP archive, the read method of Apach ...)
 	- libcommons-compress-java 1.18-1 (bug #906301)
 	[stretch] - libcommons-compress-java <no-dsa> (Minor issue)
 	[jessie] - libcommons-compress-java <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/16/2
-CVE-2018-11770
+CVE-2018-11770 (From version 1.3.0 onward, Apache Spark's standalone master exposes a  ...)
 	NOT-FOR-US: Apache Spark
-CVE-2018-11769
+CVE-2018-11769 (CouchDB administrative users before 2.2.0 can configure the database s ...)
 	- couchdb <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/08/2
 CVE-2018-11768
 	RESERVED
-CVE-2018-11767
+CVE-2018-11767 (In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS b ...)
 	- hadoop <itp> (bug #793644)
-CVE-2018-11766
+CVE-2018-11766 (In Apache Hadoop 2.7.4 to 2.7.6, the security fix for CVE-2016-6811 is ...)
 	- hadoop <itp> (bug #793644)
 CVE-2018-11765
 	RESERVED
 CVE-2018-11764
 	RESERVED
-CVE-2018-11763
+CVE-2018-11763 (In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large S ...)
 	- apache2 2.4.35-1 (bug #909591)
 	[stretch] - apache2 2.4.25-3+deb9u6
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-11763
-CVE-2018-11762
+CVE-2018-11762 (In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not  ...)
 	- tika 1.20-1
 	[jessie] - tika <ignored> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/19/5
-CVE-2018-11761
+CVE-2018-11761 (In Apache Tika 0.1 to 1.18, the XML parsers were not configured to lim ...)
 	- tika 1.20-1
 	[jessie] - tika <ignored> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/19/4
 	NOTE: When fixing this issue the fix needs to be made complete to not open
 	NOTE: CVE-2018-11796. The full fix is only in 1.19.1 onwards.
-CVE-2018-11760
+CVE-2018-11760 (When using PySpark , it's possible for a different local user to conne ...)
 	NOT-FOR-US: Apache Spark
-CVE-2018-11759
+CVE-2018-11759 (The Apache Web Server (httpd) specific code that normalised the reques ...)
 	{DSA-4357-1 DLA-1609-1}
 	- libapache-mod-jk 1:1.2.46-1
 	NOTE: https://tomcat.apache.org/security-jk.html#Fixed_in_Apache_Tomcat_JK_Connector_1.2.46
 	NOTE: https://www.immunit.ch/blog/2018/11/01/cve-2018-11759-apache-mod_jk-access-bypass/
-CVE-2018-11758
+CVE-2018-11758 (This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1,  ...)
 	NOT-FOR-US: Apache Cayenne
-CVE-2018-11757
+CVE-2018-11757 (In Docker Skeleton Runtime for Apache OpenWhisk, a Docker action inher ...)
 	NOT-FOR-US: Docker Skeleton Runtime for Apache OpenWhisk
-CVE-2018-11756
+CVE-2018-11756 (In PHP Runtime for Apache OpenWhisk, a Docker action inheriting one of ...)
 	NOT-FOR-US: PHP Runtime for Apache OpenWhisk
 CVE-2018-11755
 	RESERVED
@@ -23789,63 +23789,63 @@ CVE-2018-11754
 	RESERVED
 CVE-2018-11753
 	RESERVED
-CVE-2018-11752
+CVE-2018-11752 (Previous releases of the Puppet cisco_ios module output SSH session de ...)
 	NOT-FOR-US: cisco_ios Puppet module
 CVE-2018-11751
 	RESERVED
-CVE-2018-11750
+CVE-2018-11750 (Previous releases of the Puppet cisco_ios module did not validate a ho ...)
 	NOT-FOR-US: cisco_ios Puppet module
-CVE-2018-11749
+CVE-2018-11749 (When users are configured to use startTLS with RBAC LDAP, at login tim ...)
 	- puppet <not-affected> (RBAC is specific to Puppet Enterprise)
-CVE-2018-11748
+CVE-2018-11748 (Previous releases of the Puppet device_manager module creates configur ...)
 	NOT-FOR-US: Puppet device_manager module
-CVE-2018-11747
+CVE-2018-11747 (Previously, Puppet Discovery was shipped with a default generated TLS  ...)
 	TODO: check
-CVE-2018-11746
+CVE-2018-11746 (In Puppet Discovery prior to 1.2.0, when running Discovery against Win ...)
 	NOT-FOR-US: Puppet Discovery
 CVE-2018-11745
 	RESERVED
 CVE-2018-11744
 	RESERVED
-CVE-2018-11743
+CVE-2018-11743 (The init_copy function in kernel.c in mruby 1.4.1 makes initialize_cop ...)
 	- mruby 1.4.1+20180622+git640fca32-1 (bug #900845)
 	[stretch] - mruby <no-dsa> (Minor issue)
 	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/commit/b64ce17852b180dfeea81cf458660be41a78974d
 	NOTE: https://github.com/mruby/mruby/issues/4027
-CVE-2018-11742
+CVE-2018-11742 (NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Sto ...)
 	NOT-FOR-US: NEC Univerge Sv9100 WebPro devices
-CVE-2018-11741
+CVE-2018-11741 (NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session ID ...)
 	NOT-FOR-US: NEC Univerge Sv9100 WebPro devices
-CVE-2018-11740
+CVE-2018-11740 (An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from r ...)
 	- sleuthkit <unfixed> (low; bug #902187)
 	[buster] - sleuthkit <no-dsa> (Minor issue)
 	[stretch] - sleuthkit <no-dsa> (Minor issue)
 	[jessie] - sleuthkit <no-dsa> (Minor issue)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1264
-CVE-2018-11739
+CVE-2018-11739 (An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from re ...)
 	- sleuthkit <unfixed> (low; bug #902187)
 	[buster] - sleuthkit <no-dsa> (Minor issue)
 	[stretch] - sleuthkit <no-dsa> (Minor issue)
 	[jessie] - sleuthkit <no-dsa> (Minor issue)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1267
-CVE-2018-11738
+CVE-2018-11738 (An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from rel ...)
 	- sleuthkit <unfixed> (low; bug #902187)
 	[buster] - sleuthkit <no-dsa> (Minor issue)
 	[stretch] - sleuthkit <no-dsa> (Minor issue)
 	[jessie] - sleuthkit <no-dsa> (Minor issue)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1265
-CVE-2018-11737
+CVE-2018-11737 (An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from rel ...)
 	- sleuthkit <unfixed> (low; bug #902187)
 	[buster] - sleuthkit <no-dsa> (Minor issue)
 	[stretch] - sleuthkit <no-dsa> (Minor issue)
 	[jessie] - sleuthkit <no-dsa> (Minor issue)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1266
-CVE-2018-1000201
+CVE-2018-1000201 (ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can  ...)
 	- ruby-ffi <not-affected> (Windows-specific)
-CVE-2018-11736
+CVE-2018-11736 (An issue was discovered in Pluck before 4.7.7-dev2. /data/inc/images.p ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2018-11735
+CVE-2018-11735 (index.php?action=createaccount in Ximdex 4.0 has XSS via the sname or  ...)
 	NOT-FOR-US: Ximdex
 CVE-2018-11734
 	RESERVED
@@ -23853,184 +23853,184 @@ CVE-2018-11733
 	RESERVED
 CVE-2018-11732
 	RESERVED
-CVE-2018-11731
+CVE-2018-11731 (** DISPUTED ** The libfsntfs_mft_entry_read_attributes function in lib ...)
 	- libfsntfs 20190104-1 (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/17
 	NOTE: https://github.com/libyal/libfsntfs/issues/8
 	NOTE: https://github.com/libyal/libfsntfs/issues/9
 	NOTE: https://github.com/libyal/libfsntfs/commit/7a17c43be39919227b4fe24684a8a29a90ee54ad
 	NOTE: Negligable/questionable security impact
-CVE-2018-11730
+CVE-2018-11730 (** DISPUTED ** The libfsntfs_security_descriptor_values_free function  ...)
 	- libfsntfs 20190104-1 (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/17
 	NOTE: https://github.com/libyal/libfsntfs/issues/8
 	NOTE: https://github.com/libyal/libfsntfs/issues/9
 	NOTE: https://github.com/libyal/libfsntfs/commit/7a17c43be39919227b4fe24684a8a29a90ee54ad
 	NOTE: Negligable/questionable security impact
-CVE-2018-11729
+CVE-2018-11729 (** DISPUTED ** The libfsntfs_mft_entry_read_header function in libfsnt ...)
 	- libfsntfs 20190104-1 (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/17
 	NOTE: https://github.com/libyal/libfsntfs/issues/8
 	NOTE: https://github.com/libyal/libfsntfs/issues/9
 	NOTE: https://github.com/libyal/libfsntfs/commit/7a17c43be39919227b4fe24684a8a29a90ee54ad
 	NOTE: Negligable/questionable security impact
-CVE-2018-11728
+CVE-2018-11728 (** DISPUTED ** The libfsntfs_reparse_point_values_read_data function i ...)
 	- libfsntfs 20190104-1 (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/17
 	NOTE: https://github.com/libyal/libfsntfs/issues/8
 	NOTE: https://github.com/libyal/libfsntfs/issues/9
 	NOTE: https://github.com/libyal/libfsntfs/commit/7a17c43be39919227b4fe24684a8a29a90ee54ad
 	NOTE: Negligable/questionable security impact
-CVE-2018-11727
+CVE-2018-11727 (** DISPUTED ** The libfsntfs_attribute_read_from_mft function in libfs ...)
 	- libfsntfs 20190104-1 (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/17
 	NOTE: https://github.com/libyal/libfsntfs/issues/8
 	NOTE: https://github.com/libyal/libfsntfs/issues/9
 	NOTE: https://github.com/libyal/libfsntfs/commit/7a17c43be39919227b4fe24684a8a29a90ee54ad
 	NOTE: Negligable/questionable security impact
-CVE-2018-11726
+CVE-2018-11726 (The mobi_decode_font_resource function in util.c in Libmobi 0.3 allows ...)
 	NOT-FOR-US: Libmobi
-CVE-2018-11725
+CVE-2018-11725 (The mobi_parse_index_entry function in index.c in Libmobi 0.3 allows r ...)
 	NOT-FOR-US: Libmobi
-CVE-2018-11724
+CVE-2018-11724 (The mobi_pk1_decrypt function in encryption.c in Libmobi 0.3 allows re ...)
 	NOT-FOR-US: Libmobi
-CVE-2018-11723
+CVE-2018-11723 (** DISPUTED ** The libpff_name_to_id_map_entry_read function in libpff ...)
 	- libpff 20180714-1 (low; bug #901967)
 	[stretch] - libpff <no-dsa> (Minor issue)
 	[jessie] - libpff <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/15
 	NOTE: https://github.com/libyal/libpff/issues/64
 	NOTE: https://github.com/libyal/libpff/commit/7b92bcace7e743cc9417e3cc3e4eee29abb70cf5
-CVE-2018-11722
+CVE-2018-11722 (WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' param ...)
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-11721
 	RESERVED
-CVE-2018-11720
+CVE-2018-11720 (Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow Directory Travers ...)
 	NOT-FOR-US: Xovis
-CVE-2018-11719
+CVE-2018-11719 (Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow XXE. ...)
 	NOT-FOR-US: Xovis
-CVE-2018-11718
+CVE-2018-11718 (Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow CSRF. ...)
 	NOT-FOR-US: Xovis
-CVE-2018-11717
+CVE-2018-11717 (An issue was discovered in Zoho ManageEngine Desktop Central before 10 ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-11716
+CVE-2018-11716 (An issue was discovered in Zoho ManageEngine Desktop Central before 10 ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-11715
+CVE-2018-11715 (The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread  ...)
 	NOT-FOR-US: Recent Threads plugin for MyBB
-CVE-2018-11714
+CVE-2018-11714 (An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-11713
+CVE-2018-11713 (WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the li ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=126384
 	NOTE: https://trac.webkit.org/changeset/228088/webkit
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-11712
+CVE-2018-11712 (WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the li ...)
 	- webkit2gtk 2.20.2-1 (unimportant)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=184804
 	NOTE: https://trac.webkit.org/changeset/230886/webkit
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-11711
+CVE-2018-11711 (** DISPUTED ** A remote attacker can bypass the System Manager Mode on ...)
 	NOT-FOR-US: Canon MF210 and MF220 web interface
-CVE-2018-11710
+CVE-2018-11710 (soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers  ...)
 	- libopenmpt 0.3.9-1
 	[stretch] - libopenmpt <no-dsa> (Minor issue)
 	NOTE: https://lib.openmpt.org/libopenmpt/2018/04/29/security-updates-0.3.9-0.2-beta32-0.2.7561-beta20.5-p9-0.2.7386-beta20.3-p12/
 	NOTE: https://source.openmpt.org/browse/openmpt/trunk/?op=revision&rev=10149&peg=10150
-CVE-2018-11709
+CVE-2018-11709 (wpforo_get_request_uri in wpf-includes/functions.php in the wpForo For ...)
 	NOT-FOR-US: wpForo Forum plugin for WordPress
 CVE-2018-11708
 	RESERVED
-CVE-2018-1002101
+CVE-2018-1002101 (In Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1,  ...)
 	- kubernetes <unfixed>
 	NOTE: https://github.com/kubernetes/kubernetes/issues/65750
-CVE-2018-11707
+CVE-2018-11707 (FastStone Image Viewer 6.2 has a User Mode Read and Execute AV at 0x00 ...)
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2018-11706
+CVE-2018-11706 (FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578dd8, tri ...)
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2018-11705
+CVE-2018-11705 (FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cc4, tri ...)
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2018-11704
+CVE-2018-11704 (FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d7d, tri ...)
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2018-11703
+CVE-2018-11703 (FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, tri ...)
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2018-11702
+CVE-2018-11702 (FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cb3, tri ...)
 	NOT-FOR-US: FastStone Image Viewer
-CVE-2018-11701
+CVE-2018-11701 (FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, tri ...)
 	NOT-FOR-US: FastStone Image Viewer
 CVE-2018-11700
 	RESERVED
 CVE-2018-11699
 	RESERVED
-CVE-2018-11698
+CVE-2018-11698 (An issue was discovered in LibSass through 3.5.4. An out-of-bounds rea ...)
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2662
-CVE-2018-11697
+CVE-2018-11697 (An issue was discovered in LibSass through 3.5.4. An out-of-bounds rea ...)
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2656
 	NOTE: https://github.com/sass/libsass/commit/eb15533b07773c30dc03c9d742865604f47120ef
-CVE-2018-11696
+CVE-2018-11696 (An issue was discovered in LibSass through 3.5.4. A NULL pointer deref ...)
 	- libsass 3.5.5-1
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2665
 	NOTE: https://github.com/sass/libsass/commit/38f4c3699d06b64128bebc7cf1e8b3125be74dc4
-CVE-2018-11695
+CVE-2018-11695 (An issue was discovered in LibSass through 3.5.2. A NULL pointer deref ...)
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2664
-CVE-2018-11694
+CVE-2018-11694 (An issue was discovered in LibSass through 3.5.4. A NULL pointer deref ...)
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2663
-CVE-2018-11693
+CVE-2018-11693 (An issue was discovered in LibSass through 3.5.4. An out-of-bounds rea ...)
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2661
-CVE-2018-11692
+CVE-2018-11692 (** DISPUTED ** An issue was discovered on Canon LBP6650, LBP3370, LBP3 ...)
 	NOT-FOR-US: Canon devices
 CVE-2018-11691
 	RESERVED
-CVE-2018-11690
+CVE-2018-11690 (The Balbooa Gridbox extension version 2.4.0 and previous versions for  ...)
 	NOT-FOR-US: Balbooa Gridbox extension for Joomla!
-CVE-2018-11689
+CVE-2018-11689 (Smart Viewer in Samsung Web Viewer for Samsung DVR is vulnerable to cr ...)
 	NOT-FOR-US: Smart Viewer in Samsung Web Viewer for Samsung DVR
-CVE-2018-11688
+CVE-2018-11688 (Ignite Realtime Openfire 3.7.1 is vulnerable to cross-site scripting,  ...)
 	NOT-FOR-US: Ignite Realtime Openfire
-CVE-2018-11687
+CVE-2018-11687 (An integer overflow in the distributeBTR function of a smart contract  ...)
 	NOT-FOR-US: smart contract implementation for Bitcoin Red (BTCR)
 CVE-2018-11686
 	RESERVED
-CVE-2018-11685
+CVE-2018-11685 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compi ...)
 	- liblouis 3.5.0-3
 	[stretch] - liblouis 3.0.0-3+deb9u4
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/issues/593
 	NOTE: https://github.com/liblouis/liblouis/commit/b5049cb17ae3d15b2b26890de0e24d0fecc080f5
-CVE-2018-11684
+CVE-2018-11684 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function inclu ...)
 	- liblouis 3.5.0-3
 	[stretch] - liblouis 3.0.0-3+deb9u4
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/issues/592
 	NOTE: https://github.com/liblouis/liblouis/commit/fb2bfce4ed49ac4656a8f7e5b5526e4838da1dde
-CVE-2018-11683
+CVE-2018-11683 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parse ...)
 	- liblouis 3.5.0-3
 	[stretch] - liblouis 3.0.0-3+deb9u4
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/issues/591
 	NOTE: https://github.com/liblouis/liblouis/commit/e7eee2b7926668360a0d8e2abee6c35a00ebce3c
 	NOTE: https://github.com/liblouis/liblouis/commit/d4fc803687e38a5355fb686bf98cc082951f3043
-CVE-2018-11682
+CVE-2018-11682 (Default and unremovable support credentials allow attackers to gain to ...)
 	NOT-FOR-US: products using the Stanza Lutron integration protocol
-CVE-2018-11681
+CVE-2018-11681 (Default and unremovable support credentials (user:nwk password:nwk2) a ...)
 	NOT-FOR-US: products using the RadioRA 2 Lutron integration protocol
-CVE-2018-11680
+CVE-2018-11680 (An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulne ...)
 	NOT-FOR-US: CmsEasy
-CVE-2018-11679
+CVE-2018-11679 (An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulne ...)
 	NOT-FOR-US: CmsEasy
-CVE-2018-11678
+CVE-2018-11678 (plugins/box/users/users.plugin.php in Monstra CMS 3.0.4 allows Login R ...)
 	NOT-FOR-US: Monstra CMS
 CVE-2018-11677
 	RESERVED
@@ -24044,9 +24044,9 @@ CVE-2018-11673
 	RESERVED
 CVE-2018-11672
 	RESERVED
-CVE-2018-11671
+CVE-2018-11671 (An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnera ...)
 	NOT-FOR-US: GreenCMS
-CVE-2018-11670
+CVE-2018-11670 (An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnera ...)
 	NOT-FOR-US: GreenCMS
 CVE-2018-11669
 	RESERVED
@@ -24072,36 +24072,36 @@ CVE-2018-11659
 	RESERVED
 CVE-2018-11658
 	RESERVED
-CVE-2018-11657
+CVE-2018-11657 (ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg ...)
 	NOT-FOR-US: ngiflib
-CVE-2018-11656
+CVE-2018-11656 (In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was fo ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/931
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4da2cd650532ffd18fa11578fc2ec7c2467727bb
-CVE-2018-11655
+CVE-2018-11655 (In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was fo ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/930
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/a7414b7322201a9c8a5cacf563f08468c329b4b1
-CVE-2018-11654
+CVE-2018-11654 (Information disclosure in Netwave IP camera at get_status.cgi (via HTT ...)
 	NOT-FOR-US: Netwave IP camera
-CVE-2018-11653
+CVE-2018-11653 (Information disclosure in Netwave IP camera at //etc/RT2870STA.dat (vi ...)
 	NOT-FOR-US: Netwave IP camera
-CVE-2018-11652
+CVE-2018-11652 (CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote a ...)
 	- nikto 1:2.1.5-3 (bug #900608)
 	[stretch] - nikto <no-dsa> (non-free not supported)
 	[jessie] - nikto <no-dsa> (non-free not supported)
 	NOTE: https://github.com/sullo/nikto/commit/e759b3300aace5314fe3d30800c8bd83c81c29f7
-CVE-2018-11651
+CVE-2018-11651 (Graylog before v2.4.4 has an XSS security issue with unescaped text in ...)
 	- graylog2 <itp> (bug #652273)
-CVE-2018-11650
+CVE-2018-11650 (Graylog before v2.4.4 has an XSS security issue with unescaped text in ...)
 	- graylog2 <itp> (bug #652273)
-CVE-2018-11649
+CVE-2018-11649 (Hue 3.12 has XSS via the /pig/save/ name and script parameters. ...)
 	NOT-FOR-US: Hue
 CVE-2018-11648
 	RESERVED
-CVE-2018-11647
+CVE-2018-11647 (index.js in oauth2orize-fprm before 0.2.1 has XSS via a crafted URL. ...)
 	NOT-FOR-US: oauth2orize-fprm
-CVE-2018-11646
+CVE-2018-11646 (webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIco ...)
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=186164
 	NOTE: Was found while investigting CVE-2018-11396 in epiphany, cf.
@@ -24109,53 +24109,53 @@ CVE-2018-11646
 	NOTE: different issue.
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-11645
+CVE-2018-11645 (psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status c ...)
 	{DSA-4336-1 DLA-1504-1}
 	- ghostscript 9.21~dfsg-1 (low)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697193
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b60d50b7567369ad856cebe1efb6cd7dd2284219 (9.21rc1)
 CVE-2018-11644
 	RESERVED
-CVE-2018-11643
+CVE-2018-11643 (SQL injection vulnerability in the administrative console in Dialogic  ...)
 	NOT-FOR-US: Dialogic
-CVE-2018-11642
+CVE-2018-11642 (Incorrect Permission Assignment on the /var/www/xms/cleanzip.sh shell  ...)
 	NOT-FOR-US: Dialogic
-CVE-2018-11641
+CVE-2018-11641 (Use of Hard-coded Credentials in /var/www/xms/application/controllers/ ...)
 	NOT-FOR-US: Dialogic
-CVE-2018-11640
+CVE-2018-11640 (XML External Entity (XXE) vulnerability in the web service in Dialogic ...)
 	NOT-FOR-US: Dialogic
-CVE-2018-11639
+CVE-2018-11639 (Plaintext Storage of Passwords within Cookies in /var/www/xms/applicat ...)
 	NOT-FOR-US: Dialogic
-CVE-2018-11638
+CVE-2018-11638 (Unrestricted Upload of a File with a Dangerous Type in the administrat ...)
 	NOT-FOR-US: Dialogic
-CVE-2018-11637
+CVE-2018-11637 (Information leakage vulnerability in the administrative console in Dia ...)
 	NOT-FOR-US: Dialogic
-CVE-2018-11636
+CVE-2018-11636 (Cross-site request forgery (CSRF) vulnerability in the administrative  ...)
 	NOT-FOR-US: Dialogic
-CVE-2018-11635
+CVE-2018-11635 (Use of a Hard-coded Cryptographic Key used to protect cookie session d ...)
 	NOT-FOR-US: Dialogic
-CVE-2018-11634
+CVE-2018-11634 (Plaintext Storage of Passwords in the administrative console in Dialog ...)
 	NOT-FOR-US: Dialogic
-CVE-2018-11633
+CVE-2018-11633 (An issue was discovered in the MULTIDOTS Woo Checkout for Digital Good ...)
 	NOT-FOR-US: MULTIDOTS Woo Checkout for Digital Goods plugin for WordPress
-CVE-2018-11632
+CVE-2018-11632 (An issue was discovered in the MULTIDOTS Add Social Share Messenger Bu ...)
 	NOT-FOR-US: MULTIDOTS Add Social Share Messenger Buttons Whatsapp and Viber plugin for WordPress
-CVE-2018-11631
+CVE-2018-11631 (Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to s ...)
 	NOT-FOR-US: Rondaful M1 Wristband Smart Band 1 devices
 CVE-2018-11630
 	RESERVED
-CVE-2018-11629
+CVE-2018-11629 (Default and unremovable support credentials (user:lutron password:inte ...)
 	NOT-FOR-US: products using the HomeWorks QS Lutron integration protocol
-CVE-2018-11628
+CVE-2018-11628 (Data input into EMS Master Calendar before 8.0.0.201805210 via URL par ...)
 	NOT-FOR-US: EMS Master Calendar
-CVE-2018-11627
+CVE-2018-11627 (Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs  ...)
 	- ruby-sinatra <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/sinatra/sinatra/issues/1428
 	NOTE: Introduced by: https://github.com/sinatra/sinatra/commit/8f8df53ff29938ace79b31097c27d9cdac803b44
 	NOTE: Fixed by: https://github.com/sinatra/sinatra/commit/12786867d6faaceaec62c7c2cb5b0e2dc074d71a
-CVE-2018-11626
+CVE-2018-11626 (SELA (aka SimplE Lossless Audio) v0.1.2-alpha has a stack-based buffer ...)
 	NOT-FOR-US: SELA
-CVE-2018-11625
+CVE-2018-11625 (In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file  ...)
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2
 	[stretch] - imagemagick <not-affected> (Vulnerable code not present)
@@ -24163,32 +24163,32 @@ CVE-2018-11625
 	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/5294966898532a6bd54699fbf04edf18902513ac
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/406ebfe09b62858b17ab3ee11f67171d43d9a76e
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1156
-CVE-2018-11624
+CVE-2018-11624 (In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c ...)
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2
 	[stretch] - imagemagick <not-affected> (Vulnerable code not present)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/172d82afe89d3499ef0cab06dc58d380cc1ab946
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1149
-CVE-2018-11623
+CVE-2018-11623 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11622
+CVE-2018-11622 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11621
+CVE-2018-11621 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11620
+CVE-2018-11620 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11619
+CVE-2018-11619 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11618
+CVE-2018-11618 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11617
+CVE-2018-11617 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-11616
+CVE-2018-11616 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Tencent Foxmail
-CVE-2018-11615
+CVE-2018-11615 (This vulnerability allows remote attackers to deny service on vulnerab ...)
 	NOT-FOR-US: mosca
-CVE-2018-11614
+CVE-2018-11614 (This vulnerability allows remote attackers to escalate privileges on v ...)
 	NOT-FOR-US: Samsung Members Fixed
 CVE-2018-11613
 	RESERVED
@@ -24220,58 +24220,58 @@ CVE-2018-11600
 	RESERVED
 CVE-2018-11599
 	RESERVED
-CVE-2018-11598
+CVE-2018-11598 (Espruino before 1.99 allows attackers to cause a denial of service (ap ...)
 	NOT-FOR-US: Espruino
-CVE-2018-11597
+CVE-2018-11597 (Espruino before 1.99 allows attackers to cause a denial of service (ap ...)
 	NOT-FOR-US: Espruino
-CVE-2018-11596
+CVE-2018-11596 (Espruino before 1.99 allows attackers to cause a denial of service (ap ...)
 	NOT-FOR-US: Espruino
-CVE-2018-11595
+CVE-2018-11595 (Espruino before 1.99 allows attackers to cause a denial of service (ap ...)
 	NOT-FOR-US: Espruino
-CVE-2018-11594
+CVE-2018-11594 (Espruino before 1.99 allows attackers to cause a denial of service (ap ...)
 	NOT-FOR-US: Espruino
-CVE-2018-11593
+CVE-2018-11593 (Espruino before 1.99 allows attackers to cause a denial of service (ap ...)
 	NOT-FOR-US: Espruino
-CVE-2018-11592
+CVE-2018-11592 (Espruino before 1.98 allows attackers to cause a denial of service (ap ...)
 	NOT-FOR-US: Espruino
-CVE-2018-11591
+CVE-2018-11591 (Espruino before 1.98 allows attackers to cause a denial of service (ap ...)
 	NOT-FOR-US: Espruino
-CVE-2018-11590
+CVE-2018-11590 (Espruino before 1.99 allows attackers to cause a denial of service (ap ...)
 	NOT-FOR-US: Espruino
-CVE-2018-11589
+CVE-2018-11589 (Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Cen ...)
 	NOT-FOR-US: Centreon
-CVE-2018-11588
+CVE-2018-11588 (Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authe ...)
 	NOT-FOR-US: Centreon
-CVE-2018-11587
+CVE-2018-11587 (There is Remote Code Execution in Centreon 3.4.6 including Centreon We ...)
 	NOT-FOR-US: Centreon
-CVE-2018-11586
+CVE-2018-11586 (XML external entity (XXE) vulnerability in api/rest/status in SearchBl ...)
 	NOT-FOR-US: SearchBlox
 CVE-2018-11585
 	RESERVED
 CVE-2018-11584
 	RESERVED
-CVE-2018-11583
+CVE-2018-11583 (SeaCMS 6.61 has stored XSS in admin_collect.php via the siteurl parame ...)
 	NOT-FOR-US: SeaCMS
 CVE-2018-11582
 	RESERVED
-CVE-2018-11581
+CVE-2018-11581 (Cross-site scripting (XSS) vulnerability on Brother HL series printers ...)
 	NOT-FOR-US: Brother HL-L2340D and HL-L2380DW series printers
-CVE-2018-11580
+CVE-2018-11580 (An issue was discovered in mass-pages-posts-creator.php in the MULTIDO ...)
 	NOT-FOR-US: MULTIDOTS Mass Pages/Posts Creator plugin for WordPress
-CVE-2018-11579
+CVE-2018-11579 (class-woo-banner-management.php in the MULTIDOTS WooCommerce Category  ...)
 	NOT-FOR-US: MULTIDOTS WooCommerce Category Banner Management plugin for WordPress
-CVE-2018-11578
+CVE-2018-11578 (GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segment ...)
 	NOT-FOR-US: ngiflib
-CVE-2018-11577
+CVE-2018-11577 (Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c. ...)
 	- liblouis 3.5.0-3 (bug #900607)
 	[stretch] - liblouis 3.0.0-3+deb9u4
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/issues/582
-CVE-2018-11576
+CVE-2018-11576 (ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in ...)
 	NOT-FOR-US: ngiflib
-CVE-2018-11575
+CVE-2018-11575 (ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in ...)
 	NOT-FOR-US: ngiflib
-CVE-2018-11574
+CVE-2018-11574 (Improper input validation together with an integer overflow in the EAP ...)
 	- ppp 2.4.7-2+3
 	[stretch] - ppp <not-affected> (Vulnerable code introduced later)
 	[jessie] - ppp <not-affected> (Vulnerable code introduced later)
@@ -24280,70 +24280,70 @@ CVE-2018-11574
 	NOTE: https://www.nikhef.nl/~janjust/ppp/ppp-2.4.7-eaptls-mppe-1.101.patch
 CVE-2018-11573
 	RESERVED
-CVE-2018-11572
+CVE-2018-11572 (ClipperCMS 1.3.3 has XSS in the "Module name" field in a "Modules -&gt ...)
 	NOT-FOR-US: ClipperCMS
-CVE-2018-11571
+CVE-2018-11571 (ClipperCMS 1.3.3 allows Session Fixation. ...)
 	NOT-FOR-US: ClipperCMS
 CVE-2018-11570
 	RESERVED
 CVE-2018-11569
 	RESERVED
-CVE-2018-11568
+CVE-2018-11568 (Reflected XSS is possible in the GamePlan theme through 1.5.13.2 for W ...)
 	NOT-FOR-US: GamePlan theme for WordPress
-CVE-2018-11567
+CVE-2018-11567 (** DISPUTED ** Prior to 2018-04-27, the reprompt feature in Amazon Ech ...)
 	NOT-FOR-US: Amazon Echo devices
 CVE-2018-11566
 	RESERVED
-CVE-2018-11565
+CVE-2018-11565 (Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before  ...)
 	- mahara <removed>
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1772774
-CVE-2018-11564
+CVE-2018-11564 (Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upl ...)
 	NOT-FOR-US: Pagekit CMS
 CVE-2018-11563
 	RESERVED
-CVE-2018-11562
+CVE-2018-11562 (An issue was discovered in MISP 2.4.91. A vulnerability in app/View/El ...)
 	NOT-FOR-US: MISP
-CVE-2018-11561
+CVE-2018-11561 (An integer overflow in the unprotected distributeToken function of a s ...)
 	NOT-FOR-US: smart contract implementation for EETHER (EETHER)
-CVE-2018-11560
+CVE-2018-11560 (The webService binary on Insteon HD IP Camera White 2864-222 devices h ...)
 	NOT-FOR-US: Insteon
-CVE-2018-11559
+CVE-2018-11559 (DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" n ...)
 	NOT-FOR-US: DomainMod
-CVE-2018-11558
+CVE-2018-11558 (DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" n ...)
 	NOT-FOR-US: DomainMod
-CVE-2018-11557
+CVE-2018-11557 (YIBAN Easy class education platform 2.0 has XSS via the articlelist.ph ...)
 	NOT-FOR-US: YIBAN Easy
-CVE-2018-11556
+CVE-2018-11556 (tificc in Little CMS 2.9 has an out-of-bounds write in the cmsPipeline ...)
 	NOT-FOR-US: Little CMS
-CVE-2018-11555
+CVE-2018-11555 (tificc in Little CMS 2.9 has an out-of-bounds write in the Precalculat ...)
 	NOT-FOR-US: Little CMS
-CVE-2018-11554
+CVE-2018-11554 (The forgotten-password feature in index.php/member/reset/reset_email.h ...)
 	NOT-FOR-US: YzmCMS
-CVE-2018-11553
+CVE-2018-11553 (SGIN.CN xiangyun platform V9.4.10 has XSS via the login_url parameter  ...)
 	NOT-FOR-US: SGIN.CN xiangyun platform
-CVE-2018-11552
+CVE-2018-11552 (There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON- ...)
 	NOT-FOR-US: AXON PBX
-CVE-2018-11551
+CVE-2018-11551 (AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow  ...)
 	NOT-FOR-US: AXON PBX
 CVE-2018-11550
 	REJECTED
-CVE-2018-11549
+CVE-2018-11549 (An issue was discovered in WUZHI CMS 4.1.0 There is a Stored XSS Vulne ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-11548
+CVE-2018-11548 (An issue was discovered in EOS.IO DAWN 4.2. plugins/net_plugin/net_plu ...)
 	NOT-FOR-US: EOS.IO DAWN
-CVE-2018-11547
+CVE-2018-11547 (md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based  ...)
 	NOT-FOR-US: md4c
-CVE-2018-11546
+CVE-2018-11546 (md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entit ...)
 	NOT-FOR-US: md4c
-CVE-2018-11545
+CVE-2018-11545 (md4c 0.2.5 has a heap-based buffer overflow in md_merge_lines because  ...)
 	NOT-FOR-US: md4c
-CVE-2018-11544
+CVE-2018-11544 (The Olive Tree Ftp Server application 1.32 for Android has Insecure Da ...)
 	NOT-FOR-US: Olive Tree Ftp Server application
-CVE-2018-11543
+CVE-2018-11543 (A Local File Inclusion (LFI) vulnerability in the Sonus SBC 1000 / SBC ...)
 	NOT-FOR-US: Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface
-CVE-2018-11542
+CVE-2018-11542 (A Remote Command Execution (RCE) vulnerability in the Sonus SBC 1000 / ...)
 	NOT-FOR-US: Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface
-CVE-2018-11541
+CVE-2018-11541 (A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC  ...)
 	NOT-FOR-US: Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface
 CVE-2018-XXXX [gitlab: Removing public deploy keys regression]
 	[experimental] - gitlab 10.7.5+dfsg-1
@@ -24379,21 +24379,21 @@ CVE-2018-11540
 	RESERVED
 CVE-2018-11539
 	RESERVED
-CVE-2018-11538
+CVE-2018-11538 (servlet/UserServlet in SearchBlox 8.6.6 has CSRF via the u_name, u_pas ...)
 	NOT-FOR-US: SearchBlox
-CVE-2018-11537
+CVE-2018-11537 (Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as r ...)
 	NOT-FOR-US: angular-jwt
-CVE-2018-11536
+CVE-2018-11536 (md4c before 0.2.5 has a heap-based buffer overflow because md_split_si ...)
 	NOT-FOR-US: md4c
-CVE-2018-11535
+CVE-2018-11535 (An issue was discovered in SITEMAKIN SLAC (Site Login and Access Contr ...)
 	NOT-FOR-US: SITEMAKIN SLAC
 CVE-2018-11534
 	RESERVED
 CVE-2018-11533
 	RESERVED
-CVE-2018-11532
+CVE-2018-11532 (An issue was discovered in the ChangUonDyU Advanced Statistics plugin  ...)
 	NOT-FOR-US: MyBB plugin
-CVE-2018-11531
+CVE-2018-11531 (Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp. ...)
 	{DSA-4238-1 DLA-1402-1}
 	- exiv2 0.25-4
 	NOTE: https://github.com/Exiv2/exiv2/issues/283
@@ -24402,25 +24402,25 @@ CVE-2018-11531
 	NOTE: https://github.com/Exiv2/exiv2/commit/67a5a741153c876a6f1c189abb874721d1725c48
 CVE-2018-11530
 	RESERVED
-CVE-2018-11529
+CVE-2018-11529 (VideoLAN VLC media player 2.2.x is prone to a use after free vulnerabi ...)
 	{DSA-4251-1}
 	- vlc 3.0.3-1-1
 	[jessie] - vlc <end-of-life> (See https://lists.debian.org/debian-security-announce/2018/msg00130.html)
 	NOTE: https://github.com/videolan/vlc-3.0/commit/c472668ff873cfe29281822b4548715fb7bb0368
 	NOTE: https://github.com/videolan/vlc-3.0/commit/d2dadb37e7acc25ae08df71e563855d6e17b5b42
-CVE-2018-11528
+CVE-2018-11528 (WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI. ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-11527
+CVE-2018-11527 (An issue was discovered in CScms v4.1. A Cross-site request forgery (C ...)
 	NOT-FOR-US: CScms
-CVE-2018-11526
+CVE-2018-11526 (The plugin "WordPress Comments Import &amp; Export" for WordPress (v2. ...)
 	NOT-FOR-US: "WordPress Comments Import & Export" plugin for WordPress
-CVE-2018-11525
+CVE-2018-11525 (The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5 ...)
 	NOT-FOR-US: "Advanced Order Export For WooCommerce" plugin for WordPress
 CVE-2018-11524
 	RESERVED
-CVE-2018-11523
+CVE-2018-11523 (upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, suc ...)
 	NOT-FOR-US: NUUO NVRmini
-CVE-2018-11522
+CVE-2018-11522 (Yosoro 1.0.4 has stored XSS. ...)
 	NOT-FOR-US: Yosoro
 CVE-2018-11521
 	RESERVED
@@ -24428,93 +24428,93 @@ CVE-2018-11520
 	RESERVED
 CVE-2018-11519
 	RESERVED
-CVE-2018-11518
+CVE-2018-11518 (A vulnerability allows a phreaking attack on HCL legacy IVR systems th ...)
 	NOT-FOR-US: HCL legacy IVR systems
-CVE-2018-11517
+CVE-2018-11517 (mySCADA myPRO 7 allows remote attackers to discover all ProjectIDs in  ...)
 	NOT-FOR-US: mySCADA myPRO
-CVE-2018-11516
+CVE-2018-11516 (The vlc_demux_chained_Delete function in input/demux_chained.c in Vide ...)
 	- vlc 3.0.2-1
 	[stretch] - vlc 3.0.2-0+deb9u1
 	[jessie] - vlc <not-affected> (Only affects 3.x)
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=33dcfcf41340c27b6f8183fdb35b129282a79bd8
 	NOTE: http://www.videolan.org/security/sa1801.html
-CVE-2018-11515
+CVE-2018-11515 (The wpForo plugin through 2018-02-05 for WordPress has SQL Injection v ...)
 	NOT-FOR-US: wpForo plugin for WordPress
-CVE-2018-11514
+CVE-2018-11514 (PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted ...)
 	NOT-FOR-US: PHP Scripts Mall Naukri Clone Script
 CVE-2018-11513
 	RESERVED
-CVE-2018-11512
+CVE-2018-11512 (Stored cross-site scripting (XSS) vulnerability in the "Website's name ...)
 	NOT-FOR-US: wityCMS
-CVE-2018-11511
+CVE-2018-11511 (The tree list functionality in the photo gallery application in ASUSTO ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-11510
+CVE-2018-11510 (The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated  ...)
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11509
+CVE-2018-11509 (ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and p ...)
 	NOT-FOR-US: ASUSTOR ADM
-CVE-2018-11508
+CVE-2018-11508 (The compat_get_timex function in kernel/compat.c in the Linux kernel b ...)
 	- linux 4.16.12-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1574
 	NOTE: Fixed by: https://git.kernel.org/linus/0a0b98734479aa5b3c671d5190e86273372cab95
-CVE-2018-11507
+CVE-2018-11507 (An issue was discovered in Free Lossless Image Format (FLIF) 0.3. An a ...)
 	[experimental] - flif <unfixed>
 	- flif <removed> (bug #902188)
 	NOTE: https://github.com/FLIF-hub/FLIF/issues/509
-CVE-2018-11506
+CVE-2018-11506 (The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kerne ...)
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.16.16-1
 	[stretch] - linux 4.9.110-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f7068114d45ec55996b9040e98111afa56e010fe
-CVE-2018-11505
+CVE-2018-11505 (The Werewolf Online application 0.8.8 for Android allows attackers to  ...)
 	NOT-FOR-US: Werewolf Online application for Android
-CVE-2018-11504
+CVE-2018-11504 (The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a  ...)
 	{DSA-4293-1 DLA-1499-1}
 	- discount 2.2.4-1 (bug #901912)
 	NOTE: https://github.com/Orc/discount/issues/189#issuecomment-392247798
 	NOTE: POC: https://github.com/fCorleone/fuzz_programs/blob/master/discount/issue3_testcase
 	NOTE: Fixed by https://github.com/Orc/discount/commit/b002a5a4db31e42dfb45451c059bc56941c17974
-CVE-2018-11503
+CVE-2018-11503 (The isfootnote function in markdown.c in libmarkdown.a in DISCOUNT 2.2 ...)
 	{DSA-4293-1 DLA-1499-1}
 	- discount 2.2.4-1 (bug #901912)
 	NOTE: https://github.com/Orc/discount/issues/189#issuecomment-392247798
 	NOTE: POC: https://github.com/fCorleone/fuzz_programs/blob/master/discount/issue2_testcase
 	NOTE: Fixed by https://github.com/Orc/discount/commit/b002a5a4db31e42dfb45451c059bc56941c17974
-CVE-2018-11502
+CVE-2018-11502 (An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB ...)
 	NOT-FOR-US: MyBB plugin
-CVE-2018-11501
+CVE-2018-11501 (PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via user_submit. ...)
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
-CVE-2018-11500
+CVE-2018-11500 (An issue was discovered in PublicCMS V4.0.20180210. There is a CSRF vu ...)
 	NOT-FOR-US: PublicCMS
-CVE-2018-11499
+CVE-2018-11499 (A use-after-free vulnerability exists in handle_error() in sass_contex ...)
 	- libsass <unfixed> (bug #900182)
 	[stretch] - libsass <not-affected> (Vulnerability introduced in 3.4.7 upstream)
 	NOTE: https://github.com/sass/libsass/issues/2643
 	NOTE: https://github.com/sass/libsass/commit/84eaca254ca726531def3569c990089b3154e640
-CVE-2018-11498
+CVE-2018-11498 (In Lizard v1.0 and LZ5 v2.0 (the prior release, before the product was ...)
 	NOT-FOR-US: Lizard
 CVE-2018-11497
 	RESERVED
-CVE-2018-11496
+CVE-2018-11496 (In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read ...)
 	- lrzip 0.631+git180528-1
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/96
 	NOTE: https://github.com/ckolivas/lrzip/commit/907b66b8cb4ba7384abf8d82f09204b127d328bd
 	NOTE: https://github.com/ckolivas/lrzip/commit/a81248e47d276cf59b8c7e22558e2b5035e87b33
-CVE-2018-11495
+CVE-2018-11495 (OpenCart through 3.0.2.0 allows directory traversal in the editDownloa ...)
 	NOT-FOR-US: OpenCart
-CVE-2018-11494
+CVE-2018-11494 (The "program extension upload" feature in OpenCart through 3.0.2.0 has ...)
 	NOT-FOR-US: OpenCart
-CVE-2018-11493
+CVE-2018-11493 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerabil ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-11492
+CVE-2018-11492 (ASUS HG100 devices allow denial of service via an IPv4 packet flood. ...)
 	NOT-FOR-US: ASUS HG100 devices
-CVE-2018-11491
+CVE-2018-11491 (ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated  ...)
 	NOT-FOR-US: ASUS HG100 devices
-CVE-2018-11490
+CVE-2018-11490 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly vers ...)
 	[experimental] - giflib 5.1.7-1
 	- giflib <unfixed> (bug #904114)
 	[buster] - giflib <no-dsa> (Minor issue)
@@ -24524,7 +24524,7 @@ CVE-2018-11490
 	NOTE: https://sourceforge.net/p/giflib/bugs/113/
 	NOTE: https://sourceforge.net/p/giflib/code/ci/08438a5098f3bb1de23a29334af55eba663f75bd/
 	NOTE: Issue was reported against sam2p but issue is in dgif_lib.c from giflib.
-CVE-2018-11489
+CVE-2018-11489 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly vers ...)
 	- giflib <unfixed> (bug #904113)
 	[buster] - giflib <no-dsa> (Minor issue)
 	[stretch] - giflib <no-dsa> (Minor issue)
@@ -24532,50 +24532,50 @@ CVE-2018-11489
 	NOTE: https://github.com/pts/sam2p/issues/37
 	NOTE: https://sourceforge.net/p/giflib/bugs/112/
 	NOTE: Issue was reported against sam2p but issue is in dgif_lib.c from giflib.
-CVE-2018-11488
+CVE-2018-11488 (A stack exhaustion vulnerability in the search function of dtSearch 7. ...)
 	NOT-FOR-US: dtSearch
-CVE-2018-11487
+CVE-2018-11487 (PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the qu ...)
 	NOT-FOR-US: PHPMyWind
-CVE-2018-11486
+CVE-2018-11486 (An issue was discovered in the MULTIDOTS Advance Search for WooCommerc ...)
 	NOT-FOR-US: MULTIDOTS Advance Search for WooCommerce plugin for WordPress
-CVE-2018-11485
+CVE-2018-11485 (The MULTIDOTS WooCommerce Quick Reports plugin 1.0.6 and earlier for W ...)
 	NOT-FOR-US: MULTIDOTS WooCommerce Quick Reports plugin for WordPress
 CVE-2018-11484
 	RESERVED
 CVE-2018-11483
 	RESERVED
-CVE-2018-11482
+CVE-2018-11482 (/usr/lib/lua/luci/websys.lua on TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K ...)
 	NOT-FOR-US: TP-LINK
-CVE-2018-11481
+CVE-2018-11481 (TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC4 ...)
 	NOT-FOR-US: TP-LINK
 CVE-2018-11480
 	RESERVED
-CVE-2018-11479
+CVE-2018-11479 (The VPN component in Windscribe 1.81 uses the OpenVPN client for conne ...)
 	NOT-FOR-US: VPN component in Windscribe
-CVE-2018-11478
+CVE-2018-11478 (An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The ...)
 	NOT-FOR-US: Vgate iCar 2 Wi-Fi OBD2 Dongle devices
-CVE-2018-11477
+CVE-2018-11477 (An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The ...)
 	NOT-FOR-US: Vgate iCar 2 Wi-Fi OBD2 Dongle devices
-CVE-2018-11476
+CVE-2018-11476 (An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The ...)
 	NOT-FOR-US: Vgate iCar 2 Wi-Fi OBD2 Dongle devices
-CVE-2018-11475
+CVE-2018-11475 (Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A p ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-11474
+CVE-2018-11474 (Monstra CMS 3.0.4 has a Session Management Issue in the Administration ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-11473
+CVE-2018-11473 (Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login pa ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-11472
+CVE-2018-11472 (Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login para ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-11471
+CVE-2018-11471 (Cockpit 0.5.5 has XSS via a collection, form, or region. ...)
 	NOT-FOR-US: Cockpit CMS (different from src:cockpit)
-CVE-2018-11470
+CVE-2018-11470 (iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' para ...)
 	NOT-FOR-US: iScripts eSwap
-CVE-2018-11469
+CVE-2018-11469 (Incorrect caching of responses to requests including an Authorization  ...)
 	- haproxy 1.8.9-2 (bug #900084)
 	[stretch] - haproxy <not-affected> (Issue introduced in 1.8.0)
 	[jessie] - haproxy <not-affected> (Issue introduced in 1.8.0)
 	NOTE: https://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=17514045e5d934dede62116216c1b016fe23dd06
-CVE-2018-11468
+CVE-2018-11468 (The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2 ...)
 	{DSA-4293-1 DLA-1499-1}
 	- discount 2.2.4-1 (bug #901912)
 	NOTE: https://github.com/Orc/discount/issues/189
@@ -24583,65 +24583,65 @@ CVE-2018-11468
 	NOTE: Fixed by https://github.com/Orc/discount/commit/b002a5a4db31e42dfb45451c059bc56941c17974
 CVE-2018-11467
 	RESERVED
-CVE-2018-11466
+CVE-2018-11466 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All versio ...)
 	NOT-FOR-US: Siemens
-CVE-2018-11465
+CVE-2018-11465 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All versio ...)
 	NOT-FOR-US: Siemens
-CVE-2018-11464
+CVE-2018-11464 (A vulnerability has been identified in SINUMERIK 828D V4.7 (All versio ...)
 	NOT-FOR-US: Siemens
-CVE-2018-11463
+CVE-2018-11463 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All versio ...)
 	NOT-FOR-US: Siemens
-CVE-2018-11462
+CVE-2018-11462 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All versio ...)
 	NOT-FOR-US: Siemens
-CVE-2018-11461
+CVE-2018-11461 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All versio ...)
 	NOT-FOR-US: Siemens
-CVE-2018-11460
+CVE-2018-11460 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All versio ...)
 	NOT-FOR-US: Siemens
-CVE-2018-11459
+CVE-2018-11459 (A vulnerability has been identified in SINUMERIK 808D V4.7 (All versio ...)
 	NOT-FOR-US: Siemens
-CVE-2018-11458
+CVE-2018-11458 (A vulnerability has been identified in SINUMERIK 828D V4.7 (All versio ...)
 	NOT-FOR-US: Siemens
-CVE-2018-11457
+CVE-2018-11457 (A vulnerability has been identified in SINUMERIK 828D V4.7 (All versio ...)
 	NOT-FOR-US: Siemens
-CVE-2018-11456
+CVE-2018-11456 (A vulnerability has been identified in Automation License Manager 5 (A ...)
 	NOT-FOR-US: Automation License Manager
-CVE-2018-11455
+CVE-2018-11455 (A vulnerability has been identified in Automation License Manager 5 (A ...)
 	NOT-FOR-US: Automation License Manager
-CVE-2018-11454
+CVE-2018-11454 (A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and ...)
 	NOT-FOR-US: SIMATIC
-CVE-2018-11453
+CVE-2018-11453 (A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and ...)
 	NOT-FOR-US: SIMATIC
-CVE-2018-11452
+CVE-2018-11452 (A vulnerability has been identified in Firmware variant IEC 61850 for  ...)
 	NOT-FOR-US: Siemens
-CVE-2018-11451
+CVE-2018-11451 (A vulnerability has been identified in Firmware variant IEC 61850 for  ...)
 	NOT-FOR-US: Siemens
-CVE-2018-11450
+CVE-2018-11450 (A reflected Cross-Site-Scripting (XSS) vulnerability has been identifi ...)
 	NOT-FOR-US: Siemens PLM Software TEAMCENTER
-CVE-2018-11449
+CVE-2018-11449 (A vulnerability has been identified in SCALANCE M875 (All versions). A ...)
 	NOT-FOR-US: SCALANCE
-CVE-2018-11448
+CVE-2018-11448 (A vulnerability has been identified in SCALANCE M875 (All versions). T ...)
 	NOT-FOR-US: SCALANCE
-CVE-2018-11447
+CVE-2018-11447 (A vulnerability has been identified in SCALANCE M875 (All versions). T ...)
 	NOT-FOR-US: SCALANCE
-CVE-2018-11446
+CVE-2018-11446 (The buy function of a smart contract implementation for Gold Reward (G ...)
 	NOT-FOR-US: Gold Reward
-CVE-2018-11445
+CVE-2018-11445 (A CSRF issue was discovered on the User Add/System Settings Page (syst ...)
 	NOT-FOR-US: EasyService Billing
-CVE-2018-11444
+CVE-2018-11444 (A SQL Injection issue was observed in the parameter "q" in jobcard-ong ...)
 	NOT-FOR-US: EasyService Billing
-CVE-2018-11443
+CVE-2018-11443 (The parameter q is affected by Cross-site Scripting in jobcard-ongoing ...)
 	NOT-FOR-US: EasyService Billing
-CVE-2018-11442
+CVE-2018-11442 (A CSRF issue was discovered in EasyService Billing 1.0, which was trig ...)
 	NOT-FOR-US: EasyService Billing
 CVE-2018-11441
 	RESERVED
-CVE-2018-11440
+CVE-2018-11440 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parse ...)
 	- liblouis 3.5.0-3 (bug #900085)
 	[stretch] - liblouis 3.0.0-3+deb9u4
 	[jessie] - liblouis <no-dsa> (Minor issue)
 	NOTE: https://github.com/liblouis/liblouis/issues/575
 	NOTE: https://github.com/liblouis/liblouis/commit/4417bad83df4481ed58419b28c5c91b9649e2a86
-CVE-2018-11439
+CVE-2018-11439 (The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLi ...)
 	{DLA-1430-1}
 	- taglib 1.11.1+dfsg.1-0.3 (bug #903847)
 	[stretch] - taglib <no-dsa> (Minor issue)
@@ -24649,25 +24649,25 @@ CVE-2018-11439
 	NOTE: Upstream issue: https://github.com/taglib/taglib/issues/868
 	NOTE: Pull request: https://github.com/taglib/taglib/pull/869
 	NOTE: Upstream fix: https://github.com/taglib/taglib/commit/2c4ae870ec086f2ddd21a47861a3709c36faac45
-CVE-2018-11438
+CVE-2018-11438 (The mobi_decompress_lz77 function in compression.c in Libmobi 0.3 allo ...)
 	NOT-FOR-US: Libmobi
-CVE-2018-11437
+CVE-2018-11437 (The mobi_reconstruct_parts function in parse_rawml.c in Libmobi 0.3 al ...)
 	NOT-FOR-US: Libmobi
-CVE-2018-11436
+CVE-2018-11436 (The buffer_addraw function in buffer.c in Libmobi 0.3 allows remote at ...)
 	NOT-FOR-US: Libmobi
-CVE-2018-11435
+CVE-2018-11435 (The mobi_decompress_huffman_internal function in compression.c in Libm ...)
 	NOT-FOR-US: Libmobi
-CVE-2018-11434
+CVE-2018-11434 (The buffer_fill64 function in compression.c in Libmobi 0.3 allows remo ...)
 	NOT-FOR-US: Libmobi
-CVE-2018-11433
+CVE-2018-11433 (The mobi_get_kf8boundary_seqnumber function in util.c in Libmobi 0.3 a ...)
 	NOT-FOR-US: Libmobi
-CVE-2018-11432
+CVE-2018-11432 (The mobi_parse_mobiheader function in read.c in Libmobi 0.3 allows rem ...)
 	NOT-FOR-US: Libmobi
 CVE-2018-11431
 	RESERVED
-CVE-2018-11430
+CVE-2018-11430 (An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB ...)
 	NOT-FOR-US: Moderator Log Notes plugin for MyBB
-CVE-2018-11429
+CVE-2018-11429 (ATLANT (ATL) is a smart contract running on Ethereum. The mint functio ...)
 	NOT-FOR-US: smart contract
 CVE-2018-11428
 	RESERVED
@@ -24687,22 +24687,22 @@ CVE-2018-11421
 	RESERVED
 CVE-2018-11420
 	RESERVED
-CVE-2018-11419
+CVE-2018-11419 (An issue was discovered in JerryScript 1.0. There is a heap-based buff ...)
 	NOT-FOR-US: JerryScript
-CVE-2018-11418
+CVE-2018-11418 (An issue was discovered in JerryScript 1.0. There is a heap-based buff ...)
 	NOT-FOR-US: JerryScript
 CVE-2018-11417
 	RESERVED
-CVE-2018-11416
+CVE-2018-11416 (jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of  ...)
 	- jpegoptim <not-affected> (Introduced in 1.4.5)
 	NOTE: https://github.com/tjko/jpegoptim/issues/57
-CVE-2018-11415
+CVE-2018-11415 (SAP Internet Transaction Server (ITS) 6200.X.X has Reflected Cross Sit ...)
 	NOT-FOR-US: SAP Internet Transaction Server
-CVE-2018-11414
+CVE-2018-11414 (An issue was discovered in BearAdmin 0.5. There is admin/admin_log/ind ...)
 	NOT-FOR-US: BearAdmin
-CVE-2018-11413
+CVE-2018-11413 (An issue was discovered in BearAdmin 0.5. Remote attackers can downloa ...)
 	NOT-FOR-US: BearAdmin
-CVE-2018-11412
+CVE-2018-11412 (In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in f ...)
 	- linux 4.17.3-1
 	[stretch] - linux <not-affected> (Introduced in e50e5129f384 in 4.13)
 	[jessie] - linux <not-affected> (Introduced in e50e5129f384 in 4.13)
@@ -24710,51 +24710,51 @@ CVE-2018-11412
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1580
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199803
 	NOTE: Fixed by: https://git.kernel.org/linus/117166efb1ee8f13c38f9e96b258f16d4923f888
-CVE-2018-11411
+CVE-2018-11411 (The transferFrom function of a smart contract implementation for Dimon ...)
 	NOT-FOR-US: DimonCoin
-CVE-2018-11410
+CVE-2018-11410 (An issue was discovered in Liblouis 3.5.0. A invalid free in the compi ...)
 	- liblouis 3.5.0-2 (bug #899999)
 	[stretch] - liblouis 3.0.0-3+deb9u2
 	[jessie] - liblouis <not-affected> (Code did not even exist at the time)
 	[wheezy] - liblouis <not-affected> (Code did not even exist at the time)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1582024
 	NOTE: https://github.com/liblouis/liblouis/issues/573
-CVE-2018-11409
+CVE-2018-11409 (Splunk through 7.0.1 allows information disclosure by appending __raw/ ...)
 	NOT-FOR-US: Splunk
-CVE-2018-11408
+CVE-2018-11408 (The security handlers in the Security component in Symfony in 2.7.x be ...)
 	{DLA-1707-1}
 	- symfony 3.4.12+dfsg-1
 	[stretch] - symfony <not-affected> (Incomplete fix for CVE-2017-16652 wasn't backported)
 	NOTE: https://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers
-CVE-2018-11407
+CVE-2018-11407 (An issue was discovered in the Ldap component in Symfony 2.8.x before  ...)
 	- symfony 3.4.12+dfsg-1
 	[stretch] - symfony <not-affected> (Incomplete fix for CVE-2016-2403 not applied)
 	[jessie] - symfony <not-affected> (Incomplete fix for CVE-2016-2403 not applied)
 	NOTE: https://symfony.com/blog/cve-2018-11407-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password
-CVE-2018-11406
+CVE-2018-11406 (An issue was discovered in the Security component in Symfony 2.7.x bef ...)
 	{DSA-4262-1}
 	- symfony 3.4.12+dfsg-1
 	[jessie] - symfony <not-affected> (vulnerable code not present in branch 2.3)
 	NOTE: https://symfony.com/blog/cve-2018-11406-csrf-token-fixation
-CVE-2018-11405
+CVE-2018-11405 (Kliqqi 2.0.2 has CSRF in admin/admin_users.php. ...)
 	NOT-FOR-US: Kliqqi
-CVE-2018-11404
+CVE-2018-11404 (DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.ph ...)
 	NOT-FOR-US: DomainMod
-CVE-2018-11403
+CVE-2018-11403 (DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid p ...)
 	NOT-FOR-US: DomainMod
-CVE-2018-11402
+CVE-2018-11402 (SimpliSafe Original has Unencrypted Keypad Transmissions, which allows ...)
 	NOT-FOR-US: SimpliSafe Original
-CVE-2018-11401
+CVE-2018-11401 (In SimpliSafe Original, RF Interference (e.g., an extremely strong 433 ...)
 	NOT-FOR-US: SimpliSafe Original
-CVE-2018-11400
+CVE-2018-11400 (In SimpliSafe Original, the Base Station fails to detect tamper attemp ...)
 	NOT-FOR-US: SimpliSafe Original
-CVE-2018-11399
+CVE-2018-11399 (SimpliSafe Original has Unencrypted Sensor Transmissions, which allows ...)
 	NOT-FOR-US: SimpliSafe Original
 CVE-2018-11398
 	RESERVED
 CVE-2018-11397
 	RESERVED
-CVE-2018-11396
+CVE-2018-11396 (ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3 ...)
 	- epiphany-browser 3.28.2.1-1 (unimportant; bug #899409)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795740
 	NOTE: webkit not covered by security support
@@ -24764,7 +24764,7 @@ CVE-2018-11394
 	RESERVED
 CVE-2018-11393
 	RESERVED
-CVE-2018-11392
+CVE-2018-11392 (An arbitrary file upload vulnerability in /classes/profile.class.php i ...)
 	NOT-FOR-US: Jigowatt
 CVE-2018-11391
 	RESERVED
@@ -24776,62 +24776,62 @@ CVE-2018-11388
 	RESERVED
 CVE-2018-11387
 	RESERVED
-CVE-2018-11386
+CVE-2018-11386 (An issue was discovered in the HttpFoundation component in Symfony 2.7 ...)
 	{DSA-4262-1}
 	- symfony 3.4.12+dfsg-1
 	[jessie] - symfony <not-affected> (vulnerable code no present, no rollback mechanism in this version)
 	NOTE: https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler
-CVE-2018-11385
+CVE-2018-11385 (An issue was discovered in the Security component in Symfony 2.7.x bef ...)
 	{DSA-4262-1 DLA-1707-1}
 	- symfony 3.4.12+dfsg-1
 	NOTE: https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication
-CVE-2018-11384
+CVE-2018-11384 (The sh_op() function in radare2 2.5.0 allows remote attackers to cause ...)
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/77c47cf873dd55b396da60baa2ca83bbd39e4add
 	NOTE: https://github.com/radare/radare2/issues/9903
-CVE-2018-11383
+CVE-2018-11383 (The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers  ...)
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/9d348bcc2c4bbd3805e7eec97b594be9febbdf9a
 	NOTE: https://github.com/radare/radare2/issues/9943
-CVE-2018-11382
+CVE-2018-11382 (The _inst__sts() function in radare2 2.5.0 allows remote attackers to  ...)
 	- radare2 <not-affected> (Vulnerable code not yet present)
 	NOTE: https://github.com/radare/radare2/commit/d04c78773f6959bcb427453f8e5b9824d5ba9eff
 	NOTE: https://github.com/radare/radare2/issues/10091
-CVE-2018-11381
+CVE-2018-11381 (The string_scan_range() function in radare2 2.5.0 allows remote attack ...)
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/3fcf41ed96ffa25b38029449520c8d0a198745f3
 	NOTE: https://github.com/radare/radare2/issues/9902
-CVE-2018-11380
+CVE-2018-11380 (The parse_import_ptr() function in radare2 2.5.0 allows remote attacke ...)
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/60208765887f5f008b3b9a883f3addc8bdb9c134
 	NOTE: https://github.com/radare/radare2/issues/9970
-CVE-2018-11379
+CVE-2018-11379 (The get_debug_info() function in radare2 2.5.0 allows remote attackers ...)
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/4e1cf0d3e6f6fe2552a269def0af1cd2403e266c
 	NOTE: https://github.com/radare/radare2/issues/9926
-CVE-2018-11378
+CVE-2018-11378 (The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly ha ...)
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <not-affected> (Vulnerable code not present)
 	[jessie] - radare2 <not-affected> (Vulnerable code not present)
 	[wheezy] - radare2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/commit/bd276ef2fd8ac3401e65be7c126a43175ccfbcd7
 	NOTE: https://github.com/radare/radare2/issues/9969
-CVE-2018-11377
+CVE-2018-11377 (The avr_op_analyze() function in radare2 2.5.0 allows remote attackers ...)
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
@@ -24839,55 +24839,55 @@ CVE-2018-11377
 	NOTE: https://github.com/radare/radare2/commit/25a3703ef2e015bbe1d1f16f6b2f63bb10dd34f4
 	NOTE: https://github.com/radare/radare2/commit/b35530fa0681b27eba084de5527037ebfb397422
 	NOTE: https://github.com/radare/radare2/issues/9901
-CVE-2018-11376
+CVE-2018-11376 (The r_read_le32() function in radare2 2.5.0 allows remote attackers to ...)
 	- radare2 2.6.0+dfsg-1 (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/commit/1f37c04f2a762500222dda2459e6a04646feeedf
 	NOTE: https://github.com/radare/radare2/issues/9904
-CVE-2018-11375
+CVE-2018-11375 (The _inst__lds() function in radare2 2.5.0 allows remote attackers to  ...)
 	- radare2 <not-affected> (Vulnerable code not yet present)
 	NOTE: https://github.com/radare/radare2/commit/041e53cab7ca33481ae45ecd65ad596976d78e68
 	NOTE: https://github.com/radare/radare2/issues/9928
 CVE-2018-11374
 	RESERVED
-CVE-2018-11373
+CVE-2018-11373 (iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" U ...)
 	NOT-FOR-US: iScripts eSwap
-CVE-2018-11372
+CVE-2018-11372 (iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php Use ...)
 	NOT-FOR-US: iScripts eSwap
-CVE-2018-11371
+CVE-2018-11371 (SkyCaiji 1.2 allows CSRF to add an Administrator user. ...)
 	NOT-FOR-US: SkyCaiji
 CVE-2018-11370
 	RESERVED
-CVE-2018-11369
+CVE-2018-11369 (An issue was discovered in PbootCMS v1.0.9. There is a SQL Injection t ...)
 	NOT-FOR-US: PbootCMS
 CVE-2018-11368
 	RESERVED
-CVE-2018-11367
+CVE-2018-11367 (An issue was discovered in CppCMS before 1.2.1. There is a denial of s ...)
 	NOT-FOR-US: CppCMS
-CVE-2018-11366
+CVE-2018-11366 (init.php in the Loginizer plugin 1.3.8 through 1.3.9 for WordPress has ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-11365
+CVE-2018-11365 (sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an ...)
 	- r-cran-haven 1.1.1-2 (low; bug #899335)
-CVE-2018-11364
+CVE-2018-11364 (sav_parse_machine_integer_info_record in spss/readstat_sav_read.c in l ...)
 	- r-cran-haven 1.1.1-2 (low; bug #899335)
-CVE-2018-11363
+CVE-2018-11363 (jpeg_size in pdfgen.c in PDFGen before 2018-04-09 has a heap-based buf ...)
 	NOT-FOR-US: PDFGen
-CVE-2018-11362
+CVE-2018-11362 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS diss ...)
 	{DSA-4217-1 DLA-1388-1}
 	- wireshark 2.6.1-1 (bug #900708)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14615
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f177008b04a530640de835ca878892e58b826d58
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-25.html
-CVE-2018-11361
+CVE-2018-11361 (In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. Th ...)
 	- wireshark 2.6.1-1 (bug #900708)
 	[jessie] - wireshark <not-affected> (vulnerable code not present (TDLS support added in version 2.1.0))
 	[wheezy] - wireshark <not-affected> (vulnerable code not present (TDLS support added in version 2.1.0))
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14686
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1b52f9929238ce3948ec924ae4f9456b5e9df558
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-32.html
-CVE-2018-11360
+CVE-2018-11360 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTA ...)
 	- wireshark 2.6.1-1 (bug #900708)
 	[stretch] - wireshark 2.2.6+g32dac6a-2+deb9u3
 	[jessie] - wireshark <not-affected> (vulnerable code not present (uses static a_bigbuf instead))
@@ -24895,40 +24895,40 @@ CVE-2018-11360
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14688
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a55b36c51f83a7b9680824e8ee3a6ce8429ab24b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-30.html
-CVE-2018-11359
+CVE-2018-11359 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC disse ...)
 	{DLA-1634-1}
 	- wireshark 2.6.1-1 (bug #900708)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14703
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=beaebe91b14564fb9f86f0726bab09927872721b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-33.html
-CVE-2018-11358
+CVE-2018-11358 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dis ...)
 	{DSA-4217-1 DLA-1388-1}
 	- wireshark 2.6.1-1 (bug #900708)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14689
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ccb1ac3c8cec47fbbbf2e80ced80644005c65252
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-31.html
-CVE-2018-11357
+CVE-2018-11357 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP disse ...)
 	{DLA-1634-1}
 	- wireshark 2.6.1-1 (bug #900708)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14678
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ab8a33ef083b9732c89117747a83a905a676faf6
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-28.html
-CVE-2018-11356
+CVE-2018-11356 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS disse ...)
 	{DLA-1634-1}
 	- wireshark 2.6.1-1 (bug #900708)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14681
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4425716ddba99374749bd033d9bc0f4add2fb973
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-29.html
-CVE-2018-11355
+CVE-2018-11355 (In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed ...)
 	- wireshark <not-affected> (Vulnerable code, new RTCP dissector for transport-cc, introduced later)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14673
 	NOTE: Introduced by: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a584eab239d55e441433ead40c993e08a24c59fe (v2.5.0)
 	NOTE: Fixed by: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=99d27a5fd2c540f837154aca3b3647f5ccfa0c33 (v2.6.1)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-27.html
-CVE-2018-11354
+CVE-2018-11354 (In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was a ...)
 	- wireshark <not-affected> (Vulnerable code, IEEE 1905.1a dissector, introduced in v2.5.0~1187)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14647
 	NOTE: Introduced by: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=05b1d35586aee37dad7d84fa27531fc9794a41c9 (v2.5.0)
@@ -24936,75 +24936,75 @@ CVE-2018-11354
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-26.html
 CVE-2018-11353
 	RESERVED
-CVE-2018-11352
+CVE-2018-11352 (The Wallabag application 2.2.3 to 2.3.2 is affected by one cross-site  ...)
 	NOT-FOR-US: Wallabag
-CVE-2018-11351
+CVE-2018-11351 (script.php in Jirafeau before 3.4.1 is affected by two stored Cross-Si ...)
 	NOT-FOR-US: Jirafeau
-CVE-2018-11350
+CVE-2018-11350 (An issue was discovered in Jirafeau before 3.4.1. The file "search by  ...)
 	NOT-FOR-US: Jirafeau
-CVE-2018-11349
+CVE-2018-11349 (The administration panel of Jirafeau before 3.4.1 is vulnerable to thr ...)
 	NOT-FOR-US: Jirafeau
-CVE-2018-11348
+CVE-2018-11348 (Two XSS vulnerabilities are located in the profile edition page of the ...)
 	NOT-FOR-US: Yunihost
-CVE-2018-11347
+CVE-2018-11347 (The YunoHost 2.7.2 through 2.7.14 web application is affected by one H ...)
 	NOT-FOR-US: Yunihost
-CVE-2018-11346
+CVE-2018-11346 (An insecure direct object reference vulnerability in download.cgi in A ...)
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11345
+CVE-2018-11345 (An unrestricted file upload vulnerability in upload.cgi in ASUSTOR AS6 ...)
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11344
+CVE-2018-11344 (A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM  ...)
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11343
+CVE-2018-11343 (A persistent cross site scripting vulnerability in playlistmanger.cgi  ...)
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11342
+CVE-2018-11342 (A path traversal vulnerability in fileExplorer.cgi in ASUSTOR AS6202T  ...)
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11341
+CVE-2018-11341 (Directory traversal in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ ...)
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11340
+CVE-2018-11340 (An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR ...)
 	NOT-FOR-US: ASUSTOR
-CVE-2018-11339
+CVE-2018-11339 (An XSS issue was discovered in Frappe ERPNext v11.x.x-develop b1036e5  ...)
 	NOT-FOR-US: Frappe ERPNext
-CVE-2018-11338
+CVE-2018-11338 (Intuit Lacerte 2017 for Windows in a client/server environment transfe ...)
 	NOT-FOR-US: Intuit Lacerte
 CVE-2018-11337
 	RESERVED
 CVE-2018-11336
 	RESERVED
-CVE-2018-11335
+CVE-2018-11335 (GVToken Genesis Vision (GVT) is a smart contract running on Ethereum.  ...)
 	NOT-FOR-US: smart contract
-CVE-2018-11334
+CVE-2018-11334 (Windscribe 1.81 creates a named pipe with a NULL DACL that allows Ever ...)
 	NOT-FOR-US: Windscribe
 CVE-2018-11333
 	RESERVED
-CVE-2018-11332
+CVE-2018-11332 (Stored cross-site scripting (XSS) vulnerability in the "Site Name" fie ...)
 	NOT-FOR-US: ClipperCMS
-CVE-2018-11331
+CVE-2018-11331 (An issue was discovered in Pluck before 4.7.6. Remote PHP code executi ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2018-11330
+CVE-2018-11330 (An issue was discovered in Pluck before 4.7.6. There is authenticated  ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2018-11329
+CVE-2018-11329 (The DrugDealer function of a smart contract implementation for Ether C ...)
 	NOT-FOR-US: DrugDealer smart contractz
-CVE-2018-11328
+CVE-2018-11328 (An issue was discovered in Joomla! Core before 3.8.8. Under specific c ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-11327
+CVE-2018-11327 (An issue was discovered in Joomla! Core before 3.8.8. Inadequate check ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-11326
+CVE-2018-11326 (An issue was discovered in Joomla! Core before 3.8.8. Inadequate input ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-11325
+CVE-2018-11325 (An issue was discovered in Joomla! Core before 3.8.8. The web install  ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-11324
+CVE-2018-11324 (An issue was discovered in Joomla! Core before 3.8.8. A long running b ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-11323
+CVE-2018-11323 (An issue was discovered in Joomla! Core before 3.8.8. Inadequate check ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-11322
+CVE-2018-11322 (An issue was discovered in Joomla! Core before 3.8.8. Depending on the ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-11321
+CVE-2018-11321 (An issue was discovered in com_fields in Joomla! Core before 3.8.8. In ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-11320
+CVE-2018-11320 (In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that ar ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-1000181
+CVE-2018-1000181 (Kitura 2.3.0 and earlier have an unintended read access to unauthorise ...)
 	NOT-FOR-US: Kitura
-CVE-2018-1000180
+CVE-2018-1000180 (Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier h ...)
 	{DSA-4233-1}
 	- bouncycastle 1.59-2 (bug #900843)
 	[jessie] - bouncycastle <not-affected> (Issue introduced in 1.54)
@@ -25016,21 +25016,21 @@ CVE-2018-11318
 	RESERVED
 CVE-2018-11317
 	RESERVED
-CVE-2018-11316
+CVE-2018-11316 (The UPnP HTTP server on Sonos wireless speaker products allow unauthor ...)
 	NOT-FOR-US: Sonos
-CVE-2018-11315
+CVE-2018-11315 (The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below ...)
 	NOT-FOR-US: Radio Thermostat CT50 and CT80
-CVE-2018-11314
+CVE-2018-11314 (The External Control API in Roku and Roku TV products allow unauthoriz ...)
 	NOT-FOR-US: Roku
 CVE-2018-11313
 	RESERVED
 CVE-2018-11312
 	RESERVED
-CVE-2018-11311
+CVE-2018-11311 (A hardcoded FTP username of myscada and password of Vikuk63 in 'myscad ...)
 	NOT-FOR-US: mySCADA
 CVE-2018-11310
 	RESERVED
-CVE-2018-11309
+CVE-2018-11309 (Blind SQL injection in coupon_code in the MemberMouse plugin 2.2.8 and ...)
 	NOT-FOR-US: MemberMouse plugin for WordPress
 CVE-2018-11308
 	RESERVED
@@ -25042,105 +25042,105 @@ CVE-2018-11307 [Potential information exfiltration with default typing, serializ
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/27b4defc270454dea6842bd9279f17387eceb737
 CVE-2018-11306
 	RESERVED
-CVE-2018-11305
+CVE-2018-11305 (When a series of FDAL messages are sent to the modem, a Use After Free ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11304
+CVE-2018-11304 (Possible buffer overflow in msm_adsp_stream_callback_put due to lack o ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11303
 	RESERVED
-CVE-2018-11302
+CVE-2018-11302 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11301
+CVE-2018-11301 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11300
+CVE-2018-11300 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11299
+CVE-2018-11299 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11298
+CVE-2018-11298 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11297
+CVE-2018-11297 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11296
+CVE-2018-11296 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11295
+CVE-2018-11295 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11294
+CVE-2018-11294 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11293
+CVE-2018-11293 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11292
+CVE-2018-11292 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11291
+CVE-2018-11291 (In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11290
+CVE-2018-11290 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11289
+CVE-2018-11289 (Data truncation during higher to lower type conversion which causes le ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11288
+CVE-2018-11288 (Possible undefined behavior due to lack of size check in function for  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11287
+CVE-2018-11287 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11286
+CVE-2018-11286 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11285
+CVE-2018-11285 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11284
+CVE-2018-11284 (Spoofed SMS can be used to send a large number of messages to the devi ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11283
 	RESERVED
 CVE-2018-11282
 	RESERVED
-CVE-2018-11281
+CVE-2018-11281 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11280
+CVE-2018-11280 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11279
+CVE-2018-11279 (Lack of check of input size can make device memory get corrupted becau ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11278
+CVE-2018-11278 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11277
+CVE-2018-11277 (In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996A ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11276
+CVE-2018-11276 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11275
+CVE-2018-11275 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11274
+CVE-2018-11274 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11273
+CVE-2018-11273 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11272
 	RESERVED
 CVE-2018-11271
 	RESERVED
-CVE-2018-11270
+CVE-2018-11270 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11269
+CVE-2018-11269 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11268
+CVE-2018-11268 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11267
+CVE-2018-11267 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11266
+CVE-2018-11266 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Android kernel, code not in mainline
-CVE-2018-11265
+CVE-2018-11265 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11264
+CVE-2018-11264 (Possible buffer overflow in Ontario fingerprint code due to lack of in ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11263
+CVE-2018-11263 (In all Android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11262
+CVE-2018-11262 (In Android for MSM, Firefox OS for MSM, and QRD Android with all Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11261
+CVE-2018-11261 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11260
+CVE-2018-11260 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11259
+CVE-2018-11259 (Due to Improper Access Control of NAND-based EFS in Snapdragon Automob ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11258
+CVE-2018-11258 (In ADSP RPC in Snapdragon Automobile, Snapdragon Mobile and Snapdragon ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11257
+CVE-2018-11257 (Permissions, Privileges, and Access Controls in TA in Snapdragon Mobil ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-11256
+CVE-2018-11256 (An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::App ...)
 	- libpodofo 0.9.6+dfsg-4 (low; bug #916583)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -25148,7 +25148,7 @@ CVE-2018-11256
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575851
 	NOTE: https://sourceforge.net/p/podofo/tickets/21
 	NOTE: https://sourceforge.net/p/podofo/code/1938
-CVE-2018-11255
+CVE-2018-11255 (An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPage ...)
 	- libpodofo <unfixed> (low; bug #916584)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -25156,7 +25156,7 @@ CVE-2018-11255
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575502
 	NOTE: https://sourceforge.net/p/podofo/tickets/20
 	NOTE: https://sourceforge.net/p/podofo/code/1952 (this commit doesn't fix the crash)
-CVE-2018-11254
+CVE-2018-11254 (An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursi ...)
 	- libpodofo 0.9.6+dfsg-4 (low; bug #916585)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -25168,7 +25168,7 @@ CVE-2018-11253
 	RESERVED
 CVE-2018-11252
 	RESERVED
-CVE-2018-11251
+CVE-2018-11251 (In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based b ...)
 	{DSA-4245-1 DLA-1394-1 DLA-1381-1}
 	- imagemagick 8:6.9.9.39+dfsg-1
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/956
@@ -25177,93 +25177,93 @@ CVE-2018-11250
 	RESERVED
 CVE-2018-11249
 	RESERVED
-CVE-2018-11248
+CVE-2018-11248 (util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an  ...)
 	NOT-FOR-US: FileDownloader
-CVE-2018-11247
+CVE-2018-11247 (The JMX/RMI interface in Nasdaq BWise 5.0 does not require authenticat ...)
 	NOT-FOR-US: SAP
 CVE-2018-11246
 	RESERVED
-CVE-2018-11245
+CVE-2018-11245 (app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex  ...)
 	NOT-FOR-US: MISP
-CVE-2018-11244
+CVE-2018-11244 (The BBE theme before 1.53 for WordPress allows a direct launch of an H ...)
 	NOT-FOR-US: WordPress theme
-CVE-2018-11243
+CVE-2018-11243 (PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95 allows remote attac ...)
 	- upx-ucl 1.03+repack-5 (unimportant; bug #899190; bug #907426)
 	NOTE: https://github.com/upx/upx/issues/206
 	NOTE: https://github.com/upx/upx/issues/207
-CVE-2018-11242
+CVE-2018-11242 (An issue was discovered in the MakeMyTrip application 7.2.4 for Androi ...)
 	NOT-FOR-US: MakeMyTrip application for Android
-CVE-2018-11241
+CVE-2018-11241 (An issue was discovered on SoftCase T-Router build 20112017 devices. A ...)
 	NOT-FOR-US: SoftCase T-Router devices
-CVE-2018-11240
+CVE-2018-11240 (An issue was discovered on SoftCase T-Router build 20112017 devices. T ...)
 	NOT-FOR-US: SoftCase T-Router devices
-CVE-2018-11239
+CVE-2018-11239 (An integer overflow in the _transfer function of a smart contract impl ...)
 	NOT-FOR-US: Hexagon (HXG)
 CVE-2018-11238
 	RESERVED
-CVE-2018-11237
+CVE-2018-11237 (An AVX-512-optimized implementation of the mempcpy function in the GNU ...)
 	- glibc 2.27-4 (low; bug #899070)
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <no-dsa> (Minor issue, can be fixed along in future DSA or point update)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23196
-CVE-2018-11236
+CVE-2018-11236 (stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 a ...)
 	- glibc 2.27-4 (low; bug #899071)
 	[stretch] - glibc 2.24-11+deb9u4
 	[jessie] - glibc <no-dsa> (Minor issue, can be fixed along in future DSA or point update)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22786
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5460617d1567657621107d895ee2dd83bc1f88f2
-CVE-2018-11235
+CVE-2018-11235 (In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16 ...)
 	{DSA-4212-1}
 	- git 1:2.17.1-1
 	NOTE: https://lkml.org/lkml/2018/5/29/889
 CVE-2018-11234
 	RESERVED
-CVE-2018-11233
+CVE-2018-11233 (In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16 ...)
 	- git 1:2.17.1-1 (unimportant)
 	[stretch] - git 1:2.11.0-3+deb9u3
 	[jessie] - git 1:2.1.4-2.1+deb8u6
 	NOTE: Only an issue when running on an NTFS filesystem.
 	NOTE: https://lkml.org/lkml/2018/5/29/889
-CVE-2018-1000400
+CVE-2018-1000400 (Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Swi ...)
 	NOT-FOR-US: Kubernetes CRI-O
-CVE-2018-11232
+CVE-2018-11232 (The etm_setup_aux function in drivers/hwtracing/coresight/coresight-et ...)
 	- linux <not-affected> (Vulnerable code never present in unstable)
 	NOTE: Fixed by: https://git.kernel.org/linus/f09444639099584bc4784dfcd85ada67c6f33e0f
-CVE-2018-11231
+CVE-2018-11231 (In the Divido plugin for OpenCart, there is SQL injection. Attackers c ...)
 	NOT-FOR-US: OpenCart plugin
-CVE-2018-11230
+CVE-2018-11230 (jbig2_add_page in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29 allows ...)
 	NOT-FOR-US: jbig2enc
-CVE-2018-11229
+CVE-2018-11229 (Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW- ...)
 	NOT-FOR-US: Crestron devices
-CVE-2018-11228
+CVE-2018-11228 (Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW- ...)
 	NOT-FOR-US: Crestron devices
 CVE-2018-11227
 	RESERVED
-CVE-2018-11226
+CVE-2018-11226 (The getString function in decompile.c in libming through 0.4.8 mishand ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/144
-CVE-2018-11225
+CVE-2018-11225 (The dcputs function in decompile.c in libming through 0.4.8 mishandles ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/143
-CVE-2018-11224
+CVE-2018-11224 (An issue was discovered in Libav 12.3. A read access violation in the  ...)
 	- libav <removed> (low)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1129
-CVE-2018-11223
+CVE-2018-11223 (XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to exec ...)
 	NOT-FOR-US: Pandora FMS
-CVE-2018-11222
+CVE-2018-11222 (Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23  ...)
 	NOT-FOR-US: Pandora FMS
-CVE-2018-11221
+CVE-2018-11221 (Unauthenticated untrusted file upload in Artica Pandora FMS through ve ...)
 	NOT-FOR-US: Pandora FMS
-CVE-2018-11220
+CVE-2018-11220 (Bitmain Antminer D3, L3+, and S9 devices allow Remote Command Executio ...)
 	NOT-FOR-US: Bitmain Antminer D3, L3+, and S9 devices
-CVE-2018-11219
+CVE-2018-11219 (An Integer Overflow issue was discovered in the struct library in the  ...)
 	{DSA-4230-1 DLA-1396-1}
 	- redis 5:4.0.10-1 (bug #901495)
 	NOTE: https://github.com/antirez/redis/issues/5017
 	NOTE: http://antirez.com/news/119
-CVE-2018-11218
+CVE-2018-11218 (Memory Corruption was discovered in the cmsgpack library in the Lua su ...)
 	{DSA-4230-1 DLA-1396-1}
 	- redis 5:4.0.10-1 (bug #901495)
 	NOTE: https://github.com/antirez/redis/issues/5017
@@ -25274,54 +25274,54 @@ CVE-2018-11216
 	RESERVED
 CVE-2018-11215
 	RESERVED
-CVE-2018-11214
+CVE-2018-11214 (An issue was discovered in libjpeg 9a. The get_text_rgb_row function i ...)
 	{DLA-1638-1}
 	- libjpeg9 1:9c-1 (low; bug #902176)
 	- libjpeg-turbo 1:1.4.2-1
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91 (1.4.2)
-CVE-2018-11213
+CVE-2018-11213 (An issue was discovered in libjpeg 9a. The get_text_gray_row function  ...)
 	{DLA-1638-1}
 	- libjpeg9 1:9c-1 (low; bug #902176)
 	- libjpeg-turbo 1:1.4.2-1
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91 (1.4.2)
-CVE-2018-11212
+CVE-2018-11212 (An issue was discovered in libjpeg 9a. The alloc_sarray function in jm ...)
 	{DLA-1638-1}
 	- libjpeg9 1:9c-1 (low; bug #902176)
 	- libjpeg-turbo 1:1.4.2-1
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/82923eb93a2eacf4a593e00e3e672bbb86a8a3a0 (1.4.2)
 CVE-2018-11211
 	RESERVED
-CVE-2018-11210
+CVE-2018-11210 (TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::P ...)
 	- tinyxml2 <unfixed> (bug #899063; unimportant)
 	NOTE: https://github.com/leethomason/tinyxml2/issues/675
 	NOTE: Non-real issue, missuse of API
-CVE-2018-11209
+CVE-2018-11209 (** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. zb_system/c ...)
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-11208
+CVE-2018-11208 (** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. There is a  ...)
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-11207
+CVE-2018-11207 (A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in  ...)
 	- hdf5 1.10.4+repack-1 (low)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
-CVE-2018-11206
+CVE-2018-11206 (An out of bounds read was discovered in H5O_fill_new_decode and H5O_fi ...)
 	- hdf5 1.10.4+repack-1 (low)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
-CVE-2018-11205
+CVE-2018-11205 (A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the  ...)
 	- hdf5 <undetermined>
-CVE-2018-11204
+CVE-2018-11204 (A NULL pointer dereference was discovered in H5O__chunk_deserialize in ...)
 	- hdf5 1.10.4+repack-1 (low)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
-CVE-2018-11203
+CVE-2018-11203 (A division by zero was discovered in H5D__btree_decode_key in H5Dbtree ...)
 	- hdf5 1.10.4+repack-1 (low)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
 	[wheezy] - hdf5 <no-dsa> (Minor issue)
-CVE-2018-11202
+CVE-2018-11202 (A NULL pointer dereference was discovered in H5S_hyper_make_spans in H ...)
 	- hdf5 1.10.4+repack-1 (low)
 	[stretch] - hdf5 <no-dsa> (Minor issue)
 	[jessie] - hdf5 <no-dsa> (Minor issue)
@@ -25336,165 +25336,165 @@ CVE-2018-11198
 	RESERVED
 CVE-2018-11197
 	RESERVED
-CVE-2018-11196
+CVE-2018-11196 (Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before  ...)
 	- mahara <removed>
 	NOTE: https://bugs.launchpad.net/bugs/1770535
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=8270
-CVE-2018-11195
+CVE-2018-11195 (Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before  ...)
 	- mahara <removed>
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1770561
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=8269
-CVE-2018-11194
+CVE-2018-11194 (Quest DR Series Disk Backup software version before 4.0.3.1 allows pri ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11193
+CVE-2018-11193 (Quest DR Series Disk Backup software version before 4.0.3.1 allows pri ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11192
+CVE-2018-11192 (Quest DR Series Disk Backup software version before 4.0.3.1 allows pri ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11191
+CVE-2018-11191 (Quest DR Series Disk Backup software version before 4.0.3.1 allows pri ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11190
+CVE-2018-11190 (Quest DR Series Disk Backup software version before 4.0.3.1 allows pri ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11189
+CVE-2018-11189 (Quest DR Series Disk Backup software version before 4.0.3.1 allows pri ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11188
+CVE-2018-11188 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11187
+CVE-2018-11187 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11186
+CVE-2018-11186 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11185
+CVE-2018-11185 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11184
+CVE-2018-11184 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11183
+CVE-2018-11183 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11182
+CVE-2018-11182 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11181
+CVE-2018-11181 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11180
+CVE-2018-11180 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11179
+CVE-2018-11179 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11178
+CVE-2018-11178 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11177
+CVE-2018-11177 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11176
+CVE-2018-11176 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11175
+CVE-2018-11175 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11174
+CVE-2018-11174 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11173
+CVE-2018-11173 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11172
+CVE-2018-11172 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11171
+CVE-2018-11171 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11170
+CVE-2018-11170 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11169
+CVE-2018-11169 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11168
+CVE-2018-11168 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11167
+CVE-2018-11167 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11166
+CVE-2018-11166 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11165
+CVE-2018-11165 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11164
+CVE-2018-11164 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11163
+CVE-2018-11163 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11162
+CVE-2018-11162 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11161
+CVE-2018-11161 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11160
+CVE-2018-11160 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11159
+CVE-2018-11159 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11158
+CVE-2018-11158 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11157
+CVE-2018-11157 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11156
+CVE-2018-11156 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11155
+CVE-2018-11155 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11154
+CVE-2018-11154 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11153
+CVE-2018-11153 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11152
+CVE-2018-11152 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11151
+CVE-2018-11151 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11150
+CVE-2018-11150 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11149
+CVE-2018-11149 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11148
+CVE-2018-11148 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11147
+CVE-2018-11147 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11146
+CVE-2018-11146 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11145
+CVE-2018-11145 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11144
+CVE-2018-11144 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11143
+CVE-2018-11143 (Quest DR Series Disk Backup software version before 4.0.3.1 allows com ...)
 	NOT-FOR-US: Quest DR Series Disk Backup software
-CVE-2018-11142
+CVE-2018-11142 (The 'systemui/settings_network.php' and 'systemui/settings_patching.ph ...)
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11141
+CVE-2018-11141 (The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/ad ...)
 	NOT-FOR-US: Quest KACE System Management Virtual Appliance
-CVE-2018-11140
+CVE-2018-11140 (The 'reportID' parameter received by the '/common/run_report.php' scri ...)
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11139
+CVE-2018-11139 (The '/common/ajax_email_connection_test.php' script in the Quest KACE  ...)
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11138
+CVE-2018-11138 (The '/common/download_agent_installer.php' script in the Quest KACE Sy ...)
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11137
+CVE-2018-11137 (The 'checksum' parameter of the '/common/download_attachment.php' scri ...)
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11136
+CVE-2018-11136 (The 'orgID' parameter received by the '/common/download_agent_installe ...)
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11135
+CVE-2018-11135 (The script '/adminui/error_details.php' in the Quest KACE System Manag ...)
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11134
+CVE-2018-11134 (In order to perform actions that requires higher privileges, the Quest ...)
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11133
+CVE-2018-11133 (The 'fmt' parameter of the '/common/run_cross_report.php' script in th ...)
 	NOT-FOR-US: Quest KACE System Management Appliance
-CVE-2018-11132
+CVE-2018-11132 (In order to perform actions that require higher privileges, the Quest  ...)
 	NOT-FOR-US: Quest KACE System Management Appliance
 CVE-2018-11131
 	RESERVED
-CVE-2018-11130
+CVE-2018-11130 (The header::add_FORMAT_descriptor function in header.cpp in VCFtools 0 ...)
 	- vcftools 0.1.16-1 (low; bug #902190)
 	[stretch] - vcftools <no-dsa> (Minor issue)
 	[jessie] - vcftools <no-dsa> (Minor issue)
 	[wheezy] - vcftools <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2018/May/43
 	NOTE: https://github.com/vcftools/vcftools/issues/109
-CVE-2018-11129
+CVE-2018-11129 (The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1 ...)
 	- vcftools 0.1.16-1 (low; bug #902190)
 	[stretch] - vcftools <no-dsa> (Minor issue)
 	[jessie] - vcftools <no-dsa> (Minor issue)
 	[wheezy] - vcftools <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2018/May/43
 	NOTE: https://github.com/vcftools/vcftools/issues/109
-CVE-2018-11128
+CVE-2018-11128 (The ObjReader::ReadObj() function in ObjReader.cpp in vincent0629 PDFP ...)
 	NOT-FOR-US: vincent0629 PDFParser
-CVE-2018-11127
+CVE-2018-11127 (e107 2.1.7 has CSRF resulting in arbitrary user deletion. ...)
 	NOT-FOR-US: e107
-CVE-2018-11126
+CVE-2018-11126 (dg-user/?controller=users&amp;action=add in doorGets 7.0 has CSRF that ...)
 	NOT-FOR-US: doorGets
 CVE-2018-11125
 	REJECTED
-CVE-2018-11124
+CVE-2018-11124 (Cross-site scripting (XSS) vulnerability in Attributes functionality i ...)
 	NOT-FOR-US: Open-AudIT Community
 CVE-2018-11123
 	RESERVED
@@ -25502,15 +25502,15 @@ CVE-2018-11122
 	RESERVED
 CVE-2018-11121
 	RESERVED
-CVE-2018-11120
+CVE-2018-11120 (Services/COPage/classes/class.ilPCSourceCode.php in ILIAS 5.1.x, 5.2.x ...)
 	NOT-FOR-US: ILIAS
-CVE-2018-11119
+CVE-2018-11119 (ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 redirects a logged-in user  ...)
 	NOT-FOR-US: ILIAS
-CVE-2018-11118
+CVE-2018-11118 (The RSS subsystem in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 has XS ...)
 	NOT-FOR-US: ILIAS
-CVE-2018-11117
+CVE-2018-11117 (Services/Feeds/classes/class.ilExternalFeedItem.php in ILIAS 5.1.x, 5. ...)
 	NOT-FOR-US: ILIAS
-CVE-2018-11116
+CVE-2018-11116 (OpenWrt mishandles access control in /etc/config/rpcd and the /usr/sha ...)
 	NOT-FOR-US: OpenWrt
 CVE-2018-11115
 	RESERVED
@@ -25532,171 +25532,171 @@ CVE-2018-11107
 	RESERVED
 CVE-2018-11106
 	RESERVED
-CVE-2018-11105
+CVE-2018-11105 (There is stored cross site scripting in the wp-live-chat-support plugi ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-11104
 	RESERVED
 CVE-2018-11103
 	RESERVED
-CVE-2018-11102
+CVE-2018-11102 (An issue was discovered in Libav 12.3. A read access violation in the  ...)
 	- libav <removed> (low)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1128
-CVE-2018-11101
+CVE-2018-11101 (Open Whisper Signal (aka Signal-Desktop) through 1.10.1 allows XSS via ...)
 	- signal-desktop <itp> (bug #842943)
-CVE-2018-11100
+CVE-2018-11100 (The decompileSETTARGET function in decompile.c in libming through 0.4. ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/142
-CVE-2018-11099
+CVE-2018-11099 (The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1 ...)
 	- vcftools 0.1.16-1 (low; bug #902190)
 	[stretch] - vcftools <no-dsa> (Minor issue)
 	[jessie] - vcftools <no-dsa> (Minor issue)
 	[wheezy] - vcftools <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2018/May/43
 	NOTE: https://github.com/vcftools/vcftools/issues/109
-CVE-2018-11098
+CVE-2018-11098 (An issue was discovered in Frog CMS 0.9.5. There is a file upload vuln ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-11097
+CVE-2018-11097 (An issue was discovered in cloudwu/cstring through 2016-11-09. There i ...)
 	NOT-FOR-US: cloudwu
-CVE-2018-11096
+CVE-2018-11096 (Horse Market Sell &amp; Rent Portal Script 1.5.7 has a CSRF vulnerabil ...)
 	NOT-FOR-US: Horse Market Sell & Rent Portal Script
-CVE-2018-11095
+CVE-2018-11095 (The decompileJUMP function in decompile.c in libming through 0.4.8 mis ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/141
-CVE-2018-11094
+CVE-2018-11094 (An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ ...)
 	NOT-FOR-US: Intelbras NCLOUD
-CVE-2018-11093
+CVE-2018-11093 (Cross-site scripting (XSS) vulnerability in the Link package for CKEdi ...)
 	NOT-FOR-US: CKeditor addon
-CVE-2018-11092
+CVE-2018-11092 (An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF a ...)
 	NOT-FOR-US: Admin Notes plugin for MyBB
-CVE-2018-11091
+CVE-2018-11091 (An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file  ...)
 	NOT-FOR-US: MyBiz MyProcureNet
-CVE-2018-11090
+CVE-2018-11090 (An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This vulnerab ...)
 	NOT-FOR-US: MyBiz MyProcureNet
 CVE-2018-11089
 	RESERVED
-CVE-2018-11088
+CVE-2018-11088 (Pivotal Applications Manager in Pivotal Application Service, versions  ...)
 	NOT-FOR-US: Pivotal
-CVE-2018-11087
+CVE-2018-11087 (Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions pri ...)
 	NOT-FOR-US: Spring AMQP
-CVE-2018-11086
+CVE-2018-11086 (Pivotal Usage Service in Pivotal Application Service, versions 2.0 pri ...)
 	NOT-FOR-US: Pivotal
 CVE-2018-11085
 	REJECTED
-CVE-2018-11084
+CVE-2018-11084 (Cloud Foundry Garden-runC release, versions prior to 1.16.1, prevents  ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-11083
+CVE-2018-11083 (Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-11082
+CVE-2018-11082 (Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA  ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-11081
+CVE-2018-11081 (Pivotal Operations Manager, versions 2.2.x prior to 2.2.1, 2.1.x prior ...)
 	NOT-FOR-US: Pivotal
-CVE-2018-11080
+CVE-2018-11080 (Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contain ...)
 	NOT-FOR-US: EMC Secure Remote Services
-CVE-2018-11079
+CVE-2018-11079 (Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contain ...)
 	NOT-FOR-US: EMC Secure Remote Services
-CVE-2018-11078
+CVE-2018-11078 (Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecu ...)
 	NOT-FOR-US: EMC VPlex GeoSynchrony
-CVE-2018-11077
+CVE-2018-11077 ('getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3 ...)
 	NOT-FOR-US: EMC
-CVE-2018-11076
+CVE-2018-11076 (Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0 and  ...)
 	NOT-FOR-US: EMC
-CVE-2018-11075
+CVE-2018-11075 (RSA Authentication Manager versions prior to 8.3 P3 contain a reflecte ...)
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2018-11074
+CVE-2018-11074 (RSA Authentication Manager versions prior to 8.3 P3 are affected by a  ...)
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2018-11073
+CVE-2018-11073 (RSA Authentication Manager versions prior to 8.3 P3 contain a stored c ...)
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2018-11072
+CVE-2018-11072 (Dell Digital Delivery versions prior to 3.5.1 contain a DLL Injection  ...)
 	NOT-FOR-US: Dell Digital Delivery
-CVE-2018-11071
+CVE-2018-11071 (Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1 ...)
 	NOT-FOR-US: EMC Isilon OneFS
-CVE-2018-11070
+CVE-2018-11070 (RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J version ...)
 	NOT-FOR-US: RSA BSAFE Crypto-J
-CVE-2018-11069
+CVE-2018-11069 (RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channe ...)
 	NOT-FOR-US: RSA BSAFE SSL-J
-CVE-2018-11068
+CVE-2018-11068 (RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vuln ...)
 	NOT-FOR-US: RSA BSAFE SSL-J
-CVE-2018-11067
+CVE-2018-11067 (Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2. ...)
 	NOT-FOR-US: EMC
-CVE-2018-11066
+CVE-2018-11066 (Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2. ...)
 	NOT-FOR-US: EMC
-CVE-2018-11065
+CVE-2018-11065 (The WorkPoint component, which is embedded in all RSA Archer, versions ...)
 	NOT-FOR-US: RSA
-CVE-2018-11064
+CVE-2018-11064 (Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE version ...)
 	NOT-FOR-US: Dell
-CVE-2018-11063
+CVE-2018-11063 (Dell WMS versions 1.1 and prior are impacted by multiple unquoted serv ...)
 	NOT-FOR-US: Dell WMS
-CVE-2018-11062
+CVE-2018-11062 (Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contai ...)
 	NOT-FOR-US: Integrated Data Protection Appliance
-CVE-2018-11061
+CVE-2018-11061 (RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security An ...)
 	NOT-FOR-US: RSA
-CVE-2018-11060
+CVE-2018-11060 (RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass ...)
 	NOT-FOR-US: RSA Archer
-CVE-2018-11059
+CVE-2018-11059 (RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scr ...)
 	NOT-FOR-US: RSA Archer
-CVE-2018-11058
+CVE-2018-11058 (RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and ...)
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2018-11057
+CVE-2018-11057 (RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and ...)
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2018-11056
+CVE-2018-11056 (RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BS ...)
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2018-11055
+CVE-2018-11055 (RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and ...)
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2018-11054
+CVE-2018-11054 (RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer over ...)
 	NOT-FOR-US: RSA BSAFE Micro Edition Suite
-CVE-2018-11053
+CVE-2018-11053 (Dell EMC iDRAC Service Module for all supported Linux and XenServer ve ...)
 	NOT-FOR-US: Dell
-CVE-2018-11052
+CVE-2018-11052 (Dell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication by ...)
 	NOT-FOR-US: EMC
-CVE-2018-11051
+CVE-2018-11051 (RSA Certificate Manager Versions 6.9 build 560 through 6.9 build 564 c ...)
 	NOT-FOR-US: RSA Certificate Manager
-CVE-2018-11050
+CVE-2018-11050 (Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, a ...)
 	NOT-FOR-US: EMC
-CVE-2018-11049
+CVE-2018-11049 (RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governanc ...)
 	NOT-FOR-US: RSA
-CVE-2018-11048
+CVE-2018-11048 (Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell ...)
 	NOT-FOR-US: Dell
-CVE-2018-11047
+CVE-2018-11047 (Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.1 ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-11046
+CVE-2018-11046 (Pivotal Operations Manager, versions 2.1.x prior to 2.1.6 and version  ...)
 	NOT-FOR-US: Pivotal
-CVE-2018-11045
+CVE-2018-11045 (Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior  ...)
 	NOT-FOR-US: Pivotal
-CVE-2018-11044
+CVE-2018-11044 (Pivotal Apps Manager included in Pivotal Application Service, versions ...)
 	NOT-FOR-US: Pivotal
 CVE-2018-11043
 	REJECTED
 CVE-2018-11042
 	REJECTED
-CVE-2018-11041
+CVE-2018-11041 (Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 excep ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-11040
+CVE-2018-11040 (Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3 ...)
 	- libspring-java 4.3.19-1
 	[stretch] - libspring-java <no-dsa> (Minor issue)
 	[jessie] - libspring-java <no-dsa> (unable to find relevant commits)
 	NOTE: https://pivotal.io/security/cve-2018-11040
-CVE-2018-11039
+CVE-2018-11039 (Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior  ...)
 	- libspring-java 4.3.19-1
 	[stretch] - libspring-java <no-dsa> (Minor issue)
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	NOTE: https://pivotal.io/security/cve-2018-11039
 CVE-2018-11038
 	RESERVED
-CVE-2018-11037
+CVE-2018-11037 (In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimag ...)
 	- exiv2 <undetermined>
 	NOTE: https://github.com/Exiv2/exiv2/issues/307
-CVE-2018-11036
+CVE-2018-11036 (Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3 ...)
 	NOT-FOR-US: Ruckus devices
-CVE-2018-11035
+CVE-2018-11035 (In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 ve ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-11034
+CVE-2018-11034 (In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 ve ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-11033
+CVE-2018-11033 (The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=40842
-CVE-2018-11032
+CVE-2018-11032 (PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/ ...)
 	NOT-FOR-US: PHPRAP
-CVE-2018-11031
+CVE-2018-11031 (application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 ha ...)
 	NOT-FOR-US: PHPRAP
 CVE-2018-11030
 	RESERVED
@@ -25704,27 +25704,27 @@ CVE-2018-11029
 	RESERVED
 CVE-2018-11028
 	RESERVED
-CVE-2018-11027
+CVE-2018-11027 (A reflected XSS vulnerability on Ruckus ICX7450-48 devices allows remo ...)
 	NOT-FOR-US: Ruckus
 CVE-2018-11026
 	RESERVED
-CVE-2018-11025
+CVE-2018-11025 (kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Ama ...)
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11024
+CVE-2018-11024 (kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in ...)
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11023
+CVE-2018-11023 (kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in ...)
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11022
+CVE-2018-11022 (kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in ...)
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11021
+CVE-2018-11021 (kernel/omap/drivers/video/omap2/dsscomp/device.c in the kernel compone ...)
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11020
+CVE-2018-11020 (kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in Amazo ...)
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11019
+CVE-2018-11019 (kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in ...)
 	NOT-FOR-US: kernel component on Amazon Fire
-CVE-2018-11018
+CVE-2018-11018 (An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery ...)
 	NOT-FOR-US: PbootCMS
-CVE-2018-11017
+CVE-2018-11017 (The newVar_N function in decompile.c in libming through 0.4.8 mishandl ...)
 	- ming <removed>
 CVE-2018-11016
 	RESERVED
@@ -25732,11 +25732,11 @@ CVE-2018-11015
 	RESERVED
 CVE-2018-11014
 	RESERVED
-CVE-2018-11013
+CVE-2018-11013 (Stack-based buffer overflow in the websRedirect function in GoAhead on ...)
 	NOT-FOR-US: D-Link
-CVE-2018-11012
+CVE-2018-11012 (ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd param ...)
 	NOT-FOR-US: ruibaby Halo
-CVE-2018-11011
+CVE-2018-11011 (ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to Front ...)
 	NOT-FOR-US: ruibaby Halo
 CVE-2018-11010
 	RESERVED
@@ -25750,51 +25750,51 @@ CVE-2018-11006
 	RESERVED
 CVE-2018-11005
 	RESERVED
-CVE-2018-11004
+CVE-2018-11004 (An issue was discovered in SDcms v1.5. Cross-site request forgery (CSR ...)
 	NOT-FOR-US: SDcms
-CVE-2018-11003
+CVE-2018-11003 (An issue was discovered in YXcms 1.4.7. Cross-site request forgery (CS ...)
 	NOT-FOR-US: YXcms
-CVE-2018-11002
+CVE-2018-11002 (Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on ...)
 	NOT-FOR-US: Pulse Secure Desktop Client
 CVE-2018-11001
 	RESERVED
 CVE-2018-11000
 	RESERVED
-CVE-2018-10999
+CVE-2018-10999 (An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk:: ...)
 	{DSA-4238-1 DLA-1551-1 DLA-1402-1}
 	- exiv2 0.25-4
 	NOTE: https://github.com/Exiv2/exiv2/issues/306
 	NOTE: https://github.com/Exiv2/exiv2/commit/2fb00c8a16ce93756cddd70536e361a49369ba88
 	NOTE: https://github.com/Exiv2/exiv2/commit/3ad0050469e6ea63b4081f2a88c264ce8ab55c51
-CVE-2018-10998
+CVE-2018-10998 (An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp al ...)
 	{DSA-4238-1 DLA-1402-1}
 	- exiv2 0.25-4
 	NOTE: https://github.com/Exiv2/exiv2/issues/303
 	NOTE: https://github.com/Exiv2/exiv2/commit/f4e8ed2fd48d012467b99552f0d6378302a23c75
-CVE-2018-10997
+CVE-2018-10997 (Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL injec ...)
 	NOT-FOR-US: Etere EtereWeb
-CVE-2018-10996
+CVE-2018-10996 (The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devic ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10995
+CVE-2018-10995 (SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles us ...)
 	{DSA-4254-1 DLA-1437-1}
 	- slurm-llnl 17.11.7-1 (bug #900548)
 	NOTE: https://www.schedmd.com/news.php?id=203
 	NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html
 	NOTE: https://github.com/SchedMD/slurm/commit/033dc0d1d28b8d2ba1a5187f564a01c15187eb4e
 	NOTE: https://github.com/SchedMD/slurm/commit/df545955e4f119974c278bff0c47155257d5afc7
-CVE-2018-10994
+CVE-2018-10994 (js/views/message_view.js in Open Whisper Signal (aka Signal-Desktop) b ...)
 	- signal-desktop <itp> (bug #842943)
 CVE-2018-10993
 	RESERVED
 CVE-2018-10991
 	REJECTED
-CVE-2018-10990
+CVE-2018-10990 (On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a log ...)
 	NOT-FOR-US: Arris Touchstone Telephony Gateway
-CVE-2018-10989
+CVE-2018-10989 (Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distr ...)
 	NOT-FOR-US: Arris Touchstone Telephony Gateway
-CVE-2018-10988
+CVE-2018-10988 (An issue was discovered on Diqee Diqee360 devices. A firmware update p ...)
 	NOT-FOR-US: Diqee
-CVE-2018-10987
+CVE-2018-10987 (An issue was discovered on Dongguan Diqee Diqee360 devices. The affect ...)
 	NOT-FOR-US: Diqee
 CVE-2018-10986
 	RESERVED
@@ -25804,15 +25804,15 @@ CVE-2018-10984
 	RESERVED
 CVE-2018-10983
 	RESERVED
-CVE-2018-10992
+CVE-2018-10992 (lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings b ...)
 	- lilypond 2.18.2-13 (bug #898373)
 	[jessie] - lilypond <not-affected> (Incomplete fix not applied)
 	[wheezy] - lilypond <not-affected> (Incomplete fix not applied)
-CVE-2018-10982
+CVE-2018-10982 (An issue was discovered in Xen through 4.10.x allowing x86 HVM guest O ...)
 	{DSA-4201-1 DLA-1549-1 DLA-1383-1}
 	- xen 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
 	NOTE: https://xenbits.xen.org/xsa/advisory-261.html
-CVE-2018-10981
+CVE-2018-10981 (An issue was discovered in Xen through 4.10.x allowing x86 HVM guest O ...)
 	{DSA-4201-1 DLA-1559-1 DLA-1383-1}
 	- xen 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
 	NOTE: https://xenbits.xen.org/xsa/advisory-262.html
@@ -25822,46 +25822,46 @@ CVE-2018-10979
 	RESERVED
 CVE-2018-10978
 	RESERVED
-CVE-2018-10977
+CVE-2018-10977 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ver ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10976
+CVE-2018-10976 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ver ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10975
+CVE-2018-10975 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ver ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10974
+CVE-2018-10974 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ver ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10973
+CVE-2018-10973 (An integer overflow in the transferMulti function of a smart contract  ...)
 	NOT-FOR-US: KoreaShow
-CVE-2018-10972
+CVE-2018-10972 (An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The  ...)
 	[experimental] - flif <unfixed>
 	- flif <removed> (bug #898407)
 	NOTE: https://github.com/FLIF-hub/FLIF/issues/503
-CVE-2018-10971
+CVE-2018-10971 (An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The  ...)
 	[experimental] - flif <unfixed>
 	- flif <removed> (bug #898406)
 	NOTE: https://github.com/FLIF-hub/FLIF/issues/501
 CVE-2018-10970
 	RESERVED
-CVE-2018-10969
+CVE-2018-10969 (SQL injection vulnerability in the Pie Register plugin before 3.0.10 f ...)
 	NOT-FOR-US: Pie Register plugin for WordPress
-CVE-2018-10968
+CVE-2018-10968 (On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious u ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10967
+CVE-2018-10967 (On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious u ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10966
+CVE-2018-10966 (An issue was discovered in GamerPolls 0.4.6, related to config/environ ...)
 	NOT-FOR-US: GamerPolls
 CVE-2018-10965
 	RESERVED
 CVE-2018-10964
 	RESERVED
-CVE-2018-10963
+CVE-2018-10963 (The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF thro ...)
 	{DSA-4349-1 DLA-1411-1}
 	- tiff 4.0.9-6 (bug #898348)
 	[stretch] - tiff <no-dsa> (Minor issue)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2795
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/de144fd228e4be8aa484c3caf3d814b6fa88c6d9
-CVE-2018-10962
+CVE-2018-10962 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPC ...)
 	NOT-FOR-US: Shanghai 2345 Security Guard
 CVE-2018-10961
 	RESERVED
@@ -25869,29 +25869,29 @@ CVE-2018-10960
 	RESERVED
 CVE-2018-10959
 	RESERVED
-CVE-2018-10958
+CVE-2018-10958 (In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT d ...)
 	{DSA-4238-1 DLA-1551-1 DLA-1402-1}
 	- exiv2 0.25-4
 	NOTE: https://github.com/Exiv2/exiv2/issues/302
 	NOTE: https://github.com/Exiv2/exiv2/commit/2fb00c8a16ce93756cddd70536e361a49369ba88
 	NOTE: https://github.com/Exiv2/exiv2/commit/3ad0050469e6ea63b4081f2a88c264ce8ab55c51
-CVE-2018-10957
+CVE-2018-10957 (CSRF exists on D-Link DIR-868L devices, leading to (for example) a cha ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10956
+CVE-2018-10956 (IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal. ...)
 	NOT-FOR-US: IPConfigure Orchid Core VMS
-CVE-2018-10955
+CVE-2018-10955 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ver ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10954
+CVE-2018-10954 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ver ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10953
+CVE-2018-10953 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ver ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10952
+CVE-2018-10952 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ver ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10951
+CVE-2018-10951 (mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8. ...)
 	NOT-FOR-US: Zimbra
-CVE-2018-10950
+CVE-2018-10950 (mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8. ...)
 	NOT-FOR-US: Zimbra
-CVE-2018-10949
+CVE-2018-10949 (mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8. ...)
 	NOT-FOR-US: Zimbra
 CVE-2018-10948
 	RESERVED
@@ -25899,48 +25899,48 @@ CVE-2018-10947
 	RESERVED
 CVE-2018-10946
 	RESERVED
-CVE-2018-10945
+CVE-2018-10945 (The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remot ...)
 	- smplayer 18.5.0~ds1-1
 	[stretch] - smplayer <not-affected> (Vulnerable code not present)
 	[jessie] - smplayer <not-affected> (Vulnerable code not present)
 	[wheezy] - smplayer <not-affected> (Vulnerable code not present)
 	NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer builds the Chromecast support
-CVE-2018-10944
+CVE-2018-10944 (The request_dividend function of a smart contract implementation for R ...)
 	NOT-FOR-US: Rasputin Online Coin
-CVE-2018-10943
+CVE-2018-10943 (An issue was discovered on Barco ClickShare CSE-200 and CS-100 Base Un ...)
 	NOT-FOR-US: Barco ClickShare CSE-200 and CS-100 Base Units
-CVE-2018-10942
+CVE-2018-10942 (modules/attributewizardpro/file_upload.php in the Attribute Wizard add ...)
 	NOT-FOR-US: Attribute Wizard addon for PrestaShop
 CVE-2018-10941
 	RESERVED
-CVE-2018-10940
+CVE-2018-10940 (The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the ...)
 	{DLA-1423-1 DLA-1422-1 DLA-1392-1}
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
 	NOTE: Fixed by: https://git.kernel.org/linus/9de4ee40547fd315d4a0ed1dd15a2fa3559ad707
-CVE-2018-10939
+CVE-2018-10939 (Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before 8.8.8 ...)
 	NOT-FOR-US: Zimbra Web Client
-CVE-2018-10938
+CVE-2018-10938 (A flaw was found in the Linux kernel present since v4.0-rc1 and throug ...)
 	{DSA-4308-1 DLA-1531-1}
 	- linux 4.13.4-1 (unimportant)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/40413955ee265a5e42f710940ec78f5450d49149 (4.13-rc5)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/27/1
-CVE-2018-10937
+CVE-2018-10937 (A cross site scripting flaw exists in the tetonic-console component of ...)
 	NOT-FOR-US: OpenShift
-CVE-2018-10936
+CVE-2018-10936 (A weakness was found in postgresql-jdbc before version 42.2.5. It was  ...)
 	- libpgjava 42.2.5-1
 	[stretch] - libpgjava <no-dsa> (Minor issue)
 	[jessie] - libpgjava <no-dsa> (Minor issue)
 	NOTE: https://github.com/pgjdbc/pgjdbc/commit/cdeeaca47dc3bc6f727c79a582c9e412309
-CVE-2018-10935
+CVE-2018-10935 (A flaw was found in the 389 Directory Server that allows users to caus ...)
 	{DLA-1483-1}
 	- 389-ds-base 1.4.0.15-1 (bug #906985)
 	NOTE: https://pagure.io/389-ds-base/issue/49890
 CVE-2018-10934
 	RESERVED
 	- wildfly <itp> (bug #752018)
-CVE-2018-10933
+CVE-2018-10933 (A vulnerability was found in libssh's server-side state machine before ...)
 	{DSA-4322-1 DLA-1548-1}
 	- libssh 0.8.4-1 (bug #911149)
 	NOTE: https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/
@@ -25956,45 +25956,45 @@ CVE-2018-10933
 	NOTE: https://git.libssh.org/projects/libssh.git/commit/?id=75be012b4a14f4550ce6ad3f126e559f44dbde76 (master)
 	NOTE: https://git.libssh.org/projects/libssh.git/commit/?id=e1548a71bdac73da084174ab1d6d2713edd93f6e (master)
 	NOTE: Fixed in 0.7.6, 0.8.4 upstream
-CVE-2018-10932
+CVE-2018-10932 (lldptool version 1.0.1 and older can print a raw, unsanitized attacker ...)
 	- lldpad 1.0.1+git20180808.4e642bd-1 (unimportant; bug #905901)
 	NOTE: https://github.com/intel/openlldp/pull/7
 	NOTE: https://github.com/intel/openlldp/commit/41feb359a9d0082b0bcf68b1f2b37227f02af4f1
 	NOTE: Terminal emulators need to perform proper escaping
-CVE-2018-10931
+CVE-2018-10931 (It was found that cobbler 2.6.x exposed all functions from its Cobbler ...)
 	- cobbler <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/09/9
-CVE-2018-10930
+CVE-2018-10930 (A flaw was found in RPC request using gfs3_rename_req in glusterfs ser ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612664
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
 	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
-CVE-2018-10929
+CVE-2018-10929 (A flaw was found in RPC request using gfs2_create_req in glusterfs ser ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612660
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
 	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
-CVE-2018-10928
+CVE-2018-10928 (A flaw was found in RPC request using gfs3_symlink_req in glusterfs se ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612659
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
 	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
-CVE-2018-10927
+CVE-2018-10927 (A flaw was found in RPC request using gfs3_lookup_req in glusterfs ser ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612658
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
 	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
-CVE-2018-10926
+CVE-2018-10926 (A flaw was found in RPC request using gfs3_mknod_req supported by glus ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1613143
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
 	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
-CVE-2018-10925
+CVE-2018-10925 (It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14 ...)
 	{DSA-4269-1}
 	- postgresql-10 10.5-1
 	- postgresql-9.6 <removed>
@@ -26004,44 +26004,44 @@ CVE-2018-10925
 	- postgresql-9.1 <not-affected> (Only affects PostgreSQL 9.5 onwards)
 	NOTE: Fixed in 9.5.14, 9.6.10, 10.5
 	NOTE: https://www.postgresql.org/about/news/1878/
-CVE-2018-10924
+CVE-2018-10924 (It was discovered that fsync(2) system call in glusterfs client code l ...)
 	- glusterfs 4.0.1-1
 	[stretch] - glusterfs <not-affected> (Issue introduced in 3.13.2 and backported to 3.12 series)
 	[jessie] - glusterfs <not-affected> (Issue introduced in 3.13.2 and backported to 3.12 series)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1611785
 	NOTE: Introduced by: http://git.gluster.org/cgit/glusterfs.git/commit/?id=51dfc9c789b8405f595a337eade938aedcb449c4
 	NOTE: https://review.gluster.org/20723
-CVE-2018-10923
+CVE-2018-10923 (It was found that the "mknod" call derived from mknod(2) can create fi ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1610659
 	NOTE: https://github.com/gluster/glusterfs/commit/4bafcc97e812acc854dfc436ade35df0308d5a3e
-CVE-2018-10922
+CVE-2018-10922 (An input validation flaw exists in ttembed. With a crafted input file, ...)
 	NOT-FOR-US: ttembed
-CVE-2018-10921
+CVE-2018-10921 (Certain input files may trigger an integer overflow in ttembed input f ...)
 	NOT-FOR-US: ttembed
-CVE-2018-10920
+CVE-2018-10920 (Improper input validation bug in DNS resolver component of Knot Resolv ...)
 	- knot-resolver 2.4.1-1 (bug #905325)
 	NOTE: https://www.knot-resolver.cz/2018-08-02-knot-resolver-2.4.1.html
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/09/2 (including patch)
-CVE-2018-10919
+CVE-2018-10919 (The Samba Active Directory LDAP server was vulnerable to an informatio ...)
 	{DSA-4271-1 DLA-1539-1}
 	- samba 2:4.8.4+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2018-10919.html
-CVE-2018-10918
+CVE-2018-10918 (A null pointer dereference flaw was found in the way samba checked dat ...)
 	- samba 2:4.8.4+dfsg-1
 	[stretch] - samba <not-affected> (Only affects Samba 4.7.0 onwards)
 	[jessie] - samba <not-affected> (Only affects Samba 4.7.0 onwards)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-10918.html
-CVE-2018-10917
+CVE-2018-10917 (pulp 2.16.x and possibly older is vulnerable to an improper path parsi ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2018-10916
+CVE-2018-10916 (It has been discovered that lftp up to and including version 4.8.3 doe ...)
 	- lftp 4.8.4-1 (bug #905163)
 	[stretch] - lftp <no-dsa> (Minor issue)
 	[jessie] - lftp <no-dsa> (Minor issue)
 	NOTE: https://github.com/lavv17/lftp/issues/452
 	NOTE: https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992
-CVE-2018-10915
+CVE-2018-10915 (A vulnerability was found in libpq, the default PostgreSQL client libr ...)
 	{DSA-4269-1 DLA-1464-1}
 	- postgresql-10 10.5-1
 	- postgresql-9.6 <removed>
@@ -26051,24 +26051,24 @@ CVE-2018-10915
 	[jessie] - postgresql-9.1 <no-dsa> (package only serves as a means for upgrading to Stretch)
 	NOTE: Fixed in 9.3.24, 9.4.19, 9.5.14, 9.6.10, 10.5
 	NOTE: https://www.postgresql.org/about/news/1878/
-CVE-2018-10914
+CVE-2018-10914 (It was found that an attacker could issue a xattr request via glusterf ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607617
 	NOTE: https://github.com/gluster/glusterfs/commit/13298d2b3893edb5d147ea3bcb9902ee5be4b3ad
-CVE-2018-10913
+CVE-2018-10913 (An information disclosure vulnerability was discovered in glusterfs se ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607618
 	NOTE: https://github.com/gluster/glusterfs/commit/13298d2b3893edb5d147ea3bcb9902ee5be4b3ad
-CVE-2018-10912
+CVE-2018-10912 (keycloak before version 4.0.0.final is vulnerable to a infinite loop i ...)
 	NOT-FOR-US: Keycloak
-CVE-2018-10911
+CVE-2018-10911 (A flaw was found in the way dic_unserialize function of glusterfs does ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601657
 	NOTE: https://github.com/gluster/glusterfs/commit/cc3271ebf3aacdbbc77fdd527375af78ab12ea8d
-CVE-2018-10910
+CVE-2018-10910 (A bug in Bluez may allow for the Bluetooth Discoverable state being se ...)
 	- bluez <unfixed>
 	[stretch] - bluez <ignored> (Minor issue, does not affected Gnome Bluetooth in stretch)
 	[jessie] - bluez <no-dsa> (Minor issue because in gnome-bluetooth <= 3.26 the D-Bus calls were synchronous and thus the issue in bluez will have no actual affect)
@@ -26078,49 +26078,49 @@ CVE-2018-10910
 	NOTE: gnome-bluetooth: https://gitlab.gnome.org/GNOME/gnome-bluetooth/commit/6b5086d42ea64d46277f3c93b43984f331d12f89
 CVE-2018-10909
 	RESERVED
-CVE-2018-10908
+CVE-2018-10908 (It was found that vdsm before version 4.20.37 invokes qemu-img on untr ...)
 	- vdsm <itp> (bug #668538)
-CVE-2018-10907
+CVE-2018-10907 (It was found that glusterfs server is vulnerable to multiple stack bas ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601642
 	NOTE: https://github.com/gluster/glusterfs/commit/35f86ce46240c4f9c216bbc29164ce441cfca1e7
-CVE-2018-10906
+CVE-2018-10906 (In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vuln ...)
 	{DSA-4257-1 DLA-1468-1}
 	- fuse3 3.2.6-1 (bug #911343)
 	- fuse 2.9.8-1 (bug #904439)
 	NOTE: https://github.com/libfuse/libfuse/pull/268
 	NOTE: https://sourceforge.net/p/fuse/mailman/message/36374753/
-CVE-2018-10905
+CVE-2018-10905 (CloudForms Management Engine (cfme) is vulnerable to an improper secur ...)
 	NOT-FOR-US: Red Hat CloudForms Management Engine
-CVE-2018-10904
+CVE-2018-10904 (It was found that glusterfs server does not properly sanitize file pat ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601298
 	NOTE: https://github.com/gluster/glusterfs/commit/9716ce88b3a1faf135a6badc02d94249898059dd
-CVE-2018-10903
+CVE-2018-10903 (A flaw was found in python-cryptography versions between &gt;=1.9.0 an ...)
 	- python-cryptography 2.3-1 (bug #904072)
 	[stretch] - python-cryptography <not-affected> (Vulnerable code introduced later)
 	[jessie] - python-cryptography <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com//pyca/cryptography/pull/4342
 	NOTE: https://github.com/pyca/cryptography/pull/4342/commits/688e0f673bfbf43fa898994326c6877f00ab19ef
-CVE-2018-10902
+CVE-2018-10902 (It was found that the raw midi kernel driver does not protect against  ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.15-1
 	NOTE: https://git.kernel.org/linus/39675f7a7c7e7702f7d5341f1e0d01db746543a0 (4.18-rc6)
-CVE-2018-10901
+CVE-2018-10901 (A flaw was found in Linux kernel's KVM virtualization subsystem. The V ...)
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: https://git.kernel.org/linus/3444d7da1839b851eefedd372978d8a982316c36 (2.6.36-rc1)
-CVE-2018-10900
+CVE-2018-10900 (Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1 ...)
 	{DSA-4253-1 DLA-1454-1}
 	- network-manager-vpnc 1.2.6-1 (bug #904255)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/20/3
 	NOTE: https://gitlab.gnome.org/GNOME/NetworkManager-vpnc/commit/07ac18a32b4e361a27ef48ac757d36cbb46e8e12
 CVE-2018-10899
 	RESERVED
-CVE-2018-10898
+CVE-2018-10898 (A vulnerability was found in openstack-tripleo-heat-templates before v ...)
 	- tripleo-heat-templates <removed>
-CVE-2018-10897
+CVE-2018-10897 (A directory traversal issue was found in reposync, a part of yum-utils ...)
 	- yum-utils 1.1.31-2.2 (bug #921131)
 	[stretch] - yum-utils <ignored> (Minor issue)
 	[jessie] - yum-utils <ignored> (Minor issue)
@@ -26128,39 +26128,39 @@ CVE-2018-10897
 	NOTE: https://github.com/rpm-software-management/yum-utils/commit/7554c0133eb830a71dc01846037cc047d0acbc2c
 	NOTE: https://github.com/rpm-software-management/yum-utils/commit/6a8de061f8fdc885e74ebe8c94625bf53643b71c
 	NOTE: https://github.com/rpm-software-management/yum-utils/pull/43
-CVE-2018-10896
+CVE-2018-10896 (The default cloud-init configuration, in cloud-init 0.6.2 and newer, i ...)
 	NOT-FOR-US: Red Hat-specific packaging flaw of cloud-init default config
-CVE-2018-10895
+CVE-2018-10895 (qutebrowser before version 1.4.1 is vulnerable to a cross-site request ...)
 	- qutebrowser 1.4.1-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/11/7
 	NOTE: https://github.com/qutebrowser/qutebrowser/issues/4060
 	NOTE: Introduced in: https://github.com/qutebrowser/qutebrowser/commit/ffc29ee (v1.0.0)
 	NOTE: Fixed in: https://github.com/qutebrowser/qutebrowser/commit/43e58ac865ff862c2008c510fc5f7627e10b4660 (v1.4.1)
-CVE-2018-10894
+CVE-2018-10894 (It was found that SAML authentication in Keycloak 3.4.3.Final incorrec ...)
 	NOT-FOR-US: Keycloak
-CVE-2018-10893
+CVE-2018-10893 (Multiple integer overflow and buffer overflow issues were discovered i ...)
 	- spice-gtk <unfixed> (bug #904161)
 	[stretch] - spice-gtk <no-dsa> (Minor issue)
 	[jessie] - spice-gtk <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1598234
 	NOTE: Ongoing patch review: https://lists.freedesktop.org/archives/spice-devel/2018-July/044489.html
-CVE-2018-10892
+CVE-2018-10892 (The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby f ...)
 	[experimental] - docker.io 18.06.0+dfsg1-1
 	- docker.io 18.06.1+dfsg1-1 (bug #908057)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1598581
 	NOTE: https://github.com/moby/moby/pull/37404
-CVE-2018-10891
+CVE-2018-10891 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13 ...)
 	- moodle <removed>
-CVE-2018-10890
+CVE-2018-10890 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13 ...)
 	- moodle <removed>
-CVE-2018-10889
+CVE-2018-10889 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. No opt ...)
 	- moodle <removed>
-CVE-2018-10888
+CVE-2018-10888 (A flaw was found in libgit2 before version 0.27.3. A missing check in  ...)
 	{DLA-1477-1}
 	- libgit2 0.27.4+dfsg.1-0.1 (low; bug #903508)
 	[stretch] - libgit2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/libgit2/libgit2/commit/9844d38bed10e9ff17174434b3421b227ae710f3
-CVE-2018-10887
+CVE-2018-10887 (A flaw was found in libgit2 before version 0.27.3. It has been discove ...)
 	{DLA-1477-1}
 	- libgit2 0.27.4+dfsg.1-0.1 (low; bug #903509)
 	[stretch] - libgit2 <no-dsa> (Minor issue)
@@ -26186,81 +26186,81 @@ CVE-2018-10886
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1584407
 	NOTE: The CVE will be rejected, as it was assigned by Red Hat's CNA but is out of
 	NOTE: scope of the assigning CNA.
-CVE-2018-10885
+CVE-2018-10885 (In atomic-openshift before version 3.10.9 a malicious network-policy c ...)
 	NOT-FOR-US: atomic-openshift
-CVE-2018-10884
+CVE-2018-10884 (Ansible Tower before versions 3.1.8 and 3.2.6 is vulnerable to cross-s ...)
 	NOT-FOR-US: Ansible Tower
-CVE-2018-10883
+CVE-2018-10883 (A flaw was found in the Linux kernel's ext4 filesystem. A local user c ...)
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200071
-CVE-2018-10882
+CVE-2018-10882 (A flaw was found in the Linux kernel's ext4 filesystem. A local user c ...)
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200069
-CVE-2018-10881
+CVE-2018-10881 (A flaw was found in the Linux kernel's ext4 filesystem. A local user c ...)
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200015
-CVE-2018-10880
+CVE-2018-10880 (Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4  ...)
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200005
-CVE-2018-10879
+CVE-2018-10879 (A flaw was found in the Linux kernel's ext4 filesystem. A local user c ...)
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596806
-CVE-2018-10878
+CVE-2018-10878 (A flaw was found in the Linux kernel's ext4 filesystem. A local user c ...)
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199865
-CVE-2018-10877
+CVE-2018-10877 (Linux kernel ext4 filesystem is vulnerable to an out-of-bound access i ...)
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199417
-CVE-2018-10876
+CVE-2018-10876 (A flaw was found in Linux kernel in the ext4 filesystem code. A use-af ...)
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199403
-CVE-2018-10875
+CVE-2018-10875 (A flaw was found in ansible. ansible.cfg is read from the current work ...)
 	{DSA-4396-1}
 	- ansible 2.6.1+dfsg-1
 	[jessie] - ansible <no-dsa> (Too intrusive to backport)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596533
 	NOTE: https://github.com/ansible/ansible/pull/42070
 	NOTE: https://github.com/ansible/ansible/commit/4cecbe81adbc655d7ab734165d3ac539f8ba5981
-CVE-2018-10874
+CVE-2018-10874 (In ansible it was found that inventory variables are loaded from curre ...)
 	- ansible 2.6.1+dfsg-1
 	[stretch] - ansible <not-affected> (Vulnerable code not present)
 	[jessie] - ansible <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596528
 	NOTE: https://github.com/ansible/ansible/pull/42067
 	NOTE: https://github.com/ansible/ansible/commit/1f80949f964a946773f9d3ac1899535bd2cc2b8e
-CVE-2018-10873
+CVE-2018-10873 (A vulnerability was discovered in SPICE before version 0.14.1 where th ...)
 	{DSA-4319-1 DLA-1489-1 DLA-1486-1}
 	- spice 0.14.0-1.1 (bug #906315)
 	- spice-gtk 0.35-1 (bug #906316)
 	[stretch] - spice-gtk <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/spice/spice-common/commit/bb15d4815ab586b4c4a20f4a565970a44824c42c
-CVE-2018-10872
+CVE-2018-10872 (A flaw was found in the way the Linux kernel handled exceptions delive ...)
 	- linux <not-affected> (Red Hat specific CVE-2018-8897 regression in RHEL 6.10)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596094
-CVE-2018-10871
+CVE-2018-10871 (389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Clear ...)
 	{DLA-1483-1}
 	[experimental] - 389-ds-base 1.4.0.13-1
 	- 389-ds-base 1.4.0.15-1
 	NOTE: https://pagure.io/389-ds-base/issue/49789
-CVE-2018-10870
+CVE-2018-10870 (redhat-certification does not properly sanitize paths in rhcertStore.p ...)
 	NOT-FOR-US: Red Hat Certification
-CVE-2018-10869
+CVE-2018-10869 (redhat-certification does not properly restrict files that can be down ...)
 	NOT-FOR-US: Red Hat Certification
 CVE-2018-10868
 	RESERVED
@@ -26274,43 +26274,43 @@ CVE-2018-10866
 CVE-2018-10865
 	RESERVED
 	NOT-FOR-US: Red Hat Certification
-CVE-2018-10864
+CVE-2018-10864 (An uncontrolled resource consumption flaw has been discovered in redha ...)
 	NOT-FOR-US: Red Hat Certification
 CVE-2018-10863
 	RESERVED
 	NOT-FOR-US: Red Hat Certification
-CVE-2018-10862
+CVE-2018-10862 (WildFly Core before version 6.0.0.Alpha3 does not properly validate fi ...)
 	- wildfly <itp> (bug #752018)
-CVE-2018-10861
+CVE-2018-10861 (A flaw was found in the way ceph mon handles user requests. Any authen ...)
 	{DSA-4339-1}
 	- ceph 12.2.8+dfsg1-1 (bug #913470)
 	[jessie] - ceph <no-dsa> (Intrusive changes)
 	NOTE: http://tracker.ceph.com/issues/24838
 	NOTE: https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc
-CVE-2018-10860
+CVE-2018-10860 (perl-archive-zip is vulnerable to a directory traversal in Archive::Zi ...)
 	{DSA-4300-1 DLA-1440-1}
 	- libarchive-zip-perl 1.62-1 (bug #902882)
 	NOTE: https://github.com/redhotpenguin/perl-Archive-Zip/pull/33
 	NOTE: https://github.com/redhotpenguin/perl-Archive-Zip/commit/95e1df86327
-CVE-2018-10859
+CVE-2018-10859 (git-annex is vulnerable to an Information Exposure when decrypting fil ...)
 	{DLA-1495-1}
 	- git-annex 6.20180626-1
 	[stretch] - git-annex 6.20170101-1+deb9u2
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/26/4
 	NOTE: https://git-annex.branchable.com/security/CVE-2018-10857_and_CVE-2018-10859/
-CVE-2018-10858
+CVE-2018-10858 (A heap-buffer overflow was found in the way samba clients processed ex ...)
 	{DSA-4271-1 DLA-1539-1}
 	- samba 2:4.8.4+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2018-10858.html
-CVE-2018-10857
+CVE-2018-10857 (git-annex is vulnerable to a private data exposure and exfiltration at ...)
 	{DLA-1495-1}
 	- git-annex 6.20180626-1
 	[stretch] - git-annex 6.20170101-1+deb9u2
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/26/4
 	NOTE: https://git-annex.branchable.com/security/CVE-2018-10857_and_CVE-2018-10859/
-CVE-2018-10856
+CVE-2018-10856 (It has been discovered that podman before version 0.6.1 does not drop  ...)
 	NOT-FOR-US: Podman
-CVE-2018-10855
+CVE-2018-10855 (Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the n ...)
 	{DSA-4396-1}
 	- ansible 2.5.5+dfsg-1 (low)
 	[jessie] - ansible <not-affected> (vulnerable code not present)
@@ -26318,16 +26318,16 @@ CVE-2018-10855
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1588855
 CVE-2018-10854
 	RESERVED
-CVE-2018-10853
+CVE-2018-10853 (A flaw was found in the way Linux kernel KVM hypervisor before 4.18 em ...)
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.16.16-1
 	[stretch] - linux 4.9.110-1
 	NOTE: Fixed by: https://git.kernel.org/linus/3c9fa24ca7c9c47605672916491f79e8ccacb9e6
-CVE-2018-10852
+CVE-2018-10852 (The UNIX pipe which sudo uses to contact SSSD and read the available s ...)
 	{DLA-1429-1}
 	- sssd <unfixed> (bug #902860)
 	NOTE: https://pagure.io/SSSD/sssd/issue/3766
-CVE-2018-10851
+CVE-2018-10851 (PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4. ...)
 	- pdns 4.1.5-1 (bug #913163)
 	[stretch] - pdns 4.0.3-1+deb9u3
 	[jessie] - pdns <ignored> (Minor issue)
@@ -26338,7 +26338,7 @@ CVE-2018-10851
 	NOTE: https://downloads.powerdns.com/patches/2018-03/
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-04.html
 	NOTE: https://downloads.powerdns.com/patches/2018-04/
-CVE-2018-10850
+CVE-2018-10850 (389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race  ...)
 	{DLA-1428-1}
 	[experimental] - 389-ds-base 1.4.0.13-1
 	- 389-ds-base 1.4.0.15-1 (bug #903501)
@@ -26349,14 +26349,14 @@ CVE-2018-10849
 	REJECTED
 CVE-2018-10848
 	REJECTED
-CVE-2018-10847
+CVE-2018-10847 (prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authenticat ...)
 	{DSA-4216-1}
 	- prosody 0.10.2-1 (bug #900524)
 	NOTE: https://issues.prosody.im/1147
 	NOTE: https://blog.prosody.im/prosody-0-10-2-security-release/
 	NOTE: https://prosody.im/security/advisory_20180531/issue1147-0.10.1.patch (0.10.1)
 	NOTE: https://prosody.im/security/advisory_20180531/issue1147-0.9.patch (0.9.x)
-CVE-2018-10846
+CVE-2018-10846 (A cache-based side channel in GnuTLS implementation that leads to plai ...)
 	{DLA-1560-1}
 	[experimental] - gnutls28 3.6.3-1
 	- gnutls28 3.5.19-1
@@ -26368,7 +26368,7 @@ CVE-2018-10846
 	NOTE: instead of correcting the issue.
 	NOTE: https://eprint.iacr.org/2018/747
 	NOTE: Backport of the MR657 to 3.5.x: https://gitlab.com/gnutls/gnutls/merge_requests/663
-CVE-2018-10845
+CVE-2018-10845 (It was found that the GnuTLS implementation of HMAC-SHA-384 was vulner ...)
 	{DLA-1560-1}
 	- gnutls28 3.5.19-1
 	[stretch] - gnutls28 3.5.8-5+deb9u4
@@ -26378,7 +26378,7 @@ CVE-2018-10845
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/e14d85eb8b1987d86f7b1d101a0e7795675d20d4 (gnutls_3_5_19)
 	NOTE: https://gitlab.com/gnutls/gnutls/merge_requests/657
 	NOTE: https://eprint.iacr.org/2018/747
-CVE-2018-10844
+CVE-2018-10844 (It was found that the GnuTLS implementation of HMAC-SHA-256 was vulner ...)
 	{DLA-1560-1}
 	- gnutls28 3.5.19-1
 	[stretch] - gnutls28 3.5.8-5+deb9u4
@@ -26390,23 +26390,23 @@ CVE-2018-10844
 	NOTE: https://gitlab.com/gnutls/gnutls/commit/c2e094acd68f7159025b2e2556d6fb4427b41dd7 (gnutls_3_5_19)
 	NOTE: https://gitlab.com/gnutls/gnutls/merge_requests/657
 	NOTE: https://eprint.iacr.org/2018/747
-CVE-2018-10843
+CVE-2018-10843 (source-to-image component of Openshift Container Platform before versi ...)
 	NOT-FOR-US: source-to-image in OpenShift
-CVE-2018-10842
+CVE-2018-10842 (It was found that an authenticated user could manipulate user session  ...)
 	NOT-FOR-US: Keycloak
-CVE-2018-10841
+CVE-2018-10841 (glusterfs is vulnerable to privilege escalation on gluster server node ...)
 	- glusterfs 4.1.2-1 (bug #901968)
 	[jessie] - glusterfs <not-affected> (vulnerable code not present)
 	NOTE: https://review.gluster.org/#/c/20328/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=e8d928e34680079e42be6947ffacc4ddd7defca2
-CVE-2018-10840
+CVE-2018-10840 (Linux kernel is vulnerable to a heap-based buffer overflow in the fs/e ...)
 	- linux 4.17.3-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199347
 	NOTE: Fixed by: https://git.kernel.org/linus/8a2b307c21d4b290e3cbe33f768f194286d07c23
-CVE-2018-10839
+CVE-2018-10839 (Qemu emulator &lt;= 3.0.0 built with the NE2000 NIC emulation support  ...)
 	{DSA-4338-1 DLA-1599-1}
 	- qemu 1:3.1+dfsg-1 (bug #910431)
 	- qemu-kvm <removed>
@@ -26425,29 +26425,29 @@ CVE-2018-10834
 	RESERVED
 CVE-2018-10833
 	RESERVED
-CVE-2018-10832
+CVE-2018-10832 (ModbusPal 1.6b is vulnerable to an XML External Entity (XXE) attack. P ...)
 	NOT-FOR-US: ModbusPal
-CVE-2018-10831
+CVE-2018-10831 (Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier t ...)
 	NOT-FOR-US: Z-NOMP
-CVE-2018-10830
+CVE-2018-10830 (In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 ver ...)
 	NOT-FOR-US: 2345 Security Guard
 CVE-2018-10829
 	RESERVED
-CVE-2018-10828
+CVE-2018-10828 (An issue was discovered in Alps Pointing-device Driver 10.1.101.207. A ...)
 	NOT-FOR-US: Alps Pointing-device Driver
-CVE-2018-10827
+CVE-2018-10827 (LiteCart before 2.1.2 allows remote attackers to cause a denial of ser ...)
 	NOT-FOR-US: LiteCart
 CVE-2018-10826
 	RESERVED
-CVE-2018-10825
+CVE-2018-10825 (Mimo Baby 2 devices do not use authentication or encryption for the Bl ...)
 	NOT-FOR-US: Mimo Baby 2
-CVE-2018-10824
+CVE-2018-10824 (An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L throu ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10823
+CVE-2018-10823 (An issue was discovered on D-Link DWR-116 through 1.06, DWR-512 throug ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10822
+CVE-2018-10822 (Directory traversal vulnerability in the web interface on D-Link DWR-1 ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10821
+CVE-2018-10821 (Cross-site scripting (XSS) vulnerability in backend/pages/modify.php i ...)
 	NOT-FOR-US: BlackCatCMS
 CVE-2018-10820
 	RESERVED
@@ -26455,67 +26455,67 @@ CVE-2018-10819
 	RESERVED
 CVE-2018-10818
 	RESERVED
-CVE-2018-10817
+CVE-2018-10817 (Severalnines ClusterControl before 1.6.0-4699 allows XSS. ...)
 	NOT-FOR-US: Severalnines ClusterControl
 CVE-2018-10816
 	RESERVED
 CVE-2018-10815
 	RESERVED
-CVE-2018-10814
+CVE-2018-10814 (Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for ...)
 	NOT-FOR-US: Synametrics SynaMan
-CVE-2018-10813
+CVE-2018-10813 (In Dedos-web 1.0, the cookie and session secrets used in the Express.j ...)
 	NOT-FOR-US: Dedos-web
-CVE-2018-10812
+CVE-2018-10812 (The Bitpie application through 3.2.4 for Android and iOS uses cleartex ...)
 	NOT-FOR-US: Bitpie application for Android and iOS
-CVE-2018-10811
+CVE-2018-10811 (strongSwan 5.6.0 and older allows Remote Denial of Service because of  ...)
 	{DSA-4229-1}
 	- strongswan 5.6.3-1
 	NOTE: https://www.strongswan.org/blog/2018/05/28/strongswan-5.6.3-released.html
 	NOTE: https://www.strongswan.org/blog/2018/05/28/strongswan-vulnerability-(cve-2018-10811).html
-CVE-2018-10810
+CVE-2018-10810 (chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affe ...)
 	NOT-FOR-US: LiveZilla Live Chat
-CVE-2018-10809
+CVE-2018-10809 (In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allo ...)
 	NOT-FOR-US: 2345 Security Guard
 CVE-2018-10808
 	RESERVED
 CVE-2018-10807
 	RESERVED
-CVE-2018-10806
+CVE-2018-10806 (An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross  ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-10805
+CVE-2018-10805 (ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage  ...)
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (unimportant; bug #898218)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1054
-CVE-2018-10804
+CVE-2018-10804 (ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage  ...)
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (unimportant; bug #898217)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1053
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/052f6c22d3a2b2aae9dfa24aff9ccdf8b72ace91
-CVE-2018-10803
+CVE-2018-10803 (Cross-site scripting (XSS) vulnerability in the add credentials functi ...)
 	NOT-FOR-US: Zoho ManageEngine NetFlow Analyzer
-CVE-2018-1000301
+CVE-2018-1000301 (curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-1 ...)
 	{DSA-4202-1 DLA-1379-1}
 	- curl 7.60.0-1 (bug #898856)
 	NOTE: https://curl.haxx.se/docs/adv_2018-b138.html
-CVE-2018-1000300
+CVE-2018-1000300 (curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-1 ...)
 	- curl 7.60.0-1
 	[stretch] - curl <not-affected> (Vulnerable code introduced in 7.54.1)
 	[jessie] - curl <not-affected> (Vulnerable code introduced in 7.54.1)
 	[wheezy] - curl <not-affected> (Vulnerable code introduced in 7.54.1)
 	NOTE: https://curl.haxx.se/docs/adv_2018-82c2.html
-CVE-2018-1000177
+CVE-2018-1000177 (A cross-site scripting vulnerability exists in Jenkins S3 Plugin 0.10. ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000176
+CVE-2018-1000176 (An exposure of sensitive information vulnerability exists in Jenkins E ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000175
+CVE-2018-1000175 (A path traversal vulnerability exists in Jenkins HTML Publisher Plugin ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000174
+CVE-2018-1000174 (An open redirect vulnerability exists in Jenkins Google Login Plugin 1 ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000173
+CVE-2018-1000173 (A session fixaction vulnerability exists in Jenkins Google Login Plugi ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-10802
 	RESERVED
-CVE-2018-10801
+CVE-2018-10801 (TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as dem ...)
 	- tiff 4.0.6-3
 	[jessie] - tiff 4.0.3-12.3+deb8u2
 	- tiff3 <removed>
@@ -26525,15 +26525,15 @@ CVE-2018-10801
 	NOTE: technically still present in the source package
 CVE-2018-10800
 	RESERVED
-CVE-2018-10799
+CVE-2018-10799 (A hang issue was discovered in Brave before 0.14.0 (on, for example, L ...)
 	- brave-browser <itp> (bug #864795)
-CVE-2018-10798
+CVE-2018-10798 (A hang issue was discovered in Brave before 0.14.0 (on, for example, L ...)
 	- brave-browser <itp> (bug #864795)
 CVE-2018-10797
 	RESERVED
-CVE-2018-10796
+CVE-2018-10796 (In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allo ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-10795
+CVE-2018-10795 (** DISPUTED ** Liferay 6.2.x and before has an FCKeditor configuration ...)
 	NOT-FOR-US: Liferay
 CVE-2018-10794
 	RESERVED
@@ -26563,7 +26563,7 @@ CVE-2018-10782
 	RESERVED
 CVE-2018-10781
 	RESERVED
-CVE-2018-10780
+CVE-2018-10780 (Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based bu ...)
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575201
@@ -26572,7 +26572,7 @@ CVE-2018-10780
 	NOTE: Exiv2::Image::printIFDStructure.
 	NOTE: Commit https://github.com/Exiv2/exiv2/commit/8ff26931e31bb25d66c69846f47f3f5b6d9a32f1
 	NOTE: avoids using Image::printStructure() when reading images.
-CVE-2018-10779
+CVE-2018-10779 (TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buf ...)
 	- tiff 4.0.6-3 (bug #898359)
 	[jessie] - tiff 4.0.3-12.3+deb8u2
 	- tiff3 <removed>
@@ -26580,44 +26580,44 @@ CVE-2018-10779
 	NOTE: Utility bmp2tiff has been removed from upstream LibTIFF
 	NOTE: bmp2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although
 	NOTE: technically still present in the source package
-CVE-2018-10778
+CVE-2018-10778 (Read access violation in the III_dequantize_sample function in mpglibD ...)
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life> (Not supported in Wheezy)
-CVE-2018-10777
+CVE-2018-10777 (Buffer overflow in the WriteMP3GainAPETag function in apetag.c in mp3g ...)
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life> (Not supported in Wheezy)
-CVE-2018-10776
+CVE-2018-10776 (The getbits function in mpglibDBL/common.c in mp3gain through 1.5.2-r2 ...)
 	- mp3gain <removed>
 	[wheezy] - mp3gain <end-of-life> (Not supported in Wheezy)
-CVE-2018-10775
+CVE-2018-10775 (NULL pointer dereference in the _fields_add function in fields.c in li ...)
 	- bibutils <unfixed> (unimportant; bug #898135)
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-10774
+CVE-2018-10774 (Read access violation in the isiin_keyword function in isiin.c in libb ...)
 	- bibutils <unfixed> (unimportant; bug #898135)
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-10773
+CVE-2018-10773 (NULL pointer deference in the addsn function in serialno.c in libbibco ...)
 	- bibutils <unfixed> (unimportant; bug #898135)
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-10772
+CVE-2018-10772 (The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allow ...)
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1566260
-CVE-2018-10771
+CVE-2018-10771 (Stack-based buffer overflow in the get_key function in parse.c in abcm ...)
 	- abcm2ps 8.14.2-0.1 (unimportant; bug #898130)
 	NOTE: https://github.com/leesavide/abcm2ps/issues/17
 	NOTE: https://github.com/leesavide/abcm2ps/commit/dc0372993674d0b50fedfbf7b9fad1239b8efc5f
 	NOTE: Crash in CLI tool (neutralised by toolchain hardening), no security impact
-CVE-2018-10770
+CVE-2018-10770 (download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attac ...)
 	NOT-FOR-US: ShenZhen Anni "5 in 1 XVR" devices
-CVE-2018-10769
+CVE-2018-10769 (The transferProxy and approveProxy functions of a smart contract imple ...)
 	NOT-FOR-US: smart contract
-CVE-2018-10768
+CVE-2018-10768 (There is a NULL pointer dereference in the AnnotPath::getCoordsLength  ...)
 	{DLA-1562-1}
 	- poppler 0.38.0-2
 	[wheezy] - poppler <not-affected> (Vulnerable code is not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=106408
 	NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=942adfc25e7a00ac3cf032ced2d8949e99099f70 (poppler-0.37)
-CVE-2018-10767
+CVE-2018-10767 (There is a stack-based buffer over-read in calling GLib in the functio ...)
 	- libgxps 0.3.0-3 (bug #898133)
 	[stretch] - libgxps <no-dsa> (Minor issue)
 	[jessie] - libgxps <no-dsa> (Minor issue)
@@ -26629,54 +26629,54 @@ CVE-2018-10765
 	RESERVED
 CVE-2018-10764
 	RESERVED
-CVE-2018-10763
+CVE-2018-10763 (Multiple cross-site scripting (XSS) vulnerabilities in Synametrics Syn ...)
 	NOT-FOR-US: Synametrics SynaMan
 CVE-2018-10762
 	REJECTED
 CVE-2018-10761
 	REJECTED
-CVE-2018-10760
+CVE-2018-10760 (Unrestricted file upload vulnerability in the Files plugin in ProjectP ...)
 	NOT-FOR-US: Files plugin in ProjectPier
-CVE-2018-10759
+CVE-2018-10759 (PHP remote file inclusion vulnerability in public/patch/patch.php in P ...)
 	NOT-FOR-US: Project Pier
-CVE-2018-11319
+CVE-2018-11319 (Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle s ...)
 	{DSA-4261-1 DLA-1444-1}
 	- vim-syntastic 3.9.0-1 (bug #894736)
 	NOTE: https://github.com/vim-syntastic/syntastic/issues/2170
 	NOTE: https://github.com/vim-syntastic/syntastic/commit/6d7c0b394e001233dd09ec473fbea2002c72632f
-CVE-2018-10758
+CVE-2018-10758 (The edit/ URI in Datenstrom Yellow 0.7.3 has CSRF via a delete action  ...)
 	NOT-FOR-US: Datenstrom Yellow
-CVE-2018-10757
+CVE-2018-10757 (CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant Authe ...)
 	NOT-FOR-US: CSP MySQL User Manager
 CVE-2018-10756
 	RESERVED
 CVE-2018-10755
 	REJECTED
-CVE-2018-10754
+CVE-2018-10754 (In ncurses before 6.1.20180414, there is a NULL Pointer Dereference in ...)
 	- ncurses 6.1+20180210-3 (low)
 	[stretch] - ncurses <no-dsa> (Minor issue)
 	[jessie] - ncurses <no-dsa> (Minor issue)
 	[wheezy] - ncurses <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1566575
 	NOTE: https://invisible-island.net/ncurses/NEWS.html#t20180414
-CVE-2018-10753
+CVE-2018-10753 (Stack-based buffer overflow in the delayed_output function in music.c  ...)
 	- abcm2ps 8.14.2-0.1 (unimportant; bug #897966)
 	NOTE: https://github.com/leesavide/abcm2ps/issues/16
 	NOTE: https://github.com/leesavide/abcm2ps/commit/fd956e19f88ee32f8ec4aece5901400b06e80bcc
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-10752
+CVE-2018-10752 (The Tagregator plugin 0.6 for WordPress has stored XSS via the title f ...)
 	NOT-FOR-US: Tagregator plugin for WordPress
-CVE-2018-10751
+CVE-2018-10751 (A malformed OMACP WAP push message can cause memory corruption on a Sa ...)
 	NOT-FOR-US: Samsung
-CVE-2018-10750
+CVE-2018-10750 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authent ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10749
+CVE-2018-10749 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authent ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10748
+CVE-2018-10748 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authent ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10747
+CVE-2018-10747 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authent ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10746
+CVE-2018-10746 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authent ...)
 	NOT-FOR-US: D-Link
 CVE-2018-10745
 	RESERVED
@@ -26688,21 +26688,21 @@ CVE-2018-10742
 	RESERVED
 CVE-2018-10741
 	RESERVED
-CVE-2018-10740
+CVE-2018-10740 (Axublog 1.1.0 allows remote Code Execution as demonstrated by injectio ...)
 	NOT-FOR-US: Axublog
-CVE-2018-10739
+CVE-2018-10739 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPC ...)
 	NOT-FOR-US: Shanghai 2345 Security Guard
-CVE-2018-10738
+CVE-2018-10738 (A SQL injection issue was discovered in Nagios XI before 5.4.13 via th ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-10737
+CVE-2018-10737 (A SQL injection issue was discovered in Nagios XI before 5.4.13 via th ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-10736
+CVE-2018-10736 (A SQL injection issue was discovered in Nagios XI before 5.4.13 via th ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-10735
+CVE-2018-10735 (A SQL injection issue was discovered in Nagios XI before 5.4.13 via th ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-10734
+CVE-2018-10734 (KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoo ...)
 	NOT-FOR-US: KONGTOP DVR devices
-CVE-2018-10733
+CVE-2018-10733 (There is a heap-based buffer over-read in the function ft_font_face_ha ...)
 	- libgxps 0.3.0-3 (low; bug #897954)
 	[stretch] - libgxps <no-dsa> (Minor issue)
 	[jessie] - libgxps <no-dsa> (Minor issue)
@@ -26710,27 +26710,27 @@ CVE-2018-10733
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1574844
 	NOTE: https://git.gnome.org/browse/libgxps/commit/?id=b458226e162fe1ffe7acb4230c114a52ada5131b
 	NOTE: https://git.gnome.org/browse/libgxps/commit/?id=133fe2a96e020d4ca65c6f64fb28a404050ebbfd
-CVE-2018-10732
+CVE-2018-10732 (The REST API in Dataiku DSS before 4.2.3 allows remote attackers to ob ...)
 	NOT-FOR-US: Dataiku DSS
-CVE-2018-10731
+CVE-2018-10731 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products runnin ...)
 	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
-CVE-2018-10730
+CVE-2018-10730 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products runnin ...)
 	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
-CVE-2018-10729
+CVE-2018-10729 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products runnin ...)
 	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
-CVE-2018-10728
+CVE-2018-10728 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products runnin ...)
 	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
 CVE-2018-10727
 	RESERVED
-CVE-2018-10726
+CVE-2018-10726 (** DISPUTED ** A stored XSS vulnerability was found in Datenstrom Yell ...)
 	NOT-FOR-US: Datenstrom Yellow
 CVE-2018-10725
 	RESERVED
 CVE-2018-10724
 	RESERVED
-CVE-2018-10723
+CVE-2018-10723 (Directus 6.4.9 has a hardcoded admin password for the Admin account be ...)
 	NOT-FOR-US: Directus
-CVE-2018-10722
+CVE-2018-10722 (In Cylance CylancePROTECT before 1470, an unprivileged local user can  ...)
 	NOT-FOR-US: Cylance CylancePROTECT
 CVE-2018-10721
 	RESERVED
@@ -26738,33 +26738,33 @@ CVE-2018-10720
 	RESERVED
 CVE-2018-10719
 	RESERVED
-CVE-2018-10718
+CVE-2018-10718 (Stack-based buffer overflow in Activision Infinity Ward Call of Duty M ...)
 	NOT-FOR-US: Activision
-CVE-2018-10717
+CVE-2018-10717 (The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does no ...)
 	NOT-FOR-US: ngiflib
-CVE-2018-10716
+CVE-2018-10716 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPC ...)
 	NOT-FOR-US: Shanghai 2345 Security Guard
 CVE-2018-10715
 	RESERVED
 CVE-2018-10714
 	RESERVED
-CVE-2018-10713
+CVE-2018-10713 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authent ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10712
+CVE-2018-10712 (The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED ...)
 	NOT-FOR-US: ASRock
-CVE-2018-10711
+CVE-2018-10711 (The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED ...)
 	NOT-FOR-US: ASRock
-CVE-2018-10710
+CVE-2018-10710 (The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED ...)
 	NOT-FOR-US: ASRock
-CVE-2018-10709
+CVE-2018-10709 (The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED ...)
 	NOT-FOR-US: ASRock
 CVE-2018-10708
 	RESERVED
 CVE-2018-10707
 	RESERVED
-CVE-2018-10706
+CVE-2018-10706 (An integer overflow in the transferMulti function of a smart contract  ...)
 	NOT-FOR-US: Social Chain
-CVE-2018-10705
+CVE-2018-10705 (The Owned smart contract implementation for Aurora DAO (AURA), an Ethe ...)
 	NOT-FOR-US: Aurora DAD
 CVE-2018-10704
 	RESERVED
@@ -26796,7 +26796,7 @@ CVE-2018-10691
 	RESERVED
 CVE-2018-10690
 	RESERVED
-CVE-2018-10689
+CVE-2018-10689 (blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel a ...)
 	- blktrace 1.2.0-1 (low; bug #897695)
 	[stretch] - blktrace 1.1.0-2+deb9u1
 	[jessie] - blktrace 1.0.5-1+deb8u1
@@ -26807,9 +26807,9 @@ CVE-2018-10688
 	RESERVED
 CVE-2018-10687
 	RESERVED
-CVE-2018-10686
+CVE-2018-10686 (An issue was discovered in Vesta Control Panel 0.9.8-20. There is Refl ...)
 	NOT-FOR-US:  Vesta Control Panel
-CVE-2018-10685
+CVE-2018-10685 (In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the  ...)
 	- lrzip 0.631+git180517-1 (low; bug #897645)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
@@ -26817,21 +26817,21 @@ CVE-2018-10685
 	NOTE: https://github.com/ckolivas/lrzip/issues/95
 CVE-2018-10684
 	RESERVED
-CVE-2018-10683
+CVE-2018-10683 (** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. In the ...)
 	- wildfly <itp> (bug #752018)
-CVE-2018-10682
+CVE-2018-10682 (** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. It is  ...)
 	- wildfly <itp> (bug #752018)
 CVE-2018-10681
 	RESERVED
-CVE-2018-10680
+CVE-2018-10680 (** DISPUTED ** Z-BlogPHP 1.5.2 has a stored Cross Site Scripting Vulne ...)
 	NOT-FOR-US: Z-BlogPHP
 CVE-2018-10679
 	RESERVED
-CVE-2018-10678
+CVE-2018-10678 (MyBB 1.8.15, when accessed with Microsoft Edge, mishandles 'target="_b ...)
 	NOT-FOR-US: MyBB
-CVE-2018-10677
+CVE-2018-10677 (The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks c ...)
 	NOT-FOR-US: ngiflib
-CVE-2018-10676
+CVE-2018-10676 (CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR dev ...)
 	NOT-FOR-US: CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices
 CVE-2018-10674
 	RESERVED
@@ -26849,65 +26849,65 @@ CVE-2018-10668
 	RESERVED
 CVE-2018-10667
 	RESERVED
-CVE-2018-10666
+CVE-2018-10666 (The Owned smart contract implementation for Aurora IDEX Membership (ID ...)
 	NOT-FOR-US: Aurora IDEX
-CVE-2018-10665
+CVE-2018-10665 (ILIAS 5.3.4 has XSS through unsanitized output of PHP_SELF, related to ...)
 	NOT-FOR-US: ILIAS
-CVE-2018-10664
+CVE-2018-10664 (An issue was discovered in the httpd process in multiple models of Axi ...)
 	NOT-FOR-US: Axis
-CVE-2018-10663
+CVE-2018-10663 (An issue was discovered in multiple models of Axis IP Cameras. There i ...)
 	NOT-FOR-US: Axis
-CVE-2018-10662
+CVE-2018-10662 (An issue was discovered in multiple models of Axis IP Cameras. There i ...)
 	NOT-FOR-US: Axis
-CVE-2018-10661
+CVE-2018-10661 (An issue was discovered in multiple models of Axis IP Cameras. There i ...)
 	NOT-FOR-US: Axis
-CVE-2018-10660
+CVE-2018-10660 (An issue was discovered in multiple models of Axis IP Cameras. There i ...)
 	NOT-FOR-US: Axis
-CVE-2018-10659
+CVE-2018-10659 (There was a Memory Corruption issue discovered in multiple models of A ...)
 	NOT-FOR-US: Axis
-CVE-2018-10658
+CVE-2018-10658 (There was a Memory Corruption issue discovered in multiple models of A ...)
 	NOT-FOR-US: Axis
-CVE-2018-10675
+CVE-2018-10675 (The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel be ...)
 	- linux 4.12.12-1
 	[stretch] - linux 4.9.47-1
 	[jessie] - linux 3.16.51-1
 	[wheezy] - linux 3.2.96-1
 	NOTE: https://git.kernel.org/linus/73223e4e2e3867ebf033a5a8eb2e5df0158ccc99 (4.13-rc6)
-CVE-2018-10657
+CVE-2018-10657 (Matrix Synapse before 0.28.1 is prone to a denial of service flaw wher ...)
 	- matrix-synapse 0.28.1+dfsg-1
 	NOTE: https://github.com/matrix-org/synapse/commit/33f469ba19586bbafa0cf2c7d7c35463bdab87eb
 	NOTE: https://matrix.org/blog/2018/05/01/security-update-synapse-0-28-1/
 CVE-2018-10656
 	RESERVED
-CVE-2018-10655
+CVE-2018-10655 (DLPnpAuditor.exe in DeviceLock Plug and Play Auditor (freeware) 5.72 h ...)
 	NOT-FOR-US: DeviceLock Plug and Play Auditor
-CVE-2018-10654
+CVE-2018-10654 (There is a Hazelcast Library Java Deserialization Vulnerability in Cit ...)
 	NOT-FOR-US: Citrix
-CVE-2018-10653
+CVE-2018-10653 (There is an XML External Entity (XXE) Processing Vulnerability in Citr ...)
 	NOT-FOR-US: Citrix
-CVE-2018-10652
+CVE-2018-10652 (There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10. ...)
 	NOT-FOR-US: Citrix
-CVE-2018-10651
+CVE-2018-10651 (There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10. ...)
 	NOT-FOR-US: Citrix
-CVE-2018-10650
+CVE-2018-10650 (There is an Insufficient Path Validation Vulnerability in Citrix XenMo ...)
 	NOT-FOR-US: Citrix
-CVE-2018-10649
+CVE-2018-10649 (There is a Cross-Site Scripting Vulnerability in Citrix XenMobile Serv ...)
 	NOT-FOR-US: Citrix
-CVE-2018-10648
+CVE-2018-10648 (There are Unauthenticated File Upload Vulnerabilities in Citrix XenMob ...)
 	NOT-FOR-US: Citrix
-CVE-2018-10647
+CVE-2018-10647 (SaferVPN 4.2.5 for Windows suffers from a SYSTEM privilege escalation  ...)
 	NOT-FOR-US: SaferVPN
-CVE-2018-10646
+CVE-2018-10646 (CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege esca ...)
 	NOT-FOR-US: CyberGhost
-CVE-2018-10645
+CVE-2018-10645 (Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM priv ...)
 	NOT-FOR-US: Golden Frog VyprVPN
 CVE-2018-10644
 	RESERVED
 CVE-2018-10643
 	RESERVED
-CVE-2018-10642
+CVE-2018-10642 (Command injection vulnerability in Combodo iTop 2.4.1 allows remote au ...)
 	NOT-FOR-US: Combodo iTop
-CVE-2018-10641
+CVE-2018-10641 (D-Link DIR-601 A1 1.02NA devices do not require the old password for a ...)
 	NOT-FOR-US: D-Link
 CVE-2018-10640
 	RESERVED
@@ -26915,115 +26915,115 @@ CVE-2018-10639
 	RESERVED
 CVE-2018-10638
 	RESERVED
-CVE-2018-10637
+CVE-2018-10637 (A maliciously crafted project file may cause a buffer overflow, which  ...)
 	NOT-FOR-US: Fuji
-CVE-2018-10636
+CVE-2018-10636 (CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 ha ...)
 	NOT-FOR-US: CNCSoft
-CVE-2018-10635
+CVE-2018-10635 (In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5 ...)
 	NOT-FOR-US: Universal Robots
-CVE-2018-10634
+CVE-2018-10634 (Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL- ...)
 	NOT-FOR-US: Medtronic
-CVE-2018-10633
+CVE-2018-10633 (Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-10 ...)
 	NOT-FOR-US: Universal Robots
-CVE-2018-10632
+CVE-2018-10632 (In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and pri ...)
 	NOT-FOR-US: Moxa
-CVE-2018-10631
+CVE-2018-10631 (Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Progra ...)
 	NOT-FOR-US: Medtronic
-CVE-2018-10630
+CVE-2018-10630 (For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version p ...)
 	NOT-FOR-US: Creston
 CVE-2018-10629
 	RESERVED
-CVE-2018-10628
+CVE-2018-10628 (AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update ...)
 	NOT-FOR-US: AVEVA
-CVE-2018-10627
+CVE-2018-10627 (Echelon SmartServer 1 all versions, SmartServer 2 all versions prior t ...)
 	NOT-FOR-US: Echelon
-CVE-2018-10626
+CVE-2018-10626 (A vulnerability was discovered in all versions of Medtronic MyCareLink ...)
 	NOT-FOR-US: Medtronic
 CVE-2018-10625
 	RESERVED
-CVE-2018-10624
+CVE-2018-10624 (In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (B ...)
 	NOT-FOR-US: Johnson Controls Metasys System
-CVE-2018-10623
+CVE-2018-10623 (Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04  ...)
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
-CVE-2018-10622
+CVE-2018-10622 (A vulnerability was discovered in all versions of Medtronic MyCareLink ...)
 	NOT-FOR-US: Medtronic
-CVE-2018-10621
+CVE-2018-10621 (Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04  ...)
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
-CVE-2018-10620
+CVE-2018-10620 (AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Editio ...)
 	NOT-FOR-US: AVEVA
-CVE-2018-10619
+CVE-2018-10619 (An unquoted search path or element in RSLinx Classic Versions 3.90.01  ...)
 	NOT-FOR-US: RSLinx
-CVE-2018-10618
+CVE-2018-10618 (Davolink DVW-3200N all version prior to Version 1.00.06. The device ge ...)
 	NOT-FOR-US: Davolink DVW-3200N
-CVE-2018-10617
+CVE-2018-10617 (Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04  ...)
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
-CVE-2018-10616
+CVE-2018-10616 (ABB Panel Builder 800 all versions has an improper input validation vu ...)
 	NOT-FOR-US: ABB Panel Builder 800
-CVE-2018-10615
+CVE-2018-10615 (Directory traversal may lead to files being exfiltrated or deleted on  ...)
 	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
-CVE-2018-10614
+CVE-2018-10614 (An XXE vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be ...)
 	NOT-FOR-US: LeviStudioU
-CVE-2018-10613
+CVE-2018-10613 (Multiple variants of XML External Entity (XXE) attacks may be used to  ...)
 	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
-CVE-2018-10612
+CVE-2018-10612 (In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior  ...)
 	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS Control V3 Products
-CVE-2018-10611
+CVE-2018-10611 (Java remote method invocation (RMI) input port in GE MDS PulseNET and  ...)
 	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
-CVE-2018-10610
+CVE-2018-10610 (An out-of-bounds vulnerability in LeviStudioU, Versions 1.8.29 and 1.8 ...)
 	NOT-FOR-US: LeviStudioU
-CVE-2018-10609
+CVE-2018-10609 (Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-6 ...)
 	NOT-FOR-US: Martem TELEM GW6 and GWM devices
-CVE-2018-10608
+CVE-2018-10608 (SEL AcSELerator Architect version 2.2.24.0 and prior can be exploited  ...)
 	NOT-FOR-US: SEL AcSELerator Architect
-CVE-2018-10607
+CVE-2018-10607 (Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-6 ...)
 	NOT-FOR-US: Martem TELEM GW6 and GWM devices
-CVE-2018-10606
+CVE-2018-10606 (WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple heap-based b ...)
 	NOT-FOR-US: WECON LeviStudio
-CVE-2018-10605
+CVE-2018-10605 (Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unp ...)
 	NOT-FOR-US: Martem TELEM GW6/GWM
-CVE-2018-10604
+CVE-2018-10604 (SEL Compass version 3.0.5.1 and prior allows all users full access to  ...)
 	NOT-FOR-US: SEL Compass
-CVE-2018-10603
+CVE-2018-10603 (Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-6 ...)
 	NOT-FOR-US: Martem TELEM GW6 and GWM devices
-CVE-2018-10602
+CVE-2018-10602 (WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based  ...)
 	NOT-FOR-US: WECON LeviStudio
-CVE-2018-10601
+CVE-2018-10601 (IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70 ...)
 	NOT-FOR-US: Philips
-CVE-2018-10600
+CVE-2018-10600 (SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitize ...)
 	NOT-FOR-US: SEL AcSELerator Architect
-CVE-2018-10599
+CVE-2018-10599 (IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70 ...)
 	NOT-FOR-US: Philips
-CVE-2018-10598
+CVE-2018-10598 (CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 ha ...)
 	NOT-FOR-US: CNCSoft
-CVE-2018-10597
+CVE-2018-10597 (IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70 ...)
 	NOT-FOR-US: Philips
-CVE-2018-10596
+CVE-2018-10596 (Medtronic 2090 CareLink Programmer all versions The affected product u ...)
 	NOT-FOR-US: Medtronic
-CVE-2018-10595
+CVE-2018-10595 (A vulnerability in ReadA version 1.1.0.2 and previous allows an author ...)
 	NOT-FOR-US: BD Kiestra and InoqulA systems
-CVE-2018-10594
+CVE-2018-10594 (Delta Industrial Automation COMMGR from Delta Electronics versions 1.0 ...)
 	NOT-FOR-US: Delta
-CVE-2018-10593
+CVE-2018-10593 (A vulnerability in DB Manager version 3.0.1.0 and previous and Perform ...)
 	NOT-FOR-US: BD Kiestra and InoqulA systems
-CVE-2018-10592
+CVE-2018-10592 (Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers  ...)
 	NOT-FOR-US: Yokogawa
-CVE-2018-10591
+CVE-2018-10591 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ver ...)
 	NOT-FOR-US: Advantech
-CVE-2018-10590
+CVE-2018-10590 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ver ...)
 	NOT-FOR-US: Advantech
-CVE-2018-10589
+CVE-2018-10589 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ver ...)
 	NOT-FOR-US: Advantech
 CVE-2018-10588
 	RESERVED
-CVE-2018-10587
+CVE-2018-10587 (NetGain Enterprise Manager (EM) is affected by OS Command Injection vu ...)
 	NOT-FOR-US: NetGain Enterprise Manager
-CVE-2018-10586
+CVE-2018-10586 (NetGain Enterprise Manager (EM) is affected by multiple Stored Cross-S ...)
 	NOT-FOR-US: NetGain Enterprise Manager
 CVE-2018-10585
 	RESERVED
 CVE-2018-10584
 	RESERVED
-CVE-2018-10583
+CVE-2018-10583 (An information disclosure vulnerability occurs when LibreOffice 6.0.3  ...)
 	- libreoffice <unfixed> (unimportant)
 	NOTE: http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/
 	NOTE: This is the generic behaviour of accessing remote SMB shares and not limited to
@@ -27033,49 +27033,49 @@ CVE-2018-10583
 	NOTE: https://cgit.freedesktop.org/libreoffice/core/commit/?id=0b7f4a4f57117fde33d0b1df96134aa6ccce023e
 CVE-2018-10582
 	RESERVED
-CVE-2018-10581
+CVE-2018-10581 (In Octopus Deploy 3.4.x before 2018.4.7, an authenticated user is able ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-10580
+CVE-2018-10580 (The "Latest Posts on Profile" plugin 1.1 for MyBB has XSS because ther ...)
 	NOT-FOR-US: "Latest Posts on Profile" plugin for MyBB
 CVE-2018-10579
 	RESERVED
-CVE-2018-10578
+CVE-2018-10578 (An issue was discovered on WatchGuard AP100, AP102, and AP200 devices  ...)
 	NOT-FOR-US: WatchGuard AP100, AP102, and AP200 devices
-CVE-2018-10577
+CVE-2018-10577 (An issue was discovered on WatchGuard AP100, AP102, and AP200 devices  ...)
 	NOT-FOR-US: WatchGuard AP100, AP102, and AP200 devices
-CVE-2018-10576
+CVE-2018-10576 (An issue was discovered on WatchGuard AP100, AP102, and AP200 devices  ...)
 	NOT-FOR-US: WatchGuard devices
-CVE-2018-10575
+CVE-2018-10575 (An issue was discovered on WatchGuard AP100, AP102, and AP200 devices  ...)
 	NOT-FOR-US: WatchGuard devices
-CVE-2018-10574
+CVE-2018-10574 (site/index.php/admin/trees/add/ in BigTree 4.2.22 and earlier allows r ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2018-1000172
+CVE-2018-1000172 (Imagely NextGEN Gallery version 2.2.30 and earlier contains a Cross Si ...)
 	NOT-FOR-US: Imagely NextGEN Gallery
-CVE-2018-10573
+CVE-2018-10573 (interface/fax/fax_dispatch.php in OpenEMR before 5.0.1 allows remote a ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-10572
+CVE-2018-10572 (interface/patient_file/letter.php in OpenEMR before 5.0.1 allows remot ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-10571
+CVE-2018-10571 (Multiple reflected cross-site scripting (XSS) vulnerabilities in OpenE ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-10570
+CVE-2018-10570 (Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-10569
+CVE-2018-10569 (An issue was discovered in Edimax EW-7438RPn Mini v2 before version 1. ...)
 	NOT-FOR-US: Edimax EW-7438RPn Mini v2
-CVE-2018-10568
+CVE-2018-10568 (XSS exists in Flexense DiskSorter Enterprise from v9.5.12 to v10.7. ...)
 	NOT-FOR-US: Flexense DiskSorter Enterprise
-CVE-2018-10567
+CVE-2018-10567 (XSS exists in Flexense VX Search Enterprise from v10.1.12 to v10.7. ...)
 	NOT-FOR-US: Flexense VX Search Enterprise
-CVE-2018-10566
+CVE-2018-10566 (XSS exists in Flexense DupScout Enterprise from v10.0.18 to v10.7. ...)
 	NOT-FOR-US: Flexense DupScout Enterprise
-CVE-2018-10565
+CVE-2018-10565 (XSS exists in Flexense DiskSavvy Enterprise from v10.4 to v10.7. ...)
 	NOT-FOR-US: Flexense DiskSavvy Enterprise
-CVE-2018-10564
+CVE-2018-10564 (XSS exists in Flexense DiskPulse Enterprise from v10.4 to v10.7. ...)
 	NOT-FOR-US: Flexense DiskPulse Enterprise
-CVE-2018-10563
+CVE-2018-10563 (An XSS in Flexense SyncBreeze affects all versions (tested from SyncBr ...)
 	NOT-FOR-US: Flexense SyncBreeze
-CVE-2018-10562
+CVE-2018-10562 (An issue was discovered on Dasan GPON home routers. Command Injection  ...)
 	NOT-FOR-US: Dasan GPON home routers
-CVE-2018-10561
+CVE-2018-10561 (An issue was discovered on Dasan GPON home routers. It is possible to  ...)
 	NOT-FOR-US: Dasan GPON home routers
 CVE-2018-10560
 	RESERVED
@@ -27089,17 +27089,17 @@ CVE-2018-10556
 	RESERVED
 CVE-2018-10555
 	RESERVED
-CVE-2018-10554
+CVE-2018-10554 (An issue was discovered in Nagios XI 5.4.13. There is XSS exploitable  ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-10553
+CVE-2018-10553 (An issue was discovered in Nagios XI 5.4.13. A registered user is able ...)
 	NOT-FOR-US: Nagios XI
 CVE-2018-10552
 	RESERVED
 CVE-2018-10551
 	RESERVED
-CVE-2018-10550
+CVE-2018-10550 (In Octopus Deploy before 2018.4.7, target and tenant tag variable scop ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-10549
+CVE-2018-10549 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1 ...)
 	{DSA-4240-1 DLA-1397-1}
 	- php7.2 7.2.8-1
 	- php7.1 7.1.19-1
@@ -27108,7 +27108,7 @@ CVE-2018-10549
 	[wheezy] - php5 <not-affected> (vulnerable code is not present)
 	NOTE: Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76130
-CVE-2018-10548
+CVE-2018-10548 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1 ...)
 	{DSA-4240-1 DLA-1397-1 DLA-1373-1}
 	- php7.2 7.2.8-1
 	- php7.1 7.1.19-1
@@ -27116,7 +27116,7 @@ CVE-2018-10548
 	- php5 <removed>
 	NOTE: Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76248
-CVE-2018-10547
+CVE-2018-10547 (An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36 ...)
 	{DSA-4240-1 DLA-1397-1 DLA-1373-1}
 	- php7.2 7.2.8-1
 	- php7.1 7.1.19-1
@@ -27124,7 +27124,7 @@ CVE-2018-10547
 	- php5 <removed>
 	NOTE: Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76129
-CVE-2018-10546
+CVE-2018-10546 (An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1 ...)
 	{DSA-4240-1 DLA-1397-1}
 	- php7.2 7.2.8-1
 	- php7.1 7.1.19-1
@@ -27133,7 +27133,7 @@ CVE-2018-10546
 	[wheezy] - php5 <not-affected> (does not cause an infinite loop)
 	NOTE: Fixed in 5.6.36, 7.0.30, 7.1.17, 7.2.5
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76249
-CVE-2018-10545
+CVE-2018-10545 (An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1 ...)
 	{DSA-4240-1 DLA-1397-1 DLA-1373-1}
 	- php7.2 7.2.4-1
 	- php7.1 7.1.16-1
@@ -27141,7 +27141,7 @@ CVE-2018-10545
 	- php5 <removed>
 	NOTE: Fixed in 5.6.35, 7.0.29, 7.1.16, 7.2.4
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75605
-CVE-2018-10544
+CVE-2018-10544 (Meross MSS110 devices through 1.1.24 contain an unauthenticated admin. ...)
 	NOT-FOR-US: Meross MSS110
 CVE-2018-10543
 	RESERVED
@@ -27149,28 +27149,28 @@ CVE-2018-10542
 	RESERVED
 CVE-2018-10541
 	RESERVED
-CVE-2018-10540
+CVE-2018-10540 (An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Ou ...)
 	{DSA-4197-1}
 	- wavpack 5.1.0-3 (bug #897271)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
 	NOTE: https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d
 	NOTE: https://github.com/dbry/WavPack/issues/33
-CVE-2018-10539
+CVE-2018-10539 (An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. ...)
 	{DSA-4197-1}
 	- wavpack 5.1.0-3 (bug #897271)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
 	NOTE: https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d
 	NOTE: https://github.com/dbry/WavPack/issues/33
-CVE-2018-10538
+CVE-2018-10538 (An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Ou ...)
 	{DSA-4197-1}
 	- wavpack 5.1.0-3 (bug #897271)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
 	NOTE: https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d
 	NOTE: https://github.com/dbry/WavPack/issues/33
-CVE-2018-10537
+CVE-2018-10537 (An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser c ...)
 	{DSA-4197-1}
 	- wavpack 5.1.0-3 (bug #897271)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
@@ -27179,7 +27179,7 @@ CVE-2018-10537
 	NOTE: https://github.com/dbry/WavPack/issues/30
 	NOTE: https://github.com/dbry/WavPack/issues/31
 	NOTE: https://github.com/dbry/WavPack/issues/32
-CVE-2018-10536
+CVE-2018-10536 (An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser c ...)
 	{DSA-4197-1}
 	- wavpack 5.1.0-3 (bug #897271)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
@@ -27188,14 +27188,14 @@ CVE-2018-10536
 	NOTE: https://github.com/dbry/WavPack/issues/30
 	NOTE: https://github.com/dbry/WavPack/issues/31
 	NOTE: https://github.com/dbry/WavPack/issues/32
-CVE-2018-10535
+CVE-2018-10535 (The ignore_section_sym function in elf.c in the Binary File Descriptor ...)
 	- binutils 2.30.90.20180627-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23113
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=db0c309f4011ca94a4abc8458e27f3734dab92ac
-CVE-2018-10534
+CVE-2018-10534 (The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in ...)
 	- binutils 2.30.90.20180627-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -27204,27 +27204,27 @@ CVE-2018-10534
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aa4a8c2a2a67545e90c877162c53cc9de42dc8b4
 CVE-2018-10533
 	RESERVED
-CVE-2018-10532
+CVE-2018-10532 (An issue was discovered on EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 dev ...)
 	NOT-FOR-US: EE 4GEE HH70VB-2BE8GB3s
 CVE-2018-10531
 	RESERVED
 CVE-2018-10530
 	RESERVED
-CVE-2018-10529
+CVE-2018-10529 (An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds re ...)
 	- libraw 0.18.11-1 (low; bug #897186)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <no-dsa> (Minor issue)
 	NOTE: https://github.com/LibRaw/LibRaw/commit/f0c505a3e5d47989a5f69be2d0d4f250af6b1a6c
 	NOTE: https://github.com/LibRaw/LibRaw/issues/144
-CVE-2018-10528
+CVE-2018-10528 (An issue was discovered in LibRaw 0.18.9. There is a stack-based buffe ...)
 	- libraw 0.18.11-1 (low; bug #897185)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <no-dsa> (Minor issue)
 	NOTE: https://github.com/LibRaw/LibRaw/commit/895529fc2f2eb8bc633edd6b04b5b237eb4db564
 	NOTE: https://github.com/LibRaw/LibRaw/issues/144
-CVE-2018-10527
+CVE-2018-10527 (EasyCMS 1.3 is prone to Stored XSS when posting an article; four field ...)
 	NOT-FOR-US: EasyCMS
 CVE-2018-10526
 	RESERVED
@@ -27232,117 +27232,117 @@ CVE-2018-10525
 	RESERVED
 CVE-2018-10524
 	RESERVED
-CVE-2018-10523
+CVE-2018-10523 (CMS Made Simple (CMSMS) through 2.2.7 contains a physical path leakage ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10522
+CVE-2018-10522 (In CMS Made Simple (CMSMS) through 2.2.7, the "file view" operation in ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10521
+CVE-2018-10521 (In CMS Made Simple (CMSMS) through 2.2.7, the "file move" operation in ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10520
+CVE-2018-10520 (In CMS Made Simple (CMSMS) through 2.2.7, the "module remove" operatio ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10519
+CVE-2018-10519 (CMS Made Simple (CMSMS) 2.2.7 contains a privilege escalation vulnerab ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10518
+CVE-2018-10518 (In CMS Made Simple (CMSMS) through 2.2.7, the "file delete" operation  ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10517
+CVE-2018-10517 (In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operatio ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10516
+CVE-2018-10516 (In CMS Made Simple (CMSMS) through 2.2.7, the "file rename" operation  ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10515
+CVE-2018-10515 (In CMS Made Simple (CMSMS) through 2.2.7, the "file unpack" operation  ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10514
+CVE-2018-10514 (A Missing Impersonation Privilege Escalation vulnerability in Trend Mi ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10513
+CVE-2018-10513 (A Deserialization of Untrusted Data Privilege Escalation vulnerability ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10512
+CVE-2018-10512 (A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0)  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10511
+CVE-2018-10511 (A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0)  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10510
+CVE-2018-10510 (A Directory Traversal Remote Code Execution vulnerability in Trend Mic ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10509
+CVE-2018-10509 (A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10508
+CVE-2018-10508 (A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10507
+CVE-2018-10507 (A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10506
+CVE-2018-10506 (A out-of-bounds read information disclosure vulnerability in Trend Mic ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10505
+CVE-2018-10505 (A pool corruption privilege escalation vulnerability in Trend Micro Of ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10504
+CVE-2018-10504 (The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress a ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-10503
+CVE-2018-10503 (An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105.  ...)
 	NOT-FOR-US: baijiacms
-CVE-2018-10502
+CVE-2018-10502 (This vulnerability allows local attackers to escalate privileges on vu ...)
 	NOT-FOR-US: Samsung Galaxy Apps Fixed
-CVE-2018-10501
+CVE-2018-10501 (This vulnerability allows local attackers to escalate privileges on vu ...)
 	NOT-FOR-US: Samsung Notes Fixed
-CVE-2018-10500
+CVE-2018-10500 (This vulnerability allows local attackers to escalate privileges on vu ...)
 	NOT-FOR-US: Samsung Galaxy Apps
-CVE-2018-10499
+CVE-2018-10499 (This vulnerability allows local attackers to execute arbitrary code on ...)
 	NOT-FOR-US: Samsung Galaxy Apps
-CVE-2018-10498
+CVE-2018-10498 (This vulnerability allows local attackers to disclose sensitive inform ...)
 	NOT-FOR-US: Samsung Email Fixed
-CVE-2018-10497
+CVE-2018-10497 (This vulnerability allows local attackers to escalate privileges on vu ...)
 	NOT-FOR-US: Samsung Email Fixed
-CVE-2018-10496
+CVE-2018-10496 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Samsung Internet Browser Fixed
-CVE-2018-10495
+CVE-2018-10495 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10494
+CVE-2018-10494 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10493
+CVE-2018-10493 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10492
+CVE-2018-10492 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10491
+CVE-2018-10491 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10490
+CVE-2018-10490 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10489
+CVE-2018-10489 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10488
+CVE-2018-10488 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10487
+CVE-2018-10487 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10486
+CVE-2018-10486 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10485
+CVE-2018-10485 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10484
+CVE-2018-10484 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10483
+CVE-2018-10483 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10482
+CVE-2018-10482 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10481
+CVE-2018-10481 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10480
+CVE-2018-10480 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10479
+CVE-2018-10479 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10478
+CVE-2018-10478 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10477
+CVE-2018-10477 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10476
+CVE-2018-10476 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10475
+CVE-2018-10475 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10474
+CVE-2018-10474 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10473
+CVE-2018-10473 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10470
+CVE-2018-10470 (Little Snitch versions 4.0 to 4.0.6 use the SecStaticCodeCheckValidity ...)
 	NOT-FOR-US: Little Snitch
-CVE-2018-10469
+CVE-2018-10469 (b3log Symphony (aka Sym) 2.6.0 allows remote attackers to upload and e ...)
 	NOT-FOR-US: b3log Symphony (aka Sym)
-CVE-2018-10468
+CVE-2018-10468 (The transferFrom function of a smart contract implementation for Usele ...)
 	NOT-FOR-US: Ethereum
 CVE-2018-10467
 	RESERVED
-CVE-2018-10466
+CVE-2018-10466 (Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind SQ ...)
 	NOT-FOR-US: Zoho
 CVE-2018-10465
 	RESERVED
@@ -27410,37 +27410,37 @@ CVE-2018-10434
 	RESERVED
 CVE-2018-10433
 	RESERVED
-CVE-2018-10471
+CVE-2018-10471 (An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS ...)
 	{DSA-4201-1 DLA-1549-1}
 	- xen 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
 	[wheezy] - xen <not-affected> (Regression for XSA-254 which was not applied in wheezy)
 	NOTE: https://xenbits.xen.org/xsa/advisory-259.html
-CVE-2018-10472
+CVE-2018-10472 (An issue was discovered in Xen through 4.10.x allowing x86 HVM guest O ...)
 	{DSA-4201-1 DLA-1559-1}
 	- xen 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
 	[wheezy] - xen <not-affected> (No QMP support in wheezy)
 	NOTE: https://xenbits.xen.org/xsa/advisory-258.html
 CVE-2018-10432
 	RESERVED
-CVE-2018-10431
+CVE-2018-10431 (D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell me ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10430
+CVE-2018-10430 (An issue was discovered in DiliCMS (aka DiligentCMS) 2.4.0. There is a ...)
 	NOT-FOR-US: DiliCMS
-CVE-2018-10429
+CVE-2018-10429 (Cosmo 1.0.0Beta6 allows attackers to execute arbitrary PHP code via th ...)
 	NOT-FOR-US: Cosmo
-CVE-2018-10428
+CVE-2018-10428 (ILIAS before 5.1.26, 5.2.x before 5.2.15, and 5.3.x before 5.3.4, due  ...)
 	NOT-FOR-US: ILIAS
 CVE-2018-10427
 	RESERVED
 CVE-2018-10426
 	RESERVED
-CVE-2018-10425
+CVE-2018-10425 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPC ...)
 	NOT-FOR-US: Shanghai 2345 Security Guard
-CVE-2018-10424
+CVE-2018-10424 (mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via ...)
 	NOT-FOR-US: MiniCMS
-CVE-2018-10423
+CVE-2018-10423 (mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a  ...)
 	NOT-FOR-US: MiniCMS
-CVE-2018-10422
+CVE-2018-10422 (An issue was discovered in HongCMS 3.0.0. The post news feature has St ...)
 	NOT-FOR-US: HongCMS
 CVE-2018-10421
 	RESERVED
@@ -27468,17 +27468,17 @@ CVE-2018-10410
 	RESERVED
 CVE-2018-10409
 	RESERVED
-CVE-2018-10408
+CVE-2018-10408 (An issue was discovered in VirusTotal. A maliciously crafted Universal ...)
 	NOT-FOR-US: VirusTotal
-CVE-2018-10407
+CVE-2018-10407 (An issue was discovered in Carbon Black Cb Response. A maliciously cra ...)
 	NOT-FOR-US: Carbon Black Cb Response
-CVE-2018-10406
+CVE-2018-10406 (An issue was discovered in Yelp OSXCollector. A maliciously crafted Un ...)
 	NOT-FOR-US: Yelp OSXCollector
-CVE-2018-10405
+CVE-2018-10405 (An issue was discovered in Google Santa and molcodesignchecker. A mali ...)
 	NOT-FOR-US: Google Santa and molcodesignchecker
-CVE-2018-10404
+CVE-2018-10404 (An issue was discovered in Objective-See KnockKnock, LuLu, TaskExplore ...)
 	NOT-FOR-US: Objective-See KnockKnock, LuLu, TaskExplorer, WhatsYourSign, and procInfo
-CVE-2018-10403
+CVE-2018-10403 (An issue was discovered in F-Secure XFENCE and Little Flocker. A malic ...)
 	NOT-FOR-US: F-Secure XFENCE and Little Flocker
 CVE-2018-10402
 	RESERVED
@@ -27498,7 +27498,7 @@ CVE-2018-10395
 	RESERVED
 CVE-2018-10394
 	RESERVED
-CVE-2018-10393
+CVE-2018-10393 (bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-b ...)
 	- libvorbis 1.3.6-2 (bug #876780)
 	[stretch] - libvorbis <no-dsa> (Minor issue)
 	[jessie] - libvorbis <no-dsa> (Minor issue)
@@ -27506,7 +27506,7 @@ CVE-2018-10393
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2334
 	NOTE: Fixed by: https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25
 	NOTE: Same patch as for CVE-2017-14160
-CVE-2018-10392
+CVE-2018-10392 (mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not va ...)
 	- libvorbis 1.3.6-2 (bug #876780)
 	[stretch] - libvorbis <no-dsa> (Minor issue)
 	[jessie] - libvorbis <no-dsa> (Minor issue)
@@ -27514,7 +27514,7 @@ CVE-2018-10392
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2335
 	NOTE: Fixed by: https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25
 	NOTE: Same patch as for CVE-2017-14160
-CVE-2018-10391
+CVE-2018-10391 (An issue was discovered in WUZHI CMS 4.1.0. There is XSS via the email ...)
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-10390
 	RESERVED
@@ -27532,11 +27532,11 @@ CVE-2018-10384
 	RESERVED
 CVE-2018-10383
 	RESERVED
-CVE-2018-10382
+CVE-2018-10382 (MODX Revolution 2.6.3 has XSS. ...)
 	NOT-FOR-US: MODX Revolution
-CVE-2018-10381
+CVE-2018-10381 (TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalat ...)
 	NOT-FOR-US: TunnelBear for Windows
-CVE-2018-10380
+CVE-2018-10380 (kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain  ...)
 	{DSA-4200-1}
 	- kwallet-pam 5.12.1-2
 	NOTE: https://www.kde.org/info/security/advisory-20180503-1.txt
@@ -27544,43 +27544,43 @@ CVE-2018-10380
 	NOTE: https://commits.kde.org/kwallet-pam/01d4143fda5bddb6dca37b23304dc239a5fb38b5 (Plasma 5.12)
 	NOTE: https://commits.kde.org/kwallet-pam/99abc7fde21f40cc6da5feb6ee766cc46fcca1f8 (Plasma 5.8)
 	NOTE: https://commits.kde.org/kwallet-pam/802f305d81f8771c4f4a8bd7fd0e368ffc6f9b3b (Plasma 5.8)
-CVE-2018-10379
+CVE-2018-10379 (An issue was discovered in GitLab Community Edition (CE) and Enterpris ...)
 	- gitlab 10.6.5+dfsg-1
 	[stretch] - gitlab <not-affected> (Vulnerable code introduced in 9.5)
 	NOTE: https://about.gitlab.com/2018/04/30/security-release-gitlab-10-dot-7-dot-2-released/
 CVE-2018-10378
 	RESERVED
-CVE-2018-10377
+CVE-2018-10377 (PortSwigger Burp Suite before 1.7.34 has Improper Certificate Validati ...)
 	NOT-FOR-US: PortSwigger Burp Suite
-CVE-2018-10376
+CVE-2018-10376 (An integer overflow in the transferProxy function of a smart contract  ...)
 	NOT-FOR-US: SmartMesh token
-CVE-2018-10375
+CVE-2018-10375 (A file uploading vulnerability exists in /include/helpers/upload.helpe ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-10374
+CVE-2018-10374 (EasyCMS 1.3 has XSS via the s POST parameter (aka a search box value)  ...)
 	NOT-FOR-US: EasyCMS
-CVE-2018-10373
+CVE-2018-10373 (concat_filename in dwarf2.c in the Binary File Descriptor (BFD) librar ...)
 	- binutils 2.30.90.20180627-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23065
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6327533b1fd29fa86f6bf34e61c332c010e3c689
-CVE-2018-10372
+CVE-2018-10372 (process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote atta ...)
 	- binutils 2.30.90.20180627-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23064
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6aea08d9f3e3d6475a65454da488a0c51f5dc97d
-CVE-2018-10371
+CVE-2018-10371 (An issue was discovered in the wunderfarm WF Cookie Consent plugin 1.1 ...)
 	NOT-FOR-US: wunderfarm WF Cookie Consent plugin for WordPress
-CVE-2018-1000178
+CVE-2018-1000178 (A heap corruption of type CWE-120 exists in quassel version 0.12.4 in  ...)
 	{DSA-4189-1 DLA-1370-1}
 	- quassel 1:0.12.5-1 (bug #896914)
 	NOTE: https://github.com/quassel/quassel/commit/2b777e99fc9f74d4ed21491710260664a1721d1f (master)
 	NOTE: https://github.com/quassel/quassel/commit/18389a713a6810f57ab237b945e8ee03df857b8b (0.12)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/27/1
-CVE-2018-1000179
+CVE-2018-1000179 (A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 ...)
 	{DSA-4189-1}
 	- quassel 1:0.12.5-1 (bug #896915)
 	[wheezy] - quassel <no-dsa> (Minor issue)
@@ -27589,44 +27589,44 @@ CVE-2018-1000179
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/27/1
 CVE-2018-10370
 	RESERVED
-CVE-2018-10369
+CVE-2018-10369 (A Cross-site scripting (XSS) vulnerability was discovered on Intelbras ...)
 	NOT-FOR-US: Intelbras Win devices
-CVE-2018-10368
+CVE-2018-10368 (An issue was discovered in WUZHI CMS 4.1.0. The "Extension Module -&gt ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-10367
+CVE-2018-10367 (An issue was discovered in WUZHI CMS 4.1.0. The content-management fea ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-10366
+CVE-2018-10366 (An issue was discovered in the Users (aka Front-end user management) p ...)
 	NOT-FOR-US: Users (aka Front-end user management) plugin for October CMS
-CVE-2018-10365
+CVE-2018-10365 (An XSS issue was discovered in the Threads to Link plugin 1.3 for MyBB ...)
 	NOT-FOR-US: Threads to Link plugin for MyBB
-CVE-2018-10364
+CVE-2018-10364 (BigTree before 4.2.22 has XSS in the Users management page via the nam ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2018-10363
+CVE-2018-10363 (An issue was discovered in the WpDevArt "Booking calendar, Appointment ...)
 	NOT-FOR-US: WpDevArt "Booking calendar, Appointment Booking System" plugin for WordPress
-CVE-2018-10360
+CVE-2018-10360 (The do_core_note function in readelf.c in libmagic.a in file 5.33 allo ...)
 	- file 1:5.33-3 (bug #901351)
 	[stretch] - file 1:5.30-1+deb9u2
 	[jessie] - file 1:5.22+15-2+deb8u4
 	NOTE: https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22
-CVE-2018-10359
+CVE-2018-10359 (A pool corruption privilege escalation vulnerability in Trend Micro Of ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10358
+CVE-2018-10358 (A pool corruption privilege escalation vulnerability in Trend Micro Of ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10357
+CVE-2018-10357 (A directory traversal vulnerability in Trend Micro Endpoint Applicatio ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10356
+CVE-2018-10356 (A SQL injection remote code execution vulnerability in Trend Micro Ema ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10355
+CVE-2018-10355 (An authentication weakness vulnerability in Trend Micro Email Encrypti ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10354
+CVE-2018-10354 (A command injection remote command execution vulnerability in Trend Mi ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10353
+CVE-2018-10353 (A SQL injection information disclosure vulnerability in Trend Micro Em ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10352
+CVE-2018-10352 (A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allo ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10351
+CVE-2018-10351 (A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allo ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-10350
+CVE-2018-10350 (A SQL injection remote code execution vulnerability in Trend Micro Sma ...)
 	NOT-FOR-US: Trend Micro
 CVE-2018-10349
 	RESERVED
@@ -27668,97 +27668,97 @@ CVE-2018-10331
 	RESERVED
 CVE-2018-10330
 	RESERVED
-CVE-2018-10361
+CVE-2018-10361 (An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure ...)
 	- ktexteditor 5.47.0-1 (bug #896836)
 	[stretch] - ktexteditor <not-affected> (Introduced in 5.34.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/24/1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1033055
 	NOTE: https://phabricator.kde.org/R39:c81af5aa1d4f6e0f8c44b2e85ca007ba2a1e4590
-CVE-2018-10329
+CVE-2018-10329 (app/tools/mac-lookup/index.php in phpIPAM 1.3.1 has Reflected XSS on / ...)
 	- phpipam <itp> (bug #731713)
 	NOTE: https://github.com/phpipam/phpipam/issues/1903
-CVE-2018-10328
+CVE-2018-10328 (Momentum Axel 720P 5.1.8 devices have a hardcoded password of streamin ...)
 	NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
-CVE-2018-10327
+CVE-2018-10327 (PrinterOn Enterprise 4.1.3 stores the Active Directory bind credential ...)
 	NOT-FOR-US: PrinterOn Enterprise
-CVE-2018-10326
+CVE-2018-10326 (PrinterOn Enterprise 4.1.3 suffers from multiple authenticated stored  ...)
 	NOT-FOR-US: PrinterOn Enterprise
 CVE-2018-10325
 	RESERVED
 CVE-2018-10324
 	RESERVED
-CVE-2018-10323
+CVE-2018-10323 (The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in  ...)
 	{DSA-4188-1 DLA-1529-1}
 	- linux 4.16.5-1
 	[wheezy] - linux <ignored> (Too much work to backport)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199423
-CVE-2018-10322
+CVE-2018-10322 (The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the ...)
 	- linux 4.16.5-1
 	[wheezy] - linux <ignored> (dinode verifier not implemented)
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199377
-CVE-2018-10321
+CVE-2018-10321 (Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Ad ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-10320
+CVE-2018-10320 (Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parame ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-10319
+CVE-2018-10319 (Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] para ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-10318
+CVE-2018-10318 (Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] parame ...)
 	NOT-FOR-US: Frog CMS
 CVE-2018-10317
 	RESERVED
-CVE-2018-10316
+CVE-2018-10316 (Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the asse ...)
 	- nasm 2.14-1 (unimportant)
 	NOTE: No security impact
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392474
 	NOTE: https://github.com/netwide-assembler/nasm/commit/f0ceb1e122dc3523123dd8dfd6113f2e68451452
 CVE-2018-10315
 	RESERVED
-CVE-2018-10314
+CVE-2018-10314 (Cross-site scripting (XSS) vulnerability in Open-AudIT Community 2.2.0 ...)
 	NOT-FOR-US: Open-AudIT Community
-CVE-2018-10313
+CVE-2018-10313 (WUZHI CMS 4.1.0 allows persistent XSS via the form%5Bqq_10%5D paramete ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-10312
+CVE-2018-10312 (index.php?m=member&amp;v=pw_reset in WUZHI CMS 4.1.0 allows CSRF to ch ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-10311
+CVE-2018-10311 (A vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-10310
+CVE-2018-10310 (A persistent cross-site scripting vulnerability has been identified in ...)
 	NOT-FOR-US: web interface of the Catapult UK Cookie Consent plugin for WordPress
-CVE-2018-10309
+CVE-2018-10309 (The Responsive Cookie Consent plugin before 1.8 for WordPress mishandl ...)
 	NOT-FOR-US: Responsive Cookie Consent plugin for WordPress
 CVE-2018-10308
 	RESERVED
-CVE-2018-10307
+CVE-2018-10307 (error.php in ILIAS 5.2.x through 5.3.x before 5.3.4 allows XSS via the ...)
 	NOT-FOR-US: ILIAS
-CVE-2018-10306
+CVE-2018-10306 (Services/Form/classes/class.ilDateDurationInputGUI.php and Services/Fo ...)
 	NOT-FOR-US: ILIAS
-CVE-2018-10305
+CVE-2018-10305 (The MessageSearch2 function in PersonalMessage.php in Simple Machines  ...)
 	NOT-FOR-US: Simple Machines Forum
 CVE-2018-10304
 	RESERVED
-CVE-2018-10303
+CVE-2018-10303 (A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1  ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10302
+CVE-2018-10302 (A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1  ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-10362
+CVE-2018-10362 (An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to  ...)
 	- phpliteadmin 1.9.7.1-2 (bug #896682)
 	NOTE: https://github.com/phpLiteAdmin/pla/issues/11
 	NOTE: Fixed by: https://github.com/phpLiteAdmin/pla/commit/41545fe058e674a983f557bff13787df53167274
-CVE-2018-10301
+CVE-2018-10301 (Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram F ...)
 	NOT-FOR-US: Web-Dorado Instagram Feed WD plugin Premium for WordPress
-CVE-2018-10300
+CVE-2018-10300 (Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram F ...)
 	NOT-FOR-US: Web-Dorado Instagram Feed WD plugin for WordPress
-CVE-2018-10299
+CVE-2018-10299 (An integer overflow in the batchTransfer function of a smart contract  ...)
 	NOT-FOR-US: Beauty Chain
-CVE-2018-10298
+CVE-2018-10298 (Discuz! DiscuzX through X3.4 has reflected XSS via forum.php?mod=post& ...)
 	NOT-FOR-US: DiscuzX
-CVE-2018-10297
+CVE-2018-10297 (Discuz! DiscuzX through X3.4 has stored XSS via the portal.php?mod=por ...)
 	NOT-FOR-US: DiscuzX
-CVE-2018-10296
+CVE-2018-10296 (MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter. ...)
 	NOT-FOR-US: MiniCMS
-CVE-2018-10295
+CVE-2018-10295 (ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add ...)
 	NOT-FOR-US: ChemCMS
-CVE-2018-10294
+CVE-2018-10294 (Flexense DiskBoss Enterprise v7.4.28 to v9.1.16 has XSS. ...)
 	NOT-FOR-US: Flexense DiskBoss Enterprise
 CVE-2018-10293
 	RESERVED
@@ -27768,7 +27768,7 @@ CVE-2018-10291
 	RESERVED
 CVE-2018-10290
 	RESERVED
-CVE-2018-10289
+CVE-2018-10289 (In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space functi ...)
 	- mupdf 1.13.0+ds1-3 (unimportant; bug #896545)
 	[jessie] - mupdf <not-affected> (Vulnerable code introduced later)
 	[wheezy] - mupdf <not-affected> (Vulnerable code introduced later)
@@ -27778,13 +27778,13 @@ CVE-2018-10288
 	RESERVED
 CVE-2018-10287
 	RESERVED
-CVE-2018-10286
+CVE-2018-10286 (The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive in ...)
 	NOT-FOR-US: Ericsson-LG iPECS NMS A.1Ac web application
-CVE-2018-10285
+CVE-2018-10285 (The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access  ...)
 	NOT-FOR-US: Ericsson-LG iPECS NMS A.1Ac web application
-CVE-2018-10284
+CVE-2018-10284 (Adaltech G-Ticket v70 EME104 has SQL Injection via the mobile-loja/men ...)
 	NOT-FOR-US: Adaltech G-Ticket v70 EME104
-CVE-2018-10283
+CVE-2018-10283 (CliqueMania loja virtual 14 has SQL Injection via the patch/remote.php ...)
 	NOT-FOR-US: CliqueMania loja virtual
 CVE-2018-10282
 	RESERVED
@@ -27814,13 +27814,13 @@ CVE-2018-10270
 	RESERVED
 CVE-2018-10269
 	RESERVED
-CVE-2018-10268
+CVE-2018-10268 (An issue was discovered in FastAdmin V1.0.0.20180417_beta. There is XS ...)
 	NOT-FOR-US: FastAdmin
-CVE-2018-10267
+CVE-2018-10267 (WTCMS 1.0 has a CSRF vulnerability to add an administrator account via ...)
 	NOT-FOR-US: WTCMS
-CVE-2018-10266
+CVE-2018-10266 (BEESCMS 4.0 has a CSRF vulnerability to add an administrator account v ...)
 	NOT-FOR-US: BEESCMS
-CVE-2018-10265
+CVE-2018-10265 (An issue was discovered in HongCMS v3.0.0. There is a CSRF vulnerabili ...)
 	NOT-FOR-US: HongCMS
 CVE-2018-10264
 	RESERVED
@@ -27830,42 +27830,42 @@ CVE-2018-10262
 	RESERVED
 CVE-2018-10261
 	RESERVED
-CVE-2018-10260
+CVE-2018-10260 (A Local File Inclusion vulnerability was found in HRSALE The Ultimate  ...)
 	NOT-FOR-US: HRSALE
-CVE-2018-10259
+CVE-2018-10259 (An Authenticated Stored XSS vulnerability was found in HRSALE The Ulti ...)
 	NOT-FOR-US: HRSALE
-CVE-2018-10258
+CVE-2018-10258 (A CSV Injection vulnerability was discovered in Shopy Point of Sale v1 ...)
 	NOT-FOR-US: Shopy
-CVE-2018-10257
+CVE-2018-10257 (A CSV Injection vulnerability was discovered in HRSALE The Ultimate HR ...)
 	NOT-FOR-US: HRSALE
-CVE-2018-10256
+CVE-2018-10256 (A SQL Injection vulnerability was discovered in HRSALE The Ultimate HR ...)
 	NOT-FOR-US: HRSALE
-CVE-2018-10255
+CVE-2018-10255 (A CSV Injection vulnerability was discovered in clustercoding Blog Mas ...)
 	NOT-FOR-US: clustercoding
-CVE-2018-10254
+CVE-2018-10254 (Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in th ...)
 	- nasm 2.14-1 (bug #896523)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/nasm/bugs/561/
 	NOTE: https://github.com/netwide-assembler/nasm/commit/55d09bbf6f7087339277b1e3b17c134b2afb2510
-CVE-2018-10253
+CVE-2018-10253 (Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack mem ...)
 	NOT-FOR-US: Paessler PRTG Network Monitor
-CVE-2018-10252
+CVE-2018-10252 (An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a device ...)
 	NOT-FOR-US: Actiontec WCB6200Q
-CVE-2018-10251
+CVE-2018-10251 (A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS ...)
 	NOT-FOR-US: Sierra Wireless AirLink routers
-CVE-2018-10250
+CVE-2018-10250 (iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a weixin ...)
 	NOT-FOR-US: iCMS
-CVE-2018-10249
+CVE-2018-10249 (baijiacms V3 has CSRF via index.php?mod=site&amp;op=edituser&amp;name= ...)
 	NOT-FOR-US: baijiacms
-CVE-2018-10248
+CVE-2018-10248 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerabil ...)
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-10247
 	RESERVED
 CVE-2018-10246
 	RESERVED
-CVE-2018-10245
+CVE-2018-10245 (A Full Path Disclosure vulnerability in AWStats through 7.6 allows rem ...)
 	- awstats <unfixed> (unimportant)
 	NOTE: Path disclosure for awstats negligible within Debian
 CVE-2018-10244
@@ -27874,51 +27874,51 @@ CVE-2018-10243
 	RESERVED
 CVE-2018-10242
 	RESERVED
-CVE-2018-10241
+CVE-2018-10241 (A denial of service vulnerability in SolarWinds Serv-U before 15.1.6 H ...)
 	NOT-FOR-US: SolarWinds Serv-U
-CVE-2018-10240
+CVE-2018-10240 (SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a ...)
 	NOT-FOR-US: SolarWinds Serv-U
 CVE-2018-10239
 	RESERVED
-CVE-2018-10238
+CVE-2018-10238 (bvlc.c in skarg BACnet Protocol Stack 0.8.5 has a buffer overflow in B ...)
 	NOT-FOR-US: skarg BACnet Protocol Stack
-CVE-2018-10237
+CVE-2018-10237 (Unbounded memory allocation in Google Guava 11.0 through 24.x before 2 ...)
 	NOT-FOR-US: Google Guava
-CVE-2018-10236
+CVE-2018-10236 (POSCMS 3.2.18 allows remote attackers to execute arbitrary PHP code vi ...)
 	NOT-FOR-US: POSCMS
-CVE-2018-10235
+CVE-2018-10235 (POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP code vi ...)
 	NOT-FOR-US: POSCMS
-CVE-2018-10234
+CVE-2018-10234 (Authenticated Cross site Scripting exists in the User Profile &amp; Me ...)
 	NOT-FOR-US: User Profile & Membership plugin for WordPress
-CVE-2018-10233
+CVE-2018-10233 (The User Profile &amp; Membership plugin before 2.0.7 for WordPress ha ...)
 	NOT-FOR-US: User Profile & Membership plugin for WordPress
-CVE-2018-10232
+CVE-2018-10232 (Cross-site request forgery (CSRF) vulnerability in TOPdesk before 8.05 ...)
 	NOT-FOR-US: TOPdesk
-CVE-2018-10231
+CVE-2018-10231 (Cross-site scripting (XSS) vulnerability in TOPdesk before 8.05.017 (J ...)
 	NOT-FOR-US: TOPdesk
-CVE-2018-10230
+CVE-2018-10230 (Zend Debugger in Zend Server before 9.1.3 has XSS, aka ZSR-2455. ...)
 	NOT-FOR-US: Zend Server
-CVE-2018-10229
+CVE-2018-10229 (A hardware vulnerability in GPU memory modules allows attackers to acc ...)
 	NOT-FOR-US: GPU memory hardware issue
 CVE-2018-10228
 	RESERVED
-CVE-2018-10227
+CVE-2018-10227 (MiniCMS v1.10 has XSS via the mc-admin/conf.php site_link parameter. ...)
 	NOT-FOR-US: MiniCMS
 CVE-2018-10226
 	RESERVED
-CVE-2018-10225
+CVE-2018-10225 (thinkphp 3.1.3 has SQL Injection via the index.php s parameter. ...)
 	NOT-FOR-US: thinkphp
-CVE-2018-10224
+CVE-2018-10224 (An issue was discovered in YzmCMS 3.8. There is a CSRF vulnerability t ...)
 	NOT-FOR-US: YzmCMS
-CVE-2018-10223
+CVE-2018-10223 (An issue was discovered in YzmCMS 3.8. There is a CSRF vulnerability t ...)
 	NOT-FOR-US: YzmCMS
-CVE-2018-10222
+CVE-2018-10222 (An issue was discovered in idreamsoft iCMS V7.0. There is a CSRF vulne ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-10221
+CVE-2018-10221 (An issue was discovered in WUZHI CMS V4.1.0. There is a persistent XSS ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-10220
+CVE-2018-10220 (** DISPUTED ** Glastopf 3.1.3-dev has SSRF, as demonstrated by the abc ...)
 	NOT-FOR-US: Glastopf
-CVE-2018-10219
+CVE-2018-10219 (baijiacms V3 has physical path leakage via an index.php?mod=mobile&amp ...)
 	NOT-FOR-US: baijiacms
 CVE-2018-10218
 	RESERVED
@@ -27930,43 +27930,43 @@ CVE-2018-10215
 	RESERVED
 CVE-2018-10214
 	RESERVED
-CVE-2018-10213
+CVE-2018-10213 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.  ...)
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10212
+CVE-2018-10212 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.  ...)
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10211
+CVE-2018-10211 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.  ...)
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10210
+CVE-2018-10210 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.  ...)
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10209
+CVE-2018-10209 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.  ...)
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10208
+CVE-2018-10208 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.  ...)
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10207
+CVE-2018-10207 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.  ...)
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10206
+CVE-2018-10206 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.  ...)
 	NOT-FOR-US: Vaultize Enterprise File Sharing
-CVE-2018-10205
+CVE-2018-10205 (hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the container_se ...)
 	NOT-FOR-US: HyperHQ Hyper
-CVE-2018-10204
+CVE-2018-10204 (PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation v ...)
 	NOT-FOR-US: PureVPN
 CVE-2018-10203
 	RESERVED
 CVE-2018-10202
 	RESERVED
-CVE-2018-10201
+CVE-2018-10201 (An issue was discovered in NcMonitorServer.exe in NC Monitor Server in ...)
 	NOT-FOR-US: NC Monitor Server
 CVE-2018-10200
 	RESERVED
-CVE-2018-10198
+CVE-2018-10198 (An issue was discovered in OTRS 6.0.x before 6.0.7. An attacker who is ...)
 	- otrs2 6.0.7-1
 	[stretch] - otrs2 <not-affected> (Specific to OTRS 6)
 	[jessie] - otrs2 <not-affected> (Specific to OTRS 6)
 	NOTE: https://github.com/OTRS/otrs/commit/9f5f09e4eef283c2f38c003ba0685b77234750d1
 	NOTE: https://community.otrs.com/security-advisory-2018-01-security-update-for-otrs-framework
-CVE-2018-10197
+CVE-2018-10197 (There is a time-based blind SQL injection vulnerability in the Access  ...)
 	NOT-FOR-US: ELO
-CVE-2018-10196
+CVE-2018-10196 (NULL pointer dereference vulnerability in the rebuild_vlists function  ...)
 	- graphviz <unfixed> (low; bug #898841)
 	[buster] - graphviz <no-dsa> (Minor issue)
 	[stretch] - graphviz <no-dsa> (Minor issue)
@@ -27982,68 +27982,68 @@ CVE-2018-10195 [rzsz: sz can leak data to receiving side]
 	[wheezy] - lrzsz <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1090051
 	NOTE: Fedora patch: https://src.fedoraproject.org/cgit/rpms/lrzsz.git/tree/lrzsz-0.12.20.patch
-CVE-2018-10194
+CVE-2018-10194 (The set_text_distance function in devices/vector/gdevpdts.c in the pdf ...)
 	{DLA-1363-1}
 	- ghostscript 9.22~dfsg-2.1 (bug #896069)
 	[stretch] - ghostscript 9.20~dfsg-3.2+deb9u2
 	[jessie] - ghostscript 9.06~dfsg-2+deb8u7
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699255 (not yet public)
-CVE-2018-1000200
+CVE-2018-1000200 (The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dere ...)
 	- linux 4.16.12-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/27ae357fa82be5ab73b2ef8d39dcb8ca2563483a
-CVE-2018-1000167
+CVE-2018-1000167 (OISF suricata-update version 1.0.0a1 contains an Insecure Deserializat ...)
 	NOT-FOR-US: suricata-update (different from suricata)
 CVE-2018-1000166
 	REJECTED
-CVE-2018-1000165
+CVE-2018-1000165 (LightSAML version prior to 1.3.5 contains a Incorrect Access Control v ...)
 	NOT-FOR-US: LightSAML
-CVE-2018-1000163
+CVE-2018-1000163 (Floodlight version 1.2 and earlier contains a Cross Site Scripting (XS ...)
 	NOT-FOR-US: Floodlight
-CVE-2018-1000162
+CVE-2018-1000162 (Parsedown version prior to 1.7.0 contains a Cross Site Scripting (XSS) ...)
 	NOT-FOR-US: Parsedown
-CVE-2018-1000160
+CVE-2018-1000160 (RisingStack protect version 1.2.0 and earlier contains a Cross Site Sc ...)
 	NOT-FOR-US: RisingStack
-CVE-2018-1000158
+CVE-2018-1000158 (cmsmadesimple version 2.2.7 contains a Incorrect Access Control vulner ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10199
+CVE-2018-10199 (In versions of mruby up to and including 1.4.0, a use-after-free vulne ...)
 	- mruby 1.4.0+20180418+git54905e98-1 (bug #896021)
 	[stretch] - mruby <not-affected> (Vulnerable code introduced later)
 	[jessie] - mruby <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/mruby/mruby/issues/4001
 	NOTE: https://github.com/mruby/mruby/commit/b51b21fc63c9805862322551387d9036f2b63433
-CVE-2018-10193
+CVE-2018-10193 (LogMeIn LastPass through 4.15.0 allows remote attackers to cause a den ...)
 	NOT-FOR-US: LogMeIn LastPass
-CVE-2018-10192
+CVE-2018-10192 (IPVanish 3.0.11 for macOS suffers from a root privilege escalation vul ...)
 	NOT-FOR-US: IPVanish for macOS
-CVE-2018-10191
+CVE-2018-10191 (In versions of mruby up to and including 1.4.0, an integer overflow ex ...)
 	- mruby 1.4.0+20180418+git54905e98-1 (bug #896020)
 	[stretch] - mruby <no-dsa> (Minor issue)
 	[jessie] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/issues/3995
 	NOTE: https://github.com/mruby/mruby/commit/1905091634a6a2925c911484434448e568330626
-CVE-2018-10190
+CVE-2018-10190 (A vulnerability in London Trust Media Private Internet Access (PIA) VP ...)
 	NOT-FOR-US: London Trust Media Private Internet Access (PIA) VPN Client for Windows
-CVE-2018-10189
+CVE-2018-10189 (An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It is pos ...)
 	NOT-FOR-US: Mautic
-CVE-2018-10188
+CVE-2018-10188 (phpMyAdmin 4.8.0 before 4.8.0-1 has CSRF, allowing an attacker to exec ...)
 	- phpmyadmin <unfixed> (bug #896490)
 	[stretch] - phpmyadmin <not-affected> (Only affects 4.8.x)
 	[jessie] - phpmyadmin <not-affected> (vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-2/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641
-CVE-2018-10187
+CVE-2018-10187 (In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik ...)
 	- radare2 2.6.0+dfsg-1 (low; bug #897305)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/issues/9913
 	NOTE: https://github.com/radare/radare2/commit/cdb278059b7b0aaaaa2315b82d0fa6ad50433db0
-CVE-2018-10186
+CVE-2018-10186 (In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_ ...)
 	- radare2 2.6.0+dfsg-1 (low; bug #897305)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
@@ -28051,20 +28051,20 @@ CVE-2018-10186
 	NOTE: https://github.com/radare/radare2/issues/9915
 	NOTE: https://github.com/radare/radare2/commit/a0348bb1b512ef27301dd7cdfb327ef5e14813fc
 	NOTE: Before applying the fix for CVE-2018-8808 the issue is covered/differently visible
-CVE-2018-10185
+CVE-2018-10185 (An issue was discovered in TuziCMS v2.0.6. There is a CSRF vulnerabili ...)
 	NOT-FOR-US: TuziCMS
-CVE-2018-10184
+CVE-2018-10184 (An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame ...)
 	- haproxy 1.8.8-1
 	[stretch] - haproxy <not-affected> (Vulnerable code introduced later with HTTP/2 support)
 	[jessie] - haproxy <not-affected> (Vulnerable code introduced later with HTTP/2 support)
 	[wheezy] - haproxy <not-affected> (Vulnerable code introduced later with HTTP/2 support)
 	NOTE: http://git.haproxy.org/?p=haproxy.git;a=commit;h=3f0e1ec70173593f4c2b3681b26c04a4ed5fc588
 	NOTE: http://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=cd117685f0cff4f2f5577ef6a21eaae96ebd9f28
-CVE-2018-10183
+CVE-2018-10183 (An issue was discovered in BigTree 4.2.22. There is cross-site scripti ...)
 	NOT-FOR-US: BigTree CMS
 CVE-2018-10182
 	RESERVED
-CVE-2018-1000199
+CVE-2018-1000199 (The Linux Kernel version 3.18 contains a dangerous feature vulnerabili ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.17-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f67b15037a7a50c57f72e69a6d59941ad90a0f0f
@@ -28074,9 +28074,9 @@ CVE-2018-10180
 	RESERVED
 CVE-2018-10179
 	RESERVED
-CVE-2018-10178
+CVE-2018-10178 (The FromDocToPDF extension before 13.611.13.2303 for Chrome allows rem ...)
 	NOT-FOR-US: FromDocToPDF extension for Ghrome
-CVE-2018-10177
+CVE-2018-10177 (In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGIm ...)
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (bug #896018)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -28084,31 +28084,31 @@ CVE-2018-10177
 	[wheezy] - imagemagick <ignored> (Minor issue)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1095
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9fdda6391e38aaad3bfd6a30bd6a72bd31aeee02
-CVE-2018-10176
+CVE-2018-10176 (Digital Guardian Management Console 7.1.2.0015 has a Directory Travers ...)
 	NOT-FOR-US: Digital Guardian Management Console
-CVE-2018-10175
+CVE-2018-10175 (Digital Guardian Management Console 7.1.2.0015 has an XXE issue. ...)
 	NOT-FOR-US: Digital Guardian Management Console
-CVE-2018-10174
+CVE-2018-10174 (Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that  ...)
 	NOT-FOR-US: Digital Guardian Management Console
-CVE-2018-10173
+CVE-2018-10173 (Digital Guardian Management Console 7.1.2.0015 allows authenticated re ...)
 	NOT-FOR-US: Digital Guardian Management Console
-CVE-2018-10172
+CVE-2018-10172 (7-Zip through 18.01 on Windows implements the "Large memory pages" opt ...)
 	NOT-FOR-US: 7-Zip
 CVE-2018-10171
 	RESERVED
-CVE-2018-10170
+CVE-2018-10170 (NordVPN 6.12.7.0 for Windows suffers from a SYSTEM privilege escalatio ...)
 	NOT-FOR-US: NordVPN for Windows
-CVE-2018-10169
+CVE-2018-10169 (ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation ...)
 	NOT-FOR-US: ProtonVPN for Windows
-CVE-2018-10168
+CVE-2018-10168 (TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6 ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-10167
+CVE-2018-10167 (The web application backup file in the TP-Link EAP Controller and Omad ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-10166
+CVE-2018-10166 (The web management interface in the TP-Link EAP Controller and Omada C ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-10165
+CVE-2018-10165 (Stored Cross-site scripting (XSS) vulnerability in the TP-Link EAP Con ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-10164
+CVE-2018-10164 (Stored Cross-site scripting (XSS) vulnerability in the TP-Link EAP Con ...)
 	NOT-FOR-US: TP-Link
 CVE-2018-10163
 	REJECTED
@@ -28150,29 +28150,29 @@ CVE-2018-10145
 	REJECTED
 CVE-2018-10144
 	REJECTED
-CVE-2018-10143
+CVE-2018-10143 (The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier m ...)
 	NOT-FOR-US: Palo Alto Networks Expedition Migration tool
-CVE-2018-10142
+CVE-2018-10142 (The Expedition Migration tool 1.0.106 and earlier may allow an unauthe ...)
 	NOT-FOR-US: Expedition Migration
-CVE-2018-10141
+CVE-2018-10141 (GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8. ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2018-10140
+CVE-2018-10140 (The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2018-10139
+CVE-2018-10139 (The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PA ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
-CVE-2018-10138
+CVE-2018-10138 (The CATALooK.netStore module through 7.2.8 for DNN (formerly DotNetNuk ...)
 	NOT-FOR-US: DNN
-CVE-2018-10137
+CVE-2018-10137 (iScripts UberforX 2.2 has CSRF in the "manage_settings" section of the ...)
 	NOT-FOR-US: iScripts UberforX
-CVE-2018-10136
+CVE-2018-10136 (iScripts UberforX 2.2 has Stored XSS in the "manage_settings" section  ...)
 	NOT-FOR-US: iScripts UberforX
-CVE-2018-10135
+CVE-2018-10135 (iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" ca ...)
 	NOT-FOR-US: iScripts eSwap
 CVE-2018-10134
 	RESERVED
-CVE-2018-10133
+CVE-2018-10133 (PbootCMS v0.9.8 allows PHP code injection via an IF label in index.php ...)
 	NOT-FOR-US: PbootCMS
-CVE-2018-10132
+CVE-2018-10132 (PbootCMS v0.9.8 has CSRF via an admin.php/Message/mod/id/19.html?backu ...)
 	NOT-FOR-US: PbootCMS
 CVE-2018-10131
 	RESERVED
@@ -28180,23 +28180,23 @@ CVE-2018-10130
 	RESERVED
 CVE-2018-10129
 	RESERVED
-CVE-2018-10128
+CVE-2018-10128 (An issue was discovered in XYHCMS 3.5. It has XSS via the test paramet ...)
 	NOT-FOR-US: XYHCMS
-CVE-2018-10127
+CVE-2018-10127 (An issue was discovered in XYHCMS 3.5. It has CSRF via an index.php?g= ...)
 	NOT-FOR-US: XYHCMS
-CVE-2018-10126
+CVE-2018-10126 (LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 fu ...)
 	- tiff <unfixed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2786
 	NOTE: Crash in CLI tool, no security impact
 CVE-2018-10125
 	RESERVED
-CVE-2018-10123
+CVE-2018-10123 (p910nd on Inteno IOPSYS 2.0 through 4.2.0 allows remote attackers to r ...)
 	NOT-FOR-US: p910nd on Inteno IOPSYS
-CVE-2018-10122
+CVE-2018-10122 (QingDao Nature Easy Soft Chanzhi Enterprise Portal System (aka chanzhi ...)
 	NOT-FOR-US: QingDao Nature Easy Soft Chanzhi Enterprise Portal System
-CVE-2018-10121
+CVE-2018-10121 (plugins/box/pages/pages.admin.php in Monstra CMS 3.0.4 has a stored XS ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-10120
+CVE-2018-10120 (The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx ...)
 	{DSA-4178-1 DLA-1356-1}
 	- libreoffice 1:6.0.2-1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6173
@@ -28205,7 +28205,7 @@ CVE-2018-10120
 	NOTE: https://gerrit.libreoffice.org/#/c/49500/
 	NOTE: https://gerrit.libreoffice.org/gitweb?p=core.git;a=commit;h=017fcc2fcd00af17a97bd5463d89662404f57667
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/
-CVE-2018-10119
+CVE-2018-10119 (sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x b ...)
 	{DSA-4178-1 DLA-1356-1}
 	- libreoffice 1:6.0.1-1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5747
@@ -28215,20 +28215,20 @@ CVE-2018-10119
 	NOTE: https://gerrit.libreoffice.org/#/c/48758/
 	NOTE: https://gerrit.libreoffice.org/gitweb?p=core.git;a=commit;h=fdd41c995d1f719e92c6f083e780226114762f05
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/
-CVE-2018-10118
+CVE-2018-10118 (Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New  ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-10117
+CVE-2018-10117 (An issue was discovered in idreamsoft iCMS V7.0.7. There is a CSRF vul ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-10116
 	RESERVED
-CVE-2018-10115
+CVE-2018-10115 (Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 a ...)
 	- p7zip-rar 16.02-3 (bug #897674)
 	[stretch] - p7zip-rar <no-dsa> (Non-free not supported)
 	[jessie] - p7zip-rar <no-dsa> (Non-free not supported)
 	[wheezy] - p7zip-rar <no-dsa> (Non-free not supported)
 	NOTE: https://landave.io/2018/05/7-zip-from-uninitialized-memory-to-remote-code-execution/
 	NOTE: https://sourceforge.net/p/sevenzip/discussion/45797/thread/adc65bfa/
-CVE-2018-10114
+CVE-2018-10114 (An issue was discovered in GEGL through 0.3.32. The gegl_buffer_iterat ...)
 	- gegl 0.3.34-1 (low)
 	[stretch] - gegl <no-dsa> (Minor issue)
 	[jessie] - gegl <no-dsa> (Minor issue)
@@ -28236,14 +28236,14 @@ CVE-2018-10114
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795248
 	NOTE: https://git.gnome.org/browse/gegl/commit/?id=c83b05d565a1e3392c9606a4ecaa560eb9a4ee29
 	NOTE: POC https://github.com/xiaoqx/pocs/tree/master/gegl#1-gegl-outbound-write-1
-CVE-2018-10113
+CVE-2018-10113 (An issue was discovered in GEGL through 0.3.32. The process function i ...)
 	- gegl 0.3.34-1 (low)
 	[stretch] - gegl <no-dsa> (Minor issue)
 	[jessie] - gegl <no-dsa> (Minor issue)
 	[wheezy] - gegl <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795248
 	NOTE: https://gitlab.gnome.org/GNOME/gegl/commit/c83b05d565a1e3392c9606a4ecaa560eb9a4ee29
-CVE-2018-10112
+CVE-2018-10112 (An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_ ...)
 	- gegl <unfixed> (low)
 	[buster] - gegl <ignored> (Minor issue, architectual limitation)
 	[stretch] - gegl <ignored> (Minor issue, architectual limitation)
@@ -28252,7 +28252,7 @@ CVE-2018-10112
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795249
 	NOTE: https://gitlab.gnome.org/GNOME/gegl/issues/65
 	NOTE: https://github.com/xiaoqx/pocs/tree/master/gegl#4-gegl-outbound-write-2
-CVE-2018-10111
+CVE-2018-10111 (An issue was discovered in GEGL through 0.3.32. The render_rectangle f ...)
 	- gegl <unfixed> (low)
 	[buster] - gegl <ignored> (Minor issue, architectual limitation)
 	[stretch] - gegl <ignored> (Minor issue, architectual limitation)
@@ -28261,15 +28261,15 @@ CVE-2018-10111
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795249
 	NOTE: https://gitlab.gnome.org/GNOME/gegl/issues/65
 	NOTE: POC https://github.com/xiaoqx/pocs/tree/master/gegl#2-gegl-dos-1
-CVE-2018-10110
+CVE-2018-10110 (D-Link DIR-615 T1 devices allow XSS via the Add User feature. ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10109
+CVE-2018-10109 (Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has  ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-10108
+CVE-2018-10108 (D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PAT ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10107
+CVE-2018-10107 (D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PAT ...)
 	NOT-FOR-US: D-Link
-CVE-2018-10106
+CVE-2018-10106 (D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PAT ...)
 	NOT-FOR-US: D-Link
 CVE-2018-10105
 	RESERVED
@@ -28277,124 +28277,124 @@ CVE-2018-10104
 	RESERVED
 CVE-2018-10103
 	RESERVED
-CVE-2018-10099
+CVE-2018-10099 (Google Monorail before 2018-04-04 has a Cross-Site Search (XS-Search)  ...)
 	NOT-FOR-US: Google Monorail
-CVE-2018-10098
+CVE-2018-10098 (In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.14 ...)
 	NOT-FOR-US: MicroWorld eScan
-CVE-2018-10097
+CVE-2018-10097 (XSS exists in Domain Trader 2.5.3 via the recoverlogin.php email_addre ...)
 	NOT-FOR-US: Domain Trader
 CVE-2018-1000171
 	REJECTED
-CVE-2018-1002100
+CVE-2018-1002100 (In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to versio ...)
 	- kubernetes <unfixed>
 	NOTE: https://github.com/kubernetes/kubernetes/issues/61297
-CVE-2018-1000170
+CVE-2018-1000170 (A cross-site scripting vulnerability exists in Jenkins 2.115 and older ...)
 	- jenkins <removed>
-CVE-2018-1000169
+CVE-2018-1000169 (An exposure of sensitive information vulnerability exists in Jenkins 2 ...)
 	- jenkins <removed>
-CVE-2018-10096
+CVE-2018-10096 (joyplus-cms 1.6.0 has XSS via the device_name parameter in a manager/a ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-10095
+CVE-2018-10095 (Cross-site scripting (XSS) vulnerability in Dolibarr before 7.0.2 allo ...)
 	- dolibarr <removed>
-CVE-2018-10094
+CVE-2018-10094 (SQL injection vulnerability in Dolibarr before 7.0.2 allows remote att ...)
 	- dolibarr <removed>
-CVE-2018-10093
+CVE-2018-10093 (AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 al ...)
 	TODO: check
-CVE-2018-10092
+CVE-2018-10092 (The admin panel in Dolibarr before 7.0.2 might allow remote attackers  ...)
 	- dolibarr <removed>
-CVE-2018-10091
+CVE-2018-10091 (AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 al ...)
 	TODO: check
 CVE-2018-10090
 	RESERVED
 CVE-2018-10089
 	RESERVED
-CVE-2018-10088
+CVE-2018-10088 (Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and  ...)
 	NOT-FOR-US: XiongMai uc-httpd
-CVE-2018-10124
+CVE-2018-10124 (The kill_something_info function in kernel/signal.c in the Linux kerne ...)
 	{DLA-1423-1}
 	- linux 4.13.4-1
 	[stretch] - linux 4.9.107-1
 	[jessie] - linux <ignored> (Minor issue)
 	[wheezy] - linux <ignored> (Minor issue)
 	NOTE: Fixed by: https://git.kernel.org/linus/4ea77014af0d6205b05503d1c7aac6eace11d473 (4.13-rc1)
-CVE-2018-10087
+CVE-2018-10087 (The kernel_wait4 function in kernel/exit.c in the Linux kernel before  ...)
 	{DLA-1423-1}
 	- linux 4.13.4-1
 	[stretch] - linux 4.9.107-1
 	[jessie] - linux <ignored> (Minor issue)
 	[wheezy] - linux <ignored> (Minor issue)
 	NOTE: Fixed by: https://git.kernel.org/linus/dd83c161fbcc5d8be637ab159c0de015cbff5ba4 (4.13-rc1)
-CVE-2018-10086
+CVE-2018-10086 (CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary code execu ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10085
+CVE-2018-10085 (CMS Made Simple (CMSMS) through 2.2.6 allows PHP object injection beca ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10084
+CVE-2018-10084 (CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation  ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10083
+CVE-2018-10083 (CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary file delet ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10082
+CVE-2018-10082 (CMS Made Simple (CMSMS) through 2.2.7 allows physical path leakage via ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10081
+CVE-2018-10081 (CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10080
+CVE-2018-10080 (Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_ ...)
 	NOT-FOR-US: Secutech RiS-11, RiS-22, and RiS-33 devices
-CVE-2018-10079
+CVE-2018-10079 (Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\Wa ...)
 	NOT-FOR-US: Geist WatchDog Console
-CVE-2018-10078
+CVE-2018-10078 (Cross-site scripting (XSS) vulnerability in Geist WatchDog Console 3.2 ...)
 	NOT-FOR-US: Geist WatchDog Console
-CVE-2018-10077
+CVE-2018-10077 (XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2. ...)
 	NOT-FOR-US: Geist WatchDog Console
-CVE-2018-10076
+CVE-2018-10076 (An issue was discovered in Zoho ManageEngine EventLog Analyzer 11.12.  ...)
 	NOT-FOR-US: Zoho
-CVE-2018-10075
+CVE-2018-10075 (Cross-site scripting (XSS) vulnerability in Zoho ManageEngine EventLog ...)
 	NOT-FOR-US: Zoho
-CVE-2018-10073
+CVE-2018-10073 (joyplus-cms 1.6.0 has XSS in manager/admin_vod.php via the keyword par ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-10072
+CVE-2018-10072 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attacker ...)
 	NOT-FOR-US: WinDriver
-CVE-2018-10071
+CVE-2018-10071 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attacker ...)
 	NOT-FOR-US: WinDriver
-CVE-2018-10070
+CVE-2018-10070 (A vulnerability in MikroTik Version 6.41.4 could allow an unauthentica ...)
 	NOT-FOR-US: MikroTik
 CVE-2018-10069
 	RESERVED
-CVE-2018-10068
+CVE-2018-10068 (The jDownloads extension before 3.2.59 for Joomla! has XSS. ...)
 	NOT-FOR-US: jDownloads extension for Joomla!
 CVE-2018-10067
 	RESERVED
-CVE-2018-10066
+CVE-2018-10066 (An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN s ...)
 	NOT-FOR-US: MikroTik RouterOS
 CVE-2018-10065
 	RESERVED
 CVE-2018-10064
 	RESERVED
-CVE-2018-10063
+CVE-2018-10063 (The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to  ...)
 	NOT-FOR-US: Convert Forms extension for Joomla!
 CVE-2018-10062
 	RESERVED
-CVE-2018-10074
+CVE-2018-10074 (The hi3660_stub_clk_probe function in drivers/clk/hisilicon/clk-hi3660 ...)
 	- linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/9903e41ae1f5d50c93f268ca3304d4d7c64b9311 (4.16-rc7)
-CVE-2018-10061
+CVE-2018-10061 (Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars  ...)
 	- cacti 1.1.37+ds1-1 (low)
 	[stretch] - cacti <no-dsa> (Minor issue)
 	[jessie] - cacti <no-dsa> (Minor issue)
 	[wheezy] - cacti <no-dsa> (Minor issue)
 	NOTE: https://github.com/Cacti/cacti/issues/1457
-CVE-2018-10060
+CVE-2018-10060 (Cacti before 1.1.37 has XSS because it does not properly reject uninte ...)
 	- cacti 1.1.37+ds1-1 (low)
 	[stretch] - cacti <no-dsa> (Minor issue)
 	[jessie] - cacti <no-dsa> (Minor issue)
 	[wheezy] - cacti <no-dsa> (Minor issue)
 	NOTE: https://github.com/Cacti/cacti/issues/1457
-CVE-2018-10059
+CVE-2018-10059 (Cacti before 1.1.37 has XSS because the get_current_page function in l ...)
 	- cacti 1.1.37+ds1-1
 	[stretch] - cacti <not-affected> (Issue introduced later)
 	[jessie] - cacti <not-affected> (Issue introduced later)
 	[wheezy] - cacti <not-affected> (Issue introduced later)
 	NOTE: https://github.com/Cacti/cacti/issues/1457
 	NOTE: get_current_page was added in the 1.x series
-CVE-2018-10058
+CVE-2018-10058 (The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 a ...)
 	- cgminer <unfixed> (bug #900929)
 	[stretch] - cgminer <no-dsa> (Minor issue)
 	[jessie] - cgminer <no-dsa> (Minor issue)
@@ -28402,7 +28402,7 @@ CVE-2018-10058
 	[jessie] - bfgminer <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/03/1
 	NOTE: Mitigated by toolchain hardening to plain crash
-CVE-2018-10057
+CVE-2018-10057 (The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 a ...)
 	- cgminer <unfixed> (bug #900929)
 	[stretch] - cgminer <no-dsa> (Minor issue)
 	[jessie] - cgminer <no-dsa> (Minor issue)
@@ -28413,19 +28413,19 @@ CVE-2018-10056
 	RESERVED
 CVE-2018-10055
 	RESERVED
-CVE-2018-10054
+CVE-2018-10054 (H2 1.4.197, as used in Datomic before 0.9.5697 and other products, all ...)
 	NOT-FOR-US: H2 (different from src:python-h2)
 CVE-2018-10053
 	RESERVED
-CVE-2018-10052
+CVE-2018-10052 (iScripts SupportDesk v4.3 has XSS via the admin/inteligentsearchresult ...)
 	NOT-FOR-US: iScripts SupportDesk
-CVE-2018-10051
+CVE-2018-10051 (iScripts SupportDesk v4.3 has XSS via the staff/inteligentsearchresult ...)
 	NOT-FOR-US: iScripts SupportDesk
-CVE-2018-10050
+CVE-2018-10050 (iScripts eSwap v2.4 has SQL injection via the "registration_settings.p ...)
 	NOT-FOR-US: iScripts eSwap
-CVE-2018-10049
+CVE-2018-10049 (iScripts eSwap v2.4 has XSS via the "registration_settings.php" txtDat ...)
 	NOT-FOR-US: iScripts eSwap
-CVE-2018-10048
+CVE-2018-10048 (iScripts eSwap v2.4 has CSRF via "registration_settings.php" in the Ad ...)
 	NOT-FOR-US: iScripts eSwap
 CVE-2018-10047
 	RESERVED
@@ -28455,31 +28455,31 @@ CVE-2018-10035
 	RESERVED
 CVE-2018-10034
 	RESERVED
-CVE-2018-10033
+CVE-2018-10033 (CMS Made Simple (aka CMSMS) 2.2.7 has Stored XSS in admin/siteprefs.ph ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10032
+CVE-2018-10032 (CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleint ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10031
+CVE-2018-10031 (CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/moduleinterface.ph ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10030
+CVE-2018-10030 (CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/siteprefs.php. ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10029
+CVE-2018-10029 (CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleint ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-10028
+CVE-2018-10028 (joyplus-cms 1.6.0 allows remote attackers to obtain sensitive informat ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-10027
+CVE-2018-10027 (ESTsoft ALZip before 10.76 allows local users to execute arbitrary cod ...)
 	NOT-FOR-US: ESTsoft ALZip
-CVE-2018-10026
+CVE-2018-10026 (The WeChat module in YzmCMS 3.7.1 has reflected XSS via the admin/modu ...)
 	NOT-FOR-US: WeChat module in YzmCMS
 CVE-2018-10025
 	RESERVED
-CVE-2018-10024
+CVE-2018-10024 (ubiQuoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with  ...)
 	NOT-FOR-US: ubiQuoss Switch VP5208A
-CVE-2018-10023
+CVE-2018-10023 (Catfish CMS V4.7.21 allows XSS via the pinglun parameter to cat/index/ ...)
 	NOT-FOR-US: Catfish CMS
 CVE-2018-10022
 	RESERVED
-CVE-2018-10021
+CVE-2018-10021 (** DISPUTED ** drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel ...)
 	{DLA-1529-1 DLA-1423-1}
 	- linux 4.15.17-1
 	[stretch] - linux 4.9.107-1
@@ -28491,37 +28491,37 @@ CVE-2018-10020
 	RESERVED
 CVE-2018-10019
 	RESERVED
-CVE-2018-9999
+CVE-2018-9999 (In Zulip Server versions before 1.7.2, there was an XSS issue with use ...)
 	- zulip-server <itp> (bug #800052)
-CVE-2018-9998
+CVE-2018-9998 (Open-Xchange OX App Suite before 7.6.3-rev37, 7.8.x before 7.8.2-rev40 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2018-9997
+CVE-2018-9997 (Cross-site scripting (XSS) vulnerability in mail compose in Open-Xchan ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2018-9996
+CVE-2018-9996 (An issue was discovered in cplus-dem.c in GNU libiberty, as distribute ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304
-CVE-2018-9995
+CVE-2018-9995 (TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix ...)
 	NOT-FOR-US: TBK DVR4104 and DVR4216 devices
 CVE-2018-9994
 	REJECTED
-CVE-2018-9993
+CVE-2018-9993 (YUNUCMS 1.0.7 has XSS via the content title on an admin/content/addcon ...)
 	NOT-FOR-US: YUNUCMS
-CVE-2018-9992
+CVE-2018-9992 (Frog CMS 0.9.5 has XSS via the name field of a new "File" or "Director ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-9991
+CVE-2018-9991 (Frog CMS 0.9.5 has XSS via the /admin/?/user/add Name or Username para ...)
 	NOT-FOR-US: Frog CMS
-CVE-2018-9990
+CVE-2018-9990 (In Zulip Server versions before 1.7.2, there was an XSS issue with str ...)
 	- zulip-server <itp> (bug #800052)
-CVE-2018-10018
+CVE-2018-10018 (The GDASPAMLib.AntiSpam ActiveX control ASK\GDASpam.dll in G DATA Tota ...)
 	NOT-FOR-US: GDASPAMLib.AntiSpam ActiveX control
-CVE-2018-10017
+CVE-2018-10017 (soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before ...)
 	- libopenmpt 0.3.8-1 (bug #895406)
 	[stretch] - libopenmpt 0.2.7386~beta20.3-3+deb9u3
 	NOTE: https://github.com/OpenMPT/openmpt/commit/492022c7297ede682161d9c0ec2de15526424e76
-CVE-2018-10016
+CVE-2018-10016 (Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability  ...)
 	- nasm 2.14-1 (bug #895408)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
@@ -28556,16 +28556,16 @@ CVE-2018-10003
 	RESERVED
 CVE-2018-10002
 	RESERVED
-CVE-2018-10001
+CVE-2018-10001 (The decode_init function in libavcodec/utvideodec.c in FFmpeg through  ...)
 	{DSA-4249-1}
 	- ffmpeg 7:3.4.3-1 (low)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=47b7c68ae54560e2308bdb6be4fb076c73b93081
 	- libav <removed>
 	[jessie] - libav <not-affected> (Vulnerable code not present)
 	NOTE: Fixed in 3.2.11
-CVE-2018-10000
+CVE-2018-10000 (The Video Downloader professional extension before 2018-04-05 for Chro ...)
 	NOT-FOR-US: The Video Downloader professional extension for Chrome
-CVE-2018-9989
+CVE-2018-9989 (ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffe ...)
 	{DLA-1518-1}
 	- mbedtls 2.8.0-1
 	[stretch] - mbedtls <no-dsa> (Minor issue)
@@ -28574,7 +28574,7 @@ CVE-2018-9989
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/5224a7544c95552553e2e6be0b4a789956a6464e
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/740b218386083dc708ce98ccc94a63a95cd5629e
 	NOTE: https://tls.mbed.org/tech-updates/releases/mbedtls-2.8.0-2.7.2-and-2.1.11-released
-CVE-2018-9988
+CVE-2018-9988 (ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffe ...)
 	{DLA-1518-1}
 	- mbedtls 2.8.0-1
 	[stretch] - mbedtls <no-dsa> (Minor issue)
@@ -28583,113 +28583,113 @@ CVE-2018-9988
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/027f84c69f4ef30c0693832a6c396ef19e563ca1
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/a1098f81c252b317ad34ea978aea2bc47760b215
 	NOTE: https://tls.mbed.org/tech-updates/releases/mbedtls-2.8.0-2.7.2-and-2.1.11-released
-CVE-2018-9987
+CVE-2018-9987 (In Zulip Server versions 1.5.x, 1.6.x, and 1.7.x before 1.7.2, there w ...)
 	- zulip-server <itp> (bug #800052)
-CVE-2018-9986
+CVE-2018-9986 (In Zulip Server versions before 1.7.2, there were XSS issues with the  ...)
 	- zulip-server <itp> (bug #800052)
-CVE-2018-9985
+CVE-2018-9985 (The front page of MetInfo 6.0 allows XSS by sending a feedback message ...)
 	NOT-FOR-US: MetInfo
-CVE-2018-9984
+CVE-2018-9984 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9983
+CVE-2018-9983 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9982
+CVE-2018-9982 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9981
+CVE-2018-9981 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9980
+CVE-2018-9980 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9979
+CVE-2018-9979 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9978
+CVE-2018-9978 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9977
+CVE-2018-9977 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9976
+CVE-2018-9976 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9975
+CVE-2018-9975 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9974
+CVE-2018-9974 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9973
+CVE-2018-9973 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9972
+CVE-2018-9972 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9971
+CVE-2018-9971 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9970
+CVE-2018-9970 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9969
+CVE-2018-9969 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9968
+CVE-2018-9968 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9967
+CVE-2018-9967 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9966
+CVE-2018-9966 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9965
+CVE-2018-9965 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9964
+CVE-2018-9964 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9963
+CVE-2018-9963 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9962
+CVE-2018-9962 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9961
+CVE-2018-9961 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9960
+CVE-2018-9960 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9959
+CVE-2018-9959 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9958
+CVE-2018-9958 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9957
+CVE-2018-9957 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9956
+CVE-2018-9956 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9955
+CVE-2018-9955 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9954
+CVE-2018-9954 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9953
+CVE-2018-9953 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9952
+CVE-2018-9952 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9951
+CVE-2018-9951 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9950
+CVE-2018-9950 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9949
+CVE-2018-9949 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9948
+CVE-2018-9948 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9947
+CVE-2018-9947 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9946
+CVE-2018-9946 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9945
+CVE-2018-9945 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9944
+CVE-2018-9944 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9943
+CVE-2018-9943 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9942
+CVE-2018-9942 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9941
+CVE-2018-9941 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9940
+CVE-2018-9940 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9939
+CVE-2018-9939 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9938
+CVE-2018-9938 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9937
+CVE-2018-9937 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9936
+CVE-2018-9936 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9935
+CVE-2018-9935 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-9934
+CVE-2018-9934 (The reset-password feature in MetInfo 6.0 allows remote attackers to c ...)
 	NOT-FOR-US: MetInfo
 CVE-2018-9933
 	RESERVED
@@ -28701,27 +28701,27 @@ CVE-2018-9930
 	RESERVED
 CVE-2018-9929
 	RESERVED
-CVE-2018-9928
+CVE-2018-9928 (Cross-site scripting (XSS) vulnerability in save.php in MetInfo 6.0 al ...)
 	NOT-FOR-US: MetInfo
-CVE-2018-9927
+CVE-2018-9927 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerabil ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-9926
+CVE-2018-9926 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerabil ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2018-9925
+CVE-2018-9925 (An issue was discovered in idreamsoft iCMS through 7.0.7. XSS exists v ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-9924
+CVE-2018-9924 (An issue was discovered in idreamsoft iCMS through 7.0.7. SQL injectio ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-9923
+CVE-2018-9923 (An issue was discovered in idreamsoft iCMS through 7.0.7. CSRF exists  ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-9922
+CVE-2018-9922 (An issue was discovered in idreamsoft iCMS through 7.0.7. Physical pat ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2018-9921
+CVE-2018-9921 (In CMS Made Simple 2.2.7, a Directory Traversal issue makes it possibl ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-9920
+CVE-2018-9920 (Server side request forgery exists in the runtime application in K2 sm ...)
 	NOT-FOR-US: K2
-CVE-2018-9919
+CVE-2018-9919 (A web-accessible backdoor, with resultant SSRF, exists in Tp-shop 2.0. ...)
 	NOT-FOR-US: Tp-shop
-CVE-2018-9918
+CVE-2018-9918 (libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionar ...)
 	- qpdf 8.0.2-3 (bug #895443)
 	[stretch] - qpdf <no-dsa> (Minor issue)
 	[jessie] - qpdf <no-dsa> (Minor issue)
@@ -28827,28 +28827,28 @@ CVE-2018-9869
 	RESERVED
 CVE-2018-9868
 	RESERVED
-CVE-2018-9867
+CVE-2018-9867 (In SonicWall SonicOS, administrators without full permissions can down ...)
 	NOT-FOR-US: SonicWall
-CVE-2018-9866
+CVE-2018-9866 (A vulnerability in lack of validation of user-supplied parameters pass ...)
 	NOT-FOR-US: SonicWall
 CVE-2018-9865
 	RESERVED
-CVE-2018-9864
+CVE-2018-9864 (The WP Live Chat Support plugin before 8.0.06 for WordPress has stored ...)
 	NOT-FOR-US: WP Live Chat Support plugin for WordPress
 CVE-2018-9863
 	RESERVED
-CVE-2018-9862
+CVE-2018-9862 (util.c in runV 1.0.0 for Docker mishandles a numeric username, which a ...)
 	NOT-FOR-US: runV for Docker
-CVE-2018-9861
+CVE-2018-9861 (Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka im ...)
 	NOT-FOR-US: ckeditor plugin
-CVE-2018-9860
+CVE-2018-9860 (An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An  ...)
 	- botan 2.4.0-6
 	- botan1.10 <not-affected> (Issue introduced in 1.11.32)
 	NOTE: https://github.com/randombit/botan/commit/ec222c99719c396a1f4756b2ca345dbbfbeb5ed5
 	NOTE: Bug introduced in 1.11.32, fixed in 2.6.0
-CVE-2018-9859
+CVE-2018-9859 (The path of Whale update service was unquoted in NAVER Whale before 1. ...)
 	NOT-FOR-US: Whale
-CVE-2018-1000168
+CVE-2018-1000168 (nghttp2 version &gt;= 1.10.0 and nghttp2 &lt;= v1.31.0 contains an Imp ...)
 	- nghttp2 1.31.1-1 (low; bug #895566)
 	[stretch] - nghttp2 <no-dsa> (Minor issue)
 	[jessie] - nghttp2 <not-affected> (Issue introduced in 1.10.0)
@@ -28857,29 +28857,29 @@ CVE-2018-1000168
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/12/4
 CVE-2018-9858
 	RESERVED
-CVE-2018-9857
+CVE-2018-9857 (PHP Scripts Mall Match Clone Script 1.0.4 has XSS via the search field ...)
 	NOT-FOR-US: PHP Scripts Mall Match Clone Script
-CVE-2018-9856
+CVE-2018-9856 (Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local roles  ...)
 	NOT-FOR-US: Kotti
 CVE-2018-9855
 	RESERVED
 CVE-2018-9854
 	RESERVED
-CVE-2018-9853
+CVE-2018-9853 (Insecure access control in freeSSHd version 1.3.1 allows attackers to  ...)
 	NOT-FOR-US: freeSSHd
-CVE-2018-9852
+CVE-2018-9852 (In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allow ...)
 	NOT-FOR-US: Gxlcms QY
-CVE-2018-9851
+CVE-2018-9851 (In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allow ...)
 	NOT-FOR-US: Gxlcms QY
-CVE-2018-9850
+CVE-2018-9850 (In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\DataAction.class.php allo ...)
 	NOT-FOR-US: Gxlcms QY
-CVE-2018-9849
+CVE-2018-9849 (Pulse Secure Pulse Connect Secure 8.1.x before 8.1R14, 8.2.x before 8. ...)
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-9848
+CVE-2018-9848 (In Gxlcms QY v1.0.0713, the upload function in Lib\Lib\Action\Admin\Up ...)
 	NOT-FOR-US: Gxlcms QY
-CVE-2018-9847
+CVE-2018-9847 (In Gxlcms QY v1.0.0713, the update function in Lib\Lib\Action\Admin\Tp ...)
 	NOT-FOR-US: Gxlcms QY
-CVE-2018-9846
+CVE-2018-9846 (In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin ena ...)
 	{DSA-4181-1}
 	- roundcube 1.3.6+dfsg.1-1 (bug #895184)
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present in archive.php)
@@ -28889,30 +28889,30 @@ CVE-2018-9846
 	NOTE: https://github.com/roundcube/roundcubemail/commit/5b7e9a2c960eb4fd2364921297020a5dcd2d7dbc (release-1.2)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/c69b851b8a704f6483ec9d1cae7cd1ecd33c3343 (release-1.2)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/7901047474729a7f466eb8c59c92a36fc7cf0e70 (release-1.2)
-CVE-2018-9845
+CVE-2018-9845 (Etherpad Lite before 1.6.4 is exploitable for admin access. ...)
 	- etherpad-lite <itp> (bug #576998)
-CVE-2018-9844
+CVE-2018-9844 (The Iptanus WordPress File Upload plugin before 4.3.4 for WordPress mi ...)
 	NOT-FOR-US: Iptanus WordPress File Upload plugin for WordPress
-CVE-2018-9843
+CVE-2018-9843 (The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10 ...)
 	NOT-FOR-US: CyberArk Password Vault Web Access
-CVE-2018-9842
+CVE-2018-9842 (CyberArk Password Vault before 9.7 allows remote attackers to obtain s ...)
 	NOT-FOR-US: CyberArk Password Vault
-CVE-2018-9841
+CVE-2018-9841 (The export function in libavfilter/vf_signature.c in FFmpeg through 3. ...)
 	- ffmpeg 7:3.4.3-1 (low)
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=35eeff30caf34df835206f1c12bcf4b7c2bd6758
-CVE-2018-9840
+CVE-2018-9840 (The Open Whisper Signal app before 2.23.2 for iOS allows physically pr ...)
 	NOT-FOR-US: Open Whisper Signal app for iOS
 CVE-2018-9839
 	RESERVED
-CVE-2018-1000164
+CVE-2018-1000164 (gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of ...)
 	{DSA-4186-1 DLA-1357-1}
 	- gunicorn 19.5.0-1 (bug #896548)
 	NOTE: https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.4.5
 	NOTE: https://github.com/benoitc/gunicorn/issues/1227
 	NOTE: https://github.com/benoitc/gunicorn/commit/5263a4ef2a63c62216680876f3813959839608ff
-CVE-2018-1000161
+CVE-2018-1000161 (nmap version 6.49BETA6 through 7.60, up to and including SVN revision  ...)
 	- nmap 7.70+dfsg1-1
 	[stretch] - nmap <no-dsa> (Minor issue)
 	[jessie] - nmap <not-affected> (Vulnerable code not present)
@@ -28923,7 +28923,7 @@ CVE-2018-1000161
 	NOTE: Fixed by: https://github.com/nmap/nmap/commit/80e1977308e51b1b7aa038a38f8837a7e90b3849
 	NOTE: Introduced in https://github.com/nmap/nmap/commit/88381c2e685297a4fafe7182a06877b27da34e1e
 	NOTE: Script added in 6.49BETA6 (cf. https://bugzilla.novell.com/show_bug.cgi?id=1088608#c1)
-CVE-2018-1000159
+CVE-2018-1000159 (tlslite-ng version 0.7.3 and earlier, since commit d7b288316bca7bcdd08 ...)
 	- tlslite-ng 0.7.4-1 (low; bug #895728)
 	[stretch] - tlslite-ng 0.6.0-1+deb9u1
 	NOTE: https://github.com/tomato42/tlslite-ng/pull/234
@@ -28932,7 +28932,7 @@ CVE-2018-1000159
 	NOTE: https://github.com/tomato42/tlslite-ng/pull/235/commits/e5e9145558f4c1a81071c61c947aa55a52542585 (backport for tslite-ng-0.7)
 CVE-2018-1000157
 	REJECTED
-CVE-2018-9838
+CVE-2018-9838 (The caml_ba_deserialize function in byterun/bigarray.c in the standard ...)
 	- ocaml 4.05.0-11 (bug #895472)
 	[stretch] - ocaml <no-dsa> (Minor issue)
 	[jessie] - ocaml <no-dsa> (Minor issue)
@@ -28941,7 +28941,7 @@ CVE-2018-9838
 	NOTE: https://github.com/ocaml/ocaml/pull/1718
 	NOTE: https://github.com/ocaml/ocaml/commit/9664c7ee807c2dfa802f53cabd405ff58e219c47
 	NOTE: Before 4.06.0+beta1 the code is present in otherlibs/bigarray/bigarray_stubs.c
-CVE-2018-10101
+CVE-2018-10101 (Before WordPress 4.9.5, the URL validator assumed URLs with the hostna ...)
 	- wordpress 4.9.5+dfsg1-1 (bug #895034)
 	[stretch] - wordpress 4.7.5+dfsg-2+deb9u3
 	[jessie] - wordpress <not-affected> (vulnerable code is not present)
@@ -28949,12 +28949,12 @@ CVE-2018-10101
 	NOTE: https://core.trac.wordpress.org/changeset/42894
 	NOTE: https://github.com/WordPress/WordPress/commit/804363859602d4050d9a38a21f5a65d9aec18216
 	NOTE: Introduced via https://github.com/WordPress/WordPress/commit/c73a812109e1a64ecf21b6a198f949c58d1f2674 (4.5)
-CVE-2018-10100
+CVE-2018-10100 (Before WordPress 4.9.5, the redirection URL for the login page was not ...)
 	{DSA-4193-1 DLA-1366-1}
 	- wordpress 4.9.5+dfsg1-1 (bug #895034)
 	NOTE: https://core.trac.wordpress.org/changeset/42892
 	NOTE: https://github.com/WordPress/WordPress/commit/14bc2c0a6fde0da04b47130707e01df850eedc7e
-CVE-2018-10102
+CVE-2018-10102 (Before WordPress 4.9.5, the version string was not escaped in the get_ ...)
 	{DSA-4193-1 DLA-1366-1}
 	- wordpress 4.9.5+dfsg1-1 (bug #895034)
 	NOTE: https://core.trac.wordpress.org/changeset/42893
@@ -29445,68 +29445,68 @@ CVE-2018-9596
 	RESERVED
 CVE-2018-9595
 	RESERVED
-CVE-2018-9594
+CVE-2018-9594 (In llcp_link_proc_agf_pdu of llcp_link.cc in Android-7.0, Android-7.1. ...)
 	NOT-FOR-US: Android
-CVE-2018-9593
+CVE-2018-9593 (In llcp_dlc_proc_i_pdu of llcp_dlc.cc in Android-7.0, Android-7.1.1, A ...)
 	NOT-FOR-US: Android
-CVE-2018-9592
+CVE-2018-9592 (In mca_ccb_hdl_rsp of mca_cact.cc in Android-7.0, Android-7.1.1, Andro ...)
 	NOT-FOR-US: Android
-CVE-2018-9591
+CVE-2018-9591 (In bta_hh_ctrl_dat_act of bta_hh_act.cc in Android-7.0, Android-7.1.1, ...)
 	NOT-FOR-US: Android
-CVE-2018-9590
+CVE-2018-9590 (In add_attr of sdp_discovery.c in Android-7.0, Android-7.1.1, Android- ...)
 	NOT-FOR-US: Android
-CVE-2018-9589
+CVE-2018-9589 (In ieee802_11_rx_wnmsleep_req of wnm_ap.c in Android-7.0, Android-7.1. ...)
 	NOT-FOR-US: Android
-CVE-2018-9588
+CVE-2018-9588 (In avdt_scb_hdl_report of avdt_scb_act.cc in Android-7.0, Android-7.1. ...)
 	NOT-FOR-US: Android
-CVE-2018-9587
+CVE-2018-9587 (In savePhotoFromUriToUri of ContactPhotoUtils.java in Android-7.0, And ...)
 	NOT-FOR-US: Android
-CVE-2018-9586
+CVE-2018-9586 (In run of InstallPackageTask.java in Android-7.0, Android-7.1.1, Andro ...)
 	NOT-FOR-US: Android
-CVE-2018-9585
+CVE-2018-9585 (In nfc_ncif_proc_get_routing of nfc_ncif.cc in Android-7.0, Android-7. ...)
 	NOT-FOR-US: Android
-CVE-2018-9584
+CVE-2018-9584 (In nfc_ncif_set_config_status of nfc_ncif.cc in Android-7.0, Android-7 ...)
 	NOT-FOR-US: Android
-CVE-2018-9583
+CVE-2018-9583 (In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, A ...)
 	NOT-FOR-US: Android
-CVE-2018-9582
+CVE-2018-9582 (In package installer in Android-8.0, Android-8.1 and Android-9, there  ...)
 	NOT-FOR-US: Android
 CVE-2018-9581
 	RESERVED
-CVE-2018-9580
+CVE-2018-9580 (A Elevation of privilege vulnerability in the HTC bootloader. Product: ...)
 	NOT-FOR-US: HTC
 CVE-2018-9579
 	RESERVED
-CVE-2018-9578
+CVE-2018-9578 (In ixheaacd_adts_crc_start_reg of ixheaacd_adts_crc_check.c, there is  ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9577
+CVE-2018-9577 (In impd_parametric_drc_parse_gain_set_params of impd_drc_static_payloa ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9576
+CVE-2018-9576 (In impd_parse_parametric_drc_instructions of impd_drc_static_payload.c ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9575
+CVE-2018-9575 (In impd_parse_dwnmix_instructions of impd_drc_static_payload.c there i ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9574
+CVE-2018-9574 (In impd_parse_split_drc_characteristic of impd_drc_static_payload.c th ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9573
+CVE-2018-9573 (In impd_parse_filt_block of impd_drc_dynamic_payload.c there is a poss ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9572
+CVE-2018-9572 (In impd_drc_parse_coeff of impd_drc_static_payload.c there is a possib ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9571
+CVE-2018-9571 (In impd_parse_loud_eq_instructions of impd_drc_dynamic_payload.c there ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9570
+CVE-2018-9570 (In impd_parse_drc_ext_v1 of impd_drc_dynamic_payload.c there is a poss ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9569
+CVE-2018-9569 (In impd_init_drc_decode_post_config of impd_drc_gain_decoder.c there i ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9568
+CVE-2018-9568 (In sk_clone_lock of sock.c, there is a possible memory corruption due  ...)
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux 3.16.59-1
 	NOTE: Fixed by: https://git.kernel.org/linus/9d538fa60bad4f7b23193c89e843797a1cf71ef3
-CVE-2018-9567
+CVE-2018-9567 (On Pixel devices there is a bug causing verified boot to show the same ...)
 	NOT-FOR-US: Android
-CVE-2018-9566
+CVE-2018-9566 (In process_service_search_rsp of sdp_discovery.c, there is a possible  ...)
 	NOT-FOR-US: Android
-CVE-2018-9565
+CVE-2018-9565 (In readBytes of xltdecwbxml.c, there is a possible out of bounds read  ...)
 	NOT-FOR-US: Android
 CVE-2018-9564
 	RESERVED
@@ -29514,165 +29514,165 @@ CVE-2018-9564
 CVE-2018-9563
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2018-9562
+CVE-2018-9562 (In bta_ag_do_disc of bta_ag_sdp.cc, there is a possible out-of-bound r ...)
 	NOT-FOR-US: Android
 CVE-2018-9561
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2018-9560
+CVE-2018-9560 (In HID_DevAddRecord of hidd_api.cc, there is a possible out-of-bounds  ...)
 	NOT-FOR-US: Android
-CVE-2018-9559
+CVE-2018-9559 (In persist_set_key and other functions of cryptfs.cpp, there is a poss ...)
 	NOT-FOR-US: Android
-CVE-2018-9558
+CVE-2018-9558 (In rw_t2t_handle_tlv_detect of rw_t2t_ndef.cc, there is a possible out ...)
 	NOT-FOR-US: Android
-CVE-2018-9557
+CVE-2018-9557 (In really_install_package of install.cpp, there is a possible free of  ...)
 	NOT-FOR-US: Android
-CVE-2018-9556
+CVE-2018-9556 (In ParsePayloadHeader of payload_metadata.cc, there is a possible out  ...)
 	NOT-FOR-US: Android
-CVE-2018-9555
+CVE-2018-9555 (In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds w ...)
 	NOT-FOR-US: Android
-CVE-2018-9554
+CVE-2018-9554 (In dumpExtractors of IMediaExtractor.cp, there is a possible disclosur ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9553
+CVE-2018-9553 (In MasteringMetadata::Parse of mkvparser.cc there is a possible double ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9552
+CVE-2018-9552 (In ihevcd_sao_shift_ctb of ihevcd_sao.c there is a possible out of bou ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9551
+CVE-2018-9551 (In CAacDecoder_Init of aacdecoder.cpp, there is a possible out-of-boun ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9550
+CVE-2018-9550 (In CAacDecoder_Init of aacdecoder.cpp, there is a possible out of boun ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9549
+CVE-2018-9549 (In lppTransposer of lpp_tran.cpp there is a possible out of bounds wri ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9548
+CVE-2018-9548 (In multiple functions of ContentProvider.java, there is a possible per ...)
 	NOT-FOR-US: Android
-CVE-2018-9547
+CVE-2018-9547 (In unflatten of GraphicBuffer.cpp, there is a possible bad fd close du ...)
 	NOT-FOR-US: Android
 CVE-2018-9546
 	RESERVED
-CVE-2018-9545
+CVE-2018-9545 (In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible out-of-boun ...)
 	NOT-FOR-US: Android
-CVE-2018-9544
+CVE-2018-9544 (In register_app of btif_hd.cc, there is a possible out-of-bounds read  ...)
 	NOT-FOR-US: Android
-CVE-2018-9543
+CVE-2018-9543 (In trim_device of f2fs_format_utils.c, it is possible that the data pa ...)
 	NOT-FOR-US: Android
-CVE-2018-9542
+CVE-2018-9542 (In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of ...)
 	NOT-FOR-US: Android
-CVE-2018-9541
+CVE-2018-9541 (In avrc_pars_vendor_rsp of avcr_pars_ct.cc, there is a possible out-of ...)
 	NOT-FOR-US: Android
-CVE-2018-9540
+CVE-2018-9540 (In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c, there is a possible ou ...)
 	NOT-FOR-US: Android
-CVE-2018-9539
+CVE-2018-9539 (In the ClearKey CAS descrambler, there is a possible use after free du ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9538
+CVE-2018-9538 (In V4L2SliceVideoDecodeAccelerator::Dequeue of v4l2_slice_video_decode ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9537
+CVE-2018-9537 (In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a possible out-o ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9536
+CVE-2018-9536 (In numerous functions of libFDK, there are possible out of bounds writ ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9535
+CVE-2018-9535 (In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a possible ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9534
+CVE-2018-9534 (In ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c there is a possib ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9533
+CVE-2018-9533 (In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9532
+CVE-2018-9532 (In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there is a po ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9531
+CVE-2018-9531 (In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a possible out ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9530
+CVE-2018-9530 (In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a possibl ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9529
+CVE-2018-9529 (In ixheaacd_individual_ch_stream of ixheaacd_channel.c there is a poss ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9528
+CVE-2018-9528 (In ixheaacd_over_lap_add1_armv8 of ixheaacd_overlap_add1.s there is a  ...)
 	NOT-FOR-US: Android libxaac
-CVE-2018-9527
+CVE-2018-9527 (In vorbis_book_decodev_set of codebook.c there is a possible out of bo ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9526
+CVE-2018-9526 (In device configuration data, there is an improperly configured settin ...)
 	NOT-FOR-US: Android
-CVE-2018-9525
+CVE-2018-9525 (In the AndroidManifest.xml file defining the SliceBroadcastReceiver ha ...)
 	NOT-FOR-US: Android
-CVE-2018-9524
+CVE-2018-9524 (In functionality implemented in System UI, there are insufficient prot ...)
 	NOT-FOR-US: Android
-CVE-2018-9523
+CVE-2018-9523 (In Parcel.writeMapInternal of Parcel.java, there is a possible parcel  ...)
 	NOT-FOR-US: Android
-CVE-2018-9522
+CVE-2018-9522 (In the serialization functions of StatsLogEventWrapper.java, there is  ...)
 	NOT-FOR-US: Android
-CVE-2018-9521
+CVE-2018-9521 (In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out  ...)
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9520
 	RESERVED
-CVE-2018-9519
+CVE-2018-9519 (In easelcomm_hw_build_scatterlist, there is a possible out of bounds w ...)
 	NOT-FOR-US: Android kernel
-CVE-2018-9518
+CVE-2018-9518 (In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible ou ...)
 	- linux 4.16.5-1
 	[stretch] - linux 4.9.107-1
 	[jessie] - linux 3.16.57-1
 	NOTE: Fixed by: https://git.kernel.org/linus/fe9c842695e26d8116b61b80bfb905356f07834b (4.16-rc3)
-CVE-2018-9517
+CVE-2018-9517 (In pppol2tp_connect, there is possible memory corruption due to a use  ...)
 	- linux 4.14.2-1
 	[jessie] - linux 3.16.51-1
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f026bc29a8e093edfbb2a77700454b285c97e8ad
 	NOTE: https://source.android.com/security/bulletin/pixel/2018-09-01
-CVE-2018-9516
+CVE-2018-9516 (In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possib ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.6-1
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=717adfdaf14704fd3ec7fa2c04520c0723247eac
 	NOTE: https://source.android.com/security/bulletin/pixel/2018-09-01
-CVE-2018-9515
+CVE-2018-9515 (In sdcardfs_create and sdcardfs_mkdir of inode.c, there is a possible  ...)
 	NOT-FOR-US: Android kernel (apparently not in mainline)
-CVE-2018-9514
+CVE-2018-9514 (In sdcardfs_open of file.c, there is a possible Use After Free due to  ...)
 	NOT-FOR-US: Android kernel (apparently not in mainline)
-CVE-2018-9513
+CVE-2018-9513 (In copy_process of fork.c, there is possible memory corruption due to  ...)
 	NOT-FOR-US: Android kernel (apparently not in mainline)
 CVE-2018-9512
 	RESERVED
-CVE-2018-9511
+CVE-2018-9511 (In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible ...)
 	NOT-FOR-US: Android
-CVE-2018-9510
+CVE-2018-9510 (In smp_proc_enc_info of smp_act.cc, there is a possible out of bounds  ...)
 	NOT-FOR-US: Android
-CVE-2018-9509
+CVE-2018-9509 (In smp_proc_master_id of smp_act.cc, there is a possible out of bounds ...)
 	NOT-FOR-US: Android
-CVE-2018-9508
+CVE-2018-9508 (In smp_process_keypress_notification of smp_act.cc, there is a possibl ...)
 	NOT-FOR-US: Android
-CVE-2018-9507
+CVE-2018-9507 (In bta_av_proc_meta_cmd of bta_av_act.cc, there is a possible out of b ...)
 	NOT-FOR-US: Android
-CVE-2018-9506
+CVE-2018-9506 (In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bound rea ...)
 	NOT-FOR-US: Android
-CVE-2018-9505
+CVE-2018-9505 (In mca_ccb_hdl_req of mca_cact.cc, there is a possible out of bounds r ...)
 	NOT-FOR-US: Android
-CVE-2018-9504
+CVE-2018-9504 (In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of b ...)
 	NOT-FOR-US: Android
-CVE-2018-9503
+CVE-2018-9503 (In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out ...)
 	NOT-FOR-US: Android
-CVE-2018-9502
+CVE-2018-9502 (In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out ...)
 	NOT-FOR-US: Android
-CVE-2018-9501
+CVE-2018-9501 (In the SetupWizard, there is a possible Factory Reset Protection bypas ...)
 	NOT-FOR-US: Android
 CVE-2018-9500
 	RESERVED
-CVE-2018-9499
+CVE-2018-9499 (In readVector of iCrypto.cpp, there is a possible invalid read due to  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9498
+CVE-2018-9498 (In SkSampler::Fill of SkSampler.cpp, there is a possible out of bounds ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9497
+CVE-2018-9497 (In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 of impeg2_format_conv.s  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9496
+CVE-2018-9496 (In ixheaacd_real_synth_fft_p3 of ixheaacd_esbr_fft.c there is a possib ...)
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9495
 	RESERVED
 CVE-2018-9494
 	RESERVED
-CVE-2018-9493
+CVE-2018-9493 (In the content provider of the download manager, there is a possible S ...)
 	NOT-FOR-US: Android
-CVE-2018-9492
+CVE-2018-9492 (In checkGrantUriPermissionLocked of ActivityManagerService.java, there ...)
 	NOT-FOR-US: Android
-CVE-2018-9491
+CVE-2018-9491 (In AMediaCodecCryptoInfo_new of NdkMediaCodec.cpp, there is a possible ...)
 	NOT-FOR-US: Android
-CVE-2018-9490
+CVE-2018-9490 (In CollectValuesOrEntriesImpl of elements.cc, there is possible remote ...)
 	NOT-FOR-US: Android
-CVE-2018-9489
+CVE-2018-9489 (When wifi is switched, function sendNetworkStateChangeBroadcast of Wif ...)
 	NOT-FOR-US: Android
-CVE-2018-9488
+CVE-2018-9488 (In the SELinux permissions of crash_dump.te, there is a permissions by ...)
 	NOT-FOR-US: Android
 CVE-2018-9487
 	RESERVED
@@ -29707,14 +29707,14 @@ CVE-2018-9478
 CVE-2018-9477
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2018-9476
+CVE-2018-9476 (In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible use- ...)
 	NOT-FOR-US: Android
 CVE-2018-9475
 	RESERVED
 	NOT-FOR-US: Android
 CVE-2018-9474
 	RESERVED
-CVE-2018-9473
+CVE-2018-9473 (In ihevcd_parse_sei_payload of ihevcd_parse_headers.c, there is a poss ...)
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9472
 	RESERVED
@@ -29737,7 +29737,7 @@ CVE-2018-9467
 CVE-2018-9466
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2018-9465
+CVE-2018-9465 (In task_get_unused_fd_flags of binder.c, there is a possible memory co ...)
 	- linux 4.14.12-1 (unimportant)
 	NOTE: Android drivers from staging not enabled in any released suite
 	NOTE: https://git.kernel.org/linus/7f3dc0088b98533f17128058fac73cd8b2752ef1
@@ -29751,38 +29751,38 @@ CVE-2018-9461
 	RESERVED
 CVE-2018-9460
 	RESERVED
-CVE-2018-9459
+CVE-2018-9459 (In Attachment of Attachment.java and getFilePath of EmlAttachmentProvi ...)
 	NOT-FOR-US: Android
-CVE-2018-9458
+CVE-2018-9458 (In computeFocusedWindow of RootWindowContainer.java, and related funct ...)
 	NOT-FOR-US: Android
-CVE-2018-9457
+CVE-2018-9457 (In onCheckedChanged of BluetoothPairingController.java, there is a pos ...)
 	NOT-FOR-US: Android
 CVE-2018-9456
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2018-9455
+CVE-2018-9455 (In sdpu_extract_attr_seq of sdp_utils.cc, there is a possible out of b ...)
 	NOT-FOR-US: Android
-CVE-2018-9454
+CVE-2018-9454 (In bnep_data_ind of bnep_main.cc, there is a possible out of bounds re ...)
 	NOT-FOR-US: Android
-CVE-2018-9453
+CVE-2018-9453 (In avdt_msg_prs_cfg of avdt_msg.cc, there is a possible out of bounds  ...)
 	NOT-FOR-US: Android
-CVE-2018-9452
+CVE-2018-9452 (In getOffsetForHorizontal of Layout.java, there is a possible applicat ...)
 	NOT-FOR-US: Android
-CVE-2018-9451
+CVE-2018-9451 (In DynamicRefTable::load of ResourceTypes.cpp, there is a possible out ...)
 	NOT-FOR-US: Android
-CVE-2018-9450
+CVE-2018-9450 (In avrc_proc_vendor_command of avrc_api.cc, there is a possible out of ...)
 	NOT-FOR-US: Android
 CVE-2018-9449
 	RESERVED
-CVE-2018-9448
+CVE-2018-9448 (In avct_bcb_msg_ind of avct_bcb_act.cc, there is a possible out of bou ...)
 	NOT-FOR-US: Android
 CVE-2018-9447
 	RESERVED
-CVE-2018-9446
+CVE-2018-9446 (In smp_br_state_machine_event of smp_br_main.cc, there is a possible o ...)
 	NOT-FOR-US: Android
-CVE-2018-9445
+CVE-2018-9445 (In readMetadata of Utils.cpp, there is a possible path traversal bug d ...)
 	NOT-FOR-US: Android
-CVE-2018-9444
+CVE-2018-9444 (In ih264d_video_decode of ih264d_api.c there is a possible resource ex ...)
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9443
 	RESERVED
@@ -29795,11 +29795,11 @@ CVE-2018-9440
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9439
 	RESERVED
-CVE-2018-9438
+CVE-2018-9438 (When a device connects only over WiFi VPN, the device may not receive  ...)
 	NOT-FOR-US: Android
-CVE-2018-9437
+CVE-2018-9437 (In getstring of ID3.cpp there is a possible out-of-bounds read due to  ...)
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9436
+CVE-2018-9436 (In bnep_data_ind of bnep_main.cc, there is a possible out of bounds re ...)
 	NOT-FOR-US: Android
 CVE-2018-9435
 	RESERVED
@@ -29824,7 +29824,7 @@ CVE-2018-9429
 CVE-2018-9428
 	RESERVED
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9427
+CVE-2018-9427 (In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds  ...)
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9426
 	RESERVED
@@ -29837,7 +29837,7 @@ CVE-2018-9424
 CVE-2018-9423
 	RESERVED
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9422
+CVE-2018-9422 (In get_futex_key of futex.c, there is a use-after-free due to improper ...)
 	{DLA-1422-1}
 	- linux 4.6.1-1
 	NOTE: https://git.kernel.org/linus/65d8fc777f6dcfee12785c057a6b57f679641c90
@@ -29859,7 +29859,7 @@ CVE-2018-9417
 CVE-2018-9416
 	RESERVED
 	NOT-FOR-US: Android kernel (no source release, so not from upstream kernel)
-CVE-2018-9415
+CVE-2018-9415 (In driver_override_store and driver_override_show of bus.c, there is a ...)
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -29928,7 +29928,7 @@ CVE-2018-9387
 	RESERVED
 CVE-2018-9386
 	RESERVED
-CVE-2018-9385
+CVE-2018-9385 (In driver_override_store of bus.c, there is a possible out of bounds w ...)
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -29978,24 +29978,24 @@ CVE-2018-9365
 	NOT-FOR-US: Android
 CVE-2018-9364
 	RESERVED
-CVE-2018-9363
+CVE-2018-9363 (In the hidp_process_report in bluetooth, there is an integer overflow. ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.15-1
-CVE-2018-9362
+CVE-2018-9362 (In processMessagePart of InboundSmsHandler.java, there is a possible r ...)
 	NOT-FOR-US: Android
-CVE-2018-9361
+CVE-2018-9361 (In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds ...)
 	NOT-FOR-US: Android
-CVE-2018-9360
+CVE-2018-9360 (In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds ...)
 	NOT-FOR-US: Android
-CVE-2018-9359
+CVE-2018-9359 (In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds ...)
 	NOT-FOR-US: Android
-CVE-2018-9358
+CVE-2018-9358 (In gatts_process_attribute_req of gatt_sc.cc, there is a possible read ...)
 	NOT-FOR-US: Android
-CVE-2018-9357
+CVE-2018-9357 (In BNEP_Write of bnep_api.cc, there is a possible out of bounds write  ...)
 	NOT-FOR-US: Android
-CVE-2018-9356
+CVE-2018-9356 (In bnep_data_ind of bnep_main.c, there is a possible remote code execu ...)
 	NOT-FOR-US: Android
-CVE-2018-9355
+CVE-2018-9355 (In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of boun ...)
 	NOT-FOR-US: Android
 CVE-2018-9354
 	RESERVED
@@ -30012,7 +30012,7 @@ CVE-2018-9349
 CVE-2018-9348
 	RESERVED
 	NOT-FOR-US: Android Media Framework
-CVE-2018-9347
+CVE-2018-9347 (In function SMF_ParseMetaEvent of file eas_smf.c there is incorrect in ...)
 	NOT-FOR-US: Android Media Framework
 CVE-2018-9346
 	RESERVED
@@ -30039,46 +30039,46 @@ CVE-2018-9339
 CVE-2018-9338
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2018-9337
+CVE-2018-9337 (The PAN-OS web interface administration page in PAN-OS 6.1.20 and earl ...)
 	NOT-FOR-US: PAN-OS
-CVE-2018-9336
+CVE-2018-9336 (openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x  ...)
 	- openvpn <not-affected> (Windows specific issue)
 	NOTE: https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b
-CVE-2018-9335
+CVE-2018-9335 (The PAN-OS session browser in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 ...)
 	NOT-FOR-US: PAN-OS
-CVE-2018-9334
+CVE-2018-9334 (The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, ...)
 	NOT-FOR-US: PAN-OS
 CVE-2018-9333
 	RESERVED
 CVE-2018-9332
 	RESERVED
-CVE-2018-9331
+CVE-2018-9331 (An issue was discovered in zzcms 8.2. user/adv.php allows remote attac ...)
 	NOT-FOR-US: zzcms
-CVE-2018-9330
+CVE-2018-9330 (register.jsp in Coremail XT3.0 allows stored XSS, as demonstrated by t ...)
 	NOT-FOR-US: Coremail XT3.0
 CVE-2018-9329
 	REJECTED
-CVE-2018-9328
+CVE-2018-9328 (PHP Scripts Mall Redbus Clone Script 3.0.6 has XSS via the ter_from or ...)
 	NOT-FOR-US: PHP Scripts Mall Redbus Clone Script
-CVE-2018-9327
+CVE-2018-9327 (Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to execute ar ...)
 	- etherpad-lite <itp> (bug #576998)
-CVE-2018-9326
+CVE-2018-9326 (Etherpad 1.6.3 before 1.6.4 allows an attacker to execute arbitrary co ...)
 	- etherpad-lite <itp> (bug #576998)
-CVE-2018-9325
+CVE-2018-9325 (Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to export all ...)
 	- etherpad-lite <itp> (bug #576998)
 CVE-2018-9324
 	REJECTED
 CVE-2018-9323
 	REJECTED
-CVE-2018-9322
+CVE-2018-9322 (The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW ...)
 	NOT-FOR-US: Head Unit HU_NBT (aka Infotainment) component on BMW vehicles
 CVE-2018-9321
 	REJECTED
-CVE-2018-9320
+CVE-2018-9320 (The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW ...)
 	NOT-FOR-US: BMW (Head Unit HU_NBT component) on BMW vehicles
 CVE-2018-9319
 	REJECTED
-CVE-2018-9318
+CVE-2018-9318 (The Telematics Control Unit (aka Telematic Communication Box or TCB),  ...)
 	NOT-FOR-US: Telematics Control Unit (aka Telematic Communication Box or TCB) on BMW vehicles
 CVE-2018-9317
 	REJECTED
@@ -30086,63 +30086,63 @@ CVE-2018-9316
 	REJECTED
 CVE-2018-9315
 	REJECTED
-CVE-2018-9314
+CVE-2018-9314 (The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW ...)
 	NOT-FOR-US: Head Unit HU_NBT (aka Infotainment) component on BMW vehicles
-CVE-2018-9313
+CVE-2018-9313 (The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW ...)
 	NOT-FOR-US: Head Unit HU_NBT (aka Infotainment) component on BMW vehicles
-CVE-2018-9312
+CVE-2018-9312 (The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW ...)
 	NOT-FOR-US: Head Unit HU_NBT (aka Infotainment) component on BMW vehicles
-CVE-2018-9311
+CVE-2018-9311 (The Telematics Control Unit (aka Telematic Communication Box or TCB),  ...)
 	NOT-FOR-US: Telematics Control Unit (aka Telematic Communication Box or TCB) on BMW vehicles
-CVE-2018-1000155
+CVE-2018-1000155 (OpenFlow version 1.0 onwards contains a Denial of Service and Improper ...)
 	NOT-FOR-US: Flaw in the OpenFlow protocol
-CVE-2018-1000154
+CVE-2018-1000154 (Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutr ...)
 	NOT-FOR-US: Zammad GmbH Zammad
-CVE-2018-1000142
+CVE-2018-1000142 (An exposure of sensitive information vulnerability exists in Jenkins G ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000143
+CVE-2018-1000143 (An exposure of sensitive information vulnerability exists in Jenkins G ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000144
+CVE-2018-1000144 (A cross site scripting vulnerability exists in Jenkins Cucumber Living ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000145
+CVE-2018-1000145 (An exposure of sensitive information vulnerability exists in Jenkins P ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000146
+CVE-2018-1000146 (An arbitrary code execution vulnerability exists in Liquibase Runner P ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000147
+CVE-2018-1000147 (An exposure of sensitive information vulnerability exists in Jenkins P ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000148
+CVE-2018-1000148 (An exposure of sensitive information vulnerability exists in Jenkins C ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000149
+CVE-2018-1000149 (A man in the middle vulnerability exists in Jenkins Ansible Plugin 0.8 ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000150
+CVE-2018-1000150 (An exposure of sensitive information vulnerability exists in Jenkins R ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000151
+CVE-2018-1000151 (A man in the middle vulnerability exists in Jenkins vSphere Plugin 2.1 ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000152
+CVE-2018-1000152 (An improper authorization vulnerability exists in Jenkins vSphere Plug ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000153
+CVE-2018-1000153 (A cross-site request forgery vulnerability exists in Jenkins vSphere P ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-9310
+CVE-2018-9310 (An issue was discovered in MagniComp SysInfo before 10-H82 if setuid r ...)
 	NOT-FOR-US: MagniComp SysInfo
-CVE-2018-9309
+CVE-2018-9309 (An issue was discovered in zzcms 8.2. It allows SQL injection via the  ...)
 	NOT-FOR-US: zzcms
 CVE-2018-9308
 	RESERVED
-CVE-2018-9307
+CVE-2018-9307 (dsmall v20180320 allows XSS via the pdr_sn parameter to public/index.p ...)
 	NOT-FOR-US: dsmall
 CVE-2018-9306
 	REJECTED
-CVE-2018-9305
+CVE-2018-9305 (In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in ip ...)
 	[experimental] - exiv2 <unfixed>
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/263
-CVE-2018-9304
+CVE-2018-9304 (In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffim ...)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.26)
 	NOTE: https://github.com/Exiv2/exiv2/issues/262
-CVE-2018-9303
+CVE-2018-9303 (In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigti ...)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.26)
 	NOTE: https://github.com/Exiv2/exiv2/issues/262
-CVE-2018-9302
+CVE-2018-9302 (SSRF (Server Side Request Forgery) in /assets/lib/fuc.js.php in Cockpi ...)
 	NOT-FOR-US: Cockpit CMS (different from src:cockpit)
 CVE-2018-9301
 	RESERVED
@@ -30176,37 +30176,37 @@ CVE-2018-9287
 	RESERVED
 CVE-2018-9286
 	RESERVED
-CVE-2018-9243
+CVE-2018-9243 (GitLab Community and Enterprise Editions version 8.4 up to 10.4 are vu ...)
 	- gitlab 10.6.3+dfsg-1 (bug #894869)
 	NOTE: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
-CVE-2018-9244
+CVE-2018-9244 (GitLab Community and Enterprise Editions version 9.2 up to 10.4 are vu ...)
 	- gitlab 10.6.3+dfsg-1 (bug #894868)
 	[stretch] - gitlab <not-affected> (Vulnerable code introduced in 9.2)
 	NOTE: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
 CVE-2018-XXXX [Confidential issue comments in Slack, Mattermost, and webhook integrations]
 	- gitlab 10.6.3+dfsg-1 (bug #894867)
 	NOTE: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
-CVE-2018-9285
+CVE-2018-9285 (Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT ...)
 	NOT-FOR-US: ASUS
-CVE-2018-9284
+CVE-2018-9284 (authentication.cgi on D-Link DIR-868L devices with Singapore StarHub f ...)
 	NOT-FOR-US: D-Link
-CVE-2018-9283
+CVE-2018-9283 (An XSS issue was discovered in CremeCRM 1.6.12. It is affected by 10 s ...)
 	NOT-FOR-US: Creme CRM
-CVE-2018-9282
+CVE-2018-9282 (An XSS issue was discovered in Subsonic Media Server 6.1.1. The podcas ...)
 	NOT-FOR-US: Subsonic Media Server
-CVE-2018-9281
+CVE-2018-9281 (An issue was discovered on Eaton UPS 9PX 8000 SP devices. The administ ...)
 	NOT-FOR-US: Eaton
-CVE-2018-9280
+CVE-2018-9280 (An issue was discovered on Eaton UPS 9PX 8000 SP devices. The applianc ...)
 	NOT-FOR-US: Eaton
-CVE-2018-9279
+CVE-2018-9279 (An issue was discovered on Eaton UPS 9PX 8000 SP devices. The applianc ...)
 	NOT-FOR-US: Eaton
 CVE-2018-9278
 	RESERVED
 CVE-2018-9277
 	RESERVED
-CVE-2018-9276
+CVE-2018-9276 (An issue was discovered in PRTG Network Monitor before 18.2.39. An att ...)
 	NOT-FOR-US: PRTG Network Monitor
-CVE-2018-9275
+CVE-2018-9275 (In check_user_token in util.c in the Yubico PAM module (aka pam_yubico ...)
 	- yubico-pam 2.26-1 (bug #896491)
 	[stretch] - yubico-pam <no-dsa> (Minor issue)
 	[jessie] - yubico-pam <not-affected> (Vulnerable code introduced later)
@@ -30215,13 +30215,13 @@ CVE-2018-9275
 	NOTE: Fixed by: https://github.com/Yubico/yubico-pam/commit/0f6ceabab0a8849b47f67d727aa526c2656089ba
 	NOTE: Introduced in: https://github.com/Yubico/yubico-pam/commit/d9780eacd9e61c5062cdabdce21c224de1884583 (2.18)
 	NOTE: https://github.com/Yubico/yubico-pam/issues/136
-CVE-2018-1002150
+CVE-2018-1002150 (Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access con ...)
 	- koji <not-affected> (Issue introduced in 1.12.0, cf. #894832)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/04/1
 	NOTE: https://docs.pagure.org/koji/CVE-2018-1002150/
 	NOTE: https://pagure.io/koji/issue/850
 	NOTE: Fixed by: https://pagure.io/koji/c/ab1ade7
-CVE-2018-9274
+CVE-2018-9274 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c  ...)
 	- wireshark 2.4.6-1
 	[stretch] - wireshark <not-affected> (Vulnerable code not present)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
@@ -30230,7 +30230,7 @@ CVE-2018-9274
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=211845aba4794720ae265c782cdffddae54a3e7a
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f38e895dfc0d97bce64f73ce99df706911d9aa07
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9273
+CVE-2018-9273 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packe ...)
 	- wireshark 2.4.6-1
 	[stretch] - wireshark 2.2.6+g32dac6a-2+deb9u3
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
@@ -30238,60 +30238,60 @@ CVE-2018-9273
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14488
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1f8f1456f1e73b6c09e50a64749e43413ac12df7
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9272
+CVE-2018-9272 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packe ...)
 	- wireshark 2.4.6-1 (low)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14487
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6e3b90824a82724f445a0374e99f0b76e4cf5e8b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9271
+CVE-2018-9271 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packe ...)
 	- wireshark 2.4.6-1 (low)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14486
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5b0228945dc74ee82d2ab4a4e7af2bdfe7b75910
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9270
+CVE-2018-9270 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a mem ...)
 	{DLA-1634-1 DLA-1388-1}
 	- wireshark 2.4.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14485
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=0fbc50f9b9219be54d6db47f04b65af19696a7c7
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9269
+CVE-2018-9269 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packe ...)
 	{DLA-1634-1 DLA-1388-1}
 	- wireshark 2.4.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14484
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e19aba33026212cbe000ece633adf14d109489fa
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9268
+CVE-2018-9268 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packe ...)
 	{DLA-1634-1 DLA-1388-1}
 	- wireshark 2.4.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14483
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c69d710d2bf39fe633800db65efddf55701131b6
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9267
+CVE-2018-9267 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packe ...)
 	{DLA-1634-1}
 	- wireshark 2.4.6-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14482
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8ed057f7faa709dbde34b91f0715a957837f74d9
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9266
+CVE-2018-9266 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packe ...)
 	- wireshark 2.4.6-1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14481
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9d3714e767cb104dcfa1647935fa5960b16bb8e1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9265
+CVE-2018-9265 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packe ...)
 	{DLA-1634-1}
 	- wireshark 2.4.6-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14480
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b12cc581cd4878d74b6116ca02c7dbe650c1f242
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-24.html
-CVE-2018-9264
+CVE-2018-9264 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector cou ...)
 	- wireshark 2.4.6-1
 	[stretch] - wireshark 2.2.6+g32dac6a-2+deb9u3
 	[jessie] - wireshark <not-affected> (Vulnerable code not present (only adb_cs available))
@@ -30299,53 +30299,53 @@ CVE-2018-9264
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14460
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=0290a62be0fca8da9bb190f59dc1fe26c1d65024
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-16.html
-CVE-2018-9263
+CVE-2018-9263 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissecto ...)
 	{DLA-1634-1 DLA-1388-1}
 	- wireshark 2.4.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14576
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4fe65168fd0de81306710330aa414f10f53cbdf0
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-23.html
-CVE-2018-9262
+CVE-2018-9262 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector co ...)
 	{DLA-1634-1}
 	- wireshark 2.4.6-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14469
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f05c3b91f9571210b86576ee6284e71a3306109d
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-19.html
-CVE-2018-9261
+CVE-2018-9261 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector co ...)
 	{DSA-4217-1 DLA-1388-1}
 	- wireshark 2.4.6-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14471
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=66bc372716e04d6a8afdf6712583c9b5d11fee55
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-18.html
-CVE-2018-9260
+CVE-2018-9260 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dis ...)
 	{DLA-1634-1 DLA-1388-1}
 	- wireshark 2.4.6-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14468
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=14d6f717d8ea27688af48532edb1d29f502ea8f0
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-17.html
-CVE-2018-9259
+CVE-2018-9259 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector cou ...)
 	{DLA-1634-1}
 	- wireshark 2.4.6-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13777
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2113179835b37549f245ac7c05ff2b96276893e4
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-15.html
-CVE-2018-9258
+CVE-2018-9258 (In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was a ...)
 	{DLA-1388-1}
 	- wireshark 2.4.6-1 (low)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14472
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2d4695de1477df60b0188fd581c0c279db601978
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-21.html
-CVE-2018-9257
+CVE-2018-9257 (In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infini ...)
 	- wireshark 2.4.6-1 (low)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14530
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d7a9501b0439a5dbf24016a95b4896170d789dc2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-22.html
-CVE-2018-9256
+CVE-2018-9256 (In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector c ...)
 	{DLA-1634-1}
 	- wireshark 2.4.6-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -30358,11 +30358,11 @@ CVE-2018-9254
 	RESERVED
 CVE-2018-9253
 	RESERVED
-CVE-2018-9252
+CVE-2018-9252 (JasPer 2.0.14 allows denial of service via a reachable assertion in th ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/173
 	NOTE: Negligible impact
-CVE-2018-9251
+CVE-2018-9251 (The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is  ...)
 	- libxml2 <not-affected> (Fix for CVE-2017-18258 not applied, cf. bug #895195)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=794914
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74
@@ -30374,56 +30374,56 @@ CVE-2018-9251
 	NOTE: in LZMA_MEMLIMIT_ERROR outcome because there is no way to exceed UINT64_MAX.
 	NOTE: Thus CVE-2018-9251 is only affecting libxml2 if e2a9122b8dde53d320750451e9907a7dcb2ca8bb
 	NOTE: is applied.
-CVE-2018-9250
+CVE-2018-9250 (interface\super\edit_list.php in OpenEMR before v5_0_1_1 allows remote ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-9249
+CVE-2018-9249 (FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ...)
 	NOT-FOR-US: FiberHome VDSL2 Modem HG 150-UB devices
-CVE-2018-9248
+CVE-2018-9248 (FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass vi ...)
 	NOT-FOR-US: FiberHome VDSL2 Modem HG 150-UB devices
-CVE-2018-9247
+CVE-2018-9247 (The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in Gx ...)
 	NOT-FOR-US: Gxlcms QY
-CVE-2018-9246
+CVE-2018-9246 (The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in ...)
 	- libpgobject-util-dbadmin-perl 0.130.1-1 (bug #900942)
 	[stretch] - libpgobject-util-dbadmin-perl <no-dsa> (Minor issue)
 	NOTE: https://github.com/ledgersmb/PGObject-Util-DBAdmin/commit/2c25c3dbc8b832a657247d3ea63ae80f3c5df6b1
 	NOTE: https://github.com/ledgersmb/PGObject-Util-DBAdmin/commit/f4e684008ca9e182833a70793ae91288d2c80218
 	NOTE: https://github.com/ledgersmb/PGObject-Util-DBAdmin/commit/dc48d0e1af0dbf861779b2c781e0f4c612c22cfb
 	NOTE: https://archive.ledgersmb.org/ledger-smb-announce/msg00280.html
-CVE-2018-9245
+CVE-2018-9245 (The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulne ...)
 	NOT-FOR-US: Ericsson-LG iPECS NMS A.1Ac login portal
-CVE-2018-9242
+CVE-2018-9242 (The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, ...)
 	NOT-FOR-US: PAN-OS
 CVE-2018-9241
 	RESERVED
 CVE-2018-9239
 	RESERVED
-CVE-2018-9238
+CVE-2018-9238 (proberv.php in Yahei-PHP Proberv 0.4.7 has XSS via the funName paramet ...)
 	NOT-FOR-US: Yahei-PHP Proberv
-CVE-2018-9237
+CVE-2018-9237 (iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site ...)
 	NOT-FOR-US: iScripts EasyCreate
-CVE-2018-9236
+CVE-2018-9236 (iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site ...)
 	NOT-FOR-US: iScripts EasyCreate
-CVE-2018-9235
+CVE-2018-9235 (iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query  ...)
 	NOT-FOR-US: iScripts SonicBB
-CVE-2018-9234
+CVE-2018-9234 (GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key ce ...)
 	- gnupg2 2.2.7-1 (low; bug #894983)
 	[stretch] - gnupg2 <no-dsa> (Minor issue)
 	[jessie] - gnupg2 <no-dsa> (Minor issue)
 	[wheezy] - gnupg2 <no-dsa> (Minor issue)
 	NOTE: https://dev.gnupg.org/T3844
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=a17d2d1f690ebe5d005b4589a5fe378b6487c657
-CVE-2018-9240
+CVE-2018-9240 (ncmpc through 0.29 is prone to a NULL pointer dereference flaw. If a u ...)
 	- ncmpc 0.33-1 (low; bug #894724)
 	[stretch] - ncmpc <no-dsa> (Minor issue)
 	[jessie] - ncmpc <no-dsa> (Minor issue)
 	[wheezy] - ncmpc <no-dsa> (Minor issue)
-CVE-2018-9233
+CVE-2018-9233 (Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for passwo ...)
 	NOT-FOR-US: Sophos
-CVE-2018-9232
+CVE-2018-9232 (Due to the lack of firmware authentication in the upgrade process of T ...)
 	NOT-FOR-US: T&W WIFI Repeater BE126 devices
 CVE-2018-9231
 	RESERVED
-CVE-2018-9230
+CVE-2018-9230 (** DISPUTED ** In OpenResty through 1.13.6.1, URI parameters are obtai ...)
 	NOT-FOR-US: OpenResty
 CVE-2018-9229
 	RESERVED
@@ -30465,17 +30465,17 @@ CVE-2018-9211
 	RESERVED
 CVE-2018-9210
 	RESERVED
-CVE-2018-9209
+CVE-2018-9209 (Unauthenticated arbitrary file upload vulnerability in FineUploader ph ...)
 	NOT-FOR-US: FineUploader
-CVE-2018-9208
+CVE-2018-9208 (Unauthenticated arbitrary file upload vulnerability in jQuery Picture  ...)
 	NOT-FOR-US: jQuery Picture
-CVE-2018-9207
+CVE-2018-9207 (Arbitrary file upload in jQuery Upload File &lt;= 4.0.2 ...)
 	NOT-FOR-US: jQuery Upload File (different from src:libjs-jquery-file-upload)
-CVE-2018-9206
+CVE-2018-9206 (Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery- ...)
 	- libjs-jquery-file-upload 9.25.0-1
 	NOTE: https://github.com/blueimp/jQuery-File-Upload/pull/3514
 	NOTE: http://www.vapidlabs.com/advisory.php?v=204
-CVE-2018-9205
+CVE-2018-9205 (Vulnerability in avatar_uploader v7.x-1.0-beta8 , The code in view.php ...)
 	NOT-FOR-US: avatar_uploader
 CVE-2018-9204
 	RESERVED
@@ -30497,15 +30497,15 @@ CVE-2018-9196
 	RESERVED
 CVE-2018-9195
 	RESERVED
-CVE-2018-9194
+CVE-2018-9194 (A plaintext recovery of encrypted messages or a Man-in-the-middle (MiT ...)
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2018-9193
 	RESERVED
-CVE-2018-9192
+CVE-2018-9192 (A plaintext recovery of encrypted messages or a Man-in-the-middle (MiT ...)
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2018-9191
 	RESERVED
-CVE-2018-9190
+CVE-2018-9190 (A null pointer dereference vulnerability in Fortinet FortiClientWindow ...)
 	NOT-FOR-US: Fortinet
 CVE-2018-9189
 	RESERVED
@@ -30513,15 +30513,15 @@ CVE-2018-9188
 	RESERVED
 CVE-2018-9187
 	RESERVED
-CVE-2018-9186
+CVE-2018-9186 (A cross-site scripting (XSS) vulnerability in Fortinet FortiAuthentica ...)
 	NOT-FOR-US: Fortinet
-CVE-2018-9185
+CVE-2018-9185 (An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and  ...)
 	NOT-FOR-US: Fortinet
 CVE-2018-9184
 	RESERVED
-CVE-2018-9183
+CVE-2018-9183 (The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS. ...)
 	NOT-FOR-US: Joomla addon
-CVE-2018-9182
+CVE-2018-9182 (Twonky Server before 8.5.1 has XSS via a modified "language" parameter ...)
 	NOT-FOR-US: Twonky Server
 CVE-2018-9181
 	RESERVED
@@ -30531,23 +30531,23 @@ CVE-2018-9179
 	RESERVED
 CVE-2018-9178
 	RESERVED
-CVE-2018-9177
+CVE-2018-9177 (Twonky Server before 8.5.1 has XSS via a folder name on the Shared Fol ...)
 	NOT-FOR-US: Twonky Server
 CVE-2018-9176
 	RESERVED
-CVE-2018-9175
+CVE-2018-9175 (DedeCMS 5.7 allows remote attackers to execute arbitrary PHP code via  ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-9174
+CVE-2018-9174 (sys_verifies.php in DedeCMS 5.7 allows remote attackers to execute arb ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-9173
+CVE-2018-9173 (Cross-site scripting (XSS) vulnerability in admin/template/js/uploadif ...)
 	NOT-FOR-US: GetSimple CMS
-CVE-2018-9172
+CVE-2018-9172 (The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mi ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-9171
 	RESERVED
 CVE-2018-9170
 	RESERVED
-CVE-2018-9169
+CVE-2018-9169 (Z-BlogPHP 1.5.1 has XSS via the zb_users/plugin/AppCentre/plugin_edit. ...)
 	NOT-FOR-US: Z-BlogPHP
 CVE-2018-9168
 	RESERVED
@@ -30555,56 +30555,56 @@ CVE-2018-9167
 	RESERVED
 CVE-2018-9166
 	RESERVED
-CVE-2018-9165
+CVE-2018-9165 (The pushdup function in util/decompile.c in libming through 0.4.8 does ...)
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/121
 CVE-2018-9164
 	RESERVED
-CVE-2018-9163
+CVE-2018-9163 (A stored Cross-site scripting (XSS) vulnerability in Zoho ManageEngine ...)
 	NOT-FOR-US: Zoho
-CVE-2018-9162
+CVE-2018-9162 (Contec Smart Home 4.15 devices do not require authentication for new_u ...)
 	NOT-FOR-US: Contec Smart Home
-CVE-2018-9161
+CVE-2018-9161 (Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers ...)
 	NOT-FOR-US: Prisma Industriale Checkweigher PrismaWEB
-CVE-2018-9160
+CVE-2018-9160 (SickRage before v2018.03.09-1 includes cleartext credentials in HTTP r ...)
 	NOT-FOR-US: SickRage
-CVE-2018-9159
+CVE-2018-9159 (In Spark before 2.7.2, a remote attacker can read unintended static fi ...)
 	NOT-FOR-US: Spark Java framework (unrelated to src:spark)
-CVE-2018-9158
+CVE-2018-9158 (An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5 ...)
 	NOT-FOR-US: AXIS
-CVE-2018-9157
+CVE-2018-9157 (** DISPUTED ** An issue was discovered on AXIS M1033-W (IP camera) Fir ...)
 	NOT-FOR-US: AXIS
-CVE-2018-9156
+CVE-2018-9156 (** DISPUTED ** An issue was discovered on AXIS P1354 (IP camera) Firmw ...)
 	NOT-FOR-US: AXIS
-CVE-2018-9155
+CVE-2018-9155 (Cross-site scripting (XSS) vulnerability in Open-AudIT Professional 2. ...)
 	NOT-FOR-US: Open-AudIT Professional
 CVE-2018-9154
 	REJECTED
-CVE-2018-9153
+CVE-2018-9153 (The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers ...)
 	NOT-FOR-US: Z-BlogPHP
 CVE-2018-9152
 	RESERVED
-CVE-2018-9151
+CVE-2018-9151 (A NULL pointer dereference bug in the function ObReferenceObjectByHand ...)
 	NOT-FOR-US: Kingsoft Internet Security
 CVE-2018-9150
 	RESERVED
-CVE-2018-9149
+CVE-2018-9149 (The Zyxel Multy X (AC3000 Tri-Band WiFi System) device doesn't use a s ...)
 	NOT-FOR-US: Zyxel
-CVE-2018-9148
+CVE-2018-9148 (Western Digital WD My Cloud v04.05.00-320 devices embed the session to ...)
 	NOT-FOR-US: Western Digital WD My Cloud
-CVE-2018-9147
+CVE-2018-9147 (Cross-site scripting (XSS) vulnerabilities in version 7.5.7 of Gespage ...)
 	NOT-FOR-US: Gespage
 CVE-2018-9146
 	REJECTED
-CVE-2018-9145
+CVE-2018-9145 (In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an issu ...)
 	[experimental] - exiv2 <unfixed> (bug #910909)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/xiaoqx/pocs/tree/master/exiv2
 	NOTE: https://github.com/Exiv2/exiv2/pull/470
 	NOTE: Fixed with: https://github.com/Exiv2/exiv2/commit/c03f73268f65c73f9d3d7b670f13e48e92692750
 	NOTE: Issue introduced after https://github.com/Exiv2/exiv2/commit/163f3ce7f17a143f58d857a5cba3cb7b24436a2a
-CVE-2018-9144
+CVE-2018-9144 (In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::bina ...)
 	- exiv2 <unfixed> (low)
 	[buster] - exiv2 <ignored> (Minor issue)
 	[stretch] - exiv2 <ignored> (Minor issue)
@@ -30613,35 +30613,35 @@ CVE-2018-9144
 	NOTE: https://github.com/Exiv2/exiv2/issues/254
 	NOTE: https://github.com/xiaoqx/pocs/tree/master/exiv2
 	NOTE: https://github.com/Exiv2/exiv2/pull/180 intends to fix this
-CVE-2018-9143
+CVE-2018-9143 (On Samsung mobile devices with M(6.0) and N(7.x) software, a heap over ...)
 	NOT-FOR-US: Samsung
-CVE-2018-9142
+CVE-2018-9142 (On Samsung mobile devices with N(7.x) software, attackers can install  ...)
 	NOT-FOR-US: Samsung
-CVE-2018-9141
+CVE-2018-9141 (On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Ga ...)
 	NOT-FOR-US: Samsung
-CVE-2018-9140
+CVE-2018-9140 (On Samsung mobile devices with M(6.0) software, the Email application  ...)
 	NOT-FOR-US: Samsung
-CVE-2018-9139
+CVE-2018-9139 (On Samsung mobile devices with N(7.x) software, a buffer overflow in t ...)
 	NOT-FOR-US: Samsung
-CVE-2018-9138
+CVE-2018-9138 (An issue was discovered in cplus-dem.c in GNU libiberty, as distribute ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23008
-CVE-2018-9137
+CVE-2018-9137 (Open-AudIT before 2.2 has CSV Injection. ...)
 	NOT-FOR-US: Open-AudIT
-CVE-2018-9136
+CVE-2018-9136 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attacker ...)
 	NOT-FOR-US: Jungo
-CVE-2018-9135
+CVE-2018-9135 (In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in ...)
 	- imagemagick 8:6.9.10.8+dfsg-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1009
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/361ed689cc8e56fd125f9d0d6508e9eb303bdca6
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4f7196b0b7539b113f2580b6a77aa496813d8899
 	NOTE: webp support not enabled, see #806425
-CVE-2018-9134
+CVE-2018-9134 (file_manage_control.php in DedeCMS 5.7 has CSRF in an fmdo=rename acti ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-9133
+CVE-2018-9133 (ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage ...)
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (low; bug #894848)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -30650,71 +30650,71 @@ CVE-2018-9133
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1072
 	NOTE: IM6: https://github.com/ImageMagick/ImageMagick/commit/089fca04e0130549fa15f48ace3f56e30a06049a
 	NOTE: IM7: https://github.com/ImageMagick/ImageMagick/commit/19b96ba61431914e2ac316b72c0789965f2b7c09
-CVE-2018-9132
+CVE-2018-9132 (libming 0.4.8 has a NULL pointer dereference in the getInt function of ...)
 	{DLA-1386-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/133
 CVE-2018-9131
 	REJECTED
-CVE-2018-9130
+CVE-2018-9130 (IBOS 4.4.3 has XSS via a company full name. ...)
 	NOT-FOR-US: IBOS
-CVE-2018-9129
+CVE-2018-9129 (ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in ...)
 	NOT-FOR-US: ZyXEL ZyWALL/USG series devices
-CVE-2018-9128
+CVE-2018-9128 (DVD X Player Standard 5.5.3.9 has a Buffer Overflow via a crafted .plf ...)
 	NOT-FOR-US: DVD X Player Standard
-CVE-2018-9127
+CVE-2018-9127 (Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certi ...)
 	- botan 2.4.0-5 (bug #894648)
-CVE-2018-9126
+CVE-2018-9126 (The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote a ...)
 	NOT-FOR-US: DNN
 CVE-2018-9125
 	RESERVED
 CVE-2018-9124
 	RESERVED
-CVE-2018-9123
+CVE-2018-9123 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via a User ...)
 	NOT-FOR-US: Crea8social
-CVE-2018-9122
+CVE-2018-9122 (In Crea8social 2018.2, there is Reflected Cross-Site Scripting via the ...)
 	NOT-FOR-US: Crea8social
-CVE-2018-9121
+CVE-2018-9121 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post ...)
 	NOT-FOR-US: Crea8social
-CVE-2018-9120
+CVE-2018-9120 (In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post ...)
 	NOT-FOR-US: Crea8social
-CVE-2018-9119
+CVE-2018-9119 (An attacker with physical access to a BrilliantTS FUZE card (MCU firmw ...)
 	NOT-FOR-US: BrilliantTS FUZE card
-CVE-2018-9118
+CVE-2018-9118 (exports/download.php in the 99 Robots WP Background Takeover Advertise ...)
 	NOT-FOR-US: 99 Robots WP Background Takeover Advertisements plugin for WordPress
-CVE-2018-9117
+CVE-2018-9117 (WireMock before 2.16.0 contains a vulnerability that allows a remote u ...)
 	NOT-FOR-US: WireMock
-CVE-2018-9116
+CVE-2018-9116 (An XXE vulnerability within WireMock before 2.16.0 allows a remote una ...)
 	NOT-FOR-US: WireMock
-CVE-2018-9115
+CVE-2018-9115 (Systematic SitaWare 6.4 SP2 does not validate input from other sources ...)
 	NOT-FOR-US: Systematic SitaWare
 CVE-2018-9114
 	RESERVED
-CVE-2018-9113
+CVE-2018-9113 (Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows  ...)
 	NOT-FOR-US: Centers for Disease Control and Prevention MicrobeTRACE
-CVE-2018-9112
+CVE-2018-9112 (A low privileged admin account with a weak default password of admin e ...)
 	NOT-FOR-US: Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE
-CVE-2018-9111
+CVE-2018-9111 (Cross Site Scripting (XSS) exists on the Foxconn FEMTO AP-FC4064-T AP_ ...)
 	NOT-FOR-US: Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE
-CVE-2018-9110
+CVE-2018-9110 (Studio 42 elFinder before 2.1.37 has a directory traversal vulnerabili ...)
 	NOT-FOR-US: Studio 42 elFinder
-CVE-2018-9109
+CVE-2018-9109 (Studio 42 elFinder before 2.1.36 has a directory traversal vulnerabili ...)
 	NOT-FOR-US: Studio 42 elFinder
-CVE-2018-9108
+CVE-2018-9108 (CSRF in /admin/user/manage/add in QuickAppsCMS 2.0.0-beta2 allows an u ...)
 	NOT-FOR-US: QuickAppsCMS
-CVE-2018-9107
+CVE-2018-9107 (CSV Injection (aka Excel Macro Injection or Formula Injection) exists  ...)
 	NOT-FOR-US: Acyba AcyMailing extension for Joomla!
-CVE-2018-9106
+CVE-2018-9106 (CSV Injection (aka Excel Macro Injection or Formula Injection) exists  ...)
 	NOT-FOR-US: Acyba AcyMailing extension for Joomla!
-CVE-2018-9105
+CVE-2018-9105 (NordVPN 3.3.10 for macOS suffers from a root privilege escalation vuln ...)
 	NOT-FOR-US: NordVPN
-CVE-2018-9104
+CVE-2018-9104 (A vulnerability in the conferencing component of Mitel MiVoice Connect ...)
 	NOT-FOR-US: Mitel
-CVE-2018-9103
+CVE-2018-9103 (A vulnerability in the conferencing component of Mitel MiVoice Connect ...)
 	NOT-FOR-US: Mitel
-CVE-2018-9102
+CVE-2018-9102 (A vulnerability in the conferencing component of Mitel MiVoice Connect ...)
 	NOT-FOR-US: Mitel
-CVE-2018-9101
+CVE-2018-9101 (A vulnerability in the conferencing component of Mitel MiVoice Connect ...)
 	NOT-FOR-US: Mitel
 CVE-2018-9100
 	RESERVED
@@ -30732,9 +30732,9 @@ CVE-2018-9094
 	RESERVED
 CVE-2018-9093
 	RESERVED
-CVE-2018-9092
+CVE-2018-9092 (There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 tha ...)
 	NOT-FOR-US: MiniCMS
-CVE-2018-9091
+CVE-2018-9091 (A critical vulnerability in the KEMP LoadMaster Operating System (LMOS ...)
 	NOT-FOR-US: KEMP LoadMaster Operating System
 CVE-2018-9090
 	RESERVED
@@ -30744,167 +30744,167 @@ CVE-2018-9088
 	RESERVED
 CVE-2018-9087
 	RESERVED
-CVE-2018-9086
+CVE-2018-9086 (In some Lenovo ThinkServer-branded servers, a command injection vulner ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9085
+CVE-2018-9085 (A write protection lock bit was left unset after boot on an older gene ...)
 	NOT-FOR-US: IBM
-CVE-2018-9084
+CVE-2018-9084 (In System Management Module (SMM) versions prior to 1.06, if an attack ...)
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-9083
+CVE-2018-9083 (In System Management Module (SMM) versions prior to 1.06, the SMM cont ...)
 	NOT-FOR-US: Lenovo / System Management Module (SMM)
-CVE-2018-9082
+CVE-2018-9082 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662  ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9081
+CVE-2018-9081 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662  ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9080
+CVE-2018-9080 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662  ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9079
+CVE-2018-9079 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662  ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9078
+CVE-2018-9078 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662  ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9077
+CVE-2018-9077 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662  ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9076
+CVE-2018-9076 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662  ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9075
+CVE-2018-9075 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662  ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9074
+CVE-2018-9074 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662  ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9073
+CVE-2018-9073 (Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes ...)
 	NOT-FOR-US: Lenovo Chassis Management Module
-CVE-2018-9072
+CVE-2018-9072 (In versions prior to 5.5, LXCI for VMware allows an authenticated user ...)
 	NOT-FOR-US: LXCI (Lenovo XClarity Integrator)
-CVE-2018-9071
+CVE-2018-9071 (Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows u ...)
 	NOT-FOR-US: Lenovo Chassis Management Module
-CVE-2018-9070
+CVE-2018-9070 (For the Lenovo Smart Assistant Android app versions earlier than 12.1. ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9069
+CVE-2018-9069 (In some Lenovo IdeaPad consumer notebook models, a race condition in t ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9068
+CVE-2018-9068 (The IMM2 First Failure Data Capture function collects management modul ...)
 	NOT-FOR-US: IBM
-CVE-2018-9067
+CVE-2018-9067 (The Lenovo Help Android app versions earlier than 6.1.2.0327 had insuf ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9066
+CVE-2018-9066 (In Lenovo xClarity Administrator versions earlier than 2.1.0, an authe ...)
 	NOT-FOR-US: Lenovo xClarity Administrator
-CVE-2018-9065
+CVE-2018-9065 (In Lenovo xClarity Administrator versions earlier than 2.1.0, an attac ...)
 	NOT-FOR-US: Lenovo xClarity Administrator
-CVE-2018-9064
+CVE-2018-9064 (In Lenovo xClarity Administrator versions earlier than 2.1.0, an authe ...)
 	NOT-FOR-US: Lenovo xClarity Administrator
-CVE-2018-9063
+CVE-2018-9063 (MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo Sy ...)
 	NOT-FOR-US: Lenovo
-CVE-2018-9062
+CVE-2018-9062 (In some Lenovo ThinkPad products, one BIOS region is not properly incl ...)
 	NOT-FOR-US: Lenovo
 CVE-2018-9061
 	RESERVED
 CVE-2018-9060
 	REJECTED
-CVE-2018-9059
+CVE-2018-9059 (Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2  ...)
 	NOT-FOR-US: Easy File Sharing (EFS)
-CVE-2018-9058
+CVE-2018-9058 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in the  ...)
 	- lrzip 0.631+git180517-1 (unimportant)
 	NOTE: https://github.com/ckolivas/lrzip/issues/93
 	NOTE: No security impact
-CVE-2018-7600
+CVE-2018-7600 (Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x be ...)
 	{DSA-4156-1 DLA-1325-1}
 	- drupal7 7.58-1 (bug #894259)
 	NOTE: https://www.drupal.org/sa-core-2018-002
 	NOTE: https://groups.drupal.org/security/faq-2018-002
 	NOTE: https://www.drupal.org/psa-2018-001
 	NOTE: Drupal 7.x Patch: https://cgit.drupalcode.org/drupal/rawdiff/?h=7.x&id=2266d2a83db50e2f97682d9a0fb8a18e2722cba5
-CVE-2018-9057
+CVE-2018-9057 (aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terraform  ...)
 	NOT-FOR-US: HashiCorp Terraform Amazon Web Services
-CVE-2018-9056
+CVE-2018-9056 (Systems with microprocessors utilizing speculative execution may allow ...)
 	NOTE: Hardware side channel attack
 	NOTE: http://www.cs.ucr.edu/~nael/pubs/asplos18.pdf
-CVE-2018-9055
+CVE-2018-9055 (JasPer 2.0.14 allows denial of service via a reachable assertion in th ...)
 	- jasper <removed> (unimportant)
 	NOTE: https://github.com/mdadams/jasper/issues/172
 	NOTE: Negligible impact
-CVE-2018-9054
+CVE-2018-9054 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9053
+CVE-2018-9053 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9052
+CVE-2018-9052 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9051
+CVE-2018-9051 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9050
+CVE-2018-9050 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9049
+CVE-2018-9049 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9048
+CVE-2018-9048 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9047
+CVE-2018-9047 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9046
+CVE-2018-9046 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9045
+CVE-2018-9045 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-9044
+CVE-2018-9044 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_wi ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9043
+CVE-2018-9043 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_wi ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9042
+CVE-2018-9042 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_wi ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9041
+CVE-2018-9041 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_wi ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9040
+CVE-2018-9040 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_wi ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9039
+CVE-2018-9039 (In Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-9038
+CVE-2018-9038 (Monstra CMS 3.0.4 allows remote attackers to delete files via an admin ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-9037
+CVE-2018-9037 (Monstra CMS 3.0.4 allows remote code execution via an upload_file requ ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-9036
+CVE-2018-9036 (CheckSec Canopy 3.x before 3.0.7 has stored XSS via the Login Page Dis ...)
 	NOT-FOR-US: CheckSec Canopy
-CVE-2018-9035
+CVE-2018-9035 (CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-9034
+CVE-2018-9034 (Cross-site scripting (XSS) vulnerability in lib/interface.php of the R ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-9033
 	RESERVED
-CVE-2018-9032
+CVE-2018-9032 (An authentication bypass vulnerability on D-Link DIR-850L Wireless AC1 ...)
 	NOT-FOR-US: D-Link
-CVE-2018-9031
+CVE-2018-9031 (The login interface on TNLSoftSolutions Sentry Vision 3.x devices prov ...)
 	NOT-FOR-US: TNLSoftSolutions Sentry Vision 3.x devices
 CVE-2018-9030
 	RESERVED
-CVE-2018-9029
+CVE-2018-9029 (An improper input validation vulnerability in CA Privileged Access Man ...)
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9028
+CVE-2018-9028 (Weak cryptography used for passwords in CA Privileged Access Manager 2 ...)
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9027
+CVE-2018-9027 (A reflected cross-site scripting vulnerability in CA Privileged Access ...)
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9026
+CVE-2018-9026 (A session fixation vulnerability in CA Privileged Access Manager 2.x a ...)
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9025
+CVE-2018-9025 (An input validation vulnerability in CA Privileged Access Manager 2.x  ...)
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9024
+CVE-2018-9024 (An improper authentication vulnerability in CA Privileged Access Manag ...)
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9023
+CVE-2018-9023 (An input validation vulnerability in CA Privileged Access Manager 2.x  ...)
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9022
+CVE-2018-9022 (An authentication bypass vulnerability in CA Privileged Access Manager ...)
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9021
+CVE-2018-9021 (An authentication bypass vulnerability in CA Privileged Access Manager ...)
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2018-9020
+CVE-2018-9020 (The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via  ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-9019
+CVE-2018-9019 (SQL Injection vulnerability in Dolibarr before version 7.0.2 allows re ...)
 	- dolibarr <removed>
 	NOTE: https://github.com/Dolibarr/dolibarr/commit/83b762b681c6dfdceb809d26ce95f3667b614739
-CVE-2018-9018
+CVE-2018-9018 (In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImag ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1322-1}
 	- graphicsmagick 1.3.28-2 (bug #894396)
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/554/
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/84040fada1ee
-CVE-2018-9017
+CVE-2018-9017 (dsmall v20180320 allows XSS via the member search box at the public/in ...)
 	NOT-FOR-US: dsmall
-CVE-2018-9016
+CVE-2018-9016 (dsmall v20180320 allows XSS via the main page search box at the public ...)
 	NOT-FOR-US: dsmall
-CVE-2018-9015
+CVE-2018-9015 (dsmall v20180320 allows XSS via the public/index.php/home/predeposit/i ...)
 	NOT-FOR-US: dsmall
-CVE-2018-9014
+CVE-2018-9014 (dsmall v20180320 allows physical path leakage via a public/index.php/h ...)
 	NOT-FOR-US: dsmall
 CVE-2018-9013
 	RESERVED
@@ -30912,53 +30912,53 @@ CVE-2018-9012
 	RESERVED
 CVE-2018-9011
 	RESERVED
-CVE-2018-9010
+CVE-2018-9010 (Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote  ...)
 	NOT-FOR-US: Intelbras
-CVE-2018-9009
+CVE-2018-9009 (In libming 0.4.8, there is a use-after-free in the decompileJUMP funct ...)
 	{DLA-1386-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/131
 CVE-2018-9008
 	RESERVED
-CVE-2018-9007
+CVE-2018-9007 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x8 ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9006
+CVE-2018-9006 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_wi ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9005
+CVE-2018-9005 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_wi ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9004
+CVE-2018-9004 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x8 ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9003
+CVE-2018-9003 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x8 ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9002
+CVE-2018-9002 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_wi ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9001
+CVE-2018-9001 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_wi ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-9000
+CVE-2018-9000 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x8 ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-8999
+CVE-2018-8999 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_wi ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-8998
+CVE-2018-8998 (In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x8 ...)
 	NOT-FOR-US: Advanced SystemCare Ultimate
-CVE-2018-8997
+CVE-2018-8997 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8996
+CVE-2018-8996 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8995
+CVE-2018-8995 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8994
+CVE-2018-8994 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8993
+CVE-2018-8993 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8992
+CVE-2018-8992 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8991
+CVE-2018-8991 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8990
+CVE-2018-8990 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8989
+CVE-2018-8989 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
-CVE-2018-8988
+CVE-2018-8988 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
 CVE-2018-8987
 	RESERVED
@@ -30976,15 +30976,15 @@ CVE-2018-8981
 	RESERVED
 CVE-2018-8980
 	RESERVED
-CVE-2018-8979
+CVE-2018-8979 (Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a u ...)
 	NOT-FOR-US: Open-AudIT Professional
-CVE-2018-8978
+CVE-2018-8978 (Open-AudIT Professional 2.1 has XSS via a crafted src attribute of an  ...)
 	NOT-FOR-US: Open-AudIT Professional
-CVE-2018-8977
+CVE-2018-8977 (In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonm ...)
 	[experimental] - exiv2 <unfixed> (bug #894179)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/247
-CVE-2018-8976
+CVE-2018-8976 (In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial  ...)
 	- exiv2 <unfixed> (low; bug #903813)
 	[buster] - exiv2 <ignored> (Minor issue)
 	[stretch] - exiv2 <ignored> (Minor issue)
@@ -30992,44 +30992,44 @@ CVE-2018-8976
 	[wheezy] - exiv2 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/Exiv2/exiv2/issues/246
 	NOTE: https://github.com/Exiv2/exiv2/pull/256
-CVE-2018-8975
+CVE-2018-8975 (The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through ...)
 	- netpbm-free <not-affected> (Vulnerable code not present)
 	NOTE: Debian uses an unaffected fork
-CVE-2018-8974
+CVE-2018-8974 (Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows  ...)
 	NOT-FOR-US: Centers for Disease Control and Prevention MicrobeTRACE
-CVE-2018-8973
+CVE-2018-8973 (OTCMS 3.20 allows XSS by adding a keyword or link to an article, as de ...)
 	NOT-FOR-US: OTCMS
-CVE-2018-8972
+CVE-2018-8972 (Creditwest Bank CMS Project (aka CWCMS) through 2017-07-28 has CSRF in ...)
 	NOT-FOR-US: Creditwest Bank CMS Project (aka CWCMS)
-CVE-2018-8970
+CVE-2018-8970 (The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c ...)
 	- libressl <itp> (bug #754513)
-CVE-2018-8969
+CVE-2018-8969 (An issue was discovered in zzcms 8.2. user/licence_save.php allows rem ...)
 	NOT-FOR-US: zzcms
-CVE-2018-8968
+CVE-2018-8968 (An issue was discovered in zzcms 8.2. user/manage.php allows remote at ...)
 	NOT-FOR-US: zzcms
-CVE-2018-8967
+CVE-2018-8967 (An issue was discovered in zzcms 8.2. It allows SQL injection via the  ...)
 	NOT-FOR-US: zzcms
-CVE-2018-8966
+CVE-2018-8966 (An issue was discovered in zzcms 8.2. It allows PHP code injection via ...)
 	NOT-FOR-US: zzcms
-CVE-2018-8965
+CVE-2018-8965 (An issue was discovered in zzcms 8.2. user/ppsave.php allows remote at ...)
 	NOT-FOR-US: zzcms
-CVE-2018-8964
+CVE-2018-8964 (In libming 0.4.8, the decompileDELETE function of decompile.c has a us ...)
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/130
-CVE-2018-8963
+CVE-2018-8963 (In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has ...)
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/130
-CVE-2018-8962
+CVE-2018-8962 (In libming 0.4.8, the decompileSingleArgBuiltInFunctionCall function o ...)
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/130
-CVE-2018-8961
+CVE-2018-8961 (In libming 0.4.8, the decompilePUSHPARAM function of decompile.c has a ...)
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/130
-CVE-2018-8960
+CVE-2018-8960 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q1 ...)
 	- imagemagick 8:6.9.9.39+dfsg-1 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -31041,15 +31041,15 @@ CVE-2018-8959
 	RESERVED
 CVE-2018-8958
 	RESERVED
-CVE-2018-8957
+CVE-2018-8957 (CoverCMS v1.1.6 has XSS via the fourth input box to index.php, related ...)
 	NOT-FOR-US: CoverCMS
 CVE-2018-8956
 	RESERVED
-CVE-2018-8955
+CVE-2018-8955 (The installer for BitDefender GravityZone relies on an encoded string  ...)
 	NOT-FOR-US: BitDefender GravityZone
-CVE-2018-8954
+CVE-2018-8954 (CA Workload Control Center before r11.4 SP6 allows remote attackers to ...)
 	NOT-FOR-US: CA Workload Control Center
-CVE-2018-8953
+CVE-2018-8953 (CA Workload Automation AE before r11.3.6 SP7 allows remote attackers t ...)
 	NOT-FOR-US: CA Workload Automation AE
 CVE-2018-8952
 	RESERVED
@@ -31057,198 +31057,198 @@ CVE-2018-8951
 	RESERVED
 CVE-2018-8950
 	RESERVED
-CVE-2018-8949
+CVE-2018-8949 (An issue was discovered in app/Model/Attribute.php in MISP before 2.4. ...)
 	NOT-FOR-US: MISP
-CVE-2018-8948
+CVE-2018-8948 (In MISP before 2.4.89, app/View/Events/resolved_attributes.ctp has mul ...)
 	NOT-FOR-US: MISP
-CVE-2018-8947
+CVE-2018-8947 (rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encodin ...)
 	NOT-FOR-US: rap2hpoutre Laravel Log Viewer
-CVE-2018-1000141
+CVE-2018-1000141 (I, Librarian version 4.9 and earlier contains an Incorrect Access Cont ...)
 	- i-librarian <itp> (bug #649291)
 	NOTE: https://github.com/mkucej/i-librarian/issues/124
-CVE-2018-1000140
+CVE-2018-1000140 (rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow  ...)
 	{DSA-4151-1}
 	- librelp 1.2.15-1
 	[wheezy] - librelp <not-affected> (vulnerable code not present)
 	NOTE: https://www.rsyslog.com/cve-2018-1000140/
 	NOTE: Fixed by: https://github.com/rsyslog/librelp/commit/2cfe657672636aa5d7d2a14cfcb0a6ab9d1f00cf
-CVE-2018-1000139
+CVE-2018-1000139 (I, Librarian version 4.8 and earlier contains a Cross Site Scripting ( ...)
 	- i-librarian <itp> (bug #649291)
 	NOTE: https://github.com/mkucej/i-librarian/issues/119
-CVE-2018-1000138
+CVE-2018-1000138 (I, Librarian version 4.8 and earlier contains a SSRF vulnerability in  ...)
 	- i-librarian <itp> (bug #649291)
 	NOTE: https://github.com/mkucej/i-librarian/issues/120
-CVE-2018-1000137
+CVE-2018-1000137 (I, Librarian version 4.8 and earlier contains a Cross site Request For ...)
 	- i-librarian <itp> (bug #649291)
 	NOTE: https://github.com/mkucej/i-librarian/issues/121
-CVE-2018-8971
+CVE-2018-8971 (The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, a ...)
 	{DSA-4206-1}
 	- gitlab 10.5.6+dfsg-1 (bug #893905)
 	NOTE: https://about.gitlab.com/2018/03/20/critical-security-release-gitlab-10-dot-5-dot-6-released/
 CVE-2018-8946
 	RESERVED
-CVE-2018-8945
+CVE-2018-8945 (The bfd_section_from_shdr function in elf.c in the Binary File Descrip ...)
 	- binutils 2.30.90.20180627-1 (low)
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22809
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=95a6d23566165208853a68d9cd3c6eedca840ec6
-CVE-2018-8944
+CVE-2018-8944 (PHPOK 4.8.338 has an arbitrary file upload vulnerability. ...)
 	NOT-FOR-US: PHPOK
-CVE-2018-8943
+CVE-2018-8943 (There is a SQL injection in the PHPSHE 1.6 userbank parameter. ...)
 	NOT-FOR-US: PHPSE
-CVE-2018-8942
+CVE-2018-8942 (Xiuno BBS 4.0.0 has XSS in the adminpage sitename parameter. ...)
 	NOT-FOR-US: Xiuno BBS
-CVE-2018-8941
+CVE-2018-8941 (Diagnostics functionality on D-Link DSL-3782 devices with firmware EU  ...)
 	NOT-FOR-US: D-Link
 CVE-2018-8940
 	RESERVED
-CVE-2018-8939
+CVE-2018-8939 (An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold bef ...)
 	NOT-FOR-US: Ipswitch
-CVE-2018-8938
+CVE-2018-8938 (A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswi ...)
 	NOT-FOR-US: Ipswitch
-CVE-2018-8937
+CVE-2018-8937 (An issue was discovered in Open-AudIT Professional 2.1. It is possible ...)
 	NOT-FOR-US: Open-AudIT Professional
-CVE-2018-8936
+CVE-2018-8936 (The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chip ...)
 	NOT-FOR-US: AMD
-CVE-2018-8935
+CVE-2018-8935 (The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms,  ...)
 	NOT-FOR-US: AMD
-CVE-2018-8934
+CVE-2018-8934 (The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms,  ...)
 	NOT-FOR-US: AMD
-CVE-2018-8933
+CVE-2018-8933 (The AMD EPYC Server processor chips have insufficient access control f ...)
 	NOT-FOR-US: AMD
-CVE-2018-8932
+CVE-2018-8932 (The AMD Ryzen and Ryzen Pro processor chips have insufficient access c ...)
 	NOT-FOR-US: AMD
-CVE-2018-8931
+CVE-2018-8931 (The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insuff ...)
 	NOT-FOR-US: AMD
-CVE-2018-8930
+CVE-2018-8930 (The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chip ...)
 	NOT-FOR-US: AMD
-CVE-2018-8929
+CVE-2018-8929 (Improper restriction of communication channel to intended endpoints vu ...)
 	NOT-FOR-US: Synology
-CVE-2018-8928
+CVE-2018-8928 (Cross-site scripting (XSS) vulnerability in Address Book Editor in Syn ...)
 	NOT-FOR-US: Synology
-CVE-2018-8927
+CVE-2018-8927 (Improper authorization vulnerability in SYNO.Cal.Event in Calendar bef ...)
 	NOT-FOR-US: Synology
-CVE-2018-8926
+CVE-2018-8926 (Permissive regular expression vulnerability in synophoto_dsm_user in S ...)
 	NOT-FOR-US: Synology
-CVE-2018-8925
+CVE-2018-8925 (Cross-site request forgery (CSRF) vulnerability in admin/user.php in S ...)
 	NOT-FOR-US: Synology
-CVE-2018-8924
+CVE-2018-8924 (Cross-site scripting (XSS) vulnerability in Title Tootip in Synology O ...)
 	NOT-FOR-US: Synology
-CVE-2018-8923
+CVE-2018-8923 (Cross-site scripting (XSS) vulnerability in Attachment Preview in Syno ...)
 	NOT-FOR-US: Synology
-CVE-2018-8922
+CVE-2018-8922 (Improper access control vulnerability in Synology Drive before 1.0.2-1 ...)
 	NOT-FOR-US: Synology Drive
-CVE-2018-8921
+CVE-2018-8921 (Cross-site scripting (XSS) vulnerability in File Sharing Notify Toast  ...)
 	NOT-FOR-US: Synology Drive
-CVE-2018-8920
+CVE-2018-8920 (Improper neutralization of escape vulnerability in Log Exporter in Syn ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2018-8919
+CVE-2018-8919 (Information exposure vulnerability in SYNO.Core.Desktop.SessionData in ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2018-8918
+CVE-2018-8918 (Cross-site scripting (XSS) vulnerability in info.cgi in Synology Route ...)
 	NOT-FOR-US: Synology Router Manager
-CVE-2018-8917
+CVE-2018-8917 (Cross-site scripting (XSS) vulnerability in info.cgi in Synology DiskS ...)
 	NOT-FOR-US: Synology DiskStation Manager
-CVE-2018-8916
+CVE-2018-8916 (Unverified password change vulnerability in Change Password in Synolog ...)
 	NOT-FOR-US: Synology
-CVE-2018-8915
+CVE-2018-8915 (Cross-site scripting (XSS) vulnerability in Notification Center in Syn ...)
 	NOT-FOR-US: Synology
-CVE-2018-8914
+CVE-2018-8914 (SQL injection vulnerability in UPnP DMA in Synology Media Server befor ...)
 	NOT-FOR-US: Synology Media Server
 CVE-2018-8913
 	RESERVED
-CVE-2018-8912
+CVE-2018-8912 (Cross-site scripting (XSS) vulnerability in SYNO.NoteStation.Note in S ...)
 	NOT-FOR-US: Synology Note Station
-CVE-2018-8911
+CVE-2018-8911 (Cross-site scripting (XSS) vulnerability in Attachment Preview in Syno ...)
 	NOT-FOR-US: Synology Note Station
-CVE-2018-8910
+CVE-2018-8910 (Cross-site scripting (XSS) vulnerability in Attachment Preview in Syno ...)
 	NOT-FOR-US: Synology
-CVE-2018-8909
+CVE-2018-8909 (The Wire application before 2018-03-07 for Android allows attackers to ...)
 	NOT-FOR-US: Wire application for Android
-CVE-2018-8908
+CVE-2018-8908 (An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. The ap ...)
 	NOT-FOR-US: Frog CMS
 CVE-2018-8907
 	RESERVED
-CVE-2018-8906
+CVE-2018-8906 (dsmall v20180320 has XSS via a crafted street address to public/index. ...)
 	NOT-FOR-US: dsmall
-CVE-2018-8905
+CVE-2018-8905 (In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function  ...)
 	{DSA-4349-1 DLA-1411-1 DLA-1378-1 DLA-1377-1}
 	- tiff 4.0.9-6 (bug #893806)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2780
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/58a898cb4459055bb488ca815c23b880c242a27d
-CVE-2018-8904
+CVE-2018-8904 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
 	NOT-FOR-US: Windows Optimization Master
-CVE-2018-8903
+CVE-2018-8903 (Open-AudIT Professional 2.1 allows XSS via the Name or Description fie ...)
 	NOT-FOR-US: Open-AudIT Professional
-CVE-2018-8902
+CVE-2018-8902 (An issue was discovered in Ivanti Avalanche for all versions between 5 ...)
 	NOT-FOR-US: Ivanti
-CVE-2018-8901
+CVE-2018-8901 (An issue was discovered in Ivanti Avalanche for all versions between 5 ...)
 	NOT-FOR-US: Ivanti
-CVE-2018-8900
+CVE-2018-8900 (The License Manager service of HASP SRM, Sentinel HASP and Sentinel LD ...)
 	NOT-FOR-US: HASP SRM
-CVE-2018-8899
+CVE-2018-8899 (IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 d ...)
 	NOT-FOR-US: IdentityServer
-CVE-2018-8898
+CVE-2018-8898 (A flaw in the authentication mechanism in the Login Panel of router D- ...)
 	NOT-FOR-US: D-Link
-CVE-2018-8897
+CVE-2018-8897 (A statement in the System Programming Guide of the Intel 64 and IA-32  ...)
 	{DSA-4201-1 DSA-4196-1 DLA-1577-1 DLA-1392-1 DLA-1383-1}
 	- linux 4.15.17-1
 	NOTE: Fixed by: https://git.kernel.org/linus/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9 (4.16-rc7)
 	- xen 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
 	NOTE: https://xenbits.xen.org/xsa/advisory-260.html
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/08/4
-CVE-2018-8896
+CVE-2018-8896 (In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8895
+CVE-2018-8895 (In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8894
+CVE-2018-8894 (In 2345 Security Guard 3.6, the driver file (2345BdPcSafe.sys) allows  ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8893
+CVE-2018-8893 (Z-BlogPHP 1.5.1 Zero has CSRF in plugin_edit.php, resulting in the abi ...)
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-8892
+CVE-2018-8892 (A cross-site request forgery (CSRF) vulnerability in the Management Co ...)
 	NOT-FOR-US: Management Console of BlackBerry UEM
-CVE-2018-8891
+CVE-2018-8891 (Multiple stored cross-site scripting (XSS) vulnerabilities in the Mana ...)
 	NOT-FOR-US: Management Console of BlackBerry UEM
-CVE-2018-8890
+CVE-2018-8890 (An information disclosure vulnerability in the Management Console of B ...)
 	NOT-FOR-US: BlackBerry
-CVE-2018-8889
+CVE-2018-8889 (A directory traversal vulnerability in the Connect Service of the Blac ...)
 	NOT-FOR-US: BlackBerry
-CVE-2018-8888
+CVE-2018-8888 (A stored cross-site scripting (XSS) vulnerability in the Management Co ...)
 	NOT-FOR-US: Management Console of BlackBerry UEM
 CVE-2018-8887
 	RESERVED
 CVE-2018-8886
 	RESERVED
-CVE-2018-8885
+CVE-2018-8885 (screenresolution-mechanism in screen-resolution-extra 0.17.2 does not  ...)
 	NOT-FOR-US: screen-resolution-extra
-CVE-2018-1000136
+CVE-2018-1000136 (Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to 2.0 ...)
 	- electron <itp> (bug #842420)
 CVE-2018-8884
 	RESERVED
-CVE-2018-8883
+CVE-2018-8883 (Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the pars ...)
 	- nasm 2.14-1 (low; bug #894847)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <ignored> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392447
 	NOTE: https://github.com/netwide-assembler/nasm/commit/3c755dac88039b718d52ef56e8f74b5f65f3b55b
-CVE-2018-8882
+CVE-2018-8882 (Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-rea ...)
 	- nasm 2.14-1 (low; bug #894846)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <ignored> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392445
 	NOTE: https://github.com/netwide-assembler/nasm/commit/c7c28357c85fb0bf4105419195bc204aea0fef35
-CVE-2018-8881
+CVE-2018-8881 (Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read  ...)
 	- nasm 2.13.02-0.1 (low)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <ignored> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392446
 	NOTE: http://repo.or.cz/nasm.git/commit/3144e84add8b152cc7a71e44617ce6f21daa4ba3 (nasm-2.13.02rc3)
-CVE-2018-8880
+CVE-2018-8880 (Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check ...)
 	NOT-FOR-US: Lutron Quantum BACnet Integration
 CVE-2018-8879
 	RESERVED
@@ -31256,97 +31256,97 @@ CVE-2018-8878
 	RESERVED
 CVE-2018-8877
 	RESERVED
-CVE-2018-8876
+CVE-2018-8876 (In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows loc ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8875
+CVE-2018-8875 (In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows loc ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8874
+CVE-2018-8874 (In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows loc ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8873
+CVE-2018-8873 (In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allo ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8872
+CVE-2018-8872 (In Schneider Electric Triconex Tricon MP model 3008 firmware versions  ...)
 	NOT-FOR-US: Schneider
-CVE-2018-8871
+CVE-2018-8871 (In Delta Electronics Automation TPEditor version 1.89 or prior, parsin ...)
 	NOT-FOR-US: Delta Electronics Automation TPEditor
-CVE-2018-8870
+CVE-2018-8870 (Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all ve ...)
 	NOT-FOR-US: Medtronic
-CVE-2018-8869
+CVE-2018-8869 (In Lantech IDS 2102 2.0 and prior, nearly all input fields allow for a ...)
 	NOT-FOR-US: Lantech
-CVE-2018-8868
+CVE-2018-8868 (Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all ve ...)
 	NOT-FOR-US: Medtronic
-CVE-2018-8867
+CVE-2018-8867 (In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 v ...)
 	NOT-FOR-US: GE PACSystems
-CVE-2018-8866
+CVE-2018-8866 (In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker on an ad ...)
 	NOT-FOR-US: Vecna VGo Robot
-CVE-2018-8865
+CVE-2018-8865 (In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow vulne ...)
 	NOT-FOR-US: Lantech
-CVE-2018-8864
+CVE-2018-8864 (In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MH ...)
 	NOT-FOR-US: ATI Systems Emergency Mass Notification Systems devices
 CVE-2018-8863
 	RESERVED
-CVE-2018-8862
+CVE-2018-8862 (In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MH ...)
 	NOT-FOR-US: ATI Systems Emergency Mass Notification Systems devices
-CVE-2018-8861
+CVE-2018-8861 (Vulnerabilities within the Philips Brilliance CT kiosk environment (Br ...)
 	NOT-FOR-US: Philips Brilliance
-CVE-2018-8860
+CVE-2018-8860 (In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker may be a ...)
 	NOT-FOR-US: Vecna VGo Robot
-CVE-2018-8859
+CVE-2018-8859 (Echelon SmartServer 1 all versions, SmartServer 2 all versions prior t ...)
 	NOT-FOR-US: Echelon
-CVE-2018-8858
+CVE-2018-8858 (If an attacker has access to the firmware from the VGo Robot (Versions ...)
 	NOT-FOR-US: VGo Robot
-CVE-2018-8857
+CVE-2018-8857 (Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, ...)
 	NOT-FOR-US: Philips Brilliance
-CVE-2018-8856
+CVE-2018-8856 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
 	NOT-FOR-US: Philips
-CVE-2018-8855
+CVE-2018-8855 (Echelon SmartServer 1 all versions, SmartServer 2 all versions prior t ...)
 	NOT-FOR-US: Echelon
-CVE-2018-8854
+CVE-2018-8854 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
 	NOT-FOR-US: Philips
-CVE-2018-8853
+CVE-2018-8853 (Philips Brilliance CT devices operate user functions from within a con ...)
 	NOT-FOR-US: Philips Brilliance
-CVE-2018-8852
+CVE-2018-8852 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. Whe ...)
 	NOT-FOR-US: Philips
-CVE-2018-8851
+CVE-2018-8851 (Echelon SmartServer 1 all versions, SmartServer 2 all versions prior t ...)
 	NOT-FOR-US: Echelon
-CVE-2018-8850
+CVE-2018-8850 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
 	NOT-FOR-US: Philips
-CVE-2018-8849
+CVE-2018-8849 (Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Progra ...)
 	NOT-FOR-US: Medtronic
-CVE-2018-8848
+CVE-2018-8848 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
 	NOT-FOR-US: Philips
-CVE-2018-8847
+CVE-2018-8847 (Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer  ...)
 	NOT-FOR-US: Eaton
-CVE-2018-8846
+CVE-2018-8846 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
 	NOT-FOR-US: Philips
-CVE-2018-8845
+CVE-2018-8845 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ver ...)
 	NOT-FOR-US: Advantech
-CVE-2018-8844
+CVE-2018-8844 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
 	NOT-FOR-US: Philips
-CVE-2018-8843
+CVE-2018-8843 (Rockwell Automation Arena versions 15.10.00 and prior contains a use a ...)
 	NOT-FOR-US: Rockwell
-CVE-2018-8842
+CVE-2018-8842 (Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The ...)
 	NOT-FOR-US: Philips
-CVE-2018-8841
+CVE-2018-8841 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ver ...)
 	NOT-FOR-US: Advantech
-CVE-2018-8840
+CVE-2018-8840 (A remote attacker could send a carefully crafted packet in InduSoft We ...)
 	NOT-FOR-US: InduSoft
-CVE-2018-8839
+CVE-2018-8839 (Delta PMSoft versions 2.10 and prior have multiple stack-based buffer  ...)
 	NOT-FOR-US: Delta PMSoft
-CVE-2018-8838
+CVE-2018-8838 (A weakness in access controls in CENTUM CS 1000 all versions, CENTUM C ...)
 	NOT-FOR-US: CENTUM
-CVE-2018-8837
+CVE-2018-8837 (Processing specially crafted .pm3 files in Advantech WebAccess HMI Des ...)
 	NOT-FOR-US: Advantech
-CVE-2018-8836
+CVE-2018-8836 (Wago 750 Series PLCs with firmware version 10 and prior include a remo ...)
 	NOT-FOR-US: Wago 750 Series PLCs
-CVE-2018-8835
+CVE-2018-8835 (Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7. ...)
 	NOT-FOR-US: Advantech
-CVE-2018-8834
+CVE-2018-8834 (Parsing malformed project files in Omron CX-One versions 4.42 and prio ...)
 	NOT-FOR-US: Omron
-CVE-2018-8833
+CVE-2018-8833 (Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI  ...)
 	NOT-FOR-US: Advantech
-CVE-2018-8832
+CVE-2018-8832 (enhavo 0.4.0 has XSS via a user-group that contains executable JavaScr ...)
 	NOT-FOR-US: enhavo
-CVE-2018-8831
+CVE-2018-8831 (A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through  ...)
 	- kodi <unfixed> (low)
 	[buster] - kodi <no-dsa> (Minor issue)
 	[stretch] - kodi <no-dsa> (Minor issue)
@@ -31360,25 +31360,25 @@ CVE-2018-8830
 	RESERVED
 CVE-2018-8829
 	RESERVED
-CVE-2018-8828
+CVE-2018-8828 (A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x ...)
 	{DSA-4148-1}
 	- kamailio 5.1.2-1
 	NOTE: https://github.com/EnableSecurity/advisories/tree/master/ES2018-05-kamailio-heap-overflow
 	NOTE: https://github.com/kamailio/kamailio/commit/e1d8008a09d9390ebaf698abe8909e10dfec4097
-CVE-2018-8827
+CVE-2018-8827 (The admin web interface on Technicolor MediaAccess TG789vac v2 HP devi ...)
 	NOT-FOR-US: Technicolor
-CVE-2018-8826
+CVE-2018-8826 (ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 ...)
 	NOT-FOR-US: ASUS routers
 CVE-2018-8825
 	RESERVED
-CVE-2018-8824
+CVE-2018-8824 (modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horiz ...)
 	NOT-FOR-US: Responsive Mega Menu Pro module for PrestaShop
-CVE-2018-8823
+CVE-2018-8823 (modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horiz ...)
 	NOT-FOR-US: Responsive Mega Menu Pro module for PrestaShop
-CVE-2018-8822
+CVE-2018-8822 (Incorrect buffer length handling in the ncp_read_kernel function in fs ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.17-1
-CVE-2018-1000135
+CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and earlier contains a Information ...)
 	[experimental] - network-manager 1.11.4-1
 	- network-manager 1.12.0-2 (bug #895658)
 	[stretch] - network-manager <no-dsa> (Minor issue)
@@ -31389,60 +31389,60 @@ CVE-2018-1000135
 	NOTE: https://cgit.freedesktop.org/NetworkManager/NetworkManager/log/?h=bg/dns-bgo746422
 	NOTE: Merge: https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=d9782589248e61c0cb5aec90e3eb62612891116b
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553634
-CVE-2018-8821
+CVE-2018-8821 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attacker ...)
 	NOT-FOR-US: windrvr1260.sys in Jungo DriverWizard WinDriver
-CVE-2018-8820
+CVE-2018-8820 (An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQ ...)
 	NOT-FOR-US: Square 9
-CVE-2018-8819
+CVE-2018-8819 (An XXE issue was discovered in Automated Logic Corporation (ALC) WebCT ...)
 	NOT-FOR-US: Automated Logic Corporation (ALC) WebCTRL
 CVE-2018-8818
 	RESERVED
-CVE-2018-8817
+CVE-2018-8817 (Wampserver before 3.1.3 has CSRF in add_vhost.php. ...)
 	NOT-FOR-US: Wampserver
 CVE-2018-8816
 	RESERVED
-CVE-2018-8815
+CVE-2018-8815 (Cross-site scripting (XSS) vulnerability in the gallery function in Al ...)
 	NOT-FOR-US: Alkacon OpenCMS
-CVE-2018-8814
+CVE-2018-8814 (Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 all ...)
 	NOT-FOR-US: WolfCMS
-CVE-2018-8813
+CVE-2018-8813 (Open redirect vulnerability in the login[redirect] parameter login fun ...)
 	NOT-FOR-US: WolfCMS
 CVE-2018-8812
 	RESERVED
-CVE-2018-8811
+CVE-2018-8811 (Cross-site request forgery (CSRF) vulnerability in system/workplace/ad ...)
 	NOT-FOR-US: OpenCMS
-CVE-2018-8810
+CVE-2018-8810 (In radare2 2.4.0, there is a heap-based buffer over-read in the get_iv ...)
 	- radare2 2.6.0+dfsg-1 (bug #895749)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/issues/9727
 	NOTE: https://github.com/radare/radare2/commit/06c9903be9a1ca46b74571d49027bee2168fbd69
-CVE-2018-8809
+CVE-2018-8809 (In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik ...)
 	- radare2 2.6.0+dfsg-1 (low; bug #895751)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (minor issue, likely not even affected)
 	NOTE: https://github.com/radare/radare2/issues/9726
 	NOTE: https://github.com/radare/radare2/commit/24282de142000d2ed2c19783b40a1351872dfc54
-CVE-2018-8808
+CVE-2018-8808 (In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_ ...)
 	- radare2 2.6.0+dfsg-1 (low; bug #895752)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (minor issue, likely not even affected)
 	NOTE: https://github.com/radare/radare2/issues/9725
 	NOTE: https://github.com/radare/radare2/commit/a88069940950999d5e2fd16cd7d16c7e956bf516
-CVE-2018-8807
+CVE-2018-8807 (In libming 0.4.8, these is a use-after-free in the function decompileC ...)
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/129
-CVE-2018-8806
+CVE-2018-8806 (In libming 0.4.8, there is a use-after-free in the decompileArithmetic ...)
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/128
-CVE-2018-8805
+CVE-2018-8805 (Yxcms building system (compatible cell phone) v1.4.7 has XSS via the c ...)
 	NOT-FOR-US: Yxcms
-CVE-2018-8804
+CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remot ...)
 	- imagemagick 8:6.9.9.39+dfsg-1 (low)
 	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <ignored> (Minor issue)
@@ -31452,84 +31452,84 @@ CVE-2018-8804
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1025
 CVE-2018-8803
 	RESERVED
-CVE-2018-8802
+CVE-2018-8802 (SQL injection vulnerability in the management interface in ePortal  Ma ...)
 	NOT-FOR-US: ePortal Manager in Unisys ClearPath MCP OS systems
-CVE-2018-8801
+CVE-2018-8801 (GitLab Community and Enterprise Editions version 8.3 up to 10.x before ...)
 	- gitlab 10.5.6+dfsg-1 (bug #893905)
 	NOTE: https://about.gitlab.com/2018/03/20/critical-security-release-gitlab-10-dot-5-dot-6-released/
-CVE-2018-8800
+CVE-2018-8800 (rdesktop versions up to and including v1.8.3 contain a Heap-Based Buff ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8799
+CVE-2018-8799 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds  ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8798
+CVE-2018-8798 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds  ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8797
+CVE-2018-8797 (rdesktop versions up to and including v1.8.3 contain a Heap-Based Buff ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8796
+CVE-2018-8796 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds  ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8795
+CVE-2018-8795 (rdesktop versions up to and including v1.8.3 contain an Integer Overfl ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8794
+CVE-2018-8794 (rdesktop versions up to and including v1.8.3 contain an Integer Overfl ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8793
+CVE-2018-8793 (rdesktop versions up to and including v1.8.3 contain a Heap-Based Buff ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8792
+CVE-2018-8792 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds  ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8791
+CVE-2018-8791 (rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds  ...)
 	{DSA-4394-1 DLA-1683-1}
 	- rdesktop 1.8.4-1
 	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
-CVE-2018-8790
+CVE-2018-8790 (Check Point ZoneAlarm version 15.3.064.17729 and below expose a WCF se ...)
 	NOT-FOR-US: Check Point ZoneAlarm
-CVE-2018-8789
+CVE-2018-8789 (FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Read ...)
 	{DLA-1666-1}
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	[stretch] - freerdp 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6
-CVE-2018-8788
+CVE-2018-8788 (FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of  ...)
 	{DLA-1666-1}
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	[stretch] - freerdp 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659
-CVE-2018-8787
+CVE-2018-8787 (FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that l ...)
 	{DLA-1666-1}
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	[stretch] - freerdp 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/09b9d4f1994a674c4ec85b4947aa656eda1aed8a
-CVE-2018-8786
+CVE-2018-8786 (FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that ...)
 	{DLA-1666-1}
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	[stretch] - freerdp 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3
-CVE-2018-8785
+CVE-2018-8785 (FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overfl ...)
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	[stretch] - freerdp <not-affected> (Vulnerable code not present, zgfx not yet supported)
 	[jessie] - freerdp <not-affected> (Vulnerable code not present, zgfx not yet supported)
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d
-CVE-2018-8784
+CVE-2018-8784 (FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overfl ...)
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	[stretch] - freerdp <not-affected> (Vulnerable code not present, zgfx not yet supported)
@@ -31539,12 +31539,12 @@ CVE-2018-8783
 	RESERVED
 CVE-2018-8782
 	RESERVED
-CVE-2018-8781
+CVE-2018-8781 (The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux  ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.17-1
 	NOTE: https://patchwork.freedesktop.org/patch/211845/
 	NOTE: Fixed by: https://git.kernel.org/linus/3b82a4db8eaccce735dffd50b4d4e1578099b8e8
-CVE-2018-8780
+CVE-2018-8780 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ...)
 	{DSA-4259-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
@@ -31555,7 +31555,7 @@ CVE-2018-8780
 	NOTE: https://hackerone.com/reports/302338
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/bd5661a3cbb38a8c3a3ea10cd76c88bbef7871b8
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/143eb22f1877815dd802f7928959c5f93d4c7bb3 (2.2.10)
-CVE-2018-8779
+CVE-2018-8779 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ...)
 	{DSA-4259-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
@@ -31567,7 +31567,7 @@ CVE-2018-8779
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/8794dec6a5f11adc5cdd19a5ee91ea6b0816763f
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/47165eed264d357e78e27371cfef20d5c2bde5d9 (2.2.10)
 	NOTE: ruby1.8: test examples from hackerone doesn't work. ext/socket/socket.c:init_unixsock() uses SafeStringValue(path) though.
-CVE-2018-8778
+CVE-2018-8778 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ...)
 	{DSA-4259-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
@@ -31578,7 +31578,7 @@ CVE-2018-8778
 	NOTE: https://hackerone.com/reports/298246
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/d02b7bd864706fc2a40d83fb6014772ad3cc3b80
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/4cd92d7b13002161a3452a0fe278b877901a8859 (2.2.10)
-CVE-2018-8777
+CVE-2018-8777 (In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ...)
 	{DSA-4259-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
@@ -31597,13 +31597,13 @@ CVE-2018-8774
 	RESERVED
 CVE-2018-8773
 	RESERVED
-CVE-2018-8772
+CVE-2018-8772 (Coship RT3052 4.0.0.48 devices allow XSS via a crafted SSID field on t ...)
 	NOT-FOR-US: Coship RT3052 4.0.0.48 devices
 CVE-2018-8771
 	RESERVED
-CVE-2018-8770
+CVE-2018-8770 (Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via g ...)
 	NOT-FOR-US: Western Bridge Cobub Razor
-CVE-2018-8769
+CVE-2018-8769 (elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name func ...)
 	- elfutils <not-affected> (Issue introduced later)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22976
 	NOTE: https://sourceware.org/ml/elfutils-devel/2018-q1/msg00078.html
@@ -31611,20 +31611,20 @@ CVE-2018-8769
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=88f3d2daa107b09fdba376a82bce7ed534c93645
 	NOTE: when SYMTAB_SHNDX was introduced, but not yet handled in the
 	NOTE: ebl_dynamic_tag_name function.
-CVE-2018-8767
+CVE-2018-8767 (joyplus-cms 1.6.0 has XSS in manager/admin_ajax.php?action=save&amp;ta ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-8766
+CVE-2018-8766 (joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-8765
+CVE-2018-8765 (In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allo ...)
 	NOT-FOR-US: 2345 Security Guard
-CVE-2018-8764
+CVE-2018-8764 (Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 plac ...)
 	- ldap-account-manager 6.3-1
 	[stretch] - ldap-account-manager 5.5-1+deb9u1
 	[jessie] - ldap-account-manager <not-affected> (Issue introduced later)
 	[wheezy] - ldap-account-manager <not-affected> (Issue introduced later)
 	NOTE: https://www.ldap-account-manager.org/lamcms/node/354
 	NOTE: https://github.com/LDAPAccountManager/lam/commit/993751c7ff0faa07b7c028295152cf9c20349688
-CVE-2018-8763
+CVE-2018-8763 (Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has  ...)
 	{DSA-4165-1 DLA-1342-1}
 	- ldap-account-manager 6.3-1
 	NOTE: https://github.com/LDAPAccountManager/lam/commit/f1d7aec5fc4aaf516e1d8a6f0eb3082050553302
@@ -31633,7 +31633,7 @@ CVE-2018-8763
 	NOTE: https://www.ldap-account-manager.org/lamcms/node/354
 CVE-2018-8762
 	RESERVED
-CVE-2018-8761
+CVE-2018-8761 (protected\apps\member\controller\shopcarController.php in Yxcms buildi ...)
 	NOT-FOR-US: Yxcms
 CVE-2018-8760
 	RESERVED
@@ -31643,16 +31643,16 @@ CVE-2018-8758
 	RESERVED
 CVE-2018-8757
 	RESERVED
-CVE-2018-8756
+CVE-2018-8756 (Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7. ...)
 	NOT-FOR-US: YzmCMS
-CVE-2018-8755
+CVE-2018-8755 (NuCom WR644GACV devices before STA006 allow an attacker to download th ...)
 	NOT-FOR-US: NuCom
-CVE-2018-8754
+CVE-2018-8754 (** DISPUTED ** The libevt_record_values_read_event() function in libev ...)
 	{DSA-4160-1}
 	- libevt 20180317-1 (bug #893431)
 	NOTE: https://github.com/libyal/libevt/commit/444ca3ce7853538c577e0ec3f6146d2d65780734
 	NOTE: Impact limited to OOB read, not write
-CVE-2018-8753
+CVE-2018-8753 (The IKEv1 implementation in Clavister cOS Core before 11.00.11, 11.20. ...)
 	NOT-FOR-US: Clavister cOS Core
 CVE-2018-8752
 	RESERVED
@@ -31676,7 +31676,7 @@ CVE-2018-8743
 	RESERVED
 CVE-2018-8742
 	RESERVED
-CVE-2018-8768
+CVE-2018-8768 (In Jupyter Notebook before 5.4.1, a maliciously forged notebook file c ...)
 	- jupyter-notebook 5.4.1-1 (bug #893436)
 	[stretch] - jupyter-notebook <no-dsa> (Minor issue)
 	- ipython 5.1.0-2
@@ -31692,13 +31692,13 @@ CVE-2018-8768
 	NOTE: content. This issue is no-dsa because it cannot be determined if Ipython
 	NOTE: in Wheezy is still affected, a fix appears to be to intrusive though. We recommend to
 	NOTE: upgrade to a newer version instead.
-CVE-2018-8741
+CVE-2018-8741 (A directory traversal flaw in SquirrelMail 1.4.22 allows an authentica ...)
 	{DSA-4168-1 DLA-1344-1}
 	- squirrelmail <removed> (bug #893202)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/17/2
 	NOTE: https://sourceforge.net/p/squirrelmail/bugs/2846/
 	NOTE: https://sourceforge.net/p/squirrelmail/code/14751/
-CVE-2018-8740
+CVE-2018-8740 (In SQLite through 3.22.0, databases whose schema is corrupted using a  ...)
 	{DLA-1633-1}
 	- sqlite3 3.22.0-2 (bug #893195)
 	[stretch] - sqlite3 <no-dsa> (Minor issue)
@@ -31706,35 +31706,35 @@ CVE-2018-8740
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1756349
 	NOTE: https://www.sqlite.org/cgi/src/vdiff?from=1774f1c3baf0bc3d&to=d75e67654aa9620b
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6964
-CVE-2018-8739
+CVE-2018-8739 (VPN Unlimited 4.2.0 for macOS suffers from a root privilege escalation ...)
 	NOT-FOR-US: VPN Unlimited
-CVE-2018-1000134
+CVE-2018-1000134 (UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c ...)
 	NOT-FOR-US: UnboundID LDAP SDK
-CVE-2018-1000133
+CVE-2018-1000133 (Pitchfork version 1.4.6 RC1 contains an Improper Privilege Management  ...)
 	NOT-FOR-US: Pitchfork
-CVE-2018-8738
+CVE-2018-8738 (Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS. ...)
 	NOT-FOR-US: Airties
-CVE-2018-8737
+CVE-2018-8737 (Bookme Control Panel 2.0 Application is vulnerable to stored XSS withi ...)
 	NOT-FOR-US: Bookme Control Panel Application
-CVE-2018-8736
+CVE-2018-8736 (A privilege escalation vulnerability in Nagios XI 5.2.x through 5.4.x  ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-8735
+CVE-2018-8735 (Remote command execution (RCE) vulnerability in Nagios XI 5.2.x throug ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-8734
+CVE-2018-8734 (SQL injection vulnerability in the core config manager in Nagios XI 5. ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-8733
+CVE-2018-8733 (Authentication bypass vulnerability in the core config manager in Nagi ...)
 	NOT-FOR-US: Nagios XI
-CVE-2018-8732
+CVE-2018-8732 (Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows re ...)
 	NOT-FOR-US: WampServer
 CVE-2018-8731
 	RESERVED
 CVE-2018-8730
 	RESERVED
-CVE-2018-8729
+CVE-2018-8729 (Multiple cross-site scripting (XSS) vulnerabilities in the Activity Lo ...)
 	NOT-FOR-US: Activity Log plugin for WordPress
-CVE-2018-8728
+CVE-2018-8728 (server/app/views/static/code.html in Kontena before 1.5.0 allows XSS i ...)
 	NOT-FOR-US: Kontena
-CVE-2018-8727
+CVE-2018-8727 (Path Traversal in Gateway in Mirasys DVMS Workstation 5.12.6 and earli ...)
 	NOT-FOR-US: Path Traversal in Gateway in Mirasys DVMS Workstation
 CVE-2018-8726
 	RESERVED
@@ -31744,31 +31744,31 @@ CVE-2018-8724
 	RESERVED
 CVE-2018-8723
 	RESERVED
-CVE-2018-8722
+CVE-2018-8722 (Zoho ManageEngine Desktop Central version 9.1.0 build 91099 has multip ...)
 	NOT-FOR-US: Zoho
-CVE-2018-8721
+CVE-2018-8721 (Zoho ManageEngine EventLog Analyzer version 11.0 build 11000 has Store ...)
 	NOT-FOR-US: Zoho
-CVE-2018-8720
+CVE-2018-8720 (ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name fie ...)
 	NOT-FOR-US: ServiceNow ITSM
-CVE-2018-8719
+CVE-2018-8719 (An issue was discovered in the WP Security Audit Log plugin 3.1.1 for  ...)
 	NOT-FOR-US: WP Security Audit Log plugin for WordPress
-CVE-2018-8718
+CVE-2018-8718 (Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1 ...)
 	- jenkins-mailer-plugin <removed>
-CVE-2018-8717
+CVE-2018-8717 (joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an administrator ...)
 	NOT-FOR-US: joyplus-cms
-CVE-2018-8716
+CVE-2018-8716 (WSO2 Identity Server before 5.5.0 has XSS via the dashboard, allowing  ...)
 	NOT-FOR-US: WSO2 Identity Server
-CVE-2018-8715
+CVE-2018-8715 (The Embedthis HTTP library, and Appweb versions before 7.0.3, have a l ...)
 	NOT-FOR-US: Embedthis HTTP library / Appweb
-CVE-2018-8714
+CVE-2018-8714 (Honeywell MatrikonOPC OPC Controller before 5.1.0.0 allows local users ...)
 	NOT-FOR-US: Honeywell MatrikonOPC OPC Controller
 CVE-2018-8713
 	RESERVED
-CVE-2018-8712
+CVE-2018-8712 (An issue was discovered in Webmin 1.840 and 1.880 when the default Yes ...)
 	- webmin <removed>
-CVE-2018-8711
+CVE-2018-8711 (A local file inclusion issue was discovered in the WooCommerce Product ...)
 	NOT-FOR-US: WooCommerce Products Filter (aka WOOF) plugin for WordPress
-CVE-2018-8710
+CVE-2018-8710 (A remote code execution issue was discovered in the WooCommerce Produc ...)
 	NOT-FOR-US: WooCommerce Products Filter (aka WOOF) plugin for WordPress
 CVE-2018-8709
 	RESERVED
@@ -31882,15 +31882,15 @@ CVE-2018-8655
 	RESERVED
 CVE-2018-8654
 	RESERVED
-CVE-2018-8653
+CVE-2018-8653 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2018-8652
+CVE-2018-8652 (A Cross-site Scripting (XSS) vulnerability exists when Windows Azure P ...)
 	NOT-FOR-US: Windows Azure Pack Rollup
-CVE-2018-8651
+CVE-2018-8651 (A cross site scripting vulnerability exists when Microsoft Dynamics NA ...)
 	NOT-FOR-US: Microsoft Dynamics NAV
-CVE-2018-8650
+CVE-2018-8650 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8649
+CVE-2018-8649 (A denial of service vulnerability exists when Windows improperly handl ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2018-8648
 	RESERVED
@@ -31902,59 +31902,59 @@ CVE-2018-8645
 	RESERVED
 CVE-2018-8644
 	RESERVED
-CVE-2018-8643
+CVE-2018-8643 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8642
 	RESERVED
-CVE-2018-8641
+CVE-2018-8641 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2018-8640
 	RESERVED
-CVE-2018-8639
+CVE-2018-8639 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US:  Microsoft Windows
-CVE-2018-8638
+CVE-2018-8638 (An information disclosure vulnerability exists when DirectX improperly ...)
 	NOT-FOR-US:  Microsoft Windows
-CVE-2018-8637
+CVE-2018-8637 (An information disclosure vulnerability exists in Windows kernel that  ...)
 	NOT-FOR-US:  Microsoft Windows
-CVE-2018-8636
+CVE-2018-8636 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8635
+CVE-2018-8635 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8634
+CVE-2018-8634 (A remote code execution vulnerability exists in Windows where Microsof ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2018-8633
 	RESERVED
 CVE-2018-8632
 	RESERVED
-CVE-2018-8631
+CVE-2018-8631 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8630
 	RESERVED
-CVE-2018-8629
+CVE-2018-8629 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8628
+CVE-2018-8628 (A remote code execution vulnerability exists in Microsoft PowerPoint s ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8627
+CVE-2018-8627 (An information disclosure vulnerability exists when Microsoft Excel so ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8626
+CVE-2018-8626 (A remote code execution vulnerability exists in Windows Domain Name Sy ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8625
+CVE-2018-8625 (A remote code execution vulnerability exists in the way that the VBScr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8624
+CVE-2018-8624 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8623
 	RESERVED
-CVE-2018-8622
+CVE-2018-8622 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8621
+CVE-2018-8621 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2018-8620
 	RESERVED
-CVE-2018-8619
+CVE-2018-8619 (A remote code execution vulnerability exists when the Internet Explore ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8618
+CVE-2018-8618 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8617
+CVE-2018-8617 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8616
 	RESERVED
@@ -31964,153 +31964,153 @@ CVE-2018-8614
 	RESERVED
 CVE-2018-8613
 	RESERVED
-CVE-2018-8612
+CVE-2018-8612 (A Denial Of Service vulnerability exists when Connected User Experienc ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8611
+CVE-2018-8611 (An elevation of privilege vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2018-8610
 	RESERVED
-CVE-2018-8609
+CVE-2018-8609 (A remote code execution vulnerability exists in Microsoft Dynamics 365 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8608
+CVE-2018-8608 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8607
+CVE-2018-8607 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8606
+CVE-2018-8606 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8605
+CVE-2018-8605 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8604
+CVE-2018-8604 (A tampering vulnerability exists when Microsoft Exchange Server fails  ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8603
 	RESERVED
-CVE-2018-8602
+CVE-2018-8602 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8601
 	RESERVED
-CVE-2018-8600
+CVE-2018-8600 (A Cross-site Scripting (XSS) vulnerability exists when Azure App Servi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8599
+CVE-2018-8599 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8598
+CVE-2018-8598 (An information disclosure vulnerability exists when Microsoft Excel im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8597
+CVE-2018-8597 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8596
+CVE-2018-8596 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8595
+CVE-2018-8595 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2018-8594
 	RESERVED
 CVE-2018-8593
 	RESERVED
-CVE-2018-8592
+CVE-2018-8592 (An elevation of privilege vulnerability exists in Windows 10 version 1 ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8591
 	RESERVED
 CVE-2018-8590
 	RESERVED
-CVE-2018-8589
+CVE-2018-8589 (An elevation of privilege vulnerability exists when Windows improperly ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8588
+CVE-2018-8588 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8587
+CVE-2018-8587 (A remote code execution vulnerability exists in Microsoft Outlook soft ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8586
 	RESERVED
 CVE-2018-8585
 	RESERVED
-CVE-2018-8584
+CVE-2018-8584 (An elevation of privilege vulnerability exists when Windows improperly ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8583
+CVE-2018-8583 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8582
+CVE-2018-8582 (A remote code execution vulnerability exists in the way that Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8581
+CVE-2018-8581 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8580
+CVE-2018-8580 (An information disclosure vulnerability exists where certain modes of  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8579
+CVE-2018-8579 (An information disclosure vulnerability exists when attaching files to ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8578
+CVE-2018-8578 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8577
+CVE-2018-8577 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8576
+CVE-2018-8576 (A remote code execution vulnerability exists in Microsoft Outlook soft ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8575
+CVE-2018-8575 (A remote code execution vulnerability exists in Microsoft Project soft ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8574
+CVE-2018-8574 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8573
+CVE-2018-8573 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8572
+CVE-2018-8572 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8571
 	RESERVED
-CVE-2018-8570
+CVE-2018-8570 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8569
+CVE-2018-8569 (A remote code execution vulnerability exists in the Yammer desktop app ...)
 	NOT-FOR-US: Yammer
-CVE-2018-8568
+CVE-2018-8568 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8567
+CVE-2018-8567 (An elevation of privilege vulnerability exists when Microsoft Edge doe ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8566
+CVE-2018-8566 (A security feature bypass vulnerability exists when Windows improperly ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8565
+CVE-2018-8565 (An information disclosure vulnerability exists when the win32k compone ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8564
+CVE-2018-8564 (A spoofing vulnerability exists when Microsoft Edge improperly handles ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8563
+CVE-2018-8563 (An information disclosure vulnerability exists when DirectX improperly ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8562
+CVE-2018-8562 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8561
+CVE-2018-8561 (An elevation of privilege vulnerability exists when DirectX improperly ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8560
 	RESERVED
 CVE-2018-8559
 	RESERVED
-CVE-2018-8558
+CVE-2018-8558 (An information disclosure vulnerability exists when Microsoft Outlook  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8557
+CVE-2018-8557 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8556
+CVE-2018-8556 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8555
+CVE-2018-8555 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8554
+CVE-2018-8554 (An elevation of privilege vulnerability exists when DirectX improperly ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8553
+CVE-2018-8553 (A remote code execution vulnerability exists in the way that Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8552
+CVE-2018-8552 (An information disclosure vulnerability exists when VBScript improperl ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8551
+CVE-2018-8551 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8550
+CVE-2018-8550 (An elevation of privilege exists in Windows COM Aggregate Marshaler, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8549
+CVE-2018-8549 (A security feature bypass exists when Windows incorrectly validates ke ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8548
 	RESERVED
-CVE-2018-8547
+CVE-2018-8547 (A cross-site-scripting (XSS) vulnerability exists when an open source  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8546
+CVE-2018-8546 (A denial of service vulnerability exists in Skype for Business, aka "M ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8545
+CVE-2018-8545 (An information disclosure vulnerability exists in the way that Microso ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8544
+CVE-2018-8544 (A remote code execution vulnerability exists in the way that the VBScr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8543
+CVE-2018-8543 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8542
+CVE-2018-8542 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8541
+CVE-2018-8541 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8540
+CVE-2018-8540 (A remote code execution vulnerability exists when the Microsoft .NET F ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2018-8539
+CVE-2018-8539 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8538
 	RESERVED
@@ -32122,29 +32122,29 @@ CVE-2018-8535
 	RESERVED
 CVE-2018-8534
 	RESERVED
-CVE-2018-8533
+CVE-2018-8533 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8532
+CVE-2018-8532 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8531
+CVE-2018-8531 (A remote code execution vulnerability exists in the way that Azure IoT ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8530
+CVE-2018-8530 (A security feature bypass vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8529
+CVE-2018-8529 (A remote code execution vulnerability exists when Team Foundation Serv ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8528
 	RESERVED
-CVE-2018-8527
+CVE-2018-8527 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8526
 	RESERVED
 CVE-2018-8525
 	RESERVED
-CVE-2018-8524
+CVE-2018-8524 (A remote code execution vulnerability exists in Microsoft Outlook soft ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8523
 	RESERVED
-CVE-2018-8522
+CVE-2018-8522 (A remote code execution vulnerability exists in Microsoft Outlook soft ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8521
 	RESERVED
@@ -32152,311 +32152,311 @@ CVE-2018-8520
 	RESERVED
 CVE-2018-8519
 	RESERVED
-CVE-2018-8518
+CVE-2018-8518 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8517
+CVE-2018-8517 (A denial of service vulnerability exists when .NET Framework improperl ...)
 	NOT-FOR-US: Microsoft .NET
 CVE-2018-8516
 	RESERVED
 CVE-2018-8515
 	RESERVED
-CVE-2018-8514
+CVE-2018-8514 (An information disclosure vulnerability exists when Remote Procedure C ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8513
+CVE-2018-8513 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8512
+CVE-2018-8512 (A security feature bypass vulnerability exists in Microsoft Edge when  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8511
+CVE-2018-8511 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8510
+CVE-2018-8510 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8509
+CVE-2018-8509 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8508
 	RESERVED
 CVE-2018-8507
 	RESERVED
-CVE-2018-8506
+CVE-2018-8506 (An Information Disclosure vulnerability exists in the way that Microso ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8505
+CVE-2018-8505 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8504
+CVE-2018-8504 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8503
+CVE-2018-8503 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8502
+CVE-2018-8502 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8501
+CVE-2018-8501 (A remote code execution vulnerability exists in Microsoft PowerPoint s ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8500
+CVE-2018-8500 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8499
 	RESERVED
-CVE-2018-8498
+CVE-2018-8498 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8497
+CVE-2018-8497 (An elevation of privilege vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8496
 	RESERVED
-CVE-2018-8495
+CVE-2018-8495 (A remote code execution vulnerability exists when Windows Shell improp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8494
+CVE-2018-8494 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8493
+CVE-2018-8493 (An information disclosure vulnerability exists when the Windows TCP/IP ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8492
+CVE-2018-8492 (A security feature bypass vulnerability exists in Device Guard that co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8491
+CVE-2018-8491 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8490
+CVE-2018-8490 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8489
+CVE-2018-8489 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8488
+CVE-2018-8488 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8487
 	RESERVED
-CVE-2018-8486
+CVE-2018-8486 (An information disclosure vulnerability exists when DirectX improperly ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8485
+CVE-2018-8485 (An elevation of privilege vulnerability exists when DirectX improperly ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8484
+CVE-2018-8484 (An elevation of privilege vulnerability exists when the DirectX Graphi ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8483
 	RESERVED
-CVE-2018-8482
+CVE-2018-8482 (An information disclosure vulnerability exists when Windows Media Play ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8481
+CVE-2018-8481 (An information disclosure vulnerability exists when Windows Media Play ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8480
+CVE-2018-8480 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8479
+CVE-2018-8479 (A spoofing vulnerability exists for the Azure IoT Device Provisioning  ...)
 	NOT-FOR-US: Azure
 CVE-2018-8478
 	RESERVED
-CVE-2018-8477
+CVE-2018-8477 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2018-8476
+CVE-2018-8476 (A remote code execution vulnerability exists in the way that Windows D ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8475
+CVE-2018-8475 (A remote code execution vulnerability exists when Windows does not pro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8474
+CVE-2018-8474 (A security feature bypass vulnerability exists when Lync for Mac 2011  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8473
+CVE-2018-8473 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8472
+CVE-2018-8472 (An information disclosure vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8471
+CVE-2018-8471 (An elevation of privilege vulnerability exists in the way that the Mic ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8470
+CVE-2018-8470 (A security feature bypass vulnerability exists in Internet Explorer du ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8469
+CVE-2018-8469 (An elevation of privilege vulnerability exists in Microsoft Edge that  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8468
+CVE-2018-8468 (An elevation of privilege vulnerability exists when Windows, allowing  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8467
+CVE-2018-8467 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8466
+CVE-2018-8466 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8465
+CVE-2018-8465 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8464
+CVE-2018-8464 (An remote code execution vulnerability exists when Microsoft Edge PDF  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8463
+CVE-2018-8463 (An elevation of privilege vulnerability exists in Microsoft Edge that  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8462
+CVE-2018-8462 (An elevation of privilege vulnerability exists when the DirectX Graphi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8461
+CVE-2018-8461 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8460
+CVE-2018-8460 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8459
+CVE-2018-8459 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8458
 	RESERVED
-CVE-2018-8457
+CVE-2018-8457 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8456
+CVE-2018-8456 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8455
+CVE-2018-8455 (An elevation of privilege vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8454
+CVE-2018-8454 (An information disclosure vulnerability exists when Windows Audio Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8453
+CVE-2018-8453 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8452
+CVE-2018-8452 (An information disclosure vulnerability exists when the scripting engi ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8451
 	RESERVED
-CVE-2018-8450
+CVE-2018-8450 (A remote code execution vulnerability exists when Windows Search handl ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8449
+CVE-2018-8449 (A security feature bypass exists when Device Guard incorrectly validat ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8448
+CVE-2018-8448 (An elevation of privilege vulnerability exists when Microsoft Exchange ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8447
+CVE-2018-8447 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8446
+CVE-2018-8446 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8445
+CVE-2018-8445 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8444
+CVE-2018-8444 (An information disclosure vulnerability exists in the way that the Mic ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8443
+CVE-2018-8443 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8442
+CVE-2018-8442 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8441
+CVE-2018-8441 (An elevation of privilege vulnerability exists due to an integer overf ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8440
+CVE-2018-8440 (An elevation of privilege vulnerability exists when Windows improperly ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8439
+CVE-2018-8439 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8438
+CVE-2018-8438 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8437
+CVE-2018-8437 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8436
+CVE-2018-8436 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8435
+CVE-2018-8435 (A security feature bypass vulnerability exists when Windows Hyper-V BI ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8434
+CVE-2018-8434 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8433
+CVE-2018-8433 (An information disclosure vulnerability exists when the Windows Graphi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8432
+CVE-2018-8432 (A remote code execution vulnerability exists in the way that Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8431
+CVE-2018-8431 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8430
+CVE-2018-8430 (A remote code execution vulnerability exists in Microsoft Word if a us ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8429
+CVE-2018-8429 (An information disclosure vulnerability exists when Microsoft Excel im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8428
+CVE-2018-8428 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8427
+CVE-2018-8427 (An information disclosure vulnerability exists in the way that Microso ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8426
+CVE-2018-8426 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8425
+CVE-2018-8425 (A spoofing vulnerability exists when Microsoft Edge improperly handles ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8424
+CVE-2018-8424 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8423
+CVE-2018-8423 (A remote code execution vulnerability exists in the Microsoft JET Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8422
+CVE-2018-8422 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8421
+CVE-2018-8421 (A remote code execution vulnerability exists when Microsoft .NET Frame ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8420
+CVE-2018-8420 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8419
+CVE-2018-8419 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8418
 	RESERVED
-CVE-2018-8417
+CVE-2018-8417 (A security feature bypass vulnerability exists in Microsoft JScript th ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8416
+CVE-2018-8416 (A tampering vulnerability exists when .NET Core improperly handles spe ...)
 	NOT-FOR-US: .dotnet CoreFX
-CVE-2018-8415
+CVE-2018-8415 (A tampering vulnerability exists in PowerShell that could allow an att ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8414
+CVE-2018-8414 (A remote code execution vulnerability exists when the Windows Shell do ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8413
+CVE-2018-8413 (A remote code execution vulnerability exists when "Windows Theme API"  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8412
+CVE-2018-8412 (An elevation of privilege vulnerability exists when the Microsoft Auto ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8411
+CVE-2018-8411 (An elevation of privilege vulnerability exists when NTFS improperly ch ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8410
+CVE-2018-8410 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8409
+CVE-2018-8409 (A denial of service vulnerability exists when System.IO.Pipelines impr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8408
+CVE-2018-8408 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8407
+CVE-2018-8407 (An information disclosure vulnerability exists when "Kernel Remote Pro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8406
+CVE-2018-8406 (An elevation of privilege vulnerability exists when the DirectX Graphi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8405
+CVE-2018-8405 (An elevation of privilege vulnerability exists when the DirectX Graphi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8404
+CVE-2018-8404 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8403
+CVE-2018-8403 (A remote code execution vulnerability exists in the way that Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8402
 	RESERVED
-CVE-2018-8401
+CVE-2018-8401 (An elevation of privilege vulnerability exists when the DirectX Graphi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8400
+CVE-2018-8400 (An elevation of privilege vulnerability exists when the DirectX Graphi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8399
+CVE-2018-8399 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8398
+CVE-2018-8398 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8397
+CVE-2018-8397 (A remote code execution vulnerability exists in the way that the Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8396
+CVE-2018-8396 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8395
 	RESERVED
-CVE-2018-8394
+CVE-2018-8394 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8393
+CVE-2018-8393 (A buffer overflow vulnerability exists in the Microsoft JET Database E ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8392
+CVE-2018-8392 (A buffer overflow vulnerability exists in the Microsoft JET Database E ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8391
+CVE-2018-8391 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8390
+CVE-2018-8390 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8389
+CVE-2018-8389 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8388
+CVE-2018-8388 (A spoofing vulnerability exists when Microsoft Edge improperly handles ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8387
+CVE-2018-8387 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8386
 	RESERVED
-CVE-2018-8385
+CVE-2018-8385 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8384
+CVE-2018-8384 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8383
+CVE-2018-8383 (A spoofing vulnerability exists when Microsoft Edge does not properly  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8382
+CVE-2018-8382 (An information disclosure vulnerability exists when Microsoft Excel im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8381
+CVE-2018-8381 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8380
+CVE-2018-8380 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8379
+CVE-2018-8379 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8378
+CVE-2018-8378 (An information disclosure vulnerability exists when Microsoft Office s ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8377
+CVE-2018-8377 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8376
+CVE-2018-8376 (A remote code execution vulnerability exists in Microsoft PowerPoint s ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8375
+CVE-2018-8375 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8374
+CVE-2018-8374 (A tampering vulnerability exists when Microsoft Exchange Server fails  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8373
+CVE-2018-8373 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8372
+CVE-2018-8372 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8371
+CVE-2018-8371 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8370
+CVE-2018-8370 (A information disclosure vulnerability exists when WebAudio Library im ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8369
 	RESERVED
 CVE-2018-8368
 	RESERVED
-CVE-2018-8367
+CVE-2018-8367 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8366
+CVE-2018-8366 (An information disclosure vulnerability exists when the Microsoft Edge ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8365
 	RESERVED
@@ -32468,208 +32468,208 @@ CVE-2018-8362
 	RESERVED
 CVE-2018-8361
 	RESERVED
-CVE-2018-8360
+CVE-2018-8360 (An information disclosure vulnerability exists in Microsoft .NET Frame ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8359
+CVE-2018-8359 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8358
+CVE-2018-8358 (A security feature bypass vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8357
+CVE-2018-8357 (An elevation of privilege vulnerability exists in Microsoft browsers a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8356
+CVE-2018-8356 (A security feature bypass vulnerability exists when Microsoft .NET Fra ...)
 	NOT-FOR-US: Microsoft .NET, doesn't affect src:mono
-CVE-2018-8355
+CVE-2018-8355 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8354
+CVE-2018-8354 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8353
+CVE-2018-8353 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8352
 	RESERVED
-CVE-2018-8351
+CVE-2018-8351 (An information disclosure vulnerability exists when affected Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8350
+CVE-2018-8350 (A remote code execution vulnerability exists when Microsoft Windows PD ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8349
+CVE-2018-8349 (A remote code execution vulnerability exists in "Microsoft COM for Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8348
+CVE-2018-8348 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8347
+CVE-2018-8347 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8346
+CVE-2018-8346 (A remote code execution vulnerability exists in Microsoft Windows that ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8345
+CVE-2018-8345 (A remote code execution vulnerability exists in Microsoft Windows that ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8344
+CVE-2018-8344 (A remote code execution vulnerability exists when the Windows font lib ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8343
+CVE-2018-8343 (An elevation of privilege vulnerability exists in the Network Driver I ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8342
+CVE-2018-8342 (An elevation of privilege vulnerability exists in the Network Driver I ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8341
+CVE-2018-8341 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8340
+CVE-2018-8340 (A security feature bypass vulnerability exists when Active Directory F ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8339
+CVE-2018-8339 (An elevation of privilege vulnerability exists in the Windows Installe ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8338
 	RESERVED
-CVE-2018-8337
+CVE-2018-8337 (A security feature bypass vulnerability exists when Windows Subsystem  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8336
+CVE-2018-8336 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8335
+CVE-2018-8335 (A denial of service vulnerability exists in the Microsoft Server Block ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8334
 	RESERVED
-CVE-2018-8333
+CVE-2018-8333 (An Elevation of Privilege vulnerability exists in Filter Manager when  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8332
+CVE-2018-8332 (A remote code execution vulnerability exists when the Windows font lib ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8331
+CVE-2018-8331 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8330
+CVE-2018-8330 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8329
+CVE-2018-8329 (An Elevation of Privilege vulnerability exists in Windows Subsystem fo ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8328
 	RESERVED
-CVE-2018-8327
+CVE-2018-8327 (A remote code execution vulnerability exists in PowerShell Editor Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8326
+CVE-2018-8326 (A cross-site-scripting (XSS) vulnerability exists when an open source  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8325
+CVE-2018-8325 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8324
+CVE-2018-8324 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8323
+CVE-2018-8323 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8322
 	RESERVED
 CVE-2018-8321
 	RESERVED
-CVE-2018-8320
+CVE-2018-8320 (A security feature bypass vulnerability exists in DNS Global Blocklist ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8319
+CVE-2018-8319 (A Security Feature Bypass vulnerability exists in MSR JavaScript Crypt ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8318
 	RESERVED
 CVE-2018-8317
 	RESERVED
-CVE-2018-8316
+CVE-2018-8316 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8315
+CVE-2018-8315 (An information disclosure vulnerability exists when the browser script ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8314
+CVE-2018-8314 (An elevation of privilege vulnerability exists when Windows fails a ch ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8313
+CVE-2018-8313 (An elevation of privilege vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8312
+CVE-2018-8312 (A remote code execution vulnerability exists when Microsoft Access fai ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8311
+CVE-2018-8311 (A remote code execution vulnerability exists when Skype for Business a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8310
+CVE-2018-8310 (A tampering vulnerability exists when Microsoft Outlook does not prope ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8309
+CVE-2018-8309 (A denial of service vulnerability exists when Windows improperly handl ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8308
+CVE-2018-8308 (An elevation of privilege vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8307
+CVE-2018-8307 (A security feature bypass vulnerability exists when Microsoft WordPad  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8306
+CVE-2018-8306 (A command injection vulnerability exists in the Microsoft Wireless Dis ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8305
+CVE-2018-8305 (An information disclosure vulnerability exists in Windows Mail Client  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8304
+CVE-2018-8304 (A denial of service vulnerability exists in Windows Domain Name System ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8303
 	RESERVED
-CVE-2018-8302
+CVE-2018-8302 (A remote code execution vulnerability exists in Microsoft Exchange sof ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8301
+CVE-2018-8301 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8300
+CVE-2018-8300 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8299
+CVE-2018-8299 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8298
+CVE-2018-8298 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8297
+CVE-2018-8297 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8296
+CVE-2018-8296 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8295
 	RESERVED
-CVE-2018-8294
+CVE-2018-8294 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8293
 	RESERVED
-CVE-2018-8292
+CVE-2018-8292 (An information disclosure vulnerability exists in .NET Core when authe ...)
 	NOT-FOR-US: .dotnet CoreFX
 	NOTE: https://github.com/dotnet/corefx/commit/56aae8a7076f283e334b88f642ef6bb7c59e02c3
-CVE-2018-8291
+CVE-2018-8291 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8290
+CVE-2018-8290 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8289
+CVE-2018-8289 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8288
+CVE-2018-8288 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8287
+CVE-2018-8287 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8286
+CVE-2018-8286 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8285
 	RESERVED
-CVE-2018-8284
+CVE-2018-8284 (A remote code execution vulnerability exists when the Microsoft .NET F ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8283
+CVE-2018-8283 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8282
+CVE-2018-8282 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8281
+CVE-2018-8281 (A remote code execution vulnerability exists in Microsoft Office softw ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8280
+CVE-2018-8280 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8279
+CVE-2018-8279 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8278
+CVE-2018-8278 (A spoofing vulnerability exists when Microsoft Edge improperly handles ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8277
 	RESERVED
-CVE-2018-8276
+CVE-2018-8276 (A security feature bypass vulnerability exists in the Microsoft Chakra ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8275
+CVE-2018-8275 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8274
+CVE-2018-8274 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8273
+CVE-2018-8273 (A buffer overflow vulnerability exists in the Microsoft SQL Server tha ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8272
 	RESERVED
-CVE-2018-8271
+CVE-2018-8271 (An information disclosure vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8270
 	RESERVED
-CVE-2018-8269
+CVE-2018-8269 (A denial of service vulnerability exists when OData Library improperly ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8268
 	RESERVED
-CVE-2018-8267
+CVE-2018-8267 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8266
+CVE-2018-8266 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8265
+CVE-2018-8265 (A remote code execution vulnerability exists in the way Microsoft Exch ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8264
 	RESERVED
 CVE-2018-8263
 	RESERVED
-CVE-2018-8262
+CVE-2018-8262 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8261
 	REJECTED
-CVE-2018-8260
+CVE-2018-8260 (A Remote Code Execution vulnerability exists in .NET software when the ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8259
 	RESERVED
@@ -32677,119 +32677,119 @@ CVE-2018-8258
 	RESERVED
 CVE-2018-8257
 	RESERVED
-CVE-2018-8256
+CVE-2018-8256 (A remote code execution vulnerability exists when PowerShell improperl ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8255
 	RESERVED
-CVE-2018-8254
+CVE-2018-8254 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8253
+CVE-2018-8253 (An elevation of privilege vulnerability exists when Microsoft Cortana  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8252
+CVE-2018-8252 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8251
+CVE-2018-8251 (A memory corruption vulnerability exists when Windows Media Foundation ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8250
 	RESERVED
-CVE-2018-8249
+CVE-2018-8249 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8248
+CVE-2018-8248 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8247
+CVE-2018-8247 (An elevation of privilege vulnerability exists when Office Web Apps Se ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8246
+CVE-2018-8246 (An information disclosure vulnerability exists when Microsoft Excel im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8245
+CVE-2018-8245 (A remote code execution vulnerability exists when Microsoft Publisher  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8244
+CVE-2018-8244 (An elevation of privilege vulnerability exists when Microsoft Outlook  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8243
+CVE-2018-8243 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8242
+CVE-2018-8242 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8241
 	RESERVED
 CVE-2018-8240
 	RESERVED
-CVE-2018-8239
+CVE-2018-8239 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8238
+CVE-2018-8238 (A security feature bypass vulnerability exists when Skype for Business ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8237
 	RESERVED
-CVE-2018-8236
+CVE-2018-8236 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8235
+CVE-2018-8235 (A security feature bypass vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8234
+CVE-2018-8234 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8233
+CVE-2018-8233 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8232
+CVE-2018-8232 (A Tampering vulnerability exists when Microsoft Macro Assembler improp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8231
+CVE-2018-8231 (A remote code execution vulnerability exists when HTTP Protocol Stack  ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8230
 	RESERVED
-CVE-2018-8229
+CVE-2018-8229 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8228
 	RESERVED
-CVE-2018-8227
+CVE-2018-8227 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8226
+CVE-2018-8226 (A denial of service vulnerability exists in the HTTP 2.0 protocol stac ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8225
+CVE-2018-8225 (A remote code execution vulnerability exists in Windows Domain Name Sy ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8224
+CVE-2018-8224 (An elevation of privilege vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8223
 	RESERVED
-CVE-2018-8222
+CVE-2018-8222 (A security feature bypass vulnerability exists in Device Guard that co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8221
+CVE-2018-8221 (A security feature bypass vulnerability exists in Device Guard that co ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8220
 	RESERVED
-CVE-2018-8219
+CVE-2018-8219 (An elevation of privilege vulnerability exists when Windows Hyper-V in ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8218
+CVE-2018-8218 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8217
+CVE-2018-8217 (A security feature bypass vulnerability exists in Device Guard that co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8216
+CVE-2018-8216 (A security feature bypass vulnerability exists in Device Guard that co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8215
+CVE-2018-8215 (A security feature bypass vulnerability exists in Device Guard that co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8214
+CVE-2018-8214 (An elevation of privilege vulnerability exists in Windows when Desktop ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8213
+CVE-2018-8213 (A remote code execution vulnerability exists when Windows improperly h ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8212
+CVE-2018-8212 (A security feature bypass vulnerability exists in Device Guard that co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8211
+CVE-2018-8211 (A security feature bypass vulnerability exists in Device Guard that co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8210
+CVE-2018-8210 (A remote code execution vulnerability exists when Windows improperly h ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8209
+CVE-2018-8209 (An information disclosure vulnerability exists when Windows allows a n ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8208
+CVE-2018-8208 (An elevation of privilege vulnerability exists in Windows when Desktop ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8207
+CVE-2018-8207 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8206
+CVE-2018-8206 (A denial of service vulnerability exists when Windows improperly handl ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8205
+CVE-2018-8205 (A denial of service vulnerability exists when Windows improperly handl ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8204
+CVE-2018-8204 (A security feature bypass vulnerability exists in Device Guard that co ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8203
 	RESERVED
-CVE-2018-8202
+CVE-2018-8202 (An elevation of privilege vulnerability exists in .NET Framework which ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8201
+CVE-2018-8201 (A security feature bypass vulnerability exists in Device Guard that co ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8200
+CVE-2018-8200 (A security feature bypass vulnerability exists in Device Guard that co ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8199
 	RESERVED
@@ -32831,147 +32831,147 @@ CVE-2018-8181
 	RESERVED
 CVE-2018-8180
 	RESERVED
-CVE-2018-8179
+CVE-2018-8179 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8178
+CVE-2018-8178 (A remote code execution vulnerability exists in the way that Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8177
+CVE-2018-8177 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8176
+CVE-2018-8176 (A remote code execution vulnerability exists in Microsoft PowerPoint s ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8175
+CVE-2018-8175 (An denial of service vulnerability exists when Windows NT WEBDAV Minir ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8174
+CVE-2018-8174 (A remote code execution vulnerability exists in the way that the VBScr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8173
+CVE-2018-8173 (A remote code execution vulnerability exists in Microsoft InfoPath whe ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8172
+CVE-2018-8172 (A remote code execution vulnerability exists in Visual Studio software ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8171
+CVE-2018-8171 (A Security Feature Bypass vulnerability exists in ASP.NET when the num ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8170
+CVE-2018-8170 (An elevation of privilege vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8169
+CVE-2018-8169 (An elevation of privilege vulnerability exists when the (Human Interfa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8168
+CVE-2018-8168 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8167
+CVE-2018-8167 (An elevation of privilege vulnerability exists when the Windows Common ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8166
+CVE-2018-8166 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8165
+CVE-2018-8165 (An elevation of privilege vulnerability exists when the DirectX Graphi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8164
+CVE-2018-8164 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8163
+CVE-2018-8163 (An information disclosure vulnerability exists when Microsoft Excel im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8162
+CVE-2018-8162 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8161
+CVE-2018-8161 (A remote code execution vulnerability exists in Microsoft Office softw ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8160
+CVE-2018-8160 (An information disclosure vulnerability exists in Outlook when a messa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8159
+CVE-2018-8159 (An elevation of privilege vulnerability exists when Microsoft Exchange ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8158
+CVE-2018-8158 (A remote code execution vulnerability exists in Microsoft Office softw ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8157
+CVE-2018-8157 (A remote code execution vulnerability exists in Microsoft Office softw ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8156
+CVE-2018-8156 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8155
+CVE-2018-8155 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8154
+CVE-2018-8154 (A remote code execution vulnerability exists in Microsoft Exchange sof ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8153
+CVE-2018-8153 (A spoofing vulnerability exists in Microsoft Exchange Server when Outl ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8152
+CVE-2018-8152 (An elevation of privilege vulnerability exists when Microsoft Exchange ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8151
+CVE-2018-8151 (An information disclosure vulnerability exists when Microsoft Exchange ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8150
+CVE-2018-8150 (A security feature bypass vulnerability exists when the Microsoft Outl ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8149
+CVE-2018-8149 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8148
+CVE-2018-8148 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8147
+CVE-2018-8147 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8146
 	RESERVED
-CVE-2018-8145
+CVE-2018-8145 (An information disclosure vulnerability exists when Chakra improperly  ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8144
 	RESERVED
 CVE-2018-8143
 	RESERVED
-CVE-2018-8142
+CVE-2018-8142 (A security feature bypass exists when Windows incorrectly validates ke ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8141
+CVE-2018-8141 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8140
+CVE-2018-8140 (An Elevation of Privilege vulnerability exists when Cortana retrieves  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8139
+CVE-2018-8139 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8138
 	RESERVED
-CVE-2018-8137
+CVE-2018-8137 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8136
+CVE-2018-8136 (A remote code execution vulnerability exists in the way that Windows h ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8135
 	RESERVED
-CVE-2018-8134
+CVE-2018-8134 (An elevation of privilege vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8133
+CVE-2018-8133 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8132
+CVE-2018-8132 (A security feature bypass vulnerability exists in Windows which could  ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-8131
 	RESERVED
-CVE-2018-8130
+CVE-2018-8130 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8129
+CVE-2018-8129 (A security feature bypass vulnerability exists in Windows which could  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8128
+CVE-2018-8128 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8127
+CVE-2018-8127 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8126
+CVE-2018-8126 (A security feature bypass vulnerability exists when Internet Explorer  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8125
+CVE-2018-8125 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8124
+CVE-2018-8124 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8123
+CVE-2018-8123 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8122
+CVE-2018-8122 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8121
+CVE-2018-8121 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8120
+CVE-2018-8120 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8119
+CVE-2018-8119 (A spoofing vulnerability exists when the Azure IoT Device Provisioning ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8118
+CVE-2018-8118 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8117
+CVE-2018-8117 (A security feature bypass vulnerability exists in the Microsoft Wirele ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8116
+CVE-2018-8116 (A denial of service vulnerability exists in the way that Windows handl ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8115
+CVE-2018-8115 (A remote code execution vulnerability exists when the Windows Host Com ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8114
+CVE-2018-8114 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8113
+CVE-2018-8113 (A security feature bypass vulnerability exists in Internet Explorer th ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8112
+CVE-2018-8112 (A security feature bypass vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8111
+CVE-2018-8111 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-8110
+CVE-2018-8110 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1000132
+CVE-2018-1000132 (Mercurial version 4.5 and earlier contains a Incorrect Access Control  ...)
 	{DLA-1414-1 DLA-1331-1}
 	- mercurial 4.5.2-1 (bug #892964)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.5.1_.2F_4.5.2_.282018-03-06.29
@@ -32979,109 +32979,109 @@ CVE-2018-1000132
 	NOTE: Backports for older branches in https://hg.mozilla.org/users/gszorc_mozilla.com/hg
 	NOTE: 4.4: 4843835c835::7cf827e5f8af
 	NOTE: 4.3: db527ae12671::86f9a022ccb8
-CVE-2018-1000131
+CVE-2018-1000131 (Pradeep Makone wordpress Support Plus Responsive Ticket System version ...)
 	NOT-FOR-US: Pradeep Makone wordpress Support Plus Responsive Ticket System
-CVE-2018-1000130
+CVE-2018-1000130 (A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 i ...)
 	NOT-FOR-US: Jolokia
-CVE-2018-1000129
+CVE-2018-1000129 (An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the  ...)
 	NOT-FOR-US: Jolokia
 CVE-2018-8109
 	RESERVED
-CVE-2018-8108
+CVE-2018-8108 (The select component in bui through 2018-03-13 has XSS because it perf ...)
 	NOT-FOR-US: bui
-CVE-2018-8107
+CVE-2018-8107 (The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows atta ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8106
+CVE-2018-8106 (The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00  ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8105
+CVE-2018-8105 (The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allow ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8104
+CVE-2018-8104 (The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows atta ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8103
+CVE-2018-8103 (The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf  ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8102
+CVE-2018-8102 (The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4 ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8101
+CVE-2018-8101 (The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf  ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8100
+CVE-2018-8100 (The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allo ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-8099
+CVE-2018-8099 (Incorrect returning of an error code in the index.c:read_entry() funct ...)
 	[experimental] - libgit2 0.27.0+dfsg.1-0.1
 	- libgit2 0.27.0+dfsg.1-0.6 (low; bug #892962)
 	[stretch] - libgit2 <no-dsa> (Minor issue)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/libgit2/libgit2/commit/58a6fe94cb851f71214dbefac3f9bffee437d6fe
-CVE-2018-8098
+CVE-2018-8098 (Integer overflow in the index.c:read_entry() function while decompress ...)
 	[experimental] - libgit2 0.27.0+dfsg.1-0.1
 	- libgit2 0.27.0+dfsg.1-0.6 (low; bug #892961)
 	[stretch] - libgit2 <no-dsa> (Minor issue)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/libgit2/libgit2/commit/3207ddb0103543da8ad2139ec6539f590f9900c1
 	NOTE: https://github.com/libgit2/libgit2/commit/3db1af1f370295ad5355b8f64b865a2a357bcac0
-CVE-2018-8097
+CVE-2018-8097 (io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attac ...)
 	NOT-FOR-US: pyeve
-CVE-2018-8096
+CVE-2018-8096 (Datalust Seq before 4.2.605 is vulnerable to Authentication Bypass (wi ...)
 	NOT-FOR-US: Datalust Seq
 CVE-2018-8095
 	RESERVED
 CVE-2018-1000128
 	REJECTED
-CVE-2018-1000127
+CVE-2018-1000127 (memcached version prior to 1.4.37 contains an Integer Overflow vulnera ...)
 	{DSA-4218-1 DLA-1329-1}
 	- memcached 1.5.0-1 (bug #894404)
 	NOTE: https://github.com/memcached/memcached/commit/a8c4a82787b8b6c256d61bd5c42fb7f92d1bae00
 	NOTE: https://github.com/memcached/memcached/issues/271
-CVE-2018-1000126
+CVE-2018-1000126 (Ajenti version 2 contains an Information Disclosure vulnerability in L ...)
 	- ajenti <itp> (bug #792019)
-CVE-2018-1000125
+CVE-2018-1000125 (inversoft prime-jwt version prior to version 1.3.0 or prior to commit  ...)
 	NOT-FOR-US: inversoft prime-jwt
-CVE-2018-1000124
+CVE-2018-1000124 (I Librarian I-librarian version 4.8 and earlier contains a XML Externa ...)
 	- i-librarian <itp> (bug #649291)
-CVE-2018-1000123
+CVE-2018-1000123 (Ionic Team Cordova plugin iOS Keychain version before commit 18233ca25 ...)
 	NOT-FOR-US: Ionic Team Cordova plugin iOS Keychain
 CVE-2018-8094
 	RESERVED
 CVE-2018-8093
 	RESERVED
-CVE-2018-8092
+CVE-2018-8092 (Mautic before 2.13.0 allows CSV injection. ...)
 	NOT-FOR-US: Mautic
 CVE-2018-8091
 	RESERVED
-CVE-2018-8090
+CVE-2018-8090 (Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) -  ...)
 	NOT-FOR-US: Quick Heal
 CVE-2018-8089
 	RESERVED
-CVE-2018-8088
+CVE-2018-8088 (org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before ...)
 	- libslf4j-java 1.7.25-3 (bug #893684; unimportant)
 	NOTE: slf4j-ext module is not built by default
 	NOTE: https://github.com/qos-ch/slf4j/commit/d2b27fba88e983f921558da27fc29b5f5d269405
 	NOTE: https://jira.qos.ch/browse/SLF4J-430
 	NOTE: https://jira.qos.ch/browse/SLF4J-431
-CVE-2018-8087
+CVE-2018-8087 (Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless ...)
 	{DSA-4188-1}
 	- linux 4.15.11-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -33091,16 +33091,16 @@ CVE-2018-8086
 	REJECTED
 CVE-2018-8085
 	RESERVED
-CVE-2018-1000097
+CVE-2018-1000097 (Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer  ...)
 	{DSA-4167-1}
 	- sharutils 1:4.15.2-3 (bug #893525)
 	[wheezy] - sharutils <not-affected> (Vulnerable code not present)
 	NOTE: http://seclists.org/bugtraq/2018/Feb/54
-CVE-2018-1000096
+CVE-2018-1000096 (brianleroux tiny-json-http version all versions since commit 9b8e74a23 ...)
 	NOT-FOR-US: tiny-json-http
-CVE-2018-1000095
+CVE-2018-1000095 (oVirt version 4.2.0 to 4.2.2 contains a Cross Site Scripting (XSS) vul ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2018-1000094
+CVE-2018-1000094 (CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnera ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2018-8084
 	RESERVED
@@ -33114,25 +33114,25 @@ CVE-2018-8080
 	RESERVED
 CVE-2018-8079
 	RESERVED
-CVE-2018-8078
+CVE-2018-8078 (YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adv ...)
 	NOT-FOR-US: YzmCMS
 CVE-2018-8077
 	RESERVED
-CVE-2018-8076
+CVE-2018-8076 (ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability wi ...)
 	NOT-FOR-US: ZenMate
 CVE-2018-8075
 	RESERVED
-CVE-2018-8074
+CVE-2018-8074 (Yii 2.x before 2.0.15 allows remote attackers to inject unintended sea ...)
 	- yii <itp> (bug #597899)
-CVE-2018-8073
+CVE-2018-8073 (Yii 2.x before 2.0.15 allows remote attackers to execute arbitrary LUA ...)
 	- yii <itp> (bug #597899)
-CVE-2018-8072
+CVE-2018-8072 (An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W thro ...)
 	NOT-FOR-US: EDIMAX
-CVE-2018-8071
+CVE-2018-8071 (Mautic before v2.13.0 has stored XSS via a theme config file. ...)
 	NOT-FOR-US: Mautic
-CVE-2018-8070
+CVE-2018-8070 (QCMS version 3.0 has XSS via the title parameter to the /guest/index.h ...)
 	NOT-FOR-US: QCMS
-CVE-2018-8069
+CVE-2018-8069 (QCMS version 3.0 has XSS via the webname parameter to the /backend/sys ...)
 	NOT-FOR-US: QCMS
 CVE-2018-8068
 	RESERVED
@@ -33140,7 +33140,7 @@ CVE-2018-8067
 	RESERVED
 CVE-2018-8066
 	RESERVED
-CVE-2018-8065
+CVE-2018-8065 (An issue was discovered in the web server in Flexense SyncBreeze Enter ...)
 	NOT-FOR-US: Flexense SyncBreeze Enterprise
 CVE-2018-8064
 	RESERVED
@@ -33148,17 +33148,17 @@ CVE-2018-8063
 	RESERVED
 CVE-2018-8062
 	RESERVED
-CVE-2018-8061
+CVE-2018-8061 (HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileg ...)
 	NOT-FOR-US: HWiNFO AMD64 Kernel driver
-CVE-2018-8060
+CVE-2018-8060 (HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileg ...)
 	NOT-FOR-US: HWiNFO AMD64 Kernel driver
-CVE-2018-8059
+CVE-2018-8059 (The Djelibeybi configuration examples for use of NGINX in SUSE Portus  ...)
 	NOT-FOR-US: Portus
-CVE-2018-8058
+CVE-2018-8058 (CMS Made Simple (CMSMS) 2.2.6 has XSS in admin/moduleinterface.php via ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-8057
+CVE-2018-8057 (A SQL Injection vulnerability exists in Western Bridge Cobub Razor 0.8 ...)
 	NOT-FOR-US: Western Bridge Cobub Razor
-CVE-2018-8056
+CVE-2018-8056 (Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via a ...)
 	NOT-FOR-US: Western Bridge Cobub Razor
 CVE-2018-8055
 	RESERVED
@@ -33170,13 +33170,13 @@ CVE-2018-8052
 	RESERVED
 CVE-2018-8051
 	RESERVED
-CVE-2018-8050
+CVE-2018-8050 (The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka AFFL ...)
 	- afflib 3.7.16-3 (unimportant; bug #892599)
 	NOTE: https://github.com/sshock/AFFLIBv3/commit/435a2ca802358a3debb6d164d2c33049131df81c
 	NOTE: Negligible security impact
-CVE-2018-8049
+CVE-2018-8049 (The Stealth endpoint in Unisys Stealth SVG 2.8.x, 3.0.x before 3.0.199 ...)
 	NOT-FOR-US: Unisys Stealth SVG
-CVE-2018-8048
+CVE-2018-8048 (In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attribu ...)
 	{DSA-4171-1}
 	- ruby-loofah 2.2.1-1 (bug #893596)
 	NOTE: https://github.com/flavorjones/loofah/issues/144
@@ -33184,33 +33184,33 @@ CVE-2018-8048
 	NOTE: https://github.com/flavorjones/loofah/commit/56e95a6696b1e17a242eb8ebbbab64d613c4f1fe
 CVE-2018-8047
 	RESERVED
-CVE-2018-8046
+CVE-2018-8046 (The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6 ...)
 	NOT-FOR-US: Sencha
-CVE-2018-8045
+CVE-2018-8045 (In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable ...)
 	NOT-FOR-US: Joomla!
 CVE-2018-8044
 	RESERVED
-CVE-2018-8043
+CVE-2018-8043 (The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in ...)
 	- linux <unfixed> (unimportant)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5
 	NOTE: Negligible security impact, only enabled on armhf
-CVE-2018-8042
+CVE-2018-8042 (Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2018-8041
+CVE-2018-8041 (Apache Camel's Mail 2.20.0 through 2.20.3, 2.21.0 through 2.21.1 and 2 ...)
 	NOT-FOR-US: Apache Camel Mail component
-CVE-2018-8040
+CVE-2018-8040 (Pages that are rendered using the ESI plugin can have access to the co ...)
 	{DSA-4282-1}
 	- trafficserver 7.1.4+ds-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/2
 	NOTE: https://github.com/apache/trafficserver/pull/3926
 	NOTE: https://github.com/apache/trafficserver/commit/cea07c03274807c1588dbdf03baa1537d958c92f
-CVE-2018-8039
+CVE-2018-8039 (It is possible to configure Apache CXF to use the com.sun.net.ssl impl ...)
 	NOT-FOR-US: Apache CXF
-CVE-2018-8038
+CVE-2018-8038 (Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable Docum ...)
 	NOT-FOR-US: Apache CXF
-CVE-2018-8037
+CVE-2018-8037 (If an async request was completed by the application at the same time  ...)
 	{DSA-4281-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.32-1
@@ -33218,7 +33218,7 @@ CVE-2018-8037
 	- tomcat8.0 <not-affected> (Vulnerable code only present in 8.5.5 to 8.5.31 in 8.x series)
 	NOTE: https://svn.apache.org/r1833906 (9.0.x)
 	NOTE: https://svn.apache.org/r1833907 (8.5.x)
-CVE-2018-8036
+CVE-2018-8036 (In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully c ...)
 	- libpdfbox-java 1:1.8.15-1 (low; bug #902776)
 	- libpdfbox2-java 2.0.11-1 (low)
 	[stretch] - libpdfbox-java <no-dsa> (Minor issue)
@@ -33226,7 +33226,7 @@ CVE-2018-8036
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/29/2
 CVE-2018-8035
 	RESERVED
-CVE-2018-8034
+CVE-2018-8034 (The host name verification when using TLS with the WebSocket client wa ...)
 	{DSA-4281-1 DLA-1491-1 DLA-1453-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.32-1
@@ -33238,63 +33238,63 @@ CVE-2018-8034
 	NOTE: https://svn.apache.org/r1833758 (8.5.x)
 	NOTE: https://svn.apache.org/r1833759 (8.0.x)
 	NOTE: https://svn.apache.org/r1833760 (7.0.x)
-CVE-2018-8033
+CVE-2018-8033 (In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apach ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2018-8032
+CVE-2018-8032 (Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site  ...)
 	- axis 1.4-28 (bug #905328)
 	[stretch] - axis <no-dsa> (Minor issue)
 	[jessie] - axis <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/browse/AXIS-2924
 	NOTE: https://svn.apache.org/r1831943
-CVE-2018-8031
+CVE-2018-8031 (The Apache TomEE console (tomee-webapp) has a XSS vulnerability which  ...)
 	NOT-FOR-US: Apache TomEE
-CVE-2018-8030
+CVE-2018-8030 (A Denial of Service vulnerability was found in Apache Qpid Broker-J ve ...)
 	- qpid-java <itp> (bug #840131)
 CVE-2018-8029
 	RESERVED
-CVE-2018-8028
+CVE-2018-8028 (An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS with ...)
 	NOT-FOR-US: Apache Sentry
-CVE-2018-8027
+CVE-2018-8027 (Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in  ...)
 	NOT-FOR-US: Apache Camel
-CVE-2018-8026
+CVE-2018-8026 (This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 re ...)
 	- lucene-solr <not-affected> (Do not allow to upload configsets via the API)
 	NOTE: Versions 5.x and earlier are not affected by the vulnerability, since
 	NOTE: those versions do not allow to upload configsets via the API.
 	NOTE: https://issues.apache.org/jira/browse/SOLR-12450
-CVE-2018-8025
+CVE-2018-8025 (CVE-2018-8025 describes an issue in Apache HBase that affects the opti ...)
 	NOT-FOR-US: Apache HBase
-CVE-2018-8024
+CVE-2018-8024 (In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possib ...)
 	NOT-FOR-US: Apache Spark
-CVE-2018-8023
+CVE-2018-8023 (Apache Mesos can be configured to require authentication to call the E ...)
 	- apache-mesos <itp> (bug #760315)
-CVE-2018-8022
+CVE-2018-8022 (A carefully crafted invalid TLS handshake can cause Apache Traffic Ser ...)
 	- trafficserver 7.0.0-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/1
 	NOTE: Only affects 6.x, marking 7.0 as the fixed version
 	NOTE: https://github.com/apache/trafficserver/pull/2147
-CVE-2018-8021
+CVE-2018-8021 (Versions of Superset prior to 0.23 used an unsafe load method from the ...)
 	NOT-FOR-US: Apache Superset
-CVE-2018-8020
+CVE-2018-8020 (Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw t ...)
 	{DLA-1475-1}
 	- tomcat-native 1.2.17-1
 	[stretch] - tomcat-native 1.2.12-2+deb9u2
 	NOTE: https://svn.apache.org/r1832863
-CVE-2018-8019
+CVE-2018-8019 (When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and  ...)
 	{DLA-1475-1}
 	- tomcat-native 1.2.17-1
 	[stretch] - tomcat-native 1.2.12-2+deb9u2
 	NOTE: https://svn.apache.org/r1832832
-CVE-2018-8018
+CVE-2018-8018 (In Apache Ignite before 2.4.8 and 2.5.x before 2.5.3, the serializatio ...)
 	NOT-FOR-US: Apache Ignite
-CVE-2018-8017
+CVE-2018-8017 (In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an in ...)
 	- tika 1.20-1 (bug #914643)
 	[jessie] - tika <ignored> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/09/19/6
-CVE-2018-8016
+CVE-2018-8016 (The default configuration in Apache Cassandra 3.8 through 3.11.1 binds ...)
 	- cassandra <itp> (bug #585905)
-CVE-2018-8015
+CVE-2018-8015 (In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endle ...)
 	NOT-FOR-US: Apache ORC
-CVE-2018-8014
+CVE-2018-8014 (The defaults settings for the CORS filter provided in Apache Tomcat 9. ...)
 	{DLA-1400-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.32-1 (bug #898935)
@@ -33311,13 +33311,13 @@ CVE-2018-8014
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62343
 	NOTE: It is expected that users of the CORS filter will have configured it appropriately
 	NOTE: for their einvironment rather than using it in the default configuration
-CVE-2018-8013
+CVE-2018-8013 (In Apache Batik 1.x before 1.10, when deserializing subclass of `Abstr ...)
 	{DSA-4215-1 DLA-1385-1}
 	- batik 1.10-1 (bug #899374)
 	NOTE: https://issues.apache.org/jira/browse/BATIK-1222
 	NOTE: https://svn.apache.org/viewvc?view=revision&revision=1831241
 	NOTE: https://marc.info/?l=oss-security&m=152707788503264&w=2
-CVE-2018-8012
+CVE-2018-8012 (No authentication/authorization is enforced when a server attempts to  ...)
 	{DSA-4214-1}
 	- zookeeper 3.4.10-2 (bug #899332)
 	[wheezy] - zookeeper <ignored> (changes are too intrusive to backport)
@@ -33325,39 +33325,39 @@ CVE-2018-8012
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/21/6
 	NOTE: https://cwiki.apache.org/confluence/display/ZOOKEEPER/Server-Server+mutual+authentication
 	NOTE: https://issues.apache.org/jira/secure/attachment/12840904/ZOOKEEPER-1045-br-3-4.patch
-CVE-2018-8011
+CVE-2018-8011 (By specially crafting HTTP requests, the mod_md challenge handler woul ...)
 	- apache2 2.4.34-1 (bug #904107)
 	[stretch] - apache2 <not-affected> (Vulnerable code not present; mod_md module)
 	[jessie] - apache2 <not-affected> (Vulnerable code not present; mod_md module)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/2
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-8011
-CVE-2018-8010
+CVE-2018-8010 (This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relat ...)
 	- lucene-solr <not-affected> (Do not allow to upload configsets via the API)
 	NOTE: Versions 5.x and earlier are not affected by the vulnerability, since
 	NOTE: those versions do not allow to upload configsets via the API.
 	NOTE: https://issues.apache.org/jira/browse/SOLR-12316
-CVE-2018-8009
+CVE-2018-8009 (Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2. ...)
 	- hadoop <itp> (bug #793644)
-CVE-2018-8008
+CVE-2018-8008 (Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version ...)
 	NOT-FOR-US: Apache Storm
-CVE-2018-8007
+CVE-2018-8007 (Apache CouchDB administrative users can configure the database server  ...)
 	- couchdb <removed>
 	NOTE: https://blog.couchdb.org/2018/07/10/cve-2018-8007/
-CVE-2018-8006
+CVE-2018-8006 (An instance of a cross-site scripting vulnerability was identified to  ...)
 	- activemq <unfixed> (unimportant)
 	NOTE: https://issues.apache.org/jira/browse/AMQ-6954
 	NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=d25de5d
 	NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=d8c80a9
 	NOTE: Admin console not enabled in the Debian package, see #702670)
 	NOTE: Fixed in 5.15.5, 5.16.0
-CVE-2018-8005
+CVE-2018-8005 (When there are multiple ranges in a range request, Apache Traffic Serv ...)
 	{DSA-4282-1}
 	- trafficserver 7.1.4+ds-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/4
 	NOTE: https://github.com/apache/trafficserver/pull/3106
 	NOTE: https://github.com/apache/trafficserver/pull/3124
 	NOTE: https://github.com/apache/trafficserver/commit/bbcbb7cf7f25ebfe3a97d792e889de618e41a6a4
-CVE-2018-8004
+CVE-2018-8004 (There are multiple HTTP smuggling and cache poisoning issues when clie ...)
 	{DSA-4282-1}
 	- trafficserver 7.1.4+ds-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/5
@@ -33369,16 +33369,16 @@ CVE-2018-8004
 	NOTE: https://github.com/apache/trafficserver/commit/9659d12a21cf1870c2790fdd5acab712ed87f16e
 	NOTE: https://github.com/apache/trafficserver/commit/2616e580de7d66b9098c464d503a049c7814e35a
 	NOTE: https://github.com/apache/trafficserver/commit/3d2fdab8b0606bc8b35006f7aeb73729d364b333
-CVE-2018-8003
+CVE-2018-8003 (Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory  ...)
 	NOT-FOR-US: Apache Ambari
-CVE-2018-8002
+CVE-2018-8002 (In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfPar ...)
 	- libpodofo <unfixed> (low; bug #892557)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: PoC https://bugzilla.redhat.com/show_bug.cgi?id=1548930
 	NOTE: Upstream bug: https://sourceforge.net/p/podofo/tickets/15/
-CVE-2018-8001
+CVE-2018-8001 (In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerabil ...)
 	- libpodofo 0.9.6+dfsg-3 (low; bug #892556)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -33386,43 +33386,43 @@ CVE-2018-8001
 	NOTE: PoC https://bugzilla.redhat.com/show_bug.cgi?id=1549469
 	NOTE: Upstream bug: https://sourceforge.net/p/podofo/tickets/14/
 	NOTE: Upstream commit: http://sourceforge.net/p/podofo/code/1909
-CVE-2018-8000
+CVE-2018-8000 (In PoDoFo 0.9.5, there exists a heap-based buffer overflow vulnerabili ...)
 	NOTE: PoC https://bugzilla.redhat.com/show_bug.cgi?id=1548918
 	NOTE: Upstream bug: https://sourceforge.net/p/podofo/tickets/13/
 	NOTE: Upstream tracked this down as a of CVE-2017-5886
-CVE-2018-7999
+CVE-2018-7999 (In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulner ...)
 	- graphite2 1.3.11-2 (bug #892590)
 	[stretch] - graphite2 <no-dsa> (Minor issue)
 	[jessie] - graphite2 <no-dsa> (Minor issue)
 	[wheezy] - graphite2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/silnrsi/graphite/commit/db132b4731a9b4c9534144ba3a18e65b390e9ff6
 	NOTE: https://github.com/silnrsi/graphite/issues/22
-CVE-2018-7998
+CVE-2018-7998 (In libvips before 8.6.3, a NULL function pointer dereference vulnerabi ...)
 	{DLA-1306-1}
 	- vips 8.4.5-2 (low; bug #892589)
 	[stretch] - vips <no-dsa> (Minor issue)
 	[jessie] - vips <no-dsa> (Minor issue)
 	NOTE: https://github.com/jcupitt/libvips/commit/20d840e6da15c1574b3ed998bc92f91d1e36c2a5
 	NOTE: https://github.com/jcupitt/libvips/issues/893
-CVE-2018-7997
+CVE-2018-7997 (Eramba e1.0.6.033 has Reflected XSS on the Error page of the CSV file  ...)
 	NOT-FOR-US: Eramba
-CVE-2018-7996
+CVE-2018-7996 (Eramba e1.0.6.033 has Stored XSS on the tooltip box via the /programSc ...)
 	NOT-FOR-US: Eramba
-CVE-2018-7994
+CVE-2018-7994 (Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50;  ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7993
+CVE-2018-7993 (HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.3 ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7992
+CVE-2018-7992 (Mdapt Driver of Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7991
+CVE-2018-7991 (Huawei smartphones Mate10 with versions earlier before ALP-AL00B 8.0.0 ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7990
+CVE-2018-7990 (Mate10 Pro Huawei smart phones with the versions before 8.1.0.326(C00) ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7989
+CVE-2018-7989 (Huawei Mate 10 pro smartphones with the versions before BLA-AL00B 8.1. ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7988
+CVE-2018-7988 (There is a Factory Reset Protection (FRP) bypass vulnerability on seve ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7987
+CVE-2018-7987 (There is an out-of-bounds write vulnerability on Huawei P20 smartphone ...)
 	NOT-FOR-US: Huawei
 CVE-2018-7986
 	REJECTED
@@ -33442,9 +33442,9 @@ CVE-2018-7979
 	REJECTED
 CVE-2018-7978
 	REJECTED
-CVE-2018-7977
+CVE-2018-7977 (There is an information leakage vulnerability on several Huawei produc ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7976
+CVE-2018-7976 (There is a stored cross-site scripting (XSS) vulnerability in Huawei e ...)
 	NOT-FOR-US: Huawei
 CVE-2018-7975
 	REJECTED
@@ -33474,17 +33474,17 @@ CVE-2018-7963
 	REJECTED
 CVE-2018-7962
 	RESERVED
-CVE-2018-7961
+CVE-2018-7961 (There is a smart SMS verification code vulnerability in some Huawei sm ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7960
+CVE-2018-7960 (There is a SRTP icon display vulnerability in Huawei eSpace product. A ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7959
+CVE-2018-7959 (There is a short key vulnerability in Huawei eSpace product. An unauth ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7958
+CVE-2018-7958 (There is an anonymous TLS cipher suites supported vulnerability in Hua ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7957
+CVE-2018-7957 (Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7956
+CVE-2018-7956 (Huawei VIP App is a mobile app for Malaysia customers that purchased P ...)
 	NOT-FOR-US: Huawei
 CVE-2018-7955
 	REJECTED
@@ -33494,69 +33494,69 @@ CVE-2018-7953
 	RESERVED
 CVE-2018-7952
 	RESERVED
-CVE-2018-7951
+CVE-2018-7951 (The iBMC (Intelligent Baseboard Management Controller) of some Huawei  ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7950
+CVE-2018-7950 (The iBMC (Intelligent Baseboard Management Controller) of some Huawei  ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7949
+CVE-2018-7949 (The iBMC (Intelligent Baseboard Management Controller) of some Huawei  ...)
 	NOT-FOR-US: Huawei
 CVE-2018-7948
 	REJECTED
-CVE-2018-7947
+CVE-2018-7947 (Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.15 ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7946
+CVE-2018-7946 (There is an information leak vulnerability in some Huawei smartphones. ...)
 	NOT-FOR-US: Huawei
 CVE-2018-7945
 	REJECTED
-CVE-2018-7944
+CVE-2018-7944 (Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8. ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7943
+CVE-2018-7943 (There is an authentication bypass vulnerability in some Huawei servers ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7942
+CVE-2018-7942 (The iBMC (Intelligent Baseboard Management Controller) of some Huawei  ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7941
+CVE-2018-7941 (Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7940
+CVE-2018-7940 (Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7939
+CVE-2018-7939 (Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 with the vers ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7938
+CVE-2018-7938 (P10 Huawei smartphones with the versions before Victoria-AL00AC00B217  ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7937
+CVE-2018-7937 (In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-1 ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7936
+CVE-2018-7936 (Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0 ...)
 	NOT-FOR-US: Huawei
 CVE-2018-7935
 	RESERVED
-CVE-2018-7934
+CVE-2018-7934 (Some Huawei mobile phone with the versions before BLA-L29 8.0.0.145(C4 ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7933
+CVE-2018-7933 (Huawei home gateway products HiRouter-CD20 and WS5200 with the version ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7932
+CVE-2018-7932 (Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascrip ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7931
+CVE-2018-7931 (Huawei AppGallery versions before 8.0.4.301 has a whitelist mechanism  ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7930
+CVE-2018-7930 (The Near Field Communication (NFC) module in Mate 9 Huawei mobile phon ...)
 	NOT-FOR-US: Mate 9 Huawei mobile phones
-CVE-2018-7929
+CVE-2018-7929 (Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.16 ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7928
+CVE-2018-7928 (There is a security vulnerability which could lead to Factory Reset Pr ...)
 	NOT-FOR-US: Huawei
 CVE-2018-7927
 	REJECTED
-CVE-2018-7926
+CVE-2018-7926 (Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have  ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7925
+CVE-2018-7925 (The radio module of some Huawei smartphones Emily-AL00A The versions b ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7924
+CVE-2018-7924 (Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7923
+CVE-2018-7923 (Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.1 ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7922
+CVE-2018-7922 (Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.1 ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7921
+CVE-2018-7921 (Huawei B315s-22 products with software of 21.318.01.00.26 have an info ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7920
+CVE-2018-7920 (Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 V200R0 ...)
 	NOT-FOR-US: Huawei
 CVE-2018-7919
 	RESERVED
@@ -33574,31 +33574,31 @@ CVE-2018-7913
 	REJECTED
 CVE-2018-7912
 	REJECTED
-CVE-2018-7911
+CVE-2018-7911 (Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00),  ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7910
+CVE-2018-7910 (Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118 ...)
 	NOT-FOR-US: Huawei
 CVE-2018-7909
 	REJECTED
 CVE-2018-7908
 	REJECTED
-CVE-2018-7907
+CVE-2018-7907 (Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C1 ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7906
+CVE-2018-7906 (Some Huawei smart phones with software of Leland-AL00 8.0.0.114(C636), ...)
 	NOT-FOR-US: Huawei
 CVE-2018-7905
 	REJECTED
-CVE-2018-7904
+CVE-2018-7904 (Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON i ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7903
+CVE-2018-7903 (Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON i ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7902
+CVE-2018-7902 (Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON i ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7901
+CVE-2018-7901 (RCS module in Huawei ALP-AL00B smart phones with software versions ear ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7900
+CVE-2018-7900 (There is an information leak vulnerability in some Huawei HG products. ...)
 	NOT-FOR-US: Huawei
-CVE-2018-7899
+CVE-2018-7899 (The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones w ...)
 	NOT-FOR-US: Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones
 CVE-2018-7898
 	RESERVED
@@ -33608,21 +33608,21 @@ CVE-2018-7896
 	RESERVED
 CVE-2018-7895
 	RESERVED
-CVE-2018-7894
+CVE-2018-7894 (Eramba e1.0.6.033 has Reflected XSS in reviews/filterIndex/ThirdPartyR ...)
 	NOT-FOR-US: Eramba
-CVE-2018-7893
+CVE-2018-7893 (CMS Made Simple (CMSMS) 2.2.6 has stored XSS in admin/moduleinterface. ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2018-7892
 	RESERVED
-CVE-2018-7891
+CVE-2018-7891 (The Milestone XProtect Video Management Software (Corporate, Expert, P ...)
 	NOT-FOR-US: Milestone XProtect Video Management Software
-CVE-2018-7995
+CVE-2018-7995 (** DISPUTED ** Race condition in the store_int_with_restart() function ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.11-1
 	NOTE: https://lkml.org/lkml/2018/3/2/970
-CVE-2018-7890
+CVE-2018-7890 (A remote code execution issue was discovered in Zoho ManageEngine Appl ...)
 	NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2018-7889
+CVE-2018-7889 (gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on i ...)
 	- calibre 3.19.0+dfsg-1 (bug #892242)
 	[stretch] - calibre <no-dsa> (Minor issue)
 	[jessie] - calibre <no-dsa> (Minor issue)
@@ -33633,17 +33633,17 @@ CVE-2018-7889
 	NOTE: see https://lists.debian.org/87muy0usv1.fsf@curie.anarc.at
 	NOTE: The CVE assignment is specific to the issue fixed by upstream commit
 	NOTE: aeb5b036a0bf657951756688b3c72bd68b6e4a7d.
-CVE-2018-1000122
+CVE-2018-1000122 (A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0  ...)
 	{DSA-4136-1 DLA-1309-1}
 	- curl 7.60.0-1 (bug #893546)
 	NOTE: https://curl.haxx.se/docs/adv_2018-b047.html
 	NOTE: https://curl.haxx.se/CVE-2018-1000122.patch
-CVE-2018-1000121
+CVE-2018-1000121 (A NULL pointer dereference exists in curl 7.21.0 to and including curl ...)
 	{DSA-4136-1 DLA-1309-1}
 	- curl 7.60.0-1 (bug #893546)
 	NOTE: https://curl.haxx.se/docs/adv_2018-97a2.html
 	NOTE: https://curl.haxx.se/CVE-2018-1000121.patch
-CVE-2018-1000120
+CVE-2018-1000120 (A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 i ...)
 	{DSA-4136-1 DLA-1309-1}
 	- curl 7.60.0-1 (bug #893546)
 	NOTE: https://curl.haxx.se/docs/adv_2018-9cd6.html
@@ -33652,11 +33652,11 @@ CVE-2018-7888
 	RESERVED
 CVE-2018-7887
 	RESERVED
-CVE-2018-7886
+CVE-2018-7886 (An issue was discovered in CloudMe 1.11.0. An unauthenticated local at ...)
 	NOT-FOR-US: CloudMe
 CVE-2018-7885
 	RESERVED
-CVE-2018-7884
+CVE-2018-7884 (An issue was discovered in DisplayLink Core Software Cleaner Applicati ...)
 	NOT-FOR-US: DisplayLink Core Software Cleaner Application
 CVE-2018-7883
 	RESERVED
@@ -33670,51 +33670,51 @@ CVE-2018-7879
 	RESERVED
 CVE-2018-7878
 	RESERVED
-CVE-2018-7877
+CVE-2018-7877 (There is a heap-based buffer overflow in the getString function of uti ...)
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/110
-CVE-2018-7876
+CVE-2018-7876 (In libming 0.4.8, a memory exhaustion vulnerability was found in the f ...)
 	{DLA-1386-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/109
-CVE-2018-7875
+CVE-2018-7875 (There is a heap-based buffer over-read in the getString function of ut ...)
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/112
-CVE-2018-7874
+CVE-2018-7874 (An invalid memory address dereference was discovered in strlenext in u ...)
 	- ming <removed>
 	[wheezy] - ming 1:0.4.4-1.1+deb7u8
 	NOTE: https://github.com/libming/libming/issues/115
-CVE-2018-7873
+CVE-2018-7873 (There is a heap-based buffer overflow in the getString function of uti ...)
 	{DLA-1386-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/111
-CVE-2018-7872
+CVE-2018-7872 (An invalid memory address dereference was discovered in the function g ...)
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/114
-CVE-2018-7871
+CVE-2018-7871 (There is a heap-based buffer over-read in the getName function of util ...)
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/120
-CVE-2018-7870
+CVE-2018-7870 (An invalid memory address dereference was discovered in getString in u ...)
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/117
-CVE-2018-7869
+CVE-2018-7869 (There is a memory leak triggered in the function dcinit of util/decomp ...)
 	- ming <removed>
 	[wheezy] - ming <ignored> (Minor issue present everywhere in the source code, hard to fix)
 	NOTE: https://github.com/libming/libming/issues/119
-CVE-2018-7868
+CVE-2018-7868 (There is a heap-based buffer over-read in the getName function of util ...)
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/113
-CVE-2018-7867
+CVE-2018-7867 (There is a heap-based buffer overflow in the getString function of uti ...)
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/116
-CVE-2018-7866
+CVE-2018-7866 (A NULL pointer dereference was discovered in newVar3 in util/decompile ...)
 	{DLA-1386-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/118
@@ -33732,7 +33732,7 @@ CVE-2018-7860
 	RESERVED
 CVE-2018-7859
 	RESERVED
-CVE-2018-7858
+CVE-2018-7858 (Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Em ...)
 	- qemu 1:2.12~rc3+dfsg-1 (bug #892497)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
@@ -33776,25 +33776,25 @@ CVE-2018-7841
 	RESERVED
 CVE-2018-7840
 	RESERVED
-CVE-2018-7839
+CVE-2018-7839 (A Cryptographic Issue (CWE-310) vulnerability exists in IIoT Monitor 3 ...)
 	NOT-FOR-US: Schneider
 CVE-2018-7838
 	RESERVED
-CVE-2018-7837
+CVE-2018-7837 (An Improper Restriction of XML External Entity Reference ('XXE') vulne ...)
 	NOT-FOR-US: IIoT Monitor (Schneider Electric)
-CVE-2018-7836
+CVE-2018-7836 (An unrestricted Upload of File with Dangerous Type vulnerability exist ...)
 	NOT-FOR-US: IIoT Monitor (Schneider Electric)
-CVE-2018-7835
+CVE-2018-7835 (An Improper Limitation of a Pathname to a Restricted Directory ('Path  ...)
 	NOT-FOR-US: IIoT Monitor (Schneider Electric)
 CVE-2018-7834
 	RESERVED
-CVE-2018-7833
+CVE-2018-7833 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7832
+CVE-2018-7832 (An Improper Input Validation vulnerability exists in Pro-Face GP-Pro E ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7831
+CVE-2018-7831 (An Improper Neutralization of Script-Related HTML Tags in a Web Page ( ...)
 	NOT-FOR-US: Modicon (Schneider Electric)
-CVE-2018-7830
+CVE-2018-7830 (Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Respo ...)
 	NOT-FOR-US: Modicon (Schneider Electric)
 CVE-2018-7829
 	RESERVED
@@ -33820,164 +33820,164 @@ CVE-2018-7819
 	RESERVED
 CVE-2018-7818
 	RESERVED
-CVE-2018-7817
+CVE-2018-7817 (A Use After Free (CWE-416) vulnerability exists in Zelio Soft 2 v5.1 a ...)
 	NOT-FOR-US: Zolio
 CVE-2018-7816
 	RESERVED
-CVE-2018-7815
+CVE-2018-7815 (A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schnei ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7814
+CVE-2018-7814 (A Stack-based Buffer Overflow (CWE-121) vulnerability exists in Euroth ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7813
+CVE-2018-7813 (A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schnei ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7812
+CVE-2018-7812 (An Information Exposure through Discrepancy vulnerability exists in th ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7811
+CVE-2018-7811 (An Unverified Password Change vulnerability exists in the embedded web ...)
 	NOT-FOR-US: Modicon (Schneider Electric)
-CVE-2018-7810
+CVE-2018-7810 (An Improper Neutralization of Input During Web Page Generation ('Cross ...)
 	NOT-FOR-US: Modicon (Schneider Electric)
-CVE-2018-7809
+CVE-2018-7809 (An Unverified Password Change vulnerability exists in the embedded web ...)
 	NOT-FOR-US: Modicon (Schneider Electric)
 CVE-2018-7808
 	RESERVED
-CVE-2018-7807
+CVE-2018-7807 (Data Center Expert, versions 7.5.0 and earlier, allows for the upload  ...)
 	NOT-FOR-US: Data Center Expert
-CVE-2018-7806
+CVE-2018-7806 (Data Center Operation allows for the upload of a zip file from its use ...)
 	NOT-FOR-US: Data Center Operation
 CVE-2018-7805
 	RESERVED
-CVE-2018-7804
+CVE-2018-7804 (A URL Redirection to Untrusted Site vulnerability exists in the embedd ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2018-7803
 	RESERVED
-CVE-2018-7802
+CVE-2018-7802 (A SQL Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 a ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7801
+CVE-2018-7801 (A Code Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1  ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7800
+CVE-2018-7800 (A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2. ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7799
+CVE-2018-7799 (A DLL hijacking vulnerability exists in Schneider Electric Software Up ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7798
+CVE-2018-7798 (A Insufficient Verification of Data Authenticity (CWE-345) vulnerabili ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7797
+CVE-2018-7797 (A URL redirection vulnerability exists in Power Monitoring Expert, Ene ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7796
+CVE-2018-7796 (A Buffer Error vulnerability exists in PowerSuite 2, all released vers ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7795
+CVE-2018-7795 (A Cross Protocol Injection vulnerability exists in Schneider Electric' ...)
 	NOT-FOR-US: Schneider
 CVE-2018-7794
 	RESERVED
-CVE-2018-7793
+CVE-2018-7793 (A Credential Management vulnerability exists in FoxView HMI SCADA (All ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7792
+CVE-2018-7792 (A Permissions, Privileges, and Access Control vulnerability exists in  ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7791
+CVE-2018-7791 (A Permissions, Privileges, and Access Control vulnerability exists in  ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7790
+CVE-2018-7790 (An Information Management Error vulnerability exists in Schneider Elec ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7789
+CVE-2018-7789 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
 	NOT-FOR-US: Schneider
 CVE-2018-7788
 	RESERVED
-CVE-2018-7787
+CVE-2018-7787 (In Schneider Electric U.motion Builder software versions prior to v1.3 ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7786
+CVE-2018-7786 (In Schneider Electric U.motion Builder software versions prior to v1.3 ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7785
+CVE-2018-7785 (In Schneider Electric U.motion Builder software versions prior to v1.3 ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7784
+CVE-2018-7784 (In Schneider Electric U.motion Builder software versions prior to v1.3 ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7783
+CVE-2018-7783 (Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an X ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7782
+CVE-2018-7782 (In Schneider Electric Pelco Sarix Professional 1st generation cameras  ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7781
+CVE-2018-7781 (In Schneider Electric Pelco Sarix Professional 1st generation cameras  ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7780
+CVE-2018-7780 (In Schneider Electric Pelco Sarix Professional 1st generation cameras  ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7779
+CVE-2018-7779 (In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1  ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7778
+CVE-2018-7778 (In Schneider Electric Evlink Charging Station versions prior to v3.2.0 ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7777
+CVE-2018-7777 (The vulnerability is due to insufficient handling of update_file reque ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7776
+CVE-2018-7776 (The vulnerability exists within error.php in Schneider Electric U.moti ...)
 	NOT-FOR-US: Schneider
 CVE-2018-7775
 	REJECTED
-CVE-2018-7774
+CVE-2018-7774 (The vulnerability exists within processing of localize.php in Schneide ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7773
+CVE-2018-7773 (The vulnerability exists within processing of nfcserver.php in Schneid ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7772
+CVE-2018-7772 (The vulnerability exists within processing of applets which are expose ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7771
+CVE-2018-7771 (The vulnerability exists within processing of editscript.php in Schnei ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7770
+CVE-2018-7770 (The vulnerability exists within processing of sendmail.php in Schneide ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7769
+CVE-2018-7769 (The vulnerability exists within processing of xmlserver.php in Schneid ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7768
+CVE-2018-7768 (The vulnerability exists within processing of loadtemplate.php in Schn ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7767
+CVE-2018-7767 (The vulnerability exists within processing of editobject.php in Schnei ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7766
+CVE-2018-7766 (The vulnerability exists within processing of track_getdata.php in Sch ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7765
+CVE-2018-7765 (The vulnerability exists within processing of track_import_export.php  ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7764
+CVE-2018-7764 (The vulnerability exists within runscript.php applet in Schneider Elec ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7763
+CVE-2018-7763 (The vulnerability exists within css.inc.php in Schneider Electric U.mo ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7762
+CVE-2018-7762 (A vulnerability exists in the web services to process SOAP requests in ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7761
+CVE-2018-7761 (A vulnerability exists in the HTTP request parser in Schneider Electri ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7760
+CVE-2018-7760 (An authorization bypass vulnerability exists in Schneider Electric's M ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7759
+CVE-2018-7759 (A buffer overflow vulnerability exists in Schneider Electric's Modicon ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7758
+CVE-2018-7758 (A denial of service vulnerability exists in Schneider Electric's MiCOM ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7757
+CVE-2018-7757 (Memory leak in the sas_smp_get_phy_events function in drivers/scsi/lib ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.17-1
 	NOTE: Fixed by: https://git.kernel.org/linus/4a491b1ab11ca0556d2fda1ff1301e862a2d44c4 (4.16-rc1)
-CVE-2018-7756
+CVE-2018-7756 (RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devices d ...)
 	NOT-FOR-US: RunExeFile.exe in the installer for DEWESoft X3 SP1 devices
-CVE-2018-7755
+CVE-2018-7755 (An issue was discovered in the fd_locked_ioctl function in drivers/blo ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.10-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://lkml.org/lkml/2018/5/29/495
-CVE-2018-7754
+CVE-2018-7754 (The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the ...)
 	- linux 4.15.4-1
 	[stretch] - linux <ignored> (debugfs restricted to root by default)
 	[jessie] - linux <ignored> (debugfs restricted to root by default)
 	NOTE: https://git.kernel.org/linus/ad67b74d2469d9b82aaa572d76474c95bc484d57
-CVE-2018-7751
+CVE-2018-7751 (The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4. ...)
 	- ffmpeg 7:3.4.3-1
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	- libav <not-affected> (Vulnerable code not present)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/a6cba062051f345e8ebfdff34aba071ed73d923f
-CVE-2018-7750
+CVE-2018-7750 (transport.py in the SSH server implementation of Paramiko before 1.17. ...)
 	{DLA-1556-1}
 	- paramiko 2.4.2-0.1 (bug #892859)
 	[stretch] - paramiko <no-dsa> (Minor issue)
 	[wheezy] - paramiko <no-dsa> (Minor issue)
 	NOTE: https://github.com/paramiko/paramiko/issues/1175
 	NOTE: https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516
-CVE-2018-7749
+CVE-2018-7749 (The SSH server implementation of AsyncSSH before 1.12.1 does not prope ...)
 	- python-asyncssh 1.12.1-1 (bug #892787)
 	NOTE: https://github.com/ronf/asyncssh/commit/16e6ebfa893167c7d9d3f6dc7a2c0d197e47f43a
-CVE-2018-7748
+CVE-2018-7748 (report_viewer.do in ServiceNow Release Jakarta Patch 8 and earlier all ...)
 	NOT-FOR-US: ServiceNow
-CVE-2018-7747
+CVE-2018-7747 (Multiple cross-site scripting (XSS) vulnerabilities in the Caldera For ...)
 	NOT-FOR-US: Caldera Forms plugin for WordPress
-CVE-2018-7746
+CVE-2018-7746 (An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentic ...)
 	NOT-FOR-US: Western Bridge Cobub Razor
-CVE-2018-7745
+CVE-2018-7745 (An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentic ...)
 	NOT-FOR-US: Western Bridge Cobub Razor
 CVE-2018-7744
 	RESERVED
@@ -33985,82 +33985,82 @@ CVE-2018-7743
 	RESERVED
 CVE-2018-7742
 	RESERVED
-CVE-2018-7741
+CVE-2018-7741 (Eramba e1.0.6.033 has Reflected XSS in the Date Filter via the created ...)
 	NOT-FOR-US: Eramba
-CVE-2018-1000118
+CVE-2018-1000118 (Github Electron version Electron 1.8.2-beta.4 and earlier contains a C ...)
 	- electron <itp> (bug #842420)
-CVE-2018-1000116
+CVE-2018-1000116 (NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the ...)
 	{DSA-4154-1 DLA-1317-1}
 	- net-snmp 5.7.3+dfsg-1.1 (bug #894110)
 	NOTE: https://sourceforge.net/p/net-snmp/bugs/2821/
 	NOTE: https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/
 	NOTE: Same patch/commit as #788964 (as used for fixing CVE-2015-5621)
 	NOTE: adresses CVE-2018-1000116 as well.
-CVE-2018-7753
+CVE-2018-7753 (An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that  ...)
 	- python-bleach 2.1.3-1 (bug #892252)
 	[stretch] - python-bleach <not-affected> (Vulnerable code introduced later)
 	[jessie] - python-bleach <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/mozilla/bleach/pull/356
 	NOTE: https://github.com/mozilla/bleach/commit/c5df5789ec3471a31311f42c2d19fc2cf21b35ef
-CVE-2018-1000117
+CVE-2018-1000117 (Python Software Foundation CPython version From 3.2 until 3.6.4 on Win ...)
 	- python3.7 <not-affected> (Windows-specific)
 	- python3.6 <not-affected> (Windows-specific)
 	- python3.5 <not-affected> (Windows-specific)
 	- python3.4 <not-affected> (Windows-specific)
 	NOTE: http://hg.python.org/lookup/6921e73e33edc3c61bc2d78ed558eaa22a89a564
 	NOTE: https://bugs.python.org/issue33001
-CVE-2018-7740
+CVE-2018-7740 (The resv_map_release function in mm/hugetlb.c in the Linux kernel thro ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.17-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199037
-CVE-2018-7739
+CVE-2018-7739 (antsle antman before 0.9.1a allows remote attackers to bypass authenti ...)
 	NOT-FOR-US: antsle antman
-CVE-2018-7737
+CVE-2018-7737 (In Z-BlogPHP 1.5.1.1740, there is Web Site physical path leakage, as d ...)
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-7736
+CVE-2018-7736 (In Z-BlogPHP 1.5.1.1740, cmd.php has XSS via the ZC_BLOG_SUBNAME param ...)
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-7735
+CVE-2018-7735 (Afian FileRun (before 2018.02.13) suffers from a remote SQL injection  ...)
 	NOT-FOR-US: Afian FileRun
-CVE-2018-7734
+CVE-2018-7734 (Afian FileRun (before 2018.02.13) suffers from a remote SQL injection  ...)
 	NOT-FOR-US: Afian FileRun
-CVE-2018-7733
+CVE-2018-7733 (An issue was discovered in YxtCMF 3.1. RbacController.class.php has CS ...)
 	NOT-FOR-US: YxtCMF
-CVE-2018-7732
+CVE-2018-7732 (An issue was discovered in YxtCMF 3.1. SQL Injection exists in ShitiCo ...)
 	NOT-FOR-US: YxtCMF
-CVE-2018-7731
+CVE-2018-7731 (An issue was discovered in Exempi through 2.4.4. XMPFiles/source/Forma ...)
 	- exempi 2.4.5-1 (low; bug #892782)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <not-affected> (Vulnerable code introduced later)
 	[wheezy] - exempi <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=105247
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=aabedb5e749dd59112a3fe1e8e08f2d934f56666
-CVE-2018-7730
+CVE-2018-7730 (An issue was discovered in Exempi through 2.4.4. A certain case of a 0 ...)
 	{DLA-1310-1}
 	- exempi 2.4.5-1 (low; bug #892782)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=105204
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=6cbd34025e5fd3ba47b29b602096e456507ce83b
-CVE-2018-7729
+CVE-2018-7729 (An issue was discovered in Exempi through 2.4.4. There is a stack-base ...)
 	- exempi 2.4.5-1 (low; bug #892782)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	[wheezy] - exempi <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=105206
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=baa4b8a02c1ffab9645d13f0bfb1c0d10d311a0c
-CVE-2018-7728
+CVE-2018-7728 (An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileH ...)
 	{DLA-1310-1}
 	- exempi 2.4.5-1 (low; bug #892782)
 	[stretch] - exempi <no-dsa> (Minor issue)
 	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=105205
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=e163667a06a9b656a047b0ec660b871f29a83c9f
-CVE-2018-7727
+CVE-2018-7727 (An issue was discovered in ZZIPlib 0.13.68. There is a memory leak tri ...)
 	- zziplib <unfixed> (unimportant)
 	NOTE: https://github.com/gdraheim/zziplib/issues/40
 	NOTE: https://github.com/gdraheim/zziplib/commit/83a2da55922f67e07f22048ac9671a44cc0d35c4 (v0.13.69)
 	NOTE: unzzipcat-mem and unzzipdir-mem not installed into binary packages.
-CVE-2018-7726
+CVE-2018-7726 (An issue was discovered in ZZIPlib 0.13.68. There is a bus error cause ...)
 	- zziplib 0.13.62-3.2 (low; bug #913165)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
@@ -34070,30 +34070,30 @@ CVE-2018-7726
 	NOTE: https://github.com/gdraheim/zziplib/commit/8f48323c181e20b7e527b8be7229d6eb1148ec5f (v0.13.69)
 	NOTE: https://github.com/gdraheim/zziplib/commit/19c9e4dc6c5cf92a38d0d23dbccac6993f9c41be (v0.13.69)
 	NOTE: https://github.com/gdraheim/zziplib/commit/feae4da1a5c92100c44ebfcbaaa895959cc0829b (v0.13.69)
-CVE-2018-7725
+CVE-2018-7725 (An issue was discovered in ZZIPlib 0.13.68. An invalid memory address  ...)
 	- zziplib 0.13.62-3.2 (low; bug #913165)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
 	[wheezy] - zziplib <no-dsa> (Minor issue)
 	NOTE: https://github.com/gdraheim/zziplib/issues/39
 	NOTE: https://github.com/gdraheim/zziplib/commit/1ba660b3300d67b8ce9f6b96bbae0b36fa2d6b06 (v0.13.69)
-CVE-2018-7724
+CVE-2018-7724 (The management panel in Piwigo 2.9.3 has stored XSS via the name param ...)
 	- piwigo <removed>
 	NOTE: https://github.com/Piwigo/Piwigo/issues/872
 	NOTE: https://github.com/Piwigo/Piwigo/commit/55a9754b111309d7a85c6dd86efe47954e984072
-CVE-2018-7723
+CVE-2018-7723 (The management panel in Piwigo 2.9.3 has stored XSS via the virtual_na ...)
 	- piwigo <removed>
-CVE-2018-7722
+CVE-2018-7722 (The management panel in Piwigo 2.9.3 has stored XSS via the name param ...)
 	- piwigo <removed>
 	NOTE: https://github.com/Piwigo/Piwigo/issues/871
 	NOTE: https://github.com/Piwigo/Piwigo/commit/0ec289769ee1fc314dbc7d90fdc480389e786942
-CVE-2018-7721
+CVE-2018-7721 (Cross Site Scripting (XSS) exists in MetInfo 6.0.0 via /feedback/index ...)
 	NOT-FOR-US: MetInfo
-CVE-2018-7720
+CVE-2018-7720 (A cross-site request forgery (CSRF) vulnerability exists in Western Br ...)
 	NOT-FOR-US: Western Bridge Cobub Razor
-CVE-2018-7719
+CVE-2018-7719 (Acrolinx Server before 5.2.5 on Windows allows Directory Traversal. ...)
 	NOT-FOR-US: Acrolinx Server
-CVE-2018-7752
+CVE-2018-7752 (GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps  ...)
 	{DLA-1693-1}
 	- gpac <unfixed> (bug #892526)
 	[stretch] - gpac <no-dsa> (Minor issue, will be fixed via point release)
@@ -34102,11 +34102,11 @@ CVE-2018-7752
 	NOTE: https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4
 	NOTE: CVE is for the issue in av_parsers.c and fixed in same commit as
 	NOTE: CVE-2018-1000100
-CVE-2018-1000100
+CVE-2018-1000100 (GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulne ...)
 	- gpac <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/gpac/gpac/issues/994
 	NOTE: https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4
-CVE-2018-7738
+CVE-2018-7738 (In util-linux before 2.32-rc1, bash-completion/umount allows local use ...)
 	{DSA-4134-1}
 	- bash-completion <unfixed> (unimportant)
 	- util-linux 2.31.1-0.5 (bug #892179)
@@ -34117,21 +34117,21 @@ CVE-2018-7738
 	NOTE: src:util-linux/2.28-1 takes over the umount completion from
 	NOTE: src:bash-completion (which in turn starting from 1:2.1-4.3
 	NOTE: does not provide the umount completion in the binary packaage)
-CVE-2018-7718
+CVE-2018-7718 (An issue was discovered in Telexy QPath 5.4.462. A low privileged auth ...)
 	NOT-FOR-US: Telexy QPath
-CVE-2018-7717
+CVE-2018-7717 (The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik ...)
 	NOT-FOR-US: Kubik-Rubik Simple Image Gallery Extended (SIGE) extension for Joomla!
-CVE-2018-7716
+CVE-2018-7716 (PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation v ...)
 	NOT-FOR-US: PrivateVPN for macOS
-CVE-2018-7715
+CVE-2018-7715 (PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation v ...)
 	NOT-FOR-US: PrivateVPN for macOS
-CVE-2018-7714
+CVE-2018-7714 (The validateInputImageSize function in modules/imgcodecs/src/loadsave. ...)
 	NOTE: Non-issue, needs to be handled within applications using opencv
 	NOTE: https://github.com/opencv/opencv/issues/10998
-CVE-2018-7713
+CVE-2018-7713 (The validateInputImageSize function in modules/imgcodecs/src/loadsave. ...)
 	NOTE: Non-issue, needs to be handled within applications using opencv
 	NOTE: https://github.com/opencv/opencv/issues/10998
-CVE-2018-7712
+CVE-2018-7712 (The validateInputImageSize function in modules/imgcodecs/src/loadsave. ...)
 	NOTE: Non-issue, needs to be handled within applications using opencv
 	NOTE: https://github.com/opencv/opencv/issues/10998
 CVE-2018-7710
@@ -34140,25 +34140,25 @@ CVE-2018-7709
 	RESERVED
 CVE-2018-7708
 	RESERVED
-CVE-2018-7707
+CVE-2018-7707 (Cross-site scripting (XSS) vulnerability in SecurEnvoy SecurMail befor ...)
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7706
+CVE-2018-7706 (Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.5 ...)
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7705
+CVE-2018-7705 (Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.5 ...)
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7704
+CVE-2018-7704 (SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users  ...)
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7703
+CVE-2018-7703 (Cross-site scripting (XSS) vulnerability in SecurEnvoy SecurMail befor ...)
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7702
+CVE-2018-7702 (SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof t ...)
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7701
+CVE-2018-7701 (Multiple cross-site request forgery (CSRF) vulnerabilities in SecurEnv ...)
 	NOT-FOR-US: SecurEnvoy SecurMail
-CVE-2018-7700
+CVE-2018-7700 (DedeCMS 5.7 has CSRF with an impact of arbitrary code execution, becau ...)
 	NOT-FOR-US: DedeCMS
 CVE-2018-7699
 	RESERVED
-CVE-2018-7698
+CVE-2018-7698 (An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933 ...)
 	NOT-FOR-US: D-Link
 CVE-2018-7697
 	RESERVED
@@ -34170,54 +34170,54 @@ CVE-2018-7694
 	RESERVED
 CVE-2018-7693
 	RESERVED
-CVE-2018-7692
+CVE-2018-7692 (Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 ...)
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2018-7691
+CVE-2018-7691 (A potential Remote Unauthorized Access in Micro Focus Fortify Software ...)
 	NOT-FOR-US: Micro Focus
-CVE-2018-7690
+CVE-2018-7690 (A potential Remote Unauthorized Access in Micro Focus Fortify Software ...)
 	NOT-FOR-US: Micro Focus
-CVE-2018-7689
+CVE-2018-7689 (Lack of permission checks in the InitializeDevelPackage function in op ...)
 	- open-build-service 2.9.4-1 (low; bug #903797)
 	[stretch] - open-build-service <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1094819
 	NOTE: https://github.com/openSUSE/open-build-service/commit/990ef7cccef6f38fc1d1a1bb22a08e174dcba43b
-CVE-2018-7688
+CVE-2018-7688 (A missing permission check in the review handling of openSUSE Open Bui ...)
 	- open-build-service 2.9.4-1 (low; bug #903796)
 	[stretch] - open-build-service <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1094820
 	NOTE: https://github.com/openSUSE/open-build-service/commit/b15cf19e9e01115f653c76ffdc8f54cd97566553
-CVE-2018-7687
+CVE-2018-7687 (The Micro Focus Client for OES before version 2 SP4 IR8a has a vulnera ...)
 	NOT-FOR-US: Micro Focus Client for OES
-CVE-2018-7686
+CVE-2018-7686 (Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 ...)
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2018-7685
+CVE-2018-7685 (The decoupled download and installation steps in libzypp before 17.5.0 ...)
 	- libzypp 17.6.1-1
 	[jessie] - libzypp <ignored> (Minor issue, very low popcon)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1091624
 	NOTE: https://github.com/openSUSE/libzypp/commit/5186110992f29c5e3b1b5bfe9e1ca899a155399c
 CVE-2018-7684
 	RESERVED
-CVE-2018-7683
+CVE-2018-7683 (Micro Focus Solutions Business Manager versions prior to 11.4 might re ...)
 	NOT-FOR-US: Micro Focus Solutions Business Manager
-CVE-2018-7682
+CVE-2018-7682 (Micro Focus Solutions Business Manager versions prior to 11.4 allows a ...)
 	NOT-FOR-US: Micro Focus Solutions Business Manager
-CVE-2018-7681
+CVE-2018-7681 (Micro Focus Solutions Business Manager versions prior to 11.4 allows J ...)
 	NOT-FOR-US: Micro Focus Solutions Business Manager
-CVE-2018-7680
+CVE-2018-7680 (Micro Focus Solutions Business Manager versions prior to 11.4 can refl ...)
 	NOT-FOR-US: Micro Focus Solutions Business Manager
-CVE-2018-7679
+CVE-2018-7679 (Micro Focus Solutions Business Manager versions prior to 11.4 when ASP ...)
 	NOT-FOR-US: Micro Focus Solutions Business Manager
-CVE-2018-7678
+CVE-2018-7678 (A cross site scripting vulnerability exist in the Administration Conso ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2018-7677
+CVE-2018-7677 (A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Serv ...)
 	NOT-FOR-US: NetIQ Access Manager
-CVE-2018-7676
+CVE-2018-7676 (The NetIQ Identity Manager, in versions prior to 4.7, userapp with log ...)
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2018-7675
+CVE-2018-7675 (In NetIQ Sentinel before 8.1.x, a Sentinel user is logged into the Sen ...)
 	NOT-FOR-US: NetIQ Sentinel
-CVE-2018-7674
+CVE-2018-7674 (The NetIQ Identity Manager user console, in versions prior to 4.7, is  ...)
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2018-7673
+CVE-2018-7673 (The NetIQ Identity Manager communication channel, in versions prior to ...)
 	NOT-FOR-US: NetIQ Identity Manager
 CVE-2018-7672
 	RESERVED
@@ -34225,11 +34225,11 @@ CVE-2018-7671
 	RESERVED
 CVE-2018-7670
 	RESERVED
-CVE-2018-7669
+CVE-2018-7669 (An issue was discovered in Sitecore Sitecore.NET 8.1 rev. 151207 Hotfi ...)
 	NOT-FOR-US: Sitecore
-CVE-2018-7668
+CVE-2018-7668 (TestLink through 1.9.16 allows remote attackers to read arbitrary atta ...)
 	NOT-FOR-US: TestLink
-CVE-2018-7667
+CVE-2018-7667 (Adminer through 4.3.1 has SSRF via the server parameter. ...)
 	{DLA-1311-1}
 	- adminer 4.5.0-1 (bug #893668)
 	[stretch] - adminer 4.2.5-3+deb9u1
@@ -34241,23 +34241,23 @@ CVE-2018-7667
 	NOTE: Additionally 4.4.0 rate-limits password-less login attempts from the same
 	NOTE: IP address:
 	NOTE: https://github.com/vrana/adminer/commit/0e5df34ea87ad34c1bc0ceac162eb86175d611a3
-CVE-2018-7666
+CVE-2018-7666 (An issue was discovered in ClipBucket before 4.0.0 Release 4902. SQL i ...)
 	NOT-FOR-US: ClipBucket
-CVE-2018-7665
+CVE-2018-7665 (An issue was discovered in ClipBucket before 4.0.0 Release 4902. A mal ...)
 	NOT-FOR-US: ClipBucket
-CVE-2018-7664
+CVE-2018-7664 (An issue was discovered in ClipBucket before 4.0.0 Release 4902. Any O ...)
 	NOT-FOR-US: ClipBucket
-CVE-2018-7663
+CVE-2018-7663 (An issue was discovered in resources/views/layouts/app.blade.php in Vo ...)
 	NOT-FOR-US: Voten.co
-CVE-2018-7662
+CVE-2018-7662 (Couch through 2.0 allows remote attackers to discover the full path vi ...)
 	NOT-FOR-US: CouchCMS
-CVE-2018-7661
+CVE-2018-7661 (Papenmeier WiFi Baby Monitor Free &amp; Lite before 2.02.2 allows remo ...)
 	NOT-FOR-US: Papenmeier WiFi Baby Monitor Free & Lite
-CVE-2018-7660
+CVE-2018-7660 (In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Reflected Cros ...)
 	NOT-FOR-US: OpenText Documentum D2 Webtop
-CVE-2018-7659
+CVE-2018-7659 (In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Stored Cross-S ...)
 	NOT-FOR-US: OpenText Documentum D2 Webtop
-CVE-2018-7711
+CVE-2018-7711 (HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 h ...)
 	{DLA-1314-1}
 	- simplesamlphp 1.15.4-1
 	[stretch] - simplesamlphp <no-dsa> (Minor issue)
@@ -34265,7 +34265,7 @@ CVE-2018-7711
 	NOTE: failure mode hard to trigger for an attacker, signing of redirect binding in many cases not that important
 	NOTE: https://simplesamlphp.org/security/201803-01
 	NOTE: https://github.com/simplesamlphp/saml2/commit/4f6af7f69f29df8555a18b9bb7b646906b45924d
-CVE-2018-7658
+CVE-2018-7658 (NTSServerSvc.exe in the server in Softros Network Time System 2.3.4 al ...)
 	NOT-FOR-US: Softros Network Time System
 CVE-2018-7657
 	RESERVED
@@ -34273,21 +34273,21 @@ CVE-2018-7656
 	RESERVED
 CVE-2018-7655
 	RESERVED
-CVE-2018-7654
+CVE-2018-7654 (On 3CX 15.5.6354.2 devices, the parameter "file" in the request "/api/ ...)
 	NOT-FOR-US: 3CX 15.5.6354.2 devices
-CVE-2018-7653
+CVE-2018-7653 (In YzmCMS 3.6, index.php has XSS via the a, c, or m parameter. ...)
 	NOT-FOR-US: YzmCMS
-CVE-2018-7652
+CVE-2018-7652 (lib/Zonemaster/GUI/Dancer/Export.pm in Zonemaster Web GUI before 1.0.1 ...)
 	NOT-FOR-US: Zonemaster Web GUI
 	NOTE: The source (1.0.7) is in Salsa, but never uploaded: https://salsa.debian.org/perl-team/modules/packages/zonemaster-gui
-CVE-2018-7651
+CVE-2018-7651 (index.js in the ssri module before 5.2.2 for Node.js is prone to a reg ...)
 	- node-ssri 5.2.4-1 (unimportant; bug #891980)
 	NOTE: fixed in 5.2.2
 	NOTE: https://github.com/zkat/ssri/commit/d0ebcdc22cb5c8f47f89716d08b3518b2485d65d
 	NOTE: https://github.com/zkat/ssri/issues/10
 	NOTE: https://nodesecurity.io/advisories/565
 	NOTE: nodejs not covered by security support
-CVE-2018-1000119
+CVE-2018-1000119 (Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier conta ...)
 	{DSA-4247-1}
 	- ruby-rack-protection 1.5.3-2.1 (bug #892250)
 	[jessie] - ruby-rack-protection <ignored> (Low prio package and low prio vulnerability according to RedHat)
@@ -34295,7 +34295,7 @@ CVE-2018-1000119
 	NOTE: https://snyk.io/vuln/SNYK-RUBY-SINATRA-20470
 	NOTE: https://snyk.io/vuln/SNYK-RUBY-RACKPROTECTION-20395
 	NOTE: https://github.com/sinatra/sinatra/commit/8aa6c42ef724f93ae309fb7c5668e19ad547eceb
-CVE-2018-1000115
+CVE-2018-1000115 (Memcached version 1.5.5 contains an Insufficient Control of Network Me ...)
 	{DSA-4218-1}
 	- memcached 1.5.6-1
 	[wheezy] - memcached <no-dsa> (Minor issue; Debian defaults to listen only on localhost)
@@ -34305,11 +34305,11 @@ CVE-2018-1000115
 	NOTE: issues: "Specify which IP address to listen on. The default
 	NOTE: (upstream) is to listen on all IP addresses. [...] so make sure
 	NOTE: it's listening on a firewalled interface."
-CVE-2018-7650
+CVE-2018-7650 (PHP Scripts Mall Hot Scripts Clone:Script Classified Version 3.1 Appli ...)
 	NOT-FOR-US: PHP Scripts Mall Hot Scripts Clone:Script Classified Application
-CVE-2018-7649
+CVE-2018-7649 (Monitorix before 3.10.1 allows XSS via CGI variables. ...)
 	NOT-FOR-US: Monitorix
-CVE-2018-7648
+CVE-2018-7648 (An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. Th ...)
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/kbabioch/openjpeg/commit/6d8c0c06ee32dc03ba80acd48334e98728e56cf5
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1088
@@ -34320,66 +34320,66 @@ CVE-2018-7646
 	RESERVED
 CVE-2018-7645
 	RESERVED
-CVE-2018-7643
+CVE-2018-7643 (The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allo ...)
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22905
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d11ae95ea3403559f052903ab053f43ad7821e37
-CVE-2018-7642
+CVE-2018-7642 (The swap_std_reloc_in function in aoutx.h in the Binary File Descripto ...)
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22887
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=116acb2c268c89c89186673a7c92620d21825b25
-CVE-2018-7641
+CVE-2018-7641 (An issue was discovered in CImg v.220. A heap-based buffer over-read i ...)
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
-CVE-2018-7640
+CVE-2018-7640 (An issue was discovered in CImg v.220. A heap-based buffer over-read i ...)
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
-CVE-2018-7639
+CVE-2018-7639 (An issue was discovered in CImg v.220. A heap-based buffer over-read i ...)
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
-CVE-2018-7638
+CVE-2018-7638 (An issue was discovered in CImg v.220. A heap-based buffer over-read i ...)
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
-CVE-2018-7637
+CVE-2018-7637 (An issue was discovered in CImg v.220. A heap-based buffer over-read i ...)
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
-CVE-2018-7636
+CVE-2018-7636 (The URL filtering "continue page" hosted by PAN-OS 8.0.10 and earlier  ...)
 	NOT-FOR-US: PAN-OS
-CVE-2018-7635
+CVE-2018-7635 (Whale Browser before 1.0.41.8 displays no URL information but only a t ...)
 	NOT-FOR-US: Whale Browser
-CVE-2018-7634
+CVE-2018-7634 (An issue was discovered in Enalean Tuleap 9.17. Lack of CSRF attack mi ...)
 	NOT-FOR-US: Enalean Tuleap
-CVE-2018-7633
+CVE-2018-7633 (Code injection in the /ui/login form Language parameter in Epicentro E ...)
 	NOT-FOR-US: Epicentro
-CVE-2018-7632
+CVE-2018-7632 (Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to cau ...)
 	NOT-FOR-US: Epicentro
-CVE-2018-7631
+CVE-2018-7631 (Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to exe ...)
 	NOT-FOR-US: Epicentro
 CVE-2018-7630
 	RESERVED
@@ -34435,9 +34435,9 @@ CVE-2018-7605
 	RESERVED
 CVE-2018-7604
 	RESERVED
-CVE-2018-7603
+CVE-2018-7603 (In Drupal's 3rd party module search auto complete prior to versions 7. ...)
 	NOT-FOR-US: Drupal addon
-CVE-2018-7602
+CVE-2018-7602 (A remote code execution vulnerability exists within multiple subsystem ...)
 	{DSA-4180-1 DLA-1365-1}
 	- drupal7 <removed> (bug #896701)
 	NOTE: https://www.drupal.org/psa-2018-003
@@ -34463,33 +34463,33 @@ CVE-2018-7592
 	RESERVED
 CVE-2018-7591
 	RESERVED
-CVE-2018-7590
+CVE-2018-7590 (CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in acco ...)
 	NOT-FOR-US: Hoosk
-CVE-2018-7589
+CVE-2018-7589 (An issue was discovered in CImg v.220. A double free in load_bmp in CI ...)
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/184
 	NOTE: https://github.com/dtschump/CImg/commit/8447076ef22322a14a0ce130837e44c5ba8095f4
-CVE-2018-7588
+CVE-2018-7588 (An issue was discovered in CImg v.220. A heap-based buffer over-read i ...)
 	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/183
 	NOTE: https://github.com/dtschump/CImg/commit/8447076ef22322a14a0ce130837e44c5ba8095f4
-CVE-2018-7587
+CVE-2018-7587 (An issue was discovered in CImg v.220. DoS occurs when loading a craft ...)
 	- cimg <unfixed> (low; bug #892780)
 	[buster] - cimg <no-dsa> (Minor issue)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
-CVE-2018-7586
+CVE-2018-7586 (In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery pat ...)
 	NOT-FOR-US: nextgen-gallery plugin for WordPress
 CVE-2018-7585
 	RESERVED
-CVE-2018-7584
+CVE-2018-7584 (In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and  ...)
 	{DSA-4240-1 DLA-1397-1 DLA-1326-1}
 	- php7.2 7.2.3-1
 	- php7.1 7.1.15-1
@@ -34498,15 +34498,15 @@ CVE-2018-7584
 	NOTE: Fixed in 5.6.34, 7.0.28, 7.1.15, 7.2.3
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75981
 	NOTE: https://github.com/php/php-src/commit/523f230c831d7b33353203fa34aee4e92ac12bba
-CVE-2018-7583
+CVE-2018-7583 (Proxy.exe in DualDesk 20 allows Remote Denial Of Service (daemon crash ...)
 	NOT-FOR-US: Proxy.exe in DualDesk 20
-CVE-2018-7582
+CVE-2018-7582 (WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Servic ...)
 	NOT-FOR-US: WebLog Expert Web Server Enterprise
-CVE-2018-7581
+CVE-2018-7581 (\ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog Expert We ...)
 	NOT-FOR-US: WebLog Expert Web Server Enterprise
 CVE-2018-7580
 	RESERVED
-CVE-2018-7579
+CVE-2018-7579 (\application\admin\controller\update_urls.class.php in YzmCMS 3.6 has  ...)
 	NOT-FOR-US: YzmCMS
 CVE-2018-7578
 	RESERVED
@@ -34518,27 +34518,27 @@ CVE-2018-7575
 	RESERVED
 CVE-2018-7574
 	RESERVED
-CVE-2018-7573
+CVE-2018-7573 (An issue was discovered in FTPShell Client 6.7. A remote FTP server ca ...)
 	NOT-FOR-US: FTPShell Client
-CVE-2018-7572
+CVE-2018-7572 (Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to a ...)
 	NOT-FOR-US: Pulse Secure Client
 CVE-2018-7571
 	RESERVED
-CVE-2018-7570
+CVE-2018-7570 (The assign_file_positions_for_non_load_sections function in elf.c in t ...)
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22881
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=01f7e10cf2dcf403462b2feed06c43135651556d
-CVE-2018-7569
+CVE-2018-7569 (dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as  ...)
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22895
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=12c963421d045a127c413a0722062b9932c50aa9
-CVE-2018-7568
+CVE-2018-7568 (The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) ...)
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -34549,67 +34549,67 @@ CVE-2018-1000103
 	REJECTED
 CVE-2018-1000102
 	REJECTED
-CVE-2018-1000114
+CVE-2018-1000114 (An improper authorization vulnerability exists in Jenkins Promoted Bui ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000113
+CVE-2018-1000113 (A cross-site scripting vulnerability exists in Jenkins TestLink Plugin ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000112
+CVE-2018-1000112 (An improper authorization vulnerability exists in Jenkins Mercurial Pl ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000111
+CVE-2018-1000111 (An improper authorization vulnerability exists in Jenkins Subversion P ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000110
+CVE-2018-1000110 (An improper authorization vulnerability exists in Jenkins Git Plugin v ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000109
+CVE-2018-1000109 (An improper authorization vulnerability exists in Jenkins Google Play  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000108
+CVE-2018-1000108 (A cross-site scripting vulnerability exists in Jenkins CppNCSS Plugin  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000107
+CVE-2018-1000107 (An improper authorization vulnerability exists in Jenkins Job and Node ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000106
+CVE-2018-1000106 (An improper authorization vulnerability exists in Jenkins Gerrit Trigg ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000105
+CVE-2018-1000105 (An improper authorization vulnerability exists in Jenkins Gerrit Trigg ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000104
+CVE-2018-1000104 (A plaintext storage of a password vulnerability exists in Jenkins Cove ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-7567
+CVE-2018-7567 (** DISPUTED ** In the Admin Package Manager in Open Ticket Request Sys ...)
 	- otrs2 <unfixed> (unimportant)
 	NOTE: PoC https://0day.today/exploit/29938
 	NOTE: Admin Package Manager works as designed and warns if a package is beeing
 	NOTE: installed which is not verified by the OTRS Group. Responsiblity of the
 	NOTE: respective admin to check packages before installation.
-CVE-2018-7566
+CVE-2018-7566 (The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/d15d662e89fc667b90cd294b0eb45694e33144da
-CVE-2018-7565
+CVE-2018-7565 (CSRF exists on Polycom QDX 6000 devices. ...)
 	NOT-FOR-US: Polycom QDX 6000 devices
-CVE-2018-7564
+CVE-2018-7564 (Stored XSS exists on Polycom QDX 6000 devices. ...)
 	NOT-FOR-US: Polycom QDX 6000 devices
-CVE-2018-7563
+CVE-2018-7563 (An issue was discovered in GLPI through 9.2.1. The application is affe ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2018-7562
+CVE-2018-7562 (A remote code execution issue was discovered in GLPI through 9.2.1. Th ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2018-7561
+CVE-2018-7561 (Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14 ...)
 	NOT-FOR-US: Tenda AC9 devices
-CVE-2018-7560
+CVE-2018-7560 (index.js in the Anton Myshenin aws-lambda-multipart-parser NPM package ...)
 	NOT-FOR-US: aws-lambda-multipart-parser NPM package
-CVE-2018-7559
+CVE-2018-7559 (An issue was discovered in OPC UA .NET Standard Stack and Sample Code  ...)
 	NOT-FOR-US: OPC UA .NET
 CVE-2018-7558
 	RESERVED
-CVE-2018-7557
+CVE-2018-7557 (The decode_init function in libavcodec/utvideodec.c in FFmpeg through  ...)
 	{DSA-4249-1 DLA-1630-1}
 	- ffmpeg 7:3.4.3-1
 	- libav <removed>
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7414d0bda7763f9bd69c26c068e482ab297c1c96
 	NOTE: Fixed in 3.2.11
-CVE-2018-7556
+CVE-2018-7556 (LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3. ...)
 	- limesurvey <itp> (bug #472802)
 CVE-2018-7555
 	RESERVED
-CVE-2018-7554
+CVE-2018-7554 (There is an invalid free in ReadImage in input-bmp.ci that leads to a  ...)
 	{DLA-1340-1}
 	- sam2p <removed>
 	[jessie] - sam2p 0.49.2-3+deb8u2
@@ -34619,223 +34619,223 @@ CVE-2018-7554
 	NOTE: https://github.com/pts/sam2p/commit/1e43ec5fe34b009cb43f90a9d562442ca347cd75
 	NOTE: https://github.com/pts/sam2p/commit/beea3bd8dd05a731fddfa447ff0bad19fe32c973
 	NOTE: https://github.com/pts/sam2p/commit/47378716ab03d6b39ee959c949df551c643942f1
-CVE-2018-7553
+CVE-2018-7553 (There is a heap-based buffer overflow in the pcxLoadRaster function of ...)
 	{DLA-1340-1}
 	- sam2p <removed>
 	[jessie] - sam2p 0.49.2-3+deb8u2
 	NOTE: https://github.com/pts/sam2p/issues/32
-CVE-2018-7552
+CVE-2018-7552 (There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp  ...)
 	{DLA-1340-1}
 	- sam2p <removed>
 	[jessie] - sam2p 0.49.2-3+deb8u2
 	NOTE: https://github.com/pts/sam2p/issues/30
 	NOTE: CVE-2018-7554 patches will address this issue too.
-CVE-2018-7551
+CVE-2018-7551 (There is an invalid free in MiniPS::delete0 in minips.cpp that leads t ...)
 	{DLA-1340-1}
 	- sam2p <removed>
 	[jessie] - sam2p 0.49.2-3+deb8u2
 	NOTE: https://github.com/pts/sam2p/issues/28
-CVE-2018-7550
+CVE-2018-7550 (The load_multiboot function in hw/i386/multiboot.c in Quick Emulator ( ...)
 	{DSA-4213-1 DLA-1497-1 DLA-1351-1 DLA-1350-1}
 	- qemu 1:2.12~rc3+dfsg-1 (bug #892041)
 	- qemu-kvm <removed>
 	NOTE: https://git.qemu.org/?p=qemu.git;a=patch;h=2a8fcd119eb7c6bb3837fc3669eb1b2dfb31daf8
-CVE-2018-7549
+CVE-2018-7549 (In params.c in zsh through 5.4.2, there is a crash during a copy of an ...)
 	- zsh 5.5-1 (unimportant)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/c2cc8b0fbefc9868fa83537f5b6d90fc1ec438dd
 	NOTE: no security impact
-CVE-2018-7548
+CVE-2018-7548 (In subst.c in zsh through 5.4.2, there is a NULL pointer dereference w ...)
 	- zsh 5.5-1 (unimportant)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/110b13e1090bc31ac1352b28adc2d02b6d25a102
 	NOTE: no security impact
-CVE-2018-7547
+CVE-2018-7547 (lyadmin 1.x has XSS via the config[WEB_SITE_TITLE] parameter to the /a ...)
 	NOT-FOR-US: lyadmin
-CVE-2018-7546
+CVE-2018-7546 (wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 al ...)
 	NOT-FOR-US: Kingsoft WPS Office 2016 and Jinshan PDF
 CVE-2018-7545
 	RESERVED
-CVE-2018-7544
+CVE-2018-7544 (** DISPUTED ** A cross-protocol scripting issue was discovered in the  ...)
 	- openvpn <unfixed> (unimportant)
 	NOTE: Not a security issue per se, later versions might explicitly warn in
 	NOTE: affected problematic configurations in both the documentation and with
 	NOTE: a runtime warning.
-CVE-2018-7543
+CVE-2018-7543 (Cross-site scripting (XSS) vulnerability in installer/build/view.step4 ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-7539
+CVE-2018-7539 (On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is p ...)
 	NOT-FOR-US: Appear TV XC5000 and XC5100 devices
-CVE-2018-7538
+CVE-2018-7538 (A SQL injection vulnerability in the tracker functionality of Enalean  ...)
 	NOT-FOR-US: Enalean Tuleap
-CVE-2018-7542
+CVE-2018-7542 (An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH g ...)
 	{DSA-4131-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	[jessie] - xen <not-affected> (Vulnerable code introduced later)
 	[wheezy] - xen <not-affected> (Vulnerable code introduced later)
 	NOTE: https://xenbits.xen.org/xsa/advisory-256.html
-CVE-2018-7541
+CVE-2018-7541 (An issue was discovered in Xen through 4.10.x allowing guest OS users  ...)
 	{DSA-4131-1 DLA-1577-1 DLA-1300-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	NOTE: https://xenbits.xen.org/xsa/advisory-255.html
-CVE-2018-7540
+CVE-2018-7540 (An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS ...)
 	{DSA-4131-1 DLA-1577-1 DLA-1300-1}
 	- xen 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
 	NOTE: https://xenbits.xen.org/xsa/advisory-252.html
-CVE-2018-7644
+CVE-2018-7644 (The XmlSecLibs library as used in the saml2 library in SimpleSAMLphp b ...)
 	{DSA-4127-1 DLA-1298-1}
 	- simplesamlphp 1.15.3-1
 	NOTE: https://simplesamlphp.org/security/201802-01
 	NOTE: Fixed by: https://github.com/simplesamlphp/saml2/commit/88a9ae848c4b310b1c53b5700893d890999dd930
-CVE-2018-7537
+CVE-2018-7537 (An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.1 ...)
 	{DSA-4161-1 DLA-1303-1}
 	- python-django 1:1.11.11-1
 	NOTE: https://www.djangoproject.com/weblog/2018/mar/06/security-releases/
 	NOTE: Patch https://github.com/django/django/commit/a91436360b79a6ff995c3e5018bcc666dfaf1539
-CVE-2018-7536
+CVE-2018-7536 (An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.1 ...)
 	{DSA-4161-1 DLA-1303-1}
 	- python-django 1:1.11.11-1
 	NOTE: https://www.djangoproject.com/weblog/2018/mar/06/security-releases/
 	NOTE: Patch https://github.com/django/django/commit/abf89d729f210c692a50e0ad3f75fb6bec6fae16
-CVE-2018-7535
+CVE-2018-7535 (An issue was discovered in TotalAV v4.1.7. An unprivileged user could  ...)
 	NOT-FOR-US: TotalAV
-CVE-2018-7534
+CVE-2018-7534 (In Stealth Authorization Server before 3.3.017.0 in Unisys Stealth Sol ...)
 	NOT-FOR-US: Stealth Authorization Server
-CVE-2018-7533
+CVE-2018-7533 (An Incorrect Default Permissions issue was discovered in OSIsoft PI Da ...)
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7532
+CVE-2018-7532 (Unauthentication vulnerabilities have been identified in Geutebruck G- ...)
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7531
+CVE-2018-7531 (An Improper Input Validation issue was discovered in OSIsoft PI Data A ...)
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7530
+CVE-2018-7530 (Parsing malformed project files in Omron CX-One versions 4.42 and prio ...)
 	NOT-FOR-US: Omron
-CVE-2018-7529
+CVE-2018-7529 (A Deserialization of Untrusted Data issue was discovered in OSIsoft PI ...)
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7528
+CVE-2018-7528 (An SQL injection vulnerability has been identified in Geutebruck G-Cam ...)
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7527
+CVE-2018-7527 (A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1 ...)
 	NOT-FOR-US: LeviStudio HMI Editor
-CVE-2018-7526
+CVE-2018-7526 (In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Syste ...)
 	NOT-FOR-US: TotalAlert Web Application
-CVE-2018-7525
+CVE-2018-7525 (In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed ...)
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7524
+CVE-2018-7524 (A cross-site request forgery vulnerability has been identified in Geut ...)
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7523
+CVE-2018-7523 (In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed proj ...)
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7522
+CVE-2018-7522 (In Schneider Electric Triconex Tricon MP model 3008 firmware versions  ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7521
+CVE-2018-7521 (In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnera ...)
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7520
+CVE-2018-7520 (An improper access control vulnerability has been identified in Geuteb ...)
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7519
+CVE-2018-7519 (In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed proj ...)
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7518
+CVE-2018-7518 (In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Syste ...)
 	NOT-FOR-US: TotalAlert Web Application
-CVE-2018-7517
+CVE-2018-7517 (In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed proj ...)
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7516
+CVE-2018-7516 (A server-side request forgery vulnerability has been identified in Geu ...)
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7515
+CVE-2018-7515 (In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialize ...)
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7514
+CVE-2018-7514 (Parsing malformed project files in Omron CX-One versions 4.42 and prio ...)
 	NOT-FOR-US: Omron
-CVE-2018-7513
+CVE-2018-7513 (In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed proj ...)
 	NOT-FOR-US: Omron CX-Supervisor
-CVE-2018-7512
+CVE-2018-7512 (A cross-site scripting vulnerability has been identified in Geutebruck ...)
 	NOT-FOR-US: IP Geutebruck and Topline IP cameras
-CVE-2018-7511
+CVE-2018-7511 (In Eaton ELCSoft versions 2.04.02 and prior, there are multiple cases  ...)
 	NOT-FOR-US: Eaton ELCSoft
-CVE-2018-7510
+CVE-2018-7510 (In the web application in BeaconMedaes TotalAlert Scroll Medical Air S ...)
 	NOT-FOR-US: BeaconMedaes TotalAlert
-CVE-2018-7509
+CVE-2018-7509 (WPLSoft in Delta Electronics versions 2.45.0 and prior writes data fro ...)
 	NOT-FOR-US: Delta Electronics
-CVE-2018-7508
+CVE-2018-7508 (A Cross-site Scripting issue was discovered in OSIsoft PI Web API vers ...)
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7507
+CVE-2018-7507 (WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixe ...)
 	NOT-FOR-US: Delta Electronics
-CVE-2018-7506
+CVE-2018-7506 (The private key of the web server in Moxa MXview versions 2.8 and prio ...)
 	NOT-FOR-US: Moxa
-CVE-2018-7505
+CVE-2018-7505 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ver ...)
 	NOT-FOR-US: Advantech
-CVE-2018-7504
+CVE-2018-7504 (A Protection Mechanism Failure issue was discovered in OSIsoft PI Visi ...)
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7503
+CVE-2018-7503 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ver ...)
 	NOT-FOR-US: Advantech
-CVE-2018-7502
+CVE-2018-7502 (Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2 ...)
 	NOT-FOR-US: Beckhoff TwinCAT
-CVE-2018-7501
+CVE-2018-7501 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ver ...)
 	NOT-FOR-US: Advantech
-CVE-2018-7500
+CVE-2018-7500 (A Permissions, Privileges, and Access Controls issue was discovered in ...)
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7499
+CVE-2018-7499 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ver ...)
 	NOT-FOR-US: Advantech
-CVE-2018-7498
+CVE-2018-7498 (In Philips Alice 6 System version R8.0.2 or prior, the lack of proper  ...)
 	NOT-FOR-US: Philips Alice 6 System
-CVE-2018-7497
+CVE-2018-7497 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ver ...)
 	NOT-FOR-US: Advantech
-CVE-2018-7496
+CVE-2018-7496 (An Information Exposure issue was discovered in OSIsoft PI Vision vers ...)
 	NOT-FOR-US: OSIsoft PI
-CVE-2018-7495
+CVE-2018-7495 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ver ...)
 	NOT-FOR-US: Advantech
-CVE-2018-7494
+CVE-2018-7494 (WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixe ...)
 	NOT-FOR-US: Delta Electronics
-CVE-2018-7493
+CVE-2018-7493 (CactusVPN through 6.0 for macOS suffers from a root privilege escalati ...)
 	NOT-FOR-US: CactusVPN for macOS
-CVE-2018-7492
+CVE-2018-7492 (A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_ ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.7-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f3069c6d33f6ae63a1668737bc78aaaa51bff7ca
-CVE-2018-7491
+CVE-2018-7491 (In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking vulnerabil ...)
 	NOT-FOR-US: PrestaShop
-CVE-2018-7490
+CVE-2018-7490 (uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the ...)
 	{DSA-4142-1}
 	- uwsgi 2.0.15-10.4 (bug #891639)
 	[wheezy] - uwsgi <not-affected> (plugin package introduced in jessie)
 	NOTE: Fixed in 2.0.17 upstream
 	NOTE: https://github.com/unbit/uwsgi/commit/0a480f435ea6feb63deb410ad2bf376ed3f05f8a
 	NOTE: https://blog.runesec.com/2018/03/01/uwsgi-path-traversal/
-CVE-2018-7489
+CVE-2018-7489 (FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2 ...)
 	{DSA-4190-1}
 	- jackson-databind 2.9.5-1 (bug #891614)
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/1931
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2
 CVE-2018-7488
 	RESERVED
-CVE-2018-7487
+CVE-2018-7487 (There is a heap-based buffer overflow in the LoadPCX function of in_pc ...)
 	{DLA-1340-1}
 	- sam2p <removed>
 	[jessie] - sam2p 0.49.2-3+deb8u2
 	NOTE: https://github.com/pts/sam2p/issues/18
-CVE-2018-7486
+CVE-2018-7486 (Blue River Mura CMS before v7.0.7029 supports inline function calls wi ...)
 	NOT-FOR-US: Blue River Mura CMS
-CVE-2018-7485
+CVE-2018-7485 (The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC ...)
 	- unixodbc <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/lurcher/unixODBC/commit/45ef78e037f578b15fc58938a3a3251655e71d6f#diff-d52750c7ba4e594410438569d8e2963aL24
 	NOTE: Issue introduced with https://github.com/lurcher/unixODBC/commit/4f9f77fb4204659ec9b7be8745d9e05a539c80b9
 	NOTE: when actually fixing another potential (security) issue, "Buffer
 	NOTE: overflows and missing null checks in SQLConfigDataSource,
 	NOTE: SQLInstallDriverEx, and SQLWriteFileDSN"
-CVE-2018-7484
+CVE-2018-7484 (An issue was discovered in PureVPN through 5.19.4.0 on Windows. The cl ...)
 	NOT-FOR-US: PureVPN on Windows
 CVE-2018-7483
 	RESERVED
-CVE-2018-7482
+CVE-2018-7482 (** DISPUTED ** The K2 component 2.8.0 for Joomla! has Incorrect Access ...)
 	NOT-FOR-US: K2 component for Joomla!
-CVE-2018-1000099
+CVE-2018-1000099 (Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninit ...)
 	{DSA-4170-1}
 	- pjproject 2.7.2~dfsg-1
 	[jessie] - pjproject <ignored> (Minor issue)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2018-003.html
 	NOTE: https://trac.pjsip.org/repos/ticket/2092
 	NOTE: In jessie Asterisk doesn't use pjproject for SIP (only for ICE, STUN and TURN)
-CVE-2018-1000098
+CVE-2018-1000098 (Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vuln ...)
 	{DSA-4170-1}
 	- pjproject 2.7.2~dfsg-1
 	[jessie] - pjproject <ignored> (Minor issue)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2018-002.html
 	NOTE: https://trac.pjsip.org/repos/ticket/2093
 	NOTE: In jessie Asterisk doesn't use pjproject for SIP (only for ICE, STUN and TURN)
-CVE-2018-1000101
+CVE-2018-1000101 (Mingw-w64 version 5.0.3 and earlier contains an Improper Null Terminat ...)
 	- mingw-w64 <unfixed> (low; bug #897196)
 	[buster] - mingw-w64 <ignored> (Minor issue)
 	[stretch] - mingw-w64 <ignored> (Minor issue)
@@ -34844,50 +34844,50 @@ CVE-2018-1000101
 	NOTE: https://sourceforge.net/p/mingw-w64/bugs/709/
 CVE-2018-7481
 	RESERVED
-CVE-2018-7480
+CVE-2018-7480 (The blkcg_init_queue function in block/blk-cgroup.c in the Linux kerne ...)
 	{DSA-4188-1}
 	- linux 4.11.6-1
 	[jessie] - linux <not-affected> (Issue introduced later)
 	[wheezy] - linux <not-affected> (Issue introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/9b54d816e00425c3a517514e0d677bb3cec49258
-CVE-2018-7479
+CVE-2018-7479 (YzmCMS 3.6 allows remote attackers to discover the full path via a dir ...)
 	NOT-FOR-US: YzmCMS
 CVE-2018-7478
 	RESERVED
-CVE-2018-7477
+CVE-2018-7477 (SQL Injection exists in PHP Scripts Mall School Management Script 3.0. ...)
 	NOT-FOR-US: PHP Scripts Mall School Management Script
-CVE-2018-7476
+CVE-2018-7476 (controllers/admin/Linkage.php in dayrui FineCms 5.3.0 has Cross Site S ...)
 	NOT-FOR-US: FineCms
-CVE-2018-7475
+CVE-2018-7475 (Cross-site scripting (XSS) vulnerability for webdav/ticket/ URIs in Ic ...)
 	NOT-FOR-US: IceWarp
-CVE-2018-7474
+CVE-2018-7474 (An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is po ...)
 	- textpattern <removed>
-CVE-2018-7473
+CVE-2018-7473 (Open redirect vulnerability in the SO Connect SO WIFI hotspot web inte ...)
 	NOT-FOR-US: SO Connect SO WIFI
-CVE-2018-7472
+CVE-2018-7472 (INVT Studio 1.2 allows remote attackers to cause a denial of service d ...)
 	NOT-FOR-US: INVT Studio
-CVE-2018-7471
+CVE-2018-7471 (KingView 7.5SP1 has an integer overflow during stgopenstorage API read ...)
 	NOT-FOR-US: KingView
-CVE-2018-7470
+CVE-2018-7470 (An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLo ...)
 	- imagemagick 8:6.9.9.39+dfsg-1 (unimportant; bug #891420)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/998
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/9e80713e5132a3bd26702ee0a833306f7e801469
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8130e12eb30685ef958f4e62fe624da393920be7
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/7305dacfcdf5e51c4f8d0ba9f77fa97792f8acf7
 	NOTE: webp support not enabled, see #806425
-CVE-2018-7469
+CVE-2018-7469 (PHP Scripts Mall Entrepreneur Job Portal Script 2.0.9 has XSS via the  ...)
 	NOT-FOR-US: PHP Scripts Mall Entrepreneur Job Portal Script
 CVE-2018-7468
 	RESERVED
-CVE-2018-7467
+CVE-2018-7467 (AxxonSoft Axxon Next has Directory Traversal via an initial /css//..%2 ...)
 	NOT-FOR-US: AxxonSoft Axxon Next
-CVE-2018-7466
+CVE-2018-7466 (install/installNewDB.php in TestLink through 1.9.16 allows remote atta ...)
 	NOT-FOR-US: TestLink
-CVE-2018-7465
+CVE-2018-7465 (An XSS issue was discovered in VirtueMart before 3.2.14. All the texta ...)
 	NOT-FOR-US: VirtueMart
 CVE-2018-7464
 	RESERVED
-CVE-2018-7463
+CVE-2018-7463 (SQL injection vulnerability in files.php in the "files" component in A ...)
 	NOT-FOR-US: ASANHAMAYESH CMS
 CVE-2018-7462
 	RESERVED
@@ -34901,28 +34901,28 @@ CVE-2018-7458
 	RESERVED
 CVE-2018-7457
 	RESERVED
-CVE-2018-7456
+CVE-2018-7456 (A NULL Pointer Dereference occurs in the function TIFFPrintDirectory i ...)
 	{DSA-4349-1 DLA-1411-1 DLA-1347-1 DLA-1346-1}
 	- tiff 4.0.9-5 (bug #891288)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2778
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/be4c85b16e8801a16eec25e80eb9f3dd6a96731b
-CVE-2018-7455
+CVE-2018-7455 (An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xp ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-7454
+CVE-2018-7454 (A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpd ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=613
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-7453
+CVE-2018-7453 (Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00  ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?p=814#p814
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
 	NOTE: Reproducer correctly detected as broken with jessie's poppler build
-CVE-2018-7452
+CVE-2018-7452 (A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc i ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=613
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
@@ -34931,19 +34931,19 @@ CVE-2018-7451
 	RESERVED
 CVE-2018-7450
 	RESERVED
-CVE-2018-7449
+CVE-2018-7449 (SEGGER FTP Server for Windows before 3.22a allows remote attackers to  ...)
 	NOT-FOR-US: SEGGER embOS/IP FTP Server
-CVE-2018-7448
+CVE-2018-7448 (Remote code execution vulnerability in /cmsms-2.1.6-install.php/index. ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-7447
+CVE-2018-7447 (mojoPortal through 2.6.0.0 is prone to multiple persistent cross-site  ...)
 	NOT-FOR-US: mojoPortal
 CVE-2018-7446
 	RESERVED
-CVE-2018-7445
+CVE-2018-7445 (A buffer overflow was found in the MikroTik RouterOS SMB service when  ...)
 	NOT-FOR-US: MikroTik RouterOS
 CVE-2018-7444
 	RESERVED
-CVE-2018-7443
+CVE-2018-7443 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q1 ...)
 	{DLA-1293-1}
 	- imagemagick 8:6.9.9.39+dfsg-1 (low; bug #891291)
 	[stretch] - imagemagick <ignored> (Minor issue)
@@ -34951,21 +34951,21 @@ CVE-2018-7443
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/999
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/1f7c6b153882896e7a569a6e8a362ce2a11a8b1f
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/5c0e1a31bc44829b1024ce599097f43285a05a42
-CVE-2018-7434
+CVE-2018-7434 (zzcms 8.2 allows remote attackers to discover the full path via a dire ...)
 	NOT-FOR-US: zzcms
-CVE-2018-7433
+CVE-2018-7433 (The iThemes Security plugin before 6.9.1 for WordPress does not proper ...)
 	NOT-FOR-US: iThemes Security plugin for WordPress
-CVE-2018-7432
+CVE-2018-7432 (Splunk Enterprise 6.2.x before 6.2.14, 6.3.x before 6.3.10, 6.4.x befo ...)
 	NOT-FOR-US: Splunk
-CVE-2018-7431
+CVE-2018-7431 (Directory traversal vulnerability in the Splunk Django App in Splunk E ...)
 	NOT-FOR-US: Splunk
 CVE-2018-7430
 	RESERVED
-CVE-2018-7429
+CVE-2018-7429 (Splunkd in Splunk Enterprise 6.2.x before 6.2.14 6.3.x before 6.3.11,  ...)
 	NOT-FOR-US: Splunk
 CVE-2018-7428
 	RESERVED
-CVE-2018-7427
+CVE-2018-7427 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enter ...)
 	NOT-FOR-US: Splunk
 CVE-2018-7426
 	RESERVED
@@ -34975,9 +34975,9 @@ CVE-2018-7424
 	RESERVED
 CVE-2018-7423
 	RESERVED
-CVE-2018-7422
+CVE-2018-7422 (A Local File Inclusion vulnerability in the Site Editor plugin through ...)
 	NOT-FOR-US: Site Editor plugin for WordPress
-CVE-2018-7421
+CVE-2018-7421 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector cou ...)
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <not-affected> (Vulnerable code introduced later)
 	[wheezy] - wireshark <not-affected> (Vulnerable code introduced later)
@@ -34985,25 +34985,25 @@ CVE-2018-7421
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=656812ee1f2a8ddfd383b02a066e888f5919e17a
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e8be5adae469ba563acfad2c2b98673e1afaf901
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7420
+CVE-2018-7420 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parse ...)
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=129e41f9f63885ad8224ef413c2860788fb9e849
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-11.html
-CVE-2018-7419
+CVE-2018-7419 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector co ...)
 	{DSA-4217-1 DLA-1353-1}
 	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14443
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bebd3a1f50b0a27738d8d3da5b33c1b392eb7273
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-14.html
-CVE-2018-7418
+CVE-2018-7418 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector ...)
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14410
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=29d920b8309905dda11ad397596fe8aafc9b4bf7
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-13.html
-CVE-2018-7417
+CVE-2018-7417 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector co ...)
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14409
@@ -35011,23 +35011,23 @@ CVE-2018-7417
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-12.html
 CVE-2018-7416
 	RESERVED
-CVE-2018-7439
+CVE-2018-7439 (An issue was discovered in FreeXL before 1.0.5. There is a heap-based  ...)
 	{DSA-4129-1 DLA-1297-1}
 	- freexl 1.0.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547892
-CVE-2018-7438
+CVE-2018-7438 (An issue was discovered in FreeXL before 1.0.5. There is a heap-based  ...)
 	{DSA-4129-1 DLA-1297-1}
 	- freexl 1.0.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547889
-CVE-2018-7437
+CVE-2018-7437 (An issue was discovered in FreeXL before 1.0.5. There is a heap-based  ...)
 	{DSA-4129-1 DLA-1297-1}
 	- freexl 1.0.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547885
-CVE-2018-7436
+CVE-2018-7436 (An issue was discovered in FreeXL before 1.0.5. There is a heap-based  ...)
 	{DSA-4129-1 DLA-1297-1}
 	- freexl 1.0.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547883
-CVE-2018-7435
+CVE-2018-7435 (An issue was discovered in FreeXL before 1.0.5. There is a heap-based  ...)
 	{DSA-4129-1 DLA-1297-1}
 	- freexl 1.0.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547879
@@ -35043,20 +35043,20 @@ CVE-2018-7411
 	RESERVED
 CVE-2018-7410
 	RESERVED
-CVE-2018-7409
+CVE-2018-7409 (In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to ...)
 	- unixodbc 2.3.6-0.1 (bug #891596)
 	[stretch] - unixodbc <no-dsa> (Minor issue)
 	[jessie] - unixodbc <no-dsa> (Minor issue)
 	[wheezy] - unixodbc <ignored> (Minor issue)
 	NOTE: Fixed by: https://sourceforge.net/p/unixodbc/code/136/
 	NOTE: https://github.com/lurcher/unixODBC/commit/4f9f77fb4204659ec9b7be8745d9e05a539c80b9
-CVE-2018-7408
+CVE-2018-7408 (An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked ...)
 	- npm <not-affected> (Vulnerable code introduced later)
-CVE-2018-7407
+CVE-2018-7407 (An issue was discovered in Foxit Reader before 9.1 and PhantomPDF befo ...)
 	NOT-FOR-US: Foxit
-CVE-2018-7406
+CVE-2018-7406 (An issue was discovered in Foxit Reader before 9.1 and PhantomPDF befo ...)
 	NOT-FOR-US: Foxit
-CVE-2018-7405
+CVE-2018-7405 (Cross-site scripting (XSS) in Zoho ManageEngine EventLog Analyzer befo ...)
 	NOT-FOR-US: Zoho ManageEngine EventLog Analyzer
 CVE-2018-7404
 	RESERVED
@@ -35134,29 +35134,29 @@ CVE-2018-7368
 	RESERVED
 CVE-2018-7367
 	RESERVED
-CVE-2018-7366
+CVE-2018-7366 (ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions  ...)
 	NOT-FOR-US: ZTE
-CVE-2018-7365
+CVE-2018-7365 (All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product ...)
 	NOT-FOR-US: ZTE
-CVE-2018-7364
+CVE-2018-7364 (All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product Europe ...)
 	NOT-FOR-US: ZTE
-CVE-2018-7363
+CVE-2018-7363 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted  ...)
 	NOT-FOR-US: ZTE
-CVE-2018-7362
+CVE-2018-7362 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted  ...)
 	NOT-FOR-US: ZTE
-CVE-2018-7361
+CVE-2018-7361 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted  ...)
 	NOT-FOR-US: ZTE
-CVE-2018-7360
+CVE-2018-7360 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted  ...)
 	NOT-FOR-US: ZTE
-CVE-2018-7359
+CVE-2018-7359 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted  ...)
 	NOT-FOR-US: ZTE
-CVE-2018-7358
+CVE-2018-7358 (ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V ...)
 	NOT-FOR-US: ZTE ZXHN H168N product
-CVE-2018-7357
+CVE-2018-7357 (ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V ...)
 	NOT-FOR-US: ZTE ZXHN H168N product
-CVE-2018-7356
+CVE-2018-7356 (All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impac ...)
 	NOT-FOR-US: ZTE ZXR10 8905E
-CVE-2018-7355
+CVE-2018-7355 (All versions up to V1.0.0B05 of ZTE MF65 and all versions up to V1.0.0 ...)
 	NOT-FOR-US: ZTE
 CVE-2018-7354
 	RESERVED
@@ -35188,7 +35188,7 @@ CVE-2018-7341
 	RESERVED
 CVE-2018-7340
 	RESERVED
-CVE-2018-7339
+CVE-2018-7339 (The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Ent ...)
 	- mp4v2 <removed> (low; bug #893544)
 	[stretch] - mp4v2 <no-dsa> (Minor issue)
 	[jessie] - mp4v2 <no-dsa> (Minor issue)
@@ -35200,53 +35200,53 @@ CVE-2018-7338
 	NOTE: https://duo.com/labs/psa/duo-psa-2017-003
 	NOTE: https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
 	NOTE: https://www.kb.cert.org/vuls/id/475445
-CVE-2018-7337
+CVE-2018-7337 (In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash ...)
 	{DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14446
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=511a8b0b546d25413e289dc5a7d3a455a33994c2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-08.html
-CVE-2018-7336
+CVE-2018-7336 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol diss ...)
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14374
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b56f598f1bc04f5d00f13b38c713763928cedb7c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-09.html
-CVE-2018-7335
+CVE-2018-7335 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 disse ...)
 	{DSA-4217-1 DLA-1353-1}
 	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14442
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a2901dcf45c9f1b07abfbf2a0b0cd654371d72a4
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-05.html
-CVE-2018-7334
+CVE-2018-7334 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissecto ...)
 	{DSA-4217-1 DLA-1353-1}
 	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14339
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8ed705e1227d3d582e3f0de435bba606d053d686
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-07.html
-CVE-2018-7333
+CVE-2018-7333 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v1.99.7)
 	[wheezy] - wireshark <not-affected> (vulnerable code introduced later in v1.99.7)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14449
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bd6313181317bfe83842b27650b65f3c2b8d5dc9
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7332
+CVE-2018-7332 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	{DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14445
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1ab0585098c7ce20f3afceb6730427cc2a1e98ea
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7331
+CVE-2018-7331 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	{DLA-1634-1}
 	- wireshark 2.4.5-1 (low)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14444
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=157712b2f5f89b19ef2497ea89c5938eb29529da
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7330
+CVE-2018-7330 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	- wireshark 2.4.5-1 (low)
 	[stretch] - wireshark <not-affected> (vulnerable code introduced later in v2.4.0)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v2.4.0)
@@ -35254,14 +35254,14 @@ CVE-2018-7330
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14428
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8ad0c5b3683a17d9e2e16bbf25869140fd5c1c66
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7329
+CVE-2018-7329 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v1.99.0)
 	[wheezy] - wireshark <not-affected> (vulnerable code introduced later in v1.99.0)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14423
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d8a0cbc4f2979e0b1cadbe79f0b8b4ecb92477be
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7328
+CVE-2018-7328 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	- wireshark 2.4.5-1 (low)
 	[stretch] - wireshark <not-affected> (vulnerable code introduced later in v2.4.0)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v2.4.0)
@@ -35269,7 +35269,7 @@ CVE-2018-7328
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14421
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=69d09028c956f6e049145485ce9b3e2858789b2b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7327
+CVE-2018-7327 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	- wireshark 2.4.5-1 (low)
 	[stretch] - wireshark <not-affected> (vulnerable code introduced later in v2.4.0)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v2.4.0)
@@ -35277,47 +35277,47 @@ CVE-2018-7327
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14420
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=563989f888e51258edb9a27db56124bdc33c9afe
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7326
+CVE-2018-7326 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v1.99.0)
 	[wheezy] - wireshark <not-affected> (vulnerable code introduced later in v1.99.0)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14419
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=293b999425e998d6cde0d9149648e421ea7687d0
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7325
+CVE-2018-7325 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	{DLA-1634-1}
 	- wireshark 2.4.5-1 (low)
 	[wheezy] - wireshark <not-affected> (vulnerable code introduced later)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14414
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7be234d06ea39ab6a88115ae41d71060f1f15e3c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7324
+CVE-2018-7324 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14413
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9e7695bbee18525eaa6d12b32230313ae8a36a81
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7323
+CVE-2018-7323 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14412
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f9199ea8cff56c6704e9828c3d80360b27c4565
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5d45b69b590cabc5127282d1ade3bca1598e5f5c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7322
+CVE-2018-7322 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	{DLA-1634-1 DLA-1353-1}
 	- wireshark 2.4.5-1 (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14411
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=afc780e2c796e971bb7d164103f4f0d10d3c25b5
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7321
+CVE-2018-7321 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packe ...)
 	- wireshark 2.4.5-1 (low)
 	[jessie] - wireshark <not-affected> (vulnerable code introduced later in v1.99.6)
 	[wheezy] - wireshark <not-affected> (vulnerable code introduced later in v1.99.6)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14379
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c784d551ad50864de1035ce54e72837301cf6aca
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
-CVE-2018-7320
+CVE-2018-7320 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol  ...)
 	- wireshark 2.4.5-1
 	[stretch] - wireshark 2.2.6+g32dac6a-2+deb9u3
 	[jessie] - wireshark <not-affected> (Vulnerable code introduced later)
@@ -35325,55 +35325,55 @@ CVE-2018-7320
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14398
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=015e3399390b8b5cfbfcfcda30589983ab6cc129
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-10.html
-CVE-2018-7319
+CVE-2018-7319 (SQL Injection exists in the OS Property Real Estate 3.12.7 component f ...)
 	NOT-FOR-US: OS Property Real Estate component for Joomla!
-CVE-2018-7318
+CVE-2018-7318 (SQL Injection exists in the CheckList 1.1.1 component for Joomla! via  ...)
 	NOT-FOR-US: CheckList component for Joomla!
-CVE-2018-7317
+CVE-2018-7317 (Backup Download exists in the Proclaim 9.1.1 component for Joomla! via ...)
 	NOT-FOR-US: Proclaim component for Joomla!
-CVE-2018-7316
+CVE-2018-7316 (Arbitrary File Upload exists in the Proclaim 9.1.1 component for Jooml ...)
 	NOT-FOR-US: Proclaim component for Joomla!
-CVE-2018-7315
+CVE-2018-7315 (SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via th ...)
 	NOT-FOR-US: Ek Rishta component for Joomla!
-CVE-2018-7314
+CVE-2018-7314 (SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! v ...)
 	NOT-FOR-US: PrayerCenter component for Joomla!
-CVE-2018-7313
+CVE-2018-7313 (SQL Injection exists in the CW Tags 2.0.6 component for Joomla! via th ...)
 	NOT-FOR-US: CW Tags component for Joomla!
-CVE-2018-7312
+CVE-2018-7312 (SQL Injection exists in the Alexandria Book Library 3.1.2 component fo ...)
 	NOT-FOR-US: Alexandria Book Library component for Joomla!
-CVE-2018-7311
+CVE-2018-7311 (** DISPUTED ** PrivateVPN 2.0.31 for macOS suffers from a root privile ...)
 	NOT-FOR-US: PrivateVPN for macOS
 CVE-2018-7310
 	RESERVED
 CVE-2018-7309
 	RESERVED
-CVE-2018-7308
+CVE-2018-7308 (A CSRF issue was found in var/www/html/files.php in DanWin hosting thr ...)
 	NOT-FOR-US: DanWin hosting
-CVE-2018-7307
+CVE-2018-7307 (The Auth0 Auth0.js library before 9.3 has CSRF because it mishandles t ...)
 	NOT-FOR-US: Auth0 Auth0.js library
 CVE-2018-7306
 	RESERVED
-CVE-2018-7305
+CVE-2018-7305 (MyBB 1.8.14 is not checking for a valid CSRF token, leading to arbitra ...)
 	NOT-FOR-US: MyBB
-CVE-2018-7304
+CVE-2018-7304 (Tiki 17.1 does not validate user input for special characters; consequ ...)
 	NOT-FOR-US: Tiki
-CVE-2018-7303
+CVE-2018-7303 (The Calendar component in Tiki 17.1 allows HTML injection. ...)
 	NOT-FOR-US: Tiki
-CVE-2018-7302
+CVE-2018-7302 (Tiki 17.1 allows upload of a .PNG file that actually has SVG content,  ...)
 	NOT-FOR-US: Tiki
-CVE-2018-7301
+CVE-2018-7301 (eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port witho ...)
 	NOT-FOR-US: eQ-3 AG HomeMatic CCU2 2.29.22 devices
-CVE-2018-7300
+CVE-2018-7300 (Directory Traversal / Arbitrary File Write / Remote Code Execution in  ...)
 	NOT-FOR-US: eQ-3 AG Homematic CCU2
-CVE-2018-7299
+CVE-2018-7299 (Remote Code Execution in the addon installation process in eQ-3 AG Hom ...)
 	NOT-FOR-US: eQ-3 AG Homematic CCU2
-CVE-2018-7298
+CVE-2018-7298 (In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU ...)
 	NOT-FOR-US: eQ-3 AG Homematic CCU2
-CVE-2018-7297
+CVE-2018-7297 (Remote Code Execution in the TCL script interpreter in eQ-3 AG Homemat ...)
 	NOT-FOR-US: eQ-3 AG Homematic CCU2
-CVE-2018-7296
+CVE-2018-7296 (Directory Traversal / Arbitrary File Read in User.getLanguage method i ...)
 	NOT-FOR-US: eQ-3 AG Homematic CCU2
-CVE-2018-7295
+CVE-2018-7295 (ffxivlauncher.exe in Square Enix Final Fantasy XIV 4.21 and 4.25 on Wi ...)
 	NOT-FOR-US: Final Fantasy
 CVE-2018-7294
 	RESERVED
@@ -35383,17 +35383,17 @@ CVE-2018-7292
 	RESERVED
 CVE-2018-7291
 	RESERVED
-CVE-2018-7290
+CVE-2018-7290 (Cross Site Scripting (XSS) exists in Tiki before 12.13, 15.6, 17.2, an ...)
 	NOT-FOR-US: Tiki
-CVE-2018-7289
+CVE-2018-7289 (An issue was discovered in armadito-windows-driver/src/communication.c ...)
 	NOT-FOR-US: Armadito
 CVE-2018-7288
 	RESERVED
-CVE-2018-7287
+CVE-2018-7287 (An issue was discovered in res_http_websocket.c in Asterisk 15.x throu ...)
 	- asterisk <not-affected> (Only affects Asterisk 15.x)
 	NOTE: downloads.digium.com/pub/security/AST-2018-006.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27658
-CVE-2018-7286
+CVE-2018-7286 (An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7 ...)
 	{DSA-4320-1}
 	- asterisk 1:13.20.0~dfsg-1 (bug #891228)
 	[jessie] - asterisk <not-affected> (Vulnerable code not present)
@@ -35401,10 +35401,10 @@ CVE-2018-7286
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2018-005.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27618
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2018-005-13.diff
-CVE-2018-7285
+CVE-2018-7285 (A NULL pointer access issue was discovered in Asterisk 15.x through 15 ...)
 	- asterisk <not-affected> (Only affects Asterisk 15.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2018-001.html
-CVE-2018-7284
+CVE-2018-7284 (A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14 ...)
 	{DSA-4320-1}
 	- asterisk 1:13.20.0~dfsg-1 (bug #891227)
 	[jessie] - asterisk <not-affected> (Vulnerable code not present)
@@ -35416,48 +35416,48 @@ CVE-2018-7283
 	RESERVED
 CVE-2018-7282
 	RESERVED
-CVE-2018-7281
+CVE-2018-7281 (CactusVPN 5.3.6 for macOS contains a root privilege escalation vulnera ...)
 	NOT-FOR-US: CactusVPN for macOS
-CVE-2018-7280
+CVE-2018-7280 (The Ninja Forms plugin before 3.2.14 for WordPress has XSS. ...)
 	NOT-FOR-US: Ninja Forms plugin for WordPress
-CVE-2018-1000093
+CVE-2018-1000093 (CryptoNote version version 0.8.9 and possibly later contain a local RP ...)
 	NOT-FOR-US: CryptoNote
-CVE-2018-1000092
+CVE-2018-1000092 (CMS Made Simple version versions 2.2.5 contains a Cross ite Request Fo ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-1000091
+CVE-2018-1000091 (KadNode version version 2.2.0 contains a Buffer Overflow vulnerability ...)
 	NOT-FOR-US: KadNode
-CVE-2018-1000090
+CVE-2018-1000090 (textpattern version version 4.6.2 contains a XML Injection vulnerabili ...)
 	- textpattern <removed>
-CVE-2018-1000089
+CVE-2018-1000089 (Anymail django-anymail version version 0.2 through 1.3 contains a CWE- ...)
 	- django-anymail 1.4-1 (bug #890097)
 	[stretch] - django-anymail <ignored> (Minor issue; non-free/contrib not security supported)
 	NOTE: https://github.com/anymail/django-anymail/commit/1a6086f2b58478d71f89bf27eb034ed81aefe5ef
-CVE-2018-1000088
+CVE-2018-1000088 (Doorkeeper version 2.1.0 through 4.2.5 contains a Cross Site Scripting ...)
 	- ruby-doorkeeper 4.3.1-1 (bug #891069)
 	[stretch] - ruby-doorkeeper <no-dsa> (Minor issue)
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/issues/969
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper/pull/970
-CVE-2018-1000087
+CVE-2018-1000087 (WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Script ...)
 	NOT-FOR-US: WolfCMS
-CVE-2018-1000086
+CVE-2018-1000086 (NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a  ...)
 	NOT-FOR-US: pym.js
-CVE-2018-1000085
+CVE-2018-1000085 (ClamAV version version 0.99.3 contains a Out of bounds heap memory rea ...)
 	{DLA-1307-1}
 	- clamav 0.99.3~beta1+dfsg-1
 	[stretch] - clamav 0.99.4+dfsg-1+deb9u1
 	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6
 	NOTE: http://www.openwall.com/lists/oss-security/2017/09/29/4
-CVE-2018-1000084
+CVE-2018-1000084 (WOlfCMS WolfCMS version version 0.8.3.1 contains a Stored Cross-Site S ...)
 	NOT-FOR-US: WolfCMS
-CVE-2018-1000083
+CVE-2018-1000083 (Ajenti version version 2 contains a Improper Error Handling vulnerabil ...)
 	- ajenti <itp> (bug #792019)
-CVE-2018-1000082
+CVE-2018-1000082 (Ajenti version version 2 contains a Cross ite Request Forgery (CSRF) v ...)
 	- ajenti <itp> (bug #792019)
-CVE-2018-1000081
+CVE-2018-1000081 (Ajenti version version 2 contains a Input Validation vulnerability in  ...)
 	- ajenti <itp> (bug #792019)
-CVE-2018-1000080
+CVE-2018-1000080 (Ajenti version version 2 contains a Insecure Permissions vulnerability ...)
 	- ajenti <itp> (bug #792019)
-CVE-2018-1000079
+CVE-2018-1000079 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series:  ...)
 	{DSA-4259-1 DSA-4219-1 DLA-1421-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35472,7 +35472,7 @@ CVE-2018-1000079
 	NOTE: https://github.com/rubygems/rubygems/commit/f83f911e19e27cbac1ccce7471d96642241dd759
 	NOTE: https://github.com/rubygems/rubygems/commit/666ef793cad42eed96f7aee1cdf77865db921099
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000078
+CVE-2018-1000078 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series:  ...)
 	{DSA-4259-1 DSA-4219-1 DLA-1421-1 DLA-1358-1 DLA-1337-1 DLA-1336-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35483,7 +35483,7 @@ CVE-2018-1000078
 	[jessie] - jruby <end-of-life> (See DSA-4219-1)
 	NOTE: https://github.com/rubygems/rubygems/commit/66a28b9275551384fdab45f3591a82d6b59952cb
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000077
+CVE-2018-1000077 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series:  ...)
 	{DSA-4259-1 DSA-4219-1 DLA-1421-1 DLA-1358-1 DLA-1337-1 DLA-1336-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35494,7 +35494,7 @@ CVE-2018-1000077
 	[jessie] - jruby <end-of-life> (See DSA-4219-1)
 	NOTE: https://github.com/rubygems/rubygems/commit/feadefc2d351dcb95d6492f5ad17ebca546eb964
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000076
+CVE-2018-1000076 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series:  ...)
 	{DSA-4259-1 DSA-4219-1 DLA-1421-1 DLA-1358-1 DLA-1337-1 DLA-1336-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35505,7 +35505,7 @@ CVE-2018-1000076
 	[jessie] - jruby <end-of-life> (See DSA-4219-1)
 	NOTE: https://github.com/rubygems/rubygems/commit/f5042b879259b1f1ce95a0c5082622c646376693
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000075
+CVE-2018-1000075 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series:  ...)
 	{DSA-4259-1 DSA-4219-1 DLA-1421-1 DLA-1358-1 DLA-1337-1 DLA-1336-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35516,7 +35516,7 @@ CVE-2018-1000075
 	[jessie] - jruby <end-of-life> (See DSA-4219-1)
 	NOTE: https://github.com/rubygems/rubygems/commit/92e98bf8f810bd812f919120d4832df51bc25d83
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000074
+CVE-2018-1000074 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series:  ...)
 	{DSA-4259-1 DSA-4219-1 DLA-1480-1 DLA-1352-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35529,7 +35529,7 @@ CVE-2018-1000074
 	[jessie] - jruby <end-of-life> (See DSA-4219-1)
 	NOTE: https://github.com/rubygems/rubygems/commit/254e3d0ee873c008c0b74e8b8abcbdab4caa0a6d
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000073
+CVE-2018-1000073 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series:  ...)
 	{DSA-4259-1 DSA-4219-1 DLA-1480-1}
 	- ruby2.5 2.5.0-5
 	- ruby2.3 <removed>
@@ -35543,9 +35543,9 @@ CVE-2018-1000073
 	[wheezy] - jruby <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/rubygems/rubygems/commit/1b931fc03b819b9a0214be3eaca844ef534175e2
 	NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
-CVE-2018-1000072
+CVE-2018-1000072 (iRedMail version prior to commit f04b8ef contains a Insecure Permissio ...)
 	NOT-FOR-US: iRedMail
-CVE-2018-1000071
+CVE-2018-1000071 (roundcube version 1.3.4 and earlier contains an Insecure Permissions v ...)
 	- roundcube <unfixed> (unimportant; bug #897014)
 	[stretch] - roundcube 1.2.3+dfsg.1-4+deb9u2
 	NOTE: https://github.com/roundcube/roundcubemail/issues/6173
@@ -35554,49 +35554,49 @@ CVE-2018-1000071
 	NOTE: That plugin is not functional in stretch due to a missing package dependency, setting it
 	NOTE: up would require several additional manual changes on the admin's side
 	NOTE: Can be mitigated by moving home folder outside the scope of the webserver
-CVE-2018-1000070
+CVE-2018-1000070 (Bitmessage PyBitmessage version v0.6.2 (and introduced in or after com ...)
 	NOT-FOR-US: PyBitmessage
-CVE-2018-1000069
+CVE-2018-1000069 (FreePlane version 1.5.9 and earlier contains a XML External Entity (XX ...)
 	{DSA-4175-1 DLA-1316-1}
 	- freeplane 1.6.6-1 (bug #893663)
 	NOTE: https://www.freeplane.org/wiki/index.php/XML_External_Entity_vulnerability_in_map_parser
 	NOTE: https://github.com/freeplane/freeplane/commit/a5dce7f9f
-CVE-2018-7279
+CVE-2018-7279 (A remote code execution issue was discovered in AlienVault USM and OSS ...)
 	NOT-FOR-US: AlienVault
-CVE-2018-7278
+CVE-2018-7278 (An issue was discovered on RLE Protocol Converter FDS-PC / FDS-PC-DP 2 ...)
 	NOT-FOR-US: RLE Protocol Converter FDS-PC / FDS-PC-DP devices
-CVE-2018-7277
+CVE-2018-7277 (An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent X ...)
 	NOT-FOR-US: RLE Wi-MGR/FDS-Wi 6.2 devices
-CVE-2018-7276
+CVE-2018-7276 (An issue was discovered on Lutron Quantum BACnet Integration 2.0 (firm ...)
 	NOT-FOR-US: Lutron Quantum BACnet Integration 2.0 devices
 CVE-2018-7275
 	RESERVED
-CVE-2018-7274
+CVE-2018-7274 (Yab Quarx through 2.4.3 is prone to multiple persistent cross-site scr ...)
 	NOT-FOR-US: Yab Quarx
-CVE-2018-7273
+CVE-2018-7273 (In the Linux kernel through 4.15.4, the floppy driver reveals the addr ...)
 	- linux 4.15.4-1
 	[wheezy] - linux <ignored> (Minor issue)
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://lkml.org/lkml/2018/2/20/669
-CVE-2018-7272
+CVE-2018-7272 (The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as par ...)
 	NOT-FOR-US: ForgeRock AM
-CVE-2018-7271
+CVE-2018-7271 (An issue was discovered in MetInfo 6.0.0. In install/install.php in th ...)
 	NOT-FOR-US: MetInfo
 CVE-2018-7270
 	RESERVED
-CVE-2018-7269
+CVE-2018-7269 (The findByCondition function in framework/db/ActiveRecord.php in Yii 2 ...)
 	- yii <itp> (bug #597899)
-CVE-2018-7268
+CVE-2018-7268 (MagniComp SysInfo before 10-H81, as shipped with BMC BladeLogic Automa ...)
 	NOT-FOR-US: MagniComp
 CVE-2018-7267
 	RESERVED
 CVE-2018-7266
 	RESERVED
-CVE-2018-7265
+CVE-2018-7265 (Shimmie 2 2.6.0 allows an attacker to upload a crafted SVG file that e ...)
 	NOT-FOR-US: Shimmie
-CVE-2018-7264
+CVE-2018-7264 (The Pictview image processing library embedded in the ActivePDF toolki ...)
 	NOT-FOR-US: ActivePDF
-CVE-2018-7263
+CVE-2018-7263 (The mad_decoder_run() function in decoder.c in Underbit libmad through ...)
 	NOTE: Seems like a duplicate of CVE-2017-11552 relates to the issue raised in
 	NOTE: https://bugs.debian.org/870608
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1081784
@@ -35604,7 +35604,7 @@ CVE-2018-7263
 	NOTE: paths by which libmad is used incorrectly, and both code paths result
 	NOTE: in "double free or corruption" errors, then we would represent this
 	NOTE: with two CVEs."
-CVE-2018-7262
+CVE-2018-7262 (In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGW ...)
 	- ceph <not-affected> (Issue introduced later)
 	NOTE: See details in https://bugs.debian.org/891963#15 . Ceph as present in
 	NOTE: Debian up to 10.2.5-7.2 is not vulnerable as they contain an older
@@ -35612,16 +35612,16 @@ CVE-2018-7262
 	NOTE: null strings on malformed HTTP requests.
 	NOTE: Original pull request: https://github.com/ceph/ceph/pull/20403
 	NOTE: Superseeded by: https://github.com/ceph/ceph/pull/20488
-CVE-2018-7261
+CVE-2018-7261 (There are multiple Persistent XSS vulnerabilities in Radiant CMS 1.1.4 ...)
 	NOT-FOR-US: Radiant CMS
-CVE-2018-7260
+CVE-2018-7260 (Cross-site scripting (XSS) vulnerability in db_central_columns.php in  ...)
 	- phpmyadmin <unfixed> (bug #893539)
 	[stretch] - phpmyadmin <no-dsa> (Minor issue)
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2018-1/
-CVE-2018-7259
+CVE-2018-7259 (The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a ...)
 	NOT-FOR-US: Flight Sim Labs
 CVE-2018-7258
 	RESERVED
@@ -35633,76 +35633,76 @@ CVE-2018-7255
 	RESERVED
 CVE-2018-7252
 	RESERVED
-CVE-2018-7251
+CVE-2018-7251 (An issue was discovered in config/error.php in Anchor 0.12.3. The erro ...)
 	NOT-FOR-US: Anchor CMS
-CVE-2018-7250
+CVE-2018-7250 (An issue was discovered in secdrv.sys as shipped in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-7249
+CVE-2018-7249 (An issue was discovered in secdrv.sys as shipped in Microsoft Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-7254
+CVE-2018-7254 (The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5 ...)
 	{DSA-4125-1}
 	- wavpack 5.1.0-3 (bug #889274)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/dbry/WavPack/issues/26
 	NOTE: https://github.com/dbry/WavPack/commit/8e3fe45a7bac31d9a3b558ae0079e2d92a04799e
-CVE-2018-7253
+CVE-2018-7253 (The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPa ...)
 	{DSA-4125-1}
 	- wavpack 5.1.0-3 (bug #889559)
 	[jessie] - wavpack <not-affected> (Vulnerable code not present)
 	[wheezy] - wavpack <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/dbry/WavPack/issues/28
 	NOTE: https://github.com/dbry/WavPack/commit/36a24c7881427d2e1e4dc1cef58f19eee0d13aec
-CVE-2018-7248
+CVE-2018-7248 (An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3 Buil ...)
 	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
-CVE-2018-7247
+CVE-2018-7247 (An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Lepto ...)
 	- leptonlib 1.76.0-1 (unimportant)
 	NOTE: https://github.com/DanBloomberg/leptonica/commit/c1079bb8e77cdd426759e466729917ca37a3ed9f
-CVE-2018-7246
+CVE-2018-7246 (A cleartext transmission of sensitive information vulnerability exists ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7245
+CVE-2018-7245 (An improper authorization vulnerability exists In Schneider Electric's ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7244
+CVE-2018-7244 (An information disclosure vulnerability exists In Schneider Electric's ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7243
+CVE-2018-7243 (An authorization bypass vulnerability exists In Schneider Electric's 6 ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7242
+CVE-2018-7242 (Vulnerable hash algorithms exists in Schneider Electric's Modicon Prem ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7241
+CVE-2018-7241 (Hard coded accounts exist in Schneider Electric's Modicon Premium, Mod ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7240
+CVE-2018-7240 (A vulnerability exists in Schneider Electric's Modicon Quantum in all  ...)
 	NOT-FOR-US: Schneider
-CVE-2018-7239
+CVE-2018-7239 (A DLL hijacking vulnerability exists in Schneider Electric's SoMove So ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7238
+CVE-2018-7238 (A buffer overflow vulnerability exist in the web-based GUI of Schneide ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7237
+CVE-2018-7237 (A vulnerability exists in Schneider Electric's Pelco Sarix Professiona ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7236
+CVE-2018-7236 (A vulnerability exists in Schneider Electric's Pelco Sarix Professiona ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7235
+CVE-2018-7235 (A vulnerability exists in Schneider Electric's Pelco Sarix Professiona ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7234
+CVE-2018-7234 (A vulnerability exists in Schneider Electric's Pelco Sarix Professiona ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7233
+CVE-2018-7233 (A vulnerability exists in Schneider Electric's Pelco Sarix Professiona ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7232
+CVE-2018-7232 (A vulnerability exists in Schneider Electric's Pelco Sarix Professiona ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7231
+CVE-2018-7231 (A vulnerability exists in Schneider Electric's Pelco Sarix Professiona ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7230
+CVE-2018-7230 (A XML external entity (XXE) vulnerability exists in the import.cgi of  ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7229
+CVE-2018-7229 (A vulnerability exists in Schneider Electric's Pelco Sarix Professiona ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7228
+CVE-2018-7228 (A vulnerability exists in Schneider Electric's Pelco Sarix Professiona ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7227
+CVE-2018-7227 (A vulnerability exists in Schneider Electric's Pelco Sarix Professiona ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2018-7226
+CVE-2018-7226 (An issue was discovered in vcSetXCutTextProc() in VNConsole.c in Linux ...)
 	- vncterm <unfixed> (low; bug #898453)
 	[stretch] - vncterm <no-dsa> (Minor issue)
 	NOTE: https://github.com/LibVNC/vncterm/issues/6
-CVE-2018-7225
+CVE-2018-7225 (An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClie ...)
 	{DSA-4221-1 DLA-1332-1}
 	- libvncserver 0.9.11+dfsg-1.1 (bug #894045)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/218
@@ -35717,29 +35717,29 @@ CVE-2018-7221
 	RESERVED
 CVE-2018-7220
 	RESERVED
-CVE-2018-7219
+CVE-2018-7219 (application/admin/controller/Admin.php in NoneCms 1.3.0 has CSRF, as d ...)
 	NOT-FOR-US: NoneCms
-CVE-2018-7218
+CVE-2018-7218 (The AppFirewall functionality in Citrix NetScaler Application Delivery ...)
 	NOT-FOR-US: Citrix
-CVE-2018-7217
+CVE-2018-7217 (In Bravo Tejari Procurement Portal, uploaded files are not properly va ...)
 	NOT-FOR-US: Bravo Tejari Procurement Portal
-CVE-2018-7216
+CVE-2018-7216 (Cross-site request forgery (CSRF) vulnerability in esop/toolkit/profil ...)
 	NOT-FOR-US: Bravo Tejari Procurement Portal
 CVE-2018-7215
 	RESERVED
 CVE-2018-7214
 	RESERVED
-CVE-2018-7213
+CVE-2018-7213 (The Password Manager Extension in Abine Blur 7.8.242* before 7.8.2428  ...)
 	NOT-FOR-US: Password Manager Extension in Abine Blur
-CVE-2018-7212
+CVE-2018-7212 (An issue was discovered in rack-protection/lib/rack/protection/path_tr ...)
 	NOT-FOR-US: Sinatra
-CVE-2018-7211
+CVE-2018-7211 (An issue was discovered in iDashboards 9.6b. The SSO implementation is ...)
 	NOT-FOR-US: iDashboards
-CVE-2018-7210
+CVE-2018-7210 (An issue was discovered in iDashboards 9.6b. It allows remote attacker ...)
 	NOT-FOR-US: iDashboards
-CVE-2018-7209
+CVE-2018-7209 (An issue was discovered in iDashboards 9.6b. It allows remote attacker ...)
 	NOT-FOR-US: iDashboards
-CVE-2018-7208
+CVE-2018-7208 (In the coff_pointerize_aux function in coffgen.c in the Binary File De ...)
 	- binutils 2.30-6
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -35748,13 +35748,13 @@ CVE-2018-7208
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=eb77f6a4621795367a39cdd30957903af9dbb815
 CVE-2018-7207
 	REJECTED
-CVE-2018-7206
+CVE-2018-7206 (An issue was discovered in Project Jupyter JupyterHub OAuthenticator 0 ...)
 	NOT-FOR-US: JupyterHub
-CVE-2018-7205
+CVE-2018-7205 (** DISPUTED ** Reflected Cross-Site Scripting vulnerability in "Design ...)
 	NOT-FOR-US: Kentico
-CVE-2018-7204
+CVE-2018-7204 (inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for Wor ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2018-7203
+CVE-2018-7203 (Cross-site scripting (XSS) vulnerability in Twonky Server 7.0.11 throu ...)
 	NOT-FOR-US: Twonky Server
 CVE-2018-7202
 	RESERVED
@@ -35764,19 +35764,19 @@ CVE-2018-7200
 	RESERVED
 CVE-2018-7199
 	RESERVED
-CVE-2018-7198
+CVE-2018-7198 (October CMS through 1.0.431 allows XSS by entering HTML on the Add Pos ...)
 	NOT-FOR-US: October CMS
-CVE-2018-7197
+CVE-2018-7197 (An issue was discovered in Pluck through 4.7.4. A stored cross-site sc ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2018-7196
+CVE-2018-7196 (Cross-site scripting (XSS) vulnerability in /scp/index.php in Enhances ...)
 	NOT-FOR-US: osTicket
-CVE-2018-7195
+CVE-2018-7195 (Enhancesoft osTicket before 1.10.2 allows remote attackers to reset ar ...)
 	NOT-FOR-US: osTicket
-CVE-2018-7194
+CVE-2018-7194 (Integer format vulnerability in the ticket number generator in Enhance ...)
 	NOT-FOR-US: osTicket
-CVE-2018-7193
+CVE-2018-7193 (Cross-site scripting (XSS) vulnerability in /scp/directory.php in Enha ...)
 	NOT-FOR-US: osTicket
-CVE-2018-7192
+CVE-2018-7192 (Cross-site scripting (XSS) vulnerability in /ajax.php/form/help-topic  ...)
 	NOT-FOR-US: osTicket
 CVE-2018-7191
 	RESERVED
@@ -35784,9 +35784,9 @@ CVE-2018-7190
 	RESERVED
 CVE-2018-7189
 	RESERVED
-CVE-2018-7188
+CVE-2018-7188 (An XSS vulnerability (via an SVG image) in Tiki before 18 allows an au ...)
 	NOT-FOR-US: Tiki
-CVE-2018-7187
+CVE-2018-7187 (The "go get" implementation in Go 1.9.4, when the -insecure command-li ...)
 	{DSA-4380-1 DSA-4379-1 DLA-1294-1}
 	- golang-1.10 1.10.1-1
 	- golang-1.9 <removed> (bug #895663)
@@ -35796,7 +35796,7 @@ CVE-2018-7187
 	[jessie] - golang <ignored> (Minor issue)
 	NOTE: https://github.com/golang/go/issues/23867
 	NOTE: https://github.com/golang/go/commit/c941e27e70c3e06e1011d2dd71d72a7a06a9bcbc
-CVE-2018-7185
+CVE-2018-7185 (The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attac ...)
 	- ntp 1:4.2.8p11+dfsg-1 (low)
 	[stretch] - ntp <no-dsa> (Minor issue)
 	[jessie] - ntp <no-dsa> (Minor issue)
@@ -35805,7 +35805,7 @@ CVE-2018-7185
 	NOTE: http://www.kb.cert.org/vuls/id/961909
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3454
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
-CVE-2018-7184
+CVE-2018-7184 (ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating  ...)
 	- ntp 1:4.2.8p11+dfsg-1 (low)
 	[stretch] - ntp <no-dsa> (Minor issue)
 	[jessie] - ntp <no-dsa> (Minor issue)
@@ -35815,7 +35815,7 @@ CVE-2018-7184
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3453
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
 	NOTE: http://bk.ntp.org/ntp-stable/?PAGE=cset&REV=5a76f46bK1M87GD1tJounOczC-5Zow
-CVE-2018-7183
+CVE-2018-7183 (Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 throu ...)
 	- ntp 1:4.2.8p11+dfsg-1 (low)
 	[stretch] - ntp <no-dsa> (Minor issue)
 	[jessie] - ntp <no-dsa> (Minor issue)
@@ -35824,7 +35824,7 @@ CVE-2018-7183
 	NOTE: http://www.kb.cert.org/vuls/id/961909
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3414
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
-CVE-2018-7182
+CVE-2018-7182 (The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows r ...)
 	- ntp 1:4.2.8p11+dfsg-1
 	[stretch] - ntp <postponed> (Can be fixed along in a future update)
 	[jessie] - ntp <postponed> (Can be fixed along in a future update)
@@ -35837,45 +35837,45 @@ CVE-2018-7182
 	NOTE: https://lists.ntpsec.org/pipermail/devel/2018-March/006008.html
 CVE-2018-7181
 	RESERVED
-CVE-2018-7186
+CVE-2018-7186 (Leptonica before 1.75.3 does not limit the number of characters in a % ...)
 	{DLA-1302-1}
 	- leptonlib 1.75.3-2 (low; bug #890548)
 	[stretch] - leptonlib <no-dsa> (Minor issue)
 	[jessie] - leptonlib <no-dsa> (Minor issue)
 	NOTE: https://github.com/DanBloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a
-CVE-2018-7180
+CVE-2018-7180 (SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! v ...)
 	NOT-FOR-US: Saxum Astro component for Joomla!
-CVE-2018-7179
+CVE-2018-7179 (SQL Injection exists in the SquadManagement 1.0.3 component for Joomla ...)
 	NOT-FOR-US: SquadManagement component for Joomla!
-CVE-2018-7178
+CVE-2018-7178 (SQL Injection exists in the Saxum Picker 3.2.10 component for Joomla!  ...)
 	NOT-FOR-US: Saxum Picker component for Joomla!
-CVE-2018-7177
+CVE-2018-7177 (SQL Injection exists in the Saxum Numerology 3.0.4 component for Jooml ...)
 	NOT-FOR-US: Saxum Numerology component for Joomla!
-CVE-2018-7176
+CVE-2018-7176 (FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding  ...)
 	- frontaccounting <removed> (bug #890604)
 	[wheezy] - frontaccounting <end-of-life> (unsupported in wheezy, already vulnerable to SQL injection in CVE-2014-3973)
 	NOTE: https://securitywarrior9.blogspot.ca/2018/02/cross-site-request-forgery-front.html
-CVE-2018-7175
+CVE-2018-7175 (An issue was discovered in xpdf 4.00. A NULL pointer dereference in re ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=613
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
-CVE-2018-7174
+CVE-2018-7174 (An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref a ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=605
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
-CVE-2018-7173
+CVE-2018-7173 (A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an  ...)
 	- xpdf <unfixed> (unimportant)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=607
 	NOTE: src:xpdf switched to use system poppler libary in 3.02-3
-CVE-2018-1000068
+CVE-2018-1000068 (An improper input validation vulnerability exists in Jenkins versions  ...)
 	- jenkins <removed>
-CVE-2018-1000067
+CVE-2018-1000067 (An improper authorization vulnerability exists in Jenkins versions 2.1 ...)
 	- jenkins <removed>
-CVE-2018-7172
+CVE-2018-7172 (In index.php in WonderCMS before 2.4.1, remote attackers can delete ar ...)
 	NOT-FOR-US: WonderCMS
-CVE-2018-7171
+CVE-2018-7171 (Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5  ...)
 	NOT-FOR-US: Twonky Server
-CVE-2018-7170
+CVE-2018-7170 (ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authen ...)
 	- ntp 1:4.2.8p11+dfsg-1
 	[stretch] - ntp <no-dsa> (Minor issue)
 	[jessie] - ntp <no-dsa> (Minor issue)
@@ -35884,7 +35884,7 @@ CVE-2018-7170
 	NOTE: http://www.kb.cert.org/vuls/id/961909
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3415
 	NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
-CVE-2018-7169
+CVE-2018-7169 (An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is  ...)
 	- shadow <unfixed> (bug #890557)
 	[stretch] - shadow <no-dsa> (Minor issue)
 	[jessie] - shadow <no-dsa> (Minor issue)
@@ -35893,17 +35893,17 @@ CVE-2018-7169
 	NOTE: https://github.com/shadow-maint/shadow/pull/97
 CVE-2018-7168
 	RESERVED
-CVE-2018-7167
+CVE-2018-7167 (Calling Buffer.fill() or Buffer.alloc() with some parameters can lead  ...)
 	- nodejs <unfixed> (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/#calls-to-buffer-fill-and-or-buffer-alloc-may-hang-cve-2018-7167
-CVE-2018-7166
+CVE-2018-7166 (In all versions of Node.js 10 prior to 10.9.0, an argument processing  ...)
 	[experimental] - nodejs <unfixed>
 	- nodejs <not-affected> (Only affects 10.x and later)
 	NOTE: https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
 	NOTE: https://github.com/nodejs/node/commit/40a7beeddac9b9ec9ef5b49157daaf8470648b08
 CVE-2018-7165
 	RESERVED
-CVE-2018-7164
+CVE-2018-7164 (Node.js versions 9.7.0 and later and 10.x are vulnerable and the sever ...)
 	- nodejs <unfixed> (unimportant)
 	[stretch] - nodejs <not-affected> (Only affects >= 9.x)
 	[jessie] - nodejs <not-affected> (Only affects >= 9.x)
@@ -35911,26 +35911,26 @@ CVE-2018-7164
 	NOTE: https://github.com/nodejs/node/commit/3217e8e66fa81e
 CVE-2018-7163
 	RESERVED
-CVE-2018-7162
+CVE-2018-7162 (All versions of Node.js 9.x and 10.x are vulnerable and the severity i ...)
 	- nodejs <unfixed> (unimportant)
 	[stretch] - nodejs <not-affected> (Only affects >= 8.x)
 	[jessie] - nodejs <not-affected> (Only affects >= 8.x)
 	NOTE: https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/#denial-of-service-vulnerability-in-tls-cve-2018-7162
 	NOTE: https://github.com/nodejs/node/commit/0cb3325f1
-CVE-2018-7161
+CVE-2018-7161 (All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the seve ...)
 	- nodejs <unfixed> (unimportant)
 	[stretch] - nodejs <not-affected> (Only affects >= 8.x)
 	[jessie] - nodejs <not-affected> (Only affects >= 8.x)
 	NOTE: https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/#denial-of-service-vulnerability-in-http-2-cve-2018-7161
 	NOTE: https://github.com/nodejs/node/commit/8bf213dbdc7e
-CVE-2018-7160
+CVE-2018-7160 (The Node.js inspector, in 6.x and later is vulnerable to a DNS rebindi ...)
 	- nodejs <unfixed> (unimportant)
 	[stretch] - nodejs <not-affected> (Vulnerable code not present)
 	[jessie] - nodejs <not-affected> (Vulnerable code not present)
 	[wheezy] - nodejs <not-affected> (Vulnerable code not present)
-CVE-2018-7159
+CVE-2018-7159 (The HTTP parser in all current versions of Node.js ignores spaces in t ...)
 	- nodejs <unfixed> (unimportant)
-CVE-2018-7158
+CVE-2018-7158 (The `'path'` module in the Node.js 4.x release line contains a potenti ...)
 	- nodejs 6.0.0~dfsg-1 (unimportant)
 CVE-2018-7157
 	RESERVED
@@ -36014,59 +36014,59 @@ CVE-2018-7118
 	RESERVED
 CVE-2018-7117
 	RESERVED
-CVE-2018-7116
+CVE-2018-7116 (HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P0 ...)
 	NOT-FOR-US: HPE
-CVE-2018-7115
+CVE-2018-7115 (HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P0 ...)
 	NOT-FOR-US: HPE
-CVE-2018-7114
+CVE-2018-7114 (HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P0 ...)
 	NOT-FOR-US: HPE
-CVE-2018-7113
+CVE-2018-7113 (A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) prior  ...)
 	NOT-FOR-US: HPE
-CVE-2018-7112
+CVE-2018-7112 (The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7 ...)
 	NOT-FOR-US: HPE
-CVE-2018-7111
+CVE-2018-7111 (A remote unauthorized access vulnerability was identified in HPE UIoT  ...)
 	NOT-FOR-US: HPE
-CVE-2018-7110
+CVE-2018-7110 (A remote unauthorized disclosure of information vulnerability was iden ...)
 	NOT-FOR-US: HPE
-CVE-2018-7109
+CVE-2018-7109 (HPE has addressed a remote arbitrary file modification vulnerability i ...)
 	NOT-FOR-US: HPE
-CVE-2018-7108
+CVE-2018-7108 (HPE StorageWorks XP7 Automation Director (AutoDir) version 8.5.2-02 to ...)
 	NOT-FOR-US: HPE
-CVE-2018-7107
+CVE-2018-7107 (A potential security vulnerability has been identified in HPE Device E ...)
 	NOT-FOR-US: HPE
 CVE-2018-7106
 	REJECTED
-CVE-2018-7105
+CVE-2018-7105 (A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HP ...)
 	NOT-FOR-US: HPE
-CVE-2018-7104
+CVE-2018-7104 (A Remote Code Execution vulnerability was identified in HPE Intelligen ...)
 	NOT-FOR-US: HPE
-CVE-2018-7103
+CVE-2018-7103 (A Remote Code Execution vulnerability was identified in HPE Intelligen ...)
 	NOT-FOR-US: HPE
-CVE-2018-7102
+CVE-2018-7102 (A security vulnerability in HPE Intelligent Management Center (iMC) PL ...)
 	NOT-FOR-US: HPE
-CVE-2018-7101
+CVE-2018-7101 (A potential remote denial of service security vulnerability has been i ...)
 	NOT-FOR-US: HPE
-CVE-2018-7100
+CVE-2018-7100 (A potential security vulnerability has been identified in HPE OfficeCo ...)
 	NOT-FOR-US: HPE OfficeConnect 1810 Switch Series
-CVE-2018-7099
+CVE-2018-7099 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
 	NOT-FOR-US: 3PAR
-CVE-2018-7098
+CVE-2018-7098 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
 	NOT-FOR-US: 3PAR
-CVE-2018-7097
+CVE-2018-7097 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
 	NOT-FOR-US: 3PAR
-CVE-2018-7096
+CVE-2018-7096 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
 	NOT-FOR-US: 3PAR
-CVE-2018-7095
+CVE-2018-7095 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
 	NOT-FOR-US: 3PAR
-CVE-2018-7094
+CVE-2018-7094 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
 	NOT-FOR-US: 3PAR
-CVE-2018-7093
+CVE-2018-7093 (A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90 ...)
 	NOT-FOR-US: HPE
-CVE-2018-7092
+CVE-2018-7092 (A potential security vulnerability has been identified in HPE Intellig ...)
 	NOT-FOR-US: HPE
-CVE-2018-7091
+CVE-2018-7091 (HPE XP P9000 Command View Advanced Edition Software (CVAE) has open UR ...)
 	NOT-FOR-US: HPE
-CVE-2018-7090
+CVE-2018-7090 (HPE XP P9000 Command View Advanced Edition Software (CVAE) has local a ...)
 	NOT-FOR-US: HPE
 CVE-2018-7089
 	RESERVED
@@ -36086,59 +36086,59 @@ CVE-2018-7082
 	RESERVED
 CVE-2018-7081
 	RESERVED
-CVE-2018-7080
+CVE-2018-7080 (A vulnerability exists in the firmware of embedded BLE radios that are ...)
 	NOT-FOR-US: Aruba
-CVE-2018-7079
+CVE-2018-7079 (Aruba ClearPass Policy Manager guest authorization failure. Certain ad ...)
 	NOT-FOR-US: Aruba
-CVE-2018-7078
+CVE-2018-7078 (A remote code execution was identified in HPE Integrated Lights-Out 4  ...)
 	NOT-FOR-US: HPE
-CVE-2018-7077
+CVE-2018-7077 (A security vulnerability in HPE XP P9000 Command View Advanced Edition ...)
 	NOT-FOR-US: HPE
-CVE-2018-7076
+CVE-2018-7076 (A remote code execution vulnerability was identified in HPE Intelligen ...)
 	NOT-FOR-US: HPE
-CVE-2018-7075
+CVE-2018-7075 (A remote cross-site scripting (XSS) vulnerability was identified in HP ...)
 	NOT-FOR-US: HPE
-CVE-2018-7074
+CVE-2018-7074 (A remote code execution vulnerability was identified in HPE Intelligen ...)
 	NOT-FOR-US: HPE
-CVE-2018-7073
+CVE-2018-7073 (A local arbitrary file modification vulnerability was identified in HP ...)
 	NOT-FOR-US: HPE
-CVE-2018-7072
+CVE-2018-7072 (A remote bypass of security restrictions vulnerability was identified  ...)
 	NOT-FOR-US: HPE
-CVE-2018-7071
+CVE-2018-7071 (HPE has identified a remote access to sensitive information vulnerabil ...)
 	NOT-FOR-US: HPE
-CVE-2018-7070
+CVE-2018-7070 (HPE has identified a remote disclosure of information vulnerability in ...)
 	NOT-FOR-US: HPE
-CVE-2018-7069
+CVE-2018-7069 (HPE has identified a remote unauthenticated access to files vulnerabil ...)
 	NOT-FOR-US: HPE
-CVE-2018-7068
+CVE-2018-7068 (HPE has identified a remote HOST header attack vulnerability in HPE Ce ...)
 	NOT-FOR-US: HPE
-CVE-2018-7067
+CVE-2018-7067 (A Remote Authentication bypass in Aruba ClearPass Policy Manager leads ...)
 	NOT-FOR-US: Aruba
-CVE-2018-7066
+CVE-2018-7066 (An unauthenticated remote command execution exists in Aruba ClearPass  ...)
 	NOT-FOR-US: Aruba
-CVE-2018-7065
+CVE-2018-7065 (An authenticated SQL injection vulnerability in Aruba ClearPass Policy ...)
 	NOT-FOR-US: Aruba
 CVE-2018-7064
 	RESERVED
-CVE-2018-7063
+CVE-2018-7063 (In Aruba ClearPass, disabled API admins can still perform read/write o ...)
 	NOT-FOR-US: Aruba
 CVE-2018-7062
 	RESERVED
 CVE-2018-7061
 	RESERVED
-CVE-2018-7060
+CVE-2018-7060 (Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulne ...)
 	NOT-FOR-US: Aruba ClearPass
-CVE-2018-7059
+CVE-2018-7059 (Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that hel ...)
 	NOT-FOR-US: Aruba ClearPass
-CVE-2018-7058
+CVE-2018-7058 (Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by  ...)
 	NOT-FOR-US: Aruba ClearPass
-CVE-2018-7057
+CVE-2018-7057 (RoomWizard before 4.4.x allows XSS via the HelpAction.action pageName  ...)
 	NOT-FOR-US: RoomWizard
-CVE-2018-7056
+CVE-2018-7056 (RoomWizard before 4.4.x allows remote attackers to obtain potentially  ...)
 	NOT-FOR-US: RoomWizard
-CVE-2018-7055
+CVE-2018-7055 (GroupViewProxyServlet in RoomWizard before 4.4.x allows SSRF via the u ...)
 	NOT-FOR-US: RoomWizard
-CVE-2018-7054
+CVE-2018-7054 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1.  ...)
 	{DSA-4162-1}
 	- irssi 1.0.7-1 (bug #890674)
 	[jessie] - irssi <not-affected> (Vulnerable netsplit code introduced in 1.0.0)
@@ -36149,38 +36149,38 @@ CVE-2018-7054
 	NOTE: https://github.com/irssi/irssi/commit/fa8508404f4c4a02749cae5148662e2322c2abf0
 	NOTE: https://github.com/irssi/irssi/commit/a4f99ae746efb121185fe76c392a64d743a9eb92
 	NOTE: But the CVE is specifically for the use-after-free issue.
-CVE-2018-7053
+CVE-2018-7053 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1.  ...)
 	{DSA-4162-1}
 	- irssi 1.0.7-1 (bug #890674)
 	[jessie] - irssi <not-affected> (Vulnerable code introduced in 0.8.18)
 	[wheezy] - irssi <not-affected> (Vulnerable code introduced in 0.8.18)
 	NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
 	NOTE: Fixed by: https://github.com/irssi/irssi/commit/84f03e01467b90a4251987b32b2813ee976b357c
-CVE-2018-7052
+CVE-2018-7052 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1.  ...)
 	{DSA-4162-1 DLA-1289-1}
 	- irssi 1.0.7-1 (bug #890676)
 	[jessie] - irssi <ignored> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
 	NOTE: Fixed by: https://github.com/irssi/irssi/commit/5b5bfef03596d95079c728f65f523570dd7b03aa
-CVE-2018-7051
+CVE-2018-7051 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1.  ...)
 	{DSA-4162-1 DLA-1318-1}
 	- irssi 1.0.7-1 (bug #890677)
 	[jessie] - irssi <ignored> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
 	NOTE: Fixed by: https://github.com/irssi/irssi/commit/e32e9d63c67ab95ef0576154680a6c52334b97af
-CVE-2018-7050
+CVE-2018-7050 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1.  ...)
 	{DSA-4162-1 DLA-1289-1}
 	- irssi 1.0.7-1 (bug #890678)
 	[jessie] - irssi <ignored> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
 	NOTE: Fixed by: https://github.com/irssi/irssi/commit/e91da9e4098e449dc36eaa15354aff67650e7703
-CVE-2018-7049
+CVE-2018-7049 (An issue was discovered in Wowza Streaming Engine before 4.7.1. There  ...)
 	NOT-FOR-US: Wowza Streaming Engine
-CVE-2018-7048
+CVE-2018-7048 (An issue was discovered in Wowza Streaming Engine before 4.7.1. There  ...)
 	NOT-FOR-US: Wowza Streaming Engine
-CVE-2018-7047
+CVE-2018-7047 (An issue was discovered in the MBeans Server in Wowza Streaming Engine ...)
 	NOT-FOR-US: Wowza Streaming Engine
-CVE-2018-7046
+CVE-2018-7046 (** DISPUTED ** Arbitrary code execution vulnerability in Kentico 9 thr ...)
 	NOT-FOR-US: Kentico
 CVE-2018-7045
 	RESERVED
@@ -36194,7 +36194,7 @@ CVE-2018-7041
 	RESERVED
 CVE-2018-7040
 	RESERVED
-CVE-2018-7039
+CVE-2018-7039 (CCN-lite 2.0.0 Beta allows remote attackers to cause a denial of servi ...)
 	NOT-FOR-US: CCN-lite 2
 CVE-2018-7038
 	RESERVED
@@ -36202,11 +36202,11 @@ CVE-2018-7037
 	RESERVED
 CVE-2018-7036
 	RESERVED
-CVE-2018-7035
+CVE-2018-7035 (Cross-site scripting (XSS) vulnerability in Gleez CMS 1.2.0 and 2.0 mi ...)
 	NOT-FOR-US: Gleez CMS
-CVE-2018-7034
+CVE-2018-7034 (TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B0 ...)
 	NOT-FOR-US: TRENDnet devices
-CVE-2018-7033
+CVE-2018-7033 (SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL In ...)
 	{DSA-4254-1 DLA-1437-1 DLA-1367-1}
 	- slurm-llnl 17.11.5-1 (bug #893044)
 	NOTE: https://bugs.schedmd.com/show_bug.cgi?id=4792 (not yet public)
@@ -36308,63 +36308,63 @@ CVE-2018-6985
 	REJECTED
 CVE-2018-6984
 	RESERVED
-CVE-2018-6983
+CVE-2018-6983 (VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fus ...)
 	NOT-FOR-US: VMware
-CVE-2018-6982
+CVE-2018-6982 (VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 witho ...)
 	NOT-FOR-US: VMware
 	NOTE: https://seclists.org/bugtraq/2018/Nov/12
-CVE-2018-6981
+CVE-2018-6981 (VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 witho ...)
 	NOT-FOR-US: VMware
 	NOTE: https://seclists.org/bugtraq/2018/Nov/12
-CVE-2018-6980
+CVE-2018-6980 (VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2 ...)
 	NOT-FOR-US: VMware
-CVE-2018-6979
+CVE-2018-6979 (The VMware Workspace ONE Unified Endpoint Management Console (A/W Cons ...)
 	NOT-FOR-US: VMware
-CVE-2018-6978
+CVE-2018-6978 (vRealize Operations (7.x before 7.0.0.11287810, 6.7.x before 6.7.0.112 ...)
 	NOT-FOR-US: VMware
-CVE-2018-6977
+CVE-2018-6977 (VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (1 ...)
 	NOT-FOR-US: VMware
-CVE-2018-6976
+CVE-2018-6976 (The VMware Content Locker for iOS prior to 4.14 contains a data protec ...)
 	NOT-FOR-US: VMware
-CVE-2018-6975
+CVE-2018-6975 (The AirWatch Agent for iOS prior to 5.8.1 contains a data protection v ...)
 	NOT-FOR-US: AirWatch Agent for iOS
-CVE-2018-6974
+CVE-2018-6974 (VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-20180 ...)
 	NOT-FOR-US: VMware
-CVE-2018-6973
+CVE-2018-6973 (VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3 ...)
 	NOT-FOR-US: VMware
-CVE-2018-6972
+CVE-2018-6972 (VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-20180 ...)
 	NOT-FOR-US: VMware
-CVE-2018-6971
+CVE-2018-6971 (VMware Horizon View Agents (7.x.x before 7.5.1) contain a local inform ...)
 	NOT-FOR-US: VMware
-CVE-2018-6970
+CVE-2018-6970 (VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), ...)
 	NOT-FOR-US: VMware
-CVE-2018-6969
+CVE-2018-6969 (VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds  ...)
 	NOT-FOR-US: VMware
-CVE-2018-6968
+CVE-2018-6968 (The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent  ...)
 	NOT-FOR-US: VMware AirWatch Agent
-CVE-2018-6967
+CVE-2018-6967 (VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x befor ...)
 	NOT-FOR-US: VMware
-CVE-2018-6966
+CVE-2018-6966 (VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x befor ...)
 	NOT-FOR-US: VMware
-CVE-2018-6965
+CVE-2018-6965 (VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x befor ...)
 	NOT-FOR-US: VMware
-CVE-2018-6964
+CVE-2018-6964 (VMware Horizon Client for Linux (4.x before 4.8.0 and prior) contains  ...)
 	NOT-FOR-US: VMware
-CVE-2018-6963
+CVE-2018-6963 (VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2 ...)
 	NOT-FOR-US: VMware
-CVE-2018-6962
+CVE-2018-6962 (VMware Fusion (10.x before 10.1.2) contains a signature bypass vulnera ...)
 	NOT-FOR-US: VMware
-CVE-2018-6961
+CVE-2018-6961 (VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a  ...)
 	NOT-FOR-US: VMware NSX SD-WAN Edge by VeloCloud
-CVE-2018-6960
+CVE-2018-6960 (VMware Horizon DaaS (7.x before 8.0.0) contains a broken authenticatio ...)
 	NOT-FOR-US: VMware Horizon DaaS
-CVE-2018-6959
+CVE-2018-6959 (VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulnerabili ...)
 	NOT-FOR-US: VMware vRealize Automation
-CVE-2018-6958
+CVE-2018-6958 (VMware vRealize Automation (vRA) prior to 7.3.1 contains a vulnerabili ...)
 	NOT-FOR-US: VMware vRealize Automation
-CVE-2018-6957
+CVE-2018-6957 (VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before  ...)
 	NOT-FOR-US: VMware
-CVE-2018-7032
+CVE-2018-7032 (webcheckout in myrepos through 1.20171231 does not sanitize URLs that  ...)
 	- myrepos 1.20180726 (bug #840014)
 	[stretch] - myrepos <no-dsa> (Minor issue)
 	[jessie] - myrepos <no-dsa> (Minor issue)
@@ -36377,7 +36377,7 @@ CVE-2018-6956
 	RESERVED
 CVE-2018-6955
 	RESERVED
-CVE-2018-6954
+CVE-2018-6954 (systemd-tmpfiles in systemd through 237 mishandles symlinks present in ...)
 	- systemd 238-1 (low; bug #890779)
 	[stretch] - systemd <ignored> (Minor issue, too intrusive to backport)
 	[jessie] - systemd <postponed> (Minor issue, revisit if/when fixed upstream)
@@ -36385,13 +36385,13 @@ CVE-2018-6954
 	NOTE: https://github.com/systemd/systemd/issues/7986
 	NOTE: https://github.com/systemd/systemd/pull/8822
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/22/1
-CVE-2018-6953
+CVE-2018-6953 (In CCN-lite 2, the Parser of NDNTLV does not verify whether a certain  ...)
 	NOT-FOR-US: CCN-lite 2
-CVE-2018-6952
+CVE-2018-6952 (A double free exists in the another_hunk function in pch.c in GNU patc ...)
 	- patch <unfixed> (unimportant)
 	NOTE: https://savannah.gnu.org/bugs/index.php?53133
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-6951
+CVE-2018-6951 (An issue was discovered in GNU patch through 2.7.6. There is a segment ...)
 	- patch <unfixed> (unimportant)
 	NOTE: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a
 	NOTE: https://savannah.gnu.org/bugs/index.php?53132
@@ -36400,28 +36400,28 @@ CVE-2018-6950
 	RESERVED
 CVE-2018-6949
 	RESERVED
-CVE-2018-6948
+CVE-2018-6948 (In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a bu ...)
 	NOT-FOR-US: CCN-lite 2
-CVE-2018-6947
+CVE-2018-6947 (An uninitialised stack variable in the nxfuse component that is part o ...)
 	NOT-FOR-US: DokanFS
 CVE-2018-6946
 	RESERVED
 CVE-2018-6945
 	RESERVED
-CVE-2018-6944
+CVE-2018-6944 (core/lib/upload/um-file-upload.php in the UltimateMember plugin 2.0 fo ...)
 	NOT-FOR-US: UltimateMember plugin for WordPress
-CVE-2018-6943
+CVE-2018-6943 (core/lib/upload/um-image-upload.php in the UltimateMember plugin 2.0 f ...)
 	NOT-FOR-US: UltimateMember plugin for WordPress
-CVE-2018-6942
+CVE-2018-6942 (An issue was discovered in FreeType 2 through 2.9. A NULL pointer dere ...)
 	- freetype 2.9.1-3 (bug #890450)
 	[stretch] - freetype <not-affected> (Vulnerable code introduced later)
 	[jessie] - freetype <not-affected> (Vulnerable code introduced later)
 	[wheezy] - freetype <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736
 	NOTE: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef
-CVE-2018-6941
+CVE-2018-6941 (A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 B ...)
 	NOT-FOR-US: NAT32 devices
-CVE-2018-6940
+CVE-2018-6940 (A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Bu ...)
 	NOT-FOR-US: NAT32 devices
 CVE-2018-6939
 	RESERVED
@@ -36429,11 +36429,11 @@ CVE-2018-6938
 	RESERVED
 CVE-2018-6937
 	RESERVED
-CVE-2018-6936
+CVE-2018-6936 (Cross Site Scripting (XSS) exists on the D-Link DIR-600M C1 3.01 via t ...)
 	NOT-FOR-US: D-Link
-CVE-2018-6935
+CVE-2018-6935 (PHP Scripts Mall Student Profile Management System Script v2.0.6 has X ...)
 	NOT-FOR-US: PHP Scripts Mall Student Profile Management System Script
-CVE-2018-6934
+CVE-2018-6934 (CSRF exists in student/personal-info in PHP Scripts Mall Online Tutori ...)
 	NOT-FOR-US: PHP Scripts Mall Online Tutoring Script
 CVE-2018-6933
 	RESERVED
@@ -36441,12 +36441,12 @@ CVE-2018-6932
 	RESERVED
 CVE-2018-6931
 	RESERVED
-CVE-2018-6930
+CVE-2018-6930 (A stack-based buffer over-read in the ComputeResizeImage function in t ...)
 	- imagemagick <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/967
 CVE-2018-6929
 	RESERVED
-CVE-2018-6928
+CVE-2018-6928 (PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a sea ...)
 	NOT-FOR-US: PHP Scripts Mall News Website Script
 CVE-2018-1000066
 	REJECTED
@@ -36454,56 +36454,56 @@ CVE-2018-1000065
 	REJECTED
 CVE-2018-1000064
 	REJECTED
-CVE-2018-6927
+CVE-2018-6927 (The futex_requeue function in kernel/futex.c in the Linux kernel befor ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.17-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a
-CVE-2018-6926
+CVE-2018-6926 (In app/Controller/ServersController.php in MISP 2.4.87, a server setti ...)
 	NOT-FOR-US: MISP
-CVE-2018-6925
+CVE-2018-6925 (In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE- ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-EN-18:11.listen.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6924
+CVE-2018-6924 (In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4 ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.freebsd.org/advisories/FreeBSD-SA-18:12.elf.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6923
+CVE-2018-6923 (In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip f ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-18:10.ip.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6922
+CVE-2018-6922 (One of the data structures that holds TCP segments in all versions of  ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.kb.cert.org/vuls/id/962459
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6921
+CVE-2018-6921 (In FreeBSD before 11.1-STABLE(r332066) and 11.1-RELEASE-p10, due to in ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-EN-18:05.mem.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6920
+CVE-2018-6920 (In FreeBSD before 11.1-STABLE(r332303), 11.1-RELEASE-p10, 10.4-STABLE( ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-EN-18:05.mem.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6919
+CVE-2018-6919 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELE ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-EN-18:04.mem.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6918
+CVE-2018-6918 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELE ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-SA-18:05.ipsec.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6917
+CVE-2018-6917 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELE ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-18:04.vt.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2018-6916
+CVE-2018-6916 (In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELE ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/patches/SA-18:01/ipsec-10.patch
 	NOTE: kfreebsd not covered by security support
 CVE-2018-6915
 	RESERVED
-CVE-2018-6914
+CVE-2018-6914 (Directory traversal vulnerability in the Dir.mktmpdir method in the tm ...)
 	{DSA-4259-1 DLA-1421-1 DLA-1359-1 DLA-1358-1}
 	- ruby2.5 2.5.1-1
 	- ruby2.3 <removed>
@@ -36516,42 +36516,42 @@ CVE-2018-6914
 	NOTE: Fixed by: https://github.com/ruby/ruby/commit/e9ddf2ba41a0bffe1047e33576affd48808c5d0b (2.2.10)
 CVE-2018-1000063
 	REJECTED
-CVE-2018-6913
+CVE-2018-6913 (Heap-based buffer overflow in the pack function in Perl before 5.26.2  ...)
 	{DSA-4172-1 DLA-1345-1}
 	- perl 5.26.1-6
 	NOTE: https://rt.perl.org/Public/Bug/Display.html?id=131844
 	NOTE: maint-5.26: https://perl5.git.perl.org/perl.git/commitdiff/0fcf83230df5f8c52602ae22fde57c7ea885534d
 	NOTE: maint-5.24: https://perl5.git.perl.org/perl.git/commitdiff/a9d5c6e11891b48be06d4e06eeed18642bc98527
-CVE-2018-6912
+CVE-2018-6912 (The decode_plane function in libavcodec/utvideodec.c in FFmpeg through ...)
 	- ffmpeg 7:4.0.1-2 (low)
 	[stretch] - ffmpeg <not-affected> (Code in 3.2 is different/not affected)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/76cc0f0f673353cd4746cd3b83838ae335e5d9ed
-CVE-2018-6911
+CVE-2018-6911 (The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3 ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2018-6910
+CVE-2018-6910 (DedeCMS 5.7 allows remote attackers to discover the full path via a di ...)
 	NOT-FOR-US: DedeCMS
-CVE-2018-6909
+CVE-2018-6909 (A missing X-Frame-Options header in the Green Electronics RainMachine  ...)
 	NOT-FOR-US: Green Electronics
-CVE-2018-6908
+CVE-2018-6908 (An authentication bypass vulnerability exists in the Green Electronics ...)
 	NOT-FOR-US: Green Electronics
-CVE-2018-6907
+CVE-2018-6907 (A Cross Site Request Forgery (CSRF) vulnerability in the Green Electro ...)
 	NOT-FOR-US: Green Electronics
-CVE-2018-6906
+CVE-2018-6906 (A persistent Cross Site Scripting (XSS) vulnerability in the Green Ele ...)
 	NOT-FOR-US: Green Electronics
-CVE-2018-6905
+CVE-2018-6905 (The page module in TYPO3 before 8.7.11, and 9.1.0, has XSS via $GLOBAL ...)
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life>
-CVE-2018-6904
+CVE-2018-6904 (PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name fie ...)
 	NOT-FOR-US: PHP Scripts Mall Car Rental Script
-CVE-2018-6903
+CVE-2018-6903 (PHP Scripts Mall Hot Scripts Clone Script Classified v3.1 uses the cli ...)
 	NOT-FOR-US: PHP Scripts Mall Hot Scripts Clone Script Classified
-CVE-2018-6902
+CVE-2018-6902 (PHP Scripts Mall Image Sharing Script 1.3.3 has XSS via the Full Name  ...)
 	NOT-FOR-US: PHP Scripts Mall Image Sharing Script
 CVE-2018-6901
 	RESERVED
-CVE-2018-6900
+CVE-2018-6900 (PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name ...)
 	NOT-FOR-US: PHP Scripts Mall Website Broker Script
 CVE-2018-6899
 	RESERVED
@@ -36565,17 +36565,17 @@ CVE-2018-6895
 	RESERVED
 CVE-2018-6894
 	RESERVED
-CVE-2018-6893
+CVE-2018-6893 (controllers/member/Api.php in dayrui FineCms 5.2.0 has SQL Injection:  ...)
 	NOT-FOR-US: FineCms
-CVE-2018-6892
+CVE-2018-6892 (An issue was discovered in CloudMe before 1.11.0. An unauthenticated r ...)
 	NOT-FOR-US: CloudMe
-CVE-2018-6891
+CVE-2018-6891 (Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via a jQue ...)
 	NOT-FOR-US: Bookly #1 WordPress Booking Plugin Lite
-CVE-2018-6890
+CVE-2018-6890 (Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the p ...)
 	NOT-FOR-US: Wolf CMS
-CVE-2018-6889
+CVE-2018-6889 (An issue was discovered in Typesetter 5.1. It suffers from a Host head ...)
 	NOT-FOR-US: Typesetter CMS
-CVE-2018-6888
+CVE-2018-6888 (An issue was discovered in Typesetter 5.1. The User Permissions page ( ...)
 	NOT-FOR-US: Typesetter CMS
 CVE-2018-6887
 	RESERVED
@@ -36585,112 +36585,112 @@ CVE-2018-6885
 	RESERVED
 CVE-2018-6884
 	RESERVED
-CVE-2018-6883
+CVE-2018-6883 (Piwigo before 2.9.3 has SQL injection in admin/tags.php in the adminis ...)
 	- piwigo <removed>
-CVE-2018-6882
+CVE-2018-6882 (Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttac ...)
 	NOT-FOR-US: Zimbra
-CVE-2018-1000062
+CVE-2018-1000062 (WonderCMS version 2.4.0 contains a Stored Cross-Site Scripting on File ...)
 	NOT-FOR-US: WonderCMS
-CVE-2018-1000061
+CVE-2018-1000061 (ARM mbedTLS version development branch, 2.7.0 and earlier contains a C ...)
 	- mbedtls <unfixed> (unimportant)
 	NOTE: https://github.com/ARMmbed/mbedtls/issues/1356
 	NOTE: Non-issue as further analysis has shown and issue in progress to be rejected
-CVE-2018-1000060
+CVE-2018-1000060 (Sensu, Inc. Sensu Core version Before 1.2.0 &amp; before commit 46ff10 ...)
 	- sensu <itp> (bug #838484)
-CVE-2018-1000059
+CVE-2018-1000059 (ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnera ...)
 	NOT-FOR-US: ValidFormBuilder
-CVE-2018-6881
+CVE-2018-6881 (EmpireCMS 6.6 allows remote attackers to discover the full path via an ...)
 	NOT-FOR-US: EmpireCMS
-CVE-2018-6880
+CVE-2018-6880 (EmpireCMS 6.6 through 7.2 allows remote attackers to discover the full ...)
 	NOT-FOR-US: EmpireCMS
-CVE-2018-6879
+CVE-2018-6879 (PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to e ...)
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
-CVE-2018-6878
+CVE-2018-6878 (Cross Site Scripting (XSS) exists in the review section in PHP Scripts ...)
 	NOT-FOR-US: PHP Scripts Mall Hot Scripts Clone Script Classified
 CVE-2018-6877
 	RESERVED
-CVE-2018-6876
+CVE-2018-6876 (The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used i ...)
 	NOT-FOR-US: libfpx
-CVE-2018-6875
+CVE-2018-6875 (Format String vulnerability in KeepKey version 4.0.0 allows attackers  ...)
 	NOT-FOR-US: KeepKey
-CVE-2018-6874
+CVE-2018-6874 (CSRF exists in the Auth0 authentication service through 14591 if the L ...)
 	NOT-FOR-US: Auth0
-CVE-2018-6873
+CVE-2018-6873 (The Auth0 authentication service before 2017-10-15 allows privilege es ...)
 	NOT-FOR-US: Auth0
-CVE-2018-6872
+CVE-2018-6872 (The elf_parse_notes function in elf.c in the Binary File Descriptor (B ...)
 	- binutils 2.30-4
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22788
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=ef135d4314fd4c2d7da66b9d7b59af4a85b0f7e6
-CVE-2018-6871
+CVE-2018-6871 (LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers  ...)
 	{DSA-4111-2 DSA-4111-1}
 	- libreoffice 1:6.0.1-1
 	[wheezy] - libreoffice <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure
-CVE-2018-6870
+CVE-2018-6870 (Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 v ...)
 	NOT-FOR-US: PHP Scripts Mall Website Seller Script
-CVE-2018-6869
+CVE-2018-6869 (In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a c ...)
 	{DLA-1287-1}
 	- zziplib 0.13.62-3.2 (bug #889089)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
 	NOTE: https://github.com/gdraheim/zziplib/issues/22
 	NOTE: https://github.com/gdraheim/zziplib/commit/0c0c9256b0903f664bca25dd8d924211f81e01d3 (v0.13.68)
-CVE-2018-6868
+CVE-2018-6868 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Slickdeals / Dea ...)
 	NOT-FOR-US: PHP Scripts Mall Slickdeals / DealNews / Groupon Clone Script
-CVE-2018-6867
+CVE-2018-6867 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Alibaba Clone Sc ...)
 	NOT-FOR-US: PHP Scripts Mall Alibaba Clone Script
-CVE-2018-6866
+CVE-2018-6866 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Learning and Exa ...)
 	NOT-FOR-US: PHP Scripts Mall Learning and Examination Management System Script
 CVE-2018-6865
 	RESERVED
-CVE-2018-6864
+CVE-2018-6864 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Multi religion R ...)
 	NOT-FOR-US: PHP Scripts Mall Multi religion Responsive Matrimonial
-CVE-2018-6863
+CVE-2018-6863 (SQL Injection exists in PHP Scripts Mall Select Your College Script 2. ...)
 	NOT-FOR-US: PHP Scripts Mall Select Your College Script
-CVE-2018-6862
+CVE-2018-6862 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Bitcoin MLM Soft ...)
 	NOT-FOR-US: PHP Scripts Mall Bitcoin MLM Software
-CVE-2018-6861
+CVE-2018-6861 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Lawyer Search Sc ...)
 	NOT-FOR-US: PHP Scripts Mall Lawyer Search Script
-CVE-2018-6860
+CVE-2018-6860 (Arbitrary File Upload and Remote Code Execution exist in PHP Scripts M ...)
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
-CVE-2018-6859
+CVE-2018-6859 (SQL Injection exists in PHP Scripts Mall Schools Alert Management Scri ...)
 	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
-CVE-2018-6858
+CVE-2018-6858 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Facebook Clone S ...)
 	NOT-FOR-US: PHP Scripts Mall Facebook Clone Script
-CVE-2018-6857
+CVE-2018-6857 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00. ...)
 	NOT-FOR-US: Sophos
-CVE-2018-6856
+CVE-2018-6856 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00. ...)
 	NOT-FOR-US: Sophos
-CVE-2018-6855
+CVE-2018-6855 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00. ...)
 	NOT-FOR-US: Sophos
-CVE-2018-6854
+CVE-2018-6854 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00. ...)
 	NOT-FOR-US: Sophos
-CVE-2018-6853
+CVE-2018-6853 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00. ...)
 	NOT-FOR-US: Sophos
-CVE-2018-6852
+CVE-2018-6852 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00. ...)
 	NOT-FOR-US: Sophos
-CVE-2018-6851
+CVE-2018-6851 (Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00. ...)
 	NOT-FOR-US: Sophos
 CVE-2018-6850
 	RESERVED
-CVE-2018-6849
+CVE-2018-6849 (In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site ...)
 	NOT-FOR-US: DuckDuckGo
 CVE-2018-6848
 	RESERVED
 CVE-2018-6847
 	RESERVED
-CVE-2018-6846
+CVE-2018-6846 (Z-BlogPHP 1.5.1 allows remote attackers to discover the full path via  ...)
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-6845
+CVE-2018-6845 (PHP Scripts Mall Multi Language Olx Clone Script 2.0.6 has XSS via the ...)
 	NOT-FOR-US: PHP Scripts Mall Multi Language Olx Clone Script
-CVE-2018-6844
+CVE-2018-6844 (MyBB 1.8.14 has XSS via the Title or Description field on the Edit For ...)
 	NOT-FOR-US: MyBB
-CVE-2018-6843
+CVE-2018-6843 (Kentico 10 before 10.0.50 and 11 before 11.0.3 has SQL injection in th ...)
 	NOT-FOR-US: Kentico CMS
-CVE-2018-6842
+CVE-2018-6842 (Kentico 10 before 10.0.50 and 11 before 11.0.3 has XSS in which a craf ...)
 	NOT-FOR-US: Kentico CMS
 CVE-2018-6841
 	RESERVED
@@ -36702,24 +36702,24 @@ CVE-2018-6838
 	RESERVED
 CVE-2018-6837
 	RESERVED
-CVE-2018-6836
+CVE-2018-6836 (The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshar ...)
 	- wireshark <not-affected> (Vulnerable code introduced in v2.5.0)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14397
 	NOTE: Introduced by: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=52823805b29a44a83eacd0e5b415b11227ec313b
 	NOTE: Fixed by: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28960d79cca262ac6b974f339697b299a1e28fef
-CVE-2018-6835
+CVE-2018-6835 (node/hooks/express/apicalls.js in Etherpad Lite before v1.6.3 mishandl ...)
 	- etherpad-lite <itp> (bug #576998)
-CVE-2018-6834
+CVE-2018-6834 (static/js/pad_utils.js in Etherpad Lite before v1.6.3 has XSS via wind ...)
 	- etherpad-lite <itp> (bug #576998)
 CVE-2018-6833
 	RESERVED
-CVE-2018-6832
+CVE-2018-6832 (Stack-based buffer overflow in the getSWFlag function in Foscam Camera ...)
 	NOT-FOR-US: Foscam Cameras
-CVE-2018-6831
+CVE-2018-6831 (The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 wit ...)
 	NOT-FOR-US: Foscam Cameras
-CVE-2018-6830
+CVE-2018-6830 (Directory traversal vulnerability in Foscam Cameras C1 Lite V3, and C1 ...)
 	NOT-FOR-US: Foscam Cameras
-CVE-2018-6829
+CVE-2018-6829 (cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt mess ...)
 	- libgcrypt20 <unfixed> (unimportant)
 	- libgcrypt11 <removed> (unimportant)
 	- gnupg1 <unfixed> (unimportant)
@@ -36733,17 +36733,17 @@ CVE-2018-6829
 	NOTE: https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004401.html
 CVE-2018-6828
 	RESERVED
-CVE-2018-6827
+CVE-2018-6827 (VOBOT CLOCK before 0.99.30 devices do not verify X.509 certificates fr ...)
 	NOT-FOR-US: VOBOT CLOCK
-CVE-2018-6826
+CVE-2018-6826 (An issue was discovered on VOBOT CLOCK before 0.99.30 devices. Clearte ...)
 	NOT-FOR-US: VOBOT CLOCK
-CVE-2018-6825
+CVE-2018-6825 (An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH  ...)
 	NOT-FOR-US: VOBOT CLOCK
-CVE-2018-6824
+CVE-2018-6824 (Cozy version 2 has XSS allowing remote attackers to obtain administrat ...)
 	NOT-FOR-US: Cozy
-CVE-2018-6823
+CVE-2018-6823 (In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the com ...)
 	NOT-FOR-US: Mailbutler Shimo
-CVE-2018-6822
+CVE-2018-6822 (In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unpro ...)
 	NOT-FOR-US: PureVPN
 CVE-2018-6821
 	REJECTED
@@ -36765,17 +36765,17 @@ CVE-2018-6813
 	RESERVED
 CVE-2018-6812
 	RESERVED
-CVE-2018-6811
+CVE-2018-6811 (Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScale ...)
 	NOT-FOR-US: Citrix
-CVE-2018-6810
+CVE-2018-6810 (Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, a ...)
 	NOT-FOR-US: Citrix
-CVE-2018-6809
+CVE-2018-6809 (NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5,  ...)
 	NOT-FOR-US: Citrix
-CVE-2018-6808
+CVE-2018-6808 (NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5,  ...)
 	NOT-FOR-US: Citrix
 CVE-2018-6807
 	RESERVED
-CVE-2018-6806
+CVE-2018-6806 (Marked 2 through 2.5.11 allows remote attackers to read arbitrary file ...)
 	NOT-FOR-US: Marked 2
 CVE-2018-6805
 	RESERVED
@@ -36789,14 +36789,14 @@ CVE-2018-6801
 	RESERVED
 CVE-2018-6800
 	RESERVED
-CVE-2018-6799
+CVE-2018-6799 (The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagi ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1282-1}
 	- graphicsmagick 1.3.28-1
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/531/
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/532/
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b41e2efce6d3
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d30ed06e9b87
-CVE-2018-6798
+CVE-2018-6798 (An issue was discovered in Perl 5.22 through 5.26. Matching a crafted  ...)
 	- perl 5.26.1-6
 	[stretch] - perl 5.24.1-3+deb9u3
 	[jessie] - perl <not-affected> (Issue introduced later)
@@ -36806,7 +36806,7 @@ CVE-2018-6798
 	NOTE: maint-5.26: https://perl5.git.perl.org/perl.git/commitdiff/8b80ce67ff257aaa36e47eaf4194d27a51595524
 	NOTE: maint-5.24: https://perl5.git.perl.org/perl.git/commitdiff/0abf1e8d89aecd32dbdabda5da4d52a2d57a7cff
 	NOTE: maint-5.24: https://perl5.git.perl.org/perl.git/commitdiff/f65da1ca2eee74696d9c120e9d69af37b4fa1920
-CVE-2018-6797
+CVE-2018-6797 (An issue was discovered in Perl 5.18 through 5.26. A crafted regular e ...)
 	- perl 5.26.1-6
 	[stretch] - perl 5.24.1-3+deb9u3
 	[jessie] - perl <ignored> (Backport of fixes too intrusive and risky for regressions)
@@ -36814,11 +36814,11 @@ CVE-2018-6797
 	NOTE: https://rt.perl.org/Public/Bug/Display.html?id=132227
 	NOTE: maint-5.26: https://perl5.git.perl.org/perl.git/commitdiff/abe1e6c568b96bcb382dfa4f61c56d1ab001ea51
 	NOTE: maint-5.24: https://perl5.git.perl.org/perl.git/commitdiff/510cc261d965ccfa427900ebb368fc4d337442d2
-CVE-2018-6796
+CVE-2018-6796 (PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored X ...)
 	NOT-FOR-US: PHP Scripts Mall Multilanguage Real Estate MLM Script
-CVE-2018-6795
+CVE-2018-6795 (PHP Scripts Mall Naukri Clone Script 3.0.3 has Stored XSS via every pr ...)
 	NOT-FOR-US: PHP Scripts Mall Naukri Clone Script
-CVE-2018-6794
+CVE-2018-6794 (Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerabili ...)
 	{DLA-1603-1}
 	- suricata 1:4.0.4-1 (bug #889842)
 	[stretch] - suricata <no-dsa> (Minor issue)
@@ -36827,73 +36827,73 @@ CVE-2018-6794
 	NOTE: https://github.com/OISF/suricata/pull/3202/commits/e1ef57c848bbe4e567d5d4b66d346a742e3f77a1
 CVE-2018-6793
 	RESERVED
-CVE-2018-6792
+CVE-2018-6792 (Multiple SQL injection vulnerabilities in Saifor CVMS HUB 1.3.1 allow  ...)
 	NOT-FOR-US: Saifor CVMS HUB
-CVE-2018-6791
+CVE-2018-6791 (An issue was discovered in soliduiserver/deviceserviceaction.cpp in KD ...)
 	{DSA-4116-1}
 	- plasma-workspace 4:5.12.0-2
 	- kde-runtime <not-affected> (Performs correct escaping)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=389815
 	NOTE: https://commits.kde.org/plasma-workspace/f32002ce50edc3891f1fa41173132c820b917d57 (Plasma/5.12)
 	NOTE: https://commits.kde.org/plasma-workspace/9db872df82c258315c6ebad800af59e81ffb9212 (Plasma/5.8)
-CVE-2018-6790
+CVE-2018-6790 (An issue was discovered in KDE Plasma Workspace before 5.12.0. dataeng ...)
 	- plasma-workspace 4:5.12.0-2
 	[stretch] - plasma-workspace <ignored> (Minor issue, too intrusive to backport)
 	NOTE: https://phabricator.kde.org/D10188
 	NOTE: https://cgit.kde.org/plasma-workspace.git/commit/?id=5bc696b5abcdb460c1017592e80b2d7f6ed3107c
 	NOTE: https://cgit.kde.org/plasma-workspace.git/commit/?id=8164beac15ea34ec0d1564f0557fe3e742bdd938
-CVE-2018-6789
+CVE-2018-6789 (An issue was discovered in the base64d function in the SMTP listener i ...)
 	{DSA-4110-1 DLA-1274-1}
 	- exim4 4.90.1-1 (bug #890000)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/02/07/2
 	NOTE: https://exim.org/static/doc/security/CVE-2018-6789.txt
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=2235
 	NOTE: https://git.exim.org/exim.git/commit/062990cc1b2f9e5d82a413b53c8f0569075de700
-CVE-2018-6788
+CVE-2018-6788 (In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows lo ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6787
+CVE-2018-6787 (In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows lo ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6786
+CVE-2018-6786 (In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows lo ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6785
+CVE-2018-6785 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6784
+CVE-2018-6784 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6783
+CVE-2018-6783 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6782
+CVE-2018-6782 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6781
+CVE-2018-6781 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6780
+CVE-2018-6780 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6779
+CVE-2018-6779 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6778
+CVE-2018-6778 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6777
+CVE-2018-6777 (In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows lo ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6776
+CVE-2018-6776 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6775
+CVE-2018-6775 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6774
+CVE-2018-6774 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6773
+CVE-2018-6773 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6772
+CVE-2018-6772 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6771
+CVE-2018-6771 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6770
+CVE-2018-6770 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6769
+CVE-2018-6769 (In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6768
+CVE-2018-6768 (In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allow ...)
 	NOT-FOR-US: Jiangmin Antivirus
-CVE-2018-6766
+CVE-2018-6766 (Swisscom TVMediaHelper 1.1.0.50 contains a vulnerability that could al ...)
 	NOT-FOR-US: Swisscom TVMediaHelper
-CVE-2018-6765
+CVE-2018-6765 (Swisscom MySwisscomAssistant 2.17.1.1065 contains a vulnerability that ...)
 	NOT-FOR-US: Swisscom MySwisscomAssistant
 CVE-2018-6763
 	RESERVED
@@ -36903,32 +36903,32 @@ CVE-2018-6761
 	RESERVED
 CVE-2018-6760
 	RESERVED
-CVE-2018-6767
+CVE-2018-6767 (A stack-based buffer over-read in the ParseRiffHeaderConfig function o ...)
 	{DSA-4125-1}
 	- wavpack 5.1.0-3 (bug #889276)
 	[jessie] - wavpack <not-affected> (Vulnerable code introduced later in 4.80.0)
 	[wheezy] - wavpack <not-affected> (Vulnerable code introduced later in 4.80.0)
 	NOTE: https://github.com/dbry/WavPack/issues/27
 	NOTE: https://github.com/dbry/WavPack/commit/d5bf76b5a88d044a1be1d5656698e3ba737167e5
-CVE-2018-6764
+CVE-2018-6764 (util/virlog.c in libvirt does not properly determine the hostname on L ...)
 	- libvirt 4.0.0-2 (bug #889839)
 	[stretch] - libvirt 3.0.0-4+deb9u3
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced later in 1.3.1)
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced later in 1.3.1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1541444
 	NOTE: introduced-by https://libvirt.org/git/?p=libvirt.git;a=commit;h=759b4d1b0fe5f4d84d98b99153dfa7ac289dd167
-CVE-2018-6759
+CVE-2018-6759 (The bfd_get_debug_link_info_1 function in opncls.c in the Binary File  ...)
 	- binutils 2.30-3
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22794
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=64e234d417d5685a4aec0edc618114d9991c031b
-CVE-2018-6757
+CVE-2018-6757 (Privilege Escalation vulnerability in Microsoft Windows client in McAf ...)
 	NOT-FOR-US: McAfee True Key
-CVE-2018-6756
+CVE-2018-6756 (Authentication Abuse vulnerability in Microsoft Windows client in McAf ...)
 	NOT-FOR-US: McAfee True Key
-CVE-2018-6755
+CVE-2018-6755 (Weak Directory Permission Vulnerability in Microsoft Windows client in ...)
 	NOT-FOR-US: McAfee True Key
 CVE-2018-6754
 	RESERVED
@@ -37024,21 +37024,21 @@ CVE-2018-6709
 	RESERVED
 CVE-2018-6708
 	RESERVED
-CVE-2018-6707
+CVE-2018-6707 (Denial of Service through Resource Depletion vulnerability in the agen ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6706
+CVE-2018-6706 (Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6705
+CVE-2018-6705 (Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0. ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6704
+CVE-2018-6704 (Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0. ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6703
+CVE-2018-6703 (Use After Free in McAfee Common service in McAfee Agent (MA) 5.0.0 thr ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6702
 	RESERVED
 CVE-2018-6701
 	RESERVED
-CVE-2018-6700
+CVE-2018-6700 (DLL Search Order Hijacking vulnerability in Microsoft Windows Client i ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6699
 	RESERVED
@@ -37048,83 +37048,83 @@ CVE-2018-6697
 	RESERVED
 CVE-2018-6696
 	RESERVED
-CVE-2018-6695
+CVE-2018-6695 (SSH host keys generation vulnerability in the server in McAfee Threat  ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6694
 	RESERVED
-CVE-2018-6693
+CVE-2018-6693 (An unprivileged user can delete arbitrary files on a Linux system runn ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6692
+CVE-2018-6692 (Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin ...)
 	NOT-FOR-US: Belkin Wemo Insight Smart Plug
 CVE-2018-6691
 	RESERVED
-CVE-2018-6690
+CVE-2018-6690 (Accessing, modifying, or executing executable files vulnerability in M ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6689
+CVE-2018-6689 (Authentication Bypass vulnerability in McAfee Data Loss Prevention End ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6688
 	RESERVED
-CVE-2018-6687
+CVE-2018-6687 (Loop with Unreachable Exit Condition ('Infinite Loop') in McAfee GetSu ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6686
+CVE-2018-6686 (Authentication Bypass vulnerability in TPM autoboot in McAfee Drive En ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6685
 	RESERVED
 CVE-2018-6684
 	RESERVED
-CVE-2018-6683
+CVE-2018-6683 (Exploiting Incorrectly Configured Access Control Security Levels vulne ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6682
+CVE-2018-6682 (Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earl ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6681
+CVE-2018-6681 (Abuse of Functionality vulnerability in the web interface in McAfee Ne ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6680
 	RESERVED
 CVE-2018-6679
 	RESERVED
-CVE-2018-6678
+CVE-2018-6678 (Configuration/Environment manipulation vulnerability in the administra ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6677
+CVE-2018-6677 (Directory Traversal vulnerability in the administrative user interface ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6676
 	RESERVED
 CVE-2018-6675
 	RESERVED
-CVE-2018-6674
+CVE-2018-6674 (Privilege Escalation vulnerability in Microsoft Windows client in McAf ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6673
 	RESERVED
-CVE-2018-6672
+CVE-2018-6672 (Information disclosure vulnerability in McAfee ePolicy Orchestrator (e ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6671
+CVE-2018-6671 (Application Protection Bypass vulnerability in McAfee ePolicy Orchestr ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6670
+CVE-2018-6670 (External Entity Attack vulnerability in the ePO extension in McAfee Co ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6669
+CVE-2018-6669 (A whitelist bypass vulnerability in McAfee Application Control / Chang ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6668
+CVE-2018-6668 (A whitelist bypass vulnerability in McAfee Application Control / Chang ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6667
+CVE-2018-6667 (Authentication Bypass vulnerability in the administrative user interfa ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6666
 	RESERVED
 CVE-2018-6665
 	RESERVED
-CVE-2018-6664
+CVE-2018-6664 (Application Protections Bypass vulnerability in Microsoft Windows in M ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6663
 	RESERVED
-CVE-2018-6662
+CVE-2018-6662 (Privilege Escalation vulnerability in McAfee Management of Native Encr ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6661
+CVE-2018-6661 (DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee T ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6660
+CVE-2018-6660 (Directory Traversal vulnerability in McAfee ePolicy Orchestrator (ePO) ...)
 	NOT-FOR-US: McAfee
-CVE-2018-6659
+CVE-2018-6659 (Reflected Cross-Site Scripting vulnerability in McAfee ePolicy Orchest ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6658
 	RESERVED
-CVE-2018-6758
+CVE-2018-6758 (The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through  ...)
 	{DLA-1275-1}
 	- uwsgi 2.0.15-10.2 (bug #889753)
 	[stretch] - uwsgi 2.0.14+20161117-3+deb9u1
@@ -37133,17 +37133,17 @@ CVE-2018-6758
 	NOTE: https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe
 CVE-2018-6657
 	RESERVED
-CVE-2018-6656
+CVE-2018-6656 (Z-BlogPHP 1.5.1 has CSRF via zb_users/plugin/AppCentre/app_del.php, as ...)
 	NOT-FOR-US: Z-BlogPHP
-CVE-2018-6655
+CVE-2018-6655 (PHP Scripts Mall Doctor Search Script 1.0.2 has Stored XSS via an arbi ...)
 	NOT-FOR-US: PHP Scripts Mall Doctor Search Script
-CVE-2018-6654
+CVE-2018-6654 (The Grammarly extension before 2018-02-02 for Chrome allows remote att ...)
 	NOT-FOR-US: Grammarly extension for Chrome
-CVE-2018-6653
+CVE-2018-6653 (comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in  ...)
 	NOT-FOR-US: comforte SWAP
 CVE-2018-6652
 	RESERVED
-CVE-2018-6651
+CVE-2018-6651 (In the uncurl_ws_accept function in uncurl.c in uncurl before 0.07, as ...)
 	NOT-FOR-US: uncurl
 CVE-2018-6650
 	RESERVED
@@ -37157,100 +37157,100 @@ CVE-2018-6646
 	RESERVED
 CVE-2018-6645
 	RESERVED
-CVE-2018-6644
+CVE-2018-6644 (SBLIM Small Footprint CIM Broker (SFCB) 1.4.9 has a null pointer (DoS) ...)
 	- sblim-sfcb <itp> (bug #754493)
-CVE-2018-6643
+CVE-2018-6643 (Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/ ...)
 	NOT-FOR-US: Infoblox NetMRI
 CVE-2018-6642
 	RESERVED
-CVE-2018-6641
+CVE-2018-6641 (An Arbitrary Free (Remote Code Execution) issue was discovered in Desi ...)
 	NOT-FOR-US: Design Science MathType
-CVE-2018-6640
+CVE-2018-6640 (A Heap Overflow (Remote Code Execution) issue was discovered in Design ...)
 	NOT-FOR-US: Design Science MathType
-CVE-2018-6639
+CVE-2018-6639 (An out-of-bounds write (Remote Code Execution) issue was discovered in ...)
 	NOT-FOR-US: Design Science MathType
-CVE-2018-6638
+CVE-2018-6638 (A stack-based buffer overflow (Remote Code Execution) issue was discov ...)
 	NOT-FOR-US: Design Science MathType
 CVE-2018-6637
 	RESERVED
 CVE-2018-6636
 	RESERVED
-CVE-2018-6635
+CVE-2018-6635 (System Manager in Avaya Aura before 7.1.2 does not properly use SSL in ...)
 	NOT-FOR-US: System Manager in Avaya Aura
 CVE-2018-6634
 	RESERVED
-CVE-2018-6633
+CVE-2018-6633 (In Micropoint proactive defense software 2.0.20266.0146, the driver fi ...)
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6632
+CVE-2018-6632 (In Micropoint proactive defense software 2.0.20266.0146, the driver fi ...)
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6631
+CVE-2018-6631 (In Micropoint proactive defense software 2.0.20266.0146, the driver fi ...)
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6630
+CVE-2018-6630 (In Micropoint proactive defense software 2.0.20266.0146, the driver fi ...)
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6629
+CVE-2018-6629 (In Micropoint proactive defense software 2.0.20266.0146, the driver fi ...)
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6628
+CVE-2018-6628 (In Micropoint proactive defense software 2.0.20266.0146, the driver fi ...)
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6627
+CVE-2018-6627 (In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS ...)
 	NOT-FOR-US: WatchDog Anti-Malware
-CVE-2018-6626
+CVE-2018-6626 (In Micropoint proactive defense software 2.0.20266.0146, the driver fi ...)
 	NOT-FOR-US: Micropoint proactive defense software
-CVE-2018-6625
+CVE-2018-6625 (In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS ...)
 	NOT-FOR-US: WatchDog Anti-Malware
-CVE-2018-6624
+CVE-2018-6624 (OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass auth ...)
 	NOT-FOR-US: OMRON NS devices
-CVE-2018-6623
+CVE-2018-6623 (An issue was discovered in Hola 1.79.859. An unprivileged user could m ...)
 	NOT-FOR-US: Hola
-CVE-2018-1000058
+CVE-2018-1000058 (Jenkins Pipeline: Supporting APIs Plugin 2.17 and earlier have an arbi ...)
 	NOT-FOR-US: jenkins-plugin-workflow-support
-CVE-2018-1000057
+CVE-2018-1000057 (Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it ...)
 	NOT-FOR-US: jenkins-plugin-credentials-binding
-CVE-2018-1000056
+CVE-2018-1000056 (Jenkins JUnit Plugin 1.23 and earlier processes XML external entities  ...)
 	NOT-FOR-US: jenkins-plugin-junit
-CVE-2018-1000055
+CVE-2018-1000055 (Jenkins Android Lint Plugin 2.5 and earlier processes XML external ent ...)
 	NOT-FOR-US: Jenkins Android Lint Plugin
-CVE-2018-1000054
+CVE-2018-1000054 (Jenkins CCM Plugin 3.1 and earlier processes XML external entities in  ...)
 	NOT-FOR-US: Jenkins CCM Plugin
-CVE-2018-1000053
+CVE-2018-1000053 (LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request For ...)
 	- limesurvey <itp> (bug #472802)
-CVE-2018-1000052
+CVE-2018-1000052 (fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890a ...)
 	- fmtlib 5.2.1+ds-1 (unimportant; bug #890033)
 	NOTE: https://github.com/fmtlib/fmt/issues/642
 	NOTE: https://github.com/fmtlib/fmt/commit/8cf30aa2be256eba07bb1cefb998c52326e846e7
 	NOTE: This looks bogus, how would that come from untrusted input
-CVE-2018-1000051
+CVE-2018-1000051 (Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability i ...)
 	{DSA-4152-1}
 	- mupdf 1.12.0+ds1-1 (bug #891245)
 	[wheezy] - mupdf <not-affected> (Vulnerable code not present, introduced in version 1.3)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698825
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698873
 	NOTE: Fixed by: http://www.ghostscript.com/cgi-bin/findgit.cgi?321ba1de287016b0036bf4a56ce774ad11763384
-CVE-2018-1000050
+CVE-2018-1000050 (Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Ove ...)
 	NOT-FOR-US: Sean Barrett stb_vorbis
-CVE-2018-1000049
+CVE-2018-1000049 (Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote ...)
 	NOT-FOR-US: nanopool Claymore Dual Miner
-CVE-2018-1000048
+CVE-2018-1000048 (NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerabilit ...)
 	NOT-FOR-US: NASA RtRetrievalFramework
-CVE-2018-1000047
+CVE-2018-1000047 (NASA Kodiak version v1.0 contains a CWE-502 vulnerability in Kodiak li ...)
 	NOT-FOR-US: NASA Kodiak
-CVE-2018-1000046
+CVE-2018-1000046 (NASA Pyblock version v1.0 - v1.3 contains a CWE-502 vulnerability in R ...)
 	NOT-FOR-US: NASA Pyblock
-CVE-2018-1000045
+CVE-2018-1000045 (NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA S ...)
 	NOT-FOR-US: NASA Singledop
-CVE-2018-1000044
+CVE-2018-1000044 (Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a ...)
 	NOT-FOR-US: Security Onion Solutions Squert
-CVE-2018-1000043
+CVE-2018-1000043 (Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a ...)
 	NOT-FOR-US: Security Onion Solutions Squert
-CVE-2018-1000042
+CVE-2018-1000042 (Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a ...)
 	NOT-FOR-US: Security Onion Solutions Squert
-CVE-2018-1000041
+CVE-2018-1000041 (GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd52 ...)
 	{DLA-1278-1}
 	- librsvg <not-affected> (Specific to Windows)
 	NOTE: Merge of changes: https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea
 	NOTE: https://github.com/GNOME/librsvg/commit/4de19d9fdddf81773125b04a4defe1ffd0d3bfe0
-CVE-2018-6622
+CVE-2018-6622 (An issue was discovered that affects all producers of BIOS firmware wh ...)
 	NOT-FOR-US: Generic TPM issue
-CVE-2018-6621
+CVE-2018-6621 (The decode_frame function in libavcodec/utvideodec.c in FFmpeg through ...)
 	{DSA-4249-1 DLA-1630-1}
 	- ffmpeg 7:3.4.2-1 (low)
 	- libav <removed>
@@ -37258,13 +37258,13 @@ CVE-2018-6621
 	NOTE: Fixed in 3.2.11
 CVE-2018-6620
 	REJECTED
-CVE-2018-6619
+CVE-2018-6619 (Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attac ...)
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
-CVE-2018-6618
+CVE-2018-6618 (Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to obtai ...)
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
-CVE-2018-6617
+CVE-2018-6617 (Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL ...)
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
-CVE-2018-6616
+CVE-2018-6616 (In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_c ...)
 	{DSA-4405-1 DLA-1614-1}
 	- openjpeg2 2.3.0-2 (bug #889683)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1059
@@ -37275,29 +37275,29 @@ CVE-2018-6614
 	RESERVED
 CVE-2018-6613
 	RESERVED
-CVE-2018-6612
+CVE-2018-6612 (An integer underflow bug in the process_EXIF function of the exif.c fi ...)
 	- jhead 1:3.00-6 (unimportant; bug #889272)
 	NOTE: https://anonscm.debian.org/git/collab-maint/jhead.git/diff/debian/patches/0008-heap-buffer-overflow.patch?id=01f09ab772d0d341cdc1326490dd2aa5aa2a7784
 	NOTE: Crash in CLI tool, no security impact
-CVE-2018-6611
+CVE-2018-6611 (soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt be ...)
 	- libopenmpt 0.3.6-1 (bug #889545)
 	[stretch] - libopenmpt <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/OpenMPT/openmpt/commit/61fc6d3030a4d4283105cb5fb46b27b42fa5575e
-CVE-2018-6610
+CVE-2018-6610 (Information Leakage exists in the jLike 1.0 component for Joomla! via  ...)
 	NOT-FOR-US: jLike component for Joomla!
-CVE-2018-6609
+CVE-2018-6609 (SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via  ...)
 	NOT-FOR-US: JSP Tickets component for Joomla!
-CVE-2018-6608
+CVE-2018-6608 (In the WebRTC component in Opera 51.0.2830.55, after visiting a web si ...)
 	NOT-FOR-US: WebRTC component in Opera
 CVE-2018-6607
 	RESERVED
-CVE-2018-6606
+CVE-2018-6606 (An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper ...)
 	NOT-FOR-US: MalwareFox AntiMalware
-CVE-2018-6605
+CVE-2018-6605 (SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla!  ...)
 	NOT-FOR-US: Zh BaiduMap component for Joomla!
-CVE-2018-6604
+CVE-2018-6604 (SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! ...)
 	NOT-FOR-US: Zh YandexMap component for Joomla!
-CVE-2018-6603
+CVE-2018-6603 (Promise Technology WebPam Pro-E devices allow remote attackers to cond ...)
 	NOT-FOR-US: Promise Technology WebPam Pro-E devices
 CVE-2018-6602
 	RESERVED
@@ -37305,20 +37305,20 @@ CVE-2018-6601
 	RESERVED
 CVE-2018-6600
 	RESERVED
-CVE-2018-6599
+CVE-2018-6599 (An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G4 ...)
 	NOT-FOR-US: Orbic
-CVE-2018-6598
+CVE-2018-6598 (An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G4 ...)
 	NOT-FOR-US: Orbic
-CVE-2018-6597
+CVE-2018-6597 (The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US ...)
 	NOT-FOR-US: Alcatel A30 device
-CVE-2018-6596
+CVE-2018-6596 (webhooks/base.py in Anymail (aka django-anymail) before 1.2.1 is prone ...)
 	{DSA-4107-1}
 	- django-anymail 1.3-1 (bug #889450)
 	NOTE: https://github.com/anymail/django-anymail/commit/db586ede1fbb41dce21310ea28ae15a1cf1286c5 (v1.3)
 	NOTE: https://github.com/anymail/django-anymail/commit/c07998304b4a31df4c61deddcb03d3607a04691b (v1.2.x-branch)
 CVE-2018-6595
 	RESERVED
-CVE-2018-6594
+CVE-2018-6594 (lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates we ...)
 	- pycryptodome 3.4.11-1 (bug #889998)
 	- python-crypto 2.6.1-9 (bug #889999)
 	[stretch] - python-crypto <no-dsa> (Minor issue)
@@ -37331,23 +37331,23 @@ CVE-2018-6594
 	NOTE: See further discussion as per https://github.com/Legrandin/pycryptodome/issues/90#issuecomment-362783537
 	NOTE: Upstream feels that this is not a vulnerability in pycryptodome/python-crypto,
 	NOTE: but in an application using it in an insecure manner.
-CVE-2018-6593
+CVE-2018-6593 (An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper ...)
 	NOT-FOR-US: MalwareFox AntiMalware
-CVE-2018-6592
+CVE-2018-6592 (Unisys Stealth 3.3 Windows endpoints before 3.3.016.1 allow local user ...)
 	NOT-FOR-US: Unisys Stealth Windows endpoints
-CVE-2018-6591
+CVE-2018-6591 (Converse.js and Inverse.js through 3.3 allow remote attackers to obtai ...)
 	NOT-FOR-US: Converse.js
-CVE-2018-6590
+CVE-2018-6590 (CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an un ...)
 	NOT-FOR-US: CA API Developer Portal
-CVE-2018-6589
+CVE-2018-6589 (CA Spectrum 10.1 prior to 10.01.02.PTF_10.1.239 and 10.2.x prior to 10 ...)
 	NOT-FOR-US: CA Spectrum
-CVE-2018-6588
+CVE-2018-6588 (CA API Developer Portal 3.5 up to and including 3.5 CR5 has a reflecte ...)
 	NOT-FOR-US: CA API Developer Portal
-CVE-2018-6587
+CVE-2018-6587 (CA API Developer Portal 3.5 up to and including 3.5 CR6 has a reflecte ...)
 	NOT-FOR-US: CA API Developer Portal
-CVE-2018-6586
+CVE-2018-6586 (CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored c ...)
 	NOT-FOR-US: CA API Developer Portal
-CVE-2018-1000040
+CVE-2018-1000040 (In MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs  ...)
 	{DSA-4334-1}
 	- mupdf 1.13.0+ds1-1
 	[jessie] - mupdf <not-affected> (vulnerable code not present)
@@ -37358,7 +37358,7 @@ CVE-2018-1000040
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=83d4dae44c71816c084a635550acc1a51529b881;hp=f597300439e62f5e921f0d7b1e880b5c1a1f1607
-CVE-2018-1000039
+CVE-2018-1000039 (In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the  ...)
 	- mupdf 1.13.0+ds1-1
 	[jessie] - mupdf <not-affected> (vulnerable code not present)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
@@ -37369,14 +37369,14 @@ CVE-2018-1000039
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=4dcc6affe04368461310a21238f7e1871a752a05;hp=8ec561d1bccc46e9db40a9f61310cd8b3763914e
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=71ceebcf56e682504da22c4035b39a2d451e8ffd;hp=7f82c01523505052615492f8e220f4348ba46995
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=f597300439e62f5e921f0d7b1e880b5c1a1f1607;hp=093fc3b098dc5fadef5d8ad4b225db9fb124758b
-CVE-2018-1000038
+CVE-2018-1000038 (In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_l ...)
 	- mupdf 1.13.0+ds1-1
 	[jessie] - mupdf <not-affected> (vulnerable code not present)
 	[wheezy] - mupdf <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=71ceebcf56e682504da22c4035b39a2d451e8ffd;hp=7f82c01523505052615492f8e220f4348ba46995
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=f597300439e62f5e921f0d7b1e880b5c1a1f1607;hp=093fc3b098dc5fadef5d8ad4b225db9fb124758b
-CVE-2018-1000037
+CVE-2018-1000037 (In MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF  ...)
 	{DSA-4334-1}
 	- mupdf 1.13.0+ds1-1
 	[jessie] - mupdf <not-affected> (vulnerable code not present)
@@ -37389,54 +37389,54 @@ CVE-2018-1000037
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=71ceebcf56e682504da22c4035b39a2d451e8ffd;hp=7f82c01523505052615492f8e220f4348ba46995
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=8a3257b01faa899dd9b5e35c6bb3403cd709c371;hp=de39f005f12a1afc6973c1f5cec362d6545f70cb
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=b2e7d38e845c7d4922d05e6e41f3a2dc1bc1b14a;hp=f51836b9732c38d945b87fda0770009a77ba680c
-CVE-2018-1000036
+CVE-2018-1000036 (In MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser a ...)
 	- mupdf 1.14.0+ds1-1 (unimportant; bug #900129)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5502
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699695
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=985fdcfc117a3bd4bc097cdcae8347b3787fbab2
 	NOTE: negligible security impact, memory leak in CLI tool
-CVE-2018-1000035
+CVE-2018-1000035 (A heap-based buffer overflow exists in Info-Zip UnZip version &lt;= 6. ...)
 	- unzip 6.0-22 (bug #889838)
 	[stretch] - unzip <no-dsa> (Harmless crash, builds with fortified source)
 	[jessie] - unzip <no-dsa> (Harmless crash, builds with fortified source)
 	[wheezy] - unzip <no-dsa> (Harmless crash, builds with fortified source)
 	NOTE: https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
 	NOTE: Patch used in openSUSE:Factory/unzip: https://bugzilla.novell.com/attachment.cgi?id=759406
-CVE-2018-1000034
+CVE-2018-1000034 (An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that al ...)
 	- unzip <not-affected> (Only affects 6.1c22)
 	NOTE: https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
-CVE-2018-1000033
+CVE-2018-1000033 (An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that al ...)
 	- unzip <not-affected> (Only affects 6.1c22)
 	NOTE: https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
-CVE-2018-1000032
+CVE-2018-1000032 (A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22  ...)
 	- unzip <not-affected> (Only affects 6.1c22)
 	NOTE: https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
-CVE-2018-1000031
+CVE-2018-1000031 (A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22  ...)
 	- unzip <not-affected> (Only affects 6.1c22)
 	NOTE: https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
-CVE-2018-6585
+CVE-2018-6585 (SQL Injection exists in the JTicketing 2.0.16 component for Joomla! vi ...)
 	NOT-FOR-US: JTicketing component for Joomla!
-CVE-2018-6584
+CVE-2018-6584 (SQL Injection exists in the DT Register 3.2.7 component for Joomla! vi ...)
 	NOT-FOR-US: DT Register component for Joomla!
-CVE-2018-6583
+CVE-2018-6583 (SQL Injection exists in the Timetable Responsive Schedule 1.5 componen ...)
 	NOT-FOR-US: Timetable Responsive Schedule component for Joomla!
-CVE-2018-6582
+CVE-2018-6582 (SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla! ...)
 	NOT-FOR-US: Zh GoogleMap component for Joomla!
-CVE-2018-6581
+CVE-2018-6581 (SQL Injection exists in the JMS Music 1.1.1 component for Joomla! via  ...)
 	NOT-FOR-US: JMS Music component for Joomla!
-CVE-2018-6580
+CVE-2018-6580 (Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component  ...)
 	NOT-FOR-US: Jimtawl component for Joomla!
-CVE-2018-6579
+CVE-2018-6579 (SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for  ...)
 	NOT-FOR-US: JEXTN Reverse Auction component for Joomla!
-CVE-2018-6578
+CVE-2018-6578 (SQL Injection exists in the JE PayperVideo 3.0.0 component for Joomla! ...)
 	NOT-FOR-US: JE PayperVideo component for Joomla!
-CVE-2018-6577
+CVE-2018-6577 (SQL Injection exists in the JEXTN Membership 3.1.0 component for Jooml ...)
 	NOT-FOR-US: JEXTN Membership component for Joomla!
-CVE-2018-6576
+CVE-2018-6576 (SQL Injection exists in Event Manager 1.0 via the event.php id paramet ...)
 	NOT-FOR-US: Event Manager
-CVE-2018-6575
+CVE-2018-6575 (SQL Injection exists in the JEXTN Classified 1.0.0 component for Jooml ...)
 	NOT-FOR-US: JEXTN Membership component for Joomla!
-CVE-2018-6574
+CVE-2018-6574 (Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases befor ...)
 	{DSA-4380-1}
 	- golang-1.10 1.10~rc2-1
 	- golang-1.9 1.9.4-1
@@ -37457,7 +37457,7 @@ CVE-2018-6571
 	RESERVED
 CVE-2018-6570
 	RESERVED
-CVE-2018-6569
+CVE-2018-6569 (West Wind Web Server 6.x does not require authentication for /ADMIN.AS ...)
 	NOT-FOR-US: West Wind Web Server
 CVE-2018-6568
 	RESERVED
@@ -37469,52 +37469,52 @@ CVE-2018-6565
 	RESERVED
 CVE-2018-6564
 	RESERVED
-CVE-2018-6563
+CVE-2018-6563 (Multiple cross-site request forgery (CSRF) vulnerabilities in totemoma ...)
 	NOT-FOR-US: totemomail Encryption Gateway
-CVE-2018-6562
+CVE-2018-6562 (totemomail Encryption Gateway before 6.0_b567 allows remote attackers  ...)
 	NOT-FOR-US: totemomail Encryption Gateway
-CVE-2018-6561
+CVE-2018-6561 (dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute  ...)
 	- dojo 1.13.0+dfsg1-1 (bug #898944)
 	[jessie] - dojo <ignored> (Minor issue)
 	[wheezy] - dojo <no-dsa> (Minor issue)
 	NOTE: https://github.com/imsebao/404team/blob/master/dijit_editor_xss.md
-CVE-2018-6560
+CVE-2018-6560 (In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0 ...)
 	- flatpak 0.10.3-1 (bug #888842)
 	[stretch] - flatpak 0.8.9-0+deb9u1
 	NOTE: https://github.com/flatpak/flatpak/commit/52346bf187b5a7f1c0fe9075b328b7ad6abe78f6
-CVE-2018-6559
+CVE-2018-6559 (The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows ...)
 	- linux <not-affected> (Ubuntu-specific issue)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1793458
-CVE-2018-6558
+CVE-2018-6558 (The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore ...)
 	- fscrypt 0.2.4-1 (bug #907074)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/fscrypt/+bug/1787548
 	NOTE: https://github.com/google/fscrypt/issues/77
 	NOTE: https://github.com/google/fscrypt/pull/103
-CVE-2018-6557
+CVE-2018-6557 (The MOTD update script in the base-files package in Ubuntu 18.04 LTS b ...)
 	- base-files <not-affected> (Ubuntu specific motd update code; vulnerable code not present)
-CVE-2018-6556
+CVE-2018-6556 (lxc-user-nic when asked to delete a network interface will uncondition ...)
 	- lxc 1:2.0.9-6.1 (bug #905586)
 	[stretch] - lxc <not-affected> (Vulnerable code introduced later)
 	[jessie] - lxc <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591
 	NOTE: Prerequisite: https://github.com/lxc/lxc/commit/f96f5f3c1341e73ee51c8b49bef4ba571c562d8c
 	NOTE: Fixed by: https://github.com/lxc/lxc/commit/5eb45428b312e978fb9e294dde16efb14dd9fa4d
-CVE-2018-6555
+CVE-2018-6555 (The irda_setsockopt function in net/irda/af_irda.c and later in driver ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.3-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/09/04/2
-CVE-2018-6554
+CVE-2018-6554 (Memory leak in the irda_bind function in net/irda/af_irda.c and later  ...)
 	{DSA-4308-1 DLA-1715-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.17.3-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/09/04/2
-CVE-2018-6553
+CVE-2018-6553 (The CUPS AppArmor profile incorrectly confined the dnssd backend due t ...)
 	{DSA-4243-1 DLA-1426-1}
 	- cups 2.2.8-5 (bug #903605)
-CVE-2018-6552
+CVE-2018-6552 (Apport does not properly handle crashes originating from a PID namespa ...)
 	[experimental] - apport <unfixed>
 	NOTE: apport only in experimental, so we cannot track this in security-tracker
 	NOTE: add it, to have an explicit reference for apport if it ever enters unstable
-CVE-2018-6551
+CVE-2018-6551 (The malloc implementation in the GNU C Library (aka glibc or libc6), f ...)
 	[experimental] - glibc 2.26.9000+20180127.7e23a7dd-0experimental0
 	- glibc 2.27-1
 	[stretch] - glibc <no-dsa> (Minor issue)
@@ -37522,22 +37522,22 @@ CVE-2018-6551
 	- eglibc <not-affected> (Issue introduced in 2.24 for powerpc, 2.26 only for i386)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22774
 	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=8e448310d74b283c5cd02b9ed7fb997b47bf9b22
-CVE-2018-6550
+CVE-2018-6550 (Monstra CMS through 3.0.4 has XSS in the title function in plugins/box ...)
 	NOT-FOR-US: Monstra CMS
 CVE-2018-6549
 	RESERVED
-CVE-2018-6548
+CVE-2018-6548 (A use-after-free issue was discovered in libwebm through 2018-02-02. I ...)
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: Chromium is built with support for VP9 disabled in Debian
 	NOTE: https://bugs.chromium.org/p/webm/issues/detail?id=1493
 	NOTE: https://github.com/dwfault/PoCs/blob/master/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info.md
-CVE-2018-6547
+CVE-2018-6547 (plays_service.exe in the plays.tv service before 1.27.7.0, as distribu ...)
 	NOT-FOR-US: plays_service.exe in the plays.tv service
-CVE-2018-6546
+CVE-2018-6546 (plays_service.exe in the plays.tv service before 1.27.7.0, as distribu ...)
 	NOT-FOR-US: plays_service.exe in the plays.tv service
-CVE-2018-6545
+CVE-2018-6545 (Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting (X ...)
 	NOT-FOR-US: Ipswitch MoveIt
-CVE-2018-6544
+CVE-2018-6544 (pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could refer ...)
 	{DSA-4152-1}
 	- mupdf 1.12.0+ds1-1 (bug #891245)
 	[wheezy] - mupdf <ignored> (Most likely not affected, minor issue)
@@ -37547,26 +37547,26 @@ CVE-2018-6544
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698830
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698965
 	NOTE: https://lists.debian.org/debian-lts/2018/03/msg00043.html
-CVE-2018-6543
+CVE-2018-6543 (In GNU Binutils 2.30, there's an integer overflow in the function load ...)
 	- binutils 2.30-3
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22769
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f2023ce7e8d70b0155cc6206c901e185260918f0
-CVE-2018-6542
+CVE-2018-6542 (In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trail ...)
 	- zziplib <unfixed> (unimportant)
 	NOTE: https://github.com/gdraheim/zziplib/issues/17
 	NOTE: https://github.com/gdraheim/zziplib/commit/931f962ddfec0e00d6f486df2c56d9857b55944e (v0.13.68)
 	NOTE: Negligible impact and unzzipcat utility not installed into binary packages
-CVE-2018-6541
+CVE-2018-6541 (In ZZIPlib 0.13.67, there is a bus error caused by loading of a misali ...)
 	- zziplib 0.13.62-3.2 (bug #889089)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
 	[wheezy] - zziplib <ignored> (Minor issue)
 	NOTE: https://github.com/gdraheim/zziplib/issues/16
 	NOTE: https://github.com/gdraheim/zziplib/commit/0c0c9256b0903f664bca25dd8d924211f81e01d3 (v0.13.68)
-CVE-2018-6540
+CVE-2018-6540 (In ZZIPlib 0.13.67, there is a bus error caused by loading of a misali ...)
 	- zziplib 0.13.62-3.2 (bug #923659)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
@@ -37577,27 +37577,27 @@ CVE-2018-6539
 	RESERVED
 CVE-2018-6538
 	REJECTED
-CVE-2018-6537
+CVE-2018-6537 (A buffer overflow vulnerability in the control protocol of Flexense Sy ...)
 	NOT-FOR-US: Flexense SyncBreeze Enterprise
-CVE-2018-6536
+CVE-2018-6536 (An issue was discovered in Icinga 2.x through 2.8.1. The daemon create ...)
 	- icinga2 2.8.4-1
 	[stretch] - icinga2 <no-dsa> (Minor issue)
 	[jessie] - icinga2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Icinga/icinga2/issues/5991
-CVE-2018-6535
+CVE-2018-6535 (An issue was discovered in Icinga 2.x through 2.8.1. The lack of a con ...)
 	- icinga2 2.8.4-1 (low; bug #897301)
 	[stretch] - icinga2 <no-dsa> (Minor issue)
 	[jessie] - icinga2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Icinga/icinga2/issues/4920
 	NOTE: https://github.com/Icinga/icinga2/pull/5715
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/22/3
-CVE-2018-6534
+CVE-2018-6534 (An issue was discovered in Icinga 2.x through 2.8.1. By sending specia ...)
 	- icinga2 2.8.4-1 (low; bug #897301)
 	[stretch] - icinga2 <no-dsa> (Minor issue)
 	[jessie] - icinga2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Icinga/icinga2/pull/6104
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/22/3
-CVE-2018-6533
+CVE-2018-6533 (An issue was discovered in Icinga 2.x through 2.8.1. By editing the in ...)
 	- icinga2 2.8.4-1 (low; bug #897301)
 	[stretch] - icinga2 <no-dsa> (Minor issue)
 	[jessie] - icinga2 <no-dsa> (Minor issue)
@@ -37605,7 +37605,7 @@ CVE-2018-6533
 	NOTE: CVE is related to CVE-2017-16933 but for "the issue in using
 	NOTE: init.conf to support run-time reconfiguration of an account is
 	NOTE: design flaw". CVE-2018-6533 larger issue than CVE-2017-16933.
-CVE-2018-6532
+CVE-2018-6532 (An issue was discovered in Icinga 2.x through 2.8.1. By sending specia ...)
 	- icinga2 2.8.4-1 (low)
 	[stretch] - icinga2 <no-dsa> (Minor issue)
 	[jessie] - icinga2 <no-dsa> (Minor issue)
@@ -37613,37 +37613,37 @@ CVE-2018-6532
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/22/3
 CVE-2018-6531
 	RESERVED
-CVE-2018-6530
+CVE-2018-6530 (OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin ...)
 	NOT-FOR-US: D-Link
-CVE-2018-6529
+CVE-2018-6529 (XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR- ...)
 	NOT-FOR-US: D-Link
-CVE-2018-6528
+CVE-2018-6528 (XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR ...)
 	NOT-FOR-US: D-Link
-CVE-2018-6527
+CVE-2018-6527 (XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Lin ...)
 	NOT-FOR-US: D-Link
-CVE-2018-6526
+CVE-2018-6526 (view_all_bug_page.php in MantisBT 2.10.0-development before 2018-02-02 ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in wheezy LTS)
 	NOTE: https://mantisbt.org/bugs/view.php?id=23921
-CVE-2018-6525
+CVE-2018-6525 (In nProtect AVS V4.0 before 4.0.0.39, the driver file (TKFsAv.SYS) all ...)
 	NOT-FOR-US: nProtect AVS
-CVE-2018-6524
+CVE-2018-6524 (In nProtect AVS V4.0 before 4.0.0.39, the driver file (TKFsAv.SYS) all ...)
 	NOT-FOR-US: nProtect AVS
-CVE-2018-6523
+CVE-2018-6523 (In nProtect AVS V4.0 before 4.0.0.39, the driver file (TKFsAv.SYS) all ...)
 	NOT-FOR-US: nProtect AVS
-CVE-2018-6522
+CVE-2018-6522 (In nProtect AVS V4.0 before 4.0.0.39, the driver file (TKRgFtXp.SYS) a ...)
 	NOT-FOR-US: nProtect AVS
-CVE-2018-6521
+CVE-2018-6521 (The sqlauth module in SimpleSAMLphp before 1.15.2 relies on the MySQL  ...)
 	{DSA-4127-1 DLA-1273-1}
 	- simplesamlphp 1.15.2-1
 	NOTE: https://simplesamlphp.org/security/201801-03
-CVE-2018-6520
+CVE-2018-6520 (SimpleSAMLphp before 1.15.2 allows remote attackers to bypass an open  ...)
 	- simplesamlphp 1.15.2-1
 	[stretch] - simplesamlphp <no-dsa> (Minor issue)
 	[jessie] - simplesamlphp <no-dsa> (Minor issue)
 	[wheezy] - simplesamlphp <not-affected> (Vulnerable code introduced in 1.12)
 	NOTE: https://simplesamlphp.org/security/201801-02
-CVE-2018-6519
+CVE-2018-6519 (The SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before 3.1. ...)
 	{DSA-4127-1}
 	- simplesamlphp 1.15.2-1
 	[wheezy] - simplesamlphp <not-affected> (Vulnerable code not present)
@@ -37652,31 +37652,31 @@ CVE-2018-6519
 	NOTE: The issue lies in the simplesamlphp/saml2 part, which is
 	NOTE: updated in 1.15.2 to the respective fixed version.
 	NOTE: https://github.com/simplesamlphp/saml2/commit/726404bf7b4085a9eb9c9a869af1ecc146bd8f6d
-CVE-2018-6518
+CVE-2018-6518 (Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admi ...)
 	NOT-FOR-US: Composr CMS
-CVE-2018-6517
+CVE-2018-6517 (Prior to version 0.3.0, chloride's use of net-ssh resulted in host fin ...)
 	TODO: check
-CVE-2018-6516
+CVE-2018-6516 (On Windows only, with a specifically crafted configuration file an att ...)
 	- puppet <not-affected> (Specific issue Windows only)
-CVE-2018-6515
+CVE-2018-6515 (Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3. ...)
 	- puppet <not-affected> (Specific issue Windows only)
 	NOTE: https://puppet.com/security/cve/CVE-2018-6515
-CVE-2018-6514
+CVE-2018-6514 (In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5 ...)
 	- facter <not-affected> (Specific to Facter on Windows)
 	NOTE: https://puppet.com/security/cve/CVE-2018-6514
-CVE-2018-6513
+CVE-2018-6513 (Puppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise 2017. ...)
 	- puppet <not-affected> (Windows-specific)
 	NOTE: https://puppet.com/security/cve/CVE-2018-6513
-CVE-2018-6512
+CVE-2018-6512 (The previous version of Puppet Enterprise 2018.1 is vulnerable to unsa ...)
 	- puppet <not-affected> (Specific to Puppet Enterprise)
 	NOTE: https://puppet.com/security/cve/CVE-2018-6512
-CVE-2018-6511
+CVE-2018-6511 (A cross-site scripting vulnerability in Puppet Enterprise Console of P ...)
 	- puppet <not-affected> (Specific to Puppet Enterprise)
-CVE-2018-6510
+CVE-2018-6510 (A cross-site scripting vulnerability in Puppet Enterprise Console of P ...)
 	- puppet <not-affected> (Specific to Puppet Enterprise)
 CVE-2018-6509
 	RESERVED
-CVE-2018-6508
+CVE-2018-6508 (Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remot ...)
 	- puppet-module-puppetlabs-apt <unfixed> (unimportant)
 	- puppet-module-puppetlabs-apache <unfixed> (unimportant)
 	- puppet-module-puppetlabs-mysql <unfixed> (unimportant)
@@ -37690,49 +37690,49 @@ CVE-2018-6508
 	NOTE: This is only exploitable with Puppet Tasks, which aren't packaged/available in Debian
 CVE-2018-6507
 	RESERVED
-CVE-2018-6506
+CVE-2018-6506 (Cross-Site Scripting (XSS) exists in the Add Forum feature in the Admi ...)
 	NOT-FOR-US: miniBB
-CVE-2018-6505
+CVE-2018-6505 (A potential Unauthenticated File Download vulnerability has been ident ...)
 	NOT-FOR-US: ArcSight Management Center (ArcMC)
-CVE-2018-6504
+CVE-2018-6504 (A potential Cross-Site Request Forgery (CSRF) vulnerability has been i ...)
 	NOT-FOR-US: ArcSight Management Center (ArcMC)
-CVE-2018-6503
+CVE-2018-6503 (A potential Access Control vulnerability has been identified in ArcSig ...)
 	NOT-FOR-US: ArcSight Management Center (ArcMC)
-CVE-2018-6502
+CVE-2018-6502 (A potential Reflected Cross-Site Scripting (XSS) Security vulnerabilit ...)
 	NOT-FOR-US: ArcSight Management Center (ArcMC)
-CVE-2018-6501
+CVE-2018-6501 (Potential security vulnerability of Insufficient Access Controls has b ...)
 	NOT-FOR-US: ArcSight Management Center (ArcMC)
-CVE-2018-6500
+CVE-2018-6500 (A potential Directory Traversal Security vulnerability has been identi ...)
 	NOT-FOR-US: ArcSight Management Center (ArcMC)
-CVE-2018-6499
+CVE-2018-6499 (Remote Code Execution in the following products Hybrid Cloud Managemen ...)
 	NOT-FOR-US: Hybrid Cloud Management Containerized Suite
-CVE-2018-6498
+CVE-2018-6498 (Remote Code Execution in the following products Hybrid Cloud Managemen ...)
 	NOT-FOR-US: Hybrid Cloud Management Containerized Suite
-CVE-2018-6497
+CVE-2018-6497 (Remote Cross-site Request forgery (CSRF) potential has been identified ...)
 	NOT-FOR-US: UCMDB Server
-CVE-2018-6496
+CVE-2018-6496 (Remote Cross-site Request forgery (CSRF) potential has been identified ...)
 	NOT-FOR-US: UCMBD Browser
-CVE-2018-6495
+CVE-2018-6495 (Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.2 ...)
 	NOT-FOR-US: Micro Focus
-CVE-2018-6494
+CVE-2018-6494 (Remote SQL Injection against the HP Service Manager Software Web Tier, ...)
 	NOT-FOR-US: HP
-CVE-2018-6493
+CVE-2018-6493 (SQL Injection in HP Network Operations Management Ultimate, version 20 ...)
 	NOT-FOR-US: HP
-CVE-2018-6492
+CVE-2018-6492 (Persistent Cross-Site Scripting, and non-persistent HTML Injection in  ...)
 	NOT-FOR-US: HP
-CVE-2018-6491
+CVE-2018-6491 (Local Escalation of Privilege vulnerability to Micro Focus Universal C ...)
 	NOT-FOR-US: Micro Focus Universal CMDB
-CVE-2018-6490
+CVE-2018-6490 (Denial of Service vulnerability in Micro Focus Operations Orchestratio ...)
 	NOT-FOR-US: Micro Focus Operations Orchestration Software
-CVE-2018-6489
+CVE-2018-6489 (XML External Entity (XXE) vulnerability in Micro Focus Project and Por ...)
 	NOT-FOR-US: Micro Focus Project and Portfolio Management Center
-CVE-2018-6488
+CVE-2018-6488 (Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB,  ...)
 	NOT-FOR-US: Micro Focus Universal CMDB
-CVE-2018-6487
+CVE-2018-6487 (Remote Disclosure of Information in Micro Focus Universal CMDB Foundat ...)
 	NOT-FOR-US: Micro Focus Universal CMDB Foundation Software
-CVE-2018-6486
+CVE-2018-6486 (XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit W ...)
 	NOT-FOR-US: Micro Focus Fortify Audit Workbench
-CVE-2018-6485
+CVE-2018-6485 (An integer overflow in the implementation of the posix_memalign in mem ...)
 	[experimental] - glibc 2.26.9000+20180127.7e23a7dd-0experimental0
 	- glibc 2.27-1 (bug #878159)
 	[stretch] - glibc <no-dsa> (Minor issue)
@@ -37741,7 +37741,7 @@ CVE-2018-6485
 	[wheezy] - eglibc <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22343
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8e448310d74b283c5cd02b9ed7fb997b47bf9b22
-CVE-2018-6484
+CVE-2018-6484 (In ZZIPlib 0.13.67, there is a memory alignment error and bus error in ...)
 	- zziplib 0.13.62-3.2 (bug #889089)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
@@ -37752,57 +37752,57 @@ CVE-2018-6483
 	RESERVED
 CVE-2018-6482
 	RESERVED
-CVE-2018-6481
+CVE-2018-6481 (A buffer overflow vulnerability in the control protocol of Disk Savvy  ...)
 	NOT-FOR-US: Disk Savvy Enterprise
-CVE-2018-6480
+CVE-2018-6480 (A type confusion issue was discovered in CCN-lite 2, leading to a memo ...)
 	NOT-FOR-US: CCN-lite 2
-CVE-2018-6479
+CVE-2018-6479 (An issue was discovered on Netwave IP Camera devices. An unauthenticat ...)
 	NOT-FOR-US: Netwave IP Camera devices
 CVE-2018-6478
 	RESERVED
 CVE-2018-6477
 	RESERVED
-CVE-2018-6476
+CVE-2018-6476 (In SUPERAntiSpyware Professional Trial 6.0.1254, the SASKUTIL.SYS driv ...)
 	NOT-FOR-US: SUPERAntiSpyware Professional Trial
-CVE-2018-6475
+CVE-2018-6475 (In SUPERAntiSpyware Professional Trial 6.0.1254, SUPERAntiSpyware.exe  ...)
 	NOT-FOR-US: SUPERAntiSpyware Professional Trial
-CVE-2018-6474
+CVE-2018-6474 (In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASK ...)
 	NOT-FOR-US: SUPERAntiSpyware Professional Trial
-CVE-2018-6473
+CVE-2018-6473 (In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASK ...)
 	NOT-FOR-US: SUPERAntiSpyware Professional Trial
-CVE-2018-6472
+CVE-2018-6472 (In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASK ...)
 	NOT-FOR-US: SUPERAntiSpyware Professional Trial
-CVE-2018-6471
+CVE-2018-6471 (In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASK ...)
 	NOT-FOR-US: SUPERAntiSpyware Professional Trial
-CVE-2018-6470
+CVE-2018-6470 (Nibbleblog 4.0.5 on macOS defaults to having .DS_Store in each directo ...)
 	NOT-FOR-US: Nibbleblog on macOS
-CVE-2018-6469
+CVE-2018-6469 (A cross-site scripting (XSS) vulnerability in flickrRSS.php in the fli ...)
 	NOT-FOR-US: flickrRSS plugin for WordPress
-CVE-2018-6468
+CVE-2018-6468 (A cross-site scripting (XSS) vulnerability in flickrRSS.php in the fli ...)
 	NOT-FOR-US: flickrRSS plugin for WordPress
-CVE-2018-6467
+CVE-2018-6467 (The flickrRSS plugin 5.3.1 for WordPress has CSRF via wp-admin/options ...)
 	NOT-FOR-US: flickrRSS plugin for WordPress
-CVE-2018-6466
+CVE-2018-6466 (A cross-site scripting (XSS) vulnerability in flickrRSS.php in the fli ...)
 	NOT-FOR-US: flickrRSS plugin for WordPress
-CVE-2018-6465
+CVE-2018-6465 (The PropertyHive plugin before 1.4.15 for WordPress has XSS via the bo ...)
 	NOT-FOR-US: PropertyHive plugin for WordPress
-CVE-2018-6464
+CVE-2018-6464 (Simditor v2.3.11 allows XSS via crafted use of svg/onload=alert in a T ...)
 	NOT-FOR-US: Simditor
 CVE-2018-6463
 	RESERVED
-CVE-2018-6462
+CVE-2018-6462 (Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandl ...)
 	NOT-FOR-US: Tracker PDF-XChange Viewer and Viewer AX SDK
-CVE-2018-6461
+CVE-2018-6461 (March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R ...)
 	NOT-FOR-US: March Hare
-CVE-2018-6460
+CVE-2018-6460 (Hotspot Shield runs a webserver with a static IP address 127.0.0.1 and ...)
 	NOT-FOR-US: Hotspot Shield
-CVE-2018-6459
+CVE-2018-6459 (The rsa_pss_params_parse function in libstrongswan/credentials/keys/si ...)
 	- strongswan 5.6.2-1
 	[stretch] - strongswan <not-affected> (Vulnerable code introduced later)
 	[jessie] - strongswan <not-affected> (Vulnerable code introduced later)
 	[wheezy] - strongswan <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.strongswan.org/blog/2018/02/19/strongswan-vulnerability-(cve-2018-6459).html
-CVE-2018-6458
+CVE-2018-6458 (Easy Hosting Control Panel (EHCP) v0.37.12.b allows remote attackers t ...)
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
 CVE-2018-6457
 	RESERVED
@@ -37828,31 +37828,31 @@ CVE-2018-6447
 	RESERVED
 CVE-2018-6446
 	RESERVED
-CVE-2018-6445
+CVE-2018-6445 (A Vulnerability in Brocade Network Advisor versions before 14.0.3 coul ...)
 	NOT-FOR-US: Brocade
-CVE-2018-6444
+CVE-2018-6444 (A Vulnerability in Brocade Network Advisor versions before 14.1.0 coul ...)
 	NOT-FOR-US: Brocade
-CVE-2018-6443
+CVE-2018-6443 (A vulnerability in Brocade Network Advisor Versions before 14.3.1 coul ...)
 	NOT-FOR-US: Brocade
-CVE-2018-6442
+CVE-2018-6442 (A vulnerability in the Brocade Webtools firmware update section of Bro ...)
 	NOT-FOR-US: Brocade
-CVE-2018-6441
+CVE-2018-6441 (A vulnerability in Secure Shell implementation of Brocade Fabric OS ve ...)
 	NOT-FOR-US: Brocade
-CVE-2018-6440
+CVE-2018-6440 (A vulnerability in the proxy service of Brocade Fabric OS versions bef ...)
 	NOT-FOR-US: Brocade
-CVE-2018-6439
+CVE-2018-6439 (A Vulnerability in the configdownload command of Brocade Fabric OS com ...)
 	NOT-FOR-US: Brocade
-CVE-2018-6438
+CVE-2018-6438 (A Vulnerability in the supportsave command of Brocade Fabric OS comman ...)
 	NOT-FOR-US: Brocade
-CVE-2018-6437
+CVE-2018-6437 (A Vulnerability in the help command of Brocade Fabric OS command line  ...)
 	NOT-FOR-US: Brocade
-CVE-2018-6436
+CVE-2018-6436 (A Vulnerability in the firmwaredownload command of Brocade Fabric OS c ...)
 	NOT-FOR-US: Brocade
-CVE-2018-6435
+CVE-2018-6435 (A Vulnerability in the secryptocfg command of Brocade Fabric OS comman ...)
 	NOT-FOR-US: Brocade
-CVE-2018-6434
+CVE-2018-6434 (A vulnerability in the web management interface of Brocade Fabric OS v ...)
 	NOT-FOR-US: Brocade
-CVE-2018-6433
+CVE-2018-6433 (A vulnerability in the secryptocfg export command of Brocade Fabric OS ...)
 	NOT-FOR-US: Brocade
 CVE-2018-6432
 	RESERVED
@@ -37890,11 +37890,11 @@ CVE-2018-6416
 	RESERVED
 CVE-2018-6415
 	RESERVED
-CVE-2018-6414
+CVE-2018-6414 (A buffer overflow vulnerability in the web server of some Hikvision IP ...)
 	NOT-FOR-US: Hikvision IP Cameras
-CVE-2018-6413
+CVE-2018-6413 (There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4. ...)
 	NOT-FOR-US: Hikvision Camera DS-2CD9111-S
-CVE-2018-6412
+CVE-2018-6412 (In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c ...)
 	{DLA-1423-1}
 	- linux 4.16.5-1 (unimportant)
 	[stretch] - linux 4.9.107-1
@@ -37902,22 +37902,22 @@ CVE-2018-6412
 	[wheezy] - linux 3.2.102-1
 	NOTE: https://marc.info/?l=linux-fbdev&m=151734425901499&w=2
 	NOTE: The issue only affects SPARC systems.
-CVE-2018-6411
+CVE-2018-6411 (An issue was discovered in Appnitro MachForm before 4.2.3. When the fo ...)
 	NOT-FOR-US: Appnitro MachForm
-CVE-2018-6410
+CVE-2018-6410 (An issue was discovered in Appnitro MachForm before 4.2.3. There is a  ...)
 	NOT-FOR-US: Appnitro MachForm
-CVE-2018-6409
+CVE-2018-6409 (An issue was discovered in Appnitro MachForm before 4.2.3. The module  ...)
 	NOT-FOR-US: Appnitro MachForm
-CVE-2018-6408
+CVE-2018-6408 (An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devi ...)
 	NOT-FOR-US: CIPCAMPTIWL devices
-CVE-2018-6407
+CVE-2018-6407 (An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devi ...)
 	NOT-FOR-US: CIPCAMPTIWL devices
-CVE-2018-6406
+CVE-2018-6406 (The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libw ...)
 	- chromium-browser <unfixed> (unimportant)
 	NOTE: Chromium is built with support for VP9 disabled in Debian
 	NOTE: https://bugs.chromium.org/p/webm/issues/detail?id=1492
 	NOTE: https://github.com/dwfault/PoCs/blob/master/libwebm%20ParseVP9SuperFrameIndex%20memory%20corruption/libwebm%20ParseVP9SuperFrameIndex%20OOB%20read.md
-CVE-2018-6405
+CVE-2018-6405 (In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0 ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/964
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1fbed78912c830ccd82eecdb8a1db4882abb8276
@@ -37928,25 +37928,25 @@ CVE-2018-6403
 	RESERVED
 CVE-2018-6402
 	RESERVED
-CVE-2018-6401
+CVE-2018-6401 (Meross MSS110 devices before 1.1.24 contain a TELNET listener providin ...)
 	NOT-FOR-US: Meross
-CVE-2018-6400
+CVE-2018-6400 (Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privil ...)
 	NOT-FOR-US: Kingsoft WPS Office Free
 CVE-2018-6399
 	RESERVED
-CVE-2018-6398
+CVE-2018-6398 (SQL Injection exists in the CP Event Calendar 3.0.1 component for Joom ...)
 	NOT-FOR-US: CP Event Calendar component for Joomla!
-CVE-2018-6397
+CVE-2018-6397 (Directory Traversal exists in the Picture Calendar 3.1.4 component for ...)
 	NOT-FOR-US: Picture Calendar  component for Joomla!
-CVE-2018-6396
+CVE-2018-6396 (SQL Injection exists in the Google Map Landkarten through 4.2.3 compon ...)
 	NOT-FOR-US: Google Map Landkarten component for Joomla!
-CVE-2018-6395
+CVE-2018-6395 (SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla ...)
 	NOT-FOR-US: Visual Calendar component for Joomla!
-CVE-2018-6394
+CVE-2018-6394 (SQL Injection exists in the InviteX 3.0.5 component for Joomla! via th ...)
 	NOT-FOR-US: InviteX component for Joomla!
-CVE-2018-6393
+CVE-2018-6393 (** DISPUTED ** FreePBX 10.13.66-32bit and 14.0.1.24 (SNG7-PBX-64bit-17 ...)
 	NOT-FOR-US: FreePBX
-CVE-2018-6392
+CVE-2018-6392 (The filter_slice function in libavfilter/vf_transpose.c in FFmpeg thro ...)
 	{DSA-4249-1}
 	- ffmpeg 7:3.4.2-1
 	- libav <removed>
@@ -37956,11 +37956,11 @@ CVE-2018-6392
 	NOTE: Fixed in 3.2.11, the commit in the 3.2 branch (c4ba170cad2ccdd896ea6fd3a890980008606541)
 	NOTE: has the regression fix squashed in
 	NOTE: The vulnerable function is filter_frame in libav.
-CVE-2018-6391
+CVE-2018-6391 (A cross-site request forgery web vulnerability has been discovered on  ...)
 	NOT-FOR-US: Netis WF2419 V2.2.36123 devices
-CVE-2018-6390
+CVE-2018-6390 (The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.710 ...)
 	NOT-FOR-US: Kingsoft WPS Office
-CVE-2018-6389
+CVE-2018-6389 (In WordPress through 4.9.2, unauthenticated attackers can cause a deni ...)
 	- wordpress <unfixed> (unimportant)
 	NOTE: https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
 	NOTE: https://thehackernews.com/2018/02/wordpress-dos-exploit.html
@@ -37968,40 +37968,40 @@ CVE-2018-6389
 	NOTE: disputed by upstream as best fixed at the server level
 	NOTE: patch in progress in https://core.trac.wordpress.org/ticket/43308
 	NOTE: Architectual limitation, marginal impact
-CVE-2018-6388
+CVE-2018-6388 (iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote au ...)
 	NOT-FOR-US: iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices
-CVE-2018-6387
+CVE-2018-6387 (iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcode ...)
 	NOT-FOR-US: iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices
 CVE-2018-6386
 	RESERVED
 CVE-2018-6385
 	RESERVED
-CVE-2018-6384
+CVE-2018-6384 (Unquoted Windows search path vulnerability in NSClient++ before 0.4.1. ...)
 	NOT-FOR-US: NSClient++
-CVE-2018-6383
+CVE-2018-6383 (Monstra CMS through 3.0.4 has an incomplete "forbidden types" list tha ...)
 	NOT-FOR-US: Monstra CMS
-CVE-2018-6382
+CVE-2018-6382 (** DISPUTED ** MantisBT 2.10.0 allows local users to conduct SQL Injec ...)
 	- mantis <removed>
 	[wheezy] - mantis <end-of-life> (Not supported in Wheezy)
 	NOTE: https://mantisbt.org/bugs/view.php?id=23908
-CVE-2018-6381
+CVE-2018-6381 (In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid me ...)
 	- zziplib 0.13.62-3.2 (bug #889096)
 	[stretch] - zziplib <no-dsa> (Minor issue)
 	[jessie] - zziplib <no-dsa> (Minor issue)
 	[wheezy] - zziplib <ignored> (Minor issue)
 	NOTE: https://github.com/gdraheim/zziplib/issues/12
 	NOTE: https://github.com/gdraheim/zziplib/commit/a803559fa9194be895422ba3684cf6309b6bb598 (v0.13.68)
-CVE-2018-6380
+CVE-2018-6380 (In Joomla! before 3.8.4, lack of escaping in the module chromes leads  ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-6379
+CVE-2018-6379 (In Joomla! before 3.8.4, inadequate input filtering in the Uri class ( ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-6378
+CVE-2018-6378 (In Joomla! Core before 3.8.8, inadequate filtering of file and folder  ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-6377
+CVE-2018-6377 (In Joomla! before 3.8.4, inadequate input filtering in com_fields lead ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-6376
+CVE-2018-6376 (In Joomla! before 3.8.4, the lack of type casting of a variable in a S ...)
 	NOT-FOR-US: Joomla!
-CVE-2018-1000030
+CVE-2018-1000030 (Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Hea ...)
 	- python3.7 <not-affected> (Reading ahead of file objects implemented differently)
 	- python3.6 <not-affected> (Reading ahead of file objects implemented differently)
 	- python3.5 <not-affected> (Reading ahead of file objects implemented differently)
@@ -38021,9 +38021,9 @@ CVE-2018-1000030
 	NOTE: where the 6401e56 commit was mostly reverted again.
 	NOTE: Needed: https://github.com/python/cpython/commit/dbf52e02f18dac6f5f0a64f78932f3dc6efc056b
 	NOTE: No practical security impact, why DWF assigned a CVE ID is hard to tell
-CVE-2018-1000029
+CVE-2018-1000029 (mcholste Enterprise Log Search and Archive (ELSA) version revision 120 ...)
 	NOT-FOR-US: mcholste Enterprise Log Search and Archive
-CVE-2018-1000026
+CVE-2018-1000026 (Linux Linux kernel version at least v4.8 onwards, probably well before ...)
 	- linux 4.16.5-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://patchwork.ozlabs.org/patch/859410/
@@ -38031,75 +38031,75 @@ CVE-2018-1000026
 	NOTE: http://lists.openwall.net/netdev/2018/01/18/96
 	NOTE: https://git.kernel.org/linus/8914a595110a6eca69a5e275b323f5d09e18f4f9
 	NOTE: https://git.kernel.org/linus/2b16f048729bf35e6c28a40cbfad07239f9dcd90
-CVE-2018-1000025
+CVE-2018-1000025 (Jerome Gamez Firebase Admin SDK for PHP version from 3.2.0 to 3.8.0 co ...)
 	NOT-FOR-US: Jerome Gamez Firebase Admin SDK for PHP
-CVE-2018-1000023
+CVE-2018-1000023 (Bitpay/insight-api Insight-api version 5.0.0 and earlier contains a CW ...)
 	NOT-FOR-US: Bitpay/insight-api Insight-api
-CVE-2018-1000021
+CVE-2018-1000021 (GIT version 2.15.1 and earlier contains a Input Validation Error vulne ...)
 	- git <unfixed> (unimportant; bug #889680)
 	NOTE: http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html
 	NOTE: Terminal emulators need to perform proper escaping
-CVE-2018-1000020
+CVE-2018-1000020 (OpenEMR version 5.0.0 contains a Cross Site Scripting (XSS) vulnerabil ...)
 	NOT-FOR-US: OpenEMR
-CVE-2018-1000019
+CVE-2018-1000019 (OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in ...)
 	NOT-FOR-US: OpenEMR
 CVE-2018-6375
 	RESERVED
-CVE-2018-6374
+CVE-2018-6374 (The GUI component (aka PulseUI) in Pulse Secure Desktop Linux clients  ...)
 	NOT-FOR-US: PulseUI in Pulse Secure Desktop Linux clients
-CVE-2018-6373
+CVE-2018-6373 (SQL Injection exists in the Fastball 2.5 component for Joomla! via the ...)
 	NOT-FOR-US: Fastball component for Joomla!
-CVE-2018-6372
+CVE-2018-6372 (SQL Injection exists in the JB Bus 2.3 component for Joomla! via the o ...)
 	NOT-FOR-US: JB Bus component for Joomla!
 CVE-2018-6371
 	RESERVED
-CVE-2018-6370
+CVE-2018-6370 (SQL Injection exists in the NeoRecruit 4.1 component for Joomla! via t ...)
 	NOT-FOR-US: NeoRecruit component for Joomla!
 CVE-2018-6369
 	RESERVED
-CVE-2018-6368
+CVE-2018-6368 (SQL Injection exists in the JomEstate PRO through 3.7 component for Jo ...)
 	NOT-FOR-US: JomEstate PRO component for Joomla!
-CVE-2018-6367
+CVE-2018-6367 (SQL Injection exists in Vastal I-Tech Buddy Zone Facebook Clone 2.9.9  ...)
 	NOT-FOR-US: Vastal I-Tech Buddy Zone Facebook Clone
 CVE-2018-6366
 	RESERVED
-CVE-2018-6365
+CVE-2018-6365 (SQL Injection exists in TSiteBuilder 1.0 via the id parameter to /site ...)
 	NOT-FOR-US: TSiteBuilder
-CVE-2018-6364
+CVE-2018-6364 (SQL Injection exists in Multilanguage Real Estate MLM Script through 3 ...)
 	NOT-FOR-US: Multilanguage Real Estate MLM Script
-CVE-2018-6363
+CVE-2018-6363 (SQL Injection exists in Task Rabbit Clone 1.0 via the single_blog.php  ...)
 	NOT-FOR-US: Task Rabbit Clone
-CVE-2018-6362
+CVE-2018-6362 (Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the domainop  ...)
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
-CVE-2018-6361
+CVE-2018-6361 (Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the op parame ...)
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
-CVE-2018-6360
+CVE-2018-6360 (mpv through 0.28.0 allows remote attackers to execute arbitrary code v ...)
 	{DSA-4105-1}
 	- mpv 0.27.0-3 (bug #888654)
 	[jessie] - mpv <not-affected> (Vulnerable code not present, youtube-dl hook script added in 0.7.0)
 	NOTE: https://github.com/mpv-player/mpv/issues/5456
 	NOTE: https://github.com/mpv-player/mpv/commit/e6e6b0dcc7e9b0dbf35154a179b3dc1fcfcaff43
-CVE-2018-6359
+CVE-2018-6359 (The decompileIF function (util/decompile.c) in libming through 0.4.8 i ...)
 	{DLA-1305-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/105
-CVE-2018-6358
+CVE-2018-6358 (The printDefineFont2 function (util/listfdb.c) in libming through 0.4. ...)
 	{DLA-1343-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/104
-CVE-2018-6357
+CVE-2018-6357 (The acx_asmw_saveorder_callback function in function.php in the acurax ...)
 	NOT-FOR-US: acurax-social-media-widget plugin for WordPress
-CVE-2018-6356
+CVE-2018-6356 (Jenkins before 2.107 and Jenkins LTS before 2.89.4 did not properly pr ...)
 	- jenkins <removed>
-CVE-2018-6355
+CVE-2018-6355 (/goform/setLang on iBall 300M devices with "iB-WRB302N_1.0.1-Sep 8 201 ...)
 	NOT-FOR-US: iBall 300M devices
-CVE-2018-6354
+CVE-2018-6354 (templates/forms/thanks.html in Formspree before 2018-01-23 allows XSS  ...)
 	NOT-FOR-US: Formspree
-CVE-2018-6353
+CVE-2018-6353 (The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 sup ...)
 	- electrum <unfixed> (bug #890003; unimportant)
 	NOTE: https://github.com/spesmilo/electrum/issues/3678
 	NOTE: https://github.com/spesmilo/electrum/pull/3700
-CVE-2018-6352
+CVE-2018-6352 (In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::Rea ...)
 	- libpodofo 0.9.6+dfsg-3
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -38114,52 +38114,52 @@ CVE-2018-6349
 	RESERVED
 CVE-2018-6348
 	RESERVED
-CVE-2018-6347
+CVE-2018-6347 (An issue in the Proxygen handling of HTTP2 parsing of headers/trailers ...)
 	NOT-FOR-US: Facebook Proxygen
-CVE-2018-6346
+CVE-2018-6346 (A potential denial-of-service issue in the Proxygen handling of invali ...)
 	NOT-FOR-US: Facebook Proxygen
-CVE-2018-6345
+CVE-2018-6345 (The function number_format is vulnerable to a heap overflow issue when ...)
 	- hhvm <removed>
-CVE-2018-6344
+CVE-2018-6344 (A heap corruption in WhatsApp can be caused by a malformed RTP packet  ...)
 	NOT-FOR-US: Whatsapp
-CVE-2018-6343
+CVE-2018-6343 (Proxygen fails to validate that a secondary auth manager is set before ...)
 	NOT-FOR-US: Facebook Proxygen
-CVE-2018-6342
+CVE-2018-6342 (react-dev-utils on Windows allows developers to run a local webserver  ...)
 	NOT-FOR-US: react-dev-utils
-CVE-2018-6341
+CVE-2018-6341 (React applications which rendered to HTML using the ReactDOMServer API ...)
 	NOT-FOR-US: React
-CVE-2018-6340
+CVE-2018-6340 (The Memcache::getextendedstats function can be used to trigger an out- ...)
 	- hhvm <removed>
 CVE-2018-6339
 	RESERVED
 CVE-2018-6338
 	RESERVED
-CVE-2018-6337
+CVE-2018-6337 (folly::secureRandom will re-use a buffer between parent and child proc ...)
 	- hhvm <not-affected> (Only affects 3.26)
 	NOTE: https://github.com/facebook/hhvm/commit/e2d10a1e32d01f71aaadd81169bcb9ae86c5d6b8
 	NOTE: https://hhvm.com/blog/2018/05/24/hhvm-3.26.3.html
-CVE-2018-6336
+CVE-2018-6336 (An issue was discovered in osquery. A maliciously crafted Universal/fa ...)
 	NOT-FOR-US: osquery
-CVE-2018-6335
+CVE-2018-6335 (A Malformed h2 frame can cause 'std::out_of_range' exception when pars ...)
 	- hhvm 3.24.7+dfsg-1
 	NOTE: https://github.com/facebook/hhvm/commit/4cb57dd753a339654ca464c139db9871fe961d56
 	NOTE: https://hhvm.com/blog/2018/05/04/hhvm-3.25.3.html
-CVE-2018-6334
+CVE-2018-6334 (Multipart-file uploads call variables to be improperly registered in t ...)
 	- hhvm 3.24.7+dfsg-1 (bug #895194)
 	NOTE: https://hhvm.com/blog/2018/03/30/hhvm-3.25.2.html
 	NOTE: https://github.com/facebook/hhvm/commit/6937de5544c3eead3466b75020d8382080ed0cff
-CVE-2018-6333
+CVE-2018-6333 (The hhvm-attach deep link handler in Nuclide did not properly sanitize ...)
 	NOT-FOR-US: Nuclide
-CVE-2018-6332
+CVE-2018-6332 (A potential denial-of-service issue in the Proxygen handling of invali ...)
 	- hhvm 3.24.7+dfsg-1 (bug #895194)
 	NOTE: https://hhvm.com/blog/2018/03/15/hhvm-3.25.html
-CVE-2018-6331
+CVE-2018-6331 (Buck parser-cache command loads/saves state using Java serialized obje ...)
 	NOT-FOR-US: Buck parser-cache
 CVE-2018-6330
 	RESERVED
-CVE-2018-6329
+CVE-2018-6329 (It was discovered that the Unitrends Backup (UB) before 10.1.0 libbpex ...)
 	NOT-FOR-US: Unitrends Backup
-CVE-2018-6328
+CVE-2018-6328 (It was discovered that the Unitrends Backup (UB) before 10.1.0 user in ...)
 	NOT-FOR-US: Unitrends Backup
 CVE-2018-6327
 	RESERVED
@@ -38167,90 +38167,90 @@ CVE-2018-6326
 	RESERVED
 CVE-2018-6325
 	RESERVED
-CVE-2018-6324
+CVE-2018-6324 (F-Secure Radar (on-premises) before 2018-02-15 has an Unvalidated Redi ...)
 	NOT-FOR-US: F-Secure Radar
-CVE-2018-6323
+CVE-2018-6323 (The elf_object_p function in elfcode.h in the Binary File Descriptor ( ...)
 	- binutils 2.30-3
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22746
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=38e64b0ecc7f4ee64a02514b8d532782ac057fa2
-CVE-2018-6322
+CVE-2018-6322 (Panda Global Protection 17.0.1 allows local users to gain privileges o ...)
 	NOT-FOR-US: Panda Global Protection
-CVE-2018-6321
+CVE-2018-6321 (Unquoted Windows search path vulnerability in the panda_url_filtering  ...)
 	NOT-FOR-US: Panda Global Protection
-CVE-2018-6320
+CVE-2018-6320 (A vulnerability has been discovered in login.cgi in Pulse Secure Pulse ...)
 	NOT-FOR-US: Pulse Secure
-CVE-2018-6319
+CVE-2018-6319 (In Sophos Tester Tool 3.2.0.7 Beta, the driver accepts a special Devic ...)
 	NOT-FOR-US: Sophos Tester Tool
-CVE-2018-6318
+CVE-2018-6318 (In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context o ...)
 	NOT-FOR-US: Sophos Tester Tool
-CVE-2018-6317
+CVE-2018-6317 (The remote management interface in Claymore Dual Miner 10.5 and earlie ...)
 	NOT-FOR-US: Claymore's Dual Ethereum
-CVE-2018-6316
+CVE-2018-6316 (Ivanti Endpoint Security (formerly HEAT Endpoint Management and Securi ...)
 	NOT-FOR-US: Ivanti Endpoint Security
-CVE-2018-6315
+CVE-2018-6315 (The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming th ...)
 	{DLA-1305-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/101
 CVE-2018-6314
 	RESERVED
-CVE-2018-6313
+CVE-2018-6313 (Cross-site scripting (XSS) in WBCE CMS 1.3.1 allows remote authenticat ...)
 	NOT-FOR-US: WBCE CMS
-CVE-2018-6312
+CVE-2018-6312 (A privileged account with a weak default password on the Foxconn femto ...)
 	NOT-FOR-US: Foxconn femtocell FEMTO AP-FC4064-T
-CVE-2018-6311
+CVE-2018-6311 (One can gain root access on the Foxconn femtocell FEMTO AP-FC4064-T ve ...)
 	NOT-FOR-US: Foxconn femtocell FEMTO AP-FC4064-T
 CVE-2018-6310
 	RESERVED
 CVE-2018-6309
 	RESERVED
-CVE-2018-6308
+CVE-2018-6308 (Multiple SQL injections exist in SugarCRM Community Edition 6.5.26 and ...)
 	NOT-FOR-US: SugarCRM
-CVE-2018-6307
+CVE-2018-6307 (LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains ...)
 	{DSA-4383-1 DLA-1617-1}
 	- libvncserver 0.9.11+dfsg-1.2 (bug #916941)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/241
 	NOTE: https://github.com/LibVNC/libvncserver/commit/ca2a5ac02fbbadd0a21fabba779c1ea69173d10b
 	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-026-libvnc-heap-use-after-free/
-CVE-2018-6306
+CVE-2018-6306 (Unauthorized code execution from specific DLL and is known as DLL Hija ...)
 	NOT-FOR-US: Kaspersky Password Manager
-CVE-2018-6305
+CVE-2018-6305 (Denial of service in Gemalto's Sentinel LDK RTE version before 7.65 ...)
 	NOT-FOR-US: Gemalto
-CVE-2018-6304
+CVE-2018-6304 (Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE vers ...)
 	NOT-FOR-US: Gemalto
-CVE-2018-6303
+CVE-2018-6303 (Denial of service by uploading malformed firmware in Hanwha Techwin Sm ...)
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6302
+CVE-2018-6302 (Denial of service by blocking of new camera registration on the cloud  ...)
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6301
+CVE-2018-6301 (Arbitrary camera access and monitoring via cloud in Hanwha Techwin Sma ...)
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6300
+CVE-2018-6300 (Remote password change in Hanwha Techwin Smartcams ...)
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6299
+CVE-2018-6299 (Authentication bypass in Hanwha Techwin Smartcams ...)
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6298
+CVE-2018-6298 (Remote code execution in Hanwha Techwin Smartcams ...)
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6297
+CVE-2018-6297 (Buffer overflow in Hanwha Techwin Smartcams ...)
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6296
+CVE-2018-6296 (An undocumented (hidden) capability for switching the web interface in ...)
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6295
+CVE-2018-6295 (Unencrypted way of remote control and communications in Hanwha Techwin ...)
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6294
+CVE-2018-6294 (Unsecured way of firmware update in Hanwha Techwin Smartcams ...)
 	NOT-FOR-US: Hanwha Techwin Smartcams
-CVE-2018-6293
+CVE-2018-6293 (Arbitrary File Read in Saperion Web Client version 7.5.2 83166. ...)
 	NOT-FOR-US: Saperion Web Client
-CVE-2018-6292
+CVE-2018-6292 (Remote Code Execution in Saperion Web Client version 7.5.2 83166. ...)
 	NOT-FOR-US: Saperion Web Client
-CVE-2018-6291
+CVE-2018-6291 (WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway versi ...)
 	NOT-FOR-US: Kaspersky Secure Mail Gateway
-CVE-2018-6290
+CVE-2018-6290 (Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1. ...)
 	NOT-FOR-US: Kaspersky Secure Mail Gateway
-CVE-2018-6289
+CVE-2018-6289 (Configuration file injection leading to Code Execution as Root in Kasp ...)
 	NOT-FOR-US: Kaspersky Secure Mail Gateway
-CVE-2018-6288
+CVE-2018-6288 (Cross-site Request Forgery leading to Administrative account takeover  ...)
 	NOT-FOR-US: Kaspersky Secure Mail Gateway
 CVE-2018-6287
 	RESERVED
@@ -38287,29 +38287,29 @@ CVE-2018-6273
 	RESERVED
 CVE-2018-6272
 	RESERVED
-CVE-2018-6271
+CVE-2018-6271 (NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in whi ...)
 	NOT-FOR-US: NVIDIA component for Android
 CVE-2018-6270
 	RESERVED
 CVE-2018-6269
 	RESERVED
-CVE-2018-6268
+CVE-2018-6268 (NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, ...)
 	NOT-FOR-US: NVIDIA component for Android
-CVE-2018-6267
+CVE-2018-6267 (NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in whi ...)
 	NOT-FOR-US: NVIDIA component for Android
-CVE-2018-6266
+CVE-2018-6266 (NVIDIA GeForce Experience contains a vulnerability in all versions pri ...)
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2018-6265
+CVE-2018-6265 (NVIDIA GeForce Experience contains a vulnerability in all versions pri ...)
 	NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2018-6264
 	RESERVED
-CVE-2018-6263
+CVE-2018-6263 (NVIDIA GeForce Experience contains a vulnerability in all versions pri ...)
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2018-6262
+CVE-2018-6262 (NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when  ...)
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2018-6261
+CVE-2018-6261 (NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when  ...)
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2018-6260
+CVE-2018-6260 (NVIDIA graphics driver contains a vulnerability that may allow access  ...)
 	[experimental] - nvidia-graphics-drivers 418.43-1
 	- nvidia-graphics-drivers 410.104-1 (bug #913467)
 	[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -38325,19 +38325,19 @@ CVE-2018-6260
 	[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4738
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4772
-CVE-2018-6259
+CVE-2018-6259 (NVIDIA GeForce Experience all versions prior to 3.14.1 contains a pote ...)
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2018-6258
+CVE-2018-6258 (NVIDIA GeForce Experience all versions prior to 3.14.1 contains a pote ...)
 	NOT-FOR-US: NVIDIA GeForce Experience
-CVE-2018-6257
+CVE-2018-6257 (NVIDIA GeForce Experience all versions prior to 3.14.1 contains a pote ...)
 	NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2018-6256
 	RESERVED
 CVE-2018-6255
 	RESERVED
-CVE-2018-6254
+CVE-2018-6254 (In Android before the 2018-05-05 security patch level, NVIDIA Media Se ...)
 	NOT-FOR-US: NVIDIA components for Android
-CVE-2018-6253
+CVE-2018-6253 (NVIDIA GPU Display Driver contains a vulnerability in the DirectX and  ...)
 	- nvidia-graphics-drivers 390.48-1 (bug #894338)
 	[stretch] - nvidia-graphics-drivers 384.130-1
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -38349,13 +38349,13 @@ CVE-2018-6253
 	[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4649
-CVE-2018-6252
+CVE-2018-6252 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2018-6251
+CVE-2018-6251 (NVIDIA Windows GPU Display Driver contains a vulnerability in the Dire ...)
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2018-6250
+CVE-2018-6250 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2018-6249
+CVE-2018-6249 (NVIDIA GPU Display Driver contains a vulnerability in kernel mode laye ...)
 	- nvidia-graphics-drivers 390.48-1 (bug #894338)
 	[stretch] - nvidia-graphics-drivers 384.130-1
 	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -38367,11 +38367,11 @@ CVE-2018-6249
 	[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4649
-CVE-2018-6248
+CVE-2018-6248 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2018-6247
+CVE-2018-6247 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: NVIDIA Windows driver
-CVE-2018-6246
+CVE-2018-6246 (In Android before the 2018-05-05 security patch level, NVIDIA Widevine ...)
 	NOT-FOR-US: NVIDIA components for Android
 CVE-2018-6245
 	RESERVED
@@ -38379,9 +38379,9 @@ CVE-2018-6244
 	RESERVED
 CVE-2018-6243
 	RESERVED
-CVE-2018-6242
+CVE-2018-6242 (Some NVIDIA Tegra mobile processors released prior to 2016 contain a b ...)
 	NOT-FOR-US: NVIDIA
-CVE-2018-6241
+CVE-2018-6241 (NVIDIA Tegra Gralloc module contains a vulnerability in driver in whic ...)
 	NOT-FOR-US: NVIDIA
 CVE-2018-6240
 	RESERVED
@@ -38389,47 +38389,47 @@ CVE-2018-6239
 	RESERVED
 CVE-2018-6238
 	RESERVED
-CVE-2018-6237
+CVE-2018-6237 (A vulnerability in Trend Micro Smart Protection Server (Standalone) 3. ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6236
+CVE-2018-6236 (A Time-of-Check Time-of-Use privilege escalation vulnerability in Tren ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6235
+CVE-2018-6235 (An Out-of-Bounds write privilege escalation vulnerability in Trend Mic ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6234
+CVE-2018-6234 (An Out-of-Bounds Read Information Disclosure vulnerability in Trend Mi ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6233
+CVE-2018-6233 (A buffer overflow privilege escalation vulnerability in Trend Micro Ma ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6232
+CVE-2018-6232 (A buffer overflow privilege escalation vulnerability in Trend Micro Ma ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6231
+CVE-2018-6231 (A server auth command injection authentication bypass vulnerability in ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6230
+CVE-2018-6230 (A SQL injection vulnerability in an Trend Micro Email Encryption Gatew ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6229
+CVE-2018-6229 (A SQL injection vulnerability in an Trend Micro Email Encryption Gatew ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6228
+CVE-2018-6228 (A SQL injection vulnerability in a Trend Micro Email Encryption Gatewa ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6227
+CVE-2018-6227 (A stored cross-site scripting (XSS) vulnerability in Trend Micro Email ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6226
+CVE-2018-6226 (Reflected cross-site scripting (XSS) vulnerabilities in two Trend Micr ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6225
+CVE-2018-6225 (An XML external entity injection (XXE) vulnerability in Trend Micro Em ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6224
+CVE-2018-6224 (A lack of cross-site request forgery (CSRF) protection vulnerability i ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6223
+CVE-2018-6223 (A missing authentication for appliance registration vulnerability in T ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6222
+CVE-2018-6222 (Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 co ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6221
+CVE-2018-6221 (An unvalidated software update vulnerability in Trend Micro Email Encr ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6220
+CVE-2018-6220 (An arbitrary file write vulnerability in Trend Micro Email Encryption  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6219
+CVE-2018-6219 (An Insecure Update via HTTP vulnerability in Trend Micro Email Encrypt ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6218
+CVE-2018-6218 (A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Modul ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-6217
+CVE-2018-6217 (The WStr::_alloc_iostr_data() function in kso.dll in Kingsoft WPS Offi ...)
 	NOT-FOR-US: Kingsoft WPS Office
 CVE-2018-6216
 	RESERVED
@@ -38437,81 +38437,81 @@ CVE-2018-6215
 	RESERVED
 CVE-2018-6214
 	RESERVED
-CVE-2018-6213
+CVE-2018-6213 (In the web server on D-Link DIR-620 devices with a certain customized  ...)
 	NOT-FOR-US: D-Link
-CVE-2018-6212
+CVE-2018-6212 (On D-Link DIR-620 devices with a certain customized (by ISP) variant o ...)
 	NOT-FOR-US: D-Link
-CVE-2018-6211
+CVE-2018-6211 (On D-Link DIR-620 devices with a certain customized (by ISP) variant o ...)
 	NOT-FOR-US: D-Link
-CVE-2018-6210
+CVE-2018-6210 (D-Link DIR-620 devices, with a certain Rostelekom variant of firmware  ...)
 	NOT-FOR-US: D-Link
-CVE-2018-6209
+CVE-2018-6209 (In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxCryptMon.sys ...)
 	NOT-FOR-US: Max Secure Anti Virus
-CVE-2018-6208
+CVE-2018-6208 (In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32. ...)
 	NOT-FOR-US: Max Secure Anti Virus
-CVE-2018-6207
+CVE-2018-6207 (In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32. ...)
 	NOT-FOR-US: Max Secure Anti Virus
-CVE-2018-6206
+CVE-2018-6206 (In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32. ...)
 	NOT-FOR-US: Max Secure Anti Virus
-CVE-2018-6205
+CVE-2018-6205 (In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32. ...)
 	NOT-FOR-US: Max Secure Anti Virus
-CVE-2018-6204
+CVE-2018-6204 (In Max Secure Anti Virus 19.0.3.019,, the driver file (SDActMon.sys) a ...)
 	NOT-FOR-US: Max Secure Anti Virus
-CVE-2018-6203
+CVE-2018-6203 (In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allo ...)
 	NOT-FOR-US: eScan Antivirus
-CVE-2018-6202
+CVE-2018-6202 (In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allo ...)
 	NOT-FOR-US: eScan Antivirus
-CVE-2018-6201
+CVE-2018-6201 (In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allo ...)
 	NOT-FOR-US: eScan Antivirus
-CVE-2018-6200
+CVE-2018-6200 (vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the r ...)
 	NOT-FOR-US: vBulletin
 CVE-2018-6199
 	RESERVED
-CVE-2018-6195
+CVE-2018-6195 (admin/partials/wp-splashing-admin-main.php in the Splashing Images plu ...)
 	NOT-FOR-US: WordPress plugin wp-splashing-images
-CVE-2018-6194
+CVE-2018-6194 (A cross-site scripting (XSS) vulnerability in admin/partials/wp-splash ...)
 	NOT-FOR-US: WordPress plugin wp-splashing-images
-CVE-2018-6193
+CVE-2018-6193 (A Cross-Site Scripting (XSS) vulnerability was found in Routers2 2.24, ...)
 	NOT-FOR-US: Routers2
-CVE-2018-6192
+CVE-2018-6192 (In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xre ...)
 	{DSA-4334-1}
 	- mupdf 1.13.0+ds1-1 (bug #888487)
 	[jessie] - mupdf <no-dsa> (Minor issue)
 	[wheezy] - mupdf <no-dsa> (Minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698916
 	NOTE: Fixed by: http://www.ghostscript.com/cgi-bin/findgit.cgi?5e411a99604ff6be5db9e273ee84737204113299
-CVE-2018-6191
+CVE-2018-6191 (The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has a ...)
 	NOT-FOR-US: MuJS
-CVE-2018-6190
+CVE-2018-6190 (Netis WF2419 V3.2.41381 devices allow XSS via the Description field on ...)
 	NOT-FOR-US: Netis WF2419 V3.2.41381 devices
-CVE-2018-6198
+CVE-2018-6198 (w3m through 0.5.3 does not properly handle temporary files when the ~/ ...)
 	- w3m 0.5.3-36 (bug #888097; unimportant)
 	[stretch] - w3m 0.5.3-34+deb9u1
 	NOTE: https://github.com/tats/w3m/commit/18dcbadf2771cdb0c18509b14e4e73505b242753
 	NOTE: Neutralised by kernel hardening
-CVE-2018-6197
+CVE-2018-6197 (w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formU ...)
 	- w3m 0.5.3-36 (low)
 	[stretch] - w3m 0.5.3-34+deb9u1
 	[jessie] - w3m <no-dsa> (Minor issue)
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/89
 	NOTE: https://github.com/tats/w3m/commit/7fdc83b0364005a0b5ed869230dd81752ba022e8
-CVE-2018-6196
+CVE-2018-6196 (w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlinepr ...)
 	- w3m 0.5.3-36 (low)
 	[stretch] - w3m 0.5.3-34+deb9u1
 	[jessie] - w3m <no-dsa> (Minor issue)
 	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/88
 	NOTE: https://github.com/tats/w3m/commit/8354763b90490d4105695df52674d0fcef823e92
-CVE-2018-6189
+CVE-2018-6189 (F-Secure Radar (on-premises) before 2018-02-15 has XSS via vectors inv ...)
 	NOT-FOR-US: F-Secure Radar
-CVE-2018-6188
+CVE-2018-6188 (django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0. ...)
 	- python-django 1:1.11.10-1
 	[stretch] - python-django <not-affected> (Issue introduced in 1.11.8 and 2.0)
 	[jessie] - python-django <not-affected> (Issue introduced in 1.11.8 and 2.0)
 	[wheezy] - python-django <not-affected> (Issue introduced in 1.11.8 and 2.0)
 	NOTE: https://www.djangoproject.com/weblog/2018/feb/01/security-releases/
-CVE-2018-6187
+CVE-2018-6187 (In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnera ...)
 	{DSA-4334-1}
 	- mupdf 1.13.0+ds1-1 (bug #888464)
 	[jessie] - mupdf <no-dsa> (Minor issue)
@@ -38520,29 +38520,29 @@ CVE-2018-6187
 	NOTE: https://lists.debian.org/debian-lts/2018/03/msg00041.html
 	NOTE: Fixed by: http://www.ghostscript.com/cgi-bin/findgit.cgi?3e30fbb7bf5efd88df431e366492356e7eb969ec
 	NOTE: issued covered by: http://www.ghostscript.com/cgi-bin/findgit.cgi?fa9cd085533f68367c299e058ab3fbb7ad8a2dc6
-CVE-2018-6186
+CVE-2018-6186 (Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via ...)
 	NOT-FOR-US: Citrix NetScaler VPX
 CVE-2018-6185
 	RESERVED
-CVE-2018-6184
+CVE-2018-6184 (ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next r ...)
 	NOT-FOR-US: ZEIT Next.js
-CVE-2018-6183
+CVE-2018-6183 (BitDefender Total Security 2018 allows local users to gain privileges  ...)
 	NOT-FOR-US: BitDefender Total Security
-CVE-2018-6182
+CVE-2018-6182 (Mahara 16.10 before 16.10.9 and 17.04 before 17.04.7 and 17.10 before  ...)
 	- mahara <removed>
 CVE-2018-6181
 	RESERVED
-CVE-2018-6180
+CVE-2018-6180 (A flaw in the profile section of Online Voting System 1.0 allows an un ...)
 	NOT-FOR-US: Online Voting System
 CVE-2018-1000017
 	REJECTED
-CVE-2018-1000018
+CVE-2018-1000018 (An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7  ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2018-6179
+CVE-2018-6179 (Insufficient enforcement of file access permission in the activeTab ca ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6178
+CVE-2018-6178 (Eliding from the wrong side in an infobar in DevTools in Google Chrome ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38556,19 +38556,19 @@ CVE-2018-6176
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6175
+CVE-2018-6175 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6174
+CVE-2018-6174 (Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.7 ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6173
+CVE-2018-6173 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6172
+CVE-2018-6172 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38577,11 +38577,11 @@ CVE-2018-6171
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6170
+CVE-2018-6170 (A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a  ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6169
+CVE-2018-6169 (Lack of timeout on extension install prompt in Extensions in Google Ch ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38590,27 +38590,27 @@ CVE-2018-6168
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6167
+CVE-2018-6167 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6166
+CVE-2018-6166 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6165
+CVE-2018-6165 (Incorrect handling of reloads in Navigation in Google Chrome prior to  ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6164
+CVE-2018-6164 (Insufficient origin checks for CSS content in Blink in Google Chrome p ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6163
+CVE-2018-6163 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6162
+CVE-2018-6162 (Improper deserialization in WebGL in Google Chrome on Mac prior to 68. ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38619,14 +38619,14 @@ CVE-2018-6161
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6160
+CVE-2018-6160 (JavaScript alert handling in Prompts in Google Chrome prior to 68.0.34 ...)
 	- chromium-browser <not-affected> (Only affects Chrome on iOS)
 CVE-2018-6159
 	RESERVED
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6158
+CVE-2018-6158 (A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 allo ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38650,15 +38650,15 @@ CVE-2018-6154
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6153
+CVE-2018-6153 (A precision error in Skia in Google Chrome prior to 68.0.3440.75 allow ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6152
+CVE-2018-6152 (The implementation of the Page.downloadBehavior backend unconditionall ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6151
+CVE-2018-6151 (Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS pr ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38677,7 +38677,7 @@ CVE-2018-6148
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.79-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6147
+CVE-2018-6147 (Lack of secure text entry mode in Browser UI in Google Chrome on Mac p ...)
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38690,12 +38690,12 @@ CVE-2018-6145
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6144
+CVE-2018-6144 (Off-by-one error in PDFium in Google Chrome prior to 67.0.3396.62 allo ...)
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6143
+CVE-2018-6143 (Insufficient validation in V8 in Google Chrome prior to 67.0.3396.62 a ...)
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38706,17 +38706,17 @@ CVE-2018-6142
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6141
+CVE-2018-6141 (Insufficient validation of an image filter in Skia in Google Chrome pr ...)
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6140
+CVE-2018-6140 (Allowing the chrome.debugger API to attach to Web UI pages in DevTools ...)
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6139
+CVE-2018-6139 (Insufficient target checks on the chrome.debugger API in DevTools in G ...)
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38727,7 +38727,7 @@ CVE-2018-6138
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6137
+CVE-2018-6137 (CSS Paint API in Blink in Google Chrome prior to 67.0.3396.62 allowed  ...)
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38738,7 +38738,7 @@ CVE-2018-6136
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6135
+CVE-2018-6135 (Lack of clearing the previous site before loading alerts from a new on ...)
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38749,7 +38749,7 @@ CVE-2018-6134
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6133
+CVE-2018-6133 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38781,12 +38781,12 @@ CVE-2018-6129
 CVE-2018-6128
 	RESERVED
 	- chromium-browser <not-affected> (ios specific)
-CVE-2018-6127
+CVE-2018-6127 (Early free of object in use in IndexDB in Google Chrome prior to 67.0. ...)
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6126
+CVE-2018-6126 (A precision error in Skia in Google Chrome prior to 67.0.3396.62 allow ...)
 	{DSA-4237-1 DSA-4220-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38801,12 +38801,12 @@ CVE-2018-6125
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6124
+CVE-2018-6124 (Type confusion in ReadableStreams in Blink in Google Chrome prior to 6 ...)
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6123
+CVE-2018-6123 (A use after free in Blink in Google Chrome prior to 67.0.3396.62 allow ...)
 	{DSA-4237-1}
 	- chromium-browser 67.0.3396.62-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38823,12 +38823,12 @@ CVE-2018-6121
 	- chromium-browser 66.0.3359.181-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6120
+CVE-2018-6120 (An integer overflow that could lead to an attacker-controlled heap out ...)
 	{DSA-4237-1}
 	- chromium-browser 66.0.3359.181-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6119
+CVE-2018-6119 (Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.1 ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -38838,292 +38838,292 @@ CVE-2018-6118
 	- chromium-browser 66.0.3359.139-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6117
+CVE-2018-6117 (Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6116
+CVE-2018-6116 (A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.33 ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6115
+CVE-2018-6115 (Inappropriate setting of the SEE_MASK_FLAG_NO_UI flag in file download ...)
 	- chromium-browser <not-affected> (windows specific)
-CVE-2018-6114
+CVE-2018-6114 (Incorrect enforcement of CSP for &lt;object&gt; tags in Blink in Googl ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6113
+CVE-2018-6113 (Improper handling of pending navigation entries in Navigation in Googl ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6112
+CVE-2018-6112 (Making URLs clickable and allowing them to be styled in DevTools in Go ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6111
+CVE-2018-6111 (An object lifetime issue in the developer tools network handler in Goo ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6110
+CVE-2018-6110 (Parsing documents as HTML in Downloads in Google Chrome prior to 66.0. ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6109
+CVE-2018-6109 (readAsText() can indefinitely read the file picked by the user, rather ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6108
+CVE-2018-6108 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6107
+CVE-2018-6107 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6106
+CVE-2018-6106 (An asynchronous generator may return an incorrect state in V8 in Googl ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6105
+CVE-2018-6105 (Incorrect handling of confusable characters in Omnibox in Google Chrom ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6104
+CVE-2018-6104 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6103
+CVE-2018-6103 (A stagnant permission prompt in Prompts in Google Chrome prior to 66.0 ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6102
+CVE-2018-6102 (Missing confusable characters in Internationalization in Google Chrome ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6101
+CVE-2018-6101 (A lack of host validation in DevTools in Google Chrome prior to 66.0.3 ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6100
+CVE-2018-6100 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6099
+CVE-2018-6099 (A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6098
+CVE-2018-6098 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6097
+CVE-2018-6097 (Incorrect handling of asynchronous methods in Fullscreen in Google Chr ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6096
+CVE-2018-6096 (A JavaScript focused window could overlap the fullscreen notification  ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6095
+CVE-2018-6095 (Inappropriate dismissal of file picker on keyboard events in Blink in  ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6094
+CVE-2018-6094 (Inline metadata in GarbageCollection in Google Chrome prior to 66.0.33 ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6093
+CVE-2018-6093 (Insufficient origin checks in Blink in Google Chrome prior to 66.0.335 ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6092
+CVE-2018-6092 (An integer overflow on 32-bit systems in WebAssembly in Google Chrome  ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6091
+CVE-2018-6091 (Service Workers can intercept any request made by an &lt;embed&gt; or  ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6090
+CVE-2018-6090 (An integer overflow that lead to a heap buffer-overflow in Skia in Goo ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6089
+CVE-2018-6089 (A lack of CORS checks, after a Service Worker redirected to a cross-or ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6088
+CVE-2018-6088 (An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0. ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6087
+CVE-2018-6087 (A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.11 ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6086
+CVE-2018-6086 (A double-eviction in the Incognito mode cache that lead to a user-afte ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6085
+CVE-2018-6085 (Re-entry of a destructor in Networking Disk Cache in Google Chrome pri ...)
 	{DSA-4182-1}
 	- chromium-browser 66.0.3359.117-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6084
+CVE-2018-6084 (Insufficiently sanitized distributed objects in Updater in Google Chro ...)
 	- chromium-browser <not-affected> (Specific to MacOS)
-CVE-2018-6083
+CVE-2018-6083 (Failure to disallow PWA installation from CSP sandboxed pages in AppMa ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6082
+CVE-2018-6082 (Including port 22 in the list of allowed FTP ports in Networking in Go ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6081
+CVE-2018-6081 (XSS vulnerabilities in Interstitials in Google Chrome prior to 65.0.33 ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6080
+CVE-2018-6080 (Lack of access control checks in Instrumentation in Google Chrome prio ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6079
+CVE-2018-6079 (Inappropriate sharing of TEXTURE_2D_ARRAY/TEXTURE_3D data between tabs ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6078
+CVE-2018-6078 (Incorrect handling of confusable characters in Omnibox in Google Chrom ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6077
+CVE-2018-6077 (Displacement map filters being applied to cross-origin images in Blink ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6076
+CVE-2018-6076 (Insufficient encoding of URL fragment identifiers in Blink in Google C ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6075
+CVE-2018-6075 (Incorrect handling of specified filenames in file downloads in Google  ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6074
+CVE-2018-6074 (Failure to apply Mark-of-the-Web in Downloads in Google Chrome prior t ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6073
+CVE-2018-6073 (A heap buffer overflow in WebGL in Google Chrome prior to 65.0.3325.14 ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6072
+CVE-2018-6072 (An integer overflow leading to use after free in PDFium in Google Chro ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6071
+CVE-2018-6071 (An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 al ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6070
+CVE-2018-6070 (Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior  ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6069
+CVE-2018-6069 (Stack buffer overflow in Skia in Google Chrome prior to 65.0.3325.146  ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6068
+CVE-2018-6068 (Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to  ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6067
+CVE-2018-6067 (Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.332 ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6066
+CVE-2018-6066 (Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Go ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6065
+CVE-2018-6065 (Integer overflow in computing the required allocation size when instan ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2018-6064
+CVE-2018-6064 (Type Confusion in the implementation of __defineGetter__ in V8 in Goog ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2018-6063
+CVE-2018-6063 (Incorrect use of mojo::WrapSharedMemoryHandle in Mojo in Google Chrome ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6062
+CVE-2018-6062 (Heap overflow write in Skia in Google Chrome prior to 65.0.3325.146 al ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6061
+CVE-2018-6061 (A race in the handling of SharedArrayBuffers in WebAssembly in Google  ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2018-6060
+CVE-2018-6060 (Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 all ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -39134,12 +39134,12 @@ CVE-2018-6059
 CVE-2018-6058
 	RESERVED
 	- chromium-browser <not-affected> (Chromium doesn't bundle Flash)
-CVE-2018-6057
+CVE-2018-6057 (Lack of special casing of Android ashmem in Google Chrome prior to 65. ...)
 	{DSA-4182-1}
 	- chromium-browser 65.0.3325.146-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6056
+CVE-2018-6056 (Type confusion could lead to a heap out-of-bounds write in V8 in Googl ...)
 	{DSA-4182-1}
 	[experimental] - chromium-browser 65.0.3325.73-1
 	- chromium-browser 65.0.3325.146-1
@@ -39147,56 +39147,56 @@ CVE-2018-6056
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	- libv8 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-CVE-2018-6055
+CVE-2018-6055 (Insufficient policy enforcement in Catalog Service in Google Chrome pr ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6054
+CVE-2018-6054 (Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowe ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6053
+CVE-2018-6053 (Inappropriate implementation in New Tab Page in Google Chrome prior to ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6052
+CVE-2018-6052 (Lack of support for a non standard no-referrer policy value in Blink i ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6051
+CVE-2018-6051 (XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure th ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6050
+CVE-2018-6050 (Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.1 ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6049
+CVE-2018-6049 (Incorrect security UI in permissions prompt in Google Chrome prior to  ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6048
+CVE-2018-6048 (Insufficient policy enforcement in Blink in Google Chrome prior to 64. ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6047
+CVE-2018-6047 (Insufficient policy enforcement in WebGL in Google Chrome prior to 64. ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6046
+CVE-2018-6046 (Insufficient data validation in DevTools in Google Chrome prior to 64. ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6045
+CVE-2018-6045 (Insufficient policy enforcement in DevTools in Google Chrome prior to  ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -39206,67 +39206,67 @@ CVE-2018-6044
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-6043
+CVE-2018-6043 (Insufficient data validation in External Protocol Handler in Google Ch ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6042
+CVE-2018-6042 (Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.1 ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6041
+CVE-2018-6041 (Incorrect security UI in navigation in Google Chrome prior to 64.0.328 ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6040
+CVE-2018-6040 (Insufficient policy enforcement in Blink in Google Chrome prior to 64. ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6039
+CVE-2018-6039 (Insufficient data validation in DevTools in Google Chrome prior to 64. ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6038
+CVE-2018-6038 (Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119  ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6037
+CVE-2018-6037 (Inappropriate implementation in autofill in Google Chrome prior to 64. ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6036
+CVE-2018-6036 (Insufficient data validation in V8 in Google Chrome prior to 64.0.3282 ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6035
+CVE-2018-6035 (Insufficient policy enforcement in DevTools in Google Chrome prior to  ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6034
+CVE-2018-6034 (Insufficient data validation in WebGL in Google Chrome prior to 64.0.3 ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6033
+CVE-2018-6033 (Insufficient data validation in Downloads in Google Chrome prior to 64 ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6032
+CVE-2018-6032 (Insufficient policy enforcement in Blink in Google Chrome prior to 64. ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2018-6031
+CVE-2018-6031 (Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allow ...)
 	{DSA-4103-1}
 	- chromium-browser 64.0.3282.119-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
@@ -39275,23 +39275,23 @@ CVE-2018-6030
 	RESERVED
 CVE-2018-1000016
 	REJECTED
-CVE-2018-1000015
+CVE-2018-1000015 (On Jenkins instances with Authorize Project plugin, the authentication ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000014
+CVE-2018-1000014 (Jenkins Translation Assistance Plugin 1.15 and earlier did not require ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000013
+CVE-2018-1000013 (Jenkins Release Plugin 2.9 and earlier did not require form submission ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000012
+CVE-2018-1000012 (Jenkins Warnings Plugin 4.64 and earlier processes XML external entiti ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000011
+CVE-2018-1000011 (Jenkins FindBugs Plugin 4.71 and earlier processes XML external entiti ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000010
+CVE-2018-1000010 (Jenkins DRY Plugin 2.49 and earlier processes XML external entities in ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000009
+CVE-2018-1000009 (Jenkins Checkstyle Plugin 3.49 and earlier processes XML external enti ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-1000008
+CVE-2018-1000008 (Jenkins PMD Plugin 3.49 and earlier processes XML external entities in ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2018-6029
+CVE-2018-6029 (The copy function in application/admin/controller/Article.php in NoneC ...)
 	NOT-FOR-US: NoneCms
 CVE-2018-6028
 	RESERVED
@@ -39301,49 +39301,49 @@ CVE-2018-6026
 	RESERVED
 CVE-2018-6025
 	RESERVED
-CVE-2018-6024
+CVE-2018-6024 (SQL Injection exists in the Project Log 1.5.3 component for Joomla! vi ...)
 	NOT-FOR-US: Project Log component for Joomla!
-CVE-2018-6023
+CVE-2018-6023 (Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts  ...)
 	NOT-FOR-US: Fastweb FASTgate
-CVE-2018-6022
+CVE-2018-6022 (Directory traversal vulnerability in application/admin/controller/Main ...)
 	NOT-FOR-US: NoneCms
-CVE-2018-6021
+CVE-2018-6021 (Silex SD-320AN version 2.01 and prior and GE MobileLink(GEH-SD-320AN)  ...)
 	NOT-FOR-US: Silex Technology products
-CVE-2018-6020
+CVE-2018-6020 (In Silex SX-500 all versions and GE MobileLink(GEH-500) version 1.54 a ...)
 	NOT-FOR-US: Silex Technology products
-CVE-2018-6019
+CVE-2018-6019 (Samsung Display Solutions App before 3.02 for Android allows man-in-th ...)
 	NOT-FOR-US: Samsung Display Solutions App for Android
-CVE-2018-6018
+CVE-2018-6018 (Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android ap ...)
 	NOT-FOR-US: Tinder
-CVE-2018-6017
+CVE-2018-6017 (Unencrypted transmission of images in Tinder iOS app and Tinder Androi ...)
 	NOT-FOR-US: Tinder
-CVE-2018-6016
+CVE-2018-6016 (Unquoted Windows search path vulnerability in the srvInventoryWebServe ...)
 	NOT-FOR-US: 10-Strike Network Monitor
-CVE-2018-6015
+CVE-2018-6015 (An issue was discovered in the "Email Subscribers &amp; Newsletters" p ...)
 	NOT-FOR-US: "Email Subscribers & Newsletters" plugin for WordPress
-CVE-2018-6014
+CVE-2018-6014 (Subsonic v6.1.3 has an insecure allow-access-from domain="*" Flash cro ...)
 	NOT-FOR-US: Subsonic
-CVE-2018-6013
+CVE-2018-6013 (Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote users t ...)
 	NOT-FOR-US: BigTree CMS
-CVE-2018-6012
+CVE-2018-6012 (The 'Weather Service' feature of the Green Electronics RainMachine Min ...)
 	NOT-FOR-US: Green Electronics
-CVE-2018-6011
+CVE-2018-6011 (The time-based one-time-password (TOTP) function in the application lo ...)
 	NOT-FOR-US: Green Electronics
-CVE-2018-6010
+CVE-2018-6010 (In Yii Framework 2.x before 2.0.14, remote attackers could obtain pote ...)
 	- yii <itp> (bug #597899)
-CVE-2018-6009
+CVE-2018-6009 (In Yii Framework 2.x before 2.0.14, the switchIdentity function in web ...)
 	- yii <itp> (bug #597899)
-CVE-2018-6008
+CVE-2018-6008 (Arbitrary File Download exists in the Jtag Members Directory 5.3.7 com ...)
 	NOT-FOR-US: Jtag Members Directory component for Joomla!
-CVE-2018-6007
+CVE-2018-6007 (CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and a ...)
 	NOT-FOR-US: Support Ticket component for Joomla!
-CVE-2018-6006
+CVE-2018-6006 (SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via t ...)
 	NOT-FOR-US: JS Autoz component for Joomla!
-CVE-2018-6005
+CVE-2018-6005 (SQL Injection exists in the Realpin through 1.5.04 component for Jooml ...)
 	NOT-FOR-US: Realpin component for Joomla!
-CVE-2018-6004
+CVE-2018-6004 (SQL Injection exists in the File Download Tracker 3.0 component for Jo ...)
 	NOT-FOR-US: File Download Tracker component for Joomla!
-CVE-2018-6003
+CVE-2018-6003 (An issue was discovered in the _asn1_decode_simple_ber function in dec ...)
 	{DSA-4106-1}
 	- libtasn1-6 4.13-2
 	[jessie] - libtasn1-6 <not-affected> (Vulnerable code introduced in 4.3)
@@ -39351,125 +39351,125 @@ CVE-2018-6003
 	NOTE: https://lists.gnu.org/archive/html/help-libtasn1/2018-01/msg00000.html
 	NOTE: Affected function introduced in: http://git.savannah.nongnu.org/cgit/libtasn1.git/commit/lib/decoding.c?id=b12bfa8932f44d1d1c25b4a2e385387a62dfbcc9 (libtasn1_4_3)
 	NOTE: Fixed by: https://gitlab.com/gnutls/libtasn1/commit/c593ae84cfcde8fea45787e53950e0ac71e9ca97 (libtasn1_4_13)
-CVE-2018-6002
+CVE-2018-6002 (The Soundy Background Music plugin 3.9 and below for WordPress has Cro ...)
 	NOT-FOR-US: Soundy Background Music plugin for WordPress
-CVE-2018-6001
+CVE-2018-6001 (The Soundy Audio Playlist plugin 4.6 and below for WordPress has Cross ...)
 	NOT-FOR-US: Soundy Audio Playlist plugin for WordPress
-CVE-2018-6000
+CVE-2018-6000 (An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vp ...)
 	NOT-FOR-US: AsusWRT
-CVE-2018-5999
+CVE-2018-5999 (An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the ha ...)
 	NOT-FOR-US: AsusWRT
 CVE-2018-5998
 	RESERVED
-CVE-2018-5997
+CVE-2018-5997 (An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.0 ...)
 	NOT-FOR-US: RAVPower Filehub
-CVE-2018-1000007
+CVE-2018-1000007 (libcurl 7.1 through 7.57.0 might accidentally leak authentication data ...)
 	{DSA-4098-1 DLA-1263-1}
 	- curl 7.58.0-1
 	NOTE: https://curl.haxx.se/docs/adv_2018-b3bf.html
 	NOTE: Patch: https://github.com/curl/curl/commit/af32cd3859336ab.patch
-CVE-2018-5996
+CVE-2018-5996 (Insufficient exception handling in the method NCompress::NRar3::CDecod ...)
 	- p7zip-rar 16.02-2 (bug #888314)
 	[stretch] - p7zip-rar <no-dsa> (Non-free not supported)
 	[jessie] - p7zip-rar <no-dsa> (Non-free not supported)
 	[wheezy] - p7zip-rar <no-dsa> (Non-free not supported)
 	NOTE: https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/
-CVE-2018-5995
+CVE-2018-5995 (The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel ...)
 	- linux 4.15.4-1
 	[stretch] - linux <ignored> (kernel log restricted to root by default)
-CVE-2018-5994
+CVE-2018-5994 (SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via th ...)
 	NOT-FOR-US: JS Jobs component for Joomla!
-CVE-2018-5993
+CVE-2018-5993 (SQL Injection exists in the Aist through 2.0 component for Joomla! via ...)
 	NOT-FOR-US: Aist component for Joomla!
-CVE-2018-5992
+CVE-2018-5992 (SQL Injection exists in the Staff Master through 1.0 RC 1 component fo ...)
 	NOT-FOR-US: Staff Master component for Joomla!
-CVE-2018-5991
+CVE-2018-5991 (SQL Injection exists in the Form Maker 3.6.12 component for Joomla! vi ...)
 	NOT-FOR-US: Form Maker component for Joomla!
-CVE-2018-5990
+CVE-2018-5990 (SQL Injection exists in the AllVideos Reloaded 1.2.x component for Joo ...)
 	NOT-FOR-US: AllVideos Reloaded component for Joomla!
-CVE-2018-5989
+CVE-2018-5989 (SQL Injection exists in the ccNewsletter 2.x component for Joomla! via ...)
 	NOT-FOR-US: ccNewsletter component for Joomla!
-CVE-2018-5988
+CVE-2018-5988 (SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobi ...)
 	NOT-FOR-US: Flexible Poll
-CVE-2018-5987
+CVE-2018-5987 (SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 compon ...)
 	NOT-FOR-US: Pinterest Clone Social Pinboard component for Joomla!
-CVE-2018-5986
+CVE-2018-5986 (SQL Injection exists in Easy Car Script 2014 via the s_order or s_row  ...)
 	NOT-FOR-US: Easy Car Script
-CVE-2018-5985
+CVE-2018-5985 (SQL Injection exists in the LiveCRM SaaS Cloud 1.0 component for Jooml ...)
 	NOT-FOR-US: LiveCRM SaaS Cloud
-CVE-2018-5984
+CVE-2018-5984 (SQL Injection exists in the Tumder (An Arcade Games Platform) 2.1 comp ...)
 	NOT-FOR-US: Tumder
-CVE-2018-5983
+CVE-2018-5983 (SQL Injection exists in the JquickContact 1.3.2.2.1 component for Joom ...)
 	NOT-FOR-US: JquickContact component for Joomla!
-CVE-2018-5982
+CVE-2018-5982 (SQL Injection exists in the Advertisement Board 3.1.0 component for Jo ...)
 	NOT-FOR-US: Advertisement Board component for Joomla!
-CVE-2018-5981
+CVE-2018-5981 (SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via ...)
 	NOT-FOR-US: Gallery WD component for Joomla!
-CVE-2018-5980
+CVE-2018-5980 (SQL Injection exists in the Solidres 2.5.1 component for Joomla! via t ...)
 	NOT-FOR-US: Solidres component for Joomla!
-CVE-2018-5979
+CVE-2018-5979 (SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1. ...)
 	NOT-FOR-US: Wchat Fully Responsive PHP AJAX Chat Script
-CVE-2018-5978
+CVE-2018-5978 (SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via th ...)
 	NOT-FOR-US: Facebook Style Php Ajax Chat Zechat
-CVE-2018-5977
+CVE-2018-5977 (SQL Injection exists in Affiligator Affiliate Webshop Management Syste ...)
 	NOT-FOR-US: Affiligator Affiliate Webshop Management System
-CVE-2018-5976
+CVE-2018-5976 (Cross Site Request Forgery (CSRF) exists in RSVP Invitation Online 1.0 ...)
 	NOT-FOR-US: RSVP Invitation Online
-CVE-2018-5975
+CVE-2018-5975 (SQL Injection exists in the Smart Shoutbox 3.0.0 component for Joomla! ...)
 	NOT-FOR-US: Smart Shoutbox component for Joomla!
-CVE-2018-5974
+CVE-2018-5974 (SQL Injection exists in the SimpleCalendar 3.1.9 component for Joomla! ...)
 	NOT-FOR-US: SimpleCalendar component for Joomla!
-CVE-2018-5973
+CVE-2018-5973 (SQL Injection exists in Professional Local Directory Script 1.0 via th ...)
 	NOT-FOR-US: Professional Local Directory Script
-CVE-2018-5972
+CVE-2018-5972 (SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keyword ...)
 	NOT-FOR-US: Classified Ads CMS Quickad
-CVE-2018-5971
+CVE-2018-5971 (SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joo ...)
 	NOT-FOR-US: MediaLibrary Free component for Joomla!
-CVE-2018-5970
+CVE-2018-5970 (SQL Injection exists in the JGive 2.0.9 component for Joomla! via the  ...)
 	NOT-FOR-US: JGive component for Joomla!
-CVE-2018-5969
+CVE-2018-5969 (Cross Site Request Forgery (CSRF) exists in Photography CMS 1.0 via cl ...)
 	NOT-FOR-US: Photography CMS
-CVE-2018-5968
+CVE-2018-5968 (FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allo ...)
 	{DSA-4114-1}
 	- jackson-databind 2.9.4-1 (bug #888316)
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/1899
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05
-CVE-2018-5967
+CVE-2018-5967 (Netis WF2419 V2.2.36123 devices allow XSS via the Description paramete ...)
 	NOT-FOR-US: Netis WF2419 V2.2.36123 devices
 CVE-2018-5966
 	RESERVED
-CVE-2018-5965
+CVE-2018-5965 (CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-5964
+CVE-2018-5964 (CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-5963
+CVE-2018-5963 (CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/addbookmark.php via the ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2018-5962
+CVE-2018-5962 (index.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0 ...)
 	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
-CVE-2018-5961
+CVE-2018-5961 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has X ...)
 	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
-CVE-2018-5960
+CVE-2018-5960 (Zenario v7.1 - v7.6 has SQL injection via the `Name` input field of or ...)
 	NOT-FOR-US: Zenario
 CVE-2018-5959
 	RESERVED
-CVE-2018-5958
+CVE-2018-5958 (In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows loca ...)
 	NOT-FOR-US: Zillya! Antivirus
-CVE-2018-5957
+CVE-2018-5957 (In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows loca ...)
 	NOT-FOR-US: Zillya! Antivirus
-CVE-2018-5956
+CVE-2018-5956 (In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows loca ...)
 	NOT-FOR-US: Zillya! Antivirus
-CVE-2018-5955
+CVE-2018-5955 (An issue was discovered in GitStack through 2.3.10. User controlled in ...)
 	NOT-FOR-US: GitStack
-CVE-2018-5954
+CVE-2018-5954 (phpFreeChat 1.7 and earlier allows remote attackers to cause a denial  ...)
 	NOT-FOR-US: phpFreeChat
-CVE-2018-5953
+CVE-2018-5953 (The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel t ...)
 	- linux 4.15.4-1
 	[stretch] - linux <ignored> (kernel log restricted to root by default)
 CVE-2018-5952
 	RESERVED
 CVE-2018-5951
 	RESERVED
-CVE-2018-5950
+CVE-2018-5950 (Cross-site scripting (XSS) vulnerability in the web UI in Mailman befo ...)
 	{DSA-4108-1 DLA-1272-1}
 	- mailman 1:2.1.26-1 (bug #888201)
 	NOTE: https://mail.python.org/pipermail/mailman-users/2018-February/083011.html
@@ -39523,49 +39523,49 @@ CVE-2018-5927
 	RESERVED
 CVE-2018-5926
 	RESERVED
-CVE-2018-5925
+CVE-2018-5925 (A security vulnerability has been identified with certain HP Inkjet pr ...)
 	NOT-FOR-US: HP Inkjet printers
-CVE-2018-5924
+CVE-2018-5924 (A security vulnerability has been identified with certain HP Inkjet pr ...)
 	NOT-FOR-US: HP Inkjet printers
 CVE-2018-5923
 	RESERVED
 CVE-2018-5922
 	RESERVED
-CVE-2018-5921
+CVE-2018-5921 (A potential security vulnerability has been identified with certain HP ...)
 	NOT-FOR-US: HP printers
 CVE-2018-5920
 	RESERVED
-CVE-2018-5919
+CVE-2018-5919 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Android
-CVE-2018-5918
+CVE-2018-5918 (Possible buffer overflow in DRM Trusted application due to lack of che ...)
 	NOT-FOR-US: Snapdragon
-CVE-2018-5917
+CVE-2018-5917 (Possible buffer overflow in OEM crypto function due to improper input  ...)
 	NOT-FOR-US: Snapdragon
-CVE-2018-5916
+CVE-2018-5916 (Buffer overread while decoding PDP modify request or network initiated ...)
 	NOT-FOR-US: Snapdragon
-CVE-2018-5915
+CVE-2018-5915 (Exception in Modem IP stack while processing IPv6 packet in snapdragon ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5914
+CVE-2018-5914 (Improper input validation in TZ led to array out of bound in TZ functi ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5913
 	RESERVED
-CVE-2018-5912
+CVE-2018-5912 (Potential buffer overflow in Video due to lack of input validation in  ...)
 	NOT-FOR-US: Snapdragon
 CVE-2018-5911
 	RESERVED
-CVE-2018-5910
+CVE-2018-5910 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5909
+CVE-2018-5909 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5908
+CVE-2018-5908 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5907
+CVE-2018-5907 (Possible buffer overflow in msm_adsp_stream_callback_put due to lack o ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5906
+CVE-2018-5906 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5905
+CVE-2018-5905 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5904
+CVE-2018-5904 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5903
 	RESERVED
@@ -39575,322 +39575,322 @@ CVE-2018-5901
 	RESERVED
 CVE-2018-5900
 	RESERVED
-CVE-2018-5899
+CVE-2018-5899 (In Android releases from CAF using the linux kernel (Android for MSM,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5898
+CVE-2018-5898 (Integer overflow can occur in msm_pcm_adsp_stream_cmd_put() function i ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5897
+CVE-2018-5897 (While reading the data from buffer in dci_process_ctrl_status() there  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5896
+CVE-2018-5896 (In Android releases from CAF using the linux kernel (Android for MSM,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5895
+CVE-2018-5895 (Buffer over-read may happen in wma_process_utf_event() due to improper ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5894
+CVE-2018-5894 (Improper Validation of Array Index in Multimedia While parsing an mp4  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5893
+CVE-2018-5893 (While processing a message from firmware in htt_t2h_msg_handler_fast() ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5892
+CVE-2018-5892 (The Touch Pal application can collect user behavior data without aware ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5891
+CVE-2018-5891 (While processing modem SSR after IMS is registered, the IMS data daemo ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5890
+CVE-2018-5890 (If the fdt_totalsize is reported as 0 for the current device tree, it  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5889
+CVE-2018-5889 (While processing a compressed kernel image, a buffer overflow can occu ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5888
+CVE-2018-5888 (While processing the system path, an out of bounds access can occur in ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5887
+CVE-2018-5887 (While processing the USB StrSerialDescriptor array, an array index out ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5886
+CVE-2018-5886 (A pointer in an ADSPRPC command is not properly validated in all Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5885
+CVE-2018-5885 (While loading dynamic fonts, a buffer overflow may occur if the number ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5884
+CVE-2018-5884 (Improper Access Control in Multimedia in Snapdragon Mobile and Snapdra ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5883
 	RESERVED
-CVE-2018-5882
+CVE-2018-5882 (While parsing a Flac file with a corrupted comment block, a buffer ove ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5881
+CVE-2018-5881 (Improper validation of buffer length checks in the lwm2m device manage ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5880
+CVE-2018-5880 (Improper data length check while processing an event report indication ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5879
+CVE-2018-5879 (Improper length check while processing an MQTT message can lead to hea ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5878
+CVE-2018-5878 (While sending the response to a RIL_REQUEST_GET_SMSC_ADDRESS message,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5877
+CVE-2018-5877 (In the device programmer target-side code for firehose, a string may n ...)
 	NOT-FOR-US: Snapdragon
-CVE-2018-5876
+CVE-2018-5876 (While parsing an mp4 file, a buffer overflow can occur in Snapdragon A ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5875
+CVE-2018-5875 (While parsing an mp4 file, an integer overflow leading to a buffer ove ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5874
+CVE-2018-5874 (While parsing an mp4 file, a stack-based buffer overflow can occur in  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5873
+CVE-2018-5873 (An issue was discovered in the __ns_get_path function in fs/nsfs.c in  ...)
 	- linux 4.11.6-1
 	[stretch] - linux 4.9.82-1+deb9u1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/073c516ff73557a8f7315066856c04b50383ac34
-CVE-2018-5872
+CVE-2018-5872 (While parsing over-the-air information elements in all Android release ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5871
+CVE-2018-5871 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5870
+CVE-2018-5870 (While loading a service image, an untrusted pointer dereference can oc ...)
 	NOT-FOR-US: Snapdragon
-CVE-2018-5869
+CVE-2018-5869 (Improper input validation in the QTEE keymaster app can lead to invali ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5868
+CVE-2018-5868 (Lack of checking input size can lead to buffer overflow In WideVine in ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5867
+CVE-2018-5867 (Lack of checking input size can lead to buffer overflow In WideVine in ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5866
+CVE-2018-5866 (While processing logs, data is copied into a buffer pointed to by an u ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5865
+CVE-2018-5865 (While processing a debug log event from firmware in all Android releas ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5864
+CVE-2018-5864 (While processing a WMI_APFIND event in all Android releases from CAF u ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5863
+CVE-2018-5863 (If userspace provides a too-large WPA RSN IE length in wlan_hdd_cfg802 ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5862
+CVE-2018-5862 (In __wlan_hdd_cfg80211_vendor_scan() in all Android releases from CAF  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5861
+CVE-2018-5861 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5860
+CVE-2018-5860 (In the MDSS driver in all Android releases(Android for MSM, Firefox OS ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5859
+CVE-2018-5859 (Due to a race condition in the MDSS MDP driver in all Android releases ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5858
+CVE-2018-5858 (In the audio debugfs in all Android releases from CAF using the Linux  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5857
+CVE-2018-5857 (In the WCD CPE codec, a Use After Free condition can occur in all Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5856
+CVE-2018-5856 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5855
+CVE-2018-5855 (While padding or shrinking a nested wmi packet in all Android releases ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5854
+CVE-2018-5854 (A stack-based buffer overflow can occur in fastboot from all Android r ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5853
+CVE-2018-5853 (A race condition exists in a driver in all Android releases from CAF u ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5852
 	RESERVED
-CVE-2018-5851
+CVE-2018-5851 (Buffer over flow can occur while processing a HTT_T2H_MSG_TYPE_TX_COMP ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5850
+CVE-2018-5850 (In the function csr_update_fils_params_rso(), insufficient validation  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5849
+CVE-2018-5849 (Due to a race condition in the QTEECOM driver in all Android releases  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5848
+CVE-2018-5848 (In the function wmi_set_ie(), the length validation code does not hand ...)
 	{DLA-1715-1}
 	- linux 4.16.5-1
 	[stretch] - linux 4.9.144-1
 	NOTE: Fixed by: https://git.kernel.org/linus/b5a8ffcae4103a9d823ea3aa3a761f65779fbe2a (4.16-rc1)
-CVE-2018-5847
+CVE-2018-5847 (Early or late retirement of rotation requests can result in a Use Afte ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5846
+CVE-2018-5846 (A Use After Free condition can occur in the IPA driver whenever the IP ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5845
+CVE-2018-5845 (A race condition in drm_atomic_nonblocking_commit() in the display dri ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5844
+CVE-2018-5844 (In the video driver function set_output_buffers(), binfo can be access ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5843
+CVE-2018-5843 (In the function wma_pdev_div_info_evt_handler() in all Android release ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5842
+CVE-2018-5842 (An arbitrary address write can occur if a compromised WLAN firmware se ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5841
+CVE-2018-5841 (dcc_curr_list is initialized with a default invalid value that is expe ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5840
+CVE-2018-5840 (Buffer Copy without Checking Size of Input can occur during the DRM SD ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5839
+CVE-2018-5839 (Improperly configured memory protection allows read/write access to mo ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5838
+CVE-2018-5838 (Improper Validation of Array Index In the adreno OpenGL driver in Snap ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5837
+CVE-2018-5837 (In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5836
+CVE-2018-5836 (In wma_nan_rsp_event_handler() in Android releases from CAF using the  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5835
+CVE-2018-5835 (If the seq_len is greater then CSR_MAX_RSC_LEN, a buffer overflow in _ ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5834
+CVE-2018-5834 (In __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potential ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5833
 	RESERVED
-CVE-2018-5832
+CVE-2018-5832 (Due to a race condition in a camera driver ioctl handler in Android re ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5831
+CVE-2018-5831 (In the KGSL driver in Android releases from CAF using the linux kernel ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5830
+CVE-2018-5830 (While processing the HTT_T2H_MSG_TYPE_MGMT_TX_COMPL_IND message, a buf ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5829
+CVE-2018-5829 (In wlan_hdd_cfg80211_set_privacy_ibss() in Android releases from CAF u ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5828
+CVE-2018-5828 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5827
+CVE-2018-5827 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5826
+CVE-2018-5826 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5825
+CVE-2018-5825 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5824
+CVE-2018-5824 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5823
+CVE-2018-5823 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5822
+CVE-2018-5822 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5821
+CVE-2018-5821 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5820
+CVE-2018-5820 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5819
+CVE-2018-5819 (An error within the "parse_sinar_ia()" function (internal/dcraw_common ...)
 	- libraw 0.19.1-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <ignored> (Minor issue)
 	NOTE: https://www.flexera.com/company/secunia-research/advisories/SR-2018-27.html
 	NOTE: https://github.com/LibRaw/LibRaw/commit/9eb76dc153f5acf42ec7325a33fe7ccdcadaf8d6
-CVE-2018-5818
+CVE-2018-5818 (An error within the "parse_rollei()" function (internal/dcraw_common.c ...)
 	- libraw 0.19.1-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <ignored> (Minor issue)
 	NOTE: https://www.flexera.com/company/secunia-research/advisories/SR-2018-27.html
 	NOTE: https://github.com/LibRaw/LibRaw/commit/9eb76dc153f5acf42ec7325a33fe7ccdcadaf8d6
-CVE-2018-5817
+CVE-2018-5817 (A type confusion error within the "unpacked_load_raw()" function withi ...)
 	- libraw 0.19.1-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <ignored> (Minor issue)
 	NOTE: https://www.flexera.com/company/secunia-research/advisories/SR-2018-27.html
 	NOTE: https://github.com/LibRaw/LibRaw/commit/9eb76dc153f5acf42ec7325a33fe7ccdcadaf8d6
-CVE-2018-5816
+CVE-2018-5816 (An integer overflow error within the "identify()" function (internal/d ...)
 	- libraw 0.18.13-1 (low)
 	[stretch] - libraw <not-affected> (Fix for CVE-2018-5804 not released in stretch)
 	[jessie] - libraw <not-affected> (Fix for CVE-2018-5804 not in jessie LTS)
 	NOTE: http://seclists.org/bugtraq/2018/Jul/58
 	NOTE: Issue caused by an incomplete fix for CVE-2018-5804
-CVE-2018-5815
+CVE-2018-5815 (An integer overflow error within the "parse_qt()" function (internal/d ...)
 	- libraw 0.18.13-1 (low)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/bugtraq/2018/Jul/58
-CVE-2018-5814
+CVE-2018-5814 (In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4. ...)
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
 	NOTE: https://git.kernel.org/linus/22076557b07c12086eeb16b8ce2b0b735f7a27e7
 	NOTE: https://git.kernel.org/linus/c171654caa875919be3c533d3518da8be5be966e
-CVE-2018-5813
+CVE-2018-5813 (An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibR ...)
 	- libraw 0.18.11-1 (low)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-13/
-CVE-2018-5812
+CVE-2018-5812 (An error within the "nikon_coolscan_load_raw()" function (internal/dcr ...)
 	- libraw 0.18.11-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/
-CVE-2018-5811
+CVE-2018-5811 (An error within the "nikon_coolscan_load_raw()" function (internal/dcr ...)
 	- libraw 0.18.11-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/
-CVE-2018-5810
+CVE-2018-5810 (An error within the "rollei_load_raw()" function (internal/dcraw_commo ...)
 	- libraw 0.18.11-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/
-CVE-2018-5809
+CVE-2018-5809 (An error within the "LibRaw::parse_exif()" function (internal/dcraw_co ...)
 	- libraw 0.18.11-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <ignored> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-9/
 	NOTE: https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9
-CVE-2018-5808
+CVE-2018-5808 (An error within the "find_green()" function (internal/dcraw_common.cpp ...)
 	- libraw 0.18.11-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <ignored> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-9/
 	NOTE: https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9
-CVE-2018-5807
+CVE-2018-5807 (An error within the "samsung_load_raw()" function (internal/dcraw_comm ...)
 	- libraw 0.18.11-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/
-CVE-2018-5806
+CVE-2018-5806 (An error within the "leaf_hdr_load_raw()" function (internal/dcraw_com ...)
 	- libraw 0.18.8-1 (low)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03
-CVE-2018-5805
+CVE-2018-5805 (A boundary error within the "quicktake_100_load_raw()" function (inter ...)
 	- libraw 0.18.8-1 (low)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03
-CVE-2018-5804
+CVE-2018-5804 (A type confusion error within the "identify()" function (internal/dcra ...)
 	- libraw 0.18.8-1 (low)
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03
-CVE-2018-5803
+CVE-2018-5803 (In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4 ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c
-CVE-2018-5802
+CVE-2018-5802 (An error within the "kodak_radc_load_raw()" function (internal/dcraw_c ...)
 	- libraw 0.18.7-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <ignored> (Minor issue)
 	NOTE: https://packetstormsecurity.com/files/146172/secunia-libraw.txt
 	NOTE: https://github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4
-CVE-2018-5801
+CVE-2018-5801 (An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) i ...)
 	- libraw 0.18.7-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <ignored> (Minor issue)
 	NOTE: https://packetstormsecurity.com/files/146172/secunia-libraw.txt
 	NOTE: https://github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4
-CVE-2018-5800
+CVE-2018-5800 (An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" functi ...)
 	- libraw 0.18.7-1
 	[stretch] - libraw <no-dsa> (Minor issue)
 	[jessie] - libraw <no-dsa> (Minor issue)
 	[wheezy] - libraw <ignored> (Minor issue)
 	NOTE: https://packetstormsecurity.com/files/146172/secunia-libraw.txt
 	NOTE: https://github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4
-CVE-2018-1000006
+CVE-2018-1000006 (GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, ...)
 	- electron <itp> (bug #842420)
 	NOTE: Linux is not affected
 	NOTE: https://electronjs.org/blog/protocol-handler-fix
 	NOTE: https://nodesecurity.io/advisories/563
-CVE-2018-5799
+CVE-2018-5799 (In Zoho ManageEngine ServiceDesk Plus before 9403, an XSS issue allows ...)
 	NOT-FOR-US: Zoho
 CVE-2018-5798
 	RESERVED
-CVE-2018-5797
+CVE-2018-5797 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x b ...)
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5796
+CVE-2018-5796 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x b ...)
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5795
+CVE-2018-5795 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x b ...)
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5794
+CVE-2018-5794 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x b ...)
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5793
+CVE-2018-5793 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x b ...)
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5792
+CVE-2018-5792 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x b ...)
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5791
+CVE-2018-5791 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x b ...)
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5790
+CVE-2018-5790 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x b ...)
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5789
+CVE-2018-5789 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x b ...)
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5788
+CVE-2018-5788 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x b ...)
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5787
+CVE-2018-5787 (An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x b ...)
 	NOT-FOR-US: Extreme Networks ExtremeWireless WiNG
-CVE-2018-5786
+CVE-2018-5786 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and app ...)
 	- lrzip 0.631+git180517-1 (bug #888506)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/91
-CVE-2018-5785
+CVE-2018-5785 (In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bo ...)
 	{DSA-4405-1}
 	- openjpeg2 2.3.0-2 (low; bug #888533)
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later)
@@ -39898,14 +39898,14 @@ CVE-2018-5785
 	NOTE: https://github.com/uclouvain/openjpeg/commit/ca16fe55014c57090dd97369256c7657aeb25975
 	NOTE: vulnerable code introduced in
 	NOTE: https://github.com/uclouvain/openjpeg/commit/33a0e66eb129c4e91b555a6b8dd9eab512fbfeb8
-CVE-2018-5784
+CVE-2018-5784 (In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the ...)
 	{DSA-4349-1 DLA-1411-1 DLA-1391-1}
 	- tiff 4.0.9-4 (bug #890441)
 	- tiff3 <removed>
 	[wheezy] - tiff3 <postponed> (Minor issue, revisit once fixed upstream)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2772
 	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/commit/473851d211cf8805a161820337ca74cc9615d6ef
-CVE-2018-5783
+CVE-2018-5783 (In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoD ...)
 	- libpodofo 0.9.6+dfsg-4 (bug #916142)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -39913,25 +39913,25 @@ CVE-2018-5783
 	NOTE: https://sourceforge.net/p/podofo/tickets/4/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1536179
 	NOTE: https://sourceforge.net/p/podofo/code/1949
-CVE-2018-5782
+CVE-2018-5782 (A vulnerability in the conferencing component of Mitel Connect ONSITE, ...)
 	NOT-FOR-US: Mitel
-CVE-2018-5781
+CVE-2018-5781 (A vulnerability in the conferencing component of Mitel Connect ONSITE, ...)
 	NOT-FOR-US: Mitel
-CVE-2018-5780
+CVE-2018-5780 (A vulnerability in the conferencing component of Mitel Connect ONSITE, ...)
 	NOT-FOR-US: Mitel
-CVE-2018-5779
+CVE-2018-5779 (A vulnerability in the conferencing component of Mitel Connect ONSITE, ...)
 	NOT-FOR-US: Mitel
-CVE-2018-5778
+CVE-2018-5778 (An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1  ...)
 	NOT-FOR-US: Ipswitch WhatsUp Gold
-CVE-2018-5777
+CVE-2018-5777 (An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1  ...)
 	NOT-FOR-US: Ipswitch WhatsUp Gold
 CVE-2018-5775
 	RESERVED
 CVE-2018-5774
 	RESERVED
-CVE-2018-5773
+CVE-2018-5773 (An issue was discovered in markdown2 (aka python-markdown2) through 2. ...)
 	NOT-FOR-US: python-markdown2 (not our markdown, different code base)
-CVE-2018-5776
+CVE-2018-5776 (WordPress before 4.9.2 has XSS in the Flash fallback files in MediaEle ...)
 	- wordpress 4.9.2+dfsg-1 (bug #887596)
 	[stretch] - wordpress <not-affected> (Vulnerable files have been removed before)
 	[jessie] - wordpress <not-affected> (Vulnerable files have been removed before)
@@ -39942,72 +39942,72 @@ CVE-2018-5776
 	NOTE: final wordpress version 4.9.2 which finally removed the mediaelement files.
 	NOTE: https://wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/3fe9cb61ee71fcfadb5e002399296fcc1198d850
-CVE-2018-5772
+CVE-2018-5772 (In Exiv2 0.26, there is a segmentation fault caused by uncontrolled re ...)
 	[experimental] - exiv2 <unfixed> (bug #888862)
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/216
 CVE-2018-5771
 	RESERVED
-CVE-2018-5770
+CVE-2018-5770 (An issue was discovered on Tenda AC15 devices. A remote, unauthenticat ...)
 	NOT-FOR-US: Tenda AC15 devices
 CVE-2018-5769
 	RESERVED
-CVE-2018-5768
+CVE-2018-5768 (A remote, unauthenticated attacker can gain remote code execution on t ...)
 	NOT-FOR-US: Tenda AC15 router
-CVE-2018-5767
+CVE-2018-5767 (An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A rem ...)
 	NOT-FOR-US: Tenda AC15 V15.03.1.16_multi devices
-CVE-2018-5766
+CVE-2018-5766 (In Libav through 12.2, there is an invalid memcpy in the av_packet_ref ...)
 	- libav <removed>
 	[wheezy] - libav <ignored> (Minor issue)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1112
 CVE-2018-5765
 	RESERVED
-CVE-2018-5764
+CVE-2018-5764 (The parse_arguments function in options.c in rsyncd in rsync before 3. ...)
 	{DLA-1247-1}
 	- rsync 3.1.2-2.2 (bug #887588)
 	[stretch] - rsync <no-dsa> (Minor issue)
 	[jessie] - rsync <no-dsa> (Minor issue)
 	NOTE: https://git.samba.org/rsync.git/?p=rsync.git;a=commit;h=7706303828fcde524222babb2833864a4bd09e07
-CVE-2018-5763
+CVE-2018-5763 (An issue was discovered in OXID eShop Enterprise Edition before 5.3.7  ...)
 	NOT-FOR-US: OXID eShop Enterprise Edition
-CVE-2018-5762
+CVE-2018-5762 (The TLS implementation in the TCP/IP networking module in Unisys Clear ...)
 	NOT-FOR-US: Unisys ClearPath MCP systems
-CVE-2018-5761
+CVE-2018-5761 (A man-in-the-middle vulnerability related to vCenter access was found  ...)
 	NOT-FOR-US: Rubrik CDM
 CVE-2018-5760
 	RESERVED
-CVE-2018-5759
+CVE-2018-5759 (jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the ...)
 	NOT-FOR-US: MuJS
-CVE-2018-5758
+CVE-2018-5758 (The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0. ...)
 	NOT-FOR-US: Aurea Jive Jive-n
 CVE-2018-5757
 	RESERVED
-CVE-2018-5756
+CVE-2018-5756 (The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2018-5755
+CVE-2018-5755 (Absolute path traversal vulnerability in the readerengine component in ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2018-5754
+CVE-2018-5754 (Cross-site scripting (XSS) vulnerability in the office-web component i ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2018-5753
+CVE-2018-5753 (The frontend component in Open-Xchange OX App Suite before 7.6.3-rev31 ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2018-5752
+CVE-2018-5752 (The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2018-5751
+CVE-2018-5751 (The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, ...)
 	NOT-FOR-US: Open-Xchange
-CVE-2018-5750
+CVE-2018-5750 (The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux ke ...)
 	{DSA-4187-1 DSA-4120-1 DLA-1369-1}
 	- linux 4.15.4-1
 	NOTE: https://patchwork.kernel.org/patch/10174835/
-CVE-2018-5749
+CVE-2018-5749 (install.php in Minecraft Servers List Lite before commit c1cd164 and P ...)
 	NOT-FOR-US: Minecraft Servers List Lite
-CVE-2018-5748
+CVE-2018-5748 (qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of s ...)
 	{DLA-1315-1}
 	- libvirt 4.0.0-1 (bug #887700)
 	[stretch] - libvirt 3.0.0-4+deb9u2
 	[jessie] - libvirt 1.2.9-9+deb8u5
 	NOTE: https://www.redhat.com/archives/libvir-list/2017-December/msg00749.html
 	NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=bc251ea91bcfddd2622fce6bce701a438b2e7276
-CVE-2018-5747
+CVE-2018-5747 (In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the  ...)
 	- lrzip 0.631+git180517-1 (bug #898451)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
@@ -40042,34 +40042,34 @@ CVE-2018-5742 [Crash from assertion error when debug log level is 10 and log ent
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1655844
 	NOTE: https://bugs.centos.org/view.php?id=15528
 	NOTE: Introduced by https://bugzilla.redhat.com/show_bug.cgi?id=1452091
-CVE-2018-5741
+CVE-2018-5741 (To provide fine-grained controls over the ability to use Dynamic DNS ( ...)
 	- bind9 1:9.11.5+dfsg-1 (unimportant; bug #908595)
 	NOTE: https://kb.isc.org/docs/cve-2018-5741
 	NOTE: No code fix provided; Incorrect documentation of krb5-subdomain and ms-subdomain update policies.
 	NOTE: Will be adressed in 9.11.5, 9.12.3
-CVE-2018-5740
+CVE-2018-5740 ("deny-answer-aliases" is a little-used feature intended to help recurs ...)
 	{DLA-1485-1}
 	- bind9 1:9.11.4.P1+dfsg-1 (bug #905743)
 	[stretch] - bind9 <postponed> (Can be fixed along in the next DSA)
 	NOTE: https://kb.isc.org/article/AA-01639/74/CVE-2018-5740
 	NOTE: https://gitlab.isc.org/isc-projects/bind9/merge_requests/607/commits
-CVE-2018-5739
+CVE-2018-5739 (An extension to hooks capabilities which debuted in Kea 1.4.0 introduc ...)
 	- isc-kea <not-affected> (Vulnerable code introduced in Kea 1.4.0)
 	NOTE: https://kb.isc.org/article/AA-01626
 	NOTE: 1.4.0-1 was uploaded to experimental as https://tracker.debian.org/news/973011
 	NOTE: Tracking bug as #903729 with RC severity so this version does
 	NOTE: not enter unstable without fix.
-CVE-2018-5738
+CVE-2018-5738 (Change #4777 (introduced in October 2017) introduced an unforeseen iss ...)
 	- bind9 1:9.11.3+dfsg-2 (bug #901483)
 	[stretch] - bind9 <not-affected> (Vulnerable code introduced later)
 	[jessie] - bind9 <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by upstream change #4777
 	NOTE: Introduced by: https://gitlab.isc.org/isc-projects/bind9/commit/89636d8f305956ad42e95a988502c7345e85ffe1
 	NOTE: https://kb.isc.org/article/AA-01616/0/CVE-2018-5738
-CVE-2018-5737
+CVE-2018-5737 (A problem with the implementation of the new serve-stale feature in BI ...)
 	- bind9 <not-affected> (only affects 9.12, not yet packaged)
 	NOTE: https://kb.isc.org/article/AA-01606
-CVE-2018-5736
+CVE-2018-5736 (An error in zone database reference counting can lead to an assertion  ...)
 	- bind9 <not-affected> (only affects 9.12, not yet packaged)
 	NOTE: https://kb.isc.org/article/AA-01602
 CVE-2018-5735 [assertion failure in validator.c:1858]
@@ -40080,10 +40080,10 @@ CVE-2018-5735 [assertion failure in validator.c:1858]
 	NOTE: Mark as fixed version the 1:9.9.3.dfsg.P2-1 as the related code was
 	NOTE: added upstream in 9.9.3b1. The issue though does not affect bind9 upstream
 	NOTE: and is only triggered as described in #889285.
-CVE-2018-5734
+CVE-2018-5734 (While handling a particular type of malformed packet BIND erroneously  ...)
 	- bind9 <not-affected> (Only affects Supported Preview Edition/Subscription Edition)
 	NOTE: https://kb.isc.org/article/AA-01562/74/CVE-2018-5734
-CVE-2018-5733
+CVE-2018-5733 (A malicious client which is allowed to send very large amounts of traf ...)
 	{DSA-4133-1 DLA-1313-1}
 	- isc-dhcp 4.3.5-3.1 (bug #891785)
 	NOTE: https://kb.isc.org/article/AA-01567/75/CVE-2018-5733
@@ -40098,7 +40098,7 @@ CVE-2018-5732 [A specially constructed response from a malicious server can caus
 	NOTE: https://bugs.isc.org/Public/Bug/Display.html?id=47139
 	NOTE: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=c5931725b48b121d232df4ba9e45bc41e0ba114d (4.4.1)
 	NOTE: Fixes for 4.3.6p1: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=99a25aedea02d9c259cb8fabf4be700fb32571a3
-CVE-2018-1000005
+CVE-2018-1000005 (libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in  ...)
 	- curl 7.58.0-1
 	[stretch] - curl 7.52.1-5+deb9u4
 	[jessie] - curl <not-affected> (Vulnerable code introduce later)
@@ -40107,63 +40107,63 @@ CVE-2018-1000005
 	NOTE: https://curl.haxx.se/docs/adv_2018-824a.html
 	NOTE: Introduced by: https://github.com/curl/curl/commit/0761a51ee0551ad9e5
 	NOTE: Patch: https://github.com/curl/curl/commit/fa3dbb9a147488a294.patch
-CVE-2018-5731
+CVE-2018-5731 (An issue was discovered in Heimdal PRO 2.2.190. As part of the scannin ...)
 	NOT-FOR-US: Heimdal PRO
-CVE-2018-5730
+CVE-2018-5730 (MIT krb5 1.6 or later allows an authenticated kadmin with permission t ...)
 	{DLA-1643-1}
 	- krb5 1.16.1-1 (bug #891869)
 	[stretch] - krb5 <no-dsa> (Minor issue)
 	[wheezy] - krb5 <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
-CVE-2018-5729
+CVE-2018-5729 (MIT krb5 1.6 or later allows an authenticated kadmin with permission t ...)
 	{DLA-1643-1}
 	- krb5 1.16.1-1 (bug #891869)
 	[stretch] - krb5 <no-dsa> (Minor issue)
 	[wheezy] - krb5 <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
-CVE-2018-5728
+CVE-2018-5728 (Cobham Sea Tel 121 build 222701 devices allow remote attackers to obta ...)
 	NOT-FOR-US: Cobham Sea Tel 121 build 222701 devices
-CVE-2018-5727
+CVE-2018-5727 (In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the o ...)
 	- openjpeg2 <unfixed> (unimportant; bug #888532)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1053
 	NOTE: ubsan error (integer overflow), no security impact per se and unlikely
 	NOTE: to trigger any security relevant issue
-CVE-2018-5726
+CVE-2018-5726 (MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain  ...)
 	NOT-FOR-US: MASTER IPCAMERA01 3.3.4.2103 devices
-CVE-2018-5725
+CVE-2018-5725 (MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configurati ...)
 	NOT-FOR-US: MASTER IPCAMERA01 3.3.4.2103 devices
-CVE-2018-5724
+CVE-2018-5724 (MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configurati ...)
 	NOT-FOR-US: MASTER IPCAMERA01 3.3.4.2103 devices
-CVE-2018-5723
+CVE-2018-5723 (MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1 ...)
 	NOT-FOR-US: MASTER IPCAMERA01 3.3.4.2103 devices
 CVE-2018-5722
 	RESERVED
-CVE-2018-5721
+CVE-2018-5721 (Stack-based buffer overflow in the ej_update_variables function in rou ...)
 	NOT-FOR-US: ASUS routers
-CVE-2018-5720
+CVE-2018-5720 (An issue was discovered on DODOCOOL DC38 3-in-1 N300 Mini Wireless Ran ...)
 	NOT-FOR-US: DODOCOOL DC38 3-in-1 N300 Mini Wireless Range Extend RTN2-AW.GD.R3465.1.20161103 devices
 CVE-2018-5719
 	RESERVED
-CVE-2018-5718
+CVE-2018-5718 (Improper restriction of write operations within the bounds of a memory ...)
 	NOT-FOR-US: SoftControl
-CVE-2018-5717
+CVE-2018-5717 (Memory write mechanism in NCR S2 Dispenser controller before firmware  ...)
 	NOT-FOR-US: NCR S2 Dispenser controller
-CVE-2018-5716
+CVE-2018-5716 (An issue was discovered in Reprise License Manager 11.0. This vulnerab ...)
 	NOT-FOR-US: Reprise License Manager
-CVE-2018-5715
+CVE-2018-5715 (phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the quer ...)
 	NOT-FOR-US: SugarCRM
-CVE-2018-5714
+CVE-2018-5714 (In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allow ...)
 	NOT-FOR-US: Malwarefox Anti-Malware
-CVE-2018-5713
+CVE-2018-5713 (In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allow ...)
 	NOT-FOR-US: Malwarefox Anti-Malware
-CVE-2018-5712
+CVE-2018-5712 (An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1 ...)
 	{DSA-4081-1 DSA-4080-1 DLA-1251-1}
 	- php7.1 7.1.13-1
 	- php7.0 7.0.27-1
 	- php5 <removed>
 	NOTE: Fixed in 5.6.33, 7.0.27, 7.1.13, 7.2.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74782
-CVE-2018-5711
+CVE-2018-5711 (gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP bef ...)
 	{DSA-4081-1 DSA-4080-1 DLA-1651-1 DLA-1248-1}
 	- php7.1 7.1.13-1 (unimportant)
 	- php7.0 7.0.27-1 (unimportant)
@@ -40176,7 +40176,7 @@ CVE-2018-5711
 	[stretch] - libgd2 2.2.4-2+deb9u3
 	NOTE: https://github.com/libgd/libgd/issues/420
 	NOTE: https://github.com/libgd/libgd/commit/a11f47475e6443b7f32d21f2271f28f417e2ac04
-CVE-2018-5710
+CVE-2018-5710 (An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The ...)
 	- krb5 1.16.1-1 (bug #889685)
 	[stretch] - krb5 <no-dsa> (Minor issue)
 	[jessie] - krb5 <no-dsa> (Minor issue)
@@ -40186,77 +40186,77 @@ CVE-2018-5710
 	NOTE: having coordinated with upstream and the CVE assignment ist sill for
 	NOTE: slight different coverage. Thus keep it distinct (for now) and mark
 	NOTE: CVE-2018-5710 issue as well as fixed once #891869 is adressed.
-CVE-2018-5709
+CVE-2018-5709 (An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The ...)
 	- krb5 <unfixed> (unimportant; bug #889684)
 	NOTE: https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
 	NOTE: non-issue, codepath is only run on trusted input, potential integer
 	NOTE: overflow is non-issue
-CVE-2018-5708
+CVE-2018-5708 (An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on  ...)
 	NOT-FOR-US: D-Link
 CVE-2018-5707
 	RESERVED
-CVE-2018-5706
+CVE-2018-5706 (An issue was discovered in Octopus Deploy before 4.1.9. Any user with  ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-5705
+CVE-2018-5705 (Reservo Image Hosting 1.6 is vulnerable to XSS attacks. The affected f ...)
 	NOT-FOR-US: Reservo Image Hosting
-CVE-2018-1000003
+CVE-2018-1000003 (Improper input validation bugs in DNSSEC validators components in Powe ...)
 	- pdns-recursor 4.1.1-1
 	[stretch] - pdns-recursor <not-affected> (Only affects 4.1)
 	[jessie] - pdns-recursor <not-affected> (Only affects 4.1)
 	[wheezy] - pdns-recursor <not-affected> (Only affects 4.1)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-01.html
-CVE-2018-1000002
+CVE-2018-1000002 (Improper input validation bugs in DNSSEC validators components in Knot ...)
 	- knot-resolver 1.5.2-1
 	NOTE: https://www.knot-resolver.cz/2018-01-22-knot-resolver-1.5.2.html
 	NOTE: prior to 1.5.1 memcached module was called kmemcached
-CVE-2018-5704
+CVE-2018-5704 (Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use  ...)
 	{DSA-4093-1 DLA-1253-1}
 	- openocd 0.10.0-4 (bug #887488)
 	NOTE: https://sourceforge.net/p/openocd/mailman/message/36188041/
 	NOTE: http://openocd.zylin.com/4330
 	NOTE: http://openocd.zylin.com/4331
 	NOTE: http://openocd.zylin.com/4335
-CVE-2018-5703
+CVE-2018-5703 (The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux  ...)
 	- linux 4.15.11-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lkml.org/lkml/2018/1/16/53
-CVE-2018-5701
+CVE-2018-5701 (In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys ...)
 	NOT-FOR-US: Iolo System Shield AntiVirus and AntiSpyware
-CVE-2018-5700
+CVE-2018-5700 (Winmail Server through 6.2 allows remote code execution by authenticat ...)
 	NOT-FOR-US: Winmail Server
 CVE-2018-5699
 	RESERVED
-CVE-2018-5698
+CVE-2018-5698 (libreadstat.a in WizardMac ReadStat 0.1.1 has a heap-based buffer over ...)
 	- r-cran-haven 1.1.1-1
 	NOTE: https://github.com/WizardMac/ReadStat/issues/108
 	NOTE: https://github.com/WizardMac/ReadStat/commit/79793dba3b665ff037ca60140441a6679a8971cf
-CVE-2018-5697
+CVE-2018-5697 (Icy Phoenix 2.2.0.105 allows SQL injection via an unapprove request to ...)
 	NOT-FOR-US: Icy Phoenix
-CVE-2018-5696
+CVE-2018-5696 (The iJoomla com_adagency plugin 6.0.9 for Joomla! allows SQL injection ...)
 	NOT-FOR-US: iJoomla com_adagency plugin for Joomla!
-CVE-2018-5695
+CVE-2018-5695 (The WpJobBoard plugin 4.4.4 for WordPress allows SQL injection via the ...)
 	NOT-FOR-US: WpJobBoard plugin for WordPress
-CVE-2018-5694
+CVE-2018-5694 (The callforward module in User Control Panel (UCP) in Nicolas Gudino ( ...)
 	NOT-FOR-US: Nicolas Gudino (aka Asternic) Flash Operator Panel
-CVE-2018-5693
+CVE-2018-5693 (The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows lo ...)
 	NOT-FOR-US: LinuxMagic MagicSpam extension for Plesk
-CVE-2018-5692
+CVE-2018-5692 (Piwigo v2.8.2 has XSS via the `tab`, `to`, `section`, `mode`, `install ...)
 	- piwigo <removed>
 	NOTE: https://github.com/Piwigo/Piwigo/issues/847
 	NOTE: https://github.com/Piwigo/Piwigo/commit/18e4b861992e8412fd70a3a7e0b2bf9b676c42ed
-CVE-2018-5691
+CVE-2018-5691 (SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` ...)
 	NOT-FOR-US: SonicWall Global Management System
-CVE-2018-5690
+CVE-2018-5690 (Cross-site scripting (XSS) vulnerability in admin/users.php in Dotclea ...)
 	- dotclear <removed>
-CVE-2018-5689
+CVE-2018-5689 (Cross-site scripting (XSS) vulnerability in admin/auth.php in Dotclear ...)
 	- dotclear <removed>
-CVE-2018-5688
+CVE-2018-5688 (ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader  ...)
 	NOT-FOR-US: ILIAS
-CVE-2018-5687
+CVE-2018-5687 (NewsBee allows XSS via the Company Name field in the Settings under ad ...)
 	NOT-FOR-US: NewsBee CMS
-CVE-2018-5686
+CVE-2018-5686 (In MuPDF 1.12.0, there is an infinite loop vulnerability and applicati ...)
 	{DSA-4334-1}
 	- mupdf 1.13.0+ds1-1 (bug #887130)
 	[jessie] - mupdf <no-dsa> (Minor issue)
@@ -40265,89 +40265,89 @@ CVE-2018-5686
 	NOTE: pdf_parse_array function in source/pdf/pdf-parse.c does not consider
 	NOTE: EOF.
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=b70eb93f6936c03d8af52040bbca4d4a7db39079
-CVE-2018-5685
+CVE-2018-5685 (In GraphicsMagick 1.3.27, there is an infinite loop and application ha ...)
 	{DSA-4321-1 DLA-1456-1 DLA-1245-1}
 	- graphicsmagick 1.3.27-4 (bug #887158)
 	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/52a91ddb1aa6
 	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/541/
 	NOTE: Before 1.3.27, the problem only affects 32-bit architectures (i.e., 4-byte long) it
 	NOTE: expanded to 64-bit architectures with upstream commit be5e89e6032d
-CVE-2018-5684
+CVE-2018-5684 (In Libav through 12.2, there is an invalid memcpy call in the ff_mov_r ...)
 	- libav <removed>
 	[jessie] - libav <not-affected> (vulnerable code is not present)
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1110
-CVE-2018-5683
+CVE-2018-5683 (The vga_draw_text function in Qemu allows local OS guest privileged us ...)
 	{DSA-4213-1 DLA-1497-1}
 	- qemu 1:2.12~rc3+dfsg-1 (bug #887392)
 	[wheezy] - qemu <postponed> (Minor issue, can be fixed along in next DLA)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <postponed> (Minor issue, can be fixed along in next DLA)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-01/msg02131.html
-CVE-2018-5682
+CVE-2018-5682 (PrestaShop 1.7.2.4 allows user enumeration via the Reset Password feat ...)
 	NOT-FOR-US: PrestaShop
-CVE-2018-5681
+CVE-2018-5681 (PrestaShop 1.7.2.4 has XSS via source-code editing on the "Pages &gt;  ...)
 	NOT-FOR-US: PrestaShop
-CVE-2018-5680
+CVE-2018-5680 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-5679
+CVE-2018-5679 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-5678
+CVE-2018-5678 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-5677
+CVE-2018-5677 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-5676
+CVE-2018-5676 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-5675
+CVE-2018-5675 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-5674
+CVE-2018-5674 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
-CVE-2018-5673
+CVE-2018-5673 (An issue was discovered in the booking-calendar plugin 2.1.7 for WordP ...)
 	NOT-FOR-US: booking-calendar plugin for WordPress
-CVE-2018-5672
+CVE-2018-5672 (An issue was discovered in the booking-calendar plugin 2.1.7 for WordP ...)
 	NOT-FOR-US: booking-calendar plugin for WordPress
-CVE-2018-5671
+CVE-2018-5671 (An issue was discovered in the booking-calendar plugin 2.1.7 for WordP ...)
 	NOT-FOR-US: booking-calendar plugin for WordPress
-CVE-2018-5670
+CVE-2018-5670 (An issue was discovered in the booking-calendar plugin 2.1.7 for WordP ...)
 	NOT-FOR-US: booking-calendar plugin for WordPress
-CVE-2018-5669
+CVE-2018-5669 (An issue was discovered in the read-and-understood plugin 2.1 for Word ...)
 	NOT-FOR-US: read-and-understood plugin for WordPress
-CVE-2018-5668
+CVE-2018-5668 (An issue was discovered in the read-and-understood plugin 2.1 for Word ...)
 	NOT-FOR-US: read-and-understood plugin for WordPress
-CVE-2018-5667
+CVE-2018-5667 (An issue was discovered in the read-and-understood plugin 2.1 for Word ...)
 	NOT-FOR-US: read-and-understood plugin for WordPress
-CVE-2018-5666
+CVE-2018-5666 (An issue was discovered in the responsive-coming-soon-page plugin 1.1. ...)
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5665
+CVE-2018-5665 (An issue was discovered in the responsive-coming-soon-page plugin 1.1. ...)
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5664
+CVE-2018-5664 (An issue was discovered in the responsive-coming-soon-page plugin 1.1. ...)
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5663
+CVE-2018-5663 (An issue was discovered in the responsive-coming-soon-page plugin 1.1. ...)
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5662
+CVE-2018-5662 (An issue was discovered in the responsive-coming-soon-page plugin 1.1. ...)
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5661
+CVE-2018-5661 (An issue was discovered in the responsive-coming-soon-page plugin 1.1. ...)
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5660
+CVE-2018-5660 (An issue was discovered in the responsive-coming-soon-page plugin 1.1. ...)
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5659
+CVE-2018-5659 (An issue was discovered in the responsive-coming-soon-page plugin 1.1. ...)
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5658
+CVE-2018-5658 (An issue was discovered in the responsive-coming-soon-page plugin 1.1. ...)
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5657
+CVE-2018-5657 (An issue was discovered in the responsive-coming-soon-page plugin 1.1. ...)
 	NOT-FOR-US: responsive-coming-soon-page plugin for WordPress
-CVE-2018-5656
+CVE-2018-5656 (An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 f ...)
 	NOT-FOR-US: weblizar-pinterest-feeds plugin for WordPress
-CVE-2018-5655
+CVE-2018-5655 (An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 f ...)
 	NOT-FOR-US: weblizar-pinterest-feeds plugin for WordPress
-CVE-2018-5654
+CVE-2018-5654 (An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 f ...)
 	NOT-FOR-US: weblizar-pinterest-feeds plugin for WordPress
-CVE-2018-5653
+CVE-2018-5653 (An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 f ...)
 	NOT-FOR-US: weblizar-pinterest-feeds plugin for WordPress
-CVE-2018-5652
+CVE-2018-5652 (An issue was discovered in the dark-mode plugin 1.6 for WordPress. XSS ...)
 	NOT-FOR-US: dark-mode plugin for WordPress
-CVE-2018-5651
+CVE-2018-5651 (An issue was discovered in the dark-mode plugin 1.6 for WordPress. XSS ...)
 	NOT-FOR-US: dark-mode plugin for WordPress
-CVE-2018-5650
+CVE-2018-5650 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and app ...)
 	- lrzip 0.631+git180517-1 (bug #887065)
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
@@ -40532,9 +40532,9 @@ CVE-2018-5562
 	RESERVED
 CVE-2018-5561
 	RESERVED
-CVE-2018-5560
+CVE-2018-5560 (A reliance on a static, hard-coded credential in the design of the clo ...)
 	NOT-FOR-US: Guardzilla
-CVE-2018-5559
+CVE-2018-5559 (In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are  ...)
 	NOT-FOR-US: Rapid7 Komand
 CVE-2018-5558
 	RESERVED
@@ -40546,266 +40546,266 @@ CVE-2018-5555
 	RESERVED
 CVE-2018-5554
 	RESERVED
-CVE-2018-5553
+CVE-2018-5553 (The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS- ...)
 	NOT-FOR-US: Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices
-CVE-2018-5552
+CVE-2018-5552 (Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLI ...)
 	NOT-FOR-US: DocuTrac QuicDoc and Office Therapy
-CVE-2018-5551
+CVE-2018-5551 (Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLI ...)
 	NOT-FOR-US: DocuTrac QuicDoc and Office Therapy
-CVE-2018-5550
+CVE-2018-5550 (Versions of Epson AirPrint released prior to January 19, 2018 contain  ...)
 	NOT-FOR-US: Epson AirPrint
-CVE-2018-5549
+CVE-2018-5549 (On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and 13.1.0-13. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5548
+CVE-2018-5548 (On BIG-IP APM 11.6.0-11.6.3, an insecure AES ECB mode is used for orig ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5547
+CVE-2018-5547 (Windows Logon Integration feature of F5 BIG-IP APM client prior to ver ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5546
+CVE-2018-5546 (The svpn and policyserver components of the F5 BIG-IP APM client prior ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5545
+CVE-2018-5545 (On F5 WebSafe Alert Server 1.0.0-4.2.6, a malicious, authenticated use ...)
 	NOT-FOR-US: F5 WebSafe Alert Server
-CVE-2018-5544
+CVE-2018-5544 (When the F5 BIG-IP APM 13.0.0-13.1.1 or 12.1.0-12.1.3 renders certain  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5543
+CVE-2018-5543 (The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) p ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5542
+CVE-2018-5542 (F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS hea ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5541
+CVE-2018-5541 (When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1,  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5540
+CVE-2018-5540 (On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5539
+CVE-2018-5539 (Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5538
+CVE-2018-5538 (On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.1.3-12.1.3.5, DNS Express / DNS Z ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5537
+CVE-2018-5537 (A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0- ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5536
+CVE-2018-5536 (A remote attacker via undisclosed measures, may be able to exploit an  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5535
+CVE-2018-5535 (On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 sp ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5534
+CVE-2018-5534 (Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0- ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5533
+CVE-2018-5533 (Under certain conditions on F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5532
+CVE-2018-5532 (On F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.2.1-11.5.6  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5531
+CVE-2018-5531 (Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5530
+CVE-2018-5530 (F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5529
+CVE-2018-5529 (The svpn component of the F5 BIG-IP APM client prior to version 7.1.7  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5528
+CVE-2018-5528 (Under certain conditions, TMM may restart and produce a core file whil ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5527
+CVE-2018-5527 (On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5526
+CVE-2018-5526 (Under certain conditions, on F5 BIG-IP ASM 13.1.0-13.1.0.5, Behavioral ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5525
+CVE-2018-5525 (A local file vulnerability exists in the F5 BIG-IP Configuration utili ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5524
+CVE-2018-5524 (Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5523
+CVE-2018-5523 (On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5522
+CVE-2018-5522 (On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5521
+CVE-2018-5521 (On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5520
+CVE-2018-5520 (On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 s ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5519
+CVE-2018-5519 (On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, adm ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5518
+CVE-2018-5518 (On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5517
+CVE-2018-5517 (On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5516
+CVE-2018-5516 (On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enter ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5515
+CVE-2018-5515 (On F5 BIG-IP 13.0.0-13.1.0.5, using RADIUS authentication responses fr ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5514
+CVE-2018-5514 (On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frame ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5513
+CVE-2018-5513 (On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5512
+CVE-2018-5512 (On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5511
+CVE-2018-5511 (On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrat ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5510
+CVE-2018-5510 (On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel (TM ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5509
+CVE-2018-5509 (On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5508
+CVE-2018-5508 (On F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.5 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5507
+CVE-2018-5507 (On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5506
+CVE-2018-5506 (In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 t ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5505
+CVE-2018-5505 (On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are both pro ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5504
+CVE-2018-5504 (In some circumstances, the Traffic Management Microkernel (TMM) does n ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5503
+CVE-2018-5503 (On F5 BIG-IP versions 13.0.0 - 13.1.0.3 or 12.0.0 - 12.1.3.1, TMM may  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5502
+CVE-2018-5502 (On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disr ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5501
+CVE-2018-5501 (In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 1 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5500
+CVE-2018-5500 (On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2018-5499
+CVE-2018-5499 (ATTO FibreBridge 7500N firmware version 2.95 is susceptible to a vulne ...)
 	NOT-FOR-US: ATTO FibreBridge 7500N firmware
-CVE-2018-5498
+CVE-2018-5498 (Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vul ...)
 	NOT-FOR-US: Clustered Data ONTAP
-CVE-2018-5497
+CVE-2018-5497 (Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are su ...)
 	NOT-FOR-US: Clustered Data ONTAP
-CVE-2018-5496
+CVE-2018-5496 (Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptib ...)
 	NOT-FOR-US: Data ONTAP
-CVE-2018-5495
+CVE-2018-5495 (All StorageGRID Webscale versions are susceptible to a vulnerability w ...)
 	NOT-FOR-US: NetApp
 CVE-2018-5494
 	RESERVED
 CVE-2018-5493
 	RESERVED
-CVE-2018-5492
+CVE-2018-5492 (NetApp E-Series SANtricity OS Controller Software 11.30 and later vers ...)
 	NOT-FOR-US: NetApp
 CVE-2018-5491
 	RESERVED
-CVE-2018-5490
+CVE-2018-5490 (Read-Only export policy rules are not correctly enforced in Clustered  ...)
 	NOT-FOR-US: NetApp Data ONTAP
-CVE-2018-5489
+CVE-2018-5489 (NetApp 7-Mode Transition Tool allows users with valid credentials to a ...)
 	NOT-FOR-US: NetApp
-CVE-2018-5488
+CVE-2018-5488 (NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 through 2 ...)
 	NOT-FOR-US: NetApp SANtricity Web Services Proxy
-CVE-2018-5487
+CVE-2018-5487 (NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 sh ...)
 	NOT-FOR-US: NetApp OnCommand Unified Manager for Linux
-CVE-2018-5486
+CVE-2018-5486 (NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 shi ...)
 	NOT-FOR-US: NetApp OnCommand Unified Manager for Linux
-CVE-2018-5485
+CVE-2018-5485 (NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3  ...)
 	NOT-FOR-US: NetApp OnCommand Unified Manager for Windows
 CVE-2018-5484
 	RESERVED
 CVE-2018-5483
 	RESERVED
-CVE-2018-5482
+CVE-2018-5482 (NetApp SnapCenter Server prior to 4.1 does not set the secure flag for ...)
 	NOT-FOR-US: NetApp SnapCenter Server
-CVE-2018-5481
+CVE-2018-5481 (OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 use ...)
 	NOT-FOR-US: OnCommand Unified Manager
 CVE-2018-5480
 	RESERVED
-CVE-2018-5479
+CVE-2018-5479 (FoxSash ImgHosting 1.5 (according to footer information) is vulnerable ...)
 	NOT-FOR-US: FoxSash ImgHosting
 CVE-2018-5478
 	RESERVED
-CVE-2018-5477
+CVE-2018-5477 (An Information Exposure issue was discovered in ABB netCADOPS Web Appl ...)
 	NOT-FOR-US: ABB netCADOPS Web Application
-CVE-2018-5476
+CVE-2018-5476 (A Stack-based Buffer Overflow issue was discovered in Delta Electronic ...)
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
-CVE-2018-5475
+CVE-2018-5475 (A Stack-based Buffer Overflow issue was discovered in GE D60 Line Dist ...)
 	NOT-FOR-US: GE D60 Line Distance Relay devices
-CVE-2018-5474
+CVE-2018-5474 (Philips Intellispace Portal all versions 7.0.x and 8.0.x have an input ...)
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5473
+CVE-2018-5473 (An Improper Restriction of Operations within the Bounds of a Memory Bu ...)
 	NOT-FOR-US: GE D60 Line Distance Relay devices
-CVE-2018-5472
+CVE-2018-5472 (Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insec ...)
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5471
+CVE-2018-5471 (A Cleartext Transmission of Sensitive Information issue was discovered ...)
 	NOT-FOR-US: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches
-CVE-2018-5470
+CVE-2018-5470 (Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an u ...)
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5469
+CVE-2018-5469 (An Improper Restriction of Excessive Authentication Attempts issue was ...)
 	NOT-FOR-US: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches
-CVE-2018-5468
+CVE-2018-5468 (Philips Intellispace Portal all versions 7.0.x and 8.0.x have a remote ...)
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5467
+CVE-2018-5467 (An Information Exposure Through Query Strings in GET Request issue was ...)
 	NOT-FOR-US: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches
-CVE-2018-5466
+CVE-2018-5466 (Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a se ...)
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5465
+CVE-2018-5465 (A Session Fixation issue was discovered in Belden Hirschmann RS, RSR,  ...)
 	NOT-FOR-US: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches
-CVE-2018-5464
+CVE-2018-5464 (Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an u ...)
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5463
+CVE-2018-5463 (A structured exception handler overflow vulnerability in Leao Consulto ...)
 	NOT-FOR-US: Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA
-CVE-2018-5462
+CVE-2018-5462 (Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an S ...)
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5461
+CVE-2018-5461 (An Inadequate Encryption Strength issue was discovered in Belden Hirsc ...)
 	NOT-FOR-US: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches
 CVE-2018-5460
 	RESERVED
-CVE-2018-5459
+CVE-2018-5459 (An Improper Authentication issue was discovered in WAGO PFC200 Series  ...)
 	NOT-FOR-US: WAGO PFC200
-CVE-2018-5458
+CVE-2018-5458 (Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vu ...)
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5457
+CVE-2018-5457 (A uncontrolled search path element issue was discovered in Vyaire Medi ...)
 	NOT-FOR-US: Vyaire Medical CareFusion Upgrade Utility
 CVE-2018-5456
 	RESERVED
-CVE-2018-5455
+CVE-2018-5455 (A Reliance on Cookies without Validation and Integrity Checking issue  ...)
 	NOT-FOR-US: Moxa
-CVE-2018-5454
+CVE-2018-5454 (Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vu ...)
 	NOT-FOR-US: Philips Intellispace Portal
-CVE-2018-5453
+CVE-2018-5453 (An Improper Handling of Length Parameter Inconsistency issue was disco ...)
 	NOT-FOR-US: Moxa
-CVE-2018-5452
+CVE-2018-5452 (A Stack-based Buffer Overflow issue was discovered in Emerson Process  ...)
 	NOT-FOR-US: Emerson Process Management ControlWave Micro Process Automation Controller
-CVE-2018-5451
+CVE-2018-5451 (In Philips Alice 6 System version R8.0.2 or prior, when an actor claim ...)
 	NOT-FOR-US: Philips Alice 6 System
 CVE-2018-5450
 	RESERVED
-CVE-2018-5449
+CVE-2018-5449 (A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-H ...)
 	NOT-FOR-US: Moxa
-CVE-2018-5448
+CVE-2018-5448 (All versions of the Medtronic 2090 Carelink Programmer are affected by ...)
 	NOT-FOR-US: Medtronic
-CVE-2018-5447
+CVE-2018-5447 (An Improper Input Validation issue was discovered in Nari PCS-9611 rel ...)
 	NOT-FOR-US: Nari PCS-9611 relay
-CVE-2018-5446
+CVE-2018-5446 (All versions of the Medtronic 2090 Carelink Programmer are affected by ...)
 	NOT-FOR-US: Medtronic
-CVE-2018-5445
+CVE-2018-5445 (A Path Traversal issue was discovered in Advantech WebAccess/SCADA ver ...)
 	NOT-FOR-US: Advantech WebAccess/SCADA
 CVE-2018-5444
 	RESERVED
-CVE-2018-5443
+CVE-2018-5443 (A SQL Injection issue was discovered in Advantech WebAccess/SCADA vers ...)
 	NOT-FOR-US: Advantech WebAccess/SCADA
-CVE-2018-5442
+CVE-2018-5442 (A Stack-based Buffer Overflow issue was discovered in Fuji Electric V- ...)
 	NOT-FOR-US: Fuji Electric V-Server VPR
-CVE-2018-5441
+CVE-2018-5441 (An Improper Validation of Integrity Check Value issue was discovered i ...)
 	NOT-FOR-US: PHOENIX CONTACT mGuard firmware
-CVE-2018-5440
+CVE-2018-5440 (A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS ...)
 	NOT-FOR-US: 3S-Smart
-CVE-2018-5439
+CVE-2018-5439 (A Command Injection issue was discovered in Nortek Linear eMerge E3 se ...)
 	NOT-FOR-US: Nortek Linear eMerge E3 series
-CVE-2018-5438
+CVE-2018-5438 (Philips ISCV application prior to version 2.3.0 has an insufficient se ...)
 	NOT-FOR-US: Philips ISCV application
-CVE-2018-5437
+CVE-2018-5437 (The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client compone ...)
 	NOT-FOR-US: TIBCO Spotfire
-CVE-2018-5436
+CVE-2018-5436 (The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire  ...)
 	NOT-FOR-US: TIBCO Spotfire
-CVE-2018-5435
+CVE-2018-5435 (The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client compone ...)
 	NOT-FOR-US: TIBCO Spotfire
-CVE-2018-5434
+CVE-2018-5434 (The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime Ag ...)
 	NOT-FOR-US: TIBCO Runtime Agent
-CVE-2018-5433
+CVE-2018-5433 (The TIBCO Administrator server component of TIBCO Software Inc.'s TIBC ...)
 	NOT-FOR-US: TIBCO Administrator
-CVE-2018-5432
+CVE-2018-5432 (The TIBCO Administrator server component of of TIBCO Software Inc.'s T ...)
 	NOT-FOR-US: TIBCO Administrator
-CVE-2018-5431
+CVE-2018-5431 (The domain designer component of TIBCO Software Inc.'s TIBCO JasperRep ...)
 	- jasperreports <undetermined>
 	[jessie] - jasperreports <end-of-life> (not supported in Jessie)
 	[wheezy] - jasperreports <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5431
-CVE-2018-5430
+CVE-2018-5430 (The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Serv ...)
 	- jasperreports <undetermined>
 	[jessie] - jasperreports <end-of-life> (not supported in Jessie)
 	[wheezy] - jasperreports <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5430
-CVE-2018-5429
+CVE-2018-5429 (A vulnerability in the report scripting component of TIBCO Software In ...)
 	- jasperreports <undetermined>
 	[jessie] - jasperreports <end-of-life> (not supported in Jessie)
 	[wheezy] - jasperreports <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5429
-CVE-2018-5428
+CVE-2018-5428 (The version control adapters component of TIBCO Data Virtualization (f ...)
 	NOT-FOR-US: TIBCO Data Virtualization
 CVE-2018-5427
 	REJECTED
@@ -40835,19 +40835,19 @@ CVE-2018-5415
 	REJECTED
 CVE-2018-5414
 	REJECTED
-CVE-2018-5413
+CVE-2018-5413 (Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privile ...)
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2018-5412
+CVE-2018-5412 (Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitra ...)
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2018-5411
+CVE-2018-5411 (Pixar's Tractor software, versions 2.2 and earlier, contain a stored c ...)
 	NOT-FOR-US: Pixar Tractor
-CVE-2018-5410
+CVE-2018-5410 (Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a ...)
 	NOT-FOR-US: Dokan
 CVE-2018-5409
 	RESERVED
 CVE-2018-5408
 	RESERVED
-CVE-2018-5407
+CVE-2018-5407 (Simultaneous Multi-threading (SMT) in processors can enable local user ...)
 	{DSA-4355-1 DSA-4348-1 DLA-1586-1}
 	- openssl 1.1.1~~pre9-1
 	- openssl1.0 1.0.2q-1
@@ -40863,15 +40863,15 @@ CVE-2018-5405
 	RESERVED
 CVE-2018-5404
 	RESERVED
-CVE-2018-5403
+CVE-2018-5403 (Imperva SecureSphere gateway (GW) running v13, for both pre-First Time ...)
 	NOT-FOR-US: Imperva SecureSphere
-CVE-2018-5402
+CVE-2018-5402 (The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App ...)
 	NOT-FOR-US: Auto-Maskin
-CVE-2018-5401
+CVE-2018-5401 (The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App ...)
 	NOT-FOR-US: Auto-Maskin
-CVE-2018-5400
+CVE-2018-5400 (The Auto-Maskin products utilize an undocumented custom protocol to se ...)
 	NOT-FOR-US: Auto-Maskin
-CVE-2018-5399
+CVE-2018-5399 (The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SS ...)
 	NOT-FOR-US: Auto-Maskin
 CVE-2018-5398
 	RESERVED
@@ -40883,26 +40883,26 @@ CVE-2018-5395
 	RESERVED
 CVE-2018-5394
 	RESERVED
-CVE-2018-5393
+CVE-2018-5393 (The TP-LINK EAP Controller is TP-LINK's software for remotely controll ...)
 	NOT-FOR-US: TP-LINK
-CVE-2018-5392
+CVE-2018-5392 (mingw-w64 version 5.0.4 by default produces executables that opt in to ...)
 	- mingw-w64 <unfixed> (unimportant)
 	NOTE: https://sourceforge.net/p/mingw-w64/mailman/message/31034877/
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17321
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19011
 	NOTE: https://www.kb.cert.org/vuls/id/307144 (describes workaround)
-CVE-2018-5391
+CVE-2018-5391 (The Linux kernel, versions 3.9+, is vulnerable to a denial of service  ...)
 	{DSA-4272-1 DLA-1715-1 DLA-1529-1 DLA-1466-1}
 	- linux 4.17.15-1
 	NOTE: Mitigation: Change the default values of net.ipv4.ipfrag_high_thresh and
 	NOTE: net.ipv4.ipfrag_low_thresh back to 256kB and 192 kB (respectively) or
 	NOTE: below.
-CVE-2018-5390
+CVE-2018-5390 (Linux kernel versions 4.9+ can be forced to make very expensive calls  ...)
 	{DSA-4266-1 DLA-1466-1}
 	- linux 4.17.14-1 (bug #905751)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.kb.cert.org/vuls/id/962459
-CVE-2018-5389
+CVE-2018-5389 (The Internet Key Exchange v1 main mode is vulnerable to offline dictio ...)
 	- strongswan <unfixed> (unimportant)
 	- libreswan <unfixed> (unimportant)
 	- ipsec-tools <unfixed> (unimportant)
@@ -40911,7 +40911,7 @@ CVE-2018-5389
 	NOTE: https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf
 	NOTE: https://www.usenix.org/sites/default/files/conference/protected-files/security18_slides_felsch.pdf
 	NOTE: vulnerability in IKEv1 protocol, not fixable in implementation; use strong passphrase or public-key cryptography
-CVE-2018-5388
+CVE-2018-5388 (In stroke_socket.c in strongSwan before 5.6.3, a missing packet length ...)
 	{DSA-4229-1}
 	- strongswan 5.6.3-1
 	[stretch] - strongswan <no-dsa> (needs root priv for access to the stroke socket)
@@ -40921,89 +40921,89 @@ CVE-2018-5388
 	NOTE: https://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=0acd1ab4
 	NOTE: https://www.strongswan.org/blog/2018/05/28/strongswan-5.6.3-released.html
 	NOTE: https://www.strongswan.org/blog/2018/05/28/strongswan-vulnerability-(cve-2018-5388).html
-CVE-2018-5387
+CVE-2018-5387 (Wizkunde SAMLBase may incorrectly utilize the results of XML DOM trave ...)
 	NOT-FOR-US: Wizkunde SAMLBase
-CVE-2018-5386
+CVE-2018-5386 (Some Navarino Infinity functions, up to version 2.2, placed in the URL ...)
 	NOT-FOR-US: Navarino Infinity
-CVE-2018-5385
+CVE-2018-5385 (Navarino Infinity is prone to session fixation attacks. The server acc ...)
 	NOT-FOR-US: Navarino Infinity
-CVE-2018-5384
+CVE-2018-5384 (Navarino Infinity web interface up to version 2.2 exposes an unauthent ...)
 	NOT-FOR-US: Navarino Infinity
-CVE-2018-5383
+CVE-2018-5383 (Bluetooth firmware or operating system software drivers in macOS versi ...)
 	- firmware-nonfree 20190114-1
 	[stretch] - firmware-nonfree <no-dsa> (non-free not supported)
 	NOTE: http://www.cs.technion.ac.il/~biham/BT/
-CVE-2018-5382
+CVE-2018-5382 (Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that i ...)
 	- bouncycastle 1.48+dfsg-2
 	[wheezy] - bouncycastle <ignored> (this only affects the integrity verification and not the content of the BKS keystore)
 	NOTE: https://insights.sei.cmu.edu/cert/2018/03/the-curious-case-of-the-bouncy-castle-bks-passwords.html
 	NOTE: https://www.kb.cert.org/vuls/id/306792
 	NOTE: Issue fixed in 1.47 upstream. The default MAC for a BKS key store was
 	NOTE: 2 bytes before and has been upgraded to 20 bytes.
-CVE-2018-5381
+CVE-2018-5381 (The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its p ...)
 	{DSA-4115-1 DLA-1286-1}
 	- quagga 1.2.4-1 (bug #890563)
 	NOTE: https://www.quagga.net/security/Quagga-2018-1975.txt
 	NOTE: https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=ce07207c50a3d1f05d6dd49b5294282e59749787
-CVE-2018-5380
+CVE-2018-5380 (The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun intern ...)
 	{DSA-4115-1 DLA-1286-1}
 	- quagga 1.2.4-1 (bug #890563)
 	NOTE: https://www.quagga.net/security/Quagga-2018-1550.txt
 	NOTE: https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=9e5251151894aefdf8e9392a2371615222119ad8
-CVE-2018-5379
+CVE-2018-5379 (The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free me ...)
 	{DSA-4115-1 DLA-1286-1}
 	- quagga 1.2.4-1 (bug #890563)
 	NOTE: https://www.quagga.net/security/Quagga-2018-1114.txt
 	NOTE: https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=e69b535f92eafb599329bf725d9b4c6fd5d7fded
-CVE-2018-5378
+CVE-2018-5378 (The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly  ...)
 	- quagga 1.2.4-1 (bug #890563)
 	[stretch] - quagga 1.1.1-3+deb9u2
 	[jessie] - quagga <not-affected> (Vulnerable code not present)
 	[wheezy] - quagga <not-affected> (Vulnerable code not present)
 	NOTE: https://www.quagga.net/security/Quagga-2018-0543.txt
 	NOTE: https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=cc2e6770697e343f4af534114ab7e633d5beabec
-CVE-2018-5377
+CVE-2018-5377 (Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access ...)
 	NOT-FOR-US: Discuz! DiscuzX
-CVE-2018-5376
+CVE-2018-5376 (Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_upload.ph ...)
 	NOT-FOR-US: Discuz! DiscuzX
-CVE-2018-5375
+CVE-2018-5375 (Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_space.php ...)
 	NOT-FOR-US: Discuz! DiscuzX
-CVE-2018-5702
+CVE-2018-5702 (Transmission through 2.92 relies on X-Transmission-Session-Id (which i ...)
 	{DSA-4087-1 DLA-1246-1}
 	- transmission 2.92-3 (bug #886990)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/01/12/1
 	NOTE: https://github.com/transmission/transmission/pull/468
 	NOTE: Proposed patch: https://patch-diff.githubusercontent.com/raw/transmission/transmission/pull/468.diff
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1447
-CVE-2018-5374
+CVE-2018-5374 (The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Inj ...)
 	NOT-FOR-US: Dbox 3D Slider Lite plugin for WordPress
-CVE-2018-5373
+CVE-2018-5373 (The Smooth Slider plugin through 2.8.6 for WordPress has SQL Injection ...)
 	NOT-FOR-US: Smooth Slider plugin for WordPress
-CVE-2018-5372
+CVE-2018-5372 (The Testimonial Slider plugin through 1.2.4 for WordPress has SQL Inje ...)
 	NOT-FOR-US: Testimonial Slider plugin for WordPress
-CVE-2018-5371
+CVE-2018-5371 (diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME ...)
 	NOT-FOR-US: D-Link
-CVE-2018-5370
+CVE-2018-5370 (BizLogic xnami 1.0 has XSS via the comment parameter in an addComment  ...)
 	NOT-FOR-US: BizLogic xnami
-CVE-2018-5369
+CVE-2018-5369 (The SrbTransLatin plugin 1.46 for WordPress has XSS via an srbtranslat ...)
 	NOT-FOR-US: SrbTransLatin plugin for WordPress
-CVE-2018-5368
+CVE-2018-5368 (The SrbTransLatin plugin 1.46 for WordPress has CSRF via an srbtransla ...)
 	NOT-FOR-US: SrbTransLatin plugin for WordPress
-CVE-2018-5367
+CVE-2018-5367 (The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_optio ...)
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5366
+CVE-2018-5366 (The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_optio ...)
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5365
+CVE-2018-5365 (The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_optio ...)
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5364
+CVE-2018-5364 (The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_optio ...)
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5363
+CVE-2018-5363 (The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_optio ...)
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5362
+CVE-2018-5362 (The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_optio ...)
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5361
+CVE-2018-5361 (The WPGlobus plugin 1.9.6 for WordPress has CSRF via wp-admin/options. ...)
 	NOT-FOR-US: WPGlobus plugin for WordPress
-CVE-2018-5360
+CVE-2018-5360 (LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstr ...)
 	- tiff <undetermined>
 	- tiff3 <undetermined>
 	[wheezy] - tiff3 <postponed> (Minor issue, revisit once fixed upstream)
@@ -41013,14 +41013,14 @@ CVE-2018-5360
 	NOTE: fixed as per 2016-10-25 (first release to ship the patch seems to be 4.0.7)
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/739dcd28a061738b317c1e9f91029d9cbc157159
 	NOTE: TODO check which exact Debian release contained the fix at first
-CVE-2018-5359
+CVE-2018-5359 (The server in Flexense SysGauge 3.6.18 operating on port 9221 can be e ...)
 	NOT-FOR-US: Flexense SysGauge
-CVE-2018-5358
+CVE-2018-5358 (ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/939
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4e72d445220287727d7886a5f17a10caf944a802
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/ed80c93e4cbf2727ead75fd8bd5e5d9ecbe762f9
-CVE-2018-5357
+CVE-2018-5357 (ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/941
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/4b60459202805cb4c9a96cdeeb70db594b1d3c72
@@ -41040,19 +41040,19 @@ CVE-2018-5351
 	RESERVED
 CVE-2018-5350
 	RESERVED
-CVE-2018-5349
+CVE-2018-5349 (A vulnerability has been found in Heimdal PRO v2.2.190, but it is most ...)
 	NOT-FOR-US: Heimdal PRO
 CVE-2018-5348
 	RESERVED
-CVE-2018-5347
+CVE-2018-5347 (Seagate Media Server in Seagate Personal Cloud has unauthenticated com ...)
 	NOT-FOR-US: Seagate Media Server in Seagate Personal Cloud
 CVE-2018-5346
 	RESERVED
-CVE-2018-1000004
+CVE-2018-1000004 (In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a ra ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.17-1
 	[stretch] - linux 4.9.80-1
-CVE-2018-1000001
+CVE-2018-1000001 (In glibc 2.26 and earlier there is confusion in the usage of getcwd()  ...)
 	- glibc 2.26-4 (bug #887001)
 	[stretch] - glibc <postponed> (Minor issue, can be fixed along in next DSA or preferably point release)
 	[jessie] - glibc <postponed> (Minor issue, can be fixed along in next DSA or preferably point release)
@@ -41061,11 +41061,11 @@ CVE-2018-1000001
 	NOTE: http://www.openwall.com/lists/oss-security/2018/01/11/5
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22679
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=52a713fdd0a30e1bd79818e2e3c4ab44ddca1a94
-CVE-2018-5345
+CVE-2018-5345 (A stack-based buffer overflow within GNOME gcab through 0.7.4 can be e ...)
 	{DSA-4095-1}
 	- gcab 0.7-7 (bug #887776)
 	NOTE: https://git.gnome.org/browse/gcab/commit/?id=bd2abee5f0a9b5cbe3a1ab1f338c4fb8f6ca797b
-CVE-2018-5344
+CVE-2018-5344 (In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles l ...)
 	- linux 4.14.17-1
 	[stretch] - linux 4.9.80-1
 	[jessie] - linux <not-affected> (Vulnerability introduced later)
@@ -41073,58 +41073,58 @@ CVE-2018-5344
 	NOTE: Fixed by: https://git.kernel.org/linus/ae6650163c66a7eff1acd6eb8b0f752dcfa8eba5
 CVE-2018-5343
 	RESERVED
-CVE-2018-5342
+CVE-2018-5342 (An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124  ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-5341
+CVE-2018-5341 (An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124  ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-5340
+CVE-2018-5340 (An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124  ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-5339
+CVE-2018-5339 (An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124  ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-5338
+CVE-2018-5338 (An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124  ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-5337
+CVE-2018-5337 (An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124  ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
-CVE-2018-5336
+CVE-2018-5336 (In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, X ...)
 	{DSA-4101-1 DLA-1258-1}
 	- wireshark 2.4.4-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-01.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14253
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f4c95cf46ba6adbd10b09747e10742801bc706b
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f6702e49a9720d173246668495eece6d77eca5b0
-CVE-2018-5335
+CVE-2018-5335 (In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector cou ...)
 	{DSA-4101-1 DLA-1258-1}
 	- wireshark 2.4.4-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-04.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=086b87376b988c555484349aa115d6e08ac6db07
-CVE-2018-5334
+CVE-2018-5334 (In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file p ...)
 	{DSA-4101-1 DLA-1258-1}
 	- wireshark 2.4.4-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-03.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14297
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dc308c05ba0673460fe80873b22d296880ee996d
-CVE-2018-5333
+CVE-2018-5333 (In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in n ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.17-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/7d11f77f84b27cef452cee332f4e469503084737
-CVE-2018-5332
+CVE-2018-5332 (In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() funct ...)
 	{DSA-4187-1 DLA-1369-1}
 	- linux 4.14.17-1
 	[stretch] - linux 4.9.80-1
 	NOTE: Fixed by: https://git.kernel.org/linus/c095508770aebf1b9218e77026e48345d719b17c
-CVE-2018-5331
+CVE-2018-5331 (Discuz! DiscuzX X3.4 has XSS via the view parameter to include/space/s ...)
 	NOT-FOR-US: Discuz!
-CVE-2018-5330
+CVE-2018-5330 (ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of s ...)
 	NOT-FOR-US: ZyXEL
-CVE-2018-5329
+CVE-2018-5329 (ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Re ...)
 	NOT-FOR-US: ZUUSE BEIMS ContractorWeb .NET
-CVE-2018-5328
+CVE-2018-5328 (ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /User ...)
 	NOT-FOR-US: ZUUSE BEIMS ContractorWeb .NET
-CVE-2018-5327
+CVE-2018-5327 (Cheetah Mobile Armorfly Browser &amp; Downloader 1.1.05.0010, when ins ...)
 	NOT-FOR-US: Cheetah Mobile Armorfly Browser & Downloader
-CVE-2018-5326
+CVE-2018-5326 (Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified  ...)
 	NOT-FOR-US: Cheetah Mobile CM Browser
 CVE-2018-5325
 	RESERVED
@@ -41138,27 +41138,27 @@ CVE-2018-5321
 	RESERVED
 CVE-2018-5320
 	RESERVED
-CVE-2018-5319
+CVE-2018-5319 (RAVPower FileHub 2.000.056 allows remote users to steal sensitive info ...)
 	NOT-FOR-US: RAVPower FileHub
 CVE-2018-5318
 	RESERVED
 CVE-2018-5317
 	RESERVED
-CVE-2018-5316
+CVE-2018-5316 (The "SagePay Server Gateway for WooCommerce" plugin before 1.0.9 for W ...)
 	NOT-FOR-US: "SagePay Server Gateway for WooCommerce" plugin for WordPress
-CVE-2018-5315
+CVE-2018-5315 (The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Inject ...)
 	NOT-FOR-US: Wachipi WP Events Calendar plugin for WordPress
-CVE-2018-5314
+CVE-2018-5314 (Command injection vulnerability in Citrix NetScaler ADC and NetScaler  ...)
 	NOT-FOR-US: Citrix
-CVE-2018-5313
+CVE-2018-5313 (A vulnerability allows local attackers to escalate privilege on Rapid  ...)
 	NOT-FOR-US: Rapid Scada
-CVE-2018-5312
+CVE-2018-5312 (The tabs-responsive plugin 1.8.0 for WordPress has XSS via the post_ti ...)
 	NOT-FOR-US: tabs-responsive plugin for WordPress
-CVE-2018-5311
+CVE-2018-5311 (The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via th ...)
 	NOT-FOR-US: Easy Custom Auto Excerpt plugin for WordPress
-CVE-2018-5310
+CVE-2018-5310 (In the "Media from FTP" plugin before 9.85 for WordPress, Directory Tr ...)
 	NOT-FOR-US: "Media from FTP" plugin for WordPress
-CVE-2018-5309
+CVE-2018-5309 (In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamPa ...)
 	- libpodofo 0.9.6+dfsg-3 (low)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -41166,7 +41166,7 @@ CVE-2018-5309
 	NOTE: https://sourceforge.net/p/podofo/tickets/5/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1532381
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1907
-CVE-2018-5308
+CVE-2018-5308 (PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMem ...)
 	- libpodofo 0.9.5-9 (low; bug #854602)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -41175,21 +41175,21 @@ CVE-2018-5308
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1870
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1876
 	NOTE: duplicate CVE: CVE-2017-5854
-CVE-2018-5307
+CVE-2018-5307 (Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus  ...)
 	NOT-FOR-US: Sonatype Nexus Repository Manager
-CVE-2018-5306
+CVE-2018-5306 (Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus  ...)
 	NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2018-5305
 	RESERVED
-CVE-2018-5304
+CVE-2018-5304 (An issue was discovered on the Impinj Speedway Connect R420 RFID Reade ...)
 	NOT-FOR-US: Impinj Speedway Connect R420 RFID Reader
-CVE-2018-5303
+CVE-2018-5303 (An issue was discovered on the Impinj Speedway Connect R420 RFID Reade ...)
 	NOT-FOR-US: Impinj Speedway Connect R420 RFID Reader
 CVE-2018-5302
 	RESERVED
-CVE-2018-5301
+CVE-2018-5301 (Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1 ...)
 	NOT-FOR-US: Magento
-CVE-2018-1000028
+CVE-2018-1000028 (Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4 ...)
 	- linux 4.14.17-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
@@ -41197,7 +41197,7 @@ CVE-2018-1000028
 	NOTE: Fixed by: https://git.kernel.org/linus/1995266727fa8143897e89b55f5d3c79aa828420
 	NOTE: Introducing commit backported to 4.14.8 and 4.9.76. But Debian stretch
 	NOTE: did never contain the vulnerable code alone without the fix.
-CVE-2018-1000027
+CVE-2018-1000027 (The Squid Software Foundation Squid HTTP Caching Proxy version prior t ...)
 	{DSA-4122-1 DLA-1267-1 DLA-1266-1}
 	[experimental] - squid 4.0.23-1~exp8
 	- squid 4.1-1
@@ -41206,7 +41206,7 @@ CVE-2018-1000027
 	NOTE: Squid 3.5: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch
 	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2018_2.txt
-CVE-2018-1000024
+CVE-2018-1000024 (The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to  ...)
 	{DSA-4122-1 DLA-1266-1}
 	[experimental] - squid 4.0.23-1~exp8
 	- squid 4.1-1
@@ -41217,278 +41217,278 @@ CVE-2018-1000024
 	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_1.patch
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2018_1.txt
 	NOTE: Squid3 in Debian builds to use the libxml2 or libexpat XML parsers.
-CVE-2018-1000022
+CVE-2018-1000022 (Electrum Technologies GmbH Electrum Bitcoin Wallet version prior to ve ...)
 	- electrum 3.0.5-1 (bug #886683)
 	[jessie] - electrum <not-affected> (Only affects >= 2.6)
 	NOTE: https://github.com/spesmilo/electrum/issues/3374
 	NOTE: http://www.openwall.com/lists/oss-security/2018/01/10/4
 CVE-2018-5300
 	RESERVED
-CVE-2018-5299
+CVE-2018-5299 (A stack-based Buffer Overflow Vulnerability exists in the web server i ...)
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
-CVE-2018-5298
+CVE-2018-5298 (In the Procter &amp; Gamble "Oral-B App" (aka com.pg.oralb.oralbapp) a ...)
 	NOT-FOR-US: Procter & Gamble "Oral-B App" for Android
 CVE-2018-5297
 	RESERVED
-CVE-2018-5296
+CVE-2018-5296 (In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the Pdf ...)
 	- libpodofo 0.9.6+dfsg-3 (low)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/podofo/tickets/6/
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1925
-CVE-2018-5295
+CVE-2018-5295 (In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamPars ...)
 	- libpodofo 0.9.5-9 (low; bug #889511)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
 	[wheezy] - libpodofo <no-dsa> (Minor issue)
 	NOTE: upstream thread: https://sourceforge.net/p/podofo/mailman/message/36180168/
 	NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1889
-CVE-2018-5294
+CVE-2018-5294 (In libming 0.4.8, there is an integer overflow (caused by an out-of-ra ...)
 	{DLA-1305-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/98
-CVE-2018-5293
+CVE-2018-5293 (The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin ...)
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5292
+CVE-2018-5292 (The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin ...)
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5291
+CVE-2018-5291 (The GD Rating System plugin 2.3 for WordPress has Directory Traversal  ...)
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5290
+CVE-2018-5290 (The GD Rating System plugin 2.3 for WordPress has Directory Traversal  ...)
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5289
+CVE-2018-5289 (The GD Rating System plugin 2.3 for WordPress has Directory Traversal  ...)
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5288
+CVE-2018-5288 (The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin ...)
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5287
+CVE-2018-5287 (The GD Rating System plugin 2.3 for WordPress has Directory Traversal  ...)
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5286
+CVE-2018-5286 (The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin ...)
 	NOT-FOR-US: GD Rating System plugin for WordPress
-CVE-2018-5285
+CVE-2018-5285 (The ImageInject plugin 1.15 for WordPress has CSRF via wp-admin/option ...)
 	NOT-FOR-US: ImageInject plugin for WordPress
-CVE-2018-5284
+CVE-2018-5284 (The ImageInject plugin 1.15 for WordPress has XSS via the flickr_appid ...)
 	NOT-FOR-US: ImageInject plugin for WordPress
-CVE-2018-5283
+CVE-2018-5283 (The Photos in Wifi application 1.0.1 for iOS has directory traversal v ...)
 	NOT-FOR-US: Photos in Wifi application for iOS
-CVE-2018-5282
+CVE-2018-5282 (** DISPUTED ** Kentico 9.0 through 11.0 has a stack-based buffer overf ...)
 	NOT-FOR-US: Kentico
-CVE-2018-5281
+CVE-2018-5281 (SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices  ...)
 	NOT-FOR-US: SonicWall SonicOS
-CVE-2018-5280
+CVE-2018-5280 (SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices  ...)
 	NOT-FOR-US: SonicWall SonicOS
-CVE-2018-5279
+CVE-2018-5279 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FA ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5278
+CVE-2018-5278 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FA ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5277
+CVE-2018-5277 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FA ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5276
+CVE-2018-5276 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FA ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5275
+CVE-2018-5275 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FA ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5274
+CVE-2018-5274 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FA ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5273
+CVE-2018-5273 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FA ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5272
+CVE-2018-5272 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FA ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5271
+CVE-2018-5271 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FA ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5270
+CVE-2018-5270 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FA ...)
 	NOT-FOR-US: Malwarebytes Premium
-CVE-2018-5269
+CVE-2018-5269 (In OpenCV 3.3.1, an assertion failure happens in cv::RBaseStream::setP ...)
 	{DLA-1438-1 DLA-1354-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #886675)
 	[stretch] - opencv <ignored> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/10540
 	NOTE: 2.4 backport: https://patch-diff.githubusercontent.com/raw/opencv/opencv/pull/10901.patch
-CVE-2018-5268
+CVE-2018-5268 (In OpenCV 3.3.1, a heap-based buffer overflow happens in cv::Jpeg2KDec ...)
 	{DLA-1438-1 DLA-1354-1}
 	[experimental] - opencv 3.4.4+dfsg-1~exp1
 	- opencv 3.2.0+dfsg-6 (bug #886674)
 	[stretch] - opencv <no-dsa> (Minor issue)
 	NOTE: https://github.com/opencv/opencv/issues/10541
 	NOTE: 2.4 backport: https://patch-diff.githubusercontent.com/raw/opencv/opencv/pull/10901.patch
-CVE-2018-5267
+CVE-2018-5267 (Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypa ...)
 	NOT-FOR-US: Cobham Sea Tel 121 build 222701 devices
-CVE-2018-5266
+CVE-2018-5266 (Cobham Sea Tel 121 build 222701 devices allow remote attackers to obta ...)
 	NOT-FOR-US: Cobham Sea Tel 121 build 222701 devices
 CVE-2018-5265
 	RESERVED
 CVE-2018-5264
 	RESERVED
-CVE-2018-5263
+CVE-2018-5263 (The StackIdeas EasyDiscuss (aka com_easydiscuss) extension before 4.0. ...)
 	NOT-FOR-US: The StackIdeas EasyDiscuss extension for Joomla!
-CVE-2018-5262
+CVE-2018-5262 (A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier  ...)
 	NOT-FOR-US: Flexense DiskBoss
-CVE-2018-5261
+CVE-2018-5261 (An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. Due t ...)
 	NOT-FOR-US: Flexense DiskBoss
 CVE-2018-5260
 	RESERVED
-CVE-2018-5259
+CVE-2018-5259 (Discuz! DiscuzX X3.4 allows remote authenticated users to bypass inten ...)
 	NOT-FOR-US: Discuz! DiscuzX
-CVE-2018-5258
+CVE-2018-5258 (The Neon app 1.6.14 iOS does not verify X.509 certificates from SSL se ...)
 	NOT-FOR-US: Neon app
 CVE-2018-5257
 	RESERVED
-CVE-2018-5256
+CVE-2018-5256 (CoreOS Tectonic 1.7.x before 1.7.9-tectonic.4 and 1.8.x before 1.8.4-t ...)
 	NOT-FOR-US: CoreOS Tectonic
-CVE-2018-5255
+CVE-2018-5255 (The Mlag agent in Arista EOS 4.19 before 4.19.4M and 4.20 before 4.20. ...)
 	NOT-FOR-US: Arista
-CVE-2018-5254
+CVE-2018-5254 (Arista EOS before 4.20.2F allows remote BGP peers to cause a denial of ...)
 	NOT-FOR-US: Arista EOS
-CVE-2018-5253
+CVE-2018-5253 (The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has a ...)
 	NOT-FOR-US: Bento4
-CVE-2018-5252
+CVE-2018-5252 (libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, ha ...)
 	NOT-FOR-US: ImageWorsener
-CVE-2018-5251
+CVE-2018-5251 (In libming 0.4.8, there is an integer signedness error vulnerability ( ...)
 	{DLA-1305-1}
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/97
 CVE-2018-5250
 	RESERVED
-CVE-2018-5249
+CVE-2018-5249 (Cross-site scripting (XSS) vulnerability in Shaarli before 0.8.5 and 0 ...)
 	- shaarli <itp> (bug #864559)
-CVE-2018-5248
+CVE-2018-5248 (In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in ...)
 	{DSA-4245-1 DSA-4204-1}
 	- imagemagick 8:6.9.9.34+dfsg-3 (bug #886588)
 	[wheezy] - imagemagick <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/927
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/c76434c16b5ac8861ee0c5d5c3ab8974fae3d624
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0272305f91763b5ce119a2c7a0e0084d8241a58d
-CVE-2018-5247
+CVE-2018-5247 (In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/928
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/0ecb22aa909e52d86b4545aa7a51f7a0922147e6
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d85c34f8bd699c31b94118babc6c0445eecc9920
-CVE-2018-5246
+CVE-2018-5246 (In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImag ...)
 	- imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/929
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1c3dd700bbb17837ee6f540aff3eafc76262accf
 	NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/e59dc85e6ce58fd7618c3680b2a8def62050582f
 CVE-2018-5245
 	RESERVED
-CVE-2018-5243
+CVE-2018-5243 (The Symantec Encryption Management Server (SEMS) product, prior to ver ...)
 	NOT-FOR-US: Symantec
-CVE-2018-5242
+CVE-2018-5242 (Norton App Lock prior to version 1.3.0.329 can be susceptible to a byp ...)
 	NOT-FOR-US: Norton App Lock
-CVE-2018-5241
+CVE-2018-5241 (Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6 ...)
 	NOT-FOR-US: Symantec
-CVE-2018-5240
+CVE-2018-5240 (The Inventory Plugin for Symantec Management Agent prior to 7.6 POST H ...)
 	NOT-FOR-US: Inventory Plugin for Symantec Management Agent
-CVE-2018-5239
+CVE-2018-5239 (Norton App Lock prior to v1.3.0.332 can be susceptible to a bypass exp ...)
 	NOT-FOR-US: Norton
-CVE-2018-5238
+CVE-2018-5238 (Norton Power Eraser (prior to 5.3.0.24) and SymDiag (prior to 2.1.242) ...)
 	NOT-FOR-US: Norton
-CVE-2018-5237
+CVE-2018-5237 (Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 coul ...)
 	NOT-FOR-US: Symantec
-CVE-2018-5236
+CVE-2018-5236 (Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may  ...)
 	NOT-FOR-US: Symantec
-CVE-2018-5235
+CVE-2018-5235 (Norton Utilities (prior to 16.0.3.44) may be susceptible to a DLL Prel ...)
 	NOT-FOR-US: Norton
-CVE-2018-5234
+CVE-2018-5234 (The Norton Core router prior to v237 may be susceptible to a command i ...)
 	NOT-FOR-US: Norton Core router
-CVE-2018-5244
+CVE-2018-5244 (In Xen 4.10, new infrastructure was introduced as part of an overhaul  ...)
 	- xen <not-affected> (Only affects Xen 4.10 onwards)
 	NOTE: https://xenbits.xen.org/xsa/advisory-253.html
-CVE-2018-5233
+CVE-2018-5233 (Cross-site scripting (XSS) vulnerability in system/src/Grav/Common/Twi ...)
 	NOT-FOR-US: Grav CMS admin plugin
-CVE-2018-5232
+CVE-2018-5232 (The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and ...)
 	NOT-FOR-US: Atlassian Jira
-CVE-2018-5231
+CVE-2018-5231 (The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6 ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-5230
+CVE-2018-5230 (The issue collector in Atlassian Jira before version 7.6.6, from versi ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-5229
+CVE-2018-5229 (The NotificationRepresentationFactoryImpl class in Atlassian Universal ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-5228
+CVE-2018-5228 (The /browse/~raw resource in Atlassian Fisheye and Crucible before ver ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-5227
+CVE-2018-5227 (Various administrative application link resources in Atlassian Applica ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-5226
+CVE-2018-5226 (There was an argument injection vulnerability in Sourcetree for Window ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-5225
+CVE-2018-5225 (In browser editing in Atlassian Bitbucket Server from version 4.13.0 b ...)
 	NOT-FOR-US: Atlassian Bitbucket Server
-CVE-2018-5224
+CVE-2018-5224 (Bamboo did not correctly check if a configured Mercurial repository UR ...)
 	NOT-FOR-US: Atlassian
-CVE-2018-5223
+CVE-2018-5223 (Fisheye and Crucible did not correctly check if a configured Mercurial ...)
 	NOT-FOR-US: Atlassian
 CVE-2018-5222
 	RESERVED
-CVE-2018-5221
+CVE-2018-5221 (Multiple buffer overflows in BarCodeWiz BarCode before 6.7 ActiveX con ...)
 	NOT-FOR-US: BarCodeWiz BarCode
-CVE-2018-5220
+CVE-2018-5220 (In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2018-5219
+CVE-2018-5219 (In K7 Antivirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2018-5218
+CVE-2018-5218 (In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2018-5217
+CVE-2018-5217 (In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local ...)
 	NOT-FOR-US: K7 Antivirus
-CVE-2018-5216
+CVE-2018-5216 (Radiant CMS 1.1.4 has XSS via crafted Markdown input in the part_body_ ...)
 	NOT-FOR-US: Radiant CMS
-CVE-2018-5215
+CVE-2018-5215 (Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title paramet ...)
 	NOT-FOR-US: Fork CMS
-CVE-2018-5214
+CVE-2018-5214 (The "Add Link to Facebook" plugin through 2.3 for WordPress has XSS vi ...)
 	NOT-FOR-US: "Add Link to Facebook" plugin for WordPress
-CVE-2018-5213
+CVE-2018-5213 (The Simple Download Monitor plugin before 3.5.4 for WordPress has XSS  ...)
 	NOT-FOR-US: Simple Download Monitor plugin for WordPress
-CVE-2018-5212
+CVE-2018-5212 (The Simple Download Monitor plugin before 3.5.4 for WordPress has XSS  ...)
 	NOT-FOR-US: Simple Download Monitor plugin for WordPress
-CVE-2018-5211
+CVE-2018-5211 (PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack o ...)
 	NOT-FOR-US: PHP Melody
-CVE-2018-5210
+CVE-2018-5210 (On Samsung mobile devices with N(7.x) software and Exynos chipsets, at ...)
 	NOT-FOR-US: Samsung mobile devices
 CVE-2018-5209
 	RESERVED
-CVE-2018-5208
+CVE-2018-5208 (In Irssi before 1.0.6, a calculation error in the completion code coul ...)
 	{DSA-4162-1}
 	- irssi 1.0.7-1 (bug #886475)
 	[jessie] - irssi <ignored> (Minor issue)
 	[wheezy] - irssi <no-dsa> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_01.txt
 	NOTE: https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
-CVE-2018-5207
+CVE-2018-5207 (When using an incomplete variable argument, Irssi before 1.0.6 may acc ...)
 	{DSA-4162-1}
 	- irssi 1.0.7-1 (bug #886475)
 	[jessie] - irssi <ignored> (Minor issue)
 	[wheezy] - irssi <no-dsa> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_01.txt
 	NOTE: https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
-CVE-2018-5206
+CVE-2018-5206 (When the channel topic is set without specifying a sender, Irssi befor ...)
 	{DSA-4162-1}
 	- irssi 1.0.7-1 (bug #886475)
 	[jessie] - irssi <ignored> (Minor issue)
 	[wheezy] - irssi <no-dsa> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_01.txt
 	NOTE: https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
-CVE-2018-5205
+CVE-2018-5205 (When using incomplete escape codes, Irssi before 1.0.6 may access data ...)
 	{DSA-4162-1}
 	- irssi 1.0.7-1 (bug #886475)
 	[jessie] - irssi <ignored> (Minor issue)
 	[wheezy] - irssi <no-dsa> (Minor issue)
 	NOTE: https://irssi.org/security/irssi_sa_2018_01.txt
 	NOTE: https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
-CVE-2018-5204
+CVE-2018-5204 (ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a v ...)
 	NOT-FOR-US: ML Report
-CVE-2018-5203
+CVE-2018-5203 (DEXTUploadX5 version Between 1.0.0.0 and 2.2.0.0 contains a vulnerabil ...)
 	NOT-FOR-US: DEXTUploadX5
-CVE-2018-5202
+CVE-2018-5202 (SKCertService 2.5.5 and earlier contains a vulnerability that could al ...)
 	NOT-FOR-US: SKCertService
-CVE-2018-5201
+CVE-2018-5201 (Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10 ...)
 	NOT-FOR-US: Hancom Office
-CVE-2018-5200
+CVE-2018-5200 (KMPlayer 4.2.2.15 and earlier have a Heap Based Buffer Overflow Vulner ...)
 	NOT-FOR-US: KMPlayer (different from src:kmplayer)
-CVE-2018-5199
+CVE-2018-5199 (In Veraport G3 ALL on MacOS, due to insufficient domain validation, It ...)
 	NOT-FOR-US: Veraport G3 ALL
-CVE-2018-5198
+CVE-2018-5198 (In Veraport G3 ALL on MacOS, a race condition when calling the Verapor ...)
 	NOT-FOR-US: Veraport G3 ALL
-CVE-2018-5197
+CVE-2018-5197 (A vulnerability in the ExtCommon.dll user extension module version 9.2 ...)
 	NOT-FOR-US: Xplatform ActiveX
-CVE-2018-5196
+CVE-2018-5196 (Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused b ...)
 	NOT-FOR-US: ALZip
-CVE-2018-5195
+CVE-2018-5195 (Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow vuln ...)
 	NOT-FOR-US: Hancom NEO
 CVE-2018-5194
 	RESERVED
@@ -41498,11 +41498,11 @@ CVE-2018-5192
 	RESERVED
 CVE-2018-5191
 	REJECTED
-CVE-2018-5190
+CVE-2018-5190 (PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows rem ...)
 	NOT-FOR-US: PicturesPro Photo Cart
-CVE-2018-5189
+CVE-2018-5189 (Race condition in Jungo Windriver 12.5.1 allows local users to cause a ...)
 	NOT-FOR-US: Jungo Windriver
-CVE-2018-5188
+CVE-2018-5188 (Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox  ...)
 	{DSA-4244-1 DSA-4235-1 DLA-1425-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -41510,36 +41510,36 @@ CVE-2018-5188
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5188
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-5188
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/#CVE-2018-5188
-CVE-2018-5187
+CVE-2018-5187 (Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of t ...)
 	{DSA-4295-1 DLA-1575-1}
 	- firefox 61.0-1
 	- thunderbird 1:60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5187
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/#CVE-2018-5187
-CVE-2018-5186
+CVE-2018-5186 (Memory safety bugs present in Firefox 60. Some of these bugs showed ev ...)
 	- firefox 61.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5186
-CVE-2018-5185
+CVE-2018-5185 (Plaintext of decrypted emails can leak through by user submitting an e ...)
 	{DSA-4209-1 DLA-1382-1}
 	- thunderbird 1:52.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185
-CVE-2018-5184
+CVE-2018-5184 (Using remote content in encrypted messages can lead to the disclosure  ...)
 	{DSA-4209-1 DLA-1382-1}
 	- thunderbird 1:52.8.0-1 (bug #898631)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184
-CVE-2018-5183
+CVE-2018-5183 (Mozilla developers backported selected changes in the Skia library. Th ...)
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox-esr 52.8.0esr-1
 	- thunderbird 1:52.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5183
-CVE-2018-5182
+CVE-2018-5182 (If a text string that happens to be a filename in the operating system ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5182
-CVE-2018-5181
+CVE-2018-5181 (If a URL using the "file:" protocol is dragged and dropped onto an ope ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5181
-CVE-2018-5180
+CVE-2018-5180 (A use-after-free vulnerability can occur during WebGL operations. Whil ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5180
 CVE-2018-5179
@@ -41547,44 +41547,44 @@ CVE-2018-5179
 	{DSA-4330-1}
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
-CVE-2018-5178
+CVE-2018-5178 (A buffer overflow was found during UTF8 to Unicode string conversion w ...)
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox-esr 52.8.0esr-1
 	- thunderbird 1:52.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5178
-CVE-2018-5177
+CVE-2018-5177 (A vulnerability exists in XSLT during number formatting where a negati ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5177
-CVE-2018-5176
+CVE-2018-5176 (The JSON Viewer displays clickable hyperlinks for strings that are par ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5176
-CVE-2018-5175
+CVE-2018-5175 (A mechanism to bypass Content Security Policy (CSP) protections on sit ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5175
-CVE-2018-5174
+CVE-2018-5174 (In the Windows 10 April 2018 Update, Windows Defender SmartScreen hono ...)
 	- firefox <not-affected> (Windows-specific)
 	- firefox-esr <not-affected> (Windows-specific)
 	- thunderbird <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5174
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5174
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5174
-CVE-2018-5173
+CVE-2018-5173 (The filename appearing in the "Downloads" panel improperly renders som ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5173
-CVE-2018-5172
+CVE-2018-5172 (The Live Bookmarks page and the PDF viewer can run injected script con ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5172
 CVE-2018-5171
 	RESERVED
-CVE-2018-5170
+CVE-2018-5170 (It is possible to spoof the filename of an attachment and display an a ...)
 	{DSA-4209-1 DLA-1382-1}
 	- thunderbird 1:52.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5170
-CVE-2018-5169
+CVE-2018-5169 (If manipulated hyperlinked text with "chrome:" URL contained in it is  ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5169
-CVE-2018-5168
+CVE-2018-5168 (Sites can bypass security checks on permissions to install lightweight ...)
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
@@ -41592,33 +41592,33 @@ CVE-2018-5168
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5168
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5168
-CVE-2018-5167
+CVE-2018-5167 (The web console and JavaScript debugger do not sanitize all output tha ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5167
-CVE-2018-5166
+CVE-2018-5166 (WebExtensions can use request redirection and a "filterReponseData" fi ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5166
-CVE-2018-5165
+CVE-2018-5165 (In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Ena ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5165
-CVE-2018-5164
+CVE-2018-5164 (Content Security Policy (CSP) is not applied correctly to all parts of ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5164
-CVE-2018-5163
+CVE-2018-5163 (If a malicious attacker has used another vulnerability to gain full co ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5163
-CVE-2018-5162
+CVE-2018-5162 (Plaintext of decrypted emails can leak through the src attribute of re ...)
 	{DSA-4209-1 DLA-1382-1}
 	- thunderbird 1:52.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162
-CVE-2018-5161
+CVE-2018-5161 (Crafted message headers can cause a Thunderbird process to hang on rec ...)
 	{DSA-4209-1 DLA-1382-1}
 	- thunderbird 1:52.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5161
-CVE-2018-5160
+CVE-2018-5160 (WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5160
-CVE-2018-5159
+CVE-2018-5159 (An integer overflow can occur in the Skia library due to 32-bit intege ...)
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
@@ -41626,19 +41626,19 @@ CVE-2018-5159
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5159
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5159
-CVE-2018-5158
+CVE-2018-5158 (The PDF viewer does not sufficiently sanitize PostScript calculator fu ...)
 	{DSA-4199-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5158
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158
-CVE-2018-5157
+CVE-2018-5157 (Same-origin protections for the PDF viewer can be bypassed, allowing a ...)
 	{DSA-4199-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5157
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157
-CVE-2018-5156
+CVE-2018-5156 (A vulnerability can occur when capturing a media stream when the media ...)
 	{DSA-4295-1 DSA-4235-1 DLA-1575-1 DLA-1406-1}
 	- firefox-esr 52.9.0esr-1
 	- firefox 61.0-1
@@ -41646,7 +41646,7 @@ CVE-2018-5156
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5156
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/#CVE-2018-5156
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/#CVE-2018-5156
-CVE-2018-5155
+CVE-2018-5155 (A use-after-free vulnerability can occur while adjusting layout during ...)
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
@@ -41654,7 +41654,7 @@ CVE-2018-5155
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5155
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5155
-CVE-2018-5154
+CVE-2018-5154 (A use-after-free vulnerability can occur while enumerating attributes  ...)
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
@@ -41662,16 +41662,16 @@ CVE-2018-5154
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5154
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5154
-CVE-2018-5153
+CVE-2018-5153 (If websocket data is sent with mixed text and binary in a single messa ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5153
-CVE-2018-5152
+CVE-2018-5152 (WebExtensions with the appropriate permissions can attach content scri ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5152
-CVE-2018-5151
+CVE-2018-5151 (Memory safety bugs were reported in Firefox 59. Some of these bugs sho ...)
 	- firefox 60.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5151
-CVE-2018-5150
+CVE-2018-5150 (Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and  ...)
 	{DSA-4209-1 DSA-4199-1 DLA-1382-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
@@ -41681,19 +41681,19 @@ CVE-2018-5150
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5150
 CVE-2018-5149
 	RESERVED
-CVE-2018-5148
+CVE-2018-5148 (A use-after-free vulnerability can occur in the compositor during cert ...)
 	{DSA-4153-1 DLA-1321-1}
 	- firefox 59.0.2-1
 	- firefox-esr 52.7.3esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/
-CVE-2018-5147
+CVE-2018-5147 (The libtremor library has the same flaw as CVE-2018-5146. This library ...)
 	{DSA-4143-1 DSA-4141-1 DLA-1319-1 DLA-1312-1}
 	- firefox 59.0.1-1
 	- firefox-esr 52.7.2esr-1
 	- libvorbisidec 1.2.1+git20180316-1 (bug #893132)
 	NOTE: https://git.xiph.org/?p=tremor.git;a=commit;h=562307a4a7082e24553f3d2c55dab397a17c4b4f
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
-CVE-2018-5146
+CVE-2018-5146 (An out of bounds memory write while processing Vorbis audio data was r ...)
 	{DSA-4155-1 DSA-4143-1 DSA-4140-1 DLA-1368-1 DLA-1327-1 DLA-1319-1}
 	- firefox 59.0.1-1
 	- firefox-esr 52.7.2esr-1
@@ -41702,66 +41702,66 @@ CVE-2018-5146
 	NOTE: https://git.xiph.org/?p=vorbis.git;a=commit;h=667ceb4aab60c1f74060143bb24e5f427b3cce5f
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
-CVE-2018-5145
+CVE-2018-5145 (Memory safety bugs were reported in Firefox ESR 52.6. These bugs showe ...)
 	{DSA-4155-1 DSA-4139-1 DLA-1327-1 DLA-1308-1}
 	- firefox-esr 52.7.0esr-1
 	- thunderbird 1:52.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
-CVE-2018-5144
+CVE-2018-5144 (An integer overflow can occur during conversion of text to some Unicod ...)
 	{DSA-4155-1 DSA-4139-1 DLA-1327-1 DLA-1308-1}
 	- firefox-esr 52.7.0esr-1
 	- thunderbird 1:52.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
-CVE-2018-5143
+CVE-2018-5143 (URLs using "javascript:" have the protocol removed when pasted into th ...)
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5142
+CVE-2018-5142 (If Media Capture and Streams API permission is requested from document ...)
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5141
+CVE-2018-5141 (A vulnerability in the notifications Push API where notifications can  ...)
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5140
+CVE-2018-5140 (Image for moz-icons can be accessed through the "moz-icon:" protocol t ...)
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
 CVE-2018-5139
 	RESERVED
-CVE-2018-5138
+CVE-2018-5138 (A spoofing vulnerability can occur when a malicious site with an extre ...)
 	- firefox <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5137
+CVE-2018-5137 (A legacy extension's non-contentaccessible, defined resources can be l ...)
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5136
+CVE-2018-5136 (A shared worker created from a "data:" URL in one tab can be shared by ...)
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5135
+CVE-2018-5135 (WebExtensions can bypass normal restrictions in some circumstances and ...)
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5134
+CVE-2018-5134 (WebExtensions may use "view-source:" URLs to view local "file:" URL co ...)
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5133
+CVE-2018-5133 (If the "app.support.baseURL" preference is changed by a malicious loca ...)
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5132
+CVE-2018-5132 (The Find API for WebExtensions can search some privileged pages, such  ...)
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5131
+CVE-2018-5131 (Under certain circumstances the "fetch()" API can return transient loc ...)
 	{DSA-4139-1 DLA-1308-1}
 	- firefox 59.0-1
 	- firefox-esr 52.7.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5130
+CVE-2018-5130 (When packets with a mismatched RTP payload type are sent in WebRTC con ...)
 	{DSA-4139-1 DLA-1308-1}
 	- firefox 59.0-1
 	- firefox-esr 52.7.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5129
+CVE-2018-5129 (A lack of parameter validation on IPC messages results in a potential  ...)
 	{DSA-4155-1 DSA-4139-1 DLA-1327-1 DLA-1308-1}
 	- firefox 59.0-1
 	- firefox-esr 52.7.0esr-1
@@ -41769,10 +41769,10 @@ CVE-2018-5129
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
-CVE-2018-5128
+CVE-2018-5128 (A use-after-free vulnerability can occur when manipulating elements, e ...)
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5127
+CVE-2018-5127 (A buffer overflow can occur when manipulating the SVG "animatedPathSeg ...)
 	{DSA-4155-1 DSA-4139-1 DLA-1327-1 DLA-1308-1}
 	- firefox 59.0-1
 	- firefox-esr 52.7.0esr-1
@@ -41780,10 +41780,10 @@ CVE-2018-5127
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
-CVE-2018-5126
+CVE-2018-5126 (Memory safety bugs were reported in Firefox 58. Some of these bugs sho ...)
 	- firefox 59.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
-CVE-2018-5125
+CVE-2018-5125 (Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. S ...)
 	{DSA-4155-1 DSA-4139-1 DLA-1327-1 DLA-1308-1}
 	- firefox 59.0-1
 	- firefox-esr 52.7.0esr-1
@@ -41800,21 +41800,21 @@ CVE-2018-5123
 	RESERVED
 	- bugzilla4 <itp> (bug #669643)
 	- bugzilla <removed>
-CVE-2018-5122
+CVE-2018-5122 (A potential integer overflow in the "DoCrypt" function of WebCrypto wa ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5122
-CVE-2018-5121
+CVE-2018-5121 (Low descenders on some Tibetan characters in several fonts on OS X are ...)
 	- firefox <not-affected> (Only affects Firefox on Mac OS X)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5121
 CVE-2018-5120
 	RESERVED
-CVE-2018-5119
+CVE-2018-5119 (The reader view will display cross-origin content when CORS headers ar ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5119
-CVE-2018-5118
+CVE-2018-5118 (The screenshot images displayed in the Activity Stream page displayed  ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5118
-CVE-2018-5117
+CVE-2018-5117 (If right-to-left text is used in the addressbar with left-to-right ali ...)
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41822,43 +41822,43 @@ CVE-2018-5117
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5117
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5117
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5117
-CVE-2018-5116
+CVE-2018-5116 (WebExtensions with the "ActiveTab" permission are able to access frame ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5116
-CVE-2018-5115
+CVE-2018-5115 (If an HTTP authentication prompt is triggered by a background network  ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5115
-CVE-2018-5114
+CVE-2018-5114 (If an existing cookie is changed to be "HttpOnly" while a document is  ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5114
-CVE-2018-5113
+CVE-2018-5113 (The "browser.identity.launchWebAuthFlow" function of WebExtensions is  ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5113
-CVE-2018-5112
+CVE-2018-5112 (Development Tools panels of an extension are required to load URLs for ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5112
-CVE-2018-5111
+CVE-2018-5111 (When the text of a specially formatted URL is dragged to the addressba ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5111
-CVE-2018-5110
+CVE-2018-5110 (If cursor visibility is toggled by script using from 'none' to an imag ...)
 	- firefox <not-affected> (Only affects Firefox on Mac OS X)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5110
-CVE-2018-5109
+CVE-2018-5109 (An audio capture session can started under an incorrect origin from th ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5109
-CVE-2018-5108
+CVE-2018-5108 (A Blob URL can violate origin attribute segregation, allowing it to be ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5108
-CVE-2018-5107
+CVE-2018-5107 (The printing process can bypass local access protections to read files ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5107
-CVE-2018-5106
+CVE-2018-5106 (Style editor traffic in the Developer Tools can be routed through a se ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5106
-CVE-2018-5105
+CVE-2018-5105 (WebExtensions can bypass user prompts to first save and then open an a ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5105
-CVE-2018-5104
+CVE-2018-5104 (A use-after-free vulnerability can occur during font face manipulation ...)
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41866,7 +41866,7 @@ CVE-2018-5104
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5104
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5104
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5104
-CVE-2018-5103
+CVE-2018-5103 (A use-after-free vulnerability can occur during mouse event handling d ...)
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41874,7 +41874,7 @@ CVE-2018-5103
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5103
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5103
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5103
-CVE-2018-5102
+CVE-2018-5102 (A use-after-free vulnerability can occur when manipulating HTML media  ...)
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41882,13 +41882,13 @@ CVE-2018-5102
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5102
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5102
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5102
-CVE-2018-5101
+CVE-2018-5101 (A use-after-free vulnerability can occur when manipulating floating "f ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5101
-CVE-2018-5100
+CVE-2018-5100 (A use-after-free vulnerability can occur when arguments passed to the  ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5100
-CVE-2018-5099
+CVE-2018-5099 (A use-after-free vulnerability can occur when the widget listener is h ...)
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41896,7 +41896,7 @@ CVE-2018-5099
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5099
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5099
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5099
-CVE-2018-5098
+CVE-2018-5098 (A use-after-free vulnerability can occur when form input elements, foc ...)
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41904,7 +41904,7 @@ CVE-2018-5098
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5098
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5098
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5098
-CVE-2018-5097
+CVE-2018-5097 (A use-after-free vulnerability can occur during XSL transformations wh ...)
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41912,13 +41912,13 @@ CVE-2018-5097
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5097
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5097
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5097
-CVE-2018-5096
+CVE-2018-5096 (A use-after-free vulnerability can occur while editing events in form  ...)
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox-esr 52.6.0esr-1
 	- thunderbird 1:52.6.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5096
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5096
-CVE-2018-5095
+CVE-2018-5095 (An integer overflow vulnerability in the Skia library when allocating  ...)
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41927,25 +41927,25 @@ CVE-2018-5095
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5095
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5095
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5095
-CVE-2018-5094
+CVE-2018-5094 (A heap buffer overflow vulnerability may occur in WebAssembly when "sh ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5094
-CVE-2018-5093
+CVE-2018-5093 (A heap buffer overflow vulnerability may occur in WebAssembly during M ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5093
-CVE-2018-5092
+CVE-2018-5092 (A use-after-free vulnerability can occur when the thread for a Web Wor ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5092
-CVE-2018-5091
+CVE-2018-5091 (A use-after-free vulnerability can occur during WebRTC connections whe ...)
 	{DSA-4102-1 DSA-4096-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5091
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5091
-CVE-2018-5090
+CVE-2018-5090 (Memory safety bugs were reported in Firefox 57. Some of these bugs sho ...)
 	- firefox 58.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5090
-CVE-2018-5089
+CVE-2018-5089 (Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. S ...)
 	{DSA-4102-1 DSA-4096-1 DLA-1262-1 DLA-1256-1}
 	- firefox 58.0-1
 	- firefox-esr 52.6.0esr-1
@@ -41953,447 +41953,447 @@ CVE-2018-5089
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/#CVE-2018-5089
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/#CVE-2018-5089
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/#CVE-2018-5089
-CVE-2018-5088
+CVE-2018-5088 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5087
+CVE-2018-5087 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5086
+CVE-2018-5086 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5085
+CVE-2018-5085 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5084
+CVE-2018-5084 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5083
+CVE-2018-5083 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5082
+CVE-2018-5082 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5081
+CVE-2018-5081 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5080
+CVE-2018-5080 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5079
+CVE-2018-5079 (In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local ...)
 	NOT-FOR-US: K7 AntiVirus
-CVE-2018-5078
+CVE-2018-5078 (Online Ticket Booking has XSS via the admin/eventlist.php cast paramet ...)
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5077
+CVE-2018-5077 (Online Ticket Booking has XSS via the admin/movieedit.php moviename pa ...)
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5076
+CVE-2018-5076 (Online Ticket Booking has XSS via the admin/newsedit.php newstitle par ...)
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5075
+CVE-2018-5075 (Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_nam ...)
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5074
+CVE-2018-5074 (Online Ticket Booking has XSS via the admin/manageownerlist.php contac ...)
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5073
+CVE-2018-5073 (Online Ticket Booking has CSRF via admin/movieedit.php. ...)
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5072
+CVE-2018-5072 (Online Ticket Booking has XSS via the admin/sitesettings.php keyword p ...)
 	NOT-FOR-US: Online Ticket Booking
-CVE-2018-5071
+CVE-2018-5071 (Persistent XSS exists in the web server on Cobham Sea Tel 116 build 22 ...)
 	NOT-FOR-US: Cobham Sea Tel 116 build 222429 satellite communication system devices
-CVE-2018-5070
+CVE-2018-5070 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5069
+CVE-2018-5069 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5068
+CVE-2018-5068 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5067
+CVE-2018-5067 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5066
+CVE-2018-5066 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5065
+CVE-2018-5065 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5064
+CVE-2018-5064 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5063
+CVE-2018-5063 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5062
+CVE-2018-5062 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5061
+CVE-2018-5061 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5060
+CVE-2018-5060 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5059
+CVE-2018-5059 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5058
+CVE-2018-5058 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5057
+CVE-2018-5057 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5056
+CVE-2018-5056 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5055
+CVE-2018-5055 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5054
+CVE-2018-5054 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5053
+CVE-2018-5053 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5052
+CVE-2018-5052 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5051
+CVE-2018-5051 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5050
+CVE-2018-5050 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5049
+CVE-2018-5049 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5048
+CVE-2018-5048 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5047
+CVE-2018-5047 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5046
+CVE-2018-5046 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5045
+CVE-2018-5045 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5044
+CVE-2018-5044 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5043
+CVE-2018-5043 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5042
+CVE-2018-5042 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5041
+CVE-2018-5041 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5040
+CVE-2018-5040 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5039
+CVE-2018-5039 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5038
+CVE-2018-5038 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5037
+CVE-2018-5037 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5036
+CVE-2018-5036 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5035
+CVE-2018-5035 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5034
+CVE-2018-5034 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5033
+CVE-2018-5033 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5032
+CVE-2018-5032 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5031
+CVE-2018-5031 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5030
+CVE-2018-5030 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5029
+CVE-2018-5029 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5028
+CVE-2018-5028 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5027
+CVE-2018-5027 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5026
+CVE-2018-5026 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5025
+CVE-2018-5025 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5024
+CVE-2018-5024 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5023
+CVE-2018-5023 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5022
+CVE-2018-5022 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5021
+CVE-2018-5021 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5020
+CVE-2018-5020 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5019
+CVE-2018-5019 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5018
+CVE-2018-5018 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5017
+CVE-2018-5017 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5016
+CVE-2018-5016 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5015
+CVE-2018-5015 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5014
+CVE-2018-5014 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
 CVE-2018-5013
 	REJECTED
-CVE-2018-5012
+CVE-2018-5012 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5011
+CVE-2018-5011 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5010
+CVE-2018-5010 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5009
+CVE-2018-5009 (Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5008
+CVE-2018-5008 (Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-boun ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5007
+CVE-2018-5007 (Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusi ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5006
+CVE-2018-5006 (Adobe Experience Manager versions 6.4 and earlier have a Server-Side R ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5005
+CVE-2018-5005 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a C ...)
 	NOT-FOR-US: Adobe Experience Manager
-CVE-2018-5004
+CVE-2018-5004 (Adobe Experience Manager versions 6.2 and 6.3 have a Server-Side Reque ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5003
+CVE-2018-5003 (Adobe Creative Cloud Desktop Application before 4.5.5.342 (installer)  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5002
+CVE-2018-5002 (Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5001
+CVE-2018-5001 (Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-boun ...)
 	NOT-FOR-US: Adobe
-CVE-2018-5000
+CVE-2018-5000 (Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Ove ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4999
+CVE-2018-4999 (Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4998
+CVE-2018-4998 (Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4997
+CVE-2018-4997 (Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4996
+CVE-2018-4996 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4995
+CVE-2018-4995 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4994
+CVE-2018-4994 (Adobe Connect versions 9.7.5 and earlier have an exploitable Authentic ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4993
+CVE-2018-4993 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4992
+CVE-2018-4992 (Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlie ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4991
+CVE-2018-4991 (Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlie ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4990
+CVE-2018-4990 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4989
+CVE-2018-4989 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4988
+CVE-2018-4988 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4987
+CVE-2018-4987 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4986
+CVE-2018-4986 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4985
+CVE-2018-4985 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4984
+CVE-2018-4984 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4983
+CVE-2018-4983 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4982
+CVE-2018-4982 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4981
+CVE-2018-4981 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4980
+CVE-2018-4980 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4979
+CVE-2018-4979 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4978
+CVE-2018-4978 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4977
+CVE-2018-4977 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4976
+CVE-2018-4976 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4975
+CVE-2018-4975 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4974
+CVE-2018-4974 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4973
+CVE-2018-4973 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4972
+CVE-2018-4972 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4971
+CVE-2018-4971 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4970
+CVE-2018-4970 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4969
+CVE-2018-4969 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4968
+CVE-2018-4968 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4967
+CVE-2018-4967 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4966
+CVE-2018-4966 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4965
+CVE-2018-4965 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4964
+CVE-2018-4964 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4963
+CVE-2018-4963 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4962
+CVE-2018-4962 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4961
+CVE-2018-4961 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4960
+CVE-2018-4960 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4959
+CVE-2018-4959 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4958
+CVE-2018-4958 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4957
+CVE-2018-4957 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4956
+CVE-2018-4956 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4955
+CVE-2018-4955 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4954
+CVE-2018-4954 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4953
+CVE-2018-4953 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4952
+CVE-2018-4952 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: VMware Xenon
-CVE-2018-4951
+CVE-2018-4951 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4950
+CVE-2018-4950 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4949
+CVE-2018-4949 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4948
+CVE-2018-4948 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4947
+CVE-2018-4947 (Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011 ...)
 	NOT-FOR-US: VMware Xenon
-CVE-2018-4946
+CVE-2018-4946 (Adobe Photoshop CC versions 19.1.3 and earlier, 18.1.3 and earlier, an ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4945
+CVE-2018-4945 (Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusi ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4944
+CVE-2018-4944 (Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4943
+CVE-2018-4943 (Adobe PhoneGap Push Plugin versions 1.8.0 and earlier have an exploita ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4942
+CVE-2018-4942 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4941
+CVE-2018-4941 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4940
+CVE-2018-4940 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4939
+CVE-2018-4939 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4938
+CVE-2018-4938 (Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 1 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4937
+CVE-2018-4937 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4936
+CVE-2018-4936 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4935
+CVE-2018-4935 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4934
+CVE-2018-4934 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4933
+CVE-2018-4933 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4932
+CVE-2018-4932 (Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4931
+CVE-2018-4931 (Adobe Experience Manager versions 6.1 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4930
+CVE-2018-4930 (Adobe Experience Manager versions 6.3 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4929
+CVE-2018-4929 (Adobe Experience Manager versions 6.2 and earlier have an exploitable  ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4928
+CVE-2018-4928 (Adobe InDesign versions 13.0 and below have an exploitable Memory corr ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4927
+CVE-2018-4927 (Adobe InDesign versions 13.0 and below have an exploitable Untrusted S ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4926
+CVE-2018-4926 (Adobe Digital Editions versions 4.5.7 and below have an exploitable St ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4925
+CVE-2018-4925 (Adobe Digital Editions versions 4.5.7 and below have an exploitable Ou ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4924
+CVE-2018-4924 (Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Inje ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4923
+CVE-2018-4923 (Adobe Connect versions 9.7 and earlier have an exploitable OS Command  ...)
 	NOT-FOR-US: Adobe
 CVE-2018-4922
 	REJECTED
-CVE-2018-4921
+CVE-2018-4921 (Adobe Connect versions 9.7 and earlier have an exploitable unrestricte ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4920
+CVE-2018-4920 (Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4919
+CVE-2018-4919 (Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4918
+CVE-2018-4918 (Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4917
+CVE-2018-4917 (Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011 ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4916
+CVE-2018-4916 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4915
+CVE-2018-4915 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4914
+CVE-2018-4914 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4913
+CVE-2018-4913 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4912
+CVE-2018-4912 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4911
+CVE-2018-4911 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4910
+CVE-2018-4910 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4909
+CVE-2018-4909 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4908
+CVE-2018-4908 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4907
+CVE-2018-4907 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4906
+CVE-2018-4906 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4905
+CVE-2018-4905 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4904
+CVE-2018-4904 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4903
+CVE-2018-4903 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4902
+CVE-2018-4902 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4901
+CVE-2018-4901 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4900
+CVE-2018-4900 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4899
+CVE-2018-4899 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4898
+CVE-2018-4898 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4897
+CVE-2018-4897 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4896
+CVE-2018-4896 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4895
+CVE-2018-4895 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4894
+CVE-2018-4894 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4893
+CVE-2018-4893 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4892
+CVE-2018-4892 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4891
+CVE-2018-4891 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4890
+CVE-2018-4890 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4889
+CVE-2018-4889 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4888
+CVE-2018-4888 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4887
+CVE-2018-4887 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4886
+CVE-2018-4886 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4885
+CVE-2018-4885 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4884
+CVE-2018-4884 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4883
+CVE-2018-4883 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4882
+CVE-2018-4882 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4881
+CVE-2018-4881 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4880
+CVE-2018-4880 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4879
+CVE-2018-4879 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4878
+CVE-2018-4878 (A use-after-free vulnerability was discovered in Adobe Flash Player be ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2018-4877
+CVE-2018-4877 (A use-after-free vulnerability was discovered in Adobe Flash Player be ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2018-4876
+CVE-2018-4876 (Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to  ...)
 	NOT-FOR-US: Adobe Experience Manager
-CVE-2018-4875
+CVE-2018-4875 (Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a refl ...)
 	NOT-FOR-US: Adobe Experience Manager
 CVE-2018-4874
 	REJECTED
-CVE-2018-4873
+CVE-2018-4873 (Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlie ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4872
+CVE-2018-4872 (An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and ear ...)
 	NOT-FOR-US: Adobe
-CVE-2018-4871
+CVE-2018-4871 (An Out-of-bounds Read issue was discovered in Adobe Flash Player befor ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2018-4870
 	RESERVED
 CVE-2018-4869
 	RESERVED
-CVE-2018-4868
+CVE-2018-4868 (The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0. ...)
 	- exiv2 <not-affected> (Vulnerable code introduced in 0.26)
 	NOTE: https://github.com/Exiv2/exiv2/issues/202
 CVE-2018-4867
@@ -42404,69 +42404,69 @@ CVE-2018-4865
 	RESERVED
 CVE-2018-4864
 	RESERVED
-CVE-2018-4863
+CVE-2018-4863 (Sophos Endpoint Protection 10.7 allows local users to bypass an intend ...)
 	NOT-FOR-US: Sophos
-CVE-2018-4862
+CVE-2018-4862 (In Octopus Deploy versions 3.2.11 - 4.1.5 (fixed in 4.1.6), an authent ...)
 	NOT-FOR-US: Octopus Deploy
-CVE-2018-4861
+CVE-2018-4861 (A vulnerability has been identified in SCALANCE M875 (All versions). A ...)
 	NOT-FOR-US: SCALANCE
-CVE-2018-4860
+CVE-2018-4860 (A vulnerability has been identified in SCALANCE M875 (All versions). A ...)
 	NOT-FOR-US: SCALANCE
-CVE-2018-4859
+CVE-2018-4859 (A vulnerability has been identified in SCALANCE M875 (All versions). A ...)
 	NOT-FOR-US: SCALANCE
-CVE-2018-4858
+CVE-2018-4858 (A vulnerability has been identified in IEC 61850 system configurator ( ...)
 	NOT-FOR-US: IEC
 CVE-2018-4857
 	RESERVED
-CVE-2018-4856
+CVE-2018-4856 (A vulnerability has been identified in SICLOCK TC100 (All versions) an ...)
 	NOT-FOR-US: SICLOCK TC100
-CVE-2018-4855
+CVE-2018-4855 (A vulnerability has been identified in SICLOCK TC100 (All versions) an ...)
 	NOT-FOR-US: SICLOCK TC100
-CVE-2018-4854
+CVE-2018-4854 (A vulnerability has been identified in SICLOCK TC100 (All versions) an ...)
 	NOT-FOR-US: SICLOCK TC100
-CVE-2018-4853
+CVE-2018-4853 (A vulnerability has been identified in SICLOCK TC100 (All versions) an ...)
 	NOT-FOR-US: SICLOCK TC100
-CVE-2018-4852
+CVE-2018-4852 (A vulnerability has been identified in SICLOCK TC100 (All versions) an ...)
 	NOT-FOR-US: SICLOCK TC100
-CVE-2018-4851
+CVE-2018-4851 (A vulnerability has been identified in SICLOCK TC100 (All versions) an ...)
 	NOT-FOR-US: SICLOCK TC100
-CVE-2018-4850
+CVE-2018-4850 (A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU ha ...)
 	NOT-FOR-US: SIMATIC
-CVE-2018-4849
+CVE-2018-4849 (A vulnerability has been identified in Siveillance VMS Video for Andro ...)
 	NOT-FOR-US: Siveillance VMS Video
-CVE-2018-4848
+CVE-2018-4848 (A vulnerability has been identified in SCALANCE X-200 (All versions &l ...)
 	NOT-FOR-US: Siemens SCALANCE X switches
-CVE-2018-4847
+CVE-2018-4847 (A vulnerability has been identified in SIMATIC WinCC OA Operator iOS A ...)
 	NOT-FOR-US: SIMATIC WinCC OA Operator iOS App
-CVE-2018-4846
+CVE-2018-4846 (A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPo ...)
 	NOT-FOR-US: RAPIDLab
-CVE-2018-4845
+CVE-2018-4845 (A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPo ...)
 	NOT-FOR-US: RAPIDLab
-CVE-2018-4844
+CVE-2018-4844 (A vulnerability has been identified in SIMATIC WinCC OA UI for Android ...)
 	NOT-FOR-US: SIMATIC
-CVE-2018-4843
+CVE-2018-4843 (A vulnerability has been identified in SIMATIC CP 343-1 Advanced (All  ...)
 	NOT-FOR-US: SIMATIC
-CVE-2018-4842
+CVE-2018-4842 (A vulnerability has been identified in SCALANCE X-200 IRT (All version ...)
 	NOT-FOR-US: Siemens SCALANCE X switches
-CVE-2018-4841
+CVE-2018-4841 (A vulnerability has been identified in TIM 1531 IRC (All versions &lt; ...)
 	NOT-FOR-US: TIM
-CVE-2018-4840
+CVE-2018-4840 (A vulnerability has been identified in Siemens DIGSI 4 (All versions & ...)
 	NOT-FOR-US: Siemens
-CVE-2018-4839
+CVE-2018-4839 (A vulnerability has been identified in Siemens DIGSI 4 (All versions & ...)
 	NOT-FOR-US: Siemens
-CVE-2018-4838
+CVE-2018-4838 (A vulnerability has been identified in Siemens EN100 Ethernet module I ...)
 	NOT-FOR-US: Siemens
-CVE-2018-4837
+CVE-2018-4837 (A vulnerability has been identified in TeleControl Server Basic &lt; V ...)
 	NOT-FOR-US: Siemens / TeleControl Server Basic
-CVE-2018-4836
+CVE-2018-4836 (A vulnerability has been identified in TeleControl Server Basic &lt; V ...)
 	NOT-FOR-US: Siemens / TeleControl Server Basic
-CVE-2018-4835
+CVE-2018-4835 (A vulnerability has been identified in TeleControl Server Basic &lt; V ...)
 	NOT-FOR-US: Siemens / TeleControl Server Basic
-CVE-2018-4834
+CVE-2018-4834 (A vulnerability has been identified in Desigo Automation Controllers C ...)
 	NOT-FOR-US: Desigo
-CVE-2018-4833
+CVE-2018-4833 (A vulnerability has been identified in RFID 181-EIP (All versions), RU ...)
 	NOT-FOR-US: Siemens
-CVE-2018-4832
+CVE-2018-4832 (A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All ...)
 	NOT-FOR-US: Siemens
 CVE-2018-4831
 	RESERVED
@@ -43348,7 +43348,7 @@ CVE-2018-4406
 	RESERVED
 CVE-2018-4405
 	RESERVED
-CVE-2018-4404
+CVE-2018-4404 (In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory corr ...)
 	NOT-FOR-US: Apple
 CVE-2018-4403
 	RESERVED
@@ -43532,7 +43532,7 @@ CVE-2018-4332
 	RESERVED
 CVE-2018-4331
 	RESERVED
-CVE-2018-4330
+CVE-2018-4330 (In iOS before 11.4, a memory corruption issue exists and was addressed ...)
 	NOT-FOR-US: Apple
 CVE-2018-4329
 	RESERVED
@@ -43637,7 +43637,7 @@ CVE-2018-4299
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4298
+CVE-2018-4298 (In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra,  ...)
 	NOT-FOR-US: Apple
 CVE-2018-4297
 	RESERVED
@@ -43674,17 +43674,17 @@ CVE-2018-4283
 	RESERVED
 CVE-2018-4282
 	RESERVED
-CVE-2018-4281
+CVE-2018-4281 (In SwiftNIO before 1.8.0, a buffer overflow was addressed with improve ...)
 	NOT-FOR-US: Apple
 CVE-2018-4280
 	RESERVED
 CVE-2018-4279
 	RESERVED
-CVE-2018-4278
+CVE-2018-4278 (In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11 ...)
 	- webkit2gtk 2.20.4-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
-CVE-2018-4277
+CVE-2018-4277 (In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari ...)
 	NOT-FOR-US: Apple
 CVE-2018-4276
 	RESERVED
@@ -43741,7 +43741,7 @@ CVE-2018-4263
 	- webkit2gtk 2.20.4-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
-CVE-2018-4262
+CVE-2018-4262 (In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11 ...)
 	- webkit2gtk 2.20.4-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
@@ -43754,174 +43754,174 @@ CVE-2018-4260
 	RESERVED
 CVE-2018-4259
 	RESERVED
-CVE-2018-4258
+CVE-2018-4258 (In macOS High Sierra before 10.13.5, a buffer overflow was addressed w ...)
 	NOT-FOR-US: Apple
-CVE-2018-4257
+CVE-2018-4257 (In macOS High Sierra before 10.13.5, a buffer overflow was addressed w ...)
 	NOT-FOR-US: Apple
-CVE-2018-4256
+CVE-2018-4256 (In macOS High Sierra before 10.13.5, an out-of-bounds read was address ...)
 	NOT-FOR-US: Apple
-CVE-2018-4255
+CVE-2018-4255 (In macOS High Sierra before 10.13.5, an out-of-bounds read was address ...)
 	NOT-FOR-US: Apple
-CVE-2018-4254
+CVE-2018-4254 (In macOS High Sierra before 10.13.5, an input validation issue existed ...)
 	NOT-FOR-US: Apple
-CVE-2018-4253
+CVE-2018-4253 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4252
+CVE-2018-4252 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4251
+CVE-2018-4251 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4250
+CVE-2018-4250 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4249
+CVE-2018-4249 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
 CVE-2018-4248
 	RESERVED
-CVE-2018-4247
+CVE-2018-4247 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4246
+CVE-2018-4246 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	- webkit2gtk 2.20.4-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0006.html
 CVE-2018-4245
 	RESERVED
-CVE-2018-4244
+CVE-2018-4244 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4243
+CVE-2018-4243 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4242
+CVE-2018-4242 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4241
+CVE-2018-4241 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4240
+CVE-2018-4240 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4239
+CVE-2018-4239 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4238
+CVE-2018-4238 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4237
+CVE-2018-4237 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4236
+CVE-2018-4236 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4235
+CVE-2018-4235 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4234
+CVE-2018-4234 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4233
+CVE-2018-4233 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4232
+CVE-2018-4232 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
 CVE-2018-4231
 	RESERVED
-CVE-2018-4230
+CVE-2018-4230 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4229
+CVE-2018-4229 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4228
+CVE-2018-4228 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4227
+CVE-2018-4227 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4226
+CVE-2018-4226 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4225
+CVE-2018-4225 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4224
+CVE-2018-4224 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4223
+CVE-2018-4223 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4222
+CVE-2018-4222 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4221
+CVE-2018-4221 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4220
+CVE-2018-4220 (An issue was discovered in certain Apple products. Swift before 4.1.1  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4219
+CVE-2018-4219 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4218
+CVE-2018-4218 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4217
+CVE-2018-4217 (In macOS High Sierra before 10.13.5, a privacy issue in the handling o ...)
 	NOT-FOR-US: Apple
 CVE-2018-4216
 	RESERVED
-CVE-2018-4215
+CVE-2018-4215 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4214
+CVE-2018-4214 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4213
+CVE-2018-4213 (In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ...)
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4212
+CVE-2018-4212 (In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ...)
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4211
+CVE-2018-4211 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4210
+CVE-2018-4210 (In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS befo ...)
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4209
+CVE-2018-4209 (In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ...)
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4208
+CVE-2018-4208 (In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ...)
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4207
+CVE-2018-4207 (In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ...)
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4206
+CVE-2018-4206 (An issue was discovered in certain Apple products. iOS before 11.3.1 i ...)
 	NOT-FOR-US: Apple
-CVE-2018-4205
+CVE-2018-4205 (An issue was discovered in certain Apple products. Safari before 11.1. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4204
+CVE-2018-4204 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	- webkit2gtk 2.20.1-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0004.html
 	NOTE: Not covered by security support
 CVE-2018-4203
 	RESERVED
-CVE-2018-4202
+CVE-2018-4202 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple (iBooks component)
-CVE-2018-4201
+CVE-2018-4201 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	- webkit2gtk 2.20.1-2 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4200
+CVE-2018-4200 (An issue was discovered in certain Apple products. iOS before 11.3.1 i ...)
 	- webkit2gtk 2.20.2-1 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0004.html
 	NOTE: Not covered by security support
-CVE-2018-4199
+CVE-2018-4199 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4198
+CVE-2018-4198 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Apple (UIKit component)
 CVE-2018-4197
 	RESERVED
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4196
+CVE-2018-4196 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple (Accessibility Framework component)
 CVE-2018-4195
 	RESERVED
-CVE-2018-4194
+CVE-2018-4194 (In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4193
+CVE-2018-4193 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple (Windows Server component)
-CVE-2018-4192
+CVE-2018-4192 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	- webkit2gtk 2.20.1-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
@@ -43930,283 +43930,283 @@ CVE-2018-4191
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0007.html
 	NOTE: Not covered by security support
-CVE-2018-4190
+CVE-2018-4190 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	- webkit2gtk 2.20.3-1 (unimportant)
 	NOTE: Not covered by security support
 	NOTE: https://webkitgtk.org/security/WSA-2018-0005.html
-CVE-2018-4189
+CVE-2018-4189 (In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Updat ...)
 	NOT-FOR-US: Apple
-CVE-2018-4188
+CVE-2018-4188 (An issue was discovered in certain Apple products. iOS before 11.4 is  ...)
 	NOT-FOR-US: Safari
-CVE-2018-4187
+CVE-2018-4187 (An issue was discovered in certain Apple products. iOS before 11.3.1 i ...)
 	NOT-FOR-US: Apple (LinkPresentation component)
-CVE-2018-4186
+CVE-2018-4186 (In Safari before 11.1, an information leakage issue existed in the han ...)
 	NOT-FOR-US: Apple
-CVE-2018-4185
+CVE-2018-4185 (In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS be ...)
 	NOT-FOR-US: Apple
-CVE-2018-4184
+CVE-2018-4184 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple (Speech component)
-CVE-2018-4183
+CVE-2018-4183 (In macOS High Sierra before 10.13.5, an access issue was addressed wit ...)
 	- cups <not-affected> (MacOS X specific issue)
 	NOTE: Fixed by: https://github.com/apple/cups/commit/d47f6aec436e0e9df6554436e391471097686ecc
-CVE-2018-4182
+CVE-2018-4182 (In macOS High Sierra before 10.13.5, an access issue was addressed wit ...)
 	- cups <not-affected> (MacOS X specific issue)
 	NOTE: Fixed by: https://github.com/apple/cups/commit/d47f6aec436e0e9df6554436e391471097686ecc
-CVE-2018-4181
+CVE-2018-4181 (In macOS High Sierra before 10.13.5, an issue existed in CUPS. This is ...)
 	{DSA-4243-1 DLA-1426-1}
 	- cups 2.2.8-2
 	NOTE: Fixed by: https://github.com/apple/cups/commit/d47f6aec436e0e9df6554436e391471097686ecc
-CVE-2018-4180
+CVE-2018-4180 (In macOS High Sierra before 10.13.5, an issue existed in CUPS. This is ...)
 	{DSA-4243-1 DLA-1426-1}
 	- cups 2.2.8-2
 	NOTE: Fixed by: https://github.com/apple/cups/commit/d47f6aec436e0e9df6554436e391471097686ecc
-CVE-2018-4179
+CVE-2018-4179 (In macOS High Sierra before 10.13.4, there was an issue with the handl ...)
 	NOT-FOR-US: Apple
 CVE-2018-4178
 	RESERVED
 CVE-2018-4177
 	RESERVED
-CVE-2018-4176
+CVE-2018-4176 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4175
+CVE-2018-4175 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4174
+CVE-2018-4174 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4173
+CVE-2018-4173 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4172
+CVE-2018-4172 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4171
+CVE-2018-4171 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4170
+CVE-2018-4170 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4169
+CVE-2018-4169 (In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra,  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4168
+CVE-2018-4168 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4167
+CVE-2018-4167 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4166
+CVE-2018-4166 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4165
+CVE-2018-4165 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4164
+CVE-2018-4164 (An issue was discovered in certain Apple products. Xcode before 9.3 is ...)
 	NOT-FOR-US: Apple
-CVE-2018-4163
+CVE-2018-4163 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4162
+CVE-2018-4162 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4161
+CVE-2018-4161 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4160
+CVE-2018-4160 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4159
+CVE-2018-4159 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4158
+CVE-2018-4158 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4157
+CVE-2018-4157 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4156
+CVE-2018-4156 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4155
+CVE-2018-4155 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4154
+CVE-2018-4154 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
 CVE-2018-4153
 	RESERVED
-CVE-2018-4152
+CVE-2018-4152 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4151
+CVE-2018-4151 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4150
+CVE-2018-4150 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4149
+CVE-2018-4149 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4148
+CVE-2018-4148 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4147
+CVE-2018-4147 (In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4146
+CVE-2018-4146 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
 CVE-2018-4145
 	RESERVED
-CVE-2018-4144
+CVE-2018-4144 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4143
+CVE-2018-4143 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4142
+CVE-2018-4142 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4141
+CVE-2018-4141 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4140
+CVE-2018-4140 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4139
+CVE-2018-4139 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4138
+CVE-2018-4138 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: NVIDIA graphics driver for MacOS
-CVE-2018-4137
+CVE-2018-4137 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4136
+CVE-2018-4136 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4135
+CVE-2018-4135 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4134
+CVE-2018-4134 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4133
+CVE-2018-4133 (An issue was discovered in certain Apple products. Safari before 11.1  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4132
+CVE-2018-4132 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Intel graphics driver for MacOS
-CVE-2018-4131
+CVE-2018-4131 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4130
+CVE-2018-4130 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4129
+CVE-2018-4129 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4128
+CVE-2018-4128 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4127
+CVE-2018-4127 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
 CVE-2018-4126
 	RESERVED
-CVE-2018-4125
+CVE-2018-4125 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4124
+CVE-2018-4124 (An issue was discovered in certain Apple products. iOS before 11.2.6 i ...)
 	NOT-FOR-US: Apple
-CVE-2018-4123
+CVE-2018-4123 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4122
+CVE-2018-4122 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4121
+CVE-2018-4121 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0004.html
 	NOTE: Not covered by security support
-CVE-2018-4120
+CVE-2018-4120 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4119
+CVE-2018-4119 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4118
+CVE-2018-4118 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4117
+CVE-2018-4117 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4116
+CVE-2018-4116 (An issue was discovered in certain Apple products. Safari before 11.1  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4115
+CVE-2018-4115 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4114
+CVE-2018-4114 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4113
+CVE-2018-4113 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4112
+CVE-2018-4112 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4111
+CVE-2018-4111 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4110
+CVE-2018-4110 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4109
+CVE-2018-4109 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	NOT-FOR-US: Apple
-CVE-2018-4108
+CVE-2018-4108 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4107
+CVE-2018-4107 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4106
+CVE-2018-4106 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4105
+CVE-2018-4105 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4104
+CVE-2018-4104 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	NOT-FOR-US: Apple
 CVE-2018-4103
 	RESERVED
-CVE-2018-4102
+CVE-2018-4102 (An issue was discovered in certain Apple products. Safari before 11.1  ...)
 	NOT-FOR-US: Apple
-CVE-2018-4101
+CVE-2018-4101 (An issue was discovered in certain Apple products. iOS before 11.3 is  ...)
 	- webkit2gtk 2.20.0-2 (unimportant)
 	NOTE: https://webkitgtk.org/security/WSA-2018-0003.html
 	NOTE: Not covered by security support
-CVE-2018-4100
+CVE-2018-4100 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	NOT-FOR-US: Apple
 CVE-2018-4099
 	RESERVED
-CVE-2018-4098
+CVE-2018-4098 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4097
+CVE-2018-4097 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4096
+CVE-2018-4096 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2018-4095
+CVE-2018-4095 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	NOT-FOR-US: Apple bluetoothd
 	NOTE: https://blog.zimperium.com/cve-2018-4087-poc-escaping-sandbox-misleading-bluetoothd/
-CVE-2018-4094
+CVE-2018-4094 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	NOT-FOR-US: Apple
-CVE-2018-4093
+CVE-2018-4093 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	NOT-FOR-US: Apple
-CVE-2018-4092
+CVE-2018-4092 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	NOT-FOR-US: Apple
-CVE-2018-4091
+CVE-2018-4091 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4090
+CVE-2018-4090 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	NOT-FOR-US: Apple
-CVE-2018-4089
+CVE-2018-4089 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2018-4088
+CVE-2018-4088 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	- webkit2gtk 2.18.6-1 (unimportant)
 	[stretch] - webkit2gtk 2.18.6-1~deb9u1
 	NOTE: https://webkitgtk.org/security/WSA-2018-0002.html
 	NOTE: Not covered by security support
-CVE-2018-4087
+CVE-2018-4087 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	NOT-FOR-US: Apple bluetoothd
 	NOTE: https://blog.zimperium.com/cve-2018-4087-poc-escaping-sandbox-misleading-bluetoothd/
-CVE-2018-4086
+CVE-2018-4086 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	NOT-FOR-US: Apple
-CVE-2018-4085
+CVE-2018-4085 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	NOT-FOR-US: Apple
-CVE-2018-4084
+CVE-2018-4084 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4083
+CVE-2018-4083 (An issue was discovered in certain Apple products. macOS before 10.13. ...)
 	NOT-FOR-US: Apple
-CVE-2018-4082
+CVE-2018-4082 (An issue was discovered in certain Apple products. iOS before 11.2.5 i ...)
 	NOT-FOR-US: Apple
 CVE-2018-4081
 	RESERVED
@@ -44262,12 +44262,12 @@ CVE-2018-4058
 	- coturn 4.5.1.0-1
 CVE-2018-4057
 	REJECTED
-CVE-2018-4056
+CVE-2018-4056 (An exploitable SQL injection vulnerability exists in the administrator ...)
 	{DSA-4373-1 DLA-1671-1}
 	- coturn 4.5.1.0-1
-CVE-2018-4055
+CVE-2018-4055 (A local privilege escalation vulnerability exists in the install helpe ...)
 	TODO: check
-CVE-2018-4054
+CVE-2018-4054 (A local privilege escalation vulnerability exists in the install helpe ...)
 	TODO: check
 CVE-2018-4053
 	RESERVED
@@ -44281,37 +44281,37 @@ CVE-2018-4049
 	RESERVED
 CVE-2018-4048
 	RESERVED
-CVE-2018-4047
+CVE-2018-4047 (An exploitable privilege escalation vulnerability exists in the helper ...)
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4046
+CVE-2018-4046 (An exploitable denial-of-service vulnerability exists in the helper se ...)
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4045
+CVE-2018-4045 (An exploitable privilege escalation vulnerability exists in the helper ...)
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4044
+CVE-2018-4044 (An exploitable privilege escalation vulnerability exists in the helper ...)
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4043
+CVE-2018-4043 (An exploitable privilege escalation vulnerability exists in the Clean  ...)
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4042
+CVE-2018-4042 (An exploitable privilege escalation vulnerability exists in the helper ...)
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4041
+CVE-2018-4041 (An exploitable privilege escalation vulnerability exists in the helper ...)
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4040
+CVE-2018-4040 (An exploitable uninitialized pointer vulnerability exists in the rich  ...)
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-4039
+CVE-2018-4039 (An exploitable out-of-bounds write vulnerability exists in the PNG imp ...)
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-4038
+CVE-2018-4038 (An exploitable arbitrary write vulnerability exists in the open docume ...)
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-4037
+CVE-2018-4037 (The CleanMyMac X software contains an exploitable privilege escalation ...)
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4036
+CVE-2018-4036 (The CleanMyMac X software contains an exploitable privilege escalation ...)
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4035
+CVE-2018-4035 (The CleanMyMac X software contains an exploitable privilege escalation ...)
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4034
+CVE-2018-4034 (The CleanMyMac X software contains an exploitable privilege escalation ...)
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4033
+CVE-2018-4033 (The CleanMyMac X software contains an exploitable privilege escalation ...)
 	NOT-FOR-US: Clean My Mac X
-CVE-2018-4032
+CVE-2018-4032 (An exploitable privilege escalation vulnerability exists in the way th ...)
 	NOT-FOR-US: Clean My Mac X
 CVE-2018-4031
 	RESERVED
@@ -44331,17 +44331,17 @@ CVE-2018-4024
 	RESERVED
 CVE-2018-4023
 	RESERVED
-CVE-2018-4022
+CVE-2018-4022 (A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v2 ...)
 	- mkvtoolnix 28.2.0-1
 	[stretch] - mkvtoolnix <not-affected> (Vulnerable code introduced later)
 	[jessie] - mkvtoolnix <not-affected> (vulnerable code is not present)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2018-0694
 	NOTE: https://gitlab.com/mbunkus/mkvtoolnix/commit/43021d16c7bcd3f9f70214827755a5163782b633
-CVE-2018-4021
+CVE-2018-4021 (An exploitable command injection vulnerability exists in the way Netga ...)
 	NOT-FOR-US: pfSense
-CVE-2018-4020
+CVE-2018-4020 (An exploitable command injection vulnerability exists in the way Netga ...)
 	NOT-FOR-US: pfSense
-CVE-2018-4019
+CVE-2018-4019 (An exploitable command injection vulnerability exists in the way Netga ...)
 	NOT-FOR-US: pfSense
 CVE-2018-4018
 	RESERVED
@@ -44349,20 +44349,20 @@ CVE-2018-4017
 	RESERVED
 CVE-2018-4016
 	RESERVED
-CVE-2018-4015
+CVE-2018-4015 (An exploitable vulnerability exists in the HTTP client functionality o ...)
 	NOT-FOR-US: Webroot BrightCloud SDK
 CVE-2018-4014
 	RESERVED
-CVE-2018-4013
+CVE-2018-4013 (An exploitable code execution vulnerability exists in the HTTP packet- ...)
 	{DSA-4343-1 DLA-1582-1}
 	- liblivemedia 2018.10.17-1
 	NOTE: http://lists.live555.com/pipermail/live-devel/2018-October/021071.html
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684
-CVE-2018-4012
+CVE-2018-4012 (An exploitable buffer overflow vulnerability exists in the HTTP header ...)
 	NOT-FOR-US: Webroot BrightCloud SDK
 CVE-2018-4011
 	RESERVED
-CVE-2018-4010
+CVE-2018-4010 (An exploitable code execution vulnerability exists in the connect func ...)
 	NOT-FOR-US: ProtonVPN client
 CVE-2018-4009
 	RESERVED
@@ -44380,55 +44380,55 @@ CVE-2018-4003
 	RESERVED
 CVE-2018-4002
 	RESERVED
-CVE-2018-4001
+CVE-2018-4001 (An exploitable uninitialized pointer vulnerability exists in the Offic ...)
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-4000
+CVE-2018-4000 (An exploitable double-free vulnerability exists in the Office Open XML ...)
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-3999
+CVE-2018-3999 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-3998
+CVE-2018-3998 (An exploitable heap-based buffer overflow vulnerability exists in the  ...)
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-3997
+CVE-2018-3997 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2018-3996
+CVE-2018-3996 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's PDF Reader
-CVE-2018-3995
+CVE-2018-3995 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's PDF Reader
-CVE-2018-3994
+CVE-2018-3994 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's PDF Reader
-CVE-2018-3993
+CVE-2018-3993 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's PDF Reader
-CVE-2018-3992
+CVE-2018-3992 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's PDF Reader
-CVE-2018-3991
+CVE-2018-3991 (An exploitable heap overflow vulnerability exists in the WkbProgramLow ...)
 	NOT-FOR-US: WibuKey
-CVE-2018-3990
+CVE-2018-3990 (An exploitable pool corruption vulnerability exists in the 0x8200E804  ...)
 	NOT-FOR-US: WibuKey
-CVE-2018-3989
+CVE-2018-3989 (An exploitable kernel memory disclosure vulnerability exists in the 0x ...)
 	NOT-FOR-US: WibuKey
-CVE-2018-3988
+CVE-2018-3988 (Signal Messenger for Android 4.24.8 may expose private information whe ...)
 	NOT-FOR-US: Signal Messenger
 CVE-2018-3987
 	RESERVED
-CVE-2018-3986
+CVE-2018-3986 (An exploitable information disclosure vulnerability exists in the "Sec ...)
 	NOT-FOR-US: Telegram Android
 CVE-2018-3985
 	RESERVED
-CVE-2018-3984
+CVE-2018-3984 (An exploitable uninitialized length vulnerability exists within the Wo ...)
 	NOT-FOR-US: Atlantis Word Processor
 CVE-2018-3983
 	RESERVED
-CVE-2018-3982
+CVE-2018-3982 (An exploitable arbitrary write vulnerability exists in the Word docume ...)
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-3981
+CVE-2018-3981 (An exploitable out-of-bounds write exists in the TIFF-parsing function ...)
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-3980
+CVE-2018-3980 (An exploitable out-of-bounds write exists in the TIFF-parsing function ...)
 	NOT-FOR-US: Canvas Draw
 CVE-2018-3979
 	RESERVED
-CVE-2018-3978
+CVE-2018-3978 (An exploitable out-of-bounds write vulnerability exists in the Word Do ...)
 	NOT-FOR-US: Atlantis Word Processor
-CVE-2018-3977
+CVE-2018-3977 (An exploitable code execution vulnerability exists in the XCF image re ...)
 	- libsdl2-image 2.0.3+dfsg1-3 (bug #912617)
 	[stretch] - libsdl2-image <no-dsa> (Minor issue)
 	[jessie] - libsdl2-image <no-dsa> (Minor issue)
@@ -44437,331 +44437,331 @@ CVE-2018-3977
 	[jessie] - sdl-image1.2 <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2018-0645
 	NOTE: https://hg.libsdl.org/SDL_image/rev/170d7d32e4a8
-CVE-2018-3976
+CVE-2018-3976 (An exploitable out-of-bounds write exists in the CALS Raster file form ...)
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3975
+CVE-2018-3975 (An exploitable uninitialized variable vulnerability exists in the RTF- ...)
 	NOT-FOR-US: Atlantis Word Processor
 CVE-2018-3974
 	RESERVED
-CVE-2018-3973
+CVE-2018-3973 (An exploitable out of bounds write exists in the CAL parsing functiona ...)
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3972
+CVE-2018-3972 (An exploitable code execution vulnerability exists in the Levin deseri ...)
 	NOT-FOR-US: Epee library
-CVE-2018-3971
+CVE-2018-3971 (An exploitable arbitrary write vulnerability exists in the 0x2222CC IO ...)
 	NOT-FOR-US: Sophos
-CVE-2018-3970
+CVE-2018-3970 (An exploitable memory disclosure vulnerability exists in the 0x222000  ...)
 	NOT-FOR-US: Sophos
 CVE-2018-3969
 	RESERVED
 CVE-2018-3968
 	RESERVED
-CVE-2018-3967
+CVE-2018-3967 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3966
+CVE-2018-3966 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3965
+CVE-2018-3965 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3964
+CVE-2018-3964 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
 CVE-2018-3963
 	RESERVED
-CVE-2018-3962
+CVE-2018-3962 (A use-after-free vulnerability exists in the JavaScript engine of Foxi ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3961
+CVE-2018-3961 (A use-after-free vulnerability exists in the JavaScript engine of Foxi ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3960
+CVE-2018-3960 (A use-after-free vulnerability exists in the JavaScript engine of Foxi ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3959
+CVE-2018-3959 (A use-after-free vulnerability exists in the JavaScript engine of Foxi ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3958
+CVE-2018-3958 (A use-after-free vulnerability exists in the JavaScript engine of Foxi ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3957
+CVE-2018-3957 (A use-after-free vulnerability exists in the JavaScript engine of Foxi ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3956
+CVE-2018-3956 (An exploitable out-of-bounds read vulnerability exists in the handling ...)
 	NOT-FOR-US: Foxit
-CVE-2018-3955
+CVE-2018-3955 (An exploitable operating system command injection exists in the Linksy ...)
 	NOT-FOR-US: Linksys
-CVE-2018-3954
+CVE-2018-3954 (Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware ...)
 	NOT-FOR-US: Linksys
-CVE-2018-3953
+CVE-2018-3953 (Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware ...)
 	NOT-FOR-US: Linksys
-CVE-2018-3952
+CVE-2018-3952 (An exploitable code execution vulnerability exists in the connect func ...)
 	NOT-FOR-US: NordVPN
-CVE-2018-3951
+CVE-2018-3951 (An exploitable remote code execution vulnerability exists in the HTTP  ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-3950
+CVE-2018-3950 (An exploitable remote code execution vulnerability exists in the ping  ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-3949
+CVE-2018-3949 (An exploitable information disclosure vulnerability exists in the HTTP ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-3948
+CVE-2018-3948 (An exploitable denial-of-service vulnerability exists in the URI-parsi ...)
 	NOT-FOR-US: TP-Link
-CVE-2018-3947
+CVE-2018-3947 (An exploitable information disclosure vulnerability exists in the phon ...)
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3946
+CVE-2018-3946 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3945
+CVE-2018-3945 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3944
+CVE-2018-3944 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3943
+CVE-2018-3943 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3942
+CVE-2018-3942 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3941
+CVE-2018-3941 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3940
+CVE-2018-3940 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit Software's Foxit PDF Reader
-CVE-2018-3939
+CVE-2018-3939 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit
-CVE-2018-3938
+CVE-2018-3938 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Sony
-CVE-2018-3937
+CVE-2018-3937 (An exploitable command injection vulnerability exists in the measureme ...)
 	NOT-FOR-US: Sony
-CVE-2018-3936
+CVE-2018-3936 (In Antenna House Office Server Document Converter version V6.1 Pro MR2 ...)
 	NOT-FOR-US: Antenna House Office Server Document Converter
-CVE-2018-3935
+CVE-2018-3935 (An exploitable code execution vulnerability exists in the UDP network  ...)
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3934
+CVE-2018-3934 (An exploitable code execution vulnerability exists in the firmware upd ...)
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3933
+CVE-2018-3933 (An exploitable out-of-bounds write exists in the Microsoft Word docume ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-3932
+CVE-2018-3932 (An exploitable stack-based buffer overflow exists in the Microsoft Wor ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-3931
+CVE-2018-3931 (In Antenna House Office Server Document Converter version V6.1 Pro MR2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-3930
+CVE-2018-3930 (In Antenna House Office Server Document Converter version V6.1 Pro MR2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-3929
+CVE-2018-3929 (An exploitable heap corruption exists in the PowerPoint document conve ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-3928
+CVE-2018-3928 (An exploitable code execution vulnerability exists in the firmware upd ...)
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3927
+CVE-2018-3927 (An exploitable information disclosure vulnerability exists in the cras ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3926
+CVE-2018-3926 (An exploitable integer underflow vulnerability exists in the ZigBee fi ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3925
+CVE-2018-3925 (An exploitable buffer overflow vulnerability exists in the remote vide ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3924
+CVE-2018-3924 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2018-3923
+CVE-2018-3923 (A memory corruption vulnerability exists in the PCX-parsing functional ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3922
+CVE-2018-3922 (A memory corruption vulnerability exists in the ANI-parsing functional ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3921
+CVE-2018-3921 (A memory corruption vulnerability exists in the PSD-parsing functional ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3920
+CVE-2018-3920 (An exploitable code execution vulnerability exists in the firmware upd ...)
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3919
+CVE-2018-3919 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3918
+CVE-2018-3918 (An exploitable vulnerability exists in the remote servers of Samsung S ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3917
+CVE-2018-3917 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0 ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3916
+CVE-2018-3916 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3915
+CVE-2018-3915 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3914
+CVE-2018-3914 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3913
+CVE-2018-3913 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3912
+CVE-2018-3912 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0 ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3911
+CVE-2018-3911 (An exploitable HTTP header injection vulnerability exists in the remot ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3910
+CVE-2018-3910 (An exploitable code execution vulnerability exists in the cloud OTA se ...)
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3909
+CVE-2018-3909 (An exploitable vulnerability exists in the REST parser of video-core's ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3908
+CVE-2018-3908 (An exploitable vulnerability exists in the REST parser of video-core's ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250-Firmware
-CVE-2018-3907
+CVE-2018-3907 (An exploitable vulnerability exists in the REST parser of video-core's ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3906
+CVE-2018-3906 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3905
+CVE-2018-3905 (An exploitable buffer overflow vulnerability exists in the camera "cre ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3904
+CVE-2018-3904 (An exploitable buffer overflow vulnerability exists in the camera 'upd ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3903
+CVE-2018-3903 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0 ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3902
+CVE-2018-3902 (An exploitable buffer overflow vulnerability exists in the camera "rep ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
 CVE-2018-3901
 	RESERVED
-CVE-2018-3900
+CVE-2018-3900 (An exploitable code execution vulnerability exists in the QR code scan ...)
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3899
+CVE-2018-3899 (An exploitable code execution vulnerability exists in the QR code scan ...)
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3898
+CVE-2018-3898 (An exploitable code execution vulnerability exists in the QR code scan ...)
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3897
+CVE-2018-3897 (An exploitable buffer overflow vulnerabilities exist in the /cameras/X ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3896
+CVE-2018-3896 (An exploitable buffer overflow vulnerabilities exist in the /cameras/X ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3895
+CVE-2018-3895 (An exploitable buffer overflow vulnerability exists in the /cameras/XX ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 Firmware
-CVE-2018-3894
+CVE-2018-3894 (An exploitable buffer overflow vulnerability exists in the /cameras/XX ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3893
+CVE-2018-3893 (An exploitable buffer overflow vulnerability exists in the /cameras/XX ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3892
+CVE-2018-3892 (An exploitable firmware downgrade vulnerability exists in the time syn ...)
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3891
+CVE-2018-3891 (An exploitable firmware downgrade vulnerability exists in the firmware ...)
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3890
+CVE-2018-3890 (An exploitable code execution vulnerability exists in the firmware upd ...)
 	NOT-FOR-US: Yi Home Camera
-CVE-2018-3889
+CVE-2018-3889 (A specially crafted PCX image processed via the application can lead t ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3888
+CVE-2018-3888 (A memory corruption vulnerability exists in the PCX-parsing functional ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3887
+CVE-2018-3887 (A memory corruption vulnerability exists in the PCX-parsing functional ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3886
+CVE-2018-3886 (A memory corruption vulnerability exists in the PCX-parsing functional ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3885
+CVE-2018-3885 (An exploitable SQL injection vulnerability exists in the authenticated ...)
 	NOT-FOR-US: ERPNext
-CVE-2018-3884
+CVE-2018-3884 (An exploitable SQL injection vulnerability exists in the authenticated ...)
 	NOT-FOR-US: ERPNext
-CVE-2018-3883
+CVE-2018-3883 (An exploitable SQL injection vulnerability exists in the authenticated ...)
 	NOT-FOR-US: ERPNext
-CVE-2018-3882
+CVE-2018-3882 (An exploitable SQL injection vulnerability exists in the authenticated ...)
 	NOT-FOR-US: ERPNext
-CVE-2018-3881
+CVE-2018-3881 (An exploitable unauthenticated XML external injection vulnerability wa ...)
 	NOT-FOR-US: FocalScope
-CVE-2018-3880
+CVE-2018-3880 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3879
+CVE-2018-3879 (An exploitable JSON injection vulnerability exists in the credentials  ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3878
+CVE-2018-3878 (Multiple exploitable buffer overflow vulnerabilities exist in the cred ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3877
+CVE-2018-3877 (An exploitable buffer overflow vulnerability exists in the credentials ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3876
+CVE-2018-3876 (An exploitable buffer overflow vulnerability exists in the credentials ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3875
+CVE-2018-3875 (An exploitable buffer overflow vulnerability exists in the credentials ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3874
+CVE-2018-3874 (An exploitable buffer overflow vulnerability exists in the credentials ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3873
+CVE-2018-3873 (An exploitable buffer overflow vulnerability exists in the credentials ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3872
+CVE-2018-3872 (An exploitable buffer overflow vulnerability exists in the credentials ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3871
+CVE-2018-3871 (An exploitable out-of-bounds write exists in the PCX parsing functiona ...)
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3870
+CVE-2018-3870 (An exploitable out-of-bounds write exists in the PCX parsing functiona ...)
 	NOT-FOR-US: Canvas Draw
 CVE-2018-3869
 	RESERVED
-CVE-2018-3868
+CVE-2018-3868 (A specially crafted TIFF image processed via the application can lead  ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3867
+CVE-2018-3867 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3866
+CVE-2018-3866 (An exploitable buffer overflow vulnerability exists in the samsungWifi ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3865
+CVE-2018-3865 (An exploitable buffer overflow vulnerability exists in the Samsung Wif ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3864
+CVE-2018-3864 (An exploitable buffer overflow vulnerability exists in the Samsung Wif ...)
 	NOT-FOR-US: Samsung
-CVE-2018-3863
+CVE-2018-3863 (On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0 ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3862
+CVE-2018-3862 (A specially crafted TIFF image processed via the application can lead  ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3861
+CVE-2018-3861 (A specially crafted TIFF image processed via the application can lead  ...)
 	NOT-FOR-US: Computerinsel Photoline
-CVE-2018-3860
+CVE-2018-3860 (An exploitable out-of-bounds write exists in the TIFF parsing function ...)
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3859
+CVE-2018-3859 (An exploitable out-of-bounds write exists in the TIFF parsing function ...)
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3858
+CVE-2018-3858 (An exploitable heap overflow exists in the TIFF parsing functionality  ...)
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3857
+CVE-2018-3857 (An exploitable heap overflow exists in the TIFF parsing functionality  ...)
 	NOT-FOR-US: Canvas Draw
-CVE-2018-3856
+CVE-2018-3856 (An exploitable vulnerability exists in the smart cameras RTSP configur ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
-CVE-2018-3855
+CVE-2018-3855 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Li ...)
 	NOT-FOR-US: Hyland Perceptive Document Filters
-CVE-2018-3854
+CVE-2018-3854 (An exploitable information disclosure vulnerability exists in the pass ...)
 	NOT-FOR-US: Quicken
-CVE-2018-3853
+CVE-2018-3853 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2018-3852
+CVE-2018-3852 (An exploitable denial of service vulnerability exists in the Ocularis  ...)
 	NOT-FOR-US: Ocularis Recorder
-CVE-2018-3851
+CVE-2018-3851 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Li ...)
 	NOT-FOR-US: Hyland Perceptive Document Filters
-CVE-2018-3850
+CVE-2018-3850 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2018-3849
+CVE-2018-3849 (In the ffghtb function in NASA CFITSIO 3.42, specially crafted images  ...)
 	- cfitsio 3.430-1 (low; bug #892458)
 	[stretch] - cfitsio <no-dsa> (Minor issue)
 	[jessie] - cfitsio <no-dsa> (Minor issue)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0531
 	NOTE: Mitigated to a crash due to hardened build flags
-CVE-2018-3848
+CVE-2018-3848 (In the ffghbn function in NASA CFITSIO 3.42, specially crafted images  ...)
 	- cfitsio 3.430-1 (low; bug #892458)
 	[stretch] - cfitsio <no-dsa> (Minor issue)
 	[jessie] - cfitsio <no-dsa> (Minor issue)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0531
 	NOTE: Mitigated to a crash due to hardened build flags
-CVE-2018-3847
+CVE-2018-3847 (Multiple exploitable buffer overflow vulnerabilities exist in image pa ...)
 	- cfitsio 3.430-1 (low; bug #892458)
 	[stretch] - cfitsio <no-dsa> (Minor issue)
 	[jessie] - cfitsio <no-dsa> (Minor issue)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0530
-CVE-2018-3846
+CVE-2018-3846 (In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially cra ...)
 	- cfitsio 3.430-1 (low; bug #892458)
 	[stretch] - cfitsio <no-dsa> (Minor issue)
 	[jessie] - cfitsio <no-dsa> (Minor issue)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0529
 	NOTE: Mitigated to a crash due to hardened build flags
-CVE-2018-3845
+CVE-2018-3845 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Li ...)
 	NOT-FOR-US: Hyland Perceptive Document Filters
-CVE-2018-3844
+CVE-2018-3844 (In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Li ...)
 	NOT-FOR-US: Hyland Perceptive Document Filters
-CVE-2018-3843
+CVE-2018-3843 (An exploitable type confusion vulnerability exists in the way Foxit PD ...)
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2018-3842
+CVE-2018-3842 (An exploitable use of an uninitialized pointer vulnerability exists in ...)
 	NOT-FOR-US: Foxit PDF Reader
-CVE-2018-3841
+CVE-2018-3841 (A denial-of-service vulnerability exists in the Pixar Renderman IT Dis ...)
 	NOT-FOR-US: Renderman
-CVE-2018-3840
+CVE-2018-3840 (A denial-of-service vulnerability exists in the Pixar Renderman IT Dis ...)
 	NOT-FOR-US: Renderman
-CVE-2018-3839
+CVE-2018-3839 (An exploitable code execution vulnerability exists in the XCF image re ...)
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://hg.libsdl.org/SDL_image/rev/fb643e371806910f1973abfdfe7f981e8dba60f5
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0521
-CVE-2018-3838
+CVE-2018-3838 (An exploitable information vulnerability exists in the XCF image rende ...)
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://hg.libsdl.org/SDL_image/rev/c5f9cbb5d2bbcb2150ba0596ea56b49efeed660d
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0520
-CVE-2018-3837
+CVE-2018-3837 (An exploitable information disclosure vulnerability exists in the PCX  ...)
 	{DSA-4184-1 DSA-4177-1 DLA-1341-1}
 	- libsdl2-image 2.0.3+dfsg1-1
 	- sdl-image1.2 1.2.12-8
 	NOTE: https://hg.libsdl.org/SDL_image/rev/2938fc80591abeae74b971cbdf966eff3213297e
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0519
-CVE-2018-7442
+CVE-2018-7442 (An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutp ...)
 	- leptonlib 1.76.0-1 (bug #898439)
 	[stretch] - leptonlib <no-dsa> (Minor issue)
 	[jessie] - leptonlib <no-dsa> (Minor issue)
 	[wheezy] - leptonlib <ignored> (Minor issue)
 	NOTE: https://lists.debian.org/debian-lts/2018/02/msg00086.html
-CVE-2018-7441
+CVE-2018-7441 (Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might al ...)
 	- leptonlib 1.76.0-1 (unimportant)
 	NOTE: https://lists.debian.org/debian-lts/2018/02/msg00054.html
 	NOTE: Neutralised by kernel hardening
-CVE-2018-7440
+CVE-2018-7440 (An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutp ...)
 	{DLA-1302-1}
 	- leptonlib 1.75.3-3 (bug #891932)
 	[stretch] - leptonlib <not-affected> (Incomplete fix for CVE-2018-3836 not applied)
 	[jessie] - leptonlib <not-affected> (Incomplete fix for CVE-2018-3836 not applied)
 	NOTE: https://github.com/DanBloomberg/leptonica/issues/303#issuecomment-366472212
 	NOTE: https://github.com/DanBloomberg/leptonica/pull/313/commits/49ecb6c2dfd6ed5078c62f4a8eeff03e3beced3b
-CVE-2018-3836
+CVE-2018-3836 (An exploitable command injection vulnerability exists in the gplotMake ...)
 	{DLA-1284-1}
 	- leptonlib 1.75.3-1 (bug #889759)
 	[stretch] - leptonlib <no-dsa> (Minor issue)
@@ -44771,59 +44771,59 @@ CVE-2018-3836
 	NOTE: When fixing this issue make sure the fix is complete and includes as well
 	NOTE: https://github.com/DanBloomberg/leptonica/pull/313/commits/49ecb6c2dfd6ed5078c62f4a8eeff03e3beced3b
 	NOTE: to not open CVE-2018-7440.
-CVE-2018-3835
+CVE-2018-3835 (An exploitable out of bounds write vulnerability exists in version 2.2 ...)
 	NOT-FOR-US: Per Face Texture (PTEX)
-CVE-2018-3834
+CVE-2018-3834 (An exploitable permanent denial of service vulnerability exists in Ins ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2018-3833
+CVE-2018-3833 (An exploitable firmware downgrade vulnerability exists in Insteon Hub  ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2018-3832
+CVE-2018-3832 (An exploitable firmware update vulnerability exists in Insteon Hub run ...)
 	NOT-FOR-US: Insteon Hub
-CVE-2018-3831
+CVE-2018-3831 (Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6. ...)
 	- elasticsearch <removed>
-CVE-2018-3830
+CVE-2018-3830 (Kibana versions 5.3.0 to 6.4.1 had a cross-site scripting (XSS) vulner ...)
 	- kibana <itp> (bug #700337)
-CVE-2018-3829
+CVE-2018-3829 (In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was disco ...)
 	NOT-FOR-US: Elastic Cloud Enterprise
-CVE-2018-3828
+CVE-2018-3828 (Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an info ...)
 	NOT-FOR-US: Elastic Cloud Enterprise
-CVE-2018-3827
+CVE-2018-3827 (A sensitive data disclosure flaw was found in the Elasticsearch reposi ...)
 	NOT-FOR-US: Elasticsearch repository-azure
-CVE-2018-3826
+CVE-2018-3826 (In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was f ...)
 	- elasticsearch <removed>
-CVE-2018-3825
+CVE-2018-3825 (In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default ma ...)
 	NOT-FOR-US: Elastic Cloud Enterprise
-CVE-2018-3824
+CVE-2018-3824 (X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-si ...)
 	NOT-FOR-US: Elastic X-Pack Machine Learning
-CVE-2018-3823
+CVE-2018-3823 (X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-si ...)
 	NOT-FOR-US: Elastic X-Pack Machine Learning
-CVE-2018-3822
+CVE-2018-3822 (X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable to a u ...)
 	NOT-FOR-US: Elastic X-Pack Security
-CVE-2018-3821
+CVE-2018-3821 (Kibana versions after 5.1.1 and before 5.6.7 and 6.1.3 had a cross-sit ...)
 	- kibana <itp> (bug #700337)
-CVE-2018-3820
+CVE-2018-3820 (Kibana versions after 6.1.0 and before 6.1.3 had a cross-site scriptin ...)
 	- kibana <itp> (bug #700337)
-CVE-2018-3819
+CVE-2018-3819 (The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security ...)
 	- kibana <itp> (bug #700337)
-CVE-2018-3818
+CVE-2018-3818 (Kibana versions 5.1.1 to 6.1.2 and 5.6.6 had a cross-site scripting (X ...)
 	- kibana <itp> (bug #700337)
-CVE-2018-3817
+CVE-2018-3817 (When logging warnings regarding deprecated settings, Logstash before 5 ...)
 	- logstash <itp> (bug #664841)
 CVE-2018-3816
 	RESERVED
-CVE-2018-3815
+CVE-2018-3815 (The "XML Interface to Messaging, Scheduling, and Signaling" (XIMSS) pr ...)
 	NOT-FOR-US: CommuniGate Pro
-CVE-2018-3814
+CVE-2018-3814 (Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP co ...)
 	NOT-FOR-US: Craft CMS
-CVE-2018-3813
+CVE-2018-3813 (getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.16 ...)
 	NOT-FOR-US: FLIR Brickstream 2300 devices
 CVE-2018-3812
 	RESERVED
-CVE-2018-3811
+CVE-2018-3811 (SQL Injection vulnerability in the Oturia Smart Google Code Inserter p ...)
 	NOT-FOR-US: Oturia Smart Google Code Inserter plugin for WordPress
-CVE-2018-3810
+CVE-2018-3810 (Authentication Bypass vulnerability in the Oturia Smart Google Code In ...)
 	NOT-FOR-US: Oturia Smart Google Code Inserter plugin for WordPress
-CVE-2018-3809
+CVE-2018-3809 (Information exposure through directory listings in serve 6.5.3 allows  ...)
 	NOT-FOR-US: serve nodejs module
 CVE-2018-3808
 	RESERVED
@@ -44867,47 +44867,47 @@ CVE-2018-3789
 	RESERVED
 CVE-2018-3788
 	RESERVED
-CVE-2018-3787
+CVE-2018-3787 (Path traversal in simplehttpserver &lt;v0.2.1 allows listing any file  ...)
 	NOT-FOR-US: simplehttpserver node module
-CVE-2018-3786
+CVE-2018-3786 (A command injection vulnerability in egg-scripts &lt;v2.8.1 allows arb ...)
 	NOT-FOR-US: egg-scripts
-CVE-2018-3785
+CVE-2018-3785 (A command injection in git-dummy-commit v1.3.0 allows os level command ...)
 	NOT-FOR-US: Node.js third-party module git-dummy-commit
-CVE-2018-3784
+CVE-2018-3784 (A code injection in cryo 0.0.6 allows an attacker to arbitrarily execu ...)
 	NOT-FOR-US: cryo
-CVE-2018-3783
+CVE-2018-3783 (A privilege escalation detected in flintcms versions &lt;= 1.1.9 allow ...)
 	NOT-FOR-US: flintcms
 CVE-2018-3782
 	REJECTED
-CVE-2018-3781
+CVE-2018-3781 (A missing sanitization of search results for an autocomplete field in  ...)
 	NOT-FOR-US: NextCloud Talk
-CVE-2018-3780
+CVE-2018-3780 (A missing sanitization of search results for an autocomplete field in  ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2018-3779
+CVE-2018-3779 (active-support ruby gem 5.2.0 could allow a remote attacker to execute ...)
 	NOT-FOR-US: Trojaned gem release
-CVE-2018-3778
+CVE-2018-3778 (Improper authorization in aedes version &lt;0.35.0 will publish a LWT  ...)
 	NOT-FOR-US: aedes
-CVE-2018-3777
+CVE-2018-3777 (Insufficient URI encoding in restforce before 3.0.0 allows attacker to ...)
 	NOT-FOR-US: restforce
-CVE-2018-3776
+CVE-2018-3776 (Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0. ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2018-3775
+CVE-2018-3775 (Improper Authentication in Nextcloud Server prior to version 12.0.3 wo ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2018-3774
+CVE-2018-3774 (Incorrect parsing in url-parse &lt;1.4.3 returns wrong hostname which  ...)
 	- node-url-parse <unfixed> (unimportant; bug #906058)
 	NOTE: https://hackerone.com/reports/384029
 	NOTE: https://github.com/unshiftio/url-parse/commit/53b1794e54d0711ceb52505e0f74145270570d5a
 	NOTE: https://github.com/unshiftio/url-parse/commit/d7b582ec1243e8024e60ac0b62d2569c939ef5de
 	NOTE: nodejs not covered by security support
-CVE-2018-3773
+CVE-2018-3773 (There is a stored Cross-Site Scripting vulnerability in Open Graph met ...)
 	NOT-FOR-US: metascrape nodejs module
-CVE-2018-3772
+CVE-2018-3772 (Concatenating unsanitized user input in the `whereis` npm module &lt;  ...)
 	NOT-FOR-US: whereis nodejs module
-CVE-2018-3771
+CVE-2018-3771 (An XSS in statics-server &lt;= 0.0.9 can be used via injected iframe i ...)
 	NOT-FOR-US: statics-server nodejs module
-CVE-2018-3770
+CVE-2018-3770 (A path traversal exists in markdown-pdf version &lt;9.0.0 that allows  ...)
 	NOT-FOR-US: markdown-pdf nodejs module
-CVE-2018-3769
+CVE-2018-3769 (ruby-grape ruby gem suffers from a cross-site scripting (XSS) vulnerab ...)
 	- ruby-grape 1.1.0-1 (bug #903086)
 	[stretch] - ruby-grape <no-dsa> (Minor issue)
 	NOTE: https://github.com/ruby-grape/grape/commit/6876b71efc7b03f7ce1be3f075eaa4e7e6de19af
@@ -44915,69 +44915,69 @@ CVE-2018-3769
 	NOTE: https://github.com/ruby-grape/grape/pull/1763
 CVE-2018-3768
 	REJECTED
-CVE-2018-3767
+CVE-2018-3767 (`memjs` versions &lt;= 1.1.0 allocates and stores buffers on typed inp ...)
 	NOT-FOR-US: memjs node module
-CVE-2018-3766
+CVE-2018-3766 (Path traversal in buttle module versions &lt;= 0.2.0 allows to read an ...)
 	NOT-FOR-US: buttle node module
 CVE-2018-3765
 	RESERVED
-CVE-2018-3764
+CVE-2018-3764 (In Nextcloud Contacts before 2.1.2, a missing sanitization of search r ...)
 	NOT-FOR-US: Nextcloud Contacts
-CVE-2018-3763
+CVE-2018-3763 (In Nextcloud Calendar before 1.5.8 and 1.6.1, a missing sanitization o ...)
 	NOT-FOR-US: Nextcloud Contacts
-CVE-2018-3762
+CVE-2018-3762 (Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2018-3761
+CVE-2018-3761 (Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authent ...)
 	- nextcloud <itp> (bug #835086)
-CVE-2018-3760
+CVE-2018-3760 (There is an information leak vulnerability in Sprockets. Versions Affe ...)
 	{DSA-4242-1 DLA-1419-1}
 	- ruby-sprockets 3.7.0-1.1 (bug #901913)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/06/19/2
 	NOTE: https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5f (master)
 	NOTE: https://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441 (3.x)
 	NOTE: https://github.com/rails/sprockets/commit/18b8a7f07a50c245e9aee7854ecdbe606bbd8bb5 (2.x)
-CVE-2018-3759
+CVE-2018-3759 (private_address_check ruby gem before 0.5.0 is vulnerable to a time-of ...)
 	NOT-FOR-US: private_address_check
-CVE-2018-3758
+CVE-2018-3758 (Unrestricted file upload (RCE) in express-cart module before 1.1.7 all ...)
 	NOT-FOR-US: express-cart
-CVE-2018-3757
+CVE-2018-3757 (Command injection exists in pdf-image v2.0.0 due to an unescaped strin ...)
 	NOT-FOR-US: node pdf-image
-CVE-2018-3756
+CVE-2018-3756 (Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable  ...)
 	NOT-FOR-US: Hyperledger Iroha
-CVE-2018-3755
+CVE-2018-3755 (XSS in sexstatic &lt;=0.6.2 causes HTML injection in directory name(s) ...)
 	NOT-FOR-US: sexstatic
-CVE-2018-3754
+CVE-2018-3754 (Node.js third-party module query-mysql versions 0.0.0, 0.0.1, and 0.0. ...)
 	NOT-FOR-US: query-mysql
-CVE-2018-3753
+CVE-2018-3753 (The utilities function in all versions &lt;= 1.0.0 of the merge-object ...)
 	NOT-FOR-US: merge-objects
-CVE-2018-3752
+CVE-2018-3752 (The utilities function in all versions &lt;= 1.0.0 of the merge-option ...)
 	NOT-FOR-US: merge-options
-CVE-2018-3751
+CVE-2018-3751 (The utilities function in all versions &lt;= 0.3.0 of the merge-recurs ...)
 	NOT-FOR-US: merge-recursive
-CVE-2018-3750
+CVE-2018-3750 (The utilities function in all versions &lt;= 0.5.0 of the deep-extend  ...)
 	- node-deep-extend <unfixed> (unimportant)
 	NOTE: https://nodesecurity.io/advisories/612
 	NOTE: nodejs not covered by security support
-CVE-2018-3749
+CVE-2018-3749 (The utilities function in all versions &lt; 1.0.1 of the deap node mod ...)
 	NOT-FOR-US: deap
-CVE-2018-3748
+CVE-2018-3748 (There is a Stored XSS vulnerability in the glance node module versions ...)
 	NOT-FOR-US: glance node module (different from src:glance)
-CVE-2018-3747
+CVE-2018-3747 (The public node module versions &lt;= 1.0.3 allows to embed HTML in fi ...)
 	NOT-FOR-US: public node module versions
-CVE-2018-3746
+CVE-2018-3746 (The pdfinfojs NPM module versions &lt;= 0.3.6 has a command injection  ...)
 	NOT-FOR-US: pdfinfojs nodejs module
-CVE-2018-3745
+CVE-2018-3745 (atob 2.0.3 and earlier allocates uninitialized Buffers when number is  ...)
 	NOT-FOR-US: nodejs atob module
-CVE-2018-3744
+CVE-2018-3744 (The html-pages node module contains a path traversal vulnerabilities t ...)
 	NOT-FOR-US: html-pages nodejs module
-CVE-2018-3743
+CVE-2018-3743 (Open redirect in hekto &lt;=0.2.3 when target domain name is used as h ...)
 	NOT-FOR-US: hekto nodejs module
 CVE-2018-3742
 	REJECTED
-CVE-2018-3741
+CVE-2018-3741 (There is a possible XSS vulnerability in all rails-html-sanitizer gem  ...)
 	- ruby-rails-html-sanitizer 1.0.4-1 (bug #893994)
 	NOTE: https://github.com/rails/rails-html-sanitizer/commit/f3ba1a839a35f2ba7f941c15e239a1cb379d56ae
-CVE-2018-3740
+CVE-2018-3740 (A specially crafted HTML fragment can cause Sanitize gem for Ruby to a ...)
 	{DSA-4358-1}
 	[experimental] - ruby-sanitize 4.6.5-1
 	- ruby-sanitize 4.6.6-1 (bug #893610)
@@ -44988,32 +44988,32 @@ CVE-2018-3740
 	NOTE: Only an issue in combination with libxml2 >= 2.9.2
 	NOTE: The 'fragment' method was renamed from 'clean' method in earlier version
 	NOTE: in v3.0.0
-CVE-2018-3739
+CVE-2018-3739 (https-proxy-agent before 2.1.1 passes auth option to the Buffer constr ...)
 	NOT-FOR-US: https-proxy-agent
-CVE-2018-3738
+CVE-2018-3738 (protobufjs is vulnerable to ReDoS when parsing crafted invalid .proto  ...)
 	NOT-FOR-US: protobufjs
-CVE-2018-3737
+CVE-2018-3737 (sshpk is vulnerable to ReDoS when parsing crafted invalid public keys. ...)
 	- node-sshpk <unfixed> (unimportant; bug #901093)
 	NOTE: https://github.com/joyent/node-sshpk/issues/44
 	NOTE: https://github.com/joyent/node-sshpk/commit/46065d38a5e6d1bccf86d3efb2fb83c14e3f9957
 	NOTE: nodejs not covered by security support
 CVE-2018-3736
 	REJECTED
-CVE-2018-3735
+CVE-2018-3735 (bracket-template suffers from reflected XSS possible when variable pas ...)
 	NOT-FOR-US: bracket-template nodejs module
-CVE-2018-3734
+CVE-2018-3734 (stattic node module suffers from a Path Traversal vulnerability due to ...)
 	NOT-FOR-US: stattic nodejs module
-CVE-2018-3733
+CVE-2018-3733 (crud-file-server node module before 0.9.0 suffers from a Path Traversa ...)
 	NOT-FOR-US: crud-file-server nodejs module
-CVE-2018-3732
+CVE-2018-3732 (resolve-path node module before 1.4.0 suffers from a Path Traversal vu ...)
 	NOT-FOR-US: resolve-path nodejs module
-CVE-2018-3731
+CVE-2018-3731 (public node module suffers from a Path Traversal vulnerability due to  ...)
 	NOT-FOR-US: public nodejs module
-CVE-2018-3730
+CVE-2018-3730 (mcstatic node module suffers from a Path Traversal vulnerability due t ...)
 	NOT-FOR-US: mcstatic nodejs module
-CVE-2018-3729
+CVE-2018-3729 (localhost-now node module suffers from a Path Traversal vulnerability  ...)
 	NOT-FOR-US: localhost-now nodejs module
-CVE-2018-3728
+CVE-2018-3728 (hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Mo ...)
 	- node-hoek 5.0.3-1 (unimportant)
 	NOTE: fixed in 4.2.1
 	NOTE: https://github.com/hapijs/hoek/issues/230
@@ -45021,56 +45021,56 @@ CVE-2018-3728
 	NOTE: https://snyk.io/vuln/npm:hoek:20180212
 	NOTE: https://nodesecurity.io/advisories/566
 	NOTE: nodejs not covered by security support
-CVE-2018-3727
+CVE-2018-3727 (626 node module suffers from a Path Traversal vulnerability due to lac ...)
 	NOT-FOR-US: 626 node module
-CVE-2018-3726
+CVE-2018-3726 (crud-file-server node module before 0.8.0 suffers from a Cross-Site Sc ...)
 	NOT-FOR-US: crud-file-server nodejs module
-CVE-2018-3725
+CVE-2018-3725 (hekto node module suffers from a Path Traversal vulnerability due to l ...)
 	NOT-FOR-US: hekto nodejs module
-CVE-2018-3724
+CVE-2018-3724 (general-file-server node module suffers from a Path Traversal vulnerab ...)
 	NOT-FOR-US: general-file-server node module
-CVE-2018-3723
+CVE-2018-3723 (defaults-deep node module before 0.2.4 suffers from a Modification of  ...)
 	NOT-FOR-US: defaults-deep node module
-CVE-2018-3722
+CVE-2018-3722 (merge-deep node module before 3.0.1 suffers from a Modification of Ass ...)
 	NOT-FOR-US: merge-deep node module
-CVE-2018-3721
+CVE-2018-3721 (lodash node module before 4.17.5 suffers from a Modification of Assume ...)
 	- node-lodash 4.17.11+dfsg-1 (unimportant; bug #890575)
 	NOTE: https://snyk.io/vuln/npm:lodash:20180130
 	NOTE: https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a
 	NOTE: nodejs not covered by security support
-CVE-2018-3720
+CVE-2018-3720 (assign-deep node module before 0.4.7 suffers from a Modification of As ...)
 	NOT-FOR-US: assign-deep node module
-CVE-2018-3719
+CVE-2018-3719 (mixin-deep node module before 1.3.1 suffers from a Modification of Ass ...)
 	- node-mixin-deep <unfixed> (unimportant; bug #898315)
 	NOTE: https://nodesecurity.io/advisories/578
 	NOTE: nodejs not covered by security support
-CVE-2018-3718
+CVE-2018-3718 (serve node module suffers from Improper Handling of URL Encoding by pe ...)
 	NOT-FOR-US: serve node module
-CVE-2018-3717
+CVE-2018-3717 (connect node module before 2.14.0 suffers from a Cross-Site Scripting  ...)
 	- node-connect 3.0.0-1
 	NOTE: https://github.com/senchalabs/connect/commit/6d5dd30075d2bc4ee97afdbbe3d9d98d8d52d74b
-CVE-2018-3716
+CVE-2018-3716 (simplehttpserver node module suffers from a Cross-Site Scripting vulne ...)
 	NOT-FOR-US: simplehttpserver node module
-CVE-2018-3715
+CVE-2018-3715 (glance node module before 3.0.4 suffers from a Path Traversal vulnerab ...)
 	NOT-FOR-US: glance node module
-CVE-2018-3714
+CVE-2018-3714 (node-srv node module suffers from a Path Traversal vulnerability due t ...)
 	NOT-FOR-US: node-srv node module
-CVE-2018-3713
+CVE-2018-3713 (angular-http-server node module suffers from a Path Traversal vulnerab ...)
 	NOT-FOR-US: angular-http-server node module
-CVE-2018-3712
+CVE-2018-3712 (serve node module before 6.4.9 suffers from a Path Traversal vulnerabi ...)
 	NOT-FOR-US: npm serve
 	NOTE: fixed in 6.4.9 upstream
 	NOTE: https://github.com/zeit/serve/commit/6adad6881c61991da61ebc857857c53409544575
 	NOTE: https://github.com/zeit/serve/pull/316
 	NOTE: https://hackerone.com/reports/307666
 	NOTE: https://nodesecurity.io/advisories/561
-CVE-2018-3711
+CVE-2018-3711 (Fastify node module before 0.38.0 is vulnerable to a denial-of-service ...)
 	NOT-FOR-US: Fastify
 	NOTE: fixed in 0.38.0 upstream
 	NOTE: https://github.com/fastify/fastify/commit/fabd2a011f2ffbb877394abe699f549513ffbd76
 	NOTE: https://hackerone.com/reports/303632
 	NOTE: https://nodesecurity.io/advisories/564
-CVE-2018-3710
+CVE-2018-3710 (Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable  ...)
 	{DSA-4145-1}
 	- gitlab 10.5.5+dfsg-1 (bug #888508)
 	NOTE: https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
@@ -45082,62 +45082,62 @@ CVE-2018-3707
 	RESERVED
 CVE-2018-3706
 	RESERVED
-CVE-2018-3705
+CVE-2018-3705 (Improper directory permissions in the installer for the Intel(R) Syste ...)
 	NOT-FOR-US: Intel System Defense Utility
-CVE-2018-3704
+CVE-2018-3704 (Improper directory permissions in the installer for the Intel Parallel ...)
 	NOT-FOR-US: Intel Parallel Studio
-CVE-2018-3703
+CVE-2018-3703 (Improper directory permissions in the installer for the Intel(R) SSD D ...)
 	NOT-FOR-US: Intel
 CVE-2018-3702
 	RESERVED
 CVE-2018-3701
 	RESERVED
-CVE-2018-3700
+CVE-2018-3700 (Code injection vulnerability in the installer for Intel(R) USB 3.0 eXt ...)
 	NOT-FOR-US: Intel
-CVE-2018-3699
+CVE-2018-3699 (Cross-site scripting in the Intel RAID Web Console v3 for Windows may  ...)
 	NOT-FOR-US: Intel RAID Web Console
-CVE-2018-3698
+CVE-2018-3698 (Improper file permissions in the installer for the Intel Ready Mode Te ...)
 	NOT-FOR-US: Intel
-CVE-2018-3697
+CVE-2018-3697 (Improper directory permissions in the installer for the Intel Media Se ...)
 	NOT-FOR-US: Intel
-CVE-2018-3696
+CVE-2018-3696 (Authentication bypass in the Intel RAID Web Console 3 for Windows befo ...)
 	NOT-FOR-US: Intel RAID Web Console
 CVE-2018-3695
 	RESERVED
 CVE-2018-3694
 	RESERVED
-CVE-2018-3693
+CVE-2018-3693 (Systems with microprocessors utilizing speculative execution and branc ...)
 	- linux <unfixed>
 	NOTE: https://access.redhat.com/solutions/3523601
 	NOTE: https://01.org/security/advisories/intel-oss-10002
 	NOTE: Speculative Bounds Checks Bypass with Store (BCBS)
 CVE-2018-3692
 	RESERVED
-CVE-2018-3691
+CVE-2018-3691 (Some implementations in Intel Integrated Performance Primitives Crypto ...)
 	NOT-FOR-US: Intel
 CVE-2018-3690
 	REJECTED
-CVE-2018-3689
+CVE-2018-3689 (AESM daemon in Intel Software Guard Extensions Platform Software Compo ...)
 	NOT-FOR-US: Intel
-CVE-2018-3688
+CVE-2018-3688 (Unquoted service paths in Intel Quartus Prime Programmer and Tools in  ...)
 	NOT-FOR-US: Intel
-CVE-2018-3687
+CVE-2018-3687 (Unquoted service paths in Intel Quartus II Programmer and Tools in ver ...)
 	NOT-FOR-US: Intel
-CVE-2018-3686
+CVE-2018-3686 (Code injection vulnerability in INTEL-SA-00086 Detection Tool before v ...)
 	NOT-FOR-US: Intel
 CVE-2018-3685
 	RESERVED
-CVE-2018-3684
+CVE-2018-3684 (Unquoted service paths in Intel Quartus II in versions 11.0 - 15.0 all ...)
 	NOT-FOR-US: Intel
-CVE-2018-3683
+CVE-2018-3683 (Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0  ...)
 	NOT-FOR-US: Intel
-CVE-2018-3682
+CVE-2018-3682 (BMC Firmware in Intel server boards, compute modules, and systems pote ...)
 	NOT-FOR-US: Intel
 CVE-2018-3681
 	RESERVED
 CVE-2018-3680
 	RESERVED
-CVE-2018-3679
+CVE-2018-3679 (Escalation of privilege in Reference UI in Intel Data Center Manager S ...)
 	NOT-FOR-US: Intel
 CVE-2018-3678
 	RESERVED
@@ -45151,21 +45151,21 @@ CVE-2018-3674
 	RESERVED
 CVE-2018-3673
 	RESERVED
-CVE-2018-3672
+CVE-2018-3672 (Driver module in Intel Smart Sound Technology before version 9.21.00.3 ...)
 	NOT-FOR-US: Driver module in Intel Smart Sound Technology
-CVE-2018-3671
+CVE-2018-3671 (Escalation of privilege in Intel Saffron admin application before 11.4 ...)
 	NOT-FOR-US: Intel Saffron admin application
-CVE-2018-3670
+CVE-2018-3670 (Driver module in Intel Smart Sound Technology before version 9.21.00.3 ...)
 	NOT-FOR-US: Driver module in Intel Smart Sound Technology
-CVE-2018-3669
+CVE-2018-3669 (A STOP error (BSoD) in the ibtfltcoex.sys driver for Intel Centrino Wi ...)
 	NOT-FOR-US: Intel
-CVE-2018-3668
+CVE-2018-3668 (Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) befor ...)
 	NOT-FOR-US: Intel
-CVE-2018-3667
+CVE-2018-3667 (Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets ...)
 	NOT-FOR-US: Intel
-CVE-2018-3666
+CVE-2018-3666 (Driver module in Intel Smart Sound Technology before version 9.21.00.3 ...)
 	NOT-FOR-US: Driver module in Intel Smart Sound Technology
-CVE-2018-3665
+CVE-2018-3665 (System software utilizing Lazy FP state restore technique on systems u ...)
 	{DSA-4232-1 DLA-1422-1}
 	- linux 4.6.1-1
 	- xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8
@@ -45175,41 +45175,41 @@ CVE-2018-3665
 	NOTE: Hard-disable lazy FPU mode: https://git.kernel.org/linus/ca6938a1cd8a1c5e861a99b67f84ac166fc2b9e7
 CVE-2018-3664
 	RESERVED
-CVE-2018-3663
+CVE-2018-3663 (Escalation of privilege in Intel Saffron MemoryBase before 11.4 allows ...)
 	NOT-FOR-US: Intel Saffron MemoryBase
-CVE-2018-3662
+CVE-2018-3662 (Escalation of privilege in Intel Saffron MemoryBase before version 11. ...)
 	NOT-FOR-US: Intel Saffron MemoryBase
-CVE-2018-3661
+CVE-2018-3661 (Buffer overflow in Intel system Configuration utilities selview.exe an ...)
 	NOT-FOR-US: Intel
 CVE-2018-3660
 	RESERVED
-CVE-2018-3659
+CVE-2018-3659 (A vulnerability in Intel PTT module in Intel CSME firmware before vers ...)
 	NOT-FOR-US: Intel
-CVE-2018-3658
+CVE-2018-3658 (Multiple memory leaks in Intel AMT in Intel CSME firmware versions bef ...)
 	NOT-FOR-US: Intel
-CVE-2018-3657
+CVE-2018-3657 (Multiple buffer overflows in Intel AMT in Intel CSME firmware versions ...)
 	NOT-FOR-US: Intel
 CVE-2018-3656
 	RESERVED
-CVE-2018-3655
+CVE-2018-3655 (A vulnerability in a subsystem in Intel CSME before version 11.21.55,  ...)
 	NOT-FOR-US: Intel
 CVE-2018-3654
 	RESERVED
 CVE-2018-3653
 	RESERVED
-CVE-2018-3652
+CVE-2018-3652 (Existing UEFI setting restrictions for DCI (Direct Connect Interface)  ...)
 	NOT-FOR-US: Intel
 CVE-2018-3651
 	RESERVED
-CVE-2018-3650
+CVE-2018-3650 (Insufficient Input Validation in Bleach module in INTEL Distribution f ...)
 	NOT-FOR-US: Intel
-CVE-2018-3649
+CVE-2018-3649 (DLL injection vulnerability in the installation executables (Autorun.e ...)
 	NOT-FOR-US: Intel
 CVE-2018-3648
 	RESERVED
 CVE-2018-3647
 	RESERVED
-CVE-2018-3646
+CVE-2018-3646 (Systems with microprocessors utilizing speculative execution and addre ...)
 	{DSA-4279-1 DSA-4274-1 DLA-1481-1}
 	- linux 4.17.15-1
 	- xen 4.11.1~pre.20180911.5acdd26fdc+dfsg-2
@@ -45221,17 +45221,17 @@ CVE-2018-3646
 	NOTE: Updates were already shipped with 20180703 release, but only disclosed later, see #906158
 	NOTE: The 3.20180703.1 release for intel-microcode was the first batch of updates which targeted
 	NOTE: most server type CPUs, additional models were supported in the 3.20180807a.1 release
-CVE-2018-3645
+CVE-2018-3645 (Escalation of privilege in all versions of the Intel Remote Keyboard a ...)
 	NOT-FOR-US: Intel
 CVE-2018-3644
 	RESERVED
-CVE-2018-3643
+CVE-2018-3643 (A vulnerability in Power Management Controller firmware in systems usi ...)
 	NOT-FOR-US: Intel
 CVE-2018-3642
 	RESERVED
-CVE-2018-3641
+CVE-2018-3641 (Escalation of privilege in all versions of the Intel Remote Keyboard a ...)
 	NOT-FOR-US: Intel
-CVE-2018-3640
+CVE-2018-3640 (Systems with microprocessors utilizing speculative execution and that  ...)
 	{DSA-4273-2 DSA-4273-1 DLA-1446-1}
 	- intel-microcode 3.20180703.1
 	NOTE: https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
@@ -45239,7 +45239,7 @@ CVE-2018-3640
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
 	NOTE: The 3.20180703.1 release for intel-microcode was the first batch of updates which targeted
 	NOTE: most server type CPUs, additional models were supported in the 3.20180807a.1 release
-CVE-2018-3639
+CVE-2018-3639 (Systems with microprocessors utilizing speculative execution and specu ...)
 	{DSA-4273-2 DSA-4273-1 DSA-4210-1 DLA-1715-1 DLA-1529-1 DLA-1446-1 DLA-1423-1}
 	- intel-microcode 3.20180703.1
 	- linux 4.16.12-1
@@ -45256,19 +45256,19 @@ CVE-2018-3639
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=d19d1f965904a533998739698020ff4ee8a103da
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=cfeea0c021db6234c154dbc723730e81553924ff
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=403503b162ffc33fb64cfefdf7b880acf41772cd
-CVE-2018-3638
+CVE-2018-3638 (Escalation of privilege in all versions of the Intel Remote Keyboard a ...)
 	NOT-FOR-US: Intel
 CVE-2018-3637
 	RESERVED
 CVE-2018-3636
 	RESERVED
-CVE-2018-3635
+CVE-2018-3635 (Insufficient input validation in installer in Intel Rapid Store Techno ...)
 	NOT-FOR-US: Intel
-CVE-2018-3634
+CVE-2018-3634 (Parameter corruption in NDIS filter driver in Intel Online Connect Acc ...)
 	NOT-FOR-US: Intel
 CVE-2018-3633
 	RESERVED
-CVE-2018-3632
+CVE-2018-3632 (Memory corruption in Intel Active Management Technology in Intel Conve ...)
 	NOT-FOR-US: Intel
 CVE-2018-3631
 	RESERVED
@@ -45277,25 +45277,25 @@ CVE-2018-3630 [Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c]
 	- edk2 <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683653
 	NOTE: Non issue, no security impact
-CVE-2018-3629
+CVE-2018-3629 (Buffer overflow in event handler in Intel Active Management Technology ...)
 	NOT-FOR-US: Intel
-CVE-2018-3628
+CVE-2018-3628 (Buffer overflow in HTTP handler in Intel Active Management Technology  ...)
 	NOT-FOR-US: Intel
-CVE-2018-3627
+CVE-2018-3627 (Logic bug in Intel Converged Security Management Engine 11.x may allow ...)
 	NOT-FOR-US: Intel
-CVE-2018-3626
+CVE-2018-3626 (Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9 ...)
 	NOT-FOR-US: Intel
 CVE-2018-3625
 	RESERVED
-CVE-2018-3624
+CVE-2018-3624 (Buffer overflow in ETWS processing module Intel XMM71xx, XMM72xx, XMM7 ...)
 	NOT-FOR-US: Intel
 CVE-2018-3623
 	RESERVED
 CVE-2018-3622
 	RESERVED
-CVE-2018-3621
+CVE-2018-3621 (Insufficient input validation in the Intel Driver &amp; Support Assist ...)
 	NOT-FOR-US: Intel
-CVE-2018-3620
+CVE-2018-3620 (Systems with microprocessors utilizing speculative execution and addre ...)
 	{DSA-4279-1 DSA-4274-1 DLA-1529-1 DLA-1481-1}
 	- linux 4.17.15-1
 	- xen 4.11.1~pre.20180911.5acdd26fdc+dfsg-2
@@ -45307,15 +45307,15 @@ CVE-2018-3620
 	NOTE: https://xenbits.xen.org/xsa/advisory-273.html
 	NOTE: The 3.20180703.1 release for intel-microcode was the first batch of updates which targeted
 	NOTE: most server type CPUs, additional models were supported in the 3.20180807a.1 release
-CVE-2018-3619
+CVE-2018-3619 (Information disclosure vulnerability in storage media in systems with  ...)
 	NOT-FOR-US: Intel
 CVE-2018-3618
 	RESERVED
 CVE-2018-3617
 	REJECTED
-CVE-2018-3616
+CVE-2018-3616 (Bleichenbacher-style side channel vulnerability in TLS implementation  ...)
 	NOT-FOR-US: Intel
-CVE-2018-3615
+CVE-2018-3615 (Systems with microprocessors utilizing speculative execution and Intel ...)
 	- intel-microcode 3.20180703.1
 	NOTE: https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
 	NOTE: https://foreshadowattack.eu/
@@ -45330,111 +45330,111 @@ CVE-2018-3613
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=415
 	NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=44
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-authenticated-variable-bypass.html
-CVE-2018-3612
+CVE-2018-3612 (Intel NUC kits with insufficient input validation in system firmware,  ...)
 	NOT-FOR-US: Intel
-CVE-2018-3611
+CVE-2018-3611 (Bounds check vulnerability in User Mode Driver in Intel Graphics Drive ...)
 	NOT-FOR-US: Intel
-CVE-2018-3610
+CVE-2018-3610 (SEMA driver in Intel Driver and Support Assistant before version 3.1.1 ...)
 	NOT-FOR-US: Intel
-CVE-2018-3609
+CVE-2018-3609 (A vulnerability in the Trend Micro InterScan Messaging Security Virtua ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-3608
+CVE-2018-3608 (A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (ver ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-3607
+CVE-2018-3607 (XXXTreeNode method SQL injection remote code execution (RCE) vulnerabi ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-3606
+CVE-2018-3606 (XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL inj ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-3605
+CVE-2018-3605 (TopXXX, ViolationXXX, and IncidentXXX method SQL injection remote code ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-3604
+CVE-2018-3604 (GetXXX method SQL injection remote code execution (RCE) vulnerabilitie ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-3603
+CVE-2018-3603 (A CGGIServlet SQL injection remote code execution (RCE) vulnerability  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-3602
+CVE-2018-3602 (An AdHocQuery_Processor SQL injection remote code execution (RCE) vuln ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-3601
+CVE-2018-3601 (A password hash usage authentication bypass vulnerability in Trend Mic ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-3600
+CVE-2018-3600 (A external entity processing information disclosure (XXE) vulnerabilit ...)
 	NOT-FOR-US: Trend Micro
-CVE-2018-3599
+CVE-2018-3599 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3598
+CVE-2018-3598 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3597
+CVE-2018-3597 (In the ADSP RPC driver in Android releases from CAF using the linux ke ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3596
+CVE-2018-3596 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3595
+CVE-2018-3595 (Anti-rollback can be bypassed in replay scenario during app loading du ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3594
+CVE-2018-3594 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3593
+CVE-2018-3593 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3592
+CVE-2018-3592 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3591
+CVE-2018-3591 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3590
+CVE-2018-3590 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3589
+CVE-2018-3589 (In Android before security patch level 2018-04-05 on Qualcomm Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3588
+CVE-2018-3588 (There is improper access control of the SSC and GPU mapped regions whi ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3587
+CVE-2018-3587 (In a firmware memory dump feature in all Android releases from CAF usi ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3586
+CVE-2018-3586 (An integer overflow to buffer overflow vulnerability exists in the ADS ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3585
 	RESERVED
-CVE-2018-3584
+CVE-2018-3584 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3583
 	RESERVED
-CVE-2018-3582
+CVE-2018-3582 (Buffer overflow can occur due to improper input validation in multiple ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3581
+CVE-2018-3581 (In the WLAN driver in all Android releases from CAF (Android for MSM,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3580
+CVE-2018-3580 (Stack-based buffer overflow can occur In the WLAN driver if the pmkid_ ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3579
+CVE-2018-3579 (In the WLAN driver in all Android releases from CAF (Android for MSM,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3578
+CVE-2018-3578 (Type mismatch for ie_len can cause the WLAN driver to allocate less me ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3577
+CVE-2018-3577 (While processing fragments, when the fragment count becomes very large ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3576
+CVE-2018-3576 (improper validation of array index in WiFi driver function sapInterfer ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3575
 	RESERVED
-CVE-2018-3574
+CVE-2018-3574 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	- linux <not-affected> (Qualcomm specific changes)
-CVE-2018-3573
+CVE-2018-3573 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3572
+CVE-2018-3572 (While processing a DSP buffer in an audio driver's event handler, an i ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3571
+CVE-2018-3571 (In the KGSL driver in all Android releases from CAF (Android for MSM,  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3570
+CVE-2018-3570 (In the cpuidle driver in all Android releases(Android for MSM, Firefox ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3569
+CVE-2018-3569 (A buffer over-read can occur during a fast initial link setup (FILS) c ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3568
+CVE-2018-3568 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3567
+CVE-2018-3567 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3566
+CVE-2018-3566 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3565
+CVE-2018-3565 (While sending a probe request indication in lim_send_sme_probe_req_ind ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3564
+CVE-2018-3564 (In the FastRPC driver in Android releases from CAF using the linux ker ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3563
+CVE-2018-3563 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3562
+CVE-2018-3562 (Buffer over -read can occur while processing a FILS authentication fra ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3561
+CVE-2018-3561 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3560
+CVE-2018-3560 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3559
 	RESERVED
@@ -45932,11 +45932,11 @@ CVE-2018-3313
 	RESERVED
 CVE-2018-3312
 	RESERVED
-CVE-2018-3311
+CVE-2018-3311 (Vulnerability in the Oracle Retail Xstore Payment component of Oracle  ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3310
 	RESERVED
-CVE-2018-3309
+CVE-2018-3309 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.22-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 CVE-2018-3308
@@ -45945,73 +45945,73 @@ CVE-2018-3307
 	RESERVED
 CVE-2018-3306
 	RESERVED
-CVE-2018-3305
+CVE-2018-3305 (Vulnerability in the Oracle Application Testing Suite component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3304
+CVE-2018-3304 (Vulnerability in the Oracle Application Testing Suite component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3303
+CVE-2018-3303 (Vulnerability in the Enterprise Manager Base Platform component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3302
+CVE-2018-3302 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3301
+CVE-2018-3301 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3300
 	RESERVED
-CVE-2018-3299
+CVE-2018-3299 (Vulnerability in the Oracle Text component of Oracle Database Server.  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3298
+CVE-2018-3298 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3297
+CVE-2018-3297 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3296
+CVE-2018-3296 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3295
+CVE-2018-3295 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3294
+CVE-2018-3294 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3293
+CVE-2018-3293 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3292
+CVE-2018-3292 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3291
+CVE-2018-3291 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3290
+CVE-2018-3290 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3289
+CVE-2018-3289 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3288
+CVE-2018-3288 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3287
+CVE-2018-3287 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3286
+CVE-2018-3286 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3285
+CVE-2018-3285 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3284
+CVE-2018-3284 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3283
+CVE-2018-3283 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3282
+CVE-2018-3282 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1570-1 DLA-1566-1}
 	- mariadb-10.1 1:10.1.37-1 (bug #912848)
 	- mariadb-10.0 <removed>
@@ -46019,78 +46019,78 @@ CVE-2018-3282
 	- mysql-5.5 <removed>
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 	NOTE: Fixed in MariaDB: 10.1.37, 10.0.37
-CVE-2018-3281
+CVE-2018-3281 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3280
+CVE-2018-3280 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3279
+CVE-2018-3279 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3278
+CVE-2018-3278 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3277
+CVE-2018-3277 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3276
+CVE-2018-3276 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3275
+CVE-2018-3275 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3274
+CVE-2018-3274 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3273
+CVE-2018-3273 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3272
+CVE-2018-3272 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3271
+CVE-2018-3271 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3270
+CVE-2018-3270 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3269
+CVE-2018-3269 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3268
+CVE-2018-3268 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3267
+CVE-2018-3267 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3266
+CVE-2018-3266 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3265
+CVE-2018-3265 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3264
+CVE-2018-3264 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3263
+CVE-2018-3263 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3262
+CVE-2018-3262 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3261
+CVE-2018-3261 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3260
 	RESERVED
-CVE-2018-3259
+CVE-2018-3259 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3258
+CVE-2018-3258 (Vulnerability in the MySQL Connectors component of Oracle MySQL (subco ...)
 	- mysql-connector-java <not-affected> (Only affects 8.x, bug #912916)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
-CVE-2018-3257
+CVE-2018-3257 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3256
+CVE-2018-3256 (Vulnerability in the Oracle Email Center component of Oracle E-Busines ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3255
+CVE-2018-3255 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3254
+CVE-2018-3254 (Vulnerability in the Oracle WebCenter Portal component of Oracle Fusio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3253
+CVE-2018-3253 (Vulnerability in the Oracle Virtual Directory component of Oracle Fusi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3252
+CVE-2018-3252 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3251
+CVE-2018-3251 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1570-1}
 	- mariadb-10.1 1:10.1.37-1 (bug #912848)
 	- mariadb-10.0 <removed>
@@ -46098,187 +46098,187 @@ CVE-2018-3251
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 	NOTE: Fixed in MariaDB 10.1.37, 10.0.37
-CVE-2018-3250
+CVE-2018-3250 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3249
+CVE-2018-3249 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3248
+CVE-2018-3248 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3247
+CVE-2018-3247 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3246
+CVE-2018-3246 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3245
+CVE-2018-3245 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3244
+CVE-2018-3244 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3243
+CVE-2018-3243 (Vulnerability in the Oracle Applications Framework component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3242
+CVE-2018-3242 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3241
+CVE-2018-3241 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3240
 	RESERVED
-CVE-2018-3239
+CVE-2018-3239 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3238
+CVE-2018-3238 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3237
+CVE-2018-3237 (Vulnerability in the Oracle Applications Manager component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3236
+CVE-2018-3236 (Vulnerability in the Oracle User Management component of Oracle E-Busi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3235
+CVE-2018-3235 (Vulnerability in the Oracle Applications Manager component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3234
+CVE-2018-3234 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3233
+CVE-2018-3233 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3232
+CVE-2018-3232 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3231
+CVE-2018-3231 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3230
+CVE-2018-3230 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3229
+CVE-2018-3229 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3228
+CVE-2018-3228 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3227
+CVE-2018-3227 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3226
+CVE-2018-3226 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3225
+CVE-2018-3225 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3224
+CVE-2018-3224 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3223
+CVE-2018-3223 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3222
+CVE-2018-3222 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3221
+CVE-2018-3221 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3220
+CVE-2018-3220 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3219
+CVE-2018-3219 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3218
+CVE-2018-3218 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3217
+CVE-2018-3217 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3216
 	RESERVED
-CVE-2018-3215
+CVE-2018-3215 (Vulnerability in the Oracle Endeca Information Discovery Integrator co ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3214
+CVE-2018-3214 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4326-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-2
-CVE-2018-3213
+CVE-2018-3213 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3212
+CVE-2018-3212 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3211
+CVE-2018-3211 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	- openjdk-8 <not-affected> (Specific to Oracle Java)
-CVE-2018-3210
+CVE-2018-3210 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3209
+CVE-2018-3209 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjfx 11+26-1
 	[stretch] - openjfx <ignored> (Specific details withheld by Oracle, impossible to fix)
 	NOTE: CPU marks this as only affecting 8.x, so marking first 11 upload as fixed
-CVE-2018-3208
+CVE-2018-3208 (Vulnerability in the Hyperion Data Relationship Management component o ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3207
+CVE-2018-3207 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3206
+CVE-2018-3206 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3205
+CVE-2018-3205 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3204
+CVE-2018-3204 (Vulnerability in the Oracle Business Intelligence Enterprise Edition c ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3203
+CVE-2018-3203 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3202
+CVE-2018-3202 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3201
+CVE-2018-3201 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3200
+CVE-2018-3200 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 CVE-2018-3199
 	RESERVED
-CVE-2018-3198
+CVE-2018-3198 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3197
+CVE-2018-3197 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3196
+CVE-2018-3196 (Vulnerability in the Oracle Partner Management component of Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3195
+CVE-2018-3195 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3194
+CVE-2018-3194 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3193
+CVE-2018-3193 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3192
+CVE-2018-3192 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3191
+CVE-2018-3191 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3190
+CVE-2018-3190 (Vulnerability in the Oracle E-Business Intelligence component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3189
+CVE-2018-3189 (Vulnerability in the Oracle Customer Interaction History component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3188
+CVE-2018-3188 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3187
+CVE-2018-3187 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3186
+CVE-2018-3186 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3185
+CVE-2018-3185 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3184
+CVE-2018-3184 (Vulnerability in the Hyperion BI+ component of Oracle Hyperion (subcom ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3183
+CVE-2018-3183 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4326-1}
 	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
-CVE-2018-3182
+CVE-2018-3182 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3181
+CVE-2018-3181 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3180
+CVE-2018-3180 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4326-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3179
+CVE-2018-3179 (Vulnerability in the Oracle Identity Manager component of Oracle Fusio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3178
+CVE-2018-3178 (Vulnerability in the Hyperion Common Events component of Oracle Hyperi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3177
+CVE-2018-3177 (Vulnerability in the Hyperion Common Events component of Oracle Hyperi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3176
+CVE-2018-3176 (Vulnerability in the Hyperion Common Events component of Oracle Hyperi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3175
+CVE-2018-3175 (Vulnerability in the Hyperion Common Events component of Oracle Hyperi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3174
+CVE-2018-3174 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1570-1 DLA-1566-1}
 	- mariadb-10.1 1:10.1.37-1 (bug #912848)
 	- mariadb-10.0 <removed>
@@ -46286,55 +46286,55 @@ CVE-2018-3174
 	- mysql-5.5 <removed>
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 	NOTE: Fixed in MariaDB 10.1.37, 10.0.37
-CVE-2018-3173
+CVE-2018-3173 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3172
+CVE-2018-3172 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3171
+CVE-2018-3171 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3170
+CVE-2018-3170 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3169
+CVE-2018-3169 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4326-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3168
+CVE-2018-3168 (Vulnerability in the Oracle Identity Analytics component of Oracle Fus ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3167
+CVE-2018-3167 (Vulnerability in the Application Management Pack for Oracle E-Business ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3166
+CVE-2018-3166 (Vulnerability in the Oracle Hospitality Cruise Fleet Management compon ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3165
+CVE-2018-3165 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3164
+CVE-2018-3164 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3163
+CVE-2018-3163 (Vulnerability in the Oracle Hospitality Cruise Fleet Management compon ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3162
+CVE-2018-3162 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3161
+CVE-2018-3161 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3160
+CVE-2018-3160 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3159
+CVE-2018-3159 (Vulnerability in the Oracle Hospitality Cruise Fleet Management compon ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3158
+CVE-2018-3158 (Vulnerability in the Oracle Hospitality Cruise Fleet Management compon ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3157
+CVE-2018-3157 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3156
+CVE-2018-3156 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1570-1}
 	- mariadb-10.1 1:10.1.37-1 (bug #912848)
 	- mariadb-10.0 <removed>
@@ -46342,42 +46342,42 @@ CVE-2018-3156
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 	NOTE: Fixed in MariaDB 10.1.37, 10.0.37
-CVE-2018-3155
+CVE-2018-3155 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3154
+CVE-2018-3154 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3153
+CVE-2018-3153 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3152
+CVE-2018-3152 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3151
+CVE-2018-3151 (Vulnerability in the Oracle iProcurement component of Oracle E-Busines ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3150
+CVE-2018-3150 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3149
+CVE-2018-3149 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4326-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3148
+CVE-2018-3148 (Vulnerability in the Primavera Unifier component of Oracle Constructio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3147
+CVE-2018-3147 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3146
+CVE-2018-3146 (Vulnerability in the Oracle iLearning component of Oracle iLearning (s ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3145
+CVE-2018-3145 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3144
+CVE-2018-3144 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3143
+CVE-2018-3143 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1570-1}
 	- mariadb-10.1 1:10.1.37-1 (bug #912848)
 	- mariadb-10.0 <removed>
@@ -46385,60 +46385,60 @@ CVE-2018-3143
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 	NOTE: Fixed in MariaDB 10.1.37, 10.0.37
-CVE-2018-3142
+CVE-2018-3142 (Vulnerability in the Hyperion Essbase Administration Services componen ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3141
+CVE-2018-3141 (Vulnerability in the Hyperion Essbase Administration Services componen ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3140
+CVE-2018-3140 (Vulnerability in the Hyperion Essbase Administration Services componen ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3139
+CVE-2018-3139 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4326-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3138
+CVE-2018-3138 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3137
+CVE-2018-3137 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3136
+CVE-2018-3136 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4326-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
-CVE-2018-3135
+CVE-2018-3135 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3134
+CVE-2018-3134 (Vulnerability in the Oracle Agile Product Lifecycle Management for Pro ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3133
+CVE-2018-3133 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DLA-1566-1}
 	- mysql-5.7 5.7.24-1 (bug #911221)
 	- mysql-5.5 <removed>
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
-CVE-2018-3132
+CVE-2018-3132 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3131
+CVE-2018-3131 (Vulnerability in the Oracle Hospitality Gift and Loyalty component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3130
+CVE-2018-3130 (Vulnerability in the PeopleSoft Enterprise Interaction Hub component o ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3129
+CVE-2018-3129 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3128
+CVE-2018-3128 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3127
+CVE-2018-3127 (Vulnerability in the Oracle Demantra Demand Management component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3126
+CVE-2018-3126 (Vulnerability in the Oracle Retail Xstore Point of Service component o ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3125
+CVE-2018-3125 (Vulnerability in the Oracle Retail Merchandising System component of O ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3124
 	RESERVED
 CVE-2018-3123
 	RESERVED
-CVE-2018-3122
+CVE-2018-3122 (Vulnerability in the Oracle Retail Open Commerce Platform component of ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3121
 	RESERVED
@@ -46452,7 +46452,7 @@ CVE-2018-3117
 	RESERVED
 CVE-2018-3116
 	RESERVED
-CVE-2018-3115
+CVE-2018-3115 (Vulnerability in the Oracle Retail Sales Audit component of Oracle Ret ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3114
 	RESERVED
@@ -46462,500 +46462,500 @@ CVE-2018-3112
 	RESERVED
 CVE-2018-3111
 	RESERVED
-CVE-2018-3110
+CVE-2018-3110 (A vulnerability was discovered in the Java VM component of Oracle Data ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3109
+CVE-2018-3109 (Vulnerability in the Oracle Fusion Middleware MapViewer component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3108
+CVE-2018-3108 (Vulnerability in the Oracle Fusion Middleware component of Oracle Fusi ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3107
 	RESERVED
 CVE-2018-3106
 	RESERVED
-CVE-2018-3105
+CVE-2018-3105 (Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3104
+CVE-2018-3104 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3103
+CVE-2018-3103 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3102
+CVE-2018-3102 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3101
+CVE-2018-3101 (Vulnerability in the Oracle WebCenter Portal component of Oracle Fusio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3100
+CVE-2018-3100 (Vulnerability in the Oracle Business Process Management Suite componen ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3099
+CVE-2018-3099 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3098
+CVE-2018-3098 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3097
+CVE-2018-3097 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3096
+CVE-2018-3096 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3095
+CVE-2018-3095 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3094
+CVE-2018-3094 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3093
+CVE-2018-3093 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3092
+CVE-2018-3092 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3091
+CVE-2018-3091 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3090
+CVE-2018-3090 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3089
+CVE-2018-3089 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3088
+CVE-2018-3088 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3087
+CVE-2018-3087 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3086
+CVE-2018-3086 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3085
+CVE-2018-3085 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3084
+CVE-2018-3084 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	NOT-FOR-US: Oracle MySQL 8
 CVE-2018-3083
 	RESERVED
-CVE-2018-3082
+CVE-2018-3082 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3081
+CVE-2018-3081 (Vulnerability in the MySQL Client component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1566-1 DLA-1407-1}
 	- mariadb-10.1 1:10.1.34-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.23-1 (bug #904121)
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB: 10.2.15, 10.1.33, 10.0.35
-CVE-2018-3080
+CVE-2018-3080 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3079
+CVE-2018-3079 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3078
+CVE-2018-3078 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3077
+CVE-2018-3077 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3076
+CVE-2018-3076 (Vulnerability in the PeopleSoft Enterprise CS Financial Aid component  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3075
+CVE-2018-3075 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3074
+CVE-2018-3074 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3073
+CVE-2018-3073 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3072
+CVE-2018-3072 (Vulnerability in the PeopleSoft HRMS component of Oracle PeopleSoft Pr ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3071
+CVE-2018-3071 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3070
+CVE-2018-3070 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DLA-1566-1}
 	- mysql-5.7 5.7.23-1 (bug #904121)
 	- mysql-5.5 <removed>
-CVE-2018-3069
+CVE-2018-3069 (Vulnerability in the Oracle Agile Product Lifecycle Management for Pro ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3068
+CVE-2018-3068 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources compone ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3067
+CVE-2018-3067 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	NOT-FOR-US: Oracle MySQL 8
-CVE-2018-3066
+CVE-2018-3066 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1566-1 DLA-1488-1}
 	- mariadb-10.1 1:10.1.35-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.23-1 (bug #904121)
 	- mysql-5.5 <removed>
 	NOTE: MariaDB fixed in 10.0.36, 10.1.35
-CVE-2018-3065
+CVE-2018-3065 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3064
+CVE-2018-3064 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1488-1}
 	- mariadb-10.1 1:10.1.35-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.23-1 (bug #904121)
 	NOTE: MariaDB: Fixed in 10.0.36, 10.1.35
-CVE-2018-3063
+CVE-2018-3063 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1566-1 DLA-1488-1}
 	- mariadb-10.1 1:10.1.35-1
 	- mariadb-10.0 <removed>
 	- mysql-5.5 <removed>
 	NOTE: MariaDB: Fixed in 10.0.36, 10.1.35
-CVE-2018-3062
+CVE-2018-3062 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3061
+CVE-2018-3061 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3060
+CVE-2018-3060 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3059
+CVE-2018-3059 (Vulnerability in the Siebel UI Framework component of Oracle Siebel CR ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3058
+CVE-2018-3058 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1566-1 DLA-1488-1}
 	- mariadb-10.1 1:10.1.35-1
 	- mariadb-10.0 <removed>
 	- mysql-5.7 5.7.23-1 (bug #904121)
 	- mysql-5.5 <removed>
 	NOTE: MariaDB fixed in 10.0.36, 10.1.35
-CVE-2018-3057
+CVE-2018-3057 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3056
+CVE-2018-3056 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3055
+CVE-2018-3055 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3054
+CVE-2018-3054 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.23-1 (bug #904121)
-CVE-2018-3053
+CVE-2018-3053 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3052
+CVE-2018-3052 (Vulnerability in the MICROS Relate CRM Software component of Oracle Re ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3051
+CVE-2018-3051 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3050
+CVE-2018-3050 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3049
+CVE-2018-3049 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3048
+CVE-2018-3048 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3047
+CVE-2018-3047 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3046
+CVE-2018-3046 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3045
+CVE-2018-3045 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3044
+CVE-2018-3044 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3043
+CVE-2018-3043 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3042
+CVE-2018-3042 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3041
+CVE-2018-3041 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3040
+CVE-2018-3040 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3039
+CVE-2018-3039 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3038
+CVE-2018-3038 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3037
+CVE-2018-3037 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3036
+CVE-2018-3036 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3035
+CVE-2018-3035 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3034
+CVE-2018-3034 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3033
+CVE-2018-3033 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3032
+CVE-2018-3032 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3031
+CVE-2018-3031 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3030
+CVE-2018-3030 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3029
+CVE-2018-3029 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3028
+CVE-2018-3028 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3027
+CVE-2018-3027 (Vulnerability in the Oracle Banking Payments component of Oracle Finan ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3026
+CVE-2018-3026 (Vulnerability in the Oracle Banking Payments component of Oracle Finan ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3025
+CVE-2018-3025 (Vulnerability in the Oracle Banking Payments component of Oracle Finan ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3024
+CVE-2018-3024 (Vulnerability in the Oracle Banking Payments component of Oracle Finan ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3023
+CVE-2018-3023 (Vulnerability in the Oracle Banking Payments component of Oracle Finan ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3022
+CVE-2018-3022 (Vulnerability in the Oracle Banking Payments component of Oracle Finan ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3021
+CVE-2018-3021 (Vulnerability in the Oracle Banking Payments component of Oracle Finan ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3020
+CVE-2018-3020 (Vulnerability in the Oracle Banking Payments component of Oracle Finan ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3019
+CVE-2018-3019 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3018
+CVE-2018-3018 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3017
+CVE-2018-3017 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3016
+CVE-2018-3016 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3015
+CVE-2018-3015 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3014
+CVE-2018-3014 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3013
+CVE-2018-3013 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3012
+CVE-2018-3012 (Vulnerability in the Oracle Trade Management component of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3011
+CVE-2018-3011 (Vulnerability in the Oracle Trade Management component of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3010
+CVE-2018-3010 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3009
+CVE-2018-3009 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3008
+CVE-2018-3008 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3007
+CVE-2018-3007 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middlewa ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3006
+CVE-2018-3006 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3005
+CVE-2018-3005 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.16-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-3004
+CVE-2018-3004 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3003
+CVE-2018-3003 (Vulnerability in the Oracle Hospitality Cruise Fleet Management System ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3002
+CVE-2018-3002 (Vulnerability in the Oracle Hospitality Cruise Fleet Management System ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3001
+CVE-2018-3001 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3000
+CVE-2018-3000 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2999
+CVE-2018-2999 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2998
+CVE-2018-2998 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2997
+CVE-2018-2997 (Vulnerability in the Oracle Scripting component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2996
+CVE-2018-2996 (Vulnerability in the Oracle Applications Manager component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2995
+CVE-2018-2995 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2994
+CVE-2018-2994 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2993
+CVE-2018-2993 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2992
+CVE-2018-2992 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2991
+CVE-2018-2991 (Vulnerability in the Oracle Trade Management component of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2990
+CVE-2018-2990 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2989
+CVE-2018-2989 (Vulnerability in the Oracle iLearning component of Oracle iLearning (s ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2988
+CVE-2018-2988 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2987
+CVE-2018-2987 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2986
+CVE-2018-2986 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2985
+CVE-2018-2985 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2984
+CVE-2018-2984 (Vulnerability in the Oracle Hospitality Cruise Fleet Management System ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2983
 	RESERVED
-CVE-2018-2982
+CVE-2018-2982 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2981
+CVE-2018-2981 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2980
+CVE-2018-2980 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2979
+CVE-2018-2979 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2978
+CVE-2018-2978 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2977
+CVE-2018-2977 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2976
+CVE-2018-2976 (Vulnerability in the Enterprise Manager Ops Center component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2975
+CVE-2018-2975 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2974
+CVE-2018-2974 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2973
+CVE-2018-2973 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	- openjdk-7 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-8 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-10 <not-affected> (Apparently specific to Oracle Java)
-CVE-2018-2972
+CVE-2018-2972 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-10 10.0.2+13-1
-CVE-2018-2971
+CVE-2018-2971 (Vulnerability in the Oracle Applications Framework component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2970
+CVE-2018-2970 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2969
+CVE-2018-2969 (Vulnerability in the Primavera Unifier component of Oracle Constructio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2968
+CVE-2018-2968 (Vulnerability in the Primavera Unifier component of Oracle Constructio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2967
+CVE-2018-2967 (Vulnerability in the Primavera Unifier component of Oracle Constructio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2966
+CVE-2018-2966 (Vulnerability in the Primavera Unifier component of Oracle Constructio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2965
+CVE-2018-2965 (Vulnerability in the Primavera Unifier component of Oracle Constructio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2964
+CVE-2018-2964 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-10 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2018-2963
+CVE-2018-2963 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2962
+CVE-2018-2962 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2961
+CVE-2018-2961 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2960
+CVE-2018-2960 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2959
+CVE-2018-2959 (Vulnerability in the Siebel UI Framework component of Oracle Siebel CR ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2958
+CVE-2018-2958 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2957
+CVE-2018-2957 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2956
+CVE-2018-2956 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2955
+CVE-2018-2955 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services comp ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2954
+CVE-2018-2954 (Vulnerability in the Oracle Order Management component of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2953
+CVE-2018-2953 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2952
+CVE-2018-2952 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4268-1 DLA-1590-1}
 	- openjdk-7 <removed>
 	- openjdk-8 8u181-b13-1
 	- openjdk-10 10.0.2+13-1
 	NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/baac18e216fb
-CVE-2018-2951
+CVE-2018-2951 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2950
+CVE-2018-2950 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2949
+CVE-2018-2949 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2948
+CVE-2018-2948 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2947
+CVE-2018-2947 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2946
+CVE-2018-2946 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2945
+CVE-2018-2945 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2944
+CVE-2018-2944 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2943
+CVE-2018-2943 (Vulnerability in the Oracle Fusion Middleware MapViewer component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2942
+CVE-2018-2942 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-7 <not-affected> (Windows-specific)
 	- openjdk-8 <not-affected> (Windows-specific)
-CVE-2018-2941
+CVE-2018-2941 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjfx 11+26-1 (bug #905215)
 	[stretch] - openjfx <ignored> (Specific details withheld by Oracle, impossible to fix)
-CVE-2018-2940
+CVE-2018-2940 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	- openjdk-7 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-8 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-10 <not-affected> (Apparently specific to Oracle Java)
-CVE-2018-2939
+CVE-2018-2939 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2938
+CVE-2018-2938 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-7 <not-affected> (Specific to Oracle Java, OpenJDK doesn't bundle Derby)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, OpenJDK doesn't bundle Derby)
-CVE-2018-2937
+CVE-2018-2937 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2936
+CVE-2018-2936 (Vulnerability in the Oracle Communications Messaging Server component  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2935
+CVE-2018-2935 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2934
+CVE-2018-2934 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2933
+CVE-2018-2933 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2932
+CVE-2018-2932 (Vulnerability in the Oracle SuperCluster Specific Software component o ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2931
 	RESERVED
-CVE-2018-2930
+CVE-2018-2930 (Vulnerability in the Solaris Cluster component of Oracle Sun Systems P ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2929
+CVE-2018-2929 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2928
+CVE-2018-2928 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2927
+CVE-2018-2927 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2926
+CVE-2018-2926 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2925
+CVE-2018-2925 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2924
+CVE-2018-2924 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2923
+CVE-2018-2923 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2922
+CVE-2018-2922 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2921
+CVE-2018-2921 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2920
+CVE-2018-2920 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2919
+CVE-2018-2919 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2918
+CVE-2018-2918 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2917
+CVE-2018-2917 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2916
+CVE-2018-2916 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2915
+CVE-2018-2915 (Vulnerability in the Hyperion Data Relationship Management component o ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2914
+CVE-2018-2914 (Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2913
+CVE-2018-2913 (Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2912
+CVE-2018-2912 (Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2911
+CVE-2018-2911 (Vulnerability in the Oracle GlassFish Server component of Oracle Fusio ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2910
 	RESERVED
-CVE-2018-2909
+CVE-2018-2909 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.20-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2018-2908
+CVE-2018-2908 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2907
+CVE-2018-2907 (Vulnerability in the Hyperion Financial Reporting component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2906
+CVE-2018-2906 (Vulnerability in the Hardware Management Pack component of Oracle Sun  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2905
+CVE-2018-2905 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2904
+CVE-2018-2904 (Vulnerability in the Oracle Communications EAGLE LNP Application Proce ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2903
+CVE-2018-2903 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2902
+CVE-2018-2902 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2901
+CVE-2018-2901 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2900
+CVE-2018-2900 (Vulnerability in the BI Publisher component of Oracle Fusion Middlewar ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2899
+CVE-2018-2899 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2898
+CVE-2018-2898 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2897
+CVE-2018-2897 (Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2896
+CVE-2018-2896 (Vulnerability in the Oracle Banking Payments component of Oracle Finan ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2895
+CVE-2018-2895 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2894
+CVE-2018-2894 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2893
+CVE-2018-2893 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2892
+CVE-2018-2892 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2891
+CVE-2018-2891 (Vulnerability in the Oracle Retail Bulk Data Integration component of  ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2890
 	RESERVED
-CVE-2018-2889
+CVE-2018-2889 (Vulnerability in the MICROS Retail-J component of Oracle Retail Applic ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2888
+CVE-2018-2888 (Vulnerability in the MICROS Retail-J component of Oracle Retail Applic ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2887
+CVE-2018-2887 (Vulnerability in the MICROS Retail-J component of Oracle Retail Applic ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2886
 	RESERVED
@@ -46965,158 +46965,158 @@ CVE-2018-2884
 	RESERVED
 CVE-2018-2883
 	RESERVED
-CVE-2018-2882
+CVE-2018-2882 (Vulnerability in the MICROS Retail-J component of Oracle Retail Applic ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2881
+CVE-2018-2881 (Vulnerability in the MICROS Retail-J component of Oracle Retail Applic ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2880
 	RESERVED
-CVE-2018-2879
+CVE-2018-2879 (Vulnerability in the Oracle Access Manager component of Oracle Fusion  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2878
+CVE-2018-2878 (Vulnerability in the PeopleSoft Enterprise HCM Shared Components compo ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2877
+CVE-2018-2877 (Vulnerability in the MySQL Cluster component of Oracle MySQL (subcompo ...)
 	- mysql-cluster <itp> (bug #833356)
-CVE-2018-2876
+CVE-2018-2876 (Vulnerability in the Oracle Retail Integration Bus component of Oracle ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2875
 	RESERVED
-CVE-2018-2874
+CVE-2018-2874 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2873
+CVE-2018-2873 (Vulnerability in the Oracle General Ledger component of Oracle E-Busin ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2872
+CVE-2018-2872 (Vulnerability in the Oracle General Ledger component of Oracle E-Busin ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2871
+CVE-2018-2871 (Vulnerability in the Oracle Human Resources component of Oracle E-Busi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2870
+CVE-2018-2870 (Vulnerability in the Oracle Human Resources component of Oracle E-Busi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2869
+CVE-2018-2869 (Vulnerability in the Oracle Human Resources component of Oracle E-Busi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2868
+CVE-2018-2868 (Vulnerability in the Oracle Human Resources component of Oracle E-Busi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2867
+CVE-2018-2867 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2866
+CVE-2018-2866 (Vulnerability in the Oracle General Ledger component of Oracle E-Busin ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2865
+CVE-2018-2865 (Vulnerability in the Oracle General Ledger component of Oracle E-Busin ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2864
+CVE-2018-2864 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2863
+CVE-2018-2863 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2862
+CVE-2018-2862 (Vulnerability in the Oracle Retail Point-of-Service component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2861
+CVE-2018-2861 (Vulnerability in the Oracle Retail Back Office component of Oracle Ret ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2860
+CVE-2018-2860 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2859
+CVE-2018-2859 (Vulnerability in the Oracle Financial Services Basel Regulatory Capita ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2858
+CVE-2018-2858 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2857
+CVE-2018-2857 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2856
+CVE-2018-2856 (Vulnerability in the Oracle Financial Services Basel Regulatory Capita ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2855
+CVE-2018-2855 (Vulnerability in the Oracle Financial Services Basel Regulatory Capita ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2854
+CVE-2018-2854 (Vulnerability in the Oracle Financial Services Basel Regulatory Capita ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2853
+CVE-2018-2853 (Vulnerability in the Oracle Hospitality Simphony First Edition compone ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2852
+CVE-2018-2852 (Vulnerability in the Oracle Hospitality Guest Access component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2851
+CVE-2018-2851 (Vulnerability in the Oracle Hospitality Simphony First Edition compone ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2850
+CVE-2018-2850 (Vulnerability in the Oracle Hospitality Cruise Fleet Management System ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2849
+CVE-2018-2849 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2848
+CVE-2018-2848 (Vulnerability in the Oracle Hospitality Simphony First Edition compone ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2847
+CVE-2018-2847 (Vulnerability in the Oracle Hospitality Simphony First Edition compone ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2846
+CVE-2018-2846 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2845
+CVE-2018-2845 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2844
+CVE-2018-2844 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
 	NOTE: https://www.voidsecurity.in/2018/08/from-compiler-optimization-to-code.html
-CVE-2018-2843
+CVE-2018-2843 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2842
+CVE-2018-2842 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2841
+CVE-2018-2841 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2840
+CVE-2018-2840 (Vulnerability in the Oracle Retail Xstore Point of Service component o ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2839
+CVE-2018-2839 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2838
+CVE-2018-2838 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub compon ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2837
+CVE-2018-2837 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2836
+CVE-2018-2836 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2835
+CVE-2018-2835 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2834
+CVE-2018-2834 (Vulnerability in the Oracle Data Visualization Desktop component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2833
+CVE-2018-2833 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2832
+CVE-2018-2832 (Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate. ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2831
+CVE-2018-2831 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2830
+CVE-2018-2830 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2829
+CVE-2018-2829 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2828
+CVE-2018-2828 (Vulnerability in the Oracle WebCenter Content component of Oracle Fusi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2827
+CVE-2018-2827 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2826
+CVE-2018-2826 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-10 10.0.2+13-1
-CVE-2018-2825
+CVE-2018-2825 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-10 10.0.2+13-1
-CVE-2018-2824
+CVE-2018-2824 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2823
+CVE-2018-2823 (Vulnerability in the Oracle Transportation Management component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2822
+CVE-2018-2822 (Vulnerability in the Solaris Cluster component of Oracle Sun Systems P ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2821
+CVE-2018-2821 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2820
+CVE-2018-2820 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2819
+CVE-2018-2819 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47124,12 +47124,12 @@ CVE-2018-2819
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2818
+CVE-2018-2818 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4176-1 DLA-1355-1}
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2817
+CVE-2018-2817 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47137,11 +47137,11 @@ CVE-2018-2817
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2816
+CVE-2018-2816 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2815
+CVE-2018-2815 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47149,7 +47149,7 @@ CVE-2018-2815
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2814
+CVE-2018-2814 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47157,7 +47157,7 @@ CVE-2018-2814
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2813
+CVE-2018-2813 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47165,37 +47165,37 @@ CVE-2018-2813
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2812
+CVE-2018-2812 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2811
+CVE-2018-2811 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-8 <not-affected> (Specific to Oracle Java, our installation procedure are obviously different)
-CVE-2018-2810
+CVE-2018-2810 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2809
+CVE-2018-2809 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2808
+CVE-2018-2808 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2807
+CVE-2018-2807 (Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2806
+CVE-2018-2806 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2805
+CVE-2018-2805 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects GIS Extension in Oracle MySQL 5.6)
 	- mysql-5.5 <not-affected> (Only affects GIS Extension in Oracle MySQL 5.6)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2804
+CVE-2018-2804 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2803
+CVE-2018-2803 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2802
+CVE-2018-2802 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2801
+CVE-2018-2801 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2800
+CVE-2018-2800 (Vulnerability in the Java SE, JRockit component of Oracle Java SE (sub ...)
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47203,13 +47203,13 @@ CVE-2018-2800
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2799
+CVE-2018-2799 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
 	[experimental] - openjdk-7 7u181-2.6.14-1
 	- openjdk-7 <removed>
-CVE-2018-2798
+CVE-2018-2798 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47217,7 +47217,7 @@ CVE-2018-2798
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2797
+CVE-2018-2797 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47225,13 +47225,13 @@ CVE-2018-2797
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2796
+CVE-2018-2796 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
 	[experimental] - openjdk-7 7u181-2.6.14-1
 	- openjdk-7 <removed>
-CVE-2018-2795
+CVE-2018-2795 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47239,7 +47239,7 @@ CVE-2018-2795
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2794
+CVE-2018-2794 (Vulnerability in the Java SE, JRockit component of Oracle Java SE (sub ...)
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47247,13 +47247,13 @@ CVE-2018-2794
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2793
+CVE-2018-2793 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2792
+CVE-2018-2792 (Vulnerability in the Hardware Management Pack component of Oracle Sun  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2791
+CVE-2018-2791 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2790
+CVE-2018-2790 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4225-1 DSA-4185-1}
 	- openjdk-10 10.0.1+10-4
 	- openjdk-8 8u171-b11-1
@@ -47261,11 +47261,11 @@ CVE-2018-2790
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2789
+CVE-2018-2789 (Vulnerability in the Siebel Core - Server Framework component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2788
+CVE-2018-2788 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2787
+CVE-2018-2787 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1407-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47273,13 +47273,13 @@ CVE-2018-2787
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2786
+CVE-2018-2786 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2785
+CVE-2018-2785 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2784
+CVE-2018-2784 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1407-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47287,12 +47287,12 @@ CVE-2018-2784
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2783
+CVE-2018-2783 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	- openjdk-10 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-8 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-7 <not-affected> (Apparently specific to Oracle Java)
 	- openjdk-6 <not-affected> (Apparently specific to Oracle Java)
-CVE-2018-2782
+CVE-2018-2782 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1407-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47300,7 +47300,7 @@ CVE-2018-2782
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2781
+CVE-2018-2781 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47308,40 +47308,40 @@ CVE-2018-2781
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2780
+CVE-2018-2780 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2779
+CVE-2018-2779 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2778
+CVE-2018-2778 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2777
+CVE-2018-2777 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2776
+CVE-2018-2776 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2775
+CVE-2018-2775 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2774
+CVE-2018-2774 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2773
+CVE-2018-2773 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4176-1 DLA-1355-1}
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <removed>
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2772
+CVE-2018-2772 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2771
+CVE-2018-2771 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47349,15 +47349,15 @@ CVE-2018-2771
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2770
+CVE-2018-2770 (Vulnerability in the Oracle Adaptive Access Manager component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2769
+CVE-2018-2769 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2768
+CVE-2018-2768 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2767
+CVE-2018-2767 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1566-1 DLA-1407-1}
 	- mariadb-10.2 <removed>
 	- mariadb-10.1 1:10.1.34-1
@@ -47376,7 +47376,7 @@ CVE-2018-2767
 	NOTE: fixed in 5.5.61, 5.6.41, 5.7.23
 	NOTE: Strictly speaking though the CVE would be only for Oracle MySQL, for practical
 	NOTE: reasons still tracking as well MariaDB here.
-CVE-2018-2766
+CVE-2018-2766 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1407-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47384,17 +47384,17 @@ CVE-2018-2766
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2765
+CVE-2018-2765 (Vulnerability in the Oracle Security Service component of Oracle Fusio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2764
+CVE-2018-2764 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2763
+CVE-2018-2763 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2762
+CVE-2018-2762 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2761
+CVE-2018-2761 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47402,21 +47402,21 @@ CVE-2018-2761
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2760
+CVE-2018-2760 (Vulnerability in the Oracle HTTP Server component of Oracle Fusion Mid ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2759
+CVE-2018-2759 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2758
+CVE-2018-2758 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.22-1 (bug #895997)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
 CVE-2018-2757
 	RESERVED
-CVE-2018-2756
+CVE-2018-2756 (Vulnerability in the Oracle Communications Order and Service Managemen ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2755
+CVE-2018-2755 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4176-1 DLA-1407-1 DLA-1355-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898445)
 	- mariadb-10.0 <removed>
@@ -47424,23 +47424,23 @@ CVE-2018-2755
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.35, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
-CVE-2018-2754
+CVE-2018-2754 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2753
+CVE-2018-2753 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2752
+CVE-2018-2752 (Vulnerability in the PeopleSoft Enterprise HCM component of Oracle Peo ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2751
 	RESERVED
-CVE-2018-2750
+CVE-2018-2750 (Vulnerability in the Enterprise Manager Base Platform component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2749
+CVE-2018-2749 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2748
+CVE-2018-2748 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2747
+CVE-2018-2747 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2746
+CVE-2018-2746 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2745
 	RESERVED
@@ -47448,17 +47448,17 @@ CVE-2018-2744
 	RESERVED
 CVE-2018-2743
 	RESERVED
-CVE-2018-2742
+CVE-2018-2742 (Vulnerability in the Enterprise Manager Ops Center component of Oracle ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2741
 	RESERVED
 CVE-2018-2740
 	RESERVED
-CVE-2018-2739
+CVE-2018-2739 (Vulnerability in the Oracle Access Manager component of Oracle Fusion  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2738
+CVE-2018-2738 (Vulnerability in the Oracle Retail Central Office component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2737
+CVE-2018-2737 (Vulnerability in the Oracle Retail Returns Management component of Ora ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2736
 	RESERVED
@@ -47466,140 +47466,140 @@ CVE-2018-2735
 	RESERVED
 CVE-2018-2734
 	RESERVED
-CVE-2018-2733
+CVE-2018-2733 (Vulnerability in the Oracle Hyperion Planning component of Oracle Hype ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2732
+CVE-2018-2732 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2731
+CVE-2018-2731 (Vulnerability in the PeopleSoft Enterprise SCM eProcurement component  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2730
+CVE-2018-2730 (Vulnerability in the Oracle Retail Merchandising System component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2729
+CVE-2018-2729 (Vulnerability in the Oracle Financial Services Funds Transfer Pricing  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2728
+CVE-2018-2728 (Vulnerability in the Oracle Financial Services Funds Transfer Pricing  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2727
+CVE-2018-2727 (Vulnerability in the Oracle Financial Services Market Risk Measurement ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2726
+CVE-2018-2726 (Vulnerability in the Oracle Financial Services Market Risk component o ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2725
+CVE-2018-2725 (Vulnerability in the Oracle Financial Services Hedge Management and IF ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2724
+CVE-2018-2724 (Vulnerability in the Oracle Financial Services Loan Loss Forecasting a ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2723
+CVE-2018-2723 (Vulnerability in the Oracle Financial Services Asset Liability Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2722
+CVE-2018-2722 (Vulnerability in the Oracle Financial Services Price Creation and Disc ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2721
+CVE-2018-2721 (Vulnerability in the Oracle Financial Services Price Creation and Disc ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2720
+CVE-2018-2720 (Vulnerability in the Oracle Financial Services Liquidity Risk Manageme ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2719
+CVE-2018-2719 (Vulnerability in the Oracle Financial Services Hedge Management and IF ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2718
+CVE-2018-2718 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2717
+CVE-2018-2717 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2716
+CVE-2018-2716 (Vulnerability in the Oracle Financial Services Market Risk Measurement ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2715
+CVE-2018-2715 (Vulnerability in the Oracle Business Intelligence Enterprise Edition c ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2714
+CVE-2018-2714 (Vulnerability in the Oracle Financial Services Market Risk component o ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2713
+CVE-2018-2713 (Vulnerability in the Oracle WebCenter Portal component of Oracle Fusio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2712
+CVE-2018-2712 (Vulnerability in the Oracle Financial Services Loan Loss Forecasting a ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2711
+CVE-2018-2711 (Vulnerability in the Oracle JDeveloper component of Oracle Fusion Midd ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2710
+CVE-2018-2710 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2709
+CVE-2018-2709 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2708
+CVE-2018-2708 (Vulnerability in the Oracle Banking Payments component of Oracle Finan ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2707
+CVE-2018-2707 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2706
+CVE-2018-2706 (Vulnerability in the Oracle Banking Corporate Lending component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2705
+CVE-2018-2705 (Vulnerability in the Oracle Banking Payments component of Oracle Finan ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2704
+CVE-2018-2704 (Vulnerability in the Oracle Banking Payments component of Oracle Finan ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2703
+CVE-2018-2703 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2702
+CVE-2018-2702 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle Pe ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2701
+CVE-2018-2701 (Vulnerability in the Oracle Hospitality Cruise Fleet Management compon ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2700
+CVE-2018-2700 (Vulnerability in the Oracle Hospitality Cruise Fleet Management compon ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2699
+CVE-2018-2699 (Vulnerability in the Application Express component of Oracle Database  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2698
+CVE-2018-2698 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2697
+CVE-2018-2697 (Vulnerability in the Oracle Hospitality Cruise Fleet Management compon ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2696
+CVE-2018-2696 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2695
+CVE-2018-2695 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2694
+CVE-2018-2694 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2693
+CVE-2018-2693 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox-guest-additions-iso 5.2.6-1
 	[jessie] - virtualbox-guest-additions-iso <no-dsa> (Non-free not supported)
 	[wheezy] - virtualbox-guest-additions-iso <no-dsa> (Non-free not supported)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
-CVE-2018-2692
+CVE-2018-2692 (Vulnerability in the Oracle Financial Services Asset Liability Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2691
+CVE-2018-2691 (Vulnerability in the Oracle User Management component of Oracle E-Busi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2690
+CVE-2018-2690 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2689
+CVE-2018-2689 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2688
+CVE-2018-2688 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2687
+CVE-2018-2687 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2686
+CVE-2018-2686 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2685
+CVE-2018-2685 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2684
+CVE-2018-2684 (Vulnerability in the Oracle User Management component of Oracle E-Busi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2683
+CVE-2018-2683 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2682
+CVE-2018-2682 (Vulnerability in the Oracle Financial Services Liquidity Risk Manageme ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2681
+CVE-2018-2681 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources compone ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2680
+CVE-2018-2680 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2679
+CVE-2018-2679 (Vulnerability in the Oracle Financial Services Profitability Managemen ...)
 	NOT-FOR-US: Oracle Financial Services Applications
-CVE-2018-2678
+CVE-2018-2678 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47607,7 +47607,7 @@ CVE-2018-2678
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2677
+CVE-2018-2677 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47615,25 +47615,25 @@ CVE-2018-2677
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2676
+CVE-2018-2676 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.6-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 	[wheezy] - virtualbox <end-of-life> (DSA 3454)
-CVE-2018-2675
+CVE-2018-2675 (Vulnerability in the Java Advanced Management Console component of Ora ...)
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2018-2674
+CVE-2018-2674 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2673
+CVE-2018-2673 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2672
+CVE-2018-2672 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2671
+CVE-2018-2671 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing component of ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2670
+CVE-2018-2670 (Vulnerability in the Oracle Financial Services Profitability Managemen ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2669
+CVE-2018-2669 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2668
+CVE-2018-2668 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4091-1 DLA-1407-1 DLA-1250-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898444)
 	- mariadb-10.0 <removed>
@@ -47641,13 +47641,13 @@ CVE-2018-2668
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.34, 10.1.31
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2667
+CVE-2018-2667 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2666
+CVE-2018-2666 (Vulnerability in the Oracle Hospitality Labor Management component of  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2665
+CVE-2018-2665 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4091-1 DLA-1407-1 DLA-1250-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898444)
 	- mariadb-10.0 <removed>
@@ -47655,9 +47655,9 @@ CVE-2018-2665
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.34, 10.1.31
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2664
+CVE-2018-2664 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2663
+CVE-2018-2663 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47665,58 +47665,58 @@ CVE-2018-2663
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2662
+CVE-2018-2662 (Vulnerability in the Oracle Transportation Management component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2661
+CVE-2018-2661 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2660
+CVE-2018-2660 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2659
+CVE-2018-2659 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2658
+CVE-2018-2658 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2657
+CVE-2018-2657 (Vulnerability in the Java SE, JRockit component of Oracle Java SE (sub ...)
 	- openjdk-9 <not-affected> (Seems to be specific to Oracle Java)
 	- openjdk-8 <not-affected> (Seems to be specific to Oracle Java)
 	- openjdk-7 <not-affected> (Seems to be specific to Oracle Java)
 	- openjdk-6 <not-affected> (Seems to be specific to Oracle Java)
-CVE-2018-2656
+CVE-2018-2656 (Vulnerability in the Oracle General Ledger component of Oracle E-Busin ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2655
+CVE-2018-2655 (Vulnerability in the Oracle Work in Process component of Oracle E-Busi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2654
+CVE-2018-2654 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources compone ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2653
+CVE-2018-2653 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2652
+CVE-2018-2652 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2651
+CVE-2018-2651 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2650
+CVE-2018-2650 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2649
+CVE-2018-2649 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2648
+CVE-2018-2648 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2647
+CVE-2018-2647 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2646
+CVE-2018-2646 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2645
+CVE-2018-2645 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2644
+CVE-2018-2644 (Vulnerability in the Oracle Argus Safety component of Oracle Health Sc ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2643
+CVE-2018-2643 (Vulnerability in the Oracle Argus Safety component of Oracle Health Sc ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2642
+CVE-2018-2642 (Vulnerability in the Oracle Argus Safety component of Oracle Health Sc ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2641
+CVE-2018-2641 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	[experimental] - openjdk-7 7u171-2.6.13-1
 	- openjdk-9 9.0.4+12-1
@@ -47724,7 +47724,7 @@ CVE-2018-2641
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2640
+CVE-2018-2640 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4091-1 DLA-1407-1 DLA-1250-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898444)
 	- mariadb-10.0 <removed>
@@ -47732,13 +47732,13 @@ CVE-2018-2640
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.34, 10.1.33
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2639
+CVE-2018-2639 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-9 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2018-2638
+CVE-2018-2638 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-9 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2018-2637
+CVE-2018-2637 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47746,11 +47746,11 @@ CVE-2018-2637
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2636
+CVE-2018-2636 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2635
+CVE-2018-2635 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2634
+CVE-2018-2634 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47758,7 +47758,7 @@ CVE-2018-2634
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2633
+CVE-2018-2633 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47766,33 +47766,33 @@ CVE-2018-2633
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2632
+CVE-2018-2632 (Vulnerability in the Siebel Engineering - Installer and Deployment com ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2631
+CVE-2018-2631 (Vulnerability in the Oracle Transportation Management component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2630
+CVE-2018-2630 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2629
+CVE-2018-2629 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2628
+CVE-2018-2628 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2627
+CVE-2018-2627 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-9 <not-affected> (Specific to installer for Windows)
 	- openjdk-8 <not-affected> (Specific to installer for Windows)
-CVE-2018-2626
+CVE-2018-2626 (Vulnerability in the Oracle Financial Services Balance Sheet Planning  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2625
+CVE-2018-2625 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2624
+CVE-2018-2624 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2623
+CVE-2018-2623 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2622
+CVE-2018-2622 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4091-1 DLA-1407-1 DLA-1250-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898444)
 	- mariadb-10.0 <removed>
@@ -47800,13 +47800,13 @@ CVE-2018-2622
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.34, 10.1.31
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2621
+CVE-2018-2621 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2620
+CVE-2018-2620 (Vulnerability in the Primavera Unifier component of Oracle Constructio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2619
+CVE-2018-2619 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2618
+CVE-2018-2618 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47814,17 +47814,17 @@ CVE-2018-2618
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2617
+CVE-2018-2617 (Vulnerability in the OSS Support Tools component of Oracle Support Too ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2616
+CVE-2018-2616 (Vulnerability in the OSS Support Tools component of Oracle Support Too ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2615
+CVE-2018-2615 (Vulnerability in the OSS Support Tools component of Oracle Support Too ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2614
+CVE-2018-2614 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2613
+CVE-2018-2613 (Vulnerability in the Oracle Argus Safety component of Oracle Health Sc ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2612
+CVE-2018-2612 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DLA-1407-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898444)
 	- mariadb-10.0 <removed>
@@ -47832,23 +47832,23 @@ CVE-2018-2612
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: Fixed in MariaDB 10.0.34, 10.1.31
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2611
+CVE-2018-2611 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2610
+CVE-2018-2610 (Vulnerability in the Hyperion Data Relationship Management component o ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2609
+CVE-2018-2609 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2608
+CVE-2018-2608 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2607
+CVE-2018-2607 (Vulnerability in the Oracle Hospitality Guest Access component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2606
+CVE-2018-2606 (Vulnerability in the Oracle Hospitality Guest Access component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2605
+CVE-2018-2605 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2604
+CVE-2018-2604 (Vulnerability in the Oracle Hospitality Guest Access component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2603
+CVE-2018-2603 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47856,7 +47856,7 @@ CVE-2018-2603
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2602
+CVE-2018-2602 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47864,13 +47864,13 @@ CVE-2018-2602
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2601
+CVE-2018-2601 (Vulnerability in the Oracle Internet Directory component of Oracle Fus ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2600
+CVE-2018-2600 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2599
+CVE-2018-2599 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47878,33 +47878,33 @@ CVE-2018-2599
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2598
+CVE-2018-2598 (Vulnerability in the MySQL Workbench component of Oracle MySQL (subcom ...)
 	- mysql-workbench <unfixed> (bug #904112)
 	[stretch] - mysql-workbench <no-dsa> (Exact details undisclosed, but marginal CVSS score)
 	[jessie] - mysql-workbench <postponed> (Exact details undisclosed, but marginal CVSS score)
-CVE-2018-2597
+CVE-2018-2597 (Vulnerability in the Oracle Hospitality Cruise Dining Room Management  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2596
+CVE-2018-2596 (Vulnerability in the Oracle WebCenter Content component of Oracle Fusi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2595
+CVE-2018-2595 (Vulnerability in the Hyperion BI+ component of Oracle Hyperion (subcom ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2594
+CVE-2018-2594 (Vulnerability in the Hyperion BI+ component of Oracle Hyperion (subcom ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2593
+CVE-2018-2593 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2592
+CVE-2018-2592 (Vulnerability in the Oracle Financial Services Balance Sheet Planning  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2591
+CVE-2018-2591 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.20-1
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2590
+CVE-2018-2590 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2589
+CVE-2018-2589 (Vulnerability in the Oracle Hospitality Simphony component of Oracle H ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2588
+CVE-2018-2588 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47912,34 +47912,34 @@ CVE-2018-2588
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2587
+CVE-2018-2587 (Vulnerability in the Oracle Access Manager component of Oracle Fusion  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2586
+CVE-2018-2586 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2585
+CVE-2018-2585 (Vulnerability in the MySQL Connectors component of Oracle MySQL (subco ...)
 	- mysql-connector-net <unfixed> (bug #887751)
 	[stretch] - mysql-connector-net <no-dsa> (Minor issue)
 	[jessie] - mysql-connector-net <no-dsa> (Minor issue)
 	[wheezy] - mysql-connector-net <no-dsa> (Minor issue)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2584
+CVE-2018-2584 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2583
+CVE-2018-2583 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2582
+CVE-2018-2582 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
 	{DSA-4144-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
-CVE-2018-2581
+CVE-2018-2581 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjfx 8u161-b12-1 (bug #888530)
 	[stretch] - openjfx <ignored> (Specific details withheld by Oracle, impossible to fix)
-CVE-2018-2580
+CVE-2018-2580 (Vulnerability in the Oracle Applications DBA component of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2579
+CVE-2018-2579 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of O ...)
 	{DSA-4166-1 DSA-4144-1 DLA-1339-1}
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1
@@ -47947,45 +47947,45 @@ CVE-2018-2579
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
-CVE-2018-2578
+CVE-2018-2578 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2577
+CVE-2018-2577 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2576
+CVE-2018-2576 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2575
+CVE-2018-2575 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2574
+CVE-2018-2574 (Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2573
+CVE-2018-2573 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2572
+CVE-2018-2572 (Vulnerability in the Oracle Agile Product Lifecycle Management for Pro ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2571
+CVE-2018-2571 (Vulnerability in the Oracle Communications Unified Inventory Managemen ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2570
+CVE-2018-2570 (Vulnerability in the Oracle Communications Unified Inventory Managemen ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2569
+CVE-2018-2569 (Vulnerability in the Java ME SDK component of Oracle Java Micro Editio ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2568
+CVE-2018-2568 (Vulnerability in the Integrated Lights Out Manager (ILOM) component of ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2567
+CVE-2018-2567 (Vulnerability in the Oracle Communications Order and Service Managemen ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2566
+CVE-2018-2566 (Vulnerability in the Integrated Lights Out Manager (ILOM) component of ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2565
+CVE-2018-2565 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.21-1 (bug #887477)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2564
+CVE-2018-2564 (Vulnerability in the Oracle WebCenter Content component of Oracle Fusi ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2563
+CVE-2018-2563 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2562
+CVE-2018-2562 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DSA-4341-1 DSA-4091-1 DLA-1407-1 DLA-1250-1}
 	- mariadb-10.1 1:10.1.34-1 (bug #898444)
 	- mariadb-10.0 <removed>
@@ -47993,9 +47993,9 @@ CVE-2018-2562
 	- mysql-5.5 <removed>
 	NOTE: Fixed in MariaDB 10.0.34, 10.1.31
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
-CVE-2018-2561
+CVE-2018-2561 (Vulnerability in the Oracle HTTP Server component of Oracle Fusion Mid ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2560
+CVE-2018-2560 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2559
 	RESERVED
@@ -48105,297 +48105,297 @@ CVE-2018-2507
 	RESERVED
 CVE-2018-2506
 	RESERVED
-CVE-2018-2505
+CVE-2018-2505 (SAP Commerce does not sufficiently validate user-controlled inputs, re ...)
 	NOT-FOR-US: SAP
-CVE-2018-2504
+CVE-2018-2504 (SAP NetWeaver AS Java Web Container service does not validate against  ...)
 	NOT-FOR-US: SAP
-CVE-2018-2503
+CVE-2018-2503 (By default, the SAP NetWeaver AS Java keystore service does not suffic ...)
 	NOT-FOR-US: SAP
-CVE-2018-2502
+CVE-2018-2502 (TRACE method is enabled in SAP Business One Service Layer . Attacker c ...)
 	NOT-FOR-US: SAP
 CVE-2018-2501
 	RESERVED
-CVE-2018-2500
+CVE-2018-2500 (Under certain conditions SAP Mobile Secure Android client (before vers ...)
 	NOT-FOR-US: SAP
-CVE-2018-2499
+CVE-2018-2499 (A security weakness in SAP Financial Consolidation Cube Designer (BOBJ ...)
 	NOT-FOR-US: SAP
 CVE-2018-2498
 	RESERVED
-CVE-2018-2497
+CVE-2018-2497 (The security audit log of SAP HANA, versions 1.0 and 2.0, does not log ...)
 	NOT-FOR-US: SAP
 CVE-2018-2496
 	RESERVED
 CVE-2018-2495
 	RESERVED
-CVE-2018-2494
+CVE-2018-2494 (Necessary authorization checks for an authenticated user, resulting in ...)
 	NOT-FOR-US: SAP
 CVE-2018-2493
 	RESERVED
-CVE-2018-2492
+CVE-2018-2492 (SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently ...)
 	NOT-FOR-US: SAP
-CVE-2018-2491
+CVE-2018-2491 (When opening a deep link URL in SAP Fiori Client with log level set to ...)
 	NOT-FOR-US: SAP
-CVE-2018-2490
+CVE-2018-2490 (The broadcast messages received by SAP Fiori Client are not protected  ...)
 	NOT-FOR-US: SAP
-CVE-2018-2489
+CVE-2018-2489 (Locally, without any permission, an arbitrary android application coul ...)
 	NOT-FOR-US: SAP
-CVE-2018-2488
+CVE-2018-2488 (It is possible for a malware application installed on an Android devic ...)
 	NOT-FOR-US: SAP
-CVE-2018-2487
+CVE-2018-2487 (SAP Disclosure Management 10.x allows an attacker to exploit through a ...)
 	NOT-FOR-US: SAP
-CVE-2018-2486
+CVE-2018-2486 (SAP Marketing (UICUAN (1.20, 1.30, 1.40), SAPSCORE (1.13, 1.14)) does  ...)
 	NOT-FOR-US: SAP
-CVE-2018-2485
+CVE-2018-2485 (It is possible for a malicious application or malware to execute JavaS ...)
 	NOT-FOR-US: SAP
-CVE-2018-2484
+CVE-2018-2484 (SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; ...)
 	NOT-FOR-US: SAP
-CVE-2018-2483
+CVE-2018-2483 (HTTP Verb Tampering is possible in SAP BusinessObjects Business Intell ...)
 	NOT-FOR-US: SAP
-CVE-2018-2482
+CVE-2018-2482 (SAP Mobile Secure Android Application, Mobile-secure.apk Android clien ...)
 	NOT-FOR-US: SAP
-CVE-2018-2481
+CVE-2018-2481 (In some SAP standard roles, in SAP_ABA versions, 7.00 to 7.02, 7.10 to ...)
 	NOT-FOR-US: SAP
 CVE-2018-2480
 	RESERVED
-CVE-2018-2479
+CVE-2018-2479 (SAP BusinessObjects Business Intelligence Platform (BIWorkspace), vers ...)
 	NOT-FOR-US: SAP
-CVE-2018-2478
+CVE-2018-2478 (An attacker can use specially crafted inputs to execute commands on th ...)
 	NOT-FOR-US: SAP
-CVE-2018-2477
+CVE-2018-2477 (Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, ...)
 	NOT-FOR-US: SAP
-CVE-2018-2476
+CVE-2018-2476 (Due to insufficient URL Validation in forums in SAP NetWeaver versions ...)
 	NOT-FOR-US: SAP
-CVE-2018-2475
+CVE-2018-2475 (Following the Gardener architecture, the Kubernetes apiserver of a Gar ...)
 	NOT-FOR-US: SAP
-CVE-2018-2474
+CVE-2018-2474 (SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) appli ...)
 	NOT-FOR-US: SAP
-CVE-2018-2473
+CVE-2018-2473 (SAP BusinessObjects Business Intelligence Platform Server, versions 4. ...)
 	NOT-FOR-US: SAP
-CVE-2018-2472
+CVE-2018-2472 (SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web  ...)
 	NOT-FOR-US: SAP
-CVE-2018-2471
+CVE-2018-2471 (Under certain conditions SAP BusinessObjects Business Intelligence Pla ...)
 	NOT-FOR-US: SAP
-CVE-2018-2470
+CVE-2018-2470 (In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30,  ...)
 	NOT-FOR-US: SAP
-CVE-2018-2469
+CVE-2018-2469 (Under certain conditions SAP Adaptive Server Enterprise (ASE), version ...)
 	NOT-FOR-US: SAP
-CVE-2018-2468
+CVE-2018-2468 (Under certain conditions the backup server in SAP Adaptive Server Ente ...)
 	NOT-FOR-US: SAP
-CVE-2018-2467
+CVE-2018-2467 (In the Software Development Kit in SAP BusinessObjects BI Platform Ser ...)
 	NOT-FOR-US: SAP
-CVE-2018-2466
+CVE-2018-2466 (In Impact and Lineage Analysis in SAP Data Services, version 4.2, the  ...)
 	NOT-FOR-US: SAP
-CVE-2018-2465
+CVE-2018-2465 (SAP HANA (versions 1.0 and 2.0) Extended Application Services classic  ...)
 	NOT-FOR-US: SAP
-CVE-2018-2464
+CVE-2018-2464 (SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not su ...)
 	NOT-FOR-US: SAP
-CVE-2018-2463
+CVE-2018-2463 (The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6 ...)
 	NOT-FOR-US: SAP
-CVE-2018-2462
+CVE-2018-2462 (In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWe ...)
 	NOT-FOR-US: SAP
-CVE-2018-2461
+CVE-2018-2461 (Missing authorization check in SAP HCM Fiori "People Profile" (GBX01 H ...)
 	NOT-FOR-US: SAP
-CVE-2018-2460
+CVE-2018-2460 (SAP Business One Android application, version 1.2, does not verify the ...)
 	NOT-FOR-US: SAP
-CVE-2018-2459
+CVE-2018-2459 (Users of an SAP Mobile Platform (version 3.0) Offline OData applicatio ...)
 	NOT-FOR-US: SAP
-CVE-2018-2458
+CVE-2018-2458 (Under certain conditions, Crystal Report using SAP Business One, versi ...)
 	NOT-FOR-US: SAP
-CVE-2018-2457
+CVE-2018-2457 (Under certain conditions SAP Adaptive Server Enterprise, version 16.0, ...)
 	NOT-FOR-US: SAP
 CVE-2018-2456
 	RESERVED
-CVE-2018-2455
+CVE-2018-2455 (SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6. ...)
 	NOT-FOR-US: SAP
-CVE-2018-2454
+CVE-2018-2454 (SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6. ...)
 	NOT-FOR-US: SAP
 CVE-2018-2453
 	RESERVED
-CVE-2018-2452
+CVE-2018-2452 (The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.3 ...)
 	NOT-FOR-US: SAP
-CVE-2018-2451
+CVE-2018-2451 (XS Command-Line Interface (CLI) user sessions with the SAP HANA Extend ...)
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2450
+CVE-2018-2450 (SAP MaxDB (liveCache), versions 7.8 and 7.9, allows an attacker who ge ...)
 	NOT-FOR-US: SAP MaxDB
-CVE-2018-2449
+CVE-2018-2449 (SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - ...)
 	NOT-FOR-US: SAP SRM MDM Catalog
-CVE-2018-2448
+CVE-2018-2448 (Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02 ...)
 	NOT-FOR-US: SAP BusinessObjects Business Intelligence Platform
-CVE-2018-2447
+CVE-2018-2447 (SAP BusinessObjects Business Intelligence (Launchpad Web Intelligence) ...)
 	NOT-FOR-US: SAP BusinessObjects Business Intelligence
-CVE-2018-2446
+CVE-2018-2446 (Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1 ...)
 	NOT-FOR-US: SAP BusinessObjects Business Intelligence
-CVE-2018-2445
+CVE-2018-2445 (AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, ...)
 	NOT-FOR-US: SAP BusinessObjects Business Intelligence
-CVE-2018-2444
+CVE-2018-2444 (SAP BusinessObjects Financial Consolidation, versions 10.0, 10.1, does ...)
 	NOT-FOR-US: SAP BusinessObjects Financial Consolidation
 CVE-2018-2443
 	RESERVED
-CVE-2018-2442
+CVE-2018-2442 (In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4. ...)
 	NOT-FOR-US: SAP BusinessObjects Business Intelligence
-CVE-2018-2441
+CVE-2018-2441 (Under certain conditions the SAP Change and Transport System (ABAP), S ...)
 	NOT-FOR-US: SAP Change and Transport System
-CVE-2018-2440
+CVE-2018-2440 (Under certain circumstances SAP Dynamic Authorization Management (DAM) ...)
 	NOT-FOR-US: SAP
-CVE-2018-2439
+CVE-2018-2439 (The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.5 ...)
 	NOT-FOR-US: SAP
-CVE-2018-2438
+CVE-2018-2438 (The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.5 ...)
 	NOT-FOR-US: SAP
-CVE-2018-2437
+CVE-2018-2437 (The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7. ...)
 	NOT-FOR-US: SAP
-CVE-2018-2436
+CVE-2018-2436 (Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does no ...)
 	NOT-FOR-US: SAP
-CVE-2018-2435
+CVE-2018-2435 (SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, 7. ...)
 	NOT-FOR-US: SAP
-CVE-2018-2434
+CVE-2018-2434 (A content spoofing vulnerability in the following components allows to ...)
 	NOT-FOR-US: SAP
-CVE-2018-2433
+CVE-2018-2433 (SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 N ...)
 	NOT-FOR-US: SAP
-CVE-2018-2432
+CVE-2018-2432 (SAP BusinessObjects Business Intelligence (BI Launchpad and Central Ma ...)
 	NOT-FOR-US: SAP
-CVE-2018-2431
+CVE-2018-2431 (SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.2 ...)
 	NOT-FOR-US: SAP
 CVE-2018-2430
 	RESERVED
 CVE-2018-2429
 	RESERVED
-CVE-2018-2428
+CVE-2018-2428 (Under certain conditions SAP UI5 Handler allows an attacker to access  ...)
 	NOT-FOR-US: SAP
-CVE-2018-2427
+CVE-2018-2427 (SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.2 ...)
 	NOT-FOR-US: SAP
 CVE-2018-2426
 	RESERVED
-CVE-2018-2425
+CVE-2018-2425 (Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA bac ...)
 	NOT-FOR-US: SAP
-CVE-2018-2424
+CVE-2018-2424 (SAP UI5 did not validate user input before adding it to the DOM struct ...)
 	NOT-FOR-US: SAP
-CVE-2018-2423
+CVE-2018-2423 (SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, H ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2422
+CVE-2018-2422 (SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7 ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2421
+CVE-2018-2421 (SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7 ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2420
+CVE-2018-2420 (SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, a ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2419
+CVE-2018-2419 (SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1 ...)
 	NOT-FOR-US: SAP Enterprise Financial Services
-CVE-2018-2418
+CVE-2018-2418 (SAP MaxDB ODBC driver (all versions before 7.9.09.07) allows an attack ...)
 	NOT-FOR-US: SAP MaxDB ODBC driver
-CVE-2018-2417
+CVE-2018-2417 (Under certain conditions, the SAP Identity Management 8.0 (pass of typ ...)
 	NOT-FOR-US: SAP Identity Management
-CVE-2018-2416
+CVE-2018-2416 (SAP Identity Management 7.2 and 8.0 do not sufficiently validate an XM ...)
 	NOT-FOR-US: SAP Identity Management
-CVE-2018-2415
+CVE-2018-2415 (SAP NetWeaver Application Server Java Web Container and HTTP Service ( ...)
 	NOT-FOR-US: SAP NetWeaver Application Server Java Web Container and HTTP Service
 CVE-2018-2414
 	RESERVED
-CVE-2018-2413
+CVE-2018-2413 (SAP Disclosure Management 10.1 does not perform necessary authorizatio ...)
 	NOT-FOR-US: SAP
-CVE-2018-2412
+CVE-2018-2412 (SAP Disclosure Management 10.1 does not perform necessary authorizatio ...)
 	NOT-FOR-US: SAP
 CVE-2018-2411
 	RESERVED
-CVE-2018-2410
+CVE-2018-2410 (SAP Business One, 9.2, 9.3, browser access does not sufficiently encod ...)
 	NOT-FOR-US: SAP
-CVE-2018-2409
+CVE-2018-2409 (Improper session management when using SAP Cloud Platform 2.0 (Connect ...)
 	NOT-FOR-US: SAP
-CVE-2018-2408
+CVE-2018-2408 (Improper Session Management in SAP Business Objects, 4.0, from 4.10, f ...)
 	NOT-FOR-US: SAP
 CVE-2018-2407
 	RESERVED
-CVE-2018-2406
+CVE-2018-2406 (Unquoted windows search path (directory/path traversal) vulnerability  ...)
 	NOT-FOR-US: Crystal Reports Server
-CVE-2018-2405
+CVE-2018-2405 (SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allo ...)
 	NOT-FOR-US: SAP
-CVE-2018-2404
+CVE-2018-2404 (SAP Disclosure Management 10.1 allows an attacker to upload any file w ...)
 	NOT-FOR-US: SAP
-CVE-2018-2403
+CVE-2018-2403 (Under certain conditions, SAP Disclosure Management 10.1 allows an att ...)
 	NOT-FOR-US: SAP
-CVE-2018-2402
+CVE-2018-2402 (In systems using the optional capture &amp; replay functionality of SA ...)
 	NOT-FOR-US: SAP
-CVE-2018-2401
+CVE-2018-2401 (SAP Business Process Automation (BPA) By Redwood does not sufficiently ...)
 	NOT-FOR-US: SAP
-CVE-2018-2400
+CVE-2018-2400 (Under certain conditions SAP Business Process Automation (BPA) By Redw ...)
 	NOT-FOR-US: SAP
-CVE-2018-2399
+CVE-2018-2399 (Cross-Site Scripting in Process Monitoring Infrastructure, from 7.10 t ...)
 	NOT-FOR-US: SAP
-CVE-2018-2398
+CVE-2018-2398 (Under certain conditions SAP Business Client 6.5 allows an attacker to ...)
 	NOT-FOR-US: SAP
-CVE-2018-2397
+CVE-2018-2397 (In SAP Business Objects Business Intelligence Platform, 4.00, 4.10, 4. ...)
 	NOT-FOR-US: SAP
-CVE-2018-2396
+CVE-2018-2396 (Under certain conditions a malicious user can prevent legitimate users ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2395
+CVE-2018-2395 (Under certain conditions a malicious user may retrieve information on  ...)
 	NOT-FOR-US: SAP Internet Graphic Server
-CVE-2018-2394
+CVE-2018-2394 (Under certain conditions an unauthenticated malicious user can prevent ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2393
+CVE-2018-2393 (Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20 ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2392
+CVE-2018-2392 (Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20 ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2391
+CVE-2018-2391 (Under certain conditions a malicious user can prevent legitimate users ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2390
+CVE-2018-2390 (Under certain conditions a malicious user can prevent legitimate users ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2389
+CVE-2018-2389 (Under certain conditions a malicious user can inject log files of SAP  ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2388
+CVE-2018-2388 (Stored cross-site scripting vulnerability in SAP internet Graphics Ser ...)
 	NOT-FOR-US: SAP internet Graphics Server
-CVE-2018-2387
+CVE-2018-2387 (A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7. ...)
 	NOT-FOR-US: SAP internet Graphics Server
-CVE-2018-2386
+CVE-2018-2386 (Under certain conditions a malicious user provoking an out of bounds b ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2385
+CVE-2018-2385 (Under certain conditions a malicious user provoking a divide by zero c ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2384
+CVE-2018-2384 (Under certain conditions a malicious user provoking a Null Pointer der ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2383
+CVE-2018-2383 (Reflected cross-site scripting vulnerability in SAP internet Graphics  ...)
 	NOT-FOR-US: SAP Internet Graphics Server
-CVE-2018-2382
+CVE-2018-2382 (A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7. ...)
 	NOT-FOR-US: SAP internet Graphics Server
-CVE-2018-2381
+CVE-2018-2381 (SAP ERP Financials Information System (SAP_APPL 6.00, 6.02, 6.03, 6.04 ...)
 	NOT-FOR-US: SAP ERP Financials Information System
-CVE-2018-2380
+CVE-2018-2380 (SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to expl ...)
 	NOT-FOR-US: SAP CRM
-CVE-2018-2379
+CVE-2018-2379 (In SAP HANA Extended Application Services, 1.0, an unauthenticated use ...)
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2378
+CVE-2018-2378 (In SAP HANA Extended Application Services, 1.0, unauthorized users can ...)
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2377
+CVE-2018-2377 (In SAP HANA Extended Application Services, 1.0, some general server st ...)
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2376
+CVE-2018-2376 (In SAP HANA Extended Application Services, 1.0, a controller user who  ...)
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2375
+CVE-2018-2375 (In SAP HANA Extended Application Services, 1.0, a controller user who  ...)
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2374
+CVE-2018-2374 (In SAP HANA Extended Application Services, 1.0, a controller user who  ...)
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2373
+CVE-2018-2373 (Under certain circumstances, a specific endpoint of the Controller's A ...)
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2372
+CVE-2018-2372 (A plain keystore password is written to a system log file in SAP HANA  ...)
 	NOT-FOR-US: SAP HANA Extended Application Services
-CVE-2018-2371
+CVE-2018-2371 (The SAML 2.0 service provider of SAP Netweaver AS Java Web Application ...)
 	NOT-FOR-US: SAP Netweaver AS Java Web Application
-CVE-2018-2370
+CVE-2018-2370 (Server Side Request Forgery (SSRF) vulnerability in SAP Central Manage ...)
 	NOT-FOR-US: SAP Central Management Console
-CVE-2018-2369
+CVE-2018-2369 (Under certain conditions SAP HANA, 1.00, 2.00, allows an unauthenticat ...)
 	NOT-FOR-US: SAP HANA
-CVE-2018-2368
+CVE-2018-2368 (SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, 7. ...)
 	NOT-FOR-US: SAP NetWeaver System Landscape Directory
-CVE-2018-2367
+CVE-2018-2367 (ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.1 ...)
 	NOT-FOR-US: SAP BASIS
-CVE-2018-2366
+CVE-2018-2366 (SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1, allows an  ...)
 	NOT-FOR-US: SAP
-CVE-2018-2365
+CVE-2018-2365 (SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not ...)
 	NOT-FOR-US: SAP NetWeaver Portal
-CVE-2018-2364
+CVE-2018-2364 (SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01, S4FND 1 ...)
 	NOT-FOR-US: SAP
-CVE-2018-2363
+CVE-2018-2363 (SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7 ...)
 	NOT-FOR-US: SAP NetWeaver
-CVE-2018-2362
+CVE-2018-2362 (A remote unauthenticated attacker, SAP HANA 1.00 and 2.00, could send  ...)
 	NOT-FOR-US: SAP HANA
-CVE-2018-2361
+CVE-2018-2361 (In SAP Solution Manager 7.20, the role SAP_BPO_CONFIG gives the Busine ...)
 	NOT-FOR-US: SAP Solution Manager
-CVE-2018-2360
+CVE-2018-2360 (SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an au ...)
 	NOT-FOR-US: SAP Startup Service
 CVE-2018-2359
 	REJECTED
@@ -49063,7 +49063,7 @@ CVE-2018-2028
 	RESERVED
 CVE-2018-2027
 	RESERVED
-CVE-2018-2026
+CVE-2018-2026 (IBM Financial Transaction Manager 3.2.1 for Digital Payments could all ...)
 	NOT-FOR-US: IBM
 CVE-2018-2025
 	RESERVED
@@ -49077,7 +49077,7 @@ CVE-2018-2021
 	RESERVED
 CVE-2018-2020
 	RESERVED
-CVE-2018-2019
+CVE-2018-2019 (IBM Security Identity Manager 6.0.0 Virtual Appliance is vulnerable to ...)
 	NOT-FOR-US: IBM
 CVE-2018-2018
 	RESERVED
@@ -49097,13 +49097,13 @@ CVE-2018-2011
 	RESERVED
 CVE-2018-2010
 	RESERVED
-CVE-2018-2009
+CVE-2018-2009 (IBM API Connect v2018.1 and 2018.4.1 is affected by an information dis ...)
 	NOT-FOR-US: IBM
 CVE-2018-2008
 	RESERVED
 CVE-2018-2007
 	RESERVED
-CVE-2018-2006
+CVE-2018-2006 (IBM Robotic Process Automation with Automation Anywhere 11 could allow ...)
 	NOT-FOR-US: IBM
 CVE-2018-2005
 	RESERVED
@@ -49119,17 +49119,17 @@ CVE-2018-2000
 	RESERVED
 CVE-2018-1999
 	RESERVED
-CVE-2018-1998
+CVE-2018-1998 (IBM WebSphere MQ 8.0.0.0 through 9.1.1 could allow a local user to inj ...)
 	NOT-FOR-US: IBM
 CVE-2018-1997
 	RESERVED
-CVE-2018-1996
+CVE-2018-1996 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1995
 	RESERVED
 CVE-2018-1994
 	RESERVED
-CVE-2018-1993
+CVE-2018-1993 (IBM Spectrum Scale (GPFS) 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 ...)
 	NOT-FOR-US: IBM
 CVE-2018-1992
 	RESERVED
@@ -49147,41 +49147,41 @@ CVE-2018-1986
 	RESERVED
 CVE-2018-1985
 	RESERVED
-CVE-2018-1984
+CVE-2018-1984 (IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM
-CVE-2018-1983
+CVE-2018-1983 (IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM
-CVE-2018-1982
+CVE-2018-1982 (IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM
 CVE-2018-1981
 	RESERVED
-CVE-2018-1980
+CVE-2018-1980 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
 CVE-2018-1979
 	RESERVED
-CVE-2018-1978
+CVE-2018-1978 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1977
+CVE-2018-1977 (IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) ...)
 	NOT-FOR-US: IBM
-CVE-2018-1976
+CVE-2018-1976 (IBM API Connect 5.0.0.0 through 5.0.8.4 is impacted by sensitive infor ...)
 	NOT-FOR-US: IBM
 CVE-2018-1975
 	RESERVED
-CVE-2018-1974
+CVE-2018-1974 (IBM WebSphere 8.0.0.0 through 9.1.1 could allow an authenticated attac ...)
 	NOT-FOR-US: IBM
-CVE-2018-1973
+CVE-2018-1973 (IBM API Connect 5.0.0.0 through 5.0.8.4 allows a user with limited 'AP ...)
 	NOT-FOR-US: IBM
 CVE-2018-1972
 	RESERVED
 CVE-2018-1971
 	RESERVED
-CVE-2018-1970
+CVE-2018-1970 (IBM Security Identity Manager 7.0.1 is vulnerable to a XML External En ...)
 	NOT-FOR-US: IBM
-CVE-2018-1969
+CVE-2018-1969 (IBM Security Identity Manager 6.0.0 allows the attacker to upload or t ...)
 	NOT-FOR-US: IBM
 CVE-2018-1968
 	RESERVED
-CVE-2018-1967
+CVE-2018-1967 (IBM Security Identity Manager 6.0.0 is vulnerable to cross-site script ...)
 	NOT-FOR-US: IBM
 CVE-2018-1966
 	RESERVED
@@ -49191,19 +49191,19 @@ CVE-2018-1964
 	RESERVED
 CVE-2018-1963
 	RESERVED
-CVE-2018-1962
+CVE-2018-1962 (IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalid ...)
 	NOT-FOR-US: IBM
 CVE-2018-1961
 	RESERVED
 CVE-2018-1960
 	RESERVED
-CVE-2018-1959
+CVE-2018-1959 (IBM Security Identity Manager 7.0.1 Virtual Appliance contains hard-co ...)
 	NOT-FOR-US: IBM
 CVE-2018-1958
 	RESERVED
-CVE-2018-1957
+CVE-2018-1957 (IBM WebSphere Application Server 9 could allow sensitive information t ...)
 	NOT-FOR-US: IBM
-CVE-2018-1956
+CVE-2018-1956 (IBM Security Identity Manager 6.0.0 does not require that users should ...)
 	NOT-FOR-US: IBM
 CVE-2018-1955
 	RESERVED
@@ -49211,121 +49211,121 @@ CVE-2018-1954
 	RESERVED
 CVE-2018-1953
 	RESERVED
-CVE-2018-1952
+CVE-2018-1952 (IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 th ...)
 	NOT-FOR-US: IBM
-CVE-2018-1951
+CVE-2018-1951 (IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-s ...)
 	NOT-FOR-US: IBM
-CVE-2018-1950
+CVE-2018-1950 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1949
+CVE-2018-1949 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1948
+CVE-2018-1948 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1947
+CVE-2018-1947 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1946
+CVE-2018-1946 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1945
+CVE-2018-1945 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1944
+CVE-2018-1944 (IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1943
 	RESERVED
 CVE-2018-1942
 	RESERVED
-CVE-2018-1941
+CVE-2018-1941 (IBM Campaign 9.1.0 and 9.1.2 could allow a local user to obtain admini ...)
 	NOT-FOR-US: IBM
 CVE-2018-1940
 	RESERVED
-CVE-2018-1939
+CVE-2018-1939 (IBM Cloud Private 3.1.1 could allow a remote attacker to conduct phish ...)
 	NOT-FOR-US: IBM
-CVE-2018-1938
+CVE-2018-1938 (IBM Cloud Private 3.1.1 could alllow a local user with administrator p ...)
 	NOT-FOR-US: IBM
-CVE-2018-1937
+CVE-2018-1937 (IBM Cloud Private 3.1.1 could alllow a local user with administrator p ...)
 	NOT-FOR-US: IBM
 CVE-2018-1936
 	RESERVED
-CVE-2018-1935
+CVE-2018-1935 (IBM Connections 5.0, 5.5, and 6.0 could allow an authenticated user to ...)
 	NOT-FOR-US: IBM
 CVE-2018-1934
 	RESERVED
 CVE-2018-1933
 	RESERVED
-CVE-2018-1932
+CVE-2018-1932 (IBM API Connect 5.0.0.0 through 5.0.8.4 is affected by a vulnerability ...)
 	NOT-FOR-US: IBM
 CVE-2018-1931
 	RESERVED
 CVE-2018-1930
 	RESERVED
-CVE-2018-1929
+CVE-2018-1929 (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 could all ...)
 	NOT-FOR-US: IBM
-CVE-2018-1928
+CVE-2018-1928 (IBM StoredIQ 7.6.0 does not implement proper authorization of user rol ...)
 	NOT-FOR-US: IBM
-CVE-2018-1927
+CVE-2018-1927 (IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which cou ...)
 	NOT-FOR-US: IBM
-CVE-2018-1926
+CVE-2018-1926 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1925
 	RESERVED
 CVE-2018-1924
 	RESERVED
-CVE-2018-1923
+CVE-2018-1923 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1922
+CVE-2018-1922 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
 CVE-2018-1921
 	RESERVED
-CVE-2018-1920
+CVE-2018-1920 (IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML Ex ...)
 	NOT-FOR-US: IBM
 CVE-2018-1919
 	RESERVED
-CVE-2018-1918
+CVE-2018-1918 (IBM Jazz Reporting Service (JRS) 6.0.3, 6.0.4, 6.0.5, and 6.0.6 is vul ...)
 	NOT-FOR-US: IBM
 CVE-2018-1917
 	RESERVED
-CVE-2018-1916
+CVE-2018-1916 (IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 th ...)
 	NOT-FOR-US: IBM
 CVE-2018-1915
 	RESERVED
-CVE-2018-1914
+CVE-2018-1914 (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulner ...)
 	NOT-FOR-US: IBM
 CVE-2018-1913
 	RESERVED
-CVE-2018-1912
+CVE-2018-1912 (IBM DOORS Next Generation (DNG/RRC) 6.0.2 through 6.0.6 is vulnerable  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1911
+CVE-2018-1911 (IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1910
+CVE-2018-1910 (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulner ...)
 	NOT-FOR-US: IBM
 CVE-2018-1909
 	RESERVED
-CVE-2018-1908
+CVE-2018-1908 (IBM Robotic Process Automation with Automation Anywhere 11 is vulnerab ...)
 	NOT-FOR-US: IBM
 CVE-2018-1907
 	RESERVED
 CVE-2018-1906
 	RESERVED
-CVE-2018-1905
+CVE-2018-1905 (IBM WebSphere Application Server 9.0.0.0 through 9.0.0.9 is vulnerable ...)
 	NOT-FOR-US: IBM
-CVE-2018-1904
+CVE-2018-1904 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow re ...)
 	NOT-FOR-US: IBM
 CVE-2018-1903
 	RESERVED
-CVE-2018-1902
+CVE-2018-1902 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1901
+CVE-2018-1901 (IBM WebSphere Application Server 8.5 and 9.0 could allow a remote atta ...)
 	NOT-FOR-US: IBM
-CVE-2018-1900
+CVE-2018-1900 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1899
+CVE-2018-1899 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1898
 	RESERVED
-CVE-2018-1897
+CVE-2018-1897 (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5., and 11.1 db2pdcf ...)
 	NOT-FOR-US: IBM
-CVE-2018-1896
+CVE-2018-1896 (IBM Connections 5.0, 5.5, and 6.0 is vulnerable to possible host heade ...)
 	NOT-FOR-US: IBM
-CVE-2018-1895
+CVE-2018-1895 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable t ...)
 	NOT-FOR-US: IBM
 CVE-2018-1894
 	RESERVED
@@ -49333,23 +49333,23 @@ CVE-2018-1893
 	RESERVED
 CVE-2018-1892
 	RESERVED
-CVE-2018-1891
+CVE-2018-1891 (IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scriptin ...)
 	NOT-FOR-US: IBM
-CVE-2018-1890
+CVE-2018-1890 (IBM SDK, Java Technology Edition Version 8 on the AIX platform uses ab ...)
 	NOT-FOR-US: IBM Java on AIX
-CVE-2018-1889
+CVE-2018-1889 (IBM Security Guardium 10.0 and 10.5 is vulnerable to cross-site script ...)
 	NOT-FOR-US: IBM
-CVE-2018-1888
+CVE-2018-1888 (An untrusted search path vulnerability in IBM i Access for Windows ver ...)
 	NOT-FOR-US: IBM
-CVE-2018-1887
+CVE-2018-1887 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1886
+CVE-2018-1886 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4 ...)
 	NOT-FOR-US: IBM
 CVE-2018-1885
 	RESERVED
-CVE-2018-1884
+CVE-2018-1884 (IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0, and 5.3. ...)
 	NOT-FOR-US: IBM Case Manager
-CVE-2018-1883
+CVE-2018-1883 (A problem within the IBM MQ 9.0.2, 9.0.3, 9.0.4, 9.0.5, and 9.1.0.0 Co ...)
 	NOT-FOR-US: IBM
 CVE-2018-1882
 	RESERVED
@@ -49359,21 +49359,21 @@ CVE-2018-1880
 	RESERVED
 CVE-2018-1879
 	RESERVED
-CVE-2018-1878
+CVE-2018-1878 (IBM Robotic Process Automation with Automation Anywhere 11 could discl ...)
 	NOT-FOR-US: IBM
-CVE-2018-1877
+CVE-2018-1877 (IBM Robotic Process Automation with Automation Anywhere 11 could store ...)
 	NOT-FOR-US: IBM
-CVE-2018-1876
+CVE-2018-1876 (IBM Robotic Process Automation with Automation Anywhere 11 could under ...)
 	NOT-FOR-US: IBM
-CVE-2018-1875
+CVE-2018-1875 (IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 cou ...)
 	NOT-FOR-US: IBM
 CVE-2018-1874
 	RESERVED
 CVE-2018-1873
 	RESERVED
-CVE-2018-1872
+CVE-2018-1872 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1871
+CVE-2018-1871 (IBM Financial Transaction Manager for Digital Payments for Multi-Platf ...)
 	NOT-FOR-US: IBM
 CVE-2018-1870
 	RESERVED
@@ -49397,11 +49397,11 @@ CVE-2018-1861
 	RESERVED
 CVE-2018-1860
 	RESERVED
-CVE-2018-1859
+CVE-2018-1859 (IBM API Connect 5.0.0.0 through 5.0.8.4 could allow a user authenticat ...)
 	NOT-FOR-US: IBM
 CVE-2018-1858
 	RESERVED
-CVE-2018-1857
+CVE-2018-1857 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 ...)
 	NOT-FOR-US: IBM
 CVE-2018-1856
 	RESERVED
@@ -49413,43 +49413,43 @@ CVE-2018-1853
 	RESERVED
 CVE-2018-1852
 	RESERVED
-CVE-2018-1851
+CVE-2018-1851 (IBM WebSphere Application Server Liberty OpenID Connect could allow a  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1850
+CVE-2018-1850 (IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.0 cou ...)
 	NOT-FOR-US: IBM
 CVE-2018-1849
 	RESERVED
-CVE-2018-1848
+CVE-2018-1848 (IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1 is vulnerable t ...)
 	NOT-FOR-US: IBM
 CVE-2018-1847
 	RESERVED
-CVE-2018-1846
+CVE-2018-1846 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 t ...)
 	NOT-FOR-US: IBM
 CVE-2018-1845
 	RESERVED
-CVE-2018-1844
+CVE-2018-1844 (IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML Ext ...)
 	NOT-FOR-US: IBM
-CVE-2018-1843
+CVE-2018-1843 (The Identity and Access Management (IAM) services (IBM Cloud Private 3 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1842
+CVE-2018-1842 (IBM Cognos Analytics 11 Configuration tool, under certain circumstance ...)
 	NOT-FOR-US: IBM
-CVE-2018-1841
+CVE-2018-1841 (IBM Cloud Private 2.1.0 could allow a local user to obtain the CA Priv ...)
 	NOT-FOR-US: IBM
-CVE-2018-1840
+CVE-2018-1840 (IBM WebSphere Application Server 8.5 and 9.0 could allow a remote atta ...)
 	NOT-FOR-US: IBM
 CVE-2018-1839
 	RESERVED
-CVE-2018-1838
+CVE-2018-1838 (IBM WebSphere Application Server 8.5 and 9.0 in IBM Cloud could allow  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1837
 	RESERVED
 CVE-2018-1836
 	RESERVED
-CVE-2018-1835
+CVE-2018-1835 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 5 is vulnerable ...)
 	NOT-FOR-US: IBM
-CVE-2018-1834
+CVE-2018-1834 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1833
+CVE-2018-1833 (IBM Event Streams 2018.3.0 could allow a remote attacker to submit an  ...)
 	NOT-FOR-US: IBM Event Streams
 CVE-2018-1832
 	RESERVED
@@ -49457,7 +49457,7 @@ CVE-2018-1831
 	RESERVED
 CVE-2018-1830
 	RESERVED
-CVE-2018-1829
+CVE-2018-1829 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
 CVE-2018-1828
 	RESERVED
@@ -49465,33 +49465,33 @@ CVE-2018-1827
 	RESERVED
 CVE-2018-1826
 	RESERVED
-CVE-2018-1825
+CVE-2018-1825 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
-CVE-2018-1824
+CVE-2018-1824 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
-CVE-2018-1823
+CVE-2018-1823 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
-CVE-2018-1822
+CVE-2018-1822 (IBM FlashSystem 900 product GUI allows a specially crafted attack to b ...)
 	NOT-FOR-US: IBM
-CVE-2018-1821
+CVE-2018-1821 (IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vul ...)
 	NOT-FOR-US: IBM
-CVE-2018-1820
+CVE-2018-1820 (IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scr ...)
 	NOT-FOR-US: IBM
-CVE-2018-1819
+CVE-2018-1819 (IBM Financial Transaction Manager for Digital Payments for Multi-Platf ...)
 	NOT-FOR-US: IBM
-CVE-2018-1818
+CVE-2018-1818 (IBM Security Guardium 10 and 10.5 contains hard-coded credentials, suc ...)
 	NOT-FOR-US: IBM
-CVE-2018-1817
+CVE-2018-1817 (IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scriptin ...)
 	NOT-FOR-US: IBM
 CVE-2018-1816
 	RESERVED
-CVE-2018-1815
+CVE-2018-1815 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1814
+CVE-2018-1814 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1813
+CVE-2018-1813 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1812
+CVE-2018-1812 (IBM Robotic Process Automation with Automation Anywhere Enterprise 10  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1811
 	RESERVED
@@ -49499,257 +49499,257 @@ CVE-2018-1810
 	RESERVED
 CVE-2018-1809
 	RESERVED
-CVE-2018-1808
+CVE-2018-1808 (IBM WebSphere Commerce 9.0.0.0 through 9.0.0.6 could allow some server ...)
 	NOT-FOR-US: IBM
 CVE-2018-1807
 	RESERVED
 CVE-2018-1806
 	RESERVED
-CVE-2018-1805
+CVE-2018-1805 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1804
+CVE-2018-1804 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1803
+CVE-2018-1803 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1802
+CVE-2018-1802 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1801
+CVE-2018-1801 (IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1800
+CVE-2018-1800 (IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could ...)
 	NOT-FOR-US: IBM
-CVE-2018-1799
+CVE-2018-1799 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1798
+CVE-2018-1798 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2018-1797
+CVE-2018-1797 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using Enterpri ...)
 	NOT-FOR-US: IBM
 CVE-2018-1796
 	RESERVED
-CVE-2018-1795
+CVE-2018-1795 (IBM Robotic Process Automation with Automation Anywhere Enterprise 10  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1794
+CVE-2018-1794 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using OAuth ea ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2018-1793
+CVE-2018-1793 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using SAML ear ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2018-1792
+CVE-2018-1792 (IBM WebSphere MQ 8.0.0.0 through 8.0.0.10, 9.0.0.0 through 9.0.0.5, 9. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1791
+CVE-2018-1791 (IBM Connections 5.0, 5.5, and 6.0 is vulnerable to an External Service ...)
 	NOT-FOR-US: IBM
 CVE-2018-1790
 	RESERVED
-CVE-2018-1789
+CVE-2018-1789 (IBM API Connect v2018.1.0 through v2018.3.4 could allow an attacker to ...)
 	NOT-FOR-US: IBM
-CVE-2018-1788
+CVE-2018-1788 (IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitiv ...)
 	NOT-FOR-US: IBM
 CVE-2018-1787
 	RESERVED
-CVE-2018-1786
+CVE-2018-1786 (IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly ...)
 	NOT-FOR-US: IBM Spectrum Protect
-CVE-2018-1785
+CVE-2018-1785 (IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses wea ...)
 	NOT-FOR-US: IBM
-CVE-2018-1784
+CVE-2018-1784 (IBM API Connect 5.0.0.0 and 5.0.8.4 is affected by a NoSQL Injection i ...)
 	NOT-FOR-US: IBM
-CVE-2018-1783
+CVE-2018-1783 (IBM GPFS (IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1782
+CVE-2018-1782 (IBM GPFS (IBM Spectrum Scale 5.0.1.0 and 5.0.1.1) allows a local, unpr ...)
 	NOT-FOR-US: IBM
-CVE-2018-1781
+CVE-2018-1781 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1780
+CVE-2018-1780 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1779
+CVE-2018-1779 (IBM API Connect 2018.1 through 2018.3.7 could allow an unauthenticated ...)
 	NOT-FOR-US: IBM
-CVE-2018-1778
+CVE-2018-1778 (IBM LoopBack (IBM API Connect 2018.1, 2018.4.1, 5.0.8.0, and 5.0.8.4)  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1777
+CVE-2018-1777 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1776
 	RESERVED
-CVE-2018-1775
+CVE-2018-1775 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and I ...)
 	NOT-FOR-US: IBM
-CVE-2018-1774
+CVE-2018-1774 (IBM API Connect 5.0.0.0, 5.0.8.4, 2018.1 and 2018.3.6 is vulnerable to ...)
 	NOT-FOR-US: IBM
-CVE-2018-1773
+CVE-2018-1773 (IBM Datacap Fastdoc Capture 9.1.1, 9.1.3, and 9.1.4 could allow an aut ...)
 	NOT-FOR-US: IBM
-CVE-2018-1772
+CVE-2018-1772 (IBM SPSS Analytic Server 3.1.1.1 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2018-1771
+CVE-2018-1771 (IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands o ...)
 	NOT-FOR-US: IBM
-CVE-2018-1770
+CVE-2018-1770 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1769
 	RESERVED
-CVE-2018-1768
+CVE-2018-1768 (IBM Spectrum Protect Plus 10.1.0 and 10.1.1 could disclose sensitive i ...)
 	NOT-FOR-US: IBM
-CVE-2018-1767
+CVE-2018-1767 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Cachemonitor i ...)
 	NOT-FOR-US: IBM
-CVE-2018-1766
+CVE-2018-1766 (IBM Team Concert (RTC) 5.0 through 5.0.2 and 6.0 through 6.0.5 are vul ...)
 	NOT-FOR-US: IBM
 CVE-2018-1765
 	RESERVED
-CVE-2018-1764
+CVE-2018-1764 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
-CVE-2018-1763
+CVE-2018-1763 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
-CVE-2018-1762
+CVE-2018-1762 (IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1761
+CVE-2018-1761 (IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM
 CVE-2018-1760
 	RESERVED
-CVE-2018-1759
+CVE-2018-1759 (IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
 CVE-2018-1758
 	RESERVED
-CVE-2018-1757
+CVE-2018-1757 (IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 co ...)
 	NOT-FOR-US: IBM
-CVE-2018-1756
+CVE-2018-1756 (IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is ...)
 	NOT-FOR-US: IBM
-CVE-2018-1755
+CVE-2018-1755 (IBM WebSphere Application Server Liberty could allow a remote attacker ...)
 	NOT-FOR-US: IBM
 CVE-2018-1754
 	RESERVED
-CVE-2018-1753
+CVE-2018-1753 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 generates an error  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1752
 	RESERVED
-CVE-2018-1751
+CVE-2018-1751 (IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker tha ...)
 	NOT-FOR-US: IBM
-CVE-2018-1750
+CVE-2018-1750 (IBM Security Key Lifecycle Manager 3.0 specifies permissions for a sec ...)
 	NOT-FOR-US: IBM
-CVE-2018-1749
+CVE-2018-1749 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 uses incomplete bla ...)
 	NOT-FOR-US: IBM
 CVE-2018-1748
 	RESERVED
-CVE-2018-1747
+CVE-2018-1747 (IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 is vulnerabl ...)
 	NOT-FOR-US: IBM
 CVE-2018-1746
 	RESERVED
-CVE-2018-1745
+CVE-2018-1745 (IBM Security Key Lifecycle Manager 2.7 and 3.0 could allow an unauthen ...)
 	NOT-FOR-US: IBM
-CVE-2018-1744
+CVE-2018-1744 (IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 could allow  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1743
+CVE-2018-1743 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 discloses sensitive ...)
 	NOT-FOR-US: IBM
-CVE-2018-1742
+CVE-2018-1742 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-coded ...)
 	NOT-FOR-US: IBM
-CVE-2018-1741
+CVE-2018-1741 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 does not properly l ...)
 	NOT-FOR-US: IBM
-CVE-2018-1740
+CVE-2018-1740 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4 ...)
 	NOT-FOR-US: IBM
 CVE-2018-1739
 	RESERVED
-CVE-2018-1738
+CVE-2018-1738 (IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0 could allow an authen ...)
 	NOT-FOR-US: IBM
 CVE-2018-1737
 	RESERVED
-CVE-2018-1736
+CVE-2018-1736 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attac ...)
 	NOT-FOR-US: IBM
 CVE-2018-1735
 	RESERVED
 CVE-2018-1734
 	RESERVED
-CVE-2018-1733
+CVE-2018-1733 (IBM QRadar SIEM 7.2 and 7.3 fails to adequately filter user-controlled ...)
 	NOT-FOR-US: IBM
-CVE-2018-1732
+CVE-2018-1732 (IBM QRadar SIEM 1.14.0 discloses sensitive information to unauthorized ...)
 	NOT-FOR-US: IBM
 CVE-2018-1731
 	RESERVED
-CVE-2018-1730
+CVE-2018-1730 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to a XML External Entity Inj ...)
 	NOT-FOR-US: IBM
 CVE-2018-1729
 	RESERVED
-CVE-2018-1728
+CVE-2018-1728 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. Thi ...)
 	NOT-FOR-US: IBM
-CVE-2018-1727
+CVE-2018-1727 (IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnera ...)
 	NOT-FOR-US: IBM
 CVE-2018-1726
 	RESERVED
 CVE-2018-1725
 	RESERVED
-CVE-2018-1724
+CVE-2018-1724 (IBM Spectrum LSF 9.1.1 9.1.2, 9.1.3, and 10.1 could allow a local user ...)
 	NOT-FOR-US: IBM
-CVE-2018-1723
+CVE-2018-1723 (IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1722
+CVE-2018-1722 (IBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1721
 	RESERVED
 CVE-2018-1720
 	RESERVED
-CVE-2018-1719
+CVE-2018-1719 (IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than ...)
 	NOT-FOR-US: IBM
-CVE-2018-1718
+CVE-2018-1718 (IBM Sterling B2B Integrator Standard Edition 5.2.0.1 - 5.2.6.3 is vuln ...)
 	NOT-FOR-US: IBM
 CVE-2018-1717
 	RESERVED
-CVE-2018-1716
+CVE-2018-1716 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM
-CVE-2018-1715
+CVE-2018-1715 (IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-s ...)
 	NOT-FOR-US: IBM
 CVE-2018-1714
 	RESERVED
 CVE-2018-1713
 	RESERVED
-CVE-2018-1712
+CVE-2018-1712 (IBM API Connect's Developer Portal 5.0.0.0 through 5.0.8.3 is vulnerab ...)
 	NOT-FOR-US: IBM
-CVE-2018-1711
+CVE-2018-1711 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1710
+CVE-2018-1710 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1 ...)
 	NOT-FOR-US: IBM
 CVE-2018-1709
 	RESERVED
-CVE-2018-1708
+CVE-2018-1708 (IBM Spectrum Symphony 7.1.2 and 7.2.0.2 could allow an authenticated u ...)
 	NOT-FOR-US: IBM
 CVE-2018-1707
 	RESERVED
-CVE-2018-1706
+CVE-2018-1706 (IBM Spectrum Symphony 7.2.0.2 is vulnerable to cross-site scripting. T ...)
 	NOT-FOR-US: IBM
-CVE-2018-1705
+CVE-2018-1705 (IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Sympho ...)
 	NOT-FOR-US: IBM Platform Symphony
-CVE-2018-1704
+CVE-2018-1704 (IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Sympho ...)
 	NOT-FOR-US: IBM
 CVE-2018-1703
 	RESERVED
-CVE-2018-1702
+CVE-2018-1702 (IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Sympho ...)
 	NOT-FOR-US: IBM
-CVE-2018-1701
+CVE-2018-1701 (IBM InfoSphere Information Server 11.7 could allow an authenciated use ...)
 	NOT-FOR-US: IBM
 CVE-2018-1700
 	RESERVED
-CVE-2018-1699
+CVE-2018-1699 (IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to SQL inj ...)
 	NOT-FOR-US: IBM
-CVE-2018-1698
+CVE-2018-1698 (IBM Maximo Asset Management 7.6 through 7.6.3 could allow an unauthent ...)
 	NOT-FOR-US: IBM
-CVE-2018-1697
+CVE-2018-1697 (IBM Maximo Asset Management 7.6 could allow an authenticated user to e ...)
 	NOT-FOR-US: IBM
 CVE-2018-1696
 	RESERVED
-CVE-2018-1695
+CVE-2018-1695 (IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations usi ...)
 	NOT-FOR-US: IBM
-CVE-2018-1694
+CVE-2018-1694 (IBM Jazz applications (IBM Rational Collaborative Lifecycle Management ...)
 	NOT-FOR-US: IBM
 CVE-2018-1693
 	RESERVED
-CVE-2018-1692
+CVE-2018-1692 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1691
+CVE-2018-1691 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1690
+CVE-2018-1690 (IBM Rhapsody Model Manager 6.0.6 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM Rhapsody Model Manager
 CVE-2018-1689
 	RESERVED
-CVE-2018-1688
+CVE-2018-1688 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5 ...)
 	NOT-FOR-US: IBM
 CVE-2018-1687
 	RESERVED
-CVE-2018-1686
+CVE-2018-1686 (IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-s ...)
 	NOT-FOR-US: IBM
-CVE-2018-1685
+CVE-2018-1685 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1684
+CVE-2018-1684 (IBM WebSphere MQ 8.0 through 9.1 is vulnerable to a error with MQTT to ...)
 	NOT-FOR-US: IBM
-CVE-2018-1683
+CVE-2018-1683 (IBM WebSphere Application Server Liberty could allow a remote attacker ...)
 	NOT-FOR-US: IBM
 CVE-2018-1682
 	RESERVED
@@ -49757,79 +49757,79 @@ CVE-2018-1681
 	RESERVED
 CVE-2018-1680
 	RESERVED
-CVE-2018-1679
+CVE-2018-1679 (IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could a ...)
 	NOT-FOR-US: IBM
 CVE-2018-1678
 	RESERVED
-CVE-2018-1677
+CVE-2018-1677 (IBM DataPower Gateways 7.1, 7.2, 7.5, 7.5.1, 7.5.2, 7.6, and 7.7 and I ...)
 	NOT-FOR-US: IBM
-CVE-2018-1676
+CVE-2018-1676 (IBM Planning Analytics 2.0.0 through 2.0.4 is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM Planning Analytics
-CVE-2018-1675
+CVE-2018-1675 (IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 coul ...)
 	NOT-FOR-US: IBM
-CVE-2018-1674
+CVE-2018-1674 (IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through 18.0 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1673
+CVE-2018-1673 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM
-CVE-2018-1672
+CVE-2018-1672 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correc ...)
 	NOT-FOR-US: IBM
-CVE-2018-1671
+CVE-2018-1671 (IBM Curam Social Program Management 7.0.3 is vulnerable to HTML inject ...)
 	NOT-FOR-US: IBM
-CVE-2018-1670
+CVE-2018-1670 (IBM Financial Transaction Manager for ACH Services for Multi-Platform  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1669
+CVE-2018-1669 (IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1668
+CVE-2018-1668 (IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through 7.5.1. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1667
+CVE-2018-1667 (IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1666
+CVE-2018-1666 (IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 th ...)
 	NOT-FOR-US: IBM
-CVE-2018-1665
+CVE-2018-1665 (IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1664
+CVE-2018-1664 (IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1663
+CVE-2018-1663 (IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, 7.6, and 2018.4 could allow  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1662
 	RESERVED
-CVE-2018-1661
+CVE-2018-1661 (IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to cro ...)
 	NOT-FOR-US: IBM
-CVE-2018-1660
+CVE-2018-1660 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM
-CVE-2018-1659
+CVE-2018-1659 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 th ...)
 	NOT-FOR-US: IBM
-CVE-2018-1658
+CVE-2018-1658 (IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1657
+CVE-2018-1657 (IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-s ...)
 	NOT-FOR-US: IBM
-CVE-2018-1656
+CVE-2018-1656 (The IBM Java Runtime Environment's Diagnostic Tooling Framework for Ja ...)
 	NOT-FOR-US: IBM JDK
-CVE-2018-1655
+CVE-2018-1655 (IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock  ...)
 	NOT-FOR-US: IBM AIX
-CVE-2018-1654
+CVE-2018-1654 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1653
+CVE-2018-1653 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1652
+CVE-2018-1652 (IBM DataPower Gateway 7.1.0.0 through 7.1.0.19, 7.2.0.0 through 7.2.0. ...)
 	NOT-FOR-US: IBM
 CVE-2018-1651
 	RESERVED
-CVE-2018-1650
+CVE-2018-1650 (IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could al ...)
 	NOT-FOR-US: IBM
-CVE-2018-1649
+CVE-2018-1649 (IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacke ...)
 	NOT-FOR-US: IBM
-CVE-2018-1648
+CVE-2018-1648 (IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic al ...)
 	NOT-FOR-US: IBM
-CVE-2018-1647
+CVE-2018-1647 (IBM QRadar Incident Forensics 7.2 and 7.3 does not properly restrict t ...)
 	NOT-FOR-US: IBM
 CVE-2018-1646
 	RESERVED
 CVE-2018-1645
 	RESERVED
-CVE-2018-1644
+CVE-2018-1644 (IBM WebSphere Commerce Enterprise, Professional, Express, and Develope ...)
 	NOT-FOR-US: IBM
-CVE-2018-1643
+CVE-2018-1643 (The Installation Verification Tool of IBM WebSphere Application Server ...)
 	NOT-FOR-US: IBM
 CVE-2018-1642
 	RESERVED
@@ -49837,9 +49837,9 @@ CVE-2018-1641
 	RESERVED
 CVE-2018-1640
 	RESERVED
-CVE-2018-1639
+CVE-2018-1639 (The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1638
+CVE-2018-1638 (IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce Two  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1637
 	RESERVED
@@ -49873,7 +49873,7 @@ CVE-2018-1623
 	RESERVED
 CVE-2018-1622
 	RESERVED
-CVE-2018-1621
+CVE-2018-1621 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2018-1620
 	RESERVED
@@ -49887,37 +49887,37 @@ CVE-2018-1616
 	RESERVED
 CVE-2018-1615
 	RESERVED
-CVE-2018-1614
+CVE-2018-1614 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using malforme ...)
 	NOT-FOR-US: IBM
 CVE-2018-1613
 	RESERVED
-CVE-2018-1612
+CVE-2018-1612 (IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could all ...)
 	NOT-FOR-US: IBM
 CVE-2018-1611
 	RESERVED
-CVE-2018-1610
+CVE-2018-1610 (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6 ...)
 	NOT-FOR-US: IBM
 CVE-2018-1609
 	RESERVED
 CVE-2018-1608
 	RESERVED
-CVE-2018-1607
+CVE-2018-1607 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 th ...)
 	NOT-FOR-US: IBM
-CVE-2018-1606
+CVE-2018-1606 (IBM Jazz based applications (IBM Rational Collaborative Lifecycle Mana ...)
 	NOT-FOR-US: IBM
-CVE-2018-1605
+CVE-2018-1605 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1604
+CVE-2018-1604 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1603
+CVE-2018-1603 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1602
+CVE-2018-1602 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1601
+CVE-2018-1601 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1600
+CVE-2018-1600 (IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critic ...)
 	NOT-FOR-US: IBM
-CVE-2018-1599
+CVE-2018-1599 (IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1598
 	RESERVED
@@ -49925,11 +49925,11 @@ CVE-2018-1597
 	RESERVED
 CVE-2018-1596
 	RESERVED
-CVE-2018-1595
+CVE-2018-1595 (IBM Spectrum Symphony and Platform Symphony 7.1.2 and 7.2.0.2 could al ...)
 	NOT-FOR-US: IBM
 CVE-2018-1594
 	RESERVED
-CVE-2018-1593
+CVE-2018-1593 (IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1592
 	RESERVED
@@ -49939,17 +49939,17 @@ CVE-2018-1590
 	RESERVED
 CVE-2018-1589
 	RESERVED
-CVE-2018-1588
+CVE-2018-1588 (IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 th ...)
 	NOT-FOR-US: IBM
-CVE-2018-1587
+CVE-2018-1587 (IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through ...)
 	NOT-FOR-US: IBM Rational Rhapsody Design Manager
 CVE-2018-1586
 	RESERVED
-CVE-2018-1585
+CVE-2018-1585 (IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through ...)
 	NOT-FOR-US: IBM Rational Rhapsody Design Manager
-CVE-2018-1584
+CVE-2018-1584 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1583
+CVE-2018-1583 (IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certa ...)
 	NOT-FOR-US: IBM
 CVE-2018-1582
 	RESERVED
@@ -49973,123 +49973,123 @@ CVE-2018-1573
 	RESERVED
 CVE-2018-1572
 	RESERVED
-CVE-2018-1571
+CVE-2018-1571 (IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1570
 	RESERVED
 CVE-2018-1569
 	RESERVED
-CVE-2018-1568
+CVE-2018-1568 (IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally whic ...)
 	NOT-FOR-US: IBM
-CVE-2018-1567
+CVE-2018-1567 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow re ...)
 	NOT-FOR-US: IBM
-CVE-2018-1566
+CVE-2018-1566 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1565
+CVE-2018-1565 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1564
+CVE-2018-1564 (IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could a ...)
 	NOT-FOR-US: IBM
-CVE-2018-1563
+CVE-2018-1563 (IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gatewa ...)
 	NOT-FOR-US: IBM
 CVE-2018-1562
 	RESERVED
 CVE-2018-1561
 	RESERVED
-CVE-2018-1560
+CVE-2018-1560 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 th ...)
 	NOT-FOR-US: IBM
 CVE-2018-1559
 	RESERVED
-CVE-2018-1558
+CVE-2018-1558 (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1557
+CVE-2018-1557 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1556
+CVE-2018-1556 (IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM FileNet Content Manager
-CVE-2018-1555
+CVE-2018-1555 (IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM FileNet Content Manager
-CVE-2018-1554
+CVE-2018-1554 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1553
+CVE-2018-1553 (IBM WebSphere Application Server Liberty prior to 18.0.0.2 could allow ...)
 	NOT-FOR-US: IBM
-CVE-2018-1552
+CVE-2018-1552 (IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1551
+CVE-2018-1551 (IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 c ...)
 	NOT-FOR-US: IBM
-CVE-2018-1550
+CVE-2018-1550 (IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt o ...)
 	NOT-FOR-US: IBM
-CVE-2018-1549
+CVE-2018-1549 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 a ...)
 	NOT-FOR-US: IBM
-CVE-2018-1548
+CVE-2018-1548 (IBM API Connect 2018.1.0.0, 2018.2.1, 2018.2.2, 2018.2.3, and 2018.2.4 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1547
+CVE-2018-1547 (IBM Robotic Process Automation with Automation Anywhere 10.0 could all ...)
 	NOT-FOR-US: IBM
-CVE-2018-1546
+CVE-2018-1546 (IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker  ...)
 	NOT-FOR-US: IBM API Connect
-CVE-2018-1545
+CVE-2018-1545 (IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses wea ...)
 	NOT-FOR-US: IBM
-CVE-2018-1544
+CVE-2018-1544 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1543
+CVE-2018-1543 (IBM WebSphere MQ 8.0 and 9.0 could allow a remote attacker to obtain s ...)
 	NOT-FOR-US: IBM
-CVE-2018-1542
+CVE-2018-1542 (IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foun ...)
 	NOT-FOR-US: IBM
-CVE-2018-1541
+CVE-2018-1541 (IBM WebSphere Commerce Enterprise V7, V8, and V9 is vulnerable to cros ...)
 	NOT-FOR-US: IBM
 CVE-2018-1540
 	RESERVED
-CVE-2018-1539
+CVE-2018-1539 (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 th ...)
 	NOT-FOR-US: IBM
 CVE-2018-1538
 	RESERVED
 CVE-2018-1537
 	RESERVED
-CVE-2018-1536
+CVE-2018-1536 (IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through ...)
 	NOT-FOR-US: IBM Rational Rhapsody Design Manager
-CVE-2018-1535
+CVE-2018-1535 (IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through ...)
 	NOT-FOR-US: IBM Rational Rhapsody Design Manager
-CVE-2018-1534
+CVE-2018-1534 (IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
-CVE-2018-1533
+CVE-2018-1533 (IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross- ...)
 	NOT-FOR-US: IBM
-CVE-2018-1532
+CVE-2018-1532 (IBM API Connect 5.0.0.0 through 5.0.8.2 does not properly update the S ...)
 	NOT-FOR-US: IBM API Connect
 CVE-2018-1531
 	RESERVED
 CVE-2018-1530
 	RESERVED
-CVE-2018-1529
+CVE-2018-1529 (IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0. ...)
 	NOT-FOR-US: IBM Rational DOORS Next Generation
-CVE-2018-1528
+CVE-2018-1528 (IBM Maximo Asset Management 7.6 through 7.6.3 could allow an authentic ...)
 	NOT-FOR-US: IBM
 CVE-2018-1527
 	RESERVED
 CVE-2018-1526
 	RESERVED
-CVE-2018-1525
+CVE-2018-1525 (IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker ...)
 	NOT-FOR-US: IBM
-CVE-2018-1524
+CVE-2018-1524 (IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1523
+CVE-2018-1523 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 a ...)
 	NOT-FOR-US: IBM
-CVE-2018-1522
+CVE-2018-1522 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1521
+CVE-2018-1521 (IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1520
 	RESERVED
 CVE-2018-1519
 	RESERVED
-CVE-2018-1518
+CVE-2018-1518 (IBM InfoSphere Information Server 11.7 is affected by a weak password  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1517
+CVE-2018-1517 (A flaw in the java.math component in IBM SDK, Java Technology Edition  ...)
 	NOT-FOR-US: IBM JDK
 CVE-2018-1516
 	RESERVED
-CVE-2018-1515
+CVE-2018-1515 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1514
+CVE-2018-1514 (IBM Robotic Process Automation with Automation Anywhere 10.0 is vulner ...)
 	NOT-FOR-US: IBM
-CVE-2018-1513
+CVE-2018-1513 (IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is vu ...)
 	NOT-FOR-US: IBM
 CVE-2018-1512
 	RESERVED
@@ -50097,21 +50097,21 @@ CVE-2018-1511
 	RESERVED
 CVE-2018-1510
 	RESERVED
-CVE-2018-1509
+CVE-2018-1509 (IBM Security Guardium EcoSystem 10.5 does not validate, or incorrectly ...)
 	NOT-FOR-US: IBM
 CVE-2018-1508
 	RESERVED
-CVE-2018-1507
+CVE-2018-1507 (IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to cross-site  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1506
 	RESERVED
-CVE-2018-1505
+CVE-2018-1505 (IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored ...)
 	NOT-FOR-US: IBM
-CVE-2018-1504
+CVE-2018-1504 (IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker ...)
 	NOT-FOR-US: IBM
-CVE-2018-1503
+CVE-2018-1503 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely authenticate ...)
 	NOT-FOR-US: IBM
-CVE-2018-1502
+CVE-2018-1502 (IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1501
 	RESERVED
@@ -50119,19 +50119,19 @@ CVE-2018-1500
 	RESERVED
 CVE-2018-1499
 	RESERVED
-CVE-2018-1498
+CVE-2018-1498 (IBM Security Guardium EcoSystem 10.5 stores user credentials in plain  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1497
 	RESERVED
-CVE-2018-1496
+CVE-2018-1496 (IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 is vulnera ...)
 	NOT-FOR-US: IBM Content Navigator
-CVE-2018-1495
+CVE-2018-1495 (IBM FlashSystem V840 and V900 products could allow an authenticated at ...)
 	NOT-FOR-US: IBM
-CVE-2018-1494
+CVE-2018-1494 (IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1493
 	RESERVED
-CVE-2018-1492
+CVE-2018-1492 (IBM Jazz Foundation products could allow a user with physical access t ...)
 	NOT-FOR-US: IBM
 CVE-2018-1491
 	RESERVED
@@ -50139,261 +50139,261 @@ CVE-2018-1490
 	RESERVED
 CVE-2018-1489
 	RESERVED
-CVE-2018-1488
+CVE-2018-1488 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1487
+CVE-2018-1487 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
 CVE-2018-1486
 	RESERVED
-CVE-2018-1485
+CVE-2018-1485 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does no ...)
 	NOT-FOR-US: IBM
-CVE-2018-1484
+CVE-2018-1484 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does no ...)
 	NOT-FOR-US: IBM
-CVE-2018-1483
+CVE-2018-1483 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2018-1482
 	RESERVED
-CVE-2018-1481
+CVE-2018-1481 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 stores  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1480
+CVE-2018-1480 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does no ...)
 	NOT-FOR-US: IBM
-CVE-2018-1479
+CVE-2018-1479 (IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request fo ...)
 	NOT-FOR-US: IBM
-CVE-2018-1478
+CVE-2018-1478 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 could a ...)
 	NOT-FOR-US: IBM
 CVE-2018-1477
 	RESERVED
-CVE-2018-1476
+CVE-2018-1476 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 disclos ...)
 	NOT-FOR-US: IBM
-CVE-2018-1475
+CVE-2018-1475 (IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout set ...)
 	NOT-FOR-US: IBM
-CVE-2018-1474
+CVE-2018-1474 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is vuln ...)
 	NOT-FOR-US: IBM
-CVE-2018-1473
+CVE-2018-1473 (IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. ...)
 	NOT-FOR-US: IBM
 CVE-2018-1472
 	RESERVED
 CVE-2018-1471
 	REJECTED
-CVE-2018-1470
+CVE-2018-1470 (IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote aut ...)
 	NOT-FOR-US: IBM
-CVE-2018-1469
+CVE-2018-1469 (IBM API Connect Developer Portal 5.0.0.0 through 5.0.8.2 could allow a ...)
 	NOT-FOR-US: IBM API Connect Developer Portal
-CVE-2018-1468
+CVE-2018-1468 (IBM API Connect 5.0.8.1 and 5.0.8.2 could allow a user to get access t ...)
 	NOT-FOR-US: IBM API Connect
-CVE-2018-1467
+CVE-2018-1467 (The IBM Storwize V7000 Unified management Web interface 1.6 exposes in ...)
 	NOT-FOR-US: IBM
-CVE-2018-1466
+CVE-2018-1466 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and I ...)
 	NOT-FOR-US: IBM
-CVE-2018-1465
+CVE-2018-1465 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and I ...)
 	NOT-FOR-US: IBM
-CVE-2018-1464
+CVE-2018-1464 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and I ...)
 	NOT-FOR-US: IBM
-CVE-2018-1463
+CVE-2018-1463 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and I ...)
 	NOT-FOR-US: IBM
-CVE-2018-1462
+CVE-2018-1462 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and I ...)
 	NOT-FOR-US: IBM
-CVE-2018-1461
+CVE-2018-1461 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and I ...)
 	NOT-FOR-US: IBM
-CVE-2018-1460
+CVE-2018-1460 (IBM Netezza Platform Software (IBM PureData System for Analytics 1.0.0 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1459
+CVE-2018-1459 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1458
+CVE-2018-1458 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1457
+CVE-2018-1457 (An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1456
+CVE-2018-1456 (IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1455
+CVE-2018-1455 (IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is v ...)
 	NOT-FOR-US: IBM
-CVE-2018-1454
+CVE-2018-1454 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a r ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2018-1453
+CVE-2018-1453 (IBM Security Identity Manager Virtual Appliance 7.0 allows an authenti ...)
 	NOT-FOR-US: IBM
-CVE-2018-1452
+CVE-2018-1452 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1451
+CVE-2018-1451 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1450
+CVE-2018-1450 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1449
+CVE-2018-1449 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2018-1448
+CVE-2018-1448 (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (include ...)
 	NOT-FOR-US: IBM
-CVE-2018-1447
+CVE-2018-1447 (The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect ...)
 	NOT-FOR-US: IBM Spectrum Protect
 CVE-2018-1446
 	RESERVED
-CVE-2018-1445
+CVE-2018-1445 (IBM WebSphere Portal 8.0.0 through 8.0.0.1, 8.5, and 9.0 is vulnerable ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2018-1444
+CVE-2018-1444 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2018-1443
+CVE-2018-1443 (An XML parsing vulnerability affects IBM SAML-based single sign-on (SS ...)
 	NOT-FOR-US: IBM
-CVE-2018-1442
+CVE-2018-1442 (IBM Application Performance Management - Response Time Monitoring Agen ...)
 	NOT-FOR-US: IBM
-CVE-2018-1441
+CVE-2018-1441 (IBM Application Performance Management - Response Time Monitoring Agen ...)
 	NOT-FOR-US: IBM
-CVE-2018-1440
+CVE-2018-1440 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1439
+CVE-2018-1439 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1438
+CVE-2018-1438 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and I ...)
 	NOT-FOR-US: IBM
-CVE-2018-1437
+CVE-2018-1437 (IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary cod ...)
 	NOT-FOR-US: IBM
 CVE-2018-1436
 	RESERVED
-CVE-2018-1435
+CVE-2018-1435 (IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remot ...)
 	NOT-FOR-US: IBM
-CVE-2018-1434
+CVE-2018-1434 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and I ...)
 	NOT-FOR-US: IBM
-CVE-2018-1433
+CVE-2018-1433 (IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and I ...)
 	NOT-FOR-US: IBM
-CVE-2018-1432
+CVE-2018-1432 (IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnera ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2018-1431
+CVE-2018-1431 (A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1430
+CVE-2018-1430 (IBM API Connect 5.0.0.0 through 5.0.8.2 is vulnerable to cross-site sc ...)
 	NOT-FOR-US: IBM API Connect
-CVE-2018-1429
+CVE-2018-1429 (IBM MQ Appliance 9.0.1, 9.0.2, 9.0.3, amd 9.0.4 is vulnerable to cross ...)
 	NOT-FOR-US: IBM
-CVE-2018-1428
+CVE-2018-1428 (IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1427
+CVE-2018-1427 (IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1426
+CVE-2018-1426 (IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1425
+CVE-2018-1425 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses weaker t ...)
 	NOT-FOR-US: IBM Security Guardium Big Data Intelligence
-CVE-2018-1424
+CVE-2018-1424 (IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML E ...)
 	NOT-FOR-US: IBM
-CVE-2018-1423
+CVE-2018-1423 (IBM Jazz Foundation products could disclose sensitive information to a ...)
 	NOT-FOR-US: IBM
-CVE-2018-1422
+CVE-2018-1422 (IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 t ...)
 	NOT-FOR-US: IBM
-CVE-2018-1421
+CVE-2018-1421 (IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and 7. ...)
 	NOT-FOR-US: IBM WebSphere DataPower Appliances
-CVE-2018-1420
+CVE-2018-1420 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control sett ...)
 	NOT-FOR-US: IBM
-CVE-2018-1419
+CVE-2018-1419 (IBM WebSphere MQ 8.0 and 9.0, when configured to use a PAM module for  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1418
+CVE-2018-1418 (IBM Security QRadar SIEM 7.2 and 7.3 could allow a user to bypass auth ...)
 	NOT-FOR-US: IBM
-CVE-2018-1417
+CVE-2018-1417 (Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Techn ...)
 	NOT-FOR-US: IBM Runtimes for Java Technology
-CVE-2018-1416
+CVE-2018-1416 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-sit ...)
 	NOT-FOR-US: IBM WebSphere Portal
-CVE-2018-1415
+CVE-2018-1415 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2018-1414
+CVE-2018-1414 (IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to SQL injection ...)
 	NOT-FOR-US: IBM Maximo Asset Management
-CVE-2018-1413
+CVE-2018-1413 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This  ...)
 	NOT-FOR-US: IBM Cognos Analytics
 CVE-2018-1412
 	RESERVED
-CVE-2018-1411
+CVE-2018-1411 (IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) co ...)
 	NOT-FOR-US: IBM Notes Diagnostics
-CVE-2018-1410
+CVE-2018-1410 (IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) co ...)
 	NOT-FOR-US: IBM Notes Diagnostics
-CVE-2018-1409
+CVE-2018-1409 (IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) co ...)
 	NOT-FOR-US: IBM Notes Diagnostics
-CVE-2018-1408
+CVE-2018-1408 (IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1407
+CVE-2018-1407 (IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are  ...)
 	NOT-FOR-US: IBM
 CVE-2018-1406
 	RESERVED
-CVE-2018-1405
+CVE-2018-1405 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1404
+CVE-2018-1404 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1403
+CVE-2018-1403 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
 CVE-2018-1402
 	RESERVED
-CVE-2018-1401
+CVE-2018-1401 (IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scr ...)
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2018-1400
 	RESERVED
-CVE-2018-1399
+CVE-2018-1399 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 4.1.5 and 5.0 i ...)
 	NOT-FOR-US: IBM Daeja ViewONE Professional
-CVE-2018-1398
+CVE-2018-1398 (IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote att ...)
 	NOT-FOR-US: IBM
 CVE-2018-1397
 	RESERVED
-CVE-2018-1396
+CVE-2018-1396 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 a ...)
 	NOT-FOR-US: IBM
-CVE-2018-1395
+CVE-2018-1395 (IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1394
+CVE-2018-1394 (Multiple IBM Rational products are vulnerable to cross-site scripting. ...)
 	NOT-FOR-US: IBM
-CVE-2018-1393
+CVE-2018-1393 (IBM Financial Transaction Manager for ACH Services for Multi-Platform  ...)
 	NOT-FOR-US: IBM
-CVE-2018-1392
+CVE-2018-1392 (IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2018-1391
+CVE-2018-1391 (IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
-CVE-2018-1390
+CVE-2018-1390 (IBM Financial Transaction Manager for Check Services for Multi-Platfor ...)
 	NOT-FOR-US: IBM
-CVE-2018-1389
+CVE-2018-1389 (IBM API Connect 5.0.0.0 through 5.0.8.2 is impacted by generated LoopB ...)
 	NOT-FOR-US: IBM API Connect
-CVE-2018-1388
+CVE-2018-1388 (GSKit V7 may disclose side channel information via discrepancies betwe ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2018-1387
+CVE-2018-1387 (IBM Application Performance Management for Monitoring &amp; Diagnostic ...)
 	NOT-FOR-US: IBM
-CVE-2018-1386
+CVE-2018-1386 (IBM Tivoli Workload Automation for AIX (IBM Workload Scheduler 8.6, 9. ...)
 	NOT-FOR-US: IBM
 CVE-2018-1385
 	RESERVED
-CVE-2018-1384
+CVE-2018-1384 (IBM Business Process Manager 8.6 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM
-CVE-2018-1383
+CVE-2018-1383 (A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7 ...)
 	NOT-FOR-US: AIX
-CVE-2018-1382
+CVE-2018-1382 (IBM API Connect 5.0.0.0 is vulnerable to cross-site scripting. This vu ...)
 	NOT-FOR-US: IBM API Connect
 CVE-2018-1381
 	RESERVED
-CVE-2018-1380
+CVE-2018-1380 (IBM InfoSphere Master Data Management Collaboration Server 11.4, 11.5, ...)
 	NOT-FOR-US: IBM
 CVE-2018-1379
 	RESERVED
 CVE-2018-1378
 	RESERVED
-CVE-2018-1377
+CVE-2018-1377 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user c ...)
 	NOT-FOR-US: IBM Security Guardium Big Data Intelligence
-CVE-2018-1376
+CVE-2018-1376 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 is vulnerable ...)
 	NOT-FOR-US: IBM
-CVE-2018-1375
+CVE-2018-1375 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not rene ...)
 	NOT-FOR-US: IBM
-CVE-2018-1374
+CVE-2018-1374 (An IBM WebSphere MQ (Maintenance levels 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7 ...)
 	NOT-FOR-US: IBM
-CVE-2018-1373
+CVE-2018-1373 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an inade ...)
 	NOT-FOR-US: IBM Security Guardium Big Data Intelligence
-CVE-2018-1372
+CVE-2018-1372 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not requ ...)
 	NOT-FOR-US: IBM Security Guardium Big Data Intelligence
-CVE-2018-1371
+CVE-2018-1371 (An IBM WebSphere MQ 8.0.0.8, 9.0.0.2, and 9.0.4 Client connecting to a ...)
 	NOT-FOR-US: IBM WebSphere MQ
-CVE-2018-1370
+CVE-2018-1370 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 specifies per ...)
 	NOT-FOR-US: IBM
-CVE-2018-1369
+CVE-2018-1369 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores sensit ...)
 	NOT-FOR-US: IBM
-CVE-2018-1368
+CVE-2018-1368 (IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 coul ...)
 	NOT-FOR-US: IBM Security Guardium Database Activity Monitor
 CVE-2018-1367
 	RESERVED
-CVE-2018-1366
+CVE-2018-1366 (IBM Content Navigator 2.0 and 3.0 is vulnerable to Comma Separated Val ...)
 	NOT-FOR-US: IBM Content Navigator
 CVE-2018-1365
 	RESERVED
-CVE-2018-1364
+CVE-2018-1364 (IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External Enti ...)
 	NOT-FOR-US: IBM Content Navigator
-CVE-2018-1363
+CVE-2018-1363 (IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0 ...)
 	NOT-FOR-US: IBM Jazz Reporting Service
-CVE-2018-1362
+CVE-2018-1362 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 wit ...)
 	NOT-FOR-US: IBM Curam Social Program Management
-CVE-2018-1361
+CVE-2018-1361 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting ...)
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2018-1360
 	RESERVED
@@ -50405,37 +50405,37 @@ CVE-2018-1357
 	RESERVED
 CVE-2018-1356
 	RESERVED
-CVE-2018-1355
+CVE-2018-1355 (An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 a ...)
 	NOT-FOR-US: Fortinet
-CVE-2018-1354
+CVE-2018-1354 (An improper access control vulnerability in Fortinet FortiManager 6.0. ...)
 	NOT-FOR-US: Fortinet
-CVE-2018-1353
+CVE-2018-1353 (An information disclosure vulnerability in Fortinet FortiManager 6.0.1 ...)
 	NOT-FOR-US: Fortinet FortiManager
-CVE-2018-1352
+CVE-2018-1352 (A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacke ...)
 	NOT-FOR-US: Fortinet
-CVE-2018-1351
+CVE-2018-1351 (A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6. ...)
 	NOT-FOR-US: Fortinet
-CVE-2018-1350
+CVE-2018-1350 (The NetIQ Identity Manager driver log file, in versions prior to 4.7,  ...)
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2018-1349
+CVE-2018-1349 (The NetIQ Identity Manager driver log file, in versions prior to 4.7,  ...)
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2018-1348
+CVE-2018-1348 (NetIQ Identity Manager driver, in versions prior to 4.7, allows for an ...)
 	NOT-FOR-US: NetIQ Identity Manager
-CVE-2018-1347
+CVE-2018-1347 (The administrative web interface in NetIQ iManager, versions prior to  ...)
 	NOT-FOR-US: NetIQ
-CVE-2018-1346
+CVE-2018-1346 (Addresses denial of service attack to eDirectory versions prior to 9.1 ...)
 	NOT-FOR-US: NetIQ
-CVE-2018-1345
+CVE-2018-1345 (NetIQ iManager, versions prior to 3.1, under some circumstances could  ...)
 	NOT-FOR-US: NetIQ
-CVE-2018-1344
+CVE-2018-1344 (Addresses potential communication downgrade attack in NetIQ iManager v ...)
 	NOT-FOR-US: NetIQ
-CVE-2018-1343
+CVE-2018-1343 (PAM exposure enabling unauthenticated access to remote host ...)
 	NOT-FOR-US: NetIQ
-CVE-2018-1342
+CVE-2018-1342 (A Vulnerability exists on Admin Console where an attacker can upload f ...)
 	NOT-FOR-US: NetIQ Access Manager
 CVE-2018-1341
 	RESERVED
-CVE-2018-1340
+CVE-2018-1340 (Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage ...)
 	- guacamole-client <unfixed> (bug #920796)
 	[jessie] - guacamole-client <not-affected> (Vulnerable code not present)
 	- guacamole <removed>
@@ -50443,17 +50443,17 @@ CVE-2018-1340
 	NOTE: https://issues.apache.org/jira/browse/GUACAMOLE-549
 	NOTE: https://github.com/apache/guacamole-client/pull/273
 	NOTE: https://www.openwall.com/lists/oss-security/2019/02/02/1
-CVE-2018-1339
+CVE-2018-1339 (A carefully crafted (or fuzzed) file can trigger an infinite loop in A ...)
 	- tika 1.18-1 (low; bug #900000)
 	[jessie] - tika <ignored> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/25/7
-CVE-2018-1338
+CVE-2018-1338 (A carefully crafted (or fuzzed) file can trigger an infinite loop in A ...)
 	- tika 1.18-1
 	[jessie] - tika <not-affected> (BGP parser introduced in 1.7)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/25/6
-CVE-2018-1337
+CVE-2018-1337 (In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Fi ...)
 	NOT-FOR-US: Apache LDAP API
-CVE-2018-1336
+CVE-2018-1336 (An improper handing of overflow in the UTF-8 decoder with supplementar ...)
 	{DSA-4281-1 DLA-1491-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.31-1
@@ -50466,13 +50466,13 @@ CVE-2018-1336
 	NOTE: https://svn.apache.org/r1830374 (8.5.x)
 	NOTE: https://svn.apache.org/r1830375 (8.0.x)
 	NOTE: https://svn.apache.org/r1830376 (7.0.x)
-CVE-2018-1335
+CVE-2018-1335 (From Apache Tika versions 1.7 to 1.17, clients could send carefully cr ...)
 	- tika 1.18-1
 	[jessie] - tika <not-affected> (Server functionality not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/25/8
-CVE-2018-1334
+CVE-2018-1334 (In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using  ...)
 	NOT-FOR-US: Apache Spark
-CVE-2018-1333
+CVE-2018-1333 (By specially crafting HTTP/2 requests, workers would be allocated 60 s ...)
 	- apache2 2.4.34-1 (bug #904106)
 	[stretch] - apache2 2.4.25-3+deb9u6
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
@@ -50480,47 +50480,47 @@ CVE-2018-1333
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/1
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1333
-CVE-2018-1332
+CVE-2018-1332 (Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version ...)
 	NOT-FOR-US: Apache Storm
-CVE-2018-1331
+CVE-2018-1331 (In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 thro ...)
 	NOT-FOR-US: Apache Storm
-CVE-2018-1330
+CVE-2018-1330 (When parsing a malformed JSON payload, libprocess in Apache Mesos vers ...)
 	- apache-mesos <itp> (bug #760315)
 CVE-2018-1329
 	REJECTED
 CVE-2018-1328
 	RESERVED
-CVE-2018-1327
+CVE-2018-1327 (The Apache Struts REST Plugin is using XStream library which is vulner ...)
 	- libstruts1.2-java <not-affected> (Specific to 2.x)
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-056
 CVE-2018-1326
 	RESERVED
-CVE-2018-1325
+CVE-2018-1325 (In Apache wicket-jquery-ui &lt;= 6.29.0, &lt;= 7.10.1, &lt;= 8.0.0-M9. ...)
 	NOT-FOR-US: Wicket jQuery UI
-CVE-2018-1324
+CVE-2018-1324 (A specially crafted ZIP archive can be used to cause an infinite loop  ...)
 	- libcommons-compress-java 1.13-2 (bug #893174)
 	[stretch] - libcommons-compress-java <no-dsa> (Minor issue)
 	[jessie] - libcommons-compress-java <not-affected> (Vulnerable code introduced later)
 	[wheezy] - libcommons-compress-java <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git-wip-us.apache.org/repos/asf?p=commons-compress.git;a=blobdiff;f=src/main/java/org/apache/commons/compress/archivers/zip/X0017_StrongEncryptionHeader.java;h=acc3b22346b49845e85b5ef27a5814b69e834139;hp=0feb9c98cc622cde1defa3bbd268ef82b4ae5c18;hb=2a2f1dc48e22a34ddb72321a4db211da91aa933b;hpb=dcb0486fb4cb2b6592c04d6ec2edbd3f690df5f2
 	NOTE: https://issues.apache.org/jira/browse/COMPRESS-432
-CVE-2018-1323
+CVE-2018-1323 (The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1. ...)
 	- libapache-mod-jk <not-affected> (Windows/IIS vhost handling specific issue)
 	NOTE: http://tomcat.apache.org/security-jk.html#Fixed_in_Apache_Tomcat_JK_Connector_1.2.43
 	NOTE: Fixed by: http://svn.apache.org/r1825658
-CVE-2018-1322
+CVE-2018-1322 (An administrator with user search entitlements in Apache Syncope 1.2.x ...)
 	NOT-FOR-US: Apache Syncope
-CVE-2018-1321
+CVE-2018-1321 (An administrator with report and template entitlements in Apache Synco ...)
 	NOT-FOR-US: Apache Syncope
-CVE-2018-1320
+CVE-2018-1320 (Apache Thrift Java client library versions 0.5.0 through 0.11.0 can by ...)
 	{DLA-1662-1}
 	- libthrift-java 0.9.1-2.1 (bug #918736)
 	[stretch] - libthrift-java <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/browse/THRIFT-4506
 	NOTE: https://github.com/apache/thrift/commit/d973409661f820d80d72c0034d06a12348c8705e
-CVE-2018-1319
+CVE-2018-1319 (In Apache Allura prior to 1.8.1, attackers may craft URLs that cause H ...)
 	NOT-FOR-US: Apache Allura
-CVE-2018-1318
+CVE-2018-1318 (Adding method ACLs in remap.config can cause a segfault when the user  ...)
 	{DSA-4282-1}
 	- trafficserver 7.1.4+ds-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/08/29/3
@@ -50528,28 +50528,28 @@ CVE-2018-1318
 	NOTE: https://github.com/apache/trafficserver/commit/e6dfda305acf85250861ecfa14a7bd6bb2fad5c3
 CVE-2018-1317
 	RESERVED
-CVE-2018-1316
+CVE-2018-1316 (The ODE process deployment web service was sensible to deployment mess ...)
 	NOT-FOR-US: Apache ODE
-CVE-2018-1315
+CVE-2018-1315 (In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement is run u ...)
 	NOT-FOR-US: Apache Hive
-CVE-2018-1314
+CVE-2018-1314 (In Apache Hive 2.3.3, 3.1.0 and earlier, Hive "EXPLAIN" operation does ...)
 	NOT-FOR-US: Apache Hive
-CVE-2018-1313
+CVE-2018-1313 (In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network pac ...)
 	- derby 10.14.2.0-1
 	[jessie] - derby <no-dsa> (Minor issue)
 	[stretch] - derby <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/05/1
-CVE-2018-1312
+CVE-2018-1312 (In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authen ...)
 	{DSA-4164-1 DLA-1389-1}
 	- apache2 2.4.33-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/7
 CVE-2018-1311
 	RESERVED
-CVE-2018-1310
+CVE-2018-1310 (Apache NiFi JMS Deserialization issue because of ActiveMQ client vulne ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2018-1309
+CVE-2018-1309 (Apache NiFi External XML Entity issue in SplitXML processor. Malicious ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2018-1308
+CVE-2018-1308 (This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 rela ...)
 	{DSA-4194-1 DLA-1360-1}
 	- lucene-solr 3.6.2+dfsg-12 (bug #896604)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/08/3
@@ -50557,11 +50557,11 @@ CVE-2018-1308
 	NOTE: master: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/02c693f3
 	NOTE: branch_7x: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/739a7933
 	NOTE: branch_6_6: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/dd3be31f
-CVE-2018-1307
+CVE-2018-1307 (In Apache jUDDI 3.2 through 3.3.4, if using the WADL2Java or WSDL2Java ...)
 	NOT-FOR-US: Apache juddi-client
-CVE-2018-1306
+CVE-2018-1306 (The PortletV3AnnotatedDemo Multipart Portlet war file code provided in ...)
 	NOT-FOR-US: Apache Portals Pluto
-CVE-2018-1305
+CVE-2018-1305 (Security constraints defined by annotations of Servlets in Apache Tomc ...)
 	{DSA-4281-1 DLA-1450-1 DLA-1400-1 DLA-1301-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.28-1
@@ -50575,7 +50575,7 @@ CVE-2018-1305
 	NOTE: https://svn.apache.org/r1824359 (8.0.x)
 	NOTE: https://svn.apache.org/r1823322 (7.0.x)
 	NOTE: https://svn.apache.org/r1824360 (7.0.x)
-CVE-2018-1304
+CVE-2018-1304 (The URL pattern of "" (the empty string) which exactly maps to the con ...)
 	{DSA-4281-1 DLA-1450-1 DLA-1400-1 DLA-1301-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.28-1
@@ -50587,33 +50587,33 @@ CVE-2018-1304
 	NOTE: https://svn.apache.org/r1823308 (8.0.x)
 	NOTE: https://svn.apache.org/r1823309 (7.0.x)
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62067
-CVE-2018-1303
+CVE-2018-1303 (A specially crafted HTTP request header could have crashed the Apache  ...)
 	{DSA-4164-1}
 	- apache2 2.4.33-1
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/3
-CVE-2018-1302
+CVE-2018-1302 (When an HTTP/2 stream was destroyed after being handled, the Apache HT ...)
 	- apache2 2.4.33-1
 	[stretch] - apache2 2.4.25-3+deb9u5
 	[jessie] - apache2 <not-affected> (Vulnerable code not present)
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: HTTP/2 support introduced in 2.4.17
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/5
-CVE-2018-1301
+CVE-2018-1301 (A specially crafted request could have crashed the Apache HTTP Server  ...)
 	{DSA-4164-1 DLA-1389-1}
 	- apache2 2.4.33-1
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/2
 CVE-2018-1300
 	RESERVED
-CVE-2018-1299
+CVE-2018-1299 (In Apache Allura before 1.8.0, unauthenticated attackers may retrieve  ...)
 	NOT-FOR-US: Apache Allura
-CVE-2018-1298
+CVE-2018-1298 (A Denial of Service vulnerability was found in Apache Qpid Broker-J 7. ...)
 	- qpid-java <itp> (bug #840131)
 	NOTE: https://issues.apache.org/jira/browse/QPID-8046
 	NOTE: https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=de509dd
 	NOTE: https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=30ca170
 	NOTE: https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=4b9fb37
-CVE-2018-1297
+CVE-2018-1297 (When using Distributed Test only (RMI based), Apache JMeter 2.x and 3. ...)
 	- jakarta-jmeter <unfixed> (low; bug #897259)
 	[buster] - jakarta-jmeter <ignored> (Minor issue, too intrusive to backport)
 	[stretch] - jakarta-jmeter <ignored> (Minor issue, too intrusive to backport)
@@ -50621,27 +50621,27 @@ CVE-2018-1297
 	[wheezy] - jakarta-jmeter <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/02/11/1
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62039
-CVE-2018-1296
+CVE-2018-1296 (In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and 2.5 ...)
 	- hadoop <itp> (bug #793644)
-CVE-2018-1295
+CVE-2018-1295 (In Apache Ignite 2.3 or earlier, the serialization mechanism does not  ...)
 	NOT-FOR-US: Apache Ignite
-CVE-2018-1294
+CVE-2018-1294 (If a user of Apache Commons Email (typically an application programmer ...)
 	- commons-email <not-affected> (Fixed with first upload to Debian)
 	NOTE: https://marc.info/?i=CAF8HOZ+J3NkaywfbHuQpHxK9ZXeT4=4Vs9rOwCDiUdnt1QA1Yw@mail.gmail.com
 	NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&amp;revision=1777030
 CVE-2018-1293
 	REJECTED
-CVE-2018-1292
+CVE-2018-1292 (Within the 'getReportType' method in Apache Fineract 1.0.0, 0.6.0-incu ...)
 	NOT-FOR-US: Apache Fineract
-CVE-2018-1291
+CVE-2018-1291 (Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incub ...)
 	NOT-FOR-US: Apache Fineract
-CVE-2018-1290
+CVE-2018-1290 (In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, ...)
 	NOT-FOR-US: Apache Fineract
-CVE-2018-1289
+CVE-2018-1289 (In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, ...)
 	NOT-FOR-US: Apache Fineract
-CVE-2018-1288
+CVE-2018-1288 (In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to  ...)
 	- kafka <itp> (bug #786460)
-CVE-2018-1287
+CVE-2018-1287 (In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI ba ...)
 	- jakarta-jmeter <unfixed> (low)
 	[buster] - jakarta-jmeter <no-dsa> (Minor issue)
 	[stretch] - jakarta-jmeter <no-dsa> (Minor issue)
@@ -50649,53 +50649,53 @@ CVE-2018-1287
 	[wheezy] - jakarta-jmeter <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/02/11/2
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62039
-CVE-2018-1286
+CVE-2018-1286 (In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileged us ...)
 	NOT-FOR-US: Apache OpenMeetings
 CVE-2018-1285
 	RESERVED
-CVE-2018-1284
+CVE-2018-1284 (In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs ...)
 	NOT-FOR-US: Apache Hive
-CVE-2018-1283
+CVE-2018-1283 (In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to for ...)
 	{DSA-4164-1}
 	- apache2 2.4.33-1
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/4
-CVE-2018-1282
+CVE-2018-1282 (This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows ca ...)
 	NOT-FOR-US: Apache Hive
-CVE-2018-1281
+CVE-2018-1281 (The clustered setup of Apache MXNet allows users to specify which IP a ...)
 	NOT-FOR-US: Apache MXNet
-CVE-2018-1280
+CVE-2018-1280 (Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains  ...)
 	NOT-FOR-US: Pivotal
-CVE-2018-1279
+CVE-2018-1279 (Pivotal RabbitMQ for PCF, all versions, uses a deterministically gener ...)
 	- rabbitmq-server <unfixed> (bug #924768)
 	[stretch] - rabbitmq-server <no-dsa> (Minor issue)
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	NOTE: https://pivotal.io/security/cve-2018-1279
 	NOTE: Underlying issue is the use of deterministically generated cookie.
 	NOTE: Issue can be mitigated by restricting network access from untrusted sources.
-CVE-2018-1278
+CVE-2018-1278 (Apps Manager included in Pivotal Application Service, versions 1.12.x  ...)
 	NOT-FOR-US: Pivotal
-CVE-2018-1277
+CVE-2018-1277 (Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctl ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1276
+CVE-2018-1276 (Windows 2012R2 stemcells, versions prior to 1200.17, contain an inform ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1275
+CVE-2018-1275 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior t ...)
 	- libspring-java <not-affected> (Partial fix for CVE-2018-1270 not applied)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1565307
-CVE-2018-1274
+CVE-2018-1274 (Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older ...)
 	NOT-FOR-US: Spring Data Commons
-CVE-2018-1273
+CVE-2018-1273 (Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5,  ...)
 	NOT-FOR-US: Spring Data Commons
-CVE-2018-1272
+CVE-2018-1272 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior t ...)
 	- libspring-java 4.3.19-1 (bug #895114)
 	[stretch] - libspring-java <no-dsa> (Minor issue)
 	[jessie] - libspring-java <not-affected> (vulnerable code not found)
 	[wheezy] - libspring-java <not-affected> (Vulnerable broker code introduced in various commits re. https://github.com/spring-projects/spring-framework/blame/0009806debb578e884f6dc98bd1f2dc668020021/spring-messaging/src/main/java/org/springframework/messaging/simp/broker/DefaultSubscriptionRegistry.java)
 	NOTE: https://pivotal.io/security/cve-2018-1272
-CVE-2018-1271
+CVE-2018-1271 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior t ...)
 	- libspring-java <not-affected> (Issue specific when served from a file system on Windows)
 	NOTE: https://pivotal.io/security/cve-2018-1271
-CVE-2018-1270
+CVE-2018-1270 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior t ...)
 	- libspring-java 4.3.19-1 (bug #895114)
 	[stretch] - libspring-java <no-dsa> (Minor issue)
 	[jessie] - libspring-java <not-affected> (vulnerable code not found)
@@ -50703,95 +50703,95 @@ CVE-2018-1270
 	NOTE: https://pivotal.io/security/cve-2018-1270
 	NOTE: when addressing this issue make sure to not only apply a partial fix but
 	NOTE: make it complete, cf. https://bugzilla.redhat.com/show_bug.cgi?id=1565307
-CVE-2018-1269
+CVE-2018-1269 (Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior t ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1268
+CVE-2018-1268 (Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior t ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1267
+CVE-2018-1267 (Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an im ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1266
+CVE-2018-1266 (Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains inf ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1265
+CVE-2018-1265 (Cloud Foundry Diego, release versions prior to 2.8.0, does not properl ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1264
+CVE-2018-1264 (Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client  ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1263
+CVE-2018-1263 (Addresses partial fix in CVE-2018-1261. Pivotal spring-integration-zip ...)
 	NOT-FOR-US: Spring-integration-zip
-CVE-2018-1262
+CVE-2018-1262 (Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a ...)
 	NOT-FOR-US: Cloud Foundry Foundation UAA
-CVE-2018-1261
+CVE-2018-1261 (Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary fi ...)
 	NOT-FOR-US: Spring-integration-zip
-CVE-2018-1260
+CVE-2018-1260 (Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2 ...)
 	NOT-FOR-US: Spring Security OAuth
-CVE-2018-1259
+CVE-2018-1259 (Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2 ...)
 	NOT-FOR-US: Spring Data Commons
-CVE-2018-1258
+CVE-2018-1258 (Spring Framework version 5.0.5 when used in combination with any versi ...)
 	- libspring-security-2.0-java <removed>
 	[jessie] - libspring-security-2.0-java <not-affected> (Affected version not in jessie)
 	NOTE: https://pivotal.io/security/cve-2018-1258
-CVE-2018-1257
+CVE-2018-1257 (Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior  ...)
 	- libspring-java 4.3.19-1
 	[jessie] - libspring-java <no-dsa> (hard to find upstream commits regarding this)
 	NOTE: https://pivotal.io/security/cve-2018-1257
-CVE-2018-1256
+CVE-2018-1256 (Spring Cloud SSO Connector, version 2.1.2, contains a regression which ...)
 	NOT-FOR-US: Spring Cloud SSO Connector
-CVE-2018-1255
+CVE-2018-1255 (RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0  ...)
 	NOT-FOR-US: RSA
-CVE-2018-1254
+CVE-2018-1254 (RSA Authentication Manager Security Console, versions 8.3 P1 and earli ...)
 	NOT-FOR-US: RSA Authentication Manager Security Console
-CVE-2018-1253
+CVE-2018-1253 (RSA Authentication Manager Operation Console, versions 8.3 P1 and earl ...)
 	NOT-FOR-US: RSA Authentication Manager Operation Console
-CVE-2018-1252
+CVE-2018-1252 (RSA Web Threat Detection versions prior to 6.4, contain an SQL injecti ...)
 	NOT-FOR-US: RSA Web Threat Detection
-CVE-2018-1251
+CVE-2018-1251 (Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contain ...)
 	NOT-FOR-US: EMC Unity and UnityVSA
-CVE-2018-1250
+CVE-2018-1250 (Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contain ...)
 	NOT-FOR-US: EMC Unity and UnityVSA
-CVE-2018-1249
+CVE-2018-1249 (Dell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use o ...)
 	NOT-FOR-US: EMC
-CVE-2018-1248
+CVE-2018-1248 (RSA Authentication Manager Security Console, Operation Console and Sel ...)
 	NOT-FOR-US: RSA Authentication Mamager
-CVE-2018-1247
+CVE-2018-1247 (RSA Authentication Manager Security Console, version 8.3 and earlier,  ...)
 	NOT-FOR-US: RSA Authentication Manager
-CVE-2018-1246
+CVE-2018-1246 (Dell EMC Unity and UnityVSA contains reflected cross-site scripting vu ...)
 	NOT-FOR-US: EMC Unity and UnityVSA
-CVE-2018-1245
+CVE-2018-1245 (RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0  ...)
 	NOT-FOR-US: RSA
-CVE-2018-1244
+CVE-2018-1244 (Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versi ...)
 	NOT-FOR-US: EMC
-CVE-2018-1243
+CVE-2018-1243 (Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior ...)
 	NOT-FOR-US: EMC
-CVE-2018-1242
+CVE-2018-1242 (Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs ...)
 	NOT-FOR-US: Dell
-CVE-2018-1241
+CVE-2018-1241 (Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs ...)
 	NOT-FOR-US: Dell
-CVE-2018-1240
+CVE-2018-1240 (Dell EMC ViPR Controller, versions after 3.0.0.38, contain an informat ...)
 	NOT-FOR-US: EMC ViPR Controller
-CVE-2018-1239
+CVE-2018-1239 (Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522 ...)
 	NOT-FOR-US: EMC Unity Operating Environment
-CVE-2018-1238
+CVE-2018-1238 (Dell EMC ScaleIO versions prior to 2.5, contain a command injection vu ...)
 	NOT-FOR-US: EMC ScaleIO
-CVE-2018-1237
+CVE-2018-1237 (Dell EMC ScaleIO versions prior to 2.5, contain improper restriction o ...)
 	NOT-FOR-US: EMC ScaleIO
 CVE-2018-1236
 	REJECTED
-CVE-2018-1235
+CVE-2018-1235 (Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs ...)
 	NOT-FOR-US: Dell
-CVE-2018-1234
+CVE-2018-1234 (RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is  ...)
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2018-1233
+CVE-2018-1233 (RSA Authentication Agent version 8.0.1 and earlier for Web for both II ...)
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2018-1232
+CVE-2018-1232 (RSA Authentication Agent version 8.0.1 and earlier for Web for both II ...)
 	NOT-FOR-US: RSA Authentication Agent
-CVE-2018-1231
+CVE-2018-1231 (Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1230
+CVE-2018-1230 (Pivotal Spring Batch Admin, all versions, does not contain cross site  ...)
 	NOT-FOR-US: Pivotal
-CVE-2018-1229
+CVE-2018-1229 (Pivotal Spring Batch Admin, all versions, contains a stored XSS vulner ...)
 	NOT-FOR-US: Pivotal
 CVE-2018-1228
 	REJECTED
-CVE-2018-1227
+CVE-2018-1227 (Pivotal Concourse after 2018-03-05 might allow remote attackers to hav ...)
 	NOT-FOR-US: Pivotal
 CVE-2018-1226
 	REJECTED
@@ -50799,31 +50799,31 @@ CVE-2018-1225
 	REJECTED
 CVE-2018-1224
 	REJECTED
-CVE-2018-1223
+CVE-2018-1223 (Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14 ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2018-1222
 	REJECTED
-CVE-2018-1221
+CVE-2018-1221 (In cf-deployment before 1.14.0 and routing-release before 0.172.0, the ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1220
+CVE-2018-1220 (EMC RSA Archer, versions prior to 6.2.0.8, contains a redirect vulnera ...)
 	NOT-FOR-US: EMC RSA Archer
-CVE-2018-1219
+CVE-2018-1219 (EMC RSA Archer, versions prior to 6.2.0.8, contains an improper access ...)
 	NOT-FOR-US: EMC RSA Archer
-CVE-2018-1218
+CVE-2018-1218 (In Dell EMC NetWorker versions prior to 9.2.1.1, versions prior to 9.1 ...)
 	NOT-FOR-US: EMC NetWorker
-CVE-2018-1217
+CVE-2018-1217 (Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, an ...)
 	NOT-FOR-US: EMC Avamar Server
-CVE-2018-1216
+CVE-2018-1216 (A hard-coded password vulnerability was discovered in vApp Manager whi ...)
 	NOT-FOR-US: EMC
-CVE-2018-1215
+CVE-2018-1215 (An arbitrary file upload vulnerability was discovered in vApp Manager  ...)
 	NOT-FOR-US: EMC
-CVE-2018-1214
+CVE-2018-1214 (Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows  ...)
 	NOT-FOR-US: EMC
-CVE-2018-1213
+CVE-2018-1213 (Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8. ...)
 	NOT-FOR-US: Dell
-CVE-2018-1212
+CVE-2018-1212 (The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versi ...)
 	NOT-FOR-US: EMC
-CVE-2018-1211
+CVE-2018-1211 (Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path t ...)
 	NOT-FOR-US: Dell EMC iDRAC7/iDRAC8
 CVE-2018-1210
 	REJECTED
@@ -50831,82 +50831,82 @@ CVE-2018-1209
 	REJECTED
 CVE-2018-1208
 	REJECTED
-CVE-2018-1207
+CVE-2018-1207 (Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI inje ...)
 	NOT-FOR-US: Dell EMC iDRAC7/iDRAC8
-CVE-2018-1206
+CVE-2018-1206 (Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and D ...)
 	NOT-FOR-US: EMC Data Protection Advisor
-CVE-2018-1205
+CVE-2018-1205 (Dell EMC ScaleIO, versions prior to 2.5, do not properly handle some p ...)
 	NOT-FOR-US: EMC ScaleIO
-CVE-2018-1204
+CVE-2018-1204 (Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8. ...)
 	NOT-FOR-US: Dell
-CVE-2018-1203
+CVE-2018-1203 (In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary  ...)
 	NOT-FOR-US: Dell
-CVE-2018-1202
+CVE-2018-1202 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...)
 	NOT-FOR-US: Dell
-CVE-2018-1201
+CVE-2018-1201 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...)
 	NOT-FOR-US: Dell
-CVE-2018-1200
+CVE-2018-1200 (Apps Manager for PCF (Pivotal Application Service 1.11.x before 1.11.2 ...)
 	NOT-FOR-US: Pivotal
-CVE-2018-1199
+CVE-2018-1199 (Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2. ...)
 	- libspring-java 4.3.14-1 (bug #890001)
 	[stretch] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <ignored> (Too intrusive to fix by upgrade)
 	[jessie] - libspring-java <no-dsa> (fix for spring-security available but not for springframework)
 	- libspring-security-java <itp> (bug #582181)
 	NOTE: https://pivotal.io/security/cve-2018-1199
-CVE-2018-1198
+CVE-2018-1198 (Pivotal Cloud Cache, versions prior to 1.3.1, prints a superuser passw ...)
 	NOT-FOR-US: Pivotal Cloud Cache
-CVE-2018-1197
+CVE-2018-1197 (In Windows Stemcells versions prior to 1200.14, apps running inside co ...)
 	NOT-FOR-US: Windows Stemcells
-CVE-2018-1196
+CVE-2018-1196 (Spring Boot supports an embedded launch script that can be used to eas ...)
 	NOT-FOR-US: Spring Boot
-CVE-2018-1195
+CVE-2018-1195 (In Cloud Controller versions prior to 1.46.0, cf-deployment versions p ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2018-1194
 	REJECTED
-CVE-2018-1193
+CVE-2018-1193 (Cloud Foundry routing-release, versions prior to 0.175.0, lacks saniti ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1192
+CVE-2018-1192 (In Cloud Foundry Foundation cf-release versions prior to v285; cf-depl ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1191
+CVE-2018-1191 (Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an infor ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2018-1190
+CVE-2018-1190 (An issue was discovered in these Pivotal Cloud Foundry products: all v ...)
 	NOT-FOR-US: Pivotal
-CVE-2018-1189
+CVE-2018-1189 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...)
 	NOT-FOR-US: Dell
-CVE-2018-1188
+CVE-2018-1188 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...)
 	NOT-FOR-US: Dell
-CVE-2018-1187
+CVE-2018-1187 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...)
 	NOT-FOR-US: Dell
-CVE-2018-1186
+CVE-2018-1186 (Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, ...)
 	NOT-FOR-US: Dell
-CVE-2018-1185
+CVE-2018-1185 (An issue was discovered in EMC RecoverPoint for Virtual Machines versi ...)
 	NOT-FOR-US: EMC
-CVE-2018-1184
+CVE-2018-1184 (An issue was discovered in EMC RecoverPoint for Virtual Machines versi ...)
 	NOT-FOR-US: EMC
-CVE-2018-1183
+CVE-2018-1183 (In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4 ...)
 	NOT-FOR-US: EMC
-CVE-2018-1182
+CVE-2018-1182 (An issue was discovered in EMC RSA Identity Governance and Lifecycle v ...)
 	NOT-FOR-US: EMC
 CVE-2018-1181
 	REJECTED
-CVE-2018-1180
+CVE-2018-1180 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1179
+CVE-2018-1179 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1178
+CVE-2018-1178 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1177
+CVE-2018-1177 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1176
+CVE-2018-1176 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1175
+CVE-2018-1175 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1174
+CVE-2018-1174 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1173
+CVE-2018-1173 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2018-1172
+CVE-2018-1172 (This vulnerability allows remote attackers to deny service on vulnerab ...)
 	[experimental] - squid 4.0.21-1~exp5 (unimportant)
 	- squid <removed> (unimportant)
 	[wheezy] - squid <not-affected> (Vunerable code introduced in 3.1)
@@ -50915,105 +50915,105 @@ CVE-2018-1172
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2018_3.txt
 	NOTE: Squid 3.5 patch: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_3.patch
 	NOTE: Only affects custom builds with OpenSSL support enabled
-CVE-2018-1171
+CVE-2018-1171 (This vulnerability allows local attackers to escalate privileges on vu ...)
 	NOT-FOR-US: Joyent SmartOS
-CVE-2018-1170
+CVE-2018-1170 (This vulnerability allows adjacent attackers to inject arbitrary Contr ...)
 	NOT-FOR-US: Volkswagen Customer-Link App and HTC Customer-Link Bridge
-CVE-2018-1169
+CVE-2018-1169 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Amazon Music Player
-CVE-2018-1168
+CVE-2018-1168 (This vulnerability allows local attackers to escalate privileges on vu ...)
 	NOT-FOR-US: ABB MicroSCADA
-CVE-2018-1167
+CVE-2018-1167 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Spotify Music Player
-CVE-2018-1166
+CVE-2018-1166 (This vulnerability allows local attackers to escalate privileges on vu ...)
 	NOT-FOR-US: Joyent SmartOS
-CVE-2018-1165
+CVE-2018-1165 (This vulnerability allows local attackers to escalate privileges on vu ...)
 	NOT-FOR-US: Joyent SmartOS
-CVE-2018-1164
+CVE-2018-1164 (This vulnerability allows remote attackers to cause a denial-of-servic ...)
 	NOT-FOR-US: ZyXEL
-CVE-2018-1163
+CVE-2018-1163 (This vulnerability allows remote attackers to bypass authentication on ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2018-1162
+CVE-2018-1162 (This vulnerability allows remote attackers to create a denial-of-servi ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2018-1161
+CVE-2018-1161 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest NetVault Backup
-CVE-2018-1160
+CVE-2018-1160 (Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_ ...)
 	{DSA-4356-1}
 	- netatalk 2.2.6-2 (bug #916930)
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=13711
-CVE-2018-1159
+CVE-2018-1159 (Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory c ...)
 	NOT-FOR-US: Mikrotik RouterOS
-CVE-2018-1158
+CVE-2018-1158 (Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack ex ...)
 	NOT-FOR-US: Mikrotik RouterOS
-CVE-2018-1157
+CVE-2018-1157 (Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory e ...)
 	NOT-FOR-US: Mikrotik RouterOS
-CVE-2018-1156
+CVE-2018-1156 (Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buff ...)
 	NOT-FOR-US: Mikrotik RouterOS
-CVE-2018-1155
+CVE-2018-1155 (In SecurityCenter versions prior to 5.7.0, a cross-site scripting (XSS ...)
 	NOT-FOR-US: SecurityCenter
-CVE-2018-1154
+CVE-2018-1154 (In SecurityCenter versions prior to 5.7.0, a username enumeration issu ...)
 	NOT-FOR-US: SecurityCenter
-CVE-2018-1153
+CVE-2018-1153 (Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the se ...)
 	NOT-FOR-US: Burp Suite (different from src:burp)
-CVE-2018-1152
+CVE-2018-1152 (libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerabilit ...)
 	{DLA-1638-1}
 	- libjpeg-turbo <unfixed> (low; bug #902950)
 	[stretch] - libjpeg-turbo <no-dsa> (Minor issue)
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6
-CVE-2018-1151
+CVE-2018-1151 (The web server on Western Digital TV Media Player 1.03.07 and TV Live  ...)
 	NOT-FOR-US: web server on Western Digital TV Media Player and TV Live Hub
-CVE-2018-1150
+CVE-2018-1150 (NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow a ...)
 	NOT-FOR-US: NUUO
-CVE-2018-1149
+CVE-2018-1149 (cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers  ...)
 	NOT-FOR-US: NUUO
-CVE-2018-1148
+CVE-2018-1148 (In Nessus before 7.1.0, Session Fixation exists due to insufficient se ...)
 	NOT-FOR-US: Nessus
-CVE-2018-1147
+CVE-2018-1147 (In Nessus before 7.1.0, a XSS vulnerability exists due to improper inp ...)
 	NOT-FOR-US: Nessus
-CVE-2018-1146
+CVE-2018-1146 (A remote unauthenticated user can enable telnet on the Belkin N750 usi ...)
 	NOT-FOR-US: Belkin
-CVE-2018-1145
+CVE-2018-1145 (A remote unauthenticated user can overflow a stack buffer in the Belki ...)
 	NOT-FOR-US: Belkin
-CVE-2018-1144
+CVE-2018-1144 (A remote unauthenticated user can execute commands as root in the Belk ...)
 	NOT-FOR-US: Belkin
-CVE-2018-1143
+CVE-2018-1143 (A remote unauthenticated user can execute commands as root in the Belk ...)
 	NOT-FOR-US: Belkin
-CVE-2018-1142
+CVE-2018-1142 (Tenable Appliance versions 4.6.1 and earlier have been found to contai ...)
 	NOT-FOR-US: Tenable
-CVE-2018-1141
+CVE-2018-1141 (When installing Nessus to a directory outside of the default location, ...)
 	NOT-FOR-US: Nessus
-CVE-2018-1140
+CVE-2018-1140 (A missing input sanitization flaw was found in the implementation of L ...)
 	- samba 2:4.8.4+dfsg-1
 	[stretch] - samba <not-affected> (Only affects Samba 4.8.0 onwards)
 	[jessie] - samba <not-affected> (Only affects Samba 4.8.0 onwards)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-1140.html
-CVE-2018-1139
+CVE-2018-1139 (A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the u ...)
 	- samba 2:4.8.4+dfsg-1
 	[stretch] - samba <not-affected> (Issue introduced in 4.7.0)
 	[jessie] - samba <not-affected> (Issue introduced in 4.7.0)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-1139.html
 CVE-2018-1138
 	RESERVED
-CVE-2018-1137
+CVE-2018-1137 (An issue was discovered in Moodle 3.x. By substituting URLs in portfol ...)
 	- moodle <removed>
-CVE-2018-1136
+CVE-2018-1136 (An issue was discovered in Moodle 3.x. An authenticated user is allowe ...)
 	- moodle <removed>
-CVE-2018-1135
+CVE-2018-1135 (An issue was discovered in Moodle 3.x. Students who posted on forums a ...)
 	- moodle <removed>
-CVE-2018-1134
+CVE-2018-1134 (An issue was discovered in Moodle 3.x. Students who submitted assignme ...)
 	- moodle <removed>
-CVE-2018-1133
+CVE-2018-1133 (An issue was discovered in Moodle 3.x. A Teacher creating a Calculated ...)
 	- moodle <removed>
-CVE-2018-1132
+CVE-2018-1132 (A flaw was found in Opendaylight's SDNInterfaceapp (SDNI). Attackers c ...)
 	NOT-FOR-US: OpenDaylight
-CVE-2018-1131
+CVE-2018-1131 (Infinispan permits improper deserialization of trusted data via XML an ...)
 	NOT-FOR-US: infinispan
-CVE-2018-1130
+CVE-2018-1130 (Linux kernel before version 4.16-rc7 is vulnerable to a null pointer d ...)
 	{DLA-1423-1 DLA-1422-1 DLA-1392-1}
 	- linux 4.15.17-1
 	[stretch] - linux 4.9.107-1
 	NOTE: Fixed by: https://git.kernel.org/linus/67f93df79aeefc3add4e4b31a752600f834236e2
-CVE-2018-1129
+CVE-2018-1129 (A flaw was found in the way signature calculation was handled by cephx ...)
 	{DSA-4339-1 DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
@@ -51023,7 +51023,7 @@ CVE-2018-1129
 	[jessie] - ceph <no-dsa> (Intrusive changes)
 	NOTE: http://tracker.ceph.com/issues/24837
 	NOTE: https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587
-CVE-2018-1128
+CVE-2018-1128 (It was found that cephx authentication protocol did not verify ceph cl ...)
 	{DSA-4339-1 DLA-1715-1}
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
@@ -51033,48 +51033,48 @@ CVE-2018-1128
 	[jessie] - ceph <no-dsa> (Intrusive changes)
 	NOTE: http://tracker.ceph.com/issues/24836
 	NOTE: https://github.com/ceph/ceph/commit/5ead97120e07054d80623dada90a5cc764c28468
-CVE-2018-1127
+CVE-2018-1127 (Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediatel ...)
 	NOT-FOR-US: tendrl-api
-CVE-2018-1126
+CVE-2018-1126 (procps-ng before version 3.3.15 is vulnerable to an incorrect integer  ...)
 	{DSA-4208-1 DLA-1390-1}
 	- procps 2:3.3.15-1 (bug #899170)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
 	NOTE: Patch: 0035-proc-alloc.-Use-size_t-not-unsigned-int.patch
 	NOTE: https://gitlab.com/procps-ng/procps/commit/f1077b7a558a5545837aae068422e58f1f9b1d33
-CVE-2018-1125
+CVE-2018-1125 (procps-ng before version 3.3.15 is vulnerable to a stack buffer overfl ...)
 	{DSA-4208-1 DLA-1390-1}
 	- procps 2:3.3.15-1 (bug #899170)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
 	NOTE: Patch: 0008-pgrep-Prevent-a-potential-stack-based-buffer-overflo.patch
 	NOTE: https://gitlab.com/procps-ng/procps/commit/b51ca2a1f8ca779f7632ade6a0a259ed882fa584
-CVE-2018-1124
+CVE-2018-1124 (procps-ng before version 3.3.15 is vulnerable to multiple integer over ...)
 	{DSA-4208-1 DLA-1390-1}
 	- procps 2:3.3.15-1 (bug #899170)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
 	NOTE: Patch: 0074-proc-readproc.c-Fix-bugs-and-overflows-in-file2strve.patch
 	NOTE: https://gitlab.com/procps-ng/procps/commit/36c350f07c75aabf747fb833f52a234ae5781b20
-CVE-2018-1123
+CVE-2018-1123 (procps-ng before version 3.3.15 is vulnerable to a denial of service i ...)
 	{DSA-4208-1 DLA-1390-1}
 	- procps 2:3.3.15-1 (bug #899170)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
 	NOTE: Patch: 0054-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
 	NOTE: https://gitlab.com/procps-ng/procps/commit/136e3724952827bbae8887a42d9d2b6f658a48ab
-CVE-2018-1122
+CVE-2018-1122 (procps-ng before version 3.3.15 is vulnerable to a local privilege esc ...)
 	{DSA-4208-1 DLA-1390-1}
 	- procps 2:3.3.15-1 (bug #899170)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
 	NOTE: Patch: 0097-top-Do-not-default-to-the-cwd-in-configs_read.patch
 	NOTE: https://gitlab.com/procps-ng/procps/commit/b45c4803dd176f4e3f9d3d47421ddec9bbbe66cd
-CVE-2018-1121
+CVE-2018-1121 (procps-ng, procps is vulnerable to a process hiding through race condi ...)
 	- linux <unfixed> (unimportant)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
-CVE-2018-1120
+CVE-2018-1120 (A flaw was found affecting the Linux kernel before version 4.17. By mm ...)
 	{DLA-1423-1}
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
@@ -51084,7 +51084,7 @@ CVE-2018-1120
 	NOTE: Fixed by: https://git.kernel.org/linus/7f7ccc2ccc2e70c6054685f5e3522efa81556830
 CVE-2018-1119
 	REJECTED
-CVE-2018-1118
+CVE-2018-1118 (Linux kernel vhost since version 4.8 does not properly initialize memo ...)
 	{DLA-1423-1}
 	- linux 4.17.3-1
 	[stretch] - linux 4.9.110-1
@@ -51092,16 +51092,16 @@ CVE-2018-1118
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lkml.org/lkml/2018/4/27/833
 	NOTE: Fixed by: https://git.kernel.org/linus/670ae9caaca467ea1bfd325cb2a5c98ba87f94ad
-CVE-2018-1117
+CVE-2018-1117 (ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a  ...)
 	NOT-FOR-US: ovirt-ansible-roles
-CVE-2018-1116
+CVE-2018-1116 (A flaw was found in polkit before version 0.116. The implementation of ...)
 	{DLA-1448-1}
 	- policykit-1 0.105-21 (bug #903563)
 	[stretch] - policykit-1 <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://cgit.freedesktop.org/polkit/commit/?id=bc7ffad53643a9c80231fc41f5582d6a8931c32c
 	NOTE: https://lists.freedesktop.org/archives/polkit-devel/2018-July/000583.html
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1099031
-CVE-2018-1115
+CVE-2018-1115 (postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack  ...)
 	- postgresql-10 10.4-1
 	- postgresql-9.6 <removed>
 	[stretch] - postgresql-9.6 9.6.9-0+deb9u1
@@ -51110,18 +51110,18 @@ CVE-2018-1115
 	- postgresql-9.1 <removed>
 	[jessie] - postgresql-9.1 <not-affected> (Code not present)
 	[wheezy] - postgresql-9.1 <not-affected> (Code not present)
-CVE-2018-1114
+CVE-2018-1114 (It was found that URLResource.getLastModified() in Undertow closes the ...)
 	- undertow 1.4.25-1 (bug #897247)
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1338
 	NOTE: https://github.com/undertow-io/undertow/commit/882d5884f2614944a0c2ae69bafd9d13bfc5b64a
 	NOTE: https://bugs.openjdk.java.net/browse/JDK-6956385
-CVE-2018-1113
+CVE-2018-1113 (setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Li ...)
 	NOT-FOR-US: Red Hat specific CVE assignment for Red Hat / Fedora setups (nologin listed in /etc/shells violates security expectations)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1571094
-CVE-2018-1112
+CVE-2018-1112 (glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when usi ...)
 	- glusterfs <not-affected> (Fix for CVE-2018-1088 was not applied/ incomplete fix not applied)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1570891
-CVE-2018-1111
+CVE-2018-1111 (DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earl ...)
 	NOT-FOR-US: Red Hat Specific script
 	NOTE: https://access.redhat.com/security/vulnerabilities/3442151
 CVE-2018-1110 [Improper Input Validation]
@@ -51134,7 +51134,7 @@ CVE-2018-1109
 	NOTE: https://snyk.io/vuln/npm:braces:20180219
 	NOTE: https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451
 	NOTE: nodejs not covered by security support
-CVE-2018-1108
+CVE-2018-1108 (kernel drivers before version 4.17-rc1 are vulnerable to a weakness in ...)
 	- linux 4.16.5-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -51144,7 +51144,7 @@ CVE-2018-1108
 CVE-2018-1107
 	RESERVED
 	NOT-FOR-US: is-my-json-valid package for Node.js
-CVE-2018-1106
+CVE-2018-1106 (An authentication bypass flaw has been found in PackageKit before 1.1. ...)
 	{DSA-4207-1}
 	- packagekit 1.1.10-1 (bug #896703)
 	[jessie] - packagekit <not-affected> (Issue introduced later)
@@ -51155,73 +51155,73 @@ CVE-2018-1106
 	NOTE: Resulting affected (upstream) versions: >= 1.0.10 up until current 1.1.9
 CVE-2018-1105
 	RESERVED
-CVE-2018-1104
+CVE-2018-1104 (Ansible Tower through version 3.2.3 has a vulnerability that allows us ...)
 	NOT-FOR-US: Ansible Tower
-CVE-2018-1103
+CVE-2018-1103 (Openshift Enterprise source-to-image before version 1.1.10 is vulnerab ...)
 	NOT-FOR-US: source-to-image in OpenShift
-CVE-2018-1102
+CVE-2018-1102 (A flaw was found in source-to-image function as shipped with Openshift ...)
 	NOT-FOR-US: source-to-image in OpenShift
-CVE-2018-1101
+CVE-2018-1101 (Ansible Tower before version 3.2.4 has a flaw in the management of sys ...)
 	NOT-FOR-US: Ansible Tower
-CVE-2018-1100
+CVE-2018-1100 (zsh through version 5.4.2 is vulnerable to a stack-based buffer overfl ...)
 	- zsh 5.5-1 (bug #895225)
 	[stretch] - zsh <no-dsa> (Minor issue)
 	[jessie] - zsh <no-dsa> (Minor issue)
 	[wheezy] - zsh <no-dsa> (Minor issue)
 	NOTE: https://www.zsh.org/cgi-bin/mla/redirect?WORKERNUMBER=42607
 	NOTE: https://sourceforge.net/p/zsh/code/ci/31f72205630687c1cef89347863aab355296a27f/
-CVE-2018-1099
+CVE-2018-1099 (DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attack ...)
 	- etcd <unfixed> (low; bug #921156)
 	[buster] - etcd <no-dsa> (Minor issue)
 	NOTE: https://github.com/coreos/etcd/issues/9353
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552717
-CVE-2018-1098
+CVE-2018-1098 (A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. ...)
 	- etcd <unfixed> (low; bug #921156)
 	[buster] - etcd <no-dsa> (Minor issue)
 	NOTE: https://github.com/coreos/etcd/issues/9353
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552714
-CVE-2018-1097
+CVE-2018-1097 (A flaw was found in foreman before 1.16.1. The issue allows users with ...)
 	- foreman <itp> (bug #663101)
 	NOTE: https://projects.theforeman.org/issues/22546
 	NOTE: https://github.com/theforeman/foreman/pull/5369
-CVE-2018-1096
+CVE-2018-1096 (An input sanitization flaw was found in the id field in the dashboard  ...)
 	- foreman <itp> (bug #663101)
 	NOTE: http://projects.theforeman.org/issues/23028
 	NOTE: https://github.com/theforeman/foreman/pull/5363
-CVE-2018-1095
+CVE-2018-1095 (The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux  ...)
 	- linux 4.16.5-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199185
-CVE-2018-1094
+CVE-2018-1094 (The ext4_fill_super function in fs/ext4/super.c in the Linux kernel th ...)
 	- linux 4.15.17-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199183
-CVE-2018-1093
+CVE-2018-1093 (The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux  ...)
 	{DSA-4188-1 DLA-1422-1 DLA-1392-1}
 	- linux 4.15.17-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199181
-CVE-2018-1092
+CVE-2018-1092 (The ext4_iget function in fs/ext4/inode.c in the Linux kernel through  ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.17-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199179
 	NOTE: Fixed by: https://git.kernel.org/linus/8e4b5eae5decd9dfe5a4ee369c22028f90ab4c44
-CVE-2018-1091
+CVE-2018-1091 (In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c ...)
 	- linux 4.13.10-1
 	[stretch] - linux 4.9.65-1
 	[jessie] - linux <not-affected> (Hardware not supported; POWER9 support missing)
 	[wheezy] - linux <not-affected> (Hardware not supported)
 	NOTE: Fixed by: https://git.kernel.org/linus/c1fa0768a8713b135848f78fd43ffc208d8ded70
-CVE-2018-1090
+CVE-2018-1090 (In Pulp before version 2.16.2, secrets are passed into override_config ...)
 	NOT-FOR-US: Pulp (Red Hat)
-CVE-2018-1089
+CVE-2018-1089 (389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properl ...)
 	{DLA-1428-1}
 	- 389-ds-base 1.3.8.2-1 (bug #898138)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/07/2
-CVE-2018-1088
+CVE-2018-1088 (A privilege escalation flaw was found in gluster 3.x snapshot schedule ...)
 	- glusterfs 4.0.2-1 (bug #896128)
 	[jessie] - glusterfs <not-affected> (vulnerable code not present)
 	[wheezy] - glusterfs <not-affected> (vulnerable code not present)
@@ -51232,19 +51232,19 @@ CVE-2018-1088
 	NOTE: CVE-2018-1112 causing that auth.allow allows all clients to mount volumes.
 	NOTE: Cf. https://bugzilla.redhat.com/show_bug.cgi?id=1570891
 	NOTE: Needs: https://review.gluster.org/#/c/19899/1..2
-CVE-2018-1087
+CVE-2018-1087 (kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-r ...)
 	{DSA-4196-1}
 	- linux 4.15.17-1
 	[wheezy] - linux <not-affected> (Issue introduced in 3.16)
 	NOTE: Fixed by: https://git.kernel.org/linus/32d43cd391bacb5f0814c2624399a5dad3501d09 (4.16-rc7)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/08/5
-CVE-2018-1086
+CVE-2018-1086 (pcs before versions 0.9.164 and 0.10 is vulnerable to a debug paramete ...)
 	{DSA-4169-1}
 	- pcs 0.9.164-1 (bug #895313)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/09/2
-CVE-2018-1085
+CVE-2018-1085 (openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigur ...)
 	NOT-FOR-US: openshift-ansible
-CVE-2018-1084
+CVE-2018-1084 (corosync before version 2.4.4 is vulnerable to an integer overflow in  ...)
 	{DSA-4174-1}
 	- corosync 2.4.4-1 (bug #895653)
 	[jessie] - corosync <not-affected> (Vulnerable code introduced later)
@@ -51253,78 +51253,78 @@ CVE-2018-1084
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552830
 	NOTE: Fixed by: https://github.com/corosync/corosync/commit/fc1d5418533c1faf21616b282c2559bed7d361c4
 	NOTE: https://oss.clusterlabs.org/pipermail/users/2018-April/014856.html
-CVE-2018-1083
+CVE-2018-1083 (Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in  ...)
 	{DLA-1335-1}
 	- zsh 5.4.2-4 (low; bug #894043)
 	[stretch] - zsh <no-dsa> (Minor issue)
 	[jessie] - zsh <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/259ac472eac291c8c103c7a0d8a4eaf3c2942ed7
-CVE-2018-1082
+CVE-2018-1082 (A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user a ...)
 	- moodle <removed>
-CVE-2018-1081
+CVE-2018-1081 (A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3 ...)
 	- moodle <removed>
-CVE-2018-1080
+CVE-2018-1080 (Dogtag PKI, through version 10.6.1, has a vulnerability in AAclAuthz.j ...)
 	[experimental] - dogtag-pki 10.6.0-2
 	- dogtag-pki 10.6.6-1 (bug #893690)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1556657
 	NOTE: https://pagure.io/freeipa/issue/7453
 	NOTE: https://review.gerrithub.io/#/c/404435/
-CVE-2018-1079
+CVE-2018-1079 (pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escal ...)
 	- pcs 0.9.164-1 (bug #895314)
 	[stretch] - pcs <not-affected> (Vulnerable code introduced in 0.9.157)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/04/09/2
-CVE-2018-1078
+CVE-2018-1078 (OpenDayLight version Carbon SR3 and earlier contain a vulnerability du ...)
 	NOT-FOR-US: OpenDayLight
-CVE-2018-1077
+CVE-2018-1077 (Spacewalk 2.6 contains an API which has an XXE flaw allowing for the d ...)
 	NOT-FOR-US: NOT-FOR-US: Red Hat Satellite / Spacewalk
 CVE-2018-1076
 	RESERVED
-CVE-2018-1075
+CVE-2018-1075 (ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered passwo ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2018-1074
+CVE-2018-1074 (ovirt-engine API and administration web portal before versions 4.2.2.5 ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2018-1073
+CVE-2018-1073 (The web console login form in ovirt-engine before version 4.2.3 return ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2018-1072
+CVE-2018-1072 (ovirt-engine before version ovirt 4.2.2 is vulnerable to an informatio ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2018-1071
+CVE-2018-1071 (zsh through version 5.4.2 is vulnerable to a stack-based buffer overfl ...)
 	{DLA-1335-1}
 	- zsh 5.4.2-4 (low; bug #894044)
 	[stretch] - zsh <no-dsa> (Minor issue)
 	[jessie] - zsh <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/zsh/code/ci/679b71ec4d852037fe5f73d35bf557b0f406c8d4
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553531
-CVE-2018-1070
+CVE-2018-1070 (routing before version 3.10 is vulnerable to an improper input validat ...)
 	NOT-FOR-US: OpenShift (Routing configuration)
-CVE-2018-1069
+CVE-2018-1069 (Red Hat OpenShift Enterprise version 3.7 is vulnerable to access contr ...)
 	NOT-FOR-US: OpenShift
-CVE-2018-1068
+CVE-2018-1068 (A flaw was found in the Linux 4.x kernel's implementation of 32-bit sy ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1369-1}
 	- linux 4.15.11-1
 	NOTE: https://git.kernel.org/linus/b71812168571fa55e44cdd0254471331b9c4c4c6
 	NOTE: Unprivileged user namespaces are disabled in Debian, this only affects
 	NOTE: non-standard setups
-CVE-2018-1067
+CVE-2018-1067 (In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the  ...)
 	- undertow 1.4.25-1 (bug #900323)
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1302
 	NOTE: Issue is incomplete fix for CVE-2016-4993
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/85d4478e598105fe94ac152d3e11e388374e8b86 (1.4.25.Final)
-CVE-2018-1066
+CVE-2018-1066 (The Linux kernel before version 4.11 is vulnerable to a NULL pointer d ...)
 	{DSA-4188-1 DSA-4187-1 DLA-1422-1}
 	- linux 4.11.6-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/cabfb3680f78981d26c078a26e5c748531257ebb
-CVE-2018-1065
+CVE-2018-1065 (The netfilter subsystem in the Linux kernel through 4.15.7 mishandles  ...)
 	{DSA-4188-1}
 	- linux 4.15.11-1
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8
-CVE-2018-1064
+CVE-2018-1064 (libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustio ...)
 	{DSA-4137-1 DLA-1315-1}
 	- libvirt 4.1.0-1
 	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=fbf31e1a4cd19d6f6e33e0937a009775cd7d9513
-CVE-2018-1063
+CVE-2018-1063 (Context relabeling of filesystems is vulnerable to symbolic link attac ...)
 	- policycoreutils 2.7-1
 	[stretch] - policycoreutils <no-dsa> (Minor issue)
 	[jessie] - policycoreutils <no-dsa> (Minor issue)
@@ -51334,9 +51334,9 @@ CVE-2018-1063
 	NOTE: before relabeling the file system. Futhtermore only triggerable at
 	NOTE: relabeling time.
 	NOTE: https://github.com/SELinuxProject/selinux/commit/2608b4d6660af0fb8ad93f2cc144bdaab3c2afa8
-CVE-2018-1062
+CVE-2018-1062 (A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the  ...)
 	NOT-FOR-US: ovirt-engine
-CVE-2018-1061
+CVE-2018-1061 (python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is  ...)
 	{DSA-4307-1 DSA-4306-1 DLA-1520-1 DLA-1519-1}
 	- python3.7 3.7.0~b3-1 (low)
 	- python3.6 3.6.5~rc1-1 (low)
@@ -51355,7 +51355,7 @@ CVE-2018-1061
 	NOTE: https://github.com/python/cpython/commit/937ac1fe069a4dc8471dff205f553d82e724015b (3.5)
 	NOTE: https://github.com/python/cpython/commit/942cc04ae44825ea120e3a19a80c9b348b8194d0 (3.4)
 	NOTE: https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2 (2.7)
-CVE-2018-1060
+CVE-2018-1060 (python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is  ...)
 	{DSA-4307-1 DSA-4306-1 DLA-1520-1 DLA-1519-1}
 	- python3.7 3.7.0~b3-1 (low)
 	- python3.6 3.6.5~rc1-1 (low)
@@ -51374,10 +51374,10 @@ CVE-2018-1060
 	NOTE: https://github.com/python/cpython/commit/937ac1fe069a4dc8471dff205f553d82e724015b (3.5)
 	NOTE: https://github.com/python/cpython/commit/942cc04ae44825ea120e3a19a80c9b348b8194d0 (3.4)
 	NOTE: https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2 (2.7)
-CVE-2018-1059
+CVE-2018-1059 (The DPDK vhost-user interface does not check to verify that all the re ...)
 	- dpdk 17.11.2-1 (bug #896688)
 	[stretch] - dpdk 16.11.6-1+deb9u1
-CVE-2018-1058
+CVE-2018-1058 (A flaw was found in the way Postgresql allowed a user to modify the be ...)
 	- postgresql-10 10.3-1
 	- postgresql-9.6 <removed>
 	[stretch] - postgresql-9.6 9.6.8-0+deb9u1
@@ -51389,14 +51389,14 @@ CVE-2018-1058
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=3d2aed664ee8271fd6c721ed0aa10168cda112ea
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=582edc369cdbd348d68441fc50fa26a84afd0c1a
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=5770172cb0c9df9e6ce27c507b449557e5b45124
-CVE-2018-1057
+CVE-2018-1057 (On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 ...)
 	{DSA-4135-1}
 	- samba 2:4.7.4+dfsg-2
 	[jessie] - samba <ignored> (Too intrusive to backport)
 	[wheezy] - samba <not-affected> (Vulnerable code introduced later in 4.0.0alpha13)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-1057.html
 	NOTE: https://wiki.samba.org/index.php/CVE-2018-1057
-CVE-2018-1056
+CVE-2018-1056 (An out-of-bounds heap buffer read flaw was found in the way advancecom ...)
 	{DLA-1702-1 DLA-1281-1}
 	- advancecomp 2.1-1 (bug #889270)
 	[stretch] - advancecomp <no-dsa> (Minor issue, can be fixed via point release)
@@ -51404,13 +51404,13 @@ CVE-2018-1056
 	NOTE: https://github.com/amadvance/advancecomp/commit/7deeafc02b29cc51d51079e66f4f43f986ff9cc5
 CVE-2018-1055
 	REJECTED
-CVE-2018-1054
+CVE-2018-1054 (An out-of-bounds memory read flaw was found in the way 389-ds-base han ...)
 	{DLA-1428-1}
 	- 389-ds-base 1.3.7.10-1 (bug #892124)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1537314
 	NOTE: https://pagure.io/389-ds-base/issue/49545
 	NOTE: https://pagure.io/389-ds-base/c/14ce2fe0dfa67405dae0ae2e7fde13f6a1360d30?branch=master
-CVE-2018-1053
+CVE-2018-1053 (In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9 ...)
 	{DLA-1271-1}
 	- postgresql-10 10.2-1
 	- postgresql-9.6 <removed>
@@ -51420,22 +51420,22 @@ CVE-2018-1053
 	- postgresql-9.1 <removed>
 	[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie is PL/Perl only)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=6ba52aeb24e62586b51e77723d87627c18a844ca
-CVE-2018-1052
+CVE-2018-1052 (Memory disclosure vulnerability in table partitioning was found in pos ...)
 	- postgresql-10 10.2-1
 	- postgresql-9.6 <not-affected> (code introduced in 10)
 	- postgresql-9.4 <not-affected> (code introduced in 10)
 	- postgresql-9.1 <not-affected> (code introduced in 10)
-CVE-2018-1051
+CVE-2018-1051 (It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1 ...)
 	- resteasy <unfixed>
 	[jessie] - resteasy <not-affected> (Incomplete fix for CVE-2016-9606 wasn't backported)
 	- resteasy3.0 <not-affected> (Incomplete fix for CVE-2016-9606 not applied)
 	NOTE: Removing deprecated YamlProvider was done in 4.0.0.Beta4
-CVE-2018-1050
+CVE-2018-1050 (All versions of Samba from 4.0.0 onwards are vulnerable to a denial of ...)
 	{DSA-4135-1 DLA-1320-1}
 	- samba 2:4.7.4+dfsg-2
 	[jessie] - samba <no-dsa> (Minor issue)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-1050.html
-CVE-2018-1049
+CVE-2018-1049 (In systemd prior to 234 a race condition exists between .mount and .au ...)
 	{DLA-1580-1}
 	- systemd 234-1
 	[stretch] - systemd <postponed> (Minor issue, can either be included in future DSA or point release)
@@ -51443,640 +51443,640 @@ CVE-2018-1049
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1709649
 	NOTE: https://github.com/systemd/systemd/pull/5916
 	NOTE: https://github.com/systemd/systemd/commit/e7d54bf58789545a9eb0b3964233defa0b007318
-CVE-2018-1048
+CVE-2018-1048 (It was found that the AJP connector in undertow, as shipped in Jboss E ...)
 	- undertow 1.4.22-1 (bug #891928)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1534343
 	NOTE: https://issues.jboss.org/browse/UNDERTOW-1245
 	NOTE: Fixed by https://github.com/undertow-io/undertow/commit/1bc0c275aadf5835abfbd3835d5d78095c2f1cf5
-CVE-2018-1047
+CVE-2018-1047 (A flaw was found in Wildfly 9.x. A path traversal vulnerability throug ...)
 	- wildfly <itp> (bug #752018)
 	NOTE: https://issues.jboss.org/browse/WFLY-9620
 	NOTE: https://developer.jboss.org/thread/276826
 	NOTE: Fixed by https://github.com/wildfly/wildfly/pull/10748
-CVE-2018-1046
+CVE-2018-1046 (pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsrep ...)
 	- pdns 4.1.2-1 (bug #898255)
 	[stretch] - pdns 4.0.3-1+deb9u3
 	[jessie] - pdns <not-affected> (Vulnerable code not present)
 	[wheezy] - pdns <not-affected> (Vulnerable code not present)
 	NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-02.html
 	NOTE: Fixed by https://github.com/PowerDNS/pdns/commit/f9c57c98da1b1007a51680629b667d57d9b702b8
-CVE-2018-1045
+CVE-2018-1045 (In Moodle 3.x, there is XSS via a calendar event name. ...)
 	- moodle <removed>
-CVE-2018-1044
+CVE-2018-1044 (In Moodle 3.x, quiz web services allow students to see quiz results wh ...)
 	- moodle <removed>
-CVE-2018-1043
+CVE-2018-1043 (In Moodle 3.x, the setting for blocked hosts list can be bypassed with ...)
 	- moodle <removed>
-CVE-2018-1042
+CVE-2018-1042 (Moodle 3.x has Server Side Request Forgery in the filepicker. ...)
 	- moodle <removed>
-CVE-2018-1041
+CVE-2018-1041 (A vulnerability was found in the way RemoteMessageChannel, introduced  ...)
 	- libjboss-remoting-java <removed>
 	[wheezy] - libjboss-remoting-java <ignored> (unimportant leaf package)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1530457
-CVE-2018-1040
+CVE-2018-1040 (A denial of service vulnerability exists in the way that the Windows C ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1039
+CVE-2018-1039 (A security feature bypass vulnerability exists in .Net Framework which ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1038
+CVE-2018-1038 (The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 all ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1037
+CVE-2018-1037 (An information disclosure vulnerability exists when Visual Studio impr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1036
+CVE-2018-1036 (An elevation of privilege vulnerability exists when NTFS improperly ch ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1035
+CVE-2018-1035 (A security feature bypass vulnerability exists in Windows which could  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1034
+CVE-2018-1034 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-1033
 	RESERVED
-CVE-2018-1032
+CVE-2018-1032 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-1031
 	RESERVED
-CVE-2018-1030
+CVE-2018-1030 (A remote code execution vulnerability exists in Microsoft Office softw ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1029
+CVE-2018-1029 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1028
+CVE-2018-1028 (A remote code execution vulnerability exists when the Office graphics  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1027
+CVE-2018-1027 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1026
+CVE-2018-1026 (A remote code execution vulnerability exists in Microsoft Office softw ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1025
+CVE-2018-1025 (An information disclosure vulnerability exists when affected Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-1024
 	RESERVED
-CVE-2018-1023
+CVE-2018-1023 (A remote code execution vulnerability exists in the way that Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1022
+CVE-2018-1022 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1021
+CVE-2018-1021 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1020
+CVE-2018-1020 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1019
+CVE-2018-1019 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1018
+CVE-2018-1018 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-1017
 	RESERVED
-CVE-2018-1016
+CVE-2018-1016 (A remote code execution vulnerability exists when the Windows font lib ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1015
+CVE-2018-1015 (A remote code execution vulnerability exists when the Windows font lib ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1014
+CVE-2018-1014 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1013
+CVE-2018-1013 (A remote code execution vulnerability exists when the Windows font lib ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1012
+CVE-2018-1012 (A remote code execution vulnerability exists when the Windows font lib ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1011
+CVE-2018-1011 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1010
+CVE-2018-1010 (A remote code execution vulnerability exists when the Windows font lib ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1009
+CVE-2018-1009 (An elevation of privilege vulnerability exists when Windows improperly ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1008
+CVE-2018-1008 (An elevation of privilege vulnerability exists in Windows Adobe Type M ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1007
+CVE-2018-1007 (An information disclosure vulnerability exists when Microsoft Office i ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-1006
 	RESERVED
-CVE-2018-1005
+CVE-2018-1005 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1004
+CVE-2018-1004 (A remote code execution vulnerability exists in the way that the VBScr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1003
+CVE-2018-1003 (A buffer overflow vulnerability exists in the Microsoft JET Database E ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-1002
 	RESERVED
-CVE-2018-1001
+CVE-2018-1001 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-1000
+CVE-2018-1000 (An information disclosure vulnerability exists in the way that the scr ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0999
 	RESERVED
-CVE-2018-0998
+CVE-2018-0998 (An information disclosure vulnerability exists when Microsoft Edge PDF ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0997
+CVE-2018-0997 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0996
+CVE-2018-0996 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0995
+CVE-2018-0995 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0994
+CVE-2018-0994 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0993
+CVE-2018-0993 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0992
 	RESERVED
-CVE-2018-0991
+CVE-2018-0991 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0990
+CVE-2018-0990 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0989
+CVE-2018-0989 (An information disclosure vulnerability exists in the way that the scr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0988
+CVE-2018-0988 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0987
+CVE-2018-0987 (An information disclosure vulnerability exists when the scripting engi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0986
+CVE-2018-0986 (A remote code execution vulnerability exists when the Microsoft Malwar ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0985
 	RESERVED
 CVE-2018-0984
 	RESERVED
-CVE-2018-0983
+CVE-2018-0983 (Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0982
+CVE-2018-0982 (An elevation of privilege vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0981
+CVE-2018-0981 (An information disclosure vulnerability exists in the way that the scr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0980
+CVE-2018-0980 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0979
+CVE-2018-0979 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0978
+CVE-2018-0978 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0977
+CVE-2018-0977 (The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0976
+CVE-2018-0976 (A denial of service vulnerability exists in Remote Desktop Protocol (R ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0975
+CVE-2018-0975 (An information disclosure vulnerability exists in the Windows kernel t ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0974
+CVE-2018-0974 (An information disclosure vulnerability exists in the Windows kernel t ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0973
+CVE-2018-0973 (An information disclosure vulnerability exists in the Windows kernel t ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0972
+CVE-2018-0972 (An information disclosure vulnerability exists in the Windows kernel t ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0971
+CVE-2018-0971 (An information disclosure vulnerability exists in the Windows kernel t ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0970
+CVE-2018-0970 (An information disclosure vulnerability exists in the Windows kernel t ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0969
+CVE-2018-0969 (An information disclosure vulnerability exists in the Windows kernel t ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0968
+CVE-2018-0968 (An information disclosure vulnerability exists in the Windows kernel t ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0967
+CVE-2018-0967 (A denial of service vulnerability exists in the way that Windows SNMP  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0966
+CVE-2018-0966 (A security feature bypass exists when Device Guard incorrectly validat ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0965
+CVE-2018-0965 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0964
+CVE-2018-0964 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0963
+CVE-2018-0963 (An elevation of privilege vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0962
 	RESERVED
-CVE-2018-0961
+CVE-2018-0961 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0960
+CVE-2018-0960 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0959
+CVE-2018-0959 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0958
+CVE-2018-0958 (A security feature bypass vulnerability exists in Windows which could  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0957
+CVE-2018-0957 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0956
+CVE-2018-0956 (A denial of service vulnerability exists in the HTTP 2.0 protocol stac ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0955
+CVE-2018-0955 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0954
+CVE-2018-0954 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0953
+CVE-2018-0953 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0952
+CVE-2018-0952 (An Elevation of Privilege vulnerability exists when Diagnostics Hub St ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0951
+CVE-2018-0951 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0950
+CVE-2018-0950 (An information disclosure vulnerability exists when Office renders Ric ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0949
+CVE-2018-0949 (A security feature bypass vulnerability exists when Microsoft Internet ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0948
 	RESERVED
-CVE-2018-0947
+CVE-2018-0947 (Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Ente ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0946
+CVE-2018-0946 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0945
+CVE-2018-0945 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0944
+CVE-2018-0944 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0943
+CVE-2018-0943 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0942
+CVE-2018-0942 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0941
+CVE-2018-0941 (Microsoft Exchange Server 2016 Cumulative Update 7 and Microsoft Excha ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0940
+CVE-2018-0940 (Microsoft Exchange Outlook Web Access (OWA) in Microsoft Exchange Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0939
+CVE-2018-0939 (ChakraCore and Microsoft Edge in Windows 10 1703 and 1709 allow inform ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0938
 	RESERVED
-CVE-2018-0937
+CVE-2018-0937 (ChakraCore and Microsoft Windows 10 1703 and 1709 allow remote code ex ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0936
+CVE-2018-0936 (ChakraCore and Microsoft Windows 10 1709 allow remote code execution,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0935
+CVE-2018-0935 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0934
+CVE-2018-0934 (ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0933
+CVE-2018-0933 (ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0932
+CVE-2018-0932 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0931
+CVE-2018-0931 (ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0930
+CVE-2018-0930 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remo ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0929
+CVE-2018-0929 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2  ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0928
 	RESERVED
-CVE-2018-0927
+CVE-2018-0927 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0926
+CVE-2018-0926 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0925
+CVE-2018-0925 (ChakraCore allows remote code execution, due to how the ChakraCore scr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0924
+CVE-2018-0924 (Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Micros ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0923
+CVE-2018-0923 (Microsoft SharePoint Enterprise Server 2016 allows an elevation of pri ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0922
+CVE-2018-0922 (Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 C ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0921
+CVE-2018-0921 (Microsoft SharePoint Enterprise Server 2016 allows an elevation of pri ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0920
+CVE-2018-0920 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0919
+CVE-2018-0919 (Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 C ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0918
 	RESERVED
-CVE-2018-0917
+CVE-2018-0917 (Microsoft SharePoint Enterprise Server 2016 allows an elevation of pri ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0916
+CVE-2018-0916 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0915
+CVE-2018-0915 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0914
+CVE-2018-0914 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0913
+CVE-2018-0913 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0912
+CVE-2018-0912 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0911
+CVE-2018-0911 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0910
+CVE-2018-0910 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0909
+CVE-2018-0909 (Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0908
+CVE-2018-0908 (Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevate ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0907
+CVE-2018-0907 (Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, Microsoft Excel 20 ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0906
 	RESERVED
 CVE-2018-0905
 	RESERVED
-CVE-2018-0904
+CVE-2018-0904 (The Windows kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0903
+CVE-2018-0903 (Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0902
+CVE-2018-0902 (The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0901
+CVE-2018-0901 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0900
+CVE-2018-0900 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0899
+CVE-2018-0899 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0898
+CVE-2018-0898 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0897
+CVE-2018-0897 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0896
+CVE-2018-0896 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0895
+CVE-2018-0895 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0894
+CVE-2018-0894 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0893
+CVE-2018-0893 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0892
+CVE-2018-0892 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0891
+CVE-2018-0891 (ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0890
+CVE-2018-0890 (A security feature bypass vulnerability exists when Active Directory i ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0889
+CVE-2018-0889 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0888
+CVE-2018-0888 (The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft W ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0887
+CVE-2018-0887 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0886
+CVE-2018-0886 (The Credential Security Support Provider protocol (CredSSP) in Microso ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0885
+CVE-2018-0885 (The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft W ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0884
+CVE-2018-0884 (Windows Scripting Host (WSH) in Windows 10 Gold, 1511, 1607, 1703 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0883
+CVE-2018-0883 (Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0882
+CVE-2018-0882 (The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0881
+CVE-2018-0881 (The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, W ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0880
+CVE-2018-0880 (The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0879
+CVE-2018-0879 (Microsoft Edge in Windows 10 1709 allows information disclosure, due t ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0878
+CVE-2018-0878 (Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0877
+CVE-2018-0877 (The Desktop Bridge Virtual File System (VFS) in Windows 10 1607, 1703, ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0876
+CVE-2018-0876 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0875
+CVE-2018-0875 (.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0874
+CVE-2018-0874 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0873
+CVE-2018-0873 (ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0872
+CVE-2018-0872 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0871
+CVE-2018-0871 (An information disclosure vulnerability exists when Edge improperly ma ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0870
+CVE-2018-0870 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0869
+CVE-2018-0869 (SharePoint Server 2016 allows an elevation of privilege vulnerability  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0868
+CVE-2018-0868 (Windows Installer in Microsoft Windows Server 2008 SP2 and R2 SP1, Win ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0867
 	RESERVED
-CVE-2018-0866
+CVE-2018-0866 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and  ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0865
 	RESERVED
-CVE-2018-0864
+CVE-2018-0864 (SharePoint Project Server 2013 and SharePoint Enterprise Server 2016 a ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0863
 	RESERVED
-CVE-2018-0862
+CVE-2018-0862 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0861
+CVE-2018-0861 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0860
+CVE-2018-0860 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0859
+CVE-2018-0859 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0858
+CVE-2018-0858 (ChakraCore allows remote code execution, due to how the ChakraCore scr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0857
+CVE-2018-0857 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0856
+CVE-2018-0856 (Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 al ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0855
+CVE-2018-0855 (The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0854
+CVE-2018-0854 (A security feature bypass vulnerability exists in Windows Scripting Ho ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0853
+CVE-2018-0853 (Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0852
+CVE-2018-0852 (Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outl ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0851
+CVE-2018-0851 (Microsoft Office 2007 SP2, Microsoft Office Word Viewer, Microsoft Off ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0850
+CVE-2018-0850 (Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0849
+CVE-2018-0849 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0848
+CVE-2018-0848 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0847
+CVE-2018-0847 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0846
+CVE-2018-0846 (The Windows Common Log File System (CLFS) driver in Windows 7 SP1, Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0845
+CVE-2018-0845 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0844
+CVE-2018-0844 (The Windows Common Log File System (CLFS) driver in Windows 7 SP1, Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0843
+CVE-2018-0843 (The Windows kernel in Windows 10 version 1709 and Windows Server, vers ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0842
+CVE-2018-0842 (Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0841
+CVE-2018-0841 (Microsoft Office 2016 Click-to-Run allows a remote code execution vuln ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0840
+CVE-2018-0840 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 S ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0839
+CVE-2018-0839 (Microsoft Edge in Microsoft Windows 10 1703 allows information disclos ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0838
+CVE-2018-0838 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0837
+CVE-2018-0837 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0836
+CVE-2018-0836 (Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 al ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0835
+CVE-2018-0835 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0834
+CVE-2018-0834 (Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0833
+CVE-2018-0833 (The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0832
+CVE-2018-0832 (The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2,  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0831
+CVE-2018-0831 (The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0830
+CVE-2018-0830 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0829
+CVE-2018-0829 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0828
+CVE-2018-0828 (Windows 10 version 1607 and Windows Server 2016 allow an elevation of  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0827
+CVE-2018-0827 (Windows Scripting Host (WSH) in Windows 10 versions 1703 and 1709 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0826
+CVE-2018-0826 (Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0825
+CVE-2018-0825 (StructuredQuery in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0824
+CVE-2018-0824 (A remote code execution vulnerability exists in "Microsoft COM for Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0823
+CVE-2018-0823 (The Named Pipe File System in Windows 10 version 1709 and Windows Serv ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0822
+CVE-2018-0822 (NTFS in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 201 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0821
+CVE-2018-0821 (AppContainer in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Se ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0820
+CVE-2018-0820 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0819
+CVE-2018-0819 (Microsoft Office 2016 for Mac allows an attacker to send a specially c ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0818
+CVE-2018-0818 (Microsoft ChakraCore allows an attacker to bypass Control Flow Guard ( ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0817
+CVE-2018-0817 (The Windows Graphics Device Interface (GDI) in Microsoft Windows Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0816
+CVE-2018-0816 (The Windows Graphics Device Interface (GDI) in Microsoft Windows Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0815
+CVE-2018-0815 (The Windows Graphics Device Interface (GDI) in Microsoft Windows Serve ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0814
+CVE-2018-0814 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0813
+CVE-2018-0813 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0812
+CVE-2018-0812 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0811
+CVE-2018-0811 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Wi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0810
+CVE-2018-0810 (The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0809
+CVE-2018-0809 (The Windows kernel in Windows 10, versions 1703 and 1709, and Windows  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0808
+CVE-2018-0808 (ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnera ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0807
+CVE-2018-0807 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0806
+CVE-2018-0806 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0805
+CVE-2018-0805 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0804
+CVE-2018-0804 (Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0803
+CVE-2018-0803 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0802
+CVE-2018-0802 (Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0801
+CVE-2018-0801 (Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0800
+CVE-2018-0800 (Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obta ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0799
+CVE-2018-0799 (Microsoft Access in Microsoft SharePoint Enterprise Server 2013 and Mi ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0798
+CVE-2018-0798 (Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0797
+CVE-2018-0797 (Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 201 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0796
+CVE-2018-0796 (Microsoft Excel in Microsoft Office 2007, Microsoft Office 2010, Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0795
+CVE-2018-0795 (Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 201 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0794
+CVE-2018-0794 (Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Micros ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0793
+CVE-2018-0793 (Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0792
+CVE-2018-0792 (Microsoft Word 2016 in Microsoft Office 2016 allows a remote code exec ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0791
+CVE-2018-0791 (Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0790
+CVE-2018-0790 (Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0789
+CVE-2018-0789 (Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0788
+CVE-2018-0788 (The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0787
+CVE-2018-0787 (ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnera ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0786
+CVE-2018-0786 (Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0785
+CVE-2018-0785 (ASP.NET Core 1.0. 1.1, and 2.0 allow a cross site request forgery vuln ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0784
+CVE-2018-0784 (ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnera ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0783
 	RESERVED
 CVE-2018-0782
 	RESERVED
-CVE-2018-0781
+CVE-2018-0781 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0780
+CVE-2018-0780 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, a ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0779
 	RESERVED
-CVE-2018-0778
+CVE-2018-0778 (Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0777
+CVE-2018-0777 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0776
+CVE-2018-0776 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0775
+CVE-2018-0775 (Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0774
+CVE-2018-0774 (Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0773
+CVE-2018-0773 (Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0772
+CVE-2018-0772 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0771
+CVE-2018-0771 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0770
+CVE-2018-0770 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0769
+CVE-2018-0769 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0768
+CVE-2018-0768 (Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitr ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0767
+CVE-2018-0767 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0766
+CVE-2018-0766 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, a ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0765
+CVE-2018-0765 (A denial of service vulnerability exists when .NET and .NET Core impro ...)
 	NOT-FOR-US: .dotnet CoreFX
 	NOTE: https://github.com/dotnet/announcements/issues/67
 	NOTE: https://github.com/dotnet/corefx/issues/29578
-CVE-2018-0764
+CVE-2018-0764 (Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0763
+CVE-2018-0763 (Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows informatio ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0762
+CVE-2018-0762 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0761
+CVE-2018-0761 (The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0760
+CVE-2018-0760 (The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0759
 	RESERVED
-CVE-2018-0758
+CVE-2018-0758 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0757
+CVE-2018-0757 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0756
+CVE-2018-0756 (The Windows kernel in Windows 10 Gold, 1511, 1607, 1703 and 1709, Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0755
+CVE-2018-0755 (The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0754
+CVE-2018-0754 (The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0753
+CVE-2018-0753 (Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0752
+CVE-2018-0752 (The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0751
+CVE-2018-0751 (The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0750
+CVE-2018-0750 (The Windows GDI component in Windows 7 SP1 and Windows Server 2008 SP2 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0749
+CVE-2018-0749 (The Microsoft Server Message Block (SMB) Server in Windows 7 SP1, Wind ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0748
+CVE-2018-0748 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0747
+CVE-2018-0747 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0746
+CVE-2018-0746 (The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0745
+CVE-2018-0745 (The Windows kernel in Windows 10 version 1703. Windows 10 version 1709 ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0744
+CVE-2018-0744 (The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and  ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0743
+CVE-2018-0743 (Windows Subsystem for Linux in Windows 10 version 1703, Windows 10 ver ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0742
+CVE-2018-0742 (The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows S ...)
 	NOT-FOR-US: Microsoft
-CVE-2018-0741
+CVE-2018-0741 (The Color Management Module (Icm32.dll) in Windows 7 SP1 and Windows S ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-0740
 	REJECTED
-CVE-2018-0739
+CVE-2018-0739 (Constructed ASN.1 types with a recursive definition (such as can be fo ...)
 	{DSA-4158-1 DSA-4157-1 DLA-1330-1}
 	- openssl 1.1.0h-1
 	- openssl1.0 1.0.2o-1
@@ -52089,7 +52089,7 @@ CVE-2018-0739
 	NOTE: https://github.com/libtom/libtomcrypt/pull/373
 CVE-2018-0738
 	REJECTED
-CVE-2018-0737
+CVE-2018-0737 (The OpenSSL RSA Key generation algorithm has been shown to be vulnerab ...)
 	{DSA-4355-1 DSA-4348-1 DLA-1449-1}
 	- openssl 1.1.0h-3 (low; bug #895844)
 	[wheezy] - openssl <postponed> (Can wait for next update)
@@ -52100,14 +52100,14 @@ CVE-2018-0737
 	NOTE: https://eprint.iacr.org/2018/367
 CVE-2018-0736
 	REJECTED
-CVE-2018-0735
+CVE-2018-0735 (The OpenSSL ECDSA signature algorithm has been shown to be vulnerable  ...)
 	{DSA-4348-1 DLA-1586-1}
 	- openssl 1.1.1a-1
 	- openssl1.0 <not-affected> (Vulnerable code never present in 1.0.2 series)
 	NOTE: https://www.openssl.org/news/secadv/20181029.txt
 	NOTE: OpenSSL_1_1_1-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4
 	NOTE: OpenSSL_1_1_0-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=56fb454d281a023b3f950d969693553d3f3ceea1
-CVE-2018-0734
+CVE-2018-0734 (The OpenSSL DSA signature algorithm has been shown to be vulnerable to ...)
 	{DSA-4355-1 DSA-4348-1}
 	- openssl 1.1.1a-1
 	[jessie] - openssl <postponed> (vulnerable code not present, but see note below)
@@ -52121,7 +52121,7 @@ CVE-2018-0734
 	NOTE: introduced this vulnerability. In order to not forget this issue and probably get more
 	NOTE: information about it later, it is marked as <postponed> instead of <not-affected>
 	NOTE: https://git.openssl.org/?p=openssl.git;a=commitdiff;h=b96bebacfe814deb99fb64a3ed2296d95c573600
-CVE-2018-0733
+CVE-2018-0733 (Because of an implementation bug the PA-RISC CRYPTO_memcmp function is ...)
 	- openssl 1.1.0h-1 (unimportant)
 	[stretch] - openssl 1.1.0f-3+deb9u2
 	[jessie] - openssl <not-affected> (vulnerable code not present)
@@ -52129,7 +52129,7 @@ CVE-2018-0733
 	- openssl1.0 <not-affected> (Only affects OpenSSL 1.1.0)
 	NOTE: Issue specific to HP-UX
 	NOTE: https://www.openssl.org/news/secadv/20180327.txt
-CVE-2018-0732
+CVE-2018-0732 (During key agreement in a TLS handshake using a DH(E) based ciphersuit ...)
 	{DSA-4355-1 DSA-4348-1 DLA-1449-1}
 	- openssl 1.1.1-1 (low)
 	- openssl1.0 1.0.2q-1 (low)
@@ -52150,219 +52150,219 @@ CVE-2018-0726
 	RESERVED
 CVE-2018-0725
 	RESERVED
-CVE-2018-0724
+CVE-2018-0724 (Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance ...)
 	NOT-FOR-US: Q'center Virtual Appliance
-CVE-2018-0723
+CVE-2018-0723 (Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance ...)
 	NOT-FOR-US: Q'center Virtual Appliance
-CVE-2018-0722
+CVE-2018-0722 (Path Traversal vulnerability in Photo Station versions: 5.7.2 and earl ...)
 	NOT-FOR-US: QNAP
-CVE-2018-0721
+CVE-2018-0721 (Buffer Overflow vulnerability in QNAP QTS 4.2.6 build 20180711 and ear ...)
 	NOT-FOR-US: QNAP QTS
 CVE-2018-0720
 	RESERVED
-CVE-2018-0719
+CVE-2018-0719 (Cross-site scripting (XSS) vulnerability in QNAP QTS 4.2.6 build 20180 ...)
 	NOT-FOR-US: QNAP QTS
-CVE-2018-0718
+CVE-2018-0718 (Command injection vulnerability in Music Station 5.1.2 and earlier ver ...)
 	NOT-FOR-US: Music Station
 CVE-2018-0717
 	RESERVED
-CVE-2018-0716
+CVE-2018-0716 (Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4. ...)
 	NOT-FOR-US: QNAP
-CVE-2018-0715
+CVE-2018-0715 (Cross-site scripting vulnerability in QNAP Photo Station versions 5.7. ...)
 	NOT-FOR-US: QNAP Photo Station
-CVE-2018-0714
+CVE-2018-0714 (Command injection vulnerability in Helpdesk versions 1.1.21 and earlie ...)
 	NOT-FOR-US: Helpdesk
 CVE-2018-0713
 	RESERVED
-CVE-2018-0712
+CVE-2018-0712 (Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build ...)
 	NOT-FOR-US: QNAP
-CVE-2018-0711
+CVE-2018-0711 (Cross-site scripting (XSS) vulnerability in QNAP QTS 4.3.3 build 20180 ...)
 	NOT-FOR-US: QNAP
-CVE-2018-0710
+CVE-2018-0710 (Command injection vulnerability in SSH of QNAP Q'center Virtual Applia ...)
 	NOT-FOR-US: QNAP
-CVE-2018-0709
+CVE-2018-0709 (Command injection vulnerability in date of QNAP Q'center Virtual Appli ...)
 	NOT-FOR-US: QNAP
-CVE-2018-0708
+CVE-2018-0708 (Command injection vulnerability in networking of QNAP Q'center Virtual ...)
 	NOT-FOR-US: QNAP
-CVE-2018-0707
+CVE-2018-0707 (Command injection vulnerability in change password of QNAP Q'center Vi ...)
 	NOT-FOR-US: QNAP
-CVE-2018-0706
+CVE-2018-0706 (Exposure of Private Information in QNAP Q'center Virtual Appliance ver ...)
 	NOT-FOR-US: QNAP
-CVE-2018-0705
+CVE-2018-0705 (Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allow ...)
 	NOT-FOR-US: Cybozu
-CVE-2018-0704
+CVE-2018-0704 (Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 al ...)
 	NOT-FOR-US: Cybozu
-CVE-2018-0703
+CVE-2018-0703 (Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 al ...)
 	NOT-FOR-US: Cybozu
-CVE-2018-0702
+CVE-2018-0702 (Directory traversal vulnerability in Cybozu Mailwise 5.0.0 to 5.4.5 al ...)
 	NOT-FOR-US: Cybozu
-CVE-2018-0701
+CVE-2018-0701 (BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to 4.31 ...)
 	NOT-FOR-US: BlueStacks App Player
-CVE-2018-0700
+CVE-2018-0700 (YukiWiki 2.1.3 and earlier does not process a particular request prope ...)
 	NOT-FOR-US: YukiWiki
-CVE-2018-0699
+CVE-2018-0699 (Cross-site scripting vulnerability in YukiWiki 2.1.3 and earlier allow ...)
 	NOT-FOR-US: YukiWiki
-CVE-2018-0698
+CVE-2018-0698 (Cross-site scripting vulnerability in GROWI v3.2.3 and earlier allows  ...)
 	NOT-FOR-US: GROWI
-CVE-2018-0697
+CVE-2018-0697 (Cross-site scripting vulnerability in Metabase version 0.29.3 and earl ...)
 	NOT-FOR-US: Metabase
-CVE-2018-0696
+CVE-2018-0696 (OpenAM (Open Source Edition) 13.0 and later does not properly manage s ...)
 	NOT-FOR-US: OpenAM (different from src:openam)
-CVE-2018-0695
+CVE-2018-0695 (Cross-site scripting vulnerability in User-friendly SVN (USVN) Version ...)
 	NOT-FOR-US: User-friendly SVN
-CVE-2018-0694
+CVE-2018-0694 (FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary  ...)
 	NOT-FOR-US: FileZen
-CVE-2018-0693
+CVE-2018-0693 (Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows r ...)
 	NOT-FOR-US: FileZen
-CVE-2018-0692
+CVE-2018-0692 (Untrusted search path vulnerability in Baidu Browser Version 43.23.100 ...)
 	NOT-FOR-US: Baidu
-CVE-2018-0691
+CVE-2018-0691 (Multiple +Message Apps (Softbank +Message App for Android prior to ver ...)
 	NOT-FOR-US: Softbank +Message App for Android
-CVE-2018-0690
+CVE-2018-0690 (An unvalidated software update vulnerability in Music Center for PC ve ...)
 	NOT-FOR-US: Music Center for PC
-CVE-2018-0689
+CVE-2018-0689 (HTTP header injection vulnerability in SEIKO EPSON printers and scanne ...)
 	NOT-FOR-US: SEIKO
-CVE-2018-0688
+CVE-2018-0688 (Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-5 ...)
 	NOT-FOR-US: SEIKO
-CVE-2018-0687
+CVE-2018-0687 (Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. (Denbun  ...)
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0686
+CVE-2018-0686 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, De ...)
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0685
+CVE-2018-0685 (SQL injection vulnerability in the Denbun POP version V3.3P R4.0 and e ...)
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0684
+CVE-2018-0684 (Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R ...)
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0683
+CVE-2018-0683 (Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R ...)
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0682
+CVE-2018-0682 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, De ...)
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0681
+CVE-2018-0681 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, De ...)
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0680
+CVE-2018-0680 (Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, De ...)
 	NOT-FOR-US: NEOJAPAN
-CVE-2018-0679
+CVE-2018-0679 (Cross-site scripting vulnerability in multiple FXC Inc. network device ...)
 	NOT-FOR-US: FXC
-CVE-2018-0678
+CVE-2018-0678 (Buffer overflow in BN-SDWBP3 firmware version 1.0.9 and earlier allows ...)
 	NOT-FOR-US: BN-SDWBP3
-CVE-2018-0677
+CVE-2018-0677 (BN-SDWBP3 firmware version 1.0.9 and earlier allows attacker with admi ...)
 	NOT-FOR-US: BN-SDWBP3
-CVE-2018-0676
+CVE-2018-0676 (BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the ...)
 	NOT-FOR-US: BN-SDWBP3
-CVE-2018-0675
+CVE-2018-0675 (AttacheCase ver.3.3.0.0 and earlier allows an arbitrary script executi ...)
 	NOT-FOR-US: AttacheCase
-CVE-2018-0674
+CVE-2018-0674 (AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script executi ...)
 	NOT-FOR-US: AttacheCase
-CVE-2018-0673
+CVE-2018-0673 (Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 4.6.3 allo ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0672
+CVE-2018-0672 (Cross-site scripting vulnerability in Movable Type versions prior to V ...)
 	- movabletype-opensource <removed>
-CVE-2018-0671
+CVE-2018-0671 (Privilege escalation vulnerability in INplc-RT 3.08 and earlier allows ...)
 	NOT-FOR-US: INplc-RT
-CVE-2018-0670
+CVE-2018-0670 (INplc-RT 3.08 and earlier allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: INplc-RT
-CVE-2018-0669
+CVE-2018-0669 (INplc-RT 3.08 and earlier allows remote attackers to bypass authentica ...)
 	NOT-FOR-US: INplc-RT
-CVE-2018-0668
+CVE-2018-0668 (Buffer overflow in INplc-RT 3.08 and earlier allows remote attackers t ...)
 	NOT-FOR-US: INplc-RT
-CVE-2018-0667
+CVE-2018-0667 (Untrusted search path vulnerability in Installer of INplc SDK Express  ...)
 	NOT-FOR-US: INplc
-CVE-2018-0666
+CVE-2018-0666 (Yamaha routers RT57i Rev.8.00.95 and earlier, RT58i Rev.9.01.51 and ea ...)
 	NOT-FOR-US: Yamaha
-CVE-2018-0665
+CVE-2018-0665 (Yamaha routers RT57i Rev.8.00.95 and earlier, RT58i Rev.9.01.51 and ea ...)
 	NOT-FOR-US: Yamaha
-CVE-2018-0664
+CVE-2018-0664 (A vulnerability in NoMachine App for Android 5.0.63 and earlier allows ...)
 	NOT-FOR-US: NoMachine App for Android
-CVE-2018-0663
+CVE-2018-0663 (Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.0 ...)
 	NOT-FOR-US: I-O DATA network camera products
-CVE-2018-0662
+CVE-2018-0662 (Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.0 ...)
 	NOT-FOR-US: I-O DATA network camera products
-CVE-2018-0661
+CVE-2018-0661 (Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.0 ...)
 	NOT-FOR-US: I-O DATA network camera products
-CVE-2018-0660
+CVE-2018-0660 (Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3 ...)
 	NOT-FOR-US: AttacheCase
-CVE-2018-0659
+CVE-2018-0659 (Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3 ...)
 	NOT-FOR-US: AttacheCase
-CVE-2018-0658
+CVE-2018-0658 (Input validation issue in EC-CUBE Payment Module (2.12) version 3.5.23 ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2018-0657
+CVE-2018-0657 (Cross-site scripting vulnerability in EC-CUBE Payment Module and GMO-P ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2018-0656
+CVE-2018-0656 (Untrusted search path vulnerability in The installer of Digital Paper  ...)
 	NOT-FOR-US: Digital Paper App
-CVE-2018-0655
+CVE-2018-0655 (Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allow ...)
 	NOT-FOR-US: GROWI
-CVE-2018-0654
+CVE-2018-0654 (Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allow ...)
 	NOT-FOR-US: GROWI
-CVE-2018-0653
+CVE-2018-0653 (Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allow ...)
 	NOT-FOR-US: GROWI
-CVE-2018-0652
+CVE-2018-0652 (Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allow ...)
 	NOT-FOR-US: GROWI
-CVE-2018-0651
+CVE-2018-0651 (Buffer overflow in the license management function of YOKOGAWA product ...)
 	NOT-FOR-US: YOKOGAWA
-CVE-2018-0650
+CVE-2018-0650 (The LINE MUSIC for Android version 3.1.0 to versions prior to 3.6.5 do ...)
 	NOT-FOR-US: LINE MUSIC for Android
-CVE-2018-0649
+CVE-2018-0649 (Untrusted search path vulnerability in the installers of multiple Cano ...)
 	NOT-FOR-US: CANON
-CVE-2018-0648
+CVE-2018-0648 (Untrusted search path vulnerability in installer of ChatWork Desktop A ...)
 	NOT-FOR-US: installer of ChatWork Desktop App for Windows
-CVE-2018-0647
+CVE-2018-0647 (Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware  ...)
 	NOT-FOR-US: WL-330NUL Firmware
-CVE-2018-0646
+CVE-2018-0646 (Directory traversal vulnerability in Explzh v.7.58 and earlier allows  ...)
 	NOT-FOR-US: Explzh
-CVE-2018-0645
+CVE-2018-0645 (MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via uns ...)
 	NOT-FOR-US: MTAppjQuery
-CVE-2018-0644
+CVE-2018-0644 (Buffer overflow in Ubuntu14.04 ORCA (Online Receipt Computer Advantage ...)
 	NOT-FOR-US: ORCA (Online Receipt Computer Advantage)
-CVE-2018-0643
+CVE-2018-0643 (Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-serv ...)
 	NOT-FOR-US: ORCA (Online Receipt Computer Advantage)
-CVE-2018-0642
+CVE-2018-0642 (Cross-site scripting vulnerability in FV Flowplayer Video Player 6.1.2 ...)
 	NOT-FOR-US: FV Flowplayer Video Player
-CVE-2018-0641
+CVE-2018-0641 (Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker  ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0640
+CVE-2018-0640 (Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker  ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0639
+CVE-2018-0639 (Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator  ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0638
+CVE-2018-0638 (Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator  ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0637
+CVE-2018-0637 (Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator  ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0636
+CVE-2018-0636 (Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator  ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0635
+CVE-2018-0635 (Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator  ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0634
+CVE-2018-0634 (Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator  ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0633
+CVE-2018-0633 (Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker w ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0632
+CVE-2018-0632 (Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker w ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0631
+CVE-2018-0631 (Aterm W300P Ver1.0.13 and earlier allows attacker with administrator r ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0630
+CVE-2018-0630 (Aterm W300P Ver1.0.13 and earlier allows attacker with administrator r ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0629
+CVE-2018-0629 (Aterm W300P Ver1.0.13 and earlier allows attacker with administrator r ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0628
+CVE-2018-0628 (Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with adm ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0627
+CVE-2018-0627 (Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with adm ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0626
+CVE-2018-0626 (Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with adm ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0625
+CVE-2018-0625 (Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with adm ...)
 	NOT-FOR-US: Aterm
-CVE-2018-0624
+CVE-2018-0624 (Untrusted search path vulnerability in Multiple Yayoi 17 Series produc ...)
 	NOT-FOR-US: Yayoi
-CVE-2018-0623
+CVE-2018-0623 (Untrusted search path vulnerability in Multiple Yayoi 17 Series produc ...)
 	NOT-FOR-US: Yayoi
-CVE-2018-0622
+CVE-2018-0622 (The DHC Online Shop App for Android version 3.2.0 and earlier does not ...)
 	NOT-FOR-US: DHC Online Shop App for Android
-CVE-2018-0621
+CVE-2018-0621 (Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOF ...)
 	NOT-FOR-US: LOGICOOL
-CVE-2018-0620
+CVE-2018-0620 (Untrusted search path vulnerability in LOGICOOL Game Software versions ...)
 	NOT-FOR-US: LOGICOOL
-CVE-2018-0619
+CVE-2018-0619 (Untrusted search path vulnerability in the installer of Glarysoft Glar ...)
 	NOT-FOR-US: Glarysoft
-CVE-2018-0618
+CVE-2018-0618 (Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allow ...)
 	{DSA-4246-1 DLA-1442-1}
 	- mailman 1:2.1.27-1
 	NOTE: https://mail.python.org/pipermail/mailman-announce/2018-June/000236.html
@@ -52371,307 +52371,307 @@ CVE-2018-0618
 	NOTE: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1754
 	NOTE: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1783
 	NOTE: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1785
-CVE-2018-0617
+CVE-2018-0617 (Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to v2.22 ...)
 	NOT-FOR-US: ChamaNet MemoCGI
 CVE-2018-0616
 	RESERVED
 CVE-2018-0615
 	RESERVED
-CVE-2018-0614
+CVE-2018-0614 (Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and CS ...)
 	NOT-FOR-US: NEC
-CVE-2018-0613
+CVE-2018-0613 (NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 an ...)
 	NOT-FOR-US: NEC
-CVE-2018-0612
+CVE-2018-0612 (Cross-site scripting vulnerability in 5000 trillion yen converter v1.0 ...)
 	NOT-FOR-US: 5000 trillion yen converter
-CVE-2018-0611
+CVE-2018-0611 (The ANA App for iOS version 4.0.22 and earlier does not verify X.509 c ...)
 	NOT-FOR-US: ANA App
-CVE-2018-0610
+CVE-2018-0610 (Local file inclusion vulnerability in Zenphoto 1.4.14 and earlier allo ...)
 	NOT-FOR-US: Zenphoto
-CVE-2018-0609
+CVE-2018-0609 (Untrusted search path vulnerability in LINE for Windows versions befor ...)
 	NOT-FOR-US: LINE
-CVE-2018-0608
+CVE-2018-0608 (Buffer overflow in H2O version 2.2.4 and earlier allows remote attacke ...)
 	- h2o 2.2.5+dfsg1-1
 	NOTE: https://github.com/h2o/h2o/issues/1775
-CVE-2018-0607
+CVE-2018-0607 (SQL injection vulnerability in the Notifications application in the Cy ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0606
+CVE-2018-0606 (SQL injection vulnerability in the Pixelpost v1.7.3 and earlier allows ...)
 	NOT-FOR-US: Pixelpost
-CVE-2018-0605
+CVE-2018-0605 (Cross-site scripting vulnerability in Pixelpost v1.7.3 and earlier all ...)
 	NOT-FOR-US: Pixelpost
-CVE-2018-0604
+CVE-2018-0604 (Pixelpost v1.7.3 and earlier allows remote code execution via unspecif ...)
 	NOT-FOR-US: Pixelpost
-CVE-2018-0603
+CVE-2018-0603 (Cross-site scripting vulnerability in Site Reviews versions prior to 2 ...)
 	NOT-FOR-US: Site Reviews
-CVE-2018-0602
+CVE-2018-0602 (Cross-site scripting vulnerability in Email Subscribers &amp; Newslett ...)
 	NOT-FOR-US: Email Subscribers & Newsletters
-CVE-2018-0601
+CVE-2018-0601 (Untrusted search path vulnerability in axpdfium v0.01 allows an attack ...)
 	NOT-FOR-US: axpdfium
-CVE-2018-0600
+CVE-2018-0600 (Untrusted search path vulnerability in the installer of PlayMemories H ...)
 	NOT-FOR-US: PlayMemories
-CVE-2018-0599
+CVE-2018-0599 (Untrusted search path vulnerability in the installer of Visual C++ Red ...)
 	NOT-FOR-US: Visual C++
-CVE-2018-0598
+CVE-2018-0598 (Untrusted search path vulnerability in Self-extracting archive files c ...)
 	NOT-FOR-US: IExpress
-CVE-2018-0597
+CVE-2018-0597 (Untrusted search path vulnerability in the installer of Visual Studio  ...)
 	NOT-FOR-US: Visual Studio
-CVE-2018-0596
+CVE-2018-0596 (Untrusted search path vulnerability in the installer of Visual Studio  ...)
 	NOT-FOR-US: Visual Studio
-CVE-2018-0595
+CVE-2018-0595 (Untrusted search path vulnerability in the installer of Skype for Wind ...)
 	NOT-FOR-US: Skype
-CVE-2018-0594
+CVE-2018-0594 (Untrusted search path vulnerability in Skype for Windows allows an att ...)
 	NOT-FOR-US: Skype
-CVE-2018-0593
+CVE-2018-0593 (Untrusted search path vulnerability in the installer of Microsoft OneD ...)
 	NOT-FOR-US: OneDrive
-CVE-2018-0592
+CVE-2018-0592 (Untrusted search path vulnerability in Microsoft OneDrive allows an at ...)
 	NOT-FOR-US: OneDrive
-CVE-2018-0591
+CVE-2018-0591 (The KINEPASS App for Android Ver 3.1.1 and earlier, and for iOS Ver 3. ...)
 	NOT-FOR-US: KINEPASS
-CVE-2018-0590
+CVE-2018-0590 (Ultimate Member plugin prior to version 2.0.4 for WordPress allows rem ...)
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2018-0589
+CVE-2018-0589 (Ultimate Member plugin prior to version 2.0.4 for WordPress allows rem ...)
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2018-0588
+CVE-2018-0588 (Directory traversal vulnerability in the AJAX function of Ultimate Mem ...)
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2018-0587
+CVE-2018-0587 (Unrestricted file upload vulnerability in Ultimate Member plugin prior ...)
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2018-0586
+CVE-2018-0586 (Directory traversal vulnerability in the shortcodes function of Ultima ...)
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2018-0585
+CVE-2018-0585 (Cross-site scripting vulnerability in Ultimate Member plugin prior to  ...)
 	NOT-FOR-US: WordPress plugin ultimate-member
-CVE-2018-0584
+CVE-2018-0584 (IIJ SmartKey App for Android version 2.1.0 and earlier allows remote a ...)
 	NOT-FOR-US: IIJ SmartKey
-CVE-2018-0583
+CVE-2018-0583 (Cross-site scripting vulnerability in ASUS RT-AC1200HP Firmware versio ...)
 	NOT-FOR-US: ASUS
-CVE-2018-0582
+CVE-2018-0582 (Cross-site scripting vulnerability in ASUS RT-AC68U Firmware version p ...)
 	NOT-FOR-US: ASUS
-CVE-2018-0581
+CVE-2018-0581 (Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version p ...)
 	NOT-FOR-US: ASUS
-CVE-2018-0580
+CVE-2018-0580 (Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series  ...)
 	NOT-FOR-US: CELSYS
-CVE-2018-0579
+CVE-2018-0579 (Cross-site scripting vulnerability in Open Graph for Facebook, Google+ ...)
 	NOT-FOR-US: WordPress plugin wonderm00ns-simple-facebook-open-graph-tags
-CVE-2018-0578
+CVE-2018-0578 (Cross-site scripting vulnerability in PixelYourSite plugin prior to ve ...)
 	NOT-FOR-US: WordPress plugin pixelyoursite
-CVE-2018-0577
+CVE-2018-0577 (Cross-site scripting vulnerability in WP Google Map Plugin prior to ve ...)
 	NOT-FOR-US: WordPress plugin wp-google-map-plugin
-CVE-2018-0576
+CVE-2018-0576 (Cross-site scripting vulnerability in Events Manager plugin prior to v ...)
 	NOT-FOR-US: WordPress plugin events-manager
-CVE-2018-0575
+CVE-2018-0575 (baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and e ...)
 	NOT-FOR-US: baserCMS
-CVE-2018-0574
+CVE-2018-0574 (Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and e ...)
 	NOT-FOR-US: baserCMS
-CVE-2018-0573
+CVE-2018-0573 (baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and e ...)
 	NOT-FOR-US: baserCMS
-CVE-2018-0572
+CVE-2018-0572 (baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and e ...)
 	NOT-FOR-US: baserCMS
-CVE-2018-0571
+CVE-2018-0571 (baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and e ...)
 	NOT-FOR-US: baserCMS
-CVE-2018-0570
+CVE-2018-0570 (Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and e ...)
 	NOT-FOR-US: baserCMS
-CVE-2018-0569
+CVE-2018-0569 (baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and e ...)
 	NOT-FOR-US: baserCMS
-CVE-2018-0568
+CVE-2018-0568 (Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ve ...)
 	NOT-FOR-US: Joruri Gw
-CVE-2018-0567
+CVE-2018-0567 (Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypas ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0566
+CVE-2018-0566 (Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypas ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0565
+CVE-2018-0565 (Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 a ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0564
+CVE-2018-0564 (Session fixation vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0. ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2018-0563
+CVE-2018-0563 (Untrusted search path vulnerability in the installer of FLET'S VIRUS C ...)
 	NOT-FOR-US: FLET
-CVE-2018-0562
+CVE-2018-0562 (Untrusted search path vulnerability in Installer of SoundEngine Free v ...)
 	NOT-FOR-US: Installer of SoundEngine Free
-CVE-2018-0561
+CVE-2018-0561 (Untrusted search path vulnerability in The installer of PhishWall Clie ...)
 	NOT-FOR-US: Installer of PhishWall Client Internet Explorer
-CVE-2018-0560
+CVE-2018-0560 (Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attacker ...)
 	NOT-FOR-US: Hatena Bookmark App for iOS
-CVE-2018-0559
+CVE-2018-0559 (Cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 a ...)
 	NOT-FOR-US: Cybozu Mailwise
-CVE-2018-0558
+CVE-2018-0558 (Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0  ...)
 	NOT-FOR-US: Cybozu Mailwise
-CVE-2018-0557
+CVE-2018-0557 (Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to  ...)
 	NOT-FOR-US: Cybozu Mailwise
-CVE-2018-0556
+CVE-2018-0556 (Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execut ...)
 	NOT-FOR-US: Buffalo WZR-1750DHP2
-CVE-2018-0555
+CVE-2018-0555 (Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an ...)
 	NOT-FOR-US: Buffalo WZR-1750DHP2
-CVE-2018-0554
+CVE-2018-0554 (Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass ...)
 	NOT-FOR-US: Buffalo WZR-1750DHP2
-CVE-2018-0553
+CVE-2018-0553 (The iRemoconWiFi App for Android version 4.1.7 and earlier does not ve ...)
 	NOT-FOR-US: iRemoconWiFi App for Android
-CVE-2018-0552
+CVE-2018-0552 (Untrusted search path vulnerability in The installer of PhishWall Clie ...)
 	NOT-FOR-US: installer of PhishWall Client (Firefox and Chrome edition for Windows)
-CVE-2018-0551
+CVE-2018-0551 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 all ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0550
+CVE-2018-0550 (Cybozu Garoon 3.5.0 to 4.6.1 allows remote authenticated attackers to  ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0549
+CVE-2018-0549 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 all ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0548
+CVE-2018-0548 (Cybozu Garoon 4.0.0 to 4.6.0 allows remote authenticated attackers to  ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0547
+CVE-2018-0547 (Cross-site scripting vulnerability in WP All Import plugin prior to ve ...)
 	NOT-FOR-US: WP All Import plugin for WordPress
-CVE-2018-0546
+CVE-2018-0546 (Cross-site scripting vulnerability in WP All Import plugin prior to ve ...)
 	NOT-FOR-US: WP All Import plugin for WordPress
-CVE-2018-0545
+CVE-2018-0545 (LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: LXR
-CVE-2018-0544
+CVE-2018-0544 (Untrusted search path vulnerability in WinShot 1.53a and earlier (Inst ...)
 	NOT-FOR-US: WinShot
-CVE-2018-0543
+CVE-2018-0543 (Untrusted search path vulnerability in Jtrim 1.53c and earlier (Instal ...)
 	NOT-FOR-US: Jtrim installer
-CVE-2018-0542
+CVE-2018-0542 (Directory traversal vulnerability in WebProxy version 1.7.8 allows an  ...)
 	NOT-FOR-US: WebProxy (some software released by LunarLight)
-CVE-2018-0541
+CVE-2018-0541 (Buffer overflow in Tiny FTP Daemon Ver0.52d allows an attacker to caus ...)
 	NOT-FOR-US: Tiny FTP Daemon
-CVE-2018-0540
+CVE-2018-0540 (Untrusted search path vulnerability in ViX version 2.21.148.0 allows a ...)
 	NOT-FOR-US: ViX
-CVE-2018-0539
+CVE-2018-0539 (QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary comma ...)
 	NOT-FOR-US: QQQ SYSTEMS
-CVE-2018-0538
+CVE-2018-0538 (Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an at ...)
 	NOT-FOR-US: QQQ SYSTEMS
-CVE-2018-0537
+CVE-2018-0537 (Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an at ...)
 	NOT-FOR-US: QQQ SYSTEMS
-CVE-2018-0536
+CVE-2018-0536 (Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an at ...)
 	NOT-FOR-US: QQQ SYSTEMS
-CVE-2018-0535
+CVE-2018-0535 (Cross-site scripting vulnerability in PHP 2chBBS version bbs18c allows ...)
 	NOT-FOR-US: PHP 2chBBS
-CVE-2018-0534
+CVE-2018-0534 (Cross-site scripting vulnerability in ArsenoL Version 0.5 allows an at ...)
 	NOT-FOR-US: ArsenoL
-CVE-2018-0533
+CVE-2018-0533 (Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to  ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0532
+CVE-2018-0532 (Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to  ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0531
+CVE-2018-0531 (Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to  ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0530
+CVE-2018-0530 (SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2018-0529
+CVE-2018-0529 (Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a deni ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0528
+CVE-2018-0528 (Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypas ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0527
+CVE-2018-0527 (Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 a ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0526
+CVE-2018-0526 (Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an im ...)
 	NOT-FOR-US: Cybozu Office
-CVE-2018-0525
+CVE-2018-0525 (Directory traversal vulnerability in Jubatus 1.0.2 and earlier allows  ...)
 	- jubatus <itp> (bug #704100)
-CVE-2018-0524
+CVE-2018-0524 (Jubatus 1.0.2 and earlier allows remote code execution via unspecified ...)
 	- jubatus <itp> (bug #704100)
-CVE-2018-0523
+CVE-2018-0523 (Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker  ...)
 	NOT-FOR-US: Buffalo
-CVE-2018-0522
+CVE-2018-0522 (Buffer overflow in Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier  ...)
 	NOT-FOR-US: Buffalo
-CVE-2018-0521
+CVE-2018-0521 (Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker  ...)
 	NOT-FOR-US: Buffalo
-CVE-2018-0520
+CVE-2018-0520 (Cross-site request forgery (CSRF) vulnerability in FS010W firmware FS0 ...)
 	NOT-FOR-US: FS010W firmware
-CVE-2018-0519
+CVE-2018-0519 (Cross-site scripting vulnerability in FS010W firmware FS010W_00_V1.3.0 ...)
 	NOT-FOR-US: FS010W firmware
-CVE-2018-0518
+CVE-2018-0518 (LINE for iOS version 7.1.3 to 7.1.5 does not verify X.509 certificates ...)
 	NOT-FOR-US: LINE for iOS
-CVE-2018-0517
+CVE-2018-0517 (Untrusted search path vulnerability in Anshin net security for Windows ...)
 	NOT-FOR-US: Anshin net security for Windows
-CVE-2018-0516
+CVE-2018-0516 (Untrusted search path vulnerability in FLET'S v4 / v6 address selectio ...)
 	NOT-FOR-US: FLET'S v4 / v6 address selection tool
-CVE-2018-0515
+CVE-2018-0515 (Untrusted search path vulnerability in "FLET'S Azukeru Backup Tool" ve ...)
 	NOT-FOR-US: FLET'S Azukeru Backup Tool
-CVE-2018-0514
+CVE-2018-0514 (MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remot ...)
 	NOT-FOR-US: MP Form Mail CGI eCommerce Edition
-CVE-2018-0513
+CVE-2018-0513 (Cross-site scripting vulnerability in MTS Simple Booking C, MTS Simple ...)
 	NOT-FOR-US: MTS Simple Booking
-CVE-2018-0512
+CVE-2018-0512 (Devices with IP address setting tool "MagicalFinder" provided by I-O D ...)
 	NOT-FOR-US: IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC.
-CVE-2018-0511
+CVE-2018-0511 (Cross-site scripting vulnerability in WP Retina 2x prior to version 5. ...)
 	NOT-FOR-US: WP Retina
-CVE-2018-0510
+CVE-2018-0510 (Buffer overflow in epg search result viewer (kkcald) 0.7.19 and earlie ...)
 	NOT-FOR-US: kkcal
-CVE-2018-0509
+CVE-2018-0509 (Cross-site request forgery (CSRF) vulnerability in epg search result v ...)
 	NOT-FOR-US: kkcal
-CVE-2018-0508
+CVE-2018-0508 (Cross-site scripting vulnerability in epg search result viewer (kkcald ...)
 	NOT-FOR-US: kkcal
-CVE-2018-0507
+CVE-2018-0507 (Untrusted search path vulnerability in FLET'S VIRUS CLEAR Easy Setup & ...)
 	NOT-FOR-US: FLET'S VIRUS CLEAR
-CVE-2018-0506
+CVE-2018-0506 (Nootka 1.4.4 and earlier allows remote attackers to execute arbitrary  ...)
 	NOT-FOR-US: Nootka
-CVE-2018-0505
+CVE-2018-0505 (Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a fla ...)
 	{DSA-4301-1}
 	- mediawiki 1:1.31.1-1
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
 	NOTE: https://phabricator.wikimedia.org/T194605
-CVE-2018-0504
+CVE-2018-0504 (Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an in ...)
 	{DSA-4301-1}
 	- mediawiki 1:1.31.1-1
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
 	NOTE: https://phabricator.wikimedia.org/T187638
-CVE-2018-0503
+CVE-2018-0503 (Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a fla ...)
 	{DSA-4301-1}
 	- mediawiki 1:1.31.1-1
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
 	NOTE: https://phabricator.wikimedia.org/T169545
-CVE-2018-0502
+CVE-2018-0502 (An issue was discovered in zsh before 5.6. The beginning of a #! scrip ...)
 	- zsh 5.6-1 (bug #908000)
 	[stretch] - zsh <no-dsa> (Minor issue)
 	[jessie] - zsh <no-dsa> (Minor issue)
 	NOTE: https://www.zsh.org/mla/zsh-announce/136
 	NOTE: https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d
-CVE-2018-0501
+CVE-2018-0501 (The mirror:// method implementation in Advanced Package Tool (APT) 1.6 ...)
 	- apt 1.6.4
 	[stretch] - apt <not-affected> (Vulnerable code introduced in 1.6~alpha6)
 	[jessie] - apt <not-affected> (Vulnerable code introduced in 1.6~alpha6)
 	NOTE: https://mirror.fail/
-CVE-2018-0500
+CVE-2018-0500 (Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including cur ...)
 	- curl 7.61.0-1 (bug #903546)
 	[stretch] - curl <not-affected> (Only affects 7.54.1 to 7.60.0)
 	[jessie] - curl <not-affected> (Only affects 7.54.1 to 7.60.0)
 	NOTE: https://curl.haxx.se/docs/adv_2018-70a2.html
-CVE-2018-0499
+CVE-2018-0499 (A cross-site scripting vulnerability in queryparser/termgenerator_inte ...)
 	- xapian-core 1.4.6-1 (bug #902886)
 	[stretch] - xapian-core 1.4.3-2+deb9u1
 	[jessie] - xapian-core <not-affected> (vulnerable code not present)
 	NOTE: https://lists.xapian.org/pipermail/xapian-discuss/2018-July/009652.html
-CVE-2018-0498
+CVE-2018-0498 (ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows loc ...)
 	{DSA-4296-1 DLA-1518-1}
 	- mbedtls 2.12.0-1 (bug #904821)
 	- polarssl <removed>
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02
-CVE-2018-0497
+CVE-2018-0497 (ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows rem ...)
 	{DSA-4296-1 DLA-1518-1}
 	- mbedtls 2.12.0-1 (bug #904821)
 	- polarssl <removed>
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02
-CVE-2018-0496
+CVE-2018-0496 (Directory traversal issues in the D-Mod extractor in DFArc and DFArc2  ...)
 	{DLA-1686-1}
 	- freedink-dfarc 3.14-1
 	[stretch] - freedink-dfarc 3.12-1+deb9u1
 	NOTE: https://savannah.gnu.org/forum/forum.php?forum_id=9169
 	NOTE: https://git.savannah.gnu.org/cgit/freedink/dfarc.git/commit/?id=40cc957f52e772f45125126439ba9333cf2d2998
-CVE-2018-0495
+CVE-2018-0495 (Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache s ...)
 	{DSA-4231-1 DLA-1405-1}
 	- libgcrypt20 1.8.3-1
 	NOTE: https://dev.gnupg.org/T4011
 	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=9010d1576e278a4274ad3f4aa15776c28f6ba965
-CVE-2018-0494
+CVE-2018-0494 (GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in ...)
 	{DSA-4195-1 DLA-1375-1}
 	- wget 1.19.5-1 (bug #898076)
 	NOTE: https://lists.gnu.org/archive/html/bug-wget/2018-05/msg00020.html
 	NOTE: https://savannah.gnu.org/bugs/?53763
 	NOTE: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=1fc9c95ec144499e69dc8ec76dbe07799d7d82cd
 	NOTE: https://sintonen.fi/advisories/gnu-wget-cookie-injection.txt
-CVE-2018-0493
+CVE-2018-0493 (remctld in remctl before 3.14, when an attacker is authorized to execu ...)
 	{DSA-4159-1}
 	- remctl 3.14-1
 	[jessie] - remctl <not-affected> (Affected code introduced in 3.12)
 	[wheezy] - remctl <not-affected> (Affected code introduced in 3.12)
 	NOTE: https://www.eyrie.org/~eagle/software/remctl/security/2018-04-01.html
 	NOTE: https://git.eyrie.org/?p=kerberos/remctl.git;a=commitdiff;h=e2b34e086f199b39f8ea36dd621684003835d172
-CVE-2018-0492
+CVE-2018-0492 (Johnathan Nightingale beep through 1.3.4, if setuid, has a race condit ...)
 	{DSA-4163-1 DLA-1338-1}
 	- beep 1.3-5 (bug #894667)
 	NOTE: https://github.com/johnath/beep/issues/11
-CVE-2018-0491
+CVE-2018-0491 (A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10.  ...)
 	- tor 0.3.2.10-1
 	[stretch] - tor <not-affected> (Only affects tor 0.3.2.x series and later)
 	[jessie] - tor <not-affected> (Only affects tor 0.3.2.x series and later)
@@ -52680,7 +52680,7 @@ CVE-2018-0491
 	NOTE: https://trac.torproject.org/projects/tor/ticket/24700
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-dos-prevention-03210-03110-02915
 	NOTE: https://gitweb.torproject.org/tor.git/commit/?id=adaf3e9b89f62d68ab631b8f672d9bff996689b9
-CVE-2018-0490
+CVE-2018-0490 (An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.1 ...)
 	{DSA-4183-1}
 	- tor 0.3.2.10-1
 	[jessie] - tor <not-affected> (Vulnerable code introduced after tor-0.2.9.4-alpha)
@@ -52688,14 +52688,14 @@ CVE-2018-0490
 	NOTE: https://trac.torproject.org/projects/tor/ticket/25074
 	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-dos-prevention-03210-03110-02915
 	NOTE: https://gitweb.torproject.org/tor.git/commit/?id=65f2eec694f18a64291cc85317b9f22dacc1d8e4
-CVE-2018-0489
+CVE-2018-0489 (Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Pr ...)
 	{DSA-4126-1 DLA-1296-1}
 	- xmltooling 1.6.4-1
 	NOTE: https://shibboleth.net/community/advisories/secadv_20180227.txt
 	NOTE: https://issues.shibboleth.net/jira/browse/CPPXT-128
 	NOTE: https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
 	NOTE: https://www.kb.cert.org/vuls/id/475445
-CVE-2018-0488
+CVE-2018-0488 (ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the  ...)
 	{DSA-4147-1 DSA-4138-1}
 	- mbedtls 2.7.0-2 (bug #890287)
 	- polarssl <removed>
@@ -52703,14 +52703,14 @@ CVE-2018-0488
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/992b6872f3ca717282ae367749a47f006d337a87
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/464147cadc694379b7717afb7b517fe05cdb323f
-CVE-2018-0487
+CVE-2018-0487 (ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows rem ...)
 	{DSA-4147-1 DSA-4138-1}
 	- mbedtls 2.7.0-2 (bug #890288)
 	- polarssl <removed>
 	[wheezy] - polarssl <not-affected> (according to the upstream advisory < 1.3.7 not affected)
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/28a0c727957990ac655cbe40c7eb20b7ef01167d
-CVE-2018-0486
+CVE-2018-0486 (Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Pr ...)
 	{DSA-4085-1 DLA-1242-1}
 	- xmltooling 1.6.3-1
 	[stretch] - xmltooling 1.6.0-4+deb9u1
@@ -52719,579 +52719,579 @@ CVE-2018-0486
 	NOTE: disallow DTD use.
 	NOTE: https://issues.shibboleth.net/jira/browse/CPPXT-127
 	NOTE: https://git.shibboleth.net/view/?p=cpp-xmltooling.git;a=commit;h=a02314e96d6746d29c5697b504d37f2e04a6e6cd
-CVE-2018-0485
+CVE-2018-0485 (A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation I ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0484
+CVE-2018-0484 (A vulnerability in the access control logic of the Secure Shell (SSH)  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0483
+CVE-2018-0483 (A vulnerability in Cisco Jabber Client Framework (JCF) could allow an  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0482
+CVE-2018-0482 (A vulnerability in the web-based management interface of Cisco Prime N ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0481
+CVE-2018-0481 (A vulnerability in the CLI parser of Cisco IOS XE Software could allow ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0480
+CVE-2018-0480 (A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Sof ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0479
 	RESERVED
 CVE-2018-0478
 	RESERVED
-CVE-2018-0477
+CVE-2018-0477 (A vulnerability in the CLI parser of Cisco IOS XE Software could allow ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0476
+CVE-2018-0476 (A vulnerability in the Network Address Translation (NAT) Session Initi ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0475
+CVE-2018-0475 (A vulnerability in the implementation of the cluster feature of Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0474
+CVE-2018-0474 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0473
+CVE-2018-0473 (A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0472
+CVE-2018-0472 (A vulnerability in the IPsec driver code of multiple Cisco IOS XE Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0471
+CVE-2018-0471 (A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0470
+CVE-2018-0470 (A vulnerability in the web framework of Cisco IOS XE Software could al ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0469
+CVE-2018-0469 (A vulnerability in the web user interface of Cisco IOS XE Software cou ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0468
+CVE-2018-0468 (A vulnerability in the configuration of a local database installed as  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0467
+CVE-2018-0467 (A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE So ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0466
+CVE-2018-0466 (A vulnerability in the Open Shortest Path First version 3 (OSPFv3) imp ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0465
+CVE-2018-0465 (A vulnerability in the web-based management interface of Cisco Small B ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0464
+CVE-2018-0464 (A vulnerability in Cisco Data Center Network Manager software could al ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0463
+CVE-2018-0463 (A vulnerability in the Cisco Network Plug and Play server component of ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0462
+CVE-2018-0462 (A vulnerability in the user management functionality of Cisco Enterpri ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0461
+CVE-2018-0461 (A vulnerability in the Cisco IP Phone 8800 Series Software could allow ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0460
+CVE-2018-0460 (A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0459
+CVE-2018-0459 (A vulnerability in the web-based management interface of Cisco Enterpr ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0458
+CVE-2018-0458 (A vulnerability in the web-based management interface of Cisco Prime C ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0457
+CVE-2018-0457 (A vulnerability in the Cisco Webex Player for Webex Recording Format ( ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0456
+CVE-2018-0456 (A vulnerability in the Simple Network Management Protocol (SNMP) input ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0455
+CVE-2018-0455 (A vulnerability in the Server Message Block Version 2 (SMBv2) and Vers ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0454
+CVE-2018-0454 (A vulnerability in the web-based management interface of Cisco Cloud S ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0453
+CVE-2018-0453 (A vulnerability in the Sourcefire tunnel control channel protocol in C ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0452
+CVE-2018-0452 (A vulnerability in the web-based management interface of Cisco Tetrati ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0451
+CVE-2018-0451 (A vulnerability in the web-based management interface of Cisco Tetrati ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0450
+CVE-2018-0450 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0449
+CVE-2018-0449 (A vulnerability in the Cisco Jabber Client Framework (JCF) software, i ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0448
+CVE-2018-0448 (A vulnerability in the identity management service of Cisco Digital Ne ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0447
+CVE-2018-0447 (A vulnerability in the anti-spam protection mechanisms of Cisco AsyncO ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0446
+CVE-2018-0446 (A vulnerability in the web-based management interface of Cisco Industr ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0445
+CVE-2018-0445 (A vulnerability in the web-based management interface of Cisco Package ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0444
+CVE-2018-0444 (A vulnerability in the web-based management interface of Cisco Package ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0443
+CVE-2018-0443 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0442
+CVE-2018-0442 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0441
+CVE-2018-0441 (A vulnerability in the 802.11r Fast Transition feature set of Cisco IO ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0440
+CVE-2018-0440 (A vulnerability in the web interface of Cisco Data Center Network Mana ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0439
+CVE-2018-0439 (A vulnerability in the web-based management interface of Cisco Meeting ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0438
+CVE-2018-0438 (A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC)  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0437
+CVE-2018-0437 (A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC)  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0436
+CVE-2018-0436 (A vulnerability in Cisco Webex Teams, formerly Cisco Spark, could allo ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0435
+CVE-2018-0435 (A vulnerability in the Cisco Umbrella API could allow an authenticated ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0434
+CVE-2018-0434 (A vulnerability in the Zero Touch Provisioning feature of the Cisco SD ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0433
+CVE-2018-0433 (A vulnerability in the command-line interface (CLI) in the Cisco SD-WA ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0432
+CVE-2018-0432 (A vulnerability in the error reporting feature of the Cisco SD-WAN Sol ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0431
+CVE-2018-0431 (A vulnerability in the web-based management interface of Cisco Integra ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0430
+CVE-2018-0430 (A vulnerability in the web-based management interface of Cisco Integra ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0429
+CVE-2018-0429 (Stack-based buffer overflow in the Cisco Thor decoder before commit 18 ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0428
+CVE-2018-0428 (A vulnerability in the account management subsystem of Cisco Web Secur ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0427
+CVE-2018-0427 (A vulnerability in the CronJob scheduler API of Cisco Digital Network  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0426
+CVE-2018-0426 (A vulnerability in the web-based management interface of the Cisco RV1 ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0425
+CVE-2018-0425 (A vulnerability in the web-based management interface of the Cisco RV1 ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0424
+CVE-2018-0424 (A vulnerability in the web-based management interface of the Cisco RV1 ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0423
+CVE-2018-0423 (A vulnerability in the web-based management interface of the Cisco RV1 ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0422
+CVE-2018-0422 (A vulnerability in the folder permissions of Cisco Webex Meetings clie ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0421
+CVE-2018-0421 (A vulnerability in TCP connection management in Cisco Prime Access Reg ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0420
+CVE-2018-0420 (A vulnerability in the web-based interface of Cisco Wireless LAN Contr ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0419
+CVE-2018-0419 (A vulnerability in certain attachment detection mechanisms of Cisco Em ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0418
+CVE-2018-0418 (A vulnerability in the Local Packet Transport Services (LPTS) feature  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0417
+CVE-2018-0417 (A vulnerability in TACACS authentication with Cisco Wireless LAN Contr ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0416
+CVE-2018-0416 (A vulnerability in the web-based interface of Cisco Wireless LAN Contr ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0415
+CVE-2018-0415 (A vulnerability in the implementation of Extensible Authentication Pro ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0414
+CVE-2018-0414 (A vulnerability in the web-based UI of Cisco Secure Access Control Ser ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0413
+CVE-2018-0413 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0412
+CVE-2018-0412 (A vulnerability in the implementation of Extensible Authentication Pro ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0411
+CVE-2018-0411 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0410
+CVE-2018-0410 (A vulnerability in the web proxy functionality of Cisco AsyncOS Softwa ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0409
+CVE-2018-0409 (A vulnerability in the XCP Router service of the Cisco Unified Communi ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0408
+CVE-2018-0408 (A vulnerability in the web-based management interface of Cisco Small B ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0407
+CVE-2018-0407 (A vulnerability in the web-based management interface of Cisco Small B ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0406
+CVE-2018-0406 (A vulnerability in the web-based management interface of Cisco Web Sec ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0405
+CVE-2018-0405 (A vulnerability in the web framework code for Cisco RV180W Wireless-N  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0404
+CVE-2018-0404 (A vulnerability in the web framework code for Cisco RV180W Wireless-N  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0403
+CVE-2018-0403 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0402
+CVE-2018-0402 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0401
+CVE-2018-0401 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0400
+CVE-2018-0400 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0399
+CVE-2018-0399 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0398
+CVE-2018-0398 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0397
+CVE-2018-0397 (A vulnerability in Cisco AMP for Endpoints Mac Connector Software inst ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0396
+CVE-2018-0396 (A vulnerability in the web framework of the Cisco Unified Communicatio ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0395
+CVE-2018-0395 (A vulnerability in the Link Layer Discovery Protocol (LLDP) implementa ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0394
+CVE-2018-0394 (A vulnerability in the web upload function of Cisco Cloud Services Pla ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0393
+CVE-2018-0393 (A Read-Only User Effect Change vulnerability in the Policy Builder int ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0392
+CVE-2018-0392 (A vulnerability in the CLI of Cisco Policy Suite could allow an authen ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0391
+CVE-2018-0391 (A vulnerability in the password change function of Cisco Prime Collabo ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0390
+CVE-2018-0390 (A vulnerability in the web framework of Cisco Webex could allow an una ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0389
+CVE-2018-0389 (A vulnerability in the implementation of Session Initiation Protocol ( ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0388
+CVE-2018-0388 (A vulnerability in the web-based interface of Cisco Wireless LAN Contr ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0387
+CVE-2018-0387 (A vulnerability in Cisco Webex Teams (for Windows and macOS) could all ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0386
+CVE-2018-0386 (A vulnerability in Cisco Unified Communications Domain Manager Softwar ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0385
+CVE-2018-0385 (A vulnerability in the detection engine parsing of Security Socket Lay ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0384
+CVE-2018-0384 (A vulnerability in the detection engine of Cisco FireSIGHT System Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0383
+CVE-2018-0383 (A vulnerability in the detection engine of Cisco FireSIGHT System Soft ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0382
 	RESERVED
-CVE-2018-0381
+CVE-2018-0381 (A vulnerability in the Cisco Aironet Series Access Points (APs) softwa ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0380
+CVE-2018-0380 (Multiple vulnerabilities exist in the Cisco Webex Network Recording Pl ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0379
+CVE-2018-0379 (Multiple vulnerabilities exist in the Cisco Webex Network Recording Pl ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0378
+CVE-2018-0378 (A vulnerability in the Precision Time Protocol (PTP) feature of Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0377
+CVE-2018-0377 (A vulnerability in the Open Systems Gateway initiative (OSGi) interfac ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0376
+CVE-2018-0376 (A vulnerability in the Policy Builder interface of Cisco Policy Suite  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0375
+CVE-2018-0375 (A vulnerability in the Cluster Manager of Cisco Policy Suite before 18 ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0374
+CVE-2018-0374 (A vulnerability in the Policy Builder database of Cisco Policy Suite b ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0373
+CVE-2018-0373 (A vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys fo ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0372
+CVE-2018-0372 (A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series F ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0371
+CVE-2018-0371 (A vulnerability in the Web Admin Interface of Cisco Meeting Server cou ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0370
+CVE-2018-0370 (A vulnerability in the detection engine of Cisco Firepower System Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0369
+CVE-2018-0369 (A vulnerability in the reassembly logic for fragmented IPv4 packets of ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0368
+CVE-2018-0368 (A vulnerability in Cisco Digital Network Architecture (DNA) Center cou ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0367
+CVE-2018-0367 (A vulnerability in the web-based management interface of the Cisco Reg ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0366
+CVE-2018-0366 (A vulnerability in the web-based management interface of Cisco Web Sec ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0365
+CVE-2018-0365 (A vulnerability in the web-based management interface of Cisco Firepow ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0364
+CVE-2018-0364 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0363
+CVE-2018-0363 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0362
+CVE-2018-0362 (A vulnerability in BIOS authentication management of Cisco 5000 Series ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0361
+CVE-2018-0361 (ClamAV before 0.100.1 lacks a PDF object length check, resulting in an ...)
 	{DLA-1461-1}
 	- clamav 0.100.1+dfsg-1
 	[stretch] - clamav 0.100.1+dfsg-0+deb9u1
 	NOTE: https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html
-CVE-2018-0360
+CVE-2018-0360 (ClamAV before 0.100.1 has an HWP integer overflow with a resultant inf ...)
 	{DLA-1461-1}
 	- clamav 0.100.1+dfsg-1
 	[stretch] - clamav 0.100.1+dfsg-0+deb9u1
 	NOTE: https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html
-CVE-2018-0359
+CVE-2018-0359 (A vulnerability in the session identification management functionality ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0358
+CVE-2018-0358 (A vulnerability in the file descriptor handling of Cisco TelePresence  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0357
+CVE-2018-0357 (A vulnerability in the web framework of Cisco WebEx could allow an una ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0356
+CVE-2018-0356 (A vulnerability in the web framework of Cisco WebEx could allow an una ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0355
+CVE-2018-0355 (A vulnerability in the web UI of Cisco Unified Communications Manager  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0354
+CVE-2018-0354 (A vulnerability in the web framework of Cisco Unity Connection could a ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0353
+CVE-2018-0353 (A vulnerability in traffic-monitoring functions in Cisco Web Security  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0352
+CVE-2018-0352 (A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0351
+CVE-2018-0351 (A vulnerability in the command-line tcpdump utility in the Cisco SD-WA ...)
 	NOT-FOR-US: Cisco (tcpdump utility in Cisco SD-WAN Solution, but CVE is Cisco specific assigned)
-CVE-2018-0350
+CVE-2018-0350 (A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0349
+CVE-2018-0349 (A vulnerability in the Cisco SD-WAN Solution could allow an authentica ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0348
+CVE-2018-0348 (A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0347
+CVE-2018-0347 (A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0346
+CVE-2018-0346 (A vulnerability in the Zero Touch Provisioning service of the Cisco SD ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0345
+CVE-2018-0345 (A vulnerability in the configuration and management database of the Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0344
+CVE-2018-0344 (A vulnerability in the vManage dashboard for the configuration and man ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0343
+CVE-2018-0343 (A vulnerability in the configuration and management service of the Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0342
+CVE-2018-0342 (A vulnerability in the configuration and monitoring service of the Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0341
+CVE-2018-0341 (A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0340
+CVE-2018-0340 (A vulnerability in the web framework of the Cisco Unified Communicatio ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0339
+CVE-2018-0339 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0338
+CVE-2018-0338 (A vulnerability in the role-based access-checking mechanisms of Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0337
+CVE-2018-0337 (A vulnerability in the role-based access-checking mechanisms of Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0336
+CVE-2018-0336 (A vulnerability in the batch provisioning feature of Cisco Prime Colla ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0335
+CVE-2018-0335 (A vulnerability in the web portal authentication process of Cisco Prim ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0334
+CVE-2018-0334 (A vulnerability in the certificate management subsystem of Cisco AnyCo ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0333
+CVE-2018-0333 (A vulnerability in the VPN configuration management of Cisco FireSIGHT ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0332
+CVE-2018-0332 (A vulnerability in the Session Initiation Protocol (SIP) ingress packe ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0331
+CVE-2018-0331 (A vulnerability in the Cisco Discovery Protocol (formerly known as CDP ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0330
+CVE-2018-0330 (A vulnerability in the NX-API management application programming inter ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0329
+CVE-2018-0329 (A vulnerability in the default configuration of the Simple Network Man ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0328
+CVE-2018-0328 (A vulnerability in the web framework of Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0327
+CVE-2018-0327 (A vulnerability in the web framework of Cisco Identity Services Engine ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0326
+CVE-2018-0326 (A vulnerability in the web UI of Cisco TelePresence Server Software co ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0325
+CVE-2018-0325 (A vulnerability in the Session Initiation Protocol (SIP) call-handling ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0324
+CVE-2018-0324 (A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0323
+CVE-2018-0323 (A vulnerability in the web management interface of Cisco Enterprise NF ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0322
+CVE-2018-0322 (A vulnerability in the web management interface of Cisco Prime Collabo ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0321
+CVE-2018-0321 (A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0320
+CVE-2018-0320 (A vulnerability in the web framework code of Cisco Prime Collaboration ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0319
+CVE-2018-0319 (A vulnerability in the password recovery function of Cisco Prime Colla ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0318
+CVE-2018-0318 (A vulnerability in the password reset function of Cisco Prime Collabor ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0317
+CVE-2018-0317 (A vulnerability in the web interface of Cisco Prime Collaboration Prov ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0316
+CVE-2018-0316 (A vulnerability in the Session Initiation Protocol (SIP) call-handling ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0315
+CVE-2018-0315 (A vulnerability in the authentication, authorization, and accounting ( ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0314
+CVE-2018-0314 (A vulnerability in the Cisco Fabric Services (CFS) component of Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0313
+CVE-2018-0313 (A vulnerability in the NX-API feature of Cisco NX-OS Software could al ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0312
+CVE-2018-0312 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS S ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0311
+CVE-2018-0311 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS S ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0310
+CVE-2018-0310 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS S ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0309
+CVE-2018-0309 (A vulnerability in the implementation of a specific CLI command and th ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0308
+CVE-2018-0308 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS S ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0307
+CVE-2018-0307 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0306
+CVE-2018-0306 (A vulnerability in the CLI parser of Cisco NX-OS Software could allow  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0305
+CVE-2018-0305 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS S ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0304
+CVE-2018-0304 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS S ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0303
+CVE-2018-0303 (A vulnerability in the Cisco Discovery Protocol component of Cisco FXO ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0302
+CVE-2018-0302 (A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0301
+CVE-2018-0301 (A vulnerability in the NX-API feature of Cisco NX-OS Software could al ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0300
+CVE-2018-0300 (A vulnerability in the process of uploading new application images to  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0299
+CVE-2018-0299 (A vulnerability in the Simple Network Management Protocol (SNMP) featu ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0298
+CVE-2018-0298 (A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Inter ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0297
+CVE-2018-0297 (A vulnerability in the detection engine of Cisco Firepower Threat Defe ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0296
+CVE-2018-0296 (A vulnerability in the web interface of the Cisco Adaptive Security Ap ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0295
+CVE-2018-0295 (A vulnerability in the Border Gateway Protocol (BGP) implementation of ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0294
+CVE-2018-0294 (A vulnerability in the write-erase feature of Cisco FXOS Software and  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0293
+CVE-2018-0293 (A vulnerability in role-based access control (RBAC) for Cisco NX-OS So ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0292
+CVE-2018-0292 (A vulnerability in the Internet Group Management Protocol (IGMP) Snoop ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0291
+CVE-2018-0291 (A vulnerability in the Simple Network Management Protocol (SNMP) input ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0290
+CVE-2018-0290 (A vulnerability in the TCP stack of Cisco SocialMiner could allow an u ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0289
+CVE-2018-0289 (A vulnerability in the logs component of Cisco Identity Services Engin ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0288
+CVE-2018-0288 (A vulnerability in Cisco WebEx Recording Format (WRF) Player could all ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0287
+CVE-2018-0287 (A vulnerability in the Cisco WebEx Network Recording Player for Advanc ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0286
+CVE-2018-0286 (A vulnerability in the netconf interface of Cisco IOS XR Software coul ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0285
+CVE-2018-0285 (A vulnerability in service logging for Cisco Prime Service Catalog cou ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0284
+CVE-2018-0284 (A vulnerability in the local status page functionality of the Cisco Me ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0283
+CVE-2018-0283 (A vulnerability in the detection engine of Cisco Firepower System Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0282
+CVE-2018-0282 (A vulnerability in the TCP socket code of Cisco IOS and IOS XE Softwar ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0281
+CVE-2018-0281 (A vulnerability in the detection engine of Cisco Firepower System Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0280
+CVE-2018-0280 (A vulnerability in the Real-Time Transport Protocol (RTP) bitstream pr ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0279
+CVE-2018-0279 (A vulnerability in the Secure Copy Protocol (SCP) server of Cisco Ente ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0278
+CVE-2018-0278 (A vulnerability in the management console of Cisco Firepower System So ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0277
+CVE-2018-0277 (A vulnerability in the Extensible Authentication Protocol-Transport La ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0276
+CVE-2018-0276 (A vulnerability in Cisco WebEx Connect IM could allow an unauthenticat ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0275
+CVE-2018-0275 (A vulnerability in the support tunnel feature of Cisco Identity Servic ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0274
+CVE-2018-0274 (A vulnerability in the CLI parser of Cisco Network Services Orchestrat ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0273
+CVE-2018-0273 (A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggrega ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0272
+CVE-2018-0272 (A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Fire ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0271
+CVE-2018-0271 (A vulnerability in the API gateway of the Cisco Digital Network Archit ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0270
+CVE-2018-0270 (A vulnerability in the web-based management interface of Cisco IoT Fie ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0269
+CVE-2018-0269 (A vulnerability in the web framework of the Cisco Digital Network Arch ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0268
+CVE-2018-0268 (A vulnerability in the container management subsystem of Cisco Digital ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0267
+CVE-2018-0267 (A vulnerability in the web framework of Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0266
+CVE-2018-0266 (A vulnerability in the web framework of Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0265
 	RESERVED
-CVE-2018-0264
+CVE-2018-0264 (A vulnerability in the Cisco WebEx Network Recording Player for Advanc ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0263
+CVE-2018-0263 (A vulnerability in Cisco Meeting Server (CMS) could allow an unauthent ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0262
+CVE-2018-0262 (A vulnerability in Cisco Meeting Server could allow an unauthenticated ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0261
 	RESERVED
-CVE-2018-0260
+CVE-2018-0260 (A vulnerability in the web interface of Cisco MATE Live could allow an ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0259
+CVE-2018-0259 (A vulnerability in the web-based management interface of Cisco MATE Co ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0258
+CVE-2018-0258 (A vulnerability in the Cisco Prime File Upload servlet affecting multi ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0257
+CVE-2018-0257 (A vulnerability in Cisco IOS XE Software running on Cisco cBR Series C ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0256
+CVE-2018-0256 (A vulnerability in the peer-to-peer message processing functionality o ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0255
+CVE-2018-0255 (A vulnerability in the device manager web interface of Cisco Industria ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0254
+CVE-2018-0254 (A vulnerability in the detection engine of Cisco Firepower System Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0253
+CVE-2018-0253 (A vulnerability in the ACS Report component of Cisco Secure Access Con ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0252
+CVE-2018-0252 (A vulnerability in the IP Version 4 (IPv4) fragment reassembly functio ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0251
+CVE-2018-0251 (A vulnerability in the Web Server Authentication Required screen of th ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0250
+CVE-2018-0250 (A vulnerability in Central Web Authentication (CWA) with FlexConnect A ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0249
+CVE-2018-0249 (A vulnerability when handling incoming 802.11 Association Requests for ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0248
 	RESERVED
-CVE-2018-0247
+CVE-2018-0247 (A vulnerability in Web Authentication (WebAuth) clients for the Cisco  ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0246
 	RESERVED
-CVE-2018-0245
+CVE-2018-0245 (A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0244
+CVE-2018-0244 (A vulnerability in the detection engine of Cisco Firepower System Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0243
+CVE-2018-0243 (A vulnerability in the detection engine of Cisco Firepower System Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0242
+CVE-2018-0242 (A vulnerability in the WebVPN web-based management interface of Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0241
+CVE-2018-0241 (A vulnerability in the UDP broadcast forwarding function of Cisco IOS  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0240
+CVE-2018-0240 (Multiple vulnerabilities in the Application Layer Protocol Inspection  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0239
+CVE-2018-0239 (A vulnerability in the egress packet processing functionality of the C ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0238
+CVE-2018-0238 (A vulnerability in the role-based resource checking functionality of t ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0237
+CVE-2018-0237 (A vulnerability in the file type detection mechanism of the Cisco Adva ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0236
 	RESERVED
-CVE-2018-0235
+CVE-2018-0235 (A vulnerability in the 802.11 frame validation functionality of the Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0234
+CVE-2018-0234 (A vulnerability in the implementation of Point-to-Point Tunneling Prot ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0233
+CVE-2018-0233 (A vulnerability in the Secure Sockets Layer (SSL) packet reassembly fu ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0232
 	RESERVED
-CVE-2018-0231
+CVE-2018-0231 (A vulnerability in the Transport Layer Security (TLS) library of Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0230
+CVE-2018-0230 (A vulnerability in the internal packet-processing functionality of Cis ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0229
+CVE-2018-0229 (A vulnerability in the implementation of Security Assertion Markup Lan ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0228
+CVE-2018-0228 (A vulnerability in the ingress flow creation functionality of Cisco Ad ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0227
+CVE-2018-0227 (A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Netw ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0226
+CVE-2018-0226 (A vulnerability in the assignment and management of default user accou ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0225
+CVE-2018-0225 (The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4 ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0224
+CVE-2018-0224 (A vulnerability in the CLI of the Cisco StarOS operating system for Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0223
+CVE-2018-0223 (A vulnerability in DesktopServlet in the web-based management interfac ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0222
+CVE-2018-0222 (A vulnerability in Cisco Digital Network Architecture (DNA) Center cou ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0221
+CVE-2018-0221 (A vulnerability in specific CLI commands for the Cisco Identity Servic ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0220
+CVE-2018-0220 (A vulnerability in the web-based management interface of Cisco Videosc ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0219
+CVE-2018-0219 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0218
+CVE-2018-0218 (A vulnerability in the web-based user interface of the Cisco Secure Ac ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0217
+CVE-2018-0217 (A vulnerability in the CLI of the Cisco StarOS operating system for Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0216
+CVE-2018-0216 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0215
+CVE-2018-0215 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0214
+CVE-2018-0214 (A vulnerability in certain CLI commands of Cisco Identity Services Eng ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0213
+CVE-2018-0213 (A vulnerability in the credential reset functionality for Cisco Identi ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0212
+CVE-2018-0212 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0211
+CVE-2018-0211 (A vulnerability in specific CLI commands for the Cisco Identity Servic ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0210
+CVE-2018-0210 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0209
+CVE-2018-0209 (A vulnerability in the Simple Network Management Protocol (SNMP) subsy ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0208
+CVE-2018-0208 (A vulnerability in the web-based management interface of the (cloud ba ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0207
+CVE-2018-0207 (A vulnerability in the web-based user interface of the Cisco Secure Ac ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0206
+CVE-2018-0206 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0205
+CVE-2018-0205 (A vulnerability in the User Provisioning tab in the Cisco Prime Collab ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0204
+CVE-2018-0204 (A vulnerability in the web portal of the Cisco Prime Collaboration Pro ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0203
+CVE-2018-0203 (A vulnerability in the SMTP relay of Cisco Unity Connection could allo ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0202
+CVE-2018-0202 (clamscan in ClamAV before 0.99.4 contains a vulnerability that could a ...)
 	{DLA-1307-1}
 	- clamav 0.100.0~beta+dfsg-2
 	[stretch] - clamav 0.99.4+dfsg-1+deb9u1
@@ -53302,237 +53302,237 @@ CVE-2018-0202
 	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/0df2fedf2805e574512c486b32a0fff4ed394560
 	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/495fce917445063d519f14b0009cee025f817bc3
 	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/99eadf7a9ad351210165312362d1f32b77c6f857
-CVE-2018-0201
+CVE-2018-0201 (A vulnerability in Cisco Jabber Client Framework (JCF) could allow an  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0200
+CVE-2018-0200 (A vulnerability in the web-based interface of Cisco Prime Service Cata ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0199
+CVE-2018-0199 (A vulnerability in Cisco Jabber Client Framework (JCF) could allow an  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0198
+CVE-2018-0198 (A vulnerability in the web framework of Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0197
+CVE-2018-0197 (A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0196
+CVE-2018-0196 (A vulnerability in the web-based user interface (web UI) of Cisco IOS  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0195
+CVE-2018-0195 (A vulnerability in the Cisco IOS XE Software REST API could allow an a ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0194
+CVE-2018-0194 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software co ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0193
+CVE-2018-0193 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software co ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0192
 	RESERVED
 CVE-2018-0191
 	RESERVED
-CVE-2018-0190
+CVE-2018-0190 (Multiple vulnerabilities in the web-based user interface (web UI) of C ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0189
+CVE-2018-0189 (A vulnerability in the Forwarding Information Base (FIB) code of Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0188
+CVE-2018-0188 (Multiple vulnerabilities in the web-based user interface (web UI) of C ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0187
+CVE-2018-0187 (A vulnerability in the Admin portal of Cisco Identity Services Engine  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0186
+CVE-2018-0186 (Multiple vulnerabilities in the web-based user interface (web UI) of C ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0185
+CVE-2018-0185 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software co ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0184
+CVE-2018-0184 (A vulnerability in the CLI parser of Cisco IOS XE Software could allow ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0183
+CVE-2018-0183 (A vulnerability in the CLI parser of Cisco IOS XE Software could allow ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0182
+CVE-2018-0182 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software co ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0181
+CVE-2018-0181 (A vulnerability in the Redis implementation used by the Cisco Policy S ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0180
+CVE-2018-0180 (Multiple vulnerabilities in the Login Enhancements (Login Block) featu ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0179
+CVE-2018-0179 (Multiple vulnerabilities in the Login Enhancements (Login Block) featu ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0178
 	RESERVED
-CVE-2018-0177
+CVE-2018-0177 (A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IO ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0176
+CVE-2018-0176 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software co ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0175
+CVE-2018-0175 (Format String vulnerability in the Link Layer Discovery Protocol (LLDP ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0174
+CVE-2018-0174 (A vulnerability in the DHCP option 82 encapsulation functionality of C ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0173
+CVE-2018-0173 (A vulnerability in the Cisco IOS Software and Cisco IOS XE Software fu ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0172
+CVE-2018-0172 (A vulnerability in the DHCP option 82 encapsulation functionality of C ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0171
+CVE-2018-0171 (A vulnerability in the Smart Install feature of Cisco IOS Software and ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0170
+CVE-2018-0170 (A vulnerability in the Cisco Umbrella Integration feature of Cisco IOS ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0169
+CVE-2018-0169 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software co ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0168
 	RESERVED
-CVE-2018-0167
+CVE-2018-0167 (Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery P ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0166
 	RESERVED
-CVE-2018-0165
+CVE-2018-0165 (A vulnerability in the Internet Group Management Protocol (IGMP) packe ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0164
+CVE-2018-0164 (A vulnerability in the Switch Integrated Security Features of Cisco IO ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0163
+CVE-2018-0163 (A vulnerability in the 802.1x multiple-authentication (multi-auth) fea ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0162
 	RESERVED
-CVE-2018-0161
+CVE-2018-0161 (A vulnerability in the Simple Network Management Protocol (SNMP) subsy ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0160
+CVE-2018-0160 (A vulnerability in Simple Network Management Protocol (SNMP) subsystem ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0159
+CVE-2018-0159 (A vulnerability in the implementation of Internet Key Exchange Version ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0158
+CVE-2018-0158 (A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0157
+CVE-2018-0157 (A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Softwa ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0156
+CVE-2018-0156 (A vulnerability in the Smart Install feature of Cisco IOS Software and ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0155
+CVE-2018-0155 (A vulnerability in the Bidirectional Forwarding Detection (BFD) offloa ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0154
+CVE-2018-0154 (A vulnerability in the crypto engine of the Cisco Integrated Services  ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0153
 	RESERVED
-CVE-2018-0152
+CVE-2018-0152 (A vulnerability in the web-based user interface (web UI) of Cisco IOS  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0151
+CVE-2018-0151 (A vulnerability in the quality of service (QoS) subsystem of Cisco IOS ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0150
+CVE-2018-0150 (A vulnerability in Cisco IOS XE Software could allow an unauthenticate ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0149
+CVE-2018-0149 (A vulnerability in the web-based management interface of Cisco Integra ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0148
+CVE-2018-0148 (A vulnerability in the web-based management interface of Cisco UCS Dir ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0147
+CVE-2018-0147 (A vulnerability in Java deserialization used by Cisco Secure Access Co ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0146
+CVE-2018-0146 (A vulnerability in the Cisco Data Center Analytics Framework applicati ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0145
+CVE-2018-0145 (A vulnerability in the web-based management interface of the Cisco Dat ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0144
+CVE-2018-0144 (A vulnerability in the web-based management interface of Cisco Prime D ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0143
 	RESERVED
 CVE-2018-0142
 	RESERVED
-CVE-2018-0141
+CVE-2018-0141 (A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Softwa ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0140
+CVE-2018-0140 (A vulnerability in the spam quarantine of Cisco Email Security Applian ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0139
+CVE-2018-0139 (A vulnerability in the Interactive Voice Response (IVR) management con ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0138
+CVE-2018-0138 (A vulnerability in the detection engine of Cisco Firepower System Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0137
+CVE-2018-0137 (A vulnerability in the TCP throttling process of Cisco Prime Network c ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0136
+CVE-2018-0136 (A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0135
+CVE-2018-0135 (A vulnerability in Cisco Unified Communications Manager could allow an ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0134
+CVE-2018-0134 (A vulnerability in the RADIUS authentication module of Cisco Policy Su ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0133
 	RESERVED
-CVE-2018-0132
+CVE-2018-0132 (A vulnerability in the forwarding information base (FIB) code of Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0131
+CVE-2018-0131 (A vulnerability in the implementation of RSA-encrypted nonces in Cisco ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0130
+CVE-2018-0130 (A vulnerability in the use of JSON web tokens by the web-based service ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0129
+CVE-2018-0129 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0128
+CVE-2018-0128 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0127
+CVE-2018-0127 (A vulnerability in the web interface of Cisco RV132W ADSL2+ Wireless-N ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0126
 	RESERVED
-CVE-2018-0125
+CVE-2018-0125 (A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wirele ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0124
+CVE-2018-0124 (A vulnerability in Cisco Unified Communications Domain Manager could a ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0123
+CVE-2018-0123 (A Path Traversal vulnerability in the diagnostic shell for Cisco IOS a ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0122
+CVE-2018-0122 (A vulnerability in the CLI of the Cisco StarOS operating system for Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0121
+CVE-2018-0121 (A vulnerability in the authentication functionality of the web-based s ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0120
+CVE-2018-0120 (A vulnerability in the web framework of Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0119
+CVE-2018-0119 (A vulnerability in certain authentication controls in the account serv ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0118
+CVE-2018-0118 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0117
+CVE-2018-0117 (A vulnerability in the ingress packet processing functionality of the  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0116
+CVE-2018-0116 (A vulnerability in the RADIUS authentication module of Cisco Policy Su ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0115
+CVE-2018-0115 (A vulnerability in the CLI of the Cisco StarOS operating system for Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0114
+CVE-2018-0114 (A vulnerability in the Cisco node-jose open source library before 0.11 ...)
 	NOT-FOR-US: Cisco node-jose
-CVE-2018-0113
+CVE-2018-0113 (A vulnerability in an operations script of Cisco UCS Central could all ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0112
+CVE-2018-0112 (A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Mee ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0111
+CVE-2018-0111 (A vulnerability in Cisco WebEx Meetings Server could allow an unauthen ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0110
+CVE-2018-0110 (A vulnerability in Cisco WebEx Meetings Server could allow an authenti ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0109
+CVE-2018-0109 (A vulnerability in Cisco WebEx Meetings Server could allow an authenti ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0108
+CVE-2018-0108 (A vulnerability in Cisco WebEx Meetings Server could allow an unauthen ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0107
+CVE-2018-0107 (A vulnerability in the web framework of Cisco Prime Service Catalog co ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0106
+CVE-2018-0106 (A vulnerability in the ConfD server of the Cisco Elastic Services Cont ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0105
+CVE-2018-0105 (A vulnerability in the web framework of Cisco Unified Communications M ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0104
+CVE-2018-0104 (A vulnerability in Cisco WebEx Network Recording Player for Advanced R ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0103
+CVE-2018-0103 (A Buffer Overflow vulnerability in Cisco WebEx Network Recording Playe ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0102
+CVE-2018-0102 (A vulnerability in the Pong tool of Cisco NX-OS Software could allow a ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0101
+CVE-2018-0101 (A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0100
+CVE-2018-0100 (A vulnerability in the Profile Editor of the Cisco AnyConnect Secure M ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0099
+CVE-2018-0099 (A vulnerability in the web management GUI of the Cisco D9800 Network T ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0098
+CVE-2018-0098 (A vulnerability in the web-based management interface of Cisco WAP150  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0097
+CVE-2018-0097 (A vulnerability in the web interface of Cisco Prime Infrastructure cou ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0096
+CVE-2018-0096 (A vulnerability in the role-based access control (RBAC) functionality  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0095
+CVE-2018-0095 (A vulnerability in the administrative shell of Cisco AsyncOS on Cisco  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0094
+CVE-2018-0094 (A vulnerability in IPv6 ingress packet processing for Cisco UCS Centra ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0093
+CVE-2018-0093 (A vulnerability in the web-based management interface of Cisco Web Sec ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0092
+CVE-2018-0092 (A vulnerability in the network-operator user role implementation for C ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0091
+CVE-2018-0091 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0090
+CVE-2018-0090 (A vulnerability in management interface access control list (ACL) conf ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0089
+CVE-2018-0089 (A vulnerability in the Policy and Charging Rules Function (PCRF) of th ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0088
+CVE-2018-0088 (A vulnerability in one of the diagnostic test CLI commands on Cisco In ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0087
+CVE-2018-0087 (A vulnerability in the FTP server of the Cisco Web Security Appliance  ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0086
+CVE-2018-0086 (A vulnerability in the application server of the Cisco Unified Custome ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0085
 	RESERVED
@@ -53578,133 +53578,133 @@ CVE-2018-0065
 	RESERVED
 CVE-2018-0064
 	RESERVED
-CVE-2018-0063
+CVE-2018-0063 (A vulnerability in the IP next-hop index database in Junos OS 17.3R3 m ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0062
+CVE-2018-0062 (A Denial of Service vulnerability in J-Web service may allow a remote  ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0061
+CVE-2018-0061 (A denial of service vulnerability in the telnetd service on Junos OS a ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0060
+CVE-2018-0060 (An improper input validation weakness in the device control daemon pro ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0059
+CVE-2018-0059 (A persistent cross-site scripting vulnerability in the graphical user  ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0058
+CVE-2018-0058 (Receipt of a specially crafted IPv6 exception packet may be able to tr ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0057
+CVE-2018-0057 (On MX Series and M120/M320 platforms configured in a Broadband Edge (B ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0056
+CVE-2018-0056 (If a duplicate MAC address is learned by two different interfaces on a ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0055
+CVE-2018-0055 (Receipt of a specially crafted DHCPv6 message destined to a Junos OS d ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0054
+CVE-2018-0054 (On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause f ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0053
+CVE-2018-0053 (An authentication bypass vulnerability in the initial boot sequence of ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0052
+CVE-2018-0052 (If RSH service is enabled on Junos OS and if the PAM authentication is ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0051
+CVE-2018-0051 (A Denial of Service vulnerability in the SIP application layer gateway ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0050
+CVE-2018-0050 (An error handling vulnerability in Routing Protocols Daemon (RPD) of J ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0049
+CVE-2018-0049 (A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS  ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0048
+CVE-2018-0048 (A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Ext ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0047
+CVE-2018-0047 (A persistent cross-site scripting vulnerability in the UI framework us ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0046
+CVE-2018-0046 (A reflected cross-site scripting vulnerability in OpenNMS included wit ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0045
+CVE-2018-0045 (Receipt of a specific Draft-Rosen MVPN control packet may cause the ro ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0044
+CVE-2018-0044 (An insecure SSHD configuration in Juniper Device Manager (JDM) and hos ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0043
+CVE-2018-0043 (Receipt of a specific MPLS packet may cause the routing protocol daemo ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0042
+CVE-2018-0042 (Juniper Networks CSO versions prior to 4.0.0 may log passwords in log  ...)
 	NOT-FOR-US: Juniper Networks CSO
-CVE-2018-0041
+CVE-2018-0041 (Juniper Networks Contrail Service Orchestration releases prior to 3.3. ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0040
+CVE-2018-0040 (Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0039
+CVE-2018-0039 (Juniper Networks Contrail Service Orchestration releases prior to 4.0. ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0038
+CVE-2018-0038 (Juniper Networks Contrail Service Orchestration releases prior to 3.3. ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0037
+CVE-2018-0037 (Junos OS routing protocol daemon (RPD) process may crash and restart o ...)
 	NOT-FOR-US: Junos OS
 CVE-2018-0036
 	RESERVED
-CVE-2018-0035
+CVE-2018-0035 (QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1 ...)
 	NOT-FOR-US: Junos OS
-CVE-2018-0034
+CVE-2018-0034 (A Denial of Service vulnerability exists in the Juniper Networks Junos ...)
 	NOT-FOR-US: Juniper
 CVE-2018-0033
 	RESERVED
-CVE-2018-0032
+CVE-2018-0032 (The receipt of a crafted BGP UPDATE can lead to a routing process daem ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0031
+CVE-2018-0031 (Receipt of specially crafted UDP/IP packets over MPLS may be able to b ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0030
+CVE-2018-0030 (Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1 ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0029
+CVE-2018-0029 (While experiencing a broadcast storm, placing the fxp0 interface into  ...)
 	NOT-FOR-US: Juniper
 CVE-2018-0028
 	RESERVED
-CVE-2018-0027
+CVE-2018-0027 (Receipt of a crafted or malformed RSVP PATH message may cause the rout ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0026
+CVE-2018-0026 (After Junos OS device reboot or upgrade, the stateless firewall filter ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0025
+CVE-2018-0025 (When an SRX Series device is configured to use HTTP/HTTPS pass-through ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0024
+CVE-2018-0024 (An Improper Privilege Management vulnerability in a shell session of J ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0023
+CVE-2018-0023 (JSNAPy is an open source python version of Junos Snapshot Administrato ...)
 	NOT-FOR-US: JSNAPy
-CVE-2018-0022
+CVE-2018-0022 (A Junos device with VPLS routing-instances configured on one or more i ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0021
+CVE-2018-0021 (If all 64 digits of the connectivity association name (CKN) key or all ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0020
+CVE-2018-0020 (Junos OS may be impacted by the receipt of a malformed BGP UPDATE whic ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0019
+CVE-2018-0019 (A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may al ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0018
+CVE-2018-0018 (On SRX Series devices during compilation of IDP policies, an attacker  ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0017
+CVE-2018-0017 (A vulnerability in the Network Address Translation - Protocol Translat ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0016
+CVE-2018-0016 (Receipt of a specially crafted Connectionless Network Protocol (CLNP)  ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0015
+CVE-2018-0015 (A malicious user with unrestricted access to the AppFormix application ...)
 	NOT-FOR-US: AppFormix
-CVE-2018-0014
+CVE-2018-0014 (Juniper Networks ScreenOS devices do not pad Ethernet packets with zer ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0013
+CVE-2018-0013 (A local file inclusion vulnerability in Juniper Networks Junos Space N ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0012
+CVE-2018-0012 (Junos Space is affected by a privilege escalation vulnerability that m ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0011
+CVE-2018-0011 (A reflected cross site scripting (XSS) vulnerability in Junos Space ma ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0010
+CVE-2018-0010 (A vulnerability in the Juniper Networks Junos Space Security Director  ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0009
+CVE-2018-0009 (On Juniper Networks SRX series devices, firewall rules configured to m ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0008
+CVE-2018-0008 (An unauthenticated root login may allow upon reboot when a commit scri ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0007
+CVE-2018-0007 (An unauthenticated network-based attacker able to send a maliciously c ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0006
+CVE-2018-0006 (A high rate of VLAN authentication attempts sent from an adjacent host ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0005
+CVE-2018-0005 (QFX and EX Series switches configured to drop traffic when the MAC mov ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0004
+CVE-2018-0004 (A sustained sequence of different types of normal transit traffic can  ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0003
+CVE-2018-0003 (A specially crafted MPLS packet received or processed by the system, o ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0002
+CVE-2018-0002 (On SRX Series and MX Series devices with a Service PIC with any ALG en ...)
 	NOT-FOR-US: Juniper
-CVE-2018-0001
+CVE-2018-0001 (A remote, unauthenticated attacker may be able to execute code by expl ...)
 	NOT-FOR-US: Juniper
-CVE-2018-1000156
+CVE-2018-1000156 (GNU Patch version 2.7.6 contains an input validation vulnerability whe ...)
 	{DLA-1348-1}
 	- patch 2.7.6-2 (bug #894993)
 	[stretch] - patch 2.7.5-1+deb9u1
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 84ad6737d6..934018dfb5 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -30,16 +30,16 @@ CVE-2019-9848
 	RESERVED
 CVE-2019-9847
 	RESERVED
-CVE-2019-9857 [inotify: Fix fsnotify_mark refcount leak in inotify_update_existing_watch()]
+CVE-2019-9857 (In the Linux kernel through 5.0.2, the function inotify_update_existin ...)
 	- linux <unfixed>
 	NOTE: https://patchwork.kernel.org/patch/10836283/
-CVE-2019-9846
+CVE-2019-9846 (RockOA 1.8.7 allows remote attackers to obtain sensitive information b ...)
 	NOT-FOR-US: RockOA
 CVE-2019-9845
 	RESERVED
-CVE-2019-9844
+CVE-2019-9844 (simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows ...)
 	NOT-FOR-US: Khan Academy simple-markdown
-CVE-2019-9843
+CVE-2019-9843 (In DiffPlug Spotless before 1.20.0 (library and Maven plugin) and befo ...)
 	NOT-FOR-US: DiffPlug Spotless
 CVE-2019-9842
 	RESERVED
@@ -51,25 +51,25 @@ CVE-2019-9839
 	RESERVED
 CVE-2019-9838
 	RESERVED
-CVE-2019-9837
+CVE-2019-9837 (Doorkeeper::OpenidConnect (aka the OpenID Connect extension for Doorke ...)
 	- ruby-doorkeeper-openid-connect <unfixed> (bug #924747)
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/61
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper-openid_connect/pull/66
 CVE-2019-9836
 	RESERVED
-CVE-2019-9835
+CVE-2019-9835 (The receiver (aka bridge) component of Fujitsu Wireless Keyboard Set L ...)
 	NOT-FOR-US: Fujitsu Wireless Keyboard Set LX901 GK900 devices
-CVE-2019-9834
+CVE-2019-9834 (The Netdata web application through 1.13.0 allows remote attackers to  ...)
 	NOT-FOR-US: Netdata web application
-CVE-2019-9833
+CVE-2019-9833 (The Screen Stream application through 3.0.15 for Android allows remote ...)
 	NOT-FOR-US: Screen Stream application for Android
-CVE-2019-9832
+CVE-2019-9832 (The AirDrop application through 2.0 for Android allows remote attacker ...)
 	NOT-FOR-US: AirDrop application for Android
-CVE-2019-9831
+CVE-2019-9831 (The AirMore application through 1.6.1 for Android allows remote attack ...)
 	NOT-FOR-US: AirMore application for Android
 CVE-2019-9830
 	RESERVED
-CVE-2019-9829
+CVE-2019-9829 (Maccms 10 allows remote attackers to execute arbitrary PHP code by ent ...)
 	NOT-FOR-US: Maccms
 CVE-2019-9828
 	RESERVED
@@ -77,7 +77,7 @@ CVE-2019-9827
 	RESERVED
 CVE-2019-9826
 	RESERVED
-CVE-2019-9825
+CVE-2019-9825 (FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arb ...)
 	NOT-FOR-US: FeiFeiCMS
 CVE-2019-9824
 	RESERVED
@@ -159,7 +159,7 @@ CVE-2019-9788
 	RESERVED
 CVE-2019-9786
 	RESERVED
-CVE-2019-9785
+CVE-2019-9785 (gitnote 3.1.0 allows remote attackers to execute arbitrary code via a  ...)
 	NOT-FOR-US: gitnote
 CVE-2019-9784
 	RESERVED
@@ -171,49 +171,49 @@ CVE-2019-9781
 	RESERVED
 CVE-2019-9780
 	RESERVED
-CVE-2019-9787
+CVE-2019-9787 (WordPress before 5.1.1 does not properly filter comment content, leadi ...)
 	- wordpress 5.1.1+dfsg1-1 (bug #924546)
 	NOTE: https://blog.ripstech.com/2019/wordpress-csrf-to-rce/
 	NOTE: Fixed by: https://github.com/WordPress/WordPress/commit/0292de60ec78c5a44956765189403654fe4d080b
-CVE-2019-9779
+CVE-2019-9779 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a N ...)
 	- libredwg <itp> (bug #595191)
-CVE-2019-9778
+CVE-2019-9778 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a h ...)
 	- libredwg <itp> (bug #595191)
-CVE-2019-9777
+CVE-2019-9777 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a h ...)
 	- libredwg <itp> (bug #595191)
-CVE-2019-9776
+CVE-2019-9776 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a N ...)
 	- libredwg <itp> (bug #595191)
-CVE-2019-9775
+CVE-2019-9775 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an  ...)
 	- libredwg <itp> (bug #595191)
-CVE-2019-9774
+CVE-2019-9774 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an  ...)
 	- libredwg <itp> (bug #595191)
-CVE-2019-9773
+CVE-2019-9773 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a h ...)
 	- libredwg <itp> (bug #595191)
-CVE-2019-9772
+CVE-2019-9772 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a N ...)
 	- libredwg <itp> (bug #595191)
-CVE-2019-9771
+CVE-2019-9771 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a N ...)
 	- libredwg <itp> (bug #595191)
-CVE-2019-9770
+CVE-2019-9770 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a h ...)
 	- libredwg <itp> (bug #595191)
-CVE-2019-9769
+CVE-2019-9769 (PilusCart 1.4.1 is vulnerable to index.php?module=users&amp;action=new ...)
 	NOT-FOR-US: PilusCart
-CVE-2019-9768
+CVE-2019-9768 (Thinkst Canarytokens through 2019-03-01 relies on limited variation in ...)
 	NOT-FOR-US: Thinkst Canarytokens
-CVE-2019-9767
+CVE-2019-9767 (Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting ...)
 	NOT-FOR-US: Free MP3 CD Ripper
-CVE-2019-9766
+CVE-2019-9766 (Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting ...)
 	NOT-FOR-US: Free MP3 CD Ripper
-CVE-2019-9765
+CVE-2019-9765 (In Blog_mini 1.0, XSS exists via the author name of a comment reply in ...)
 	NOT-FOR-US: Blog_mini
 CVE-2019-9764
 	RESERVED
 CVE-2019-9763
 	RESERVED
-CVE-2019-9762
+CVE-2019-9762 (A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment ...)
 	NOT-FOR-US: PHPSHE
-CVE-2019-9761
+CVE-2019-9761 (An XXE issue was discovered in PHPSHE 1.7, which can be used to read a ...)
 	NOT-FOR-US: PHPSHE
-CVE-2019-9760
+CVE-2019-9760 (FTPGetter Standard v.5.97.0.177 allows remote code execution when a us ...)
 	NOT-FOR-US: FTPGetter
 CVE-2019-9759
 	RESERVED
@@ -225,29 +225,29 @@ CVE-2019-9756
 	RESERVED
 CVE-2019-9755
 	RESERVED
-CVE-2019-9754
+CVE-2019-9754 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
 	TODO: check
 CVE-2019-9753
 	RESERVED
-CVE-2019-9752
+CVE-2019-9752 (An issue was discovered in Open Ticket Request System (OTRS) 5.x befor ...)
 	- otrs2 6.0.16-1
 	NOTE: https://community.otrs.com/security-advisory-2019-01-security-update-for-otrs-framework/
 	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/341c4096222819a108feb02256aba878943bf810
 	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/d4e3dfbaa054762b29df54705aa412685dd37e15
-CVE-2019-9751
+CVE-2019-9751 (An issue was discovered in Open Ticket Request System (OTRS) 6.x befor ...)
 	- otrs2 6.0.17-1
 	[jessie] - otrs2 <not-affected> (Vulnerable code not present)
 	NOTE: https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework
 	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/1afb2b995e59551b927c2105e234e8b87efcc37a
-CVE-2019-9750
+CVE-2019-9750 (In IoTivity through 1.3.1, the CoAP server interface can be used for D ...)
 	- iotivity <itp> (bug #824155)
-CVE-2019-9749
+CVE-2019-9749 (An issue was discovered in the MQTT input plugin in Fluent Bit through ...)
 	NOT-FOR-US: Fluent Bit
-CVE-2019-9748
+CVE-2019-9748 (In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted ...)
 	TODO: check
-CVE-2019-9747
+CVE-2019-9747 (In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS (Multica ...)
 	TODO: check
-CVE-2019-9746
+CVE-2019-9746 (In libwebm before 2019-03-08, a NULL pointer dereference caused by the ...)
 	TODO: check
 CVE-2019-9745
 	RESERVED
@@ -255,9 +255,9 @@ CVE-2019-9744
 	RESERVED
 CVE-2019-9743
 	RESERVED
-CVE-2019-9742
+CVE-2019-9742 (gdwfpcd.sys in G Data Total Security before 2019-02-22 allows an attac ...)
 	NOT-FOR-US: G Data Total Security
-CVE-2019-9741
+CVE-2019-9741 (An issue was discovered in net/http in Go 1.11.5. CRLF injection is po ...)
 	- golang-1.12 1.12-1
 	- golang-1.11 1.11.6-1 (bug #924630)
 	- golang-1.8 <removed>
@@ -266,7 +266,7 @@ CVE-2019-9741
 	NOTE: https://github.com/golang/go/issues/30794
 	NOTE: https://github.com/golang/go/commit/829c5df58694b3345cb5ea41206783c8ccf5c3ca#diff-b97af51863ce82bf2a13003b52034aa9
 	NOTE: https://github.com/golang/go/commit/f1d662f34788f4a5f087581d0951cdf4e0f6e708#diff-b97af51863ce82bf2a13003b52034aa9
-CVE-2019-9740
+CVE-2019-9740 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...)
 	- python3.7 <unfixed>
 	- python3.6 <unfixed>
 	- python3.5 <removed>
@@ -277,13 +277,13 @@ CVE-2019-9740
 	NOTE: https://bugs.python.org/issue30458
 CVE-2019-9739
 	RESERVED
-CVE-2019-9738
+CVE-2019-9738 (jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the '&lt;E ...)
 	NOT-FOR-US: jimmykuu Gopher
-CVE-2019-9737
+CVE-2019-9737 (Editor.md 1.5.0 has DOM-based XSS via vectors involving the '&lt;EMBED ...)
 	NOT-FOR-US: pandao Editor.md
-CVE-2019-9736
+CVE-2019-9736 (DOM-based XSS exists in 1024Tools Markdown 1.0 via vectors involving t ...)
 	NOT-FOR-US: 1024Tools Markdown
-CVE-2019-9735
+CVE-2019-9735 (An issue was discovered in the iptables firewall module in OpenStack N ...)
 	- neutron 2:13.0.2-13 (bug #924508)
 	NOTE: https://launchpad.net/bugs/1818385
 CVE-2019-9734
@@ -296,7 +296,7 @@ CVE-2019-9731
 	RESERVED
 CVE-2019-9730
 	RESERVED
-CVE-2019-9729
+CVE-2019-9729 (In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows pr ...)
 	NOT-FOR-US: Shanda MapleStory Online
 CVE-2019-9728
 	RESERVED
@@ -304,7 +304,7 @@ CVE-2019-9727
 	RESERVED
 CVE-2019-9726
 	RESERVED
-CVE-2019-9725
+CVE-2019-9725 (The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f devi ...)
 	NOT-FOR-US: Korenix JetPort devices
 CVE-2019-9724
 	RESERVED
@@ -312,14 +312,14 @@ CVE-2019-9723
 	RESERVED
 CVE-2019-9722
 	RESERVED
-CVE-2019-9721
+CVE-2019-9721 (A denial of service in the subtitle decoder in FFmpeg 4.1 allows attac ...)
 	- ffmpeg <unfixed>
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/894995c41e0795c7a44f81adc4838dedc3932e65
 CVE-2019-9720
 	RESERVED
 CVE-2019-9719
 	RESERVED
-CVE-2019-9718
+CVE-2019-9718 (In FFmpeg 4.1, a denial of service in the subtitle decoder allows atta ...)
 	- ffmpeg <unfixed>
 	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1f00c97bc3475c477f3c468cf2d924d5761d0982
 CVE-2019-9717
@@ -328,15 +328,15 @@ CVE-2019-9716
 	RESERVED
 CVE-2019-9715
 	RESERVED
-CVE-2019-9714
+CVE-2019-9714 (An issue was discovered in Joomla! before 3.9.4. The media form field  ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-9713
+CVE-2019-9713 (An issue was discovered in Joomla! before 3.9.4. The sample data plugi ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-9712
+CVE-2019-9712 (An issue was discovered in Joomla! before 3.9.4. The JSON handler in c ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-9711
+CVE-2019-9711 (An issue was discovered in Joomla! before 3.9.4. The item_title layout ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-9710
+CVE-2019-9710 (An issue was discovered in webargs before 5.1.3, as used with marshmal ...)
 	NOT-FOR-US: webargs
 CVE-2019-9709
 	RESERVED
@@ -344,15 +344,15 @@ CVE-2019-9708
 	RESERVED
 CVE-2019-9707
 	RESERVED
-CVE-2019-9705
+CVE-2019-9705 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to  ...)
 	- cron 3.0pl1-133 (low)
 	[stretch] - cron <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/26814a26
-CVE-2019-9706
+CVE-2019-9706 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to  ...)
 	- cron 3.0pl1-133 (bug #809167)
 	[stretch] - cron <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/40791b93
-CVE-2019-9704
+CVE-2019-9704 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to  ...)
 	- cron 3.0pl1-133 (low)
 	[stretch] - cron <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/f2525567
@@ -376,9 +376,9 @@ CVE-2019-9695
 	RESERVED
 CVE-2019-9694
 	RESERVED
-CVE-2019-9693
+CVE-2019-9693 (In CMS Made Simple (CMSMS) before 2.2.10, an authenticated user can ac ...)
 	NOT-FOR-US: CMS Made Simple
-CVE-2019-9692
+CVE-2019-9692 (class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 doe ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2019-9691
 	RESERVED
@@ -386,12 +386,12 @@ CVE-2019-9690
 	RESERVED
 CVE-2019-9689
 	RESERVED
-CVE-2019-9688
+CVE-2019-9688 (sftnow through 2018-12-29 allows index.php?g=Admin&amp;m=User&amp;a=ad ...)
 	NOT-FOR-US: sftnow
-CVE-2019-9687
+CVE-2019-9687 (PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF ...)
 	- libpodofo <unfixed> (bug #924430)
 	NOTE: https://sourceforge.net/p/podofo/code/1969
-CVE-2019-9686
+CVE-2019-9686 (pacman before 5.1.3 allows directory traversal when installing a remot ...)
 	NOT-FOR-US: pacman package manager for arch, different from src:pacman
 CVE-2019-9685
 	RESERVED
@@ -413,7 +413,7 @@ CVE-2019-9677
 	RESERVED
 CVE-2019-9676
 	RESERVED
-CVE-2019-9675
+CVE-2019-9675 (** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and 7. ...)
 	{DSA-4403-1}
 	- php7.3 7.3.3-1 (unimportant)
 	- php7.0 <removed> (unimportant)
@@ -444,22 +444,22 @@ CVE-2019-9664
 	RESERVED
 CVE-2019-9663
 	RESERVED
-CVE-2019-9662
+CVE-2019-9662 (An issue was discovered in JTBC(PHP) 3.0.1.8. Its cache management mod ...)
 	NOT-FOR-US: JTBC(PHP)
-CVE-2019-9661
+CVE-2019-9661 (Stored XSS exists in YzmCMS 5.2 via the admin/system_manage/user_confi ...)
 	NOT-FOR-US: YzmCMS
-CVE-2019-9660
+CVE-2019-9660 (Stored XSS exists in YzmCMS 5.2 via the admin/category/edit.html "catn ...)
 	NOT-FOR-US: YzmCMS
-CVE-2019-9659
+CVE-2019-9659 (The Chuango 433 MHz burglar-alarm product line uses static codes in th ...)
 	NOT-FOR-US: Chuango
-CVE-2019-9658
+CVE-2019-9658 (Checkstyle before 8.18 loads external DTDs by default. ...)
 	- checkstyle <unfixed> (bug #924598)
 	NOTE: https://github.com/checkstyle/checkstyle/issues/6474
 	NOTE: https://github.com/checkstyle/checkstyle/issues/6478
 	NOTE: https://github.com/checkstyle/checkstyle/pull/6476
 CVE-2019-9657
 	RESERVED
-CVE-2019-9656
+CVE-2019-9656 (An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dere ...)
 	- libofx <unfixed> (bug #924350)
 	NOTE: https://github.com/libofx/libofx/issues/22
 CVE-2019-9655
@@ -468,11 +468,11 @@ CVE-2019-9654
 	RESERVED
 CVE-2019-9653
 	RESERVED
-CVE-2019-9652
+CVE-2019-9652 (There is a CSRF in SDCMS V1.7 via an m=admin&amp;c=theme&amp;a=edit re ...)
 	NOT-FOR-US: SDCMS
-CVE-2019-9651
+CVE-2019-9651 (An issue was discovered in SDCMS V1.7. In the \app\admin\controller\th ...)
 	NOT-FOR-US: SDCMS
-CVE-2019-9650
+CVE-2019-9650 (An XSS issue was discovered in upcoming_events.php in the Upcoming Eve ...)
 	NOT-FOR-US: MyBB plugin
 CVE-2019-9649
 	RESERVED
@@ -482,9 +482,9 @@ CVE-2019-9647
 	RESERVED
 CVE-2019-9645
 	RESERVED
-CVE-2019-9646
+CVE-2019-9646 (The Contact Form Email plugin before 1.2.66 for WordPress allows wp-ad ...)
 	NOT-FOR-US: WordPress plugin contact-form-to-email
-CVE-2019-9644
+CVE-2019-9644 (An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook befor ...)
 	- jupyter-notebook <unfixed> (bug #924515)
 	NOTE: https://github.com/jupyter/notebook/commit/cfc335b76466ccf1538ce545b654b29b5ab0097c
 	NOTE: https://github.com/jupyter/notebook/commit/b5105814fc41c6d789b317fa59f786bad7f9d798
@@ -493,7 +493,7 @@ CVE-2019-9643
 	RESERVED
 CVE-2019-9642
 	RESERVED
-CVE-2019-9636
+CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Impr ...)
 	- python3.7 3.7.3~rc1-1 (bug #924072)
 	- python3.6 <unfixed>
 	- python3.5 <removed>
@@ -506,75 +506,75 @@ CVE-2019-9636
 	NOTE: https://github.com/python/cpython/commit/e37ef41289b77e0f0bb9a6aedb0360664c55bdd5 (2.7.x)
 CVE-2019-9635
 	RESERVED
-CVE-2019-1003039
+CVE-2019-1003039 (An insufficiently protected credentials vulnerability exists in Jenkin ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003038
+CVE-2019-1003038 (An insufficiently protected credentials vulnerability exists in Jenkin ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003037
+CVE-2019-1003037 (An information exposure vulnerability exists in Jenkins Azure VM Agent ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003036
+CVE-2019-1003036 (A data modification vulnerability exists in Jenkins Azure VM Agents Pl ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003035
+CVE-2019-1003035 (An information exposure vulnerability exists in Jenkins Azure VM Agent ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003034
+CVE-2019-1003034 (A sandbox bypass vulnerability exists in Jenkins Job DSL Plugin 1.71 a ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003033
+CVE-2019-1003033 (A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.1 and ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003032
+CVE-2019-1003032 (A sandbox bypass vulnerability exists in Jenkins Email Extension Plugi ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003031
+CVE-2019-1003031 (A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003030
+CVE-2019-1003030 (A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plug ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003029
+CVE-2019-1003029 (A sandbox bypass vulnerability exists in Jenkins Script Security Plugi ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-9634
+CVE-2019-9634 (Go through 1.12 on Windows misuses certain LoadLibrary functionality,  ...)
 	- golang-1.12 <not-affected> (Only affects Go on Windows)
 	- golang-1.11 <not-affected> (Only affects Go on Windows)
 	- golang-1.10 <not-affected> (Only affects Go on Windows)
-CVE-2019-9637
+CVE-2019-9637 (An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and ...)
 	{DSA-4403-1}
 	- php7.3 7.3.3-1
 	- php7.0 <removed>
 	- php5 <removed>
 	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77630
-CVE-2019-9641
+CVE-2019-9641 (An issue was discovered in the EXIF component in PHP before 7.1.27, 7. ...)
 	{DSA-4403-1}
 	- php7.3 7.3.3-1
 	- php7.0 <removed>
 	- php5 <removed>
 	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77509
-CVE-2019-9640
+CVE-2019-9640 (An issue was discovered in the EXIF component in PHP before 7.1.27, 7. ...)
 	{DSA-4403-1}
 	- php7.3 7.3.3-1
 	- php7.0 <removed>
 	- php5 <removed>
 	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77540
-CVE-2019-9639
+CVE-2019-9639 (An issue was discovered in the EXIF component in PHP before 7.1.27, 7. ...)
 	{DSA-4403-1}
 	- php7.3 7.3.3-1 (unimportant)
 	- php7.0 <removed> (unimportant)
 	- php5 <removed> (unimportant)
 	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77659
-CVE-2019-9638
+CVE-2019-9638 (An issue was discovered in the EXIF component in PHP before 7.1.27, 7. ...)
 	{DSA-4403-1}
 	- php7.3 7.3.3-1
 	- php7.0 <removed>
 	- php5 <removed>
 	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77563
-CVE-2019-9633
+CVE-2019-9633 (gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent ...)
 	[experimental] - glib2.0 2.59.2-1
 	- glib2.0 <unfixed> (bug #924344)
 	NOTE: https://gitlab.gnome.org/GNOME/glib/issues/1649
 	NOTE: https://gitlab.gnome.org/GNOME/glib/commit/d553d92d6e9f53cbe5a34166fcb919ba652c6a8e (2.59.2)
-CVE-2019-9632
+CVE-2019-9632 (ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability vi ...)
 	NOT-FOR-US: ESAFENET CDG
-CVE-2019-9631
+CVE-2019-9631 (Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBo ...)
 	- poppler <unfixed>
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/736
 	TODO: check details
@@ -589,22 +589,22 @@ CVE-2019-9628 [XML parser class fails to trap exceptions on malformed XML declar
 	NOTE: https://shibboleth.net/community/advisories/secadv_20190311.txt
 	NOTE: https://issues.shibboleth.net/jira/browse/CPPXT-143
 	NOTE: https://git.shibboleth.net/view/?p=cpp-xmltooling.git;a=commit;h=af27c422f551e16989ff6f1722d83614c8550eb5
-CVE-2019-9627
+CVE-2019-9627 (A buffer overflow in the kernel driver CybKernelTracker.sys in CyberAr ...)
 	NOT-FOR-US: CyberArk Endpoint Privilege Manager
-CVE-2019-9626
+CVE-2019-9626 (PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL Injection to in ...)
 	NOT-FOR-US: PHPSHE
-CVE-2019-9625
+CVE-2019-9625 (JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to cr ...)
 	NOT-FOR-US: JBMC DirectAdmin
 CVE-2019-XXXX [high memory usage with some long running sessions]
 	- proftpd-dfsg 1.3.5d-1 (bug #923926)
 	[stretch] - proftpd-dfsg <no-dsa> (Minor issue)
 	NOTE: https://github.com/proftpd/proftpd/issues/330#issuecomment-276891713
 	NOTE: https://forum.armbian.com/topic/9692-nanopi-neo-2-memory-leak-in-proftpd-even-worse-if-ssl-encrypted/?do=findComment&comment=73069
-CVE-2019-9624
+CVE-2019-9624 (Webmin 1.900 allows remote attackers to execute arbitrary code by leve ...)
 	- webmin <removed>
-CVE-2019-9623
+CVE-2019-9623 (Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code  ...)
 	NOT-FOR-US: Feng Office
-CVE-2019-9622
+CVE-2019-9622 (eBrigade through 4.5 allows Arbitrary File Download via ../ directory  ...)
 	NOT-FOR-US: eBrigade
 CVE-2019-9621
 	RESERVED
@@ -614,67 +614,67 @@ CVE-2019-9619
 	RESERVED
 CVE-2019-9618
 	RESERVED
-CVE-2019-9617
+CVE-2019-9617 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
 	NOT-FOR-US: OFCMS
-CVE-2019-9616
+CVE-2019-9616 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
 	NOT-FOR-US: OFCMS
-CVE-2019-9615
+CVE-2019-9615 (An issue was discovered in OFCMS before 1.1.3. It allows admin/system/ ...)
 	NOT-FOR-US: OFCMS
-CVE-2019-9614
+CVE-2019-9614 (An issue was discovered in OFCMS before 1.1.3. A command execution vul ...)
 	NOT-FOR-US: OFCMS
-CVE-2019-9613
+CVE-2019-9613 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
 	NOT-FOR-US: OFCMS
-CVE-2019-9612
+CVE-2019-9612 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
 	NOT-FOR-US: OFCMS
-CVE-2019-9611
+CVE-2019-9611 (An issue was discovered in OFCMS before 1.1.3. It allows admin/cms/tem ...)
 	NOT-FOR-US: OFCMS
-CVE-2019-9610
+CVE-2019-9610 (An issue was discovered in OFCMS before 1.1.3. It has admin/cms/templa ...)
 	NOT-FOR-US: OFCMS
-CVE-2019-9609
+CVE-2019-9609 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
 	NOT-FOR-US: OFCMS
-CVE-2019-9608
+CVE-2019-9608 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
 	NOT-FOR-US: OFCMS
-CVE-2019-9607
+CVE-2019-9607 (PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal by n ...)
 	NOT-FOR-US: PHP Scripts Mall Medical Store Script
-CVE-2019-9606
+CVE-2019-9606 (PHP Scripts Mall Personal Video Collection Script 4.0.4 has Stored XSS ...)
 	NOT-FOR-US: PHP Scripts Mall Personal Video Collection Script
 CVE-2019-9605
 	RESERVED
 CVE-2019-9604
 	RESERVED
-CVE-2019-9603
+CVE-2019-9603 (MiniCMS 1.10 allows mc-admin/post.php?state=publish&amp;delete= CSRF t ...)
 	NOT-FOR-US: MiniCMS
 CVE-2019-9602
 	RESERVED
-CVE-2019-9601
+CVE-2019-9601 (The ApowerManager application through 3.1.7 for Android allows remote  ...)
 	NOT-FOR-US: ApowerManager application for Android
-CVE-2019-9600
+CVE-2019-9600 (The Olive Tree FTP Server (aka com.theolivetree.ftpserver) application ...)
 	NOT-FOR-US: Olive Tree FTP Server application for Android
-CVE-2019-9599
+CVE-2019-9599 (The AirDroid application through 4.2.1.6 for Android allows remote att ...)
 	NOT-FOR-US: AirDroid application for Android
-CVE-2019-9598
+CVE-2019-9598 (An issue was discovered in Cscms 4.1.0. There is an admin.php/pay CSRF ...)
 	NOT-FOR-US: Cscms
 CVE-2019-9597
 	RESERVED
 CVE-2019-9596
 	RESERVED
-CVE-2019-9595
+CVE-2019-9595 (AppCMS 2.0.101 allows XSS via the upload/callback.php params parameter ...)
 	NOT-FOR-US: AppCMS
-CVE-2019-9594
+CVE-2019-9594 (BlueCMS 1.6 allows SQL Injection via the user_id parameter in an uploa ...)
 	NOT-FOR-US: BlueCMS
-CVE-2019-9593
+CVE-2019-9593 (A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Conne ...)
 	NOT-FOR-US: ShoreTel Connect
-CVE-2019-9592
+CVE-2019-9592 (A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Conne ...)
 	NOT-FOR-US: ShoreTel Connect
-CVE-2019-9591
+CVE-2019-9591 (A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Conne ...)
 	NOT-FOR-US: ShoreTel Connect
-CVE-2019-9590
+CVE-2019-9590 (An issue was discovered on TENGCONTROL T-920 PLC v5.5 devices. It allo ...)
 	NOT-FOR-US: TENGCONTROL devices
-CVE-2019-9589
+CVE-2019-9589 (There is a NULL pointer dereference vulnerability in PSOutputDev::setu ...)
 	TODO: check
-CVE-2019-9588
+CVE-2019-9588 (There is an Invalid memory access in gAtomicIncrement() located at GMu ...)
 	TODO: check
-CVE-2019-9587
+CVE-2019-9587 (There is a stack consumption issue in md5Round1() located in Decrypt.c ...)
 	TODO: check
 CVE-2019-9586
 	RESERVED
@@ -686,13 +686,13 @@ CVE-2019-9583
 	RESERVED
 CVE-2019-9582
 	RESERVED
-CVE-2019-9581
+CVE-2019-9581 (phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via  ...)
 	NOT-FOR-US: phpscheduleit Booked Scheduler
-CVE-2019-9580
+CVE-2019-9580 (In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3,  ...)
 	NOT-FOR-US: StackStorm
 CVE-2019-9579
 	RESERVED
-CVE-2019-9578
+CVE-2019-9578 (In devs.c in Yubico libu2f-host before 1.1.8, the response to init is  ...)
 	- libu2f-host 1.1.9-1 (bug #923874)
 	NOTE: https://github.com/Yubico/libu2f-host/commit/e4bb58cc8b6202a421e65f8230217d8ae6e16eb5
 CVE-2019-9577
@@ -724,33 +724,33 @@ CVE-2019-XXXX [xen: race with pass-through device hotplug]
 CVE-2019-XXXX [xen: grant table transfer issues on large hosts]
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-284.html
-CVE-2019-9576
+CVE-2019-9576 (The Blog2Social plugin before 5.0.3 for WordPress allows wp-admin/admi ...)
 	NOT-FOR-US: WordPress plugin blog2social
-CVE-2019-9575
+CVE-2019-9575 (The Quiz And Survey Master plugin 6.0.4 for WordPress allows wp-admin/ ...)
 	NOT-FOR-US: WordPress plugin quiz-master-next
-CVE-2019-9574
+CVE-2019-9574 (The WP Human Resource Management plugin before 2.2.6 for WordPress doe ...)
 	NOT-FOR-US: WordPress plugin hrm
-CVE-2019-9573
+CVE-2019-9573 (The WP Human Resource Management plugin before 2.2.6 for WordPress mis ...)
 	NOT-FOR-US: WordPress plugin hrm
-CVE-2019-9572
+CVE-2019-9572 (SchoolCMS version 2.3.1 allows file upload via the theme upload featur ...)
 	NOT-FOR-US: SchoolCMS
 CVE-2019-9571
 	RESERVED
-CVE-2019-9570
+CVE-2019-9570 (An issue was discovered in YzmCMS 5.2.0. It has XSS via the bottom tex ...)
 	NOT-FOR-US: YzmCMS
 CVE-2019-9569
 	RESERVED
-CVE-2019-9568
+CVE-2019-9568 (The "Forminator Contact Form, Poll &amp; Quiz Builder" plugin before 1 ...)
 	NOT-FOR-US: WordPress plugin forminator
-CVE-2019-9567
+CVE-2019-9567 (The "Forminator Contact Form, Poll &amp; Quiz Builder" plugin before 1 ...)
 	NOT-FOR-US: WordPress plugin forminator
-CVE-2019-9566
+CVE-2019-9566 (FlarumChina v0.1.0-beta.7C has SQL injection via a /?q= request. ...)
 	NOT-FOR-US: FlarumChina
-CVE-2019-9565
+CVE-2019-9565 (Druide Antidote RX, HD, 8 before 8.05.2287, 9 before 9.5.3937 and 10 b ...)
 	NOT-FOR-US: Druide Antidote
 CVE-2019-9564
 	RESERVED
-CVE-2019-9563
+CVE-2019-9563 (In BlueMind 3.5.x before 3.5.11 Hotfix 7 and 4.x before 4.0-beta3, the ...)
 	NOT-FOR-US: BlueMind
 CVE-2019-9562
 	RESERVED
@@ -760,25 +760,25 @@ CVE-2019-9560
 	RESERVED
 CVE-2019-9559
 	RESERVED
-CVE-2019-9558
+CVE-2019-9558 (Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site Scripti ...)
 	NOT-FOR-US: Mailtraq WebMail
-CVE-2019-9557
+CVE-2019-9557 (Ability Mail Server 4.2.6 has Persistent Cross Site Scripting (XSS) vi ...)
 	NOT-FOR-US: Ability Mail Server
 CVE-2019-9556
 	RESERVED
-CVE-2019-9555
+CVE-2019-9555 (Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, ...)
 	NOT-FOR-US: Sagemcom routers
 CVE-2019-9554
 	RESERVED
 CVE-2019-9553
 	RESERVED
-CVE-2019-9552
+CVE-2019-9552 (Eloan V3.0 through 2018-09-20 allows remote attackers to list files vi ...)
 	NOT-FOR-US: Eloan
-CVE-2019-9551
+CVE-2019-9551 (An issue was discovered in DOYO (aka doyocms) 2.3 through 2015-05-06.  ...)
 	NOT-FOR-US: doyocms
-CVE-2019-9550
+CVE-2019-9550 (DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS. ...)
 	NOT-FOR-US: DhCms
-CVE-2019-9549
+CVE-2019-9549 (An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-ad ...)
 	NOT-FOR-US: PopojiCMS
 CVE-2019-XXXX [insecure use of /tmp]
 	- bubblewrap 0.3.1-3 (unimportant; bug #923557)
@@ -790,16 +790,16 @@ CVE-2019-1002100 [kube-apiserver: DoS with crafted patch of type json-patch]
 	NOTE: https://github.com/kubernetes/kubernetes/pull/74000
 CVE-2019-9548
 	RESERVED
-CVE-2019-9547
+CVE-2019-9547 (In Storage Performance Development Kit (SPDK) before 19.01, a maliciou ...)
 	NOT-FOR-US: Storage Performance Development Kit (SPDK)
-CVE-2019-9546
+CVE-2019-9546 (SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege esca ...)
 	NOT-FOR-US: SolarWinds Orion Platform
-CVE-2019-9545
+CVE-2019-9545 (An issue was discovered in Poppler 0.74.0. A recursive function call,  ...)
 	- poppler <unfixed> (bug #923552)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/731
-CVE-2019-9544
+CVE-2019-9544 (An issue was discovered in Bento4 1.5.1-628. An out of bounds write oc ...)
 	NOT-FOR-US: Bento4
-CVE-2019-9543
+CVE-2019-9543 (An issue was discovered in Poppler 0.74.0. A recursive function call,  ...)
 	- poppler <unfixed> (bug #923553)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/730
 CVE-2019-9542
@@ -921,11 +921,11 @@ CVE-2019-9485 [Privilege escalation impersonate user]
 	[experimental] - gitlab 11.8.2-1
 	- gitlab 11.8.2-2 (bug #924447)
 	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
-CVE-2019-9484
+CVE-2019-9484 (The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb c ...)
 	NOT-FOR-US: Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool
-CVE-2019-9483
+CVE-2019-9483 (Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows  ...)
 	NOT-FOR-US: Amazon Ring Doorbell
-CVE-2019-9482
+CVE-2019-9482 (In MISP 2.4.102, an authenticated user can view sightings that they sh ...)
 	NOT-FOR-US: MISP
 CVE-2019-9481
 	RESERVED
@@ -1435,9 +1435,9 @@ CVE-2019-9229
 	RESERVED
 CVE-2019-9228
 	RESERVED
-CVE-2019-9227
+CVE-2019-9227 (An issue was discovered in baigo CMS 2.1.1. There is a vulnerability t ...)
 	NOT-FOR-US: baigo CMS
-CVE-2019-9226
+CVE-2019-9226 (An issue was discovered in baigo CMS 2.1.1. There is a persistent XSS  ...)
 	NOT-FOR-US: baigo CMS
 CVE-2019-9225 [Issue board name disclosure]
 	RESERVED
@@ -1483,39 +1483,39 @@ CVE-2019-9217 [NPM automatic package referencer]
 	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
 CVE-2019-9216
 	RESERVED
-CVE-2019-9215
+CVE-2019-9215 (In Live555 before 2019.02.27, malformed headers lead to invalid memory ...)
 	{DSA-4408-1 DLA-1720-1}
 	[experimental] - liblivemedia 2019.02.27-1
 	- liblivemedia <unfixed> (bug #924655)
 	NOTE: Reporter advisory and analysis: https://tools.cisco.com/security/center/viewAlert.x?alertId=59708
-CVE-2019-9214
+CVE-2019-9214 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector c ...)
 	- wireshark 2.6.7-1 (bug #923611)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15536
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c557bb0910be271e49563756411a690a1bc53ce5
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-08.html
-CVE-2019-9213
+CVE-2019-9213 (In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lack ...)
 	- linux 4.19.28-1
 	NOTE: Fixed by: https://git.kernel.org/linus/0a1d52994d440e21def1c2174932410b4f2a98a1 (5.0)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1792
-CVE-2019-9212
+CVE-2019-9212 (SOFA-Hessian through 4.0.2 allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: SOFA-Hessian
-CVE-2019-9211
+CVE-2019-9211 (There is a reachable assertion abort in the function write_long_string ...)
 	- pspp <unfixed> (unimportant; bug #923417)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683499
 	NOTE: Crash in CLI tool, no security impact
-CVE-2019-9210
+CVE-2019-9210 (In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer  ...)
 	{DLA-1702-1}
 	- advancecomp 2.1-2 (low; bug #923416)
 	[stretch] - advancecomp <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/advancemame/bugs/277/
 	NOTE: Fixed by https://github.com/amadvance/advancecomp/commit/fcf71a89265c78fc26243574dda3a872574a5c02
-CVE-2019-9209
+CVE-2019-9209 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and rel ...)
 	- wireshark 2.6.7-1 (bug #923611)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15447
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f8fbe9f934d65b2694fa74622e5eb2e1dc8cd20b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-06.html
-CVE-2019-9208
+CVE-2019-9208 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector co ...)
 	- wireshark 2.6.7-1 (bug #923611)
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15464
@@ -1533,14 +1533,14 @@ CVE-2019-9203
 	RESERVED
 CVE-2019-9202
 	RESERVED
-CVE-2019-9201
+CVE-2019-9201 (Phoenix Contact ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/ ...)
 	NOT-FOR-US: Phoenix Contact ILC
-CVE-2019-9200
+CVE-2019-9200 (A heap-based buffer underwrite exists in ImageStream::getLine() locate ...)
 	{DLA-1706-1}
 	- poppler <unfixed> (bug #923414)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/728
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/f4136a6353162db249f63ddb0f20611622ab61b4
-CVE-2019-9199
+CVE-2019-9199 (PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoD ...)
 	- libpodofo <unfixed> (low; bug #923469)
 	[stretch] - libpodofo <no-dsa> (Minor issue)
 	[jessie] - libpodofo <no-dsa> (Minor issue)
@@ -1551,13 +1551,13 @@ CVE-2019-9197
 	RESERVED
 CVE-2019-9196
 	RESERVED
-CVE-2019-9195
+CVE-2019-9195 (util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An a ...)
 	NOT-FOR-US: Grin
-CVE-2019-9194
+CVE-2019-9194 (elFinder before 2.1.48 has a command injection vulnerability in the PH ...)
 	NOT-FOR-US: elFinder
 CVE-2019-9193
 	RESERVED
-CVE-2019-9191
+CVE-2019-9191 (The ETSI Enterprise Transport Security (ETS, formerly known as eTLS) p ...)
 	NOT-FOR-US: ETSI protocol
 CVE-2019-9190
 	RESERVED
@@ -1577,15 +1577,15 @@ CVE-2019-9187 [Server-side request forgery via aggregate plugin]
 	NOTE: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=9a275b2
 CVE-2019-9186
 	RESERVED
-CVE-2019-9185
+CVE-2019-9185 (Controller/Async/FilesystemManager.php in the filemanager in Bolt befo ...)
 	NOT-FOR-US: Bolt CMS
-CVE-2019-9184
+CVE-2019-9184 (SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for ...)
 	NOT-FOR-US: J2Store plugin for Joomla!
 CVE-2019-9183
 	RESERVED
-CVE-2019-9182
+CVE-2019-9182 (There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /admin015/save.php?act=e ...)
 	NOT-FOR-US: ZZZCMS
-CVE-2019-9181
+CVE-2019-9181 (SchoolCMS version 2.3.1 allows file upload via the logo upload feature ...)
 	NOT-FOR-US: SchoolCMS
 CVE-2019-9180
 	RESERVED
@@ -1633,7 +1633,7 @@ CVE-2019-9170 [IDOR milestone name information disclosure]
 	[experimental] - gitlab 11.8.2-1
 	- gitlab 11.8.2-2 (bug #924447)
 	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
-CVE-2019-9169
+CVE-2019-9169 (In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_n ...)
 	- glibc <unfixed> (bug #924612)
 	[stretch] - glibc <no-dsa> (Minor issue)
 	[jessie] - glibc <no-dsa> (Minor issue)
@@ -1642,7 +1642,7 @@ CVE-2019-9169
 	NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24114
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9
-CVE-2019-9168
+CVE-2019-9168 (WooCommerce before 3.5.5 allows XSS via a Photoswipe caption. ...)
 	NOT-FOR-US: WooCommerce
 CVE-2019-9167
 	RESERVED
@@ -1666,11 +1666,11 @@ CVE-2019-9157
 	RESERVED
 CVE-2019-9156
 	RESERVED
-CVE-2019-9192
+CVE-2019-9192 (** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, ...)
 	- glibc <unfixed> (unimportant)
 	- eglibc <removed> (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24269
-CVE-2019-9162
+CVE-2019-9162 (In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_bas ...)
 	- linux 4.19.28-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -1682,10 +1682,10 @@ CVE-2019-9154
 	RESERVED
 CVE-2019-9153
 	RESERVED
-CVE-2019-9152
+CVE-2019-9152 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul8
-CVE-2019-9151
+CVE-2019-9151 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul7
 CVE-2019-9150
@@ -1696,19 +1696,19 @@ CVE-2019-9148
 	RESERVED
 CVE-2019-9147
 	RESERVED
-CVE-2019-9146
+CVE-2019-9146 (Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain  ...)
 	NOT-FOR-US: Jamf Self Service
-CVE-2019-9145
+CVE-2019-9145 (An issue was discovered in Hsycms V1.1. There is an XSS vulnerability  ...)
 	NOT-FOR-US: Hsycms
-CVE-2019-9144
+CVE-2019-9144 (An issue was discovered in Exiv2 0.27. There is infinite recursion at  ...)
 	[experimental] - exiv2 <unfixed> (low; bug #923473)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/712
-CVE-2019-9143
+CVE-2019-9143 (An issue was discovered in Exiv2 0.27. There is infinite recursion at  ...)
 	[experimental] - exiv2 <unfixed> (low; bug #923472)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/711
-CVE-2019-9142
+CVE-2019-9142 (An issue was discovered in b3log Symphony (aka Sym) before v3.4.7. XSS ...)
 	NOT-FOR-US: b3log Symphony (aka Sym)
 CVE-2019-9141
 	RESERVED
@@ -1740,47 +1740,47 @@ CVE-2019-9128
 	RESERVED
 CVE-2019-9127
 	RESERVED
-CVE-2019-9126
+CVE-2019-9126 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is ...)
 	NOT-FOR-US: D-Link
-CVE-2019-9125
+CVE-2019-9125 (An issue was discovered on D-Link DIR-878 1.12B01 devices. Because str ...)
 	NOT-FOR-US: D-Link
-CVE-2019-9124
+CVE-2019-9124 (An issue was discovered on D-Link DIR-878 1.12B01 devices. At the /HNA ...)
 	NOT-FOR-US: D-Link
-CVE-2019-9123
+CVE-2019-9123 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. The "use ...)
 	NOT-FOR-US: D-Link
-CVE-2019-9122
+CVE-2019-9122 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They all ...)
 	NOT-FOR-US: D-Link
-CVE-2019-9121
+CVE-2019-9121 (An issue was discovered on Motorola C1 and M2 devices with firmware 1. ...)
 	NOT-FOR-US: Motorola
-CVE-2019-9120
+CVE-2019-9120 (An issue was discovered on Motorola C1 and M2 devices with firmware 1. ...)
 	NOT-FOR-US: Motorola
-CVE-2019-9119
+CVE-2019-9119 (An issue was discovered on Motorola C1 and M2 devices with firmware 1. ...)
 	NOT-FOR-US: Motorola
-CVE-2019-9118
+CVE-2019-9118 (An issue was discovered on Motorola C1 and M2 devices with firmware 1. ...)
 	NOT-FOR-US: Motorola
-CVE-2019-9117
+CVE-2019-9117 (An issue was discovered on Motorola C1 and M2 devices with firmware 1. ...)
 	NOT-FOR-US: Motorola
-CVE-2019-9116
+CVE-2019-9116 (** DISPUTED ** DLL hijacking is possible in Sublime Text 3 version 3.1 ...)
 	NOT-FOR-US: Sublime Text Windows build
-CVE-2019-9115
+CVE-2019-9115 (In irisnet-crypto before 1.1.7 for IRISnet, the util/utils.js file all ...)
 	NOT-FOR-US: IRISnet
-CVE-2019-9114
+CVE-2019-9114 (Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in t ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/170
-CVE-2019-9113
+CVE-2019-9113 (Ming (aka libming) 0.4.8 has a NULL pointer dereference in the functio ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/171
-CVE-2019-9112
+CVE-2019-9112 (The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-os ...)
 	NOT-FOR-US: Xiaomi-specific driver not in the mainline msm driver
-CVE-2019-9111
+CVE-2019-9111 (The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-os ...)
 	NOT-FOR-US: Xiaomi-specific driver not in the mainline msm driver
-CVE-2019-9110
+CVE-2019-9110 (XSS exists in WUZHI CMS 4.1.0 via index.php?m=content&amp;f=postinfo&a ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2019-9109
+CVE-2019-9109 (XSS exists in WUZHI CMS 4.1.0 via index.php?m=message&amp;f=message&am ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2019-9108
+CVE-2019-9108 (XSS exists in WUZHI CMS 4.1.0 via index.php?m=core&amp;f=map&amp;v=bai ...)
 	NOT-FOR-US: WUZHI CMS
-CVE-2019-9107
+CVE-2019-9107 (XSS exists in WUZHI CMS 4.1.0 via index.php?m=attachment&amp;f=imagecu ...)
 	NOT-FOR-US: WUZHI CMS
 CVE-2019-9106
 	RESERVED
@@ -1832,61 +1832,61 @@ CVE-2019-9085
 CVE-2019-9084
 	RESERVED
 	- hoteldruid 2.3.2-1
-CVE-2019-9083
+CVE-2019-9083 (SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanage ...)
 	TODO: check
-CVE-2019-9082
+CVE-2019-9082 (ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other pro ...)
 	NOT-FOR-US: ThinkPHP
-CVE-2019-9081
+CVE-2019-9081 (The Illuminate component of Laravel Framework 5.7.x has a deserializat ...)
 	NOT-FOR-US: Laravel Framework
 CVE-2019-9080
 	RESERVED
 CVE-2019-9079
 	RESERVED
-CVE-2019-9078
+CVE-2019-9078 (zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter b ...)
 	NOT-FOR-US: zzcms
-CVE-2019-9077
+CVE-2019-9077 (An issue was discovered in GNU Binutils 2.32. It is a heap-based buffe ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24243
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7fc0c668f2aceb8582d74db1ad2528e2bba8a921
-CVE-2019-9076
+CVE-2019-9076 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24238
-CVE-2019-9075
+CVE-2019-9075 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24236
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8abac8031ed369a2734b1cdb7df28a39a54b4b49
-CVE-2019-9074
+CVE-2019-9074 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24235
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=179f2db0d9c397d7dd8a59907b84208b79f7f48c
-CVE-2019-9073
+CVE-2019-9073 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24233
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7d272a55caebfc26ab2e15d1e9439bac978b9bb7
-CVE-2019-9072
+CVE-2019-9072 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89396
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24232
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24237
-CVE-2019-9071
+CVE-2019-9071 (An issue was discovered in GNU libiberty, as distributed in GNU Binuti ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24227
-CVE-2019-9070
+CVE-2019-9070 (An issue was discovered in GNU libiberty, as distributed in GNU Binuti ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
@@ -1898,15 +1898,15 @@ CVE-2019-9068
 	RESERVED
 CVE-2019-9067
 	RESERVED
-CVE-2019-9066
+CVE-2019-9066 (PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML inje ...)
 	NOT-FOR-US: PHP Scripts Mall PHP Appointment Booking Script
-CVE-2019-9065
+CVE-2019-9065 (PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows paramete ...)
 	NOT-FOR-US: PHP Scripts Mall Custom T-Shirt Ecommerce Script
-CVE-2019-9064
+CVE-2019-9064 (PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal i ...)
 	NOT-FOR-US: PHP Scripts Mall Cab Booking Script
-CVE-2019-9063
+CVE-2019-9063 (PHP Scripts Mall Auction website script 2.0.4 allows parameter tamperi ...)
 	NOT-FOR-US: PHP Scripts Mall Auction website script
-CVE-2019-9062
+CVE-2019-9062 (PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Reques ...)
 	NOT-FOR-US: PHP Scripts Mall Online Food Ordering Script
 CVE-2019-9061
 	RESERVED
@@ -1926,17 +1926,17 @@ CVE-2019-9054
 	RESERVED
 CVE-2019-9053
 	RESERVED
-CVE-2019-9052
+CVE-2019-9052 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerabi ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2019-9051
+CVE-2019-9051 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerabi ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2019-9050
+CVE-2019-9050 (An issue was discovered in Pluck 4.7.9-dev1. It allows administrators  ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2019-9049
+CVE-2019-9049 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerabi ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2019-9048
+CVE-2019-9048 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerabi ...)
 	NOT-FOR-US: Pluck CMS
-CVE-2019-9047
+CVE-2019-9047 (GoRose v1.0.4 has SQL Injection when the order_by or group_by paramete ...)
 	NOT-FOR-US: GoRose
 CVE-2019-9046
 	RESERVED
@@ -1946,88 +1946,88 @@ CVE-2019-9044
 	RESERVED
 CVE-2019-9043
 	RESERVED
-CVE-2019-9042
+CVE-2019-9042 (An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt= ...)
 	NOT-FOR-US: Sitemagic CMS
-CVE-2019-9041
+CVE-2019-9041 (An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_templa ...)
 	NOT-FOR-US: ZZZCMS
-CVE-2019-9040
+CVE-2019-9040 (S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via th ...)
 	NOT-FOR-US: S-CMS
 CVE-2019-9039
 	RESERVED
-CVE-2019-9038
+CVE-2019-9038 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9037
+CVE-2019-9037 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9036
+CVE-2019-9036 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 	NOTE: Not completely fixed with the initial two commits, cf.
 	NOTE: https://github.com/tbeu/matio/issues/103#issuecomment-472020538 ff
-CVE-2019-9035
+CVE-2019-9035 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9034
+CVE-2019-9034 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9033
+CVE-2019-9033 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9032
+CVE-2019-9032 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9031
+CVE-2019-9031 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9030
+CVE-2019-9030 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9029
+CVE-2019-9029 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9028
+CVE-2019-9028 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9027
+CVE-2019-9027 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9026
+CVE-2019-9026 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio <unfixed> (bug #924185)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
-CVE-2019-9019
+CVE-2019-9019 (The British Airways Entertainment System, as installed on Boeing 777-3 ...)
 	NOT-FOR-US: British Airways Entertainment System
-CVE-2019-9025
+CVE-2019-9025 (An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyt ...)
 	- php7.3 7.3.1-1
 	NOTE: Fixed in 7.3.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77367
-CVE-2019-9024
+CVE-2019-9024 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
 	{DSA-4398-1 DLA-1679-1}
 	- php7.3 7.3.1-1
 	- php7.0 <removed>
@@ -2035,7 +2035,7 @@ CVE-2019-9024
 	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77380
 	NOTE: https://github.com/php/php-src/commit/4feb9e66ff9636ad44bc23a91b7ebd37d83ddf1d (7.1)
-CVE-2019-9023
+CVE-2019-9023 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
 	{DSA-4398-1 DLA-1679-1}
 	- php7.3 7.3.1-1
 	- php7.0 <removed>
@@ -2052,7 +2052,7 @@ CVE-2019-9023
 	NOTE: https://github.com/php/php-src/commit/31f59e1f3074ab344b473dde6077a6844ca87264 (7.1)
 	NOTE: https://github.com/php/php-src/commit/28362ed4fae6969b5a8878591a5a06eadf114e03 (7.1)
 	NOTE: https://github.com/php/php-src/commit/9d6c59eeea88a3e9d7039cb4fed5126ef704593a (7.1)
-CVE-2019-9022
+CVE-2019-9022 (An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, ...)
 	{DSA-4398-1}
 	- php7.3 7.3.2-1
 	- php7.0 <removed>
@@ -2060,7 +2060,7 @@ CVE-2019-9022
 	NOTE: Fixed in 7.1.26, 7.2.14, 7.3.2
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77369
 	NOTE: https://github.com/php/php-src/commit/8d3dfabef459fe7815e8ea2fd68753fd17859d7b (7.1)
-CVE-2019-9021
+CVE-2019-9021 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
 	{DSA-4398-1 DLA-1679-1}
 	- php7.3 7.3.1-1
 	- php7.0 <removed>
@@ -2068,7 +2068,7 @@ CVE-2019-9021
 	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77247
 	NOTE: https://github.com/php/php-src/commit/78bd3477745f1ada9578a79f61edb41886bec1cb (7.1)
-CVE-2019-9020
+CVE-2019-9020 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
 	{DSA-4398-1 DLA-1679-1}
 	- php7.3 7.3.1-1
 	- php7.0 <removed>
@@ -2081,9 +2081,9 @@ CVE-2019-9018
 	RESERVED
 CVE-2019-9017
 	RESERVED
-CVE-2019-9016
+CVE-2019-9016 (An XSS vulnerability was discovered in MOPCMS through 2018-11-30. Ther ...)
 	NOT-FOR-US: MOPCMS
-CVE-2019-9015
+CVE-2019-9015 (A Path Traversal vulnerability was discovered in MOPCMS through 2018-1 ...)
 	NOT-FOR-US: MOPCMS
 CVE-2019-9014
 	RESERVED
@@ -2105,14 +2105,14 @@ CVE-2019-9006
 	RESERVED
 CVE-2019-9005
 	RESERVED
-CVE-2019-9004
+CVE-2019-9004 (In Eclipse Wakaama (formerly liblwm2m) 1.0, core/er-coap-13/er-coap-13 ...)
 	NOT-FOR-US: Eclipse Wakaama
-CVE-2019-9003
+CVE-2019-9003 (In the Linux kernel before 4.20.5, attackers can trigger a drivers/cha ...)
 	- linux 4.19.20-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/77f8269606bf95fcb232ee86f6da80886f1dfae8
-CVE-2019-9002
+CVE-2019-9002 (An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through  ...)
 	NOT-FOR-US: Tiny Issue
 CVE-2019-9001
 	RESERVED
@@ -2124,7 +2124,7 @@ CVE-2019-8998
 	RESERVED
 CVE-2019-8997
 	RESERVED
-CVE-2019-8996
+CVE-2019-8996 (In Signiant Manager+Agents before 13.5, the implementation of the set  ...)
 	NOT-FOR-US: Signiant
 CVE-2019-8995
 	RESERVED
@@ -2144,23 +2144,23 @@ CVE-2019-8988
 	RESERVED
 CVE-2019-8987
 	RESERVED
-CVE-2019-8986
+CVE-2019-8986 (The SOAP API component vulnerability of TIBCO Software Inc.'s TIBCO Ja ...)
 	NOT-FOR-US: TIBCO
-CVE-2019-8985
+CVE-2019-8985 (On Netis WF2880 and WF2411 2.1.36123 devices, there is a stack-based b ...)
 	NOT-FOR-US: Netis devices
-CVE-2019-8984
+CVE-2019-8984 (MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 2 of 2) ...)
 	NOT-FOR-US: MDaemon Webmail
-CVE-2019-8983
+CVE-2019-8983 (MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 1 of 2) ...)
 	NOT-FOR-US: MDaemon Webmail
-CVE-2019-8982
+CVE-2019-8982 (com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishan ...)
 	NOT-FOR-US: WaveMaker Studio
 CVE-2019-8981
 	RESERVED
-CVE-2019-8980
+CVE-2019-8980 (A memory leak in the kernel_read_file function in fs/exec.c in the Lin ...)
 	- linux 4.19.28-1
 	NOTE: https://lore.kernel.org/lkml/20190219021038.11340-1-yuehaibing@huawei.com/
 	NOTE: https://lore.kernel.org/lkml/20190219022512.GW2217@ZenIV.linux.org.uk/
-CVE-2019-8979
+CVE-2019-8979 (Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection whe ...)
 	- libkohana2-php <removed>
 	[jessie] - libkohana2-php <not-affected> (orderby function properly checks for allowed values)
 	NOTE: https://github.com/huzr2018/orderby_SQLi/tree/master/kohana
@@ -2225,35 +2225,35 @@ CVE-2019-1000041
 	REJECTED
 CVE-2019-1000030
 	REJECTED
-CVE-2019-8955
+CVE-2019-8955 (In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5. ...)
 	- tor 0.3.5.8-1
 	[stretch] - tor <not-affected> (Only affects 0.3.2.1 and later)
 	[jessie] - tor <not-affected> (Only affects 0.3.2.1 and later)
 	NOTE: https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312
 	NOTE: https://trac.torproject.org/projects/tor/ticket/29168
-CVE-2019-8954
+CVE-2019-8954 (In Indexhibit 2.1.5, remote attackers can execute arbitrary code via t ...)
 	NOT-FOR-US: Indexhibit
-CVE-2019-8953
+CVE-2019-8953 (The HAProxy package before 0.59_16 for pfSense has XSS via the desc (a ...)
 	NOT-FOR-US: HAProxy package for pfSense
 CVE-2019-8952
 	RESERVED
 CVE-2019-8951
 	RESERVED
-CVE-2019-1003028
+CVE-2019-1003028 (A server-side request forgery vulnerability exists in Jenkins JMS Mess ...)
 	NOT-FOR-US: Jenkins
-CVE-2019-1003027
+CVE-2019-1003027 (A server-side request forgery vulnerability exists in Jenkins OctopusD ...)
 	NOT-FOR-US: Jenkins
-CVE-2019-1003026
+CVE-2019-1003026 (A server-side request forgery vulnerability exists in Jenkins Mattermo ...)
 	NOT-FOR-US: Jenkins
-CVE-2019-1003025
+CVE-2019-1003025 (A exposure of sensitive information vulnerability exists in Jenkins Cl ...)
 	NOT-FOR-US: Jenkins
-CVE-2019-1003024
+CVE-2019-1003024 (A sandbox bypass vulnerability exists in Jenkins Script Security Plugi ...)
 	NOT-FOR-US: Jenkins
-CVE-2019-8950
+CVE-2019-8950 (The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices w ...)
 	NOT-FOR-US: DASAN
 CVE-2019-8949
 	RESERVED
-CVE-2019-8948
+CVE-2019-8948 (PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script i ...)
 	NOT-FOR-US: PaperCut MF
 CVE-2019-8947
 	RESERVED
@@ -2261,12 +2261,12 @@ CVE-2019-8946
 	RESERVED
 CVE-2019-8945
 	RESERVED
-CVE-2019-8944
+CVE-2019-8944 (An Information Exposure issue in the Terraform deployment step in Octo ...)
 	NOT-FOR-US: Terraform
-CVE-2019-8943
+CVE-2019-8943 (WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ...)
 	- wordpress <unfixed> (bug #923583)
 	NOTE: https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
-CVE-2019-8942
+CVE-2019-8942 (WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code executi ...)
 	{DSA-4401-1}
 	- wordpress 5.0.1+dfsg1-1
 	NOTE: https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
@@ -2275,9 +2275,9 @@ CVE-2019-8941
 	RESERVED
 CVE-2019-8940
 	RESERVED
-CVE-2019-8939
+CVE-2019-8939 (data/interfaces/default/history.html in Tautulli 2.1.26 has XSS via a  ...)
 	NOT-FOR-US: Tautulli
-CVE-2019-8938
+CVE-2019-8938 (VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter ...)
 	TODO: check
 CVE-2019-8937
 	RESERVED
@@ -2290,14 +2290,14 @@ CVE-2019-8936 [Crafted null dereference attack in authenticated mode 6 packet]
 	NOTE: http://bk.ntp.org/ntp-stable/ntpd/ntp_control.c?PAGE=diffs&REV=5c8106e7wWtXdh0lzg1ytlWribBTcQ
 	NOTE: Relates/corresponds to https://gitlab.com/NTPsec/ntpsec/issues/509 for ntpsec
 	NOTE: which has a separate CVE id CVE-2019-6445 specifically for src:ntpsec
-CVE-2019-8934 [ppc64: sPAPR emulator leaks the host hardware identity]
+CVE-2019-8934 (hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure becau ...)
 	- qemu <unfixed> (bug #922923)
 	[buster] - qemu <ignored> (Too intrusive to backport, marginal impact)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-02/msg04821.html
-CVE-2019-8933
+CVE-2019-8933 (In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ di ...)
 	NOT-FOR-US: DedeCMS
-CVE-2019-8935
+CVE-2019-8935 (Collabtive 3.1 allows XSS via the manageuser.php?action=profile id par ...)
 	- collabtive <removed>
 	[jessie] - collabtive <ignored> (Minor issue)
 CVE-2019-8932
@@ -2326,11 +2326,11 @@ CVE-2019-8921
 	RESERVED
 CVE-2019-8920
 	RESERVED
-CVE-2019-8919
+CVE-2019-8919 (The seadroid (aka Seafile Android Client) application through 2.2.13 f ...)
 	NOT-FOR-US: Seafile Android Client
 CVE-2019-8918
 	RESERVED
-CVE-2019-8917
+CVE-2019-8917 (SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code exe ...)
 	NOT-FOR-US: SolarWinds Orion NPM
 CVE-2019-8916
 	RESERVED
@@ -2340,45 +2340,45 @@ CVE-2019-8914
 	RESERVED
 CVE-2019-8913
 	RESERVED
-CVE-2019-8912
+CVE-2019-8912 (In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg ...)
 	- linux 4.19.28-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
-CVE-2019-8911
+CVE-2019-8911 (An issue was discovered in WTCMS 1.0. It has stored XSS via the third  ...)
 	NOT-FOR-US: WTCMS
-CVE-2019-8910
+CVE-2019-8910 (An issue was discovered in WTCMS 1.0. It allows index.php?g=admin&amp; ...)
 	NOT-FOR-US: WTCMS
-CVE-2019-8909
+CVE-2019-8909 (An issue was discovered in WTCMS 1.0. It allows remote attackers to ca ...)
 	NOT-FOR-US: WTCMS
-CVE-2019-8908
+CVE-2019-8908 (An issue was discovered in WTCMS 1.0. It allows remote attackers to ex ...)
 	NOT-FOR-US: WTCMS
-CVE-2019-8907
+CVE-2019-8907 (do_core_note in readelf.c in libmagic.a in file 5.35 allows remote att ...)
 	{DLA-1698-1}
 	- file 1:5.35-3 (bug #922968)
 	NOTE: https://bugs.astron.com/view.php?id=65
 	NOTE: https://github.com/file/file/commit/d65781527c8134a1202b2649695d48d5701ac60b
-CVE-2019-8906
+CVE-2019-8906 (do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bou ...)
 	- file 1:5.35-3 (bug #922969)
 	[stretch] - file <not-affected> (vulnerable code introduced later)
 	[jessie] - file <not-affected> (vulnerable code introduced later)
 	NOTE: https://bugs.astron.com/view.php?id=64
 	NOTE: Introduced by: https://github.com/file/file/commit/0ac0678c52e248fd2a632a84b638694f205aef9d (FILE5_31)
 	NOTE: Fixed by: https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f (FILE5_36)
-CVE-2019-8905
+CVE-2019-8905 (do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based ...)
 	{DLA-1698-1}
 	- file 1:5.35-3 (bug #922968)
 	NOTE: https://bugs.astron.com/view.php?id=63
 	NOTE: https://github.com/file/file/commit/d65781527c8134a1202b2649695d48d5701ac60b
-CVE-2019-8904
+CVE-2019-8904 (do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based  ...)
 	- file 1:5.35-3 (bug #922967)
 	[stretch] - file <not-affected> (vulnerable code introduced later)
 	[jessie] - file <not-affected> (vulnerable code introduced later)
 	NOTE: https://bugs.astron.com/view.php?id=62
 	NOTE: Introduced by: https://github.com/file/file/commit/76c55eae2f9b0b378332762f6dce544d05eb24d7 (FILE5_34)
 	NOTE: Fixed by: https://github.com/file/file/commit/94b7501f48e134e77716e7ebefc73d6bbe72ba55 (FILE5_36)
-CVE-2019-8903
+CVE-2019-8903 (index.js in Total.js Platform before 3.2.3 allows path traversal. ...)
 	NOT-FOR-US: Total.js Platform
-CVE-2019-8902
+CVE-2019-8902 (An issue was discovered in idreamsoft iCMS through 7.0.14. A CSRF vuln ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2019-8901
 	RESERVED
@@ -3302,51 +3302,51 @@ CVE-2019-8442
 	RESERVED
 CVE-2019-8441
 	RESERVED
-CVE-2019-8440
+CVE-2019-8440 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulner ...)
 	NOT-FOR-US: DiliCMS
-CVE-2019-8439
+CVE-2019-8439 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulner ...)
 	NOT-FOR-US: DiliCMS
-CVE-2019-8438
+CVE-2019-8438 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulner ...)
 	NOT-FOR-US: DiliCMS
-CVE-2019-8437
+CVE-2019-8437 (njiandan-cms through 2013-05-23 has index.php/admin/user_new CSRF to a ...)
 	NOT-FOR-US: njiandan-cms
-CVE-2019-8436
+CVE-2019-8436 (imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] par ...)
 	NOT-FOR-US: imcat
-CVE-2019-8435
+CVE-2019-8435 (admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host header. ...)
 	NOT-FOR-US: PHPMyWind
-CVE-2019-8434
+CVE-2019-8434 (In CmsEasy 7.0, there is XSS via the ckplayer.php autoplay parameter. ...)
 	NOT-FOR-US: CmsEasy
-CVE-2019-8433
+CVE-2019-8433 (JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/conso ...)
 	NOT-FOR-US: JTBC(PHP)
-CVE-2019-8432
+CVE-2019-8432 (In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter. ...)
 	NOT-FOR-US: CmsEasy
 CVE-2019-8431
 	RESERVED
 CVE-2019-8430
 	RESERVED
-CVE-2019-8429
+CVE-2019-8429 (ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php fil ...)
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8428
+CVE-2019-8428 (ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views ...)
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8427
+CVE-2019-8427 (daemonControl in includes/functions.php in ZoneMinder before 1.32.3 al ...)
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8426
+CVE-2019-8426 (skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS ...)
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8425
+CVE-2019-8425 (includes/database.php in ZoneMinder before 1.32.3 has XSS in the const ...)
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8424
+CVE-2019-8424 (ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sor ...)
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8423
+CVE-2019-8423 (ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/view ...)
 	- zoneminder <unfixed> (bug #922724)
-CVE-2019-8422
+CVE-2019-8422 (A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the descri ...)
 	NOT-FOR-US: PbootCMS
-CVE-2019-8421
+CVE-2019-8421 (upload/protected/modules/admini/views/post/index.php in BageCMS throug ...)
 	NOT-FOR-US: BageCMS
 CVE-2019-8420
 	RESERVED
-CVE-2019-8419
+CVE-2019-8419 (VNote 2.2 has XSS via a new text note. ...)
 	NOT-FOR-US: VNote
-CVE-2019-8418
+CVE-2019-8418 (SeaCMS 7.2 mishandles member.php?mod=repsw4 requests. ...)
 	NOT-FOR-US: SeaCMS
 CVE-2019-8417
 	RESERVED
@@ -3356,19 +3356,19 @@ CVE-2019-8415
 	RESERVED
 CVE-2019-8414
 	RESERVED
-CVE-2019-8413
+CVE-2019-8413 (On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer derefer ...)
 	NOT-FOR-US: Xiaomi
-CVE-2019-8412
+CVE-2019-8412 (FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or del ...)
 	NOT-FOR-US: FeiFeiCms
-CVE-2019-8411
+CVE-2019-8411 (admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers t ...)
 	NOT-FOR-US: zzcms
-CVE-2019-8410
+CVE-2019-8410 (Maccms 8.0 allows XSS via the inc/config/cache.php t_key parameter bec ...)
 	NOT-FOR-US: Maccms
 CVE-2019-8409
 	RESERVED
-CVE-2019-8408
+CVE-2019-8408 (OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by  ...)
 	NOT-FOR-US: OneFileCMS
-CVE-2019-8407
+CVE-2019-8407 (HongCMS 3.0.0 allows arbitrary file read and write operations via a .. ...)
 	NOT-FOR-US: HongCMS
 CVE-2019-8406
 	RESERVED
@@ -3382,32 +3382,32 @@ CVE-2019-8402
 	RESERVED
 CVE-2019-8401
 	RESERVED
-CVE-2019-8400
+CVE-2019-8400 (ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/ ...)
 	NOT-FOR-US: ORY Hydra
 CVE-2019-8399
 	RESERVED
-CVE-2019-8398
+CVE-2019-8398 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul6
-CVE-2019-8397
+CVE-2019-8397 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul5
-CVE-2019-8396
+CVE-2019-8396 (A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 ...)
 	- hdf5 <undetermined>
 	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul4
-CVE-2019-8395
+CVE-2019-8395 (An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoh ...)
 	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
-CVE-2019-8394
+CVE-2019-8394 (Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allow ...)
 	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
-CVE-2019-8393
+CVE-2019-8393 (Hotels_Server through 2018-11-05 has SQL Injection via the API because ...)
 	NOT-FOR-US: Hotels_Server
-CVE-2019-8392
+CVE-2019-8392 (An issue was discovered on D-Link DIR-823G devices with firmware 1.02B ...)
 	NOT-FOR-US: D-Link
 CVE-2019-8391
 	RESERVED
 CVE-2019-8390
 	RESERVED
-CVE-2019-8389
+CVE-2019-8389 (A file-read vulnerability was identified in the Wi-Fi transfer feature ...)
 	NOT-FOR-US: Musicloud
 CVE-2019-8388
 	RESERVED
@@ -3419,35 +3419,35 @@ CVE-2019-8385
 	RESERVED
 CVE-2019-8384
 	RESERVED
-CVE-2019-8383
+CVE-2019-8383 (An issue was discovered in AdvanceCOMP before 2.1. An invalid memory a ...)
 	NOT-FOR-US: AdvanceCOMP
-CVE-2019-8382
+CVE-2019-8382 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereferenc ...)
 	NOT-FOR-US: Bento4
-CVE-2019-8381
+CVE-2019-8381 (An issue was discovered in Tcpreplay 4.3.1. An invalid memory access o ...)
 	- tcpreplay 4.3.1-2 (unimportant; bug #922622)
 	NOTE: https://github.com/appneta/tcpreplay/issues/538
 	NOTE: Crash in a CLI tool, no security impact
-CVE-2019-8380
+CVE-2019-8380 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereferenc ...)
 	NOT-FOR-US: Bento4
-CVE-2019-8379
+CVE-2019-8379 (An issue was discovered in AdvanceCOMP before 2.1. A NULL pointer dere ...)
 	NOT-FOR-US: AdvanceCOMP
-CVE-2019-8378
+CVE-2019-8378 (An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over- ...)
 	NOT-FOR-US: Bento4
-CVE-2019-8377
+CVE-2019-8377 (An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ...)
 	- tcpreplay 4.3.1-2 (unimportant; bug #922623)
 	NOTE: https://github.com/appneta/tcpreplay/issues/536
 	NOTE: Crash in a CLI tool, no security impact
-CVE-2019-8376
+CVE-2019-8376 (An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ...)
 	- tcpreplay 4.3.1-2 (unimportant; bug #922624)
 	NOTE: https://github.com/appneta/tcpreplay/issues/537
 	NOTE: Crash in a CLI tool, no security impact
-CVE-2019-8375
+CVE-2019-8375 (The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.9 ...)
 	TODO: check
 CVE-2019-8374
 	RESERVED
 CVE-2019-8373
 	RESERVED
-CVE-2019-8372
+CVE-2019-8372 (The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes f ...)
 	NOT-FOR-US: LG
 CVE-2019-8371
 	RESERVED
@@ -3465,28 +3465,28 @@ CVE-2019-8365
 	RESERVED
 CVE-2019-8364
 	RESERVED
-CVE-2019-8363
+CVE-2019-8363 (Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstr ...)
 	NOT-FOR-US: Verydows
-CVE-2019-8362
+CVE-2019-8362 (DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edi ...)
 	NOT-FOR-US: DedeCMS
-CVE-2019-8361
+CVE-2019-8361 (PHP Scripts Mall Responsive Video News Script has XSS via the Search B ...)
 	NOT-FOR-US: PHP Scripts Mall Responsive Video News Script
-CVE-2019-8360
+CVE-2019-8360 (Themerig Find a Place CMS Directory 1.5 has SQL Injection via the find ...)
 	NOT-FOR-US: Themerig Find a Place CMS Directory
 CVE-2019-8359
 	RESERVED
-CVE-2019-8358
+CVE-2019-8358 (In Hiawatha before 10.8.4, a remote attacker is able to do directory t ...)
 	NOT-FOR-US: Hiawatha
-CVE-2019-8357
+CVE-2019-8357 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c  ...)
 	- sox <unfixed>
 	NOTE: https://sourceforge.net/p/sox/bugs/318
-CVE-2019-8356
+CVE-2019-8356 (An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2  ...)
 	- sox <unfixed>
 	NOTE: https://sourceforge.net/p/sox/bugs/321
-CVE-2019-8355
+CVE-2019-8355 (An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integ ...)
 	- sox <unfixed>
 	NOTE: https://sourceforge.net/p/sox/bugs/320
-CVE-2019-8354
+CVE-2019-8354 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c  ...)
 	- sox <unfixed>
 	NOTE: https://sourceforge.net/p/sox/bugs/319
 CVE-2019-8353
@@ -3501,22 +3501,22 @@ CVE-2019-8349
 	RESERVED
 CVE-2019-8348
 	RESERVED
-CVE-2019-8347
+CVE-2019-8347 (BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via ...)
 	NOT-FOR-US: BEESCMS
 CVE-2019-8346
 	RESERVED
-CVE-2019-8345
+CVE-2019-8345 (The Help feature in the ES File Explorer File Manager application 4.1. ...)
 	NOT-FOR-US: ES File Explorer File Manager
 CVE-2019-8344
 	RESERVED
-CVE-2019-8343
+CVE-2019-8343 (In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in past ...)
 	- nasm <unfixed> (bug #922433)
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392556
 CVE-2019-8342
 	RESERVED
-CVE-2019-8341
+CVE-2019-8341 (An issue was discovered in Jinja2 2.10. The from_string function is pr ...)
 	- jinja2 <unfixed> (unimportant)
 	NOTE: https://github.com/JameelNabbo/Jinja2-Code-execution
 	NOTE: No real security impact and upstream indicates the CVE is invalid
@@ -3526,17 +3526,17 @@ CVE-2019-8339
 	RESERVED
 CVE-2019-8338
 	RESERVED
-CVE-2019-8336
+CVE-2019-8336 (HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a c ...)
 	NOT-FOR-US: HashiCorp Consul
-CVE-2019-8335
+CVE-2019-8335 (An issue was discovered in SchoolCMS 2.3.1. There is an XSS vulnerabil ...)
 	NOT-FOR-US: SchoolCMS
-CVE-2019-8334
+CVE-2019-8334 (An issue was discovered in SchoolCMS 2.3.1. There is an XSS vulnerabil ...)
 	NOT-FOR-US: SchoolCMS
 CVE-2019-8333
 	RESERVED
 CVE-2019-8332
 	RESERVED
-CVE-2019-8331
+CVE-2019-8331 (In Bootstrap before 4.3.1, XSS is possible in the tooltip or popover d ...)
 	- twitter-bootstrap4 4.3.1+dfsg2-1
 	- twitter-bootstrap3 3.4.1+dfsg-1
 	[stretch] - twitter-bootstrap3 <no-dsa> (Minor issue)
@@ -3565,23 +3565,23 @@ CVE-2019-8321
 	RESERVED
 CVE-2019-8320
 	RESERVED
-CVE-2019-8319
+CVE-2019-8319 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
 	NOT-FOR-US: D-Link
-CVE-2019-8318
+CVE-2019-8318 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
 	NOT-FOR-US: D-Link
-CVE-2019-8317
+CVE-2019-8317 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
 	NOT-FOR-US: D-Link
-CVE-2019-8316
+CVE-2019-8316 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
 	NOT-FOR-US: D-Link
-CVE-2019-8315
+CVE-2019-8315 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
 	NOT-FOR-US: D-Link
-CVE-2019-8314
+CVE-2019-8314 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
 	NOT-FOR-US: D-Link
-CVE-2019-8313
+CVE-2019-8313 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
 	NOT-FOR-US: D-Link
-CVE-2019-8312
+CVE-2019-8312 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
 	NOT-FOR-US: D-Link
-CVE-2019-8337
+CVE-2019-8337 (In msmtp 1.8.2 and mpop 1.4.3, when tls_trust_file has its default con ...)
 	- mpop 1.4.3-1
 	[stretch] - mpop <not-affected> (Vulnerable code introduced later)
 	[jessie] - mpop <not-affected> (Vulnerable code introduced later)
@@ -3652,51 +3652,51 @@ CVE-2019-8282
 	RESERVED
 CVE-2019-8281
 	RESERVED
-CVE-2019-8280
+CVE-2019-8280 (UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC c ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8279
+CVE-2019-8279 (Multiple stored XSS in Vanilla Forums before 2.5 allow remote attacker ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2019-8278
+CVE-2019-8278 (Stored XSS in Invision Power Board versions 3.3.1 - 3.4.8 leads to Rem ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2019-8277
+CVE-2019-8277 (UltraVNC revision 1211 contains multiple memory leaks (CWE-655) in VNC ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8276
+CVE-2019-8276 (UltraVNC revision 1211 has a stack buffer overflow vulnerability in VN ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8275
+CVE-2019-8275 (UltraVNC revision 1211 has multiple improper null termination vulnerab ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8274
+CVE-2019-8274 (UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8273
+CVE-2019-8273 (UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8272
+CVE-2019-8272 (UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC  ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8271
+CVE-2019-8271 (UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8270
+CVE-2019-8270 (UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC cli ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8269
+CVE-2019-8269 (UltraVNC revision 1206 has stack-based Buffer overflow vulnerability i ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8268
+CVE-2019-8268 (UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC  ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8267
+CVE-2019-8267 (UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC cli ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8266
+CVE-2019-8266 (UltraVNC revision 1207 has multiple out-of-bounds access vulnerabiliti ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8265
+CVE-2019-8265 (UltraVNC revision 1207 has multiple out-of-bounds access vulnerabiliti ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8264
+CVE-2019-8264 (UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC c ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8263
+CVE-2019-8263 (UltraVNC revision 1205 has stack-based buffer overflow vulnerability i ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8262
+CVE-2019-8262 (UltraVNC revision 1203 has multiple heap buffer overflow vulnerabiliti ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8261
+CVE-2019-8261 (UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC c ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8260
+CVE-2019-8260 (UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC c ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8259
+CVE-2019-8259 (UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC ...)
 	NOT-FOR-US: UltraVNC
-CVE-2019-8258
+CVE-2019-8258 (UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC ...)
 	NOT-FOR-US: UltraVNC
 CVE-2019-8257
 	RESERVED
@@ -4706,7 +4706,7 @@ CVE-2019-7755
 	RESERVED
 CVE-2019-7754
 	RESERVED
-CVE-2019-7753
+CVE-2019-7753 (Verydows 2.0 has XSS via the index.php?m=api&amp;c=stats&amp;a=count r ...)
 	NOT-FOR-US: Verydows
 CVE-2019-7752
 	RESERVED
@@ -4716,49 +4716,49 @@ CVE-2019-7750
 	RESERVED
 CVE-2019-7749
 	RESERVED
-CVE-2019-7748
+CVE-2019-7748 (_includes\online.php in DbNinja 3.2.7 allows XSS via the data.php task ...)
 	NOT-FOR-US: DbNinja
-CVE-2019-7747
+CVE-2019-7747 (DbNinja 3.2.7 allows session fixation via the data.php sessid paramete ...)
 	NOT-FOR-US: DbNinja
 CVE-2019-7746
 	RESERVED
 CVE-2019-7745
 	RESERVED
-CVE-2019-7744
+CVE-2019-7744 (An issue was discovered in Joomla! before 3.9.3. Inadequate filtering  ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-7743
+CVE-2019-7743 (An issue was discovered in Joomla! before 3.9.3. The phar:// stream wr ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-7742
+CVE-2019-7742 (An issue was discovered in Joomla! before 3.9.3. A combination of spec ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-7741
+CVE-2019-7741 (An issue was discovered in Joomla! before 3.9.3. Inadequate checks at  ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-7740
+CVE-2019-7740 (An issue was discovered in Joomla! before 3.9.3. Inadequate parameter  ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-7739
+CVE-2019-7739 (An issue was discovered in Joomla! before 3.9.3. The "No Filtering" te ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-7738
+CVE-2019-7738 (C.P.Sub before 5.3 allows CSRF via a manage.php?p=article_del&amp;id=  ...)
 	NOT-FOR-US: C.P.Sub
-CVE-2019-7737
+CVE-2019-7737 (A CSRF vulnerability was found in Verydows v2.0 that can add an admin  ...)
 	NOT-FOR-US: Verydows
-CVE-2019-7736
+CVE-2019-7736 (D-Link DIR-600M C1 3.04 devices allow authentication bypass via a dire ...)
 	NOT-FOR-US: D-Link
 CVE-2019-7735
 	RESERVED
 CVE-2019-7734
 	RESERVED
-CVE-2019-7733
+CVE-2019-7733 (In Live555 0.95, there is a buffer overflow via a large integer in a C ...)
 	- liblivemedia <unfixed>
 	NOTE: https://github.com/rgaufman/live555/issues/21
-CVE-2019-7732
+CVE-2019-7732 (In Live555 0.95, a setup packet can cause a memory leak leading to DoS ...)
 	- liblivemedia <unfixed>
 	NOTE: https://github.com/rgaufman/live555/issues/20
-CVE-2019-7731
+CVE-2019-7731 (MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an  ...)
 	NOT-FOR-US: MyWebSQL
-CVE-2019-7730
+CVE-2019-7730 (MyWebSQL 3.7 has a Cross-site request forgery (CSRF) vulnerability for ...)
 	NOT-FOR-US: MyWebSQL
-CVE-2019-7729
+CVE-2019-7729 (An issue was discovered in the Bosch Smart Camera App before 1.3.1 for ...)
 	NOT-FOR-US: Bosch Smart Camera App
-CVE-2019-7728
+CVE-2019-7728 (An issue was discovered in the Bosch Smart Camera App before 1.3.1 for ...)
 	NOT-FOR-US: Bosch Smart Camera App
 CVE-2019-7727
 	RESERVED
@@ -4770,18 +4770,18 @@ CVE-2019-7724
 	RESERVED
 CVE-2019-7723
 	RESERVED
-CVE-2019-7722
+CVE-2019-7722 (PMD 5.8.1 and earlier processes XML external entities in ruleset files ...)
 	NOT-FOR-US: PMD
 CVE-2019-XXXX [fuse mount exposes backup to unauthorized users]
 	- borgbackup 1.1.9-1 (bug #922080)
 	NOTE: https://github.com/borgbackup/borg/issues/3903
-CVE-2019-7721
+CVE-2019-7721 (lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the  ...)
 	NOT-FOR-US: nc-cms
-CVE-2019-7720
+CVE-2019-7720 (taocms through 2014-05-24 allows eval injection by placing PHP code in ...)
 	NOT-FOR-US: taocms
-CVE-2019-7719
+CVE-2019-7719 (Nibbleblog 4.0.5 allows eval injection by placing PHP code in the inst ...)
 	NOT-FOR-US: Nibbleblog
-CVE-2019-7718
+CVE-2019-7718 (An issue was discovered in Metinfo 6.x. An attacker can leverage a rac ...)
 	NOT-FOR-US: Metinfo
 CVE-2019-7717
 	RESERVED
@@ -4809,26 +4809,26 @@ CVE-2019-7706
 	RESERVED
 CVE-2019-7705
 	RESERVED
-CVE-2019-7704
+CVE-2019-7704 (wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binarye ...)
 	- binaryen 64-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1866
-CVE-2019-7703
+CVE-2019-7703 (In Binaryen 1.38.22, there is a use-after-free problem in wasm::WasmBi ...)
 	- binaryen 64-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1865
-CVE-2019-7702
+CVE-2019-7702 (A NULL pointer dereference was discovered in wasm::SExpressionWasmBuil ...)
 	- binaryen 64-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1867
-CVE-2019-7701
+CVE-2019-7701 (A heap-based buffer over-read was discovered in wasm::SExpressionParse ...)
 	- binaryen 64-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1863
-CVE-2019-7700
+CVE-2019-7700 (A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilde ...)
 	- binaryen 64-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1864
-CVE-2019-7699
+CVE-2019-7699 (A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in C ...)
 	NOT-FOR-US: Bento4
-CVE-2019-7698
+CVE-2019-7698 (An issue was discovered in AP4_Array&lt;AP4_CttsTableEntry&gt;::Ensure ...)
 	NOT-FOR-US: Bento4
-CVE-2019-7697
+CVE-2019-7697 (An issue was discovered in Bento4 v1.5.1-627. There is an assertion fa ...)
 	NOT-FOR-US: Bento4
 CVE-2019-7696
 	RESERVED
@@ -4836,9 +4836,9 @@ CVE-2019-7695
 	RESERVED
 CVE-2019-7694
 	RESERVED
-CVE-2019-7693
+CVE-2019-7693 (Axios Italia Axios RE 1.7.0/7.0.0 devices have XSS via the RELogOff.as ...)
 	NOT-FOR-US: Axios Italia Axios RE devices
-CVE-2019-7692
+CVE-2019-7692 (install/install.php in CIM 0.9.3 allows remote attackers to execute ar ...)
 	NOT-FOR-US: CIM
 CVE-2019-7691
 	RESERVED
@@ -4854,7 +4854,7 @@ CVE-2019-7686
 	RESERVED
 CVE-2019-7685
 	RESERVED
-CVE-2019-7684
+CVE-2019-7684 (inxedu through 2018-12-24 has a vulnerability that can lead to the upl ...)
 	NOT-FOR-US: inxedu
 CVE-2019-7683
 	RESERVED
@@ -4866,17 +4866,17 @@ CVE-2019-7680
 	RESERVED
 CVE-2019-7679
 	RESERVED
-CVE-2019-7678
+CVE-2019-7678 (A directory traversal vulnerability was discovered in Enphase Envoy R3 ...)
 	NOT-FOR-US: Enphase Envoy
-CVE-2019-7677
+CVE-2019-7677 (XSS exists in Enphase Envoy R3.*.* via the profileName parameter to th ...)
 	NOT-FOR-US: Enphase Envoy
-CVE-2019-7676
+CVE-2019-7676 (A weak password vulnerability was discovered in Enphase Envoy R3.*.*.  ...)
 	NOT-FOR-US: Enphase Envoy
-CVE-2019-7675
+CVE-2019-7675 (An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The defau ...)
 	NOT-FOR-US: MOBOTIX
-CVE-2019-7674
+CVE-2019-7674 (An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/ac ...)
 	NOT-FOR-US: MOBOTIX
-CVE-2019-7673
+CVE-2019-7673 (An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administr ...)
 	NOT-FOR-US: MOBOTIX
 CVE-2019-7672
 	RESERVED
@@ -4892,20 +4892,20 @@ CVE-2019-7667
 	RESERVED
 CVE-2019-7666
 	RESERVED
-CVE-2019-7665
+CVE-2019-7665 (In elfutils 0.175, a heap-based buffer over-read was discovered in the ...)
 	{DLA-1689-1}
 	- elfutils 0.176-1 (low; bug #921880)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24089
 	NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00049.html
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=de01cc6f9446187d69b9748bb3636361c79e77a4
-CVE-2019-7664
+CVE-2019-7664 (In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_not ...)
 	- elfutils 0.176-1 (low; bug #921881)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	[jessie] - elfutils <not-affected> (Vulnerable code introduced later)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24084
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=e65d91d21cb09d83b001fef9435e576ba447db32
-CVE-2019-7663
+CVE-2019-7663 (An Invalid Address dereference was discovered in TIFFWriteDirectoryTag ...)
 	{DLA-1680-1}
 	- tiff 4.0.10-4
 	[stretch] - tiff <postponed> (Minor issue)
@@ -4914,14 +4914,14 @@ CVE-2019-7663
 	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/commit/802d3cbf3043be5dce5317e140ccb1c17a6a2d39
 	NOTE: Same patch as CVE-2018-17000 but different issue. As well different
 	NOTE: issue than CVE-2018-12900.
-CVE-2019-7662
+CVE-2019-7662 (An assertion failure was discovered in wasm::WasmBinaryBuilder::getTyp ...)
 	- binaryen 66-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1872
-CVE-2019-7661
+CVE-2019-7661 (An issue was discovered in PHPMyWind 5.5. The method parameter of the  ...)
 	NOT-FOR-US: PHPMyWind
-CVE-2019-7660
+CVE-2019-7660 (An issue was discovered in PHPMyWind 5.5. The username parameter of th ...)
 	NOT-FOR-US: PHPMyWind
-CVE-2019-7659
+CVE-2019-7659 (Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause  ...)
 	{DLA-1681-1}
 	- gsoap 2.8.75-1
 	[stretch] - gsoap <no-dsa> (Minor issue)
@@ -4940,18 +4940,18 @@ CVE-2019-7654
 	RESERVED
 CVE-2019-7652
 	RESERVED
-CVE-2019-7651
+CVE-2019-7651 (EPP.sys in Emsisoft Anti-Malware 2018.8.1.8923 allows an attacker to b ...)
 	NOT-FOR-US: Emsisoft Anti-Malware
 CVE-2019-7650
 	RESERVED
-CVE-2019-7653
+CVE-2019-7653 (The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CL ...)
 	{DLA-1717-1}
 	- rdflib 4.2.2-2 (bug #921751)
 	NOTE: Debian specific issue as respective scripts are overwritten in Debian
 	NOTE: packaging as wrappers invoking python -m.
-CVE-2019-7649
+CVE-2019-7649 (global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies  ...)
 	NOT-FOR-US: CMSWing
-CVE-2019-7648
+CVE-2019-7648 (controller/fetchpwd.php and controller/doAction.php in Hotels_Server t ...)
 	NOT-FOR-US: Hotels_Server
 CVE-2019-7647
 	RESERVED
@@ -4969,9 +4969,9 @@ CVE-2019-7641
 	RESERVED
 CVE-2019-7640
 	RESERVED
-CVE-2019-7639
+CVE-2019-7639 (An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If P ...)
 	NOT-FOR-US: gsi-openssh-server (OpenSSH patched with openssh-7.9p1-gsissh.patch)
-CVE-2019-7638
+CVE-2019-7638 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -4980,7 +4980,7 @@ CVE-2019-7638
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4500
 	NOTE: https://hg.libsdl.org/SDL/rev/19d8c3b9c251 (SDL-1.2)
 	NOTE: https://hg.libsdl.org/SDL/rev/07c39cbbeacf
-CVE-2019-7637
+CVE-2019-7637 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -4988,7 +4988,7 @@ CVE-2019-7637
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4497
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3630
-CVE-2019-7636
+CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -4997,7 +4997,7 @@ CVE-2019-7636
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4499
 	NOTE: https://hg.libsdl.org/SDL/rev/19d8c3b9c251 (SDL-1.2)
 	NOTE: https://hg.libsdl.org/SDL/rev/07c39cbbeacf
-CVE-2019-7635
+CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5010,17 +5010,17 @@ CVE-2019-7634
 	RESERVED
 CVE-2019-7633
 	RESERVED
-CVE-2019-7632
+CVE-2019-7632 (LifeSize Team, Room, Passport, and Networker 220 devices allow Authent ...)
 	NOT-FOR-US: LifeSize devices
 CVE-2019-7631
 	RESERVED
 CVE-2019-7630
 	RESERVED
-CVE-2019-7629
+CVE-2019-7629 (Stack-based buffer overflow in the strip_vt102_codes function in TinTi ...)
 	- tintin++ 2.01.5-2 (low; bug #924348)
 	[stretch] - tintin++ <no-dsa> (Minor issue)
 	[jessie] - tintin++ <no-dsa> (Minor issue)
-CVE-2019-7628
+CVE-2019-7628 (Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail serve ...)
 	- pagure <itp> (bug #829046)
 CVE-2019-7627
 	RESERVED
@@ -5102,27 +5102,27 @@ CVE-2019-7589
 	RESERVED
 CVE-2019-7588
 	RESERVED
-CVE-2019-7587
+CVE-2019-7587 (Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/co ...)
 	NOT-FOR-US: Bo-blog Wind
 CVE-2019-7586
 	RESERVED
-CVE-2019-7585
+CVE-2019-7585 (An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/P ...)
 	NOT-FOR-US: Waimai Super Cms
 CVE-2019-7584
 	RESERVED
 CVE-2019-7583
 	RESERVED
-CVE-2019-7582
+CVE-2019-7582 (The readBytes function in util/read.c in libming through 0.4.8 allows  ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/172
-CVE-2019-7581
+CVE-2019-7581 (The parseSWF_ACTIONRECORD function in util/parser.c in libming through ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/173
-CVE-2019-7580
+CVE-2019-7580 (ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP c ...)
 	NOT-FOR-US: ThinkCMF
 CVE-2019-7579
 	RESERVED
-CVE-2019-7578
+CVE-2019-7578 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5130,7 +5130,7 @@ CVE-2019-7578
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4494
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
-CVE-2019-7577
+CVE-2019-7577 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5139,7 +5139,7 @@ CVE-2019-7577
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4492
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
-CVE-2019-7576
+CVE-2019-7576 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5148,7 +5148,7 @@ CVE-2019-7576
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4490
 	NOTE: Proposed patch: https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
 	NOTE: very similar bug to CVE-2019-7573, fix for CVE-2019-7573 is applicable to this
-CVE-2019-7575
+CVE-2019-7575 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5156,7 +5156,7 @@ CVE-2019-7575
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4493
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
-CVE-2019-7574
+CVE-2019-7574 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5164,7 +5164,7 @@ CVE-2019-7574
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4496
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
-CVE-2019-7573
+CVE-2019-7573 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5172,7 +5172,7 @@ CVE-2019-7573
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4491
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
-CVE-2019-7572
+CVE-2019-7572 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
 	{DLA-1714-1 DLA-1713-1}
 	- libsdl1.2 <unfixed> (bug #924609)
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
@@ -5183,15 +5183,15 @@ CVE-2019-7572
 	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
 CVE-2019-7571
 	RESERVED
-CVE-2019-7570
+CVE-2019-7570 (A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete user ...)
 	NOT-FOR-US: PbootCMS
-CVE-2019-7569
+CVE-2019-7569 (An issue was discovered in DOYO (aka doyocms) 2.3(20140425 update). Th ...)
 	NOT-FOR-US: doyocms
-CVE-2019-7568
+CVE-2019-7568 (An issue was discovered in baijiacms V4 that can result in time-based  ...)
 	NOT-FOR-US: baijiacms
-CVE-2019-7567
+CVE-2019-7567 (An issue was discovered in Waimai Super Cms 20150505. admin.php?m=Memb ...)
 	NOT-FOR-US: Waimai Super Cms
-CVE-2019-7566
+CVE-2019-7566 (CSZ CMS 1.1.8 has CSRF via admin/users/new/add. ...)
 	NOT-FOR-US: CSZ CMS
 CVE-2019-7565
 	RESERVED
@@ -5203,12 +5203,12 @@ CVE-2019-7562
 	RESERVED
 CVE-2019-7561
 	RESERVED
-CVE-2019-7560
+CVE-2019-7560 (In parser/btorsmt2.c in Boolector 3.0.0, opening a specially crafted i ...)
 	- boolector <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Boolector/boolector/issues/28
 	NOTE: https://github.com/Boolector/boolector/issues/29
 	NOTE: https://github.com/Boolector/boolector/commit/8d979d02e0482c7137c9f3a34e6d430dbfd1f5c5
-CVE-2019-7559
+CVE-2019-7559 (In btor2parser/btor2parser.c in Boolector Btor2Tools before 2019-01-15 ...)
 	NOT-FOR-US: Boolector Btor2Tools
 CVE-2019-7558
 	RESERVED
@@ -5226,25 +5226,25 @@ CVE-2019-7552
 	RESERVED
 CVE-2019-7551
 	RESERVED
-CVE-2019-7550
+CVE-2019-7550 (In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whe ...)
 	NOT-FOR-US: JForum
 CVE-2019-7549
 	RESERVED
-CVE-2019-7548
+CVE-2019-7548 (SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be ...)
 	{DLA-1718-1}
 	[experimental] - sqlalchemy 1.3.0~b3+ds1-1
 	- sqlalchemy <unfixed> (bug #922669)
 	NOTE: https://github.com/sqlalchemy/sqlalchemy/issues/4481
 	NOTE: https://github.com/sqlalchemy/sqlalchemy/commit/30307c4616ad67c01ddae2e1e8e34fabf6028414
-CVE-2019-7547
+CVE-2019-7547 (An issue was discovered in SIDU 6.0. Because the database name is not  ...)
 	NOT-FOR-US: SIDU
-CVE-2019-7546
+CVE-2019-7546 (An issue was discovered in SIDU 6.0. The dbs parameter of the conn.php ...)
 	NOT-FOR-US: SIDU
-CVE-2019-7545
+CVE-2019-7545 (In DbNinja 3.2.7, the Add Host function of the Manage Hosts pages has  ...)
 	NOT-FOR-US: DbNinja
-CVE-2019-7544
+CVE-2019-7544 (An issue was discovered in MyWebSQL 3.7. The Add User function of the  ...)
 	NOT-FOR-US: MyWebSQL
-CVE-2019-7543
+CVE-2019-7543 (In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflec ...)
 	NOT-FOR-US: KindEditor
 CVE-2019-7542
 	RESERVED
@@ -5260,7 +5260,7 @@ CVE-2019-7537
 	RESERVED
 CVE-2019-7536
 	RESERVED
-CVE-2019-7535
+CVE-2019-7535 (index.php in Gurock TestRail 5.3.0.3603 returns potentially sensitive  ...)
 	NOT-FOR-US: Gurock TestRail
 CVE-2019-7534
 	RESERVED
@@ -5414,43 +5414,43 @@ CVE-2019-XXXX [netmask: buffer overflow vulnerability]
 	NOTE: https://github.com/tlby/netmask/issues/3
 	NOTE: https://github.com/tlby/netmask/commit/29a9c239bd1008363f5b34ffd6c2cef906f3660c
 	NOTE: No security impact due to toolchain hardening in stretch, negligable impact in older suites
-CVE-2019-1003023
+CVE-2019-1003023 (A cross-site scripting vulnerability exists in Jenkins Warnings Next G ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003022
+CVE-2019-1003022 (A denial of service vulnerability exists in Jenkins Monitoring Plugin  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003021
+CVE-2019-1003021 (An exposure of sensitive information vulnerability exists in Jenkins O ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003020
+CVE-2019-1003020 (A server-side request forgery vulnerability exists in Jenkins Kanboard ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003019
+CVE-2019-1003019 (An session fixation vulnerability exists in Jenkins GitHub Authenticat ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003018
+CVE-2019-1003018 (An exposure of sensitive information vulnerability exists in Jenkins G ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003017
+CVE-2019-1003017 (A data modification vulnerability exists in Jenkins Job Import Plugin  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003016
+CVE-2019-1003016 (An exposure of sensitive information vulnerability exists in Jenkins J ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003015
+CVE-2019-1003015 (An XML external entity processing vulnerability exists in Jenkins Job  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003014
+CVE-2019-1003014 (An cross-site scripting vulnerability exists in Jenkins Config File Pr ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003013
+CVE-2019-1003013 (An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plu ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003012
+CVE-2019-1003012 (A data modification vulnerability exists in Jenkins Blue Ocean Plugins ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003011
+CVE-2019-1003011 (An information exposure and denial of service vulnerability exists in  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003010
+CVE-2019-1003010 (A cross-site request forgery vulnerability exists in Jenkins Git Plugi ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003009
+CVE-2019-1003009 (An improper certificate validation vulnerability exists in Jenkins Act ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003008
+CVE-2019-1003008 (A cross-site request forgery vulnerability exists in Jenkins Warnings  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003007
+CVE-2019-1003007 (A cross-site request forgery vulnerability exists in Jenkins Warnings  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003006
+CVE-2019-1003006 (A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.0 and ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003005
+CVE-2019-1003005 (A sandbox bypass vulnerability exists in Jenkins Script Security Plugi ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2019-7461
 	RESERVED
@@ -5530,33 +5530,33 @@ CVE-2019-7427
 	RESERVED
 CVE-2019-7426
 	RESERVED
-CVE-2019-7425
+CVE-2019-7425 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 ...)
 	TODO: check
-CVE-2019-7424
+CVE-2019-7424 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 ...)
 	TODO: check
-CVE-2019-7423
+CVE-2019-7423 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 ...)
 	TODO: check
-CVE-2019-7422
+CVE-2019-7422 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 ...)
 	TODO: check
-CVE-2019-7421
+CVE-2019-7421 (XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05. ...)
 	TODO: check
-CVE-2019-7420
+CVE-2019-7420 (XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05. ...)
 	TODO: check
-CVE-2019-7419
+CVE-2019-7419 (XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05. ...)
 	TODO: check
-CVE-2019-7418
+CVE-2019-7418 (XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05. ...)
 	TODO: check
-CVE-2019-7417
+CVE-2019-7417 (XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in multiple ...)
 	TODO: check
-CVE-2019-7416
+CVE-2019-7416 (XSS and/or a Client Side URL Redirect exists in OpenText Documentum We ...)
 	TODO: check
 CVE-2019-7415
 	RESERVED
 CVE-2019-7414
 	RESERVED
-CVE-2019-7413
+CVE-2019-7413 (In the Parallax Scroll (aka adamrob-parallax-scroll) plugin before 2.1 ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2019-7412
+CVE-2019-7412 (The PS PHPCaptcha WP plugin before v1.2.0 for WordPress mishandles san ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2019-7411
 	RESERVED
@@ -5574,29 +5574,29 @@ CVE-2019-7405
 	RESERVED
 CVE-2019-7404
 	RESERVED
-CVE-2019-7403
+CVE-2019-7403 (An issue was discovered in PHPMyWind 5.5. It allows remote attackers t ...)
 	NOT-FOR-US: PHPMyWind
-CVE-2019-7402
+CVE-2019-7402 (An issue was discovered in PHPMyWind 5.5. The GetQQ function in includ ...)
 	NOT-FOR-US: PHPMyWind
-CVE-2019-7401
+CVE-2019-7401 (NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based  ...)
 	NOT-FOR-US: NGINX Unit (different from FLOSS nginx)
-CVE-2019-7400
+CVE-2019-7400 (Rukovoditel before 2.4.1 allows XSS. ...)
 	NOT-FOR-US: Rukovoditel
-CVE-2019-7399
+CVE-2019-7399 (Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack agains ...)
 	NOT-FOR-US: Amazon Fire OS
-CVE-2019-7398
+CVE-2019-7398 (In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage  ...)
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1453
-CVE-2019-7397
+CVE-2019-7397 (In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, seve ...)
 	- imagemagick <unfixed> (unimportant)
 	- graphicsmagick 1.4~hg15896-1 (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1454
-CVE-2019-7396
+CVE-2019-7396 (In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage ...)
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1452
-CVE-2019-7395
+CVE-2019-7395 (In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChanne ...)
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1451
@@ -5604,25 +5604,25 @@ CVE-2019-7394
 	RESERVED
 CVE-2019-7393
 	RESERVED
-CVE-2019-7392
+CVE-2019-7392 (An improper authentication vulnerability in CA Privileged Access Manag ...)
 	NOT-FOR-US: CA Privileged Access Manager
-CVE-2019-7391
+CVE-2019-7391 (ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 devices allow login/login-page.cg ...)
 	TODO: check
-CVE-2019-7390
+CVE-2019-7390 (An issue was discovered in /bin/goahead on D-Link DIR-823G devices wit ...)
 	NOT-FOR-US: D-Link
-CVE-2019-7389
+CVE-2019-7389 (An issue was discovered in /bin/goahead on D-Link DIR-823G devices wit ...)
 	NOT-FOR-US: D-Link
-CVE-2019-7388
+CVE-2019-7388 (An issue was discovered in /bin/goahead on D-Link DIR-823G devices wit ...)
 	NOT-FOR-US: D-Link
-CVE-2019-7387
+CVE-2019-7387 (A local file inclusion vulnerability exists in the web interface of Sy ...)
 	NOT-FOR-US: Systrome
-CVE-2019-7386
+CVE-2019-7386 (A Denial of Service issue has been discovered in the Gecko component o ...)
 	TODO: check
-CVE-2019-7385
+CVE-2019-7385 (An authenticated shell command injection issue has been discovered in  ...)
 	TODO: check
-CVE-2019-7384
+CVE-2019-7384 (An authenticated shell command injection issue has been discovered in  ...)
 	TODO: check
-CVE-2019-7383
+CVE-2019-7383 (An issue was discovered on Systrome Cumilon ISG-600C, ISG-600H, and IS ...)
 	TODO: check
 CVE-2019-7382
 	RESERVED
@@ -5678,65 +5678,65 @@ CVE-2019-7357
 	RESERVED
 CVE-2019-7356
 	RESERVED
-CVE-2019-1000024
+CVE-2019-1000024 (OPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a Cro ...)
 	NOT-FOR-US: OPT/NET BV
-CVE-2019-1000023
+CVE-2019-1000023 (OPT/NET BV OPTOSS Next Gen Network Management System (NG-NetMS) versio ...)
 	NOT-FOR-US: OPT/NET BV
-CVE-2019-1000022
+CVE-2019-1000022 (Taoensso Sente version Prior to version 1.14.0 contains a Cross Site R ...)
 	NOT-FOR-US: Taoensso Sente
-CVE-2019-1000021
+CVE-2019-1000021 (slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 ...)
 	- slixmpp 1.4.2-1 (bug #922509)
 	[stretch] - slixmpp <no-dsa> (Minor issue)
 	NOTE: https://lab.louiz.org/poezio/slixmpp/commit/7cd73b594e8122dddf847953fcfc85ab4d316416
-CVE-2019-1000020
+CVE-2019-1000020 (libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onw ...)
 	{DLA-1668-1}
 	- libarchive 3.3.3-4 (low)
 	[stretch] - libarchive <no-dsa> (Minor issue)
 	NOTE: https://github.com/libarchive/libarchive/pull/1120
 	NOTE: https://github.com/libarchive/libarchive/commit/8312eaa576014cd9b965012af51bc1f967b12423
-CVE-2019-1000019
+CVE-2019-1000019 (libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onw ...)
 	{DLA-1668-1}
 	- libarchive 3.3.3-4 (low)
 	[stretch] - libarchive <no-dsa> (Minor issue)
 	NOTE: https://github.com/libarchive/libarchive/pull/1120
 	NOTE: https://github.com/libarchive/libarchive/commit/65a23f5dbee4497064e9bb467f81138a62b0dae1
-CVE-2019-1000017
+CVE-2019-1000017 (Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect A ...)
 	NOT-FOR-US: Chamilo Chamilo-lms
-CVE-2019-1000016
+CVE-2019-1000016 (FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array In ...)
 	- ffmpeg 7:4.1.1-1 (low; bug #922066)
 	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/b97a4b658814b2de8b9f2a3bce491c002d34de31#diff-cd7e24986650014d67f484f3ffceef3f
-CVE-2019-1000015
+CVE-2019-1000015 (Chamilo Chamilo-lms version 1.11.8 and earlier contains a Cross Site S ...)
 	NOT-FOR-US: Chamilo Chamilo-lms
-CVE-2019-1000014
+CVE-2019-1000014 (Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a Signing oracl ...)
 	- rebar <undetermined>
-CVE-2019-1000013
+CVE-2019-1000013 (Hex package manager hex_core version 0.3.0 and earlier contains a Sign ...)
 	NOT-FOR-US: Hex package manager
-CVE-2019-1000012
+CVE-2019-1000012 (Hex package manager version 0.14.0 through 0.18.2 contains a Signing o ...)
 	NOT-FOR-US: Hex package manager
-CVE-2019-1000011
+CVE-2019-1000011 (API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access  ...)
 	NOT-FOR-US: API Platform
-CVE-2019-1000010
+CVE-2019-1000010 (phpIPAM version 1.3.2 and earlier contains a Cross Site Scripting (XSS ...)
 	NOT-FOR-US: phpIPAM
-CVE-2019-1000009
+CVE-2019-1000009 (Helm ChartMuseum version &gt;=0.1.0 and &lt; 0.8.1 contains a CWE-22:  ...)
 	NOT-FOR-US: Helm ChartMuseum
-CVE-2019-1000008
+CVE-2019-1000008 (All versions of Helm between Helm &gt;=2.0.0 and &lt; 2.12.2 contains  ...)
 	NOT-FOR-US: Helm Kubernetes package manager, different from src:helm
-CVE-2019-1000007
+CVE-2019-1000007 (aioxmpp version 0.10.2 and earlier contains a Improper Handling of Str ...)
 	- python-aioxmpp 0.10.3-1
 	NOTE: https://github.com/horazont/aioxmpp/pull/268
-CVE-2019-1000006
+CVE-2019-1000006 (RIOT RIOT-OS version after commit 7af03ab624db0412c727eed9ab7630a5282e ...)
 	NOT-FOR-US: RIOT RIOT-OS
-CVE-2019-1000005
+CVE-2019-1000005 (mPDF version 7.1.7 and earlier contains a CWE-502: Deserialization of  ...)
 	NOT-FOR-US: mPDF
-CVE-2019-1000004
+CVE-2019-1000004 (yugandhargangu JspMyAdmin2 version 1.0.6 and earlier contains a Cross  ...)
 	NOT-FOR-US: yugandhargangu JspMyAdmin2
-CVE-2019-1000003
+CVE-2019-1000003 (MapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2019-1000002
+CVE-2019-1000002 (Gitea version 1.6.2 and earlier contains a Incorrect Access Control vu ...)
 	- gitea <removed>
 	NOTE: https://github.com/go-gitea/gitea/pull/5631
-CVE-2019-1000001
+CVE-2019-1000001 (TeamPass version 2.1.27 and earlier contains a Storing Passwords in a  ...)
 	NOT-FOR-US: TeamPass
 CVE-2019-7355
 	RESERVED
@@ -5746,93 +5746,93 @@ CVE-2019-7353 [Leak of Confidential Issue and Merge Request Titles]
 	RESERVED
 	- gitlab <not-affected> (Only affects 11.7)
 	NOTE: https://about.gitlab.com/2019/02/05/critical-security-release-gitlab-11-dot-7-dot-4-released/
-CVE-2019-7352
+CVE-2019-7352 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through  ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2475
-CVE-2019-7351
+CVE-2019-7351 (Log Injection exists in ZoneMinder through 1.32.3, as an attacker can  ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2466
-CVE-2019-7350
+CVE-2019-7350 (Session fixation exists in ZoneMinder through 1.32.3, as an attacker c ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2471
-CVE-2019-7349
+CVE-2019-7349 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2465
-CVE-2019-7348
+CVE-2019-7348 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through  ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2467
-CVE-2019-7347
+CVE-2019-7347 (A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMind ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2476
-CVE-2019-7346
+CVE-2019-7346 (A CSRF check issue exists in ZoneMinder through 1.32.3 as whenever a C ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2469
-CVE-2019-7345
+CVE-2019-7345 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through  ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2468
-CVE-2019-7344
+CVE-2019-7344 (Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacke ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2455
-CVE-2019-7343
+CVE-2019-7343 (Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1. ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2464
-CVE-2019-7342
+CVE-2019-7342 (POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2461
-CVE-2019-7341
+CVE-2019-7341 (Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1. ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2463
-CVE-2019-7340
+CVE-2019-7340 (POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2462
-CVE-2019-7339
+CVE-2019-7339 (POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2460
-CVE-2019-7338
+CVE-2019-7338 (Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an att ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2454
-CVE-2019-7337
+CVE-2019-7337 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2456
-CVE-2019-7336
+CVE-2019-7336 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through  ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2457
-CVE-2019-7335
+CVE-2019-7335 (Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an att ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2453
-CVE-2019-7334
+CVE-2019-7334 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2443
-CVE-2019-7333
+CVE-2019-7333 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2441
-CVE-2019-7332
+CVE-2019-7332 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2442
-CVE-2019-7331
+CVE-2019-7331 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through  ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2451
-CVE-2019-7330
+CVE-2019-7330 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2448
-CVE-2019-7329
+CVE-2019-7329 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2446
-CVE-2019-7328
+CVE-2019-7328 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2449
-CVE-2019-7327
+CVE-2019-7327 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2447
-CVE-2019-7326
+CVE-2019-7326 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through  ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2452
-CVE-2019-7325
+CVE-2019-7325 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
 	- zoneminder <unfixed> (bug #922724)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2450
-CVE-2019-7324
+CVE-2019-7324 (app/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination  ...)
 	- kanboard <itp> (bug #790814)
-CVE-2019-7323
+CVE-2019-7323 (GUP (generic update process) in LightySoft LogMX before 7.4.0 does not ...)
 	NOT-FOR-US: LightySoft LogMX
 CVE-2019-7322
 	RESERVED
@@ -5844,30 +5844,30 @@ CVE-2019-7319
 	RESERVED
 CVE-2019-7318
 	RESERVED
-CVE-2019-7317
+CVE-2019-7317 (png_image_free in png.c in libpng 1.6.36 has a use-after-free because  ...)
 	- libpng1.6 1.6.36-4 (bug #921355)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803
 	NOTE: https://github.com/glennrp/libpng/issues/275
-CVE-2019-7316
+CVE-2019-7316 (An issue was discovered in CSS-TRICKS Chat2 through 2015-05-05. The us ...)
 	NOT-FOR-US: CSS-TRICKS Chat2
 CVE-2019-7315
 	RESERVED
-CVE-2019-7314
+CVE-2019-7314 (liblivemedia in Live555 before 2019.02.03 mishandles the termination o ...)
 	{DSA-4408-1 DLA-1690-1}
 	[experimental] - liblivemedia 2019.02.03-1
 	- liblivemedia <unfixed> (bug #924656)
 	NOTE: http://lists.live555.com/pipermail/live-devel/2019-February/021143.html
-CVE-2019-7313
+CVE-2019-7313 (www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the  ...)
 	- buildbot 2.0.0-1 (bug #921271)
 	[stretch] - buildbot <not-affected> (Vulnerable code introduced in 0.9.0)
 	[jessie] - buildbot <not-affected> (Vulnerable code introduced in 0.9.0)
 	NOTE: https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code
 	NOTE: https://github.com/buildbot/buildbot/pull/4584/files#diff-a2e7e3ee5f6a1d3cd9c6abf0328c21e0
-CVE-2019-7312
+CVE-2019-7312 (Limited plaintext disclosure exists in PRIMX Zed Entreprise for Window ...)
 	NOT-FOR-US: PRIMX Zed Enterprise
 CVE-2019-7311
 	RESERVED
-CVE-2019-7310
+CVE-2019-7310 (In Poppler 0.73.0, a heap-based buffer over-read (due to an integer si ...)
 	{DLA-1706-1}
 	- poppler <unfixed> (bug #921215)
 	[stretch] - poppler <ignored> (Minor issue)
@@ -5875,12 +5875,12 @@ CVE-2019-7310
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/717
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/merge_requests/172
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/b54e1fc3e0d2600621a28d50f9f085b9e38619c2
-CVE-2019-7309
+CVE-2019-7309 (In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp fun ...)
 	- glibc 2.28-6 (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24155
 	NOTE: https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html
 	NOTE: x32 not officially supported
-CVE-2019-7308
+CVE-2019-7308 (kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undes ...)
 	- linux 4.19.20-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1711
@@ -5902,19 +5902,19 @@ CVE-2019-7303
 	RESERVED
 CVE-2019-7302
 	RESERVED
-CVE-2019-7301
+CVE-2019-7301 (Zen Load Balancer 3.10.1 allows remote authenticated admin users to ex ...)
 	NOT-FOR-US: Zen Load Balancer
-CVE-2019-7300
+CVE-2019-7300 (Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary  ...)
 	NOT-FOR-US: Artica Proxy
 CVE-2019-7299
 	RESERVED
-CVE-2019-7298
+CVE-2019-7298 (An issue was discovered on D-Link DIR-823G devices with firmware throu ...)
 	NOT-FOR-US: D-Link
-CVE-2019-7297
+CVE-2019-7297 (An issue was discovered on D-Link DIR-823G devices with firmware throu ...)
 	NOT-FOR-US: D-Link
-CVE-2019-7296
+CVE-2019-7296 (typora through 0.9.64 has XSS, with resultant remote command execution ...)
 	NOT-FOR-US: typora
-CVE-2019-7295
+CVE-2019-7295 (typora through 0.9.63 has XSS, with resultant remote command execution ...)
 	NOT-FOR-US: typora
 CVE-2019-7294
 	RESERVED
@@ -6004,15 +6004,15 @@ CVE-2019-7251 [Remote crash vulnerability with SDP protocol violation]
 	[stretch] - asterisk <not-affected> (Vulnerable code not present)
 	[jessie] - asterisk <not-affected> (Vulnerable code introduced later)
 	NOTE: https://downloads.asterisk.org/pub/security/AST-2019-001.html
-CVE-2019-7250
+CVE-2019-7250 (An issue was discovered in the Cross Reference Add-on 36 for Google Do ...)
 	NOT-FOR-US: Cross Reference Add-on for Google Docs
-CVE-2019-7249
+CVE-2019-7249 (In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susc ...)
 	NOT-FOR-US: Keybase on MacOS
-CVE-2019-7283
+CVE-2019-7283 (An issue was discovered in rcp in NetKit through 0.17. For an rcp oper ...)
 	- netkit-rsh 0.17-20 (bug #920486)
 	[stretch] - netkit-rsh <no-dsa> (Minor issue)
 	[jessie] - netkit-rsh <no-dsa> (Minor issue)
-CVE-2019-7282
+CVE-2019-7282 (In NetKit through 0.17, rcp.c in the rcp client allows remote rsh serv ...)
 	- netkit-rsh 0.17-20 (bug #920486)
 	[stretch] - netkit-rsh <no-dsa> (Minor issue)
 	[jessie] - netkit-rsh <no-dsa> (Minor issue)
@@ -6038,15 +6038,15 @@ CVE-2019-7239
 	RESERVED
 CVE-2019-7238
 	RESERVED
-CVE-2019-7237
+CVE-2019-7237 (An issue was discovered in idreamsoft iCMS 7.0.13 on Windows. editor/e ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2019-7236
+CVE-2019-7236 (An issue was discovered in idreamsoft iCMS 7.0.13. editor/editor.admin ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2019-7235
+CVE-2019-7235 (An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=app ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2019-7234
+CVE-2019-7234 (An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=app ...)
 	NOT-FOR-US: idreamsoft iCMS
-CVE-2019-7233
+CVE-2019-7233 (In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer  ...)
 	- catdoc <unfixed> (unimportant)
 	NOTE: https://github.com/uvoteam/libdoc/issues/6
 	NOTE: Crash in CLI tool, no security impact
@@ -6068,13 +6068,13 @@ CVE-2019-7225
 	RESERVED
 CVE-2019-7224
 	RESERVED
-CVE-2019-7223
+CVE-2019-7223 (InvoicePlane 1.5 has stored XSS via the index.php/invoices/ajax/save i ...)
 	NOT-FOR-US: InvoicePlane
-CVE-2019-7222 [KVM: x86: work around leak of uninitialized stack contents]
+CVE-2019-7222 (The KVM implementation in the Linux kernel through 4.20.5 has an Infor ...)
 	- linux 4.19.20-1
 	NOTE: https://git.kernel.org/linus/353c0956a618a07ba4bbe7ad00ff29fe70e8412a
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1759&desc=2
-CVE-2019-7221 [KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer]
+CVE-2019-7221 (The KVM implementation in the Linux kernel through 4.20.5 has a Use-af ...)
 	- linux 4.19.20-1
 	NOTE: https://git.kernel.org/linus/ecec76885bcfe3294685dc363fd1273df0d5d65f
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1760
@@ -6086,7 +6086,7 @@ CVE-2019-7218
 	RESERVED
 CVE-2019-7217
 	RESERVED
-CVE-2019-7216
+CVE-2019-7216 (An issue was discovered in FileChucker 4.99e-free-e02. filechucker.cgi ...)
 	NOT-FOR-US: FileChucker
 CVE-2019-7215
 	RESERVED
@@ -6170,23 +6170,23 @@ CVE-2019-7176
 	RESERVED
 	- gitlab 11.5.10+dfsg-1 (bug #921059)
 	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
-CVE-2019-7175
+CVE-2019-7175 (In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage ...)
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1450
 CVE-2019-7174
 	RESERVED
-CVE-2019-7173
+CVE-2019-7173 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacke ...)
 	NOT-FOR-US: Croogo
-CVE-2019-7172
+CVE-2019-7172 (A stored-self XSS exists in ATutor through v2.2.4, allowing an attacke ...)
 	NOT-FOR-US: ATutor
-CVE-2019-7171
+CVE-2019-7171 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacke ...)
 	NOT-FOR-US: Croogo
-CVE-2019-7170
+CVE-2019-7170 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacke ...)
 	NOT-FOR-US: Croogo
-CVE-2019-7169
+CVE-2019-7169 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacke ...)
 	NOT-FOR-US: Croogo
-CVE-2019-7168
+CVE-2019-7168 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacke ...)
 	NOT-FOR-US: Croogo
 CVE-2019-7167
 	RESERVED
@@ -6194,7 +6194,7 @@ CVE-2019-7166
 	RESERVED
 CVE-2019-7165
 	RESERVED
-CVE-2019-7164
+CVE-2019-7164 (SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injecti ...)
 	{DLA-1718-1}
 	[experimental] - sqlalchemy 1.3.0~b3+ds1-1
 	- sqlalchemy <unfixed> (bug #922669)
@@ -6206,7 +6206,7 @@ CVE-2019-7162
 	RESERVED
 CVE-2019-7161
 	RESERVED
-CVE-2019-7160
+CVE-2019-7160 (idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory Trav ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2019-7159
 	RESERVED
@@ -6214,7 +6214,7 @@ CVE-2019-7158
 	RESERVED
 CVE-2019-7157
 	RESERVED
-CVE-2019-7156
+CVE-2019-7156 (In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows divi ...)
 	- catdoc <unfixed> (unimportant)
 	NOTE: https://github.com/uvoteam/libdoc/issues/5
 	NOTE: catdoc embeds the code; crash in CLI tool, no security impact
@@ -6222,53 +6222,53 @@ CVE-2019-7155
 	RESERVED
 	- gitlab 11.5.10+dfsg-1 (bug #921059)
 	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
-CVE-2019-7154
+CVE-2019-7154 (The main function in tools/wasm2js.cpp in Binaryen 1.38.22 has a heap- ...)
 	- binaryen 66-1 (bug #920853)
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1876
 	NOTE: https://github.com/WebAssembly/binaryen/commit/79a4fbc80d7ffce4cbcfd04315ce3a0efa88d7fa
-CVE-2019-7153
+CVE-2019-7153 (A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder:: ...)
 	- binaryen 66-1 (bug #920853)
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1879
 	NOTE: https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b
 	NOTE: https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e
-CVE-2019-7152
+CVE-2019-7152 (A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilde ...)
 	- binaryen 66-1 (bug #920853)
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1880
 	NOTE: Same set of fixes as for https://github.com/WebAssembly/binaryen/issues/1879
 	NOTE: address the issue.
 	NOTE: https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b
 	NOTE: https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e
-CVE-2019-7151
+CVE-2019-7151 (A NULL pointer dereference was discovered in wasm::Module::getFunction ...)
 	- binaryen 66-1 (bug #920853)
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1881
 	NOTE: Same set of fixes as for https://github.com/WebAssembly/binaryen/issues/1879
 	NOTE: address the issue.
 	NOTE: https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b
 	NOTE: https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e
-CVE-2019-7150
+CVE-2019-7150 (An issue was discovered in elfutils 0.175. A segmentation fault can oc ...)
 	{DLA-1689-1}
 	- elfutils 0.176-1 (low; bug #920909)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24103
 	NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00070.html
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=da5c5336a1eaf519de246f7d9f0f5585e1d4ac59
-CVE-2019-7149
+CVE-2019-7149 (A heap-based buffer over-read was discovered in the function read_srcl ...)
 	{DLA-1689-1}
 	- elfutils 0.176-1 (low; bug #920910)
 	[stretch] - elfutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24102
 	NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00068.html
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=2562759d6fe5b364fe224852e64e8bda39eb2e35
-CVE-2019-7148
+CVE-2019-7148 (An attempted excessive memory allocation was discovered in the functio ...)
 	- elfutils 0.176-1 (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24085
 	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=e32380ecefbb23448541367283d3b94930762986
 	NOTE: malloc can fail on invalid file, but "nothing" bad with security implication will
 	NOTE: happen, negligible security impact.
-CVE-2019-7147
+CVE-2019-7147 (A buffer over-read exists in the function crc64ib in crc64.c in nasmli ...)
 	- nasm <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392544
-CVE-2019-7146
+CVE-2019-7146 (In elfutils 0.175, there is a buffer over-read in the ebl_object_note  ...)
 	- elfutils 0.176-1 (bug #920911)
 	[stretch] - elfutils <not-affected> (Vulnerable code introduced in 0.175)
 	[jessie] - elfutils <not-affected> (Vulnerable code introduced in 0.175)
@@ -6555,7 +6555,7 @@ CVE-2019-7008
 	RESERVED
 CVE-2019-7007
 	RESERVED
-CVE-2019-7006
+CVE-2019-7006 (Avaya one-X Communicator uses weak cryptographic algorithms in the cli ...)
 	NOT-FOR-US: Avaya
 CVE-2019-7005
 	RESERVED
@@ -6589,25 +6589,25 @@ CVE-2019-6994
 	RESERVED
 CVE-2019-6993
 	RESERVED
-CVE-2019-6992
+CVE-2019-6992 (A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ...)
 	- zoneminder 1.32.3-2 (bug #920999)
 	NOTE: https://github.com/ZoneMinder/zoneminder/commit/8c5687ca308e441742725e0aff9075779fa1a498
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2445
-CVE-2019-6991
+CVE-2019-6991 (A classic Stack-based buffer overflow exists in the zmLoadUser() funct ...)
 	- zoneminder 1.32.3-2 (bug #921000)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2478
 	NOTE: https://github.com/ZoneMinder/zoneminder/pull/2482
-CVE-2019-6990
+CVE-2019-6990 (A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneM ...)
 	- zoneminder 1.32.3-2 (bug #921001)
 	NOTE: https://github.com/ZoneMinder/zoneminder/commit/a3e8fd4fd5b579865f35aac3b964bc78d5b7a94a
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2444
-CVE-2019-1000018
+CVE-2019-1000018 (rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Speci ...)
 	{DSA-4377-1 DLA-1650-1}
 	- rssh 2.3.4-9 (bug #919623)
 	NOTE: https://sourceforge.net/p/rssh/mailman/message/36519118/
 CVE-2019-6989
 	RESERVED
-CVE-2019-6988
+CVE-2019-6988 (An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers  ...)
 	- openjpeg2 <unfixed> (low; bug #922648)
 	[buster] - openjpeg2 <ignored> (Minor issue)
 	[stretch] - openjpeg2 <ignored> (Minor issue)
@@ -6615,23 +6615,23 @@ CVE-2019-6988
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1178
 CVE-2019-6987
 	RESERVED
-CVE-2019-6986
+CVE-2019-6986 (SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to exe ...)
 	NOT-FOR-US: VIVO Vitro
-CVE-2019-6985
+CVE-2019-6985 (An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2019-6984
+CVE-2019-6984 (An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2019-6983
+CVE-2019-6983 (An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2019-6982
+CVE-2019-6982 (An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2019-6981
 	RESERVED
 CVE-2019-6980
 	RESERVED
-CVE-2019-6979
+CVE-2019-6979 (An issue was discovered in the User IP History Logs (aka IP_History_Lo ...)
 	NOT-FOR-US: IP History Logs plugin for MyBB
-CVE-2019-6978
+CVE-2019-6978 (The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdI ...)
 	{DSA-4384-1 DLA-1651-1}
 	- libgd2 2.2.5-5.1 (bug #920728)
 	NOTE: https://github.com/libgd/libgd/issues/492
@@ -6643,7 +6643,7 @@ CVE-2019-1000029 [DoS due to changing # of allowed users in root channel]
 	NOTE: https://github.com/mumble-voip/mumble/issues/3585
 	NOTE: Introduced in: https://github.com/mumble-voip/mumble/commit/84b1bcecef790a84d10b2d1f2060c1681a2bb836
 	NOTE: Fixed by: https://github.com/mumble-voip/mumble/commit/3edc46ff7308691d342f8c08ce1afaaefce35a5c
-CVE-2019-6977
+CVE-2019-6977 (gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka  ...)
 	{DSA-4384-1 DLA-1651-1}
 	- libgd2 2.2.5-5.1 (bug #920645)
 	- php7.3 7.3.1-1 (unimportant)
@@ -6652,22 +6652,22 @@ CVE-2019-6977
 	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77270
 	NOTE: Proposed patch: https://gist.github.com/cmb69/1f36d285eb297ed326f5c821d7aafced
-CVE-2019-6976
+CVE-2019-6976 (libvips before 8.7.4 writes to uninitialized memory locations in unspe ...)
 	- vips 8.7.4-1 (low)
 	[stretch] - vips <no-dsa> (Minor issue)
 	[jessie] - vips <ignored> (Minor Issue)
 	NOTE: https://github.com/libvips/libvips/commit/00622428bda8d7521db8d74260b519fa41d69d0a
-CVE-2019-6975
+CVE-2019-6975 (Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2. ...)
 	- python-django 1:1.11.20-1 (low; bug #922027)
 	[stretch] - python-django <postponed> (Minor issue)
 	[jessie] - python-django <not-affected> (Vulnerable code not present)
 	NOTE: Upstream re-released https://code.djangoproject.com/ticket/30175
 	NOTE: https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
 	NOTE: https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227 (1.11 branch)
-CVE-2019-6974
+CVE-2019-6974 (In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm ...)
 	- linux 4.19.20-1
 	NOTE: https://git.kernel.org/linus/cfa39381173d5f969daf43582c95ad679189cbc9
-CVE-2019-6973
+CVE-2019-6973 (Sricam IP CCTV cameras are vulnerable to denial of service via multipl ...)
 	TODO: check
 CVE-2019-6972
 	RESERVED
@@ -6679,9 +6679,9 @@ CVE-2019-6969
 	RESERVED
 CVE-2019-6968
 	RESERVED
-CVE-2019-6967
+CVE-2019-6967 (AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF. ...)
 	TODO: check
-CVE-2019-6966
+CVE-2019-6966 (An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in ...)
 	NOT-FOR-US: Bento4
 CVE-2019-6965
 	RESERVED
@@ -6703,7 +6703,7 @@ CVE-2019-6958
 	RESERVED
 CVE-2019-6957
 	RESERVED
-CVE-2019-6956
+CVE-2019-6956 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2 ...)
 	- faad2 <unfixed> (bug #914641)
 	[buster] - faad2 <no-dsa> (Minor issue)
 	[stretch] - faad2 <no-dsa> (Minor issue)
@@ -7008,25 +7008,25 @@ CVE-2019-6807
 	RESERVED
 CVE-2019-6806
 	RESERVED
-CVE-2019-6805
+CVE-2019-6805 (SQL Injection was found in S-CMS version V3.0 via the alipay/alipayapi ...)
 	NOT-FOR-US: S-CMS
-CVE-2019-6804
+CVE-2019-6804 (An XSS issue was discovered on the Job Edit page in Rundeck Community  ...)
 	NOT-FOR-US: Rundeck Community Edition
-CVE-2019-6803
+CVE-2019-6803 (typora through 0.9.9.20.3 beta has XSS, with resultant remote command  ...)
 	NOT-FOR-US: Typora
-CVE-2019-6802
+CVE-2019-6802 (CRLF Injection in pypiserver 1.2.5 and below allows attackers to set a ...)
 	NOT-FOR-US: pypiserver
 CVE-2019-6801
 	RESERVED
 CVE-2019-6800
 	RESERVED
-CVE-2019-6799
+CVE-2019-6799 (An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbi ...)
 	{DLA-1692-1}
 	- phpmyadmin <unfixed> (bug #920823)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2019-1/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/aeac90623e525057a7672ab3d98154b5c57c15ec
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/c5e01f84ad48c5c626001cb92d7a95500920a900
-CVE-2019-6798
+CVE-2019-6798 (An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability wa ...)
 	- phpmyadmin <unfixed> (bug #920822)
 	[jessie] - phpmyadmin <not-affected> (Vulnerable code introduced later >= 4.5.0)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2019-2/
@@ -7099,18 +7099,18 @@ CVE-2019-6781
 	RESERVED
 	- gitlab 11.5.10+dfsg-1 (bug #921059)
 	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
-CVE-2019-6780
+CVE-2019-6780 (The Wise Chat plugin before 2.7 for WordPress mishandles external link ...)
 	NOT-FOR-US: WordPress plugin wise-chat
-CVE-2019-6779
+CVE-2019-6779 (Cscms 4.1.8 allows admin.php/links/save CSRF to add, modify, or delete ...)
 	NOT-FOR-US: Cscms
-CVE-2019-6778 [slirp: heap buffer overflow in tcp_emu()]
+CVE-2019-6778 (In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer ove ...)
 	{DLA-1694-1}
 	- qemu 1:3.1+dfsg-3 (bug #921525)
 	- qemu-kvm <removed>
 	- slirp4netns 0.2.1-1
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=a7104eda7dab99d0cdbd3595c211864cba415905
-CVE-2019-6777
+CVE-2019-6777 (An issue was discovered in ZoneMinder v1.32.3. Reflected XSS exists in ...)
 	- zoneminder 1.32.3-2 (bug #920375)
 	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2436
 	NOTE: https://github.com/mnoorenberghe/ZoneMinder/commit/59cc65411f02c7e39a270fda3ecb4966d7b48d41
@@ -7228,33 +7228,33 @@ CVE-2019-6721
 	RESERVED
 CVE-2019-6720
 	RESERVED
-CVE-2019-6719
+CVE-2019-6719 (An issue has been found in libIEC61850 v1.3.1. There is a use-after-fr ...)
 	NOT-FOR-US: libIEC61850
 CVE-2019-6718
 	RESERVED
 CVE-2019-6717
 	RESERVED
-CVE-2019-6716
+CVE-2019-6716 (An unauthenticated Insecure Direct Object Reference (IDOR) in Wicket C ...)
 	TODO: check
 CVE-2019-6715
 	RESERVED
-CVE-2019-6714
+CVE-2019-6714 (An issue was discovered in BlogEngine.NET through 3.3.6.0. A path trav ...)
 	TODO: check
-CVE-2019-6713
+CVE-2019-6713 (app\admin\controller\RouteController.php in ThinkCMF 5.0.190111 allows ...)
 	NOT-FOR-US: ThinkCMF
 CVE-2019-6712
 	RESERVED
 CVE-2019-6711
 	RESERVED
-CVE-2019-6710
+CVE-2019-6710 (Zyxel NBG-418N v2 v1.00(AAXM.4)C0 devices allow login.cgi CSRF. ...)
 	NOT-FOR-US: Zyxel
 CVE-2019-6709
 	RESERVED
-CVE-2019-6708
+CVE-2019-6708 (PHPSHE 1.7 has SQL injection via the admin.php?mod=order state paramet ...)
 	NOT-FOR-US: PHPSHE
-CVE-2019-6707
+CVE-2019-6707 (PHPSHE 1.7 has SQL injection via the admin.php?mod=product&amp;act=sta ...)
 	NOT-FOR-US: PHPSHE
-CVE-2019-6706
+CVE-2019-6706 (Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For examp ...)
 	- lua5.3 <unfixed> (bug #920321)
 	[stretch] - lua5.3 <postponed> (Minor issue, revisit when fixed upstream)
 	- lua5.2 <not-affected> (Vulnerable code introduced later)
@@ -7267,9 +7267,9 @@ CVE-2019-6705
 	RESERVED
 CVE-2019-6704
 	RESERVED
-CVE-2019-6703
+CVE-2019-6703 (Incorrect access control in migla_ajax_functions.php in the Calmar Web ...)
 	NOT-FOR-US: Calmar Webmedia Total Donations plugin for WordPress
-CVE-2019-6702
+CVE-2019-6702 (The MasterCard Qkr! app before 5.0.8 for iOS has Missing SSL Certifica ...)
 	TODO: check
 CVE-2019-6701
 	RESERVED
@@ -7291,9 +7291,9 @@ CVE-2019-6693
 	RESERVED
 CVE-2019-6692
 	RESERVED
-CVE-2019-6691
+CVE-2019-6691 (phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=bac ...)
 	NOT-FOR-US: phpwind
-CVE-2019-6690 [improper input validation in gnupg.GPG.encrypt() and gnupg.GPG.decrypt()]
+CVE-2019-6690 (python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg t ...)
 	{DLA-1675-1}
 	- python-gnupg 0.4.4-1
 	[stretch] - python-gnupg <no-dsa> (Minor issue)
@@ -7476,31 +7476,31 @@ CVE-2019-6603
 	RESERVED
 CVE-2019-6602
 	RESERVED
-CVE-2019-6601
+CVE-2019-6601 (In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8,  ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6600
+CVE-2019-6600 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6599
+CVE-2019-6599 (In BIG-IP 11.6.1-11.6.3.2 or 11.5.1-11.5.8, or Enterprise Manager 3.1. ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6598
+CVE-2019-6598 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.1-11 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6597
+CVE-2019-6597 (In BIG-IP 13.0.0-13.1.1.1, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6596
+CVE-2019-6596 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6, 11.6.1-11 ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6595
+CVE-2019-6595 (Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy Ma ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6594
+CVE-2019-6594 (On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6593
+CVE-2019-6593 (On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configur ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6592
+CVE-2019-6592 (On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file whe ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2019-6591
+CVE-2019-6591 (On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12. ...)
 	NOT-FOR-US: BIG-IP
-CVE-2019-6590
+CVE-2019-6590 (On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain c ...)
 	NOT-FOR-US: BIG-IP
-CVE-2019-6589
+CVE-2019-6589 (On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6. ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6588
 	RESERVED
@@ -7548,27 +7548,27 @@ CVE-2019-6567
 	RESERVED
 CVE-2019-6566
 	RESERVED
-CVE-2019-6565
+CVE-2019-6565 (Moxa IKS and EDS fails to properly validate user input, giving unauthe ...)
 	NOT-FOR-US: Moxa
 CVE-2019-6564
 	RESERVED
-CVE-2019-6563
+CVE-2019-6563 (Moxa IKS and EDS generate a predictable cookie calculated with an MD5  ...)
 	NOT-FOR-US: Moxa
 CVE-2019-6562
 	RESERVED
-CVE-2019-6561
+CVE-2019-6561 (Cross-site request forgery has been identified in Moxa IKS and EDS, wh ...)
 	NOT-FOR-US: Moxa
 CVE-2019-6560
 	RESERVED
-CVE-2019-6559
+CVE-2019-6559 (Moxa IKS and EDS allow remote authenticated users to cause a denial of ...)
 	NOT-FOR-US: Moxa
 CVE-2019-6558
 	RESERVED
-CVE-2019-6557
+CVE-2019-6557 (Several buffer overflow vulnerabilities have been identified in Moxa I ...)
 	NOT-FOR-US: Moxa
 CVE-2019-6556
 	RESERVED
-CVE-2019-6555
+CVE-2019-6555 (Cscape, 9.80 SP4 and prior. An improper input validation vulnerability ...)
 	NOT-FOR-US: Cscape
 CVE-2019-6554
 	RESERVED
@@ -7576,43 +7576,43 @@ CVE-2019-6553
 	RESERVED
 CVE-2019-6552
 	RESERVED
-CVE-2019-6551
+CVE-2019-6551 (Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior al ...)
 	NOT-FOR-US: Pangea Communications Internet FAX ATA
 CVE-2019-6550
 	RESERVED
-CVE-2019-6549
+CVE-2019-6549 (An attacker could retrieve plain-text credentials stored in a XML file ...)
 	NOT-FOR-US: PR100088 Modbus
 CVE-2019-6548
 	RESERVED
-CVE-2019-6547
+CVE-2019-6547 (Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00 ...)
 	NOT-FOR-US: Delta Industrial Automation CNCSoft
 CVE-2019-6546
 	RESERVED
-CVE-2019-6545
+CVE-2019-6545 (AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and I ...)
 	NOT-FOR-US: AVEVA
 CVE-2019-6544
 	RESERVED
-CVE-2019-6543
+CVE-2019-6543 (AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and I ...)
 	NOT-FOR-US: AVEVA
 CVE-2019-6542
 	RESERVED
-CVE-2019-6541
+CVE-2019-6541 (A memory corruption vulnerability has been identified in WECON LeviStu ...)
 	NOT-FOR-US: WECON
 CVE-2019-6540
 	RESERVED
-CVE-2019-6539
+CVE-2019-6539 (Several heap-based buffer overflow vulnerabilities in WECON LeviStudio ...)
 	NOT-FOR-US: WECON
 CVE-2019-6538
 	RESERVED
-CVE-2019-6537
+CVE-2019-6537 (Multiple stack-based buffer overflow vulnerabilities in WECON LeviStud ...)
 	NOT-FOR-US: WECON
 CVE-2019-6536
 	RESERVED
-CVE-2019-6535
+CVE-2019-6535 (Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and pri ...)
 	NOT-FOR-US: Mitsubishi Electric MELSEC-Q Series PLCs
 CVE-2019-6534
 	RESERVED
-CVE-2019-6533
+CVE-2019-6533 (Registers used to store Modbus values can be read and written from the ...)
 	NOT-FOR-US: PR100088 Modbus
 CVE-2019-6532
 	RESERVED
@@ -7622,30 +7622,30 @@ CVE-2019-6530
 	RESERVED
 CVE-2019-6529
 	RESERVED
-CVE-2019-6528
+CVE-2019-6528 (PSI GridConnect GmbH Telecontrol Gateway and Smart Telecontrol Unit fa ...)
 	NOT-FOR-US: PSI GridConnect GmbH
-CVE-2019-6527
+CVE-2019-6527 (PR100088 Modbus gateway versions prior to Release R02 (or Software Ver ...)
 	NOT-FOR-US: PR100088 Modbus
 CVE-2019-6526
 	RESERVED
 CVE-2019-6525
 	RESERVED
 	NOT-FOR-US: AVEVA Wonderware System Platform
-CVE-2019-6524
+CVE-2019-6524 (Moxa IKS and EDS do not implement sufficient measures to prevent multi ...)
 	NOT-FOR-US: Moxa
-CVE-2019-6523
+CVE-2019-6523 (WebAccess/SCADA, Version 8.3. The software does not properly sanitize  ...)
 	NOT-FOR-US: Advantech WebAccess/SCADA
-CVE-2019-6522
+CVE-2019-6522 (Moxa IKS and EDS fails to properly check array bounds which may allow  ...)
 	NOT-FOR-US: Moxa
-CVE-2019-6521
+CVE-2019-6521 (WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a ...)
 	NOT-FOR-US: Advantech WebAccess/SCADA
-CVE-2019-6520
+CVE-2019-6520 (Moxa IKS and EDS does not properly check authority on server side, whi ...)
 	NOT-FOR-US: Moxa
-CVE-2019-6519
+CVE-2019-6519 (WebAccess/SCADA, Version 8.3. An improper authentication vulnerability ...)
 	NOT-FOR-US: Advantech WebAccess/SCADA
-CVE-2019-6518
+CVE-2019-6518 (Moxa IKS and EDS store plaintext passwords, which may allow sensitive  ...)
 	NOT-FOR-US: Moxa
-CVE-2019-6517
+CVE-2019-6517 (BD FACSLyric Research Use Only, Windows 10 Professional Operating Syst ...)
 	NOT-FOR-US: BD FACSLyric
 CVE-2019-6516
 	RESERVED
@@ -7659,37 +7659,37 @@ CVE-2019-6512
 	RESERVED
 CVE-2019-6511
 	RESERVED
-CVE-2019-6510
+CVE-2019-6510 (An issue was discovered in creditease-sec insight through 2018-09-11.  ...)
 	NOT-FOR-US: creditease-sec
-CVE-2019-6509
+CVE-2019-6509 (An issue was discovered in creditease-sec insight through 2018-09-11.  ...)
 	NOT-FOR-US: creditease-sec
-CVE-2019-6508
+CVE-2019-6508 (An issue was discovered in creditease-sec insight through 2018-09-11.  ...)
 	NOT-FOR-US: creditease-sec
-CVE-2019-6507
+CVE-2019-6507 (An issue was discovered in creditease-sec insight through 2018-09-11.  ...)
 	NOT-FOR-US: creditease-sec
 CVE-2019-6506
 	RESERVED
 CVE-2019-6505
 	RESERVED
-CVE-2019-6504
+CVE-2019-6504 (Insufficient output sanitization in the Automic Web Interface (AWI), i ...)
 	NOT-FOR-US: CA Automic Workload Automation
-CVE-2019-6503
+CVE-2019-6503 (There is a deserialization vulnerability in Chatopera cosin v3.10.0. A ...)
 	NOT-FOR-US: Chatopera cosin
-CVE-2019-6502
+CVE-2019-6502 (sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory  ...)
 	- opensc <unfixed> (unimportant)
 	NOTE: https://github.com/OpenSC/OpenSC/issues/1586
 	NOTE: Negligible security impact, assigning a CVE seems out of proportion...
-CVE-2019-1003004
+CVE-2019-1003004 (An improper authorization vulnerability exists in Jenkins 2.158 and ea ...)
 	NOT-FOR-US: Jenkins
-CVE-2019-1003003
+CVE-2019-1003003 (An improper authorization vulnerability exists in Jenkins 2.158 and ea ...)
 	NOT-FOR-US: Jenkins
-CVE-2019-1003002
+CVE-2019-1003002 (A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003001
+CVE-2019-1003001 (A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-1003000
+CVE-2019-1003000 (A sandbox bypass vulnerability exists in Script Security Plugin 2.49 a ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-6501 [scsi-generic: possible OOB access while handling inquiry request]
+CVE-2019-6501 (In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allow ...)
 	- qemu 1:3.1+dfsg-3 (bug #920222)
 	[stretch] - qemu <not-affected> (vulnerable code introduced later)
 	[jessie] - qemu <not-affected> (vulnerable code introduced later)
@@ -7700,15 +7700,15 @@ CVE-2019-6501 [scsi-generic: possible OOB access while handling inquiry request]
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=e909ff93698851777faac3c45d03c1b73f311ea6
 	NOTE: Overflow introduced by https://git.qemu.org/?p=qemu.git;a=commit;h=a71c775b24,
 	NOTE: vulnerability not present prior 2.12.50
-CVE-2019-6500
+CVE-2019-6500 (In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Trav ...)
 	NOT-FOR-US: Axway File Transfer Direct
-CVE-2019-6499
+CVE-2019-6499 (Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcode ...)
 	NOT-FOR-US: Teradata Viewpoint
-CVE-2019-6498
+CVE-2019-6498 (GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in d ...)
 	NOT-FOR-US: GattLib
-CVE-2019-6497
+CVE-2019-6497 (Hotels_Server through 2018-11-05 has SQL Injection via the controller/ ...)
 	NOT-FOR-US: Hotels_Server
-CVE-2019-6496
+CVE-2019-6496 (The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88 ...)
 	NOT-FOR-US: ThreadX-based firmware on Marvell Avastar Wi-Fi devices
 CVE-2019-6495
 	RESERVED
@@ -7722,15 +7722,15 @@ CVE-2019-6491
 	RESERVED
 CVE-2019-6490
 	RESERVED
-CVE-2019-6489
+CVE-2019-6489 (Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-0 ...)
 	NOT-FOR-US: Lexmark
-CVE-2019-6488
+CVE-2019-6488 (The string component in the GNU C Library (aka glibc or libc6) through ...)
 	- glibc 2.28-6 (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24097
 	NOTE: x32 not officially supported
-CVE-2019-6487
+CVE-2019-6487 (TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3. ...)
 	NOT-FOR-US: TP-Link
-CVE-2019-6486
+CVE-2019-6486 (Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 e ...)
 	{DSA-4380-1 DSA-4379-1 DLA-1664-1}
 	- golang-1.12 1.12~beta2-2 (bug #920548)
 	- golang-1.11 1.11.5-1
@@ -7741,15 +7741,15 @@ CVE-2019-6486
 	NOTE: https://groups.google.com/forum/m/#!topic/golang-announce/mVeX35iXuSw
 	NOTE: https://golang.org/issue/29903
 	NOTE: https://github.com/golang/go/commit/42b42f71
-CVE-2019-6485
+CVE-2019-6485 (Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60 ...)
 	NOT-FOR-US: Citrix
 CVE-2019-6484
 	RESERVED
-CVE-2019-6338
+CVE-2019-6338 (In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8. ...)
 	{DSA-4370-1 DLA-1685-1}
 	- drupal7 <removed>
 	NOTE: https://www.drupal.org/sa-core-2019-001
-CVE-2019-6339
+CVE-2019-6339 (In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8. ...)
 	{DSA-4370-1 DLA-1659-1}
 	- drupal7 <removed>
 	NOTE: https://www.drupal.org/sa-core-2019-002
@@ -7800,44 +7800,44 @@ CVE-2019-6464
 	RESERVED
 CVE-2019-6463
 	RESERVED
-CVE-2019-6462
+CVE-2019-6462 (An issue was discovered in cairo 1.16.0. There is an infinite loop in  ...)
 	- cairo <unfixed> (low)
 	[buster] - cairo <no-dsa> (Minor issue)
 	[stretch] - cairo <no-dsa> (Minor issue)
 	[jessie] - cairo <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/353
-CVE-2019-6461
+CVE-2019-6461 (An issue was discovered in cairo 1.16.0. There is an assertion problem ...)
 	- cairo <unfixed> (low)
 	[buster] - cairo <no-dsa> (Minor issue)
 	[stretch] - cairo <no-dsa> (Minor issue)
 	[jessie] - cairo <no-dsa> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/352
-CVE-2019-6460
+CVE-2019-6460 (An issue was discovered in GNU Recutils 1.8. There is a NULL pointer d ...)
 	- recutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2019-6459
+CVE-2019-6459 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...)
 	- recutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2019-6458
+CVE-2019-6458 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...)
 	- recutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2019-6457
+CVE-2019-6457 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...)
 	- recutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2019-6456
+CVE-2019-6456 (An issue was discovered in GNU Recutils 1.8. There is a NULL pointer d ...)
 	- recutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2019-6455
+CVE-2019-6455 (An issue was discovered in GNU Recutils 1.8. There is a double-free pr ...)
 	- recutils <unfixed> (unimportant)
 	NOTE: Negligible security impact
-CVE-2019-6454 [systemd (PID1) crash with specially crafted D-Bus message]
+CVE-2019-6454 (An issue was discovered in sd-bus in systemd 239. bus_process_object() ...)
 	{DSA-4393-1 DLA-1684-1}
 	- systemd 240-6
 	NOTE: https://www.openwall.com/lists/oss-security/2019/02/18/3
 	NOTE: https://github.com/systemd/systemd/commit/798ebaf9aea9b8ae3b8a0cc2702bc8de71acb3c6
 	NOTE: https://github.com/systemd/systemd/commit/6d586a13717ae057aa1b4127400c3de61cd5b9e7
 	NOTE: https://github.com/systemd/systemd/commit/f519a19bcd5afe674a9b8fc462cd77d8bad403c1
-CVE-2019-6453
+CVE-2019-6453 (mIRC before 7.55 allows remote command execution by using argument inj ...)
 	NOT-FOR-US: mIRC
 CVE-2019-6452
 	RESERVED
@@ -7849,7 +7849,7 @@ CVE-2019-6449
 	RESERVED
 CVE-2019-6448
 	RESERVED
-CVE-2019-6447
+CVE-2019-6447 (The ES File Explorer File Manager application through 4.1.9.7.4 for An ...)
 	NOT-FOR-US: ES File Explorer File Manager application
 CVE-2019-6446
 	- python-numpy 1:1.10.4-1
@@ -7860,25 +7860,25 @@ CVE-2019-6446
 	NOTE: added support to disable use of picke in load/save, marking that as the fixed
 	NOTE: version. The use of that is at the discretion of anyone using numpy
 	NOTE: Further discussion at https://github.com/numpy/numpy/pull/12889
-CVE-2019-6445
+CVE-2019-6445 (An issue was discovered in NTPsec before 1.1.3. An authenticated attac ...)
 	- ntpsec 1.1.3+dfsg1-1 (bug #919513)
 	NOTE: https://gitlab.com/NTPsec/ntpsec/issues/509
 	NOTE: https://gitlab.com/NTPsec/ntpsec/commit/acb2ecdcabad2ab42e9c6352999e174dd102eb3f
-CVE-2019-6444
+CVE-2019-6444 (An issue was discovered in NTPsec before 1.1.3. process_control() in n ...)
 	- ntpsec 1.1.3+dfsg1-1 (bug #919513)
-CVE-2019-6443
+CVE-2019-6443 (An issue was discovered in NTPsec before 1.1.3. Because of a bug in ct ...)
 	- ntpsec 1.1.3+dfsg1-1 (bug #919513)
-CVE-2019-6442
+CVE-2019-6442 (An issue was discovered in NTPsec before 1.1.3. An authenticated attac ...)
 	- ntpsec 1.1.3+dfsg1-1 (bug #919513)
 CVE-2019-6441
 	RESERVED
-CVE-2019-6440
+CVE-2019-6440 (Zemana AntiMalware before 3.0.658 Beta mishandles update logic. ...)
 	NOT-FOR-US: Zemana AntiMalware
-CVE-2019-6439
+CVE-2019-6439 (examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through  ...)
 	- wolfssl <unfixed> (unimportant)
 	NOTE: https://github.com/wolfSSL/wolfssl/issues/2032
 	NOTE: Issue only in example code
-CVE-2019-6438
+CVE-2019-6438 (SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bi ...)
 	- slurm-llnl 18.08.5.2-1 (low; bug #920997)
 	[stretch] - slurm-llnl <no-dsa> (Minor issue)
 	[jessie] - slurm-llnl <no-dsa> (Minor issue)
@@ -8078,7 +8078,7 @@ CVE-2019-6342
 	RESERVED
 CVE-2019-6341
 	RESERVED
-CVE-2019-6340
+CVE-2019-6340 (Some field types do not properly sanitize data from non-form sources i ...)
 	- drupal7 <not-affected> (Drupal 7 core not affected)
 	NOTE: https://www.drupal.org/sa-core-2019-003
 CVE-2019-6337
@@ -8163,19 +8163,19 @@ CVE-2019-6298
 	RESERVED
 CVE-2019-6297
 	RESERVED
-CVE-2019-6296
+CVE-2019-6296 (Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id pa ...)
 	NOT-FOR-US: Cleanto
-CVE-2019-6295
+CVE-2019-6295 (Cleanto 5.0 has SQL Injection via the assets/lib/service_method_ajax.p ...)
 	NOT-FOR-US: Cleanto
-CVE-2019-6294
+CVE-2019-6294 (An issue was discovered in EasyCMS 1.5. There is CSRF via the index.ph ...)
 	NOT-FOR-US: EasyCMS
-CVE-2019-6293
+CVE-2019-6293 (An issue was discovered in the function mark_beginning_as_normal in nf ...)
 	- flex <unfixed> (low; bug #919428)
 	[buster] - flex <no-dsa> (Minor issue)
 	[stretch] - flex <no-dsa> (Minor issue)
 	[jessie] - flex <no-dsa> (Minor issue)
 	NOTE: https://github.com/westes/flex/issues/414
-CVE-2019-6292
+CVE-2019-6292 (An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYam ...)
 	- yaml-cpp <unfixed> (low; bug #919430)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -8184,25 +8184,25 @@ CVE-2019-6292
 	[stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	[jessie] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	NOTE: https://github.com/jbeder/yaml-cpp/issues/657
-CVE-2019-6291
+CVE-2019-6291 (An issue was discovered in the function expr6 in eval.c in Netwide Ass ...)
 	- nasm <unfixed> (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392549
 	NOTE: Crash in CLI tool, no security impact
-CVE-2019-6290
+CVE-2019-6290 (An infinite recursion issue was discovered in eval.c in Netwide Assemb ...)
 	- nasm <unfixed> (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392548
 	NOTE: Crash in CLI tool, no security impact
-CVE-2019-6289
+CVE-2019-6289 (uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows  ...)
 	NOT-FOR-US: DedeCMS
 CVE-2019-6288
 	RESERVED
 CVE-2019-6287
 	RESERVED
-CVE-2019-6286
+CVE-2019-6286 (In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ...)
 	- libsass <unfixed> (low)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2815
-CVE-2019-6285
+CVE-2019-6285 (The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibY ...)
 	- yaml-cpp <unfixed> (low; bug #919432)
 	[buster] - yaml-cpp <no-dsa> (Minor issue)
 	[stretch] - yaml-cpp <no-dsa> (Minor issue)
@@ -8211,11 +8211,11 @@ CVE-2019-6285
 	[stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	[jessie] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	NOTE: https://github.com/jbeder/yaml-cpp/issues/660
-CVE-2019-6284
+CVE-2019-6284 (In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ...)
 	- libsass <unfixed> (low)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2816
-CVE-2019-6283
+CVE-2019-6283 (In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ...)
 	- libsass <unfixed> (low)
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2814
@@ -8227,7 +8227,7 @@ CVE-2019-6280
 	RESERVED
 CVE-2019-6279
 	RESERVED
-CVE-2019-6278
+CVE-2019-6278 (XSS exists in JPress v1.0.4 via Markdown input, or Markdown input with ...)
 	NOT-FOR-US: JPress
 CVE-2019-6277
 	RESERVED
@@ -8249,29 +8249,29 @@ CVE-2019-6269
 	RESERVED
 CVE-2019-6268
 	RESERVED
-CVE-2019-6267
+CVE-2019-6267 (The Premium WP Suite Easy Redirect Manager plugin 28.07-17 for WordPre ...)
 	NOT-FOR-US: Premium WP Suite Easy Redirect Manager plugin for WordPress
-CVE-2019-6266
+CVE-2019-6266 (Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affe ...)
 	NOT-FOR-US: Cordaware bestinformed
-CVE-2019-6265
+CVE-2019-6265 (The Scripting and AutoUpdate functionality in Cordaware bestinformed M ...)
 	NOT-FOR-US: Cordaware bestinformed
-CVE-2019-6264
+CVE-2019-6264 (An issue was discovered in Joomla! before 3.9.2. Inadequate escaping i ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-6263
+CVE-2019-6263 (An issue was discovered in Joomla! before 3.9.2. Inadequate checks of  ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-6262
+CVE-2019-6262 (An issue was discovered in Joomla! before 3.9.2. Inadequate checks of  ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-6261
+CVE-2019-6261 (An issue was discovered in Joomla! before 3.9.2. Inadequate escaping i ...)
 	NOT-FOR-US: Joomla!
-CVE-2019-6260
+CVE-2019-6260 (The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) ha ...)
 	NOT-FOR-US: ASPEED
-CVE-2019-6259
+CVE-2019-6259 (An issue was discovered in idreamsoft iCMS V7.0.13. There is SQL Injec ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2019-6258
 	RESERVED
-CVE-2019-6257
+CVE-2019-6257 (A Server Side Request Forgery (SSRF) vulnerability in elFinder before  ...)
 	NOT-FOR-US: elFinder
-CVE-2019-6256
+CVE-2019-6256 (A Denial of Service issue was discovered in the LIVE555 Streaming Medi ...)
 	{DSA-4408-1 DLA-1690-1}
 	- liblivemedia 2018.11.26-1 (bug #919529)
 	NOTE: https://github.com/rgaufman/live555/issues/19
@@ -8283,28 +8283,28 @@ CVE-2019-6253
 	RESERVED
 CVE-2019-6252
 	RESERVED
-CVE-2019-6251
+CVE-2019-6251 (embed/ephy-web-view.c in GNOME Web (aka Epiphany) through 3.31.4 allow ...)
 	- epiphany-browser <unfixed> (unimportant)
 	NOTE: https://gitlab.gnome.org/GNOME/epiphany/issues/532
 	NOTE: Webkit not covered by security support
-CVE-2019-6249
+CVE-2019-6249 (An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerabilit ...)
 	NOT-FOR-US: HuCart
-CVE-2019-6250
+CVE-2019-6250 (A pointer overflow, with code execution, was discovered in ZeroMQ libz ...)
 	{DSA-4368-1}
 	- zeromq3 4.3.1-1 (bug #919098)
 	[jessie] - zeromq3 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/zeromq/libzmq/issues/3351
-CVE-2019-6248
+CVE-2019-6248 (PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 ...)
 	NOT-FOR-US: PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script
-CVE-2019-6247
+CVE-2019-6247 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SV ...)
 	- svgpp <unfixed> (unimportant; bug #919321)
 	NOTE: https://github.com/svgpp/svgpp/issues/70
 	NOTE: Issue only in src:svgpp which does not call the AGG-API in correct way.
 	NOTE: No security impact, only used to build examples, see #921097
-CVE-2019-6246
+CVE-2019-6246 (An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling the  ...)
 	- svgpp 1.2.3+dfsg1-5 (bug #919321)
 	NOTE: https://github.com/svgpp/svgpp/issues/70
-CVE-2019-6245
+CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SV ...)
 	{DLA-1656-1}
 	- agg 1:2.4-r127+dfsg1-1 (low; bug #919322)
 	[stretch] - agg <no-dsa> (Minor issue)
@@ -8314,11 +8314,11 @@ CVE-2019-6245
 	NOTE: and possibly already fixed with the inclusion of 05-fix-recursion-crash.patch
 	NOTE: in 2.5+dfsg1-3.
 	NOTE: No security impact on svgpp, only used to build examples, see #921097
-CVE-2019-6244
+CVE-2019-6244 (An issue was discovered in UsualToolCMS 8.0. cmsadmin/a_sqlbackx.php?t ...)
 	NOT-FOR-US: UsualToolCMS
-CVE-2019-6243
+CVE-2019-6243 (Frog CMS 0.9.5 allows XSS via the forgot password page (aka the /admin ...)
 	NOT-FOR-US: Frog CMS
-CVE-2019-6242
+CVE-2019-6242 (** DISPUTED ** Kentico v10.0.42 allows Global Administrators to read t ...)
 	NOT-FOR-US: Kentico
 CVE-2019-6241
 	RESERVED
@@ -8334,86 +8334,86 @@ CVE-2019-6237
 	RESERVED
 CVE-2019-6236
 	RESERVED
-CVE-2019-6235
+CVE-2019-6235 (A memory corruption issue was addressed with improved validation. This ...)
 	NOT-FOR-US: Apple
-CVE-2019-6234
+CVE-2019-6234 (A memory corruption issue was addressed with improved memory handling. ...)
 	- webkit2gtk 2.22.4-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6233
+CVE-2019-6233 (A memory corruption issue was addressed with improved memory handling. ...)
 	- webkit2gtk 2.22.4-1 (unimportant)
 	NOTE: Not covered by security support
 CVE-2019-6232
 	RESERVED
-CVE-2019-6231
+CVE-2019-6231 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
 	NOT-FOR-US: Apple
-CVE-2019-6230
+CVE-2019-6230 (A memory initialization issue was addressed with improved memory handl ...)
 	NOT-FOR-US: Apple
-CVE-2019-6229
+CVE-2019-6229 (A logic issue was addressed with improved validation. This issue is fi ...)
 	- webkit2gtk 2.22.5-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6228
+CVE-2019-6228 (A cross-site scripting issue existed in Safari. This issue was address ...)
 	NOT-FOR-US: Apple Safari
-CVE-2019-6227
+CVE-2019-6227 (A memory corruption issue was addressed with improved memory handling. ...)
 	- webkit2gtk 2.22.5-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6226
+CVE-2019-6226 (Multiple memory corruption issues were addressed with improved memory  ...)
 	- webkit2gtk 2.22.0-2 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6225
+CVE-2019-6225 (A memory corruption issue was addressed with improved validation. This ...)
 	NOT-FOR-US: Apple
-CVE-2019-6224
+CVE-2019-6224 (A buffer overflow issue was addressed with improved memory handling. T ...)
 	NOT-FOR-US: Apple
-CVE-2019-6223
+CVE-2019-6223 (A logic issue existed in the handling of Group FaceTime calls. The iss ...)
 	NOT-FOR-US: Apple
 CVE-2019-6222
 	RESERVED
-CVE-2019-6221
+CVE-2019-6221 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
 	NOT-FOR-US: Apple
-CVE-2019-6220
+CVE-2019-6220 (An out-of-bounds read was addressed with improved input validation. Th ...)
 	NOT-FOR-US: Apple
-CVE-2019-6219
+CVE-2019-6219 (A denial of service issue was addressed with improved validation. This ...)
 	NOT-FOR-US: Apple
-CVE-2019-6218
+CVE-2019-6218 (A memory corruption issue was addressed with improved input validation ...)
 	NOT-FOR-US: Apple
-CVE-2019-6217
+CVE-2019-6217 (Multiple memory corruption issues were addressed with improved memory  ...)
 	- webkit2gtk 2.22.5-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6216
+CVE-2019-6216 (Multiple memory corruption issues were addressed with improved memory  ...)
 	- webkit2gtk 2.22.5-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6215
+CVE-2019-6215 (A type confusion issue was addressed with improved memory handling. Th ...)
 	- webkit2gtk 2.22.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6214
+CVE-2019-6214 (A type confusion issue was addressed with improved memory handling. Th ...)
 	NOT-FOR-US: Apple
-CVE-2019-6213
+CVE-2019-6213 (A buffer overflow was addressed with improved bounds checking. This is ...)
 	NOT-FOR-US: Apple
-CVE-2019-6212
+CVE-2019-6212 (Multiple memory corruption issues were addressed with improved memory  ...)
 	- webkit2gtk 2.22.6-1 (unimportant)
 	NOTE: Not covered by security support
-CVE-2019-6211
+CVE-2019-6211 (A memory corruption issue was addressed with improved state management ...)
 	NOT-FOR-US: Apple
-CVE-2019-6210
+CVE-2019-6210 (A memory corruption issue was addressed with improved input validation ...)
 	NOT-FOR-US: Apple
-CVE-2019-6209
+CVE-2019-6209 (An out-of-bounds read issue existed that led to the disclosure of kern ...)
 	NOT-FOR-US: Apple
-CVE-2019-6208
+CVE-2019-6208 (A memory initialization issue was addressed with improved memory handl ...)
 	NOT-FOR-US: Apple
 CVE-2019-6207
 	RESERVED
-CVE-2019-6206
+CVE-2019-6206 (An issue existed with autofill resuming after it was canceled. The iss ...)
 	NOT-FOR-US: autofill in iOS
-CVE-2019-6205
+CVE-2019-6205 (A memory corruption issue was addressed with improved lock state check ...)
 	NOT-FOR-US: Apple
 CVE-2019-6204
 	RESERVED
 CVE-2019-6203
 	RESERVED
-CVE-2019-6202
+CVE-2019-6202 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
 	NOT-FOR-US: Apple
 CVE-2019-6201
 	RESERVED
-CVE-2019-6200
+CVE-2019-6200 (An out-of-bounds read was addressed with improved input validation. Th ...)
 	NOT-FOR-US: Apple
 CVE-2019-6199
 	RESERVED
@@ -8515,7 +8515,7 @@ CVE-2019-6151
 	RESERVED
 CVE-2019-6150
 	RESERVED
-CVE-2019-6149
+CVE-2019-6149 (An unquoted search path vulnerability was identified in Lenovo Dynamic ...)
 	NOT-FOR-US: Lenovo
 CVE-2019-6148
 	RESERVED
@@ -8535,19 +8535,19 @@ CVE-2019-6141
 	RESERVED
 CVE-2019-6140
 	RESERVED
-CVE-2019-6139
+CVE-2019-6139 (Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbi ...)
 	NOT-FOR-US: Forcepoint User ID (FUID) server
-CVE-2019-6138
+CVE-2019-6138 (An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memor ...)
 	NOT-FOR-US: libIEC61850
-CVE-2019-6137
+CVE-2019-6137 (An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in lin ...)
 	NOT-FOR-US: lib60870
-CVE-2019-6136
+CVE-2019-6136 (An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFil ...)
 	NOT-FOR-US: libIEC61850
-CVE-2019-6135
+CVE-2019-6135 (An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/me ...)
 	NOT-FOR-US: libIEC61850
 CVE-2019-6134
 	RESERVED
-CVE-2019-6133
+CVE-2019-6133 (In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism ...)
 	{DLA-1644-1}
 	- policykit-1 0.105-25 (bug #918985)
 	[stretch] - policykit-1 <no-dsa> (Minor issue, kernel mitigation will land in next 4.9.x rebase)
@@ -8556,33 +8556,33 @@ CVE-2019-6133
 	NOTE: https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81
 	NOTE: Issue can be mitigated in kernel with
 	NOTE: https://git.kernel.org/linus/7b55851367136b1efd84d98fea81ba57a98304cf (landed in 4.9.150)
-CVE-2019-6132
+CVE-2019-6132 (An issue was discovered in Bento4 v1.5.1-627. There is a memory leak i ...)
 	NOT-FOR-US: Bento4
-CVE-2019-6131
+CVE-2019-6131 (svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack co ...)
 	- mupdf 1.14.0+ds1-3 (bug #918970)
 	[stretch] - mupdf <no-dsa> (Minor issue)
 	[jessie] - mupdf <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700442
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?c8f7e48ff74720a5e984ae19d978a5ab4d5dde5b
-CVE-2019-6130
+CVE-2019-6130 (Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fi ...)
 	- mupdf 1.14.0+ds1-3 (bug #918971)
 	[stretch] - mupdf <no-dsa> (Minor issue)
 	[jessie] - mupdf <no-dsa> (Minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700446
 	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?faf47b94e24314d74907f3f6bc874105f2c962ed
-CVE-2019-6129
+CVE-2019-6129 (png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as ...)
 	- libpng1.6 <unfixed> (unimportant)
 	- libpng <removed> (unimportant)
 	NOTE: https://github.com/glennrp/libpng/issues/269
 	NOTE: Memory leak in CLI tool, no security impact
-CVE-2019-6128
+CVE-2019-6128 (The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory l ...)
 	- tiff 4.0.10-4 (bug #921157; unimportant)
 	- tiff3 <removed> (unimportant)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2836
 	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/commit/ae0bed1fe530a82faf2e9ea1775109dbf301a971
-CVE-2019-6127
+CVE-2019-6127 (An issue was discovered in XiaoCms 20141229. It allows admin/index.php ...)
 	NOT-FOR-US: XiaoCms
-CVE-2019-6126
+CVE-2019-6126 (The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1 ...)
 	NOT-FOR-US: Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script
 CVE-2019-6125
 	RESERVED
@@ -8623,19 +8623,19 @@ CVE-2019-6113
 	RESERVED
 CVE-2019-6112
 	RESERVED
-CVE-2019-6111
+CVE-2019-6111 (An issue was discovered in OpenSSH 7.9. Due to the scp implementation  ...)
 	{DSA-4387-2 DSA-4387-1}
 	- openssh 1:7.9p1-9 (bug #923486)
 	NOTE: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
 	NOTE: https://github.com/openssh/openssh-portable/commit/391ffc4b9d31fa1f4ad566499fef9176ff8a07dc
 	NOTE: https://github.com/openssh/openssh-portable/commit/3d896c157c722bc47adca51a58dca859225b5874
 	NOTE: For unstable partially fixed in 1:7.9p1-6, applied complete fix in 1:7.9p1-9.
-CVE-2019-6110
+CVE-2019-6110 (In OpenSSH 7.9, due to accepting and displaying arbitrary stderr outpu ...)
 	- openssh <unfixed> (unimportant)
 	NOTE: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
 	NOTE: Not considered a vulnerability by upstream, cf.
 	NOTE: https://lists.mindrot.org/pipermail/openssh-unix-dev/2019-January/037475.html
-CVE-2019-6109
+CVE-2019-6109 (An issue was discovered in OpenSSH 7.9. Due to missing character encod ...)
 	{DSA-4387-1}
 	- openssh 1:7.9p1-6 (bug #793412)
 	NOTE: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
@@ -9009,39 +9009,39 @@ CVE-2019-5927
 	RESERVED
 CVE-2019-5926
 	RESERVED
-CVE-2019-5925
+CVE-2019-5925 (Cross-site scripting vulnerability in Dradis Community Edition Dradis  ...)
 	NOT-FOR-US: Dradis
-CVE-2019-5924
+CVE-2019-5924 (Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.6.15  ...)
 	NOT-FOR-US: Smart Forms
-CVE-2019-5923
+CVE-2019-5923 (Directory traversal vulnerability in iChain Insurance Wallet App for i ...)
 	NOT-FOR-US: iChain Insurance Wallet App for iOS
-CVE-2019-5922
+CVE-2019-5922 (Untrusted search path vulnerability in The installer of Microsoft Team ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-5921
+CVE-2019-5921 (Untrusted search path vulnerability in Windows 7 allows an attacker to ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2019-5920
+CVE-2019-5920 (Cross-site request forgery (CSRF) vulnerability in FormCraft 1.2.1 and ...)
 	NOT-FOR-US: FormCraft
-CVE-2019-5919
+CVE-2019-5919 (An incomplete cryptography of the data store function by using hidden  ...)
 	NOT-FOR-US: Nablarch
-CVE-2019-5918
+CVE-2019-5918 (Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML ...)
 	NOT-FOR-US: Nablarch
-CVE-2019-5917
+CVE-2019-5917 (azure-umqtt-c (available through GitHub prior to 2017 October 6) allow ...)
 	NOT-FOR-US: azure-umqtt-c
-CVE-2019-5916
+CVE-2019-5916 (Input validation issue in POWER EGG(Ver 2.0.1, Ver 2.02 Patch 3 and ea ...)
 	NOT-FOR-US: POWER EGG
-CVE-2019-5915
+CVE-2019-5915 (Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 allow ...)
 	NOT-FOR-US: OpenAM (different from src:openam)
-CVE-2019-5914
+CVE-2019-5914 (V20 PRO L-01J software version L01J20c and L01J20d has a NULL pointer  ...)
 	NOT-FOR-US: V20 PRO L-01J
-CVE-2019-5913
+CVE-2019-5913 (Untrusted search path vulnerability in the installer of LHMelting (LHM ...)
 	NOT-FOR-US: LHMelting
-CVE-2019-5912
+CVE-2019-5912 (Untrusted search path vulnerability in the installer of UNARJ32.DLL (U ...)
 	NOT-FOR-US: Some Windows installer
-CVE-2019-5911
+CVE-2019-5911 (Untrusted search path vulnerability in the installer of UNLHA32.DLL (U ...)
 	NOT-FOR-US: Some Windows installer
-CVE-2019-5910
+CVE-2019-5910 (Directory traversal vulnerability in HOUSE GATE App for iOS 1.7.8 and  ...)
 	NOT-FOR-US: HOUSE GATE App for iOS
-CVE-2019-5909
+CVE-2019-5909 (License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - R6 ...)
 	NOT-FOR-US: Yokogawa License Manager Service
 CVE-2019-5908
 	RESERVED
@@ -9073,9 +9073,9 @@ CVE-2019-5895
 	RESERVED
 CVE-2019-5894
 	RESERVED
-CVE-2019-5893
+CVE-2019-5893 (Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/qu ...)
 	NOT-FOR-US: Nelson Open Source ERP
-CVE-2019-5892
+CVE-2019-5892 (bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x before 3.0. ...)
 	- frr <not-affected> (Fixed before initial upload)
 CVE-2019-5891
 	RESERVED
@@ -9085,16 +9085,16 @@ CVE-2019-5889
 	RESERVED
 CVE-2019-5888
 	RESERVED
-CVE-2019-5887
+CVE-2019-5887 (An issue was discovered in ShopXO 1.2.0. In the UnlinkDir method of th ...)
 	NOT-FOR-US: ShopXO
-CVE-2019-5886
+CVE-2019-5886 (An issue was discovered in ShopXO 1.2.0. In the application\install\co ...)
 	NOT-FOR-US: ShopXO
 CVE-2019-5885 [Synapse: Derives macaroon_secret_key in a predictable way if none is specified]
 	RESERVED
 	- matrix-synapse 0.34.1.1-1
 	NOTE: https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1/
 	NOTE: https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885/
-CVE-2019-5884
+CVE-2019-5884 (php/elFinder.class.php in elFinder before 2.1.45 leaks information if  ...)
 	NOT-FOR-US: elFinder
 CVE-2019-5883
 	RESERVED
@@ -9324,95 +9324,95 @@ CVE-2019-5784
 	RESERVED
 	{DSA-4395-1}
 	- chromium 72.0.3626.109-1
-CVE-2019-5783
+CVE-2019-5783 (Missing URI encoding of untrusted input in DevTools in Google Chrome p ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5782
+CVE-2019-5782 (Incorrect optimization assumptions in V8 in Google Chrome prior to 72. ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5781
+CVE-2019-5781 (Incorrect handling of a confusable character in Omnibox in Google Chro ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5780
+CVE-2019-5780 (Insufficient restrictions on what can be done with Apple Events in Goo ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5779
+CVE-2019-5779 (Insufficient policy validation in ServiceWorker in Google Chrome prior ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5778
+CVE-2019-5778 (A missing case for handling special schemes in permission request chec ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5777
+CVE-2019-5777 (Incorrect handling of a confusable character in Omnibox in Google Chro ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5776
+CVE-2019-5776 (Incorrect handling of a confusable character in Omnibox in Google Chro ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5775
+CVE-2019-5775 (Incorrect handling of a confusable character in Omnibox in Google Chro ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5774
+CVE-2019-5774 (Omission of the .desktop filetype from the Safe Browsing checklist in  ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5773
+CVE-2019-5773 (Insufficient origin validation in IndexedDB in Google Chrome prior to  ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5772
+CVE-2019-5772 (Sharing of objects over calls into JavaScript runtime in PDFium in Goo ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5771
+CVE-2019-5771 (An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior ...)
 	- chromium <not-affected> (chromium package does not build swiftshader)
-CVE-2019-5770
+CVE-2019-5770 (Insufficient input validation in WebGL in Google Chrome prior to 72.0. ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5769
+CVE-2019-5769 (Incorrect handling of invalid end character position when front render ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5768
+CVE-2019-5768 (DevTools API not correctly gating on extension capability in DevTools  ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5767
+CVE-2019-5767 (Insufficient protection of permission UI in WebAPKs in Google Chrome o ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5766
+CVE-2019-5766 (Incorrect handling of origin taint checking in Canvas in Google Chrome ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5765
+CVE-2019-5765 (An exposed debugging endpoint in the browser in Google Chrome on Andro ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5764
+CVE-2019-5764 (Incorrect pointer management in WebRTC in Google Chrome prior to 72.0. ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5763
+CVE-2019-5763 (Failure to check error conditions in V8 in Google Chrome prior to 72.0 ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5762
+CVE-2019-5762 (Inappropriate memory management when caching in PDFium in Google Chrom ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5761
+CVE-2019-5761 (Incorrect object lifecycle management in SwiftShader in Google Chrome  ...)
 	- chromium <not-affected> (chromium package does not build swiftshader)
-CVE-2019-5760
+CVE-2019-5760 (Insufficient checks of pointer validity in WebRTC in Google Chrome pri ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5759
+CVE-2019-5759 (Incorrect lifetime handling in HTML select elements in Google Chrome o ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5758
+CVE-2019-5758 (Incorrect object lifecycle management in Blink in Google Chrome prior  ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5757
+CVE-2019-5757 (An incorrect object type assumption in SVG in Google Chrome prior to 7 ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5756
+CVE-2019-5756 (Inappropriate memory management when caching in PDFium in Google Chrom ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5755
+CVE-2019-5755 (Incorrect handling of negative zero in V8 in Google Chrome prior to 72 ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5754
+CVE-2019-5754 (Implementation error in QUIC Networking in Google Chrome prior to 72.0 ...)
 	{DSA-4395-1}
 	- chromium 72.0.3626.81-1
-CVE-2019-5882
+CVE-2019-5882 (Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are ex ...)
 	- irssi 1.1.2-1 (bug #918865)
 	[stretch] - irssi <not-affected> (Vulnerable code not present)
 	[jessie] - irssi <not-affected> (Vulnerable code not present)
@@ -9430,9 +9430,9 @@ CVE-2019-5750
 	RESERVED
 CVE-2019-5749
 	RESERVED
-CVE-2019-5748
+CVE-2019-5748 (In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might ...)
 	NOT-FOR-US: Traccar Server
-CVE-2019-5747
+CVE-2019-5747 (An issue was discovered in BusyBox through 1.30.0. An out of bounds re ...)
 	- busybox 1:1.30.1-2
 	[buster] - busxybox <not-affected> (Incomplete fix for CVE-2018-20679 did not reach buster)
 	[stretch] - busybox <not-affected> (Incomplete fix for CVE-2018-20679 not applied)
@@ -9465,10 +9465,10 @@ CVE-2019-5737 [Node.js: Slowloris HTTP Denial of Service with keep-alive]
 	- nodejs 10.15.2~dfsg-1 (unimportant)
 	NOTE: https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
 	NOTE: Nodejs not covered by security support
-CVE-2019-8308
+CVE-2019-8308 (Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc  ...)
 	{DSA-4390-1}
 	- flatpak 1.2.3-1 (bug #922059)
-CVE-2019-5736
+CVE-2019-5736 (runc through 1.0-rc6, as used in Docker before 18.09.2 and other produ ...)
 	- lxc 1:3.1.0+really3.0.3-4 (bug #922169; unimportant)
 	- runc 1.0.0~rc6+dfsg1-2 (bug #922050)
 	[stretch] - runc <no-dsa> (Minor issue; no higher level users of runc in stretch; Can be fixed via point release)
@@ -9492,11 +9492,11 @@ CVE-2019-5729
 	RESERVED
 CVE-2019-5728
 	RESERVED
-CVE-2019-5727
+CVE-2019-5727 (Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9 ...)
 	NOT-FOR-US: Splunk
 CVE-2019-5726
 	RESERVED
-CVE-2019-5725
+CVE-2019-5725 (qibosoft through V7 allows remote attackers to read arbitrary files vi ...)
 	NOT-FOR-US: qibosoft
 CVE-2019-5724
 	RESERVED
@@ -9504,7 +9504,7 @@ CVE-2019-5723
 	RESERVED
 CVE-2019-5722
 	RESERVED
-CVE-2019-5721
+CVE-2019-5721 (In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was ...)
 	- wireshark 2.6.1-1
 	[stretch] - wireshark 2.6.3-1~deb9u1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
@@ -9513,16 +9513,16 @@ CVE-2019-5721
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-05.html
 	NOTE: Fix for 2.4.x was a cherry pick of:
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=177962a5b4a05759b40fb6fc07a4a6eec306a9bf (2.5.1)
-CVE-2019-5720
+CVE-2019-5720 (includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a  ...)
 	- frontaccounting <removed>
-CVE-2019-5719
+CVE-2019-5719 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector  ...)
 	{DLA-1645-1}
 	- wireshark 2.6.6-1 (low)
 	[stretch] - wireshark <postponed> (Minor issue, wait for next 2.6.x release)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15374
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b5b02f2a9b8772d8814096f86c60a32889d61f2c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-04.html
-CVE-2019-5718
+CVE-2019-5718 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector an ...)
 	- wireshark 2.6.6-1 (low)
 	[stretch] - wireshark <postponed> (Minor issue, wait for next 2.6.x release)
 	[jessie] - wireshark <not-affected> (Vulnerable code introduced later)
@@ -9530,14 +9530,14 @@ CVE-2019-5718
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15373
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cd09cb5cfb673beca3cce20b1d6a9bc67a134ae1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-03.html
-CVE-2019-5717
+CVE-2019-5717 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector c ...)
 	{DLA-1645-1}
 	- wireshark 2.6.6-1 (low)
 	[stretch] - wireshark <postponed> (Minor issue, wait for next 2.6.x release)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15337
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bf9272a92f3df1e4ccfaad434e123222ae5313f7
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-02.html
-CVE-2019-5716
+CVE-2019-5716 (In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This w ...)
 	{DLA-1645-1}
 	- wireshark 2.6.6-1 (low)
 	[stretch] - wireshark <postponed> (Minor issue, wait for next 2.6.x release)
@@ -9632,19 +9632,19 @@ CVE-2019-5673
 	RESERVED
 CVE-2019-5672
 	RESERVED
-CVE-2019-5671
+CVE-2019-5671 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: Nvidia drivers on Windows
-CVE-2019-5670
+CVE-2019-5670 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: Nvidia drivers on Windows
-CVE-2019-5669
+CVE-2019-5669 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: Nvidia drivers on Windows
-CVE-2019-5668
+CVE-2019-5668 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: Nvidia drivers on Windows
-CVE-2019-5667
+CVE-2019-5667 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: Nvidia drivers on Windows
-CVE-2019-5666
+CVE-2019-5666 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
 	NOT-FOR-US: Nvidia drivers on Windows
-CVE-2019-5665
+CVE-2019-5665 (NVIDIA Windows GPU Display driver contains a vulnerability in the 3D v ...)
 	NOT-FOR-US: Nvidia drivers on Windows
 CVE-2019-5664
 	RESERVED
@@ -9742,7 +9742,7 @@ CVE-2019-5618
 	RESERVED
 CVE-2019-5617
 	RESERVED
-CVE-2019-5616
+CVE-2019-5616 (CircuitWerkes Sicon-8, a hardware device used for managing electrical  ...)
 	NOT-FOR-US: CircuitWerkes Sicon-8
 CVE-2019-5615
 	RESERVED
@@ -9782,11 +9782,11 @@ CVE-2019-5598
 	RESERVED
 CVE-2019-5597
 	RESERVED
-CVE-2019-5596
+CVE-2019-5596 (In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE b ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:02.fd.asc
 	NOTE: kfreebsd not covered by security support
-CVE-2019-5595
+CVE-2019-5595 (In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:01.syscall.asc
 	NOTE: kfreebsd not covered by security support
@@ -9996,13 +9996,13 @@ CVE-2019-5493
 	RESERVED
 CVE-2019-5492
 	RESERVED
-CVE-2019-5491
+CVE-2019-5491 (Clustered Data ONTAP versions prior to 9.1P15 and 9.3 prior to 9.3P7 a ...)
 	NOT-FOR-US: Clustered Data ONTAP
 CVE-2019-5490
 	RESERVED
-CVE-2019-5488
+CVE-2019-5488 (EARCLINK ESPCMS-P8 has SQL injection in the install_pack/index.php?ac= ...)
 	NOT-FOR-US: EARCLINK ESPCMS-P8
-CVE-2019-5489
+CVE-2019-5489 (The mincore() implementation in mm/mincore.c in the Linux kernel throu ...)
 	- linux <unfixed>
 CVE-2019-5487
 	RESERVED
@@ -10150,15 +10150,15 @@ CVE-2019-5418 [File Content Disclosure in Action View]
 	RESERVED
 	- rails <unfixed> (bug #924520)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/03/13/5
-CVE-2019-5417
+CVE-2019-5417 (A path traversal vulnerability in serve npm package version 7.0.1 allo ...)
 	TODO: check
-CVE-2019-5416
+CVE-2019-5416 (A path traversal vulnerability in localhost-now npm package version 1. ...)
 	TODO: check
-CVE-2019-5415
+CVE-2019-5415 (A bug in handling the ignore files and directories feature in serve 6. ...)
 	TODO: check
-CVE-2019-5414
+CVE-2019-5414 (If an attacker can control the port, which in itself is a very sensiti ...)
 	TODO: check
-CVE-2019-5413
+CVE-2019-5413 (An attacker can use the format parameter to inject arbitrary commands  ...)
 	TODO: check
 CVE-2019-5412
 	RESERVED
@@ -10360,11 +10360,11 @@ CVE-2019-5314
 	RESERVED
 CVE-2019-5313
 	RESERVED
-CVE-2019-5312
+CVE-2019-5312 (An issue was discovered in weixin-java-tools v3.3.0. There is an XXE v ...)
 	NOT-FOR-US: weixin-java-tools
-CVE-2019-5311
+CVE-2019-5311 (An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.p ...)
 	NOT-FOR-US: YUNUCMS
-CVE-2019-5310
+CVE-2019-5310 (YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because craft ...)
 	NOT-FOR-US: YUNUCMS
 CVE-2019-5309
 	RESERVED
@@ -10946,7 +10946,7 @@ CVE-2019-5021
 	RESERVED
 CVE-2019-5020
 	RESERVED
-CVE-2019-5019
+CVE-2019-5019 (A heap overflow vulnerability exists in the PowerPoint document conver ...)
 	NOT-FOR-US: Rainbow PDF Office Server Document Converter
 CVE-2019-5018
 	RESERVED
@@ -10954,7 +10954,7 @@ CVE-2019-5017
 	RESERVED
 CVE-2019-5016
 	RESERVED
-CVE-2019-5015
+CVE-2019-5015 (A local privilege escalation vulnerability exists in the Mac OS X vers ...)
 	NOT-FOR-US: Apple
 CVE-2019-5014
 	RESERVED
@@ -10980,15 +10980,15 @@ CVE-2019-5010 [NULL pointer dereference using a specially crafted X509 certifica
 	NOTE: https://github.com/python/cpython/commit/be5de958e9052e322b0087c6dba81cdad0c3e031 (3.7.x)
 	NOTE: https://github.com/python/cpython/commit/216a4d83c3b72f4fdcd81b588dc3f42cc461739a (3.6.x)
 	NOTE: https://github.com/python/cpython/commit/06b15424b0dcacb1c551b2a36e739fffa8d0c595 (2.7.x)
-CVE-2019-5009
+CVE-2019-5009 (Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extens ...)
 	NOT-FOR-US: Vtiger CRM
 CVE-2019-5008
 	RESERVED
-CVE-2019-5007
+CVE-2019-5007 (An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on W ...)
 	NOT-FOR-US: Foxit Reader and PhantomPDF
-CVE-2019-5006
+CVE-2019-5006 (An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on W ...)
 	NOT-FOR-US: Foxit Reader and PhantomPDF
-CVE-2019-5005
+CVE-2019-5005 (An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on W ...)
 	NOT-FOR-US: Foxit Reader and PhantomPDF
 CVE-2019-5004
 	RESERVED
@@ -12872,15 +12872,15 @@ CVE-2019-4065
 	RESERVED
 CVE-2019-4064
 	RESERVED
-CVE-2019-4063
+CVE-2019-4063 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition c ...)
 	NOT-FOR-US: IBM
 CVE-2019-4062
 	RESERVED
-CVE-2019-4061
+CVE-2019-4061 (IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the r ...)
 	NOT-FOR-US: IBM
 CVE-2019-4060
 	RESERVED
-CVE-2019-4059
+CVE-2019-4059 (IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently pro ...)
 	NOT-FOR-US: IBM
 CVE-2019-4058
 	RESERVED
@@ -12918,11 +12918,11 @@ CVE-2019-4042
 	RESERVED
 CVE-2019-4041
 	RESERVED
-CVE-2019-4040
+CVE-2019-4040 (IBM I 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerab ...)
 	NOT-FOR-US: IBM
 CVE-2019-4039
 	RESERVED
-CVE-2019-4038
+CVE-2019-4038 (IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to c ...)
 	NOT-FOR-US: IBM
 CVE-2019-4037
 	RESERVED
@@ -12930,21 +12930,21 @@ CVE-2019-4036
 	RESERVED
 CVE-2019-4035
 	RESERVED
-CVE-2019-4034
+CVE-2019-4034 (IBM Content Navigator 3.0CD is could allow an attacker to execute arbi ...)
 	NOT-FOR-US: IBM
 CVE-2019-4033
 	RESERVED
-CVE-2019-4032
+CVE-2019-4032 (IBM Financial Transaction Manager for Digital Payments for Multi-Platf ...)
 	NOT-FOR-US: IBM
 CVE-2019-4031
 	RESERVED
-CVE-2019-4030
+CVE-2019-4030 (IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-si ...)
 	NOT-FOR-US: IBM
-CVE-2019-4029
+CVE-2019-4029 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to c ...)
 	NOT-FOR-US: IBM
-CVE-2019-4028
+CVE-2019-4028 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to c ...)
 	NOT-FOR-US: IBM
-CVE-2019-4027
+CVE-2019-4027 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to c ...)
 	NOT-FOR-US: IBM
 CVE-2019-4026
 	RESERVED
@@ -12966,9 +12966,9 @@ CVE-2019-4018
 	RESERVED
 CVE-2019-4017
 	RESERVED
-CVE-2019-4016
+CVE-2019-4016 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
-CVE-2019-4015
+CVE-2019-4015 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
 CVE-2019-4014
 	RESERVED
@@ -12982,7 +12982,7 @@ CVE-2019-4010
 	RESERVED
 CVE-2019-4009
 	RESERVED
-CVE-2019-4008
+CVE-2019-4008 (API Connect V2018.1 through 2018.4.1.1 is impacted by access token lea ...)
 	NOT-FOR-US: IBM
 CVE-2019-4007
 	RESERVED
@@ -13150,21 +13150,21 @@ CVE-2019-3926
 	RESERVED
 CVE-2019-3925
 	RESERVED
-CVE-2019-3924
+CVE-2019-3924 (MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is v ...)
 	NOT-FOR-US: MikroTik
-CVE-2019-3923
+CVE-2019-3923 (Nessus versions 8.2.1 and earlier were found to contain a stored XSS v ...)
 	NOT-FOR-US: Nessus
-CVE-2019-3922
+CVE-2019-3922 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BO ...)
 	NOT-FOR-US: Alcatel Lucent
-CVE-2019-3921
+CVE-2019-3921 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BO ...)
 	NOT-FOR-US: Alcatel Lucent
-CVE-2019-3920
+CVE-2019-3920 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BO ...)
 	NOT-FOR-US: Alcatel Lucent
-CVE-2019-3919
+CVE-2019-3919 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BO ...)
 	NOT-FOR-US: Alcatel Lucent
-CVE-2019-3918
+CVE-2019-3918 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BO ...)
 	NOT-FOR-US: Alcatel Lucent
-CVE-2019-3917
+CVE-2019-3917 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BO ...)
 	NOT-FOR-US: Alcatel Lucent
 CVE-2019-3916
 	RESERVED
@@ -13172,23 +13172,23 @@ CVE-2019-3915
 	RESERVED
 CVE-2019-3914
 	RESERVED
-CVE-2019-3913
+CVE-2019-3913 (Command manipulation in LabKey Server Community Edition before 18.3.0- ...)
 	NOT-FOR-US: LabKey Server
-CVE-2019-3912
+CVE-2019-3912 (An open redirect vulnerability in LabKey Server Community Edition befo ...)
 	NOT-FOR-US: LabKey Server
-CVE-2019-3911
+CVE-2019-3911 (Reflected cross-site scripting (XSS) vulnerability in LabKey Server Co ...)
 	NOT-FOR-US: LabKey Server
-CVE-2019-3910
+CVE-2019-3910 (Crestron AM-100 before firmware version 1.6.0.2 contains an authentica ...)
 	NOT-FOR-US: Creston
-CVE-2019-3909
+CVE-2019-3909 (Premisys Identicard version 3.1.190 database uses default credentials. ...)
 	NOT-FOR-US: Premisys Identicard
-CVE-2019-3908
+CVE-2019-3908 (Premisys Identicard version 3.1.190 stores backup files as encrypted z ...)
 	NOT-FOR-US: Premisys Identicard
-CVE-2019-3907
+CVE-2019-3907 (Premisys Identicard version 3.1.190 stores user credentials and other  ...)
 	NOT-FOR-US: Premisys Identicard
-CVE-2019-3906
+CVE-2019-3906 (Premisys Identicard version 3.1.190 contains hardcoded credentials in  ...)
 	NOT-FOR-US: Premisys Identicard
-CVE-2019-3905
+CVE-2019-3905 (Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF. ...)
 	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
 CVE-2019-3904
 	RESERVED
@@ -13366,7 +13366,7 @@ CVE-2019-3835
 	RESERVED
 CVE-2019-3834
 	RESERVED
-CVE-2019-3833
+CVE-2019-3833 (Openwsman, versions up to and including 2.6.9, are vulnerable to infin ...)
 	- openwsman <itp> (bug #754501)
 CVE-2019-3832 [incomplete fix for CVE-2018-19758]
 	RESERVED
@@ -13402,24 +13402,24 @@ CVE-2019-3826 [Stored DOM cross-site scripting (XSS) attack via crafted URL]
 	- prometheus 2.7.1+ds-1 (bug #921615)
 	[stretch] - prometheus <not-affected> (Only affects 2.1.0 onwards)
 	NOTE: https://github.com/prometheus/prometheus/pull/5163
-CVE-2019-3825
+CVE-2019-3825 (A vulnerability was discovered in gdm before 3.31.4. When timed login  ...)
 	- gdm3 3.30.2-3 (low; bug #921764)
 	[stretch] - gdm3 <no-dsa> (Minor issue)
 	[jessie] - gdm3 <ignored> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/gdm/issues/460
-CVE-2019-3824
+CVE-2019-3824 (A flaw was found in the way an LDAP search expression could crash the  ...)
 	{DSA-4397-1 DLA-1699-1}
 	- ldb 2:1.5.1+really1.4.3-2
 	- samba <unfixed> (unimportant)
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=13773
 	NOTE: Samba uses the System ldb library
-CVE-2019-3823
+CVE-2019-3823 (libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap ...)
 	{DSA-4386-1 DLA-1672-1}
 	- curl 7.64.0-1
 	NOTE: https://curl.haxx.se/docs/CVE-2019-3823.html
 	NOTE: Fixed by: https://github.com/curl/curl/commit/39df4073e5413fcdbb5a38da0c1ce6f1c0ceb484
 	NOTE: Introduced by: https://github.com/curl/curl/commit/2766262a68688c1dd8143f9c4be84b46c408b70a
-CVE-2019-3822
+CVE-2019-3822 (libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stac ...)
 	{DSA-4386-1 DLA-1672-1}
 	- curl 7.64.0-1
 	NOTE: https://curl.haxx.se/docs/CVE-2019-3822.html
@@ -13430,23 +13430,23 @@ CVE-2019-3821 [Resource exhaustion via TCP connection to port serving the SSL en
 	- ceph <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1656852
 	NOTE: https://github.com/ceph/civetweb/pull/33
-CVE-2019-3820
+CVE-2019-3820 (It was discovered that the gnome-shell lock screen since version 3.15. ...)
 	- gnome-shell 3.30.2-3 (bug #921490)
 	[jessie] - gnome-shell <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by: https://bugzilla.gnome.org/show_bug.cgi?id=745039
 	NOTE: Introduced by: https://gitlab.gnome.org/GNOME/gnome-shell/commit/c79d24b60e773262091023feb6ee1b3deef1c471
 	NOTE: Upstream issue: https://gitlab.gnome.org/GNOME/gnome-shell/issues/851
-CVE-2019-3819
+CVE-2019-3819 (A flaw was found in the Linux kernel in the function hid_debug_events_ ...)
 	- linux 4.19.20-1
 	NOTE: Proposed patch: https://marc.info/?l=linux-input&m=154841031101012&w=2
-CVE-2019-3818
+CVE-2019-3818 (The kube-rbac-proxy container before version 0.4.1 as used in Red Hat  ...)
 	NOT-FOR-US: kube-rbac-proxy
 CVE-2019-3817
 	RESERVED
 	NOT-FOR-US: libcomps
-CVE-2019-3816
+CVE-2019-3816 (Openwsman, versions up to and including 2.6.9, are vulnerable to arbit ...)
 	- openwsman <itp> (bug #754501)
-CVE-2019-3815
+CVE-2019-3815 (A memory leak was discovered in the backport of fixes for CVE-2018-168 ...)
 	{DLA-1711-1}
 	- systemd <not-affected> (This only affected backports to older suites, not the version in sid)
 	[stretch] - systemd 232-25+deb9u8
@@ -13458,19 +13458,19 @@ CVE-2019-3814 [Suitable client certificate can be used to login as other user]
 	{DSA-4385-1 DLA-1667-1}
 	- dovecot 1:2.3.4.1-1
 	NOTE: https://www.openwall.com/lists/oss-security/2019/02/05/1
-CVE-2019-3813
+CVE-2019-3813 (Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-boun ...)
 	{DSA-4375-1 DLA-1649-1}
 	- spice 0.14.0-1.3 (bug #920762)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/01/28/2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1665371
-CVE-2019-3812
+CVE-2019-3812 (QEMU, through version 2.10 and through version 3.1.0, is vulnerable to ...)
 	- qemu 1:3.1+dfsg-5 (bug #922635)
 	[jessie] - qemu <not-affected> (vulnerable code introduced later)
 	- qemu-kvm <removed>
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=b05b267840515730dbf6753495d5b7bd8b04ad1c
 	NOTE: vulnerable code not present prior 2.6.50, introduced in
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=78c71af8049c40657b646d9dd722867fa15c0f1b
-CVE-2019-3811
+CVE-2019-3811 (A vulnerability was found in sssd. If a user was configured with no ho ...)
 	{DLA-1635-1}
 	- sssd <unfixed> (bug #919051)
 	NOTE: Upstream ticket: https://pagure.io/SSSD/sssd/issue/3901
@@ -13492,12 +13492,12 @@ CVE-2019-3808
 	- moodle <removed>
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=381228#p1536765
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64395
-CVE-2019-3807
+CVE-2019-3807 (An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1 ...)
 	- pdns-recursor 4.1.9-1
 	[stretch] - pdns-recursor <not-affected> (Only affects 4.1.x)
 	[jessie] - pdns-recursor <not-affected> (Only affects 4.1.x)
 	NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html
-CVE-2019-3806
+CVE-2019-3806 (An issue has been found in PowerDNS Recursor versions after 4.1.3 befo ...)
 	- pdns-recursor 4.1.9-1
 	[stretch] - pdns-recursor <not-affected> (Only affects 4.1.x)
 	[jessie] - pdns-recursor <not-affected> (Only affects 4.1.x)
@@ -13509,7 +13509,7 @@ CVE-2019-3804 [Crash when parsing invalid base64 headers]
 	- cockpit 184-1
 	NOTE: https://github.com/cockpit-project/cockpit/pull/10819
 	NOTE: https://github.com/cockpit-project/cockpit/commit/c51f6177576d7e12
-CVE-2019-3803
+CVE-2019-3803 (Pivotal Concourse, all versions prior to 4.2.2, puts the user access t ...)
 	NOT-FOR-US: Pivotal Concourse
 CVE-2019-3802
 	RESERVED
@@ -13545,33 +13545,33 @@ CVE-2019-3787
 	RESERVED
 CVE-2019-3786
 	RESERVED
-CVE-2019-3785
+CVE-2019-3785 (Cloud Foundry Cloud Controller, versions prior to 1.78.0, contain an e ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2019-3784
+CVE-2019-3784 (Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure s ...)
 	NOT-FOR-US: Cloud Foundry Stratos
-CVE-2019-3783
+CVE-2019-3783 (Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public  ...)
 	NOT-FOR-US: Cloud Foundry Stratos
-CVE-2019-3782
+CVE-2019-3782 (Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writ ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2019-3781
+CVE-2019-3781 (Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passw ...)
 	NOT-FOR-US: Cloud Foundry CLI
-CVE-2019-3780
+CVE-2019-3780 (Cloud Foundry Container Runtime, versions prior to 0.28.0, deploys K8s ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2019-3779
+CVE-2019-3779 (Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kub ...)
 	NOT-FOR-US: Cloud Foundry
-CVE-2019-3778
+CVE-2019-3778 (Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2 ...)
 	TODO: check
-CVE-2019-3777
+CVE-2019-3777 (Pivotal Application Service (PAS), versions 2.2.x prior to 2.2.12, 2.3 ...)
 	NOT-FOR-US: Pivotal
-CVE-2019-3776
+CVE-2019-3776 (Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x vers ...)
 	NOT-FOR-US: Pivotal
-CVE-2019-3775
+CVE-2019-3775 (Cloud Foundry UAA, versions prior to v70.0, allows a user to update th ...)
 	NOT-FOR-US: Cloud Foundry UAA
-CVE-2019-3774
+CVE-2019-3774 (Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versi ...)
 	NOT-FOR-US: Spring Batch
-CVE-2019-3773
+CVE-2019-3773 (Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported vers ...)
 	NOT-FOR-US: Spring Web Services
-CVE-2019-3772
+CVE-2019-3772 (Spring Integration (spring-integration-xml and spring-integration-ws m ...)
 	NOT-FOR-US: Spring Integration
 CVE-2019-3771
 	RESERVED
@@ -13683,17 +13683,17 @@ CVE-2019-3718
 	RESERVED
 CVE-2019-3717
 	RESERVED
-CVE-2019-3716
+CVE-2019-3716 (RSA Archer versions, prior to 6.5 SP2, contain an information exposure ...)
 	NOT-FOR-US: RSA
-CVE-2019-3715
+CVE-2019-3715 (RSA Archer versions, prior to 6.5 SP1, contain an information exposure ...)
 	NOT-FOR-US: RSA
 CVE-2019-3714
 	RESERVED
 CVE-2019-3713
 	RESERVED
-CVE-2019-3712
+CVE-2019-3712 (Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse Th ...)
 	NOT-FOR-US: Dell
-CVE-2019-3711
+CVE-2019-3711 (RSA Authentication Manager versions prior to 8.4 P1 contain an Insecur ...)
 	NOT-FOR-US: RSA
 CVE-2019-3710
 	RESERVED
@@ -13707,13 +13707,13 @@ CVE-2019-3706
 	RESERVED
 CVE-2019-3705
 	RESERVED
-CVE-2019-3704
+CVE-2019-3704 (VNX Control Station in Dell EMC VNX2 OE for File versions prior to 8.1 ...)
 	NOT-FOR-US: EMC
 CVE-2019-3703
 	RESERVED
 CVE-2019-3702
 	RESERVED
-CVE-2019-3701
+CVE-2019-3701 (An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux ...)
 	- linux 4.19.20-1 (unimportant)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1120386
 	NOTE: https://marc.info/?l=linux-netdev&m=154651842302479&w=2
@@ -13887,7 +13887,7 @@ CVE-2019-3617
 	RESERVED
 CVE-2019-3616
 	RESERVED
-CVE-2019-3615
+CVE-2019-3615 (Data Leakage Attacks vulnerability in the web interface in McAfee Data ...)
 	NOT-FOR-US: McAfee
 CVE-2019-3614
 	RESERVED
@@ -13897,7 +13897,7 @@ CVE-2019-3612
 	RESERVED
 CVE-2019-3611
 	RESERVED
-CVE-2019-3610
+CVE-2019-3610 (Data Leakage Attacks vulnerability in Microsoft Windows client in McAf ...)
 	NOT-FOR-US: McAfee True Key
 CVE-2019-3609
 	RESERVED
@@ -13909,7 +13909,7 @@ CVE-2019-3606
 	RESERVED
 CVE-2019-3605
 	RESERVED
-CVE-2019-3604
+CVE-2019-3604 (Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) ...)
 	NOT-FOR-US: McAfee
 CVE-2019-3603
 	RESERVED
@@ -13919,9 +13919,9 @@ CVE-2019-3601
 	RESERVED
 CVE-2019-3600
 	RESERVED
-CVE-2019-3599
+CVE-2019-3599 (Information Disclosure vulnerability in Remote logging (which is disab ...)
 	NOT-FOR-US: McAfee Agent
-CVE-2019-3598
+CVE-2019-3598 (Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x all ...)
 	NOT-FOR-US: McAfee Agent
 CVE-2019-3597
 	RESERVED
@@ -13931,7 +13931,7 @@ CVE-2019-3595
 	RESERVED
 CVE-2019-3594
 	RESERVED
-CVE-2019-3593
+CVE-2019-3593 (Exploitation of Privilege/Trust vulnerability in Microsoft Windows cli ...)
 	NOT-FOR-US: McAfee
 CVE-2019-3592
 	RESERVED
@@ -13943,45 +13943,45 @@ CVE-2019-3589
 	RESERVED
 CVE-2019-3588
 	RESERVED
-CVE-2019-3587
+CVE-2019-3587 (DLL Search Order Hijacking vulnerability in Microsoft Windows client i ...)
 	NOT-FOR-US: McAfee
 CVE-2019-3586
 	RESERVED
 CVE-2019-3585
 	RESERVED
-CVE-2019-3584
+CVE-2019-3584 (Exploitation of Authentication vulnerability in MVision Endpoint in Mc ...)
 	NOT-FOR-US: McAfee
 CVE-2019-3583
 	RESERVED
-CVE-2019-3582
+CVE-2019-3582 (Privilege Escalation vulnerability in Microsoft Windows client in McAf ...)
 	NOT-FOR-US: McAfee
-CVE-2019-3581
+CVE-2019-3581 (Improper input validation in the proxy component of McAfee Web Gateway ...)
 	NOT-FOR-US: McAfee
-CVE-2019-3580
+CVE-2019-3580 (OpenRefine through 3.1 allows arbitrary file write because Directory T ...)
 	NOT-FOR-US: OpenRefine
 CVE-2019-3579
 	RESERVED
 CVE-2019-3578
 	RESERVED
-CVE-2019-3577
+CVE-2019-3577 (An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/P ...)
 	NOT-FOR-US: Waimai Super Cms
-CVE-2019-3576
+CVE-2019-3576 (inxedu through 2018-12-24 has a SQL Injection vulnerability that can l ...)
 	NOT-FOR-US: inxedu
-CVE-2019-3575
+CVE-2019-3575 (Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary pytho ...)
 	NOT-FOR-US: Sqla_yaml_fixtures
-CVE-2019-3574
+CVE-2019-3574 (In libsixel v1.8.2, there is a heap-based buffer over-read in the func ...)
 	- libsixel <unfixed> (low; bug #922460)
 	[buster] - libsixel <no-dsa> (Minor issue)
 	[stretch] - libsixel <no-dsa> (Minor issue)
 	[jessie] - libsixel <no-dsa> (Minor issue)
 	NOTE: https://github.com/saitoha/libsixel/issues/83
-CVE-2019-3573
+CVE-2019-3573 (In libsixel v1.8.2, there is an infinite loop in the function sixel_de ...)
 	- libsixel <unfixed> (low; bug #922460)
 	[buster] - libsixel <no-dsa> (Minor issue)
 	[stretch] - libsixel <no-dsa> (Minor issue)
 	[jessie] - libsixel <postponed> (Minor issue)
 	NOTE: https://github.com/saitoha/libsixel/issues/83
-CVE-2019-3572
+CVE-2019-3572 (An issue was discovered in libming 0.4.8. There is a heap-based buffer ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/169
 CVE-2019-3571
@@ -14012,13 +14012,13 @@ CVE-2019-3559
 	RESERVED
 CVE-2019-3558
 	RESERVED
-CVE-2019-3557
+CVE-2019-3557 (The implementations of streams for bz2 and php://output improperly imp ...)
 	- hhvm <removed>
 CVE-2019-3556
 	RESERVED
 CVE-2019-3555
 	RESERVED
-CVE-2019-3554
+CVE-2019-3554 (Wangle's AcceptRoutingHandler incorrectly casts a socket when acceptin ...)
 	NOT-FOR-US: Facebook Wangle
 CVE-2019-3553
 	RESERVED
@@ -14124,9 +14124,9 @@ CVE-2019-3503
 	RESERVED
 CVE-2019-3502
 	RESERVED
-CVE-2019-3501
+CVE-2019-3501 (The OUGC Awards plugin before 1.8.19 for MyBB allows XSS via a crafted ...)
 	NOT-FOR-US: OUGC Awards plugin for MyBB
-CVE-2019-3500
+CVE-2019-3500 (aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Au ...)
 	{DLA-1636-1}
 	- aria2 1.34.0-4 (low; bug #918058)
 	[stretch] - aria2 <no-dsa> (Minor issue)
@@ -14135,19 +14135,19 @@ CVE-2019-3500
 	NOTE: https://github.com/aria2/aria2/commit/37368130ca7de5491a75fd18a20c5c5cc641824a
 CVE-2019-3499
 	RESERVED
-CVE-2019-3498
+CVE-2019-3498 (In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before ...)
 	{DSA-4363-1 DLA-1629-1}
 	- python-django 1:1.11.18-1 (bug #918230)
 	NOTE: https://www.djangoproject.com/weblog/2019/jan/04/security-releases/
 	NOTE: https://github.com/django/django/commit/1cd00fcf52d089ef0fe03beabd05d59df8ea052a (1.11.x)
 	NOTE: https://github.com/django/django/commit/64d2396e83aedba3fcc84ca40f23fbd22f0b9b5b (2.1.x)
-CVE-2019-3497
+CVE-2019-3497 (An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x ...)
 	TODO: check
-CVE-2019-3496
+CVE-2019-3496 (An issue was discovered on Wifi-soft UniBox controller 3.x devices. Th ...)
 	TODO: check
-CVE-2019-3495
+CVE-2019-3495 (An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x ...)
 	TODO: check
-CVE-2019-3494
+CVE-2019-3494 (Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteC ...)
 	NOT-FOR-US: Simply-Blog
 CVE-2019-3493
 	RESERVED
@@ -14185,9 +14185,9 @@ CVE-2019-3477
 	RESERVED
 CVE-2019-3476
 	RESERVED
-CVE-2019-3475
+CVE-2019-3475 (A local privilege escalation vulnerability in the famtd component of M ...)
 	NOT-FOR-US: Micro Focus Filr
-CVE-2019-3474
+CVE-2019-3474 (A path traversal vulnerability in the web application component of Mic ...)
 	NOT-FOR-US: Micro Focus Filr
 CVE-2019-3473
 	RESERVED
@@ -14207,18 +14207,18 @@ CVE-2019-3466
 	RESERVED
 CVE-2019-3465
 	RESERVED
-CVE-2019-3464
+CVE-2019-3464 (Insufficient sanitization of environment variables passed to rsync can ...)
 	{DSA-4382-1 DLA-1660-1}
 	- rssh 2.3.4-10
-CVE-2019-3463
+CVE-2019-3463 (Insufficient sanitization of arguments passed to rsync can bypass the  ...)
 	{DSA-4382-1 DLA-1660-1}
 	- rssh 2.3.4-10
-CVE-2019-3462
+CVE-2019-3462 (Incorrect sanitation of the 302 redirect field in HTTP transport metho ...)
 	{DSA-4371-1 DLA-1637-1}
 	- apt 1.8.0~alpha3.1
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1812353
 	NOTE: https://justi.cz/security/2019/01/22/apt-rce.html
-CVE-2019-3461
+CVE-2019-3461 (Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a ...)
 	{DSA-4365-1 DLA-1640-1}
 	- tmpreaper 1.6.14 (bug #918956)
 CVE-2019-3460 [Heap data infoleak in multiple locations including functionl2cap_parse_conf_rsp]
@@ -16035,104 +16035,104 @@ CVE-2019-2558
 	RESERVED
 CVE-2019-2557
 	RESERVED
-CVE-2019-2556
+CVE-2019-2556 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2555
+CVE-2019-2555 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2554
+CVE-2019-2554 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2553
+CVE-2019-2553 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2552
+CVE-2019-2552 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 CVE-2019-2551
 	RESERVED
-CVE-2019-2550
+CVE-2019-2550 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2549
+CVE-2019-2549 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracl ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2548
+CVE-2019-2548 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2547
+CVE-2019-2547 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2546
+CVE-2019-2546 (Vulnerability in the Oracle Applications Manager component of Oracle E ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2545
+CVE-2019-2545 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2544
+CVE-2019-2544 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2543
+CVE-2019-2543 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2542
 	RESERVED
-CVE-2019-2541
+CVE-2019-2541 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2540
+CVE-2019-2540 (Vulnerability in the Java Advanced Management Console component of Ora ...)
 	NOT-FOR-US: Java Advanced Management Console
-CVE-2019-2539
+CVE-2019-2539 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Specific to 8.x)
-CVE-2019-2538
+CVE-2019-2538 (Vulnerability in the Oracle Managed File Transfer component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2537
+CVE-2019-2537 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DLA-1655-1}
 	- mysql-5.7 5.7.25-1 (bug #919817)
 	- mariadb-10.3 1:10.3.13-1 (bug #920933)
 	- mariadb-10.1 <removed>
 	- mariadb-10.0 <removed>
 	NOTE: Fixed in MariaDB: 10.3.13, 10.1.38, 10.0.38
-CVE-2019-2536
+CVE-2019-2536 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2535
+CVE-2019-2535 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2534
+CVE-2019-2534 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2533
+CVE-2019-2533 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Specific to 8.x)
-CVE-2019-2532
+CVE-2019-2532 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2531
+CVE-2019-2531 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2530
+CVE-2019-2530 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2529
+CVE-2019-2529 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DLA-1655-1}
 	- mysql-5.7 5.7.25-1 (bug #919817)
 	- mariadb-10.1 <removed>
 	- mariadb-10.0 <removed>
 	NOTE: Fixed in MariaDB: 10.1.38, 10.0.38
-CVE-2019-2528
+CVE-2019-2528 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2527
+CVE-2019-2527 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2526
+CVE-2019-2526 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2525
+CVE-2019-2525 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2524
+CVE-2019-2524 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2523
+CVE-2019-2523 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2522
+CVE-2019-2522 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2521
+CVE-2019-2521 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2520
+CVE-2019-2520 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2519
+CVE-2019-2519 (Vulnerability in the PeopleSoft Enterprise SCM eProcurement component  ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2518
 	RESERVED
@@ -16144,267 +16144,267 @@ CVE-2019-2515
 	RESERVED
 CVE-2019-2514
 	RESERVED
-CVE-2019-2513
+CVE-2019-2513 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2512
+CVE-2019-2512 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2511
+CVE-2019-2511 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2510
+CVE-2019-2510 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.25-1 (bug #919817)
 	- mariadb-10.3 1:10.3.13-1 (bug #920933)
 	NOTE: Fixed in MariaDB: 10.3.13
-CVE-2019-2509
+CVE-2019-2509 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2508
+CVE-2019-2508 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2507
+CVE-2019-2507 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2506
+CVE-2019-2506 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2505
+CVE-2019-2505 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2504
+CVE-2019-2504 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2503
+CVE-2019-2503 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	{DLA-1570-1}
 	- mysql-5.7 5.7.25-1 (bug #919817)
 	- mariadb-10.0 <removed>
 	NOTE: Fixed in MariaDB: 10.0.37
-CVE-2019-2502
+CVE-2019-2502 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2501
+CVE-2019-2501 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2500
+CVE-2019-2500 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2499
+CVE-2019-2499 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2498
+CVE-2019-2498 (Vulnerability in the Oracle Partner Management component of Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2497
+CVE-2019-2497 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2496
+CVE-2019-2496 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2495
+CVE-2019-2495 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2494
+CVE-2019-2494 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2493
+CVE-2019-2493 (Vulnerability in the PeopleSoft Enterprise CS Campus Community compone ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2492
+CVE-2019-2492 (Vulnerability in the Oracle Email Center component of Oracle E-Busines ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2491
+CVE-2019-2491 (Vulnerability in the Oracle Email Center component of Oracle E-Busines ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2490
+CVE-2019-2490 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2489
+CVE-2019-2489 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2488
+CVE-2019-2488 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2487
+CVE-2019-2487 (Vulnerability in the Oracle Transportation Management component of Ora ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2486
+CVE-2019-2486 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2485
+CVE-2019-2485 (Vulnerability in the Oracle Mobile Field Service component of Oracle E ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2484
 	RESERVED
 CVE-2019-2483
 	RESERVED
-CVE-2019-2482
+CVE-2019-2482 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2481
+CVE-2019-2481 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2480
+CVE-2019-2480 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2479
+CVE-2019-2479 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2478
+CVE-2019-2478 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2477
+CVE-2019-2477 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2476
+CVE-2019-2476 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2475
+CVE-2019-2475 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2474
+CVE-2019-2474 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2473
+CVE-2019-2473 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2472
+CVE-2019-2472 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2471
+CVE-2019-2471 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2470
+CVE-2019-2470 (Vulnerability in the Oracle Partner Management component of Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2469
+CVE-2019-2469 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2468
+CVE-2019-2468 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2467
+CVE-2019-2467 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2466
+CVE-2019-2466 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2465
+CVE-2019-2465 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2464
+CVE-2019-2464 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2463
+CVE-2019-2463 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2462
+CVE-2019-2462 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2461
+CVE-2019-2461 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2460
+CVE-2019-2460 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2459
+CVE-2019-2459 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2458
+CVE-2019-2458 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2457
+CVE-2019-2457 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2456
+CVE-2019-2456 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2455
+CVE-2019-2455 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.25-1 (bug #919817)
 CVE-2019-2454
 	RESERVED
-CVE-2019-2453
+CVE-2019-2453 (Vulnerability in the Oracle Performance Management component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2452
+CVE-2019-2452 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2451
+CVE-2019-2451 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2450
+CVE-2019-2450 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2449
+CVE-2019-2449 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2019-2448
+CVE-2019-2448 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2447
+CVE-2019-2447 (Vulnerability in the Oracle Partner Management component of Oracle E-B ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2446
+CVE-2019-2446 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 5.2.24-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2445
+CVE-2019-2445 (Vulnerability in the Oracle Content Manager component of Oracle E-Busi ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2444
+CVE-2019-2444 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2443
+CVE-2019-2443 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2442
+CVE-2019-2442 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2441
+CVE-2019-2441 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2440
+CVE-2019-2440 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2439
+CVE-2019-2439 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2438
+CVE-2019-2438 (Vulnerability in the Oracle Web Cache component of Oracle Fusion Middl ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2437
+CVE-2019-2437 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2436
+CVE-2019-2436 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Specific to 8)
-CVE-2019-2435
+CVE-2019-2435 (Vulnerability in the MySQL Connectors component of Oracle MySQL (subco ...)
 	- mysql-connector-python 8.0.14-1 (bug #919820)
 	[stretch] - mysql-connector-python <ignored> (No security details disclosed, no 2.1.x release by Oracle)
 	[jessie] - mysql-connector-python <ignored> (No security details disclosed, no 1.2.x release by Oracle)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#CVE-2019-2435
-CVE-2019-2434
+CVE-2019-2434 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2433
+CVE-2019-2433 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2432
+CVE-2019-2432 (Vulnerability in the Oracle Argus Safety component of Oracle Health Sc ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2431
+CVE-2019-2431 (Vulnerability in the Oracle Argus Safety component of Oracle Health Sc ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2430
+CVE-2019-2430 (Vulnerability in the Oracle Argus Safety component of Oracle Health Sc ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2429
+CVE-2019-2429 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2428
 	RESERVED
-CVE-2019-2427
+CVE-2019-2427 (Vulnerability in the Oracle WebCenter Portal component of Oracle Fusio ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2426
+CVE-2019-2426 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-7 <not-affected> (Specific to Java on Windows)
 	- openjdk-8 <not-affected> (Specific to Java on Windows)
 	- openjdk-11 <not-affected> (Specific to Java on Windows)
-CVE-2019-2425
+CVE-2019-2425 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2424
 	RESERVED
-CVE-2019-2423
+CVE-2019-2423 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2422
+CVE-2019-2422 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
 	- openjdk-7 <unfixed>
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.2+9-1
-CVE-2019-2421
+CVE-2019-2421 (Vulnerability in the PeopleSoft Enterprise HCM eProfile Manager Deskto ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2420
+CVE-2019-2420 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 5.7.25-1 (bug #919817)
-CVE-2019-2419
+CVE-2019-2419 (Vulnerability in the PeopleSoft Enterprise CC Common Application Objec ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2418
+CVE-2019-2418 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2417
+CVE-2019-2417 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2416
+CVE-2019-2416 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2415
+CVE-2019-2415 (Vulnerability in the Hyperion BI+ component of Oracle Hyperion (subcom ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2414
+CVE-2019-2414 (Vulnerability in the Oracle HTTP Server component of Oracle Fusion Mid ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2413
+CVE-2019-2413 (Vulnerability in the Oracle Reports Developer component of Oracle Fusi ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2412
+CVE-2019-2412 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2411
+CVE-2019-2411 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2410
+CVE-2019-2410 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2409
+CVE-2019-2409 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2408
+CVE-2019-2408 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2407
+CVE-2019-2407 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2406
+CVE-2019-2406 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2405
+CVE-2019-2405 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2404
+CVE-2019-2404 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2403
+CVE-2019-2403 (Vulnerability in the Oracle Hospitality Simphony component of Oracle F ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2402
+CVE-2019-2402 (Vulnerability in the Oracle Hospitality Simphony component of Oracle F ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2401
+CVE-2019-2401 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2400
+CVE-2019-2400 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2399
+CVE-2019-2399 (Vulnerability in the Oracle Communications Diameter Signaling Router ( ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2398
+CVE-2019-2398 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2397
+CVE-2019-2397 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2396
+CVE-2019-2396 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2395
+CVE-2019-2395 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2394
 	RESERVED
@@ -17218,27 +17218,27 @@ CVE-2019-2003
 	NOT-FOR-US: Android
 CVE-2019-2002
 	RESERVED
-CVE-2019-2001
+CVE-2019-2001 (The permissions on /proc/iomem were world-readable. This could lead to ...)
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2019-2000
+CVE-2019-2000 (In several functions of binder.c, there is possible memory corruption  ...)
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2019-1999
+CVE-2019-1999 (In binder_alloc_free_page of binder_alloc.c, there is a possible doubl ...)
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
-CVE-2019-1998
+CVE-2019-1998 (In event_handler of keymaster_app.c, there is possible resource exhaus ...)
 	NOT-FOR-US: Android
-CVE-2019-1997
+CVE-2019-1997 (In random_get_bytes of random.c, there is a possible degradation of ra ...)
 	NOT-FOR-US: Android
-CVE-2019-1996
+CVE-2019-1996 (In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of ...)
 	NOT-FOR-US: Android
-CVE-2019-1995
+CVE-2019-1995 (In ComposeActivityEmail of ComposeActivityEmail.java, there is a possi ...)
 	NOT-FOR-US: Android
-CVE-2019-1994
+CVE-2019-1994 (In refresh of DevelopmentTiles.java, there is the possibility of leavi ...)
 	NOT-FOR-US: Android
-CVE-2019-1993
+CVE-2019-1993 (In register_app of btif_hd.cc, there is a possible memory corruption d ...)
 	NOT-FOR-US: Android
-CVE-2019-1992
+CVE-2019-1992 (In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible use ...)
 	NOT-FOR-US: Android
-CVE-2019-1991
+CVE-2019-1991 (In btif_dm_data_copy of btif_core.cc, there is a possible out of bound ...)
 	NOT-FOR-US: Android
 CVE-2019-1990
 	RESERVED
@@ -17246,11 +17246,11 @@ CVE-2019-1990
 CVE-2019-1989
 	RESERVED
 	NOT-FOR-US: Android Media Framework
-CVE-2019-1988
+CVE-2019-1988 (In sample6 of SkSwizzler.cpp, there is a possible out of bounds write  ...)
 	NOT-FOR-US: Android
-CVE-2019-1987
+CVE-2019-1987 (In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds w ...)
 	NOT-FOR-US: Android
-CVE-2019-1986
+CVE-2019-1986 (In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out ...)
 	NOT-FOR-US: Android
 CVE-2019-1985
 	RESERVED
@@ -17777,7 +17777,7 @@ CVE-2019-1725
 	RESERVED
 CVE-2019-1724
 	RESERVED
-CVE-2019-1723
+CVE-2019-1723 (A vulnerability in the Cisco Common Services Platform Collector (CSPC) ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1722
 	RESERVED
@@ -17809,7 +17809,7 @@ CVE-2019-1709
 	RESERVED
 CVE-2019-1708
 	RESERVED
-CVE-2019-1707
+CVE-2019-1707 (A vulnerability in the web-based management interface of Cisco DNA Cen ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1706
 	RESERVED
@@ -17819,15 +17819,15 @@ CVE-2019-1704
 	RESERVED
 CVE-2019-1703
 	RESERVED
-CVE-2019-1702
+CVE-2019-1702 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1701
 	RESERVED
-CVE-2019-1700
+CVE-2019-1700 (A vulnerability in field-programmable gate array (FPGA) ingress buffer ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1699
 	RESERVED
-CVE-2019-1698
+CVE-2019-1698 (A vulnerability in the web-based user interface of Cisco Internet of T ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1697
 	RESERVED
@@ -17841,117 +17841,117 @@ CVE-2019-1693
 	RESERVED
 CVE-2019-1692
 	RESERVED
-CVE-2019-1691
+CVE-2019-1691 (A vulnerability in the detection engine of Cisco Firepower Threat Defe ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1690
+CVE-2019-1690 (A vulnerability in the management interface of Cisco Application Polic ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1689
+CVE-2019-1689 (A vulnerability in the client application for iOS of Cisco Webex Teams ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1688
+CVE-2019-1688 (A vulnerability in the management web interface of Cisco Network Assur ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1687
 	RESERVED
 CVE-2019-1686
 	RESERVED
-CVE-2019-1685
+CVE-2019-1685 (A vulnerability in the Security Assertion Markup Language (SAML) singl ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1684
+CVE-2019-1684 (A vulnerability in the Cisco Discovery Protocol or Link Layer Discover ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1683
+CVE-2019-1683 (A vulnerability in the certificate handling component of the Cisco SPA ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1682
 	RESERVED
-CVE-2019-1681
+CVE-2019-1681 (A vulnerability in the TFTP service of Cisco Network Convergence Syste ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1680
+CVE-2019-1680 (A vulnerability in Cisco Webex Business Suite could allow an unauthent ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1679
+CVE-2019-1679 (A vulnerability in the web interface of Cisco TelePresence Conductor,  ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1678
+CVE-2019-1678 (A vulnerability in Cisco Meeting Server could allow an authenticated,  ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1677
+CVE-2019-1677 (A vulnerability in Cisco Webex Meetings for Android could allow an una ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1676
+CVE-2019-1676 (A vulnerability in the Session Initiation Protocol (SIP) call processi ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1675
+CVE-2019-1675 (A vulnerability in the default configuration of the Cisco Aironet Acti ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1674
+CVE-2019-1674 (A vulnerability in the update service of Cisco Webex Meetings Desktop  ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1673
+CVE-2019-1673 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1672
+CVE-2019-1672 (A vulnerability in the Decryption Policy Default Action functionality  ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1671
+CVE-2019-1671 (A vulnerability in the web-based management interface of Cisco Firepow ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1670
+CVE-2019-1670 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1669
+CVE-2019-1669 (A vulnerability in the data acquisition (DAQ) component of Cisco Firep ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1668
+CVE-2019-1668 (A vulnerability in the chat feed feature of Cisco SocialMiner could al ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1667
+CVE-2019-1667 (A vulnerability in the Graphite interface of Cisco HyperFlex software  ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1666
+CVE-2019-1666 (A vulnerability in the Graphite service of Cisco HyperFlex software co ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1665
+CVE-2019-1665 (A vulnerability in the web-based management interface of Cisco HyperFl ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1664
+CVE-2019-1664 (A vulnerability in the hxterm service of Cisco HyperFlex Software coul ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1663
+CVE-2019-1663 (A vulnerability in the web-based management interface of the Cisco RV1 ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1662
+CVE-2019-1662 (A vulnerability in the Quality of Voice Reporting (QOVR) service of Ci ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1661
+CVE-2019-1661 (A vulnerability in the web-based management interface of Cisco TelePre ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1660
+CVE-2019-1660 (A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco T ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1659
+CVE-2019-1659 (A vulnerability in the Identity Services Engine (ISE) integration feat ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1658
+CVE-2019-1658 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1657
+CVE-2019-1657 (A vulnerability in Cisco AMP Threat Grid could allow an authenticated, ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1656
+CVE-2019-1656 (A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1655
+CVE-2019-1655 (A vulnerability in the web-based management interface of Cisco Webex M ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1654
 	RESERVED
-CVE-2019-1653
+CVE-2019-1653 (A vulnerability in the web-based management interface of Cisco Small B ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1652
+CVE-2019-1652 (A vulnerability in the web-based management interface of Cisco Small B ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1651
+CVE-2019-1651 (A vulnerability in the vContainer of the Cisco SD-WAN Solution could a ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1650
+CVE-2019-1650 (A vulnerability in the Cisco SD-WAN Solution could allow an authentica ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1649
 	RESERVED
-CVE-2019-1648
+CVE-2019-1648 (A vulnerability in the user group configuration of the Cisco SD-WAN So ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1647
+CVE-2019-1647 (A vulnerability in the Cisco SD-WAN Solution could allow an authentica ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1646
+CVE-2019-1646 (A vulnerability in the local CLI of the Cisco SD-WAN Solution could al ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1645
+CVE-2019-1645 (A vulnerability in the Cisco Connected Mobile Experiences (CMX) softwa ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1644
+CVE-2019-1644 (A vulnerability in the UDP protocol implementation for Cisco IoT Field ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1643
+CVE-2019-1643 (A vulnerability in the web-based management interface of Cisco Prime I ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1642
+CVE-2019-1642 (A vulnerability in the web-based management interface of Cisco Firepow ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1641
+CVE-2019-1641 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1640
+CVE-2019-1640 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1639
+CVE-2019-1639 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1638
+CVE-2019-1638 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1637
+CVE-2019-1637 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1636
+CVE-2019-1636 (A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1635
 	RESERVED
@@ -17987,73 +17987,73 @@ CVE-2019-1620
 	RESERVED
 CVE-2019-1619
 	RESERVED
-CVE-2019-1618
+CVE-2019-1618 (A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000  ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1617
+CVE-2019-1617 (A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtu ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1616
+CVE-2019-1616 (A vulnerability in the Cisco Fabric Services component of Cisco NX-OS  ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1615
+CVE-2019-1615 (A vulnerability in the Image Signature Verification feature of Cisco N ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1614
+CVE-2019-1614 (A vulnerability in the NX-API feature of Cisco NX-OS Software could al ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1613
+CVE-2019-1613 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1612
+CVE-2019-1612 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1611
+CVE-2019-1611 (A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Soft ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1610
+CVE-2019-1610 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1609
+CVE-2019-1609 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1608
+CVE-2019-1608 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1607
+CVE-2019-1607 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1606
+CVE-2019-1606 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1605
+CVE-2019-1605 (A vulnerability in the NX-API feature of Cisco NX-OS Software could al ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1604
+CVE-2019-1604 (A vulnerability in the user account management interface of Cisco NX-O ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1603
+CVE-2019-1603 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1602
+CVE-2019-1602 (A vulnerability in the filesystem permissions of Cisco NX-OS Software  ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1601
+CVE-2019-1601 (A vulnerability in the filesystem permissions of Cisco NX-OS Software  ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1600
+CVE-2019-1600 (A vulnerability in the file system permissions of Cisco FXOS Software  ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1599
+CVE-2019-1599 (A vulnerability in the network stack of Cisco NX-OS Software could all ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1598
+CVE-2019-1598 (Multiple vulnerabilities in the implementation of the Lightweight Dire ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1597
+CVE-2019-1597 (Multiple vulnerabilities in the implementation of the Lightweight Dire ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1596
+CVE-2019-1596 (A vulnerability in the Bash shell implementation for Cisco NX-OS Softw ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1595
+CVE-2019-1595 (A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol imp ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1594
+CVE-2019-1594 (A vulnerability in the 802.1X implementation for Cisco NX-OS Software  ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1593
+CVE-2019-1593 (A vulnerability in the Bash shell implementation for Cisco NX-OS Softw ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1592
 	RESERVED
-CVE-2019-1591
+CVE-2019-1591 (A vulnerability in a specific CLI command implementation of Cisco Nexu ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1590
 	RESERVED
 CVE-2019-1589
 	RESERVED
-CVE-2019-1588
+CVE-2019-1588 (A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1587
 	RESERVED
 CVE-2019-1586
 	RESERVED
-CVE-2019-1585
+CVE-2019-1585 (A vulnerability in the controller authorization functionality of Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1584
 	RESERVED
@@ -18091,9 +18091,9 @@ CVE-2019-1568
 	RESERVED
 CVE-2019-1567
 	RESERVED
-CVE-2019-1566
+CVE-2019-1566 (The PAN-OS management web interface in PAN-OS 7.1.21 and earlier, PAN- ...)
 	NOT-FOR-US: PAN-OS
-CVE-2019-1565
+CVE-2019-1565 (The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-O ...)
 	NOT-FOR-US: PAN-OS
 CVE-2019-1564
 	RESERVED
@@ -18105,7 +18105,7 @@ CVE-2019-1561
 	RESERVED
 CVE-2019-1560
 	RESERVED
-CVE-2019-1559
+CVE-2019-1559 (If an application encounters a fatal protocol error and then calls SSL ...)
 	{DSA-4400-1 DLA-1701-1}
 	- openssl1.0 <unfixed>
 	- openssl 1.1.0b-2
@@ -18146,7 +18146,7 @@ CVE-2019-1545
 	RESERVED
 CVE-2019-1544
 	RESERVED
-CVE-2019-1543
+CVE-2019-1543 (ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input ...)
 	- openssl <unfixed>
 	[stretch] - openssl <postponed> (Minor issue, fix along in future DSA)
 	[jessie] - openssl <postponed> (Minor issue, fix along in future DLA)
@@ -19759,11 +19759,11 @@ CVE-2019-0745
 	RESERVED
 CVE-2019-0744
 	RESERVED
-CVE-2019-0743
+CVE-2019-0743 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
 	NOT-FOR-US: Microsoft Team Foundation Server
-CVE-2019-0742
+CVE-2019-0742 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
 	NOT-FOR-US: Microsoft Team Foundation Server
-CVE-2019-0741
+CVE-2019-0741 (An information disclosure vulnerability exists in the way Azure IoT Ja ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0740
 	RESERVED
@@ -19787,9 +19787,9 @@ CVE-2019-0731
 	RESERVED
 CVE-2019-0730
 	RESERVED
-CVE-2019-0729
+CVE-2019-0729 (An Elevation of Privilege vulnerability exists in the way Azure IoT Ja ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0728
+CVE-2019-0728 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0727
 	RESERVED
@@ -19797,7 +19797,7 @@ CVE-2019-0726
 	RESERVED
 CVE-2019-0725
 	RESERVED
-CVE-2019-0724
+CVE-2019-0724 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0723
 	RESERVED
@@ -19873,7 +19873,7 @@ CVE-2019-0688
 	RESERVED
 CVE-2019-0687
 	RESERVED
-CVE-2019-0686
+CVE-2019-0686 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0685
 	RESERVED
@@ -19893,23 +19893,23 @@ CVE-2019-0678
 	RESERVED
 CVE-2019-0677
 	RESERVED
-CVE-2019-0676
+CVE-2019-0676 (An information disclosure vulnerability exists when Internet Explorer  ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0675
+CVE-2019-0675 (A remote code execution vulnerability exists when the Microsoft Office ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0674
+CVE-2019-0674 (A remote code execution vulnerability exists when the Microsoft Office ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0673
+CVE-2019-0673 (A remote code execution vulnerability exists when the Microsoft Office ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0672
+CVE-2019-0672 (A remote code execution vulnerability exists when the Microsoft Office ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0671
+CVE-2019-0671 (A remote code execution vulnerability exists when the Microsoft Office ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0670
+CVE-2019-0670 (A spoofing vulnerability exists in Microsoft SharePoint when the appli ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0669
+CVE-2019-0669 (An information disclosure vulnerability exists when Microsoft Excel im ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0668
+CVE-2019-0668 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0667
 	RESERVED
@@ -19917,264 +19917,264 @@ CVE-2019-0666
 	RESERVED
 CVE-2019-0665
 	RESERVED
-CVE-2019-0664
+CVE-2019-0664 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0663
+CVE-2019-0663 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0662
+CVE-2019-0662 (A remote code execution vulnerability exists in the way that the Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0661
+CVE-2019-0661 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0660
+CVE-2019-0660 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0659
+CVE-2019-0659 (An elevation of privilege vulnerability exists when the Storage Servic ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0658
+CVE-2019-0658 (An information disclosure vulnerability exists when the scripting engi ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0657
+CVE-2019-0657 (A vulnerability exists in certain .Net Framework API's and Visual Stud ...)
 	NOT-FOR-US: .NET core
-CVE-2019-0656
+CVE-2019-0656 (An elevation of privilege vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0655
+CVE-2019-0655 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0654
+CVE-2019-0654 (A spoofing vulnerability exists when Microsoft browsers improperly han ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0653
 	RESERVED
-CVE-2019-0652
+CVE-2019-0652 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0651
+CVE-2019-0651 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0650
+CVE-2019-0650 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0649
+CVE-2019-0649 (A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting  ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0648
+CVE-2019-0648 (An information disclosure vulnerability exists when Chakra improperly  ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0647
+CVE-2019-0647 (An information disclosure vulnerability exists when Team Foundation Se ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0646
+CVE-2019-0646 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0645
+CVE-2019-0645 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0644
+CVE-2019-0644 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0643
+CVE-2019-0643 (An information disclosure vulnerability exists in the way that Microso ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0642
+CVE-2019-0642 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0641
+CVE-2019-0641 (A security feature bypass vulnerability exists in Microsoft Edge handl ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0640
+CVE-2019-0640 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0639
 	RESERVED
 CVE-2019-0638
 	RESERVED
-CVE-2019-0637
+CVE-2019-0637 (A security feature bypass vulnerability exists when Windows Defender F ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0636
+CVE-2019-0636 (An information vulnerability exists when Windows improperly discloses  ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0635
+CVE-2019-0635 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0634
+CVE-2019-0634 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0633
+CVE-2019-0633 (A remote code execution vulnerability exists in the way that the Micro ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0632
+CVE-2019-0632 (A security feature bypass vulnerability exists in Windows which could  ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0631
+CVE-2019-0631 (A security feature bypass vulnerability exists in Windows which could  ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0630
+CVE-2019-0630 (A remote code execution vulnerability exists in the way that the Micro ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0629
 	RESERVED
-CVE-2019-0628
+CVE-2019-0628 (An information disclosure vulnerability exists when the win32k compone ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0627
+CVE-2019-0627 (A security feature bypass vulnerability exists in Windows which could  ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0626
+CVE-2019-0626 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0625
+CVE-2019-0625 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0624
+CVE-2019-0624 (A spoofing vulnerability exists when a Skype for Business 2015 server  ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0623
+CVE-2019-0623 (An elevation of privilege vulnerability exists in Windows when the Win ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0622
+CVE-2019-0622 (An elevation of privilege vulnerability exists when Skype for Andriod  ...)
 	NOT-FOR-US: Skype for Android
-CVE-2019-0621
+CVE-2019-0621 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0620
 	RESERVED
-CVE-2019-0619
+CVE-2019-0619 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0618
+CVE-2019-0618 (A remote code execution vulnerability exists in the way that the Windo ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0617
 	RESERVED
-CVE-2019-0616
+CVE-2019-0616 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0615
+CVE-2019-0615 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0614
 	RESERVED
-CVE-2019-0613
+CVE-2019-0613 (A remote code execution vulnerability exists in .NET Framework and Vis ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0612
 	RESERVED
 CVE-2019-0611
 	RESERVED
-CVE-2019-0610
+CVE-2019-0610 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0609
 	RESERVED
 CVE-2019-0608
 	RESERVED
-CVE-2019-0607
+CVE-2019-0607 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0606
+CVE-2019-0606 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0605
+CVE-2019-0605 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0604
+CVE-2019-0604 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0603
 	RESERVED
-CVE-2019-0602
+CVE-2019-0602 (An information disclosure vulnerability exists when the Windows GDI co ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0601
+CVE-2019-0601 (An information disclosure vulnerability exists when the Human Interfac ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0600
+CVE-2019-0600 (An information disclosure vulnerability exists when the Human Interfac ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0599
+CVE-2019-0599 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0598
+CVE-2019-0598 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0597
+CVE-2019-0597 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0596
+CVE-2019-0596 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0595
+CVE-2019-0595 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0594
+CVE-2019-0594 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0593
+CVE-2019-0593 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0592
 	RESERVED
-CVE-2019-0591
+CVE-2019-0591 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0590
+CVE-2019-0590 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0589
 	RESERVED
-CVE-2019-0588
+CVE-2019-0588 (An information disclosure vulnerability exists when the Microsoft Exch ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0587
 	RESERVED
-CVE-2019-0586
+CVE-2019-0586 (A remote code execution vulnerability exists in Microsoft Exchange sof ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0585
+CVE-2019-0585 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0584
+CVE-2019-0584 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0583
+CVE-2019-0583 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0582
+CVE-2019-0582 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0581
+CVE-2019-0581 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0580
+CVE-2019-0580 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0579
+CVE-2019-0579 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0578
+CVE-2019-0578 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0577
+CVE-2019-0577 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0576
+CVE-2019-0576 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0575
+CVE-2019-0575 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0574
+CVE-2019-0574 (An elevation of privilege vulnerability exists when the Windows Data S ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0573
+CVE-2019-0573 (An elevation of privilege vulnerability exists when the Windows Data S ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0572
+CVE-2019-0572 (An elevation of privilege vulnerability exists when the Windows Data S ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0571
+CVE-2019-0571 (An elevation of privilege vulnerability exists when the Windows Data S ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0570
+CVE-2019-0570 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0569
+CVE-2019-0569 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0568
+CVE-2019-0568 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0567
+CVE-2019-0567 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0566
+CVE-2019-0566 (An elevation of privilege vulnerability exists in Microsoft Edge Brows ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0565
+CVE-2019-0565 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0564
+CVE-2019-0564 (A denial of service vulnerability exists when ASP.NET Core improperly  ...)
 	NOT-FOR-US: .NET core
 CVE-2019-0563
 	RESERVED
-CVE-2019-0562
+CVE-2019-0562 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0561
+CVE-2019-0561 (An information disclosure vulnerability exists when Microsoft Word mac ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0560
+CVE-2019-0560 (An information disclosure vulnerability exists when Microsoft Office i ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0559
+CVE-2019-0559 (An information disclosure vulnerability exists when Microsoft Outlook  ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0558
+CVE-2019-0558 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0557
+CVE-2019-0557 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0556
+CVE-2019-0556 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0555
+CVE-2019-0555 (An elevation of privilege vulnerability exists in the Microsoft XmlDoc ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0554
+CVE-2019-0554 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0553
+CVE-2019-0553 (An information disclosure vulnerability exists when Windows Subsystem  ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0552
+CVE-2019-0552 (An elevation of privilege exists in Windows COM Desktop Broker, aka "W ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0551
+CVE-2019-0551 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0550
+CVE-2019-0550 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0549
+CVE-2019-0549 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0548
+CVE-2019-0548 (A denial of service vulnerability exists when ASP.NET Core improperly  ...)
 	NOT-FOR-US: .NET core
-CVE-2019-0547
+CVE-2019-0547 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0546
+CVE-2019-0546 (A remote code execution vulnerability exists in Visual Studio when the ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0545
+CVE-2019-0545 (An information disclosure vulnerability exists in .NET Framework and . ...)
 	NOT-FOR-US: .NET core
 CVE-2019-0544
 	RESERVED
-CVE-2019-0543
+CVE-2019-0543 (An elevation of privilege vulnerability exists when Windows improperly ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0542
+CVE-2019-0542 (A remote code execution vulnerability exists in Xterm.js when the comp ...)
 	- node-xterm <unfixed> (unimportant)
 	NOTE: nodejs not covered by security support
-CVE-2019-0541
+CVE-2019-0541 (A remote code execution vulnerability exists in the way that the MSHTM ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0540
+CVE-2019-0540 (A security feature bypass vulnerability exists when Microsoft Office d ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0539
+CVE-2019-0539 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0538
+CVE-2019-0538 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0537
+CVE-2019-0537 (An information disclosure vulnerability exists when Visual Studio impr ...)
 	NOT-FOR-US: Microsoft
-CVE-2019-0536
+CVE-2019-0536 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0535
 	RESERVED
@@ -20692,85 +20692,85 @@ CVE-2019-0279
 	RESERVED
 CVE-2019-0278
 	RESERVED
-CVE-2019-0277
+CVE-2019-0277 (SAP HANA extended application services, version 1, advanced does not s ...)
 	NOT-FOR-US: SAP
-CVE-2019-0276
+CVE-2019-0276 (Banking services from SAP 9.0 (FSAPPL version 5) and SAP S/4HANA Finan ...)
 	NOT-FOR-US: SAP
-CVE-2019-0275
+CVE-2019-0275 (SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server ...)
 	NOT-FOR-US: SAP
-CVE-2019-0274
+CVE-2019-0274 (SAP Mobile Platform SDK allows an attacker to prevent legitimate users ...)
 	NOT-FOR-US: SAP
 CVE-2019-0273
 	RESERVED
 CVE-2019-0272
 	RESERVED
-CVE-2019-0271
+CVE-2019-0271 (ABAP Server (used in NetWeaver and Suite/ERP) and ABAP Platform does n ...)
 	NOT-FOR-US: SAP
-CVE-2019-0270
+CVE-2019-0270 (ABAP Server of SAP NetWeaver and ABAP Platform fail to perform necessa ...)
 	NOT-FOR-US: SAP
-CVE-2019-0269
+CVE-2019-0269 (SAP BusinessObjects Business Intelligence Platform (BI Workspace), ver ...)
 	NOT-FOR-US: SAP
-CVE-2019-0268
+CVE-2019-0268 (SAP BusinessObjects Business Intelligence Platform (CMC Module), versi ...)
 	NOT-FOR-US: SAP
-CVE-2019-0267
+CVE-2019-0267 (SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 an ...)
 	NOT-FOR-US: SAP
-CVE-2019-0266
+CVE-2019-0266 (Under certain conditions SAP HANA Extended Application Services, versi ...)
 	NOT-FOR-US: SAP
-CVE-2019-0265
+CVE-2019-0265 (SLD Registration of ABAP Platform allows an attacker to prevent legiti ...)
 	NOT-FOR-US: ABAP Platform
 CVE-2019-0264
 	RESERVED
 CVE-2019-0263
 	RESERVED
-CVE-2019-0262
+CVE-2019-0262 (SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not suffici ...)
 	NOT-FOR-US: SAP
-CVE-2019-0261
+CVE-2019-0261 (Under certain circumstances, SAP HANA Extended Application Services, a ...)
 	NOT-FOR-US: SAP
 CVE-2019-0260
 	RESERVED
-CVE-2019-0259
+CVE-2019-0259 (SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows  ...)
 	NOT-FOR-US: SAP
-CVE-2019-0258
+CVE-2019-0258 (SAP Disclosure Management, version 10.01, does not perform necessary a ...)
 	NOT-FOR-US: SAP
-CVE-2019-0257
+CVE-2019-0257 (Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in  ...)
 	NOT-FOR-US: SAP
-CVE-2019-0256
+CVE-2019-0256 (Under certain conditions SAP Business One Mobile Android App, version  ...)
 	NOT-FOR-US: SAP
-CVE-2019-0255
+CVE-2019-0255 (SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, K ...)
 	NOT-FOR-US: SAP
-CVE-2019-0254
+CVE-2019-0254 (SAP Disclosure Management (before version 10.1 Stack 1301) does not su ...)
 	NOT-FOR-US: SAP
 CVE-2019-0253
 	RESERVED
 CVE-2019-0252
 	RESERVED
-CVE-2019-0251
+CVE-2019-0251 (The Fiori Launchpad of SAP BusinessObjects, before versions 4.2 and 4. ...)
 	NOT-FOR-US: SAP
 CVE-2019-0250
 	RESERVED
-CVE-2019-0249
+CVE-2019-0249 (Under certain conditions SAP Landscape Management (VCM 3.0) allows an  ...)
 	NOT-FOR-US: SAP
-CVE-2019-0248
+CVE-2019-0248 (Under certain conditions SAP Gateway of ABAP Application Server (fixed ...)
 	NOT-FOR-US: SAP
-CVE-2019-0247
+CVE-2019-0247 (SAP Cloud Connector, before version 2.11.3, allows an attacker to inje ...)
 	NOT-FOR-US: SAP
-CVE-2019-0246
+CVE-2019-0246 (SAP Cloud Connector, before version 2.11.3, does not perform any authe ...)
 	NOT-FOR-US: SAP
-CVE-2019-0245
+CVE-2019-0245 (SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31 ...)
 	NOT-FOR-US: SAP
-CVE-2019-0244
+CVE-2019-0244 (SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31 ...)
 	NOT-FOR-US: SAP
-CVE-2019-0243
+CVE-2019-0243 (Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixe ...)
 	NOT-FOR-US: SAP
 CVE-2019-0242
 	RESERVED
-CVE-2019-0241
+CVE-2019-0241 (SAP Work and Inventory Manager (Agentry_SDK , before 7.0, 7.1) allows  ...)
 	NOT-FOR-US: SAP
-CVE-2019-0240
+CVE-2019-0240 (SAP Business Objects Mobile for Android (before 6.3.5) application all ...)
 	NOT-FOR-US: SAP
 CVE-2019-0239
 	RESERVED
-CVE-2019-0238
+CVE-2019-0238 (SAP Commerce (previously known as SAP Hybris Commerce), before version ...)
 	NOT-FOR-US: SAP
 CVE-2019-0237
 	RESERVED
@@ -20846,7 +20846,7 @@ CVE-2019-0202
 	RESERVED
 CVE-2019-0201
 	RESERVED
-CVE-2019-0200
+CVE-2019-0200 (A Denial of Service vulnerability was found in Apache Qpid Broker-J ve ...)
 	- qpid-java <itp> (bug #840131)
 CVE-2019-0199
 	RESERVED
@@ -20862,13 +20862,13 @@ CVE-2019-0194
 	RESERVED
 CVE-2019-0193
 	RESERVED
-CVE-2019-0192
+CVE-2019-0192 (In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config  ...)
 	- lucene-solr <undetermined>
 	NOTE: https://issues.apache.org/jira/browse/SOLR-13301
 CVE-2019-0191
 	RESERVED
 	- apache-karaf <itp> (bug #881297)
-CVE-2019-0190
+CVE-2019-0190 (A bug exists in the way mod_ssl handled client renegotiations. A remot ...)
 	- apache2 2.4.38-1 (bug #920220)
 	[stretch] - apache2 <not-affected> (Only affects 2.4.37)
 	[jessie] - apache2 <not-affected> (Only affects 2.4.37)
@@ -20877,7 +20877,7 @@ CVE-2019-0189
 	RESERVED
 CVE-2019-0188
 	RESERVED
-CVE-2019-0187
+CVE-2019-0187 (Unauthenticated RCE is possible when JMeter is used in distributed mod ...)
 	- jakarta-jmeter <undetermined>
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62743
 CVE-2019-0186
@@ -20982,7 +20982,7 @@ CVE-2019-0137
 	RESERVED
 CVE-2019-0136
 	RESERVED
-CVE-2019-0135
+CVE-2019-0135 (Improper permissions in the installer for Intel(R) Accelerated Storage ...)
 	NOT-FOR-US: Intel
 CVE-2019-0134
 	RESERVED
@@ -20994,11 +20994,11 @@ CVE-2019-0131
 	RESERVED
 CVE-2019-0130
 	RESERVED
-CVE-2019-0129
+CVE-2019-0129 (Improper permissions for Intel(R) USB 3.0 Creator Utility all versions ...)
 	NOT-FOR-US: Intel
 CVE-2019-0128
 	RESERVED
-CVE-2019-0127
+CVE-2019-0127 (Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and bef ...)
 	NOT-FOR-US: Intel
 CVE-2019-0126
 	RESERVED
@@ -21008,9 +21008,9 @@ CVE-2019-0124
 	RESERVED
 CVE-2019-0123
 	RESERVED
-CVE-2019-0122
+CVE-2019-0122 (Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel ...)
 	NOT-FOR-US: Intel
-CVE-2019-0121
+CVE-2019-0121 (Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and ...)
 	NOT-FOR-US: Intel
 CVE-2019-0120
 	RESERVED
@@ -21028,29 +21028,29 @@ CVE-2019-0114
 	RESERVED
 CVE-2019-0113
 	RESERVED
-CVE-2019-0112
+CVE-2019-0112 (Improper flow control in crypto routines for Intel(R) Data Center Mana ...)
 	NOT-FOR-US: Intel
-CVE-2019-0111
+CVE-2019-0111 (Improper file permissions for Intel(R) Data Center Manager SDK before  ...)
 	NOT-FOR-US: Intel
-CVE-2019-0110
+CVE-2019-0110 (Insufficient key management for Intel(R) Data Center Manager SDK befor ...)
 	NOT-FOR-US: Intel
-CVE-2019-0109
+CVE-2019-0109 (Improper folder permissions in Intel(R) Data Center Manager SDK before ...)
 	NOT-FOR-US: Intel
-CVE-2019-0108
+CVE-2019-0108 (Improper file permissions for Intel(R) Data Center Manager SDK before  ...)
 	NOT-FOR-US: Intel
-CVE-2019-0107
+CVE-2019-0107 (Insufficient user prompt in install routine for Intel(R) Data Center M ...)
 	NOT-FOR-US: Intel
-CVE-2019-0106
+CVE-2019-0106 (Insufficient run protection in install routine for Intel(R) Data Cente ...)
 	NOT-FOR-US: Intel
-CVE-2019-0105
+CVE-2019-0105 (Insufficient file permissions checking in install routine for Intel(R) ...)
 	NOT-FOR-US: Intel
-CVE-2019-0104
+CVE-2019-0104 (Insufficient file protection in uninstall routine for Intel(R) Data Ce ...)
 	NOT-FOR-US: Intel
-CVE-2019-0103
+CVE-2019-0103 (Insufficient file protection in install routine for Intel(R) Data Cent ...)
 	NOT-FOR-US: Intel
-CVE-2019-0102
+CVE-2019-0102 (Insufficient session authentication in web server for Intel(R) Data Ce ...)
 	NOT-FOR-US: Intel
-CVE-2019-0101
+CVE-2019-0101 (Authentication bypass in the Intel Unite(R) solution versions 3.2 thro ...)
 	NOT-FOR-US: Intel
 CVE-2019-0100
 	RESERVED
@@ -21076,7 +21076,7 @@ CVE-2019-0090
 	RESERVED
 CVE-2019-0089
 	RESERVED
-CVE-2019-0088
+CVE-2019-0088 (Insufficient path checking in Intel(R) System Support Utility for Wind ...)
 	NOT-FOR-US: Intel
 CVE-2019-0087
 	RESERVED
@@ -21192,63 +21192,63 @@ CVE-2019-0032
 	RESERVED
 CVE-2019-0031
 	RESERVED
-CVE-2019-0030
+CVE-2019-0030 (Juniper ATP uses DES and a hardcoded salt for password hashing, allowi ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0029
+CVE-2019-0029 (Juniper ATP Series Splunk credentials are logged in a file readable by ...)
 	NOT-FOR-US: Juniper
 CVE-2019-0028
 	RESERVED
-CVE-2019-0027
+CVE-2019-0027 (A persistent cross-site scripting (XSS) vulnerability in the Snort Rul ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0026
+CVE-2019-0026 (A persistent cross-site scripting (XSS) vulnerability in the Zone conf ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0025
+CVE-2019-0025 (A persistent cross-site scripting (XSS) vulnerability in RADIUS config ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0024
+CVE-2019-0024 (A persistent cross-site scripting (XSS) vulnerability in the Email Col ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0023
+CVE-2019-0023 (A persistent cross-site scripting (XSS) vulnerability in the Golden VM ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0022
+CVE-2019-0022 (Juniper ATP ships with hard coded credentials in the Cyphort Core inst ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0021
+CVE-2019-0021 (On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are l ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0020
+CVE-2019-0020 (Juniper ATP ships with hard coded credentials in the Web Collector ins ...)
 	NOT-FOR-US: Juniper
 CVE-2019-0019
 	RESERVED
-CVE-2019-0018
+CVE-2019-0018 (A persistent cross-site scripting (XSS) vulnerability in the file uplo ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0017
+CVE-2019-0017 (The Junos Space application, which allows Device Image files to be upl ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0016
+CVE-2019-0016 (A malicious authenticated user may be able to delete a device from the ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0015
+CVE-2019-0015 (A vulnerability in the SRX Series Service Gateway allows deleted dynam ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0014
+CVE-2019-0014 (On QFX and PTX Series, receipt of a malformed packet for J-Flow sampli ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0013
+CVE-2019-0013 (The routing protocol daemon (RPD) process will crash and restart when  ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0012
+CVE-2019-0012 (A Denial of Service (DoS) vulnerability in BGP in Juniper Networks Jun ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0011
+CVE-2019-0011 (The Junos OS kernel crashes after processing a specific incoming packe ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0010
+CVE-2019-0010 (An SRX Series Service Gateway configured for Unified Threat Management ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0009
+CVE-2019-0009 (On EX2300 and EX3400 series, high disk I/O operations may disrupt the  ...)
 	NOT-FOR-US: Juniper
 CVE-2019-0008
 	RESERVED
-CVE-2019-0007
+CVE-2019-0007 (The vMX Series software uses a predictable IP ID Sequence Number. This ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0006
+CVE-2019-0006 (A certain crafted HTTP packet can trigger an uninitialized function po ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0005
+CVE-2019-0005 (On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter con ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0004
+CVE-2019-0004 (On Juniper ATP, the API key and the device key are logged in a file re ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0003
+CVE-2019-0003 (When a specific BGP flowspec configuration is enabled and upon receipt ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0002
+CVE-2019-0002 (On EX2300 and EX3400 series, stateless firewall filter configuration t ...)
 	NOT-FOR-US: Juniper
-CVE-2019-0001
+CVE-2019-0001 (Receipt of a malformed packet on MX Series devices with dynamic vlan c ...)
 	NOT-FOR-US: Juniper
author	security tracker role <sectracker@soriano.debian.org>	2019-03-18 20:12:25 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2019-03-18 20:12:25 +0000
commit	abe9ee4b3eee00b6f6a7c9106dd20e41fbf86c95 (patch)
tree	4368abb74de2acf9e323f50472e5e83bc439ff5c
parent	b52483e988b611ffa7ff016030b0a61101f28219 (diff)